modules/monitoring: migrate monitoring vpn secrets to age
This commit is contained in:
bin
hosts
backup-4
secrets
carbon
secrets
clerie-backup
secrets
dn42-il-gw1
secrets
dn42-il-gw5
secrets
dn42-il-gw6
secrets
gatekeeper
secrets
hydra-1
secrets
hydra-2
secrets
minecraft-2
secrets
monitoring-3
nonat
secrets
osmium
secrets
palladium
secrets
porter
secrets
storage-2
secrets
web-2
secrets
15
bin/add-secret.sh
Executable file
15
bin/add-secret.sh
Executable file
@ -0,0 +1,15 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
set -euo pipefail
|
||||||
|
|
||||||
|
cd $(git rev-parse --show-toplevel)
|
||||||
|
|
||||||
|
host=$1
|
||||||
|
secret=$2
|
||||||
|
|
||||||
|
mkdir -p hosts/${host}/secrets
|
||||||
|
|
||||||
|
nix run github:ryantm/agenix -- -e hosts/${host}/secrets/new
|
||||||
|
|
||||||
|
mv hosts/${host}/secrets/new hosts/${host}/secrets/${secret}.age
|
||||||
|
|
10
hosts/backup-4/secrets/wg-monitoring.age
Normal file
10
hosts/backup-4/secrets/wg-monitoring.age
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
age-encryption.org/v1
|
||||||
|
-> ssh-ed25519 HwR33w NS7or54RThBygIkXukAmaMBerb3XzBl9MWxhhXSOHTs
|
||||||
|
B9+EuN080AMUEdm/KRVcR/sqlw0uC8/lO4VFuTkfECk
|
||||||
|
-> ssh-ed25519 eelCFw KF1iYVpI/owY2K2entqcm4KaOztBC1Y+9/qK11s3Z0Y
|
||||||
|
IS3ABKW5+NEDW9bJ2KAb64WiIkHoMibyWtyuF3sF3eI
|
||||||
|
-> D,/q5iN-grease
|
||||||
|
LBaWGpsSun/TqNuM8OnhBu6/+u4NrwgrSe7iMkER7yrA/j4RKDfzHC17P9l701xN
|
||||||
|
OWFhKaA1qsxwe2Pk+3cN9Tp7SklE/hY9ADIvA1Jqqa1uVhYonrpZFEUXPVbnEEs
|
||||||
|
--- JYxwomGwWYbjcoqV5u3ReD/2kaZ7XQmxc7aUEZOGcCk
|
||||||
|
<EFBFBD>A<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>,J<>i<EFBFBD><69>y<EFBFBD><79>8<EFBFBD>K@<40><><EFBFBD>ڨ0]<5D><>_MMw7ު!<21>Ϲ2<06>Ѭԛ<D1AC>Jޯ<4A><DEAF><15><>l<EFBFBD>Qt<><74>=p<15><><EFBFBD>$
|
9
hosts/carbon/secrets/wg-monitoring.age
Normal file
9
hosts/carbon/secrets/wg-monitoring.age
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
age-encryption.org/v1
|
||||||
|
-> ssh-ed25519 HwR33w IkxlO8D2o7SoBGyg9/edvw97sAqj9e1nUtQk9ci8tws
|
||||||
|
t3mju7vCMEQcOs21Q56U53hTYyplMlj8L89oVVcgifQ
|
||||||
|
-> ssh-ed25519 5EcjHQ W1oWURPqGGfSwDZbIfqKVBBL+fMdLh1KnW3mMqALWmA
|
||||||
|
RbuAx/Sgj4wmuzijnjtS2Mai3n0T+89qSv2v5pxDfVw
|
||||||
|
-> w)}-grease $do
|
||||||
|
nc2bWeMeBxc3hd4XkX/k+isQudb0VZBD
|
||||||
|
--- 3Smsch2WrfWCMaeQffV+52LBY11YTtUa9K40DWrsAzY
|
||||||
|
<EFBFBD>כ<EFBFBD><EFBFBD><EFBFBD><EFBFBD><04>u<EFBFBD><75><EFBFBD>In<6E>m<EFBFBD><6D>)<29><>n<EFBFBD><6E>O'<27><><EFBFBD><0B>q<EFBFBD>̨<>r<EFBFBD><72> R{<7B><><EFBFBD><EFBFBD>T<EFBFBD>=<3D><><EFBFBD>+<2B><>ïj<C3AF>c<EFBFBD>? Hw]dBa<><61>
|
10
hosts/clerie-backup/secrets/wg-monitoring.age
Normal file
10
hosts/clerie-backup/secrets/wg-monitoring.age
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
age-encryption.org/v1
|
||||||
|
-> ssh-ed25519 HwR33w t9osbbi1s3J96OhWrTgrNmGHfIWUAqB4aFvmbNqtTG8
|
||||||
|
DD+iNLEd6WBvRS8PC0pfiCgNmVR4jNwBZHcaR8a814Y
|
||||||
|
-> ssh-ed25519 ILP4Ew sisQcIh1A9M3qwl9yD+cSPNM/nnNpII+Xfesj9mwkRM
|
||||||
|
7h/dPRCYHA88Q7lWvvPvdHf4ppCiEnu9ca6TY0BZLzY
|
||||||
|
-> {9O-grease a_:E
|
||||||
|
g5khXWjhnAYGhbvvT8+gbde58hiKZe9UtQfsGUDvnngA+OQulOiV9+tRX+yuzUhb
|
||||||
|
0z6nyMS0R9kPFsSFg7H03SYbkKaidh54FCYzyRMLld9nHYe6mUE
|
||||||
|
--- zDunV7ZXq7wNxXOVAdEUJmeGI25kHpsO2S5qNklhHQ4
|
||||||
|
G
|
10
hosts/dn42-il-gw1/secrets/wg-monitoring.age
Normal file
10
hosts/dn42-il-gw1/secrets/wg-monitoring.age
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
age-encryption.org/v1
|
||||||
|
-> ssh-ed25519 HwR33w +AFhSTsqwKkww+OGHnKI+qi0JvrQVe8p+XRVnn1oZk4
|
||||||
|
t7nBc4g5guqSsP6XFWYLAXPZEKFJA0tk4GM9XP3uoUo
|
||||||
|
-> ssh-ed25519 g+l3bg LjbGz8bbxotI4uhVaFzCjaOohfjJbTgPCbQ5UgCVgEI
|
||||||
|
+7h66Z41OSyvZjJ7ANYFA+ut1FWQXE79WonaXE5HREc
|
||||||
|
-> OapV-grease jkg)M@ NO4*'ml? lUG]H liUD3iK>
|
||||||
|
628DJDgpTFp0XP05robVn8j6/3f340BaYvdZIKLKvqXp93GufqwBnfYRIjYDyolA
|
||||||
|
Kt0M59kSw2DOtaYaOEk/E5BJhdYa+cDBEs8
|
||||||
|
--- 0V08Pg4II/yihrNWngXKWXwr6+Lcu9+XijZYupCyzHo
|
||||||
|
E<EFBFBD><1D>?a<><61>S,<2C><>&<26>\<03>Bҗ8<D297><38>X<EFBFBD><1D>]S^B<06>HI<48>-ݫ<><1A>/<2F>F<EFBFBD>'#<23>;C<>@o&~<7E>i<EFBFBD><69><EFBFBD><EFBFBD><11><>\=<3D><>ԯ<EFBFBD>
|
BIN
hosts/dn42-il-gw5/secrets/wg-monitoring.age
Normal file
BIN
hosts/dn42-il-gw5/secrets/wg-monitoring.age
Normal file
Binary file not shown.
