Initial framework: reusable modules, lib, pkgs, overlays, scripts, sample environment

2026-05-10 19:06:58 +02:00
commit c53d997d07
32 changed files with 1339 additions and 0 deletions
@@ -0,0 +1,22 @@
+{ config, pkgs, lib, ... }:
+
+{
+  options.secrets = {
+    enable = lib.mkEnableOption "agenix secret management";
+
+    identity = lib.mkOption {
+      type = lib.types.path;
+      default = "/etc/ssh/ssh_host_ed25519_key";
+      description = "Path to the SSH host private key used for age decryption.";
+    };
+  };
+
+  config = lib.mkIf config.secrets.enable {
+    age = {
+      identityPaths = [ config.secrets.identity ];
+      secrets = { };
+    };
+
+    environment.systemPackages = with pkgs; [ agenix ];
+  };
+}