From 6657d4e7a2d29b87d135a7ee4f43e1b971b0116b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Moritz=20B=C3=B6hme?= Date: Fri, 25 Oct 2024 11:16:29 +0200 Subject: [PATCH] feat: add github access token for nix --- modules/programs/nix.nix | 7 ++++++- secrets/nix-github-token.age | 10 ++++++++++ secrets/secrets.nix | 1 + 3 files changed, 17 insertions(+), 1 deletion(-) create mode 100644 secrets/nix-github-token.age diff --git a/modules/programs/nix.nix b/modules/programs/nix.nix index c0807ce..c98c643 100644 --- a/modules/programs/nix.nix +++ b/modules/programs/nix.nix @@ -44,12 +44,17 @@ in nix = config.nix.package; }; + age.secrets.nix-github-token.file = ../../secrets/nix-github-token.age; + nix = { nixPath = [ "nixpkgs=${inputs.nixpkgs}" ]; package = pkgs.nix; - extraOptions = "experimental-features = nix-command flakes"; + extraOptions = '' + !include ${config.age.secrets.nix-github-token.path} + experimental-features = nix-command flakes + ''; gc = { automatic = cfg.gc.enable; diff --git a/secrets/nix-github-token.age b/secrets/nix-github-token.age new file mode 100644 index 0000000..0a2a81e --- /dev/null +++ b/secrets/nix-github-token.age @@ -0,0 +1,10 @@ +age-encryption.org/v1 +-> ssh-ed25519 CjuqfA H1gL8k/o7kvJoVEZ0UrbUv1G7Ceb3cUCIVFhch9rDhc +0531muHlievVhT5piGLXC+/zOymCkPM9P9csRxLsnpM +-> ssh-ed25519 wG6LYg Z9cm/TUZbV35tzgHywx1AHmF8jrFFqBl3sCIELEvcH0 +OmLY/ThgZ4f8CFFA5YpYFiRK+ro7cBqoFY6UY7/VS8I +-> ssh-ed25519 ZYd7Zg xpjSILAYRyQ4kkbdLAVJQXChX+t/DeL3qWWJae2sczI +wamYh70/AGSh5j4uqsPFTvn36E3TmGoVL8XlxbSfX9g +--- NNsTU7Fsi/WLegSpkuoNaxN0kFQG38mgdhCQ8y+CSQE +v"F +=raz6hQN&DpvGXQ$d7t݈ElIXYrV')J¬Hɦڃ?fWH_ԮԱ" \ No newline at end of file diff --git a/secrets/secrets.nix b/secrets/secrets.nix index e82d844..197c70b 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -28,4 +28,5 @@ in "exercism.age".publicKeys = personal; "openai.age".publicKeys = personal; "anthropic.age".publicKeys = personal; + "nix-github-token.age".publicKeys = personal; }