add server user password

2025-12-30 19:45:43 +01:00
parent 0468cf2621
commit 9e402fdfa3
3 changed files with 10 additions and 2 deletions
--- a/machines/173-249-5-230/configuration.nix
+++ b/machines/173-249-5-230/configuration.nix
@@ -3,7 +3,7 @@
  machine,
  ...
 }: {
-  age.secrets.secret1.file = ../../secrets/secret1.age;
+  age.secrets.secret2.file = ../../secrets/secret2.age;
  boot.tmp.cleanOnBoot = true;
  boot.loader.grub.devices = ["nodev"];
  environment.persistence."/nix/persist" = {
@@ -71,7 +71,7 @@
  users.users."mtgmonkey" = {
    isNormalUser = true;
    description = "mtgmonkey";
-    passwordFile = builtins.toString config.age.secrets.secret1.path;
+    hashedPasswordFile = builtins.toString config.age.secrets.secret2.path;
    extraGroups = ["wheel"];
    openssh.authorizedKeys.keys = machine.pub-keys.ssh;
  };
--- a/secrets/secret2.age
+++ b/secrets/secret2.age
@@ -0,0 +1,7 @@
+age-encryption.org/v1
+-> ssh-ed25519 mT2fyg DSrFJv1cg7XUWGT8H60d+IdbQJKIGVc0FznYD3ScHxY
+x75LtCRBWRH+Y541dDKE2vLk9kOZNxbFI68cDvaeJ4c
+-> ssh-ed25519 UHxfvA 2jLPahOP6AKIn66RM4vUWAl4eUhNgZblKB2z/Wa6ghw
+IPFBVfk+c1lO43jc58TmdUM9+pOBad8M7v5lxpNJLOE
+--- Bv3SJdghwzga9GD5Fz1/62gelkFqjjgRxoiv4S7x1Nc
+[<5B><>
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -4,4 +4,5 @@ let
 in {
  "secret0.age".publicKeys = [andromeda lenovo];
  "secret1.age".publicKeys = [andromeda lenovo];
+  "secret2.age".publicKeys = [andromeda lenovo];
 }