diff --git a/.sops.yaml b/.sops.yaml index ff1eaee..7340b99 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -1,2 +1,8 @@ +keys: + - &admin_pim age189laethzry4ylnd790dmpuc4xjjuwqxruc76caj3ceqhqug4g9qs0upuvw + creation_rules: - - age: age189laethzry4ylnd790dmpuc4xjjuwqxruc76caj3ceqhqug4g9qs0upuvw + - path_regex: machines/sue/.*\.sops\.yaml + key_groups: + - age: + - *admin_pim diff --git a/home-manager/default.nix b/home-manager/default.nix index 2010d83..a07c047 100644 --- a/home-manager/default.nix +++ b/home-manager/default.nix @@ -2,7 +2,6 @@ lib, config, inputs, - self, ... }: { imports = [ @@ -12,8 +11,8 @@ ./gnome.nix ./syncthing.nix ./vscode.nix - ./sops.nix inputs.nix-index-database.hmModules.nix-index + inputs.sops-nix.homeManagerModules.sops ]; xsession.enable = true; diff --git a/home-manager/sops.nix b/home-manager/sops.nix deleted file mode 100644 index 88c2112..0000000 --- a/home-manager/sops.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ - self, - config, - inputs, - lib, - ... -}: let - cfg = config.pim.sops; -in { - imports = [inputs.sops-nix.homeManagerModules.sops]; - options.pim.sops.enable = lib.mkEnableOption "sops"; - - config = lib.mkIf cfg.enable { - sops = { - age.keyFile = "${config.xdg.configHome}/sops/age/keys.txt"; - defaultSopsFile = "${self}/secrets/pim.yaml"; - - secrets = { - "keepassxc".path = "${config.xdg.configHome}/keepassxc/keepassxc.ini"; - }; - }; - }; -} diff --git a/machines/sue/default.nix b/machines/sue/default.nix index adb80e2..b60e7dd 100644 --- a/machines/sue/default.nix +++ b/machines/sue/default.nix @@ -7,7 +7,6 @@ stylix.enable = true; wireguard.enable = true; compliance.enable = true; - sops.enable = true; }; services.tailscale.enable = true; @@ -15,6 +14,11 @@ home-manager.users.pim.imports = [./home.nix]; networking.hostName = "sue"; + sops = { + age.keyFile = "/home/pim/.config/sops/age/keys.txt"; + defaultSopsFile = ./nixos.sops.yaml; + }; + environment.systemPackages = with pkgs; [ borgbackup kubectl diff --git a/machines/sue/home.nix b/machines/sue/home.nix index 317ad57..9310724 100644 --- a/machines/sue/home.nix +++ b/machines/sue/home.nix @@ -1,4 +1,8 @@ -{pkgs, ...}: { +{ + pkgs, + config, + ... +}: { config = { pim = { tidal.enable = true; @@ -7,11 +11,16 @@ syncthing.enable = true; neovim.enable = true; firefox.enable = true; - sops.enable = true; }; programs.chromium.enable = true; + sops = { + defaultSopsFile = ./home.sops.yaml; + age.keyFile = "${config.xdg.configHome}/sops/age/keys.txt"; + secrets."keepassxc".path = "${config.xdg.configHome}/keepassxc/keepassxc.ini"; + }; + home.packages = (with pkgs; [ jellyfin-media-player diff --git a/machines/sue/home.sops.yaml b/machines/sue/home.sops.yaml new file mode 100644 index 0000000..cc9e238 --- /dev/null +++ b/machines/sue/home.sops.yaml @@ -0,0 +1,24 @@ +keepassxc: ENC[AES256_GCM,data:OLAzLx07hFjoa3Hqdp6xhcGZKX7IoPt+Y31WPVS7PRrowBup1tyI51JlKeSsmHIwJ1kSF+7Jhfw1vOgylFcQzZc00hCgiK3ksFkjYUrzLnPsuKPgBi4Jc3Lnb5K+rqJY8P/7OLWhrAFvscKbMo1trQIZ74qKOGxP45DYJL8kDBRsY9+/6nq9bbIaiWXsp8BUiKXeM+O7XnQ+Ir+vTCF7DTNNArD/wT/x0omZL8SzP29ekhQIBSSiyuAIzQ3EYg5rwa9l6xmfatCnKkwXvqDiEGsTGAZj1hUvkHNCgELwRkyYZXyvw10B2/A1x96LryVBGRB0AxXuLgW3kApWLpxLo5lxUwZXv/TjoOhhKkz92S1hMUJg8nQPmBmBEmTQtfT9NF8t1f65MRaRHwXnaSYDChGoa6YEKWt6/FF874Vw9FsZ87SJXdm+hdrgPiSH7O/dJEJoO103WbrzzumYBbLCtjSDBSbn5xxjb4mfCJVatKTSTuWXNUiXJd0Fy78t8kz+zsASLQskSKpl1/csXsErpKDLSjEfObTx0n2ZNpM8z1KFcLFbzy1WyGHReZ4aJDXEWUnhpFT0bYMNSy8cFNw40XKAptiUq16l41uMkT1nsF+tp+bbGDVZjVy8fQb1P6xmcMWviYw88F2AFFWF05ppE+oXJ51e1W8Fs1NhdVnVRds1sMcLJjx/HTs8rZnUBy7cDwmLAo/V5swkV2eUC7sD1CnZHciuHlVXPVRBkRmE+i9Zanrx9SXr+psvAOV9/t6/8UQxVcs+x4/iqtZcf9vfOwaAufH/lci45WpUcAQb7KhsvnYUmzoOn4t3A4tMe9nCb9fQwNxqIHhZ/lWl5lsxc+uP/5cuYNvCSsliSChDJaNDLt9NnIrBtqLzrsaIfqSK1vFuzYYIh5yuyxPh+TfPFR/KqzjIbVyar0UGmISXJ+9DGPvb9J6GkXggyO4cNY9E9Gfb+8nWOtCPnEFXG36oZAmI4QTCDpjJ0Gp+sROQIvLnpT1uREeDc2u+P7V2Y04h1OVJSPZDUlR8bKqlOXZ3lq/g/rNDxTKit6XLRUnz8u3DtiH2tmSZZ7OhyKhvuwcNgV++3isFP216wJ/x59bUSCJ6SNss3wBgtmk0GTsKU3rWa9MYWpBbS++ZcJ2F5anj5stpmTZguFNL3hYZQLPUoSxUd74dwYUTab3mfK7TeKZFruzE8BapPgjH8rtBnhrhl/88r0N9Vo1poJFBdiaJ3KkYn7vOQCYgPQPXLt1IrlOoplkEzGbtQC7gLSjgMtsT2tQYVqJqJ3DHDMrcVd2iBMENn82Bgnf8vTKz4OTWwy+5AgRD/IOsVHbUqtnS0pAx58S8TEm840mnYWYZV+AprPqLHfi/G0tU54J4McEwxmJsKwP+p0LCACC2dFRjLPg6ssvXStYk/AfE58fIZxkgOf6TjXTH90a7STmN8E7IrbPGNywI/OeOOgt+Li1WfJzyS0lE9IDvXwwNkzHJhlDFTCg95q2FWXvjyF68JMMtesiqz8SXKSjDMzjsRm37obTDvmdBGAO0NuC236GcYvF15KNSuDjcVWyoWPd2xMzCcM/dXHfg3/dlheju2g1TwskoSKnVCcRK8B4V/rSqJfUSTrAsKOkFS5x9ZK1Wm2SEe+lhHr9sYC1fUcU077geCj6OimZ0H3Aky0/KI1H5/zDxlmoS73z56S5nQjII8IWS+LjvSp4j8i28NS/SGqdrgVUQatV5sCctast/U32MbnGn8zdHYJJWHYqY+nXH/n6Vg0e/i7ut0/uqxDbFngVmJbWKwN5dLO6Epv9qskdleWCruvAh7y9qhvmz+k/lxwHiZkdMdOgoUrmIoC3Yn+lGG/xF87PG9TsBF88vius85O8HxY3o3td/awbkUD5x7+OiLdIVnM0iUQDSbdrvFla6qHVkB/kUqcli6GYhaP9HgLUWKm0YgrU+V5eufTG5fu449Q0RcpsSLpncRXghiiZUK/V2z31tVuILeZmlqPBRthQz4xfDgfmzohDu71ttX+2Ih4np/uWIMPx+7ppGWarkp2wsTq92hVAT+U77r9vSQo3H6+8CSpA2AY6q1MU9VPtA0Ze2ZyF8GI08qtVRPiJ6W1q9D3SEBrI2STnk/KdvVu7J1q1HJ6yEVtGBGogXivQiqK/BzXWnDMIzsclU/UZESRVrn+E055kXYDFzKZFNFg1Fa1QimhBs1Ayd4z/aOpWbaXBxOL8jIcmUlRskRU8mQte4vglBNQ06YDZ8OAx8pfaKAz2Xplte07vphWrUnXnFCcQdVrpHHKKN26QhMiObJ0NTUQdWUyiFAiYqmMROanUjVHz3qQQJqW8qq9Z14jXU1lPCOBkcIhvF8hm00Y6OLR7CrOwBWV1t46LC90fyi1VVMcEIKYdNVAvHVVH8jhM5oo6pVcEs7PL3UNHaAldW5KqeFHK0hM4VKUs2vUS5kunYsBBqNFGTYHTewonm+DmB2GM+QOIak53buaygQ37wP4Z4j/QrlIIxtGtUPQo4rENJuCs8fTb1DobDtQrta0NY42vf20VGiS8AJ9kpvj0jC+536RPX1tmu7s6pbsOtvwy1CbDjQyvCmpb24Pv72XtwGn3TQ0GIS0i2iDtRPMgywFbQ7/GctHr8+ikW5QehqRyL1nVtTO876hpYPsztvcqpzA3ZTXHGvAAODsYuHMXNze6xRuQyO0zReT/1aqaL7RH5W7vN6owH/brbsZlnSgaMktTpUNk0F4gQ7/0IxG5Pp4gGoMfXo46D5nGhr57oaSL/RWfMcTQ+f/A4HMMqnPfI4M3MO3bcfs6C75EXiy4EAOyP7uivcCvhRD440195