From d8957e7d4776ed0ab9736901f1f16cb7ecac0edb Mon Sep 17 00:00:00 2001
From: RGBCube <git@rgbcu.be>
Date: Wed, 24 Apr 2024 10:59:01 +0300
Subject: [PATCH] Add host IDs to version control, set ssh config for all
 systems and create backup user for disk

---
 hosts/cube/id.age      | Bin 0 -> 1150 bytes
 hosts/disk/default.nix |   6 ++++++
 hosts/disk/id.age      | Bin 0 -> 1150 bytes
 modules/ssh.nix        |   2 +-
 secrets.nix            |   5 +++--
 5 files changed, 10 insertions(+), 3 deletions(-)
 create mode 100644 hosts/cube/id.age
 create mode 100644 hosts/disk/id.age

diff --git a/hosts/cube/id.age b/hosts/cube/id.age
new file mode 100644
index 0000000000000000000000000000000000000000..41ad662037c67e364ab45063a12c158665b9bc5b
GIT binary patch
literal 1150
zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCUFE{ZY;DOYeeFbs07
zO7S)c$xY8l_X_pOaSu)}HY|3x%nfu-^3E;u%J=b0D%Y<v2<1xjFfd37v~<i(^D@?U
zjVLWP$jJ|POAIh9DmBS-3-<Fd3o41sF7wL`aD~}cRGg@g6_6Ne9LVMDR+5yMZQzp>
zXkHNFW?~dt5?Ny8m+N7el@pTYYMLGH8D?%0=9g`doogJL9aK?fTAXHTo|#jYRNz#Q
z6_w5980qU@mYM49UG8gHTI7@;q+gQk9qyWwqHmI8>}h1|A6Vq*=9nLpWR&FLAExh-
z6=IfGlIfls;htsbSP+)OrJqrp6<FXMSz+m}o#^Tmm6jV4n(mrWs$ZGu9aR--7Vcya
z;8o!h5s_XMV3FdO7ar^zXc|%!5@_rnndDd!!WCs0o*n32666sO>gk^w8sw8^;T@cm
zTO8rx<L(rgYU1JRmG9~iq#aacUYu8Hnptj`?^a%#tZx!xS(ufTVZxQ38IqbA6`Wd_
z<z!f%>Xe-y8R=zdl98WcnCR-7RbZNF7EtbySz?|aRv8lRQS9pzT9I$zVUkgzZ4w%l
z7#_)0X>3>&=$~fl?_ZLgm|l|Ml$z&OUgDXlZE6^tpBLm`Y-;J48|WUD=;9TeksOwr
zo9FLQ=#l7L9+{Nv?^$fZ<(B88?QIkmnV#wrkYX90A5@SX<x-SuX6$2V;hS!rm{JvK
z>6Mxk?vfkeZ=PIe>6zmjQsz_W?q_6Cte@_q%@vjE;$NB=8sKegWUO6K9OCR6l$xIs
zW#JX-8CB};5?-jUt!*3>obBQ4<B{l`85A01=u(>MXc3f=>|^Pimc_-TtE;P!Vp^4&
zVOo$MoUC1Cky+yIS`rcE>1>c3Y>=Jk9~op3P@x@BXc6Jzm0`g3zWkLKV_MDh3SPO}
zeAf<o@>N^;&t2$byFSSATjuBX0`(ukCqAmZ-Xwlm^cdUm(l_GXvu^!Qy`%J9v+^-}
z><qDu57Z8_#xGFk_xy8tVLC7WJwx@wTe4TZu|67WS1&GQ_Wb!0#$SIn_9kEc!l@an
zY?ya;!S=UY?58=FH9Ftu*ndgdV%N+rv&=~skNqu<_sywWpZqdF)tJ{}_q&QmrKc~;
zKAm5g`&6;E_jc{&2CdhsSsP?mNptPeo8Z{7f0c$>q2>PBw$*EtesqNKS?^1%mzvWv
zlkw@qn+Cp?Oa;Dwa_Wvft6Ux{^*ZwU9IbOVjFTUzFPyfyAoZ1ZlA_s$n<g#x>Os01
z7ZSIbcYU@_JE)_V<#YV)$9^qV&FQ`m3}@VMyIbhBdJSK={PdiUbA8uk=yUdKWP9tU
zNj94OTNjzLbmr&N|5Zv#ElvNpFHX6%gT3AH8E@p0{ci02Oj|wNb!_-8=J4~jmTE3m
zl=^wCnS<A_yxz4c_zo{a+*Flxqn!)lqF287C~)p@Y)?tfNzGY4QZFQqonAky>!VrM
cgl(#KR7{t?=RTl!?oDR7sG`@&-Z)b}0QJAL<^TWy

literal 0
HcmV?d00001

diff --git a/hosts/disk/default.nix b/hosts/disk/default.nix
index 57fe5b7..4ea008a 100644
--- a/hosts/disk/default.nix
+++ b/hosts/disk/default.nix
@@ -16,6 +16,12 @@
       openssh.authorizedKeys.keys = [ keys.enka ];
       hashedPasswordFile          = config.secrets.floppyPassword.path;
     };
+
+    backup = normalUser {
+      description                 = "Backup";
+      openssh.authorizedKeys.keys = [ keys.cube keys.enka ];
+      hashedPasswordFile          = config.secrets.floppyPassword.path;
+    };
   };
 
