+

age/default.nix

@@ -10,6 +10,7 @@
   ...
 }:
 {
+  systemd.services.vaultix-install-secrets.serviceConfig.Environment = [ "SPDLOG_RS_LEVEL=debug" ];
   vaultix = {
     settings = {
       storageDirRelative = "./sec/rekeyed/${config.networking.hostName}";

flake.nix

@@ -93,6 +93,7 @@
                   # "livecd"
                   # "bootstrap"
                   "kaambl"
+                  "yidhra"
                 ]
               ) self.nixosConfigurations;
             agenix-rekey.nodes =

hosts/dev.nix

@@ -85,7 +85,7 @@
             nodejs_latest.pkgs.pnpm
             nodejs_latest
             qemu-utils
-            rustup
+            # rustup
             linuxPackages_latest.perf
             strace
             gitoxide

hosts/kaambl/default.nix

@@ -51,15 +51,6 @@ withSystem "x86_64-linux" (
       ../persist.nix
       ../secureboot.nix
       ./backup.nix
-      (
-        { lib, ... }:
-        {
-          options.test = lib.mkOption {
-            type = lib.types.path;
-          };
-        }
-      )
-
       # inputs.home-manager.nixosModules.default
       # ../../home
       ../sysctl.nix

hosts/yidhra/default.nix

@@ -45,6 +45,7 @@ withSystem "x86_64-linux" (
             ]);
         };
       }
+      inputs.vaultix.nixosModules.default
 
       ./disk.nix
       ./caddy.nix

hosts/yidhra/rekey.nix

@@ -9,9 +9,8 @@ in
       type = "ed25519";
     }
   ];
-  age = {
-    identityPaths = [ hostPrivKey ];
-    rekey.hostPubkey = data.keys.yidhraHostPubKey;
+  vaultix = {
+    settings.hostPubkey = data.keys.yidhraHostPubKey;
     secrets = {
       wgy = {
         file = ../../sec/wgy.age;

sec/rekeyed/kaambl/01592f733739fd8e54cdc383d69866e8dbd36334c8e3feafc00859901b65acef

@@ -0,0 +1,8 @@
+age-encryption.org/v1
+-> ssh-ed25519 rUtFuA Tz/9WkbsvbR+RgV5z3qLHy7hNtiJAg73nffv/ORJDkA
+Q2J+TGHtRLpLMk0h5OoyU5OhHjFrCjD9IoiGYxQNaTo
+-> Agp`O-grease C 1 99D@SB z[
+2VoyvVQ+tu1ejIg918rH6W1G14cGzgg1IWaE50ncbpgHz5dLQwKgYsGV5HpjC+TB
+TtDcLGaM257EMea+9w/h
+--- jNnbkUenej9D8Srcpngx234elUCQ/d5VkXRGgA0r7Vg
+�����3�'�}vs�=�m�-v�0/H��A=(�$p��ȏ�ԥn��֩�)rw�>TȱI�J�9g�0�u������$�m��Y����v9�\�’�#񖏷�b��H�V��t˲!ʾ���w�]r�P����=��

sec/rekeyed/kaambl/1c9f4a753519043339bcf113838f0a94f5ff9ce13fcd38892c252b54e662ba20

@@ -0,0 +1,8 @@
+age-encryption.org/v1
+-> ssh-ed25519 rUtFuA v7qAP1mzPDoZmKBy6EDIXTjkjrkkky/YFkaQQvnTDxQ
+5OgaK05d4TdL4Ls/dVBpk7AhrUQszNxaPqc7TBmR92A
+-> 2#aP\"-grease C?5.U3s 8UB? vD'z$<]
+TS0mpYUVBtOVYJfI12PsjoZSUAEACFQ18tRDw7kLEc9w
+--- 3qeID6c9cdKO9PpgTJJiOk77oeHTO3p4zOR+/Rw+qdY
+3��Ӏ̷b�]o��U�>�:���1JhYqL�Ό��4���]�)�L��"�G3����%Cn��H����iU��5w��៑.$����j"�>%����
+G�[`U|��)
#i�����59�	����}aA�A+����ga��7��A���V�.ۭy�2�������q�Xy�H?�@�-[�^�.n�����,Y��?�W��S//NT�;�������j������H��b�I�5������]ϕ��;��;����	Тz8

sec/rekeyed/kaambl/3d767172da718c277fef17b265801c070a542cab81f71449c0dcebcddfebeffa

