170 lines
5.2 KiB
Nix
170 lines
5.2 KiB
Nix
let
|
|
admin = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK6DjXTAxesXpQ65l659iAjzEb6VpRaWKSg4AXxifPw9 Skynet Admin";
|
|
silver_laptop = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFQWfVKls31yK1aZeAu5mCE+xycI9Kt3Xoj+gfvEonDg silver@helios";
|
|
silver_laptop_2 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOmm4CCnpT+tF7vecSrku0+7aDA1z3pQ+PDqZvoCynCR silver@aether";
|
|
silver_desktop = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN34yTh0nk7HAz8id5Z/wiIX3H7ptleDyXy5bfbemico Desktop";
|
|
thenobrainer = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKjaKI97NY7bki07kxAvo95196NXCaMvI1Dx7dMW05Q1 thenobrainer";
|
|
eliza = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIJaVEGPDxG/0gbYJovPB+tiODgBDUABlgc1OokmF3WA eliza-skynet";
|
|
esy = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINS2UR/o+nK8lNHHTj5I84ZAAp6P+ZhXqhedMfx0KHE4 <Skynet>";
|
|
|
|
users = [
|
|
admin
|
|
silver_laptop
|
|
silver_laptop_2
|
|
silver_desktop
|
|
thenobrainer
|
|
eliza
|
|
esy
|
|
];
|
|
|
|
agentjones = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDHOxA3uYcqS5gTrG1hS8XXwehzQYAI2I4iULtU8cXft root@agentjones";
|
|
vendetta = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFvcxiSYE38V1IopHj7Z7ZWP1IqnskYCdhj8yCQohVUM root@vendetta";
|
|
vigil = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICDsz1bjNAThqwF48dKIJGOECsCKHTj/Gn5Gh9XyzoSO root@vigil";
|
|
galatea = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII3Mke5YtaMkLvXJxJ3y7YAIEBesoJk3qJyJsnoLUWgW root@galatea";
|
|
optimus = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIqYbbWy3WWtxvD96Hx+RfTx7fJPPirIEa5bOvUILi9r root@optimus";
|
|
glados = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ6go7ScvOga9vYqC5HglPfh2Nu8wQTpEKpvIZuMAZom root@glados";
|
|
wheatly = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEehcrWqZbTr4+do1ONE9Il/SayP0xXMvhozm845tonN root@wheatly";
|
|
kitt = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPble6JA2O/Wwv0Fztl/kiV0qj+QMjS+jTTj1Sz8k9xK root@kitt";
|
|
gir = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINL2qk/e0QBqpTQ2xDjF7Cv4c92jJ53jW2fuu88hAF/u root@gir";
|
|
neuromancer = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEFAs6lBJSUBRhtZO3zGKhEIlWvqnHFGAQuQ//9FdAn6 root@neuromancer";
|
|
skynet = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAIFPXJswth8H1k8+zrg8vCnPkfG1hIIa3wR9DBmjpB5 root@skynet";
|
|
earth = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMpvgQcvK7iAm0QrIp5qSvUJzDhOrSBN9MJn9JUSI31I root@earth";
|
|
cadie = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIACcwg27wzzFVvzuTytcnzRmCfGkhULwlHJA/3BeVtgf root@cadie";
|
|
marvin = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIAme2vuVpGYX4La/JtXm3zunsWNDP+SlGmBk/pWmYkH root@marvin";
|
|
calculon = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGsmeBfh4Jw2GOL7Iyswzn4TVNzalDbxDgh7WuQotFxR root@calculon";
|
|
