Merge branch 'main' of git.unixyourbrain.org:beastie/dev

modules/core/default.nix

@@ -5,6 +5,7 @@
   imports = [
     ./grub.nix
     ./packages.nix
+    ./sops.nix
     ./ssh.nix
     ./system.nix
     ./tty.nix

modules/core/sops.nix

@@ -0,0 +1,19 @@
+{
+  inputs,
+  ...
+}:
+let
+  secretsPath = builtins.toString inputs.mysecrets;
+in
+{
+  sops = {
+    defaultSopsFile = "${secretsPath}/secrets.yaml";
+    age = {
+      sshKeyPaths = [
+        "/etc/ssh/ssh_host_ed25519_key"
+      ];
+      keyFile = "/var/lib/sops-nix/key.txt";
+      generateKey = true;
+    };
+  };
+}

modules/core/users.nix

@@ -5,6 +5,11 @@
   ...
 }:
 {
+  sops.secrets = {
+    "users_password/beastie" = {
+      neededForUsers = true;
+    };
+  };
   users = {
     users = {
       ${username} = {
@@ -18,7 +23,7 @@
           "video"
         ];
         openssh.authorizedKeys.keys = [
-          config.sops.secrets."ssh_keys/beastie_priv".path
+          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAKMJ3TkEmRQcX7RQijNa2km6a2xXJk6M6FERh7C9nTJ"
         ];
         shell = pkgs.zsh;
       };

modules/optionnals/sops-desktop.nix

@@ -1,23 +1,9 @@
 {
-  inputs,
   username,
   ...
 }:
-let
-  secretsPath = builtins.toString inputs.mysecrets;
-in
 {
-  sops = {
-    defaultSopsFile = "${secretsPath}/secrets.yaml";
-    age = {
-      sshKeyPaths = [
-        "/etc/ssh/ssh_host_ed25519_key"
-      ];
-      keyFile = "/var/lib/sops-nix/key.txt";
-      generateKey = true;
-    };
-
-    secrets = {
+  sops.secrets = {
     "users_password/beastie" = {
       neededForUsers = true;
     };
@@ -72,5 +58,4 @@ in
       path = "/home/${username}/.ssh/id_ed25519_wol.priv";
     };
   };
-  };
 }