Structured documentation

2024-02-10 20:26:01 +01:00
parent d0f78cc24f
commit fa12502c6e
4 changed files with 229 additions and 174 deletions
--- a/docs/hosts.org
+++ b/docs/hosts.org
@@ -0,0 +1,35 @@
+#+title: Hosts
+* [[file:../hosts/reykjavik/README.org][Reykjavik]]
+* [[file:../hosts/kopavogur/README.org][Kopavogur]]
+* <<new_host>> Setting up a new host
+** Generate a host ssh key pair
+Generate the key pair (we'll use the name `id_<host>`)
+#+BEGIN_SRC bash
+ssh-keygen -f id_<host>
+#+END_SRC
+Encrypt the private key if you want to put it in the repo:
+#+begin_src bash
+gpg -r marc@sastre.cat -e id_<host>
+#+end_src
+You can decrypt it later with:
+#+begin_src bash
+gpg -d id_<host>.gpg > id_<host>
+#+end_src
+** Add the public key to secrets.nix
+In the [[file:../secrets/secrets.nix][agenix secrets file]] add the public key, and give access to the necessary secrets.
+** SSH public key authentication
+Setting up authentication from localhost (client) to remotehost (server). On localhost run:
+#+BEGIN_SRC bash
+ssh-keygen -f ~/.ssh/remotehost
+ssh-copy-id -i ~/.ssh/remotehost remotehost-or-ip
+#+END_SRC
+We may want to edit the ssh config file to use this ssh key when connection to remotehost:
+#+BEGIN_SRC
+Host remotehost
+  # HostName 192.168.1.105
+  # Port 22
+  # User user
+
+  IdentitiesOnly yes
+  IdentityFile ~/.ssh/remotehost
+#+END_SRC