infrastructure/machines/public-cof/secrets/secrets.nix
2022-10-29 17:32:10 +02:00

16 lines
735 B
Nix

let
pkgs = import <nixpkgs> {};
lib = pkgs.lib;
readPubkeys = user: builtins.filter (k: k != "") (lib.splitString "\n" (builtins.readFile (../../pubkeys + "/${user}.keys")));
superadmins = (readPubkeys "raito") ++ (readPubkeys "gdd");
public-cof = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDUe/w7e3+KIa1YPFH9FGapDWM/sWOvOCcYXNlnIWypg";
systems = [ public-cof ];
in
{
"nextcloudAdminPasswordFile.age".publicKeys = superadmins ++ systems;
"nextcloudDatabasePasswordFile.age".publicKeys = superadmins ++ systems;
"kanboard-secrets.age".publicKeys = superadmins ++ systems;
"outlineS3Secrets.age".publicKeys = superadmins ++ systems;
"outline-oidc-client-secret.age".publicKeys = superadmins ++ systems;
}