[Devbox] Reinstall and turn it into a usable desktop.

Signed-off-by: jmug <u.g.a.mariano@gmail.com> arst Signed-off-by: jmug <u.g.a.mariano@gmail.com>
2025-07-07 00:47:47 -07:00 · 2025-07-07 00:47:47 -07:00 · a42e0442f6
commit a42e0442f6
parent db114aafdf
8 changed files with 223 additions and 38 deletions
--- a/hosts/common/core/sops.nix
+++ b/hosts/common/core/sops.nix
@ -8,6 +8,27 @@
    defaultSopsFile = ../../../secrets.yaml;
    validateSopsFiles = false;

+    # To bootstrap a new device you need to ensure
+    # that the ssh service was enabled at least once
+    # (if you don't plan to keep it enabled permanently)
+    # then you need to derive an age public key from the
+    # ssh key by using:
+    #
+    # $ nix-shell -p ssh-to-age
+    # $ sudo ssh-to-age -i /etc/ssh/ssh_host_ed25519_key.pub
+    #
+    # This will give you the public key that you must put under .sops.yaml
+    # at the root of this repo.
+    #
+    # You'll then need to bootsrap the environment, so copy the secret key from
+    # cold storage to ~/.config/sops/age/keys.txt
+    # chomd it to 755
+    #
+    # The run:
+    # $ nix-shell -p sops
+    # $ sops updatekeys secrets.yaml
+    #
+    # You're bootsrapet and good to go!
    age = {
      sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
      keyFile = "/var/lib/sops-nix/key.txt";