39 lines
755 B
Nix
39 lines
755 B
Nix
{ config
|
|
, lib
|
|
, ...
|
|
}:
|
|
|
|
with lib;
|
|
let
|
|
cfg = config.my.programs.ssh;
|
|
|
|
baseName = path: removeSuffix ".age" (baseNameOf path);
|
|
in
|
|
{
|
|
options.my.programs.ssh = {
|
|
enable = mkEnableOption "ssh";
|
|
includeSecrets = mkOption {
|
|
default = [ ];
|
|
type = with types; listOf path;
|
|
};
|
|
};
|
|
|
|
config =
|
|
mkIf cfg.enable
|
|
{
|
|
age.secrets = listToAttrs (map
|
|
(path: {
|
|
name = baseName path;
|
|
value = {
|
|
file = path;
|
|
owner = "1000";
|
|
};
|
|
})
|
|
cfg.includeSecrets);
|
|
home-manager.users.moritz.programs.ssh = {
|
|
enable = true;
|
|
includes = map (path: "/run/agenix/" + baseName path) cfg.includeSecrets;
|
|
};
|
|
};
|
|
}
|