Blunkall-Technologies/Olympus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

sops stuff

Browse Source
This commit is contained in:
Nathan
2025-08-01 18:42:28 -05:00
parent 64dae445c7
commit 50c9617cdb
4 changed files with 30 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
.sops.yaml
View File

@@ -1,11 +1,12 @@
keys:
- &primary age1640eg0pnmkruc89m5xguz0m8fek44fl4tzez6qwuzlz6kmapqewsp8esxd
- &homebox age1640eg0pnmkruc89m5xguz0m8fek44fl4tzez6qwuzlz6kmapqewsp8esxd
- &laptop age1yqgyp2uxz4lzrc9f9ka0mfjl5fr6ahf8nf24nlmran2wulg6fpvq9hyp9q
creation_rules:
- path_regex: secrets/secrets.yaml$
- path_regex: homebox/secrets.yaml$
key_groups:
- age:
- *primary
- path_regex: secrets/authentik.env$
- *homebox
- path_regex: laptop/secrets.yaml$
key_groups:
- age:
- *primary
- *laptop

0
system-config/configuration/homebox/secrets/secrets.yaml → system-config/configuration/homebox/secrets.yaml
View File

8
system-config/configuration/laptop/default.nix
View File

@@ -196,7 +196,13 @@
};
};
fonts.packages = with pkgs; [ nerd-fonts.fira-code ];
sops = {
age.keyFile = "/home/nathan/.config/sops/age/keys.txt";
defaultSopsFile = ./secrets/secrets.yaml;
defaultSopsFormat = "yaml";
};
fonts.packages = with pkgs; [ nerd-fonts.fira-code ];
}

17
system-config/configuration/laptop/secrets.yaml Normal file
View File

@@ -0,0 +1,17 @@
nathan:
pass: ENC[AES256_GCM,data:O8d4PQ==,iv:CClnfFd/xUrfLBIb2ZDlBYm1GQVWwawMqePRYnRtSeE=,tag:mk++Mml+x5xT7aHiOQv25Q==,type:str]
sops:
age:
- recipient: age1yqgyp2uxz4lzrc9f9ka0mfjl5fr6ahf8nf24nlmran2wulg6fpvq9hyp9q
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2MEIyRjR0a25UU3hnR2Zw
WXFaaXJYNWFSMmZsR1FsYVB1WlBkZWptSHhzCkRGRitnNkc3MEtjV05KRXlXT3RR
TVhnVlpUdzFiSEwxbHNOT3dyQ0dzbG8KLS0tIElMc3g4SHRxZTVnOCtVcktRb25D
Y2ZpR25VNGVoMi9ibW8wbW5rYTQ3R00Ka6/KLXSSRP9WJDV0RBHHS5nALfd/3xDu
y+QS+Ueh56kQT2zbYpYBRIPDgI3LZgwlTifQCDJ9ZPq0LGgu4XbEqQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-08-01T23:42:11Z"
mac: ENC[AES256_GCM,data:7kHz3rhmzaieuY97ISA7RmEQnPn6E7Ta6sioPXvVBCLOmgwqhtITDXZw7be7/Da/BZr7O2rFcw6RaFiOdreLEzz9Kp8c5AzqXa5V6Mxhs0XJPFZ4Xkabzc3cBrm6QqKVi5PSUjPv6wDmZP7tvgzS/pny9SBmzlWOItSvs3Dw+5I=,iv:yNdtnJkmt3veZj6sDrbuNpBFc9UQVYaWlG6zmfdyfI4=,tag:tRwXGMHtQtXWrTzzMFFN0w==,type:str]
unencrypted_suffix: _unencrypted
version: 3.10.2