refactor

2025-09-23 13:19:48 +00:00
parent a04a4abef6
commit dd3753fab4
170 changed files with 907 additions and 1715 deletions
--- a/packages/common/secrets.nix
+++ b/packages/common/secrets.nix
@@ -0,0 +1,49 @@
+{ config, hostname, ... }:
+{
+  config.programs.onepassword-secrets = {
+    enable = true;
+    tokenFile = "${config.home.homeDirectory}/.op_sat";
+    secrets = {
+      mennos2025Pem = {
+        reference = "op://Dotfiles/Fallback SSH Key/private key";
+        path = ".ssh/mennos-2025.pem";
+        mode = "0600";
+      };
+      mennos2025Pub = {
+        reference = "op://Dotfiles/Fallback SSH Key/public key";
+        path = ".ssh/mennos-2025.pub";
+        mode = "0644";
+      };
+      workWgVPn = {
+        reference = "op://Dotfiles/Work VPN/config";
+        path = ".config/wireguard/work-vpn.conf";
+        mode = "0600";
+      };
+      authorizedKeysForHost = {
+        reference = "op://Dotfiles/Authorized Keys/${hostname}";
+        path = ".ssh/authorized_keys";
+        mode = "0644";
+      };
+      personalSshConf = {
+        reference = "op://Dotfiles/SSH Configs/personal";
+        path = ".ssh/config.d/personal.conf";
+        mode = "0644";
+      };
+      workDevSshConf = {
+        reference = "op://Dotfiles/SSH Configs/work-dev";
+        path = ".ssh/config.d/work-dev.conf";
+        mode = "0644";
+      };
+      workProdSshConf = {
+        reference = "op://Dotfiles/SSH Configs/work-prod";
+        path = ".ssh/config.d/work-prod.conf";
+        mode = "0644";
+      };
+      tradawarePem = {
+        reference = "op://Dotfiles/Tradaware TransIP PEM/pem";
+        path = ".config/tradaware.pem";
+        mode = "0600";
+      };
+    };
+  };
+}