From 219a94ddfa8c51c478d1ab28c5034fc94ca3a2ac Mon Sep 17 00:00:00 2001 From: Aria Nolan Date: Thu, 23 Nov 2023 22:25:35 -0500 Subject: [PATCH] cant figure out sops --- flake.nix | 5 ++++- hosts/JWST/configuration.nix | 16 +++++++++++----- secrets/secrets.yaml | 13 ++++++------- users/tacocat/email.nix | 20 ++++++++++++++++++++ users/tacocat/home.nix | 13 ++++++++++++- 5 files changed, 53 insertions(+), 14 deletions(-) create mode 100644 users/tacocat/email.nix diff --git a/flake.nix b/flake.nix index 2471594..4d223db 100644 --- a/flake.nix +++ b/flake.nix @@ -71,7 +71,10 @@ home-manager.useGlobalPkgs = true; home-manager.extraSpecialArgs = {inherit inputs;}; home-manager.users."tacocat" = { - imports = [./users/tacocat/home.nix]; + imports = [ + ./users/tacocat/home.nix + sops-nix.homeManagerModules.sops + ]; _module.args.theme = import ./modules/themes; }; } diff --git a/hosts/JWST/configuration.nix b/hosts/JWST/configuration.nix index 8c6ed49..84ac622 100644 --- a/hosts/JWST/configuration.nix +++ b/hosts/JWST/configuration.nix @@ -60,6 +60,7 @@ services.blueman.enable = true; services.printing.enable = true; services.geoclue2.enable = true; + security.rtkit.enable = true; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions @@ -90,6 +91,7 @@ "steam-run" "nvidia-x11" "nvidia-settings" + "discord" ]; # ------------ Software ------------ @@ -100,6 +102,7 @@ exfat encfs ntfs3g + sops ]; # remove nano defaultPackages = with pkgs; [ @@ -109,11 +112,14 @@ ]; }; - sops = { - defaultSopsFile = ./secrets/secrets.yaml; - defaultSopsFormat = "yaml"; - age.keyFile = "/home/tacocat/.config/sops/age/keys.txt"; - }; + # sops = { + # defaultSopsFile = ../../secrets/secrets.yaml; + # defaultSopsFormat = "yaml"; + # age.keyFile = "/home/tacocat/.config/sops/age/keys.txt"; + # secrets.email-personal = {}; + # secrets.email-spam = {}; + # secrets.email-school = {}; + # }; programs.sway = { enable = true; diff --git a/secrets/secrets.yaml b/secrets/secrets.yaml index af7ce84..8c3bc79 100644 --- a/secrets/secrets.yaml +++ b/secrets/secrets.yaml @@ -8,11 +8,10 @@ #ENC[AES256_GCM,data:Qs7LdUYBaoCLtlu+VdIHrIsA,iv:lWJsId1PA6mc+E0+mP55EfoCk5rixb+Z91XtUg6ivCw=,tag:XVDzTi/poTsRT6m3dbcLZA==,type:comment] #ENC[AES256_GCM,data:73KcTxpT6YfRex8=,iv:3pLvjR/BOayKYUvCaZbW4JbCpbNqJ0QrcO+GvAAZauo=,tag:y4HM5xLSAzaEBrSqWUlpsQ==,type:comment] #ENC[AES256_GCM,data:OiGD0S0aKU15hDKi,iv:dIFoxlFYv2dbQFTk1O/pJld30sVNOFpq83z8YqFdruE=,tag:PRat5Zkn5MBfgAt0voPuNg==,type:comment] -email: - school: ENC[AES256_GCM,data:5YdbEGvP3dkwOnGlwL2B,iv:FMHMImPMKCgtIoj8s3O5zPawPfMzJun7p0CACE/Iey4=,tag:NEA8a55p38za/kvhJOgfmg==,type:str] - personal: ENC[AES256_GCM,data:YFgATpdZkwYAmvyJcdbjuA==,iv:709EcGDPSfnUFI4Epdj3FLCQ/V3BvN3e50/c49n9qyg=,tag:xmR6B13j1zOo5KYxYU1iRQ==,type:str] - spam: ENC[AES256_GCM,data:Y0l/i74rH9brxBOyiCPyMaeE3A==,iv:cS/32vlXFLQI3vCIdMqNrzivO/9aqXNPAqQ1YWgjAoQ=,tag:+CBrYlnH5xgHkVZU/MMIDQ==,type:str] - proton: ENC[AES256_GCM,data:0jOY+B5px9GTLHCBXFz+QFE+CQ==,iv:R8CCCewIUo9fJ4gTByzTwwfNyTIOPH9ktUAPPqkGMd8=,tag:nqjFuvmBq5N02MPXi6ha6A==,type:str] +email-school: ENC[AES256_GCM,data:z2M4ydGtR/Bds7zdCWt8,iv:kVY1tUdNXeoQDbRj+fbVc8mot0dJQ969vOzS482l5wM=,tag:oFFKuGUIIh/cRc25Te5qdQ==,type:str] +email-personal: ENC[AES256_GCM,data:x0lXf2n/swR2w//g00K0ig==,iv:NOaSBKh1z4JvuFG1dGn3+08jdJWx0GJgqin/gAhTvP0=,tag:0VYDzr6lyviEnwxBHACa1g==,type:str] +email-spam: ENC[AES256_GCM,data:1+L6ehJYOIPxSTfG579buGN/Hg==,iv:eB9xBowS4TkdaVdJcdJP5MKCGvzc1IBZhJN2CDmgl2c=,tag:c/0kspr28VxN8hPSlQ8c8Q==,type:str] +email-proton: ENC[AES256_GCM,data:Ts6E0gGQs7LOuQRINSddeFXymg==,iv:/JFD2vHgcH8oaxSNfRm6pbcz31r4dIfAb1+KZJPdrEA=,tag:zTbDKlD3PZXr5g7PI+oMxA==,type:str] sops: kms: [] gcp_kms: [] @@ -28,8 +27,8 @@ sops: VTlua3pQRTZGUGw4OEVQSUhsMHZoVncKm0+J++ZOflbTjfb0Q/nC/LnwKXOq5XEE CvRQmjp4sWgmnP8wrcPvtInPrkVYBHluI9DD9DRoQ+PTYsz8xSIRig== -----END AGE ENCRYPTED FILE----- - lastmodified: "2023-11-22T04:23:23Z" - mac: ENC[AES256_GCM,data:JviqHLWwa+6Mnc8rmqaXWkPVRPm9LbwQBzXkc/ZsMHpcpBN2W6jWxof8AbNsU+d7eKhYlT4QeBC/13nlIcgxdNOP1ArDL94g9aFmve7iEyCUOQLf3bBExpFLxHWzUFmDTNh0ZmaGtUBH2gWyj3zY5t6EQ87Wo+PPlaiOHaNskBo=,iv:N1/eXQOjBR027T6hAsmNoZyVzU+uWZrtRBJLesaM76c=,tag:ycl1tNjSn3VkPek9woQWGg==,type:str] + lastmodified: "2023-11-24T03:00:02Z" + mac: ENC[AES256_GCM,data:6I3f44NOaf8AX6nrcr20yIgUbXRYPutalYY4HqL5sfgz6l6el4coc2jFRkbHJIjm3zx8F+PvsekM1A6VYKRUt5Ph+8P02pP0dmfrWx6GlD/0YNUJVVn7S51+yNNlJQGUPWFatKVsNpV0ZmkQZedQWz+2+JXfjJKw6kAcNQUuujI=,iv:7E2PBrLp9vHUUEfLqPgDsTfWfCebklmcL9sAcVIbrWg=,tag:iEq2WhC9wScoHwOYbI1llg==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.8.1 diff --git a/users/tacocat/email.nix b/users/tacocat/email.nix new file mode 100644 index 0000000..4a2b4d2 --- /dev/null +++ b/users/tacocat/email.nix @@ -0,0 +1,20 @@ +{config, ...}: { + # accounts.email.accounts = { + # "aria" = { + # address = "${config.sops.secrets.email-personal}"; + # realName = "Aria Nolan"; + # primary = true; + # # thunderbird.enable = true; + # }; + # "tacocat" = { + # address = "${config.sops.secrets.email-spam}"; + # # thunderbird.enable = true; + # }; + # "school" = { + # address = "${config.sops.secrets.email-school}"; + # realName = "Aria Nolan"; + # flavor = "gmail.com"; + # # thunderbird.enable = true; + # }; + # }; +} diff --git a/users/tacocat/home.nix b/users/tacocat/home.nix index 2b16468..9cd7dc5 100644 --- a/users/tacocat/home.nix +++ b/users/tacocat/home.nix @@ -14,8 +14,9 @@ ]; packages = with pkgs; [ rnote - sops + # sops mpv + discord neovim libreoffice notify-desktop @@ -58,12 +59,22 @@ news.display = "silent"; + # sops = { + # defaultSopsFile = ../../secrets/secrets.yaml; + # defaultSopsFormat = "yaml"; + # age.keyFile = "/home/tacocat/.config/sops/age/keys.txt"; + # secrets.email-personal = {}; + # secrets.email-spam = {}; + # secrets.email-school = {}; + # }; + imports = [ ./programs ./services ./shell ./helix ./wayland + ./email.nix ]; # Let Home Manager install and manage itself.