change marker from secrets to public keys

change secrets.nix location from root to secrets/secrets.nix;
updated agenix-helper and added an alias to accommodate that change
2024-10-06 07:08:12 +00:00 · 2024-07-24 20:32:56 +02:00 · 2024-07-24 19:49:50 +02:00 · 2024-07-24 15:40:50 +02:00 · 2024-07-24 14:25:15 +02:00
3 changed files with 11 additions and 9 deletions
--- a/dotfiles/bin/agenix-helper
+++ b/dotfiles/bin/agenix-helper
@ -103,9 +103,9 @@ gen-user-key() {
  local keyname="${1}"
  local public_key="${2}"
  local working_directory="${3:-$(pwd)}"
-  local begin_marker='#-----BEGIN USER-SECRETS-----'
-  local end_marker='#------END USER-SECRETS------'
-  local input_file="${working_directory}/secrets.nix"
+  local begin_marker='#-----BEGIN USER PUBLIC KEYS-----'
+  local end_marker='#------END USER PUBLIC KEYS------'
+  local input_file="${working_directory}/secrets/secrets.nix"
  local userkey

  if [[ ${public_key} == "EMPTY" ]]; then
@ -130,9 +130,9 @@ get-host-key() {
  local target="${2}"
  local type="${3:-ssh-ed25519}"
  local working_directory="${4:-$(pwd)}"
-  local begin_marker='#-----BEGIN SYSTEM-SECRETS-----'
-  local end_marker='#------END SYSTEM-SECRETS------'
-  local input_file="${working_directory}/secrets.nix"
+  local begin_marker='#-----BEGIN SYSTEM PUBLIC KEYS-----'
+  local end_marker='#------END SYSTEM PUBLIC KEYS------'
+  local input_file="${working_directory}/secrets/secrets.nix"
  local hostkey

  echo "getting host public key for host ${keyname}"
--- a/dotfiles/ssh/config
+++ b/dotfiles/ssh/config
@ -7,6 +7,9 @@ Include /Users/phg/.colima/ssh_config
 Include config.d/*.config
 Include config.d/*/*.config

-{%@@ if profile == 'susanoo.local' or profile == 'WVDEWOBMC001307' @@%}Host *
+{%@@ if profile == 'susanoo.local' or profile == 'WVDEWOBMC001307' @@%}#
+# This have to be LAST
+#
+Host *
   IdentityAgent "~/Library/Group Containers/group.strongbox.mac.mcguill/agent.sock"
 {%@@ endif @@%}
--- a/dotfiles/zshrc
+++ b/dotfiles/zshrc
@ -80,7 +80,6 @@ ZSH_PYENV_VIRTUALENV="true"
 # Example format: plugins=(rails git textmate ruby lighthouse)
 # Add wisely, as too many plugins slow down shell startup.
 plugins=(
-  ag
  aws
  colored-man-pages
  cp
@ -109,7 +108,6 @@ plugins=(
  tig
  themes
  vscode
-  #zsh-completions (https://github.com/zsh-users/zsh-completions/issues/603)
  zsh-navigation-tools
  zsh-ssh
 {%@@ if profile == 'ymir' or profile == 'susanoo.local' @@%}  # Mac specifics
@ -174,6 +172,7 @@ source ${ZSH}/oh-my-zsh.sh

 alias ssh-no-check="ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null"
 alias ssh-strongbox-keys="SSH_AUTH_SOCK=~/Library/Group\ Containers/group.strongbox.mac.mcguill/agent.sock ssh-add -l"
+alias agenix='RULES='\''./secrets/secrets.nix'\'' agenix'
 alias agenix-edit="agenix -i {{@@ env['HOME'] @@}}/.ssh/agenix-phg -e"

 # Initialize pyenv
Author	SHA1	Message	Date
Philip Henning	9ec699d16e	change marker from secrets to public keys	2024-07-24 20:32:56 +02:00
Philip Henning	cdf4a224a9	change secrets.nix location from root to secrets/secrets.nix; updated agenix-helper and added an alias to accommodate that change	2024-07-24 19:49:50 +02:00
Philip Henning	2deb21d942	remove deprecated completions	2024-07-24 15:40:50 +02:00
Philip Henning	09129cdd55	Add notice, that the IdentityAgent entry for strongbox should be last	2024-07-24 14:25:15 +02:00