From c1b3df9e32b223c3433b59b4db5476e07272901b Mon Sep 17 00:00:00 2001 From: Raphael Date: Thu, 16 Oct 2025 16:30:34 +0200 Subject: [PATCH] feat(hosts/server): adding the secrets to the configuration --- hosts/global.nix | 5 +++++ hosts/server/configuration.nix | 1 + hosts/server/secrets.nix | 20 ++++++++++++++++++++ 3 files changed, 26 insertions(+) create mode 100644 hosts/server/secrets.nix diff --git a/hosts/global.nix b/hosts/global.nix index 4aa0c18..0148920 100644 --- a/hosts/global.nix +++ b/hosts/global.nix @@ -2,6 +2,7 @@ config, pkgs, lib, + inputs, ... }: @@ -62,11 +63,13 @@ ]; }; + environment.variables.AGE_KEY_FILE = "/root/.config/age/keys.txt"; programs = { zsh.enable = true; }; environment.systemPackages = with pkgs; [ + age bat cairo dconf @@ -102,5 +105,7 @@ xsel yarn zsh + ] ++ [ + inputs.agenix.packages.${pkgs.system}.agenix ]; } diff --git a/hosts/server/configuration.nix b/hosts/server/configuration.nix index b6690e6..87e9789 100644 --- a/hosts/server/configuration.nix +++ b/hosts/server/configuration.nix @@ -10,6 +10,7 @@ imports = [ ../global.nix ./hardware-configuration.nix + ./secrets.nix ../../modules/games.nix ../../services/forty_two.nix ../../services/discord.nix diff --git a/hosts/server/secrets.nix b/hosts/server/secrets.nix new file mode 100644 index 0000000..e94a8ac --- /dev/null +++ b/hosts/server/secrets.nix @@ -0,0 +1,20 @@ +{ config, pkgs, inputs, ... }: +{ + imports = [ inputs.agenix.nixosModules.default ]; + + age.identityPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; + + age.secrets."mailjet-user" = { + file = ../../secrets/mailjet-user.age; + owner = "root"; + group = "root"; + mode = "0400"; + }; + + age.secrets."mailjet-pass" = { + file = ../../secrets/mailjet-pass.age; + owner = "root"; + group = "root"; + mode = "0400"; + }; +}