Decrypt rndc keys for telperion.

This commit is contained in:
Joseph Hanson 2024-04-29 09:23:51 -05:00
parent 67e83e764c
commit c9902bebc2
Signed by: jahanson
SSH key fingerprint: SHA256:vy6dKBECV522aPAwklFM3ReKAVB086rT3oWwiuiFG7o

View file

@ -10,6 +10,15 @@
./hardware-configuration.nix
];
sops = {
# Mounts unencrypted sops values at /run/secrets/rndc_keys accessible by root only by default.
secrets = {
"rndc_keys" = {
# owner = config.users.users
};
};
};
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
@ -41,6 +50,11 @@
wget
];
services.bind = {
enable = true;
};
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
programs.mtr.enable = true;