From b4cc4eab4d8bc105312dc238f1187809bcfad721 Mon Sep 17 00:00:00 2001
From: Henry-Hiles <henry@henryhiles.com>
Date: Sat, 22 Mar 2025 22:11:05 -0400
Subject: [PATCH] wrap agenix, server changes

---
 modules/common/agenix.nix   | 2 --
 modules/common/packages.nix | 1 +
 modules/server/ssh.nix      | 5 +----
 secrets/keys.nix            | 5 +++++
 wrappers/common/agenix.nix  | 6 ++++++
 wrappers/default.nix        | 1 +
 6 files changed, 14 insertions(+), 6 deletions(-)
 create mode 100644 secrets/keys.nix
 create mode 100644 wrappers/common/agenix.nix

diff --git a/modules/common/agenix.nix b/modules/common/agenix.nix
index 1445987..82769db 100644
--- a/modules/common/agenix.nix
+++ b/modules/common/agenix.nix
@@ -1,10 +1,8 @@
 {
   dirUtils,
-  inputs,
   lib,
   ...
 }: {
-  environment.systemPackages = [inputs.agenix.packages.x86_64-linux.default];
   age = {
     identityPaths = [
       "/home/quadradical/.ssh/id_ed25519"
diff --git a/modules/common/packages.nix b/modules/common/packages.nix
index 1f3ac13..d53c1e5 100644
--- a/modules/common/packages.nix
+++ b/modules/common/packages.nix
@@ -1,6 +1,7 @@
 {pkgs, ...}: {
   environment.systemPackages = with pkgs; [
     fd
+    glib
     tldr
     killall
     ripgrep
diff --git a/modules/server/ssh.nix b/modules/server/ssh.nix
index 1964781..1c3c971 100644
--- a/modules/server/ssh.nix
+++ b/modules/server/ssh.nix
@@ -1,10 +1,7 @@
 {
+  users.users.quadradical.openssh.authorizedKeys.keys = import ../../secrets/keys.nix;
   services.openssh = {
     enable = true;
-    knownHosts.quadraticpc.publicKeyFile = builtins.fetchurl {
-      url = "https://github.com/Henry-Hiles.keys";
-      sha256 = "1k73c228rgzq7ymf5vaj6wfqzkqm6yzq5lq0syb7mzbrvngvr2jc";
-    };
     settings = {
       PasswordAuthentication = true; # TODO: False
       AllowUsers = ["quadradical"];
diff --git a/secrets/keys.nix b/secrets/keys.nix
new file mode 100644
index 0000000..44c14dc
--- /dev/null
+++ b/secrets/keys.nix
@@ -0,0 +1,5 @@
+with builtins;
+  filter isString (split "\n" (readFile (fetchurl {
+    url = "https://github.com/Henry-Hiles.keys";
+    sha256 = "1k73c228rgzq7ymf5vaj6wfqzkqm6yzq5lq0syb7mzbrvngvr2jc";
+  })))
diff --git a/wrappers/common/agenix.nix b/wrappers/common/agenix.nix
new file mode 100644
index 0000000..47653db
--- /dev/null
+++ b/wrappers/common/agenix.nix
@@ -0,0 +1,6 @@
+{inputs, ...}: {
+  wrappers.agenix = {
+    basePackage = inputs.agenix.packages.x86_64-linux.default;
+    env.RULES.value = "keys.nix";
+  };
+}
diff --git a/wrappers/default.nix b/wrappers/default.nix
index 1065a5a..22a7108 100644
--- a/wrappers/default.nix
+++ b/wrappers/default.nix
@@ -8,6 +8,7 @@
   environment.systemPackages = with dirUtils; [
     (inputs.wrapper-manager.lib.build {
       inherit pkgs;
+      specialArgs = {inherit inputs;};
       modules = dirFiles ".nix" ./common ++ opt isDesktop (dirFiles ".nix" ./common-desktop);
     })
   ];