add secret scheme

1 files changed, 32 insertions, 15 deletions

diff --git a/flake.nix b/flake.nix
index f71dc4e..d8682d5 100644
--- a/flake.nix
+++ b/flake.nix
@@ -1,5 +1,9 @@
 {
   inputs = {
+    agenix = {
+      url = "github:ryantm/agenix";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
     home-manager = {
       url = "github:nix-community/home-manager";
       inputs.nixpkgs.follows = "nixpkgs";
@@ -24,6 +28,7 @@
     };
   };
   outputs = {
+    agenix,
     home-manager,
     impermanence,
     nixpkgs,
@@ -34,27 +39,39 @@
     ...
   }: let
     laptop = import ./machines/laptop/machine.nix;
-  in {
-    nixosConfigurations.${laptop.hostname} = nixpkgs.lib.nixosSystem {
-      system = laptop.system;
-      specialArgs = {machine = laptop;};
-      modules = [
+    _173-249-5-230 = import ./machines/173-249-5-230/machine.nix;
+    configuration = machine: modules:
+      nixpkgs.lib.nixosSystem {
+        system = machine.system;
+        specialArgs = {inherit machine;};
+        modules =
+          modules
+          ++ [
+            machine.configuration
+            machine.hardware-configuration
+          ];
+      };
+    configurationWithHomeManager = machine: (configuration machine
+      [
+        agenix.nixosModules.default
         home-manager.nixosModules.home-manager
         {
-          nixpkgs.overlays = [nur.overlays.default];
+          nixpkgs.overlays = [
+            agenix.overlays.default
+            nur.overlays.default
+          ];
           home-manager.useGlobalPkgs = true;
-          home-manager.extraSpecialArgs = {
-            machine = laptop;
-          };
+          home-manager.extraSpecialArgs = {inherit machine;};
           home-manager.users =
             builtins.mapAttrs
             (name: value: value)
             (
-              nixpkgs.legacyPackages.${laptop.system}.lib.genAttrs
-              laptop.usernames
+              nixpkgs.legacyPackages.${machine.system}.lib.genAttrs
+              machine.usernames
               (
                 name: {
                   imports = [
+                    agenix.homeManagerModules.default
                     stylix.homeModules.stylix
                     nvf.homeManagerModules.default
                     ./users/${name}/home.nix
@@ -65,9 +82,9 @@
         }
         impermanence.nixosModules.impermanence
         noshell.nixosModules.default
-        ./configuration.nix
-        laptop.hardware-configuration
-      ];
-    };
+      ]);
+  in {
+    nixosConfigurations.${laptop.hostname} = configurationWithHomeManager laptop;
+    nixosConfigurations.${_173-249-5-230.hostname} = configurationWithHomeManager _173-249-5-230;
   };
 }