[SSH] Add H4Git key
This commit is contained in:
parent
2bdf81e6be
commit
25f78907ea
3 changed files with 53 additions and 13 deletions
|
@ -16,21 +16,29 @@
|
|||
# Generate new keys if the key specified above does not exist
|
||||
# generateKey = true;
|
||||
};
|
||||
secrets = {
|
||||
"H4G0/ssh" = {
|
||||
format = "yaml";
|
||||
sopsFile = ../../../secrets/H4G0.yaml;
|
||||
owner = config.users.users.tdpeuter.name;
|
||||
};
|
||||
secrets =
|
||||
let
|
||||
user = config.users.users.tdpeuter.name;
|
||||
in {
|
||||
"GitHub/ssh" = {
|
||||
format = "yaml";
|
||||
sopsFile = ../../../secrets/GitHub.yaml;
|
||||
owner = config.users.users.tdpeuter.name;
|
||||
owner = user;
|
||||
};
|
||||
"GitHub-UGent/ssh" = {
|
||||
format = "yaml";
|
||||
sopsFile = ../../../secrets/GitHub-UGent.yaml;
|
||||
owner = config.users.users.tdpeuter.name;
|
||||
owner = user;
|
||||
};
|
||||
"H4G0/ssh" = {
|
||||
format = "yaml";
|
||||
sopsFile = ../../../secrets/H4G0.yaml;
|
||||
owner = user;
|
||||
};
|
||||
"H4Git/ssh" = {
|
||||
format = "yaml";
|
||||
sopsFile = ../../../secrets/H4Git.yaml;
|
||||
owner = user;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
|
|
@ -1,11 +1,6 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
services.openssh = {
|
||||
enable = true;
|
||||
settings.PasswordAuthentication = false;
|
||||
};
|
||||
|
||||
home-manager.users.tdpeuter = {
|
||||
programs.ssh = {
|
||||
enable = true;
|
||||
|
@ -28,6 +23,12 @@
|
|||
identityFile = "/run/secrets/GitHub-UGent/ssh";
|
||||
user = "tdpeuter";
|
||||
};
|
||||
"git.depeuter.dev" = {
|
||||
hostname = "git.depeuter.dev";
|
||||
identitiesOnly = true;
|
||||
identityFile = "/run/secrets/H4Git/ssh";
|
||||
user = "tdpeuter";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
|
31
nixos/secrets/H4Git.yaml
Normal file
31
nixos/secrets/H4Git.yaml
Normal file
|
@ -0,0 +1,31 @@
|
|||
H4Git:
|
||||
ssh: ENC[AES256_GCM,data:AXt6YNzRkRpMynMkNvMiYas3LpGm34hQFqlaG32+XzhBdrS1wtLaNQp1iy/+G0yXBkwwmRVPoih8ssz7bEkQd+vORP5jSKnARbr9ZZvWoe7XjMDlyyfqMdWE+nr7hACCVmQmTt5VuX33xTuvgAP0hYAzUXMDt5Jl7ZWjfoYegqWUbQLLy6QpSo8hqxZpy7ec3s6mWQgb+nBwIjyIFq866Or56cyT72+b6iOjaehjPzZez1pMO1yCkt7CA5wt+gP76F6wG34PTMn6FtP0aRzGc2MohKLMssU1biqcADsdJmz1tBQZFh7x2X4toCbX9svt3cbGnVOmKbXluKjlS1+6haZgBzdHnob9ZobU2uV9GVyKo4IX3mhXRSeTCusLh9sE4V59FHFyRnVTWzkEBdQcuQ3EzhLFwK74gxTqtdsUbcFSHPwloPBZCfmmHVzqnBwR9FSURBK/olQl7VKr3PKXemzBAlB0COQh+feuH2hp/liWVkHPP5WAaoKpPnKtRduYYSEH4lp2Mk7X3lM/lUp6oIVYtpQby4p2pSU4,iv:n0M5re8pOQXCBcaxkp3n82vdHBcSFHZ8RymnwXaLvIM=,tag:rooT43fOYVWpcnQ8EDV8Qw==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1fva6s64s884z0q2w7de024sp69ucvqu0pg9shrhhqsn3ewlpjfpsh6md7y
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBZWnBUQXJKb2JWeGhjQURI
|
||||
QUZLb1RncWRBMkJsVzFmUGFKL2Y4S0pQaVdFCldDSEZIVUJ3N01abmZUeGxPVHZT
|
||||
ZWtKNTdycDlUTmx2UnpzajQvZG9INUEKLS0tIFBYOW8zZjZ4bThBMTBlb3NYOXlw
|
||||
RnR4NEJ6M044dVhLelkyc2ViRU96bTgKfspxNwByG+nLPdfLEvn21BSjjbW5fGuZ
|
||||
77X/olzob2sR8UjYYYfTYUvw+kHfuiC8Mkg2b+Jy7Q6nSQ+4zuq4/A==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
- recipient: age1d4gvqz3anf082ja6xt03hnkzazfum80um9t45m4rerl4n3va2yuqgnsg03
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2cUxVekFVdWtsQTNTcm9x
|
||||
YUFOTzdDSU1JeTdDbU0vcUZ4bEp5VGtkcjJRCmVuRUJYR0NnQXVGbnYyZ3FWZXNx
|
||||
TUY3TlVMSTZPSUtUUnJhU2QvSWgyUUEKLS0tIGZaUUNSSkdxQW1zakZDbi9iZThS
|
||||
Z2hKRHVDYUlsa1psaFU3ZUxnZitPbEkKm1sBknoqVcArgLGDD6Twi1/E3TDlAw4d
|
||||
xhzeYNrS9LVCDKco8TGIv9OQV0u0MkGR4/fvuLopn2eyiDlJOqqVNg==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2023-09-21T13:16:04Z"
|
||||
mac: ENC[AES256_GCM,data:69g9CpSo6Cg19CG4/vWeh9xT3EATwyxtMQ6xOmqF9kjCu8l9b5ZfFCfgX6RFDwSxFY0u2oFgxbNfbiudcKLwxCoXDSm+xhjpk9SSBSzwAJ+UWWQE/pKJVFbk1QG3iw/VGQJYVUK9SKk6TsTEphHYPS00Go/k38cPxVuyEKcpWkQ=,iv:YVqQmwHgw2Z/AqIJZaxrfotXuuHGx/Vw8p6y3FXbCqg=,tag:0l3f5BX0uzTGB6IBnpqpdg==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.7.3
|
Loading…
Reference in a new issue