Enable terraform infrastructure management for pub.solar
This commit is contained in:
parent
5ad8c1b30f
commit
bd7b864927
|
@ -20,7 +20,7 @@ in
|
||||||
ansible-lint
|
ansible-lint
|
||||||
restic
|
restic
|
||||||
shellcheck
|
shellcheck
|
||||||
terraform_0_15
|
terraform
|
||||||
tea
|
tea
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
55
secrets/b12f-env-secrets
Normal file
55
secrets/b12f-env-secrets
Normal file
|
@ -0,0 +1,55 @@
|
||||||
|
age-encryption.org/v1
|
||||||
|
-> ssh-rsa kFDS0A
|
||||||
|
A5s6AqsL5vXDpDDaSM8wylfV/ULMuLU0mTkOvSvaI/XtLp1DfH6+hjL1ca5ET+yh
|
||||||
|
pgaCDlv/ITXOSGDawbK3PTLkVoTEVAIgbFTy2d3yP1o91n77d3dqdFMkflxar7wS
|
||||||
|
AnbIYOE0hL9q3BBgO3n00AjojeF0hiV9kdyYMNF3je3zcQPML9poP+QWghX4rpH2
|
||||||
|
W8dRb0LsowtUxREwEZ2i8UDIQ0nM/cwxyxHJ/jcT3VeasXDuXZEpFS/SwJHzFvJT
|
||||||
|
5Ez/+ByOCaJ8E4ShHX8BOuZasikwI9EuiWHCj/eTJXytmFezCWY3ZI3MHjaUXHhL
|
||||||
|
j3v3h1PQ2UxQApuhkG40zF6fhAGK7VFNEgAoF68V2eTB3ugm9qT4SiK392v5EnoU
|
||||||
|
nOKY0PHCCnOgZGOM3Zx1mvZpDdWEpqI5in6bHMWpRjqzTeYwi6P5l/aItqGBm0D5
|
||||||
|
erxwsLQMJLm9EbcSjFw9VYmwFky4jZOFSN9kSc/GiZM6ThZOVa7Dey4wicbU9YVf
|
||||||
|
Ye6eiWjsFCPqXhylgRqFd/gf0MNyp7QNIOlbDmLenWVO/QLB9z0ANiQbz9PEMIng
|
||||||
|
o74CsQeQcfO0hMcggHHMp2LILiNn9S1U429pCEtDGVpojnbtME1n2RMHbHfXpgVM
|
||||||
|
qCf8bzcjgQrZBZrZ438qXiXObUV2R7yrG8AA4ilmKBw
|
||||||
|
-> ssh-ed25519 TnSWKQ ZMWSfg5/Xhz58jMDmucQevWJMx9CR/pvGdcxY9nE9Es
|
||||||
|
n1QCG5p74ScQyFQx6lX2gTU+GLoULlNjjAunp2e6Hjc
|
||||||
|
-> ssh-rsa 8daibg
|
||||||
|
aXyfsNZx2LEnm1ij2KJSyukYwxrPPYxc03xdoFMiPj2KMfdOdVcSRYQeyX3mym/Q
|
||||||
|
mj7SCEZQPmAocvU8KOKphG7+MOvLhgyTdwkf+CBjCiU28pkuDrYjI1j5md9MK4ln
|
||||||
|
auJ/XUJypBmpEp7eduRluk5Mxc82NjPXrGFARjatKj+d2/9PO+1FGawjj+er2FS9
|
||||||
|
BpK9op0mLX0/BXl764Luqsh3pG+p5cSjTAqpfXuO1Dzp1Q3EcOCj2x3sT24elGAf
|
||||||
|
8zOe6yBD+Uo027LAovqUf72Kzg/Fc+YfZbuLp65ybhIY0uF1arg4p+3grzWWBdI0
|
||||||
|
3howkDSudgA9QBkyMsP0mQ6bwyfpYUKFFWpxwaGaVWY/WUXI5K1J2olSgZc60FvW
|
||||||
|
BzQj0TTm8XeKo1i8PBV/er1mrJGwvwvb1VWFBYp/w3hDA/du0cFlfsPIX8WuhORX
|
||||||
|
vRZJQZ5sVHU1qYHBTtwlan5D18AUpMUNZf1XVZb08NMOsez1YSlKHia26CTQurG1
|
||||||
