winston/dotfiles
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions

feat: sops -> agenix

Browse source
This commit is contained in:
winston 2024-01-27 14:47:45 +01:00
parent a0baf64b5a
commit 2abe42ea80
Signed by: winston
GPG key ID: 3786770EDBC2B481
17 changed files with 212 additions and 125 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
.age/yk5ci.txt Normal file
View file

@ -0,0 +1,7 @@
# Serial: 17700673, Slot: 1
# Name: age identity 30be8d70
# Created: Sun, 02 Jul 2023 11:06:17 +0000
# PIN policy: Once (A PIN is required once per session, if set)
# Touch policy: Always (A physical touch is required for every decryption)
# Recipient: age1yubikey1qfkn095xth4ukxjye98ew4ul6xdkyz7sek0hd67yfjs5z6tv7q9jgnfchls
AGE-PLUGIN-YUBIKEY-1GYTSUQVZXZLG6UQYHVHNU

4
.editorconfig
View file

@ -12,6 +12,10 @@ end_of_line = lf
insert_final_newline = true insert_final_newline = true
trim_trailing_whitespace = true trim_trailing_whitespace = true
[*.age]
end_of_line = unset
insert_final_newline = unset
# go # go
[*.go] [*.go]
indent_style = tab indent_style = tab

3
.gitattributes vendored
View file

@ -2,6 +2,9 @@
flake.lock -diff flake.lock -diff
lazy-lock.json -diff lazy-lock.json -diff
# treat age as binary
*.age -text -diff
# git lfs # git lfs
*.png filter=lfs diff=lfs merge=lfs -text *.png filter=lfs diff=lfs merge=lfs -text

199
flake.lock
View file

@ -1,5 +1,28 @@
{ {
"nodes": { "nodes": {
"agenix": {
"inputs": {
"darwin": "darwin",
"home-manager": "home-manager",
"nixpkgs": [
"nixpkgs"
],
"systems": "systems"
},
"locked": {
"lastModified": 1703433843,
"narHash": "sha256-nmtA4KqFboWxxoOAA6Y1okHbZh+HsXaMPFkYHsoDRDw=",
"owner": "ryantm",
"repo": "agenix",
"rev": "417caa847f9383e111d1397039c9d4337d024bf0",
"type": "github"
},
"original": {
"owner": "ryantm",
"repo": "agenix",
"type": "github"
}
},
"caarlos0-nur": { "caarlos0-nur": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -7,11 +30,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1701864263, "lastModified": 1705371143,
"narHash": "sha256-70nBt0MNya8VPOpUAS3JNUfC4nF6yv/II2+sGmCTiDs=", "narHash": "sha256-AYtYccMuUSXLYuasl5jIut5CIlMQR8jtqEnXeTKcROQ=",
"owner": "caarlos0", "owner": "caarlos0",
"repo": "nur", "repo": "nur",
"rev": "fa376e868b14b2661757ceed5ea762d62a1400ec", "rev": "c2cb844944e47644062463ea38f014df6b400bc0",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -43,15 +66,37 @@
"darwin": { "darwin": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
"agenix",
"nixpkgs" "nixpkgs"
] ]
}, },
"locked": { "locked": {
"lastModified": 1704277720, "lastModified": 1700795494,
"narHash": "sha256-meAKNgmh3goankLGWqqpw73pm9IvXjEENJloF0coskE=", "narHash": "sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0=",
"owner": "lnl7", "owner": "lnl7",
"repo": "nix-darwin", "repo": "nix-darwin",
"rev": "0dd382b70c351f528561f71a0a7df82c9d2be9a4", "rev": "4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d",
"type": "github"
},
"original": {
"owner": "lnl7",
"ref": "master",
"repo": "nix-darwin",
"type": "github"
}
},
"darwin_2": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1705915768,
"narHash": "sha256-+Jlz8OAqkOwJlioac9wtpsCnjgGYUhvLpgJR/5tP9po=",
"owner": "lnl7",
"repo": "nix-darwin",
"rev": "1e706ef323de76236eb183d7784f3bd57255ec0b",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -80,14 +125,14 @@
}, },
"flake-utils": { "flake-utils": {
"inputs": { "inputs": {
"systems": "systems" "systems": "systems_2"
}, },
"locked": { "locked": {
"lastModified": 1701680307, "lastModified": 1705309234,
"narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=", "narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=",
"owner": "numtide", "owner": "numtide",
"repo": "flake-utils", "repo": "flake-utils",
"rev": "4022d587cbbfd70fe950c1e2083a02621806a725", "rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -98,14 +143,14 @@
}, },
"flake-utils_2": { "flake-utils_2": {
"inputs": { "inputs": {
"systems": "systems_2" "systems": "systems_3"
}, },
"locked": { "locked": {
"lastModified": 1701680307, "lastModified": 1705309234,
"narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=", "narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=",
"owner": "numtide", "owner": "numtide",
"repo": "flake-utils", "repo": "flake-utils",
"rev": "4022d587cbbfd70fe950c1e2083a02621806a725", "rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -122,11 +167,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1660459072, "lastModified": 1703887061,
"narHash": "sha256-8DFJjXG8zqoONA1vXtgeKXy68KdJL5UaXR8NtVMUbx8=", "narHash": "sha256-gGPa9qWNc6eCXT/+Z5/zMkyYOuRZqeFZBDbopNZQkuY=",
"owner": "hercules-ci", "owner": "hercules-ci",
"repo": "gitignore.nix", "repo": "gitignore.nix",
"rev": "a20de23b925fd8264fd7fad6454652e142fd7f73", "rev": "43e1aa1308018f37118e34d3a9cb4f5e75dc11d5",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -138,15 +183,36 @@
"home-manager": { "home-manager": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
"agenix",
"nixpkgs" "nixpkgs"
] ]
}, },
"locked": { "locked": {
"lastModified": 1704980804, "lastModified": 1703113217,
"narHash": "sha256-lPNNKdPqIYcjhhYIVwlajNt/HqVWbMOoSdNnwCvOP04=", "narHash": "sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "93e804e7f8a1eb88bde6117cd5046501e66aa4bd", "rev": "3bfaacf46133c037bb356193bd2f1765d9dc82c1",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "home-manager",
"type": "github"
}
},
"home-manager_2": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1706080884,
"narHash": "sha256-qhxisCrSraN5YWVb0lNCFH8ovqnCw5W9ldac4Dzr0Nw=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "6b28ab2d798c1c84e24053d95f4ee1dd9d81e2fb",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -162,11 +228,11 @@
"rust-overlay": "rust-overlay" "rust-overlay": "rust-overlay"
}, },
"locked": { "locked": {
"lastModified": 1704956608, "lastModified": 1706079808,
"narHash": "sha256-bpkRWf3eC9mwi74rypUbzPWqBWSF8YK0XRsw1/vB4Og=", "narHash": "sha256-+C/G1OV5d8XN0fuXAuArXFfeOf2qRAKZ4MeoZdb2MPU=",
"owner": "nekowinston", "owner": "nekowinston",
"repo": "nur", "repo": "nur",
"rev": "37ceb1158257f3279865c2a541c28732f7f19566", "rev": "d09ab5e733e44db665d5b89467c20038b2e05ba6",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -182,11 +248,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1704596958, "lastModified": 1705806513,
