base: add sops keys for everyone and everything
This commit is contained in:
parent
06bd93e5d1
commit
fde69ca283
|
@ -17,6 +17,10 @@ creation_rules:
|
|||
key_groups:
|
||||
- age:
|
||||
- *host_jokum
|
||||
- *host_ildkule
|
||||
- *host_bekkalokk
|
||||
- *host_bicep
|
||||
|
||||
- *user_danio
|
||||
- *user_felixalb
|
||||
- *user_eirikwit
|
||||
|
|
6
base.nix
6
base.nix
|
@ -84,6 +84,12 @@
|
|||
settings.PermitRootLogin = "yes";
|
||||
};
|
||||
|
||||
sops.age = {
|
||||
sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
|
||||
keyFile = "/var/lib/sops-nix/key.txt";
|
||||
generateKey = true;
|
||||
};
|
||||
|
||||
# nginx return 444 for all nonexistent virtualhosts
|
||||
|
||||
systemd.services.nginx.after = [ "generate-snakeoil-certs.service" ];
|
||||
|
|
Loading…
Reference in New Issue