Merge branch '#35_add_nextcloud' into 'main'

Add nextcloud

Closes #38 and #46

See merge request compsoc1/skynet/nixos!24
This commit is contained in:
silver 2023-10-25 18:53:32 +00:00
commit 633f5b4525
25 changed files with 259 additions and 67 deletions

View file

@ -12,3 +12,4 @@ SKYNET00010,wheatly,193.1.99.78,wheatly,"","","",Gitlab Runner
SKYNET00011,earth,193.1.99.79,earth,80/443,"",i23-06-19_525,Offical website host
SKYNET00012,skynet,193.1.96.165,skynet,22 80/443,"",i23-06-30_024,Skynet server. (DMZ)
SKYNET00013,neuromancer,193.1.99.80,neuromancer,"","","",Local Backup Server
SKYNET00014,cadie,193.1.99.77,cadie,"","80/443","","Services VM, has nextcloud to start with"
1 Index Name IP_Address DNS_Name Ports_Current Ports_Requested Related_Tickets Description
12 SKYNET00011 earth 193.1.99.79 earth 80/443 i23-06-19_525 Offical website host
13 SKYNET00012 skynet 193.1.96.165 skynet 22 80/443 i23-06-30_024 Skynet server. (DMZ)
14 SKYNET00013 neuromancer 193.1.99.80 neuromancer Local Backup Server
15 SKYNET00014 cadie 193.1.99.77 cadie 80/443 Services VM, has nextcloud to start with

View file

@ -0,0 +1,97 @@
{
config,
lib,
pkgs,
...
}:
with lib; let
cfg = config.services.skynet_nextcloud;
domain = "${cfg.domain.sub}.${cfg.domain.base}.${cfg.domain.tld}";
in {
imports = [
./acme.nix
./dns.nix
./nginx.nix
];
options.services.skynet_nextcloud = {
enable = mkEnableOption "Skynet Nextcloud";
host = {
ip = mkOption {
type = types.str;
};
name = mkOption {
type = types.str;
};
};
domain = {
tld = mkOption {
type = types.str;
default = "ie";
};
base = mkOption {
type = types.str;
default = "skynet";
};
sub = mkOption {
type = types.str;
default = "nextcloud";
};
};
};
config = mkIf cfg.enable {
# shove the entire config file into secrets
age.secrets.nextcloud_admin_pass = {
file = ../secrets/nextcloud/pw.age;
owner = "nextcloud";
group = "nextcloud";
};
skynet_acme.domains = [
domain
];
skynet_dns.records = [
{
record = cfg.domain.sub;
r_type = "CNAME";
value = cfg.host.name;
}
];
# /var/lib/nextcloud/data
services.nextcloud = {
enable = true;
package = pkgs.nextcloud27;
hostName = domain;
https = true;
config = {
trustedProxies = ["193.1.99.65"];
adminpassFile = config.age.secrets.nextcloud_admin_pass.path;
};
extraApps = with config.services.nextcloud.package.packages.apps; {
inherit files_markdown files_texteditor forms groupfolders mail maps news notes onlyoffice polls;
};
extraOptions = {
mail_smtpmode = "sendmail";
mail_sendmailmode = "pipe";
};
};
services.nginx.virtualHosts.${domain} = {
forceSSL = true;
useACMEHost = "skynet";
};
};
}

View file

@ -149,6 +149,9 @@
# Main skynet sites
earth = import ./machines/earth.nix;
# Nextcloud
cadie = import ./machines/cadie.nix;
};
};
}

62
machines/cadie.nix Normal file
View file

@ -0,0 +1,62 @@
/*
Name: https://en.wikipedia.org/wiki/List_of_Google_April_Fools%27_Day_jokes#CADIE
Why: CADIE is what google could have been, but they chickened out.
Type: VM
Hardware: -
From: 2023
Role: Google but better
Notes:
*/
{
pkgs,
lib,
nodes,
...
}: let
# name of the server, sets teh hostname and record for it
name = "cadie";
ip_pub = "193.1.99.77";
hostname = "${name}.skynet.ie";
in {
imports = [
../applications/nextcloud.nix
];
deployment = {
targetHost = hostname;
targetPort = 22;
targetUser = null;
tags = ["active"];
};
skynet_dns.records = [
{
record = name;
r_type = "A";
value = ip_pub;
server = true;
}
{
record = ip_pub;
r_type = "PTR";
value = hostname;
}
];
services.skynet_backup = {
host = {
ip = ip_pub;
name = name;
};
};
services.skynet_nextcloud = {
enable = true;
host = {
ip = ip_pub;
name = name;
};
};
}

