nixfiles/hosts/raspberry/secrets.nix

{...}: {
  services.secrets = {
    enable = true;

    vaultLogin = {
      enable = true;
      loginUsername = "raspberry";
    };

    # some are also added from wireguard internal config
    requiredVaultPaths = [
      "private-public-keys/data/cryptsetup/raspberry-ext-drive" # used dynamically

      "api-keys/data/hetzner/storagebox" # also used dynamically
    ];

    secrets = {
      vault_password = {
        manual = true;
      };
    };
  };
}
start work on hetzner-arm for real now 2023-09-20 18:44:24 +01:00			`{...}: {`
add vaultui flake, minor tidying, start work on raspberry machine 2023-09-13 16:21:54 +01:00			`services.secrets = {`
			`enable = true;`
piped-proxy on raspberry 2023-09-14 19:44:27 +01:00
major tidy 2023-09-18 03:56:58 +01:00			`vaultLogin = {`
			`enable = true;`
			`loginUsername = "raspberry";`
			`};`

start work on hetzner-arm for real now 2023-09-20 18:44:24 +01:00			`# some are also added from wireguard internal config`
piped-proxy on raspberry 2023-09-14 19:44:27 +01:00			`requiredVaultPaths = [`
			`"private-public-keys/data/cryptsetup/raspberry-ext-drive" # used dynamically`
start work on hetzner-arm for real now 2023-09-20 18:44:24 +01:00
lots of misc changes with wireguard and whatever 2023-09-16 16:06:16 +01:00			`"api-keys/data/hetzner/storagebox" # also used dynamically`
piped-proxy on raspberry 2023-09-14 19:44:27 +01:00			`];`

add vaultui flake, minor tidying, start work on raspberry machine 2023-09-13 16:21:54 +01:00			`secrets = {`
major tidy 2023-09-18 03:56:58 +01:00			`vault_password = {`
more work on raspberry's drive 2023-09-13 19:26:50 +01:00			`manual = true;`
			`};`
add vaultui flake, minor tidying, start work on raspberry machine 2023-09-13 16:21:54 +01:00			`};`
			`};`
			`}`