From f61cbdbd52929d6db6512557ac73622367feecc4 Mon Sep 17 00:00:00 2001
From: Sridhar Ratnakumar <3998+srid@users.noreply.github.com>
Date: Sun, 20 Jul 2025 22:40:04 -0400
Subject: [PATCH] Add configuration for Tart VM (#92)

---
 .github/workflows/ci.yaml                     |   2 +-
 .../nixos/infinitude-nixos/configuration.nix  |  49 ++++++++++++++++++
 .../nixos/infinitude-nixos/default.nix        |  21 ++++++++
 .../hardware-configuration.nix                |  38 ++++++++++++++
 configurations/nixos/pureintent/default.nix   |   7 ++-
 justfile                                      |   5 ++
 modules/home/linux-only.nix                   |   2 -
 secrets/github-nix-ci/srid.token.age          |  34 ++++++------
 secrets/hedgedoc.env.age                      | Bin 1287 -> 868 bytes
 secrets/pureintent-basic-auth.age             |  36 ++++++-------
 secrets/secrets.nix                           |   3 +-
 11 files changed, 152 insertions(+), 45 deletions(-)
 create mode 100644 configurations/nixos/infinitude-nixos/configuration.nix
 create mode 100644 configurations/nixos/infinitude-nixos/default.nix
 create mode 100644 configurations/nixos/infinitude-nixos/hardware-configuration.nix

diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index 3673d55..215418a 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -11,7 +11,7 @@ jobs:
     runs-on: ${{ matrix.system }}
     strategy:
       matrix:
-        system: [x86_64-linux, aarch64-darwin]
+        system: [x86_64-linux, aarch64-darwin, aarch64-linux]
     steps:
       - uses: actions/checkout@v4
       - run: om ci run --systems "${{ matrix.system }}"
diff --git a/configurations/nixos/infinitude-nixos/configuration.nix b/configurations/nixos/infinitude-nixos/configuration.nix
new file mode 100644
index 0000000..773ebbb
--- /dev/null
+++ b/configurations/nixos/infinitude-nixos/configuration.nix
@@ -0,0 +1,49 @@
+# Edit this configuration file to define what should be installed on
+# your system.  Help is available in the configuration.nix(5) man page
+# and in the NixOS manual (accessible by running ‘nixos-help’).
+
+{ config, pkgs, ... }:
+
+{
+  imports =
+    [
+      # Include the results of the hardware scan.
+      ./hardware-configuration.nix
+    ];
+
+  # Bootloader.
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+
+  networking.hostName = "infinitude-nixos"; # Define your hostname.
+  # networking.wireless.enable = true;  # Enables wireless support via wpa_supplicant.
+
+  services.openssh.enable = true;
+
+  # Configure network proxy if necessary
+  # networking.proxy.default = "http://user:password@proxy:port/";
+  # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
+
+  # Enable networking
+  networking.networkmanager.enable = true;
+
+  # Select internationalisation properties.
+  i18n.defaultLocale = "en_CA.UTF-8";
+
+  # Define a user account. Don't forget to set a password with ‘passwd’.
+  users.users.srid = {
+    isNormalUser = true;
+    description = "srid";
+    extraGroups = [ "networkmanager" "wheel" ];
+  };
+
+
+  # This value determines the NixOS release from which the default
+  # settings for stateful data, like file locations and database versions
+  # on your system were taken. It‘s perfectly fine and recommended to leave
+  # this value at the release version of the first install of this system.
+  # Before changing this value read the documentation for this option
+  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
+  system.stateVersion = "25.05"; # Did you read the comment?
+
+}
diff --git a/configurations/nixos/infinitude-nixos/default.nix b/configurations/nixos/infinitude-nixos/default.nix
new file mode 100644
index 0000000..928e79a
--- /dev/null
+++ b/configurations/nixos/infinitude-nixos/default.nix
@@ -0,0 +1,21 @@
+{ flake, pkgs, lib, ... }:
+
+let
+  inherit (flake) inputs;
+  inherit (inputs) self;
+in
+{
+  nixos-unified.sshTarget = "srid@192.168.64.6";
+
+  imports = [
+    self.nixosModules.default
+    ./configuration.nix
+    (self + /modules/nixos/shared/github-runner.nix)
+  ];
+
+  services.openssh.enable = true;
+
+  # Workaround the annoying `Failed to start Network Manager Wait Online` error on switch.
