Smayzy/nix-config
1
1
Fork 0
Code Issues Pull Requests Actions Wiki Activity

add agenix
All checks were successful
nixos config pipeline / show-flake (push) Successful in 32s
Details
nixos config pipeline / deploy (push) Successful in 49s
Details

Browse Source
This commit is contained in:
smayzy 2025-08-15 13:57:12 +02:00
parent 0275bf10c1
commit 32a46708fb
4 changed files with 152 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

108
flake.lock generated
View File

@ -1,5 +1,26 @@
{ {
"nodes": { "nodes": {
"agenix": {
"inputs": {
"darwin": "darwin",
"home-manager": "home-manager",
"nixpkgs": "nixpkgs",
"systems": "systems"
},
"locked": {
"lastModified": 1754433428,
"narHash": "sha256-NA/FT2hVhKDftbHSwVnoRTFhes62+7dxZbxj5Gxvghs=",
"owner": "ryantm",
"repo": "agenix",
"rev": "9edb1787864c4f59ae5074ad498b6272b3ec308d",
"type": "github"
},
"original": {
"owner": "ryantm",
"repo": "agenix",
"type": "github"
}
},
"base16": { "base16": {
"inputs": { "inputs": {
"fromYaml": "fromYaml" "fromYaml": "fromYaml"
@ -67,6 +88,28 @@
"type": "github" "type": "github"
} }
}, },
"darwin": {
"inputs": {
"nixpkgs": [
"agenix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1744478979,
"narHash": "sha256-dyN+teG9G82G+m+PX/aSAagkC+vUv0SgUw3XkPhQodQ=",
"owner": "lnl7",
"repo": "nix-darwin",
"rev": "43975d782b418ebf4969e9ccba82466728c2851b",
"type": "github"
},
"original": {
"owner": "lnl7",
"ref": "master",
"repo": "nix-darwin",
"type": "github"
}
},
"firefox-gnome-theme": { "firefox-gnome-theme": {
"flake": false, "flake": false,
"locked": { "locked": {
@ -196,6 +239,27 @@
} }
}, },
"home-manager": { "home-manager": {
"inputs": {
"nixpkgs": [
"agenix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1745494811,
"narHash": "sha256-YZCh2o9Ua1n9uCvrvi5pRxtuVNml8X2a03qIFfRKpFs=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "abfad3d2958c9e6300a883bd443512c55dfeb1be",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "home-manager",
"type": "github"
}
},
"home-manager_2": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
@ -247,6 +311,22 @@
} }
}, },
"nixpkgs": { "nixpkgs": {
"locked": {
"lastModified": 1754028485,
"narHash": "sha256-IiiXB3BDTi6UqzAZcf2S797hWEPCRZOwyNThJIYhUfk=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "59e69648d345d6e8fef86158c555730fa12af9de",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-25.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": { "locked": {
"lastModified": 1752950548, "lastModified": 1752950548,
"narHash": "sha256-NS6BLD0lxOrnCiEOcvQCDVPXafX1/ek1dfJHX1nUIzc=", "narHash": "sha256-NS6BLD0lxOrnCiEOcvQCDVPXafX1/ek1dfJHX1nUIzc=",
@ -262,7 +342,7 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs_2": { "nixpkgs_3": {
"locked": { "locked": {
"lastModified": 1752997324, "lastModified": 1752997324,
"narHash": "sha256-vtTM4oDke3SeDj+1ey6DjmzXdq8ZZSCLWSaApADDvIE=", "narHash": "sha256-vtTM4oDke3SeDj+1ey6DjmzXdq8ZZSCLWSaApADDvIE=",
@ -309,8 +389,8 @@
"flake-parts": "flake-parts", "flake-parts": "flake-parts",
"flake-utils": "flake-utils", "flake-utils": "flake-utils",
"mnw": "mnw", "mnw": "mnw",
"nixpkgs": "nixpkgs_2", "nixpkgs": "nixpkgs_3",
"systems": "systems" "systems": "systems_2"
}, },
"locked": { "locked": {
"lastModified": 1753181140, "lastModified": 1753181140,
@ -328,9 +408,10 @@
}, },
"root": { "root": {
"inputs": { "inputs": {
"home-manager": "home-manager", "agenix": "agenix",
"home-manager": "home-manager_2",
"nix-flatpak": "nix-flatpak", "nix-flatpak": "nix-flatpak",
"nixpkgs": "nixpkgs", "nixpkgs": "nixpkgs_2",
"nvf": "nvf", "nvf": "nvf",
"stylix": "stylix" "stylix": "stylix"
} }
@ -348,7 +429,7 @@
"nixpkgs" "nixpkgs"
], ],
"nur": "nur", "nur": "nur",
"systems": "systems_2", "systems": "systems_3",
"tinted-foot": "tinted-foot", "tinted-foot": "tinted-foot",
"tinted-kitty": "tinted-kitty", "tinted-kitty": "tinted-kitty",
"tinted-schemes": "tinted-schemes", "tinted-schemes": "tinted-schemes",
@ -399,6 +480,21 @@
"type": "github" "type": "github"
} }
}, },
"systems_3": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"tinted-foot": { "tinted-foot": {
"flake": false, "flake": false,
"locked": { "locked": {

12
flake.nix
View File

@ -8,6 +8,8 @@
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
agenix.url = "github:ryantm/agenix";
nix-flatpak.url = "github:gmodena/nix-flatpak/?ref=latest"; nix-flatpak.url = "github:gmodena/nix-flatpak/?ref=latest";
stylix = { stylix = {
@ -22,8 +24,7 @@
{ {
self, self,
nixpkgs, nixpkgs,
nix-flatpak, agenix,
nvf,
... ...
}@inputs: }@inputs:
let let
@ -31,14 +32,15 @@
overlays = builtins.attrValues (import ./overlays); overlays = builtins.attrValues (import ./overlays);
sharedModules = [ sharedModules = [
nix-flatpak.nixosModules.nix-flatpak inputs.nix-flatpak.nixosModules.nix-flatpak
inputs.stylix.nixosModules.stylix inputs.stylix.nixosModules.stylix
nvf.nixosModules.default inputs.nvf.nixosModules.default
inputs.agenix.nixosModules.default
]; ];
mkHost = hostConfig: mkHost = hostConfig:
nixpkgs.lib.nixosSystem { nixpkgs.lib.nixosSystem {
specialArgs = { inherit inputs system overlays; }; specialArgs = { inherit inputs system overlays agenix; };
modules = [ hostConfig ] ++ sharedModules; modules = [ hostConfig ] ++ sharedModules;
}; };
in in

2
modules/nix/base-cli/pkgs.nix
View File

@ -2,6 +2,7 @@
config, config,
lib, lib,
pkgs, pkgs,
agenix,
... ...
}: }:
let let
@ -30,6 +31,7 @@ in
usbutils usbutils
git git
unzip unzip
agenix.packages.${system}.default
]; ];
}; };
} }

41
secrets/secrets.nix Normal file
View File

@ -0,0 +1,41 @@
let
nix-config-dev = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEPRiK+vZw/G4d0fzkHzPSx+UJdiDdMyxW+ygCPLRxz2";
smayzy_desktop1 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKebxL3JGy2UgPX4NjDvHjRz1ri6yyReAOURET+ULKz5";
smayzy_laptop1 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB1AK9eYCMHAz1HE0/UmFeAmFNn6EJsVwiKsvzeHipuI";
smayzy_server1 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK0rBzdu8mwX26ZH7+bxHQsYqLZ/uCcBRP05OJlhzfZF";
users = [ smayzy_desktop1 smayzy_laptop1 smayzy_server1 ];
desktop1 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM627oXXyR+0SlVNcRhyw2/8c3X4y+cl3XSU/BUumxzi";
laptop1 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ6tnupPyqe4Ihc3D4S8ZSPCX4k1M/AEQ0gmy61O4CTb";
server1 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKnu2elHgXTUPOTPjjyARNswMvxnrCkjdbUjD3thFo3l";
desktops = [ desktop1 ];
laptops = [ laptop1 ];
servers = [ server1 ];
systems = desktops ++ laptops ++ servers;
mkKey = key:{
publicKeys =
if builtins.isList key
then key ++ [ nix-config-dev ]
else [ key nix-config-dev ];
armor = true;
};
in
{
"smayzy_desktop1.age" = mkKey smayzy_desktop1;
"smayzy_laptop1.age" = mkKey smayzy_laptop1;
"smayzy_server1.age" = mkKey smayzy_server1;
"users.age" = mkKey users;
"desktop1.age" = mkKey desktop1;
"laptop1.age" = mkKey laptop1;
"server1.age" = mkKey server1;
"desktops.age" = mkKey desktops;
"laptops.age" = mkKey laptops;
"servers.age" = mkKey servers;
"systems.age" = mkKey systems;
}