Update Makefile and user shell***

***Encrypt secrets.yaml file***
***Update shell for administrator user***
***Update SSH host keys

Makefile

@@ -61,17 +61,30 @@ get_age_public_key:
 #
 ############################################################################
 
-.PHONY: ask-path secrets
-
-ask-path:
-	@echo "Enter the path to the secrets.yaml file: "
-	@read SECRETS_PATH; \
-	echo "You entered: $$SECRETS_PATH"
+.PHONY: secrets
 
 secrets:
-	ask-path
-	@echo "Creating secrets..."
-	@nix --experimental-features 'nix-command flakes' run nixpkgs#sops secrets.yaml > $(SECRETS_PATH)
+	@echo "Enter the path where the encrypted secrets.yaml file will be saved: "
+	@read SECRETS_PATH; \
+	if [ "$${SECRETS_PATH:0:1}" != "/" ]; then \
+		SECRETS_PATH="$(CURDIR)/$$SECRETS_PATH"; \
+	fi; \
+	DIR_PATH=$$(dirname $$SECRETS_PATH); \
+	if [ ! -d "$$DIR_PATH" ]; then \
+		echo "The directory $$DIR_PATH does not exist. Do you want to create it? [y/N]:"; \
+		read CONFIRM; \
+		if [ "$$CONFIRM" != "y" ] && [ "$$CONFIRM" != "Y" ]; then \
+			echo "Exiting. Directory not created."; \
+			exit 1; \
+		fi; \
+		mkdir -p $$DIR_PATH; \
+		echo "Directory $$DIR_PATH created."; \
+	fi; \
+	echo "The encrypted secrets.yaml will be created at: $$SECRETS_PATH"; \
+	cd $$SECRETS_PATH
+	echo "Creating and encrypting secrets.yaml..."; \
+	nix --experimental-features 'nix-command flakes' run nixpkgs#sops secrets.yaml \
+	echo "Encrypted secrets.yaml created at: $$SECRETS_PATH"
 
 
 ############################################################################

hosts/common/secrets.yaml

@@ -0,0 +1,39 @@
+administrator-password: ENC[AES256_GCM,data:0p7PnnzcYX4O8lQ=,iv:fi0yBT7L8d/W4jKPoyLzvZEmhHUAJ9fPhfkfwRuSDcI=,tag:e8hMJIyKfWJenhmalq7yPg==,type:str]
+sops:
+    kms: []
+    gcp_kms: []
+    azure_kv: []
+    hc_vault: []
+    age:
+        - recipient: age1t8mqf0rjwrwg23v9q5rstdhxdvq0la58tue6sq3d44jev5dgfqjscnryge
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAySGJQS281OVlDU2daYUN4
+            UFBpcjNpdENXZlc1Y3U3TTV5cDViQlVQSzJFClZOdGF4K2ZXcVJpQ3VjL242czNr
+            dWZTUTU4emE5dXRjWWtwSndyVE1PcjAKLS0tIFMrdzhoT2ZtL0ZDMFdlR0VvSFZM
+            WVdJUE15V2o0MmQ0R0w3c0R6WEFiTjQKFZdD4K7GkVYvm0sGFlQhQIka1kq+9NdS
+            VhKWaDwwlE35O4nFwDMr/wqAsG2yaViQFhFH08nbTJglUHnuVuJYyQ==
+            -----END AGE ENCRYPTED FILE-----
+        - recipient: age1z579g6gth8cxtqvha7ms98mpshy5n5hssc637jeqaan78rf0mppq4u93cv
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKdVRkeXpUNnlCcXlDQlp2
+            TTFnenFRbEZjMVA5ajRFbkl5MC9JL3pnS0JNCngzbWRQY051ZnFJL2pCTEpVNmgy
+            UnFDcTZ4d2NKSnZFTmI1dE9UUllrYU0KLS0tIE04WUlvRjFzcVY4cDhkSU8vUHAr
+            bmZOc2RaMkVQdUliRTRVTjM4dXRSMWsKDJDy4PGp/OjCyp+hgSRm7x42ZxsCEDFO
+            y4JI9mOEwjfA5lg6dkyUvLEnGi3uwNBd5NKGDFVstDOjjcti77uA+w==
+            -----END AGE ENCRYPTED FILE-----
+        - recipient: age1t8mqf0rjwrwg23v9q5rstdhxdvq0la58tue6sq3d44jev5dgfqjscnryge
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkdU55eTBpeHdFTnJNaVVH
+            ZFMxa1hoN0I2S0pwT0dYcFl0MHhUaEZvekhFCmlEUHZOcFJZVDFhSnJuaEgvNW56
+            RFc0UFM2bFgrMmRjMThoemRTNHlYSDQKLS0tIEU0Nlp5K200dHpSRWRrS09JZVR4
+            RW9mTStkTGdvTnh3dWZoYkZyMGFJT2cKGhX2E9JI3fTK940S2vvnhsJ77+xn+wzQ
+            YR354bHkIwIxl/yzgRxt02oVDFudyo/ruZ77oh9wHpn+ISv2FQ7A8g==
+            -----END AGE ENCRYPTED FILE-----
+    lastmodified: "2024-02-26T17:08:57Z"
+    mac: ENC[AES256_GCM,data:OJ/L4DPHCCWhqKhZ5O9rSmiycStJJj6Y7o1KJlz/fplBbweJ2Jnvz/jpPNJGbSBTjZj521vpF5qYYNu3gADImSUiecpbFSmJf/4MeCuUTf9SOC5gnSpVb/1RXFkpmXZoEAZk3FFZlyU3MrIb5dDQBL9fkUFnhtfyjwGUn1qqXIg=,iv:KvC0qHFWx34eNEFvBR1bkTOP0Mq4mxtxDW5kgmh6wHs=,tag:M/+mmR2yngxK5dfzY8TCvw==,type:str]
+    pgp: []
+    unencrypted_suffix: _unencrypted
+    version: 3.8.1

