From e709b463909d61d2b50dcbc85e921dac6d78c421 Mon Sep 17 00:00:00 2001 From: foglar Date: Mon, 30 Dec 2024 16:18:44 +0100 Subject: [PATCH] added masaoka public --- README.md | 1 + TODO.md | 4 ++-- nixos/system/packages/sops/secrets/secrets.yaml | 7 ++++--- nixos/system/packages/sops/sops.nix | 7 ++++++- 4 files changed, 13 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 8ff31b2..0e872bb 100644 --- a/README.md +++ b/README.md @@ -98,6 +98,7 @@ sudo nixos-rebuild switch --flake ~/.dotfiles#kogami ### Secure Operations - Private key for sops is in **~/.config/sops/ags/keys.txt** +- You should change your public key after generation in [.sops.yaml](./nixos/system/packages/sops/.sops.yaml) - Generate your key using this command: diff --git a/TODO.md b/TODO.md index 99705db..f226f72 100644 --- a/TODO.md +++ b/TODO.md @@ -16,7 +16,8 @@ - [x] power profiles solution in waybar - [x] auto-cpufreq - [x] ssh config module -- [ ] modularity connected via configuration.nix file with home manager (disable gnome, gnome configuration will be disabled too) +- [x] fix colors in waybar +- [x] modularity connected via configuration.nix file with home manager (disable gnome, gnome configuration will be disabled too) - [ ] neovim - [ ] librewolf and firefox fix, extensions and bookmarks in librewolf - [ ] graph of my system structure @@ -29,7 +30,6 @@ - [ ] nix-on-droid - [ ] ssh public key deployment - [ ] consider moving userSettings from flake.nix to each profile -- [ ] fix colors in waybar - [ ] fix wlogout - [ ] update my home page and create new web diff --git a/nixos/system/packages/sops/secrets/secrets.yaml b/nixos/system/packages/sops/secrets/secrets.yaml index e5ba4e2..458d30f 100644 --- a/nixos/system/packages/sops/secrets/secrets.yaml +++ b/nixos/system/packages/sops/secrets/secrets.yaml @@ -4,7 +4,8 @@ ginoza: password-hash: ENC[AES256_GCM,data:xqE0y3Z7+kasYFQLn4Wuo+/c9L8BEakf2HKgN5BsttC2iDuzYSvXrP8K6pe5Skdi5Aq0MVz9LixJFM3PBgLORL1C6k0iDSardw==,iv:bKL40h0rGNmnnkA7EieKAD5KyENXOiTNsTVH1V0B7HU=,tag:c1MsRuiOK/j2b0iKOyO8FQ==,type:str] yubikey_id: ENC[AES256_GCM,data:ZyamX5gxoW4=,iv:4tW7muk6AaJf9VmXmFd6Ut63U27fFD8QgYSBx3RgOfw=,tag:IFlSiOffMyc33Rw1gxwCPA==,type:int] ssh_keys: - masaoka: ENC[AES256_GCM,data:VNR1euaaG0wfDvuSbwqga86QC/yir/GJ1sZLT6mzu3DxrxjexXbXP0nO79+l7FRQENZEU/e/wZ+V8Pb+9Tw/whDOVYM3EgAgsuialdc7LAkaaGyRe47+PpPaN7n/O6pPBRGSApDVf0xsw1R95pmL2jsM7nzs6WiiC+yG5FM2VdSxkxVJPkABmQpMzjoMyuB6QlQGCU+Q/+cuOL/7tsW6JFyKu8snTXyQg3EKomR07ZpxcE8whbEfmxdZbiNFitNmsnaRLGqkyd9iVHfW5PlvfU9s0C0CWZPTw23okCpGjaUwnbHcKVWlb6b1qbQRRoHwqFIArqC44COY6zT50rPsbwjLvU0gozBMCRYmZtZtMFQ50NYn2mfEU/6ZTWS67EmjYHwyR6mxTM9TeLpgsYWIqewB1te87y1q5+/EFHUAba3iINx/P/yJUUVUS9B85eosMgQsn4sn+3iMq7aZbNQeDOLU78xwFZpxHYK8MXVSLZf0dwQHyyFAHPtfHSXKJc3sWqMOeRuB8L3Xdn+k2cJAOfHZb4AidYYdie37oFXaVjLyCBgtvZzVFGUTameByD46TU82kFDzgNxKBzBNpNK5xM6l1eyE1Xm6t1bH69RiWF5Hn2i2UQj2vm3ScTlHdOymLy/DRBpg9BuhkkxA6FoaM0Iw0c0EInvcj2HdBR8FhoknktwBZDU/+zWj4vEkEnvvDyBJ0UH4QkgMDast6f+STqdURGCJAB/rBJcbmvJTsDa7,iv:wI2fH8hCBopVz3rWXj8el0Uof3DeL0lkezqE6MeMJ/k=,tag:uKDGStJ96RRqxX1wdIzgaQ==,type:str] + masaoka_private: ENC[AES256_GCM,data:3xiESl2Lc9EEsTCnr9K+CUMPgpQgnH0LC/wTInuLDrsRXuBXTHUzIZT1P8DwZ520M5NeGO0qDkiF4gH9rwm2Jzp3KKR7S1aruS51mouQUnr3e965RI9jeCdogQYkXMbpGVDk0eWApUx/iQz/hKWvaCRMBWOnnsTKRgDRRBNry8MJAFlypBbpr5aGnkJYzVCRH+c8b1tY8HYuZJtQpbeI5PK3YMhyD9AiUcl3j4LduY/GGcsX1so6EeNeYwzEWG7Qh9dEO2iFGwYhqtlPs3HgY9UrKUrFht6aDP+g6uzuK2Sg5iuKgygPviN0pbFcyKUWzqpecoOaMMFuf9GpDsqtDaE+I1c8XP4Fa4Nmql5P/0LVu2ozZwvUt179oo+8GboQunr0XdLSErUZwFMZ2uAaG5ej/5xaCLmaoM9Ukj804+6LWZ6ty595LmJhYREn1C8Dvka2IBEQk7pWfC3Y0eOFfUPqcsRG6VX1Aw0a7PSPaTCK7ZBLOqaNRihn1/AZd/4yGWmh+8eHoxh+/5mMXcv3nUS/nzxUDt6AxBhJP3LXbY+XDpWU+qdlF3sibcpfwzFcffO4g6ehQ6Jsbd7kbt5CefCp2uUamHvNHXSV41s1DCPtcKzKZ+RItPLa+6GM7KvqB0GN3G56MaiTbKtXzwUPzSzZHnKK2gN3GWd9VDTWQrMlh1Zre0PhdmYtjrvBGXDcmhfftowkzZZCT3Ml76356gjszs331ddXJ9v3gRh/TX2Q,iv:8Ls+tDol+PeNCJP+sy4qwTIDFMZJA9dF4x31pygUIXk=,tag:rGqgoyYu+Nd4d3KQ8XnlfA==,type:str] + masaoka_public: ENC[AES256_GCM,data:g6L2wZth2SaKDrD8hKlVkVWJa6WFi0XE2ra+9HF2uhTH1llCYmLab5CEhDsjTHyh65U4IAfsrYrMwlJH2iQXn/L6SLQmR00pn6qYfQ6sURCwZvSxKoJuHTuTNv7AH8J5Nxq/u6SMjYGVKhw/6ewHEOygVs0/a+rDFcn4x2WXPgRGKLa1CEyncfvslyYL,iv:dNDGDU0ZUuRDzcUTWh4SGnbfzuRUoDL4i1j/mLwQ1Gc=,tag:E8yzoyBee3uAgit9aoOeLA==,type:str] sops: kms: [] gcp_kms: [] @@ -20,8 +21,8 @@ sops: T0cxV21SN0hJaFg3R3hpTjIxa3lJNVEKdIrR5XDHxpCojk2A1pxc4dYtSJRrObbY JS/nDgu74LugEchiOhuIJ7nh3MS5XBOmmt2GTHrqxZEZFoIykjIGug== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-12-27T12:09:56Z" - mac: ENC[AES256_GCM,data:AFNKn5oyHEwxKkLHh67le/02QaBitPipF1+BzvYdxQgHjTm5JCGn1yZZHmNDMIRAVTSECubWh1fvBiCVbkTSIGnYjXEb/Kw3732E+Cb4RYAPQRVkdJeg9h1ZwmdGUGajjZwCtnuuUl65ZMpW7njVHT0M+y91nWAQJ4CAbrAfAbw=,iv:2wmu+hBG3azJT+wrvlZPpdfqaEAbBCeDM0ncgfvhzOg=,tag:5PVBh6a/bsLV9YsXnPO5aw==,type:str] + lastmodified: "2024-12-30T11:16:07Z" + mac: ENC[AES256_GCM,data:roSfCo0syYs/of6TRQ+IZhs/0sQPJPEkWvefjzz/ctC9Oi4zFh0xlsSBZk73l1d5cYwVOYIyxLcpXnuWJ2r8eKVLpVozik460rj7K5GlkRkcWYUE6nRv1Vzz5CVToCdx4ZX+3qG/gdDQXmpav+2ECadmysrlRaObQ9CpQm2jU6o=,iv:L8wOy6aWvB09EdCFe5I60J3LuBFxEDk4Aso+nU3wsPk=,tag:hYF1rrV8m+A8/ZGqww6HFQ==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.9.2 diff --git a/nixos/system/packages/sops/sops.nix b/nixos/system/packages/sops/sops.nix index e4948a6..dcce568 100644 --- a/nixos/system/packages/sops/sops.nix +++ b/nixos/system/packages/sops/sops.nix @@ -2,6 +2,7 @@ lib, config, userSettings, + pkgs, ... }: { options = { @@ -18,9 +19,13 @@ neededForUsers = true; }; + environment.systemPackages = with pkgs; [ + sops + ]; + # SSH private keys sops.secrets = { - "ssh_keys/masaoka" = { + "ssh_keys/masaoka_private" = { path = "/home/${userSettings.username}/.ssh/id_masaoka"; owner = userSettings.username; group = "users";