rydqqjIliFFIuIToDjQNZfpU0HnrsSynn5qf9Z8DAuLN9NgbaKq2CbeXxYExOoM7VszulP8XaNpl4gLWONaWvZiQz7+IySlvPu6FpHxAGSNlS6CO0OCGKgcr485/q4T5h6/cH99kvWlNy1sEpoJOOu9bT04fKsSutJ9VihAZy/6s88Jj2IM1OGiU0dP68/GL12X99nYXtVeGTkM7CZYJujOJUf7wx+/UrFFExbUtT+Iv/rlpDjECHcnmrDJcvhEDw1DOAUYyvTd7F3n+rkXpw9MocwY03xuuNcZ/cYijbAe3P5OeCbph9NEFh+E/D5l7G8WS19xLIfb2NP/J0LV98F+o+kq4dqXje1rurdZvWhvjYIpkcfa2MP5QpC9ptSdJwL/Fh9ZF30qsUg1QDeM6jM8Umzk+OWJEMJKQjgxn/KqTlOFDd2MUANsNqxKfvt4PArpJao7CBp1Kywb1Wj8iPCrOviCe8YT1KDcisGhbWhAlr0Bmf2vMk1ynaJg7gf2dpEUNP5L/yRIJQq/+i/6zJnEmu8kf9YEmRvEZKEwFNkkPVztBiub87u6TK48IwXMC4VUQVZyOzd82nLdwdVmdsx5puSm6KLFRNDU1VV25f5KCGcFlBqiRDucg/Em5wYvuTtsTGEm+ff3veP9BeOinzA94wzf0XnZ37fizTg7lv8LoFo6CdqM+/OTPrGubdHTPCKfAmbYWHN/Oa6UEnO2QeOKtpbXenughSoUClsVi/cFYFPx7QWHfqyazjTkJwX8W1SXCu6b3D116NszcrEadTpK3TVOxlVLCG7jZ+bPpT29/Lezrcn6Itsab8uDZEdejflU1lm9d78/bCLcodxcl2Z9DVrsmuYfSkHuOrCVuZ2nh6tjr6IuB072mkkPZN72xuLbFcp7sIcaQF7kO1yk7Z1tQsHkqhl4xo80z6vr8IkmKrHpcxvnrysTxfy2qHCimieAa0OEy7c1SMFyRKUmgB3L1CQQeoNF+rHspZdI6bpCEdU9QKGI570HsE/UsYbyHg15i8wmXlxO7zBv5ER96qlou5seeJCXH170xE5uiKkFAI1KSR7SdY4dFnLq2Z0yLNbtf/3NiUKX2F32UEzk5YRw1dbCpV2l8FhO+bW8oYrUEWeDxSb1PFnNNALVl9DCyvIQsZtsWVxIY51gB+L5fL17otuzKKJn9YUppIhlYkJ+fPs3AxLKIcL/IBd7XW79o/TFscQcCwzK7FmqPKGvOiqpN2I1IFyTuLCkFjIB7k49idnxDfCbCfqPRdOHj6nu+qKNhLAPijEnnUzX2PdiedalObpb2/1Z74jyl70VNSgiH7ZgHtd5mFZDiRTAtX8RuSHM9v7DHqoDtZthjFsaJUG/ORHnQkr0kMLKFbhR/dvk/SuSpGlUcBpGqHmlveeQoaZdV7pXFM8qNha3VIOiC6M8NDfMOyVb7mh68aNKI8G3S8O4U3VXtKXlWN61S0TO/ZFYE4znHUcjUkgpZkK4sgfVXXfl6J8k9DtBy2tLdU47Ev9s33AbMBt97lBRy4xHCFhTsXOvJf+wznc3djEs5x+ZjEMoID91wsK9tU0bCAr54j0HgdXBYbmXMNO0vpecy61jRJU8RhDkQOtKtbsOysStVejJzQKuOrTuUVAvbBjfjipHent9q2pVXXFtXmvAY0RgX8Johhf1KHvIvvmOB329TQOm/xEHbIQn+bWc44OvQo9bqxHK7e/dgzD1EDGKQVJkT/eM5KJLECDxMRrsUR5d+GOc46kxvajQMXiyhgAZ2uMoVbNWtmcJjO3WfkpRvjHw1ruUUFMojp25jYaPs169Uay3p18o0a+plpfd4j41uh0mdLrthgkGaoRPC5m35k5zrPYH0KXJWPUWiaTtCzbkQbHrJ4wHpbb8HpRghmaTKp/ucrox83qUl5q/fOl3zSFnCLzZSgqiGDr49S6Zhz3Kn0vlVPnJXOW9VP8fA20VfO13uFeNVoRa4vKufUlwxI0ru3RgihIX+Pqaf2Utc16YAY+eD3NQdU3QCBY+HTy7Tdx5rdli/wjGO0f51cgZxisJ/IiD4g71wOmuARhSm9aG50K5J2W75I33eKOxzv5IsdhKfsSsNPNPW/UCAQed8OOcxAV1QlbYQmuX9nbe49GEMv8mvVM+BdETIblpzql8jimq+yFn7hu4bSXSc77zpqAo5yFjZqNRlltMFoUDcCdg2Vhk0EegVFJcAm97ofI3VxyWsjfr8XE7hPkKMExf7jyyzeB85AQ5r6SFLqgqsHReD+D3loNmAs4KBUlit4Y9wSyFZhOpfLBFKA9b7kLDPhBn/nd7+ytl2YmX9LpcxTgTHWuwuUCcW5/4unWUlwQz/lwB+fxd4XZi1lfzr+C6sx3K32vfxoJD9BbGUFZ3rnsk58Hv9V8B16k0jQi4xtk64n7KqUI284QUkT6BUODDMD5PqNPw=,iv:ZuPrxGdtL7yfvU9mD9NFJlNTzfRY1af2tUAXhvGvQoA=,tag:ZBu+pR4LbdfOxsw/nTzTfg==,type:str] +syncthing: + key: ENC[AES256_GCM,data:RynMajMIyEL7E0q5/Rk9ev2/Pd2dqeseaMKiZGEmd59PLuKISuXoNWpy2HNh6rHt+uYPnr43Np7+w13lp8LDz8G5FgW/jy2tHSTBOaFamOpzvKSJAr6yFvuRvbzcO2SW7WKLsVwVFxzj3gLUoG1cJYiuIX03pOB8ljQerMN0mlA8wHBLyIvCGfFy/XekiLpwfl1RjXhCvA0EMn+8o5l4cexXVqh779MEhw6/SbC7g/B5nobT/AQh9z/m4DKxYKB8v2jFdCJck4Lqbz97HL7KaDme4l3iMlOek6kWkYMQiXnr1/tDhDlaI0uBSMCL8MXrhq509S4iNhdtsn2Dq6bjhilTw5fdqTuD2miaU0soF7XEmRMtx3vIz8ju56iEXwFq,iv:pN9P/AoJwnvU3Rg0hngjqM7IonqWSze8qcAURIG++7E=,tag:UueCEDULSy1mf3d3WEdoww==,type:str] + cert: ENC[AES256_GCM,data:XQR+qIz5QUsP9hsyW1eQxrRx88tCZS5vSaF/2HQhGjPIoK0KQe9N40aoXe7KjPCALc6iIlRzpPJtzpgMe+6Bcpl8lvcarHx7/6KTXshGr+0DsMCbdWlA983qCe4zdUpNdTE2YlsbUQmsX2Jcnx2/Tt5S5Z76r7Yn3wKbE25Al6RlMNBxqtGCCgeD31mfZO8RT5AFoSWiGcSo/Q2RjO5/WbPyN1CxKfrINWl9RpPku+nOrUHI8zY/xl+RYDz63ABCZfVbKUPsh7s/CJUr1Ed7m8nlAP1SBYY8n88ifiCoq4XPUaMpQT+LSftiUKjBkB7ASFp3WccDkBLEGPJBhf7BSwBW+IGEHjAJxghCUupnQsvus6cSTwcrLdXLruSRNtQxP1bDjh+92q+2+G8e/715nS+tUELXkktt8lLgY4KpJu738gflaJDCnBsP0HXIkmeZTzgGiWVAYjPaCFW7tCubpeayPQHG9zBLnUGRnsmarIeJx2YJe3g2+TbKDseW9phD/Mq3glaspEQNsNpauECYnA4idfzhh+/AQQpXLq/JoZ/u5EaGjctdndcJdkM8N/jGvkX3jMq8xAlQ/9IYtyhKJuAbho4VKAR2VuGkbTRxm+H7UglTJTA+xvEt8fItcddssjO3JTRBfXLpT+pl+QqgS7OkLiVOpaQv9g+//y9GBSPTY4iwdiezi05hdEECJpvkajfoW1DvOmhsIMpQDlBL7UymRbTx9Lt8FPxs9PI/hRNzMXoikAdxQGc2bqHq8UcZdJOSOSIpcmsPDB/cTJ0DAjPk/bijFaH8DXE5psUSjGgONdIjVTP8WNf0up+gCPxuZl9Fmutqlro3y1zYHnApUKHT90un/CakFI05haG21c2NSMj/8K3XGA8cahiMWOcBg252aUloLiBWdxos+bM+o5Dmm7Nfjvk4UQQik8GegyC+MydDBfQglc6SdQJiZwWs49MWHsA2xgHFzYCJxkp0QJNcJ8VCKYU0ai8TKeOLeYcvTuW6EQgnjz3INE+SgV/eK4RopNb85XDl9RvAL0FRXcul7aQA6kKaJb8=,iv:x7jUdzbfSs4t4IAvxYaG0iTnSW2sP7IdCGVhrs/v4d0=,tag:YQfmJK6H+Zk3YCPH7kd0ug==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age189laethzry4ylnd790dmpuc4xjjuwqxruc76caj3ceqhqug4g9qs0upuvw + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBFVmp1NE04Z3BLamJmcUx4 + MlZ3N0FVL2EwSDg1OG9uWDY3ZGpYRWMzK2pJCjN5aGlZWkhFSml6SThRRHkzOHhZ + bVNwYnNXREszQTAybnI4SUhvTk5kTUEKLS0tIGhkUEZ1VGJNQ1UxVkIxREszeFhJ + c0hUTEk1MlhxZTRkOUZrWjBpQ2lla2sKwhgQQ05yZOpbn8cLIYdwAQJIbkgXXPKO + ppBCirRPqv7s3JVF3zYCfHPQ+Hx5H/FzfckDgkFFt5NVtIK2D/3oIA== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-11-17T18:32:05Z" + mac: ENC[AES256_GCM,data:y2lb4TlzCGDcXc1ZxBhUIrbdJ7ZT0gEqjmpCf09LnSKOHCSNq7FPGSUDWolBUuFgo94qng6rDhqafJPBoaUr54k3Z8aZ9Z+glJRz4WByBan6Qom84TFlHnd197AgkpiK3WE57lpFKvHxkm8OW6KjSSsr1JpiHaod5NuP10tgrHc=,iv:BhuHt+Yz8jwrYWiQDXncTxhWE34bznm/JCXe0vj22NQ=,tag:OvY9H07sPEk7A2hxsOhhxw==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.8.1 diff --git a/machines/sue/nixos.sops.yaml b/machines/sue/nixos.sops.yaml new file mode 100644 index 0000000..2e0eb2f --- /dev/null +++ b/machines/sue/nixos.sops.yaml @@ -0,0 +1,24 @@ +wireguard: + home: + presharedKey: ENC[AES256_GCM,data:TXCvGNW0iU74TnC2tlYBGhGfiuQmscVq6EPRr8dcRVI23au7nm2xQU5Ubfo=,iv:drGxozD/d0kqxJckJNKo0U7trgjAOMpztCqCxX+IJx8=,tag:liDTEqzrN48UslLMSgn6iQ==,type:str] + privateKey: ENC[AES256_GCM,data:YQZvCfXR3Gc21SDFmypBonTaVZztJm9RtO/Aaiy51PV5BfPg4Rgw5+bCuGg=,iv:K6hMqcgmhJPOfT/DGWpDb+5n2CB2nblZrIKxfRZGRek=,tag:UNsrY+WzSnh2Mh6GlY7p0A==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age189laethzry4ylnd790dmpuc4xjjuwqxruc76caj3ceqhqug4g9qs0upuvw + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSZG5oSDZCdjBPalBOTDVU + aDJVaC9lSE9jZ2M3aEVaZTd0YXh3azBQTkdrCjc2QWFUN2U2ZFdRc1VSMXhwRTRu + N2VpY0haNElXVmhzVUhoZFNnNXYvc1kKLS0tIFRHRlJzS0J5b1J4a1dTSERmc2hy + NGxjNVpvQnU1WVoyQ2xDeE16b2JuWEEKiVqccRZfhp1mQ3ecnogxrIkC6EZq4kUG + kLJbBFwf1FkWZQgFq9tKNBf0vykjF0qnSDXn1xpIqht3B9Vtnggjvw== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-11-17T18:33:25Z" + mac: ENC[AES256_GCM,data:korXgi1xEdCr18DQNFF5XwuFum3GinSLH+L5Mhhy1PHzGJ4S8WuutRONnbX4tw2p16XH/KPszA3u+ypo3IthEEJu8KrmlHhUrZiA2scWpNL3CEaDuNJ6CN9feLgS0FExYxWWQ7qLorTH1JuzRhg0aW3cKoTW32FscrAku/ni3pw=,iv:MskH0LE+xHCNYRvOiBVW173ePQsg22Fm/XUwS7Jzxwk=,tag:MVcDcUVVUtsIKbROWnboGg==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.8.1 diff --git a/nixos/default.nix b/nixos/default.nix index 554bb27..2c2dc77 100644 --- a/nixos/default.nix +++ b/nixos/default.nix @@ -10,9 +10,9 @@ inputs.home-manager.nixosModules.home-manager inputs.nixos-facter-modules.nixosModules.facter inputs.disko.nixosModules.disko + inputs.sops-nix.nixosModules.sops ./lanzaboote.nix ./tidal.nix - ./sops.nix ./stylix.nix ./wireguard.nix ./gnome.nix diff --git a/nixos/sops.nix b/nixos/sops.nix deleted file mode 100644 index c156b19..0000000 --- a/nixos/sops.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ - inputs, - pkgs, - self, - config, - lib, - ... -}: let - cfg = config.pim.sops; -in { - imports = [inputs.sops-nix.nixosModules.sops]; - options.pim.sops.enable = lib.mkEnableOption "sops"; - - config = lib.mkIf cfg.enable { - environment.systemPackages = [pkgs.sops]; - - sops = { - age.keyFile = "/home/pim/.config/sops/age/keys.txt"; - defaultSopsFile = "${self}/secrets/secrets.yaml"; - }; - }; -} diff --git a/secrets/pim.yaml b/secrets/pim.yaml deleted file mode 100644 index 2de9ee1..0000000 --- a/secrets/pim.yaml +++ /dev/null @@ -1,24 +0,0 @@ -keepassxc: ENC[AES256_GCM,data:8x55rhDVISBQIufH7qLRI7GLkAg11VGjblap8aOmd14l11cVNabkyREMn804HJH/mkWZDubXs2D4/37s7hJ1shxgigVydlbjvG0GpZrIb7326x54yj98ogqvhvSsxhZEpnsHvc/J3mGXQMtxey6FOJvvo0g91jwYPRgDlYRaHv0NoXeJzrkiXzPhE4ah3KkjCzDLq5lL9A9+kjqn3d1eolGUQel41tuQQUrXLLE7N7lWj+d8N4LbsipudQUns90FPVJdln8oY16wD5Ig5jM9ePS78WggrwfJDgYHV5cXaf0yHYadzjkivcsY8TxnQ1kZvYSIBzHVjaDYm/60sFS+1s8hpyOIC35uVsGueM0NzJ59U7P23RJ1QjpS5prbmL30LEMUT95Qvd97IihuPlz0kPiWRuo/1KJsBCRhLEFRW8XCbY2C44NRaIGHwK9/mt9nUzmn1Jvts1wuS+Geh7S2UYyLqn7TKQbKpGZc0RaJJUL1HPWL0B0hf96ypoWXn90cJO/E7OnnlsI/AiJLeUmLpZu6b0RNNr60Hy2QHM1j1ICCFno5MoBtJzVQ8ddx/zZnMEx0wtI77DA+m7fNaJjA8vxL9MmQFgaLUmQVO0xpns1vi6icsnTHXU6mxIBPuxeXndlL6hq7h/dfsdWXkZnkQbTCfYwtvBOOEoEgp860ZF5PZxER3UseWE0zLAtiUzn8hQCoZYzv+875QPDExe3a+zc288YZsZDTroHgEVY5MVoaguTytZRySFPFnHrqEdOp+Aesg9Un32/d2CP6D0Eo1l8W24X9qZt+dxV6uvyVVvxNCMnr3yfTA3FGWP9vnTPa7aRR8fOKEnZfToImATk/M7DrLCjapIikhat2+YvFbfQO1HnZstfk/K92LyGmyrcSJKwhaLyiWFXkWvbbJpEDll5ftcFfjzDdGQ3IBHD7V97JRblA/h/1BwSusmeglJQOhXvPpi68SEjd4GXuz1uRX7NakxUY56M+uTyABB0/AqDfk2sG4TO95vjqAb6nytRDxbAo+Jqg9ONg680xLCooHLE1mNfsJf6NuX/qOsE9pRGvSiPFHj1KphCMsQP5gqyI6dxqp+1ZdcGXWpRluh6g7TZ5o7Q5CWVxIQRgW1zHOrp5gr/wMCwElyZ4eC0/Ldnl95x8zvlVG/wDfNtQ+KqmOBPpB3ya8HdmDhALsxZu7m89MXG+WZROpYB0hd176n/RtMJZuRtQRZs5e7kHuVs7jJiMd7286fsX7AuE+gr2mokSWAnOAByY//vTNNa1Oi+laojlVGVh4Wq0Hb3M1GNZfentX7HH9OBlWw5wBTC++6ji9sSvbI/T6pK2pFHVRy7VXNbf7Zz8NGoKgoVh/5oeyEmkdXfZzYu0GorW+edvQ/NtJZvb9Uw6jYpQwntJojkV1ORKS5RqyG/PScneixef447fBusBq285jkbf8MEYrz+RslOkM2VjQ8VZuLCT50kziP+Hzh/ioQrTVCIkbNnwrDOnFRAtOsh5fN+nwy16Qh6BVijQjISBp9gaGvpRPImzA/xvYWcCsICYB0J2PdLtlU3bB+iPRBMj6YjaSFJtX5nRrpgAFCogP3qzwFdAkI9RdqWKJ2PDmAd8FO8feXkiAXRbicfqrq+VgVZnqw4DuKaFJw/ipVs5zinC13NtlqolVdJssfHJAEFO18HbrhzlFO8BcLmYyJon4Pj6S32LLFu76lMlRKBmE6YVlXoKGeG0x0S66iofq74CoKTcn7OC5a98U3h4kFDdqqGm8103WFWA2jGQ0EhKlTE81kCIVfd0Un4eBpruqWvcMrCqybcPJNWgYfjwkFzAfpt9jRfgNAdaNq6/MImI13QaB9q8X/CUNq78kWKbrdMVljRS7qrI7mq2+4orDPL1F0/z8FMoq5SzQ/cyA66VGz5i2yB77J3dlrG662LWZal9Ejz1zB4rN92AM8JBo2gw/L+w82JevA9ZY68IGfRyB2D7p6KPogvyRe2cgOqmRJiD4kjI+CihcXJVsBBu3ScclsI0PQ3Uz2Vz+RjGfnowrCC0RhAyBGRLMTYEvxaBVlJUYxS/tpGK42fefw8Js6xnxsvKK6a4Me6tJPN66Ixz3/Jd+qXKS24Fk9ThZIpettd8+rdWDK2xYShkt2jUcOcsmDTQgiWjRHU+wdMyJhzjUs9fSUst2jrACgUNvlvtir6z99zaiIigML632ngFHZYubpcwOa1t0mro+PFjzvTmwbeBBU9xFKx2gVH8/K++V9WXzBFvPF9pA9wjJkpRm4T8uGpBzX4cTRCgkiuqlEC2uUA4WQseUv3hg/X3NAc/dGwQ0uhQR/QHRm2g58f0N9Qp+N3fTM8Xg2csKIdBftlHdIOIrmciGMAE9D41Di8KS1yCwzOizgz8AmgqkQVh9AuqnuW+UVlLY9QayLwv0u5ERa1qSFv5+7yq7j6mpqRoS9eqbBTszL8atMowJtXeZztjbs/1sDSpq3WDQBl9SSNO+hq99sdjJ1tGkJi2cad2BmFQaDHNc0DUk2iMz0ssxxiIjYqEtkTtVMwbivA3QmS20OOCfxTsK69XFZBX9IttXjU+o1/1g+33aY+R9R08fsixAKg3PbjN6nbqj3UQCa8NCwWqQzK1uxruC7tEfvcesBCIYwhdD9KUI1mj+mjZf6NP769hmT2Ecu2J9EidFNPJr82QIL6wEZuxWqvZAYJqQFAxKK7uBHLlA0CUo92dLv5JGP9RStvWnQ40XlMpBKrTpQOyCV7DJj1Gp58aNPMBnbaywufnZf2AlSvmaAwMizj19J6kva/RgRbdDgK7ZA4R46EAk32vDF66m82xXKZk5rC71s8krCoyLtnl70gFogXD/lZSD0hAOnSRkkPeFJUp21J2E2xG3UZNSss7H7P1D+8mCPifvqw8muL7OAVgSq9llaMemVFrsnVod0HEhONSUVvP/9IeT1iv5ZjeHEAWY4wPkNlAvSEdJxC7Iod1MjI7PdIBHwzU/LJvPX57SXTjGH9WpWi6HMR3sWCJ+47Eaju7pBkZDpA0dyWkZOobwPiGW3QqhQEumDGinVb91VEepchEvNafRl4DT6CyTtix3cDzSWNupLpiScGC39iWQ15Wuwjv8nKb1f7GR4LEzqMsfiJZVZSvTZzJ43lmhWMmNfA53YsMrLC9dik4zC8nw+q02VHtN4TXvlWJVEGlrgeBjaYyRbw23tJyenE1qPcuWZzoYRFHyzf/ui7JNKSIGKBFhnRTBiXAe3sIhvCW0TPVWgamDfCmCq1drc77Cr1RzKk7xOJn6kE+V1szjzp9HnG5eTrWdvVK8H195PJPak8U4qA7oK9qLHiF53qVmck9y2ibR5VBYXOBgcX/oZTNEddSm6oiX7gY0A4y+dgGqQoMApKJz0m1uliyyhWOpwnUk1HxBcTMNNs9CFfvMDIY+sIXEEL0SoM/cA2sn0syDu6YFL8Oc4PiWcMoK2MB6tiAAsl+scID0TTTrp0lq49PeVzY0Tj2mFT3ksqxJiqvadCRNnmxu6hxs2AeRkfwIH7q/5ODypj6wYjkIoo8KNytMKVobEZMFbYejB2ePmYefqUwFqMZgag9YGYi+kk5Krr50+13qdSLsKQNa7/9KWtOXfH+Ut/6tqpNx4nrBSEq6QThHhzjU7hqarDbZutQxQ/Jvu0jURjoY3hLH1of9nDIDi6uxmLCNJUrmuXmys0Zr3Uo7b5p358WuexmMq/lOpbA889EDkSCorWmGmsRk8QrpSlOiUL4ZB38jSJAYnQ77mvDU6HJe1dRng6kNTQMn8Pawc5JQV0ex7WEKAURBd2DMaoopAOnkwzm36z/KBYmeQJrOzkYRa/3J4ttvR9gl9Y7EoQkDkSjWkM9PBMDhEcsqSN79a8O69Gu4Qcw7TO/VOocDs5PgHxmdqzcGtTPQ+oeTHrCK5nzHRhLdXU5sP6VL5Nlj7k4Rr2OYsWyWfV5pKScGqwlGk9ql+eIu+0E748PeXFPAEpB0e75OvHUR4+J5v8VRdVpmTo955bK88mDfLNUQQoVlJkEh6xgKs8mkD5O7etVGsKtgSPiE+w8NOBhacHwBIVPqoakDcf/PgUC6OORXGlHE8R3zaxw/F0Az4T8eXDW/iHxZyYI7e/2TOBVixwtPgs6FD/rbZL9WS35SMfTATF+Deu84eUVqWL975Y2oLHwI4/K42I7OJta9SuOsPZARAS2QjjSreaFEIWZInY0qD/XYDmL64YDxU3axPbyUZhvWbvuEI1x9m/piCn/ZtN29zrhZ6wXzKjrmE7X1lVXpaZ8a/UKTSdLHRdNxTdzu7VTBtewkXnyohVAVRadEQ8nZ4tjlDo+qJXRlaHrHc2/BSk5QUHSblOaOG/yxI4s3sSpFQ66k3zKyfnnlSb06yqEbVU1tFl5kMlUTPIjqpzQuHMTqPby2FbzIzziCFgzVxfW2W/cctha2oTqJVqJJaaW6IBXSK3y1KaiOTdDJxdaczufkxLrNjcFKfIHDlzCsYoWRb57QrSUl+aVh1XMYrysZABuOitdHNp16WNQyunA8glA82d7LLW282ksZTpUrLXPesfSt7IH7bqB3SnkYKbXOMqwOdvKfJMPCEk4zA7cMUs8w4jNjfqye36CwsOYIolVi1OlBIMGGkdBGVaffz973Zm7SUgG0H+NpbQe+WC/n7uBCv7C8GkENzClNn2Jd6SPlEickjWZ4VVR3aFHKqZVnAVTrbR2CvPe82bzzRyQWcZ3x6pggaDi/Cjg/31IsifxQ6rSSurMhtFchhSy+R5uqjW5AsbZ/OitqELooXkFl29uPEPa8FRyg2OHfTDL2ZPO1ivDymSpo0wpuFg6nU1EoIKzZk7DctmmJ70eNxxWLyl0lg+FTjzTvTfdN2/f5Xsp5kx+eOztB8FAz/ALKfc0gT5uRTHjU2yBz1Api1erVVciGtnUPe88aK5PrpignGbzF7Q+o2SzVOMFSprjxRllFwUaIlc1O19pukGXIcZLifN/DJ/J5i6IqwFNLJqLU+XhadwSslSJYpzvjmmt+i3BG7PAvBUWPHLubVW/c2JQOQ6ozU5SOiF1iyvuE/gwq2f/8s6S3S6BpRmUG1nGqzbc8lqb0UJtp/ijwFVxTOpZvlTMh+ZMz4FBrNgc0l17b26FxdV/f30Yen8YmImskg7LBO3np+FKLj3uorYRjABqzF/fXjPUbkGhGLQmRnafxao35oiOWeHAxWh3K5EAD7zJJVuJz8mVfBgjVspLrM+ZSh9h2BhOMXlN7hNnPVleer9oU51FmUnkreM=,iv:fNMCE7KpLDoy90kKFEkrzekmKLlvSiPcK2YzhPlStx0=,tag:+7I8/JvKJysKTWc7UT/x9A==,type:str] -syncthing: - key: ENC[AES256_GCM,data:NUpHAyN9h9LlrIkdyHWJWDr7FugN/5m5Jr46SQ7lZxBQJKomqbql1x7YuY4lFRbvhflwFsX0j0/FtQ/qbfnU/cqRhj+L9qPSvzvGypk7AgZiTZIKnubjelyt5aMhfH3pBTzIPdJdd0EFUBI9XrMBSeR1g3TyQuD5VfZZL7LJBogCi2hBopKDDSsHzaGYxNuU3MXnCef2P8Qt881AsyIvoWyBt8utfNyckKfCE8JYqCqu+zRMyhZE6frsCi8zBHwWakohqdVpsN6MBCkQV7aBCZJrOAdJYhH8yKPCsG3uD6eocpwOXZ8EzwEk5Jv6zutcJtkLgCpDOyeIs1sDb42xH6dJlvOC5M6qtTz0JPh75rFrqtSgDBbYSuGPCywOm1SF,iv:plt4q3nuHSV/PndtkJ/3xtUpHcvsm5XtfnIBZEOblfA=,tag:bVJe4Lir2RnR+ZOD++dgmA==,type:str] - cert: ENC[AES256_GCM,data:+2jJ2V8qHJvwwb2IQB5esgTSdfv6x3IXzrxGbXabOy8xOjqfPWZuWK3vxeBTj+N+F6tOBf8Mbmi0lgTMzd/SeZYAImFaSXswRdx82fQGbNUMHq86pYIvUmJMHWq2mdubbZlUqNaAwtCoYWTFWBLVWw7dm6udwQ7XZK1AQIudYytrBEQ4CX5ivD5l3iE2WA046Ovn7oz7rsZVGZoPaNxnm9c+fKDflZPRopLuEOnmW/uo28YYcGSJlw3pp8UdYyFfrLGndzds2n/umZAiT138/uNTVO67KaTQcG2iD8mYJaQgSwbube9RemPBvIoZAeCiAOdezuMGa/1/22Wyucy8h2yKrH78uwNNzw/LX4RW3EXI6hWfjTO3LbaCNfQuENuR98Eg3FJPItmKZUERrgNYRMsg3mD3v+KtONY97uPxQqyQZfKd3vPiRSA0tVjIFXHwsXthgps6TpDhllyERbI1N/PaGLH++qtmyHBwu9Rns6IoxNq4hzSNtazZO14CNteZloeP5RaRcR/OaRtX+HzscP6sghJvPzdZs1Bt6wx9UHeYFu2nToZNipHhmmShjVKf/WVEegVnKALNAiEOigX7lHLQrtXst/Jywe59J70PvUqUai5c3/9YSeJSKxus0Jzc5DDIle3maMNmPONDjRcq8hn/w9sQxBNtS1CZmJbKQ6DyfHLFQb4IqdUO9aCSRXWjJA9jYOe4LabrBxFWnh5Uw