From 484481ae89ca55c2aebefbd4bed29cd981fe0b90 Mon Sep 17 00:00:00 2001 From: Leonardo Santiago Date: Wed, 5 Jun 2024 20:24:31 -0300 Subject: rekey files to use new sshkey --- modules/emacs/README.org | 1 - secrets/authinfo.age | Bin 1252 -> 1032 bytes secrets/personal-mail.age | Bin 781 -> 561 bytes secrets/secrets.nix | 3 ++- secrets/university-mail.age | 24 ++++++++++-------------- secrets/user-pass.age | Bin 835 -> 615 bytes secrets/user-ssh-key.age | Bin 1401 -> 953 bytes secrets/work-mail.age | Bin 781 -> 561 bytes users/leonardo.nix | 34 ++++++++++++++++++---------------- 9 files changed, 30 insertions(+), 32 deletions(-) diff --git a/modules/emacs/README.org b/modules/emacs/README.org index 9ca23c1..4b9c6dd 100644 --- a/modules/emacs/README.org +++ b/modules/emacs/README.org @@ -57,7 +57,6 @@ Configuration to automagically open age files, and to encrypt them correctly to :demand t :custom (age-program "rage") - (age-default-identity "~/.ssh/leonardo") (age-default-recipient '("ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINWxS8tdN3j7Vm337RmJTzYTMbkAZN5g610ZesH4vhd8" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDrMCLu3VvQVmd2cqreAJsVKkrtKXqgzO8i8NDm06ysm" diff --git a/secrets/authinfo.age b/secrets/authinfo.age index ddba86b..2ea6be2 100644 Binary files a/secrets/authinfo.age and b/secrets/authinfo.age differ diff --git a/secrets/personal-mail.age b/secrets/personal-mail.age index c865e70..113b920 100644 Binary files a/secrets/personal-mail.age and b/secrets/personal-mail.age differ diff --git a/secrets/secrets.nix b/secrets/secrets.nix index 56f372e..57cce87 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -1,9 +1,10 @@ let inherit (builtins) attrValues readFile; user-key = readFile ./user-ssh-key.pub; - keys = [ user-key ] ++ (attrValues (import ./pub-ssh-keys.nix)); + keys = [ user-key ] ++ (attrValues (import ./host-pub-keys.nix)); in { + "user-ssh-key.age".publicKeys = keys; "personal-mail.age".publicKeys = keys; "work-mail.age".publicKeys = keys; "university-mail.age".publicKeys = keys; diff --git a/secrets/university-mail.age b/secrets/university-mail.age index 13b9b09..bc0f740 100644 --- a/secrets/university-mail.age +++ b/secrets/university-mail.age @@ -1,15 +1,11 @@ age-encryption.org/v1 --> ssh-ed25519 JawxWA CauNKVYRXH0eX9u2X+yKHBCnjWtVH0nLxihO6/ruxw0 -SmsOteaLcJTQWf2soRQ0btpuBGPjk9Xn6a1FiVRYb3E --> ssh-ed25519 F05xIw As6CnbJHFKhbWQ+ZdQ3r4FFuiLOKtj61vxUt4sEryRI -WC9hhW7ItwYdDWK693FfwNRDUeS6I573aLH7t0qz8Lw --> ssh-ed25519 AcegYA ISAf0Wma0/7DH7lte4dpd6Qm3HFBGgDy7ZpQDRL3vT4 -C/fY0pnM9Su5kQ55wTetzsY98iQ8/uQFuNuhWglABgQ --> ssh-ed25519 VsDKrw WAfqgqtMvPPDT5FRMe9vj4gfnBW7elpOdB+eA/jJ000 -tfmHB+oelGsSObmOdNhqCzaakohHfMMHnLJkFUeMHuQ --> ssh-ed25519 HMNWnw suDaWIjaRsa+N1ByKRmCPPcMbEsQgee9H1zyxPRtJmE -HJ8HLucA2AohzR7jCoTywoAYYXC5asFB7+uOZICOVeI --> ssh-ed25519 9kXSug p8jveeGFhMZ2txGvuY6dKhScid8eKdkEcFuC1WYsr3Y -hmMFP/srgGdKkh+s6eqS1ffs0G/LffGj+wYZBh/c4DY ---- tebDIUSP/0sj6PYeCLK/J3sXx7BWdcJ3XMVEME+EclA -x1!)$\4:_<_HۈFvlUm]\z% mc \ No newline at end of file +-> ssh-ed25519 6bbh4g 2TX68/1PLrKJd9sfJXf4gE4Z4wexYm+1oebnVgwRXw4 +hS4N+CmQfXYlTFg9bqxq4ov8wr6XFLAvlub8j3Pe/s8 +-> ssh-ed25519 VsDKrw Tb6CF+Kk1JdnyU4KEXRSVHfAxwTdfl5OExQVyrs5Ug4 +UdAmW0JXhdvTjtjsIGh7r/YVCd0/JCAsgeNhR4AV12M +-> ssh-ed25519 AcegYA KUpvKx6xqHorjHvzHOCf+eHsaaN+nys2PvawIN+1CRM +awMuSCejrZeABATEqlEGssBQGiPEmHkYafOQxp0BW+k +-> ssh-ed25519 HMNWnw QGD4OeT7ztw7S/TRVB05LtN2gLXZaAmJ0UhtNodMTiQ +rkij8ylsgEFElxE8NGVq+r42KAZ5GQokXeA5UqdyQnQ +--- 3ONBt/qOJY7CapYXMhQvXxwc2OXNug8XG2zXM6sbtSg +X][P̀V5~> yQN); B-l*i \ No newline at end of file diff --git a/secrets/user-pass.age b/secrets/user-pass.age index bc492d8..f11db04 100644 Binary files a/secrets/user-pass.age and b/secrets/user-pass.age differ diff --git a/secrets/user-ssh-key.age b/secrets/user-ssh-key.age index 7fd3b3b..c8060df 100644 Binary files a/secrets/user-ssh-key.age and b/secrets/user-ssh-key.age differ diff --git a/secrets/work-mail.age b/secrets/work-mail.age index 9056086..7d39bfa 100644 Binary files a/secrets/work-mail.age and b/secrets/work-mail.age differ diff --git a/users/leonardo.nix b/users/leonardo.nix index 0115f30..91a80bf 100644 --- a/users/leonardo.nix +++ b/users/leonardo.nix @@ -114,20 +114,22 @@ in openssh.authorizedKeys.keys = builtins.attrValues (hosts-pub-keys); }; - age.secrets = { - user-ssh-key = { - file = ../secrets/user-ssh-key.age; - path = "/home/leonardo/.ssh/user-ssh-key"; - owner = "leonardo"; - group = "users"; - }; - } // (builtins.foldl' (acc: filename: acc // { - ${filename} = { - file = ../secrets/${filename}.age; - owner = "leonardo"; - group = "users"; - }; - }) {} [ "personal-mail" "work-mail" "university-mail" "authinfo" "user-pass" ]); + age = { + secrets = { + user-ssh-key = { + file = ../secrets/user-ssh-key.age; + path = "/home/leonardo/.ssh/id_ed25519"; + owner = "leonardo"; + group = "users"; + }; + } // (builtins.foldl' (acc: filename: acc // { + ${filename} = { + file = ../secrets/${filename}.age; + owner = "leonardo"; + group = "users"; + }; + }) {} [ "personal-mail" "work-mail" "university-mail" "authinfo" "user-pass" ]); + }; services.gnome.gnome-browser-connector.enable = true; home-manager = { backupFileExtension = "backup"; @@ -136,7 +138,7 @@ in users.leonardo = { pkgs, ... } : { imports = [ ./../modules/gnome-config.nix ]; home = { - file.".ssh/user-ssh-key.pub".source = ../secrets/user-ssh-key.pub; + file.".ssh/id_ed25519.pub".source = ../secrets/user-ssh-key.pub; file.".mozilla/firefox/leonardo/chrome/firefox-gnome-theme".source = inputs.firefox-gnome-theme; username = "leonardo"; homeDirectory = "/home/leonardo"; @@ -222,7 +224,7 @@ in user = { name = "Leonardo Santiago"; email = "leonardo.ribeiro.santiago@gmail.com"; - signingkey = "~/.ssh/user-ssh-key"; + signingkey = "~/.ssh/id_ed25519"; }; color.ui = true; gpg.format = "ssh"; -- cgit v1.2.3