janeway: add keys

This commit is contained in:
Felix Albrigtsen 2023-10-14 01:43:51 +02:00 committed by Felix Albrigtsen
parent 0c64f1e7ab
commit 9777e32da0
3 changed files with 22 additions and 10 deletions

View File

@ -3,6 +3,7 @@ keys:
- &user_felixalb age1nj7ju6f3jfvzw4c0sxywthjmztwp7rwqceun8xw2tlfrt7qymatser4vqf - &user_felixalb age1nj7ju6f3jfvzw4c0sxywthjmztwp7rwqceun8xw2tlfrt7qymatser4vqf
- &host_voyager age14jzavfeg47pgnrstea6yzvh3s3a578nj8hkk8g79vxyzpn86gslscp23qu - &host_voyager age14jzavfeg47pgnrstea6yzvh3s3a578nj8hkk8g79vxyzpn86gslscp23qu
- &host_sarek age1yjc08ykd5d687p9tmn6mpsna3azryreuuz6akj2p0dtft9xqq5lsuamljk - &host_sarek age1yjc08ykd5d687p9tmn6mpsna3azryreuuz6akj2p0dtft9xqq5lsuamljk
- &host_janeway age1sjk38fy5dk2nn0q0rmxuvr9uw3ttgz7mq4632f8jllzqryft0y3s46j65k
creation_rules: creation_rules:
# Global secrets # Global secrets
@ -30,5 +31,6 @@ creation_rules:
- path_regex: secrets/janeway/[^/]+\.yaml$ - path_regex: secrets/janeway/[^/]+\.yaml$
key_groups: key_groups:
- age: - age:
- *host_janeway
- *user_felixalb_old - *user_felixalb_old
- *user_felixalb - *user_felixalb

View File

@ -29,6 +29,7 @@
}; };
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
vim
bottom bottom
]; ];

View File

@ -7,23 +7,32 @@ sops:
azure_kv: [] azure_kv: []
hc_vault: [] hc_vault: []
age: age:
- recipient: age1sjk38fy5dk2nn0q0rmxuvr9uw3ttgz7mq4632f8jllzqryft0y3s46j65k
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJNHA3eFNxWjd4a2tOcEl3
Q3N3YXNSd0IrNm53QUtJWmFlNlRqb1ZsQ0VFCkZCanRYdEZZZWY4SFNWNDlBUEth
Umk0UkxReWhrTmw5RkxzTzhDdzQ5WTQKLS0tIDMyK2t6dTVPaWlGUjRRT3ZHSUJC
VjBsbEFiakZKL1BGMlp3TXM3SUhuRFUKEppZj9LpW2axFg6yN0R8i/GV8OywK9ha
NDDFqw1x+8e++Mec7uN737oYo3nsFZJG7pMxFbuXBol2RUfZ0GLuwQ==
-----END AGE ENCRYPTED FILE-----
- recipient: age1n6j9umxfn5ekvmsrqngdhux0y994yh72sd5xdt6sxec86k4dyu9shsgjkw - recipient: age1n6j9umxfn5ekvmsrqngdhux0y994yh72sd5xdt6sxec86k4dyu9shsgjkw
enc: | enc: |
-----BEGIN AGE ENCRYPTED FILE----- -----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1VllZUGR6d3dpSlczS1cx YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4RGFnVE1Va2hYUWt4L0dk
ejZCMEhDaDJ3ZEIxR1NWV3NXQXhDVERNUlIwCjU4TWNBbmNpc2x4MHNibVBJWk5s QjY0cFl6Z2JjK0ZtNzRhZVNpQkRrOG9JKzE4CmhXZ0xiZkp3K3VXQnhSOExxTXZq
Sk5aamZVcnZGSThLTXI1Vkh0UFVBNkUKLS0tIDdHYWhjK3pBM3VydldzdTBTcEVz NjBVQlVBKzhJaFRKeFZ5OE13VVhlc1EKLS0tIFdaaFZ6ZnZZQkl1dW5sT0hkdjlN
YUhoWTJ4SnBRb1ZzVUhxdnBCTEFnTUEK72ofuMzrLBzFmA0fO9hX5vhtzcbJse+q M0F4TmtTeXVTeWdpUVdNNlNGTmZMOFUKCsULF8MXQ7DkTGpXVbiJtmErHK6ve08N
qK1YKKv12iF1TZ9+Ty73W5Dlum51YWfUD0/BX+/QwQob9AmszlQ7vg== av/z7DlzdGeUhlL5Jk/jonGr0Ixhtlvn+MqrVFGBIB+6OqOi2eDX/Q==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
- recipient: age1nj7ju6f3jfvzw4c0sxywthjmztwp7rwqceun8xw2tlfrt7qymatser4vqf - recipient: age1nj7ju6f3jfvzw4c0sxywthjmztwp7rwqceun8xw2tlfrt7qymatser4vqf
enc: | enc: |
-----BEGIN AGE ENCRYPTED FILE----- -----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSArWEFrN0xJY2ltcENKbzgv YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAyWUNlOGZmZnRWMXprV2hV
V1BiVm9URll0QlUzVVlpV2RNNDdlcGJ5eFRrCnJabTVEVFFMK0xUalJtWjJuSnNF OTNZdU02aVJBUlMwQTFFTnUzekFXTVBlYWs0CmtOYmhJRDlTSm42NFZoSEZlclhR
TW5iVkl4WXp0VU5BVkZWSTdINWRBMmsKLS0tIC9aaUZWWXNKRUpnNGR4TDM1Rmpx bFN6NEUwUG9jQ3d3Z2JzcWNIandOa1UKLS0tIDlwZVBIdi9LVjVsaFhNeEplNk4v
d3VYdmJjQys3NWN6KzJNSTFqQ0hOR0kKKLYpphnephuK9Pbp7yzwtGeXadYciogn SzRrQ0hZMnZFWHRuTWErWDQ3M2NJOG8KDphp0PenVKK6cZ4V4VUHL5A64wNF0vi7
nQs4qiNooRGpC7wjcuwH6OUBbFsnLWrt3lQjP00Xs8uEFFtcx7wotw== gkvXBWSakJX5ONssN2aaXTfoHY5QrRJG4Rj4ZM0Bdm7WrIPdBFONrw==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2023-10-13T22:50:20Z" lastmodified: "2023-10-13T22:50:20Z"
mac: ENC[AES256_GCM,data:ktGFV+oNBMIKNCVLXZtrxn8HbvgjmXTRmAWuDQaNyMIIWvnTvd5IQBivG1kCimVr96RFl6RWTMWH4nqHVFlo0jxQfx8KUVXmaO7dfp4Ri+ZKMLu33HmLfwHiStnYRwPCAtwG/AXx9SXl0SAL5S+xHSl4mnShbyYfLAHibccYros=,iv:JeMtQ5uxYzpqr1eHZrLTNqhizjOCaixNg8VFcwjY2Y8=,tag:gHfRDBezAwzCqmEhayVYEg==,type:str] mac: ENC[AES256_GCM,data:ktGFV+oNBMIKNCVLXZtrxn8HbvgjmXTRmAWuDQaNyMIIWvnTvd5IQBivG1kCimVr96RFl6RWTMWH4nqHVFlo0jxQfx8KUVXmaO7dfp4Ri+ZKMLu33HmLfwHiStnYRwPCAtwG/AXx9SXl0SAL5S+xHSl4mnShbyYfLAHibccYros=,iv:JeMtQ5uxYzpqr1eHZrLTNqhizjOCaixNg8VFcwjY2Y8=,tag:gHfRDBezAwzCqmEhayVYEg==,type:str]