set the initial user password
This commit is contained in:
parent
5ddfbb3a7b
commit
0291524082
4 changed files with 14 additions and 5 deletions
|
@ -1,4 +1,7 @@
|
||||||
zipline: ENC[AES256_GCM,data:YQMdw1cJy9wFnJsX6fPWBXK0rPEnuJJwJysVh0vggcnySFjl5Dmolaqxhw==,iv:RKB+rNz76ZxqzmyATLcpHmaap1f6aWWm7smBTieMZ8M=,tag:GN967VhwqZwMA6uzshKBmQ==,type:str]
|
zipline: ENC[AES256_GCM,data:YQMdw1cJy9wFnJsX6fPWBXK0rPEnuJJwJysVh0vggcnySFjl5Dmolaqxhw==,iv:RKB+rNz76ZxqzmyATLcpHmaap1f6aWWm7smBTieMZ8M=,tag:GN967VhwqZwMA6uzshKBmQ==,type:str]
|
||||||
|
users:
|
||||||
|
cswimr:
|
||||||
|
password: ENC[AES256_GCM,data:KPB3C8z1vBB6M6hcuLQyIzoID23v/syTui3eFfrVKwzDwL4X7BdYbnYfuJSXedce+KHmvZv+AE6w3PTD9c7CPpLUlUQmteAY6w==,iv:a393VckzNy+vRqb9vDr9QRBQe27bHOUJR3JwrHAP5g4=,tag:UDl+3dWV+GrJ7Wva3y9VsQ==,type:str]
|
||||||
sops:
|
sops:
|
||||||
kms: []
|
kms: []
|
||||||
gcp_kms: []
|
gcp_kms: []
|
||||||
|
@ -23,8 +26,8 @@ sops:
|
||||||
b1JvNi9YODZPN1FObWpOVHN3aU85NFEK1dN5pV8g3nG3D2l482z1JCRzmJ/9m495
|
b1JvNi9YODZPN1FObWpOVHN3aU85NFEK1dN5pV8g3nG3D2l482z1JCRzmJ/9m495
|
||||||
YEobjXbEqQDhvA47ueWojoMjvQ3CgrPyiL6v+DLj7VfI5cyuo+89IQ==
|
YEobjXbEqQDhvA47ueWojoMjvQ3CgrPyiL6v+DLj7VfI5cyuo+89IQ==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
lastmodified: "2024-12-03T01:29:28Z"
|
lastmodified: "2024-12-03T02:52:14Z"
|
||||||
mac: ENC[AES256_GCM,data:NzE6V3kb9hiA9WAs7GFK5GqFoOUP5U/EOskWq0qdCo6GMewkK8TqrY+lFgjkEhY39PobgVTICBT8MGhY9eiEINYdBl7DuQGb3cR/puV+iCPEgUemzVcmcGkd24ktzUO2DsWet1EFC84oOu50XzYfR9VqW3z7+7UbpzWuOxIdvAA=,iv:pxNCxKPevqg8QxsIfL6+2pEB5cUmKhmLhmdiO+nB/Ac=,tag:uFA84z0XjzNgp3NLBu8AfQ==,type:str]
|
mac: ENC[AES256_GCM,data:ai0BsmImgvbL7KI+ioxUEq0XhiMAziIoDYenLCXjaEEtX9gcvdlmzhuI7k8/MGJjtdAzKxnPWHwQeG1B59ub4Vv+jTOts5ERizbIxscSMhTYogW1CUWzfkunf2y2gViwcCogt2Qzf+v/lN0vQFlkPqJAK6Sd0R/b+vjIyOXMxO0=,iv:vRssoy2PJ8CXehsNoj/QoNesG2sMHNXgBlYtmlfaDzU=,tag:xQ/IsI0Bdzyqydw1blDfCA==,type:str]
|
||||||
pgp: []
|
pgp: []
|
||||||
unencrypted_suffix: _unencrypted
|
unencrypted_suffix: _unencrypted
|
||||||
version: 3.9.1
|
version: 3.9.1
|
|
@ -2,7 +2,7 @@
|
||||||
- &cswimr age1q9f9zhkfjn2c3a8qtmfqh0rtls3542jukqpt7t93jca6hc947f3sm9ujhx
|
- &cswimr age1q9f9zhkfjn2c3a8qtmfqh0rtls3542jukqpt7t93jca6hc947f3sm9ujhx
|
||||||
- &eclipse age184ude6fyak8z4nnndq4nzcpe2d89zxf3r4paty7j2tenkwa6zgtqrz60lq
|
- &eclipse age184ude6fyak8z4nnndq4nzcpe2d89zxf3r4paty7j2tenkwa6zgtqrz60lq
|
||||||
creation_rules:
|
creation_rules:
|
||||||
- path_regex: secrets/[^/]+\.(yaml|json|env|ini)$
|
- path_regex: \.sops-secrets\.yaml$
|
||||||
key_groups:
|
key_groups:
|
||||||
- age:
|
- age:
|
||||||
- *cswimr
|
- *cswimr
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
# Edit this configuration file to define what should be installed on
|
# Edit this configuration file to define what should be installed on
|
||||||
# your system. Help is available in the configuration.nix(5) man page
|
# your system. Help is available in the configuration.nix(5) man page
|
||||||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
||||||
{ pkgs, hostname, ... }:
|
{ pkgs, config, hostname, ... }:
|
||||||
{
|
{
|
||||||
nix = {
|
nix = {
|
||||||
settings = {
|
settings = {
|
||||||
|
@ -95,6 +95,7 @@
|
||||||
# Define a user account. Don't forget to set a password with ‘passwd’.
|
# Define a user account. Don't forget to set a password with ‘passwd’.
|
||||||
users.users.cswimr = {
|
users.users.cswimr = {
|
||||||
isNormalUser = true;
|
isNormalUser = true;
|
||||||
|
hashedPasswordFile = config.sops.secrets."users/cswimr/password".path;
|
||||||
description = "Seaswimmer";
|
description = "Seaswimmer";
|
||||||
extraGroups = [
|
extraGroups = [
|
||||||
"networkmanager"
|
"networkmanager"
|
||||||
|
|
|
@ -1,13 +1,18 @@
|
||||||
{ user, ... }:
|
{ user, ... }:
|
||||||
{
|
{
|
||||||
sops = {
|
sops = {
|
||||||
defaultSopsFile = ../secrets/secrets.yaml;
|
defaultSopsFile = ../.sops-secrets.yaml;
|
||||||
age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
|
age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
|
||||||
secrets = {
|
secrets = {
|
||||||
"zipline" = {
|
"zipline" = {
|
||||||
owner = user;
|
owner = user;
|
||||||
path = "/home/${user}/.secrets/zipline";
|
path = "/home/${user}/.secrets/zipline";
|
||||||
};
|
};
|
||||||
|
"users/cswimr/password" = {
|
||||||
|
neededForUsers = true;
|
||||||
|
owner = user;
|
||||||
|
path = "/home/${user}/.secrets/password";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue