karaolidis/nix
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Refactor secrets

Browse Source 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
This commit is contained in:
Nick Karaolidis
2025-07-24 11:01:47 +01:00
parent ba55a766ec
commit 15bf209e8c
62 changed files with 214 additions and 158 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
hosts/jupiter/users/nick/configs/console/podman/default.nix
View File

@@ -1,11 +1,16 @@
{ user, home }:
{ config, pkgs, ... }:
{
config,
pkgs,
inputs,
...
}:
let
hmConfig = config.home-manager.users.${user};
in
{
home-manager.users.${user}.sops = {
secrets."registry/docker.io".sopsFile = ../../../../../../../secrets/personal/secrets.yaml;
secrets."registry/docker.io".sopsFile = "${inputs.secrets}/personal/secrets.yaml";
templates.containers-auth = {
content = builtins.readFile (

9
hosts/jupiter/users/nick/default.nix
View File

@@ -1,4 +1,9 @@
{ config, lib, ... }:
{
config,
lib,
inputs,
...
}:
let
# FIXME: https://github.com/NixOS/nixpkgs/issues/24570
# FIXME: https://github.com/NixOS/nixpkgs/issues/305643
@@ -38,7 +43,7 @@ in
# mkpasswd -s
sops.secrets."${user}-password" = {
sopsFile = ../../../../secrets/personal/secrets.yaml;
sopsFile = "${inputs.secrets}/personal/secrets.yaml";
key = "password";
neededForUsers = true;
};