Add: encrypted password for dunoz user

hosts/penduick/configuration.nix

@@ -29,12 +29,17 @@ in {
     PasswordAuthentication = true;
   };
 
-  users.users.dunoz = {
+  age.identityPaths = [ "/etc/agenix/penduick.key" ];
+  age.secrets."dunoz-password-penduick".file = ../../secrets/dunoz-password-penduick.age;
+  users= {
+    mutableUsers = false ;
+    users.dunoz = {
       isNormalUser = true;
       extraGroups = [ "wheel" "networkmanager" ];
-    initialPassword = "temp";
+      hashedPasswordFile = config.age.secrets."dunoz-password-penduick".path;
       shell = pkgs.zsh;
     };
+  };
 
   home-manager = {
     useGlobalPkgs = true ;
@@ -44,6 +49,7 @@ in {
   environment.systemPackages = with pkgs; [
     git htop wget curl
     neovim
+    age ssh-to-age
   ];
 
 

secrets/secrets.nix

@@ -1,8 +1,10 @@
 let
   serveur = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPRVxB7usThGHf8cuSPE4sjdqSaPNlwWAZPEo1wUgHz6 root@terre-neuvas";
   admin = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAxranFaz3jRfvYE2M6FvRUWjzviIWjWd1mucgKeuSK2 lomig@nixos";
+  penduick = "age1rnyey8shjxyaq43dzlnhtfkcm3ra4hy3ygh6c46w4xmr7fe9fe3s00nh2r";
 in
 {
   "goaccess-password.age".publicKeys = [ serveur admin ];
+  "dunoz-password-penduick.age".publicKeys = [ penduick ];
 }