#!/usr/bin/env -S nix shell nixpkgs#ssh-to-age -c bash # shellcheck shell=bash set -o errexit set -o nounset set -o pipefail if [[ "$#" -ne 2 ]]; then echo "Usage: $0

" exit 1 fi host="$1" age_key=$(ssh-to-age < "./hosts/$host/secrets/ssh_host_ed25519_key.pub") find . -type f -name "sops.yaml" | while IFS= read -r sops_file; do sed -i "/ - &$host $age_key/d" "$sops_file" sed -i "/ - \*$host/d" "$sops_file" done sed -i "/$host/d" ./hosts/common/configs/system/ssh/default.nix sed -i "/$host/d" ./hosts/common/configs/user/console/ssh/default.nix "$(dirname "$0")/update-keys.sh" "$2" rm -rf "./hosts/$host" echo "Host $host has been successfully removed." echo "Please remove SSH key pairs for any users that used to connect to this host."