From e77669751561ca72296b92caab0d733636675225 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Nikodem=20Rabuli=C5=84ski?= <nikodem@rabulinski.com>
Date: Tue, 9 Jan 2024 15:53:40 +0100
Subject: [PATCH] New host: kogata

---
 README.md                         |   1 +
 assets/ssh.nix                    |   2 ++
 hosts/default.nix                 |   1 +
 hosts/kogata/default.nix          |  11 ++++++++
 modules/system/common/default.nix |   3 +++
 secrets/alert-nrab-lol-pass.age   | Bin 435 -> 384 bytes
 secrets/alert-plain-pass.age      |  14 +++++-----
 secrets/hercules-cache.age        | Bin 1012 -> 979 bytes
 secrets/hercules-token.age        | Bin 842 -> 888 bytes
 secrets/leet-nrab-lol-pass.age    |  15 +++++------
 secrets/legion-niko-pass.age      |  15 +++++------
 secrets/secrets.nix               |  41 +++++++++++++++++++++++++-----
 secrets/vault-cert-env.age        |  14 +++++-----
 13 files changed, 76 insertions(+), 41 deletions(-)
 create mode 100644 hosts/kogata/default.nix

diff --git a/README.md b/README.md
index 6ac9b2e..c0255d9 100644
--- a/README.md
+++ b/README.md
@@ -13,6 +13,7 @@ Collection of my personal Nix configurations and opinionated NixOS, nix-darwin,
   - hijiri-vm - linux vm running on my macbook
   - miyagi - my work machine[^1]
   - ude - another linux arm server
+  - kogata - my m1 mac mini doubling as a server
 - modules - options which in principle should be reusable by others
   - */common - common options between my machines which aren't meant to be reusable by others
   - system
diff --git a/assets/ssh.nix b/assets/ssh.nix
index c03bc8f..fccafac 100644
--- a/assets/ssh.nix
+++ b/assets/ssh.nix
@@ -12,6 +12,7 @@
     legion = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILHX2MNGZGSTedYAepZHgcx+KK0A6ASulwSrpf9ytb5h nikodem@rabulinski.com";
     miyagi = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEIf4Ypws+1v9WL9MibW1dELpa/7YixElaBE7S71jsTy nrabulinski@antmicro.com";
     ude = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEDm3M/i/4wP2BM4+9hHAOMospwvlBZ+FT+pJtVgaaMq nikodem@rabulinski.com";
+    kogata = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGK7H4Z29d72HJlI69Vt0YLOyuPcn9XxYjvMZfql80z0 nikodem@rabulinski.com";
   };
 
   system = {
@@ -19,5 +20,6 @@
     legion = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH0Ktyj0FSn8KLRwRGd0Tp/qNUPXV7+XyxAsWGWdMYp8 root@legion";
     miyagi = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILbUcsZrZgGHojG+1yVyNEW5Fgr7/7qNaWxOt+lFrJaD root@miyagi";
     ude = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDZW15ObZ6XG776pdEvs9yqSuIiWlbGveEVA774Ri9/o root@ude";
+    kogata = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICPN/SXBcIB1WN8GIhYrQrqzFGuVkEP4o0E+x0uQ4f2l";
   };
 }
diff --git a/hosts/default.nix b/hosts/default.nix
index ecc6cdd..c4aeaf8 100644
--- a/hosts/default.nix
+++ b/hosts/default.nix
@@ -13,6 +13,7 @@
     # TODO: Custom installer ISO
     # ./installer
     ./ude
+    ./kogata
   ];
 
   builders = let
diff --git a/hosts/kogata/default.nix b/hosts/kogata/default.nix
new file mode 100644
index 0000000..45fe071
--- /dev/null
+++ b/hosts/kogata/default.nix
@@ -0,0 +1,11 @@
+{
+  configurations.darwin.kogata = {pkgs, ...}: {
+    nixpkgs.system = "aarch64-darwin";
+
+    settei.user.config = {
+      home.packages = with pkgs; [alacritty];
+    };
+
+    common.hercules.enable = true;
+  };
+}
diff --git a/modules/system/common/default.nix b/modules/system/common/default.nix
index c44861e..5b07975 100644
--- a/modules/system/common/default.nix
+++ b/modules/system/common/default.nix
@@ -53,6 +53,9 @@
 
   darwinConfig = lib.optionalAttrs (!isLinux) {
     system.stateVersion = 4;
+
+    # Every macOS ARM machine can emulate x86.
