From 5e49204fb149f84d6f629973ad3e061e5134585b Mon Sep 17 00:00:00 2001 From: Craige McWhirter Date: Fri, 23 Aug 2024 23:48:24 +1000 Subject: [PATCH] chore(nix): add user secrets --- .envrc | 3 ++ .gitignore | 2 - hosts/paidh-uachdar/default.nix | 3 +- hosts/sanganto/default.nix | 3 +- hosts/sercanto/default.nix | 3 +- profiles/users-ops.nix | 41 +++++++++++++++++ profiles/users.nix | 79 +++++++++++++++++++++++++++++++++ secrets/craige-ops.age | 35 +++++++++++++++ secrets/craige.age | 36 +++++++++++++++ secrets/fiona.age | 37 +++++++++++++++ secrets/hamish.age | 37 +++++++++++++++ secrets/logan.age | 37 +++++++++++++++ secrets/root-ops.age | 37 +++++++++++++++ secrets/root.age | 37 +++++++++++++++ secrets/secrets.nix | 46 +++++++++++++++++++ secrets/xander.age | 35 +++++++++++++++ 16 files changed, 463 insertions(+), 8 deletions(-) create mode 100644 profiles/users-ops.nix create mode 100644 profiles/users.nix create mode 100644 secrets/craige-ops.age create mode 100644 secrets/craige.age create mode 100644 secrets/fiona.age create mode 100644 secrets/hamish.age create mode 100644 secrets/logan.age create mode 100644 secrets/root-ops.age create mode 100644 secrets/root.age create mode 100644 secrets/secrets.nix create mode 100644 secrets/xander.age diff --git a/.envrc b/.envrc index 005a801..c242529 100644 --- a/.envrc +++ b/.envrc @@ -1,2 +1,5 @@ use flake watch_file flake.nix + +# Allow ragenix to find it's configuration +export RULES=$(realpath ./secrets/secrets.nix) diff --git a/.gitignore b/.gitignore index b30a22a..0af3f2c 100644 --- a/.gitignore +++ b/.gitignore @@ -1,6 +1,4 @@ *.swp .direnv -Deployments/syncserver.nix examples result -secrets diff --git a/hosts/paidh-uachdar/default.nix b/hosts/paidh-uachdar/default.nix index eeb6dc9..89e9601 100644 --- a/hosts/paidh-uachdar/default.nix +++ b/hosts/paidh-uachdar/default.nix @@ -10,8 +10,7 @@ ../../profiles/host_common.nix ../../profiles/openssh.nix ../../profiles/pi_common.nix - ../../secrets/craige.nix # Ssshhhhh! - ../../secrets/root.nix # Ssshhhhh! + ../../profiles/users-ops.nix # MIO Ops users ../../secrets/wireless.nix # Hey look! A squirrel! ]; diff --git a/hosts/sanganto/default.nix b/hosts/sanganto/default.nix index 04076de..8f07fa8 100644 --- a/hosts/sanganto/default.nix +++ b/hosts/sanganto/default.nix @@ -20,8 +20,7 @@ ../../profiles/pipewire.nix # Enable and pipewire audio system ../../profiles/xmonad.nix # Xmonad desktop environment ../../profiles/yubikey.nix # Yubikey tooling - ../../secrets/craige.nix # Ssshhhhh! - ../../secrets/root.nix # Ssshhhhh! + ../../profiles/users-ops.nix # MIO Ops users ]; deployment.targetHost = "10.42.0.11"; diff --git a/hosts/sercanto/default.nix b/hosts/sercanto/default.nix index ae670e5..fcc81c9 100644 --- a/hosts/sercanto/default.nix +++ b/hosts/sercanto/default.nix @@ -22,8 +22,7 @@ ../../profiles/powerManagement.nix # Power management for laptops ../../profiles/xmonad.nix # Xmonad desktop environment ../../profiles/yubikey.nix # Yubikey tooling - ../../secrets/craige.nix # Ssshhhhh! - ../../secrets/root.nix # Ssshhhhh! + ../../profiles/users-ops.nix # MIO Ops users ]; deployment.targetHost = "10.42.0.180"; diff --git a/profiles/users-ops.nix b/profiles/users-ops.nix new file mode 100644 index 0000000..7de8891 --- /dev/null +++ b/profiles/users-ops.nix @@ -0,0 +1,41 @@ +# User configuration common to all MIO Opshosts +{ + config, + pkgs, + ... +}: { + age.secrets = { + root.file = ../secrets/root-ops.age; + craige.file = ../secrets/craige-ops.age; + }; + + # MIO Groups: + users.groups.craige.gid = 1000; + + # MIO Users + users.users.root = { + hashedPasswordFile = config.age.secrets.root.path; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDtjE0YstRzlh+Zhlj03th9DYOkMqJ5xHUcderBq151K" + ]; + }; + users.users.craige = { + isNormalUser = true; + home = "/home/craige"; + description = "Craige McWhirter"; + uid = 1000; + group = "craige"; + extraGroups = [ + "audio" + "libvirtd" + "networkmanager" + "qemu-libvirtd" + "video" + "wheel" + ]; + hashedPasswordFile = config.age.secrets.craige.path; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDtjE0YstRzlh+Zhlj03th9DYOkMqJ5xHUcderBq151K" + ]; + }; +} diff --git a/profiles/users.nix b/profiles/users.nix new file mode 100644 index 0000000..401c284 --- /dev/null +++ b/profiles/users.nix @@ -0,0 +1,79 @@ +# User configuration common to all MIO hosts +{ + config, + pkgs, + ... +}: { + age.secrets = { + root.file = ../secrets/root.age; + craige.file = ../secrets/craige.age; + fiona.file = ../secrets/fiona.age; + hamish.file = ../secrets/hamish.age; + logan.file = ../secrets/logan.age; + xander.file = ../secrets/xander.age; + }; + + # MIO Groups: + users.groups = { + craige.gid = 1000; + fiona.gid = 1004; + hamish.gid = 1001; + logan.gid = 1002; + xander.gid = 1003; + }; + + # MIO Users + users.users = { + root = { + hashedPasswordFile = config.age.secrets.root.path; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDtjE0YstRzlh+Zhlj03th9DYOkMqJ5xHUcderBq151K" + ]; + }; + craige = { + isNormalUser = true; + description = "Craige McWhirter"; + uid = 1000; + group = "craige"; + extraGroups = [ + "wheel" + ]; + hashedPasswordFile = config.age.secrets.craige.path; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDtjE0YstRzlh+Zhlj03th9DYOkMqJ5xHUcderBq151K" + ]; + }; + fiona = { + isNormalUser = true; + description = "Fiona McWhirter"; + uid = 1004; + group = "fiona"; + extraGroups = ["networkmanager"]; + hashedPassword = config.age.secrets.fiona.path; + }; + hamish = { + isNormalUser = true; + description = "Hamish McWhirter"; + uid = 1001; + group = "hamish"; + extraGroups = ["networkmanager"]; + hashedPassword = config.age.secrets.hamish.path; + }; + logan = { + isNormalUser = true; + description = "Logan Stoddart"; + uid = 1002; + group = "logan"; + extraGroups = ["networkmanager"]; + hashedPassword = config.age.secrets.logan.path; + }; + xander = { + isNormalUser = true; + description = "Xander Stoddart"; + uid = 1003; + group = "xander"; + extraGroups = ["networkmanager"]; + hashedPassword = config.age.secrets.logan.path; + }; + }; +} diff --git a/secrets/craige-ops.age b/secrets/craige-ops.age new file mode 100644 index 0000000..24bf958 --- /dev/null +++ b/secrets/craige-ops.age @@ -0,0 +1,35 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IEZCOVgxUSAxQXRV +TE5GcXp0ckxqbml4Z0tmdERnT1QxcVpOSUxPUER6bFBSbEhZbTJ3ClJGWnlTN1Rr +ZStKcmRIOTRyWDhkMVRpYW50cnJUSzRYcm9LampkRWYreHcKLT4gc3NoLWVkMjU1 +MTkgSk00dDZBIERxU2V5VDlJd1RsQWQyQ213NzVTcFR4UkpKWXFKUzZUTmxmUjlw +M2NRaXMKWjI1OEdDaFQrK1R4TVdwRVhGSlo3dzVoSTBTR3RwYWprSG82cTU4Z0xo +QQotPiBzc2gtZWQyNTUxOSA5aEV5RFEgYXU2Z0ZvNTd1U010TUcwVUtUeUVqUitC +dHpRQWdUYnNzQStVSTAxMGUzSQp4K2hPSkRINTRlOWNic1lIU1kwQk1YT0RGYU5y +OStONjFSMlF1OHlIT2JjCi0+IHNzaC1lZDI1NTE5IHU3WjNqdyBDOW9Zd0NXazJM +ODVDYkRoSWdoK2JDZzI2UkVpb25NTTVpNFNDN2VXcUFFCmFpTVNZN29TNzlYa3I2 +V0VWMU5aWDZqV1E5cUpwcCtHL0RuUkVuSlpRbDQKLT4gc3NoLWVkMjU1MTkgV2c5 +M3J3IGgzZGM3d3J0Wk01RVM1U2FkL09vRUFHMkliSnBiN0dMbUJ5TjYxdDJEMlUK +QzdqVjgveUhlbkRZdTk2cUNmenpjM0o2MnkrL1g3c0VGUDJQZHgzWncxawotPiBz +c2gtZWQyNTUxOSBQeEt3alEgWnhIQlgrYUI5UzdqOU5ENHZteFd5bFd3UEVVeUE5 +NkFubFpzQ24xVXZndwpkc1NtSStzYU5hWnZXNXRiYjBqMWtSSmcyMkFUeUR1cDJq +eWNnNkZoK0RnCi0+IHNzaC1lZDI1NTE5IEIzZFhTQSBmRUViME5ZYUZ6TExwVW5H +ZUZaTzhmWktzSjZ2TDdLY2IySzRSL1AvUzBvCllVaTF6NFJuUi9CcHBFT3huWS84 +Z21Xak1RbmI1Ykh5ckR2V3BiK3VLYmcKLT4gc3NoLWVkMjU1MTkgUWZwS1ZnIE9z +L3ZDUkhDbDFxZGQ0bHppVWtMTlc1M1Fpd2pGZEFaV0lad00rZXVRRU0KaUNPT3JT +aEJ5U3l4RzVkSnV3MmM4OFZXQ0RKQWs3NmtnYXB1RTMxc3FXTQotPiBzc2gtZWQy +NTUxOSAwZHBkZ1EgMi96OFRxcjNveUdoeVNtbnV6YnlOOS9TRGxGWWJRYjJDWXlB +R0Ixc1ZnbwpDOGVrQktzSWRETWErTDBOSHBsamlIeng2akJ0Ri8wcWZidTY0eUJV +cnlzCi0+IHNzaC1lZDI1NTE5IHVsMGt4USBaYjRFZXdjcUdsZVBjYjY3bTMvRU1a +c05WY09kMUNCYjRtRGtYZG1iNjJzClRWUnVnQU56QWZOTkF6ODFvOTlnZkNUeWNC +OVB5bHBwVzRVK3BRdjRpa2MKLT4gc3NoLWVkMjU1MTkgWnc1SGt3IHJGa1poNzR5 +cTRpNStvd0N4N0lFS0tJYVB0UDZzSHVFM1FHOWtMVFNMaFUKK2pKNUFNNE55ZGJj +TWNBbzZNSnQ4eERHOWs3YnpQSDlwS2lzREVsQzhuSQotPiBzc2gtZWQyNTUxOSB6 +RzMrMXcgUEdobnlFUkNZRkliaVRJR0dHMDBDN1dLK3FaMFdwQ2gxUTIzWlZ4SkJ6 +MApLbjk0QVVPbytHazNqL2o5RWM2clZzRzA4TkFDVHlPM3U1aE9EZUJ1VTJZCi0+ +IEdFWn5dJCUtZ3JlYXNlCkpwUzlWd0VPNFp5QmFKWG5PUGF2NnpLQm1kODFJNXpN +NjBvCi0tLSB6cmJDT0lVZEFiZlBoQUd6NlZubU83QkNIRVlqSjhUZXRrUUFPVXMx +QVF3CqjMyxbHnczjBeKEemv2tEz9t9yDBYttGCcKCNfVKOpaKHMLcHU0ycC6dZbf +1d3fXDeAh/87g8RUSMpJfchDB6VpM8xXJgb/214VHDNyPBbNuzSrZvlA1ibwPWKh +U+XInONTk29sg7jHiJlgS6+9Y1aL1vXVOkdNMq718/lJBwSSu1+v +-----END AGE ENCRYPTED FILE----- diff --git a/secrets/craige.age b/secrets/craige.age new file mode 100644 index 0000000..e4fdd5e --- /dev/null +++ b/secrets/craige.age @@ -0,0 +1,36 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IEZCOVgxUSBhSE56 +N3RlOElYWkJYbWE1MXBFV1lVcW9Cdk1Uc1huUmp5NU1ZNVJjOVJBCkNqai9UcDIx +RWxpaEZJQmlKamZTWVVyd3pBRUNCajhSR2M1Z05ja2QwMkUKLT4gc3NoLWVkMjU1 +MTkgSk00dDZBIE1DY1hwNmdzZDhqYzZ6Z1NpY0tBZmUyQ3ErdXBSa1ZUV29hci9i +VE5jbFUKbW1pSWc4d3p6S2F3dUFwb25wMHJsZzZYMzZUQjFrM2gwYTNSRlhKUHl3 +WQotPiBzc2gtZWQyNTUxOSA5aEV5RFEgeXlzbmllaUpzbWFoUnpkU1RwVDNkd3Fm +Y1p2VVIrRmdISFdsUllOaHYwWQo1ZTY0N0UzUjdVTWpKK0VIbXJJdC9QbCtaa2Fn +Qm54S1lxSVliYzdPWXNJCi0+IHNzaC1lZDI1NTE5IHU3WjNqdyB0MncxeVdkdWZ0 +MXhvVnhtTVFLVkw2d0gvb01yakx5ZGQ3c2ZKSU1mZ0RrCmZiYnQ1bFJMeUQweFpz +YzBtNUpSYWI0TW9oNzFRWWxVekFmcEEwRXk3bjQKLT4gc3NoLWVkMjU1MTkgV2c5 +M3J3IHJZUXdMWktKNGdMb0t2ZWxkcE5CeWI2Y2xpaFBVNEFRQ2hlb0FxRzhla1kK +clg3cmpVSTJZQlU4aDhoWG1zNzRiR0tLTjI1VS94VkM3eVhUU3JRbmg3cwotPiBz +c2gtZWQyNTUxOSBQeEt3alEgSzd6TUp5ajA3enFxdnpuenl2TlJzSW02LzdJS3J3 +a014NW9wWVNiZVB5ZwpacXNXQ3JHeHUxMVorN0xISFZRUm5RSXl4RlgyYWJLNlJN +TllKME0rZ2Z3Ci0+IHNzaC1lZDI1NTE5IEIzZFhTQSBTRXYrYk9FVGV5UkZUcmZ3 +T1AvT2l1d0NmeUhJM25POVFFQVdXdk5NaGlZCi9xbkt5VHQ1V0gvMzVXZ25CNlYv +dDBpMURza3MxZzNyVm9VbWZYdnc2NkkKLT4gc3NoLWVkMjU1MTkgUWZwS1ZnICtT +cG5uYWFtZUNYUkNpMlNyb1JkOVFkUDA4WERQaWQ0Z2JEOFBnOFdweHMKdGtxV3hV +ZUNTS2hpOU41NkVxMk5yUFdka0x1WlhSZ1RMMFNHd2lrTG5xYwotPiBzc2gtZWQy +NTUxOSAwZHBkZ1EgUm1uc2FJOUdKbHpkSXRvcHBINEU5QzQ5aWliYm42OFNZMWx4 +OTRURGVSYwpJZVpoL09QcW9JZGJZc21BNUliVWVKQlMraXV3U05seTVQUUNJZ1lF +TjVNCi0+IHNzaC1lZDI1NTE5IHVsMGt4USAxWWhMK1lGUFhBanFMbEQwVTgreEcw +a2JJcVFla3ZmOHZJK1VPTFZuRkNBClB2ZDVBYTc4QWZnUDdEdFdOZkx6dnpRZTkx +MDlOZitJd0NZM2V2amNUcmsKLT4gc3NoLWVkMjU1MTkgWnc1SGt3IHpiTGZmMFUy +MlZyZlJMa01GVmRsQ0hFRUxBWituMkE3S3RPRUJLdU1LbE0KN1M4RUJoVjVhZTRs +K1g2dGEzMjIyaWFEaHhIQ0tkSDFGMVd1WTh0Um1kZwotPiBzc2gtZWQyNTUxOSB6 +RzMrMXcgSkNsTUlxZ05jcmp5bDJhclhEVldjWXR2TWFreTdSSXl5MFNXMUNxWDJX +QQpHQ01ZLzRXUTNJTVJvK0dHNDZoTEtFaUpRRFoxUGFUampSRzREUzBtbU1BCi0+ +IF5bSEdnXH0tZ3JlYXNlCjBmSlA2SHREd2cycEdsZGhIMVJhUDZ1dXVjYnI1eURL +dUVDcGlZb2ZwaFZPTUNZeFNXSC94OEtYc3pFN3RtZUsKUU1qS056SmVidHZ2c28w +Ci0tLSB4SEdpRXd0RUxmVm5lVXJaWWQwbFFNVlo0SGxBK25jaHg1Umt2K1dsL3VR +CrLdgAdAyLUrzRwPhN0rl5DD6Z97AYiH44VcKrqZzkZYbhTfhHEHE/LwJIePAOiO +WHEYkWQtMOfaz1t6Nwe/bjG1VLRkttWRQNKWEewxG5c5NppWcgDIrd05DDX6oiRi +/oGAp7PVaZwkvgOwAxtD5OS/jTT+BzV2yGCBoLNSuqxF9VCL1yYtYzllBQ== +-----END AGE ENCRYPTED FILE----- diff --git a/secrets/fiona.age b/secrets/fiona.age new file mode 100644 index 0000000..5ee8278 --- /dev/null +++ b/secrets/fiona.age @@ -0,0 +1,37 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IEZCOVgxUSBqb2N3 +cWFZNUpscUpmRm9oRTgwOWU4Mkhpcm1CdUQ2alB5RW1Ib2p5S21zCjJqQjhobFI0 +MW9SeWJldWdiMjMvQWxDYkpBQ3VMUkFnT1N6M2ZkNEdGTFUKLT4gc3NoLWVkMjU1 +MTkgSk00dDZBIFlIZEFwSVFydytDNXIwdlFuNC9iWnFXOERhV3BNY3lxdzJmelU5 +OGpRMDgKc3VGa3NBWFQ0UVR3WSs1TVBIQ3BQK0t1eU5FOTVpVnAvWjJpT2hoSGtN +TQotPiBzc2gtZWQyNTUxOSA5aEV5RFEgbS8xemZwQVhnSXB4amdNQWsybUdTblI0 +anYrWWltYnFTaEd0SGpxamlYMApTTXNwZ0E0RnV6NHVNalFGc3p0VDRFRXJEWW4r +ai94aHdyeGIwdzdHT293Ci0+IHNzaC1lZDI1NTE5IHU3WjNqdyBxSHZyTkdodWtl +dGdKemxTd3JEdzE1MFVVM1lsM2d3UE5JYkxsM1F3ZzBBCmNpN3FHaDlGOG1kSVFl +Y2NuN2NYajV4K2pWdDhMa2E3eTFWRmJacXo3UGcKLT4gc3NoLWVkMjU1MTkgV2c5 +M3J3IHV3TzYzZnlvNFpBQVE5MzRpYlc5QmZUOHlYbGs1QXJZZE1VdkdLcloyVWMK +RTdDakloVzBnYkNNQU1FOGtCWnlkRUdjZVFtcEczNkRwN1VUcHhveVQvMAotPiBz +c2gtZWQyNTUxOSBQeEt3alEga0xYNjlOR2JmLzd3amcxQ1AwQ3VONXIySDNHNG51 +cWlYMWNUd25mRVFtawpzdjRpR0pwN0QzOWdEeHFTYTJQdmc4YzlkMkhNUnBaL3l1 +T0JoeFVMUHkwCi0+IHNzaC1lZDI1NTE5IEIzZFhTQSBvaE50ZjMvTTdDMUo5ODFn +M2tMcWtvb3VqbWNBNFh1NlhIaVVnUk42d2dzClVOSWw4YnB4eXI3cysvQ2ZTeFdK +dFR2d0EzR25DSDByaFRyZkJzblpwUDQKLT4gc3NoLWVkMjU1MTkgUWZwS1ZnIEla +QWcxUW90eHFkbUx5b2VpOTA3WXQ1Undud1ZBV3BOdWp4Yk1jV1UxU00KRzZpQWpF +Y0NOZDZYWE1uanFYMGU3YitVcUVhMG5rdkcySHU1NTB3bk5CMAotPiBzc2gtZWQy +NTUxOSAwZHBkZ1EgbkdKWlJDYXpVbmE0aGZrR0pQYnFFVFpsbzFaZm1rSU8rY2hP +aFBaU0FGSQp3V3gwQTdhZG5UVDhvc3hwZlZEaGtMc2U1ZGJsY2dvcE5GMi9MUnIx +c1MwCi0+IHNzaC1lZDI1NTE5IHVsMGt4USB5dTBSa3hVbmpBWEFyNDFvU3gxQlpE +c3krU1c1ZWVlY3FkbjREMzN0czFNClJKalV5VDdxbnErcENOWnFzSXkwajhKcmt6 +QW5sdGtlTzZiR01sdkZEcUUKLT4gc3NoLWVkMjU1MTkgWnc1SGt3ICtsSHdFaGlP +Vyt6TWJ1Q2kyZDhmNUFQbnltcHdhaXh2NXM0dS9Bb2dwamcKcjg2VWZudGFvZDVK +M2pQSUtFdU03c1hWWWNqcXQzTDF5RHJVZ3lPVFNqVQotPiBzc2gtZWQyNTUxOSB6 +RzMrMXcgMEk0RGFQa2YvcHhRTklLSjBCaFEvb09seU9pMHVwMXhzL05HY2xhWTFt +QQpXdGNUeE5vbDNXb3FDVGxMdWt6MHpDVXQ2UWc2R1lzdnJvSEhLalRxMFRBCi0+ +IENKKjlNTU5dLWdyZWFzZQpHT3BtNFJPdEdFdzhSbk9Ud1JjdmZmbEJIaFlYbkxz +N3VCMTYxbEhrN1VFckQ2ZDc3aUt5MEE0SU0vYTE3Nlg0CnI2UTljOGdiK0h0SEps +WmN1K0hqa2VUVnJxMk94Tm9ORVZ4ZTdqLzBidk5FNmh1OEFjblpTdwotLS0gYVQ2 +dC85STBXYi9IRnFWVFdvTmRkUG15RjkwTkFnQlE4Ly9hVGk3TWp3NAo4cVH9Y1Kg +1Z1zTvAW9/e6QpBBUQo/9eoyXpwmCE1hLaowxGUf8gvsWAMbVQTdI8NsejCyM44A +l1+EhywFfBNQXGwnsBjPUdnenDcqNhdO2LHybqvvdhWOYC+J5JQjczxdZ7myLtP7 +VKyEh2ac3E9d6OQqul5zaWfbiM2vcwf+0O1r04Gfvc7j +-----END AGE ENCRYPTED FILE----- diff --git a/secrets/hamish.age b/secrets/hamish.age new file mode 100644 index 0000000..0ebd20a --- /dev/null +++ b/secrets/hamish.age @@ -0,0 +1,37 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IEZCOVgxUSBNZHA0 +TisvQWwyUXJJU3JBd1pFeWZSVWNPYnBQNW5MMHN2ZUVCbWY1S3lrClBobFVsbFJj +QjNrQ3B4eUJBVTNrSUxYd0R5eXd1NUpkQ0R0Ymd2ajlPdFUKLT4gc3NoLWVkMjU1 +MTkgSk00dDZBIDFMY0tKRU1jazFscFRSdTlXMDBPdWpldVZIRjdiNGhBM2kzcGxx +UXNjbGcKZ2N1V0dWN21zZ0V2SUxMQUNJK0R1VlZCa0RKMVBLL0lhQjN1RXBEbXVN +QQotPiBzc2gtZWQyNTUxOSA5aEV5RFEgb1RhSWtKTUJMVGpxSysvbExxRUY3bGg5 +U3VvdHNOaWE0b2piYkcvdjBDawpiOC9LV2FldXQ4YkNRbjJqT25sdEpabG9TRHZV +cVVvZm1MVFR1QmZmVkdRCi0+IHNzaC1lZDI1NTE5IHU3WjNqdyBZUE9uYVg2WDg1 +S0dtV3BFYmppbnZ3MklFRFFXdVlGZkpmUjg2d211RW1jClNad2VZU0REOTVrREJE +U0lGc1pUejBzRkFHL05HZ0k4czgvUTNWR3NaMXcKLT4gc3NoLWVkMjU1MTkgV2c5 +M3J3IGR0ekF4L0FSaEVBR3BJVXFaQXZjNktHVmN6TWVXbWdkY0JBOWtGVzczd0EK +RjUyQTJrWVdsSXZUcTFFM0dzTW5HTHJxeUR3VDVnaXpHMWdTeHVXclhybwotPiBz +c2gtZWQyNTUxOSBQeEt3alEgWndrODAxRlE3cmxNL0ZtTW0zTlI3a0MvZncxZFE3 +NS9xWWdMck9pbkF5UQoxRUZNUUZaMlI2bG1JNk5kTUd1WXhoZXNrcitlNThVeU90 +K0ZvNEN2Y2RNCi0+IHNzaC1lZDI1NTE5IEIzZFhTQSBqNlF1akNrQ1o0UXdJeEc0 +dkgrUXNuMHp5VUU1eXNJUytRY1VXdW9aTjBFCkl2dHFyNkF5ckdTU0IzVzF3bU91 +eWhReElJaysxMXdsd0hFVHYwMk1qajQKLT4gc3NoLWVkMjU1MTkgUWZwS1ZnIGd5 +eXlUMEpSZGRWb0Z4OVFFelN3YlB3dklqT0ZrMVcxMlE1Ulc4ZHkxbHcKOFZvd2I4 +NUNHOTRrc1NWOGxzeTZhOFMxbUdpNklPNE43bFBMLzdxcVZHcwotPiBzc2gtZWQy +NTUxOSAwZHBkZ1EgUXR6dzlqaFhCS2FJSERndFJSaEkwRFIrMFpybnd5UTdaQUZM +cmQ1Q3ZSawp0T1ZnZGxIZ0V4QnFsTTB1V1NWNDdMajR6dEc5MmpVMThKSHNrMHVV +STFnCi0+IHNzaC1lZDI1NTE5IHVsMGt4USBqV3hXSGlrRDBNdWhmTEZRN2NLQkNu +aWFOeERHNm5UWllqRVdFMnMwN2tVCkVQL2lCMXhCYTVpTWJydEJHZmd1UlJ0T3J4 +Y3RLcGFqOVhuQTVncEc4QmMKLT4gc3NoLWVkMjU1MTkgWnc1SGt3IGJrYlljWndR +aysyNVExcnZKY1V4OHVnSzhpNFYyWUJTZy8yb2NpVE1FMHMKbGFhQlBOanhUaVRT +L21UWjNTNUwvMnh5dnpsTWRGNWJnbERoZ0cxMXVKdwotPiBzc2gtZWQyNTUxOSB6 +RzMrMXcgb0RSWXhSYk1USjRLdk0xVndRWFNrVVZpVE1ldG5qQUNGWFd2ZFRkM3lR +WQphYkdyMjBlRkkxRUR5eEdxOE1SMHh5N1VQUHJmRFdKNHdrQUxWUWIzZ0ZFCi0+ +IGA+TXxpRiFgLWdyZWFzZSAsIDZxfSVBeCA4fjZyCkFuYlBPWnQ1SDkwVFdiUFpr +ZC9MblJJSE0yRWRXQ1RuZFduMVoyU0cxRjh6UE5qWHpQeDNKY1FHKzJHUkcxcDAK +bVBXZmV6YWp3RFRaalkrT2JPcldaZ1NhNFljCi0tLSAxUUM4b0N4YTdMOW5rWWZ3 +RUtNV3VBYWV4bENhbFJZS2ZMUzkveGtabUZ3Cs10FGWYdOYr63rRA2P7jM9HI/9a +t2gFVJyA+AC0hPl/pDVabyrF48d8lWzk1IwVe3jfP5QHZxhHwc9vuu0crw3EJAmK +Q+QgythEzjF0ftCosDXLg5J8A3lkPlAe+km6T294oFxTW8pG/h8tu4rKukJWnYSU +E09AHZ795YX07jKvrN/U11HRd8g= +-----END AGE ENCRYPTED FILE----- diff --git a/secrets/logan.age b/secrets/logan.age new file mode 100644 index 0000000..5242c4f --- /dev/null +++ b/secrets/logan.age @@ -0,0 +1,37 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IEZCOVgxUSBsSURv +VzMrb2x4ZHBEdjB2N01nZTBtTzlOOW9JYnpLZ0hhRHFJRmd2cFZRClFVaUtVTWFD +MWdtMTczcEhZSEVRK25aM1djN3p3MVlzSkp4UEFnOStxUkkKLT4gc3NoLWVkMjU1 +MTkgSk00dDZBIGRFeXkxMDhBYVFqNjdyLzRyQ0xHQWtib0JHbkZnK0R0ZTdVeHRm +T0l6azgKUWZobTdUYkphUmZBQWRocjhIcEF5eEk2amt4RDRxWjBFOFBjcWZ2dXQ1 +bwotPiBzc2gtZWQyNTUxOSA5aEV5RFEgK21WdkxyQmNFeXhMUXF4SGhWczFqczRG +ZHR2ZlIzaDNvc2Yrd2FPOG5RWQp5YzNBTGlZcXZlZ2M0VmEvdkxRNzNVMXh5K3FV +Ny9pZmt4S0dIakd4S2c0Ci0+IHNzaC1lZDI1NTE5IHU3WjNqdyBDbHFFRTFDaGRi +MWxpbzFYa0tUTUsxWFJya3hGUjVVVTIwcEpxNFhyNWpNClUwV2pCRlhXNWhwM2pk +TWlTeTVrbS9lN2wyU2JTVnhUb094Tm9OQ1VCMDgKLT4gc3NoLWVkMjU1MTkgV2c5 +M3J3IE1nL1ZaMzVZc1RHNXJycW0xaFBuVCtDS2YzRTVPYWZ2SUVpVmN3NVBBUU0K +TWc0Um4zNTcyaW5NUHRxS2dsZWNZa3FwWVVnSU9EVk9LNEVoUVN0SGg4ZwotPiBz +c2gtZWQyNTUxOSBQeEt3alEgemRWUm9LVEwvYkRtcHRjUzExeGZENHRUMWxGSkU0 +TWE1NnkraStwa0REUQo3Q0ZtWk9UTmsxMG9aNE9uaVptd3htZ1FCQzFZM0d0Q1Bw +TVFoWGlaamVNCi0+IHNzaC1lZDI1NTE5IEIzZFhTQSBuSUVqVHlJTGVKSTlydGxN +eUZjS2tybjJ0Tkw1ajBoRkJSN3E4SnV4RnlBCldES1ZvT1VObDhnL0FHUUVreW9F +bTRCMCtES3NJbDRhRjE4ZFU2VDdHTDAKLT4gc3NoLWVkMjU1MTkgUWZwS1ZnIGh5 +M3NBcFhpWXdjWklqNk1vMVZXRFMybDgzVTVXZE9uUDhMY3BQOXZIMVkKak5reisr +NkVqSFV1UFZVVWFxVmNBN2xGZ0F5RW10QmU1U05lNllHR21XdwotPiBzc2gtZWQy +NTUxOSAwZHBkZ1EgVzRWSFRCSitURWxEcW1Oa0ZXdkQ4SyswODM5cDVzWFpwT0hO +aGE3OXVVcwo4SFJsRGlGdWhEK0JUTlR0am0xVG1JcjR3Y2lJblVsTUJtWFFlZnVn +ajlNCi0+IHNzaC1lZDI1NTE5IHVsMGt4USB1L2d5SDJVTUp1Q01kYmE3M2wxc0JT +QzdtS0hOTlY2NUhHaFJHUU5HVGxNCkkxV0J0OC92TUNIMXh6aUJIMkxYc2x0bzF4 +OGRNcDlneUdTWUR4TWdvbTQKLT4gc3NoLWVkMjU1MTkgWnc1SGt3IC9XeWdBR1lB +RThIbytIK2pJUjl0Q1NyV1FETUtad1BPTzczVTVwK0pSQmMKUjJpRW12Z3hOQ1Js +V0h0bjg2UVhFbllTK3ZNOEZJVjlnS0d6bS96bUpMTQotPiBzc2gtZWQyNTUxOSB6 +RzMrMXcgVFFnMXBuVkMxOWxMaUJKMmRRQ2J1TXlhOHFITzF2ZlMwWUwwYjFzcFFo +dwpGdUJsdHhCSUplMTZnWkhPM1RBZWs3cmFiSlhhTnBBZlRTTGtiZWFjTEZJCi0+ +IE93OCk9Ly1ncmVhc2UgalVrLFEmMSAwb09BMFEKZUV4YWZabnU4S2V6T3FyUUk5 +bEZYU21WN2s5czA4WGg2T3V2dmM2bmE0QUMxbVNYNjlOcUVvTkJvZmY0V0libgp2 +M1pOUnRVCi0tLSBXTEhsQmhlZCtwMVNyY0dadlcyKzV2U25sRWoxMzhEY1l5KzNS +cVVaVnJBCsyrUAefxlWiCVPCOzXHaPlmcXrvChiS7udyIfSXKaiN4N/dxW2Y1h/F +unCbKUkW/qGO8cqyHzbudwl72iwRK6aqqmRVkTk8wd6+0XeWdPmxJCR07AMe1DEx +afv5xFidKkuaiglMPxI6TCy+YVH+2BQPhkEquvSkhJjnWJXqj7S/KQ9+Fjlz/ZcQ +zR8= +-----END AGE ENCRYPTED FILE----- diff --git a/secrets/root-ops.age b/secrets/root-ops.age new file mode 100644 index 0000000..b27ae57 --- /dev/null +++ b/secrets/root-ops.age @@ -0,0 +1,37 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IEZCOVgxUSBKWHcv +a2NDQjdtZnE0TFpHSWR3dFdWeUpCd1A0LzlsZ1NudHN4dENTbmhvCmpvVjhCdXlH +citVTmlyZUh2UFl1OWQ2Y2d0L3dnTVNzNnFLekhqbnVUUkkKLT4gc3NoLWVkMjU1 +MTkgSk00dDZBIGR5ejRQYVRvSTB2TzA0cktYMU5sSlY5UXh5YkRpOTVDSWFoVmo5 +c2hLRk0KaUFlbFd0V1FzaGNWbUhiT1R5MG0vUEJtaVN4MjJ6RWM5MndWRGlqaTI3 +bwotPiBzc2gtZWQyNTUxOSA5aEV5RFEgbmQ5RjFNK2lPRHFaZjQrNTRrWGE1R2tM +aGIwazVRMHJWblZWMGQvbVBGYwpDU25rV2ZmZEQvUWFkSjlvTkNCK1hlYXUwRDE1 +SUI4TzV5WmtJZXBpTFlJCi0+IHNzaC1lZDI1NTE5IHU3WjNqdyBvZDFncmtaOWFH +SW1veDY3Z1NOV3VGVDQ5dW1TeUdZMHE5cmp0S1JSUkQwCkpiWU91K0xGd0RYMXha +MVp2ZTcxOWszWDJ6Ui8xSG1mSnFmd3U5WWZEVmMKLT4gc3NoLWVkMjU1MTkgV2c5 +M3J3IFZ2d1BhdFdjT0hFYWhjNDZnRXdHY1V6VStqWWxQQjlhNG95bVRPWGRqUXMK +bC9OWlExN0lDcHpkdXRHbVk1ZGlaQk9UNGpwdTVBVTNzbkJKN0d4ZlJVTQotPiBz +c2gtZWQyNTUxOSBQeEt3alEgSTkrQXFXdlJvcVlEOVlYZDBvZUF2bmgrR1FSUGJR +dTJSMWcrQ1ZXWG1nUQpFSldCdVFObXloTFMrUDQybjZzK3Jqck4yMUt6NGdLUEpp +VmZtR1VnaWRzCi0+IHNzaC1lZDI1NTE5IEIzZFhTQSBYdEY1YlV4djEvWmlCblpa +amdnRjk2VDdoN3BkemJVbldrMU9OeXk0Mnd3CnNsZ1BpWURyRHBSc2twblVmNE5v +QnM3UTJ4cDdwbjNHbi9pZ3FMdDFrMGcKLT4gc3NoLWVkMjU1MTkgUWZwS1ZnIFVs +S1Z0cFVZa1RaNEdrWWN1M1lhZUw4YXJoNWswNjNuWDc3Q0hRSFpTekkKUzkrSXRZ +LzNYS3pnMlBNcFprQjhxZjZqRUZYUE9NREJsdHdnczkyMEJSWQotPiBzc2gtZWQy +NTUxOSAwZHBkZ1EgSnhNNStteEpvZ0tFM3dLWDQxYk1xM1NMQnQvMTk2dWpzMFFs +dlMzcWVDSQpXcFZVRDArUUxWMHJoczJSNGFCOU9LZXlNQzFBQ3IxOFo1YmhVbHAy +cS9FCi0+IHNzaC1lZDI1NTE5IHVsMGt4USBIVGpPSGFzb2dvZjVkL3JPSVVnVzdj +NTFTSmFaS25lNHJYY3BkeTBLY1JrClh1VGZtdHNwaHQ3UzJIbmhYdDhadWU0MU1N +VGtmQmFYMGZHTUpiQlYxSkEKLT4gc3NoLWVkMjU1MTkgWnc1SGt3IDNlWmtZVjhk +VmVEUGxOY3ZaMHNhVVp3aUJzbE84alc3aTdYTSt3ZldjMU0KanZjMTVYNjNwazFr +N2xwampmaUJLSDVuTVBvNnBXektNU0JSbVZrN1RtNAotPiBzc2gtZWQyNTUxOSB6 +RzMrMXcgczdIZE9hSEt4eFJxTnV1d05qa0VVeUJRUE1PUWNMbnBPNW1Cb2RVQlFT +awo5UEFrdDg2cUZsMTI0b2FmYkd3TFQ1NjNYMHNkd3A5LzBxcjlNSERCUDJFCi0+ +ID8tZ3JlYXNlIDs+XSkgPVp8TSMtIHQtVSBFal4vcFR9CnZCOWdjaEMwcURwaWJP +U0YvRUd5SGdBMDE4SnpXUEN3VU9aWWtFQTB1eCtmOEM3Q2p5YkVaQ3QvSXVXUSt1 +YmsKUlV6Vy9VTVNqYkcxcXJSWkgzbnpidmx2clY2enRhLzF2MFZIdDhNbGtZZlU5 +cWk0Ci0tLSBEdmRaQm9FVEhkQWFGZWtyYllOM3YvNGZJQnRvZWI3YjZkdlh6a3Ay +VUJ3Ckgtz/OSIjtMrLDB75AIG+NnhV4476zzaLynMBPtCbQD5/Are2hwwfv3War9 +UKv7+MIb/VMLicfSQdooIN/ZutUo4QmaS/mrf72bGJqqplJaqLR8zc5rJZEyuDBj +5o8uY6IpJ7LEPm2FOAFcrMPHdSAS9y2+BpiPJfeF9vFgJ0IPZy26 +-----END AGE ENCRYPTED FILE----- diff --git a/secrets/root.age b/secrets/root.age new file mode 100644 index 0000000..3867d15 --- /dev/null +++ b/secrets/root.age @@ -0,0 +1,37 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IEZCOVgxUSBscDBF +dmp4Ry9nV1Y2dWYvdjJtYnZNcmZhS2ZmQnB6ZWhvTUhrMGJPb0NVCitUUVJiRDlP +dzNjM01KK2w5blRHbExpU3k1Wm9mVDJ3N0dudVdQR3AxQkkKLT4gc3NoLWVkMjU1 +MTkgSk00dDZBIDhYRlpJZWREbDNSeldwbEM1ZXA2dUpMcDBJK3owdGpIWWlvT1Fa +TnJrbFUKQWMyY2dvUDJwUW50Wk1oSzNCTysvL2JPSDJ1V1dmSXRDRmRRK0R4OTVS +TQotPiBzc2gtZWQyNTUxOSA5aEV5RFEgbXVHNEg4c282dmRodEdheVdYVjAwb3Y5 +VUU3R095aDBJaTlzdlhkYkpSOApFcDFhZmlwdjg2VFdiVGI1Y3ljOC8wWFVqbE5o +VWgxUmVReUZ0NHl2TGpNCi0+IHNzaC1lZDI1NTE5IHU3WjNqdyBpQ1pYNXJwZVpy +QXhBQ3dySXg3Y3IxYW1FWEl1eW5ISGtva2pEdEQzUUFRCi9DMWg3R2pwR3dXaWta +UHRhNFZHT2w1MXF5VFNJU3EzSU1nSHdjVG5YeFUKLT4gc3NoLWVkMjU1MTkgV2c5 +M3J3IE9iS2cxQUZucHorOVJTeGEwaFZxTDU2ZE0wdXd2Rk8yUmZ2amxEaGxMem8K +Qlg3T3Bqbkc5S21Nc20wMTBRZUlUeUJucHY5RWhWbFg1S2VEWGtnK09VMAotPiBz +c2gtZWQyNTUxOSBQeEt3alEgOUxZWCthUkxlaG5MYmRQbTRSSjFZNnI5TndBSmZs +VDFjOGxXZlZxZmltYwp6TnBFMFdNbXArdHBuZThxeWwweGtFZmR6eEx2YXZ4U3U0 +bHpFODM2QmV3Ci0+IHNzaC1lZDI1NTE5IEIzZFhTQSBKVFVsbW5BV0lnM0ZkU2tC +U1VPbjRBY0M5ZW9TdEg1U2JtTHlGVjZ3TkFNCnNjRjFYMDBwSnBOMzZnSWhpSFF6 +d3M1SHFVdzJGUGxEYU9zOU0zOElRc3cKLT4gc3NoLWVkMjU1MTkgUWZwS1ZnIGRa +T01iT3FKUzNBcU92MUJEOXBzN1RuWGdhLzlrWGZxUDUvQnM0eUFXdzAKV3Jlb1Zn +MndtZ3BXNUVpUHNnSXB5RFd3MXEwYnFIZ1c0NFVRdmJBUGpwMAotPiBzc2gtZWQy +NTUxOSAwZHBkZ1EgT0RnMi8zUkUyaGNFWjFFazd6OVJKbWN3bXJwZDYwUUc1a3B5 +Q3krNEVqUQpRcEpCQWV2NWRVSURjR0szMmZzdEZoS0FXUC9uTmxuMmhJWnFZbDhZ +M1NVCi0+IHNzaC1lZDI1NTE5IHVsMGt4USBaYURCWWl0czdtQ0VlbWlBellIQ0dy +amlSMEpjUXlMWHkvMm1YVGNHVUhvCmwxa2JOMktncTVNRTUvNVVkZksvOVp5TE8w +MnJKWUhwNm9wSGZxeklIbU0KLT4gc3NoLWVkMjU1MTkgWnc1SGt3IGowTGFsNUZN +ekY0Qmp0MDNHTG9xS2M5c3h1L2VtZnNkd0c2aXc2ejhtVjAKd2huNHRldE5BTkNV +dGVFMEFzMERlOHNFZXFKUWQzRXIrUXZYUm9YM2ZDawotPiBzc2gtZWQyNTUxOSB6 +RzMrMXcgTkQ5TGxvOGUveUwxb2Jua0xoMUFTSU9TMWMyUzFCRDJEWitBTERCOEpD +cwovRkNBYy9JQU1UclBUUjd2YkkrQTlDak1OSTRpM0ozWE5VbmE5Y3pNb0JFCi0+ +IDtfZXAtZ3JlYXNlIGBpc21oYQpLcmd4OUVOMlJ1QXA2ZTJob0pUajFqWWphM1p5 +TkFtN3QxUTB5K2g0QWFNNGlyblFUa2hmdVFsNHMxZG9GbllQCmIvcTlyd05tMmZj +c3lKeEVjZklCYUliM05CeDIKLS0tIDUyaUwxQytCTnN2c2lTNEdibUxVcFdqblN5 +V1paV1Fyc1VQZDR0N0hZSTAK1B/SO9aHuG9iLuOJ6dar+tdeNznBZkRTZ9GoU1eT +TOEnE8+Iw+jy2egZsZM/g/dtwXdVQXQx3OhtgQnP2hnye84sTUqEGQvuZru1tJar +z7nXQcpShe+v5BclP9cQJSN9BgrXaamJP1IBdrZtNERBaMU7KQuBVSBZ789NUBbM +GaTRqoTaProG7Ex2XQ== +-----END AGE ENCRYPTED FILE----- diff --git a/secrets/secrets.nix b/secrets/secrets.nix new file mode 100644 index 0000000..5c3c3ac --- /dev/null +++ b/secrets/secrets.nix @@ -0,0 +1,46 @@ +# Used by ragenix nix only. +# Ensure that $RULES has been set via direnv +# Edit a key: `ragenix -i ~/.ssh/id_ed25519 -e secrets/someKey.age` +# run `ragenix -r -i /path/to/your/key` after modifying any keys below +# +# Re-keying is required after adding new hosts or keys: +# run `ragenix -r -i /path/to/your/key` +let + craige = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDtjE0YstRzlh+Zhlj03th9DYOkMqJ5xHUcderBq151K"; + ops = [craige]; + users = [craige]; + + airgead = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBanX/MOfoTT8Y/2x24yusGQzfxBqlaKxVbpNiqnAmKp"; + brighde = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOxma18HaXAQlD33jR5iIolSI9p2hTDAMkw6rlQXHnl7"; + ceitidh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEGB8EUbqoarM4GmPgE2DBF4z/L6wVNc+lF27Z83XDUz"; + cuallaidh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKfELhpKAIDCTFYrO4wXP9BrXsUlafcD5vELQwtF4LCl"; + dionach = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPcLVq/vaqNz+SzTKHd2mlw+jEYG+JYdYP/1mwK6lF0J"; + doilidh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIVqs/F41PYoOPtThVRhLFjl+g/sH4aKRxki0CkZxj/7"; + eamhair = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMgjh98yNFdvLygrVdPaS8h6+1FoLRVCzzLbKr255zO0"; + iolear-beag = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA/57dNKaPjljQz+xc299xmT+njVL6AqEGuKr3SrFrxT"; + sanganto = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ2c9oj7yQLuIjQQR5fGV4FHPfhb4VpLnXeQJv15Hti+"; + sercanto = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIMxMEwo3nv7yHQOQEUt2HZdgTBfe5Y7xa1kmvC9qjbi"; + teintidh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFhe0W7iAe9E00IUDo83nOY4BKfyoLVQPKlT8EZPvdwx"; + systems = [ + airgead + brighde + ceitidh + cuallaidh + dionach + doilidh + eamhair + iolear-beag + sanganto + sercanto + teintidh + ]; +in { + "root-ops.age".publicKeys = ops ++ systems; + "craige-ops.age".publicKeys = [craige] ++ systems; + "root.age".publicKeys = ops ++ systems; + "craige.age".publicKeys = [craige] ++ systems; + "fiona.age".publicKeys = ops ++ systems; + "hamish.age".publicKeys = ops ++ systems; + "logan.age".publicKeys = ops ++ systems; + "xander.age".publicKeys = ops ++ systems; +} diff --git a/secrets/xander.age b/secrets/xander.age new file mode 100644 index 0000000..f58228f --- /dev/null +++ b/secrets/xander.age @@ -0,0 +1,35 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IEZCOVgxUSBSUU9Y +YVJBbDlYR1hDNDdJUVFRYUpYTlBjaVZlazV6bUlPa1UvLzV3TjBJClpneEZsVEc1 +K0lFd21HUjJUSnBmdy9OSmNMUzBtcHRlTTRwZUtNZVV2ZVEKLT4gc3NoLWVkMjU1 +MTkgSk00dDZBIDhYaTd3dFNDUTJvWmcxSks0aWZIeThhdU9XT3ovelBqQnZNcXF4 +MWR1bjAKVHBVdEdZeU5uNy9yQndUeHp5RUxDTkhPSHBoby9LaDBVRjVFNnhzWUlO +dwotPiBzc2gtZWQyNTUxOSA5aEV5RFEgdTJvQW1LUGY4NU1kNmVYZ1hXN3pIRXRE +cytyMWdoTHZqdEJDcnZCN1B5Ywo4UnNKdCtXQStSSWxmRnl6eldmZEd3cm9DNUNF +S1VJenNFUVRCZ3RzUE1RCi0+IHNzaC1lZDI1NTE5IHU3WjNqdyBQQ1BmMnlVK3pt +c1F5MTJQRGs3cHBkWUtwTUtRWDB4MVBJVlZuRkhSMTFnCnBPaXpJMk1zSFpIVGMx +NUdFT2VyUUEzeXpxR2pnSXk2bDZjb2ZZV3pqbk0KLT4gc3NoLWVkMjU1MTkgV2c5 +M3J3IEhvalpnQk52M3ROd0FhWEErRVVtYTNaM0YySU42WTdzTGFtK1RkalRzdzgK +WEpaVzNKSVpKdVIyZy9vL2YvTXlMcXhXaVZ4VGZrZEpaejJnK0RidG5McwotPiBz +c2gtZWQyNTUxOSBQeEt3alEgU3ptQXdZdlVzdUJST3hXTGpEMG1vSzR5S3Uzd2Jw +R0VpdVlnR3N6WHlTTQpMcE8wZ0EvVFZ2TTF0N01PVkl2WEFJY3lIN1NuUGtDOTZi +a0xlMFhvb0FJCi0+IHNzaC1lZDI1NTE5IEIzZFhTQSBSdTdHWkJCb2ZkY0tyYzEy +aU13UWk5RGV5MDRIWGwyOXBQcmlKV0R1U1JjCm1ueVV5WmVKMVU2cklaa0IxUCtI +NmRYeTVkTklNanJtbFpVWGE3ZVFIeVkKLT4gc3NoLWVkMjU1MTkgUWZwS1ZnIE80 +aGVQZUs0VzVTaHBqNnRwa3NhU3FjNkxqMHczbEdQcXlXWkhuTDVrUlUKSlRDTXM3 +QXY3V3FLUmlSOUYwdHdyc0sveDMzVUpQbTVueER5U21iU04xYwotPiBzc2gtZWQy +NTUxOSAwZHBkZ1EgWUxWZ0cyV0daK1lPUE93VzFEVFFnbGw4aUpXS1hOQUtQcXJT +cDBaVVFYMApwUCtpRTdpTzlta1hmQmZYdDlheEczeWU4WFcwWDdkZ1lvUkU2NFQ5 +a2tBCi0+IHNzaC1lZDI1NTE5IHVsMGt4USBlSzlYSS9XeHAvOVZ5a0FBV3ZkZGlK +QVREVExRR2NWWjFZVUk0cnF1UERBCmRNN3Y4TTVwRDNVQWFRMGNJcmN1QjZmOGZZ +QVJRQTZmT0RrYzhYUVJ2TWcKLT4gc3NoLWVkMjU1MTkgWnc1SGt3IEkrazBzeUdt +bVh4N3BuWGlzSWgzRm9yeVF1QkJTQWV5RVFhbTgydUVQU2MKR3V6VVRWbGtmdC9q +cE4waHgzeERNSzBaeVlpdS94eEdzSzhvazExWjlVOAotPiBzc2gtZWQyNTUxOSB6 +RzMrMXcgZ0IzcnVDQmlPM1VuRU1IQmVINUdSM3lnWFMxbmJNaXpsVndVMlRyT1RS +SQpZN2RURklHUnE4dm8rdUNFbndWRkdvSFRhSDFJTHAxY1NTUXZxS01xSERzCi0+ +IEMtZ3JlYXNlIFhRISJPIGIrNUEgVlg0L0kKZWZ4UjNaYnQxcnNZZldqQm1BCi0t +LSArUFpsNkdqLzVHVjRTcVRBR0NxTS8xTGVxVis4cGdRdFJYUW5aeitIeG9zCpKQ +++U8BCnn//2Q4nIzSEVU1E+jjVXGWXGX4LoU7KFEnjEifotQ126GxH1SQqzhYGZW +96Frfo7HFFmM1i9dkiq0Yw2mNZkL9rTjbdIKA+oseKQKJN+HDb08HY1oKfJoCAmT +YotZp05aO2hJYEFkNCVl8mOIyXSExNGJdSvqFS/kRcphX36T2Q== +-----END AGE ENCRYPTED FILE-----