20 files changed, 44 insertions, 40 deletions
diff --git a/flake.nix b/flake.nix
index 870bccb..9c9b573 100644
--- a/flake.nix
+++ b/flake.nix
@@ -165,6 +165,7 @@
             system = "aarch64-darwin";
             config = ./machines/mbp-work.nix;
             adminUser = {
+              uid = 502;
               userinfo = {
                 email = "fcuny@roblox.com";
               };
diff --git a/machines/mbp-work.nix b/machines/mbp-work.nix
index 851444a..ba1c349 100644
--- a/machines/mbp-work.nix
+++ b/machines/mbp-work.nix
@@ -1,8 +1,10 @@
 { adminUser, pkgs, ... }:
 {
+  publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINXiA49xsrOJp7wOTYeX5+9o3gly8LyN6gvJoNVQmswv";
+
   age.secrets = {
     anthropic-api-key = {
-      file = ../secrets/users/fcuny/anthropic-api-key.age;
+      file = ../secrets/anthropic-api-key.age;
       owner = "${toString adminUser.uid}";
     };
   };
diff --git a/secrets/acme-cloudflare-env.age b/secrets/acme-cloudflare-env.age
index 7d538bc..2e5dcfa 100644
--- a/secrets/acme-cloudflare-env.age
+++ b/secrets/acme-cloudflare-env.age
diff --git a/secrets/anthropic-api-key.age b/secrets/anthropic-api-key.age
index 1f985b7..39a0fe5 100644
--- a/secrets/anthropic-api-key.age
+++ b/secrets/anthropic-api-key.age
@@ -1,7 +1,9 @@
 age-encryption.org/v1
--> ssh-ed25519 pFjJaA yI+KEvnDxw4YJOCs5rf3CF+rgYxAIukvnvJyi8Mgkig
-YVc6u5MQJscBYjeXGNgIf1Zlg5U/I7ipAqgvVmOEV6g
--> ssh-ed25519 E2Yu8Q PBIOCRrQeVxmWdZAuMB5f0FPCGKYvebHBS33vZ1hFHg
-xb9t9EDGIjhbgr/y76PYXHx28JQdjIv4V5a/TzBnSQQ
---- ttindQRKMzXBKuIY2aPx5HIuf73gk2q5jQNKb3MPyoo
-1^ÆªŠ(ý$ÚÜ „†Ûéê±qÇyvÃJž—{¢´/*uXç›Ã©¸ˆõs ’ci¬Á{Î¦+¿CP”3¡'joƒ¨?ÛóŸÜàl}Ï¿E¬@“eÁÊ~FÆùCyFh¹ŽN¯ö°¿Üý®•s¡¼Ém·yEŒ€S9q\%qæìü‰‹Ù4¿¹ˆ¿
-\ No newline at end of file
+-> ssh-ed25519 pFjJaA 8Skj3qrcc2KZt17bItRmGeP4zPAKTnCzJhhZjsaoP0Y
+eKAoCPjKCcE55OKTWPwhwaBAhWK7/cZBjR81LDyl9FM
+-> ssh-ed25519 E2Yu8Q 4nN4zbXKAgU8/TR0jwf5pCFP+X4k154rQjs9bncXf3k
+xgx3BSPPXh4kAAd/uBq0Z6K6o+KzwbxQ/aZOZAo0Lqg
+-> ssh-ed25519 GfuCww lvQBG1EPLmKW4NTwTlq62TLpGarlE2oNp4JoRseQyWE
+WTLDWV/CvBCwEJlg6h13PH14wjmn4pvqu7/e+zQSEsI
+--- 0QfeVYXgqSkVjHhTVxHenRRPLYHEpk4WjifVvtYEv8s
+~-,Ë„}FW—ðËf"$lQ_mŸ‘–¨¢‹N÷º»gŒR…Ã§ûÊ®Vø®U‘Ã•dCQY^®TOúÂÛ(¸a5÷çç€©í“E$6a”ã×\U5ní?·¼Û"Kýµ½xÇa¨{TFŸÎæa£yáˆñ\û˜9ócJÔVšñ&‡
+\ No newline at end of file
diff --git a/secrets/argonath/wireguard.age b/secrets/argonath/wireguard.age
index 411dde8..79af726 100644
