freshrss: Store secrets using agenix
This commit is contained in:
parent
b2958aea7c
commit
c3edc30ee7
5 changed files with 21 additions and 2 deletions
|
@ -2,6 +2,14 @@
|
||||||
age.secrets = {
|
age.secrets = {
|
||||||
freshrss-user-password = {
|
freshrss-user-password = {
|
||||||
file = ./freshrss/userPassword.age;
|
file = ./freshrss/userPassword.age;
|
||||||
|
owner = "freshrss";
|
||||||
|
group = "freshrss";
|
||||||
|
};
|
||||||
|
|
||||||
|
freshrss-database-password = {
|
||||||
|
file = ./freshrss/databasePassword.age;
|
||||||
|
owner = "freshrss";
|
||||||
|
group = "freshrss";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
9
agenix/hosts/sail/freshrss/databasePassword.age
Normal file
9
agenix/hosts/sail/freshrss/databasePassword.age
Normal file
|
@ -0,0 +1,9 @@
|
||||||
|
age-encryption.org/v1
|
||||||
|
-> ssh-ed25519 MtGp6g KSyCSQHLSXPQ5jx4FqpF0l76YHh8UARYVJq88QtXvUA
|
||||||
|
ZwpIKbT4/xqL9FxwkNe4dObZgH5jsaNWSl/+EIXHRbs
|
||||||
|
-> ssh-ed25519 NbV4hw OArbXWqy7lhy+AZGmK3kJoBjvuPo3MPreT6USezOxU4
|
||||||
|
9FBzw8f8OkK7GjsaQmGsxcA2psikM5m1PUH7y25FjJ8
|
||||||
|
-> xcW-grease {
|
||||||
|
AlrvkkEQarwKE6I3RwJNWZY
|
||||||
|
--- ooZpCcqAvJlfd1J1Mig6D/9DfL8i3Yp2m0wmck0d/SE
|
||||||
|
<EFBFBD>.¤¾W°‚<MŽÙ¥5‚Žçþ÷è¸s´:˜ŒŽèè8yYû_H‰1¨xrÎ`%mLñåÁÔf
|
Binary file not shown.
|
@ -6,5 +6,7 @@ let
|
||||||
sail = [ user-daniel system-sail ];
|
sail = [ user-daniel system-sail ];
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
|
# sail
|
||||||
"agenix/hosts/sail/freshrss/userPassword.age".publicKeys = sail;
|
"agenix/hosts/sail/freshrss/userPassword.age".publicKeys = sail;
|
||||||
|
"agenix/hosts/sail/freshrss/databasePassword.age".publicKeys = sail;
|
||||||
}
|
}
|
||||||
|
|
|
@ -14,8 +14,8 @@
|
||||||
type = "pgsql";
|
type = "pgsql";
|
||||||
host = "10.99.99.3";
|
host = "10.99.99.3";
|
||||||
port = 5432;
|
port = 5432;
|
||||||
inherit (secret.freshrss.database) user;
|
user = "freshrss";
|
||||||
inherit (secret.freshrss.database) passFile;
|
passFile = config.age.secrets.freshrss-database-password.path;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue