feat: got secrets up and running

2023-01-15 22:20:55 +00:00 · 2023-01-15 22:20:55 +00:00 · 7428a53325
commit 7428a53325
parent 8330a47727
3 changed files with 23 additions and 4 deletions
--- a/flake.nix
+++ b/flake.nix
@ -18,12 +18,18 @@
      meta = {
        nixpkgs = import nixpkgs {
          system = "x86_64-linux";
-          overlays = [ agenix.overlay ];
+          overlays = [];
        };
      };

      # installed for each machine
-      defaults = import ./machines/_base.nix;
+      defaults = {
+        imports = [
+          ./machines/_base.nix
+          # for the secrets
+          agenix.nixosModule
+        ];
+      };

      # firewall machiene
      agentjones = import ./machines/agentjones.nix;
--- a/machines/_base.nix
+++ b/machines/_base.nix
@ -27,8 +27,6 @@
  environment.systemPackages = [
    # for flakes
    pkgs.git
-    # for secrets
-    pkgs.agenix
    # useful tools
    pkgs.ncdu_2
    pkgs.htop
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@ -0,0 +1,15 @@
+let
+  admin = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK6DjXTAxesXpQ65l659iAjzEb6VpRaWKSg4AXxifPw9 Skynet Admin";
+  users = [
+    admin
+  ];
+
+  # change this when its properly set up
+  agentjones = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGJDVQGjIwMQmkElGshgKDAlChM2xdNN6iI5Ap2IbAs5";
+  systems = [
+    agentjones
+  ];
+in
+{
+  #"secret1.age".publicKeys = users ++ systems;
+}