From eab8a279a1fee9f00161ac4acb2146172feed8f1 Mon Sep 17 00:00:00 2001
From: Antoine Martin <antoine@alarsyo.net>
Date: Sun, 12 Jun 2022 17:59:41 +0200
Subject: [PATCH] hosts: move miniflux from poseidon to hades

---
 hosts/hades/default.nix                       |   6 +++++
 hosts/hades/secrets.nix                       |   4 ++++
 hosts/poseidon/default.nix                    |   6 -----
 hosts/poseidon/secrets.nix                    |   2 --
 modules/secrets/gandi/api-key.age             |  21 +++++++++---------
 .../secrets/miniflux/admin-credentials.age    | Bin 597 -> 558 bytes
 modules/secrets/secrets.nix                   |   4 ++--
 7 files changed, 23 insertions(+), 20 deletions(-)
diff --git a/hosts/hades/default.nix b/hosts/hades/default.nix
index cb47d27..4fd34ee 100644
--- a/hosts/hades/default.nix
+++ b/hosts/hades/default.nix
@@ -57,6 +57,12 @@ in {
   my.services = {
     fail2ban.enable = true;
 
+    miniflux = {
+      enable = true;
+      adminCredentialsFile = config.age.secrets."miniflux/admin-credentials".path;
+      privatePort = 8080;
+    };
+
     restic-backup = {
       enable = true;
       repo = "b2:hades-backup-alarsyo";
diff --git a/hosts/hades/secrets.nix b/hosts/hades/secrets.nix
index f562d22..656fb2e 100644
--- a/hosts/hades/secrets.nix
+++ b/hosts/hades/secrets.nix
@@ -13,6 +13,10 @@
         // attrs;
     in
       lib.mapAttrs toSecret {
+        "gandi/api-key" = {};
+
+        "miniflux/admin-credentials" = {};
+
         "restic-backup/hades-credentials" = {};
         "restic-backup/hades-password" = {};
 
diff --git a/hosts/poseidon/default.nix b/hosts/poseidon/default.nix
index 7c3bd67..b05967f 100644
--- a/hosts/poseidon/default.nix
+++ b/hosts/poseidon/default.nix
@@ -96,12 +96,6 @@ in {
       port = 8083;
     };
 
-    miniflux = {
-      enable = true;
-      adminCredentialsFile = config.age.secrets."miniflux/admin-credentials".path;
-      privatePort = 8080;
-    };
-
     matrix = {
       enable = true;
       secretConfigFile = config.age.secrets."matrix-synapse/secret-config".path;
diff --git a/hosts/poseidon/secrets.nix b/hosts/poseidon/secrets.nix
index 66f6673..719d569 100644
--- a/hosts/poseidon/secrets.nix
+++ b/hosts/poseidon/secrets.nix
@@ -21,8 +21,6 @@
           owner = "matrix-synapse";
         };
 
