feat: massive refactoring...

This commit is contained in:
Xavier Morel
2025-11-09 00:45:00 +01:00
parent f9446df46d
commit 3245b6b89f
77 changed files with 3233 additions and 582 deletions
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
+8
View File
@@ -0,0 +1,8 @@
age-encryption.org/v1
-> ssh-ed25519 jxhkLg aQoOlZUoNaXXxfkMlkGx9zJDKQh+zlLyYrXuX+LEcFw
9c/dFd+LYdnb2TUm5+lxcPmFW8STMq6UALHlClL85jc
-> ssh-ed25519 UJuwpQ hnsSFl7MIkaG0DmCzZKoUtDLj/ey+YZ7Af4gEiPNtkc
2bmkqUGoh2kAW03X//iq/mlzOZeoS1PpmAmLWcAR48k
--- yMItyu2jgirF9YB+u26yykPuqEVz7T46oi6EDZ8rXYs
û6v%aÇKFÛÞ1×49<$kHüC²bÄvÊ#dÜ¿$ë‰4
õF5k*Ct¯±qUH%¶¶~ÇÓEíŒú³Å:e:÷d½¶èä·´k
+7
View File
@@ -0,0 +1,7 @@
age-encryption.org/v1
-> ssh-ed25519 jxhkLg +kc3WvRZu+M7FPObE9sUEBrRZUjaKQ3uDX01e30bvH4
jp7GGPCdUHMFYAdZ6eHlb2Rpjbr7fgxO5i5A4JCuBFQ
-> ssh-ed25519 DVDL4g u3KhmxBa+ycZKj6g9/p9VfdWJe3sXNIYWqvnxS0LOFk
+6czbSa2PsgCNrsWFYtFJpW6YRttVpC3tlJpvMyKVlo
--- 6giEp6Qr8xXyII1KyBbEtT0a4qUkYtvby2NVshaHvK8
©³˜Üú+&
Binary file not shown.
+36
View File
@@ -0,0 +1,36 @@
let
config = (import ../config/_globals.nix { }).globals;
users = [
config.master.public_ssh_key
];
keys = import ../config/_keys.nix;
common = builtins.attrValues (keys);
in
{
# TODO: Probably there would be a way to guess the default service key from the secret prefix
"auth-authentik-ldap-secrets.age".publicKeys = users ++ [
keys.auth
];
"auth-authentik-proxy-secrets.age".publicKeys = users ++ [
keys.auth
];
"auth-authentik-secrets.age".publicKeys = users ++ [
keys.auth
];
"db-postgres-initscript.age".publicKeys = users ++ [
keys.db
];
"finances-app-key.age".publicKeys = users ++ [
keys.finances
];
"power-password-file.age".publicKeys = users ++ [
keys.power
];
"proxy-dns-provider-config.age".publicKeys = users ++ [
keys.proxy
];
"yarrr-env.age".publicKeys = users ++ [
keys.yarrr
];
}
Binary file not shown.