diff --git a/secrets.config.nix b/.agenix_config.nix similarity index 100% rename from secrets.config.nix rename to .agenix_config.nix diff --git a/.envrc b/.envrc index f025931..dc897fd 100644 --- a/.envrc +++ b/.envrc @@ -1,3 +1,3 @@ use flake -export RULES=./secrets.config.nix +export RULES=./.agenix_config.nix diff --git a/.gitattributes b/.gitattributes index b79f44d..ffc88f7 100644 --- a/.gitattributes +++ b/.gitattributes @@ -1,6 +1,4 @@ -**/secrets.nix filter=git-crypt diff=git-crypt +**/*.secret.nix filter=git-crypt diff=git-crypt -secrets.config.nix filter=git-crypt diff=git-crypt +.agenix_config.nix filter=git-crypt diff=git-crypt **/*.age filter=git-crypt diff=git-crypt - -machines/magenta/services/mailserver-accounts.nix filter=git-crypt diff=git-crypt diff --git a/machines/asus-gl553vd/default.nix b/machines/asus-gl553vd/default.nix index afbd5ac..454534e 100644 --- a/machines/asus-gl553vd/default.nix +++ b/machines/asus-gl553vd/default.nix @@ -1,8 +1,5 @@ { config, pkgs, lib, ... }: -let - secrets = import ../../secrets.nix; -in { imports = [ # Include the results of the hardware scan. @@ -13,6 +10,7 @@ in ../modules/fonts.nix ../modules/gnupg.nix ../modules/nix.nix + ../modules/networking.secret.nix ]; # Use latest kernel @@ -30,7 +28,6 @@ in networking = { hostName = "laptop"; # Define your hostname. - inherit (secrets.networking) extraHosts; useDHCP = false; interfaces = { @@ -43,7 +40,6 @@ in # enable bluetooth hardware.bluetooth.enable = true; - services.blueman.enable = true; # configure mouse and touchpad services.xserver.libinput = { diff --git a/machines/home/default.nix b/machines/home/default.nix index 981e5d2..c1c4ce3 100644 --- a/machines/home/default.nix +++ b/machines/home/default.nix @@ -1,8 +1,5 @@ { config, pkgs, lib, ... }: -let - secrets = import ../../secrets.nix; -in { imports = [ # Include the results of the hardware scan. @@ -14,6 +11,7 @@ in ../modules/gnupg.nix ../modules/nix.nix ../modules/garbage-collector.nix + ../modules/networking.secret.nix ]; # Configure kernel @@ -33,7 +31,6 @@ in networking = { hostName = "home"; # Define your hostname. - inherit (secrets.networking) extraHosts; useDHCP = false; interfaces = { diff --git a/machines/magenta/services/mailserver-accounts.nix b/machines/magenta/services/mailserver-accounts.secret.nix similarity index 100% rename from machines/magenta/services/mailserver-accounts.nix rename to machines/magenta/services/mailserver-accounts.secret.nix diff --git a/machines/magenta/services/mailserver.nix b/machines/magenta/services/mailserver.nix index dcde596..25e1a03 100644 --- a/machines/magenta/services/mailserver.nix +++ b/machines/magenta/services/mailserver.nix @@ -1,7 +1,7 @@ { ... }: { - imports = [ ./mailserver-accounts.nix ]; + imports = [ ./mailserver-accounts.secret.nix ]; # See: https://nixos-mailserver.readthedocs.io/en/latest/options.html mailserver = { diff --git a/secrets.nix b/machines/modules/networking.secret.nix similarity index 100% rename from secrets.nix rename to machines/modules/networking.secret.nix diff --git a/users/jan/accounts.secret.nix b/users/jan/accounts.secret.nix new file mode 100644 index 0000000..59fd0fe Binary files /dev/null and b/users/jan/accounts.secret.nix differ diff --git a/users/jan/home.nix b/users/jan/home.nix index 34cef0e..96b9f7e 100644 --- a/users/jan/home.nix +++ b/users/jan/home.nix @@ -1,10 +1,9 @@ { config, lib, pkgs, ... }: -let - secrets = import ./secrets.nix; -in { imports = [ + ./accounts.secret.nix + ../modules/window_manager ../modules/terminal.nix ../modules/shell.nix @@ -48,8 +47,9 @@ in ]; local.git = { - gpgKey = secrets.gpgSigningKey; - inherit (secrets) userName userEmail; + gpgKey = "7685890DCD544AF1507A84F21B59187B161C0215"; + userEmail = "dmitriy@ideascup.me"; + userName = "Dmitriy Pleshevskiy"; git-crypt.enable = true; }; @@ -58,8 +58,6 @@ in eval $(kubectl completion zsh) ''; - accounts.email.accounts = secrets.emailAccounts; - home.file = { "scripts" = { source = ./scripts; diff --git a/users/jan/secrets.nix b/users/jan/secrets.nix deleted file mode 100644 index c38bdc7..0000000 Binary files a/users/jan/secrets.nix and /dev/null differ