added agenix

This commit is contained in:
Moritz Böhme 2021-09-14 13:12:34 +02:00
parent 1cb7683b29
commit 5d7fc1f9f8
7 changed files with 67 additions and 2 deletions

View file

@ -1,5 +1,23 @@
{
"nodes": {
"agenix": {
"inputs": {
"nixpkgs": "nixpkgs"
},
"locked": {
"lastModified": 1631325864,
"narHash": "sha256-bBvrjUS0qfgC4LPFthGJ5E8Fl0f5UvlrCB3o5Bnn9ys=",
"owner": "ryantm",
"repo": "agenix",
"rev": "5c5bc282565f03f9c5b3d6e72b7cb985706148a6",
"type": "github"
},
"original": {
"owner": "ryantm",
"repo": "agenix",
"type": "github"
}
},
"emacs-overlay": {
"locked": {
"lastModified": 1631265331,
@ -52,6 +70,19 @@
}
},
"nixpkgs": {
"locked": {
"lastModified": 1618628710,
"narHash": "sha256-9xIoU+BrCpjs5nfWcd/GlU7XCVdnNKJPffoNTxgGfhs=",
"path": "/nix/store/z1rf17q0fxj935cmplzys4gg6nxj1as0-source",
"rev": "7919518f0235106d050c77837df5e338fb94de5d",
"type": "path"
},
"original": {
"id": "nixpkgs",
"type": "indirect"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1631117094,
"narHash": "sha256-FMdGgsJq1wGmMo98KjyUPN5ofqxuEru4ZmAn80LXa/8=",
@ -100,9 +131,10 @@
},
"root": {
"inputs": {
"agenix": "agenix",
"emacs-overlay": "emacs-overlay",
"home-manager": "home-manager",
"nixpkgs": "nixpkgs",
"nixpkgs": "nixpkgs_2",
"nur": "nur",
"picom": "picom",
"unstable": "unstable",

View file

@ -6,6 +6,7 @@
unstable.url = "github:nixos/nixpkgs/nixos-unstable";
utils.url = "github:gytis-ivaskevicius/flake-utils-plus/release-1.2.0-without-deprecated-code";
nur.url = "github:nix-community/NUR";
agenix.url = "github:ryantm/agenix";
emacs-overlay.url = "github:nix-community/emacs-overlay";
@ -27,7 +28,7 @@
};
};
outputs = inputs@{ self, utils, home-manager, nixpkgs, ...}:
outputs = inputs@{ self, utils, home-manager, nixpkgs, agenix, ...}:
utils.lib.mkFlake {
inherit self inputs;
@ -69,6 +70,7 @@
};
}
self.nixosModules.default
agenix.nixosModules.age
];
hosts.nixos-laptop.modules = [

View file

@ -69,6 +69,8 @@
time.timeZone = "Europe/Berlin";
services.sshd.enable = true;
# Powersaving
services.tlp.enable = true;
powerManagement.enable = true;

8
modules/agenix.nix Normal file
View file

@ -0,0 +1,8 @@
{ config, lib, pkgs, inputs, ... }:
{
environment.systemPackages = [
inputs.agenix.defaultPackage.x86_64-linux
];
age.secrets.nordvpn.file = ../secrets/nordvpn.age;
}

View file

@ -7,6 +7,7 @@
./emacs
./polybar
./rofi
./agenix.nix
./git.nix
./kitty.nix
./picom.nix

10
secrets/nordvpn.age Normal file
View file

@ -0,0 +1,10 @@
age-encryption.org/v1
-> ssh-ed25519 wG6LYg +W8syD6k+CQQvyMkIpITAzdXAwR+k9TOeR8LrZLUEAI
/byibB4u3xiBLU2hWDFONn/lY5JvrAdq1SRNDKDqcOY
-> ssh-ed25519 CjuqfA A/YOmAkZHx+mYMOnGWS+k3/kPTu3Qoxbj1boO6XzVmQ
+abSRmU/kp6dBhR3KjBhDzkp1jHQIQlBUMspuz45lj4
-> V2a1u-grease EW?mj&
rz1DOpA
--- eZM1v3JU4Jb+//hILOOqD+4PyzWfpZNFjcIoy3dqR40
ÉŚţ‰ í7V?U8Ţ[Ľ#`BN;
´¶ňôFX%ăjoĄ*®6u׌Í^ë`

10
secrets/secrets.nix Normal file
View file

@ -0,0 +1,10 @@
let
moritz = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGoAqa2m7hIzZ2LS96Z+RCIlRvhBM/j7h27tMBCwMT+a";
users = [ moritz ];
nixos-laptop = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDhtwHDGAZshiQWKkCcPWV9tC83b+bKBgjDcjP/N2CKO";
hosts = [ nixos-laptop ];
in
{
"nordvpn.age".publicKeys = users ++ hosts;
}