From a253f41f515ff17a32356ff9fdb961dc8b02a5bd Mon Sep 17 00:00:00 2001 From: Aly Raffauf Date: Thu, 25 Jul 2024 18:48:07 -0400 Subject: [PATCH] aly: autostart keepassxc unlocked --- .../desktop/hyprland/scripts.nix | 2 +- homes/aly/secrets.nix | 1 + homes/aly/windowManagers/default.nix | 12 ++++++---- secrets/aly/keepassxc.age | 23 +++++++++++++++++++ secrets/secrets.nix | 13 ++++++----- 5 files changed, 39 insertions(+), 12 deletions(-) create mode 100644 secrets/aly/keepassxc.age diff --git a/homeManagerModules/desktop/hyprland/scripts.nix b/homeManagerModules/desktop/hyprland/scripts.nix index 819c91b2..0c8daf26 100644 --- a/homeManagerModules/desktop/hyprland/scripts.nix +++ b/homeManagerModules/desktop/hyprland/scripts.nix @@ -88,7 +88,7 @@ in { # Handle newly added monitors added_monitors.each do |monitor| random_background = Dir.glob(File.join(directory, '*.{png,jpg}')).sample - pid = spawn("/nix/store/azvrjs0k5ap90dcqw280xrbqlm6nkibv-swaybg-1.2.1/bin/swaybg", '-o', monitor, '-i', random_background, '-m', 'fill') + pid = spawn("${lib.getExe pkgs.swaybg}", '-o', monitor, '-i', random_background, '-m', 'fill') current_pids[monitor] = pid last_update_time[monitor] = Time.now known_monitors[monitor] = random_background diff --git a/homes/aly/secrets.nix b/homes/aly/secrets.nix index 65a1ad65..2b4f8d4d 100644 --- a/homes/aly/secrets.nix +++ b/homes/aly/secrets.nix @@ -4,6 +4,7 @@ alyraffaufFastmail.file = ../../secrets/aly/mail/alyraffauf_fastmail.age; backblazeKeyId.file = ../../secrets/aly/backblaze/keyId.age; backblazeKey.file = ../../secrets/aly/backblaze/key.age; + keepassxc.file = ../../secrets/aly/keepassxc.age; transmissionRemote = { file = ../../secrets/aly/transmissionRemote.age; diff --git a/homes/aly/windowManagers/default.nix b/homes/aly/windowManagers/default.nix index f24ad021..65155df7 100644 --- a/homes/aly/windowManagers/default.nix +++ b/homes/aly/windowManagers/default.nix @@ -3,7 +3,9 @@ lib, pkgs, ... -}: { +}: let + keepassxc = "${lib.getExe' pkgs.keepassxc "keepassxc"} --pw-stdin ${config.home.homeDirectory}/sync/Passwords.kdbx < ${config.age.secrets.keepassxc.path}"; +in { wayland.windowManager = { sway.config = { assigns = { @@ -17,7 +19,7 @@ floating.criteria = [{app_id = "org.keepassxc.KeePassXC";}]; keybindings = { - "${config.wayland.windowManager.sway.config.modifier}+P" = "exec ${lib.getExe' pkgs.keepassxc "keepassxc"}"; + "${config.wayland.windowManager.sway.config.modifier}+P" = "exec ${keepassxc}"; "${config.wayland.windowManager.sway.config.modifier}+N" = "exec ${lib.getExe' pkgs.obsidian "obsidian"}"; }; @@ -33,7 +35,7 @@ }; }; - startup = [{command = ''sleep 1 && ${lib.getExe' pkgs.keepassxc "keepassxc"}'';}]; + startup = [{command = ''sleep 1 && ${keepassxc}'';}]; window.commands = [ { @@ -47,10 +49,10 @@ bind = [ "SUPER SHIFT,N,movetoworkspace,special:notes" "SUPER,N,togglespecialworkspace,notes" - "SUPER,P,exec,${lib.getExe' pkgs.keepassxc "keepassxc"}" + "SUPER,P,exec,${keepassxc}" ]; - exec-once = ["sleep 1 && ${lib.getExe' pkgs.keepassxc "keepassxc"}"]; + exec-once = ["sleep 1 && ${keepassxc}"]; input.kb_options = "ctrl:nocaps"; diff --git a/secrets/aly/keepassxc.age b/secrets/aly/keepassxc.age new file mode 100644 index 00000000..41595645 --- /dev/null +++ b/secrets/aly/keepassxc.age @@ -0,0 +1,23 @@ +age-encryption.org/v1 +-> ssh-ed25519 xIeYNQ jNhPUqxRGL1/AgHEmzbkiVUyjEWwj0YdW05zAIyo1kk +5yhF4pbBu1RSxYXZBfr+EO2SZ7jmyilE6rabF6RnPrE +-> ssh-ed25519 g+apXg dhEVCLqN3BSJcBmqeWpsXwBFWuKxT78qds3oACPCsVA +bq6xG45TiYdLibqINhzZVWzpjAe3nYTbREErU0631Rc +-> ssh-ed25519 xZaw4A 6soVrhT7xPJd5Bz8oKtCNANxBdfkFnf6h0Vo7/PsCzk +VQmSHXgfLEQLo/eWROfZrIPnan/13cX++cHVp4jUz5I +-> ssh-ed25519 GrlIbA dgLoBxYih2VGLXsKoRGlYKB8jxLalsyX+MXV1bqSXBk +4/L8Pk39+NnObP57T56qQgg91iIPrKxl7KyiER9vPGw +-> ssh-ed25519 STQ5RA qJuOjmwNlQpvLOWljB5hT1M6rFGUy6HONSrRe/DI9EM +RSi/QojxNbZn5KTzrfyHJUgXA/xk0Ml0aXEVxv08U+g +-> ssh-ed25519 nrny8w 81xJfiA33ew6xXW+uZDFnLae/RJnUcZwuNNTBeX6sWI +aQszpGAyAXk+k6cl37/yieDgruq2OaTd+t/aPd0ixGA +-> ssh-ed25519 c7E/gQ ABPJ26sXSC6PU7EBv+xCCvNGkeKpkmhKvVaiAkvAKWM +/cpZC4H1hdvylEyt2Vh/4WR3s1+sovEQiEJcVSEQ/ho +-> ssh-ed25519 IghKlQ GTiXc4wtFZd2eeZHaEtRDtrlIXJHWLNzfp8wORVnoWE +g5k2lTqcx5nvAX09rDZkMx9sSIthrwKhjvs3R0vmgpU +-> ssh-ed25519 1mX44w xVeaRaqaIVSM7MWsW0TXmzreb5dt5lUbKYJSMrhdNiw +5byOZi2QHGStVmWCT/L3p7HpDmnQkD2tfVE1sqYqjEA +-> ssh-ed25519 FhVeqQ mXAIr6c4Ipv1p1hfdLDIYj6T7Ia0curJv0Ao+28X+mw +iYjxG756GietbM4J7bVjV23qjcOwAXP7Rf1llL6BDgo +--- NlASWbMfTtePdKOvTQ1MXypX1iPDymslSLJglpIzfxs +ÍÞ—îÄ÷éØÉ<´À)]fAXÍG·­åé«œœ$I+åO(¥g™WÐð”Úgéóö[5QôÔ)à¯LÑÄ \ No newline at end of file diff --git a/secrets/secrets.nix b/secrets/secrets.nix index bf4c36e1..23091963 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -19,13 +19,9 @@ let in { "aly/backblaze/key.age".publicKeys = keys; "aly/backblaze/keyId.age".publicKeys = keys; - "cloudflare.age".publicKeys = keys; - "lastFM/apiKey.age".publicKeys = keys; - "lastFM/secret.age".publicKeys = keys; + "aly/keepassxc.age".publicKeys = keys; "aly/mail/achacega_gmail.age".publicKeys = keys; "aly/mail/alyraffauf_fastmail.age".publicKeys = keys; - "spotify/clientId.age".publicKeys = keys; - "spotify/clientSecret.age".publicKeys = keys; "aly/syncthing/fallarbor/cert.age".publicKeys = keys; "aly/syncthing/fallarbor/key.age".publicKeys = keys; "aly/syncthing/lavaridge/cert.age".publicKeys = keys; @@ -36,8 +32,13 @@ in { "aly/syncthing/petalburg/key.age".publicKeys = keys; "aly/syncthing/rustboro/cert.age".publicKeys = keys; "aly/syncthing/rustboro/key.age".publicKeys = keys; + "aly/transmissionRemote.age".publicKeys = keys; + "cloudflare.age".publicKeys = keys; + "lastFM/apiKey.age".publicKeys = keys; + "lastFM/secret.age".publicKeys = keys; + "spotify/clientId.age".publicKeys = keys; + "spotify/clientSecret.age".publicKeys = keys; "tailscale/authKeyFile.age".publicKeys = keys; "transmission.age".publicKeys = keys; - "aly/transmissionRemote.age".publicKeys = keys; "wifi.age".publicKeys = keys; }