Toast/nix-stuff
1
0
Fork 0
Code Issues Pull requests Projects 1 Wiki Activity

Desktop/NetworkManager: migrate secrets to sops-nix

Browse source
This commit is contained in:
Toast 2025-12-06 03:37:06 +01:00
parent 1d1b76b329
commit 8c6fdd5b51
2 changed files with 8 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

8
flake.lock generated
View file

@ -524,11 +524,11 @@
"secrets": { "secrets": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1737970846, "lastModified": 1764987865,
"narHash": "sha256-+b44nvv+rKiRdABSHGaTLbp9ysRaHE+s/CuUsA9zNac=", "narHash": "sha256-9gporedK0k0t86x415hVhRdl756RsD9KUinOiuCqK4Y=",
"ref": "refs/heads/main", "ref": "refs/heads/main",
"rev": "d8262fb108d0810d21c5e098b54a105e867e72ce", "rev": "e945330fd68c693004ffd107e89b3d8f5d5a662e",
"revCount": 28, "revCount": 31,
"type": "git", "type": "git",
"url": "ssh://forgejo@git.toast003.xyz:4222/Toast/nix-secrets" "url": "ssh://forgejo@git.toast003.xyz:4222/Toast/nix-secrets"
}, },

7
roles/desktop/services/networkmanager.nix
View file

@ -5,8 +5,9 @@
}: let }: let
tailscaleName = config.services.tailscale.interfaceName; tailscaleName = config.services.tailscale.interfaceName;
in { in {
age.secrets = { sops.secrets.wifiPasswords = {
wifiPasswords.file = "${flakeSelf.inputs.secrets}/wifi-passwords.age"; sopsFile = "${flakeSelf.inputs.secrets}/wifi-passwords.env";
format = "dotenv";
}; };
networking.networkmanager = { networking.networkmanager = {
enable = true; enable = true;
@ -14,7 +15,7 @@ in {
"interface-name:${tailscaleName}" "interface-name:${tailscaleName}"
]; ];
ensureProfiles = { ensureProfiles = {
environmentFiles = [config.age.secrets.wifiPasswords.path]; environmentFiles = [config.sops.secrets.wifiPasswords.path];
profiles = { profiles = {
"4g-modem" = { "4g-modem" = {
connection = { connection = {