diff --git a/.sops.yaml b/.sops.yaml index 3f54dcc..b8b0adf 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -9,7 +9,7 @@ creation_rules: key_groups: - age: - *leyla - - path_regex: secrets/wireguard-keys.yaml$ + - path_regex: secrets/vpn-keys.yaml$ key_groups: - age: - *leyla diff --git a/configurations/nixos/defiant/configuration.nix b/configurations/nixos/defiant/configuration.nix index 7209aa9..7455812 100644 --- a/configurations/nixos/defiant/configuration.nix +++ b/configurations/nixos/defiant/configuration.nix @@ -6,8 +6,8 @@ ... }: { sops.secrets = { - "wireguard-keys/tailscale-authkey/defiant" = { - sopsFile = "${inputs.secrets}/wireguard-keys.yaml"; + "vpn-keys/tailscale-authkey/defiant" = { + sopsFile = "${inputs.secrets}/vpn-keys.yaml"; }; "services/zfs_smtp_token" = { sopsFile = "${inputs.secrets}/defiant-services.yaml"; @@ -140,7 +140,7 @@ }; tailscale = { enable = true; - authKeyFile = config.sops.secrets."wireguard-keys/tailscale-authkey/defiant".path; + authKeyFile = config.sops.secrets."vpn-keys/tailscale-authkey/defiant".path; useRoutingFeatures = "server"; extraUpFlags = [ "--advertise-exit-node" diff --git a/configurations/nixos/horizon/configuration.nix b/configurations/nixos/horizon/configuration.nix index dabb2cf..5f1fd3a 100644 --- a/configurations/nixos/horizon/configuration.nix +++ b/configurations/nixos/horizon/configuration.nix @@ -28,8 +28,8 @@ programs.adb.enable = true; sops.secrets = { - "wireguard-keys/tailscale-authkey/horizon" = { - sopsFile = "${inputs.secrets}/wireguard-keys.yaml"; + "vpn-keys/tailscale-authkey/horizon" = { + sopsFile = "${inputs.secrets}/vpn-keys.yaml"; }; }; @@ -48,7 +48,7 @@ }; tailscale = { enable = true; - authKeyFile = config.sops.secrets."wireguard-keys/tailscale-authkey/horizon".path; + authKeyFile = config.sops.secrets."vpn-keys/tailscale-authkey/horizon".path; useRoutingFeatures = "client"; }; diff --git a/configurations/nixos/twilight/configuration.nix b/configurations/nixos/twilight/configuration.nix index bbd8835..73dd642 100644 --- a/configurations/nixos/twilight/configuration.nix +++ b/configurations/nixos/twilight/configuration.nix @@ -10,8 +10,8 @@ nixpkgs.config.allowUnfree = true; sops.secrets = { - "wireguard-keys/tailscale-authkey/twilight" = { - sopsFile = "${inputs.secrets}/wireguard-keys.yaml"; + "vpn-keys/tailscale-authkey/twilight" = { + sopsFile = "${inputs.secrets}/vpn-keys.yaml"; }; }; host = { @@ -44,7 +44,7 @@ tailscale = { enable = true; - authKeyFile = config.sops.secrets."wireguard-keys/tailscale-authkey/twilight".path; + authKeyFile = config.sops.secrets."vpn-keys/tailscale-authkey/twilight".path; useRoutingFeatures = "both"; extraUpFlags = [ "--advertise-exit-node" diff --git a/flake.lock b/flake.lock index b9809b3..d9ea0b7 100644 --- a/flake.lock +++ b/flake.lock @@ -7,11 +7,11 @@ ] }, "locked": { - "lastModified": 1741786315, - "narHash": "sha256-VT65AE2syHVj6v/DGB496bqBnu1PXrrzwlw07/Zpllc=", + "lastModified": 1743524395, + "narHash": "sha256-BXVan1TBC2iDJODFvCoz2XrbAOyZ9KWjwyIkOYwO4Mc=", "owner": "nix-community", "repo": "disko", - "rev": "0d8c6ad4a43906d14abd5c60e0ffe7b587b213de", + "rev": "f6dbc8952df9e40afafbe38449751bfad12d64f2", "type": "github" }, "original": { @@ -29,11 +29,11 @@ }, "locked": { "dir": "pkgs/firefox-addons", - "lastModified": 1743119709, - "narHash": "sha256-tlJY7MfAena/yi3lmd7y7vQGpLma4Q1BLtO4dvzF/Vs=", + "lastModified": 1743527765, + "narHash": "sha256-Y7TQ4bseuTjnXu3/Km8ylRIkyiYrZjwp5cqcb/7bJzs=", "owner": "rycee", "repo": "nur-expressions", - "rev": "f8861a4b09a181dd88f6626d0202d9225ae85d65", + "rev": "d7c0454483cf3644c8e5d3094ad2f1ee2cdcc6b0", "type": "gitlab" }, "original": { @@ -98,11 +98,11 @@ ] }, "locked": { - "lastModified": 1743259333, - "narHash": "sha256-2Fi3K++co4IGbeOLGXdRA6VEfbzQzMgcuBaPTyjfj0s=", + "lastModified": 1743527271, + "narHash": "sha256-EuanEW1qqXZ2h0zJnq7uz8BoHbsgHgUrqWkCZHwZ9FA=", "owner": "nix-community", "repo": "home-manager", - "rev": "1f679ed2a2ebe3894bad9f89fb0bd9f141c28a68", + "rev": "f4d9d1e2ad19d544a0a0cf3f8f371c6139c762e9", "type": "github" }, "original": { @@ -133,11 +133,11 @@ ] }, "locked": { - "lastModified": 1743221873, - "narHash": "sha256-i8VPNm4UBsC3Ni6VwjojVJvCpS9GZ4vPrpFRtCGJzBs=", + "lastModified": 1743496612, + "narHash": "sha256-emPWa5lmKbnyuj8c1mSJUkzJNT+iJoU9GMcXwjp2oVM=", "owner": "LnL7", "repo": "nix-darwin", - "rev": "53d0f0ed11487a4476741fde757d0feabef4cc4e", + "rev": "73d59580d01e9b9f957ba749f336a272869c42dd", "type": "github" }, "original": { @@ -175,11 +175,11 @@ ] }, "locked": { - "lastModified": 1743213162, - "narHash": "sha256-9UU0x2fZORsX6PEpzkIAD/7+bwm+javJtZA/411ZmLg=", + "lastModified": 1743473153, + "narHash": "sha256-RVOgS/5+Nd/Oq3aXhIk8Y3aAILCYwm8nmrvLogy1hI0=", "owner": "nix-community", "repo": "nix-vscode-extensions", - "rev": "1b2a53e3478225bc35d14ae75ea9e7b749c16d5b", + "rev": "57ed10b9d4395687b38277f422fbb0700f65e632", "type": "github" }, "original": { @@ -190,11 +190,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1743167577, - "narHash": "sha256-I09SrXIO0UdyBFfh0fxDq5WnCDg8XKmZ1HQbaXzMA1k=", + "lastModified": 1743420942, + "narHash": "sha256-b/exDDQSLmENZZgbAEI3qi9yHkuXAXCPbormD8CSJXo=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "0ed819e708af17bfc4bbc63ee080ef308a24aa42", + "rev": "de6fc5551121c59c01e2a3d45b277a6d05077bc4", "type": "github" }, "original": { @@ -206,11 +206,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1743095683, - "narHash": "sha256-gWd4urRoLRe8GLVC/3rYRae1h+xfQzt09xOfb0PaHSk=", + "lastModified": 1743315132, + "narHash": "sha256-6hl6L/tRnwubHcA4pfUUtk542wn2Om+D4UnDhlDW9BE=", "owner": "nixos", "repo": "nixpkgs", - "rev": "5e5402ecbcb27af32284d4a62553c019a3a49ea6", + "rev": "52faf482a3889b7619003c0daec593a1912fddc1", "type": "github" }, "original": { @@ -239,11 +239,11 @@ "secrets": { "flake": false, "locked": { - "lastModified": 1742597341, - "narHash": "sha256-r9Tid/fvcxi6LjAtW7YbXGN1HAtz/XEQkWZVPw3pLvk=", + "lastModified": 1743538790, + "narHash": "sha256-QXmvyxfAhpifxAWcYTvuGfzv9I+9gHw0bq4WYtGEB9A=", "ref": "refs/heads/main", - "rev": "d022f6bde68fa7aaf89c6c8b8c1a3ab2b6fb2433", - "revCount": 15, + "rev": "3d63dff77f8eda1667e3586169642cf256c4aa34", + "revCount": 17, "type": "git", "url": "ssh://git@git.jan-leila.com/jan-leila/nix-config-secrets.git" }, @@ -259,11 +259,11 @@ ] }, "locked": { - "lastModified": 1742700801, - "narHash": "sha256-ZGlpUDsuBdeZeTNgoMv+aw0ByXT2J3wkYw9kJwkAS4M=", + "lastModified": 1743502316, + "narHash": "sha256-zI2WSkU+ei4zCxT+IVSQjNM9i0ST++T2qSFXTsAND7s=", "owner": "Mic92", "repo": "sops-nix", - "rev": "67566fe68a8bed2a7b1175fdfb0697ed22ae8852", + "rev": "e7f4d7ed8bce8dfa7d2f2fe6f8b8f523e54646f8", "type": "github" }, "original": { diff --git a/nix-config-secrets b/nix-config-secrets index d022f6b..3d63dff 160000 --- a/nix-config-secrets +++ b/nix-config-secrets @@ -1 +1 @@ -Subproject commit d022f6bde68fa7aaf89c6c8b8c1a3ab2b6fb2433 +Subproject commit 3d63dff77f8eda1667e3586169642cf256c4aa34