Compare commits
7 Commits
8364944067
...
f3d80aeb15
| Author | SHA1 | Date | |
|---|---|---|---|
f3d80aeb15
|
|||
|
1547ca68f6
|
|||
|
034e778db3
|
|||
|
1bfc6c1d97
|
|||
|
4103416774
|
|||
|
cbfa9b4c40
|
|||
|
503ce4eb8f
|
@ -179,7 +179,7 @@ $ file: eza -1
|
||||
watch -d -c -n 0.5 nvidia-smi
|
||||
|
||||
; ===========================
|
||||
; GPG
|
||||
; SECRETS
|
||||
; ===========================
|
||||
|
||||
% gpg
|
||||
@ -202,11 +202,11 @@ $ mode: echo -e "--export \tExport public key\n--export-secret-keys\t
|
||||
|
||||
% sops
|
||||
# Edit secrets.yaml
|
||||
sops --config ~/NixFlake/system/modules/sops/sops.yaml ~/NixFlake/system/modules/sops/secrets.yaml
|
||||
sops ~/NixFlake/system/modules/sops-nix/secrets.yaml
|
||||
|
||||
% sops
|
||||
# Rekey secrets.yaml
|
||||
sops --config ~/NixFlake/system/modules/sops/sops.yaml updatekeys ~/NixFlake/system/modules/sops/secrets.yaml
|
||||
sops updatekeys ~/NixFlake/system/modules/sops-nix/secrets.yaml
|
||||
|
||||
% ssh
|
||||
# Generate a new SSH key
|
||||
@ -222,6 +222,10 @@ age-keygen -o <file>
|
||||
age-keygen -y <key>
|
||||
$ key: eza -f -1
|
||||
|
||||
% mkpasswd
|
||||
# Print the hash of a password
|
||||
echo "<password>" | mkpasswd -s
|
||||
|
||||
; ===========================
|
||||
; CODE
|
||||
; ===========================
|
||||
|
||||
@ -89,7 +89,6 @@
|
||||
"$mainMod, E" = ["exec, kitty"];
|
||||
"$mainMod, N" = ["exec, neovide"];
|
||||
"$mainMod, R" = ["exec, kitty --class=rmpc --title=Rmpc rmpc"];
|
||||
"$mainMod, F" = ["exec, firefox"];
|
||||
"$mainMod CTRL, N" = ["exec, kitty --class=navi --title=Navi navi"];
|
||||
"$mainMod SHIFT, N" = ["exec, neovide ${config.paths.dotfiles}/navi/christoph.cheat"];
|
||||
"$mainMod SHIFT, F" = ["exec, neovide ${config.paths.dotfiles}/flake.nix"];
|
||||
|
||||
@ -96,6 +96,10 @@ with mylib.networking; {
|
||||
sops-nix.secrets.${username} = [
|
||||
"docker-password"
|
||||
];
|
||||
|
||||
sops-nix.bootSecrets.${username} = [
|
||||
"user-password"
|
||||
];
|
||||
};
|
||||
|
||||
# Enable flakes
|
||||
@ -105,7 +109,7 @@ with mylib.networking; {
|
||||
experimental-features = nix-command flakes
|
||||
'';
|
||||
|
||||
settings.trusted-users = ["root" "christoph"];
|
||||
settings.trusted-users = ["root" "${username}"];
|
||||
|
||||
# Auto garbage-collect and optimize store
|
||||
# gc.automatic = true; # NOTE: Disabled for "nh clean"
|
||||
@ -144,7 +148,7 @@ with mylib.networking; {
|
||||
sudo.enable = true;
|
||||
sudo.extraRules = [
|
||||
{
|
||||
users = ["christoph"];
|
||||
users = ["${username}"];
|
||||
commands = [
|
||||
# We allow running flatpak without password
|
||||
# so flatpaks can be installed from the hm config
|
||||
@ -199,9 +203,10 @@ with mylib.networking; {
|
||||
# Configure console keymap
|
||||
console.keyMap = "us-acentos";
