Add agenix integration to secrets and flake

This commit is contained in:
Pacman99 2021-05-13 10:35:23 -07:00 committed by Pacman99
parent baeb144e57
commit 64b7892f6e
5 changed files with 48 additions and 1 deletions

View File

@ -1,5 +1,25 @@
{ {
"nodes": { "nodes": {
"agenix": {
"inputs": {
"nixpkgs": [
"latest"
]
},
"locked": {
"lastModified": 1620877075,
"narHash": "sha256-XvgTqtmQZHegu9UMDSR50gK5cHEM2gbnRH0qecmdN54=",
"owner": "ryantm",
"repo": "agenix",
"rev": "e543aa7d68f222e1e771165da9e9a64b5bf7b3e3",
"type": "github"
},
"original": {
"owner": "ryantm",
"repo": "agenix",
"type": "github"
}
},
"ci-agent": { "ci-agent": {
"inputs": { "inputs": {
"flake-compat": "flake-compat", "flake-compat": "flake-compat",
@ -352,6 +372,7 @@
}, },
"root": { "root": {
"inputs": { "inputs": {
"agenix": "agenix",
"ci-agent": "ci-agent", "ci-agent": "ci-agent",
"darwin": "darwin", "darwin": "darwin",
"digga": "digga", "digga": "digga",

View File

@ -17,13 +17,26 @@
home.inputs.nixpkgs.follows = "nixos"; home.inputs.nixpkgs.follows = "nixos";
naersk.url = "github:nmattia/naersk"; naersk.url = "github:nmattia/naersk";
naersk.inputs.nixpkgs.follows = "latest"; naersk.inputs.nixpkgs.follows = "latest";
agenix.url = "github:ryantm/agenix";
agenix.inputs.nixpkgs.follows = "latest";
nixos-hardware.url = "github:nixos/nixos-hardware"; nixos-hardware.url = "github:nixos/nixos-hardware";
pkgs.url = "path:./pkgs"; pkgs.url = "path:./pkgs";
pkgs.inputs.nixpkgs.follows = "nixos"; pkgs.inputs.nixpkgs.follows = "nixos";
}; };
outputs = inputs@{ self, pkgs, digga, nixos, ci-agent, home, nixos-hardware, nur, ... }: outputs =
{ self
, pkgs
, digga
, nixos
, ci-agent
, home
, nixos-hardware
, nur
, agenix
, ...
} @ inputs:
digga.lib.mkFlake { digga.lib.mkFlake {
inherit self inputs; inherit self inputs;
@ -36,6 +49,7 @@
./pkgs/default.nix ./pkgs/default.nix
pkgs.overlay # for `srcs` pkgs.overlay # for `srcs`
nur.overlay nur.overlay
agenix.overlay
]; ];
}; };
latest = { }; latest = { };
@ -60,6 +74,7 @@
{ _module.args.ourLib = self.lib; } { _module.args.ourLib = self.lib; }
ci-agent.nixosModules.agent-profile ci-agent.nixosModules.agent-profile
home.nixosModules.home-manager home.nixosModules.home-manager
agenix.nixosModules.age
./modules/customBuilds.nix ./modules/customBuilds.nix
]; ];
}; };

View File

@ -8,6 +8,7 @@ channels: final: prev: {
discord discord
element-desktop element-desktop
manix manix
rage
nixpkgs-fmt nixpkgs-fmt
qutebrowser qutebrowser
signal-desktop signal-desktop

View File

@ -1,3 +1,4 @@
* filter=git-crypt diff=git-crypt * filter=git-crypt diff=git-crypt
.gitattributes !filter !diff .gitattributes !filter !diff
secrets.nix !filter !diff
README.md !filter !diff README.md !filter !diff

9
secrets/secrets.nix Normal file
View File

@ -0,0 +1,9 @@
let
# set ssh public keys here for your system and user
system = "";
user = "";
allKeys = [ system user ];
in
{
"secret.age".publicKeys = allKeys;
}