31 lines
769 B
Nix
31 lines
769 B
Nix
{ primaryUser, config, ... }:
|
|
{
|
|
sops = {
|
|
defaultSopsFile = ../secrets/secrets.yaml;
|
|
defaultSopsFormat = "yaml";
|
|
age.keyFile = "/home/${primaryUser}/.config/nix/secrets/keys.txt";
|
|
secrets = {
|
|
grafana_secret_key = {
|
|
owner = "grafana";
|
|
group = "grafana";
|
|
};
|
|
matrix_macaroon_secret = { };
|
|
matrix_registration_secret = {
|
|
owner = "matrix-synapse";
|
|
group = "matrix-synapse";
|
|
};
|
|
vaultwarden_admin_token = {
|
|
owner = "vaultwarden";
|
|
group = "vaultwarden";
|
|
};
|
|
};
|
|
templates.vaultwarden_env = {
|
|
content = ''
|
|
ADMIN_TOKEN=${config.sops.placeholder.vaultwarden_admin_token}
|
|
'';
|
|
owner = "vaultwarden";
|
|
group = "vaultwarden";
|
|
};
|
|
};
|
|
}
|