secrets management with SOPS

2026-02-22 21:02:22 -05:00
parent de4c297252
commit 2a7521ee77
10 changed files with 119 additions and 4 deletions
--- a/users/root.nix
+++ b/users/root.nix
@@ -0,0 +1,7 @@
+{ config, ... }:
+
+{
+  users.users.root = {
+    hashedPasswordFile = config.sops.secrets.pw_root.path;
+  };
+}
--- a/users/users.nix
+++ b/users/users.nix
@@ -1,5 +1,6 @@
 {
  imports = [
    ./williamp.nix
+    ./root.nix
  ];
 }
--- a/users/williamp.nix
+++ b/users/williamp.nix
@@ -1,6 +1,9 @@
+{ config, ... }:
+
 {
  users.users.williamp = {
    isNormalUser = true;
+    hashedPasswordFile = config.sops.secrets.pw_williamp.path;
    openssh.authorizedKeys.keys = [
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID5lZ0/JJyLLwSrFfSs+DF/v0EkV2i/SVDf18+/K5NDV me@williamtpeebles.com"
    ];