From 3f0cd8d6ba31ec3025da417943a2430e6a576a68 Mon Sep 17 00:00:00 2001
From: Madeleine Sydney <lomiskiam@gmail.com>
Date: Sun, 29 Dec 2024 02:43:13 -0700
Subject: [PATCH] (wip) Use password-store

---
 .dir-locals.el                                |  0
 .gitignore                                    |  0
 .projectile                                   |  0
 .sops.yaml                                    |  0
 README.org                                    |  7 ++++-
 flake.lock                                    |  0
 flake.nix                                     |  0
 hosts/nixos-testbed/configuration.nix         |  0
 hosts/nixos-testbed/disko-config.nix          |  0
 .../nixos-testbed/hardware-configuration.nix  |  0
 hosts/nixos-testbed/system.nix                |  0
 lib/utils.nix                                 |  0
 modules/home/impermanence.nix                 |  0
 modules/home/sops.nix                         |  0
 modules/nixos/erase-home-darlings.clj         |  0
 modules/nixos/filesystemType.nix              |  0
 modules/nixos/gpg.nix                         |  0
 modules/nixos/impermanence.nix                |  0
 modules/nixos/impermanence/erase-darlings.clj |  0
 modules/nixos/niri.nix                        |  0
 modules/nixos/sops.nix                        |  0
 modules/nixos/users.nix                       |  0
 secrets.yaml                                  |  0
 users/crumb/default.nix                       |  0
 users/crumb/programs.nix                      |  0
 users/crumb/programs/nvim.nix                 |  0
 users/crumb/programs/passage.nix              | 29 +++++++++++++++++++
 users/crumb/secrets.yaml                      |  0
 28 files changed, 35 insertions(+), 1 deletion(-)
 mode change 100644 => 100755 .dir-locals.el
 mode change 100644 => 100755 .gitignore
 mode change 100644 => 100755 .projectile
 mode change 100644 => 100755 .sops.yaml
 mode change 100644 => 100755 README.org
 mode change 100644 => 100755 flake.lock
 mode change 100644 => 100755 flake.nix
 mode change 100644 => 100755 hosts/nixos-testbed/configuration.nix
 mode change 100644 => 100755 hosts/nixos-testbed/disko-config.nix
 mode change 100644 => 100755 hosts/nixos-testbed/hardware-configuration.nix
 mode change 100644 => 100755 hosts/nixos-testbed/system.nix
 mode change 100644 => 100755 lib/utils.nix
 mode change 100644 => 100755 modules/home/impermanence.nix
 mode change 100644 => 100755 modules/home/sops.nix
 mode change 100644 => 100755 modules/nixos/erase-home-darlings.clj
 mode change 100644 => 100755 modules/nixos/filesystemType.nix
 mode change 100644 => 100755 modules/nixos/gpg.nix
 mode change 100644 => 100755 modules/nixos/impermanence.nix
 mode change 100644 => 100755 modules/nixos/impermanence/erase-darlings.clj
 mode change 100644 => 100755 modules/nixos/niri.nix
 mode change 100644 => 100755 modules/nixos/sops.nix
 mode change 100644 => 100755 modules/nixos/users.nix
 mode change 100644 => 100755 secrets.yaml
 mode change 100644 => 100755 users/crumb/default.nix
 mode change 100644 => 100755 users/crumb/programs.nix
 mode change 100644 => 100755 users/crumb/programs/nvim.nix
 create mode 100755 users/crumb/programs/passage.nix
 mode change 100644 => 100755 users/crumb/secrets.yaml

diff --git a/.dir-locals.el b/.dir-locals.el
old mode 100644
new mode 100755
diff --git a/.gitignore b/.gitignore
old mode 100644
new mode 100755
diff --git a/.projectile b/.projectile
old mode 100644
new mode 100755
diff --git a/.sops.yaml b/.sops.yaml
old mode 100644
new mode 100755
diff --git a/README.org b/README.org
old mode 100644
new mode 100755
index 1ffb831..59813f0
--- a/README.org
+++ b/README.org
@@ -145,13 +145,18 @@ I don't know anything about either.
 
 ** TODO password store 4 firefox
 
-** TODO password store w/ age
+** DONE password store w/ age
+CLOSED: [2024-12-29 Sun 02:34]
 
 https://github.com/FiloSottile/passage
 
+** TODO Automatically sync password store
+
 ** DONE secrets
 CLOSED: [2024-12-29 Sun 01:41]
 
+** TODO git config
+
 ** TODO niri
 
 Or Qtile
diff --git a/flake.lock b/flake.lock
old mode 100644
new mode 100755
diff --git a/flake.nix b/flake.nix
old mode 100644
new mode 100755
diff --git a/hosts/nixos-testbed/configuration.nix b/hosts/nixos-testbed/configuration.nix
old mode 100644
new mode 100755
diff --git a/hosts/nixos-testbed/disko-config.nix b/hosts/nixos-testbed/disko-config.nix
old mode 100644
new mode 100755
diff --git a/hosts/nixos-testbed/hardware-configuration.nix b/hosts/nixos-testbed/hardware-configuration.nix
old mode 100644
new mode 100755
diff --git a/hosts/nixos-testbed/system.nix b/hosts/nixos-testbed/system.nix
old mode 100644
new mode 100755
diff --git a/lib/utils.nix b/lib/utils.nix
old mode 100644
new mode 100755
diff --git a/modules/home/impermanence.nix b/modules/home/impermanence.nix
old mode 100644
new mode 100755
diff --git a/modules/home/sops.nix b/modules/home/sops.nix
old mode 100644
new mode 100755
diff --git a/modules/nixos/erase-home-darlings.clj b/modules/nixos/erase-home-darlings.clj
old mode 100644
new mode 100755
diff --git a/modules/nixos/filesystemType.nix b/modules/nixos/filesystemType.nix
old mode 100644
new mode 100755
diff --git a/modules/nixos/gpg.nix b/modules/nixos/gpg.nix
old mode 100644
new mode 100755
diff --git a/modules/nixos/impermanence.nix b/modules/nixos/impermanence.nix
old mode 100644
new mode 100755
diff --git a/modules/nixos/impermanence/erase-darlings.clj b/modules/nixos/impermanence/erase-darlings.clj
old mode 100644
new mode 100755
diff --git a/modules/nixos/niri.nix b/modules/nixos/niri.nix
old mode 100644
new mode 100755
diff --git a/modules/nixos/sops.nix b/modules/nixos/sops.nix
old mode 100644
new mode 100755
diff --git a/modules/nixos/users.nix b/modules/nixos/users.nix
old mode 100644
new mode 100755
diff --git a/secrets.yaml b/secrets.yaml
old mode 100644
new mode 100755
diff --git a/users/crumb/default.nix b/users/crumb/default.nix
old mode 100644
new mode 100755
diff --git a/users/crumb/programs.nix b/users/crumb/programs.nix
old mode 100644
new mode 100755
diff --git a/users/crumb/programs/nvim.nix b/users/crumb/programs/nvim.nix
old mode 100644
new mode 100755
diff --git a/users/crumb/programs/passage.nix b/users/crumb/programs/passage.nix
new file mode 100755
index 0000000..d68bfc4
--- /dev/null
+++ b/users/crumb/programs/passage.nix
@@ -0,0 +1,29 @@
+{ config, lib, pkgs, ... }:
+
+{
+  home.packages = [ pkgs.passage ];
+  home.file.".passage/identities".source =
+    (config.lib.file.mkOutOfStoreSymlink config.sydnix.sops.keyFile);
+  home.file.".passage/store".source =
+    (config.lib.file.mkOutOfStoreSymlink "/persist/home/crumb/.passage/store");
+
+  home.shellAliases."pass" = "${pkgs.passage/bin/passage}";
+
+  # TODO:
+  # systemd.user.services.sync-password-store = {
+  #   Unit = {
+  #     Description = "Pull and push user password store.";
+  #   };
+  #   Service = {
+  #     Environment = "PATH=/run/current-system/sw/bin";
+  #     ExecStart =
+  #       let script = ''
+  #             set -xe -o pipefail
+  #           '';
+  #       in pkgs.writeShellScript "sync-password-store" script;
+  #   };
+  #   Install = {
+  #     WantedBy = ["default.target"];
+  #   };
+  # };
+}
diff --git a/users/crumb/secrets.yaml b/users/crumb/secrets.yaml
old mode 100644
new mode 100755