mirrors_public/oddlama_nix-config
1
1
Fork 1
mirror of https://github.com/oddlama/nix-config.git synced 2025-10-10 23:00:39 +02:00
Code Activity

refactor: properly modularize repo secret management

Browse source
This commit is contained in:
oddlama 2023-05-21 14:40:42 +02:00
parent 88f1ac54b8
commit d7f69c5baa
No known key found for this signature in database
GPG key ID: 14EFE510775FE39A
25 changed files with 143 additions and 129 deletions
Download patch file Download diff file Expand all files Collapse all files

4
flake.nix
View file

@ -82,10 +82,9 @@
# The identities that are used to rekey agenix secrets and to
# decrypt all repository-wide secrets.
secrets = {
secretsConfig = {
masterIdentities = [./secrets/yk1-nix-rage.pub];
extraEncryptionPubkeys = [./secrets/backup.pub];
content = import ./nix/secrets.nix inputs;
};
stateVersion = "23.05";
@ -112,6 +111,7 @@
(nodeName: nodeAttrs:
nixpkgs.lib.mapAttrs'
# TODO This is duplicated three times. This is microvm naming #3
# TODO maybe use microvm.vms.<name>.compoundName
(n: nixpkgs.lib.nameValuePair "${nodeName}-${n}")
(self.colmenaNodes.${nodeName}.config.microvm.vms or {}))
self.colmenaNodes;