VSinerva/nixos-conf
1
0
Fork 0
Code Activity Actions

Make user password a per-machine configuration

Browse source
This commit is contained in:
Vili Sinervä 2025-06-21 17:09:24 +03:00
parent 9e59881b3c
commit 1a24fba066
Signed by: Vili Sinervä
SSH key fingerprint: SHA256:FladqYjaE4scJY3Hi+gnShZ6ygnTJgixy0I6BAoHyos
2 changed files with 26 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

25
secrets/helium/vili.yaml Normal file
View file

@ -0,0 +1,25 @@
vili-password: ENC[AES256_GCM,data:zV3ayPzVXwYxnCR/JyX6EepNhZ+ck7F4s60z+nFs/2r4Q8lypt4EoXP4jcV2+PsYWShxDQzLZlJNh6GiyRQZQQ75KSsyzSkQJg==,iv:y4QYPoy1auBK1Izi6PtlqX8/C2utgNT6cBXKYfpxIpQ=,tag:J2tTE3R8KX3azUvTVXr6yA==,type:str]
sops:
age:
- recipient: age1pvkuvcc38pke3euzsjzpgp6s6v3jykug2e69rplytdy7gxntm5jsraxhvp
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBnaUJ4Wm1rckR4RHJKNUVi
Y2lkSlZxWWRNYytrWkVHWDNONjRJNUUvRmtvCmRHMzZmMVYxcDRGbVJOejlJZnZY
T1E0Z1ZOeHR1bWRwZ1dZU3ZXa2NpNGcKLS0tIC9tcURHbm5JemdJakZsYjhjd2R2
cCtsQkQzdi9QSTlYUVkzb1EyRmNLWG8KKAAwJg4N/1jnbkM77AOPJjRgG5H9qSL2
YAPWt/BWd+sO8VJRU7Hp6Vk0dQPYBPBshx143tb/POkoNJoHSivyfw==
-----END AGE ENCRYPTED FILE-----
- recipient: age1xp02dggk2e6csvxg2q5nfts4tjhd05vthrcvvk2l67m3tgs3vugqshg24q
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBCbEE1bFErWDk0NXh5dWVi
ZVNydzhzWVlzZzRrakNWZmFsTUNQOHpLeUNrCjJHb2Y5RXJzdFVuZFhRQ1dCZmxS
VGlWTUQ1QmIwVWlLZjFQR1A4MDc5NjAKLS0tIFRvUmdDdHhEZjc1YWV1d3JYVjhS
dVlOZllqYTJOQ29EUXRxYzNHdXNSTDgK1bGw6zXjTzgFeItGkumoAGtgNaNrbzQA
tRs6TJToPrS7GBat3dkc/HzfDEZBd3eWyfM4lfFDONJz5OxE6m4Z+A==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-06-21T14:08:15Z"
mac: ENC[AES256_GCM,data:0xgu93R+LuGEBbdf7C+LC9/+zE+S8ZN1b3lghGGHi6jQpl9796wAl26QUE0Qpa8VlLWyIr27v5WbtbqsD8FDmqcgJmzEUxnJwslQdTp/F0CDI2FRhr5emeCgjmT7XGm3elVU2h1xES+2sIQJLeKciOGGQBMNCrURuxnOILq3+sI=,iv:kYuhRAcSj4QKF7hMSZ+MM8TE503vZ4BnMWnQth7VnXA=,tag:oX1yFl38oXbxZxnf27yCbg==,type:str]
unencrypted_suffix: _unencrypted
version: 3.10.2

2
shared/users/vili.nix
View file

@ -1,7 +1,7 @@
{ config, ... }: { config, ... }:
{ {
sops.secrets.vili-password = { sops.secrets.vili-password = {
sopsFile = ../../secrets/users/vili.yaml; sopsFile = ../../secrets/${config.networking.hostName}/vili.yaml;
neededForUsers = true; neededForUsers = true;
}; };