From e91f417a29f96f7c3969aa62b5a74dfbcdab6c18 Mon Sep 17 00:00:00 2001 From: Gonne Date: Tue, 2 Apr 2024 18:33:50 +0200 Subject: [PATCH] Move secrets to machine config --- nixos/machines/bragi/configuration.nix | 9 ++++++++- nixos/modules/borgbackup.nix | 6 ------ 2 files changed, 8 insertions(+), 7 deletions(-) diff --git a/nixos/machines/bragi/configuration.nix b/nixos/machines/bragi/configuration.nix index f74fbb9..dd2ecdc 100644 --- a/nixos/machines/bragi/configuration.nix +++ b/nixos/machines/bragi/configuration.nix @@ -1,4 +1,4 @@ -{ +{config, ...}: { imports = [ ./hardware-configuration.nix ../../roles @@ -12,4 +12,11 @@ # System configuration here networking.hostName = "bragi"; system.stateVersion = "23.11"; + + sops.secrets.backupKey = { + sopsFile = ./backupKey.yaml; + owner = config.users.users.fsaccount.name; + inherit (config.users.users.fsaccount) group; + mode = "0400"; + }; } diff --git a/nixos/modules/borgbackup.nix b/nixos/modules/borgbackup.nix index b5cbe40..ca81cc2 100644 --- a/nixos/modules/borgbackup.nix +++ b/nixos/modules/borgbackup.nix @@ -161,11 +161,5 @@ in { } ]; }; - sops.secrets.backupKey = { - sopsFile = ../machines/bragi/backupKey.yaml; - owner = config.users.users.fsaccount.name; - inherit (config.users.users.fsaccount) group; - mode = "0400"; - }; }; }