23 lines
411 B
Nix
23 lines
411 B
Nix
{
|
|
config,
|
|
pkgs,
|
|
outputs,
|
|
...
|
|
}:
|
|
|
|
{
|
|
imports = [
|
|
outputs.nixosModules.sops
|
|
];
|
|
|
|
sops = {
|
|
defaultSopsFile = ../secrets.yaml;
|
|
# age.keyFile is not set, sops-nix defaults to using /etc/ssh/ssh_host_ed25519_key
|
|
|
|
# TODO: Enable after first install when SOPS secrets are configured
|
|
# secrets = {
|
|
# "forgejo-runner/token" = { };
|
|
# "tailscale/auth-key" = { };
|
|
# };
|
|
};
|
|
}
|