Add bit (CachyOS laptop) to age recipients + re-encrypt secrets

Browse source

bit-cachyos is the 6th machine in the hive. Generated a per-machine
age key on bit, added the pubkey to the recipients list in
.chezmoi.yaml.tmpl, and re-encrypted the two .age secrets
(dot_omp/agent/encrypted_.env.age and encrypted_zai.key.age) with all
7 recipients (1 recovery + 6 machines).

Bit's existing partial setup (pre-existing chezmoi source dir, omp
native binary at ~/.local/bin/omp) is backed up during the bootstrap
script to ~/.local/share/chezmoi.bak.<timestamp>.

See onboard-bit.sh on bit:/tmp/onboard-bit.sh for the no-sudo
bootstrap flow.

...

This commit is contained in:

Rain 2026-06-22 15:03:54 -04:00

parent 89881a740d

commit a2cc669b22

3 changed files with 18 additions and 18 deletions

Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL

Download patch file Download diff file Expand all files Collapse all files

BIN

dot_omp/agent/encrypted_.env.age

View file

Binary file not shown.