ecoppens/infrastructure
1
0
Fork 0
forked from DGNum/infrastructure
Code Pull requests Activity

feat(infra): Internalize nix-lib, and make keys management simpler

Browse source
This commit is contained in:
Tom Hubrecht 2024-10-09 17:04:30 +02:00 committed by thubrecht
parent 53c865a335
commit 6c4099d369
45 changed files with 762 additions and 182 deletions
Download patch file Download diff file Expand all files Collapse all files

10
README.md
View file

@ -34,7 +34,7 @@ The second step is to find a name for this host, it must be unique from the othe
## Download the keys
The public SSH keys of `host02` have to be saved to `keys/machines/host02.keys`, preferably only the `ssh-ed25519` one.
The public SSH keys of `host02` have to be saved to `keys`, preferably only the `ssh-ed25519` one.
It can be retreived with :
@ -91,11 +91,9 @@ The general metadata is declared in `meta/nodes.nix`, the main values to declare
Create the directory `secrets` in the configuration folder, and add a `secrets.nix` file containing :
```nix
let
lib = import ../../../lib { };
in
lib.setDefault { publicKeys = lib.getNodeKeys "host02"; } [ ]
(import ../../../keys).mkSecrets [ "host02" ] [
# List of secrets for host02
]
```
This will be used for future secret management.