diff --git a/.sops.yaml b/.sops.yaml index ea220022..e8504c14 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -1,16 +1,16 @@ keys: - - &user-albert D98BBC6C9A27324654C2D8C464F6C4EB46C4543A - - &host-nixos-laptop ca375f85e93f5327eca3e0af996236957c887168 - - &host-nixos-rpi4-01 b8313b59194b577cb5a0187bbfd686dae3a80e78 + - &user_albert D98BBC6C9A27324654C2D8C464F6C4EB46C4543A + - &host_nixos-laptop ca375f85e93f5327eca3e0af996236957c887168 + - &host_nixos-rpi4-01 b8313b59194b577cb5a0187bbfd686dae3a80e78 creation_rules: - path_regex: secrets/secrets.yaml key_groups: - pgp: - - *user-albert - - *host-nixos-laptop - - *host-nixos-rpi4-01 + - *user_albert + - *host_nixos-laptop + - *host_nixos-rpi4-01 - path_regex: secrets/tailscale.yaml key_groups: - pgp: - - *host-nixos-rpi4-01 \ No newline at end of file + - *host_nixos-rpi4-01 \ No newline at end of file diff --git a/README.md b/README.md index 2b6e8372..5c2ad018 100644 --- a/README.md +++ b/README.md @@ -116,7 +116,7 @@ Completed ToDo List [here](complete.md) # GPG Keys 1. Import the user private key: `gpg --import gpg/users/albert/privkey.asc` 2. Mark it as trusted: `gpg --edit-key albert@sysctl.io`, then type `trust`, then `5` -3. On each new machine, run `sudo nix-shell -p ssh-to-pgp --run "ssh-to-pgp -i /etc/ssh/ssh_host_rsa_key -o $(hostname).asc"` +3. On each new machine, run `sudo nix-shell -p ssh-to-pgp --run "ssh-to-pgp -i /etc/ssh/ssh_host_rsa_key -o /etc/nixos/git/keys/hosts/$(hostname).asc"` * This will output the identifier you add to `.sops.yaml` * Move `HOSTNAME.asc` to `keys/hosts/` and upload to git and rename accordingly.