anotherhadi/nixy
1
Fork 0
mirror of https://github.com/anotherhadi/nixy.git synced 2026-04-02 11:12:09 +02:00
Code Issues Packages Projects Releases Wiki Activity

change secrets

Browse Source
This commit is contained in:
Hadi
2025-03-19 09:51:46 +01:00
parent 151a4ee7a0
commit 9bf66b26cf
5 changed files with 41 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
flake.nix
View File

@@ -59,6 +59,7 @@
{ _module.args = { inherit inputs; }; }
inputs.home-manager.nixosModules.home-manager
inputs.stylix.nixosModules.stylix
inputs.sops-nix.nixosModules.sops
./hosts/server/configuration.nix
];
};

4
hosts/laptop/secrets/default.nix
View File

@@ -23,10 +23,6 @@
key_groups:
- age:
- *primary
- path_regex: hosts/desktop/secrets/secrets.yaml$
key_groups:
- age:
- *primary
- path_regex: hosts/server/secrets/secrets.yaml$
key_groups:
- age:

8
hosts/laptop/secrets/secrets.yaml
View File

@@ -1,5 +1,5 @@
pia: ENC[AES256_GCM,data:0bnhHeVqKSLHVimd78a94ShHlO3+LUoZ4oiKD3cnBYkaZsw=,iv:S+/IChlFlqdI+PyFF+Ti4AJUkch2MS0qKiqHL1Q3RMk=,tag:+v2kV70ou84eIc01dKnAhA==,type:str]
sshconfig: ENC[AES256_GCM,data:/sDTGVeYRjxF5Epp5kmVS0ScSYOqOs2grX0+Ap8HJc8CQftpNOYXNYdEyqLDMc5g5ualaO4iKg4sQ76J4j9ZPugt4iprIvOo2Uxmu7KRU47Z8SNwrrMNpv6x/XA2P6r261e/e/pOHyrmiFfV/I5Km9IwGqY5TWbEhvjx8qyRO2bQDIdffI1L1ZWJGC9ZOZ4o5RJCr2xB+qxLLI2pl8qHZhvfZlGHnyHw5ne0RfAFubIrW4nQJTamoaGHZqWro4tVSfXAEb+9IsYCc1aj3MehVdV8PUQ38/LxL2MAQTt9bs7sHLf9DmxZ6rGPWmpJ+IRoQbP1PA65tobFOd+Kf13XvWymNUcQpQFHDj0vpvDONxIikO+vj2T7SteRRPy+38UPdB8jrHfQ1JrGbxUQIrWOWeD3S44lINmquIMclJQ26zf6nvklXR7xCuzNAvmjublsnYK+CGDkt/ap/kDD7nCuQYYY,iv:VX55dyt2N80LJPDYoUES7ZWJjlqVyQrUQWvOQ/yItBc=,tag:6NlHwy0SqJ40+ltQHzmX7g==,type:str]
sshconfig: ENC[AES256_GCM,data:wktwwpHsd6u/A5ti0RmWZB5qGO5Ok0ly0SucjBIUxIfMEF2b8Cbmyg6nBqqELEDo7GQ8Hlvpxa1Pu7ajgXy35HNupb33KSXMLofvxCoyfC9UbzT85nHgGpE5kGv9iTpiuBsaDTAL9UCBcEaJED8xbUIUG3RME1m1Qqi07081mtqY7xR53QgaUc2w8ATCQ1ymiW7xZ0IbZw8G7RWzV7AXMpC1VOgr1NFgvUfLs4L/1PdG40fYwFaF1BcGtzUnkeZCdeAnMWj55GI5+6OX80HYuIgPApHfjlgRVaQ2c6Utsdc2wqekkPut996nm6bGCpld3JlKL/VXnsnhJoKgfdulL2o8uDYypcacYwTXonKsHqXX4tkhniDsyB6PA0Ty/eXrzwbsjD/yTcDHDJX2Xy594nRgLDM+VvyVosH7WhIDcMrk/RpSbBB2T7mNORI0VlLQFdMX2Rc6b6X/kBbd78ZoIthiaiZdgRpX++OGbwr9Fky8ml88,iv:x8aekarsRkyMmU1GjZt9El8dS1B51M6Htv+68yfVB/o=,tag:y3TkpEVf9TSIi3iK5JqilQ==,type:str]
