From 36e1db6cb1457154a2ea280d9ef58e21f2be6748 Mon Sep 17 00:00:00 2001 From: materus Date: Sat, 2 Mar 2024 23:34:32 +0100 Subject: [PATCH] materusPC: secrets --- .../host/materusPC/secrets/default.nix | 9 ++--- .../host/materusPC/secrets/users.json | 29 --------------- .../host/materusPC/secrets/users.yaml | 35 +++++++++++++++++++ 3 files changed, 40 insertions(+), 33 deletions(-) delete mode 100644 configurations/host/materusPC/secrets/users.json create mode 100644 configurations/host/materusPC/secrets/users.yaml diff --git a/configurations/host/materusPC/secrets/default.nix b/configurations/host/materusPC/secrets/default.nix index 68a9856..dccd044 100644 --- a/configurations/host/materusPC/secrets/default.nix +++ b/configurations/host/materusPC/secrets/default.nix @@ -2,14 +2,15 @@ { imports = [ + ./private ]; - sops.age.keyFile = "/materus/root/age.key"; + sops.age.generateKey = false; sops.gnupg.home = null; sops.gnupg.sshKeyPaths = []; - sops.secrets.users.materus = { - format = "json"; - sopsFile = ./users.json; + sops.secrets."users/materus" = { + format = "yaml"; + sopsFile = ./users.yaml; }; services.openssh.hostKeys = [ diff --git a/configurations/host/materusPC/secrets/users.json b/configurations/host/materusPC/secrets/users.json deleted file mode 100644 index a891aaf..0000000 --- a/configurations/host/materusPC/secrets/users.json +++ /dev/null @@ -1,29 +0,0 @@ -{ - "users": { - "materus": "ENC[AES256_GCM,data:rB089alZTUAB24VX76vg7dOdQdWa12/rVXdSKNj80TTQhXu1Alw1l697BbzuOwlkcj+OaeV+cU+rPgXPIPVjnQlyHJNNC9VPUg==,iv:uWjjrvnwEZERsJDw6bAe3qcHO5zl6bCK9rv4MZbXCnU=,tag:QvMjcefg2xHsfXdJs5KguQ==,type:str]", - "root": "ENC[AES256_GCM,data:sbq8UeP6QmJ7gRa8RlL4/upy1y5RhWRrU+THCs1Sdc1vZy6s7pJThZeT/GEe9WNYFvbRjgTorkaKpTBp2Xar/fW52EuqSM+P0Q==,iv:Hm//gIpCqYA9aemq4VAly31U9niy/xYYrTghlBbXKSc=,tag:J8VT7nFRrTOHA8wIlOUw+g==,type:str]" - }, - "sops": { - "kms": null, - "gcp_kms": null, - "azure_kv": null, - "hc_vault": null, - "age": [ - { - "recipient": "age1fq9ckkwtgvm69w045rf9pgurnhch6ukdxejr8yxgrthn7j8vp48qvd9rkx", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2a21FTnMwM3JIZmhWSExI\naUJXVUZVVDZ4VFRXTXJ6R0hKY1VkZWQwejJNClB1NS9vWXRrendOSmpobjZ6ZGJv\na2cwR2lNcm96aEtjMktpWmUwZTdxWEUKLS0tIDF4b2tyQ24yMVQ1citpdDZUMUt5\nRGZIV3ZaakY3aDFjek9Hdklpb01IaTAKGwMh6ZPBRnBRTzMzYM2qfgqPcDhxcdnB\nVI3v6eQMpJcqfKg8t2RtPoS0sXItEIGb22O1cqv7lqsDNFTfJFsKcQ==\n-----END AGE ENCRYPTED FILE-----\n" - } - ], - "lastmodified": "2024-03-02T21:30:11Z", - "mac": "ENC[AES256_GCM,data:k1L4cZJD+o8oxCxD0DaF7596Oca4npFQSKKG7XQzkLJdCEyq1u51waCXcOn976lipgCPrgPlnc1Ad8QpRjvkROaUjFVq3NH/dUtEQa+haWHTQC58kVJU+hzE8NPv6fId+m5z1nu4KRhHoFoMOtuiXc/XLR8yLejIg17d+ncKokA=,iv:YOiwx2NX/piw43E74B/kWwr+zw02DLqiOxe5vVgK0gI=,tag:TdEHcJmwNMTos9T/tpT1pQ==,type:str]", - "pgp": [ - { - "created_at": "2024-03-02T20:47:34Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4D5fSX77p80GYSAQdA12LSQRZXdxMZVUaMilMqDfY2f9Zx25S5wxsvg4HirjEw\nI2SIG1eW6MZaeFqJc3rEHEx6SY0igFy+gpwWr6KugBTdJmXVJgh6aG5fsv7z00Rx\n1GYBCQIQ1hXRnsn6UsaNcFaqv1WCsIc+h5WLIFZeB3Jrwdzy8YeVv8WYkNlbrni8\nihQnWhOwWfzjOYpmee1goRAqKBrbqHBouJwZJH6V7ZGUDfOMU63gvpmdKhUu2ML6\nw7swxzkrglo=\n=g87z\n-----END PGP MESSAGE-----", - "fp": "28D140BCA60B4FD1" - } - ], - "unencrypted_suffix": "_unencrypted", - "version": "3.8.1" - } -} \ No newline at end of file diff --git a/configurations/host/materusPC/secrets/users.yaml b/configurations/host/materusPC/secrets/users.yaml new file mode 100644 index 0000000..fcc0918 --- /dev/null +++ b/configurations/host/materusPC/secrets/users.yaml @@ -0,0 +1,35 @@ +users: + materus: ENC[AES256_GCM,data:okqSgMvdFq1BMAg+Gs725zaNbeAQIpJKSPB2Sa83i3EYimphZNBtrJLen+gQEGNq4yeTyAc9Ih/hcnr+3z+Tea/g9ffh/UC4YA==,iv:OhKoWLREAqCbtmS3Rw9nE9+PtcBLwEHimJXcj4oejRA=,tag:Ht/SQSwumnQR6E45Pl47AQ==,type:str] + root: ENC[AES256_GCM,data:vnPjK+xayk/Zk895rERYAeCzpjv5NJ7EAyK4MRDUzDbW++4Dy+UEI81v1v7w9dfpDeL+x5kOqUFO5zVVDUGfZ3yf/l8M8N8KcA==,iv:gGFGcy3K27nQxn0+7I/t0kg3nZyXeGWqysOl2auZJXo=,tag:N+LYhKpPCbI1EjEBwxuh1g==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1fq9ckkwtgvm69w045rf9pgurnhch6ukdxejr8yxgrthn7j8vp48qvd9rkx + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBEbHZZUVF1dVJSU1NvNXVk + N3VtTm00ZHRWb082T0FkNXJncUxCU3haVmpVCk9FQkJBZnVJVFNLOThjZzlxNVF1 + b0phQ2daejRrdVhEZ2YvRHVRRU5BQlEKLS0tIGdQeDlOSzl4VDhGNURQditCWUFG + dWVzbzUyakxXUGpTQjNsYzcyVG1aRDgKXVa8tIAbmggw1vSt3NJYRLgXhbagpNrX + RNXyndPaeQXVPVXuJWmHgRCYbwPTcfAFpGwFlX2IxVLlmC914Zklhw== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-03-02T22:12:15Z" + mac: ENC[AES256_GCM,data:h7iDHiyVoW9fAi5Gmitrlw01rXBC92UL5PGywV3tx6gdfSsqigX8aecuFnaYrP8ijLzABoXRG6QSLJzn7odJP0e9xXRkoVkMrBZHqRuroN+ouzYjqLJ0DrH2EGb8O/EcwoS9cHuusZTsBnfAfc9l6TuqGu9f8HIwzlcg+jEA2X4=,iv:m0acbZsaqhJ4/kQJ4tGeAiws0r8gJuX8OKp2xSRzkEg=,tag:f6Kh73EBZ4TBbohQozXzog==,type:str] + pgp: + - created_at: "2024-03-02T22:10:50Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hF4D5fSX77p80GYSAQdAvGVUu56Pd2+DMHqgIcJokyh11952nQK2eVtQNj42CAUw + NQfulNRUHX5BonsLyvXPx74bVku6Wxr80loIWoz049/xbFj4S7FyftkakY8rOUGu + 1GgBCQIQOoEFvTQB8qGbea/85fktuljXPou/WgUY6Mxd4n0dBz54f69B/NttnBGc + 7eUDKfe79Omr0o/0CVC/6SGKoiS38suV903QHeF1MXFPeOG72k4TvfF9lVlBgK8H + k4DXtzC7wm3WWg== + =eh7Z + -----END PGP MESSAGE----- + fp: 28D140BCA60B4FD1 + unencrypted_suffix: _unencrypted + version: 3.8.1