74 lines
		
	
	
		
			1.9 KiB
		
	
	
	
		
			Nix
		
	
	
	
	
	
			
		
		
	
	
			74 lines
		
	
	
		
			1.9 KiB
		
	
	
	
		
			Nix
		
	
	
	
	
	
| { user, home }:
 | |
| {
 | |
|   config,
 | |
|   inputs,
 | |
|   pkgs,
 | |
|   ...
 | |
| }:
 | |
| let
 | |
|   hmConfig = config.home-manager.users.${user};
 | |
| in
 | |
| {
 | |
|   home-manager.users.${user} = {
 | |
|     sops = {
 | |
|       secrets = {
 | |
|         "ssh/key" = {
 | |
|           sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml";
 | |
|           path = "${home}/.ssh/ssh_personal_ed25519_key";
 | |
|         };
 | |
| 
 | |
|         "ssh/pass".sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml";
 | |
| 
 | |
|         "git/credentials/git.karaolidis.com/admin/username".sopsFile =
 | |
|           "${inputs.secrets}/domains/personal/secrets.yaml";
 | |
| 
 | |
|         "git/credentials/git.karaolidis.com/admin/password".sopsFile =
 | |
|           "${inputs.secrets}/domains/personal/secrets.yaml";
 | |
|       };
 | |
| 
 | |
|       templates."git/credentials" = {
 | |
|         content = ''
 | |
|           https://${hmConfig.sops.placeholder."git/credentials/git.karaolidis.com/admin/username"}:${
 | |
|             hmConfig.sops.placeholder."git/credentials/git.karaolidis.com/admin/password"
 | |
|           }@git.karaolidis.com
 | |
|         '';
 | |
|         path = "${home}/.config/git/credentials";
 | |
|       };
 | |
|     };
 | |
| 
 | |
|     programs.ssh = {
 | |
|       matchBlocks = {
 | |
|         "karaolidis.com" = {
 | |
|           hostname = "karaolidis.com";
 | |
|           user = "nick";
 | |
|           identityFile = "${home}/.ssh/ssh_personal_ed25519_key";
 | |
|           identitiesOnly = true;
 | |
|         };
 | |
| 
 | |
|         "github.com" = {
 | |
|           hostname = "github.com";
 | |
|           user = "git";
 | |
|           identityFile = "${home}/.ssh/ssh_personal_ed25519_key";
 | |
|           identitiesOnly = true;
 | |
|         };
 | |
| 
 | |
|         "gitlab.com" = {
 | |
|           hostname = "gitlab.com";
 | |
|           user = "git";
 | |
|           identityFile = "${home}/.ssh/ssh_personal_ed25519_key";
 | |
|           identitiesOnly = true;
 | |
|         };
 | |
|       };
 | |
| 
 | |
|       userKnownHostsFile = builtins.concatStringsSep " " (
 | |
|         with pkgs.sshKnownHosts;
 | |
|         [
 | |
|           "${home}/.ssh/known_hosts"
 | |
|           github
 | |
|           gitlab
 | |
|         ]
 | |
|       );
 | |
|     };
 | |
|   };
 | |
| }
 |