nix-config/secrets/secrets.nix

let
  systems = {
    eden = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIByi8x1IgXBC6iw6MJoO7xIkkU4bdIaQ3Mi6zEtm+IJh";
    hive = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGEn+C6ktSqvvwNVf1zUeNKKtZJ1QgLVhQjU83+0RvSY";
    oasis = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICCvgPNEJrWjeCUmF/izLhIzaAwSNYHW9o5meYmGHGzj";
    raindog = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINq0rMkFlizGPijlHKMYS9CGWJ2T1ZJHqaLozWdoySz2";
  };

  users = {
    tdback = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIErXJtbnTYwxgqv7v5HJgd0OUAlOeEzxX7TxEyBDM+at";
  };

  allSystems = builtins.attrValues systems;
  allUsers = builtins.attrValues users;
in
{
  "forgejoAdminPass.age".publicKeys = [ systems.oasis ];
  "forgejoRunnerToken.age".publicKeys = [ systems.oasis ];
  "piholeAdminPass.age".publicKeys = [ systems.raindog ];
  "pushoverAppToken.age".publicKeys = allSystems ++ allUsers;
  "pushoverUserToken.age".publicKeys = allSystems ++ allUsers;
}
starting fresh on a self-hosted forge 2024-11-10 17:54:08 -05:00			`let`
			`systems = {`
			`eden = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIByi8x1IgXBC6iw6MJoO7xIkkU4bdIaQ3Mi6zEtm+IJh";`
reroll pushover tokens for all servers and users 2024-11-23 16:00:51 -05:00			`hive = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGEn+C6ktSqvvwNVf1zUeNKKtZJ1QgLVhQjU83+0RvSY";`
starting fresh on a self-hosted forge 2024-11-10 17:54:08 -05:00			`oasis = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICCvgPNEJrWjeCUmF/izLhIzaAwSNYHW9o5meYmGHGzj";`
put pihole password in secrets file and use systemd to auto change it 2024-11-12 21:53:39 -05:00			`raindog = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINq0rMkFlizGPijlHKMYS9CGWJ2T1ZJHqaLozWdoySz2";`
starting fresh on a self-hosted forge 2024-11-10 17:54:08 -05:00			`};`
reroll pushover tokens for all servers and users 2024-11-23 16:00:51 -05:00
			`users = {`
			`tdback = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIErXJtbnTYwxgqv7v5HJgd0OUAlOeEzxX7TxEyBDM+at";`
			`};`

starting fresh on a self-hosted forge 2024-11-10 17:54:08 -05:00			`allSystems = builtins.attrValues systems;`
reroll pushover tokens for all servers and users 2024-11-23 16:00:51 -05:00			`allUsers = builtins.attrValues users;`
starting fresh on a self-hosted forge 2024-11-10 17:54:08 -05:00			`in`
			`{`
			`"forgejoAdminPass.age".publicKeys = [ systems.oasis ];`
			`"forgejoRunnerToken.age".publicKeys = [ systems.oasis ];`
put pihole password in secrets file and use systemd to auto change it 2024-11-12 21:53:39 -05:00			`"piholeAdminPass.age".publicKeys = [ systems.raindog ];`
reroll pushover tokens for all servers and users 2024-11-23 16:00:51 -05:00			`"pushoverAppToken.age".publicKeys = allSystems ++ allUsers;`
			`"pushoverUserToken.age".publicKeys = allSystems ++ allUsers;`
starting fresh on a self-hosted forge 2024-11-10 17:54:08 -05:00			`}`