diff --git a/modules/nixos/agenix-rekey-default/default.nix b/modules/flake/configurations/agenix-rekey/default.nix similarity index 86% rename from modules/nixos/agenix-rekey-default/default.nix rename to modules/flake/configurations/agenix-rekey/default.nix index bb546e0..5a422b8 100644 --- a/modules/nixos/agenix-rekey-default/default.nix +++ b/modules/flake/configurations/agenix-rekey/default.nix @@ -3,6 +3,8 @@ config = { # NOTE: `(r)agenix` and `agenix-rekey` modules are imported by `../../../modules/flake/configurations.nix` age.rekey = { + # NOTE: defined in `meta.nix` + # hostPubkey = null; masterIdentities = lib.mkDefault [ "${inputs.self}/secrets/privkey.age" ]; storageMode = lib.mkDefault "local"; localStorageDir = lib.mkDefault "${inputs.self}/secrets/rekeyed/${config.networking.hostName}"; diff --git a/modules/flake/configurations/default-generators.nix b/modules/flake/configurations/default-generators.nix index fe3bee3..e6dbe40 100644 --- a/modules/flake/configurations/default-generators.nix +++ b/modules/flake/configurations/default-generators.nix @@ -63,6 +63,7 @@ let (lib.optionalAttrs (meta ? pubkey) { age.rekey.hostPubkey = meta.pubkey; }) + ./agenix-rekey # nix-topology inputs.nix-topology.nixosModules.default # Sane default `networking.hostName`