Compare commits
No commits in common. "4ea27c38c71adcb42a6fbc5b1aaa4b1e82e3ff9c" and "ba4b27b664bbe844eb8bb42159d526bfb2d7af3e" have entirely different histories.
4ea27c38c7
...
ba4b27b664
4 changed files with 44 additions and 19 deletions
|
|
@ -15,7 +15,10 @@ let
|
||||||
|
|
||||||
rootPassword = _utils.setupSingleSecret config "rootPassword" { };
|
rootPassword = _utils.setupSingleSecret config "rootPassword" { };
|
||||||
secrets = _utils.setupSharedSecrets config {
|
secrets = _utils.setupSharedSecrets config {
|
||||||
secrets = [ "userPassword" ];
|
secrets = [
|
||||||
|
"userPassword"
|
||||||
|
"tailscaleKey"
|
||||||
|
];
|
||||||
};
|
};
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
|
|
@ -185,6 +188,11 @@ in
|
||||||
tailscale = {
|
tailscale = {
|
||||||
enable = true;
|
enable = true;
|
||||||
useRoutingFeatures = "both";
|
useRoutingFeatures = "both";
|
||||||
|
extraUpFlags = [
|
||||||
|
"--ssh"
|
||||||
|
"--stateful-filtering"
|
||||||
|
];
|
||||||
|
authKeyFile = secrets.get "tailscaleKey";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
||||||
36
flake.lock
generated
36
flake.lock
generated
|
|
@ -92,11 +92,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1741352980,
|
"lastModified": 1740872218,
|
||||||
"narHash": "sha256-+u2UunDA4Cl5Fci3m7S643HzKmIDAe+fiXrLqYsR2fs=",
|
"narHash": "sha256-ZaMw0pdoUKigLpv9HiNDH2Pjnosg7NBYMJlHTIsHEUo=",
|
||||||
"owner": "hercules-ci",
|
"owner": "hercules-ci",
|
||||||
"repo": "flake-parts",
|
"repo": "flake-parts",
|
||||||
"rev": "f4330d22f1c5d2ba72d3d22df5597d123fdb60a9",
|
"rev": "3876f6b87db82f33775b1ef5ea343986105db764",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
@ -132,11 +132,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1741345870,
|
"lastModified": 1741217763,
|
||||||
"narHash": "sha256-KTpoO4oaucdFr3oJJBYpGK+aWVVrLvtiT17EQE7Cf4Y=",
|
"narHash": "sha256-g/TrltIjFHIjtzKY5CJpoPANfHQWDD43G5U1a/v5oVg=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "home-manager",
|
"repo": "home-manager",
|
||||||
"rev": "04c915bcf1a1eac3519372ff3185beef053fba7c",
|
"rev": "486b066025dccd8af7fbe5dd2cc79e46b88c80da",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
@ -161,11 +161,11 @@
|
||||||
"rust-overlay": "rust-overlay"
|
"rust-overlay": "rust-overlay"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1741259028,
|
"lastModified": 1741001137,
|
||||||
"narHash": "sha256-QWgGXe9Ai8+hSwNEAqLjZoAvLwV3ywDzT+XBpfMOzuU=",
|
"narHash": "sha256-XxWib5eI3rgMPA4VzDHOx89WT76IN/ZNb+votz5gakw=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "lanzaboote",
|
"repo": "lanzaboote",
|
||||||
"rev": "3a3ed972151121c8b159eb40e0be21146270e73b",
|
"rev": "cc9786aa8158437facead0d8e21ac0c03be91dc8",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
@ -184,11 +184,11 @@
|
||||||
"treefmt-nix": []
|
"treefmt-nix": []
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1741334526,
|
"lastModified": 1741244761,
|
||||||
"narHash": "sha256-X1KnK3i5h3lriG5YsKNUu5gV2XWbS75BwPU9IxGvG1w=",
|
"narHash": "sha256-nwP0O2Vnie/e6oJvXOtUxH+s1KM7V7VsaESdPfXakX8=",
