palo/nixos-config
palo/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions1

🚧 working agenix setup with separate repository

Browse source
This commit is contained in:
Ingolf Wagner 2025-06-14 00:30:03 +02:00
commit 1fe658d7d7
No known key found for this signature in database
GPG key ID: 76BF5F1928B9618B
7 changed files with 364 additions and 103 deletions

426
flake.lock generated
View file

@ -1,5 +1,26 @@
{
"nodes": {
"agenix": {
"inputs": {
"darwin": "darwin",
"home-manager": "home-manager",
"nixpkgs": "nixpkgs",
"systems": "systems"
},
"locked": {
"lastModified": 1747575206,
"narHash": "sha256-NwmAFuDUO/PFcgaGGr4j3ozG9Pe5hZ/ogitWhY+D81k=",
"owner": "ryantm",
"repo": "agenix",
"rev": "4835b1dc898959d8547a871ef484930675cb47f1",
"type": "github"
},
"original": {
"owner": "ryantm",
"repo": "agenix",
"type": "github"
}
},
"base16": {
"inputs": {
"fromYaml": "fromYaml"
@ -81,7 +102,7 @@
"nixpkgs"
],
"sops-nix": "sops-nix",
"systems": "systems",
"systems": "systems_2",
"treefmt-nix": "treefmt-nix"
},
"locked": {
@ -104,7 +125,7 @@
"clan-core"
],
"flake-parts": "flake-parts",
"nixpkgs": "nixpkgs"
"nixpkgs": "nixpkgs_2"
},
"locked": {
"lastModified": 1739428569,
@ -120,6 +141,28 @@
"type": "github"
}
},
"darwin": {
"inputs": {
"nixpkgs": [
"agenix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1744478979,
"narHash": "sha256-dyN+teG9G82G+m+PX/aSAagkC+vUv0SgUw3XkPhQodQ=",
"owner": "lnl7",
"repo": "nix-darwin",
"rev": "43975d782b418ebf4969e9ccba82466728c2851b",
"type": "github"
},
"original": {
"owner": "lnl7",
"ref": "master",
"repo": "nix-darwin",
"type": "github"
}
},
"data-mesher": {
"inputs": {
"flake-parts": [
@ -153,7 +196,7 @@
},
"devshell": {
"inputs": {
"nixpkgs": "nixpkgs_2"
"nixpkgs": "nixpkgs_3"
},
"locked": {
"lastModified": 1741473158,
@ -192,7 +235,25 @@
},
"devshell_3": {
"inputs": {
"nixpkgs": "nixpkgs_10"
"nixpkgs": "nixpkgs_9"
},
"locked": {
"lastModified": 1741473158,
"narHash": "sha256-kWNaq6wQUbUMlPgw8Y+9/9wP0F8SHkjy24/mN3UAppg=",
"owner": "numtide",
"repo": "devshell",
"rev": "7c9e793ebe66bcba8292989a68c0419b737a22a0",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "devshell",
"type": "github"
}
},
"devshell_4": {
"inputs": {
"nixpkgs": "nixpkgs_13"
},
"locked": {
"lastModified": 1735644329,
@ -316,6 +377,24 @@
"type": "github"
}
},
"flake-parts_10": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib_7"
},
"locked": {
"lastModified": 1730504689,
"narHash": "sha256-hgmguH29K2fvs9szpq2r3pz2/8cJd2LPS+b4tfNFCwE=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "506278e768c2a08bec68eb62932193e341f55c90",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_2": {
"inputs": {
"nixpkgs-lib": [
@ -397,6 +476,24 @@
"inputs": {
"nixpkgs-lib": "nixpkgs-lib_4"
},
"locked": {
"lastModified": 1749398372,
"narHash": "sha256-tYBdgS56eXYaWVW3fsnPQ/nFlgWi/Z2Ymhyu21zVM98=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "9305fe4e5c2a6fcf5ba6a3ff155720fbe4076569",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_7": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib_5"
},
"locked": {
"lastModified": 1730504689,
"narHash": "sha256-hgmguH29K2fvs9szpq2r3pz2/8cJd2LPS+b4tfNFCwE=",
@ -411,7 +508,7 @@
"type": "github"
}
},
"flake-parts_7": {
"flake-parts_8": {
"inputs": {
"nixpkgs-lib": [
"stylix",
@ -432,9 +529,9 @@
"type": "github"
}
},
"flake-parts_8": {
"flake-parts_9": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib_5"
"nixpkgs-lib": "nixpkgs-lib_6"
},
"locked": {
"lastModified": 1748821116,
@ -450,24 +547,6 @@
"type": "github"
}
},
"flake-parts_9": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib_6"
},
"locked": {
"lastModified": 1730504689,
"narHash": "sha256-hgmguH29K2fvs9szpq2r3pz2/8cJd2LPS+b4tfNFCwE=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "506278e768c2a08bec68eb62932193e341f55c90",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-utils": {
"locked": {
"lastModified": 1644229661,
@ -485,7 +564,7 @@
},
"flake-utils_2": {
"inputs": {
"systems": "systems_2"
"systems": "systems_3"
},
"locked": {
"lastModified": 1726560853,
@ -533,7 +612,7 @@
},
"flake-utils_5": {
"inputs": {
"systems": "systems_4"
"systems": "systems_5"
},
"locked": {
"lastModified": 1694529238,
@ -677,15 +756,16 @@
"home-manager": {
"inputs": {
"nixpkgs": [
"agenix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1749657191,
"narHash": "sha256-QLilaHuhGxiwhgceDWESj9gFcKIdEp7+9lRqNGpN8S4=",
"lastModified": 1745494811,
"narHash": "sha256-YZCh2o9Ua1n9uCvrvi5pRxtuVNml8X2a03qIFfRKpFs=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "faeab32528a9360e9577ff4082de2d35c6bbe1ce",
"rev": "abfad3d2958c9e6300a883bd443512c55dfeb1be",
"type": "github"
},
"original": {
@ -714,10 +794,30 @@
"type": "github"
}
},
"home-manager_2": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1749657191,
"narHash": "sha256-QLilaHuhGxiwhgceDWESj9gFcKIdEp7+9lRqNGpN8S4=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "faeab32528a9360e9577ff4082de2d35c6bbe1ce",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "home-manager",
"type": "github"
}
},
"landingpage": {
"inputs": {
"flake-utils": "flake-utils",
"nixpkgs": "nixpkgs_3"
"nixpkgs": "nixpkgs_4"
},
"locked": {
"lastModified": 1709213960,
@ -814,7 +914,7 @@
"nixgl": {
"inputs": {
"flake-utils": "flake-utils_3",
"nixpkgs": "nixpkgs_4"
"nixpkgs": "nixpkgs_5"
},
"locked": {
"lastModified": 1713543440,
@ -837,7 +937,7 @@
"nix-vm-test": "nix-vm-test",
"nixos-images": "nixos-images",
"nixos-stable": "nixos-stable",
"nixpkgs": "nixpkgs_5",
"nixpkgs": "nixpkgs_6",
"treefmt-nix": "treefmt-nix_3"
},
"locked": {
@ -927,11 +1027,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1717196966,
"narHash": "sha256-yZKhxVIKd2lsbOqYd5iDoUIwsRZFqE87smE2Vzf6Ck0=",
"lastModified": 1745391562,
"narHash": "sha256-sPwcCYuiEopaafePqlG826tBhctuJsLx/mhKKM5Fmjo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "57610d2f8f0937f39dbd72251e9614b1561942d8",
"rev": "8a2f738d9d1f1d986b5a4cd2fd2061a7127237d7",
"type": "github"
},
"original": {
@ -981,6 +1081,21 @@
}
},
"nixpkgs-lib_4": {
"locked": {
"lastModified": 1748740939,
"narHash": "sha256-rQaysilft1aVMwF14xIdGS3sj1yHlI6oKQNBRTF40cc=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "656a64127e9d791a334452c6b6606d17539476e2",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixpkgs.lib",
"type": "github"
}
},
"nixpkgs-lib_5": {
"locked": {
"lastModified": 1730504152,
"narHash": "sha256-lXvH/vOfb4aGYyvFmZK/HlsNsr/0CVWlwYvo2rxJk3s=",
@ -992,7 +1107,7 @@
"url": "https://github.com/NixOS/nixpkgs/archive/cc2f28000298e1269cea6612cd06ec9979dd5d7f.tar.gz"
}
},
"nixpkgs-lib_5": {
"nixpkgs-lib_6": {
"locked": {
"lastModified": 1748740939,
"narHash": "sha256-rQaysilft1aVMwF14xIdGS3sj1yHlI6oKQNBRTF40cc=",
@ -1007,7 +1122,7 @@
"type": "github"
}
},
"nixpkgs-lib_6": {
"nixpkgs-lib_7": {
"locked": {
"lastModified": 1730504152,
"narHash": "sha256-lXvH/vOfb4aGYyvFmZK/HlsNsr/0CVWlwYvo2rxJk3s=",
@ -1036,6 +1151,54 @@
}
},
"nixpkgs_10": {
"locked": {
"lastModified": 1749285348,
"narHash": "sha256-frdhQvPbmDYaScPFiCnfdh3B/Vh81Uuoo0w5TkWmmjU=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "3e3afe5174c561dee0df6f2c2b2236990146329f",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_11": {
"locked": {
"lastModified": 1749411262,
