chore(agenix): remove comments, add generator
s
This commit is contained in:
parent
76e07bf587
commit
5efe96a1de
3 changed files with 8 additions and 17 deletions
|
@ -71,13 +71,10 @@
|
||||||
|
|
||||||
# NOTE: made with `mkpasswd -m sha-516`
|
# NOTE: made with `mkpasswd -m sha-516`
|
||||||
age.secrets."jeeves.user.password" = {
|
age.secrets."jeeves.user.password" = {
|
||||||
# file = ../../../../secrets/home/jeeves/user/password.age;
|
|
||||||
# file = "${inputs.self}/secrets/home/jeeves/user/password.age";
|
|
||||||
# FIXME: agenix-rekey
|
|
||||||
rekeyFile = "${inputs.self}/secrets/home/jeeves/user/password.age";
|
rekeyFile = "${inputs.self}/secrets/home/jeeves/user/password.age";
|
||||||
# generator = {pkgs, ...}: ''
|
generator = {pkgs, ...}: ''
|
||||||
# ${pkgs.mkpasswd}/bin/mkpasswd -m sha-516
|
${pkgs.mkpasswd}/bin/mkpasswd -m sha-516
|
||||||
# '';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
users = {
|
users = {
|
||||||
|
|
|
@ -4,9 +4,6 @@
|
||||||
];
|
];
|
||||||
|
|
||||||
age.secrets."home.wifi.env" = {
|
age.secrets."home.wifi.env" = {
|
||||||
# file = ../../../../secrets/home/wifi/env.age;
|
|
||||||
# file = "${inputs.self}/secrets/home/wifi/env.age";
|
|
||||||
# FIXME: agenix-rekey
|
|
||||||
rekeyFile = "${inputs.self}/secrets/home/wifi/env.age";
|
rekeyFile = "${inputs.self}/secrets/home/wifi/env.age";
|
||||||
};
|
};
|
||||||
networking.wireless = {
|
networking.wireless = {
|
||||||
|
|
|
@ -11,16 +11,13 @@
|
||||||
|
|
||||||
# Server
|
# Server
|
||||||
age.secrets."wireguard.private" = {
|
age.secrets."wireguard.private" = {
|
||||||
# file = ../../../../secrets/home/jeeves/wireguard/private.age;
|
|
||||||
# file = "${inputs.self}/secrets/home/jeeves/wireguard/private.age";
|
|
||||||
mode = "077";
|
mode = "077";
|
||||||
# FIXME: agenix-rekey
|
|
||||||
rekeyFile = "${inputs.self}/secrets/home/jeeves/wireguard/private.age";
|
rekeyFile = "${inputs.self}/secrets/home/jeeves/wireguard/private.age";
|
||||||
# generator = {lib, pkgs, file, ...}: ''
|
generator = {lib, pkgs, file, ...}: ''
|
||||||
# priv=$(${pkgs.wireguard-tools}/bin/wg genkey)
|
priv=$(${pkgs.wireguard-tools}/bin/wg genkey)
|
||||||
# ${pkgs.wireguard-tools}/bin/wg pubkey <<< "$priv" > ${lib.escapeShellArg (lib.removeSuffix ".age" file + ".pub")}
|
${pkgs.wireguard-tools}/bin/wg pubkey <<< "$priv" > ${lib.escapeShellArg (lib.removeSuffix ".age" file + ".pub")}
|
||||||
# echo "$priv"
|
echo "$priv"
|
||||||
# '';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
networking.firewall.allowedUDPPorts = [51820];
|
networking.firewall.allowedUDPPorts = [51820];
|
||||||
|
|
Loading…
Reference in a new issue