SebastianStork/nixos-config
1
0
Fork 0
mirror of https://github.com/SebastianStork/nixos-config.git synced 2026-01-21 14:01:34 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Treat secret names as strings

Browse source
This commit is contained in:
SebastianStork 2024-09-07 17:21:40 +02:00
parent 285367da58
commit e333333914
4 changed files with 9 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

2
modules/home/git.nix
View file

@ -3,7 +3,7 @@
options.myConfig.git.enable = lib.mkEnableOption "";
config = lib.mkIf config.myConfig.git.enable {
sops.secrets.github-ssh-key.path = "${config.home.homeDirectory}/.ssh/github";
sops.secrets."github-ssh-key".path = "${config.home.homeDirectory}/.ssh/github";
programs = {
git = {

6
modules/system/geoclue.nix
View file

@ -4,14 +4,16 @@
config = lib.mkIf config.myConfig.geoclue.enable {
sops = {
secrets.geolocation-api-key = { };
secrets."geolocation-api-key" = { };
templates."geoclue-location-service.conf" = {
owner = "geoclue";
path = "/etc/geoclue/conf.d/location-service.conf";
content = ''
[wifi]
url=https://www.googleapis.com/geolocation/v1/geolocate?key=${config.sops.placeholder.geolocation-api-key}
url=https://www.googleapis.com/geolocation/v1/geolocate?key=${
config.sops.placeholder."geolocation-api-key"
}
'';
};
};

4
modules/system/tailscale.nix
View file

@ -19,11 +19,11 @@ in
};
config = lib.mkIf cfg.enable {
sops.secrets.tailscale-auth-key = { };
sops.secrets."tailscale-auth-key" = { };
services.tailscale = {
enable = true;
authKeyFile = config.sops.secrets.tailscale-auth-key.path;
authKeyFile = config.sops.secrets."tailscale-auth-key".path;
openFirewall = true;
useRoutingFeatures = if (cfg.exitNode.enable || (cfg.serve != null)) then "server" else "client";
extraUpFlags = [ "--reset=true" ];

4
users/seb/user.nix
View file

@ -1,11 +1,11 @@
{ config, pkgs, ... }:
{
sops.secrets.seb-password.neededForUsers = true;
sops.secrets."seb-password".neededForUsers = true;
users.users.seb = {
isNormalUser = true;
description = "Sebastian Stork";
hashedPasswordFile = config.sops.secrets.seb-password.path;
hashedPasswordFile = config.sops.secrets."seb-password".path;
shell = pkgs.zsh;
extraGroups = [
"wheel"