"narHash": "sha256-BK3Ohsz7m8X6qVKFxDtr8KVcHipfr5hYE9PDIJevHbQ=", "narHash": "sha256-FcOmNjhHFfPz2udZbRpZ1sfyhVMr+C2O8kOxPj+HDDk=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nix-index-database", "repo": "nix-index-database",
"rev": "f46800ac5a6e9f892fe36e50821c5d85794ecc62", "rev": "f8e04fbcebcc24cebc91989981bd45f69b963ed7",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -206,11 +272,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1704936062, "lastModified": 1706059331,
"narHash": "sha256-S29+KmGZoe+dPI8iqvfg1FEgKcyUHh30r3EfK8+YjMA=", "narHash": "sha256-SbBG2DENRMgAGVClEbTH6ZiX7BA0JrkwyoIu5mnJuVc=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nix-vscode-extensions", "repo": "nix-vscode-extensions",
"rev": "7699526d3fb5e34fc02cf4614212cb69901cff76", "rev": "699e64340b66ff33757e6533150242a6f76029aa",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -221,11 +287,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1704194953, "lastModified": 1705677747,
"narHash": "sha256-RtDKd8Mynhe5CFnVT8s0/0yqtWFMM9LmCzXv/YKxnq4=", "narHash": "sha256-eyM3okYtMgYDgmYukoUzrmuoY4xl4FUujnsv/P6I/zI=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "bd645e8668ec6612439a9ee7e71f7eac4099d4f6", "rev": "bbe7d8f876fbbe7c959c90ba2ae2852220573261",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -255,11 +321,11 @@
}, },
"nixpkgs_2": { "nixpkgs_2": {
"locked": { "locked": {
"lastModified": 1704722960, "lastModified": 1705856552,
"narHash": "sha256-mKGJ3sPsT6//s+Knglai5YflJUF2DGj7Ai6Ynopz0kI=", "narHash": "sha256-JXfnuEf5Yd6bhMs/uvM67/joxYKoysyE3M2k6T3eWbg=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "317484b1ead87b9c1b8ac5261a8d2dd748a0492d", "rev": "612f97239e2cc474c13c9dafa0df378058c5ad8d",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -271,11 +337,11 @@
}, },
"nur": { "nur": {
"locked": { "locked": {
"lastModified": 1705002794, "lastModified": 1706089541,
"narHash": "sha256-kOd7hd8A1sGFZSYJGn+cEH3RSpGVAQ004Pd1lZabuIo=", "narHash": "sha256-hYvDAhzOXFCRV6a7JmLT0YFfCXFQNR5sEJCPtj1wgrk=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nur", "repo": "nur",
"rev": "753418854902ccec235420cf3ee6b8bb9da3de67", "rev": "dd8575d44a907f816c799369432dc84cff6bf183",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -299,11 +365,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1704913983, "lastModified": 1705757126,
"narHash": "sha256-K/GuHFFriQhH3VPWMhm6bYelDuPyGGjGu1OF1EWUn5k=", "narHash": "sha256-Eksr+n4Q8EYZKAN0Scef5JK4H6FcHc+TKNHb95CWm+c=",
"owner": "cachix", "owner": "cachix",
"repo": "pre-commit-hooks.nix", "repo": "pre-commit-hooks.nix",
"rev": "b0265634df1dc584585c159b775120e637afdb41", "rev": "f56597d53fd174f796b5a7d3ee0b494f9e2285cc",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -314,19 +380,19 @@
}, },
"root": { "root": {
"inputs": { "inputs": {
"agenix": "agenix",
"caarlos0-nur": "caarlos0-nur", "caarlos0-nur": "caarlos0-nur",
"catppuccin-vsc": "catppuccin-vsc", "catppuccin-vsc": "catppuccin-vsc",
"darwin": "darwin", "darwin": "darwin_2",
"flake-parts": "flake-parts", "flake-parts": "flake-parts",
"flake-utils": "flake-utils", "flake-utils": "flake-utils",
"home-manager": "home-manager", "home-manager": "home-manager_2",
"nekowinston-nur": "nekowinston-nur", "nekowinston-nur": "nekowinston-nur",
"nix-index-database": "nix-index-database", "nix-index-database": "nix-index-database",
"nix-vscode-extensions": "nix-vscode-extensions", "nix-vscode-extensions": "nix-vscode-extensions",
"nixpkgs": "nixpkgs_2", "nixpkgs": "nixpkgs_2",
"nur": "nur", "nur": "nur",
"pre-commit-hooks": "pre-commit-hooks", "pre-commit-hooks": "pre-commit-hooks",
"sops": "sops",
"swayfx": "swayfx" "swayfx": "swayfx"
} }
}, },
@ -342,11 +408,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1704593904, "lastModified": 1705803528,
"narHash": "sha256-nDoXZDTRdgF3b4n3m011y99nYFewvOl9UpzFvP8Rb3c=", "narHash": "sha256-nChqKQPRXxmGBEkHse39LjNpkNKk4U1xPQ4a4oYlUdw=",
"owner": "oxalica", "owner": "oxalica",
"repo": "rust-overlay", "repo": "rust-overlay",
"rev": "c36fd70a99decfa6e110c86f296a97613034a680", "rev": "bd7e8f4e122e11c934a576abc04327764f9bf19b",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -355,30 +421,6 @@
"type": "github" "type": "github"
} }
}, },
"sops": {
"inputs": {
"nixpkgs": [
"nixpkgs"
],
"nixpkgs-stable": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1691828918,
"narHash": "sha256-p8kvccP/qxUrASzGemRx2MB9Kefd9DzrtmJr5whhOCg=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "1c673ba1053ad3e421fe043702237497bda0c621",
"type": "github"
},
"original": {
"owner": "Mic92",
"repo": "sops-nix",
"rev": "1c673ba1053ad3e421fe043702237497bda0c621",
"type": "github"
}
},
"swayfx": { "swayfx": {
"inputs": { "inputs": {
"flake-compat": [], "flake-compat": [],
@ -429,6 +471,21 @@
"repo": "default", "repo": "default",
"type": "github" "type": "github"
} }
},
"systems_3": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
} }
}, },
"root": "root", "root": "root",

