blob: a8f01cf2eb24c7e6fc35b2ed669b48c0a711ad11 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
|
let
hosts = {
bree = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFM4wZaYwz8kuu6lNrdrN6QOyouGQ0v1ye+Iwh1jawNi";
mba = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDLQTIPZraE+jpMqGkh8yUhNFzRJbMarX5Mky3nETw6c";
rivendell = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID76U5kt8DfBbuP16rMzfBTVTpjjPFKWnnheMALaCQEd";
argonath = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHi9jHqRjpMzXlznTXi4nEtlRlFfyIzB6Ur9A+HDfFoq";
};
users = {
fcuny = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKdyJepi/NyO6d9eP8m48Ga/gdjB5ENHRXYM1ZqFZR8t";
};
in
{
"acme-cloudflare-env.age".publicKeys = [
users.fcuny
hosts.argonath
];
"restic-pw.age".publicKeys = [
users.fcuny
hosts.rivendell
];
"restic-nas-smb-config.age".publicKeys = [
users.fcuny
hosts.rivendell
];
# this is the SSH key we use to access the remote builder.
"ssh-remote-builder.age".publicKeys = [
users.fcuny
hosts.mba
];
"miniflux-oidc.age".publicKeys = [
users.fcuny
hosts.rivendell
];
# generated with:
# openssl rand 64 | openssl base64 -A | tr '+/' '-_' | tr -d '='
"authelia-storage-key.age".publicKeys = [
users.fcuny
hosts.rivendell
];
# generated with:
# openssl rand 64 | openssl base64 -A | tr '+/' '-_' | tr -d '='
"authelia-jwt-key.age".publicKeys = [
users.fcuny
hosts.rivendell
];
# generated with:
# authelia crypto pair rsa generate
"authelia-jwks.age".publicKeys = [
users.fcuny
hosts.rivendell
];
"authelia-users.yaml.age".publicKeys = [
users.fcuny
hosts.rivendell
];
"bree/wireguard.age".publicKeys = [
users.fcuny
hosts.bree
];
"rivendell/wireguard.age".publicKeys = [
users.fcuny
hosts.rivendell
];
"argonath/wireguard.age".publicKeys = [
users.fcuny
hosts.argonath
];
}
|
