From f4cd66b8d97f039eb6393e4e0be0023c2c919175 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jakub=20Krop=C3=A1=C4=8Dek?= Date: Fri, 10 Jan 2025 23:23:20 +0100 Subject: [PATCH] preparing k3s bootstrapping --- nixosModules/services/k3s/default.nix | 2 +- secrets/k3stoken.age | 7 +++++++ secrets/keys.json | 6 +++++- secrets/secrets.nix | 1 + 4 files changed, 14 insertions(+), 2 deletions(-) create mode 100644 secrets/k3stoken.age diff --git a/nixosModules/services/k3s/default.nix b/nixosModules/services/k3s/default.nix index ff242bf..258f16b 100644 --- a/nixosModules/services/k3s/default.nix +++ b/nixosModules/services/k3s/default.nix @@ -29,7 +29,7 @@ in } ]; - age.secrets.k3stoken.file = ../../secrets/k3stoken.age; + age.secrets.k3stoken.file = ../../../secrets/k3stoken.age; services.k3s = { enable = true; diff --git a/secrets/k3stoken.age b/secrets/k3stoken.age new file mode 100644 index 0000000..c7da7fc --- /dev/null +++ b/secrets/k3stoken.age @@ -0,0 +1,7 @@ +age-encryption.org/v1 +-> ssh-ed25519 5k28aQ wUKJk8gcxcCqbdXsfuod3dvEtj+pXRe8rLYVv/uyND4 +aHOXSUwP5+AJZ5etU+dj9ssVNQNcDuXSpq+wvIYsoyE +-> ssh-ed25519 MhDGlw Ln5f8TTQFDlp+KGQpRRPNgn/+fzoY7Bnl7FlDg5ZSSs +uJbxZFjjcSxhIPHvregG1tD8BKKfHHMlvfZ6itDIppY +--- MGApTU7O6xSlpanV9LC22ZX2u7bwULpBMaTLg01SO/0 +Y J#ž6/ 6 wTF fԶ xם5^ \ No newline at end of file diff --git a/secrets/keys.json b/secrets/keys.json index 53e6e45..2f613a1 100644 --- a/secrets/keys.json +++ b/secrets/keys.json @@ -11,6 +11,10 @@ "hosts:wenar-nix", "hosts:lenar", "servers:test-server" + ], + "k3stoken.age": [ + "hosts:wenar-nix", + "hosts:lenar" ] } -} \ No newline at end of file +} diff --git a/secrets/secrets.nix b/secrets/secrets.nix index ba08120..fdb4274 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -9,4 +9,5 @@ let in { "mypassword.age".publicKeys = getKeys "mypassword.age"; + "k3stoken.age".publicKeys = getKeys "k3stoken.age"; }