finished setting up agenix and setup taskwarrior to use agenix for taskd credentials
This commit is contained in:
parent
6db5aa3dbb
commit
5dd2e67f15
|
|
@ -50,7 +50,10 @@
|
||||||
home-manager.useGlobalPkgs = true;
|
home-manager.useGlobalPkgs = true;
|
||||||
home-manager.extraSpecialArgs = {inherit inputs;};
|
home-manager.extraSpecialArgs = {inherit inputs;};
|
||||||
home-manager.users.tacocat = {
|
home-manager.users.tacocat = {
|
||||||
imports = [toplevel];
|
imports = [
|
||||||
|
toplevel
|
||||||
|
agenix.homeManagerModules.default
|
||||||
|
];
|
||||||
_module.args.theme = import ./modules/themes;
|
_module.args.theme = import ./modules/themes;
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
||||||
12
secrets/secrets.nix
Normal file
12
secrets/secrets.nix
Normal file
|
|
@ -0,0 +1,12 @@
|
||||||
|
let
|
||||||
|
aria = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFy/qHGXBgAYhhk2hy0HIEvZxgmLF6bN3aQ7rZTf4Lxf";
|
||||||
|
users = [aria];
|
||||||
|
|
||||||
|
bicep = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIrnQd4xYIg24VjBBEikC+dt1pNmo9pcD69TMCzRYiZn";
|
||||||
|
jwst = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIME17TyJvo5MBNRVFTuXW23arQnI9f3OnAEv/3M6RM1g";
|
||||||
|
systems = [bicep jwst];
|
||||||
|
in {
|
||||||
|
"taskd-ca-cert.age".publicKeys = users ++ systems;
|
||||||
|
"taskd-aria-cert.age".publicKeys = users ++ systems;
|
||||||
|
"taskd-aria-key.age".publicKeys = users ++ systems;
|
||||||
|
}
|
||||||
BIN
secrets/taskd-aria-cert.age
Normal file
BIN
secrets/taskd-aria-cert.age
Normal file
Binary file not shown.
BIN
secrets/taskd-aria-key.age
Normal file
BIN
secrets/taskd-aria-key.age
Normal file
Binary file not shown.
BIN
secrets/taskd-ca-cert.age
Normal file
BIN
secrets/taskd-ca-cert.age
Normal file
Binary file not shown.
|
|
@ -1,4 +1,14 @@
|
||||||
{pkgs, ...}: {
|
{pkgs, ...}: {
|
||||||
|
imports = [
|
||||||
|
./programs
|
||||||
|
./services
|
||||||
|
./shell
|
||||||
|
./helix
|
||||||
|
./wayland
|
||||||
|
./email.nix
|
||||||
|
./lf
|
||||||
|
];
|
||||||
|
|
||||||
home = {
|
home = {
|
||||||
username = "tacocat";
|
username = "tacocat";
|
||||||
homeDirectory = "/home/tacocat";
|
homeDirectory = "/home/tacocat";
|
||||||
|
|
@ -69,16 +79,6 @@
|
||||||
|
|
||||||
news.display = "silent";
|
news.display = "silent";
|
||||||
|
|
||||||
imports = [
|
|
||||||
./programs
|
|
||||||
./services
|
|
||||||
./shell
|
|
||||||
./helix
|
|
||||||
./wayland
|
|
||||||
./email.nix
|
|
||||||
./lf
|
|
||||||
];
|
|
||||||
|
|
||||||
xdg = {
|
xdg = {
|
||||||
enable = true;
|
enable = true;
|
||||||
mimeApps = {
|
mimeApps = {
|
||||||
|
|
|
||||||
|
|
@ -1,13 +1,19 @@
|
||||||
{config, ...}: {
|
{config, ...}: {
|
||||||
|
age.secrets = {
|
||||||
|
taskd-ca-cert.file = ../../../secrets/taskd-ca-cert.age;
|
||||||
|
taskd-aria-cert.file = ../../../secrets/taskd-aria-cert.age;
|
||||||
|
taskd-aria-key.file = ../../../secrets/taskd-aria-key.age;
|
||||||
|
};
|
||||||
|
|
||||||
programs.taskwarrior = {
|
programs.taskwarrior = {
|
||||||
enable = true;
|
enable = true;
|
||||||
config = {
|
config = {
|
||||||
taskd = {
|
taskd = {
|
||||||
server = "aria.cat:53589";
|
server = "aria.cat:53589";
|
||||||
credentials = "myself/aria/e67e2e9f-78af-42c2-9c55-3c59054246c6";
|
credentials = "myself/aria/e67e2e9f-78af-42c2-9c55-3c59054246c6";
|
||||||
certificate = "${config.xdg.dataHome}/task/aria.cert.pem";
|
certificate = config.age.secrets.taskd-aria-cert.path;
|
||||||
key = "${config.xdg.dataHome}/task/aria.key.pem";
|
key = config.age.secrets.taskd-aria-key.path;
|
||||||
ca = "${config.xdg.dataHome}/task/ca.cert.pem";
|
ca = config.age.secrets.taskd-ca-cert.path;
|
||||||
};
|
};
|
||||||
dateformat = "Y-M-D H:N";
|
dateformat = "Y-M-D H:N";
|
||||||
report.list.columns = [
|
report.list.columns = [
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue