Added deployment key to root account

2025-05-30 15:11:22 +02:00 · 2025-05-30 15:11:22 +02:00 · 1bc34518e1
commit 1bc34518e1
parent f1dcb8c72b
3 changed files with 10 additions and 8 deletions
--- a/modules/home/utilities/secrets.nix
+++ b/modules/home/utilities/secrets.nix
@ -34,6 +34,6 @@ in
    sops.defaultSopsFile = cfg.defaultFile;
    sops.age.sshKeyPaths = [ "${config.home.homeDirectory}/.config/sops/sops_ed25519_key" ];
    sops.secrets = cfg.secrets;
-    modules.impermanence.directories = [ ".config/" ];
+    modules.impermanence.directories = [ ".config/sops" ];
  };
 }
--- a/profiles/nixos/base.nix
+++ b/profiles/nixos/base.nix
@ -22,6 +22,15 @@ in
      impermanence.directories = [
        "/var/lib/nixos"
      ];
+
+      secrets = {
+        enable = true;
+        secrets = {
+          "ssh-keys/deploy-priv" = {
+            path = "/root/.ssh/id_ed25519";
+          };
+        };
+      };
    };

    # Localization
--- a/profiles/nixos/vm.nix
+++ b/profiles/nixos/vm.nix
@ -29,13 +29,6 @@ in
          zfs rollback -r tank/root@blank
        '';
      };
-      secrets = {
-        enable = true;
-        secrets = {
-          "ssh-keys/deploy/private-key" = { };
-          "ssh-keys/deploy/public-key" = { };
-        };
-      };
      ssh.enable = true;
    };