felschr/nixos-config
1
1
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
nixos-config/secrets/secrets.nix

144 lines
2.7 KiB
Nix
Raw Normal View History

feat: set up agenix secrets management
2022-05-04 03:02:47 +02:00
let
# age-specific key in ~/.ssh/id_ed25519: `ssh-keygen -t ed25519`
style: reformat with nixfmt-rfc-style
2024-05-26 16:45:38 +02:00
felschr = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGbQpMo1JOGk59Rzl6pVoOcMHOoqezph+aIlEXZP4rBu";
feat: set up agenix secrets management
2022-05-04 03:02:47 +02:00
users = [ felschr ];
feat: add immich
2022-08-06 16:07:29 +02:00
# `ssh-keygen -t ed25519 -N "" -f /etc/secrets/initrd/ssh_host_ed25519_key`
style: reformat with nixfmt-rfc-style
2024-05-26 16:45:38 +02:00
home-pc = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBFTQvIcSdhEKl/Kq+pcS/cPCyyZ1ygj+djfuaXzaRMx";
home-server = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILO+OLPr8zdOMYyKtm98AFJai7zbaxw7JhVWgOwu7K3C";
pilot1 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHEucfNzPbDRdDjTaLG3PzN4lAzDAq3QUkaLvaRjjsCY";
systems = [
home-pc
home-server
pilot1
];
in
{
"restic/b2.age".publicKeys = [
felschr
home-pc
home-server
pilot1
];
"restic/password.age".publicKeys = [
felschr
home-pc
home-server
pilot1
];
"smtp.age".publicKeys = [
felschr
home-pc
home-server
];
"samba.age".publicKeys = [
felschr
home-pc
home-server
];
"cloudflare.age".publicKeys = [
felschr
home-pc
home-server
];
"etebase-server.age".publicKeys = [
felschr
home-pc
home-server
];
"calibre-web/htpasswd.age".publicKeys = [
felschr
home-pc
home-server
];
"miniflux/admin.age".publicKeys = [
felschr
home-pc
home-server
];
"miniflux/oidc.age".publicKeys = [
felschr
home-pc
home-server
];
"paperless.age".publicKeys = [
felschr
home-pc
home-server
];
"nextcloud/admin.age".publicKeys = [
felschr
home-pc
home-server
];
fix: fix agenix secret paths
2024-05-26 17:28:02 +02:00
"immich/env.age".publicKeys = [
style: reformat with nixfmt-rfc-style
2024-05-26 16:45:38 +02:00
felschr
home-pc
home-server
];
"immich/db-password.age".publicKeys = [
felschr
home-pc
home-server
];
fix: fix agenix secret paths
2024-05-26 17:28:02 +02:00
"immich/typesense/env.age".publicKeys = [
style: reformat with nixfmt-rfc-style
2024-05-26 16:45:38 +02:00
felschr
home-pc
home-server
];
feat: set up agenix secrets management
2022-05-04 03:02:47 +02:00
feat(hass): manage secrets.yaml via agenix
2022-05-06 03:43:06 +02:00
# home-server
style: reformat with nixfmt-rfc-style
2024-05-26 16:45:38 +02:00
"home-server/hostKey.age".publicKeys = [
felschr
home-server
];
"lldap/key-seed.age".publicKeys = [
felschr
home-server
];
"lldap/jwt.age".publicKeys = [
felschr
home-server
];
"lldap/password.age".publicKeys = [
felschr
home-server
];
"authelia/jwt.age".publicKeys = [
felschr
home-server
];
"authelia/session.age".publicKeys = [
felschr
home-server
];
"authelia/storage.age".publicKeys = [
felschr
home-server
];
"authelia/oidc-hmac.age".publicKeys = [
felschr
home-server
];
"authelia/oidc-issuer.age".publicKeys = [
felschr
home-server
];
"hass/secrets.age".publicKeys = [
felschr
home-server
];
"esphome/password.age".publicKeys = [
felschr
home-server
];
fix: fix agenix secret paths
2024-05-26 17:28:02 +02:00
"dendrite/env.age".publicKeys = [
style: reformat with nixfmt-rfc-style
2024-05-26 16:45:38 +02:00
felschr
home-server
];
"dendrite/privateKey.age".publicKeys = [
felschr
home-server
];
feat: set up agenix secrets management
2022-05-04 03:02:47 +02:00
}
Reference in a new issue Copy permalink