From cdca149e72c5984c50c1937c0331db51a41b6bd0 Mon Sep 17 00:00:00 2001
From: Ingolf Wagner <contact@ingolf-wagner.de>
Date: Tue, 20 Sep 2022 22:57:44 +0200
Subject: [PATCH] add ssh and pgp.key

---
 nixos/assets/pgp.key                  | 89 +++++++++++++++++++++++++++
 nixos/machines/robi/configuration.nix |  1 +
 nixos/machines/robi/nginx.nix         | 20 ++++++
 3 files changed, 110 insertions(+)
 create mode 100644 nixos/assets/pgp.key

diff --git a/nixos/assets/pgp.key b/nixos/assets/pgp.key
new file mode 100644
index 0000000..dcbf931
--- /dev/null
+++ b/nixos/assets/pgp.key
@@ -0,0 +1,89 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQINBFcWQhEBEADwt+hHRZxZx05USejn4x5LVWqqg5I2nIzjwI8pVyBra2AmXaMA
+SAImFk1W6oM35rwYmez6TG8QC7RPRUrMHX2aAdDwJ/VtU/b87q0ICwlMxYUnikg1
+tsHV4kRB7ukm+Rs0ECMqZzjwdlbiEEfQ6VPUrIBzDHeD0idkC82DonZ6xe083klH
+LpO36ckBOtyaoZZspzRu5yB76vsbeviVqsQ9WTQ8GoQk1i6FUbTbtOlvjhtx05Rk
+ic66RrfFSM/ElLe5yA96kZd7m/Sn9WIRwRj3clxnT1vAVpMlpISsTutEQtuG3MDX
+tT3EPVSSZEEcY1xxlJF+u1JZu4QqqtH+nczjshv+z3HZdmGd7OGqmgI8D3Ly/Ufi
+Uyz+ewZbhbgy/XSHqwriUbnMuE9OKxx0LqlQLA59+/icT+upW4TexiHKd6PYeSeJ
+kCxUEAmzqxsnilmwbehQrmmhI7uzxT8YxNGjF5mRJ1zOY55praTMKlp3MOxKvVPn
+EZSyWm/22CuUZZEX0XR6TBgkL71VoGrlaezADzhHu9i5yBwbNCuiE2CYcS5IuDf+
+GkoKGtWeLbXTXccWOaIItSzlVUcJx3D009kTXeLEo2T1RPpz41LMvqWkUlZg4CA1
+zMAcudsXDtXGJEvS3dZAaiUUdASktzNL/ltuW/CXITJ0V7UjmA0pOyLDOQARAQAB
+tBlsYXNzdWx1cyA8bGFzc0BsYXNzdWwudXM+iQI3BBMBCAAhBQJXFkIRAhsDBQsJ
+CAcCBhUICQoLAgQWAgMBAh4BAheAAAoJEInoKVKXan5NFVsP/RfU4dychz5eadnN
+/iCybL2eXCkpNbSJaPVqKKmBqY4oDEqK0NekwgOiWXFuFI6BpNyTW5z1a2PaBgF2
+bG5K/k/aGnzUUqH+LhtMCYr90UjJPtsrgi+C5poL4e2EsPN1SASSOSYFtYY1EQCe
+NcYut2foM/PjviJKuS9t/kJxmZn8Vi3+qQKSwys219IQuXqos44aihjnwEL+TR6D
+MgcDCW2QSCqB5kfksjustSihDck8ZkT+nISTrSdZVPzROcyBeswN/UqjOUBZd1p1
+sO7SqDaBnzovRD3G4kyscepPWChnOFCIq9tuE2Mai2QliQ4q1Bn0+8uhLPLG+nQI
+leL/6pFXY9ecjmpqrSAXEysDUgfpiqJzDtv8WC3fY7wl88/ROiHrgF8x5P4PmUMl
+oTfe+BGQar6BNV3rStPsW6Ogm6Mu6WNVXCRIJboM+ev3JdVSGF/ehnmb06EGCIrI
+ahWbMViDSAjOvM92By/RJkP8ADCN2ezvdf86Ubyib5EyRoleu0WHvtO1mLQn0pIP
+cYCGXrnQlkduC7ENS942hLUq976LPH1ZatM26gaN1MKxN03v+6e9E6jtxUH3wWk1
+oDGddTl+zu4fqUxEAA391sPMhp+DTVxXmPKvpnJivKAsL2Hkg0vKQt6VQNEv2Lgm
+G8vdqOcapWLBcddR9d0DpFgkZNQCtB1sYXNzdWx1cyA8bGFzc3VsdXNAZ21haWwu
+Y29tPokCNwQTAQgAIQUCVx4sGAIbAwULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAAK
+CRCJ6ClSl2p+TedDD/9VNXh8B/deMhBlz7y+E389LOpAjy+I5HHlR3pfcawxPABj
+3yXg+lAM+Lg0QAmco8ZpxkaU5h42BbYl0+Rmd6FaI2FukuaJgHA3MntKCpOKjXdb
+BGRNq3M7dAr6bhGfE8gJfzh8QYysZQPSRyEoTyewuemMR9ySeg3i55ZeFJka25WG
+OYX8uuth2B5leg99pGKsLnkg4aLedb8neK+aGAYZ/GwbF3XSa4VHeW/7Pd8iMbAH
+FXAaSFvyYq2RNi+q0oHWN2TQuLcvLkxGU7TWcL5+nIAEdDgUQNkCdMGgldiv557s
+Q1o3lGZlDlNazZJJb+cDk/KutGxoCaIxGYN5MHr+k6hpiNRagsvSwXA02c5vjd0F
+N0Qj/NGcUGESLsVrhjIA71tK9XYWEvfdHLjeT1m8dTxJrdOutlGuvlV8or9L9zIO
+TOS/qzXyZs+2VhQ8uC+Qcl6TIe2+Evgs6YtMhqu4dIQsw/jgFwemedBcyIlOniu8
+X6FtrE1/2mtOcmcJvOlFlY4y0Qz75TObjU4HjyauwA5j5j5Wfde6vcznmmqVmBi3
+INTWnmnxLbWlMOPtTBsDE+SM7qyqvy7zS0CfANlkolEINXnczEMx1A2goQK6zrgn
+MOqmWtTSXotjCmblJU11JsetO8vULMp9RNihGcmw8OrZ/aPJFt4w93oSQyJaNrQe
+bGFzc3VsdXMgPGxhc3N1bHVzQGMtYmFzZS5vcmc+iQI3BBMBCAAhBQJXH1TsAhsD
+BQsJCAcCBhUICQoLAgQWAgMBAh4BAheAAAoJEInoKVKXan5NQaUQAMs5/fnXZsw5
+q2kjxaXPtB7Vc4Yi6qniXcuSbnZytPfE8duHUPrSCmPTgromZJLYzTWdh8UhjLDo
+zw1O15Bh/kHJoI6GXa1NLc6HKMqQiom66fCWwr+x3jRapYMc92wOTfD3B6193qLY
+9e5k5Hwuv1xybWB4A8Kg1NmKwsl9bRisKfhgeOij1eQ/+b5P1N7GBMg21jSophO7
+xC5p6C/4t0wXvE/Q0jaE5JTMXvPQbajJVHMQl8nKx4Xv1QCQCVxA/SjJYwWM3XbN
+w7LuSrrdQ9AmokbMQCvtDECfEnO1zGixy19dUUkNbYqbtIoyvDuaoxLWeSrDoeVI
+NqKmzPOaW7ONt9kfX27g72uu19FnduOUPfRrn7gES7IYGZE5AzUrKXeBih617bNQ
+9dop5W/eER0JD3ABIhAi5zeYuwsyvBbyUFbMy8LgXQRCSjWtyCozVZA1vAlmbONF
+933Ryv0uuXkV7H+icSfPNG69GQ73icUuU0p+XDGNwV3zADNYn5PWinMzLn76xvY9
+plqkvm+qbI/6weQFot6IqWIwVqYHVbLeanZJWimf1sRYH2J/hWJkjdPjWnY1beFG
+aWFRUeA5p9s8GukCE+gnjTRf+sQNg+hpJ0Jae360nENB8RFNQcV4Yt7gZUzOEjd1
