cyplo/dotfiles
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

new tailscale key, restart when key is changing

Browse source
This commit is contained in:
Cyryl Płotnicki 2023-04-07 21:34:47 +01:00
parent 7a9ae3129a
commit e63e1d9bef
2 changed files with 5 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
nixos/tailscale/default.nix
View file

@ -15,6 +15,7 @@ in {
};
sops.secrets."tailscale-key-${config.networking.hostName}" = {
sopsFile = ./keys.sops.yaml;
restartUnits = [ "tailscale-auth.service" ];
};
systemd.services.tailscale-auth = {
description = "Auth with tailscale";
@ -35,7 +36,7 @@ in {
fi
echo "$status, reauthing"
${tailscale}/bin/tailscale up --force-reauth --authkey `cat /run/secrets/tailscale-key-${config.networking.hostName}`
${tailscale}/bin/tailscale up --authkey `cat /run/secrets/tailscale-key-${config.networking.hostName}`
'';
};
}

6
nixos/tailscale/keys.sops.yaml
View file

@ -1,4 +1,4 @@
tailscale-key-foureighty: ENC[AES256_GCM,data:o5cVkNgdF8/yHeGkewLifI0ulagzxfXxHeeHGErgkaedAWLLbfNXAclGs6iH9EozrA3fx7XnJsLQ,iv:dEkqCvHlsN8dQ+1dVZHG0+4zi7OeHF9bUZ5qEI9PIPM=,tag:4fOnyFbR64E5KFR8bR5DuA==,type:str]
tailscale-key-foureighty: ENC[AES256_GCM,data:xb7EZ4TDLGXpstO2OTa+8gvK4206ik+DVQe2ZGqe+zxrhGsrkPu3MpjJYlL9vqakC4dzpRxwKN4=,iv:2Sq25zysjc2gS7SLi7QeFaIOtvKuBbNwADVyj7Hil50=,tag:65jC+Rk96s8xO+dKTo8uJg==,type:str]
tailscale-key-bolty: ENC[AES256_GCM,data:c1OC6WgYr18I2mP9NQQ1+ibqN28VNcxNMLanLdv6wnbqBLFUSUqJ8tlHgCI81qS1kzlvuCvZui4=,iv:YuNLgEfvBezS1+P/sKN96h1/88e2xU/gyfkzjIy3vNI=,tag:kY2jqCMgiF++sVISDiU7KA==,type:str]
tailscale-key-vpsfree1: ENC[AES256_GCM,data:RRfWVNXUumS9HuzqTjp/OYwwUy4Ljxd+ymaFWGSuCjWYy5uMyKDyF7FnyzLXD1jeegViM6sXJS2L,iv:b+zNGOP1lAQ7BRg6JetKCvo91hzZhqoYgwiQZzqMnKo=,tag:w+dVamXo3fM7AAyuzKtSjQ==,type:str]
tailscale-key-vultr1: ENC[AES256_GCM,data:8QKYuSY0/6jtIpaizGpgfyulESqPczw/J/qCDDpYpO/LS+ppRX5avg==,iv:QsKL4NqOUTCWSIxlaXqXbfzhFcAbJTkYXjkc1eCJv8M=,tag:g0vcE23ghCYevEpQsFh50A==,type:str]
@ -111,8 +111,8 @@ sops:
eDU3UnhLZWZnYkpwVWd1RWxSOWh3d2sKhtvrXSDt+IU6R9c/kJ9bM1lbmzPZmiXh
UYMyAqjLY906HafUf6GkbDTmdVA0CI11jcxtLPxb95tP1IvsG/YFKg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-04-07T13:56:42Z"
mac: ENC[AES256_GCM,data:ERIWIFeEq+oTJOKPVWlQcgTiVeiHqGyMGpasgE81nrJCZXX8FzKZgbgIFo4V4P8aqXz8wSrLa3dGEL+H83rkZMtKuvLY7yOqZM/eDkykcKZzoxy17jb1QAtCHknHAu2yYbYujVON7HX0eHxkv75cvn8CwY+r/l+XGqwYnEiAgJo=,iv:NPGIPenk5OjMD49tvGd0PMKPUxRPGKNH9qOg6T5wV/g=,tag:6I65sUmqaU3BFvsNv1wvKQ==,type:str]
lastmodified: "2023-04-07T20:28:35Z"
mac: ENC[AES256_GCM,data:XOHyakwvoL4/YCIbM57pBa/mg8v7BRGF+iV1iCZ4jl+L4TgT5LfA32pQBr46Tuj2eiW9lJUTgk6+09WdEUQiH0CitBe2hciVWVEtc0cKXidw6wh/hrwchuzj9lDGUaROsRuczWon5Md0QolHEzvE9DDJHFguuJw8rK+q0qkRp8w=,iv:3BRBw3ZjqUlx7hH8SW5MrBCbI/8/OGLnFwppXo+nfX8=,tag:WlDhO/Z6UqoCRxHUyKvT8w==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.7.3