gerg-l/nixos
1
0
Fork 0
mirror of https://github.com/Gerg-L/nixos.git synced 2025-12-10 00:43:56 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

added sops for all three systems

Browse source
This commit is contained in:
Gerg-L 2023-03-06 23:10:58 -05:00
parent 1742726d84
commit e6f83f6997
13 changed files with 207 additions and 28 deletions
Download patch file Download diff file Expand all files Collapse all files

20
.sops.yaml Normal file
View file

@ -0,0 +1,20 @@
keys:
- &gerg-desktop age1xghz0ea7dap38fukk053nmse5gd0jhdn8gvsfpvs6sfmgg33m4gs606nx9
- &moms-laptop age1ttk7swzzjed2sxpvwywazlhdmxnn4cc6d6fjw89fd7va447l6ypqlk6c70
- &game-laptop age1ysqxltx69j4u7u0ur7qutnm24t5t23g5h6nxersytvfvk6dz2saqr6u5j2
creation_rules:
- path_regex: systems/gerg-desktop/secrets.yaml$
key_groups:
- age:
- *gerg-desktop
- path_regex: systems/moms-laptop/secrets.yaml$
key_groups:
- age:
- *moms-laptop
- *gerg-desktop
- path_regex: systems/game-laptop/secrets.yaml$
key_groups:
- age:
- *game-laptop
- *gerg-desktop

74
flake.lock generated
View file

@ -115,11 +115,11 @@
}, },
"master": { "master": {
"locked": { "locked": {
"lastModified": 1677796388, "lastModified": 1678156552,
"narHash": "sha256-QiguzS7fjRF4qvGIQLWbG6ZnYuRjNKDRR9EzBL5+WlM=", "narHash": "sha256-BbAweub9fa8rGGafWWTT+AxmNTEhtaxJy8/fsaS47iQ=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "cfb7a2bc29d046f3ad6540cd7db9eed4eb6c7ad6", "rev": "f378cf8113cbfe99df5c4d48961ad385c3399db8",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -180,11 +180,11 @@
"nixpkgs-regression": "nixpkgs-regression" "nixpkgs-regression": "nixpkgs-regression"
}, },
"locked": { "locked": {
"lastModified": 1677783387, "lastModified": 1678111327,
"narHash": "sha256-x+tM5diVbfntHD7FTj/Dw01/hMY1NokcvkGez+OD8no=", "narHash": "sha256-KtJElK62t5jjSuCefvZhUKVh1EjlELfzXxw0ruwZMp8=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nix", "repo": "nix",
"rev": "8730d3002f9834a1c9c45bc50fd4c46458ae6eef", "rev": "02bf5219685fcbd762188fa39946495293e6ce5f",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -195,11 +195,11 @@
}, },
"nixlib": { "nixlib": {
"locked": { "locked": {
"lastModified": 1636849918, "lastModified": 1677373009,
"narHash": "sha256-nzUK6dPcTmNVrgTAC1EOybSMsrcx+QrVPyqRdyKLkjA=", "narHash": "sha256-kxhz4QUP8tXa/yVSpEzDDZSEp9FvhzRqZzb+SeUaekw=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nixpkgs.lib", "repo": "nixpkgs.lib",
"rev": "28a5b0557f14124608db68d3ee1f77e9329e9dd5", "rev": "c9d4f2476046c6a7a2ce3c2118c48455bf0272ea",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -216,11 +216,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1676297861, "lastModified": 1678111954,
"narHash": "sha256-YECUmK34xzg0IERpnbCnaO6z6YgfecJlstMWX7dqOZ8=", "narHash": "sha256-qoDtI5CD1n+qMZ7sqj52AvspdQAF6FDrDloR/z4PrBM=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nixos-generators", "repo": "nixos-generators",
"rev": "1e0a05219f2a557d4622bc38f542abb360518795", "rev": "2687393d340804f0c90b9e65681485f3d9e09a38",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -261,6 +261,22 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs-stable": {
"locked": {
"lastModified": 1677948530,
"narHash": "sha256-BkQjq8AGHD55RJe4PUnrWRZZ8jS64p/k0bGDck5wKwY=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "d51554151a91cd4543a7620843cc378e3cbc767e",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "release-22.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": { "nixpkgs_2": {
"locked": { "locked": {
"lastModified": 1671983799, "lastModified": 1671983799,
@ -307,12 +323,34 @@
"nix": "nix", "nix": "nix",
"nixos-generators": "nixos-generators", "nixos-generators": "nixos-generators",
"nvim-flake": "nvim-flake", "nvim-flake": "nvim-flake",
"sops-nix": "sops-nix",
"spicetify-nix": "spicetify-nix", "spicetify-nix": "spicetify-nix",
"stable": "stable", "stable": "stable",
"suckless": "suckless", "suckless": "suckless",
"unstable": "unstable" "unstable": "unstable"
} }
}, },
"sops-nix": {
"inputs": {
"nixpkgs": [
"unstable"
],
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1677987270,
"narHash": "sha256-NRqhY8jbrmP1C6oiVqv1T0T1r560eo4ZpmEdHoQmKj4=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "7cff56b43952edc5a2c212076d5fc922f764240f",
"type": "github"
},
"original": {
"owner": "Mic92",
"repo": "sops-nix",
"type": "github"
}
},
"spicetify-nix": { "spicetify-nix": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -335,11 +373,11 @@
}, },
"stable": { "stable": {
"locked": { "locked": {
"lastModified": 1677624842, "lastModified": 1678072060,
"narHash": "sha256-4DF9DbDuK4/+KYx0L6XcPBeDHUFVCtzok2fWtwXtb5w=", "narHash": "sha256-6a9Tbjhir5HxDx4uw0u6Z+LHUfYf7tsT9QxF9FN/32w=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "d70f5cd5c3bef45f7f52698f39e7cc7a89daa7f0", "rev": "47c003416297e4d59a5e3e7a8b15cdbdf5110560",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -371,11 +409,11 @@
}, },
"unstable": { "unstable": {
"locked": { "locked": {
"lastModified": 1677587185, "lastModified": 1677932085,
"narHash": "sha256-zYT66MAYwctAQqI5VBw3LbBXiSKdB8vuMAqCGG8onbE=", "narHash": "sha256-+AB4dYllWig8iO6vAiGGYl0NEgmMgGHpy9gzWJ3322g=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "68196a61c26748d3e53a6803de3d2f8c69f27831", "rev": "3c5319ad3aa51551182ac82ea17ab1c6b0f0df89",
"type": "github" "type": "github"
}, },
"original": { "original": {

