diff --git a/flake.nix b/flake.nix index 579a496..9f3353a 100644 --- a/flake.nix +++ b/flake.nix @@ -1,6 +1,6 @@ # flake for blakes nixos config # define new devices in outputs -# generation: 21 current 2025-10-06 10:30:26 25.05.20251001.5b5be50 6.12.49 * +# generation: 22 current 2025-10-06 10:50:34 25.05.20251001.5b5be50 6.12.49 * { description = "blakes nix config"; inputs = { diff --git a/modules/system/sops.nix b/modules/system/sops.nix index e53939d..d452c87 100644 --- a/modules/system/sops.nix +++ b/modules/system/sops.nix @@ -26,9 +26,16 @@ in # group = ""; # path = "" # }; - "tailscale_authkey" = { + + "tailscale_authkey" = lib.mkIf config.modules.system.tailscale.enable { owner = "root"; }; + + "blake_pass" = { + owner = "blake"; + group = "blake"; + neededForUsers = true; + }; }; }; }; diff --git a/secrets/secrets.yaml b/secrets/secrets.yaml index 5013c52..dcb76c2 100644 --- a/secrets/secrets.yaml +++ b/secrets/secrets.yaml @@ -10,7 +10,7 @@ example_booleans: - ENC[AES256_GCM,data:Fo9fEJA=,iv:nPxly0FQRo5/xY5vP5V2n8gcdbjbDslhFPlmB5MAGyQ=,tag:Gq3/hljDSPbd5BuDtSKdGQ==,type:bool] #ENC[AES256_GCM,data:9A2p05BEY4NdZQ==,iv:QDSNH1BPOO7zbA1kuxvsAgRCXFGXVTZaFOelbgshONY=,tag:zx4jKl2fDXaU0UX1TDpwiQ==,type:comment] tailscale_authkey: ENC[AES256_GCM,data:SU0k3asrJd+WZ86VbC4w8TDJp+MqsbyagrzCfDcgTzO5yvBjpWAKbJ7A+VxgQvdu4+S2jMYbdrONPp3YbQ==,iv:VMYmGVk5GpUQApKKQYhdOw/cYCXrXxEZJJwHfQL4MjQ=,tag:7ruaoCDxuFQ7tE/JLJ37Xw==,type:str] -blake: ENC[AES256_GCM,data:Mwhw7/GupJg=,iv:8dtqYtzKnarP8HrsUmhrg3fcmVPSAJKN3mIWXCBo75s=,tag:7BNBXcopKpENWOZe0KAvpA==,type:str] +blake_pass: ENC[AES256_GCM,data:IMAQHFXu1Rc=,iv:jcdVxQpt51Ca5OO3S0GIkU5WyIkLfAutY/CncGKQ+S4=,tag:ujI6sh+0G9Mh7rcw5qHf6A==,type:str] sops: age: - recipient: age14gfh682a7m7jfp3qrulql03x5rs7yedwmxwksxrrmgjsunstyuksqx93pz @@ -22,7 +22,7 @@ sops: U0tmdFBuZnJES3piOTZNV0VKQmQ0eVUKCWRQ/flLzmpC64WyLoipklZBmrkpYiUg PRu+itNolpPTHm96pe+P93g2iP0wgekG0cX21wkiU2xaLF3dY2FEIA== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-10-06T15:30:15Z" - mac: ENC[AES256_GCM,data:8XrKLjlcz6dp+h8V2QeiXv0Rb94iAVSGaWFNUpzpH9jxk9poMfq8rxgvcpWgbYMJFANVSOdy0tpaW9uZR9N+1jLzcgq3eaQJxxBlY7yWyPWb0uwmt3EU55kZ0ui/Zn6+8soYAIEiNmWN7oD3OwL2Vc9YnBesI/fJ6XuE9jj5MqA=,iv:BVuyI4WdHtNv+sOMXI/EJUjHNjeOTFOELXUfVq8ENSg=,tag:jN/7jt155zGZhWUBEQ7Crg==,type:str] + lastmodified: "2025-10-06T15:41:26Z" + mac: ENC[AES256_GCM,data:oGqEUYGi3whzhF3bOdG9hCDJQu5tVTkKK7EDfSHZ4yMEP6MPigYhoFFRNEGYb+smvzefVM3LohJlqpVNA3Go8SVLwHWhrsMwpjgHEK43+4G2G8OYuUCWTpUQW2MZRMpRS2A+jz2DqdNpfk/HzgPnZMXPp32eROKTy/5Io4z/j3c=,iv:Vf91C96uJ03qcIIfnU9VNz2p/O0XMybg2boIxSTGLt8=,tag:teNQXt5xOWlUA379NnGLxw==,type:str] unencrypted_suffix: _unencrypted version: 3.10.2