From 1200a7093fb2beac77f52be828e99a2a49a2cfcf Mon Sep 17 00:00:00 2001 From: deva Date: Mon, 22 Jul 2024 16:01:11 -0400 Subject: [PATCH] fix sops & change ssh key --- flake.lock | 6 +++--- os/configuration.nix | 9 +++++---- os/dev/default.nix | 2 +- os/id_dev.pub | 1 - os/id_deva.pub | 1 + os/users.nix | 4 ++-- 6 files changed, 12 insertions(+), 11 deletions(-) delete mode 100644 os/id_dev.pub create mode 100644 os/id_deva.pub diff --git a/flake.lock b/flake.lock index 080d74f..8f970a5 100644 --- a/flake.lock +++ b/flake.lock @@ -419,10 +419,10 @@ "mysecrets": { "flake": false, "locked": { - "lastModified": 1720910245, - "narHash": "sha256-xACM/LGDLmgy8JQIPWojb5KOiIqbQpofX9WUbGQHiZE=", + "lastModified": 1721677492, + "narHash": "sha256-VQBIEuO01t4Tq4We5ER9/GV/mbHXVQSf3zD7s6vwSqY=", "ref": "main", - "rev": "2f617698545719fd26f7fc074a0da1e6673e62d9", + "rev": "1e1c10a8bd978220aa4cea5c3a13f726971276f2", "shallow": true, "type": "git", "url": "ssh://git@192.168.1.203:2222/deva/secrets.git" diff --git a/os/configuration.nix b/os/configuration.nix index b4cba02..3fd1479 100644 --- a/os/configuration.nix +++ b/os/configuration.nix @@ -21,18 +21,18 @@ in { # sops.age.generateKey = true; # This file below is the only file that needs to be copied over (for sops support) - sops.age.keyFile = "/home/${config.users.users.me.name}/.config/sops/age/keys.txt"; + sops.age.keyFile = "/etc/sops-keys.txt"; sops.secrets = { - id_dev = { + id_deva = { owner = config.users.users.me.name; inherit (config.users.users.me) group; - path = "/home/${config.users.users.me.name}/.ssh/id_dev"; + path = "/home/${config.users.users.me.name}/.ssh/id_deva"; }; user_password = { neededForUsers = true; }; }; - home-manager.users.me.home.file.".ssh/id_dev.pub".text = builtins.readFile ./id_dev.pub; + home-manager.users.me.home.file.".ssh/id_deva.pub".text = builtins.readFile ./id_deva.pub; users.mutableUsers = false; users.users.me.hashedPasswordFile = config.sops.secrets.user_password.path; @@ -145,6 +145,7 @@ in { ]; files = [ "/etc/machine-id" + "/etc/sops-keys.txt" ]; }; diff --git a/os/dev/default.nix b/os/dev/default.nix index 3076618..01504b6 100644 --- a/os/dev/default.nix +++ b/os/dev/default.nix @@ -136,7 +136,7 @@ in { host = "gitlab.com github.com 192.168.1.203"; identitiesOnly = true; identityFile = [ - "~/.ssh/id_dev" + "~/.ssh/id_deva" ]; }; }; diff --git a/os/id_dev.pub b/os/id_dev.pub deleted file mode 100644 index e833524..0000000 --- a/os/id_dev.pub +++ /dev/null @@ -1 +0,0 @@ -ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBJRVqaCvz582ioiqnNELKIrGy4RkJ4IVorYlJ98iuZz hi@dessa.dev diff --git a/os/id_deva.pub b/os/id_deva.pub new file mode 100644 index 0000000..6532709 --- /dev/null +++ b/os/id_deva.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPVwUob8DTgkccFqWNU2XJEf3xlFPOKef+43+56W5UGj hi@dessa.dev diff --git a/os/users.nix b/os/users.nix index 2908af4..5c1b8ab 100644 --- a/os/users.nix +++ b/os/users.nix @@ -16,7 +16,7 @@ desktopEnvironment = "gnome"; obs = true; authorizedKeys = [ - (builtins.readFile ./id_dev.pub) + (builtins.readFile ./id_deva.pub) ]; packages = with pkgs; [ nom @@ -34,7 +34,7 @@ shell = "zsh"; extraGroups = []; authorizedKeys = [ - (builtins.readFile ./id_dev.pub) + (builtins.readFile ./id_deva.pub) ]; }; }