Replaced agenix based secrets for SOPS

2025-05-15 20:10:20 +02:00
parent 76d09952fc
commit a1ce2f94bb
14 changed files with 41 additions and 347 deletions
--- a/modules/darwin/secrets.nix
+++ b/modules/darwin/secrets.nix
@ -1,37 +0,0 @@
-{ config, pkgs, agenix, secrets, ... }:
-
-let user = "olaf"; in
-{
-  age.identityPaths = [
-    "/Users/${user}/.ssh/id_ed25519"
-  ];
-
-  # Your secrets go here
-  #
-  # Note: the installWithSecrets command you ran to boostrap the machine actually copies over
-  #       a Github key pair. However, if you want to store the keypair in your nix-secrets repo
-  #       instead, you can reference the age files and specify the symlink path here. Then add your
-  #       public key in shared/files.nix.
-  #
-  #       If you change the key name, you'll need to update the SSH configuration in shared/home-manager.nix
-  #       so Github reads it correctly.
-
-  #
-  # age.secrets."github-ssh-key" = {
-  #   symlink = true;
-  #   path = "/Users/${user}/.ssh/id_github";
-  #   file =  "${secrets}/github-ssh-key.age";
-  #   mode = "600";
-  #   owner = "${user}";
-  #   group = "staff";
-  # };
-
-  # age.secrets."github-signing-key" = {
-  #   symlink = false;
-  #   path = "/Users/${user}/.ssh/pgp_github.key";
-  #   file =  "${secrets}/github-signing-key.age";
-  #   mode = "600";
-  #   owner = "${user}";
-  # };
-
-}