tree-wide: refactor

i went overboard on modules. this is much comfier
author: seth <[email protected]> 2023-10-30 04:22:32 -0400
committer: seth <[email protected]> 2023-10-30 09:46:15 +0000
commit: 10b0df38b4286237b56ff9177f8d4c5676bfb5c1 (patch)
tree: ab298c74339bf9bc41571fa88746ecd9c522fbdf /modules/nixos/server/secrets.nix
parent: 4c2c60a4f2b14c1e6ffaffe5e301dc31ac4fed0f (diff)
1 files changed, 12 insertions, 0 deletions
diff --git a/modules/nixos/server/secrets.nix b/modules/nixos/server/secrets.nix
new file mode 100644
index 0000000..e435690
--- /dev/null
+++ b/modules/nixos/server/secrets.nix
@@ -0,0 +1,12 @@
+{config, ...}: {
+  age = let
+    baseDir = ../../../secrets/systems/${config.networking.hostName};
+  in {
+    identityPaths = ["/etc/age/key"];
+
+    secrets = {
+      rootPassword.file = "${baseDir}/rootPassword.age";
+      userPassword.file = "${baseDir}/userPassword.age";
+    };
+  };
+}
author	seth <[email protected]>	2023-10-30 04:22:32 -0400
committer	seth <[email protected]>	2023-10-30 09:46:15 +0000
commit	10b0df38b4286237b56ff9177f8d4c5676bfb5c1 (patch)
tree	ab298c74339bf9bc41571fa88746ecd9c522fbdf /modules/nixos/server/secrets.nix
parent	4c2c60a4f2b14c1e6ffaffe5e301dc31ac4fed0f (diff)