2023-01-25 11:48:44 +00:00
|
|
|
let
|
|
|
|
admin = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK6DjXTAxesXpQ65l659iAjzEb6VpRaWKSg4AXxifPw9 Skynet Admin";
|
2023-09-26 00:26:24 +00:00
|
|
|
silver_laptop = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFQWfVKls31yK1aZeAu5mCE+xycI9Kt3Xoj+gfvEonDg NixOS Laptop";
|
|
|
|
silver_desktop = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN34yTh0nk7HAz8id5Z/wiIX3H7ptleDyXy5bfbemico Desktop";
|
2023-09-17 19:51:08 +00:00
|
|
|
thenobrainer = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKjaKI97NY7bki07kxAvo95196NXCaMvI1Dx7dMW05Q1 thenobrainer";
|
2023-01-25 11:48:44 +00:00
|
|
|
|
|
|
|
users = [
|
|
|
|
admin
|
2023-09-26 00:26:24 +00:00
|
|
|
silver_laptop
|
|
|
|
silver_desktop
|
2023-04-23 15:43:52 +00:00
|
|
|
thenobrainer
|
2023-01-25 11:48:44 +00:00
|
|
|
];
|
|
|
|
|
2023-11-15 16:41:30 +00:00
|
|
|
agentjones = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDHOxA3uYcqS5gTrG1hS8XXwehzQYAI2I4iULtU8cXft root@agentjones";
|
2023-11-17 11:41:22 +00:00
|
|
|
vendetta = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFvcxiSYE38V1IopHj7Z7ZWP1IqnskYCdhj8yCQohVUM root@vendetta";
|
2023-04-20 17:12:47 +00:00
|
|
|
vigil = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICDsz1bjNAThqwF48dKIJGOECsCKHTj/Gn5Gh9XyzoSO root@vigil";
|
2023-04-20 18:21:28 +00:00
|
|
|
galatea = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII3Mke5YtaMkLvXJxJ3y7YAIEBesoJk3qJyJsnoLUWgW root@galatea";
|
2023-04-27 00:46:51 +00:00
|
|
|
optimus = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIqYbbWy3WWtxvD96Hx+RfTx7fJPPirIEa5bOvUILi9r root@optimus";
|
2023-06-15 01:47:56 +00:00
|
|
|
glados = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ6go7ScvOga9vYqC5HglPfh2Nu8wQTpEKpvIZuMAZom root@glados";
|
2023-06-17 18:37:06 +00:00
|
|
|
wheatly = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEehcrWqZbTr4+do1ONE9Il/SayP0xXMvhozm845tonN root@wheatly";
|
2023-05-16 22:18:40 +00:00
|
|
|
kitt = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPble6JA2O/Wwv0Fztl/kiV0qj+QMjS+jTTj1Sz8k9xK root@kitt";
|
2023-06-16 22:18:53 +00:00
|
|
|
gir = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINL2qk/e0QBqpTQ2xDjF7Cv4c92jJ53jW2fuu88hAF/u root@gir";
|
2023-11-15 20:15:53 +00:00
|
|
|
neuromancer = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEFAs6lBJSUBRhtZO3zGKhEIlWvqnHFGAQuQ//9FdAn6 root@neuromancer";
|
2023-07-20 21:42:01 +00:00
|
|
|
skynet = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAIFPXJswth8H1k8+zrg8vCnPkfG1hIIa3wR9DBmjpB5 root@skynet";
|
2023-09-16 00:35:26 +00:00
|
|
|
earth = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMpvgQcvK7iAm0QrIp5qSvUJzDhOrSBN9MJn9JUSI31I root@earth";
|
2023-10-25 18:28:28 +00:00
|
|
|
cadie = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIACcwg27wzzFVvzuTytcnzRmCfGkhULwlHJA/3BeVtgf root@cadie";
|
2023-11-20 16:10:09 +00:00
|
|
|
marvin = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIAme2vuVpGYX4La/JtXm3zunsWNDP+SlGmBk/pWmYkH root@marvin";
|
2023-09-16 00:35:26 +00:00
|
|
|
|
2023-01-25 11:48:44 +00:00
|
|
|
systems = [
|
|
|
|
agentjones
|
2023-06-23 22:52:31 +00:00
|
|
|
vendetta
|
|
|
|
vigil
|
|
|
|
galatea
|
|
|
|
optimus
|
|
|
|
glados
|
|
|
|
wheatly
|
|
|
|
kitt
|
|
|
|
gir
|
|
|
|
neuromancer
|
2023-07-20 21:42:01 +00:00
|
|
|
skynet
|
2023-09-16 00:35:26 +00:00
|
|
|
earth
|
2023-10-25 18:28:28 +00:00
|
|
|
cadie
|
2023-11-20 16:10:09 +00:00
|
|
|
marvin
|
2023-04-27 00:46:51 +00:00
|
|
|
];
|
|
|
|
|
|
|
|
dns = [
|
2023-04-20 17:12:47 +00:00
|
|
|
vendetta
|
|
|
|
vigil
|
2023-04-27 00:46:51 +00:00
|
|
|
];
|
2023-04-23 03:22:01 +00:00
|
|
|
|
2023-06-16 22:18:53 +00:00
|
|
|
email = [
|
|
|
|
gir
|
|
|
|
];
|
|
|
|
|
2023-09-17 19:51:08 +00:00
|
|
|
ldap =
|
|
|
|
[
|
|
|
|
kitt
|
|
|
|
]
|
|
|
|
++ gitlab
|
|
|
|
++ email;
|
2023-05-20 20:28:15 +00:00
|
|
|
|
2023-06-15 01:47:56 +00:00
|
|
|
gitlab = [
|
|
|
|
glados
|
|
|
|
];
|
|
|
|
|
2023-06-17 18:37:06 +00:00
|
|
|
gitlab_runners = [
|
|
|
|
wheatly
|
|
|
|
];
|
|
|
|
|
2023-04-27 00:46:51 +00:00
|
|
|
# these need dns stuff
|
2023-09-17 19:51:08 +00:00
|
|
|
webservers =
|
|
|
|
[
|
|
|
|
# ULFM
|
|
|
|
galatea
|
|
|
|
# Games
|
|
|
|
optimus
|
|
|
|
# skynet is a webserver for users
|
|
|
|
skynet
|
|
|
|
# our offical server
|
|
|
|
earth
|
|
|
|
]
|
|
|
|
# ldap servers are web facing
|
|
|
|
++ ldap
|
2023-10-25 18:28:28 +00:00
|
|
|
++ gitlab
|
|
|
|
++ nextcloud;
|
2023-05-24 19:57:49 +00:00
|
|
|
|
2023-06-23 22:52:31 +00:00
|
|
|
restic = [
|
|
|
|
neuromancer
|
|
|
|
];
|
2023-08-27 21:31:08 +00:00
|
|
|
|
|
|
|
discord = [
|
|
|
|
kitt
|
|
|
|
];
|
2023-10-22 13:27:42 +00:00
|
|
|
|
|
|
|
nextcloud = [
|
2023-10-25 18:28:28 +00:00
|
|
|
cadie
|
2023-10-22 13:27:42 +00:00
|
|
|
];
|
2023-11-06 04:16:33 +00:00
|
|
|
|
|
|
|
bitwarden = [
|
|
|
|
kitt
|
|
|
|
];
|
2023-09-17 19:51:08 +00:00
|
|
|
in {
|
2023-01-25 11:48:44 +00:00
|
|
|
# nix run github:ryantm/agenix -- -e secret1.age
|
|
|
|
|
2023-04-27 00:46:51 +00:00
|
|
|
"dns_certs.secret.age".publicKeys = users ++ webservers;
|
|
|
|
"dns_dnskeys.conf.age".publicKeys = users ++ dns;
|
2023-04-21 00:44:11 +00:00
|
|
|
|
2023-04-27 00:46:51 +00:00
|
|
|
"stream_ulfm.age".publicKeys = users ++ [galatea];
|
2023-04-21 00:44:11 +00:00
|
|
|
|
2023-06-15 01:47:56 +00:00
|
|
|
"gitlab/pw.age".publicKeys = users ++ gitlab;
|
|
|
|
"gitlab/db_pw.age".publicKeys = users ++ gitlab;
|
|
|
|
"gitlab/secrets_db.age".publicKeys = users ++ gitlab;
|
|
|
|
"gitlab/secrets_secret.age".publicKeys = users ++ gitlab;
|
|
|
|
"gitlab/secrets_otp.age".publicKeys = users ++ gitlab;
|
|
|
|
"gitlab/secrets_jws.age".publicKeys = users ++ gitlab;
|
|
|
|
"gitlab/ldap_pw.age".publicKeys = users ++ gitlab;
|
2023-05-16 15:40:49 +00:00
|
|
|
|
2023-06-17 18:37:06 +00:00
|
|
|
"gitlab/runners/runner01.age".publicKeys = users ++ gitlab_runners;
|
2023-08-09 18:56:30 +00:00
|
|
|
"gitlab/runners/runner02.age".publicKeys = users ++ gitlab_runners;
|
2023-06-17 18:37:06 +00:00
|
|
|
|
2023-05-20 20:28:15 +00:00
|
|
|
# for ldap
|
2023-11-18 03:03:35 +00:00
|
|
|
"ldap/pw.age".publicKeys = users ++ ldap ++ bitwarden;
|
2023-09-12 11:05:38 +00:00
|
|
|
# for use connectring to teh ldap
|
2023-11-06 04:16:33 +00:00
|
|
|
"ldap/details.age".publicKeys = users ++ ldap ++ discord ++ bitwarden;
|
2023-05-20 20:28:15 +00:00
|
|
|
|
2023-06-23 22:52:31 +00:00
|
|
|
# everyone has access to this
|
|
|
|
"backup/restic.age".publicKeys = users ++ systems;
|
|
|
|
"backup/restic_pw.age".publicKeys = users ++ restic;
|
|
|
|
|
2023-08-27 21:31:08 +00:00
|
|
|
# discord bot and discord
|
|
|
|
"discord/ldap.age".publicKeys = users ++ ldap ++ discord;
|
2023-08-28 17:01:34 +00:00
|
|
|
"discord/token.age".publicKeys = users ++ discord;
|
2023-09-12 11:05:38 +00:00
|
|
|
|
|
|
|
# email stuff
|
|
|
|
"email/details.age".publicKeys = users ++ ldap ++ discord;
|
2023-10-22 13:27:42 +00:00
|
|
|
|
|
|
|
# nextcloud
|
|
|
|
"nextcloud/pw.age".publicKeys = users ++ nextcloud;
|
2023-10-27 01:25:21 +00:00
|
|
|
|
|
|
|
# handles pulling in data from teh wolves api
|
|
|
|
"wolves/details.age".publicKeys = users ++ ldap ++ discord;
|
2023-11-06 04:16:33 +00:00
|
|
|
|
|
|
|
# for bitwarden connector
|
2023-11-18 03:03:35 +00:00
|
|
|
"bitwarden/id.age".publicKeys = users ++ bitwarden;
|
|
|
|
"bitwarden/secret.age".publicKeys = users ++ bitwarden;
|
2023-11-07 13:38:59 +00:00
|
|
|
"bitwarden/details.age".publicKeys = users ++ bitwarden;
|
2023-09-17 19:51:08 +00:00
|
|
|
}
|