--- a/secrets/argonath/wireguard.age
+++ b/secrets/argonath/wireguard.age
@@ -1,8 +1,7 @@
 age-encryption.org/v1
--> ssh-ed25519 pFjJaA jTj3ZKHLQHw+FJRfwgSXu5UAuFYlfCYuvjHNDd1zijM
-nv6qjkfZ8pUgOgHgcRBkFj9eO/+CoGRWc7LBq/uVrz0
--> ssh-ed25519 nr90TQ AmQo/dxzxU6VEsxOE7CPabP6qOL9wVYb58syOE7o0hY
-DjHyyY/Y7iXpRuQg6F+f401ZQui8xJSNBI9zaJHWYvk
---- ZBhDN/qYGj4RI4qvHntAgIJkXTmqa/VZ8TxJ0xWoeME
-Ÿ’
-“P‡ûRà}1‚Gèh¨
-È)âùó¨ä4³Ðha'¢ñºa@Hît]b1zDWD;†Â$[ÒMZ·àî_+Ç 0ñ
-\ No newline at end of file
+-> ssh-ed25519 pFjJaA tNJKjiFOD98N7uh93bInyrvb7RfIWnEdmecxCPU5IzU
+9GJdZAfxEp1mOZVPkbwJf5TABT8y/A9ZCWGguqPAUas
+-> ssh-ed25519 nr90TQ xUZJdmWUZzYIHnQYT0tzzX2SPwetlEhChQxUnCEFhlY
+l3QWfF3yOqg+rZse3Y+r7XcISIrAHXdKglJs697AxOA
+--- AB1v62emxDLanalfZQIjCmkMaEhpaYdme3Wp0tR2R48
+”Ž¿¡—^+Vù±ÊõÄbDµöU•jM—lÂÐb÷¦¦:]1¶iA|€.úÀ|âDlŽp[|Ì]žL¬Àì&Š5IwKWn´ÁtWé
+\ No newline at end of file
diff --git a/secrets/authelia-jwks.age b/secrets/authelia-jwks.age
index cd10015..ed3d63f 100644
--- a/secrets/authelia-jwks.age
+++ b/secrets/authelia-jwks.age
diff --git a/secrets/authelia-jwt-key.age b/secrets/authelia-jwt-key.age
index d7a5570..c01728e 100644
--- a/secrets/authelia-jwt-key.age
+++ b/secrets/authelia-jwt-key.age
diff --git a/secrets/authelia-storage-key.age b/secrets/authelia-storage-key.age
index e4d38dd..0e10a44 100644
--- a/secrets/authelia-storage-key.age
+++ b/secrets/authelia-storage-key.age
diff --git a/secrets/authelia-users.yaml.age b/secrets/authelia-users.yaml.age
index 9bc44eb..44c4068 100644
--- a/secrets/authelia-users.yaml.age
+++ b/secrets/authelia-users.yaml.age
diff --git a/secrets/bree/disk-passphrase.age b/secrets/bree/disk-passphrase.age
index 95c3c40..73e2a83 100644
--- a/secrets/bree/disk-passphrase.age
+++ b/secrets/bree/disk-passphrase.age
@@ -1,7 +1,7 @@
 age-encryption.org/v1
--> ssh-ed25519 pFjJaA amjhPadNRYlNHV8VnR2l/p31tUXDeAeeq0wdOLfa61w
-a8ja6ZNQecw/32i4REXdjEn7VxD74PXfjbPYMq0q6XI
--> ssh-ed25519 OxmK1A 1kpfibZx+8BnID8GcKYrRdB0D0hZSNxmzS7SEIutSn8
-xh5UvhD6nxoKZn1iq7CCZKRIUpnfnccGsZmkfw3EYlc
---- ltJag28NYz/qET0O3UdDLrn8Uw1XNzK/yKlGyWGngnA
-V<ã×O©/(ÁgFpÞ#Ø>¡s¶ÝH»]©bMÞ9X!I^	—M¿	Òb3ÚêÀwA
-\ No newline at end of file
+-> ssh-ed25519 pFjJaA s1itPwCGv6ebSeHbeyFFaTNwt4jEaihydXbGVuKyVBM
+8HtR/jdB1SnFw5LFCehe4Kx3l5iWm7NLu2xNNWrFDFM
+-> ssh-ed25519 OxmK1A JzN5jYlebpS1J5UnaJZ18/8sXr4HR29e6tE9SoSDSHg
+pbohY7JOqHlJjAH+2feqinWRXBdNx3ZGPWPwqudqoOc
+--- 5qWAgW462AERMOQJ1f7dHs1ELJ8yDO1T9RWgcQAl0i8
+5/þ£Ío`MìèÒ)÷f·çœ«”D+|xp·aMsäUN“oy¥À¥<Cb†v\
+\ No newline at end of file
diff --git a/secrets/bree/disk-unlock-key.age b/secrets/bree/disk-unlock-key.age
index a67976f..ea770cc 100644
--- a/secrets/bree/disk-unlock-key.age
+++ b/secrets/bree/disk-unlock-key.age
diff --git a/secrets/bree/wireguard.age b/secrets/bree/wireguard.age
index 33ff5fe..9df040f 100644
--- a/secrets/bree/wireguard.age
+++ b/secrets/bree/wireguard.age
@@ -1,9 +1,7 @@
 age-encryption.org/v1
--> ssh-ed25519 pFjJaA y5EPSfL02alDpNQhDF7cC4hEfqw8nlC6lt9A4dw+Xyc
-Kkz1lBQ0x5esAz7lzE8TRKwB7MBZIkDfzYQ9aOA/ctU
--> ssh-ed25519 OxmK1A 8GV691zYXFVjzYSkb/uvDAKXHHiDQVBiACF0eVc3an4
-vPp5DwhbcdrcpjUQWYMr/HObpihC8yAT5rC7JkalIN0
---- O4riBfvot65rkI4y8t1tzCyw7g5kAwsD4F6AsrMKuCw
-,Ë€
-z½	c‚wì4²å Kü›b³´P“wø"É1W%Û*“èX÷oÁ–EV±c´
-8HÊçð²S³FÿBT»û½û/ß@œ‹&æ‚
-\ No newline at end of file
+-> ssh-ed25519 pFjJaA EPFjfZt74gpQ/E0ZWU6jmuZhndvSgyPeZA3Vp+OVqF0
+JXCki3RUEYd2fgxwEceqv1uvPmmLY8t17eyBTR0JVhw
+-> ssh-ed25519 OxmK1A KCJKQdL+bZ8pRv4XPLIHBLdwrqGUO+P8OiGt0XY9zj0
+1H7aN/K5EllSxR7k6iPEpbOHo34hwL5KTat7jZf5Fjw
+--- vt/G584yfGDEo/R29g7NEwWFgINWICoHTh5mFJh1AQQ
+,¦aæš%Ô<2ÀÿÊ2Ä§ÛÝåÜcŠãÿ‡º^ü.ÿ…H¿ØÞŒö§Ãl²Ï
+èQÅ4î=µUû@õôñõâ]ó³\
+\ No newline at end of file
diff --git a/secrets/grafana-oidc.age b/secrets/grafana-oidc.age
index 3f96b88..f772e3e 100644
--- a/secrets/grafana-oidc.age
+++ b/secrets/grafana-oidc.age
@@ -1,7 +1,7 @@
 age-encryption.org/v1
--> ssh-ed25519 pFjJaA HdsOVYuL1Wrr551YuIUYMEhd0KA/SJEYvyIlsW6wbQw
-hbQVHyLr23NMuHR+l0fgMS/1wHPK39aQayb8QNK7xe0
--> ssh-ed25519 Y5h84Q ADIdN9tU4YwPoLPDcUZ4Z1zprmI1ykkXogQg1EgtxVY
-ThkxeGFVVpRJQSTQddClQwbJSxeY3jl+4M4O8vadBo8
---- rNXcnjt5DbSSgiiPcNBlKeGhArFVff5aCtGm78z1sUo
-˜ñT*‰üL2nIð°ÎpäcîóþHXËáÆ§ÝBW¾bÉ±u·ßG‰¤àÛývõEþî9ÓÌNì¼Ñ»‹}gçÒeí¤$ðhÍì7=1»ñ‡L<UÛƒ:”É
-\ No newline at end of file
+-> ssh-ed25519 pFjJaA GcXonO1ixLZ3Gf8BlmiBSVf3DuRgkV/PO64PXai4txo
+kbb6Gw6iWmH2+5XWCN7eD/2QqAoY/MO1m01eBagcEvY
+-> ssh-ed25519 Y5h84Q nDuHOmXxknUScmz+uFrLrGMAM2hd8mYMo5w54f3Ktxc
+xUE3VqqeEU0w8ddiVyZmUim4qoXV3guHHXckAC8vYHI
+--- I1grEVApq5Ej/7KEsPBxjdrPr4o93byLPZ3Pm50BSLc
+¡›Þ%KþØà”kb{PN›—â'-‚(ÐéÄ ÏÞ;F ü‘ÕˆÞe!z’Àî’Opë$3Õ±\,ç’ªlôgbxè9¤¥µ7©Ñ§Ö Kk@Y~„žêE–O¯
+\ No newline at end of file
diff --git a/secrets/miniflux-oidc.age b/secrets/miniflux-oidc.age
index 77dc7fc..ca6536b 100644
--- a/secrets/miniflux-oidc.age
+++ b/secrets/miniflux-oidc.age
diff --git a/secrets/restic-nas-smb-config.age b/secrets/restic-nas-smb-config.age
