federez/nix
7
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

profiles/ldap: init

Browse source 
Phew, this is working?

Signed-off-by: Ryan Lahfa <federez-infra@lahfa.xyz>
This commit is contained in:
Ryan Lahfa 2024-02-14 20:40:20 +01:00
parent 4a043d6fb5
commit 0a637e5079
5 changed files with 90 additions and 23 deletions
Download patch file Download diff file Expand all files Collapse all files

34
secrets/ldap-bind-password.age Normal file
View file

@ -0,0 +1,34 @@
age-encryption.org/v1
-> ssh-ed25519 GxF6ZA OjQmqOJccj+MF5atvDBSFQ1JMKLBYWhKr0Shr2Z8Bws
wdwMQsgMsIOCMayUrBqepQEphbJKK1WThpg69adSkOU
-> ssh-ed25519 Kw53Kw ITayxp4Bba3lr4UYKz0QOIdzJX3ZZ9ufODjHaXL+SzM
Wp7ZQrxHPN1/K3DRV3RiHcgpBpM4Qxjmp2cv6NvfBQE
-> ssh-ed25519 FCRFOQ 9ex8FuTdbUuhZvk8TvBD6BBwymPeJ5Efkt3ioc3M32Y
uGOuUeGXn7cD8xWhjpz9qb7lHzsjW2h7QBdv8a5RyoU
-> ssh-ed25519 B36KCg EGp4RxQca6dtSgwQYGNLdQ9BNSJ+fHWmr/Q4mka+6h8
V2djTR4or1M+mbh8d4R643CvP8dQU2jbwlsoMKdoj+w
-> ssh-rsa krWCLQ
bWGdQA+nWtvvzNRiyvzHfZArfT1LVDT3NnttMiUJC1Jo6eMKje3wS0fxDbuDZ4vo
odtFhxK2hH6hR0DxIK97mzr4rfr521TWn50KCcxqIlZ8q6+i2Y51RpDMDB7tTHJv
MBlRMEDkt03atFyaCcBYqxCbosb8hQI0Osr4j1MDyj0PrUZJNmpr0o7immWkSCE1
0VV9JiTDwkdR/lbJ/qkwhA/0+wWABeYEXZYvEmsQ3I7Mx0oX3W41DClhrfNkixTQ
VLc4o6Z1d7HqCdeOadqmEx4rtWuFZ7jMTaRV0hqEDr6MWe4KXNxR/7pF1O4a+Mzs
nhwG+n+4ta603MPWpkWnoQ
-> ssh-ed25519 /vwQcQ ynKyWE8qqquPN6WX7PsLuwUwtlNS/VBluDHTpXrIOE0
VivMdBXUYl6ZHlgPx4+WJKPmiobgVXsftQdvClmIOLM
-> ssh-ed25519 0R97PA 5pzkJFYkvjVQYOgjIZPgdhEH8GFaHBrE7PHEg//lQVE
/Bfvwlo4CbUjv5uHjSAtfPxTBVfLoA6sIF2poDI4S68
-> ssh-rsa jL+Elw
gyeeOmvoxeIvxQ0OGsRaFVeF/fkE6TxpYGHsJdA4w3yJSlLCtk+WYv228hx9if3+
bXvBZL5uRF4psP36i0gQto4NjHEUP5hfdjaRzSIai/xdb78UD/UtvyOOhhpO1NRE
fmNYn5uAI2zCOzqpncgYTWaoI+Bl2LrBoNFrYHARgRg2dmx8kNIA/1cFTIzM+EC8
GSRAHe/UI9FrjIPw32zYD81Y9SuTLDgnnyZQ+LJ9BEsA6xkmx6PwGt841Hwjn22s
HjI3EWHoTwzrjFA+CGN1TmR50jl5h90F19fu6TGbDPYnmQdm+9+xhTEGxIwZBblN
MAt2xbQbNSVruooRaB+0eKXCyQiHgn+2aSM0m4lq6i27W5KK9fFJoZpFRyYNVicS
z/3bbn5G37LNRQ7S2uaQpO5E093Q/TO/cAiDdpexxjWPY74BZQXpuCrd0kwQA5OA
YZqRrwnsbyU/1PIik+CfkoSzVieru8cYnZp9gltdLu998LoKh5tW3DTmTe5/RqiF
2fyZk+M/6QKQMrIX1HnOtZWfAdN+vh7E5VB2W7Ysq8SYHYHAG/a9rH8OJgkDIbpW
58g5Weidb9SKK3Ubunl1Ok7mzOmK5fLu5u+lM3UVqdVMhaxX1uwL9pgeei5aqIUo
+KCsjx+0Wb554MitUvSaw00yS0A+z0H78nKv3waZL8k
--- NNyRDQ7VL64kPyPUtiUkjKts16ia4Oz4KYJdOsykT9Q
àÒÁIDÌžKe*µ]¤Ö4ªuòýüPhĈÜà9ÔFȤcz°7‰†zš&ž<EÜZ(^Ñ$™#]¼

4
secrets/secrets.nix
View file

@ -3,6 +3,7 @@ let
estragon = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBS1xp/2n5q4u4kDerkXQClnD1xeS6qrj0regbJwjktB root@estragon";
wagon = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJqBgXGbnPPmDHrn05Fr3X66cmgP6zvnMtPL21d4ebfh root@wagon";
lagon = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN8fiqJw9RvVVQghG0OVKsXAkBcWox4JsozfxToLAiIK root@lagon";
klingon = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC/P58bPqi8yTl12jpP8oFcYG7S8j1WpfgqwZz+EuQqy root@kligon";
# Add yourself.
raito = readKeyFile ../pubkeys/raito.keys;
bensmrs = readKeyFile ../pubkeys/bensmrs.keys;
@ -10,10 +11,13 @@ let
matrix-admins = raito ++ bensmrs;
vaultwarden-admins = raito ++ bensmrs;
keycloak-admins = raito ++ bensmrs;
ldap-bind-admins = raito ++ bensmrs;
servers = [ estragon wagon lagon klingon ];
in
{
"matrix-shared-secret.age".publicKeys = [ estragon ] ++ matrix-admins;
"mautrix-telegram.age".publicKeys = [ estragon ] ++ matrix-admins;
"vaultwarden-secrets.age".publicKeys = [ wagon ] ++ vaultwarden-admins;
"keycloak-password-file.age".publicKeys = [ lagon ] ++ keycloak-admins;
"ldap-bind-password.age".publicKeys = servers ++ ldap-bind-admins;
}