1
0

hosts/monitoring-3: Migrate secrets to sops

This commit is contained in:
clerie 2024-04-21 19:15:15 +02:00
parent 7ad061292d
commit 2775acdb48
5 changed files with 30 additions and 3 deletions

View File

@ -1,6 +1,6 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
{ {
age.secrets.xmpp-password = { sops.secrets.xmpp-password = {
owner = "solid-xmpp-alarm"; owner = "solid-xmpp-alarm";
group = "solid-xmpp-alarm"; group = "solid-xmpp-alarm";
}; };
@ -8,7 +8,7 @@
services.solid-xmpp-alarm = { services.solid-xmpp-alarm = {
enable = true; enable = true;
jid = "feuer@fem-net.de"; jid = "feuer@fem-net.de";
passwordFile = config.age.secrets.xmpp-password.path; passwordFile = config.sops.secrets.xmpp-password.path;
receiver = "clerie@fem-net.de"; receiver = "clerie@fem-net.de";
}; };

View File

@ -66,7 +66,7 @@ in {
ips = [ "fd00:327:327:327::1/64" ]; ips = [ "fd00:327:327:327::1/64" ];
listenPort = 54523; listenPort = 54523;
peers = monitoringPeers; peers = monitoringPeers;
privateKeyFile = config.age.secrets.wg-monitoring.path; privateKeyFile = config.sops.secrets.wg-monitoring.path;
}; };
}; };

