secrets: encrypt hashed password with sops-nix

This commit is contained in:
Guanran Wang 2023-10-02 11:12:25 +08:00
parent 66fe5fc189
commit 923893ac82
Signed by: nyancat
SSH key fingerprint: SHA256:8oWGKciPALWut/6WA27oFKofX+6Wtc0gQnsefXLQx/8
2 changed files with 6 additions and 7 deletions

View file

@ -5,8 +5,7 @@
isNormalUser = true; isNormalUser = true;
description = "Guanran Wang"; description = "Guanran Wang";
extraGroups = [ "wheel" "networkmanager" "tss" ]; # tss = access to tpm devices extraGroups = [ "wheel" "networkmanager" "tss" ]; # tss = access to tpm devices
#passwordFile = config.sops.secrets."user-password-guanranwang".path; hashedPasswordFile = config.sops.secrets."hashed-passwd".path;
hashedPassword = "$y$j9T$D7kBBBGwxw1XmPApAHIsx/$hcB64v3/kvPB7nIM9wXFiaSSBfhSp9k/JQ4R9G3guk6";
shell = pkgs.fish; shell = pkgs.fish;
packages = []; packages = [];
}; };
@ -26,7 +25,7 @@
restartUnits = [ "clash-meta.service" ]; restartUnits = [ "clash-meta.service" ];
path = "/etc/clash-meta/config.yaml"; path = "/etc/clash-meta/config.yaml";
}; };
"user-password-guanranwang".neededForUsers = true; "hashed-passwd".neededForUsers = true;
}; };
}; };
} }

File diff suppressed because one or more lines are too long