wip2 sops

thanks @williamvds
2023-04-05 23:19:56 +03:00 · 2023-04-05 23:19:56 +03:00 · 8c2d7dbe7b
parent eddb3395ed
commit 8c2d7dbe7b
4 changed files with 5 additions and 19 deletions
--- a/configuration.nix
+++ b/configuration.nix
@ -69,7 +69,6 @@ in {
  imports = [
    ./hardware-configuration.nix
    ./zfs.nix
-    #<sops-nix/modules/sops>
    sops-nix.nixosModules.sops
  ];

@ -105,7 +104,6 @@ in {
    };
  };

-
  time.timeZone = "UTC";

  users = {
--- a/data.nix
+++ b/data.nix
@ -1,3 +1,3 @@
 {
-  pubkeys = { }; # TODO
+  pubkeys = {}; # TODO
 }
--- a/flake.nix
+++ b/flake.nix
@ -11,7 +11,6 @@
    deploy-rs.url = "github:serokell/deploy-rs";
    deploy-rs.inputs.nixpkgs.follows = "nixpkgs";
    deploy-rs.inputs.utils.follows = "flake-utils";
-
  };

  nixConfig = {
@ -26,7 +25,7 @@
    sops-nix,
    deploy-rs,
    flake-utils,
-  }: let
+  } @ inputs: let
    myData = import ./data.nix;
  in
    {
@ -36,9 +35,9 @@
          ./configuration.nix
          ./hardware-configuration.nix
          ./zfs.nix
-
-          sops-nix.nixosModules.sops
        ];
+
+        specialArgs = inputs;
      };

      deploy.nodes.hel1-a = {
@ -63,7 +62,7 @@
          packages = [
            pkgs.age
            pkgs.ssh-to-age
-	    pkgs.sops
+            pkgs.sops
            deploy-rs.packages.${system}.deploy-rs
          ];
        };
--- a/secrets.nix
+++ b/secrets.nix
@ -1,11 +0,0 @@
-let
-  motiejus = "age1yubikey1qtwmhf7h7ljs3dyx06wyzme4st6w4calkdpmsxgpxc9t2cldezvasd6n8wg";
-  users = [ motiejus ];
-
-  hel1-a = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF6Wd2lKrpP2Gqul10obMo2dc1xKaaLv0I4FAnfIaFKu";
-  systems = [ hel1-a ];
-in
-{
-  "secrets/hel1-a/zfs-passphrase.age".publicKeys = [ hel1-a ] ++ users;
-  "secrets/hel1-a/borgbackup/password.age".publicKeys = [ hel1-a ] ++ users;
-}