diff --git a/.sops.yaml b/.sops.yaml index d12525f..0f00d93 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -1,7 +1,7 @@ keys: - &users: - - &nx2backup age1sgzc2jh8af30a3cp6g7l4hyzusqrn3x3xw7frghc4akvjaplwa3stfemxc - &nx2 22FB2CC03DC5292AB81CF67D0AF27B383170E634 + - &nx2_key_13 age1x2lpsennl74n0f5jl60uv2ffjcuqymzf9ap3frlz2quyv0x3hq3scnewwq - &hosts: - &north age1vkqn2nars5qmpr35tac0x9vshphrq6nnzjfyxwusgn27kt3zualssv0u8e - &xps age1jvf2lyrt2dw9jfnwgvnhmj9fmvyq8vvtepqjpkyycc5dqkkd4edqhxsgv6 @@ -13,6 +13,6 @@ creation_rules: - *north - *xps - *ace - - *nx2backup + - *nx2_key_13 pgp: - *nx2 diff --git a/home-modules/sops.nix b/home-modules/sops.nix index 8973679..d39bf63 100644 --- a/home-modules/sops.nix +++ b/home-modules/sops.nix @@ -1,12 +1,12 @@ -{ hyper, inputs, ... }: +{ pkgs, hyper, inputs, ... }: { imports = [ inputs.sops-nix.homeManagerModules.sops ]; sops = { - # age.keyFile = "/home/${user}/.config/sops/age/keys.txt"; - gnupg.home = "${hyper.home}/.gnupg"; + age.keyFile = pkgs.lib.mkIf (hyper.host == "NxACE") "${hyper.home}.age_nx2_key_13.txt"; + gnupg.home = pkgs.lib.mkIf (hyper.host != "NxACE") "${hyper.home}.gnupg"; defaultSopsFile = ../sops-secrets.yaml; # %r is $XDG_RUNTIME_DIR diff --git a/sops-secrets.yaml b/sops-secrets.yaml index 80af167..4206360 100644 --- a/sops-secrets.yaml +++ b/sops-secrets.yaml @@ -53,52 +53,51 @@ sops: - recipient: age1vkqn2nars5qmpr35tac0x9vshphrq6nnzjfyxwusgn27kt3zualssv0u8e enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKdWFGWTZ4WktJNy85aUlz - R1ZPR2xSajUxSGU5NlVDTGhpUGJ1S0RMVkc4CmhZR080ZVdHUHZnSmk1ekIyM0xm - ZDN6dXJ6aXYyYkg4WVdiMlgwbmNBUzAKLS0tIE9qUmFpN3Nrek9JTGlaN3RjcDA1 - bUZxZ0FuOXcxSVQraUgveEh3dm5XK0kKToAW0mEq3G/wWRnvfJWasW7eO8BeFlej - OkXvP5R4+bddAsGPK83UxOUOFbZAzaYulFSaAFOssCOTui335nj+/w== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwZWl0RCszNGZqNDhzY25a + K2dPTGMvMzBSZytRMWR5d1pkTVpETmNZUTFzCmUrU25XdklVc3NicUV2OVh5bktR + YmZIeGZzYkVJMXRwSkt6bXlaRGpiaEkKLS0tIEZOMDUxaEo1aXRsV050a3I0eFNR + UlIxODJVK3lEaC9lWG9wNmhaUWhuZEEKnQT50Svfxgnbo6+gTSGyLW8vt+hzehu5 + djy0wdML7XGORKURUJcAnGCdgsugu7exTBPMeKldlPXySPGUf6vPRA== -----END AGE ENCRYPTED FILE----- - recipient: age1jvf2lyrt2dw9jfnwgvnhmj9fmvyq8vvtepqjpkyycc5dqkkd4edqhxsgv6 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvNzRERlBkMFVwbk5ka3Rz - WHN5VE1XVFN6OWlMSFl1MnQyTEc4RHZVa0ZZCkZuY3doMTNUclMvWTJmQzFkbHlh - Z3ZXSUZuRzBoN2NtU2dWUzFXMjc1MDQKLS0tIGNvN1JsdGF2ZFU2Vkl4UGtzdDFJ - aE9uY1NQSkFoWmg4WGlvV2JDbkcyeXMKh1yVwrTV+4XhEiiiMhA7rW7z11N+EsXU - FBHP2nk2UXWPQGioMiCinead8tjX2jfeQcmTwdk4aYMtnvpqWS5RVQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBISzJjS2t4OFNtd2s3RjE3 + V2hOUnByNVp3bjE4a0tPSkdCbXcwU093NGtFCmR2RXdzbTk1RXhQbmdVM0pkdGhE + T2VGN1VnYlRqWXRmWEJucTd5eU5HYWsKLS0tIFJRODNibTZNRjZtZjlpN0IzbVZQ + aHQwY0l3OTRVYlNSZnBQMGM4ekp0NGMKL0scPlNFywKmdPI3I8sgvmaVXOp6qm2m + O0N8BuQPEhiZXzNhPBPJnt6e/X+eW35lXdvbQ6AKv791WjZ4OlSZow== -----END AGE ENCRYPTED FILE----- - recipient: age1jj7kfjw3e7rf9kwg5f87zf4ns6yr5465wcasanr9gcgwrq7c6dmq6gprgk enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBva2JleWhLeERPbklkems1 - YjJXUzlSZmhla0JFU2dtWFZzNWt4MTk4aEhFCnNvVmZmNm9Uc1pMWWNBRFpYRUJ1 - R20vOEpsTGZFZ1p4V1JzSnVlSGJNY00KLS0tIDMreVdDSHdGVnhvVi9ENXFJY045 - ZGdKSmZmRFMveld2UmlPNmtNWTdIbWsKJkmAaS91KR1Lvx2tCuu7sfUUYq4eeLsa - woel57Bqqpo8f0UMb8T6s8grdKMspZCkIu5ooR/U4xWhwOJQwd2gbw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwT2laNmNOYnhON2FEcGxl + OVFHa2owL1RCWWNWdDhzZWRlSkhPZmJpQjFvCjNPSGc4L1V5cENBMzY2VU56RnNW + QmNiNGMyZXY0WmN3R0c5YURQN1RGbDQKLS0tIE5lZXZiR2FZVms4YllUd1BsOURD + YTMxdkhkLzNGOWVYQkZJQnVCeW4zcXcKLaGzWYXBaR9mpLE47pWAkYUv/L5JuCR9 + ZH2oaOLio6BHY+pf9WbbazbjIKXMZ8KozpLTzbn7ayKYYgGxEiwdIA== -----END AGE ENCRYPTED FILE----- - - recipient: age1sgzc2jh8af30a3cp6g7l4hyzusqrn3x3xw7frghc4akvjaplwa3stfemxc + - recipient: age1x2lpsennl74n0f5jl60uv2ffjcuqymzf9ap3frlz2quyv0x3hq3scnewwq enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBMVUJaM3MweHBMNjlxdHRD - blNZWHM3ZlZrUkVrQ3NhNnFkc1VIMytkMVhFCndTczlsVFc3bGRhRkZmRm5sMXp0 - dnZrOEVoS3F6L0hSSTUrYllnNldYTnMKLS0tIFNjVzEzTC9LZldGMmlZS3VYRThW - SHJLR3lvdlFiRmJuU25RUHFFTmpjamMKbzycdDvQBAuOiRROTZEQSnaXoPapz73L - yVS9EUP25FSx/sGqRqaCefbeaybuM1aso6LDnlomv4Bib7zjugWKSw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSByUmxCQ3ZOVGlWUWFkcGk1 + ZzNaR0R0UG43dkh5Wjd5MmQ5SlkwU0g3c0ZJCnVYZExQdi94ME56eUVwUG5XbjJi + OC9OSmZYeHo4anJLb0NQSEs3cmMrS1UKLS0tIFJWU1VYL09SbDlHZlJtRlhmSjFJ + YkJWUEMySU50ZHVxUzVudjNnYURXak0KkMn/8sFrrviqb3s8DtS/BAbrdCwJ+jv/ + A8rXQkKMjvTqG1f0fq5IlSmRAQy7XFBzkfbKdIUoefhey190WPEHaw== -----END AGE ENCRYPTED FILE----- lastmodified: "2025-05-05T15:43:24Z" mac: ENC[AES256_GCM,data:O+L35rVqMaogvBDpnIweo1hdNXU39tEmBFXXTlLyImwt8ZWN98MIcS6tOBRjOAMSTRXEkNgvoggn/3ZF7erAva5w0ohVyN5PUeJvjNqkOQ522YTVC5wYYjvG+LUgaKcvKlm5c8XGEwJBt81i/ZXt0P03RpHge2a687dZ5e8fEQQ=,iv:0pOFGLPZC8gN3hV/FTzY1443283nwsHKiUdmdQyOn8U=,tag:GMMZX55DRZkRqe1HMpVX8g==,type:str] pgp: - - created_at: "2024-06-09T19:44:41Z" + - created_at: "2025-06-08T12:35:30Z" enc: |- -----BEGIN PGP MESSAGE----- - hF4DCvJ7ODFw5jQSAQdAUcAbKZ7q2ZNLG55YA8gSUc7Lyqn2G/7srJa17lezUlgw - MIhuvf6H1TfUkabE8it12NZzhSibmC+7T6FqB9tTY8UXvMn8KzVbIX5Opu/J9NNp - 1GgBCQIQUai/KFbpw4kaUthOe2ftUuN7fYLL0Nl4ZqrGNJMFYTjwOFyb6yWE7i7C - fEjGjALJU2ZZIL3mZ4FYkqU1eoidKLSnDtsGArxz0ACEo8UWuR7t1QFD3oYUFu0D - i5Hfz3tyzMfPsA== - =7FCO + hF4DCvJ7ODFw5jQSAQdAw5PIhSmghpU+R4d8A9FY1z9NwN2C1CQvnP0u/D6k9nEw + 4jYo133RBpSmZUEOPsrAIGDwcx5rAjIwXtYEUeH3ZR1/0imfyOh0iF0NhEqF5awG + 0l4BWb/AQFnokqiIuRGQPMqpO6X3m00C2kB79nodaxorhc/WBs4JX3qz89zozsLq + ao8WHHadtQJwBveKurCNHLcr2+vLatPZ93Oo3s/ky+5eB+HrottOC818TIP51tXx + =8dKb -----END PGP MESSAGE----- fp: 22FB2CC03DC5292AB81CF67D0AF27B383170E634 unencrypted_suffix: _unencrypted