feat(deploy): succesful deployment and configuration of the mars host

Author: 99linesofcode

hosts/luna/users/shorty/secrets/id_ed25519.pub

@@ -1 +1,19 @@
-ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC0KFX+0kp0mrYIo8F+Jq/7T09R3bigfZC5GEWkIl+J5 shorty@luna
+{
+	"data": "ENC[AES256_GCM,data:lpXo14lBouQ8maOZFkxZRAC32m/wDMJHajNJQPF0IAzPxiDPMRwTdIDaqbT7ehJwibHyCFDKeN6ykW415ZkEoyFJRheP3mesKjlH/Blvqszl91uJhqBy7oCBiQSu,iv:S+rrflN8KGkBDui6KyHarzQTuGTN8EivJDuLYFLof8Q=,tag:FV8omreLceM9DA9MYxHfaQ==,type:str]",
+	"sops": {
+		"age": [
+			{
+				"recipient": "age1hy523tlslqas8qgs0lxgxanp9gx06fjekn608w4qf66mxkjzmucqh0g6vg",
+				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2SFdqdUZkenRqUjV3d2o5\nS0VXTE1Cak80SHdXcnpCd0FmSTBBR0FwVjNRCjFEYXlLOCtHbUg4RlhmVkV6aldB\nbWxTRDhBd3grcnloMHNSSnFuN3RtTTQKLS0tIGNtTUI2WDVKV0pDU0NwQjRxdFZF\nK3IvQ1pyS3BSbVk5QjUyZk9tVmtFak0KW//YyXr6+6NSlUdatMX00O5dlioLBnqv\njq84ZsgCrzm7KAhStvH3icOGdP1skQ82Wp8B76X3IQQvIqTXLT+Jkw==\n-----END AGE ENCRYPTED FILE-----\n"
+			},
+			{
+				"recipient": "age10a049meemjvgdgukx6zu5lwu82mqul83l7fyd66tzy9sm8637s7q07ujez",
+				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvUUxkNVFDVlFYOXpQVk45\nMEtTdEQvMEwramdLQW9XNVBNVDN5Z1JqMlFzClZTakNJVFBSSEFWdlBRN0xITXlS\nYkE2dk0rNDFrcnFwZ2FPL3ZvRTlINEUKLS0tIFhhdkF6ZWwvR3JJMTA2L0hITGsz\nYkhac0FKeHhqUUplblMrd1dpNldNdUUKGQZlACAnWYpxAVO5tHnHg/cJXypujWEk\n9t4pSQIamiFJQ7zeUuNjEPRppQYKuPCkGx6hZ7PUiuLLDNWdL/GzpQ==\n-----END AGE ENCRYPTED FILE-----\n"
+			}
+		],
+		"lastmodified": "2025-10-26T18:29:50Z",
+		"mac": "ENC[AES256_GCM,data:Ru1Fsr/jcq1ij9NJJyoKy4n0ft98V6u1vBP1tQHTF1bfL6jeHiFDQXdMN52aLAPgWiU0agyfYQ+SW9REoqpW9wMoNRPojGPfdi91Okt8irsdPxDPNTJ7sWA6XeIcLiNpFkFHY1S/VtOFICNLOldnctdHRxBocfsi8E3O7S1g8yM=,iv:yuyTCpLP/C7IE/kP2kGzBiwTLcXoJ1ng6TezKmyGEYY=,tag:rVSdDOCnbaOxxNiI7AIbpw==,type:str]",
+		"unencrypted_suffix": "_unencrypted",
+		"version": "3.10.2"
+	}
+}

hosts/mars/default.nix

@@ -29,6 +29,10 @@ in
   host = {
     user.${username}.enable = true;
 
+    network = {
+      hostname = "mars";
+    };
+
     docker = {
       enable = true;
       rootless.enable = false;

