Skynet/nixos
6
1
Fork 0
Code Issues 43 Pull requests 1 Projects Releases Packages Wiki Activity Actions

feat: updated whats fed into different modules

Browse source
This commit is contained in:
silver 2023-09-12 12:05:38 +01:00
parent 462164a82f
commit 563d13e115
5 changed files with 29 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
applications/ldap/backend.nix
View file

@ -47,8 +47,9 @@
#backups = [ "/etc/silver_ul_ical/database.db" ]; #backups = [ "/etc/silver_ul_ical/database.db" ];
age.secrets.ldap_self_service.file = ../../secrets/ldap/self_service.age; age.secrets.ldap_details.file = ../../secrets/ldap/details.age;
age.secrets.ldap_discord.file = ../../secrets/discord/ldap.age; age.secrets.ldap_discord.file = ../../secrets/discord/ldap.age;
age.secrets.ldap_mail.file = ../../secrets/email/details.age;
skynet_acme.domains = [ skynet_acme.domains = [
"${cfg.domain.sub}.${cfg.domain.base}.${cfg.domain.tld}" "${cfg.domain.sub}.${cfg.domain.base}.${cfg.domain.tld}"
@ -76,13 +77,9 @@
# contains teh password in env form # contains teh password in env form
env = { env = {
ldap = config.age.secrets.ldap_self_service.path; ldap = config.age.secrets.ldap_details.path;
discord = config.age.secrets.ldap_discord.path; discord = config.age.secrets.ldap_discord.path;
}; mail = config.age.secrets.ldap_mail.path;
ldap = {
host = "ldaps://account.skynet.ie";
admin = "uid=ldap_api,ou=users,dc=skynet,dc=ie";
}; };
users = { users = {

20
secrets/email/details.age Normal file
View file

@ -0,0 +1,20 @@
age-encryption.org/v1
-> ssh-ed25519 V1pwNA j8XFmU0Z3BjgqNCkfkGFxSt1gAxxVr9iFGHXt/1iCk4
g7iomVI50B+gDqUv5lmUufqGEUpcSqq9R1MiJsuhMMI
-> ssh-ed25519 rIwlvw SYh2UV1EZynbMviPYw2kxw80zJuSggxbFlAQjH+UBgE
RWUQGKaeVaVSZ6hD4kUFL7YnSOvxyOXM1Ox3fKRcJ+c
-> ssh-ed25519 q8eJgg uxyqTwxrafvZQ/HfUQ2Edmlr+8ogl2/3AuSQrhXrdSc
vtvcIrznaBxURp04vFnbK9Ub60DqOKExOjMQO7sQJfc
-> ssh-ed25519 IzAMqA 9B3XvLvFKHumwsfxIsNLBPWS3bnpmvwJJjsx+bZ3wEc
uIf1IEAh2Antx1hlllo5+VmGHqln1AEwe94ZIukSDGU
-> ssh-ed25519 uZzB3g IAL5COq6aK1S1Gc7iY8llTguXLeYHw1b527Qw5XvGV8
lGdO2P4y9KEvo0D+JIeA8bvDrDpJo1BV8llAlVCkYR4
-> ssh-ed25519 Hb0ipQ 35nXPma9JeM8TCGJcNbYJxm9bIyoxVp3D6KLoJf4N3A
JfSNyOQ+76z6/0sYh2zgbYzhIeCeKU5Q+k0bFKHgo1o
-> ssh-ed25519 IzAMqA huVJf1RnhlZmG2+zgw1kcBDlQyj6AK3iuPe4+63dhDI
4pKzMmdTY9jc1it4V5T1QbIS46SE0ByJBIts9qBBwVQ
-> K~i#8-grease Cj3&8-; "
nr1dXH1Vn8mUXtGI
--- +23A15ysmDeSoUnTeKVIYouSDRjAp9uUbHPPVLM3U/8
¿ú—CàÕ<04>¦Ã4HÁúy{Cä$7,¶Ñ¤åÅb3c@<40>P ld0üúMIÒÜ„¢‚Ȉ͙`é'ÃL<C383>æó'4§_$¢ï,ÈQ¿x
oG¨¨¿2>ÿd<C3BF>ÞÆ[”ƒ3,ø Ûp}$âm—‡îÉ ¸ñ²Î8†3xí'H~»€JO¡Ñ0ä\FT\

BIN
secrets/ldap/details.age Normal file
View file

Binary file not shown.

BIN
secrets/ldap/self_service.age
View file

Binary file not shown.

6
secrets/secrets.nix
View file

@ -113,7 +113,8 @@ in
# for ldap # for ldap
"ldap/pw.age".publicKeys = users ++ ldap; "ldap/pw.age".publicKeys = users ++ ldap;
"ldap/self_service.age".publicKeys = users ++ ldap; # for use connectring to teh ldap
"ldap/details.age".publicKeys = users ++ ldap ++ discord;
# everyone has access to this # everyone has access to this
"backup/restic.age".publicKeys = users ++ systems; "backup/restic.age".publicKeys = users ++ systems;
@ -122,4 +123,7 @@ in
# discord bot and discord # discord bot and discord
"discord/ldap.age".publicKeys = users ++ ldap ++ discord; "discord/ldap.age".publicKeys = users ++ ldap ++ discord;
"discord/token.age".publicKeys = users ++ discord; "discord/token.age".publicKeys = users ++ discord;
# email stuff
"email/details.age".publicKeys = users ++ ldap ++ discord;
} }