[sops] change reproducible secrets file structure

scripts/add_new_host_keys.sh

@@ -16,22 +16,24 @@ if [ ! -e flake.nix ]
     done
 fi
 
-pwpath="machines/secrets/keys/itag"
+pwpath="machines"
+hostkey="ssh_host_ed25519_key"
+initrdkey="initrd_ed25519_key"
 read -p "Enter new host name: " host
 
 if [ "$host" = "" ]; then exit 0
 fi
 
-mkdir -p $pwpath/$host
-cd $pwpath/$host
+mkdir -p $pwpath/$host/secrets
+cd $pwpath/$host/secrets
 
 # Generate SSH keys
-ssh-keygen -f "$host" -t ed25519 -N ""
-ssh-keygen -f "$host"-init -t ed25519 -N ""
+ssh-keygen -f $hostkey -t ed25519 -N ""
+ssh-keygen -f $initrdkey -t ed25519 -N ""
 
 #encrypt the private keys
-sops -e -i ./"$host"
-sops -e -i ./"$host"-init
+sops -e -i ./$hostkey
+sops -e -i ./$initrdkey
 
 #generate encryption key
 tr -dc 'A-Za-z0-9' < /dev/urandom | head -c 20 > disk.key
@@ -40,9 +42,9 @@ sops -e -i ./disk.key
 # Info
 echo
 echo "Hier ist der age public key für sops etc:"
-echo "$(ssh-to-age -i ./$host.pub)"
+echo "$(ssh-to-age -i ./"$hostkey".pub)"
 echo
 echo "Hier ist eine reproduzierbare mac-addresse:"
 echo "$host"|md5sum|sed 's/^\(..\)\(..\)\(..\)\(..\)\(..\).*$/02:\1:\2:\3:\4:\5/'
 
-exit 0
+exit 0