From 6427d73464b87d5a3617df65a0686e7f1fe78e51 Mon Sep 17 00:00:00 2001 From: prescientmoon Date: Thu, 9 May 2024 15:03:50 +0200 Subject: [PATCH] Add example secret files --- docs/ports.md | 1 + home/features/cli/productivity/secrets.example.yaml | 6 ++++++ home/features/desktop/wakatime/secrets.example.yaml | 4 ++++ home/features/desktop/wakatime/secrets.yaml | 6 +++--- hosts/nixos/common/secrets.example.yaml | 6 ++++++ hosts/nixos/lapetus/secrets.example.yaml | 13 +++++++++++++ hosts/nixos/lapetus/secrets.yaml | 5 +++-- 7 files changed, 36 insertions(+), 5 deletions(-) create mode 100644 home/features/cli/productivity/secrets.example.yaml create mode 100644 home/features/desktop/wakatime/secrets.example.yaml create mode 100644 hosts/nixos/common/secrets.example.yaml create mode 100644 hosts/nixos/lapetus/secrets.example.yaml diff --git a/docs/ports.md b/docs/ports.md index 3602123..47c72ef 100644 --- a/docs/ports.md +++ b/docs/ports.md @@ -21,3 +21,4 @@ The idea is to always use consecutive ports, but never go back and try to recycl | 8415 | [radicale](../hosts/nixos/lapetus/services/radicale.nix) | | 8416 | [redlib](../hosts/nixos/lapetus/services/redlib.nix) | | 8417 | [qbittorrent](../hosts/nixos/lapetus/services/qbittorrent.nix) | +| 8418 | [microbin](../hosts/nixos/lapetus/services/microbin.nix) | diff --git a/home/features/cli/productivity/secrets.example.yaml b/home/features/cli/productivity/secrets.example.yaml new file mode 100644 index 0000000..9e4c7e2 --- /dev/null +++ b/home/features/cli/productivity/secrets.example.yaml @@ -0,0 +1,6 @@ +smos_github_token: ... +intray_password: ... +smos_password: ... +moonythm_mail_pass: ... +vaultwarden_env: | + ADMIN_TOKEN=... diff --git a/home/features/desktop/wakatime/secrets.example.yaml b/home/features/desktop/wakatime/secrets.example.yaml new file mode 100644 index 0000000..b2979c0 --- /dev/null +++ b/home/features/desktop/wakatime/secrets.example.yaml @@ -0,0 +1,4 @@ +wakatime_config: | + [settings] + api_url=... + api_key=... diff --git a/home/features/desktop/wakatime/secrets.yaml b/home/features/desktop/wakatime/secrets.yaml index ab959f8..d95db77 100644 --- a/home/features/desktop/wakatime/secrets.yaml +++ b/home/features/desktop/wakatime/secrets.yaml @@ -1,4 +1,4 @@ -wakatime_config: ENC[AES256_GCM,data:4ZlmrZuB8kBb3DkTmjZFztxzra5owHUWawql5nqkdFs1Qbx1jF9O0PC9cc7qq1j6JlYqVKcJHn/hwEiKnN8qtX0sLW38mnF06uDr2E0ibuNXbiKeMg6/xOnxFer5uI6pUZAYdCtqexfb5C6qY/OfrSYAfpSXNqhrhga3yS/gQlz4fwaylkgScvvrdqNrXdPlRhekoffizAeaF2u9GWkC8akFJEJYHB4lP9ZS6orVwlBTEV4xAKhySD8HP96yvHUvUgwr,iv:BrkrWwim5Vj6XnrIr8hNKtXOc/sVni9zhXh1JrkwPKs=,tag:Uf1Sk3AOXgTPmdpd4U0mFQ==,type:str] +wakatime_config: ENC[AES256_GCM,data:0YZYAYzOElAJ01lMvmdp41K/aHZRwSftFFnrhN9V5vbfS8H2r8SjjepAziAwB3B5IiVo/bY7I0DBQwu9GeyQClnyGytW/JXShV3FP7EizoeDJOAxjfGERJfnHA8gwLSb7Y3fOKKWe0g2s6Wd4xJTgWCJnVscnjaXXXY8E/NJZ6cQR2i42FqxLlbBUJAmL11pf7JF3fM/D3ejKhPmA8kw1lYaQFNMtCxXc+E89okYEDXgZAlrYmuR,iv:4+fAJL4b3kLnn8FCZ2awbNygt71AM7VgyDZZhz6C3KA=,tag:DsHHsx7Eae65Cauj3gw4tg==,type:str] sops: kms: [] gcp_kms: [] @@ -14,8 +14,8 @@ sops: cURjWFplY1pyMzY4a0h6cTRLS2I2ZW8KqGtYjCsdriSWdKhC+kGBAMSY9WVDL3tE oMxyhrgDMtWndZEGv1+J3XLLmatDKmEcJO2k0CXZlCWWj17O4Rm+eA== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-04-08T16:37:07Z" - mac: ENC[AES256_GCM,data:aBJ81nrFPg42KXFcbeKVSSiARDxv28jyKwwBcrGJyyMCjHBMAFVkqunCAP3QWKXy8idabLye2PE9kc0aQaQy1pNCnuum2ejbNYKstEZHrUSxS0v7Mt3Z47IRY1PGp7ovauJXAGe0TB28wslQuUTCE5AyxO+/eaf9q9uWF71X0pw=,iv:oe0YzuFO7QXQZAoSA2O682X9UoTTOo7sUVZceRyYQtY=,tag:9GGULWn3vlTdGEoOVIOzmQ==,type:str] + lastmodified: "2024-05-09T13:00:44Z" + mac: ENC[AES256_GCM,data:pvcHe28Vnv/Trq84YwQjDKNiITdX5HbdRaLtoq0gzVGzuN9VL5GtufQN+rtZY3RLFDdEt6qeJe4ichVSK88S0VUEsc5CtsvR1QR59aZ20dsiELI6a9qyOLlCJCP80J9XWCe3Gr93v7AoelKdpPFo2BcRL7TNbkYxJC9t0JienSY=,iv:PtIH5IeCA7SmgekT8hs9p0kXtg4xrivhOz3HWG9UpTA=,tag:1B+POnrhCXFP/WsrfOnn3w==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.8.1 diff --git a/hosts/nixos/common/secrets.example.yaml b/hosts/nixos/common/secrets.example.yaml new file mode 100644 index 0000000..16fe548 --- /dev/null +++ b/hosts/nixos/common/secrets.example.yaml @@ -0,0 +1,6 @@ +# Wifi password key-value pair +wireless: | + TG_HOTSPOT_HOME_PASS=... + ... +adrielus_password: ... +cloudflare_dns_api_token: ... diff --git a/hosts/nixos/lapetus/secrets.example.yaml b/hosts/nixos/lapetus/secrets.example.yaml new file mode 100644 index 0000000..cafa2d1 --- /dev/null +++ b/hosts/nixos/lapetus/secrets.example.yaml @@ -0,0 +1,13 @@ +tilde_irc_pass: ... +vaultwarden_env: | + SMTP_PASSWORD=... +grafana_smtp_pass: ... +grafana_discord_webhook: https://discord.com/api/webhooks/... +# I think this can simply be a randomly generated key +invidious_hmac_key: ... +# contents of `credentials.json` file