ghost: split secrets for server and local
This commit is contained in:
parent
32b1771867
commit
b00b4e322f
|
@ -3,7 +3,6 @@
|
|||
"${inputs.nixpkgs}/nixos/modules/virtualisation/digital-ocean-image.nix"
|
||||
inputs.agenix.nixosModules.default
|
||||
../system/nix.nix
|
||||
../system/secrets.nix
|
||||
];
|
||||
|
||||
# Use more aggressive compression then the default.
|
||||
|
@ -102,6 +101,22 @@
|
|||
size = (1024 * 2); # 2 GB
|
||||
}];
|
||||
|
||||
age = {
|
||||
identityPaths = [ "/root/.ssh/id_rsa" ];
|
||||
secrets.ghost-nextcloud = {
|
||||
file = ../secrets/ghost-nextcloud.age;
|
||||
mode = "400";
|
||||
owner = "nextcloud";
|
||||
group = "nextcloud";
|
||||
};
|
||||
secrets.ghost-writefreely = {
|
||||
file = ../secrets/ghost-writefreely.age;
|
||||
mode = "400";
|
||||
owner = "writefreely";
|
||||
group = "writefreely";
|
||||
};
|
||||
};
|
||||
|
||||
system.stateVersion = "23.05"; # Never change this
|
||||
}
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{ pkgs, ... }: {
|
||||
age = {
|
||||
identityPaths = [ "/home/lelgenio/.ssh/id_rsa" "/root/.ssh/id_rsa" ];
|
||||
identityPaths = [ "/home/lelgenio/.ssh/id_rsa" ];
|
||||
secrets.lelgenio-cachix.file = ../secrets/lelgenio-cachix.age;
|
||||
secrets.monolith-gitlab-runner-thoreb-itinerario-registrationConfigFile.file =
|
||||
../secrets/monolith-gitlab-runner-thoreb-itinerario-registrationConfigFile.age;
|
||||
|
@ -10,17 +10,5 @@
|
|||
../secrets/rainbow-gitlab-runner-thoreb-itinerario-registrationConfigFile.age;
|
||||
secrets.monolith-nix-serve-privkey.file =
|
||||
../secrets/monolith-nix-serve-privkey.age;
|
||||
secrets.ghost-nextcloud = {
|
||||
file = ../secrets/ghost-nextcloud.age;
|
||||
mode = "400";
|
||||
owner = "nextcloud";
|
||||
group = "nextcloud";
|
||||
};
|
||||
secrets.ghost-writefreely = {
|
||||
file = ../secrets/ghost-writefreely.age;
|
||||
mode = "400";
|
||||
owner = "writefreely";
|
||||
group = "writefreely";
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue