From 727f771c4fae602de3886439c28db1ac948e38e7 Mon Sep 17 00:00:00 2001
From: kalipso <kalipso@c3d2.de>
Date: Tue, 14 Jan 2025 13:46:08 +0100
Subject: [PATCH] [docs] update sops

---
 doc/src/anleitung/sops.md | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/doc/src/anleitung/sops.md b/doc/src/anleitung/sops.md
index 528f150..e1e5e57 100644
--- a/doc/src/anleitung/sops.md
+++ b/doc/src/anleitung/sops.md
@@ -22,4 +22,14 @@
 
 - Write `- *admin_$USER` under the apropriate `key_grups:` of the secrets the user should have access to
 
-- `cd machines/` and reencrypt existing secrets for the new key with `sops updatekeys $path/to/secrets.yaml`
\ No newline at end of file
+- `cd machines/` and reencrypt existing secrets for the new key with `sops updatekeys $path/to/secrets.yaml`
+
+## How to add host keys
+If a new host is created we have to add its age keys to the sops config.
+Do the following:
+```bash
+# ssh into the host and run:
+nix-shell -p ssh-to-age --run 'cat /etc/ssh/ssh_host_ed25519_key.pub | ssh-to-age'
+# create new host with the output of that command in /machines/.sops.yaml
+```
+