41 lines
850 B
Nix
41 lines
850 B
Nix
{
|
|
config,
|
|
lib,
|
|
pkgs,
|
|
namespace,
|
|
...
|
|
}:
|
|
let
|
|
inherit (lib.${namespace}.module) mkModule mkOpt;
|
|
in
|
|
mkModule {
|
|
name = "sops";
|
|
description = "SOPS secret management for home-manager";
|
|
options = {
|
|
defaultSopsFile = mkOpt lib.types.path null "Default sops file.";
|
|
|
|
sshKeyPaths = mkOpt (lib.types.listOf lib.types.str) [ ] "SSH Key paths to use.";
|
|
};
|
|
config = {
|
|
home.packages = with pkgs; [
|
|
age
|
|
sops
|
|
ssh-to-age
|
|
];
|
|
|
|
sops = {
|
|
inherit (config.${namespace}.sops) defaultSopsFile;
|
|
defaultSopsFormat = "yaml";
|
|
|
|
age = {
|
|
generateKey = true;
|
|
keyFile = "${config.home.homeDirectory}/.config/sops/age/keys.txt";
|
|
sshKeyPaths = [
|
|
"${config.home.homeDirectory}/.ssh/id_ed25519"
|
|
]
|
|
++ config.${namespace}.sops.sshKeyPaths;
|
|
};
|
|
};
|
|
};
|
|
}
|