kylekrein/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Moved some configuration

Browse source
This commit is contained in:
Aleksandr Lebedev 2024-12-18 10:22:40 +01:00
parent b83c4f77c7
commit 8959ab4ff5
2 changed files with 15 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

11
nixos/modules/sops/default.nix
View file

@ -1,9 +1,12 @@
{ pkgs, inputs, username, hwconfig, ... }:
{ config, pkgs, inputs, username, lib, hwconfig, ... }:
let
keyPath = (if hwconfig.useImpermanence then "/persist/sops/age/keys.txt" else "/var/lib/sops/age/keys.txt");
in
{
environment.systemPackages = with pkgs; [sops];
sops.defaultSopsFile = ./secrets/secrets.yaml;
sops.defaultSopsFormat = "yaml";
sops.age.keyFile = (if hwconfig.useImpermanence then "/persist/sops/age/keys.txt" else "/home/${username}/.config/sops/age/keys.txt");
sops.age.keyFile = keyPath;
# This will generate a new key if the key specified above does not exist
sops.age.generateKey = true;
@ -12,4 +15,8 @@
neededForUsers = true;
};
};
users.users.${username} = {
hashedPasswordFile = config.sops.secrets."users/${username}".path;
initialPassword = lib.mkForce null;
};
}