uku/flake
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

switch to age keys

Browse source
This commit is contained in:
uku 2024-01-18 16:35:14 +01:00
parent a5a4e36fac
commit 6a456fc990
Signed by: uku
GPG key ID: 7D01D7B105E77166
6 changed files with 48 additions and 48 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
modules/common.nix
View file

@ -7,7 +7,7 @@
... ...
}: { }: {
age = { age = {
identityPaths = ["/etc/ssh/ssh_host_ed25519_key"]; identityPaths = ["/etc/age/key"];
secrets = { secrets = {
rootPassword.file = ../secrets/${config.networking.hostName}/rootPassword.age; rootPassword.file = ../secrets/${config.networking.hostName}/rootPassword.age;

22
secrets/fuji/rootPassword.age
View file

@ -1,14 +1,12 @@
-----BEGIN AGE ENCRYPTED FILE----- -----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IFd5V3BRdyBQcnVF YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5dFR0dUVuTThzMFZTTlht
UGNPWC9NaUJhbEZnbGFjUEtDS2FEZWRBeUxaK1JpZ08xY2tiUEVjClEyb09tVWlk bnlPNkJ0YlV1WnA3TnNXdkJSMG4rT1JBMFVjCmdjWTR5cmZZcXlNSmJETVNVT1VF
WGtkRXBIU1JPUGZKVUJVQ1lOV0R6K1NjVkZQeldvS212RWcKLT4gc3NoLWVkMjU1 UU1tY0ZsQzNqTE1rMXowcUpFaG9oUjAKLT4gWDI1NTE5IFNpVjA0blVIWHBlT1R3
MTkgVmIvYW1BIFRkNTJrYzZtYlhIVUZ3T3FDNWlwV3NnK1U1UjltbGJuL2U5MFVY M3Y5T3lHaGV2c3JaREN0V1BVd0RsQWcwNjdmU0EKTnVVUEFxMWpHclZjWCtIR1lH
RFpLaGcKYU4zQ1BaalNCNG1FOXN4ZStkdW9XNEFqbTdBVVdTZmFTMERNTEFXNkZi cUJHM3lMc1FCdVY5VTBIUGc0LzI4dFgxawotPiBnSCt6SCotZ3JlYXNlIH0KVzZr
QQotPiBvT2Z9My1ncmVhc2UgYmRoMm0iNFEgcyhOfWRcIDwKTVJVZllHWnhjUG9m WURzcXlHemRLOFlEcTU2WERjRDV6bWpvT0NnT2ZvR2lySDRFCi0tLSA0UDY2RG5X
Q0hmWTBmTVlmT2RReFJjU2FKWGpTMi9WaUlZTWoxL2pmOFRMVjVpbU9jREJoZlBm MmtwZmp6VWwvT2ZvMzFRKzg5SGxkZmsvSGFhKzN2U2VoOFVFCiXEs907Y0YetyFF
NlR3QQpRYUpZakNXNWpKSzgreEhsMWpqczg0VGhKeGNNYmc5UjJnCi0tLSBWOVZp 0IfFzesKLjF7NWA81HeYRkK6RRk2CYDHfXOyVQdLVjUYZR3IAMmZfhxdZ2JDE5ul
dkthdnh1dFV4djBTMjg1SUh6ZWpCaUttWStYTnZjREZkNnZPYWFzCpGQpx4DjeYa WFmStlS8kpCDJjqjV5j65/BUz3NySaId7/Qh87ac5oOGLb3A5JUYU56xvBB5EOPA
ySZeZU/9qaM2lty9XsRyyY9Y3MfU4zORTEs6EoxQQ5uJSkksWOiKq1pXEVp7Eiiw 17T1zatrQFbZ+b2m591Ol82qLIwpu/j4DKCH2Pnm8aw=
zlml1y9HZjUJWHTkJqIu47bqBIeIJjwL4PZ9L73EmTa9m+LvfqFpMC9Ka42Iwwz3
C/7dsp19SrYydPct/nHstHL8a6ymIkXfmI35Cfl4puvE8do=
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----

