sops-nix

mirror of https://github.com/Mic92/sops-nix.git synced 2024-12-14 11:57:52 +00:00

Author	SHA1	Message	Date
Maximilian Bosch	df2d4bbbfc	modules/sops: fix manual * Since `0d957142b6` the manual doesn't build since `<name>` is interpreted by docbook as (unmatched) XML-tag. I decided to use `<xref linkend` as this provides proper linking to the referenced option. * Also, if the module is included on a machine where `sops` isn't used, but `documentation.nixos.includeAllModules = true;` is set, the module wouldn't evaluate because `config.sopsFile` is referenced in a `default`-tag. This is generally an issue since every change to this option would trigger a rebuild of the manual anyways. See also `94fd200305` for that.	2021-07-10 16:11:31 +02:00
Jörg Thalheim	87a27217b2	Merge pull request #102 from NickCao/master add readonly option sopsFileHash	2021-07-07 16:58:06 +01:00
Nick Cao	0d957142b6	add readonly option sopsFileHash	2021-07-04 14:01:37 +08:00
Jörg Thalheim	c4f7025e5d	README: simplify installing sops-nix into shell.nix	2021-07-03 09:42:47 +02:00
Jörg Thalheim	d4c6f466cc	Merge pull request #100 from Mic92/dependabot/go_modules/go.mozilla.org/sops/v3-3.7.1 Bump go.mozilla.org/sops/v3 from 3.5.0 to 3.7.1	2021-07-03 08:21:49 +01:00
Jörg Thalheim	45900975cb	golangci-lint: increase timeout	2021-07-03 09:18:15 +02:00
Jörg Thalheim	4b156e10c8	flake: update nixpkgs	2021-07-03 09:18:00 +02:00
Jörg Thalheim	3261557508	update vendorSha256	2021-07-03 09:05:37 +02:00
dependabot[bot]	6f1ad4a008	Bump go.mozilla.org/sops/v3 from 3.5.0 to 3.7.1 Bumps [go.mozilla.org/sops/v3](https://github.com/mozilla/sops) from 3.5.0 to 3.7.1. - [Release notes](https://github.com/mozilla/sops/releases) - [Changelog](https://github.com/mozilla/sops/blob/master/CHANGELOG.rst) - [Commits](https://github.com/mozilla/sops/compare/v3.5.0...v3.7.1) --- updated-dependencies: - dependency-name: go.mozilla.org/sops/v3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2021-07-03 07:00:00 +00:00
Jörg Thalheim	94535c632d	Merge pull request #99 from Mic92/sops-import-keys-hook Replace sops-gpg-hook with sops-import-keys-hook	2021-07-03 07:55:22 +01:00
Jörg Thalheim	6d27428b35	dependabot: add go	2021-07-03 08:52:01 +02:00
Jörg Thalheim	34a650555e	fix nixos-test We no longer require membership in keys group.	2021-07-03 08:20:27 +02:00
Jörg Thalheim	73e19bf11b	Replace sops-gpg-hook with sops-import-keys-hook	2021-07-03 08:08:38 +02:00
Jörg Thalheim	7918c59b39	Merge pull request #97 from Mic92/fix-permissions allow non-key group users to access /run/secrets	2021-06-05 19:51:02 +02:00
Jörg Thalheim	835f825646	Merge branch 'master' into fix-permissions	2021-06-05 18:02:17 +02:00
Jörg Thalheim	351c716739	allow non-key group users to access /run/secrets This does not significantly decrease security while making it a lot more convinient. There are also services, where it is not possible to set the keys group i.e. if a daemon unsets all groups. Processes still won't be able to list other secrets if they are not in the secret group. fixes #86	2021-06-05 17:59:22 +02:00
Jörg Thalheim	4f384662a8	Merge pull request #92 from Mic92/dependabot/github_actions/cachix/cachix-action-v10 Bump cachix/cachix-action from v9 to v10	2021-04-19 14:55:26 +01:00
dependabot[bot]	f82b674ca0	Bump cachix/cachix-action from v9 to v10 Bumps [cachix/cachix-action](https://github.com/cachix/cachix-action) from v9 to v10. - [Release notes](https://github.com/cachix/cachix-action/releases) - [Commits](https://github.com/cachix/cachix-action/compare/v9...73e75d1a0cd4330597a571e8f9dedb41faa2fc4e) Signed-off-by: dependabot[bot] <support@github.com>	2021-04-19 06:04:13 +00:00
Jörg Thalheim	ade2f5c171	Merge pull request #90 from Mic92/dependabot/github_actions/cachix/cachix-action-v9 Bump cachix/cachix-action from v8 to v9	2021-04-12 12:23:28 +01:00
Jörg Thalheim	87bb906c30	Merge branch 'master' into dependabot/github_actions/cachix/cachix-action-v9	2021-04-05 08:43:43 +01:00
