uku/flake
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

use openssh host keys for agenix

Browse source
This commit is contained in:
uku 2023-11-22 15:38:47 +01:00
parent f2a297f06d
commit fd3efa36a6
Signed by: uku
GPG key ID: 7D01D7B105E77166
4 changed files with 29 additions and 20 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
secrets/desktop/rootPassword.age
View file

@ -1,11 +1,14 @@
-----BEGIN AGE ENCRYPTED FILE----- -----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDRQMGFOdyBHMzNS YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IFd5V3BRdyBHNXlJ
OGNDcFdjaFl0czhHbGRLK2RacUplZzZPeTlsbTZFdjR1UXF5TDE4CitGdzVIMElX QjVZSDI5RVl0TWVDUFN4cnlZL1dvV0pmL01hR21UUktzK0cwQndJClBqc1N5Ujlw
UHRmYmZzVE5YY3J0VzFnbUJqNGlvVGw5RXEySnJ4UzRPaHcKLT4gQS1ncmVhc2Ug UVVhWHJSYk13TjFlOUQzbmF5dkJFVGVjUmxXNFBQUnMwck0KLT4gc3NoLWVkMjU1
QjQ+I2UxIFgoZE5gaWUgPmNqMCApVTRFInRrCmRZdkJLTFpPU25QRk42T1piR0Vw MTkgVmIvYW1BIGlPL2FwQnB4ZVYvd2xEVFAyYlNxVW1jenU1Q28wU20wckQ2Y05q
Z0xrOVJVY3BXTmMKLS0tIHBSSDBqSWxISXh3Q1ErK0Y4YW8yamVpQXNhQ2hxMmZY bHlQRHMKZUxiN2xWd0s2RktTcXp4UXFTaCtQZHY0NTVjZ0FsQ2pITmxocE9sRXJW
N2J3N1NuOUxYcW8K3vxFXBdoRbsRu46x2wkht529KxYMkj0ZhuSU8DTQAtH5JMIw RQotPiBQcUNLNDYtZ3JlYXNlICUuPHcqaSBkaHkjQyAnJ2taSCw5WyB0XHRldwph
NSO0CpHRzFmHleoba8K4DSGy7V2gIVFZn13KIP5adtzOnMV3S41uC+FxLFK5sph0 SkIxdDFBdFZxdEZGTURHYzJoanVIVmxHQjBTN1ZrcFJlRXRCS3Q1Wkk4TS9FRmds
HiZNZi/CqhMJh5QuEJDLMQjwQ8vh2ffLBThmO5LqkIRFJJPpeieD3inVBIX+Y0Y2 YjA4WnMzMFVKZDNSbW53CjlZSXJETWFuLzVuQwotLS0gcm1PaVB0eUxRQXJKQ0x5
z9gx9jzaLA== R2tPMllQbm93c2JSc3dTeDRBUWlqUDMwSHJQRQp8JF/S90jK26M/RUnYWRe8lP8P
ruZfFMnXP3cQcE9IBdoRWMzf1Uf3Aj3CNKDGRv6LHnapkWPGrxP0J32Q8/VLZQJn
/ibjcgya+6Tvzq/cY1iz+VhMw9bAXRwJC19cj9edl7ZlE254VdOvt2uK38aVh7lO
Y+hyLBd7TSH7XCajqtCwrXV6ZTIeGit1
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----