@@ -0,0 +1,12 @@
+age-encryption.org/v1
+-> ssh-ed25519 rUtFuA sefw0OpizrQL9/bQuCpSU93hRNOl5mmAAlbvq66lEUU
+UOzuRRZOLR3elifJk/a6fknpnC2xZUxiePlnZMp+QpA
+-> Q-grease ,n.bo
+VSpVhGmtwX1eN5H4XhN5W0LR7CzzWAw7HQFAXpcyeV5nEsbeShi7q4B8aDd14/Bk
+FLmdluW26bXriIXz4Keq22U
+--- 2jsFXw4tVs/Z0MrjMruTO8beelz70mdebvn6BZpDhz4
+�yC�!��7ϭP��j-ߘg%�#�*��Ux=���İ�U8�t���=.�훙��Dj�J��ׇ�Cr�Z3l)& ��i��X�F=9츻���6������G^Ժ��T�:���pU�G����e�����%*�=F�a�d"q��e��e�Y�7�4�}	'��0�������i"�����\k�U.'��
+�R
+�D����uZ	�O�踾���>MIBd�:��:�%E����ċ�.�-9��D
+y\̼+Sn��*�R��^q^��:W��o�zwW@ê.�g
+C�<�����724�ŏSY��lb63����-sX�z7�rm��E��^��1�8_��C��*��֕� @J�LTJB��R��?�f��A�@���)P:�`D8��tk���(��7�uɞ����J���t1��?b�u

sec/rekeyed/kaambl/4d21c3ef7536ebe59747d7e95757d085d94778dc3c88e8fed52312334532d8ea

@@ -0,0 +1,8 @@
+age-encryption.org/v1
+-> ssh-ed25519 rUtFuA GXRQu1CrIUi220L+QYwKClO5wpp/NFPR9B0gsRHAoSs
+8gXD2gd2hgp/mD0W/180PebGPjBJEJpd9wk31rjY4JQ
+-> o@7l@a(l-grease is* ' ZujBE8ky A5W^(
+K6t/VRgY4sb5nvepj0ZxSwiO
+--- sa2T6UVSvNLtZBd7rTxqDIx0w7jEdnHcNs2liQx6ngQ
+�92W�?u����򪚓=�>ɲ�%@�Q�\+�%
+I�R����y��ҫ/��U
\6�hS��1����ہ��\֙=֜ѝ%ax"s+*"��

sec/rekeyed/kaambl/500a9de855f1bd89fbbcdc09cc4e8395958a7ec1aa70885146000a3b29e0a6d7

@@ -0,0 +1,8 @@
+age-encryption.org/v1
+-> ssh-ed25519 rUtFuA 9lVqtNeTYmHakUDBo6svdwgasVtiehQhNi7kxnfMtSA
+i3lOTiQmGlwL1aWOntbULBFJCQ65wsTPZopr4d18lhk
+-> X)G-grease
+8EPpjrUL4TbtxPGBhdz3DcDSeAyBTMCQRMfYVTpjjFLPLnPcnklkCVP35q/Jdmwd
+q1cH6eyx+8Awt13SIRK4I5dBS2IzAsnA7ox8nodwKpuVFGrMJrDv
+--- TRhhBan+cmRd49d4f1+sADV237Vwn592oGeiB2p6/Bg
+�@d�ܛM-ab�[BH�!�����N
��V:(���(78Ժ���
��)��KBA\ƒ�9H���c�A;ln��n��/��f�GUgǪ��R?-

sec/rekeyed/kaambl/572a6e9504a706272ae5bc3e62d7b016d5e64fe9842d3371a6e8a334f768497c

@@ -0,0 +1,8 @@
+age-encryption.org/v1
+-> ssh-ed25519 rUtFuA KIhrM818kZ9+bNsfbAucYMSRuoynIAitfwjDfhrF8gA
+yJKlUl0o3bjM66fCNwIjvPQR2frS72Q+2tIdRExTX+w
+-> Cj+J:9-grease ~+X% 0 5_/?VyD NO?7PR2
+fkpTLgBMHacseLOvn/9g4zabi470REcL
+--- NZjjl2NzD+rwcVF4DsfyYQop0qR8wtyVvOXtplOTVfE
+�Zz�B��;�_��rs(Pb�q�҈u��)��d	a�'������L����Uenu?���Ϣn�lUe�t������b낿�y	�o�����^�GCP0I﬇��ʆӝ�V	�a��|^��7����l��yE�9x�6������Dt���c��$H�����C����Mf��A*��4N��6{lk�����X������L���
+���M �b�S��v�f�7>�t�Uh��J�B�v����{qoKٖ���n�~<���p�.�Ҷ��ЯQX��'���Ȱx�qQʖ���C�#a���o3/�D*�&D'�F.�:%��Xp���.h�Ώxm_�G?�'.-M�pK�Q)�-S�Ʊ�����3X�tV�U�r�4��v;(W[���7�
0��]N���6 �v ><@n�&^MI�k\�=z�����л�n&���њKî7���7[N��8U�H�S!�l>�=�z��_?������Ay�{t�""x7C�K��	r��b��`����h^�0�[�Oƻ�OK�X+�-��f�BF�

sec/rekeyed/kaambl/620e4e3383b8935e8c021a3f32de9032eb420ec2bd8197edaa552a12d96d776b

@@ -0,0 +1,9 @@
+age-encryption.org/v1
+-> ssh-ed25519 rUtFuA NhLE75wiL+NJL3+9CWw2eK9+solt5wHJUZP7QzZynFg
+iLXwiSStUoi0CJfLxjVaw96KIvtW2Wl0Pm7/jbZgNrM
+-> Xm3Dpu-grease vX
+LV9mNnHKmNs1fb5BCf6sRnrZ/Zc
+--- tr/jU1SqmDf678w7vnVzZnGhtjcyyG4Tl8fRTWwtaW8
+o���'9k����"Y�X���M$�`�
+P4&�`0��oWyZ�[��˗iY$�[�:���؉�1���6��G��W�n{����
�
)w�!9<�ނm
x��+9���L����!+뛠�U~�ٸ�?�s�h���!D�6������|ݹ�r������}�R7�E<���p�s��o�����w�j;T��)Q��
+^��������E��l�~?5xkDA��R��H_d}XH��i���,�
%���(Ӷ�/�f\�)

sec/rekeyed/kaambl/68ca4f6e45ec51e8da1b0483140281c60c1623f7dde98207eba58bbc0a54601f

@@ -0,0 +1,8 @@
+age-encryption.org/v1
+-> ssh-ed25519 rUtFuA 8AvEwtZ9N+DFgxFsn0NtDGmwd/t/R70Si1qqtwH5ggU
+BrUw/nrpcE4seWkQUtLY2ISb1wLS/yuneT27Er3Oeog
+-> of16>-grease
+ZmYXTWPZS2yo6P3/ff/38OtHmvN3EtyCXjwjY2afcaF8uq7nhESpnO2zmsYdZmSy
+WFY68YHo7B6QF89s0E5JoyLda/+dKnvPciH7yu5sxi+Gdmbf
+--- aD4PtkQTrY7vTw9jDyc8diQmoprPJbpmcxz4r79Ww8c
+�H?�t����q�$�>DSN�A�_'>6C{A�r�GUE=]-U�x�`��CF�49*�����}A�IL�����:

sec/rekeyed/kaambl/6b9d23b255fb61bc973f6e4d5966b64788a2c8e4aa3c68c4f7ebfd4df0353590

@@ -0,0 +1,7 @@
+age-encryption.org/v1
+-> ssh-ed25519 rUtFuA aOgI3oCyG8sbD3q8KbJxytLCKSxOJAum1guYvsjyghU
+AnB2aUM+GuyI+ej5Ydmm/0Rzw1DYJzOrv9/fadif2/I
+-> Mx-Q"O-grease Ax1.
+GWIGEkS8rQ+SRxqDWzsuwmNgt4wrAW+LORTzUc2XpW1sD7taw7TH7OV2
+--- jE9mKiRCofl1ZYn55KlhoqAHPXeelF6hDmhfnBUgpzc
+��~�J�ұ� ����/c�kCcx�ë:tSE�uJunrA�r;TMp?����>�eo��G��PTl)�9�y"H�M�yZ�#4���

sec/rekeyed/kaambl/9f45979718b3d5c478eb557157436dbebb84531c5b6c6e365e6775b4cab2a3da

