c3d2/nix-config
c3d2
/
nix-config
24
7
Fork 3
Code Issues 12 Pull Requests 2 Releases Wiki Activity

adding secrets for dnpass

This commit is contained in:
Tassilo - 2022-12-18 20:16:24 +01:00
parent 16351819ca
commit 1fce631c24
Signed by: revol-xut
GPG Key ID: 4F56FF7759627D07
2 changed files with 12 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
hosts/mailtngbert/default.nix
View File

@ -6,7 +6,8 @@ let
ldap-auth-config = pkgs.writeText ''
hosts = auth.c3d2.de
dn = uid=search,ou=users,dc=c3d2,dc=de
dnpass = #add cat sops help where credential sandro help
!include ${config.sops.secrets."ldap/search-user-pw".path}
auth_bind = yes
auth_bind_userdn = uid=%u,ou=users,dc=c3d2,dc=de
ldap_version = 3
@ -46,6 +47,11 @@ in
};
};
sops.secrets."ldap/search-user-pw" = {
owner = config.systemd.services.dovecot2.serviceConfig.User;
group = config.systemd.services.dovecot2.serviceConfig.Group;
};
services = {
postfix = {
enable = true;

9
hosts/mailtngbert/secrets.yaml
View File

@ -1,4 +1,5 @@
mock-data: ENC[AES256_GCM,data:fQ88gg==,iv:TphtBcDzX9xHW8eu4BwyitiOg6D6pnTRUrVtMUOjKTo=,tag:v4xjJNFTKyA7kbjeXDDz7w==,type:bool]
ldap:
search-user-pw: ENC[AES256_GCM,data:Pd6Qy8Ilu1RAkIOnpHNoGV+VBNCg/IAl9InWOGDlsTSbDVqK4B5aUmX2sl0=,iv:nZQwmiWJtQ4AmzAgv3Fhh625K11U4uxTCE6Rj5okRns=,tag:v9pVGrSQoaGGYG5X8wUyoA==,type:str]
sops:
kms: []
gcp_kms: []
@ -23,8 +24,8 @@ sops:
bTBPcjZCZFNBWWtUVGNRUWE4eTA1ZjgKF4qoSyKCL2ytTf5vZRVLFr89R5/7HCji
hsPXdE607b+s5PAaOPMWF8Zfy7QJr6hqG9+Pbr4FnGB5nTvTsO5d3Q==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2022-02-25T18:51:17Z"
mac: ENC[AES256_GCM,data:/xwOBXbYBd9TqosVFDEAyjVBOcZ1NdxNEz5nTmaFwiBHJSICflX54YSx+1QT44jFCkDFdvf3ZSojZ/bJ9EBsGZycaa4dQvReF5jjMnDzdwPvf+R84F/QuyHZTNnxXfneXUP9SWcenREr/ku/96x7ignKg1n4YsRq1hiot4W8sFk=,iv:7gzXGTlZ+A6ihSF6B94ttyWlREXLTUJukv45nBYPVKI=,tag:E3zlnQrMs0gCNdeuX2Bmfw==,type:str]
lastmodified: "2022-12-18T19:16:04Z"
mac: ENC[AES256_GCM,data:7bqWB5fzhL6J18vak2pfW0Oq8mo0iLiHefCYEklTcUVVHOJy//hO9yw95gjUpGyq6Fx77SKOgu7SaM2bnBOTSdbvoz3mUsUZUUztSlJ+vrXNeD2tNHES6laa3W+lxDwl4WYOz5rPM5oOo0jWuMkIayE+fYC6d21AK8H910fdMjQ=,iv:tYIt1vi4FQezs7LoLXiF4J++KHUOQV8tYfap3l072zY=,tag:Pu0pXHG3WI1WoWXwCvKAXg==,type:str]
pgp:
- created_at: "2022-07-15T23:32:09Z"
enc: |
@ -179,4 +180,4 @@ sops:
-----END PGP MESSAGE-----
fp: 91EBE87016391323642A6803B966009D57E69CC6
unencrypted_suffix: _unencrypted
version: 3.7.1
version: 3.7.3