View File

@ -0,0 +1,27 @@
{
"wg-monitoring": "ENC[AES256_GCM,data:kYFhMbqL7b0rwE2XIaR4QVT8ahoODmpXKzK5gvkODFJVklubwCmq2bLJk94=,iv:eR+VjxdtS4et9I4okzHyA+if1Rxj2/MuiC0CrWXd0Bg=,tag:rMaYMTvO6gWw6WegehDBFQ==,type:str]",
"xmpp-password": "ENC[AES256_GCM,data:eBZsBYqo+juLrYZjBqTcKFirHViRsul+wt6kkOmMhCp4xU7Ou8eJAPCOuhvHcUGxRE44L0yIyUObhRgAj0T5QA==,iv:DsLJ3qCZyrdolJBZFT9FJUNQ75pc8Vz32K2a8RJHuLc=,tag:wOxs2Ulw1aSMadWfjGSKsw==,type:str]",
"sops": {
"kms": null,
"gcp_kms": null,
"azure_kv": null,
"hc_vault": null,
"age": [
{
"recipient": "age1kdgrgsjqgtxkjv8ec2ljc5jgtm45w5e6hj830m0awahnvdtknefq9yh8v9",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxOGNMcm9vRWxMZjBwcmVS\nVGVoS2kwSmZjOHdGMXQwUmlzV3hhbGhhOVhzCkljQi94aUtORldKOFdqeVNXYnJQ\ndS9Vc0hRRisyL1dESk1NOTQ1dVJyMDgKLS0tIE54VlU1cVRXWXRlVGU5RzR5dXkv\nSEZJeElpWDdJYW9WNWxGLzdjdGR1YUUKGZwFPOc4MD97FBRtj1Py4A9Tz/HlzHcK\nX6nYgkYSUycM4g4d3+N+1NKutfWJ7KheuTlhNRDftyLYmmo5wyEtrw==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2024-04-21T17:08:58Z",
"mac": "ENC[AES256_GCM,data:UucT7OiO9S3FcO9b1UKPQYXi7v3Ak7/J/VkDN4P9fssS4nky6PyX4oV5UvGcuR3p0pxLAHGJ4rOXj5QbnOqwDqmHfCnoqdItAlXRT1YPdSrelQ/gHyOfexsuV1XLOUS/OXJoYEi3ymKtza4rMIZow+du0YkRxrJQjwM0y8XSa3I=,iv:mDBaVhbHCLdxx5DC7urPPDdVPsCPYqKgLRwfqjLFdnU=,tag:Wpq6ihxIr/eceG12gpOJwQ==,type:str]",
"pgp": [
{
"created_at": "2024-04-21T17:08:30Z",
"enc": "-----BEGIN PGP MESSAGE-----\n\nhQIMA5OzEzXewpmPARAAp91D6Qh7RgaeQwMge/L6ETqb348WyZ/SM5LCC/IsApV6\nJiGfmtUoDLyS+X0Ry8hVIKJmoxPypBV13eZHzxrI5rif8MAlQp3jW0zqpbeo9ltJ\naqyg1xI2NC5jh9+mLGR9nqU+vpQaAaMG0EVPVHOcJA1o1TGZ/poTNA8c8azAMQUi\nnGpkKBmM7WiR4zLSiEJJbkgOaQSAptXv5z3G2RS3e/9lnZM0QcACRjR6ck40tvnr\nLLUOdbZcro0KUk5JmGmaGXXBZRz+muF3BrPV8uRS99UN2NMasRh+vthukoH+E+GJ\ntYbBeCuFEqU6g3SRTRqO8pF9/d3v2xwGUzU/nW6tyVxhlhbQTUE+yV6qA26W6f/6\nLllnFuSDGqxTnKVgg+UvYh7HzEa6LqbRKEkyu3fXQRqyevYWO/J2q6R3ZJ17RQPj\nDrd0gvg0hBhaa24b6ybxK7wl9TgLyxo/xeyLMW7akjvhjxPid1nHY/+cvraNgMIu\nay2XieyIh7p6o856Y0YzAQ0BXgmlIRmFs15V007o2fuHY14yY8uiv7odMYxv7tWg\nXRFKtLNndc0pjdWJ1kqMr8Ap45mNMaFrVHOlH3Urrdc+1v9EF8BctlCouKv7uaMa\nY34fhc94jy8aTKQtXwfmQccQOUnjH2U/foUeuXlmXSw0vB4Hk7D8boii3KdWLgKF\nAgwDvZ9WSAhwutIBEACI2oAdmWomlbswi7YJeRKShB5Gz6cYKD7KRQkpGucdiINl\nTYdTB/3U8qDrOMUrBwvHDobEIg1+x/vqzbA6mKaoWh/TN6NH+KJ6QCAN2oOs1fB1\nUukHyUIBywXcb8bMaOJ4spTH6knY4AMv8EdlGY0iDyOXfNvBRjs9952rV62Bg/Ax\nYW1HrGpcSyyDk8cuLddrJ+9tSMR46xHxRJU91mTOWH2ElA2tW3otN2IDOFc+E3Eq\nZmBvokeer+nPdu9Htcgif4PRMatOlbxnk5lnxM8dQrqA3IyVyyLU3m17ZtOD7zRv\nUXHODfQrXV2UjFeuKFqtA7YibwP2Z9qSok2SQB1knWYYhWvZv8hM2ifoFxmOgwIC\n8LDIUvJmP6WGLtMxncWHS+KH+AW3gEkSeupyysUCuROH5FNI3Etim4k+f3SaxSjR\nKWlLj/n437udYCnGnXdK9gBWlRdWkaiMBGgdB+1QsRsx+qr6T3wpM2zBsLnByVxn\nUEKm6W+VJT7kLuYB4JegjA88rWugndGZ4eHlqhV4g6ZoignoSwdZEYSkKPvJYktE\n25+TO8Ya67+VU1yUxMtFTGWfG9RkDtpT6DoxbJ1kHSIBpY9WOGsgk7/Egi+0AiAU\nbFaYkvtHWF/tCKrkrSUThD5GIy4FWnFYXK+0Pvc/+LZeAKcMWEs2PoULwRT2F4UC\nDAM1GWv08EiACgEP/jDByq/bY4HFtebvh4osCzLR7aYeKquHfo248TvhwVT3JON6\nl3CZ11z8R7z31np1YtaR06EXON6DyMd3oLqllu5PF8y/+YSsPEDO83u/KxG+CAGx\ncqes8uwzF4/Qc2yAB12rMuDm5GGzixLgorwchYxRwJwO6JVvzvGbeErYXOpJA4e7\nf2IBAcvOrAc5sOo0mFUnQN9/+oBgT7QsWWRJ7JuJLuaAyQr60vkkEzxFaAxC2dKX\nSCQDXVX4fk24EkcJvnE9gmG6o17H9HLVFomq2VN+QmZYJWZwSQwmQgCZ9rW/Da5D\nips4m010AhGL9nK5qUQmpfvkwj3/tgSr/mtE5McFhdgwqsai+nw1sdOO89BUVin5\nc//aazke439vvmpFCLa887TG2lkAy+/61YbkkiHzMYlcjQ7MJNf+wKJ3bmJVAkh0\no6Yd09YnwQm0bGLt0qeOS/CHHpnc/4Td9HmpcHLLXdxVQKACDOHdPPas/ogkQN38\nK+ztvgea4RttRI7MEetgRAIhXCtb9vcJryLNbiTDeuZES9+opo84UA3MW+ep0vxI\nmk/9IgjKeXTWENTVdseE4mpL8QX/hwNCEOFRJbT8/YlX6Xtu/cQkSemIA+Xo8F3m\nSIxh4O7pmgAribYofS5TOjwUjdygpuAyw2pBZ2ZSnIhl/GQWoTBsBZktdPvR1GYB\nCQIQo4VyLskvEfGa66Nn4gd52wpalzu/u1X4aO4vDzDizs3q8/FymrVGcRHfGCSz\n58qxqjLg9B6DY0cr3eMb+KFTGJTiCeHS4wnZ6HDu9Z7nFZucMZ+7b9Ph2UqjBvbA\n4FuSofs=\n=84OD\n-----END PGP MESSAGE-----",
"fp": "0C982F87B7AFBA0F504F90A2629E741947C87928"
}
],
"unencrypted_suffix": "_unencrypted",
"version": "3.8.1"
}
}