github-actions[bot]
a3d165bef5
flake.lock: Update
...
Flake lock file updates:
• Updated input 'nixpkgs':
'github:NixOS/nixpkgs/c66ccfa00c643751da2fd9290e096ceaa30493fc' (2023-08-26)
→ 'github:NixOS/nixpkgs/bfb7dfec93f3b5d7274db109f2990bc889861caf' (2023-09-02)
• Updated input 'nixpkgs-stable':
'github:NixOS/nixpkgs/9117c4e9dc117a6cd0319cca40f2349ed333669d' (2023-08-27)
→ 'github:NixOS/nixpkgs/5601118d39ca9105f8e7b39d4c221d3388c0419d' (2023-09-02)
2023-09-05 09:25:50 +02:00
dependabot[bot]
4c15d89a7f
build(deps): bump actions/checkout from 3 to 4
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-09-05 09:25:43 +02:00
dependabot[bot]
4d4a4a2a1d
build(deps): bump cachix/install-nix-action from 22 to 23
...
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action ) from 22 to 23.
- [Release notes](https://github.com/cachix/install-nix-action/releases )
- [Commits](https://github.com/cachix/install-nix-action/compare/v22...v23 )
---
updated-dependencies:
- dependency-name: cachix/install-nix-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-09-05 07:26:33 +02:00
dependabot[bot]
ba4878530f
update vendorHash
2023-09-05 07:26:07 +02:00
dependabot[bot]
63a38f93cb
build(deps): bump golang.org/x/sys from 0.11.0 to 0.12.0
...
Bumps [golang.org/x/sys](https://github.com/golang/sys ) from 0.11.0 to 0.12.0.
- [Commits](https://github.com/golang/sys/compare/v0.11.0...v0.12.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/sys
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-09-05 07:26:07 +02:00
Kilian Mio
d9c5dc41c4
fix: systemd unit file
...
Make sure passwords are ready for services part of graphical-session.target
2023-08-30 15:08:19 +01:00
Jörg Thalheim
7593c2783d
mergify: switch to buildbot
2023-08-30 14:42:09 +01:00
Jörg Thalheim
66df6576f6
templates: improve docs
2023-08-30 14:35:28 +01:00
dependabot[bot]
c89ee06488
build(deps): bump DeterminateSystems/update-flake-lock from 19 to 20
...
Bumps [DeterminateSystems/update-flake-lock](https://github.com/determinatesystems/update-flake-lock ) from 19 to 20.
- [Release notes](https://github.com/determinatesystems/update-flake-lock/releases )
- [Commits](https://github.com/determinatesystems/update-flake-lock/compare/v19...v20 )
---
updated-dependencies:
- dependency-name: DeterminateSystems/update-flake-lock
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-08-28 23:00:24 +00:00
github-actions[bot]
0618c8f0ed
flake.lock: Update
...
Flake lock file updates:
• Updated input 'nixpkgs':
'github:NixOS/nixpkgs/ca3c9ac9f4cdd4bea19f592b32bb59b74ab7d783' (2023-08-19)
→ 'github:NixOS/nixpkgs/c66ccfa00c643751da2fd9290e096ceaa30493fc' (2023-08-26)
• Updated input 'nixpkgs-stable':
'github:NixOS/nixpkgs/5e63e8bbc46bc4fc22254da1edaf42fc7549c18a' (2023-08-20)
→ 'github:NixOS/nixpkgs/9117c4e9dc117a6cd0319cca40f2349ed333669d' (2023-08-27)
2023-08-27 03:10:04 +00:00
Shyim
1b7b3a32d6
Update pkgs/sops-install-secrets/darwin.go
...
Co-authored-by: Leo Pang <34628052+allthatjazzleo@users.noreply.github.com>
2023-08-22 19:24:38 +01:00
Shyim
fce0c8ce93
fix: add missing argument for MountSecretFs on darwin
2023-08-22 19:24:38 +01:00
Jörg Thalheim
429007f7f3
document templates
2023-08-22 19:23:57 +01:00
github-actions[bot]
4f0f113b7d
flake.lock: Update
...
Flake lock file updates:
• Updated input 'nixpkgs':
'github:NixOS/nixpkgs/f0451844bbdf545f696f029d1448de4906c7f753' (2023-08-12)
→ 'github:NixOS/nixpkgs/ca3c9ac9f4cdd4bea19f592b32bb59b74ab7d783' (2023-08-19)
• Updated input 'nixpkgs-stable':
'github:NixOS/nixpkgs/efeed708ece1a9f4ae0506ae4a4d7da264a74102' (2023-08-12)
→ 'github:NixOS/nixpkgs/5e63e8bbc46bc4fc22254da1edaf42fc7549c18a' (2023-08-20)
2023-08-20 03:08:36 +00:00
Maximilian Bosch
f81e73cf9a
modules/sops: fix description of useTmpfs
( #385 )
...
It's supposed to be mdDoc rather than mkDoc.
2023-08-15 20:23:48 +01:00
Physics Enthusiast
32603de0dc
Configure the systemd user service to start with graphical session if use of a passphrase is detected ( #346 )
...
* Update sops.nix systemd user service target
* Use conditional to detect if gnupg.home is set before setting the WantedBy to graphical-session.target
2023-08-13 09:38:40 +01:00
github-actions[bot]
9d812be0a8
flake.lock: Update
...
Flake lock file updates:
• Updated input 'nixpkgs':
'github:NixOS/nixpkgs/0d2fb29f5071a12d7983319c2c2576be6a130582' (2023-08-05)
→ 'github:NixOS/nixpkgs/f0451844bbdf545f696f029d1448de4906c7f753' (2023-08-12)
• Updated input 'nixpkgs-stable':
'github:NixOS/nixpkgs/240472b7e47a641e9e7675f58b64d3626ca7824d' (2023-08-06)
→ 'github:NixOS/nixpkgs/efeed708ece1a9f4ae0506ae4a4d7da264a74102' (2023-08-12)
2023-08-13 03:06:22 +00:00
dependabot[bot]
5f5d9a3c8b
update vendorHash
2023-08-12 09:00:46 +00:00
dependabot[bot]
7c93670b82
build(deps): bump golang.org/x/crypto from 0.11.0 to 0.12.0
...
Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from 0.11.0 to 0.12.0.
- [Commits](https://github.com/golang/crypto/compare/v0.11.0...v0.12.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-08-12 09:00:46 +00:00
Mic92
339a559402
Add configuration option to use tmpfs in place of ramfs ( #355 )
...
allow use of tmpfs via option configuration
* Tabs vs Spaces
* Update modules/sops/default.nix
* Update modules/sops/default.nix
2023-08-12 09:45:08 +01:00
github-actions[bot]
1c673ba105
flake.lock: Update
...
Flake lock file updates:
• Updated input 'nixpkgs':
'github:NixOS/nixpkgs/f465da166263bc0d4b39dfd4ca28b777c92d4b73' (2023-07-22)
→ 'github:NixOS/nixpkgs/0d2fb29f5071a12d7983319c2c2576be6a130582' (2023-08-05)
• Updated input 'nixpkgs-stable':
'github:NixOS/nixpkgs/ce45b591975d070044ca24e3003c830d26fea1c8' (2023-07-22)
→ 'github:NixOS/nixpkgs/240472b7e47a641e9e7675f58b64d3626ca7824d' (2023-08-06)
2023-08-12 09:28:38 +01:00
zowoq
dca9e50fe3
modules/sops/templates: isCoercibleToString -> isConvertibleWithToString
...
834f0d660a
2023-08-12 09:27:30 +01:00
Jörg Thalheim
c36df4fe4b
Merge pull request #357 from Mic92/dependabot/go_modules/google.golang.org/grpc-1.53.0
...
Bump google.golang.org/grpc from 1.47.0 to 1.53.0
2023-07-24 12:43:36 +01:00
github-actions[bot]
55acdf75ad
flake.lock: Update
...
