bryan/nixos
0
0
Fork 0
mirror of https://github.com/itme-brain/nixos.git synced 2026-03-24 00:29:43 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add machines.keys config and reorganize key structure

Browse source 
- Add config.machines.keys for machine-specific keys (private keys live on that machine)
- Move desktop SSH key to machines.keys.desktop.ssh
- Fix extractName to preserve "yubikey" (only strip .key/.pub extensions)
- Rename key files for clarity (android -> graphone, primary -> yubikey)
- Add age yubikey key for encrypted backups
- Add README files to document key purposes
- Update all machine configs to import system config
This commit is contained in:
Bryan Ramos 2026-03-12 15:17:46 -04:00
parent 570a321e53
commit 960904cbd9
24 changed files with 94 additions and 20 deletions
Download patch file Download diff file Expand all files Collapse all files

23
src/user/config/keys/default.nix
View file

@ -1,13 +1,17 @@
{ lib }:
with builtins;
let
extractName = string:
extractName = filename:
let
metadata = [
"pub" "public" "priv" "private"
"key" "file" "." "_" "-" "pk"
];
in
replaceStrings metadata (builtins.map (_: "") metadata) string;
# Remove .key extension
noKey = lib.removeSuffix ".key" filename;
# Remove .pub/.priv/.public/.private markers
noMarkers = replaceStrings
[ ".pub" ".priv" ".public" ".private" ]
[ "" "" "" "" ]
noKey;
in noMarkers;
constructKeys = dir: (
listToAttrs (
@ -17,7 +21,10 @@ let
map (file: {
name = extractName file;
value = readFile "${dir}/${subdir}/${file}";
}) (filter (node: (readDir "${dir}/${subdir}").${node} == "regular") (attrNames (readDir "${dir}/${subdir}")))
}) (filter (file:
(readDir "${dir}/${subdir}").${file} == "regular" &&
lib.hasSuffix ".key" file
) (attrNames (readDir "${dir}/${subdir}")))
);
}) (filter (node: (readDir dir).${node} == "directory") (attrNames (readDir dir)))
)