25 lines
611 B
Nix
25 lines
611 B
Nix
{ config, lib, ... }:
|
|
with lib; {
|
|
options = {
|
|
nixManager = {
|
|
enable = mkEnableOption "Configure host as nix-conf manager.";
|
|
user = mkOption {
|
|
type = types.str;
|
|
default = "root";
|
|
description = ''
|
|
User who will own the private key.
|
|
'';
|
|
};
|
|
};
|
|
};
|
|
|
|
config = mkIf config.nixManager.enable {
|
|
#sops.defaultSopsFile = ../manager.yaml;
|
|
sops.defaultSopsFile = config.xin-secrets.manager;
|
|
sops.secrets = {
|
|
manager_key = { owner = config.nixManager.user; };
|
|
manager_pubkey = { owner = config.nixManager.user; };
|
|
};
|
|
};
|
|
}
|