+    nix.settings.extra-platforms = lib.mkIf pkgs.stdenv.isAarch64 ["x86_64-darwin"];
   };
 in {
   _file = ./default.nix;
diff --git a/secrets/alert-nrab-lol-pass.age b/secrets/alert-nrab-lol-pass.age
index 089369a86e2bccd6c6d201207e2ae02c0f47cddd..321ccf7a9a10a7c89dde4e6a3aa697fda33ba950 100644
GIT binary patch
delta 349
zcmdnY+`v3Rr#`nlHznN5-Ag~h%g-$(r_{J8Eu}mls@$<C*(BQ_%egY$z|+6PJUl<Q
zm@7BPGCj&8xhSw8&C@9{BiGQ)#5dETAk`_$w=k$Axv<PT(=V~a&@|W8fJ@g-p}06h
zH#Nn`)YQ;Y!QDHftUO)8)Xc5eKO!f+Fx$)^%+<>|slMFIw<0XpyeP%bC&VKo$|p5h
z+sU{zGosRyE2PL&+qE>H)Y(7O)x%i3I4`46KcK`sD5xsLz|Yh@B-27W+sVf?T-(c)
zOIKG{!M)hsA|=WsAlD=<HzhU1(aG4&+cKjdwKU(y+qlfhCEYKo#N9bO)F;b=%eVch
zZrW?pdtv6DIU<|?$eg(={fXxa>*rlt*`HL+f5YUo`g-x)WoJ%)eO7Zsp|s=B8Slc%
xc=6=kGXV#;$yZexrM@<Jl{9C8$*w2CAC4_IVita#o)p(%Tgve#D&<1ICIEU@g0TPq

delta 401
zcmZo*-po8fr@qi9N4vtzxZKRmD5*3s)UqNdJY7E`A}KvEJv=Bsz{NZ`qQKcazcRSe
zf~zvX&mhS&(lsqGx5_QF%Gce*Ffk-Qs?@wB#jUW)B&Q_YJfb2q#mqRulS|i5p}06h
zH#Nn`)YQ;Y!QDHftUO&IDk~`}B0@jN#oRC{ATc?&s$M@UBFewipsXOLxZKCXFu63f
z(mBP=*DE8NE2W?~z#=R%vOFWW&@s;=y|lO@Dy7IbG}X<l%-KKNE#EQRw=&er*ibti
zWSvr-N{ViJQEFmwDp$FAltG@Cr(c#qT4r!=P`Fo8fTd?nqJ?`>c2<y|r-x~UCzr0S
zu0nQwd3bP=iDzYgwzEl~o3?MZqhX$*Pp+eLgm;*CfPaRsk9SpiQIKO%rYF}|F8OR-
zuKTqPhx;Plyjy==`|ig@+ZM#}a*6C%zd41gi1$I#GwI?D%_^TC{4!O#$*5Uhb)~q=
vpC_a?DgFHBg%5I8uU`G*gU`QL#-aJ?OhQ}?M;<e9Nt9RC9!gx;5w!^bjGK~S

diff --git a/secrets/alert-plain-pass.age b/secrets/alert-plain-pass.age
index 6ec01da..6810937 100644
--- a/secrets/alert-plain-pass.age
+++ b/secrets/alert-plain-pass.age
@@ -1,9 +1,7 @@
 age-encryption.org/v1
--> ssh-ed25519 ioPMHA qqVh4A0E1AHAKWzkfGkJngMUdMc+HSxcKjyYQ2gaCAQ
-hKu0kGoC+DFFzhGI8hq0oiiRuKa0kiE1WqTjq5tfPt4
--> ssh-ed25519 GKhvwg KBSfWjKPAhb+FmKet9HoUfcffcGvPvoM2eWWgysxWk8
-xhymHp+IWG6gH63U6dX9cSg7eIPD/Uhtj87cAS0vtfU
--> @oU{zMr-grease
-tw95QJTmdroGQEQhYEGLUNBJTp6Zdytql07m8Cjt1OvnNdt5/A
---- iM/8bokZsr5SDc73lZTloR/YpngXsy/mt1E89rNCmZI
-Kß“,{ÅGG ™Ù” ½3“ÈôF7(ÈÍôI0R,¤ƒêá!GìIl÷ýY[­ï
\ No newline at end of file
+-> ssh-ed25519 ioPMHA 4EqxwfHCz9VJQPMfULLbAr9eaesivV9BE1ERyrH91xY
+M2l3meRzStyjlG9enK3ObCeglXP6cOfiYzrqcw0in2U
+-> ssh-ed25519 GKhvwg 2CjaggQgGYNEfP/IBME/T0cueM5KY94nK5VbbXw4Tj8
+Mi0Sig6qtnBtKVEiw7uBQqyLdqxw6OuJzAbu7USrR40
+--- OfhXRbqvSTxx9Sv/Ke7IHMSZrkVF/dmCqabmt5fbhP8
+ëHŠržm-iBÌ³Þ¥.Ú{2»]PÔ¾d!eæô¥²Uým1ø{dŒÈ
\ No newline at end of file
diff --git a/secrets/hercules-cache.age b/secrets/hercules-cache.age
index 3f8c310b490d4ec5fd46f757d7407db2ce07a70c..034c1c1904b6cacfbcaa77534fd68cfeaca985f2 100644
GIT binary patch
delta 910
zcmeyuewlrOPJLu>VsL1cV{uYpaI#aLMP5dMqhXLwQlzI(QdntFcyXX>lw+2DMSw+l
zK9_!qetLmRS!S|Xj-h_GYr2QGQ(n2Nd#P!9l#_d?flsDcd67%HiF0UVGMBEMLUD11
zZfc5=si~o*LS}w|uZN>TSa^AIX1P~bN@!kDn7enPnVV;-aY1fkdRTaYsbip*wsvuP
zsEMC(vUz$smws86zDbgqPoit8Q(|6fnrpFPT8g$uP@zGhQDkOnU`3v5YO<qOU}|>Y
z#E;_j`Qbr+;gNYk7Qx2;W=>Is>88Gc<sL3sE}4N&ZiNvUrb(s-8BRHoKH-sE+6A7@
zK0by{MTwDqC6*b1K6%;xi8*Q6xtSK;VTF|$29Yk>mQLB8mgW}dJ~4GPFGvkkFf0$z
zukZ`VNi#CZF)PVT_IC>_4$n8w$+9R<Epjd{a|$sx$TZK3%JvA(=Q0U0EAuEfaLdni
zHS};T4>9y8@Jo;M@Hg<$Pjxo)D)kFXG^?l#O$;dxoE*<6UZ3G%=~QLzV^JOv=AGl|
zmR97H;$)JS=9l6VWNIE9lIO0U>Sy8_V(gUZ%N0-(<X>!DmYL+Koe>$48c>y;Wg6lh
z>=kB_RAgC_<R21PZk%pVky32n%B8ETtB|N4?q5>jZCYj)QQ}sX=;-TI7!??mmQhuZ
zT%;eRpP!eWRd47NnP!$`<jD0nOJ#+a(Vc6*7#=oSCQ9@C{!riAzhKkij5AyzYhEvX
zt16m)C415WhdmnuepS1#zQ*7(RhH|=p&e(r-@g?~$a?y?cShLjc;7p+K1Uu^USE8?
z>w*A_a?9NlkDUz;xH<c2Jd~WS@Kk)?yoD?M?+8s@vcJPm#3OroeU2ET-5ZI(7cWhc
z+`4^)c5My&BYr9<bKhw##_n(LID+SUUj385T31M>N%Ze2ODBEheVWNEnP%<2E;fv}
z|6j<^JImU}#hLN!orlZX7iPj+Ui&mGy(r}JjP+`Q-jg+Zwo5GEJfCmxdA>!@6O;Ow
zJ}!Q<aJGA?&%1?Ufhrp|ir+3W-4ehT{l(4Tgzee;%l0OiRhN{``KMP?Gvju#P_5fP
znIGBD|AgxbGagL#xvjhRPn6lc?2aFL`H$9LHb@Ds?%nu5cGBuspVo42DW3hwo=?{>
o@S@^{2f-g*m6x8(NS2)W<7e(ku@mJ@J_((#mX(&Q^OHUc0Ifh~%K!iX

delta 944
zcmcc2{)K&lPQ774RGwE_glkY*S!F@FXP&lmuB&BcZl<?qk-1TXzlnC5OQk__rb|v<
zHkWpJsF6XWWrTTQX=;#fva@M~vrlGeS+RL|x|vg@VQIOszIl{ml2>JVGMBEMLUD11
zZfc5=si~o*LS}w|uZN>TN|~2=u6u;Bp=nU1iJ4hwrJKHfR8Xl`aJI2?es++5dPI>)
zp}D1DZb*aySC&_xTY#BQPEloqsar~6nXi9Nm_=blXmNpQMp34JdR0MQcwkAIPgQ2}
z#E;_Pe%i(X{>DE3#wE_4`K8{TCWeLOK1Nl>!HHoW7D2{Q`q`$LKCb%4#g6G*X)c)-
zK}MyXC4ph?$>s*0u31K&rtVb*Caz`~!A_|erXI=RVg7|4>E)i2&oYYFJDLYqWK@I|
zr38djrKU!Bn0Z^28koBq2Ak!VrMd<d`C1s4<dvDH8@Rc083wx;mt~n7X5<%#l!O@-
zI9mjU`B@aFTbKnVNBQIy=H~f_ROJ=sM)){_LP@(g*e6>zy(l%YI8~uiEl0s5m&@Fz
zG&3v9!qqgQFh42D-L$?cw=6v<K)cF3sys*EBFDrcBD2EO&8^tcD=?|Dpdd9e(X7P0
z%-hIZ->fnvEIpaa$k)9xqA1YZ*T*$4u)xnKD%ITGE6_B;)7P}z$t&F@(8I&oyDCLH
z)5Oa?IV8y~!@{%3BArWDS687R)6BxLva~e6B-OvfRo|>4+@xMVG|{ohP&=<6$|55y
zH!;dnJ6t=&$j_B4W%k);`quM;KX5(buIx$R66TyFFBoJSVb%Uo!1t~gJJ;fpwVhXZ
z7-RRiZW39x?8U-2Z~v9@JY!n&W{d6fevgA!E0&di3Y0s{mb>!Dwtk^<Nk-*O?_KtO
zQT>~B#`l<ZEmvpCq~EXV+ahCYN&>mA+`7LsNKET>TlM)x8zw5AJ*L>rQg=q2`_Kfn
z_Z^?Ep6}dR;?K;-u*a%c=V1P4yE*RhPx8|)O8IwKZ(Po|Pgwg+fpWjH_=~4usT_K8
z^-)`P+}KntT&T^nsz~~x?k1lfA2Pl=mNH5`@wDjNV#aFptors*rpZsTS?kv?kNtn;
zwSHcmhQ(UV*pR}jT#{iojvY(fk-Va*tc3kabEQ}1&4(MeKYq=(`j=40G4qXX6E5Eo
z(!BGj@W*zcwEh1UM=h_v7+EO6{_M|Oi7mm;loP%=y8L*f&g2@_+nFQOe6sXpwYL7^
hsKp*ZZ_l|^C@ov^_tnbminkwnt=ZJhGV6By0RUvLZaM$}

diff --git a/secrets/hercules-token.age b/secrets/hercules-token.age
index e5434690941f9e46ae2176db865ca506e5b55d33..f6a958ff625bd2752b82d4d2aa98b0701c1ae9fd 100644
GIT binary patch
delta 819
zcmX@b_JeJLPJMcwYeAHyk+*?Geu1NtNl=QmTWCg(hq-p1MW&;VLB2^<QBskkg<+_h
z1y{POZ(dqdMp}WHwvU;anXgAkQBqn+NJU0Km48}5pt-hzzeQ3&pkr>N374*&LUD11
zZfc5=si~o*LS}w|uZN>TQbs_DYni@hNNIsngjtTiwp&<=S&2)bfwqrnd9Hr3zJa4}
zab#F|UZtA>SEWgmPpD_GL1e01UTLnYvrCpiaA{VQSzc0vQ({D-g=0~Wi+@^1VMc|?
z#E;_jS!QOXewpd!<`o4|X};;sL4}EV$;MS-$;NrX{?1`e*=5;j7Fmv2+JOdKN$&cg
zl|I3)g?VBAg{A3<f$5%6m7%#o`R=Ak-WExjX$7G!CVpmRZbr%IJ~4GPFGvkkFm+GP
z@$>W!b@XtJD)jPjH*w1<HgPW~^UpOYc1%sRFiFXEGVnJI&I%9q<g)NEN%b$ODAh01
zFD%J*%1bOQO-v4PPf02Ws!a08C@qb2EzdG8$Z~Y`ogB|7USE*ruAN^Rn(C)rnv-FY
zl<02c6lGxOmY5u6VVI$B5o8+VY@V8tUFe?f%avYGnG{}PX;hFMl5HMkk>^+zl<sF~
zY*t=j>07Q{Wf@lH8kJt<m7SjJ%cZNUtB~a4>=KcfX&M<&QR1O(Z0ueY=4g@_9+(+m
z>Ex4M5mn({Q6C=YZyE09Ud+{$eeVBj=cbqYpSSQ?E!F0D+|AIpD@A<o^Y4rF_q)Z2
zggq`WG3Stp?dOrHNY7GLS!%XzuVv5gIgL(Ae(u%L7Cf3yy*uQtZ>>_UT3BXri$T;j
z?On8s|2>zW;>Xe2(<N_xyfLeMvT4Z#pEQ#T3bPXyt~jtIm$g2mYiD7;__n!*?WgnB
z|Mq+%TgR69M6GdRVbtWBd}qmNtGk>#-AaW09-E#$sA88c>E^H`bMk!G>8a9ZG{VhA
z&L7jUtXQmc`=;!tJf7X>+CraO%z4jpIrh0pMS<Xwx=W3#Hm;b-_<~{D-RmJ!R+oJX
usXWwSDWmj0^yH>JV)@)0;-6Y~TPN<G9WtqHM|c04n%t+#LhMUt><0ko=`cY6

delta 772
zcmeytc8YC+PJN}hM^Z#(T4ZFVtE+FWNlAX1Sy*XlR+zqDWwuXvh^u*}p+Qc5SV+D{
zAeXUunT20!uv?0mo13#)YFUnfzH_=;o}Wu#NvW%AQkhvwN|;GriAQ=yK9{bYLUD11
zZfc5=si~o*LS}w|uZN>TzFAP9lb@+iuDOe6u1`U7xLabec21?US9)PqNLEF$Z-sxp
zaZ$NnU|NPNS9)=2WKOtuVUD(?zM;2IRIr7qrH8vyT3V`aicx4#XjW#aXO*$LL131}
z#E;_P6=9(nK~Y9-MI`|dmQh}=UIm%10cI8jrfH_eQP~lm#-^cB?&j|KL5}HMl|ccS
z-i|@x#brSrnT7iLDTO8(DJib{p;^JD7XF?k-pK(;CIN*h<sPn+&oYYF=R}5vSd@kp
zBsu$f<?3ffcv=`#<P};vT3Y6oIwj?}grxh1`<VGA<>jSwMPz&Wc{*l$rMqPt7&@kE
zS0zW3207*!`x<8XWTm-!S4HI(<{BrJni`dZLa9VIy(l%YI8~w6+1I2rH(4PrSVuD?
zQX$yKO~Hz*(m2;U!@0g9(j+iFJkd2Gr^vlB&&(j#Q`<MN*g2g`S65fTDbv{8J-8$)
zP`@HOC(SF{ud2{5Eh^l}OgqiBG^M=C#m&#X%F{0(Ex(*AQm$*)N;@NcHxb60^Cd+a
z=GHI?-4d6N;*eG1*!IZj|AhB%L+59nS9Z_)yIQX|H(-zBUFB<Q>t`NJOwGKw@$x6(
zhM%QXDSNbTpS@Lnv{zBzXA=MV%`$s4ns4PSnV7xQt|j$)#nMTBQSXEGc{C#L`pBGK
z8JcxxH*?|ioY$Hn3%v@qZQd+tcW|FY++HEszi)mhcREE`vh4fSv_8b6UpS{waP?US
z0cobEXMf7S_^>3btma*6CCj&Ps{q-pU0Gd~4~&EEq#f&4wOv%lJ(HoTIQ-<cH`<qH
zop`-=fvn#WyQs}SyZWT;XD*w%Fl2tgF?Ox3O*-d9W9!q;*1Wk9=l@x-cz4O9uQIyb
MQk(w&ym0Y50QSfz)&Kwi

diff --git a/secrets/leet-nrab-lol-pass.age b/secrets/leet-nrab-lol-pass.age
index 263df90..147eacc 100644
--- a/secrets/leet-nrab-lol-pass.age
+++ b/secrets/leet-nrab-lol-pass.age
@@ -1,10 +1,7 @@
 age-encryption.org/v1
--> ssh-ed25519 84j9mw 60XbIW64DZX9qTPvWP1O5NCjyf61W3oMNsN3Q+Up2CE
-K52Sye1rQiv5SQha3AGBu9V9jSlc4NgiGaLWabXwyRE
--> ssh-ed25519 GKhvwg r39/lbL3Bv4R9vMnwMHPUUYrTWUckNya9Rtbx5u9sAA
-/DcA2jJbFSvikdxWkLplmlpON0J2KcrsT26x1QK98vE
--> Tw\nck-grease
-sq39qrZT1PsMtl4VPGHTDvsw7v8rJfa8MJknNRzp1rVrq5rNLg
---- uZjIGnDN/nUbdcIyfy80RUxuJUCODct1uhaKM7EmbDQ
-fo1H„×X¶®qˆ*¢âÂŒ¯6|mŸ“#3Eü2Ûœqë·klìS@h:T^ÎS¦Uªè¥:wz¤ÜM`¤.Ë²Ö#„ug
-Qk\ 0OÍ´‘ãÑ¤HÞ
+-> ssh-ed25519 84j9mw T5HYWpCNb7V1Ox+9tEdebKLwUpG7faSHPnMXM2WQiBo
+P2vbyCS2EoZiDMrSMFZSo3olmrUKvqMzC6IbqF3njiE
+-> ssh-ed25519 GKhvwg AoxnrsJAkFZ3jXXlQUCjG9gIi/jjkDbYP6m+aF4zUn8
+40eUcRqG7nfMmhCPlzFnFTiL5DAKNpNB075DjFj/Akg
+--- 8RLfYhxRRAU3P3LRt+vSUCkxHVv9+Mtv/fkHIXQR9Ak
+éJœ¼ýòlMÆ$”ë"ÇÈÍAûXŒ™_×ùw”RJèáõ¬îEEhg2Ìä+fLzfFÑ§íe—åüÔ°Úá‡Ðe‰Ü†§÷*¨¡ÅžC`+pèí˜í
\ No newline at end of file
diff --git a/secrets/legion-niko-pass.age b/secrets/legion-niko-pass.age
index 1d226c2..15ead82 100644
--- a/secrets/legion-niko-pass.age
+++ b/secrets/legion-niko-pass.age
@@ -1,10 +1,7 @@
 age-encryption.org/v1
--> ssh-ed25519 ioPMHA A6SzZP5Fqppeg0xJ2GBrBIVzby6tpt8dMrOpkg6IU0U
-wZOmja7rff0Ot/xxSikzKKuzva7aeDP9l1yQF3wiR2M
--> ssh-ed25519 GKhvwg SQ/Nl+i9/IGrqjAeGXDvYLHbLdIW2GnwXHtJUTN2TA0
-bXK1+8SE18XtILUqM8s2KCbFiXS4aKN7IVFvtTjiBuU
--> {Z=m(-grease J$7_wp rrf\
-tXMmFUM2
---- 6B3pPWUGKzSAlEYmttE4EiuuDxmUYo9tdnKlw+QUI0o
-vGb¾
-ºËÉ§ýþ XqEÑ˜µml]ÉÌó‘óüc)óü£“t\(c¸]¶QIªf¢Üìˆ×Í›_ŸÁø`ÆÙìu–	ãÊŠß€¡è ÕûNJvØ~W'èQœŠHk\]³
\ No newline at end of file
+-> ssh-ed25519 ioPMHA BCoFRArzhiWzaXVtF1qkiPxL+M5WuLsrUqH9T8hh7D0
+3be6hdQ8hjRLCuN91pB8X/WhvwfpvPifsICFOxAUxlY
+-> ssh-ed25519 GKhvwg 0L+oViZLW+pKKDmP2H4uv1PDAE423vqAHpPltN+euhU
+zDVev9k/LRuqUWvSjFxCE0H+yt8xniV/Au0Z+49zY9M
+--- 1UkToOyXP7ljQ+KTcSfNydUd8J1rm3QeyabusJiZqAM
+J)2¯¶öa ^6´õü’ä—ïAJÐ¦áÍœ5ºö”1iÑ	¡”Ò““c ¥÷ºZšƒP<LËVð¾lÓÞö3î0\ú2\/ocÖ9ÂµªrdlŸ¯ü#ìÍŒ5®=š,'9÷¿
\ No newline at end of file
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index 4cc0678..27b859a 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -1,12 +1,39 @@
 let
   keys = import ../assets/ssh.nix;
 in {
-  "leet-nrab-lol-pass.age".publicKeys = [keys.system.kazuki keys.other.bootstrap];
-  "alert-nrab-lol-pass.age".publicKeys = [keys.system.kazuki keys.other.bootstrap];
-  "vault-cert-env.age".publicKeys = [keys.system.kazuki keys.other.bootstrap];
+  "leet-nrab-lol-pass.age".publicKeys = [
+    keys.system.kazuki
+    keys.other.bootstrap
+  ];
+  "alert-nrab-lol-pass.age".publicKeys = [
+    keys.system.kazuki
+    keys.other.bootstrap
+  ];
+  "vault-cert-env.age".publicKeys = [
+    keys.system.kazuki
+    keys.other.bootstrap
+  ];
   # "bitwarden-env-file.age".publicKeys = [keys.system.kazuki keys.other.bootstrap];
-  "hercules-token.age".publicKeys = [keys.system.kazuki keys.system.legion keys.system.ude keys.other.bootstrap];
-  "hercules-cache.age".publicKeys = [keys.system.kazuki keys.system.legion keys.system.ude keys.other.bootstrap];
-  "alert-plain-pass.age".publicKeys = [keys.system.legion keys.other.bootstrap];
-  "legion-niko-pass.age".publicKeys = [keys.system.legion keys.other.bootstrap];
+  "hercules-token.age".publicKeys = [
+    keys.system.kazuki
+    keys.system.legion
+    keys.system.ude
+    keys.system.kogata
+    keys.other.bootstrap
+  ];
+  "hercules-cache.age".publicKeys = [
+    keys.system.kazuki
+    keys.system.legion
+    keys.system.ude
+    keys.system.kogata
+    keys.other.bootstrap
+  ];
+  "alert-plain-pass.age".publicKeys = [
+    keys.system.legion
+    keys.other.bootstrap
+  ];
+  "legion-niko-pass.age".publicKeys = [
+    keys.system.legion
+    keys.other.bootstrap
+  ];
 }
diff --git a/secrets/vault-cert-env.age b/secrets/vault-cert-env.age
index 2664b39..6dbadfd 100644
--- a/secrets/vault-cert-env.age
+++ b/secrets/vault-cert-env.age
@@ -1,9 +1,7 @@
 age-encryption.org/v1
--> ssh-ed25519 84j9mw iX2rMQ/L6p+pZO6HZWGk+LWuQzTbWrTMRHbAMONyMQI
-qwcUJ9BMDc4gaZS3voRtgZwuOqU7IeaOp1RMfmmeSMo
--> ssh-ed25519 GKhvwg /O4i6P36CGqPwiHlV59QDlnZnE7mgz+u8wrt7hI6Z3M
-ytfwriyDoCROiePo8Ey+VETVPxd42ltj+8s91hRDWoM
--> RB"-grease Ia=.
-J9xSMHsIpNTKbksUxqZM8M5bgJwxapjGp8VYKh7bXk8jH9nOhUuhrLA
---- i3nJq19lE+kSfe3fzciLrZ0QOUT0ItuP62fXFBvnVrg
-]2•6ÚìÉF/á³!xlB¯M¸oN„p|«’J³o¹ŒÝÚ#c¿îÊª3\zÎ‘è»-1½’"4(ä”ìŽÁQÜ=øJJ¤c¹g°Y¾j þ
\ No newline at end of file
+-> ssh-ed25519 84j9mw eje98xFWmQ76FVbbuu1fIJSN26sxalB3hQeCZe86tGw
+2hIPVSC1oLwY/AtEhKa0qUenw8nBBOY5uC74B0O4ohs
+-> ssh-ed25519 GKhvwg e4D3PZQrTW3DHV9YLD9d9wvirIhCNJCBVqI/BKC6CWA
+jpQnjh4yhLJdjeBcjlyP+aRZfSI++7j8PxlIwbQ00Qw
+--- eU8hHBZ0+PiVjH1SetgWVronyegyAZclWnIdxHmeO8Q
+í)b³#pBJxÖ¼Í%¶—ù…<txsdJŽƒ‡º`jÞ_FÅd€n2gåMOOžó«\?~6ç>êa«§q(ÿlP¨«{ƒ+j¼¿>lâé#Ó
\ No newline at end of file