15
flake.nix
View file

@ -59,11 +59,13 @@
}; };
}; };
devShells.default = config.pre-commit.devShell.overrideAttrs (old: { devShells.default = pkgs.mkShell {
inherit (config.pre-commit.devShell) shellHook;
RULES = "./home/secrets/secrets.nix";
buildInputs = with pkgs; buildInputs = with pkgs;
[alejandra just nil nix-output-monitor nvd] [alejandra just nil nix-output-monitor nvd inputs'.agenix.packages.agenix]
++ lib.optionals stdenv.isDarwin [inputs.darwin.packages.${system}.darwin-rebuild]; ++ lib.optionals stdenv.isDarwin [inputs'.darwin.packages.darwin-rebuild];
}); };
legacyPackages.homeConfigurations = let legacyPackages.homeConfigurations = let
homeLib = import ./home/lib.nix { homeLib = import ./home/lib.nix {
@ -131,10 +133,9 @@
nix-index-database.inputs.nixpkgs.follows = "nixpkgs"; nix-index-database.inputs.nixpkgs.follows = "nixpkgs";
nix-index-database.url = "github:nix-community/nix-index-database"; nix-index-database.url = "github:nix-community/nix-index-database";
sops = { agenix = {
url = "github:Mic92/sops-nix/1c673ba1053ad3e421fe043702237497bda0c621"; url = "github:ryantm/agenix";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
inputs.nixpkgs-stable.follows = "nixpkgs";
}; };
swayfx = { swayfx = {
url = "github:willpower3309/swayfx"; url = "github:willpower3309/swayfx";

11
home/apps/git.nix
View file

@ -1,14 +1,9 @@
{ {config, ...}: {
config, age.secrets."gitconfig-work".path = "${config.xdg.configHome}/git/gitconfig-work";
lib,
pkgs,
...
}: {
sops.secrets."gitconfig-work".path = "${config.xdg.configHome}/git/gitconfig-work";
programs.git.includes = [ programs.git.includes = [
{ {
condition = "gitdir:~/Code/work/"; condition = "gitdir:~/Code/work/";
path = config.sops.secrets.gitconfig-work.path; path = config.age.secrets."gitconfig-work".path;
} }
]; ];

4
home/apps/mail.nix
View file

@ -1,5 +1,5 @@
{config, ...}: { {config, ...}: {
sops.secrets."aerc-accounts".path = "${config.xdg.configHome}/aerc/accounts.conf"; age.secrets."aerc-personal.conf".path = "${config.xdg.configHome}/aerc/accounts.conf";
programs = { programs = {
aerc = { aerc = {
enable = true; enable = true;
@ -7,7 +7,7 @@
general = { general = {
default-save-path = "~/Downloads"; default-save-path = "~/Downloads";
pgp-provider = "gpg"; pgp-provider = "gpg";
# sops-nix manages the accounts.conf, # agenix manages the accounts.conf,
# so the permissions appear unsafe to aerc # so the permissions appear unsafe to aerc
unsafe-accounts-conf = true; unsafe-accounts-conf = true;
}; };

