mirror of
https://github.com/Superredstone/nixos.git
synced 2026-03-07 20:28:08 +01:00
Secrets
Add a new machine
- Obtain an age identity
nix run nixpkgs#ssh-to-age -- \
-private-key \
-i $HOME/.ssh/id_ed25519 \
-o $HOME/.config/sops/age/keys.txt
- Obtain age recipient for the machine
cat /etc/ssh/ssh_host_ed25519_key.pub | nix run nixpkgs#ssh-to-age | wl-copy
- Paste obtained key into
.sops.yaml - Re-encrypt old files
sops updatekeys secrets/default.sops.yaml