auto commit on build

.sops.yaml secrets.yaml auto commit on build hosts/blob/hardware-configuration.nix
2025-12-01 20:55:49 -05:00 · 2025-12-01 20:55:49 -05:00 · a58e66c747
commit a58e66c747
parent 693a1514be
3 changed files with 51 additions and 16 deletions
--- a/.sops.yaml
+++ b/.sops.yaml
@ -11,6 +11,7 @@ keys:
  - &hosts:
    - &dev-vm age1rjtqzmywfr3zuzz0cn8eqnwp3x8ypzya9gcv6kvtplhudar5eayqq83ey4
    - &crayon age1pnu4tkdxfcnefntdw262k4m8wuv3qe2894s4e6w5j8yshg8vlu6q9uq5tv
    - &blob age1kardawqarv498rwayadsmnlx62kvjgduvhhg3drx39xacn9u3ajq5d0qra
    # new-host marker
 creation_rules:
  - path_regex: secrets.yaml$
@ -19,4 +20,5 @@ creation_rules:
        - *dev
        - *dev-vm
        - *crayon
        - *blob
        # new-host ptr marker
--- a/hosts/blob/hardware-configuration.nix
+++ b/hosts/blob/hardware-configuration.nix
@ -1 +1,25 @@
-throw "not generated yet"
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
 # and may be overwritten by future invocations.  Please make changes
 # to /etc/nixos/configuration.nix instead.
 { config, lib, pkgs, modulesPath, ... }:
 {
  imports =
    [ (modulesPath + "/installer/scan/not-detected.nix")
    ];
  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
  boot.initrd.kernelModules = [ ];
  boot.kernelModules = [ ];
  boot.extraModulePackages = [ ];
  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
  # (the default) this is the recommended approach. When using systemd-networkd it's
  # still possible to use this option, but it's recommended to use it in conjunction
  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
  networking.useDHCP = lib.mkDefault true;
  # networking.interfaces.eno1.useDHCP = lib.mkDefault true;
  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
 }
--- a/secrets.yaml
+++ b/secrets.yaml
@ -15,29 +15,38 @@ sops:
        - recipient: age14d55nfxlzm8t2yzplxpprygxmt99javafz9a8dh5llu87aww4qlswf6g0c
          enc: |
            -----BEGIN AGE ENCRYPTED FILE-----
-            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvOWlGajE0Q0FQclZUdUJ2
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBaZVRGTEpIWW1qRWhPOTR5
-            RjNUcVBuckZpT1FrbzJaaFcyNXgrTklub0V3ClNIZHpyWVlmVUExK0phNlRIOCtl
+            STdwVzZzeU1QS2l0TlN2NFNLY1VNZjVCdEhFCmxhejBDSjF5Vk1UQjdEYmpRRFRw
-            ajhPR1M1eERIclhiWEpRelFQRi94em8KLS0tIG1wdVlmbis3OXcxOXRBbFp6b0Nw
+            allpajVzcUFpc1h0TVBlUFdaUERPZ3cKLS0tIHc3S0FRbkgwc3BwYUYrWGUrUjZX
-            QzEyaWIrdVlpcHRHSmpZQkhjN2U3OGcKXRTscSq9D73awM2CLbst8KHPXs3WFXBy
+            QjBLcFY5NnFBZXBJenFYUS8yMXBML0EKkuoDfnc0MnZ0bRQ4Op8GnxC0Mpld9nRE
-            rM8W40zgn6wDPjy2XxB54qZg9hnsBGdAtNnY5PInjMJ5F17lgSdXaw==
+            5tn6why12mT65jDHuaU3+bX2Rg5+NU90KpdA3S88M4tiCD3WSo70eg==
            -----END AGE ENCRYPTED FILE-----
