Skip to content

Commit

Permalink
switch to age keys
Browse files Browse the repository at this point in the history
  • Loading branch information
uku3lig committed Jan 18, 2024
1 parent a5a4e36 commit 6a456fc
Show file tree
Hide file tree
Showing 6 changed files with 48 additions and 48 deletions.
2 changes: 1 addition & 1 deletion modules/common.nix
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@
...
}: {
age = {
identityPaths = ["/etc/ssh/ssh_host_ed25519_key"];
identityPaths = ["/etc/age/key"];

secrets = {
rootPassword.file = ../secrets/${config.networking.hostName}/rootPassword.age;
Expand Down
22 changes: 10 additions & 12 deletions secrets/fuji/rootPassword.age
Original file line number Diff line number Diff line change
@@ -1,14 +1,12 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IFd5V3BRdyBQcnVF
UGNPWC9NaUJhbEZnbGFjUEtDS2FEZWRBeUxaK1JpZ08xY2tiUEVjClEyb09tVWlk
WGtkRXBIU1JPUGZKVUJVQ1lOV0R6K1NjVkZQeldvS212RWcKLT4gc3NoLWVkMjU1
MTkgVmIvYW1BIFRkNTJrYzZtYlhIVUZ3T3FDNWlwV3NnK1U1UjltbGJuL2U5MFVY
RFpLaGcKYU4zQ1BaalNCNG1FOXN4ZStkdW9XNEFqbTdBVVdTZmFTMERNTEFXNkZi
QQotPiBvT2Z9My1ncmVhc2UgYmRoMm0iNFEgcyhOfWRcIDwKTVJVZllHWnhjUG9m
Q0hmWTBmTVlmT2RReFJjU2FKWGpTMi9WaUlZTWoxL2pmOFRMVjVpbU9jREJoZlBm
NlR3QQpRYUpZakNXNWpKSzgreEhsMWpqczg0VGhKeGNNYmc5UjJnCi0tLSBWOVZp
dkthdnh1dFV4djBTMjg1SUh6ZWpCaUttWStYTnZjREZkNnZPYWFzCpGQpx4DjeYa
ySZeZU/9qaM2lty9XsRyyY9Y3MfU4zORTEs6EoxQQ5uJSkksWOiKq1pXEVp7Eiiw
zlml1y9HZjUJWHTkJqIu47bqBIeIJjwL4PZ9L73EmTa9m+LvfqFpMC9Ka42Iwwz3
C/7dsp19SrYydPct/nHstHL8a6ymIkXfmI35Cfl4puvE8do=
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5dFR0dUVuTThzMFZTTlht
bnlPNkJ0YlV1WnA3TnNXdkJSMG4rT1JBMFVjCmdjWTR5cmZZcXlNSmJETVNVT1VF
UU1tY0ZsQzNqTE1rMXowcUpFaG9oUjAKLT4gWDI1NTE5IFNpVjA0blVIWHBlT1R3
M3Y5T3lHaGV2c3JaREN0V1BVd0RsQWcwNjdmU0EKTnVVUEFxMWpHclZjWCtIR1lH
cUJHM3lMc1FCdVY5VTBIUGc0LzI4dFgxawotPiBnSCt6SCotZ3JlYXNlIH0KVzZr
WURzcXlHemRLOFlEcTU2WERjRDV6bWpvT0NnT2ZvR2lySDRFCi0tLSA0UDY2RG5X
MmtwZmp6VWwvT2ZvMzFRKzg5SGxkZmsvSGFhKzN2U2VoOFVFCiXEs907Y0YetyFF
0IfFzesKLjF7NWA81HeYRkK6RRk2CYDHfXOyVQdLVjUYZR3IAMmZfhxdZ2JDE5ul
WFmStlS8kpCDJjqjV5j65/BUz3NySaId7/Qh87ac5oOGLb3A5JUYU56xvBB5EOPA
17T1zatrQFbZ+b2m591Ol82qLIwpu/j4DKCH2Pnm8aw=