9
hosts/dn42-il-gw6/secrets/wg-monitoring.age
Normal file
9
hosts/dn42-il-gw6/secrets/wg-monitoring.age
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
age-encryption.org/v1
|
||||||
|
-> ssh-ed25519 HwR33w 5r8PAnWrr1maOMNehoMkegIq1RvYcOTVSC6aynbI9Dc
|
||||||
|
g/q8AoKehfdRK8zuIVfj1TQeu37PQdUUXEPez07d2x0
|
||||||
|
-> ssh-ed25519 I+qNDQ r2etKUBWkHA4X6wpnGZbMmkLRQWhZ4JI13mOV3XX3Xk
|
||||||
|
/FJzTBB29gVH0VAeStXzi4rFZNoc/odYjXyObq/wVuQ
|
||||||
|
-> !YfpC-grease 4B
|
||||||
|
4ZoUV7O6DjEEHUXCG8+PcjyDt64X4nfKcnH1xt/45Wc
|
||||||
|
--- HptZmw/gU1pbkVwRvrTvDSj6Ly5ip5BQrMMyvVDULZ8
|
||||||
|
<EFBFBD>\<5C><17>x!*<2A><>z<EFBFBD><7A><EFBFBD>Zy`<60><><EFBFBD>Ɠ<15><>q<EFBFBD>m<EFBFBD>S=<3D><>yٞjk*W<>ޥ<EFBFBD> <1B>(,<2C>F`<60>t<EFBFBD><74><EFBFBD>5<EFBFBD><35><EFBFBD><EFBFBD>Qǁ<51>q<EFBFBD>X<EFBFBD>
|
10
hosts/gatekeeper/secrets/wg-monitoring.age
Normal file
10
hosts/gatekeeper/secrets/wg-monitoring.age
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
age-encryption.org/v1
|
||||||
|
-> ssh-ed25519 HwR33w ScSNP64jvvU/1t/fKlXPW9vaPwGvHwy6UEmGRA/h9HY
|
||||||
|
GV0KnasHBoj+qtTIT9aI0k6A/XgHPFXvmsApPDhAjc0
|
||||||
|
-> ssh-ed25519 W4Oy+w 455qbO83X2y2XZR2obj4IItMGkrC/WiRc6B2jp9MOEU
|
||||||
|
RLT/FkTDWJYHtAhtYAEHaw+CcgITvgBJKLLrN9MpMg0
|
||||||
|
-> kN4?-grease sJ p ZV(8^Djl N*7)k~
|
||||||
|
0wq67UmJOPjObCWQhRSzUE6kWIhZsmv4zz6lEt71YoH5nFb7TzF1vYVfrqMycht2
|
||||||
|
QvzqtKMNAmFu6jv30X2ULBIjLNajtMGeZxLyBIjnbkCscnoWv4c
|
||||||
|
--- 7Fu5hMch3bfWXWlCwRvhVQCWx444fy/SMQyOwUyidqE
|
||||||
|
<EFBFBD>l<EFBFBD><EFBFBD><04>=<3D>·3Y`\<5C>ԅ<08><><EFBFBD><EFBFBD>R@؊-<2D>©<EFBFBD><C2A9><12><>K9)X<><04><07><><14>YwǠ-*c]<5D><0B>v<EFBFBD><76><EFBFBD>><3E>P1R<1D><>~
|
12
hosts/hydra-1/secrets/wg-monitoring.age
Normal file
12
hosts/hydra-1/secrets/wg-monitoring.age
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
age-encryption.org/v1
|
||||||
|
-> ssh-ed25519 HwR33w iq9GCoMvjYmB36sb3ObwjSO2eL/wyyxTsIbJ8lye1zE
|
||||||
|
6PcXowhq3ADvC94MQ0BuFeyiCxmxWwwgEjve2fP3uRc
|
||||||
|
-> ssh-ed25519 UgSomQ OtaRJDru8abGAMKcmcF0YHPDMnilqZAk9LULZ3eVd3I
|
||||||
|
3vzkjiqpOz1rIODQdO1QTs7j8JW+f7/9hrlBvb48z+M
|
||||||
|
-> zXcO;;.{-grease
|
||||||
|
w1zwccIRbNRBbiXF5p6fVAS1Fm8OUJdq105gfEaGNUgEKSzUzGRlron5JemsebJt
|
||||||
|
6rLBebjmtxrgLOMvPMbtpX1hQJOrWV6yVJkBOuqlRtVdFPNMrIEWXc5v+VXR8Ccx
|
||||||
|
XMs
|
||||||
|
--- v41dXOCQtZwpIdKXoQSB1oblr17HunSpwoRnfPtKkS4
|
||||||
|
<EFBFBD>M%<25><Ԅ<><D484><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><17>[<5B><><02><><EFBFBD><EFBFBD>_W<>!s<><73><02><g<15>0+2,43>
|
||||||
|
.<2E>H<EFBFBD><48>o<EFBFBD>0<EFBFBD>w6t<36>?<3F><>'<27>zo<7A> <20>Иh<01>
|
BIN
hosts/hydra-2/secrets/wg-monitoring.age
Normal file
BIN
hosts/hydra-2/secrets/wg-monitoring.age
Normal file
Binary file not shown.
BIN
hosts/minecraft-2/secrets/wg-monitoring.age
Normal file
BIN
hosts/minecraft-2/secrets/wg-monitoring.age
Normal file
Binary file not shown.
@ -75,7 +75,7 @@ in {
|
|||||||
ips = [ "fd00:327:327:327::1/64" ];
|
ips = [ "fd00:327:327:327::1/64" ];
|
||||||
listenPort = 54523;
|
listenPort = 54523;
|
||||||
peers = monitoringPeers;
|
peers = monitoringPeers;
|
||||||
privateKeyFile = "/var/src/secrets/wireguard/wg-monitoring";
|
privateKeyFile = config.age.secrets.wg-monitoring.path;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
BIN
hosts/monitoring-3/secrets/wg-monitoring.age
Normal file
BIN
hosts/monitoring-3/secrets/wg-monitoring.age
Normal file
Binary file not shown.
13
hosts/nonat/secrets/wg-monitoring.age
Normal file
13
hosts/nonat/secrets/wg-monitoring.age
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
age-encryption.org/v1
|
||||||
|
-> ssh-ed25519 HwR33w iEMelLHDM8EUtRxTjZakRhyaCgvu0y078c2m30LjlgY
|
||||||
|
o7v/DLKisYUVOgr/q5R/vdrFwsvibdPyGmDdoYxG9wg
|
||||||
|
-> ssh-ed25519 wTWpBQ R1dUP4h19a97U2pRtayUWOer6SZr0K4NQ5HwfxlfljU
|
||||||
|
NwTJQET27YxUZVMr0Eysniqp7R/mhVLjrcv7KyKk7HQ
|
||||||
|
-> \'G8L\\-grease
|
||||||
|
IYhz41mhvSiBPNpEd//WIhhxz58Rj5nQrnsyNUcNJ8DJo+u/5XsMX7xsiUpPlqZl
|
||||||
|
gljbE5k3W79kGV45+gTGbBi6j1kwM98ZPzUx6zF/wdkV+6/UdRvcxdwCBeLMQCpE
|
||||||
|
|
||||||
|
--- 9cL+fMX0BHh+Tdtx6DBoUG/U/dVlwX8YN0CoWIZvU/s
|
||||||
|
F [*<2A>T<EFBFBD><54>T;<0E>^b&<26>!d<>XO<><4F><EFBFBD>@K<>F<EFBFBD>
|
||||||
|
<EFBFBD>%/<2F><>k/'<27>٭<11><><EFBFBD><EFBFBD><EFBFBD>/{
|
||||||
|
<EFBFBD><EFBFBD><EFBFBD>n<EFBFBD><EFBFBD>Cn<17><>"<22><>Zg/?
|
10
hosts/osmium/secrets/wg-monitoring.age
Normal file
10
hosts/osmium/secrets/wg-monitoring.age
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
age-encryption.org/v1
|
||||||
|
-> ssh-ed25519 HwR33w GdM0PlWSyTELO16TOGV5qVDnpy+wmRVISm8zq4AkL2I
|
||||||
|
bFPVH0sTvsAoewRyetxxMDq4TXKBbo9kcer4j/+TnEY
|
||||||
|
-> ssh-ed25519 e95K1g C9JuyI5jzWfFdhN6BNiUeEUHyVTW6hrZzf0fxHWniGk
|
||||||
|
TBU7VCgk1OKYwc4ol+kcKnAUXae83BePZh2DBoTGz+A
|
||||||
|
-> "-grease
|
||||||
|
/GBX/iJRT06Kgz3sXOsc4gqb5ZugnM0qDWBBCsrQ0cWkhswar/wIocSYVilsrM+0
|
||||||
|
X8ZhFq0LIN63eCcVcw3bLk4Kvqz/GCF68uk0VOxxSThVZ+rj
|
||||||
|
--- xW5X/IzB/clE7LZDkvD42EUmKnwEmgDmzPrKR5ni/uE
|
||||||
|
<EFBFBD>E<EFBFBD><EFBFBD>p<EFBFBD><EFBFBD><EFBFBD>}<7D>:.<2E>f<EFBFBD>G(70T<30><13>)V<><12>|<7C><>O"<22><1F>w<EFBFBD><77><EFBFBD><EFBFBD>1<EFBFBD>2<EFBFBD><32><EFBFBD>u<EFBFBD><19>kwn<77>֚<EFBFBD>N<EFBFBD>ѩ<EFBFBD>3}͂XC<58><05>B
|
10
hosts/palladium/secrets/wg-monitoring.age
Normal file
10
hosts/palladium/secrets/wg-monitoring.age
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
age-encryption.org/v1
|
||||||
|
-> ssh-ed25519 HwR33w ctm6hruSuzSBwGGcW9x7qIIFe7z+AGhlO8ICU8cwO3U
|
||||||
|
9fhK5PdJJn7BpM9Vplrpi1Gcofpzafv30z+O2SuEVR0
|
||||||
|
-> ssh-ed25519 RfitmQ fnVZmd42HVD6iBkEzEGn57D4LNMcYfWXeRpnRutjNyY
|
||||||
|
s1+OrASe6ONf9kVgfBiAuoSd8314h4ek6yoz+mL04Cw
|
||||||
|
-> nTx'S6-grease 1Dt%/
|
||||||
|
mr9/gUTNOMrFAQVmUgVVfXpkKk+aXes6CulorL24APwN9dL1GPEOWdP3v1NEFcR1
|
||||||
|
db6L78xilCtNf/jszgpMFYh5ctehauTa
|
||||||
|
--- EkgK0s3mBI1KvlZIWl5iB+p9xu6of0oL3NEVV+Jcjfc
|
||||||
|
+0xE<78>~<7E><>T:<3A><><EFBFBD>֟Tj<54>~c<><63>L<EFBFBD>@<40><>wDX<44>D<EFBFBD><44><EFBFBD>NJ4s<34>׳<1A>DS<44><53><EFBFBD><EFBFBD><EFBFBD>K/<1E>V<EFBFBD><1A><>!<21>o<EFBFBD><6F><EFBFBD><EFBFBD>U<EFBFBD><55>_x<5F><78>:
|
BIN
hosts/porter/secrets/wg-monitoring.age
Normal file
BIN
hosts/porter/secrets/wg-monitoring.age
Normal file
Binary file not shown.
9
hosts/storage-2/secrets/wg-monitoring.age
Normal file
9
hosts/storage-2/secrets/wg-monitoring.age
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
age-encryption.org/v1
|
||||||
|
-> ssh-ed25519 HwR33w 3DdeLEaXCmEsm5U5idLUPb2t25cbd66Cppf0xcF3GEs
|
||||||
|
V7g2WywINm7qB7WcV/zL490I/7vCqudlnzNXY1Ckzrg
|
||||||
|
-> ssh-ed25519 pI7EWw HNBoCvxcX9qEJHzjO/8RxPgsy7J1RmqROFKTf/bIcgs
|
||||||
|
9JSsE7iqZ+1h5YfPPI6v4fth9wdFP8qfU/mNkaTQr6s
|
||||||
|
-> 9Kh.qZ]-grease
|
||||||
|
gx3ohTVB+gSV
|
||||||
|
--- OzhRO0ke2wUPWxBayTpVLE2leygx0pT60PTpcTlVgis
|
||||||
|
<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>a<EFBFBD>lP<EFBFBD>$c8<63>G<EFBFBD>j<EFBFBD><6A><EFBFBD><EFBFBD>T<EFBFBD><54><EFBFBD><EFBFBD><1D><18>G<EFBFBD><47>P͉{"<22>R<>c0Y=<3D><>><1C>>퉆f<ED8986><66>߸i<0E>
|
9
hosts/web-2/secrets/wg-monitoring.age
Normal file
9
hosts/web-2/secrets/wg-monitoring.age
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
age-encryption.org/v1
|
||||||
|
-> ssh-ed25519 HwR33w ZWn7K/SI1OWS0FslI6Vz+KooVyWXuww4dNa5y0O1+Xo
|
||||||
|
P723ghoGExFpcMYjdvcZrvT1eOG/pmccI3IO0/UnaAw
|
||||||
|
-> ssh-ed25519 1nn+0Q IL+SAfWJvd1KPV1z1kAyoLu3o/t6qdCx4cHjplqkaAo
|
||||||
|
5io07rjFwtbvmgvA2sYn0VsjdtHi0AA1JRwhH5yijpI
|
||||||
|
-> m2cEFebO-grease )(5.!z\
|
||||||
|
|
||||||
|
--- 4ILHmhv4fz6NZaWVYAKmFGY4ojpt4WQu3ulxz0R5FCA
|
||||||
|
(Ե<>nl<6E><6C><EFBFBD>*U<><55><EFBFBD><EFBFBD>j<EFBFBD>ˮî<11><><EFBFBD>:<3A>U51rڠ<72><EFBFBD>A<><41> <20>c<DEB4><63><EFBFBD><EFBFBD>C<EFBFBD><43>N<EFBFBD><4E>|<7C><1F>_X.s<7F>[K&<0F><>
|
Reference in New Issue
Block a user