sora/nixconfig
1
0
Fork 0
Code Issues 2 Pull Requests Actions Releases Activity

Fix sops

Browse Source
This commit is contained in:
soraefir
2026-05-01 18:42:47 +02:00
parent b31f6cd331
commit d55fd5fc0e
1 changed files with 21 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
modules/shared/sops/default.nix
View File

@@ -14,21 +14,26 @@ in {
sops.age.keyFile = keyFilePath; sops.age.keyFile = keyFilePath;
sops.age.generateKey = true; sops.age.generateKey = true;
sops.secrets.wifi = { }; sops.secrets = mkMerge [
{
wifi = { };
sops.secrets."${config.syscfg.hostname}_ssh_priv" = { "${config.syscfg.hostname}_ssh_priv" = {
mode = "0400"; mode = "0400";
owner = config.users.users.${config.syscfg.defaultUser}.name; owner = config.users.users.${config.syscfg.defaultUser}.name;
group = config.users.users.${config.syscfg.defaultUser}.group; group = config.users.users.${config.syscfg.defaultUser}.group;
}; };
sops.secrets."${config.syscfg.hostname}_ssh_pub" = { "${config.syscfg.hostname}_ssh_pub" = {
mode = "0444"; mode = "0444";
owner = config.users.users.${config.syscfg.defaultUser}.name; owner = config.users.users.${config.syscfg.defaultUser}.name;
group = config.users.users.${config.syscfg.defaultUser}.group; group = config.users.users.${config.syscfg.defaultUser}.group;
}; };
sops.secrets."${config.syscfg.hostname}_wg_priv" = { }; "${config.syscfg.hostname}_wg_priv" = { };
sops.secrets."${config.syscfg.hostname}_wg_pub" = { }; "${config.syscfg.hostname}_wg_pub" = { };
sops.secrets = lib.genAttrs }
(map (peerName: "${peerName}_wg_pub") config.syscfg.net.wg.server.peers) (lib.genAttrs
(_: { }); (map (peer: "${peer}_wg_pub") config.syscfg.net.wg.server.peers)
(_: { mode = "0400"; })
)
];
} }