Git/Nixconfigs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Ren key

Browse source
This commit is contained in:
Maxiem Geldhof 2025-10-31 16:45:14 +01:00
parent 731583bcd5
commit 5b151e7327
13 changed files with 48 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

BIN
keys/hetzner.priv
View file

Binary file not shown.

BIN
keys/macbook.priv
View file

Binary file not shown.

BIN
keys/master.priv
View file

Binary file not shown.

BIN
keys/ren.priv Normal file
View file

Binary file not shown.

1
keys/ren.pub Normal file
View file

@ -0,0 +1 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIM1gLSFZSVq+5s58+pymRJY+QOWHm6SZvvhY93YDm5k ren@me.com

4
keys/secrets.nix
View file

@ -2,6 +2,7 @@ let
selene = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBEiuoUbvgZ2N03MTcWw4z+oUB9SG0jR0fy5AnTTBHym" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKcfmaqbtwSEydV2hge/aDWxfwlKOw/JJZZWy8ycjojH" ]; selene = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBEiuoUbvgZ2N03MTcWw4z+oUB9SG0jR0fy5AnTTBHym" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKcfmaqbtwSEydV2hge/aDWxfwlKOw/JJZZWy8ycjojH" ];
macbook = [ (builtins.readFile ./macbook.pub) ]; macbook = [ (builtins.readFile ./macbook.pub) ];
master = [ (builtins.readFile ./master.pub) ]; master = [ (builtins.readFile ./master.pub) ];
ren = [ (builtins.readFile ./ren.pub) ];
in in
{ {
"jellyfin-key".publicKeys = selene; "jellyfin-key".publicKeys = selene;
@ -10,6 +11,7 @@ in
"master.priv".publicKeys = macbook ++ master; "master.priv".publicKeys = macbook ++ master;
"wg-selene".publicKeys = macbook ++ selene ++ master; "wg-selene".publicKeys = macbook ++ selene ++ master;
"wg-macbook".publicKeys = macbook ++ master; "wg-macbook".publicKeys = macbook ++ master;
"hetzner.priv".publicKeys = macbook ++ selene ++ master; "hetzner.priv".publicKeys = macbook ++ selene ++ master ++ ren;
"wg-ren".publicKeys = macbook++master; "wg-ren".publicKeys = macbook++master;
"ren.priv".publicKeys = master ++ ren;
} }

13
keys/wg-macbook
View file

@ -1,7 +1,8 @@
age-encryption.org/v1 age-encryption.org/v1
-> ssh-ed25519 M7OTMg PyrVB10SxQZdhrwusKh+m6944Nj5vqBL6qGum8qK4Qg -> ssh-ed25519 M7OTMg f7fgG3DiQpjnDRSEUjSinuqgLATaK7QRN59bSimH1EU
huIr2n2ciTqu11o6ApcCoVMstQ9b3XoRfgAtU79wdnY 9sKf6eQVwqVBrB553zCHwFs0uyQGRpIJkBZ0AyXPFC4
-> ssh-ed25519 CJLJQg 2O7UQVLdlMJZzt5TOo5EYpfWjKAnNLJ6OQY+xRTp2go -> ssh-ed25519 CJLJQg +b+cRU3irwvMnqVBWBIV4GoRyEy+Lg3LHUxZ/httTDo
TonYGAfBSeUpSHl+jHSG2qO9kWseAxfog1oWeGFWc5s uBlqCHMXyf1Um+W6y1Bh9pY0osqdeTgFQGuR6eSHQP4
--- Hh8KEiQFjdy2xYqcBX4L6XSp4GPpO29tSPrfpnZlv5o --- Ft1Ii2eVy0h8X6h7ABOW6ryT4ctxg9jS8utA7s52bBA
Ó?À¤ÿ‡$‡ÜJΦŸßÑ^¦wNvŠŽÍ*#å4„+=â·Á[ltÒQF™6Õ-Æwiy. Ú¢8¡iýýÒž'.H,a£ zÅÙÈ0¿yžÀWÏ¥4Í°ö^|
M<EFBFBD>æüuRtLµA†:µê¨ó„*ö<>œËÈh2†ìSζèkå’¬ì&è må1

7
keys/wg-ren Normal file
View file

@ -0,0 +1,7 @@
age-encryption.org/v1
-> ssh-ed25519 M7OTMg QdJds7EpXMyyO9aKmqQg3HWmY6RQbzkQxRQw+K9fn14
/SlvfJAOmCqYvIOZm/ZSynAIWSC+2dAvPpa+5Me6I8k
-> ssh-ed25519 CJLJQg MqNRTuwFcRdZ5VFbcgXQwjRxMAHLJEdUKLuXFPtkRVc
qRaaJzGRPiW2doetErhhUKwUXitvsQ5CGl2QzGK44Ss
--- fCQGYqP7qr+S1tzDeyce5Bn4iWsXq+kIe/ojPNj0LVA
¹4µZŽÁ“Çi"Õž3ÄÞW+ï9ç8Íßž=¼<>Œ¿u°ÃnBÚÂy]@[X[]² X—„Ã5ªîÌœðîö¢íÄz°lÊ@

1
keys/wg-ren.pub Normal file
View file

@ -0,0 +1 @@
wvTFERFXOPcgziLtLtfF3LGv5zmBWikCy/yLRwSuxWA=

BIN
keys/wg-selene
View file

Binary file not shown.

22
systems/ren/hardware.nix
View file

@ -6,9 +6,25 @@
efiInstallAsRemovable = true; efiInstallAsRemovable = true;
device = "nodev"; device = "nodev";
}; };
fileSystems."/boot" = { device = "/dev/disk/by-uuid/0683-2D32"; fsType = "vfat"; }; fileSystems."/boot" = {
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi" ]; device = "/dev/disk/by-uuid/0683-2D32";
fsType = "vfat";
};
boot.initrd.availableKernelModules = [
"ata_piix"
"uhci_hcd"
"xen_blkfront"
"vmw_pvscsi"
];
boot.initrd.kernelModules = [ "nvme" ]; boot.initrd.kernelModules = [ "nvme" ];
fileSystems."/" = { device = "/dev/sda1"; fsType = "ext4"; }; fileSystems."/" = {
device = "/dev/sda1";
fsType = "ext4";
};
system.stateVersion = "23.11"; system.stateVersion = "23.11";
nix.settings.experimental-features = [
"nix-command"
"flakes"
];
} }

6
systems/ren/system.nix
View file

@ -23,6 +23,12 @@ nixpkgs.lib.nixosSystem {
networking.hostName = "Ren"; networking.hostName = "Ren";
networking.domain = ""; networking.domain = "";
services.openssh.enable = true; services.openssh.enable = true;
networking.firewall = {
enable = true;
allowedTCPPorts = [
22
];
};
} }
./users.nix ./users.nix
./hardware.nix ./hardware.nix

6
systems/ren/users.nix
View file

@ -21,6 +21,8 @@
}; };
users.users.root.openssh.authorizedKeys.keys = [ users.users.root.openssh.authorizedKeys.keys = [
(builtins.readFile ../../keys/hetzner.pub) (builtins.readFile ../../keys/hetzner.pub)
]; ];
age.identityPaths = [ "/home/ren/.ssh/id_ed25519" ];
} }