        - recipient: age1rjtqzmywfr3zuzz0cn8eqnwp3x8ypzya9gcv6kvtplhudar5eayqq83ey4
          enc: |
            -----BEGIN AGE ENCRYPTED FILE-----
-            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtaVFIaWllNU0xR0ZHQWtZ
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAyVEx6VzRNOFBickVjcGFj
-            T2tsK0dkQVlTL0N6Z0UvYlRKallXeTFVbDJNCis4UWtSZ0tCZHp2aXBDaDFTeUJu
+            UkpGNUpTeTVVUVRGRHJrRTI3UzhrRjIvcXdrCkFSWGE4YS91dEpJbFZEcFNGUmdP
-            TWFPdlRJUFRCb3E1UWdmUUhGOU5BS0kKLS0tIEFEWVBzNUxDTzhCSndKZ0JxSFlo
+            UFJDc0hpTEVvaHZjY2k3Vk5jdTk4NjgKLS0tIDFpU0srRzBMTDFPVGVVblpEMTZk
-            K2ZVekRCeXVtL0FhbmpYc0dEQmo2NjAKKSg1/XSIAoVMHsnkMJHSGTzmX8eQYp77
+            SEtxQnN6T2lNbkRGWmUwSFdMVUw0dlEKKYe2xCYLQ8Q21p6f3NIIwRMrQHTicSp3
-            hGjx4T26UxwTK8KJ8KKPFI5KWiIHzP/HHTeiJb4IhJ5G+z/npttZIA==
+            BSIG0SmRGcSrzPlg8agUi4aWQ7du9EECXanQSu98sGhCWkIc/QHWnQ==
            -----END AGE ENCRYPTED FILE-----
        - recipient: age1pnu4tkdxfcnefntdw262k4m8wuv3qe2894s4e6w5j8yshg8vlu6q9uq5tv
          enc: |
            -----BEGIN AGE ENCRYPTED FILE-----
-            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBlV1J2bjl2K21WUlpyLzQw
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvaVZxYTFMZDFCYnVTYWM4
-            amNRajFuNEFOOTJUdUFmdzBzK29hbFhnL2dRCml4OVZoS1llSVRoa216aWlvR0R3
+            QS9Oa1dLa3dVNzArZ0hkKy8yR1Z3UVpRQzJVClo5dzU3dythWGU0NkoySUpYRUQv
-            cjgyS0pibnQ2SHBBcVlZeXo1MmVNV0UKLS0tIEh3bGt3WnVqYlVwSlI5SUJheU9z
+            MTlQYmJSVG5RNWkzWnlEaDh0YjFxL3MKLS0tIDdySlB3cGxoM09BZWdhN3RwNGtZ
-            MVIyWFFmVXR3SkN4dmdJUzZEOE1nRzAKXYCh0Y0pwHUO6YAhGFBuVCphmL2dOAsN
+            Y1ZUb1Y3ais0dlZrclQyUUZxWkNSVHcKv1Q0VBHE9Y9bU6XyQ84WNf+JTIQq/mPI
-            R/5NDRIF2ab5hf5vE8g/4jHnrttujsbNyU96Jezh8q6MO2M1afIUwA==
+            tOD6uiS46KgnO5p8oM9rqvBmOPJKoS6bgSLUuEnqjLTtZE3QO0eKzA==
            -----END AGE ENCRYPTED FILE-----
        - recipient: age1kardawqarv498rwayadsmnlx62kvjgduvhhg3drx39xacn9u3ajq5d0qra
          enc: |
            -----BEGIN AGE ENCRYPTED FILE-----
            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwTFR1UU1PaTl0NWZ1dEVk
            WTZMUEtGWFFyNm9aTzNmZHh3RkZHOGsvRWowCnYzZ3JlRGlqN2tHbmtIMFFHUVBD
            dWNNc2ZqL1UwdlBmMERlNVZGK1ZhdVkKLS0tIGV1RHh5Z0Z3MlNMZHB0K1liTFdr
            NTUrY2pDQXJuTnREakRWQkFqckN2M2MKSonhOJsqcY/HDY+d25rEPwKSl3FSOpkW
            EJFXcKKTiJB96Ms5yDGRAtUvbqw/oSBbdGTqe7bE7pQhfj3Y8ECz4w==
            -----END AGE ENCRYPTED FILE-----
    lastmodified: "2025-11-26T18:38:21Z"
    mac: ENC[AES256_GCM,data:V3lKQj0ZWIPl2RPpnv7tRBG8sH6W9+rfnPy0z6g+3SZGmKtwhcgqVBG/VPMKhuyseNZ4vxE23lD7Ol44PchMgd/OCJqJF6TUl3A4LIqkK8Ji0m0cPcC3hsFaI8rChkWcLse30qcoQov4NbP7yElpf76Bh/NqBFgOqCjDD0Pp/NU=,iv:897reifxaub96UDCKCsWNxabVCSzYLmsIrrkXCxBgoM=,tag:0d4iQhLA/YxR7wrtUVxXqA==,type:str]