29 lines
580 B
Nix
29 lines
580 B
Nix
{
|
|
config,
|
|
pkgs,
|
|
lib,
|
|
username,
|
|
...
|
|
}:
|
|
lib.my.makeSwitch {
|
|
inherit config;
|
|
default = true;
|
|
optionName = "sops secret settings";
|
|
optionPath = [ "sops" ];
|
|
config' = {
|
|
sops.age.sshKeyPaths = [
|
|
"/persistent/home/${username}/.ssh/id_ed25519"
|
|
];
|
|
users.users.${username}.extraGroups = [ "keys" ];
|
|
environment.variables.SOPS_AGE_KEY_FILE = "/run/secrets.d/age-keys.txt";
|
|
my.home = {
|
|
sops.age.sshKeyPaths = [
|
|
"/persistent/home/${username}/.ssh/id_ed25519"
|
|
];
|
|
home.packages = [
|
|
pkgs.sops
|
|
];
|
|
};
|
|
};
|
|
}
|