|
||||
|
||||
# Define a user account. Don't forget to set a password with ‘passwd’.
|
||||
users.users.christoph = {
|
||||
# Define a user account. Password is set from sops-nix secrets automatically.
|
||||
users.users.${username} = {
|
||||
isNormalUser = true;
|
||||
hashedPasswordFile = config.sops.secrets.user-password.path;
|
||||
description = "Christoph";
|
||||
extraGroups = [
|
||||
"networkmanager"
|
||||
@ -224,14 +229,6 @@ with mylib.networking; {
|
||||
# packages = with pkgs; [];
|
||||
};
|
||||
|
||||
# Generate a list of installed system packages in /etc/current-system-packages
|
||||
environment.etc."current-system-packages".text = let
|
||||
packages = builtins.map (p: "${p.name}") config.environment.systemPackages;
|
||||
sortedUnique = builtins.sort builtins.lessThan (lib.unique packages);
|
||||
formatted = builtins.concatStringsSep "\n" sortedUnique;
|
||||
in
|
||||
formatted;
|
||||
|
||||
# We want these packages to be available even when no user profile is active
|
||||
# Empty since we basically only need git + editor which is enabled below
|
||||
environment.systemPackages = with pkgs; [
|
||||
@ -285,7 +282,7 @@ with mylib.networking; {
|
||||
enable = true;
|
||||
clean.enable = true;
|
||||
clean.extraArgs = "--keep 3";
|
||||
flake = "/home/christoph/NixFlake";
|
||||
flake = "/home/${username}/NixFlake";
|
||||
};
|
||||
|
||||
ssh.startAgent = true; # Use gnupg
|
||||
|
||||
@ -14,9 +14,14 @@ in {
|
||||
environment.systemPackages = with pkgs; [
|
||||
sops
|
||||
age
|
||||
ssh-to-age
|
||||
# ssh-to-age
|
||||
];
|
||||
|
||||
environment.variables = {
|
||||
# Set this environment variable to make "sops edit secrets.yaml" work
|
||||
SOPS_AGE_KEY_FILE = config.sops.age.keyFile;
|
||||
};
|
||||
|
||||
sops = {
|
||||
defaultSopsFile = ./secrets.yaml;
|
||||
|
||||
@ -27,11 +32,33 @@ in {
|
||||
};
|
||||
|
||||
secrets = let
|
||||
mkSecret = name: {${name} = {};};
|
||||
mkSecret = name: {
|
||||
${name} = {
|
||||
owner = config.users.users.${username}.name;
|
||||
group = config.users.users.${username}.group;
|
||||
};
|
||||
};
|
||||
|
||||
mkBootSecret = name: {
|
||||
${name} = {
|
||||
# Make these secrets available before creating users.
|
||||
# This means we can't set the owner or group.
|
||||
neededForUsers = true;
|
||||
};
|
||||
};
|
||||
in
|
||||
lib.mkMerge [
|
||||
(
|
||||
if (builtins.hasAttr "${username}" sops-nix.secrets)
|
||||
then lib.mergeAttrsList (builtins.map mkSecret sops-nix.secrets.${username})
|
||||
else {};
|
||||
else {}
|
||||
)
|
||||
(
|
||||
if (builtins.hasAttr "${username}" sops-nix.bootSecrets)
|
||||
then lib.mergeAttrsList (builtins.map mkBootSecret sops-nix.bootSecrets.${username})
