From 7cb3e2aae47198386c060b1959782971efb35cab Mon Sep 17 00:00:00 2001 From: Asmir A Date: Sun, 21 Apr 2024 16:16:37 +0200 Subject: [PATCH] mediabox/initrd: remove sops ssh key --- mediabox/configuration.nix | 6 +----- mediabox/secrets/dummy_ssh_key.yaml | 30 ----------------------------- 2 files changed, 1 insertion(+), 35 deletions(-) delete mode 100644 mediabox/secrets/dummy_ssh_key.yaml diff --git a/mediabox/configuration.nix b/mediabox/configuration.nix index 7fc2c1b..ffb5bb5 100644 --- a/mediabox/configuration.nix +++ b/mediabox/configuration.nix @@ -30,10 +30,6 @@ sopsFile = ../common/secrets/wg_preshared.yaml; }; - sops.secrets."dummy_ssh_key" = { - sopsFile = ./secrets/dummy_ssh_key.yaml; - }; - nix = { optimise.automatic = true; gc.automatic = true; @@ -53,7 +49,7 @@ udhcpc.enable = true; ssh = { enable = true; - hostKeys = [config.sops.secrets."dummy_ssh_key".path]; + hostKeys = [/etc/ssh_dummy_ed25519_key]; authorizedKeys = [(builtins.readFile ../nixy/ssh_pubkey)]; }; }; diff --git a/mediabox/secrets/dummy_ssh_key.yaml b/mediabox/secrets/dummy_ssh_key.yaml deleted file mode 100644 index 4d41706..0000000 --- a/mediabox/secrets/dummy_ssh_key.yaml +++ /dev/null @@ -1,30 +0,0 @@ -dummy_ssh_key: ENC[AES256_GCM,data:tI28E8IPF9sBP7QmLSigVPrNY4bdF5INSouYJ3n3PelDS64KUWis2JsKTT6da4Q0S4zf1QGMHd1L0QpyHft497AH/r1Akf4/+gwiHVV8O4dI3cZxqfm1aEIrmP4Gy6S+0gJtOkm4bRRTFAINtr4iIz+max5/TTZbcJs6Nfee4uy2bRRp2t6ZJGpkSqHVAuVbCfcj7UPtLFMle6fgpJwxKUZgeSaRiDNRgP2k8E+JWLx3k/9TZen9vYidptdxu3SQ7pOpyiyQkzMJfwc3skyDsjfqj05H/hVMs49J8Gv3JglajTTuwg+Pgtz7nAgiFI7JDvJAbvY48+3oE5ZWf0BIcoEBorOKzzIO8qV/Yy5wDBIVr5YC09MikZ4dupH4PtwgegH5dWT0vi0EDCl4opX/qOrG0tc4DgFiaqRIwxMGnINxNQ+sHUsEzom9m0hvJt0pTH0b2fRh+43roqmaBMZjhwMU/bnXB5EIdVzTxBnwOXcS+0R+a4om0ziZQku+IZCF/u23DtF/vY6I75dfaRrT,iv:y8XWPaxLC/14wtzgNMtdehZ8H/ye5P8YXCUvTWBa570=,tag:gvIAbkuZpBHuoxiLQ5bQhw==,type:str] -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age19yrl6pr73cv067ksfz0txp3zm2au25jfyjeerw23ml55ps5cyyfqtm3kmt - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXMUhaMDg5K0c2RUVoY3BT - b3ZRajRFWHg0eFduUFpZb2l0NzAyNFBDbkFJCjNHRUNxT1duWEdySFppNU5rblZU - bmgveE5rM0JIYno0bGdGbnZJRTgvdnMKLS0tIG5iaTRCQWN4V3QrdmhBdURDQ084 - cHhTV2Z5bzV2ckVLVkMrL2tNSUpqNWMKW2rEBB8mUlejxRnHmHyGtAAnPUuLyAM6 - 4BBvBS3zMs3mzLEXUgcH1f8LsJiLm+DQVGEPNiKUn6H6SlnCh7ZSmg== - -----END AGE ENCRYPTED FILE----- - - recipient: age1geqqmsnng2e9sja6uxxmtlwlm4c6e5v6ch3l3yjenstq6tjq4fusr0305s - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSL2Y4Mzc1YWs5cjNSc29k - QnhlRHJqbWdDK2JqZHVQYk9MSTdOTWw2WVM4ClozWHNMWmhCUmU3ZXdZaGJTS3d4 - Z0xLbnlsOCt4NitTMCtoSE9VY2hueFUKLS0tIEhVbTc0TWU2NzluVksvQ2xDZkMy - M0ZtaFJzOS9lYTFvL2dKNnRaWk5QMG8KwyQseKKVk4qQKH6goHLGsvAdyQtLmjmR - XtKPMOzHZ4aFG8h/bFHH3xxVHADh0qmfOlUMa/nG6I8IcPjXXCwyTQ== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-04-21T11:04:43Z" - mac: ENC[AES256_GCM,data:5QMf6xp8hltgDcL6TLe16zbvAEovClabzefG6on8MSW9uW4IvAJuzzSR6pL0H+WHLtzc0IwdHten/ic3jkMZDJMRBkL/vOZx5iPaZcU1GdnFyFYKcDZrEefy1i9tgiigsU3vx5qqXYOERAXgYCRIX9BO9EXZ+jamuXCONTGuWJI=,iv:5q742vstvWULdPVAAw1MKoVjdYisyxlWaSc0b0Id82w=,tag:Uph/eWCSyLrlJSUq17M8/w==,type:str] - pgp: [] - unencrypted_suffix: _unencrypted - version: 3.8.1