From a59c52a2a3f71c6149aecf480619f265b4a78922 Mon Sep 17 00:00:00 2001 From: marc Date: Sun, 22 Dec 2024 16:05:01 +0100 Subject: [PATCH] Added quinto secrets and deploy-ssh keys --- docs/hosts.org | 14 +++++++++++ .../consul.d/agent-token-reykjavik.json.age | Bin 364 -> 364 bytes .../consul.d/agent-token-thingvellir.json.age | 12 +++++----- secrets/consul.d/consul-agent-ca-key.pem.age | Bin 438 -> 438 bytes secrets/consul.d/consul-agent-ca.pem.age | Bin 1510 -> 1510 bytes secrets/consul.d/gossip.json.age | 17 +++++++------- .../samfelag-server-thingvellir-key.pem.age | Bin 548 -> 548 bytes .../samfelag-server-thingvellir.pem.age | Bin 1302 -> 1302 bytes secrets/nomad.d/consul-token-client.json.age | Bin 505 -> 505 bytes secrets/nomad.d/consul-token-server.json.age | 13 +++++------ secrets/secrets.nix | 2 ++ secrets/ssh-keys/deploy_keys.sh | 22 ++++++++++++++++++ secrets/ssh-keys/id_quinto.gpg | Bin 0 -> 455 bytes secrets/ssh-keys/id_quinto.pub | 1 + 14 files changed, 60 insertions(+), 21 deletions(-) create mode 100755 secrets/ssh-keys/deploy_keys.sh create mode 100644 secrets/ssh-keys/id_quinto.gpg create mode 100644 secrets/ssh-keys/id_quinto.pub diff --git a/docs/hosts.org b/docs/hosts.org index fb04691..1e18faf 100644 --- a/docs/hosts.org +++ b/docs/hosts.org @@ -1,4 +1,18 @@ #+title: Hosts +* Setting up a new vult host +** Generate a password for your host +#+begin_src bash +pass generate samfelag/ +#+end_src +** Change the password in the host +Enter into the host via the vultr dashboard "View Console" +#+begin_src bash +passwd +#+end_src +** You can now ssh into the host with the new password +#+begin_src bash +ssh nixos@ +#+end_src * Setting up a new host ** Generate a host ssh key pair Generate the key pair (we'll use the name `id_`) diff --git a/secrets/consul.d/agent-token-reykjavik.json.age b/secrets/consul.d/agent-token-reykjavik.json.age index c99c78b19fb7f91f9c40ab22df885463bf2adcb9..bd3438bb369868c3301d4919bf8680fd4feb2ab8 100644 GIT binary patch delta 329 zcmV-P0k;0^0_*~iEPrZ4SWb!