hosts/mars/users/shorty/secrets/id_ed25519

@@ -4,11 +4,11 @@
 		"age": [
 			{
 				"recipient": "age1hy523tlslqas8qgs0lxgxanp9gx06fjekn608w4qf66mxkjzmucqh0g6vg",
-				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBUbDVZS0FVQ3pRS1FxOVVj\nTzFIWHpvTHdRYVE0aVNLbWtlRENzOTd0SzI4CjljZXNxcTQzd2hYdWg4Qzh4Q1NU\nZ05qTHBBekUzYVpnMnVuWDVDQlRqVVEKLS0tIDc4ZVo0VVF5djUxRTV0WURHS1k4\nalJjNWg3UDhDYk50amJ5YVlwRm1xMGsKcE0MmPES7FdMyIRL69MFFmSPy17XJiPd\n9EGEvdKxWOJ4DaweOvJOeMJVALrEaQU2VlQBhXG5y1YNiCJJ+KcU2w==\n-----END AGE ENCRYPTED FILE-----\n"
+				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtY3RYcThGR25EalVJYkZZ\nLzUrOFZTTnI3VkRzTCt3WFVMaHdKN0JldkdjCjQyN0RkeEpxZGxRNTdScHVCTlhP\nUXltd0N2eXIxNjZ1ZzJMNjBlV3NwcFUKLS0tIEU2VEVXcTFWazcvZjJZTkVDVHpU\nbDlTK0tPam5CL0dtWi9LQVl6TVZFZFEKIl9wJGCTj/nvVABbetcZOZZw3jXvGAI2\nnAqhoEKTtiMexBmip2eiIt+bKFSTD4TAlsd+uayFZ7J7ACbJecXlTw==\n-----END AGE ENCRYPTED FILE-----\n"
 			},
 			{
-				"recipient": "age14a77vk0ak3gsthcm5jdaa8kh6nm8d2zy54xc7c7dwhvx0yva93pqdahgch",
-				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmQ1dzcWlpMFBpTXlZSStV\ncURxY0YrNnlIQ3lVT00wazArNVRqWlk1a0JnCndJaDQ2TE82UkExVGxqb05vSVVO\nQndoVWxXMnU4dHNZOHFIaG50bngrVzQKLS0tIE4rRjVsbkRTc3FWZm1vZWxkdVkv\nb24rdXhiMDBuRXhhTzFOcmx5U3hwWW8K0DDC4mpkiSQ3pAgc1pV+UcgTAWecv/LE\nZSV8O2SzhQKmdbAPrmNJKnlLErNnCTT35Te0TZ5ADWMUliiTIpwe3A==\n-----END AGE ENCRYPTED FILE-----\n"
+				"recipient": "age1epkfxmjk0tlne8rmxqq77u06q3lnf5xfjcrwq42nuasswefndyfscw84cy",
+				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzSmtzM044em9sR3R2TnN5\nSmUybWNKMmZtTmszcVRTbURjdk9zdnQ3ajNFCktaZTVmZWQzWUNMSGZLQmFBMkdx\nWUFUNXNmYzFSazhGZTVzbU41eFBhUFkKLS0tIGwxNzFydHYwR1dnSFdqZGJ3MkFj\neVk5TUhoa1orYlJHcm1jNVBPemJVTncK6qiqkJT9UOFjxv+NiYmYuVB1EMXRU1R3\nsMagZ7ZNkr+ZXEkxl2HhHHTa/vvQvzFfimppIIg9x/+Hz/ACc/5wxw==\n-----END AGE ENCRYPTED FILE-----\n"
 			}
 		],
 		"lastmodified": "2025-10-24T11:14:20Z",

hosts/mars/users/shorty/secrets/id_ed25519.pub

@@ -1 +1,19 @@
-ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC0KFX+0kp0mrYIo8F+Jq/7T09R3bigfZC5GEWkIl+J5 shorty@luna
+{
+	"data": "ENC[AES256_GCM,data:lpXo14lBouQ8maOZFkxZRAC32m/wDMJHajNJQPF0IAzPxiDPMRwTdIDaqbT7ehJwibHyCFDKeN6ykW415ZkEoyFJRheP3mesKjlH/Blvqszl91uJhqBy7oCBiQSu,iv:S+rrflN8KGkBDui6KyHarzQTuGTN8EivJDuLYFLof8Q=,tag:FV8omreLceM9DA9MYxHfaQ==,type:str]",
+	"sops": {
+		"age": [
+			{
+				"recipient": "age1hy523tlslqas8qgs0lxgxanp9gx06fjekn608w4qf66mxkjzmucqh0g6vg",
+				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOR1R0eTI4cnpWRkZacjl5\nZVlxNkFBYmcyZS9DQU10REx6OFhXckliVmwwCkhWMk5GQWExT2YrWHVlcTN4M3hJ\nNWVRQkF1dHR1aFllWmZuT1VkZzNBbFkKLS0tIEtEaVFVQ3JSY205aFpzZU4rTjE4\nejlFWFdzSW5RL2IwY3NCZGdBSUk5S2cK30gyNvKixN2YVjnfeKPvHZ8whO9E2LmC\n3TgQMWonEpK6YNw/7KNSjvs9N2dcIg3xq9kSJJe2I0oX+Zihv2GZvw==\n-----END AGE ENCRYPTED FILE-----\n"
+			},
+			{
+				"recipient": "age1epkfxmjk0tlne8rmxqq77u06q3lnf5xfjcrwq42nuasswefndyfscw84cy",
+				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAyaFJyN3BneSs4RWFtQWVz\nblM5N245TzFGRzdPRzNyQk43SldWN1JHbmprCjFZajhhbTJBd0xlYTB2RVZmOTVT\nM2FCU1VQVTRaQlVKRDVncExuU09GZzgKLS0tIFlDM1NRZFJMUUk4YjJxSThNWTJp\nMXVOTkEzbWJuL1RNQ29MNzkwcTdNMUkKp8Ad8LB5s1h4dbbuVX/s+AgZaee6Un9M\nRhq1xtvDh/7vfpGu/btfoivBhU+OO4eyTHxo54llcsnRgkrqAxj1GA==\n-----END AGE ENCRYPTED FILE-----\n"
+			}
+		],
+		"lastmodified": "2025-10-26T18:29:50Z",
+		"mac": "ENC[AES256_GCM,data:Ru1Fsr/jcq1ij9NJJyoKy4n0ft98V6u1vBP1tQHTF1bfL6jeHiFDQXdMN52aLAPgWiU0agyfYQ+SW9REoqpW9wMoNRPojGPfdi91Okt8irsdPxDPNTJ7sWA6XeIcLiNpFkFHY1S/VtOFICNLOldnctdHRxBocfsi8E3O7S1g8yM=,iv:yuyTCpLP/C7IE/kP2kGzBiwTLcXoJ1ng6TezKmyGEYY=,tag:rVSdDOCnbaOxxNiI7AIbpw==,type:str]",
+		"unencrypted_suffix": "_unencrypted",
+		"version": "3.10.2"
+	}
+}

