Files
homelab/secrets/secrets.nix
T
Xavier Morel 047d68a998
Gitea Actions Demo / Explore-Gitea-Actions (push) Successful in 4s
feat: add terraforming of authentik
2026-03-25 21:24:08 +01:00

71 lines
1.6 KiB
Nix

let
config = (import ../config/_globals.nix { }).globals;
users = config.master.public_ssh_keys;
keys = import ../config/_keys.nix;
common = builtins.attrValues (keys);
in
{
# TODO: Probably there would be a way to guess the default service key from the secret prefix
"auth-authentik-ldap-secrets.age".publicKeys = users ++ [
keys.auth
];
"auth-authentik-proxy-secrets.age".publicKeys = users ++ [
keys.auth
];
"auth-authentik-secrets.age".publicKeys = users ++ [
keys.auth
];
"db-postgres-initscript.age".publicKeys = users ++ [
keys.db
];
"gitea-action-token.age".publicKeys = users ++ [
keys.git
];
"finances-app-key.age" = {
publicKeys = users ++ [
keys.finances
];
extra = {
owner = "firefly-iii";
group = "nginx";
};
};
"matrix-maubot-cfg.age".publicKeys = users ++ [
keys.matrix
];
"metrics-pve.age".publicKeys = users ++ [
keys.metrics
];
"mqtt-exporter-environment.age".publicKeys = users ++ [
keys.mqtt
];
"mqtt-password-mqtt.age".publicKeys = users ++ [
keys.mqtt
];
"mqtt-password-frigate.age".publicKeys = users ++ [
keys.mqtt
];
"mqtt-password-ha.age".publicKeys = users ++ [
keys.mqtt
];
"mqtt-password-z2m.age".publicKeys = users ++ [
keys.mqtt
];
"papers-environment-file.age".publicKeys = users ++ [
keys.papers
];
"papers-password-file.age".publicKeys = users ++ [
keys.papers
];
"power-password-file.age".publicKeys = users ++ [
keys.power
];
"proxy-dns-provider-config.age".publicKeys = users ++ [
keys.proxy
];
"yarrr-env.age".publicKeys = users ++ [
keys.yarrr
];
}