diff --git a/configuration/common/programs.nix b/configuration/common/programs.nix index 85adaa8..23e7db2 100644 --- a/configuration/common/programs.nix +++ b/configuration/common/programs.nix @@ -10,7 +10,6 @@ # Normal usage htop tmux - vim # Deployment bij @@ -24,6 +23,8 @@ curl ]; + programs.vim.defaultEditor = true; + programs.mtr.enable = true; programs.git.enable = true; diff --git a/flake.lock b/flake.lock index 79a14db..989996f 100644 --- a/flake.lock +++ b/flake.lock @@ -283,11 +283,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1714076141, - "narHash": "sha256-Drmja/f5MRHZCskS6mvzFqxEaZMeciScCTFxWVLqWEY=", + "lastModified": 1714253743, + "narHash": "sha256-mdTQw2XlariysyScCv2tTE45QSU9v/ezLcHJ22f0Nxc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "7bb2ccd8cdc44c91edba16c48d2c8f331fb3d856", + "rev": "58a1abdbae3217ca6b702f03d3b35125d88a2994", "type": "github" }, "original": { diff --git a/hosts/dn42-il-gw1/configuration.nix b/hosts/dn42-il-gw1/configuration.nix index 360c949..19bbea7 100644 --- a/hosts/dn42-il-gw1/configuration.nix +++ b/hosts/dn42-il-gw1/configuration.nix @@ -47,7 +47,7 @@ publicKey = "ObF+xGC6DdddJer0IUw6nzC0RqzeKWwEiQU0ieowzhg="; } ]; - privateKeyFile = config.age.secrets.wg0197.path; + privateKeyFile = config.sops.secrets.wg0197.path; }; # e1mo wg0565 = { @@ -68,7 +68,7 @@ publicKey = "qYaDuYYVpuFqy7KyC5PmJavqs0a7GtyuES8VwugdPSQ="; } ]; - privateKeyFile = config.age.secrets.wg0565.path; + privateKeyFile = config.sops.secrets.wg0565.path; }; # fooker wg1271 = { @@ -89,7 +89,7 @@ publicKey = "xxPjHWVzePinOOMnuhwGAI3PKY9pvpifIvIbPu3IwQw="; } ]; - privateKeyFile = config.age.secrets.wg1271.path; + privateKeyFile = config.sops.secrets.wg1271.path; }; wg1272 = { ips = [ @@ -109,7 +109,7 @@ publicKey = "Iae2R4B7VVsloKWK8T1j1vLMuxpP4dVDUdzEg/YpAjE="; } ]; - privateKeyFile = config.age.secrets.wg1272.path; + privateKeyFile = config.sops.secrets.wg1272.path; }; # margau wg1280 = { @@ -126,7 +126,7 @@ publicKey = "CEge9jdHQArzdniUiWyB3IUZOjGiew3gPmz/MOf4ahU="; } ]; - privateKeyFile = config.age.secrets.wg1280.path; + privateKeyFile = config.sops.secrets.wg1280.path; }; # perflyst wg1302 = { @@ -147,7 +147,7 @@ publicKey = "TSPvvpMY8dCFk6gd58aYtkibtqUn8EzIF6dXP52b3y8="; } ]; - privateKeyFile = config.age.secrets.wg1302.path; + privateKeyFile = config.sops.secrets.wg1302.path; }; # lutoma wg4719 = { @@ -167,7 +167,7 @@ publicKey = "MkVyCgIq0BOStFIu2/Wl91ofFuRvnG3ZqTWFfVs/VlQ="; } ]; - privateKeyFile = config.age.secrets.wg4719.path; + privateKeyFile = config.sops.secrets.wg4719.path; }; }; diff --git a/hosts/dn42-il-gw1/secrets.json b/hosts/dn42-il-gw1/secrets.json new file mode 100644 index 0000000..f80b21e --- /dev/null +++ b/hosts/dn42-il-gw1/secrets.json @@ -0,0 +1,33 @@ +{ + "wg0197": "ENC[AES256_GCM,data:1QJ5GXLMLIOj6xNC4sMnShjyB1wqfTkhkPTlLJz6AJxMjA0BsBZvZ1Pdln4=,iv:nVRIQB8/Ged616ELhkGnDyAz6A+3HQ55+yG0vf0f7aQ=,tag:GtI8ICMCih1tN4Xoc+8RdQ==,type:str]", + "wg0565": "ENC[AES256_GCM,data:kLgKOGDA+kPDB0SZ/yU7Ax7NYn28LiVT2W6zSsc0APfyoZWW6nF0fUQFv4s=,iv:6zjLGAOROifubQUMxRLvoFzN6GRYob841rzNiVyrt84=,tag:Gh15/ROPYiqqobcJcTzmGQ==,type:str]", + "wg1271": "ENC[AES256_GCM,data:NPcFMxVNpwoPkLsb6NvZVxGxw+Og3RzlYx7TAL9nT95x6I8aDRpOnR5tY5w=,iv:gYuem6vX+jRQvirrt3lZQb5gKnN/z32W/MgmGuzQ/Ks=,tag:I9qZJSNKFEM3Vx4Yugxy1w==,type:str]", + "wg1272": "ENC[AES256_GCM,data:LU6jtNkNn2Xs+0OH8cD1HJnbHsNNnqlY83lDFa11/dHwVgdFxMtDXMqIMEc=,iv:/A8rWGR6jExa4ms7jTYC0eZVGCvlKw1I58Co41gw3TU=,tag:tIBRkQzFFpEEzflnDrpcOA==,type:str]", + "wg1280": "ENC[AES256_GCM,data:F4KLY6jiZNl52ko32nM0iTER0DyHvaCSmxeYAKB0MLUD8l9u1Ugk6kYZnUc=,iv:XcaxnvxM1kE/ahNFX+BH7Jmr9q2Py1vHHqOjFUqs5O8=,tag:a1up4gGFqyHz2lmDRJl3bA==,type:str]", + "wg1302": "ENC[AES256_GCM,data:+MzuBPg3ql0/MEnpVvhQTsPIkKB9xnHN9Fk4VlZwK4ijKl+26d6oTSM7/R0=,iv:bPPmhenQLaKTGaDo4rBlKkrXrS1YysRuntbKq6zi2aQ=,tag:lztaTfDGT4kAq+HZMLl0Dw==,type:str]", + "wg4719": "ENC[AES256_GCM,data:hoOOCUGdYFaAQZ6wkgmQl65M1qArvXa826IeJl+BUGf7UX0vxx9J0C2epTE=,iv:+1JcOgzClehkE0Ihd2mmoenPk51OBZMF0bMqapWah/c=,tag:xI5FU+GJU6BER9/n04ccLA==,type:str]", + "wg-monitoring": "ENC[AES256_GCM,data:aw11Ygfll6llabXkuxtbTcCn1eb4NZX1IwArcXoRJCJSgwDrQZ3HLatov3w=,iv:J2VD5XS+BrIKeFb0NW1UYZUuGPkbjFmooZ93PVK31gw=,tag:2XLSa/2s6LRq3L7UdrTs/g==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age1f0hscql4f4w7vyukzeu693xfedsl596dpjekc23q77ylp92zsvcqf9u75t", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3QWdFYjFjTmRVRlV3U3p4\nTSsyc1E0dWtiYjNtVkV2SXJEWkxnTDhLN1Y0Cng4aGlidjhydUVGaFcvK215aGdq\nN0FGajYwa1lPUCsva0tmNkErUGtlOWsKLS0tIG9pLzJEUDA2WWUzd1kzSVZrdVRX\nbUxjQzBCd3p0R1dWTTJaRmZNQjJEUVkKPz6OUQHpYrhRxMdQzpZRR3exVqkG2JvX\nI32PwvbeQK8cgpYwKLGar8U8aiPPm0Y64pID1wedDsNZzLqLOrS3wQ==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2024-04-28T09:28:04Z", + "mac": "ENC[AES256_GCM,data:PHdhyie0Ya/nN9Kqj4z+zPyyKZFvGkznkv8Uf3LNSdPKWVtXARZc8Xodm4MjI2HvooryyyMFHkW75Aln02Rlvk3R8oI7rfFZC7s2P+LotumsYgRFf0JOUMxsxOtKW0ehuLy83Bw0rMJQo1gzTgBykcvdc2pkMmALF/vU/1VqgJ4=,iv:0JwcY0Q+8VAiVHYjynhcpsobQXOkK8EBe3QUJ8YUwFE=,tag:9xAcoxAPGxTvHVBydf3u9Q==,type:str]", + "pgp": [ + { + "created_at": "2024-04-28T09:25:37Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhQIMA5OzEzXewpmPARAAlFtkAfaMk8tnLsnJwAJXqrwUMxojYbMcxTDokKUqaQFE\ndlirkl0o0Kgk78BINxV0hjBpu54DvpBMl/Iv8TVpnZqCgNli4WOrOVg3OwVWqbmw\nZ4Hu3ToeogVlFx5U9tB/u/Z3tvsf3TpznansXmP1GaTt0P2Ur3Xn4Gvsgc5ikSXs\nZSwPpmDJiJwa49empWjUtYnMVo48l6midUny4JR1CC6Gr8QobBtImMXFNTQc4q37\nmDV5mkDCsdyDhEFMX8VXDHPMdLKl8zg1B46AqMQE88Rr8mROuZVuC6sjC4NY8YLn\nqwuUGr8AnNvU/e0/HTdnYwrqDZxBaqg9RylEJjU00aVj5Sea4/AiK+e4QpLukhFN\naul3XWB+aQ3VcspsDv/n/TK9d0Db0fniTdQEGDfaXRJi2bDRZUkneELQ+Z4BCgHw\nu9XlJJt+Ts6Gx22c24BpaR5H4IpY2wqkhLHm/kdzu082pKPfHQojtJopX1N5sHjJ\nrwF+y1xuWnucOyzbKCIHYv5BIxlTeftLyzwzZWWUjaidj2xWmHWnPo+27/+jb1IQ\ntXs3rD8dI4Sc5gxgHtC/jRGyFKOoiva+xzKF4qLZI2MYnhXa+ITF9LabdXj083T/\nVR1gdsgQjgPSgrIl/8oqw4oF95y0gQctTmvuV4XLI9ZbZDoEHsRxq43OxkpnVR2F\nAgwDvZ9WSAhwutIBD/0f45DOEuN2gGUfFgxlpUeJ/ToRqFbgRJxGGS8PY23YStsE\n4H9ZVcV5NmBiu9bZOzDYy25Lp1Sox1ciAkId7gZL+3QIRbvL554MT6DTC2E+zdqk\n+QstJ67jmzauDwPZBtjjxv8VbndoUtVsUKQzVFNoyDbtoKfiUUsowDdJerqF9eO9\npvylIkU7X4UOApOgFM9y7iXB0RDsuiszSKUP81Sexn97NvhLig9FMGAUpCsWjNZ1\nOAJzTOOuw99vLRZQIZj8F10B2dHxi3iAMsfJPltLfNt3JzSTvT219ObcqRfMZdtQ\nGy9wAkoC+pfRVCwb7sYbe+evTtTwPP4OHarUJxCPbCiwieD+GW9szyeLIGjn3NE2\nZDxFOnkzrVV4VKL9J6KXLI5g3wpPaTg9enJ+7izNRmU497SL2oBOfoz6hjb15E0N\n9Ebq0Kpb7dinCB/UU2RHvHn2gixCaYWwPBDIJqv3AL1hfz+dmu0HTUL5uUxkCRUy\nT1V6aTyHe4fb/tL1CFiGBuL+IQg76JmmSjWrpYsNyMkOgCAfmkFeSd0YTnd04pnf\nFqcstU42OnJxtjylaSLQDjnBZ8HDSuWrOGdNppw2ZmD/mCeqfZoSb1XDdFXJbKdO\nwFbs7znx5ZObN+06nD04mqT28/YaY6juNBlhZZz27+vZhzWA1b+97V4stxxRbYUC\nDAM1GWv08EiACgEQAIovtpP23VT3HKWrqDSjAdssTBUncJNWxNhZvp5VS6axsfnU\njDeMAJSOS6c/+RolvKZ2Y4T8XovSSqMC1U598AkPMIbb0eQ8IvuA5UIDZgvIBEKl\nwzyo9myppeN/l910WJs+Vo6DFKLQfBTpRjOzqC/YvzLZUUVFhr+6l4lOWx/lkEFP\n+mt86GALAJT1HT047hebLeQZPnIj/BhPagbD4qR4sJUc5wQxc25T1Oxb5/ToFR0t\nBSqEUdUIG0rvMsDRzpQ4mdg7i6D6PXb4eweTTOCWzpyiFSLfWE9qWXpqCFgpd4xI\nzAEofhbSQH5HqAvTplDhIRKtwK6Ze1aticuRdWjrorHVa602PR3RzFMWMtQa9j12\nK4igA3FD6cHdoRUMoLq8YAyxEwUOgHPmOub+9MOOMmI7Q5bj+oByK2Q2Thq1T6Px\nIVQzq6J5nWFXtRpx9/UFPLnjEqc3ehOItQrnH8980Ocy4nghaKqJGpAQtoP2t5nV\n6aGJ7tqTsv5MDZ+b4pRE/7GjG4v2t4I/BQd/0GU0vndfZx5KmwmTsCrVmrmwhFr8\nBNNNngqsHUZxK0RVI0sA90N23om0ATLWl8gt1mvMWZ8p9NPWQdDa1AVkLBgq6hZN\n9JtRacIS2zuiib5AohijVwp3uTDPL/32au2rAg2vWEFy1jSMnEUDCqTKGJIu1GYB\nCQIQANxUiUXBtAhd1pBA9VOhhD1T57AkDvHfk8gEyNKPC3+RI1GL2ImA+dEQY0Ie\nl4P0mcQTf8tlRgnHZhvf1ktXp46oAV1StGfKEil8WU3N/5gFeCNvRRuGMx05av+t\nfgAAnS4=\n=Ew+/\n-----END PGP MESSAGE-----", + "fp": "0C982F87B7AFBA0F504F90A2629E741947C87928" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.8.1" + } +} \ No newline at end of file diff --git a/hosts/dn42-il-gw1/secrets/wg-monitoring.age b/hosts/dn42-il-gw1/secrets/wg-monitoring.age deleted file mode 100644 index 52810fc..0000000 --- a/hosts/dn42-il-gw1/secrets/wg-monitoring.age +++ /dev/null @@ -1,10 +0,0 @@ -age-encryption.org/v1 --> ssh-ed25519 HwR33w +AFhSTsqwKkww+OGHnKI+qi0JvrQVe8p+XRVnn1oZk4 -t7nBc4g5guqSsP6XFWYLAXPZEKFJA0tk4GM9XP3uoUo --> ssh-ed25519 g+l3bg LjbGz8bbxotI4uhVaFzCjaOohfjJbTgPCbQ5UgCVgEI -+7h66Z41OSyvZjJ7ANYFA+ut1FWQXE79WonaXE5HREc --> OapV-grease jkg)M@ NO4*'ml? lUG]H liUD3iK> -628DJDgpTFp0XP05robVn8j6/3f340BaYvdZIKLKvqXp93GufqwBnfYRIjYDyolA -Kt0M59kSw2DOtaYaOEk/E5BJhdYa+cDBEs8 ---- 0V08Pg4II/yihrNWngXKWXwr6+Lcu9+XijZYupCyzHo -E?aS,&\Bҗ8X]S^BHI-ݫ/F'#;C@o&~i\=ԯ \ No newline at end of file diff --git a/hosts/dn42-il-gw1/secrets/wg0197.age b/hosts/dn42-il-gw1/secrets/wg0197.age deleted file mode 100644 index 16d12de..0000000 --- a/hosts/dn42-il-gw1/secrets/wg0197.age +++ /dev/null @@ -1,9 +0,0 @@ -age-encryption.org/v1 --> ssh-ed25519 HwR33w Hb6ZchUcn7PeLYtJymInIlAZxlk2uUxGSMk5QsqDFw0 -zHX84c7HCwbc4+h8UlU1C6odjaIboUx0++2LMW/vED8 --> ssh-ed25519 g+l3bg y3kh96FH2V85RL8r43Mv10gZGnGG3VHu+XFR2uXrlDs -tND1crcFQFybtFWdRgyavQhDeP6A2aEDbojasOvgVqg --> %-grease 0/m 5Fx\P -Pg0l ---- hohimWCpUhWAHRe4HXxpmxd9iMrNBC695Deinyp4kLA -M=X4 ;Ӈ%NzB`Ujo7 Z{bb1Lo [] \ No newline at end of file diff --git a/hosts/dn42-il-gw1/secrets/wg0565.age b/hosts/dn42-il-gw1/secrets/wg0565.age deleted file mode 100644 index 9255f8f..0000000 --- a/hosts/dn42-il-gw1/secrets/wg0565.age +++ /dev/null @@ -1,11 +0,0 @@ -age-encryption.org/v1 --> ssh-ed25519 HwR33w h5TekYPHD7ZppCsdbFXwSropEh3Pvju1VXyrPrI26i0 -Uqa6Wn1WiGhqig3xfLEXI2d40vtEuBt9CHHhXgTR0qk --> ssh-ed25519 g+l3bg cj76svaWJQARTcVsxbKe7lzn4s2iF2D+npuhUic0J18 -wqYWyunIERPkP/nHhABt6Ksg8Nu99Ca5Oee9OBFEz8Q --> o;|'Um8-grease q6 8l.de~N t[|ArlU -H/aOw57Pk0nW+L7pQE7qyc2yCxCEMaC9i6iFWCrkzHHly4bQWwJh9M5QWtv64IcY -VTo03EINmPdhIm46aA ---- fKdGdLoSJUu+99ieftkcbJ7EwMBkCXPcpqSvgydyUxw -b)dBvĎ (6n5-1%g` n4H^DJY -85XGMгAR;]ofr-5 \ No newline at end of file diff --git a/hosts/dn42-il-gw1/secrets/wg1271.age b/hosts/dn42-il-gw1/secrets/wg1271.age deleted file mode 100644 index fcec87f..0000000 Binary files a/hosts/dn42-il-gw1/secrets/wg1271.age and /dev/null differ diff --git a/hosts/dn42-il-gw1/secrets/wg1272.age b/hosts/dn42-il-gw1/secrets/wg1272.age deleted file mode 100644 index 11ad74d..0000000 --- a/hosts/dn42-il-gw1/secrets/wg1272.age +++ /dev/null @@ -1,9 +0,0 @@ -age-encryption.org/v1 --> ssh-ed25519 HwR33w Y7czsW3L3uROocoH8iMOjQeKE/yGSu5S0h++r5Mcuyw -7hkpnDGEKsUg6+RB4FqjX4+Bi9oELXsbRicJaY5tUV4 --> ssh-ed25519 g+l3bg c01IeQ7LJgY8dlMVBmzzWcQ8bO2EaqBpkz9yBRljyX0 -HGywAguTfrDOQuvgKVv5k18RjY/T58Kg5Qtj+4V3BcQ --> BX_.c-grease -lePY2fkQuB6flw ---- FXuXx4dx13ZIvEL68OiY8r5erOf3Duzn1NEyow0Kjw4 -[~C*gX7*o $_MƁV - XٸD{~! \ No newline at end of file diff --git a/hosts/dn42-il-gw1/secrets/wg1280.age b/hosts/dn42-il-gw1/secrets/wg1280.age deleted file mode 100644 index d610aec..0000000 --- a/hosts/dn42-il-gw1/secrets/wg1280.age +++ /dev/null @@ -1,11 +0,0 @@ -age-encryption.org/v1 --> ssh-ed25519 HwR33w oU0m9iZWa/Cgsp0aXT4EQvfBj1q1V9zGEfbsE0S71ng -hHr7o1olUSQK2qsN8+EX7aYHCCsRHXqd26261Wa2zMg --> ssh-ed25519 g+l3bg ZMS6yAQZoUSuPe39zGwRGWt82yk/W4L8dIR235zX82o -UMdF90/fPh4RPE3xP71cSWlnXbufnoKXtktOom/Huko --> z>uG/-grease J}D$mL Akt_ zP'h@ -Jqokzvw+5CD+qBxfAUaM/dVhzki7/rJpentlwyVjxDjC7g18bBHdCadLvOun0CsJ -PE8wq6dGpPEMctd3PLdWAqK+yxTC6KHgdr5m+78qAuy0/pwfuAakm8QZzchDPDU8 -Cw ---- Z/qEM/pbq4n11B5ludgCFLPcsWLN/9yU4f2Yooh5Oe8 -H!穘(El,6i?tmSPϠՒk)Jbऻ@)h#5o&FiaO \ No newline at end of file diff --git a/hosts/dn42-il-gw1/secrets/wg1302.age b/hosts/dn42-il-gw1/secrets/wg1302.age deleted file mode 100644 index 944cbfa..0000000 --- a/hosts/dn42-il-gw1/secrets/wg1302.age +++ /dev/null @@ -1,11 +0,0 @@ -age-encryption.org/v1 --> ssh-ed25519 HwR33w ZEFj+UhMCXhYuOBbKRE4NVZWkSDjIny+KZaLvNyB93A -KS4gCFlLChfWfpowk2SNQOiEhyWc4cWFY0IETz1iHD4 --> ssh-ed25519 g+l3bg kcmzQPIdyO0ulLbqEY5k0MByj16oRtB7x0zILxlt00w -HHRYxY21U4nRE2Iq0A0xQWIvMSrlp24oeRH66fDiNMk --> !CT-grease %xRuyV3 -XnNFHtT5of+0pXksm5y7o/3gRwaR8yxPErHWTnZHGslydc6fOxl1m4NNFkMGsvYp -XPxhT8HPbjm4stQ7q6uj+GTRvY3E9InGj1dODZwr+HyFykYmHkhyIZtqsjb5f33y -iw2G ---- eSQ/0WzRlVz3zmMm08ZA40G/+xbWtjCgYS4FFLAwx68 -m򙍂 K)1v#R&xI‘V'_cp75c ~%)RjS׭ \ No newline at end of file diff --git a/hosts/dn42-il-gw1/secrets/wg4719.age b/hosts/dn42-il-gw1/secrets/wg4719.age deleted file mode 100644 index 0eea65b..0000000 --- a/hosts/dn42-il-gw1/secrets/wg4719.age +++ /dev/null @@ -1,10 +0,0 @@ -age-encryption.org/v1 --> ssh-ed25519 HwR33w UeMcdbkpB2kyZb7ND1KEWuaJlAIYK6At8lrc0tHo0Sc -hMBJdGqBl+RQJZCf44aDfQ29432UJokhERRxMZo1Ob8 --> ssh-ed25519 g+l3bg +FK749MpyUVJd4JKoBd8i1heq+Ad5c2Km2seyDXU320 -d+Lq3tZI+KIHQzqr7PhlSkIEtPW9Bv8CTDueeuEHtSc --> 8#9iy-grease I 3;JW|; %M<}_cj_ eaH(5 -cBjbN201DFcdN2MJRxHjGJluhh/0q+E2R4TD55jHjkn/SDBMiZ1zuprWebXJp4Kk -FAAfJw ---- 4Nzghsh/lFOzov9JEKOxELBHOrd6Uz1QOzDNHeNzZ20 -6so#(:u_#Ǵ.]XzVBROXJʜ>ƎhN1AO3R]d34 \ No newline at end of file diff --git a/hosts/mail-2/secrets.json b/hosts/mail-2/secrets.json new file mode 100644 index 0000000..2e603c4 --- /dev/null +++ b/hosts/mail-2/secrets.json @@ -0,0 +1,29 @@ +{ + "clerie-backup-job-main": "ENC[AES256_GCM,data:AcvVowkDQC55qURusqMQNW5goLIYgaAyg6bZ0FIq0HhQ7UyICe1vPZpa64D5hY5danX/aaE6Hyf0DpWBG46yaw==,iv:/QJaUtxKSJi//vWBEmVM8vu/YlGaXIHLQy6qI//Aji0=,tag:+YvvFDosT5UqYoRXAazDWA==,type:str]", + "clerie-backup-target-cyan": "ENC[AES256_GCM,data:6gN7deW4AfJQMqmV8TAtyHsjpNSfKXvzUaRe4xuWpvS8iGN2hksPlqODjOw0WWVXIvd85oqqhB1fJi9Y+qUfmw==,iv:SXjAF8xyELo7HOsyUkDh1gyAdxuZykaG5XkYJ1eMQj0=,tag:zweIz9zy50Ce+99X4GKn3A==,type:str]", + "clerie-backup-target-magenta": "ENC[AES256_GCM,data:Sqokw8rDTiQEsKUgKwjt5+STaTEJSu+AZ+KVMQ5l65xcYwXxsbbd4X8U8/Ns+U4w1g3IS3XV2R0O8W410T20Cg==,iv:QauRkemk5fP/TRYKkcCY1BaisoTST5tKkvhEwQoGF0A=,tag:uUeS+4G9uHufBYS1k/BN9Q==,type:str]", + "wg-monitoring": "ENC[AES256_GCM,data:oU8WHSEKxleNMPv9z0IqWsVtPmGsiWn3qkA3FNu/vu0npCuOx7JrMLYxK8Q=,iv:dXJg24S2c8TVa2r9PxTJAA+LwIHvF7NSeqdy/h+j72s=,tag:ESLXpbortN0j4W5AVYXIOA==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age1cqzmm5e9ex7lm0v5jxla88v4haqcvv5c3j5e66f7y3mpr5muvv3shphhxd", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBjK3BDVHBlOFcrUEJlaWtk\ncFZ4U2tjRWZ6QzJ1c1d0azluQ1c5SnpuYlF3CjUzL1JKTnZlQjhlQ0ZrTUNFMmxv\nQW1DaXlJLzdMTVdLV21TbEJCSFBEM2sKLS0tIEE0OFFWN1I4L1JjSWZDM2RGOWQ0\nNW4vRG9DeHdzZVBuaWUvSDVSdC9hQ1UKGOQcUKDFUFnv7I4L275cHYWs6eEjG4oQ\neoznob3iNaiqlEQLNMNtffYx9djM8wQJTIDRDf4Gm02k+rupmE1eLQ==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2024-04-28T09:45:25Z", + "mac": "ENC[AES256_GCM,data:RkaWBKdjR5WOrOhG5vU1KtLq1md8Dv8BuB4GPJ852V8AiXibOvvNiL7cCm9LMPBa8kgY9gsFHVz6pOUmdO2ZtEm2soV8/0m7Y4qw+v0dmeO5uFbwe3cmPktSxDWde21ChgdKQflpXlo4jbG3omj9793nHGijRBMeWtUheH7nGPM=,iv:iHUJ/4VbsInlGA1OZBPhDo7ein3KK8q4FSLy+fWvAIA=,tag:4L+7i4MLtowei5FIWzGa3Q==,type:str]", + "pgp": [ + { + "created_at": "2024-04-28T09:44:13Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhQIMA5OzEzXewpmPAQ/9EE2Dw5cH3pD3p127GXAFdMnj9gbUl9NAOoCUgCq3Aven\noTU69sjKgT3qyNZcrKCJIWYcbuQxZ+1qI1/2Qy5AYwNtD8AxDKXa6bEXmLuIpRrm\nN9n8gDmt51jNoOhSfjqmq4q8WkOevGHaAseOIaQbAIbnO0ZGOTVKey5wUNY5+ecQ\nY2Dsp9b3Yc+IC1pYejyjIw95vbaa4LH0VDURWFgDeqmza92AoPVIMeUk7U+divkB\no1KS5FQEYOD7exH1JqAkccPIWHykFbKt4z+NnJMiwm4e/3BjydMhQjKln4V7moso\nrrbj1O2LTAxIQyUS0IJahT8ibejrHeJMMwo95kjZSaLgVoEdDg0drB8EITKKr41J\nAQzLtXD5tJT6kq7lSdO0epmQO9Ri3hK+S0TUbgCggXC+4mQlqYD5rY0thmI6N2My\nmkHcMDX+I8BtiabvJjiPvgf4KICqfD92/81BA9DVrTBfi2pFTDUY41n8hggHq1KQ\n2C65YJYraEnaZrDo0sDxEvdkGXuzMawKMRzveAFKkNRFOHe2kLzbbomRel0Z8QC9\nCnqisqKXq0pNbfhWV2ofb+ysggKMiVZGu85DEZtF/RiochfffPX5URs4tUIDC99K\nSYQ8eqXBtXGLijmorJ3gJYeJGdopNHVriZRWbrp0KfXjuMn9Bq89kdiwFKTYlfiF\nAgwDvZ9WSAhwutIBD/4jqA8jW+pDdKjNsACkRThSR9+Oa/FLcSS5MU500qLfiZCN\nWR3Unlz/eyBZEzx3PyL/s0DgzFGANByqSEbyUMvcJzE3VPPKwai4hBaJ3IHn2LzV\n/XEd43Ogbz4bhda8Z5Mq9CRSqJqixL6qOH0GSzGSka0iPvyBXPqLqBoKh5XLYKWX\nI7eDVmpr5DxNL1+X/wf8V7aDZbV6UB/BaLF6aFEhO8LedlNEmVsWDRC0J6OEU3d7\nTXxAHU78co84Fu1Koj6IbGvzoV5S2jc9RPlOog5l2vmpA5VTWtGHGL/kvw90HIiO\nQ9Id/D/s9uLRdwBCaP++85arvcxB4lquJNEUntBSCznqoKIzhD0c1NyWcmVEutXz\nqWmVyOKIFDiBdCnHBf0+/H1w1qyyzPj5etilhmgS1+/RH1qpHaxgOdV770XDH432\nYtuCpYffrtPq/mRjtj75VVR1Owp5ce6E5K3EJxuTGCsyBwW1/tRKzH3bXtdJ+nkV\nmvLnylKRz7pNGSWoJ3rF56b/HLJnsjQFxPqo90cf/uPBpwBLXngQY0tSs/yz17J0\nuCZ0EVMmVSvyVz6iRnQZE3CaMX2/IEdZQIgf2T7e/hZVrN7F1WYjrerF//P67GB2\n+0P+cppVXRTVG4InkWKvAupWnX+JVKl333LdNamsHGBpKft8ZLGOkuY2RLtw1YUC\nDAM1GWv08EiACgEQALWMtNvIuP2zGWyItINQfkyUJDY5JKlW5cBZCzONaTwWm+f9\nvJ4eFAOpV4wBbzKggLrBVPQrtkIAeeGWhGA5C51E6feufzZuOvqUAUmBoQ+M3mQb\nvHH9LteZNWdEEB5uJMCenyr42feWwwNSf/KaXFkhoMitsnRUZVvXhfIxGX6jADy0\nK6c/zKQ4IB4cNeI+CVV92iXRGpg7nVQlZygRVynTb3/mhnFJmJmGxlem2iy5hyMq\nh+V2cABii55eo4JUdhgZvogE/jAqpRu3s89JGehivQYO4VSG834aOsBe0BpSRx97\njbG55f8kde9I9+vAMsY6UlCXuCO7WtxJCbkfoCe7s8SV3Vlo37TadjgyyZCuUsZ/\na6bTyEyrW+gsFaD+8j/DcSr+O+7To112j5o0vrCuoi7zeztKFQuBboPiTotMdzWr\nPgHXGyRM+2XnEFpob0HDo0oK4gquxccW+lEEB8kKlxAWLanJBJMou7L2HIP+iOxE\nX0gsPpgAbcs6eUAIvWr9NQFtnjIrl/sncYyxAO2WBYbjEsD+/dFNUoqVLc6vf/1C\nLZh2LO+ljx0BNpRf33DiFLVsxwiBduI+WOavPv3Y+hR2kojUA1vWm7FOYoegUPIZ\neZgQGx5PVcnwlQZMiSxoqCX9sxYWrbqKzeLH4AkElVaKsgRxWpNG3CysVX7+1GgB\nCQIQtyNgGJ1mMi/t/i8po3WJYE/SnSA1d/9pWWRBzWxBptjT8g5CG0/xRAaKeZt3\nKNdeddofX+ix7EaECZE4nFUn/YJJxoSkPahxT8wehRmCPIETn683QQzp6usiTcOW\nMgRyIVIpxw==\n=467O\n-----END PGP MESSAGE-----", + "fp": "0C982F87B7AFBA0F504F90A2629E741947C87928" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.8.1" + } +} \ No newline at end of file diff --git a/hosts/mail-2/secrets/clerie-backup-job-main.age b/hosts/mail-2/secrets/clerie-backup-job-main.age deleted file mode 100644 index 4928709..0000000 --- a/hosts/mail-2/secrets/clerie-backup-job-main.age +++ /dev/null @@ -1,10 +0,0 @@ -age-encryption.org/v1 --> ssh-ed25519 HwR33w RN8+JfVQyrIYAxZ+S6M2OI8brmmMPUKXOZ3/qg3vgmE -iT3J545g+dt+SoYKtHPMscWOOF+OwLatL0fxtZRSwwA --> ssh-ed25519 oxA+GQ vOrlx+R54Xy1KY9JLA3+yVx0ABkI78cJc/T4XwT7hS4 -K0kQF9V1Y0MhMyMiNZ6Dz6eoPE2eotoivBMGsuLGpIc --> E>"g#-grease K`O -zCtgxXJ8Eueb0A/1yQGyXEmzQ5QqWgN4kMvAg7WXdjZu0+BvX2eJKg ---- 4G54tBk5pGtOOmWE7MaLzX+B/36VderlnX7mPp0G1T4 -u.fNt -!G?pWٚ"IT5ram+ 'ܴ.:@sK$csaJ#4}Y4XA҇AQI< \ No newline at end of file diff --git a/hosts/mail-2/secrets/clerie-backup-target-cyan.age b/hosts/mail-2/secrets/clerie-backup-target-cyan.age deleted file mode 100644 index 1a596a7..0000000 --- a/hosts/mail-2/secrets/clerie-backup-target-cyan.age +++ /dev/null @@ -1,12 +0,0 @@ -age-encryption.org/v1 --> ssh-ed25519 HwR33w grZNMpbl/mC/0aVUkkAVx1wFXqNhlEEW47nfGg7VPAw -V97tOu6Md4Tus3CYkWTPE6twfYJrA0CrkLzwl15g05M --> ssh-ed25519 oxA+GQ 7KMJYf6Pu6VACi99ihBLT6he5ekyk/3bh0ywi7QJCzY -28xbWqcmf91VAUG8O7wd9SB2NxuhpYOxSiD94464KLA --> Xmw-grease -+lH5WuYbQEraP0WmsSZFvk2amdQSIKw2xOB+sq7nPiTGdW2Vax2YzWOmxemmAcOT -RKimkWKeZZeSphtzF5mC2qHIuxvXTsIkmgXEM6TKhdw1Lo6tQPZR ---- 95yXuwrQpvKOffrfYVgzvteOx/mnmLP0FLMBW6mruHk -31^/O8'1;LJ-3t`}u,Y)^D!dC(Z.Yo;Lx3+ -|1 -j<]\]9TmL? \ No newline at end of file diff --git a/hosts/mail-2/secrets/clerie-backup-target-magenta.age b/hosts/mail-2/secrets/clerie-backup-target-magenta.age deleted file mode 100644 index 31d5118..0000000 --- a/hosts/mail-2/secrets/clerie-backup-target-magenta.age +++ /dev/null @@ -1,10 +0,0 @@ -age-encryption.org/v1 --> ssh-ed25519 HwR33w K732eysp/CVQjjcTzH7D9QXa7uLnXQq9ADmycPC3rBw -lDAYQh67KzDjRE8078jwOBJlwLywN1lXs8nyaOXl4JM --> ssh-ed25519 oxA+GQ WBOUa6FzgfniPNFJA4c3B5wfelqEkIrRGDybFYoRVnY -8GuZsyABMEFjkPl36QIWaxFuC3UTvtHpwuSA76RPIYg --> Y-grease -R9sg83IE9qdR7Cjo/RbHZtBNRSNTy9XjNogfEekrYhqrbVvcx1LPBTGXHgmvq29u -Sj8u+wA ---- AeEL8xBBPoy3oYIspVyU7Y7VkCwtEngwQNQXZmFnFUw -`7Z~1)UCq3u0K%\mq+"`& $ #f~xdnމՊv]xPr L69ESv \ No newline at end of file diff --git a/hosts/mail-2/secrets/wg-monitoring.age b/hosts/mail-2/secrets/wg-monitoring.age deleted file mode 100644 index 3ac86aa..0000000 --- a/hosts/mail-2/secrets/wg-monitoring.age +++ /dev/null @@ -1,9 +0,0 @@ -age-encryption.org/v1 --> ssh-ed25519 HwR33w ApVDih41Q8aoto0YvmMSOD2+3vVr+VxTzYPOv6XhQQA -4MVLROtYiHCT3MVqyFl2yLteNANq7MSIgliEbxIdavQ --> ssh-ed25519 oxA+GQ W1k4A7BrFnPHPPT19mfwJQKoGfGuYl40fgJt2FVixmk -LOCjXI+rd2H52SKwmdCkCyvXp31cPqtf3hUg8IlSwws --> Gb!v-`J}-grease ]h J$ _ABg xWK -fFoZmRMYwqqe4hgvKk93RI1ItPYB/fMMHtlek49RbPz0uss ---- U0myocqigLS1D8hXpYURyMjaOKOGDHYRqzoBLE6Udw4 -*ߪ(כ卞,IX$(:"t}7jA)tԍڐ2B=ps+FCllT \ No newline at end of file diff --git a/hosts/osmium/nixfiles-updated-inputs.nix b/hosts/osmium/nixfiles-updated-inputs.nix index 3327e80..9db1018 100644 --- a/hosts/osmium/nixfiles-updated-inputs.nix +++ b/hosts/osmium/nixfiles-updated-inputs.nix @@ -14,7 +14,7 @@ WorkingDirectory = "/var/lib/clerie-update-nixfiles"; DynamicUser = true; # this sets the correct file permissions for the ssh key because we use DynamicUser - LoadCredential = "clerie-update-nixfiles-ssh:${config.age.secrets."clerie-update-nixfiles-ssh".path}"; + LoadCredential = "clerie-update-nixfiles-ssh:${config.sops.secrets."clerie-update-nixfiles-ssh".path}"; }; startAt = "*-*-* 03:03:00"; }; diff --git a/hosts/osmium/secrets.json b/hosts/osmium/secrets.json new file mode 100644 index 0000000..ce59b79 --- /dev/null +++ b/hosts/osmium/secrets.json @@ -0,0 +1,27 @@ +{ + "clerie-update-nixfiles-ssh": "ENC[AES256_GCM,data:B5bp+zUSYs6QdWRH9bKore0UYhgj+GXaxgvhr3sixz7pfjOZ+aXi1owgFMWzhK8IYrjkmU95320GGSaOdC/f1B1Y+XuftQ9+Ts/TkfBPqcGNmze/qaHjwODMzVreeACrEPVti6h99Il7a8GsB82kRLCPXB/sDf3t0lAx5KZ+x1154UUcYDiJo8WoK7tF+gUBRniavuHtrzPm824zK4ziSXoRcGWwEMowhs+kroDxbA5T2/l5ch3kNVoir+ijuiDQcoWUUA3kXNHgWHIWiWIaDyGQqchq9/TPLN0kA/3tVEmHmfMlIZXSP6w11Y8ItSABkKhXshgC87/QrtnSjev3suGWboD61t1zR4YjDZpcZ28XrM2/XDiFWMHtJzlvtiuh4KfwlSrkkbAjYnr8/Xv/t3ZeJmUzC5qiEzywjjHDhxeTaQ5RZ2LgS9JYjNXjRQVudXYJvH7MK5WxnAh0h2/6WAdiwx4EKfSy1zsc7a4b2pvWf7JBPOCkcn1Suqbi01LvDVrQAj7xT0ifkEg5QAGGeQErbbOs+Kpy2gDjTcySNyxBwVU=,iv:cVYtqW4ryWzXGjh/QoHpeZRymOXs/a+Ai5m+l104s6Q=,tag:UOzdJpQZRw1kPvOljhcVWQ==,type:str]", + "wg-monitoring": "ENC[AES256_GCM,data:ItR4B3L+dKrvHMNYXdTBJwr1K74x91+wfCuP7AXHfag6HaJO4F4r8h4eIto=,iv:jhSf0pYm+RjX/zzg4nZ6/AjYDo6wZUI92eBdN+AmecI=,tag:zVnrZmtUIM2dvdLQKEzM/w==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age1v3ld7wgdjt7ravp4r5n2mkt9su9d9ecmrnu6xtuny309d8jukfjsxsc570", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSArMjJOUVVnVFJaVXZPdW5T\nMUgvSGpOQXNWRGRRVDkyd1d2aklhUmo5SFZ3CmxJWmM1dW9nMzBocEhCTDVUem1I\ndFFhSlBSSlV6YzdpTGEvNVlCWnZLcWsKLS0tIDhOYkhheTN4bEhWUjg2YlZxdzlB\naFNFazJabFhocVVDeXZ4UXdObUJPR1kKrUnHYp4kAZC21VjI7CcmbNiW5J5PHVFh\nIL8QeNnjn3df5kSRm/EeTV76LFsBfaEJF5usBNc7A/G/VF2kepp2Ew==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2024-04-28T08:30:00Z", + "mac": "ENC[AES256_GCM,data:4uaZekojGS1dhP21DKKgvRkHMxHR+s0wn56pFJ7/vwRDjSKBRg+riaIylRyWGuo5Ww93NU2BNBzyt8nO7PHymI51XsHZL8fGrn26JXdZ0vxTLiTHOpl2ipRT9t4JwyQdPGzdcS2zxf5RuxUtvpr+Hnoc9+BdvU0cQf65Uh9xDZo=,iv:2YhEIkVxQwlZAm+6smgDcciKs0rw+MUIaVkhiPFK93M=,tag:oRcWPAprvuArDZa4BwVgoQ==,type:str]", + "pgp": [ + { + "created_at": "2024-04-28T08:26:35Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhQIMA5OzEzXewpmPAQ/+OMW4PCP21uyCS49MORrTMv/5xHClkfGZdggCe6RMzm45\nnfPvZCQhrAN9/969tR4S8O/eRds5L1ab0Yt7242SznL6vSLWE/zjFtaMLHZOWpEP\nCNxjcXBB0i4kjy5MnMnSKuXt1mEdyrDmED6nw2ef1AVgwnoIl5a6NtvahwFaiuFz\n5gebQQ2aUCQU1gxAcW6W3o03/FKifFvULtg4I6XUyZPmbmbzf+IavxaZ+fISnvP1\nWffniN3IiBoXT1g8VJ6szmizy726odpnESAs1EPX/dafs2fdzxQOBgF23Vn5Kp+8\nwaAHqJjH1C5f6XmfjhotRy6mg2sPqwLfSDDYnMzY1UgLTKOSJzZZ6a4Y9scc05lx\nkxechLj30GzXrSrjkuwGRTRRgKUXuDb6XYI2unP8DNJbuiL4nml0rxUTUVaEmQuX\nSn3d7EfaTTutp4u5yqqtv/DbY8XP6pKGsVZsQqhVX9byuvKJ1bG+olX1wUVZvXzh\n4KUXwKyMErTACdWmvWgxRQHM+omZ3YR51zg4JpaJJHTng3bxfQDLicMvS+jDUXwq\nhrhlxxMpfl7fHZWbUa33YWvEznbWQ5uexpcLiAL+XMp1akGkx1rwjH7qNLWir4KF\nZ8Jyd1d7zHGnsYBRsWXxtaaIOux1LDkpD4plHwG97Q+TmZroigXC0THgS2aSKv+F\nAgwDvZ9WSAhwutIBEACYc3UQ2K+ZW8myCrTOihn2xlItd1IO4yIjaxyKwXvrBp4p\nm2gSS9qhsugrHMCr0dfXLV+50F9fgqMgldOJd9+KqhZdeZvKcKzmqxXns/MV4i0n\nlJkA7wIV0gCrH7rzhn/WEn53BrKZ5SIzatxkyMdncpYWG80bvR7J5pGUB0t7ARYi\nqmGXRrXCutD5Ln4U1+AewqONTHlQ3m2VjxgBx+RfpIjpN0MShGh1kNxvpCJSqpXe\nvxTx5pNB3P4/D1YGtCzKegVwdPTXPoh7ljbwqdRwIOK/TSa0gqlqCZPr+v94+WrK\nS8ng8sKqC4fErBIUdR7eS0UZsdQIyZrl8ovD+6hDzVO55i1q5YbJLmYXmJdsvpux\nb1S0Nys9JeSdNqAVqErsXMLOWa55tXGCs6yIaqDu0Ovj3cdabMRPSoF8DmotUAxp\n7kzo9YQmMKNBx543l9VrKL1FYx3wGAo93GtWt19AO2J8gA0Hfm3IQ3FaNNsW/+ke\nwqaUgev+3mRGHeA+l0CeboMTkE5MIaEfZA9SQ9q/7dPK8mfqQaYY2CMhYhVB5fxL\nhT6/LuRAiPnmEXuTsLXet1n56W2b7j/dnoDIqGTjNa+3FSMPECnuhYM/PKIXmcLT\nzG/V2Ul9gVw5ft1uisbbn9uAcHI7UR3DR/MbRItNkxzsSTmJRl7VsZuRPYp1poUC\nDAM1GWv08EiACgEQAIg3E+6WonwjXMwfp/TaNtGBUVl65zkZ9OPImozfEqDinDDH\nBMzfkGR0QS/FmDXFCUCnNZX+T0BGVh5Lwh5Roc4KyomD4/IYVZLWnw0bOIpXLo+L\nd7E+Qi8emthdsF/NbW8FX+tkV1PbIfyGhZyDhYsp/7oZHWwfzMGH2Pc7jCMjyfvC\nA5inGSqlocC52TKAfgbqLdwpXWSbY7XYU5FNeqg2uvo0gdHTHzwKdWN2s+gV1s3F\np/BbwV8NtF4FR114gHRo27GwK9BIMKUQg8E9mJwt1PpMzLIdR33pMxq7jcGOzZwo\nojyzuD9/lIkk7FpqqTOt4VK4O83WhnPmGwCNWo22kBp9CNAeoijhFQIZ2su52msE\nrfy/KvIWIrrtaDGnis1MB9iVT6CKDx6ciUa81usLr5ufda+RWCU3/gDG9IL1pKHn\nRYnc97SDRDLtwV90BEzWYTLyOnf+TnpXL5299ab/U7eFl3v2rlaG361i9zgCQPjI\nzgMok4OoA8wPtBHvQsFwPKS4Cusf116l/HBvKMHwXVTl5EwXday1/hYOi4+o9zYG\n+Insj4UFrBWSDCbktTbxlj0A9zZf1pyaFw9T3MxnEipXaGsISCUwMcsVGokZY5lU\nRR9NgQu1cwQdr7Osr74Zz6VcQt+UEvwiutiRnkt7pXY+vuRKRVt29B2z0J5q1GgB\nCQIQs9f2RqnYIpHyVAkg5Plc6vlEnBwnKAOqAfwJT/snTFpclYFL6xPfKEIrOGwf\ncyBSoIX4cohrwcZk+zslFfKWQuIMTnFbyG1eccxBCZpH23pQAb0RZksEi7Uc2C/v\nuFkTA+4x6Q==\n=ATnx\n-----END PGP MESSAGE-----", + "fp": "0C982F87B7AFBA0F504F90A2629E741947C87928" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.8.1" + } +} \ No newline at end of file diff --git a/hosts/osmium/secrets/clerie-update-nixfiles-ssh.age b/hosts/osmium/secrets/clerie-update-nixfiles-ssh.age deleted file mode 100644 index 497a234..0000000 Binary files