From 1e731faa7bd70179c4785c9d5c71f2aed36dda87 Mon Sep 17 00:00:00 2001 From: Christian Harke Date: Tue, 17 Oct 2023 22:09:03 +0200 Subject: [PATCH] Fix broken secret symlinks on not-non-nixos systems --- home/programs/logseq/default.nix | 1 - home/programs/ssh/default.nix | 18 +++++++----------- home/roles/homeage/default.nix | 11 +++++++---- home/roles/mobile/default.nix | 1 - 4 files changed, 14 insertions(+), 17 deletions(-) diff --git a/home/programs/logseq/default.nix b/home/programs/logseq/default.nix index be7f00e4..6e9fecde 100644 --- a/home/programs/logseq/default.nix +++ b/home/programs/logseq/default.nix @@ -25,7 +25,6 @@ in enable = true; identities = [ sshKey sshPubKey ]; }; - roles.homeage.secrets = [ sshKey sshPubKey ]; }; home.packages = [ pkgs.logseq ]; diff --git a/home/programs/ssh/default.nix b/home/programs/ssh/default.nix index d0575a9c..3bdd9e07 100644 --- a/home/programs/ssh/default.nix +++ b/home/programs/ssh/default.nix @@ -6,15 +6,10 @@ let cfg = config.custom.programs.ssh; - inherit (config.custom.roles.homeage) secretsPath; - sshDirectory = ".ssh"; - mkFileEntry = identity: { - name = "${sshDirectory}/${identity}"; - value = { - # Using `mkOutOfStoreSymlink` as a workaround for files not being created on activation: - # https://github.com/jordanisaacs/homeage/issues/42 - source = config.lib.file.mkOutOfStoreSymlink "${secretsPath}/${identity}"; - }; + sshDirectory = "${config.xdg.dataHome}/.ssh"; + mkHomeageFile = identity: nameValuePair identity { + source = "${config.custom.roles.homeage.secretsSourcePath}/${identity}.age"; + symlinks = [ "${sshDirectory}/${identity}" ]; }; in @@ -33,8 +28,9 @@ in }; config = mkIf cfg.enable { - custom.roles.homeage.secrets = cfg.identities; - home.file = listToAttrs (map mkFileEntry cfg.identities); + custom.roles.homeage.enable = true; + + homeage.file = listToAttrs (map mkHomeageFile cfg.identities); programs.ssh.enable = true; }; } diff --git a/home/roles/homeage/default.nix b/home/roles/homeage/default.nix index 79f5371e..ab0bbfd1 100644 --- a/home/roles/homeage/default.nix +++ b/home/roles/homeage/default.nix @@ -6,11 +6,8 @@ let cfg = config.custom.roles.homeage; - secretsSourcePath = "${inputs.self}/secrets/${config.home.username}"; - mkHomeageFile = secret: nameValuePair secret { - path = secret; - source = "${secretsSourcePath}/${secret}.age"; + source = "${cfg.secretsSourcePath}/${secret}.age"; symlinks = [ "${cfg.secretsPath}/${secret}" ]; }; @@ -27,6 +24,12 @@ in description = "Secrets to install."; }; + secretsSourcePath = mkOption { + type = types.path; + default = "${inputs.self}/secrets/${config.home.username}"; + description = "Default source path of the encrypted files."; + }; + secretsPath = mkOption { type = types.path; default = "${config.xdg.dataHome}/secrets"; diff --git a/home/roles/mobile/default.nix b/home/roles/mobile/default.nix index ef318528..5b015703 100644 --- a/home/roles/mobile/default.nix +++ b/home/roles/mobile/default.nix @@ -30,7 +30,6 @@ in }; roles = { - homeage.secrets = [ logseqSshKey logseqSshPubKey ]; mobile.bin.enable = true; }; };