diff --git a/hosts/homex/configuration.nix b/hosts/homex/configuration.nix index 68ce0a1..624f8d4 100644 --- a/hosts/homex/configuration.nix +++ b/hosts/homex/configuration.nix @@ -11,6 +11,7 @@ ../../modules/nixos/homelab ./hardware-configuration.nix ./network.nix + ./secrets.nix ./users ]; @@ -20,9 +21,11 @@ forgejo = { enable = true; - settings.users."test-declarative" = { - email = "testdeclarative@example.com"; - password = "teste"; + settings.users."user1" = { + name = /. + config.sops.secrets."forgejo/user1/name".path; + email = /. + config.sops.secrets."forgejo/user1/email".path; + password = /. + config.sops.secrets."forgejo/user1/password".path; + admin = true; }; }; }; diff --git a/hosts/homex/secrets.nix b/hosts/homex/secrets.nix index 7d6406c..0dba3d9 100644 --- a/hosts/homex/secrets.nix +++ b/hosts/homex/secrets.nix @@ -6,6 +6,16 @@ sops.defaultSopsFile = ../../secrets/homex-secrets.yaml; sops.defaultSopsFormat = "yaml"; + sops.secrets."forgejo/user1/name" = { + owner = config.homelab.forgejo.user; + }; + sops.secrets."forgejo/user1/password" = { + owner = config.homelab.forgejo.user; + }; + sops.secrets."forgejo/user1/email" = { + owner = config.homelab.forgejo.user; + }; + sops.age.keyFile = "/home/guz/.config/sops/age/keys.txt"; }; } diff --git a/secrets/homex-secrets.yaml b/secrets/homex-secrets.yaml index 847eb69..39c04a9 100644 --- a/secrets/homex-secrets.yaml +++ b/secrets/homex-secrets.yaml @@ -1,3 +1,8 @@ +forgejo: + user1: + name: ENC[AES256_GCM,data:UL3g,iv:+ftGx57fhzN06DuLItxZTc7lXX2g4MhqrEqnDjk4Aug=,tag:ZNpwWuPYhBzDjRQBKikCDA==,type:str] + password: ENC[AES256_GCM,data:KXx9Kv9f9UP3sAU=,iv:bCBv+IEieR+RGjgjXLKMLlsqoBOLLYjvT167QIxxFmA=,tag:dPNUcrBrE66xDlFJltmIKg==,type:str] + email: ENC[AES256_GCM,data:iZjmn511sSRggO+ptkYZAeGKAFIMeV8R,iv:sBigXBpdYlj7zk7evE8IbQEa/YRVoCh2S/PFihx8VRU=,tag:XNSS+RFC8ChzZ/EzcQoDvg==,type:str] sops: kms: [] gcp_kms: []