oqyude/nixos
1
0
Fork 0
mirror of https://github.com/oqyude/nixos.git synced 2026-06-11 04:30:41 +03:00
Code Issues Packages Projects Releases Wiki Activity

sops

Browse Source
This commit is contained in:
Jor Oqyude
2025-10-09 15:37:52 +03:00
parent b9f1f3fe08
commit 414ca82c7d
3 changed files with 28 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files
nixosModules/users.nix
+12 -12
View File
@@ -35,19 +35,19 @@
sshKeyPaths = [ "/etc/ssh/id_ed25519" ]; sshKeyPaths = [ "/etc/ssh/id_ed25519" ];
generateKey = true; generateKey = true;
}; };
defaultSopsFile = ../secrets/example.yaml; # наш зашифрованный файл defaultSopsFile = ../secrets/default.yaml; # наш зашифрованный файл
# Указываем секрет SSH-ключа: # Указываем секрет SSH-ключа:
# secrets.ssh_key = { secrets.ssh_key = {
# # формат секрета (YAML по умолчанию) # формат секрета (YAML по умолчанию)
# format = "yaml"; format = "yaml";
# sopsFile = ../secrets/default.yaml; sopsFile = ../secrets/default.yaml;
# # (имя ключа в YAML: "ssh_key", т.е. ключ из файла выше) # (имя ключа в YAML: "ssh_key", т.е. ключ из файла выше)
# key = "ssh_key"; key = "ssh_key";
# path = "/home/test/.ssh/id_ed25519"; path = "/home/test/.ssh/id_ed25519";
# owner = "root"; # владелец – наш пользователь owner = "root"; # владелец – наш пользователь
# group = "root"; # группа пользователя group = "root"; # группа пользователя
# mode = "0600"; # права 600 mode = "0600"; # права 600
# }; };
}; };
} }
secrets/default.yaml
+16
View File
@@ -0,0 +1,16 @@
ssh_key: ENC[AES256_GCM,data:xa1sTBAHSBhkZ4SxEIWJZ7trb4EbFIbQTiTiBU0ARg0Rptz0UipQBG3tM7hoML1VnZOS1Xe3N61pKmwhvgtfay+Xs7Fb9Mj3k9MIgo58UozgufzrG3w0gZq6hpXSDkd83H2iRcQnsXitYy+3Jl5/Dvr/ldVcSlrkX+qXb8VrrXf6buoCozTZL0UAKRKH3CHTgZZyltT5XdA24o6eCBqHZF+VA5VOS+S8ESkrdASFAtAokidLZFlXOKkNoxOG+eDJz5d6M02Vpk73g9ZBjdeBdrbDw8i11/opEENzEUTEg5I/uPj7JGbsiGjYNYNBFw2xoHYl2MbCLO+785k89HQep6xmPhSeL9KWriMPncJnYS9Z4puai/+4lGN8uXNjVN2aAG/0m7zbZxYS4kwdOK7JCTmxW1OnLB/ujTLW5lY0256YMSYaGdL/VNXEvm0ObIwzQ/OWzJk7aRjSsZbqjTQMP76weYukZNybMPuL6rz3CpGaIBPvSy5COe7dyYvLRWGq7p/rWcTn/SMFHi10Rt31,iv:R5brgW6svZtIttvzDZjqS7PdApXhJZZsi2ZBRcF1f8g=,tag:jSZ1uAFj/exFqF8WTvms3A==,type:str]
sops:
age:
- recipient: age13l2gtk0nzr484zprp7e0pkrt0ne0j4asyn2pjmlaw73nte7t7d8q4sqtxm
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2bU9xUDVRMEdCMUczZity
TS9SeFJzdWNRTkdTUk1LTWJZOUY1VW1iY204Ck52bWlaaG8wZTZaZnJ5WXFaRW56
dVhHRENVcW1BRDJaRzFiTmJDekdvSkEKLS0tIC9nVTQ4WEVTRk5iVjNRQ2lKRVNo
Y3ZpV3BuY1dyMzFEbU9kWjBzV3JJVkEKYRTSsHuOSMDleYst5loSPQpKY0ovf3l9
yadmT0jBd0TbUT4kZulgAdR96b/EdDVUCJNP6HrILpiai1KI8sjyjw==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-10-09T12:35:23Z"
mac: ENC[AES256_GCM,data:H0LsP8DAHAcyV9EJTXf//luWUbJLtDoXNf/J/at/TKbTsPB6qFEIQQ7/eEwZJkQsld5r9A9gtZ/4hEUhW6jsDEQoN2JKLzU6hLizgMkgUgYmBwYQgin4QRRSeeYCUktVmbYyZMWzFNcBWjScr24zCBRfmExMSoKqf2tJvsZrQr4=,iv:CY9/xcR0jUgDpeoyo9KTroQwpMY/z0T2C2NTRaS8Dcg=,tag:qZ5sfNF59ubkhAwnyUbEKg==,type:str]
unencrypted_suffix: _unencrypted
version: 3.11.0
secrets/example.yaml
View File