diff options
author | sefidel <contact@sefidel.net> | 2022-02-12 23:50:27 +0900 |
---|---|---|
committer | sefidel <contact@sefidel.net> | 2022-02-12 23:50:27 +0900 |
commit | 71df3adebb2662d9295ee44bec2804d10921ac37 (patch) | |
tree | 5165dd6059bb5f5c3dd6e105849a1f45cf46caf8 | |
parent | d2dd5d1287e0f2630e1407ecb09b13413f4e2d93 (diff) | |
download | nixrc-71df3adebb2662d9295ee44bec2804d10921ac37.tar.gz nixrc-71df3adebb2662d9295ee44bec2804d10921ac37.zip |
feat(nixos/alpha): pgp -> age
-rw-r--r-- | nixos/.sops.yaml | 5 | ||||
-rw-r--r-- | nixos/alpha/secrets/secrets.yaml | 67 |
2 files changed, 35 insertions, 37 deletions
diff --git a/nixos/.sops.yaml b/nixos/.sops.yaml index 6b89a0c..0d15882 100644 --- a/nixos/.sops.yaml +++ b/nixos/.sops.yaml @@ -1,9 +1,10 @@ keys: - &user_zach 346833414516C852FFB238E19F734565641C2F14 - - &host_alpha 39513104f6c28be21b21a437ee6e9d915470eba4 + - &host_alpha age1ndc6vascfywmk5d3ptyeps92dyc9d9qsxmezn6t4wv56jjzysucqu8ldfn creation_rules: - path_regex: alpha/secrets/[^/]+\.yaml$ key_groups: - pgp: - - *host_alpha - *user_zach + - age: + - *host_alpha diff --git a/nixos/alpha/secrets/secrets.yaml b/nixos/alpha/secrets/secrets.yaml index 17e7a2d..bfceeb2 100644 --- a/nixos/alpha/secrets/secrets.yaml +++ b/nixos/alpha/secrets/secrets.yaml @@ -1,43 +1,40 @@ -spotify-password: ENC[AES256_GCM,data:tWOoEQk2oQT2s8pdRA4TAUtT8P5RSclZoQ==,iv:sgXUI3i72/QD2oIe0rtgO595PkfqL+EVAjtsuWjkFe8=,tag:MbiqIAiF3kEhZDXUCFg9aA==,type:str] +spotify-password: ENC[AES256_GCM,data:Ch5t1CRgEl5YzXjUQDKB0T5bCCtwcaxuxg==,iv:syNOAub1gZ0Tlh5rGvCgX6eXL071e2x+PM8KcouziLs=,tag:7fCCSwABsP9L4iZ8UFQOKA==,type:str] sops: + shamir_threshold: 2 + key_groups: + - pgp: + - created_at: "2022-02-12T14:44:47Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hF4Dod9S80wXQ00SAQdAQ2yYl36GKa+uN+GdzKB3NGkdfP80/chaJSZNxiqIHSkw + jGKIvFroAcbuvWv0wKzrRcG8LXNSAzVLLxa1aJeohPYjLet+6cuyFaLXyZbGTL3V + 0l8BRlabGME2HoGl3fl/LjDEeMBXVEcykMkMUX2REnpkBxK5Ks61kAhLeim0Sk+N + XWt9ajduAZH9Ryy8ikg7Og6ZDYVv/MsqNLMIlWpdiuEynqo3/q3vpzDv9VSsBOKQ + bg== + =fPaH + -----END PGP MESSAGE----- + fp: 346833414516C852FFB238E19F734565641C2F14 + hc_vault: [] + age: [] + - hc_vault: [] + age: + - recipient: age1ndc6vascfywmk5d3ptyeps92dyc9d9qsxmezn6t4wv56jjzysucqu8ldfn + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwczFhSjRJOWxobGVLcVhE + VlI3OG9LWkdpN0FvVjdwdHdLeERZM0hsWEg4CjBGdnZiNE1PSHNWT3B4V29kKyt6 + dDloZ0xmK0JXaWdDQTNjWW5JY295aEkKLS0tIHFDcy85NjJNNzRwS3NkaUxNVE5T + bW9MeXhHdHpXdWVFMlZjemJ3OG8zalUKbtZdiWCR+epsaXK2BXc5pgR3IgGQ8+SR + J6IuZt73d2XhFJ7eq50EdANcuivYhFgjDnwPrZhOw2Qwn+TTVONGBHY= + -----END AGE ENCRYPTED FILE----- kms: [] gcp_kms: [] azure_kv: [] hc_vault: [] age: [] - lastmodified: "2022-02-12T09:11:12Z" - mac: ENC[AES256_GCM,data:DcbZnvlX2fytF4EKoBSE2WPApcrPiGQvzOzILrRPoSf+kCVrL2W1+KgITma0lh9/Ja7An2SRnDmsmeGddZIPOih2VShMAexQu6jh0YvWsJ+0MF91rSG7ZeHRYiLdPv/Y/ovodibUlxolewtJTmB6pR+/hm+wLt2ns7gLP9LzqO4=,iv:hGgfEo3QxmBUFNRHG3So1uUT/2TI6v5W8aVnxBVyPZ0=,tag:aoyklCavONqvYJdPA+HO3g==,type:str] - pgp: - - created_at: "2022-02-12T09:11:01Z" - enc: | - -----BEGIN PGP MESSAGE----- - - hQIMA+5unZFUcOukAQ//V4BWqpo8VN8kd+8wb/7p+hcODgdfS84MgmVcS5kXtTgg - GlF1S2Y8sZNYeaoR+QmWj9+AnXOuS5Lzc8HZgeE8LlgfMSsE+7lQOMKVvRHkOchY - bvCx9LRmJr1L7jnxkaq/BU8vC+ztIz0Xl1UePMoqz4GpuyiX2ObMEaH8IW8DuQJv - vR22j5P/0Zw/UihwaCS+nkXZntFfDYmdvOTwXkyfuZE06kHbqxDEbuOkjsS/jegg - OUciGa0BC+B0CvqNA1p5SIOLlAi5QwGOHbv9IOXeF4laUMV57O3QnxXNZ1CPmBVJ - N/MDFc1ZVxL/jix4P5NPpDb786f++KjmTApHJXYvbm+JMMyl3QDopjLFJ7sMTXB3 - 1/eO3euxkkbLRkdySw834gSeazfS9KlBONXs250NBrmEttPMU1e2KuOhzwwFXPpS - FwT76e0w+UqhS1NL969+LzWaI8PsnBHgl2VYIGU5KoyUMZjwgtlriD9Kw1J6N4dL - N6G5jOvJq8S+sHb8IXKVXDvY/apehQ4btgnxiuNtndWf8qWRmDaFt+OGVKKwbplS - Q8/2K70J27SnwqyLQtRw7pmGwzIo5TQ2cT2o0Us1J4Pexc6/1ulrnMqRBseACddI - 0BBG3MF1erxRg180SwjZpU8DeWS2FxI1i0hBu/pA9sua/4Ij26lVs8H2moWv3RLS - VgG167RUeqXMqdXlMY9YP6qxQylXO0V2g34nzT4tIXhxRZ27PWqOgpEhboO/Hu5z - fnTsX9fr1tJUYSSrvrZtBBhbfvY+Zfs6BUsabqprVzQ1MShtSP6b - =eyfG - -----END PGP MESSAGE----- - fp: 39513104f6c28be21b21a437ee6e9d915470eba4 - - created_at: "2022-02-12T09:11:01Z" - enc: | - -----BEGIN PGP MESSAGE----- - - hF4Dod9S80wXQ00SAQdApdVK41an40JF07p4gDcSvpYnjRmZQTXF1drUqP5A1XIw - 5nxHskuJ+voJeSi/HLJRY/9xURyaOawt0Nd6VLrf8oA8qmzYCiYvl+lrHR2T8lzX - 0lwBTZtzmsDw8fYALzLaRUchwEXOOj05DMpo9zxu5VHkSPftqX8mhLqUPv/FbjC3 - DO/SoZmwuGj12qaOSJu2fq0hvqM9MXs2rjDsd+5C6/EWiKM+87siRqBXaBRPWQ== - =/ycG - -----END PGP MESSAGE----- - fp: 346833414516C852FFB238E19F734565641C2F14 + lastmodified: "2022-02-12T14:45:00Z" + mac: ENC[AES256_GCM,data:fgd0ZRv8IDEhWhUQcMH3GBkkKk+r9kr2LKihOmVslNSTsJ4L5+g5wJaBtAe/5FNq/TYOwyzPZRW4HLPcFTq7ZLPPD1DtdjXkHtsoPi9i53Y6WJ/6aZsH29w/F84ULWZTQVf3oJNx87vZ04rS5ADN9ndS9lu8cLyYkM3kyajNrhY=,iv:As7/YWXRvK9WXI5cbYCPUnTalodzHC3ZzkBMdPKljVw=,tag:lXCwPJy5EjovgenslaAlfw==,type:str] + pgp: [] unencrypted_suffix: _unencrypted version: 3.7.1 |