From 878759cb7740908613e20f09a5fa9ce36a4c0546 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 30 Aug 2021 14:17:18 +0200 Subject: [PATCH] secrets: add sso --- secrets/default.nix | 2 ++ secrets/sso/.gitattributes | 1 + secrets/sso/ambroisie/password-hash.txt | Bin 0 -> 83 bytes secrets/sso/ambroisie/totp-secret.txt | Bin 0 -> 75 bytes secrets/sso/auth-key.txt | Bin 0 -> 151 bytes secrets/sso/default.nix | 21 +++++++++++++++++++++ 6 files changed, 24 insertions(+) create mode 100644 secrets/sso/.gitattributes create mode 100644 secrets/sso/ambroisie/password-hash.txt create mode 100644 secrets/sso/ambroisie/totp-secret.txt create mode 100644 secrets/sso/auth-key.txt create mode 100644 secrets/sso/default.nix diff --git a/secrets/default.nix b/secrets/default.nix index d0c891c..5b6c94b 100644 --- a/secrets/default.nix +++ b/secrets/default.nix @@ -58,6 +58,8 @@ throwOnCanary { podgrab.password = fileContents ./podgrab/password.txt; + sso = import ./sso { inherit lib; }; + transmission.password = fileContents ./transmission/password.txt; users = { diff --git a/secrets/sso/.gitattributes b/secrets/sso/.gitattributes new file mode 100644 index 0000000..d4bba55 --- /dev/null +++ b/secrets/sso/.gitattributes @@ -0,0 +1 @@ +/default.nix filter diff diff --git a/secrets/sso/ambroisie/password-hash.txt b/secrets/sso/ambroisie/password-hash.txt new file mode 100644 index 0000000000000000000000000000000000000000..9b2c759b3116766d1b2f9ca81a6cf31c5e1dbb1b GIT binary patch literal 83 zcmV-Z0IdH2M@dveQdv+`0QO7Jb4IU#&fimU=1__SruRsHjtFV=&@?F9WZfM@*={LN!s_o-%^D|Q(u' | base32 | tr -d =` + totpSecret = fileContents (./. + "/${user}/totp-secret.txt"); + }); +in +{ + auth_key = fileContents ./auth-key.txt; + + users = lib.flip lib.genAttrs importUser [ + "ambroisie" + ]; + + groups = { + root = [ "ambroisie" ]; + }; +}