marc/samfelag
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
ae58914cc24da8a5906bf484da579b69c69c2eb9
samfelag/secrets/secrets.nix
marc 5cce9461c1 Added Thingvellir
2024-02-11 22:06:54 +01:00

29 lines
1.0 KiB
Nix
Raw Blame History

let
id-reykjavik = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFwwpKfxNmUyBoPZqz1jYc6arCdHPvJrEsBN49m/P3By";
id-hvannadal = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICy1ocZywBvFHpIj+FvaC7QspRWuLXjy6fwakq9t+0Ev";
id-thingvellir = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEIvWEwYayFK8iRb4g2+cnQXlqiMBu3aWxTahXkaCNG7";
# --- Host lists ---
# Since we want to be able to manage/edit all secrets from reykjavik, we create helper lists that
# always contain reykjavik
reykjavik = [id-reykjavik];
thingvellir = [id-reykjavik id-thingvellir];
samfelag-hosts = [
id-reykjavik
id-hvannadal
id-thingvellir
];
in
{
# -- Consul -------------------------------
"consul.d/gossip.json.age".publicKeys = samfelag-hosts;
"consul.d/consul-agent-ca.pem.age".publicKeys = samfelag-hosts;
# Agent tokens
"consul.d/agent-token-reykjavik.json.age".publicKeys = reykjavik;
"consul.d/agent-token-thingvellir.json.age".publicKeys = thingvellir;
# -- Nomad -------------------------------
"nomad.d/consul-token.json.age".publicKeys = samfelag-hosts;
}
Reference in New Issue View Git Blame Copy Permalink