From 0ccb9c51b2fda1c42a349ba8ef6afc748612345f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christopher=20M=C3=BChl?= Date: Mon, 5 Jan 2026 12:08:42 +0100 Subject: [PATCH] Rename secrets --- configurations/nixos/aepplet/default.nix | 18 ++-- configurations/nixos/aepplet/disko.nix | 60 +++++++------- configurations/nixos/endurance/default.nix | 26 ++---- configurations/nixos/endurance/disko.nix | 7 +- configurations/nixos/endurance/metrics.nix | 2 + configurations/nixos/endurance/musnix.nix | 12 +++ flake.nix | 3 +- modules/common/secrets.nix | 40 --------- modules/flake/default.nix | 1 + modules/flake/hosts.nix | 22 ++++- modules/flake/lib/default.nix | 11 +++ modules/flake/lib/secrets.nix | 10 +++ modules/generic/default.nix | 6 ++ modules/generic/profiles.nix | 10 +++ modules/generic/secrets.nix | 78 ++++++++++++++++++ modules/home/default.nix | 5 ++ modules/home/secrets.nix | 37 +++++++++ modules/home/secrets/default.nix | 40 --------- modules/nixos/common/default.nix | 6 -- modules/nixos/default.nix | 7 ++ .../{common/core/default.nix => system.nix} | 0 modules/nixos/{common/core => }/users.nix | 18 ++-- ...67d54391802a4b064f0911c99-tophPassword.age | Bin 0 -> 279 bytes ...805e2ef82d8fc5a-victoriametricsEnvFile.age | Bin 440 -> 487 bytes ...67d54391802a4b064f0911c99-tophPassword.age | 8 ++ ...805e2ef82d8fc5a-victoriametricsEnvFile.age | 10 +++ ...af0474074a50285a177aacd7ec0f-id_ethnuc.age | Bin ...edfa8d6e97a197d3e5df42c92e-id_hausgold.age | Bin ...0824166a3a9a50bd2dbd4cef01b-id_rhenium.age | Bin ...45057167f14101ddcdbcb-id_homeassistant.age | Bin ...80f7a6e57f6cc276f6fae690-repoUpdatePAT.age | 0 ...ff2b9a3226656619c81e4c47-emailPassword.age | 0 ...36fcc3c1ce07d32b54d70f80ef-id_europium.age | Bin ...325b86283f0a1572f2817924fea4-id_github.age | Bin ...cb82593014313ac12faa7a33834a1aa-config.age | Bin ...f163a86f52bfaee9d516fee4b00a5111-npmrc.age | 0 secrets/toph-password.age | 10 +++ 37 files changed, 282 insertions(+), 165 deletions(-) create mode 100644 configurations/nixos/endurance/musnix.nix delete mode 100644 modules/common/secrets.nix create mode 100644 modules/flake/lib/default.nix create mode 100644 modules/flake/lib/secrets.nix create mode 100644 modules/generic/default.nix create mode 100644 modules/generic/profiles.nix create mode 100644 modules/generic/secrets.nix create mode 100644 modules/home/default.nix create mode 100644 modules/home/secrets.nix delete mode 100644 modules/home/secrets/default.nix delete mode 100644 modules/nixos/common/default.nix create mode 100644 modules/nixos/default.nix rename modules/nixos/{common/core/default.nix => system.nix} (100%) rename modules/nixos/{common/core => }/users.nix (61%) create mode 100644 secrets/rekeyed/aepplet/a833fa567d54391802a4b064f0911c99-tophPassword.age create mode 100644 secrets/rekeyed/cobalt/a833fa567d54391802a4b064f0911c99-tophPassword.age create mode 100644 secrets/rekeyed/endurance/744ad1a7e324b40d0805e2ef82d8fc5a-victoriametricsEnvFile.age rename secrets/rekeyed/{christopher_cobalt => toph_endurance}/0abeaf0474074a50285a177aacd7ec0f-id_ethnuc.age (100%) rename secrets/rekeyed/{christopher_cobalt => toph_endurance}/0f948eedfa8d6e97a197d3e5df42c92e-id_hausgold.age (100%) rename secrets/rekeyed/{christopher_cobalt => toph_endurance}/1944c0824166a3a9a50bd2dbd4cef01b-id_rhenium.age (100%) rename secrets/rekeyed/{christopher_cobalt => toph_endurance}/241c114c18645057167f14101ddcdbcb-id_homeassistant.age (100%) rename secrets/rekeyed/{christopher_cobalt => toph_endurance}/68a44c5680f7a6e57f6cc276f6fae690-repoUpdatePAT.age (100%) rename secrets/rekeyed/{christopher_cobalt => toph_endurance}/a3984008ff2b9a3226656619c81e4c47-emailPassword.age (100%) rename secrets/rekeyed/{christopher_cobalt => toph_endurance}/bf37e236fcc3c1ce07d32b54d70f80ef-id_europium.age (100%) rename secrets/rekeyed/{christopher_cobalt => toph_endurance}/d5d9325b86283f0a1572f2817924fea4-id_github.age (100%) rename secrets/rekeyed/{christopher_cobalt => toph_endurance}/dcb82593014313ac12faa7a33834a1aa-config.age (100%) rename secrets/rekeyed/{christopher_cobalt => toph_endurance}/f163a86f52bfaee9d516fee4b00a5111-npmrc.age (100%) create mode 100644 secrets/toph-password.age diff --git a/configurations/nixos/aepplet/default.nix b/configurations/nixos/aepplet/default.nix index 47a12c5..87ed67b 100644 --- a/configurations/nixos/aepplet/default.nix +++ b/configurations/nixos/aepplet/default.nix @@ -1,26 +1,18 @@ -# ++ 80_Hg: Mercury -# -# Minimal environment for a workbase VirtualBox on macOS { lib, pkgs, inputs, ... -}: -with lib._elements; { +}: { imports = [ ./hardware.nix ./disko.nix ]; - elements = { - hostname = "mercury"; - users = ["christopher"]; - quirks = ["avahi" "docker"]; + bosun = { + # quirks = ["avahi" "docker"]; - secrets = { - key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPjqieS4GkYAa1WRYZpxjgYsj7VGZ9U+rTFCkX8M0umD"; - }; + key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPjqieS4GkYAa1WRYZpxjgYsj7VGZ9U+rTFCkX8M0umD"; }; system.stateVersion = "24.11"; @@ -46,7 +38,7 @@ with lib._elements; { disko.devices.disk.main.device = "/dev/sda"; boot.loader.grub.enable = true; - networking.hostName = "mercury"; + networking.hostName = "aepplet"; time.timeZone = "Europe/Berlin"; environment.systemPackages = with pkgs; [ diff --git a/configurations/nixos/aepplet/disko.nix b/configurations/nixos/aepplet/disko.nix index 660b17c..96008d2 100644 --- a/configurations/nixos/aepplet/disko.nix +++ b/configurations/nixos/aepplet/disko.nix @@ -1,33 +1,33 @@ -{ - disko.devices = { - disk = { - main = { - type = "disk"; - content = { - type = "gpt"; - partitions = { - boot = { - size = "1M"; - type = "EF02"; # for grub MBR - }; - ESP = { - size = "1G"; - type = "EF00"; - content = { - type = "filesystem"; - format = "vfat"; - mountpoint = "/boot"; - mountOptions = ["umask=0077"]; - }; - }; - root = { - size = "100%"; - content = { - type = "filesystem"; - format = "ext4"; - mountpoint = "/"; - }; - }; +{inputs, ...}: { + imports = [ + inputs.disko.nixosModules.default + ]; + + disko.devices.disk.main = { + type = "disk"; + content = { + type = "gpt"; + partitions = { + boot = { + size = "1M"; + type = "EF02"; # for grub MBR + }; + ESP = { + size = "1G"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + mountOptions = ["umask=0077"]; + }; + }; + root = { + size = "100%"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/"; }; }; }; diff --git a/configurations/nixos/endurance/default.nix b/configurations/nixos/endurance/default.nix index 9b7faca..38e8a48 100644 --- a/configurations/nixos/endurance/default.nix +++ b/configurations/nixos/endurance/default.nix @@ -7,34 +7,18 @@ config, inputs, ... -}: -with lib._elements; { +}: { imports = [ inputs.flatpak.nixosModules.nix-flatpak ./hardware.nix ./disko.nix ./metrics.nix + ./musnix.nix ]; - elements = { - hostname = "cobalt"; - users = ["christopher"]; - quirks = ["avahi" "docker" "nix-ld"]; - wm = enabled; - - secrets = { - key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPjqieS4GkYAa1WRYZpxjgYsj7VGZ9U+rTFCkX8M0umD"; - - needs.victoriametricsEnvFile.rekeyFile = "victoria.env.age"; - }; - }; - - # Set the default drive - disko.devices.disk.main.device = "/dev/nvme1n1"; - - musnix = { - enable = true; - rtcqs.enable = true; + bosun = { + #quirks = ["avahi" "docker" "nix-ld"]; + key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPjqieS4GkYAa1WRYZpxjgYsj7VGZ9U+rTFCkX8M0umD"; }; qt = { diff --git a/configurations/nixos/endurance/disko.nix b/configurations/nixos/endurance/disko.nix index 9354fa9..dee2e31 100644 --- a/configurations/nixos/endurance/disko.nix +++ b/configurations/nixos/endurance/disko.nix @@ -1,8 +1,13 @@ -{ +{inputs, ...}: { + imports = [ + inputs.disko.nixosModules.disko + ]; + disko.devices = { disk = { main = { type = "disk"; + device = "/dev/nvme1n1"; content = { type = "gpt"; partitions = { diff --git a/configurations/nixos/endurance/metrics.nix b/configurations/nixos/endurance/metrics.nix index 95bfa87..6f2cf2a 100644 --- a/configurations/nixos/endurance/metrics.nix +++ b/configurations/nixos/endurance/metrics.nix @@ -4,6 +4,8 @@ pkgs, ... }: { + bosun.secrets.victoriametricsEnvFile = "victoria.env.age"; + services = { telegraf = { enable = true; diff --git a/configurations/nixos/endurance/musnix.nix b/configurations/nixos/endurance/musnix.nix new file mode 100644 index 0000000..04bbeb3 --- /dev/null +++ b/configurations/nixos/endurance/musnix.nix @@ -0,0 +1,12 @@ +{inputs, ...}: { + imports = [ + inputs.musnix.nixosModules.default + ]; + + musnix = { + enable = true; + rtcqs.enable = true; + }; + + users.users.toph.extraGroups = ["audio"]; +} diff --git a/flake.nix b/flake.nix index 4e63392..75c459d 100644 --- a/flake.nix +++ b/flake.nix @@ -78,8 +78,7 @@ ... }: { imports = [ - inputs.agenix-rekey.flakeModule - inputs.disko.flakeModules.default + inputs.agenix-rekey.flakeModules.default inputs.home-manager.flakeModules.home-manager ./modules/flake ]; diff --git a/modules/common/secrets.nix b/modules/common/secrets.nix deleted file mode 100644 index 2640abc..0000000 --- a/modules/common/secrets.nix +++ /dev/null @@ -1,40 +0,0 @@ -# All hosts automatically include this module. This also means that it is necessary for -# every host to specify the option `elements.secrets.key = "key";`. -{ - config, - system, - inputs, - pkgs, - lib, - ... -}: -with lib; let - cfg = config.elements.secrets; -in { - options = { - elements.secrets = { - rekeyPath = mkOption { - type = types.str; - default = config.elements.hostname; - }; - - key = mkOption { - type = types.str; - }; - - needs = mkOption { - type = types.attrsOf (types.either types.str types.attrs); - default = {}; - }; - }; - }; - - config = { - environment.systemPackages = [ - pkgs.age-plugin-yubikey - inputs.agenix-rekey.packages.${system}.default - ]; - - age = lib._elements.agenixRekeyConfig inputs.self cfg; - }; -} diff --git a/modules/flake/default.nix b/modules/flake/default.nix index dd20145..e0f2e47 100644 --- a/modules/flake/default.nix +++ b/modules/flake/default.nix @@ -3,5 +3,6 @@ ./hosts.nix ./args.nix ./formatter.nix + ./lib ]; } diff --git a/modules/flake/hosts.nix b/modules/flake/hosts.nix index 8708955..7238a26 100644 --- a/modules/flake/hosts.nix +++ b/modules/flake/hosts.nix @@ -6,15 +6,31 @@ imports = [inputs.easy-hosts.flakeModule]; config.easy-hosts = { + shared.modules = [ + ../generic/default.nix + ]; + + perClass = class: { + modules = [ + "${self}/modules/${class}/default.nix" + ]; + }; + hosts = { - endurance = {}; + endurance = { + path = ../../configurations/nixos/endurance; + class = "nixos"; + }; vasa = { - arch = "aarch64"; + path = ../../configurations/darwin/vasa; class = "darwin"; }; - aepplet = {}; + aepplet = { + path = ../../configurations/nixos/aepplet; + class = "nixos"; + }; }; }; } diff --git a/modules/flake/lib/default.nix b/modules/flake/lib/default.nix new file mode 100644 index 0000000..c9caaa6 --- /dev/null +++ b/modules/flake/lib/default.nix @@ -0,0 +1,11 @@ +{ + lib, + inputs, + ... +}: { + flake.lib = lib.fixedPoints.makeExtensible (final: { + secrets = import ./secrets.nix {inherit inputs lib;}; + + inherit (final.secrets) mkSecret; + }); +} diff --git a/modules/flake/lib/secrets.nix b/modules/flake/lib/secrets.nix new file mode 100644 index 0000000..e94a613 --- /dev/null +++ b/modules/flake/lib/secrets.nix @@ -0,0 +1,10 @@ +{ + inputs, + lib, + ... +}: let + inherit (inputs) self; +in { + mkSecret = config: { + }; +} diff --git a/modules/generic/default.nix b/modules/generic/default.nix new file mode 100644 index 0000000..9ac6ed1 --- /dev/null +++ b/modules/generic/default.nix @@ -0,0 +1,6 @@ +{ + imports = [ + ./profiles.nix + ./secrets.nix + ]; +} diff --git a/modules/generic/profiles.nix b/modules/generic/profiles.nix new file mode 100644 index 0000000..08775f4 --- /dev/null +++ b/modules/generic/profiles.nix @@ -0,0 +1,10 @@ +{lib, ...}: let + inherit (lib) mkEnableOption; +in { + options.bosun.profiles = { + graphical.enable = mkEnableOption "Graphical interface"; + headless.enable = mkEnableOption "Headless"; + workstation.enable = mkEnableOption "Workstation"; + server.enable = mkEnableOption "Server"; + }; +} diff --git a/modules/generic/secrets.nix b/modules/generic/secrets.nix new file mode 100644 index 0000000..b43130e --- /dev/null +++ b/modules/generic/secrets.nix @@ -0,0 +1,78 @@ +{ + config, + system, + inputs, + pkgs, + lib, + self, + ... +}: +with lib; let + cfg = config.bosun; +in { + imports = [ + inputs.agenix.nixosModules.default + inputs.agenix-rekey.nixosModules.default + + # inputs.agenix.homeManagerModules.default + ]; + + options.bosun = { + rekeyPath = mkOption { + type = types.str; + default = config.networking.hostName; + }; + + key = mkOption { + type = types.str; + }; + + secrets = mkOption { + type = types.attrsOf (types.either types.str types.attrs); + default = {}; + }; + }; + + # TODO: Make this work for both home manager and nixos + config = { + environment.systemPackages = [ + pkgs.age-plugin-yubikey + inputs.agenix-rekey.packages.${system}.default + ]; + + age = { + # general host setup + rekey = { + hostPubkey = cfg.key; + + # See https://github.com/oddlama/agenix-rekey?tab=readme-ov-file#local + # for potential effects of this decision. + storageMode = "local"; + localStorageDir = self + "/secrets/rekeyed/${cfg.rekeyPath}"; + + # Used to decrypt stored secrets for rekeying. + masterIdentities = [ + (self + "/secrets/keys/master-identity.pub") + ]; + + # Keys that will always be encrypted for. These act as backup keys in + # case the master identities are somehow lost. + extraEncryptionPubkeys = [ + "age1zd8wxnmgf04qcan9cvs0736valy8407f497fw9j0auwf072yadzqqdqsj9" + ]; + }; + + # map all simplified secrets from `config.bosun.secrets` to their + # respective `config.age.secrets` mapping + secrets = + lib.attrsets.mapAttrs ( + name: secret: ( + if builtins.isString secret + then {rekeyFile = self + "/secrets/${secret}";} + else secret // {rekeyFile = self + "/secrets/${secret.rekeyFile}";} + ) + ) + cfg.secrets; + }; + }; +} diff --git a/modules/home/default.nix b/modules/home/default.nix new file mode 100644 index 0000000..18a6af3 --- /dev/null +++ b/modules/home/default.nix @@ -0,0 +1,5 @@ +{ + imports = [ + ./secrets.nix + ]; +} diff --git a/modules/home/secrets.nix b/modules/home/secrets.nix new file mode 100644 index 0000000..53317b3 --- /dev/null +++ b/modules/home/secrets.nix @@ -0,0 +1,37 @@ +{ + inputs, + lib, + config, + ... +}: +with lib; let + cfg = config.bosun; +in { + imports = [ + inputs.agenix.homeManagerModules.default + # inputs.agenix-rekey.homeManagerModules.default + ]; + + options.bosun = { + rekeyPath = mkOption { + type = types.str; + }; + + key = mkOption { + type = types.str; + }; + + secrets = mkOption { + type = types.attrsOf (types.either types.str types.attrs); + default = {}; + }; + }; + + config.age = + (lib.bosun.mkAgenixConfig inputs.self cfg) + // { + identityPaths = ["${config.home.homeDirectory}/.ssh/key"]; + secretsDir = "${config.home.homeDirectory}/.local/share/agenix/agenix"; + secretsMountPoint = "${config.home.homeDirectory}/.local/share/agenix/agenix.d"; + }; +} diff --git a/modules/home/secrets/default.nix b/modules/home/secrets/default.nix deleted file mode 100644 index a678484..0000000 --- a/modules/home/secrets/default.nix +++ /dev/null @@ -1,40 +0,0 @@ -{ - pkgs, - inputs, - lib, - config, - ... -}: -with lib; let - cfg = config.elements.secrets; -in { - imports = [ - inputs.agenix.homeManagerModules.default - inputs.agenix-rekey.homeManagerModules.default - ]; - - options = { - elements.secrets = { - rekeyPath = mkOption { - type = types.str; - }; - - key = mkOption { - type = types.str; - }; - - needs = mkOption { - type = types.attrsOf (types.either types.str types.attrs); - default = {}; - }; - }; - }; - - config.age = - (lib._elements.agenixRekeyConfig inputs.self cfg) - // { - identityPaths = ["${config.home.homeDirectory}/.ssh/key"]; - secretsDir = "${config.home.homeDirectory}/.local/share/agenix/agenix"; - secretsMountPoint = "${config.home.homeDirectory}/.local/share/agenix/agenix.d"; - }; -} diff --git a/modules/nixos/common/default.nix b/modules/nixos/common/default.nix deleted file mode 100644 index 8a49643..0000000 --- a/modules/nixos/common/default.nix +++ /dev/null @@ -1,6 +0,0 @@ -{...}: { - imports = [ - ./core - ./core/users.nix - ]; -} diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix new file mode 100644 index 0000000..55be4b3 --- /dev/null +++ b/modules/nixos/default.nix @@ -0,0 +1,7 @@ +{ + imports = [ + ./services + ./system.nix + ./users.nix + ]; +} diff --git a/modules/nixos/common/core/default.nix b/modules/nixos/system.nix similarity index 100% rename from modules/nixos/common/core/default.nix rename to modules/nixos/system.nix diff --git a/modules/nixos/common/core/users.nix b/modules/nixos/users.nix similarity index 61% rename from modules/nixos/common/core/users.nix rename to modules/nixos/users.nix index 8180b92..25bc853 100644 --- a/modules/nixos/common/core/users.nix +++ b/modules/nixos/users.nix @@ -18,18 +18,17 @@ in }; }; - config = let - mkIfUser = name: mkIf (elem name cfg.users); - #secretFor = name: file: mkIfUser name {rekeyFile = ./../../../.. + "/secrets/${file}";}; - in { - # age.secrets.christopher-password = secretFor "christopher" "christopher-password.age"; + config = { + bosun.secrets.tophPassword = "toph-password.age"; programs.fish.enable = true; + users = { - users.christopher = mkIfUser "christopher" { + users.toph = { isNormalUser = true; - # passwordFile = config.age.secrets.christopher-password.path; + passwordFile = config.age.secrets.tophPassword.path; shell = pkgs.fish; + extraGroups = [ "wheel" "docker" @@ -37,13 +36,14 @@ in "uinput" "pico" ]; + openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBEqcR3f71g7yuxQtUewrqdoEh8jDHtkB1973GF0EQ6q christopher@all" ]; }; - groups.christopher = { - members = ["christopher"]; + groups.toph = { + members = ["toph"]; gid = 1000; }; }; diff --git a/secrets/rekeyed/aepplet/a833fa567d54391802a4b064f0911c99-tophPassword.age b/secrets/rekeyed/aepplet/a833fa567d54391802a4b064f0911c99-tophPassword.age new file mode 100644 index 0000000000000000000000000000000000000000..393fc32eb42b4439437b839ddb34d69cc0c68b05 GIT binary patch literal 279 zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCUFFV#j4*LG%SiHdE^$jYD$CDv(ROyrF|-V=3gyarx2@9 zmSq^3lcW$7SCm&?nZOn0=;iC58E%$sZW!U>S((M9tE;PEZke4Pl5Cpk?XK;TVNhI} zQ<7xqo^Irl8{n7YRFG6q<{6M`VVUWgUKYspz-|W5q(q}*%cjM=JE$aYzsm28(9DI2 a>>nPB>r~8rD6-n3|CM#&&vXWn7z+T`lU?)x literal 0 HcmV?d00001 diff --git a/secrets/rekeyed/cobalt/744ad1a7e324b40d0805e2ef82d8fc5a-victoriametricsEnvFile.age b/secrets/rekeyed/cobalt/744ad1a7e324b40d0805e2ef82d8fc5a-victoriametricsEnvFile.age index 250c6de65142695ae30711daa2341e90c516b1d2..6d48cbf8cf662008cc677026ddf71d2561c5280a 100644 GIT binary patch delta 453 zcmV;$0XqJ;1Lp&fEPrQidQLfPW=&Ukc26)@Y-Kb?HZ)~zHZevxIY)IeVp4f8ZdOS_ za7t80K?-v@d2MuXN@iCuYF2k)D^@g1HaK`b7deQKx`l}J3L)J3VBX=HFHWzQgCBgX-HFecz=3QZB}Vka&B&DHdk>- zS9fP^FJwhiYD_V1WHL=yS$b({csWv9b8A>tNNQRzdU*0xY+_1JMQLk6 zctK1>W>YIlM^95zbaY8ISwccoLuOfQGdFcIQfgFAcM2^nEg(%VaB6mKadkCydQDMs zX){%ALPSAwX@71oF;+QwY&A1cP)=_`YMT_SvwTDM;? ze(81AdQR<1m&UkXy^-VJ{Km!0g3^W^*2rU6!t!!mGCmgzbV-oU@EUs(ZkM=_y`0z& vAd&T@4R|M(G$%#ppmJ9D#?mT(eY~949MVCE^2}ARtCk-cGj;l3!Xdx5uFSQT delta 406 zcmV;H0crl{1Goc_EPr)ZZ%#&GVpd9eZ9y?iIBYR8G;DcxZgxRNXLC_Ga%eA4Yhh<| zGF5VTRSI@TWo~O~FnDM+Mq+qWZc{liSVej=aY1iMOj%k}HFIlONMT`QVNOXxZwf6w zAVwl ssh-ed25519 /u/eYA a2YtLIFiK8lETFr+I/Yixme90wgJX/X+kW2KpCFWGiM +xm/9eER61LCPTiRUi24Qh3gQq1OV8s9BQjgxRJfLvKs +-> vEX:@rY-grease #.ah Wz?~ Gr|K[7W -.UYxQ# +CTEhaEVZInKKSMg6Vzb54cghIPT7PbUy57qgdWwXx6lvbnnIxsqnRUwBhLK8sT3w +Sx+t1v8/cuDK +--- nzehXvl4h/fS4/3W2Rsn0Uu1E9NUsEIR6ni5qOA/U1I +i8KأeքL+KVɌnC(?C \ No newline at end of file diff --git a/secrets/rekeyed/endurance/744ad1a7e324b40d0805e2ef82d8fc5a-victoriametricsEnvFile.age b/secrets/rekeyed/endurance/744ad1a7e324b40d0805e2ef82d8fc5a-victoriametricsEnvFile.age new file mode 100644 index 0000000..250c6de --- /dev/null +++ b/secrets/rekeyed/endurance/744ad1a7e324b40d0805e2ef82d8fc5a-victoriametricsEnvFile.age @@ -0,0 +1,10 @@ +age-encryption.org/v1 +-> ssh-ed25519 /u/eYA uWoNFabVJzmA1L8l124lyvnvAFgsQ9rh/Okags2UrxU +vGenkj0xh5FbxTnS91XEz2qAoILYZS5skYHaadaNIBo +-> F"k"3;+O-grease (5t/PH +zBRuwDmTbpClRyVeC77vgGo4aDE2/KxWdcJK1gXvu60DxzUfyjlF3SjKLGBx4qIp + +--- VxGN6ddpUyGJNbtKpOIoo7dZ3Xy1vxX1GA5f3EXef7g +&`jZ=s ޯ8ozҏr%*}pMu` oK~ +l23v˰ +9qxg|c:2.N bi8cdJ*z#Y[7ƶǑ=}{ g Y`gw,*\r/B[ & \ No newline at end of file diff --git a/secrets/rekeyed/christopher_cobalt/0abeaf0474074a50285a177aacd7ec0f-id_ethnuc.age b/secrets/rekeyed/toph_endurance/0abeaf0474074a50285a177aacd7ec0f-id_ethnuc.age similarity index 100% rename from secrets/rekeyed/christopher_cobalt/0abeaf0474074a50285a177aacd7ec0f-id_ethnuc.age rename to secrets/rekeyed/toph_endurance/0abeaf0474074a50285a177aacd7ec0f-id_ethnuc.age diff --git a/secrets/rekeyed/christopher_cobalt/0f948eedfa8d6e97a197d3e5df42c92e-id_hausgold.age b/secrets/rekeyed/toph_endurance/0f948eedfa8d6e97a197d3e5df42c92e-id_hausgold.age similarity index 100% rename from secrets/rekeyed/christopher_cobalt/0f948eedfa8d6e97a197d3e5df42c92e-id_hausgold.age rename to secrets/rekeyed/toph_endurance/0f948eedfa8d6e97a197d3e5df42c92e-id_hausgold.age diff --git a/secrets/rekeyed/christopher_cobalt/1944c0824166a3a9a50bd2dbd4cef01b-id_rhenium.age b/secrets/rekeyed/toph_endurance/1944c0824166a3a9a50bd2dbd4cef01b-id_rhenium.age similarity index 100% rename from secrets/rekeyed/christopher_cobalt/1944c0824166a3a9a50bd2dbd4cef01b-id_rhenium.age rename to secrets/rekeyed/toph_endurance/1944c0824166a3a9a50bd2dbd4cef01b-id_rhenium.age diff --git a/secrets/rekeyed/christopher_cobalt/241c114c18645057167f14101ddcdbcb-id_homeassistant.age b/secrets/rekeyed/toph_endurance/241c114c18645057167f14101ddcdbcb-id_homeassistant.age