From 80c038c70d720dd1ec5bda57ce6d68612e4ed433 Mon Sep 17 00:00:00 2001 From: seth Date: Sat, 11 Mar 2023 14:52:38 -0500 Subject: move secrets to user/ --- hosts/default.nix | 4 ++-- secrets/rootPassword.age | Bin 365 -> 0 bytes secrets/secrets.nix | 6 ------ secrets/sethPassword.age | 9 --------- users/secrets/rootPassword.age | Bin 0 -> 365 bytes users/secrets/secrets.nix | 6 ++++++ users/secrets/sethPassword.age | 9 +++++++++ util/user.nix | 2 +- 8 files changed, 18 insertions(+), 18 deletions(-) delete mode 100644 secrets/rootPassword.age delete mode 100644 secrets/secrets.nix delete mode 100644 secrets/sethPassword.age create mode 100644 users/secrets/rootPassword.age create mode 100644 users/secrets/secrets.nix create mode 100644 users/secrets/sethPassword.age diff --git a/hosts/default.nix b/hosts/default.nix index 473d16b..e48d482 100644 --- a/hosts/default.nix +++ b/hosts/default.nix @@ -12,8 +12,8 @@ with inputs; let age = { identityPaths = ["/etc/age/key"]; secrets = { - rootPassword.file = ../secrets/rootPassword.age; - sethPassword.file = ../secrets/sethPassword.age; + rootPassword.file = ../users/secrets/rootPassword.age; + sethPassword.file = ../users/secrets/sethPassword.age; }; }; } diff --git a/secrets/rootPassword.age b/secrets/rootPassword.age deleted file mode 100644 index 7a2ede3..0000000 Binary files a/secrets/rootPassword.age and /dev/null differ diff --git a/secrets/secrets.nix b/secrets/secrets.nix deleted file mode 100644 index c85e64a..0000000 --- a/secrets/secrets.nix +++ /dev/null @@ -1,6 +0,0 @@ -let - key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ5K+yLHuz4kyCkJDX2Gd/uGVNEJroIAU/h0f9E2Mapn getchoo-nix"; -in { - "rootPassword.age".publicKeys = [key]; - "sethPassword.age".publicKeys = [key]; -} diff --git a/secrets/sethPassword.age b/secrets/sethPassword.age deleted file mode 100644 index 43040ff..0000000 --- a/secrets/sethPassword.age +++ /dev/null @@ -1,9 +0,0 @@ -age-encryption.org/v1 --> ssh-ed25519 I92A3Q q+D1MbCtfpsmJ3RdGSWAJlkA5gKgmly5c+qLG+Hc3x8 -Y33KURx8gx4JD4BnY0YhqUaMewqfl9aumd09Oh+T3hA --> &y]9Y:zi-grease -nOkEeca63qmZNxxQ+zMRUhij/3kthFTt8kGfM7CICkSWnkqCMpjj5rAiEvJvi72y -qhUBxkMdCn9Obfoa0Ru1bUb1Nrjn0m1BHexk6B4rWsFKMAv61OaNmQUHdDR2X5Wq -qQ ---- 0KWr82Hu6LaurOmGtqAeyrygHMh9c5XZsPallag2MCc -=yýKYév0g<‰|íÊ‹©÷á¡*ðÚèä—sÁF Ö¼N \ No newline at end of file diff --git a/users/secrets/rootPassword.age b/users/secrets/rootPassword.age new file mode 100644 index 0000000..7a2ede3 Binary files /dev/null and b/users/secrets/rootPassword.age differ diff --git a/users/secrets/secrets.nix b/users/secrets/secrets.nix new file mode 100644 index 0000000..c85e64a --- /dev/null +++ b/users/secrets/secrets.nix @@ -0,0 +1,6 @@ +let + key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ5K+yLHuz4kyCkJDX2Gd/uGVNEJroIAU/h0f9E2Mapn getchoo-nix"; +in { + "rootPassword.age".publicKeys = [key]; + "sethPassword.age".publicKeys = [key]; +} diff --git a/users/secrets/sethPassword.age b/users/secrets/sethPassword.age new file mode 100644 index 0000000..43040ff --- /dev/null +++ b/users/secrets/sethPassword.age @@ -0,0 +1,9 @@ +age-encryption.org/v1 +-> ssh-ed25519 I92A3Q q+D1MbCtfpsmJ3RdGSWAJlkA5gKgmly5c+qLG+Hc3x8 +Y33KURx8gx4JD4BnY0YhqUaMewqfl9aumd09Oh+T3hA +-> &y]9Y:zi-grease +nOkEeca63qmZNxxQ+zMRUhij/3kthFTt8kGfM7CICkSWnkqCMpjj5rAiEvJvi72y +qhUBxkMdCn9Obfoa0Ru1bUb1Nrjn0m1BHexk6B4rWsFKMAv61OaNmQUHdDR2X5Wq +qQ +--- 0KWr82Hu6LaurOmGtqAeyrygHMh9c5XZsPallag2MCc +=yýKYév0g<‰|íÊ‹©÷á¡*ðÚèä—sÁF Ö¼N \ No newline at end of file diff --git a/util/user.nix b/util/user.nix index c120e31..096d790 100644 --- a/util/user.nix +++ b/util/user.nix @@ -25,7 +25,7 @@ }; mapHMUsers = users: - mapFilterDirs ../users (n: v: v == "directory" && n != "root") (username: _: + mapFilterDirs ../users (n: v: v == "directory" && n != "root" && n != "secrets") (username: _: mkHMUser { inherit username; inherit (users.${username}) pkgs stateVersion; -- cgit v1.2.3