From a0befb35e7c117d02910edd589512777a604395f Mon Sep 17 00:00:00 2001
From: Zynh Ludwig <zynh0722@gmail.com>
Date: Sun, 28 Jul 2024 06:32:16 -0700
Subject: [PATCH] ssh: use keyfiles directly, also only include if sops is
 enabled

---
 home/modules/ssh.nix | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/home/modules/ssh.nix b/home/modules/ssh.nix
index 02468bb..bc102f4 100644
--- a/home/modules/ssh.nix
+++ b/home/modules/ssh.nix
@@ -3,6 +3,9 @@
 let
   cfg = config.snowhawk.ssh;
   sops = config.snowhawk.sops.enable;
+  secrets = config.sops.secrets;
+
+  ifSops = lib.mkIf sops;
 in
 {
   options.snowhawk.ssh = {
@@ -22,20 +25,20 @@ in
             hostname = "git.zynh.me";
             user = "git";
             port = 2221;
-            identityFile = "${sshDir}/personal_git";
+            identityFile = ifSops secrets."private_keys/personal_git".path;
           };
           msiserver = {
             hostname = "scarlet.zynh.me";
             user = "zynh";
-            identityFile = "${sshDir}/msiserver";
+            identityFile = ifSops secrets."private_keys/msiserver".path;
           };
           "msiserver.local" = lib.mkIf cfg.homeNetwork {
             hostname = "msiserver";
             user = "zynh";
-            identityFile = "${sshDir}/msiserver";
+            identityFile = ifSops secrets."private_keys/msiserver".path;
           };
           caveserver = {
-            identityFile = "${sshDir}/caveserver";
+            identityFile = ifSops secrets."private_keys/caveserver".path;
           };
         };
       };