.sops.yaml

@@ -1,10 +0,0 @@
-keys:
-  - &admin_gaspard age1rgu2e75kt4uztr43y6wj70uz2sj3tr9lz58y4h6rk37alq2vwa5q9v35dr
-  - &server_ovh age1th4zyxdg3y5sdza9v3zlezzru7wyqwvk5y0t7jdv97ej3gd6d5hs5mg7cr
-creation_rules:
-  - path_regex: secrets/[^/]+\.(yaml|json|env|ini)$
-    key_groups:
-    - pgp:
-      age:
-      - *admin_gaspard
-      - *server_ovh

flake.lock

@@ -364,22 +364,6 @@
         "type": "github"
       }
     },
-    "nixpkgs-stable": {
-      "locked": {
-        "lastModified": 1725762081,
-        "narHash": "sha256-vNv+aJUW5/YurRy1ocfvs4q/48yVESwlC/yHzjkZSP8=",
-        "owner": "NixOS",
-        "repo": "nixpkgs",
-        "rev": "dc454045f5b5d814e5862a6d057e7bb5c29edc05",
-        "type": "github"
-      },
-      "original": {
-        "owner": "NixOS",
-        "ref": "release-24.05",
-        "repo": "nixpkgs",
-        "type": "github"
-      }
-    },
     "nixpkgs_2": {
       "locked": {
         "lastModified": 1726243404,
@@ -408,29 +392,7 @@
           "hy3",
           "hyprland"
         ],
-        "nixpkgs": "nixpkgs_2",
-        "sops-nix": "sops-nix"
-      }
-    },
-    "sops-nix": {
-      "inputs": {
-        "nixpkgs": [
-          "nixpkgs"
-        ],
-        "nixpkgs-stable": "nixpkgs-stable"
-      },
-      "locked": {
-        "lastModified": 1726524647,
-        "narHash": "sha256-qis6BtOOBBEAfUl7FMHqqTwRLB61OL5OFzIsOmRz2J4=",
-        "owner": "Mic92",
-        "repo": "sops-nix",
-        "rev": "e2d404a7ea599a013189aa42947f66cede0645c8",
-        "type": "github"
-      },
-      "original": {
-        "owner": "Mic92",
-        "repo": "sops-nix",
-        "type": "github"
+        "nixpkgs": "nixpkgs_2"
       }
     },
     "systems": {

flake.nix

@@ -23,11 +23,6 @@
       inputs.nixpkgs.follows = "nixpkgs";
     };
 
-    sops-nix = {
-      url = "github:Mic92/sops-nix";
-      inputs.nixpkgs.follows = "nixpkgs";
-    };
-
     # Hyprland
     hyprland = {
       url = "git+https://github.com/hyprwm/Hyprland?submodules=1";
@@ -48,7 +43,6 @@
     nixpkgs,
     disko,
     deploy-rs,
-    sops-nix,
     home-manager,
     ...
   } @ inputs: let
@@ -70,7 +64,6 @@
         modules = [
           ./hosts/OVHCloud
           disko.nixosModules.disko
-          sops-nix.nixosModules.sops
           home-manager.nixosModules.home-manager
         ];
       };

hosts/OVHCloud/default.nix

@@ -9,7 +9,6 @@
 
   imports = [
     ./hardware-configuration.nix
-    ./sops.nix
   ];
 
   # Nix

hosts/OVHCloud/sops.nix

@@ -1,23 +0,0 @@
-{config, ...}: {
-  # This will add secrets.yml to the nix store
-  # You can avoid this by adding a string to the full path instead, i.e.
-  # sops.defaultSopsFile = "/root/.sops/secrets/example.yaml";
-  sops.defaultSopsFile = ../../secrets/OVHCloud.yaml;
-  # This will automatically import SSH keys as age keys
-  sops.age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
-
-  sops.secrets."caddy/ovh_endpoint".owner = "caddy";
-  sops.secrets."caddy/ovh_application_key".owner = "caddy";
-  sops.secrets."caddy/ovh_application_secret".owner = "caddy";
-  sops.secrets."caddy/ovh_consumer_key".owner = "caddy";
-
-  sops.templates."caddy.env" = {
-    content = ''
-      OVH_ENDPOINT=${config.sops.placeholder."caddy/ovh_endpoint"}
-      OVH_APPLICATION_KEY=${config.sops.placeholder."caddy/ovh_application_key"}
-      OVH_APPLICATION_SECRET=${config.sops.placeholder."caddy/ovh_application_secret"}
-      OVH_CONSUMER_KEY=${config.sops.placeholder."caddy/ovh_consumer_key"}
-    '';
-    owner = "caddy";
-  };
-}