$m(HcfPJbvJNxML9Dzcuz%R zMn_I}Q3^&dP)cHINH2D3ZE;UgLrijXVK{JAXi<80LRV>FN-w;mo7c_nmM_n}^@us8TOkl;5*( zXOvfma;&fpG^&q|{tikE_k~pP$JyxsVMYAvDV=y#&9UN5rPD9Ovy{b+*a08#fNjZ) zFYWJhU~XZFi9*_E4i1FNX7`hJNFPis?2c6w4VD@j^bLPA9}PAgeRNoP<|FmyCTHAr@3aeq=uPHt2$SYrwW;&Oz( znNR;Z2bo1`J+i&)3mE7duh)hHFHC?XL>3HsUR;^8H4Z%yhgcmZ7%EuAGm+e+h3bY+ zLzU;wlF$e24ESSX9rvd%C#@cf=c!QLOY(|I3!}aet)Yg4my3TJA$#!AAp+Q&LBy@; zk3>*>bwS9X_CljUhe#%o{AlYl^}%C9UgZETVL0{?`1<5noTIEcT@e{ge)AV2X=zWx bKp^~@%{Kvp#Q*iI7tJsx_Mt;H=yVD4*+_;> diff --git a/secrets/consul.d/agent-token-thingvellir.json.age b/secrets/consul.d/agent-token-thingvellir.json.age index f93970f..aa3d55c 100644 --- a/secrets/consul.d/agent-token-thingvellir.json.age +++ b/secrets/consul.d/agent-token-thingvellir.json.age @@ -1,7 +1,7 @@ age-encryption.org/v1 --> ssh-ed25519 GWuf0Q 8KY3le+D4r6SJVPdkjL3P4fLA7rS00F+LkRieMGcrA0 -0ffzmUzTFEPiYmLG02Y0XweXTvFjEt6lao8ySE73Eoo --> ssh-ed25519 kNjiNQ 0Hg11FGDMDrus/MA9UMRA8jt3aoJYbQMJ8vM4PrYtyY -H9ZURqsrkmviJMpsbiKDUk8r+NWlAsrQ0OpO5U7U0dg ---- jQa7EUd7cX7AexX3FCJaOb4xVZ9/TP7WXakcgVKH5PM -CO `PgheEhyאꁋFfǥ@AUGLʳ:;{ ssh-ed25519 GWuf0Q z5DKW5ikWJPBjNjrgoUuJF8be9f9naDOxZ74sOpf5FY +kiV2yRp+BVwTInS1EMkzhGyfGGEdHcB9DGlbzTA9lpQ +-> ssh-ed25519 kNjiNQ YLZNTRHp6sj3v0wu7WMitqBykTcqaGYcfZbJkF0ougM +dI8B6KF6bvSONOo/dTOq6jyYIn6Rj1AMABUeOU2hWUQ +--- V+29XmjyMdtKIFBz9VW/D/A9sM6HPLYe1HZf458md64 +'w"2sIIꩧgȦM&;XjS{ ŒHxlykcrܟkdZ\|Yރ"S,wQk@KnT83G^238,dJNgf dӯLD]BfvTOln-ZmMn<7qw \ No newline at end of file diff --git a/secrets/consul.d/consul-agent-ca-key.pem.age b/secrets/consul.d/consul-agent-ca-key.pem.age index e44dae801a227c19acc3c1c5caae05647866b1da..d72f03be26395e4f6c5bde75e81b0bd854384c2a 100644 GIT binary patch delta 404 zcmV;F0c-xY1GWQ@EPps!cym)tcsWN}MMpDDX-73jOmI+XK}bYSYeZIdNp5#?m&pG_A+AqAwD|OYru*(+&{)GbAjWlZ&45k=}>XS_H0j2K%0Z5`!(G zD2VqXsC1!ABuz*v(_lY*S;sRvy_#u8E+)BX-vvk1QY3t zriZMub;b78boaaP)yl;a_37o2zPO+O delta 404 zcmV;F0c-xY1GWQ@EPqu;Qc+=9cWNtSa&9j&GC^idL`_R`Z%;5mPiVOn8pMP~}Z#^(f9 z=LsiM!aR1zRE=qzeuurOp{l8ZcVQP=LLQxOvoA`U^kIsJ>yT|z)XO-p) z-|*!9=~kXZe}6ud((Wm`uy@0bTS7**+w}MN#t?k}Z>=cvkKgHw=+PU4xv_r)`2>`0 zHe$0yQgehqtm~hXA$(%Ohhc8tf;Ra+I|8yx^3hK2LzyR?+wdu8OXVU%GzuvnW`!eu ya>5*Gszw;gKxAdmZW=g^9Xa{%47|W~P3N?h!Bhf@#0@oc@Z9@E9z0)qa5|>oceEh@ diff --git a/secrets/consul.d/consul-agent-ca.pem.age b/secrets/consul.d/consul-agent-ca.pem.age index e0a9c40b770a4cdf6e5c831859cad2c9a87e62f8..1c6912abf7137fbfe586b87e0009fa71237b1077 100644 GIT binary patch delta 1464 zcmV;p1xNbk3+4-uEPpUcGfH(dHZVm=D>5^9F=j_-VmW13ZERRXaYQE+T-D@{!} zR7+=RK?+K4LuY4lc26)va!E)^ZB=b}GHh9PVQz71L~?U0MNCgMH)vHuF>7&4a|$g! zAaiqQEoEdfH8n9gAbMz4M@V-dPBKX^Pe^c5HA-f2LtRqZfZp`RccmdZfs~dST|!YR!MPUOLTWKQFLTa zNKi9Pk?|LQMl)$`QAsjydPq<+acy#XIbnHgdRk;^Z)R37VOn%EZ&6xrWm9WZFhNBM zQF(f6R%|wKRyS2EGc#*aH+on}T55DeG;M8nL}O_;d2f0*FnUvGQf*ZVEiEk|Qf*Kx zaA8btOK@goO>|RAY;sRgX;xHAS4TNXb#qvAGFWYYH(_;cS9DM~3Tng7jIY%WH7*cA z(Qpp3L#_JW>7mwy{0NvnkN6QjJ3tku_xqA;kkFe9Qw{-!A|ze|aJqiEkYmKCBZ~!B zq=;O|3ASsGR&dJ0{OGYxN*4M@?%E$HK5QKi;9iu+RvKNiLV``gM(75LDM#JofJ?$& z{GHN&#*bChWER=0v=x*31J9HlF4PdPqKbXD;2ZZH2EvQ2!%^ROxuGA_lAoo`>&yF% zsPIRu5n)TsO6%?E|1j@tzB0(Ld3NO~3~pOoc=g@Q3%c{NoBB;t75R`-T{q7?Ay$AY zj`<^KL1LRd)N8I?N%xX)?AH|vvIK>{xQ73K>|{*hI6`QLHQVF>ndrING&%wz(6jK! zI&qfwq%kfiAdh$DbOnwQ-o0R`)NIk`Y{cP!&$gIAc)NaLj-Ij7Z6&A$dCajs|G=ky zkZ2m#48eLh^-a5XM&~+&5{ z1eYaCX8#mvFRfX>D{y1U&X(K?53=8F3UKw7-QmV;fuF2JyBx{cDQie4Tp2Xpm6{amSc$@)`YC`K>k1Y+oQ@b zQCf*0XyS&4?ne;}@>a)h@|cFuc!NwOn6CjrNf>}aNZ}{J`v2zlV5Y@-3xm$;MVi6* z`2iSRN`=1Q=c;cYI++fT8QjHxH_5su{pvU(c~Z-itZvZ_`iZ$(;f9m+g&JcxoLgR( zvp=_!3>p~j#V{^=&@yJ1Ysk!4w)gR$-6#*$<1o1FB}ozW{^X^-*8p;HOq;~COkY^c z9kq5VPa>dK`eUPrpPsxCvo2+7(8^v0@SV-N23h~f(xbHW>BNA)CP1-&c)BA>+2E`~ zYuXN=YJ46uiB~(Qa#}r>6CJ?