[SSH] Add GitHub key

This commit is contained in:
Tibo De Peuter 2023-09-11 12:49:47 +02:00 committed by Tibo De Peuter
parent a9e731113a
commit c376b8630e
3 changed files with 43 additions and 1 deletions

View file

@ -14,7 +14,7 @@
# Use an age key that is expected to already be in the filesystem # Use an age key that is expected to already be in the filesystem
keyFile = "/var/lib/sops-nix/key.txt"; keyFile = "/var/lib/sops-nix/key.txt";
# Generate new keys if the key specified above does not exist # Generate new keys if the key specified above does not exist
generateKey = true; # generateKey = true;
}; };
secrets = { secrets = {
"H4G0/ssh" = { "H4G0/ssh" = {
@ -22,6 +22,11 @@
sopsFile = ../../../secrets/H4G0.yaml; sopsFile = ../../../secrets/H4G0.yaml;
owner = config.users.users.tdpeuter.name; owner = config.users.users.tdpeuter.name;
}; };
"GitHub/ssh" = {
format = "yaml";
sopsFile = ../../../secrets/GitHub.yaml;
owner = config.users.users.tdpeuter.name;
};
}; };
}; };
} }

View file

@ -16,6 +16,12 @@
identityFile = "/run/secrets/H4G0/ssh"; identityFile = "/run/secrets/H4G0/ssh";
user = "admin"; user = "admin";
}; };
"github.com" = {
hostname = "github.com";
identitiesOnly = true;
identityFile = "/run/secrets/GitHub/ssh";
user = "tdpeuter";
};
}; };
}; };
}; };

31
nixos/secrets/GitHub.yaml Normal file
View file

@ -0,0 +1,31 @@
GitHub:
ssh: ENC[AES256_GCM,data:jzRpTgefhZg7Vhm8QvWNsPBko1yw56sM/XehY72lAc7aRz+dx6BGgyYbZiifd7GrGJGUbH6gWfUg8YjgVla6VRsiHCEvSK3bY0ADDwTeSUs+wuybYXQZqhivSCInVtVSNAcp99uI1QwKor289zmxcFtSZEXgU1OCSel/8br+qipAbOkzAKX1v15eigjY4OSQxXL59EuuuHEQ+vjVVv95tDv03jaNAoU9UKr0Atrny/Fn2sQn4Tmec5Q1XdvDErKhSxrAFiACkxXUwPZMHez+BUZrmkksqpzNJjYNIlmsITuOVr7Fyen9wotAwsDf96Fmz5JYLtRX9CAboUgQLdUOKprwX/xgBnFtDTSH1Qr785T1QSAZL6xdE6hNibxZO3vGeeaPC3oGB5g9x5CwTQelMdOUPKdKorCDj226o56cTc/IQxUpsULbeOyi2pMGHiTHbiQBzHpxWyQ/gBktPkF25GOFeaCu3gW+xsspX91jSKudcYdBqWUNmJcdsfHfPxPM4cZtA/sVMyoA+YcehgU7GTu9DAlxDTug/JWo,iv:5shfzmrFFVEuaYmyTkBMAw9BIFFkKz0yl1dyJWxq6Y4=,tag:CX7TBJJXCKuIPSmg9/RpGg==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1fva6s64s884z0q2w7de024sp69ucvqu0pg9shrhhqsn3ewlpjfpsh6md7y
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYWWFUdnpERVlkK29TQ09k
SnJMVm5rUEV6S0huSzJ2YjFFQ3pNR0pmZWprClZEVDloeDE2ODNkMVVJTUtqaENz
ZzhwTTA4V2xOeW55WGtPZU5FWElQNDAKLS0tIFh5ZWtmZHRBWTAvM3ZwY3pKQ0R6
aDNUbFlhWWVoOWpjVlV1VTVJejlSMjQK6wCeCRdHY5oyTX6/R1U5AOGJyp0exi1A
dWPUMfkKBBBkrR+G6ougd8o3FwFf+yfb5RhaTxxqjit6p2RyMjR64w==
-----END AGE ENCRYPTED FILE-----
- recipient: age1d4gvqz3anf082ja6xt03hnkzazfum80um9t45m4rerl4n3va2yuqgnsg03
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB6WVcwYVFWbG1ucEtTSTI5
Y0pxZ1FidjVURlVxZTdTSHdzME05Z0hyblJBCkQ5R2F1a2IyRVIvYjlmY1p3S3VR
OW1zcnp2Z1Zydlpjd2tBU2RHajhoamMKLS0tIG9oMWtHVU1nTHBtcGM3OWxVNFZL
K3NaMitlT2orSVhHVmFRVmhPUXhBSGMKAqVqH9hT9NL5D6Fsovn67GY056B6Ttwg
fr9y+8rkG43LbuehpKktv2I/UP64QKcYgqWDOWOmicHYx8pOXKLHkA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-09-11T10:23:48Z"
mac: ENC[AES256_GCM,data:3XEbhFY1TlXo6bTctV2u4i6QPzXnJC6iU3F/MUARSQl1z4peOB5x8hZfdiV/hVMR8I+83TxDcEAmKDrcaMf89Tqa+OiD//wBekMUfS7AmBRhpv7X5qfarflfnygacFsAMhf/bdiqowYbGSNvlPjueqHJaFZ+3x/wPrt/jAYNlr8=,iv:ciQmY7bE+Je6kMlmxxtQvp+r3e/ZK942tT4TtXhDX2M=,tag:4+7uZlEm5bcRfZC7pp5Y7Q==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.7.3