NixOS system configuration

Secrets

# Secrets are stored (not in VC!) as follows:
# /etc/nixos/secrets/
# ├── binary-cache
# │   ├── cache-priv-key.pem
# ├── gpg
# │   ├── privkey.asc
# └── ssh
#     ├── id_rsa

# make sure all the leaves have permissions 600, with appropriate user and group
# see set_permissions.sh

# corresponding public keys are stored as follows:
# /etc/nixos/public/
# ├── binary-cache
# │   ├── cache-pub-key.pem
# ├── gpg
# │   ├── public.asc
# └── ssh
#     ├── id_rsa.pub

# gpg keys are imported as follows
$ gpg --import /etc/nixos/secrets/gpg/privkey.asc /etc/nixos/public/gpg/public.asc

# secrets are generated as follows:
$ gpg --full-generate-key
$ gpg --output public.asc --armor --export <fingerprint>
$ gpg --output privkey.asc --armor --export-secret-key <fingerprint>
$ ssh-keygen

Name		Name	Last commit message	Last commit date
Latest commit History 745 Commits
dotfiles		dotfiles
public		public
utils		utils
.gitignore		.gitignore
README.md		README.md
base.nix		base.nix
flake.lock		flake.lock
flake.nix		flake.nix
intel-gpu.nix		intel-gpu.nix
jasper.nix		jasper.nix
networking.nix		networking.nix
nix-config.nix		nix-config.nix
packages.nix		packages.nix
punky.nix		punky.nix
replicant.nix		replicant.nix
rupert.nix		rupert.nix
sound.nix		sound.nix
status-command.nix		status-command.nix
sway-gui.nix		sway-gui.nix
users.nix		users.nix

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

NixOS system configuration

Secrets

About

Releases

Packages

Languages

danielbarter/nixos-config

Folders and files

Latest commit

History

Repository files navigation

NixOS system configuration

Secrets

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages