Testing sops
This commit is contained in:
parent
530ce274cb
commit
af12998913
3 changed files with 65 additions and 26 deletions
|
@ -10,6 +10,10 @@
|
|||
enable = true;
|
||||
enableCompletion = true;
|
||||
bashrcExtra = ''
|
||||
sops-edit() {
|
||||
nix-shell -p sops --run "sops $1"
|
||||
}
|
||||
|
||||
nix-clean-all() {
|
||||
nix-channel --update
|
||||
nix-env -u --always
|
||||
|
|
37
home-manager/shell.nix
Normal file
37
home-manager/shell.nix
Normal file
|
@ -0,0 +1,37 @@
|
|||
# shell.nix
|
||||
with import <nixpkgs> {};
|
||||
let
|
||||
sops-nix = builtins.fetchTarball {
|
||||
url = "https://github.com/Mic92/sops-nix/archive/master.tar.gz";
|
||||
};
|
||||
in
|
||||
mkShell {
|
||||
# imports all files ending in .asc/.gpg
|
||||
sopsPGPKeyDirs = [
|
||||
"${toString ./.}/keys/hosts"
|
||||
"${toString ./.}/keys/users"
|
||||
];
|
||||
# Also single files can be imported.
|
||||
#sopsPGPKeys = [
|
||||
# "${toString ./.}/keys/users/mic92.asc"
|
||||
# "${toString ./.}/keys/hosts/server01.asc"
|
||||
#];
|
||||
|
||||
# This hook can also import gpg keys into its own seperate
|
||||
# gpg keyring instead of using the default one. This allows
|
||||
# to isolate otherwise unrelated server keys from the user gpg keychain.
|
||||
# By uncommenting the following lines, it will set GNUPGHOME
|
||||
# to .git/gnupg.
|
||||
# Storing it inside .git prevents accedentially commiting private keys.
|
||||
# After setting this option you will also need to import your own
|
||||
# private key into keyring, i.e. using a a command like this
|
||||
# (replacing 0000000000000000000000000000000000000000 with your fingerprint)
|
||||
# $ (unset GNUPGHOME; gpg --armor --export-secret-key 0000000000000000000000000000000000000000) | gpg --import
|
||||
#sopsCreateGPGHome = true;
|
||||
# To use a different directory for gpg dirs set sopsGPGHome
|
||||
#sopsGPGHome = "${toString ./.}/../gnupg";
|
||||
|
||||
nativeBuildInputs = [
|
||||
(pkgs.callPackage sops-nix {}).sops-import-keys-hook
|
||||
];
|
||||
}
|
|
@ -1,30 +1,28 @@
|
|||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
Comment: A20F 7BD3 9673 AEA2 E929 3E35 4E71 A215 3513 42A6
|
||||
Comment: nixos-laptop
|
||||
|
||||
xsFNBAAAAAABEADOHuEyjp0I7RgvVmmijYMW1DS6+sGpfIZH9Emte2nQ4RmzJ4hy
|
||||
lN6ib8/FN2ywkl0pYhXIcAimuyqI48nV+f16ckjKNpZZH/0xgRYhmARen/behOeH
|
||||
BTUyaY44Of/hzOFaIceQfXy8oRpFd6tnhzeHrMFu56bnAbbcCdQYCqtgcS37v4tv
|
||||
cdXZPgcQeRNUC74ml+jO/rNxpxHW8waSI0qr6+UbQ7pe9PzVZVuBdPGjwHCM3O8S
|
||||
gytAKyIMSfSa0lej43FESUrdjxsuAtOsJPjibeoAC4nas+oagq8DpYnhRkx0kbvY
|
||||
P8s/FRty1yFw3Fke4QHX1TTDXU4rffayu9koYsdCpxGljOn/8IiuXcQWAf/cQIcq
|
||||
nI4DAh3mIQWa7O2xnHw2K3iRxBxz7MhtyqR+yK7uRi2QYWmARumsSl7RT6hbYCxy
|
||||
pbhdauhHYl1wulmn0h2HYpNeU127LFm0wGHDckqWLvlk/GTDv/+NOM2z92PbCX9A
|
||||
