felschr/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat: set up agenix secrets management

Browse source
This commit is contained in:
Felix Schröter 2022-05-04 03:02:47 +02:00
parent cc6226d335
commit 5f329f550e
Signed by: felschr
GPG key ID: 671E39E6744C807D
32 changed files with 279 additions and 44 deletions
Download patch file Download diff file Expand all files Collapse all files

10
services/mosquitto.nix
View file

@ -31,15 +31,15 @@ in {
"readwrite tasmota/#"
"readwrite owntracks/#"
];
hashedPasswordFile = "/etc/nixos/secrets/mqtt/hass";
hashedPasswordFile = config.age.secrets.mqtt-hass.path;
};
"tasmota" = {
acl = [ "readwrite tasmota/#" "readwrite homeassistant/#" ];
hashedPasswordFile = "/etc/nixos/secrets/mqtt/tasmota";
hashedPasswordFile = config.age.secrets.mqtt-tasmota.path;
};
"owntracks" = {
acl = [ "readwrite owntracks/#" ];
hashedPasswordFile = "/etc/nixos/secrets/mqtt/owntracks";
hashedPasswordFile = config.age.secrets.mqtt-owntracks.path;
};
};
}
@ -49,11 +49,11 @@ in {
users = {
"felix" = {
acl = [ "read owntracks/#" "readwrite owntracks/felix/#" ];
hashedPasswordFile = "/etc/nixos/secrets/mqtt/felix";
hashedPasswordFile = config.age.secrets.mqtt-felix.path;
};
"birgit" = {
acl = [ "read owntracks/#" "readwrite owntracks/birgit/#" ];
hashedPasswordFile = "/etc/nixos/secrets/mqtt/birgit";
hashedPasswordFile = config.age.secrets.mqtt-birgit.path;
};
};
}