mtworx: set real passwords
This commit is contained in:
parent
c11edc3576
commit
f2998e7aeb
16
flake.nix
16
flake.nix
|
@ -186,14 +186,14 @@
|
|||
nixos-hardware.nixosModules.lenovo-thinkpad-x1-11th-gen
|
||||
nix-index-database.nixosModules.nix-index
|
||||
|
||||
#agenix.nixosModules.default
|
||||
#{
|
||||
# age.secrets = {
|
||||
# motiejus-passwd-hash.file = ./secrets/motiejus_passwd_hash.age;
|
||||
# root-passwd-hash.file = ./secrets/root_passwd_hash.age;
|
||||
# sasl-passwd.file = ./secrets/postfix_sasl_passwd.age;
|
||||
# };
|
||||
#}
|
||||
agenix.nixosModules.default
|
||||
{
|
||||
age.secrets = {
|
||||
motiejus-work-passwd-hash.file = ./secrets/motiejus_work_passwd_hash.age;
|
||||
root-work-passwd-hash.file = ./secrets/root_work_passwd_hash.age;
|
||||
#sasl-passwd.file = ./secrets/postfix_sasl_passwd.age;
|
||||
};
|
||||
}
|
||||
];
|
||||
|
||||
specialArgs = {inherit myData;} // inputs;
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{
|
||||
pkgs,
|
||||
#config,
|
||||
config,
|
||||
myData,
|
||||
...
|
||||
}: let
|
||||
|
@ -64,10 +64,8 @@ in {
|
|||
base.users = {
|
||||
enable = true;
|
||||
devTools = true;
|
||||
root.initialPassword = "live";
|
||||
user.initialPassword = "live";
|
||||
#root.hashedPasswordFile = config.age.secrets.root-passwd-hash.path;
|
||||
#user.hashedPasswordFile = config.age.secrets.motiejus-passwd-hash.path;
|
||||
root.hashedPasswordFile = config.age.secrets.root-work-passwd-hash.path;
|
||||
user.hashedPasswordFile = config.age.secrets.motiejus-work-passwd-hash.path;
|
||||
};
|
||||
|
||||
services = {
|
||||
|
|
|
@ -7,6 +7,7 @@ let
|
|||
};
|
||||
|
||||
fwminex = (import ./data.nix).hosts."fwminex.motiejus.jakst".publicKey;
|
||||
mtworx = (import ./data.nix).hosts."mtworx.motiejus.jakst".publicKey;
|
||||
fra1-a = (import ./data.nix).hosts."fra1-a.servers.jakst".publicKey;
|
||||
vno1-oh2 = (import ./data.nix).hosts."vno1-oh2.servers.jakst".publicKey;
|
||||
vno1-op5p = (import ./data.nix).hosts."vno1-op5p.servers.jakst".publicKey;
|
||||
|
@ -44,6 +45,10 @@ in
|
|||
// mk ([vno3-rp3b] ++ motiejus) [
|
||||
"secrets/vno3-rp3b/datapool-passphrase.age"
|
||||
]
|
||||
// mk ([mtworx] ++ motiejus) [
|
||||
"secrets/motiejus_work_passwd_hash.age"
|
||||
"secrets/root_work_passwd_hash.age"
|
||||
]
|
||||
// mk (systems ++ motiejus) [
|
||||
"secrets/motiejus_passwd_hash.age"
|
||||
"secrets/root_passwd_hash.age"
|
||||
|
|
|
@ -0,0 +1,13 @@
|
|||
age-encryption.org/v1
|
||||
-> ssh-ed25519 9Chcgw vg3W53xW09Vj/d3KxV7f1ON+a+FnmLMYzW+dC/zHkyg
|
||||
KtUcTwHa+WNt+g1cfB5qXT2SIBh1ysrXhlweHDnbJFU
|
||||
-> X25519 y50G92FjN3/2mw35luKw4jcKUGdUsF93wcROe4rArlE
|
||||
gobgcFB4lLDvG3CRBnoHcwOg8uy4eVW+H8OAgWY5PuU
|
||||
-> X25519 r+uUjbZ8KUiTy9v3wh1VimRcIgIPliLvSVAvn1WhXhg
|
||||
nEONILHeRRbYyolcZxa1xmX59/nRrr1VBHofHlv8fKo
|
||||
-> piv-p256 +y2G/w AzshVf1h1wwccMCaoA4ecA7DFCGpjvQzbSF3ba9BSyzf
|
||||
QG9joDdEaTwm1jOJcpPjOjF1hcbpWW6R1XauVqftwRo
|
||||
-> piv-p256 jNqd3A AmuFCf9f+HQD60WNmfgJKVXT75h03R3pV8sy2qJtfgWY
|
||||
kxwEeP6c/yuSiYIeI442lmJFh2ndiPhHgvtQ2jopOgw
|
||||
--- /WYmyrdPD9FPxGcnLEyB0v/6FF8z3gBluRUvuCHZ1Hg
|
||||
ç6<EFBFBD>G;Ü2øÎg°ZAP%\ŸÆ#ÛcXìw?Ëi—ùn³ùyÒ.|ÚÖ
|
|
@ -0,0 +1,13 @@
|
|||
age-encryption.org/v1
|
||||
-> ssh-ed25519 9Chcgw xHFdtAcqXP8liBH6d0f4YMnJr40Dc28DEfHdaoc5URQ
|
||||
7zUFLDvPKLPps8m5QDAq6ihGOgNRWpUWUWsP3Qx36lE
|
||||
-> X25519 coQ3u77ihjGH6LzhA/xOzUQNDluPd6BohBKFvn/B9Sc
|
||||
QQEyxuBqQjvZpbqEZddw0diqxPKL7q9wNmnw0wm3mQw
|
||||
-> X25519 eW5/HibxGv+Sr6yu11M6DL+nj9K24Y11HBeeJ3bo6k0
|
||||
2OLw0jKufwZhG0qkmzhUPX9fhXjB7TiAm/bJ7yyHh/A
|
||||
-> piv-p256 +y2G/w A5hWirVdDPfSbl0X5gUF+ah2fvtLIg2Q6xQD471tWd74
|
||||
oMLINAjt68FQGoM8KIDkgXG5yeOoZF/BJ4LkOSc9Cgc
|
||||
-> piv-p256 jNqd3A AktamVhuado6Z/OVaiEwywK9UkBlTrwBY9kgtFi3bPtf
|
||||
kZ91Ztn5FtcfLwXjezGx+tT2NEgwBm8aiEZ+lYLaY/A
|
||||
--- ymPZJ07orh8AKprqAg7W7sFYrwz2siJRr9kcWdYrZOk
|
||||
Í*Ó«„ñµVY* 0u¦gmBÝØŸï$ƒ÷Òá_<>€m~רeÑY‹q‘“Ä<E2809C>·
|
Loading…
Reference in New Issue