petersweb-infra/nixos/secrets/default.nix
2026-06-23 02:40:51 -07:00

46 lines
1.6 KiB
Nix

let
mainframePublicKey = builtins.readFile ../keys/mainframe.pub;
in {
# This .age file should contain the following environment variables:
# NEARLYFREESPEECH_API_KEY
# NEARLYFREESPEECH_LOGIN
"./nearlyfreespeech.age".publicKeys = [mainframePublicKey];
# WEBDAV_PASSWORD
"./webdav.age".publicKeys = [mainframePublicKey];
# ANTHROPIC_API_KEY
"./anthropic-api-key.age".publicKeys = [mainframePublicKey];
# POSTMARK_API_KEY, POSTMARK_SERVER_TOKEN
"./postmark.age".publicKeys = [mainframePublicKey];
# TOKEN=<forgejo runner registration token from Forgejo admin>
"./forgejo-runner-token.age".publicKeys = [mainframePublicKey];
# VNC_PASSWORD=<vnc session password>
"./vnc-password.age".publicKeys = [mainframePublicKey];
# htpasswd-format credentials for nginx basic auth on vnc.quinefoundation.com
# Generate with: htpasswd -n <username>
"./vnc-htpasswd.age".publicKeys = [mainframePublicKey];
# PAPERLESS_SECRET_KEY=<long random string>
# PAPERLESS_ADMIN_USER=admin
# PAPERLESS_ADMIN_PASSWORD=<password>
# PAPERLESS_ADMIN_EMAIL=peterson@sent.com
"./paperless.age".publicKeys = [mainframePublicKey];
# DATABASE_URL=<supabase postgres dsn>
# BETTER_AUTH_SECRET=<secret>
"./coldairnetworks.age".publicKeys = [mainframePublicKey];
# OPENAI_API_KEY
"./openai-api-key.age".publicKeys = [mainframePublicKey];
# POSTGRES_USER, POSTGRES_PASSWORD, POSTGRES_DB
"./coldairnetworks-db-postgres.age".publicKeys = [mainframePublicKey];
# PGADMIN_DEFAULT_EMAIL, PGADMIN_DEFAULT_PASSWORD
"./coldairnetworks-db-pgadmin.age".publicKeys = [mainframePublicKey];
}