From 8af97609c6596f62780745a0e4b7c12c520946e5 Mon Sep 17 00:00:00 2001
From: ene <ene@sils.li>
Date: Sun, 9 Apr 2023 12:59:18 +0200
Subject: Fix(secrets): Secrets now work

---
 flake.lock                            | 151 +++++++++++++++++++++++++++++-----
 flake.nix                             |   7 +-
 flake/nixosConfigurations/default.nix |  10 ++-
 home-manager/config/nheko/default.nix | 110 ++++++++++++-------------
 secrets/default.nix                   |   9 +-
 secrets/nheko                         |  59 ++++++++++---
 secrets/secrets.nix                   |   9 +-
 7 files changed, 255 insertions(+), 100 deletions(-)

diff --git a/flake.lock b/flake.lock
index 92017507..6f8b9635 100644
--- a/flake.lock
+++ b/flake.lock
@@ -21,6 +21,28 @@
         "type": "github"
       }
     },
+    "agenix_2": {
+      "inputs": {
+        "darwin": "darwin_2",
+        "nixpkgs": [
+          "ragenix",
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1677126346,
+        "narHash": "sha256-4s+PPGC1M07QsPyeye5drc2JLa1lhDnCV3XAsG8+pH4=",
+        "owner": "ryantm",
+        "repo": "agenix",
+        "rev": "c2a71c83c70844c5e31db69347e86af080bcdad0",
+        "type": "github"
+      },
+      "original": {
+        "owner": "ryantm",
+        "repo": "agenix",
+        "type": "github"
+      }
+    },
     "crane": {
       "inputs": {
         "flake-compat": "flake-compat",
@@ -48,12 +70,12 @@
     "crane_2": {
       "inputs": {
         "flake-compat": "flake-compat_2",
-        "flake-utils": "flake-utils_3",
+        "flake-utils": "flake-utils_4",
         "nixpkgs": [
           "river_init_lesser",
           "nixpkgs"
         ],
-        "rust-overlay": "rust-overlay_3"
+        "rust-overlay": "rust-overlay_4"
       },
       "locked": {
         "lastModified": 1676846788,
@@ -72,12 +94,12 @@
     "crane_3": {
       "inputs": {
         "flake-compat": "flake-compat_3",
-        "flake-utils": "flake-utils_5",
+        "flake-utils": "flake-utils_6",
         "nixpkgs": [
           "strip_js_comments",
           "nixpkgs"
         ],
-        "rust-overlay": "rust-overlay_4"
+        "rust-overlay": "rust-overlay_5"
       },
       "locked": {
         "lastModified": 1675902425,
@@ -96,12 +118,12 @@
     "crane_4": {
       "inputs": {
         "flake-compat": "flake-compat_4",
-        "flake-utils": "flake-utils_7",
+        "flake-utils": "flake-utils_8",
         "nixpkgs": [
           "yambar_cpu",
           "nixpkgs"
         ],
-        "rust-overlay": "rust-overlay_5"
+        "rust-overlay": "rust-overlay_6"
       },
       "locked": {
         "lastModified": 1677892403,
@@ -120,12 +142,12 @@
     "crane_5": {
       "inputs": {
         "flake-compat": "flake-compat_5",
-        "flake-utils": "flake-utils_9",
+        "flake-utils": "flake-utils_10",
         "nixpkgs": [
           "yambar_memory",
           "nixpkgs"
         ],
-        "rust-overlay": "rust-overlay_6"
+        "rust-overlay": "rust-overlay_7"
       },
       "locked": {
         "lastModified": 1677642623,
@@ -163,6 +185,29 @@
         "type": "github"
       }
     },
+    "darwin_2": {
+      "inputs": {
+        "nixpkgs": [
+          "ragenix",
+          "agenix",
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1673295039,
+        "narHash": "sha256-AsdYgE8/GPwcelGgrntlijMg4t3hLFJFCRF3tL5WVjA=",
+        "owner": "lnl7",
+        "repo": "nix-darwin",
+        "rev": "87b9d090ad39b25b2400029c64825fc2a8868943",
+        "type": "github"
+      },
+      "original": {
+        "owner": "lnl7",
+        "ref": "master",
+        "repo": "nix-darwin",
+        "type": "github"
+      }
+    },
     "flake-compat": {
       "flake": false,
       "locked": {
@@ -273,6 +318,21 @@
         "type": "github"
       }
     },
+    "flake-utils_11": {
+      "locked": {
+        "lastModified": 1676283394,