"narHash": "sha256-gRBkeW9l5lb/90lv1waQFNT+18OhITs11HENarh6vNo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "0fc422d6c394191338c9d6a05786c63fc52a0f29",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable-small",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_12": {
"locked": {
"lastModified": 1749143949,
"narHash": "sha256-QuUtALJpVrPnPeozlUG/y+oIMSLdptHxb3GK6cpSVhA=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "d3d2d80a2191a73d1e86456a751b83aa13085d7d",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_13": {
"locked": {
"lastModified": 1722073938,
"narHash": "sha256-OpX0StkL8vpXyWOGUD6G+MA26wAXK6SpT94kLJXo6B4=",
@ -1052,6 +1215,22 @@
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1717196966,
"narHash": "sha256-yZKhxVIKd2lsbOqYd5iDoUIwsRZFqE87smE2Vzf6Ck0=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "57610d2f8f0937f39dbd72251e9614b1561942d8",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1722073938,
"narHash": "sha256-OpX0StkL8vpXyWOGUD6G+MA26wAXK6SpT94kLJXo6B4=",
@ -1067,7 +1246,7 @@
"type": "github"
}
},
"nixpkgs_3": {
"nixpkgs_4": {
"locked": {
"lastModified": 1645527175,
"narHash": "sha256-WeewqaO48sCctiN+iwgZZEJRU29Si7vHHoLCINAvuk8=",
@ -1082,7 +1261,7 @@
"type": "github"
}
},
"nixpkgs_4": {
"nixpkgs_5": {
"locked": {
"lastModified": 1660551188,
"narHash": "sha256-a1LARMMYQ8DPx1BgoI/UN4bXe12hhZkCNqdxNi6uS0g=",
@ -1097,7 +1276,7 @@
"type": "github"
}
},
"nixpkgs_5": {
"nixpkgs_6": {
"locked": {
"lastModified": 1749201760,
"narHash": "sha256-LEZbj+VD/AR/dWL5ns1gMwzMvp4mLlv4WalxmZTKy5Y=",
@ -1113,7 +1292,7 @@
"type": "github"
}
},
"nixpkgs_6": {
"nixpkgs_7": {
"locked": {
"lastModified": 1749558678,
"narHash": "sha256-DUVAe8E2X2QM0dAnTGlTiqemMqUMMyIeCH7UeNo0g64=",
@ -1129,7 +1308,7 @@
"type": "github"
}
},
"nixpkgs_7": {
"nixpkgs_8": {
"locked": {
"lastModified": 1632855891,
"narHash": "sha256-crW76mt9/kbUBiKy/KiSnsQ9JEYgD3StDuYAMVkTbM0=",
@ -1143,34 +1322,18 @@
"type": "indirect"
}
},
"nixpkgs_8": {
"locked": {
"lastModified": 1749411262,
"narHash": "sha256-gRBkeW9l5lb/90lv1waQFNT+18OhITs11HENarh6vNo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "0fc422d6c394191338c9d6a05786c63fc52a0f29",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable-small",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_9": {
"locked": {
"lastModified": 1749143949,
"narHash": "sha256-QuUtALJpVrPnPeozlUG/y+oIMSLdptHxb3GK6cpSVhA=",
"lastModified": 1722073938,
"narHash": "sha256-OpX0StkL8vpXyWOGUD6G+MA26wAXK6SpT94kLJXo6B4=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "d3d2d80a2191a73d1e86456a751b83aa13085d7d",
"rev": "e36e9f57337d0ff0cf77aceb58af4c805472bfae",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
@ -1185,7 +1348,7 @@
"stylix",
"nixpkgs"
],
"treefmt-nix": "treefmt-nix_6"
"treefmt-nix": "treefmt-nix_7"
},
"locked": {
"lastModified": 1748730660,
@ -1224,7 +1387,7 @@
"polygon-art": {
"inputs": {
"flake-utils": "flake-utils_4",
"nixpkgs": "nixpkgs_7"
"nixpkgs": "nixpkgs_8"
},
"locked": {
"lastModified": 1688766095,
@ -1292,38 +1455,61 @@
},
"root": {
"inputs": {
"agenix": "agenix",
"clan-core": "clan-core",
"clan-fact-generators": "clan-fact-generators",
"devshell": "devshell",
"flake-parts": "flake-parts_2",
"healthchecks": "healthchecks",
"home-manager": "home-manager",
"home-manager": "home-manager_2",
"home-manager-utils": "home-manager-utils",
"landingpage": "landingpage",
"nix-topology": "nix-topology",
"nixgl": "nixgl",
"nixos-anywhere": "nixos-anywhere",
"nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs_6",
"nixpkgs": "nixpkgs_7",
"nixpkgs-unstable-small": "nixpkgs-unstable-small",
"permown": "permown",
"polygon-art": "polygon-art",
"private-parts": "private-parts",
"secrets": "secrets",
"share-http": "share-http",
"srvos": "srvos",
"stylix": "stylix",
"taskwarrior": "taskwarrior",
