[SSH] Add H4Git key
This commit is contained in:
parent
2bdf81e6be
commit
25f78907ea
3 changed files with 53 additions and 13 deletions
|
@ -16,21 +16,29 @@
|
||||||
# Generate new keys if the key specified above does not exist
|
# Generate new keys if the key specified above does not exist
|
||||||
# generateKey = true;
|
# generateKey = true;
|
||||||
};
|
};
|
||||||
secrets = {
|
secrets =
|
||||||
"H4G0/ssh" = {
|
let
|
||||||
format = "yaml";
|
user = config.users.users.tdpeuter.name;
|
||||||
sopsFile = ../../../secrets/H4G0.yaml;
|
in {
|
||||||
owner = config.users.users.tdpeuter.name;
|
|
||||||
};
|
|
||||||
"GitHub/ssh" = {
|
"GitHub/ssh" = {
|
||||||
format = "yaml";
|
format = "yaml";
|
||||||
sopsFile = ../../../secrets/GitHub.yaml;
|
sopsFile = ../../../secrets/GitHub.yaml;
|
||||||
owner = config.users.users.tdpeuter.name;
|
owner = user;
|
||||||
};
|
};
|
||||||
"GitHub-UGent/ssh" = {
|
"GitHub-UGent/ssh" = {
|
||||||
format = "yaml";
|
format = "yaml";
|
||||||
sopsFile = ../../../secrets/GitHub-UGent.yaml;
|
sopsFile = ../../../secrets/GitHub-UGent.yaml;
|
||||||
owner = config.users.users.tdpeuter.name;
|
owner = user;
|
||||||
|
};
|
||||||
|
"H4G0/ssh" = {
|
||||||
|
format = "yaml";
|
||||||
|
sopsFile = ../../../secrets/H4G0.yaml;
|
||||||
|
owner = user;
|
||||||
|
};
|
||||||
|
"H4Git/ssh" = {
|
||||||
|
format = "yaml";
|
||||||
|
sopsFile = ../../../secrets/H4Git.yaml;
|
||||||
|
owner = user;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -1,11 +1,6 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
services.openssh = {
|
|
||||||
enable = true;
|
|
||||||
settings.PasswordAuthentication = false;
|
|
||||||
};
|
|
||||||
|
|
||||||
home-manager.users.tdpeuter = {
|
home-manager.users.tdpeuter = {
|
||||||
programs.ssh = {
|
programs.ssh = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
@ -28,6 +23,12 @@
|
||||||
identityFile = "/run/secrets/GitHub-UGent/ssh";
|
identityFile = "/run/secrets/GitHub-UGent/ssh";
|
||||||
user = "tdpeuter";
|
user = "tdpeuter";
|
||||||
};
|
};
|
||||||
|
"git.depeuter.dev" = {
|
||||||
|
hostname = "git.depeuter.dev";
|
||||||
|
identitiesOnly = true;
|
||||||
|
identityFile = "/run/secrets/H4Git/ssh";
|
||||||
|
user = "tdpeuter";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
31
nixos/secrets/H4Git.yaml
Normal file
31
nixos/secrets/H4Git.yaml
Normal file
|
@ -0,0 +1,31 @@
|
||||||
|
H4Git:
|
||||||
|
ssh: ENC[AES256_GCM,data:AXt6YNzRkRpMynMkNvMiYas3LpGm34hQFqlaG32+XzhBdrS1wtLaNQp1iy/+G0yXBkwwmRVPoih8ssz7bEkQd+vORP5jSKnARbr9ZZvWoe7XjMDlyyfqMdWE+nr7hACCVmQmTt5VuX33xTuvgAP0hYAzUXMDt5Jl7ZWjfoYegqWUbQLLy6QpSo8hqxZpy7ec3s6mWQgb+nBwIjyIFq866Or56cyT72+b6iOjaehjPzZez1pMO1yCkt7CA5wt+gP76F6wG34PTMn6FtP0aRzGc2MohKLMssU1biqcADsdJmz1tBQZFh7x2X4toCbX9svt3cbGnVOmKbXluKjlS1+6haZgBzdHnob9ZobU2uV9GVyKo4IX3mhXRSeTCusLh9sE4V59FHFyRnVTWzkEBdQcuQ3EzhLFwK74gxTqtdsUbcFSHPwloPBZCfmmHVzqnBwR9FSURBK/olQl7VKr3PKXemzBAlB0COQh+feuH2hp/liWVkHPP5WAaoKpPnKtRduYYSEH4lp2Mk7X3lM/lUp6oIVYtpQby4p2pSU4,iv:n0M5re8pOQXCBcaxkp3n82vdHBcSFHZ8RymnwXaLvIM=,tag:rooT43fOYVWpcnQ8EDV8Qw==,type:str]
|
||||||
|
sops:
|
||||||
|
kms: []
|
||||||
|
gcp_kms: []
|
||||||
|
azure_kv: []
|
||||||
|
hc_vault: []
|
||||||
|
age:
|
||||||
|
- recipient: age1fva6s64s884z0q2w7de024sp69ucvqu0pg9shrhhqsn3ewlpjfpsh6md7y
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBZWnBUQXJKb2JWeGhjQURI
|
||||||
|
QUZLb1RncWRBMkJsVzFmUGFKL2Y4S0pQaVdFCldDSEZIVUJ3N01abmZUeGxPVHZT
|
||||||
|
ZWtKNTdycDlUTmx2UnpzajQvZG9INUEKLS0tIFBYOW8zZjZ4bThBMTBlb3NYOXlw
|
||||||
|
RnR4NEJ6M044dVhLelkyc2ViRU96bTgKfspxNwByG+nLPdfLEvn21BSjjbW5fGuZ
|
||||||
|
77X/olzob2sR8UjYYYfTYUvw+kHfuiC8Mkg2b+Jy7Q6nSQ+4zuq4/A==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
- recipient: age1d4gvqz3anf082ja6xt03hnkzazfum80um9t45m4rerl4n3va2yuqgnsg03
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2cUxVekFVdWtsQTNTcm9x
|
||||||
|
YUFOTzdDSU1JeTdDbU0vcUZ4bEp5VGtkcjJRCmVuRUJYR0NnQXVGbnYyZ3FWZXNx
|
||||||
|
TUY3TlVMSTZPSUtUUnJhU2QvSWgyUUEKLS0tIGZaUUNSSkdxQW1zakZDbi9iZThS
|
||||||
|
Z2hKRHVDYUlsa1psaFU3ZUxnZitPbEkKm1sBknoqVcArgLGDD6Twi1/E3TDlAw4d
|
||||||
|
xhzeYNrS9LVCDKco8TGIv9OQV0u0MkGR4/fvuLopn2eyiDlJOqqVNg==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
lastmodified: "2023-09-21T13:16:04Z"
|
||||||
|
mac: ENC[AES256_GCM,data:69g9CpSo6Cg19CG4/vWeh9xT3EATwyxtMQ6xOmqF9kjCu8l9b5ZfFCfgX6RFDwSxFY0u2oFgxbNfbiudcKLwxCoXDSm+xhjpk9SSBSzwAJ+UWWQE/pKJVFbk1QG3iw/VGQJYVUK9SKk6TsTEphHYPS00Go/k38cPxVuyEKcpWkQ=,iv:YVqQmwHgw2Z/AqIJZaxrfotXuuHGx/Vw8p6y3FXbCqg=,tag:0l3f5BX0uzTGB6IBnpqpdg==,type:str]
|
||||||
|
pgp: []
|
||||||
|
unencrypted_suffix: _unencrypted
|
||||||
|
version: 3.7.3
|
Loading…
Reference in a new issue