diff --git a/secrets.nix b/secrets.nix index a9044a9..098713f 100644 --- a/secrets.nix +++ b/secrets.nix @@ -1,3 +1,20 @@ +/* + Because I'm way too lazy I'm automatically generating the secret files config. + Secrets can be found below + hosts/${hostname}/secrets/*.age + + Pubkeys can be found for the specific host below + hosts/${hostname}/ssh.pub + The users have their keys below + users/${username}/ssh.pub + + Secrets get encrypted for the host they are in and the users specified. + + Every host with a secrets directory has an entry for a secret called "new". + This exist to overcome the chicken and egg problem. + Create a secret with them name new in the specific secrets directory and rename it afterwards with the suffix .age. +*/ + let pubkeysFor = directory: let instances = builtins.attrNames (builtins.readDir directory);