uku/flake
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

use openssh host keys for agenix

Browse source
This commit is contained in:
uku 2023-11-22 15:38:47 +01:00
parent f2a297f06d
commit fd3efa36a6
Signed by: uku
GPG key ID: 7D01D7B105E77166
4 changed files with 29 additions and 20 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
secrets/desktop/rootPassword.age
View file

@ -1,11 +1,14 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDRQMGFOdyBHMzNS
OGNDcFdjaFl0czhHbGRLK2RacUplZzZPeTlsbTZFdjR1UXF5TDE4CitGdzVIMElX
UHRmYmZzVE5YY3J0VzFnbUJqNGlvVGw5RXEySnJ4UzRPaHcKLT4gQS1ncmVhc2Ug
QjQ+I2UxIFgoZE5gaWUgPmNqMCApVTRFInRrCmRZdkJLTFpPU25QRk42T1piR0Vw
Z0xrOVJVY3BXTmMKLS0tIHBSSDBqSWxISXh3Q1ErK0Y4YW8yamVpQXNhQ2hxMmZY
N2J3N1NuOUxYcW8K3vxFXBdoRbsRu46x2wkht529KxYMkj0ZhuSU8DTQAtH5JMIw
NSO0CpHRzFmHleoba8K4DSGy7V2gIVFZn13KIP5adtzOnMV3S41uC+FxLFK5sph0
HiZNZi/CqhMJh5QuEJDLMQjwQ8vh2ffLBThmO5LqkIRFJJPpeieD3inVBIX+Y0Y2
z9gx9jzaLA==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IFd5V3BRdyBHNXlJ
QjVZSDI5RVl0TWVDUFN4cnlZL1dvV0pmL01hR21UUktzK0cwQndJClBqc1N5Ujlw
UVVhWHJSYk13TjFlOUQzbmF5dkJFVGVjUmxXNFBQUnMwck0KLT4gc3NoLWVkMjU1
MTkgVmIvYW1BIGlPL2FwQnB4ZVYvd2xEVFAyYlNxVW1jenU1Q28wU20wckQ2Y05q
bHlQRHMKZUxiN2xWd0s2RktTcXp4UXFTaCtQZHY0NTVjZ0FsQ2pITmxocE9sRXJW
RQotPiBQcUNLNDYtZ3JlYXNlICUuPHcqaSBkaHkjQyAnJ2taSCw5WyB0XHRldwph
SkIxdDFBdFZxdEZGTURHYzJoanVIVmxHQjBTN1ZrcFJlRXRCS3Q1Wkk4TS9FRmds
YjA4WnMzMFVKZDNSbW53CjlZSXJETWFuLzVuQwotLS0gcm1PaVB0eUxRQXJKQ0x5
R2tPMllQbm93c2JSc3dTeDRBUWlqUDMwSHJQRQp8JF/S90jK26M/RUnYWRe8lP8P
ruZfFMnXP3cQcE9IBdoRWMzf1Uf3Aj3CNKDGRv6LHnapkWPGrxP0J32Q8/VLZQJn
/ibjcgya+6Tvzq/cY1iz+VhMw9bAXRwJC19cj9edl7ZlE254VdOvt2uK38aVh7lO
Y+hyLBd7TSH7XCajqtCwrXV6ZTIeGit1
-----END AGE ENCRYPTED FILE-----

21
secrets/desktop/userPassword.age
View file

@ -1,11 +1,14 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDRQMGFOdyBnSzhu
cGYwM3VFajVCOGhGa3hTcktTa1VhbkplZFhnc3ppZXlSWExFRUI4Ci9qT3MydUt0
NzVsWUZMcDZ6U3htMkIyUXg0eWNnMXR0ZzF4UVlEdkMxNHMKLT4gLiVZLWdyZWFz
ZSAmPTZnbEsgezU7YHx+IGY8XzQtayA2WApjMlZ5M1FYVFg3MjRydlZwam9XUGYv
Y2swNHBsZXdsZDUrb2tjNEpyOUtuck5wL0tSTHh0akxBckJvRWt6RitvCmM0ZS9s
Skh1bWg5by84L3VEV0tXdnM3MSs5ZW4xSnorWUgzbHFPUQotLS0gSjMrVVc2S2oy
Sy9GMUY1WUlYZ3gxZmFTOHl6K01PMjV2ejR3Umtyb3VPMAptrFOjuXbeqLlmYz16
qY2HtGPorPUszQcd4ZSJMM7thcPHxsohLsvmCpRGrSMkY5B5ehbSu6GkdZYpBuON
x98uVRNYoXP9t3Kv+V9jOVWZnnU6A29dBQ2xQGl40Au/8tmwdGgqZMLtLdOZ
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IFd5V3BRdyBjMXZY
d2w5ek1SbS9hNHpIN1JNajM4ZmFyZ1pLbExDSVdsM01PWkxZNUZnCmRaWWJKUVBt
SCtMbTZJOHN5TVRRNVFWYnBoTXpKYis5OWY1VWkvZVJINTgKLT4gc3NoLWVkMjU1
MTkgVmIvYW1BIENtZW0wREpyM0VqeXdaM0FUcHQydXNuWUt1Snc4VTNlRFZDSFEz
T01ja3MKWXhmQk0zTzVpMTZlNTBFcGhrblNwS1I2N3NqSGliMWZYMnZCUGtUenpy
WQotPiBQLWdyZWFzZSBxeWtBInEpPSA9Zlt9KT4vICEsLlRLUjhHCnR0SURGbzVB
aDQ5UDhCeFVKNk1BUkJKVDg1NGx5a05XZkFUb3FOdUlLd0FrMjBUNVM3eGRSZjBw
UkFWODVHZWoKdWFQNWY4THhTNjBITHluT2RZNnBxaFYwRE5Ga0RmVkR1enNqOHZO
Umt0VFpoQ1dzaG1UVHFkdzBtQWxiZUxqcApIQmErCi0tLSBONVhSQjl5RmxNTml5
ZGZ1MXQ1aFY2TEJPU1o5dFl3NXkrRy9ZRFQ3Ny84CvqQqRz3ALqi1zsAhikcH8vj
gLd9u064SGS5ZHSj52BhjYp3ss4f+qpWmWtMcqxf8YJizVR1Djv8/3MZZV67IuhW
YLuZe7k1Fh8NiZ+dJ9ViooBi2+5ebNsjHLu6n4hyM01V23YQAYMbczk=
-----END AGE ENCRYPTED FILE-----

5
secrets/secrets.nix
View file

@ -1,5 +1,8 @@
let
main = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN+7+KfdOrhcnHayxvOENUeMx8rE4XEIV/AxMHiaNUP8 uku3lig"];
main = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHETiSgdsFFub534ChUKrY3U1ApAlyM7jqFmj3qN65so root@fuji"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPbRi03uVAVzqEI5zc8QmP3uthcC1ep55gQL+nQPrEvv root@kilimandjaro"
];
server = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILdyRFBTdyCCMQ7I75TyO9voxrrreXQTXtSw+iCRf4XI root@vesuvio"] ++ main;
in {

2
systems/desktop.nix
View file

@ -102,7 +102,7 @@ in {
security.rtkit.enable = true;
age = {
identityPaths = ["/home/${username}/.ssh/id_ed25519"];
identityPaths = ["/etc/ssh/ssh_host_ed25519_key"];
secrets = let
base = ../secrets/desktop;