fix: add secrets to nougat-2
This commit is contained in:
parent
21b6bc56fb
commit
fd07ef9a84
|
@ -188,11 +188,16 @@
|
|||
path = self.pkgs.x86_64-linux.nixos.deploy-rs.lib.activate.home-manager self.homeConfigurationsPortable.x86_64-linux.barkeeper;
|
||||
};
|
||||
};
|
||||
|
||||
nougat-2 = {
|
||||
sshUser = "yule";
|
||||
hostname = "nougat-2.b12f.io";
|
||||
fastConnect = true;
|
||||
profilesOrder = ["system" "direnv"];
|
||||
profiles.direnv = {
|
||||
user = "barkeeper";
|
||||
path = self.pkgs.x86_64-linux.nixos.deploy-rs.lib.activate.home-manager self.homeConfigurationsPortable.x86_64-linux.barkeeper;
|
||||
};
|
||||
};
|
||||
#example = {
|
||||
# hostname = "example.com:22";
|
||||
|
|
|
@ -15,8 +15,8 @@
|
|||
''}";
|
||||
};
|
||||
in {
|
||||
age.secrets."hosting.de-api.key" = {
|
||||
file = "${self}/secrets/hosting.de-api.key";
|
||||
age.secrets."hosting.de-api-key.age" = {
|
||||
file = "${self}/secrets/hosting.de-api-key.age";
|
||||
mode = "440";
|
||||
group = "acme";
|
||||
};
|
||||
|
@ -43,8 +43,8 @@ in {
|
|||
isReadOnly = false;
|
||||
};
|
||||
|
||||
"${config.age.secrets."hosting.de-api.key".path}" = {
|
||||
hostPath = "${config.age.secrets."hosting.de-api.key".path}";
|
||||
"${config.age.secrets."hosting.de-api-key.age".path}" = {
|
||||
hostPath = "${config.age.secrets."hosting.de-api-key.age".path}";
|
||||
isReadOnly = true;
|
||||
};
|
||||
};
|
||||
|
|
|
@ -1,7 +1,5 @@
|
|||
{suites, ...}: {
|
||||
imports =
|
||||
[
|
||||
./nougat-2.nix
|
||||
]
|
||||
++ suites.nougat-2;
|
||||
{...}: {
|
||||
imports = [
|
||||
./nougat-2.nix
|
||||
];
|
||||
}
|
||||
|
|
|
@ -3,6 +3,7 @@
|
|||
pkgs,
|
||||
lib,
|
||||
self,
|
||||
profiles,
|
||||
fix-atomic-container-restartsModulesPath,
|
||||
...
|
||||
}:
|
||||
|
@ -13,6 +14,11 @@ in {
|
|||
imports = [
|
||||
./configuration.nix
|
||||
|
||||
profiles.base-user
|
||||
profiles.users.root # make sure to configure ssh keys
|
||||
profiles.users.barkeeper
|
||||
|
||||
|
||||
./acme.nix
|
||||
./caddy.nix
|
||||
./keycloak.nix
|
||||
|
|
21
secrets/hosting.de-api-key.age
Normal file
21
secrets/hosting.de-api-key.age
Normal file
|
@ -0,0 +1,21 @@
|
|||
age-encryption.org/v1
|
||||
-> ssh-ed25519 Y0ZZaw mpeEJ0Pmd9BR/HQ6tcY4H38pCNrel+8L6WgnPj77ByQ
|
||||
UdF11WoYedaNjDwLhGplUlHYtAW9wSTLrf6BMSQGXa8
|
||||
-> ssh-ed25519 BVsyTA V8CrvHHBOPuJE6xqdQlC+dLoc5CU625aysWOk8oS6Sw
|
||||
jJtQYWFVhCwwBGpQph8WNKPNLWrXiJVJj05EY0PZFzw
|
||||
-> ssh-rsa kFDS0A
|
||||
QXSYUXN04FSQofXobqNcPEApTKsDcUJV6eXYpS+9HffRE1PDt5JKRXWMk+3RMw0Z
