delta/dotfiles
1
0
Fork 0
mirror of https://github.com/deltathetawastaken/dotfiles.git synced 2025-12-06 07:16:37 +03:00
Code Issues Actions Packages Projects Releases Wiki Activity

sops.nix external file

Browse source
This commit is contained in:
Your Name 2024-03-15 18:16:31 +03:00
parent 0bc665d4de
commit 385b2e533f
3 changed files with 36 additions and 29 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

29
hosts/dlaptop/configuration.nix
View file

@ -21,32 +21,9 @@
# localStorageDir = ../../secrets/rekeyed/${config.networking.hostName};
# };
sops = {
defaultSopsFile = ../../secrets/generic.yaml;
#defaultSopsFile = ../../.sops.yaml;
age.sshKeyPaths = [ "/home/delta/.ssh/id_ed25519" ];
#age.keyFile = "/home/delta/.config/sops/age/keys.txt";
defaultSopsFormat = "yaml";
secrets.qqq = {
mode = "0400"; owner = "delta"; group = "users";
};
secrets.cloudflared = {
mode = "0400"; owner = "cloudflared"; group = "cloudflared";
};
secrets."myservice/my_subdir/my_secret" = {};
secrets.singbox-aus = {
sopsFile = ../../secrets/singbox-aus.bin;
format = "binary";
mode = "0400";
owner = "socks";
group = "socks";
};
};
imports = [
./sops.nix
];

30
hosts/dlaptop/sops.nix Normal file
View file

@ -0,0 +1,30 @@
{ config, lib, ...}:
{
sops = {
defaultSopsFile = ../../secrets/generic.yaml;
#defaultSopsFile = ../../.sops.yaml;
age.sshKeyPaths = [ "/home/delta/.ssh/id_ed25519" ];
#age.keyFile = "/home/delta/.config/sops/age/keys.txt";
defaultSopsFormat = "yaml";
secrets.qqq = {
mode = "0400"; owner = "delta"; group = "users";
};
secrets.cloudflared = {
mode = "0400"; owner = "cloudflared"; group = "cloudflared";
};
secrets."myservice/my_subdir/my_secret" = {};
secrets.singbox-aus = {
sopsFile = ../../secrets/singbox-aus.bin;
format = "binary";
mode = "0400";
owner = "socks";
group = "socks";
};
};
}

6
secrets/generic.yaml
View file

@ -1,4 +1,4 @@
#ENC[AES256_GCM,data:tsH+OzO1HuSGhW6FpMS4z/B7MGsy53gL8AlR1OtddpQPM/drvvI=,iv:TFXG6UZ+yiIiI7no2I5ZoCBozm/QsckpR08aoVpWmA8=,tag:/L8bfExsQzgUFUyZVjNE6g==,type:comment]
#ENC[AES256_GCM,data:BoSXLfAzseyjQsS5GL/UW7XNfuU=,iv:IrLTGiH4awBmnZuC0AhkeWyTsG86DoFog7JTZ3g4rlQ=,tag:HghXG9MwBDCrmVeDp5yU1A==,type:comment]
qqq: ENC[AES256_GCM,data:6HrbuPwwDdOfWP/6+lQOIIrg,iv:w6MP9T0uRgew7fVvpYcmdM2OOHvWUmbxw5pEBE2s7m8=,tag:s3gFo1AIyDbuEWcqzR309Q==,type:str]
#ENC[AES256_GCM,data:byD/SyOeoUWOfbQgsr4zh3brXkNP0eX46qwJEAecN6KLokr2k9/loKL5n+vUHAs8WJpa1xwVuRw=,iv:nWv3leL6YaTT3IurT6wcvQCbvBoaWPihRk7VaZrptJA=,tag:p1ltRsWOXWvWy6DJlQdyVw==,type:comment]
#ENC[AES256_GCM,data:h2Y/qaN1lKO20UZJ+LbDofboZmIoX5qP90bkb1u+OlIlDtZwhB+hnB+RQ6CgQdH6rU7X3lyd6SDSYNa+GKILH3c7vDLa1Tfb,iv:x6/4DUzV0lHuCy4IjRqutyyMx4pQq4unF52yITEfmQ4=,tag:9WfRbeAKTsiwmSMb3K7wwg==,type:comment]
@ -21,8 +21,8 @@ sops:
ZUMveWUySng1eFNCNEc4aThLbHQ4MXcKP5sQvjLknHpO3Tf1rlg4+5LNqPWzBL4p
w+E3S1SsdzF5niYafdFj/5yc4PLdYR3JM9jxcuc2KzRWTM3oQNZH7Q==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-03-15T14:49:56Z"
mac: ENC[AES256_GCM,data:lv1Ku7JdlGXgn4RCkQqQWdXwf7ESvOo0kmZDBkouItg31MYMunEGCnv7VYAlcSmDY2HkLd/iDvWbumS3ZnvLMFpuSH5wGeA2NwW0zPh9yyUHgxVP72fQK7ddCzhOaqn9w/5IfRQBAfed4YOeCoqKKoGunwaJQRhFtPjbdT49GAE=,iv:PepxRwGwTvbhhA/h8MV9gRtaXOgiATvAjgNCODlbw/U=,tag:z3IbOL7szx26n9FVH9kMCA==,type:str]
lastmodified: "2024-03-15T15:10:31Z"
mac: ENC[AES256_GCM,data:3KTUBOZ32R+pG+1CqX1F7L5LSRrzSYBiU92565bu1Kl0WyllAtL+nVQei0ByCwJ/Au+Dg3OwYBqCc4JMZlxn8TM6KFb+j7ttCUL6o3/TekDSSAUlIGmNMUCJikaGAIWZ9JHPMU/BdNKQeltRTpxb6cU1Qp3FA1NQlr7f+dXtqn8=,iv:cOQplwWIm+kZB97EjzXkuhqPmQdFY08nWTrM4Ky33PM=,tag:7tQbnJICXsw+FUnG8D8o/w==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.8.1