diff --git a/.sops.yaml b/.sops.yaml index 437479c7..25a0f180 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -7,7 +7,7 @@ keys: - &framework-server dfd3a496aba156fa521e82ada77d68dc727cf52b - &osaka-linode-01 5f548d87ab2b8a4d48d80da3f2ff8352998da7fa - &milan-linode-01 264f9137377eda3b95c82c86cebd6d17984b8d4e - - &frankfurt-linode-01 + - &frankfurt-linode-01 22f094819dc2100f3391d47aadcffd115d2386d8 - &piaware-rpi4 4216b645667670a6130bb95a72a56f8269cd0818 - &backups-rpi4 8b37122bb46dc98c208002d65e94778ecd94bd4e - &bakersfield-rpi4 c93d5c2da5efe4ba4103c8f571faa392f202eed4 @@ -71,6 +71,7 @@ creation_rules: key_groups: - pgp: - *albert + - *frankfurt-linode-01 - path_regex: secrets\/hosts\/milan-linode-01\.yaml$ key_groups: diff --git a/keys/ssh/keys.txt b/keys/ssh/keys.txt index 5f20cc84..24dcfd4e 100644 --- a/keys/ssh/keys.txt +++ b/keys/ssh/keys.txt @@ -46,3 +46,6 @@ ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB140g0mCbukU0jGoOzLE9LqY5dYJkFLG8pfBhKhq1AL # (Sat Apr 27 05:28:13 PM PDT 2024) albert@bakersfield-rpi4 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJm3bTcalJgoZt7t5FqFrJl7ZYlC09ew2QWUVF6w1Iih albert@bakersfield-rpi4 + +# (Sun Jun 23 20:07:13 PM JST 2024) albert@frankfurt-linode-01 +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH62HFG6IWoTn4szLnutEs/+4xxmfNyyIDSGqQjHCDm1 albert@frankfurt-linode-01 diff --git a/nixos/hosts/framework-server/default.nix b/nixos/hosts/framework-server/default.nix index fa14ba95..97bf5ea5 100644 --- a/nixos/hosts/framework-server/default.nix +++ b/nixos/hosts/framework-server/default.nix @@ -24,10 +24,12 @@ # backups-rpi4 cron job to back up sysctl.io's Docker files # osaka-linode-01 cron job to copy certs for the DERP relay # milan-linode-01 cron job to copy certs for the DERP relay + # frankfurt-linode-01 cron job to copy certs for the DERP relay users.users.root.openssh.authorizedKeys.keys = [ ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKp2wgqFcr0LGaUXbom88/zK2631pysePUWIaCMljT0K root@backups-rpi4'' ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKkNFdEcYIrjss1Nz0tU/AX89hUMmxB/Vabvsa7A6E2K root@osaka-linode-01'' ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIORCrD/ZWXbAfi5eIN8b9dwuvMuPPTgpMiIFh1WagXV2 root@milan-linode-01'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIkJyYn5uFTC9hND/MdhXig69/VcXEZ9dTipuV/6lov root@frankfurt-linode-01'' ]; services.openssh.settings.PermitRootLogin = lib.mkForce "prohibit-password"; diff --git a/nixos/hosts/frankfurt-linode-01/default.nix b/nixos/hosts/frankfurt-linode-01/default.nix index a423fe38..0a573c72 100644 --- a/nixos/hosts/frankfurt-linode-01/default.nix +++ b/nixos/hosts/frankfurt-linode-01/default.nix @@ -35,7 +35,7 @@ nix.distributedBuilds = true; networking.useDHCP = lib.mkDefault true; - time.timeZone = "Europe/Rome"; + time.timeZone = "Europe/Berlin"; networking.hostName = hostname; services.tailscale.extraUpFlags = [ "--advertise-exit-node" ];