+        "narHash": "sha256-XX2f9c3iySLCw54rJ/CZs+ZK6IQy7GXNY4nSOyu2QG4=",
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "rev": "3db36a8b464d0c4532ba1c7dda728f4576d6d073",
+        "type": "github"
+      },
+      "original": {
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "type": "github"
+      }
+    },
     "flake-utils_2": {
       "locked": {
         "lastModified": 1676283394,
@@ -320,11 +380,11 @@
     },
     "flake-utils_5": {
       "locked": {
-        "lastModified": 1667395993,
-        "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
+        "lastModified": 1676283394,
+        "narHash": "sha256-XX2f9c3iySLCw54rJ/CZs+ZK6IQy7GXNY4nSOyu2QG4=",
         "owner": "numtide",
         "repo": "flake-utils",
-        "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
+        "rev": "3db36a8b464d0c4532ba1c7dda728f4576d6d073",
         "type": "github"
       },
       "original": {
@@ -350,11 +410,11 @@
     },
     "flake-utils_7": {
       "locked": {
-        "lastModified": 1676283394,
-        "narHash": "sha256-XX2f9c3iySLCw54rJ/CZs+ZK6IQy7GXNY4nSOyu2QG4=",
+        "lastModified": 1667395993,
+        "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
         "owner": "numtide",
         "repo": "flake-utils",
-        "rev": "3db36a8b464d0c4532ba1c7dda728f4576d6d073",
+        "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
         "type": "github"
       },
       "original": {
@@ -485,10 +545,33 @@
         "type": "github"
       }
     },
+    "ragenix": {
+      "inputs": {
+        "agenix": "agenix_2",
+        "flake-utils": "flake-utils_3",
+        "nixpkgs": [
+          "nixpkgs"
+        ],
+        "rust-overlay": "rust-overlay_3"
+      },
+      "locked": {
+        "lastModified": 1677625082,
+        "narHash": "sha256-62xmRPfjZgDn8AgEhb6eRoJrTxGeM8HfhfF+PkJokok=",
+        "owner": "yaxitech",
+        "repo": "ragenix",
+        "rev": "6f2dacf3d6af36228a8fad3b136990a6b6dfe30b",
+        "type": "github"
+      },
+      "original": {
+        "owner": "yaxitech",
+        "repo": "ragenix",
+        "type": "github"
+      }
+    },
     "river_init_lesser": {
       "inputs": {
         "crane": "crane_2",
-        "flake-utils": "flake-utils_4",
+        "flake-utils": "flake-utils_5",
         "nixpkgs": [
           "nixpkgs"
         ]
@@ -515,6 +598,7 @@
         "impermanence": "impermanence",
         "neovim_config": "neovim_config",
         "nixpkgs": "nixpkgs",
+        "ragenix": "ragenix",
         "river_init_lesser": "river_init_lesser",
         "shell-library": "shell-library",
         "snap-sync": "snap-sync",
@@ -578,6 +662,31 @@
       }
     },
     "rust-overlay_3": {
+      "inputs": {
+        "flake-utils": [
+          "ragenix",
+          "flake-utils"
+        ],
+        "nixpkgs": [
+          "ragenix",
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1676687290,
+        "narHash": "sha256-DP0CJ7qtUXf+mmMglJL1yANizzV1O4UfQ9NrKgy7O04=",
+        "owner": "oxalica",
+        "repo": "rust-overlay",
+        "rev": "bdccd5e973d45159f7d13f7c65a4271dc02cf6d4",
+        "type": "github"
+      },
+      "original": {
+        "owner": "oxalica",
+        "repo": "rust-overlay",
+        "type": "github"
+      }
+    },
+    "rust-overlay_4": {
       "inputs": {
         "flake-utils": [
           "river_init_lesser",
@@ -604,7 +713,7 @@
         "type": "github"
       }
     },
-    "rust-overlay_4": {
+    "rust-overlay_5": {
       "inputs": {
         "flake-utils": [
           "strip_js_comments",
@@ -631,7 +740,7 @@
         "type": "github"
       }
     },
-    "rust-overlay_5": {
+    "rust-overlay_6": {
       "inputs": {
         "flake-utils": [
           "yambar_cpu",
@@ -658,7 +767,7 @@
         "type": "github"
       }
     },
-    "rust-overlay_6": {
+    "rust-overlay_7": {
