feat: inital public commit

2025-08-15 19:54:31 -04:00
commit 00315a990a
55 changed files with 2527 additions and 0 deletions
--- a/host/ark/sops.nix
+++ b/host/ark/sops.nix
@@ -0,0 +1,50 @@
+{ config, ... }:
+{
+  sops = {
+
+    defaultSopsFile = ../../secrets/sops/host/ark/default.yaml;
+    validateSopsFiles = false;
+
+    age.keyFile = "/var/lib/sops-nix/key.txt";
+
+    secrets = {
+      "host_age_key" = {
+        path = "/var/lib/sops-nix/key.txt";
+      };
+
+      "restic-password" = {};
+      "tunnel-credentials" = {};
+      "admin-password" = {};
+
+      "waka-password-salt" = {
+        owner = config.users.users.wakapi.name;
+      };
+
+      "photos/clientId" = {
+        sopsFile = ../../secrets/sops/host/ark/oauth.yaml;
+      };
+      "photos/clientSecret" = {
+        sopsFile = ../../secrets/sops/host/ark/oauth.yaml;
+      };
+
+      "git/clientId" = {
+        sopsFile = ../../secrets/sops/host/ark/oauth.yaml;
+        owner = config.services.gitea.user;
+      };
+      "git/clientSecret" = {
+        sopsFile = ../../secrets/sops/host/ark/oauth.yaml;
+        owner = config.services.gitea.user;
+      };
+
+      "docs/clientId" = {
+        sopsFile = ../../secrets/sops/host/ark/oauth.yaml;
+        owner = config.services.outline.user;
+      };
+      "docs/clientSecret" = {
+        sopsFile = ../../secrets/sops/host/ark/oauth.yaml;
+        owner = config.services.outline.user;
+      };
+
+    };
+  };
+}