+eUqMl7Begna6O6kY4sYo8vMz4CBchtOQtCpsYXNzdWx1cyAoTWFpbiBFbWFpbCkg
+PGxhc3N1bHVzQGxhc3N1bC51cz6JAk4EEwEIADgWIQTcKkPvTxHoVLRNWZqJ6ClS
+l2p+TQUCWqcP4QIbAwULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAAKCRCJ6ClSl2p+
+TczuD/4/r3HOi0BsQwSmE2OIdqAGxgUI1EhmwwatUbuKImhcktqUqDE7AoMchrBh
+nEXL5waS02LfRI3kc8oqhYlELb/VlUpmyperSfEIdfUfb1XaMuE8L1O7e803iJTl
+EYBdnXBiTRlmXDn637yhs8avWVdv0NbHnZhaM+G5bAV+SnHSIazozyvcG1/Xyfbn
+M8e7kFJ3QOQspL6cz4CuP+kuNycIZIivGfgeQKIpDddN5LZAz+O2r9O8npKTrKuS
+vLNEgCJ2gZIgMUdA5cjljEMDCd3K1XHEAqe/aKyxEwUAa20zYzSctc+f3MY6Q/3v
+Af5nuDNp9a6tpTw5yc6g8NhoyvwL/7puMlZOp85K1luufKRyTqfnlxzEcWJOn5ND
+3+CfSQaABo1GRHUkYGkG3D97zQX45edncqPuGfs4GH2vjQUCpzPAB0VBWF8LPrQJ
+vz+BB832Tm6YMd/UCLGmbagnD+O4y8LNxEclk81kDknUAb/hsfjZ7WC5/kxHIPRz
+X+vIrtshp/AnQcqTAK8rU8NwI08CHZOqqagR0yehgnY9aTlPn7Fg+ggX3USwseE5
+JsuyMHT2/E/MN7fWbR2tF2atmGNM3hKmsGbvP/yH+MX/rniRVhDCSOaDCMYzZnKZ
+SFalcv/ZSvpl18XzpbVfhp0sLnzvFzgM2KrCC3GCWSOt8kYB6rkCDQRXFkIRARAA
+4L+h32UMsbohaR0G7efbOO5gOAJs4IwNRoku98aNeqo8C4nijyVpa4D5ODjsKkKX
+coGfSwIR/hSKnBqOMAjSi9aojEHkHBTgAryzn8ab/BdU5DnPSG0FKDD8VxGESv3N
+GbWlqXvHcuEC97Q8Ev6L5LAmQab13aSVw7nHH00Nt1D6M1irNtSQCCqmzu6eZ/Ol
+Rq9AqNO8ZgbMTiuspSvGDH7QY7oH28X5hQKVtpQLI3g3uyeUWOluTWnjIPyMU8us
+JH6M9VI8LUGkb6dV21qj8yG/psfAHkUEF87lSsUttGVYGs0mR4NT2LvT6CkyFitD
+S3evAsnXEOKuhdz4zcrRR7QzNd6uZFpk1NMhctjlr8uCQKts9Ngvmfv/p336dGX7
+HRHlTZuWb5Qy5jmDFhcw4zknGIAWCALwLN6WFfsZeqcb3U8iNyV3ne0PPPXt+kwt
+5sFCEeLC/qDn3LQO0sM5K2lPLjAsCBOqaRrMSHF0LdebFI4DOUx18wEF1ZGzPItc
+fRdCYz+2xTFnCD9aZqnGjus5zNg/8KHGPkTt8WI9BixYEQVtjv6SVFq1hyJ6Tt5q
+8GXkTBmYseZ2R/FOnL3w+fUsCFXcio+rGZJXEtiSXJQQ6wLnWFG3JALleyiNWVnF
+OJFUt46GHVnBUDt7zsSVuZhlzC/a6CV3lzeuuIjQYKUAEQEAAYkCHwQYAQgACQUC
+VxZCEQIbDAAKCRCJ6ClSl2p+TRoXD/45Hkf32D2LmBFFixgcatoRYcDLLIifqcMe
+TY/iofay5vdCwSwnMAVbtCC22nj5Dwpop/KfRfgDstdQ7Fm+ZQa5clKlOviA/Z2P
+1mzS+WWJesyAZrmEOahRAJ+TUA+oS5ZQusMjqiHil655LxSTFvPltGmEUIe4YaQM
+8ic/YGsF1r1mOOTYVpd05kty3yWwOZzOrmbztFVOyxEYH8E4D0ozMGFUBrZLZ3cv
+TeAL4tTdNpeQRJrmaF8EwqELlui4gDxhNs7V87cjRp1GFABjFpdtlE3s6n1P2jhv
+ULpvkHm8E4AVB+KU4C4lf6VsV4m+de8BpHnLf9GHfs3MmvJQO8dRMxRTG94uE6Gs
+CM++iNp3CJaQtqt9cdp1SOnwVuJH7vAEe11vWMr/qZSLr2tQHk3/rDHOxUm+QqTp
+o4y6VH0Per2b0MGq3BIqe1JjgaAKBXYbcCaLbJATo3udgFIAyAVmayHx9W6u/zYw
+Du91HUdZiZDqWNNakF5BA04i3iARmKrHgm5yTYtT1TlTRDk+FKd/0Uo6QLvHQa1y
+qse8kvGypVZN0bCA5YMm+K1jHPPLgZee2LI0p0Dd+ize49IT6W9EwA9TrDyNaXqb
+ClAD2SgNhAMi1yskN6C6jQ1lOGVqSIvPkSpt1KVoEPajeLbkR71V/wEIxFtS5IX5
+kdlSKp65Lw==
+=DWZj
+-----END PGP PUBLIC KEY BLOCK-----
diff --git a/nixos/machines/robi/configuration.nix b/nixos/machines/robi/configuration.nix
index 53d489c..838fa34 100644
--- a/nixos/machines/robi/configuration.nix
+++ b/nixos/machines/robi/configuration.nix
@@ -9,6 +9,7 @@
     ../../system/all/syncthing.nix
     ../../system/all/tinc.nix
     ../../system/server/netdata.nix
+    ../../system/server/packages.nix
 
     ./hetzner.nix
 
diff --git a/nixos/machines/robi/nginx.nix b/nixos/machines/robi/nginx.nix
index c3000f6..87c7caa 100644
--- a/nixos/machines/robi/nginx.nix
+++ b/nixos/machines/robi/nginx.nix
@@ -38,6 +38,26 @@ in
     enable = true;
     recommendedProxySettings = true;
     virtualHosts = {
+
+      "ingolf-wagner.de" = {
+        forceSSL = true;
+        enableACME = true;
+        extraConfig = error.extraConfig;
+        root = "/srv/www/ingolf-wagner.de";
+        locations = {
+          "/" = { };
+          "= /pgp.key" = {
+            alias = pkgs.writeText "key" (lib.fileContents ../../assets/pgp.key);
+          };
+          "= /gpg.key" = {
+            alias = pkgs.writeText "key" (lib.fileContents ../../assets/pgp.key);
+          };
+          "= /ssh.key" = {
+            alias = pkgs.writeText "key" (lib.fileContents ../../assets/ssh/card_rsa.pub);
+          };
+        } // error.locations;
+      };
+
       "stable-diffusion.ingolf-wagner.de" = {
         forceSSL = true;
         enableACME = true;