Home Gen509 @ 2025-05-03-15:04 by jonas@comfy-station

2025-05-03 15:26:21 +02:00 · 2025-05-03 15:26:21 +02:00 · 587f734ac1
commit 587f734ac1
parent 9310353fd2
3 changed files with 49 additions and 18 deletions
--- a/home/jonas@comfy-station.nix
+++ b/home/jonas@comfy-station.nix
@ -1,7 +1,6 @@
 {config, ...}: rec {
  imports = [
    ../modules/home/borg.nix
-    ../modules/home/ssh.nix
    ../modules/home/yubikey.nix
  ];

@ -29,6 +28,11 @@
  hive.waybar.enable = true;
  hive.wlogout.enable = true;
  hive.wofi.enable = true;
+  hive.ssh = {
+    enable = true;
+    sopsFile = ../secrets/jonas/ssh.yaml;
+    keys = ["borg" "passgit"];
+  };
  hive.zsh.enable = true;
  hive.nix-scripts.enable = true;
  hive.doom.enable = true;
--- a/modules/default.nix
+++ b/modules/default.nix
@ -41,6 +41,7 @@
      ./home/firefox.nix
      ./home/kdeconnect.nix
      ./home/plasma.nix
+      ./home/ssh.nix
      ./home/wallpaper.nix
    ];
 }
--- a/modules/home/ssh.nix
+++ b/modules/home/ssh.nix
@ -1,20 +1,46 @@
-{config, ...}: let
-  sshKeys = name: {
-    "ssh/id_${name}" = {
-      sopsFile = ../../secrets/jonas/ssh.yaml;
-      key = "keys/${name}";
-      path = "${config.home.homeDirectory}/.ssh/id_${name}";
-    };
-  };
+{
+  config,
+  lib,
+  ...
+}: let
+  cfg = config.hive.ssh;
 in {
+  options.hive.ssh = {
+    enable = lib.mkEnableOption "SSH keys and config";
+    keys = lib.mkOption {
+      type = lib.types.listOf (lib.types.str);
+      default = [];
+      description = ''
+        A list of SSH key names. Each one results in a id_<name> file in .ssh
+      '';
+    };
+    sopsFile = lib.mkOption {
+      type = lib.types.path;
+      default = null;
+      description = ''
+        Path to the sops file containing the SSH keys.
+        Requires a config key. And for each private key names in <keys> an keys.<name> entry.
+      '';
+    };
+  };
+
+  config = lib.mkIf cfg.enable {
    sops.secrets =
      {
        "ssh/config" = {
-        sopsFile = ../../secrets/jonas/ssh.yaml;
+          inherit (cfg) sopsFile;
          key = "config";
          path = "${config.home.homeDirectory}/.ssh/config";
        };
      }
-    // (sshKeys "borg")
-    // (sshKeys "passgit");
+      // builtins.listToAttrs (map (name: {
+          name = "ssh/id_${name}";
+          value = {
+            inherit (cfg) sopsFile;
+            key = "keys/${name}";
+            path = "${config.home.homeDirectory}/.ssh/id_${name}";
+          };
+        })
+        cfg.keys);
+  };
 }