From c360bfe68b56e4eb9eb0971cb4398c70937f7486 Mon Sep 17 00:00:00 2001
From: Alexander Heldt <me@alexanderheldt.se>
Date: Sat, 31 Aug 2024 11:53:59 +0200
Subject: [PATCH] backwards: Add secrets for `syncthing`

---
 hosts/backwards/modules/syncthing/default.nix |  12 +++++++++++-
 secrets/backwards/syncthing-cert.age          | Bin 0 -> 1115 bytes
 secrets/backwards/syncthing-key.age           | Bin 0 -> 609 bytes
 secrets/secrets.nix                           |   2 ++
 4 files changed, 13 insertions(+), 1 deletion(-)
 create mode 100644 secrets/backwards/syncthing-cert.age
 create mode 100644 secrets/backwards/syncthing-key.age

diff --git a/hosts/backwards/modules/syncthing/default.nix b/hosts/backwards/modules/syncthing/default.nix
index 177406c..8dbbb58 100644
--- a/hosts/backwards/modules/syncthing/default.nix
+++ b/hosts/backwards/modules/syncthing/default.nix
@@ -1,12 +1,22 @@
-{ ... }:
+{ config, ... }:
 {
   services.syncthing = {
     enable = true;
     openDefaultPorts = true;
 
+    cert = config.age.secrets.syncthing-cert.path;
+    key = config.age.secrets.syncthing-key.path;
+
     user = "alex";
     group = "users";
 
     dataDir = "/home/alex/sync";
   };
+
+  age = {
+    secrets = {
+      "syncthing-cert".file = ../../../../secrets/backwards/syncthing-cert.age;
+      "syncthing-key".file = ../../../../secrets/backwards/syncthing-key.age;
+    };
+  };
 }
diff --git a/secrets/backwards/syncthing-cert.age b/secrets/backwards/syncthing-cert.age
new file mode 100644
index 0000000000000000000000000000000000000000..2808be147c6dbb6cbf784281509e5c48d7d23179
GIT binary patch
literal 1115
zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCR+C^hg1PggMTjtue5
z@G>_Kamg%*$V@d&HBB-}%=F1ItI8=XFV8P7sdP&#_boKd3goKF4K1<=F!V3bE-*^e
z4lMR_Dlbh=FE=qMDKQK)F|^3c&kk`jEY8bvk3_dkJKrzSBTyl-z{1im&B!~%E59Vq
zIl!_aJWbytt0K=R&DF)R)YmW2IVa68yC@^j!-C7yFW4o@s7l)>(Z#VOFWlTT(K*1q
zs-P?=$iS^ERNu(cv%)OVJGa2cz?Dl^S69J1!#S%Yv&b~f&(Jm4$RsDQ$|B7$#LV0v
zu{_<N)V$28q%b5S%E&*$J&-G@{%6-8b`7nQY4uYNM;sKmu70NWk^F5z`&CzaHYhtf
zxt$Q}mws5BQnQb3;b(4}({s+Aj!9nRKlP~Ls^w2k@9Z*QcU<|_Ir95txsaCnHZP+O
zQN1}|<Da#J7(9=XO22aCt7_)go6NKGcdcZt-Mna-m0WH0{$=x5cO39n;=ORCA!VwR
zdS#8<^^Xw^$sBX<_~$;E9_9JL_+ZM{y?2ziUf_A_<d%5rO7+yEr-VMPR4mi7+Noae
zyz=2!6QRvKov;5?7P`5<V1FU*xAElPlmA5(s<RDVI!B9tJu-dq?zbN{2c44J+i<<|
z>ObM$!d8b<WtvPUTU^t4%owUC<~?|77PYHPsZcS(zp6|3QI_3gt<nuVam{usZrjhV
zEOZcO(0Mt%|Hdaz6~V7@tBPOD3QXGWd{le>Q`sB6+4IE}xFpX^n8@{ivLK)8#*W|}
zuY&@`vL*GI&)Gz$vhK4xIJJM}g1a)z`F}1PTpKIScreZ7+IK_aq`XYwO-vWB8sC?w
zN}a8k>9H^O-rT<x`kNZQZPj>aq_yvyi`hD<hM7+)6drlW`|oKr<gUv+cd~uI?Ux@8
z&uh+fxc9`!{9JozrO1?{`h9nUbY9>2en8;o&EE@Dmg}yvV{zId|8wf~uPRftL>LU_
zay(lnY9~?}X`CI>;^llil=Y&~muqSVKA$<^`A6npQ2DGx(f_t8XI0KJyWN-jvq<T*
zNbTHoZBzCI%U|oT+_+;UW60@v_eOLAZ-Cc=^mo;pf1du%*1jmWEbQMB$MQYyQ;Nc*
zlp}R-FBcUy`Ez}jcG!I$w#`*H9xi42v}M-n%#tu?q1fOvmb2`5OALeJrZ`8px!il#
z_MBz;{?yip45J67MZ%$3Dk}u<sQkZl^Kt2%tQVWv9;jwibU)E{UKVgz?7O}=<FD73
zziI1Ps+Db6+ZUWs935)-oz?A4{q6gaduq(<Qu@=<8V=i9Fi&GYZ8OVj&i#^7W63~W
zlij^9O3r0WYEih+uA0MfEy#3d$EJKMb&WvTrE6l_ZvHRUP&ZCpP`br@`u^JIyUiTb
z-sxZb<|!Yms&PL!(M|Wl<27>`cPP$0vgp<NpOZ>zPH@dT|9WDec%IppJN&w~u8S?1
G3giH`{_Fq%

