From 7428a5332589cb4614c08663343b88e13d230fd0 Mon Sep 17 00:00:00 2001 From: Brendan Golden Date: Sun, 15 Jan 2023 22:20:55 +0000 Subject: [PATCH] feat: got secrets up and running --- flake.nix | 10 ++++++++-- machines/_base.nix | 2 -- secrets/secrets.nix | 15 +++++++++++++++ 3 files changed, 23 insertions(+), 4 deletions(-) create mode 100644 secrets/secrets.nix diff --git a/flake.nix b/flake.nix index 96724c1..7772198 100644 --- a/flake.nix +++ b/flake.nix @@ -18,12 +18,18 @@ meta = { nixpkgs = import nixpkgs { system = "x86_64-linux"; - overlays = [ agenix.overlay ]; + overlays = []; }; }; # installed for each machine - defaults = import ./machines/_base.nix; + defaults = { + imports = [ + ./machines/_base.nix + # for the secrets + agenix.nixosModule + ]; + }; # firewall machiene agentjones = import ./machines/agentjones.nix; diff --git a/machines/_base.nix b/machines/_base.nix index 5b5a045..88fea1e 100644 --- a/machines/_base.nix +++ b/machines/_base.nix @@ -27,8 +27,6 @@ environment.systemPackages = [ # for flakes pkgs.git - # for secrets - pkgs.agenix # useful tools pkgs.ncdu_2 pkgs.htop diff --git a/secrets/secrets.nix b/secrets/secrets.nix new file mode 100644 index 0000000..460296e --- /dev/null +++ b/secrets/secrets.nix @@ -0,0 +1,15 @@ +let + admin = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK6DjXTAxesXpQ65l659iAjzEb6VpRaWKSg4AXxifPw9 Skynet Admin"; + users = [ + admin + ]; + + # change this when its properly set up + agentjones = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGJDVQGjIwMQmkElGshgKDAlChM2xdNN6iI5Ap2IbAs5"; + systems = [ + agentjones + ]; +in +{ + #"secret1.age".publicKeys = users ++ systems; +} \ No newline at end of file