nixos-servers/nixos/secrets/secrets.nix
Pim Kunis 97fc20e251 backup nextcloud and hedgedoc database using borgmatic
expose database passwords using agenix
install lsof and parted
2024-01-06 20:17:45 +01:00

41 lines
1.1 KiB
Nix

let
pkgs = import <nixpkgs> { };
lib = pkgs.lib;
secrets = {
jefke = {
publicKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIJUSH2IQg8Y/CCcej7J6oe4co++6HlDo1MYDCR3gV3a pim@x260"
];
encryptedFiles = [
"jefke_host_ed25519.age"
"jefke_user_ed25519.age"
"postgresql_server.key.age"
];
};
atlas = {
publicKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKZ1OGe8jLyc+72SFUnW4FOKbpqHs7Mym85ESBN4HWV7 pim@x260"
];
encryptedFiles = [
"atlas_host_ed25519.age"
"atlas_user_ed25519.age"
];
};
lewis = {
publicKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL5lZjsqS6C50WO8p08TY7Fg8rqQH04EkpDTxCRGtR7a pim@x260"
];
encryptedFiles = [
"lewis_host_ed25519.age"
"lewis_user_ed25519.age"
"database_passwords.env.age"
];
};
};
in
lib.attrsets.mergeAttrsList (builtins.map
({ publicKeys, encryptedFiles }:
lib.attrsets.mergeAttrsList (builtins.map
(encryptedFile: { "${encryptedFile}" = { inherit publicKeys; }; })
encryptedFiles))
(lib.attrsets.attrValues secrets))