6
flake.nix
View file

@ -11,6 +11,10 @@
url = "github:nix-community/nixos-generators"; url = "github:nix-community/nixos-generators";
inputs.nixpkgs.follows = "unstable"; inputs.nixpkgs.follows = "unstable";
}; };
sops-nix = {
url = "github:Mic92/sops-nix";
inputs.nixpkgs.follows = "unstable";
};
#master branch of nix #master branch of nix
nix.url = "github:NixOS/nix"; nix.url = "github:NixOS/nix";
@ -109,7 +113,7 @@
formatter = pkgs.alejandra; formatter = pkgs.alejandra;
devShells = rec { devShells = rec {
nix = pkgs.mkShell { nix = pkgs.mkShell {
packages = with pkgs; [nil alejandra deadnix statix]; packages = with pkgs; [sops nil alejandra deadnix statix];
}; };
rust = pkgs.mkShell { rust = pkgs.mkShell {
packages = with pkgs; [rust-analyzer rustc cargo rustfmt clippy]; packages = with pkgs; [rust-analyzer rustc cargo rustfmt clippy];

1
modules/default.nix
View file

@ -10,6 +10,7 @@ inputs: {
(import ./nix.nix inputs) (import ./nix.nix inputs)
(import ./packages.nix inputs) (import ./packages.nix inputs)
(import ./shell.nix inputs) (import ./shell.nix inputs)
(import ./sops.nix inputs)
(import ./theming.nix inputs) (import ./theming.nix inputs)
(import ./unfree.nix inputs) (import ./unfree.nix inputs)
(import ./X11.nix inputs) (import ./X11.nix inputs)

22
modules/sops.nix Normal file
View file

@ -0,0 +1,22 @@
{sops-nix, ...}: {
pkgs,
settings,
self,
config,
...
}: {
imports = [
sops-nix.nixosModules.sops
];
environment.systemPackages = [
pkgs.sops
];
sops = {
defaultSopsFile = "${self}/systems/${config.networking.hostName}/secrets.yaml";
age = {
sshKeyPaths = ["/home/${settings.username}/.ssh/id_ed25519"];
keyFile = "/home/${settings.username}/.config/sops/age/keys.txt";
generateKey = true;
};
};
}

5
systems/game-laptop/default.nix
View file

@ -1,6 +1,7 @@
inputs: { inputs: {
pkgs, pkgs,
settings, settings,
config,
... ...
}: { }: {
imports = [ imports = [
@ -38,6 +39,8 @@ inputs: {
hostName = "game-laptop"; hostName = "game-laptop";
networkmanager.enable = true; networkmanager.enable = true;
}; };
#user managment
sops.secrets.root.neededForUsers = true;
users = { users = {
mutableUsers = false; mutableUsers = false;
users = { users = {
@ -56,7 +59,7 @@ inputs: {
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILpYY2uw0OH1Re+3BkYFlxn0O/D8ryqByJB/ljefooNc gerg@gerg-windows" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILpYY2uw0OH1Re+3BkYFlxn0O/D8ryqByJB/ljefooNc gerg@gerg-windows"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJWbwkFJmRBgyWyWU+w3ksZ+KuFw9uXJN3PwqqE7Z/i8 gerg@gerg-desktop" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJWbwkFJmRBgyWyWU+w3ksZ+KuFw9uXJN3PwqqE7Z/i8 gerg@gerg-desktop"
]; ];
initialHashedPassword = "$6$hgiDFHEMVEA39Snj$Huxf2a/yd/gSO2ZwntxI5Z65c1kCf35lvbkA61knP5i5NLPuIy4cybBBv9lnd24LVR9sfi9Tss96VQdsGCQhq1"; passwordFile = config.sops.secrets.root.path;
}; };
}; };
}; };

30
systems/game-laptop/secrets.yaml Normal file
View file

@ -0,0 +1,30 @@
root: ENC[AES256_GCM,data:gfCCoKcYfjb1tLUSlvzpEwEvteSaW+Jn71Tox6iLZ/EO0Dyka7pCAQO6zZyiPOSxSsb8aPd3EcRdQntLkIO1SMI1CpNcmXGoDg==,iv:FuEj+M4A0YUS7CXV92HjdZ+DIeRUQQvBpSm2ZkG0d7A=,tag:03vDVAQaBhzBa2ft0Kik+g==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1ysqxltx69j4u7u0ur7qutnm24t5t23g5h6nxersytvfvk6dz2saqr6u5j2
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBaWWYyVUtxaFFCWVNtdkhY
aitLQ21jd2tnK0dPVVlnKzRVMWw4aHN2cERvCllxSCs1Q25LZXF6OHdkSkJ1NXhE
MU8xdUh1dnAvanQ3b0pRV3VyZTNvNjgKLS0tIHhITlNzd3M0aGZxdVFJZDdUbnRL
SWJweXRzRWlRUGhERDQxbk9NZUtSOVkKjkO/WqgWXqZs8mgj/jpAon0xiVpCMJoN
NIFTMuuA998BwiAgCBxv9FojKPdQVj6GMT9Y4Er2azvBY2Q2opbdVg==
-----END AGE ENCRYPTED FILE-----
- recipient: age1xghz0ea7dap38fukk053nmse5gd0jhdn8gvsfpvs6sfmgg33m4gs606nx9
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBFZitENjgyZjhoTm56ZnVO
YTFLcjZud2o1ZzF6ZjVlemREUEhPMjczaFE4CnJ1Wi9nWUxnVVc0WUY4dFI1ZVQr
RWlvUWVPYkVNSVFiMEtGKzF4WVlvWmMKLS0tICtteUd1M2x1YzRVVDFrc2hhY29l
aEp6b0d4aDBiVVpJZVZuNjRzSHgyZEEKNi3jHZBXSm9pKc3yj8IEsqv/8D1porFD
q1kDWJPVz4193oE9e1SckpTCfMA562ryIK6jQIPMe8KnrOTsCiKRLg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-03-07T23:17:17Z"
mac: ENC[AES256_GCM,data:ESfsr7BftDPSEa+WRiX2bpH6AvFcAfWAVMSAODzjPxj5Z3ABxLxeSs8YMg0rdmgrAX+LCLigZ6iiYSQWIFlh4PSW/lBqgin+NUvacn6iYv8bC5AQBPv1S+qV2+jyzRM9kJex8kWvmUhxNxFqGsS9IK5xUijEOnNRGfgiuOkqzjc=,iv:afoaBSy81f1h849nVYZG4pNJXxSvLu0uIdfXEfP0HYw=,tag:HrHgbAbtYX4YwR7HGD2i5w==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.7.3

11
systems/gerg-desktop/default.nix
View file

@ -2,6 +2,7 @@ inputs: {
pkgs, pkgs,
settings, settings,
self, self,
config,
... ...
}: { }: {
imports = [ imports = [
@ -13,8 +14,8 @@ inputs: {
(import ./zfs inputs) (import ./zfs inputs)
(import ./minecraft.nix inputs) (import ./minecraft.nix inputs)
]; ];
system.stateVersion = "23.05";
system.stateVersion = "23.05";
localModules = { localModules = {
X11Programs = { X11Programs = {
sxhkd.enable = true; sxhkd.enable = true;
@ -80,6 +81,10 @@ inputs: {
firewall.enable = true; firewall.enable = true;
}; };
#user managment #user managment
sops.secrets = {
root.neededForUsers = true;
gerg.neededForUsers = true;
};
users = { users = {
mutableUsers = false; mutableUsers = false;
users = { users = {
@ -92,7 +97,7 @@ inputs: {
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAuO/3IF+AjH8QjW4DAUV7mjlp2Mryd+1UnpAUofS2yA gerg@gerg-phone" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAuO/3IF+AjH8QjW4DAUV7mjlp2Mryd+1UnpAUofS2yA gerg@gerg-phone"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILpYY2uw0OH1Re+3BkYFlxn0O/D8ryqByJB/ljefooNc gerg@gerg-windows" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILpYY2uw0OH1Re+3BkYFlxn0O/D8ryqByJB/ljefooNc gerg@gerg-windows"
]; ];
initialHashedPassword = "$6$hgiDFHEMVEA39Snj$Huxf2a/yd/gSO2ZwntxI5Z65c1kCf35lvbkA61knP5i5NLPuIy4cybBBv9lnd24LVR9sfi9Tss96VQdsGCQhq1"; passwordFile = config.sops.secrets.gerg.path;
}; };
"root" = { "root" = {
uid = 0; uid = 0;
@ -101,7 +106,7 @@ inputs: {
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAuO/3IF+AjH8QjW4DAUV7mjlp2Mryd+1UnpAUofS2yA gerg@gerg-phone" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAuO/3IF+AjH8QjW4DAUV7mjlp2Mryd+1UnpAUofS2yA gerg@gerg-phone"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILpYY2uw0OH1Re+3BkYFlxn0O/D8ryqByJB/ljefooNc gerg@gerg-windows" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILpYY2uw0OH1Re+3BkYFlxn0O/D8ryqByJB/ljefooNc gerg@gerg-windows"
]; ];
initialHashedPassword = "$6$KV00qSRKyx1hpZjX$kwzWN4UuQxHSFwA4vYtRTcYecQyR.Qelvvcr90ZfZ4y.LISUcx2PDHH9/7REwsoAHD./KlAnwlsm1hxeLoGpl/"; passwordFile = config.sops.secrets.root.path;
}; };
}; };
}; };

4
systems/gerg-desktop/minecraft.nix
View file

@ -4,9 +4,9 @@ _: {...}: {
hostBridge = "bridge0"; hostBridge = "bridge0";
localAddress = "192.168.1.10/24"; localAddress = "192.168.1.10/24";
localAddress6 = "2605:59c8:252e:500:200:ff:fe00:10/64"; localAddress6 = "2605:59c8:252e:500:200:ff:fe00:10/64";
bindMounts."/mnt/minecraft" = { bindMounts."/persist/minecraft" = {
mountPoint = "/minecraft"; mountPoint = "/minecraft";
hostPath = "/mnt/minecraft"; hostPath = "/persist/minecraft";
isReadOnly = false; isReadOnly = false;
}; };
config = {pkgs, ...}: let config = {pkgs, ...}: let

