petersweb-infra/nixos/secrets/default.nix
2026-06-05 22:58:17 -07:00

33 lines
1.1 KiB
Nix

let
mainframePublicKey = builtins.readFile ../keys/mainframe.pub;
in {
# This .age file should contain the following environment variables:
# NEARLYFREESPEECH_API_KEY
# NEARLYFREESPEECH_LOGIN
"./nearlyfreespeech.age".publicKeys = [mainframePublicKey];
# WEBDAV_PASSWORD
"./webdav.age".publicKeys = [mainframePublicKey];
# ANTHROPIC_API_KEY
"./anthropic-api-key.age".publicKeys = [mainframePublicKey];
# POSTMARK_API_KEY, POSTMARK_SERVER_TOKEN
"./postmark.age".publicKeys = [mainframePublicKey];
# TOKEN=<forgejo runner registration token from Forgejo admin>
"./forgejo-runner-token.age".publicKeys = [mainframePublicKey];
# VNC_PASSWORD=<vnc session password>
"./vnc-password.age".publicKeys = [mainframePublicKey];
# htpasswd-format credentials for nginx basic auth on vnc.quinefoundation.com
# Generate with: htpasswd -n <username>
"./vnc-htpasswd.age".publicKeys = [mainframePublicKey];
# PAPERLESS_SECRET_KEY=<long random string>
# PAPERLESS_ADMIN_USER=admin
# PAPERLESS_ADMIN_PASSWORD=<password>
# PAPERLESS_ADMIN_EMAIL=peterson@sent.com
"./paperless.age".publicKeys = [mainframePublicKey];
}