From 28a2a7aec4c0bd1e16780f0aa82f577ce83bd2c1 Mon Sep 17 00:00:00 2001
From: Alexander Bantyev <balsoft@balsoft.ru>
Date: Mon, 14 Jun 2021 23:51:55 +0300
Subject: [PATCH] AWS: don't clutter homedir

---
 machines/AMD-Workstation/default.nix |  3 +--
 modules/workspace/aws.nix            | 12 ++++++++++++
 2 files changed, 13 insertions(+), 2 deletions(-)
 create mode 100644 modules/workspace/aws.nix

diff --git a/machines/AMD-Workstation/default.nix b/machines/AMD-Workstation/default.nix
index 5237d3e..d2ef0b0 100644
--- a/machines/AMD-Workstation/default.nix
+++ b/machines/AMD-Workstation/default.nix
@@ -3,6 +3,7 @@
     ./hardware-configuration.nix
     inputs.self.nixosProfiles.desktop
     inputs.self.nixosModules.print-scan
+    inputs.self.nixosModules.aws
   ];
   deviceSpecific.devInfo = {
     cpu = {
@@ -28,8 +29,6 @@
     enable = true;
     cache.clean.enable = false; # Scary...
 
-    state.homeFiles = [ ".aws/credentials" ];
-
     state.directories = [ "/home/balsoft/.local/share/Steam" ];
 
     derivative.directories = [ "/home/balsoft/.wine" "/home/balsoft/.wine32" ];
diff --git a/modules/workspace/aws.nix b/modules/workspace/aws.nix
new file mode 100644
index 0000000..ca69903
--- /dev/null
+++ b/modules/workspace/aws.nix
@@ -0,0 +1,12 @@
+{ config, pkgs, lib, ... }: {
+  secrets.aws_credentials = {
+    owner = "balsoft:users";
+    services = [ ];
+  };
+
+  environment.sessionVariables = {
+    AWS_SHARED_CREDENTIALS_FILE = config.secrets.aws_credentials.decrypted;
+    AWS_CONFIG_FILE = toString (pkgs.writeText "aws_config"
+      (pkgs.my-lib.genIni { default.region = "eu-west-2"; }));
+  };
+}