nix-config/hosts/toaster/secrets.nix

{ config, ... }:
{
  sops.defaultSopsFile = ../../secrets/toaster/secrets.yaml;
  sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];

  sops.secrets = {
    "wg/zw" = {
      owner = config.users.users.systemd-network.name;
    };
    "wg/dvb" = {
      owner = config.users.users.systemd-network.name;
    };
    "wg/mullvad" = {
      owner = config.users.users.systemd-network.name;
    };
    "wg/oxalab" = {
      owner = config.users.users.systemd-network.name;
    };
  };
}
rotate secrets, retire microwave, comission toaster 2023-01-10 00:12:15 +01:00			`{ config, ... }:`
			`{`
			`sops.defaultSopsFile = ../../secrets/toaster/secrets.yaml;`
			`sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];`

			`sops.secrets = {`
			`"wg/zw" = {`
			`owner = config.users.users.systemd-network.name;`
			`};`
			`"wg/dvb" = {`
			`owner = config.users.users.systemd-network.name;`
			`};`
			`"wg/mullvad" = {`
			`owner = config.users.users.systemd-network.name;`
			`};`
			`"wg/oxalab" = {`
			`owner = config.users.users.systemd-network.name;`
			`};`
			`};`
			`}`