feat: adds opnix, mennos-laptop-w as host and cleans up secrets

Signed-off-by: Menno van Leeuwen <menno@vleeuwen.me>
2025-07-15 23:50:26 +02:00
parent 1867846c0d
commit 94998bec48
24 changed files with 185 additions and 152 deletions
--- a/config/home-manager/packages/common/secrets.nix
+++ b/config/home-manager/packages/common/secrets.nix
@@ -0,0 +1,29 @@
+{ config, hostname, ... }:
+{
+  config.programs.onepassword-secrets = {
+    enable = true;
+    tokenFile = "${config.home.homeDirectory}/.op_sat";
+    secrets = {
+      mennos2025Pem = {
+        reference = "op://Dotfiles/Fallback SSH Key/private key";
+        path = ".ssh/mennos-2025.pem";
+        mode = "0600";
+      };
+      mennos2025Pub = {
+        reference = "op://Dotfiles/Fallback SSH Key/public key";
+        path = ".ssh/mennos-2025.pub";
+        mode = "0644";
+      };
+      workWgVPn = {
+        reference = "op://Dotfiles/Wireguard VPN Config/config";
+        path = ".config/wireguard/work-vpn.conf";
+        mode = "0600";
+      };
+      authorizedKeysForHost = {
+        reference = "op://Dotfiles/Authorized Keys/${hostname}";
+        path = ".ssh/authorized_keys";
+        mode = "0644";
+      };
+    };
+  };
+}