From d011cb04e1c71381dcf17e9d74a7a2384887a166 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Benjamin=20B=C3=A4dorf?= Date: Sun, 5 Nov 2023 19:35:37 +0100 Subject: [PATCH] feat: add declarative root ssh key on nachtigall --- hosts/nachtigall/configuration.nix | 6 ++++++ secrets/nachtigall-root-ssh-key.age | Bin 0 -> 1858 bytes secrets/secrets.nix | 3 +++ 3 files changed, 9 insertions(+) create mode 100644 secrets/nachtigall-root-ssh-key.age diff --git a/hosts/nachtigall/configuration.nix b/hosts/nachtigall/configuration.nix index ea1b774c..0aeb9a1e 100644 --- a/hosts/nachtigall/configuration.nix +++ b/hosts/nachtigall/configuration.nix @@ -58,6 +58,12 @@ users.groups.hakkonaut = {}; users.users.root.initialHashedPassword = "$y$j9T$bIN6GjQkmPMllOcQsq52K0$q0Z5B5.KW/uxXK9fItB8H6HO79RYAcI/ZZdB0Djke32"; + age.secrets."nachtigall-root-ssh-key" = { + file = "${flake.self}/secrets/nachtigall-root-ssh-key.age"; + path = "/root/.ssh/id_ed25519"; + mode = "400"; + owner = root; + }; # This value determines the NixOS release with which your system is to be # compatible, in order to avoid breaking some software such as database diff --git a/secrets/nachtigall-root-ssh-key.age b/secrets/nachtigall-root-ssh-key.age new file mode 100644 index 0000000000000000000000000000000000000000..359a86f7ece00f0320ed47ab95e377b3f51ec5df GIT binary patch literal 1858 zcmZA0{qGwE0mtzTCS*sL2#hI2?equH$O{C_uPB#-L=>D zrg0{^fHC>vkP&_W9ZTk>X8FP|0~3si=$C|SUmuW-Imu??n2`-8juCO9{;*&67rc^p zJ|D$0mW)7)7vqT?2HV2eg3#rSJkGE0eK<0xi;S2n9%K zSY4?>2SZEalPV;m?Y39#hH8k$G9ovMBD=_6*WyIUxdhhBqX0JbhprfeJ$m8M_*@{d z?qr_A1YAQqg}h){L_B2%O(wyL1a7NVrDvBXnt`GLt&vb#2C95Bg_ynq4-Jww{TU{f zl5uD>HDX$y7NFE%$2_K&A_L0vS|d<;q&KeCC=wU&X`OHgKsTG^R1FMX;6byDN~)w) z>;fzd7>ErQrjK^1GSN`VL0EF+9W&Xn4pR|;d2Yd>9J|ZWrWK_DoKZ76 zk|vx~%y+oBn+;%&nOv>gG$_<& zUOkq_I#-H^WG5nKV{R4@wu;$Pk(tQz=zsMvrsucgMjhbdwuqGHBuLL?Go?T#Z5th& z*C3y3XQahxxGk6Z{ZTuPFsr<9FrQ5R@8MC^V|2lpXC}o>!M=`J(oCiGmQ?c_KuL#O1uW?Lq#Q5i6hgBLGr<~7 zQnmX%Z>Y+_fQ3n}P$_7#4I?wL6W46M>4A`-_h*X+&CyR$6`#WX?YNnMoqu6kn#H1 zTEKF`GqZTx1+zgR<=W#!X{wx`Ol1u?!s(6fw3BJ*XD|)fi#zZR9Ov0a| z3v5z?Fk)8hBQDY$ayM#qDOm_;4lIuRnN=Hd6`y7^H`CE}CYQS?o-eAkk?mAc*#f7m z+-Pw?FEqW06?Cmu)vxvl88uXJuCkQe?O>5;+i{t%%X-xC+k^jW56>3%7m_6_Hk8E3 zJ>c!`1M$dU5JT0(g`4Jihlm9tEye*NQHq-9$JDSyLiw@bg0WH@j0R*#4ug798e286 z4=gP$wquQoT_NLJW`s9TtiR$Sy|9JzdITwF`M62ts>^!vCm|R)AdOPt_cI`LA zTdp2l=kNHi0|Bd_IK2mad;b~ij+-vJ4;_5`{JUF@-gMW-W&DxBfqZq_+VdO!75uLA zSL^kX^_M69d~WiM;97!8*fZaK0n1-L>)v_!!ja{7o;Y^=zH;`xIKAbQ-}Wy3bM)kW zYsSq1diz5s@`rcaKle^Nd)uAQ{^9t!OFw+=k!9!L#}0JCdpJ$%LJCIv_?C_5K_LCdl z|M2LQn}5Qt?E2Bl*4{d$e(aYko9Ahm{qfvuJMHQ6*6n|zk8OPX@41KVx0p}8d+*Zc zFTeEZp#Fsq(_f