From 679f815d605b3ddea2f4241513fa14d2eea74eab Mon Sep 17 00:00:00 2001 From: Fiona Grzebien Date: Sun, 17 May 2026 02:41:04 +0200 Subject: [PATCH] Add sops.nix to every host --- config/hosts/forgejo/default.nix | 1 + config/hosts/forgejo/sops.nix | 6 ++++++ config/hosts/jellyfin/default.nix | 1 + config/hosts/jellyfin/sops.nix | 6 ++++++ config/hosts/keycloak/default.nix | 1 + config/hosts/keycloak/sops.nix | 6 ++++++ config/hosts/lifeline/default.nix | 1 + config/hosts/lifeline/sops.nix | 6 ++++++ config/hosts/mail-1/default.nix | 1 + config/hosts/mail-1/sops.nix | 6 ++++++ config/hosts/mastodon/default.nix | 1 + config/hosts/mastodon/sops.nix | 6 ++++++ config/hosts/mastodon/yarn.patch | 21 --------------------- config/hosts/matrix/default.nix | 1 + config/hosts/matrix/sops.nix | 6 ++++++ config/hosts/metrics-nekomesh/default.nix | 1 + config/hosts/metrics-nekomesh/sops.nix | 6 ++++++ config/hosts/metrics/default.nix | 1 + config/hosts/metrics/sops.nix | 6 ++++++ config/hosts/nextcloud/default.nix | 1 + config/hosts/nextcloud/sops.nix | 6 ++++++ config/hosts/searx/default.nix | 1 + config/hosts/searx/sops.nix | 6 ++++++ config/hosts/torrent/default.nix | 1 + config/hosts/torrent/sops.nix | 6 ++++++ config/hosts/valkyrie/default.nix | 1 + config/hosts/valkyrie/sops.nix | 6 ++++++ 27 files changed, 91 insertions(+), 21 deletions(-) create mode 100644 config/hosts/forgejo/sops.nix create mode 100644 config/hosts/jellyfin/sops.nix create mode 100644 config/hosts/keycloak/sops.nix create mode 100644 config/hosts/lifeline/sops.nix create mode 100644 config/hosts/mail-1/sops.nix create mode 100644 config/hosts/mastodon/sops.nix delete mode 100644 config/hosts/mastodon/yarn.patch create mode 100644 config/hosts/matrix/sops.nix create mode 100644 config/hosts/metrics-nekomesh/sops.nix create mode 100644 config/hosts/metrics/sops.nix create mode 100644 config/hosts/nextcloud/sops.nix create mode 100644 config/hosts/searx/sops.nix create mode 100644 config/hosts/torrent/sops.nix create mode 100644 config/hosts/valkyrie/sops.nix diff --git a/config/hosts/forgejo/default.nix b/config/hosts/forgejo/default.nix index d71bcad..7de3a33 100644 --- a/config/hosts/forgejo/default.nix +++ b/config/hosts/forgejo/default.nix @@ -5,5 +5,6 @@ ./forgejo.nix ./redis.nix ./nginx.nix + ./sops.nix ]; } diff --git a/config/hosts/forgejo/sops.nix b/config/hosts/forgejo/sops.nix new file mode 100644 index 0000000..78dc2c8 --- /dev/null +++ b/config/hosts/forgejo/sops.nix @@ -0,0 +1,6 @@ +{ ... }: +{ + sops = { + defaultSopsFile = ./secrets.yaml; + }; +} diff --git a/config/hosts/jellyfin/default.nix b/config/hosts/jellyfin/default.nix index 33e2290..70a20a7 100644 --- a/config/hosts/jellyfin/default.nix +++ b/config/hosts/jellyfin/default.nix @@ -5,5 +5,6 @@ ./hardware-configuration.nix ./jellyfin.nix ./nginx.nix + ./sops.nix ]; } diff --git a/config/hosts/jellyfin/sops.nix b/config/hosts/jellyfin/sops.nix new file mode 100644 index 0000000..78dc2c8 --- /dev/null +++ b/config/hosts/jellyfin/sops.nix @@ -0,0 +1,6 @@ +{ ... }: +{ + sops = { + defaultSopsFile = ./secrets.yaml; + }; +} diff --git a/config/hosts/keycloak/default.nix b/config/hosts/keycloak/default.nix index 6289ce6..83d170e 100644 --- a/config/hosts/keycloak/default.nix +++ b/config/hosts/keycloak/default.nix @@ -4,5 +4,6 @@ ./configuration.nix ./keycloak.nix ./nginx.nix + ./sops.nix ]; } diff --git a/config/hosts/keycloak/sops.nix b/config/hosts/keycloak/sops.nix new file mode 100644 index 0000000..78dc2c8 --- /dev/null +++ b/config/hosts/keycloak/sops.nix @@ -0,0 +1,6 @@ +{ ... }: +{ + sops = { + defaultSopsFile = ./secrets.yaml; + }; +} diff --git a/config/hosts/lifeline/default.nix b/config/hosts/lifeline/default.nix index 9d284a8..36dea6d 100644 --- a/config/hosts/lifeline/default.nix +++ b/config/hosts/lifeline/default.nix @@ -3,5 +3,6 @@ imports = [ ./configuration.nix ./hardware-configuration.nix + ./sops.nix ]; } diff --git a/config/hosts/lifeline/sops.nix b/config/hosts/lifeline/sops.nix new file mode 100644 index 0000000..78dc2c8 --- /dev/null +++ b/config/hosts/lifeline/sops.nix @@ -0,0 +1,6 @@ +{ ... }: +{ + sops = { + defaultSopsFile = ./secrets.yaml; + }; +} diff --git a/config/hosts/mail-1/default.nix b/config/hosts/mail-1/default.nix index 5537841..28a5bdc 100644 --- a/config/hosts/mail-1/default.nix +++ b/config/hosts/mail-1/default.nix @@ -3,5 +3,6 @@ imports = [ ./configuration.nix ./simple-nixos-mailserver.nix + ./sops.nix ]; } diff --git a/config/hosts/mail-1/sops.nix b/config/hosts/mail-1/sops.nix new file mode 100644 index 0000000..78dc2c8 --- /dev/null +++ b/config/hosts/mail-1/sops.nix @@ -0,0 +1,6 @@ +{ ... }: +{ + sops = { + defaultSopsFile = ./secrets.yaml; + }; +} diff --git a/config/hosts/mastodon/default.nix b/config/hosts/mastodon/default.nix index 5651eb8..5166081 100644 --- a/config/hosts/mastodon/default.nix +++ b/config/hosts/mastodon/default.nix @@ -5,5 +5,6 @@ ./mastodon.nix ./opensearch.nix ./nginx.nix + ./sops.nix ]; } diff --git a/config/hosts/mastodon/sops.nix b/config/hosts/mastodon/sops.nix new file mode 100644 index 0000000..78dc2c8 --- /dev/null +++ b/config/hosts/mastodon/sops.nix @@ -0,0 +1,6 @@ +{ ... }: +{ + sops = { + defaultSopsFile = ./secrets.yaml; + }; +} diff --git a/config/hosts/mastodon/yarn.patch b/config/hosts/mastodon/yarn.patch deleted file mode 100644 index 82a2f77..0000000 --- a/config/hosts/mastodon/yarn.patch +++ /dev/null @@ -1,21 +0,0 @@ -diff --git a/.yarnrc.yml b/.yarnrc.yml ---- a/.yarnrc.yml -+++ b/.yarnrc.yml -@@ -1 +1,6 @@ - nodeLinker: node-modules -+ -+approvedGitRepositories: -+ - "**" -+ -+enableScripts: true -diff --git a/yarn.lock b/yarn.lock ---- a/yarn.lock -+++ b/yarn.lock -@@ -2,6 +2,6 @@ - # Manual changes might be lost - proceed with caution! - - __metadata: -- version: 8 -+ version: 9 - cacheKey: 10c0 - \ No newline at end of file diff --git a/config/hosts/matrix/default.nix b/config/hosts/matrix/default.nix index c6cd79a..8dbb1ac 100644 --- a/config/hosts/matrix/default.nix +++ b/config/hosts/matrix/default.nix @@ -8,5 +8,6 @@ ./matrix-authentication-service.nix ./matrix-synapse.nix ./nginx.nix + ./sops.nix ]; } diff --git a/config/hosts/matrix/sops.nix b/config/hosts/matrix/sops.nix new file mode 100644 index 0000000..78dc2c8 --- /dev/null +++ b/config/hosts/matrix/sops.nix @@ -0,0 +1,6 @@ +{ ... }: +{ + sops = { + defaultSopsFile = ./secrets.yaml; + }; +} diff --git a/config/hosts/metrics-nekomesh/default.nix b/config/hosts/metrics-nekomesh/default.nix index c2d39a4..cc0af5c 100644 --- a/config/hosts/metrics-nekomesh/default.nix +++ b/config/hosts/metrics-nekomesh/default.nix @@ -6,5 +6,6 @@ ./neo4j.nix ./prometheus.nix ./nginx.nix + ./sops.nix ]; } diff --git a/config/hosts/metrics-nekomesh/sops.nix b/config/hosts/metrics-nekomesh/sops.nix new file mode 100644 index 0000000..78dc2c8 --- /dev/null +++ b/config/hosts/metrics-nekomesh/sops.nix @@ -0,0 +1,6 @@ +{ ... }: +{ + sops = { + defaultSopsFile = ./secrets.yaml; + }; +} diff --git a/config/hosts/metrics/default.nix b/config/hosts/metrics/default.nix index ef5c25c..ea9bd08 100644 --- a/config/hosts/metrics/default.nix +++ b/config/hosts/metrics/default.nix @@ -5,5 +5,6 @@ ./grafana.nix ./prometheus.nix ./nginx.nix + ./sops.nix ]; } diff --git a/config/hosts/metrics/sops.nix b/config/hosts/metrics/sops.nix new file mode 100644 index 0000000..78dc2c8 --- /dev/null +++ b/config/hosts/metrics/sops.nix @@ -0,0 +1,6 @@ +{ ... }: +{ + sops = { + defaultSopsFile = ./secrets.yaml; + }; +} diff --git a/config/hosts/nextcloud/default.nix b/config/hosts/nextcloud/default.nix index 9677aef..5c78b7a 100644 --- a/config/hosts/nextcloud/default.nix +++ b/config/hosts/nextcloud/default.nix @@ -4,5 +4,6 @@ ./configuration.nix ./hardware-configuration.nix ./nextcloud.nix + ./sops.nix ]; } diff --git a/config/hosts/nextcloud/sops.nix b/config/hosts/nextcloud/sops.nix new file mode 100644 index 0000000..78dc2c8 --- /dev/null +++ b/config/hosts/nextcloud/sops.nix @@ -0,0 +1,6 @@ +{ ... }: +{ + sops = { + defaultSopsFile = ./secrets.yaml; + }; +} diff --git a/config/hosts/searx/default.nix b/config/hosts/searx/default.nix index ee2a678..ab8d68f 100644 --- a/config/hosts/searx/default.nix +++ b/config/hosts/searx/default.nix @@ -4,5 +4,6 @@ ./configuration.nix ./nginx.nix ./searx.nix + ./sops.nix ]; } diff --git a/config/hosts/searx/sops.nix b/config/hosts/searx/sops.nix new file mode 100644 index 0000000..78dc2c8 --- /dev/null +++ b/config/hosts/searx/sops.nix @@ -0,0 +1,6 @@ +{ ... }: +{ + sops = { + defaultSopsFile = ./secrets.yaml; + }; +} diff --git a/config/hosts/torrent/default.nix b/config/hosts/torrent/default.nix index dc6a854..d10522c 100644 --- a/config/hosts/torrent/default.nix +++ b/config/hosts/torrent/default.nix @@ -7,5 +7,6 @@ ./radarr.nix ./sonarr.nix ./nginx.nix + ./sops.nix ]; } diff --git a/config/hosts/torrent/sops.nix b/config/hosts/torrent/sops.nix new file mode 100644 index 0000000..78dc2c8 --- /dev/null +++ b/config/hosts/torrent/sops.nix @@ -0,0 +1,6 @@ +{ ... }: +{ + sops = { + defaultSopsFile = ./secrets.yaml; + }; +} diff --git a/config/hosts/valkyrie/default.nix b/config/hosts/valkyrie/default.nix index 68a1b85..1f91238 100644 --- a/config/hosts/valkyrie/default.nix +++ b/config/hosts/valkyrie/default.nix @@ -5,5 +5,6 @@ ./nginx.nix ./containers/uptime-kuma ./services.nix + ./sops.nix ]; } diff --git a/config/hosts/valkyrie/sops.nix b/config/hosts/valkyrie/sops.nix new file mode 100644 index 0000000..78dc2c8 --- /dev/null +++ b/config/hosts/valkyrie/sops.nix @@ -0,0 +1,6 @@ +{ ... }: +{ + sops = { + defaultSopsFile = ./secrets.yaml; + }; +}