21 lines
695 B
Nix
21 lines
695 B
Nix
{ inputs, vars, ... }: {
|
|
imports = [
|
|
inputs.sops-nix.homeManagerModules.sops
|
|
];
|
|
|
|
sops = {
|
|
#age.keyFile = "/home/${vars.username}/.sops-key.txt"; # must have no password!
|
|
# It's also possible to use a ssh key, but only when it has no password:
|
|
age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
|
|
defaultSopsFile = ../../../secrets/general.yaml;
|
|
secrets.hello = {
|
|
# sopsFile = ./secrets.yml.enc; # optionally define per-secret files
|
|
|
|
# %r gets replaced with a runtime directory, use %% to specify a '%'
|
|
# sign. Runtime dir is $XDG_RUNTIME_DIR on linux and $(getconf
|
|
# DARWIN_USER_TEMP_DIR) on darwin.
|
|
path = "%r/hello";
|
|
};
|
|
};
|
|
}
|