github-key: ENC[AES256_GCM,data:xUgFMlBo8e+3eXqNscxbby1dWug3SgUagDiNUe/IGVbU6cczkaJ3uOaB0OuRBQ8AYhOLkzXj0pIKjUrElHwmYrhURtS1aF4SFEGJsjhhobNA//j3E2/5/nLVjfco+lRzyHdwmsNhEUCqEhsXrrodJMb39H4b5oip3z0rjc729YveiWUKQxXVZVPurp3nq9yNnix9R4CA6XYFRW6T6MNqgPD5qhbcDlhxLb/SN+uI5h+5eZIS24VDWlKaTaCLL5KLhZmfuA37SquOQ+edi9Yg8MnfrZkMrp/3qmAjP2rSQLMOc4QdQCLQBQSf0/snpydgLwY+FoJmMSztwtkqUdIZWOfDUJbJxegEOrAR68jLTNbp+GYiDn3thtOZDiK5p/M1amjCT+A9qeFMed5WS+aZHNTRbR9UcfiP6+48MGZFt1mr7q+/CoL04/DTp0w6tUf6/SZD31NvTJDqngkhpc0ZH9Dh5+2JcnBWpq25AM36kZTn1hIQCLNTr/oGWZXSLA2tksAhQCaUcFj4IIh6Bl96,iv:GEJsAs5NriwENYTV/VShgJF6iMmrtTwNiXOvfXyEP8E=,tag:nfZgsFqaet075GjQAoVZxQ==,type:str]
gitlab-key: ENC[AES256_GCM,data:6271Tg7LIJsXAw7Co32vva+iUWv+eRAfVfXaGkoirHxiPTAgZfq8yDpGJwti2D/aFnLvbURcUgp3B5zy1aURu9puXi6QMu3orJOE2Zx0dX3lyeHyIhOZ1hAWsQxwBDkJYODuMZbIKHNrF26Mkk6smFF9SrGoADZGxY7XSou/iopw6yrLvQAXP6lN55PQvoP5/ek/QzKNwjJAbAjp7FjjtPqPUbUdj7bfIfr9avs6gpRYnRzb2H3auyhb5qvyuRWnKu4+FeZUofC7HnfRU1eSI8UzG49Rg4f2b1Xqr0JtsjvEmuRx7lbptINXEAjW7zaSZ2B9NgotWPIzkNZRNZkuTEaOulBf5iH3wJ9GM1FcbUu2gpCt6y+CMIk5QkVvETYtKuALLbcPx9/sc90doiH1411LeKQCs5l88BBILG9KPkKmXiGGUVNxzFtjbRYQIUEmmyl95kPPEdCkkzGzHXNfE3F9HRu4MCGKPK2yZPZtCXd3Jp1b21wKSIRNYqLqxru+J8eLSljd3czO0SuTG/Vx,iv:E+y3aVLaiStlPLTQBqyfJuEXtAQyOvDUYS+XfuOHuA0=,tag:6d1IAsGcmcpgL1pE9dDcbw==,type:str]
jack-key: ENC[AES256_GCM,data:VfCl3wH0MMBc8QDyjLDFeSvzSEsf7uGpfJvRjFrmjW+bPRUXBpZhJV8a9VQIAz7z7zZXvzARMfCeI0ydyC57CW81GH5/H5pneJ4b+xreINjVfdLbL1nC1thelo/O64jda/L+xVKhgE+QQi8/zt4JmXGghkP+74nYcTTaMpmcbgWw354J1ybXqyCEY+88nsJ1d2s+M7M2bplx4fGb7sLUs6sqdsad3sENzhH/0HQCFXreHTtgsLbIs8ccmdRgFNKM8/wD0OoW76rOQsJoA9JY4yOTQNVoX5M8+Olj6+wVlt6QBrWrYRuEztGnHrHvzxiHXtmEkMwVNfoPpEflQyRYRa0rVp/66REOkMckGx6/LbxKFgrxnifRlsK3kWd28v2bRGVQOghUluYUtVkaJ+eh6o6ik0NQKx8/H6BznBSDE6MjDwbLv434LHBfDtAqhWN1eMbOlunFivsl5Hb/6rl9kydHlcCS6FY8cUHoKQ90gDaUuDrvUifwmdO5hU0GH5tgvGi1ReK9ndcpQsrHptG6,iv:oC1xU5Tu3The105VYRmxIw4kEwDoqe8T/EH6mmqpqwQ=,tag:Pu8c536u6W7ALrqjRsvXDw==,type:str]
@@ -18,8 +18,8 @@ sops:
cmVxVC8rVDlWMUdZaGw3bmdOaWZGS1EKYahBlc8XpB5UdKZQkvxbLcKQ/xkFJjWo
FSfQWnjhe/a7BJtJEcKZkjOQU0mYqlSu+uT2RA9diCQeRUJPRF+nAw==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-11-05T12:05:15Z"
mac: ENC[AES256_GCM,data:ggTUKhmfUp4CCE6w3uiuwV0ys6xUhaMBeXi4WiaxkED/lB9iUdP9UssE9iF5lToyNxt/6O2C60CXc4OvpqBxe5dsxPkVNeB6PNhQrD5Ga8+Cu0i6hKz6Fmm0Rq461OuX0Nu2Nl3MUBCWxjM0+1ywfLRKDcjoVC7RzP5eo1NtrV8=,iv:G+Ntog1claKwAY4PEpUK1hjNzspDZiO3bdWNxugUXDQ=,tag:Yg2ZJEV2VrnTmpw8TykmZg==,type:str]
lastmodified: "2025-03-19T08:38:27Z"
mac: ENC[AES256_GCM,data:ZLljLyyibu9KMdJIwf9DsdKr4aVNWIKOneU05iPEOM9paLw/cSXVYqbfmj0i7xwvpZEin6QtUrUmIPepDIRMtIK8chmk7U5Lqxzp7XA0/IbXw0fkGg3+NmauHUGdeb1BJBLTT4AD+W0aqSayT9AvE40JOXMDzOW50WdUPzI5Ou0=,iv:6KdKZK0RoCkfTeO4oAUS1jRxcGZFrlTIXwXothQwsYE=,tag:VFL+TEjLZEue/hT1nl9f0g==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.9.1
version: 3.9.4

