about summary refs log tree commit diff
path: root/modules/secrets
diff options
context:
space:
mode:
Diffstat (limited to 'modules/secrets')
-rw-r--r--modules/secrets/default.nix47
1 files changed, 0 insertions, 47 deletions
diff --git a/modules/secrets/default.nix b/modules/secrets/default.nix
deleted file mode 100644
index f0befea..0000000
--- a/modules/secrets/default.nix
+++ /dev/null
@@ -1,47 +0,0 @@
-{ config, inputs, lib, options, ... }:
-with builtins;
-with lib;
-let
-  secretsDir = "${toString ../../hosts}/${config.networking.hostName}/secrets";
-  secretsFile = "${secretsDir}/secrets.nix";
-in
-{
-  imports = [ inputs.agenix.nixosModules.age ];
-
-  config.age = {
-    secrets =
-      let
-        toName = lib.removeSuffix ".age";
-        userExists = u: builtins.hasAttr u config.users.users;
-        groupExists = g: builtins.hasAttr g config.users.groups;
-
-        # Only set the user and/or group if they exist, to avoid
-        # warnings. If they don't exist, we default to root.
-        userIfExists = u: if userExists u then u else "root";
-        groupIfExists = g: if groupExists g then g else "root";
-
-        toSecret = name: attrs:
-          {
-            file = "${secretsDir}/${name}";
-          } // lib.optionalAttrs (attrs ? owner) {
-            owner = lib.mkDefault (userIfExists attrs.owner);
-          } // lib.optionalAttrs (attrs ? group) {
-            group = lib.mkDefault (groupIfExists attrs.group);
-          } // lib.optionalAttrs (attrs ? mode) {
-            inherit (attrs) mode;
-          } // lib.optionalAttrs (attrs ? path) {
-            inherit (attrs) path;
-          };
-      in
-      if pathExists secretsFile then
-        mapAttrs' (n: v: nameValuePair (toName n) (toSecret n v))
-          (import secretsFile)
-      else
-        { };
-
-    identityPaths = [
-      "/root/.age/key.txt"
-      "${config.users.users.fcuny.home}/.age/key.txt"
-    ];
-  };
-}