0jVgIkypcahH5Wz5xq7RtMViniyVl+mjla9q8C1YgHpKvf/BUCs8DNt/A+vzge48AvhHz6PtQWDjrb783gwZji/WgawYaBtEWnEGeABub3d7DS1Gzvc0KZf7yZTjAqoG0s4qqiQu1eW2B/Hjc6T2YiHBuczrDWMcoCTLZcUi7n6NIOvUOAVrASzfA1zn1TwgeH0r5dA6GkFT6XyBi40ZHtv+QwlviOMsDvHhKVoqCdlCQ92wOZOjnmrFRkRcZoCAKluflgp4l2dCo69tveVkXrTW4nYIJ8JIBaaWAsmV/plUv75KGdLTfe7MnRe6EXU8keO7fiM7ZxNZ+8=,iv:6YDfHWacou+ljaTmgxUDUqYrhmEoV4Hf6LmBvCUvcWU=,tag:LpnWjAFEZXYUIbyQ/A9BZA==,type:str] -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age189laethzry4ylnd790dmpuc4xjjuwqxruc76caj3ceqhqug4g9qs0upuvw - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwYW5TK2ZlZEpwQ1ZiWHFv - QzRqY0xZSXpRMWJGY0JLVEJhSEpRZXJ1UTBzCi8wbDFFZFQrWUJ6SVpqYkR5cmpD - R0VxUlpDS3hORW1kc2hwb1RSTFF4VDAKLS0tIEpab1dpS2VRa2VWUXIxdm4zbzAw - QS9wWm00NWE3emxZR2o1Umpjc09FZkUKAwIusyTpH0zMe/88J0v4dUFn9FT8N/UP - 2SeagJEmdlVRHcW2sx9/dIG26IY+/ZhSeO/PSKSgH38E6OFmzEwX4g== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-06-15T15:56:43Z" - mac: ENC[AES256_GCM,data:79I6Qfhz02dK3HNB5vYH6MERlMUlnwwF8QIvrMS3J1+BrWe4MbYpy+4HrAusVvfCC56wbVHvenj9n/jtfDW7nGD1rkOGAO6ptBD1SCp73E6AUy/0AUZyOMouLOe5qwZWIAxIqvLGW8q0Iv0z2lsGVN5gKtBb/BOHoc4TTQU/PEI=,iv:9/k7iZJ1eqyTxKwRDKdEPG0vnVpK6Zt8Ocgnw9Sblww=,tag:gfiRAu9FDJ8zSekuuGfPXQ==,type:str] - pgp: [] - unencrypted_suffix: _unencrypted - version: 3.8.1 diff --git a/secrets/secrets.yaml b/secrets/secrets.yaml deleted file mode 100644 index 8b7c18d..0000000 --- a/secrets/secrets.yaml +++ /dev/null @@ -1,25 +0,0 @@ -testje: ENC[AES256_GCM,data:kMnaocttth1O6g==,iv:mV9gEMdomVhmOTBUWIFz3o23TBb7DLM2rXI/Tb81bSg=,tag:qj6TlvW5sY6Ek9M0GIqB3A==,type:str] -wireguard: - home: - presharedKey: ENC[AES256_GCM,data:H+oCRsg2ikN9KyVacEFasYmx5XE1zrnjBthkL5OitOXHTr4Ls0zwoF5StXs=,iv:N63wO4TKagbweStqf7wL3YZ0njxDNvrISErPao5wf7o=,tag:67kZcNaCzv3RI41XmA+UFQ==,type:str] - privateKey: ENC[AES256_GCM,data:WcPVrLiy2JJvzIh7sUpHMnt1MNx5rw5bI+xGmkitC9nEiNytMG71wmlC4d0=,iv:sl8gZgCzaW10UH0GLycvQVHqBlDVq7BUgoIEl41lc20=,tag:7oLlVjulxuEsW+pS8sZ+Ew==,type:str] -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age189laethzry4ylnd790dmpuc4xjjuwqxruc76caj3ceqhqug4g9qs0upuvw - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWL1dlTjFNTXRPd0ppbE1i - THlsMzB1K041eUdTemRseGk5dkVwUDk2TFIwCnR1WE9iYXhHWHprZCtlSFExakhs - R0FtcEc0VTJ4WFBORFluYTdBTFh1NzAKLS0tIGtrYkVPSEVXV1dnb1J4V1pkQktW - VjNXUkpmVmxyNDNsT0ZjQjhOYklEbW8KV86AD+8QE14BZxWb7TVolwlcy1eFKxks - rOpqcXBqtUPaBC10IhVV434DGFIZMtRuYEQ4G/sdCsc3qiNxO3Cl4A== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-06-15T14:04:18Z" - mac: ENC[AES256_GCM,data:6YKdfUk4ltXQ6U7FHs9ehGDUVzfZo1cKnSJMp+zYBEBnhmz7LdCBZycBpJ9syJn4WW1jZ8Bz7+lIxDsXm35AhjI+Mia20BqcWotcCaoHUslK+QV/YRIw8wxP7pvOKNeTa9UMhrcpXBVJxdQvKEBZPWziD4Xk3RGomvGEjB3xXKY=,iv:Tvgo/tlxnNk31C/cqCAKIGRdYEug9DdqeIUdJgQj4yE=,tag:z/tWTyiYmUmc2zVc3mQq0Q==,type:str] - pgp: [] - unencrypted_suffix: _unencrypted - version: 3.8.1