From 6eef6460275222f4270df36c8397d44c44b111e7 Mon Sep 17 00:00:00 2001
From: Julien Moutinho <julm+julm-nix@sourcephile.fr>
Date: Sun, 21 Aug 2022 00:53:09 +0200
Subject: [PATCH] oignon: private: setup

---
 flake.nix                                        |   2 +-
 .../wireguard/wg-intra/privateKey.secret         | Bin
 private/hosts/oignon/root/credential.secret      | Bin 0 -> 4134 bytes
 private/hosts/oignon/root/machine-id             | Bin 0 -> 55 bytes
 .../root/oignon/nix/binary-cache/priv.pem.secret | Bin 0 -> 302 bytes
 5 files changed, 1 insertion(+), 1 deletion(-)
 rename private/{credentials/oignon => hosts/oignon/credentials}/wireguard/wg-intra/privateKey.secret (100%)
 create mode 100644 private/hosts/oignon/root/credential.secret
 create mode 100644 private/hosts/oignon/root/machine-id
 create mode 100644 private/root/oignon/nix/binary-cache/priv.pem.secret

diff --git a/flake.nix b/flake.nix
index a50f4c4..17738b5 100644
--- a/flake.nix
+++ b/flake.nix
@@ -43,7 +43,7 @@ outputs = inputs: let
         # Encrypted using git-crypt, hence kept out of /nix/store
         private = "/root/private";
         # Encrypted using systemd-creds, hence can go into the /nix/store
-        credentials = private/credentials + "/${hostName}";
+        credentials = private/hosts + "/${hostName}/credentials";
       };
       pkgs = import nixpkgsPath {
         inherit system;
diff --git a/private/credentials/oignon/wireguard/wg-intra/privateKey.secret b/private/hosts/oignon/credentials/wireguard/wg-intra/privateKey.secret
similarity index 100%
rename from private/credentials/oignon/wireguard/wg-intra/privateKey.secret
rename to private/hosts/oignon/credentials/wireguard/wg-intra/privateKey.secret
diff --git a/private/hosts/oignon/root/credential.secret b/private/hosts/oignon/root/credential.secret
new file mode 100644
index 0000000000000000000000000000000000000000..50ca27860d7243b7dbd94d459d77ab93e8fcf770
GIT binary patch
literal 4134
zcmV+>5ZUhlM@dveQdv+`01K49!I9dbt034PVPAC)wA0amaUCuX!c~;pgYjPUy-`8?
zA3(pOR5Mc~?Gcee4BTphot>ZD#wO7wZf!7vPX8EkO`P`UHU!6`$Yiu}eC$nlIoiQO
zMmD9{o6Rw%+3g|O?O*LW^XM{X2q*hNjwIN6$k8{DEMwxp1UNTza-iM`ajA90E^-^>
zhMO%BqQiUh%$<1KN3&1iW8c2;Mceq#oshStn&jr2s-Orkq*J7~yXKwY_zl4C1^Zf*
zC@Ouco(Fdq?WHjuQrh(_lLAdr=MjrWE?82A1AGbsXIOHZ(IJ15HkPqY_{)8w#=p7C
z%N2tal+BDi#MVbOVn{4Mls=dW&{o`v0b1KVoymXLIXPm2(MzoA*RCX?^AFgcsofv)
za(xQF>}LBuV9-2UD5t*Lf31ZNr@+|b=7~&KRf0DcT^220YS6n7zY@8;65szR5sZ8W
