nixcfg/secrets/secrets.nix
Aly Raffauf 67d0f7f6ac
mauville: idempotent backblaze authentication (#37)
* mauville: add backblaze secrets

* mauville/home: authenticate with backblaze before nightly backups

* fix format

* mauville: move backblaze secret to home

* aly: setup backblaze secrets

* mauville: pass config to hm module
2024-07-15 23:53:15 -04:00

42 lines
1.4 KiB
Nix

let
hosts = [
"fallarbor"
"lavaridge"
"mauville"
"petalburg"
"rustboro"
];
users = [
"aly_fallarbor"
"aly_lavaridge"
"aly_mauville"
"aly_petalburg"
"aly_rustboro"
];
systemKeys = builtins.map (host: builtins.readFile ./publicKeys/root_${host}.pub) hosts;
userKeys = builtins.map (user: builtins.readFile ./publicKeys/${user}.pub) users;
keys = systemKeys ++ userKeys;
in {
"backblaze/key.age".publicKeys = keys;
"backblaze/keyId.age".publicKeys = keys;
"cloudflare.age".publicKeys = keys;
"lastFM/apiKey.age".publicKeys = keys;
"lastFM/secret.age".publicKeys = keys;
"mail/achacega_gmail.age".publicKeys = keys;
"mail/alyraffauf_fastmail.age".publicKeys = keys;
"spotify/clientId.age".publicKeys = keys;
"spotify/clientSecret.age".publicKeys = keys;
"syncthing/fallarbor/cert.age".publicKeys = keys;
"syncthing/fallarbor/key.age".publicKeys = keys;
"syncthing/lavaridge/cert.age".publicKeys = keys;
"syncthing/lavaridge/key.age".publicKeys = keys;
"syncthing/mauville/cert.age".publicKeys = keys;
"syncthing/mauville/key.age".publicKeys = keys;
"syncthing/petalburg/cert.age".publicKeys = keys;
"syncthing/petalburg/key.age".publicKeys = keys;
"syncthing/rustboro/cert.age".publicKeys = keys;
"syncthing/rustboro/key.age".publicKeys = keys;
"tailscale/authKeyFile.age".publicKeys = keys;
"wifi.age".publicKeys = keys;
}