snowhawk: sops secret password hee hee hoo hoo

This commit is contained in:
Zynh Ludwig 2024-07-30 21:50:08 -07:00
parent 83f91a7016
commit 6e2ef44fd1
2 changed files with 7 additions and 1 deletions

View file

@ -2,7 +2,7 @@
# your system. Help is available in the configuration.nix(5) man page # your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running `nixos-help`). # and in the NixOS manual (accessible by running `nixos-help`).
{ pkgs, inputs, lib, ... }: { pkgs, inputs, lib, config, ... }:
{ {
imports = [ imports = [
@ -41,10 +41,15 @@
# #
# ]; # ];
# users sops setup
sops.secrets."passwords/ravenshade".neededForUsers = true;
users.mutableUsers = false;
# Define a user account. Don't forget to set a password with `passwd`. # Define a user account. Don't forget to set a password with `passwd`.
users.users.ravenshade = { users.users.ravenshade = {
isNormalUser = true; isNormalUser = true;
description = "Zynh Ludwig"; description = "Zynh Ludwig";
hashedPasswordFile = config.sops.secrets."passwords/ravenshade".path;
extraGroups = [ "networkmanager" "wheel" "audio" ]; extraGroups = [ "networkmanager" "wheel" "audio" ];
packages = with pkgs; [ packages = with pkgs; [
ripgrep ripgrep

View file

@ -13,4 +13,5 @@ in
snowhawk.i18n.enable = lib.mkDefault true; snowhawk.i18n.enable = lib.mkDefault true;
snowhawk.audio.enable = lib.mkDefault true; snowhawk.audio.enable = lib.mkDefault true;
snowhawk.env.enable = lib.mkDefault true; snowhawk.env.enable = lib.mkDefault true;
snowhawk.sops.enable = lib.mkDefault true;
} }