Blunkall-Technologies/Olympus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

test multiple keys

Browse Source
This commit is contained in:
Nathan
2025-08-23 11:03:20 -05:00
parent 12c5ef53a4
commit 8afcd43fac
2 changed files with 4 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
system-config/configuration/homebox/default.nix
View File

@@ -29,19 +29,9 @@
users.users."remote-builder" = lib.mkIf config.sysconfig.remoteBuildHost { users.users."remote-builder" = lib.mkIf config.sysconfig.remoteBuildHost {
isNormalUser = true; isNormalUser = true;
createHome = false; createHome = false;
/*openssh.authorizedKeys.keyFiles = [
config.sops.secrets."remoteBuildClientKeys/laptop".path
];*/
/*openssh.authorizedKeys.keyFiles = (builtins.map
(y: config.sops.secrets.${y}.path)
(builtins.partition
(x: (builtins.match "^remoteBuildClientKeys/.+" x) != null)
(builtins.attrNames config.sops.secrets)
).right
);*/
}; };
sops.templates."remote-builder" = { sops.templates."remote-builder" = lib.mkIf config.sysconfig.remoteBuildHost {
content = builtins.concatStringsSep ''''\n'' (builtins.map content = builtins.concatStringsSep ''''\n'' (builtins.map
(y: config.sops.placeholder.${y}) (y: config.sops.placeholder.${y})
(builtins.partition (builtins.partition
@@ -53,8 +43,6 @@
owner = "remote-builder"; owner = "remote-builder";
}; };
#environment.etc."ssh/authorized_keys.d/remote-builder" = {};
hardware = { hardware = {
graphics.enable = true; graphics.enable = true;

5
system-config/secrets.yaml
View File

@@ -1,5 +1,6 @@
remoteBuildClientKeys: remoteBuildClientKeys:
laptop: ENC[AES256_GCM,data:SZRAZ36nSueWVLcdvpgZpltp/aORqAObFWhgqtIrTYccoK/3F7l0J+VJzF51FASa6spbGJL2BSbzOygyal609pvJc9Hb9bIN85GMzV1P4lha62iC8dkuVLXezPU=,iv:veQJxL4QTxFg2UKm2+I3RQXyuwW2rXEV/gXIQ7nBtlY=,tag:9C9Ltzwz823yY029p9K41A==,type:str] laptop: ENC[AES256_GCM,data:SZRAZ36nSueWVLcdvpgZpltp/aORqAObFWhgqtIrTYccoK/3F7l0J+VJzF51FASa6spbGJL2BSbzOygyal609pvJc9Hb9bIN85GMzV1P4lha62iC8dkuVLXezPU=,iv:veQJxL4QTxFg2UKm2+I3RQXyuwW2rXEV/gXIQ7nBtlY=,tag:9C9Ltzwz823yY029p9K41A==,type:str]
test: ENC[AES256_GCM,data:cdn1f4IqW9SLyB82Y0+RHxes8aVSWFZ5PiAGXDq9JvFmnrb8srHE+eP2+KCs5s6g7HcyLvf7ssVYkBKiV6DHkDPabRUNSrDLDZc1+N1TUAmmHAl5cObw8DPLKdGEsA==,iv:rikXbI8PRtbK6v7tB96Eiia35ex6p/HB7iUMWLe5SAU=,tag:1zfF2XBRt57jNQ0eL9JwaA==,type:str]
sops: sops:
age: age:
- recipient: age1yqgyp2uxz4lzrc9f9ka0mfjl5fr6ahf8nf24nlmran2wulg6fpvq9hyp9q - recipient: age1yqgyp2uxz4lzrc9f9ka0mfjl5fr6ahf8nf24nlmran2wulg6fpvq9hyp9q
@@ -20,7 +21,7 @@ sops:
S2UxVDJXd2J6NkJYUDVGMnR3VDhqRzQKCj/uuR0vRNjhDpr6D0nRhyxOkBRm6Ruq S2UxVDJXd2J6NkJYUDVGMnR3VDhqRzQKCj/uuR0vRNjhDpr6D0nRhyxOkBRm6Ruq
0HOgp2xkNH+q/KEhB1s/hRSae7lNKKi0T35xFPb46DMPkJSFUNdpPw== 0HOgp2xkNH+q/KEhB1s/hRSae7lNKKi0T35xFPb46DMPkJSFUNdpPw==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2025-08-23T03:42:30Z" lastmodified: "2025-08-23T16:03:13Z"
mac: ENC[AES256_GCM,data:+q0EeH0W+1Suu6/DDD4Br83RZ4wzWtsh+1BJrrQ1GBdFV55hjQoKigUVqPZMgjIZ2PIYOnKt9IjZhOdA/m5MY7N1Qdj/cPjzLRKM6JxjJEfaSW5EAp2cSC8vVp2zISsSEUh04zvv4Tiwjmzx2urdLHzOd/SK1upvDKNgAQfcDqQ=,iv:cJRH8JaHPex1I+ar9MC6PSwifRITPTr9+Ka7DCOHcaI=,tag:jpyC55iOI2KVHlnGzEpFNg==,type:str] mac: ENC[AES256_GCM,data:3V/90vYg149eNs1OElXGfeI8LDMSoH8xVEw3jaEkrdaGPeyNCvsB/F94xtmNTZoatXHqde4nf8d7lcWhhXzqctuWHtn9IzA5lNDv5/mi8xrA7QbSFuMwKJ4SnX6lFVCPPb1WlbHrRhO46h/rOeaAry+g7OjiegYb8yu0YbF4iBE=,iv:z9prZBaIDZyl08qFOF7yOghuzzVPbJaJuxyW2xmHuvE=,tag:IhE5+tj5GowSw3uCEXu0uw==,type:str]
unencrypted_suffix: _unencrypted unencrypted_suffix: _unencrypted
version: 3.10.2 version: 3.10.2