use sops for secret management

2024-12-02 20:50:24 -05:00 · 2024-12-02 20:50:24 -05:00 · cd820411c4
commit cd820411c4
parent 6eeea660f0
9 changed files with 95 additions and 25 deletions
--- a/nixos/sops.nix
+++ b/nixos/sops.nix
@ -0,0 +1,13 @@
+{ user, ... }:
+{
+  sops = {
+    defaultSopsFile = ../secrets/secrets.yaml;
+    age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
+    secrets = {
+      "zipline" = {
+        owner = user;
+        path = "/home/${user}/.secrets/zipline";
+      };
+    };
+  };
+}