Move secrets to individual configs
This commit is contained in:
parent
bee8a21990
commit
a1b70baa78
5 changed files with 9 additions and 48 deletions
|
|
@ -24,7 +24,7 @@
|
|||
|
||||
outputs = { ... }@inputs: {
|
||||
nixosConfigurations =
|
||||
(inputs.dashNix.dashNixLib.build_systems [ "example" ] ./hosts/.);
|
||||
(inputs.dashNix.dashNixLib.build_systems [ "example" ] ./.);
|
||||
};
|
||||
|
||||
nixConfig = {
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
{ inputs, pkgs, config, lib, mod, additionalHomeConfig, ... }:
|
||||
{ inputs, pkgs, config, lib, mod, additionalHomeConfig, root, ... }:
|
||||
let
|
||||
base_imports = [
|
||||
inputs.anyrun.homeManagerModules.default
|
||||
|
|
@ -27,7 +27,7 @@ in {
|
|||
home-manager = {
|
||||
useGlobalPkgs = true;
|
||||
useUserPackages = true;
|
||||
extraSpecialArgs = { inherit inputs; };
|
||||
extraSpecialArgs = { inherit inputs root; };
|
||||
|
||||
users.${config.conf.username} = {
|
||||
imports = [ ./common.nix ./xdg.nix ./themes ./sync.nix ] ++ base_imports
|
||||
|
|
|
|||
|
|
@ -5,11 +5,11 @@ in {
|
|||
builtins.listToAttrs (map (name: {
|
||||
name = name;
|
||||
value = let
|
||||
mod = root + /${name}/configuration.nix;
|
||||
additionalNixosConfig = root + /${name}/hardware.nix;
|
||||
additionalHomeConfig = root + /${name}/home.nix;
|
||||
mod = root + /hosts/${name}/configuration.nix;
|
||||
additionalNixosConfig = root + /hosts/${name}/hardware.nix;
|
||||
additionalHomeConfig = root + /hosts/${name}/home.nix;
|
||||
in inputs.nixpkgs.lib.nixosSystem {
|
||||
specialArgs = { inherit inputs pkgs mod additionalHomeConfig; };
|
||||
specialArgs = { inherit inputs pkgs mod additionalHomeConfig root; };
|
||||
modules = [
|
||||
inputs.home-manager.nixosModules.home-manager
|
||||
inputs.stylix.nixosModules.stylix
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
{ lib, pkgs, config, options, ... }: {
|
||||
{ lib, pkgs, config, options, root, ... }: {
|
||||
options.mods.sops = {
|
||||
enable = lib.mkOption {
|
||||
default = true;
|
||||
|
|
@ -15,7 +15,7 @@
|
|||
home = "~/.gnupg";
|
||||
sshKeyPaths = [ ];
|
||||
};
|
||||
defaultSopsFile = ../../secrets/secrets.yaml;
|
||||
defaultSopsFile = root + /secrets/secrets.yaml;
|
||||
secrets = {
|
||||
hub = { };
|
||||
lab = { };
|
||||
|
|
|
|||
|
|
@ -1,39 +0,0 @@
|
|||