hosts/common/users/administrator/default.nix

@@ -11,7 +11,7 @@ in
   # users.mutableUsers = false;
   users.users.administrator = {
     isNormalUser = true;
-    shell = "${pkgs.zsh}/bin/bash";
+    shell = "${pkgs.zsh}/bin/zsh";
     extraGroups = [
       "wheel"
       "video"

hosts/frametop/ssh_host_rsa_key.pub

@@ -1 +1 @@
-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDZMsEfq2O3vLzvAqsL1BTmL9bOfmwMfBU/rkJy8JxbtELE+sRLrEgSfoOFt5Zc9LHIqKoFo4qjtjXTA6u45rDWbBg3mCfDCCU5kNrTwqi8acXxqNp61SgaTlzopPGp24L0MyCYvDxDa8YNsBxWjFXYuginwhDQ4Y+a2tiR8OdM2BTOtYzY7rd2qMKVasUjgXeBfVxojiWEqCvio02SJ3myLCSe+KA6vYoVepccKGgebX5pXOMH0SecHLd6CMrH0pZkDU0se95aV2bFdKQgX9sAeg4E2p+4Hwq3SAkhWjGqAmJH/meSB5PrWD+OpGA8zwU4t+PXI7NfKAnqAg5cfHeZ9xmV3KPa6+5dJ+JckHzU6ABqdnRPSuaae3oJny2khsnCit0dS6zv5Gvhuc+rT1j2if/gZuDPsbKf8087ZcmoOojmzDS69U16yEONA9WhaXecKX2xRRBKtOiilOSAruG1BZRORPV55KPQ92LjmrEPB9bz02HzznZTMw9SAGB6xlc= administrator@woody
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDZMsEfq2O3vLzvAqsL1BTmL9bOfmwMfBU/rkJy8JxbtELE+sRLrEgSfoOFt5Zc9LHIqKoFo4qjtjXTA6u45rDWbBg3mCfDCCU5kNrTwqi8acXxqNp61SgaTlzopPGp24L0MyCYvDxDa8YNsBxWjFXYuginwhDQ4Y+a2tiR8OdM2BTOtYzY7rd2qMKVasUjgXeBfVxojiWEqCvio02SJ3myLCSe+KA6vYoVepccKGgebX5pXOMH0SecHLd6CMrH0pZkDU0se95aV2bFdKQgX9sAeg4E2p+4Hwq3SAkhWjGqAmJH/meSB5PrWD+OpGA8zwU4t+PXI7NfKAnqAg5cfHeZ9xmV3KPa6+5dJ+JckHzU6ABqdnRPSuaae3oJny2khsnCit0dS6zv5Gvhuc+rT1j2if/gZuDPsbKf8087ZcmoOojmzDS69U16yEONA9WhaXecKX2xRRBKtOiilOSAruG1BZRORPV55KPQ92LjmrEPB9bz02HzznZTMw9SAGB6xlc= administrator@frametop

hosts/woody/ssh_host_ed25519_key.pub

@@ -1 +1 @@
-ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF+GFRs3psesCwnY5kLAmtRKRbUXrTUcOUNsdaCTuLyW administrator@frametop
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF+GFRs3psesCwnY5kLAmtRKRbUXrTUcOUNsdaCTuLyW administrator@woody