feat(hass): manage secrets.yaml via agenix

2022-05-06 03:43:06 +02:00 · 2022-05-06 03:43:06 +02:00 · f2aa7e6bbf
parent 2b906953a1
commit f2aa7e6bbf
3 changed files with 7 additions and 0 deletions
--- a/secrets/hass/secrets.age
+++ b/secrets/hass/secrets.age
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@ -28,5 +28,7 @@ in {
  "paperless.age".publicKeys = [ felschr home-pc home-server ];
  "nextcloud/admin.age".publicKeys = [ felschr home-pc home-server ];

+  # home-server
  "home-server/hostKey.age".publicKeys = [ felschr home-server ];
+  "hass/secrets.age".publicKeys = [ felschr home-server ];
 }
--- a/services/home-assistant.nix
+++ b/services/home-assistant.nix
@ -116,4 +116,9 @@ in {
    };
    # configWritable = true; # doesn't work atm
  };
+
+  age.secrets.hass-secrets = {
+    file = ../secrets/hass/secrets.age;
+    path = "/var/lib/hass/secrets.yaml";
+  };
 }