From 2a4a4e2c42257bb25789ec3be6bc5a88f0eab7b5 Mon Sep 17 00:00:00 2001
From: Preston Pan <ret2pop@gmail.com>
Date: Thu, 16 Jan 2025 18:24:01 -0800
Subject: Nix literate configuration set up in monorepo

---
 nix/modules/secrets.nix | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)
 create mode 100644 nix/modules/secrets.nix

(limited to 'nix/modules/secrets.nix')

diff --git a/nix/modules/secrets.nix b/nix/modules/secrets.nix
new file mode 100644
index 0000000..29e8c4c
--- /dev/null
+++ b/nix/modules/secrets.nix
@@ -0,0 +1,20 @@
+{ config, ... }:
+{
+  sops = {
+    defaultSopsFile = ../../secrets/secrets.yaml;
+    age = {
+      keyFile = "/home/${config.monorepo.vars.userName}/.ssh/keys.txt";
+    };
+    secrets.mail = {
+      format = "yaml";
+      path = "${config.sops.defaultSymlinkPath}/mail";
+    };
+    secrets.digikey = {
+      format = "yaml";
+      path = "${config.sops.defaultSymlinkPath}/digikey";
+    };
+
+    defaultSymlinkPath = "/run/user/1000/secrets";
+    defaultSecretsMountPoint = "/run/user/1000/secrets.d";
+  };
+}
-- 
cgit