Set up sops-nix
This commit is contained in:
parent
2ad7b7b2c3
commit
1d99bbfd46
GPG Key ID:
9F2F7D8250F35146
|
|
@ -0,0 +1,11 @@
|
||||||
|
keys:
|
||||||
|
- &gpg_h7x4 F7D37890228A907440E1FD4846B9228E814A2AAC
|
||||||
|
- &host_tsuki age1c92j4w0gqh32hwssl5m2mfrggssxax9pge8qxwytv9lmrnfttcvqdrgsst
|
||||||
|
|
||||||
|
creation_rules:
|
||||||
|
- path_regex: secrets/[^/]+\.(yaml|json|env)$
|
||||||
|
key_groups:
|
||||||
|
- pgp:
|
||||||
|
- *gpg_h7x4
|
||||||
|
age:
|
||||||
|
- *host_tsuki
|
||||||
|
|
@ -29,6 +29,8 @@
|
||||||
flake = false;
|
flake = false;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
sops-nix.url = "github:Mic92/sops-nix";
|
||||||
|
|
||||||
osuchan = {
|
osuchan = {
|
||||||
url = "git+file:///home/h7x4/git/osuchan-line-bot";
|
url = "git+file:///home/h7x4/git/osuchan-line-bot";
|
||||||
# inputs.nixpkgs.follows = "nixpkgs";
|
# inputs.nixpkgs.follows = "nixpkgs";
|
||||||
|
|
@ -83,6 +85,7 @@
|
||||||
nix-attr-search,
|
nix-attr-search,
|
||||||
osuchan,
|
osuchan,
|
||||||
secrets,
|
secrets,
|
||||||
|
sops-nix,
|
||||||
vscode-server,
|
vscode-server,
|
||||||
website
|
website
|
||||||
}: let
|
}: let
|
||||||
|
|
@ -106,6 +109,10 @@
|
||||||
|
|
||||||
inherit pkgs;
|
inherit pkgs;
|
||||||
|
|
||||||
|
devShells.${system}.default = pkgs.mkShell {
|
||||||
|
packages = with pkgs; [ sops ];
|
||||||
|
};
|
||||||
|
|
||||||
homeConfigurations = {
|
homeConfigurations = {
|
||||||
h7x4 = home-manager.lib.homeManagerConfiguration {
|
h7x4 = home-manager.lib.homeManagerConfiguration {
|
||||||
inherit system;
|
inherit system;
|
||||||
|
|
@ -148,6 +155,7 @@
|
||||||
osuchan.outputs.nixosModules.default
|
osuchan.outputs.nixosModules.default
|
||||||
minecraft.outputs.nixosModules.minecraft-servers
|
minecraft.outputs.nixosModules.minecraft-servers
|
||||||
matrix-synapse-next.nixosModules.synapse
|
matrix-synapse-next.nixosModules.synapse
|
||||||
|
sops-nix.nixosModules.sops
|
||||||
|
|
||||||
{
|
{
|
||||||
config._module.args = {
|
config._module.args = {
|
||||||
|
|
|
||||||
|
|
@ -6,6 +6,8 @@ in {
|
||||||
allowUnfree = true;
|
allowUnfree = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
sops.defaultSopsFile = ../secrets/default.yaml;
|
||||||
|
|
||||||
nix = {
|
nix = {
|
||||||
package = unstable-pkgs.nixVersions.stable;
|
package = unstable-pkgs.nixVersions.stable;
|
||||||
distributedBuilds = config.networking.hostName != "Tsuki";
|
distributedBuilds = config.networking.hostName != "Tsuki";
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1 @@
|
||||||
|
|
||||||
|
|
@ -0,0 +1,41 @@
|
||||||
|
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||||
|
|
||||||
|
mDMEYuaF5BYJKwYBBAHaRw8BAQdAyCMRV/dIW4dIbUqMNP6nWiyAnB/a4iAtTaEn
|
||||||
|
