modules/core/security/sops.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18

{ pkgs, ... }:
{
  environment.systemPackages = [
    pkgs.sops
  ];

  sops = {
    defaultSopsFile = ../../../secrets/secrets.yaml;
    gnupg.sshKeyPaths = [ ];
    secrets.openai_api_key.owner = "ebisu";

    age = {
      sshKeyPaths = [ ];
      keyFile = "/var/lib/sops-nix/keys.txt";
      generateKey = true;
    };
  };
}