Testing sops
This commit is contained in:
parent
530ce274cb
commit
af12998913
3 changed files with 65 additions and 26 deletions
|
@ -10,6 +10,10 @@
|
||||||
enable = true;
|
enable = true;
|
||||||
enableCompletion = true;
|
enableCompletion = true;
|
||||||
bashrcExtra = ''
|
bashrcExtra = ''
|
||||||
|
sops-edit() {
|
||||||
|
nix-shell -p sops --run "sops $1"
|
||||||
|
}
|
||||||
|
|
||||||
nix-clean-all() {
|
nix-clean-all() {
|
||||||
nix-channel --update
|
nix-channel --update
|
||||||
nix-env -u --always
|
nix-env -u --always
|
||||||
|
|
37
home-manager/shell.nix
Normal file
37
home-manager/shell.nix
Normal file
|
@ -0,0 +1,37 @@
|
||||||
|
# shell.nix
|
||||||
|
with import <nixpkgs> {};
|
||||||
|
let
|
||||||
|
sops-nix = builtins.fetchTarball {
|
||||||
|
url = "https://github.com/Mic92/sops-nix/archive/master.tar.gz";
|
||||||
|
};
|
||||||
|
in
|
||||||
|
mkShell {
|
||||||
|
# imports all files ending in .asc/.gpg
|
||||||
|
sopsPGPKeyDirs = [
|
||||||
|
"${toString ./.}/keys/hosts"
|
||||||
|
"${toString ./.}/keys/users"
|
||||||
|
];
|
||||||
|
# Also single files can be imported.
|
||||||
|
#sopsPGPKeys = [
|
||||||
|
# "${toString ./.}/keys/users/mic92.asc"
|
||||||
|
# "${toString ./.}/keys/hosts/server01.asc"
|
||||||
|
#];
|
||||||
|
|
||||||
|
# This hook can also import gpg keys into its own seperate
|
||||||
|
# gpg keyring instead of using the default one. This allows
|
||||||
|
# to isolate otherwise unrelated server keys from the user gpg keychain.
|
||||||
|
# By uncommenting the following lines, it will set GNUPGHOME
|
||||||
|
# to .git/gnupg.
|
||||||
|
# Storing it inside .git prevents accedentially commiting private keys.
|
||||||
|
# After setting this option you will also need to import your own
|
||||||
|
# private key into keyring, i.e. using a a command like this
|
||||||
|
# (replacing 0000000000000000000000000000000000000000 with your fingerprint)
|
||||||
|
# $ (unset GNUPGHOME; gpg --armor --export-secret-key 0000000000000000000000000000000000000000) | gpg --import
|
||||||
|
#sopsCreateGPGHome = true;
|
||||||
|
# To use a different directory for gpg dirs set sopsGPGHome
|
||||||
|
#sopsGPGHome = "${toString ./.}/../gnupg";
|
||||||
|
|
||||||
|
nativeBuildInputs = [
|
||||||
|
(pkgs.callPackage sops-nix {}).sops-import-keys-hook
|
||||||
|
];
|
||||||
|
}
|
|
@ -1,30 +1,28 @@
|
||||||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||||
Comment: A20F 7BD3 9673 AEA2 E929 3E35 4E71 A215 3513 42A6
|
|
||||||
Comment: nixos-laptop
|
|
||||||
|
|
||||||
xsFNBAAAAAABEADOHuEyjp0I7RgvVmmijYMW1DS6+sGpfIZH9Emte2nQ4RmzJ4hy
|
xsFNBAAAAAABEACuO/0sMege8N4c08GCN2b1UyMVm9Qcn5gr7lT3szNvMX3IvM1O
|
||||||
lN6ib8/FN2ywkl0pYhXIcAimuyqI48nV+f16ckjKNpZZH/0xgRYhmARen/behOeH
|
nluIr8mOHxKv5En0XOWEV1dOSauJ0eOhucFvt4w5ReKO24k8ng6vfxK3EktSnBd9
|
||||||
BTUyaY44Of/hzOFaIceQfXy8oRpFd6tnhzeHrMFu56bnAbbcCdQYCqtgcS37v4tv
|
Xly+CBvXxA9Mq4Te4MMvnI7Zv9qW6Gy0XjEly+rAS4Pk+BzZVjRNmZ04uLsXPQO6
|
||||||
cdXZPgcQeRNUC74ml+jO/rNxpxHW8waSI0qr6+UbQ7pe9PzVZVuBdPGjwHCM3O8S
|
xGtANzvDQdT5IQT9n71vOYNyMYBDdAOnOJJcKbLBlq2sMiO+iq0qGk/cahKRWN0l
|
||||||
gytAKyIMSfSa0lej43FESUrdjxsuAtOsJPjibeoAC4nas+oagq8DpYnhRkx0kbvY
|
kRxJQnTjlZhwIsrANxOBVgkkVeG1K22lL72+Ju+2DR1Vccx1xsZQmSM7TJAvsQ7r
|
||||||
P8s/FRty1yFw3Fke4QHX1TTDXU4rffayu9koYsdCpxGljOn/8IiuXcQWAf/cQIcq
|
4Yw2KqqYcWCcYr/lQmKj8QM4mVpA73yKS4SBdSdkPHwa6fowQp3QRaZNt3hyTOYU
|
||||||
nI4DAh3mIQWa7O2xnHw2K3iRxBxz7MhtyqR+yK7uRi2QYWmARumsSl7RT6hbYCxy
|
iBDcTojphL2yVK+QIpQyFdplDvBvzTR6W+mMOvYbie7JwaO8agb6TQ3+s7DrOhmv
|
||||||
pbhdauhHYl1wulmn0h2HYpNeU127LFm0wGHDckqWLvlk/GTDv/+NOM2z92PbCX9A
|
7zE+8fDHjLcLf6DVaGLkl3J9tg6Ks85/2PvAbsCxjPMh90BpikK1f7oFSb+/yHrG
|
||||||
Af73oy8ZT6m5zE6hBWcWtviPBvaW21+2CeZ3wbUAEgsdTARDQxSG8M8EJfr2McIT
|
y1q0ii7wviIQZzrbazW7GToxAeorjUjh3SNqtmPI4jAGjJS+Sj4YBNfUvCsqOzB5
|
||||||
3gyhiCQA//yBZOnDsk79SQXz4SgX6Bc3Mk6fxt2qhWewnebteDje6GGuFReWnvuW
|
vTGe960atUkvrX/lbKdzPi8NM6JGIPO1QCKvAY1xgR1UoIj9fF/nrd4HutCMr9lY
|
||||||
jOwrIdJeVxMliD2qjX9yrv5fpN+aWM12nb35/k4atUh5Ou8fmNkl1KnG7wARAQAB
|
AjyzsCtuB40aGmTYlEgLuWOp8JCGsnZYhlmk6QmNUSswXpTrto/xiS4PkwARAQAB
|
||||||
zSlyb290IChJbXBvcnRlZCBmcm9tIFNTSCkgPHJvb3RAbG9jYWxob3N0PsLBYgQT
|
zSlyb290IChJbXBvcnRlZCBmcm9tIFNTSCkgPHJvb3RAbG9jYWxob3N0PsLBYgQT
|
||||||
AQgAFgUCAAAAAAkQTnGiFTUTQqYCGw8CGQEAACQLEAA3GUIH8GjssDr0a5PJ4BpJ
|
AQgAFgUCAAAAAAkQmWI2lXyIcWgCGw8CGQEAAJXPEAAIcePUuNMdkDBa2Fhtagpl
|
||||||
8K9jzT24Yo0vegyhWdH3Y6XRsOqHEBHe5M2u4dgAt3H48o3ac0PhPqaUvMRqrM6X
|
tKF/6lJo+TlXW41+O4AqWrkTZWbII5pi7Mx4WEraRQyx1vpGzktySvsgomM8ngkZ
|
||||||
qrq3CkIX2wzDc5XqSzyjBGTjAf+LUU6o+IU/bJuqJLnLWjZTLxQ53l3UCBYhSj1+
|
wNuWX0XKQW8WHBfQCqSRgXZXVF20KjTy7GWXW4b4cbb29fKs5Qx3Pl+lwwA0wlLD
|
||||||
93dR/0Ffy+cbMDJV1d02Bhlt2qND9WYz/tlMkf4mlMqYFqq8Qs26iuNnlD1nCn+I
|
QwJBbtZr9ZnIvksCjr3RGweqdcejAkUWJXPkC11I6GZtsWZeN+2wklDKUeSCAjVx
|
||||||
cTQ2zHy4tjxgnTBQcSaNjviMF0OJI30OLbaQWu7LUYRAPG1NyObLfuU+1amz4YRd
|
+tmmlP3IAXZtBaV7WyNuBoIkAPnxvP6IFnp3YdtQC/L/yTGEZkXoiJAZ6LEPG0Cd
|
||||||
pU/LakEcXxEV5o37mUWFc7yktItM2XWnr87M+8fr/2EgrVN36nKw0NeQY5hgcfWw
|
BS8hB9C2+pA78IOd4tbCNsI7hVBV/VfoxLQGDCyXjHovGU9CKkYo9DL9r5au6f6k
|
||||||
y/rnE7MGPdepU+HmqQgFsRTyGAy0erPqwvsm4mZ5x1bfVNE6DpAXaaHNhmNAgyfj
|
YOqlgEHnF5lkyLD3N1QdOrUIAKQrp9C0BirgU/ntaSuB5WjFsRuJUMxYPs5VOFU5
|
||||||
AB5/deHtnnCDoCOv8po3K5kDpIDEVcBg8NKPYrsuTdoad9jGogTLYMdN+WkbUJ/A
|
/zyt1+rkrJB34m9cViifDIakeCIyF8V4/ksXH2GBEag3HQzUc8zXUrZpY4PZHShN
|
||||||
l4kB7e1yPUh2jQ2XuQjHJUkoFUTZ2KW/vOk5UTRUNY2hta4uDB7NQB7byrlWIwZ8
|
VWt1fjJ7BnVdbhJVLlHXF84A23EkcXieW+I1PwIRtnE6oyZEla9JXRZd/dxHd6W7
|
||||||
1iwiZXxlf4vFMd3mQUVWwS2LkbC2MhHPUed4R2uCLszGkXrkEREwBUlRBM+/nkxU
|
EOkNRV62Y6V2FOd3t1DV3xQoZWZuYnFWiW47N3gzcoZ4hXzNxFYlyiD2GEhUgrAg
|
||||||
O9ILXbOuaBWYv8iOhRyyvImWuq94sy5xHCXxhOg0TcoDLh6/rBMztZYRpdqIxCRU
|
/Ib2VnHKkF0Rq0Dso67OcJX38+Q3BfKbGJj2TZw2uey/dJiuIx1LXsaHP3SYjxs/
|
||||||
KudAkJ6XaiMqaPE/hs+6qw==
|
PwBtTGrZ9h1Hi57KNlTwTw==
|
||||||
=Jg5R
|
=ckFg
|
||||||
-----END PGP PUBLIC KEY BLOCK-----
|
-----END PGP PUBLIC KEY BLOCK-----
|
Loading…
Reference in a new issue