       "inputs": {
         "flake-utils": [
           "yambar_memory",
@@ -720,7 +829,7 @@
     "strip_js_comments": {
       "inputs": {
         "crane": "crane_3",
-        "flake-utils": "flake-utils_6",
+        "flake-utils": "flake-utils_7",
         "nixpkgs": [
           "nixpkgs"
         ],
@@ -805,7 +914,7 @@
     "yambar_cpu": {
       "inputs": {
         "crane": "crane_4",
-        "flake-utils": "flake-utils_8",
+        "flake-utils": "flake-utils_9",
         "nixpkgs": [
           "nixpkgs"
         ]
@@ -827,7 +936,7 @@
     "yambar_memory": {
       "inputs": {
         "crane": "crane_5",
-        "flake-utils": "flake-utils_10",
+        "flake-utils": "flake-utils_11",
         "nixpkgs": [
           "nixpkgs"
         ]
diff --git a/flake.nix b/flake.nix
index 959eb8ed..e7906724 100644
--- a/flake.nix
+++ b/flake.nix
@@ -13,6 +13,10 @@
       url = "github:ryantm/agenix";
       inputs.nixpkgs.follows = "nixpkgs";
     };
+    ragenix = {
+      url = "github:yaxitech/ragenix";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
     impermanence = {
       url = "github:nix-community/impermanence";
     };
@@ -89,7 +93,6 @@
           "steam"
           "steam-original"
         ];
-
       inherit system;
     };
   in {
@@ -145,7 +148,7 @@
     };
     devShells."${system}" = {
       default = pkgs.mkShell {
-        packages = with pkgs; [nil alejandra statix];
+        packages = with pkgs; [nil alejandra statix inputs.ragenix.packages."${system}".default];
       };
     };
   };
diff --git a/flake/nixosConfigurations/default.nix b/flake/nixosConfigurations/default.nix
index ccd71e7b..b8242a64 100644
--- a/flake/nixosConfigurations/default.nix
+++ b/flake/nixosConfigurations/default.nix
@@ -17,14 +17,14 @@
           pkgs
           sysLib
           # extra information
-          
+
           system
           ;
 
         inherit
           (inputs)
           # bins
-          
+
           yambar_cpu
           yambar_memory
           strip_js_comments
@@ -32,19 +32,21 @@
           grades
           shell-library
           # external deps
-          
+
           user_js
           neovim_config
           snap-sync
           # modules
-          
+
           impermanence
           ;
       };
     };
   };
+  ageConfig = import ../../secrets;
   defaultModules = [
     inputs.agenix.nixosModules.default
+    ageConfig
 
     # inputs.home-manager.nixosModules.home-manager
     (import "${inputs.home-manager}/nixos")
diff --git a/home-manager/config/nheko/default.nix b/home-manager/config/nheko/default.nix
index 176a8a3c..c26a2a12 100644
--- a/home-manager/config/nheko/default.nix
+++ b/home-manager/config/nheko/default.nix
@@ -7,61 +7,61 @@
 }: {
   programs.nheko = {
     enable = true;
-    settings = {
-      general.disable_certificate_validation = false;
-
-      auth = {
-        # TODO This saves the token world readable in the store, but I don't see a better option yet
-        #access_token = lib.replaceStrings ["\n"] [""] (builtins.readFile "${nixosConfig.age.secrets.nheko.path}");
-        device_id = "BAEZYLUEKE";
-        home_server = "https://matrix.sils.li:443";
-        user_id = "@@ene:sils.li";
-      };
-
-      settings.scale_factor = 1.0;
-
-      user = {
-        alert_on_notification = true;
-        animate_images_on_hover = true;
-        automatically_share_keys_with_trusted_users = false;
-        avatar_circles = true;
-        bubbles_enabled = false;
-        decrypt_notificatons = true;
-        decrypt_sidebar = true;
-        desktop_notifications = true;
-        emoji_font_family = "emoji";
-        expose_dbus_api = false;
-        fancy_effects = true;
-
-        font_family = "Source Code Pro";
-        font_size = 9;
-
-        group_view = true;
-        invert_enter_key = false;
-        markdown_enabled = true;