%*#n2KFB%+zmFXynMO!SFwkPE=CArD+1Q`M!Kej_* zT+m*Jl^AN|$;Y5L?i_zOq=cp!sK+Rr7e_JDM3V4~$yGAnj&Wj%QW&|`y6z`(H*IiW zTg}t6s$3^4ns2%1w9Uk4^(gM}^k*bN%|1L>aoXUE<2N01X5q3`P?)-fhW8t&Yi;fU z71UB`OF%c36dM|FXt*Uc!tT{%6GCO##*Wu5IQXb%Qiyhk9LN5!)2-t*-jYp4oIi$l S;)Rk46iItSta~Qat6B^$%c&Uv delta 1464 zcmV;p1xNbk3+4-uEPqr?a5GjlWaY zLo##>2Q8IHeQ8{^M3bCJ69m_AS(iNHE zvP`YcyxTZF@Ur%H5Qu`~q^+Lxt*JZZfJWK@+S+qAQbf%Yy4>5Jvj+}}Doz1ypV}Hr zKJDLgJzrz$CF;5N%XsUEOP)_UpIL`Vmn{>UFLX}UM;1cpQlO6J#bAV-ptab6bFj)l zU9n<+p`uYjGen}zd08l7%)SMX46PV@?+gOX1CNBGj(Pam4<7C6eHkbO5x1B{LR1)B z0?>5xZvtV7onE`7*dPE2v2CZNMNoEOr(f&~t@j-)DZw6VDZzM$+$Ti z3-_tvGbcD)Yv{d3C(7|S+v#HWsF$PR6qX=!lxw&6DeHib#<#Z7l4MTzJL9M}GQX~W zn2n$+z|{#YYcL(bwT%L%WT#@;y^3n_x>&XZ6aN0-uMlVw3p$*4A7d1qh$eE6>J!

YwE2Gg9(_mb%~s=$Y(U68fD;qrPQ=b2F;sC zvhuz3YI%tO7mr0s`z(>qI(;HiwMFfJ%UB0O3W}c%dYAN{5sT5G&oEnhWI5nr0IF*A zVFX*mb!;HBnr|S?&1$>;DjtxK9fHU=pZ6xUfS%M6RDe~LC+ezL|G;y?!lLW(OPL{L zdz4`-v!uYEy&Rkf0i|)-Q8EMVkF@{iG8Fu5V%YDeC7P45E-=d>x!q6o2nt%vtc z5{q`kK3B8i$9SigorfJzWkR~zMsOU9bm`&xCi$gC19f;?R>sRFIKN#Xf9-wh_yED?Vjvcl zOV=^85W7e)H%SObkMc9^3Q;U-dm-ig$fgUi!HB_g)Z%xka2pB8Y{KRY!w>ICudd}d zykj`@kJ>nT-5cx9e={bpL;||8$?a!h0@SspRJ#8P9(l1;XM9|4!@34Cf) zNLX>82JnvBhF(~x&P26n<|CF^oNU#CJ%N)zF5$!~cl{QS$Y&a8BUJb6=yVQQkj>yXDv8GY=`xEn7j z>)Ml^9Pq=+U@t7&oDoWA5R}{J{;UGEMqF;WE#9fV{1=e>>-B_dgR@+b0v19C`5vAv zMEuIFwhOoL)FHMwaQ diff --git a/secrets/consul.d/gossip.json.age b/secrets/consul.d/gossip.json.age index 1983204..b7f0ecd 100644 --- a/secrets/consul.d/gossip.json.age +++ b/secrets/consul.d/gossip.json.age @@ -1,9 +1,10 @@ age-encryption.org/v1 --> ssh-ed25519 GWuf0Q V6HZPuKmDsfaVVnJveBuLwLCndktAB7xudXvB9niGRg -hEKkg2Ltbt3Ie1Ci6VabOSjp/pZeandKlZl67kqZd9A --> ssh-ed25519 zhVGHw BwZzAbAXSX/frkhi5wFJzDaEWXOQaqNfdEC4EIZwBX0 -cbysAZi82rbqH2T+cipPPNgsnHn2aU/tQYMlmt8zpPE --> ssh-ed25519 kNjiNQ ijvaL5MqfKqzD5X9uOAx78PfsUNSJkQ+nhC/EGyG03Y -uq2HskFBaNjTiNeipz4H9eoHJ4KDz614DSMfW3rz9Yk ---- FWfT5xb1cTntOfVIjzbw1ZD6nFRfKunQL0k/0/xx+dQ -hqsam`vBxeZp}'d2$rϻ0qKE5Nʮ9R&(tuxX4ݏqgČzvkXn9B \ No newline