diff options
| author | Mike Vink <mike1994vink@gmail.com> | 2023-10-18 01:18:26 +0200 |
|---|---|---|
| committer | Mike Vink <mike1994vink@gmail.com> | 2023-10-18 01:18:26 +0200 |
| commit | b3c19a2e167ec01a74c691aed0b469bccc4da73f (patch) | |
| tree | da9e947ad4b66c68a073a20aa2ea01ea1d51a21b /profiles | |
| parent | 7a2c06b3ebbc39fd8829a8e28c4640c9bf102667 (diff) | |
machine specific secrets
Diffstat (limited to 'profiles')
| -rw-r--r-- | profiles/core/secrets.nix | 36 | ||||
| -rw-r--r-- | profiles/email/gmail.nix | 2 | ||||
| -rw-r--r-- | profiles/station/music.nix | 4 |
3 files changed, 25 insertions, 17 deletions
diff --git a/profiles/core/secrets.nix b/profiles/core/secrets.nix index fc11563..f0897be 100644 --- a/profiles/core/secrets.nix +++ b/profiles/core/secrets.nix @@ -1,4 +1,20 @@ -{machine,inputs,config,lib,pkgs,...}: with lib; { +{machine,inputs,config,lib,pkgs,...}: with lib; +let + getSecrets = dir: + mapAttrs' (name: _: let + parts = splitString "." name; + base = head parts; + format = if length parts > 1 then elemAt parts 1 else "binary"; + in nameValuePair base { + sopsFile = "${dir}/${name}"; + inherit format; + key = machine.hostname; + }) (if (filesystem.pathIsDirectory dir) then + (filterAttrs (n: v: v != "directory") (builtins.readDir dir)) + else + {}); +in +{ imports = [ inputs.sops-nix.nixosModules.sops (mkAliasOptionModule [ "secrets" ] [ "sops" "secrets" ]) # TODO: get my username(s) from machine config @@ -7,19 +23,11 @@ age.sshKeyPaths = []; age.keyFile = mkIf (machine.hostname == "lemptop") "${config.hm.xdg.configHome}/sops/age/keys.txt"; - secrets = mapAttrs' (name: _: let - parts = splitString "." name; - base = head parts; - format = if length parts > 1 then elemAt parts 1 else "binary"; - in - { - name = base; - value = { - sopsFile = "${inputs.self}/secrets/${name}"; - inherit format; - key = machine.hostname; - }; - }) (builtins.readDir "${inputs.self}/secrets"); # keep it out of the store + secrets = attrsets.mergeAttrsList + [ + (getSecrets "${inputs.self}/secrets") + (getSecrets "${inputs.self}/secrets/${machine.hostname}") + ]; }; environment = { diff --git a/profiles/email/gmail.nix b/profiles/email/gmail.nix index 6f2f7df..1a8381e 100644 --- a/profiles/email/gmail.nix +++ b/profiles/email/gmail.nix @@ -92,7 +92,7 @@ Inbox = { farPattern = "INBOX"; nearPattern = "INBOX"; extraConfig = { Create = "Near"; Expunge = "Both"; }; }; Archive = { farPattern = "[Gmail]/All Mail"; nearPattern = "Archive"; extraConfig = { Create = "Near"; Expunge = "Both"; }; }; Spam = { farPattern = "[Gmail]/Spam"; nearPattern = "Spam"; extraConfig = { Create = "Near"; Expunge = "Both"; }; }; - Trash = { farPattern = "[Gmail]/Bin"; nearPattern = "Trash"; extraConfig = { Create = "Near"; Expunge = "Both"; }; }; + Trash = { farPattern = "[Gmail]/Trash"; nearPattern = "Trash"; extraConfig = { Create = "Near"; Expunge = "Both"; }; }; Important = { farPattern = "[Gmail]/Important"; nearPattern = "Important"; extraConfig = { Create = "Near"; Expunge = "Both"; }; }; Sent = { farPattern = "[Gmail]/Sent Mail"; nearPattern = "Sent"; extraConfig = { Create = "Near"; Expunge = "Both"; }; }; FarDrafts = { farPattern = "[Gmail]/Drafts"; nearPattern = "FarDrafts"; extraConfig = { Create = "Near"; Expunge = "Both"; }; }; diff --git a/profiles/station/music.nix b/profiles/station/music.nix index 80e0a51..b26a2ee 100644 --- a/profiles/station/music.nix +++ b/profiles/station/music.nix @@ -83,8 +83,8 @@ progressbar_elapsed_color = "blue:b"; statusbar_color = "red"; statusbar_time_color = "cyan:b"; - execute_on_song_change="pkill -RTMIN+11 dwmblocks"; - execute_on_player_state_change="pkill -RTMIN+11 dwmblocks"; + execute_on_song_change=''"pkill -RTMIN+11 dwmblocks"''; + execute_on_player_state_change=''"pkill -RTMIN+11 dwmblocks"''; }; }; } |