work on live

2025-08-31 14:53:21 -05:00
parent c3457da03c
commit 6b98345a97
5 changed files with 36 additions and 2 deletions
--- a/.sops.yaml
+++ b/.sops.yaml
@@ -15,6 +15,10 @@ creation_rules:
    key_groups:
    - age:
      - *laptop
+  - path_regex: live/secrets.yaml$
+    key_groups:
+    - age:
+      - *laptop
  - path_regex: nathan/secrets.yaml$
    key_groups:
    - age:
--- a/flake.nix
+++ b/flake.nix
@@ -92,6 +92,8 @@
                specialArgs = { 
                    inputs = inputs // { 
                        nathan = import ./home-manager/users/nathan;
+                        home-manager-config = import ./home-manager;
+                        inherit self;
                    }; 
                };
                modules = [
@@ -104,6 +106,8 @@
                specialArgs = { 
                    inputs = inputs // { 
                        nathan = import ./home-manager/users/nathan;
+                        home-manager-config = import ./home-manager;
+                        inherit self;
                    }; 
                };
                modules = [
@@ -116,6 +120,8 @@
                specialArgs = { 
                    inputs = inputs // { 
                        nathan = import ./home-manager/users/nathan;
+                        home-manager-config = import ./home-manager;
+                        inherit self;
                    }; 
                };
                modules = [
@@ -130,6 +136,7 @@
                    inputs = inputs // { 
                        nathan = import ./home-manager/users/nathan;
                        home-manager-config = import ./home-manager;
+                        inherit self;
                    }; 
                };
                modules = [
--- a/home-manager/users/nathan/packages/default.nix
+++ b/home-manager/users/nathan/packages/default.nix
@@ -24,7 +24,6 @@

        home.packages = with pkgs; ([

-            inputs.disko.packages.${pkgs.system}.disko 
            inputs.disko.packages.${pkgs.system}.disko-install 

            kjv
--- a/system-config/configuration/live/default.nix
+++ b/system-config/configuration/live/default.nix
@@ -49,8 +49,15 @@
            ];
        };

+        sops = {
+            age.keyFile = "/var/lib/sops/age/keys.txt";
+            defaultSopsFile = ./secrets.yaml;
+            defaultSopsFormat = "yaml";
+            #secrets."nathan/pass".neededForUsers = true;
+        };
+
        sysconfig = {
-            remoteBuildClient = true;
+            #remoteBuildClient = true;
            host = "live";
            graphical = true;
            users = {
--- a/system-config/configuration/live/secrets.yaml
+++ b/system-config/configuration/live/secrets.yaml
@@ -0,0 +1,17 @@
+nathan:
+    pass: ENC[AES256_GCM,data:0hmcbyTLbmadTAMoSeOgBmpqgtCKtfrY1EIxIUoxgo+3297+jZqcsSmhPlFKtbornezm+7uPRzaVRHyp2G0Ee6mG4FbzUfGYFg==,iv:F2aTS/BPPxTemu4vEy9H0FY0HUEBWaRFeaoMr8TJbmA=,tag:Ai90KJluCimR6OG5BtCnVQ==,type:str]
+sops:
+    age:
+        - recipient: age1yqgyp2uxz4lzrc9f9ka0mfjl5fr6ahf8nf24nlmran2wulg6fpvq9hyp9q
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5cUF3YWY2STgwc1pzREJP
+            QndUajV6WUJFZEdtOGNOQ05Ua1hGM25IbzJJCjF3Z24rc0JwMSt5bnpIVDZ0ZGJG
+            ZE9LdEU3bXhsMUxEL0hlMTNTc0VkR0kKLS0tIHhWOGJocS94eWJUSXdtaldJSG50
+            TjZCN3RneGtJa0hLNU1yTUlLMDJpcEUKNvpcKkNXeRyFsn0CRjSKNb89l1864I6A
+            Yzijw0c0BVfivhn2wAyq0fYuw2rT+vIJdFUHvIgxkpkZFl4n/RucOQ==
+            -----END AGE ENCRYPTED FILE-----
+    lastmodified: "2025-08-31T19:51:15Z"
+    mac: ENC[AES256_GCM,data:L4SK7iaPX3dPJTyl2RgSuqMcoFRm8q9k64TsroV3tT1uWn0J9XRBj9KXgGj/qLloQkgmZsmtct8w2x5tYYosh5k1+056/DeTD8l/Nw5339qKJppRjg6jYNtw02ZGPSNFQdmGNQU9NOOuT8Q94sl0mphwlYhFV1Tf1r/AoSg1ja8=,iv:/qEVdxOR8CDJ2plE8Ez9ML+u+lKPmsNfV0GyXgBbQRk=,tag:EyjdJzvuHXn+0+5hOk0dVg==,type:str]
+    unencrypted_suffix: _unencrypted
+    version: 3.10.2