ariia = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA4kV6W1/tP/nf2ZWNhRoV1mK04R4pS+c5vdsA1n5gpN root@ariia";
|
|
|
|
systems = [
|
|
agentjones
|
|
vendetta
|
|
vigil
|
|
galatea
|
|
optimus
|
|
glados
|
|
wheatly
|
|
kitt
|
|
gir
|
|
neuromancer
|
|
skynet
|
|
earth
|
|
cadie
|
|
marvin
|
|
calculon
|
|
ariia
|
|
];
|
|
|
|
dns = [
|
|
vendetta
|
|
vigil
|
|
];
|
|
|
|
email = [
|
|
gir
|
|
];
|
|
|
|
ldap =
|
|
[
|
|
kitt
|
|
]
|
|
++ gitlab
|
|
++ email;
|
|
|
|
gitlab = [
|
|
glados
|
|
];
|
|
|
|
gitlab_runners = [
|
|
wheatly
|
|
];
|
|
|
|
grafana = [
|
|
ariia
|
|
];
|
|
|
|
# these need dns stuff
|
|
webservers =
|
|
[
|
|
# ULFM
|
|
galatea
|
|
# Games
|
|
optimus
|
|
# skynet is a webserver for users
|
|
skynet
|
|
# our offical server
|
|
earth
|
|
|
|
# nix
|
|
|
|
calculon
|
|
]
|
|
# ldap servers are web facing
|
|
++ ldap
|
|
++ gitlab
|
|
++ nextcloud;
|
|
|
|
restic = [
|
|
neuromancer
|
|
];
|
|
|
|
discord = [
|
|
kitt
|
|
];
|
|
|
|
nextcloud = [
|
|
cadie
|
|
];
|
|
|
|
bitwarden = [
|
|
kitt
|
|
];
|
|
in {
|
|
# nix run github:ryantm/agenix -- -e secret1.age
|
|
|
|
"dns_certs.secret.age".publicKeys = users ++ systems;
|
|
"dns_dnskeys.conf.age".publicKeys = users ++ dns;
|
|
|
|
"stream_ulfm.age".publicKeys = users ++ [galatea];
|
|
|
|
"gitlab/pw.age".publicKeys = users ++ gitlab;
|
|
"gitlab/db_pw.age".publicKeys = users ++ gitlab;
|
|
"gitlab/secrets_db.age".publicKeys = users ++ gitlab;
|
|
"gitlab/secrets_secret.age".publicKeys = users ++ gitlab;
|
|
"gitlab/secrets_otp.age".publicKeys = users ++ gitlab;
|
|
"gitlab/secrets_jws.age".publicKeys = users ++ gitlab;
|
|
"gitlab/ldap_pw.age".publicKeys = users ++ gitlab;
|
|
|
|
"gitlab/runners/runner01.age".publicKeys = users ++ gitlab_runners;
|
|
"gitlab/runners/runner02.age".publicKeys = users ++ gitlab_runners;
|
|
|
|
"forgejo/runners/token.age".publicKeys = users ++ gitlab_runners;
|
|
"forgejo/runners/ssh.age".publicKeys = users ++ gitlab_runners;
|
|
|
|
# for ldap
|
|
"ldap/pw.age".publicKeys = users ++ ldap ++ bitwarden;
|
|
# for use connectring to teh ldap
|
|
"ldap/details.age".publicKeys = users ++ ldap ++ discord ++ bitwarden;
|
|
|
|
# everyone has access to this
|
|
"backup/restic.age".publicKeys = users ++ systems;
|
|
"backup/restic_pw.age".publicKeys = users ++ restic;
|
|
|
|
# discord bot and discord
|
|
"discord/token.age".publicKeys = users ++ discord;
|
|
|
|
# email stuff
|
|
"email/details.age".publicKeys = users ++ ldap ++ discord;
|
|
|
|
# nextcloud
|
|
"nextcloud/pw.age".publicKeys = users ++ nextcloud;
|
|
|
|
# handles pulling in data from teh wolves api
|
|
"wolves/details.age".publicKeys = users ++ ldap ++ discord;
|
|
|
|
# for bitwarden connector
|
|
"bitwarden/id.age".publicKeys = users ++ bitwarden;
|
|
"bitwarden/secret.age".publicKeys = users ++ bitwarden;
|
|
"bitwarden/details.age".publicKeys = users ++ bitwarden;
|
|
|
|
# grafana
|
|
"grafana/pw.age".publicKeys = users ++ grafana;
|
|
}
|