generated by `cloudflared tunnel create` +cloudflare_tunnel_credentials: | + ... +microbin_end: | + MICROBIN_ADMIN_PASSWORD=... + MICROBIN_UPLOAD_PASSWORD=... diff --git a/hosts/nixos/lapetus/secrets.yaml b/hosts/nixos/lapetus/secrets.yaml index 14d681a..430b82c 100644 --- a/hosts/nixos/lapetus/secrets.yaml +++ b/hosts/nixos/lapetus/secrets.yaml @@ -4,6 +4,7 @@ grafana_smtp_pass: ENC[AES256_GCM,data:PudFnWOS6LR69FMhlMs=,iv:4oKSiW0Xgu539w3QQ grafana_discord_webhook: ENC[AES256_GCM,data:y17UjlnfNmtvim9REkop4abcU6BX0P5JnJY1Mk7mNoE6mhyN7cEOrikTbehT+IOylG6rd+VtKIEj0X86qjx59qEo/NMbXqCrqxy6nhWD2NIDxQ5ZSQOUMVYGVLv7VKx3YG5mMvGgMHZEuJrobc0t6WejKAZ3LT/nqQ==,iv:2XtCnuirsXx2R2X7FozDczi4trAbnP5d8dXV7aJMWzE=,tag:a/dxsRuyye5ChaLGV+P6Zw==,type:str] invidious_hmac_key: ENC[AES256_GCM,data:eN3NNPYUSfPNnVz3aZK7IrnzoBA=,iv:eHEiB/TKL0W6TdWpXADCxEdhhGwUPwOLph2RjwTECh0=,tag:P5m6Uw8JkKVegQ840talPQ==,type:str] cloudflare_tunnel_credentials: ENC[AES256_GCM,data:XuXXzhGdxYsF1ik2g7yS2wbaI08/AF60P8CnIhjJlMd+jRk36QovuBRRjkfV8BjOg0K+2b4yNHT/nS/ZSV6eorj4sbczw6D+p7LxrQfeVqqhXWyCjbJwQTTDFU9XB2xUohmmC1PJ1/nwShfn1LocPxgwWQiNpqwhTJroojzqxTHUBzCuAMmcZ7jwvd0SlDpZIszhbTQoLRzedRZpCdoNnWTc,iv:2oBLU3SvNUwJ2OYfCmyKiocUw9zU+yixO+tY/AE9sxc=,tag:T3v+MII+kDzomiAQJ0zUdg==,type:str] +microbin_end: ENC[AES256_GCM,data:BKpNrLJD9uwm5ci6iWLReLNfcPMaeNMxgR3qi7biMdwXyiJJ3DgwY5fQKmkJtvwDgZtDWAf9kc5Qrq2BBb+UiRKHSXZRRm38xBYbT8bVmQ==,iv:dezdvAkohS9skUCiVYweCgiUpcdWl4poG+0XLOcO0nA=,tag:Q6qhlWwBelNI5qNDy53vOw==,type:str] sops: kms: [] gcp_kms: [] @@ -28,8 +29,8 @@ sops: RHZ6alYrUU5BZ2xlMkdGR1dWRG5aeGMKJdsdtVZ6Mk9Vo3a+tS+rzAgaF2wpH+8U lWhA+c0Kbe8EJT8hm7Vr8PqBmElz4V9AnXSCTp7D+Cu4pfWsHopLUQ== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-05-09T02:29:16Z" - mac: ENC[AES256_GCM,data:BFZjEpGSvj2HYO+nB33FZRfgUrBIrma6RbLfuZVN5tsB3ghqmNsrQljSPkcwsIDYvzDdIunp3g0C/Kzb0XKdpxVVu/C1XhXVO2JMqxNAASbO+QzO5Kfp8L90w6pkF+IvIc5OFJ40QFH6pCWamyogh/adIzbMY2Yk+xkN54YkwzU=,iv:870LCMvbdMSZAOgRWRFP+th5wSYKRjMfr53camJuSsA=,tag:GyEH4WNjRfjrP4iv8Wqxag==,type:str] + lastmodified: "2024-05-09T12:59:03Z" + mac: ENC[AES256_GCM,data:w9N/RksullxikCGYjQU5cPS8cHmFrOAIALSt0gDRpAjfEs9uDmUwIvhnUEYj9aY3w/u7ypFxgmWxauf6R4vzyPLfVFWeFD5c8NVsZgaLNbDIajh6Ppm6WxylatqD8/oQOFNrY97QbXtgbEHMnh0Ie0P1cgxd2S6pTjdQ057EYUY=,iv:+dRKQleou8Uq+JqfGrxpf5Y5OWARjdWw5VXJTT0PY5c=,tag:ADpXbfZgNIZn2sDpTI7Vmw==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.8.1