110 lines
5.1 KiB
Nix
110 lines
5.1 KiB
Nix
let
|
|
bbcom = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCmXpOU6vzQiVSSYCoxHYv7wDxC63Qg3dxlAMR6AOzwIABCU5PFFNcO0NWYms/YR7MOViorl+19LCLRABar9JgHU1n+uqxKV6eGph3OPeMp5sN8LAh7C9N+TZj8iJzBxQ3ch+Z/LdmLRwYNJ7KSUI+gwGK6xRS3+z1022Y4P0G0sx7IeCBl4lealQEIIF10ZOfjUdBcLQar7XTc5AxyGKnHCerXHRtccCoadLQujk0AvPXbv3Ma4JwX9X++AnCWRWakqS5UInu2tGuZ/6Hrjd2a9AKWjTaBVDcbYqCvY4XVuMj2/A2bCceFBaoi41apybSk26FSFTU4qiEUNQ6lxeOwG4+1NCXyHe2bGI4VyoxinDYa8vLLzXIRfTRA0qoGfCweXNeWPf0jMqASkUKaSOH5Ot7O5ps34r0j9pWzavDid8QeKJPyhxKuF1a5G4iBEZ0O9vuti60dPSjJPci9oTxbune2/jb7Sa0yO06DtLFJ2ncr5f70s/BDxKk4XIwQLy+KsvzlQEGdY8yA6xv28bOGxL3sQ0HE2pDTsvIbAisVOKzdJeolStL9MM5W8Hg0r/KkGj2bg0TfoRp1xHV9hjKkvJrsQ6okaPvNFeZq0HXzPhWMOVQ+/46z80uaQ1ByRLr3FTwuWJ7F/73ndfxiq6bDE4z2Ji0vOjeWJm6HCxTdGw== hello@benjaminbaedorf.com";
|
|
|
|
yubi485 = "age1yubikey1qgxuu2x3uzw7k5pg5sp2dv43edhwdz3xuhj7kjqrnw0p8t0l67c5yz9nm6q";
|
|
yubi464 = "age1yubikey1qd7szmr9ux2znl4x4hzykkwaru60nr4ufu6kdd88sm7657gjz4x5w0jy4y7";
|
|
|
|
biolimo-host = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBZzg8pfVtFonx/IvO2MKG5uVF/sMJAOt1Ifm9Vds2eA root@biolimo";
|
|
|
|
chocolatebar-host = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINZT3QrKugNTWNOwYziQnxrT5zFqWQDafWjScDuIpMhN root@chocolatebar";
|
|
|
|
droppie-host = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFRFv780IMIb+zAVzuz+s5tU69+HEyRu+F7mEIIutim2 root@droppie";
|
|
|
|
pie-host = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINcTORdlVno0B9R6Yh9qmlOZKA/ZQ8RBzXK7/1rBbE02 root@pie.local";
|
|
|
|
frikandel-host = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPzrEsby3KYpKRuSnTMp2Iq4ENgucQUy6SJ+906nwllS root@frikandel";
|
|
|
|
stroopwafel-host = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPRIQDpUwUFPzgRtL+FaPyTHE9Dsfg/tyyyhYu5idLkt root@stroopwafel";
|
|
|
|
baseKeys = [
|
|
bbcom
|
|
yubi485
|
|
yubi464
|
|
];
|
|
|
|
stroopwafelKeys = [
|
|
stroopwafel-host
|
|
];
|
|
|
|
biolimoKeys = [
|
|
biolimo-host
|
|
];
|
|
|
|
chocolatebarKeys = [
|
|
chocolatebar-host
|
|
];
|
|
|
|
droppieKeys = [
|
|
droppie-host
|
|
];
|
|
|
|
pieKeys = [
|
|
pie-host
|
|
];
|
|
|
|
frikandelKeys = [
|
|
frikandel-host
|
|
];
|
|
in {
|
|
"dyndns.key.age".publicKeys = pieKeys ++ baseKeys;
|
|
"hosting-de-acme-secrets.age".publicKeys = droppieKeys ++ pieKeys ++ frikandelKeys ++ baseKeys;
|
|
"hosting-de-invoice-sync-api-key.age".publicKeys = pieKeys ++ baseKeys;
|
|
|
|
"droppie-ssh-root.key.age".publicKeys = droppieKeys ++ baseKeys;
|
|
|
|
"b12f-env-secrets.age".publicKeys = biolimoKeys ++ chocolatebarKeys ++ stroopwafelKeys ++ baseKeys;
|
|
|
|
".fwknoprc.age".publicKeys = biolimoKeys ++ chocolatebarKeys ++ stroopwafelKeys ++ baseKeys;
|
|
|
|
"cat-test.ovpn.age".publicKeys = biolimoKeys ++ chocolatebarKeys ++ stroopwafelKeys ++ baseKeys;
