diff --git a/common/secret/default.nix b/common/secret/default.nix index b6e0ff59..0e554a53 100644 Binary files a/common/secret/default.nix and b/common/secret/default.nix differ diff --git a/nixos/machines/apollo/configuration.nix b/nixos/machines/apollo/configuration.nix index 36369c72..e261301e 100644 --- a/nixos/machines/apollo/configuration.nix +++ b/nixos/machines/apollo/configuration.nix @@ -28,7 +28,7 @@ in { m0wire = { allowedIPsAsRoutes = false; ips = [ "${hosts.apollo-wg}/112" ]; - privateKeyFile = "/etc/nixosnixos/machinesapollo/secret/wireguard-private"; + privateKeyFile = "/etc/nixos/nixos/machines/apollo/secret/wireguard-private"; peers = [{ publicKey = wireguard.pub.hera; allowedIPs = [ "::/0" ]; @@ -77,8 +77,8 @@ in { openDefaultPorts = true; declarative = syncthing.declarativeWith [ "hera" ] "/home/maralorn/media" // { - cert = "/etc/nixosnixos/machinesapollo/secret/syncthing/cert.pem"; - key = "/etc/nixosnixos/machinesapollo/secret/syncthing/key.pem"; + cert = "/etc/nixos/nixos/machines/apollo/secret/syncthing/cert.pem"; + key = "/etc/nixos/nixos/machines/apollo/secret/syncthing/key.pem"; }; }; gnome3.chrome-gnome-shell.enable = true; @@ -93,7 +93,7 @@ in { cdark_net = { enable = true; hostName = "${me.user}_${config.networking.hostName}"; - ed25519PrivateKeyFile = /etc/nixos/hosts + "/${config.networking.hostName}" + ed25519PrivateKeyFile = /etc/nixos/nixos/machines + "/${config.networking.hostName}" + /secret/tinc/ed25519_key.priv; hostsDirectory = (builtins.fetchGit "ssh://git@git.darmstadt.ccc.de/cdark.net/hosts"); diff --git a/nixos/machines/hera/configuration.nix b/nixos/machines/hera/configuration.nix index 0f0e280c..63cc7caa 100644 --- a/nixos/machines/hera/configuration.nix +++ b/nixos/machines/hera/configuration.nix @@ -1,7 +1,7 @@ { config, pkgs, ... }: # You need pw-files for every configured user in ./secret/pw-useralias for login to work. -# dropbearkey -t rsa -f /etc/nixosnixos/machines/secret/boot_rsa +# dropbearkey -t rsa -f /etc/nixos/nixos/machines//secret/boot_rsa let inherit (config.m-0.private) me; @@ -103,8 +103,8 @@ in { user = "maralorn"; openDefaultPorts = true; declarative = syncthing.declarativeWith [ "apollo" ] "/media" // { - cert = "/etc/nixosnixos/machineshera/secret/syncthing/cert.pem"; - key = "/etc/nixosnixos/machineshera/secret/syncthing/key.pem"; + cert = "/etc/nixos/nixos/machines/hera/secret/syncthing/cert.pem"; + key = "/etc/nixos/nixos/machines/hera/secret/syncthing/key.pem"; }; }; }; @@ -117,7 +117,7 @@ in { isNormalUser = true; uid = 1001; extraGroups = [ "wheel" "systemd-journal" ]; - passwordFile = "/etc/nixosnixos/machineshera/secret/pw-choreutes"; + passwordFile = "/etc/nixos/nixos/machines/hera/secret/pw-choreutes"; }; # This value determines the NixOS release with which your system is to be diff --git a/nixos/machines/hera/network.nix b/nixos/machines/hera/network.nix index 35ae6836..aa08d69f 100644 --- a/nixos/machines/hera/network.nix +++ b/nixos/machines/hera/network.nix @@ -54,7 +54,7 @@ in { wireguard.interfaces = { m0wire = { ips = [ "${hosts.hera-wg}/112" ]; - privateKeyFile = "/etc/nixosnixos/machineshera/secret/wireguard-private"; + privateKeyFile = "/etc/nixos/nixos/machines/hera/secret/wireguard-private"; listenPort = wireguard.port; peers = [{ publicKey = wireguard.pub.apollo;