-        minor_events = true;
-        mobile_mode = false;
-        muted_tags = "global";
-        online_key_backup = true;
-        only_share_keys_with_verified_users = false;
-        open_image_external = false;
-        open_video_external = false;
-        presence = "AutomaticPresence";
-        privacy_screen = true;
-        privacy_screen_timeout = 0;
-        read_receipts = true;
-        small_avatars_enabled = false;
-        sort_by_unread = true;
-        space_notifications = true;
-        theme = "dark";
-        "timeline\\buttons" = true;
-        "timeline\\enlarge_emoji_only_msg" = false;
-        "timeline\\message_hover_highlight" = true;
-        typing_notifications = true;
-        use_identicon = true;
-        use_stun_server = false;
-      };
-    };
+    # settings = {
+    #      general.disable_certificate_validation = false;
+    #
+    #      auth = {
+    #        # TODO This saves the token world readable in the store, but I don't see a better option yet
+    #        #access_token = lib.replaceStrings ["\n"] [""] (builtins.readFile "${nixosConfig.age.secrets.nheko.path}");
+    #        device_id = "BAEZYLUEKE";
+    #        home_server = "https://matrix.sils.li:443";
+    #        user_id = "@@ene:sils.li";
+    #      };
+    #
+    #      settings.scale_factor = 1.0;
+    #
+    #      user = {
+    #        alert_on_notification = true;
+    #        animate_images_on_hover = true;
+    #        automatically_share_keys_with_trusted_users = false;
+    #        avatar_circles = true;
+    #        bubbles_enabled = false;
+    #        decrypt_notificatons = true;
+    #        decrypt_sidebar = true;
+    #        desktop_notifications = true;
+    #        emoji_font_family = "emoji";
+    #        expose_dbus_api = false;
+    #        fancy_effects = true;
+    #
+    #        font_family = "Source Code Pro";
+    #        font_size = 9;
+    #
+    #        group_view = true;
+    #        invert_enter_key = false;
+    #        markdown_enabled = true;
+    #        minor_events = true;
+    #        mobile_mode = false;
+    #        muted_tags = "global";
+    #        online_key_backup = true;
+    #        only_share_keys_with_verified_users = false;
+    #        open_image_external = false;
+    #        open_video_external = false;
+    #        presence = "AutomaticPresence";
+    #        privacy_screen = true;
+    #        privacy_screen_timeout = 0;
+    #        read_receipts = true;
+    #        small_avatars_enabled = false;
+    #        sort_by_unread = true;
+    #        space_notifications = true;
+    #        theme = "dark";
+    #        "timeline\\buttons" = true;
+    #        "timeline\\enlarge_emoji_only_msg" = false;
+    #        "timeline\\message_hover_highlight" = true;
+    #        typing_notifications = true;
+    #        use_identicon = true;
+    #        use_stun_server = false;
+    #      };
+    #    };
   };
 }
 # vim: ts=2
diff --git a/secrets/default.nix b/secrets/default.nix
index 5462e4d8..7577b8f3 100644
--- a/secrets/default.nix
+++ b/secrets/default.nix
@@ -1,8 +1,13 @@
-{config, ...}: {
+{...}: {
   age = {
-    identityPaths = ["/home/soispha/.ssh/id_ed25519"];
     secrets.nheko = {
       file = ./nheko;
+      path = "/home/soispha/.config/nheko/nheko.conf"; # TODO use xdgConfigHome
+      mode = "700";
+      owner = "soispha";
+      group = "users";
     };
   };
 }
+# vim: ts=2
+
diff --git a/secrets/nheko b/secrets/nheko
index bda46cb6..2e371bdf 100644
--- a/secrets/nheko
+++ b/secrets/nheko
@@ -1,11 +1,48 @@
-age-encryption.org/v1
--> ssh-ed25519 iv0Cfg evi+poJEQEwkKUjKS1H79C2M9j4a1QtKVFShPdlQOB0
-FKSfqUvF2wG3otJ2rY38htOfsY9NQkjXu9LOiSklGZo
--> ssh-ed25519 KLPP8w Sy4Dp+SKownQjB2o7xBZD1fkPcrFksBJUdrf+KYmlDQ
-r9IUP1vP0exnJMD/y/zeuQXmQBZ8LbJEltk8nL+jQRY
--> }P,R5-grease T|\P8?C Ut7<F@3.
