Tristan Daniël Maat
86fcaf7eb6
Seems it's been picked up by someone doing naughty things, let's disable this for now as I don't really have a use case for matrix calls anymore...
89 lines
1.7 KiB
Nix
89 lines
1.7 KiB
Nix
{
|
|
sops = {
|
|
defaultSopsFile = ../keys/production.yaml;
|
|
|
|
secrets = {
|
|
"battery-manager/email" = { };
|
|
|
|
"battery-manager/password" = { };
|
|
|
|
# Gitea
|
|
"forgejo/metrics-token" = {
|
|
owner = "forgejo";
|
|
group = "metrics";
|
|
mode = "0440";
|
|
};
|
|
|
|
# Grafana
|
|
"grafana/adminPassword" = {
|
|
owner = "grafana";
|
|
group = "grafana";
|
|
};
|
|
"grafana/secretKey" = {
|
|
owner = "grafana";
|
|
group = "grafana";
|
|
};
|
|
|
|
# Heisenbridge
|
|
"heisenbridge/as-token" = { };
|
|
"heisenbridge/hs-token" = { };
|
|
|
|
# Matrix-hookshot
|
|
"matrix-hookshot/as-token" = { };
|
|
"matrix-hookshot/hs-token" = { };
|
|
|
|
# Nextcloud
|
|
"nextcloud/tlater" = {
|
|
owner = "nextcloud";
|
|
group = "nextcloud";
|
|
};
|
|
|
|
# Porkbub/ACME
|
|
"porkbun/api-key" = {
|
|
owner = "acme";
|
|
};
|
|
"porkbun/secret-api-key" = {
|
|
owner = "acme";
|
|
};
|
|
|
|
# Restic
|
|
"restic/local-backups" = {
|
|
owner = "root";
|
|
group = "backup";
|
|
mode = "0440";
|
|
};
|
|
"restic/storagebox-backups" = {
|
|
owner = "root";
|
|
group = "backup";
|
|
mode = "0440";
|
|
};
|
|
"restic/storagebox-ssh-key" = {
|
|
owner = "backup";
|
|
group = "backup";
|
|
mode = "0040";
|
|
};
|
|
|
|
# Steam
|
|
"steam/tlater" = { };
|
|
|
|
# Turn
|
|
# "turn/env" = { };
|
|
# "turn/secret" = {
|
|
# owner = "turnserver";
|
|
# };
|
|
# "turn/ssl-key" = {
|
|
# owner = "turnserver";
|
|
# };
|
|
# "turn/ssl-cert" = {
|
|
# owner = "turnserver";
|
|
# };
|
|
|
|
# Wireguard
|
|
"wireguard/server-key" = {
|
|
owner = "root";
|
|
group = "systemd-network";
|
|
mode = "0440";
|
|
};
|
|
};
|
|
};
|
|
}
|