diff options
Diffstat (limited to '')
-rw-r--r-- | hosts/tahoe/secrets/secrets.nix | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/hosts/tahoe/secrets/secrets.nix b/hosts/tahoe/secrets/secrets.nix new file mode 100644 index 0000000..01ff035 --- /dev/null +++ b/hosts/tahoe/secrets/secrets.nix @@ -0,0 +1,36 @@ +let + fcuny_aptos = + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIdlm/qoR/dnMjZhVSTtqFzkgN3Yf9eQ3pgKMiipg+dl"; + tahoe = + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEq1IQRvj2jofCHOO6M28w2SRdgtHU06NJvwAwv/b69F"; + all = [ fcuny_aptos tahoe ]; +in { + "wireguard_privatekey.age".publicKeys = all; + + "acme/credentials.age".publicKeys = all; + "acme/gcp_service_account.json.age" = { + publicKeys = all; + owner = "acme"; + }; + + "drone/secrets.age" = { + publicKeys = all; + owner = "drone"; + }; + + "syncthing/key.age" = { + publicKeys = all; + owner = "fcuny"; + }; + + "syncthing/cert.age" = { + publicKeys = all; + owner = "fcuny"; + }; + + "unifi/unifi-poller.age".publicKeys = all; + + "restic/repo-systems.age".publicKeys = all; + "rclone/config.ini.age".publicKeys = all; + "rclone/gcs_service_account.json.age".publicKeys = all; +} |