15
hosts/server/secrets/default.nix Normal file
View File

@@ -0,0 +1,15 @@
{ inputs, ... }: {
imports = [ inputs.sops-nix.nixosModules.sops ];
sops = {
age.keyFile = "/home/hadi/.config/sops/age/keys.txt";
defaultSopsFile = ./secrets.yaml;
secrets = {
"example" = {
owner = "hadi";
path = "/home/hadi/test";
};
};
};
}

21
hosts/server/secrets/secrets.yaml Normal file
View File

@@ -0,0 +1,21 @@
example: ENC[AES256_GCM,data:pB2An4tSXQkNMYRGKw==,iv:0h3gB4N7RuTrQa0uGWE+x0FsIWdJwI2EOLTi/3EW/Dg=,tag:bMfXlPG0wA9kT01T2hmqiQ==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age12yvtj49pfh3fqzqflscm0ek4yzrjhr6cqhn7x89gdxnlykq0xudq5c7334
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5Z3MzZmoyVDRtRmd3amFJ
MWVvWlA1c3RFeVMrbHJQQmNTcG9ZN2tXSWxjClJ0L1psd1RFM1EreG1yNHdOYzZF
aXphL0lvcGNFTFFMbkNocGNXY00xdW8KLS0tIFh2YjN0aTlRazBXSktnQWx0L3BY
TEc5d01RaVFGNXc3dlljM0FTTHpENjQKOqwI+pl8UxVIVl43glnOYvW660/PsDGY
yefODJGVtHrOm3yeXC2xlTi3sFW+c5wUl2yPqddbvcBt5Ud/yd4iXQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-03-19T08:43:05Z"
mac: ENC[AES256_GCM,data:5YWT14ARSwyFcYWt7N6hfif/Tq44xp1KWLVV5BxBxIjFPskgPUZMUHSSRmZp4gf2zFPAoWOPIoQKax/tGDGsZ2bhkF5V2inY1cizIE8ODgbnBtF5yHs7eK8p96jbyLwvYPKJbownYAfTbQvYEhionouJPGqc8/x3gQ32mkBJT2M=,iv:Xy4mPzFxBORF3IeD0oFz5U8TaqjLO1bqm7cnFYssHyc=,tag:TyBL3V4qg8UC8IXx7Woy6g==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.9.4