andreijiroh.dev / nixops-config
NixOS + home-manager configs, mirrored from GitLab SaaS. gitlab.com/andreijiroh-dev/nixops-config
nix-flake nixos home-manager nixpkgs nix-flakes
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

chore(secretops): tweak configs relating to agenix-rekey stuff

In a nutshell:
- Add the `agenix-rekey` NixOS package overlay for system-wide access w/o
needing to "nix shell" first
- Add age and rage to the list of packages installed on all machines
- Minor tweak at agenix.nix for conditional enablement

Signed-off-by: Andrei Jiroh Halili <ajhalili2006@andreijiroh.dev>

Andrei Jiroh Halili 3108a503 23861a5f

+11 -1
+5 -1
shared/agenix.nix
··· 25 25 # agenix-rekey.nixosModules.default 26 26 #]; 27 27 28 - config = { 28 + config = lib.mkIf cfg.enable { 29 29 age.rekey = { 30 30 # Master identity - private key used for decryption (must exist on machine running rekey) 31 31 masterIdentities = [ ··· 42 42 # age.rekey.hostPubkey = "ssh-ed25519 AAAA..."; 43 43 }; 44 44 }; 45 + 46 + environment.systemPackages = with pkgs; [ 47 + agenix-rekey 48 + ]; 45 49 }
+4
shared/meta.nix
··· 53 53 # shell prompt customizations 54 54 starship 55 55 oh-my-posh # as backup lol 56 + 57 + # iykyk secretops (see also agenix.nix) 58 + age 59 + rage 56 60 ]; 57 61 58 62 # home-manager stuff
+2
shared/nix.nix
··· 8 8 self, 9 9 nix4vscode, 10 10 llm-agents, 11 + agenix-rekey, 11 12 ... 12 13 }: 13 14 ··· 24 25 overlays = [ 25 26 self.overlays.default 26 27 nix4vscode.overlays.default 28 + agenix-rekey.overlays.default 27 29 llm-agents.overlays.default 28 30 ]; 29 31 };