From a07ad591ff6ca79f241749d280c064364a3eeb71 Mon Sep 17 00:00:00 2001 From: gwg313 Date: Fri, 5 Jan 2024 21:58:31 -0500 Subject: [PATCH] feat: add sops to candlekeep --- common/nixos/packages.nix | 1 + flake.nix | 1 - hosts/candlekeep/configuration.nix | 7 ++++++- 3 files changed, 7 insertions(+), 2 deletions(-) diff --git a/common/nixos/packages.nix b/common/nixos/packages.nix index a5d8593..e650a11 100644 --- a/common/nixos/packages.nix +++ b/common/nixos/packages.nix @@ -17,6 +17,7 @@ # $ nix search wget environment.systemPackages = with pkgs; [ alejandra + sops just vim wget diff --git a/flake.nix b/flake.nix index 97e956a..972350c 100644 --- a/flake.nix +++ b/flake.nix @@ -84,7 +84,6 @@ modules = [ # > Our main nixos configuration file < ./hosts/candlekeep/configuration.nix - inputs.sops-nix.nixosModules.sops ]; }; }; diff --git a/hosts/candlekeep/configuration.nix b/hosts/candlekeep/configuration.nix index 5983b25..acef8b8 100644 --- a/hosts/candlekeep/configuration.nix +++ b/hosts/candlekeep/configuration.nix @@ -35,6 +35,7 @@ # inputs.hardware.nixosModules.common-ssd inputs.nix-index-database.nixosModules.nix-index inputs.stylix.nixosModules.stylix + inputs.sops-nix.nixosModules.sops # You can also split up your configuration and import pieces of it here: # ./users.nix @@ -50,6 +51,10 @@ sops.defaultSopsFile = ../../secrets/secrets.yaml; sops.defaultSopsFormat = "yaml"; + sops.age.keyFile = "/home/${user}/.config/sops/age/keys.txt"; + sops.secrets.restic_key = { + owner = config.users.users.${user}.name; + }; nixpkgs = { # You can add overlays here @@ -99,7 +104,7 @@ initialPassword = "correcthorsebatterystaple"; isNormalUser = true; openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ/cWqqTUuLswymQVh9rKdUWgMNNtZE6PwXMNUgD8/Zx gwg313" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILq54YrM3BbhBs0oDLOrc1bkg6FCCmkV4E3pWLZp0ejN gwg313@pm.m" ]; extraGroups = ["wheel"]; };