-B1oKq9WyQYHAVZC0DNM1w99po0jWheKx693EZsafU46YRf31ZBM/QZVuSHYq3AvZ
-TTOm2nd5MU5fxEPtzXRfA1MhvjLKO+TVooovpLIDbe7OTDbuP0OGNLLimr4EOCWv
-Zg
---- gVsq7F0ECC4XLRUKFUzxv6Dr8nk25A9Ww1pUXSh9CUQ
-çµª‡Xõ	€ÙMÊ0m'CÏ2Â³Î?ªÝ{m¯Ç [3ŽÖ:¡­F´x·ùÿt‡‡ÛÊ	c}¾)ú|°%M×=êš
\ No newline at end of file
+-----BEGIN AGE ENCRYPTED FILE-----
+YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBIZmFkMWRzdGRqQm9oM0gx
+RnFER0N3a0h4cEE5TU83K01MdXhLWnc2VnhJCkgyVUErTStqek45VzNwQ0dPWWo4
+WC82eURKejZra0c3WDNJMnNIWjZqL3cKLT4gc3NoLWVkMjU1MTkgelpFb25nIHBK
+bVptTGNpcDFCcGhjb0RybUo1YmhDK2Z2bno3MmZjS3BZM0pLWWgzRUUKQkE3bjhY
+V3owQkxwK1FnUmtkMG5jZ3daQ3FwWTI5UCtkT0hRYXFBd2tjMAotPiB1LWdyZWFz
+ZSA5QSBhay1wVQpyK05FNHFvK0t6eFY3dmQ5aVpZcnZCSngvM1RBTmJwcFlwM21M
+SlF4aGdLdXBuWkdQeVl3MFQ2akhZb3lrZ3ZkCmFKZGRNVzRBNEwxbTgrNFI4eUZs
+UFVZOUEvU1JaM0hHaWt5OXZ4azZlbVRtRS8yR0NvQ2VuUQotLS0gb0NWUzVzei84
+T2U1SmZqZnhseGd5Zjl6U0U3ZU1ibGN1OHFlMnVmOTYvOArIMsEEOPQ13ptV2Dq6
+Ykn2she2LIA9I8hIJklYttWfBW85VwWqS39i1oxDycYnYuVRHYwnhrYebZklzcat
+uVpNpHAzBLBcX/eAYcapN8NOuPmeJwNNzSvKplsobgxbQzjlscpgKqV5gmjKu2rd
+c5/c5wmNvMfYvsETAt519rRu5vF8tsrhLbFWgqkddB4dymaXkZUuqNQwxFGDNyfT
+s9JTLInZKLk2lS7Tifp6wfBZmg5Rpr/nQffAd6CPTnNYnKIaOdZzx9lfTia7/lkP
+qF3mZq1MVN9pJGsVw8S24Kmf2kxf30G70TOxanxn8CjEeOrWUAd88d/tg/X84G/j
+F8vLF9zzzKqRD3QcmY3L9JNjn7ldD0eDGL+8KhUKEJ9uQVUobTy+pwR+xQzvaH4K
+JCF7W3A5hbY1UvAJqB7jcTJf8Ct5nvA5Twjw7UVr3ztTGcV7AqeJ/GkiD4js/Rn1
+NCDzhiqAVhhhru2wDyRot8N2Wr5uAtttNBQbt1fPcywDmFv99AeCe1O59+wAPbHh
+qAOUyEKGvH6mHXyyBKeDKb6nHhTC5dR0Ipq2v6rxUvfGUbyzE6AUkLefcYfTxt+3
+e5H65MKMk3XIAbFrWfW4E6RgRJwxhLb99ewJNF1lXS8GG9I3KobAlvNFW5gztjDA
+XCW/yTZzt/2iD0qIKCloyAZ0QikRpyDkGbnTPqL6yB9u+STKs9Gc9JiaMQUmZHEr
+pWIYU6yC3SHZ/7x08Q1STGfagf87pRNPGjHi80PglsXoDJKIeYepK3XnUw/0D/zG
+e5ogQr8pDyLITRHIXk4h4HDxxJJDwRKzie46WnSwzdScl+7VnBEBkvgS2xWQoDKh
+sdkk1+CdLJzUmupkyxE/nL37bPvpjyuTVEx8G3Aus9RonrgWcbyrz+4h5J+5RZ3K
+cQ4kOMoB2hCDMNvQjW6Q8qszT5/sid9gNkJonJefivYg1UAIcm4UjhxFVdvrZIP0
+oJymTP1a+yM2w6pCy2iAGpzCxk7fYlxHRVduQYKxp2TufT1Gn3HMgg3TSfGVddbX
