Flake: add sops-nix
This commit is contained in:
parent
9ca56553f7
commit
1d1b76b329
3 changed files with 34 additions and 2 deletions
23
flake.lock
generated
23
flake.lock
generated
|
|
@ -517,7 +517,8 @@
|
||||||
"nixpkgs-raw": "nixpkgs-raw",
|
"nixpkgs-raw": "nixpkgs-raw",
|
||||||
"nixpkgs-unstable-raw": "nixpkgs-unstable-raw",
|
"nixpkgs-unstable-raw": "nixpkgs-unstable-raw",
|
||||||
"plasma-manager": "plasma-manager",
|
"plasma-manager": "plasma-manager",
|
||||||
"secrets": "secrets"
|
"secrets": "secrets",
|
||||||
|
"sops-nix": "sops-nix"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"secrets": {
|
"secrets": {
|
||||||
|
|
@ -536,6 +537,26 @@
|
||||||
"url": "ssh://forgejo@git.toast003.xyz:4222/Toast/nix-secrets"
|
"url": "ssh://forgejo@git.toast003.xyz:4222/Toast/nix-secrets"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"sops-nix": {
|
||||||
|
"inputs": {
|
||||||
|
"nixpkgs": [
|
||||||
|
"nixpkgs-unstable-raw"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1764483358,
|
||||||
|
"narHash": "sha256-EyyvCzXoHrbL467YSsQBTWWg4sR96MH1sPpKoSOelB4=",
|
||||||
|
"owner": "Mic92",
|
||||||
|
"repo": "sops-nix",
|
||||||
|
"rev": "5aca6ff67264321d47856a2ed183729271107c9c",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "Mic92",
|
||||||
|
"repo": "sops-nix",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"systems": {
|
"systems": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1681028828,
|
"lastModified": 1681028828,
|
||||||
|
|
|
||||||
|
|
@ -16,6 +16,10 @@
|
||||||
darwin.follows = ""; # Not using this on MacOS, so this doesn't pull it's dependencies
|
darwin.follows = ""; # Not using this on MacOS, so this doesn't pull it's dependencies
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
sops-nix = {
|
||||||
|
url = "github:Mic92/sops-nix";
|
||||||
|
inputs.nixpkgs.follows = "nixpkgs-unstable-raw";
|
||||||
|
};
|
||||||
|
|
||||||
home-manager = {
|
home-manager = {
|
||||||
url = "github:nix-community/home-manager/release-25.11";
|
url = "github:nix-community/home-manager/release-25.11";
|
||||||
|
|
@ -167,6 +171,7 @@
|
||||||
modules =
|
modules =
|
||||||
[
|
[
|
||||||
agenix.nixosModules.default
|
agenix.nixosModules.default
|
||||||
|
sops-nix.nixosModules.sops
|
||||||
(
|
(
|
||||||
if stable
|
if stable
|
||||||
then home-manager
|
then home-manager
|
||||||
|
|
|
||||||
|
|
@ -129,7 +129,10 @@
|
||||||
backupFileExtension = "hm-backup";
|
backupFileExtension = "hm-backup";
|
||||||
useGlobalPkgs = true;
|
useGlobalPkgs = true;
|
||||||
verbose = true;
|
verbose = true;
|
||||||
sharedModules = [flakeSelf.inputs.catppuccin.homeModules.catppuccin];
|
sharedModules = with flakeSelf; [
|
||||||
|
inputs.catppuccin.homeModules.catppuccin
|
||||||
|
inputs.sops-nix.homeManagerModules.sops
|
||||||
|
];
|
||||||
users.toast = {osConfig, ...}: {
|
users.toast = {osConfig, ...}: {
|
||||||
catppuccin.flavor = osConfig.catppuccin.flavor;
|
catppuccin.flavor = osConfig.catppuccin.flavor;
|
||||||
catppuccin.accent = osConfig.catppuccin.accent;
|
catppuccin.accent = osConfig.catppuccin.accent;
|
||||||
|
|
@ -156,6 +159,9 @@
|
||||||
"/persist/id_host"
|
"/persist/id_host"
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
sops = {
|
||||||
|
age.sshKeyPaths = ["/persist/id_host"];
|
||||||
|
};
|
||||||
|
|
||||||
catppuccin.grub.enable = true;
|
catppuccin.grub.enable = true;
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue