1
0

modules/monitoring: migrate monitoring vpn secrets to age

This commit is contained in:
clerie 2023-05-02 19:42:46 +02:00
parent cb12fb64cb
commit dcf8bc4035
19 changed files with 137 additions and 1 deletions

15
bin/add-secret.sh Executable file
View File

@ -0,0 +1,15 @@
#!/bin/bash
set -euo pipefail
cd $(git rev-parse --show-toplevel)
host=$1
secret=$2
mkdir -p hosts/${host}/secrets
nix run github:ryantm/agenix -- -e hosts/${host}/secrets/new
mv hosts/${host}/secrets/new hosts/${host}/secrets/${secret}.age

View File

@ -0,0 +1,10 @@
age-encryption.org/v1
-> ssh-ed25519 HwR33w NS7or54RThBygIkXukAmaMBerb3XzBl9MWxhhXSOHTs
B9+EuN080AMUEdm/KRVcR/sqlw0uC8/lO4VFuTkfECk
-> ssh-ed25519 eelCFw KF1iYVpI/owY2K2entqcm4KaOztBC1Y+9/qK11s3Z0Y
IS3ABKW5+NEDW9bJ2KAb64WiIkHoMibyWtyuF3sF3eI
-> D,/q5iN-grease
LBaWGpsSun/TqNuM8OnhBu6/+u4NrwgrSe7iMkER7yrA/j4RKDfzHC17P9l701xN
OWFhKaA1qsxwe2Pk+3cN9Tp7SklE/hY9ADIvA1Jqqa1uVhYonrpZFEUXPVbnEEs
--- JYxwomGwWYbjcoqV5u3ReD/2kaZ7XQmxc7aUEZOGcCk
ŸAŒæëîî,Jýi¹øy¿<79>8—K@¨æ¾Ú¨0]‡—_MM౉w7Þª!’Ϲ2ѬÔóJÞ¯ú˜Àœl¯QtÆÜ=pùÎÜ$

View File

@ -0,0 +1,9 @@
age-encryption.org/v1
-> ssh-ed25519 HwR33w IkxlO8D2o7SoBGyg9/edvw97sAqj9e1nUtQk9ci8tws
t3mju7vCMEQcOs21Q56U53hTYyplMlj8L89oVVcgifQ
-> ssh-ed25519 5EcjHQ W1oWURPqGGfSwDZbIfqKVBBL+fMdLh1KnW3mMqALWmA
RbuAx/Sgj4wmuzijnjtS2Mai3n0T+89qSv2v5pxDfVw
-> w)}-grease $do
nc2bWeMeBxc3hd4XkX/k+isQudb0VZBD
--- 3Smsch2WrfWCMaeQffV+52LBY11YTtUa9K40DWrsAzY
Ç×›Ž¼öŠ¢u•í€In´m—»)­”n‰ÖO'ÜÝÎ Âq—̨¹r•Ü R{€ŸâT<C3A2>=‰žéïjíc‰? Hw]dBaÏú

View File

@ -0,0 +1,10 @@
age-encryption.org/v1
-> ssh-ed25519 HwR33w t9osbbi1s3J96OhWrTgrNmGHfIWUAqB4aFvmbNqtTG8
DD+iNLEd6WBvRS8PC0pfiCgNmVR4jNwBZHcaR8a814Y
-> ssh-ed25519 ILP4Ew sisQcIh1A9M3qwl9yD+cSPNM/nnNpII+Xfesj9mwkRM
7h/dPRCYHA88Q7lWvvPvdHf4ppCiEnu9ca6TY0BZLzY
-> {9O-grease a_:E
g5khXWjhnAYGhbvvT8+gbde58hiKZe9UtQfsGUDvnngA+OQulOiV9+tRX+yuzUhb
0z6nyMS0R9kPFsSFg7H03SYbkKaidh54FCYzyRMLld9nHYe6mUE
--- zDunV7ZXq7wNxXOVAdEUJmeGI25kHpsO2S5qNklhHQ4
G T¸$ìä;¥¸&Nn­g=õRÁvóMS¤W·s/ÚÕá—nÙðÝkÿÚŒlL&jíG§ÏERÐ(_™VBvÌÄ^—ˆ&iä£:ÊdÊ

View File

@ -0,0 +1,10 @@
age-encryption.org/v1
-> ssh-ed25519 HwR33w +AFhSTsqwKkww+OGHnKI+qi0JvrQVe8p+XRVnn1oZk4
t7nBc4g5guqSsP6XFWYLAXPZEKFJA0tk4GM9XP3uoUo
-> ssh-ed25519 g+l3bg LjbGz8bbxotI4uhVaFzCjaOohfjJbTgPCbQ5UgCVgEI
+7h66Z41OSyvZjJ7ANYFA+ut1FWQXE79WonaXE5HREc
-> OapV-grease jkg)M@ NO4*'ml? lUG]H liUD3iK>
628DJDgpTFp0XP05robVn8j6/3f340BaYvdZIKLKvqXp93GufqwBnfYRIjYDyolA
Kt0M59kSw2DOtaYaOEk/E5BJhdYa+cDBEs8
--- 0V08Pg4II/yihrNWngXKWXwr6+Lcu9+XijZYupCyzHo
‡?aÿ•S,¨Ï&<26>\BÒ—8ãÃXüó]S^BûHIÆ-Ý«øê/­F™'#ç;Cî@o&~©iû «Ã‰Ý\=éÍÔ¯¦

Binary file not shown.

