Recreated options

2025-08-29 11:05:27 +02:00 · 2025-08-29 11:05:27 +02:00 · fc8178ed80
commit fc8178ed80
parent 0b839e082a
22 changed files with 325 additions and 205 deletions
--- a/secrets/bread-dcbot.age
+++ b/secrets/bread-dcbot.age
--- a/secrets/dcbot.age
+++ b/secrets/dcbot.age
@ -1,16 +0,0 @@
-age-encryption.org/v1
-> ssh-ed25519 GQzYWA a0CqbXhMIeFmKsMSnQzPWJcdi0hH8caayThGHtKNdjc
-ZfRN0ukqXH8L1E1pWBU+tw0LmPxsb6/4FoeERCKEYCk
-> ssh-ed25519 MfR7VA WO0CmKh4CQY1ZLtgDbGIhxfbC8C/C9Vw4p4UGkZTzSs
-0oQbzzz8A6WJRbFqEPR6WStMRRGtFy2eEXIJ1WCqvIg
-> ssh-ed25519 +cvRTg ZYBJwTDV8zwZIpqY7sZIszS3saww0OV4RwVREVNxWHg
-PW9gzG2odI4G2I5zz+Gr2vaouPB6796RWDJzYZNFREQ
-> ssh-ed25519 WCPLrA p8I1d6YXg5pN6Ljeq/wsY5jj4rPaSvD+/au+vEUsgh4
-U0aiqeildEqF8SNh0L4hGIq3rQxY4HcSnDvluwldDpQ
-> ssh-ed25519 7/ziYw 7DGE8Zr0qMGh3P5lUSRYT+AdgRges037cLjHbbPPnTc
-daC7dau5IHSZr/HmjszbWrQNsVJOQILqNS/Yn1YE/zM
-> ssh-ed25519 VQy60Q cAuS4VLmDC9iCZ+7e+/5WVIxrvBa7ZChCz2pPSSY/TY
-ut6SAJSZMm9/YElx7SShyMufrBYAlb/IyQp0g4ADMa4
--- DQrDZ/cXaadnKTDN8MrGuTokHttdMbOzs2IPYTIOPw4
-Ôú9èçEJG($Ç'_±z·3õ<33>§!;\Ûkç<6B><C3A7>IâEæ3„%”!zŒíÄþO£‚ôŠú«*’®ÂÂãÝ.,ó	à•…`û+',À*ÝÞÄÑml%g?â¥0°'ñ-<MíwYŒj]SR‡aÕ©V–£Í(çk”—yü6Â@`j9jÈ~¨[úò_º½Dz±¨Ìd^¨"\Ú7ÍóéÔîlóÂþO#ÇƒÏcW=ô‚a~K],0![ßG¨~4ª™!XÅ›Ê|ÿó·(CÌ4)g^-¢5D”n¶lI·m C§,ê-9ƒš4¢åÓbI:–	1áõÝUx»ôe¡ôMÄêã’¡X(¯ÿÊ¼5²mí‚Œ[ÖBXHãâ f_ä‹J{Ôuóf<C3B3>OT”D^¸*Y3³-<2D>ƒ•³ƒŠ¹e-OB¤t
Á‘.Qaáˆ²{m¼ð$W7ÝL>r¿Â•'‰>€b6º¹D©;w*.uYž‡µ°÷ÃXß`A**Œ2¨$T<>ïtÔŒM<C592>Â_1NÜÆ‹dã 
-<06>@cJsÎåtÄ,Ð…hÏïaº¯ÇJŠ<4A>pØå§j:æ¼sG@P/¼¾LœÜ4˜¥ö>XRÞ{f¶íJB>ƒ–Ãzï&÷ÖÀ;|’‚û«v‹œÎçÎšJ<C5A1>ÙS•¥Úì±Î¶AÄ,7ÉE{MEõwí<77>PªÉ:ÿG‰òcœŠYžR¯ç³³ z£@³Xô„æÕ<C3A6>*½j%MM•ÄµšB¦´`HzŸéÝSëKUWy+xûGÇDåÈ“¯Ém÷ï~›¬Ö›êóÉû¹‰·>ó%Î]RƒŸ;9”–¶¿8åœV…¾ÉL›c (<28>RÌXäRùrŽl˜!eSAÊ§G3jhw¼œ•˜ƒ»£ª›Ò,ã2b1
--- a/secrets/default.nix
+++ b/secrets/default.nix
@ -14,35 +14,35 @@ in {
    password.file = ./password.age;

    # NOTE: server things
-    dcbot = mkIf server {
-      file = ./dcbot.age;
-      owner = serviceUser "dcbot"; #
+    jsw-bot = mkIf server.jsw-bot.enable {
+      file = ./jsw-bot.age;
+      owner = serviceUser "jsw-bot"; #
    };
-    bread-dcbot = mkIf server {
-      file = ./bread-dcbot.age;
-      owner = "bread-dcbot";
+    derek-bot = mkIf server.derek-bot.enable {
+      file = ./derek-bot.age;
+      owner = "derek-bot";
    };
-    matrix-registration = mkIf server {
-      file = ./matrix-registration.age;
-      owner = abstrServiceUser "matrix-continuwuity";
-    };
-    mail-admin = mkIf server {
+    # matrix-registration = mkIf server.matrix.enable {
+    #   file = ./matrix-registration.age;
+    #   owner = abstrServiceUser "matrix-continuwuity";
+    # };
+    mail-admin = mkIf server.stalwart.enable {
      # owner = serviceUser "stalwart-mail"; #FIXME: revert when stopped using docker for stalwart.
      file = ./mail-admin.age;
    };
-    zitadel-key = mkIf server {
+    zitadel-key = mkIf server.zitadel.enable {
      file = ./zitadel-key.age;
      owner = abstrServiceUser "zitadel";
    };
-    forgejo-mailpass = mkIf server {
+    forgejo-mailpass = mkIf server.forgejo.enable {
      file = ./forgejo-mailpass.age;
      owner = abstrServiceUser "forgejo";
    };
-    immich-oidc = mkIf server {
+    immich-oidc = mkIf server.immich.enable {
      file = ./immich-oidc.age;
      owner = abstrServiceUser "immich";
    };
-    nextcloud-admin-pass = mkIf server {
+    nextcloud-admin-pass = mkIf server.nextcloud.enable {
      file = ./nextcloud-admin-pass.age;
      owner = "nextcloud"; #NOTE: not a clear 'nextcloud.service' or 'services.nextcloud.user'.
    };
--- a/secrets/derek-bot.age
+++ b/secrets/derek-bot.age
--- a/secrets/jsw-bot.age
+++ b/secrets/jsw-bot.age
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@ -14,8 +14,8 @@ let
  keys = users ++ devices;
 in {
  "password.age".publicKeys = keys;
-  "dcbot.age".publicKeys = keys;
-  "bread-dcbot.age".publicKeys = keys;
+  "jsw-bot.age".publicKeys = keys;
+  "derek-bot.age".publicKeys = keys;
  "matrix-registration.age".publicKeys = keys;
  "mail-admin.age".publicKeys = keys;
  "zitadel-key.age".publicKeys = keys;