From b18af2146a9110ae3a47cc490bbbad39a94351a6 Mon Sep 17 00:00:00 2001
From: Franck Cuny <franck@fcuny.net>
Date: Mon, 6 Mar 2023 19:39:56 -0800
Subject: modules/secrets: use age keys for agenix' identity

I'll re-key all my secrets with age keys instead of using ssh keys. This
change is to specify the path for the identities when agenix decrypts
the secrets.
---
 modules/secrets/default.nix | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

(limited to 'modules')

diff --git a/modules/secrets/default.nix b/modules/secrets/default.nix
index 2d8998a..f0befea 100644
--- a/modules/secrets/default.nix
+++ b/modules/secrets/default.nix
@@ -38,7 +38,10 @@ in
           (import secretsFile)
       else
         { };
-    identityPaths = options.age.identityPaths.default ++ (filter pathExists
-      [ "${config.users.users.fcuny.home}/.ssh/id_ed25519" ]);
+
+    identityPaths = [
+      "/root/.age/key.txt"
+      "${config.users.users.fcuny.home}/.age/key.txt"
+    ];
   };
 }
-- 
cgit 1.4.1