Add secrets service

Allow managing secrets and passwords using Guix. Secrets are encrypted in the Guix channel repository and decrypted using a single host key at activation time.
author: Timo Wilken 2023-11-05 01:03:55 +0100
committer: Timo Wilken 2023-11-05 01:03:55 +0100
commit: 7409fef3cbe6bba6c66ce8b03aef6c2d9dc6c7e7 (patch)
tree: 925bbc88193a26d0b0c5fb5b01842be614af4ea6 /tw/home.scm
parent: c3ef6ab1a62cf23cd15fd8865ec6bcdf8e7e4ad7 (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/tw/home.scm b/tw/home.scm
index 17cb7da7..6b0402db 100644
--- a/tw/home.scm
+++ b/tw/home.scm
@@ -18,6 +18,8 @@
   #:use-module (tw packages ci)
   #:use-module (tw packages games)
   #:use-module (tw packages xorg)
+  #:use-module ((tw services secrets)
+                #:select (encsecret-program))
   #:use-module (tw system)
   #:use-module (tw theme))
 
@@ -170,6 +172,7 @@
 
    (simple-service 'common-files home-files-service-type
      `((".infokey" ,(local-file "home/files/infokey"))
+       (".local/bin/encsecret" ,encsecret-program)
        ;; With #:recursive? #t, Guix keeps the files' permission bits, i.e. makes them executable.
        (".local/bin/ppscm" ,(local-file "home/files/ppscm" #:recursive? #t))))  ; pretty-print scheme files
author	Timo Wilken	2023-11-05 01:03:55 +0100
committer	Timo Wilken	2023-11-05 01:03:55 +0100
commit	7409fef3cbe6bba6c66ce8b03aef6c2d9dc6c7e7 (patch)
tree	925bbc88193a26d0b0c5fb5b01842be614af4ea6 /tw/home.scm
parent	c3ef6ab1a62cf23cd15fd8865ec6bcdf8e7e4ad7 (diff)