kfm/niveum
1
0
Fork 0
mirror of https://github.com/kmein/niveum synced 2026-03-20 03:51:07 +01:00
Code Releases Activity

fix(retiolum): secret permissions

Browse Source
This commit is contained in:
Kierán Meinhardt
2023-02-28 16:45:20 +01:00
parent 9d096ab4c4
commit e55a99f53d
7 changed files with 84 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
systems/ful/configuration.nix
View File

@@ -18,8 +18,18 @@ in {
]; ];
age.secrets = { age.secrets = {
retiolum-rsa.file = ../../secrets/ful-retiolum-privateKey-rsa.age; retiolum-rsa = {
retiolum-ed25519.file = ../../secrets/ful-retiolum-privateKey-rsa.age; file = ../../secrets/ful-retiolum-privateKey-rsa.age;
mode = "400";
owner = "tinc.retiolum";
group = "tinc.retiolum";
};
retiolum-ed25519 = {
file = ../../secrets/ful-retiolum-privateKey-ed25519.age;
mode = "400";
owner = "tinc.retiolum";
group = "tinc.retiolum";
};
root.file = ../../secrets/ful-root.age; root.file = ../../secrets/ful-root.age;
restic.file = ../../secrets/restic.age; restic.file = ../../secrets/restic.age;
}; };

14
systems/kabsa/configuration.nix
View File

@@ -25,8 +25,18 @@ in {
}; };
age.secrets = { age.secrets = {
retiolum-rsa.file = ../../secrets/kabsa-retiolum-privateKey-rsa.age; retiolum-rsa = {
retiolum-ed25519.file = ../../secrets/kabsa-retiolum-privateKey-ed25519.age; file = ../../secrets/kabsa-retiolum-privateKey-rsa.age;
mode = "400";
owner = "tinc.retiolum";
group = "tinc.retiolum";
};
retiolum-ed25519 = {
file = ../../secrets/kabsa-retiolum-privateKey-ed25519.age;
mode = "400";
owner = "tinc.retiolum";
group = "tinc.retiolum";
};
restic.file = ../../secrets/restic.age; restic.file = ../../secrets/restic.age;
syncthing-cert.file = ../../secrets/kabsa-syncthing-cert.age; syncthing-cert.file = ../../secrets/kabsa-syncthing-cert.age;
syncthing-key.file = ../../secrets/kabsa-syncthing-key.age; syncthing-key.file = ../../secrets/kabsa-syncthing-key.age;

14
systems/makanek/configuration.nix
View File

@@ -83,8 +83,18 @@ in {
}; };
age.secrets = { age.secrets = {
retiolum-rsa.file = ../../secrets/makanek-retiolum-privateKey-rsa.age; retiolum-rsa = {
retiolum-ed25519.file = ../../secrets/makanek-retiolum-privateKey-ed25519.age; file = ../../secrets/makanek-retiolum-privateKey-rsa.age;
mode = "400";
owner = "tinc.retiolum";
group = "tinc.retiolum";
};
retiolum-ed25519 = {
file = ../../secrets/makanek-retiolum-privateKey-ed25519.age;
mode = "400";
owner = "tinc.retiolum";
group = "tinc.retiolum";
};
restic.file = ../../secrets/restic.age; restic.file = ../../secrets/restic.age;
}; };

14
systems/manakish/configuration.nix
View File

@@ -15,8 +15,18 @@ in {
]; ];
age.secrets = { age.secrets = {
retiolum-rsa.file = ../../secrets/manakish-retiolum-privateKey-rsa.age; retiolum-rsa = {
retiolum-ed25519.file = ../../secrets/manakish-retiolum-privateKey-ed25519.age; file = ../../secrets/manakish-retiolum-privateKey-rsa.age;
mode = "400";
owner = "tinc.retiolum";
group = "tinc.retiolum";
};
retiolum-ed25519 = {
file = ../../secrets/manakish-retiolum-privateKey-ed25519.age;
mode = "400";
owner = "tinc.retiolum";
group = "tinc.retiolum";
};
syncthing-cert.file = ../../secrets/manakish-syncthing-cert.age; syncthing-cert.file = ../../secrets/manakish-syncthing-cert.age;
syncthing-key.file = ../../secrets/manakish-syncthing-key.age; syncthing-key.file = ../../secrets/manakish-syncthing-key.age;
}; };

14
systems/tabula/configuration.nix
View File

@@ -14,8 +14,18 @@ in {
]; ];
age.secrets = { age.secrets = {
retiolum-rsa.file = ../../secrets/tabula-retiolum-privateKey-rsa.age; retiolum-rsa = {
retiolum-ed25519.file = ../../secrets/tabula-retiolum-privateKey-rsa.age; file = ../../secrets/tabula-retiolum-privateKey-rsa.age;
mode = "400";
owner = "tinc.retiolum";
group = "tinc.retiolum";
};
retiolum-ed25519 = {
file = ../../secrets/tabula-retiolum-privateKey-ed25519.age;
mode = "400";
owner = "tinc.retiolum";
group = "tinc.retiolum";
};
}; };
services.xserver = { services.xserver = {

14
systems/tahina/configuration.nix
View File

@@ -14,8 +14,18 @@ in {
]; ];
age.secrets = { age.secrets = {
retiolum-rsa.file = ../../secrets/tahina-retiolum-privateKey-rsa.age; retiolum-rsa = {
retiolum-ed25519.file = ../../secrets/tahina-retiolum-privateKey-rsa.age; file = ../../secrets/tahina-retiolum-privateKey-rsa.age;
mode = "400";
owner = "tinc.retiolum";
group = "tinc.retiolum";
};
retiolum-ed25519 = {
file = ../../secrets/tahina-retiolum-privateKey-ed25519.age;
mode = "400";
owner = "tinc.retiolum";
group = "tinc.retiolum";
};
}; };
console.keyMap = "de"; console.keyMap = "de";

14
systems/zaatar/configuration.nix
View File

@@ -30,8 +30,18 @@ in {
]; ];
age.secrets = { age.secrets = {
retiolum-rsa.file = ../../secrets/zaatar-retiolum-privateKey-rsa.age; retiolum-rsa = {
retiolum-ed25519.file = ../../secrets/zaatar-retiolum-privateKey-rsa.age; file = ../../secrets/zaatar-retiolum-privateKey-rsa.age;
mode = "400";
owner = "tinc.retiolum";
group = "tinc.retiolum";
};
retiolum-ed25519 = {
file = ../../secrets/zaatar-retiolum-privateKey-ed25519.age;
mode = "400";
owner = "tinc.retiolum";
group = "tinc.retiolum";
};
restic.file = ../../secrets/restic.age; restic.file = ../../secrets/restic.age;
}; };