From 60cf99e821543882f530216f58f9406e22724102 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Motiejus=20Jak=C5=A1tys?= Date: Wed, 24 Jul 2024 09:02:57 +0300 Subject: [PATCH] fwminex: change passwords --- flake.nix | 4 ++-- hosts/fwminex/configuration.nix | 4 ++-- secrets.nix | 3 +++ secrets/motiejus_server_passwd_hash.age | 14 ++++++++++++++ secrets/root_server_passwd_hash.age | Bin 0 -> 731 bytes 5 files changed, 21 insertions(+), 4 deletions(-) create mode 100644 secrets/motiejus_server_passwd_hash.age create mode 100644 secrets/root_server_passwd_hash.age diff --git a/flake.nix b/flake.nix index 5fee039..802b896 100644 --- a/flake.nix +++ b/flake.nix @@ -198,8 +198,8 @@ agenix.nixosModules.default { age.secrets = { - motiejus-passwd-hash.file = ./secrets/motiejus_passwd_hash.age; - root-passwd-hash.file = ./secrets/root_passwd_hash.age; + motiejus-server-passwd-hash.file = ./secrets/motiejus_server_passwd_hash.age; + root-server-passwd-hash.file = ./secrets/root_server_passwd_hash.age; sasl-passwd.file = ./secrets/postfix_sasl_passwd.age; #syncthing-key.file = ./secrets/fwminex/syncthing/key.pem.age; #syncthing-cert.file = ./secrets/fwminex/syncthing/cert.pem.age; diff --git a/hosts/fwminex/configuration.nix b/hosts/fwminex/configuration.nix index d67736d..0ed2378 100644 --- a/hosts/fwminex/configuration.nix +++ b/hosts/fwminex/configuration.nix @@ -75,8 +75,8 @@ in { base.users = { enable = true; - root.hashedPasswordFile = config.age.secrets.root-passwd-hash.path; - user.hashedPasswordFile = config.age.secrets.motiejus-passwd-hash.path; + root.hashedPasswordFile = config.age.secrets.root-server-passwd-hash.path; + user.hashedPasswordFile = config.age.secrets.motiejus-server-passwd-hash.path; }; services = { diff --git a/secrets.nix b/secrets.nix index 1aaaffb..30d7945 100644 --- a/secrets.nix +++ b/secrets.nix @@ -54,6 +54,9 @@ in "secrets/mtworx/syncthing/cert.pem.age" ] // mk ([fwminex] ++ motiejus) [ + "secrets/motiejus_server_passwd_hash.age" + "secrets/root_server_passwd_hash.age" + "secrets/fwminex/syncthing/key.pem.age" "secrets/fwminex/syncthing/cert.pem.age" ] diff --git a/secrets/motiejus_server_passwd_hash.age b/secrets/motiejus_server_passwd_hash.age new file mode 100644 index 0000000..34f76f2 --- /dev/null +++ b/secrets/motiejus_server_passwd_hash.age @@ -0,0 +1,14 @@ +age-encryption.org/v1 +-> ssh-ed25519 fqSa6A hUX8SMIltSRk2FNpPj8pIJJF6N8Xl9PvxAmPy/I4pTg +1AcS4NoPNxnfqw0Hq5vFSJzKmBQgVybxx5H28FWXljw +-> X25519 METMnWPJjNmFbSirhZnPohTrX5/jzqdZ9LbaGbny+j8 +LLsJ4b+QtRz8lAztyrtHRUo2tcnr/Ys+3NpjK+1mLzs +-> X25519 RzFjzJP8w8F8KQvPhJza3h3fSAlYLOUafncMyqqqIyk +hCfFzbCCZf3B1Jf0HRWbFF2CvcaEXmDwvedayAnpcQI +-> piv-p256 +y2G/w AxgF0UwYjjOolgr421coTO+AP67e8iUjW9w3JQ5U+Gw6 +ACKtWnXFwbqIiLF75PidWLZlKfrp7lMIF6xtDuGa8+0 +-> piv-p256 jNqd3A AjAzSLMAENocgbQkW2Ffa7YDWrBGn3+quqqExEddftLB +ikW/GG/la4AWKZ6bTCoXJak2UsNZgfkBr98JSnUy+/M +--- OdW3IMTiJE+rE35QuP2RddilGYf5boYkox9+Y18OCRg +7}x4D#rDTC +w_I Qpq=Y;h(.ʠхxE6HƉ*?,ŇX˲uqk^+/(SuGX#|{+Uբ.L Pxf>;/ \ No newline at end of file diff --git a/secrets/root_server_passwd_hash.age b/secrets/root_server_passwd_hash.age new file mode 100644 index 0000000000000000000000000000000000000000..51087b6ac19d50bc93dd29d55a4acb1e5cc31acc GIT binary patch literal 731 zcmYk%yNlCs003YWr!ESDn^?r*wDywx+Tfm&sAdZ5<=_!bR!N(_?dRiZ-{?rTm!@>N}H<1WS zqz@*8pqJJ)fa4gMG)7ICppwK$RPk&qLb)C@L}TKUGY*-R`c*?AJku~4PQWu*xhD#p z#Gs1L9M;4Z2{zJj)$OQSS;S?90i$8Ntp*K(r{jugW&62xP5KKlTt!pZ&;^E27#ze^XoYn*wAt^&NXHSQy6(n+^X95-UWLJ|)QrqN7CCU&f1XXIyn%d3~09LFV zhk|PSpTK7QlI=z0A zEELx_|166iX&EX>*{K{S!a-BENXa)O-_AOAy}DSQG;|E`j86yv%|d}67x+XZ)~Es* z>*3Ii@q9?PC?3k08sL#pd(w=@-6E!2Q$*@ozpZpS*$*k$gdG@9XwbE>1*a+&VL(I7 z#dWe#5E$EIMPT}nq!RX~LvK%Y@9JxNK0bSWZRN!B_Q%I!cITt{(ca