nibylandia/secrets.nix

let meta = import ./meta.nix;
in {

  "secrets/secureboot-key.age".publicKeys = meta.users.ar ++ (with meta.hosts; [
    khas.publicKey
    microlith.publicKey
    zorigami.publicKey
    scylla.publicKey
    kyorinrin.publicKey
  ]);
  "secrets/secureboot-cert.age".publicKeys = meta.users.ar
    ++ (with meta.hosts; [
      khas.publicKey
      microlith.publicKey
      zorigami.publicKey
      scylla.publicKey
      kyorinrin.publicKey
    ]);
  "secrets/khas-ar.age".publicKeys = meta.users.ar
    ++ [ meta.hosts.khas.publicKey ];
  "secrets/microlith-ar.age".publicKeys = meta.users.ar
    ++ [ meta.hosts.microlith.publicKey ];
  "secrets/amanojaku-ar.age".publicKeys = meta.users.ar
    ++ [ meta.hosts.amanojaku.publicKey ];
  "secrets/kyorinrin-ar.age".publicKeys = meta.users.ar
    ++ [ meta.hosts.kyorinrin.publicKey ];
  "secrets/nix-store.age".publicKeys = meta.users.ar ++ (with meta.hosts; [
    zorigami.publicKey
    scylla.publicKey
    stereolith.publicKey
    khas.publicKey
    microlith.publicKey
    akamanto.publicKey
    amanojaku.publicKey
    tsukumogami.publicKey
    kyorinrin.publicKey
    homekitty.publicKey
  ]);
  "secrets/wg/nibylandia_scylla.age".publicKeys = meta.users.ar
    ++ [ meta.hosts.scylla.publicKey ];
  "secrets/wg/dn42_w1kl4s_scylla.age".publicKeys = meta.users.ar
    ++ [ meta.hosts.scylla.publicKey ];
  "secrets/lan/nibylandia-ddns-kea.age".publicKeys = meta.users.ar
    ++ [ meta.hosts.scylla.publicKey ];
  "secrets/lan/nibylandia-ddns-bind.age".publicKeys = meta.users.ar
    ++ [ meta.hosts.scylla.publicKey ];
  "secrets/notbotEnvironment.age".publicKeys = meta.users.ar
    ++ [ meta.hosts.zorigami.publicKey ];
  "secrets/nextCloudAdmin.age".publicKeys = meta.users.ar
    ++ [ meta.hosts.zorigami.publicKey ];
  "secrets/nextCloudExporter.age".publicKeys = meta.users.ar
    ++ [ meta.hosts.zorigami.publicKey ];
  "secrets/norkclubMinecraftRestic.age".publicKeys = meta.users.ar
    ++ [ meta.hosts.zorigami.publicKey ];
  "secrets/cassAuth.age".publicKeys = meta.users.ar
    ++ [ meta.hosts.zorigami.publicKey ];
  "secrets/miniflux.age".publicKeys = meta.users.ar
    ++ [ meta.hosts.zorigami.publicKey ];
  "secrets/stuffAuth.age".publicKeys = meta.users.ar
    ++ [ meta.hosts.stereolith.publicKey ];
  "secrets/wg/nibylandia_zorigami.age".publicKeys = meta.users.ar
    ++ [ meta.hosts.zorigami.publicKey ];
  "secrets/mail/ar.age".publicKeys = meta.users.ar
    ++ [ meta.hosts.zorigami.publicKey ];
  "secrets/mail/apo.age".publicKeys = meta.users.ar
    ++ [ meta.hosts.zorigami.publicKey ];
  "secrets/mail/mastodon.age".publicKeys = meta.users.ar
    ++ [ meta.hosts.zorigami.publicKey ];
  "secrets/mail/mastodonPlain.age".publicKeys = meta.users.ar
    ++ [ meta.hosts.zorigami.publicKey meta.hosts.stereolith.publicKey ];
  "secrets/mail/madargon.age".publicKeys = meta.users.ar
    ++ [ meta.hosts.zorigami.publicKey ];
  "secrets/mail/enki.age".publicKeys = meta.users.ar
    ++ [ meta.hosts.zorigami.publicKey ];
  "secrets/mail/matrix.age".publicKeys = meta.users.ar
    ++ [ meta.hosts.zorigami.publicKey ];
  "secrets/mail/vaultwarden.age".publicKeys = meta.users.ar
