zuckerberg/nix-config
zuckerberg/nix-config
1
0
Fork 0
Code Issues Pull Requests Actions Activity
nix-config/secrets/restic-password.age
Zuckerberg 71baa09bd2 Refactor imports and secrets. Add per system properties and role based secret access. 
Highlights
- No need to update flake for every machine anymore, just add a properties.nix file.
- Roles are automatically generated from all machine configurations.
- Roles and their secrets automatically are grouped and show up in agenix secrets.nix
- Machines and their service configs may now query the properties of all machines.
- Machine configuration and secrets are now competely isolated into each machine's directory.
- Safety checks to ensure no mixing of luks unlocking secrets and hosts with primary ones.
- SSH pubkeys no longer centrally stored but instead per machine where the private key lies for better cleanup.
2023-04-21 12:58:11 -06:00

1.0 KiB
Raw Permalink Blame History

age-encryption.org/v1
-> ssh-ed25519 yHDAQw LyoiocIPWoX81W5lD5OBD5P48QC3CtVHmpATJTfz70Y
fnRfSV68RLkMc+W6WX5aqxMQxDz7UviTNQqB5KAtKYs
-> ssh-ed25519 dMQYog nQ49ARJDvvVmZEQu1YlYKGba5Dh5U4bGKsLAZfPDqUg
9Rs0zISa1FDT3ngBBwp5vXi8aR+a/Z+BrGIEKVUJWkQ
-> ssh-ed25519 fwBF+g Zap6yPIuauggXP00/It4kYJV2G539vUblQsfwgVzVHg
83K5JgUeHjf6lYv8H3YvsbBzrFOgsQyqLVm4h5Be5gE
-> ssh-ed25519 6AT2/g 7QlvTxNNubo2dRwVwfjxr+9MOge9XIsrJVLeAtpkewg
lxzXO7PIKNzrKwj0KhyHetavLM3zqjbXu4h/S7tDJns
-> ssh-ed25519 VyYH/Q tfgTbXGhdOru7FyVWPVf9tBLcuLZJQWnWZkL8yOjQyg
HIKUKzWhEM0PD+EKpI5asIwQF3Lx8CYeURVce2QAMZU
-> ssh-ed25519 hPp1nw xHd4/TCZAi/zwSL0fj7FVGHkykKAmvh29tJReIAUDFg
/TrZ77mu8vGmudrrPkDgQPiLr2o84lDrsVgY31xMHUQ
-> ssh-ed25519 dMQYog 20tuoqjWl4dQBpEKiiSrbEmwW9ZLml3F8MS7riyu1GI
I/jrnGVCw37hxoKnf/yGPlvGlXPXy+c1sz1ouY44KF8
-> 0UxZ/o4-grease V+d
VgDtDiYRn+VzFbhXGHjOTbdN/V/vSW7STbKquW96A68DRzKH6yDn/4Ia4tX469eA
y6swdFIvbsPFnldalFKxKhHqjKRSJPLAKeWECe/I
--- ZEnygego6ke0cW4acYxInaRQXXOaKoSNklgTn7KPOfg
ZÔPÊ|>ªîÃÆÍË<C38D>+:NdÌñ*Pû¢i+¾¡ä§²çÙ3ôGÛ J´”Ž÷bkc<>ìF<‡Ö0zá€Í½÷<C2BD>`W/2 ƒ<>4¯{O"áüF°jS^f_¸£€