mirror of
https://github.com/Moe1369/nix-fleet.git
synced 2026-04-24 15:59:06 +02:00
15 lines
566 B
Nix
15 lines
566 B
Nix
{ inputs, ... }: {
|
|
flake.nixosModules.security-sys-sopsnix = { config, pkgs, ... }: {
|
|
imports = [ inputs.sops-nix.nixosModules.sops ];
|
|
environment.systemPackages = [ pkgs.age pkgs.sops ];
|
|
sops.defaultSopsFile = ../secrets/secrets.yaml;
|
|
sops.age.sshKeyPaths = [];
|
|
sops.gnupg.sshKeyPaths = [];
|
|
environment.variables.SOPS_AGE_KEY_FILE = "/var/lib/sops/root-keys/master-host.txt";
|
|
sops.age.keyFile = "/var/lib/sops/root-keys/master-host.txt";
|
|
systemd.tmpfiles.rules = [
|
|
"d /var/lib/sops/root-keys 0700 root root -"
|
|
];
|
|
};
|
|
}
|