Allow backblaze secrets to be accessed by lime

This commit is contained in:
Riley Apeldoorn 2023-06-17 13:24:54 +02:00
parent 3cef5b6f97
commit 03369e88a8
5 changed files with 14 additions and 35 deletions

Binary file not shown.

View file

@ -2,10 +2,15 @@ let strawberry = [
(builtins.readFile ./system/strawberry/keys/riley.pub) (builtins.readFile ./system/strawberry/keys/riley.pub)
(builtins.readFile ./system/strawberry/keys/root.pub) (builtins.readFile ./system/strawberry/keys/root.pub)
]; ];
lime = [
(builtins.readFile ./system/lime/keys/riley.pub)
(builtins.readFile ./system/lime/keys/root.pub)
];
dev-lt-63 = [ dev-lt-63 = [
(builtins.readFile ./system/dev-lt-63/keys/riley.pub) (builtins.readFile ./system/dev-lt-63/keys/riley.pub)
]; ];
all = strawberry ++ lime ++ dev-lt-63;
in { in {
# Secrets for backup cloud storage provider # Secrets for backup cloud storage provider
"secret/backblaze.age".publicKeys = strawberry ++ dev-lt-63; "secret/backblaze.age".publicKeys = all;
} }

View file

@ -1,33 +0,0 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ config, pkgs, ... }:
{
imports =
[ # Include the results of the hardware scan.
./hardware-configuration.nix
];
# Use the systemd-boot EFI boot loader.
# services.xserver.enable = true;
# services.xserver.desktopManager.lxqt.enable = true;
# services.xserver.displayManager.gdm.enable = true;
programs.firefox.enable = true;
networking.hostName = "lime";
networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
# Set your time zone.
time.timeZone = "Europe/Amsterdam";
# Enable touchpad support (enabled default in most desktopManager).
services.xserver.libinput.enable = true;
system.stateVersion = "22.11"; # Did you read the comment?
programs.git.enable = true;
nix.settings.experimental-features = ["nix-command" "flakes"];
}

View file

@ -1,12 +1,18 @@
{ lib, modulesPath, ... }: { { lib, modulesPath, ... }: {
imports = [./hardware-configuration.nix ./configuration.nix]; imports = [./hardware-configuration.nix];
custom = { custom = {
gui.enable = true; gui.enable = true;
backups.enable = true; backups.enable = true;
}; };
networking.hostName = "lime";
networking.networkmanager.enable = true;
system.stateVersion = "22.11";
services.xserver.libinput.enable = true;
home-manager.users."riley".home.stateVersion = "22.11"; home-manager.users."riley".home.stateVersion = "22.11";
} }

View file

@ -0,0 +1 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOF9N5hsJEdm/jBxAGjQdQg7s/EFheZJK3KHyNkt5uFc root@lime