Init infrastructure

Benjamin, I hate you. Signed-off-by: Ryan Lahfa <federez-infra@lahfa.xyz>
2024-02-12 04:57:07 +01:00 · 2024-02-12 04:57:07 +01:00 · 8acdce99df
commit 8acdce99df
23 changed files with 602 additions and 0 deletions
--- a/secrets/matrix-shared-secret.age
+++ b/secrets/matrix-shared-secret.age
--- a/secrets/mautrix-telegram.age
+++ b/secrets/mautrix-telegram.age
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@ -0,0 +1,18 @@
+let
+  readKeyFile = keyFile: builtins.filter (x: x != [] && x != "") (builtins.split "\n" (builtins.readFile keyFile));
+  estragon = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBS1xp/2n5q4u4kDerkXQClnD1xeS6qrj0regbJwjktB root@estragon";
+  wagon = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJqBgXGbnPPmDHrn05Fr3X66cmgP6zvnMtPL21d4ebfh root@wagon";
+  lagon = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN8fiqJw9RvVVQghG0OVKsXAkBcWox4JsozfxToLAiIK root@lagon";
+  # Add yourself.
+  raito = readKeyFile ../pubkeys/raito.keys;
+
+  matrix-admins = raito;
+  vaultwarden-admins = raito;
+  keycloak-admins = raito;
+in
+  {
+    "matrix-shared-secret.age".publicKeys = [ estragon ] ++ matrix-admins;
+    "mautrix-telegram.age".publicKeys = [ estragon ] ++ matrix-admins;
+    "vaultwarden-secrets.age".publicKeys = [ wagon ] ++ vaultwarden-admins;
+    "keycloak-password-file.age".publicKeys = [ lagon ] ++ keycloak-admins;
+  }
--- a/secrets/vaultwarden-secrets.age
+++ b/secrets/vaultwarden-secrets.age