Added agenix config and wireguard secrets

3 files changed, 25 insertions, 0 deletions

diff --git a/hosts/herra/secrets.nix b/hosts/herra/secrets.nix
new file mode 100644
index 0000000..e8a3126
--- /dev/null
+++ b/hosts/herra/secrets.nix
@@ -0,0 +1,15 @@
+{...}: {
+  age.secrets.wg-key = {
+    file = ./secrets/wg-private-key.age;
+    path = "/run/secrets/wg.key";
+    mode = "0400";
+    owner = "root";
+  };
+
+  age.secrets.wg-psk = {
+    file = ./secrets/wg-psk.age;
+    path = "/run/secrets/wg.psk";
+    mode = "0400";
+    owner = "root";
+  };
+}
diff --git a/hosts/herra/secrets/wg-private-key.age b/hosts/herra/secrets/wg-private-key.age
new file mode 100644
index 0000000..62f663c
--- /dev/null
+++ b/hosts/herra/secrets/wg-private-key.age
@@ -0,0 +1,5 @@
+age-encryption.org/v1
+-> ssh-ed25519 vnEwOQ r71IUfe+hXSH2/sK7Q555KWRN8XMWWXI3MIhT8LfVR4
+UetK2T1IyA5FXEglbd5nrkQ7sypo/0/WDz7nBian158
+--- ocJKAzsozFd3/eFIZpwer2r4EARTy40XxT+Hi8T2PqM
+��~����I,��y7/��\����)�>I�e�cfb����M�9��&�,��x_�M��]d׎E�ƴXr,�S�X
\ No newline at end of file
diff --git a/hosts/herra/secrets/wg-psk.age b/hosts/herra/secrets/wg-psk.age
new file mode 100644
index 0000000..de45ae5
--- /dev/null
+++ b/hosts/herra/secrets/wg-psk.age
@@ -0,0 +1,5 @@
+age-encryption.org/v1
+-> ssh-ed25519 vnEwOQ jRNs0GY42cioWgRhPIPEACsqMw+HXKsOkmiGs0gDySo
+8iG8AMMYKOMVblKD8b+IIuVmwMKsh623tG9zt98ARDg
+--- 0B102hCKZh1VvWXqnHzG30TsGyMxzaVYCtYjhCgkoWk
+���r�>`���
];��=i��ͫL�E�y/e��By�Rx��L�ȁ�\�rDo=`��,�9H��z)�Ó�7�5�
\ No newline at end of file