diff options
| author | Freya Murphy <freya@freyacat.org> | 2025-01-24 13:10:41 -0500 |
|---|---|---|
| committer | Freya Murphy <freya@freyacat.org> | 2025-01-24 13:10:41 -0500 |
| commit | 6e6e95cd314816a3dbf789a91b3ace2fb7b060c4 (patch) | |
| tree | 053e4d035387b232dc02dc599347dbc1b60f51f6 | |
| parent | use sops-nix for secrets (diff) | |
| download | dotfiles-nix-6e6e95cd314816a3dbf789a91b3ace2fb7b060c4.tar.gz dotfiles-nix-6e6e95cd314816a3dbf789a91b3ace2fb7b060c4.tar.bz2 dotfiles-nix-6e6e95cd314816a3dbf789a91b3ace2fb7b060c4.zip | |
use single secrets file
| -rw-r--r-- | .sops.yaml | 3 | ||||
| -rw-r--r-- | flake.nix | 2 | ||||
| -rw-r--r-- | hosts/shinji.nix (renamed from hosts/shinji/default.nix) | 2 | ||||
| -rw-r--r-- | hosts/shinji/secrets.yaml | 23 | ||||
| -rw-r--r-- | nix/programs/sops/default.nix | 3 |
5 files changed, 3 insertions, 30 deletions
@@ -10,7 +10,4 @@ creation_rules: key_groups: - pgp: - *freya - - path_regex: hosts/shinji/secrets.yaml$ - key_groups: - - pgp: - *shinji @@ -26,7 +26,7 @@ options = import ./options.nix; in rec { nixosConfigurations = { - shinji = import ./hosts/shinji { inherit inputs options; }; + shinji = import ./hosts/shinji.nix { inherit inputs options; }; }; homeConfigurations = { diff --git a/hosts/shinji/default.nix b/hosts/shinji.nix index d1a02a8..ae06141 100644 --- a/hosts/shinji/default.nix +++ b/hosts/shinji.nix @@ -12,7 +12,7 @@ inputs.nixpkgs.lib.nixosSystem rec { specialArgs = { inherit inputs; }; modules = [ options - ../../nix + ../nix { # options hostName = "shinji"; diff --git a/hosts/shinji/secrets.yaml b/hosts/shinji/secrets.yaml deleted file mode 100644 index 5bb89cf..0000000 --- a/hosts/shinji/secrets.yaml +++ /dev/null @@ -1,23 +0,0 @@ -freyanetWg: ENC[AES256_GCM,data:TlaDyx3E6Gez8HHiihFGIGfVedLx9xXSzBNEPmZYC3rqWEHHTfsMh6xL5l8=,iv:qdygQeUQkpVCWOYJ9BLsBtN/F0sYU4fTKz+/Az1QyOg=,tag:88yeDqXtcHshVRiinn2Bsg==,type:str] -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: [] - lastmodified: "2025-01-24T17:54:22Z" - mac: ENC[AES256_GCM,data:IfPObEnZ46RUXjHwK4ibIlfwveqYaOHPtKgIhLjBuuElPHfvhSqgeN4KEwTDPnk38F39qRiyDA3TlEZjIvC856t+a5FG7UkdQRkOkotcqMPwtmEHz5YXw0gqMny7y4+iFMvog0NQL94ptodD0kD/OoJKt/2tGmm9Jv3yBO/qqwo=,iv:BGBONzCHiWLhS0AX9Xa3Rt8dZTzDEGWS0jr72GAx4bc=,tag:SIJyE/xWuxf2U2x2+1cX4w==,type:str] - pgp: - - created_at: "2025-01-24T17:54:22Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4D/YCJcy0T0DkSAQdAxr7yRTBbTqekdXYr4apLlMvUa00t07itX1tUfrQcQjsw - spxEodkxhj5ZiD/ohAQRBzhwMN+xhqo69b+yfRPYke1IXc8CqeQAJHGXZKxhlOPO - 0l4B7AD9YlNgegBsUhFm/7ll5t1oTy3xXzgVKpWhpqAnyMqzyKx7gZcZagjaRaDn - aMITJxTBRU8cmuZazUvu5O2lUKqFCj9Au/wP42eUWQphzsxKkGeYsnqr1z417N83 - =qn+4 - -----END PGP MESSAGE----- - fp: 2A8A27879715447AEEC59D0C18DCCBE353963394 - unencrypted_suffix: _unencrypted - version: 3.9.3 diff --git a/nix/programs/sops/default.nix b/nix/programs/sops/default.nix index 2447935..c8dec69 100644 --- a/nix/programs/sops/default.nix +++ b/nix/programs/sops/default.nix @@ -17,8 +17,7 @@ in ]; sops = { - defaultSopsFile = config.dotfilesPath + "/hosts/${config.hostName}/secrets.yaml"; - validateSopsFiles = false; + defaultSopsFile = ../../../secrets.yaml; gnupg.home = config.homePath + "/.gnupg"; gnupg.sshKeyPaths = []; |