diff --git a/machines/nixos/x86_64-linux/jeeves/configuration.nix b/machines/nixos/x86_64-linux/jeeves/configuration.nix index b458a8d..799ccc2 100644 --- a/machines/nixos/x86_64-linux/jeeves/configuration.nix +++ b/machines/nixos/x86_64-linux/jeeves/configuration.nix @@ -71,13 +71,10 @@ # NOTE: made with `mkpasswd -m sha-516` age.secrets."jeeves.user.password" = { - # file = ../../../../secrets/home/jeeves/user/password.age; - # file = "${inputs.self}/secrets/home/jeeves/user/password.age"; - # FIXME: agenix-rekey rekeyFile = "${inputs.self}/secrets/home/jeeves/user/password.age"; - # generator = {pkgs, ...}: '' - # ${pkgs.mkpasswd}/bin/mkpasswd -m sha-516 - # ''; + generator = {pkgs, ...}: '' + ${pkgs.mkpasswd}/bin/mkpasswd -m sha-516 + ''; }; users = { diff --git a/machines/nixos/x86_64-linux/jeeves/network.nix b/machines/nixos/x86_64-linux/jeeves/network.nix index c5fde46..139fd19 100644 --- a/machines/nixos/x86_64-linux/jeeves/network.nix +++ b/machines/nixos/x86_64-linux/jeeves/network.nix @@ -4,9 +4,6 @@ ]; age.secrets."home.wifi.env" = { - # file = ../../../../secrets/home/wifi/env.age; - # file = "${inputs.self}/secrets/home/wifi/env.age"; - # FIXME: agenix-rekey rekeyFile = "${inputs.self}/secrets/home/wifi/env.age"; }; networking.wireless = { diff --git a/machines/nixos/x86_64-linux/jeeves/wireguard.nix b/machines/nixos/x86_64-linux/jeeves/wireguard.nix index 9af757e..e2ca942 100644 --- a/machines/nixos/x86_64-linux/jeeves/wireguard.nix +++ b/machines/nixos/x86_64-linux/jeeves/wireguard.nix @@ -11,16 +11,13 @@ # Server age.secrets."wireguard.private" = { - # file = ../../../../secrets/home/jeeves/wireguard/private.age; - # file = "${inputs.self}/secrets/home/jeeves/wireguard/private.age"; mode = "077"; - # FIXME: agenix-rekey rekeyFile = "${inputs.self}/secrets/home/jeeves/wireguard/private.age"; - # generator = {lib, pkgs, file, ...}: '' - # priv=$(${pkgs.wireguard-tools}/bin/wg genkey) - # ${pkgs.wireguard-tools}/bin/wg pubkey <<< "$priv" > ${lib.escapeShellArg (lib.removeSuffix ".age" file + ".pub")} - # echo "$priv" - # ''; + generator = {lib, pkgs, file, ...}: '' + priv=$(${pkgs.wireguard-tools}/bin/wg genkey) + ${pkgs.wireguard-tools}/bin/wg pubkey <<< "$priv" > ${lib.escapeShellArg (lib.removeSuffix ".age" file + ".pub")} + echo "$priv" + ''; }; networking.firewall.allowedUDPPorts = [51820];