nixos/agenix: make it a mixin

3 files changed, 1 insertions, 42 deletions

diff --git a/modules/nixos/traits/default.nix b/modules/nixos/traits/default.nix
index f4dbc3c..30e5331 100644
--- a/modules/nixos/traits/default.nix
+++ b/modules/nixos/traits/default.nix
@@ -4,6 +4,5 @@
     ./locale.nix
     ./mac-builder.nix
     ./nvd-diff.nix
-    ./secrets.nix
   ];
 }
diff --git a/modules/nixos/traits/mac-builder.nix b/modules/nixos/traits/mac-builder.nix
index e911864..cfafaf3 100644
--- a/modules/nixos/traits/mac-builder.nix
+++ b/modules/nixos/traits/mac-builder.nix
@@ -11,8 +11,7 @@ in
   options.traits.mac-builder = {
     enable = lib.mkEnableOption "macOS remote builders";
     manageSecrets = lib.mkEnableOption "managing SSH keys for builders" // {
-      default = config.traits.secrets.enable;
-      defaultText = "traits.secrets.enable";
+      default = true;
     };
   };
 
diff --git a/modules/nixos/traits/secrets.nix b/modules/nixos/traits/secrets.nix
deleted file mode 100644
index 0423183..0000000
--- a/modules/nixos/traits/secrets.nix
+++ /dev/null
@@ -1,39 +0,0 @@
-{
-  config,
-  lib,
-  inputs,
-  ...
-}:
-
-let
-  cfg = config.traits.secrets;
-in
-
-{
-  options.traits.secrets = {
-    enable = lib.mkEnableOption "secrets management";
-
-    secretsDir = lib.mkOption {
-      type = lib.types.path;
-      default = inputs.self + "/secrets/${config.networking.hostName}";
-      defaultText = lib.literalExample "inputs.self + \"/secrets/\${config.networking.hostName}\"";
-      description = "Path to your `secrets.nix` subdirectory.";
-    };
-  };
-
-  imports = [ inputs.agenix.nixosModules.default ];
-
-  config = lib.mkIf cfg.enable (
-    lib.mkMerge [
-      {
-        _module.args = {
-          inherit (cfg) secretsDir;
-        };
-
-        age = {
-          identityPaths = [ "/etc/age/key" ];
-        };
-      }
-    ]
-  );
-}