ambroisie/nix-config
ambroisie/nix-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

secrets: move into 'modules'

Browse source
This commit is contained in:
Bruno BELANYI 2021-09-25 18:15:40 +02:00
parent c32be8ac02
commit 0b580b61e7
30 changed files with 1 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

49
modules/secrets/secrets.nix Normal file
View file

@ -0,0 +1,49 @@
let
# FIXME: read them from directories
ambroisie = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMIVd6Oh08iUNb1vTULbxGpevnh++wxsWW9wqhaDryIq ambroisie@agenix";
users = [ ambroisie ];
porthos = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICGzznQ3LSmBYHx6fXthgMDiTcU5i/Nvj020SbmhzAFb root@porthos";
machines = [ porthos ];
all = users ++ machines;
in
{
"acme/dns-key.age".publicKeys = all;
"backup/password.age".publicKeys = all;
"backup/credentials.age".publicKeys = all;
"drone/gitea.age".publicKeys = all;
"drone/secret.age".publicKeys = all;
"drone/ssh/private-key.age".publicKeys = all;
"lohr/secret.age".publicKeys = all;
"matrix/mail.age".publicKeys = all;
"matrix/secret.age".publicKeys = all;
"miniflux/credentials.age".publicKeys = all;
"monitoring/password.age".publicKeys = all;
"nextcloud/password.age".publicKeys = all;
"paperless/password.age".publicKeys = all;
"paperless/secret-key.age".publicKeys = all;
"podgrab/password.age".publicKeys = all;
"sso/auth-key.age".publicKeys = all;
"sso/ambroisie/password-hash.age".publicKeys = all;
"sso/ambroisie/totp-secret.age".publicKeys = all;
"transmission/credentials.age".publicKeys = all;
"users/ambroisie/hashed-password.age".publicKeys = all;
"users/root/hashed-password.age".publicKeys = all;
"wireguard/aramis/private-key.age".publicKeys = all;
"wireguard/porthos/private-key.age".publicKeys = all;
"wireguard/richelieu/private-key.age".publicKeys = all;
}