tlaternet-server/configuration/sops.nix
2023-10-02 22:52:23 +02:00

57 lines
1 KiB
Nix

{
sops = {
defaultSopsFile = ../keys/production.yaml;
secrets = {
# Grafana
"grafana/adminPassword" = {
owner = "grafana";
group = "grafana";
};
"grafana/secretKey" = {
owner = "grafana";
group = "grafana";
};
# Heisenbridge
"heisenbridge/as-token" = {};
"heisenbridge/hs-token" = {};
# Nextcloud
"nextcloud/tlater" = {
owner = "nextcloud";
group = "nextcloud";
};
# Restic
"restic/local-backups" = {
owner = "root";
group = "backup";
mode = "0440";
};
# Steam
"steam/tlater" = {};
# Turn
"turn/env" = {};
"turn/secret" = {
owner = "turnserver";
};
"turn/ssl-key" = {
owner = "turnserver";
};
"turn/ssl-cert" = {
owner = "turnserver";
};
# Wireguard
"wireguard/server-key" = {
owner = "root";
group = "systemd-network";
mode = "0440";
};
};
};
}