From 936f613834adaa96bcac63d5f5e320eba3115921 Mon Sep 17 00:00:00 2001
From: hackens server <hackens@ens.fr>
Date: Sat, 11 Jun 2022 21:12:42 +0200
Subject: [PATCH] age

---
 hosts/hackens-org/configuration.nix           |   1 +
 hosts/hackens-org/wiki/default.nix            |   2 +-
 .../hackens-org/{ => wiki}/media/favicon.ico  | Bin
 hosts/hackens-org/{ => wiki}/media/logo.png   | Bin
 secrets/default.nix                           |   2 +-
 secrets/secrets.nix                           |   2 +-
 secrets/wiki-openID.age                       |  31 ++++++++++++++++++
 7 files changed, 35 insertions(+), 3 deletions(-)
 rename hosts/hackens-org/{ => wiki}/media/favicon.ico (100%)
 rename hosts/hackens-org/{ => wiki}/media/logo.png (100%)
 create mode 100644 secrets/wiki-openID.age
diff --git a/hosts/hackens-org/configuration.nix b/hosts/hackens-org/configuration.nix
index 65f2df1..5db0e5f 100644
--- a/hosts/hackens-org/configuration.nix
+++ b/hosts/hackens-org/configuration.nix
@@ -10,6 +10,7 @@
       ./hardware-configuration.nix
       ./physical.nix
       ../../profiles/core-hackens
+      ../../secrets
       ./wiki
       ./webpass.nix
       ./mosquitto.nix
diff --git a/hosts/hackens-org/wiki/default.nix b/hosts/hackens-org/wiki/default.nix
index 78a6883..89f7447 100644
--- a/hosts/hackens-org/wiki/default.nix
+++ b/hosts/hackens-org/wiki/default.nix
@@ -41,7 +41,7 @@ in
       $conf['htmlmail'] = 0; // On envoie les mails en plain text
       $conf['authtype'] = 'oauth';
       $conf['plugin']['oauthkeycloak']['key'] = 'wiki';
-      $conf['plugin']['oauthkeycloak']['secret'] = '';
+      $conf['plugin']['oauthkeycloak']['secret'] = file('${config.age.secrets.wikiOpenID.path}', FILE_IGNORE_NEW_LINES)[0];
       $conf['plugin']['oauthkeycloak']['openidurl'] = 'https://auth.rz.ens.wtf/auth/realms/hackENS/.well-known/openid-configuration/';
     '';
 
diff --git a/hosts/hackens-org/media/favicon.ico b/hosts/hackens-org/wiki/media/favicon.ico
similarity index 100%
rename from hosts/hackens-org/media/favicon.ico
rename to hosts/hackens-org/wiki/media/favicon.ico
diff --git a/hosts/hackens-org/media/logo.png b/hosts/hackens-org/wiki/media/logo.png
similarity index 100%
rename from hosts/hackens-org/media/logo.png
rename to hosts/hackens-org/wiki/media/logo.png
diff --git a/secrets/default.nix b/secrets/default.nix
index d2a4ed6..9fd5403 100644
--- a/secrets/default.nix
+++ b/secrets/default.nix
@@ -1,5 +1,5 @@
 { ... }:
 {
   imports = [ <agenix/modules/age.nix> ];
