add agenix support for secrets

2024-08-09 21:34:46 +02:00 · 2024-08-09 21:34:46 +02:00 · 4ba7d237b7
commit 4ba7d237b7
parent 99dd7bfc16
4 changed files with 36 additions and 1 deletions
--- a/secrets/default.nix
+++ b/secrets/default.nix
@ -0,0 +1,4 @@
 {
  age.secrets = {
  };
 }
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@ -0,0 +1,13 @@
 let
  user_eyjhb = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPuma8g+U8Wh+4mLvZoV9V+ngPqxjuIG4zhsbaTeXq65 eyjhb@chronos";
  user_rendal = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGee4uz+HDOj4Y4ANOhWJhoc4mMLP1gz6rpKoMueQF2J rendal@popper";
  users = [ user_eyjhb user_rendal ];
  system_gerd = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJosDVq8j4V50/z6nj2OMBPhqda95HOS1hKLGvo8viLQ";
  systems = [ system_gerd ];
  defaultAccess = users ++ systems;
 in
 {
 }
--- a/shared/default.nix
+++ b/shared/default.nix
@ -1,5 +1,11 @@
-{
+let
  sources = import ./sources/sources.nix;
 in {
  imports = [
    # secrets
    "${sources.agenix}/modules/age.nix"
    ./../secrets
    ./base/common-config.nix
    ./platforms
    ./modules
--- a/shared/sources/sources.json
+++ b/shared/sources/sources.json
@ -1,4 +1,16 @@
 {
    "agenix": {
        "branch": "main",
        "description": "age-encrypted secrets for NixOS and Home manager",
        "homepage": "https://matrix.to/#/#agenix:nixos.org",
        "owner": "ryantm",
        "repo": "agenix",
        "rev": "3f1dae074a12feb7327b4bf43cbac0d124488bb7",
        "sha256": "09aldzzc50121p0b3apj2c0l71jgmbif46a76shlgps8wbbbkr35",
        "type": "tarball",
        "url": "https://github.com/ryantm/agenix/archive/3f1dae074a12feb7327b4bf43cbac0d124488bb7.tar.gz",
        "url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
    },
    "disko": {
        "branch": "master",
        "description": "Declarative disk partitioning and formatting using nix [maintainer=@Lassulus]",