    ++ [ meta.hosts.zorigami.publicKey ];
  "secrets/mail/vaultwardenPlain.age".publicKeys = meta.users.ar
    ++ [ meta.hosts.zorigami.publicKey ];
  "secrets/mail/keycloak.age".publicKeys = meta.users.ar
    ++ [ meta.hosts.zorigami.publicKey ];
  "secrets/mail/keycloakPlain.age".publicKeys = meta.users.ar
    ++ [ meta.hosts.zorigami.publicKey ];
  "secrets/keycloakDatabase.age".publicKeys = meta.users.ar
    ++ [ meta.hosts.zorigami.publicKey ];
  "secrets/synapseExtraConfig.age".publicKeys = meta.users.ar
    ++ [ meta.hosts.zorigami.publicKey ];
  "secrets/mastodon-activerecord.age".publicKeys = meta.users.ar
    ++ [ meta.hosts.zorigami.publicKey ];
  "secrets/fedifetcherAccessToken_ar.age".publicKeys = meta.users.ar
    ++ [ meta.hosts.zorigami.publicKey ];
  "secrets/mastodon-qa-activerecord.age".publicKeys = meta.users.ar
    ++ [ meta.hosts.stereolith.publicKey ];
  "secrets/gitea-runner-token-zorigami.age".publicKeys = meta.users.ar
    ++ [ meta.hosts.zorigami.publicKey ];
  "secrets/gitea-runner-token-scylla.age".publicKeys = meta.users.ar
    ++ [ meta.hosts.scylla.publicKey ];
  "secrets/github-runner-token-zorigami.age".publicKeys = meta.users.ar
    ++ [ meta.hosts.zorigami.publicKey ];
  "secrets/github-runner-token-scylla.age".publicKeys = meta.users.ar
    ++ [ meta.hosts.scylla.publicKey ];
  "secrets/ci-secrets.age".publicKeys = meta.users.ar ++ (with meta.hosts; [
    scylla.publicKey
    zorigami.publicKey
  ]); # TODO: we're not getting ssh keys for the generated disk image, so we need to embed it at disk image build time
  "secrets/acme-zorigami-zajeba.li.age".publicKeys = meta.users.ar
    ++ [ meta.hosts.zorigami.publicKey ];
  "secrets/automata.of-a.cat-matrix_key.pem.age".publicKeys = meta.users.ar
    ++ [ meta.hosts.zorigami.publicKey ];
  "secrets/automata.of-a.cat-matrix_env.age".publicKeys = meta.users.ar
    ++ [ meta.hosts.zorigami.publicKey ];
  "secrets/github-runner-token-test262.age".publicKeys = meta.users.ar
    ++ [ meta.hosts.zorigami.publicKey ];
}
chore: further refactor 2023-11-30 22:09:21 +01:00			`let meta = import ./meta.nix;`
scaffolding 2023-09-03 13:35:16 +02:00			`in {`

chore: further refactor 2023-11-30 22:09:21 +01:00			`"secrets/secureboot-key.age".publicKeys = meta.users.ar ++ (with meta.hosts; [`
m/common: pre-populate known hosts + slight refactor 2023-11-30 15:16:17 +01:00			`khas.publicKey`
			`microlith.publicKey`
			`zorigami.publicKey`
			`scylla.publicKey`
secrets: rekey after adding kyorinrin… 2024-07-08 18:00:51 +02:00			`kyorinrin.publicKey`
m/common: pre-populate known hosts + slight refactor 2023-11-30 15:16:17 +01:00			`]);`
chore: further refactor 2023-11-30 22:09:21 +01:00			`"secrets/secureboot-cert.age".publicKeys = meta.users.ar`
			`++ (with meta.hosts; [`
			`khas.publicKey`
			`microlith.publicKey`
			`zorigami.publicKey`
			`scylla.publicKey`
secrets: rekey after adding kyorinrin… 2024-07-08 18:00:51 +02:00			`kyorinrin.publicKey`
chore: further refactor 2023-11-30 22:09:21 +01:00			`]);`
			`"secrets/khas-ar.age".publicKeys = meta.users.ar`
			`++ [ meta.hosts.khas.publicKey ];`
			`"secrets/microlith-ar.age".publicKeys = meta.users.ar`
