test
This commit is contained in:
parent
6d8907298b
commit
7f50116204
2 changed files with 8 additions and 8 deletions
14
.sops.yaml
14
.sops.yaml
|
@ -1,16 +1,16 @@
|
||||||
keys:
|
keys:
|
||||||
- &user-albert D98BBC6C9A27324654C2D8C464F6C4EB46C4543A
|
- &user_albert D98BBC6C9A27324654C2D8C464F6C4EB46C4543A
|
||||||
- &host-nixos-laptop ca375f85e93f5327eca3e0af996236957c887168
|
- &host_nixos-laptop ca375f85e93f5327eca3e0af996236957c887168
|
||||||
- &host-nixos-rpi4-01 b8313b59194b577cb5a0187bbfd686dae3a80e78
|
- &host_nixos-rpi4-01 b8313b59194b577cb5a0187bbfd686dae3a80e78
|
||||||
creation_rules:
|
creation_rules:
|
||||||
- path_regex: secrets/secrets.yaml
|
- path_regex: secrets/secrets.yaml
|
||||||
key_groups:
|
key_groups:
|
||||||
- pgp:
|
- pgp:
|
||||||
- *user-albert
|
- *user_albert
|
||||||
- *host-nixos-laptop
|
- *host_nixos-laptop
|
||||||
- *host-nixos-rpi4-01
|
- *host_nixos-rpi4-01
|
||||||
|
|
||||||
- path_regex: secrets/tailscale.yaml
|
- path_regex: secrets/tailscale.yaml
|
||||||
key_groups:
|
key_groups:
|
||||||
- pgp:
|
- pgp:
|
||||||
- *host-nixos-rpi4-01
|
- *host_nixos-rpi4-01
|
|
@ -116,7 +116,7 @@ Completed ToDo List [here](complete.md)
|
||||||
# GPG Keys
|
# GPG Keys
|
||||||
1. Import the user private key: `gpg --import gpg/users/albert/privkey.asc`
|
1. Import the user private key: `gpg --import gpg/users/albert/privkey.asc`
|
||||||
2. Mark it as trusted: `gpg --edit-key albert@sysctl.io`, then type `trust`, then `5`
|
2. Mark it as trusted: `gpg --edit-key albert@sysctl.io`, then type `trust`, then `5`
|
||||||
3. On each new machine, run `sudo nix-shell -p ssh-to-pgp --run "ssh-to-pgp -i /etc/ssh/ssh_host_rsa_key -o $(hostname).asc"`
|
3. On each new machine, run `sudo nix-shell -p ssh-to-pgp --run "ssh-to-pgp -i /etc/ssh/ssh_host_rsa_key -o /etc/nixos/git/keys/hosts/$(hostname).asc"`
|
||||||
* This will output the identifier you add to `.sops.yaml`
|
* This will output the identifier you add to `.sops.yaml`
|
||||||
* Move `HOSTNAME.asc` to `keys/hosts/` and upload to git and rename accordingly.
|
* Move `HOSTNAME.asc` to `keys/hosts/` and upload to git and rename accordingly.
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue