thehedgehog/nix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
nix/hosts/marvin/services/secret-files.nix

148 lines
3.9 KiB
Nix
Raw Blame History

{
config.age.secrets = {
# Caddy Secrets
# thehedgehog-pem = {
# file = ../secrets/thehedgehog-pem.age;
# path = "/run/agenix/thehedgehog.me.pem";
# owner = "caddy";
# group = "caddy";
# };
# thehedgehog-key = {
# file = ../secrets/thehedgehog-key.age;
# path = "/run/agenix/thehedgehog.me.key";
# owner = "caddy";
# group = "caddy";
# };
# cloudflare-ca = {
# file = ../secrets/cloudflare-ca.age;
# path = "/run/agenix/cloudflare-ca.pem";
# owner = "caddy";
# group = "caddy";
# };
# step-root-ca-crt-caddy = {
# file = ../secrets/step-root-ca-crt.age;
# path = "/run/agenix/step-root-ca-crt-caddy";
# owner = "caddy";
# group = "caddy";
# };
# Cloudflared secrets
# cloudflared-creds = {
# file = ../secrets/cloudflared-creds.age;
# path = "/run/cloudflared/cloudflared-creds.json";
# owner = "cloudflared";
# group = "cloudflared";
# };
# cloudflared-vars = {
# file = ../secrets/cloudflared-vars.age;
# path = "/run/agenix/cloudflared_vars";
# owner = "cloudflared";
# group = "cloudflared";
# };
# Vaultwarden Secrets
vaultwarden-vars = {
file = ../secrets/vaultwarden-vars.age;
path = "/run/agenix/vaultwarden-vars";
owner = "vaultwarden";
group = "vaultwarden";
};
# Miniflux admin password
miniflux-admin = {
file = ../secrets/miniflux-admin.age;
path = "/run/agenix/miniflux-admin";
owner = "miniflux";
group = "miniflux";
};
miniflux-oidc-secret = {
file = ../secrets/miniflux-oidc-secret.age;
path = "/run/agenix/miniflux-oidc-secret";
owner = "miniflux";
group = "miniflux";
};
# Wireguard private key
external-wg-priv-key = {
file = ../secrets/external-wg-priv-key.age;
path = "/run/agenix/external-wg-priv-key";
};
# Cloudflare DynDNS secret
# cf-dyndns-token = {
# file = ../secrets/cf-dyndns-token.age;
# path = "/run/agenix/cf-dyndns-token";
# };
# Step CA secrets
# step-password = {
# file = ../secrets/step-password.age;
# path = "/run/agenix/step-password";
# owner = "step-ca";
# group = "step-ca";
# };
# step-root-ca-key = {
# file = ../secrets/step-root-ca-key.age;
# path = "/run/agenix/step-root-ca-key";
# owner = "step-ca";
# group = "step-ca";
# };
# step-inter-ca-key = {
# file = ../secrets/step-inter-ca-key.age;
# path = "/run/agenix/step-inter-ca-key";
# owner = "step-ca";
# group = "step-ca";
# };
# step-root-ca-crt = {
# file = ../secrets/step-root-ca-crt.age;
# path = "/run/agenix/step-root-ca-crt";
# owner = "step-ca";
# group = "step-ca";
# };
# step-inter-ca-crt = {
# file = ../secrets/step-inter-ca-crt.age;
# path = "/run/agenix/step-inter-ca-crt";
# owner = "step-ca";
# group = "step-ca";
# };
# Gitea Secrets
gitea-db-pw = {
file = ../secrets/gitea-db-pw.age;
path = "/run/agenix/gitea-db-pw";
owner = "gitea";
group = "gitea";
};
gitea-mail-pw = {
file = ../secrets/gitea-mail-pw.age;
path = "/run/agenix/gitea-mail-pw";
owner = "gitea";
group = "gitea";
};
# Nix-serve Private key
nix-serve-priv = {
file = ../secrets/nix-serve-priv.age;
path = "/run/agenix/nix-serve-priv";
owner = "nix-serve";
group = "nix-serve";
};
# Authentik Variables
authentik-env = {
file = ../secrets/authentik-env.age;
path = "/run/agenix/authentik.env";
owner = "thehedgehog";
group = "misc";
};
# Vikunja Secrets
vikunja-env = {
file = ../secrets/vikunja-env.age;
path = "/run/agenix/vikunja-env";
owner = "vikunja";
group = "vikunja";
};
};
}
Reference in a new issue View git blame Copy permalink