os/secrets/secrets.nix

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

20 lines
933 B
Nix
Raw Normal View History

let
# set ssh public keys here for your system and user
machines = {
dumpyourvms = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILDATEWAgDZFfYs1ZPh33Kg4sqQ9tWMVKyk8XqFu3Koe host@dumpyourvms";
ryzensun = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH/l7MfEmt510BMeNjuXNPmZ0brcQidvrrpcea+qJMjX root@ryzensun";
};
users = {
teutat3s = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHcU6KPy4b1MQXd6EJhcYwbJu7E+0IrBZF/IP6T7gbMf teutat3s@dumpyourvms";
teutat3s-5-nfc = "age1yubikey1qdxpc9qenrkhqxnu2p6sgyfxhnxcvz99jcaq36uqcztuzsy92q596shqxkf";
};
2023-01-28 20:49:10 +00:00
allKeys = [machines.dumpyourvms machines.ryzensun users.teutat3s users.teutat3s-5-nfc];
in {
2021-06-27 15:18:24 +00:00
"example-secret.age".publicKeys = allKeys;
2021-10-23 23:14:04 +00:00
"environment-secrets.age".publicKeys = allKeys;
"fwknoprc.age".publicKeys = allKeys;
"cat-testenv.ovpn.age".publicKeys = allKeys;
"docker-ci-runner-secrets.age".publicKeys = allKeys;
2023-01-28 20:49:10 +00:00
"test-secret.age".publicKeys = [users.teutat3s-5-nfc];
}