|
||||
else {}
|
||||
)
|
||||
];
|
||||
};
|
||||
};
|
||||
}
|
||||
|
||||
@ -13,4 +13,15 @@
|
||||
'';
|
||||
default = [];
|
||||
};
|
||||
|
||||
bootSecrets = lib.mkOption {
|
||||
type = lib.types.attrsOf (lib.types.listOf lib.types.str);
|
||||
description = "The secrets to expose on this host earlier in the boot process";
|
||||
example = ''
|
||||
christoph = [
|
||||
"user-password"
|
||||
];
|
||||
'';
|
||||
default = [];
|
||||
};
|
||||
}
|
||||
|
||||
@ -1,4 +1,5 @@
|
||||
#ENC[AES256_GCM,data:mZKPbrWtgyRvOg==,iv:vLyN3JkWWrWS+0pndTuom8cNVfpb8SUC4dA6m7utXoE=,tag:YAy2gPot6KFS9/VLVAoSxw==,type:comment]
|
||||
user-password: ENC[AES256_GCM,data:okgvaTTesCDwriI8PxhNdHZF8XgzB4yxapuFl2/CK8x4WNYxGFjuZqGKcu7pqfnBofNcF2ByuM+HLH9FKxpK0dMCoHD/laR1IA==,iv:ltExELuM7g7ydSAMj8ioF9Nb7N4xe5enhDQrVJ+k2jQ=,tag:AV165m5yKnX+uJnMyC3mxA==,type:str]
|
||||
docker-password: ENC[AES256_GCM,data:mK5YWEQPKWBtVCgRBZvwWTdVAi8MEGbLnLeP7hfDkcc=,iv:Az8+eAK6R6xssmmbhuEsDbLU+ks8lS+qzc4L33WfefA=,tag:NSXvRhbIuRZZqRR28Tu0PQ==,type:str]
|
||||
#ENC[AES256_GCM,data:Raagjz1qPvXC,iv:OSWTKaIlmo1paU2ZZn20XMeZ2gdM52pHmVZ3m2ngCdI=,tag:bPCdvjOFjpxxkrwA7Mhl5Q==,type:comment]
|
||||
heidi-discord-token: ENC[AES256_GCM,data:FYvfUn8tG7glqIomSDj9rGyNQjnHSCsD/C3Kk/JR1vm/xkrxzXwP3rpyxAzqRQ7vd+zFBf2BJfV/zMk=,iv:b+aKcu98rxslEGSYf6t/jGwPfS256WQ3B/iuQ4Qeykk=,tag:e48Q0BraIvItyD2WBfbYEA==,type:str]
|
||||
@ -16,7 +17,7 @@ sops:
|
||||
SURMTmh1TGIrRmtENzc0Sk4rNFJNUE0KOpjN6jkEHO+lvdWdp4P++r9SNSPWaT0h
|
||||
FAbbvZZ/EdIk/njLEcayFN7B4ftTcD/f4XJZiyosilZnIkk76bMOHA==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2025-07-09T15:56:25Z"
|
||||
mac: ENC[AES256_GCM,data:76VzAkSWhHHWNRio9rCYJbIeo8W9RZnOstPGaV0A2O8q+yVjAI0wL+ZpWHzoxtSbjMwa8WoR+f6FnLVVZOoP3iGok1ZpQDO2fb/ppsMeO6Znksm5qSDH5mSWz8sHACZNBx1HmXAUX7d8eyXOnSYWvOcxzsqN8I84LABg12yyNTw=,iv:MVASQtOnl3Nas1TnExzG95Q++Yw6sfTLJcRzqAztQMw=,tag:nEgB1Ckbjo3PCOarU35EpQ==,type:str]
|
||||
lastmodified: "2025-07-09T16:29:31Z"
|
||||
mac: ENC[AES256_GCM,data:WHl/LuFVGoryGC43WTj+THfk17ZXxkTwzcGiPLy/JF8phf1euAPcmXrCT6/HbYOJGShiklUn9irIX/8mxG7rJxBc5v8eqQ8+H3R/AC5/SGSHSawMAYN20sKCxMEtl0KRoN2pVZiCgXJIQUa3++waakWLgDBcrFsPGGzpQhCW0as=,iv:N6kBDh5FGsxlqwOfgeokxrnm0mA1AZ+DZpOXoirFHuw=,tag:HLCpUIlScFoq+MX22QseSw==,type:str]
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.10.2
|
||||
|
||||
@ -14,7 +14,7 @@
|
||||
|
||||
# DockerHub Credentials
|
||||
username = "christoph.urlacher@protonmail.com";
|
||||
passwordFile = "${config.age.secrets.dockerhub-pasword.path}";
|
||||
passwordFile = "${config.sops.secrets.docker-pasword.path}";
|
||||
};
|
||||
|
||||
dependsOn = [];
|
||||
@ -31,9 +31,18 @@
|
||||
# NVIDIA_DRIVER_CAPABILITIES = "all";
|
||||
};
