diff --git a/nix/hosts/t490/configuration.nix b/nix/hosts/t490/configuration.nix index e885188..bae0cc7 100644 --- a/nix/hosts/t490/configuration.nix +++ b/nix/hosts/t490/configuration.nix @@ -5,6 +5,7 @@ ./hardware-configuration.nix ./hardware.nix ./programs.nix + ./secrets.nix ./services ./users.nix diff --git a/nix/hosts/t490/secrets.nix b/nix/hosts/t490/secrets.nix new file mode 100644 index 0000000..e203222 --- /dev/null +++ b/nix/hosts/t490/secrets.nix @@ -0,0 +1,5 @@ +{ + age.secrets = { + cloudflare.file = ../../secrets/cloudflare.age; + }; +} diff --git a/nix/secrets.nix b/nix/secrets.nix index c255374..63c35bf 100644 --- a/nix/secrets.nix +++ b/nix/secrets.nix @@ -2,20 +2,21 @@ let hosts = { hetznix = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN/Lylteb1le173In/X94jls+CXFg9RGCyJPBOL90zDD"; lemp11 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEZ+ljJKd6uqdAk+fqxwtObI4Stab2N9Bjo4QFHY/v8n"; + mail = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDop//jfN3Hj5yRQLzPwy/A1StdJ2krxIbI8LUWPX7ht"; nixedo = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILvtcGJnc94k6wCPfvK9oBvGey0WWVCR8IYSqg5vqage"; t490 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILvtcGJnc94k6wCPfvK9oBvGey0WWVCR8IYSqg5vqage"; }; - users = { - opdavies = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDkkbYaCD9NUIQT0NnsmlyfepwjxBYeiJSBCotOpdPTyc5inFAd29DiVw98j4skfaHdzjcqWmMFmDQWM6tGkK7eg8n0WuaABmsjdEbzTtfjHwM0tRDCIh5AtoT4IvoLhwLjEI2jKM05BGCQ2m5lS//AYJK1DjiV4UH+IjXHz6oy/3eFzQwANjxWS+mbR565p21yuAu1DKEyaGeVzT1xDhgzlnZG7Cys/rFgUYpIvYDHMOFxG6hsDB8vqyHiTXniniti5tdvGGYHgRGQcynRTU12aerrqHTIOefrElXJdf3/PA8FIY/Pd3MmZocY/vvQe0EVHXWrNtnHOF3MFQ1tFyfubKO51Dcp9KmzHnyBvO4CtvGVr/upSVWfo0I/EqkIqvCvBbdSIPeH9V5hAcyWENGF4Wf0/Yqtc0dBhfXJmPVBsC2ghZp9oERK+h5Xs7DpzkT0vtkN+wjgA5weIuG8e2UVNO29LWASzlychVqb7BVa6kNn5CyGwauyIGsYvAFnUjkyJpK8qleNM3VO5x9aw26IhSKlnSE9PAdX8p7PpdoWfxWRekKTc4h6iAe7pFOENvuokAvCNsE5LolR4VrYKXjA0m3nupDNWYexAWfR3lSeSlKd9nD3OENS0biJKayZHs11iDUTxm5u5gm/U60b4z0zDXjh1H/DI/pSCG6jjaXDpw=="; - }; + opdavies = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDkkbYaCD9NUIQT0NnsmlyfepwjxBYeiJSBCotOpdPTyc5inFAd29DiVw98j4skfaHdzjcqWmMFmDQWM6tGkK7eg8n0WuaABmsjdEbzTtfjHwM0tRDCIh5AtoT4IvoLhwLjEI2jKM05BGCQ2m5lS//AYJK1DjiV4UH+IjXHz6oy/3eFzQwANjxWS+mbR565p21yuAu1DKEyaGeVzT1xDhgzlnZG7Cys/rFgUYpIvYDHMOFxG6hsDB8vqyHiTXniniti5tdvGGYHgRGQcynRTU12aerrqHTIOefrElXJdf3/PA8FIY/Pd3MmZocY/vvQe0EVHXWrNtnHOF3MFQ1tFyfubKO51Dcp9KmzHnyBvO4CtvGVr/upSVWfo0I/EqkIqvCvBbdSIPeH9V5hAcyWENGF4Wf0/Yqtc0dBhfXJmPVBsC2ghZp9oERK+h5Xs7DpzkT0vtkN+wjgA5weIuG8e2UVNO29LWASzlychVqb7BVa6kNn5CyGwauyIGsYvAFnUjkyJpK8qleNM3VO5x9aw26IhSKlnSE9PAdX8p7PpdoWfxWRekKTc4h6iAe7pFOENvuokAvCNsE5LolR4VrYKXjA0m3nupDNWYexAWfR3lSeSlKd9nD3OENS0biJKayZHs11iDUTxm5u5gm/U60b4z0zDXjh1H/DI/pSCG6jjaXDpw=="; + + users = [ opdavies ]; in { "secrets/cloudflare.age".publicKeys = [ hosts.hetznix + hosts.mail hosts.nixedo hosts.t490 - users.opdavies ] ++ users; "secrets/tubearchivist.age".publicKeys = [ diff --git a/nix/secrets/cloudflare.age b/nix/secrets/cloudflare.age index ba6fb04..4c092f3 100644 --- a/nix/secrets/cloudflare.age +++ b/nix/secrets/cloudflare.age @@ -1,24 +1,23 @@ age-encryption.org/v1 --> ssh-ed25519 M7i4ow uAeMYG9c6ryN+5dT0niHXkwWXYuCPTlv6MVaaRxP6BQ -7OdV+9doEFau6GjTONtREFSePR95/FEe3tTRaqU9ERQ --> ssh-ed25519 IsVD3g LNDsu6aQk4VB47Au6sGfUFnvuFDYL1yxvT2xqmEoPXA -T6O638N4ICQfoYmXSzwyJnn4ZgEYTVHBhaviG/L42xc +-> ssh-ed25519 M7i4ow JbGsQZjXyc/TOA5Bc2J1F4dUPImFkb2sJstGTiwS0lw +KhsNg7sOj7n2iOpKyKX8pfzFC16oYK+3GnE0PtwUres +-> ssh-ed25519 e6k47Q 5u6J38BGCrhgUo9+JrWNXLTbY6GwiSRc7EyrCnMqIBQ +rxCoxCxNcPIVhSXBItEnRyWi1lVRl0u7PH5EqydU4Bo +-> ssh-ed25519 IsVD3g xy60nMsxrMEVVHse7cfmvTtnzYZMr/8bHQ77dwBVmxo +wlJJVdek+bN6tzbxAl594FR9MBR93nQyvwqCLREp2Sw +-> ssh-ed25519 IsVD3g ATYSZBSFln40HNRBvAPd85D4ax8TA4vWc4JsgqvXpxU +YfUmlZLkQi9QFeuZ1kJdR3toWD/gkoTz+XAtBFx2qKY -> ssh-rsa +vTWQw -B6COgTlKAkSE2zCwt6gCDBl4fw6WgKD1u1/YYXMz/Fh2nXc8Qy1IrxSvn8nZr05G -EdToyrGtkNC6i5OPKvNfy+DWLw2slD3f6rZGQQZb60bEj51mr3xTIh2ho449U9lp -lFyodrxcQljBWdRI0mO2/SWTwKPLDqehGJdamj0DnitVh+tof4WdThZGIKekOG42 -WylPQUEt6U3tNLfTKfj1/HAKBiVdcOUezTzmcDqrD+Sb3qO+hEWWACIQoKnFS0Yl -rDZ/Sif86EMPUi93wsF5tjR6jCJfb/isiucxCeR9nKHCKScXPRjCpP85yswUEABd -wqJGodpuywoTaBF+GfPqXHF1BNp9wRHiMJC/wKsYTs7M5dpQyjl+/Nr4b/C/BdwE -Ab2q9u+EDuOFOWYz0TBUNQTFd/HQVhpC2Jd+/XLP1QZvHjA9WpQU+Uf6QTeQFoH3 -3jm31f3qWbFqgHYoYMRN6Qwax7PYN86d8zUs2TDnzz2EpE7ybxmKvsv1XQpl7eoc -RP6ynCP71nGXOHymzaZPYDdCsidw1EjuN2jtIbXU1+1ZgjPya8C5grVdDalwy/ds -98g4kDgLMhfeiu24kJS9fDE5YDI8AWLaRLRgdEu7FbtAottaI9qgG5AZTaU0g8Po -LHjrMnlz+gZ972sA7tM2sv+ZG4npWnyZOExyFQ/sD3U --> ssh-ed25519 qqcYyA elZlBILHKKJosk7vsh2FKtouLS84AGFHg3H1g3t1JEU -vywdvbLrzLSkLjrBkQ57Stp8gLLS+P63b7hBIRSEzCY --> ssh-ed25519 RN94uQ UQZx1RtihT91/pw0pHFuW8Pvk7epPkRJjklyaMz7PjI -4tbyHGkw86rfmB+CnWtz4ptNu2hI2yapGIwnzG+NAFA ---- xBHkdADymfBcQirr8/WV/Wuclk1PtivlHeNCdqXdUuw -3#mBLd.Z p$2kD5 -kKTFȌcYMP_`DxJ2:&xƢŵ+`%K$ \ No newline at end of file +cohbs+XV518CcQvwPPn5uAPsMVbn8MFx5FKOQVXyBcxXsK88fdQtBcp+BcgUfHeE ++HJLB5KDs3lfHiEVDX7Z2BBVx1y9y+j0f8vi8GKNvTLSAAdMwp7LFS/aNcjboayf +gn/+E+qtd4yiscSBBgsZvUBibkyRM+uVstXqACeX9S4j7TctsqpdEMvJKrbYJ0zQ +7KsZyyT6QeIp7H9zMLQg2Gv7W2co5+ny3S1saL/5F51gy68LaReAIvB+GAs2TzCY +AJVo1ANAG3JMRftGtUoNXgieyzXMKf/ucsC1OvwgUDlCDfqjHsiUlAaG64NWe1+K +3DB1nnE/RkbkPj4gEcHxgiPX6/zC/ZS/sVYOBpktZeyb+ofsVhwQ/Xb0MJAwvknY +WvETJ4DL4VQx4eC1v3yEYsgak1opnwOnRodeKbvR6pr+KeinFiKoF9dh9LQu9ByM +ocqCBEHRfzkL1ZM2BYS1hlYo6ECSoSKiNQ8J+BF6wNMLM7WwG9G+LHCw8DMeAo1n +DCpOMJXII2G1Mvgz/kUE63QB747uc7IImhYj5AQwTgYo/TUttVG6iEaJVGi5EFH0 +dwUPQU3wbYZiWTfKBYfBEX6+zyqSw20PpoQHbCouqOjKV37Ntwh3XhcyMOCBKB5L +ugK55xOpNwbVxSh6zjyis4YLk0ON5UI9cyxqx44Z8kY +--- ziQ837ro8cdUK22H13GWtnEVkq+QpSIwbwIYXU7t6H8 +LIːvMĘlYZ{CKLR߂Ĺ Bya`*p3miK=Ļj"LQ08ArKBE:XӜbWü*6NyhuF_Fohc0 \ No newline at end of file diff --git a/nix/secrets/tubearchivist.age b/nix/secrets/tubearchivist.age index d5dce0b..9af2769 100644 --- a/nix/secrets/tubearchivist.age +++ b/nix/secrets/tubearchivist.age @@ -1,21 +1,19 @@ age-encryption.org/v1 --> ssh-ed25519 sHhprA glUkUuhPJRIeCUtuMh1KWri10reLmYTs/M+qIJt0yS8 -XjThuIggs/W/EUK83ZbIbbd4yLLSYQJUZIS99nHKQL8 --> ssh-ed25519 IsVD3g bAXxMhDdpNBYZJz98XEIPC6WpbeDFOldoB4w85UsRVw -GUKmIo6AMrXGfsTjpL9aFMGd9F0brmjkSK1pRyAIInE +-> ssh-ed25519 sHhprA uSQb27PjMYpj22KMcFkY8gk28CxWsA9fr0lP6hCjw3c ++JlfXYJcfaUMaijapKbQHU1Tndh4qy+vf29MMv8mQ4M +-> ssh-ed25519 IsVD3g U9nD/8QuGhQU5+IFZRswgmzDcLoaKIr7ItG75PlQDkg +CmlB0k7Bx7nXBA0ym1Gzh6lQrbNN7Kzy5WPmViGVuLY -> ssh-rsa +vTWQw -da55hhm3DwoVoDKTK4fexNWahYB3SYu8dJ44/V26RuKHS53r92nKbuJ4j2brMKD2 -9Wiv/9kaYNDWIxGz+SpeCmsv5rCsKCovo3TLQsmCT4JcQL8Ke+VJR0CzbvTO4jxC -76PtflGahqms9F/BDWJztJJm7pcq9tUBRoyaOzJzri2064PkD8wiKyexOoU4eE+a -kncCC1OmpjZT7flNrOwxwCqTIgrWsEZQpRERTVV6F7xqeV7gVe3FywFdT/Z2CXfq -jgC8HA+YEbxmNGamWhpHxo3nf3tUSLXKoituEIOdGqK8pzdAKmTPzgpvjXhMCznu -Hv4HgQzDXzjKgYv7G0LwwnU0R10mGPNaPuzAc2nR6X0HI094mWS34UfzdKbONgfi -QPiRNGaCPQb8SBp64jn0CgZs6w466rEh4Rmwm+HXLFaESRqmHS9J0J01pnIltfXJ -NbFQKiBUbhCIyXLLgTT9gwV8PRIrgnRNHGxKXJihVeWkSDd3cYkII6feBrhUZarq -HgSiWdRYiSCZDZnD+if3cCB0NL5Q+fE8zo3xUfyenkDqPSwNAgXK4p+QZzwAbrZf -w0S7IK9I4mwei6uIhKAByQM71CwGEwSNfKOJa9k+ABaWxP0Kugf/uLO63ZU3byNv -DNQ2WdVbEsYdfU0jU9JqhgwpljzSN09wjA9ZG0j8JhA --> ssh-ed25519 qqcYyA 9Q2jCyt+hp0WPGxFTndK95L6tb6TBbhi3xIJx3puCRk -JMrVGBH5s5xisKhG7EME4CHHwngVzW3LlRXhMFHn6kM ---- mavTi4Poq4alvDGknFIgMI2rZFJoJfR09ZrFjlOywZw -a,2PTC1Ax5b sclzzܮz8ZVC蜱ȄÐ+LOT( i9T Na5i&JDS5b~Æ \ No newline at end of file +l8bvdvVV4b5OjkohdSWOea4YdIJ8xPRahajsJDpB6d9vr28nQEf6ruAmX1QeJkmP +9NEVQmhL6OqulCz1G4awhf+OldnhIK/ift7GON2+cmKtp4W3R2k0dZqm5ML7OSpt +/S2DcveCV7yyLHfkrEMI6UEka31xEJnXGnbgPbsQ1sS2kckVoLzW3etDZ/ta6FcW +Zze5eiMVvKeaMOpTPts+lyiiPaSwIheJdvWhPBqdX+zJvaLaRS+VdC3ER25lw1IL +Db/yiLRsw50GWfC5FTZMg/T+URVKo8JvdsebDxnGJVxMIjiazRDOkClYJGFSs8ud +NcX7Bd26fOgggl8COmg87se3D0uSuABnHiJN5Hv/S3xwfK2RYSxZj0qjLCpbsa+K +RgyarmsDiWSfsbha+uPjrTnW1U7elJJWvUbOEhZWEzUclLXy4z+nsA7BBVKa4LSm +8Epd4qOE6korqkDDf/nDXg6X+AOeBF0JLWACZGR6qjovzTyQmepa4H03n/aid4xt +5hhM9uzLSCYoY8T7hZSjrCiJeYUqCoVDjtCE7eDGScuoG/g3RfEa4BcFK/EcSpqT +7CmnFU5Ay3vG5/6n/evzmzYvk82/I97KOs+LTotDW8FzRx/GmTCS2Bp8xiOw6XZS +05sALEULfH5cCVKdJ2Mjj+NR4VEab/ykickH5fen0M4 +--- 7ihl6vnG31mlHLNdqzV2DA3pY0HOla8TE58j8B2wLfQ +(R&Բ5Z;UgrN2AW,8ϙ*8ͦU>&rZ۹9l ,ZʁqIPQ?)-kJЌ \ No newline at end of file diff --git a/nix/users/opdavies/default.nix b/nix/users/opdavies/default.nix index 117f9af..df4437f 100644 --- a/nix/users/opdavies/default.nix +++ b/nix/users/opdavies/default.nix @@ -33,6 +33,6 @@ }; age.identityPaths = [ - "/home/opdavies/.ssh/id_ed25519" + "/home/opdavies/.ssh/id_rsa" ]; }