freya/dotfiles-nix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

use single secrets file

Browse source
This commit is contained in:
Murphy 2025-01-24 13:10:41 -05:00
parent d999d4d0e6
commit 6e6e95cd31
Signed by: freya
GPG key ID: 9FBC6FFD6D2DBF17
5 changed files with 3 additions and 30 deletions

3
.sops.yaml
View file

@ -10,7 +10,4 @@ creation_rules:
key_groups:
- pgp:
- *freya
- path_regex: hosts/shinji/secrets.yaml$
key_groups:
- pgp:
- *shinji

2
flake.nix
View file

@ -26,7 +26,7 @@
options = import ./options.nix;
in rec {
nixosConfigurations = {
shinji = import ./hosts/shinji { inherit inputs options; };
shinji = import ./hosts/shinji.nix { inherit inputs options; };
};
homeConfigurations = {

2
hosts/shinji/default.nix → hosts/shinji.nix
View file

@ -12,7 +12,7 @@ inputs.nixpkgs.lib.nixosSystem rec {
specialArgs = { inherit inputs; };
modules = [
options
../../nix
../nix
{
# options
hostName = "shinji";

23
hosts/shinji/secrets.yaml
View file

@ -1,23 +0,0 @@
freyanetWg: ENC[AES256_GCM,data:TlaDyx3E6Gez8HHiihFGIGfVedLx9xXSzBNEPmZYC3rqWEHHTfsMh6xL5l8=,iv:qdygQeUQkpVCWOYJ9BLsBtN/F0sYU4fTKz+/Az1QyOg=,tag:88yeDqXtcHshVRiinn2Bsg==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age: []
lastmodified: "2025-01-24T17:54:22Z"
mac: ENC[AES256_GCM,data:IfPObEnZ46RUXjHwK4ibIlfwveqYaOHPtKgIhLjBuuElPHfvhSqgeN4KEwTDPnk38F39qRiyDA3TlEZjIvC856t+a5FG7UkdQRkOkotcqMPwtmEHz5YXw0gqMny7y4+iFMvog0NQL94ptodD0kD/OoJKt/2tGmm9Jv3yBO/qqwo=,iv:BGBONzCHiWLhS0AX9Xa3Rt8dZTzDEGWS0jr72GAx4bc=,tag:SIJyE/xWuxf2U2x2+1cX4w==,type:str]
pgp:
- created_at: "2025-01-24T17:54:22Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hF4D/YCJcy0T0DkSAQdAxr7yRTBbTqekdXYr4apLlMvUa00t07itX1tUfrQcQjsw
spxEodkxhj5ZiD/ohAQRBzhwMN+xhqo69b+yfRPYke1IXc8CqeQAJHGXZKxhlOPO
0l4B7AD9YlNgegBsUhFm/7ll5t1oTy3xXzgVKpWhpqAnyMqzyKx7gZcZagjaRaDn
aMITJxTBRU8cmuZazUvu5O2lUKqFCj9Au/wP42eUWQphzsxKkGeYsnqr1z417N83
=qn+4
-----END PGP MESSAGE-----
fp: 2A8A27879715447AEEC59D0C18DCCBE353963394
unencrypted_suffix: _unencrypted
version: 3.9.3

3
nix/programs/sops/default.nix
View file

@ -17,8 +17,7 @@ in
];
sops = {
defaultSopsFile = config.dotfilesPath + "/hosts/${config.hostName}/secrets.yaml";
validateSopsFiles = false;
defaultSopsFile = ../../../secrets.yaml;
gnupg.home = config.homePath + "/.gnupg";
gnupg.sshKeyPaths = [];