diff options
author | Mark Nipper <nipsy@bitgnome.net> | 2024-05-29 00:30:30 -0700 |
---|---|---|
committer | Mark Nipper <nipsy@bitgnome.net> | 2024-05-29 00:30:30 -0700 |
commit | 270ae591f573e470f951ab1dd1ae70bcbee9334b (patch) | |
tree | 3577efe14b346214c261c2062258a14db5fae407 | |
parent | 660895110f247c0ac3a76709a38ca5f5ea2fbfcb (diff) | |
download | nix-270ae591f573e470f951ab1dd1ae70bcbee9334b.tar nix-270ae591f573e470f951ab1dd1ae70bcbee9334b.tar.gz nix-270ae591f573e470f951ab1dd1ae70bcbee9334b.tar.bz2 nix-270ae591f573e470f951ab1dd1ae70bcbee9334b.tar.lz nix-270ae591f573e470f951ab1dd1ae70bcbee9334b.tar.xz nix-270ae591f573e470f951ab1dd1ae70bcbee9334b.tar.zst nix-270ae591f573e470f951ab1dd1ae70bcbee9334b.zip |
Add sops-nix for darkstar
Diffstat (limited to '')
-rw-r--r-- | .sops.yaml | 7 | ||||
-rw-r--r-- | hosts/darkstar/default.nix | 9 |
2 files changed, 15 insertions, 1 deletions
@@ -19,7 +19,12 @@ keys: - &nipsy age1a9gp70y8576pkvklz2arz6h9ecnrjeue2vvh9mvvk92z4ymqrg4qdqm9va creation_rules: - - path_regex: home/nipsy/secrets/ginaz.yaml$ + - path_regex: ^home/nipsy/secrets/ginaz.yaml$ key_groups: - age: - *nipsy + - path_regex: ^hosts/secrets/darkstar.yaml$ + key_groups: + - age: + - *darkstar + - *nipsy diff --git a/hosts/darkstar/default.nix b/hosts/darkstar/default.nix index e175588..5a08440 100644 --- a/hosts/darkstar/default.nix +++ b/hosts/darkstar/default.nix @@ -86,5 +86,14 @@ #}; }; + sops ={ + age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; + defaultSopsFile = ../secrets/darkstar.yaml; + + secrets = { + "kea-dhcp4.conf" = {}; + }; + }; + system.stateVersion = "23.11"; } |