2023-04-14 11:12:45 +00:00
|
|
|
let
|
2023-10-01 19:21:02 +00:00
|
|
|
motiejus = builtins.attrValues {
|
|
|
|
|
yk1 = "age1yubikey1qtwmhf7h7ljs3dyx06wyzme4st6w4calkdpmsxgpxc9t2cldezvasd6n8wg";
|
|
|
|
|
yk2 = "age1yubikey1qgyvs2ul0enzqf4sscq96zyxk73jnj4lknpemak2hp39lejdwc0s5uzzhpc";
|
|
|
|
|
bk1 = "age1kyehn8yr9tfu3w0z4d9p9qrj0tjjh92ljxmz2nyr6xnm7y8kpv5spwwc9n";
|
|
|
|
|
bk2 = "age14f39j0wx84n93lgqn6d9gcd3yhuwak6qwrxy8v83ydn7266uafts09ecva";
|
|
|
|
|
};
|
2023-04-14 11:12:45 +00:00
|
|
|
|
2025-03-08 21:47:31 +00:00
|
|
|
fwminex = (import ./data.nix).hosts."fwminex.jakst.vpn".publicKey;
|
|
|
|
|
vno3-nk = (import ./data.nix).hosts."vno3-nk.jakst.vpn".publicKey;
|
|
|
|
|
fra1-b = (import ./data.nix).hosts."fra1-b.jakst.vpn".publicKey;
|
|
|
|
|
mtworx = (import ./data.nix).hosts."mtworx.jakst.vpn".publicKey;
|
|
|
|
|
vno1-gdrx = (import ./data.nix).hosts."vno1-gdrx.jakst.vpn".publicKey;
|
2024-12-05 23:28:23 +00:00
|
|
|
|
2024-07-29 12:39:54 +00:00
|
|
|
systems = [
|
2024-12-05 23:28:23 +00:00
|
|
|
fwminex
|
|
|
|
|
vno3-nk
|
2024-07-30 21:14:53 +00:00
|
|
|
fra1-b
|
2024-08-05 13:07:23 +00:00
|
|
|
vno1-gdrx
|
2024-08-05 16:05:32 +00:00
|
|
|
mtworx
|
2024-07-29 12:39:54 +00:00
|
|
|
];
|
2023-04-14 11:12:45 +00:00
|
|
|
|
2024-07-29 12:39:54 +00:00
|
|
|
mk =
|
|
|
|
|
auth: keyNames:
|
2023-08-14 07:05:28 +00:00
|
|
|
builtins.listToAttrs (
|
2023-08-14 06:28:54 +00:00
|
|
|
map (keyName: {
|
2023-08-14 07:05:28 +00:00
|
|
|
name = keyName;
|
2024-07-29 12:39:54 +00:00
|
|
|
value = {
|
|
|
|
|
publicKeys = auth;
|
|
|
|
|
};
|
|
|
|
|
}) keyNames
|
2023-08-14 06:28:54 +00:00
|
|
|
);
|
|
|
|
|
in
|
2024-07-29 12:39:54 +00:00
|
|
|
{ }
|
|
|
|
|
// mk ([ mtworx ] ++ motiejus) [
|
|
|
|
|
"secrets/motiejus_work_passwd_hash.age"
|
|
|
|
|
"secrets/root_work_passwd_hash.age"
|
2024-06-05 20:08:35 +00:00
|
|
|
|
2024-07-29 12:39:54 +00:00
|
|
|
"secrets/mtworx/syncthing/key.pem.age"
|
|
|
|
|
"secrets/mtworx/syncthing/cert.pem.age"
|
2024-12-02 23:18:40 +00:00
|
|
|
"secrets/mtworx/kolide-launcher.age"
|
2024-07-29 12:39:54 +00:00
|
|
|
]
|
2024-08-05 15:48:52 +00:00
|
|
|
// mk ([ vno1-gdrx ] ++ motiejus) [
|
|
|
|
|
"secrets/vno1-gdrx/syncthing/key.pem.age"
|
|
|
|
|
"secrets/vno1-gdrx/syncthing/cert.pem.age"
|
|
|
|
|
]
|
2024-12-05 23:28:23 +00:00
|
|
|
//
|
|
|
|
|
mk
|
|
|
|
|
(
|
|
|
|
|
[
|
|
|
|
|
vno3-nk
|
|
|
|
|
fwminex
|
|
|
|
|
]
|
|
|
|
|
++ motiejus
|
|
|
|
|
)
|
|
|
|
|
[
|
|
|
|
|
"secrets/motiejus_server_passwd_hash.age"
|
|
|
|
|
"secrets/root_server_passwd_hash.age"
|
|
|
|
|
]
|
2024-07-29 12:39:54 +00:00
|
|
|
// mk ([ fwminex ] ++ motiejus) [
|
2024-08-03 13:55:08 +00:00
|
|
|
"secrets/vaultwarden/secrets.env.age"
|
|
|
|
|
"secrets/letsencrypt/account.key.age"
|
2025-01-24 22:15:54 +00:00
|
|
|
"secrets/frigate.age"
|
2025-01-25 22:54:28 +00:00
|
|
|
"secrets/r1-htpasswd.age"
|
2024-08-02 13:43:42 +00:00
|
|
|
|
2024-08-03 15:52:49 +00:00
|
|
|
"secrets/synapse/jakstys_lt_signing_key.age"
|
|
|
|
|
"secrets/synapse/registration_shared_secret.age"
|
|
|
|
|
"secrets/synapse/macaroon_secret_key.age"
|
|
|
|
|
|
2024-07-29 12:39:54 +00:00
|
|
|
"secrets/fwminex/syncthing/key.pem.age"
|
|
|
|
|
"secrets/fwminex/syncthing/cert.pem.age"
|
|
|
|
|
]
|
2024-08-27 05:53:42 +00:00
|
|
|
// mk (
|
|
|
|
|
[
|
|
|
|
|
fwminex
|
|
|
|
|
vno1-gdrx
|
2024-12-05 23:28:23 +00:00
|
|
|
vno3-nk
|
2024-08-27 05:53:42 +00:00
|
|
|
]
|
|
|
|
|
++ motiejus
|
|
|
|
|
) [ "secrets/fwminex/borgbackup-password.age" ]
|
2024-07-29 12:39:54 +00:00
|
|
|
// mk (systems ++ motiejus) [
|
|
|
|
|
"secrets/motiejus_passwd_hash.age"
|
|
|
|
|
"secrets/root_passwd_hash.age"
|
|
|
|
|
"secrets/postfix_sasl_passwd.age"
|
2024-08-24 17:15:45 +00:00
|
|
|
"secrets/ssh8022.age"
|
2024-07-29 12:39:54 +00:00
|
|
|
]
|
