51 lines
1.3 KiB
Nix
51 lines
1.3 KiB
Nix
{ lib, config, ... }:
|
|
{
|
|
age.secrets =
|
|
lib.listToAttrs (
|
|
map
|
|
(secret: {
|
|
name = secret;
|
|
value = {
|
|
file = ../../secrets/${secret}.age;
|
|
};
|
|
})
|
|
[
|
|
"gotosocial"
|
|
"immich"
|
|
"readeck"
|
|
"storage-box-credentials"
|
|
"vaultwarden"
|
|
"donetick"
|
|
"dnote"
|
|
"octodns"
|
|
"mealie"
|
|
"mosquitto/homie"
|
|
"mosquitto/telegraf"
|
|
"mosquitto/openhab"
|
|
"mosquitto/shelly"
|
|
"mosquitto/mokkimaatti"
|
|
"gitlab-runner/default"
|
|
"gitlab-runner/docker"
|
|
"hetzner"
|
|
]
|
|
)
|
|
// {
|
|
smtp-password = {
|
|
file = ../../secrets/smtp-password.age;
|
|
owner =
|
|
if (config.services.grafana.enable) then
|
|
config.systemd.services.grafana.serviceConfig.User
|
|
else
|
|
"root";
|
|
};
|
|
hastebin-tokens = {
|
|
file = ../../secrets/hastebin-tokens.age;
|
|
owner = if (config.services.hastebin.enable) then config.users.users.hastebin.name else "root";
|
|
};
|
|
hledger-basic-auth = {
|
|
file = ../../secrets/hledger-basic-auth.age;
|
|
owner = if (config.services.hledger-web.enable) then "nginx" else "root";
|
|
};
|
|
};
|
|
}
|