gerg-l/nixos
1
0
Fork 0
mirror of https://github.com/Gerg-L/nixos.git synced 2025-12-10 00:43:56 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

changed sops key generation

Browse source
This commit is contained in:
Gerg-L 2023-03-08 21:16:55 -05:00
parent 1ae7fc1049
commit b9d740b9f0
2 changed files with 6 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

11
modules/misc.nix
View file

@ -1,14 +1,9 @@
_: { _: {lib, ...}: {
#enable ssh #enable ssh
programs = { programs.mtr.enable = true; #ping and traceroute
mtr.enable = true; #ping and traceroute
gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
};
services.openssh = { services.openssh = {
enable = true; enable = true;
hostKeys = lib.mkForce [];
settings = { settings = {
PermitRootLogin = "yes"; PermitRootLogin = "yes";
PasswordAuthentication = false; PasswordAuthentication = false;

5
modules/sops.nix
View file

@ -3,6 +3,7 @@
settings, settings,
self, self,
config, config,
lib,
... ...
}: { }: {
imports = [ imports = [
@ -14,8 +15,8 @@
sops = { sops = {
defaultSopsFile = "${self}/systems/${config.networking.hostName}/secrets.yaml"; defaultSopsFile = "${self}/systems/${config.networking.hostName}/secrets.yaml";
age = { age = {
sshKeyPaths = ["/home/${settings.username}/.ssh/id_ed25519"]; sshKeyPaths = lib.mkForce ["/home/${settings.username}/.ssh/id_ed25519"];
keyFile = "/home/${settings.username}/.config/sops/age/keys.txt"; keyFile = "/etc/sops/age/keys.txt";
generateKey = true; generateKey = true;
}; };
}; };