oysteikt/nix-dotfiles
1
1
Fork 0
Code Issues 141 Pull Requests Activity

secrets: split secrets per machine to reduce conflicts

Browse Source
This commit is contained in:
Oystein Kristoffer Tveit
2024-06-25 19:27:23 +02:00
parent 3f4212b771
commit f74c1f7aa8
5 changed files with 137 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
hosts/common.nix
View File

@@ -2,13 +2,13 @@
let
inherit (config) machineVars;
in {
sops.defaultSopsFile = ../secrets/default.yaml;
sops.defaultSopsFile = ./.. + "secrets/${config.networking.hostName}.yaml";
sops.secrets = {
"ssh/nix-builders/tsuki/key" = { };
"ssh/nix-builders/tsuki/pub" = { };
"ssh/nix-builders/isvegg/key" = { };
"ssh/nix-builders/bob/key" = { };
"ssh/nix-builders/tsuki/key" = { sopsFile = ./../secrets/common.yaml; };
"ssh/nix-builders/tsuki/pub" = { sopsFile = ./../secrets/common.yaml; };
"ssh/nix-builders/isvegg/key" = { sopsFile = ./../secrets/common.yaml; };
"ssh/nix-builders/bob/key" = { sopsFile = ./../secrets/common.yaml; };
# "ssh/nix-builders/isvegg/pub" = { };
};