From ed51e818c1995f57b710327957c1d179980e4deb Mon Sep 17 00:00:00 2001 From: Benedikt Peetz Date: Fri, 18 Oct 2024 22:13:18 +0200 Subject: refactor(modules/secrets): Split into the modules, that need the secrets Storing the secrets in the module that actually needs them, is a cleaner solution. --- modules/by-name/ta/taskwarrior/module.nix | 35 +++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 modules/by-name/ta/taskwarrior/module.nix (limited to 'modules/by-name/ta/taskwarrior/module.nix') diff --git a/modules/by-name/ta/taskwarrior/module.nix b/modules/by-name/ta/taskwarrior/module.nix new file mode 100644 index 00000000..ff1569af --- /dev/null +++ b/modules/by-name/ta/taskwarrior/module.nix @@ -0,0 +1,35 @@ +{...}: { + # HACK: Migrating the whole `taskwarrior` setup is right now unrealistic, as the module is + # tightly coupled with the `firefox` module, and `neorg` script. + # But to work around the fact that setting the `age` secrets in the legacy module is + # impossible, this module was created as work-around until the `taskwarrior` module can + # be fully migrated. <2024-10-18> + config = { + age.secrets = { + taskserverPrivate = { + file = ./secrets/private.key; + mode = "700"; + owner = "soispha"; + group = "users"; + }; + taskserverPublic = { + file = ./secrets/public.cert; + mode = "700"; + owner = "soispha"; + group = "users"; + }; + taskserverCA = { + file = ./secrets/ca.cert; + mode = "700"; + owner = "soispha"; + group = "users"; + }; + taskserverCredentials = { + file = ./secrets/credentials; + mode = "700"; + owner = "soispha"; + group = "users"; + }; + }; + }; +} -- cgit 1.4.1