refactor: centralize SOPS configuration in separate file

2025-09-03 14:22:01 +05:30
parent 3d2f53e8f5
commit be5b646ece
12 changed files with 39 additions and 30 deletions
--- a/nixos/tsuba/configuration.nix
+++ b/nixos/tsuba/configuration.nix
@@ -13,11 +13,6 @@

  nixpkgs.config.allowUnfree = true;
  security.sudo.wheelNeedsPassword = false;
-  sops = {
-    defaultSopsFile = ../../secrets/secrets.yaml;
-    defaultSopsFormat = "yaml";
-    age.keyFile = "/home/servius/.config/sops/age/keys.txt";
-  };
  nix = {
    settings = {
      auto-optimise-store = true;
--- a/nixos/tsuba/default.nix
+++ b/nixos/tsuba/default.nix
@@ -49,6 +49,7 @@
          ./services
          ./disk-config.nix
          ./${name}.nix
+          ../../sops.nix
        ];
      }
  )
--- a/nixos/tsuba/services/caddy.nix
+++ b/nixos/tsuba/services/caddy.nix
@@ -31,11 +31,11 @@
            }
        }
      '';
-      # package = pkgs.caddy.withPlugins {
-      #   plugins = ["github.com/caddy-dns/hetzner@v1.0.0"];
-      #   hash = "sha256-9ea0CfOHG7JhejB73HjfXQpnonn+ZRBqLNz1fFRkcDQ=";
-      # };
-      package = pkgs.caddyWithHetzner;
+      package = pkgs.caddy.withPlugins {
+        plugins = ["github.com/caddy-dns/hetzner@v1.0.0"];
+        hash = "sha256-9ea0CfOHG7JhejB73HjfXQpnonn+ZRBqLNz1fFRkcDQ=";
+      };
+      # package = pkgs.caddyWithHetzner;
    };
  };
  systemd.services.caddy = {