nx2/dotfiles
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

sops ace fix

Browse Source
This commit is contained in:
Lennart J. Kurzweg (Nx2)
2025-06-10 19:57:23 +02:00
parent 8a47706856
commit fa3348c5c2
3 changed files with 32 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
.sops.yaml
View File

@@ -1,7 +1,7 @@
keys: keys:
- &users: - &users:
- &nx2backup age1sgzc2jh8af30a3cp6g7l4hyzusqrn3x3xw7frghc4akvjaplwa3stfemxc
- &nx2 22FB2CC03DC5292AB81CF67D0AF27B383170E634 - &nx2 22FB2CC03DC5292AB81CF67D0AF27B383170E634
- &nx2_key_13 age1x2lpsennl74n0f5jl60uv2ffjcuqymzf9ap3frlz2quyv0x3hq3scnewwq
- &hosts: - &hosts:
- &north age1vkqn2nars5qmpr35tac0x9vshphrq6nnzjfyxwusgn27kt3zualssv0u8e - &north age1vkqn2nars5qmpr35tac0x9vshphrq6nnzjfyxwusgn27kt3zualssv0u8e
- &xps age1jvf2lyrt2dw9jfnwgvnhmj9fmvyq8vvtepqjpkyycc5dqkkd4edqhxsgv6 - &xps age1jvf2lyrt2dw9jfnwgvnhmj9fmvyq8vvtepqjpkyycc5dqkkd4edqhxsgv6
@@ -13,6 +13,6 @@ creation_rules:
- *north - *north
- *xps - *xps
- *ace - *ace
- *nx2backup - *nx2_key_13
pgp: pgp:
- *nx2 - *nx2

6
home-modules/sops.nix
View File

@@ -1,12 +1,12 @@
{ hyper, inputs, ... }: { pkgs, hyper, inputs, ... }:
{ {
imports = [ imports = [
inputs.sops-nix.homeManagerModules.sops inputs.sops-nix.homeManagerModules.sops
]; ];
sops = { sops = {
# age.keyFile = "/home/${user}/.config/sops/age/keys.txt"; age.keyFile = pkgs.lib.mkIf (hyper.host == "NxACE") "${hyper.home}.age_nx2_key_13.txt";
gnupg.home = "${hyper.home}/.gnupg"; gnupg.home = pkgs.lib.mkIf (hyper.host != "NxACE") "${hyper.home}.gnupg";
defaultSopsFile = ../sops-secrets.yaml; defaultSopsFile = ../sops-secrets.yaml;
# %r is $XDG_RUNTIME_DIR # %r is $XDG_RUNTIME_DIR

55
sops-secrets.yaml
View File

@@ -53,52 +53,51 @@ sops:
- recipient: age1vkqn2nars5qmpr35tac0x9vshphrq6nnzjfyxwusgn27kt3zualssv0u8e - recipient: age1vkqn2nars5qmpr35tac0x9vshphrq6nnzjfyxwusgn27kt3zualssv0u8e
enc: | enc: |
-----BEGIN AGE ENCRYPTED FILE----- -----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKdWFGWTZ4WktJNy85aUlz YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwZWl0RCszNGZqNDhzY25a
R1ZPR2xSajUxSGU5NlVDTGhpUGJ1S0RMVkc4CmhZR080ZVdHUHZnSmk1ekIyM0xm K2dPTGMvMzBSZytRMWR5d1pkTVpETmNZUTFzCmUrU25XdklVc3NicUV2OVh5bktR
ZDN6dXJ6aXYyYkg4WVdiMlgwbmNBUzAKLS0tIE9qUmFpN3Nrek9JTGlaN3RjcDA1 YmZIeGZzYkVJMXRwSkt6bXlaRGpiaEkKLS0tIEZOMDUxaEo1aXRsV050a3I0eFNR
bUZxZ0FuOXcxSVQraUgveEh3dm5XK0kKToAW0mEq3G/wWRnvfJWasW7eO8BeFlej UlIxODJVK3lEaC9lWG9wNmhaUWhuZEEKnQT50Svfxgnbo6+gTSGyLW8vt+hzehu5
OkXvP5R4+bddAsGPK83UxOUOFbZAzaYulFSaAFOssCOTui335nj+/w== djy0wdML7XGORKURUJcAnGCdgsugu7exTBPMeKldlPXySPGUf6vPRA==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
- recipient: age1jvf2lyrt2dw9jfnwgvnhmj9fmvyq8vvtepqjpkyycc5dqkkd4edqhxsgv6 - recipient: age1jvf2lyrt2dw9jfnwgvnhmj9fmvyq8vvtepqjpkyycc5dqkkd4edqhxsgv6
enc: | enc: |
-----BEGIN AGE ENCRYPTED FILE----- -----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvNzRERlBkMFVwbk5ka3Rz YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBISzJjS2t4OFNtd2s3RjE3
WHN5VE1XVFN6OWlMSFl1MnQyTEc4RHZVa0ZZCkZuY3doMTNUclMvWTJmQzFkbHlh V2hOUnByNVp3bjE4a0tPSkdCbXcwU093NGtFCmR2RXdzbTk1RXhQbmdVM0pkdGhE
Z3ZXSUZuRzBoN2NtU2dWUzFXMjc1MDQKLS0tIGNvN1JsdGF2ZFU2Vkl4UGtzdDFJ T2VGN1VnYlRqWXRmWEJucTd5eU5HYWsKLS0tIFJRODNibTZNRjZtZjlpN0IzbVZQ
aE9uY1NQSkFoWmg4WGlvV2JDbkcyeXMKh1yVwrTV+4XhEiiiMhA7rW7z11N+EsXU aHQwY0l3OTRVYlNSZnBQMGM4ekp0NGMKL0scPlNFywKmdPI3I8sgvmaVXOp6qm2m
FBHP2nk2UXWPQGioMiCinead8tjX2jfeQcmTwdk4aYMtnvpqWS5RVQ== O0N8BuQPEhiZXzNhPBPJnt6e/X+eW35lXdvbQ6AKv791WjZ4OlSZow==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
- recipient: age1jj7kfjw3e7rf9kwg5f87zf4ns6yr5465wcasanr9gcgwrq7c6dmq6gprgk - recipient: age1jj7kfjw3e7rf9kwg5f87zf4ns6yr5465wcasanr9gcgwrq7c6dmq6gprgk
enc: | enc: |
-----BEGIN AGE ENCRYPTED FILE----- -----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBva2JleWhLeERPbklkems1 YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwT2laNmNOYnhON2FEcGxl
YjJXUzlSZmhla0JFU2dtWFZzNWt4MTk4aEhFCnNvVmZmNm9Uc1pMWWNBRFpYRUJ1 OVFHa2owL1RCWWNWdDhzZWRlSkhPZmJpQjFvCjNPSGc4L1V5cENBMzY2VU56RnNW
R20vOEpsTGZFZ1p4V1JzSnVlSGJNY00KLS0tIDMreVdDSHdGVnhvVi9ENXFJY045 QmNiNGMyZXY0WmN3R0c5YURQN1RGbDQKLS0tIE5lZXZiR2FZVms4YllUd1BsOURD
ZGdKSmZmRFMveld2UmlPNmtNWTdIbWsKJkmAaS91KR1Lvx2tCuu7sfUUYq4eeLsa YTMxdkhkLzNGOWVYQkZJQnVCeW4zcXcKLaGzWYXBaR9mpLE47pWAkYUv/L5JuCR9
woel57Bqqpo8f0UMb8T6s8grdKMspZCkIu5ooR/U4xWhwOJQwd2gbw== ZH2oaOLio6BHY+pf9WbbazbjIKXMZ8KozpLTzbn7ayKYYgGxEiwdIA==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
- recipient: age1sgzc2jh8af30a3cp6g7l4hyzusqrn3x3xw7frghc4akvjaplwa3stfemxc - recipient: age1x2lpsennl74n0f5jl60uv2ffjcuqymzf9ap3frlz2quyv0x3hq3scnewwq
enc: | enc: |
-----BEGIN AGE ENCRYPTED FILE----- -----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBMVUJaM3MweHBMNjlxdHRD YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSByUmxCQ3ZOVGlWUWFkcGk1
blNZWHM3ZlZrUkVrQ3NhNnFkc1VIMytkMVhFCndTczlsVFc3bGRhRkZmRm5sMXp0 ZzNaR0R0UG43dkh5Wjd5MmQ5SlkwU0g3c0ZJCnVYZExQdi94ME56eUVwUG5XbjJi
dnZrOEVoS3F6L0hSSTUrYllnNldYTnMKLS0tIFNjVzEzTC9LZldGMmlZS3VYRThW OC9OSmZYeHo4anJLb0NQSEs3cmMrS1UKLS0tIFJWU1VYL09SbDlHZlJtRlhmSjFJ
SHJLR3lvdlFiRmJuU25RUHFFTmpjamMKbzycdDvQBAuOiRROTZEQSnaXoPapz73L YkJWUEMySU50ZHVxUzVudjNnYURXak0KkMn/8sFrrviqb3s8DtS/BAbrdCwJ+jv/
yVS9EUP25FSx/sGqRqaCefbeaybuM1aso6LDnlomv4Bib7zjugWKSw== A8rXQkKMjvTqG1f0fq5IlSmRAQy7XFBzkfbKdIUoefhey190WPEHaw==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2025-05-05T15:43:24Z" lastmodified: "2025-05-05T15:43:24Z"
mac: ENC[AES256_GCM,data:O+L35rVqMaogvBDpnIweo1hdNXU39tEmBFXXTlLyImwt8ZWN98MIcS6tOBRjOAMSTRXEkNgvoggn/3ZF7erAva5w0ohVyN5PUeJvjNqkOQ522YTVC5wYYjvG+LUgaKcvKlm5c8XGEwJBt81i/ZXt0P03RpHge2a687dZ5e8fEQQ=,iv:0pOFGLPZC8gN3hV/FTzY1443283nwsHKiUdmdQyOn8U=,tag:GMMZX55DRZkRqe1HMpVX8g==,type:str] mac: ENC[AES256_GCM,data:O+L35rVqMaogvBDpnIweo1hdNXU39tEmBFXXTlLyImwt8ZWN98MIcS6tOBRjOAMSTRXEkNgvoggn/3ZF7erAva5w0ohVyN5PUeJvjNqkOQ522YTVC5wYYjvG+LUgaKcvKlm5c8XGEwJBt81i/ZXt0P03RpHge2a687dZ5e8fEQQ=,iv:0pOFGLPZC8gN3hV/FTzY1443283nwsHKiUdmdQyOn8U=,tag:GMMZX55DRZkRqe1HMpVX8g==,type:str]
pgp: pgp:
- created_at: "2024-06-09T19:44:41Z" - created_at: "2025-06-08T12:35:30Z"
enc: |- enc: |-
-----BEGIN PGP MESSAGE----- -----BEGIN PGP MESSAGE-----
hF4DCvJ7ODFw5jQSAQdAUcAbKZ7q2ZNLG55YA8gSUc7Lyqn2G/7srJa17lezUlgw hF4DCvJ7ODFw5jQSAQdAw5PIhSmghpU+R4d8A9FY1z9NwN2C1CQvnP0u/D6k9nEw
MIhuvf6H1TfUkabE8it12NZzhSibmC+7T6FqB9tTY8UXvMn8KzVbIX5Opu/J9NNp 4jYo133RBpSmZUEOPsrAIGDwcx5rAjIwXtYEUeH3ZR1/0imfyOh0iF0NhEqF5awG
1GgBCQIQUai/KFbpw4kaUthOe2ftUuN7fYLL0Nl4ZqrGNJMFYTjwOFyb6yWE7i7C 0l4BWb/AQFnokqiIuRGQPMqpO6X3m00C2kB79nodaxorhc/WBs4JX3qz89zozsLq
fEjGjALJU2ZZIL3mZ4FYkqU1eoidKLSnDtsGArxz0ACEo8UWuR7t1QFD3oYUFu0D ao8WHHadtQJwBveKurCNHLcr2+vLatPZ93Oo3s/ky+5eB+HrottOC818TIP51tXx
i5Hfz3tyzMfPsA== =8dKb
=7FCO
-----END PGP MESSAGE----- -----END PGP MESSAGE-----
fp: 22FB2CC03DC5292AB81CF67D0AF27B383170E634 fp: 22FB2CC03DC5292AB81CF67D0AF27B383170E634
unencrypted_suffix: _unencrypted unencrypted_suffix: _unencrypted