tlaternet-server/configuration/sops.nix

88 lines
1.7 KiB
Nix
Raw Normal View History

{
sops = {
defaultSopsFile = ../keys/production.yaml;
2023-04-23 23:42:25 +01:00
secrets = {
2024-04-08 19:02:53 +01:00
"battery-manager/email" = {
owner = "battery-manager";
group = "battery-manager";
};
"battery-manager/password" = {
owner = "battery-manager";
group = "battery-manager";
};
# Gitea
2023-12-29 15:11:16 +00:00
"forgejo/metrics-token" = {
owner = "forgejo";
group = "metrics";
mode = "0440";
};
# Grafana
"grafana/adminPassword" = {
owner = "grafana";
group = "grafana";
};
"grafana/secretKey" = {
owner = "grafana";
group = "grafana";
};
2023-10-02 00:02:28 +01:00
# Heisenbridge
"heisenbridge/as-token" = { };
"heisenbridge/hs-token" = { };
2023-04-23 23:42:25 +01:00
2024-04-16 00:08:13 +01:00
"hetzner-api" = {
owner = "acme";
};
2023-10-02 00:02:28 +01:00
# Nextcloud
"nextcloud/tlater" = {
owner = "nextcloud";
group = "nextcloud";
2023-04-23 23:42:25 +01:00
};
2023-10-02 00:02:28 +01:00
# Restic
"restic/local-backups" = {
owner = "root";
group = "backup";
mode = "0440";
};
2024-03-18 04:05:54 +00:00
"restic/storagebox-backups" = {
owner = "root";
group = "backup";
mode = "0440";
};
"restic/storagebox-ssh-key" = {
owner = "backup";
group = "backup";
mode = "0040";
};
2023-10-02 00:02:28 +01:00
# Steam
"steam/tlater" = { };
2023-10-02 00:02:28 +01:00
# Turn
"turn/env" = { };
2023-04-23 23:42:25 +01:00
"turn/secret" = {
owner = "turnserver";
};
"turn/ssl-key" = {
owner = "turnserver";
};
"turn/ssl-cert" = {
owner = "turnserver";
};
2023-10-02 00:02:28 +01:00
# Wireguard
"wireguard/server-key" = {
owner = "root";
group = "systemd-network";
mode = "0440";
};
};
};
}