From 388feede957740f5f7d93c54ba4a4f91e2fc1307 Mon Sep 17 00:00:00 2001 From: Hektor Misplon Date: Tue, 24 Feb 2026 15:03:49 +0100 Subject: [PATCH] feat: add 'secrets' module to work host --- home/hosts/work/default.nix | 5 +++++ home/modules/secrets/default.nix | 20 ++++++++++++++++++++ home/modules/secrets/vault.nix | 16 ++++++++++++++++ 3 files changed, 41 insertions(+) create mode 100644 home/modules/secrets/default.nix create mode 100644 home/modules/secrets/vault.nix diff --git a/home/hosts/work/default.nix b/home/hosts/work/default.nix index 50201cc..4bef19d 100644 --- a/home/hosts/work/default.nix +++ b/home/hosts/work/default.nix @@ -28,6 +28,7 @@ in ../../modules/kitty.nix ../../modules/nvim.nix ../../modules/pandoc.nix + ../../modules/secrets ../../modules/browser ../../modules/shell ../../modules/music @@ -99,6 +100,10 @@ in github.enable = true; gitlab.enable = true; pandoc.enable = true; + secrets = { + enable = true; + vault.enable = true; + }; shell.bash.enable = true; starship.enable = true; diff --git a/home/modules/secrets/default.nix b/home/modules/secrets/default.nix new file mode 100644 index 0000000..6840ff4 --- /dev/null +++ b/home/modules/secrets/default.nix @@ -0,0 +1,20 @@ +{ + config, + lib, + pkgs, + ... +}: +{ + options.secrets = { + enable = lib.mkEnableOption "secrets"; + }; + + imports = [ ./vault.nix ]; + + config = lib.mkIf config.secrets.enable { + home.packages = with pkgs; [ + sops + age + ]; + }; +} diff --git a/home/modules/secrets/vault.nix b/home/modules/secrets/vault.nix new file mode 100644 index 0000000..2b79f15 --- /dev/null +++ b/home/modules/secrets/vault.nix @@ -0,0 +1,16 @@ +{ + config, + lib, + pkgs, + ... +}: + +{ + options.secrets.vault = { + enable = lib.mkEnableOption "vault CLI"; + }; + + config = lib.mkIf config.secrets.vault.enable { + home.packages = with pkgs; [ vault-bin ]; + }; +}