5
home/default.nix
View file

@ -6,7 +6,7 @@
}: let }: let
inherit (pkgs.stdenv.hostPlatform) isDarwin isLinux; inherit (pkgs.stdenv.hostPlatform) isDarwin isLinux;
in { in {
imports = [./apps ./secrets/sops.nix ./xdg.nix]; imports = [./apps ./secrets ./xdg.nix];
home = { home = {
packages = with pkgs; ([ packages = with pkgs; ([
@ -29,7 +29,6 @@ in {
nvd nvd
ranger ranger
ripgrep ripgrep
sops
wakatime wakatime
watchexec watchexec
] ]
@ -51,5 +50,5 @@ in {
taskwarrior.enable = true; taskwarrior.enable = true;
}; };
sops.secrets."wakatime-cfg".path = "${config.xdg.configHome}/wakatime/.wakatime.cfg"; age.secrets."wakatime.cfg".path = "${config.home.homeDirectory}/.wakatime.cfg";
} }

4
home/lib.nix
View file

@ -29,10 +29,10 @@
modules = with inputs; modules = with inputs;
[ [
nix-index-database.hmModules.nix-index agenix.homeManagerModules.age
sops.homeManagerModules.sops
caarlos0-nur.homeManagerModules.default caarlos0-nur.homeManagerModules.default
nekowinston-nur.homeManagerModules.default nekowinston-nur.homeManagerModules.default
nix-index-database.hmModules.nix-index
./. ./.
] ]
++ pkgs.lib.optionals (!isNixOS) [hmStandaloneConfig]; ++ pkgs.lib.optionals (!isNixOS) [hmStandaloneConfig];

9
home/secrets/aerc-personal.conf.age Normal file
View file

@ -0,0 +1,9 @@
age-encryption.org/v1
-> piv-p256 ML6NcA A4mXaV3COp2TW4o1cMv4XKmrckAUDszY32GwefWM/rwZ
fIrr28U6/mqw7VmqvtM5gnhHMBFJ0CSXRMDfbzr2w2o
-> ssh-ed25519 77w9rQ zN8P9J8uPmEnq+dPeAryP3fRJjsplJ2kdOBOP+2Ill8
RaHYOS1jxgg7OK8q1umvNGkAFZAbcCVnuQR1m5R5Dck
--- vcQ0gKhuBDr6RXf5D+RtysBljaik8LEs/jAK1VlQeV8
Î=;{µ£<C2A3>ÕÞ«|·=P®¨<C2AE>ŸÐS?̽
XDªfºˆŒL™\v7î<06>öwqá\€¯ðU$¨Û…»¨Ûº
R—ï÷Ñ;øj²;ßêÆ<C3AA>ø­<>”„…³´™°Ó(Ž.°ˆØB­ºý¦ùŽOɹ…œÉ(ÌíŒÚØÛ¾P§¬‡Ü¶c*¤ù|è☫‘ïèÕ˜Öt1ŸÏ«d»*Ù"UTÚóY“¹e ‰¥©>€ç@´³­Ee#ƒþÅŸo<C5B8>Jˆ1™²J£ 0…uöëWl®ìX¥¹®ãÿÖP)n¥<6E><04>bÏ# „¦é‡síyrØØ[èæçÏ0êm®Þ®ê„a$ö̬š\qVEpì…Ö¢îkýe¹¿)L-¹õ.¤,í[²<>y5Zœh”øqh°ÅA¬qD¡«³ÖzWq¯Œt1…-ýkCèƽ´Ÿki¯·y¢¼é-«ë¢ÇÓET_lâ/Š_AĬ¡—¡Hé&xáO﹆U

18
home/secrets/default.nix Normal file
View file

@ -0,0 +1,18 @@
{
config,
lib,
...
}: {
age = {
identityPaths = ["${config.home.homeDirectory}/.ssh/id_ed25519"];
secrets = with builtins;
listToAttrs (map (k: {
name = lib.removePrefix "home/secrets/" (lib.removeSuffix ".age" k);
value = {file = ./../.. + "/${k}";};
}) (attrNames (import ./secrets.nix)));
secretsDir = "/private/tmp/agenix";
secretsMountPoint = "/private/tmp/agenix.d";
};
}