23
secrets/kilimandjaro/rootPassword.age
View file

@ -1,13 +1,14 @@
-----BEGIN AGE ENCRYPTED FILE----- -----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IFd5V3BRdyA5aVlB YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4ZmFZU1FvMDlaRWNRNXZo
L1krb2xjbklkVCttMzZNczVYV3ZtRDBWLzI2MGphTW42TmwyTkdVCi8rOEpLUGhx TEFUWEhJem9IanZHTGVienJJcXpnNVhjQ2pnCnNVdlVpWmFhRXZSS284QkdpYnVq
YXR1cnVZN0RVK3hOVVRwUTB4cHU3djFqY1MxeDRZckVhQzQKLT4gc3NoLWVkMjU1 SEtRZURONFFLT1U3by9lUythV3RRRUEKLT4gWDI1NTE5IDlPVEF5SFJQYmRobUQv
MTkgVmIvYW1BIG9qcFNzdDhaZmFxczRVd1JaTEVlSEplcTdxQTM1YTIyZVhSVTVX Zk5YaFFDWUthc3cxdjlqZE8zR1hZUHArUWRwU00KaG1qZWY0OGwrWlN6cS9GY1pL
OHN5bGMKR1ZjTjJ1NVdYOFFMbFUvNlRZbTU2UDdaVDBOOFh4SkUzTEl1RUZvQ2Jx emhVZ2k4bTF6YWp4SklhSkNGSFIvQ2M5bwotPiA4bTopWCY7Ni1ncmVhc2UgdFs5
UQotPiA3djRILWdyZWFzZSBpO1dtLWpJICQyPyB+ZkRncyB9YSFVIWdzKgpBSVRU S1xaeFIgfk1MTApnOE10WVphZnRTd0ZKbDdGcTlvWlY3RHN0YjhRcDN3eGlNRVFk
MklzYmNNaUxQNHJ2QUJIYjhiU2Z1QTAKLS0tIENPYkpsNUI0eFVHbnRkU0t0Q3Jv eDZBU3RJNitZZnpmTkFsOEh3d1Ywamd3TEV1CjBJZkhQYU9iRVVGMzhnaFdBZG1D
SXRsYzNjYmRKa0tQOXBnMUdmalZiS00KQDI4rngNrAQUeBm1jkO99uAba2XAOmc4 ZUNjdEpTNDV4NEhxdWpEUU9CWDRlQ2RYVGcKLS0tIEJQQy8waFVvK0FqaklDOUZD
ps3WPwPj+uQvF/kQ3sJsy6JCGErumTXJ/tm9+Atv1hrsDsCQ73vloLsbhNGNpumH c3BabjA4QXJ0RTVlazl0VkJGbkNoQy9zZEEKM6mW4mDz0aWpe1x2tkpzcjdjqe0i
3DPYRTSr30l7ncu6qciyaFLHjSB2uTD18hh3+QSD0CJkq+0EoZZiJwZSehLsatjR trBwj6kaUh3mDoUfdMLZ3FDVqi7je9jFQIBMVctzZNKMOADgbGDTli7m0wGZBWSL
ufIgRoaf5P7cE9jBcJUT2QZSOw== i8bTv1I9tgny46Kc2jvP2xOPgfTFKU87pRf133Nt1sbxL+LT0tgcPUDuEMTf3E7U
g5FXSN7Kk/aaZ/h2U2rRddn54ypLyw==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----

10
secrets/secrets.nix
View file

@ -1,12 +1,12 @@
let let
fuji = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHETiSgdsFFub534ChUKrY3U1ApAlyM7jqFmj3qN65so root@fuji"; fuji = "age16ujdfcahmnhe4ygruf28n0urgxycv8zgsp4f8856a5suewhn49cs0mqk7w";
kilimandjaro = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPbRi03uVAVzqEI5zc8QmP3uthcC1ep55gQL+nQPrEvv root@kilimandjaro"; kilimandjaro = "age1ny0re542mcvf829y28rz6eta9myaqlxasfnn933srw64dlgavpsqc59q79";
main = [fuji kilimandjaro]; main = [fuji kilimandjaro];
server = main; all = main;
in { in {
"userPassword.age".publicKeys = server; "userPassword.age".publicKeys = all;
"tailscaleKey.age".publicKeys = server; "tailscaleKey.age".publicKeys = all;
"fuji/rootPassword.age".publicKeys = main; "fuji/rootPassword.age".publicKeys = main;
"kilimandjaro/rootPassword.age".publicKeys = main; "kilimandjaro/rootPassword.age".publicKeys = main;

