refactor: replace sops-nix with 1Password CLI for secrets management
This commit is contained in:
@@ -5,7 +5,6 @@
|
||||
./base.nix
|
||||
./docker.nix
|
||||
./locale.nix
|
||||
./secrets.nix
|
||||
];
|
||||
|
||||
# ── Default shell ──────────────────────────────────
|
||||
|
||||
@@ -1,28 +0,0 @@
|
||||
{ username, ... }:
|
||||
|
||||
{
|
||||
# ── sops (system-level) ─────────────────────────────
|
||||
# Use NixOS module instead of home-manager module to avoid
|
||||
# systemd user service issues on WSL.
|
||||
# Secrets are placed in /run/secrets/<name>.
|
||||
sops = {
|
||||
age.sshKeyPaths = [ "/home/${username}/.ssh/id_ed25519" ];
|
||||
defaultSopsFile = ../../secrets/secrets.yaml;
|
||||
defaultSopsFormat = "yaml";
|
||||
|
||||
secrets = {
|
||||
ai_gateway_base_url = {
|
||||
owner = username;
|
||||
};
|
||||
ai_gateway_api_key = {
|
||||
owner = username;
|
||||
};
|
||||
exa_api_key = {
|
||||
owner = username;
|
||||
};
|
||||
context7_api_key = {
|
||||
owner = username;
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
Reference in New Issue
Block a user