+  # https://github.com/NixOS/nixpkgs/issues/180175
+  systemd.services.NetworkManager-wait-online.enable = false;
+}
diff --git a/configurations/nixos/infinitude-nixos/hardware-configuration.nix b/configurations/nixos/infinitude-nixos/hardware-configuration.nix
new file mode 100644
index 0000000..0906429
--- /dev/null
+++ b/configurations/nixos/infinitude-nixos/hardware-configuration.nix
@@ -0,0 +1,38 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports = [ ];
+
+  boot.initrd.availableKernelModules = [ "virtio_pci" "xhci_pci" "usbhid" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    {
+      device = "/dev/disk/by-uuid/93794f73-b8ae-4b64-8031-c908ccce556d";
+      fsType = "ext4";
+    };
+
+  fileSystems."/boot" =
+    {
+      device = "/dev/disk/by-uuid/B8F8-6DD4";
+      fsType = "vfat";
+      options = [ "fmask=0077" "dmask=0077" ];
+    };
+
+  swapDevices =
+    [{ device = "/dev/disk/by-uuid/00acfcf3-cdfe-4179-b178-f3bae66fb059"; }];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp0s1.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux";
+}
diff --git a/configurations/nixos/pureintent/default.nix b/configurations/nixos/pureintent/default.nix
index ec13012..5469ddd 100644
--- a/configurations/nixos/pureintent/default.nix
+++ b/configurations/nixos/pureintent/default.nix
@@ -16,7 +16,12 @@ in
     (self + /modules/nixos/shared/github-runner.nix)
   ];
 
-  boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
+  home-manager.sharedModules = [
+    (self + /modules/home/all/dropbox.nix)
+  ];
+
+  # Using tart VM instead for arm builds. So disable this.
+  # boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
 
   # For flake containers to have network access!
   networking.nat = {
diff --git a/justfile b/justfile
index 5281288..f2c2e1f 100644
--- a/justfile
+++ b/justfile
@@ -24,6 +24,11 @@ infinitude:
 orb:
     nix run . orb-nixos
 
+# Deploy to tart VM
+[group('deploy')]
+tart:
+    nix run . infinitude-nixos
+
 # Run all pre-commit hooks on all files
 pca:
     pre-commit run --all-files
diff --git a/modules/home/linux-only.nix b/modules/home/linux-only.nix
