Hi I am trying to get sops-nix to manage my wifi secrets for a device. It does seem to work if I add the ssid and the psk in plain text in the configuration.
People have gotten it working before but I cant tell whats wrong with mine.
Here is the config snippet for the wireless bit of the networking:
sops.secrets."wifi.env" = {};
networking = {
hostName = "Hockeypuk";
wireless = {
enable = true;
secretsFile = config.sops.secrets."wifi.env".path;
networks = {
"ext:home_ssid" = {
psk = "ext:home_psk";
};
};
};
};
This is the snippet for the sops initialisation:
{pkgs, inputs, config, ... }:
{
imports = [
inputs.sops-nix.nixosModules.sops
];
sops = {
defaultSopsFile = ../../secrets/secrets.yaml;
defaultSopsFormat = "yaml";
validateSopsFiles = false;
age = {
sshKeyPaths = [
"/etc/ssh/ssh_host_ed25519_key"
];
keyFile = "/var/lib/sops-nix/key.txt";
generateKey = true;
};
secrets = {
"wifi.env" = {};
};
};
}
the secrets file:
wifi.env: |
home_ssid=<name of network>
home_psk=<passkey>
I dont get any error messages in console related to sops so that is working.
Im thinking that its got something to do with the order in which the wireless settings gets read and implemented and when sops decrypts the secrets. If this is the case how would I solve that.