-        "miniflux/admin-credentials" = {};
-
         "nextcloud/admin-pass" = {
           owner = "nextcloud";
         };
diff --git a/modules/secrets/gandi/api-key.age b/modules/secrets/gandi/api-key.age
index 2c80cf9..9a2e915 100644
--- a/modules/secrets/gandi/api-key.age
+++ b/modules/secrets/gandi/api-key.age
@@ -1,11 +1,12 @@
 age-encryption.org/v1
--> ssh-ed25519 k2gHjw cPZECs2fo+sOznfaXiZjieBB6nwe4D7s5shh6YE/VWY
-Oi/B1v/9NkPORSllIxrFltkXVFUwFZcgJlcxUdGWjT0
--> ssh-ed25519 z6Eu8Q G3/FgigyszNLmNCXiAxeWgsALohxZ+ZLLvhRg38CBxk
-Z/OiV82zpOJhewVWvJSZUOCNzixFHvWl53cT/MIcZjo
--> -%^%:-grease
-CkySRq28PocmIYUy7teSU9JkV8/tq/JIR83vFkuRSIYascFHgQrUhEbjy05uLMAe
-Sw
---- LvigUOnTKMr+/oIUFVCWXM59d0Q9qePiZ1zqm8s/4lI
-¡ø·ëuœß>ŠÜ­‚¸Èƒ¦u€ÜIé—úÍœjX§„åN÷?ªI‡•¸SGYìÊ7S®m›æÎ¡†ú‰f
-A¾©ê–pWøoòñ
\ No newline at end of file
+-> ssh-ed25519 k2gHjw E972A3kem7+3ul2Ai8TV8EVkF9upClr46y1pbN+AfDY
+qZdZuv+F9c46uxKWYdBKp6AGkTA5IEjcBwDlBHpEbCU
+-> ssh-ed25519 pX8y2g WEBknhwaTqfVzaLQRg1tfEY/aGZDFnH0PvXOZ3pC1k8
+A23ELihRVsx8jhTcJAy3a1/saKWPc6ojf8HhPHj0niw
+-> ssh-ed25519 z6Eu8Q IsN3L8xlk8VwrqUByYiUhthAk06KCn6hcYlZrodk/Vg
+lX/SjRJIZEt1/Q6iLKFiUTHB4eH8ig4WJN79mU/AVUw
+-> &r29]-grease #}
+100ULy2nfLIOODMNPyvq0ATuGdVBAgwcXAs
+--- VkOZ7Vy9R4QPqvgAveJae/L4/nuDnQ/bAoN7UEKzxyw
+wQ{3É”3‘
+m2eÞ?×ò¥.M„:Df)ïˆ;t{zR½ªo’ñ²›‡òE#c·çáéTE…Ú9¹H67ÊqAÜ_Lb}
\ No newline at end of file
diff --git a/modules/secrets/miniflux/admin-credentials.age b/modules/secrets/miniflux/admin-credentials.age
index ee534fb684f738e45a223e393e7f14bed881e097..11c576f36bbbd3c601e6e95c5b89e0947be9a194 100644
GIT binary patch
delta 525
zcmV+o0`mRU1g->-EPqr*IV(k1WotNQZB<%MP(ox+XD?bcG*mJ;Yj`<!O;=5LFGXfg
zR#Ho7I0{K=Olx97D{eF^Yh+V&a5zwOS2<W>Y(g}1I51&3L^m{JW@lM&YG`g@Gzu*~
zAaiqQEoEdfH8n9gAaGbXc`|1pHcM!6b2oEkWHM$pZ*Na`LVs~KLv(61Y*kN8Y*|Ef
zIYm-VG&y!TGE6aR3T0GxF*GwuFnBO4Z$nC9IW#e6b98J(W?EKlF-c=}VKq)NFHUV)
zMlpJ43N1b$B6C?lEoX9NVRL05HZmePL<&%Da8qGpSVVC+QFdv0Fi&W1FJoqII8bk7
zM`dO&Qg<tOQ-3){c}+?~FK>BtayV5sR5d|Zc2qP$bTM^mLN{XyYE(>mcu9IqNi=zE
zT1GK)aauD*R#-@IZDmqcQ))CzL|9p8G;LNhR(No2T61n=3N0-yAY*lORBujNV_|nM
zWjJnSG)^{9YDPmaRaHV%Z!1D&XHraeHc?eUZ&*%E3V(OPtudv)Tl$(0Aw`mgIk5LS
z$H8QA<lOD*f%XJ!)BjI@6Z=18B1)<LQ^m7h5aku<4qRSB^tW-i_(CApGp{0U+<I*r
zx~q-<@g?B6pOWX(0mV*X96r%a$*C4d9D*gzC2~m~!9)NSc<JyS>zb)z`@SSm%viC`
Pkul`kkOpg?)IsI*SOde1

delta 564
zcmWm7O>5I&007{_c8Vw>cu)pL*k#s`kLFEM!9m-k>F3&{S<+0{mZV+UEm_iJZJL1V
zU?2<?y{wApP=^dJf(H*CHt-?{n}{$)VS<-|h<friLHz^I^K5v3`1Zwq#};+m1PcOM
zaR?EOnoi)@z?#paZMtg7z;~^l(rkLgqzdKng0>h)T@pk#8BnsB&RQa)01-odlXu)s
zLUQLAM@!BH5Hb$?eiLcb2>|c}98p|{5#XH8<*P9)t5xRtAmnOu{j5*+LPatO9!;kU
zfM|%mVWjK=he3(<qNGK72P|-YwJW$%t3JhMLq*q6pU`ar7m`+H9#nvr{NEYgV$2yu
zOs}E&4cNQn(u55+nalc^%`U@NW>~o9jZS5j$sWWPXb~_vpq>6?3oMC}Oco6@$?H>0
zo6AwkKUv}UIBT;RUP!Ta=sH-sO@M|=Hr*6jDno_?u(V1=Whc?1i#>x>YiuqNQ}cB?
zE6^GyfF+7j42_CObV#Xjzf>c1!))vEKyXb6K@eETsK!Fy^P@^}vRsW@EeB1MWdY=6
z3!oF#u%gj*ywt#rNlJwtSh3b%qp*d;R|n&7&n<<~>kpNe*GjK8@#*8Ad(6YZ=Et40
z@SUyGx8D8P+x>F#=l5?bzq;M&n}go|r+eqmq{c?<3wMv5T3O9qA9|5Ldd_0`ua8HN
w32OGukiC9l_eXzid-dtzfqfJl-2W{f=6X-$*vyUEqwxLO`tIR2yR$L-7yeAlzW@LL

diff --git a/modules/secrets/secrets.nix b/modules/secrets/secrets.nix
index 455f7b0..bf0f8ec 100644
--- a/modules/secrets/secrets.nix
+++ b/modules/secrets/secrets.nix
@@ -11,13 +11,13 @@ let
 
   all = users ++ machines;
 in {
-  "gandi/api-key.age".publicKeys = [alarsyo poseidon];
+  "gandi/api-key.age".publicKeys = [alarsyo hades poseidon];
 
   "lohr/shared-secret.age".publicKeys = [alarsyo poseidon];
 
   "matrix-synapse/secret-config.age".publicKeys = [alarsyo poseidon];
 
-  "miniflux/admin-credentials.age".publicKeys = [alarsyo poseidon];
+  "miniflux/admin-credentials.age".publicKeys = [alarsyo hades];
 
   "nextcloud/admin-pass.age".publicKeys = [alarsyo poseidon];
 
