[m]Flake sops & format

2023-11-24 19:08:21 +01:00 · 2023-11-24 19:08:21 +01:00 · 996c82d99f
commit 996c82d99f
parent b44e6d9e5b
4 changed files with 19 additions and 19 deletions
--- a/.sops.yaml
+++ b/.sops.yaml
@ -10,32 +10,32 @@ keys:
    - &asgard age1sxzuhh2fcd4pmaz4mdqq95t683d32ft22w9t2r7pk258u0s8wymsqdj7lg

 creation_rules:
-  - path_regex: secrets/iriy.ya?ml$
+  - path_regex: modules/nixos/system/security/sops/iriy.ya?ml$
    key_groups:
    - age:
      - *iriy
      pgp:
      - *sora
-  - path_regex: secrets/avalon.ya?ml$
+  - path_regex: modules/nixos/system/security/sops/avalon.ya?ml$
    key_groups:
    - age:
      - *avalon
      pgp:
      - *sora
-  - path_regex: secrets/valinor.ya?ml$
+  - path_regex: modules/nixos/system/security/sops/valinor.ya?ml$
    key_groups:
    - age:
      - *valinor
      pgp:
      - *sora
-  - path_regex: secrets/asgard.ya?ml$
+  - path_regex: modules/nixos/system/security/sops/asgard.ya?ml$
    key_groups:
    - age:
      - *asgard
      pgp:
      - *sora

-  - path_regex: secrets/common.ya?ml$
+  - path_regex: modules/nixos/system/security/sops/common.yaml$
    key_groups:
    - age:
      - *valinor
--- a/flake.nix
+++ b/flake.nix
@ -33,7 +33,6 @@

    let gen = import ./generator.nix { inherit inputs; };
    in {
-
      devShells = import ./shells { inherit inputs; };

      nixosConfigurations = {
--- a/modules/nixos/system/security/sops/default.nix
+++ b/modules/nixos/system/security/sops/default.nix
@ -1,6 +1,8 @@
-{ config, pkgs, ... }: {
+{ config, pkgs, ... }:
+let keyFilePath = "/var/lib/sops-nix/age-key.txt";
+in {
  sops.defaultSopsFile = ./common.yaml;
-  sops.age.keyFile = "/var/lib/sops-nix/age-key.txt";
+  sops.age.keyFile = keyFilePath;
  sops.age.generateKey = true;

  sops.secrets.wifi = { };
@ -19,5 +21,6 @@
  sops.secrets."${config.hostcfg.hostname}_wg_pub" = { };

  environment.systemPackages = with pkgs; [ sops ];
+  environment.sessionVariables.OPS_AGE_KEY_FILE = keyFilePath;

 }
--- a/shells/default.nix
+++ b/shells/default.nix
@ -2,8 +2,7 @@
 let
  forEachSystem =
    inputs.nixpkgs.lib.genAttrs [ "aarch64-linux" "x86_64-linux" ];
-in 
-    forEachSystem (system:
+in forEachSystem (system:
  let
    overlays = import ./pkgs/overlay.nix { inherit pkgs; };
    overrides = { custom = import ./pkgs { inherit pkgs; }; };
@ -11,5 +10,4 @@ in
  in {
    default = import ./shells/devsh { inherit pkgs; };
    devsh = import ./shells/devsh { inherit pkgs; };
-        }
-    )
+  })