at end of file +-> ssh-ed25519 GWuf0Q HU052z43DHXbPh4m0Cn8YWEabVMdT9Ab9ZvnRTkiGiM +jsGBcbgj1JeYBdvnRqKT310VnWqZmRYIE+LbkPVmDxs +-> ssh-ed25519 zhVGHw 1oy7y5z6KQy+JYRIPyqfeCgJUbGWdo77NiGnVRA0QRk +qNrRnats5cFFv8K3YUtUXdSwhWkgcBGTeDlhWTkrNRM +-> ssh-ed25519 kNjiNQ IWfsJxXu1Kg6Z5p1qNBopU0RkYt7/s6jw/DJDQXpTHc +ouzaIxV7Y+pE8t/8s4Vk/AO/MccUpgHGhn1cq6C+E08 +--- LL3bXyeMTogvYXqjhwL75j64P9bNIFG2pwFanjOYm2o +)>F=!vE`e*mOgJ+CT +w+tΫp[^8kRY_= 8xg! \ No newline at end of file diff --git a/secrets/consul.d/samfelag-server-thingvellir-key.pem.age b/secrets/consul.d/samfelag-server-thingvellir-key.pem.age index 3cd812fc782a9c12c54dbf060b3f13397e200c2b..cb10845b1237f4e281fcdad1793c1aafd54be1a4 100644 GIT binary patch delta 514 zcmV+d0{#7@1f&FzEPr-zX-qM5Q#nj&MOR35RCI4{VP-*fZ$d*gWH~}jW@mFZXEs+) zQBg!icM4HKR%by}YjRmNb1y|~Pf|!sGcZO)ZCW%@FfUeCbwWo-Q&>xJWq3w(RSGRW zAaiqQEoEdfH8n9gAZt!)X--ifL~c}4XE9A#Su03NaC%fVVSjp7QaNKxcWiMoFKlsa zMRRgja93$BQZ;UO3TS3>Z%j&RM>#`wHAq8FPIF5uc~xp_H)Uxxc2ZJAG+1JINK-X8 zNMce=3N0-yAT~oXN?|!KH$qHGW_Bw#aCmxcOH5T&PeL$EY-e_KRXIdyNlbTaMO1TD z3UL_6EBhkCvaarzdLMs646XxMf~I6 zLh!_FLB$64Ccdt2NuBkBk*Db0lF~MFet%(n!x`dDM@0SpL27Vw@9o*xUc=z(1X%8> zY3U1X9eODSVq~#Lx<$cC+Az|$u9;9m;pzjdVI%@D5ql9rmJ@gFqVw&F_^^}zN|CH8QilG+%Jf6(=B8Z7-rra zYI09`48^+lFA>OJ5vu5XC@vg9CRBicCaWKY_LwY+SCdp=0V6>AOw=GVZ{;JE&h7Qe EdoJ9~-2eap delta 514 zcmV+d0{#7@1f&FzEPrZLaY0OPS!ZxnVl!HJb53PfX=7q^L~TwnS$ASuc{zDbQC3=d zF>!BHX9`kMFiLu3WkO_gV^mN>S3+brF7EL~uxFQfqd3 zV|Yh&FEdweL~utq3TrtlZBtZiFiv+%D`_-nc}#auFE%$zS~gTeLUwgmb#P}(PiZnS zWN&Lp3N0-yAZRZ!Wj1VPMno`rMM^YNLvdO;Q)*RaGj?TJa(FRAb5&zuH*8F4Nmw&5 z3PG;wNk&5{=zr?(^#F$_Ux2vQ&a<>V&B0WSwGusIHYjck;JUmA=d~;E-9A@kfvAg_ zkAD%L^AuBWl<(@%$?XJ^ZQH!@3s=ab)3b^Vfhm(^e0#H>AXL6=)1Z?pS%cvI&=`!@ zIyoUz{i#P>ib)#xZK)_`jpQXq==gTAMtL<=YIJmVYfp1*D{CuQdU#ZGc6MYha8ECJOJ+woSa5N5OJjOhYYHts zAaiqQEoEdfH8n9gAZt!)X--ifIahLUPBCq3R9QuDXk;)hI5TBoWp6KcbXs9~G-OgsHBV1=b3#IA z3Oh^s+Rvqs;4)7@aXy0YS?