more ssh secrets

hosts/_common/ragenix.nix

@@ -39,6 +39,14 @@ in
           file = /${settings.secretsDir}/nix2h002.age;
           owner = settings.user.username;
         };
+        nix2joe = {
+          file = /${settings.secretsDir}/nix2joe.age;
+          owner = settings.user.username;
+        };
+        nix2gpdPocket3 = {
+          file = /${settings.secretsDir}/nix2gpdPocket3.age;
+          owner = settings.user.username;
+        };
         nix2t = {
           file = /${settings.secretsDir}/nix2t.age;
           owner = settings.user.username;

secrets/nix2gpdPocket3.age

@@ -0,0 +1,32 @@
+-----BEGIN AGE ENCRYPTED FILE-----
+YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBXSngw
+MlBYbUFrUlBiWGxtandtRTU2WjZSNzNkcVFRU05GNzNad2FHTnpvCmJ6VFlPUlVl
+akNVcVl1WXZxdDNxM0x5T1UzMXFtZG5rcXlZeTh4UTF2VEUKLT4gc3NoLWVkMjU1
+MTkgSmh2TCtRIG1pd0RHVmNwSWRtTzIwQzcyMDFLTWEwUUtHNmtwTnUrVElKQlFL
+RGxxbGcKT0xpQnlnODRmNit3MFRyYkV5OEllTXdTbm5LREdtaG9OQTBFT0ZEbXo2
+OAotPiBzc2gtZWQyNTUxOSBTcENqQlEgVEhVOTB3SE90VVpxcWk1RVNpL2RaWVN0
+QVB3dXc2QjhIa3BJRHl0ZGVCVQp1cTRuQjEvSTlHZi84c2hPK3JuU0ZaQ2FxZCtU
+L0NJb1J5aisrOUFTc1hjCi0+IHNzaC1lZDI1NTE5IEJZS0crdyBJczVTTkovMk5O
+aTdsaHp3YmwxTVNad0xWdjhycnBlWEhkQWtOMytzUEJBCmhReHpCVmZOSk9heEVh
+TU05enZQZGxDNXR2QWRRYklFYURYSE5pWlkyT28KLT4gc3NoLWVkMjU1MTkgWHpm
+bWFRIDNYYmw1S2s3cmlxbEhnd1VqZlR0WCs2SVI4a0lxbFNOLzU3cjVuVk8yM2sK
+WGdMN2U5NmJSeVBRdlg0OHdyLzlYU0FENnIzQlEzL0ZlMDVXZWxpZDNLQQotPiBz
+c2gtZWQyNTUxOSBSNSt4ZncgUGVIQ3BGdStMdHkzRjlnell1SnIrMTR5THU2azhI
+V2FwelhMMk9tTzh4UQpUMW1JMTBMTGFaUXcvN0xXN1BsYkFRRGZGWjVTTU9KVlJN
+RVg5V0szbWpNCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSBaYzFGVm8xa1lqSHlneXEw
+V1kvS3VkcDdReEVjc2EzU0FtdVlibFlCeXhVCldwSytjcFRMVHpyOHVoWlNITGdG
+Zkh0Nzl4VG9KY0NpeGt5enVaR1I1Tk0KLT4gelQ/KC1ncmVhc2UgN08gPWwKc2I5
+RzJwWjUwYWorT2kxeXI0UGhhd2V0Nkp1dmQyWDVlbHVEN3lJdmQ5VkNBZFppcnhR
+cklYWXpJdEdLY3I1bAo3WVpMNWd2dytVaWY2U25KeWZJY3k3WjlzdVpPNTVFWm1Y
+aWtkc21KZTFzMzFnCi0tLSBYOUtFekRHaVlWaDZKNmsrWXZTenIycjBhSDdoSHhs
+TzNvT2FGNlorK3dnCuJFaPMf50Fe1jLwdyMwk8C6FZ1ANB0yJmbGKqcZ9chbhfQA
+L+A43cdIBIo2wiisCzfskAfmHJmYFrY5nJw7S6A8YsI9I2cFax4qmHRlBtggqwpM
+2q7wgE3C5h9KQR57QkPHDA9KF3iVZv/d1LvaP2Z1lK/BUd422RmC2N9B95LLZ4Wd
+qCfkTJoOoEDEuEFMhqOqJG6kUCzNYpdO784wWTZz+0REXjoXRLq2SuYXB8i0beFg
+Flp9gTEnAAKqfego+1639wVnjtlGPj6AvjCOr5Db3U2m1SZf9wpuxdOqCnCq7JT/
+JW+k6UZOtxEQMXdME9knhOdQ6EIKnyPgqU0NPYVv6GFRDKwoGgYA8LG/1hJrdLlm
+U/ZJlJfWXle81100HFjj/xyHNxFP2okgwgYCDRSuo4qaDn/MoO3eVgqU/yHC5jT1
+ZJpnYB2s8m5Nx0xdS5LDJ6MbDucX80m7ThVn/G7tyEBM4RwON0+Sgpwa3YS57iU/
+mgDzKen93wTYcV7oN1/C1N3M8venmwQfy3dTFHeBZbvRPxa0E7ZvcwMk92F/kzwo
+cd/ftl+GEfMp/QfAQXXrhAzPSajYrtVd
+-----END AGE ENCRYPTED FILE-----

