diff options
| author | Fuwn <[email protected]> | 2024-09-21 21:28:10 -0700 |
|---|---|---|
| committer | Fuwn <[email protected]> | 2024-09-21 21:28:10 -0700 |
| commit | 87e4d259afacb1aba5241a4df24aa6b5b7e4cc8d (patch) | |
| tree | f4562bcc41cabc86af4fbd3afdf6afde1311d380 | |
| parent | himeji: add uptime-kuma container (diff) | |
| download | nixos-config-87e4d259afacb1aba5241a4df24aa6b5b7e4cc8d.tar.xz nixos-config-87e4d259afacb1aba5241a4df24aa6b5b7e4cc8d.zip | |
homeji: move tailscale key to sops
| -rw-r--r-- | modules/server/sops.nix | 1 | ||||
| -rw-r--r-- | modules/server/systemd.nix | 4 | ||||
| -rw-r--r-- | secrets/himeji.yaml | bin | 1947 -> 2169 bytes | |||
| -rw-r--r-- | secrets/secrets.toml | bin | 1751 -> 1656 bytes |
4 files changed, 3 insertions, 2 deletions
diff --git a/modules/server/sops.nix b/modules/server/sops.nix index 186ec3e..3acae0d 100644 --- a/modules/server/sops.nix +++ b/modules/server/sops.nix @@ -6,6 +6,7 @@ secrets = { "ghcr/user" = { }; "ghcr/password" = { }; + tailscale_authentication_key = { }; }; }; } diff --git a/modules/server/systemd.nix b/modules/server/systemd.nix index 3ad7f06..1ffc1ce 100644 --- a/modules/server/systemd.nix +++ b/modules/server/systemd.nix @@ -1,4 +1,4 @@ -{ secrets, ... }: +{ config, ... }: { systemd.services.tailscale-up = { after = [ "tailscaled.service" ]; @@ -6,7 +6,7 @@ wantedBy = [ "multi-user.target" ]; serviceConfig = { - ExecStart = "/run/current-system/sw/bin/tailscale up --authkey ${secrets.tailscale_authentication_key}"; + ExecStart = "/run/current-system/sw/bin/tailscale up --authkey ${config.sops.secrets.tailscale_authentication_key.path}"; Restart = "on-failure"; }; }; diff --git a/secrets/himeji.yaml b/secrets/himeji.yaml Binary files differindex 9aa6b68..03664d1 100644 --- a/secrets/himeji.yaml +++ b/secrets/himeji.yaml diff --git a/secrets/secrets.toml b/secrets/secrets.toml Binary files differindex ce51e0d..0be4cd0 100644 --- a/secrets/secrets.toml +++ b/secrets/secrets.toml |