+fp3vx135tQJNFC8kj9K5vES1iJHvDBxm+3nzwdpizxUXzME1anQC8abQ1Q1icMl3
+ZWxsSwK91HFqvcl6wSZOgNZmjB0w+ID1XKP3nOyEf+iZiNRpPUnXAM8AOM5esr7r
+RM69v18z5sVKhvYWZixpHh1l2KAfnlfDTJw0PZEtmw1TtZZQ9B1Wu8TMhPCUZCto
+ohIt94l07fKQEPitaa6Ztfi8Pg3Ki4XJGdGPNyfAKIVqXi4MjrfoUWb3a6snwgtW
+drg03vr1SpmkXV7oUo42/i5IWIYZFFkO2ZBnv4foJkTnN8aDt+I0dwsfRli2DOpq
+gIQZXIYYNSRGa+lFVyfrJtPYYU6aYbYtMxb9zkR6zV0j03EaOIqMOdX5lRtFP/jL
+PFCnNaH9kd8MZky7vbG2rimaOKP4VfYGveTMB42iYXtkS7TOQhKmBQTo0oFrh+MA
+c6qkcVVFm0YHUjsNzIRZkYS8j81sYl4ef96AjTQwOww+5C6GhZviMNT6p4NSr+nQ
+tczff5V+cNR1tpdrWPERnM3eUFSBAMHuRvDbEI3BOLs4KGaOLQZyHcgx/1Y3VwAZ
+0Fxu6DRHazD7GVj31MnG9+hG0cUBO/q/Jp12Ied4ccnu5QUSciLuEIQUIf/ENNOJ
+XsfC+LqEfBxsp38JevjtW+B/8ZYhLDQniy8JlB3JC/dU6I7uN70CDCl8a/uxOGCP
+rl/fMJQkH80/dLS5S/a2IjONysuO6lmWvyhK7V71HLB9C+DuV37wwkwwyDbTaOxU
+IPhmyzWLN3INfVDsv5KsEEldCjarqTeinr6AT+0XKwzM7gpVA1CYU3xxfYmqjNpK
+nrv1t/lbxOWZnRv2kkd68UGN1rne4ziQsCcdkHwMEvbb5zp/EfXYbilC2GVYb+cG
+PWobob3T72qG4ovyXNxWWRA3aabbsqNpXByLYZG2/lgwyr8qyPSjg7YQ7LGe5rpM
+8BY6J3h7ANyNMQUM3Hc3WSIw35iWNl/9zpCJJaPUbs8nDIv/9bu5tpku4WKn+QeV
+qcbiwgDyxLMgpjt6s1ouwzMp8q/ektpF3G2Kz6rEx2XwfWXKanl08Diwdknq0tx3
+qSecRVdoDjOdP5xK2iR3UYhfeVzbbkRh44JqkdsF2pto5wjdL5lcIyZ6iP1A1ptx
+qozfsvH17jPuvvNmFtgKNL013DxVPjytcQbkqFLt8KC5Jk2gg5zI7yUl/ApcgIS0
+DroMxIsAMt8F/2POJB9vlBoDbI/2KBIA/nRS8wnC1mMNXt6uM250eIb1TOObSKTp
+ecg5zso8afDyHJI=
+-----END AGE ENCRYPTED FILE-----
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index 7540e74b..4d5effe9 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -1,9 +1,8 @@
-# vim: ts=2
 let
-  user1 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL8QLS9IonN8Rhp1yZGDBWc0UoTLH6yQuXWKctorDZNy";
+  soispha = "age1mshh4ynzhhzhff25tqwkg4j054g3xwrfznh98ycchludj9wjj48qn2uffn";
 
-  # TODO add the ssh-key of the targeted host
-  system1 = "";
+  tiamat = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMD87QQIUXdEv3TaNRrI9clD9VgpsuVLFg2CrNGa5lVB";
 in {
-  "nheko".publicKeys = [user1 system1];
+  "nheko".publicKeys = [soispha tiamat];
 }
+# vim: ts=2
-- 
cgit 1.4.1