31 lines
675 B
Nix
31 lines
675 B
Nix
{ config, lib, pkgs, ... }:
|
|
|
|
let cfg = config.sydnix.sops;
|
|
in {
|
|
options = {
|
|
sydnix.sops = {
|
|
enable = lib.mkEnableOption "Sops";
|
|
keyFile = lib.mkOption {
|
|
description = "Path to an Age key file.";
|
|
type = lib.types.path;
|
|
default = config.home.homeDirectory + "/key.txt";
|
|
};
|
|
secrets = lib.mkOption {
|
|
description = "Secrets passed directly to sops-nix.";
|
|
};
|
|
};
|
|
};
|
|
|
|
config = lib.mkIf cfg.enable {
|
|
home.packages = [
|
|
pkgs.sops
|
|
];
|
|
|
|
sops = {
|
|
age.keyFile = cfg.keyFile;
|
|
defaultSopsFile = ../../users/${config.home.username}/secrets.yaml;
|
|
secrets = cfg.secrets;
|
|
};
|
|
};
|
|
}
|