add fuse nextcloud and age encrypted passwords

.sops.yaml

@@ -0,0 +1,7 @@
+keys:
+  - &primary age1sjzkhwr8ycdsmuj8xg8y4v2hcpuq9vethnhytxtwzeury692dsxqf80fwv
+creation_rules:
+  - path_regex: secrets/secrets.yaml$
+    key_groups:
+    - age:
+      - *primary

flake.lock

@@ -114,7 +114,28 @@
         "firefox-addons": "firefox-addons",
         "home-manager": "home-manager",
         "nixos-hardware": "nixos-hardware",
-        "nixpkgs": "nixpkgs_2"
+        "nixpkgs": "nixpkgs_2",
+        "sops-nix": "sops-nix"
+      }
+    },
+    "sops-nix": {
+      "inputs": {
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1754988908,
+        "narHash": "sha256-t+voe2961vCgrzPFtZxha0/kmFSHFobzF00sT8p9h0U=",
+        "owner": "Mic92",
+        "repo": "sops-nix",
+        "rev": "3223c7a92724b5d804e9988c6b447a0d09017d48",
+        "type": "github"
+      },
+      "original": {
+        "owner": "Mic92",
+        "repo": "sops-nix",
+        "type": "github"
       }
     }
   },

flake.nix

@@ -6,7 +6,7 @@
 #    By: tomoron <tomoron@student.42angouleme.fr>   +#+  +:+       +#+         #
 #                                                 +#+#+#+#+#+   +#+            #
 #    Created: 2024/10/17 18:15:24 by tomoron           #+#    #+#              #
-#    Updated: 2025/08/30 19:38:12 by tomoron          ###   ########.fr        #
+#    Updated: 2025/09/05 18:37:36 by tomoron          ###   ########.fr        #
 #                                                                              #
 # **************************************************************************** #
 
@@ -16,6 +16,10 @@
   inputs = {
     nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
 	catppuccin.url = "github:catppuccin/nix";
+	sops-nix = {
+	  url = "github:Mic92/sops-nix";
+      inputs.nixpkgs.follows = "nixpkgs";
+	};
     home-manager = {
       url = "github:nix-community/home-manager";
       inputs.nixpkgs.follows = "nixpkgs";
@@ -49,7 +53,12 @@
         inherit pkgs;
 	    extraSpecialArgs = { inherit inputs; username = username; homeDir = homeDir; isOs = false; };
         modules = nixpkgs.lib.concatLists [
-		  [ ./homeConfigs/home.nix ./homeConfigs/hosts/${flakeName}.nix catppuccin.homeModules.catppuccin ]
+		  [
+		    ./homeConfigs/home.nix
+			./homeConfigs/hosts/${flakeName}.nix
+			catppuccin.homeModules.catppuccin
+			inputs.sops-nix.homeManagerModules.sops
+		  ]
 		  extraModules
 		];
 	  };
@@ -68,7 +77,6 @@
             (nixpkgs + "/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix")
             ./osConfigs/hosts/iso.nix
 			inputs.home-manager.nixosModules.default
-
           ];
 		};
       };

homeConfigs/home.nix

@@ -6,11 +6,11 @@
 #    By: tomoron <tomoron@student.42angouleme.fr>   +#+  +:+       +#+         #
 #                                                 +#+#+#+#+#+   +#+            #
 #    Created: 2024/10/17 18:15:38 by tomoron           #+#    #+#              #
-#    Updated: 2025/08/30 20:34:23 by tomoron          ###   ########.fr        #
+#    Updated: 2025/09/05 19:55:21 by tomoron          ###   ########.fr        #
 #                                                                              #
 # **************************************************************************** #
 
-{lib, pkgs, username ? "tom" ,homeDir ? "/home/tom", isOs ? false, ... }:
+{lib, pkgs, config, username ? "tom" ,homeDir ? "/home/tom", isOs ? false, ... }:
 
 {
   imports = lib.concatLists [
@@ -23,6 +23,28 @@
 
   home.stateVersion = "24.05";
 