20
secrets/tailscaleKey.age
View file

@ -1,12 +1,12 @@
-----BEGIN AGE ENCRYPTED FILE----- -----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IFd5V3BRdyAwT3NR YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBbEI1TTVWeE9VSTBBTmdU
NmVyVERocFpVNkpHQXBuL1oyZUx5RFdJRXpOek41Tmd3OHJTQ1FJCjJIQndIWWNn dkxkdlh0bzRiTEJsamRBOC9yTTU4ZzViN3lvClZpQVFYL0h1cERadDFjbUZjT1F4
RGh0cjdHN1lEbkdwUnhuRDlvdVVWODRJY1pjTHVIRlJJTXMKLT4gc3NoLWVkMjU1 ZmNzbEtrNWxNbURPK0xtSzhzaE9URkEKLT4gWDI1NTE5IHpYOGFTcTc2RGxvSnhC
MTkgVmIvYW1BIEYxRlJhb3ZEMU9yMW5majlJaDFGUXVWUXlHT1NPd2J4QzM0azZo MTk3aloxV0s0cTNPSkV3QXUxVW5PTkl4M3B3VmsKMmovM1NMeFVwTG5TVjNoMDRn
cVpnUzgKaU5CUWQwL2NrdUc4K096eW5BckRkdHJTOCtBMW41SnJkM2ZQNHBReVdL VVg4a2Q2Uk5leW5IM1JWbDBiL0lCU3E5YwotPiBmJnlOSiEwaS1ncmVhc2UgISB2
dwotPiBcLWdyZWFzZSBkQz0gcng1KCBXaFx1SiBsTAp3YmlGNVRKcTF2eGVkRWtV JXpBaWBCCndwOCttYTRQV3Q3L2h4MXBWaENEQzlCZktndmhpQVduL0ExaFRzYzlv
RER2azZBNFpzdwotLS0gT2hKbmpvK25OdTNGUFBzTXNPWUxYdUIySnlGS21TY0FM bG5NMnJZREltekFsc21tVjZCb3FnCi0tLSBpNjBoTU9kaVpjclZmYS85YUJwbVBo
YUJiSk1WYjVtVQqAxVWNyP4XGgZahX5r3lcocV8zRWjLbu0Hyvy9Oma6fFDiEKuq NHhJRDI4TytKa0hTUHdHcE9zV2pJCuXL+3f4X0WqOtdkf4aa4I+4j6aYzN71aUPd
l+Xwb5Bs6WaSowSPJO815x/T/xGdo8ggntUDNDFN4lLrKQhIkz00pbbxeVaXva9X gefAEG7Nrl1XiGX01K0dYfm8rnWmf1tNhfXpmq9eU7KTfLvK8bTrqOuKQtJqXnOp
rrkZBn8= ansfY2eWuGNDu1LdlbGIrg==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----

19
secrets/userPassword.age
View file

@ -1,11 +1,12 @@
-----BEGIN AGE ENCRYPTED FILE----- -----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IFd5V3BRdyBZbkkw YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4amN5eXNianBtOTRpQ2hj
UlVDRmY4SStUc3NUeHJwajE2MGZKU01abXBsSjhUTlVaR1RUS0FBCnI1aGdOeTRS clhMVUwweXRkblYyS1VjdllRRTIrZ25KM25jClhkT0kxaUVWWTEzTk5wU012WEFl
cE1va3MyR08rSFZXd0h3eFNTcm05dGZGYTVFeEk1TC8zR1EKLT4gc3NoLWVkMjU1 Skc1K01BdXFMVG82emo5SXRRdEIzcFEKLT4gWDI1NTE5IE9NaHl2OXd6ZXlMdXVB
MTkgVmIvYW1BIEJlbHhZVUdTWlZSeFNWT2xON1RCRWNrQnNpeDNiTE1lcERCSFNo aklzZ0FIN3JKOWpkVkV3RHlRLzZXSjdQNlNRMDgKUHA4U1FTdTBKTkd3cEVUTUFO
Y0NmQmsKM0hBdkZ3K0FpV3RxMUs0eXkySmt0TDB6U0N1dkhUczhsWUowV2lCSkxq Ujc0cmNEMjZsVDJCNkNsczVTMGJnOHFzcwotPiBnQSJJRy1ncmVhc2UKMUxPQm5G
awotPiBqYi1ncmVhc2UgdCcKdTRlOQotLS0gR2Q4ajQvR2p2cWVmS3dMeTJNam5H blhzWTBWYmQ5dTZJWjdTNnZJQTY0L3p6S3ZVa3FLNVR1UENVVVRVYUJteG1IdGtU
NUU5dkxvRFA2SXdEa1NtTWZUOE1uZwrc3tjr3tkK0xwRJT1BvUWvKmsMBqlwly7p MEpoSnBEQ1hBMQpZakdHOE12YQotLS0gTm93cXJoNEVUVjRzQlpDaHA0UVIyNXFr
CBB0rphclsuS+HdxuCU1/qQ6dfXw8heoIKrRR0iTFp3NMZLQgcrWExwqRfQhS4wy MG9OYUFBekJ3TUdqVTlEcm1pbwoV2hJ7OZJ9OWVyn0Ma1LCS0vm+Lq5pVxodl6dX
uA/xZPhUA96MhTpTtthnmClSijn5rAv++DFx9UajBjXr mLwd9jT2ELKelt1CDkzTESToZw6FeFifC14Jv8H9z0+IwThBT9kptQ9xIsvtJ5vH
+yUTtxcz6oWJA8f8xRGh1FvWrUf1g7xhMkzVstPv
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----