|
||||
|
||||
# If we need to pass secrets to containers we can't use plain env variables.
|
||||
sops.templates."TEMPLATE_secrets.env".content = ''
|
||||
SECRET=${config.sops.placeholder.SECRET}
|
||||
'';
|
||||
|
||||
environmentFiles = [
|
||||
config.sops.templates."TEMPLATE_secrets.env".path
|
||||
];
|
||||
|
||||
extraOptions = [
|
||||
# "--gpus=all"
|
||||
"--net=behind-nginx"
|
||||
# "--gpus=all"
|
||||
];
|
||||
};
|
||||
}
|
||||
|
||||
@ -14,7 +14,7 @@
|
||||
|
||||
# DockerHub Credentials
|
||||
username = "christoph.urlacher@protonmail.com";
|
||||
passwordFile = "${config.age.secrets.dockerhub-pasword.path}";
|
||||
passwordFile = "${config.sops.secrets.docker-pasword.path}";
|
||||
};
|
||||
|
||||
dependsOn = [];
|
||||
|
||||
@ -14,7 +14,7 @@
|
||||
|
||||
# DockerHub Credentials
|
||||
username = "christoph.urlacher@protonmail.com";
|
||||
passwordFile = "${config.age.secrets.dockerhub-pasword.path}";
|
||||
passwordFile = "${config.sops.secrets.docker-pasword.path}";
|
||||
};
|
||||
|
||||
dependsOn = [
|
||||
|
||||
@ -8,15 +8,6 @@
|
||||
image = "gitea.vps.chriphost.de/christoph/formula10:latest";
|
||||
autoStart = true;
|
||||
|
||||
# login = {
|
||||
# # Uses DockerHub by default
|
||||
# # registry = "";
|
||||
#
|
||||
# # DockerHub Credentials
|
||||
# username = "christoph.urlacher@protonmail.com";
|
||||
# passwordFile = "${config.age.secrets.dockerhub-pasword.path}";
|
||||
# };
|
||||
|
||||
dependsOn = [];
|
||||
|
||||
ports = [
|
||||
|
||||
@ -8,15 +8,6 @@
|
||||
image = "gitea.vps.chriphost.de/christoph/pocketbase:0.25.0";
|
||||
autoStart = true;
|
||||
|
||||
# login = {
|
||||
# # Uses DockerHub by default
|
||||
# # registry = "";
|
||||
#
|
||||
# # DockerHub Credentials
|
||||
# username = "christoph.urlacher@protonmail.com";
|
||||
# passwordFile = "${config.age.secrets.dockerhub-pasword.path}";
|
||||
# };
|
||||
|
||||
dependsOn = [
|
||||
# "pihole"
|
||||
];
|
||||
@ -41,15 +32,6 @@
|
||||
image = "gitea.vps.chriphost.de/christoph/formula11:latest";
|
||||
autoStart = true;
|
||||
|
||||
# login = {
|
||||
# # Uses DockerHub by default
|
||||
# # registry = "";
|
||||
#
|
||||
# # DockerHub Credentials
|
||||
# username = "christoph.urlacher@protonmail.com";
|
||||
# passwordFile = "${config.age.secrets.dockerhub-pasword.path}";
|
||||
# };
|
||||
|
||||
dependsOn = [
|
||||
"formula11_pocketbase"
|
||||
];
|
||||
|
||||
@ -14,7 +14,7 @@
|
||||
|
||||
# DockerHub Credentials
|
||||
username = "christoph.urlacher@protonmail.com";
|
||||
passwordFile = "${config.age.secrets.dockerhub-pasword.path}";
|
||||
passwordFile = "${config.sops.secrets.docker-pasword.path}";
|
||||
};
|
||||
|
||||
dependsOn = [];
|
||||
|
||||
@ -29,7 +29,7 @@
|
||||
|
||||
# DockerHub Credentials
|
||||
username = "christoph.urlacher@protonmail.com";
|
||||
passwordFile = "${config.age.secrets.dockerhub-pasword.path}";
|
||||
passwordFile = "${config.sops.secrets.docker-pasword.path}";
|
||||
};
|
||||
|
||||
dependsOn = [];
|
||||
@ -61,7 +61,7 @@
|
||||
|
||||
# DockerHub Credentials
|
||||
username = "christoph.urlacher@protonmail.com";
|
||||
passwordFile = "${config.age.secrets.dockerhub-pasword.path}";
|
||||
passwordFile = "${config.sops.secrets.docker-pasword.path}";
|
||||
};
|
||||
|
||||
dependsOn = [
|
||||
|
||||
@ -8,15 +8,6 @@
|
||||
image = "gitea.vps.chriphost.de/christoph/discord-heidi:latest";
|
||||
autoStart = true;
|
||||
|
||||
# login = {
|
||||
# # Uses DockerHub by default
|
||||
# # registry = "";
|
||||
#
|
||||
# # DockerHub Credentials
|
||||
# username = "christoph.urlacher@protonmail.com";
|
||||
# passwordFile = "${config.age.secrets.dockerhub-pasword.path}";
|
||||
# };
|
||||
|
||||
dependsOn = [];
|
||||
|
||||
ports = [];
|
||||
@ -28,12 +19,18 @@
|
||||
];
