Add initialPassword management to ageni
This commit is contained in:
parent
a45482532d
commit
d1994caee9
4 changed files with 12 additions and 3 deletions
Binary file not shown.
9
secrets/initialPassword.age
Normal file
9
secrets/initialPassword.age
Normal file
|
@ -0,0 +1,9 @@
|
|||
age-encryption.org/v1
|
||||
-> ssh-ed25519 OWkVXw Kp9otTIwi3SuVG43UebS2B+bvp6uy81KIIPIeJSW8iE
|
||||
xXX6N1WrkxNLOC4ClZo9XzUZOdFK6210trH2GS5+N0E
|
||||
-> ssh-ed25519 MTO1pg 70GcDYGKyG0w0s1ehWvcid1JKNRY3vRPeQhnEfHDWBI
|
||||
Fcq3ZR6iA0J4CUBuQeVIyRoGMu88bd9oBrwGCJKicBE
|
||||
-> ssh-ed25519 wnEUpw m7HRrztgLMS90k3cwzqBkMKfbji0Ub8atDwTGJNeq0c
|
||||
rEPjFTG+hEPHNoLOyhmcY4QMJ4DYIIhBR10GVZqcIuo
|
||||
--- eXz18+bRHesrblBjD/aqwFkAXUhEL741swR1csHpoXU
|
||||
Ô|}pÁ#¢ç®,\‚m:(·¸ª#ëHH¡aÃÒ¸ß_~ª7 ž(5EgÈÏOQY[»r U;e
|
|
@ -9,8 +9,7 @@ let
|
|||
systems = [ forgejo grafana ];
|
||||
in
|
||||
{
|
||||
"forgejo-runner-token.age".publicKeys = [ tbarnouin forgejo ];
|
||||
"../services/forgejo-runner/secrets/forgejo-runner-token.age".publicKeys = [ tbarnouin forgejo ];
|
||||
"initialPassword.age".publicKeys = users ++ systems;
|
||||
"../services/grafana/secrets/grafana-db.age".publicKeys = [ tbarnouin grafana ];
|
||||
"../services/grafana/secrets/kuma-token.age".publicKeys = [ tbarnouin grafana ];
|
||||
}
|
||||
|
|
|
@ -28,6 +28,7 @@
|
|||
options = "--delete-older-than 7d";
|
||||
};
|
||||
|
||||
age.secrets.initialPassword.file = ./secrets/initialPassword.age;
|
||||
security.sudo.wheelNeedsPassword = false;
|
||||
users = {
|
||||
users.tbarnouin = {
|
||||
|
@ -38,7 +39,7 @@
|
|||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAxccGxdfOFXeEClqz3ULl94ubzaJnk4pUus+ek18G0B tbarnouin@nixos"
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICf1B0nxNMvPWSR9pStdtx2x6Iw+JUeCCt1CKWoD8dsr"
|
||||
];
|
||||
initialPassword = "test";
|
||||
initialPassword = config.age.initialPassword.path;
|
||||
};
|
||||
users.root = {
|
||||
openssh.authorizedKeys.keys = [
|
||||
|
|
Loading…
Reference in a new issue