From ed51e818c1995f57b710327957c1d179980e4deb Mon Sep 17 00:00:00 2001 From: Benedikt Peetz Date: Fri, 18 Oct 2024 22:13:18 +0200 Subject: refactor(modules/secrets): Split into the modules, that need the secrets Storing the secrets in the module that actually needs them, is a cleaner solution. --- secrets.nix | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 secrets.nix (limited to 'secrets.nix') diff --git a/secrets.nix b/secrets.nix new file mode 100644 index 00000000..3e16473d --- /dev/null +++ b/secrets.nix @@ -0,0 +1,16 @@ +let + soispha = "age1mshh4ynzhhzhff25tqwkg4j054g3xwrfznh98ycchludj9wjj48qn2uffn"; + + tiamat = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMD87QQIUXdEv3TaNRrI9clD9VgpsuVLFg2CrNGa5lVB"; + apzu = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBivF5b6PyxsR/t+4Qg4IEDXHVXrjmZpslTUNXpvcVbO"; +in { + "modules/by-name/lf/lf/secrets/cd_paths.age".publicKeys = [soispha tiamat apzu]; + + "modules/by-name/se/serverphone/private_keys/ca.key".publicKeys = [soispha tiamat apzu]; + "modules/by-name/se/serverphone/private_keys/server.key".publicKeys = [soispha tiamat apzu]; + + "modules/by-name/ta/taskwarrior/secrets/private.key".publicKeys = [soispha tiamat apzu]; + "modules/by-name/ta/taskwarrior/secrets/public.cert".publicKeys = [soispha tiamat apzu]; + "modules/by-name/ta/taskwarrior/secrets/ca.cert".publicKeys = [soispha tiamat apzu]; + "modules/by-name/ta/taskwarrior/secrets/credentials".publicKeys = [soispha tiamat apzu]; +} -- cgit 1.4.1