|
||||
|
||||
environment = {
|
||||
# TODO: I can't do this because readFile obviously doesn't
|
||||
# read at runtime but at buildtime, duh...
|
||||
DISCORD_TOKEN = builtins.readFile config.age.secrets.heidi-discord-token.path;
|
||||
DOCKER = "True";
|
||||
};
|
||||
|
||||
# If we need to pass secrets to containers we can't use plain env variables.
|
||||
sops.templates."heidi_secrets.env".content = ''
|
||||
DISCORD_TOKEN=${config.sops.placeholder.heidi-discord-token}
|
||||
'';
|
||||
|
||||
environmentFiles = [
|
||||
config.sops.templates."heidi_secrets.env".path
|
||||
];
|
||||
|
||||
extraOptions = [
|
||||
"--init" # Make an init process take up PID 1, to make python receive the SIGTERM
|
||||
"--net=behind-nginx"
|
||||
|
||||
@ -8,15 +8,6 @@
|
||||
image = "ghcr.io/immich-app/postgres:15-vectorchord0.3.0-pgvectors0.2.0";
|
||||
autoStart = true;
|
||||
|
||||
# login = {
|
||||
# # Uses DockerHub by default
|
||||
# # registry = "";
|
||||
#
|
||||
# # DockerHub Credentials
|
||||
# username = "christoph.urlacher@protonmail.com";
|
||||
# passwordFile = "${config.age.secrets.dockerhub-pasword.path}";
|
||||
# };
|
||||
|
||||
dependsOn = [];
|
||||
|
||||
ports = [
|
||||
@ -48,7 +39,7 @@
|
||||
|
||||
# DockerHub Credentials
|
||||
username = "christoph.urlacher@protonmail.com";
|
||||
passwordFile = "${config.age.secrets.dockerhub-pasword.path}";
|
||||
passwordFile = "${config.sops.secrets.docker-pasword.path}";
|
||||
};
|
||||
|
||||
dependsOn = [];
|
||||
@ -70,15 +61,6 @@
|
||||
image = "ghcr.io/imagegenius/immich:latest";
|
||||
autoStart = true;
|
||||
|
||||
# login = {
|
||||
# # Uses DockerHub by default
|
||||
# # registry = "";
|
||||
#
|
||||
# # DockerHub Credentials
|
||||
# username = "christoph.urlacher@protonmail.com";
|
||||
# passwordFile = "${config.age.secrets.dockerhub-pasword.path}";
|
||||
# };
|
||||
|
||||
dependsOn = [
|
||||
"immich-database"
|
||||
"immich-redis"
|
||||
|
||||
@ -14,7 +14,7 @@
|
||||
|
||||
# DockerHub Credentials
|
||||
username = "christoph.urlacher@protonmail.com";
|
||||
passwordFile = "${config.age.secrets.dockerhub-pasword.path}";
|
||||
passwordFile = "${config.sops.secrets.docker-pasword.path}";
|
||||
};
|
||||
|
||||
dependsOn = [
|
||||
|
||||
@ -14,7 +14,7 @@
|
||||
|
||||
# DockerHub Credentials
|
||||
username = "christoph.urlacher@protonmail.com";
|
||||
passwordFile = "${config.age.secrets.dockerhub-pasword.path}";
|
||||
passwordFile = "${config.sops.secrets.docker-pasword.path}";
|
||||
};
|
||||
|
||||
dependsOn = [];
|
||||
@ -65,9 +65,17 @@
|
||||
environment = {
|
||||
TZ = "Europe/Berlin";
|
||||
USER = "christoph";
|
||||
KOPIA_PASSWORD = builtins.readFile config.age.secrets.kopia-user-password.path;
|
||||
};
