From 81771725d09e6b49a4bf45b9f6ed8ed5bc66ed97 Mon Sep 17 00:00:00 2001
From: Paul Brinkmeier <hallo@pbrinkmeier.de>
Date: Sun, 19 Nov 2023 03:04:01 +0100
Subject: [PATCH] Add agenix secrets for IONOS dyndns

---
 nix/secrets/README.md        |  11 +++++++++++
 nix/secrets/ionos-prefix.age |   9 +++++++++
 nix/secrets/ionos-secret.age | Bin 0 -> 460 bytes
 nix/secrets/secrets.nix      |  10 ++++++++++
 4 files changed, 30 insertions(+)
 create mode 100644 nix/secrets/README.md
 create mode 100644 nix/secrets/ionos-prefix.age
 create mode 100644 nix/secrets/ionos-secret.age
 create mode 100644 nix/secrets/secrets.nix

diff --git a/nix/secrets/README.md b/nix/secrets/README.md
new file mode 100644
index 0000000..e8c9086
--- /dev/null
+++ b/nix/secrets/README.md
@@ -0,0 +1,11 @@
+# secrets
+
+> Nix configuration secrets managed with [agenix](https://github.com/ryantm/agenix#tutorial).
+
+Use `nix develop` in the repository root to drop into a shell with `agenix`.
+
+## Editing files
+
+```
+agenix -e <thingamajig.age>
+```
diff --git a/nix/secrets/ionos-prefix.age b/nix/secrets/ionos-prefix.age
new file mode 100644
index 0000000..f0218f2
--- /dev/null
+++ b/nix/secrets/ionos-prefix.age
@@ -0,0 +1,9 @@
+age-encryption.org/v1
+-> ssh-ed25519 9V3MUQ 7+lohnPlQALVPEGo2LwS2fj5r2RCKaVeEFmi6EYEyCE
+9U6eAthRVd5ry0ej79FEy3oRG3okJTwY6zSN1u68H1o
+-> ssh-ed25519 CcM6/g QQX9SsgKkk8YdUPRKj9Tda8mf6qRJ7ywtP6IIpN9fxo
+3Ml2+1+AQMwr5Lnv84pYOee/s5mzfVdsHRLaUIAKNFk
+-> i)!b3gaJ-grease 7|bwS ?k2JgF E-G 2HI
+0mFbZ22lqvLd
+--- 0+CwYGJlJC7bRbokHSlv+V4JKppBo+/ocfjp2NQBD3Q
+JDvˆ8ì ëƒ¶ÚÄ÷8é V/Ã'O”M¸x×é!È¸TÉA7ÍK5#É8©&•Ø-VqÈ&}ù]ráÂ
\ No newline at end of file
diff --git a/nix/secrets/ionos-secret.age b/nix/secrets/ionos-secret.age
new file mode 100644
index 0000000000000000000000000000000000000000..745ae451574341db73e9bc4580386e206696688c
GIT binary patch
literal 460
zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCT)3^Vo(4OB393s12O
zGEKJ#56{hU$qi5UOw6o|2+Vc1Oe`?2C@D;~OfSgy@X1NbNak|%Nw0KI%MFe4_Yd|p
zPIJxoE_aK{taJ{}(Jn9bD6R-7Df3V9iO9|lGC{Y^Ioa1tKV2a^-=)CS!zDGsqrfXN
zFwe^{H_y|(Dl@1m!r0Y0)IZofKP@~pJ-|8HBb3Y7Gpy1*IM~7~E6gH0v#Qj{(?7>M
zG$pmjDJw9uEGNm(Pdg<)-_WAW*%4%$exS0ux^8+=YGQG!f-P5}hjwm(w`*Zpx`jcK
zmzQ5;ib+(4c35yodP;G)zIhp!uCA_vL20?MUu9l)qH&RSNLH9vR8CZ?iDOozskvWT
zs7GQ-T4qsIwpoy?p+Pd2<gukEj-T2aw0R*jlibGj&TSE0)+PIl`Wts|U)n3=ocB67
zN^#o{hS>`|yxkW3+n9AL^#kv-mb*d4OW$8g30mwL`onZ;O2hXbYabO%_I!G-uvhGG
qoZZePt-(`YY;Rij{hZI6D{YFW3|SdDH5Xh7&Gx=N=V0HH%KHGsnXO6y

literal 0
HcmV?d00001

diff --git a/nix/secrets/secrets.nix b/nix/secrets/secrets.nix
new file mode 100644
index 0000000..f8326b1
--- /dev/null
+++ b/nix/secrets/secrets.nix
@@ -0,0 +1,10 @@
+let
+  # Users
+  paul = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIMFqREiw3EareYXntIrm1/numKDo113zx1WMOFO69LJ";
+
+  # Systems
+  gilgamesh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDmLWYK6/4/Fh+wsoiz9+PCHvNcP2/wu2GvfzrqXCGA";
+in {
+  "ionos-prefix.age".publicKeys = [ paul gilgamesh ];
+  "ionos-secret.age".publicKeys = [ paul gilgamesh ];
+}