From 44a4f7c6bac97a3381a2b7de8707cd9389f5460f Mon Sep 17 00:00:00 2001
From: Mel <einebeere@gmail.com>
Date: Sat, 7 Dec 2024 03:24:15 +0100
Subject: Move secrets and keys into agenix

Signed-off-by: Mel <einebeere@gmail.com>
---
 modules/user.nix | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

(limited to 'modules/user.nix')

diff --git a/modules/user.nix b/modules/user.nix
index 2f49569..4ea0be2 100644
--- a/modules/user.nix
+++ b/modules/user.nix
@@ -1,6 +1,10 @@
-{ config, pkgs, security, ... }:
+{ config, pkgs, keys, ... }:
 
 {
+  age.secrets.password = {
+    file = ../secrets/password.age;
+  };
+
   users.mutableUsers = false;
   users.users.mel = {
     isNormalUser = true;
@@ -8,8 +12,8 @@
     shell = pkgs.fish;
     extraGroups = [ "networkmanager" "wheel" "docker" ];
 
-    hashedPassword = security.password;
-    openssh.authorizedKeys.keys = security.keys;
+    hashedPasswordFile = config.age.secrets.password.path;
+    openssh.authorizedKeys.keys = keys.allUsers;
 
     packages = (with pkgs; []);
   };
-- 
cgit 1.4.1