nixos-config/modules/secrets/secrets.nix

45 lines
1.8 KiB
Nix
Raw Normal View History

2022-01-17 21:56:41 +01:00
let
alarsyo = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH3rrF3VSWI4n4cpguvlmLAaU3uftuX4AVV/39S/8GO9 alarsyo@thinkpad";
2022-04-10 11:54:58 +02:00
users = [alarsyo];
2022-01-17 21:56:41 +01:00
boreal = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAagal1aqZh52wEmgsw7fkCzO41o4Cx+nV4wJGZuX1RP root@boreal";
2022-06-10 16:56:15 +02:00
hades = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMxw8CtKUPAiPdKDEnuS7UyRrZN5BkUwsy5UPVF8V+lt root@hades";
2024-03-03 01:56:35 +01:00
talos = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMBYcmL9HZJ9SqB9OJwQ0Nt6ZbvHZTS+fzM8A6D5MPZs root@talos";
2023-12-13 17:29:54 +01:00
thanatos = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID8JEAWk/8iSl8fN6/f76JkmVFwtyixTpLol4zSVsnVw root@thanatos";
2022-01-17 21:56:41 +01:00
2024-06-07 15:51:01 +02:00
machines = [boreal hades talos thanatos];
2022-01-17 21:56:41 +01:00
all = users ++ machines;
2022-04-10 11:54:58 +02:00
in {
2023-12-13 12:08:18 +01:00
"gandi/api-key.age".publicKeys = [alarsyo hades];
2022-03-11 17:10:44 +01:00
2024-11-20 11:01:35 +01:00
"gitlab-runner/thanatos-runner-env.age".publicKeys = [alarsyo thanatos];
2023-11-15 11:23:36 +01:00
"lohr/shared-secret.age".publicKeys = [alarsyo hades];
2022-03-11 17:26:54 +01:00
2022-06-12 20:17:08 +02:00
"matrix-synapse/secret-config.age".publicKeys = [alarsyo hades];
2022-03-11 17:42:16 +01:00
2023-12-05 13:59:21 +01:00
"microbin/secret-config.age".publicKeys = [alarsyo hades];
"miniflux/admin-credentials.age".publicKeys = [alarsyo hades];
2022-03-11 18:47:53 +01:00
2022-10-27 12:25:33 +02:00
"nextcloud/admin-pass.age".publicKeys = [alarsyo hades];
2024-07-03 21:08:56 +02:00
"ovh/credentials.age".publicKeys = [alarsyo hades];
2022-11-05 16:15:33 +01:00
"paperless/admin-password.age".publicKeys = [alarsyo hades];
"paperless/secret-key.age".publicKeys = [alarsyo hades];
2022-11-07 22:37:52 +01:00
"pleroma/pleroma-config.age".publicKeys = [alarsyo hades];
2022-04-10 11:54:58 +02:00
"restic-backup/boreal-password.age".publicKeys = [alarsyo boreal];
"restic-backup/boreal-credentials.age".publicKeys = [alarsyo boreal];
2022-06-12 15:33:59 +02:00
"restic-backup/hades-password.age".publicKeys = [alarsyo hades];
"restic-backup/hades-credentials.age".publicKeys = [alarsyo hades];
2024-03-05 05:07:46 +01:00
"restic-backup/talos-password.age".publicKeys = [alarsyo talos];
"restic-backup/talos-credentials.age".publicKeys = [alarsyo talos];
2023-12-13 17:29:54 +01:00
"users/root-hashed-password.age".publicKeys = machines ++ [alarsyo];
2022-04-10 11:54:58 +02:00
"users/alarsyo-hashed-password.age".publicKeys = machines ++ [alarsyo];
2022-01-17 21:56:41 +01:00
}