aboutsummaryrefslogtreecommitdiffstats
path: root/hosts
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--hosts/fangorn/default.nix16
-rw-r--r--hosts/secrets/fangorn.yaml25
2 files changed, 32 insertions, 9 deletions
diff --git a/hosts/fangorn/default.nix b/hosts/fangorn/default.nix
index cb80dd5..d383036 100644
--- a/hosts/fangorn/default.nix
+++ b/hosts/fangorn/default.nix
@@ -62,16 +62,14 @@
services.xserver.desktopManager.xfce.enable = true;
services.xserver.videoDrivers = [ "amdgpu" ];
- #sops = {
- # age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
- # defaultSopsFile = ../secrets/fangorn.yaml;
+ sops = {
+ age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
+ defaultSopsFile = ../secrets/fangorn.yaml;
- # secrets = {
- # "nftables/ssh" = {};
- # "nix-access-token-github" = {};
- # "ssh_config".path = "/root/.ssh/config";
- # };
- #};
+ secrets = {
+ "nix-access-token-github" = {};
+ };
+ };
system.stateVersion = "23.11";
diff --git a/hosts/secrets/fangorn.yaml b/hosts/secrets/fangorn.yaml
new file mode 100644
index 0000000..dd5ab96
--- /dev/null
+++ b/hosts/secrets/fangorn.yaml
@@ -0,0 +1,25 @@
+nix-access-token-github: ENC[AES256_GCM,data:5VERSDp1ROol58nG80J+84fBB7k8GyFd46U/D2+zW1iVV12Y+IbJf9SNuR0Wca1qOxR4v6qRZjkTOL/d72SwBCGfmkA=,iv:qn8u70EGF/2H7tQO86rLNQVPeoTuk9eyn0SFwrHpHRs=,tag:bPGqZUavVXzmZZGrMUkveQ==,type:str]
+sops:
+ age:
+ - recipient: age15yqlem4d5h4mz808j72ccd8mrdu4p8hyal2k988jdcmtqrns23xq80896d
+ enc: |
+ -----BEGIN AGE ENCRYPTED FILE-----
+ YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBUcWdVV0hNMlJSTnRPV1lu
+ WnRNalM4cjA2bUdYclRxcmFGSTVjMEYrV1FJClB6NGsrcnlpWDJWK1M1ZmtDbE54
+ SmhwZk5VUTJGSWVEbkVXMkRydEJ2cWMKLS0tIGVBb3BBRnExd25FblNOR1FLWWF6
+ NUU0cjAzOW1nblJ6SEZjN3NpZFJpRDQKwIG60pc821BmWTymHeyY1SSLy6jpFowN
+ 2AuzBldfk9Tm3g/bfcXV8Af/YQMX53xrYawUQiDALOHNAj7smZWvRw==
+ -----END AGE ENCRYPTED FILE-----
+ - recipient: age1a9gp70y8576pkvklz2arz6h9ecnrjeue2vvh9mvvk92z4ymqrg4qdqm9va
+ enc: |
+ -----BEGIN AGE ENCRYPTED FILE-----
+ YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzZjFkcUxxM0VsV2RFSjhv
+ d0FyKzBZTllGTnRLL1d5NmNBT0R3b2dhZ1M4CkVEOTJ5SUpDVUF3N0hJWEtOL2xP
+ eVFnNkJST2R0U1RDZ1pOdTlGUzF3UzAKLS0tIEUydVcyMmFlMEpXemNKcnJsYS9V
+ M3F3blQ1dGxoWml5WEc1R0ZjblN3bkUK0+9zLdJi4u9JE3ijbP/SVNPqe6tXBcqw
+ gS+N2V47O63fjGM/VSXMywrB5aatwU9xUW5+A68qwgHCXTcHYGiHvA==
+ -----END AGE ENCRYPTED FILE-----
+ lastmodified: "2025-04-14T19:53:57Z"
+ mac: ENC[AES256_GCM,data:JlVFa18N4w+y4RIK5GG8XspsW6BL9U7IpU6IEpG3u4R+h/3UpLFvVqOE+sK4zdUaDNajHk0Hc3oE2RRsTaf0MUif2utqSpT1y7fqaVBj6LBrqH7pu3KNRnktfLb/VOyovAj6yT1Rmko1YtcKw6ZPu4r9t/Vi5FAZP1+3qLmWyv4=,iv:e9z7vP2W4AWACCEDto1eY2i0PwD4l6W3c6+KWcduwZw=,tag:LQoyet3sJKh4bpn+FE40Yw==,type:str]
+ unencrypted_suffix: _unencrypted
+ version: 3.10.1
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-20 14:07:06 +0000