2024-02-04 00:11:26 +00:00
|
|
|
{ config, ... }:
|
|
|
|
{
|
2024-02-10 18:26:29 +00:00
|
|
|
sops.defaultSopsFile = ./secrets/services.yaml;
|
2024-02-04 00:11:26 +00:00
|
|
|
sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
|
|
|
|
|
2024-02-10 18:26:29 +00:00
|
|
|
# Vaultwarden
|
|
|
|
sops.secrets."services/vaultwarden/.env" = {
|
|
|
|
mode = "0400";
|
|
|
|
owner = config.users.users.vaultwarden.name;
|
|
|
|
group = config.users.users.vaultwarden.group;
|
|
|
|
sopsFile = ./secrets/vaultwarden.env;
|
|
|
|
format = "dotenv";
|
|
|
|
};
|
|
|
|
|
2024-02-04 18:34:52 +00:00
|
|
|
# MSMTP
|
2024-02-04 00:11:26 +00:00
|
|
|
sops.secrets."services/msmtp/password" = {
|
|
|
|
mode = "0777";
|
|
|
|
sopsFile = ./secrets/msmtp.yaml;
|
|
|
|
};
|
2024-02-04 18:34:52 +00:00
|
|
|
|
|
|
|
# Wireguard
|
|
|
|
sops.secrets."services/wireguard/airvpn.private" = {
|
|
|
|
mode = "0400";
|
|
|
|
owner = config.users.users.root.name;
|
|
|
|
group = config.users.users.root.group;
|
|
|
|
sopsFile = ./secrets/wireguard.yaml;
|
|
|
|
};
|
|
|
|
sops.secrets."services/wireguard/airvpn.psk" = {
|
|
|
|
mode = "0400";
|
|
|
|
owner = config.users.users.root.name;
|
|
|
|
group = config.users.users.root.group;
|
|
|
|
sopsFile = ./secrets/wireguard.yaml;
|
|
|
|
};
|
2024-02-04 00:11:26 +00:00
|
|
|
}
|