|
||||
|
||||
# If we need to pass secrets to containers we can't use plain env variables.
|
||||
sops.templates."kopia_secrets.env".content = ''
|
||||
KOPIA_PASSWORD=${config.sops.placeholder.kopia-user-password}
|
||||
'';
|
||||
|
||||
environmentFiles = [
|
||||
config.sops.templates."kopia_secrets.env".path
|
||||
];
|
||||
|
||||
entrypoint = "/bin/kopia";
|
||||
|
||||
cmd = [
|
||||
@ -76,8 +84,8 @@
|
||||
"--disable-csrf-token-checks"
|
||||
"--insecure"
|
||||
"--address=0.0.0.0:51515"
|
||||
"--server-username=${builtins.readFile config.age.secrets.kopia-server-username.path}"
|
||||
"--server-password=${builtins.readFile config.age.secrets.kopia-server-password.path}"
|
||||
"--server-username=$(cat ${config.sops.secrets.kopia-server-username.path})"
|
||||
"--server-password=$(cat ${config.sops.secrets.kopia-server-password.path})"
|
||||
];
|
||||
|
||||
extraOptions = [
|
||||
|
||||
@ -36,7 +36,7 @@
|
||||
|
||||
# DockerHub Credentials
|
||||
username = "christoph.urlacher@protonmail.com";
|
||||
passwordFile = "${config.age.secrets.dockerhub-pasword.path}";
|
||||
passwordFile = "${config.sops.secrets.docker-pasword.path}";
|
||||
};
|
||||
|
||||
dependsOn = [];
|
||||
@ -70,7 +70,7 @@
|
||||
|
||||
# DockerHub Credentials
|
||||
username = "christoph.urlacher@protonmail.com";
|
||||
passwordFile = "${config.age.secrets.dockerhub-pasword.path}";
|
||||
passwordFile = "${config.sops.secrets.docker-pasword.path}";
|
||||
};
|
||||
|
||||
dependsOn = [];
|
||||
@ -100,7 +100,7 @@
|
||||
|
||||
# DockerHub Credentials
|
||||
username = "christoph.urlacher@protonmail.com";
|
||||
passwordFile = "${config.age.secrets.dockerhub-pasword.path}";
|
||||
passwordFile = "${config.sops.secrets.docker-pasword.path}";
|
||||
};
|
||||
|
||||
dependsOn = [
|
||||
|
||||
@ -14,7 +14,7 @@
|
||||
|
||||
# DockerHub Credentials
|
||||
username = "christoph.urlacher@protonmail.com";
|
||||
passwordFile = "${config.age.secrets.dockerhub-pasword.path}";
|
||||
passwordFile = "${config.sops.secrets.docker-pasword.path}";
|
||||
};
|
||||
|
||||
dependsOn = [
|
||||
|
||||
@ -14,7 +14,7 @@
|
||||
|
||||
# DockerHub Credentials
|
||||
username = "christoph.urlacher@protonmail.com";
|
||||
passwordFile = "${config.age.secrets.dockerhub-pasword.path}";
|
||||
passwordFile = "${config.sops.secrets.docker-pasword.path}";
|
||||
};
|
||||
|
||||
dependsOn = [];
|
||||
@ -42,7 +42,7 @@
|
||||
|
||||
# DockerHub Credentials
|
||||
username = "christoph.urlacher@protonmail.com";
|
||||
passwordFile = "${config.age.secrets.dockerhub-pasword.path}";
|
||||
passwordFile = "${config.sops.secrets.docker-pasword.path}";
|
||||
};
|
||||
|
||||
dependsOn = [];
|
||||
@ -68,15 +68,6 @@
|
||||
image = "ghcr.io/paperless-ngx/paperless-ngx:latest";
|
||||
autoStart = true;
|
||||
|
||||
# login = {
|
||||
# # Uses DockerHub by default
|
||||
# # registry = "";
|
||||
#
|
||||
# # DockerHub Credentials
|
||||
# username = "christoph.urlacher@protonmail.com";
|
||||
# passwordFile = "${config.age.secrets.dockerhub-pasword.path}";
|
||||
# };
|
||||
|
||||
dependsOn = [
|
||||
"paperless-redis"
|
||||
"paperless-postgres"
|
||||
|
||||
@ -38,7 +38,7 @@
|
||||
|
||||
# DockerHub Credentials
|
||||
username = "christoph.urlacher@protonmail.com";
|
||||
passwordFile = "${config.age.secrets.dockerhub-pasword.path}";
|
||||
passwordFile = "${config.sops.secrets.docker-pasword.path}";
|
||||
};
|
||||
|
||||
dependsOn = [];
|
||||
|
||||
@ -14,7 +14,7 @@
|
||||
|
||||
# DockerHub Credentials
|
||||
username = "christoph.urlacher@protonmail.com";
|
||||
passwordFile = "${config.age.secrets.dockerhub-pasword.path}";
|
||||
passwordFile = "${config.sops.secrets.docker-pasword.path}";
|
||||
};
|
||||
|
||||
dependsOn = [
|
||||
|
||||
Reference in New Issue
Block a user