{ config, ... }: { ## @TODO: What to do about owner field an restartUnits? ## This file should probably be generated by the homefree repo ## In fact everything in this repo should be generated by ## the config editor in homefree repo. sops.secrets = { "authentik/authentik-env" = { format = "yaml"; sopsFile = ./secrets/authentik.yaml; owner = config.homefree.system.adminUsername; path = "/run/secrets/authentik/authentik-env"; restartUnits = [ "authentik.service" ]; }; "authentik/authentik-ldap-env" = { format = "yaml"; sopsFile = ./secrets/authentik.yaml; owner = config.homefree.system.adminUsername; path = "/run/secrets/authentik/authentik-ldap-env"; restartUnits = [ "authentik-ldap.service" ]; }; "authentik/postgres-password" = { format = "yaml"; sopsFile = ./secrets/authentik.yaml; }; "backup/restic-password" = { format = "yaml"; sopsFile = ./secrets/backup.yaml; owner = config.homefree.system.adminUsername; path = "/run/secrets/backup/restic-password"; restartUnits = [ "restic.service" ]; }; "ddclient/ddclient-password" = { format = "yaml"; sopsFile = ./secrets/ddclient.yaml; owner = config.homefree.system.adminUsername; path = "/run/secrets/ddclient/ddclient-password"; restartUnits = [ "ddclient.service" ]; }; "linkwarden/env" = { format = "yaml"; sopsFile = ./secrets/linkwarden.yaml; owner = config.homefree.system.adminUsername; path = "/run/secrets/linkwarden/env"; restartUnits = [ "linkwarden.service" ]; }; "nextcloud/admin-password" = { format = "yaml"; sopsFile = ./secrets/nextcloud.yaml; owner = "nextcloud"; path = "/run/secrets/nextcloud/admin-password"; restartUnits = [ "nextcloud.service" ]; }; "nextcloud/secret-file" = { format = "yaml"; sopsFile = ./secrets/nextcloud.yaml; owner = "nextcloud"; path = "/run/secrets/nextcloud/secret-file"; restartUnits = [ "nextcloud.service" ]; }; "tailscale/key" = { format = "yaml"; sopsFile = ./secrets/tailscale.yaml; owner = config.homefree.system.adminUsername; path = "/run/secrets/tailscale/key"; restartUnits = [ "tailscale.service" ]; }; }; }