chase/nix-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix: smb-credentials

Browse Source
This commit is contained in:
chase
2025-06-08 15:45:47 -04:00
parent 27cf08d271
commit bb1ec1cbce
3 changed files with 14 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
hosts/anzu/configuration.nix
View File

@@ -24,9 +24,9 @@
fsType = "cifs"; fsType = "cifs";
options = let options = let
automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s,user,users"; automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s,user,users";
username = "chase"; credentials = "${config.sops.templates."smb-credentials".path}";
password = "$(cat ${config.sops.secrets."smb-password".path})"; in ["${automount_opts},credentials=${credentials},uid=1000,gid=100"];
in ["${automount_opts},username=${username},password=${password},uid=1000,gid=100"]; #in ["${automount_opts},credentials=/etc/nixos/smb-secrets,uid=1000,gid=100"];
}; };
system.stateVersion = "24.11"; system.stateVersion = "24.11";

11
nixos/base.nix
View File

@@ -119,15 +119,20 @@
sops = { sops = {
defaultSopsFile = ../secrets.yaml; defaultSopsFile = ../secrets.yaml;
validateSopsFiles = false; validateSopsFiles = false;
age = { age = {
sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
keyFile = "/var/lib/sops-nix/key.txt"; keyFile = "/var/lib/sops-nix/key.txt";
generateKey = true; generateKey = true;
}; };
secrets = { secrets = {
smb-password = {}; "smb-username" = {};
"smb-password" = {};
};
templates = {
"smb-credentials".content = ''
username=${config.sops.placeholder.smb-username}
password=${config.sops.placeholder.smb-password}
'';
}; };
}; };

5
secrets.yaml
View File

@@ -1,3 +1,4 @@
smb-username: ENC[AES256_GCM,data:pFkBi+c=,iv:JSRlBHBGMNZVZZuQaSHj/cpXOaxRV3xkG/OaTOjFDZc=,tag:ALMWCi+gAqt2HtSKGGaS5Q==,type:str]
smb-password: ENC[AES256_GCM,data:LgxYSOZhj5DwvTwAoF0cLJezxYQ=,iv:is3PWEgvWmbFc39npdjD9qYrMo76wWAczZlo7LCoNf0=,tag:vanjCeI01KaL5STCSwxM/g==,type:str] smb-password: ENC[AES256_GCM,data:LgxYSOZhj5DwvTwAoF0cLJezxYQ=,iv:is3PWEgvWmbFc39npdjD9qYrMo76wWAczZlo7LCoNf0=,tag:vanjCeI01KaL5STCSwxM/g==,type:str]
sops: sops:
age: age:
@@ -19,7 +20,7 @@ sops:
aVFNTW8yeEUvb2tLcnRpUFltSVlZVXMKSnKkMhnW7/ZOW/LkBGJZvrfE6lUT1TrB aVFNTW8yeEUvb2tLcnRpUFltSVlZVXMKSnKkMhnW7/ZOW/LkBGJZvrfE6lUT1TrB
O83/WxPsN5mFz9WxqKevPNlLJaPwqJQjAS2TRYlya3uvGydpJoV7+g== O83/WxPsN5mFz9WxqKevPNlLJaPwqJQjAS2TRYlya3uvGydpJoV7+g==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2025-06-08T17:56:04Z" lastmodified: "2025-06-08T19:43:47Z"
mac: ENC[AES256_GCM,data:fFVK7hOu5MnZ8XKv+J3cOcHHNAdx+3L/HidlgRuCrI4KTMnkK+17MThF7xNblERQtMlb2qgz/I7A/4+GcaH/Whrgynduy+Bc6g7GlzZBnT7EhASt/TjMurqqH3AXcdFHiG2K7zhDYH4ssu8aPIDYpw2gCytQPNgqWkRjygkLrDo=,iv:E1Hh35wGOiiNMNFhRns48wtTMxe8mdj/ueU4nxYO8Ug=,tag:5OqmX0f2tSVdgqkEHjA60w==,type:str] mac: ENC[AES256_GCM,data:9YpgBrJwWhz2utNPldpIU/ylaN2QfkSj1LvWa8sISSnuXvsBsZ8a+oNzuGDd5+Q1pSYtoiBt6viqZn65wp8x+kb9ZMJdsWoZZG2U1b3rHUsadOYarvwMVDoQ5TZFFjEOyzyCgT7ln6v1rfAKwL5LJ3Kjv6SRIb9dK51sDsVijhQ=,iv:yTlxgZoOdB7pu5iZKP+q1cXbDsTT5HgsWo4tkix8948=,tag:qJbiq+Fayx5L9V7to1ijvQ==,type:str]
unencrypted_suffix: _unencrypted unencrypted_suffix: _unencrypted
version: 3.10.2 version: 3.10.2