7
home/secrets/gitconfig-work.age Normal file
View file

@ -0,0 +1,7 @@
age-encryption.org/v1
-> piv-p256 ML6NcA AqBNytZUiPR/Qtdhdm6/TDEzFKzEPaNrDm3Yp1t4eRCC
6gLCrwBAMefJkncql1W+WFxSo7gmOoIjxPfS1F8d/60
-> ssh-ed25519 77w9rQ r5VNI11Va7crZlfRImwJuIFNNrtmtBB7eSxO2rAWhwI
objRSVUnqq5JU66cJMyguFZx6/xH5p0VEb61S3VfSg4
--- GvRjramTigwFWBbx7b9jWk0V7Nf11M7wSTCxpYZwiM0
ª ¤]s«Ù<C2AB>s÷Cêm@Ñ\<5C>ÚoŪ4LãÑÊÄîZ à ÿ"°Ã@l(dlɾÛ"õ¸r'&¤ ‡©žP̃p+;$õå,ÕŸ +"óWª'ÊùnB E*¿>$"Àzv~ßEË~èÖ(̯UÌÅ©ë×ÔCÀ¾þ-Û?ANÁٸⴕúŸBŸa“?èÄ鱫żյµ

25
home/secrets/main.yaml
View file

@ -1,25 +0,0 @@
aerc-accounts: ENC[AES256_GCM,data:+/iBC++93F0hPhpY8x18h+1mC5AaYlCfctYRA10S5sWrWCPKVffXi9eFNqqxY/bwJlu5sn1nEvUYyXuQx0XUCB1ToGq6hbnRmivvi8RwVabBVltbujc50j0Pe8IwvyOA3gJIWpBJDwRSwwc9eouyTeJ5YBqiCwEIoFq6Z9yhTwYpNA5+SXM18lWq8lDhHXaV5i2JgLnxjwvd3oGBjBFpQ9hOgySbdFpZmCYPZ6AM6wThJBEbilYuCe9V7P6P5g8PxGSQFyx1f/trqDg3yoEBBz/YcI/Jj2315GqJltdEGdJP+9aevkLEmM4BFYpFl0Hkhvk4Ymu5DZQtVGsdLmfbMqSB9pRn4nOKcY3tG09oIuIiIVNXhrXRrI0QYqyQEzxycTBDRKhAUziGRCwuldIlqNoqbV6eECWVJAwHhgbin7Oe++IkKe2KRe2YfmwDBSoteucxQHpfKXnU0VmC,iv:ERGbzSfowSibJ4glaiTzUg0TaKtbuDH1P7sUno1WfAA=,tag:lrPOSIrEFNnknGKHcYpDyg==,type:str]
gitconfig-work: ENC[AES256_GCM,data:rjq9cKLkgS4to1Yt4NoYey63Rja2Gw03zmnBpnm9xp5O+yQKLiQ5x28cuNeKxa0jJavvwZzLjI9cY+bZk344zT/iepAwhtXu/TSUwxJySznTOd7K7jRfxOuL8e1AzP3kHMqYKKFAr2Ociu7F8YxgT3Ggd7SH5BcWJ+y/752xBeCOL/sOrg==,iv:GOs51bm3nYGh7np18se+Pvpvq8AN+LVQH7T9wcGtj1w=,tag:g3DtlfMef2NGDpe16E/nww==,type:str]
wakatime-cfg: ENC[AES256_GCM,data:qv8pJg0JqzCnOghN3qXtvYHAmUAZ7SLk7fZvAWktQkr/VvwhzZdilLFTkacvvMnlydseVYJKkmWMYdTqxHvit6QAiyujmzOP2H9IRc99vGx8HRB/ooHJPepdXbifMqMz9oE=,iv:0wzTqCM8MxAAP8JFsyrv0m2u83EMraHIfBqhSofbY2Q=,tag:Iz6LCTBoXd0x6d0eSl2nhA==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age: []
lastmodified: "2023-11-11T16:28:50Z"
mac: ENC[AES256_GCM,data:A77Dy8s77s/i84hqvJHYxMnKnXpfsvdz5tNU9gwYv1ai9UyminrzXxzw4OEnr6COR5fCK3BV+vVzYxSI535WU9Lt0yvrK/DZTFea+xhvsvb+OkXWsFgPB0zMe0JBd8LKa9Z7IEuMrSDy2JRKiZyKDprM33KmfBOsaJde8kFkflI=,iv:b3oZEWtlLgT+eZvnIILGpJ4kgViiNz6xEdkogQZ35Qk=,tag:KZlGdo6RWpRMifDvoM/NHQ==,type:str]
pgp:
- created_at: "2023-01-31T05:46:40Z"
enc: |
-----BEGIN PGP MESSAGE-----
hF4DAAAAAAAAAAASAQdAVvQXMOXKNhsEhO/niK0+M6eVZOhp5h2xZfRgdKaeDAMw
KUwc9D6b2HdD2kTQpn38gzi97P0NLPNcjHDN6xoYj78kZ55R9NYsd+56e7Ii9KnC
0l4BfGQPaC5CJv2d8QSr+vWQFYo4KzzWYsO0FJK9iAT097bjIa27RNlGHEbmabHY
iZhD89Vy8V8Gy26craSiuDYLDoZ8FgA916CO5VsFBz1lOQmwX+byqy1EgQDplOqa
=QE21
-----END PGP MESSAGE-----
fp: a476c39610e53a689a57bd0d0b89bc45007ee9cc
unencrypted_suffix: _unencrypted
version: 3.8.1