"telemetry": "telemetry",
"treefmt-nix": "treefmt-nix_9"
"treefmt-nix": "treefmt-nix_10"
}
},
"secrets": {
"inputs": {
"devshell": "devshell_3",
"flake-parts": "flake-parts_6",
"nixpkgs": "nixpkgs_10",
"treefmt-nix": "treefmt-nix_5"
},
"locked": {
"lastModified": 1749853625,
"narHash": "sha256-cOoCwhK00CEEtBQAeHIfACd8dJAIP0gXoFwrHW5NxGw=",
"ref": "refs/heads/main",
"rev": "3e7caab6e6e9c421155fd70c53ac7f6167dcb35b",
"revCount": 5,
"type": "git",
"url": "file:///home/palo/dev/nixos/secrets"
},
"original": {
"type": "git",
"url": "file:///home/palo/dev/nixos/secrets"
}
},
"share-http": {
"inputs": {
"flake-parts": "flake-parts_6",
"flake-parts": "flake-parts_7",
"nixpkgs": [
"nixpkgs"
],
"treefmt-nix": "treefmt-nix_5"
"treefmt-nix": "treefmt-nix_6"
},
"locked": {
"lastModified": 1731803554,
@ -1363,7 +1549,7 @@
},
"srvos": {
"inputs": {
"nixpkgs": "nixpkgs_8"
"nixpkgs": "nixpkgs_11"
},
"locked": {
"lastModified": 1749431367,
@ -1387,7 +1573,7 @@
"base16-vim": "base16-vim",
"firefox-gnome-theme": "firefox-gnome-theme",
"flake-compat": "flake-compat_2",
"flake-parts": "flake-parts_7",
"flake-parts": "flake-parts_8",
"git-hooks": "git-hooks",
"gnome-shell": "gnome-shell",
"home-manager": [
@ -1397,7 +1583,7 @@
"nixpkgs"
],
"nur": "nur",
"systems": "systems_3",
"systems": "systems_4",
"tinted-foot": "tinted-foot",
"tinted-kitty": "tinted-kitty",
"tinted-schemes": "tinted-schemes",
@ -1478,6 +1664,21 @@
"type": "github"
}
},
"systems_5": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"taskshell": {
"inputs": {
"flake-utils": "flake-utils_5",
@ -1502,10 +1703,10 @@
},
"taskwarrior": {
"inputs": {
"flake-parts": "flake-parts_8",
"nixpkgs": "nixpkgs_9",
"flake-parts": "flake-parts_9",
"nixpkgs": "nixpkgs_12",
"taskshell": "taskshell",
"treefmt-nix": "treefmt-nix_7"
"treefmt-nix": "treefmt-nix_8"
},
"locked": {
"lastModified": 1749341478,
@ -1523,12 +1724,12 @@
},
"telemetry": {
"inputs": {
"devshell": "devshell_3",
"flake-parts": "flake-parts_9",
"devshell": "devshell_4",
"flake-parts": "flake-parts_10",
"nixpkgs": [
"nixpkgs"
],
"treefmt-nix": "treefmt-nix_8"
"treefmt-nix": "treefmt-nix_9"
},
"locked": {
"lastModified": 1740624189,
@ -1646,6 +1847,26 @@
"type": "github"
}
},
"treefmt-nix_10": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1749194973,
"narHash": "sha256-eEy8cuS0mZ2j/r/FE0/LYBSBcIs/MKOIVakwHVuqTfk=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "a05be418a1af1198ca0f63facb13c985db4cb3c5",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
},
"treefmt-nix_2": {
"inputs": {
"nixpkgs": [
@ -1710,6 +1931,27 @@
}
},
"treefmt-nix_5": {
"inputs": {
"nixpkgs": [
"secrets",
"nixpkgs"
]
},
"locked": {
"lastModified": 1749194973,
"narHash": "sha256-eEy8cuS0mZ2j/r/FE0/LYBSBcIs/MKOIVakwHVuqTfk=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "a05be418a1af1198ca0f63facb13c985db4cb3c5",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
},
"treefmt-nix_6": {
"inputs": {
"nixpkgs": [
"share-http",
@ -1730,7 +1972,7 @@
"type": "github"
}
},
"treefmt-nix_6": {
"treefmt-nix_7": {
"inputs": {
"nixpkgs": [
"stylix",
@ -1752,7 +1994,7 @@
"type": "github"
}
},
"treefmt-nix_7": {
"treefmt-nix_8": {
"inputs": {
"nixpkgs": [
"taskwarrior",
@ -1773,7 +2015,7 @@
"type": "github"
}
},
"treefmt-nix_8": {
"treefmt-nix_9": {
"inputs": {
"nixpkgs": [
"telemetry",
@ -1793,26 +2035,6 @@
"repo": "treefmt-nix",
"type": "github"
}
},
"treefmt-nix_9": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1749194973,
"narHash": "sha256-eEy8cuS0mZ2j/r/FE0/LYBSBcIs/MKOIVakwHVuqTfk=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "a05be418a1af1198ca0f63facb13c985db4cb3c5",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
}
},
"root": "root",

