From 1ccee14d3cfd66d8bd17270118f55662bb42d91d Mon Sep 17 00:00:00 2001 From: Franck Cuny Date: Thu, 14 Aug 2025 10:18:27 -0700 Subject: add keycloak for OAuth, runbooks, and finish forgejo setup --- secrets/forgejo-fastmail.age | 7 +++++++ secrets/keycloak-db-password.age | 7 +++++++ secrets/secrets.nix | 8 ++++++++ 3 files changed, 22 insertions(+) create mode 100644 secrets/forgejo-fastmail.age create mode 100644 secrets/keycloak-db-password.age (limited to 'secrets') diff --git a/secrets/forgejo-fastmail.age b/secrets/forgejo-fastmail.age new file mode 100644 index 0000000..bad24e6 --- /dev/null +++ b/secrets/forgejo-fastmail.age @@ -0,0 +1,7 @@ +age-encryption.org/v1 +-> ssh-ed25519 pFjJaA 9HXFxgGpjGDd9rqy/DEjPy57PMFaZ7s5lDs3GLrZ5Qk +JO/g/1Xa59EKypv5xP9ZuhubrsGOlCbAUNYiP9YoDlA +-> ssh-ed25519 qRUWSw zBrF/AGY/V7AYHzC95QW7bR5+TJOsNIuTQnPPM87jxc +kRJnf+N/MLaRdZsEL1vdp5RADozFAGLhZ4J7vIib9og +--- xeV5vUs0X53ENCgbiUxnQltC/h4hDstEBlvN8GM3YZw +Ju5W+gO$7>}hyf0Ps>eKi=J6H \ No newline at end of file diff --git a/secrets/keycloak-db-password.age b/secrets/keycloak-db-password.age new file mode 100644 index 0000000..6ac0e85 --- /dev/null +++ b/secrets/keycloak-db-password.age @@ -0,0 +1,7 @@ +age-encryption.org/v1 +-> ssh-ed25519 pFjJaA cmAZbTltBmkWqUjWnr57vyxGl+5c96bxME0SS6w7ozs +7bu8taoNlffYBuhKAhQ4bid2fRs45IYKgIZmiJKX9xk +-> ssh-ed25519 qRUWSw 3c8Lqxx5rVaUBG3J05ffcNHP7I4Rq4kEvKQQgC29nxE +R9EojU4XpWpBnTCWEF4p94SGGQ0TZwI8BBxRlg+/6hc +--- AK9ErFYwVcMqqejL/qAHVt7se+s9LSdiMBarumrwRZg +y\hGprO֭bb4A{`\.b){ m_ \ No newline at end of file diff --git a/secrets/secrets.nix b/secrets/secrets.nix index 0c88cb7..5415ae0 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -9,6 +9,14 @@ let }; in { + "forgejo-fastmail.age".publicKeys = [ + users.fcuny + hosts.vm-synology + ]; + "keycloak-db-password.age".publicKeys = [ + users.fcuny + hosts.vm-synology + ]; "cloudflare-caddy.age".publicKeys = [ users.fcuny hosts.do -- cgit v1.2.3