   networking = {
diff --git a/hosts/disk/id.age b/hosts/disk/id.age
new file mode 100644
index 0000000000000000000000000000000000000000..b89786416ce95f948f331e086bc6aaad61c9c499
GIT binary patch
literal 1150
zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCUFE{ZY;DOX5wb8$2)
zOE>ayEz8JqGO#c!4leaJ_Dsxmu8OMEj?4=!F%J)Q_jXIlb>yllO*AMrs4UgbFe=fu
zFm}uf_slL!^3ON$@^ej$Of1XK4fYEN&k0Vk420QMRGg@g6_6Ne9LSXy>0fLa;o+(8
z8)2Ga>gefjY#f>478Q_b;%AbRUQrZSWZ+ev@9LEol31MVQIM2gl;x|R>uhEmoMM)o
zXIaIiZ(^925?q)XR#0r{XK7sOn-yi6XI5!$P-Rx^ZIqQ6WbR>LVrt-<T@d11;T4eV
zk?xaRqV1klmR1>&QyOB*<rv}?Xc-)49_DZ6<P~U;k*S|)Qk3sr>Tj80mK|7X9PZ+o
zkyTz*UJ_*H=VRy^;Tou4;ht;h9a(7>ZtfUT&Q(zClU-O@Sgh}x73QB+lHzU{=9CoW
zot{)-7U}L{UQ%A{lUtNh>=&#ZmS*Id>Q-q`>EdYSV`1*%=@+c;7Qy9f;ZkJm7LgfH
zkYZr!QE6OSTI^&No?nm?SXyD0<K>d<QRV2LRqASP<Wg*6P?_Uq8KPfOYE<G|;hLN3
z=jqCo9AaP+6=j|l;Zd${o*i!NWa8(XUJ#TN=Iml&?C)QZmJ$@~7wi`q=A4u6mgARZ
zS{Q6u7~xXp8R3)@8Dbp8<&{!oSY_!FP~})^l5XNx5ak_EoaB*WlIy5n84;FLRIDGA
zTUM1;o|^4woSx@dnwMc|Vw9gAY35dJ=98P3%9ZQrVi=T>TNbKcY@AXU7Fd?;?wVBP
zYH99bVB(XlADCAWoTnXPT3O|0?BQu_?p{!l5$081S>W&Cl$GmMmBq!StE;P!W|H9=
z7@V2m<{es^THqKJ=A9CmVw7hX9N^=f<rx+pUJ+cGm6d9q?`*;)5dTw5=V<oLlhQGh
z_AvAX7Mxo8QC!4lrii!h^Sz-j9`|!<Yu=Dzb@V=%-ku#VvS$lVMADXQOUV=Wvvxc<
z)WR$?dt!&uyp8pakF(EwpQRCWjAt+R3bWRI9xGO@e<6B(Rb0K_8TIa^ANKsQ`}Be*
zukW1@V<tncUd<olmrKIzI3GkutI9s^dhp|Za!l@nJ+7;|p3e|fU#!U))?2LN_N~S0
zPIQU%_t&T7?LJx=HRN0p&}x<x)I7Fm+S*^owyW{WJY9A{><aH0S-D;9m5g2-7EkxN
zp82rNc5mEdM*bX;xX7CQU*@dTFk37?+y9Z?d5ixqK7{85v)fD%;Qd|vUd{Q3-uzuR
zb0U6Tef}f&e5V!r6pP#=t#j|rVQ_l1|G&qhl_JX)o@efE`LM!ihh<NAchsuj_~h?L
zmpC5qnYLa}?9<Xt-BzvbHb1L1Th^XqKeGOCeX;cygGh<UW{-m_LR*xKukjXN&Nb<q
zQ5$yiMD<~vbKTb$zb*4l5MDQ1Yfh+bPrB^%!z$NKD`_2kWE}gY@83bb?H&L6PRWaC
dvNM+%zSZTEPhxtrCE)sJD~tS|4fE>)bpdEKyO{t0

literal 0
HcmV?d00001

diff --git a/modules/ssh.nix b/modules/ssh.nix
index ed3c166..cf6697d 100644
--- a/modules/ssh.nix
+++ b/modules/ssh.nix
@@ -4,7 +4,7 @@
   mosh
 ]))
 
-(desktopHomeConfiguration {
+(homeConfiguration {
   programs.ssh = enabled {
     controlMaster       = "auto";
     controlPersist      = "60m";
diff --git a/secrets.nix b/secrets.nix
index da6ee0d..0470f39 100644
--- a/secrets.nix
+++ b/secrets.nix
@@ -2,7 +2,8 @@ let
   keys = import ./keys.nix;
 in with keys; {
   ### cube
-  "hosts/cube/password.rgb.age".publicKeys       = [ cube enka ];
+  "hosts/cube/id.age".publicKeys           = [ cube enka ];
+  "hosts/cube/password.rgb.age".publicKeys = [ cube enka ];
 
   "hosts/cube/password.plain.mail.age".publicKeys = [ cube enka ];
   "hosts/cube/password.hash.mail.age".publicKeys  = [ cube enka ];
@@ -17,7 +18,7 @@ in with keys; {
   "hosts/cube/nextcloud/password.age".publicKeys  = [ cube enka ];
 
   ### disk
-
+  "hosts/disk/id.age".publicKeys              = [ cube enka ];
   "hosts/disk/password.floppy.age".publicKeys = [ disk enka ];
 
   ### enka