a/hosts/osmium/secrets/clerie-update-nixfiles-ssh.age and /dev/null differ diff --git a/hosts/osmium/secrets/wg-monitoring.age b/hosts/osmium/secrets/wg-monitoring.age deleted file mode 100644 index ace88b9..0000000 --- a/hosts/osmium/secrets/wg-monitoring.age +++ /dev/null @@ -1,10 +0,0 @@ -age-encryption.org/v1 --> ssh-ed25519 HwR33w GdM0PlWSyTELO16TOGV5qVDnpy+wmRVISm8zq4AkL2I -bFPVH0sTvsAoewRyetxxMDq4TXKBbo9kcer4j/+TnEY --> ssh-ed25519 e95K1g C9JuyI5jzWfFdhN6BNiUeEUHyVTW6hrZzf0fxHWniGk -TBU7VCgk1OKYwc4ol+kcKnAUXae83BePZh2DBoTGz+A --> "-grease -/GBX/iJRT06Kgz3sXOsc4gqb5ZugnM0qDWBBCsrQ0cWkhswar/wIocSYVilsrM+0 -X8ZhFq0LIN63eCcVcw3bLk4Kvqz/GCF68uk0VOxxSThVZ+rj ---- xW5X/IzB/clE7LZDkvD42EUmKnwEmgDmzPrKR5ni/uE -Ep}:.fG(70T )V|O"w12ukwn֚Nѩ3}͂XCB \ No newline at end of file diff --git a/modules/backup/default.nix b/modules/backup/default.nix index 8d02489..6db5467 100644 --- a/modules/backup/default.nix +++ b/modules/backup/default.nix @@ -22,9 +22,13 @@ let ); backupServiceUnits = listToAttrs (map ({jobName, jobOptions, targetName, targetOptions}: let - jobPasswordFile = if jobOptions.passwordFile == null then config.age.secrets."clerie-backup-job-${jobName}".path else jobOptions.passwordFile; + jobPasswordFile = if jobOptions.passwordFile != null then jobOptions.passwordFile else + if builtins.elem "clerie-backup-job-${jobName}" (attrNames config.sops.secrets) then config.sops.secrets."clerie-backup-job-${jobName}".path else + config.age.secrets."clerie-backup-job-${jobName}".path; repoPath = if jobOptions.repoPath == null then "/${config.networking.hostName}/${jobName}" else jobOptions.repoPath; - targetPasswordFile = if targetOptions.passwordFile == null then config.age.secrets."clerie-backup-target-${targetName}".path else targetOptions.passwordFile; + targetPasswordFile = if targetOptions.passwordFile != null then targetOptions.passwordFile else + if builtins.elem "clerie-backup-target-${targetName}" (attrNames config.sops.secrets) then config.sops.secrets."clerie-backup-target-${targetName}".path else + config.age.secrets."clerie-backup-target-${targetName}".path; targetUsername = if targetOptions.username == null then config.networking.hostName else targetOptions.username; in nameValuePair "clerie-backup-${jobName}-${targetName}" { @@ -68,9 +72,13 @@ let ) jobTargetPairs); backupCommands = map ({jobName, jobOptions, targetName, targetOptions}: let - jobPasswordFile = if jobOptions.passwordFile == null then config.age.secrets."clerie-backup-job-${jobName}".path else jobOptions.passwordFile; + jobPasswordFile = if jobOptions.passwordFile != null then jobOptions.passwordFile else + if builtins.elem "clerie-backup-job-${jobName}" (attrNames config.sops.secrets) then config.sops.secrets."clerie-backup-job-${jobName}".path else + config.age.secrets."clerie-backup-job-${jobName}".path; repoPath = if jobOptions.repoPath == null then "/${config.networking.hostName}/${jobName}" else jobOptions.repoPath; - targetPasswordFile = if targetOptions.passwordFile == null then config.age.secrets."clerie-backup-target-${targetName}".path else targetOptions.passwordFile; + targetPasswordFile = if targetOptions.passwordFile != null then targetOptions.passwordFile else + if builtins.elem "clerie-backup-target-${targetName}" (attrNames config.sops.secrets) then config.sops.secrets."clerie-backup-target-${targetName}".path else + config.age.secrets."clerie-backup-target-${targetName}".path; targetUsername = if targetOptions.username == null then config.networking.hostName else targetOptions.username; in pkgs.writeShellApplication { name = "clerie-backup-${jobName}-${targetName}";