secrets/OVHCloud.yaml

@@ -1,34 +0,0 @@
-caddy:
-    ovh_endpoint: ENC[AES256_GCM,data:VkchYxz0QK8=,iv:NufvzW2DCt2HE9rr3knzEP5urUtY+lhjNbVgy+NXSz4=,tag:EWwNRkx5VSuB4pgJ+JmBXQ==,type:str]
-    ovh_application_key: ENC[AES256_GCM,data:jq4=,iv:0Q+ZWrimJdbjqFeOD7cLjB6QeCAcfbp0FU/xC06uSto=,tag:n7jhp8xAQ73bmdNXPXx+jA==,type:str]
-    ovh_application_secret: ENC[AES256_GCM,data:9YAF6xVN,iv:Rb/Bv33N4Gyxu4XNrDz5VuLT+aTojT3WoVJf+gyxDBk=,tag:nXWQRjfORJV6/CqFQpGmxQ==,type:str]
-    ovh_consumer_key: ENC[AES256_GCM,data:lwP6/kHp,iv:oNs4QuCqOSrawXGdEG5QO2ATTKqjg1x6C1SzRbgWm2E=,tag:piTViTsKIsp+SJ+P7a8znA==,type:str]
-sops:
-    kms: []
-    gcp_kms: []
-    azure_kv: []
-    hc_vault: []
-    age:
-        - recipient: age1rgu2e75kt4uztr43y6wj70uz2sj3tr9lz58y4h6rk37alq2vwa5q9v35dr
-          enc: |
-            -----BEGIN AGE ENCRYPTED FILE-----
-            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBqckxiTmx3Rm12ZFJ2ZXBn
-            VVdOeCtWeE5xZGExOE4wTFliOGlqWWpWSFNBCmFSWS9MQmt1TWg4VFJzZmNpdStv
-            dThvSFlPSjk0dHZGTlEraldHSklDUkkKLS0tIFVjbFliTFZjUlkrejR2RnAwVTRU
-            U0NEaEpLREVNMUlxUFNIbTVKaUpoc1EKRC6skQPEMA4odk3yD66bqPa/2rvLGztx
-            FTwwdJuE1CXaErwtt7wOfMsb3c9HhpT2R+c76woP20+VsMJdrwdeHg==
-            -----END AGE ENCRYPTED FILE-----
-        - recipient: age1th4zyxdg3y5sdza9v3zlezzru7wyqwvk5y0t7jdv97ej3gd6d5hs5mg7cr
-          enc: |
-            -----BEGIN AGE ENCRYPTED FILE-----
-            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSLy8yZlBuUU5QRXptZmZQ
-            UzlLUmxSblpFVCtFdE4vWmUreThhT090aEFrCkV6b2FaVy83QnBTZTVrcWE2RGNE
-            VldUZVkveUl5bnFLZzRBR0JCWGhseEUKLS0tIDNZeGczT1BxV21VcnFmSkN0V09P
-            MFpMemF4MGg1bmVUeWV5N25LTUtyczQKss0x4zT1kyeRu+qenhrdbcPlU/p+yjVN
-            y3j4eGpnwgc2rxSL9vkrrkzx/atUqUkgGU/YstszUrP6XKbJ+9ydpQ==
-            -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2024-09-26T13:50:20Z"
-    mac: ENC[AES256_GCM,data:swF5s4D2zyO1sRxoZnYQ5oNx9psl5YjW0afuozdqODObUvkVfHo5IClRZ3EOMsly5Hvr5If04TBVf2/qTQv7SVVr1jUpyVnirgY6l8SH/Fvp2JWYdgUYRUR9wdzTDfqmYwf+vIxP2o7kPKpVg4Ek0ipewIf/3XHfiFfKmDCea5c=,iv:VKsbK9gfdj68Xr44v2oL4YoljRfyyF+53s2bdyedPwA=,tag:8hQ8pHctHJa0Jbgk0ZChGg==,type:str]
-    pgp: []
-    unencrypted_suffix: _unencrypted
-    version: 3.9.0