reorg + condiational secrets

2026-02-13 19:06:54 +00:00 · 2023-03-09 05:00:20 +00:00
parent 24ef309194
commit dea10b0752
23 changed files with 190 additions and 273 deletions
--- a/hosts/common.nix
+++ b/hosts/common.nix
@@ -1,10 +1,9 @@
 # This file (and the global directory) holds config that i use on all hosts
-{ lib, inputs, outputs, pkgs, ... }:
+{ lib, inputs, outputs, pkgs, config, ... }:
 {
  imports = [
    inputs.home-manager.nixosModules.home-manager
-    ./sops.nix
-    ./syncthing.nix
+    inputs.sops-nix.nixosModules.sops
   ]++ (builtins.attrValues outputs.nixosModules);

 ###dotfiles path variable
@@ -32,6 +31,14 @@
 config = {
  system.stateVersion = "22.11";

+
+  sops = {
+  # defaultSopsFile = ./secrets.yaml;
+  defaultSopsFile = "${config._secretstore}/host-secrets.yaml";
+  age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
+};
+
+
  home-manager = {
    useUserPackages = true;
    extraSpecialArgs = { inherit inputs outputs; };