index acb515a..68e7f1f 100644
--- a/secrets/restic-nas-smb-config.age
+++ b/secrets/restic-nas-smb-config.age
diff --git a/secrets/restic-pw.age b/secrets/restic-pw.age
index 3c6e3d6..9df927c 100644
--- a/secrets/restic-pw.age
+++ b/secrets/restic-pw.age
@@ -1,7 +1,7 @@
 age-encryption.org/v1
--> ssh-ed25519 pFjJaA BDxbdGKOHMfWwakq8+CYHWvVSIMXOcgDqri1RQrjyxc
-dtNirwH4Sds82/iysIgOQf7sjbkTI4yc08VfKTxIsG4
--> ssh-ed25519 Y5h84Q nzkqXhFSH2cH9VRubGuEJyOA6F+614F8jHhuK8twNXY
-1b88Yeku4ref6kq8UvRokofXf6OyMzQFeSAsKQYdeNI
---- d6YVTAvCyB9p/wbcQkSNSF92QsTFVnQTRZUgkbFBF60
-sjéÒ£@8Q‹Ôt–O)pMÒ~Yÿ]Ú§×™çßá)&6˜ð[¼‰ØÊèAd6X=é+È
-\ No newline at end of file
+-> ssh-ed25519 pFjJaA H5rmASwPmkhh63zNJNyOu7Vj1FaJ7ECcB4dczQZ02Xo
+Sc/riyDuwHgDQpkDqQCTzkzJMBIJ7iI1Tz3/ncD5vME
+-> ssh-ed25519 Y5h84Q 5a4rEeWsAIO7g0WVv4Ah2zw3P7rCVhevLQgem4qHh0A
+WcW/hiLYqCLo2mCupzaTGgWnhercxOUxd9LTjJZ85Y0
+--- 65l7IAQWOAcUrnuIATlP5QgklZQCg/7XkMdhv6PuF+A
+øÃ³GqP«m°·DSBû¡>x?%¢r%Ì ]Ì„XalL#"£x5h+ì)6·Â›.íè
+\ No newline at end of file
diff --git a/secrets/rivendell/wireguard.age b/secrets/rivendell/wireguard.age
index 2612e9e..2fc550a 100644
--- a/secrets/rivendell/wireguard.age
+++ b/secrets/rivendell/wireguard.age
diff --git a/secrets/rsync-ssh-nas.age b/secrets/rsync-ssh-nas.age
index cb798c2..beed671 100644
--- a/secrets/rsync-ssh-nas.age
+++ b/secrets/rsync-ssh-nas.age
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index 78d2b0a..a677a03 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -2,6 +2,7 @@ let
   hosts = {
     bree = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFM4wZaYwz8kuu6lNrdrN6QOyouGQ0v1ye+Iwh1jawNi";
     mba = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDLQTIPZraE+jpMqGkh8yUhNFzRJbMarX5Mky3nETw6c";
+    mbp = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINXiA49xsrOJp7wOTYeX5+9o3gly8LyN6gvJoNVQmswv";
     rivendell = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID76U5kt8DfBbuP16rMzfBTVTpjjPFKWnnheMALaCQEd";
     argonath = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHi9jHqRjpMzXlznTXi4nEtlRlFfyIzB6Ur9A+HDfFoq";
   };
@@ -101,5 +102,6 @@ in
   "anthropic-api-key.age".publicKeys = [
     users.fcuny
     hosts.mba
+    hosts.mbp
   ];
 }
diff --git a/secrets/ssh-remote-builder.age b/secrets/ssh-remote-builder.age
index 0c8b5b3..f0d2c0e 100644
--- a/secrets/ssh-remote-builder.age
+++ b/secrets/ssh-remote-builder.age