feat: also use a github token for ssh connections

home/agenix.nix

@@ -3,7 +3,8 @@
   # TODO: Get a token2 and set up https://github.com/oddlama/agenix-rekey
   age.identityPaths = [ "/var/lib/persistent/host_id_ed25519" ];
 
-  age.secrets.access-tokens-github.file = ../secrets/gh.age;
+  age.secrets.access-tokens-github.file = ../secrets/gh_argstr.age;
+
   age.secrets.obvps-id = {
     file = ../secrets/1bvps.age;
     path = "/home/rhea/.ssh/id_1bvps";
@@ -11,6 +12,13 @@
     symlink = false;
   };
 
+  age.secrets.gh_etwas = {
+    file = ../secrets/gh_token.age;
+    path = "/home/rhea/.ssh/id_gh_etwas";
+    owner = "rhea";
+    symlink = false;
+  };
+
   age.secrets.gcd_etwas = {
     file = ../secrets/gcd_etwas.age;
     path = "/home/rhea/.ssh/id_gcd_etwas";

home/ssh.nix

@@ -9,6 +9,7 @@
         hostname = "178.254.43.196";
         identityFile = [ "/home/rhea/.ssh/id_1bvps" ];
       };
+
       "gcd-etwas" = {
         host = "gcd-etwas";
         hostname = "git.catgirl.dog";
@@ -16,6 +17,14 @@
         user = "git";
         port = 222;
       };
+
+      "gh-etwas" = {
+        host = "gh-etwas";
+        hostname = "github.com";
+        identityFile = [ "/home/rhea/.ssh/id_gh_etwas" ];
+        user = "git";
+        port = 22;
+      };
     };
   };
 }

secrets/gh.age

@@ -1,5 +0,0 @@
-age-encryption.org/v1
--> ssh-ed25519 7JS6dg I9bdNrtj0UzjlrVWOjgVomgWprX+KAaL4uITS9j163I
-8vEaIAqFwmUKXbBskafWr15tqYIfmWjKn9g61F4y6F8
---- ToUNScc7K59kI8y+SR5e3RxTu16uGSsvd65tqomiOVc
-VoÓX˜¬ZÖζ»·<C2BB>ÁííÍG}úZüm…ˆ°Ó ®,ºåï*«àÛ³¬}ušþå8… \^I/¢T"us\¨¡CGÄ
§¿“h˜¥m>æÍÆ$–†]òÍÄ$H"<¼.tbÐOËÝü¿†žÖ± !j¹Ñƒ"°Ÿ³„@á­Õo=éØ«Ç_ÌoÜÌ—ô]ð÷zÍ9Ä~qO

secrets/secrets.nix

@@ -3,7 +3,8 @@ let
   systems = [ rhea-laptop ];
 in
 {
-  "gh.age".publicKeys = [ rhea-laptop ];
+  "gh_argstr.age".publicKeys = [ rhea-laptop ];
+  "gh_token.age".publicKeys = [ rhea-laptop ];
   "1bvps.age".publicKeys = [ rhea-laptop ];
   "gcd_etwas.age".publicKeys = [ rhea-laptop ];
   "sign_etwas.age".publicKeys = [ rhea-laptop ];