Edit secrets & hostname

Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
2026-05-20 21:32:33 +02:00 · 2026-04-18 00:53:51 +02:00
parent 9e24c44c53
commit 5e0dd70cfa
5 changed files with 20 additions and 23 deletions
@@ -4,26 +4,27 @@
  pkgs,
  inputs,
  ...
-}: {
+}: let
+  home = inputs.home-manager.lib.home;
+in {
  imports = [inputs.sops-nix.homeManagerModules.sops];

  sops = {
-    age.keyFile = "/home/hadi/.config/sops/age/keys.txt";
+    age.keyFile = "${home}/.config/sops/age/keys.txt";
    defaultSopsFile = ./secrets.yaml;
    secrets = {
-      sshconfig = {path = "/home/hadi/.ssh/config";};
-      github-key = {path = "/home/hadi/.ssh/github";};
-      gitlab-key = {path = "/home/hadi/.ssh/gitlab";};
-      netrc = {path = "/home/hadi/.netrc";};
-      jack-key = {path = "/home/hadi/.ssh/jack";};
-      signing-key = {path = "/home/hadi/.ssh/key";};
-      signing-pub-key = {path = "/home/hadi/.ssh/key.pub";};
+      ssh-config = {path = "${home}/.ssh/config";};
+      github-key = {path = "${home}/.ssh/github";};
+      jack-key = {path = "${home}/.ssh/jack";};
+      signing-key = {path = "${home}/.ssh/key";};
+      signing-pub-key = {path = "${home}/.ssh/key.pub";};
    };
  };

  home.file.".config/nixos/.sops.yaml".text = ''
    keys:
      - &primary age12yvtj49pfh3fqzqflscm0ek4yzrjhr6cqhn7x89gdxnlykq0xudq5c7334
+      - &work age1c8pawdsxptfslgrz2c56s39mrtnjzc5mm3hfzgr2wdwu2v6vfsdsupjsq6
    creation_rules:
      - path_regex: hosts/laptop/secrets/secrets.yaml$
        key_groups:
@@ -33,6 +34,10 @@
        key_groups:
          - age:
            - *primary
+      - path_regex: hosts/work/secrets/secrets.yaml$
+        key_groups:
+          - age:
+            - *work
  '';

  systemd.user.services.mbsync.Unit.After = ["sops-nix.service"];