			`++ [ meta.hosts.microlith.publicKey ];`
n/amanojaku: working config for the deck 2023-12-08 10:43:10 +01:00			`"secrets/amanojaku-ar.age".publicKeys = meta.users.ar`
			`++ [ meta.hosts.amanojaku.publicKey ];`
n/kyorinrin: initial import (new tablet) 2024-07-08 14:13:58 +02:00			`"secrets/kyorinrin-ar.age".publicKeys = meta.users.ar`
			`++ [ meta.hosts.kyorinrin.publicKey ];`
chore: further refactor 2023-11-30 22:09:21 +01:00			`"secrets/nix-store.age".publicKeys = meta.users.ar ++ (with meta.hosts; [`
m/common: pre-populate known hosts + slight refactor 2023-11-30 15:16:17 +01:00			`zorigami.publicKey`
			`scylla.publicKey`
			`stereolith.publicKey`
			`khas.publicKey`
			`microlith.publicKey`
			`akamanto.publicKey`
n/amanojaku: working config for the deck 2023-12-08 10:43:10 +01:00			`amanojaku.publicKey`
secrets: inventory ui box pubkey 2024-02-16 09:48:42 +01:00			`tsukumogami.publicKey`
secrets: rekey after adding kyorinrin… 2024-07-08 18:00:51 +02:00			`kyorinrin.publicKey`
n/homekitty: initial setup 2024-12-27 15:14:29 +01:00			`homekitty.publicKey`
m/common: pre-populate known hosts + slight refactor 2023-11-30 15:16:17 +01:00			`]);`
chore: further refactor 2023-11-30 22:09:21 +01:00			`"secrets/wg/nibylandia_scylla.age".publicKeys = meta.users.ar`
			`++ [ meta.hosts.scylla.publicKey ];`
			`"secrets/wg/dn42_w1kl4s_scylla.age".publicKeys = meta.users.ar`
			`++ [ meta.hosts.scylla.publicKey ];`
			`"secrets/lan/nibylandia-ddns-kea.age".publicKeys = meta.users.ar`
			`++ [ meta.hosts.scylla.publicKey ];`
			`"secrets/lan/nibylandia-ddns-bind.age".publicKeys = meta.users.ar`
			`++ [ meta.hosts.scylla.publicKey ];`
			`"secrets/notbotEnvironment.age".publicKeys = meta.users.ar`
			`++ [ meta.hosts.zorigami.publicKey ];`
			`"secrets/nextCloudAdmin.age".publicKeys = meta.users.ar`
			`++ [ meta.hosts.zorigami.publicKey ];`
			`"secrets/nextCloudExporter.age".publicKeys = meta.users.ar`
			`++ [ meta.hosts.zorigami.publicKey ];`
			`"secrets/norkclubMinecraftRestic.age".publicKeys = meta.users.ar`
			`++ [ meta.hosts.zorigami.publicKey ];`
			`"secrets/cassAuth.age".publicKeys = meta.users.ar`
			`++ [ meta.hosts.zorigami.publicKey ];`
			`"secrets/miniflux.age".publicKeys = meta.users.ar`
			`++ [ meta.hosts.zorigami.publicKey ];`
			`"secrets/stuffAuth.age".publicKeys = meta.users.ar`
			`++ [ meta.hosts.stereolith.publicKey ];`
			`"secrets/wg/nibylandia_zorigami.age".publicKeys = meta.users.ar`
			`++ [ meta.hosts.zorigami.publicKey ];`
			`"secrets/mail/ar.age".publicKeys = meta.users.ar`
			`++ [ meta.hosts.zorigami.publicKey ];`
			`"secrets/mail/apo.age".publicKeys = meta.users.ar`
			`++ [ meta.hosts.zorigami.publicKey ];`
			`"secrets/mail/mastodon.age".publicKeys = meta.users.ar`
			`++ [ meta.hosts.zorigami.publicKey ];`
			`"secrets/mail/mastodonPlain.age".publicKeys = meta.users.ar`
n/stereolith: test/qa mastodon instance 2024-08-03 16:33:22 +02:00			`++ [ meta.hosts.zorigami.publicKey meta.hosts.stereolith.publicKey ];`
chore: further refactor 2023-11-30 22:09:21 +01:00			`"secrets/mail/madargon.age".publicKeys = meta.users.ar`
			`++ [ meta.hosts.zorigami.publicKey ];`
			`"secrets/mail/enki.age".publicKeys = meta.users.ar`
			`++ [ meta.hosts.zorigami.publicKey ];`
			`"secrets/mail/matrix.age".publicKeys = meta.users.ar`
			`++ [ meta.hosts.zorigami.publicKey ];`
			`"secrets/mail/vaultwarden.age".publicKeys = meta.users.ar`
			`++ [ meta.hosts.zorigami.publicKey ];`
			`"secrets/mail/vaultwardenPlain.age".publicKeys = meta.users.ar`
			`++ [ meta.hosts.zorigami.publicKey ];`
			`"secrets/mail/keycloak.age".publicKeys = meta.users.ar`
			`++ [ meta.hosts.zorigami.publicKey ];`
			`"secrets/mail/keycloakPlain.age".publicKeys = meta.users.ar`
			`++ [ meta.hosts.zorigami.publicKey ];`
			`"secrets/keycloakDatabase.age".publicKeys = meta.users.ar`
			`++ [ meta.hosts.zorigami.publicKey ];`
			`"secrets/synapseExtraConfig.age".publicKeys = meta.users.ar`
			`++ [ meta.hosts.zorigami.publicKey ];`
pkgs/glitch-soc: upgrade + new attempt at packaging Stolen from https://git.catgirl.cloud/999eagle/dotfiles-nix 2024-05-11 21:27:50 +02:00			`"secrets/mastodon-activerecord.age".publicKeys = meta.users.ar`
			`++ [ meta.hosts.zorigami.publicKey ];`
n/zorigami: fedifetcher: initial setup 2024-08-03 20:40:27 +02:00			`"secrets/fedifetcherAccessToken_ar.age".publicKeys = meta.users.ar`
			`++ [ meta.hosts.zorigami.publicKey ];`
n/stereolith: test/qa mastodon instance 2024-08-03 16:33:22 +02:00			`"secrets/mastodon-qa-activerecord.age".publicKeys = meta.users.ar`
			`++ [ meta.hosts.stereolith.publicKey ];`
chore: further refactor 2023-11-30 22:09:21 +01:00			`"secrets/gitea-runner-token-zorigami.age".publicKeys = meta.users.ar`
			`++ [ meta.hosts.zorigami.publicKey ];`
			`"secrets/gitea-runner-token-scylla.age".publicKeys = meta.users.ar`
			`++ [ meta.hosts.scylla.publicKey ];`
ci: re-introduce github actions 2024-02-25 21:44:28 +01:00			`"secrets/github-runner-token-zorigami.age".publicKeys = meta.users.ar`
			`++ [ meta.hosts.zorigami.publicKey ];`
			`"secrets/github-runner-token-scylla.age".publicKeys = meta.users.ar`
			`++ [ meta.hosts.scylla.publicKey ];`
chore: further refactor 2023-11-30 22:09:21 +01:00			`"secrets/ci-secrets.age".publicKeys = meta.users.ar ++ (with meta.hosts; [`
m/common: pre-populate known hosts + slight refactor 2023-11-30 15:16:17 +01:00			`scylla.publicKey`
			`zorigami.publicKey`
			`]); # TODO: we're not getting ssh keys for the generated disk image, so we need to embed it at disk image build time`
n/zorigami: make virtualhosts easier to create 2024-05-21 20:02:15 +02:00			`"secrets/acme-zorigami-zajeba.li.age".publicKeys = meta.users.ar`
			`++ [ meta.hosts.zorigami.publicKey ];`
n/zorigami: add matrix (dendrite) server instance for automata.of-a.cat + a side dish of `nix fmt` inconsistencies 2024-05-30 00:44:49 +02:00			`"secrets/automata.of-a.cat-matrix_key.pem.age".publicKeys = meta.users.ar`
			`++ [ meta.hosts.zorigami.publicKey ];`
			`"secrets/automata.of-a.cat-matrix_env.age".publicKeys = meta.users.ar`
			`++ [ meta.hosts.zorigami.publicKey ];`
n/zorigami: attempt adding another builder for test262 still failing; gonna see why tomorrow 2024-07-12 02:34:33 +02:00			`"secrets/github-runner-token-test262.age".publicKeys = meta.users.ar`
			`++ [ meta.hosts.zorigami.publicKey ];`
scaffolding 2023-09-03 13:35:16 +02:00			`}`