lew/nixos
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat: adds telegram-bot-token via sops

Browse source
This commit is contained in:
Lewis Wynne 2026-04-10 03:30:57 +01:00
parent c86f305071
commit e819939002
2 changed files with 34 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

11
hosts/lab/guestbook.nix
View file

@ -1,5 +1,11 @@
{ guestbook, ... }:
{ guestbook, config, ... }:
{
sops.secrets.guestbook-telegram-token = {
sopsFile = ../../secrets/guestbook.yaml;
key = "telegram_bot_token";
owner = "guestbook";
};
services.guestbook = {
enable = true;
package = guestbook.packages.aarch64-linux.default;
@ -27,7 +33,8 @@
maxDuration = 20;
};
telegram = {
enable = false;
enable = true;
botTokenFile = config.sops.secrets.guestbook-telegram-token.path;
chatId = 8669496383;
};
security = {

25
secrets/guestbook.yaml Normal file
View file

@ -0,0 +1,25 @@
telegram_bot_token: ENC[AES256_GCM,data:hCjAHXaiN4/A/LvW8O7ccMShXDjdPksO3RvfaRbPmbPnJpTIqqZj8hOb1Cczcg==,iv:n/VmfjCJy5HeddFbv1xn1MhEj+u4frV84G5/++4+ARk=,tag:s7ioRgR31lVfW6GEb9NVpg==,type:str]
sops:
age:
- recipient: age1r8h6gy2f4mu8xvx609qeadl82v2hua74xaevsp982zyfh4tm9qlsu80s0f
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGZDhNS1o5ZnFrUG5qclk2
VUc1eTAraGxBUUgyMWtMczdaU1dwSGREc2lNCjRKZEs2Tmd0dCtoOVdBN3lzNCtG
VS9kV3BWRUVpM00wY21DL2VSSHF2ZVkKLS0tIEthYTRueUUwVmRrcTEvdEJ4RHll
aUNRUi9jajdZTTlTVzk4ekFnRUlsYUUKZm1mnBMntmOL6TdeDOX1qV2bU2Z1SF4P
KKIkqXOxIwk7esqLN+PxLrPL+9oB6U02EDkmZDhBFmpinLus+G2/fQ==
-----END AGE ENCRYPTED FILE-----
- recipient: age1nq4z2ms4vruhces2f8e7tvgsr0pfg5ha92w0hrmde3n2ulxe4qhqxv05xl
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGL2lDWDg4c2lndTgxN0Q3
QlA5RHFtZFJMVTliMDdBME1aSGhnd2ppWUdrCkJXRjZPcGNUT3owZ2lPU1BOa2lY
a05TV3JyaUJkdm1mTmRXRndVQmRGTTgKLS0tIDcyZi9TbmNsb3VFUnk3UDh6T2U5
WFdLaXM3OXhjcVV4ZTFnTXhHVGcydlkKlHlLddAHeX5wqLZKgx/KrG8oAD/+QEjJ
9LbQ5lkK+dWjX484zIOEAHLZxZwJ7+jagtsXBeIO72sQOdu6fkbHSA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2026-04-10T02:28:42Z"
mac: ENC[AES256_GCM,data:wWh5MSYVlF9nkaxAR9XP4pXj9wzIltY0Pp8S2Ks+mdFoC1i1JoNIsEQ0CMlCI6uE+ok1q6d4SI72RIYz4bWqXCrQKWBFlgDbeBIY/a7j9WNUAXjtC7QsVk7nWUeaPOCVJoxmmbYMyzcOjAy+a7Bm5F1s3xauGwlX9eL5X3PwBbg=,iv:Z1/5mJPJlRDemD9yFlYSYliBQNWiaV1WchpREV39xYE=,tag:IjKdrkjTArJ6gKiYaX5U+g==,type:str]
unencrypted_suffix: _unencrypted
version: 3.12.2