forked from DGNum/infrastructure
feat(infra): Internalize nix-lib, and make keys management simpler
This commit is contained in:
parent
53c865a335
commit
6c4099d369
45 changed files with 762 additions and 182 deletions
|
|
@ -1,5 +1,3 @@
|
|||
let
|
||||
lib = import ../../../lib { };
|
||||
in
|
||||
|
||||
lib.setDefault { publicKeys = lib.getNodeKeys "bridge01"; } [ ]
|
||||
(import ../../../keys).mkSecrets [ "bridg01" ] [
|
||||
# List of secrets for bridge01
|
||||
]
|
||||
|
|
|
|||
|
|
@ -1,9 +1,4 @@
|
|||
let
|
||||
lib = import ../../../../lib { };
|
||||
publicKeys = lib.getNodeKeys "compute01";
|
||||
in
|
||||
|
||||
lib.setDefault { inherit publicKeys; } [
|
||||
(import ../../../../keys).mkSecrets [ "compute01" ] [
|
||||
"kanidm-password_admin"
|
||||
"kanidm-password_idm_admin"
|
||||
]
|
||||
|
|
|
|||
|
|
@ -1,9 +1,5 @@
|
|||
let
|
||||
lib = import ../../../lib { };
|
||||
publicKeys = lib.getNodeKeys "compute01";
|
||||
in
|
||||
|
||||
lib.setDefault { inherit publicKeys; } [
|
||||
(import ../../../keys).mkSecrets [ "compute01" ] [
|
||||
# List of secrets for compute01
|
||||
"arkheon-env_file"
|
||||
"bupstash-put_key"
|
||||
"dgsi-email_host_password_file"
|
||||
|
|
|
|||
|
|
@ -1,5 +1,3 @@
|
|||
let
|
||||
lib = import ../../../lib { };
|
||||
publicKeys = lib.getNodeKeys "geo01";
|
||||
in
|
||||
lib.setDefault { inherit publicKeys; } [ ]
|
||||
(import ../../../keys).mkSecrets [ "geo01" ] [
|
||||
# List of secrets for geo01
|
||||
]
|
||||
|
|
|
|||
|
|
@ -1,5 +1,3 @@
|
|||
let
|
||||
lib = import ../../../lib { };
|
||||
publicKeys = lib.getNodeKeys "geo02";
|
||||
in
|
||||
lib.setDefault { inherit publicKeys; } [ ]
|
||||
(import ../../../keys).mkSecrets [ "geo02" ] [
|
||||
# List of secrets for geo02
|
||||
]
|
||||
|
|
|
|||
|
|
@ -1,5 +1,3 @@
|
|||
let
|
||||
lib = import ../../../lib { };
|
||||
in
|
||||
|
||||
lib.setDefault { publicKeys = lib.getNodeKeys "krz01"; } [ ]
|
||||
(import ../../../keys).mkSecrets [ "krz01" ] [
|
||||
# List of secrets for krz01
|
||||
]
|
||||
|
|
|
|||
|
|
@ -1,5 +1,4 @@
|
|||
let
|
||||
lib = import ../../../lib { };
|
||||
publicKeys = lib.getNodeKeys "rescue01";
|
||||
in
|
||||
lib.setDefault { inherit publicKeys; } [ "stateless-uptime-kuma-password" ]
|
||||
(import ../../../keys).mkSecrets [ "rescue01" ] [
|
||||
# List of secrets for rescue01
|
||||
"stateless-uptime-kuma-password"
|
||||
]
|
||||
|
|
|
|||
|
|
@ -1,8 +1,5 @@
|
|||
let
|
||||
lib = import ../../../lib { };
|
||||
publicKeys = lib.getNodeKeys "storage01";
|
||||
in
|
||||
lib.setDefault { inherit publicKeys; } [
|
||||
(import ../../../keys).mkSecrets [ "storage01" ] [
|
||||
# List of secrets for storage01
|
||||
"bupstash-put_key"
|
||||
"forgejo-mailer_password_file"
|
||||
"forgejo_runners-token_file"
|
||||
|
|
|
|||
|
|
@ -1,8 +1,5 @@
|
|||
let
|
||||
lib = import ../../../lib { };
|
||||
publicKeys = lib.getNodeKeys "vault01";
|
||||
in
|
||||
lib.setDefault { inherit publicKeys; } [
|
||||
(import ../../../keys).mkSecrets [ "vault01" ] [
|
||||
# List of secrets for vault01
|
||||
"radius-auth_token_file"
|
||||
"radius-ca_pem_file"
|
||||
"radius-cert_pem_file"
|
||||
|
|
|
|||
|
|
@ -1,8 +1,5 @@
|
|||
let
|
||||
lib = import ../../../lib { };
|
||||
publicKeys = lib.getNodeKeys "web01";
|
||||
in
|
||||
lib.setDefault { inherit publicKeys; } [
|
||||
(import ../../../keys).mkSecrets [ "web01" ] [
|
||||
# List of secrets for web01
|
||||
"acme-certs_secret"
|
||||
"bupstash-put_key"
|
||||
"matterbridge-config_file"
|
||||
|
|
|
|||
|
|
@ -1,7 +1,5 @@
|
|||
let
|
||||
lib = import ../../../lib { };
|
||||
in
|
||||
lib.setDefault { publicKeys = lib.getNodeKeys "web02"; } [
|
||||
(import ../../../keys).mkSecrets [ "web02" ] [
|
||||
# List of secrets for web02
|
||||
"cas_eleves-secret_key_file"
|
||||
"kadenios-secret_key_file"
|
||||
"kadenios-email_password_file"
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue