tlaternet/tlaternet-server
1
0
Fork 0
Code Issues10 Pull requests Releases Activity

Add sops-nix

Browse source
This commit is contained in:
Tristan Daniël Maat 2022-04-23 04:06:50 +01:00
parent 73988df2a6
commit e7102adec1
Signed by: tlater
GPG key ID: 49670FD774E43268
7 changed files with 207 additions and 6 deletions

26
flake.nix
View file

@ -5,6 +5,11 @@
nixpkgs.url = "github:nixos/nixpkgs/nixos-21.11";
nixos-hardware.url = "github:nixos/nixos-hardware/master";
flake-utils.url = "github:numtide/flake-utils";
sops-nix = {
url = "github:Mic92/sops-nix";
inputs.nixpkgs.follows = "nixpkgs";
};
tlaternet-webserver = {
url = "git+https://gitea.tlater.net/tlaternet/tlaternet.git";
inputs = {
@ -21,8 +26,8 @@
};
};
outputs = { self, nixpkgs, nixos-hardware, flake-utils, tlaternet-webserver
, tlaternet-templates, ... }@inputs:
outputs = { self, nixpkgs, nixos-hardware, flake-utils, sops-nix
, tlaternet-webserver, tlaternet-templates, ... }@inputs:
let
overlays = [
(final: prev: {
@ -53,6 +58,7 @@
(import ./configuration)
(import ./configuration/linode.nix)
(import ./configuration/hardware-configuration.nix)
sops-nix.nixosModules.sops
];
};
@ -68,6 +74,7 @@
(import ./modules)
(import ./configuration)
sops-nix.nixosModules.sops
({ lib, ... }: {
users.users.tlater.password = "insecure";
@ -86,13 +93,20 @@
};
};
} // flake-utils.lib.eachDefaultSystem (system:
let pkgs = import nixpkgs { inherit system overlays; };
let
pkgs = import nixpkgs { inherit system overlays; };
sops-pkgs = sops-nix.packages.${system};
in {
devShell = with pkgs;
mkShell {
buildInputs = [
devShell =
pkgs.mkShell {
sopsPGPKeyDirs = ["./keys/hosts/" "./keys/users/"];
nativeBuildInputs = with sops-pkgs; [
sops-import-keys-hook
];
buildInputs = with pkgs; with sops-pkgs; [
nixfmt
git-lfs
sops-init-gpg-key
# For the minecraft mod update script
(python3.withPackages (pypkgs: