genebean/dots
1
0
Fork 0
mirror of https://github.com/genebean/dots.git synced 2026-03-27 01:17:42 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add SOPS on AirPuppet

Browse source
This commit is contained in:
Gene Liverman 2023-12-18 22:12:17 -05:00 committed by Gene Liverman
parent af5b45682d
commit 13989473a7
4 changed files with 36 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

5
.sops.yaml
View file

@ -2,6 +2,7 @@
keys: keys:
- &system_nixnuc age1g24zhwvgenpc4wqejt63thvgd4rn5x9n7nnwwme7dm83nfqpp93se2vmq4 - &system_nixnuc age1g24zhwvgenpc4wqejt63thvgd4rn5x9n7nnwwme7dm83nfqpp93se2vmq4
- &system_rainbow_planet age15xlw5vnnjdx2ypz6rq0mqcywuaj3yx8y6lrgf95satafqf7y4qus6rv6ck - &system_rainbow_planet age15xlw5vnnjdx2ypz6rq0mqcywuaj3yx8y6lrgf95satafqf7y4qus6rv6ck
- &user_airpuppet age1awdf9h0avajf57cudx0rjfmxu2wlxw8wf3sa7yvfk8rp4j6taecsu74x77
- &user_blue_rock age1rt72txg22w8y3cdvq9w7zff0cas6xtkplpj36kxnevfnrtn82f6ss7yw7d - &user_blue_rock age1rt72txg22w8y3cdvq9w7zff0cas6xtkplpj36kxnevfnrtn82f6ss7yw7d
creation_rules: creation_rules:
- path_regex: nixnuc/secrets.yaml$ - path_regex: nixnuc/secrets.yaml$
@ -12,6 +13,10 @@ creation_rules:
key_groups: key_groups:
- age: - age:
- *system_rainbow_planet - *system_rainbow_planet
- path_regex: AirPuppet/secrets.yaml$
key_groups:
- age:
- *user_airpuppet
- path_regex: Blue-Rock/secrets.yaml$ - path_regex: Blue-Rock/secrets.yaml$
key_groups: key_groups:
- age: - age:

9
modules/home-manager/hosts/AirPuppet/gene.nix
View file

@ -1,4 +1,4 @@
{ pkgs, genebean-omp-themes, ... }: { { pkgs, genebean-omp-themes, sops-nix, username, ... }: {
home.stateVersion = "23.11"; home.stateVersion = "23.11";
imports = [ imports = [
../../common/all-cli.nix ../../common/all-cli.nix
@ -6,4 +6,11 @@
../../common/all-darwin.nix ../../common/all-darwin.nix
]; ];
sops = {
defaultSopsFile = ./secrets.yaml;
secrets = {
local_git_config.path = "/Users/${username}/.gitconfig-local";
local_private_env.path = "/Users/${username}/.private-env";
};
};
} }

23
modules/home-manager/hosts/AirPuppet/secrets.yaml Normal file
View file

@ -0,0 +1,23 @@
local_git_config: ENC[AES256_GCM,data:9jIVTh6nqDGcKj716fyUuXy+6XtmeausivGSyCjZzRCJK57qEqDjmSE=,iv:K8Va81ikBySImejlq9BJAHfwKMZ87BId75HyX/fO73M=,tag:S8DH6Ue66YeQpY4QXBM7SQ==,type:str]
local_private_env: ""
tailscale_key: ENC[AES256_GCM,data:me57xxTIe9UUTMaS89FTZEH4q2PBjOkKnLU6gxtecttKG4NpxX8UhTRB9V9sUVHhOd9Ap6V1iHA=,iv:laPC5cs2BDzLgHvvvnXG7bhNsZkg/3NEskM2WNp45ys=,tag:FrlDqiaf0arcmZ2jfvadUA==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1awdf9h0avajf57cudx0rjfmxu2wlxw8wf3sa7yvfk8rp4j6taecsu74x77
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBL3RFM2VkTy9IODJTeDJD
S1lSYlV6bi93Y0RFd3ZLRTZQblA0Vm5CdEFnCmU5QkVkdmx0cHQ1bjkxa2k1YTVp
dzluekNVNVhuY2dMVGp5ZUlFV1hkL1EKLS0tIENEdUUzaXdqbEpvV3picVc0Vlpx
U2RiQ1NML0k3R09DNnZMTVdpZkdKbjQK1S6OLzASOC9zcsRPVK4uLrfgjkyouECJ
rdM/gP2BCk9vLWuC+RVEKl7+H9PDQZv14NVYity6q3LqLNasEGjR3w==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-12-19T02:57:53Z"
mac: ENC[AES256_GCM,data:dzwtvFMDXtiC8dSLjzlgURt/Z9cg8vv90P5b8iV7nb5iKy8FyzCRamTacUCeWNwhXngxAKiHYqonDka8BjvBT1K9sgsz3x2miOfV97gt1DWyOV5Ai0LLp6QwB3rWGaMGWWBFEmJviv4iAE+RRCnhdJHVYQJqRf1BLCudv/VxbNs=,iv:mVnV2uhg/yPMvnNkimz9iFwcHA5hWyk4nrFEreco+fQ=,tag:+98Ww009PUChzirtnWZ8pA==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.8.1

1
modules/home-manager/hosts/Blue-Rock/gene.liverman.nix
View file

@ -21,5 +21,4 @@
local_private_env.path = "/Users/${username}/.private-env"; local_private_env.path = "/Users/${username}/.private-env";
}; };
}; };
} }