From 78190a492875c40558c6a2c06a48d7f32b2ca681 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 30 Jun 2023 10:00:32 +0200
Subject: config: move secrets to sops

---
 2configs/default.nix           | 1 +
 2configs/stats/arafetch.nix    | 2 +-
 2configs/wireguard/thierry.nix | 5 +++--
 3 files changed, 5 insertions(+), 3 deletions(-)

(limited to '2configs')

diff --git a/2configs/default.nix b/2configs/default.nix
index e2e10aad2..3e04c3c05 100644
--- a/2configs/default.nix
+++ b/2configs/default.nix
@@ -7,6 +7,7 @@ with lib;
     ./editor/vim.nix
     ./binary-cache/nixos.nix
     ./minimal.nix
+    ./secrets
     # ./security/hotfix.nix
   ];
 
diff --git a/2configs/stats/arafetch.nix b/2configs/stats/arafetch.nix
index 0ea05e779..e94d8a9df 100644
--- a/2configs/stats/arafetch.nix
+++ b/2configs/stats/arafetch.nix
@@ -1,5 +1,5 @@
 { pkgs, lib, ...}:
-with import <stockholm/lib>;
+with pkgs.stockholm.lib;
 let
   pkg = with pkgs.python3Packages;buildPythonPackage rec {
     rev = "56d41de8219adc";
diff --git a/2configs/wireguard/thierry.nix b/2configs/wireguard/thierry.nix
index f1dfef192..58062073c 100644
--- a/2configs/wireguard/thierry.nix
+++ b/2configs/wireguard/thierry.nix
@@ -1,8 +1,9 @@
-{ lib, ... }:
+{ config, lib, ... }:
 {
+  sops.secrets."wg-thierry.key" = {};
   networking.wireguard.interfaces.thierry-wg = {
     ips = [ "172.27.66.10/24" ]; # TODO: not dnyamic
-    privateKeyFile = (toString <secrets>) + "/wg-thierry.key";
+    privateKeyFile = config.sops.secrets."wg-thierry.key".path;
     allowedIPsAsRoutes = true;
     # explicit route via eth0 to gum
     peers = [
-- 
cgit v1.2.3