From baecc7bb69df1873f1dce7fde66bbac502281882 Mon Sep 17 00:00:00 2001
From: John Lancaster <32917998+jsl12@users.noreply.github.com>
Date: Sun, 3 Aug 2025 12:05:51 -0500
Subject: [PATCH] gmail api secret working

---
 homeManagerModules/sops.nix     | 23 +++++++++++++++++++----
 keys/gmail_api_credentials.json | 29 -----------------------------
 keys/secrets.yaml               | 16 ++++------------
 3 files changed, 23 insertions(+), 45 deletions(-)
 delete mode 100644 keys/gmail_api_credentials.json

diff --git a/homeManagerModules/sops.nix b/homeManagerModules/sops.nix
index 389946c..236f2d1 100644
--- a/homeManagerModules/sops.nix
+++ b/homeManagerModules/sops.nix
@@ -13,10 +13,25 @@ in
     defaultSopsFile = ../keys/secrets.yaml;
     defaultSopsFormat = "yaml";
     
-    secrets.gmail_api_credentials = {
-      sopsFile = ../keys/gmail_api_credentials.json;
-      format = "json";
-      path = "${config.home.homeDirectory}/.config/gmail_api_credentials.json";
+    secrets."api/gmail_client_secret" = { };
+
+    templates."gmail_creds" = {
+      content = ''
+        {
+            "installed": {
+                "client_id": "499012320469-vtml6emu6bmujpsj9lud2b44jqu7h26j.apps.googleusercontent.com",
+                "project_id": "python-apis-423500",
+                "auth_uri": "https://accounts.google.com/o/oauth2/auth",
+                "token_uri": "https://oauth2.googleapis.com/token",
+                "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
+                "client_secret": "${config.sops.placeholder."api/gmail_client_secret"}",
+                "redirect_uris": [
+                    "http://localhost"
+                ]
+            }
+        }
+      '';
+      path = "${config.xdg.configHome}/sops-nix/gmail_api_credentials.json";
     };
   };
   home.packages = with pkgs; [
diff --git a/keys/gmail_api_credentials.json b/keys/gmail_api_credentials.json
deleted file mode 100644
index ee8611c..0000000
--- a/keys/gmail_api_credentials.json
+++ /dev/null
@@ -1,29 +0,0 @@
-{
-	"installed": {
-		"client_id": "ENC[AES256_GCM,data:yA9gJ2VmXFKc6CKAgNTh1SI3iLS+Vq90vm26kZmF3JTKgK8ZcTOz8N7hhuSORoXkmikxEukExp4bn2ja7ZG9Bw0vIY6dCcbl,iv:X1Mwu3KKRIuIadOm+S+es5GnLobPev91w137Y0/9JAs=,tag:+/ZEjQqC7zX9ELzlqLjpNg==,type:str]",
