kfm/niveum
1
0
Fork 0
mirror of https://github.com/kmein/niveum synced 2026-03-16 10:11:08 +01:00
Code Releases Activity

fix(retiolum): secret permissions

Browse Source
This commit is contained in:
Kierán Meinhardt
2023-02-28 16:45:20 +01:00
parent 9d096ab4c4
commit e55a99f53d
7 changed files with 84 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
systems/ful/configuration.nix
View File

@@ -18,8 +18,18 @@ in {
];
age.secrets = {
retiolum-rsa.file = ../../secrets/ful-retiolum-privateKey-rsa.age;
retiolum-ed25519.file = ../../secrets/ful-retiolum-privateKey-rsa.age;
retiolum-rsa = {
file = ../../secrets/ful-retiolum-privateKey-rsa.age;
mode = "400";
owner = "tinc.retiolum";
group = "tinc.retiolum";
};
retiolum-ed25519 = {
file = ../../secrets/ful-retiolum-privateKey-ed25519.age;
mode = "400";
owner = "tinc.retiolum";
group = "tinc.retiolum";
};
root.file = ../../secrets/ful-root.age;
restic.file = ../../secrets/restic.age;
};

14
systems/kabsa/configuration.nix
View File

@@ -25,8 +25,18 @@ in {
};
age.secrets = {
retiolum-rsa.file = ../../secrets/kabsa-retiolum-privateKey-rsa.age;
retiolum-ed25519.file = ../../secrets/kabsa-retiolum-privateKey-ed25519.age;
retiolum-rsa = {
file = ../../secrets/kabsa-retiolum-privateKey-rsa.age;
mode = "400";
owner = "tinc.retiolum";
group = "tinc.retiolum";
};
retiolum-ed25519 = {
file = ../../secrets/kabsa-retiolum-privateKey-ed25519.age;
mode = "400";
owner = "tinc.retiolum";
group = "tinc.retiolum";
};
restic.file = ../../secrets/restic.age;
syncthing-cert.file = ../../secrets/kabsa-syncthing-cert.age;
syncthing-key.file = ../../secrets/kabsa-syncthing-key.age;

14
systems/makanek/configuration.nix
View File

@@ -83,8 +83,18 @@ in {
};
age.secrets = {
retiolum-rsa.file = ../../secrets/makanek-retiolum-privateKey-rsa.age;
retiolum-ed25519.file = ../../secrets/makanek-retiolum-privateKey-ed25519.age;
retiolum-rsa = {
file = ../../secrets/makanek-retiolum-privateKey-rsa.age;
mode = "400";
owner = "tinc.retiolum";
group = "tinc.retiolum";
};
retiolum-ed25519 = {
file = ../../secrets/makanek-retiolum-privateKey-ed25519.age;
mode = "400";
owner = "tinc.retiolum";
group = "tinc.retiolum";
};
restic.file = ../../secrets/restic.age;
};

14
systems/manakish/configuration.nix
View File

@@ -15,8 +15,18 @@ in {
];
age.secrets = {
retiolum-rsa.file = ../../secrets/manakish-retiolum-privateKey-rsa.age;
retiolum-ed25519.file = ../../secrets/manakish-retiolum-privateKey-ed25519.age;
retiolum-rsa = {
file = ../../secrets/manakish-retiolum-privateKey-rsa.age;
mode = "400";
owner = "tinc.retiolum";
group = "tinc.retiolum";
};
retiolum-ed25519 = {
file = ../../secrets/manakish-retiolum-privateKey-ed25519.age;
mode = "400";
owner = "tinc.retiolum";
group = "tinc.retiolum";
};
syncthing-cert.file = ../../secrets/manakish-syncthing-cert.age;
syncthing-key.file = ../../secrets/manakish-syncthing-key.age;
};

14
systems/tabula/configuration.nix
View File

@@ -14,8 +14,18 @@ in {
];
age.secrets = {
retiolum-rsa.file = ../../secrets/tabula-retiolum-privateKey-rsa.age;
retiolum-ed25519.file = ../../secrets/tabula-retiolum-privateKey-rsa.age;
retiolum-rsa = {
file = ../../secrets/tabula-retiolum-privateKey-rsa.age;
mode = "400";
owner = "tinc.retiolum";
group = "tinc.retiolum";
};
retiolum-ed25519 = {
file = ../../secrets/tabula-retiolum-privateKey-ed25519.age;
mode = "400";
owner = "tinc.retiolum";
group = "tinc.retiolum";
};
};
services.xserver = {

14
systems/tahina/configuration.nix
View File

@@ -14,8 +14,18 @@ in {
];
age.secrets = {
retiolum-rsa.file = ../../secrets/tahina-retiolum-privateKey-rsa.age;
retiolum-ed25519.file = ../../secrets/tahina-retiolum-privateKey-rsa.age;
retiolum-rsa = {
file = ../../secrets/tahina-retiolum-privateKey-rsa.age;
mode = "400";
owner = "tinc.retiolum";
group = "tinc.retiolum";
};
retiolum-ed25519 = {
file = ../../secrets/tahina-retiolum-privateKey-ed25519.age;
mode = "400";
owner = "tinc.retiolum";
group = "tinc.retiolum";
};
};
console.keyMap = "de";

14
systems/zaatar/configuration.nix
View File

@@ -30,8 +30,18 @@ in {
];
age.secrets = {
retiolum-rsa.file = ../../secrets/zaatar-retiolum-privateKey-rsa.age;
retiolum-ed25519.file = ../../secrets/zaatar-retiolum-privateKey-rsa.age;
retiolum-rsa = {
file = ../../secrets/zaatar-retiolum-privateKey-rsa.age;
mode = "400";
owner = "tinc.retiolum";
group = "tinc.retiolum";
};
retiolum-ed25519 = {
file = ../../secrets/zaatar-retiolum-privateKey-ed25519.age;
mode = "400";
owner = "tinc.retiolum";
group = "tinc.retiolum";
};
restic.file = ../../secrets/restic.age;
};