flake: migrate to agenix-rekey

2025-02-18 21:47:38 -05:00 · 2025-02-18 21:47:38 -05:00 · b54be3998f
commit b54be3998f
parent 26734c2196
61 changed files with 306 additions and 190 deletions
--- a/lib/default.nix
+++ b/lib/default.nix
@ -126,6 +126,7 @@ lib.makeExtensible (

    disko = import ./disko.nix { inherit lib; };
    filesystems = import ./filesystems.nix { inherit lib self; };
+    secrets = import ./secrets.nix;
  }
  // (import ./digga.nix { inherit lib; })
  // (import ./hosts.nix { inherit lib; })
--- a/lib/secrets.nix
+++ b/lib/secrets.nix
@ -0,0 +1,13 @@
+{
+  withOwnerGroup = name: rekeyFile: {
+    owner = name;
+    group = name;
+    mode = "440";
+    inherit rekeyFile;
+  };
+  withOwner = owner: rekeyFile: { inherit owner rekeyFile; };
+  withGroup = group: rekeyFile: {
+    inherit group rekeyFile;
+    mode = "440";
+  };
+}