mjallen/nix-config
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Files
32eadb044d65b92bb0e23c506b8a2011701aaf02
nix-config/hosts/desktop/sops.nix
mjallen18 32eadb044d so many sops
2025-03-17 21:34:53 -05:00

74 lines
1.8 KiB
Nix
Executable File
Raw Blame History

{ config, ... }:
{
sops.defaultSopsFile = ../../secrets/secrets.yaml;
sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
sops.secrets."desktop/matt_password" = { };
sops.secrets."desktop/matt_password".neededForUsers = true;
sops.secrets."desktop/hass_token" = { };
sops.secrets."desktop/hass_token".mode = "0777";
sops.secrets."desktop/restic/user" = { };
sops.secrets."desktop/restic/password" = { };
sops.templates."restic.env".content = ''
RESTIC_REST_USER=${config.sops.placeholder."desktop/restic/user"}
RESTIC_REST_PASSWORD=${config.sops.placeholder."desktop/restic/password"}
'';
sops.secrets."wifi" = { };
sops.secrets."ssh-keys-public/desktop-nixos" = {
mode = "0644";
};
sops.secrets."ssh-keys-private/desktop-nixos" = {
mode = "0600";
};
sops.secrets."ssh-keys-public/desktop-nixos-root" = {
path = "/root/.ssh/id_ed25519.pub";
mode = "0600";
};
sops.secrets."ssh-keys-private/desktop-nixos-root" = {
path = "/root/.ssh/id_ed25519";
mode = "0600";
};
sops.secrets."secureboot/GUID" = {
path = "/etc/secureboot/GUID";
mode = "0600";
};
sops.secrets."secureboot/keys/db-key" = {
path = "/etc/secureboot/keys/db/db.key";
mode = "0600";
};
sops.secrets."secureboot/keys/db-pem" = {
path = "/etc/secureboot/keys/db/db.pem";
mode = "0600";
};
sops.secrets."secureboot/keys/KEK-key" = {
path = "/etc/secureboot/keys/KEK/KEK.key";
mode = "0600";
};
sops.secrets."secureboot/keys/KEK-pem" = {
path = "/etc/secureboot/keys/KEK/KEK.pem";
mode = "0600";
};
sops.secrets."secureboot/keys/PK-key" = {
path = "/etc/secureboot/keys/PK/PK.key";
mode = "0600";
};
sops.secrets."secureboot/keys/PK-pem" = {
path = "/etc/secureboot/keys/PK/PK.pem";
mode = "0600";
};
}
Reference in New Issue View Git Blame Copy Permalink