don't use agenix from home manager

Install the key with the host's configuration and rekey the secrets.

2 files changed, 2 insertions, 19 deletions

diff --git a/home/profiles/darwin.nix b/home/profiles/darwin.nix
index c0e9a8e..d8942c8 100644
--- a/home/profiles/darwin.nix
+++ b/home/profiles/darwin.nix
@@ -1,16 +1,5 @@
 { pkgs, config, ... }:
 {
-  age = {
-    identityPaths = [ "${config.home.homeDirectory}/.ssh/agenix" ];
-    secretsDir = "${config.home.homeDirectory}/.local/share/agenix";
-
-    secrets = {
-      anthropic-api-key = {
-        file = ../../secrets/users/fcuny/anthropic-api-key.age;
-      };
-    };
-  };
-
   imports = [
     ../programs/aider.nix
     ../programs/bat.nix
@@ -46,7 +35,7 @@
   };
 
   programs.fish.shellInit = ''
-    export ANTHROPIC_API_KEY="$(cat ${config.age.secrets.anthropic-api-key.path})"
+    export ANTHROPIC_API_KEY="$(cat /run/agenix/anthropic-api-key)"
   '';
 
   home.sessionPath = [
diff --git a/home/programs/restic.nix b/home/programs/restic.nix
index 0661251..582384f 100644
--- a/home/programs/restic.nix
+++ b/home/programs/restic.nix
@@ -21,15 +21,9 @@ in
 {
   home.packages = with pkgs; [ restic ];
 
-  age.secrets.restic-password = {
-    file = ../../secrets/restic-pw.age;
-    path = "${config.home.homeDirectory}/.config/restic/password";
-    mode = "400";
-  };
-
   home.sessionVariables = {
     RESTIC_REPOSITORY = resticRepository;
-    RESTIC_PASSWORD_FILE = config.age.secrets.restic-password.path;
+    RESTIC_PASSWORD_FILE = "/run/agenix/restic-password";
   };
 
   home.file.".config/restic/includes" = {