pinwheel: Add go private environment variable for work

hosts/pinwheel/modules/work/default.nix

@@ -1,6 +1,7 @@
-{ lib, config, ... }:
+{ pkgs, lib, config, ... }:
 let
   gitEnabled = config.mod.git.enable;
+  goEnabled = config.mod.go.enable;
   openvpnEnabled = config.mod.openvpn.enable;
 in
 {
@@ -10,6 +11,10 @@ in
       GITHUB_TOKEN="$(${pkgs.coreutils}/bin/cat ${config.age.secrets.work-github-token.path})";
     };
 
+    programs.go = lib.mkIf goEnabled {
+      goPrivate = [ "$(${pkgs.coreutils}/bin/cat ${config.age.secrets.work-go-private.path})" ];
+    };
+
     programs.git = lib.mkIf gitEnabled {
       includes = [
         {
@@ -51,6 +56,13 @@ in
       group = "users";
     };
 
+    "work-go-private" = lib.mkIf goEnabled {
+      file = ../../../../secrets/pinwheel/work-go-private.age;
+      path = "/home/alex/code/work/.work-go-private";
+      owner = "alex";
+      group = "users";
+    };
+
     "work-staging-ovpn" = lib.mkIf openvpnEnabled {
       file = ../../../../secrets/pinwheel/work-staging-ovpn.age;
     };

secrets/pinwheel/work-go-private.age

@@ -0,0 +1,8 @@
+age-encryption.org/v1
+-> ssh-ed25519 vxPbZg 8QovjrbJr0uZHNSgQXyf1qQamlUYTgjLIShj+ut9ZSo
+5uLXL9SbVx7iBCtkDIx3PZ62BFprY/iLrUrzL9nZpJM
+-> ssh-ed25519 ek+b7Q 0bOd4IKJ4b9HoEJ3pJSbfyoz4vXCqocbkNGdw8xS4Fg
+cAKDDmYEo1PpkpqRJBACxFxm0qiMDBV4UXqFDWrCcmY
+--- Sh0Krr1Tn6t7izUn1TRG1maiRjCQtPridpYNhcfslMM
+{2_٭U,<2C><13>H<EFBFBD><48><EFBFBD>
+)<29>Oߩ<4F><DFA9>Upi<70><69>S<EFBFBD>6ܫ`

secrets/secrets.nix

@@ -17,6 +17,7 @@ in {
 
   "pinwheel/work-gitconfig.age".publicKeys = [ pinwheel alex ];
   "pinwheel/work-github-token.age".publicKeys = [ pinwheel alex ];
+  "pinwheel/work-go-private.age".publicKeys = [ pinwheel alex ];
   "pinwheel/work-staging-ovpn.age".publicKeys = [ pinwheel alex ];
   "pinwheel/work-production-ovpn.age".publicKeys = [ pinwheel alex ];