`2r9fuU6Xfr_g#+ zK6%AD&o~i)wEU}0xsEq(BxF!rYBbqQ^)JP zit5hTuzx?;o}y3c+6&J|TsA;*a^y#zwoV>U>9r=y#S6mK{6X^7)mMcvTdsH1G459O zrd9){H;7RbCw25omJ)o9v>{^P6=hjI^Rt4{MY5sA0nL1;)V7>_e^_1lp2>np<+zx~ z=1X2wiU2wT}KNO)`?&;rvh9eAInU`;`P7)ee0b2k8+T869LH zhrnOUAi@asPRyU!-#1aue$&aIfO)_!4O*jOYrjQB-aallm6h;DWS?Tw7r*7ur+Pv+ z9)H9gU>=9DAM?_rWcTz}q6;jzCkO}*VV;gCkAZ$ZQ2T`W2|JBp<;hb2y-jzmH{ELz z!3j7AC%KAdXK?6z{k5|GS8%UN0E1d@_DbsJAxdx0MQU~Xwom7D%_+11(2srl)U1}l z+kk>A33bF*Aq$Hwx?Yp);9ro5gS9D<41Z?kAIeiAPW2OwfK>`%5S2sDe^y|cJY+zK z0_MhjC|Ge!v7la1Q&?c2_Gy4Burawsg3=%jfxI(oXb_wmuM>^>m9m4ERAATh=n-39lyBHdzo=@EUD57z zC@I1ZuPZ%NzK(eGu*ps5Z3rr%5Z#`svWeA@{{PvyU-t)G2qSV#%P45HR8&FgT0Y`7 zoFLeg%c`ekX)$vyF3B*@)l$Qx?{jKB4faYo$_+ohzhU5|ESP zTT|RBIG^7jTrbJ}#H;DPEKvA`jt^eZ>plIepbcA<^M(+p)=KQ(6``>RbbO}zIS^cx kUz?l5EHzY6f|BGAJ)L&>=#(ad30++S4D1ZY(Z!%LorTgGh$g}Syn=3P<1p^XGb(< zMsibkRSHp0R%1azXiaA}D>X}Jc{oF6P-b*6Z(1>SI7UZlXJ>6IMqxHEbyIe7RSGRW zAaiqQEoEdfH8n9gAZt!)X--ifZbL?QWKLLDVKHzqOK56MZhvk}P)jj1O*eNjdP7P< zcy4DaH+4cVMR`|E3Q=KLOl(XsXDew}aBg>FW^qe5bw*Ema&Rw2c2-YLFk(b#c{68B zHdr}#3N0-yAbDwMP-16kVMA9>GcrzkWlv6TFn4M*RCri#XlHU*D`8bcL3CMfaW`>I z3MT7j(G7)>X@9zAcZ6gVif%A@;RyZBZt2FxOsKh@ihaW>vD!X@UVH$w$~n*jq8OfgxY`Qu84UH5=+UZ1%P!`%CdJk`q`Mk4 z?X6twl}Ws7Q!uJ>nn;lm-Qbtg5muPv;KknH#D98Mbc|0CChLSDkbED_tbm#=e^>Wz z6yV)JEg2I*;t0Qv5-_m@#zi@C`9RSYZ~^mKd{@VlY_pY!#Y0R2C6SiWt0V?iw|#?@+(l=eZLnmOT19N9|Yztj8}xYyjDuS$NJNwhzLK zFMrPn2w1&Whe2F%yB^>?xAvXQX^!^EnQFs~=Uo<%W8QFX>0TQRy5nXb%pbi1rN(U) zn+%|4`I~S#U4Ol(%UQj0|7+^#M4D{-+JEKaL522}RrrPh8!BgDQEizEu+31jBBlE= zU^dL~i^h5mPav|jwq0<&LAZ{KXCvl*ZaI9-X%{MB#DrPYOeFs}njN8wDNQUvA4RB~ zK|jcWzTNOwh!My;zuml)v4LOc^eq75o8=mGk76t%=P?Z-t1r#&tBwlHQ=QzgLWOtIBCa! z$HRoL(b3HMz!0M*vA{|D9^!OAu3C=?;X?A=(XWB){A7>wq2olABBC|A39KLY-HjW} zm4&ts;hfvb-IZH|fd^{~UvSF6S|U*|i8BAsO>-=;n3IJy*PUjP6A diff --git a/secrets/nomad.d/consul-token-client.json.age b/secrets/nomad.d/consul-token-client.json.age index d6a24b6deb4b56a7ef286533dc928ba0692d15f8..8795ea42ced3f981c7259bfacb3735028a454dab 100644 GIT binary patch delta 451 zcmV;!0X+Ws1Nj4xEPp~uHES_AOmIwQYIiG5Hb`k!M0qPgdUnuAR%>ZZbxmnVL`pJHHZXZsX;CwCNqBgA zYBWJ-k?