diff options
| -rw-r--r-- | .sops.yaml | 4 | ||||
| -rw-r--r-- | flake.nix | 6 | ||||
| -rw-r--r-- | hosts/kaworu/default.nix (renamed from hosts/kaworu.nix) | 8 | ||||
| -rw-r--r-- | hosts/shinji/default.nix (renamed from hosts/shinji.nix) | 14 | ||||
| -rw-r--r-- | hosts/shinji/secrets.yaml | 30 | ||||
| -rw-r--r-- | hosts/shinji/sops.nix (renamed from programs/sops/default.nix) | 2 | ||||
| -rw-r--r-- | hosts/shinji/wireguard.nix (renamed from programs/wireguard/default.nix) | 0 | ||||
| -rw-r--r-- | hosts/thinkpad/default.nix (renamed from hosts/thinkpad.nix) | 8 | ||||
| -rw-r--r-- | programs/default.nix | 2 | ||||
| -rw-r--r-- | secrets.yaml | 52 |
10 files changed, 53 insertions, 73 deletions
@@ -8,10 +8,8 @@ keys: - &kaworu FDD5D980CA2FEFF1AA8433B10F7CD7B91AB7CF01 - &thinkpad ED1C2FCA9DF4A843D740222A2320AAE969A6A53D creation_rules: - - path_regex: ^secrets.yaml$ + - path_regex: ^hosts/shinji/secrets.yaml$ key_groups: - pgp: - *freya - *shinji - - *kaworu - - *thinkpad @@ -45,9 +45,9 @@ systems); in rec { nixosConfigurations = { - shinji = import ./hosts/shinji.nix {inherit inputs options;}; - kaworu = import ./hosts/kaworu.nix {inherit inputs options;}; - thinkpad = import ./hosts/thinkpad.nix {inherit inputs options;}; + shinji = import ./hosts/shinji {inherit inputs options;}; + kaworu = import ./hosts/kaworu {inherit inputs options;}; + thinkpad = import ./hosts/thinkpad {inherit inputs options;}; }; homeConfigurations = { diff --git a/hosts/kaworu.nix b/hosts/kaworu/default.nix index b481be0..cab2e3d 100644 --- a/hosts/kaworu.nix +++ b/hosts/kaworu/default.nix @@ -10,10 +10,10 @@ inputs.nixpkgs.lib.nixosSystem rec { specialArgs = {inherit inputs;}; modules = [ options - ../config - ../home - ../programs - ../system + ../../config + ../../home + ../../programs + ../../system { # options hostName = "kaworu"; diff --git a/hosts/shinji.nix b/hosts/shinji/default.nix index 44116a7..df49157 100644 --- a/hosts/shinji.nix +++ b/hosts/shinji/default.nix @@ -10,11 +10,17 @@ inputs.nixpkgs.lib.nixosSystem rec { specialArgs = {inherit inputs;}; modules = [ options - ../config - ../home - ../programs - ../system + ../../config + ../../home + ../../programs + ../../system { + # imports + imports = [ + ./sops.nix + ./wireguard.nix + ]; + # options hostName = "shinji"; monitors = [ diff --git a/hosts/shinji/secrets.yaml b/hosts/shinji/secrets.yaml new file mode 100644 index 0000000..44667df --- /dev/null +++ b/hosts/shinji/secrets.yaml @@ -0,0 +1,30 @@ +freyanetWg: ENC[AES256_GCM,data:mUI3eIwFzanJz9iJCbIBDg3FMKdDMcOQ6u96mk5/zZd8MG5kuOG39wu8xZQ=,iv:Sd6EjuQiNhD0QupGpbRPJF7aIBCJJ3/LNNmUYlBMRNI=,tag:KFKoL0JbSfEQidaEzi049Q==,type:str] +tinternetWg: ENC[AES256_GCM,data:5ajGIfQp06v4g3AbJFCzXrbxXw7cnoMWwwV8Ti03IDVUxSHlfDiGvB+F2XE=,iv:JOTd7Mc+gnckPAH9ev83y+ZGWwMsZJSQ34VHosNv0p4=,tag:5oAlaF7EgExiNPrZc+KMvw==,type:str] +sops: + lastmodified: "2025-04-11T19:33:22Z" + mac: ENC[AES256_GCM,data:eD9BZlEgriyrmFqtb/EBmfQieI3/fh5vat1yPc3cQsBvs+lRlsYKBL367TiJ/giXso5KLqoIXAjeJwW/ogimMLACljgw9b3BbUcyhjvcUCXJS3BLe60oTDxLxY+PDyIM5BfrAVSK+1u8ruiOnIIaxfjc+cRsrQ8m5OZB+IoGAL8=,iv:k0tRFqW/syl+fcbzgaI7R6Pcen9+A2aWRCnAe9ydE+k=,tag:JpTyhYKMjP4a7BfdkGe1Hw==,type:str] + pgp: + - created_at: "2025-06-22T02:32:57Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hF4D0Q846mnV8HYSAQdAiydHrfiuvIlOIMBqpPWX/05MP5d5gIQjXIyc8tzdsycw + ZzzKJKsNh4XZd726Toks0CVF5NZLYLtMyAs8S2huf3gz6cgt3k8MI2qPmaEJMDBQ + 0lwBjTp5//gCK0YbO76IxvteL+TgiklwJN03ryMl9Mj8JVVMmiBh25PGuxblbi52 + pEJMVlxJVUxrHQY+XREZKhNp73JLRovZHFDMpSR5TAZxD6ZmtChElk5ofKVFiw== + =suGj + -----END PGP MESSAGE----- + fp: D9AF0A4209B7C2DE11A884BFACBC553660D9993D + - created_at: "2025-06-22T02:32:57Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hF4D/YCJcy0T0DkSAQdA3Vc35wBJSjwWaNbYa2s4wKGsXOnz6ucSk62vnXGxYTUw + Y8uSyG6Jf040oEgAixd46s1H30CmT0+Hi6zF7jGweo1yGzEFZ53v+VVusCv2JbI7 + 0lwB7LnU2M6SAkvhr/SJTEVz9Uu/cx6xJnFeGXWXwY6mPN+InOee7UJW3Ffv2n/t + 7PoojznXONSma2Xc8u3Ywk83jMrKqnNLMEATqnCg/1FZHe8Asr6Lan6KD0U81g== + =azav + -----END PGP MESSAGE----- + fp: 2A8A27879715447AEEC59D0C18DCCBE353963394 + unencrypted_suffix: _unencrypted + version: 3.10.1 diff --git a/programs/sops/default.nix b/hosts/shinji/sops.nix index e5b3e6f..fa3272c 100644 --- a/programs/sops/default.nix +++ b/hosts/shinji/sops.nix @@ -17,7 +17,7 @@ in { ]; sops = { - defaultSopsFile = ../../secrets.yaml; + defaultSopsFile = ./secrets.yaml; gnupg.home = config.homePath + "/.gnupg"; gnupg.sshKeyPaths = []; diff --git a/programs/wireguard/default.nix b/hosts/shinji/wireguard.nix index 13669b3..13669b3 100644 --- a/programs/wireguard/default.nix +++ b/hosts/shinji/wireguard.nix diff --git a/hosts/thinkpad.nix b/hosts/thinkpad/default.nix index bb7a75a..082e13f 100644 --- a/hosts/thinkpad.nix +++ b/hosts/thinkpad/default.nix @@ -10,10 +10,10 @@ inputs.nixpkgs.lib.nixosSystem rec { specialArgs = {inherit inputs;}; modules = [ options - ../config - ../home - ../programs - ../system + ../../config + ../../home + ../../programs + ../../system { # options hostName = "thinkpad"; diff --git a/programs/default.nix b/programs/default.nix index 1196899..692113e 100644 --- a/programs/default.nix +++ b/programs/default.nix @@ -8,7 +8,6 @@ ./kitty ./mako ./neovim - ./sops ./ssh ./starship ./steam @@ -16,7 +15,6 @@ ./tmux ./unofficial-homestuck-collection ./waybar - ./wireguard ./wofi ./zsh ]; diff --git a/secrets.yaml b/secrets.yaml deleted file mode 100644 index 34f4e49..0000000 --- a/secrets.yaml +++ /dev/null @@ -1,52 +0,0 @@ -freyanetWg: ENC[AES256_GCM,data:mUI3eIwFzanJz9iJCbIBDg3FMKdDMcOQ6u96mk5/zZd8MG5kuOG39wu8xZQ=,iv:Sd6EjuQiNhD0QupGpbRPJF7aIBCJJ3/LNNmUYlBMRNI=,tag:KFKoL0JbSfEQidaEzi049Q==,type:str] -tinternetWg: ENC[AES256_GCM,data:5ajGIfQp06v4g3AbJFCzXrbxXw7cnoMWwwV8Ti03IDVUxSHlfDiGvB+F2XE=,iv:JOTd7Mc+gnckPAH9ev83y+ZGWwMsZJSQ34VHosNv0p4=,tag:5oAlaF7EgExiNPrZc+KMvw==,type:str] -sops: - lastmodified: "2025-04-11T19:33:22Z" - mac: ENC[AES256_GCM,data:eD9BZlEgriyrmFqtb/EBmfQieI3/fh5vat1yPc3cQsBvs+lRlsYKBL367TiJ/giXso5KLqoIXAjeJwW/ogimMLACljgw9b3BbUcyhjvcUCXJS3BLe60oTDxLxY+PDyIM5BfrAVSK+1u8ruiOnIIaxfjc+cRsrQ8m5OZB+IoGAL8=,iv:k0tRFqW/syl+fcbzgaI7R6Pcen9+A2aWRCnAe9ydE+k=,tag:JpTyhYKMjP4a7BfdkGe1Hw==,type:str] - pgp: - - created_at: "2025-06-22T02:12:53Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4D0Q846mnV8HYSAQdAzKIka/6+CAsrNvU0weCOPG38jlA0YnDQ2gDEaaDhf0Aw - BtWDMgMJlTxzo9tUGpuXwuEYfDAZpuWuFIjFbtp768DYNPaN9Wmmm+jSx1qCGZ6x - 0lwBIeZjweoMkleQnE4UtHdhIZAUXoCfjQGCcx3Dwx/H11CNcyCwSt95TC1EL7eY - p884gDA34cDUh7uUJPck1WygVQ0jzA4i1Ch9n6/Q5C26Ued0wh8729vyTk7hXQ== - =Qguq - -----END PGP MESSAGE----- - fp: D9AF0A4209B7C2DE11A884BFACBC553660D9993D - - created_at: "2025-06-22T02:12:53Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4D/YCJcy0T0DkSAQdArCNML8aKs0757sEa3YSSLwSTo+fFbCVjJUxWV8gquF0w - SO4W8U/s7/en90lOXL2k+5pPGvG5xiN6lijV/rc3+5QPIJLiY9fm4FeNgBeX2DKY - 0lwBkaFNwjeC2uUlBMi5m+3AkF+pWpac8CpTZLMavZ8hSd3JwDzogw1+aVLm7lbe - ekL+uqFb/y6Bo0ebhA4p7tk74mP6GtKhACGqR1fGpAiGuDmVcyUjpBDnpx2tvw== - =YUdf - -----END PGP MESSAGE----- - fp: 2A8A27879715447AEEC59D0C18DCCBE353963394 - - created_at: "2025-06-22T02:12:53Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4D44lFd4jLszcSAQdAK6lS4tHEuGkJckClsPvDkMbU6kyiNAGQR3cWenwvrkAw - FiBTZtT6UboTCceTDBfSk/huWLVuscKqYnKwPtdlsK4NkWTAKxfvjF06y9OyW7I4 - 0lwBU9fxLeKv+8JLo7bGYRr4i/vkknuDKN8BtsntpZkTpjrJWCQd4+GMUaWLrgwt - 8c8GCA809l8GTibAsrvz5amyMTQJhMjy0SlDB63EJ66zhnC7NAn/pMV51SImwA== - =tvsS - -----END PGP MESSAGE----- - fp: FDD5D980CA2FEFF1AA8433B10F7CD7B91AB7CF01 - - created_at: "2025-06-22T02:12:53Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DNAX7itQ/dpkSAQdAlC4c4IRLY1UbXE8Av+qJrTwx/GOFe4HEh/vyHJF+kUMw - P5b9sovQhj33NkYIVf2w8Iq7/fH63aGG/DGPiJ96TiFqZ/QZmfcYOxefL2+Xz3N6 - 0lwBGulU7wahnvZJa6Rxl++ac8GYXxsTyMZsM5XMOOzeynkUPiGFnDltaUBQK38X - Yk5r0XVw6R6wYEmS6IxgZFLgV/hVdc3Tonbiwt8zRZyaoUPBugmt02iR4LrQlA== - =5aoB - -----END PGP MESSAGE----- - fp: ED1C2FCA9DF4A843D740222A2320AAE969A6A53D - unencrypted_suffix: _unencrypted - version: 3.10.1 |