9
home/secrets/secrets.nix Normal file
View file

@ -0,0 +1,9 @@
let
users.winston = "age1yubikey1qfkn095xth4ukxjye98ew4ul6xdkyz7sek0hd67yfjs5z6tv7q9jgnfchls";
systems.sashimi = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIINxJEAR1Ql8bZqKgGmrnxvu5zwz+znis+RZo8jx0o0f";
default = [users.winston systems.sashimi];
in {
"home/secrets/aerc-personal.conf.age".publicKeys = default;
"home/secrets/gitconfig-work.age".publicKeys = default;
"home/secrets/wakatime.cfg.age".publicKeys = default;
}

6
home/secrets/sops.nix
View file

@ -1,6 +0,0 @@
{config, ...}: {
sops = {
gnupg.home = config.programs.gpg.homedir;
defaultSopsFile = ./main.yaml;
};
}

10
home/secrets/wakatime.cfg.age Normal file
View file

@ -0,0 +1,10 @@
age-encryption.org/v1
-> piv-p256 ML6NcA AoSi1hXuwt58WI4cr1nbHB0q5bmCAynsvn0WmLRtapPn
sE1zLn8L5BbL5jkTYTcUfWReFNuCLJaLOzkNHM3ivvg
-> ssh-ed25519 77w9rQ vGgv2nsE+vZt4LbVqyC0yukpaTB3+qji7c0404birEM
IO0ZCeZPLFX6tAzEYrjLJ3+rZoFmBY3nkd2c3pyZX4Q
--- P/DFeVKEfCEJdhTf7n2roAcCXIoFwwVzPMrH8iUBACI
–ýĆ$”‡ToË°
gW[=oş€fr fJfHÓ/ĎŻ9.lˇcw`~†|źx™'OővţMšKÝÇ#:eb:
˝ô´Ö¶ą†ŐˇôŁĂxaÓ®dĎ3ĐŠł(Î\F·‡Ąőçń­ ^cíĐčw
”ŕö˙ł…|«č•6ÇzŐŹÂ:´

1
home/xdg.nix
View file

@ -27,7 +27,6 @@ in {
NPM_CONFIG_USERCONFIG = "${configHome}/npm/npmrc"; NPM_CONFIG_USERCONFIG = "${configHome}/npm/npmrc";
RUSTUP_HOME = "${dataHome}/rustup"; RUSTUP_HOME = "${dataHome}/rustup";
W3M_DIR = "${dataHome}/w3m"; W3M_DIR = "${dataHome}/w3m";
WAKATIME_HOME = "${configHome}/wakatime";
WINEPREFIX = "${dataHome}/wine"; WINEPREFIX = "${dataHome}/wine";
}; };
sessionPath = [ sessionPath = [