2023-04-13 18:48:37 +02:00
|
|
|
# Host-specific secrets
|
|
|
|
let
|
|
|
|
keys = import ../../../../keys;
|
|
|
|
|
|
|
|
all = [
|
|
|
|
# Host key
|
|
|
|
keys.hosts.porthos
|
|
|
|
# Allow me to modify the secrets anywhere
|
|
|
|
keys.users.ambroisie
|
|
|
|
];
|
|
|
|
in
|
|
|
|
{
|
2023-04-13 18:48:37 +02:00
|
|
|
"acme/dns-key.age".publicKeys = all;
|
|
|
|
|
2024-01-30 13:37:26 +01:00
|
|
|
"aria/rpc-token.age".publicKeys = all;
|
|
|
|
|
2023-04-13 18:48:37 +02:00
|
|
|
"backup/password.age".publicKeys = all;
|
|
|
|
"backup/credentials.age".publicKeys = all;
|
|
|
|
|
|
|
|
"drone/gitea.age".publicKeys = all;
|
|
|
|
"drone/secret.age".publicKeys = all;
|
|
|
|
"drone/ssh/private-key.age".publicKeys = all;
|
|
|
|
|
|
|
|
"gitea/mail-password.age" = {
|
|
|
|
owner = "git";
|
|
|
|
publicKeys = all;
|
|
|
|
};
|
|
|
|
|
|
|
|
"lohr/secret.age".publicKeys = all;
|
|
|
|
"lohr/ssh-key.age".publicKeys = all;
|
|
|
|
|
|
|
|
"matrix/mail.age" = {
|
|
|
|
owner = "matrix-synapse";
|
|
|
|
publicKeys = all;
|
|
|
|
};
|
|
|
|
"matrix/secret.age" = {
|
|
|
|
owner = "matrix-synapse";
|
|
|
|
publicKeys = all;
|
|
|
|
};
|
2023-09-28 17:53:46 +02:00
|
|
|
"matrix/sliding-sync-secret.age" = {
|
|
|
|
publicKeys = all;
|
|
|
|
};
|
2023-04-13 18:48:37 +02:00
|
|
|
|
|
|
|
"miniflux/credentials.age".publicKeys = all;
|
|
|
|
|
|
|
|
"monitoring/password.age" = {
|
|
|
|
owner = "grafana";
|
|
|
|
publicKeys = all;
|
|
|
|
};
|
2023-07-17 12:57:41 +02:00
|
|
|
"monitoring/secret-key.age" = {
|
|
|
|
owner = "grafana";
|
|
|
|
publicKeys = all;
|
|
|
|
};
|
2023-04-13 18:48:37 +02:00
|
|
|
|
|
|
|
"nextcloud/password.age" = {
|
|
|
|
owner = "nextcloud";
|
|
|
|
publicKeys = all;
|
|
|
|
};
|
|
|
|
|
2023-08-19 12:36:05 +02:00
|
|
|
"nix-cache/cache-key.age".publicKeys = all;
|
2023-04-19 22:41:39 +02:00
|
|
|
|
2023-04-13 18:48:37 +02:00
|
|
|
"paperless/password.age".publicKeys = all;
|
|
|
|
"paperless/secret-key.age".publicKeys = all;
|
|
|
|
|
|
|
|
"podgrab/password.age".publicKeys = all;
|
|
|
|
|
|
|
|
"sso/auth-key.age".publicKeys = all;
|
|
|
|
"sso/ambroisie/password-hash.age".publicKeys = all;
|
|
|
|
"sso/ambroisie/totp-secret.age".publicKeys = all;
|
|
|
|
|
2022-09-24 21:53:22 +02:00
|
|
|
"tandoor-recipes/secret-key.age".publicKeys = all;
|
|
|
|
|
2023-04-13 18:48:37 +02:00
|
|
|
"transmission/credentials.age".publicKeys = all;
|
|
|
|
|
2023-05-13 21:17:13 +02:00
|
|
|
"vikunja/mail.age".publicKeys = all;
|
|
|
|
|
2023-04-16 20:43:39 +02:00
|
|
|
"wireguard/private-key.age".publicKeys = all;
|
|
|
|
|
2023-04-13 18:48:37 +02:00
|
|
|
"woodpecker/gitea.age".publicKeys = all;
|
|
|
|
"woodpecker/secret.age".publicKeys = all;
|
|
|
|
"woodpecker/ssh/private-key.age".publicKeys = all;
|
2023-04-13 18:48:37 +02:00
|
|
|
}
|