-  age.secrets."wikiOpenID".file = ./wiki-openID.age
+  age.secrets."wikiOpenID".file = ./wiki-openID.age;
 }
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index e231aa6..2cde620 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -1,6 +1,6 @@
 let
   lib = (import <nixpkgs> {}).lib;
-  readPubkeys = user: builtins.filter (k: k != "") (lib.splitString "\n" (builtins.readFile (./pubkeys + "/${user}.keys")));
+  readPubkeys = user: builtins.filter (k: k != "") (lib.splitString "\n" (builtins.readFile (../pubkeys + "/${user}.keys")));
 in
 {
   "wiki-openID.age".publicKeys = (readPubkeys "sinavir") ++ (readPubkeys "hackens-host") ++ (readPubkeys "raito") ++ (readPubkeys "gdd") ++ (readPubkeys "backslash");
diff --git a/secrets/wiki-openID.age b/secrets/wiki-openID.age
new file mode 100644
index 0000000..fdeec16
--- /dev/null
+++ b/secrets/wiki-openID.age
@@ -0,0 +1,31 @@
+age-encryption.org/v1
+-> ssh-ed25519 JGx7Ng krR1IYLPMfF9fR7P6ECgMy2vec2lHss0XcHuHWcZCBo
+MDFLnB7DgNdlJjOxhu0Qreb17ejcZIBMnXGs0BLUN+E
+-> ssh-ed25519 IWJ9yA shKTCkZmyjLLIFY+ZetDqJJgx51cVHk/ZsKD/cdJ+i0
+xSblu5POmIUKVe4l+KqpGqGkk+UowRhitUdvE9BLUfM
+-> ssh-ed25519 7hZk0g 8WtQ/vt6MH0pIN5G1GB3RoS1fNFgFQIepR1HqyP8vWI
+oSYU/uRA4lopWC8TCwWYZAGncoPOx8/sIMFt0QErDlg
+-> ssh-rsa krWCLQ
+KkRdhsQ//wkDw4mX3RqGLSbR8hX3ehr+ZDkwDbCh9gwl17p2hGOFzwhvA8UxQJnK
+O1z7Lu+hA3dvIhNlyimHp8Qt/AkoZAPnR+lf08Q4BajCqy2Z6HBjKJ6qi7c+9t2F
+xy5YrBrTzpRKbmf7Fz+tm1hg392bLHhv3N+PfTSszjBs8XdUF8nWQNsdETBhZOzz
+ilwDzRDFWfPuFYhjs7cAiXE+qDGgzleX0Yx+OgwBoBPB93JbmuRIPQZIJL9WQZdN
+WTS5T5NJ/trZuRAx/Gx+O854G4miLE1M76E/hQ5bZuQN3EvY4Me8j9jzFlwPp3wA
+M2oxFsJRvSkOmFl1WIWM0Q
+-> ssh-ed25519 nyw/0Q KinHAGi4K6Gls1otwc9WE+jhzujZ4EETm2Br3myWh1o
+m1gVTxjs+WJeKc6NvBlqWfGmg3ZwxVO6aHqM14QFRaI
+-> ssh-ed25519 85WiGg P9BBlxJxxLwijrvo/XzfKh2GnkJUvjCLBhkrR27v0SQ
+8o3HgtiY8DLYgrau2mfmA4QzvoFThCHqDF/7QCNew7A
+-> ssh-ed25519 cvTB5g HzkPfCXwsikbISCh7zZgtOaI03G2ErTWIXRk9TfSqm4
+Wqh9WYB4D2hDAe3nWxz19nZDgGMJYFvtHxrYQnuiHC4
+-> ssh-ed25519 Wu8JLQ 2x1ikJnqyIkQmOwK1vP4S7n/xZZCdN7czBY1o/L8ZzY
+Poj21vxJ9sUsoikfepaxbktWWIdjh24zzDRzW4Efb8c
+-> ssh-ed25519 EIt1vA XxwV8nTlhx7Iy77xCnTrcCEevyKnDGFHGi9JvLb4a0s
+y9M2VFvUGT0GOydGDbyqpuOuIRyKXPGl1Z35nBI3i68
+-> ssh-ed25519 X51wxg C6GJqoVqTLpR5L0v1c5umu0gwUEWXOEAJC9kKWV2NEs
+IogBAsuZG9z8TmX0rVav14ek1qhoq38DWullPSufnWQ
+-> l@z=5S-grease (,5a5 T tV@xrY %e_ig
+mIzNLkFaEozopcLCOyQacaU
+--- 2krWnD1hHZOvN/0zuuIIcFjh2udviLZns/nTsVSPLmc
+û³¦~³Å=ï¾Ì>ô©YYW€wpEz±);Úàdó1Må'=èš&!Jìá”$²
+nÊ_l"ï“æÚ‰”Ï
\ No newline at end of file
