Nix literate configuration set up in monorepoHEAD main

author: Preston Pan <ret2pop@gmail.com> 2025-01-16 18:24:01 -0800
committer: Preston Pan <ret2pop@gmail.com> 2025-01-16 18:24:01 -0800
commit: 2a4a4e2c42257bb25789ec3be6bc5a88f0eab7b5 (patch)
tree: b3cf871d924e1ba6e8a790dd6dc8910e03083865 /nix/modules/secrets.nix
parent: 6f86d8f277229c41a5d5f45e6a8e9dd36d4e16a8 (diff)
1 files changed, 20 insertions, 0 deletions
diff --git a/nix/modules/secrets.nix b/nix/modules/secrets.nix
new file mode 100644
index 0000000..29e8c4c
--- /dev/null
+++ b/nix/modules/secrets.nix
@@ -0,0 +1,20 @@
+{ config, ... }:
+{
+  sops = {
+    defaultSopsFile = ../../secrets/secrets.yaml;
+    age = {
+      keyFile = "/home/${config.monorepo.vars.userName}/.ssh/keys.txt";
+    };
+    secrets.mail = {
+      format = "yaml";
+      path = "${config.sops.defaultSymlinkPath}/mail";
+    };
+    secrets.digikey = {
+      format = "yaml";
+      path = "${config.sops.defaultSymlinkPath}/digikey";
+    };
+
+    defaultSymlinkPath = "/run/user/1000/secrets";
+    defaultSecretsMountPoint = "/run/user/1000/secrets.d";
+  };
+}
author	Preston Pan <ret2pop@gmail.com>	2025-01-16 18:24:01 -0800
committer	Preston Pan <ret2pop@gmail.com>	2025-01-16 18:24:01 -0800
commit	2a4a4e2c42257bb25789ec3be6bc5a88f0eab7b5 (patch)
tree	b3cf871d924e1ba6e8a790dd6dc8910e03083865 /nix/modules/secrets.nix
parent	6f86d8f277229c41a5d5f45e6a8e9dd36d4e16a8 (diff)