feat(secrets): declare agenix-rekey
hostPubkey
in meta
This commit is contained in:
parent
6e88fae58b
commit
9c709598d1
3 changed files with 6 additions and 8 deletions
|
@ -24,14 +24,6 @@
|
||||||
|
|
||||||
# services.kanidm = { };
|
# services.kanidm = { };
|
||||||
|
|
||||||
age.rekey = {
|
|
||||||
# TODO: store in `meta`
|
|
||||||
hostPubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPopSTZ81UyKp9JSljCLp+Syk51zacjh9fLteqxQ6/aB";
|
|
||||||
# masterIdentities = [ "${inputs.self}/secrets/privkey.age" ];
|
|
||||||
# storageMode = "local";
|
|
||||||
# localStorageDir = "${inputs.self}/secrets/rekeyed/${config.networking.hostName}";
|
|
||||||
};
|
|
||||||
|
|
||||||
networking.hostName = "jeeves";
|
networking.hostName = "jeeves";
|
||||||
|
|
||||||
boot = {
|
boot = {
|
||||||
|
|
|
@ -2,6 +2,9 @@
|
||||||
# The `system` of the host
|
# The `system` of the host
|
||||||
system = "x86_64-linux";
|
system = "x86_64-linux";
|
||||||
|
|
||||||
|
# The host SSH key, used for encrypting agenix secrets
|
||||||
|
pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPopSTZ81UyKp9JSljCLp+Syk51zacjh9fLteqxQ6/aB";
|
||||||
|
|
||||||
# `deploy-rs` configuration
|
# `deploy-rs` configuration
|
||||||
deploy = {
|
deploy = {
|
||||||
# This is the hostname by which you'll refer to this machine using reploy-rs
|
# This is the hostname by which you'll refer to this machine using reploy-rs
|
||||||
|
|
|
@ -64,6 +64,9 @@ let
|
||||||
# (r)agenix && agenix-rekey
|
# (r)agenix && agenix-rekey
|
||||||
inputs.ragenix.nixosModules.default
|
inputs.ragenix.nixosModules.default
|
||||||
inputs.agenix-rekey.nixosModules.default
|
inputs.agenix-rekey.nixosModules.default
|
||||||
|
(lib.optionalAttrs (meta ? pubkey) {
|
||||||
|
age.rekey.hostPubkey = meta.pubkey;
|
||||||
|
})
|
||||||
# nix-topology
|
# nix-topology
|
||||||
inputs.nix-topology.nixosModules.default
|
inputs.nix-topology.nixosModules.default
|
||||||
# Sane default `networking.hostName`
|
# Sane default `networking.hostName`
|
||||||
|
|
Loading…
Reference in a new issue