finish nomad, add consul, sops

2026-01-25 14:42:55 +00:00 · 2023-11-19 21:19:58 +00:00
parent b6798b62b5
commit b741a36211
12 changed files with 476 additions and 263 deletions
--- a/modules/common.nix
+++ b/modules/common.nix
@@ -1,23 +1,42 @@
-{ lib, pkgs, config, inputs,  ... }: {
-  
-            imports = [
-            ./mnt-public.nix
-            ./nomad.nix
-            ./odroid-m1-setleds.nix
-            ./odroid-m1.nix
-          ];
-
-
-
-  environment.systemPackages = [
-    pkgs.git
-    pkgs.ncdu
+{
+  lib,
+  pkgs,
+  config,
+  inputs,
+  ...
+}: {
+  imports = [
+    ./mnt-public.nix
+    ./nomad.nix
+    ./odroid-m1-setleds.nix
+    ./odroid-m1.nix
+    inputs.sops-nix.nixosModules.sops
  ];

+  ###secretstore path variable
+  options._secretstore = lib.mkOption {
+    type = lib.types.str;
+    default = "${inputs.self}/secrets";
+    description = "Path to the Secrets storage";
+  };

-      services.openssh = {
-            enable = true;
-            settings.PermitRootLogin = "yes";
-          };
-          users.extraUsers.root.initialPassword = lib.mkForce "odroid";
-}
+  config = {
+    system.stateVersion = "23.11"; # Did you read the comment?
+
+    sops = {
+      defaultSopsFile = "${config._secretstore}/host-secrets.yaml";
+      age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
+    };
+
+    environment.systemPackages = [
+      pkgs.git
+      pkgs.ncdu
+    ];
+
+    services.openssh = {
+      enable = true;
+      settings.PermitRootLogin = "yes";
+    };
+    users.extraUsers.root.initialPassword = lib.mkForce "odroid";
+  };
+}