+  sops.defaultSopsFile = ../secrets/secrets.yaml;
+  sops.age.keyFile = "${homeDir}/.config/sops/age/keys.txt";
+  sops.secrets."nextcloud_fuse/password" = {};
+
+  programs.rclone.enable = true;
+  programs.rclone.remotes.nextcloud = {
+    config = {
+	  type = "webdav";
+	  url = "https://nc.tmoron.fr/remote.php/dav/files/tom";
+	  vendor = "nextcloud";
+	  user = "tom";
+    };
+	secrets.pass = config.sops.secrets."nextcloud_fuse/password".path;
+	mounts = {
+	  "/" = {
+	    enable = true;
+		mountPoint = "${homeDir}/nextcloud";
+		options.vfs-cache-mode = "writes";
+	  };
+	};
+  };
+
 #  programs.ghostty.enable = true;
 #  programs.ghostty.settings = {
 #    theme = "catppuccin-mocha";

homeConfigs/packages.nix

@@ -6,7 +6,7 @@
 #    By: tomoron <tomoron@student.42angouleme.fr>   +#+  +:+       +#+         #
 #                                                 +#+#+#+#+#+   +#+            #
 #    Created: 2025/02/09 22:01:56 by tomoron           #+#    #+#              #
-#    Updated: 2025/09/02 23:33:04 by tomoron          ###   ########.fr        #
+#    Updated: 2025/09/05 19:28:45 by tomoron          ###   ########.fr        #
 #                                                                              #
 # **************************************************************************** #
 
@@ -44,5 +44,6 @@
     nerd-fonts.iosevka
 	compiledb
 	yubikey-personalization
+	sops
   ];
 }

osConfigs/hosts/laptop.nix

@@ -2,6 +2,7 @@
 
 {
   boot.initrd.luks.yubikeySupport = true;
+  services.udev.packages = [ pkgs.yubikey-personalization ];
   boot.initrd.kernelModules = [ "vfat" "nls_cp437" "nls_iso8859-1" "usbhid" ];
   boot.initrd.luks.devices.cryptroot = {
   	device = "/dev/disk/by-uuid/a4593b01-069d-4a5d-a550-74a762b89b3f";
@@ -18,6 +19,8 @@
 	};
   };
 
+  programs.fuse.enable = true;
+
   boot.blacklistedKernelModules = [ "nvidia" "nvidia_drm" "nvidia_uvm" ];
 
   mods.displayManager.enable = true;
@@ -86,6 +89,7 @@
     enable = true;
 	enableUserService = true;
   };
+
   services.supergfxd.enable = true;
   services.supergfxd.settings = {
     mode = "Integrated";
@@ -99,8 +103,6 @@
 
   services.upower.enable = true;
 
-  services.udev.packages = [ pkgs.yubikey-personalization ];
-
   programs.wireshark.enable = true;
   programs.wireshark.usbmon.enable = true;
 

secrets/secrets.yaml

@@ -0,0 +1,18 @@
+#ENC[AES256_GCM,data:1NcFm2XqZzmSSlr8wH4aXHDBhf+lOaZ/gUeK2T/U/hIBbqtfKtw=,iv:yS5iogRp6e3We/7wZnGy0XJzqLVfRVKlDhUs+tamcJ0=,tag:+z/qqF9n6/hQfv9aWXkCDQ==,type:comment]
+nextcloud_fuse:
+    password: ENC[AES256_GCM,data:Rlyc9wO3rXJ97AAMzM+vJclEJ+eaSPtHkitqRL0=,iv:yuS2Tyo2HZGVb9tbWmmgOEwkyzLhlvq8iZ2YjGD0u9E=,tag:pf8n4pTvseh1pd12w8w4tw==,type:str]
+sops:
+    age:
+        - recipient: age1sjzkhwr8ycdsmuj8xg8y4v2hcpuq9vethnhytxtwzeury692dsxqf80fwv
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPRXNiNG9vRzJraERMSytl
+            Qkc4SVluRWQ1bE5Dc2FpaHQ2WGkxeHF2TWdjCml3OXpockc0NFJ6dDJTVzNjLzNU
+            cWxHTzhBVno1TlVDaXplR2tuN2wzN0kKLS0tIG5pWmcxYlhlb1lCN3RqNG5hRFJS
+            clZaazZQdW5wYUhUNmM0QW91K0NLOTAKB6z7cKg54QmJo0U03u6RQkSCfJOAdeJa
+            DiyPYjm02BNe8YPFbBFRpyT7G++j3h0yG+/Nr2zcQFyMMEpMv5QJvg==
+            -----END AGE ENCRYPTED FILE-----
+    lastmodified: "2025-09-05T17:58:05Z"
+    mac: ENC[AES256_GCM,data:96G7VqaG8A46tQ1L7I2asiYtNZF7K3Wf+SzbwPrNV8zQio2jInawtD4WSzHmLs4Nv7M1TBHug/ho8mfYq6auXgpathiSzvj0Tzs/IEKXiTYa86tM3szwAepavMYWOl6OYJ7S39ku6BOMo3qC2BK/gpT5iy4c84ashn2wFd1n41A=,iv:6TShIsqnhCf/3uoAaz/R+Cwr2HrorROOXodXluTKM8M=,tag:BA9rQ73scKgetW3orV0HdQ==,type:str]
+    unencrypted_suffix: _unencrypted
+    version: 3.10.2