all repos — nixfiles @ 6c18a33c758f0226e660f924ddd71a6d3ad53004

System and user configuration, managed by nix and home-manager

Import server configurations

Alan Pearce
commit

6c18a33c758f0226e660f924ddd71a6d3ad53004

parent

2b09b74ba617346a0c9c932543e658837ef9e5d2

1 file changed, 31 insertions(+), 0 deletions(-)

changed files
A secrets/secrets.nix
@@ -0,0 +1,31 @@
+let + users = { + alan = [ + "age1se1qdx3wrvaxevk3g40ngqreqc9n4gl0rwcjdvnptz5vw96jjjuf2rv2wp8c5m" # mba age-plugin-se + ]; + }; + + machines = { + linde = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHHdh3J7dEmh9G+CVmzFEC8/ont35ZXpCFcpLUO863vC"; + nanopi = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG/KOwhb4pyuw4U8hnkPAbRNk6o41Fmvsa67cY6MHA9k"; + }; + + secrets = with machines; { + acme = [ linde nanopi ]; + + binarycache = [ linde ]; + paperless = [ linde ]; + powerdns = [ linde ]; + + dyndns = [ nanopi ]; + syncthing = [ nanopi ]; + }; +in +builtins.listToAttrs ( + map + (secretName: { + name = "${secretName}.age"; + value.publicKeys = secrets.${secretName} ++ users.alan; + }) + (builtins.attrNames secrets) +)