blob: ce1ab49b121286ecb7d5f3dd7a296105b09f99c6 (
plain) (
tree)
|
|
let
hosts = {
vm-synology = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHKZAKlqOU6bSuMaaZAsYJdZnmNASWuIbbrrOjB6yGb8 root@vm-synology";
mba = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDLQTIPZraE+jpMqGkh8yUhNFzRJbMarX5Mky3nETw6c root@mba-m2";
do = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID6qsTQwvo6lUACTZKb4T+Je89bW3/BY4DB4aCTqfApz";
rivendell = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID76U5kt8DfBbuP16rMzfBTVTpjjPFKWnnheMALaCQEd";
};
users = {
fcuny = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKdyJepi/NyO6d9eP8m48Ga/gdjB5ENHRXYM1ZqFZR8t";
};
in
{
"forgejo-fastmail.age".publicKeys = [
users.fcuny
hosts.rivendell
];
"keycloak-db-password.age".publicKeys = [
users.fcuny
hosts.rivendell
];
"cloudflare-nginx.age".publicKeys = [
users.fcuny
hosts.do
];
"restic_password.age".publicKeys = [
users.fcuny
hosts.vm-synology
];
"restic_gcs_credentials.age".publicKeys = [
users.fcuny
hosts.vm-synology
];
"nas_client.age".publicKeys = [
users.fcuny
hosts.vm-synology
];
# this is the SSH key we use to access the remote builder.
"ssh-remote-builder.age".publicKeys = [
users.fcuny
hosts.vm-synology
hosts.mba
];
# this is the SSH key for the digital ocean droplet
# the public key is ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID6qsTQwvo6lUACTZKb4T+Je89bW3/BY4DB4aCTqfApz
"do/host-ed25519-key.age".publicKeys = [
users.fcuny
];
"do/wireguard.age".publicKeys = [
users.fcuny
hosts.do
];
"vm-synology/wireguard.age".publicKeys = [
users.fcuny
hosts.vm-synology
];
"rivendell/wireguard.age".publicKeys = [
users.fcuny
hosts.rivendell
];
"rivendell/ts.age".publicKeys = [
users.fcuny
hosts.rivendell
];
}
|
