colin/nix-files
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

secrets: move bluetooth/vpn secret defn to toplevel nix file

Browse Source
This commit is contained in:
colin
2022-12-26 08:28:44 +00:00
parent d3a3f39756
commit 0713e3bad1
3 changed files with 30 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
hosts/common/bluetooth.nix
View File

@@ -15,18 +15,4 @@
${install-bluetooth}/bin/install-bluetooth /run/secrets/bt ${install-bluetooth}/bin/install-bluetooth /run/secrets/bt
'' ''
); );
# TODO: use a glob, or a list, or something?
sops.secrets."bt/car" = {
sopsFile = ../../secrets/universal/bt/car.bin;
format = "binary";
};
sops.secrets."bt/earbuds" = {
sopsFile = ../../secrets/universal/bt/earbuds.bin;
format = "binary";
};
sops.secrets."bt/portable-speaker" = {
sopsFile = ../../secrets/universal/bt/portable-speaker.bin;
format = "binary";
};
} }

35
hosts/common/secrets.nix
View File

@@ -50,8 +50,37 @@
# sops.secrets."myservice/my_subdir/my_secret" = {}; # sops.secrets."myservice/my_subdir/my_secret" = {};
## universal secrets ## universal secrets
# TODO: glob these?
sops.secrets."router_passwd" = {
sopsFile = ../../secrets/universal.yaml;
};
sops.secrets."wg_ovpnd_us_privkey" = {
sopsFile = ../../secrets/universal.yaml;
};
sops.secrets."wg_ovpnd_us-atl_privkey" = {
sopsFile = ../../secrets/universal.yaml;
};
sops.secrets."wg_ovpnd_us-mi_privkey" = {
sopsFile = ../../secrets/universal.yaml;
};
sops.secrets."wg_ovpnd_ukr_privkey" = {
sopsFile = ../../secrets/universal.yaml;
};
sops.secrets."bt/car" = {
sopsFile = ../../secrets/universal/bt/car.bin;
format = "binary";
};
sops.secrets."bt/earbuds" = {
sopsFile = ../../secrets/universal/bt/earbuds.bin;
format = "binary";
};
sops.secrets."bt/portable-speaker" = {
sopsFile = ../../secrets/universal/bt/portable-speaker.bin;
format = "binary";
};
# TODO: use a glob, or a list, or something?
sops.secrets."iwd/community-university.psk" = { sops.secrets."iwd/community-university.psk" = {
sopsFile = ../../secrets/universal/net/community-university.psk.bin; sopsFile = ../../secrets/universal/net/community-university.psk.bin;
format = "binary"; format = "binary";
@@ -80,10 +109,6 @@
sopsFile = ../../secrets/universal/net/iphone.psk.bin; sopsFile = ../../secrets/universal/net/iphone.psk.bin;
format = "binary"; format = "binary";
}; };
sops.secrets."router_passwd" = {
sopsFile = ../../secrets/universal.yaml;
};
} }

3
hosts/common/vpn.nix
View File

@@ -28,9 +28,6 @@ let
# to start: `systemctl start wg-quick-ovpnd-${name}` # to start: `systemctl start wg-quick-ovpnd-${name}`
autostart = false; autostart = false;
}; };
sops.secrets."wg_ovpnd_${name}_privkey" = {
sopsFile = ../../secrets/universal.yaml;
};
}; };
in lib.mkMerge [ in lib.mkMerge [
(def-ovpn "us" { (def-ovpn "us" {