changed sops key generation

2025-12-10 00:43:56 -05:00 · 2023-03-08 21:16:55 -05:00 · 2023-03-08 21:16:55 -05:00 · b9d740b9f0
commit b9d740b9f0
parent 1ae7fc1049
2 changed files with 6 additions and 10 deletions
--- a/modules/misc.nix
+++ b/modules/misc.nix
@ -1,14 +1,9 @@
-_: {
+_: {lib, ...}: {
  #enable ssh
-  programs = {
-    mtr.enable = true; #ping and traceroute
-    gnupg.agent = {
-      enable = true;
-      enableSSHSupport = true;
-    };
-  };
+  programs.mtr.enable = true; #ping and traceroute
  services.openssh = {
    enable = true;
+    hostKeys = lib.mkForce [];
    settings = {
      PermitRootLogin = "yes";
      PasswordAuthentication = false;
--- a/modules/sops.nix
+++ b/modules/sops.nix
@ -3,6 +3,7 @@
  settings,
  self,
  config,
+  lib,
  ...
 }: {
  imports = [
@ -14,8 +15,8 @@
  sops = {
    defaultSopsFile = "${self}/systems/${config.networking.hostName}/secrets.yaml";
    age = {
-      sshKeyPaths = ["/home/${settings.username}/.ssh/id_ed25519"];
-      keyFile = "/home/${settings.username}/.config/sops/age/keys.txt";
+      sshKeyPaths = lib.mkForce ["/home/${settings.username}/.ssh/id_ed25519"];
+      keyFile = "/etc/sops/age/keys.txt";
      generateKey = true;
    };
  };