sops-nix ssh key
parent
231fe8a462
commit
e07dce7874
|
@ -0,0 +1,7 @@
|
|||
keys:
|
||||
- &ravenshade age1zgd7qpj7vc4gjtetttqgp32aw75fmnjrw6ax2x2meul2w4jclytszvutdd
|
||||
creation_rules:
|
||||
- path_regex: secrets.yaml$
|
||||
key_groups:
|
||||
- age:
|
||||
- *ravenshade
|
|
@ -14,6 +14,7 @@
|
|||
./easyeffects.nix
|
||||
./lazygit.nix
|
||||
./dunst.nix
|
||||
./sops.nix
|
||||
];
|
||||
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
|
|
|
@ -0,0 +1,30 @@
|
|||
{ lib, config, inputs, ... }:
|
||||
|
||||
let
|
||||
cfg = config.snowhawk.sops;
|
||||
home = config.home.homeDirectory;
|
||||
in
|
||||
{
|
||||
imports = [
|
||||
inputs.sops-nix.homeManagerModules.sops
|
||||
];
|
||||
|
||||
options.snowhawk.sops = {
|
||||
enable = lib.mkEnableOption "sops";
|
||||
};
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
sops = {
|
||||
age.keyFile = "${home}/.config/sops/age/keys.txt";
|
||||
|
||||
defaultSopsFile = ../../secrets.yaml;
|
||||
validateSopsFiles = false;
|
||||
|
||||
secrets = {
|
||||
"private_keys/personal_git" = {
|
||||
path = "${home}/.ssh/personal_git";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -18,6 +18,7 @@ in
|
|||
projects.enable = true;
|
||||
lazygit.enable = true;
|
||||
dunst.enable = true;
|
||||
sops.enable = true;
|
||||
};
|
||||
|
||||
xsession.numlock.enable = true;
|
||||
|
|
|
@ -0,0 +1,22 @@
|
|||
private_keys:
|
||||
personal_git: ENC[AES256_GCM,data:r5NXuhqltyaZpjMhz6Nh+2Nv1UI86nxtud5aPFkAfwOuBhtDLOx5dOZWZqJ/8Lf+hjyVsCRN77GNXIKmBA3UhguIzWdWSRMboDXYePxRar+i0rBQdKK24rzPLMAYRd5L1sLml1hS5eZxds+D+C5PCv4FXrkc+9xO08RPFgqJVfFbzIEM/5HAmgG1xLpK32+56/QdwW/bL2r2bheSuNXmcrciDeilVBS5/jVgIaa8mxDHQjVPi6SdL4MGt85+OpcOesqDGuTpc00H9kd/i6mOucYCw2UjHJpLYDJ202cE0pHiKenFbssiS+NqG7dWSLKD0HqhDoHLvJVaXlLT+GxEx1ec/vHAl7LgpRRpUfcEknFpsJgliPOfr1p3D2plx/ZcWqysFy3jZ5HZI3ZawRrsDdQlKpljcjCgOeCVoTlQdrjQruDV3QueLPn5ueFMx3Iks6e/PyENXp+JhdJID5dPjckSb2vp/VUP7n3PT3aNuPMluMpXFUhUwthTb/RsKBAqDUEaw0RAe1mvAaoD3ZUJtg5Q84UVuQxQHGtS,iv:fUwoEgHb2Bat/qjnedfHVzso0qfRPXuelO26CFxdud0=,tag:bqHeF1R4+IHQ/a0urVXhIA==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1zgd7qpj7vc4gjtetttqgp32aw75fmnjrw6ax2x2meul2w4jclytszvutdd
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXOGRXY1JMN20wK2tvbmNU
|
||||
eVQ4YitPUVRzZkRubnFORU1oemVkZVRSUW1nCnp2eFBoUjhsVXprMnllVCtZK29K
|
||||
ajJ6VUJDeXlabjJ3ZDhGWC84aDh6ZzAKLS0tIEdPTnl6bHpOcE1XVVN1WU9EUkZm
|
||||
SjZNOWNndEIrMDFZRnV3QlRheklvMncK5n4lzgSrEDQ0M8m4SAslQvl2vq39owY9
|
||||
s3SrXYCvQo6nsKKJMgaN0fnrSqxdSLbnrDYFchaF2fhdXozR8508PA==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2024-07-09T04:04:27Z"
|
||||
mac: ENC[AES256_GCM,data:DD/9KWi7rgtBa1gJBSoER2PrzFXTbkqL28yDgf6bT8uUo19N4ztm6XjzAfJuthTZPk2AuRY5J0LIiMPysHdyyCQzVlXJx7I26MQtZo+6McbGNar+rmpxOOhQE/fLV1itrJIw7vbK3SbFTycCvMt2LocQAH5H9vFhqFXJOwzbXjw=,iv:Ctp9fjHC8+F3CVyV1iVzva2BZ1rISEV5eThp1v7mb0c=,tag:IEDUeaqD7snFlk05PVeHaw==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.9.0
|
Loading…
Reference in New Issue