130 lines
2.9 KiB
Nix
130 lines
2.9 KiB
Nix
## TODO use defaultSopsFile mayb
|
|
{config, ...}: let
|
|
# autheliaUser = config.services.authelia.instances.main.user;
|
|
in {
|
|
sops.secrets = {
|
|
wireguard = {
|
|
format = "binary";
|
|
sopsFile = ./wireguard;
|
|
};
|
|
oauth2-proxy = {
|
|
format = "binary";
|
|
sopsFile = ./oauth2-proxy;
|
|
};
|
|
# grafana-pass = {
|
|
# format = "binary";
|
|
# sopsFile = ./grafana-pass;
|
|
# };
|
|
# wireguard-config = {
|
|
# format = "binary";
|
|
# sopsFile = ./wireguard-config;
|
|
# };
|
|
|
|
slskd = {
|
|
format = "binary";
|
|
sopsFile = ./slskd;
|
|
# restartUnits = ["podman-slskd.service"];
|
|
};
|
|
cloudflare = {
|
|
format = "binary";
|
|
sopsFile = ./cloudflare;
|
|
};
|
|
# jackett = {
|
|
# format = "binary";
|
|
# sopsFile = ./jackett;
|
|
# restartUnits = ["podman-qbittorrent.service"];
|
|
# };
|
|
# betanin = {
|
|
# format = "binary";
|
|
# sopsFile = ./betanin;
|
|
# restartUnits = ["podman-betanin.service"];
|
|
# };
|
|
|
|
transmission = {
|
|
format = "binary";
|
|
sopsFile = ./transmission;
|
|
};
|
|
|
|
# authentik = {
|
|
# format = "binary";
|
|
# sopsFile = ./authentik;
|
|
# };
|
|
|
|
"kanidm/admin_pass" = {
|
|
sopsFile = ./kanidm.yaml;
|
|
owner = "kanidm";
|
|
};
|
|
"kanidm/idm_admin_pass" = {
|
|
sopsFile = ./kanidm.yaml;
|
|
owner = "kanidm";
|
|
};
|
|
|
|
firefly = {
|
|
format = "binary";
|
|
sopsFile = ./firefly;
|
|
owner = config.services.firefly-iii.user;
|
|
};
|
|
firefly-data-importer = {
|
|
format = "binary";
|
|
sopsFile = ./firefly-data-importer;
|
|
owner = config.services.firefly-iii-data-importer.user;
|
|
};
|
|
|
|
# "keycloak/db" = {
|
|
# sopsFile = ./keycloak.yaml;
|
|
# owner = "keycloak";
|
|
# };
|
|
#
|
|
# "lldap/jwt" = {
|
|
# sopsFile = ./lldap.yaml;
|
|
# owner = "lldap";
|
|
# };
|
|
#
|
|
# "lldap/password" = {
|
|
# sopsFile = ./lldap.yaml;
|
|
# owner = "lldap";
|
|
# };
|
|
|
|
# authelia
|
|
# authelia_lldap_password = {
|
|
# format = "yaml";
|
|
# sopsFile = ./authelia.yaml;
|
|
# key = "lldap_password";
|
|
# # owner = autheliaUser;
|
|
# };
|
|
# authelia_jwt_secret = {
|
|
# format = "yaml";
|
|
# sopsFile = ./authelia.yaml;
|
|
# key = "jwt_secret";
|
|
# # owner = autheliaUser;
|
|
# };
|
|
# authelia_session_secret = {
|
|
# format = "yaml";
|
|
# sopsFile = ./authelia.yaml;
|
|
# key = "session_secret";
|
|
# #owner = autheliaUser;
|
|
# };
|
|
# authelia_encryption_key = {
|
|
# format = "yaml";
|
|
# sopsFile = ./authelia.yaml;
|
|
# key = "encryption_key";
|
|
# #owner = autheliaUser;
|
|
# };
|
|
# authelia_storage_password = {
|
|
# format = "yaml";
|
|
# sopsFile = ./authelia.yaml;
|
|
# key = "storage_password";
|
|
# #owner = autheliaUser;
|
|
# };
|
|
|
|
# brawlstars-api-key = {
|
|
# format = "binary";
|
|
# sopsFile = ./brawlstars;
|
|
# };
|
|
# wakapi = {
|
|
# format = "binary";
|
|
# sopsFile = ./wakapi;
|
|
# mode = "004";
|
|
# };
|
|
};
|
|
}
|