Home Gen69 @ 2025-10-31-00:59 by jonas@monolith

home/jonas@monolith.nix

@@ -11,9 +11,13 @@
   sops = {
     age.keyFile = "${home.homeDirectory}/.config/sops/age/keys.txt";
   };
-  sops.secrets.gotifyToken = {
+  sops.secrets.gotifyDaemonToken = {
     sopsFile = ../secrets/jonas/gotify.yaml;
-    key = "monolithToken";
+    key = "monolithDesktopToken";
+  };
+  sops.secrets.gotifyCLIToken = {
+    sopsFile = ../secrets/jonas/gotify.yaml;
+    key = "cliToken";
   };
 
   # hive moduless
@@ -41,7 +45,8 @@
   hive.gotify = {
     cli.enable = true;
     daemon.enable = true;
-    tokenSopsKey = config.sops.secrets.gotifyToken.name;
+    cli.tokenSopsKey = config.sops.secrets.gotifyCLIToken.name;
+    daemon.tokenSopsKey = config.sops.secrets.gotifyDaemonToken.name;
     host = "gotify.jroeger.de";
   };
 

modules/home/gotify.nix

@@ -6,14 +6,14 @@
 }: let
   cfg = config.hive.gotify;
   cli-config = {
-    token = config.sops.placeholder.${cfg.tokenSopsKey};
+    token = config.sops.placeholder.${cfg.cli.tokenSopsKey};
     inherit (cfg.cli) url defaultPriority;
   };
   daemon-config = {
     gotify =
       {
         inherit (cfg.daemon) url;
-        token = config.sops.placeholder.${cfg.tokenSopsKey};
+        token = config.sops.placeholder.${cfg.daemon.tokenSopsKey};
         auto_delete = cfg.daemon.autoDelete;
         min_priority = cfg.daemon.minPriority;
       }
@@ -64,6 +64,10 @@ in {
         example = "http://gotify.example.com";
         description = "The http url of the gotify server (for the cli tool)";
       };
+      tokenSopsKey = lib.mkOption {
+        type = lib.types.singleLineStr;
+        description = "The sops key of the token secret";
+      };
       defaultPriority = lib.mkOption {
         type = lib.types.int;
         default = 0;
@@ -79,6 +83,10 @@ in {
         example = "ws://gotify.example.com";
         description = "The websocket url of the gotify server (for the desktop tool)";
       };
+      tokenSopsKey = lib.mkOption {
+        type = lib.types.singleLineStr;
+        description = "The sops key of the token secret";
+      };
       autoDelete = lib.mkOption {
         type = lib.types.bool;
         default = false;
@@ -112,10 +120,6 @@ in {
       example = 443;
       description = "The port of the gotify server";
     };
-    tokenSopsKey = lib.mkOption {
-      type = lib.types.singleLineStr;
-      description = "The sops key of the token secret";
-    };
   };
 
   config = let

secrets/jonas/gotify.yaml

@@ -1,4 +1,5 @@
-monolithToken: ENC[AES256_GCM,data:fNTDbsDJ53a/h5fV1NCF,iv:skRCUDjAaIhMG1qdQAXMKIidZNKUxHFUISdgy7tTxOY=,tag:/U1cSvR3ZQGimfaQ17dt4g==,type:str]
+monolithDesktopToken: ENC[AES256_GCM,data:mjyX9EjhYhOgB2Svn4E8,iv:/iOwIfa7ttM8DpnhpZma+uXHi8RWyGrhlDoBmzoEgEM=,tag:PzWQ/zIlCPjH34vNECs9iQ==,type:str]
+cliToken: ENC[AES256_GCM,data:CWBcgbGYB408j+XIK9MK,iv:jZphMY9DJOZo8mLa9Vc3d3ymDOHb85QuTEg2/iTf0+Q=,tag:dvDfLA40QTpt7ftV//javg==,type:str]
 sops:
     age:
         - recipient: age1expg8vyduf290pz7l4f3mjzvk9f0azfdn48pyjzs3m6p7v4qjq0qwtn36z
@@ -10,7 +11,7 @@ sops:
             clpiRTAxWUZENnhFcmhxcWN1RFFyZ1kKnQWAQpvqwX/pueV9uPiTGYaxWT66p5pK
             Vn0tK396IxKtx8MVivDF16oI/w63mvyLWTGU8CCUu/5Np3FRIvD75Q==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2025-10-30T22:05:53Z"
+    lastmodified: "2025-10-30T23:55:47Z"
-    mac: ENC[AES256_GCM,data:7XTlZdQlbMLxt9Qwl3POFsNe+OBgpHxLMD+EmzQyiP5RTBUZWU7hZBHQCpYgNk+UbValqwr0tASXIIljEQe5HgFYf9d1BRKG9SDQSiEJh97gictp6QKmKqKoN2XaiTiiDAFMDsOWE3tTbLLmTXw0el4v+A5Ijy4v8/VuXG92tK0=,iv:2e5VGgCWFuBtmfPlKc/AvcQ91+zFuX8uvSVxXef0yiI=,tag:4Slc+jYXve9KcChf/78/kQ==,type:str]
+    mac: ENC[AES256_GCM,data:+KEeVxj3F6GirGHIykw98FBN84krNegTZQp2+0nd711B6Q4vlDGpMNSwxiJOnz5Bzm0x48NDLAiNiBjTqipuZIz0zSnUXypBsSN5/HAhwjm079RunCENcL2YciwMMr1B2cdoOBeobVYzr/vV7P9ieOiTLTlE8542/nnNwyvmISY=,iv:U1J78i1DHAzXhHCQDZs2adKvVo+u3zsbkr68J3xMYUE=,tag:e6ymRRqVCjeemG3TcHHROQ==,type:str]
     unencrypted_suffix: _unencrypted
     version: 3.11.0