Af73oy8ZT6m5zE6hBWcWtviPBvaW21+2CeZ3wbUAEgsdTARDQxSG8M8EJfr2McIT
|
||||
3gyhiCQA//yBZOnDsk79SQXz4SgX6Bc3Mk6fxt2qhWewnebteDje6GGuFReWnvuW
|
||||
jOwrIdJeVxMliD2qjX9yrv5fpN+aWM12nb35/k4atUh5Ou8fmNkl1KnG7wARAQAB
|
||||
xsFNBAAAAAABEACuO/0sMege8N4c08GCN2b1UyMVm9Qcn5gr7lT3szNvMX3IvM1O
|
||||
nluIr8mOHxKv5En0XOWEV1dOSauJ0eOhucFvt4w5ReKO24k8ng6vfxK3EktSnBd9
|
||||
Xly+CBvXxA9Mq4Te4MMvnI7Zv9qW6Gy0XjEly+rAS4Pk+BzZVjRNmZ04uLsXPQO6
|
||||
xGtANzvDQdT5IQT9n71vOYNyMYBDdAOnOJJcKbLBlq2sMiO+iq0qGk/cahKRWN0l
|
||||
kRxJQnTjlZhwIsrANxOBVgkkVeG1K22lL72+Ju+2DR1Vccx1xsZQmSM7TJAvsQ7r
|
||||
4Yw2KqqYcWCcYr/lQmKj8QM4mVpA73yKS4SBdSdkPHwa6fowQp3QRaZNt3hyTOYU
|
||||
iBDcTojphL2yVK+QIpQyFdplDvBvzTR6W+mMOvYbie7JwaO8agb6TQ3+s7DrOhmv
|
||||
7zE+8fDHjLcLf6DVaGLkl3J9tg6Ks85/2PvAbsCxjPMh90BpikK1f7oFSb+/yHrG
|
||||
y1q0ii7wviIQZzrbazW7GToxAeorjUjh3SNqtmPI4jAGjJS+Sj4YBNfUvCsqOzB5
|
||||
vTGe960atUkvrX/lbKdzPi8NM6JGIPO1QCKvAY1xgR1UoIj9fF/nrd4HutCMr9lY
|
||||
AjyzsCtuB40aGmTYlEgLuWOp8JCGsnZYhlmk6QmNUSswXpTrto/xiS4PkwARAQAB
|
||||
zSlyb290IChJbXBvcnRlZCBmcm9tIFNTSCkgPHJvb3RAbG9jYWxob3N0PsLBYgQT
|
||||
AQgAFgUCAAAAAAkQTnGiFTUTQqYCGw8CGQEAACQLEAA3GUIH8GjssDr0a5PJ4BpJ
|
||||
8K9jzT24Yo0vegyhWdH3Y6XRsOqHEBHe5M2u4dgAt3H48o3ac0PhPqaUvMRqrM6X
|
||||
qrq3CkIX2wzDc5XqSzyjBGTjAf+LUU6o+IU/bJuqJLnLWjZTLxQ53l3UCBYhSj1+
|
||||
93dR/0Ffy+cbMDJV1d02Bhlt2qND9WYz/tlMkf4mlMqYFqq8Qs26iuNnlD1nCn+I
|
||||
cTQ2zHy4tjxgnTBQcSaNjviMF0OJI30OLbaQWu7LUYRAPG1NyObLfuU+1amz4YRd
|
||||
pU/LakEcXxEV5o37mUWFc7yktItM2XWnr87M+8fr/2EgrVN36nKw0NeQY5hgcfWw
|
||||
y/rnE7MGPdepU+HmqQgFsRTyGAy0erPqwvsm4mZ5x1bfVNE6DpAXaaHNhmNAgyfj
|
||||
AB5/deHtnnCDoCOv8po3K5kDpIDEVcBg8NKPYrsuTdoad9jGogTLYMdN+WkbUJ/A
|
||||
l4kB7e1yPUh2jQ2XuQjHJUkoFUTZ2KW/vOk5UTRUNY2hta4uDB7NQB7byrlWIwZ8
|
||||
1iwiZXxlf4vFMd3mQUVWwS2LkbC2MhHPUed4R2uCLszGkXrkEREwBUlRBM+/nkxU
|
||||
O9ILXbOuaBWYv8iOhRyyvImWuq94sy5xHCXxhOg0TcoDLh6/rBMztZYRpdqIxCRU
|
||||
KudAkJ6XaiMqaPE/hs+6qw==
|
||||
=Jg5R
|
||||
AQgAFgUCAAAAAAkQmWI2lXyIcWgCGw8CGQEAAJXPEAAIcePUuNMdkDBa2Fhtagpl
|
||||
tKF/6lJo+TlXW41+O4AqWrkTZWbII5pi7Mx4WEraRQyx1vpGzktySvsgomM8ngkZ
|
||||
wNuWX0XKQW8WHBfQCqSRgXZXVF20KjTy7GWXW4b4cbb29fKs5Qx3Pl+lwwA0wlLD
|
||||
QwJBbtZr9ZnIvksCjr3RGweqdcejAkUWJXPkC11I6GZtsWZeN+2wklDKUeSCAjVx
|
||||
+tmmlP3IAXZtBaV7WyNuBoIkAPnxvP6IFnp3YdtQC/L/yTGEZkXoiJAZ6LEPG0Cd
|
||||
BS8hB9C2+pA78IOd4tbCNsI7hVBV/VfoxLQGDCyXjHovGU9CKkYo9DL9r5au6f6k
|
||||
YOqlgEHnF5lkyLD3N1QdOrUIAKQrp9C0BirgU/ntaSuB5WjFsRuJUMxYPs5VOFU5
|
||||
/zyt1+rkrJB34m9cViifDIakeCIyF8V4/ksXH2GBEag3HQzUc8zXUrZpY4PZHShN
|
||||
VWt1fjJ7BnVdbhJVLlHXF84A23EkcXieW+I1PwIRtnE6oyZEla9JXRZd/dxHd6W7
|
||||
EOkNRV62Y6V2FOd3t1DV3xQoZWZuYnFWiW47N3gzcoZ4hXzNxFYlyiD2GEhUgrAg
|
||||
/Ib2VnHKkF0Rq0Dso67OcJX38+Q3BfKbGJj2TZw2uey/dJiuIx1LXsaHP3SYjxs/
|
||||
PwBtTGrZ9h1Hi57KNlTwTw==
|
||||
=ckFg
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
Loading…
Reference in a new issue