From 7830d0c3001396df60fb39a0cbaf1a66d7cacbf5 Mon Sep 17 00:00:00 2001
From: KoenDR06 <koen.de.ruiter@hotmail.com>
Date: Tue, 30 Sep 2025 23:37:02 +0200
Subject: [PATCH] refactor

---
 config/ssh/authorized_keys            |  3 ---
 modules/base/secrets.nix              | 15 +++++++++++----
 secrets.nix                           |  9 +++++----
 secrets/ssh/config.age                | 23 +++++++++++++++++++++++
 secrets/{ => ssh}/id_github.age       |  0
 secrets/{ => ssh}/id_github.pub.age   |  0
 secrets/{ => ssh}/id_personal.age     |  0
 secrets/{ => ssh}/id_personal.pub.age |  0
 8 files changed, 39 insertions(+), 11 deletions(-)
 delete mode 100644 config/ssh/authorized_keys
 create mode 100644 secrets/ssh/config.age
 rename secrets/{ => ssh}/id_github.age (100%)
 rename secrets/{ => ssh}/id_github.pub.age (100%)
 rename secrets/{ => ssh}/id_personal.age (100%)
 rename secrets/{ => ssh}/id_personal.pub.age (100%)

diff --git a/config/ssh/authorized_keys b/config/ssh/authorized_keys
deleted file mode 100644
index e869f95..0000000
--- a/config/ssh/authorized_keys
+++ /dev/null
@@ -1,3 +0,0 @@
-ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICZuSoySTECpPfwOe4u311F0WaiYbWHsk+7Fqe5RgSu1 horseman@luna
-ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPb4xCSo9JDflQJs8CsCjDWZSFXdavI9c9aqqozkL8OM horseman@terra
-ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA/X1pzKCThxxIkrb7ooBN+eJW8BKr8vJT7c1L7UjSfF horseman@solis
diff --git a/modules/base/secrets.nix b/modules/base/secrets.nix
index eb83a51..74dd64c 100644
--- a/modules/base/secrets.nix
+++ b/modules/base/secrets.nix
@@ -22,29 +22,36 @@ in {
       wifi.file = secretFile "wifi.age";
 
