qenya/nixfiles
1
0
Fork 0
Code Issues 5 Pull requests Actions Activity

Set up agenix for secrets management

Browse source
This commit is contained in:
Katherina Walshe-Grey 2024-06-18 14:20:45 +01:00
parent 45e857747d
commit 6bf38b7814
4 changed files with 29 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
colmena/local.nix
View file

@ -1,13 +1,19 @@
{ name, nodes, config, lib, pkgs, ... }: { name, nodes, config, lib, pkgs, ... }:
{ let sources = import ../npins;
in {
deployment = { deployment = {
allowLocalDeployment = true; allowLocalDeployment = true;
targetHost = null; targetHost = null;
tags = [ "local" ]; tags = [ "local" ];
}; };
nixpkgs.config.packageOverrides = pkgs: {
agenix = (import "${sources.agenix}" { inherit pkgs; }).agenix;
};
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
agenix
colmena colmena
npins npins
]; ];

1
hive.nix
View file

@ -10,6 +10,7 @@ in {
imports = [ imports = [
(import "${sources.home-manager}/nixos") (import "${sources.home-manager}/nixos")
(import "${sources.agenix}/modules/age.nix")
./pinning.nix ./pinning.nix
./common/utilities.nix ./common/utilities.nix
./users/qenya.nix ./users/qenya.nix

15
npins/sources.json
View file

@ -1,5 +1,20 @@
{ {
"pins": { "pins": {
"agenix": {
"type": "GitRelease",
"repository": {
"type": "GitHub",
"owner": "ryantm",
"repo": "agenix"
},
"pre_releases": false,
"version_upper_bound": null,
"release_prefix": null,
"version": "0.15.0",
"revision": "564595d0ad4be7277e07fa63b5a991b3c645655d",
"url": "https://api.github.com/repos/ryantm/agenix/tarball/0.15.0",
"hash": "01dhrghwa7zw93cybvx4gnrskqk97b004nfxgsys0736823956la"
},
"home-manager": { "home-manager": {
"type": "Git", "type": "Git",
"repository": { "repository": {

5
secrets/secrets.nix Normal file
View file

@ -0,0 +1,5 @@
let
yevaud = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICHUAgyQhl390yUObLUI+jEbuNrZ2U6+8px628DolD+T";
systems = [ yevaud ];
in
{ }