forked from Deuxfleurs/nixcfg
30 lines
616 B
TOML
30 lines
616 B
TOML
|
[service_user."plume"]
|
||
|
password_secret = "plume/pgsql_pw"
|
||
|
|
||
|
|
||
|
[secrets."plume/secret_key"]
|
||
|
type = 'command'
|
||
|
rotate = true
|
||
|
command = 'openssl rand -base64 32'
|
||
|
|
||
|
|
||
|
# Plume backup
|
||
|
|
||
|
[secrets."plume/backup_restic_repository"]
|
||
|
type = 'user'
|
||
|
description = 'Restic repository'
|
||
|
example = 's3:https://s3.garage.tld'
|
||
|
|
||
|
[secrets."plume/backup_restic_password"]
|
||
|
type = 'user'
|
||
|
description = 'Restic password to encrypt backups'
|
||
|
|
||
|
[secrets."plume/backup_aws_secret_access_key"]
|
||
|
type = 'user'
|
||
|
description = 'Backup AWS secret access key'
|
||
|
|
||
|
[secrets."plume/backup_aws_access_key_id"]
|
||
|
type = 'user'
|
||
|
description = 'Backup AWS access key ID'
|
||
|
|