Replaced agenix based secrets for SOPS

2025-05-15 20:10:20 +02:00
parent 76d09952fc
commit a1ce2f94bb
14 changed files with 41 additions and 347 deletions
--- a/flake.nix
+++ b/flake.nix
@ -4,9 +4,6 @@
    nixpkgs = {
      url = "github:nixos/nixpkgs/nixos-unstable";
    };
-    agenix = {
-      url = "github:ryantm/agenix";
-    };
    home-manager = {
      url = "github:nix-community/home-manager";
    };
@ -40,6 +37,10 @@
      url = "git@git.kolkman.org:olaf/nix-config-secrets.git";
      flake = false;
    };
+    sops-nix = {
+      url = "github:Mic92/sops-nix";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
  };
  outputs =
    {
@ -52,9 +53,9 @@
      home-manager,
      nixpkgs,
      disko,
-      agenix,
      secrets,
      nixd,
+      sops-nix,
    }@inputs:
    let
      user = "olaf";
@ -79,8 +80,6 @@
              nativeBuildInputs = with pkgs; [
                bashInteractive
                git
-                age
-                age-plugin-yubikey
              ];
              shellHook = with pkgs; ''
                export EDITOR=vim
@ -132,6 +131,7 @@
          inherit system;
          specialArgs = inputs;
          modules = [
+            #    sops-nix.nixosModules.sops
            home-manager.darwinModules.home-manager
            nix-homebrew.darwinModules.nix-homebrew
            {
@ -158,6 +158,7 @@
          inherit system;
          specialArgs = inputs;
          modules = [
+            sops-nix.nixosModules.sops
            disko.nixosModules.disko
            home-manager.nixosModules.home-manager
            {