about summary refs log tree commit diff
path: root/hosts
diff options
context:
space:
mode:
authorFranck Cuny <franck@fcuny.net>2023-03-07 19:03:05 -0800
committerFranck Cuny <franck@fcuny.net>2023-03-10 18:20:07 -0800
commitb6a12af7a9602cad8f700e58494a024489f5482d (patch)
tree332f078b201f163f7dedb6bff449f86d4fd05f78 /hosts
parentmodules/secrets: use age keys for agenix' identity (diff)
downloadworld-b6a12af7a9602cad8f700e58494a024489f5482d.tar.gz
hosts/aptos: re-key all the secrets with age identities
This is now using the public keys from various age keys:
- one for my user on the laptop
- one for the root user on the laptop
- one backup key stored on the USB drive
Diffstat (limited to 'hosts')
-rw-r--r--hosts/aptos/secrets/gcloud/world-nix.agebin2752 -> 2859 bytes
-rw-r--r--hosts/aptos/secrets/restic/repo-users.agebin419 -> 573 bytes
-rw-r--r--hosts/aptos/secrets/secrets.nix17
-rw-r--r--hosts/aptos/secrets/syncthing/cert.agebin1209 -> 1266 bytes
-rw-r--r--hosts/aptos/secrets/syncthing/key.agebin664 -> 788 bytes
-rw-r--r--hosts/aptos/secrets/wireguard_privatekey.age20
6 files changed, 19 insertions, 18 deletions
diff --git a/hosts/aptos/secrets/gcloud/world-nix.age b/hosts/aptos/secrets/gcloud/world-nix.age
index a8b51b2..0168f1e 100644
--- a/hosts/aptos/secrets/gcloud/world-nix.age
+++ b/hosts/aptos/secrets/gcloud/world-nix.age
Binary files differdiff --git a/hosts/aptos/secrets/restic/repo-users.age b/hosts/aptos/secrets/restic/repo-users.age
index 59c435a..d41fd40 100644
--- a/hosts/aptos/secrets/restic/repo-users.age
+++ b/hosts/aptos/secrets/restic/repo-users.age
Binary files differdiff --git a/hosts/aptos/secrets/secrets.nix b/hosts/aptos/secrets/secrets.nix
index 674af9b..59e43a5 100644
--- a/hosts/aptos/secrets/secrets.nix
+++ b/hosts/aptos/secrets/secrets.nix
@@ -1,29 +1,28 @@
 let
-  fcuny =
-    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIdlm/qoR/dnMjZhVSTtqFzkgN3Yf9eQ3pgKMiipg+dl";
-  aptos =
-    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOTcPGaiL+/Mwl8JzLHrBwas7QvWPjix4lnaAA1tw+5t";
+  root = "age1g3hjfg8rsyaunsa63q73flxt0rnmqng5mvjk5qywsu0xjvuwq5rsmuxk35";
+  fcuny = "age1keyvdhpspgqp4g5zjthdphau5q5qlt6fs0ex0wqnve66dmup9pzqn4sakj";
+  backup = "age1fh4960rdrk4d7m4c5lwd3trvw9ylk09dvucj2gd2udy7d5cz2a0svcqws6";
 in
 {
-  "wireguard_privatekey.age".publicKeys = [ fcuny aptos ];
+  "wireguard_privatekey.age".publicKeys = [ root fcuny backup ];
 
   "syncthing/key.age" = {
-    publicKeys = [ fcuny aptos ];
+    publicKeys = [ root fcuny backup ];
     owner = "fcuny";
   };
 
   "syncthing/cert.age" = {
-    publicKeys = [ fcuny aptos ];
+    publicKeys = [ root fcuny backup ];
     owner = "fcuny";
   };
 
   "restic/repo-users.age" = {
-    publicKeys = [ fcuny aptos ];
+    publicKeys = [ root fcuny backup ];
     owner = "fcuny";
   };
 
   "gcloud/world-nix.age" = {
-    publicKeys = [ fcuny aptos ];
+    publicKeys = [ root fcuny backup ];
     owner = "fcuny";
   };
 }
diff --git a/hosts/aptos/secrets/syncthing/cert.age b/hosts/aptos/secrets/syncthing/cert.age
index 33c6645..643c161 100644
--- a/hosts/aptos/secrets/syncthing/cert.age
+++ b/hosts/aptos/secrets/syncthing/cert.age
Binary files differdiff --git a/hosts/aptos/secrets/syncthing/key.age b/hosts/aptos/secrets/syncthing/key.age
index 4e5c123..ccce5f9 100644
--- a/hosts/aptos/secrets/syncthing/key.age
+++ b/hosts/aptos/secrets/syncthing/key.age
Binary files differdiff --git a/hosts/aptos/secrets/wireguard_privatekey.age b/hosts/aptos/secrets/wireguard_privatekey.age
index 17559c3..9432fec 100644
--- a/hosts/aptos/secrets/wireguard_privatekey.age
+++ b/hosts/aptos/secrets/wireguard_privatekey.age
@@ -1,10 +1,12 @@
 age-encryption.org/v1
--> ssh-ed25519 dtgBNg FHZdyNsEtCMF7rNUGO7TauqsMfwDDGwcp9Qm0Ol9e1g
-RmWlyqW2jq3WkfRRmbGpaT/gre3ZSqQp4+lYEgXszAM
--> ssh-ed25519 +LF+iw ZmLkAMA1NOAwFMoCa0keA4K8VIo+hnTctFCWVaQbFWI
-mm91OaR6HC/W6Wml+AYwnKN1nzOmqt43VpEzv6SYKFE
--> $.%v/-grease R
-sVPs8WkXy+KnPioNwaun9oDe6k5ZvDQr7Km/6xIKmrOQkaEzflrLJXgj4GdmByki
-KktJM38SRPKiBhW757c
---- Y3jxOsnE/O8pGbt3P85sz1ZQ5uHzmIjozAzSvmhimHA
-Vsk¾\븡ФBȴROYxy+!m3;!{HC;A}
\ No newline at end of file
+-> X25519 cF4f+dR4+vxS/hQd1WoZZunRirr35gR1fYVWuh1nwQE
+UY5m7yloCfck7OVVliGX68zxh0QuvTSv7nxlnC5m1B4
+-> X25519 zxKJdMAMaZ5aCwyJMm+pqM/11yMus75bjfou0pzGTgA
+PedPmd2sI7rY8QETLY50IaFFeeS+IHewRpk8NX/MiRw
+-> X25519 Hz9sZ8VVQ8Mg8cksHMzn+V1NRMcahjIrq+n0LKnHhmw
+okLZa9YEQ8y3kRB0nQwtMx4OA9dIOYRt+E3O3BOkteA
+-> BG8F-grease
+3+ZxToXbRMhNaEH0KPXOEizBGesGGPTxVlGyHEnMJH63XdYk9DRiTfxt/FmN/K70
+LX+XL+LFIphYxtU2JZgFDdmpsH0
+--- vYsrZk3u29yzp9f8mTYPQn8Eie7xWYTq0Kh3Wp6MEaI
+LWD`ʬx2,zm+W908əhVXU*l_$lۓ}]EӣVIC
\ No newline at end of file