diff --git a/modules/extras/variables/secrets/default.nix b/modules/extras/variables/secrets/default.nix new file mode 100644 index 0000000..ad5fe43 --- /dev/null +++ b/modules/extras/variables/secrets/default.nix @@ -0,0 +1,56 @@ +{ lib, config, ... }: +{ + options.secrets = lib.mkOption { + type = lib.types.attrs; + default = {}; + }; + + config.secrets = { + # User passwords, generated with 'mkpasswd -m sha-512' + jimboAccPass = "$6$gYpE.pG/zPXgin06$2kydjDfd0K62Dhf9P0PFvJhRNz6xIC/bHYaf/XYqyKcLyZNzPQpy8uy9tCRcSYlj1wwBhzVtTRyItwajOHCEj0"; + + # Cloudflare API key + flareApiKey = "ICUi1Zj0e_boCkeUJbXP9dJusv_qX_zhKWQGPcFe"; + + # Wireguard keys, generated with the wg command + wgServerPriv = "WHxxi53Yp8NRZhT+BQnvC62BckOeG1x2SOvkWlm0tGo="; + wgClientPriv = "MK9j0eYlgv+MZ9sSYO6C3lfqScpLPwcBqEckJ7o7tU4="; + + # Icecast, plaintext + castAdminPass = "Gw9P8tW$omeq#reZA$b^jDy9VN"; + castSourcePass = "KkFDeM0SHIL*s6!d4x*a4b#bcq"; + + # Photoprism, plaintext + prismAdminPass = "gr3SkIqSBjDmypyxU!Zj9*CJ4X"; + + # Matrix secrets + matrixSecret = "bea7db528a95d8225c5fe6bf92614816fe9d31496b510dff78b1608cfb36f82a"; + coturnSecret = "@OvhK7r4wu!71d9dcmQ$Z6PkqA#LP0niyJHLTiMVJFILo7@6ks3wwmjWJ*zDBV43"; + + # Pixelfed secret, must be 32 characters long + pixelfedKey = ''APP_KEY=W9qein6055k9GdvwGbdJ6WxQ71Lr51cQ''; + + # Transmission credentials, plaintext + transmissionCredFile = '' + { + "rpc-username": "jimbo", + "rpc-password": "w%QbIEZhoi4jh*j*PKaZLkKk96" + } + ''; + + # Email cleartext passwords + noreplyPassword = "5mpEp3P^n6A%r3fznJA5"; + + # Email account hashes, generated with 'mkpasswd -m bcrypt' + noreplyMailHash = "$2b$05$7VibcFKXy5Ff9sUMh3KWBeSXkInXNeaADa71Md/swt5RCk5s7UnM2"; + jimboMailHash = "$2a$12$vHeFInRpfp.lpfR/k8ptNecs3ztKjkRTr9hae0DP8yEN1ZHKM2sxe"; + lunaMailHash = "$2y$10$ksBfmuuojCWnzFqpBDoE/OoGZyqfP.Luo2il7wWcqHemHgqhpQdi6"; + cornMailHash = "$2b$05$qpG1aOA2tv3zLjzwh8/kyO3zZ8BZxvXcav0ioX7Y3Tps0tyhE/c7q"; + tinyMailHash = "$2a$12$beq/ZO3hRz5mmGe9Cvvx8u/sNJcjVHlQQ5axv8IBmdJav60n7fuK6"; + + # IPs + jimIP = "99.247.177.43"; + lunaIP = "71.87.124.226"; + cornIP = "24.66.98.13"; + }; +}