setting up media server

2025-03-10 15:42:03 -04:00 · 2025-03-10 15:42:03 -04:00 · 891036c7b7
commit 891036c7b7
parent d976ee4c71
6 changed files with 170 additions and 24 deletions
--- a/modules/system/sops-config.nix
+++ b/modules/system/sops-config.nix
@ -1,14 +1,25 @@
 { config, lib, pkgs, ... }:
+let
+  cfg = config.sops-config;

-{
-  sops = {
-    age.keyFile = "/home/emenel/.config/sops/age/keys.txt"; # must have no password!
-    defaultSopsFile = ./secrets.yaml;
-    secrets = {
-      filez = {};
-      media-server = {};
+in {
+  options.sops-config = {
+    key-file = lib.mkOption {
+      type = lib.types.str;
+      default = "";
    };
-    templates."media-server-secrets".content = ''
+  };
+
+  config = {
+
+    sops = {
+      age.keyFile = cfg.key-file; # must have no password!
+      defaultSopsFile = ./secrets.yaml;
+      secrets = {
+        filez = {};
+        media-server = {};
+      };
+      templates."media-server-secrets".content = ''
 username=media
 password=${config.sops.placeholder.media-server}
 '';
@ -16,18 +27,19 @@ password=${config.sops.placeholder.media-server}
 username=admin
 password=${config.sops.placeholder.filez}
 '';
-  };
-
-
-  environment.etc = {
-    "nixos/filez-secrets" = {
-      source = config.sops.templates."filez-secrets".path;
-      group = "users";
    };
-    "nixos/media-server-secrets" = {
-      source = config.sops.templates."media-server-secrets".path;
-      group = "users";
-    };
-  };

+
+    environment.etc = {
+      "nixos/filez-secrets" = {
+        source = config.sops.templates."filez-secrets".path;
+        group = "users";
+      };
+      "nixos/media-server-secrets" = {
+        source = config.sops.templates."media-server-secrets".path;
+        group = "users";
+      };
+    };
+
+  };
 }