finished setting up agenix and setup taskwarrior to use agenix for taskd credentials
This commit is contained in:
parent
6db5aa3dbb
commit
5dd2e67f15
|
@ -50,7 +50,10 @@
|
|||
home-manager.useGlobalPkgs = true;
|
||||
home-manager.extraSpecialArgs = {inherit inputs;};
|
||||
home-manager.users.tacocat = {
|
||||
imports = [toplevel];
|
||||
imports = [
|
||||
toplevel
|
||||
agenix.homeManagerModules.default
|
||||
];
|
||||
_module.args.theme = import ./modules/themes;
|
||||
};
|
||||
}
|
||||
|
|
12
secrets/secrets.nix
Normal file
12
secrets/secrets.nix
Normal file
|
@ -0,0 +1,12 @@
|
|||
let
|
||||
aria = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFy/qHGXBgAYhhk2hy0HIEvZxgmLF6bN3aQ7rZTf4Lxf";
|
||||
users = [aria];
|
||||
|
||||
bicep = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIrnQd4xYIg24VjBBEikC+dt1pNmo9pcD69TMCzRYiZn";
|
||||
jwst = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIME17TyJvo5MBNRVFTuXW23arQnI9f3OnAEv/3M6RM1g";
|
||||
systems = [bicep jwst];
|
||||
in {
|
||||
"taskd-ca-cert.age".publicKeys = users ++ systems;
|
||||
"taskd-aria-cert.age".publicKeys = users ++ systems;
|
||||
"taskd-aria-key.age".publicKeys = users ++ systems;
|
||||
}
|
BIN
secrets/taskd-aria-cert.age
Normal file
BIN
secrets/taskd-aria-cert.age
Normal file
Binary file not shown.
BIN
secrets/taskd-aria-key.age
Normal file
BIN
secrets/taskd-aria-key.age
Normal file
Binary file not shown.
BIN
secrets/taskd-ca-cert.age
Normal file
BIN
secrets/taskd-ca-cert.age
Normal file
Binary file not shown.
|
@ -1,4 +1,14 @@
|
|||
{pkgs, ...}: {
|
||||
imports = [
|
||||
./programs
|
||||
./services
|
||||
./shell
|
||||
./helix
|
||||
./wayland
|
||||
./email.nix
|
||||
./lf
|
||||
];
|
||||
|
||||
home = {
|
||||
username = "tacocat";
|
||||
homeDirectory = "/home/tacocat";
|
||||
|
@ -69,16 +79,6 @@
|
|||
|
||||
news.display = "silent";
|
||||
|
||||
imports = [
|
||||
./programs
|
||||
./services
|
||||
./shell
|
||||
./helix
|
||||
./wayland
|
||||
./email.nix
|
||||
./lf
|
||||
];
|
||||
|
||||
xdg = {
|
||||
enable = true;
|
||||
mimeApps = {
|
||||
|
|
|
@ -1,13 +1,19 @@
|
|||
{config, ...}: {
|
||||
age.secrets = {
|
||||
taskd-ca-cert.file = ../../../secrets/taskd-ca-cert.age;
|
||||
taskd-aria-cert.file = ../../../secrets/taskd-aria-cert.age;
|
||||
taskd-aria-key.file = ../../../secrets/taskd-aria-key.age;
|
||||
};
|
||||
|
||||
programs.taskwarrior = {
|
||||
enable = true;
|
||||
config = {
|
||||
taskd = {
|
||||
server = "aria.cat:53589";
|
||||
credentials = "myself/aria/e67e2e9f-78af-42c2-9c55-3c59054246c6";
|
||||
certificate = "${config.xdg.dataHome}/task/aria.cert.pem";
|
||||
key = "${config.xdg.dataHome}/task/aria.key.pem";
|
||||
ca = "${config.xdg.dataHome}/task/ca.cert.pem";
|
||||
certificate = config.age.secrets.taskd-aria-cert.path;
|
||||
key = config.age.secrets.taskd-aria-key.path;
|
||||
ca = config.age.secrets.taskd-ca-cert.path;
|
||||
};
|
||||
dateformat = "Y-M-D H:N";
|
||||
report.list.columns = [
|
||||
|
|
Loading…
Reference in a new issue