ze7I(z)x7KhFY;-puP!g4$~5m^KRizjvX$!EPv1NB1O8HQ>1OsZoSeFC+?4eG5}e;7
zy?by#?%;NR^`!4sOsRRs4Dd*i8SntT7q;d={%n}%9f1Zy+f*Z%b`3SuDZ$dCv7I!@
zs8&l*d>b}up$Z4`n;-tVBy6^@IKMxr*WH>V7icBLlK|Bo$mwg^LUmk=K!3?HPaqWa
zGuYc-hs8j8n8g%>vY6CpN~Cjta4v}_TedHer(j-y2sBgvDRm)hCr!H+L#FOq!M-Xc
z%R)~|;!%b@66S5<plvB9cI#Y<VTqK{am#ZI%TARmUcLk2NElTZomFB+#|Li?Y=<jz
zMZ4sQya*|#{1OA86^JXMLuFDuseOcA$Vuh-ZpP=kgF`zyluc2ui3|f<WdyV45RCz)
zDBCirw@g6+*m1d2nV5ev_6+MN?{vfraZ2jF?mjsf?V$;ii{YiDdLOna>mW<vv|ZdM
zGWhU!oVaOm*RFEfK8W=Gd+G6MxS0TQGAPMa$5r1mi0wJ%8ItkH&0<?v$~&~0p<@Uy
z()9<jXZ^odJO>Uo%nw!)m$$Hal`_rgwajdUbw`~dZdaL}_39k4QyHUl3+9^h1y%Ja
zUH?D{2^fmZS=dTV#jQaG&=K(wq)G5bkVn`^wG@-FtPbU{&^2I{Y+#q@!VG(}cX5KH
zwZmCyl!A~)#(SDSqrbv-|9~sgBWV?P-VFH&t5l0pzX}~pj6c9uuR_D4ZV4y)Zc&o%
z;Ox{9lpsn7$*5nmko3W09znKfSv0;D0m5#TG)!#DXV{mFSVT&pp#63{Ca;-zw+xVm
zm!k3xi>S^(*HglmKli6ttCu!dGn<ZBd`EPA_<`zh3@ww5Tr(cR3n~d_E%8DTqLF*c
z?qlRcqU{-m-iONoL7)Stk;Xn96<vD4+q$mQBs@4)N%)ZRvk&G{&p?@oAjz3ZmR22w
z&4u1e-5;H`NqV_M9FAbmu*aql{WLxqs`jGY^Dti6ig9O*m^iG-s-2QEZ-)T=E|GFL
z7!O*#B;Hq?9VR8mc2n-v{VJP0wv$~t%^tL>kT$J()AK<69cH+5U3p!I+Q_`h>nY?6
zzwbKU3@%C{U};&kRqne&CE!ygrt3JmM-zDlxFf|gNhE-0wcybT=VOuC|E}t=k2n#g
zLs}0VO|XY2`$C{mFdnY_a<||_u0}K<xNxolM)9|r;#gFnh*te$AcDc&$!PS%vvM_u
zn!4jPh)by96YE3TV?KC9g?3cHR7IzAH_vxQ(0&WDxVCoBS!@69No1rHTgGOSIKVD}
zF1?Y9zc+dqh477bQ?%6VRy#zPISb?Wxv&+C38S(U92nT?HM?j)TX)y)b^PnqqCnDI
zC+|e~{i(RdfPo4&DX&41HYqPLuirgQ7ltG0US6YCU#S73C+ErCFN0I(JOxSLz_J&$
zI>C4p@+zp#HpFdqXU_2{L&j5iv|GL?iKzN$pfkUgS=}mMy@_*P?S}yIuVv=GLJ*&k
zCAXjjL8RTS5|K0qW!Cdl)N0Aoc&SbNC7a{X>1@M-?dynMj9l3LNd`^WJQ$M0(K;;|
z_=E;2|M7}CNzeB$HeoK5`Iz#mCu?lPY5qYt1`H))(jD-v=elXLmz8f^9A5J7{pe+h
zzS}Io?b44A`Mrhb-5|yWJ6l_RP*!WsP%pY+Xm3tyiw+UEcHCqHWn`I3MA5%1G%a8h
zI<PYS_Dql=E9vc_woq^|Tr(BDD&)P^Z}C~VEo)nKRs6LV83|5xl<In;zS8gDX5vG)
zgC}ei(#+rC)0<BeZ-V8xljNKwYh9%?x#B;LN_SC=OAqFNM}}G(V^N)2rQ1CuH-H9y
zD%+f-c4`4LYWJmdA&R_NaNv)O>J5Ok8oNz{dZ%yhtwzc5m**o7TkV`YOGY#KnvJh}
zL&F~x<J1XR-n>If9hPJ_6`^DiGmu3r?>n)WykARqp=ZVq0D?d+9e3Iw!sqpws%B+7
zCd3fLSa#2@I0W79YuroTi?$^T{>Fz-cp&H9c&*P&Yh~R`QeFP&Sat5`BZl%J7Vz-@
zbpwT3TS@T)aJpHJzZ&p5Xz`Mvyx(utn1J-76vPrg_;OPPV~LWyuxa#kXm@LDZJSfj
zdTt5*+{@GY|Id`;wwB0{m}6p}DZ42+)^YR^<sl1{;jbShFC8&YONO6WZvN#;B5RWZ
zKS@GzRKHR4XPA18ucm+jj9zi+CbitH3|hR6_qBUAE>pUFvj#gv;z=!qnrWk`uTjyn
z61*D7KVQ?SFgi$M;5}ZXcq27qM{Sg-4>LY$q?@D~%yqraScjE4wPAEwssW}JtmwZc
zq{$9#jv`UB&OAWTQqGNjcBogv=6~BbaDyy(EBI%$F#sG*p~KsSbcWUA1s*KD%|W8J
zNQVLSw215m_0jX+My$|kklX+g*ou#Yweb*G@&c4c0S7vk(*qle0A0aIml2I8J*$_J