@@ -0,0 +1,8 @@
+age-encryption.org/v1
+-> ssh-ed25519 rUtFuA IttiPrXCsYGMJX/s2f6LCKlSjZCLYsuD3YYPCs89ul8
+nAuofjJHQKR0RVG9m3+nKSXNUl3WNNlie4Ya+GjQzqw
+-> 6`L>B-grease Hi!T
+lwFBVVm3mHOynW6ybte+frI
+--- 9dddhndQ1rDQIoEukjLxIcnNelU6OlQlBKwkKBOonQI
+Έ���G���}�h��;o�-M^�������@���(�ss��>D��*��lU��;��}�(�Ԑ����o���n�S�����w�G�R�@#��:Z�A�A�_K$�yذ�t�!�����!�0�F{�O_	[email protected]���V�$
+O6�M����Q�����4�C��|u����J��&R�!�:=ɦ��

sec/rekeyed/kaambl/a43a43d41a1a7674989a39fcde48ac791d3401b06b6f8524cfbc2faa31053f77

@@ -0,0 +1,7 @@
+age-encryption.org/v1
+-> ssh-ed25519 rUtFuA ZysUn9h3wuTjYWQWYU38JL2lJbpF/tJfUABG3IQLD3Y
+rrlDqgriXruoVqS6VpN6X7It+QP65uYjYN2mR2i011g
+-> M-grease >#Bscs ~.\* eM+j8.M
+olpiJZIwseURHqVSriwl1zuw3Q
+--- gBK/5vvprZqKnS/ZaKZLwH+aec8z6bRCxNMlNJzNrjM
+���;�3-E[)��S����V�M(�$�Z���(��K�Y6pS��U�4�����Fo���Lz��6�>x����E6�H2�3��K�1�}����91�*�My0�êIMC���X��K��j�����Y+�T
�9C��0GX�Y�n�����@�o�\��OKl7�$�	�G�&80΋����Ε�%D�<�%X��<b]����7�������q‘p�t���������

sec/rekeyed/kaambl/a5f73c757a1d89dc44667f24eeddb1892cb05ff246f4633c4e8e5abb4f2b1d27

@@ -0,0 +1,8 @@
+age-encryption.org/v1
+-> ssh-ed25519 rUtFuA 3ljdhNW5xPpL+FYyD0DoN1uS8FmZHyR0M1511YzVQnk
+ra0KP1H63G4m0uQekvi4/vB0+MnyPo6PiItLHkOHDfk
+-> ?%-grease 'YRF<U$
+4zKtvMLW5rKjkS5nA8uDDmGK1xZL1CHSyqAW8uiuWD24nTnkOs0thgP21iJe/J4s
+grps1Vz1P7fiSveSQmQc1P/CmDIAp7H6x1ng
+--- XSFnrcVP9kPh9PYQriDnpAq+BsyZB79FlwspKU3O7zc
+�qR˫mѤ��
D�g*�R�(�byj�7ӻ����J�y�r#����Tepa_�\M!\���=U���ؤ��
�s���

sec/rekeyed/kaambl/b3897f9fb473b3fd3ea46a82aaf0ee79c020c6e2fd87ad3b615e56d20f71efab

@@ -0,0 +1,7 @@
+age-encryption.org/v1
+-> ssh-ed25519 rUtFuA obeYmaMoagO+VEU6B/B6MC6TxZfSipgMPC0dB8gtHDs
+QaMd6C+ZIIUZLSg9YizJekWwXQwKwgl07wPjjgJsvL0
+-> -.Hu-grease ~r8{e#{ A
+lGczlWm/XIrDyxDCmaeno9cPaFkn2Zg
+--- 970u+2Hok5/QForLY51niLk+fx+ybQaoKxr3axThMP8
+C��+�0-��
r�f�1��_� ����&� m�5K�Vu�����w����unC���o49��K�

sec/rekeyed/kaambl/bd1ff1c2e4c10239ce77a0384f0332943c12cee48a722850d2f2f22d26caa748

