From 31adf4f3a6011321f5ae24f11d5a5e24eaa9f3dd Mon Sep 17 00:00:00 2001 From: Kalle Struik Date: Thu, 26 Dec 2024 20:22:43 +0100 Subject: [PATCH] Did this work? --- roles/traefik.nix | 18 +++++++++--------- utils.nix | 1 + 2 files changed, 10 insertions(+), 9 deletions(-) diff --git a/roles/traefik.nix b/roles/traefik.nix index cfbf8fe..9fda20f 100644 --- a/roles/traefik.nix +++ b/roles/traefik.nix @@ -37,26 +37,26 @@ in { sops.secrets = { - "traefik.acmeEmail" = { + "traefik/acmeEmail" = { owner = "traefik"; - format = "dotenv"; + # format = "dotenv"; }; - "traefik.CLOUDFLARE_EMAIL" = { + "traefik/CLOUDFLARE_EMAIL" = { owner = "traefik"; - format = "dotenv"; + # format = "dotenv"; }; - "traefik.CLOUDFLARE_DNS_API_TOKEN" = { + "traefik/CLOUDFLARE_DNS_API_TOKEN" = { owner = "traefik"; - format = "dotenv"; + # format = "dotenv"; }; }; services.traefik = { enable = true; environmentFiles = [ - config.sops.secrets."traefik.acmeEmail".path - config.sops.secrets."traefik.CLOUDFLARE_EMAIL".path - config.sops.secrets."traefik.CLOUDFLARE_DNS_API_TOKEN".path + config.sops.secrets."traefik/acmeEmail".path + config.sops.secrets."traefik/CLOUDFLARE_EMAIL".path + config.sops.secrets."traefik/CLOUDFLARE_DNS_API_TOKEN".path ]; staticConfigOptions = { diff --git a/utils.nix b/utils.nix index 02bcbd3..ca01167 100644 --- a/utils.nix +++ b/utils.nix @@ -26,6 +26,7 @@ { ... }: { sops.defaultSopsFile = ./secrets + "/${hostConfig.hostname}.yaml"; + sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; # Disable automatic pgp key generation based on ssh keys sops.gnupg.sshKeyPaths = [ ];