-		"project_id": "ENC[AES256_GCM,data:W4qujmk8lGC59ZRekDMq/D6O,iv:NudSGiznUYxvnCpHbDAFUnrrXuSV5ty9fMRztKcBJMc=,tag:Eb4quSBp1pCanKkdWELsog==,type:str]",
-		"auth_uri": "ENC[AES256_GCM,data:+o2mloOICzCQoEDnTAOZkyEE2WwvS8aXFoE1ZLujkLVifdYYbIY9HxA=,iv:wNm+hOwMPAo9Wp/sgKlMmci2HN5FElNnhoz93mz3dZ0=,tag:zL43INK9v9xCRHesu46InQ==,type:str]",
-		"token_uri": "ENC[AES256_GCM,data:E5F4noVDwKXUCnQHSqt0F4/TcAhn9TeJHtII0drF6Fd2h7c=,iv:+EPQkkxVFKDbm6pqu9MBkG1vrZX5RnxbXLFI4KOf7AI=,tag:IpYvE4gokvom6iXAenHAiA==,type:str]",
-		"auth_provider_x509_cert_url": "ENC[AES256_GCM,data:VJWzRYLjS3XDXY8GUyw3kdGKZ5B0q8GiSyQPhyHUzePx27cmDSKVz5Yi,iv:UVyFvA+FoViVqLQlJZwwe1vDDMnfsZgUALgY8jPmFQU=,tag:iKNJ8rY9fpFh0GTBlUnDHQ==,type:str]",
-		"client_secret": "ENC[AES256_GCM,data:RA+xu8V4D/FYzeIgStC9ThST3oTs4IMYmg1ixEKWgitgesc=,iv:iW+AKeY1FpPgdryugkIynjEVAVq49bNFHaSzbY+WdEA=,tag:hHjfa09XebSX/8M146aMCQ==,type:str]",
-		"redirect_uris": [
-			"ENC[AES256_GCM,data:o4+QcpKTnBaEam6359QdSw==,iv:WmjP65gLJ/IOPMhXGs37EO375lq8X7ZeSpSck9RsWE0=,tag:uH19WZEG8XfLUDOuuk2MEg==,type:str]"
-		]
-	},
-	"sops": {
-		"age": [
-			{
-				"recipient": "age1f6drjusg866yscj8029tk4yfpgecklrvezldm02ankm6h8nnwu5s2u6ahy",
-				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBCRXdNalhWVHdoN2hmZ2dz\nOGM1SXNPMzZnOEhDcGRXL2RyWXVFTkZ5Z0dBCld5UEFnUmxGM1p2OG1SRVhHWjNG\nS2tRVGkyOWliRkZFNml5ZFdmQW9lV1UKLS0tIFVWeDc2WjVXZW1BK1J4NUdsaXVl\nQWpaOHZPRjJnMllKa2Q3d3JGSW5kU28Kzgrlf416JhuLYVwNwJFdTXtNANleFH3P\nFUMMJxKGCMvM0Yo0KOCLz6oBlU6PdJJi3D1953q+fLbGQy94lwk4Mg==\n-----END AGE ENCRYPTED FILE-----\n"
-			},
-			{
-				"recipient": "age16qqdn7tdgzu9c259g854ls69aqyz5hwhg7d4q5mqn7ksvchkp9nqv0x2un",
-				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBlam52L2MvR1JyNldzbmNr\nbjZWUTVqeVZjbnV1WmRraFBVMkE4bjF5SUVBCkJtSm9mekExSVpSWUxhRjZ5UEJN\nYzY3ZFkyZ1p3M3BvY2tHb05SZS80RWcKLS0tIHRXcGR5cW9NNHpUQ0JjQmZaR1VJ\nOHJxcTJ5bzc4cVRnV2ZvNGhXRml0czAKp7VMu37ArqG/nEGwq9LCZMVD26TfqR6m\nEg24lUtO3pfg/VxwM/V/CaT49a6Xmh7sEZ0yMvA5EJGNe3WMxEFdMg==\n-----END AGE ENCRYPTED FILE-----\n"
-			}
-		],
-		"lastmodified": "2025-08-02T22:50:23Z",
-		"mac": "ENC[AES256_GCM,data:5mXbFxgK778ZDzW0qvhYwDWVve46PIJ/keJiEqU75yShtdKe9QOhUu75xC1cFh1cXeEJOi22XAh3JTa52MjAAUimzOV9d78fusJ/pd8jIzmDfqbUBBkwauoKRHLN0zwRVA7jVsIYaZ1RKLfu5X7oGxmXfbcM/4hEXinAWhGKT9U=,iv:30SbFhQRJ6L+p/2qtRfT31dYA0DztLMT+60l35URmdk=,tag:L6fRfKb68y+bAyV2m7bDMQ==,type:str]",
