Set up irc, sops-guix

author: Charles Roelli <charles@aurox.ch> 2026-01-22 13:52:57 +0100
committer: Charles Roelli <charles@aurox.ch> 2026-01-22 13:52:57 +0100
commit: b085b83f1caa7b4570353cb890f35353d656046b (patch)
tree: 418dc43eeb22fe6eb1c82f8f44ca364319669844
parent: 328b79d1914450a0d47c3bc16a9769dfd816c259 (diff)
4 files changed, 76 insertions, 4 deletions
diff --git a/.emacs b/.emacs
index 0b3ecfb..0027706 100644
--- a/.emacs
+++ b/.emacs
@@ -3,8 +3,17 @@
  ;; If you edit it by hand, you could mess it up, so be careful.
  ;; Your init file should contain only one such instance.
  ;; If there is more than one, they won't work right.
+ '(auth-sources
+   (list
+    (concat "/run/user/"
+	    (string-trim (shell-command-to-string "id -u"))
+	    "/secrets/irc")))
  '(backup-directory-alist '(("." . "~/Backups")))
- '(custom-file "~/Code/home/.emacs"))
+ '(custom-file "~/Code/home/.emacs")
+ '(rcirc-server-alist
+   '(("thulcandra.adnoto.dev" :nick "charlesroelli" :port 6697 :user-name
+      "charlesroelli/irc.libera.chat@laptop" :full-name
+      "Charles Roelli" :encryption tls))))
 (custom-set-faces
  ;; custom-set-faces was added by Custom.
  ;; If you edit it by hand, you could mess it up, so be careful.
diff --git a/.sops.yaml b/.sops.yaml
new file mode 100644
index 0000000..3a53548
--- /dev/null
+++ b/.sops.yaml
@@ -0,0 +1,8 @@
+keys:
+    - &user_user1 7FD6B0941B3468AE6F1904AED3C909F4ADEF6FE2
+
+creation_rules:
+    - path_regex: .*common\.yaml$
+      key_groups:
+          - pgp:
+                - *user_user1
diff --git a/common.yaml b/common.yaml
new file mode 100644
index 0000000..40d4376
--- /dev/null
+++ b/common.yaml
@@ -0,0 +1,32 @@
+irc: ENC[AES256_GCM,data:ik2F3AoH/kEEdmA60AAkXKQeS8VWGr6ShRLPkH6UgIpOIa7zA2EVzXDbGsa5iD95nMw21nOeNDevuQvHZ7Gq48d9LE9dCoIxCIzim1dKuZirTn7top7JAp0i63TL8KQTktfRnie8Fb8vwnjO,iv:OhsCEIGO6CMIafAD7nuA2It20LLb4wQQ5376Ixzl3nY=,tag:SOt+/26lbs7kaWHESGTmUA==,type:str]
+sops:
+    kms: []
+    gcp_kms: []
+    azure_kv: []
+    hc_vault: []
+    age: []
+    lastmodified: "2026-01-22T12:29:06Z"
+    mac: ENC[AES256_GCM,data:iQ/kl2kAJrSF3GBFHvkwvTTcfAdwNAczzLyCaZWHllwOiXj+tUfXSoEQ2ql2AN7oXyQcv2fmHyoyL0FoZiwY3NFzwHG+ruaoGSRBeSTzM1ITgdg5Twz134KmOtlC3eeSamjxUH+rCyiFzZFF4puA+twVb9b5s+hPTvBVnUkncqc=,iv:I/bcRqLOUKKNjCa+XnvlOeoPgIZuG+6J8wRPkcNN3lw=,tag:TbevEiN7QLyMEfNGa8CjOg==,type:str]
+    pgp:
+        - created_at: "2026-01-22T11:16:57Z"
+          enc: |-
+            -----BEGIN PGP MESSAGE-----
+
+            hQIMAwAAAAAAAAAAAQ//f9ulWQnsUv0f2p6oAFVeXg3lC/04yRCgg0kiHtDXlsZI
+            bHtYZBqoT7Capwh3VVOvCShjXbJKZlAwoYtBWdOfoTjEeA9Co8ULV2PECFakRJ9m
+            +oKMkrXax4J5WcEKxGX0HZfXzOc/VoCHk4ZG8LRKnu5TlE5XOMYfEMOI1HouIHGy
+            WFUJkm4sPBEBUJWCiTK9xU0T1xgfkBLvyPhPFAO1mHJTICTXQrFZ/jaNI2jGXg0q
+            GMFMz3pkrgX+9pBABGEmGHB04rNv0ixloPjtlY2pe4LOHXAMilK1r5TxKnpktN4B
+            onFHPsxMvWAwCi00yxYzdU2/dMhAnGc/kARyHw57FtmalGtTeAPij2h6nKi5A8Ex
+            Ze7qDavzZ2yZhJf52jKbnIiMb+xk0AYx+5faktp/0r/CW8p0a3BafkcUGA3yLA74
+            FUuuLjp/DTxeGBFcXdtpFhDBtTpBaUy6Y5voJuLByavPBJykehzGZRLhLJnmRef1
+            ILP9/8i703R4fxLnyESQ5UHnEKZEz20BPgllu+nfFUBxiETrU3neYOMF63gbOM4M
+            rKQ9b05PVlExlCPduEHp2hdvNtX6zVS4RH6ib/uvdUO/JIYLzfHYRgK2nTHXA6yV
+            Z2GEEh4B1fN+dLb9irMJk6dBLYSeqlwYwkAVlBOZMSzDo+6dO1P8cQ5ezMO7IHHS
+            XgGmwSY49d3QLF2g3rDi2YyxWekPodeS/E6vi7voruokmwpx/TQtZSHfTHy5aRLV
+            mxOPk/I5QlbXSaPwGyBjXDi6XJ+Vc38jqLd/Fazo0uY2/gMPyV007X4OIcxWSXc=
+            =W89D
+            -----END PGP MESSAGE-----
+          fp: 7FD6B0941B3468AE6F1904AED3C909F4ADEF6FE2
+    unencrypted_suffix: _unencrypted
+    version: 3.9.4
diff --git a/home-configuration.scm b/home-configuration.scm
index 7379243..a6e1876 100644
--- a/home-configuration.scm
+++ b/home-configuration.scm
@@ -11,7 +11,9 @@
              (guix gexp)
              (gnu home services)
              (gnu home services guix)
-             (gnu home services shells))
+             (gnu home services shells)
+	     (sops secrets)
+	     (sops home services sops))
 
