feat(ops/secrets): Add journaldriver key
This changes the structure of secrets.nix a bit to split between secrets for whitby, and secrets for all TVL machines. Change-Id: I791f0ce42a16b33051e24a7a6c5b153761ed9eb3 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5300 Reviewed-by: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI Autosubmit: tazjin <tazjin@tvl.su>
This commit is contained in:
parent
e1353ff2cf
commit
6b3eed1fb5
2 changed files with 23 additions and 20 deletions
BIN
ops/secrets/journaldriver.age
Normal file
BIN
ops/secrets/journaldriver.age
Normal file
Binary file not shown.
|
@ -12,28 +12,31 @@ let
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJk+KvgvI2oJTppMASNUfMcMkA2G5ZNt+HnWDzaXKLlo"
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJk+KvgvI2oJTppMASNUfMcMkA2G5ZNt+HnWDzaXKLlo"
|
||||||
];
|
];
|
||||||
|
|
||||||
|
sanduny = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOag0XhylaTVhmT6HB8EN2Fv5Ymrc4ZfypOXONUkykTX";
|
||||||
whitby = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILNh/w4BSKov0jdz3gKBc98tpoLta5bb87fQXWBhAl2I";
|
whitby = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILNh/w4BSKov0jdz3gKBc98tpoLta5bb87fQXWBhAl2I";
|
||||||
|
|
||||||
default.publicKeys = tazjin ++ grfn ++ sterni ++ [ whitby ];
|
whitbyDefault.publicKeys = tazjin ++ grfn ++ sterni ++ [ whitby ];
|
||||||
|
allDefault.publicKeys = tazjin ++ grfn ++ sterni ++ [ sanduny whitby ];
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
"besadii.age" = default;
|
"besadii.age" = whitbyDefault;
|
||||||
"buildkite-agent-token.age" = default;
|
"buildkite-agent-token.age" = whitbyDefault;
|
||||||
"buildkite-graphql-token.age" = default;
|
"buildkite-graphql-token.age" = whitbyDefault;
|
||||||
"clbot-ssh.age" = default;
|
"clbot-ssh.age" = whitbyDefault;
|
||||||
"clbot.age" = default;
|
"clbot.age" = whitbyDefault;
|
||||||
"gerrit-queue.age" = default;
|
"gerrit-queue.age" = whitbyDefault;
|
||||||
"gerrit-secrets.age" = default;
|
"gerrit-secrets.age" = whitbyDefault;
|
||||||
"grafana.age" = default;
|
"grafana.age" = whitbyDefault;
|
||||||
"irccat.age" = default;
|
"irccat.age" = whitbyDefault;
|
||||||
"keycloak-db.age" = default;
|
"journaldriver.age" = allDefault;
|
||||||
"nix-cache-priv.age" = default;
|
"keycloak-db.age" = whitbyDefault;
|
||||||
"nix-cache-pub.age" = default;
|
"nix-cache-priv.age" = whitbyDefault;
|
||||||
"oauth2_proxy.age" = default;
|
"nix-cache-pub.age" = whitbyDefault;
|
||||||
"owothia.age" = default;
|
"oauth2_proxy.age" = whitbyDefault;
|
||||||
"panettone.age" = default;
|
"owothia.age" = whitbyDefault;
|
||||||
"smtprelay.age" = default;
|
"panettone.age" = whitbyDefault;
|
||||||
"tf-glesys.age" = default;
|
"smtprelay.age" = whitbyDefault;
|
||||||
"tf-keycloak.age" = default;
|
"tf-glesys.age" = whitbyDefault;
|
||||||
"tvl-alerts-bot-telegram-token.age" = default;
|
"tf-keycloak.age" = whitbyDefault;
|
||||||
|
"tvl-alerts-bot-telegram-token.age" = whitbyDefault;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue