nixy: cleanup config

2024-05-11 09:26:49 +02:00 · 2024-05-11 09:26:49 +02:00 · 7a647287bb
commit 7a647287bb
parent 82efa133b3
1 changed files with 25 additions and 21 deletions
--- a/nixy/configuration.nix
+++ b/nixy/configuration.nix
@ -13,30 +13,34 @@
  system.stateVersion = "23.05";
  system.autoUpgrade.enable = false;
-  sops.age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
+  sops = {
-  sops.secrets."peerix/private" = {
+    age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
-    sopsFile = ./secrets/peerix.yaml;
+    secrets = {
-    mode = "0400";
+      "peerix/private" = {
-    owner = config.users.users.nobody.name;
+        sopsFile = ./secrets/peerix.yaml;
-    group = config.users.users.nobody.group;
+        mode = "0400";
-  };
+        owner = config.users.users.nobody.name;
        group = config.users.users.nobody.group;
      };
-  sops.secrets."wg_privkey" = {
+      "wg_privkey" = {
-    sopsFile = ./secrets/wg_privkey.yaml;
+        sopsFile = ./secrets/wg_privkey.yaml;
-  };
+      };
-  sops.secrets."wg_preshared/nixy" = {
+      "wg_preshared/nixy" = {
-    sopsFile = ../common/secrets/wg_preshared.yaml;
+        sopsFile = ../common/secrets/wg_preshared.yaml;
-  };
+      };
-  sops.secrets."borgbase_enc_key" = {
+      "borgbase_enc_key" = {
-    sopsFile = ./secrets/borgbase_enc_key.yaml;
+        sopsFile = ./secrets/borgbase_enc_key.yaml;
-    owner = config.users.users.akill.name;
+        owner = config.users.users.akill.name;
-  };
+      };
-  sops.secrets."borgbase_ssh_key" = {
+      "borgbase_ssh_key" = {
-    sopsFile = ./secrets/borgbase_ssh_key.yaml;
+        sopsFile = ./secrets/borgbase_ssh_key.yaml;
-    owner = config.users.users.akill.name;
+        owner = config.users.users.akill.name;
      };
    };
  };
  nix = {
@ -412,7 +416,7 @@
      enable = true;
      driSupport = true;
      driSupport32Bit = true;
-      extraPackages = with pkgs; [];
+      extraPackages = [];
    };
    rtl-sdr.enable = true;
  };