From 09129cdd55d1fc617cef53968a16d6ebe6da7115 Mon Sep 17 00:00:00 2001 From: shokinn Date: Wed, 24 Jul 2024 14:25:15 +0200 Subject: [PATCH 1/4] Add notice, that the IdentityAgent entry for strongbox should be last --- dotfiles/ssh/config | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/dotfiles/ssh/config b/dotfiles/ssh/config index 0f95a35..d3766d2 100644 --- a/dotfiles/ssh/config +++ b/dotfiles/ssh/config @@ -7,6 +7,9 @@ Include /Users/phg/.colima/ssh_config Include config.d/*.config Include config.d/*/*.config -{%@@ if profile == 'susanoo.local' or profile == 'WVDEWOBMC001307' @@%}Host * +{%@@ if profile == 'susanoo.local' or profile == 'WVDEWOBMC001307' @@%}# +# This have to be LAST +# +Host * IdentityAgent "~/Library/Group Containers/group.strongbox.mac.mcguill/agent.sock" {%@@ endif @@%} From 2deb21d942e0fdfeb031c26a2e765ce6e00b10bb Mon Sep 17 00:00:00 2001 From: shokinn Date: Wed, 24 Jul 2024 15:40:50 +0200 Subject: [PATCH 2/4] remove deprecated completions --- dotfiles/zshrc | 2 -- 1 file changed, 2 deletions(-) diff --git a/dotfiles/zshrc b/dotfiles/zshrc index 57513b2..92e3645 100644 --- a/dotfiles/zshrc +++ b/dotfiles/zshrc @@ -80,7 +80,6 @@ ZSH_PYENV_VIRTUALENV="true" # Example format: plugins=(rails git textmate ruby lighthouse) # Add wisely, as too many plugins slow down shell startup. plugins=( - ag aws colored-man-pages cp @@ -109,7 +108,6 @@ plugins=( tig themes vscode - #zsh-completions (https://github.com/zsh-users/zsh-completions/issues/603) zsh-navigation-tools zsh-ssh {%@@ if profile == 'ymir' or profile == 'susanoo.local' @@%} # Mac specifics From cdf4a224a99db1cef753b0a8d59bb274ccff5094 Mon Sep 17 00:00:00 2001 From: shokinn Date: Wed, 24 Jul 2024 19:49:50 +0200 Subject: [PATCH 3/4] change secrets.nix location from root to secrets/secrets.nix; updated agenix-helper and added an alias to accommodate that change --- dotfiles/bin/agenix-helper | 4 ++-- dotfiles/zshrc | 1 + 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/dotfiles/bin/agenix-helper b/dotfiles/bin/agenix-helper index f21bd4a..85d0928 100755 --- a/dotfiles/bin/agenix-helper +++ b/dotfiles/bin/agenix-helper @@ -105,7 +105,7 @@ gen-user-key() { local working_directory="${3:-$(pwd)}" local begin_marker='#-----BEGIN USER-SECRETS-----' local end_marker='#------END USER-SECRETS------' - local input_file="${working_directory}/secrets.nix" + local input_file="${working_directory}/secrets/secrets.nix" local userkey if [[ ${public_key} == "EMPTY" ]]; then @@ -132,7 +132,7 @@ get-host-key() { local working_directory="${4:-$(pwd)}" local begin_marker='#-----BEGIN SYSTEM-SECRETS-----' local end_marker='#------END SYSTEM-SECRETS------' - local input_file="${working_directory}/secrets.nix" + local input_file="${working_directory}/secrets/secrets.nix" local hostkey echo "getting host public key for host ${keyname}" diff --git a/dotfiles/zshrc b/dotfiles/zshrc index 92e3645..de0e9e2 100644 --- a/dotfiles/zshrc +++ b/dotfiles/zshrc @@ -172,6 +172,7 @@ source ${ZSH}/oh-my-zsh.sh alias ssh-no-check="ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null" alias ssh-strongbox-keys="SSH_AUTH_SOCK=~/Library/Group\ Containers/group.strongbox.mac.mcguill/agent.sock ssh-add -l" +alias agenix='RULES='\''./secrets/secrets.nix'\'' agenix' alias agenix-edit="agenix -i {{@@ env['HOME'] @@}}/.ssh/agenix-phg -e" # Initialize pyenv From 9ec699d16ee0674bbc529d1f160b091234532b04 Mon Sep 17 00:00:00 2001 From: shokinn Date: Wed, 24 Jul 2024 20:32:56 +0200 Subject: [PATCH 4/4] change marker from secrets to public keys --- dotfiles/bin/agenix-helper | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/dotfiles/bin/agenix-helper b/dotfiles/bin/agenix-helper index 85d0928..079fcb7 100755 --- a/dotfiles/bin/agenix-helper +++ b/dotfiles/bin/agenix-helper @@ -103,8 +103,8 @@ gen-user-key() { local keyname="${1}" local public_key="${2}" local working_directory="${3:-$(pwd)}" - local begin_marker='#-----BEGIN USER-SECRETS-----' - local end_marker='#------END USER-SECRETS------' + local begin_marker='#-----BEGIN USER PUBLIC KEYS-----' + local end_marker='#------END USER PUBLIC KEYS------' local input_file="${working_directory}/secrets/secrets.nix" local userkey @@ -130,8 +130,8 @@ get-host-key() { local target="${2}" local type="${3:-ssh-ed25519}" local working_directory="${4:-$(pwd)}" - local begin_marker='#-----BEGIN SYSTEM-SECRETS-----' - local end_marker='#------END SYSTEM-SECRETS------' + local begin_marker='#-----BEGIN SYSTEM PUBLIC KEYS-----' + local end_marker='#------END SYSTEM PUBLIC KEYS------' local input_file="${working_directory}/secrets/secrets.nix" local hostkey