From 6678e768a08e993c586756ad1815a5fcf1f520b6 Mon Sep 17 00:00:00 2001 From: Vincent Ambo Date: Fri, 16 Jun 2023 16:08:26 +0300 Subject: feat(tazjin/secrets): initialise secrets management for my machines Change-Id: I93ad61f3e6e4a4a2185448ad128fa6836c81ab26 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8825 Reviewed-by: tazjin Tested-by: BuildkiteCI --- users/tazjin/secrets/default.nix | 3 +++ users/tazjin/secrets/secrets.nix | 13 +++++++++++++ users/tazjin/secrets/tgsa-yandex.age | Bin 0 -> 4838 bytes 3 files changed, 16 insertions(+) create mode 100644 users/tazjin/secrets/default.nix create mode 100644 users/tazjin/secrets/secrets.nix create mode 100644 users/tazjin/secrets/tgsa-yandex.age diff --git a/users/tazjin/secrets/default.nix b/users/tazjin/secrets/default.nix new file mode 100644 index 000000000000..5550103c5a66 --- /dev/null +++ b/users/tazjin/secrets/default.nix @@ -0,0 +1,3 @@ +{ depot, ... }: + +depot.ops.secrets.mkSecrets ./. (import ./secrets.nix) diff --git a/users/tazjin/secrets/secrets.nix b/users/tazjin/secrets/secrets.nix new file mode 100644 index 000000000000..d6f86decc5dd --- /dev/null +++ b/users/tazjin/secrets/secrets.nix @@ -0,0 +1,13 @@ +let + myKeys = import ../keys { }; + allKeys = [ + # local keys + myKeys.tverskoy_ed25519 + myKeys.zamalek_ed25519 + # koptevo + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMw2ZfdNZCXCOtbQNT6hztXCIkTcO9MBrOuDqMlmGOYK root@koptevo" + ]; +in +{ + "tgsa-yandex.age".publicKeys = allKeys; +} diff --git a/users/tazjin/secrets/tgsa-yandex.age b/users/tazjin/secrets/tgsa-yandex.age new file mode 100644 index 000000000000..39fe638346ef Binary files /dev/null and b/users/tazjin/secrets/tgsa-yandex.age differ -- cgit 1.4.1