zmB((px%^=;Q@lHmRSYz{3ep)H%pUd{AwI<Km4A4~^HGBVKMa<n8$KqqW=vdLUlkJZ
zT(jXvWdywbYQ|yn?`c<KqOwGSPg%9*a2<ffef}vVy-(iqx3ko8o34zrQEuIl?(&|Y
z@uQY!SN+oIua+{3>GZukU!kZ+V2APPF~BCt`+lI|qilyt|8j7%*Qj);9Z$+~wE@5l
znA9I0dZO6x7t5E*^F^cu(kV-;(`H7~OJS#YdK`*1t7kO0cd+|3l}K#>N>FKoIZ_53
zIx^PN3if#i4`AJmes%k=SdUgGSL5a4Su9T&Xf|34An$NbkD{2msKAR`fCZ@>JR~Gq
zoF_!LUFYK6a`#kB6!EXQ-7)^15`xgfh91983^*FHI(6zRO>_?WUtcX0tRvn=Ov`iF
zNEJDw3718mQ5<N8<{W)`dIuz27WkoKRlHmyoJdf=x8MfzqK@QKwS3bx2rX{&+%@*G
z_9OC@dwLEK(Zownp_sY1W`0$~7vC=vg$Iy}ad!|w_m6!V!_;8x%5hPoT77$BLvCzG
zKoiHdf~GzU3fCCu^Ia(mr#Opmi?8<YIev%h%;3g<zM0b%@_$E#YD#<Vo|Rg_gk3{z
zyrdqH_K7jW00sdrvr&8ruf;~o9d(06*q8c;UJ9vOSEd9{1={d7Uz>x#ozMckCV}wF
z`9S_1&gtvL7B^(l{0wAJ++mPonp|qB!aF{rXsnuQ!#U;e9==Vu&B3&a1iGn)KxJrI
zQr!83GJAD)-b!s&n2rKcs*nZws*3uW`pP{e543a|W-wFo=p9bdk%~e5DQ_D7>X)rH
zk%%ewrwIEkH#}k%Qj91_1Y%o&9j4#pSjj4`IP0$66G~R2s2qehN-{BYgw%RYIq4C^
zUV^2p!LaaBt?+&sl<He|beSLd{TU~aS!y6ygWqB#;{&mhDk<VQ*i`8>UM99l8)Ij(
zp`y-(F*T6?*Mq*QqY$#TQK_f^8Se8L?4{Fgb)#Z;KH)rH7k}#4ZS7B?zwW8N4zj0$
z6+7~K7PHQLPD~Yrp>&(%Q`j^2q}oTZ1&jH;TnS_Su-5R;!czMRWup^^fgyRyD~l<4
z1n5gxH%Tjd4aK^)SIR}lu~}IM%ySkSkCM1Q<rQ8fohUY@ZLe}7U?y4mzIc-=z&1D;
zq}psU8Ek53oUYJ{z51Cdf!MOC>nHDH@$#DpE<Y-tt1+3P7w!QrTl&FoWi6w!09z?$
zQhL~s5&o=iFs~532R*G9jXSya+f*fo{WHPpGFK$xerayc9dh`7_g_=9-VC$c^l&Bk
z4-dP8z)Q}hz;cDnawS+64W<RV7$tS&3KUI$e0B?J{fh0aGV-?lHQ&)nM@`M+ySqBy
zpju5VM0tRI$l7aa*vl+_cJh}oumAu_GnYCeEh!J{<iBS3#?cwnhp`;j)f0ox;4J)1
zPUE#T)>wgjaAPk6{YIUV55ukkdJac79~LxG3t2i0smu@m<W3y$t|?2#jP{N-jd;AK
zc~F8kJ_wOR;Q0b`H90QfT)VPN7B=wH^ia-yf}!L6aE|Do0a=29%IY^S0+pdBqXMAl
zVzc?vDh1C3rH)TaGXv{oN)HaKtSX6@{E$_9+b2-rV_DVShLi{OBkTb8z_rr<lQB6(
zR1Mlfh)rx*CFT6E$Cb%U3&8V#<?-?dB9KvdFBv|qu0~J8=D~JYO&d_U9!I(q`I{A*
z3K;HJ7Ty$zoZz9T57Yl#Nb$?2{f9AsnIoLSn6!@410eGOTg=vK{dS6-2A$5+P=lI`
zO$9_ReV_qKo-vm3eydK;WY3$zgMDS|bo+Ff;n87>aIZdOm1I@lx6Hdc|HcYw5)>dt
z=!&x+yXPwev$QVrgRuT+%UTmI>j1+r({VPxGXSwOfPphNQ>G-F`*l#vXt0H~HN4Z<
zqMon-b2k$vhgz9??B1<wDctdnb-xh#PvS<aV|u)rt!#lExXjipiz&?uUOu~<;kJP{
zYeI|%solF74-Z9n!qKC7FI;Z+ftB6uC;YYPTmT=cI+K0#bf+37a-}zXXc>yznEIIz
zX$qs8KxSuJ^0B%A<s=g6Ep*A>gT6Xyj-WjNKiY*Gv`K6K3Mw9XWpf%;eN~9xkE{PN
zbowg)m~afylW8<bV<Ido_@3+Pc{0F0(K{T0fO*K|yqR<&9@#IU+2u%R8zXfv@&V5!
z29YGIQ+SHdl~_v+&mL`HchXq5XV|^I#dTnNB6p+7bwR5(3}634al{rJu~#n_<hIhz
ziB``=+c~z{mMs*?6%7^HV6zM`t-}+cZ{(ZuRc~5I1Se7rF_9IwmhkEj0X}F~7nTX*
zY`H=~Luh>Cr_ULSFA_`_GFBBL-T?-*66UnVznNFV+maY8)On$+h-xkNE?11xp_Nua
z*KmTy*b_1~v(!O@QyZ3Jt6hi>zA-H>nQ}e80AOD-^*YYtdk6C&DlftmLb214IuJPy
ka3*iEoQeGR^gD1U^Yp+m|JR*Ttjy#1btQ_nY`96`ap1cC+W-In

