Ittihadyya/adyya-flake
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
adyya-flake/sops.mod.nix
Ittihadyya f808f77176 awa
2024-11-26 12:32:05 +02:00

124 lines
3.5 KiB
Nix
Raw Blame History

{ sops-nix, ... }:
{
universal.modules = [
sops-nix.nixosModules.sops
{
sops.defaultSopsFile = ./secrets.yaml;
sops.defaultSopsFormat = "yaml";
# sync ~/.ssh/sops out-of-band
# ssh-to-age -private-key -i ~/.ssh/sops > ~/.config/sops/age/keys.txt
sops.age.keyFile = "/home/emv/.config/sops/age/keys.txt";
}
(
{ config, ... }:
{
sops.secrets.wireguard-private-key = {
key = "wireguard-private-keys/${config.networking.hostName}";
};
}
)
({
sops.secrets.remote-build-ssh-privkey = { };
})
];
aspartame.modules = [
(
{ config, ... }:
{
sops.secrets.gts_db_pass = { };
sops.templates."gts.env.secrets.yaml".content = ''
GTS_DB_PASSWORD=${config.sops.placeholder."gts_db_pass"}
'';
}
)
];
sucrose.modules = [
({config, ...}: {
sops.secrets."forgejo_runner_${config.networking.hostName}_token" = { };
sops.templates."forgejo_runner.env.secrets.yaml".content = ''
TOKEN=${config.sops.placeholder."forgejo_runner_${config.networking.hostName}_token"}
'';
})
];
glucose.modules = [
({
sops.secrets.binary_cache_secret = { };
})
(
{ config, ... }:
{
sops.secrets.couchdb_admin_pass = { };
sops.secrets.couchdb_admin_account = { };
sops.templates."couchdb.env.secrets.yaml".content = ''
COUCHDB_PASSWORD="${config.sops.placeholder."couchdb_admin_pass"}"
COUCHDB_USER="${config.sops.placeholder."couchdb_admin_account"}"
'';
}
)
(
{ config, ... }:
{
sops.secrets.murmur_login_password = { };
sops.secrets.murmur_welcome_message = { };
sops.templates."murmur.env.secrets.yaml".content = ''
MURMUR_LOGIN_PASSWORD="${config.sops.placeholder."murmur_login_password"}"
MURMUR_WELCOME_MESSAGE="${config.sops.placeholder."murmur_welcome_message"}"
'';
}
)
];
fructose.modules = [
(
{ config, ... }:
{
sops.secrets.pihole_webpassword = { };
sops.templates."pihole.env.secrets.yaml".content = ''
WEBPASSWORD="${config.sops.placeholder."pihole_webpassword"}"
'';
}
)
(
{ config, ... }:
{
sops.secrets.postgresdb_admin_password = { };
sops.secrets.forgejo_db_pass = { };
sops.templates."postgresdb.env.secrets.yaml".content = ''
POSTGRES_PASSWORD=${config.sops.placeholder."postgresdb_admin_password"}
'';
}
)
];
personal.modules = [
(
{ config, ... }:
{
sops.secrets.home1_ssid = { };
sops.secrets.home1_psk = { };
sops.secrets.home2_ssid = { };
sops.secrets.home2_psk = { };
sops.secrets.phone_ssid = { };
sops.secrets.phone_psk = { };
sops.templates."networkmanager.env.secrets.yaml".content = ''
HOME1_SSID="${config.sops.placeholder."home1_ssid"}"
HOME2_SSID="${config.sops.placeholder."home2_ssid"}"
PHONE_HOTSPOT_SSID="${config.sops.placeholder."phone_ssid"}"
HOME1_PSK="${config.sops.placeholder."home1_psk"}"
HOME2_PSK="${config.sops.placeholder."home2_psk"}"
PHONE_HOTSPOT_PSK="${config.sops.placeholder."phone_psk"}"
'';
}
)
];
universal.home_modules = [
(
{ pkgs, ... }:
{
home.packages = with pkgs; [
sops
age
];
}
)
];
}
Reference in a new issue View git blame Copy permalink