index 8fa3368..c6d5a1c 100644
--- a/modules/home/linux-only.nix
+++ b/modules/home/linux-only.nix
@@ -13,7 +13,5 @@
     # ./all/wezterm
     ./all/ghostty.nix # Install it anyway for TERM to work on VMs
     # ./all/kitty.nix
-
-    ./all/dropbox.nix
   ];
 }
diff --git a/secrets/github-nix-ci/srid.token.age b/secrets/github-nix-ci/srid.token.age
index f5a0db1..f0111f1 100644
--- a/secrets/github-nix-ci/srid.token.age
+++ b/secrets/github-nix-ci/srid.token.age
@@ -1,19 +1,15 @@
------BEGIN AGE ENCRYPTED FILE-----
-YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDk2SVhOUSBSZzho
-UHJmeEsxby9PYys3c3pMM0VwWVFqcmhyUm5PbFBTRkI3c1lqNnlzClBLbzBoMDdq
-eE9FcDhpT2wrM0p0UzcwVEozcU5HNlJqS1hPK1NBMmd3UlkKLT4gc3NoLWVkMjU1
-MTkgTlVtMHJRIHIyaU1mbnFKS3FPaXV0all3OFVRSHBETWFNVWJLQnZWV1A0d00r
-QnM4a00KbVlzcVhEeUdpemY5M1lMeEkrOXc0Mm5tbkkwZlU5NzNoL29GUm94dzRz
-dwotPiBzc2gtZWQyNTUxOSBZc3h2bWcgR3pRQ2tlYjZyY3E4VEJaQVBuK2NJWGlS
-emhocnF4UkE5Sk9HQyt5Qklpawp3cStrQ3RwM0tRV2E3OFdqTkdoWFRiZ240YkxR
-L0RqME16Yi9Sb1lzZEh3Ci0+IHNzaC1lZDI1NTE5IHVmY3pvUSA1Zk10Tm5sUFJP
-QUJ4c3h4UGhDUjJoYjRPalJQZkNwUVpoTmk1MU1SWlZJCmRjQXFNdkZyQWR0R0dt
-V1N5THZuTHowOXF6a25PcnI3eGJ2MVZBOHYrdjQKLT4gc3NoLWVkMjU1MTkgdmc2
-YlBBIGVXVk9QQ2tYTmc2VDdhRElWNXd6NUhEYXpoQ2ZQeVRhU09tYS9VTVdaZ28K
-TysrSXJkSFViTnl1K3UxSFBsaUk5WGdOODdnMW1VdnJ0NEtoKzJMNElyQQotPiBQ
-a31HLDktZ3JlYXNlCjc1YUlVdnNZVk4xQ2tqQVY2aTFOdGtWZnpDcEtaZzROdHE0
-REljUQotLS0gRm54QWdRWHMvSmo3bnUwQjkreVdPaDBuQXdOQWN3RGVrenN2RmVx
-MTJIdwrsxadaUJo7qgnZgQRdOdCN4rbQan1kVZjoWNdmrMNhPLO1HThP7sCiFfOg
-Kqr/NfYAHDLV7C5EZv3OOq7LRBg++6EJ/Iord7+u3jb00xxq27YnD06UnPTBrC/z
-J+T+375IrvzxfSXWz7hlPbmxj8uokG3VcTbIQLXje1Gflp4=
------END AGE ENCRYPTED FILE-----
+age-encryption.org/v1
+-> ssh-ed25519 96IXNQ Y+qQO24dZBkf1fgom8YZBHaFyuhP4YWxawIKw5jXdEA
+SoF1OvNCnLgxICQIVk5KQnAVI1f0ZR+iQWJDOLMWVP0
+-> ssh-ed25519 NUm0rQ 3tYsvMIY6fh8eF/X28IJmzsBioVSdm2gQkCoQG4VSEo
+YdJ1vqiHiuAMvvoY2ZFK6EL72ezT/v9WTszleeVA/50
+-> ssh-ed25519 Ysxvmg UQa0Tr6pvELjX5yBbOYc07ajRMue/t93uZJ/evW3U2g
+q580dGyueeR0JaNHQn0bwclcpzU19PGDmnKYJOKWZFo
+-> ssh-ed25519 ufczoQ qWCE5o3emHCkpqUjCO+uZxe+qQOhtXK265PPFqjhZSI
+Ir8j4TG0aJEKJ+50wHZ7afaq2zWk+8H6G3CzL/ZQL4E
