Move secrets and keys into agenix

Signed-off-by: Mel <einebeere@gmail.com>
author: Mel <einebeere@gmail.com> 2024-12-07 03:24:15 +0100
committer: Mel <einebeere@gmail.com> 2024-12-07 03:41:20 +0100
commit: 44a4f7c6bac97a3381a2b7de8707cd9389f5460f (patch)
tree: f31f04984119dbdb6adba41ed8a1ff1303558d27 /secrets/secrets.nix
parent: 8930b867a5bc863cf1362d3d27579e784a4bbe97 (diff)
download: network-44a4f7c6bac97a3381a2b7de8707cd9389f5460f.tar.zst
network-44a4f7c6bac97a3381a2b7de8707cd9389f5460f.zip
1 files changed, 18 insertions, 0 deletions
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
new file mode 100644
index 0000000..22c7a91
--- /dev/null
+++ b/secrets/secrets.nix
@@ -0,0 +1,18 @@
+let
+  keys = import ./keys.nix;
+
+  inherit (keys) allAdmins allSystems;
+  inherit (keys.system) renard lapin corsac;
+in
+{
+  "cloudflare-dns.age".publicKeys = [
+    lapin
+    corsac
+  ] ++ allAdmins;
+
+  "pds-secrets.age".publicKeys = [
+    lapin
+  ] ++ allAdmins;
+
+  "password.age".publicKeys = allSystems ++ allAdmins;
+}
author	Mel <einebeere@gmail.com>	2024-12-07 03:24:15 +0100
committer	Mel <einebeere@gmail.com>	2024-12-07 03:41:20 +0100
commit	44a4f7c6bac97a3381a2b7de8707cd9389f5460f (patch)
tree	f31f04984119dbdb6adba41ed8a1ff1303558d27 /secrets/secrets.nix
parent	8930b867a5bc863cf1362d3d27579e784a4bbe97 (diff)
download	network-44a4f7c6bac97a3381a2b7de8707cd9389f5460f.tar.zst network-44a4f7c6bac97a3381a2b7de8707cd9389f5460f.zip