secrets/nix2joe.age

@@ -0,0 +1,32 @@
+-----BEGIN AGE ENCRYPTED FILE-----
+YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBOQUxm
+NWdoVXRmNnFnU1NHdHZFS0VMMk1UKzJhTjRyQmhXUlFETnNzcWxZClBId1poL2o4
+bVNXTk9lSk5Zc0lJZFhZZmlCdDNhb0VWdVhkUjZ1QzFBREkKLT4gc3NoLWVkMjU1
+MTkgSmh2TCtRIHpFa1pNdWQyUHljamNranZQMzFlNHBDY1pVUDNBY2Fma0hRVXJo
+bHVZRVUKVGFvTzBpazUwbHBZVUhkOGJiVkNLRjA1MUxZam1YSFFhSHcrOUJsbmo4
+bwotPiBzc2gtZWQyNTUxOSBTcENqQlEgWjJvZVhBbEFPWXNHUTlldTcxbU1lR09n
+a0FVdlA4K2lYOVhZNkQ0dUJGbwp3cFNWNUhOTTFadU1XRlJETSt1KzdsdTRrTElj
+c3ZqM3JGUGlqY2Z2ZUdFCi0+IHNzaC1lZDI1NTE5IEJZS0crdyB2Q0tPdFVVaGZV
+WVgwcGpQcmRSMnkzTUpRU244REExa0FJS2s0UEd0VkYwCkUxVEdTRGpSSVlRRitz
+QnpaWnpvMy9VeE1saHlUc0dVc0hSbllGdjNvNHMKLT4gc3NoLWVkMjU1MTkgWHpm
+bWFRIGZIU0EwY3FJTFJMZENGc0E3c2JYUzE2VnM4WWc3cEFlUk1SbjdIa2V5UUkK
+ZkRaRXNESlRabkk4WW05dDh0ZkFJaVlyeUt0eGlEV2NNN1d6aCsrbzFMSQotPiBz
+c2gtZWQyNTUxOSBSNSt4ZncgT2FlTDROUmRTRTFTajVXa0lmclVHV2crelFrZkpv
+NDA0VlIvYzRDSG9GVQpCc3JxaWRsK2N4dDJvMGdvL0lOcERRYW5WTkd4SUwwbGdZ
+ck83N1d6dHVnCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSBsaEVrc3cwd2U0NmZrc3pz
+MFhqTUlEejF6ZTlmaTdVRzFlaFlzV3ZPQWtnCnkvUmEvNHlPdnlGUHZKTlFmVzZq
+ZDlZQWsxUTBzOFlEVVlsbHFhMjZmWDQKLT4gKyFjN0E2LWdyZWFzZSBDPiApbEEg
+JE8KTTA2L2lBdUQrM2M5VlVibTRNK0RsRHVuMXBRc21ZREovZ3lEV0FiOVBZYnBn
+Ty8rTm1zdVQxd254ekFYNjQ1dQp4SHo0TEN4WXlnejNWRi9JbWczRUZMQ0wrL0x5
+V29NeC9xbTArL2VGCi0tLSB0eVBIZnltbVFGV2h6VVNUNG02cFVtV0U3ZytnUE8y
+OUlEd2Z5b1lPQTNBCmqVNCWUsekJ4zv9Hao6Hjr+ITZa4LVqakugY5RiA0OsBlZE
+lRweAIO/+gehHMc2VHmDNC1AzJafPZTWqP92HvZ8e6RQcrH0uka+iMaC048uptXS
+/L3hUcXMj3rl4WPZB2NdCz8rg4AEUeydw6PZQvbq/YbYLX2tzritFcNkDwJ15tg7
+f+q4+YZatsxHssJWHbeWOgWysegUbneGR63AKn9vxAFCBtsmDfLjmZZliPgshLhS
+s3vKIWLgguRqZffME9le/CriucRH6iv5xkUM8/EXPsSvfLwcI+7tM0dCVvDnKsgL
+ohx7785qv4BJewAOuYC4VxctDL9njuoPH48ndLjlCB/PZO8+YxYTRhN8oV8592Zt
+T6HlCyNUCmtTCTAmNuj1jqYdxByyjnaoplTpe4pE/XL4HH8QM24bAAYCic8N96gu
+2HHGI74kODcWMst2i/2i7WOd0VxOGsphgKqqtF6im7muV8je7zfw/74nstdfXGaG
+to0mkayMsJm6R594zLY5z4K+1bnKEc1AHK3p7+qMqVe99lpmy9GMnCP1ao4RP0VY
+sLNii4ELpcuhqFlR
+-----END AGE ENCRYPTED FILE-----

secrets/secrets.nix

@@ -36,6 +36,12 @@ in
   "nix2h002.age" = {
     inherit publicKeys;
   };
+  "nix2joe.age" = {
+    inherit publicKeys;
+  };
+  "nix2gpdPocket3.age" = {
+    inherit publicKeys;
+  };
   "nix2t.age" = {
     inherit publicKeys;
   };

users/_common/home_manager/ssh.nix

@@ -21,6 +21,16 @@
         hostname = "10.20.40.12";
         user = "luser";
       };
+      "joe" = {
+        identityFile = age.secrets.nix2joe.path;
+        hostname = "10.20.40.2";
+        user = "josh";
+      };
+      "gpdPocket3" = {
+        identityFile = age.secrets.nix2gpdPocket3.path;
+        hostname = "10.20.40.22"; # TODO onboard ot nebula network
+        user = "josh";
+      };
       "t" = {
         identityFile = age.secrets.nix2t.path;
         hostname = "10.20.40.4"; # TODO get these from flake.nix hosts?

users/josh/by_hosts/gpdPocket3/nix_modules/ssh_authorized.nix

@@ -0,0 +1,6 @@
+{ settings, ... }:
+{
+  users.user.${settings.user.username}.openssh.authorizedKeys.keys = [
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDa0MUnXwRzHPTDakjzLTmye2GTFbRno+KVs0DSeIPb7 nix2gpdpocket3"
+  ];
+}

users/josh/by_hosts/joe/nix_modules/ssh_authorized.nix

@@ -0,0 +1,6 @@
+{ settings, ... }:
+{
+  users.user.${settings.user.username}.openssh.authorizedKeys.keys = [
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINoBKfj+2SAlTxgdK1jYMFYoTTthX9jvfC+gko1Wlr4L nix2joe"
+  ];
+}