5
systems/gerg-desktop/parrot.nix
View file

@ -1,6 +1,6 @@
_: { _: {
pkgs, pkgs,
settings, config,
... ...
}: { }: {
#discord bot stuff #discord bot stuff
@ -12,9 +12,10 @@ _: {
after = ["NetworkManager-wait-online.service"]; after = ["NetworkManager-wait-online.service"];
script = "parrot"; script = "parrot";
serviceConfig = { serviceConfig = {
EnvironmentFile = "/home/${settings.username}/saveme/.env"; EnvironmentFile = config.sops.secrets.discordenv.path;
Restart = "on-failure"; Restart = "on-failure";
RestartSec = "30s"; RestartSec = "30s";
}; };
}; };
sops.secrets.discordenv = {};
} }

23
systems/gerg-desktop/secrets.yaml Normal file
View file

@ -0,0 +1,23 @@
discordenv: ENC[AES256_GCM,data:2p39yDXSVpNlCpoffnG6HxHsRoBjPsC0r3QwCisKHbxXFi94poLEF1i4H56NNhRkIZdsJlOFFHgmQd6GGLilTzdGSbnDwFV1vbqKhG2XYuei0ES4W1juvuigycfnPLsk3ZQnq/+TL09WSyQk+tyLCcILUgqL8B75J34=,iv:4ClckaNwsLig1rt9WeagJDixD54SReLCfG4SHyAjs+I=,tag:xPhyzl9Q5kobuhSMAfkIcg==,type:str]
root: ENC[AES256_GCM,data:3gGH5gjXBvZwkGyDA+AoqBwIQtWNkfreH/42xvkZlB8wM9g/lpJCeQ6EG2dkJTUv10h6Ym9m8AeRB5dreCmUo4HG6wS8+A7HLg==,iv:sKVcxn3DpIuv2qEwIedGFLlatr1tMTRC0L+fr//0T0c=,tag:wDJz3jYLTN3L2o7ZHWepJg==,type:str]
gerg: ENC[AES256_GCM,data:0d+dAgbvaJ2X1QDSMteElbhJMy2lYcpOv0av+BBnIX7rrL8qZ/eGG9rrd9QXmEDIPxKyKwOcBbhYUaBsYHfwRRVP6LXH50V2eA==,iv:JzUNNL9m4hBrvFzSN6iQW/gmAiwvUbxOA73Q6TGPDb0=,tag:BclDA30EUFjpceopRN+nUg==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1xghz0ea7dap38fukk053nmse5gd0jhdn8gvsfpvs6sfmgg33m4gs606nx9
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBFSGc4emRNTlYvb293cUQw
ajRaNmg5U0xuWHkwR0ZVQ2YzNFZ1UXlVWHg4ClZEam12cUVMZ0pabWgxcUlmUHdw
TVlXOGlWcmZJSDdRQ3RtVnFMWWovZE0KLS0tIEExY3lISy92ODJ1TlNpUlNWbnRZ
aDhTUE96bUJHRUZ3N1NaWkhtbDhRVFEKYDGFkjPtHefXdAOxwUQjsoPXDIG/0uxL
lpTayh67qFmVsmWE8it6sPKgjNF1+UnP3aelAOOoa+53CePPrER5lw==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-03-07T22:30:32Z"
mac: ENC[AES256_GCM,data:6MV0ATHKAcgm6jRZ7KiGQo8Y4xlTWMoyROqyLTy+a895o9H/K+x+X1eGdFFdcBxTvN90njz0Bh3/MjkzM36UKyYLSeXMSpDFKwVKgT6qK+rWyn3s+fIIZA3tiR//tRLqA04H0JaieMjVqK/ns7UQx92NU7bC3KTo0dKy26mWfWQ=,iv:XhSNXgmPV1bOXL8ZtppJ/nipIYOUElYbVuZ32/hsAIA=,tag:V3XM3sP9FtwKWZuYdoAmEQ==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.7.3

