mirrors/sops-nix
1
0
Fork 0
mirror of https://github.com/Mic92/sops-nix.git synced 2024-12-14 11:57:52 +00:00
Code Activity
626 commits 14 branches 1 tag 2.8 MiB
Commit graph

626 commits

This branch
This branch
All branches
Author SHA1 Message Date
Jörg Thalheim
f77dd7df8f ci/dependabot: set email 2023-07-15 08:54:26 +02:00
Jörg Thalheim
3c851dbbea add scripts to update vendorHash 2023-07-15 06:49:20 +00:00
Jörg Thalheim
62a7c95c8c vendorHash: make it overridable 2023-07-15 06:49:20 +00:00
Jörg Thalheim
5fc5cddafd flake.lock: Update 
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/ed6afb10dfdfc97b6bcf0703f1bad8118e9e961b' (2023-07-08)
  → 'github:NixOS/nixpkgs/2047c642ce0f75307e8a0f2ec94715218c481184' (2023-07-14)
• Updated input 'nixpkgs-stable':
    'github:NixOS/nixpkgs/510d721ce097150ae3b80f84b04b13b039186571' (2023-07-09)
  → 'github:NixOS/nixpkgs/3dc2bc15956db2ff2316af45eefd45803fc1372b' (2023-07-15)
 2023-07-15 06:49:20 +00:00
Jörg Thalheim
88b964df69
Merge pull request #360 from anoadragon453/patch-1 
Add some helpful tips to the README
 2023-07-12 09:16:36 +01:00
Andrew Morgan
e4e1a9f9d4 Update to note accidental use of shamir secret sharing 2023-07-11 19:22:35 +01:00
Andrew Morgan
b1aa4e7107 Add some helpful tips to the README 
A couple notes that tripped me up when initially trying this. I hope they can help make future journeys smoother :)

- Getting the syntax of `.sops.yaml` wrong can cause vague errors when it comes to encrypting secrets files.
- `path_regex` needs to include all file extensions that you intend to encrypt. `sops` supports YAML, JSON, ENV, INI and binary files, so suggesting that those be picked up by default seems sensible. Personally, I had trouble figuring out why `sops` wouldn't accept my `.env` file - again with a confusing error message.
 2023-07-11 00:07:28 +01:00
github-actions[bot]
b2047c8fc9 flake.lock: Update 
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/8277b539d371bf4308fc5097911aa58bfac1794f' (2023-07-01)
  → 'github:NixOS/nixpkgs/ed6afb10dfdfc97b6bcf0703f1bad8118e9e961b' (2023-07-08)
• Updated input 'nixpkgs-stable':
    'github:NixOS/nixpkgs/f553c016a31277246f8d3724d3b1eee5e8c0842c' (2023-07-02)
  → 'github:NixOS/nixpkgs/510d721ce097150ae3b80f84b04b13b039186571' (2023-07-09)
 2023-07-09 03:31:09 +00:00
github-actions[bot]
5ed3c22c1f flake.lock: Update 
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/7cc30fd5372ddafb3373c318507d9932bd74aafe' (2023-06-17)
  → 'github:NixOS/nixpkgs/8277b539d371bf4308fc5097911aa58bfac1794f' (2023-07-01)
• Updated input 'nixpkgs-stable':
    'github:NixOS/nixpkgs/e2e2059d19668dab1744301b8b0e821e3aae9c99' (2023-06-17)
  → 'github:NixOS/nixpkgs/f553c016a31277246f8d3724d3b1eee5e8c0842c' (2023-07-02)
 2023-07-02 03:27:46 +00:00
Roman Gonzalez
2ff6973350 fix(darwin): RuntimeDir trailing slash 
In later versions of macOS (e.g. Ventura), the command used to get a
runtime directory (e.g. `getconf DARWIN_USER_TEMP_DIR`) returns a
trailing slash.

When using a configuration like:

```
sops.defaultSecretsMountPoint = "%r/secrets.d";
```

The final path is going to contain a double slash in the suffix of the
path, an example:

```
/var/<random>/<hash>//secrets.d
```

This commit ensures that the runtime dir will get the trailing '/'
character removed.
 2023-06-22 01:49:29 +00:00
Roman Gonzalez
4ce3cc3428 fix(darwin): use chown only on non user mode 
On the latest version of macOS (Ventura 13.4 as of this date), this
change ownership will always fail with the error:

> Failed to mount filesystem for secrets: Cannot change owner/group of '.../secrets.d' to 0/0: chown .../secrets.d: operation not permitted
 2023-06-22 01:49:29 +00:00
Janne Heß
d299d05382
Merge pull request #350 from helsinki-systems/no-literaldocbook 
literalDocBook -> literalMD
 2023-06-20 15:25:49 +02:00
ajs124
3b26d8f58b literalDocBook -> literalMD 2023-06-20 15:08:13 +02:00
dependabot[bot]
7776755fff Bump cachix/install-nix-action from 21 to 22 
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 21 to 22.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](https://github.com/cachix/install-nix-action/compare/v21...v22)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-06-19 23:01:30 +00:00
github-actions[bot]
1634d2da53 flake.lock: Update 
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/a30520bf8eabf8a5c37889d661e67a2dbcaa59e6' (2023-06-10)
  → 'github:NixOS/nixpkgs/7cc30fd5372ddafb3373c318507d9932bd74aafe' (2023-06-17)
• Updated input 'nixpkgs-stable':
    'github:NixOS/nixpkgs/aa4b53f79d961a7cbba0b24f791401a34c18011a' (2023-06-16)
  → 'github:NixOS/nixpkgs/e2e2059d19668dab1744301b8b0e821e3aae9c99' (2023-06-17)
 2023-06-18 03:15:11 +00:00
Jörg Thalheim
1e2bae5487 update checksum 2023-06-16 07:58:42 +00:00
dependabot[bot]
8271e32e54 Bump golang.org/x/sys from 0.8.0 to 0.9.0 
Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.8.0 to 0.9.0.
- [Commits](https://github.com/golang/sys/compare/v0.8.0...v0.9.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-06-16 07:58:42 +00:00
Jörg Thalheim
196eab3627
Merge pull request #345 from Mic92/doc-fixes 
replace nix-shell with nix run to get sops-init-gpg-key
 2023-06-16 08:49:22 +01:00
Jörg Thalheim
5a60b0abc4 replace bors with mergify 2023-06-16 09:33:58 +02:00
Jörg Thalheim
6434b6ad46 sops-nix: upgrade to 23.05 2023-06-16 09:29:56 +02:00
Jörg Thalheim
8d64b1593b replace nix-shell with nix run to get sops-init-gpg-key 
fixes https://github.com/Mic92/sops-nix/issues/344
 2023-06-16 09:22:32 +02:00
bors[bot]
cb85e29793
Merge #341 
341: flake.lock: Update r=sops-nix-bot a=sops-nix-bot



Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
 2023-06-11 03:18:05 +00:00
github-actions[bot]
15e25903b2 flake.lock: Update 
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/ed7bbf16855a9ec919e5c6372ba3a297ec1df550' (2023-06-03)
  → 'github:NixOS/nixpkgs/a30520bf8eabf8a5c37889d661e67a2dbcaa59e6' (2023-06-10)
• Updated input 'nixpkgs-stable':
    'github:NixOS/nixpkgs/eaf03591711b46d21abc7082a8ebee4681f9dbeb' (2023-06-03)
  → 'github:NixOS/nixpkgs/ef24b2fa0c5f290a35064b847bc211f25cb85c88' (2023-06-10)
 2023-06-11 03:17:43 +00:00
bors[bot]
a522e12ee3
Merge #339 
339: flake.lock: Update r=sops-nix-bot a=sops-nix-bot



Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
 2023-06-04 03:20:44 +00:00
github-actions[bot]
860b8e1764 flake.lock: Update 
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/aeb75dba965e790de427b73315d5addf91a54955' (2023-05-25)
  → 'github:NixOS/nixpkgs/ed7bbf16855a9ec919e5c6372ba3a297ec1df550' (2023-06-03)
• Updated input 'nixpkgs-stable':
    'github:NixOS/nixpkgs/ba6e4ddeb3e8ad3f3e3bec63dafbc9fe558729bb' (2023-05-27)
  → 'github:NixOS/nixpkgs/eaf03591711b46d21abc7082a8ebee4681f9dbeb' (2023-06-03)
 2023-06-04 03:20:26 +00:00
bors[bot]
876846cde9
Merge #337 
337: Bump cachix/install-nix-action from 20 to 21 r=Mic92 a=dependabot[bot]



Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-05-30 08:15:55 +00:00
dependabot[bot]
3de2372274
Bump cachix/install-nix-action from 20 to 21 
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 20 to 21.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](https://github.com/cachix/install-nix-action/compare/v20...v21)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-05-29 22:56:36 +00:00
bors[bot]
3e016341d4
Merge #336 
336: flake.lock: Update r=sops-nix-bot a=sops-nix-bot



Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
 2023-05-28 02:56:57 +00:00
github-actions[bot]
2117d8b2a7 flake.lock: Update 
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/eea79d584eff53bf7a76aeb63f8845da6d386129' (2023-05-20)
  → 'github:NixOS/nixpkgs/aeb75dba965e790de427b73315d5addf91a54955' (2023-05-25)
• Updated input 'nixpkgs-stable':
    'github:NixOS/nixpkgs/d0dade110dc7072d67ce27826cfe9ab2ab0cf247' (2023-05-21)
  → 'github:NixOS/nixpkgs/ba6e4ddeb3e8ad3f3e3bec63dafbc9fe558729bb' (2023-05-27)
 2023-05-28 02:56:40 +00:00
bors[bot]
4ccdfb573f
Merge #334 
334: flake.lock: Update r=sops-nix-bot a=sops-nix-bot



Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
 2023-05-21 02:55:23 +00:00
github-actions[bot]
b0387aded0 flake.lock: Update 
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/635a306fc8ede2e34cb3dd0d6d0a5d49362150ed' (2023-05-11)
  → 'github:NixOS/nixpkgs/eea79d584eff53bf7a76aeb63f8845da6d386129' (2023-05-20)
• Updated input 'nixpkgs-stable':
    'github:NixOS/nixpkgs/c6d2f3dc0d3efd4285eebe4f8a36a47ba438138e' (2023-05-14)
  → 'github:NixOS/nixpkgs/d0dade110dc7072d67ce27826cfe9ab2ab0cf247' (2023-05-21)
 2023-05-21 02:55:04 +00:00
Jörg Thalheim
df8b52249e
Merge pull request #332 from Mic92/dependabot/go_modules/golang.org/x/crypto-0.9.0 
Bump golang.org/x/crypto from 0.8.0 to 0.9.0
 2023-05-20 09:29:12 +01:00
dependabot[bot]
157d5fc217 Bump golang.org/x/crypto from 0.8.0 to 0.9.0 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.8.0 to 0.9.0.
- [Commits](https://github.com/golang/crypto/compare/v0.8.0...v0.9.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-05-20 09:36:53 +02:00
bors[bot]
a376127bb5
Merge #330 
330: flake.lock: Update r=sops-nix-bot a=sops-nix-bot



Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
 2023-05-14 02:55:30 +00:00
github-actions[bot]
ec68a1b35d flake.lock: Update 
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/e040aab15638aaf8d0786894851a2b1ca09a7baf' (2023-05-07)
  → 'github:NixOS/nixpkgs/635a306fc8ede2e34cb3dd0d6d0a5d49362150ed' (2023-05-11)
• Updated input 'nixpkgs-stable':
    'github:NixOS/nixpkgs/ba0086c178d4ed60a7899f739caea553eca2e046' (2023-05-08)
  → 'github:NixOS/nixpkgs/c6d2f3dc0d3efd4285eebe4f8a36a47ba438138e' (2023-05-14)
 2023-05-14 02:55:12 +00:00
Jörg Thalheim
36b062a2c8
Merge pull request #327 from Mic92/test-update 
flake.lock: Update
 2023-05-08 12:25:04 +01:00
Jörg Thalheim
48ca422b2f flake.lock: Update 
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/16b3b0c53b1ee8936739f8c588544e7fcec3fc60' (2023-05-06)
  → 'github:NixOS/nixpkgs/e040aab15638aaf8d0786894851a2b1ca09a7baf' (2023-05-07)
• Updated input 'nixpkgs-stable':
    'github:NixOS/nixpkgs/d724b57823f2ab2c879a840a426a607bbab2b730' (2023-05-06)
  → 'github:NixOS/nixpkgs/ba0086c178d4ed60a7899f739caea553eca2e046' (2023-05-08)
 2023-05-08 13:18:08 +02:00
Jörg Thalheim
2e77ca66d8
Merge pull request #326 from Mic92/deprecation-stuff 
fix makeSetupHook deprecations
 2023-05-08 05:58:13 +01:00
Jörg Thalheim
b84b3177a1 fix makeSetupHook's also for older nixos release 2023-05-08 06:48:56 +02:00
bors[bot]
fd2d857ce2
Merge #325 
325: flake.lock: Update r=sops-nix-bot a=sops-nix-bot



Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
 2023-05-07 02:55:15 +00:00
github-actions[bot]
790db4ba38 flake.lock: Update 
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/54abe781c482f51ff4ff534ebaba77db5bd97442' (2023-04-29)
  → 'github:NixOS/nixpkgs/16b3b0c53b1ee8936739f8c588544e7fcec3fc60' (2023-05-06)
• Updated input 'nixpkgs-stable':
    'github:NixOS/nixpkgs/db1e4eeb0f9a9028bcb920e00abbc1409dd3ef36' (2023-04-30)
  → 'github:NixOS/nixpkgs/d724b57823f2ab2c879a840a426a607bbab2b730' (2023-05-06)
 2023-05-07 02:54:58 +00:00
bors[bot]
4f308f7663
Merge #322 
322: flake.lock: Update r=sops-nix-bot a=sops-nix-bot



Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
 2023-04-30 02:55:24 +00:00
github-actions[bot]
b3b062907c flake.lock: Update 
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/2362848adf8def2866fabbffc50462e929d7fffb' (2023-04-21)
  → 'github:NixOS/nixpkgs/54abe781c482f51ff4ff534ebaba77db5bd97442' (2023-04-29)
• Updated input 'nixpkgs-stable':
    'github:NixOS/nixpkgs/ee7ec1c71adc47d2e3c2d5eb0d6b8fbbd42a8d1c' (2023-04-22)
  → 'github:NixOS/nixpkgs/db1e4eeb0f9a9028bcb920e00abbc1409dd3ef36' (2023-04-30)
 2023-04-30 02:55:06 +00:00
bors[bot]
4a330ead6a
Merge #321 
321: modules/sops/templates: declare `defaultText` for `sops.templates.<name>.group` r=Mic92 a=Ma27



Co-authored-by: Maximilian Bosch <maximilian@mbosch.me>
 2023-04-26 19:58:52 +00:00
Maximilian Bosch
f10110ddef
modules/sops/templates: declare defaultText for sops.templates.<name>.group 
When using `documentation.nixos.includeAllModules = true;` this fails
for me with

    error: attribute 'users' missing

           at /nix/store/30jax2y4q3d1xyf8ha3cwilw3kdz4pn8-source/modules/sops/templates/default.nix:8:11:

                7|   secretsForUsers = lib.filterAttrs (_: v: v.neededForUsers) cfg.secrets;
                8|   users = config.users.users;
                 |           ^
                9| in {
    (use '--show-trace' to show detailed location information)

Not depending on `config` when building the manual fixes the issue.
 2023-04-25 21:45:42 +02:00
bors[bot]
7c8e9727a2
Merge #320 
320: templates: Add descriptions and use singleLineStr r=dasJ a=dasJ



Co-authored-by: Janne Heß <janne@hess.ooo>
 2023-04-24 12:13:48 +00:00
Janne Heß
679ad65214
templates: Add descriptions and use singleLineStr 2023-04-23 12:56:01 +02:00
bors[bot]
8a95e6f8cd
Merge #319 
319: flake.lock: Update r=sops-nix-bot a=sops-nix-bot



Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
 2023-04-23 02:55:55 +00:00
github-actions[bot]
afd44312d4 flake.lock: Update 
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/29176972b4be60f7d3eb3101f696c99f2e6ada57' (2023-04-15)
  → 'github:NixOS/nixpkgs/2362848adf8def2866fabbffc50462e929d7fffb' (2023-04-21)
• Updated input 'nixpkgs-stable':
    'github:NixOS/nixpkgs/1040ce5f652b586da95dfd80d48a745e107b9eac' (2023-04-16)
  → 'github:NixOS/nixpkgs/ee7ec1c71adc47d2e3c2d5eb0d6b8fbbd42a8d1c' (2023-04-22)
 2023-04-23 02:55:36 +00:00
bors[bot]
5698b06b07
Merge #316 
316: HM: make `secretsMountPoint` and `symlinkPath` configurable r=Mic92 a=Shawn8901



Co-authored-by: MidAutumnMoon <me@418.im>
 2023-04-18 12:41:35 +00:00