|LQVQ(}@b5l5FYEnc@Pen*pQ%@^*ST=M|H#tUnY+Z&L`_gsFjP@dZ);TwEiEk|V>NCs zFivh{RAX{ASXgQ@T4-@AHDh6CM@~v(F>hvBGhtJ5YB?}8NpC_)3JPx{ZUoEp-ba3m z#d`%%f^q?(yPZ8_fFTgu4cSqD#MI;Z2e9B&p`Q2HPFjw-WWzI?KvxM?X+Tt19FrH= t=5Rm8EAZOe<}*zHY{hsvI>+J-F_rzlW>?D38B6CRekxo&ZLRCvu0!`_r6>RZ delta 451 zcmWN_J&V&|003a6>X7+R5Qh#f62m3wC6_E7ZJO_-*CcP7a0=ozrAgCXKHes2vQ(U0 zgw{bkb@V`gfFO9dI5;Q{hjel~ox}qX#pS6I7$dILC5?wsFxpO|tZboev-LmQq#r$@aH5p1>ex}ua<$2>G_s)@!nYSGhaye+7;Ok!!7j-kQTjUg*Y6G@APsnA2B z31v_jnUn3khP=aQct61 zj$jy84R%br&rD>^tAp{ah&GkIEDJ$h59BtNr(R;GNh4i{9e0CAZl1-%rFXdXkUQuV zuV>Gf&S9T=aPhceea*S>#ToHa1@7J`!2IXm6DB=>w14~b+R2?$_kS ssh-ed25519 GWuf0Q 4t1WD76CN3hhc3073abxAsobKWKDX+yemaIxHy8PiDk -9O2cAi7MJVqGiTNnOIez4MACEYMB3/YyLSz4Z4YWe2c --> ssh-ed25519 kNjiNQ WaXpqZbqRuLo9q241VclrLfHOQ94VRB8D0RY2es8KBM -P6iayA+emjHOEg59EzXU32RCRKZaGS0j7d3wk4Is6tQ ---- QsnjyrQe2d1K59Q/i3/NIXaK87rsDf4neQS5sKJ6yeY -&8"ڨ?4 ? -$!Yju*8cDC!" |hV9N>lvDH1V2 XCA'!-kрBˡ \ No newline at end of file +-> ssh-ed25519 GWuf0Q GSvUmcsNXSkoVOD8V/UP+KAGfKX4REahFDmwlROkoSw +ruTijdplgtQZP3wjnNGemh3a0omKK95xsfXzkWce0lM +-> ssh-ed25519 kNjiNQ zT/ticPDHAujEWqSUrPaGsgPBdbaLvLQ/RSMz5C0aW8 +JTy+b/N6yjfPtrhYXkFWb26PGa+b/M1DVKeGsW2oimg +--- TKdmCeaBKPBBIkKvUqqqQz9DQigRuLRT2ZFto7Jtqr0 +W3Lj䯕'HgRs;wۑցt{E"v17%&({˝E.3SzNcVҷlˆfWu5d2  \ No newline at end of file diff --git a/secrets/secrets.nix b/secrets/secrets.nix index 3d65e62..fe0de82 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -2,12 +2,14 @@ let id-reykjavik = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFwwpKfxNmUyBoPZqz1jYc6arCdHPvJrEsBN49m/P3By"; id-hvannadal = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICy1ocZywBvFHpIj+FvaC7QspRWuLXjy6fwakq9t+0Ev"; id-thingvellir = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEIvWEwYayFK8iRb4g2+cnQXlqiMBu3aWxTahXkaCNG7"; + id-quinto = " ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINxgIT2+aoP+ZLMPupV8M0UwCLX6A3s+H6z3BJPCjJc0"; # --- Host lists --- # Since we want to be able to manage/edit all secrets from reykjavik, we create helper lists that # always contain reykjavik reykjavik = [id-reykjavik]; thingvellir = [id-reykjavik id-thingvellir]; + quinto = [id-reykjavik id-quinto]; samfelag-hosts = [ id-reykjavik diff --git a/secrets/ssh-keys/deploy_keys.sh b/secrets/ssh-keys/deploy_keys.sh new file mode 100755 index 0000000..f9fa3e0 --- /dev/null +++ b/secrets/ssh-keys/deploy_keys.sh @@ -0,0 +1,22 @@ +#!/usr/bin/env bash + +set -e + +read -p "Hostname: " HOSTNAME +read -p "IP (leave empty tu use hostname): " HOSTIP +if [ -z "${HOSTIP}" ]; then + HOSTIP=$HOSTNAME + echo "Using $HOSTIP" +fi +read -p "Username: " USERNAME + +PRIVATE_KEY="id_$HOSTNAME" +PUBLIC_KEY="id_$HOSTNAME.pub" + +echo "Deploying private key ($PRIVATE_KEY) to ($USERNAME@$HOSTIP) ..." +scp $PRIVATE_KEY $USERNAME@$HOSTIP:.ssh/$PRIVATE_KEY + +echo "Deploying public key ($PUBLIC_KEY) to ($USERNAME@$HOSTIP) ..." +scp $PUBLIC_KEY $USERNAME@$HOSTIP:.ssh/$PUBLIC_KEY + +echo "Done" diff --git a/secrets/ssh-keys/id_quinto.gpg b/secrets/ssh-keys/id_quinto.gpg new file mode 100644 index 0000000000000000000000000000000000000000..3d667075fd94ba3c6c6b2eb1fb7b4400b6243c48 GIT binary patch literal 455 zcmV;&0XY7IUIRi%8(({=gohFV2S6oc)!b=@fDnJWU4ts0c};!*y63mZD4J~Y zAz*=FWS;H)=dW9}zVuISCT=(^VAQ=2s=&*$@ng{P;*0P*p(Dx@4W8O8n@F|ty8g#G zaD@4u^Z{C4CB6cgIC~ytUzj$XbPl|MUa5P?*db-BcX%efnBiphtu;o3)8GWVP*`te xSu$@w%QyhcRVDA4b0fJVL5=iqHCEssq%-41m$lIPpoV70Jr|_La)P#d__Us?;oJZK literal 0 HcmV?d00001 diff --git a/secrets/ssh-keys/id_quinto.pub b/secrets/ssh-keys/id_quinto.pub new file mode 100644 index 0000000..53d3989 --- /dev/null +++ b/secrets/ssh-keys/id_quinto.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINxgIT2+aoP+ZLMPupV8M0UwCLX6A3s+H6z3BJPCjJc0 marc@reykjavik