-		"unencrypted_suffix": "_unencrypted",
-		"version": "3.10.2"
-	}
-}
diff --git a/keys/secrets.yaml b/keys/secrets.yaml
index e34bec8..51dabd2 100644
--- a/keys/secrets.yaml
+++ b/keys/secrets.yaml
@@ -1,15 +1,7 @@
 restic_password:
     john_ubuntu: ENC[AES256_GCM,data:Q4lUaFFDgoK9k4kQj7hSVKaFDGW0T+6V+OpFU5R528R3EKM7YJMgcFX+sK3mWl9XA4/6E1GeINpIqOpx+FP5Cf/8qt9sXBXCmXXSYdA4IH3RS6a1NkcIVjsTMvpn4q/fslCeYN4LB+r4pBGmdca105miqVun8J69cZGwjZ+wuxrMAP+mdnHdSUPycjNWJJzmEa3waQsygAi4A5cAN5sigOPBxe2pCTh/FEKoTgWmzHGJvcjrzuL6wNOpQrkMWwTsHCtbe9dyMP/fQpoBgYDT4W9Rd4XHhbrooje+g3x48EL1rkRIVVNRavpRUih/mjcdJGzzJ6jZmLLcc1f7SZIKZht7f+ZcdZl3rKQB+WanZgK/KAgKBRCrbIk2eeBZwkcRSw5kmGFU7x0azdIipJYj+3KHHQS5S2VW4j2tQG74xK3qaNJcSMjpKmdI1dHcPf0x2ILaDDV9Ts0H4GTOB2zO9iGy7x2tdPd4tugxxk5rr5rphTZL3lgUf0Ri/qMkJh9I8CsjUdvRycHeIEUZPmEVaIqJC2jrd2pBslis5VWD/6PHQBCob07d1fcpIYox4YXM3GcLg3OxiD8nZ7DTzGRMhciZtTKKWbBT8qzPud4ZQvDkT5l+XOpeM13wXFIMa13CwOzYeyWjycED0VQ/i3XRw9+9lg3cosfxaPdaFtv4MjV7Od62G/UJw3OxaQOHM2y24N+Q0pSBoTdDAFwDCH/kcqZji6ZrVTu4Rad8opcILJJcqC+pjegDvBtUdDz+G3/dFiS6m8RYIRb7qB5yEX/lCgzlECmRS2XP8uraNJ5NN8rtk0gdBtaI9/78YyAjLLGkjIcIR4uJA5buCZBR9jIdqf4f52fowbx18VPrwFXN2mYX6mPsKbDmaz0ILHq/I9n8bS/KM7gIQmTw/RAUwnmL4IRu8zHn6nmIqj6d8AkjYx7s6pG8OF8LgfhqZT7tdPKCd+n/HnYn1fZGSw26zHzPd4nKnVV1e3NYvX6CVwVycerGs9elOKtOI8GsrWYyXzJbfC+nWxbHKI/t6sxyzTBrHPR4r6l/CchQF+SfBs5aELKExe7h325qBB2y6EFdkbxTj1tPGqxttp9xJB1LUyNtwsEAkpD44JNqPxZCYHQbeVE3Oo3TYtRUSVWREc1WNIsfSG/anScYUhDEah9YyIdiG+O71QqegunusLoxmpF2rQtx7shtAvJV3skDBB0tFDoQyIV+yPo7kPV0D7Ig+Ba+mk5ASJrT9DXZ53Q2CCTLAuslU4MP7g22RX8rU3s2hFJq8m7wvMwpqa9Tr6O38i1wX4PhG1VRMM8EIlMQnLWWKmni6NbOYiRxFYJMioxH5SyE4ODQYXy5YIuLoRsX8VR6UqJ1GZb7sJf3M1aPOFOHzTN9hnziTRRe1KCMoBrAghrqhvL1VRr9X5PYMxnjBh6o0d5YTN0WOGD2iEVbCzqxFXcxQZBBp4KyNAAhFhGNw8WUp/rVoyCYn7+OEYFspY4FmGMTYhvxbq5LEptXeQgOP2ggBkqsw8sYP9oj1cb4kzBNv8M7nR9kM1EqvZpFV47phoTbBeMY4DZOJodkASFVM5/7ijWy/M9rtWMFMCXKURKkAQJRFADs0KqMJ5osnFFnubX7vKgK736XXF4+wIQuuHqEsYDZ90ftInxq8sYRnb2FZ0EV4yc8qqnz++fjwrAA5EV+zhL6l6hum1zL8JkUJ1ICKZ905If6nIeoul8MY3B1Cz4W+osN2Wtl8OeJ2t3iZx3wk/unVa8uDZH1owu47He68e2V8vpYxOaW4/hLyy/XuL5DukETrhRjC+7GbEaKaCwoA2UwAdqU,iv:N8ek+tp16WiZgjTDxXb0CRXH+MbLsl/oZ/OwcOoVRO0=,tag:uIzCSX0R/EObF/RdWxj64w==,type:str]