@@ -0,0 +1,9 @@
+age-encryption.org/v1
+-> ssh-ed25519 rUtFuA 8yg3cwLlmJzQpOktAJurOpxdpTP5wtyWalzSz2jvyQ4
+sPTOr0m6yY2HmAjHh6ZwpqJGjSPCdMmfMdJC84GW7to
+-> jQ;w-grease
+0xN0+An/GsaSQskwFqj9PEKRhg
+--- k5HIeYhU7xRntKKWjFd/w5f+f6Xb2TikCgEEge8iBUE
+���*�U1Aa�[���#�����R�^�h-{�^�5�l5za
<�0�����Z
+a*;���[�j��)J7DP�nc�� 2�s�8w&�)����Kd��9�B��eCm`"�V�2Gfbs���VM1�*��Z|��2�s+��C�q���9����J��B��
89*C.���Y����%�Qj�)�(���.�=5�ƻ~L�+;
+�4�IsBz3`��W�x��{?�@*O�ā$�m3

sec/rekeyed/kaambl/e7ea584a504a4ead2c5723a17ec15de1d075033b1f8e3f5a980bbe428a7a6023

@@ -0,0 +1,8 @@
+age-encryption.org/v1
+-> ssh-ed25519 rUtFuA X1yY9sb9IJJd8y5ZrjjQ8TTkWG+Wq4FOeSDhhKk2lTI
+tdDi6d3hr1g+0T0PeMN38+MK1dAD2e+afUuIuOp59YM
+-> Fd8VS-grease sMv*DX \$t P z@9pT
+pMw/CF4wWlPPUm+2i0Z28os//L5br6iz6zxUeh76VJjFP28XRtxUz00okJBCAHee
+xfvSAW2NFLlZRIuJAroO4pP5OSE
+--- s7PnVQ0G1pQm/JrCMA5y0Qwl1wTPrsFXBe29hlwQ4L0
+��j���cD�"���}��ҟ��!���j�~�P"�S%	ı���p��&���i�W�#����*�8ԫ���*j�������>оy>�G�X0�04|ϼm����RqQ%kL�y�ҵ���-�b�tM�7=�� V�����Q2��͕nw�[.����(�t�M;F�p{�w$]���eO�#��W�\����ԺCa��́�sYҹ��v?�^��q�"b3��hqu�

sec/rekeyed/yidhra/01592f733739fd8e54cdc383d69866e8dbd36334c8e3feafc00859901b65acef

@@ -0,0 +1,7 @@
+age-encryption.org/v1
+-> ssh-ed25519 wfJcTA v9cSM7xYEWYxDtkX3kxyp1xenkN4H/g2RsFWv/7mhHI
+1/GJ9T6VfUC2kAQnCHQtE5lqoasoOuPBTJ1/9FzRBgA
+-> qRs1'<G-grease Q @y.O*O
+xspR2BgG09J8ScNpgMLrEu44plP/7rV0ZvY
+--- GESJamD1xNmnVmJOWCMRoqV9Fn9OBcCXrNn0ROJfOMc
+X.�|a0F�1�P0��yDR����k��W �v�v�p\2�Ӑ���v���*D9�-	穘�8I5�a`�|�7d����c`���&�ked|���B�tV��Kb�-�9+���I���*C��	ߊRȃ҄���#"y{Q�

sec/rekeyed/yidhra/39eb30731d88455c044bd647b68fe3ecffb4641b35cd9f674716941cd46fa9d7

@@ -0,0 +1,10 @@
+age-encryption.org/v1
+-> ssh-ed25519 wfJcTA arUOEdrohvcwWenXiXFXbQ6iv1K1/NVFg/pWMryU5kQ
+svCo+m7DuRJTaSb3n0dGqDS4pgljKm4XN0JrtagdP18
+-> E*-grease s 5ZLR fk\enH<H
+BaxrXPBmoyMp6P/y9RONweqN5fiilqloGfkXcQapbVvgTKEblTzbGAA6+rbMLcHR
+ycpYuiGc/6tuXNPBzcbj8giULTovWd1F00WVpUI
+--- IGu+CWW63XRv8c01ysFZKoIki+v/vt8LLWNCGXFleog
+���i
Ԏ��0=k���F��"����>{Ct���4���HE��"ʩ�Ng�� �{�N�LtN�"E&O?lK���^��&�]A�n�����n&_�ѴX�}�\7b�Lзd������PVv
+�n��,jƇ�$忿j+��z��D�T����C(����5��m��֦@ԭlh`�)r�)��z(a�j<뚠�u��|D/����]=�(hJc:aT��!�}��
+�:x�}�G~��uδ�m��w