adtya/configuration.nix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

cleanup secrets

Browse source
This commit is contained in:
Adithya 2024-06-25 21:51:21 +05:30
parent c966a0cbaf
commit 299c2ca1dc
Signed by: adtya
GPG key ID: B8857BFBA2C47B9C
3 changed files with 4 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
.sops.yaml
View file

@ -1,11 +1,9 @@
keys: keys:
- &age_key age1w5rvr4nl8xvjjxpct4e2a2eajvm79v4r9nyxrcn40fm8d7h9l9cqkk0jtt
- &skipper_host_ed25519 age1mhks8qmhjrtc2u5ufvp3pv2hn7tkadvmscnp7wd0ywmnse0szctqsnpy0a - &skipper_host_ed25519 age1mhks8qmhjrtc2u5ufvp3pv2hn7tkadvmscnp7wd0ywmnse0szctqsnpy0a
- &rico1_host_ed25519 age1q6g2czy468c3fcdwvafru6rzhmr2edd8mzhjfs6mevhmt7z2zdsswnwe77 - &rico1_host_ed25519 age1q6g2czy468c3fcdwvafru6rzhmr2edd8mzhjfs6mevhmt7z2zdsswnwe77
creation_rules: creation_rules:
- path_regex: secrets.yaml - path_regex: secrets.yaml
key_groups: key_groups:
- age: - age:
- *age_key
- *skipper_host_ed25519 - *skipper_host_ed25519
- *rico1_host_ed25519 - *rico1_host_ed25519

1
common/secrets.nix
View file

@ -2,7 +2,6 @@
sops = { sops = {
defaultSopsFile = ../secrets.yaml; defaultSopsFile = ../secrets.yaml;
age = { age = {
keyFile = "/persist/secrets/sops/age/keys.txt";
sshKeyPaths = [ "/persist/secrets/ssh/keys/ssh_host_ed25519_key" ]; sshKeyPaths = [ "/persist/secrets/ssh/keys/ssh_host_ed25519_key" ];
}; };
secrets = { secrets = {

8
secrets.yaml
View file

@ -1,6 +1,6 @@
passwd: passwd:
root: ENC[AES256_GCM,data:fEAYZXid9Im/TJrBXj9IOUCdqHT3NZ8GZvouX+RN/1PplH+imoGvjiMc+7AWxUwH28RYpKlFmrILrBSCFEvypX/IXuwx0Zq/uoTLEiP+NiDvSl+e1kvTbI5q19iSajmxU/mN67zTTmUbzA==,iv:MtX/dAEIsQFJc4KahJPbj+dELowLF0caea55/HZ3WWA=,tag:bkfqmLU+dCW+KNJ7RFoeFQ==,type:str] root: ENC[AES256_GCM,data:QZ/CB5SDzJjxZu+TmBPhD1gF2W8CiBhqYv0sqrT+e2r6ylqAjJD8DjU6W6yn5xgrxe84FcwVzu6ZMUdxlzPDIe8qGJUepKwknR+dWvfVVCb7JyEqwxoYvPZHR8RsUDUb9WboBd3rls6vsg==,iv:TN6iI6VbjrOMBJniH7P/0BGECmxRdlvRDmW3AMvrNfs=,tag:RsLwoQN6PwfyQd43r5PdoA==,type:str]
adtya: ENC[AES256_GCM,data:ryjjreVHyt/oY4tJcJHZ8ZQNk/hq9UJFECwo65Pd/GTWw/V/0QxwhoPsuFrgrVRwZxmK+m52ZtGstarn6kSK0oqT7rqzu4u0UwgxzRiPOAzyGPCl9PbiMWUQyeh779q133E+GRw5hEih7A==,iv:o1C+5PSKYmXU61k1TOJWIw3dPWbGBQNwB+pa2X5m9ik=,tag:WSKUXPJmMudschBaYJsSrg==,type:str] adtya: ENC[AES256_GCM,data:NyYkaztJd2/o6pNA+kJngE2rN29eaC8/aVf9PUY65AJWh2ACcaOFo2/DPTTxXgicK6cvUz3bg/xU0JA+NoxKNz9LjlirKPaRb9fnSktI1tK7ned6eR93sf7LV5pnIuQD3OCYgNYJXZf1iA==,iv:QrzQMoKu0/wcrSMeJPuVWpFFBRbVjGJYmoV5V6sThoM=,tag:BlI8RsnorJh3Td00drzQnA==,type:str]
wireguard: wireguard:
psk: ENC[AES256_GCM,data:DmcnhcUtFfz3i6bhd0VZnjO2ySPhBkRNxXnzAZ9/eegLNz4A7pDFociQSkc=,iv:Ucr0YztJ9MCAPsbIh8z4CjD5Fb5K5UvPiTL2FMDJ1U0=,tag:EHu2yWJ42Tohiw5F24igLw==,type:str] psk: ENC[AES256_GCM,data:DmcnhcUtFfz3i6bhd0VZnjO2ySPhBkRNxXnzAZ9/eegLNz4A7pDFociQSkc=,iv:Ucr0YztJ9MCAPsbIh8z4CjD5Fb5K5UvPiTL2FMDJ1U0=,tag:EHu2yWJ42Tohiw5F24igLw==,type:str]
sops: sops:
@ -36,8 +36,8 @@ sops:
djJCdjcveWlxTnE2M2tqT2dEalB2eFkKhWuVT05y517bYmHXqWZ8RbmFIiDMBEbH djJCdjcveWlxTnE2M2tqT2dEalB2eFkKhWuVT05y517bYmHXqWZ8RbmFIiDMBEbH
/XE0IqVtMdVTXAniUr0wMU6alBpehb2cmdSQTL+7Q9mNJL2D9ONvyQ== /XE0IqVtMdVTXAniUr0wMU6alBpehb2cmdSQTL+7Q9mNJL2D9ONvyQ==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2024-06-20T11:42:10Z" lastmodified: "2024-06-25T16:26:11Z"
mac: ENC[AES256_GCM,data:VfUis0iEwTtGZUyccYMLmZ//zHm18cMbutEsTqBkw3vZtBr+mKjAVoihSxVxlol035j5FlYL7T7w344c+q8AIAus4+XdeHqfQKlSuqHwE7h0ZcU94ywa2I7pnHZUU+DIdFfVkKfHwZdIT3GzZLOVvfZIqFik0oOBLuduC/UWQyY=,iv:vdGFGeuR7NeUH3UalKKCaoEoC7NKefSQYfLcH19U10E=,tag:AbJEzpV+fFpWH9tM5RNmtg==,type:str] mac: ENC[AES256_GCM,data:7vYPgICEbjWxehKSr0jkzZkmxteUkpZZNqZGf5AbgbWJGm4ntli0eml5MJicqHd/LIFLC1BZybyIo5k/3bqK0ge8McfOoM4UIBel68tDwk2QgxOm2pSZyo+qHWEPeahCJCtfDF6142XJp3V861wlbcjd9rs34fEWGNlVVBkl3LA=,iv:xrTqx8O/Y45C92kzXfuVQQewGceqZnubjKdbWdGvN6s=,tag:i6ZdLRcRCaL4SW9FiTPu/A==,type:str]
pgp: [] pgp: []
unencrypted_suffix: _unencrypted unencrypted_suffix: _unencrypted
version: 3.8.1 version: 3.8.1