literal 0
HcmV?d00001

diff --git a/private/hosts/oignon/root/machine-id b/private/hosts/oignon/root/machine-id
new file mode 100644
index 0000000000000000000000000000000000000000..96abd3f1fe919892ace1e5139427be2647e5fa4c
GIT binary patch
literal 55
zcmV-70LcFUM@dveQdv+`0B>08NM`H*WFqDLZU&%z572pRl$A_FEck$X*gWsTeV8!B
NoNPvov|8GbM7yEw8gu{v

literal 0
HcmV?d00001

diff --git a/private/root/oignon/nix/binary-cache/priv.pem.secret b/private/root/oignon/nix/binary-cache/priv.pem.secret
new file mode 100644
index 0000000000000000000000000000000000000000..e7548a08a17948735ec2f14d29a0710306716bc8
GIT binary patch
literal 302
zcmV+}0nz>dM@dveQdv+`0CUbV(CyTvWGkLMCIzM+DKp@ApVbjnl7OK;`PlgAv=_4Y
zbT$xEn@MLZU>rXgcC%UDr}KWi&Gj2j7Jx>Uh^rowP9I_JT^@Cn2?nH`%S&S9@RE;x
zU=uRg5${XjV(7-C+-DWH<u`2PVVu)m_qhDJjef>w_EDFpYtlrqK9$)+Y-tGHm+E^<
zh$vkQd+UgSl290J*C4n3n<2%SnJbBDX-60o5a7Yy@Xt^)kAAIW$f>lP2W6=LFR|g+
z`;5$e-Dfe^_=^5g1oM%JgRS>pu8&-Rv4H?IMoAGW4)7#>HML2(c1=<gQsh`vbHp3V
z7yn~+9LNs`l&ucWZ=Z|8^o{7`7{TOJ2fAiH6FdBB?G!M19NJaiwKsSUULs8}$ER?V
A^#A|>

literal 0
HcmV?d00001

-- 
2.47.2