       personalSSHpub = {
-        file = secretFile "id_personal.pub.age";
+        file = secretFile "ssh/id_personal.pub.age";
         owner = username;
         group = "users";
         path = "/home/horseman/.ssh/id_personal.pub";
       };
       personalSSH = {
-        file = secretFile "id_personal.age";
+        file = secretFile "ssh/id_personal.age";
         owner = username;
         group = "users";
         path = "/home/horseman/.ssh/id_personal";
       };
       githubSSHpub = {
-        file = secretFile "id_github.pub.age";
+        file = secretFile "ssh/id_github.pub.age";
         owner = username;
         group = "users";
         path = "/home/horseman/.ssh/id_github.pub";
       };
       githubSSH = {
-        file = secretFile "id_github.age";
+        file = secretFile "ssh/id_github.age";
         owner = username;
         group = "users";
         path = "/home/horseman/.ssh/id_github";
       };
+
+      sshConfig = {
+        file = secretFile "ssh/config.age";
+        owner = username;
+        group = "users";
+        path = "/home/horseman/.ssh/config";
+      };
     };
   };
 }
diff --git a/secrets.nix b/secrets.nix
index 430cdc1..8bd181e 100644
--- a/secrets.nix
+++ b/secrets.nix
@@ -16,8 +16,9 @@ let
   all = users ++ systems;
 in {
   "secrets/wifi.age".publicKeys = all;
-  "secrets/id_personal.age".publicKeys = all;
-  "secrets/id_personal.pub.age".publicKeys = all;
-  "secrets/id_github.age".publicKeys = all;
-  "secrets/id_github.pub.age".publicKeys = all;
+  "secrets/ssh/id_personal.age".publicKeys = all;
+  "secrets/ssh/id_personal.pub.age".publicKeys = all;
+  "secrets/ssh/id_github.age".publicKeys = all;
+  "secrets/ssh/id_github.pub.age".publicKeys = all;
+  "secrets/ssh/config.age".publicKeys = all;
 }
diff --git a/secrets/ssh/config.age b/secrets/ssh/config.age
new file mode 100644
index 0000000..ec51d50
--- /dev/null
+++ b/secrets/ssh/config.age
@@ -0,0 +1,23 @@
+-----BEGIN AGE ENCRYPTED FILE-----
+YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IHcraE1xZyBMSXVl
+MkI4ZFBtQ3RNVnFFZnF6U2xYQVcyenRuVVVobFdISUpoYUd2T2lvCmpWMW8wNlMv
+NWt2bEc4Rm5PV3lva0FSb1RNV2J2bTJwUWdjeld5c21xY2MKLT4gc3NoLWVkMjU1
+MTkgRkhGc3p3IElraWFXT0JjVEp3Z0lYT2dxa0h2bjR0UTJXb2lBbUVEMmZtc0Ru
+MERvUlkKOERxZGJvZ0RCaUZwNFMzenRuRkp3ZC9MeGxIUEgwRXk4aGdhK2w0K05o
+cwotPiBzc2gtZWQyNTUxOSBGZnZ4d0EgNUt4c3hmbWliajVGRzdpSWExdklJYnZT
+TTRXRTM4Z0hYM2xOMnBLLzVqTQpwaUpGSlB3NVNTeTBVTkJKTTdsYUUzV2w1Q1Jj
+WWc4TSt0alBKbDQ0M2dJCi0+IHNzaC1lZDI1NTE5IC9tczZkdyBTQmtreFpySnJm
+US9YMkNWdVUyUTNBeEZ5cHNvUExreU1ZSGpaUWdiamhVCk9qSzlnRXVjcjMvVi9k
+SEg1MjF4K0t4SzR2N2d6YVBaOHdPWWp5a2ZRbE0KLT4gc3NoLWVkMjU1MTkgZ1BJ
+ZFpBIHorRzVKRTJzeDZpV3NEZ3d2WkorYkhlTkJPcEV2ZU1BNzIraHJuM1lTRlkK
+VGRERXpRbzFVK2xnUjBiV0FFdFVCa09jNGF2S0VrLzgxRWNnSEozUmU0cwotPiBz
+c2gtZWQyNTUxOSBkYk9laEEgeTNqR3ZsTnM1M1lEVnBkbGVFRFErbm9hN29ONnpO
+R09aTzYzT3JURklnawpjQktab24xeWE3US9yYmtYSlZnUEhxaHJSMGpEZ0hNYnR5
+bnZqWCs3SjM4Ci0+IHNzaC1lZDI1NTE5IHR2L0N6ZyBnbE1TbHpSYmIyR3kzcFpK
+d1AxSmRYWktiWmJKRzFXQ2M1QjBGckxmb1RBCkx3U3lJdHNhM1JVTGIrd1RjTmNa
+UGNVczFnWC9nbERSZXAzSFd3Q0ljbU0KLT4gWiw0XDZELWdyZWFzZSA/WTdYI0wK
+enI0M3pvNnprd1dsSys5NlZTUm56NnJQamU3ajRyVnBSVnZkCi0tLSBRaTZ2aEtp
+Ymk5ZXowZWNpa0wrTGYxREM5RTllb21WRHdLdjVFN1AzbTFjCg4TUY17Yet8wmJP
+nfRRNGMadtVMTP5XlaXEZMtj3bclKcJ/ZAEzD3VfTxEWhOXCoyDij7DuvQlY+jYB
+oFhbMmYIJRZL8f0l0r0PocR1pyBxrHv7Z7dsJ++PnFRMzkJKrOtazU10NZ8=
+-----END AGE ENCRYPTED FILE-----
diff --git a/secrets/id_github.age b/secrets/ssh/id_github.age
similarity index 100%
rename from secrets/id_github.age
rename to secrets/ssh/id_github.age
diff --git a/secrets/id_github.pub.age b/secrets/ssh/id_github.pub.age
similarity index 100%
rename from secrets/id_github.pub.age
rename to secrets/ssh/id_github.pub.age
diff --git a/secrets/id_personal.age b/secrets/ssh/id_personal.age
similarity index 100%
rename from secrets/id_personal.age
rename to secrets/ssh/id_personal.age
diff --git a/secrets/id_personal.pub.age b/secrets/ssh/id_personal.pub.age
similarity index 100%
rename from secrets/id_personal.pub.age
rename to secrets/ssh/id_personal.pub.age