diff --git a/nixos/linux.nix b/nixos/linux.nix index e82b273..e028757 100644 --- a/nixos/linux.nix +++ b/nixos/linux.nix @@ -57,6 +57,11 @@ in { file = ./secrets/webdav.age; owner = "root"; }; + + anthropic-api-key = { + file = ./secrets/anthropic-api-key.age; + owner = "root"; + }; }; environment.systemPackages = [ @@ -71,6 +76,8 @@ in { pkgs.rust-bin.stable.latest.default pkgs.wget + pkgs.claude-code + # For docker-compose like setups pkgs.arion start-arion-run @@ -95,6 +102,10 @@ in { environment.pathsToLink = ["/share/zsh"]; environment.shells = [pkgs.zsh]; + environment.etc."profile.d/anthropic.sh".text = '' + export ANTHROPIC_API_KEY=$(cat ${config.age.secrets.anthropic-api-key.path}) + ''; + environment.enableAllTerminfo = true; security.sudo.wheelNeedsPassword = false; diff --git a/nixos/secrets/anthropic-api-key.age b/nixos/secrets/anthropic-api-key.age new file mode 100644 index 0000000..1cdd2b1 --- /dev/null +++ b/nixos/secrets/anthropic-api-key.age @@ -0,0 +1,5 @@ +age-encryption.org/v1 +-> ssh-ed25519 NFD/vg rY+eiWOLOhCGzqWb4k9jNLU6aQ+PM0GNXTRTM4LfyQg +0Ekk88iG8ktnvVPwFW5EOrNN+UDxFmqeodz0SGCganU +--- WQ0Q25GI8bmYzB8YkFuJV6wuSKlv+waIWU2aw8A/OF0 +`2ձw\96Uu8?c?($ЭQPuxQ169d3Rz̏Tl>"GuG!cDGdf=إa#:NAN \ No newline at end of file diff --git a/nixos/secrets/default.nix b/nixos/secrets/default.nix index 6c1af5e..6ec1556 100644 --- a/nixos/secrets/default.nix +++ b/nixos/secrets/default.nix @@ -1,5 +1,5 @@ -{}: let - mainframePublicKey = builtins.toString "../keys/mainframe.pub"; +let + mainframePublicKey = builtins.readFile ../keys/mainframe.pub; in { # This .age file should contain the following environment variables: # NEARLYFREESPEECH_API_KEY @@ -8,4 +8,7 @@ in { # WEBDAV_PASSWORD "./webdav.age".publicKeys = [mainframePublicKey]; + + # ANTHROPIC_API_KEY + "./anthropic-api-key.age".publicKeys = [mainframePublicKey]; }