infrastructure/config/profiles/base/secrets.nix at 57b35ead89f6a9f7f389be329858b0dbeec68a2a - gensokyo-zone/infrastructure - kittywitch forge

gensokyo-zone/infrastructure

mirror of https://github.com/gensokyo-zone/infrastructure.git synced 2026-02-09 12:29:19 -08:00

kat witch 57b35ead89

secrets module overhaul, moving back to bitwarden, removed glauca dyndns

2021-09-01 06:01:20 +01:00

13 lines

336 B

Nix

Raw Blame History

 { config, lib, pkgs, ... }:
 {
   secrets = {
     root = "/var/lib/kat/secrets";
     persistentRoot = "/var/lib/kat/secrets";
     external = true;
   };
   kw.secrets.command = let
     bitw = pkgs.writeShellScriptBin "bitw" ''${pkgs.rbw-bitw}/bin/bitw -p gpg://${config.kw.secrets.repo.bitw.source} "$@"'';
   in "${bitw}/bin/bitw get";
 }