kat/nixfiles
1
0
Fork 0
mirror of https://github.com/kittywitch/nixfiles.git synced 2026-02-09 04:19:19 -08:00
Code Issues Projects Releases Packages Wiki Activity

feat: foundation for secrets under NixOS

Browse source
This commit is contained in:
Kat Inskip 2022-12-02 02:06:54 +01:00
parent ae7d7de111
commit bc01d35279
Signed by: kat
GPG key ID: 465E64DECEA8CF0F
3 changed files with 182 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

12
default.nix
View file

@ -1,4 +1,4 @@
{ nixpkgs, darwin, home-manager, ... }@inputs: let
{ nixpkgs, darwin, home-manager, scalpel ... }@inputs: let
tree = (inputs.tree.tree {
inherit inputs;
folder = ./.;
@ -18,7 +18,7 @@
inherit (lib.attrsets) mapAttrs;
in {
inherit tree;
nixosConfigurations = mapAttrs (name: path: nixpkgs.lib.nixosSystem {
nixosConfigurations = let base = mapAttrs (name: path: nixpkgs.lib.nixosSystem {
specialArgs = {
inherit inputs tree;
machine = name;
@ -26,9 +26,15 @@ in {
system = "x86_64-linux";
modules = [
home-manager.nixosModules.home-manager
agenix.nixosModule
path
];
} ) tree.nixos.systems;
} ) tree.nixos.systems in mapAttrs (_: sys: sys.extendModules {
modules = [ scalpel.nixosModule ];
specialArgs = {
prev = sys;
};
} ) base;
darwinConfigurations = mapAttrs (name: path: darwin.lib.darwinSystem {
specialArgs = {
inherit inputs tree;

162
flake.lock generated
View file

@ -1,5 +1,26 @@
{
"nodes": {
"agenix": {
"inputs": {
"nixpkgs": [
"ragenix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1665870395,
"narHash": "sha256-Tsbqb27LDNxOoPLh0gw2hIb6L/6Ow/6lIBvqcHzEKBI=",
"owner": "ryantm",
"repo": "agenix",
"rev": "a630400067c6d03c9b3e0455347dc8559db14288",
"type": "github"
},
"original": {
"owner": "ryantm",
"repo": "agenix",
"type": "github"
}
},
"darwin": {
"inputs": {
"nixpkgs": [
@ -74,15 +95,156 @@
"type": "github"
}
},
"nixpkgs-21_11": {
"locked": {
"lastModified": 1654346688,
"narHash": "sha256-Y7QtZkfdxTvACCvWmDjpN6qOf4OKkZATufHcJP2VMKM=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "2de556c4cd46a59e8ce2f85ee4dd400983213d45",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "release-21.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-22_05": {
"locked": {
"lastModified": 1654373220,
"narHash": "sha256-3vKFnZz2oYHo4YcelaNOhO4XQ2jiIEXrp1s4w+e773c=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "d6cb04299ce8964290ae7fdcb87aa50da0500b5c",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "release-22.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1654245945,
"narHash": "sha256-PV6MZ+HuNnyLxQGa2rwt0BmCRkQS2xqhc+SeJLQM+WU=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "442db9429b9fbdb6352cfb937afc8ecccfe2633f",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"ragenix": {
"inputs": {
"agenix": "agenix",
"flake-utils": [
"flake-utils"
],
"nixpkgs": [
"nixpkgs"
],
"rust-overlay": "rust-overlay"
},
"locked": {
"lastModified": 1667808611,
"narHash": "sha256-HHxTosiswFFS5PHLalpa3OKKl3R9BdgMk7pY4tjX2HU=",
"owner": "yaxitech",
"repo": "ragenix",
"rev": "f34618bd9e93edab1f0d62fc3619af7d2d8e5a0c",
"type": "github"
},
"original": {
"owner": "yaxitech",
"repo": "ragenix",
"type": "github"
}
},
"root": {
"inputs": {
"darwin": "darwin",
"flake-utils": "flake-utils",
"home-manager": "home-manager",
"nixpkgs": "nixpkgs",
"ragenix": "ragenix",
"scalpel": "scalpel",
"tree": "tree"
}
},
"rust-overlay": {
"inputs": {
"flake-utils": [
"ragenix",
"flake-utils"
],
"nixpkgs": [
"ragenix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1667271616,
"narHash": "sha256-qR43NUFFoKfDRro3M1SarTYVfTn8WvWznGJX5eNCNZw=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "3cbe6891588e1efad2491f87a54be26aeed1fac0",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
},
"scalpel": {
"inputs": {
"nixpkgs": [
"nixpkgs"
],
"sops-nix": "sops-nix"
},
"locked": {
"lastModified": 1655566736,
"narHash": "sha256-Vyolf8j7QcAHyVTQMqS8EGYZ/P6leJtiVNhYyIxoMRw=",
"owner": "polygon",
"repo": "scalpel",
"rev": "16c2103d613bb1c7adc6dbf2a17c2980ce08567f",
"type": "github"
},
"original": {
"owner": "polygon",
"repo": "scalpel",
"type": "github"
}
},
"sops-nix": {
"inputs": {
"nixpkgs": "nixpkgs_2",
"nixpkgs-21_11": "nixpkgs-21_11",
"nixpkgs-22_05": "nixpkgs-22_05"
},
"locked": {
"lastModified": 1654401128,
"narHash": "sha256-uCdQ2fzIPGakHw2TkvOncUvCl7Fo7z/vagpDWYooO7s=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "f075361ecbde21535b38e41dfaa28a28f160855c",
"type": "github"
},
"original": {
"owner": "Mic92",
"repo": "sops-nix",
"type": "github"
}
},
"tree": {
"inputs": {
"nixpkgs": [

11
flake.nix
View file

@ -15,6 +15,17 @@
url = "github:kittywitch/tree";
inputs.nixpkgs.follows = "nixpkgs";
};
ragenix = {
url = "github:yaxitech/ragenix";
inputs = {
nixpkgs.follows = "nixpkgs";
flake-utils.follows = "flake-utils";
};
};
scalpel = {
url = "github:polygon/scalpel";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs = { ... }@inputs: import ./default.nix inputs;
}