|
||||||
"owner": "soopyc",
|
"owner": "soopyc",
|
||||||
"repo": "mystia",
|
"repo": "mystia",
|
||||||
"rev": "5ad3fb05e1bab655a0928a6475888a8670a018a7",
|
"rev": "f6f297ceebebbdf7267cf3ca80d2ef51e44b1373",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
@ -220,11 +220,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs": {
|
"nixpkgs": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1741246872,
|
"lastModified": 1741173522,
|
||||||
"narHash": "sha256-Q6pMP4a9ed636qilcYX8XUguvKl/0/LGXhHcRI91p0U=",
|
"narHash": "sha256-k7VSqvv0r1r53nUI/IfPHCppkUAddeXn843YlAC5DR0=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "10069ef4cf863633f57238f179a0297de84bd8d3",
|
"rev": "d69ab0d71b22fa1ce3dbeff666e6deb4917db049",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
@ -276,11 +276,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1741228283,
|
"lastModified": 1740364262,
|
||||||
"narHash": "sha256-VzqI+k/eoijLQ5am6rDFDAtFAbw8nltXfLBC6SIEJAE=",
|
"narHash": "sha256-X5EtT29uEtXN2E4bDiDU2HGBdmFHjHf1KbP6iKP0cmg=",
|
||||||
"owner": "oxalica",
|
"owner": "oxalica",
|
||||||
"repo": "rust-overlay",
|
"repo": "rust-overlay",
|
||||||
"rev": "38e9826bc4296c9daf18bc1e6aa299f3e932a403",
|
"rev": "7c5892ad87b90d72668964975eebd4e174ff6204",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
|
||||||
|
|
@ -17,6 +17,7 @@ let
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
"shared/userPassword.age".publicKeys = all;
|
"shared/userPassword.age".publicKeys = all;
|
||||||
|
"shared/tailscaleKey.age".publicKeys = all;
|
||||||
"shared/frpToken.age".publicKeys = all;
|
"shared/frpToken.age".publicKeys = all;
|
||||||
"shared/vmAuthToken.age".publicKeys = all;
|
"shared/vmAuthToken.age".publicKeys = all;
|
||||||
|
|
||||||
|
|
|
||||||
16
secrets/shared/tailscaleKey.age
Normal file
16
secrets/shared/tailscaleKey.age
Normal file
|
|
@ -0,0 +1,16 @@
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1TlI1TGVYQ2ZlaTZ0Ukti
|
||||||
|
U0lwenM1ekxDdk0rWi9rc21IeG9XMzFnZlNNClJVeUlkMEVXSE9ZZ2xMblB0MzFB
|
||||||
|
TXJldHBIak0vcmgvWHZyc2VYOE10ZzgKLT4gWDI1NTE5IHRpK2FBajgzdURmcGlN
|
||||||
|
VkhOWWdydUtvQnQ2M3RNQ0ZSWGdaWEhFRjdXUlEKVTZqK3dRNUpOTHlKRmgxOGV2
|
||||||
|
SFRRR0NYNTVrd3JmUGxlR2V0Ni9PTWNncwotPiBYMjU1MTkgMCtQNlNUcXdBNlcv
|
||||||
|
aVNtTG1zUVJnTlhROFpPMnFpYnJ2VE1hZUdsK0V4cwp6YjBHM0dxdFNxazQzQ2JB
|
||||||
|
UENVdTVhQlZ4UExHeFkxc2NBcnBSamFyMXRrCi0+IFgyNTUxOSBwU0x3OHdZK2M3
|
||||||
|
dThsT1RJUXJRT1JwZHBZU2NxTVpZT2YxclUyZ3ErUEVjCldCZm9CTUNVc0VqRjYv
|
||||||
|
bXR6NTdxYjRlSFo1c2FXcDBjbFp0RTMrUnNpVFkKLT4gWDI1NTE5IDRDYlYveXFp
|
||||||
|
MXRHWDhCT2xYWnp1VG9SeFJoUlBXeVBZMUdSeFoyamhtVlkKd000RGFENDRPcmI4
|
||||||
|
MXN6UzZ0NlBjdHhMekE2Y1pleS9KZDUwK1NSZDg3ZwotLS0gakpkcmFXSTFYY3dh
|
||||||
|
c3BnNVR6YlNwc0Vhb01tTmJDMXlLNnhMdDNyZmZoZwrs7Ped4A7zJSqVybjIWVMx
|
||||||
|
BS8q3idSQVElJMDuyj3u+wPRnk5umxX570vxgljO/McVLvg2/UMFfmG747Ug5jub
|
||||||
|
Q/ASEMsQZghPWXQUpfNXSmpfPzg0MNx2dDRyOGnlog==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
Loading…
Add table
Add a link
Reference in a new issue