adtya/configuration.nix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

all: cleanup secrets

Browse source
This commit is contained in:
Adithya 2024-09-14 19:36:33 +05:30
parent a7e895808c
commit 4bb172fa9e
Signed by: adtya
GPG key ID: B8857BFBA2C47B9C
2 changed files with 9 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
hosts/shared/caddy.nix
View file

@ -1,10 +1,10 @@
{ config, inputs, pkgs, ... }: { { config, inputs, pkgs, ... }: {
sops = { sops = {
secrets = { secrets = {
"digitalocean/token_file" = { "caddy/env_file" = {
mode = "444"; mode = "400";
owner = config.users.users.root.name; owner = config.users.users.caddy.name;
group = config.users.users.root.group; inherit (config.users.users.caddy) group;
}; };
}; };
}; };
@ -17,7 +17,7 @@
''; '';
logFormat = "level INFO"; logFormat = "level INFO";
}; };
systemd.services.caddy.serviceConfig.EnvironmentFile = config.sops.secrets."digitalocean/token_file".path; systemd.services.caddy.serviceConfig.EnvironmentFile = config.sops.secrets."caddy/env_file".path;
networking.firewall.allowedTCPPorts = [ 80 443 ]; networking.firewall.allowedTCPPorts = [ 80 443 ];
} }

8
secrets.yaml
View file

@ -24,8 +24,8 @@ frp:
token_file: ENC[AES256_GCM,data:y8QgggTJaQ2STMGNGT0RagUhBgA6H20plzEwd9jNhdXl1098URUV0288YoTnQcc=,iv:/BYWC2WYvXrlvNc97RJTfhf1IratSRU0vHcaxLXJ+V4=,tag:PlStSrzm09fW442uBHAiUg==,type:str] token_file: ENC[AES256_GCM,data:y8QgggTJaQ2STMGNGT0RagUhBgA6H20plzEwd9jNhdXl1098URUV0288YoTnQcc=,iv:/BYWC2WYvXrlvNc97RJTfhf1IratSRU0vHcaxLXJ+V4=,tag:PlStSrzm09fW442uBHAiUg==,type:str]
matrix: matrix:
syncv3_secret: ENC[AES256_GCM,data:05lLSSolNO55VjJQL3nLNGo2jiZUZht2FKNvc2O2dCccSfglrwm6J5Guzns9ZlT8X9j74lvlWlbM6Q==,iv:1zARbgZ9GJV1UMJ+WjFPNYPqhRjGVj4iLYMpfsRjrko=,tag:fQ9Vg1xD1k2eYlEbtF6q8A==,type:str] syncv3_secret: ENC[AES256_GCM,data:05lLSSolNO55VjJQL3nLNGo2jiZUZht2FKNvc2O2dCccSfglrwm6J5Guzns9ZlT8X9j74lvlWlbM6Q==,iv:1zARbgZ9GJV1UMJ+WjFPNYPqhRjGVj4iLYMpfsRjrko=,tag:fQ9Vg1xD1k2eYlEbtF6q8A==,type:str]
digitalocean: caddy:
token_file: ENC[AES256_GCM,data:Sd3TFDI12Md8rFS8iwIQTtgMUUoZ1cIa4zAge/UbusOy9N6URLTFQUEOMO6t28QjyLdP1A3mCqitL7WEkdgZOj9dJUZPpa1odJZssCa3YGjn74vM,iv:vRS0QCTU88/jOhZncCX9VhYPNnexV2kw2xT1/Q0qwPc=,tag:009UNaNBNjXYPlPPJK8fYw==,type:str] env_file: ENC[AES256_GCM,data:FPMNS356/fZ9DFgu0/lH5S2+zKBkeo5VAYFK9fFgxNRm2IRWQg79yfW8xTJuAZw5AZrEiNvpfU0eDO+q1fLEdJccINHatKjTD/gMUCb3oAA7u6b2,iv:sBmSTTtvRtOtoBSEMzzhtnSFoX9Va85g6K2bVxB4Kak=,tag:pv7/pwG3M2qrnrMMJ9eePw==,type:str]
sops: sops:
kms: [] kms: []
gcp_kms: [] gcp_kms: []
@ -95,8 +95,8 @@ sops:
YzdpTitkMHh6VUFtV2FodVF6OWJkTU0KBjC+esgHZ8hTWXwZ+cy4++jLP+gsruHM YzdpTitkMHh6VUFtV2FodVF6OWJkTU0KBjC+esgHZ8hTWXwZ+cy4++jLP+gsruHM
fmRDhvQu0MNHkjQ8q4VmwRVl10uc8CyTDFTuyDoAhvmnzXHtrg1wpA== fmRDhvQu0MNHkjQ8q4VmwRVl10uc8CyTDFTuyDoAhvmnzXHtrg1wpA==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2024-09-14T09:29:44Z" lastmodified: "2024-09-14T14:04:05Z"
mac: ENC[AES256_GCM,data:o5SSxjXA6JJ2Q2TJu8bhUYcmywyiqb6/f4nzfynoHoW/x3fuc9gJbpTqJz8Zxc+vTNZE8EUW+j2zsHLNf0t7QjaJeUJdqXnAr6tTdIAbAXmDrIEvu39Oq2ukmRgwbzGODUc5ziTswGu/5REMT7k1kmlt2dJ1MXoVaSW+xbpl3lI=,iv:B5l69QsOApyuXfNpHY+ibkeo9RO5t2fcoykVAc6wFvk=,tag:HbByozsuOMYzzmu3mIVfFQ==,type:str] mac: ENC[AES256_GCM,data:Vw54t+H/aHL/eZNQfqU286frv4Tssi6SBJULel3FThOrvmdRDAW5I/yCrnveW08cxcE6BKaHjIhi5OkZYPeEMJdJLsZwcaXLzX1IKKk2wKlB+SlzwHAoMYmawaeIlrHBRbskvTClN9K6G69EH7p5ZBBrC+OQHHKCLOMvEalC9Js=,iv:MXxG8gVchbNxUmIXlDRIcUsrZex9Wj8Z7W24BErHwmw=,tag:Lo65RimG0l/B8a1AEQnaKA==,type:str]
pgp: [] pgp: []
unencrypted_suffix: _unencrypted unencrypted_suffix: _unencrypted
version: 3.9.0 version: 3.9.0