torjus/nixos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Releases Activity

Add sops
All checks were successful
pre-commit / pre-commit (push) Successful in 2m2s
Details

Browse Source
This commit is contained in:
Torjus Håkestad
2024-03-06 20:17:04 +01:00
parent fd6d93d0cf
commit a7250e9581
10 changed files with 158 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
home/default.nix
View File

@@ -1,4 +1,4 @@
{ pkgs, inputs, self, user, ... }: {
{ pkgs, inputs, user, ... }: {
imports = [ inputs.home-manager.nixosModules.home-manager ];
home-manager = {
useUserPackages = true;
@@ -6,6 +6,8 @@
extraSpecialArgs = { inherit pkgs inputs user; };
users.${user} = { pkgs, ... }: {
imports = [
inputs.sops-nix.homeManagerModules.sops
./sops
./editor/neovim
./programs/firefox
./programs/tmux

1
home/packages/default.nix
View File

@@ -28,6 +28,7 @@
restic
ripgrep
rofi-rbw-wayland
sops
spotify
spicetify-cli
sshfs

15
home/services/backup-home.nix
View File

@@ -1,10 +1,17 @@
{ pkgs, ... }:
{ pkgs, config, ... }:
let
# Backup home script
backup-home = pkgs.writeShellScriptBin "backup-home.sh"
''
export RESTIC_PASSWORD="gunter.home.2rjus.net"
export RESTIC_REPOSITORY="rest:http://10.69.12.52:8000/gunter.home.2rjus.net"
GOTIFY_TOKEN=$(<"$XDG_RUNTIME_DIR/gotify_backup_home.txt")
if [ -z "$GOTIFY_TOKEN" ]; then
${pkgs.libnotify}/bin/notify-send -u critical "Backup issue" "No Gotify token found"
fi
echo "GOTIFY_TOKEN=$GOTIFY_TOKEN"
# Send start notification
${pkgs.libnotify}/bin/notify-send -e -t 3000 "Backup started" "Backup of /home/torjus started"
@@ -26,7 +33,7 @@ let
retval=$?
if [ $retval -ne 0 ]; then
# TODO: put token in sops
${pkgs.curl}/bin/curl "https://gotify.t-juice.club/message?token=ABgV8XT62bxyCzF" \
${pkgs.curl}/bin/curl "https://gotify.t-juice.club/message?token=$GOTIFY_TOKEN" \
-F "title=Backup of home@gunter failed!" \
-F "message=Please check status of backup-home service"
fi
@@ -59,10 +66,12 @@ let
'';
in
{
sops.secrets."gotify_backup_home" = { };
systemd.user.services.backup-home = {
Unit = {
Description = "Backup home directory";
After = [ "network.target" ];
After = [ "network.target" "sops-nix.service" ];
};
Service = {
Type = "oneshot";

6
home/sops/default.nix Normal file
View File

@@ -0,0 +1,6 @@
{ user, ... }: {
sops = {
age.keyFile = "/home/${user}/.config/sops/age/keys.txt";
defaultSopsFile = ../../secrets/torjus/secret.yaml;
};
}