+-> ssh-ed25519 vg6bPA FZfdgunhkJu+/jeinJObk+Pel9nfn+Q7+0JmyOtcky0
+6K0TcrNHS2tqWxAfgnmGztAiQT47JBJ8PO//9BXJ2NU
+-> ssh-ed25519 WpFZgg d6KWTg3iTv8kA6i6zorUlwo/VTOZ6mqaSsHU/hFFACQ
+LW77/Cj6F6l7MRWDGwup7gppDVAA/v9TVRRKgsHmh+w
+--- d44rm7YzVMPLhhBPB1Xue2VE/RDRe2VIdccl+Ydokzo
+KÉ,‚Èè˜ú˱ß—Žu‹ÝnLθP&ižŽ ]ìVÒðRQ¤òæ˜%}(o4÷Éó‘ÅÓï*îR4#³y®Qã&êKgßÂÝè6¼Åô6ë¼^‚¤ßÌcÔ›¯ÝV®`ο‘‚é“¡Ï™e¬ôâ–·’øÙ¡ör¼m%@Z
\ No newline at end of file
diff --git a/secrets/hedgedoc.env.age b/secrets/hedgedoc.env.age
index 4f8e9817d75506944259d1c58043ff21cb5e2795..4d486fac1b19b4025694221d7f5e3d215812c4e5 100644
GIT binary patch
literal 868
zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCT)H1mw`3sgwWuq;Rk
zHI8s`&+-UQ&GAjKbjqyE^2jqS)K2p#_6~RSE(tW#b}!aW_vG@<4h;)1D>Vo+F|;Tv
z4XV(0b~FnQ4NA@N^NlReFe@)hF|_n{bSp9Qa74GwFErPnC{Q85Jk>1O!@IaF$=}U1
z#n(ToFeA(?B{L{EAjCDeDlsH6JHyMzBRnxP&yg$1B`D0x(bpm+FwfoF$h6YWqtMAO
z%rV*ARX;nZ%p%I5&@<cF(!)EuI3L}%$l{8!+;j!=yi}twC+AdGpWLh*rzA&X<Iq%N
zvor(0eC_lS!>o!TLmy}NNV8-UgGjEtAWv_%2=k<{#C(g$(5PhX0&hnH?TE-I-?Ypq
z1EWGGCzCw=%5p<v_egZxO4E|7@&gr|@{C-9N<6buQuI@^&4NQ+3@ywYP4WxeBC|@9
zUGuX1okDyf!wRxIgMGOI^qrDQJe^8BTtW)W(yKfo16-o~lgx{A%u@oA{f%8SgFT%p
zD;$%maxKtpD@!*^3UE}&a4|J3&(ltE^~|bDH#W<&F!i!1OLNIBO7u-Kw$OKXarVnE
z$kz8UtH|dnuBdb=2&ynEPt1wTE%Gl&)-H}n*0wCl3(cqu%gHV9PprzxPLE0|2*t21
zyud9gJzXKx(IC&TFgPeHr7FZf+r&M?(9Fm<G~c2$P`|vg*vli!GTSM*GSAb^F_6nL
zG9WwIqR`UKG2OAq$IP#)D#y>*DJ`?evDh^uG%>?GFEiXS)X2}MERaiAS63k_#oH~k
z$|=IgDc3yPKf^3HGF`vWG$P0)&?_s)tgy_-H{3I@q$JC&D4%Qf_u>U=6PFt;V=_+n
z+f=}C@vzPLmHLXW?UffD6n}js?dEg)YmN8H79OtUKP|Z|=*yjnD<bb!1mC>YDb$u{
zwpOxZwv$u!9N)5|owqrU9ZKV<^FPH@Q8iOmMgCme?_+!AlAMnmI>MsQ`DB~fdBIu#
gBm-o9s_s;0Hm<eI%5(kVGO@ez7QfNNc%@&T0XZuxO8@`>

literal 1287
zcmdM|0Vh{?Pd^1mcUJ{hKj)yxfDl&~1vgJ0SCE`8S7dlfj!$@4X{522X|hL9L6VV4
zX_B#5o{w>4g>$BXwx@?*Rid+DPLzwMp<jrrsi#Y}QE*s>e`v6iS8BLnAy<e;Sf-!5
zp-X69sA*V8Xi=1_Z&gUHg<-IplW&lRSCF@%S9xN%XQhvUX-Sw%PH0GupObU8S7}mq
zetDQjU?o?mk(YO9wnbS`c8)<<mQ%K0p08<;k*QazTV%OkPKrTlj+aNWyJ<kMyO&d_
zp{ut~h)H^~v0uJVcv!Y?R;VGDZ%B4}NKROZuZLHVr-xf*q+w8Ym}{6zicyYfkg-!_
zsJmZ9c($dRziW=Gw~<>>s+(VFWVV-Ylt+|dQdN{IS8}eUXHu4<w|}^$QDjw4eo|GW
zNl<oFWpHjzX{uXTZlqCxPq@3QakzU_Mry8KWr(p;Mxt?$S(u?yu8(0<1y^Kwen~*4
