diff --git a/hosts/hades/secrets.nix b/hosts/hades/secrets.nix index 23b2cdb..55ec422 100644 --- a/hosts/hades/secrets.nix +++ b/hosts/hades/secrets.nix @@ -13,8 +13,6 @@ // attrs; in lib.mapAttrs toSecret { - "gandi/api-key" = {}; - "lohr/shared-secret" = {}; "matrix-synapse/secret-config" = { @@ -29,6 +27,8 @@ owner = "nextcloud"; }; + "ovh/credentials" = {}; + "paperless/admin-password" = {}; "paperless/secret-key" = {}; diff --git a/modules/secrets/ovh/credentials.age b/modules/secrets/ovh/credentials.age new file mode 100644 index 0000000..ab487ae --- /dev/null +++ b/modules/secrets/ovh/credentials.age @@ -0,0 +1,7 @@ +age-encryption.org/v1 +-> ssh-ed25519 k2gHjw XED7gkKAp1ioBegA7ryqULRF1BORpW74esfIGp9zPE8 +ANxnQN+tox9KYdZvNZFZvQxOymckldPQMhFnz6fSIBo +-> ssh-ed25519 pX8y2g 9wgPqL6GoOxad5AAUmDAYj0h/57AEM8VsQKq1pGTtjM +SxD++XJioZLpt6C8Xse5Nmz4wtL0Fb5NKWo5ijKpyv8 +--- 3qOJnkY3Uc4fIex9mgz2+w+su5dS7K7Tmtk1hiqkn9M +XeaLQ H2*ZT P;(jC̀k viħk`]mB ,,?!{%e(Su-SD=H#q=U;=O G+_oP]RL$ֳ\0N!"&%N<,v1ʑj1 \ No newline at end of file diff --git a/modules/secrets/secrets.nix b/modules/secrets/secrets.nix index 34dc294..40ca77c 100644 --- a/modules/secrets/secrets.nix +++ b/modules/secrets/secrets.nix @@ -23,6 +23,8 @@ in { "nextcloud/admin-pass.age".publicKeys = [alarsyo hades]; + "ovh/credentials.age".publicKeys = [alarsyo hades]; + "paperless/admin-password.age".publicKeys = [alarsyo hades]; "paperless/secret-key.age".publicKeys = [alarsyo hades]; diff --git a/services/nginx.nix b/services/nginx.nix index 6781549..e17c29b 100644 --- a/services/nginx.nix +++ b/services/nginx.nix @@ -66,8 +66,8 @@ in { gandiKey = config.my.secrets.gandiKey; in { "${fqdn}" = { - dnsProvider = "gandiv5"; - credentialsFile = config.age.secrets."gandi/api-key".path; + dnsProvider = "ovh"; + credentialsFile = config.age.secrets."ovh/credentials".path; group = "nginx"; }; };