diff --git a/hosts/fra1-c/configuration.nix b/hosts/fra1-c/configuration.nix index 206386d..593c91c 100644 --- a/hosts/fra1-c/configuration.nix +++ b/hosts/fra1-c/configuration.nix @@ -13,7 +13,7 @@ in age.secrets = { motiejus-server-passwd-hash.file = ../../secrets/motiejus_server_passwd_hash.age; root-server-passwd-hash.file = ../../secrets/root_server_passwd_hash.age; - borgbackup-password.file = ../../secrets/fwminex/borgbackup-password.age; + borgbackup-password.file = ../../secrets/${config.networking.hostName}/borgbackup-password.age; sasl-passwd.file = ../../secrets/postfix_sasl_passwd.age; ssh8022-server = { file = ../../secrets/ssh8022.age; diff --git a/hosts/fwminex/configuration.nix b/hosts/fwminex/configuration.nix index b7fbf58..04fb9da 100644 --- a/hosts/fwminex/configuration.nix +++ b/hosts/fwminex/configuration.nix @@ -19,7 +19,7 @@ in motiejus-server-passwd-hash.file = ../../secrets/motiejus_server_passwd_hash.age; root-server-passwd-hash.file = ../../secrets/root_server_passwd_hash.age; sasl-passwd.file = ../../secrets/postfix_sasl_passwd.age; - borgbackup-password.file = ../../secrets/fwminex/borgbackup-password.age; + borgbackup-password.file = ../../secrets/${config.networking.hostName}/borgbackup-password.age; letsencrypt-account-key.file = ../../secrets/letsencrypt/account.key.age; vaultwarden-secrets-env.file = ../../secrets/vaultwarden/secrets.env.age; synapse-jakstys-signing-key.file = ../../secrets/synapse/jakstys_lt_signing_key.age; diff --git a/hosts/vno3-nk/configuration.nix b/hosts/vno3-nk/configuration.nix index 8030469..6a4487a 100644 --- a/hosts/vno3-nk/configuration.nix +++ b/hosts/vno3-nk/configuration.nix @@ -18,7 +18,7 @@ in motiejus-server-passwd-hash.file = ../../secrets/motiejus_server_passwd_hash.age; root-server-passwd-hash.file = ../../secrets/root_server_passwd_hash.age; sasl-passwd.file = ../../secrets/postfix_sasl_passwd.age; - borgbackup-password.file = ../../secrets/fwminex/borgbackup-password.age; + borgbackup-password.file = ../../secrets/${config.networking.hostName}/borgbackup-password.age; timelapse.file = ../../secrets/timelapse.age; syncthing-key.file = ../../secrets/vno3-nk/syncthing/key.pem.age; syncthing-cert.file = ../../secrets/vno3-nk/syncthing/cert.pem.age; diff --git a/secrets.nix b/secrets.nix index b501ba3..b5288c4 100644 --- a/secrets.nix +++ b/secrets.nix @@ -46,6 +46,7 @@ in // mk ([ vno3-nk ] ++ motiejus) [ "secrets/vno3-nk/syncthing/key.pem.age" "secrets/vno3-nk/syncthing/cert.pem.age" + "secrets/vno3-nk/borgbackup-password.age" ] // mk ([ sqq1-desk2 ] ++ motiejus) [ "secrets/sqq1-desk2/syncthing/key.pem.age" @@ -54,6 +55,10 @@ in // mk ([ vno1-gdrx ] ++ motiejus) [ "secrets/vno1-gdrx/syncthing/key.pem.age" "secrets/vno1-gdrx/syncthing/cert.pem.age" + + "secrets/vno3-nk/borgbackup-password.age" + "secrets/fwminex/borgbackup-password.age" + "secrets/fra1-c/borgbackup-password.age" ] // mk @@ -94,16 +99,14 @@ in "secrets/fwminex/syncthing/key.pem.age" "secrets/fwminex/syncthing/cert.pem.age" "secrets/fwminex/up.jakstys.lt.env.age" + "secrets/fwminex/borgbackup-password.age" ] // mk ( [ - fwminex - vno1-gdrx - vno3-nk fra1-c ] ++ motiejus -) [ "secrets/fwminex/borgbackup-password.age" ] +) [ "secrets/fra1-c/borgbackup-password.age" ] // mk (systems ++ motiejus) [ "secrets/motiejus_passwd_hash.age" "secrets/root_passwd_hash.age" diff --git a/secrets/fra1-c/borgbackup-password.age b/secrets/fra1-c/borgbackup-password.age new file mode 100644 index 0000000..2488286 --- /dev/null +++ b/secrets/fra1-c/borgbackup-password.age @@ -0,0 +1,14 @@ +age-encryption.org/v1 +-> ssh-ed25519 dJyjXQ whSar7Kg61SNSRRXbmMjjz1Vqj9jOB+0vjoRtZt76x4 +p0ijsfSueuEF3mh60z0im2jfTgL8KNE/vSVFOfMVLuQ +-> X25519 Q8EOYJ5/7QNQ5FKp0ylbCpDsGShjyZKlj3x/aL4can0 +ySZ6JoH1rL8Gvr7fsJoQzhIy5MaGF9hb1KHmKLF2zuw +-> X25519 2yogae6JOMnxImfXR4Dk/vz+sf2NkuzFuS3d4Op7w14 +3xz0BSLGAbbpxplb0vGxU15ykLPCagU+s/SIk5BoPJs +-> piv-p256 +y2G/w A3wZv7w/ZRMhSVMmaTtY4zGGHANw2qShcyqp1WRTPaWB +e2OIEwdnZgjrFlG4ysfb9EktkBL6IFJUd7Fg5nQt5jo +-> piv-p256 jNqd3A AuEcw++WwlnLh3hZCVQpIe6ipLb1KFOYqVIvT1dOOk5T +TD8YyMaFwoxrQAcofOEIuoaYmYjoZiUfv+JIOpu38ew +--- iKq7MPj9llDLuxwo0dgUfa+qJDf9bG3+U3nwAXN2cY0 +J +M1>ohCl]\d?s2X׋YGH} \ No newline at end of file diff --git a/secrets/fwminex/borgbackup-password.age b/secrets/fwminex/borgbackup-password.age index 7413575..67e6613 100644 --- a/secrets/fwminex/borgbackup-password.age +++ b/secrets/fwminex/borgbackup-password.age @@ -1,19 +1,14 @@ age-encryption.org/v1 --> ssh-ed25519 fqSa6A mpsAV2VQdSsC/+8kUKsvnys5ic2mQz0MEA2kl1FALj4 -xtUr9xAc7HlOzbew6iFNG4NCNr/GAMENGww7SUQitKg --> ssh-ed25519 lDWJbA 6Ypr62TadaVv+0PeHpN4Bvg2fhg68dkJiF4e6d+UMF8 -XrZGFXOAhaJUiFuTsc96mYda4XjL573nLwAGzl3HR0M --> ssh-ed25519 wPuT4Q O8SGmvCJrOMYi0O0qL68DAYZG6fIY1pv1n60v2OBEEE -v4+XHM2gD6+ndDkkr2qu/KFKD2vGpQ94JCP6OcKpsV8 --> ssh-ed25519 dJyjXQ 8QfEpLbsMlTOfYNqs97GzdsgfDn1SwYulKTjRePv9XE -bOuoXhm6CHJGGhrTNwIOddDRrhGZwU67VkVcQkBtTe8 --> X25519 0I6kW+PIH2CnIE5FY0eujwXowGkbROMbLKzgDHRBD3k -t7eGmUp0xTiadu1DsH4jA7iuaQQSXTuQU9+RP3hvVgI --> X25519 x++V4MIL4u/kv8MLIGUuMLHFesxo+9Kf32Q9nvDrZxg -xxvltRbYNAzUrdx2ZIEhfkFzQXY/PDr4WzCnosTcS6Q --> piv-p256 +y2G/w AsaphysYUxvaRo86bwBVKhqOOWzxO4zoDJ3PHzJkuiRU -3xCVQAdi2n6OwxcJX3GXD3ug7WKggG1QOAE4wYm8bpg --> piv-p256 jNqd3A A2/zhLyPoYU+2tfBukElXeuxoHycm5tcfSADDi+XOEuD -pguxc2kH01hbkh7iHbiBWfEc+4d6XIMTUGx6zf+k2hs ---- yixFNTaKHDzCENJiK7XfM5mTDCu8BwVBOnhVNpM9DuU -vu_߇cv"gTS!XJt \ No newline at end of file +-> ssh-ed25519 fqSa6A Ex8M7+EZThscF7Gy+P4A/PyGdr1zsUqecrQFkr7nblQ +tr8fxLOCPxuFOR6QtWkYJirUkrlickaXriqA/nRAzvU +-> X25519 rftxb8qrjAQgOpRszm/07iON5dzagJ9FJFxfkIqikE4 +0P+72TYzfgtQ/nTZEZ2CDjf906iJjyoXoEJ6RrkHVGA +-> X25519 4lbiq+9CgI3qYprwaQTrbmNcfBBK6sj+9s2+szkG2yY +UHyDorYhIZFWRkiesjf8z/ih+BUuiOGBp6eElZGH4eo +-> piv-p256 +y2G/w AnN2FXgrnCfn8mGp6uEBHA6xKhVh2k7olPnvQF5eiJWJ +TxsN6WiQOtbbzgNCpMq/nQ+Q+e9elUK+PlnlitVmQSg +-> piv-p256 jNqd3A A7Mt2FnBxrbjJWXmEpfqDEBFYtXqysd6GfavSoMlnHrH +LS8lBP4la5jTNlc7qkoWvwX6sb5TbpzIUhtQPxKr/tA +--- rtEm8+fINwi70YgNeV7j0L3wK5O6pG0ztq2kLyKzcCM ++.2W:l}d8 +Z[%-MU;||Y \ No newline at end of file diff --git a/secrets/vno3-nk/borgbackup-password.age b/secrets/vno3-nk/borgbackup-password.age new file mode 100644 index 0000000..8e36173 Binary files /dev/null and b/secrets/vno3-nk/borgbackup-password.age differ