|
|
|
|
"ehex.ovpn.age".publicKeys = biolimoKeys ++ chocolatebarKeys ++ stroopwafelKeys ++ baseKeys;
|
|
"ehex-vpn.creds.age".publicKeys = biolimoKeys ++ chocolatebarKeys ++ stroopwafelKeys ++ baseKeys;
|
|
|
|
"id_ed25519_sk-485.age".publicKeys = biolimoKeys ++ chocolatebarKeys ++ stroopwafelKeys ++ baseKeys;
|
|
"id_ed25519_sk-464.age".publicKeys = biolimoKeys ++ chocolatebarKeys ++ stroopwafelKeys ++ baseKeys;
|
|
|
|
"u2f_keys.age".publicKeys = biolimoKeys ++ chocolatebarKeys ++ stroopwafelKeys ++ baseKeys;
|
|
|
|
"firefly-secrets.env.age".publicKeys = pieKeys ++ baseKeys;
|
|
"firefly-db-secrets.env.age".publicKeys = pieKeys ++ baseKeys;
|
|
"firefly-importer-secrets.env.age".publicKeys = pieKeys ++ baseKeys;
|
|
"firefly-cron-secrets.env.age".publicKeys = pieKeys ++ baseKeys;
|
|
|
|
"authelia-storage-encryption-key.age".publicKeys = pieKeys ++ baseKeys;
|
|
"authelia-session-secret.age".publicKeys = pieKeys ++ baseKeys;
|
|
"authelia-jwt-secret.age".publicKeys = pieKeys ++ baseKeys;
|
|
"authelia-users-file.age".publicKeys = pieKeys ++ baseKeys;
|
|
|
|
"rclone-pubsolar.conf.age".publicKeys = pieKeys ++ frikandelKeys ++ stroopwafelKeys ++ chocolatebarKeys ++ baseKeys;
|
|
"restic-password.age".publicKeys = pieKeys ++ frikandelKeys ++ stroopwafelKeys ++ chocolatebarKeys ++ baseKeys;
|
|
|
|
"paperless.env.age".publicKeys = pieKeys ++ baseKeys;
|
|
|
|
"wg-private-chocolatebar.age".publicKeys = chocolatebarKeys ++ baseKeys;
|
|
"wg-private-biolimo.age".publicKeys = biolimoKeys ++ baseKeys;
|
|
"wg-private-stroopwafel.age".publicKeys = stroopwafelKeys ++ baseKeys;
|
|
"wg-private-pie.age".publicKeys = pieKeys ++ baseKeys;
|
|
"wg-private-droppie.age".publicKeys = droppieKeys ++ baseKeys;
|
|
"wg-private-frikandel-server.age".publicKeys = frikandelKeys ++ baseKeys;
|
|
|
|
"wg-tunnel-stroopwafel.age".publicKeys = stroopwafelKeys ++ baseKeys;
|
|
"wg-tunnel-droppie.age".publicKeys = droppieKeys ++ baseKeys;
|
|
|
|
"wg-pub-solar-stroopwafel.age".publicKeys = stroopwafelKeys ++ baseKeys;
|
|
|
|
"wg-ehex-stroopwafel.age".publicKeys = stroopwafelKeys ++ baseKeys;
|
|
|
|
"invoiceplane-db-password.age".publicKeys = pieKeys ++ baseKeys;
|
|
"invoiceplane-db-secrets.env.age".publicKeys = pieKeys ++ baseKeys;
|
|
|
|
"mail@b12f.io-password.age".publicKeys = pieKeys ++ frikandelKeys ++ baseKeys;
|
|
|
|
"b12f.io-dkim-private-rsa.age".publicKeys = frikandelKeys ++ baseKeys;
|
|
|
|
"unbound_control.key.age".publicKeys = pieKeys ++ frikandelKeys ++ baseKeys;
|
|
"unbound_control.pem.age".publicKeys = pieKeys ++ frikandelKeys ++ baseKeys;
|
|
"unbound_server.key.age".publicKeys = pieKeys ++ frikandelKeys ++ baseKeys;
|
|
"unbound_server.pem.age".publicKeys = pieKeys ++ frikandelKeys ++ baseKeys;
|
|
}
|