diff options
Diffstat (limited to 'system/secrets')
-rw-r--r-- | system/secrets/default.nix | 17 | ||||
-rw-r--r-- | system/secrets/invidious/hmac.tix | 14 | ||||
-rw-r--r-- | system/secrets/mastodon/mail.tix | 15 | ||||
-rw-r--r-- | system/secrets/miniflux/admin.tix | 14 | ||||
-rw-r--r-- | system/secrets/secrets.nix | 4 |
5 files changed, 64 insertions, 0 deletions
diff --git a/system/secrets/default.nix b/system/secrets/default.nix index dcff9ca..1e3ce84 100644 --- a/system/secrets/default.nix +++ b/system/secrets/default.nix @@ -18,6 +18,23 @@ mode = "700"; owner = "etebase-server"; group = "etebase-server"; + invidiousHmac = { + file = ./invidious/hmac.tix; + mode = "700"; + owner = "root"; + group = "root"; + }; + minifluxAdmin = { + file = ./miniflux/admin.tix; + mode = "700"; + owner = "root"; + group = "root"; + }; + mastodonMail = { + file = ./mastodon/mail.tix; + mode = "700"; + owner = "mastodon"; + group = "mastodon"; }; }; }; diff --git a/system/secrets/invidious/hmac.tix b/system/secrets/invidious/hmac.tix new file mode 100644 index 0000000..f760fa9 --- /dev/null +++ b/system/secrets/invidious/hmac.tix @@ -0,0 +1,14 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvZGJGNzVGUWhsVTJFUGds +dFZmVnRnY1NrVTZBWEt2eFp1YU4yM0xoOUgwClZZNDNFQlp2aEx1eHVqbE5ZU29t +dVpMcStrMXd5WEFOaDJUVlVuUnJ4YkkKLT4gWDI1NTE5IEZSTVFhdk83RGRNWWdZ +bmQyd0FNTWhrUUxSRjVOQjAvWSsyU1Z4OWFvVUUKdkIraVRtRW5mUnZFbVRkcDBw +ME5NTDVkRUo1b0d1Z2xERWZnS0tMLzFhYwotPiBzc2gtZWQyNTUxOSBPRDhUNGcg +d09jY1doam1nc3B3MEVqN0grM3JWZzFwMW5WU2ZYdGh0TUZnM0VVdzJBSQppL3Qv +T0VDOTc1U3gyaTB6YVV4dDhEVU1OMzdlMnV2dC9zMVl1VkdkRmlBCi0+IGc/SEJa +aDZoLWdyZWFzZSBKPW1xOFRaIE9DUCBdfl1HXVUKL0I4MTJZT1ljOXE3cUtTR0Fv +S3E2UHcvYWxhUlU5QkdXVWZyUjU0SlcveG9GcjZZV242QXVwaDBQTjN0VldBCi0t +LSB6S0E2SWtmaXBnRkI5aFNIOU9VWkdhOHQrQ0x0MzJ3TC9aNkpJSTY5eDkwClOc +N6wSpWFX87Vbr+J8Sxn9O6uRbYAyNDmiJk5mDqYaqy/+PRPTx0gbmqRz911sW5Zx +aBKfDzSPjNx0CSKKL7ioTYlRrW0YyQ== +-----END AGE ENCRYPTED FILE----- diff --git a/system/secrets/mastodon/mail.tix b/system/secrets/mastodon/mail.tix new file mode 100644 index 0000000..c64a2e7 --- /dev/null +++ b/system/secrets/mastodon/mail.tix @@ -0,0 +1,15 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBqT05Uc2hrcFAwd1c5S1o0 +L3hhQURmdUVBbmxSYVFGczdGWThTck9VdkhRCktOZ1JSamN0Ly9pVXJDMDZ4Y0VZ +bmRyMTlaOU9HOEZ5SitzOVovUkhCNFUKLT4gWDI1NTE5IHlqUTFtODd6QXpNMFBY +WTY2cTJ2TFI5S0ZGc1doeEVEUi9veGRDKzN5UWsKUC9WZUtXVUs5cnkxL3Y5RlJs +RTRkNE5zQ0NtbG0vdStuZXZVUzFoeTBwNAotPiBzc2gtZWQyNTUxOSBPRDhUNGcg +Um1qczl3YTM0S3dIb3AzQmpSNVNNUXFzMFNLNEEwQllOSUkrMHNzVy9uMApTdjhz +U250NGNpdk5SbWhPNjhjWWM0aWovRCt0MjR3M29JSTZjLy9IbTAwCi0+IEwtZ3Jl +YXNlIEp6KCk4by1jIF0Kd2xoKytCU3d3MGFxZmRmS2gxSDJiVFp1L3hOS2hJVEtz +NlFHWHhnRW5SNTZRMFFFRUJrVXo2blZvNlZTSXNqeQpVbWFLUmVHN1ptWGdLMkJT +RVJuUWxTVE4vcDhsCi0tLSA5ckxpdFhrQWErb2NkcXlWaHR6WmVndVppbjRIQ3cw +VjAxdTlnTEdmTkVrCou6/oezocFtYn7QDWLFzknFPlD5d1xBFutng6dvazWasZXD +qecouKvAmFFA4mQHUjbmD2QxWdorU7SyYpEPeTJ4rbOuayySkYPxUoo8gqvd7JkS +0VCavUuSb8nmfk24E3M= +-----END AGE ENCRYPTED FILE----- diff --git a/system/secrets/miniflux/admin.tix b/system/secrets/miniflux/admin.tix new file mode 100644 index 0000000..6b34ab0 --- /dev/null +++ b/system/secrets/miniflux/admin.tix @@ -0,0 +1,14 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0ZHJ3V0E3bjVLYUd5N2gx +eE15dlBldWt1ZGpBcGc3ZWcwMTNKSTcxR0Y0Cm03dEgxYzdhYjYvWFNNUVdtR3E1 +dW1lMlE3R3dlcUZ1Qm1GMElPQU8xYmMKLT4gWDI1NTE5IFJrc28wZzhWQ3RoeFFK +WFlTSmVzRGMzamxrQ0NSUG9KVWxSajJsQ1BablEKS0tFb096djZOdUJIVTdaSndH +b1ZMT3ZCZGVkaWMvU0hPSFhsMkY3RzBkNAotPiBzc2gtZWQyNTUxOSBPRDhUNGcg +SWdGV1pSYzY3bWxadWJZeXVmTXBHeGpMTTYyak1IbE9jTjZQS3dwRXozUQo1UFlT +am9WNzh1TytMNTFsNjM4amh0N2JDdkxjYk9GL285UWUrZHV5L3p3Ci0+IEkqMS1n +cmVhc2UgZV4KRFlYWlRyNDFtZlJWcS9vZ1hiUkJxdE9saHpTTWQ3TitMc1N0UXBE +eWZ5SQotLS0gRzE4bmpSTWpjUnlHUlNHTTNWSjNNL0d3VFFpVFdOaVlMUERmRHNt +d2k3WQqd+49pa75kfJffbdCOmNvPLUN7N+d+lI4lXlPTyLWTNnM8qaVz+BAhMH40 +ri9BTHHtg4ql7bXZWXZt/CiBLUOuv+yKckm4u51vjOwyHwUjaMYF4bfXS+rChsQV +BL+XWihQZ5wNsUh1PRHMy3mrF1XSYROa4ApK/i5Sgm271cvBMI4C4G+oux0/wvkL +-----END AGE ENCRYPTED FILE----- diff --git a/system/secrets/secrets.nix b/system/secrets/secrets.nix index 9e52383..29904ab 100644 --- a/system/secrets/secrets.nix +++ b/system/secrets/secrets.nix @@ -13,4 +13,8 @@ in { "keycloak/passwd.tix".publicKeys = allSecrets; "matrix-synapse/passwd.tix".publicKeys = allSecrets; "etebase-server/passwd.tix".publicKeys = allSecrets; + "invidious/hmac.tix".publicKeys = allSecrets; + "invidious/settings.tix".publicKeys = allSecrets; + "miniflux/admin.tix".publicKeys = allSecrets; + "mastodon/mail.tix".publicKeys = allSecrets; } |