From 638b62591dffeabaedd638bd1478c7108360a2b8 Mon Sep 17 00:00:00 2001
From: Daniel Simon <dev@firespike.de>
Date: Mon, 3 Mar 2025 23:59:28 +0100
Subject: [PATCH 1/2] Add SSH and Nix keys and password for daniel

---
 nixos/roles/admins.nix | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/nixos/roles/admins.nix b/nixos/roles/admins.nix
index bcf102e..2719032 100644
--- a/nixos/roles/admins.nix
+++ b/nixos/roles/admins.nix
@@ -20,6 +20,15 @@ with lib; let
         "gonne.mathebau.de-1:FsXFyFiBFE/JxC9MCkt/WuiXjx5dkRI9RXj0FxOQrV0="
       ];
     };
+    daniel = {
+      hashedPassword = "$y$j9T$.p7R1mqmbotP3SvuaH4KS.$l3hsHJyh0A0.ZhZ.4Tc1cgKAcKWKntXYsPKmPpUvYnD";
+      sshKeys = [
+        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGCrx7aeIIOvdc+mW4ji8RlIuMRY55oDrcCs4q1KU7VG Daniel"
+      ];
+      nixKeys = [
+        "nix.mathebau.firespike.de-1:OmST0YGbAaBjPo5xSM5Bqwk6/W5o7B5CnW/NDr0NacI="
+      ];
+    };
   };
 
   mkAdmin = name: {
-- 
2.39.5


From b5bbc0345d82de39e5f250a523db698b1471b1b8 Mon Sep 17 00:00:00 2001
From: Daniel Simon <dev@firespike.de>
Date: Tue, 4 Mar 2025 00:12:27 +0100
Subject: [PATCH 2/2] Add SOPS/AGE key for daniel

---
 .sops.yaml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/.sops.yaml b/.sops.yaml
index b80b8f3..ee94cd8 100644
--- a/.sops.yaml
+++ b/.sops.yaml
@@ -1,6 +1,7 @@
 keys:
   - &nerf age1rasjnr2tlv9y70sj0z0hwpgpxdc974wzg5umtx2pnc6z0p05u3js6r8sln
   - &gonne age1epz92k2rkp43hkrg3u0jgkzhnkwx8y43kag7rvfzwl9wcddelvusyetxl7
+  - &daniel age1mmpdvzy6d23qyhrl55jtv3c25pus2wwfplx9tujmqps2xsreuv8qwc6gv5
 
   - &nyarlathotep age1s99d0vlj5qlm287n98jratql5fypvjrxxal0k5jl2aw9dcc8kyvqw5yyt4
   - &bragi age1lqvgpmlemyg9095ujck64u59ma29656zs7a4yxgz4s6u5cld2ccss69jwe
@@ -13,24 +14,28 @@ creation_rules:
       - age:
         - *nerf
         - *gonne
+        - *daniel
         - *nyarlathotep
   - path_regex: nixos/machines/bragi/.*
     key_groups:
       - age:
         - *nerf
         - *gonne
+        - *daniel
         - *bragi
   - path_regex: nixos/machines/lobon/.*
     key_groups:
       - age:
         - *nerf
         - *gonne
+        - *daniel
         - *lobon
   - path_regex: nixos/machines/nyarlathotep/.*
     key_groups:
       - age:
         - *nerf
         - *gonne
+        - *daniel
         - *nyarlathotep
   # this is the catchall clause if nothing above machtes. Encrypt to users but not
   # to machines
@@ -38,3 +43,4 @@ creation_rules:
       - age:
         - *nerf
         - *gonne
+        - *daniel
-- 
2.39.5