moved sops config into common

2024-09-15 12:55:31 -05:00 · 2024-09-15 12:55:31 -05:00 · 88ab5420eb
commit 88ab5420eb
parent d22f470e24
6 changed files with 16 additions and 19 deletions
--- a/enviroments/common/default.nix
+++ b/enviroments/common/default.nix
@ -26,6 +26,19 @@
    LC_TIME = "en_US.UTF-8";
  };

+  users.groups.users = {};
+
+  sops = {
+    defaultSopsFile = ../../secrets/secrets.yaml;
+    defaultSopsFormat = "yaml";
+
+    age ={
+      keyFile = "/var/lib/sops-nix/key.txt";
+      # sshKeyPaths = ["${config.home.homeDirectory}/.ssh/nix-ed25519"];
+      # generateKey = true;
+    };
+  };
+
  # List packages installed in system profile.
  environment.systemPackages = with pkgs; [
    wget
--- a/hosts/defiant/configuration.nix
+++ b/hosts/defiant/configuration.nix
@ -11,17 +11,6 @@
      ../../enviroments/server
    ];

-  sops = {
-    defaultSopsFile = ../../secrets/secrets.yaml;
-    defaultSopsFormat = "yaml";
-
-    age ={
-      keyFile = "/home/leyla/.config/sops/age/keys.txt";
-      # sshKeyPaths = ["${config.home.homeDirectory}/.ssh/nix-ed25519"];
-      # generateKey = true;
-    };
-  };
-
  # home.sessionVariables = {
  #   SOPS_AGE_KEY_FILE = "${config.home.homeDirectory}/.config/sops-nix/key.txt";
  # };
--- a/hosts/twilight/configuration.nix
+++ b/hosts/twilight/configuration.nix
@ -11,11 +11,6 @@
      ../../enviroments/client
    ];

-  sops.defaultSopsFile = ../../secrets/secrets.yaml;
-  sops.defaultSopsFormat = "yaml";
-
-  sops.age.keyFile = "/home/leyla/.config/sops/age/keys.txt";
-
  users.leyla = {
    isFullUser = true;
    hasPiperMouse = true;
--- a/users/ester/default.nix
+++ b/users/ester/default.nix
@ -27,7 +27,7 @@ in
      (
        if cfg.isFullUser then {
          isNormalUser = true;
-          extraGroups = [ "networkmanager" ];
+          extraGroups = [ "networkmanager" "users" ];

          hashedPasswordFile = config.sops.secrets."passwords/ester".path;

--- a/users/eve/default.nix
+++ b/users/eve/default.nix
@ -27,7 +27,7 @@ in
      (
        if cfg.isFullUser then {
          isNormalUser = true;
-          extraGroups = [ "networkmanager" ];
+          extraGroups = [ "networkmanager" "users" ];

          hashedPasswordFile = config.sops.secrets."passwords/eve".path;

--- a/users/leyla/default.nix
+++ b/users/leyla/default.nix
@ -37,7 +37,7 @@ in
        if (cfg.isFullUser || cfg.isThinUser) then {
          isNormalUser = true;
          extraGroups = lib.mkMerge [
-            ["networkmanager" "wheel" "docker"]
+            ["networkmanager" "wheel" "docker" "users"]
            (
              lib.mkIf (!cfg.isThinUser) [ "adbusers" ]
            )