jonas/.hive
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Home Gen509 @ 2025-05-03-15:04 by jonas@comfy-station

Browse Source
This commit is contained in:
Jonas Röger 2025-05-03 15:26:21 +02:00
parent 9310353fd2
commit 587f734ac1
3 changed files with 49 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
home/jonas@comfy-station.nix
View File

@ -1,7 +1,6 @@
{config, ...}: rec { {config, ...}: rec {
imports = [ imports = [
../modules/home/borg.nix ../modules/home/borg.nix
../modules/home/ssh.nix
../modules/home/yubikey.nix ../modules/home/yubikey.nix
]; ];
@ -29,6 +28,11 @@
hive.waybar.enable = true; hive.waybar.enable = true;
hive.wlogout.enable = true; hive.wlogout.enable = true;
hive.wofi.enable = true; hive.wofi.enable = true;
hive.ssh = {
enable = true;
sopsFile = ../secrets/jonas/ssh.yaml;
keys = ["borg" "passgit"];
};
hive.zsh.enable = true; hive.zsh.enable = true;
hive.nix-scripts.enable = true; hive.nix-scripts.enable = true;
hive.doom.enable = true; hive.doom.enable = true;

1
modules/default.nix
View File

@ -41,6 +41,7 @@
./home/firefox.nix ./home/firefox.nix
./home/kdeconnect.nix ./home/kdeconnect.nix
./home/plasma.nix ./home/plasma.nix
./home/ssh.nix
./home/wallpaper.nix ./home/wallpaper.nix
]; ];
} }

60
modules/home/ssh.nix
View File

@ -1,20 +1,46 @@
{config, ...}: let {
sshKeys = name: { config,
"ssh/id_${name}" = { lib,
sopsFile = ../../secrets/jonas/ssh.yaml; ...
key = "keys/${name}"; }: let
path = "${config.home.homeDirectory}/.ssh/id_${name}"; cfg = config.hive.ssh;
in {
options.hive.ssh = {
enable = lib.mkEnableOption "SSH keys and config";
keys = lib.mkOption {
type = lib.types.listOf (lib.types.str);
default = [];
description = ''
A list of SSH key names. Each one results in a id_<name> file in .ssh
'';
};
sopsFile = lib.mkOption {
type = lib.types.path;
default = null;
description = ''
Path to the sops file containing the SSH keys.
Requires a config key. And for each private key names in <keys> an keys.<name> entry.
'';
}; };
}; };
in {
sops.secrets = config = lib.mkIf cfg.enable {
{ sops.secrets =
"ssh/config" = { {
sopsFile = ../../secrets/jonas/ssh.yaml; "ssh/config" = {
key = "config"; inherit (cfg) sopsFile;
path = "${config.home.homeDirectory}/.ssh/config"; key = "config";
}; path = "${config.home.homeDirectory}/.ssh/config";
} };
// (sshKeys "borg") }
// (sshKeys "passgit"); // builtins.listToAttrs (map (name: {
name = "ssh/id_${name}";
value = {
inherit (cfg) sopsFile;
key = "keys/${name}";
path = "${config.home.homeDirectory}/.ssh/id_${name}";
};
})
cfg.keys);
};
} }