|
||||
fBlWPBMmS4M/letqH3PHG1gFv6MFrGaddfJbZo4FYUzMNeT+Fh5ZWM2bQO6iczd9
|
||||
WUYYKonOzgRd8Nwg3DAHxJ8zXzocHp6F+cAqnw4y1ou50erVDMEIQ+wc16R8yT3t
|
||||
OEKfz2Vr8FadAsCw2JBqouwyvdM6bd/+AjnJZbFrIq/gKlgIe0KuSZK1lr08v2aL
|
||||
Nbk0bykb83N22kIG7kecYuY9Tz/Jh0geotkti7MIcsLez6OQW0+IC9bDZ/Swl/Cb
|
||||
oXJdrjRCZipD1PKGdxzyb+bXZHmk778kc9WHB8NRas8ICFcOS0Pu0JMjhEfU2rER
|
||||
QQoYAmk1mmJGDW1DVv90VUb2RokpF6QuzgIjfJUi7R7JLPcahBvfJRa8gytC33OP
|
||||
Nr733zR5NP06b3LMdjjUyiYyf0cyZG9Qxra8aN2kAlT/mHZe+v9m4piHrJ1b+j73
|
||||
pyZPNa9w5AXl942fV5DbERRpXtP1kc3bO776All8X7ARy5GaHpHmvmEE1ooDhicS
|
||||
iSvEm5c/BvgTBijXqsXk/SkIoFiLrGQ4wkTjNpeTsX25ghZc1W5gHrcDY7QtdDLz
|
||||
RotNg5klu2XZR5mB7hFPUoXwGhwYc5l1mf05/2tEkVs
|
||||
-> E>o)tKn-grease T9%P;\g
|
||||
y6At0SwlBQ5jKI7Rj9ceRCqW3gH+b+7K0rLp0w
|
||||
--- ABiFxl1ZHUSZJPkagpG0QNgvWeWrJsBtCvDImCQHULQ
|
||||
a$£ÑÖt/³\“h”åÙPD߸AëÑy¦]ö¯p÷ÛF#HŒM%<25>gÝ3p)^ˆc~]Ú–ªPKÕÝ4:õ‚ê,cœF Ó5éƉÀ
|
20
secrets/hosting.de-api.key
Normal file
20
secrets/hosting.de-api.key
Normal file
|
@ -0,0 +1,20 @@
|
|||
age-encryption.org/v1
|
||||
-> ssh-rsa kFDS0A
|
||||
MLbUT2OZ5uLq2uC4GdBNhQqrN8BjF3FibWT5NpfcL+ryr5wI1HfHnTINQR1SfcP6
|
||||
e7YF2+lJXiI+Clp+V3/eG5mDMXo358lr1usQPo3AJp0L/F+ZXuYgXIYgp/H6CpX7
|
||||
ztVM3BavlwvKibiFzpJVESIQW/aMp+fotTG5BBCzQ9P5ejpRCyBnw023VXG4bul6
|
||||
kSBbjaclmXAB/kErB/CBrQX8khYzy/sPWMeyKfNpQNRebwHfwifSKtwvl9CrII0S
|
||||
6UAK6oKhi+5heqCtn0t2ToY+Jo9ccMjf1tKuQkUkT9gxJqalYakK9Z/Cn1YjteS1
|
||||
/QBE+pVNJYtqeND2kWoh7GDgHMN3RpSOZTTfLYWMatfwdZn78y5Qnri6GxKMMpcH
|
||||
HJjFR3/u08sa5Z6QJN5ajMCze5QEVCfkbP7OUvdD77JagoR2TGphJXHWuHBBjNT0
|
||||
67GnaVjtjBSkPc2wHaB9jXCLcpkYtx2JwvcYIBmyzu+uw3dVXekT54dXMckW04B9
|
||||
2A+zH35yNX7cG1BdAaqXsj0q8XHLi+ZyyZBB/OSXFaz07JI8Uo7V17MU6N+yFCbn
|
||||
UeIh82gingQU1+OBRSi1Qbee76RqRGOB9oJywxWYoj0tfCb5j+CW0UH18rKRCy1p
|
||||
nbyIY2mp1pVMVnkv+UH5HDJZYTVt6H8HllKZcqy8tUQ
|
||||
-> ssh-ed25519 cakP9w r7YM3I761Ly8mdPE5Aue4piOtU2WuBCX/ZkuODcC11E
|
||||
+FGBvDNQiChuuYWGzo9lKiFGWtkGpd+h+zbi0fjR610
|
||||
-> f(eo)$--grease = zT<uk K? Ijd3$!v
|
||||
H/OGi9ibCTdNA59VlE4PWHH0sxeAehnSHPboQdGqc+mRBWhmyhuN0flH0lSc+Psq
|
||||
NM0a5Cwz6j3FYrQDi2H20oFCLCaHNm4UDkzMhhL/0UYvgQ
|
||||
--- OBqMSFnHs3uuRccjWbid3GxwdVDy+5rbWohAFal4HGM
|
||||
¿Àä]y÷=¡0µÑYÒ†¢•÷jQ˜ZŸÓ€^þåÊBåò-$'mÄ…þÖ<C3BE>ݵ•ö:Rš/M{^–ƬDdzlFGo]ß`‚£›î¤D”î
|
|
@ -1,21 +1,20 @@
|
|||
age-encryption.org/v1
|
||||
-> ssh-ed25519 Y0ZZaw 6Ab765r1KhdPSNomPyArPOa9EpOK1gJH1O/2ImGovDE
|
||||
AbIsUHJvTypKJbOE3LuLFXYkIzfTXxRmiLFy91HzaUE
|
||||
-> ssh-ed25519 BVsyTA tCs+TlkHQMbqgeN28U2aLo3luZNHRemLKbsqX8gOSWU
