From 565b33dd3edd2b2b7ab9215515dd8c09fc2a9ab1 Mon Sep 17 00:00:00 2001
From: Antoine Martin <antoine@alarsyo.net>
Date: Mon, 7 Feb 2022 17:16:52 +0100
Subject: [PATCH] poseidon: setup agenix secrets

---
 hosts/poseidon/default.nix |  1 +
 hosts/poseidon/secrets.nix | 16 ++++++++++++++++
 2 files changed, 17 insertions(+)
 create mode 100644 hosts/poseidon/secrets.nix

diff --git a/hosts/poseidon/default.nix b/hosts/poseidon/default.nix
index f458015..1e8d3eb 100644
--- a/hosts/poseidon/default.nix
+++ b/hosts/poseidon/default.nix
@@ -12,6 +12,7 @@ in
       ./hardware-configuration.nix
 
       ./home.nix
+      ./secrets.nix
     ];
 
   # Use the GRUB 2 boot loader.
diff --git a/hosts/poseidon/secrets.nix b/hosts/poseidon/secrets.nix
new file mode 100644
index 0000000..2b64a0d
--- /dev/null
+++ b/hosts/poseidon/secrets.nix
@@ -0,0 +1,16 @@
+{ config, lib, options, ... }:
+
+{
+  config.age = {
+    secrets =
+      let
+        toSecret = name: { ... }@attrs: {
+          file = ./../../modules/secrets + "/${name}.age";
+        } // attrs;
+      in
+        lib.mapAttrs toSecret {
+          "users/alarsyo-hashed-password" = {};
+          "users/root-hashed-password" = {};
+        };
+  };
+}