Allow backblaze secrets to be accessed by lime

2023-06-17 13:24:54 +02:00 · 2023-06-17 13:24:54 +02:00 · 03369e88a8
commit 03369e88a8
parent 3cef5b6f97
5 changed files with 14 additions and 35 deletions
--- a/secret/backblaze.age
+++ b/secret/backblaze.age
--- a/secrets.nix
+++ b/secrets.nix
@ -2,10 +2,15 @@ let strawberry = [
      (builtins.readFile ./system/strawberry/keys/riley.pub)
      (builtins.readFile ./system/strawberry/keys/root.pub)
    ];
+    lime = [
+      (builtins.readFile ./system/lime/keys/riley.pub)
+      (builtins.readFile ./system/lime/keys/root.pub)
+    ];
    dev-lt-63 = [
      (builtins.readFile ./system/dev-lt-63/keys/riley.pub)
    ];
+    all = strawberry ++ lime ++ dev-lt-63;
 in {
  # Secrets for backup cloud storage provider
-  "secret/backblaze.age".publicKeys = strawberry ++ dev-lt-63;
+  "secret/backblaze.age".publicKeys = all;
 }
--- a/system/lime/configuration.nix
+++ b/system/lime/configuration.nix
@ -1,33 +0,0 @@
-# Edit this configuration file to define what should be installed on
-# your system.  Help is available in the configuration.nix(5) man page
-# and in the NixOS manual (accessible by running ‘nixos-help’).
-
-{ config, pkgs, ... }:
-
-{
-  imports =
-    [ # Include the results of the hardware scan.
-      ./hardware-configuration.nix
-    ];
-
-  # Use the systemd-boot EFI boot loader.
-  # services.xserver.enable = true;
-  # services.xserver.desktopManager.lxqt.enable = true;
-  # services.xserver.displayManager.gdm.enable = true;
-  programs.firefox.enable = true;
-  
-  networking.hostName = "lime";
-  networking.networkmanager.enable = true;  # Easiest to use and most distros use this by default.
-
-  # Set your time zone.
-  time.timeZone = "Europe/Amsterdam";
-
-
-  # Enable touchpad support (enabled default in most desktopManager).
-  services.xserver.libinput.enable = true;
-
-  system.stateVersion = "22.11"; # Did you read the comment?
-
-  programs.git.enable = true;
-  nix.settings.experimental-features = ["nix-command" "flakes"];
-}
--- a/system/lime/core.nix
+++ b/system/lime/core.nix
@ -1,12 +1,18 @@
 { lib, modulesPath, ... }: {

-  imports = [./hardware-configuration.nix ./configuration.nix];
+  imports = [./hardware-configuration.nix];

  custom = {
    gui.enable = true;
    backups.enable = true;
  };

+  networking.hostName = "lime";
+  networking.networkmanager.enable = true;
+
+  system.stateVersion = "22.11";
+  services.xserver.libinput.enable = true;
+
  home-manager.users."riley".home.stateVersion = "22.11";

 }
--- a/system/lime/keys/root.pub
+++ b/system/lime/keys/root.pub
@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOF9N5hsJEdm/jBxAGjQdQg7s/EFheZJK3KHyNkt5uFc root@lime
				`@ -0,0 +1 @@`
				`ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOF9N5hsJEdm/jBxAGjQdQg7s/EFheZJK3KHyNkt5uFc root@lime`