cleanup secrets
This commit is contained in:
parent
9722448eed
commit
3b91d34c8f
GPG key ID:
B8857BFBA2C47B9C
3 changed files with 26 additions and 27 deletions
10
.sops.yaml
10
.sops.yaml
|
|
@ -1,9 +1,11 @@
|
||||||
keys:
|
keys:
|
||||||
- &skipper_host_ed25519 age1mhks8qmhjrtc2u5ufvp3pv2hn7tkadvmscnp7wd0ywmnse0szctqsnpy0a
|
- &user_adtya age1w5rvr4nl8xvjjxpct4e2a2eajvm79v4r9nyxrcn40fm8d7h9l9cqkk0jtt
|
||||||
- &rico1_host_ed25519 age1q6g2czy468c3fcdwvafru6rzhmr2edd8mzhjfs6mevhmt7z2zdsswnwe77
|
- &host_skipper age1mhks8qmhjrtc2u5ufvp3pv2hn7tkadvmscnp7wd0ywmnse0szctqsnpy0a
|
||||||
|
- &host_rico1 age1q6g2czy468c3fcdwvafru6rzhmr2edd8mzhjfs6mevhmt7z2zdsswnwe77
|
||||||
creation_rules:
|
creation_rules:
|
||||||
- path_regex: secrets.yaml
|
- path_regex: secrets.yaml
|
||||||
key_groups:
|
key_groups:
|
||||||
- age:
|
- age:
|
||||||
- *skipper_host_ed25519
|
- *user_adtya
|
||||||
- *rico1_host_ed25519
|
- *host_skipper
|
||||||
|
- *host_rico1
|
||||||
|
|
|
||||||
|
|
@ -1,9 +1,6 @@
|
||||||
{ config, ... }: {
|
{ config, ... }: {
|
||||||
sops = {
|
sops = {
|
||||||
defaultSopsFile = ../secrets.yaml;
|
defaultSopsFile = ../secrets.yaml;
|
||||||
age = {
|
|
||||||
sshKeyPaths = [ "/persist/secrets/ssh/keys/ssh_host_ed25519_key" ];
|
|
||||||
};
|
|
||||||
secrets = {
|
secrets = {
|
||||||
"passwd/root" = {
|
"passwd/root" = {
|
||||||
mode = "400";
|
mode = "400";
|
||||||
|
|
|
||||||
40
secrets.yaml
40
secrets.yaml
|
|
@ -1,8 +1,8 @@
|
||||||
passwd:
|
passwd:
|
||||||
root: ENC[AES256_GCM,data:QZ/CB5SDzJjxZu+TmBPhD1gF2W8CiBhqYv0sqrT+e2r6ylqAjJD8DjU6W6yn5xgrxe84FcwVzu6ZMUdxlzPDIe8qGJUepKwknR+dWvfVVCb7JyEqwxoYvPZHR8RsUDUb9WboBd3rls6vsg==,iv:TN6iI6VbjrOMBJniH7P/0BGECmxRdlvRDmW3AMvrNfs=,tag:RsLwoQN6PwfyQd43r5PdoA==,type:str]
|
root: ENC[AES256_GCM,data:sT8S6EgqlUTOj8wx/FWde1ht/LCfhnnJW8aLNR3IawGcjbWh+JCKnlQ/1FpuGuVF7Qm8qScRcl7FPUZPFpBtj9OJ3984S9DtFJachwSNEJ2TRU+9YdYB1WsXx9ZunMQcTLK9MIyWfIVzqw==,iv:1qfkkj3NMvS50Q84BtqYTiNIMVjdxPh1k52MudEK/5A=,tag:HUwaVYDwjKmnHhEIejnfxg==,type:str]
|
||||||
adtya: ENC[AES256_GCM,data:NyYkaztJd2/o6pNA+kJngE2rN29eaC8/aVf9PUY65AJWh2ACcaOFo2/DPTTxXgicK6cvUz3bg/xU0JA+NoxKNz9LjlirKPaRb9fnSktI1tK7ned6eR93sf7LV5pnIuQD3OCYgNYJXZf1iA==,iv:QrzQMoKu0/wcrSMeJPuVWpFFBRbVjGJYmoV5V6sThoM=,tag:BlI8RsnorJh3Td00drzQnA==,type:str]