Flake lock file updates:
• Updated input 'nixpkgs':
'github:NixOS/nixpkgs/46ed466081b9cad1125b11f11a2af5cc40b942c7' (2023-07-15)
→ 'github:NixOS/nixpkgs/f465da166263bc0d4b39dfd4ca28b777c92d4b73' (2023-07-22)
• Updated input 'nixpkgs-stable':
'github:NixOS/nixpkgs/13231eccfa1da771afa5c0807fdd73e05a1ec4e6' (2023-07-16)
→ 'github:NixOS/nixpkgs/ce45b591975d070044ca24e3003c830d26fea1c8' (2023-07-22)
2023-07-24 11:21:20 +00:00
dependabot[bot]
059e7b61cc
update vendorHash
2023-07-24 11:06:34 +00:00
dependabot[bot]
86a84e40ba
Bump google.golang.org/grpc from 1.47.0 to 1.53.0
...
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.47.0 to 1.53.0.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.47.0...v1.53.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-07-24 11:05:07 +00:00
dependabot[bot]
e431e3f9f1
update vendorHash
2023-07-24 11:02:04 +00:00
dependabot[bot]
fa2a515e05
Bump golang.org/x/crypto from 0.9.0 to 0.11.0
...
Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from 0.9.0 to 0.11.0.
- [Commits](https://github.com/golang/crypto/compare/v0.9.0...v0.11.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-07-24 11:02:04 +00:00
github-actions[bot]
bd695cc4d0
flake.lock: Update
...
Flake lock file updates:
• Updated input 'nixpkgs':
'github:NixOS/nixpkgs/2047c642ce0f75307e8a0f2ec94715218c481184' (2023-07-14)
→ 'github:NixOS/nixpkgs/46ed466081b9cad1125b11f11a2af5cc40b942c7' (2023-07-15)
• Updated input 'nixpkgs-stable':
'github:NixOS/nixpkgs/3dc2bc15956db2ff2316af45eefd45803fc1372b' (2023-07-15)
→ 'github:NixOS/nixpkgs/13231eccfa1da771afa5c0807fdd73e05a1ec4e6' (2023-07-16)
2023-07-16 19:16:17 +00:00
Jörg Thalheim
cfe47aff86
Merge pull request #367 from Mic92/dependabot-automation
...
ci/update-vendor-hash: fix pushing from detached head
2023-07-15 08:19:58 +01:00
Jörg Thalheim
8cbe746c18
ci/update-vendor-hash: fix pushing from detached head
2023-07-15 09:19:44 +02:00
Jörg Thalheim
330bca3386
Merge pull request #366 from Mic92/dependabot-automation
...
ci/update-vendor-hash: push to write github ref
2023-07-15 08:15:53 +01:00
Jörg Thalheim
53597ddcfd
ci/update-vendor-hash: push to write github ref
2023-07-15 09:15:29 +02:00
Jörg Thalheim
d099180d85
Merge pull request #365 from Mic92/dependabot-automation
...
ci/update-vendor-hash: checkout pr itself
2023-07-15 08:07:26 +01:00
Jörg Thalheim
b472c58559
ci/update-vendor-hash: checkout pr itself
2023-07-15 09:06:58 +02:00
Jörg Thalheim
d4e006f528
Merge pull request #364 from Mic92/dependabot-automation
...
drop git commit from update-vendor-hash.sh
2023-07-15 08:02:41 +01:00
Jörg Thalheim
a69e3ca7dc
drop git commit from update-vendor-hash.sh
2023-07-15 09:02:27 +02:00
Jörg Thalheim
4ead528090
Merge pull request #362 from Mic92/dependabot-automation
...
ci/dependabot: set email
2023-07-15 07:54:52 +01:00
Jörg Thalheim
f77dd7df8f
ci/dependabot: set email
2023-07-15 08:54:26 +02:00
Jörg Thalheim
3c851dbbea
add scripts to update vendorHash
2023-07-15 06:49:20 +00:00
Jörg Thalheim
62a7c95c8c
vendorHash: make it overridable
2023-07-15 06:49:20 +00:00
Jörg Thalheim
5fc5cddafd
flake.lock: Update
...
