diff options
author | Timo Wilken | 2023-11-05 01:03:55 +0100 |
---|---|---|
committer | Timo Wilken | 2023-11-05 01:03:55 +0100 |
commit | 7409fef3cbe6bba6c66ce8b03aef6c2d9dc6c7e7 (patch) | |
tree | 925bbc88193a26d0b0c5fb5b01842be614af4ea6 /tw/home.scm | |
parent | c3ef6ab1a62cf23cd15fd8865ec6bcdf8e7e4ad7 (diff) |
Add secrets service
Allow managing secrets and passwords using Guix.
Secrets are encrypted in the Guix channel repository and decrypted using a
single host key at activation time.
Diffstat (limited to 'tw/home.scm')
-rw-r--r-- | tw/home.scm | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/tw/home.scm b/tw/home.scm index 17cb7da7..6b0402db 100644 --- a/tw/home.scm +++ b/tw/home.scm @@ -18,6 +18,8 @@ #:use-module (tw packages ci) #:use-module (tw packages games) #:use-module (tw packages xorg) + #:use-module ((tw services secrets) + #:select (encsecret-program)) #:use-module (tw system) #:use-module (tw theme)) @@ -170,6 +172,7 @@ (simple-service 'common-files home-files-service-type `((".infokey" ,(local-file "home/files/infokey")) + (".local/bin/encsecret" ,encsecret-program) ;; With #:recursive? #t, Guix keeps the files' permission bits, i.e. makes them executable. (".local/bin/ppscm" ,(local-file "home/files/ppscm" #:recursive? #t)))) ; pretty-print scheme files |