pim/nixos-configs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Clean up secret management

Browse source 
Update readme
This commit is contained in:
Pim Kunis 2024-06-15 18:21:07 +02:00
parent 5d752cb279
commit 0cecc75e3d
4 changed files with 17 additions and 33 deletions
Download patch file Download diff file Expand all files Collapse all files

3
secrets/README.md
View file

@ -1,3 +0,0 @@
```bash
nix run github:ryantm/agenix# -- -e secret1.age
```

17
secrets/secrets.nix
View file

@ -1,17 +0,0 @@
let
pkgs = import <nixpkgs> { };
publicKeysURL =
"https://git.kun.is/pim.keys"; # https://github.com/pizzapim.keys
publicKeysFile = builtins.fetchurl { url = publicKeysURL; };
publicKeys = pkgs.lib.strings.splitString "\n"
(pkgs.lib.strings.fileContents publicKeysFile);
in
{
"wg-quick-home-privkey.age".publicKeys = publicKeys;
"wg-quick-home-preshared-key.age".publicKeys = publicKeys;
"syncthing-key.pem.age".publicKeys = publicKeys;
"syncthing-cert.pem.age".publicKeys = publicKeys;
"keepassxc.ini.age".publicKeys =
publicKeys; # Secret agent causes private keys in config file.
"sops-keys.txt.age".publicKeys = publicKeys;
}

BIN
secrets/sops-keys.txt.age
View file

Binary file not shown.