1
0

hosts/hydra-1: Migrate secrets to sops

This commit is contained in:
clerie 2024-04-21 18:45:15 +02:00
parent 7e5a2fa2ec
commit f252ab71eb
5 changed files with 28 additions and 22 deletions

View File

@ -79,7 +79,7 @@
services.harmonia = { services.harmonia = {
enable = true; enable = true;
settings.bind = "[::1]:5005"; settings.bind = "[::1]:5005";
signKeyPath = config.age.secrets.nix-cache-key.path; signKeyPath = config.sops.secrets.nix-cache-key.path;
}; };
services.nginx.enable = true; services.nginx.enable = true;

View File

@ -0,0 +1,27 @@
{
"nix-cache-key": "ENC[AES256_GCM,data:AFDvfikObYvlwqRd0Wz3jfZdrKp6vu5ga6mFKRSPhh/BPFS1mBNyz3DQTL914bO7Pn47QHQVxufFVYlYmIq9sIK5snudZmRNDC21D95CvnJMWkO4d+nO8sMbjTMocEBmBEPMC18WHrkVmWOJ,iv:sD1qpX4sgAqb0c4Vmr7cRAELwiQhORKleGggKnOtmB4=,tag:q9D/f/+n9J2+ZtyuLXuk6w==,type:str]",
"wg-monitoring": "ENC[AES256_GCM,data:C5C1s8GgEhu0QrIYiToJu/6Be7njwwNzdj5oMDGihT0m4lCtkwDI9NPxdBQ=,iv:icgVuwsJjl9+6pank/0MenY3Sm9eZiJ4KqQHASz+GXE=,tag:ANKZxndDHXAakUFr0euvkQ==,type:str]",
"sops": {
"kms": null,
"gcp_kms": null,
"azure_kv": null,
"hc_vault": null,
"age": [
{
"recipient": "age1v7etelmpeksue9q4fdz826e4zd8d45vjfm057m33jmjeuhr6dcssyw4f60",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBiS01SZzVxOGVjeDNuMEY2\nMjd3VjJHRTgyckZxbitFYTg5cUNZNHk5TTM0CkM3QnZyaFFmTUp2T2phZ3FuR3lR\nd1E3TlpsRnBQVXM4WlNIKzdTelJIbkUKLS0tIG5xR1VlK25LR3JucDIwakMzNVp6\nYkI1ZmorajhDUHdHZHQ0QlkxMkE5dHMKTaffSqKMM7Z6pDmMLvRr6MEsNPvJ9ycF\ny5Wilaie7qdFPEWJDNXOmmKwJgF/wPIsYYouL+YlKaOalL4X0i4xgA==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2024-04-21T16:30:03Z",
"mac": "ENC[AES256_GCM,data:aEIs0bTuMJJsjCLtwQ/3ApO8iVCdlfPhBY97veU518R+Z2aywEh9R7h89skuVjrRcrbzeZthaubD3fqK+0mWkIgk9cYWzcHAA8OYNX8inZAnWuhN4kcc9pAy6abdqYtlqtTBY33m4BITEsIsUROW+VP7V87Kyp3THnn2S0QqAag=,iv:1wqiyugRLFXT3uXfo053E6mGH/wFGjUO/AkXz915GrA=,tag:8Vil1vZRkKUN4HwcFNJsXQ==,type:str]",
"pgp": [
{
"created_at": "2024-04-21T16:29:22Z",