View File

@ -0,0 +1,9 @@
age-encryption.org/v1
-> ssh-ed25519 HwR33w 5r8PAnWrr1maOMNehoMkegIq1RvYcOTVSC6aynbI9Dc
g/q8AoKehfdRK8zuIVfj1TQeu37PQdUUXEPez07d2x0
-> ssh-ed25519 I+qNDQ r2etKUBWkHA4X6wpnGZbMmkLRQWhZ4JI13mOV3XX3Xk
/FJzTBB29gVH0VAeStXzi4rFZNoc/odYjXyObq/wVuQ
-> !YfpC-grease 4B
4ZoUV7O6DjEEHUXCG8+PcjyDt64X4nfKcnH1xt/45Wc
--- HptZmw/gU1pbkVwRvrTvDSj6Ly5ip5BQrMMyvVDULZ8
ä\éÅx!*—¿z¿ŒÂZy`¶àÖÆ“è£qÝm„S=€éyÙžjk*WÃÞ¥ï Â(,ÙF`štˆ¡¦5Õõí×<51>÷q¬Xð

View File

@ -0,0 +1,10 @@
age-encryption.org/v1
-> ssh-ed25519 HwR33w ScSNP64jvvU/1t/fKlXPW9vaPwGvHwy6UEmGRA/h9HY
GV0KnasHBoj+qtTIT9aI0k6A/XgHPFXvmsApPDhAjc0
-> ssh-ed25519 W4Oy+w 455qbO83X2y2XZR2obj4IItMGkrC/WiRc6B2jp9MOEU
RLT/FkTDWJYHtAhtYAEHaw+CcgITvgBJKLLrN9MpMg0
-> kN4?-grease sJ p ZV(8^Djl N*7)k~
0wq67UmJOPjObCWQhRSzUE6kWIhZsmv4zz6lEt71YoH5nFb7TzF1vYVfrqMycht2
QvzqtKMNAmFu6jv30X2ULBIjLNajtMGeZxLyBIjnbkCscnoWv4c
--- 7Fu5hMch3bfWXWlCwRvhVQCWx444fy/SMQyOwUyidqE
çlþû=·3Y`\¾Ô…º…žÚR@ØŠ-é¼¾´üK9)X„в܇YwÇ -*c]¸ æv˜ï>“P1Råð~

View File

@ -0,0 +1,12 @@
age-encryption.org/v1
-> ssh-ed25519 HwR33w iq9GCoMvjYmB36sb3ObwjSO2eL/wyyxTsIbJ8lye1zE
6PcXowhq3ADvC94MQ0BuFeyiCxmxWwwgEjve2fP3uRc
-> ssh-ed25519 UgSomQ OtaRJDru8abGAMKcmcF0YHPDMnilqZAk9LULZ3eVd3I
3vzkjiqpOz1rIODQdO1QTs7j8JW+f7/9hrlBvb48z+M
-> zXcO;;.{-grease
w1zwccIRbNRBbiXF5p6fVAS1Fm8OUJdq105gfEaGNUgEKSzUzGRlron5JemsebJt
6rLBebjmtxrgLOMvPMbtpX1hQJOrWV6yVJkBOuqlRtVdFPNMrIEWXc5v+VXR8Ccx
XMs
--- v41dXOCQtZwpIdKXoQSB1oblr17HunSpwoRnfPtKkS4
żM%÷<Ô„âĚćŘËŔĚ<17>[śëú÷_WĹ!sćöű<g‡0+2,43>
.ŐH<C590>Ţo¸0Áw6tß?¬™'Ťzo× ÍĐ<C38D>hĚ

Binary file not shown.

Binary file not shown.

View File

@ -75,7 +75,7 @@ in {
ips = [ "fd00:327:327:327::1/64" ]; ips = [ "fd00:327:327:327::1/64" ];
listenPort = 54523; listenPort = 54523;
peers = monitoringPeers; peers = monitoringPeers;
privateKeyFile = "/var/src/secrets/wireguard/wg-monitoring"; privateKeyFile = config.age.secrets.wg-monitoring.path;
}; };
}; };

Binary file not shown.

View File

@ -0,0 +1,13 @@
age-encryption.org/v1
-> ssh-ed25519 HwR33w iEMelLHDM8EUtRxTjZakRhyaCgvu0y078c2m30LjlgY
o7v/DLKisYUVOgr/q5R/vdrFwsvibdPyGmDdoYxG9wg
-> ssh-ed25519 wTWpBQ R1dUP4h19a97U2pRtayUWOer6SZr0K4NQ5HwfxlfljU
NwTJQET27YxUZVMr0Eysniqp7R/mhVLjrcv7KyKk7HQ
-> \'G8L\\-grease
IYhz41mhvSiBPNpEd//WIhhxz58Rj5nQrnsyNUcNJ8DJo+u/5XsMX7xsiUpPlqZl
gljbE5k3W79kGV45+gTGbBi6j1kwM98ZPzUx6zF/wdkV+6/UdRvcxdwCBeLMQCpE
--- 9cL+fMX0BHh+Tdtx6DBoUG/U/dVlwX8YN0CoWIZvU/s
F [*ðT°ÒT;—^b&<26>! dÇXO¥ä†@K“FÓ
˜%/åÑk/'ÒÙ­ƒÞòèÐ/{
û¥¬nçÓCn«Î"¤ÎZg/? j

View File

@ -0,0 +1,10 @@
age-encryption.org/v1
-> ssh-ed25519 HwR33w GdM0PlWSyTELO16TOGV5qVDnpy+wmRVISm8zq4AkL2I
bFPVH0sTvsAoewRyetxxMDq4TXKBbo9kcer4j/+TnEY
-> ssh-ed25519 e95K1g C9JuyI5jzWfFdhN6BNiUeEUHyVTW6hrZzf0fxHWniGk
TBU7VCgk1OKYwc4ol+kcKnAUXae83BePZh2DBoTGz+A
-> "-grease
/GBX/iJRT06Kgz3sXOsc4gqb5ZugnM0qDWBBCsrQ0cWkhswar/wIocSYVilsrM+0
X8ZhFq0LIN63eCcVcw3bLk4Kvqz/GCF68uk0VOxxSThVZ+rj
--- xW5X/IzB/clE7LZDkvD42EUmKnwEmgDmzPrKR5ni/uE
‡E<EFBFBD>íp² ·}¨:.œf¼G(70T<30>¨ )VÀ<12>|¾‰O"<22>ýwÈø¯<C3B8>1¸2‰ž½u¡ókwn¬ÖšøN£Ñ©ë3}ÍXC¤ÞB

View File

@ -0,0 +1,10 @@
age-encryption.org/v1
-> ssh-ed25519 HwR33w ctm6hruSuzSBwGGcW9x7qIIFe7z+AGhlO8ICU8cwO3U
9fhK5PdJJn7BpM9Vplrpi1Gcofpzafv30z+O2SuEVR0
-> ssh-ed25519 RfitmQ fnVZmd42HVD6iBkEzEGn57D4LNMcYfWXeRpnRutjNyY
s1+OrASe6ONf9kVgfBiAuoSd8314h4ek6yoz+mL04Cw
-> nTx'S6-grease 1Dt%/
mr9/gUTNOMrFAQVmUgVVfXpkKk+aXes6CulorL24APwN9dL1GPEOWdP3v1NEFcR1
db6L78xilCtNf/jszgpMFYh5ctehauTa
--- EkgK0s3mBI1KvlZIWl5iB+p9xu6of0oL3NEVV+Jcjfc
+0xE£~¦<>T:ï“ÙÖŸTjÈ~c‡ÎL˜@ãîwDX†D¤«NJ4sõ׳ªDS€<53>Á«ÑK/¤VìðÑ!o¤ÿùÙUþœ_x„¶:

Binary file not shown.

View File

@ -0,0 +1,9 @@
age-encryption.org/v1
-> ssh-ed25519 HwR33w 3DdeLEaXCmEsm5U5idLUPb2t25cbd66Cppf0xcF3GEs
V7g2WywINm7qB7WcV/zL490I/7vCqudlnzNXY1Ckzrg
-> ssh-ed25519 pI7EWw HNBoCvxcX9qEJHzjO/8RxPgsy7J1RmqROFKTf/bIcgs
9JSsE7iqZ+1h5YfPPI6v4fth9wdFP8qfU/mNkaTQr6s
-> 9Kh.qZ]-grease
gx3ohTVB+gSV
--- OzhRO0ke2wUPWxBayTpVLE2leygx0pT60PTpcTlVgis
£þ²¶ÄaÅlP$c8êGãjøì¦ÄT½¸ä—â¸G½žP͉{"ÓR„c0Y=Ñç>Ê>퉆fþ®ß¸i© r®ø5ûv‡Å—å#

View File

@ -0,0 +1,9 @@
age-encryption.org/v1
-> ssh-ed25519 HwR33w ZWn7K/SI1OWS0FslI6Vz+KooVyWXuww4dNa5y0O1+Xo
P723ghoGExFpcMYjdvcZrvT1eOG/pmccI3IO0/UnaAw
-> ssh-ed25519 1nn+0Q IL+SAfWJvd1KPV1z1kAyoLu3o/t6qdCx4cHjplqkaAo
5io07rjFwtbvmgvA2sYn0VsjdtHi0AA1JRwhH5yijpI
-> m2cEFebO-grease )(5.!z\
--- 4ILHmhv4fz6NZaWVYAKmFGY4ojpt4WQu3ulxz0R5FCA
(Ôµ²nlÎï*Uæèü<C3A8>j„ˮß:—U51 Ð‡<C382>AÓí <20>Þ´cÕþøµCÑNÞÞ|œæ_X.sœ[K&ÉË