jahanson/nix-config
Archived
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity

Decrypt rndc keys for telperion.

Browse source
This commit is contained in:
Joseph Hanson 2024-04-29 09:23:51 -05:00
parent 67e83e764c
commit c9902bebc2
Signed by: jahanson
SSH key fingerprint: SHA256:vy6dKBECV522aPAwklFM3ReKAVB086rT3oWwiuiFG7o
1 changed files with 14 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
nixos/telperion/configuration.nix
View file

@ -10,6 +10,15 @@
./hardware-configuration.nix ./hardware-configuration.nix
]; ];
sops = {
# Mounts unencrypted sops values at /run/secrets/rndc_keys accessible by root only by default.
secrets = {
"rndc_keys" = {
# owner = config.users.users
};
};
};
# Use the systemd-boot EFI boot loader. # Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.canTouchEfiVariables = true;
@ -41,6 +50,11 @@
wget wget
]; ];
services.bind = {
enable = true;
};
# Some programs need SUID wrappers, can be configured further or are # Some programs need SUID wrappers, can be configured further or are
# started in user sessions. # started in user sessions.
programs.mtr.enable = true; programs.mtr.enable = true;