From affa3000d757245b483aa4635a98fa7d206dc52a Mon Sep 17 00:00:00 2001
From: Annika Merris <me@annikamerris.com>
Date: Sun, 12 May 2024 10:32:27 -0400
Subject: [PATCH] Try To Get a Secret Decrypted Into a File

---
 hosts/kim/annika.nix             | 15 ++++++++++++---
 hosts/kim/dotfiles/spotifyd.conf |  6 ++++++
 secrets/secrets.yaml             | 24 ++++++++++++++++++++++++
 3 files changed, 42 insertions(+), 3 deletions(-)
 create mode 100644 hosts/kim/dotfiles/spotifyd.conf
 create mode 100644 secrets/secrets.yaml

diff --git a/hosts/kim/annika.nix b/hosts/kim/annika.nix
index 81ea52e..2975eb3 100644
--- a/hosts/kim/annika.nix
+++ b/hosts/kim/annika.nix
@@ -1,9 +1,18 @@
 { config, pkgs, ... }:
 
 {
-  # imports = [
-  #  inputs.sops-nix.homeManagerModules.sops
-  #];
+  imports = [
+    inputs.sops-nix.homeManagerModules.sops
+  ];
+
+  # Configure secrets stuff
+  sops = {
+    defaultSopsFile = "../../secrets.yaml";
+    defaultSopsFormat = "yaml";
+    age.keyFile = "/home/annika/.config/sops/age/keys.txt";
+
+    secrets."spotifyd/settings/global/password" = { };
+  };
 
   nixpkgs.config.allowUnfree = true;
   # Home Manager needs a bit of information about you and the paths it should
diff --git a/hosts/kim/dotfiles/spotifyd.conf b/hosts/kim/dotfiles/spotifyd.conf
new file mode 100644
index 0000000..a469e1e
--- /dev/null
+++ b/hosts/kim/dotfiles/spotifyd.conf
@@ -0,0 +1,6 @@
+[global]
+username = "me@annikamerris.com"
+password_cmd = "something"
+use_mpris = true
+device_name = "kim-nix"
+device_type = "computer"
diff --git a/secrets/secrets.yaml b/secrets/secrets.yaml
new file mode 100644
index 0000000..1f5e74c
--- /dev/null
+++ b/secrets/secrets.yaml
@@ -0,0 +1,24 @@
+spotifyd:
+    settings:
+        global:
+            password: ENC[AES256_GCM,data:YnfXoQ7pbqoZ8QcqfkYd3A==,iv:+QwDqlZ5HEIasmeMAT48kvF3LpbTzJMu4OR1kjWOZCQ=,tag:rANAqr1GlYzHNItb2AmCmg==,type:str]
+sops:
+    kms: []
+    gcp_kms: []
+    azure_kv: []
+    hc_vault: []
+    age:
+        - recipient: age1e8wfn0vmwv506n060hzqkwhsekykynl9tpatnm2swhew30kmuyest0slhv
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBCK0l0S1VtRUlqRW54TU1F
+            R09WSEpvaVhLaWp3bEd2bnJ4Y3o3eEVobVU0CnN2ak50cTdkSHVqWlg4RlV5Q0cx
+            VEFpQ3VqZ1NNSiswMEFhVkVFOFRxWHcKLS0tIDZYM1hHN2poSjdZcnZZVTZITWFL
+            Mzd6MnNDSUJoQ2w3dEhDdkpxR2pnZUkKXgKr/jE6ZVzJGF3DzyKfyAlF89CEbpxH
+            maKt3YwaPfQwiV5leDo26tOMXs/CB1fiRcjN80ByeoS7uHevsbdAyw==
+            -----END AGE ENCRYPTED FILE-----
+    lastmodified: "2024-05-12T13:52:54Z"
+    mac: ENC[AES256_GCM,data:m/6tsxQDl+Ox+pWlWb46GvO49pTdzVNrDhaNlEHZ8clwqCqGB0onUJR8rWI8dVIeEyCqXhQ5dHn6B0QMJcyAxhLd6R8fc193hSmv7e5oBm5Qj0L1sd83lQRhrcFyM1qUpJzQydWVlp7vQFqpLzNqsQ6ZwH0r3hK4eRaqS4GaNfo=,iv:j+5mN1yI00Tdii2cfN3imbB56msfB0wUZ/ANNW143jo=,tag:ROQfmDd2uq0zvIX6FhwyTQ==,type:str]
+    pgp: []
+    unencrypted_suffix: _unencrypted
+    version: 3.8.1