wrap agenix, server changes

modules/common/agenix.nix

@@ -1,10 +1,8 @@
 {
   dirUtils,
-  inputs,
   lib,
   ...
 }: {
-  environment.systemPackages = [inputs.agenix.packages.x86_64-linux.default];
   age = {
     identityPaths = [
       "/home/quadradical/.ssh/id_ed25519"

modules/common/packages.nix

@@ -1,6 +1,7 @@
 {pkgs, ...}: {
   environment.systemPackages = with pkgs; [
     fd
+    glib
     tldr
     killall
     ripgrep

modules/server/ssh.nix

@@ -1,10 +1,7 @@
 {
+  users.users.quadradical.openssh.authorizedKeys.keys = import ../../secrets/keys.nix;
   services.openssh = {
     enable = true;
-    knownHosts.quadraticpc.publicKeyFile = builtins.fetchurl {
-      url = "https://github.com/Henry-Hiles.keys";
-      sha256 = "1k73c228rgzq7ymf5vaj6wfqzkqm6yzq5lq0syb7mzbrvngvr2jc";
-    };
     settings = {
       PasswordAuthentication = true; # TODO: False
       AllowUsers = ["quadradical"];

secrets/keys.nix

@@ -0,0 +1,5 @@
+with builtins;
+  filter isString (split "\n" (readFile (fetchurl {
+    url = "https://github.com/Henry-Hiles.keys";
+    sha256 = "1k73c228rgzq7ymf5vaj6wfqzkqm6yzq5lq0syb7mzbrvngvr2jc";
+  })))

wrappers/common/agenix.nix

@@ -0,0 +1,6 @@
+{inputs, ...}: {
+  wrappers.agenix = {
+    basePackage = inputs.agenix.packages.x86_64-linux.default;
+    env.RULES.value = "keys.nix";
+  };
+}

wrappers/default.nix

@@ -8,6 +8,7 @@
   environment.systemPackages = with dirUtils; [
     (inputs.wrapper-manager.lib.build {
       inherit pkgs;
+      specialArgs = {inherit inputs;};
       modules = dirFiles ".nix" ./common ++ opt isDesktop (dirFiles ".nix" ./common-desktop);
     })
   ];