|
KxSxNIe76DEa3q5sLgRDEIvP4JtfKEdKuzPsUYR148ADZSPxVpWpUaYXedsO+JDt
|
||||||
|
JYcsOEJxG1uEvEg2S1heTgpJVK0wK3tp5qODUil0ZyIPo7YXG9frMcOXIkEmxZSm
|
||||||
|
/tzJ0voYzCeCNbrYuv7GsAcPUfXo2zIPJ3b7NkQ01uw
|
||||||
|
-> ssh-rsa kFDS0A
|
||||||
|
Au7S8JypcYKfb01y7hh85V84zhM5JMTF2KN2PGV2l+DsSuTqW5HzrzPOK7gXFfTU
|
||||||
|
Um1tU2SeezORYpbtaCSpNbrkVdOdvcXG+ItJvLIwfAnlsRPNdWYtco18erEiQxkw
|
||||||
|
DrlSqWb+UFHUhoUyaEj7ub2IzFkYxMIabX2PQL+bRY0b9+Bk5wV8LhWVr0OPl6zv
|
||||||
|
TSoZUxMts9JsALAK7AIR7hfA9F9qSRgc5ivPnJddVhxb85bZsg2PPfmLbg2flOmY
|
||||||
|
H8ZH/q7JvZ0D4RVxk3+V1jDDZCYv4eGsqCAqklDPRAnBq7KrDC04XExIXpy/OYhf
|
||||||
|
GDmGrEFfT24ZOIMOJoRDsyECpTD3E81FuDJyn5+hHmTu0qmy6sWaJteOSqbJ46D8
|
||||||
|
vPUhYeLB9b4sSvn0v1viUkRcfJZO6J5Ndh2TMg7SoJ3bOC2gK/sKbUi6w00gfjKg
|
||||||
|
PqdBs+nNaTerKNuEVQnpEwk1jiEbqYAjlcSn40zjXQ84lLXvGVlmoKmV6tAhJsH/
|
||||||
|
W2zfqSzqFRnYky3pCsFEogaUCeIendpb+oR1rVvbHntIPk2x/rEe1fb5NJ2ipPaI
|
||||||
|
UE3R5bRdnZbqgVTXp8oQpHGIysDWMOp05hXlV1yi5L1cfa+av0kufWGh9SxzJ0Hb
|
||||||
|
JHu4gJ3kEDrhSoHaG8+9s0Uhpr6fWNjcK+h3jQELJzI
|
||||||
|
-> ssh-ed25519 2Ca8Kg 7zqdy50BjjvIGcvmaeM0bkSwivSmrkge7ppnHWPMcwg
|
||||||
|
XEjHTeULveua7OsuKHnUSDwDaLBSpjfKzOH5MX6oBbA
|
||||||
|
-> ssh-rsa 2ggJWw
|
||||||
|
A2jGJC1GKUr5hHb4yeluJwYPuslSMBzmR6LehAyCJ17iTkIyO6Km5tfyq6ee0Q+H
|
||||||
|
0wcxiXexzyn1QJhTovpbPSe+fBcBWCnhmyfFCxzPk3cq9ip64ngPmAbim0dLP7PC
|
||||||
|
WUB1B8Ly2nhbT+j5UcZNQt2Q+83SFkqzNIjl+pJbq8Iau3iwWFntbhe0TDqcHsOf
|
||||||
|
Uw+E8UUSsGinYPcXZXrW5ZWNovVgXgr5KCSdX4QfcH7r5qNQMSjNpeT6kOMPg5Qj
|
||||||
|
ad3zTwMusbpDZxQdk6LcKZqlHSUBJxE4GKqtbHQ+JnF8DwolBWpjQUSS/Hz4c/de
|
||||||
|
9YLYYxK0H1IgZpv49alRpexnRuHVUhl1HixJRIpFaNm9tj0ezkt0AK7Y+e5J+x2Y
|
||||||
|
vyitzuuJezG75hBC3fFQLUosJm8kJ0YtqIfQsu/8OjDnZJhjCq0QijxHZexAF+9X
|
||||||
|
HBsMvj+XjGwNj045dN0PQzRPeTT2JAZDNIE/piwUdy9HgAAWdZzFONG2lp3fCl8+
|
||||||
|
|
||||||
|
-> d-grease "9JT y*PWo L yF
|
||||||
|
7Ig0w+Lz7Z8us57rZ/h9hZLNL7KQjcfNQt4jPBG2Qg
|
||||||
|
--- MLI+SiGgDJp5XLYzfpZpXdSgMc9y1+Ufs+NsiVYKp3o
|
||||||
|
>Ïl¾Ÿ€á,ÞJŽ[Ê”lêàü}fT{Ñ¥Þµ<a's;$…°Å.À~k®œ‰)˜¡L\Å6"‡…ß«‚ dó$ÿ.ƒ? Y)‰…“úJÅ›÷Â)‹¼þ;¥Q—6±„Ów&‡A…?SŸt°^©òzƒG*t‘Ó«OŠXlˆÁ<14>ˆÍ{ÞI£û¶Ç½ž²ÓäO±»øûUŒýGuø
