feat: updated whats fed into different modules

2023-09-12 12:05:38 +01:00 · 2023-09-12 12:05:38 +01:00 · 563d13e115
commit 563d13e115
parent 462164a82f
5 changed files with 29 additions and 8 deletions
--- a/applications/ldap/backend.nix
+++ b/applications/ldap/backend.nix
@ -47,8 +47,9 @@

    #backups = [ "/etc/silver_ul_ical/database.db" ];

-    age.secrets.ldap_self_service.file = ../../secrets/ldap/self_service.age;
+    age.secrets.ldap_details.file = ../../secrets/ldap/details.age;
    age.secrets.ldap_discord.file = ../../secrets/discord/ldap.age;
+    age.secrets.ldap_mail.file = ../../secrets/email/details.age;

    skynet_acme.domains = [
      "${cfg.domain.sub}.${cfg.domain.base}.${cfg.domain.tld}"
@ -76,13 +77,9 @@

      # contains teh password in env form
      env = {
-        ldap = config.age.secrets.ldap_self_service.path;
+        ldap = config.age.secrets.ldap_details.path;
        discord = config.age.secrets.ldap_discord.path;
-      };
-
-      ldap  = {
-        host = "ldaps://account.skynet.ie";
-        admin = "uid=ldap_api,ou=users,dc=skynet,dc=ie";
+        mail = config.age.secrets.ldap_mail.path;
      };

      users = {
--- a/secrets/email/details.age
+++ b/secrets/email/details.age
@ -0,0 +1,20 @@
+age-encryption.org/v1
+-> ssh-ed25519 V1pwNA j8XFmU0Z3BjgqNCkfkGFxSt1gAxxVr9iFGHXt/1iCk4
+g7iomVI50B+gDqUv5lmUufqGEUpcSqq9R1MiJsuhMMI
+-> ssh-ed25519 rIwlvw SYh2UV1EZynbMviPYw2kxw80zJuSggxbFlAQjH+UBgE
+RWUQGKaeVaVSZ6hD4kUFL7YnSOvxyOXM1Ox3fKRcJ+c
+-> ssh-ed25519 q8eJgg uxyqTwxrafvZQ/HfUQ2Edmlr+8ogl2/3AuSQrhXrdSc
+vtvcIrznaBxURp04vFnbK9Ub60DqOKExOjMQO7sQJfc
+-> ssh-ed25519 IzAMqA 9B3XvLvFKHumwsfxIsNLBPWS3bnpmvwJJjsx+bZ3wEc
+uIf1IEAh2Antx1hlllo5+VmGHqln1AEwe94ZIukSDGU
+-> ssh-ed25519 uZzB3g IAL5COq6aK1S1Gc7iY8llTguXLeYHw1b527Qw5XvGV8
+lGdO2P4y9KEvo0D+JIeA8bvDrDpJo1BV8llAlVCkYR4
+-> ssh-ed25519 Hb0ipQ 35nXPma9JeM8TCGJcNbYJxm9bIyoxVp3D6KLoJf4N3A
+JfSNyOQ+76z6/0sYh2zgbYzhIeCeKU5Q+k0bFKHgo1o
+-> ssh-ed25519 IzAMqA huVJf1RnhlZmG2+zgw1kcBDlQyj6AK3iuPe4+63dhDI
+4pKzMmdTY9jc1it4V5T1QbIS46SE0ByJBIts9qBBwVQ
+-> K~i#8-grease Cj3&8-; "
+nr1dXH1Vn8mUXtGI
+--- +23A15ysmDeSoUnTeKVIYouSDRjAp9uUbHPPVLM3U/8
+¿ú—CàÕ<04>¦Ã4HÁúy{Cä$7,¶Ñ¤åÅb3c@<40>P ld0üúMIÒÜ„¢‚ÈˆÍ™`é'ÃL<C383>æ’ó'4§_$¢ï,›ÈQ¿x
+oG¨¨¿2>ÿd<C3BF>ÞÆ[‹”ƒ3,øÛp}$âm—‡îÉ¸ñ²Î8†3xí'H~»€JO¡Ñ0ä\FT\“
--- a/secrets/ldap/details.age
+++ b/secrets/ldap/details.age
--- a/secrets/ldap/self_service.age
+++ b/secrets/ldap/self_service.age
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@ -113,7 +113,8 @@ in

  # for ldap
  "ldap/pw.age".publicKeys = users ++ ldap;
-  "ldap/self_service.age".publicKeys = users ++ ldap;
+  # for use connectring to teh ldap
+  "ldap/details.age".publicKeys = users ++ ldap ++ discord;

  # everyone has access to this
  "backup/restic.age".publicKeys = users ++ systems;
@ -122,4 +123,7 @@ in
  # discord bot and discord
  "discord/ldap.age".publicKeys = users ++ ldap ++ discord;
  "discord/token.age".publicKeys = users ++ discord;
+
+  # email stuff
+  "email/details.age".publicKeys = users ++ ldap ++ discord;
 }