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

View file

@ -1,30 +1,32 @@
age-encryption.org/v1
-> ssh-ed25519 V1pwNA 7OinLTy3CHe0fv+wn4I4r7XTjFIgpqaF983xcKufp1Y
PNWGUW2+ydp1SJpCmZ0bYES25NyeqMd4311C+KzQY9I
-> ssh-ed25519 4PzZog S3Jdr3hKEUCGd5kVmrXPzH0noDojlOLXUQztFOVKiTQ
aHvIGFTQOos0tpXydA1cK0Tl1DsZ2W4rZwmKCiGrvVo
-> ssh-ed25519 5Nd93w kphOQeav7SsKFG2+41oUKTmcZHLz07AKAD3hqAA7MnM
wTQqiV4QCofagXA1SrhWPp0s4XW/ScnwKMacQ05fc98
-> ssh-ed25519 q8eJgg JDYDwG3w/WkkxLJ88jdPxCHepmG6OlKAmsT96usBgEA
1tYSoNO/j9OfuAM3wFajwx6OeQQJ9uNRUZ51f/QJ9dE
-> ssh-ed25519 XSrA6w Cfgv0AMGP22ZAf9bf7Kf/5nAQIPigaiGrywmSqEKRUI
gn/LU1awTpRfVDsxgK4U0dzPAcS3ki5rHZutx4R4QiY
-> ssh-ed25519 DVzSig c310oeJByvipMAsbARI/1BFbYLKnLridWioi7gPsJ2w
l8QxxrCbT9U8Tt5DqQimf9WmBGzx2BnMRHzSrEGy7bc
-> ssh-ed25519 SqDBmA zwOw8Ga5zH5Odpq0V9l52NHXz9g/WDup/PzhG1rBnls
i1GDNfHfEVEhDDUgAWLjd2Wr7Lk0bpukYg5s1qGAOgg
-> ssh-ed25519 UE6fcQ /E9VzRFwhzx2S09XzWde5xzrFJHjK55hCr5swCNgjHc
5H9AvVuQ028kimlAG9bFouiFeJtSpvWlbVOkhc5w/CA
-> ssh-ed25519 IzAMqA MEH4kzS264SuPMxEVDppGEYPEgzZyoUBvs15aCvDi2U
ATkwVOLN3MXRff1mke0RWmhbmNZpxl9jYcMN3ot7GqY
-> ssh-ed25519 uZzB3g LYsVL51QyyaZQybcKSvD64mYqojPgcFskY8wrsI7ZjU
z1Ccf37N9hqeRQHb3BPdqJ50qFjlpJ9xQ0dff/JsSJA
-> ssh-ed25519 Hb0ipQ uAyvzgGdK7GwsJlGtXxAq61OibXN8d1nU8UkRRgNhgM
cD42wDJCRQHolkGM59q2ZnyKgp24xWMezgoOzcBJlII
-> ssh-ed25519 uZzB3g 4UzVD85xPj54K3cr6MyfZlxJ9yc92ehlLa5h3Fiz8iE
4KEnQoNPuKIVscdj5JYt7s5yE1yicnIHgqeSg9+rztA
-> ,+f+-grease
7tQ+9yqsuvFB0QCo7Kc2oujvofdv7bWEoSCjlJpC47u1yaKqNGm6L8+abMzoYIo0
9oiXjW9Xzi3QrMio1SKQUylZtPV/LNxPLRA
--- XtEXdZjQZjat809zBeVIp9CrYi4LYuwbs1yclK5rg5U
€ÀÀ®å À§ôz”!|Ü—ž$ô(“ŠJ Œ£ú<xÊÅlw·\òXr&´Pn°Šiëe<C3AB>f µ¾«6ÓÛ0kj<6B>Ͳ%þû—dû7e{JÉjڥљ]GÅ[R¸÷ÛÕÒ5}Õ,䵺+bÕ¾­¡41®MSjcò´¹rÃÍeP”¶EpðºÊ×Ó¢T:É/Ñy<·ü×™}êwàu 7ÝÔ@ C.ý•Tΰ¶a(:¨Ü•Öèc”ÔPÐÚ²õømÐŒ Ý<C2A0>Nÿ\ü/(³Ï%ŽÐ·8I
-> ssh-ed25519 V1pwNA nG0AHa3H4vfygTEQoAHfY30CjOpmj1ffPOpCAJ3vmBk
Qut0rBmGYPJHaOdTWCOy5JML4NKCtlUIqTXmcXKSxZU
-> ssh-ed25519 4PzZog I5+i0lkVwbzG+sqGrCReuHzsU19tLi1SboqPPBD4HGY
HrdFS0QOc3lOVe7iYxsm7akT768+SaligBdmCNKGL5s
-> ssh-ed25519 5Nd93w 0R8EQvW2DzhhMETLXuC0I/b3QG4FdAojUhgCjl1veBw
BpPZd7qhqZK6ERYKGnu5NMf1nPZqM9uc3T6rQaCPuwU
-> ssh-ed25519 q8eJgg Fb8LVHNk+tqj6mI/TwfcgJndt7/L9CZoZTTGX4hCuXg
/BnYhtGfNVtrICX1Sfa2o7h8RDZm6fmL6dyNUIMLXEU
-> ssh-ed25519 XSrA6w LcEe4qfLXeWbPBHhYYhMuah0r11aviPO0tmaV/P/TzA
UlQ62w7iYlAkV2JDZdmBHuOFt/emPOb26l45RPSNKXg
-> ssh-ed25519 DVzSig nK/TTAP8vl4Q6ltd96AJoFV78jXKqEagNrrA/SDC6l4
1lYKWXfP+LAxPRObq1VWvZqdJZi7DijikoGzjT8JEEA
-> ssh-ed25519 SqDBmA T9qOjPSZr44EdtGjz88G+qNwIwEkgKNtJm9lfMBu5Hk
7+qN1Uf/a1Bs9o5YyO6OsaC+F+odkfFnn9MYo04QxPU
-> ssh-ed25519 UE6fcQ +VsGwaWJ0QuBfSBOO9fHpYXXVJin5c/1F+ZkGN5jC0U
cUo39xNopF6goxCoSRI3C1eg6ynSOX1HmbTqH6JCzjo
-> ssh-ed25519 IzAMqA pcJ8a1soioxd/aX9a8SCyz+4ClrtUyDkQTNxUTH75U8
iA2vSv0WroLZoRbjvwa5MxgPfFY8HTToCpLzOs1QdcQ
-> ssh-ed25519 uZzB3g srDszrjqCUdPlZR1junFInBTCcV6Pf8YZjdfI/jlymQ
ZqWkiWNCdj14yXibvJZt5kzplJYxV+FTYNSW2g/+IfM
-> ssh-ed25519 Hb0ipQ 7yV7BevtuILbQGDdzhb6xbA+1HE6gHIGBy/J5dqo2mo
vhZQ6RMeK7nmWVyrO2b5BRWA5UCLKKl/cmM8Qf4ywDo
-> ssh-ed25519 uZzB3g uZqAB7XXJORAr4SqRrtELzgsj8F5/7ZHqYjQBHtuWB0
hN/6oT92j0jn6TWGaPQ2GHNE57YaoYQrHz6XocOmSZw
-> ssh-ed25519 YFaxCg uiXU3Fi8w3hzZ4tQD0xcijmHDXK1wIFXKwCTKlZtOHo
eW+0I5AFhJ/lutzftUFNjwBXbIT026qQh1iB2MyK0bo
-> 3-;D;-grease >yx2 }|M
iHbl8gyGfyh72AKP2rKtBbtsOWD3zfJtXUvZmgtDr1hR++RRWE6hDOOKPeWrlTfc
r80zbGItMrUtbaV6BT5g9+Ji6w
--- 0GOtCNG/Yxp0gVi4t1R7nDT6ZdAvyM9XTWmsaLYwbOo
á%órÜÔ!wŠfmòmòeæ‰UñžŽ¼pœ¼NŽ1«%oj,º°0…•ü5ÇxÕÏòµÌƒv¢U_èF· '«ôNèM“>ÀËGðçD<ŠqOV G˜µÕùä,ØÔŸ³QN:)Üöß%ç¨}I/²U47wb<1E>|(Ëà Á\ån†ÎG<C38E>ÃïFŸZ†ö°¿+[ Êók”Ï”<C38F><E2809D>ÂWm;¾’øªRab`ûž q™V(…Šj#Sjö.šczØÙ¸ÂB0ÈÞ

Binary file not shown.

View file

@ -1,21 +1,23 @@
age-encryption.org/v1
-> ssh-ed25519 V1pwNA FGnpjvtMlQEUSU/Yatems68P7ggyonctkHTV0KRHyh4
HMqv4+3Gh7aQvY0t8yuQw9xIxCVjNdZKtEbkFVwrFPc
-> ssh-ed25519 4PzZog sDgXstvONElzb6QVgb1elI4zYlLmnmeGPJDIvwXKuHM
6gTcns2FdeezbUZ3eju6T54avvL/XGwQ+RgO++/NL5s
-> ssh-ed25519 5Nd93w p8xCIRNHB+dI/2g3D5yYaColw5xqwnPTXRiNeZ93lgs
lsuYyfyhG7AEVOvv8orux5MhtLAihN6obduWThN4vY8
-> ssh-ed25519 q8eJgg 9JTv63DlMKQ7oKGlYL/s6v0P3kXM0JwznNhrWjxmWGI
cC7wmksvARscQY5tRPoa5uU0Bhv1XvXHxnAmetglLyQ
-> ssh-ed25519 IzAMqA ZfxLgzUT+lR15YHEtB5wubQ6yrfo1jCfhXrcftC4zG4
4Me+kebp+tGcYEgoUpacJ7vc97Zx9HU3OyGJfEnOBiA
-> ssh-ed25519 uZzB3g 9JjpdqrrC+I0lsTJzd85S3Ty5OzLCgk73Uy4J0W8zFI
otD/Rhl/M/wzajFsa9/Ekh4hdgFj7U4rLIOnVl38ww8
-> ssh-ed25519 Hb0ipQ KIHz+NlYyJr0123zY5KzP7DKIVKMZ96pkYszfm6ZZWw
5otxnKJG/rlbkkg7Oq5gNpsCv0N4a7/keLgVQV+/HZE
-> ssh-ed25519 IzAMqA M3f4xVILPuTfWltc6MGbmNaJh3lHVrUUTJLewO6sths
VxyGTeZCIQ+YFQQDawnq5c/KZJJZ4XyBOkTe8ERAR5Q
-> QPWdC\-grease 6p}<3J[x
mI1KGauviXoXmMuh5wc7XnJWczUEMpzCSt1I8Uwo0tBP1WK8/WvD8A
--- 6qiPEiJW4DZdXJWin+F0aAIEEA/FaUDfQ7Hsuvo1QKs
ÖÈD!Õ¿9{,&ØçlkÂÓ<#<23>˾—þÙqé×áÔ‡3ö)a¥aÿò]ú ÿlÄ”$»pÃ:uûI7àëëKæ+-ÿ¨¬<•…¾Þ€ññȜdz诳ó#ú0öÀb™Ž‰{ÉbQ «éGÊr2í ö y­;5¬ÿöCœ5Ö¦Z·Ä7æ A
-> ssh-ed25519 V1pwNA P02Xzq2IYlbZMvvBUjy6eM0FN1CfSyCinTJnQrZUUlg
QU9CrDYFL0KwDiH9T0zOzydeJBm4eS+Rp4m2ozA3FA0
-> ssh-ed25519 4PzZog 0dqzbH7AY96+GFtwrkrcxYKuO/c9eBPgdxMKa1qliw0
y0Kx5IG3CCzFcXM5MuS3eLij/l7QFKaHlr3VQty+gsA
-> ssh-ed25519 5Nd93w i9j9spcBf2ww6koxQu+802p8ua70VmQTtuLNC/v8MzY
wgYQc+JdSPd2cen/mQyL4NVn9fHtRsHX0E5lDW06yMs
-> ssh-ed25519 q8eJgg L55YurMQv+czgj6uwgHS3L2vX2A5VYRcUEXsGcj0r38
vLRAuYLEljcVqVXs6k0hrVQNkRIpvvpCUeMP4jWVItQ
-> ssh-ed25519 IzAMqA Q1wP64lIZtvFPa0wAD+jQZtS7NwDr4rkthZEoVtuJjo
EnLKgtFFpzEKpLZMatZFNTt0rINciFUryYd0GMIUSp0
-> ssh-ed25519 uZzB3g EwOnsGci+aqHj7XR+sVCi2pNowFbTLtQimzFNHy7LTo
jtl2RhtNayPr44rrZ1ESgR6p1hDJg1h70flu/0rDCjg
-> ssh-ed25519 Hb0ipQ Jmcvd8zOLb7qf2ZIY1HsBrMA3wETGJFUTicBb/Gf2n4
RTiE+f1N+npbnh1M20x76MJ/uj/5SDTdWKj1uMWPThM
-> ssh-ed25519 IzAMqA cSzsukksm2E0coLmIXmd6DsEs/gHmIeGfcH/unNd1B4
6ThlGLwm5iFG/UXoNMtAup909MVxz5JTpK45HJDeYFk
-> d7'/PSOq-grease BF,
ka0OOXHqf7TrhcdP9NFMQVGlF2x+fnC5PRZba5o
--- s5GXDMgktkfdge6Ndk1J8ooCdXVsryH9XzD2+TF6wC8
`2ÕÊÇÅöå™SÇ
•cA¥¥Ž¼2˜¦ƒÊˆ<E2809D> åw L(<28>žq\Ò0ô})€D#k)¢Yí€\&¬ûºX£"į¬06|4ù)¼Þ._vD6N”Ò½üé*+RÇ)£59†š
EñÔ}£â ~g<>©C1ÁÝðƒÀ ÷´e

Binary file not shown.

View file

@ -1,17 +1,16 @@
age-encryption.org/v1
-> ssh-ed25519 V1pwNA l8bVNmtvQQYYdYbaIGbu2Zr1QIQ7foEVC+3qOjyBEBo
/+XugQWU5ZtUhYs+nUXiWszSt4f2ugyKzwx74k1L5FA
-> ssh-ed25519 4PzZog uf9XS3J+yhKCUkD4OnwiWg0wyRpN/9lSc/zhbqBNYUA
/9FoDD5reZtMOQAuvN+ex5PWlC2RySqiCzv0mNwNTQw
-> ssh-ed25519 5Nd93w VuooU1/tyko+EixV7mvIu4A2O5+83BvUloDJX2JTDQA
DhSj04ZvbHakIkadflpwKbqiIGea+eSBsEBdzPl9OLU
-> ssh-ed25519 q8eJgg bEyYdnWO1Yvlgc7a8HtkZhUgXbiIfcADqrpnVG3f1Ug
Pb26M2XCByrWwY8WxqWF64tkAxLFach/VSZ1bs9Ira4
-> ssh-ed25519 uZzB3g YlKcfsuCsq5B7tOcQtGuTBWoSWamTLCVHJ4T1d+Gcz8
2oNqUbegU6OkPpFTrTPUwIgcxPw3FiR1Y8TOoTrT7/A
-> HvX-grease 1gEJ iS*ti w!mB 'ztJjEI9
bWmaS0UnKig
--- rZTDxAK0aAgxkQM/d39FIL3FF2u9ig89jYjBmNvVFIY
o¾jïên‡¸×ŠUeÍs7¸ú`'[ß,÷}RQâiv÷"õ×<18>´Â•£7nÔEÇ»™¥Y8 b
û+<„F臤Œg'À¼À9PئëåF'“+(…<>@•3Â<33>çqŸ
¯yõÜ©ïÐõƒoYµ<>T£Æ[^L÷ü‚˜l÷èaƒ²ýî4"{kŠQ<C5A0>,f“K©>îA=º
-> ssh-ed25519 V1pwNA llgtj/hArsPrgXWLZ1PPjO7oxnsxTCDjiAk5t+AdmmY
UMqj4tptjYBlx+H63XV2MkjhtgwqfFoOcnO/df4Cczc
-> ssh-ed25519 4PzZog kFatYVb+uTFE6SQTyAAj6dKzMXayOGuNb0wJ5ROUwFE
rFdJqLGdWtA6Zlu1HZCLZEfkWnyQJZ1YZaqKhXX3o/8
-> ssh-ed25519 5Nd93w 0nz87C6yz7opimMDAaDGk/MGAxL7H/EkErURJzsewCE
PosekfdTusQBT78vwUk80ifdWnwSCL1SyljKOX6Zj8c
-> ssh-ed25519 q8eJgg aduz0eqmgJCaFIziUKytibM5B4FP0Caxz6VrXOjCmS0
mlSOKmvZe5BbMWfC5r/Px4ppONyBD2AC3B8sHquEfJ0
-> ssh-ed25519 uZzB3g nxn8Ftq9gkOFnmLLSf0+rvgd8cLM/Hp/7oPNqmhzOhU
KKH9PUun0S0+GA8Z4APqvrNHLe/kb9DNqSqOJDDKN70
-> gmR|-grease
VIRVW2ctDBkcCBfSpnE2zgJBoo3BTXxYvyYfrs2kEEUP9tbIFtaAPqPHsUlna0BD
o8MbAAgG3C94PjW/MLeurzGO81/+ZTJ/w+gnm1hqhgKn2UwkgXN/7fO3htEr
--- e4BEq7PzBBhOqfRTq9ydLwFdTUKKoRZy77yLIrxV2Eg
@¤©Ð@ò0ôž:AeGG¨?_Š}Å-åP€èø~M6¥Ó6‡<>”5‡%ûZ£/_º-Ѭ<˜Æç|È¿~‰Ue ºa?“ ïà y½¹¶<0E>©@·ˆJÅ@<40>9^yGn‰;Øį«_%ÁÑó oŠäo²BR„<ë+7‡ÉËØéîÿ²ÈÏÌ£;­Ú¦„°ÕÄ•!žôkÄ/Js

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

16
secrets/nextcloud/pw.age Normal file
View file

@ -0,0 +1,16 @@
age-encryption.org/v1
-> ssh-ed25519 V1pwNA l6kwTOi+K4xJM87fiY6U1/QMDWY/cRe1zmTjTccBC34
H3XZahYpUPHiXe5tR7kqPvHbu1SV0SN+Do5rOJpDQSA
-> ssh-ed25519 4PzZog rh4/KzXeYjbKlQ7on+cVREYcvwOSnXcFEeIXlk0lihk
hBGFOPk77prVzRJtNGho7To/V3BQT1jU5o8w2e+ZY8Q
-> ssh-ed25519 5Nd93w wWUVmanx5i/cCAL2a6MERW923Cz4t8OnzjHTk5LUowU
+z8Wbav+YRKxQim6iE/tukoj0F+9/hzhK+R+3u89wCk
-> ssh-ed25519 q8eJgg Pzxmo6b3JOk4AwzTjEOURofRsvjGVVhQ9B8BqA910k8
uZGgPtcWgKHq8snOZqPRiO6uMi9V6QzasJdJWRsO3U0
-> ssh-ed25519 YFaxCg qqIABi7lvz69HJD8raa+PsvKHUdsSgPZVngmvAJISU8
dCaLIWXsRCOqktfOSHc9jWc+OiIwfMH7SvtqgP1myeY
-> E<-grease
oF16atWxsncF3/H9K/kz73e7f1F7JtRak/DVDH52yZDzgJKXNqqB3N6PkkFATn4I
iWjxvagG8Cft80HE6xCrvjliikmLzKkPE5Aw7cn5iddQXts17NtB04f95S5Ubg
--- o5/e5NyvpgaIjUCmIuU9NH2Qc6nUloUX1zmY+6IOCh4
Ç pe7É[¬O‡§k‡:GÑÑF”úkFá´ÌÃg¦>õXÕ¨Æzë)Jr¨û‡D'ù<>ääñû/Œ‘^QæBFß3ΊªËÿKžJ<19>-

View file

@ -23,6 +23,7 @@ let
neuromancer = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID7NRDOGzSO4XVEezMS/9pI3chKbOH0fw2aikLRvea2P root@neuromancer";
skynet = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAIFPXJswth8H1k8+zrg8vCnPkfG1hIIa3wR9DBmjpB5 root@skynet";
earth = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMpvgQcvK7iAm0QrIp5qSvUJzDhOrSBN9MJn9JUSI31I root@earth";
cadie = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIACcwg27wzzFVvzuTytcnzRmCfGkhULwlHJA/3BeVtgf root@cadie";
systems = [
agentjones
@ -37,6 +38,7 @@ let
neuromancer
skynet
earth
cadie
];
dns = [
@ -77,7 +79,8 @@ let
]
# ldap servers are web facing
++ ldap
++ gitlab;
++ gitlab
++ nextcloud;
restic = [
neuromancer
@ -86,6 +89,10 @@ let
discord = [
kitt
];
nextcloud = [
cadie
];
in {
# nix run github:ryantm/agenix -- -e secret1.age
@ -120,4 +127,7 @@ in {
# email stuff
"email/details.age".publicKeys = users ++ ldap ++ discord;
# nextcloud
"nextcloud/pw.age".publicKeys = users ++ nextcloud;
}

Binary file not shown.