adding sops for taskchamp

2025-03-29 14:07:48 -04:00 · 2025-03-29 14:07:48 -04:00 · 09890eae60
commit 09890eae60
parent 6caa8ebc32
9 changed files with 56 additions and 38 deletions
--- a/homes/emenel/default.nix
+++ b/homes/emenel/default.nix
@ -79,7 +79,15 @@
      borg_url = {
        path = "${config.sops.defaultSymlinkPath}/borg_url";
      };
+      taskchamp-id = {};
+      taskchamp-key = {};
    };
+
+    templates."taskchamp".content =
+        ''
+sync.server.client_id = ${config.sops.placeholder.taskchamp-id}
+sync.encryption_secret = ${config.sops.placeholder.taskchamp-key}
+'';
  };

  programs = {
--- a/homes/emenel/secrets.yaml
+++ b/homes/emenel/secrets.yaml
@ -18,8 +18,8 @@ sops:
            RTk5RGdrZ3dGaXJIait5VG45bTFpQVkKFvq2714fyXnUlQ2ovZGVl55Wq9m/uvpC
            Q7k9SEOdSMNqioG5TR7yhGS+cCbcO+zV7WXxKB+mpwUmhkc13H0w5A==
            -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2025-01-06T20:09:39Z"
-    mac: ENC[AES256_GCM,data:lZB6blCUm/QXMbK05z65vIxbVm3diXaNXKmGc8c2as8MqEcFwP5twB9GlX/Kpn/3aEFvH5FpavOfUzId5eOVVZJnZYIuTELqXpNGWUD6dMbCmIL0sfOsp49rgmKr+mkoi7kfhM7dMCoximBS2ubLOVIyPAHmrnKI1St/cs/J+PE=,iv:xCerqV4zPVj6LRnWQwNUWTz9F0tJRAF+0b9QcNbHwJ4=,tag:6ew+Loe4iiqMgM2SrhIVpQ==,type:str]
+    lastmodified: "2025-03-29T18:07:28Z"
+    mac: ENC[AES256_GCM,data:o9wEs1KqNUthQpBqTJ4qB2v8o4AneWro6Zk2KsPCZN4UsnJGj87MAtZLcbknXNs+2io+XkTfYf3P86jqPCMP6qA/74lpcbkE1HuIzTmmB+VOXRiXlLuxo6XveeLfPqua0YEyzvI/EouA+0w7NKawdmkID/ursR2SqL8VMQ26PzM=,iv:C8pF/pz7hmBg5uTb9oOnNvkH6l9uDYqda1YgegYoIfo=,tag:bkyHfZphQG2z9C6w5NVLYg==,type:str]
    pgp: []
    unencrypted_suffix: _unencrypted
-    version: 3.9.2
+    version: 3.9.4
--- a/homes/media/default.nix
+++ b/homes/media/default.nix
@ -28,10 +28,32 @@
      "/home/media/.local/state/nix/profiles/home-manager/home-path/bin/"
    ];

+    sessionVariables = {
+      LISTEN = 33034;
+      DATA_DIR = "/home/media/.local/share/task-sync";
+    };

    stateVersion = "25.05";
  };

+  sops = {
+    age.keyFile = "/home/media/.config/sops/age/keys.txt"; # must have no password!
+
+    defaultSopsFile = ../emenel/secrets.yaml;
+
+    secrets = {
+      taskchamp-id = {};
+      taskchamp-key = {};
+    };
+
+    templates."taskchamp".content =
+        ''
+sync.server.client_id = ${config.sops.placeholder.taskchamp-id}
+sync.encryption_secret = ${config.sops.placeholder.taskchamp-key}
+'';
+  };
+
+  
  programs = {
    home-manager.enable = true;
    password-store.enable = true;
@ -41,7 +63,7 @@
    enable = true;
    startServices = "sd-switch"; # auto reload services when home is rebuilt
  };
-
+  
  #custom script executables
  home.file.".local/bin" = {
    source = ../emenel/dotfiles/dot_local/bin;