Flake lock file updates:
• Updated input 'nixpkgs':
'github:NixOS/nixpkgs/ed6afb10dfdfc97b6bcf0703f1bad8118e9e961b' (2023-07-08)
→ 'github:NixOS/nixpkgs/2047c642ce0f75307e8a0f2ec94715218c481184' (2023-07-14)
• Updated input 'nixpkgs-stable':
'github:NixOS/nixpkgs/510d721ce097150ae3b80f84b04b13b039186571' (2023-07-09)
→ 'github:NixOS/nixpkgs/3dc2bc15956db2ff2316af45eefd45803fc1372b' (2023-07-15)
2023-07-15 06:49:20 +00:00
Jörg Thalheim
88b964df69
Merge pull request #360 from anoadragon453/patch-1
...
Add some helpful tips to the README
2023-07-12 09:16:36 +01:00
Andrew Morgan
e4e1a9f9d4
Update to note accidental use of shamir secret sharing
2023-07-11 19:22:35 +01:00
Andrew Morgan
b1aa4e7107
Add some helpful tips to the README
...
A couple notes that tripped me up when initially trying this. I hope they can help make future journeys smoother :)
- Getting the syntax of `.sops.yaml` wrong can cause vague errors when it comes to encrypting secrets files.
- `path_regex` needs to include all file extensions that you intend to encrypt. `sops` supports YAML, JSON, ENV, INI and binary files, so suggesting that those be picked up by default seems sensible. Personally, I had trouble figuring out why `sops` wouldn't accept my `.env` file - again with a confusing error message.
2023-07-11 00:07:28 +01:00
github-actions[bot]
b2047c8fc9
flake.lock: Update
...
Flake lock file updates:
• Updated input 'nixpkgs':
'github:NixOS/nixpkgs/8277b539d371bf4308fc5097911aa58bfac1794f' (2023-07-01)
→ 'github:NixOS/nixpkgs/ed6afb10dfdfc97b6bcf0703f1bad8118e9e961b' (2023-07-08)
• Updated input 'nixpkgs-stable':
'github:NixOS/nixpkgs/f553c016a31277246f8d3724d3b1eee5e8c0842c' (2023-07-02)
→ 'github:NixOS/nixpkgs/510d721ce097150ae3b80f84b04b13b039186571' (2023-07-09)
2023-07-09 03:31:09 +00:00
github-actions[bot]
5ed3c22c1f
flake.lock: Update
...
Flake lock file updates:
• Updated input 'nixpkgs':
'github:NixOS/nixpkgs/7cc30fd5372ddafb3373c318507d9932bd74aafe' (2023-06-17)
→ 'github:NixOS/nixpkgs/8277b539d371bf4308fc5097911aa58bfac1794f' (2023-07-01)
• Updated input 'nixpkgs-stable':
'github:NixOS/nixpkgs/e2e2059d19668dab1744301b8b0e821e3aae9c99' (2023-06-17)
→ 'github:NixOS/nixpkgs/f553c016a31277246f8d3724d3b1eee5e8c0842c' (2023-07-02)
2023-07-02 03:27:46 +00:00
Roman Gonzalez
2ff6973350
fix(darwin): RuntimeDir trailing slash
...
In later versions of macOS (e.g. Ventura), the command used to get a
runtime directory (e.g. `getconf DARWIN_USER_TEMP_DIR`) returns a
trailing slash.
When using a configuration like:
```
sops.defaultSecretsMountPoint = "%r/secrets.d";
```
The final path is going to contain a double slash in the suffix of the
path, an example:
```
/var/<random>/<hash>//secrets.d
```
This commit ensures that the runtime dir will get the trailing '/'
character removed.
2023-06-22 01:49:29 +00:00
Roman Gonzalez
4ce3cc3428
fix(darwin): use chown only on non user mode
...
On the latest version of macOS (Ventura 13.4 as of this date), this
change ownership will always fail with the error:
> Failed to mount filesystem for secrets: Cannot change owner/group of '.../secrets.d' to 0/0: chown .../secrets.d: operation not permitted
2023-06-22 01:49:29 +00:00
Janne Heß
d299d05382
Merge pull request #350 from helsinki-systems/no-literaldocbook
...
literalDocBook -> literalMD
2023-06-20 15:25:49 +02:00