hosts/mars/users/shorty/secrets/passwd

@@ -4,11 +4,11 @@
 		"age": [
 			{
 				"recipient": "age1hy523tlslqas8qgs0lxgxanp9gx06fjekn608w4qf66mxkjzmucqh0g6vg",
-				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5NWVOUlNSaDdubHJVMDVw\ndTFtWU9wTUR4OHhzb05pMW1vZ0xwbXVmM1NnCnBGMXh1ZUNQTHhUcEs1UlRYSm5t\nRGh5bU1WaVp0MU9sTlBPMTFaQTdhY0UKLS0tIFBXMStVaGFEdVMzYTdpVmFTRVcr\nMjNNUnkxU1BtNC9vVWU2aGxScmpaWGcKT4lZGMRo7wZh8K8Rnn9hVixmDXcsK1fN\nhYg3gLk4WlFqfDTmY6BdZ37iQx503PYda5v2D1Ea1SjfPwIwta7xIw==\n-----END AGE ENCRYPTED FILE-----\n"
+				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPTU93dlZWekh2d1NURGd5\nOHF2RDlqejhROXZNSXdWT1p6cXg2eTFhQlNFCkdBUVgxRTVWMmFSaFJEdlpjSW90\nT1NCaThMYUFMSFdTY3pCd3NES05lakEKLS0tIE1aK2JYSEdJWlhobWFnTkFrdDJv\nbGdJRzd5YmFIN0lISkEzUkROSVMrcXMK2ewODkbZIp/zS7MqCMP65eg/y/WiqWFX\nx4Tc1vFiH7AYnG9eW+jidsmbc4OOs1CzU03MmqJcnhuIcTLh1TdRwg==\n-----END AGE ENCRYPTED FILE-----\n"
 			},
 			{
-				"recipient": "age14a77vk0ak3gsthcm5jdaa8kh6nm8d2zy54xc7c7dwhvx0yva93pqdahgch",
-				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1SDhGWit5RGlhYzI5d1Zi\ndE1UVVhJM2VFaUNpT0ZXbllCK0JvVjRFcFZFCnFnNHlDVzZ3VnJBVWRuam5uM3g1\ndDIyVU9NNUMyZjNTcUFNUDRjVVRuY2sKLS0tICtmT2x3TTdiN3ZybHU0b1k2T01U\nUURQaHdESExCSjEwSTRJOHB3UVU2MWsKWV8JXrwsl4VqQmaLZjrvd3O79ZHvKm9w\nfKGvx26srXezSkX6hU6T0f/edRBNKc3eTTVrO+CjVOjGg/ZSMXJMhQ==\n-----END AGE ENCRYPTED FILE-----\n"
+				"recipient": "age1epkfxmjk0tlne8rmxqq77u06q3lnf5xfjcrwq42nuasswefndyfscw84cy",
+				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzQzhjVmJJdmNRYmNleWk1\nU2JIeWFpajc1UlFXdHhXRnVBOStUTmVvakZFCm9hYll3NXR2OG1Fd0hZejZmcVhj\naUc4a1NGYWU0clY3bm4xdThhSXZsemcKLS0tIG9idWxGdDVUbGc3YWtVcjNaMm9p\nMUtQL3gvblEwNENBblNPdnJpYXJaUTAKzsw8wrJhMuBw7z+Ewj6/lyMwgVnMOgaG\nMTMN6nUiaX4WjL1OPJrcdthNICTW73niale2vCNZPt9LQqL8l51SuA==\n-----END AGE ENCRYPTED FILE-----\n"
 			}
 		],
 		"lastmodified": "2025-03-11T21:49:48Z",

modules/sops.nix

@@ -29,8 +29,6 @@ with lib;
     sops = {
       defaultSopsFile = ../.sops.yaml;
       age = {
-        generateKey = false;
-        keyFile = "/root/.config/sops/age/keys.txt";
         sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
       };
     };

scripts/sops.sh

@@ -30,6 +30,8 @@ sops_create_or_update_creation_rules() {
       echo "creation_rules for path_regex '${path}' were already added before. Updating."
     fi
 
+    # TODO: add or update
+
     yq -i "(.creation_rules[] | select(.path_regex == \"${path}\").key_groups[0].age) += (\"${anchor}\" | . alias |= .)" "$file"
   else
     if [ "$VERBOSE" -eq 1 ]; then