Skip to content

Commit

Permalink
tp3: handle aichat config via sops-nix
Browse files Browse the repository at this point in the history
  • Loading branch information
elohmeier committed Oct 27, 2024
1 parent cbb942a commit 465ebbf
Show file tree
Hide file tree
Showing 6 changed files with 100 additions and 25 deletions.
9 changes: 9 additions & 0 deletions .sops.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
keys:
- &admin_enno_mb4 age1e6gdd6c0nf5p47jhcq8dvrcyu4vmrzvg2kd75thsgyl7pzqemunq9mfl7e
- &admin_enno_tp3 age13em7fsrealzue677tdqejgsafc2sfx62h5w03ynkv0urujuc0g0stw209m
creation_rules:
- path_regex: secrets/tp3-home\.(yaml|json|env|ini)$
key_groups:
- age:
- *admin_enno_mb4
- *admin_enno_tp3
66 changes: 45 additions & 21 deletions flake.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

5 changes: 5 additions & 0 deletions flake.nix
Original file line number Diff line number Diff line change
Expand Up @@ -105,6 +105,11 @@
inputs.gitignore.follows = "gitignore";
inputs.nixpkgs-stable.follows = "nixpkgs";
};
sops-nix = {
url = "github:Mic92/sops-nix";
inputs.nixpkgs.follows = "nixpkgs";
inputs.nixpkgs-stable.follows = "nixpkgs";
};
systems = {
url = "github:nix-systems/default";
};
Expand Down
3 changes: 2 additions & 1 deletion modules/home/default.nix
Original file line number Diff line number Diff line change
Expand Up @@ -120,14 +120,15 @@
inputs.nixcfg.hmModules.cli-git
inputs.nixcfg.hmModules.cli-lazygit
inputs.nixcfg.hmModules.cli-tmux
inputs.sops-nix.homeManagerModules.sops
self.homeModules.fish
self.homeModules.fonts
self.homeModules.git
self.homeModules.gpg
self.homeModules.neovim
self.homeModules.pass
self.homeModules.ssh
self.homeModules.tp3
self.homeModules.pass
{ home.stateVersion = "23.05"; }
];
};
Expand Down
21 changes: 18 additions & 3 deletions modules/home/tp3.nix
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{ pkgs, ... }:
{ config, pkgs, ... }:
{

nixpkgs.config = {
Expand All @@ -9,8 +9,12 @@
home = {
username = "gordon";
homeDirectory = "/home/gordon";
sessionPath = [
"${config.home.homeDirectory}/.local/bin" # uv-managed
];

packages = with pkgs; [
age
aichat
bchunk
firefox
Expand All @@ -21,18 +25,29 @@
libreoffice-fresh
lutris
nix-update
podman
ripgrep
samba
transmission_4-gtk
podman
skopeo
sops
transmission_4-gtk
uv
wine
winetricks
zathura
];
};

sops = {
age.keyFile = "${config.home.homeDirectory}/.config/sops/age/keys.txt";
defaultSopsFile = ../../secrets/tp3-home.yaml;
secrets."aichat-config.yaml" = { };
};

home.file.".config/aichat/config.yaml".source =
config.lib.file.mkOutOfStoreSymlink
config.sops.secrets."aichat-config.yaml".path;

programs.mpv = {
enable = true;
# package = pkgs.wrapMpv (pkgs.mpv-unwrapped.override { ffmpeg_5 = pkgs.ffmpeg_5-full; }) { };
Expand Down
21 changes: 21 additions & 0 deletions secrets/tp3-home.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
aichat-config.yaml: ENC[AES256_GCM,data:jEAMbUg1hx+KgNY/WWM2dN+kzyR2wOpLFLG9BpAOELqJgdb+qxE+yhTN/QVnv4t+Vr5Ebdu0BwGSDOYgLTCYblXTEeT0wFswOMUCcPHETtDhf19KDMMLu+x6S73pdeP6SX/+pxQdTwz37Hd6GpjdXwKf6+Ue1Z/38eFghOgzq0wOIwGuZMA3QUBwjAMskDi/czta0gfBi6ODhtPXaDCXQq6SLSg+JA==,iv:eTv1Q3Q+k0+rYEMcqUA27G/ZMLPfTawXr0eaOvKT6yg=,tag:CcYl8eP0UjBJ77K3D3RFOw==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age13em7fsrealzue677tdqejgsafc2sfx62h5w03ynkv0urujuc0g0stw209m
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBLbnlxcllHWS9UdmswOXRh
eXBTcmFtem1jdXUxamtRWlZyek5KRTVXQ1NnCmRTK3dGaVR6U1drdDJnMTF1WFpO
ejZZSFpjbFBPTjB0N1hPRGUzVlo5TUEKLS0tIE1TdmJiZnh3ZnFocVgzQ29aNFl4
WjdCNHZvcVlBU2t2UUU4cmIxdm9adVUKUJvYSGIZmuQGzPSwNE8ygMVniRmzM3UH
ZrR4HVR+scNeM6fo4wLVwfkhJa8BXRXnB0Ngnuuwk1Fe0zyFR325jQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-10-27T05:11:01Z"
mac: ENC[AES256_GCM,data:tQOI313R2g3jIqxkRy+xIA1rDhtF/1tOtG4YaiNipdxpyRkt/WH+f/6B/IjlsrrF65XjQuu3hIzo+Y3J77LREImtxvhDJfwGIX1mLZ/vZP6x+8uNuzjkPOXwVZBSVUDibe28TtFyLjU9RVcryxyDBWeOd2avPA9ogRfF1lK46DI=,iv:UzjoCa/OpXDczioWVFmnKyDE5fM00yt7DJBBKOon2Ig=,tag:2KdchQN2ZLag6CMfnE61rQ==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.9.1

0 comments on commit 465ebbf

Please sign in to comment.