-hello: ENC[AES256_GCM,data:g/YDwjNQLs4pFRzFO3nwcbmeJd6tMLNNhhnSsAFyOQ8U8yjjUoCReDvrqpqBXIP1T9B80qyBVzxBY2bAYg==,iv:YdiJdG1ZjA95DGArtfaF1E8LomqW6oHCLmoSLQvwP+k=,tag:/ipWczAvhcjw5Jv7nvMF8A==,type:str]
-example_key: ENC[AES256_GCM,data:cLLYEiJbKg60ANK/h+kG,iv:1yrJt5JhbDP/9/Wb2l93fjwQF1hxERnxjPZ6qF4S/Bw=,tag:wbboaGylFJRSj4/TB+RCZg==,type:str]
-#ENC[AES256_GCM,data:c0Ay18GCW/gowNHmF67TMg==,iv:T+FN8xaVilVSETMQztl6lmpLqnGiyrXhJvWsO+dBdd0=,tag:1D6TkngB116dOeCAX85djg==,type:comment]
-example_array:
-    - ENC[AES256_GCM,data:yUJ7p5VfyQUANjbuz48=,iv:XTGb97tMV3mkPwNyKetSflLLlE31g9UgMPcelMPpNZ0=,tag:j5muB72Ogc/gtenvsWvpbQ==,type:str]
-    - ENC[AES256_GCM,data:8eQ2clCNBxPfdycPMOo=,iv:C9iT+wJH9ENJShNYo3IGceRwHyrlU6LUE7jpc+72KOw=,tag:YTbZqYJVMUoTRqD2ujTOvg==,type:str]
-example_number: ENC[AES256_GCM,data:LhABh/RtBsdKAg==,iv:JGYFnixDNZUIRKJcuaenvO8D60T+Jvx/R7SWxbIPXsM=,tag:+1b/aj3x1yfQZ2j4OM5dcg==,type:float]
-example_booleans:
-    - ENC[AES256_GCM,data:pGnelw==,iv:KAayJZ8px4Qupv0NfapSQ6valrVKndEtCb3U4MTmK/U=,tag:lkl+zBgkEMbFQjNssxYQjg==,type:bool]
-    - ENC[AES256_GCM,data:Vqqfp2w=,iv:SC1DS7G9/lHYtA6PPRbVsi/ZhyNUYvRjXxHIqCxqEPA=,tag:9hv6F1rP7xSd08KCKkuiLQ==,type:bool]
+api:
+    gmail_client_secret: ENC[AES256_GCM,data:du2gEY5TQIwpUEvJKDWKY3noLRGeiKek4IMwPUusVx8NMys=,iv:hIYi1xQYf6+hDhK0pNprBYu6wXwRH2yOTwQg6pzQa0A=,tag:sqmQ5GCkKbHpIy2R+Y5G/A==,type:str]
 sops:
     age:
         - recipient: age1f6drjusg866yscj8029tk4yfpgecklrvezldm02ankm6h8nnwu5s2u6ahy
@@ -30,7 +22,7 @@ sops:
             Mms2UEhFSU82UWR5Z1VvU25qenJUQm8KtQeZDIfJIczm1l8ql/WmVEf8KI9dg0vw
             9rNSjtBkEttVd21zUSOziG4513abllE8NFTkAc1z3HacuXpHTBnd5A==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2025-07-29T00:12:59Z"
-    mac: ENC[AES256_GCM,data:5dQiEDyfeIYJt/l1wWH8y5cQm7+PqnUDwezCmyP7nvXs0z1lupYOHV62L5hqeQb7AELi4TriOokra4XdhHfr/QnI9capnYV6qTQrfvBE0EKsUQlxTmE6EnnTQuOWQy1iL8XgM3toEIH2mW2QNwme9k3fF/gGA8bL9t0+OEYGasU=,iv:kVDSFTHQG95rDfkp8sWJnxRQ5Wd9BjfPEzmuMm+alY0=,tag:3KFmBgW6pEEBFkOa14brDw==,type:str]
+    lastmodified: "2025-08-03T17:03:22Z"
+    mac: ENC[AES256_GCM,data:c3rcMHTRxbnpQoW5eLn0X1aCL1v2ft05UTcHaCuGiCaF3b/loVjEQr30pepBgR07PSleTIi375Y0Rj8ik8Ot3j+Zl5BR32bEtqf6gcWwz6oSmeORDrJS15698d7/avJl82/EC0ZN77j+fcdkWZrCJHb47HGfRxKl9L5HbyWasA4=,iv:g3d3C571uYpTTFixYZg+ztg8jTdof1g6Hb5gtRvpRkk=,tag:8kAxrUwUVeWvpYjWMDE+AA==,type:str]
     unencrypted_suffix: _unencrypted
     version: 3.10.2