wip2 sops
thanks @williamvds
This commit is contained in:
parent
eddb3395ed
commit
8c2d7dbe7b
@ -69,7 +69,6 @@ in {
|
||||
imports = [
|
||||
./hardware-configuration.nix
|
||||
./zfs.nix
|
||||
#<sops-nix/modules/sops>
|
||||
sops-nix.nixosModules.sops
|
||||
];
|
||||
|
||||
@ -105,7 +104,6 @@ in {
|
||||
};
|
||||
};
|
||||
|
||||
|
||||
time.timeZone = "UTC";
|
||||
|
||||
users = {
|
||||
|
@ -11,7 +11,6 @@
|
||||
deploy-rs.url = "github:serokell/deploy-rs";
|
||||
deploy-rs.inputs.nixpkgs.follows = "nixpkgs";
|
||||
deploy-rs.inputs.utils.follows = "flake-utils";
|
||||
|
||||
};
|
||||
|
||||
nixConfig = {
|
||||
@ -26,7 +25,7 @@
|
||||
sops-nix,
|
||||
deploy-rs,
|
||||
flake-utils,
|
||||
}: let
|
||||
} @ inputs: let
|
||||
myData = import ./data.nix;
|
||||
in
|
||||
{
|
||||
@ -36,9 +35,9 @@
|
||||
./configuration.nix
|
||||
./hardware-configuration.nix
|
||||
./zfs.nix
|
||||
|
||||
sops-nix.nixosModules.sops
|
||||
];
|
||||
|
||||
specialArgs = inputs;
|
||||
};
|
||||
|
||||
deploy.nodes.hel1-a = {
|
||||
|
11
secrets.nix
11
secrets.nix
@ -1,11 +0,0 @@
|
||||
let
|
||||
motiejus = "age1yubikey1qtwmhf7h7ljs3dyx06wyzme4st6w4calkdpmsxgpxc9t2cldezvasd6n8wg";
|
||||
users = [ motiejus ];
|
||||
|
||||
hel1-a = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF6Wd2lKrpP2Gqul10obMo2dc1xKaaLv0I4FAnfIaFKu";
|
||||
systems = [ hel1-a ];
|
||||
in
|
||||
{
|
||||
"secrets/hel1-a/zfs-passphrase.age".publicKeys = [ hel1-a ] ++ users;
|
||||
"secrets/hel1-a/borgbackup/password.age".publicKeys = [ hel1-a ] ++ users;
|
||||
}
|
Loading…
Reference in New Issue
Block a user