Xetibo/DashNix
1
0
Fork 0
Code Issues Pull requests Projects Releases 1 Packages Wiki Activity Actions

Modularize secrets

Browse source
This commit is contained in:
DashieTM 2024-08-25 14:38:35 +02:00
parent a1b70baa78
commit 785af695df
3 changed files with 16 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

3
example/hosts/secrets/secrets.md Normal file
View file

@ -0,0 +1,3 @@
# Secrets
This file is for sops-nix and is also where your keys for various secrets will be stored.

0
example/hosts/secrets/secrets.yaml Normal file
View file

20
modules/programs/sops.nix
View file

@ -6,6 +6,18 @@
type = lib.types.bool; type = lib.types.bool;
description = "Enable sops secrets"; description = "Enable sops secrets";
}; };
secrets = lib.mkOption {
default = {
hub = { };
lab = { };
${config.conf.username} = { };
nextcloud = { };
access = { };
};
example = { };
type = with lib.types; attrsOf anything;
description = "secrets for sops";
};
}; };
config = lib.mkIf config.mods.sops.enable config = lib.mkIf config.mods.sops.enable
(lib.optionalAttrs (options ? home.packages) { (lib.optionalAttrs (options ? home.packages) {
@ -16,13 +28,7 @@
sshKeyPaths = [ ]; sshKeyPaths = [ ];
}; };
defaultSopsFile = root + /secrets/secrets.yaml; defaultSopsFile = root + /secrets/secrets.yaml;
secrets = { secrets = config.mods.sops.secrets;
hub = { };
lab = { };
${config.conf.username} = { };
nextcloud = { };
access = { };
};
}; };
systemd.user.services.mbsync.Unit.After = [ "sops-nix.service" ]; systemd.user.services.mbsync.Unit.After = [ "sops-nix.service" ];