44 lines
1.6 KiB
Nix
44 lines
1.6 KiB
Nix
let
|
|
keys = import ./ssh-keys.nix;
|
|
|
|
secrets = with keys; {
|
|
tailscale-authKey = keys.tailscale-machine;
|
|
cloudflare-tegola-apiKey = [ machines.caddy ];
|
|
cloudflare-pasetto-apiKey = [ machines.caddy ];
|
|
ddclient = [ machines.caddy ];
|
|
prowlarr-apiKey = [ machines.metrics ];
|
|
radarr-apiKey = [ machines.metrics ];
|
|
sonarr-apiKey = [ machines.metrics ];
|
|
lidarr-apiKey = [ machines.metrics ];
|
|
readarr-apiKey = [ machines.metrics ];
|
|
bazarr-apiKey = [ machines.metrics ];
|
|
grafana-admin-pwd = [ machines.metrics ];
|
|
grafana-secret-auth = [ machines.metrics ];
|
|
nextcloud-admin-pwd = [ machines.nextcloud ];
|
|
vaultwarden-admin-pwd = [ machines.vaultwarden ];
|
|
searx-secret = [ machines.caddy ];
|
|
searx-prometheus-secret = [
|
|
machines.caddy
|
|
machines.metrics
|
|
];
|
|
watchtower-secrets = [ machines.portainer ];
|
|
authentik-env = [ machines.auth ];
|
|
dns01-admin-password = [ machines.dns01 ];
|
|
dns02-admin-password = [ machines.dns02 ];
|
|
dns02-dhcp-failover = [ machines.dns02 ];
|
|
shadowsocks-password = [ machines.shadowsocks ];
|
|
firefly-iii-app-key = [ machines.firefly-iii ];
|
|
firefly-iii-mailgun-key = [ machines.firefly-iii ];
|
|
open-webui = [ machines.open-webui ];
|
|
paperless-admin = [ machines.paperless ];
|
|
paperless-oauth2-client-secret = [ machines.paperless ];
|
|
zigbee2mqtt-password = [ machines.zigbee2mqtt ];
|
|
mqtt-password = [ machines.zigbee2mqtt ];
|
|
};
|
|
in
|
|
builtins.listToAttrs (
|
|
map (secretName: {
|
|
name = "secrets/${secretName}.age";
|
|
value.publicKeys = secrets."${secretName}" ++ keys.infra-core;
|
|
}) (builtins.attrNames secrets)
|
|
)
|