Revert "sops: Add age support."

This reverts commit 9459e12.

modules/sops/activation.scm

@@ -10,7 +10,6 @@
   #:export (activate-secrets))
 
 (define* (activate-secrets config-file
-                           age-key-file
                            gnupg-home
                            sops-secrets
                            sops-package
@@ -45,7 +44,6 @@
                        (not (member file `("." ".." ,@exclude))))
                      string<?))
 
-          (setenv "SOPS_AGE_KEY_FILE" #$age-key-file)
           (setenv "GNUPGHOME" #$gnupg-home)
           (setenv "SOPS_GPG_EXEC" #$gpg)
 

modules/sops/home/services/sops.scm

@@ -9,7 +9,6 @@
   #:use-module (guix packages)
   #:use-module (gnu packages gnupg)
   #:use-module (gnu packages golang)
-  #:use-module (gnu packages golang-crypto)
   #:use-module (sops packages sops)
   #:use-module (sops activation)
   #:use-module (sops secrets)
@@ -20,24 +19,15 @@
             home-sops-service-configuration
             home-sops-service-configuration?
             home-sops-service-configuration-fields
-            home-sops-service-configuration-age
-            home-sops-service-configuration-gnupg
             home-sops-service-configuration-sops
             home-sops-service-configuration-config
             home-sops-service-configuration-gnupg-home
-            home-sops-service-configuration-age-key-file
             home-sops-service-configuration-secrets))
 
 (define list-of-sops-secrets?
   (list-of sops-secret?))
 
 (define-configuration/no-serialization home-sops-service-configuration
-  (age
-   (package age)
-   "The @code{age} package used to perform decryption.")
-  (gnupg
-   (package gnupg)
-   "The @code{GnuPG} package used to perform decryption.")
   (sops
    (package sops)
    "The @code{SOPS} package used to perform decryption.")
@@ -47,21 +37,14 @@
   (gnupg-home
    (string "~/.gnupg")
    "The homedir of GnuPG, i.e. where keys used to decrypt SOPS secrets will be looked for.")
-  (age-key-file
-   (string "~/.config/sops/age/keys.txt")
-   "The file containing the corresponding @code{age} identities where SOPS will look for
-when decrypting a secret.")
   (secrets
    (list-of-sops-secrets '())
    "The @code{sops-secret} records managed by the @code{home-sops-secrets-service-type}."))
 
 (define (home-sops-secrets-shepherd-service config)
   (when config
     (let* ((config-file
-            (home-sops-service-configuration-config config))
-           (age-key-file
-            (home-sops-service-configuration-age-key-file config))
-           (gnupg-home
+            (home-sops-service-configuration-config config))(gnupg-home
             (home-sops-service-configuration-gnupg-home config))
            (secrets (home-sops-service-configuration-secrets config))
            (sops (home-sops-service-configuration-sops config)))
@@ -76,7 +59,6 @@ when decrypting a secret.")
                              (list
                               #$(program-file "home-sops-secrets-entrypoint"
                                               (activate-secrets config-file
-                                                                age-key-file
                                                                 gnupg-home
                                                                 secrets
                                                                 sops)))))
@@ -95,8 +77,7 @@ when decrypting a secret.")
   (service-type (name 'home-sops-secrets)
                 (extensions (list (service-extension home-profile-service-type
                                                      (lambda (config)
-                                                       (list (home-sops-service-configuration-age config)
-                                                             (home-sops-service-configuration-gnupg config)
+                                                       (list age gnupg
                                                              (home-sops-service-configuration-sops config))))
                                   (service-extension home-activation-service-type
                                                      (lambda _
@@ -106,6 +87,7 @@ when decrypting a secret.")
                                                              (mkdir-p secrets-directory)))))
                                   (service-extension home-shepherd-service-type
                                                      home-sops-secrets-shepherd-service)))
+                (default-value #f)
                 (compose concatenate)
                 (extend secrets->home-sops-service-configuration)
                 (description

modules/sops/services/sops.scm

@@ -22,26 +22,17 @@
             sops-service-configuration
             sops-service-configuration?
             sops-service-configuration-fields
-            sops-service-configuration-age
-            sops-service-configuration-gnupg
             sops-service-configuration-sops
             sops-service-configuration-config
             sops-service-configuration-generate-key?
             sops-service-configuration-gnupg-home
-            sops-service-configuration-age-key-file
             sops-service-configuration-secrets-directory
             sops-service-configuration-secrets))
 
 (define list-of-sops-secrets?
   (list-of sops-secret?))
 
 (define-configuration/no-serialization sops-service-configuration
-  (age
-   (package age)
-   "The @code{age} package used to perform decryption.")
-  (gnupg
-   (package gnupg)
-   "The @code{GnuPG} package used to perform decryption.")
   (sops
    (package sops)
    "The @code{SOPS} package used to perform decryption.")
@@ -57,10 +48,6 @@ more than welcome to provide your own key in the keyring.")
   (gnupg-home
    (string "/root/.gnupg")
    "The homedir of GnuPG, i.e. where keys used to decrypt SOPS secrets will be looked for.")
-  (age-key-file
-   (string "/root/.config/sops/age/keys.txt")
-   "The file containing the corresponding @code{age} identities where SOPS will look for
-when decrypting a secret.")
   (secrets-directory
    (string "/run/secrets")
    "The path on the filesystem where the secrets will be decrypted.")
@@ -74,8 +61,6 @@ when decrypting a secret.")
             (sops-service-configuration-config config))
            (generate-key?
             (sops-service-configuration-generate-key? config))
-           (age-key-file
-            (sops-service-configuration-age-key-file config))
            (gnupg-home
             (sops-service-configuration-gnupg-home config))
            (secrets (sops-service-configuration-secrets config))
@@ -93,7 +78,6 @@ when decrypting a secret.")
                              (list
                               #$(program-file "sops-secrets-entrypoint"
                                               (activate-secrets config-file
-                                                                age-key-file
                                                                 gnupg-home
                                                                 secrets
                                                                 sops
@@ -123,8 +107,7 @@ when decrypting a secret.")
   (service-type (name 'sops-secrets)
                 (extensions (list (service-extension profile-service-type
                                                      (lambda (config)
-                                                       (list (sops-service-configuration-age config)
-                                                             (sops-service-configuration-gnupg config)
+                                                       (list age gnupg
                                                              (sops-service-configuration-sops config))))
                                   (service-extension file-system-service-type
                                                      %sops-secrets-file-system)
@@ -137,6 +120,7 @@ when decrypting a secret.")
                                                                    (mkdir-p secrets-directory)))))
                                   (service-extension shepherd-root-service-type
                                                      sops-secrets-shepherd-service)))
+                (default-value #f)
                 (compose concatenate)
                 (extend secrets->sops-service-configuration)
                 (description