|
adtya: ENC[AES256_GCM,data:xBr14ZVeblPbgO2YT+6DPrENsJElj+UkTJebv3/x0U/u+srx82G2Lloda5zZwVBIEc5f6ZPSS4Oko3dM2PW9KUNO7IjDa+Wsm5MQogSjGT+aNtjlub2PkVts5gp+TtCOd6bUQjnf95VXNQ==,iv:ytKVRBsQWJWwXn6DpCOTDYJOVI3N/KnWtyp/GkSs7UQ=,tag:zbPtMMH6MFE6LpBga5X1GQ==,type:str]
|
||||||
wireguard:
|
wireguard:
|
||||||
psk: ENC[AES256_GCM,data:DmcnhcUtFfz3i6bhd0VZnjO2ySPhBkRNxXnzAZ9/eegLNz4A7pDFociQSkc=,iv:Ucr0YztJ9MCAPsbIh8z4CjD5Fb5K5UvPiTL2FMDJ1U0=,tag:EHu2yWJ42Tohiw5F24igLw==,type:str]
|
psk: ENC[AES256_GCM,data:FYRtE7BAOLAnxj+S0kUZ9b6THxsJclpw22pdgmhbjbBBPWBJuEkXxcjm3CQ=,iv:Z6bgQwJDpAyF3eupUQmvjHZrxMSJrQyUYhsHaGEQRYs=,tag:+W4gBPrfsZjcUvUAx5AhYg==,type:str]
|
||||||
sops:
|
sops:
|
||||||
kms: []
|
kms: []
|
||||||
gcp_kms: []
|
gcp_kms: []
|
||||||
|
|
@ -12,32 +12,32 @@ sops:
|
||||||
- recipient: age1w5rvr4nl8xvjjxpct4e2a2eajvm79v4r9nyxrcn40fm8d7h9l9cqkk0jtt
|
- recipient: age1w5rvr4nl8xvjjxpct4e2a2eajvm79v4r9nyxrcn40fm8d7h9l9cqkk0jtt
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBsb0xnak9FY2tDZDh2UzdX
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwS1RhSGdxVVF1NEM2dWgv
|
||||||
NXpRSEFsTm1GWnZjMDY5Z3VSOCtyY283L0h3CkpEMjFoYjNQbk1jaFUrUWxQbzdJ
|
dENGd2hCOXNNSkNzalc0UDIvaFk0cTV0RG1zCnRDRjdOMmdCTTBvRzR3Z2lIRTZX
|
||||||
b0VzRHZnSTQvem9seHFqVHA0SW1Zd28KLS0tIFZiTEVBNVA2NEJIT2h4eFNWVUk4
|
bkN1Q0drTFFNNzhPampXSnlPcEV6ZE0KLS0tIFpmSDFvMHA2clVrMFFmVGx5N0Ft
|
||||||
eFpjYnd2SHYxQUxpZEZYZ0RaZVYySFUKVwFyUrhFNKnYMRC8g2v1RbGz+KVzMqwP
|
dXlKcFdXbVhObWdjTUkveUZPeHVNYVUKnBOvN0Z71NmdNTCiQnkKk+FkZM7uW2vt
|
||||||
WZ3pQCmgvSizMWwBrzrOurj9QsUEej1tlC1dnEzOCsXtPtzD53hFIg==
|
I7+PshcjfoFZR4EMUJh4lpvFvm5UqLFyDo86xbX52GAur+fuon6TQg==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1mhks8qmhjrtc2u5ufvp3pv2hn7tkadvmscnp7wd0ywmnse0szctqsnpy0a
|
- recipient: age1mhks8qmhjrtc2u5ufvp3pv2hn7tkadvmscnp7wd0ywmnse0szctqsnpy0a
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVcmM2NkdLVThFd09xdmhL
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBONHpjRGhDL1Z3alptZ0Q1
|
||||||
YVFRM3d3L1hzTDRvRUVTT0JzWStWZkVjUjN3CmRxTnpZVDNyVUp0bDk4VEJpNXVH
|
UG84T3M1djZjaU95NUNOVG1ZdFVpcEdyN25vCjErNUx1WFFGVmd5bmdqenRHY0Vr
|
||||||
Q1pFK01rOTJoMWF6djdMNk9ZcGExWlkKLS0tIGt6bFl6MkJYc1ZtTGhDdnc0K1hJ
|
bW0ydExrU0tBMVNGQi9iOGFaN0tKR3cKLS0tIEVGbGFCTERveXB5WkU4SzNpWm9l
|
||||||
R2hNYXRzeWFXSFRBQkkwQTh2Y0s2MWcKWgG8p95Ou9ojJjjUmbgqy4TinZ154d6k
|
SEJpS2ZoSk5sTGFSTnNBVmtIWDZpNjQKmwLxr9GdIxyMnoIiJ9A88fW0LP5/Ru9i
|
||||||
PK0Z2lTZmUAYQefGCQjSWXu4+o1Yo/5l8uZ6zzx+j3DhJ6rsUzIOvQ==
|
7J0+GpRSn+9FeJdUW8z94rzJk1VjHdjibj9kVEMUSxvge4iyiwu3WA==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age1q6g2czy468c3fcdwvafru6rzhmr2edd8mzhjfs6mevhmt7z2zdsswnwe77
|
- recipient: age1q6g2czy468c3fcdwvafru6rzhmr2edd8mzhjfs6mevhmt7z2zdsswnwe77
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRTkxVbDJIeVNFZStBZ1ha
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4TDdvNUR6Uk8rdGlGNW5D
|
||||||
UCtnbXlRQUZPbFEvUEZ0RFF6WTU5ZVM4L3owCkRqN3YrQzNwVFhZMEZrNnF6N2p4
|
Yk1UN1VjZFlxZEJHejFjN1RiTzJXRmV5S0U0ClNGVHBCSHRlaC9HYW5HTG11TXdL
|
||||||
NDBYOHI4djVNT0tnTllEOFhWbWMwTEkKLS0tIEJ3TXFxdlg1cnVrSUliVGpuQThG
|
VS8wT2dxZ1hyK3RhV1ZETHY0SXlCRTgKLS0tIGtnRWN4NEcxTjBSNjJXeFRHck5r
|
||||||
djJCdjcveWlxTnE2M2tqT2dEalB2eFkKhWuVT05y517bYmHXqWZ8RbmFIiDMBEbH
|
M21sSW83S1RaUmRUZHdLc0MxNk5kcWsKZBr246PGjclDw3rhP8FMXnTlMh586SAT
|
||||||
/XE0IqVtMdVTXAniUr0wMU6alBpehb2cmdSQTL+7Q9mNJL2D9ONvyQ==
|
aHtqDauFE1Z8rjAHbED889xNMYTev0ggcRFLL+ylFOMt1rbZIkqFcw==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
lastmodified: "2024-06-25T16:26:11Z"
|
lastmodified: "2024-06-27T16:53:21Z"
|
||||||
mac: ENC[AES256_GCM,data:7vYPgICEbjWxehKSr0jkzZkmxteUkpZZNqZGf5AbgbWJGm4ntli0eml5MJicqHd/LIFLC1BZybyIo5k/3bqK0ge8McfOoM4UIBel68tDwk2QgxOm2pSZyo+qHWEPeahCJCtfDF6142XJp3V861wlbcjd9rs34fEWGNlVVBkl3LA=,iv:xrTqx8O/Y45C92kzXfuVQQewGceqZnubjKdbWdGvN6s=,tag:i6ZdLRcRCaL4SW9FiTPu/A==,type:str]
|
mac: ENC[AES256_GCM,data:pNp60XQOIITU0xFX3EkFVnbWywHjywwRyK6ud9RAnzcRFkJPgx5ZBZiNnSARu1LhpGY1k5PWrQ3/X1bpF60q5mDX2Tn0hr5qCksMKZ0RUIFtlVxeeepGnlqgMsG+4LFXA4IWn23fK3B8I5fQGtG0lzR+VvgzPfKa0xnr0hbd++s=,iv:ODaVMYF6FyRK8P2A22rLoWiHrdQlgiCvC7SkSye83GI=,tag:gGmZcd6wLMGWxFUAye0y9w==,type:str]
|
||||||
pgp: []
|
pgp: []
|
||||||
unencrypted_suffix: _unencrypted
|
unencrypted_suffix: _unencrypted
|
||||||
version: 3.8.1
|
version: 3.8.1
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue