asmir/nixos_flake_config
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: asmir:a418ea4145b0366bae7fc11787ed9dd5e50683a2
Branches Tags
asmir:master
asmir:gitea_typst
asmir:magento2
..
compare: asmir:7cb3e2aae47198386c060b1959782971efb35cab
Branches Tags
asmir:master
asmir:gitea_typst
asmir:magento2

2 Commits
a418ea4145 ... 7cb3e2aae4

Author SHA1 Message Date
Asmir A
7cb3e2aae4
mediabox/initrd: remove sops ssh key 2024-04-21 16:16:37 +02:00
Asmir A
511aee2794
magpie/initrd: remove sops ssh key 2024-04-21 16:15:46 +02:00
4 changed files with 2 additions and 70 deletions
Show Stats Expand all files Collapse all files

6
magpie/configuration.nix
View File

@ -31,7 +31,7 @@
udhcpc.enable = true; udhcpc.enable = true;
ssh = { ssh = {
enable = true; enable = true;
hostKeys = [config.sops.secrets."ssh_tmp_key".path]; hostKeys = [/etc/ssh_dummy_ed25519_key];
authorizedKeyFiles = [../nixy/ssh_pubkey]; authorizedKeyFiles = [../nixy/ssh_pubkey];
}; };
}; };
@ -330,10 +330,6 @@
sopsFile = ./secrets/borgbase_ssh_key.yaml; sopsFile = ./secrets/borgbase_ssh_key.yaml;
}; };
sops.secrets."ssh_tmp_key" = {
sopsFile = ./secrets/ssh_tmp_key.yaml;
};
networking.hostName = "magpie"; networking.hostName = "magpie";
networking.firewall.enable = true; networking.firewall.enable = true;

30
magpie/secrets/ssh_tmp_key.yaml
View File

@ -1,30 +0,0 @@
ssh_tmp_key: ENC[AES256_GCM,data:0Nhokwe27gGeGB2ScDPzKvw4QLyveGaQJpCPf8PG/0Pan5W31NAw1suNa3QYeD7AVzhDZzE0g2eCovtNQ3ne1add4FBp670rditi0D2aKgxXL9WAX+Xl+1fsUA5x764oHt58yY9Om3ByJZK3JgDH1JkVauw6+hcURWIx0WjOrO0I75ofdfUy+wEO3Br9mLgtOcUuaXaqc3nUYn5Oo7nk2hK746YRDpq+sA0KZxf49OwPPUz8HgeNOxHWdgp0WHZPk3dDHBBiEQXokdCCWwo+j1L+e9EvrHqjiJ+Yl+02yd1KwcbPnnGyBGrli0JcNpofsCnDQGnrkhHGxJHFZpdIkp1LQWVITpp/BU63sYDIIUXo6AcHOofmqeXZo9rmeHTrA6TpRrMs/aoEQGE+6L3OQTrnTvkdfXvaCJmZ8sWhV5mDzw9x2y6JsWyo65lTRRX+YAvCbkoi7IyCKu1ESrzpFLCUpf4+YBcVrv+RWyQhxVeFMtW6RjpnYYtsAa4WBwdtnxn941zkTLh7rvDhsTy/,iv:UYMgZBIl9HGjFXQskPs5fb64mVlY2PJI8hl80m0tQqU=,tag:O4O6oxtvOR+jiGDlhFk1vg==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age153y8mz6gqy5t54q4fnrdvjj4v5ls9cgp3hhpd2hzf5tvkcnncf6q4xns0j
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVWVdrd0xkTk5rUDg0alk2
Y1NaaFYxSjBqeG9peW1OQ2VpcEpFVS95SjBFCmFRTk9Ia1RKNzF6eEVCaUxCalVP
Qmo1WnNQcEhjZE1USDkxVXo1b2NldXMKLS0tIFRjZlRsOGdGSWxIUlBFQ2xNdEJG
RkN1SXJiSlRkQUdSblBlcmV6dEFoSVEKAb+zyJvpBqsBUUu5y7QBIenceTlq5T9k
/C2jDZJ7yuKBSYxo3gxyIeyS6Sy+mDcXMcykzVx1NpArhjQVAk7Igw==
-----END AGE ENCRYPTED FILE-----
- recipient: age1geqqmsnng2e9sja6uxxmtlwlm4c6e5v6ch3l3yjenstq6tjq4fusr0305s
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGbERkSE94MFYrUmV3WXMx
TDlDVWZGejhyaEpwY2prQmI4WnhFZk5nZVZVCnY5c1JjNmRYNzRCUFhDQ1NUck1j
Q3B6eEFqWGk2a0o0RXZYdXBDRHZrckkKLS0tIFpWdFg5dDQ2djhKWEIxTVQxS1pO
UjhBR3liczFmYW5OSERxa240ZzhmRzgKuHazL76dOSmBFvRimkskoO1C95sUVfFf
xrTl76N9as5R897gqyX8s6oXYMjHPYYE3ko1VNOT84bTaVwXVu/oaw==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-04-21T11:49:14Z"
mac: ENC[AES256_GCM,data:EYwpISkIeYnfQp5EbdUKLlyK9OpwmbYOgtzY1jaTPouNk+Snp+yW9t3G+EdOeKxrn1LV7C9Sjd2Qfu/DvFGjfkKS4W7KD3FB+SsBHVefrTl0cRZK0QOhdwqe/A7542x1FWyDMuean28Q4EO72zJU9tn/MvRT+QIiHXtmqu9spIg=,iv:UUXxiBEENjs2vdxzP1QJRU5ZhDyqkqn6Yqft846HIXg=,tag:L+MGa3ORQ7MIqfjdc3VFSg==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.8.1

6
mediabox/configuration.nix
View File

@ -30,10 +30,6 @@
sopsFile = ../common/secrets/wg_preshared.yaml; sopsFile = ../common/secrets/wg_preshared.yaml;
}; };
sops.secrets."dummy_ssh_key" = {
sopsFile = ./secrets/dummy_ssh_key.yaml;
};
nix = { nix = {
optimise.automatic = true; optimise.automatic = true;
gc.automatic = true; gc.automatic = true;
@ -53,7 +49,7 @@
udhcpc.enable = true; udhcpc.enable = true;
ssh = { ssh = {
enable = true; enable = true;
hostKeys = [config.sops.secrets."dummy_ssh_key".path]; hostKeys = [/etc/ssh_dummy_ed25519_key];
authorizedKeys = [(builtins.readFile ../nixy/ssh_pubkey)]; authorizedKeys = [(builtins.readFile ../nixy/ssh_pubkey)];
}; };
}; };

30
mediabox/secrets/dummy_ssh_key.yaml
View File

@ -1,30 +0,0 @@
dummy_ssh_key: ENC[AES256_GCM,data:tI28E8IPF9sBP7QmLSigVPrNY4bdF5INSouYJ3n3PelDS64KUWis2JsKTT6da4Q0S4zf1QGMHd1L0QpyHft497AH/r1Akf4/+gwiHVV8O4dI3cZxqfm1aEIrmP4Gy6S+0gJtOkm4bRRTFAINtr4iIz+max5/TTZbcJs6Nfee4uy2bRRp2t6ZJGpkSqHVAuVbCfcj7UPtLFMle6fgpJwxKUZgeSaRiDNRgP2k8E+JWLx3k/9TZen9vYidptdxu3SQ7pOpyiyQkzMJfwc3skyDsjfqj05H/hVMs49J8Gv3JglajTTuwg+Pgtz7nAgiFI7JDvJAbvY48+3oE5ZWf0BIcoEBorOKzzIO8qV/Yy5wDBIVr5YC09MikZ4dupH4PtwgegH5dWT0vi0EDCl4opX/qOrG0tc4DgFiaqRIwxMGnINxNQ+sHUsEzom9m0hvJt0pTH0b2fRh+43roqmaBMZjhwMU/bnXB5EIdVzTxBnwOXcS+0R+a4om0ziZQku+IZCF/u23DtF/vY6I75dfaRrT,iv:y8XWPaxLC/14wtzgNMtdehZ8H/ye5P8YXCUvTWBa570=,tag:gvIAbkuZpBHuoxiLQ5bQhw==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age19yrl6pr73cv067ksfz0txp3zm2au25jfyjeerw23ml55ps5cyyfqtm3kmt
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXMUhaMDg5K0c2RUVoY3BT
b3ZRajRFWHg0eFduUFpZb2l0NzAyNFBDbkFJCjNHRUNxT1duWEdySFppNU5rblZU
bmgveE5rM0JIYno0bGdGbnZJRTgvdnMKLS0tIG5iaTRCQWN4V3QrdmhBdURDQ084
cHhTV2Z5bzV2ckVLVkMrL2tNSUpqNWMKW2rEBB8mUlejxRnHmHyGtAAnPUuLyAM6
4BBvBS3zMs3mzLEXUgcH1f8LsJiLm+DQVGEPNiKUn6H6SlnCh7ZSmg==
-----END AGE ENCRYPTED FILE-----
- recipient: age1geqqmsnng2e9sja6uxxmtlwlm4c6e5v6ch3l3yjenstq6tjq4fusr0305s
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSL2Y4Mzc1YWs5cjNSc29k
QnhlRHJqbWdDK2JqZHVQYk9MSTdOTWw2WVM4ClozWHNMWmhCUmU3ZXdZaGJTS3d4
Z0xLbnlsOCt4NitTMCtoSE9VY2hueFUKLS0tIEhVbTc0TWU2NzluVksvQ2xDZkMy
M0ZtaFJzOS9lYTFvL2dKNnRaWk5QMG8KwyQseKKVk4qQKH6goHLGsvAdyQtLmjmR
XtKPMOzHZ4aFG8h/bFHH3xxVHADh0qmfOlUMa/nG6I8IcPjXXCwyTQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-04-21T11:04:43Z"
mac: ENC[AES256_GCM,data:5QMf6xp8hltgDcL6TLe16zbvAEovClabzefG6on8MSW9uW4IvAJuzzSR6pL0H+WHLtzc0IwdHten/ic3jkMZDJMRBkL/vOZx5iPaZcU1GdnFyFYKcDZrEefy1i9tgiigsU3vx5qqXYOERAXgYCRIX9BO9EXZ+jamuXCONTGuWJI=,iv:5q742vstvWULdPVAAw1MKoVjdYisyxlWaSc0b0Id82w=,tag:Uph/eWCSyLrlJSUq17M8/w==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.8.1