diff --git a/modules/users/default.nix b/modules/users/default.nix index ff31b37f..df0728ad 100644 --- a/modules/users/default.nix +++ b/modules/users/default.nix @@ -36,8 +36,12 @@ inputs: hashedPassword = "$y$j9T$xJwVBoGENJEDSesJ0LfkU1$VEExaw7UZtFyB4VY1yirJvl7qS7oiF49KbEBrV0.hhC"; openssh.authorizedKeys.keys = [ - ("sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIPLByi05vCA95EfpgrCIXzkuyUWsyh" - + "+Vso8FsUNFwPXFAAAABHNzaDo= chn@chn.moe") + (builtins.concatStringsSep "" + [ + "sk-ssh-ed25519@openssh.com " + "AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIPLByi05vCA95EfpgrCIXzkuyUWsyh+Vso8FsUNFwPXFAAAABHNzaDo= " + "chn@chn.moe" + ]) ]; }; home-manager.users.chn.programs = @@ -126,6 +130,7 @@ inputs: [ "groupshare" ] (builtins.attrNames inputs.config.users.groups); passwordFile = inputs.config.sops.secrets."users/xll".path; + openssh.authorizedKeys.keys = [ (builtins.readFile ./xll_id_rsa.pub) ]; shell = inputs.pkgs.zsh; autoSubUidGidRange = true; }; diff --git a/modules/users/xll_id_rsa.pub b/modules/users/xll_id_rsa.pub new file mode 100644 index 00000000..555e2194 --- /dev/null +++ b/modules/users/xll_id_rsa.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDJ/jzUQ6QuAjnAryvpWk7TReS6pnHxhEXY9RonojKkurhfYSQO/IlxDMDq23TFXcgu8iZG4cS6MADgx/KNZD/MjuN9YNCIEGvMwzWvB0oM25BC6Vf3iKDmhH06rZKH6/g5GN+HWoCN4yE/+MhIpegFO3+YMpveXwEESlyoIjPvcW+RwmlNJevrHd83ETYDQ4AybWyJo6en5tz2ngr22HaK4MtxgrqnIN/KorY+nrzTNa7VBC7BaZc1tA5FLwUeCXtuzp2ibfrxoGUAiDig4FW09ijCk3Y77y7aNVI2nw5y28nCV5rgVMh5fejtNVqIqku7p+8qgjxvY6veATG0lYgZgw2ldnDGDNbEGxcCnKKmCgZMxok8zTRsniZ91KuHkcl2L7xUo7kdQYzBRwZyQ53eW+yPoqUya4yn272rscBEUMyZzmegfr1SXMqw/8zn+MZdr1KXEvrbfjX+2QL52GY3bfYUf3KFje+Sp88k688bRH0vrxj9BCOS7ovbyfe9BEU= xll@chn-PC diff --git a/secrets/nas.yaml b/secrets/nas.yaml index 5cba4d92..f1eb973b 100644 --- a/secrets/nas.yaml +++ b/secrets/nas.yaml @@ -5,7 +5,7 @@ nebula: acme: cloudflare.ini: ENC[AES256_GCM,data:/LpP1qoVS+CG+5ska6vtmagHNrhcgr5e1QRzDdbdCYGnDB8Nca/GmIogzHCXsogQY/rwGTCZoXLKKEGToYiThwk=,iv:R++I0ued2wrVsmM/vYvBVMOp9M7HyZIfDOVOlg7GALE=,tag:gYchPuh8MHk3EEnGb9g4WA==,type:str] users: - xll: ENC[AES256_GCM,data:enJRRLbRhK0ypMuYrdArfOZvKjNZxVEX3QgWBHU2Q9RfDq+3TftWYBmPf5zG2dAaChQW2fNXEjCRNautpjfoMBUBEpA/+I/x7g==,iv:RKTOoD0ToTJWOccrrGfDrOZDtV+gM62y1Ed+HByvawU=,tag:IXOwGGj1osatSOyGlfCIag==,type:str] + xll: ENC[AES256_GCM,data:XLSsz6fZ23PPaJS1Y5C3FAOks3wzb2f+Pv8TgyKrDBfMeoLk1M37A00OGJ2wsYxkuR0JV6Uoh+hhRpTUjOQnmLfQrBxPxxP8DA==,iv:jxEZX/flxxduM1sdrYfGHfMtFMYduMg0Lr6hY1pkAPg=,tag:CYy0y1e2S2Txz1OSh+XDHA==,type:str] sops: kms: [] gcp_kms: [] @@ -30,8 +30,8 @@ sops: by9Rd0U0bzNiK21BQTNxN1RuQ09DQVkKJmSlzV5ppEkZFljsS17ZWmoI++fz4tJh kTdoAStG1zsKASHyZTsmdm3RBDO3qV1KhQC2gC7d4EiwNZngxOOZJg== -----END AGE ENCRYPTED FILE----- - lastmodified: "2023-09-12T14:38:06Z" - mac: ENC[AES256_GCM,data:XxSmAUnOH/PSF2WmsPQWBtG0rEQ7Y1cqLjZOINsxR8w31z5QI5AkAvabvn39pLxglODscaTs5m0729AnfzPRwe2gjvfXPG2qQzvb+KtcMsJQDoLF7tq8g8blfDL4ao4bU6j1UADQummVw9FLTLf11wfw4lSZvC0pfc6lFaVu1ao=,iv:q/jc747W/Z+z1hjLJvGBWG3r7GPZeFc/SRBxOVLNToE=,tag:6fKLwxpHB5BfnpeLxYOAPA==,type:str] + lastmodified: "2023-09-14T10:45:21Z" + mac: ENC[AES256_GCM,data:oF27pSXztN1CaqVPjwP1Wx3rlWCxbu9/1/H/UUvoVNqWWipcZ1ar7D7lycuG+Y1Ntvad906ATaB7dl4I9gtQvSuw8aeRKczhK/b8yFXmWyVUECu71bQWijuHR+JnZnkTHkK/k0fWQ+P/87rCa3LL6BPQUZmETz/GKN571byyTgo=,iv:8UdUo+gNP3OdVbXSeoKGt/mjyVNL7lpkhfEmM/Zt3KE=,tag:GmjIkjFbcpOFPNlSoLbT6g==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.7.3