sydnix/modules/home/users/crumb/age.nix

{ config, lib, pkgs, ... }:

let
  mutableSymlink = config.lib.file.mkOutOfStoreSymlink;
  cfg = config.sydnix.users.crumb.age;
in
{
  options.sydnix.users.crumb.age.enable = lib.mkEnableOption "Age, à la crumb";

  config = lib.mkIf cfg.enable {
    home.packages = [
      # Rage supports pinentry while Age does not.
      pkgs.rage
    ];

    # We use a mutable symlink to avoid placing the key inside the
    # world-readable store.
    home.file."private-keys/age/${config.home.username}.age".source =
      mutableSymlink "/persist/private-keys/age/${config.home.username}.age";

    home.file."public-keys/age/${config.home.username}.pub".source =
      ../../../../public-keys/age/${config.home.username}.pub;
  };
}