manuth/NixOSConfig
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Install sops-nix

Browse source
This commit is contained in:
Manuel Thalmann 2024-05-02 01:08:45 +02:00
parent 018699c7eb
commit 5ed881f694
3 changed files with 79 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
.sops.yaml Normal file
View file

@ -0,0 +1,4 @@
keys:
creation_rules:
- path_regex: secrets/[^/]+\.(yaml|json|env|ini)$
key_groups:

55
flake.lock
View file

@ -34,10 +34,63 @@
"type": "indirect" "type": "indirect"
} }
}, },
"nixpkgs-stable": {
"locked": {
"lastModified": 1713638189,
"narHash": "sha256-q7APLfB6FmmSMI1Su5ihW9IwntBsk2hWNXh8XtSdSIk=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "74574c38577914733b4f7a775dd77d24245081dd",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "release-23.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1713596654,
"narHash": "sha256-LJbHQQ5aX1LVth2ST+Kkse/DRzgxlVhTL1rxthvyhZc=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "fd16bb6d3bcca96039b11aa52038fafeb6e4f4be",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"root": { "root": {
"inputs": { "inputs": {
"flake-utils": "flake-utils", "flake-utils": "flake-utils",
"nixpkgs": "nixpkgs" "nixpkgs": "nixpkgs",
"sops-nix": "sops-nix"
}
},
"sops-nix": {
"inputs": {
"nixpkgs": "nixpkgs_2",
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1713892811,
"narHash": "sha256-uIGmA2xq41vVFETCF1WW4fFWFT2tqBln+aXnWrvjGRE=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "f1b0adc27265274e3b0c9b872a8f476a098679bd",
"type": "github"
},
"original": {
"owner": "Mic92",
"ref": "f1b0adc27265274e3b0c9b872a8f476a098679bd",
"repo": "sops-nix",
"type": "github"
} }
}, },
"systems": { "systems": {

23
flake.nix
View file

@ -4,19 +4,37 @@
inputs = { inputs = {
nixpkgs.url = "nixpkgs/38c01297e7ec11f7b9e3f2cae7d6fcec6cc767ec"; nixpkgs.url = "nixpkgs/38c01297e7ec11f7b9e3f2cae7d6fcec6cc767ec";
flake-utils.url = "github:numtide/flake-utils?ref=b1d9ab70662946ef0850d488da1c9019f3a9752a"; flake-utils.url = "github:numtide/flake-utils?ref=b1d9ab70662946ef0850d488da1c9019f3a9752a";
sops-nix.url = "github:Mic92/sops-nix?ref=f1b0adc27265274e3b0c9b872a8f476a098679bd";
}; };
outputs = { self, nixpkgs, flake-utils }: ( outputs = { self, nixpkgs, flake-utils, sops-nix }: (
flake-utils.lib.eachDefaultSystem ( flake-utils.lib.eachDefaultSystem (
system: system:
let let
pkgs = nixpkgs.legacyPackages.${system}; pkgs = import nixpkgs {
inherit system;
config = {};
overlays = [
sops-nix.overlays.default
];
};
in { in {
devShells.default = pkgs.mkShellNoCC ( devShells.default = pkgs.mkShellNoCC (
with pkgs; with pkgs;
{ {
sopsPGPKeyDirs = [
"${toString ./.}/keys/hosts"
"${toString ./.}/keys/users"
];
packages = [ packages = [
nixos-rebuild nixos-rebuild
sops-import-keys-hook
];
nativeBuildInputs = [
sops-import-keys-hook
]; ];
}); });
} }
@ -39,6 +57,7 @@
modules = [ modules = [
({ ... }: { config._module.args = { machineConfig = config; }; }) ({ ... }: { config._module.args = { machineConfig = config; }; })
sops-nix.nixosModules.sops
./lib/configuration.nix ./lib/configuration.nix
( (