adtya/configuration.nix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

all: refactor secrets

Browse source
This commit is contained in:
Adithya 2024-06-30 23:31:42 +05:30
parent 5ff3c7fe7b
commit 2623f5b146
Signed by: adtya
GPG key ID: B8857BFBA2C47B9C
3 changed files with 22 additions and 21 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
common/default.nix
View file

@ -1,3 +1,7 @@
{ ... }: { _: {
imports = [ ./nix.nix ./secrets.nix ./users.nix ]; imports = [ ./nix.nix ./users.nix ];
sops = {
defaultSopsFile = ../secrets.yaml;
};
} }

19
common/secrets.nix
View file

@ -1,19 +0,0 @@
{ config, ... }: {
sops = {
defaultSopsFile = ../secrets.yaml;
secrets = {
"passwd/root" = {
mode = "400";
owner = config.users.users.root.name;
group = config.users.users.root.group;
neededForUsers = true;
};
"passwd/adtya" = {
mode = "400";
owner = config.users.users.root.name;
group = config.users.users.root.group;
neededForUsers = true;
};
};
};
}

16
common/users.nix
View file

@ -1,4 +1,20 @@
{ config, pkgs, username, ... }: { { config, pkgs, username, ... }: {
sops = {
secrets = {
"passwd/root" = {
mode = "400";
owner = config.users.users.root.name;
group = config.users.users.root.group;
neededForUsers = true;
};
"passwd/adtya" = {
mode = "400";
owner = config.users.users.root.name;
group = config.users.users.root.group;
neededForUsers = true;
};
};
};
users.mutableUsers = false; users.mutableUsers = false;
users.users = { users.users = {
root = { root = {