34 lines
2.0 KiB
Nix
34 lines
2.0 KiB
Nix
let
|
|
keys = import ../keys.nix;
|
|
in {
|
|
"gpg-keys.age".publicKeys = keys.agenixKeys;
|
|
"gpg-passphrase.age".publicKeys = keys.agenixKeys;
|
|
"gws-client-secret.json.age".publicKeys = keys.agenixKeys;
|
|
"cache-priv-key.pem.age".publicKeys = keys.agenixKeys;
|
|
"gitea-runner-token.biskcomp.age".publicKeys = keys.agenixKeys;
|
|
"gitea-runner-token.ryzen-shine.age".publicKeys = keys.agenixKeys;
|
|
"gitea-runner-token.nixquick.age".publicKeys = keys.agenixKeys;
|
|
"gitea-runner-token.jimi-hendnix.age".publicKeys = keys.agenixKeys;
|
|
"gitea-runner-token.adele.age".publicKeys = keys.agenixKeys;
|
|
"gitea-runner-token.railbird-sf.age".publicKeys = keys.agenixKeys ++ keys.railbird-sf;
|
|
"gitea-runner-token.mac-demarco-mini.age".publicKeys = keys.agenixKeys ++ keys.railbird-sf;
|
|
"gitea-runner-token.age".publicKeys = keys.agenixKeys ++ keys.railbird-sf;
|
|
"nextcloud-admin.age".publicKeys = keys.agenixKeys;
|
|
"ryzen-shine-kubernetes-token.age".publicKeys = keys.agenixKeys;
|
|
"1896Folsom-k3s-token.age".publicKeys = keys.agenixKeys ++ keys.railbird-sf;
|
|
"api_service_account_key.json.age".publicKeys = keys.agenixKeys;
|
|
"k3s-registry.yaml.age".publicKeys = keys.agenixKeys ++ keys.railbird-sf;
|
|
"discourse-admin-password.age".publicKeys = keys.hostKeys;
|
|
"discourse-secret-key-base.age".publicKeys = keys.hostKeys;
|
|
"vaultwarden-environment-file.age".publicKeys = keys.hostKeys;
|
|
"org-api-passwords.age".publicKeys = keys.hostKeys ++ keys.kanivanKeys ++ keys.railbird-sf;
|
|
"org-api-auth-password.age".publicKeys = keys.hostKeys ++ keys.kanivanKeys ++ keys.railbird-sf;
|
|
"org-api-ssh-key.age".publicKeys = keys.hostKeys ++ keys.kanivanKeys ++ keys.railbird-sf;
|
|
"google-assistant-integration-service-key.age".publicKeys = keys.hostKeys ++ keys.kanivanKeys;
|
|
"zwave-js.json.age".publicKeys = keys.hostKeys ++ keys.kanivanKeys;
|
|
|
|
# Optional Tailscale pre-auth key for unattended enrollment.
|
|
# This is safe to commit encrypted; default plaintext is "DISABLED".
|
|
"tailscale-authkey.age".publicKeys = keys.kanivanKeys;
|
|
}
|