about summary refs log tree commit diff
path: root/home
diff options
context:
space:
mode:
authorsefidel <contact@sefidel.net>2023-02-20 20:39:24 +0900
committersefidel <contact@sefidel.net>2023-02-20 20:39:24 +0900
commitb0c90b357d008071c14ebf1c6e6429c0e437c9ad (patch)
tree0dd3f12b877d8d488acf0582b9b0edc856b4c06f /home
parent90e15b65fa4bf1ebf9ec1f2c788c9acbcfb8005a (diff)
downloadnixrc-b0c90b357d008071c14ebf1c6e6429c0e437c9ad.tar.gz
nixrc-b0c90b357d008071c14ebf1c6e6429c0e437c9ad.zip
feat: use age for sops
Diffstat (limited to 'home')
-rw-r--r--home/.sops.yaml9
-rw-r--r--home/profiles/base/default.nix1
-rw-r--r--home/secrets/secrets.yaml55
3 files changed, 27 insertions, 38 deletions
diff --git a/home/.sops.yaml b/home/.sops.yaml
index 2bb8262..3d2b2ca 100644
--- a/home/.sops.yaml
+++ b/home/.sops.yaml
@@ -1,9 +1,10 @@
 keys:
-  - &sefidel 387E2BF0402610B00A9CB7E689C80C5BD6DBE2B2
-  - &home_sefidel 819975cf4b52822fbdc0e966ff61829f24f95075
+  - &sefidel age1jt8xg0lvzj5q4f7fn7nw670qsszm3kv3caa654eh62azra4x44zss4fad8
+  - &sefidel_pgp 387E2BF0402610B00A9CB7E689C80C5BD6DBE2B2
+  - &alpha_sefidel age1k585l9d34j77htwmzk79ms0wcfyltz5d3v87pnjkvrzru85vke4q2q0qjd
 creation_rules:
   - path_regex: secrets/[^/]+\.yaml$
     key_groups:
-      - pgp:
+      - age:
         - *sefidel
-        - *home_sefidel
+        - *alpha_sefidel
diff --git a/home/profiles/base/default.nix b/home/profiles/base/default.nix
index 530c8e6..abb7baf 100644
--- a/home/profiles/base/default.nix
+++ b/home/profiles/base/default.nix
@@ -83,6 +83,7 @@ in
       pkgs.nix-update
       pkgs.hydra-check
 
+      pkgs.age
       pkgs.aria2
       pkgs.bottom
       pkgs.fd
diff --git a/home/secrets/secrets.yaml b/home/secrets/secrets.yaml
index 6c199c2..1bbc448 100644
--- a/home/secrets/secrets.yaml
+++ b/home/secrets/secrets.yaml
@@ -1,43 +1,30 @@
-sef-imap-password: ENC[AES256_GCM,data:tq+CYvkPfUgPxvErtFqLF05NGrRt63ckv/hG1WqJ,iv:9d7YpmHnUXesfrGApQ+rylp1CS9Rp+vzXtUfyzisalo=,tag:Trcq6VVMrsEg7YXwaiaeXQ==,type:str]
+sef-imap-password: ENC[AES256_GCM,data:vg8Kw8xH4PzKrxyCIZCeHRB2wejTE6SmpKtfNh8y,iv:wmsmo24SqiC6JmqELWbmKcaGEwyv8Nt4vvBzBECRhBY=,tag:FuJPRwsIyCe7O0YhuIx6iw==,type:str]
 sops:
     kms: []
     gcp_kms: []
     azure_kv: []
     hc_vault: []
-    age: []
-    lastmodified: "2023-02-16T17:30:13Z"
-    mac: ENC[AES256_GCM,data:qbOhCP7Y1cFC4uYFUyoVMPmwMdtnq39PJfjVJvDWZ/jATGt2+uYfQpB5HaFEOXH2fIaNmliWcsw5cMNjkRaVUJrozvKUo8luqofifnx2SFmLTiIFHIcSlslcecU+Ty9ZP6CCe8Xxx2QM1eBKTK6e6Dy4CFoIY2ZIu05DBO+FaTQ=,iv:/wMwGDnwOUmPewy1YAjR/FUMWBXJ+ch+a1i3vYgKPFA=,tag:3cOQWrl2JGrDnaYT1xckqA==,type:str]
-    pgp:
-        - created_at: "2023-02-16T17:30:02Z"
+    age:
+        - recipient: age1jt8xg0lvzj5q4f7fn7nw670qsszm3kv3caa654eh62azra4x44zss4fad8
           enc: |
-            -----BEGIN PGP MESSAGE-----
-
-            hF4Dr9flwPWa1q8SAQdA27eYQIHgncOnRgp+WvsVIdv5xsJ89ZK1Wp7Sx/WBOhUw
-            +rp01T2gASSlrwFgbey/9lG79r7rcbSrGE03AtLbi0o8ZaK8Cb3XGJQ+8YggRII9
-            0l4BnwlUhq0Ctufzf6+Rm5BGm8nlPNYIkTJTDEyE2dHMWBj9tEeP4eVwoTsO+F8d
-            bQX3EWPvw+EbwvitQMb1648CZRUX7Yitl+MS/FK3HV3SFCVAkisdGpy6np4LzIgm
-            =4eAw
-            -----END PGP MESSAGE-----
-          fp: 387E2BF0402610B00A9CB7E689C80C5BD6DBE2B2
-        - created_at: "2023-02-16T17:30:02Z"
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBMQS9RVGpISUl0R3FSdDBJ
+            M2F3bkxoeHdEajhrWmZ1Ry9pKzZxazBhWWhJCitaWjgzS2YwaDgxbWdKdi85R0lW
+            NGwyYkVCQWZPK085U0o3eDd1YzgwSTgKLS0tIDZ4dTFOMDd1RHBHckMyVWo3NEtD
+            SzIyM3htUk5xTFFvajFPcDYvWkk4RjgKylMbCjn/2a2Lm5cVmN+g90AYh+kI0f41
+            1b6ciAFu8wxrdCC16KBu2iDoelZGSb8079vg3cd43Dt7iU52YOlFcA==
+            -----END AGE ENCRYPTED FILE-----
+        - recipient: age1k585l9d34j77htwmzk79ms0wcfyltz5d3v87pnjkvrzru85vke4q2q0qjd
           enc: |
-            -----BEGIN PGP MESSAGE-----
-
-            hQIMA/9hgp8k+VB1AQ//eh6R0z7rhnOiCMvIE+L9zwy2JMH9UJuJdU3qPr/JcVT5
-            nMtxvUH4rikc2G9TDwBdkam1IZ9MprjTwKEGfQx9dmNS7LkoJX5aYDd2oeqrLZKJ
-            QireqUCHD9Gi11kvGfrNwH9dQdQTjNZhe08LQ/q8qki/4T5J97rMm20vvUoOph7N
-            EG9c4towS9Wr0PEl5BoYvTABQO/d3K9tfkbdfV995aUQ9vDca4EaVzd/gZG/9/Ts
-            oK+VCk5mjbKlzg2PF6vnOp4k/N+XVo3HIx+1Pf2ReIMDenKRP6Ibl3qTgyxZcRm1
-            gDjJRP5GZtrweZaAXsUgmf///sLU1wxcuErRD2A9M9jYZeuhVGbyC+RLrBI20pZD
-            8iO0uZAdjH1t+exEOWNYRIvIVmHMUPCUzc7Rrjwn9VRdARnfCCU3fCGMGStL0REA
-            yvHF1VcpnDpPe14s9CvrtxaUxvMY2B9qzxpve/Ic+JD9kygJkKUJPwUmlW2cp4xO
-            TWUl87y+PcEjw4HM2U+i9puFTYI7qNrbbXIwiuOVXPWCyCIokZTpXBB7IZ7YR3vR
-            3269ObErR+l/MkuhGPHThyS0D9g7QhR36+8qMNobvQC1xO34UlkUFYAk6GV8itj7
-            h5qRSmi8/HEjyzj8LMSn+x193RWvihlfDKDYcWKn9dMcIzEypfY7nYiFYzGIIF/S
-            WAHkVYuuOHZprfKuBOHubx8MohvxvKhzvlpJ8F6Kt/dqhy6dgI88DyVeodTGHTMQ
-            Upk466GZnvlqlZivuDxOHKAmDlmVTyRFdDGQ+JoGoJ6gFGz4lnsO+MY=
-            =nX7u
-            -----END PGP MESSAGE-----
-          fp: 819975cf4b52822fbdc0e966ff61829f24f95075
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOVTJjejBJQjRRYXRNRXAr
+            dytJaEptVlhaQnRrTTRSVURSZE9LeThqSmpNCnlnYjluQklrTStCMnhxelFRRjls
+            YmZZNGNEQ3o0aFVhVy9yMlNrbkFBSFUKLS0tIDZNdm13OEo0dUEwNHk2ejZNbllR
+            ZElsRFZxR2tTYThlaEhzaUwyeUd3Uk0KIFLcgMUd76GHPC6+s2FRO1zvw9HrhMTX
+            PRKy++u+asJD+4g+BmxBn8rDhw8gdjLNLH3Yao4jNbDdASfuiapCqA==
+            -----END AGE ENCRYPTED FILE-----
+    lastmodified: "2023-02-20T07:25:27Z"
+    mac: ENC[AES256_GCM,data:bS0br931UnBDAXHIpscyYpL0P7uigh32A3fZYuSU0VMTt135/bI/Fcx2+h2QjIxvyv7ZunThFZcFd8db5DqidZ0qUBrcQ9mhJXdyI/MHNLsL4Pqa3AYDSXn3aUyVA9NpoBm9kd6ckO3rE4wRs21yjjpUWKaE/WwP0G6dlBUi85o=,iv:tiWNbFZQ6SyIF+mfnd+sg32SL13l2pYytjO5i5wQsGY=,tag:7fpU+z41/ge3JIoTLFN5zQ==,type:str]
+    pgp: []
     unencrypted_suffix: _unencrypted
     version: 3.7.3