hub: ENC[AES256_GCM,data:69czN3kqTYCbiwXPPUpaThm7lrpM/43nUcE0Ee3m1AscB0Huqp1LzmgVBVZ6X/NVamNipfRzN4KePmFqkGBT7V6qIewX0L6vYpLBJ7pwdv1xRF+FEkrfikqfdec28AwNCOXIOQZq3oknPpGoAVAQAsQo+SxwPaP4vZKbYpS9EA727E9REd4dVcBRW2GN3ystiX+L/Rz+mizHQfVGb6LHhj6AZWB/SGhcfGJZCfoKgwIFekjiSJhdSQemmtX1x+b7yxUwQqsUBPVtSf73zUCIYVjLwx4bdZ5OF8kITRF8ZIfp+YLN24Lt5Qeatd4FBO5AJTFOgjRjU38z6Xy3CwZMv0hp3IwqfXUd+47wiGSXSs2lygntWodcG96/KUubrChWQQxfE0vNIAu/l2sjwwre32E9mXBYn6uHFD+/kroL531KscdKdnpAACnwsomMSiJIWz3JQa6aljDeUd90VFH2kOf8VtGbqkFL9VfTrtx/dnTMaK2VJmO+bZTge+evIBgtH0Y2DP/GmaempeZIyJydx03uVCFDi+uEfGx10HMty0sUS0k=,iv:1/+m6CmUojTS4d7B76zzrwC3k5M18qkQ6q1458kG1QI=,tag:463IcCP3Tfb4JWS5K7hCjw==,type:str]
|
||||
lab: ENC[AES256_GCM,data:IbIHYKp7kAP09r2t6bppLZraRIxjEsIXbfIG/R5QTGzy1uVk5LZivzepkJP6kOf3qWt/wZiBb5qLcNyL/+RZMfaV5KvlvtKhCVQ/D5qS3qB/4wKvPTdMiMzc9VTnLzUaDExMAtiYV/tcJGC/xgpkrwizJwy5WEA/d8EKUDs1p//vpv8b6035k1oV/49sw3cJ/eMGgvnuJ3sKMKpkXbUJ4zyyHKPCFoaCGdplCJDn5hZloaqxBjdZctAEgsVvKiq2HyIMNqH3YaKEJZhwMrwQMSioHA1WnBQMc0tnqWAi9rhpm8pY553HaQe0U/lpS1W5IvLj7MVxat3911WK/s95oEVLY7b7dZAzmdMau4IF/ozhxC6i2oSELw+VNqiZ/yJwfqJ7e+89UnxZdi7xMJpikOfE1qzGIPaEHj2caSf+U2sldqsRyqdf+oJK9Sof4djn5diEPkhTyLkqFCGC6QakEbprcbstBcjwu65G4BTTDy/3FJYUt0NZTHy7HDjsn/7b2Sxa1XgWbWOGBwbmMqpsSE6eJC2WmWDWtrjgO7rV6XWwzm8=,iv:uVkMdjENhj2OnHnmCyfpQAdQeXwnvTIdExDxxWVIRKc=,tag:+3lf+T2Gpa4fLC3FhbLa6A==,type:str]
|
||||
dashie: ENC[AES256_GCM,data:P/+ZEelpLFrcsk8hx7CF999Wlv5OWiybjPVT1ULogCECpBAxYJglisINyJGGBSBLnp4FF45kCpFb/xsuLZGwe/o4LK6Lbf6/uwE2HSXNMMXjkD8lk3zINNXfWls6s9f/XnHsKjwp0gDGhcfMM+mbg8EAyCfkdLUWYapNQc+CIr1ilAvjzDpGhrjYw2j7FEEKiteUxPTg34DY6iKlxkuGuon4Yb2r1d5+KMiHKouomjRkvS3cAgCyTKIVybYEhCQthHJh0j76Z7O5wvfXeOkLFWE68arvOci2MC7ecx6bVUrJQDTyUSpyO9TqJneIh36STZQs9Zk24sSY8jdt59roaJPylfRmbSRnlH0Wg5vzbuu4zM/ffTaiYRZkKBYbX9wmyNh4nW7EJOD9i4lE+65VxWYI4M0EuJXqI4vaIEo2PexAWci9cp0Ui6BmY2G4PoEz0P48p2WXPnQOwSSBYY9HfeAs+oXhB4Bi+I1VUAR/BkzihBvb+d9AWcbZIurMc2h7Vlz58/2E8+QVzljHfN+pakU/FhWCt2VRhhimyF8h3Nacbk0=,iv:kmFBTzx9BNHRGv+FzdwrIvVMORprhilG8tN2C3J4BRY=,tag:jRvRDkvUE14JZZem13/5Vw==,type:str]
|
||||
hub_pub: ENC[AES256_GCM,data:6vIAQWFMIR+HnERg+A4jKu/MW+e7eLQplmdJyBeuBL9tvxH1idT8C6zvMEyIPhelU6+ZYQghAlvuC4MtktI/Te0f40XvdK3Gq/DmfBrLRUgLdSjUvMeGuuKnpRX0mjCaw77YW5ES4ptZ,iv:PC9hELA0234JCk2rx6FJhMlKKaKO8WrIezJ2Q2nv6EE=,tag:R8oPaH3Sbr23oRX++OP/qg==,type:str]
|
||||
lab_pub: ENC[AES256_GCM,data:rlHCiqGnoaPiQBaZQRT+bEjfNF7jNO4CGPoCOKJ1o7nv7i2jPy6Bq9OMBHXsMHI9oGfEhyKCDHdpJ65aI07KJC/fMoMoAyiNmalwNOn26jbgj84mfENS3IYbfKxQVXAUCJHE5m1cFsm7,iv:8SLdHLYq2tlfHBjdeDoByEzGuu3TURj4+KJvQfPuaWA=,tag:mmGXlRwQ0UoVIAJE6d1OUQ==,type:str]
|
||||
dashie_pub: ENC[AES256_GCM,data:k6JIJOKDJcGSW47Z8y0EYxNl/vaPRVbIn35CSA57snEzYnk5GpU+1NfPDniWoAGRkpIwicgN6kpzssRlKOmVudvwMejSLv4VkLRBjrsApVFECwoIBLUNGUSDaMcIwC/BYu4jfjGaozBj,iv:0EZ0rptLdmcuTU1BGOILaaDTrc7aZGJCCxgjUESqi0M=,tag:dlQs/ugBGxnSrNj/bRSJSw==,type:str]
|
||||
server_pub: ENC[AES256_GCM,data:87nTYzA8CykOPjfZS2As8+JB/ysJvHXFYbPIBA8Nus8Y3nI3Tl2F/f7mUVFBT+4mmOFTTwxghEnkpgTg/vzUm6W4wb19rIcv11eM7HYaGl5oI44a44rBJn2+PKlfIgXVgaY=,iv:O7I7kkZ44McXzCt3wH1cM3MJCShxu2O+0U0+Y6rwePo=,tag:q5D5AGMmFyiNhQNR8dRB+g==,type:str]
