os/secrets/secrets.nix

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

91 lines
5.5 KiB
Nix
Raw Normal View History

let
2021-10-23 11:24:22 +00:00
bbcom = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCmXpOU6vzQiVSSYCoxHYv7wDxC63Qg3dxlAMR6AOzwIABCU5PFFNcO0NWYms/YR7MOViorl+19LCLRABar9JgHU1n+uqxKV6eGph3OPeMp5sN8LAh7C9N+TZj8iJzBxQ3ch+Z/LdmLRwYNJ7KSUI+gwGK6xRS3+z1022Y4P0G0sx7IeCBl4lealQEIIF10ZOfjUdBcLQar7XTc5AxyGKnHCerXHRtccCoadLQujk0AvPXbv3Ma4JwX9X++AnCWRWakqS5UInu2tGuZ/6Hrjd2a9AKWjTaBVDcbYqCvY4XVuMj2/A2bCceFBaoi41apybSk26FSFTU4qiEUNQ6lxeOwG4+1NCXyHe2bGI4VyoxinDYa8vLLzXIRfTRA0qoGfCweXNeWPf0jMqASkUKaSOH5Ot7O5ps34r0j9pWzavDid8QeKJPyhxKuF1a5G4iBEZ0O9vuti60dPSjJPci9oTxbune2/jb7Sa0yO06DtLFJ2ncr5f70s/BDxKk4XIwQLy+KsvzlQEGdY8yA6xv28bOGxL3sQ0HE2pDTsvIbAisVOKzdJeolStL9MM5W8Hg0r/KkGj2bg0TfoRp1xHV9hjKkvJrsQ6okaPvNFeZq0HXzPhWMOVQ+/46z80uaQ1ByRLr3FTwuWJ7F/73ndfxiq6bDE4z2Ji0vOjeWJm6HCxTdGw== hello@benjaminbaedorf.com";
biolimo-host = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBZzg8pfVtFonx/IvO2MKG5uVF/sMJAOt1Ifm9Vds2eA root@biolimo";
2023-09-12 16:46:36 +00:00
biolimo-user = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDDoYNvXWunQYFORRjcYH1F98+zr20U79ROh+gmaC7AY/x3yf4y8uyMayF56VgQLVNwgEchT5t4dNb9qo2+1oUnjiKrKAVfQMN6WMMMEr4F4WT784uvBx5Uo6vmhgAa+xoo62c4TV2Uf49ZiPd+zAApBHW1F/whPtunPF28Wfr9g+ozSidhnAr+3nkfJh331tz9s+wgQ39AFzFWftQ60Guulpfj8SaVyxyv/yZZAuFpXNzN0Cz4fWBIWFOsib6Z8y+SlUCzSzOguZ7FygHjwlvOxoISsASAuf0OfUKHxVshiL5F5AX1ddmUgXbUKUTp/3Iunr74pfOQC8TXzZHqhrlFzYDmK5J9E6eADSpgx++bCCaHycl73BWeertCBZSHBXeb3Db9HX+mxwpfP3alVAt4ZqQb3YD/VB7XGDvHbmLn+wSfecO2qA9PxiA0yX7e2BZLN9r3G3bRNSk0GpnYM0i84FE9IipiKKnWVjj7J0UPQmz7rzAn2Lki1CnX9PDdxZneqTxgpBomHJt4H+vXMw13scA4xxEDBvfS5KkjbEJqWLbfklCoER6nV3NPLZ6CBl0Xe/VQBSkqEuUEIXih/oa8emDOGUODNF75ck5NJmKiGg6AFZoeiDa7PZMIxhhOq4vsR2Ty43rztUJ0CMX7iSIk3Eql7kqNdvrJaJ7z0GBsiw== b12f@biolimo";
2021-10-23 11:24:22 +00:00
chocolatebar-host = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINZT3QrKugNTWNOwYziQnxrT5zFqWQDafWjScDuIpMhN root@chocolatebar";
2023-09-12 16:46:36 +00:00
chocolatebar-user = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDwyNsGCMuyI9x2IxYEbYIL6oYsEfe1wqhHaRxSnK9oc10ge1LJni5o7g6XgryoQpCD9YenImcCxwkKblmlLQ2327uoVC2PUo07li1uT0eIPk0TQoxwp6besFs7/LEzZlgWQsc3gkEXmjk/E0mu0U6z2fkqciJ/ZxWYt9fLP6jBG47U9878rSaZ7k7Ilv6oRA3suArH189k1nerk/tonS4EWXeHZxHh/Eu0tqwmxN/6+g2GicYn6b+MbFQVdQAkctqT5Yz9USm9UKzbaAuZ799u0dJzagHm9JJZOr8r11ENtAkY9kAzRzm3u/ACiSdVzyLdjAK6m0dIPhp3OhedzuHiI6/wRll60tYtQTH1XwUpVbtir3+DT+jwZgO1zH3yL4iNh79kuUo+UEg1ZmGkSZRzSS2vb5qr0J5aSJmCd5sNB7a01PTtSlQPOqSF9PB+UmcLDF7JoKFub0KT/gRZ5neZkXTYQ/Y05qtaaFVlOVISijnm+sLUvKBv6OW8oYXIHBk= b12f@chocolatebar";
2021-10-23 11:24:22 +00:00
2022-08-23 16:04:21 +00:00
droppie-host = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBDuXuPPDXTyJgy4JRwbKcPbawvVB1Il2neyRWb4O5sJ root@nixos";
droppie-user = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCnYTlTmHCl6LOkexqRR9LqjOoFgt9TQ4VzHQGRHJMzF/AGcDRoqC+pBLFSTzRb5/ikAOsb32XHyKVg4nNdJeQshO11QtDmkCB02D/XcIXxnNQ5A8CztT2az5xJtbbWSdamMnHBLcqLiwoLmXbERpdlt8jNqMHrz+bjCUGYVAFSfc/WdIs6EATJ1eF0VFxv7nUh4qhgStABSwhNsnoYOC/DOBSA9aBP1f5Fz9QHUioPTGi2hRwbTbtFUvTrymPpWVFRApa1zvGXcr4YUCm7ia1ZlZKzRpsPkwLxb8Omm4bGmR0cAVwVhVRySnhpCTwbIBLyw+H8PvKWBBba1NAKyMij root@droppie";
pie-host = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINcTORdlVno0B9R6Yh9qmlOZKA/ZQ8RBzXK7/1rBbE02 root@pie.local";
2023-07-02 10:48:34 +00:00
2023-10-24 15:56:14 +00:00
frikandel-host = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPzrEsby3KYpKRuSnTMp2Iq4ENgucQUy6SJ+906nwllS root@frikandel";
2024-01-27 22:53:36 +00:00
stroopwafel-host = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDl5mZ8CBVU1xG8NfcphWnmUUK5VXec7TqW5qfPeYQHi root@stroopwafel";
2023-07-02 10:59:54 +00:00
baseKeys = [
2021-10-23 11:24:22 +00:00
bbcom
];
2024-01-27 22:53:36 +00:00
stroopwafelKeys = [
stroopwafel-host
];
2021-10-23 11:24:22 +00:00
biolimoKeys = [
biolimo-host
biolimo-user
];
chocolatebarKeys = [
chocolatebar-host
chocolatebar-user
];
2022-08-23 16:04:21 +00:00
droppieKeys = [
droppie-host
droppie-user
];
2023-07-02 10:48:34 +00:00
pieKeys = [
pie-host
2023-07-02 10:48:34 +00:00
];
2023-10-24 15:56:14 +00:00
frikandelKeys = [
frikandel-host
];
in {
"dyndns.key.age".publicKeys = pieKeys ++ baseKeys;
"hosting-de-acme-secrets.age".publicKeys = pieKeys ++ frikandelKeys ++ baseKeys;
2022-04-28 21:24:33 +00:00
"droppie-ssh-root.key.age".publicKeys = droppieKeys ++ baseKeys;
2022-08-14 18:25:12 +00:00
2024-01-27 22:53:36 +00:00
"b12f-env-secrets.age".publicKeys = biolimoKeys ++ chocolatebarKeys ++ stroopwafelKeys ++ baseKeys;
2024-01-27 22:53:36 +00:00
".fwknoprc.age".publicKeys = biolimoKeys ++ chocolatebarKeys ++ stroopwafelKeys ++ baseKeys;
2024-01-27 22:53:36 +00:00
"cat-test.ovpn.age".publicKeys = biolimoKeys ++ chocolatebarKeys ++ stroopwafelKeys ++ baseKeys;
2024-01-27 22:53:36 +00:00
"ehex.ovpn.age".publicKeys = biolimoKeys ++ chocolatebarKeys ++ stroopwafelKeys ++ baseKeys;
"ehex-vpn.creds.age".publicKeys = biolimoKeys ++ chocolatebarKeys ++ stroopwafelKeys ++ baseKeys;
2024-01-24 20:17:31 +00:00
"firefly-secrets.env.age".publicKeys = pieKeys ++ baseKeys;
"firefly-db-secrets.env.age".publicKeys = pieKeys ++ baseKeys;
"firefly-importer-secrets.env.age".publicKeys = pieKeys ++ baseKeys;
"firefly-cron-secrets.env.age".publicKeys = pieKeys ++ baseKeys;
"rclone-pie.conf.age".publicKeys = pieKeys ++ baseKeys;
"restic-password.age".publicKeys = pieKeys ++ baseKeys;
2023-10-19 18:55:56 +00:00
"wg-private-chocolatebar.age".publicKeys = chocolatebarKeys ++ baseKeys;
"wg-private-biolimo.age".publicKeys = biolimoKeys ++ baseKeys;
2024-01-27 22:53:36 +00:00
"wg-private-stroopwafel.age".publicKeys = stroopwafelKeys ++ baseKeys;
2023-10-19 18:55:56 +00:00
"wg-private-pie.age".publicKeys = pieKeys ++ baseKeys;
"wg-private-droppie.age".publicKeys = droppieKeys ++ baseKeys;
2023-10-24 15:56:14 +00:00
"wg-private-frikandel-server.age".publicKeys = frikandelKeys ++ baseKeys;
2023-10-21 20:46:17 +00:00
"invoiceplane-db-password.age".publicKeys = pieKeys ++ baseKeys;
"invoiceplane-db-secrets.env.age".publicKeys = pieKeys ++ baseKeys;
2023-11-12 17:33:58 +00:00
"mail@b12f.io-password.age".publicKeys = frikandelKeys ++ baseKeys;
2023-11-13 14:48:05 +00:00
"b12f.io-dkim-private-rsa.age".publicKeys = frikandelKeys ++ baseKeys;
"unbound_control.key.age".publicKeys = pieKeys ++ baseKeys;
"unbound_control.pem.age".publicKeys = pieKeys ++ baseKeys;
"unbound_server.key.age".publicKeys = pieKeys ++ baseKeys;
"unbound_server.pem.age".publicKeys = pieKeys ++ baseKeys;
}