diff options
| author | Kj Tsanaktsidis <kjtsanaktsidis@groq.com> | 2025-09-07 18:03:24 +1000 |
|---|---|---|
| committer | Kj Tsanaktsidis <kjtsanaktsidis@groq.com> | 2025-09-07 18:03:24 +1000 |
| commit | fe73ac908fb09f3ddacbad5582e2dabac5f4ea25 (patch) | |
| tree | 551d79d5b23d700bb63573e05e9402fb87cd1675 /kj-laptop01/home.nix | |
| parent | f424c5e6512f9822a91801bf15344bad34019c3e (diff) | |
ssh key management
Diffstat (limited to 'kj-laptop01/home.nix')
| -rw-r--r-- | kj-laptop01/home.nix | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/kj-laptop01/home.nix b/kj-laptop01/home.nix new file mode 100644 index 0000000..e21b0ba --- /dev/null +++ b/kj-laptop01/home.nix @@ -0,0 +1,28 @@ +{ + config, + pkgs, + ... +}: +{ + home.username = "kjtsanaktsidis"; + home.homeDirectory = "/home/kjtsanaktsidis"; + home.stateVersion = "25.05"; + + programs.home-manager.enable = true; + + # Configure sops for home-manager + sops = { + age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; + defaultSopsFile = ./secrets.yaml; + secrets = { + kj_id_ed25519 = { + path = "${config.home.homeDirectory}/.ssh/id_ed25519"; + }; + }; + }; + + # SSH public key (private key is managed by sops) + home.file.".ssh/id_ed25519.pub" = { + text = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMtGcEXu5S/0zsF6Suxc65DmGFGt1JWRnqadoVhErOed kjtsanaktsidis@KJMacbookGroq.local"; + }; +} |