hosts/web-2: Migrate secrets to sops
This commit is contained in:
parent
f25723941b
commit
e094afc4a0
@ -1,7 +1,7 @@
|
|||||||
{ config, ... }:
|
{ config, ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
age.secrets.radicale-htpasswd = {
|
sops.secrets.radicale-htpasswd = {
|
||||||
owner = "radicale";
|
owner = "radicale";
|
||||||
group = "radicale";
|
group = "radicale";
|
||||||
};
|
};
|
||||||
@ -14,7 +14,7 @@
|
|||||||
};
|
};
|
||||||
auth = {
|
auth = {
|
||||||
type = "htpasswd";
|
type = "htpasswd";
|
||||||
htpasswd_filename = config.age.secrets.radicale-htpasswd.path;
|
htpasswd_filename = config.sops.secrets.radicale-htpasswd.path;
|
||||||
htpasswd_encryption = "bcrypt";
|
htpasswd_encryption = "bcrypt";
|
||||||
};
|
};
|
||||||
storage = {
|
storage = {
|
||||||
|
30
hosts/web-2/secrets.json
Normal file
30
hosts/web-2/secrets.json
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
{
|
||||||
|
"clerie-backup-job-main": "ENC[AES256_GCM,data:AoreXT9N9blmaSsIVF+fWuGPVc8Fi1J4uQDrjtY6fzQFCFM9Yk0JQT/+POGiltOUkJSd+Ua1yKAxQ6zoR33WvQ==,iv:He82CVLKZ0dMBpkNzzrnUZhZcuFJXcWDmBKCJhBPrBA=,tag:EDDBVAcceURYV2SL2qEuyQ==,type:str]",
|
||||||
|
"clerie-backup-target-cyan": "ENC[AES256_GCM,data:G6ILFo1w1SVs7b5pIk/JdFvcIXdIaKFL5qKxrchxLedlovltnnRuufxfKivgjWgjTeVV78WNJMRVQVwXIcBhLg==,iv:gUjvjG04ClAxyFqhhj60XTWX6gbJELRRbUT/EbXxa+o=,tag:hsfmuQh0GRCRVm7NUnBInw==,type:str]",
|
||||||
|
"clerie-backup-target-magenta": "ENC[AES256_GCM,data:zsPFXpnTWHL2b9/fZiW1fhpla8hTeZb1+O8oihnwDIAcC4Tgn8PrFDEYK7kuWYcdbIvL5XRJRR48erSACsntFA==,iv:lTlAyVl3ndgca4Mp9lSldXmhlP8ECPvE/CM7Zpzy9ao=,tag:LCNF1loABQpZ8Y5wfpXjkg==,type:str]",
|
||||||
|
"wg-monitoring": "ENC[AES256_GCM,data:AfkytaHshFSyKkMdKVMdYaq3sKUC9dKYs5rKXN4Ouv5kjDGNXC18liEsRuc=,iv:4mMgsovdAJ++Myr+9GuhAaEBuzDBNZbGK6zfzoAEJ0E=,tag:/d0ZXNbpaMFyxyzov23kdQ==,type:str]",
|
||||||
|