 (home-environment
   ;; Below is the list of packages that will show up in your
@@ -24,7 +26,8 @@
 	  "emacs-geiser-guile"
 	  "emacs-ledger-mode"
 	  "glibc-locales"
-	  "guile")))
+	  "guile"
+	  "sops")))
 
   ;; Below is the list of Home services.  To search for available
   ;; services, run 'guix home search KEYWORD' in a terminal.
@@ -57,5 +60,25 @@
 				     (make-channel-introduction
 				      "d059076214e6cb8c00539649a43e603b7e9f2c90"
 				      (openpgp-fingerprint
-				       "7FD6 B094 1B34 68AE 6F19  04AE D3C9 09F4 ADEF 6FE2")))))))
+				       "7FD6 B094 1B34 68AE 6F19  04AE D3C9 09F4 ADEF 6FE2"))))
+				  (channel
+				   (name 'sops-guix)
+				   (url "https://github.com/fishinthecalculator/sops-guix.git")
+				   (branch "main")
+				   (introduction
+				    (make-channel-introduction
+				     "0bbaf1fdd25266c7df790f65640aaa01e6d2dbc9"
+				     (openpgp-fingerprint
+				      "8D10 60B9 6BB8 292E 829B  7249 AED4 1CC1 93B7 01E2"))))))
+		 (service home-sops-secrets-service-type
+			  (home-sops-service-configuration
+			   (config (local-file ".sops.yaml" "sops.yaml"))
+			   (secrets
+			    (list
+			     (sops-secret
+                              (key '("irc"))
+                              (file (local-file "common.yaml"))
+                              (user "charles")
+                              (group "charles")
+                              (permissions #o400)))))))
            %base-home-services)))
author	Charles Roelli <charles@aurox.ch>	2026-01-22 13:52:57 +0100
committer	Charles Roelli <charles@aurox.ch>	2026-01-22 13:52:57 +0100
commit	b085b83f1caa7b4570353cb890f35353d656046b (patch)
tree	418dc43eeb22fe6eb1c82f8f44ca364319669844
parent	328b79d1914450a0d47c3bc16a9769dfd816c259 (diff)