From c58d8f0502e4138b3ed7e373a8e55feb9f02508a Mon Sep 17 00:00:00 2001 From: Mike Vink Date: Mon, 20 Nov 2023 12:25:02 +0000 Subject: fixup --- ivi/ivi.nix | 3 +++ profiles/core/secrets.nix | 32 +++++++++++++++++--------------- 2 files changed, 20 insertions(+), 15 deletions(-) diff --git a/ivi/ivi.nix b/ivi/ivi.nix index f7cc0d0..8e1013d 100644 --- a/ivi/ivi.nix +++ b/ivi/ivi.nix @@ -63,6 +63,7 @@ self: lib: with lib; let machines = { lemptop = { + secrets = true; profiles = [ "core" "station" @@ -70,11 +71,13 @@ self: lib: with lib; let ]; }; wsl = { + secrets = true; profiles = [ "core" ]; }; serber = { + secrets = true; isDeployed = true; profiles = [ "core" diff --git a/profiles/core/secrets.nix b/profiles/core/secrets.nix index 12b8a95..cacfcb7 100644 --- a/profiles/core/secrets.nix +++ b/profiles/core/secrets.nix @@ -19,22 +19,24 @@ in inputs.sops-nix.nixosModules.sops (mkAliasOptionModule [ "secrets" ] [ "sops" "secrets" ]) # TODO: get my username(s) from machine config ]; - sops = { - secrets = attrsets.mergeAttrsList - [ - (getSecrets "${inputs.self}/secrets") - (getSecrets "${inputs.self}/secrets/${machine.hostname}") - ]; - }; + config = mkIf machine.secrets { + sops = { + secrets = attrsets.mergeAttrsList + [ + (getSecrets "${inputs.self}/secrets") + (getSecrets "${inputs.self}/secrets/${machine.hostname}") + ]; + }; - environment = { - systemPackages = [ - pkgs.sops - pkgs.age - ]; - }; + environment = { + systemPackages = [ + pkgs.sops + pkgs.age + ]; + }; - hm = { - programs.password-store.enable = true; + hm = { + programs.password-store.enable = true; + }; }; } -- cgit v1.2.3