flake/nixos/sops.nix

{ user, ... }:
{
  sops = {
    defaultSopsFile = ../.sops-secrets.yaml;
    age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
    secrets = {
      "coastalcommits" = {
        owner = user;
        path = "/home/${user}/.secrets/coastalcommits";
      };
      "zipline" = {
        owner = user;
        path = "/home/${user}/.secrets/zipline";
      };
      "users/cswimr/password" = {
        neededForUsers = true;
        owner = user;
        path = "/home/${user}/.secrets/password";
      };
    };
  };
}
use `sops` for secret management 2024-12-02 20:50:24 -05:00			`{ user, ... }:`
			`{`
			`sops = {`
set the initial user password 2024-12-02 22:13:35 -05:00			`defaultSopsFile = ../.sops-secrets.yaml;`
use `sops` for secret management 2024-12-02 20:50:24 -05:00			`age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];`
			`secrets = {`
add a costalcommits secret to sops 2024-12-19 11:09:26 -05:00			`"coastalcommits" = {`
			`owner = user;`
			`path = "/home/${user}/.secrets/coastalcommits";`
			`};`
use `sops` for secret management 2024-12-02 20:50:24 -05:00			`"zipline" = {`
			`owner = user;`
			`path = "/home/${user}/.secrets/zipline";`
			`};`
set the initial user password 2024-12-02 22:13:35 -05:00			`"users/cswimr/password" = {`
			`neededForUsers = true;`
			`owner = user;`
			`path = "/home/${user}/.secrets/password";`
			`};`
use `sops` for secret management 2024-12-02 20:50:24 -05:00			`};`
			`};`
			`}`