|
||||
nextcloud: ENC[AES256_GCM,data:hjpS1WKsQJ6U2XX3GAbVP93VBAE8hKUdBRD9nI5Yiw==,iv:QaJNScNaxLLArzHLutIWdgN4m+9F0+Ym0FOcL53ygeQ=,tag:PamHgZJ+rsb3Dno2kEZRpQ==,type:str]
|
||||
nextcloud_server: ENC[AES256_GCM,data:ohp0y08skd/NL7KhPE6pfezghY7UVL+aYT0=,iv:Rc5cnej+721aNrJGkE6/nTtwYC6Jg54da5bKu6mH1zY=,tag:EfiGA1DT87hGtNdMFZVBVA==,type:str]
|
||||
nextcloud_admin: ENC[AES256_GCM,data:yRpnyoQ+rSiwaQoTp3I=,iv:Ii8ge7nkmtX1bVq4vdwEaLc3QFSrt0fbyHao7IDgtf0=,tag:T5YbThFN6B9fdBU/jhqdmQ==,type:str]
|
||||
forgejo_server: ENC[AES256_GCM,data:4RLdo5pRQ17QlbpFFciFDrRocPj1J9W0hh4=,iv:AaTjk/ysWGubHSwzigyBWs7CGAOHnrbK7B+gUGFXETw=,tag:5rXwLSSSthq7nVIw5mIhLw==,type:str]
|
||||
matrix_server: ENC[AES256_GCM,data:fH+5kX6VyNUXzAmNkLEGf8KmhIWuTGsG3r0=,iv:B2ltogyJaT1zcyZfHdrtB4HfnLZuWMbC7LwCT+IIPlU=,tag:jlOjBdypkrdc8MGp1fqSBQ==,type:str]
|
||||
mautrix_signal_server: ENC[AES256_GCM,data:xBHtTtf725wvSltd7EgP3u/GszsaKR1D/ng=,iv:KZorceuZJulvBYyOSKaFv0UxAgMzIuXnBSDmqeqZT80=,tag:k4Dqvq7n39q6rgfB9hB8/g==,type:str]
|
||||
mautrix_whatsapp_server: ENC[AES256_GCM,data:Ap5NZ9+kkusMTJlmiH2vxj2fkp1RZPSOM5s=,iv:/F3sP/7bw0uIualG8E+Mtxp60xW8OlHBBZCui887oaA=,tag:CawIZEpmbmxRYhq2fb1vDw==,type:str]
|
||||
mautrix_discord_server: ENC[AES256_GCM,data:8MU3URa52h0sDabl+6bYZ0z0ib/S8KzYb3k=,iv:uSqT0MsK1qcphyd+5xZZ8aDqxQhZX8mKBP+2tHHG04I=,tag:mdepj3ombSru96es+lFIQQ==,type:str]
|
||||
access: ENC[AES256_GCM,data:BHB8v/uVqj5Hn2J6OUHloxdbrc9EVq6mCz9n4rFKUPK5H6ajP9L+zWtxkPLgr6sljEL3fPdlYQUlRaSJTAeygQnuXzM=,iv:mFv4AGSG0ok658VK5HcRBcQpLLK7NM9QJj4FMCJMj4Q=,tag:G4SIkT4TfoR/lW+kZmygiA==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age: []
|
||||
lastmodified: "2024-08-04T14:17:56Z"
|
||||
mac: ENC[AES256_GCM,data:cDusfY0990Q60IrprG8SEYwpGkrvfxIBt6qS/e5ikKqCTYpp9ei1BiecLPQ6U+6rgoRLWACGsq3idJI7cApVxqAfQcZXFjaxO5TxGKP8VyO//nhoPouT1iRfue1oref8D4P7cE/T2GzNFbDP0aUHXP0bBGo76TGLTzhkJ3Gzm7g=,iv:Va+WbAY4amrOUp+6pFtt8vf4jXxRF19oI3pD6I3dEuw=,tag:EfDeBf3S0ReetiWywLUiAQ==,type:str]
|
||||
pgp:
|
||||
- created_at: "2024-05-14T14:35:02Z"
|
||||
enc: |-
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hF4DnA7H9LSNcZ4SAQdAJZzOF6GZ1VTNt2rccso305pkL5AGeeAPV0LtfpZkkVEw
|
||||
2GTK/N4MmE0YyjUAP+W3fkGawgzQDRsjSF+AB936DcL3BtfGktChl3agFBfWqprs
|
||||
1GgBCQIQ7rj9kooZpsYX93x5TSz2ZN3aeu/dcx3lHYwyqtTxdTMjK44LngfhO0qZ
|
||||
zc/951nhmt6Vkj0PJY4QRkKiLPoVo/lgG4+1dv9hSJULRuZwvFQfv/7UXzq0tKrl
|
||||
/xqggA6uP/rogA==
|
||||
=zJOX
|
||||
-----END PGP MESSAGE-----
|
||||
fp: 92D29D420B5D95FCA46A12FE778CFA7A623614F3
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.9.0
|
||||
Loading…
Add table
Add a link
Reference in a new issue