unexplrd/nixos-blueprint
2
2
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

hosts/dunamis/sops.nix: add hostname workaround

Browse Source 
hosts/eldrid/sops.nix: add hostname workaround
hosts/sarien/sops.nix: add hostname workaround

Signed-off-by: unexplrd <unexplrd@linerds.us>
This commit is contained in:
unexplrd
2025-04-06 13:49:15 +03:00
parent 1f0bbc9daf
commit b5ed7d822e
3 changed files with 22 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
hosts/dunamis/sops.nix
View File

@ -4,8 +4,10 @@
... ...
}: let }: let
inherit (inputs) mysecrets; inherit (inputs) mysecrets;
# TODO: stop relying on networking.hostName hostName =
inherit (config.networking) hostName; if (config.networking.hostName == "vylxae")
then "sarien"
else config.networking.hostName;
sopsFile = mysecrets + "/hosts/${hostName}.yaml"; sopsFile = mysecrets + "/hosts/${hostName}.yaml";
dotSsh = name: "/home/user/.ssh/" + name; dotSsh = name: "/home/user/.ssh/" + name;
sshKey = { sshKey = {

9
hosts/eldrid/sops.nix
View File

@ -4,8 +4,10 @@
... ...
}: let }: let
inherit (inputs) mysecrets; inherit (inputs) mysecrets;
# TODO: stop relying on networking.hostName hostName =
inherit (config.networking) hostName; if (config.networking.hostName == "vylxae")
then "sarien"
else config.networking.hostName;
sopsFile = mysecrets + "/hosts/${hostName}.yaml"; sopsFile = mysecrets + "/hosts/${hostName}.yaml";
dotSsh = name: "/home/user/.ssh/" + name; dotSsh = name: "/home/user/.ssh/" + name;
sshKey = { sshKey = {
@ -27,8 +29,9 @@ in {
secrets = { secrets = {
"user-password-hashed".neededForUsers = true; "user-password-hashed".neededForUsers = true;
"ssh-config" = { "ssh-config" = {
inherit (sshKey) mode owner;
path = dotSsh "config"; path = dotSsh "config";
mode = "0400";
owner = "user";
}; };
"ssh-${hostName}-user" = { "ssh-${hostName}-user" = {
inherit sopsFile; inherit sopsFile;

18
hosts/sarien/sops.nix
View File

@ -1,8 +1,14 @@
{inputs, ...}: let {
config,
inputs,
...
}: let
inherit (inputs) mysecrets; inherit (inputs) mysecrets;
# TODO: stop relying on networking.hostName hostName =
hostname = "sarien"; if (config.networking.hostName == "vylxae")
sopsFile = mysecrets + "/hosts/${hostname}.yaml"; then "sarien"
else config.networking.hostName;
sopsFile = mysecrets + "/hosts/${hostName}.yaml";
dotSsh = name: "/home/user/.ssh/" + name; dotSsh = name: "/home/user/.ssh/" + name;
sshKey = { sshKey = {
mode = "0400"; mode = "0400";
@ -27,12 +33,12 @@ in {
mode = "0400"; mode = "0400";
owner = "user"; owner = "user";
}; };
"ssh-${hostname}-user" = { "ssh-${hostName}-user" = {
inherit sopsFile; inherit sopsFile;
inherit (sshKey) mode owner; inherit (sshKey) mode owner;
path = dotSsh "id_ed25519"; path = dotSsh "id_ed25519";
}; };
"ssh-${hostname}-user.pub" = { "ssh-${hostName}-user.pub" = {
inherit sopsFile; inherit sopsFile;
inherit (sshKey) mode owner; inherit (sshKey) mode owner;
path = dotSsh "id_ed25519.pub"; path = dotSsh "id_ed25519.pub";