feat(sops): add sops-nix and set rafiq password with it

2025-03-17 21:44:09 +08:00 · 2025-03-17 21:44:09 +08:00 · 26ba53fee3
commit 26ba53fee3
parent 99b8255fd1
6 changed files with 103 additions and 6 deletions
--- a/systems/modules/sops.nix
+++ b/systems/modules/sops.nix
@ -0,0 +1,15 @@
+{inputs, ...}: {
+  imports = [inputs.sops-nix.nixosModules.sops];
+  sops = {
+    defaultSopsFile = ../../secrets/secrets.yaml;
+    age.sshKeyPaths = [
+      "/home/rafiq/.ssh/id_ed25519"
+      "/home/rafiq/.ssh/rafiq-master"
+    ];
+    secrets = {
+      hashed_password_rafiq = {
+        neededForUsers = true;
+      };
+    };
+  };
+}