dot013/nix
1
0
Fork 0
Code Issues Pull Requests Activity

feat: sops and nix-sops secrets management

Browse Source
This commit is contained in:
Gustavo "Guz" L. de Mello
2024-01-12 17:49:26 -03:00
parent 8ed1c05373
commit 290183a4e4
2 changed files with 12 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
hosts/desktop/shared-configuration.nix
View File

@@ -2,12 +2,18 @@
{
imports = [
inputs.sops-nix.nixosModules.sops
../../modules/nixos/config/host.nix
../../modules/nixos/systems/set-user.nix
# Include the results of the hardware scan.
./hardware-configuration.nix
];
sops.defaultSopsFile = ../../secrets/desktop-secrets.yaml;
sops.defaultSopsFormat = "yaml";
sops.age.keyFile = "/home/guz/.config/sops/age/keys.txt";
programs.hyprland = {
enable = true;
xwayland.enable = true;
@@ -27,6 +33,8 @@
dunst
libnotify
swww
sops
wl-clipboard
];
hardware = {

8
secrets/desktop-secrets.yaml
View File

@@ -1,5 +1,5 @@
lat: ENC[AES256_GCM,data:C1bJHXoy,iv:hSpUpB74mFJm/b7EgLcvp+M+AY4DVzwZHGYHTx9n6K4=,tag:x7ZZ7Uea9aS/TrDLezvMeQ==,type:float]
lon: ENC[AES256_GCM,data:831hTxaRam4NBQ==,iv:+YeNizL7Tqp3vu6I8yyuxLxViQgJUrfDCKBFSSky0Xw=,tag:qvQLQykJ7ij+XIKAuZQOAA==,type:float]
lat: ENC[AES256_GCM,data:jmQPcQFV,iv:k4+a7lA64yT9AJANcOQ4HDZzq8aL2Tga67BesqfnL3A=,tag:OjRTtL/BoDwDBWvWQUCt9Q==,type:str]
lon: ENC[AES256_GCM,data:Qn9Gi5LP7ve3kA==,iv:s3ZdJ6rfl03nzEes4BpGPIzUUq5yCOIBKbKhfznG0nw=,tag:uyvowjKDoTMtuApUVZA+ag==,type:str]
sops:
kms: []
gcp_kms: []
@@ -15,8 +15,8 @@ sops:
Nm1UT1pUeWJhS1hhUWo4b3A1RElKNG8KIzbqwoCynolclZkZ3AiIkqpGjEBUZPo2
h8Y3Rx2QASD6tg9jlxRqGtbXe+mNgcCNTt7cdOyhndQzzq/2GfbujA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-01-12T16:30:51Z"
mac: ENC[AES256_GCM,data:1LhytMdnYlN82+cyqnRaPu4QyAAa0dwS1krDD3ZhuZpp0SfHrgApX9BN38ZaAmWKjwhcAvVjhhLBevZJeWmfbsg7DVRkyptXrjv6Gr66szkfhA/PE286JM3U66UeZmU9FkB5XJqT/PL86jr5rUiY4yTYoixcXbs9OEQJ66qIr4M=,iv:RSPVzk+W0gEsPQ22O0wENf/c+iBXIW9zpeP1QY8XjBE=,tag:O41GNx6w2a2LP0oooNiEfw==,type:str]
lastmodified: "2024-01-12T16:34:42Z"
mac: ENC[AES256_GCM,data:jORvHtVDAYoM+8kY4gGC15r4ee+oYHczapmGdcAl71L4qNBE/qG/KuvyNCrG/mbiqM+U8W81Jwm32oCjrGDL6+Pv0stFlDmsB4ql7piyILQYUU4cLvRCaUPm2KVrD7Y+9sa0vgPOZQyUFQZmTQ1vbKNeHRmZn0qfHmqvji/Mfow=,iv:jKIgix5MGCrRqVxh5JCEjzBWQzW1kSoQLiQuDfGkzh8=,tag:0z/x5TplHjV5hMHC/JKiyw==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.8.1