From d5521a468d5dd91b66cb4d4597da1255465e17cb Mon Sep 17 00:00:00 2001
From: unexplrd <unexplrd@linerds.us>
Date: Sun, 6 Apr 2025 13:24:23 +0300
Subject: [PATCH] flake.lock: update secrets hosts/dunamis/users.nix: update
 secrets hosts/sarien/users.nix: update secrets

Signed-off-by: unexplrd <unexplrd@linerds.us>
---
 flake.lock              |  8 ++++----
 hosts/dunamis/users.nix | 13 +++++++------
 hosts/sarien/users.nix  | 13 +++++++------
 3 files changed, 18 insertions(+), 16 deletions(-)

diff --git a/flake.lock b/flake.lock
index e6e9131..a417457 100644
--- a/flake.lock
+++ b/flake.lock
@@ -1120,11 +1120,11 @@
     "mysecrets": {
       "flake": false,
       "locked": {
-        "lastModified": 1743273192,
-        "narHash": "sha256-G9VhIc+Fc+w4LDR81xmkj3xxbrvYJUOTM9sM4191ucY=",
+        "lastModified": 1743935322,
+        "narHash": "sha256-x/yc+PK6q8mE1iWh43GRBfN0CfLL2RH4fDHvmQwcVRo=",
         "ref": "refs/heads/main",
-        "rev": "e8f749354223905785f4510fde10b528bf1b2ba2",
-        "revCount": 13,
+        "rev": "44bde2e703b87c91862d9273c57f8122a6b408b3",
+        "revCount": 14,
         "type": "git",
         "url": "ssh://gitea@gitea.linerds.us/unexplrd/nix-secrets"
       },
diff --git a/hosts/dunamis/users.nix b/hosts/dunamis/users.nix
index a5a4cbb..312a291 100644
--- a/hosts/dunamis/users.nix
+++ b/hosts/dunamis/users.nix
@@ -4,20 +4,21 @@
   pkgs,
   ...
 }: let
-  sopSec = config.sops.secrets;
-  s = inputs.mysecrets;
+  inherit (config.sops) secrets;
+  inherit (inputs) mysecrets;
 in {
   nix.settings.trusted-users = ["user" "nix-ssh"];
   users.mutableUsers = false;
   users.users = {
     user = {
-      hashedPasswordFile = sopSec."user-password-hashed".path;
+      hashedPasswordFile = secrets."user-password-hashed".path;
       extraGroups = ["wheel" "video" "libvirtd" "dialout"];
       isNormalUser = true;
       shell = pkgs.fish;
-      openssh.authorizedKeys.keyFiles = map (f: s + "/ssh/" + f) [
-        "id_ed25519_sarien_user.pub"
-        "id_ed25519_eldrid_user.pub"
+      openssh.authorizedKeys.keyFiles = map (f: "${mysecrets}/ssh/user/${f}") [
+        "id_dunamis_ed25519.pub"
+        "id_eldrid_ed25519.pub"
+        "id_sarien_ed25519.pub"
       ];
     };
   };
diff --git a/hosts/sarien/users.nix b/hosts/sarien/users.nix
index d165bdd..f743426 100644
--- a/hosts/sarien/users.nix
+++ b/hosts/sarien/users.nix
@@ -4,20 +4,21 @@
   pkgs,
   ...
 }: let
-  sopSec = config.sops.secrets;
-  secrets = inputs.mysecrets;
+  inherit (config.sops) secrets;
+  inherit (inputs) mysecrets;
 in {
   nix.settings.trusted-users = ["user"];
   users.mutableUsers = false;
   users.users = {
     user = {
-      hashedPasswordFile = sopSec."user-password-hashed".path;
+      hashedPasswordFile = secrets."user-password-hashed".path;
       isNormalUser = true;
       extraGroups = ["wheel" "video" "libvirtd" "dialout"];
       shell = pkgs.fish;
-      openssh.authorizedKeys.keyFiles = [
-        "${secrets}/ssh/id_ed25519_sarien_user.pub"
-        "${secrets}/ssh/id_ed25519_eldrid_user.pub"
+      openssh.authorizedKeys.keyFiles = map (f: "${mysecrets}/ssh/user/${f}") [
+        "id_dunamis_ed25519.pub"
+        "id_eldrid_ed25519.pub"
+        "id_sarien_ed25519.pub"
       ];
     };
   };