summary refs log tree commit diff stats
path: root/system/secrets
diff options
context:
space:
mode:
Diffstat (limited to 'system/secrets')
-rw-r--r--system/secrets/default.nix6
-rw-r--r--system/secrets/invidious/hmac.tix14
-rw-r--r--system/secrets/secrets.nix14
3 files changed, 27 insertions, 7 deletions
diff --git a/system/secrets/default.nix b/system/secrets/default.nix
index 5cd401c..2269672 100644
--- a/system/secrets/default.nix
+++ b/system/secrets/default.nix
@@ -13,6 +13,12 @@
         owner = "matrix-synapse";
         group = "matrix-synapse";
       };
+      invidiousHmac = {
+        file = ./invidious/hmac.tix;
+        mode = "700";
+        owner = "root";
+        group = "root";
+      };
     };
   };
 }
diff --git a/system/secrets/invidious/hmac.tix b/system/secrets/invidious/hmac.tix
new file mode 100644
index 0000000..f760fa9
--- /dev/null
+++ b/system/secrets/invidious/hmac.tix
@@ -0,0 +1,14 @@
+-----BEGIN AGE ENCRYPTED FILE-----
+YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvZGJGNzVGUWhsVTJFUGds
+dFZmVnRnY1NrVTZBWEt2eFp1YU4yM0xoOUgwClZZNDNFQlp2aEx1eHVqbE5ZU29t
+dVpMcStrMXd5WEFOaDJUVlVuUnJ4YkkKLT4gWDI1NTE5IEZSTVFhdk83RGRNWWdZ
+bmQyd0FNTWhrUUxSRjVOQjAvWSsyU1Z4OWFvVUUKdkIraVRtRW5mUnZFbVRkcDBw
+ME5NTDVkRUo1b0d1Z2xERWZnS0tMLzFhYwotPiBzc2gtZWQyNTUxOSBPRDhUNGcg
+d09jY1doam1nc3B3MEVqN0grM3JWZzFwMW5WU2ZYdGh0TUZnM0VVdzJBSQppL3Qv
+T0VDOTc1U3gyaTB6YVV4dDhEVU1OMzdlMnV2dC9zMVl1VkdkRmlBCi0+IGc/SEJa
+aDZoLWdyZWFzZSBKPW1xOFRaIE9DUCBdfl1HXVUKL0I4MTJZT1ljOXE3cUtTR0Fv
+S3E2UHcvYWxhUlU5QkdXVWZyUjU0SlcveG9GcjZZV242QXVwaDBQTjN0VldBCi0t
+LSB6S0E2SWtmaXBnRkI5aFNIOU9VWkdhOHQrQ0x0MzJ3TC9aNkpJSTY5eDkwClOc
+N6wSpWFX87Vbr+J8Sxn9O6uRbYAyNDmiJk5mDqYaqy/+PRPTx0gbmqRz911sW5Zx
+aBKfDzSPjNx0CSKKL7ioTYlRrW0YyQ==
+-----END AGE ENCRYPTED FILE-----
diff --git a/system/secrets/secrets.nix b/system/secrets/secrets.nix
index 2fd4132..194ed3c 100644
--- a/system/secrets/secrets.nix
+++ b/system/secrets/secrets.nix
@@ -3,15 +3,15 @@ let
   sils = "age1vuhaey7kd9l76y6f9weeqmde3s4kjw38869ju6u3027yece2r3rqssjxst";
 
   server1 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMnqsfIZjelH7rcvFvnLR5zUZuC8thsBupBlvjcMRBUm";
-in {
-  "keycloak/passwd.tix".publicKeys = [
-    soispha
-    sils
-    server1
-  ];
-  "matrix-synapse/passwd.tix".publicKeys = [
+
+  allSecrets = [
     soispha
     sils
     server1
   ];
+in {
+  "keycloak/passwd.tix".publicKeys = allSecrets;
+  "matrix-synapse/passwd.tix".publicKeys = allSecrets;
+  "invidious/passwd.tix".publicKeys = allSecrets;
+  "invidious/settings.tix".publicKeys = allSecrets;
 }
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-11-29 01:48:04 +0000