inital steps into sops-nix. figured out ssh pubkey management.

2024-05-31 21:05:06 -05:00 · 2024-05-31 21:05:06 -05:00 · 3d9e197056
commit 3d9e197056
parent a04727757b
11 changed files with 117 additions and 15 deletions
--- a/configs/home-manager/sops.nix
+++ b/configs/home-manager/sops.nix
@ -0,0 +1,22 @@
+{
+  config,
+  pkgs,
+  lib,
+  inputs,
+  ...
+}: let
+  secretsPath = builtins.toString inputs.nix-secrets;
+in {
+  imports = [
+    inputs.sops-nix.homeManagerModules.sops
+  ];
+
+  sops={
+    defaultSopsFile="${secretsPath}/secrets.yaml";
+    age={
+      sshKeyPaths=["${config.home.homeDirectory}/keys/age/master.txt"];
+      keyFile="/var/lib/sops-nix/key.txt";
+      generateKey=true;
+    };
+  };
+}