mirrors/sops-nix
mirrors/sops-nix
1
0
Fork 0
mirror of https://github.com/Mic92/sops-nix.git synced 2025-03-19 15:03:04 +00:00
Code Activity
856 commits 17 branches 1 tag 2.3 MiB
Commit graph

37 commits

Author SHA1 Message Date
Martijn de Munnik
a4c33bfecb Allow to set uid and gid instead of owner and group. No checks will be performed when uid and gid are set. 
```
sops.secrets = {
  sslCertificate = {
    sopsFile = ./secrets.yaml;
    owner = "";
    group = "";
    uid = config.containers."nginx".config.users.users."nginx".uid;
    gid = config.containers."nginx".config.users.groups."nginx".gid;
  };
  sslCertificateKey = {
    sopsFile = ./secrets.yaml;
    owner = "";
    group = "";
    uid = config.containers."nginx".config.users.users."nginx".uid;
    gid = config.containers."nginx".config.users.groups."nginx".gid;
  };
};
```

Co-authored-by: Jörg Thalheim <Mic92@users.noreply.github.com>
 2024-10-23 07:38:42 +00:00
Jörg Thalheim
2750ed784e nixos-tests: enable system switch again 2024-10-06 16:02:18 +00:00
r-vdp
d9d781523a Support userborn 2024-09-05 12:42:46 +00:00
Ramses
5db5921e40
Reuse the existing nixpkgs instance for the tests instead of re-importing it (#611) 
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
 2024-09-01 14:30:42 +00:00
the-furry-hubofeverything
74f03c1a51 Refuse age keyfile paths that are in the nix store 2024-04-18 08:17:46 +00:00
Jörg Thalheim
695275c349 make sops-install-secrets work with sysusers 2024-02-12 15:30:32 +01:00
Jörg Thalheim
2168851d58 nixos-tests: drop < 23.11 compat code 2024-02-08 13:05:11 +00:00
pizmovc
0a9d5e41f6 fixup! Rename passwordFile to hashedPasswordFile 2023-11-06 06:36:07 +00:00
pizmovc
4e3f66f703 Rename passwordFile to hashedPasswordFile 
This follows the rename that was done in nixpkgs.

Reference PR https://github.com/NixOS/nixpkgs/pull/254080
 2023-11-06 06:36:07 +00:00
mlatus
4de4d820ba fix scope in sops.templates; add relevant test 2023-04-18 12:47:12 +08:00
mlatus
bae4d46397 add test for sops.templates 2023-03-23 23:06:04 +08:00
Janne Heß
8f8e4e7cdd
Fix test indentation once and for all 2022-07-09 00:07:09 +02:00
Janne Heß
a94c4a7d40
Remove the 21.11 version 2022-07-04 20:23:46 +02:00
Jörg Thalheim
5d69dafb8d
no longer use deprecated .machine attribute in nixos tests 2022-05-25 08:55:27 +02:00
Janne Heß
5e2f743edd
Re-add service restarts 
We also have service reloads now, so add them as well
 2022-03-14 17:30:56 +01:00
Janne Heß
23259ded2c Remove restart logic from README and test 
The required code in nixpkgs was reverted so we should not advertise a
feature that does not work. We can revert this commit if the feature is
re-merged into 22.05 with the proper version in it.
 2021-11-29 10:24:45 +01:00
Janne Heß
bac2a891b7
Fix user passwords disappearing 
Also add a test case for this.
Closes #137
 2021-11-13 14:17:51 +01:00
Janne Heß
af29ac4d84
Prune old secrets generations 
Closes #128
 2021-11-09 23:17:55 +01:00
Janne Heß
bac08f6919
Allow setting user passwords 2021-11-07 13:53:16 +01:00
Janne Heß
9683d128bd
Add support for restarting/reloading units 2021-11-07 12:37:57 +01:00
Janne Heß
2b9a0815ca
Implement nested secrets 2021-09-30 21:49:47 +02:00
Jörg Thalheim
c5e0f55d8d nixos-tests: fix identations 2021-09-30 21:09:26 +02:00
Janne Heß
4cebc08062
Fix age key generation and test it 2021-09-30 15:28:39 +02:00
Janne Heß
4568162629
Import age ssh keys by default 2021-09-24 12:09:53 +02:00
Janne Heß
db8fcb50a3
Add support for ssh-generated age keys 2021-09-24 12:09:52 +02:00
Janne Heß
b21c0ce3a8
Group gnupg and age in the module 2021-09-24 12:09:52 +02:00
Janne Heß
f5a2ba217b
Add age support 2021-09-24 12:09:52 +02:00
Janne Heß
ebfa120b52
Fix pipeline on unstable 2021-09-17 21:08:34 +02:00
Jörg Thalheim
34a650555e
fix nixos-test 
We no longer require membership in keys group.
 2021-07-03 08:20:27 +02:00
Eduard Bopp
0be44e088b Fix impurity in test invocation 
The system must be specified, as its default is
`builtins.currentSystem`, which is disallowed as an impure function
during flake evaluation.
 2021-01-26 15:48:56 +01:00
Jörg Thalheim
bffb0afb48
fix replace existing files 2020-07-19 23:23:38 +01:00
Jörg Thalheim
59803f7530
fix user manifest validation in sandbox 
we should not lookup users there
 2020-07-19 21:04:58 +01:00
Jörg Thalheim
4eda6711ba
fix /etc/secrets.d permissions 2020-07-14 13:21:07 +01:00
Jörg Thalheim
7bd84011ef
fix sops nixos module 2020-07-12 17:52:03 +01:00
Jörg Thalheim
1745bb9f95
build nixos tests on CI. 2020-07-12 17:45:31 +01:00
Jörg Thalheim
38e71e351c
reference nixos tests in sops-install-secrets 2020-07-12 16:59:20 +01:00
Jörg Thalheim
b75e51c423
add tests + ssh key support 2020-07-12 13:50:55 +01:00