WIP: modules/debug-locations

base: add sops keys for everyone and everything
2024-04-02 19:44:53 +02:00 · 2024-04-02 00:03:23 +02:00
4 changed files with 24 additions and 0 deletions
--- a/.sops.yaml
+++ b/.sops.yaml
@@ -17,6 +17,10 @@ creation_rules:
    key_groups:
    - age:
      - *host_jokum
+      - *host_ildkule
+      - *host_bekkalokk
+      - *host_bicep
+
      - *user_danio
      - *user_felixalb
      - *user_eirikwit
--- a/base.nix
+++ b/base.nix
@@ -4,6 +4,7 @@
  imports = [
    ./users
    ./modules/snakeoil-certs.nix
+    ./modules/debug-locations.nix
  ];

  networking.domain = "pvv.ntnu.no";
@@ -84,6 +85,12 @@
    settings.PermitRootLogin = "yes";
  };

+  sops.age = {
+    sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
+    keyFile = "/var/lib/sops-nix/key.txt";
+    generateKey = true;
+  };
+
  # nginx return 444 for all nonexistent virtualhosts

  systemd.services.nginx.after = [ "generate-snakeoil-certs.service" ];
--- a/modules/debug-locations.nix
+++ b/modules/debug-locations.nix
@@ -0,0 +1,13 @@
+{ config, lib, ... }:
+let
+  cfg = config.environment.debug-locations;
+in
+{
+  options.environment.debug-locations = lib.mkOption {
+    description = "Paths and derivations to symlink in `/etc/debug`";
+    type = with lib.types; attrsOf path;
+    default = { };
+  };
+
+  config.environment.etc = lib.mapAttrs' (k: v: lib.nameValuePair "debug/${k}" { source = v; }) cfg;
+}
--- a/secrets/common.yaml
+++ b/secrets/common.yaml
Author	SHA1	Message	Date
h7x4	9f355eff0d	WIP: modules/debug-locations Some checks failed Eval nix flake / evals (push) Failing after 1m45s Details	2024-04-02 19:44:53 +02:00
h7x4	fde69ca283	base: add sops keys for everyone and everything	2024-04-02 00:03:23 +02:00