|
||||
PU1JXT1JjKeSZ5cybTuq+WOipWWmqhHGLtEVHi1/8pg
|
||||
-> ssh-rsa kFDS0A
|
||||
TQbtZUL6l+DJxir6AVNUWMNPXrzJ6Ns3xb2C9s+lXsvlTlm834H8nt/JxJBCeRoH
|
||||
ymH0PcXKHCk54iPypW5KqFRIwoDYBTi3t3fSqjyLQk4eFNBjByGy+IVAaF6dcS5y
|
||||
+pYwpZxgshv8u6iSEiRgLvqp0bIs/g/tPHowZ6ezlpyKOzh3+KRYK7e82dJFznwb
|
||||
Q9V+PdWZJLqobbo4bmz7nT3qNlS75tpcVk2FAwsNB1pk3Q4ucbQb33eslSny93s9
|
||||
DjGCQFOMCkSZwKk98jV8aV01Liu4+tgMty5Sb6+Ei/tt+4TvjlX3t6hl9kvCVQNn
|
||||
gXjc1y2FxfuwN7hTnFYM6QAwB4ETUPwsyqoOAzfFWzpQNpit+ZOtRMw42gcSkhA7
|
||||
RcyHeYGtQCeK+MKU9YaWZrDZjFjwpA7oxVkBGk6Xd6drVfw0tMurXpruuIzswo2Q
|
||||
iwdSGNsyAmMAKIoAWrjyxuXodgAwii8JgLr93IfkEuOQ/izQQ5sJCFP4Q4pB/Svk
|
||||
8yG62fflaJ6epTn2uEBD9EDqlNCGpDwNwdBnASdpcSCeooCqcqDIHpk0VJly+HiQ
|
||||
VyxpD+3ZfaguUkiVC44oxAkQocitj8ypNmuGqphG+1ReN4ew8xi74f0WWq4lxkY4
|
||||
DieriNG+NG4JS7SgUTz5ZStYbOuIJJ/n82TcejWkJGM
|
||||
-> dqJ?-grease .CNJ%TkE
|
||||
D6Hq2UnwetlWfmLWLcijubdNB2uJNjRRIw
|
||||
--- +wyqgdU3ahUepcqy53z01275bJE6CadK4+yXH0bSvuI
|
||||
ò¡ˆœÃ¿ÆV-j‘^/u˜»¼y{ŽÊ‹”Ášj¾Éø 7@¡øâhõ´©‘$†p«·íÜ—Q˜Ý'k œ£äz•<>š#ö:¦<>„‚àˆ·,¿4v}1š<C5A1>Ðr¥Áüje›V
|
||||
DWQcu9+8Tt6PbnhhtjaEh4JwKckPzGp8T886OitKmT36ONeX1xm4rxUV1BlZJESH
|
||||
bBUorgCjlVeNadhrvMH6f79iq84Itz3wFsRn3wtXTHPjyOjXKq3mBFCZchkNQXrQ
|
||||
kAlHVSU4KxArWdDgxZlSDDjqVKUO2otOax0jQIrATyoyXxydv3IrY+I/QJNXyMVV
|
||||
TWWur2MjLfRtXf8pKhKHhZMGthOtnYRYJplR638hw4TQ0j4/7J34qcZZgNoo4pUY
|
||||
FHO1xLqxdRzMiE5Kn7drhJ667QeEANZUr1sPjejXahMx/oYatpZ7YxDk2l8P4bcO
|
||||
qAiQ5Z3h1wfhfhHJWLCXac9jBifZeMXXsi43lB7/A+8OCPPZbJam6ng9Nqi6q52S
|
||||
nCwY54c50mDp1iS8b8coBnVqr4JPA+mipy31KGmbysxjKRV7SovYuPq6xzGzL9gO
|
||||
nAxpvwGuPShuKQMQ373u0NL5Fx3gnSwBpDax9Q8ZIvkn/iGIjntQj8IaDDXUtOUg
|
||||
6r3wQD8m8C54q8hdOeb8dvDTb8YkXJGumikOwx04KhhX/MJbIMpwSmhZGHdCY44v
|
||||
qhTQcnudnPUskTZsenY4pw9LOdzuVeLqGL2359qvw8w8KTNtZfeif0xCpWBKMOw8
|
||||
F3wdYRaowGp0Hqi1wb+mKtiz4Tyx93crkflrpxs5hT8
|
||||
-> ssh-ed25519 cakP9w m4+f1g38ZLRWqO1eKOSnu/0wJ+ou4j/4VgR8IJhh9Bc
|
||||
1MkqVLAk5hZyyvjVSU7ScIitGkIiQlCl7oxJCBw7xmE
|
||||
-> Bp=k^MJA-grease
|
||||
iP4iWQsV1F2QEiShf0j9AhCUq+SXOxQ
|
||||
--- d1wE82sM45YxhJkxchil/8TFhZMjyDVSySvgS6BQCck
|
||||
dV¿ÏQ“rJ8¿ýörøg(¤âì‡
|
||||
êiàŽfï6O¸#ßãõWj,ÌÛdq—<xŸòOÑŒ^}-p9<70>`B
|
|
@ -23,4 +23,5 @@ in {
|
|||
"mailman-core-secrets.age".publicKeys = deployKeys;
|
||||
"mailman-web-secrets.age".publicKeys = deployKeys;
|
||||
"mailman-db-secrets.age".publicKeys = deployKeys;
|
||||
"hosting.de-api-key.age".publicKeys = deployKeys;
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue