add warning to rebuild if age key is missing for sops and simplify sops config

2 files changed, 12 insertions, 5 deletions

diff --git a/.sops.yaml b/.sops.yaml
index 4da25c9..2d54fd2 100644
--- a/.sops.yaml
+++ b/.sops.yaml
@@ -2,23 +2,23 @@ keys:
   - &general age1w80rc0dnuu8nw99gw64c596qqetm78jdnsqajr0u7ephykekr39qfz8vnv
   - &flex-wg-router age1f0tmpy2nam58skmznjyqd3zf54rxtfrk6fda0vlpq9y3yg6wac7sjf0vja
 creation_rules:
-  - path_regex: timmy/resources/secrets/hashed-root-password.yaml
+  - path_regex: timmy/resources/secrets/.*\.yaml
     key_groups:
       - age:
         - *general
         - *flex-wg-router
 
-  - path_regex: timmy/resources/secrets/wpa_supplicant-conf.yaml
+  - path_regex: T495/resources/secrets/.*\.yaml
     key_groups:
       - age:
         - *general
 
-  - path_regex: T495/resources/secrets/wg0.yaml
+  - path_regex: X230/resources/secrets/.*\.yaml
     key_groups:
       - age:
         - *general
 
-  - path_regex: X230/resources/secrets/wg0.yaml
+  - path_regex: flex-wg-router/resources/secrets/.*\.yaml
     key_groups:
       - age:
-        - *general
+        - *flex-wg-router
diff --git a/rebuild b/rebuild
index 91ea7a1..cb92b80 100755
--- a/rebuild
+++ b/rebuild
@@ -1,2 +1,9 @@
 #!/bin/sh
+if [ ! -f ~/.config/sops/age/keys.txt ]; then
+	mkdir -p ~/.config/sops/age
+	echo "---------------------------------------------------------------------------------------------------"
+	echo "| WARNING: Sops key not found. Please generate one from your ssh key using the following command: |"
+	echo "|     nix run nixpkgs#ssh-to-age -- -private-key -i ~/.ssh/private > ~/.config/sops/age/keys.txt  |"
+	echo "---------------------------------------------------------------------------------------------------"
+fi
 nixos-rebuild switch --sudo --flake "$(dirname "$0")/#$(hostname)" $@