4
systems/moms-laptop/default.nix
View file

@ -1,6 +1,7 @@
inputs: { inputs: {
pkgs, pkgs,
settings, settings,
config,
... ...
}: { }: {
imports = [ imports = [
@ -34,6 +35,7 @@ inputs: {
networkmanager.enable = true; networkmanager.enable = true;
}; };
boot.kernelPackages = pkgs.linuxPackages_latest; boot.kernelPackages = pkgs.linuxPackages_latest;
sops.secrets.root.neededForUsers = true;
users = { users = {
mutableUsers = false; mutableUsers = false;
users = { users = {
@ -52,7 +54,7 @@ inputs: {
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILpYY2uw0OH1Re+3BkYFlxn0O/D8ryqByJB/ljefooNc gerg@gerg-windows" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILpYY2uw0OH1Re+3BkYFlxn0O/D8ryqByJB/ljefooNc gerg@gerg-windows"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJWbwkFJmRBgyWyWU+w3ksZ+KuFw9uXJN3PwqqE7Z/i8 gerg@gerg-desktop" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJWbwkFJmRBgyWyWU+w3ksZ+KuFw9uXJN3PwqqE7Z/i8 gerg@gerg-desktop"
]; ];
initialHashedPassword = "$6$hgiDFHEMVEA39Snj$Huxf2a/yd/gSO2ZwntxI5Z65c1kCf35lvbkA61knP5i5NLPuIy4cybBBv9lnd24LVR9sfi9Tss96VQdsGCQhq1"; passwordFile = config.sops.secrets.root.path;
}; };
}; };
}; };

30
systems/moms-laptop/secrets.yaml Normal file
View file

@ -0,0 +1,30 @@
root: ENC[AES256_GCM,data:t/txu0G+jfcPAizbs/HuRYCXwGxa9z6F+zx0L/44Gw/8bdjJgNdD3LW3Mz9rezFPSUCK+IWLsqoeSUSsBZ2kMNn7V1sXcDduDw==,iv:ltGLcryejPNVq4eyl9ai6Se2Jhe+fRoC1s9lQCXPuk8=,tag:tArHrkX87TAV/3DzaJp8Tg==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1ttk7swzzjed2sxpvwywazlhdmxnn4cc6d6fjw89fd7va447l6ypqlk6c70
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPOGhsSHNqejZqUXg5bEl4
b2c2aWpDRUJ4cEpnYVNJV1l2U2IvTUp1L0NzCk9JZGVZN1RxZDUyOHIyakhxWVJQ
eml1anIzT0NwWEY4eHNFYnpCdHVxVjQKLS0tIEhQRW55bGZUeXc0eU11Lzg1eC9m
TDljQ25aSkg3cDFKRXZGcU9QUW91TVkKAepZUfIRS9oRqZRUIa+ylcgw1+JIQPkn
OfG/KsLYCEXw+IU+ICV6UbqppPlsXQHTxBsPOTIhlSxfUo4TfTJwFg==
-----END AGE ENCRYPTED FILE-----
- recipient: age1xghz0ea7dap38fukk053nmse5gd0jhdn8gvsfpvs6sfmgg33m4gs606nx9
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1dTRTTVY1RUR4ZU80SXZJ
S2tWdm9odHAvaTFFSk82T1AyWUM5b3gybFJvClVyYzFjSEM3WEltanZpYTJCVEN0
ZEUvbkhVU0NuMHA4a3FHdUhrSTA3MjAKLS0tIGc0ZkdrckpaSUdJMnk0Y3hWU3VU
MFRPWW5KUDNLeFVjNVNlOWY4Vk4xYkUK7z19g5H4ZvLoCme/gkNjQL2dRoHevDc3
jS8zxW7a/c5UrE7FHbzt/zLkvaukosq9/wvuCUfliq6VTUvu3cEICg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-03-07T23:18:13Z"
mac: ENC[AES256_GCM,data:dX16i5ec8YDP6j6l0FWlvywTwtKAymC6g1P5c+ScudgSSY8+yiF9y7PdG6jfB99UIp3H8P9syJCO2B01QMwCYlMqFcKpbMgFxnDDdN7J/abbKFJrROdBs7aTRWT2973vl+qqPX7f739t6o/81Dq4R764egnUPrG52PfnB+7ly3k=,iv:U4YCEKI9MDhS3DH4Zv68ru+uElDNhWfoodZfIBhHEFU=,tag:P7lzkGTsqGkoZlZoJbTE7w==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.7.3