Enable terraform infrastructure management for pub.solar
This commit is contained in:
parent
5ad8c1b30f
commit
bd7b864927
|
@ -20,7 +20,7 @@ in
|
|||
ansible-lint
|
||||
restic
|
||||
shellcheck
|
||||
terraform_0_15
|
||||
terraform
|
||||
tea
|
||||
];
|
||||
};
|
||||
|
|
55
secrets/b12f-env-secrets
Normal file
55
secrets/b12f-env-secrets
Normal file
|
@ -0,0 +1,55 @@
|
|||
age-encryption.org/v1
|
||||
-> ssh-rsa kFDS0A
|
||||
A5s6AqsL5vXDpDDaSM8wylfV/ULMuLU0mTkOvSvaI/XtLp1DfH6+hjL1ca5ET+yh
|
||||
pgaCDlv/ITXOSGDawbK3PTLkVoTEVAIgbFTy2d3yP1o91n77d3dqdFMkflxar7wS
|
||||
AnbIYOE0hL9q3BBgO3n00AjojeF0hiV9kdyYMNF3je3zcQPML9poP+QWghX4rpH2
|
||||
W8dRb0LsowtUxREwEZ2i8UDIQ0nM/cwxyxHJ/jcT3VeasXDuXZEpFS/SwJHzFvJT
|
||||
5Ez/+ByOCaJ8E4ShHX8BOuZasikwI9EuiWHCj/eTJXytmFezCWY3ZI3MHjaUXHhL
|
||||
j3v3h1PQ2UxQApuhkG40zF6fhAGK7VFNEgAoF68V2eTB3ugm9qT4SiK392v5EnoU
|
||||
nOKY0PHCCnOgZGOM3Zx1mvZpDdWEpqI5in6bHMWpRjqzTeYwi6P5l/aItqGBm0D5
|
||||
erxwsLQMJLm9EbcSjFw9VYmwFky4jZOFSN9kSc/GiZM6ThZOVa7Dey4wicbU9YVf
|
||||
Ye6eiWjsFCPqXhylgRqFd/gf0MNyp7QNIOlbDmLenWVO/QLB9z0ANiQbz9PEMIng
|
||||
o74CsQeQcfO0hMcggHHMp2LILiNn9S1U429pCEtDGVpojnbtME1n2RMHbHfXpgVM
|
||||
qCf8bzcjgQrZBZrZ438qXiXObUV2R7yrG8AA4ilmKBw
|
||||
-> ssh-ed25519 TnSWKQ ZMWSfg5/Xhz58jMDmucQevWJMx9CR/pvGdcxY9nE9Es
|
||||
n1QCG5p74ScQyFQx6lX2gTU+GLoULlNjjAunp2e6Hjc
|
||||
-> ssh-rsa 8daibg
|
||||
aXyfsNZx2LEnm1ij2KJSyukYwxrPPYxc03xdoFMiPj2KMfdOdVcSRYQeyX3mym/Q
|
||||
mj7SCEZQPmAocvU8KOKphG7+MOvLhgyTdwkf+CBjCiU28pkuDrYjI1j5md9MK4ln
|
||||
auJ/XUJypBmpEp7eduRluk5Mxc82NjPXrGFARjatKj+d2/9PO+1FGawjj+er2FS9
|
||||
BpK9op0mLX0/BXl764Luqsh3pG+p5cSjTAqpfXuO1Dzp1Q3EcOCj2x3sT24elGAf
|
||||
8zOe6yBD+Uo027LAovqUf72Kzg/Fc+YfZbuLp65ybhIY0uF1arg4p+3grzWWBdI0
|
||||
3howkDSudgA9QBkyMsP0mQ6bwyfpYUKFFWpxwaGaVWY/WUXI5K1J2olSgZc60FvW
|
||||
BzQj0TTm8XeKo1i8PBV/er1mrJGwvwvb1VWFBYp/w3hDA/du0cFlfsPIX8WuhORX
|
||||
vRZJQZ5sVHU1qYHBTtwlan5D18AUpMUNZf1XVZb08NMOsez1YSlKHia26CTQurG1
|
||||
KxSxNIe76DEa3q5sLgRDEIvP4JtfKEdKuzPsUYR148ADZSPxVpWpUaYXedsO+JDt
|
||||
JYcsOEJxG1uEvEg2S1heTgpJVK0wK3tp5qODUil0ZyIPo7YXG9frMcOXIkEmxZSm
|
||||
/tzJ0voYzCeCNbrYuv7GsAcPUfXo2zIPJ3b7NkQ01uw
|
||||
-> ssh-rsa kFDS0A
|
||||
Au7S8JypcYKfb01y7hh85V84zhM5JMTF2KN2PGV2l+DsSuTqW5HzrzPOK7gXFfTU
|
||||
Um1tU2SeezORYpbtaCSpNbrkVdOdvcXG+ItJvLIwfAnlsRPNdWYtco18erEiQxkw
|
||||
DrlSqWb+UFHUhoUyaEj7ub2IzFkYxMIabX2PQL+bRY0b9+Bk5wV8LhWVr0OPl6zv
|
||||
TSoZUxMts9JsALAK7AIR7hfA9F9qSRgc5ivPnJddVhxb85bZsg2PPfmLbg2flOmY
|
||||
H8ZH/q7JvZ0D4RVxk3+V1jDDZCYv4eGsqCAqklDPRAnBq7KrDC04XExIXpy/OYhf
|
||||
GDmGrEFfT24ZOIMOJoRDsyECpTD3E81FuDJyn5+hHmTu0qmy6sWaJteOSqbJ46D8
|
||||
vPUhYeLB9b4sSvn0v1viUkRcfJZO6J5Ndh2TMg7SoJ3bOC2gK/sKbUi6w00gfjKg
|
||||
PqdBs+nNaTerKNuEVQnpEwk1jiEbqYAjlcSn40zjXQ84lLXvGVlmoKmV6tAhJsH/
|
||||
W2zfqSzqFRnYky3pCsFEogaUCeIendpb+oR1rVvbHntIPk2x/rEe1fb5NJ2ipPaI
|
||||
UE3R5bRdnZbqgVTXp8oQpHGIysDWMOp05hXlV1yi5L1cfa+av0kufWGh9SxzJ0Hb
|
||||
JHu4gJ3kEDrhSoHaG8+9s0Uhpr6fWNjcK+h3jQELJzI
|
||||
-> ssh-ed25519 2Ca8Kg 7zqdy50BjjvIGcvmaeM0bkSwivSmrkge7ppnHWPMcwg
|
||||
XEjHTeULveua7OsuKHnUSDwDaLBSpjfKzOH5MX6oBbA
|
||||
-> ssh-rsa 2ggJWw
|
||||
A2jGJC1GKUr5hHb4yeluJwYPuslSMBzmR6LehAyCJ17iTkIyO6Km5tfyq6ee0Q+H
|
||||
0wcxiXexzyn1QJhTovpbPSe+fBcBWCnhmyfFCxzPk3cq9ip64ngPmAbim0dLP7PC
|
||||
WUB1B8Ly2nhbT+j5UcZNQt2Q+83SFkqzNIjl+pJbq8Iau3iwWFntbhe0TDqcHsOf
|
||||
Uw+E8UUSsGinYPcXZXrW5ZWNovVgXgr5KCSdX4QfcH7r5qNQMSjNpeT6kOMPg5Qj
|
||||
ad3zTwMusbpDZxQdk6LcKZqlHSUBJxE4GKqtbHQ+JnF8DwolBWpjQUSS/Hz4c/de
|
||||
9YLYYxK0H1IgZpv49alRpexnRuHVUhl1HixJRIpFaNm9tj0ezkt0AK7Y+e5J+x2Y
|
||||
vyitzuuJezG75hBC3fFQLUosJm8kJ0YtqIfQsu/8OjDnZJhjCq0QijxHZexAF+9X
|
||||
HBsMvj+XjGwNj045dN0PQzRPeTT2JAZDNIE/piwUdy9HgAAWdZzFONG2lp3fCl8+
|
||||
|
||||
-> d-grease "9JT y*PWo L yF
|
||||
7Ig0w+Lz7Z8us57rZ/h9hZLNL7KQjcfNQt4jPBG2Qg
|
||||
--- MLI+SiGgDJp5XLYzfpZpXdSgMc9y1+Ufs+NsiVYKp3o
|
||||
>Ïl¾Ÿ€á,ÞJŽ[Ê”lêàü}fT{Ñ¥Þµ<a's;$…°Å.À~k®œ‰)˜¡L\Å6"‡…ß«‚ dó$ÿ.ƒ? Y)‰…“úJÅ›÷Â)‹¼þ;¥Q—6±„Ów&‡A…?SŸt°^©òzƒG*t‘Ó«OŠXlˆÁ<14>ˆÍ{ÞI£û¶Ç½ž²ÓäO±»øûUŒýGuø
|
|
@ -57,4 +57,6 @@ in
|
|||
"dyndns-droppie.key".publicKeys = droppieKeys;
|
||||
|
||||
"mopidy.conf".publicKeys = allKeys;
|
||||
|
||||
"b12f-env-secrets".publicKeys = biolimoKeys ++ chocolatebarKeys;
|
||||
}
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ config, hmUsers, pkgs, lib, ... }:
|
||||
{ self, config, hmUsers, pkgs, lib, ... }:
|
||||
let
|
||||
psCfg = config.pub-solar;
|
||||
in
|
||||
|
@ -12,6 +12,12 @@ in
|
|||
|
||||
services.yubikey-agent.enable = true;
|
||||
|
||||
age.secrets.b12f-env-secrets = {
|
||||
file = "${self}/secrets/b12f-env-secrets";
|
||||
mode = "400";
|
||||
owner = psCfg.user.name;
|
||||
};
|
||||
|
||||
pub-solar = {
|
||||
# These are your personal settings
|
||||
# The only required settings are `name` and `password`,
|
||||
|
|
|
@ -103,6 +103,10 @@ in
|
|||
xdg.configFile."offlineimap/config".source = ./.config/offlineimap/config;
|
||||
xdg.configFile."msmtp/config".source = ./.config/msmtp/config;
|
||||
# xdg.configFile."wallpaper.jpg".source = ./assets/wallpaper.jpg;
|
||||
|
||||
programs.zsh = {
|
||||
initExtra = import ./zshrc.nix { inherit config; };
|
||||
};
|
||||
};
|
||||
|
||||
age.secrets."mopidy.conf" = {
|
||||
|
|
4
users/ben/zshrc.nix
Normal file
4
users/ben/zshrc.nix
Normal file
|
@ -0,0 +1,4 @@
|
|||
{ config, ... }:
|
||||
''
|
||||
source ${config.age.secrets.b12f-env-secrets.path}
|
||||
''
|
Loading…
Reference in a new issue