lasuite-federez/nix
4
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
nix/secrets/secrets.nix
Asyncnomi 395a34d811 meshing fixed
2025-07-21 23:41:18 +02:00

77 lines
No EOL
5.9 KiB
Nix
Raw Blame History

let
system-wg = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICqc0bjLqkfLXrt1eZNdZiEvUbOyWD6fluyx/nDGf9Rh root@bastion-mtz-lasuite-federez"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMIJnmYY0ThWBzy7UshWY1k7ZJP+yp8z70Gtbc8QX3BY root@db-mtz-lasuite-federez"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOCkwjv+R6OgPdcv+4aaymDHnHgWKA4Ez2h0D2dRD0Jr root@dns-mtz-lasuite-federez"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDTz7pRg4NuFcDQRSfv4r5iUDXtzGGgp2esHpPXyVe7v root@docs-mtz-lasuite-federez"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAcQdrRByANR6zkGfuTc98xLll+xZ+VtqrrQWwdupADb root@meet-mtz-lasuite-federez"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDPRGzwagWSlcJjrm61gIVvn0wPb/8LMHOwTaPd7VrQI root@gris-mtz-lasuite-federez"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIv9JPqMuWRU1tQ5R8rMcxfv5etDwuvGH4LzOWx98v0t root@mail-mtz-lasuite-federez"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO5Zbcu9h0Yu+7UH06sIVmT3FsQeej36BJPr2jjRCjca root@garage-mtz-lasuite-federez"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBJhvn95VaG7HtpNyXTYU+DPWQlzttjkaE0HYvZWDz9J root@livekit-mtz-lasuite-federez"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJIgf7CsRRAOujfTxmm3Ww1+IypBWwtGP+L/npzPCYz1 root@backup-mtz-lasuite-federez"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEMvdNYHwglZE5gRb/TrNkp1N7IWps470VJxAUErsXVK root@prom-mtz-lasuite-federez"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGeiCdltZQiD9NqTOhOkFLm3TG3fBtSZLFSaAMTY1w/r root@auth-mtz-lasuite-federez"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ080ls6nPzv8APsclvVe3c/nQUvizcss2I/Xm+jr6Mc root@grafana-mtz-lasuite-federez"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFg7cpJC6sUc8Gt8VnGZ/BpojEp/dbRdVjpOBf2NO5Rg root@bastion-ren-lasuite-federez"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPww9G5M8SSz8PWOJoX/C6hD12BLfGSRCnQQizOiCEGg root@db-ren-lasuite-federez"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFOARZoBC95SxV2tL5hbE20vnOS7VIyn4/ACeVdpIZ2D root@dns-ren-lasuite-federez"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP7XMTZ6iyRMHRegqSlG1Pqe4ukVmE9c5gm9fq9GOVdm root@docs-ren-lasuite-federez"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF7ePeAz7gmSFbccnXuWVsIqWBRjbMUxLWF1mMoOC/Or root@meet-ren-lasuite-federez"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGv+JwA/2GAgB15lesPgr8nQGTY4CY0vCF5SpBQBl7nF root@gris-ren-lasuite-federez"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJQ24UID4nGKru/to8wSoJ6LMcKwP3d9kZG7dlew0g9S root@mail-ren-lasuite-federez"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGsMyIVZ48koVWj1IK4GZihDxwrjYxNfoLO4qKGJZWC3 root@garage-ren-lasuite-federez"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICTDfN32SnJMAeUFUUU0BvmCsyUALE77Fi3vr9sWhi+F root@livekit-ren-lasuite-federez"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINzJ46TCLwJq+tKXVGOL6yj498xUWTdPgzvgmpZC2ZV/ root@backup-ren-lasuite-federez"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIABQnev3qk3UCORMqx9OM9ek9R6CBK+OAQQrQa56iZ7G root@prom-ren-lasuite-federez"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHZC+1P5nIJwsPA39OF4LYEqRYZVE0jDFQxu9nSr5nF0 root@auth-ren-lasuite-federez"
];
system-bastion = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICqc0bjLqkfLXrt1eZNdZiEvUbOyWD6fluyx/nDGf9Rh root@bastion-mtz-lasuite-federez"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFg7cpJC6sUc8Gt8VnGZ/BpojEp/dbRdVjpOBf2NO5Rg root@bastion-ren-lasuite-federez"
];
asyncnomi = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIENo/g3BZ1bJViYE6EY4VZO96a4q8U4nWKjTprQJtjEH asyncnomi" ];
gamma = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKhuKmuBPLAtQSjy4E4UaEmf8Qj56414r+adAJ6BgmO8 gamma" ];
jeltz = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHabXDr/vrx361yaxKK58jHJB77TNVZvqhkIiaTB7ECI jeltz" ];
soyouzpanda = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIGmU7yEOCGuGNt4PlQbzd0Cms1RePpo8yEA7Ij/+TdA soyouzpanda" ];
users = asyncnomi ++ gamma ++ jeltz ++ soyouzpanda;
in
{
# Wireguard secrets
# Zone 1 (Metz)
"wireguard/wg-private-zone-1-id-1.age".publicKeys = system-wg ++ users;
"wireguard/wg-private-zone-1-id-2.age".publicKeys = system-wg ++ users;
"wireguard/wg-private-zone-1-id-3.age".publicKeys = system-wg ++ users;
"wireguard/wg-private-zone-1-id-4.age".publicKeys = system-wg ++ users;
"wireguard/wg-private-zone-1-id-5.age".publicKeys = system-wg ++ users;
"wireguard/wg-private-zone-1-id-6.age".publicKeys = system-wg ++ users;
"wireguard/wg-private-zone-1-id-7.age".publicKeys = system-wg ++ users;
"wireguard/wg-private-zone-1-id-8.age".publicKeys = system-wg ++ users;
"wireguard/wg-private-zone-1-id-9.age".publicKeys = system-wg ++ users;
"wireguard/wg-private-zone-1-id-10.age".publicKeys = system-wg ++ users;
"wireguard/wg-private-zone-1-id-11.age".publicKeys = system-wg ++ users;
"wireguard/wg-private-zone-1-id-12.age".publicKeys = system-wg ++ users;
"wireguard/wg-private-zone-1-id-13.age".publicKeys = system-wg ++ users;
# Zone 2 (Rennes)
"wireguard/wg-private-zone-2-id-14.age".publicKeys = system-wg ++ users;
"wireguard/wg-private-zone-2-id-15.age".publicKeys = system-wg ++ users;
"wireguard/wg-private-zone-2-id-16.age".publicKeys = system-wg ++ users;
"wireguard/wg-private-zone-2-id-17.age".publicKeys = system-wg ++ users;
"wireguard/wg-private-zone-2-id-18.age".publicKeys = system-wg ++ users;
"wireguard/wg-private-zone-2-id-19.age".publicKeys = system-wg ++ users;
"wireguard/wg-private-zone-2-id-20.age".publicKeys = system-wg ++ users;
"wireguard/wg-private-zone-2-id-21.age".publicKeys = system-wg ++ users;
"wireguard/wg-private-zone-2-id-22.age".publicKeys = system-wg ++ users;
"wireguard/wg-private-zone-2-id-23.age".publicKeys = system-wg ++ users;
"wireguard/wg-private-zone-2-id-24.age".publicKeys = system-wg ++ users;
"wireguard/wg-private-zone-2-id-25.age".publicKeys = system-wg ++ users;
# Bastion secrets
"bastion/wg-private-zone-1.age".publicKeys = system-bastion ++ users;
"bastion/wg-private-zone-2.age".publicKeys = system-bastion ++ users;
}
Reference in a new issue View git blame Copy permalink