Move ssh-key README

2023-10-19 21:06:02 +02:00 · 2023-10-19 21:06:02 +02:00 · 5647db6b46
commit 5647db6b46
parent 50086f590f
2 changed files with 0 additions and 47 deletions
--- a/nixos/modules/programs/sops/README.md
+++ b/nixos/modules/programs/sops/README.md
@ -0,0 +1,41 @@
+# Adding SSH keys
+
+To incorporate SSH keys, for instance, to enable authentication with a Git server, follow these steps:
+
+Step 0: If necessary, generate a keypair, for example using the command:
+
+```bash
+ssh-keygen -t ed25519
+```
+
+Please note that setting a password for the keypair is not yet tested.
+
+Step 1: Create a new file named `yourservice.yaml` within the [secrets](../../../secrets/) directory by executing the following command:
+
+```bash
+sops secrets/yourservice.yaml
+```
+
+Within this file, create a value that contains your private key. For example:
+
+```yaml
+yourservice:
+    ssh: |
+        -----BEGIN OPENSSH PRIVATE KEY-----
+        <...>
+        -----END OPENSSH PRIVATE KEY-----
+```
+
+Step 2: Reference this value in [your sops configuration](../../utils/sops/default.nix) as follows:
+
+```
+sops.secrets."yourservice/ssh".format = "yaml";
+sops.secrets."yourservice/sss".sopsFile = secrets/youservice.yaml;
+```
+
+Step 3: Finally, add the SSH key to your SSH configuration so that it is used correctly when connecting to your host. Add the following lines to your SSH configuraton file:
+
+```
+Host yourservice
+    IdentityFile /run/secrets/yourservice/ssh
+```