Renovate Bot
796bbc7a68
All checks were successful
flake / flake (push) Successful in 1m20s
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [nixpkgs](https://github.com/NixOS/nixpkgs) | major | `nixos-23.11` -> `nixos-24.05` | --- ### Release Notes <details> <summary>NixOS/nixpkgs (nixpkgs)</summary> ### [`vnixos-24.05`](https://github.com/NixOS/nixpkgs/compare/nixos-23.11...nixos-24.05) [Compare Source](https://github.com/NixOS/nixpkgs/compare/nixos-23.11...nixos-24.05) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNzQuMyIsInVwZGF0ZWRJblZlciI6IjM3LjM3NC4zIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119--> Co-authored-by: Jake Hillion <jake@hillion.co.uk> Reviewed-on: #271 Co-authored-by: Renovate Bot <renovate-bot@noreply.gitea.hillion.co.uk> Co-committed-by: Renovate Bot <renovate-bot@noreply.gitea.hillion.co.uk>
126 lines
6.6 KiB
Nix
126 lines
6.6 KiB
Nix
let
|
||
users = {
|
||
jake = {
|
||
gendry = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCw4lgH20nfuchDqvVf0YciqN0GnBw5hfh8KIun5z0P7wlNgVYnCyvPvdIlGf2Nt1z5EGfsMzMLhKDOZkcTMlhupd+j2Er/ZB764uVBGe1n3CoPeasmbIlnamZ12EusYDvQGm2hVJTGQPPp9nKaRxr6ljvTMTNl0KWlWvKP4kec74d28MGgULOPLT3HlAyvUymSULK4lSxFK0l97IVXLa8YwuL5TNFGHUmjoSsi/Q7/CKaqvNh+ib1BYHzHYsuEzaaApnCnfjDBNexHm/AfbI7s+g3XZDcZOORZn6r44dOBNFfwvppsWj3CszwJQYIFeJFuMRtzlC8+kyYxci0+FXHn";
|
||
mbp = "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAyFsYYjLZ/wyw8XUbcmkk6OKt2IqLOnWpRE5gEvm3X0V4IeTOL9F4IL79h7FTsPvi2t9zGBL1hxeTMZHSGfrdWaMJkQp94gA1W30MKXvJ47nEVt0HUIOufGqgTTaAn4BHxlFUBUuS7UxaA4igFpFVoPJed7ZMhMqxg+RWUmBAkcgTWDMgzUx44TiNpzkYlG8cYuqcIzpV2dhGn79qsfUzBMpGJgkxjkGdDEHRk66JXgD/EtVasZvqp5/KLNnOpisKjR88UJKJ6/buV7FLVra4/0hA9JtH9e1ecCfxMPbOeluaxlieEuSXV2oJMbQoPP87+/QriNdi/6QuCHkMDEhyGw==";
|
||
};
|
||
};
|
||
jake_users = builtins.attrValues users.jake;
|
||
|
||
systems = {
|
||
uk = {
|
||
co = {
|
||
hillion = {
|
||
ts = {
|
||
cx = {
|
||
boron = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDtcJ7HY/vjtheMV8EN2wlTw1hU53CJebGIeRJcSkzt5 root@boron";
|
||
};
|
||
home = {
|
||
microserver = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPPOCPqXm5a+vGB6PsJFvjKNgjLhM5MxrwCy6iHGRjXw root@microserver";
|
||
router = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAlCj/i2xprN6h0Ik2tthOJQy6Qwq3Ony73+yfbHYTFu root@router";
|
||
};
|
||
lt = { be = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILV3OSUT+cqFqrFHZGfn7/xi5FW3n1qjUFy8zBbYs2Sm root@be"; };
|
||
pop = { li = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHQWgcDFL9UZBDKHPiEGepT1Qsc4gz3Pee0/XVHJ6V6u root@li"; };
|
||
terminals = { jakehillion = { gendry = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPXM5aDvNv4MTITXAvJWSS2yvr/mbxJE31tgwJtcl38c root@gendry"; }; };
|
||
storage = {
|
||
tywin = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGATsjWO0qZNFp2BhfgDuWi+e/ScMkFxp79N2OZoed1k root@tywin";
|
||
theon = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN59psLVu3/sQORA4x3p8H3ei8MCQlcwX5T+k3kBeBMf root@theon";
|
||
};
|
||
};
|
||
};
|
||
};
|
||
};
|
||
};
|
||
all_systems = builtins.attrValues systems;
|
||
|
||
ts = systems.uk.co.hillion.ts;
|
||
in
|
||
{
|
||
# User Passwords
|
||
"passwords/jake.age".publicKeys = jake_users ++ [
|
||
ts.terminals.jakehillion.gendry
|
||
ts.home.router
|
||
ts.lt.be
|
||
];
|
||
|
||
# Tailscale Pre-Auth Keys
|
||
"tailscale/be.lt.ts.hillion.co.uk.age".publicKeys = jake_users ++ [ ts.lt.be ];
|
||
"tailscale/boron.cx.ts.hillion.co.uk.age".publicKeys = jake_users ++ [ ts.cx.boron ];
|
||
"tailscale/gendry.jakehillion-terminals.ts.hillion.co.uk.age".publicKeys = jake_users ++ [ ts.terminals.jakehillion.gendry ];
|
||
"tailscale/microserver.home.ts.hillion.co.uk.age".publicKeys = jake_users ++ [ ts.home.microserver ];
|
||
"tailscale/li.pop.ts.hillion.co.uk.age".publicKeys = jake_users ++ [ ts.pop.li ];
|
||
"tailscale/router.home.ts.hillion.co.uk.age".publicKeys = jake_users ++ [ ts.home.router ];
|
||
"tailscale/theon.storage.ts.hillion.co.uk.age".publicKeys = jake_users ++ [ ts.storage.theon ];
