From 9e402fdfa3f967e6b7497507f6d8eefbad6a71a9 Mon Sep 17 00:00:00 2001 From: andromeda Date: Tue, 30 Dec 2025 19:45:43 +0100 Subject: [PATCH] add server user password --- machines/173-249-5-230/configuration.nix | 4 ++-- secrets/secret2.age | 7 +++++++ secrets/secrets.nix | 1 + 3 files changed, 10 insertions(+), 2 deletions(-) create mode 100644 secrets/secret2.age diff --git a/machines/173-249-5-230/configuration.nix b/machines/173-249-5-230/configuration.nix index 853a5db..570d428 100644 --- a/machines/173-249-5-230/configuration.nix +++ b/machines/173-249-5-230/configuration.nix @@ -3,7 +3,7 @@ machine, ... }: { - age.secrets.secret1.file = ../../secrets/secret1.age; + age.secrets.secret2.file = ../../secrets/secret2.age; boot.tmp.cleanOnBoot = true; boot.loader.grub.devices = ["nodev"]; environment.persistence."/nix/persist" = { @@ -71,7 +71,7 @@ users.users."mtgmonkey" = { isNormalUser = true; description = "mtgmonkey"; - passwordFile = builtins.toString config.age.secrets.secret1.path; + hashedPasswordFile = builtins.toString config.age.secrets.secret2.path; extraGroups = ["wheel"]; openssh.authorizedKeys.keys = machine.pub-keys.ssh; }; diff --git a/secrets/secret2.age b/secrets/secret2.age new file mode 100644 index 0000000..de8612d --- /dev/null +++ b/secrets/secret2.age @@ -0,0 +1,7 @@ +age-encryption.org/v1 +-> ssh-ed25519 mT2fyg DSrFJv1cg7XUWGT8H60d+IdbQJKIGVc0FznYD3ScHxY +x75LtCRBWRH+Y541dDKE2vLk9kOZNxbFI68cDvaeJ4c +-> ssh-ed25519 UHxfvA 2jLPahOP6AKIn66RM4vUWAl4eUhNgZblKB2z/Wa6ghw +IPFBVfk+c1lO43jc58TmdUM9+pOBad8M7v5lxpNJLOE +--- Bv3SJdghwzga9GD5Fz1/62gelkFqjjgRxoiv4S7x1Nc +[ DYbƇiK_7zqh,Ocw(2^\[0-A8 =n'ZRN1JZol \ No newline at end of file diff --git a/secrets/secrets.nix b/secrets/secrets.nix index 43b72b3..5b14f22 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -4,4 +4,5 @@ let in { "secret0.age".publicKeys = [andromeda lenovo]; "secret1.age".publicKeys = [andromeda lenovo]; + "secret2.age".publicKeys = [andromeda lenovo]; }