From c6a89378c614a46492ac8e58155604a313873262 Mon Sep 17 00:00:00 2001 From: Toast Date: Tue, 20 Feb 2024 00:10:00 +0100 Subject: [PATCH 1/3] Remove secrets folder --- secrets/ddclient-passwd | Bin 404 -> 0 bytes secrets/secrets.nix | 10 ---------- 2 files changed, 10 deletions(-) delete mode 100644 secrets/ddclient-passwd delete mode 100755 secrets/secrets.nix diff --git a/secrets/ddclient-passwd b/secrets/ddclient-passwd deleted file mode 100644 index 90f0728d402fd083561164e35e4023deb60bc6a4..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 404 zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCR+%lFGSaa70-&CfBZ zFe{8IsqhMMHA?jLDhy6^H4jR1i8M1#)h;To2*~kIaw{nb%;w6;F9-@TGSrSp3Mwsk zH1;gZOZJP(@Xj&HbSX4Vsxomjj`H*l%_yxX4g}ferje+dUX+?xoT{LtsAlZrQl$`F z;hCFSV{FWom{(=)R2F358R}IPRAm<7oReh|9uQt>5aL~8l9n6b>Je#a=@Fcsn{HSc z5#?@SkZ+i4>X@EanVarp6qcRK<>>2C;_nh}Xyj$89hsJ#U78c%WoRC3oL-gV5^k6t z5@2ExVP;|Ml2}=so#&AjR-RMkRhgJtnGqCW=H|$ytE;O}9ORspRZ?N$8krwv=2uY} z=pIq&YVKT=Q&8&Y9OUEb5$W!m<`dt+AZwQ@QvV)_VNm;4S*53SA(z?fOTi?ihi+CRM6abJKkfi_s diff --git a/secrets/secrets.nix b/secrets/secrets.nix deleted file mode 100755 index fbb968e..0000000 --- a/secrets/secrets.nix +++ /dev/null @@ -1,10 +0,0 @@ -let - everest = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBYENWORu3M32NIIip8gZO5VbCUBwsT2RgOU8ATsASpc root@Everest"; - bootsrtrap = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMKloSXSeF4dNXebd93uMuiFuXRHfxo/he4+O9SFTz1s bootstrap key"; -in -{ - "ddclient-passwd".publicKeys = [ everest ]; - "cock".publicKeys = [ everest ]; - "syncthing/key".publicKeys = [ everest ]; - "syncthing/cert".publicKeys = [ everest ]; -} From 38ad6796a1d7d238102de5bfc56c637232af4cd8 Mon Sep 17 00:00:00 2001 From: Toast Date: Tue, 20 Feb 2024 00:11:10 +0100 Subject: [PATCH 2/3] Server/ddclient: update password --- roles/server/ddclient.nix | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/roles/server/ddclient.nix b/roles/server/ddclient.nix index e4520d9..5a88f7f 100755 --- a/roles/server/ddclient.nix +++ b/roles/server/ddclient.nix @@ -1,8 +1,12 @@ -{ config, ... }: +{ config, flakeSelf, ... }: + +let + hostSecrets = "${flakeSelf.inputs.secrets}/" + config.networking.hostName; +in { # Set up secrets - age.secrets = { ddclient-passwd.file = ../../secrets/ddclient-passwd; }; + age.secrets = { ddclient-passwd.file = hostSecrets + "/ddclient-password.age"; }; services.ddclient = { enable = true; @@ -13,4 +17,4 @@ passwordFile = config.age.secrets.ddclient-passwd.path; domains = [ "@" ]; }; -} \ No newline at end of file +} From d02fae40add7ca435ed9b1293d6ba122cfc0716c Mon Sep 17 00:00:00 2001 From: Toast Date: Tue, 20 Feb 2024 00:11:30 +0100 Subject: [PATCH 3/3] Flake: update secrets --- flake.lock | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/flake.lock b/flake.lock index 77f772b..df673ba 100644 --- a/flake.lock +++ b/flake.lock @@ -418,11 +418,11 @@ "secrets": { "flake": false, "locked": { - "lastModified": 1708379923, - "narHash": "sha256-3V7lwL+GQIi3os9jDetzl5Y1+Rgs2ES5kwjHzG9HteU=", + "lastModified": 1708383844, + "narHash": "sha256-cl5HngHhGW6qkvjv9ZSaiQuZKXfxlDfM4IDVPyMRBcY=", "ref": "refs/heads/main", - "rev": "90dd2143e21ba1442b054c47a09d5a15229cf5f7", - "revCount": 6, + "rev": "31ef63532cf9907e8580741f1c9428b4176874cf", + "revCount": 8, "type": "git", "url": "http://git.everest.sable-pancake.ts.net/Toast/nix-secrets" },