@jaspermayone.com's dotfiles
add witcc cf cred
+22
-4
+10
-4
hosts/alastor/configuration.nix
+10
-4
hosts/alastor/configuration.nix
···
152
152
file = ../../secrets/cloudflare-credentials.age;
153
153
mode = "400";
154
154
};
155
+
cloudflare-credentials-witcc = {
156
+
file = ../../secrets/cloudflare-credentials-witcc.age;
157
+
mode = "400";
158
+
};
155
159
bore-token = {
156
160
file = ../../secrets/bore-token.age;
157
161
mode = "400";
···
325
329
virtualHosts."strings.witcc.dev" = {
326
330
extraConfig = ''
327
331
tls {
328
-
dns cloudflare {env.CLOUDFLARE_API_TOKEN}
332
+
dns cloudflare {env.CLOUDFLARE_API_TOKEN_WITCC}
329
333
}
330
334
header {
331
335
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
···
339
343
virtualHosts."server-calendar.witcc.dev" = {
340
344
extraConfig = ''
341
345
tls {
342
-
dns cloudflare {env.CLOUDFLARE_API_TOKEN}
346
+
dns cloudflare {env.CLOUDFLARE_API_TOKEN_WITCC}
343
347
}
344
348
header {
345
349
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
···
353
357
};
354
358
};
355
359
356
-
systemd.services.caddy.serviceConfig.EnvironmentFile =
357
-
config.age.secrets.cloudflare-credentials.path;
360
+
systemd.services.caddy.serviceConfig.EnvironmentFile = [
361
+
config.age.secrets.cloudflare-credentials.path
362
+
config.age.secrets.cloudflare-credentials-witcc.path
363
+
];
358
364
359
365
networking.firewall.allowedTCPPorts = [
360
366
80
+7
secrets/cloudflare-credentials-witcc.age
+7
secrets/cloudflare-credentials-witcc.age
···
1
+
age-encryption.org/v1
2
+
-> ssh-ed25519 1uIO/w VNKWu1fIQfh1dlB3OzF8KQ5PQvS4YnvKPBJWI/6elGc
3
+
kVYH+vbOidRVYN78ex9/cN0FVNOHKohJ7nSvltRGkxE
4
+
-> ssh-ed25519 U0D80g NqDVCXVo3cc/hiIpbDh940E+aqEix+1rYYZffs/Rdlk
5
+
Va39GSIbMqm+3ymzYARF+ph/A28x3/eoxaqCCgYFeyU
6
+
--- e6YXm8B4FQKP3y/08DwKiQoUbBlFXZ4iHgBN6AB09F4
7
+
�����
p��(����T,�8��V{��q�m �P�{�X?�!�(���犌Y�d�.�"~X��> �456A�M
+5
secrets/secrets.nix
+5
secrets/secrets.nix