similarity index 100% rename from secrets/rekeyed/christopher_cobalt/241c114c18645057167f14101ddcdbcb-id_homeassistant.age rename to secrets/rekeyed/toph_endurance/241c114c18645057167f14101ddcdbcb-id_homeassistant.age diff --git a/secrets/rekeyed/christopher_cobalt/68a44c5680f7a6e57f6cc276f6fae690-repoUpdatePAT.age b/secrets/rekeyed/toph_endurance/68a44c5680f7a6e57f6cc276f6fae690-repoUpdatePAT.age similarity index 100% rename from secrets/rekeyed/christopher_cobalt/68a44c5680f7a6e57f6cc276f6fae690-repoUpdatePAT.age rename to secrets/rekeyed/toph_endurance/68a44c5680f7a6e57f6cc276f6fae690-repoUpdatePAT.age diff --git a/secrets/rekeyed/christopher_cobalt/a3984008ff2b9a3226656619c81e4c47-emailPassword.age b/secrets/rekeyed/toph_endurance/a3984008ff2b9a3226656619c81e4c47-emailPassword.age similarity index 100% rename from secrets/rekeyed/christopher_cobalt/a3984008ff2b9a3226656619c81e4c47-emailPassword.age rename to secrets/rekeyed/toph_endurance/a3984008ff2b9a3226656619c81e4c47-emailPassword.age diff --git a/secrets/rekeyed/christopher_cobalt/bf37e236fcc3c1ce07d32b54d70f80ef-id_europium.age b/secrets/rekeyed/toph_endurance/bf37e236fcc3c1ce07d32b54d70f80ef-id_europium.age similarity index 100% rename from secrets/rekeyed/christopher_cobalt/bf37e236fcc3c1ce07d32b54d70f80ef-id_europium.age rename to secrets/rekeyed/toph_endurance/bf37e236fcc3c1ce07d32b54d70f80ef-id_europium.age diff --git a/secrets/rekeyed/christopher_cobalt/d5d9325b86283f0a1572f2817924fea4-id_github.age b/secrets/rekeyed/toph_endurance/d5d9325b86283f0a1572f2817924fea4-id_github.age similarity index 100% rename from secrets/rekeyed/christopher_cobalt/d5d9325b86283f0a1572f2817924fea4-id_github.age rename to secrets/rekeyed/toph_endurance/d5d9325b86283f0a1572f2817924fea4-id_github.age diff --git a/secrets/rekeyed/christopher_cobalt/dcb82593014313ac12faa7a33834a1aa-config.age b/secrets/rekeyed/toph_endurance/dcb82593014313ac12faa7a33834a1aa-config.age similarity index 100% rename from secrets/rekeyed/christopher_cobalt/dcb82593014313ac12faa7a33834a1aa-config.age rename to secrets/rekeyed/toph_endurance/dcb82593014313ac12faa7a33834a1aa-config.age diff --git a/secrets/rekeyed/christopher_cobalt/f163a86f52bfaee9d516fee4b00a5111-npmrc.age b/secrets/rekeyed/toph_endurance/f163a86f52bfaee9d516fee4b00a5111-npmrc.age similarity index 100% rename from secrets/rekeyed/christopher_cobalt/f163a86f52bfaee9d516fee4b00a5111-npmrc.age rename to secrets/rekeyed/toph_endurance/f163a86f52bfaee9d516fee4b00a5111-npmrc.age diff --git a/secrets/toph-password.age b/secrets/toph-password.age new file mode 100644 index 0000000..ff7474e --- /dev/null +++ b/secrets/toph-password.age @@ -0,0 +1,10 @@ +age-encryption.org/v1 +-> X25519 j/67yub+Kz8oFNN07MHKeCXXwNS0D39nkc+SqAV8UgM +89AdrCsf4LxQJBl+Q/Xr+GotScOBaP3FpgFEmEnCAQg +-> piv-p256 Kmn3OQ AjPU/LUjzP+YtoJ8yUeL1uwsA69KSeGNA3EoYcdxhhzs +a6I1KQkU49lFg/5WAxKcPWu39tUBJbbFsNYS2PFFZSA +-> 5{Mh-grease k^I'> 8jI;`F8F QO]Z. ?A?` +SDGA88nlZIKe3/d/ArbzO47BdBBf +--- bH47GyWwrNHQGcm6j2AaKnCVaxVzVPGRtBBjJb0zoW4 + +ڕCG0X{xB[(s eK,9:_oRkV+h* \ No newline at end of file