"enc": "-----BEGIN PGP MESSAGE-----\n\nhQIMA5OzEzXewpmPARAAjrV8h3h9H5LiACawYTxnw0Zf31/4NSR5Wnl04IWN+qNg\nbeZmxj4KWuN2DxEjeERm3yNmyzDlhj7LNvmEMpdhE8DGgXVnXOeVvM+GPuKh4ej7\nLy0leHsXvyje12rzSw0Fidqs+PbXpsbeo4NmnNi7VIgjs3zuAzlNuH7AnLkPmUA+\nUAThUl+mswjARYr7UhP6YipQ2mFlrC2oL8guPwpWKvIq1rW8t+Ug9O8IMCA/x/iY\nJZ/04Tygc/EnDuCdvzMOf0n5xWe6CxRbgt81cfeoEP1PVJfof5pP4Rnfob22izst\nxBDnjnxd08xXOkPRHPN/KliMgRxmIVtlWz2tvL11OEmE2N4HJs+K6tpMbHMSm1UG\neA1mseDHw/f5z6tmH/sLFNtyXoznfiLoiQ83T+dUIeq9V9FEO7RqaeI8Qdy1enSQ\nCUXHdc4T3w525px/kYEm8QqUtyWcJHls609WG4togL4zll4MHsGP2gxx+FU4ezWI\nakD3j2KBzSzVP/UGu/oy9bDD30aA29+AJ2gNbvm2kLlY7K6As5u7Ug/u55x/tKQW\nbSbvcRzSXaAWmJtEld4EL+CdEphyMGQSdRSCceS9AqfTtvl88vlNp7EZK7mL4oBC\n8Rox3xzyRkqGpNEeryl6GIi0Y5QUe+AmyGPGNkqfzK1xkafElkqhhKhyOPVu27qF\nAgwDvZ9WSAhwutIBEAC6+vzKfG/E6ZT0RXE+rqrLx8lzrES4mhhOWbktyA1Y1CPo\n3YUkGSZHLUgg3zR4RlT1bhdfG3gpsYizFe3pVsMMkNrIhrPv4fDAqFNSBfVKYJdR\nKb59Qpxpwq+bBdu4Rame2ogTXwzTpZtW+y9jaWoxlgjCTMdlaNzsC/I2SN2gfDFe\n6XqPJaN4VrHX3jXlqrEDjrgFSn1t8ozxe+saaiX8eHygJJyAOWp0qhkDbhJwv9eD\nRveVAhGbQA9z+f6tKXvQiCJbW8GSpu3Udze34f315XRig6tVvAOsUw7zELjlXGHj\nfZVzrBWuC2GtE/uCC4iqIoPGjpk9RZ2fBgSCUVqhQMR4ZxDfB2uNSU4YcsrcOsjn\npUCzGDUWbO8ZleUTWQUehsrWYiZnF4n8M6d6zT8ihgr978iB/NdWlq1nByG2v1DX\nLKgpigiz60kN+EXJyAM1wd0m/DXnFCMnmKLLvto0ACwKe2l5gRXCLpIij7EqWWk1\nU5aQ/3M9YwVMGLGpPDFb5RJ7GXAXsotUEe0MRPeEIhvFdZbGOF9Xtv1E9WJ2PTaF\nwsDpPlufvd1qa/7fXM1ra7nxoksN5I0XYu3NjtMM+2WAtVSBZ6vASWxu5Che5pSt\nXsv9is4H+ORcfd1KDKfGwZtGoGwzeVN4Us6xirjeLzIOdE6QPfw3VYa5eC7YoYUC\nDAM1GWv08EiACgEP/2Bql2AOtUUcrzQIupSut1Bw4jt/Be93I110pjeB4typASRv\nolZgKcWUyv8P0jD3RRwoxJigJjLEolpLSy6F88w5M07fNdtgROuzs3M7nd7tMPS9\nR4RZcLJh87AFVcOt62mM+8FbvA2KTcDmFuA/h+z5T0SKZwjA6xkC92wS7qpYRbOo\nqqnqOgOpv7O3KUl8CQUgeA7UcpWA1Tqu4kEUN4rhaLnJzB/KUx+UzfgumBgrsAss\n2/XcT2l5vZSwmvVbpj1Op8SJhqfB0A3/h6sfq1pxzyDBA7OvsJekdTDwLl2QZtHS\nbKteh4iog5CRSAlbrwt65krh84RJyEU238kzeg1C7JMj799/6paXyWqOZPZaktew\namzFksVdZLSosMFKRmraBPJkTYqyjzy3U3OsXSz63NnHAbIyWJg7MzTLDHHoMSus\nXFXQXXrEnHZYg+1oynTTa0KOD9gEaz0ResHxMokZL0D6Y5FFtM3F4Y5Usvm/ZkM3\no7R8Mh7yKODBPwAO4RXAQQOqWsT+MqAhNHtjZCzIE+mtcY9v3VcUENs7ZDmC6/Cw\n7zl4NxiHOw0874q3DoZtyCVVN7iMnhg3ZXRYOBzaLeUZQP8y5Ex2gjE3nJ3sAy/H\nYdTmJYg7G9Gz4Ffced32hNRD+44XrKXlZBkCKpFGwWHJrjQJS5imrIGdFGvC1GgB\nCQIQfn/f746as53METJMSWUlxADRft5dqrMqqaaqDNAVR5W/Qmsa0fwAUQf76Qxa\nz1++MconWYhB9No/cWM1GspEDOShz3scZ/wth7MmOcBPnscIcsMTt1A0AM+h2hF8\nPOECHUyMzw==\n=SmBP\n-----END PGP MESSAGE-----",
"fp": "0C982F87B7AFBA0F504F90A2629E741947C87928"
}
],
"unencrypted_suffix": "_unencrypted",
"version": "3.8.1"
}
}

View File

@ -1,9 +0,0 @@
age-encryption.org/v1
-> ssh-ed25519 HwR33w XAZWRRep4zdbZFwRvWGa9yyLe44TlOGIMwtLo/WZXyw
G8Rv8Oqbvx5qYr8ZrQlmIyhYqUG6aJArfhMoqu4U/Uc
-> ssh-ed25519 UgSomQ sP6Z3WzhBXDaDfsSNHY7p/vV20/eytII2VhO6+vUAhE
q6+FH+k04jG0417KvY8cHnNeb8hEzEtxX+hLmKWqvdk
-> *A>\V=-grease
wpRswQ45ywiN+jit7kj5p0s2a+WloUueeu5E+Nn41WOMNQLJ3RaJqxRk
--- TVK8uHcE2tn7qfDF2oAGb24N6a670Fc+QVU7agmJYNo
_ aà­ ˜-è¦'ÀÓ³ÞýAbSØ ÆXÊ2Ñ$À\‰M³œÅ¾ç×ý¦#6žwP˜çÉ…<18>²'ÚGK‰<4B>&Ü´|œýó7³PŸÕŒŒ-v¨õÐ_Sb&^YÒ±bÍ(KÏñ´9oÀ¢í¼ß‰{Cž³m<C2B3>F0w¸î±Æ£- ¨9õ<5 LÌ¥ì

View File

@ -1,12 +0,0 @@
age-encryption.org/v1
-> ssh-ed25519 HwR33w iq9GCoMvjYmB36sb3ObwjSO2eL/wyyxTsIbJ8lye1zE
6PcXowhq3ADvC94MQ0BuFeyiCxmxWwwgEjve2fP3uRc
-> ssh-ed25519 UgSomQ OtaRJDru8abGAMKcmcF0YHPDMnilqZAk9LULZ3eVd3I
3vzkjiqpOz1rIODQdO1QTs7j8JW+f7/9hrlBvb48z+M
-> zXcO;;.{-grease
w1zwccIRbNRBbiXF5p6fVAS1Fm8OUJdq105gfEaGNUgEKSzUzGRlron5JemsebJt
6rLBebjmtxrgLOMvPMbtpX1hQJOrWV6yVJkBOuqlRtVdFPNMrIEWXc5v+VXR8Ccx
XMs
--- v41dXOCQtZwpIdKXoQSB1oblr17HunSpwoRnfPtKkS4
żM%÷<Ô„âĚćŘËŔĚ<17>[śëú÷_WĹ!sćöű<g‡0+2,43>
.ŐH<C590>Ţo¸0Áw6tß?¬™'Ťzo× ÍĐ<C38D>hĚ