2023-01-25 11:48:44 +00:00
|
|
|
let
|
|
|
|
|
admin = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK6DjXTAxesXpQ65l659iAjzEb6VpRaWKSg4AXxifPw9 Skynet Admin";
|
|
|
|
|
silver_laptop_wsl = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEHNLroAjCVR9Tx382cqdxPZ5KY32r/yoQH1mgsYNqpm Silver_Laptop_WSL_Deb";
|
2023-04-23 15:43:52 +00:00
|
|
|
thenobrainer ="ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKjaKI97NY7bki07kxAvo95196NXCaMvI1Dx7dMW05Q1 thenobrainer";
|
2023-01-25 11:48:44 +00:00
|
|
|
|
|
|
|
|
users = [
|
|
|
|
|
admin
|
|
|
|
|
silver_laptop_wsl
|
2023-04-23 15:43:52 +00:00
|
|
|
thenobrainer
|
2023-01-25 11:48:44 +00:00
|
|
|
];
|
|
|
|
|
|
|
|
|
|
# change this when its properly set up
|
|
|
|
|
agentjones = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAbqYQrdVHmGgXZJoMWWRDGVEIj775Zrf4PxB5hoth+k root@agentjones";
|
|
|
|
|
ash = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGJDVQGjIwMQmkElGshgKDAlChM2xdNN6iI5Ap2IbAs5";
|
2023-04-20 17:12:47 +00:00
|
|
|
# dns servers
|
|
|
|
|
vendetta = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINxTrUPZPqttuxfmmP8BTACTAkv1yY1nfzEd64hN4LT+ root@vendetta";
|
|
|
|
|
vigil = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICDsz1bjNAThqwF48dKIJGOECsCKHTj/Gn5Gh9XyzoSO root@vigil";
|
|
|
|
|
|
2023-04-20 18:21:28 +00:00
|
|
|
galatea = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII3Mke5YtaMkLvXJxJ3y7YAIEBesoJk3qJyJsnoLUWgW root@galatea";
|
|
|
|
|
|
2023-04-23 03:22:01 +00:00
|
|
|
# for testing configs at home
|
|
|
|
|
silver_homelab = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCG1JzosOwS7oKjgm0+FlqMKrUbu+M5403un+VA7LwiGRQnneawuq6aqQsIoDqAlb9AzUdLTeBQb+rBf94kx7yVGdEIz1i34WdMK3kgl176jnDIR4TWeNKdj8Q6+4d7tn5mZrqmpXZ/+1KSauV9JHxytR+7A4NVexkhGX1Mq3efGBYsCKzUQh83lHs2baWUYuxaPCCR6vy6uklzQRQfg+NsxCCUKkbgJwv1ar5U1ccr4N89EWiR2Yu4XsPzXr0JJUQcUy587l+G7QYVoCwVgUKHevCRqtRlmnI6JrzWctQJPpAmWF4EF66QnWccdXUS+aVc0IKP0ORqmz8Nps4NWWVPjRRxeshl2XfFawWxGlgT4WJ0+qv/EDVPZQvNBrjFvY5QBAaU08Nnkg6QzehlwD4/zQQMFiDjMb7sUuhXdq0vOK235QMhS4jtX7Sm2ki6mJdXrlErq9dIaqcoYuw9EtfajaM/NnGYIy97JUOrfztQTAwiuPgrc4DijpdR0QtvYK7NvefiJYcW+osmcv+FYM03kMXK9uGtM6KI44i27ZdsUFWTIHeiR1yBGUfP1ObFLLaNx5E42jSA77RLF8BSUaPbGgRv3OciACNftIKhAJrV4AZGvBbaUvAlzC8CryFAcRDgQwIVlXBJzChc7Rh9/V8I5342Tq7xMmzBQ2WcQdqZ9Q== root@galatea";
|
|
|
|
|
|
2023-04-27 00:46:51 +00:00
|
|
|
optimus = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIqYbbWy3WWtxvD96Hx+RfTx7fJPPirIEa5bOvUILi9r root@optimus";
|
2023-04-20 18:21:28 +00:00
|
|
|
|
2023-06-15 01:47:56 +00:00
|
|
|
glados = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ6go7ScvOga9vYqC5HglPfh2Nu8wQTpEKpvIZuMAZom root@glados";
|
2023-05-16 15:40:49 +00:00
|
|
|
|
2023-06-17 18:37:06 +00:00
|
|
|
wheatly = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEehcrWqZbTr4+do1ONE9Il/SayP0xXMvhozm845tonN root@wheatly";
|
|
|
|
|
|
2023-05-16 22:18:40 +00:00
|
|
|
kitt = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPble6JA2O/Wwv0Fztl/kiV0qj+QMjS+jTTj1Sz8k9xK root@kitt";
|
|
|
|
|
|
2023-06-16 22:18:53 +00:00
|
|
|
gir = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINL2qk/e0QBqpTQ2xDjF7Cv4c92jJ53jW2fuu88hAF/u root@gir";
|
|
|
|
|
|
2023-01-25 11:48:44 +00:00
|
|
|
systems = [
|
|
|
|
|
agentjones
|
|
|
|
|
ash
|
2023-04-27 00:46:51 +00:00
|
|
|
|
|
|
|
|
silver_homelab
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
dns = [
|
2023-04-20 17:12:47 +00:00
|
|
|
vendetta
|
|
|
|
|
vigil
|
2023-04-27 00:46:51 +00:00
|
|
|
];
|
2023-04-23 03:22:01 +00:00
|
|
|
|
2023-06-16 22:18:53 +00:00
|
|
|
email = [
|
|
|
|
|
gir
|
|
|
|
|
];
|
|
|
|
|
|
2023-05-20 20:28:15 +00:00
|
|
|
ldap = [
|
|
|
|
|
kitt
|
2023-06-16 22:18:53 +00:00
|
|
|
]
|
|
|
|
|
++ gitlab
|
|
|
|
|
++ email;
|
2023-05-20 20:28:15 +00:00
|
|
|
|
2023-06-15 01:47:56 +00:00
|
|
|
gitlab = [
|
|
|
|
|
glados
|
|
|
|
|
];
|
|
|
|
|
|
2023-06-17 18:37:06 +00:00
|
|
|
gitlab_runners = [
|
|
|
|
|
wheatly
|
|
|
|
|
];
|
|
|
|
|
|
2023-04-27 00:46:51 +00:00
|
|
|
# these need dns stuff
|
|
|
|
|
webservers = [
|
2023-05-20 20:28:15 +00:00
|
|
|
# ULFM
|
2023-04-27 00:46:51 +00:00
|
|
|
galatea
|
2023-05-20 20:28:15 +00:00
|
|
|
# Games
|
2023-04-27 00:46:51 +00:00
|
|
|
optimus
|
2023-05-20 20:28:15 +00:00
|
|
|
]
|
|
|
|
|
# ldap servers are web facing
|
2023-06-15 01:47:56 +00:00
|
|
|
++ ldap
|
|
|
|
|
++ gitlab;
|
2023-05-24 19:57:49 +00:00
|
|
|
|
2023-01-25 11:48:44 +00:00
|
|
|
in
|
|
|
|
|
{
|
|
|
|
|
# nix run github:ryantm/agenix -- -e secret1.age
|
|
|
|
|
|
2023-04-27 00:46:51 +00:00
|
|
|
"dns_certs.secret.age".publicKeys = users ++ webservers;
|
|
|
|
|
"dns_dnskeys.conf.age".publicKeys = users ++ dns;
|
2023-04-21 00:44:11 +00:00
|
|
|
|
2023-04-27 00:46:51 +00:00
|
|
|
"stream_ulfm.age".publicKeys = users ++ [galatea];
|
2023-04-21 00:44:11 +00:00
|
|
|
|
2023-05-16 15:40:49 +00:00
|
|
|
|
2023-06-15 01:47:56 +00:00
|
|
|
"gitlab/pw.age".publicKeys = users ++ gitlab;
|
|
|
|
|
"gitlab/db_pw.age".publicKeys = users ++ gitlab;
|
|
|
|
|
"gitlab/secrets_db.age".publicKeys = users ++ gitlab;
|
|
|
|
|
"gitlab/secrets_secret.age".publicKeys = users ++ gitlab;
|
|
|
|
|
"gitlab/secrets_otp.age".publicKeys = users ++ gitlab;
|
|
|
|
|
"gitlab/secrets_jws.age".publicKeys = users ++ gitlab;
|
|
|
|
|
"gitlab/ldap_pw.age".publicKeys = users ++ gitlab;
|
2023-05-16 15:40:49 +00:00
|
|
|
|
2023-06-17 18:37:06 +00:00
|
|
|
"gitlab/runners/runner01.age".publicKeys = users ++ gitlab_runners;
|
|
|
|
|
|
2023-05-20 20:28:15 +00:00
|
|
|
# for ldap
|
|
|
|
|
"ldap/pw.age".publicKeys = users ++ ldap;
|
|
|
|
|
"ldap/self_service.age".publicKeys = users ++ ldap;
|
|
|
|
|
|
2023-01-15 22:20:55 +00:00
|
|
|
}
|
