From feb1d07500ec9a67af6f62129a4b3a52e4d143f1 Mon Sep 17 00:00:00 2001
From: Martin Berg Alstad <git@martials.no>
Date: Thu, 17 Apr 2025 10:25:14 +0000
Subject: [PATCH] :sparkles: [pi4] Public age key for pi4, generate ssh key in
 justfile

---
 .sops.yaml |  6 ++++--
 justfile   | 11 ++++++++---
 2 files changed, 12 insertions(+), 5 deletions(-)

diff --git a/.sops.yaml b/.sops.yaml
index 52f1cd9..5dbf58e 100644
--- a/.sops.yaml
+++ b/.sops.yaml
@@ -1,7 +1,9 @@
 keys:
-  - &primary age1fxr5s6d6ar0xy5pr63kpq93tk7jha5k96jcxnyquj6s2mw8mmcpss8w29w
+  - &desktop age1fxr5s6d6ar0xy5pr63kpq93tk7jha5k96jcxnyquj6s2mw8mmcpss8w29w
+  - &pi4 age1xlnprpvshv93eerthxzg6cahklsfc4efh8dd6u8dte9u6cl0u5qsz48qlt
 creation_rules:
   - path_regex: shared/secrets/secrets.yaml$
     key_groups:
       - age:
-          - *primary
+          - *desktop
+          - *pi4
diff --git a/justfile b/justfile
index f20e2d5..647a944 100644
--- a/justfile
+++ b/justfile
@@ -50,16 +50,21 @@ unlock:
 start-tailscale:
     tailscale up --login-server https://vpn.martials.no
 
+# Generate a new SSH key without passphrase
+generate-ssh:
+    ssh-keygen -t ed25519 -a 32 -f ~/.ssh/id_ed25519 -P ""
+
 # Generate a new age key from an existing ssh key (without passphrase)
-@generate-age-from-ssh:
+generate-age-from-ssh:
+    mkdir -p ~/.config/sops/age
     nix run nixpkgs#ssh-to-age -- -private-key -i ~/.ssh/id_ed25519 > ~/.config/sops/age/keys.txt
 
 # Get a public age key from an existing age private key
-@get-public-age-key:
+get-public-age-key:
     nix shell nixpkgs#age -c age-keygen -y ~/.config/sops/age/keys.txt
 
 # Edit the SOPS secrets file
-@edit-secrets:
+edit-secrets:
     nix run nixpkgs#sops -- shared/secrets/secrets.yaml
 
 # Hash a string using the mkpasswd command