rrvsh/pantheon
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(secrets): Add darwin sops config and gemini key access

Browse source
This commit is contained in:
Mohammad Rafiq 2025-07-14 19:16:37 +08:00
parent f502810dae
commit 79b83cfc70
No known key found for this signature in database
1 changed files with 15 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

15
nix/modules/system/secrets.nix
View file

@ -30,6 +30,21 @@ in
''; '';
}; };
}; };
flake.modules.darwin.default =
{ config, ... }:
{
imports = [ inputs.sops-nix.darwinModules.sops ];
config = {
sops = {
age.sshKeyPaths = [ "${config.users.users.${username}.home}/.ssh/id_ed25519" ];
secrets."keys/gemini".sopsFile = secrets + "/keys.yaml";
};
environment.shellInit = # sh
''
export GEMINI_API_KEY=$(sudo cat ${config.sops.secrets."keys/gemini".path})
'';
};
};
flake.modules.homeManager.default.persistDirs = [ ".config/sops/age" ]; flake.modules.homeManager.default.persistDirs = [ ".config/sops/age" ];
perSystem = perSystem =
{ pkgs, ... }: { pkgs, ... }: