diff --git a/applications/ldap/backend.nix b/applications/ldap/backend.nix index b5baf68..5c89933 100644 --- a/applications/ldap/backend.nix +++ b/applications/ldap/backend.nix @@ -47,8 +47,9 @@ #backups = [ "/etc/silver_ul_ical/database.db" ]; - age.secrets.ldap_self_service.file = ../../secrets/ldap/self_service.age; + age.secrets.ldap_details.file = ../../secrets/ldap/details.age; age.secrets.ldap_discord.file = ../../secrets/discord/ldap.age; + age.secrets.ldap_mail.file = ../../secrets/email/details.age; skynet_acme.domains = [ "${cfg.domain.sub}.${cfg.domain.base}.${cfg.domain.tld}" @@ -76,13 +77,9 @@ # contains teh password in env form env = { - ldap = config.age.secrets.ldap_self_service.path; + ldap = config.age.secrets.ldap_details.path; discord = config.age.secrets.ldap_discord.path; - }; - - ldap = { - host = "ldaps://account.skynet.ie"; - admin = "uid=ldap_api,ou=users,dc=skynet,dc=ie"; + mail = config.age.secrets.ldap_mail.path; }; users = { diff --git a/secrets/email/details.age b/secrets/email/details.age new file mode 100644 index 0000000..069b549 --- /dev/null +++ b/secrets/email/details.age @@ -0,0 +1,20 @@ +age-encryption.org/v1 +-> ssh-ed25519 V1pwNA j8XFmU0Z3BjgqNCkfkGFxSt1gAxxVr9iFGHXt/1iCk4 +g7iomVI50B+gDqUv5lmUufqGEUpcSqq9R1MiJsuhMMI +-> ssh-ed25519 rIwlvw SYh2UV1EZynbMviPYw2kxw80zJuSggxbFlAQjH+UBgE +RWUQGKaeVaVSZ6hD4kUFL7YnSOvxyOXM1Ox3fKRcJ+c +-> ssh-ed25519 q8eJgg uxyqTwxrafvZQ/HfUQ2Edmlr+8ogl2/3AuSQrhXrdSc +vtvcIrznaBxURp04vFnbK9Ub60DqOKExOjMQO7sQJfc +-> ssh-ed25519 IzAMqA 9B3XvLvFKHumwsfxIsNLBPWS3bnpmvwJJjsx+bZ3wEc +uIf1IEAh2Antx1hlllo5+VmGHqln1AEwe94ZIukSDGU +-> ssh-ed25519 uZzB3g IAL5COq6aK1S1Gc7iY8llTguXLeYHw1b527Qw5XvGV8 +lGdO2P4y9KEvo0D+JIeA8bvDrDpJo1BV8llAlVCkYR4 +-> ssh-ed25519 Hb0ipQ 35nXPma9JeM8TCGJcNbYJxm9bIyoxVp3D6KLoJf4N3A +JfSNyOQ+76z6/0sYh2zgbYzhIeCeKU5Q+k0bFKHgo1o +-> ssh-ed25519 IzAMqA huVJf1RnhlZmG2+zgw1kcBDlQyj6AK3iuPe4+63dhDI +4pKzMmdTY9jc1it4V5T1QbIS46SE0ByJBIts9qBBwVQ +-> K~i#8-grease Cj3&8-; " +nr1dXH1Vn8mUXtGI +--- +23A15ysmDeSoUnTeKVIYouSDRjAp9uUbHPPVLM3U/8 +C4Hy{C$7,Ѥb3c@Pld0MI܄͙`'L'4_$,Qx +oG2>d[3, p}$m 83x'H~JO0\FT\ \ No newline at end of file diff --git a/secrets/ldap/details.age b/secrets/ldap/details.age new file mode 100644 index 0000000..51b031c Binary files /dev/null and b/secrets/ldap/details.age differ diff --git a/secrets/ldap/self_service.age b/secrets/ldap/self_service.age deleted file mode 100644 index 20bf9a6..0000000 Binary files a/secrets/ldap/self_service.age and /dev/null differ diff --git a/secrets/secrets.nix b/secrets/secrets.nix index 1d84f6d..4639eb7 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -113,7 +113,8 @@ in # for ldap "ldap/pw.age".publicKeys = users ++ ldap; - "ldap/self_service.age".publicKeys = users ++ ldap; + # for use connectring to teh ldap + "ldap/details.age".publicKeys = users ++ ldap ++ discord; # everyone has access to this "backup/restic.age".publicKeys = users ++ systems; @@ -122,4 +123,7 @@ in # discord bot and discord "discord/ldap.age".publicKeys = users ++ ldap ++ discord; "discord/token.age".publicKeys = users ++ discord; + + # email stuff + "email/details.age".publicKeys = users ++ ldap ++ discord; } \ No newline at end of file