From 994434da7416420acf8fb7b539b1cae4dd42420d Mon Sep 17 00:00:00 2001
From: EinEtwas <ein@etwas.me>
Date: Tue, 22 Oct 2024 20:58:59 +0200
Subject: [PATCH] feat: add vps with priv key to ssh config

---
 home/default.nix    | 26 +++++++++++++++++---------
 home/ssh.nix        | 14 ++++++++++++++
 secrets/1bvps.age   |  8 ++++++++
 secrets/secrets.nix |  1 +
 4 files changed, 40 insertions(+), 9 deletions(-)
 create mode 100644 home/ssh.nix
 create mode 100644 secrets/1bvps.age

diff --git a/home/default.nix b/home/default.nix
index f9bb79b..d02ba08 100644
--- a/home/default.nix
+++ b/home/default.nix
@@ -6,6 +6,21 @@
     inputs.spicetify-nix.nixosModules.default
   ];
 
+  # TODO: Get a token2 and set up https://github.com/oddlama/agenix-rekey
+  age.identityPaths = [ "/var/lib/persistent/host_id_ed25519" ];
+
+  age.secrets.access-tokens-github.file = ../secrets/gh.age;
+  age.secrets.obvps-id = {
+    file = ../secrets/1bvps.age;
+    path = "/home/rhea/.ssh/id_1bvps";
+    owner = "rhea";
+    symlink = false;
+  };
+
+  nix.extraOptions = ''
+    !include ${config.age.secrets.access-tokens-github.path}
+  '';
+
   home-manager = {
     useUserPackages = true;
     useGlobalPkgs = true;
@@ -33,6 +48,7 @@
         inputs.catppuccin.homeManagerModules.catppuccin
         inputs.spicetify-nix.homeManagerModules.default
         inputs.nix-index-database.hmModules.nix-index
+        inputs.agenix.homeManagerModules.age
         ./hyprland.nix
         ./git.nix
         ./waybar
@@ -47,6 +63,7 @@
         ./spicetify.nix
         ./udiskie.nix
         ./keyring.nix
+        ./ssh.nix
       ];
 
       home.pointerCursor = {
@@ -65,14 +82,5 @@
     shell = pkgs.zsh;
   };
 
-  # TODO: Get a token2 and set up https://github.com/oddlama/agenix-rekey
-  age.identityPaths = [ "/var/lib/persistent/host_id_ed25519" ];
-
-  age.secrets.access-tokens-github.file = ../secrets/gh.age;
-
-  nix.extraOptions = ''
-    !include ${config.age.secrets.access-tokens-github.path}
-  '';
-
   nix.settings.allowed-users = [ "rhea" ];
 }
diff --git a/home/ssh.nix b/home/ssh.nix
new file mode 100644
index 0000000..ae6029e
--- /dev/null
+++ b/home/ssh.nix
@@ -0,0 +1,14 @@
+{ config, age, ... }:
+{
+  programs.ssh = {
+    enable = true;
+
+    matchBlocks = {
+      "1bvps" = {
+        host = "1bvps";
+        hostname = "178.254.43.196";
+        identityFile = [ "/home/rhea/.ssh/id_1bvps" ];
+      };
+    };
+  };
+}
\ No newline at end of file
diff --git a/secrets/1bvps.age b/secrets/1bvps.age
new file mode 100644
index 0000000..106f62f
--- /dev/null
+++ b/secrets/1bvps.age
@@ -0,0 +1,8 @@
+age-encryption.org/v1
+-> ssh-ed25519 7JS6dg Rx58PIoePOwy88y9iiNJDV4GCp+rlNY7oZCKOcvbfiU
+PjKbjgArVPyZqUbWAjcuoINcBy2Wyp70Jox06xJxJag
+--- af4TkBlucpaVjj5D05TnvGImoCKDkVLLGhW4hst9bos
+$v`G�
[Ȟ�GV��ОVGa	������>�GL��S�Ch�F�� �c{�Q��޴�x;�OT�7��i�����&�>� {͟0�X0��Ugd�,
+
|%�L0���!��Qֽ�#_�_c�xlT�$i��F�3��ϻK�~ncV��i��%�����<K���?e��)g��v�"�%C���Z.<򡝠�ߔ��0���L;�v�n���ȟw�τ��d����\�9�Ou��P�T�}�է�}�n+��$�MLj�riF�f��k�I�om 7���![�!>G[~d���;
I��x��9e˚7���А�L"k}�
+�FL��P9iy�����k�<��
F���/��m!PH�l�E]s��Bx��s:M��1�e>��Gb�q��OB�j�S6[
+~�8������%��	P��a����u>���Y<�Nb
\ No newline at end of file
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index a3991a1..c71314c 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -4,4 +4,5 @@ let
 in
 {
   "gh.age".publicKeys = [ rhea-laptop ];
+  "1bvps.age".publicKeys = [ rhea-laptop ];
 }
\ No newline at end of file