"radicale-htpasswd": "ENC[AES256_GCM,data:+FHsq5We/fc8gBNub/GV5Mfs2i0/7Qm9UPDhb3unEhak6XDAvMSUQb4eaX0wn7Yi3y/gFGmapd0eYilTjfoJnI9gVnvi,iv:lEV8kQh9RBL/xKcCLIRzUR6ADq4zoah1c8Z67Qrs3dQ=,tag:cw6jKYbZUXBD3Zio5CH+Hw==,type:str]",
|
||||||
|
"sops": {
|
||||||
|
"kms": null,
|
||||||
|
"gcp_kms": null,
|
||||||
|
"azure_kv": null,
|
||||||
|
"hc_vault": null,
|
||||||
|
"age": [
|
||||||
|
{
|
||||||
|
"recipient": "age1nn8dwl2avshdhwn66w92jvlvz2ugl5fdxc8dxz6lpru72hlq44uq5a88az",
|
||||||
|
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBlU2tEMHIvRUFxa24wMVcy\nb2lheGR2ekl6S0wzWUd5cTMwTC9HdFN1eVc0CkRjRHdJVUw3ZCtZSTlUOHZCV2J6\nYkxqdnNmU05LTTNmNFZiTzBxZVdkOTgKLS0tIEZUZ0svL2NhcTZPdFZrYUhwQ05Q\nWnZXRWIvRXBOMWNDTzQ4RDNKa3IwSUkKj+vI9dEEUQYN9uT6H1FdexComfbe+iA9\nVzLF970ASzptGiNYtdN9GYdXY7JGHoOfmYy3fpjZGN3p2KqiYyi3UA==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"lastmodified": "2024-05-10T13:32:34Z",
|
||||||
|
"mac": "ENC[AES256_GCM,data:lxfYT2TEO9KFx0x6DPRQ2mRy5Ft6syyyO1yV9my6GwvDxd1e7odXGRcFo3N1AFod8Y6z4+XaxqZ/GoqSp94Pk8aF4eEhyAFun/UUr8KhKGsnq6xnQA4p37oYccvTY4eohS5YHBr/+AMutddmQ7qiYtQhVViXAr6+dmOsV1Tfu+A=,iv:bC+z9SP2W048bR3aWIcPgRlfLB5n5ccst6OvH0NjYBk=,tag:qhoXUAl0nG4LYy6yXQP2/g==,type:str]",
|
||||||
|
"pgp": [
|
||||||
|
{
|
||||||
|
"created_at": "2024-05-10T13:29:58Z",
|
||||||
|
"enc": "-----BEGIN PGP MESSAGE-----\n\nhQIMA5OzEzXewpmPAQ/9EWbkWn0T2rknNHaAwSKis43wQe9ItWzi1KNaGtE2yJt6\nvFWN43+Uop58NQqRsQiBD+wXrrkZCceIsiwT11FiOr1xwxm+j5Dt9ItfYG4SLPQy\ndRCgABRHXkJTlizFLBqhNH+m28rVeP2rjv/VISnX9dsaN3wBe1SQdCWahirbdoUZ\n3pQAJKDqptEp8MwW9OYhQf0A+etUKGyY1UZBdizgGI+FQH3NASDq/TbfzytE2h7f\nk4ptT0Wn3CqIeqSRwQ89x2ma/pmN/7sHvC0wmmyCuL8m59EGwX4pMu5jk249n8S9\nfi0PFsaPa150wCcsF3G9K9RpxzKJOQ5ysWbKKzKTvc9KIzeGzC4BjEwaSu1mtqmb\n7JVjbwXPUD1QbbB8Vymd0LUcUg20rMHqExMvOJfYwVb+eUMUdYJQHNpmOpRAlgkr\n8cd5bPWmFiWyCZ6DaEUA+cdtLHkrz1nWkrlG2n3K+7aSCVRZayheraIP53uMG9Ng\n3Co1mTrHy6bLAT+keRWseOEkCnAFGns+Il6v4dign4Q7hQ9Ovp2d3kMj4uWOHrd7\nyWUKIUT2ejTF3iM6UoNF8POvtgMD0ZmwMI0wZlc1FE6pkSAVC/1lEUqE4eT+l/Mv\nLCDF5ktd7MBdsMzdEbsVV55D9/vRb4AP8cccof5/akeZbbj9A5spWcBzApLv5MuF\nAgwDvZ9WSAhwutIBD/4o7j58zECSLtSHa3E8hDt1zy4u5Bbddtldzk6ItW78nJWK\nPHU0+IoTWAybSkqD8NBVMyo4ijHs5ipmvmeJ+DIdpR7219VFfBAr36suP0F0f2dg\nVQOsbZdeDar1sqacmcHcdqaBgkVW+M8A216moCld582Yy8JvGVvRSW647mBnhgW9\npkcuT+zKQJUwczXSUw/y23w+9qiuby3CmiJuAWFMVRT4E36cl9xAaezafDfp8doC\nZ4AcATAvZtLIOHKg3XjYzJyzuN0pyocTZu4x4PiJsHLtx34WOivwU3i0Iu9J/2VE\nDvXsWRql/P/r5O5U7np4cDGHR/siaJvHx9nbZOottisETAWGI+V/QnVTqzUEcK8C\nu4PGrgaPyFHtW/rDAcINU/tmLB78FM+BgNXJNxBDeJgoRQ9VB0nHlDT4pOZ5Bdo6\nkmxi/bCWpasThNE0EEQRMhNr1zXMwxaD5/enm4wIY6oXDmIxAf5Cj+rHPrCSiBpV\npge6xBhXGQSZMJT+QAQPwAu3l0g52DKIb8zJaLMCRnpra48W7dFRpIRb8LV3G4PQ\n7xxiSTO0NE1GbYMmqC/LU7RgRRqt2P0y5VaHqHSFwjdJpHk/zdoZ2QCh36Wtc3nw\nvTP7crZVZj0oYKenMBIIYOR74GY0L92Owxd1yNi+YdKtnFzXzvPtqrldx/Ps7IUC\nDAM1GWv08EiACgEP/1Red5Qltvhdb7UN06EYmZtbqf/ERExu8Zom4C1887HHOz/d\nkq/uOfXo4PHfEI/8mkcV5FDZ0kI1sGYXv9czLiImAwwPRD2klo4irfvBSWZglRE2\nO5sa2xPkeiXyaWkOeV48fm7c1TxUSzA5olFZad4z+3LzkEv2qyVJJZ6MW3We1wu6\nYXyGesF1oJQZb4GxQr6feknlG9WP35spMk/9s3zR6ZQCdgm1VZx50vfzpgbvVo8D\nySnVCWUqG6/3PTToMxm+LndE5ejbFOvubh7ppgsceOZyDsPNGPA3tVwJDZU/T2DC\n0D9M3F0DHUe1aNzQAA+CUgRiC1F95IgHtXUcCfF4aDtDmvHOMjDwKlxpeE00Qthp\nxms00wT+I0Wt0ieTErmHJHmpkGtGdr3aQXi4LFS6EZhleWdZkJXko/UBIsxfLKji\naEdz3sooHTVBUxQ6qmieVwZQBS5dFbqxoRId/y71QjW6whVi7JpAzUZ9J9Av503b\nxYrJrrfiUM/qmH7/EcBaYWZUDwzh6E71G/luyiGrJYlXV7mp7I2yw1EDYpDCz084\ngUQTdKtav6YNUFE8IWvK5mmXCnnWTmiOhxmomGcJC8s9CXoBYaC7ItxqkeeLcMaD\nYl2RcCSsynJpicJx5oDKr/J1EX92e9RzGYrgdmvVhlSGDBqpXL2+6n0wm1qG1GYB\nCQIQf4J+4HW3sHrDVXEDvuxA4sebLViuSm9+YkwCEIp5TvqVH9O3y1TMS0/MK15N\n6KomgzU9q8N7MsR07NoOMWYGF99RB/4/7lIIlN79g6jwqPuXbqZPFMf51woXb8Mo\nUn5pu94=\n=binq\n-----END PGP MESSAGE-----",
|
||||||
|
"fp": "0C982F87B7AFBA0F504F90A2629E741947C87928"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"unencrypted_suffix": "_unencrypted",
|
||||||
|
"version": "3.8.1"
|
||||||
|
}
|
||||||
|
}
|
Binary file not shown.
Binary file not shown.
@ -1,10 +0,0 @@
|
|||||||
age-encryption.org/v1
|
|
||||||
-> ssh-ed25519 HwR33w xLbOv/c4pjyh513O2LPkoKcprKZbM+217yy1a8Z7AFo
|
|
||||||
83NxTqotYXOM+w+gCR3zHdar9kNabgar0/eJBewO3DY
|
|
||||||
-> ssh-ed25519 1nn+0Q Oc01U+rgGAizyKzhgvmqThlXAEMuhlRAqsQL+/ozQFs
|
|
||||||
xHxOl3ESipcMZdnulTxC7W628patS2eO6681oNZa/6g
|
|
||||||
-> e[x'-grease 6N W+gfF\l \ x}~
|
|
||||||
yqY9BH/fmjHn2QizHe1/DRDfTJmSAVPuJlIOmeuXWfhhfiauy6ia/DjbgVjcyqha
|
|
||||||
XarEaYsvkI4JqKODHRRaiJ1i3TOs2Cdk
|
|
||||||
--- 5wtIT/mhGMy8kQHbzO1h9Wj7OgX1ax8bk6k05tfLhsQ
|
|
||||||
Ó0«IÔ°ûê§È¬„5™H¦“½¨à,oq´eHÏ}ÅùíºÌÑr2Š,íðЪ\î4ÑU²#<23>]¬Z"+jóÄÛìÄy&W½æO~(ϨµÓ©g Î~°Aš?
|
|
@ -1,11 +0,0 @@
|
|||||||
age-encryption.org/v1
|
|
||||||
-> ssh-ed25519 HwR33w +w13fgMLBeHKig0VX67/mlhQb0EPSJAFTu//velYNRY
|
|
||||||
irMedsePNfFFOYhKksrqLcLdNdYHMxFy4iTPneIOtWU
|
|
||||||
-> ssh-ed25519 1nn+0Q KpFGP/y4zZ8E8Jut8Gpea1DLH6rXGKODLE3IPTbzOUo
|
|
||||||
p28M4shr97sqqTBAxB1fQRNCj2E+xio3TboKZ/6smb8
|
|
||||||
-> rXRB4)-grease
|
|
||||||
t3CdM1EbN2yfSeKURCJRMTZ4w9FtXu6+Y8PWxo2RTV0fyv6XJdrq1jn1n4IflQLP
|
|
||||||
CV3H9FlQp4Lg/bdqVZDqDoMJ6dprVWK4rACnF6/tRRkZR4Ndfk4JRRWtWBOfR/ax
|
|
||||||
GWNb
|
|
||||||
--- yNRoOEai4ypvo0uGZYI1q/qwzS4wIZFXQEGYcW+H/wc
|
|
||||||
Ñî ³Z¼ÿ<C2BC>·îe0±<30>ä_îÀD@äΕÃ>¸[ñKOQBuP÷9TGgŽ×(€9´pœŒZ@1†&RZÁOŸªC›p$kr¿ô®¤èò‘’lg!\‹«„—èÑÄ=W׃×(ìVq
|
|
@ -1,9 +0,0 @@
|
|||||||
age-encryption.org/v1
|
|
||||||
-> ssh-ed25519 HwR33w ZWn7K/SI1OWS0FslI6Vz+KooVyWXuww4dNa5y0O1+Xo
|
|
||||||
P723ghoGExFpcMYjdvcZrvT1eOG/pmccI3IO0/UnaAw
|
|
||||||
-> ssh-ed25519 1nn+0Q IL+SAfWJvd1KPV1z1kAyoLu3o/t6qdCx4cHjplqkaAo
|
|
||||||
5io07rjFwtbvmgvA2sYn0VsjdtHi0AA1JRwhH5yijpI
|
|
||||||
-> m2cEFebO-grease )(5.!z\
|
|
||||||
|
|
||||||
--- 4ILHmhv4fz6NZaWVYAKmFGY4ojpt4WQu3ulxz0R5FCA
|
|
||||||
(Ôµ²nl‘Îï*Uæèü<C3A8>j„ˮß:—U51rÚ Ð‡<C382>AÓí <20>Þ´cÕþøµC‹ÑNÞÞ|œæ_X.sœ[K&ÉË
|
|
Loading…
Reference in New Issue
Block a user