|
||
"tailscale/tywin.storage.ts.hillion.co.uk.age".publicKeys = jake_users ++ [ ts.storage.tywin ];
|
||
|
||
# Resilio Sync Secrets
|
||
## Encrypted Resilio Sync Secrets
|
||
"resilio/encrypted/dad.age".publicKeys = jake_users ++ [ ];
|
||
"resilio/encrypted/projects.age".publicKeys = jake_users ++ [ ];
|
||
"resilio/encrypted/resources.age".publicKeys = jake_users ++ [ ];
|
||
"resilio/encrypted/sync.age".publicKeys = jake_users ++ [ ];
|
||
|
||
## Read/Write Resilio Sync Secrets
|
||
"resilio/plain/dad.age".publicKeys = jake_users ++ [ ts.terminals.jakehillion.gendry ts.storage.tywin ];
|
||
"resilio/plain/joseph.age".publicKeys = jake_users ++ [ ts.terminals.jakehillion.gendry ts.storage.tywin ];
|
||
"resilio/plain/projects.age".publicKeys = jake_users ++ [ ts.terminals.jakehillion.gendry ts.storage.tywin ];
|
||
"resilio/plain/resources.age".publicKeys = jake_users ++ [ ts.terminals.jakehillion.gendry ts.storage.tywin ];
|
||
"resilio/plain/sync.age".publicKeys = jake_users ++ [ ts.terminals.jakehillion.gendry ts.storage.tywin ];
|
||
|
||
# Matrix Secrets
|
||
"matrix/matrix.hillion.co.uk/macaroon_secret_key.age".publicKeys = jake_users ++ [ ts.cx.boron ];
|
||
"matrix/matrix.hillion.co.uk/email.age".publicKeys = jake_users ++ [ ts.cx.boron ];
|
||
"matrix/matrix.hillion.co.uk/registration_shared_secret.age".publicKeys = jake_users ++ [ ts.cx.boron ];
|
||
|
||
# Backups Secrets
|
||
"restic/128G.age".publicKeys = jake_users ++ [ ts.storage.tywin ts.cx.boron ts.home.microserver ];
|
||
"restic/1.6T.age".publicKeys = jake_users ++ [ ts.storage.tywin ts.home.router ];
|
||
|
||
"git/git_backups_ecdsa.age".publicKeys = jake_users ++ [ ts.storage.tywin ];
|
||
"git/git_backups_remotes.age".publicKeys = jake_users ++ [ ts.storage.tywin ];
|
||
|
||
# Mastodon Secrets
|
||
"mastodon/social.hillion.co.uk/otp_secret_file.age".publicKeys = jake_users ++ [ ];
|
||
"mastodon/social.hillion.co.uk/secret_key_base.age".publicKeys = jake_users ++ [ ];
|
||
"mastodon/social.hillion.co.uk/vapid_private_key.age".publicKeys = jake_users ++ [ ];
|
||
"mastodon/social.hillion.co.uk/mastodon_at_social.hillion.co.uk.age".publicKeys = jake_users ++ [ ];
|
||
|
||
# Chia Secrets
|
||
"chia/farmer.key.age".publicKeys = jake_users ++ [ ts.storage.tywin ];
|
||
|
||
# Storj Secrets
|
||
"storj/auth.age".publicKeys = jake_users ++ [ ts.storage.tywin ];
|
||
|
||
# Version tracker secrets
|
||
"version_tracker/ssh.key.age".publicKeys = jake_users ++ [ ts.cx.boron ];
|
||
|
||
# Home Automation secrets
|
||
"mqtt/zigbee2mqtt.age".publicKeys = jake_users ++ [ ts.home.router ];
|
||
"mqtt/homeassistant.age".publicKeys = jake_users ++ [ ];
|
||
|
||
# Wireguard Secrets
|
||
"wireguard/downloads.age".publicKeys = jake_users ++ [ ts.storage.tywin ];
|
||
|
||
# Deluge Secrets
|
||
"deluge/auth.age".publicKeys = jake_users ++ [ ts.storage.tywin ];
|
||
|
||
# Gitea Secrets
|
||
"gitea/lfs_jwt_secret.age".publicKeys = jake_users ++ [ ts.cx.boron ];
|
||
"gitea/mailer_password.age".publicKeys = jake_users ++ [ ts.cx.boron ];
|
||
"gitea/oauth_jwt_secret.age".publicKeys = jake_users ++ [ ts.cx.boron ];
|
||
"gitea/security_secret_key.age".publicKeys = jake_users ++ [ ts.cx.boron ];
|
||
"gitea/security_internal_token.age".publicKeys = jake_users ++ [ ts.cx.boron ];
|
||
|
||
"gitea/actions/boron.age".publicKeys = jake_users ++ [ ts.cx.boron ];
|
||
|
||
# HomeAssistant Secrets
|
||
"homeassistant/secrets.yaml.age".publicKeys = jake_users ++ [ ts.home.microserver ];
|
||
|
||
# Web certificates
|
||
"certs/hillion.co.uk.pem.age".publicKeys = jake_users ++ [ ts.cx.boron ];
|
||
"certs/blog.hillion.co.uk.pem.age".publicKeys = jake_users ++ [ ts.cx.boron ];
|
||
"certs/gitea.hillion.co.uk.pem.age".publicKeys = jake_users ++ [ ts.cx.boron ];
|
||
"certs/homeassistant.hillion.co.uk.pem.age".publicKeys = jake_users ++ [ ts.cx.boron ];
|
||
"certs/links.hillion.co.uk.pem.age".publicKeys = jake_users ++ [ ts.cx.boron ];
|
||
}
|