Code Monkey home page Code Monkey logo

Comments (2)

polygon avatar polygon commented on June 1, 2024 1

Probably something like

    nixosConfigurations = {
        # Main desktop
        ryzennova = 
            let base = lib.nixosSystem {
              modules = [ ./hosts/ryzennova ];
              specialArgs = { inherit inputs outputs; };
            };
            in base.extendModules {
              modules = [ 
                scalpel.nixosModules.scalpel
                <yourscalpelconfigfiles>
              ];
              specialArgs = { prev = base; };
            };
   };

from scalpel.

NovaViper avatar NovaViper commented on June 1, 2024

Thank you the info! Sorry it took a bit for me to respond back, I was fighting with sops trying to get that part working again. So far I got it added like you showed, but now I'm really confused from reading the documentation for how to implement scalpel. I got a nix module I want to replace secrets that lie inside of it with scalpel. The module basically contains HomeManager configs for setting up mbsync and my email addresses for mu. It looks like the following below (I removed alot of the uncessary stuff as they aren't relavent to the question and it's just quite long).

  sops.secrets = {
    # Add addresses!
    "uni-address" = {
      format = "yaml";
      sopsFile = ../../dots/secrets/esecrets.yaml;
    };
    "gmail-address" = {
      format = "yaml";
      sopsFile = ../../dots/secrets/esecrets.yaml;
    };
    "main-address" = {
      format = "yaml";
      sopsFile = ../../dots/secrets/esecrets.yaml;
    };
  };

  accounts.email = {
    maildirBasePath = "${config.xdg.cacheHome}/mail";
    accounts = {
      "uni" = {
        address = "!!UNI_ADDRESS!!";
        passwordCommand =
          "gpg -q --for-your-eyes-only --no-tty -d ~/.authinfo.gpg | awk '/machine smtp.gmail.com login ${config.accounts.email.accounts.uni.address}/ {print $NF}'";
        ... more stuff after here
      };
      "gmail" = {
        address = "!!GMAIL_ADDRESS!!";
        passwordCommand =
          "gpg -q --for-your-eyes-only --no-tty -d ~/.authinfo.gpg | awk '/machine smtp.gmail.com login ${config.accounts.email.accounts.gmail.address}/ {print $NF}'";
        ... more stuff after here
      };
      "mailbox" = {
        address = "!!MAIN_ADDRESS!!";
        passwordCommand =
          "gpg -q --for-your-eyes-only --no-tty -d ~/.authinfo.gpg | awk '/machine smtp.mailbox.org login ${config.accounts.email.accounts.mailbox.address}/ {print $NF}'";
        ... More stuff after here
      };
    };
  };

So I went ahead and replaced the email addresses with the placeholders as mentioned in the tutorial but I'm puzzled with how to actually get scalpel to transform these placeholders. So far I made the following below but I'm still confused on how to define the start variable and the config file variable as I just copied directly from the example used

{ config, lib, pkgs, prev, ... }:
let
  start = "${prev.config.accounts.email.accounts}";
  uniconfig = builtins.head (builtins.match ".*-c ([^[:space:]]+)" "${start}");
in
{
  systemd.services.mosquitto.serviceConfig.ExecStart = lib.mkForce (
    builtins.replaceStrings [ "${mosquitto_cfgfile}" ] [ "${config.scalpel.trafos."mosquitto.conf".destination} "] "${start}"
  );
  scalpel.trafos."mosquitto.conf" = {
    source = mosquitto_cfgfile;
    matchers."BR1_PASSWORD".secret = config.sops.secrets.br1passwd.path;
    matchers."BR2_PASSWORD".secret = config.sops.secrets.br2passwd.path;
    owner = "mosquitto";
    group = "mosquitto";
    mode = "0440";
  };
}

And the resultant mbsync file that the original makes is like this

# Generated by Home Manager.

IMAPAccount gmail
CertificateFile /etc/ssl/certs/ca-certificates.crt
Host imap.gmail.com
PassCmd "gpg -q --for-your-eyes-only --no-tty -d ~/.authinfo.gpg | awk '/machine smtp.gmail.com login [REDACTED GMAIL]/ {print $NF}'"
Port 993
SSLType IMAPS
User [REDACTED GMAIL]
...More stuff after this


IMAPAccount mailbox
CertificateFile /etc/ssl/certs/ca-certificates.crt
Host imap.mailbox.org
PassCmd "gpg -q --for-your-eyes-only --no-tty -d ~/.authinfo.gpg | awk '/machine smtp.mailbox.org login [REDACTED MAIN]/ {print $NF}'"
SSLType STARTTLS
User [REDACTED MAIN]
...More stuff after this


IMAPAccount uni
CertificateFile /etc/ssl/certs/ca-certificates.crt
Host imap.gmail.com
PassCmd "gpg -q --for-your-eyes-only --no-tty -d ~/.authinfo.gpg | awk '/machine smtp.gmail.com login  [REDACTED UNI]/ {print $NF}'"
Port 993
SSLType IMAPS
User  [REDACTED UNI]
...More stuff after this

from scalpel.

Related Issues (2)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.