idcbAdy0JGg3eDRhYmszZyA8aDd4NGFiazNnQHByb3Rvbm1haWwuY29tPoiQBBMW
|
||||||
|
CgA4FiEE99N4kCKKkHRA4f1IRrkijoFKKqwFAmL7j2ICGwEFCwkIBwMFFQoJCAsF
|
||||||
|
FgIDAQACHgECF4AACgkQRrkijoFKKqxIlQD9F0EedrFpHAVuaVas9ZWRZb4xv3zM
|
||||||
|
+CPpeegRw646eC8A/0l4JRHplPClB4MQfsc3N/0TDbCT4PaEhls9eJQ2KbUKtBRo
|
||||||
|
N3g0IDxoN3g0QG5hbmkud3RmPoiTBBMWCgA7AhsBBQsJCAcDBRUKCQgLBRYCAwEA
|
||||||
|
Ah4BAheAFiEE99N4kCKKkHRA4f1IRrkijoFKKqwFAmL7l8ACGQEACgkQRrkijoFK
|
||||||
|
KqxI4wD9EIGpb3Gt5s5e8waH7XaLSlquOrW1RID3sSuzWI4DvikBAMncfBbtkpzH
|
||||||
|
EYU2Ufm8VxzgJDnyeB+lcdeSJXWaIwYLtCZoN3g0IChhbHRlcm5hdGl2ZSkgPGg3
|
||||||
|
eDQuYWx0QG5hbmkud3RmPoiQBBMWCgA4FiEE99N4kCKKkHRA4f1IRrkijoFKKqwF
|
||||||
|
AmL7j0oCGwEFCwkIBwMFFQoJCAsFFgIDAQACHgECF4AACgkQRrkijoFKKqytywD+
|
||||||
|
IdHIxbjRcDEJYOqFX1r4wrymTvnjz/kp0zUSrymwMUoBAP8huPK/YpujNF6/cwwB
|
||||||
|
3A5WwpWjjV+F/uq2ejqFOocNuDMEYuaGRxYJKwYBBAHaRw8BAQdAsmc0GTQIszpk
|
||||||
|
jDYwgSt6zI81P2+k9WvBg6IEISnyuVWI9QQYFgoAJhYhBPfTeJAiipB0QOH9SEa5
|
||||||
|
Io6BSiqsBQJi5oZHAhsCBQkDwmcAAIEJEEa5Io6BSiqsdiAEGRYKAB0WIQTzzahs
|
||||||
|
xVqfENegaYGfL32CUPNRRgUCYuaGRwAKCRCfL32CUPNRRhWYAQCzfkYeJt9t02jO
|
||||||
|
c3SXwk1e1dGj9ydEXSprSr8/2PWu7gD+KD/FJWzPbnMhtudoGfCIzNFaazcz/QqT
|
||||||
|
ZeBs6Q+AkQ7ueQD/ZqQMkaCrd8o2L02h89U6bFxy86nyTurGAUVx92F8jUwBAKa7
|
||||||
|
Zp/0vR5bR4o57C7NTxB5kbmteF0AXS9R7sxSA/AEuQINBGLmhnoBEADa1yBK0NKx
|
||||||
|
VIto3hSh21hooYpWcEXWqMPXHO34rcAhktVFOOHIl2bFGScQAZXtjAcqUmMyC+PM
|
||||||
|
s1DZoocFk+9PJt17hAa/s6CRrw8vK+1fVqhj0XOLtevGV9iC6IRvhPxzTsOaeOss
|
||||||
|
gMGIU8xDmMKT2nGHGNUkqOXGld63E3NKsK3lnl+BCdpJ0f3GEB7aSQ+pk6k1uzOD
|
||||||
|
XX/mhAUJmL1MkVZ6jJA3vhsre0Kfa9p+C5mP4hLJ6jF+oESvA4HC+LuCSGm66gID
|
||||||
|
MC39jnLo6hwYEEjfPXD7CUAN4S2eISSFd+ZclN2vYcrKYgsCZS0hBFOgDhKKCHBu
|
||||||
|
MwP12AIM8y8L64/eOWFpR7s2StAPjjYbZeZECHLWZt1zGVvkS7Xp6lsAg6/T8Eys
|
||||||
|
KG7vTl2Qq9W0BmzNgk2ODTZkhv0gqqXppdr8eRiq+h0qMfJptG0GycOvqb9PoEO2
|
||||||
|
dfNCjjII8VfaSGfSEYo8UwsqYTtfgdoNnFCXKd1r7QmvrdbNsFDRmkv+wWJoipwU
|
||||||
|
aVquyb2KN652jSlpwMECW6fSEsT/5C3mJLgAmi6l6yosw6HdIY6jgpCGtxnHW2zR
|
||||||
|
eIS6ezZdtxYBCkEHK70yASyaIHrLLDknw+DuKvXAWOAecob8GNBHOjXZe3LzBt2r
|
||||||
|
VgOCRa+W7milNgjUCsz+R3rM8XfR+wNEGwARAQABiH4EGBYKACYWIQT303iQIoqQ
|
||||||
|
dEDh/UhGuSKOgUoqrAUCYuaGegIbDAUJA8JnAAAKCRBGuSKOgUoqrDE0AQDBxRsm
|
||||||
|
W9L60mxGCp1CpNWBXD2T6D605PlNiNCcM+cOCgD/c2OitSSG50M0YRbyh1LPYL6Y
|
||||||
|
QePL0dQkYsjm6XVmrAK4MwRi5obFFgkrBgEEAdpHDwEBB0BYP2r4I9LGW8ai+fLW
|
||||||
|
RKXGonni9TljqFVN5mV/yuxlPoh+BBgWCgAmFiEE99N4kCKKkHRA4f1IRrkijoFK
|
||||||
|
KqwFAmLmhsUCGyAFCQPCZwAACgkQRrkijoFKKqzeYwD/emjtDBD0EiCnS2mvfopa
|
||||||
|
T6foJSfXbiCe83UdFNebTjQBANFqnkXPCYb9dFIyM/0N1JXH7yj81VuslSqPi4NR
|
||||||
|
SNkE
|
||||||
|
=oTMO
|
||||||
|
-----END PGP PUBLIC KEY BLOCK-----
|
||||||
Loading…
Reference in New Issue