Jörg Thalheim	5e0ea90c78	Merge pull request #91 from Mic92/dependabot/github_actions/cachix/install-nix-action-v13 Bump cachix/install-nix-action from v12 to v13	2021-04-05 08:42:31 +01:00
dependabot[bot]	5b1266590c	Bump cachix/install-nix-action from v12 to v13 Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from v12 to v13. - [Release notes](https://github.com/cachix/install-nix-action/releases) - [Commits](https://github.com/cachix/install-nix-action/compare/v12...8d6d5e949675fbadb765c6b1a975047fa5f09b27) Signed-off-by: dependabot[bot] <support@github.com>	2021-04-05 06:21:56 +00:00
dependabot[bot]	243c2362b9	Bump cachix/cachix-action from v8 to v9 Bumps [cachix/cachix-action](https://github.com/cachix/cachix-action) from v8 to v9. - [Release notes](https://github.com/cachix/cachix-action/releases) - [Commits](https://github.com/cachix/cachix-action/compare/v8...2689c27f57daedc905895d92ad18fe5ce470df9e) Signed-off-by: dependabot[bot] <support@github.com>	2021-04-05 06:21:53 +00:00
Jörg Thalheim	441227c4fd	Merge pull request #89 from Ma27/manual-rebuild module: Don't set option-value as option-default	2021-04-04 07:49:48 +01:00
Maximilian Bosch	94fd200305	module: Don't set option-value as option-default When using `documentation.nixos.includeAllModules = true;`, I'd otherwise have to rebuild the manual on each change since I have my `defaultSopsFile` in a git-repo with all my other configs.	2021-03-28 22:58:13 +02:00
Jörg Thalheim	137d387e78	Merge pull request #87 from ncfavier/master Improve assertions	2021-03-06 11:56:19 +00:00
Naïm Favier	360bfd77ae	improve assertions	2021-03-06 12:34:48 +01:00
Jörg Thalheim	cdcb3230be	Merge pull request #88 from ncfavier/patch-1 flake.nix: provide a nixosModule attribute	2021-03-06 09:40:57 +00:00
Naïm Favier	8dfabd91f8	flake.nix: provide a nixosModule attribute	2021-03-06 10:22:39 +01:00
Jörg Thalheim	5f82119d97	Merge pull request #78 from Mic92/ssh-to-pgp switch to ssh-to-pgp in nixpkgs	2021-02-22 06:03:36 +00:00
Jörg Thalheim	f540b74ced	remove ssh-to-pgp from sops-nix	2021-02-22 06:49:46 +01:00
Jörg Thalheim	d578742590	Merge pull request #81 from berbiche/fix/sops-pgp-hook-strict-shell Fix sops-pgp-hook erroring in a strict shell	2021-02-09 08:41:34 +00:00
Nicolas Berbiche	a3b53c6087	Fix sops-pgp-hook erroring in a strict shell	2021-02-08 15:49:30 -05:00
Jörg Thalheim	c3d43f833b	Merge pull request #79 from hackworthltd/master Add an overlay to the flake.	2021-02-08 08:43:35 +00:00
Drew Hess	ecb42cdcf9	Add an overlay to the flake.	2021-02-06 16:47:44 +00:00
Jörg Thalheim	4a8cb2bd50	Merge pull request #76 from Mic92/cross-fixes	2021-02-01 13:10:44 +00:00
Jörg Thalheim	afee6a053b	golangci-lint: fix build	2021-02-01 13:51:51 +01:00
Jörg Thalheim	d665aecd88	fix 32-bit build	2021-02-01 13:50:17 +01:00
Jörg Thalheim	b37a5b9a45	update nixpkgs	2021-02-01 13:50:17 +01:00
Jörg Thalheim	444b289bc2	Merge pull request #74 from lovesegfault/fix-lib	2021-02-01 08:32:57 +00:00
Jörg Thalheim	dc4397b244	Merge branch 'master' into fix-lib	2021-02-01 08:09:02 +00:00
Jörg Thalheim	31511bf445	Merge pull request #73 from Mic92/cross fix cross compilation	2021-02-01 08:08:35 +00:00
Bernardo Meurer	dd7dfdcb6a	pkgs: don't reference deprecated stdenv.lib `stdenv.lib` has been deprecated in favor of using `lib` directly.	2021-01-31 18:02:23 -08:00
Jörg Thalheim	23fae8a8b1	fix cross compilation	2021-01-30 10:26:09 +01:00
Jörg Thalheim	ab321bf72a	Merge pull request #71 from Mic92/ramfs only mount ramfs once	2021-01-28 21:47:20 +00:00
Jörg Thalheim	4de7358a2b	only mount ramfs once	2021-01-28 22:36:12 +01:00
Jörg Thalheim	3735915c48	Merge pull request #69 from Mic92/lists	2021-01-27 06:41:06 +00:00
Jörg Thalheim	47a99b6957	Merge branch 'master' into lists	2021-01-27 06:23:50 +00:00
Jörg Thalheim	80ad73c347	fix sops files that contains lists fixes #68	2021-01-27 07:22:56 +01:00
Jörg Thalheim	e4592cce2a	Merge pull request #66 from madonius/patch-1	2021-01-26 15:35:00 +00:00

... 3 4 5 6 7 ...

401 commits