Sebastian Sellmeier
4371a1301c
home-manager: minor oversight cleanup
2024-04-22 10:39:12 +02:00
Jörg Thalheim
e31339a204
home-manager: fix implicit dependency on coreutils
...
fixes https://github.com/Mic92/sops-nix/issues/542
2024-04-19 08:18:56 +00:00
Jörg Thalheim
58b9a13a37
home-manager: fix key store path check for strings
...
fixes https://github.com/Mic92/sops-nix/issues/535
2024-04-18 13:12:29 +02:00
Sebastian Sellmeier
a9795d1959
home-manager: Change defaultSymlinkPath to "<xdg-config-home>/sops-nix/secrets"
2024-04-18 08:22:30 +00:00
the-furry-hubofeverything
74f03c1a51
Refuse age keyfile paths that are in the nix store
2024-04-18 08:17:46 +00:00
Sebastian Sellmeier
dacc9519f5
home-manager: Include home.activation-script for linux similar to macos
2024-04-18 08:02:04 +00:00
Joachim Ernst
cc535d07cb
remove all uses of lib.mdDoc ( #532 )
2024-04-15 11:55:09 +02:00
Jörg Thalheim
fa8035c073
use gnupg binary also now for ssh rsa keys
...
With the last sops bump, our gpg keys are no longer detected by sops without it
2024-03-14 15:47:03 +01:00
Luflosi
7f015eeff1
modules/sops: fix typo
...
The assertion below states: "Exactly one of sops.gnupg.home and sops.gnupg.sshKeyPaths must be set".
2024-03-14 12:52:12 +01:00
Quentin Smith
f6b80ab6cd
Address review comments
2024-02-21 07:24:54 +00:00
Quentin Smith
fbec55367f
modules/sops/templates: Support custom files as secret templates
...
This exposes the `file` option, which can be used with `pkgs.formats` to write additional configuration formats.
2024-02-21 07:24:54 +00:00
DDoSolitary
f88661c9a9
Revert "don't substitute binaries"
...
This reverts commit 7711514b85
.
With db82bcafd4
, we no longer need to
ensure that the pair list only contains utf-8 text, as long as users
don't reference non-utf-8 data in template content.
Fixes Mic92/sops-nix#439 .
2024-02-20 16:46:05 +00:00
DDoSolitary
f805f3061a
template rendering should only read referenced secrets
...
Adds an extra check to determine if the placeholder ocurrs in template
content before actually reading the corresponding secret file.
In terms of performance, this adds an extra string search, but removes
possibly unneceassary file reading if the secret is not used in the
template, though both of them should be negligible in most cases.
Fixes Mic92/sops-nix#496 .
2024-02-20 16:46:05 +00:00
Sirio Balmelli
48afd3264e
home-manager/darwin: run sops-nix-user _once_ on login or activation
...
Correct a bug where 'KeepAlive' in the launchd service
'org.nix-community.home.sops-nix.plist'
re-runs 'sops-nix-user' every few seconds.
This should run:
- once at boot
- once at home-manager profile activation
Signed-off-by: Sirio Balmelli <sirio@b-ad.ch>
2024-02-13 17:36:42 +01:00
Jörg Thalheim
695275c349
make sops-install-secrets work with sysusers
2024-02-12 15:30:32 +01:00
Jörg Thalheim
00071af896
move secrets-fo-users to it's own module
...
This preparation to support sysusers.
No behavior change.
2024-02-08 12:26:52 +00:00
Edward Tjörnhammar
7711514b85
don't substitute binaries
2023-10-14 22:09:48 +00:00
Jörg Thalheim
4d284ca58c
nixos: fix typo in assertion message when no key source is configured
2023-09-18 19:13:37 +02:00
Kilian Mio
d9c5dc41c4
fix: systemd unit file
...
Make sure passwords are ready for services part of graphical-session.target
2023-08-30 15:08:19 +01:00
Maximilian Bosch
f81e73cf9a
modules/sops: fix description of useTmpfs
( #385 )
...
It's supposed to be mdDoc rather than mkDoc.
2023-08-15 20:23:48 +01:00
Physics Enthusiast
32603de0dc
Configure the systemd user service to start with graphical session if use of a passphrase is detected ( #346 )
...
* Update sops.nix systemd user service target
* Use conditional to detect if gnupg.home is set before setting the WantedBy to graphical-session.target
2023-08-13 09:38:40 +01:00
Mic92
339a559402
Add configuration option to use tmpfs in place of ramfs ( #355 )
...
allow use of tmpfs via option configuration
* Tabs vs Spaces
* Update modules/sops/default.nix
* Update modules/sops/default.nix
2023-08-12 09:45:08 +01:00
zowoq
dca9e50fe3
modules/sops/templates: isCoercibleToString -> isConvertibleWithToString
...
834f0d660a
2023-08-12 09:27:30 +01:00
ajs124
3b26d8f58b
literalDocBook -> literalMD
2023-06-20 15:08:13 +02:00
Maximilian Bosch
f10110ddef
modules/sops/templates: declare defaultText
for sops.templates.<name>.group
...
When using `documentation.nixos.includeAllModules = true;` this fails
for me with
error: attribute 'users' missing
at /nix/store/30jax2y4q3d1xyf8ha3cwilw3kdz4pn8-source/modules/sops/templates/default.nix:8:11:
7| secretsForUsers = lib.filterAttrs (_: v: v.neededForUsers) cfg.secrets;
8| users = config.users.users;
| ^
9| in {
(use '--show-trace' to show detailed location information)
Not depending on `config` when building the manual fixes the issue.
2023-04-25 21:45:42 +02:00
Janne Heß
679ad65214
templates: Add descriptions and use singleLineStr
2023-04-23 12:56:01 +02:00
bors[bot]
5698b06b07
Merge #316
...
316: HM: make `secretsMountPoint` and `symlinkPath` configurable r=Mic92 a=Shawn8901
Co-authored-by: MidAutumnMoon <me@418.im>
2023-04-18 12:41:35 +00:00
mlatus
4de4d820ba
fix scope in sops.templates; add relevant test
2023-04-18 12:47:12 +08:00
MidAutumnMoon
37400a275d
HM: make secretsMountPoint
and symlinkPath
configurable
2023-04-17 18:30:23 +02:00
Jörg Thalheim
800f2cd885
Update modules/sops/templates/default.nix
2023-03-21 18:19:08 +00:00
mlatus
d93c3bf08e
inline option type and submodule
2023-03-21 21:23:20 +08:00
Ninlives
8c4ecdc301
Apply suggestions from code review
...
Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
2023-03-21 21:20:42 +08:00
mlatus
efd85fbf51
code improvement; use more secure flow to create secret file
2023-03-15 13:56:51 +08:00
mlatus
c955d8fe91
typo
2023-03-14 00:09:48 +08:00
mlatus
c4c39450b1
add sops.templates
2023-03-13 23:56:19 +08:00
pogobanane
e4b99135e5
Home-maager: support init and dotenv
...
Co-authored-by: Jörg Thalheim <Mic92@users.noreply.github.com>
2023-02-03 10:30:30 +01:00
Matthew Toohey
c4ff0f37ef
Save launchd logs
2023-02-02 12:07:00 +01:00
Matthew Toohey
c3d2a46e44
Disable systemd service outside of Linux
2023-02-02 12:07:00 +01:00
Pogobanane
466d039190
darwin/home-manager: %r dir
2023-02-02 12:07:00 +01:00
Anil Anar
5e580b4bdd
Fix missing spaces in script
2023-02-02 11:38:03 +01:00
Janne Heß
7f38c98162
More review fixups
2023-02-02 11:38:03 +01:00
Janne Heß
8b4048123e
Add a launchd service to the home-manager module
2023-02-02 11:38:03 +01:00
Janne Heß
acaf36a1bf
Implement home-manager support
...
Closes #62
Closes #163
2023-02-02 11:38:03 +01:00
lucasew
eb09a61dc9
format type: add dotenv and ini
...
Signed-off-by: lucasew <lucas59356@gmail.com>
2023-01-17 10:55:52 -03:00
Naïm Camille Favier
de37ae4b4a
module: add defaultText to validationPackage
...
Makes flake-info succeed
2022-07-21 09:04:38 +02:00
dramforever
fc2b603a9b
Add validationPackage option for cross-compilation
2022-07-12 09:39:40 +08:00
Jos van Bakel
5ae679b566
Add package option to module
2022-04-23 16:58:11 +02:00
Janne Heß
5e2f743edd
Re-add service restarts
...
We also have service reloads now, so add them as well
2022-03-14 17:30:56 +01:00
Naïm Favier
4e887466a1
Add defaultText to some options to make flake-info succeed
2022-02-26 16:20:19 +01:00
Jörg Thalheim
95b4393147
Revert "allow to disable sops"
...
This reverts commit 43f44540b8
.
This commit was not intended for master
2022-02-07 14:34:38 +01:00