refactor secrets

2023-07-01 17:45:08 +05:30 · 2023-07-01 17:45:08 +05:30 · d6b94213d4
commit d6b94213d4
parent b1192bf17a
6 changed files with 21 additions and 14 deletions
--- a/common/users/default.nix
+++ b/common/users/default.nix
@ -3,7 +3,7 @@
  secrets,
  ...
 }: let
-  user = (import ../../secrets.nix).users;
+  user = secrets.users;
 in {
  users.mutableUsers = false;
  users.users = {
--- a/flake.nix
+++ b/flake.nix
@ -34,7 +34,7 @@
    lanzaboote,
    nixneovimplugins,
  } @ inputs: let
-    user = (import ./secrets.nix).users;
+    secrets = import ./secrets.nix;
  in {
    formatter."x86_64-linux" = nixpkgs.legacyPackages."x86_64-linux".alejandra;
    nixosConfigurations = {
@ -47,7 +47,7 @@
          };
          overlays = [(import ./packages) nixneovimplugins.overlays.default];
        };
-        specialArgs = inputs;
+        specialArgs = inputs // {inherit secrets;};
        modules = [
          {
            system.configurationRevision = nixpkgs.lib.mkIf (self ? rev) self.rev;
@ -64,7 +64,8 @@
            home-manager = {
              useUserPackages = true;
              useGlobalPkgs = true;
-              users.${user.primary.userName} = {pkgs, ...}: {
+              extraSpecialArgs = {inherit secrets;};
+              users.${secrets.users.primary.userName} = {pkgs, ...}: {
                imports = [
                  impermanence.nixosModules.home-manager.impermanence
                  ./home
@ -82,7 +83,7 @@
            allowUnfree = true;
          };
        };
-        specialArgs = inputs;
+        specialArgs = inputs // {inherit secrets;};
        modules = [
          {
            system.configurationRevision = nixpkgs.lib.mkIf (self ? rev) self.rev;
--- a/home/programs/git.nix
+++ b/home/programs/git.nix
@ -1,5 +1,9 @@
-{pkgs, ...}: let
-  user = (import ../../secrets.nix).users;
+{
+  pkgs,
+  secrets,
+  ...
+}: let
+  user = secrets.users;
 in {
  programs.git = {
    enable = true;
--- a/hosts/rico2/services/caddy.nix
+++ b/hosts/rico2/services/caddy.nix
@ -1,6 +1,4 @@
-{...}: let
-  secrets = import ../../../secrets.nix;
-in {
+{secrets, ...}: {
  services.caddy = {
    enable = true;
    email = secrets.caddy_config.email;
--- a/hosts/rico2/services/frpc.nix
+++ b/hosts/rico2/services/frpc.nix
@ -1,5 +1,9 @@
-{pkgs, ...}: let
-  frp_config = (import ../../../secrets.nix).frp_config;
+{
+  pkgs,
+  secrets,
+  ...
+}: let
+  frp_config = secrets.frp_config;
 in {
  systemd.services.frpc = {
    enable = true;
--- a/hosts/skipper/services/default.nix
+++ b/hosts/skipper/services/default.nix
@ -1,5 +1,5 @@
-{ ... }: let
-  user = (import ../../../secrets.nix).users;
+{secrets, ...}: let
+  user = secrets.users;
 in {
  imports = [
    ./dbus.nix