[m]Flake sops & format
This commit is contained in:
		
							
								
								
									
										10
									
								
								.sops.yaml
									
									
									
									
									
								
							
							
						
						
									
										10
									
								
								.sops.yaml
									
									
									
									
									
								
							| @@ -10,32 +10,32 @@ keys: | ||||
|     - &asgard age1sxzuhh2fcd4pmaz4mdqq95t683d32ft22w9t2r7pk258u0s8wymsqdj7lg | ||||
|  | ||||
| creation_rules: | ||||
|   - path_regex: secrets/iriy.ya?ml$ | ||||
|   - path_regex: modules/nixos/system/security/sops/iriy.ya?ml$ | ||||
|     key_groups: | ||||
|     - age: | ||||
|       - *iriy | ||||
|       pgp: | ||||
|       - *sora | ||||
|   - path_regex: secrets/avalon.ya?ml$ | ||||
|   - path_regex: modules/nixos/system/security/sops/avalon.ya?ml$ | ||||
|     key_groups: | ||||
|     - age: | ||||
|       - *avalon | ||||
|       pgp: | ||||
|       - *sora | ||||
|   - path_regex: secrets/valinor.ya?ml$ | ||||
|   - path_regex: modules/nixos/system/security/sops/valinor.ya?ml$ | ||||
|     key_groups: | ||||
|     - age: | ||||
|       - *valinor | ||||
|       pgp: | ||||
|       - *sora | ||||
|   - path_regex: secrets/asgard.ya?ml$ | ||||
|   - path_regex: modules/nixos/system/security/sops/asgard.ya?ml$ | ||||
|     key_groups: | ||||
|     - age: | ||||
|       - *asgard | ||||
|       pgp: | ||||
|       - *sora | ||||
|  | ||||
|   - path_regex: secrets/common.ya?ml$ | ||||
|   - path_regex: modules/nixos/system/security/sops/common.yaml$ | ||||
|     key_groups: | ||||
|     - age: | ||||
|       - *valinor | ||||
|   | ||||
| @@ -33,7 +33,6 @@ | ||||
|  | ||||
|     let gen = import ./generator.nix { inherit inputs; }; | ||||
|     in { | ||||
|  | ||||
|       devShells = import ./shells { inherit inputs; }; | ||||
|  | ||||
|       nixosConfigurations = { | ||||
|   | ||||
| @@ -1,6 +1,8 @@ | ||||
| { config, pkgs, ... }: { | ||||
| { config, pkgs, ... }: | ||||
| let keyFilePath = "/var/lib/sops-nix/age-key.txt"; | ||||
| in { | ||||
|   sops.defaultSopsFile = ./common.yaml; | ||||
|   sops.age.keyFile = "/var/lib/sops-nix/age-key.txt"; | ||||
|   sops.age.keyFile = keyFilePath; | ||||
|   sops.age.generateKey = true; | ||||
|  | ||||
|   sops.secrets.wifi = { }; | ||||
| @@ -19,5 +21,6 @@ | ||||
|   sops.secrets."${config.hostcfg.hostname}_wg_pub" = { }; | ||||
|  | ||||
|   environment.systemPackages = with pkgs; [ sops ]; | ||||
|   environment.sessionVariables.OPS_AGE_KEY_FILE = keyFilePath; | ||||
|  | ||||
| } | ||||
|   | ||||
| @@ -2,14 +2,12 @@ | ||||
| let | ||||
|   forEachSystem = | ||||
|     inputs.nixpkgs.lib.genAttrs [ "aarch64-linux" "x86_64-linux" ]; | ||||
| in  | ||||
|     forEachSystem (system: | ||||
|         let | ||||
|             overlays = import ./pkgs/overlay.nix { inherit pkgs; }; | ||||
|             overrides = { custom = import ./pkgs { inherit pkgs; }; }; | ||||
|             pkgs = import inputs.nixpkgs { inherit system overlays; } // overrides; | ||||
|         in {  | ||||
|             default = import ./shells/devsh { inherit pkgs; };  | ||||
|             devsh = import ./shells/devsh { inherit pkgs; };  | ||||
|         } | ||||
|     ) | ||||
| in forEachSystem (system: | ||||
|   let | ||||
|     overlays = import ./pkgs/overlay.nix { inherit pkgs; }; | ||||
|     overrides = { custom = import ./pkgs { inherit pkgs; }; }; | ||||
|     pkgs = import inputs.nixpkgs { inherit system overlays; } // overrides; | ||||
|   in { | ||||
|     default = import ./shells/devsh { inherit pkgs; }; | ||||
|     devsh = import ./shells/devsh { inherit pkgs; }; | ||||
|   }) | ||||
|   | ||||
		Reference in New Issue
	
	Block a user