diff --git a/.sops.yaml b/.sops.yaml index 2c0021d..0d3d984 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -21,3 +21,8 @@ creation_rules: - age: - *billy - *portatilo + # TODO: this seemes ugly + - path_regex: secrets/nixbox.yaml$ + key_groups: + - age: + - *billy diff --git a/flake.nix b/flake.nix index 2d7a24c..7edbb16 100644 --- a/flake.nix +++ b/flake.nix @@ -209,7 +209,7 @@ { hostname = "nixbox"; args = { - bluetooth = "false"; + bluetooth = false; }; extraSystemModules = [ ./system/hosts/vm diff --git a/secrets/nixbox.yaml b/secrets/nixbox.yaml new file mode 100644 index 0000000..5fee522 --- /dev/null +++ b/secrets/nixbox.yaml @@ -0,0 +1,21 @@ +user_password: ENC[AES256_GCM,data:enz1rqV16nOJdU32qhiqS560Q+aTUUvjY0Hobe14YPu+sGEbE7ySGq3WqyAxT4jduMWP28MaA6P57r8ifyuH/erpJ9QdNb54bQ==,iv:3vJo+EmPWYv3mXa5isO8Vs6FHtkUUN2V6TwcWjz4fQU=,tag:SYrkkIN+io0QQfTfpBm4lg==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age15uzjpcp7d8gvect6qnlh3g5hfxu6c0feu7rdu9n6d3dwpp4fgftq0qjxa4 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJR2JuYXcwaWRrSlptaDd4 + cDlvb1RuWXBFa3BBQzlPSjNTVHAzb0V6c1dNClVhUXhSSlpuOCtSV1NMQUFHeXpB + YjVtUlIvRmM1TWVjR1Vzbm11alRrYm8KLS0tIDRHZTlVdjkwek1GNjUxMmMybG5a + NTBEZm5sbkRTbFFibS9GQmt1dS96UlkKj2AaIZ2F2alfcPJV+VMMnJIu+GAw16di + qbrgoOK0jiKDbd3Ja/HLiq4SwlXkmfyGCV+cCUfluARqAJWBLILRWA== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-12-29T14:14:58Z" + mac: ENC[AES256_GCM,data:dj4/IZLCXRZKu+hqj56oPglEJLnQ4LCc7xzZXb6ORfT1v6zbexY0Hcb6aJ4Dgfw6G+fei+2raIUe9aByc1Hapzc4BU+03Yy6Ipmm5l99gZb5vva19L8ZKVinMRqJbqyW3/+zrLYibp8Auv4OYQ/fEjAlUAKQvmR40e1tHOSukc0=,iv:8wIl/mXsR/xbhc30zRGfJO1QVpStxsQZFhQZ9wG0Dbs=,tag:KDoh1EIvgget3uHiWFKHTA==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.9.2