zQ&qB2dP!7xV5MJ3XoY{UQ&h5XhEY;@a=NdpS9zjAig&78Sb2~^Mr2?}PJv%evO#EA
zShlaBTQOHuc8*I}Zbe39a7lJ}u%%C^dxmF<aZsqgV?j|;u2(^lk(Xzbdx?*au~%NG
zM~+)mZjftOSWa<@VM<|2sGk>?Ux=G&sC$7yu%Tmlm|KdWe|Sn5*68yH%Z)THC<_gC
zG7HTuFb=Kq%k&TP%i#*ib~A~p@+=Pt4GIhL2r>*04XTO?^9xDNNy$seD+maV2r3NB
zO7Zv0@(Xg#@(K%caWhTH&Iw62&hSY#3Nz%2a&amP47DtZ3JY>i3H8g0tnvyDamk1b
z2{m;O%L_9}b&E1hb`8adK2YqX<R%+&Mdmm;dAe3ahUEF0CWX401!lQLMjHEtrBwNO
zhq`BEhvzwYg&Kq!`h{AU_~sQD26?!ZhPnkgCp%k)hGhkMa|Ibx6b2h*<cGNB6oh!>
z6h#{61cc;fcqLZ3RRkKjmM6J;d4%VBnTELp8Kk<JmIt|n7KIv^dM1No&oPH9+0`=H
zGt)3HIX5gL*(fwUEXOI)H?+VxEi^FQ&)G5CH^i;jGc?T0ue=~KFf7b7D9@=N%*`ny
zFv71iINLOgD>5r3B*fUu$lu+v!Y{(jJJ7%@BsJ93DcC5m$k(I5E6B~uBPg^YG||1p
z(Ay}iBsjOYEHb;qJH?}*ASyi2l*>8WFeoW3$S*9{)YQ*4r6|n9uOuid$|TVs-yk^4
z%P=@J#XYFXFEczm-yq5`(#X#x#njg^zr-ilAU)I|#fvK?E2A(f$IU+~D<wR{px87y
zEGQ(>z|b^2EV3*-BEu*&#H%DSE66`QE2lgxJjWwB+|4aCu*fi_FvmGLF*%aUBgfmx
zDa6Ii(>1_3vC^%;s9ZlHImb=gwbIczxgy^%Dlk06E5OjgG&3|?J3J-W$;D5<D#J6#
zB`7My-?%cID>pkmG)3Pes?^stqQp!;(KssCB(liQBdN?IGtJP#HNZ63qu9*Qr@}40
zFtRkw*|5y3)S@ImF*qZ@TieSiiz}j{II=3G&@#-`Ez&oz)HlW1GCMc4q$D%E!YDMU
fEI7?H#3VCP+cU{9&^IF2(UuEbkh%J~;4I?+zbc(W

diff --git a/secrets/pureintent-basic-auth.age b/secrets/pureintent-basic-auth.age
index b5fd172..771d78f 100644
--- a/secrets/pureintent-basic-auth.age
+++ b/secrets/pureintent-basic-auth.age
@@ -1,21 +1,15 @@
------BEGIN AGE ENCRYPTED FILE-----
-YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDk2SVhOUSBNYUVy
-RnVnNHVleXNnb2hLdW55SHllUDVuU1pITjVLUHkzT0lVNWhvb2hJCncySDFjTTNh
-VkFOclpxOGJ5SE5HVy84SHFEdkJ4U1JaSG5OamVqVUdjWGMKLT4gc3NoLWVkMjU1
-MTkgTlVtMHJRIHhJbndBd3FTdURHaDV1ODkwZFlKL214NUNSUTdiclA2VjJTbEFK
-VlRuZzgKYktTSU5QVnRLQmNLYnJqTVVUM3F6cjhZQ0U2Y3duR3UrUEZvRzlPckFw
-UQotPiBzc2gtZWQyNTUxOSBZc3h2bWcgYXpPUjBTRG0zdE5yRm9JUHpQTHl0elc0
-eURrVmFjRWlxVnR0L3Aza1h4TQpXOEN0TWxIMENSaVRud1BSSE9CNVN4bS84T2lM
-ZWR5VzJtb0k0YUgwMnpzCi0+IHNzaC1lZDI1NTE5IHVmY3pvUSBrTDFhVmN4aGFa
-UWNvVFBOMFVaSWY2eG1GVmxtN0l3ckdnSVI3TFVzVGhnClljTzZpR3BOVnlHT2tV
-d2M1TGdMWVpqUmUyVXZjNlo4MVkwZFpOWm9hTmsKLT4gc3NoLWVkMjU1MTkgdmc2
-YlBBIDRBdUx1Y0F2MDVTN0tEV1ZLNVhHd3gwSERHb2hKMjJ1b2lVbzNrd3ora1UK
-MUpLOTNKN0tVSVR6WWhTaTltWVRodVZjcWgzSk02RWIwMTZ2cmVWM3lUVQotPiB0
-fFktZ3JlYXNlIGhRLyAnIT4gYmxiSDYrbSAsajk8LgpzRXp1MDJIdC9sVXIxRDZl
-M3BFWDMwbUNCUnBicDZTazhxVlZvblhPUXAvMU5pTkUwbGNrd3NRVmNLalNxcXBD
-ClFPeG1oWTVLajFWVlloYXYyYmt1cFYvWWVjRWJqdlVaZi9DVFpDUFRHOXRWTGpD
-QwotLS0gc2VOdnBjcy9YVUh6ZStzT2hZU2dKMk9TSnRML3BLLzFDTFJSWk1CQlpz
-OApUJalZMCW4JZnrLX1pv7TsuI015x08HAjFqPwd12aSU9L8u+byB8Pg6PXTyq0C
-73efUrR6PGdyFkus+sXsGNAdq0t7KFZeoc8i+QLvBMO4dmqq6fEsMpDW7qTNdHLU
-xnXToA==
------END AGE ENCRYPTED FILE-----
+age-encryption.org/v1
+-> ssh-ed25519 96IXNQ itQhShx/o/E7ozne7cEp8vw2Buh1g2y2q035Db3La00
+ZXDKkeRSIqIMaxN/+qmFf8UXEBUIFcC+iAOI2rVSSVg
+-> ssh-ed25519 NUm0rQ 5CG7yFDB5UEZl4wm07ZDsQJRlzDWBLpAfsRZ39gB0xw
+YGUAoVszdiUslG63DI2Vm8NfkDzRa6bTAXLelirx+lE
+-> ssh-ed25519 Ysxvmg S/4/wl0npyOu4i5oqyiwYrDCyZALyzbFLKYXjnoSR1Y
+Cq7kC2ruGlS99TqI35vANPCM5VriQHyFNOXDIdqgq8U
+-> ssh-ed25519 ufczoQ 07LUiyx8VhDa6k/9NZN4zK+0YA/S+NcEfBGabLBkwgY
+581All66sccmMQjvyQPHnz48pflZo/ZQe+WlsXjixk4
+-> ssh-ed25519 vg6bPA 6x2XbWIIqeMdtVbJ3vfpNKjIpbfAytcjN3aydzlgY18
+LlrI/CBWeSvz0iVzAzlURSO881ebFv7V5D19hnkAItg
+-> ssh-ed25519 WpFZgg HCcCa6MKmpdu5iDy44usic2UBfqrdK06gjLriD20+zg
+z9U+zt5E/T98ipbXtwpx532pJp/g2s5rflLgdvxRrMg
+--- tPekxytCdLtMlyJNNXiSWZS67QD4ZAbnjzUaSRrHSgE
+7ÁäÌ°éçUUW84¸]VáÎ2F‡SµpJݪÛÜ
ZÉ<&îퟣ×$YùvË#Ä(ñ'0Ãõ령ȶ	|DÕ7öHÞ¬Çâ‡UaD7k.‚…‡Kæ*ÈùÂvi‰7	
\ No newline at end of file
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index 492145c..a4f0aea 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -6,7 +6,8 @@ let
   pureintent = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICkY5feaNt4elPqRQimB9h3OFxtFAzp98p1H+JezBv92 root@nixos";
   naivete = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBXQ4jgsoM0K+6oddNCerjVFDibQcv7JWwc5OsT8AkGa";
   infinitude = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBjxxIse4V0mC3qqhPdcVp1dp2R8fQr2AMcf/fd9vWcj";
-  systems = [ appreciate pureintent naivete infinitude ];
+  infinitude-nixos = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBF5YxbeuZhn20pxbmHmA8UU9sWTmvQ/lcKkfY9A+Snx";
+  systems = [ appreciate pureintent naivete infinitude infinitude-nixos ];
 in
 {
   "hedgedoc.env.age".publicKeys = users ++ systems;