mlaga97/mlaga97-nix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Stronghold WIP

Browse source
This commit is contained in:
Lauren Lagarde 2025-08-23 01:15:41 -05:00
parent b704bad251
commit a113294ec1
6 changed files with 186 additions and 37 deletions
Download patch file Download diff file Expand all files Collapse all files

6
systems/fortress/.sops.yaml
View file

@ -1,9 +1,3 @@
# Get new (host) keys with:
# nix-shell -p ssh-to-age --run 'ssh-keyscan example.com | ssh-to-age'
# nix-shell -p ssh-to-age --run 'ssh-to-age -i /etc/ssh/ssh_host_ed25519_key.pub'
# Get new (user) keys with:
# mkdir -p ~/.config/sops/age && nix-shell -p ssh-to-age --run 'ssh-to-age -private-key -i ~/.ssh/id_ed25519 > ~/.config/sops/age/keys.txt'
# nix-shell -p ssh-to-age --run 'ssh-to-age -i ~/.ssh/id_ed25519.pub'
keys:
- &system_fortress age1fraz2lnnqtcxnu6tnjy4f7y9tuc0fnqekzmdynnhtt0h8a230v5qddpxdu
- &system_ll_latitude age19v2gpucsykaqu3hsvskl67ss8mpqstp59vn687am6px9nmg585ksvlhctz

2
systems/fortress/configuration.nix
View file

@ -155,7 +155,7 @@
sops.secrets."dotspace/fortress/keys/tinc/rsa_key.priv" = { sopsFile = ./secrets.yaml; };
sops.secrets."dotspace/fortress/keys/tinc/ed25519_key.priv" = { sopsFile = ./secrets.yaml; };
systemd.network.networks."90-tinc" = {
systemd.network.networks."90-tinc-dotspace" = {
matchConfig.Name = "tinc.dotspace";
address = [ "10.86.84.1/32" ];
routes = [ { Destination = "10.86.84.0/24"; } ];