This commit is contained in:
iFargle 2023-09-15 23:05:30 +09:00
parent 6d8907298b
commit 7f50116204
2 changed files with 8 additions and 8 deletions

View file

@ -1,16 +1,16 @@
keys: keys:
- &user-albert D98BBC6C9A27324654C2D8C464F6C4EB46C4543A - &user_albert D98BBC6C9A27324654C2D8C464F6C4EB46C4543A
- &host-nixos-laptop ca375f85e93f5327eca3e0af996236957c887168 - &host_nixos-laptop ca375f85e93f5327eca3e0af996236957c887168
- &host-nixos-rpi4-01 b8313b59194b577cb5a0187bbfd686dae3a80e78 - &host_nixos-rpi4-01 b8313b59194b577cb5a0187bbfd686dae3a80e78
creation_rules: creation_rules:
- path_regex: secrets/secrets.yaml - path_regex: secrets/secrets.yaml
key_groups: key_groups:
- pgp: - pgp:
- *user-albert - *user_albert
- *host-nixos-laptop - *host_nixos-laptop
- *host-nixos-rpi4-01 - *host_nixos-rpi4-01
- path_regex: secrets/tailscale.yaml - path_regex: secrets/tailscale.yaml
key_groups: key_groups:
- pgp: - pgp:
- *host-nixos-rpi4-01 - *host_nixos-rpi4-01

View file

@ -116,7 +116,7 @@ Completed ToDo List [here](complete.md)
# GPG Keys # GPG Keys
1. Import the user private key: `gpg --import gpg/users/albert/privkey.asc` 1. Import the user private key: `gpg --import gpg/users/albert/privkey.asc`
2. Mark it as trusted: `gpg --edit-key albert@sysctl.io`, then type `trust`, then `5` 2. Mark it as trusted: `gpg --edit-key albert@sysctl.io`, then type `trust`, then `5`
3. On each new machine, run `sudo nix-shell -p ssh-to-pgp --run "ssh-to-pgp -i /etc/ssh/ssh_host_rsa_key -o $(hostname).asc"` 3. On each new machine, run `sudo nix-shell -p ssh-to-pgp --run "ssh-to-pgp -i /etc/ssh/ssh_host_rsa_key -o /etc/nixos/git/keys/hosts/$(hostname).asc"`
* This will output the identifier you add to `.sops.yaml` * This will output the identifier you add to `.sops.yaml`
* Move `HOSTNAME.asc` to `keys/hosts/` and upload to git and rename accordingly. * Move `HOSTNAME.asc` to `keys/hosts/` and upload to git and rename accordingly.