From 7294e04ae25c93b056de4443c9a1966bb4aff1fb Mon Sep 17 00:00:00 2001
From: John Lancaster <32917998+jsl12@users.noreply.github.com>
Date: Sun, 14 Jun 2026 13:17:05 -0500
Subject: [PATCH] onepassword module

---
 modules/hosts/john-p14s/configuration.nix  | 10 +---------
 modules/hosts/omen-nixos/configuration.nix |  4 ++++
 modules/programs/onepassword.nix           | 11 +++++++++++
 3 files changed, 16 insertions(+), 9 deletions(-)

diff --git a/modules/hosts/john-p14s/configuration.nix b/modules/hosts/john-p14s/configuration.nix
index d48f51e..e842908 100644
--- a/modules/hosts/john-p14s/configuration.nix
+++ b/modules/hosts/john-p14s/configuration.nix
@@ -11,6 +11,7 @@
       imports = [
         self.modules.nixos.base
         self.modules.nixos.p14sHardware
+        self.modules.nixos.onepassword
       ];
 
       rebuild.flakeDir = flakeDir;
@@ -32,15 +33,6 @@
       security.pam.services.swaylock = {};
       security.pam.services.swaylock.fprintAuth = true;
 
-      programs._1password.enable = true;
-      programs._1password-gui = {
-        enable = true;
-        # Certain features, including CLI integration and system authentication support,
-        # require enabling PolKit integration on some desktop environments (e.g. Plasma).
-        polkitPolicyOwners = [ "john" ];
-        # TODO this should not be a hardcoded username
-      };
-
       # This value determines the NixOS release from which the default
       # settings for stateful data, like file locations and database versions
       # on your system were taken. It's perfectly fine and recommended to leave
diff --git a/modules/hosts/omen-nixos/configuration.nix b/modules/hosts/omen-nixos/configuration.nix
index 9f4b5be..4f80705 100644
--- a/modules/hosts/omen-nixos/configuration.nix
+++ b/modules/hosts/omen-nixos/configuration.nix
@@ -7,6 +7,7 @@
       self.modules.nixos.base
       self.modules.nixos.greetd
       self.modules.nixos.niri
+      self.modules.nixos.onepassword
     ];
 
     # Use the systemd-boot EFI boot loader.
@@ -112,6 +113,9 @@
     home-manager.users.john.imports = with inputs.self.modules.homeManager; [
       desktop
       # rebuild
+      {
+        my-vscode.enable = true;
+      }
     ];
   };
 
diff --git a/modules/programs/onepassword.nix b/modules/programs/onepassword.nix
index af6fc8d..062a5bf 100644
--- a/modules/programs/onepassword.nix
+++ b/modules/programs/onepassword.nix
@@ -1,4 +1,15 @@
 { self, inputs, ... }: {
+  flake.modules.nixos.onepassword = { config, ... }: {
+    programs._1password.enable = true;
+    programs._1password-gui = {
+      enable = true;
+      # Certain features, including CLI integration and system authentication support,
+      # require enabling PolKit integration on some desktop environments (e.g. Plasma).
+      polkitPolicyOwners = [ "john" ];
+      # TODO this should not be a hardcoded username
+    };
+  };
+
   flake.modules.homeManager.onepassword = { config, ... }: {
     home.file.".config/1Password/ssh/agent.toml".text = ''
       # https://developer.1password.com/docs/ssh/agent/config