System: Add github access token secret to nix config

2025-07-12 18:03:05 +02:00
parent 41e9e9e946
commit ff6710a349
3 changed files with 27 additions and 6 deletions
--- a/home/christoph/default.nix
+++ b/home/christoph/default.nix
@ -302,7 +302,10 @@
        # Because we can't access the absolute path /run/secrets/... we have to symlink.
        # This will create a chain of links leading to /run/secrets/... without /nix/store
        # containing the secret contents.
-        ".ssh/id_ed25519".source = config.lib.file.mkOutOfStoreSymlink "${nixosConfig.sops.secrets.ssh-private-key.path}";
+        ".ssh/id_ed25519".source =
+          config.lib.file.mkOutOfStoreSymlink
+          nixosConfig.sops.secrets.ssh-private-key.path;
+
        ".ssh/id_ed25519.pub".text = "${publicKeys.${username}.ssh}";

        ".secrets/age/age.pub".text = "${publicKeys.${username}.age}";
@ -317,6 +320,10 @@
                - age:
                  - *${username}
        '';
+
+        ".config/nix/nix.conf".source =
+          config.lib.file.mkOutOfStoreSymlink
+          nixosConfig.sops.templates."nix.conf".path;
      }
      (lib.mkIf nixosConfig.modules.desktopportal.termfilechooser.enable {
        ".config/xdg-desktop-portal-termfilechooser/config".text = ''