federez/nix
7
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
nix/secrets/secrets.nix
Jeltz cfc5775ba5
secrets: add indico passwords 
Signed-off-by: Jeltz <jeltz@federez.net>
2025-04-05 21:19:35 +02:00

37 lines
2.1 KiB
Nix
Raw Blame History

let
readKeyFile = keyFile: builtins.filter (x: x != [] && x != "") (builtins.split "\n" (builtins.readFile keyFile));
estragon = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBS1xp/2n5q4u4kDerkXQClnD1xeS6qrj0regbJwjktB root@estragon";
wagon = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJqBgXGbnPPmDHrn05Fr3X66cmgP6zvnMtPL21d4ebfh root@wagon";
lagon = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN8fiqJw9RvVVQghG0OVKsXAkBcWox4JsozfxToLAiIK root@lagon";
klingon = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC/P58bPqi8yTl12jpP8oFcYG7S8j1WpfgqwZz+EuQqy root@kligon";
aragon = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBUDEhYDtCLI4ypIXhimPjleiGUI3lOTv5LntzNEPM1p root@aragon";
pendragon = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILrJwgqLnGuUpUFacXLphiu8vUthVD4mA4a3Uytl5eSD root@pendragon";
perdrigon = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIChtLzQ2YhAzJWFhuq4rdenxMFCNGD00PTwmmyjE8PM0 root@perdrigon";
# Add yourself.
raito = readKeyFile ../pubkeys/raito.keys;
bensmrs = readKeyFile ../pubkeys/bensmrs.keys;
tomate = readKeyFile ../pubkeys/tomate.keys;
jeltz = readKeyFile ../pubkeys/jeltz.keys;
active-admins = raito ++ bensmrs ++ tomate ++ jeltz;
matrix-admins = active-admins;
vaultwarden-admins = active-admins;
keycloak-admins = active-admins;
ldap-bind-admins = active-admins;
discourse-admins = active-admins;
indico-admins = active-admins;
servers = [ estragon wagon lagon klingon aragon pendragon perdrigon ];
in
{
"matrix-shared-secret.age".publicKeys = [ estragon ] ++ matrix-admins;
"mautrix-telegram.age".publicKeys = [ estragon ] ++ matrix-admins;
"vaultwarden-secrets.age".publicKeys = [ wagon ] ++ vaultwarden-admins;
"keycloak-password-file.age".publicKeys = [ lagon ] ++ keycloak-admins;
"ldap-bind-password.age".publicKeys = servers ++ ldap-bind-admins;
"discourse-key-base.age".publicKeys = [ pendragon ] ++ discourse-admins;
"discourse-mail-password.age".publicKeys = [ pendragon ] ++ discourse-admins;
"indico-ldap-bind-password.age".publicKeys = [ perdrigon ] ++ indico-admins;
"indico-secret-key.age".publicKeys = [ perdrigon ] ++ indico-admins;
"indico-mail-password.age".publicKeys = [ perdrigon ] ++ indico-admins;
}
Reference in a new issue View git blame Copy permalink