Cleanup

2025-03-06 11:50:28 +01:00 · 2025-03-06 11:50:28 +01:00 · 45bc1eed01
commit 45bc1eed01
parent a3a5c0ffd6
1 changed files with 0 additions and 0 deletions
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@ -0,0 +1,28 @@
+let
+  tbarnouin = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAxccGxdfOFXeEClqz3ULl94ubzaJnk4pUus+ek18G0B tbarnouin@nixos";
+  users = [tbarnouin];
+
+  grafana = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDQxvO9vdd2f9aV4F3LEQrrTJaLwLvSLbLtjB9qNxc4z root@grafana";
+  onlyoffice = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAEHTFFQoi8PtzkdTEeA5lGELFS01J51GLLjrnySJM7R root@onlyoffice";
+  postgresql = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJW7qA7j1sICuu1RAfs9ifR9dmOlHq45tKu1ga7CKaob root@pgsql";
+  forgejo = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILMf3Cc/S0p/LFcW+RLMEqpxOOv8q/HrKO4I9joHmRxl root@forgejo";
+
+  systems = [grafana onlyoffice postgresql forgejo];
+in {
+  "secrets/initialPassword.age".publicKeys = users ++ systems;
+
+  "services/grafana/secrets/grafana-db.age".publicKeys = [tbarnouin grafana];
+  "services/grafana/secrets/grafana-oauth_secret.age".publicKeys = [tbarnouin grafana];
+  "services/grafana/secrets/kuma-token.age".publicKeys = [tbarnouin grafana];
+
+  "services/onlyoffice/secrets/office-dbpass.age".publicKeys = [tbarnouin onlyoffice];
+  "services/onlyoffice/secrets/office-jwtpass.age".publicKeys = [tbarnouin onlyoffice];
+
+  "services/forgejo/secrets/forgejoDBPass.age".publicKeys = [tbarnouin forgejo];
+
+  "services/postgresql/secrets/nextcloudDBPass.age".publicKeys = [tbarnouin postgresql];
+  "services/postgresql/secrets/giteaDBPass.age".publicKeys = [tbarnouin postgresql];
+  "services/postgresql/secrets/authentikDBPass.age".publicKeys = [tbarnouin postgresql];
+  "services/postgresql/secrets/grafanaDBPass.age".publicKeys = [tbarnouin postgresql];
+  "services/postgresql/secrets/onlyofficeDBPass.age".publicKeys = [tbarnouin postgresql];
+}