nix-config/secrets.nix at d6451b9385f5078d6ce36e3ab8dd08fa07ad15ef - nix-config - Gitea: with a cup of Mate

dump-dvb/nix-config

mirror of https://github.com/dump-dvb/nix-config.git synced 2024-07-03 03:40:38 +02:00

Grigory Shipunov 44e046a2aa

Secret Management via Sops (#6 )

* sops: init

* add my gpg keys

* sops: add @revol-xut key

* add gpg pub key

* update gpg keys

* .sops.yaml: add marenz

* sops: add secrets for traffix-stop-box-3 and 4

* build sops-install-secrets on hydra

* sops: add keys for traffic-stop-box-{3,4}

Co-authored-by: revol-xut <revol-xut@protonmail.com>
Co-authored-by: Markus Schmidl <markus.schmidl@mailbox.tu-dresden.de>

2022-05-31 18:56:43 +02:00

8 lines

233 B

Nix

Raw Blame History

 { config, pkgs, ... }:
 {
   sops.defaultSopsFile = ../../secrets/traffic-stop-box-${toString config.dvb-dump.systemNumber}/secrets.yaml;
   sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
   sops.secrets.wg-seckey = { };
 }