wip: add vogon + many other things

Added lots of things done in a hurry following the dodecagon failure. Signed-off-by: Jeltz <jeltz@federez.net>
2025-03-31 15:58:12 +02:00 · 2025-03-31 15:58:12 +02:00 · 09d82c6b88
commit 09d82c6b88
parent a184d18f4b
9 changed files with 676 additions and 63 deletions
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@ -8,6 +8,7 @@ let
  pendragon = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILrJwgqLnGuUpUFacXLphiu8vUthVD4mA4a3Uytl5eSD root@pendragon";
  perdrigon = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIChtLzQ2YhAzJWFhuq4rdenxMFCNGD00PTwmmyjE8PM0 root@perdrigon";
  martagon = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINX93idUkaicbyQMOS6EurPdzHpxeza1z7vP6n3+W+mK root@martagon";
+  vogon = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN4ScFlg1WgXiSOwP0DZRuJ4/BwTsHapDTR1U7/+xQT7 root@vogon";
  # Add yourself.
  raito = readKeyFile ../pubkeys/raito.keys;
  bensmrs = readKeyFile ../pubkeys/bensmrs.keys;
@ -23,6 +24,7 @@ let
  discourse-admins = active-admins;
  indico-admins = active-admins;
  grafana-admins = active-admins;
+  wg-admins = active-admins;
  servers = [ estragon wagon lagon klingon aragon pendragon perdrigon martagon ];
 in
  {
@ -38,4 +40,5 @@ in
    "indico-mail-password.age".publicKeys = [ perdrigon ] ++ indico-admins;
    "grafana-admin-password.age".publicKeys = [ martagon ] ++ grafana-admins;
    "grafana-secret-key.age".publicKeys = [ martagon ] ++ grafana-admins;
+    "vogon-wg-infra-key.age".publicKeys = [ vogon ] ++ wg-admins;
  }
--- a/secrets/vogon-wg-infra-key.age
+++ b/secrets/vogon-wg-infra-key.age