From b3e83605db9b8c6fbd2db14be80ff2716431ecfa Mon Sep 17 00:00:00 2001 From: Christine Elisabeth Koppel Date: Sat, 7 Feb 2026 23:33:00 +0100 Subject: [PATCH] Ooops, fubbled the age key gen issue. --- .../modules/secrets-config/sops-database.nix | 2 +- nix-system-configs/secrets/database/gcloud_bucket.json | 7 ++++++- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/nix-system-configs/modules/secrets-config/sops-database.nix b/nix-system-configs/modules/secrets-config/sops-database.nix index 543e0dd..f823287 100644 --- a/nix-system-configs/modules/secrets-config/sops-database.nix +++ b/nix-system-configs/modules/secrets-config/sops-database.nix @@ -20,7 +20,7 @@ # sops.defaultSopsFile = "/root/.sops/secrets/example.yaml"; sops.defaultSopsFile = ../../secrets/songsheet/secrets.yaml; # This will automatically import SSH keys as age keys - sops.age.sshKeyPaths = ["/home/database/.ssh/id_ed25519.pub"]; + sops.age.sshKeyPaths = ["/home/nixosdd/.ssh/id_ed25519.pub"]; # This is using an age key that is expected to already be in the filesystem sops.age.keyFile = "/var/lib/sops-nix/key.txt"; # This will generate a new key if the key specified above does not exist diff --git a/nix-system-configs/secrets/database/gcloud_bucket.json b/nix-system-configs/secrets/database/gcloud_bucket.json index de631df..e89245c 100644 --- a/nix-system-configs/secrets/database/gcloud_bucket.json +++ b/nix-system-configs/secrets/database/gcloud_bucket.json @@ -4,11 +4,16 @@ "age": [ { "recipient": "age1746rvsvsc3snxfl7cndm222wd5kck4aqj3x7nednlegq0gdjhfcqx0qv7m", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0ZHlvRko1ZGQyZmFscnlP\nNHZHYUREa3hBMUN5dTRYamZpdWdvZXo4ZUJrCmtzdnpPTXc1QnArVkxrV1hGd29Z\nckdrL1ZMVDA4TlJ5eGdJbk01KzJmMk0KLS0tIHZjbFgxbHpVYXhkL0F6cHVnQmZG\nckpBVm02WXRsYlNKaWkzSkV5NnNYcEUKTAoD9iAyLUr/v4OWiltiTzzJ+Rmx4zyf\neMEvirNzqac9pUcDE+ilP07EGB/hceou7eSQdw4hM+ow1ezQ4uRmxA==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRL0E3QnNZOCt3RHdjTzBw\nM0tuSW1JQXNzVm4wZWtaNXZnSHJYdENUTGdnCmh6UnNTSWZqSkJrOTIzMmFHWElJ\nb0o2WGRLeEZjVzlCNURVZ1Z0eDl3eWsKLS0tIHNwQUEzUXIwSmRGMTRsSU1qbUNP\ndUdWOXYzU2tHa1IveUFFSG1OTHRiRGMKc1rmeYCy0zSxiOvPd9JwUduRbdjlUs7K\nAsTkw75P9UEitnMPrZziLtkxJGl9dochdB6y5/Eh4eJg7K9zeIr9Ug==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1k9ddvzypz986a7dt403ja6evql2agz0gehll79mx64zceteya38smxph8m", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVM1plZUhQUXdMTUMwZDNl\ndWM2OHV2RVRTS2hncjhjd0o4S1g5ZWNucWdVCm1PUG9kcHNXUFY3V2pJZndXZkdw\nUkhyNHdja0ZUSDU5aEgxeFhFR2VFTWcKLS0tIGl4UXp3bTJZWk1ZckJtK0M3RUFS\ncDlhV2NDSUsvVzJxYUhjT3JKUk55MkEKD13e9L1Xlh7q/a+sX4nCjlYfOpnnwodD\nMO2tDPt5odap7w9fra27BdEdBQiTdZxQXmE+7r85GEN8isk6xeqS/w==\n-----END AGE ENCRYPTED FILE-----\n" } ], "lastmodified": "2026-02-07T22:27:15Z", "mac": "ENC[AES256_GCM,data:51vWvevuX1A2mYC6HBRmL+qgJ0Bbvi1XEfl4km/LUGzOj2weSPvV+r/UJsIOVdkOr04On0YD58JXGDQMTWyV6FaaRdng7MgM4ffg5mnLLv3sPtqwaJJNT+7pqDfVc43qixbCHL+89nq2IPBrqNwVhHxm/WlE27K+7GA+JMtKmiQ=,iv:cseRzqtJgjVkNqdZplpmIaexfmOkKm0kieE1J2KSfLw=,tag:mhKzS0NNguygaHL4jdIpmg==,type:str]", + "unencrypted_suffix": "_unencrypted", "version": "3.11.0" } }