|
|
@ -57,4 +57,6 @@ in
|
||||||
"dyndns-droppie.key".publicKeys = droppieKeys;
|
"dyndns-droppie.key".publicKeys = droppieKeys;
|
||||||
|
|
||||||
"mopidy.conf".publicKeys = allKeys;
|
"mopidy.conf".publicKeys = allKeys;
|
||||||
|
|
||||||
|
"b12f-env-secrets".publicKeys = biolimoKeys ++ chocolatebarKeys;
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
{ config, hmUsers, pkgs, lib, ... }:
|
{ self, config, hmUsers, pkgs, lib, ... }:
|
||||||
let
|
let
|
||||||
psCfg = config.pub-solar;
|
psCfg = config.pub-solar;
|
||||||
in
|
in
|
||||||
|
@ -12,6 +12,12 @@ in
|
||||||
|
|
||||||
services.yubikey-agent.enable = true;
|
services.yubikey-agent.enable = true;
|
||||||
|
|
||||||
|
age.secrets.b12f-env-secrets = {
|
||||||
|
file = "${self}/secrets/b12f-env-secrets";
|
||||||
|
mode = "400";
|
||||||
|
owner = psCfg.user.name;
|
||||||
|
};
|
||||||
|
|
||||||
pub-solar = {
|
pub-solar = {
|
||||||
# These are your personal settings
|
# These are your personal settings
|
||||||
# The only required settings are `name` and `password`,
|
# The only required settings are `name` and `password`,
|
||||||
|
|
|
@ -103,6 +103,10 @@ in
|
||||||
xdg.configFile."offlineimap/config".source = ./.config/offlineimap/config;
|
xdg.configFile."offlineimap/config".source = ./.config/offlineimap/config;
|
||||||
xdg.configFile."msmtp/config".source = ./.config/msmtp/config;
|
xdg.configFile."msmtp/config".source = ./.config/msmtp/config;
|
||||||
# xdg.configFile."wallpaper.jpg".source = ./assets/wallpaper.jpg;
|
# xdg.configFile."wallpaper.jpg".source = ./assets/wallpaper.jpg;
|
||||||
|
|
||||||
|
programs.zsh = {
|
||||||
|
initExtra = import ./zshrc.nix { inherit config; };
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
age.secrets."mopidy.conf" = {
|
age.secrets."mopidy.conf" = {
|
||||||
|
|
4
users/ben/zshrc.nix
Normal file
4
users/ben/zshrc.nix
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
{ config, ... }:
|
||||||
|
''
|
||||||
|
source ${config.age.secrets.b12f-env-secrets.path}
|
||||||
|
''
|
Loading…
Reference in a new issue