From 91b3c9887c316c2b54eba0511ec48bb08f157bb4 Mon Sep 17 00:00:00 2001 From: Steffen Illium Date: Tue, 29 Jul 2025 15:58:33 +0200 Subject: [PATCH] git secret handling --- program-homemanager.nix | 35 ++++++++++++++++++++++++++++------- 1 file changed, 28 insertions(+), 7 deletions(-) diff --git a/program-homemanager.nix b/program-homemanager.nix index 17eb2c8..47f49c3 100644 --- a/program-homemanager.nix +++ b/program-homemanager.nix @@ -6,23 +6,44 @@ in imports = [ (import "${home-manager}/nixos") ]; + # Home-manager configuration for the root user + home-manager.users.root = { + home.stateVersion = config.vars.stateVersion; # Set to your current home-manager version + + programs.git = { + enable = true; + userName = config.vars.hm_git_username; + userEmail = config.vars.usermail; + extraConfig = { + credential.helper = "${pkgs.git.override { withLibsecret = true; }}/bin/git-credential-libsecret"; + }; + }; + }; + home-manager.users."${config.vars.username}" = { /* The home.stateVersion option does not have a default and must be set */ - home.stateVersion = "25.05"; + home.stateVersion = config.vars.stateVersion; /* Here goes the rest of your home-manager config, e.g. home.packages = [ pkgs.foo ]; */ programs.git = { enable = true; userName = config.vars.hm_git_username; - userEmail = config.vars.usermail; + userEmail = config.vars.usermail; + extraConfig = { + credential.helper = "${pkgs.git.override { withLibsecret = true; }}/bin/git-credential-libsecret"; + }; }; programs.zoxide.enable = true; programs.zoxide.enableZshIntegration = true; programs.zsh.envExtra = ["LANG=en_US.UTF-8" "EDITOR='nano'"]; - programs.ssh.matchBlocks = { - "nixconf" = { - hostname = "github.com"; - user = "${config.vars.email}"; - identityFile = "/home/${config.vars.username}/.ssh/id_nix"; + programs.ssh = { + enable = true; + addKeysToAgent = "yes"; + matchBlocks = { + "nixconf" = { + hostname = "github.com"; + user = "${config.vars.usermail}"; + identityFile = "/home/${config.vars.username}/.ssh/id_nix"; + }; }; }; };