Add sops and setup sops-nix
We want to store secrets, and due to the shortcomings of git-crypt (not
working, not being able to push to public caches, etc.) we have decided
to use sops.
Change-Id: I9ed38a93879ca5ff4a452e6e8017b500a4d2cbb6
Reviewed-on: https://git.clicks.codes/c/Chimera/NixFiles/+/414
Tested-by: Skyler Grey <minion@clicks.codes>
Reviewed-by: Skyler Grey <minion@clicks.codes>
diff --git a/flake.lock b/flake.lock
index 26198c8..d58bd9d 100644
--- a/flake.lock
+++ b/flake.lock
@@ -235,6 +235,22 @@
"type": "github"
}
},
+ "nixpkgs-stable": {
+ "locked": {
+ "lastModified": 1708210246,
+ "narHash": "sha256-Q8L9XwrBK53fbuuIFMbjKvoV7ixfLFKLw4yV+SD28Y8=",
+ "owner": "NixOS",
+ "repo": "nixpkgs",
+ "rev": "69405156cffbdf2be50153f13cbdf9a0bea38e49",
+ "type": "github"
+ },
+ "original": {
+ "owner": "NixOS",
+ "ref": "release-23.11",
+ "repo": "nixpkgs",
+ "type": "github"
+ }
+ },
"nixpkgs_2": {
"locked": {
"lastModified": 1707546158,
@@ -251,6 +267,22 @@
"type": "github"
}
},
+ "nixpkgs_3": {
+ "locked": {
+ "lastModified": 1708151420,
+ "narHash": "sha256-MGT/4aGCWQPQiu6COqJdCj9kSpLPiShgbwpbC38YXC8=",
+ "owner": "NixOS",
+ "repo": "nixpkgs",
+ "rev": "6e2f00c83911461438301db0dba5281197fe4b3a",
+ "type": "github"
+ },
+ "original": {
+ "owner": "NixOS",
+ "ref": "nixpkgs-unstable",
+ "repo": "nixpkgs",
+ "type": "github"
+ }
+ },
"nur": {
"locked": {
"lastModified": 1707853532,
@@ -275,7 +307,8 @@
"nix-index-database": "nix-index-database",
"nixpkgs": "nixpkgs_2",
"nur": "nur",
- "snowfall-lib": "snowfall-lib"
+ "snowfall-lib": "snowfall-lib",
+ "sops-nix": "sops-nix"
}
},
"snowfall-lib": {
@@ -300,6 +333,25 @@
"type": "github"
}
},
+ "sops-nix": {
+ "inputs": {
+ "nixpkgs": "nixpkgs_3",
+ "nixpkgs-stable": "nixpkgs-stable"
+ },
+ "locked": {
+ "lastModified": 1708500294,
+ "narHash": "sha256-mvJIecY3tDKZh7297mqOtOuAvP7U1rqjfLNfmfkjFpU=",
+ "owner": "Mic92",
+ "repo": "sops-nix",
+ "rev": "f6b80ab6cd25e57f297fe466ad689d8a77057c11",
+ "type": "github"
+ },
+ "original": {
+ "owner": "Mic92",
+ "repo": "sops-nix",
+ "type": "github"
+ }
+ },
"systems": {
"locked": {
"lastModified": 1689347949,