pim/nixos-configs
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity

Add sops secrets file per user

Browse source
This commit is contained in:
Pim Kunis 2024-11-21 21:10:24 +01:00
parent 9d1a695e3a
commit a5be4ddbb2
6 changed files with 5 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
.sops.yaml
View file

@ -10,7 +10,7 @@ creation_rules:
key_groups:
- age:
- *sue_root
- path_regex: machines/sue/home.sops.yaml
- path_regex: machines/sue/pim.sops.yaml
key_groups:
- age:
- *sue_pim
@ -21,7 +21,7 @@ creation_rules:
- *sue_pim
- *sue_root
- *gamepc_root
- path_regex: machines/gamepc/home.sops.yaml
- path_regex: machines/gamepc/pim.sops.yaml
key_groups:
- age:
- *sue_pim

2
machines/gamepc/configuration.nix
View file

@ -39,7 +39,7 @@ in {
};
pim-sops-age-key = {
keyCommand = ["sudo" sops "--extract" "[\"sops_age_key\"]" "-d" "${self}/machines/gamepc/home.sops.yaml"];
keyCommand = ["sudo" sops "--extract" "[\"sops_age_key\"]" "-d" "${self}/machines/gamepc/pim.sops.yaml"];
name = "keys.txt";
destDir = "/home/pim/.config/sops/age";
user = "pim";

0
machines/gamepc/home.sops.yaml → machines/gamepc/pim.sops.yaml
View file

2
machines/sue/configuration.nix
View file

@ -35,7 +35,7 @@ in {
};
pim-sops-age-key = {
keyCommand = ["sudo" sops "--extract" "[\"sops_age_key\"]" "-d" "${self}/machines/sue/home.sops.yaml"];
keyCommand = ["sudo" sops "--extract" "[\"sops_age_key\"]" "-d" "${self}/machines/sue/pim.sops.yaml"];
name = "keys.txt";
destDir = "/home/pim/.config/sops/age";
user = "pim";

2
machines/sue/pim.home.nix
View file

@ -22,7 +22,7 @@
};
sops = {
defaultSopsFile = ./home.sops.yaml;
defaultSopsFile = ./pim.sops.yaml;
age.keyFile = "${config.xdg.configHome}/sops/age/keys.txt";
secrets."keepassxc".path = "${config.xdg.configHome}/keepassxc/keepassxc.ini";
};

0
machines/sue/home.sops.yaml → machines/sue/pim.sops.yaml
View file