From ae58864cc241ee44e3a70da3f7d09bf72eb80d40 Mon Sep 17 00:00:00 2001
From: sefidel <contact@sefidel.net>
Date: Sat, 18 Feb 2023 00:16:58 +0900
Subject: feat(home): add 'home' ssh-to-pgp key

---
 home/.sops.yaml               |  4 ++--
 home/secrets/secrets.yaml     | 38 +++++++++++++++++++++++++++++---------
 nixos/alpha/configuration.nix |  4 ++++
 3 files changed, 35 insertions(+), 11 deletions(-)

diff --git a/home/.sops.yaml b/home/.sops.yaml
index 7bfe113..2bb8262 100644
--- a/home/.sops.yaml
+++ b/home/.sops.yaml
@@ -1,9 +1,9 @@
 keys:
   - &sefidel 387E2BF0402610B00A9CB7E689C80C5BD6DBE2B2
-  - &host_alpha c62b0336ff6e444e5f2041e8074ca855641a5b7f
-  - &host_kompakt e6a9ee28ea91e2dbf24d817d0c5936391be59DC0
+  - &home_sefidel 819975cf4b52822fbdc0e966ff61829f24f95075
 creation_rules:
   - path_regex: secrets/[^/]+\.yaml$
     key_groups:
       - pgp:
         - *sefidel
+        - *home_sefidel
diff --git a/home/secrets/secrets.yaml b/home/secrets/secrets.yaml
index 4a492de..6c199c2 100644
--- a/home/secrets/secrets.yaml
+++ b/home/secrets/secrets.yaml
@@ -1,23 +1,43 @@
-sef-imap-password: ENC[AES256_GCM,data:HsdWSqGe3JrpeUzYNGzYKlpimu12QjTD1ENCV4ke,iv:Rl+wtmBKj4uyN1WWljncZf0g9QAbRhqdOY0gR4MPb5w=,tag:YCPZQHKa6sK5YQPj9oearg==,type:str]
+sef-imap-password: ENC[AES256_GCM,data:tq+CYvkPfUgPxvErtFqLF05NGrRt63ckv/hG1WqJ,iv:9d7YpmHnUXesfrGApQ+rylp1CS9Rp+vzXtUfyzisalo=,tag:Trcq6VVMrsEg7YXwaiaeXQ==,type:str]
 sops:
     kms: []
     gcp_kms: []
     azure_kv: []
     hc_vault: []
     age: []
-    lastmodified: "2023-02-15T14:11:59Z"
-    mac: ENC[AES256_GCM,data:haJT0zXhCUXrHajLWvdpNRyD9mvudMvmxwDittd1MDxk6ShkPLgp4gWJOvaKMhlzfA38BImTLsD18TSu4LsyywGSIEJWtl+yvWx8oPnSM3ag6qVosR+lFZscExIfVHLl3TlpDqwQjYhEI+zJ/4CUHYMx47CiVJ8Pv3gNS1gPCik=,iv:QmfmrDTPy9ccm5phCN3MEyMUM89NfYtFLz1rCnTzEbU=,tag:SksJursT3QY/plT/mWF78Q==,type:str]
+    lastmodified: "2023-02-16T17:30:13Z"
+    mac: ENC[AES256_GCM,data:qbOhCP7Y1cFC4uYFUyoVMPmwMdtnq39PJfjVJvDWZ/jATGt2+uYfQpB5HaFEOXH2fIaNmliWcsw5cMNjkRaVUJrozvKUo8luqofifnx2SFmLTiIFHIcSlslcecU+Ty9ZP6CCe8Xxx2QM1eBKTK6e6Dy4CFoIY2ZIu05DBO+FaTQ=,iv:/wMwGDnwOUmPewy1YAjR/FUMWBXJ+ch+a1i3vYgKPFA=,tag:3cOQWrl2JGrDnaYT1xckqA==,type:str]
     pgp:
-        - created_at: "2023-02-15T14:09:50Z"
+        - created_at: "2023-02-16T17:30:02Z"
           enc: |
             -----BEGIN PGP MESSAGE-----
 
-            hF4Dr9flwPWa1q8SAQdA74x1F2fT6BMnBcQn3vlRxNrbjpWVm4/iSxvQvcBFvBsw
-            J080DN3DqgU7EQyE5Tp+NgsNnntusf37gdObzzday9W9kRU5tTTdKdjPwKyCOzbP
-            0l4BM90zEP36xz5v+w3H4kGNbRmI7KRNJn5objmt7s+vRiS9JKJEmeyZ7ZyfCBnC
-            S7HkR8w1XyBCS5D/MPoCb1cQObrS2seJqF3jYxGMkK/8kE3E5BFIsIGP55dlNO6g
-            =+RWr
+            hF4Dr9flwPWa1q8SAQdA27eYQIHgncOnRgp+WvsVIdv5xsJ89ZK1Wp7Sx/WBOhUw
+            +rp01T2gASSlrwFgbey/9lG79r7rcbSrGE03AtLbi0o8ZaK8Cb3XGJQ+8YggRII9
+            0l4BnwlUhq0Ctufzf6+Rm5BGm8nlPNYIkTJTDEyE2dHMWBj9tEeP4eVwoTsO+F8d
+            bQX3EWPvw+EbwvitQMb1648CZRUX7Yitl+MS/FK3HV3SFCVAkisdGpy6np4LzIgm
+            =4eAw
             -----END PGP MESSAGE-----
           fp: 387E2BF0402610B00A9CB7E689C80C5BD6DBE2B2
+        - created_at: "2023-02-16T17:30:02Z"
+          enc: |
+            -----BEGIN PGP MESSAGE-----
+
+            hQIMA/9hgp8k+VB1AQ//eh6R0z7rhnOiCMvIE+L9zwy2JMH9UJuJdU3qPr/JcVT5
+            nMtxvUH4rikc2G9TDwBdkam1IZ9MprjTwKEGfQx9dmNS7LkoJX5aYDd2oeqrLZKJ
+            QireqUCHD9Gi11kvGfrNwH9dQdQTjNZhe08LQ/q8qki/4T5J97rMm20vvUoOph7N
+            EG9c4towS9Wr0PEl5BoYvTABQO/d3K9tfkbdfV995aUQ9vDca4EaVzd/gZG/9/Ts
+            oK+VCk5mjbKlzg2PF6vnOp4k/N+XVo3HIx+1Pf2ReIMDenKRP6Ibl3qTgyxZcRm1
+            gDjJRP5GZtrweZaAXsUgmf///sLU1wxcuErRD2A9M9jYZeuhVGbyC+RLrBI20pZD
+            8iO0uZAdjH1t+exEOWNYRIvIVmHMUPCUzc7Rrjwn9VRdARnfCCU3fCGMGStL0REA
+            yvHF1VcpnDpPe14s9CvrtxaUxvMY2B9qzxpve/Ic+JD9kygJkKUJPwUmlW2cp4xO
+            TWUl87y+PcEjw4HM2U+i9puFTYI7qNrbbXIwiuOVXPWCyCIokZTpXBB7IZ7YR3vR
+            3269ObErR+l/MkuhGPHThyS0D9g7QhR36+8qMNobvQC1xO34UlkUFYAk6GV8itj7
+            h5qRSmi8/HEjyzj8LMSn+x193RWvihlfDKDYcWKn9dMcIzEypfY7nYiFYzGIIF/S
+            WAHkVYuuOHZprfKuBOHubx8MohvxvKhzvlpJ8F6Kt/dqhy6dgI88DyVeodTGHTMQ
+            Upk466GZnvlqlZivuDxOHKAmDlmVTyRFdDGQ+JoGoJ6gFGz4lnsO+MY=
+            =nX7u
+            -----END PGP MESSAGE-----
+          fp: 819975cf4b52822fbdc0e966ff61829f24f95075
     unencrypted_suffix: _unencrypted
     version: 3.7.3
diff --git a/nixos/alpha/configuration.nix b/nixos/alpha/configuration.nix
index 5b11de4..558d57c 100644
--- a/nixos/alpha/configuration.nix
+++ b/nixos/alpha/configuration.nix
@@ -218,6 +218,10 @@
     ];
   };
 
+  services.dbus.packages = with pkgs; [
+    pass-secret-service
+  ];
+
   sops.defaultSopsFile = ./secrets/secrets.yaml;
   sops.secrets.root-password.neededForUsers = true;
   sops.secrets.sefidel-password.neededForUsers = true;
-- 
cgit 1.4.1