amy/nixlab
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat: moar nix

Browse source
This commit is contained in:
nullishamy 2025-06-18 21:41:53 +01:00
parent 7e3bf4d6f3
commit 2025eb74a4
Signed by: amy
SSH key fingerprint: SHA256:WmV0uk6WgAQvDJlM8Ld4mFPHZo02CLXXP5VkwQ5xtyk
23 changed files with 1408 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

13
secrets/secrets.nix
View file

@ -1,10 +1,21 @@
# Used by the agenix cli and our module to generate all of the secret entries into the agenix module (see ./default.nix)
let
# host-key.pub
amy = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDTbclOyOwIAPgVE/v5lIuf0P+Tq/Qkw3+GFa4YuRaCC amy@nixon";
users = [ amy ];
# /etc/ssh/ssh_host_ed25519_key.pub on each host
nixos = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILMAy1iKOrL2yBCWljLnuwo29G5plDblI41jJ4Woy1el root@nixos";
systems = [ nixos ];
nix01 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBQfwok81BymeM9zW8D/LPZxRX6HGLkeTi1hS7GjPoZF root@nix01";
nix02 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGFJBDr16y8BAhtLfbc2WYJLwtgrxEyrpJx0zJpHPn/Z root@nix02";
systems = [ nixos nix01 nix02 ];
in
{
"atticd.env.age".publicKeys = users ++ systems;
"blog.dbpass.age".publicKeys = users ++ systems;
"pgadmin.password.age".publicKeys = users ++ systems;
"sharkey.dbpass.age".publicKeys = users ++ systems;
"sharkey.redispass.age".publicKeys = users ++ systems;
"authentik.env.age".publicKeys = users ++ systems;
"forgejo.dbpass.age".publicKeys = users ++ systems;
}