From a86366546b40f3726af99851b5bf96b332d41ed5 Mon Sep 17 00:00:00 2001 From: Franck Cuny Date: Thu, 21 Apr 2022 19:47:50 -0700 Subject: syncthing: enable on trusted machines Add the cert and key for aptos. --- hosts/aptos/secrets/secrets.nix | 18 ++++++++++++++++-- hosts/aptos/secrets/syncthing/cert.age | Bin 0 -> 1209 bytes hosts/aptos/secrets/syncthing/key.age | Bin 0 -> 664 bytes hosts/aptos/secrets/wireguard_privatekey.age | Bin 467 -> 470 bytes profiles/trusted/default.nix | 1 + 5 files changed, 17 insertions(+), 2 deletions(-) create mode 100644 hosts/aptos/secrets/syncthing/cert.age create mode 100644 hosts/aptos/secrets/syncthing/key.age diff --git a/hosts/aptos/secrets/secrets.nix b/hosts/aptos/secrets/secrets.nix index 28c4078..425a15f 100644 --- a/hosts/aptos/secrets/secrets.nix +++ b/hosts/aptos/secrets/secrets.nix @@ -1,4 +1,18 @@ let - aptos = + fcuny = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIdlm/qoR/dnMjZhVSTtqFzkgN3Yf9eQ3pgKMiipg+dl"; -in { "wireguard_privatekey.age".publicKeys = [ aptos ]; } + aptos = + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOTcPGaiL+/Mwl8JzLHrBwas7QvWPjix4lnaAA1tw+5t"; +in { + "wireguard_privatekey.age".publicKeys = [ fcuny aptos ]; + + "syncthing/key.age" = { + publicKeys = [ fcuny aptos ]; + owner = "fcuny"; + }; + + "syncthing/cert.age" = { + publicKeys = [ fcuny aptos ]; + owner = "fcuny"; + }; +} diff --git a/hosts/aptos/secrets/syncthing/cert.age b/hosts/aptos/secrets/syncthing/cert.age new file mode 100644 index 0000000..33c6645 Binary files /dev/null and b/hosts/aptos/secrets/syncthing/cert.age differ diff --git a/hosts/aptos/secrets/syncthing/key.age b/hosts/aptos/secrets/syncthing/key.age new file mode 100644 index 0000000..4e5c123 Binary files /dev/null and b/hosts/aptos/secrets/syncthing/key.age differ diff --git a/hosts/aptos/secrets/wireguard_privatekey.age b/hosts/aptos/secrets/wireguard_privatekey.age index 2f6edf3..17559c3 100644 Binary files a/hosts/aptos/secrets/wireguard_privatekey.age and b/hosts/aptos/secrets/wireguard_privatekey.age differ diff --git a/profiles/trusted/default.nix b/profiles/trusted/default.nix index bbaa1df..95f0645 100644 --- a/profiles/trusted/default.nix +++ b/profiles/trusted/default.nix @@ -16,5 +16,6 @@ in { my.home.mail.enable = true; my.home.pass.enable = true; my.home.seahorse.enable = isEnabled; + my.services.syncthing.enable = true; }; } -- cgit 1.4.1