nix-config/NOTES

14 lines
569 B
Text
Raw Normal View History

2023-09-19 17:05:08 +00:00
* Yubikeys are great, if you use them correctly
https://www.procustodibus.com/blog/2023/04/how-to-set-up-a-yubikey/
* generate age public key from host's existing SSH keypair
nix-shell -p ssh-to-age --run 'cat /etc/ssh/ssh_host_ed25519_key.pub | ssh-to-age'
* trigger first encryption of a secrets file
EDITOR=vi sops --config .sops.yaml --encrypt --in-place hosts/common/secrets.yaml
* edit secrets in that file later
sudo nixos-rebuild switch --flake .#my-hostname
2023-09-19 18:38:19 +00:00
clear; sudo nixos-rebuild dry-activate --flake .#loki
2023-09-19 17:05:08 +00:00
-------
services.pcscd.enable = true;