Decrypt rndc keys for telperion.
This commit is contained in:
parent
67e83e764c
commit
c9902bebc2
1 changed files with 14 additions and 0 deletions
|
@ -10,6 +10,15 @@
|
|||
./hardware-configuration.nix
|
||||
];
|
||||
|
||||
sops = {
|
||||
# Mounts unencrypted sops values at /run/secrets/rndc_keys accessible by root only by default.
|
||||
secrets = {
|
||||
"rndc_keys" = {
|
||||
# owner = config.users.users
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
# Use the systemd-boot EFI boot loader.
|
||||
boot.loader.systemd-boot.enable = true;
|
||||
boot.loader.efi.canTouchEfiVariables = true;
|
||||
|
@ -41,6 +50,11 @@
|
|||
wget
|
||||
];
|
||||
|
||||
services.bind = {
|
||||
enable = true;
|
||||
|
||||
};
|
||||
|
||||
# Some programs need SUID wrappers, can be configured further or are
|
||||
# started in user sessions.
|
||||
programs.mtr.enable = true;
|
||||
|
|
Reference in a new issue