wip agenix changes

clients/quadraticserver/forgejo.nix

@@ -13,6 +13,7 @@
       settings = {
         service.DISABLE_REGISTRATION = true;
         repository.GO_GET_CLONE_URL_PROTOCOL = "ssh";
+        actions.DEFAULT_ACTIONS_URL = "github";
 
         server = {
           DOMAIN = domain;

flake.lock

@@ -10,15 +10,15 @@
         "systems": "systems"
       },
       "locked": {
-        "lastModified": 1742517297,
-        "narHash": "sha256-VjwwSOo+GguEgQfIffuzOjEzuDzSVmkp79P66BkGVSE=",
-        "owner": "Henry-Hiles",
+        "lastModified": 1736955230,
+        "narHash": "sha256-uenf8fv2eG5bKM8C/UvFaiJMZ4IpUFaQxk9OH5t/1gA=",
+        "owner": "ryantm",
         "repo": "agenix",
-        "rev": "bb138ac0e555de4f434b842099afd5e6c30b942b",
+        "rev": "e600439ec4c273cf11e06fe4d9d906fb98fa097c",
         "type": "github"
       },
       "original": {
-        "owner": "Henry-Hiles",
+        "owner": "ryantm",
         "repo": "agenix",
         "type": "github"
       }

flake.nix

@@ -3,7 +3,7 @@
     nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-unstable";
     simple-nixos-mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver";
     agenix = {
-      url = "github:Henry-Hiles/agenix";
+      url = "github:ryantm/agenix";
       inputs.nixpkgs.follows = "nixpkgs";
     };
     home-manager = {

wrappers/common/agenix.nix

@@ -1,6 +1,17 @@
-{inputs, ...}: {
+{pkgs, ...}: {
   wrappers.agenix = {
-    basePackage = inputs.agenix.packages.x86_64-linux.default;
-    env.RULES.value = "keys.nix";
+    basePackage = pkgs.agenix-cli;
+
+    env.AGENIX_ROOT.value = let
+      path = ".agenix.toml";
+    in
+      pkgs.writeTextDir path (builtins.readFile (pkgs.writers.writeTOML path {
+        paths = [
+          {
+            glob = "**";
+            identities = import ../../secrets/keys.nix;
+          }
+        ];
+      }));
   };
 }