14
flake.nix
View file

@ -53,10 +53,16 @@
# inputs.nixpkgs.follows = "nixpkgs";
#};
agenix.url = "github:ryantm/agenix";
secrets.url = "git+file:///home/palo/dev/nixos/secrets";
};
outputs =
inputs@{
agenix,
secrets,
clan-core,
clan-fact-generators,
devshell,
@ -469,6 +475,14 @@
private-parts.nixosModules.cherry
homeManagerModules
stylixModules
{
imports = [
agenix.nixosModules.default
secrets.nixosModules.default
];
}
{ home-manager.users.mainUser.gui.enable = true; }
{
home-manager.users.mainUser = import ./homes/palo;

2
machines/cherry/configuration.nix
View file

@ -22,6 +22,8 @@
./ssh-chungus.nix
./ssh-cherry.nix
./service-attic.nix
./ferdium.nix
./nix-ld.nix

12
machines/cherry/service-attic.nix Normal file
View file

@ -0,0 +1,12 @@
{ config, ... }:
{
services.atticd = {
enable = true;
environmentFile = config.age.secrets.attic_env.path;
};
age.secrets.attic_env.owner = config.services.atticd.user;
age.secrets.attic_env.group = config.services.atticd.group;
age.secrets.attic_env.path = "/etc/attic/attic_env";
}

1
machines/chungus/configuration.nix
View file

@ -45,7 +45,6 @@
./service-atuin.nix
./service-forgejo.nix
./service-cups.nix
# ./service-paperless-backup.nix
# ./service-paperless-tika.nix

1
nix/devshells.nix
View file

@ -23,6 +23,7 @@
packages = [
inputs.clan-core.packages.${system}.clan-cli
inputs.agenix.packages.${system}.default
];
};
};

11
secrets.nix Normal file
View file

@ -0,0 +1,11 @@
let
palo = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILE1jxUxvujFaj8kSjwJuNVRUinNuHsGeXUGVG6/lA1O";
users = [ palo ];
cherry = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAlU4UCMW/1l72JdjuRrDnMneAZksrz5SOSIAr4AV1Tp";
systems = [ cherry ];
in
{
"../secrets/cherry_secret.age".publicKeys = users ++ [ cherry ];
"../secrets/cherry_attic_server_token.age".publicKeys = users ++ [ cherry ];
}