-----END AGE ENCRYPTED FILE-----
23 changes: 12 additions & 11 deletions secrets/kilimandjaro/rootPassword.age
Original file line number Diff line number Diff line change
@@ -1,13 +1,14 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IFd5V3BRdyA5aVlB
L1krb2xjbklkVCttMzZNczVYV3ZtRDBWLzI2MGphTW42TmwyTkdVCi8rOEpLUGhx
YXR1cnVZN0RVK3hOVVRwUTB4cHU3djFqY1MxeDRZckVhQzQKLT4gc3NoLWVkMjU1
MTkgVmIvYW1BIG9qcFNzdDhaZmFxczRVd1JaTEVlSEplcTdxQTM1YTIyZVhSVTVX
OHN5bGMKR1ZjTjJ1NVdYOFFMbFUvNlRZbTU2UDdaVDBOOFh4SkUzTEl1RUZvQ2Jx
UQotPiA3djRILWdyZWFzZSBpO1dtLWpJICQyPyB+ZkRncyB9YSFVIWdzKgpBSVRU
MklzYmNNaUxQNHJ2QUJIYjhiU2Z1QTAKLS0tIENPYkpsNUI0eFVHbnRkU0t0Q3Jv
SXRsYzNjYmRKa0tQOXBnMUdmalZiS00KQDI4rngNrAQUeBm1jkO99uAba2XAOmc4
ps3WPwPj+uQvF/kQ3sJsy6JCGErumTXJ/tm9+Atv1hrsDsCQ73vloLsbhNGNpumH
3DPYRTSr30l7ncu6qciyaFLHjSB2uTD18hh3+QSD0CJkq+0EoZZiJwZSehLsatjR
ufIgRoaf5P7cE9jBcJUT2QZSOw==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4ZmFZU1FvMDlaRWNRNXZo
TEFUWEhJem9IanZHTGVienJJcXpnNVhjQ2pnCnNVdlVpWmFhRXZSS284QkdpYnVq
SEtRZURONFFLT1U3by9lUythV3RRRUEKLT4gWDI1NTE5IDlPVEF5SFJQYmRobUQv
Zk5YaFFDWUthc3cxdjlqZE8zR1hZUHArUWRwU00KaG1qZWY0OGwrWlN6cS9GY1pL
emhVZ2k4bTF6YWp4SklhSkNGSFIvQ2M5bwotPiA4bTopWCY7Ni1ncmVhc2UgdFs5
S1xaeFIgfk1MTApnOE10WVphZnRTd0ZKbDdGcTlvWlY3RHN0YjhRcDN3eGlNRVFk
eDZBU3RJNitZZnpmTkFsOEh3d1Ywamd3TEV1CjBJZkhQYU9iRVVGMzhnaFdBZG1D
ZUNjdEpTNDV4NEhxdWpEUU9CWDRlQ2RYVGcKLS0tIEJQQy8waFVvK0FqaklDOUZD
c3BabjA4QXJ0RTVlazl0VkJGbkNoQy9zZEEKM6mW4mDz0aWpe1x2tkpzcjdjqe0i
trBwj6kaUh3mDoUfdMLZ3FDVqi7je9jFQIBMVctzZNKMOADgbGDTli7m0wGZBWSL
i8bTv1I9tgny46Kc2jvP2xOPgfTFKU87pRf133Nt1sbxL+LT0tgcPUDuEMTf3E7U
g5FXSN7Kk/aaZ/h2U2rRddn54ypLyw==
-----END AGE ENCRYPTED FILE-----
10 changes: 5 additions & 5 deletions secrets/secrets.nix
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
let
fuji = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHETiSgdsFFub534ChUKrY3U1ApAlyM7jqFmj3qN65so root@fuji";
kilimandjaro = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPbRi03uVAVzqEI5zc8QmP3uthcC1ep55gQL+nQPrEvv root@kilimandjaro";
fuji = "age16ujdfcahmnhe4ygruf28n0urgxycv8zgsp4f8856a5suewhn49cs0mqk7w";
kilimandjaro = "age1ny0re542mcvf829y28rz6eta9myaqlxasfnn933srw64dlgavpsqc59q79";

main = [fuji kilimandjaro];
server = main;
all = main;
in {
"userPassword.age".publicKeys = server;
"tailscaleKey.age".publicKeys = server;
"userPassword.age".publicKeys = all;
"tailscaleKey.age".publicKeys = all;

"fuji/rootPassword.age".publicKeys = main;
"kilimandjaro/rootPassword.age".publicKeys = main;
Expand Down
20 changes: 10 additions & 10 deletions secrets/tailscaleKey.age
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IFd5V3BRdyAwT3NR
NmVyVERocFpVNkpHQXBuL1oyZUx5RFdJRXpOek41Tmd3OHJTQ1FJCjJIQndIWWNn
RGh0cjdHN1lEbkdwUnhuRDlvdVVWODRJY1pjTHVIRlJJTXMKLT4gc3NoLWVkMjU1
MTkgVmIvYW1BIEYxRlJhb3ZEMU9yMW5majlJaDFGUXVWUXlHT1NPd2J4QzM0azZo
cVpnUzgKaU5CUWQwL2NrdUc4K096eW5BckRkdHJTOCtBMW41SnJkM2ZQNHBReVdL
dwotPiBcLWdyZWFzZSBkQz0gcng1KCBXaFx1SiBsTAp3YmlGNVRKcTF2eGVkRWtV
RER2azZBNFpzdwotLS0gT2hKbmpvK25OdTNGUFBzTXNPWUxYdUIySnlGS21TY0FM
YUJiSk1WYjVtVQqAxVWNyP4XGgZahX5r3lcocV8zRWjLbu0Hyvy9Oma6fFDiEKuq
l+Xwb5Bs6WaSowSPJO815x/T/xGdo8ggntUDNDFN4lLrKQhIkz00pbbxeVaXva9X
rrkZBn8=
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBbEI1TTVWeE9VSTBBTmdU
dkxkdlh0bzRiTEJsamRBOC9yTTU4ZzViN3lvClZpQVFYL0h1cERadDFjbUZjT1F4
ZmNzbEtrNWxNbURPK0xtSzhzaE9URkEKLT4gWDI1NTE5IHpYOGFTcTc2RGxvSnhC
MTk3aloxV0s0cTNPSkV3QXUxVW5PTkl4M3B3VmsKMmovM1NMeFVwTG5TVjNoMDRn
VVg4a2Q2Uk5leW5IM1JWbDBiL0lCU3E5YwotPiBmJnlOSiEwaS1ncmVhc2UgISB2
JXpBaWBCCndwOCttYTRQV3Q3L2h4MXBWaENEQzlCZktndmhpQVduL0ExaFRzYzlv
bG5NMnJZREltekFsc21tVjZCb3FnCi0tLSBpNjBoTU9kaVpjclZmYS85YUJwbVBo
NHhJRDI4TytKa0hTUHdHcE9zV2pJCuXL+3f4X0WqOtdkf4aa4I+4j6aYzN71aUPd
gefAEG7Nrl1XiGX01K0dYfm8rnWmf1tNhfXpmq9eU7KTfLvK8bTrqOuKQtJqXnOp
ansfY2eWuGNDu1LdlbGIrg==
-----END AGE ENCRYPTED FILE-----
19 changes: 10 additions & 9 deletions secrets/userPassword.age
Original file line number Diff line number Diff line change
@@ -1,11 +1,12 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IFd5V3BRdyBZbkkw
UlVDRmY4SStUc3NUeHJwajE2MGZKU01abXBsSjhUTlVaR1RUS0FBCnI1aGdOeTRS
cE1va3MyR08rSFZXd0h3eFNTcm05dGZGYTVFeEk1TC8zR1EKLT4gc3NoLWVkMjU1
MTkgVmIvYW1BIEJlbHhZVUdTWlZSeFNWT2xON1RCRWNrQnNpeDNiTE1lcERCSFNo
Y0NmQmsKM0hBdkZ3K0FpV3RxMUs0eXkySmt0TDB6U0N1dkhUczhsWUowV2lCSkxq
awotPiBqYi1ncmVhc2UgdCcKdTRlOQotLS0gR2Q4ajQvR2p2cWVmS3dMeTJNam5H
NUU5dkxvRFA2SXdEa1NtTWZUOE1uZwrc3tjr3tkK0xwRJT1BvUWvKmsMBqlwly7p
CBB0rphclsuS+HdxuCU1/qQ6dfXw8heoIKrRR0iTFp3NMZLQgcrWExwqRfQhS4wy
uA/xZPhUA96MhTpTtthnmClSijn5rAv++DFx9UajBjXr
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4amN5eXNianBtOTRpQ2hj
clhMVUwweXRkblYyS1VjdllRRTIrZ25KM25jClhkT0kxaUVWWTEzTk5wU012WEFl
Skc1K01BdXFMVG82emo5SXRRdEIzcFEKLT4gWDI1NTE5IE9NaHl2OXd6ZXlMdXVB
aklzZ0FIN3JKOWpkVkV3RHlRLzZXSjdQNlNRMDgKUHA4U1FTdTBKTkd3cEVUTUFO
Ujc0cmNEMjZsVDJCNkNsczVTMGJnOHFzcwotPiBnQSJJRy1ncmVhc2UKMUxPQm5G
blhzWTBWYmQ5dTZJWjdTNnZJQTY0L3p6S3ZVa3FLNVR1UENVVVRVYUJteG1IdGtU
MEpoSnBEQ1hBMQpZakdHOE12YQotLS0gTm93cXJoNEVUVjRzQlpDaHA0UVIyNXFr
MG9OYUFBekJ3TUdqVTlEcm1pbwoV2hJ7OZJ9OWVyn0Ma1LCS0vm+Lq5pVxodl6dX
mLwd9jT2ELKelt1CDkzTESToZw6FeFifC14Jv8H9z0+IwThBT9kptQ9xIsvtJ5vH
+yUTtxcz6oWJA8f8xRGh1FvWrUf1g7xhMkzVstPv
-----END AGE ENCRYPTED FILE-----

0 comments on commit 6a456fc

Please sign in to comment.