[secrets] Setup initial example secrets

2024-09-28 09:04:25 -07:00
parent 8e27017aa4
commit b5f2e1738f
6 changed files with 134 additions and 25 deletions
--- a/flake.nix
+++ b/flake.nix
@@ -4,60 +4,63 @@
  inputs = {
    nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";

+    sops-nix = {
+      url = "github:Mic92/sops-nix";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+
    home-manager = {
      url = "github:nix-community/home-manager";
      inputs.nixpkgs.follows = "nixpkgs";
    };
  };

-  outputs = { self, nixpkgs, ... } @ inputs: {
+  outputs = { self, nixpkgs, ... } @ inputs: let
+    baseModules = [
+      ./roles
+      inputs.sops-nix.nixosModules.sops
+      inputs.home-manager.nixosModules.home-manager
+      {
+        home-manager.useGlobalPkgs = true;
+        home-manager.useUserPackages = true;
+      }
+    ];
+  in {
    nixosConfigurations.z790prors-nix = nixpkgs.lib.nixosSystem rec {
      system = "x86_64-linux";
-      modules = [
-        ./roles
-        ./machines/z790prors/configuration.nix 
-        inputs.home-manager.nixosModules.home-manager
+      specialArgs = { inherit inputs; };
+      modules = baseModules ++ [
+        ./machines/z790prors/configuration.nix
        {
-          home-manager.useGlobalPkgs = true;
-          home-manager.useUserPackages = true;
          home-manager.users.johno = import ./home/home-z790prors.nix;
-          home-manager.extraSpecialArgs = {
-            customPkgs = nixpkgs.legacyPackages."${system}".callPackage ./packages {};
-          };
+          home-manager.extraSpecialArgs.customPkgs =
+            nixpkgs.legacyPackages."${system}".callPackage ./packages {};
        }
      ];
    };

    nixosConfigurations.nix-book = nixpkgs.lib.nixosSystem rec {
      system = "x86_64-linux";
-      modules = [
-        ./roles
+      modules = baseModules ++ [
        ./machines/nix-book/configuration.nix
-        inputs.home-manager.nixosModules.home-manager
        {
-          home-manager.useGlobalPkgs = true;
-          home-manager.useUserPackages = true;
          home-manager.users.johno = import ./home/home-nix-book.nix;
-          home-manager.extraSpecialArgs = {
-            customPkgs = nixpkgs.legacyPackages."${system}".callPackage ./packages {};
-          };
+          home-manager.extraSpecialArgs.customPkgs =
+            nixpkgs.legacyPackages."${system}".callPackage ./packages {};
        }
      ];
    };

    nixosConfigurations.boxy = nixpkgs.lib.nixosSystem rec {
      system = "x86_64-linux";
-      modules = [
-        ./roles
+      modules = baseModules ++ [
        ./machines/boxy/configuration.nix
        # inputs.home-manager.nixosModules.home-manager
        # {
-        #   home-manager.useGlobalPkgs = true;
-        #   home-manager.useUserPackages = true;
        #   home-manager.users.johno = import ./home/home-default.nix;
-        #   home-manager.extraSpecialArgs = {
+        #   home-manager.extraSpecialArgs.customPkgs =
+        #     nixpkgs.legacyPackages."${system}".callPackage ./packages {};
        #     customPkgs = nixpkgs.legacyPackages."${system}".callPackage ./packages {};
-        #   };
        # }
      ];
    };