21
secrets/desktop/userPassword.age
View file

@ -1,11 +1,14 @@
-----BEGIN AGE ENCRYPTED FILE----- -----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDRQMGFOdyBnSzhu YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IFd5V3BRdyBjMXZY
cGYwM3VFajVCOGhGa3hTcktTa1VhbkplZFhnc3ppZXlSWExFRUI4Ci9qT3MydUt0 d2w5ek1SbS9hNHpIN1JNajM4ZmFyZ1pLbExDSVdsM01PWkxZNUZnCmRaWWJKUVBt
NzVsWUZMcDZ6U3htMkIyUXg0eWNnMXR0ZzF4UVlEdkMxNHMKLT4gLiVZLWdyZWFz SCtMbTZJOHN5TVRRNVFWYnBoTXpKYis5OWY1VWkvZVJINTgKLT4gc3NoLWVkMjU1
ZSAmPTZnbEsgezU7YHx+IGY8XzQtayA2WApjMlZ5M1FYVFg3MjRydlZwam9XUGYv MTkgVmIvYW1BIENtZW0wREpyM0VqeXdaM0FUcHQydXNuWUt1Snc4VTNlRFZDSFEz
Y2swNHBsZXdsZDUrb2tjNEpyOUtuck5wL0tSTHh0akxBckJvRWt6RitvCmM0ZS9s T01ja3MKWXhmQk0zTzVpMTZlNTBFcGhrblNwS1I2N3NqSGliMWZYMnZCUGtUenpy
Skh1bWg5by84L3VEV0tXdnM3MSs5ZW4xSnorWUgzbHFPUQotLS0gSjMrVVc2S2oy WQotPiBQLWdyZWFzZSBxeWtBInEpPSA9Zlt9KT4vICEsLlRLUjhHCnR0SURGbzVB
Sy9GMUY1WUlYZ3gxZmFTOHl6K01PMjV2ejR3Umtyb3VPMAptrFOjuXbeqLlmYz16 aDQ5UDhCeFVKNk1BUkJKVDg1NGx5a05XZkFUb3FOdUlLd0FrMjBUNVM3eGRSZjBw
qY2HtGPorPUszQcd4ZSJMM7thcPHxsohLsvmCpRGrSMkY5B5ehbSu6GkdZYpBuON UkFWODVHZWoKdWFQNWY4THhTNjBITHluT2RZNnBxaFYwRE5Ga0RmVkR1enNqOHZO
x98uVRNYoXP9t3Kv+V9jOVWZnnU6A29dBQ2xQGl40Au/8tmwdGgqZMLtLdOZ Umt0VFpoQ1dzaG1UVHFkdzBtQWxiZUxqcApIQmErCi0tLSBONVhSQjl5RmxNTml5
ZGZ1MXQ1aFY2TEJPU1o5dFl3NXkrRy9ZRFQ3Ny84CvqQqRz3ALqi1zsAhikcH8vj
gLd9u064SGS5ZHSj52BhjYp3ss4f+qpWmWtMcqxf8YJizVR1Djv8/3MZZV67IuhW
YLuZe7k1Fh8NiZ+dJ9ViooBi2+5ebNsjHLu6n4hyM01V23YQAYMbczk=
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----

5
secrets/secrets.nix
View file

@ -1,5 +1,8 @@
let let
main = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN+7+KfdOrhcnHayxvOENUeMx8rE4XEIV/AxMHiaNUP8 uku3lig"]; main = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHETiSgdsFFub534ChUKrY3U1ApAlyM7jqFmj3qN65so root@fuji"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPbRi03uVAVzqEI5zc8QmP3uthcC1ep55gQL+nQPrEvv root@kilimandjaro"
];
server = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILdyRFBTdyCCMQ7I75TyO9voxrrreXQTXtSw+iCRf4XI root@vesuvio"] ++ main; server = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILdyRFBTdyCCMQ7I75TyO9voxrrreXQTXtSw+iCRf4XI root@vesuvio"] ++ main;
in { in {

2
systems/desktop.nix
View file

@ -102,7 +102,7 @@ in {
security.rtkit.enable = true; security.rtkit.enable = true;
age = { age = {
identityPaths = ["/home/${username}/.ssh/id_ed25519"]; identityPaths = ["/etc/ssh/ssh_host_ed25519_key"];
secrets = let secrets = let
base = ../secrets/desktop; base = ../secrets/desktop;