secrets.nix: Remove age secrets management

2024-05-10 16:23:41 +02:00
parent e094afc4a0
commit d0bd09896a
12 changed files with 9 additions and 203 deletions
--- a/lib/flake-helper.nix
+++ b/lib/flake-helper.nix
@@ -1,4 +1,4 @@
-{ self, nixpkgs, agenix, bij, chaosevents, fernglas, fieldpoc, nixos-exporter, solid-xmpp-alarm, sops-nix, ... }@inputs:
+{ self, nixpkgs, bij, chaosevents, fernglas, fieldpoc, nixos-exporter, solid-xmpp-alarm, sops-nix, ... }@inputs:

 rec {
  generateNixosSystem = {
@@ -28,8 +28,6 @@ rec {
        nixpkgs.overlays = [
          self.overlays.clerie
          (_: _: {
-            inherit (agenix.packages."x86_64-linux")
-              agenix;
            inherit (bij.packages."${system}")
              bij;
            inherit (chaosevents.packages."x86_64-linux")
@@ -38,21 +36,12 @@ rec {
        ];
        clerie.monitoring = nixpkgs.lib.attrsets.optionalAttrs (group != null) { serviceLevel = group; };
      })
-      agenix.nixosModules.default
      fernglas.nixosModules.default
      fieldpoc.nixosModules.default
      nixos-exporter.nixosModules.default
      solid-xmpp-alarm.nixosModules.solid-xmpp-alarm
      sops-nix.nixosModules.sops
      (../hosts + "/${name}/configuration.nix")
-      # Automatically load secrets from the hosts secrets directory
-      ({ lib, ... }: let
-        secretsPath = ../hosts + "/${name}/secrets";
-      in {
-        age.secrets = lib.mapAttrs' (filename: _: lib.nameValuePair (lib.removeSuffix ".age" filename) {
-          file = secretsPath + "/${filename}";
-        }) (lib.filterAttrs (name: type: (type == "regular") && (lib.hasSuffix ".age" name) ) (if builtins.pathExists secretsPath then builtins.readDir secretsPath else {}));
-      })
      # Automatically load secrets from sops file for host
      ({ config, lib, ... }: {
        sops.defaultSopsFile = ../hosts + "/${name}/secrets.json";