merge secrets from development

9 files changed, 9 insertions, 15 deletions

diff --git a/machines/109-199-104-83/configuration.nix b/machines/109-199-104-83/configuration.nix
index 6aa4b4e..a7371c2 100644
--- a/machines/109-199-104-83/configuration.nix
+++ b/machines/109-199-104-83/configuration.nix
@@ -40,7 +40,7 @@
     x509.useACMEHost = config.mailserver.fqdn;
     loginAccounts = {
       "test@${config.networking.domain}" = {
-        hashedPasswordFile = builtins.toString config.age.secrets.secret3.path;
+        hashedPasswordFile = builtins.toString config.age.secrets.mailserver-acc-test-pw.path;
       };
     };
   };
diff --git a/machines/lenovo/configuration.nix b/machines/lenovo/configuration.nix
index adf0814..152d136 100644
--- a/machines/lenovo/configuration.nix
+++ b/machines/lenovo/configuration.nix
@@ -9,10 +9,6 @@
     ./impermanence.nix
     (modulesPath + "/installer/scan/not-detected.nix")
   ];
-  age.secrets = {
-    secret0.file = ../../secrets/secret0.age;
-    secret1.file = ../../secrets/secret1.age;
-  };
   boot.loader = {
     efi.canTouchEfiVariables = true;
     systemd-boot.enable = true;
diff --git a/pub-keys.nix b/pub-keys.nix
index 8bf4995..fcaa7d8 100644
--- a/pub-keys.nix
+++ b/pub-keys.nix
@@ -1,9 +1,8 @@
 {
   age.secrets = {
-    secret0.file = ./secrets/secret0.age;
-    secret1.file = ./secrets/secret1.age;
-    secret2.file = ./secrets/secret2.age;
-    secret3.file = ./secrets/secret3.age;
+    andromeda-pw.file = ./secrets/andromeda-pw.age;
+    mtgmonkey-pw.file = ./secrets/mtgmonkey-pw.age;
+    mailserver-acc-test-pw.file = ./secrets/mailserver-acc-test-pw.age;
   };
   pub-keys = {
     ssh = {
diff --git a/secrets/secret0.age b/secrets/andromeda-pw.age
index 757e7ff..757e7ff 100644
--- a/secrets/secret0.age
+++ b/secrets/andromeda-pw.age
diff --git a/secrets/secret3.age b/secrets/mailserver-acc-test-pw.age
index c38cb97..c38cb97 100644
--- a/secrets/secret3.age
+++ b/secrets/mailserver-acc-test-pw.age
diff --git a/secrets/secret1.age b/secrets/mtgmonkey-pw.age
index facb97b..facb97b 100644
--- a/secrets/secret1.age
+++ b/secrets/mtgmonkey-pw.age
diff --git a/secrets/secret2.age b/secrets/secret2.age
deleted file mode 100644
index 993e770..0000000
--- a/secrets/secret2.age
+++ /dev/null
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index 285a1ab..53dff54 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -4,8 +4,7 @@ let
   lenovo = pub-keys.ssh.lenovo;
   _109-199-104-83 = pub-keys.ssh._109-199-104-83;
 in {
-  "secret0.age".publicKeys = [andromeda lenovo];
-  "secret1.age".publicKeys = [andromeda lenovo];
-  "secret2.age".publicKeys = [andromeda lenovo _109-199-104-83];
-  "secret3.age".publicKeys = [andromeda lenovo _109-199-104-83];
+  "andromeda-pw.age".publicKeys = [andromeda lenovo];
+  "mtgmonkey-pw.age".publicKeys = [andromeda lenovo];
+  "mailserver-acc-test-pw.age".publicKeys = [andromeda lenovo _109-199-104-83];
 }
diff --git a/users.nix b/users.nix
index 270d8cf..1d78a87 100644
--- a/users.nix
+++ b/users.nix
@@ -13,7 +13,7 @@ in {
       "andromeda" = {
         isNormalUser = true;
         description = "andromeda";
-        hashedPasswordFile = builtins.toString config.age.secrets.secret0.path;
+        hashedPasswordFile = builtins.toString config.age.secrets.andromeda-pw.path;
         extraGroups = [
           "networkmanager"
           "wheel"
@@ -22,7 +22,7 @@ in {
       "mtgmonkey" = {
         isNormalUser = true;
         description = "mtgmonkey";
-        hashedPasswordFile = builtins.toString config.age.secrets.secret1.path;
+        hashedPasswordFile = builtins.toString config.age.secrets.mtgmonkey-pw.path;
         extraGroups = [
           (lib.mkIf
             (machine == machines.lenovo)