literal 0
HcmV?d00001

diff --git a/secrets/backwards/syncthing-key.age b/secrets/backwards/syncthing-key.age
new file mode 100644
index 0000000000000000000000000000000000000000..9b23e857cf0bbbc51645711d8a7d2fb4bc83a1f3
GIT binary patch
literal 609
zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCR+C^hg1PggK33oZ@G
zDl#gM@(d{|aB&RD%gW4k_wjZOb~6w2G4m|;3^Dh}O3EwGGvLZ}GIunL%nmk7Pfn^b
zuuO``Ne=g}Ob#qawn)iNuP83p_6i8f(GN2;4n((2JKrzSBTykAEvmpE#UiC5#k`=P
zI5;RgSHC38A}A;)xHKdxxjZy0tEAj0#iuga(Uq&jt<bQ%AjjM^*)q#F*gH8bHNY$?
z*v~N|qo_1HAUH$YDBH;}HOweG$%0E)S69KUqOhnW#m(GE-_SR)D80-u)I6goG*CM{
zE6LqOKgTaW(ln|p%`HVctC&mg=(1HTAJ{uhSr)#Qbtpbu)*`|k5S{phPiW3r6Z;)b
zSD!q~VsT#bt~x<?+jf<O(x-O!F!mhKz9lMIdE#$r)WMalEdi%K>eZ|<TaYpN-ILnO
zU8>BFDvTH`o+(@r>b9S?*Z6Q1ll%r}p@|P?E?Hdv_3$1y(|Ly#G{P8meyKh1$3=@T
z`HgK^PV0A<sGqsbMX~aXYBM%fEnas!A@^DB%$Rk)f-idGr0)AhH3u(_=3<FHc{ne4
z+oGTU-I%AZ6ZbGQsrSy}{1eJGBa`ET-G_kP!Xi4|Ol5sKIdy4_yMyCWb{)uI32~0u
zETItk`Au`z#Mq$TEsnZ#?@heuGABe|{nvrK<BZqOiR;&OUx?T4R&>-qpI$A{xjJ!5
tSDe@hnVGRGR%F+zT?)$+@eb5e+j`G_OY!#hhvA1ZqNdkLxSQO(4FE3(@z?+W

literal 0
HcmV?d00001

diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index bda13c2..db58d11 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -31,6 +31,8 @@ in {
 
   "backwards/root.backwards.age".publicKeys = [ backwards alex ];
   "backwards/root.backwards.pub.age".publicKeys = [ backwards alex ];
+  "backwards/syncthing-cert.age".publicKeys = [ backwards alex ];
+  "backwards/syncthing-key.age".publicKeys = [ backwards alex ];
   "backwards/alex.backwards-codeberg.org.age".publicKeys = [ backwards alex ];
   "backwards/alex.backwards-codeberg.org.pub.age".publicKeys = [ backwards alex ];
   "backwards/wpa_supplicant.conf.age".publicKeys = [ backwards alex ];