Cradicle Explorer
home
/ secrets.nix
secrets.nix
 1  let
 2    vincent-yubikey5a = "";
 3    #vincent-yubikey5a = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFT5Rx+4Wuvd8lMBkcHxb4oHdRhm/OTg+p5tvPzoIN9enSmgRw5Inm/SlS8ZzV87G1NESTgzDRi6hREvqDlKvxs=";
 4    vincent-yubikey5c1 = "age1yubikey1q0g72w5n3zgt4qv64fkymcttqlpct0yh0rf29079h3696d6wkruakkst877"; # does this work ? Otherwise the ssh one.
 5    # vincent-yubikey5c1 = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBBFzxC16VqwTgWDQfw2YCiOw2JzpH3z9XgHtKoHhBdHi2i9m9XUc7fIUeEIIf7P8ARRNd8q5bjvl8JY7LtPkNCU=";
 6    vincent-yubikey5c2 = "age1yubikey1qf2vcr22ugzj94dzfhdrz39h60ukr6gvk2687de2srg9407azd53kgsajvu";
 7    users = [ vincent-yubikey5c1 vincent-yubikey5c2 ];
 8  
 9    aomi = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFQVlSrUKU0xlM9E+sJ8qgdgqCW6ePctEBD2Yf+OnyME"; # ssh-keyscan -q -t ed25519 aomi.sbr.pm
10    athena = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM/4KRP1rzOwyA2zP1Nf1WlLRHqAGutLtOHYWfH732xh"; # ssh-keyscan -q -t ed25519 athena.sbr.pm
11    demeter = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGqQfEyHyjIGglayB9FtCqL7bnYfNSQlBXks2IuyCPmd"; # ssh-keyscan -q -t ed25519 demeter.sbr.pm
12    kerkouane = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJguVoQYObRLyNxELFc3ai2yDJ25+naiM3tKrBGuxwwA"; # ssh-keyscan -q -t ed25519 kerkouane.sbr.pm
13    sakhalin = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN/PMBThi4DhgZR8VywbRDzzMVh2Qp3T6NJAcPubfXz6"; # ssh-keyscan -q -t ed25519 sakhalin.sbr.pm
14    shikoku = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH18c6kcorVbK2TwCgdewL6nQf29Cd5BVTeq8nRYUigm"; # ssh-keyscan -q -t ed25519 shikoku.sbr.pm
15    wakasu = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINrAh07USjRnAdS3mMNGdKee1KumjYDLzgXaiZ5LYi2D"; # ssh-keyscan -q -t ed25519 wakasu.sbr.pm
16    desktops = [ aomi wakasu ];
17    servers = [ athena demeter kerkouane sakhalin shikoku ];
18    systems = servers ++ desktops;
19  in
20  {
21    # Red Hat
22    "secrets/redhat/krb5.conf.age".publicKeys = users ++ [ aomi wakasu ];
23    "secrets/redhat/RHVPN.ovpn.age".publicKeys = users ++ [ aomi wakasu ];
24    "secrets/redhat/AMS2.ovpn.age".publicKeys = users ++ [ aomi wakasu ];
25    "secrets/redhat/RDU2.ovpn.age".publicKeys = users ++ [ aomi wakasu ];
26    "secrets/redhat/BBRQ.ovpn.age".publicKeys = users ++ [ aomi wakasu ];
27    "secrets/redhat/ipa.crt.age".publicKeys = users ++ [ aomi wakasu ];
28    "secrets/redhat/2015-RH-IT-Root-CA.pem.age".publicKeys = users ++ [ aomi wakasu ];
29    "secrets/redhat/Eng-CA.crt.age".publicKeys = users ++ [ aomi wakasu ];
30    "secrets/redhat/newca.crt.age".publicKeys = users ++ [ aomi wakasu ];
31    "secrets/redhat/oracle_ebs.crt.age".publicKeys = users ++ [ aomi wakasu ];
32    "secrets/redhat/pki-ca-chain.crt.age".publicKeys = users ++ [ aomi wakasu ];
33    "secrets/redhat/RH_ITW.crt.age".publicKeys = users ++ [ aomi wakasu ];
34    "secrets/redhat/win-intermediate-ca.cer.age".publicKeys = users ++ [ aomi wakasu ];
35    "secrets/redhat/redhat.pem.age".publicKeys = users ++ systems;
36    # Others
37    "secrets/minica.pem.age".publicKeys = users ++ systems;
38    "secrets/shikoku/aria2rpcsecret.age".publicKeys = users ++ [ shikoku ];
39  }