From 4b8882d82dcc8667d2b1276d65e43d081c5fa868 Mon Sep 17 00:00:00 2001
From: andromeda <andromeda@lenovo>
Date: Wed, 31 Dec 2025 02:28:00 +0100
Subject: change pub key management again, centralize users, start to
 modularize lenovo conf

---
 secrets.nix | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)
 create mode 100644 secrets.nix

(limited to 'secrets.nix')

diff --git a/secrets.nix b/secrets.nix
new file mode 100644
index 0000000..2e435a5
--- /dev/null
+++ b/secrets.nix
@@ -0,0 +1,22 @@
+{lib, ...}: {
+  config = {
+    age.secrets = {
+      secret0.file = ./secrets/secret0.age;
+      secret1.file = ./secrets/secret1.age;
+      secret2.file = ./secrets/secret2.age;
+    };
+    pub-keys = {
+      ssh = {
+        andromeda = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJy2VD362wUcu0lKj2d6OIU8dbAna0Lu/NaAYIj8gdIA andromeda@lenovo";
+        lenovo = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHG4eqsLTq2os2mxfwhys3BpVnowcJrqt2CbRFzN2pJb root@lenovo";
+      };
+    };
+  };
+  options = {
+    pub-keys.ssh = lib.mkOption {
+      type = lib.types.attrsOf lib.types.str;
+      default = {};
+      description = "set of public keys as `name = key`";
+    };
+  };
+}
-- 
cgit v1.3