Refactor git credentials secrets

Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>

hosts/elara/users/nikara/configs/console/git/default.nix

@@ -18,17 +18,35 @@ in
   home-manager.users.${user} = {
     sops = {
       secrets = {
-        "git/credentials/git.karaolidis.com/username".sopsFile =
-          ../../../../../../../secrets/personal/secrets.yaml;
-        "git/credentials/git.karaolidis.com/password".sopsFile =
-          ../../../../../../../secrets/personal/secrets.yaml;
+        "git/credentials/personal/git.karaolidis.com/admin/username" = {
+          sopsFile = ../../../../../../../secrets/personal/secrets.yaml;
+          key = "git/credentials/git.karaolidis.com/admin/username";
+        };
+
+        "git/credentials/personal/git.karaolidis.com/admin/password" = {
+          sopsFile = ../../../../../../../secrets/personal/secrets.yaml;
+          key = "git/credentials/git.karaolidis.com/admin/password";
+        };
+
+        "git/credentials/sas/github.com/admin/username" = {
+          sopsFile = ../../../../../../../secrets/sas/secrets.yaml;
+          key = "git/credentials/github.com/admin/username";
+        };
+
+        "git/credentials/sas/github.com/admin/password" = {
+          sopsFile = ../../../../../../../secrets/sas/secrets.yaml;
+          key = "git/credentials/github.com/admin/password";
+        };
       };
 
       templates."git/credentials" = {
         content = ''
-          https://${hmConfig.sops.placeholder."git/credentials/git.karaolidis.com/username"}:${
-            hmConfig.sops.placeholder."git/credentials/git.karaolidis.com/password"
+          https://${hmConfig.sops.placeholder."git/credentials/personal/git.karaolidis.com/admin/username"}:${
+            hmConfig.sops.placeholder."git/credentials/personal/git.karaolidis.com/admin/password"
           }@git.karaolidis.com
+          https://${hmConfig.sops.placeholder."git/credentials/sas/github.com/admin/username"}:${
+            hmConfig.sops.placeholder."git/credentials/sas/github.com/admin/password"
+          }@github.com
         '';
         path = "${home}/.config/git/credentials";
       };

hosts/elara/users/nikara/configs/console/gpg/default.nix

@@ -0,0 +1,38 @@
+{
+  user ? throw "user argument is required",
+  home ? throw "home argument is required",
+}:
+{ config, ... }:
+let
+  hmConfig = config.home-manager.users.${user};
+in
+{
+  home-manager.users.${user} = {
+    sops.secrets = {
+      "gpg/personal/key" = {
+        sopsFile = ../../../../../../../secrets/personal/secrets.yaml;
+        key = "gpg/key";
+      };
+
+      "gpg/personal/pass" = {
+        sopsFile = ../../../../../../../secrets/personal/secrets.yaml;
+        key = "gpg/pass";
+      };
+
+      "gpg/sas/key" = {
+        sopsFile = ../../../../../../../secrets/sas/secrets.yaml;
+        key = "gpg/key";
+      };
+
+      "gpg/sas/pass" = {
+        sopsFile = ../../../../../../../secrets/sas/secrets.yaml;
+        key = "gpg/pass";
+      };
+    };
+
+    programs.clipbook.bookmarks = {
+      "Personal GPG Passphrase".source = hmConfig.sops.secrets."gpg/personal/pass".path;
+      "SAS GPG Passphrase".source = hmConfig.sops.secrets."gpg/sas/pass".path;
+    };
+  };
+}

hosts/elara/users/nikara/configs/console/sas/default.nix

@@ -0,0 +1,11 @@
+{
+  user ? throw "user argument is required",
+  home ? throw "home argument is required",
+}:
+{ ... }:
+{
+  home-manager.users.${user}.sops.secrets = {
+    "artifactory/cdp/user".sopsFile = ../../../../../../../secrets/sas/secrets.yaml;
+    "artifactory/cdp/password".sopsFile = ../../../../../../../secrets/sas/secrets.yaml;
+  };
+}

hosts/elara/users/nikara/configs/console/ssh/default.nix

@@ -2,20 +2,59 @@
   user ? throw "user argument is required",
   home ? throw "home argument is required",
 }:
-{ inputs, system, ... }:
+{
+  config,
+  inputs,
+  system,
+  ...
+}:
 let
+  hmConfig = config.home-manager.users.${user};
   selfPkgs = inputs.self.packages.${system};
 in
 {
-  home-manager.users.${user}.programs.ssh = {
-    matchBlocks = {
-      "cldlgn.fyi.sas.com" = {
-        inherit user;
-        hostname = "cldlgn.fyi.sas.com";
-        identityFile = "${home}/.ssh/ssh_sas_ed25519_key";
+  home-manager.users.${user} = {
+    sops.secrets = {
+      "ssh/personal/key" = {
+        sopsFile = ../../../../../../../secrets/personal/secrets.yaml;
+        key = "ssh/key";
+        path = "${home}/.ssh/ssh_personal_ed25519_key";
+      };
+
+      "ssh/personal/pass" = {
+        sopsFile = ../../../../../../../secrets/personal/secrets.yaml;
+        key = "ssh/pass";
+      };
+
+      "ssh/sas/key" = {
+        sopsFile = ../../../../../../../secrets/sas/secrets.yaml;
+        key = "ssh/key";
+        path = "${home}/.ssh/ssh_sas_ed25519_key";
+      };
+
+      "ssh/sas/pass" = {
+        sopsFile = ../../../../../../../secrets/sas/secrets.yaml;
+        key = "ssh/pass";
       };
     };
 
-    userKnownHostsFiles = with selfPkgs; [ ssh-known-hosts-sas-cldlgn ];
+    programs = {
+      ssh = {
+        matchBlocks = {
+          "cldlgn.fyi.sas.com" = {
+            inherit user;
+            hostname = "cldlgn.fyi.sas.com";
+            identityFile = "${home}/.ssh/ssh_sas_ed25519_key";
+          };
+        };
+
+        userKnownHostsFiles = with selfPkgs; [ ssh-known-hosts-sas-cldlgn ];
+      };
+
+      clipbook.bookmarks = {
+        "Personal SSH Key Passphrase".source = hmConfig.sops.secrets."ssh/personal/pass".path;
+        "SAS SSH Key Passphrase".source = hmConfig.sops.secrets."ssh/sas/pass".path;
+      };
+    };
   };
 }

hosts/elara/users/nikara/configs/gui/theme/default.nix

@@ -0,0 +1,8 @@
+{
+  user ? throw "user argument is required",
+  home ? throw "home argument is required",
+}:
+{ ... }:
+{
+  home-manager.users.${user}.theme.wallpaper = ../../../../../../../static/wallpapers/snow.jpg;
+}