secrets #10
4 changed files with 26 additions and 1 deletions
9
nixos/.sops.yaml
Normal file
9
nixos/.sops.yaml
Normal file
|
@ -0,0 +1,9 @@
|
|||
keys:
|
||||
- &tdpeuter@Tibo-NixFat age1q2gqur3t4fu8flsuu2zdnule37vdkh6egpt6a2e3ytx433x8gpvsr4hw6l
|
||||
|
||||
creation_rules:
|
||||
- path_regex: secrets/[^/]+\.yaml$
|
||||
key_groups:
|
||||
- age:
|
||||
- *tdpeuter@Tibo-NixFat
|
||||
|
|
@ -19,6 +19,10 @@
|
|||
utils.follows = "flake-utils";
|
||||
};
|
||||
};
|
||||
sops-nix = {
|
||||
url = "github:Mic92/sops-nix";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
utils = {
|
||||
url = "github:gytis-ivaskevicius/flake-utils-plus";
|
||||
inputs.flake-utils.follows = "flake-utils";
|
||||
|
@ -27,7 +31,7 @@
|
|||
|
||||
outputs = inputs@{
|
||||
self, nixpkgs,
|
||||
devshell, flake-utils, home-manager, utils,
|
||||
devshell, flake-utils, home-manager, sops-nix, utils,
|
||||
... }:
|
||||
let
|
||||
system = "x86_64-linux";
|
||||
|
@ -43,6 +47,7 @@
|
|||
inherit system;
|
||||
modules = [
|
||||
home-manager.nixosModule
|
||||
sops-nix.nixosModules.sops
|
||||
./modules
|
||||
];
|
||||
};
|
||||
|
|
8
nixos/modules/utils/ssh/default.nix
Normal file
8
nixos/modules/utils/ssh/default.nix
Normal file
|
@ -0,0 +1,8 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
services.openssh = {
|
||||
enable = true;
|
||||
passwordAuthentication = false;
|
||||
};
|
||||
}
|
3
nixos/secrets/sops/age/keys.txt
Normal file
3
nixos/secrets/sops/age/keys.txt
Normal file
|
@ -0,0 +1,3 @@
|
|||
# created: 2023-04-11T14:44:53+02:00
|
||||
# public key: age1q2gqur3t4fu8flsuu2zdnule37vdkh6egpt6a2e3ytx433x8gpvsr4hw6l
|
||||
AGE-SECRET-KEY-10J7MWCWQQY33TVNMQ9AMH4TH5LULSVAZ539P9QG3NA2Z3LTMXAFS2QQ4NG
|
Loading…
Reference in a new issue