nixos/agenix: make it a mixin

author: Seth Flynn <[email protected]> 2025-02-13 20:45:30 -0500
committer: Seth Flynn <[email protected]> 2025-02-13 22:09:11 -0500
commit: fc553d09d464ddde2ce34cffa0200f18004a5d38 (patch)
tree: 0a30625e2128ec3d5cc10c8fc294aaea73a1a4cc /modules/nixos/profiles/server.nix
parent: 1ab6099032d0ecaffcbe2a319ee57118ce619fdc (diff)
1 files changed, 7 insertions, 6 deletions
diff --git a/modules/nixos/profiles/server.nix b/modules/nixos/profiles/server.nix
index 8934863..09d1076 100644
--- a/modules/nixos/profiles/server.nix
+++ b/modules/nixos/profiles/server.nix
@@ -2,6 +2,7 @@
   config,
   lib,
   secretsDir,
+  inputs,
   inputs',
   ...
 }:
@@ -23,8 +24,12 @@ in
   config = lib.mkIf cfg.enable (
     lib.mkMerge [
       {
-        # All servers are most likely on stable, so we want to pull in some newer packages from time to time
-        _module.args.unstable = inputs'.nixpkgs.legacyPackages;
+        _module.args = {
+          # All servers are most likely on stable, so we want to pull in some newer packages from time to time
+          unstable = inputs'.nixpkgs.legacyPackages;
+
+          secretsDir = inputs.self + "/secrets/${config.networking.hostName}";
+        };
 
         age.secrets = {
           tailscaleAuthKey.file = "${secretsDir}/tailscaleAuthKey.age";
@@ -61,10 +66,6 @@ in
           };
         };
 
-        traits = {
-          secrets.enable = true;
-        };
-
         # I use exclusively Tailscale auth on some machines
         users.allowNoPasswordLogin = true;
author	Seth Flynn <[email protected]>	2025-02-13 20:45:30 -0500
committer	Seth Flynn <[email protected]>	2025-02-13 22:09:11 -0500
commit	fc553d09d464ddde2ce34cffa0200f18004a5d38 (patch)
tree	0a30625e2128ec3d5cc10c8fc294aaea73a1a4cc /modules/nixos/profiles/server.nix
parent	1ab6099032d0ecaffcbe2a319ee57118ce619fdc (diff)