about summary refs log tree commit diff
path: root/nixos
diff options
context:
space:
mode:
Diffstat (limited to 'nixos')
-rw-r--r--nixos/.sops.yaml11
-rw-r--r--nixos/alpha/secrets/secrets.yaml57
-rw-r--r--nixos/kompakt/secrets/secrets.yaml57
3 files changed, 50 insertions, 75 deletions
diff --git a/nixos/.sops.yaml b/nixos/.sops.yaml
index 9e31314..9c5ea30 100644
--- a/nixos/.sops.yaml
+++ b/nixos/.sops.yaml
@@ -1,15 +1,16 @@
 keys:
-  - &sefidel 387E2BF0402610B00A9CB7E689C80C5BD6DBE2B2
-  - &host_alpha c8f082e7e8b1554f11bdf1f794ade1df5e8f83f1
-  - &host_kompakt e6a9ee28ea91e2dbf24d817d0c5936391be59DC0
+  - &sefidel age1jt8xg0lvzj5q4f7fn7nw670qsszm3kv3caa654eh62azra4x44zss4fad8
+  - &sefidel_pgp 387E2BF0402610B00A9CB7E689C80C5BD6DBE2B2
+  - &host_alpha age100jkyvgl8hqkapw3s4s4uu8jjgfkjn8kyl769x8u4x6tddk6rezshtf6gr
+  - &host_kompakt age180yj8dn9jhjzj9c0y6qr5fa76g0ls3p772dvn60nu67wveqv8pvsahvur6
 creation_rules:
   - path_regex: alpha/secrets/[^/]+\.yaml$
     key_groups:
-      - pgp:
+      - age:
         - *sefidel
         - *host_alpha
   - path_regex: kompakt/secrets/[^/]+\.yaml$
     key_groups:
-      - pgp:
+      - age:
         - *sefidel
         - *host_kompakt
diff --git a/nixos/alpha/secrets/secrets.yaml b/nixos/alpha/secrets/secrets.yaml
index 5e9b0d3..020c060 100644
--- a/nixos/alpha/secrets/secrets.yaml
+++ b/nixos/alpha/secrets/secrets.yaml
@@ -1,44 +1,31 @@
-root-password: ENC[AES256_GCM,data:Oks5E9t0XAdWysG8aNazmJjhncyrTm+Chbo/nQpVS+ffsTFVj1bzj5nb6TrVwGFqRv4xtr0hEyQUFDUGEptJoxG0e3tbfY9pwQ==,iv:RrWtjGW/sJpGuSRxWEDD5KnCp3VIRJeNfpDOyf3ezd0=,tag:WmKF4ncrHOc/wLhdXjK4JQ==,type:str]
-sefidel-password: ENC[AES256_GCM,data:W5q+642ogGNseHJSctNqaK25frTuo0lOIYTdxo9t0+PyzC/jBsph7VlOOmJIjovDyNCFwpYuOR8hMyg/wjXO3wZk3BmQIW+1vuaddA874BHWiOFIEaP2jnYNgP0HiBWrjsMHSCxo30Ycng==,iv:RLvT6zWyogZJNpQifTL/8MYAiReYyhqTe6+rMZBoaEE=,tag:87qGzrOeQ8ZDwH//vL1LjA==,type:str]
+root-password: ENC[AES256_GCM,data:4EgEuEEL2BGj1wDRdK16WY72xKjwAqqWBZzKMn84WdkjRpGaTV+3BGgGhPimdUCl0LkdD74EzyW+ABAJ9TLp1Wt8b5ZFT3l89A==,iv:7iHixJi85lOQJU8svPEYe122K1jOyJVJovqgReJn428=,tag:BLTaHH7FSDTfVewW17kMBQ==,type:str]
+sefidel-password: ENC[AES256_GCM,data:RAlIJ31NPPvD5Pz4k1ren1fVdMWI86z9OFSAj7I4wCSeEBU4TZJ/EvJQr0cAyX6i8oIzSoJ8S6VvKmIdqZe5A+s1a4FU63/3UzgrDRKx1zUHTctrDRA7YNYxl9EDxAD0nOAd4kLArVRtTA==,iv:g6YgymUNjZ/dPZKrPesNalAuhXLbmhGZGbjlmlBg+VQ=,tag:e+hHJX1/+f5ye4EAZEkeCw==,type:str]
 sops:
     kms: []
     gcp_kms: []
     azure_kv: []
     hc_vault: []
-    age: []
-    lastmodified: "2023-02-16T02:32:53Z"
-    mac: ENC[AES256_GCM,data:MwT7Lt7J4hqZbY64tHXypZQDShfAW2Zqg9khNosh8gQVKeQaqHfOGnfINH1W5dtRpyLvQON5xyHuGsH6dERuC92257E0Es0vbbqslYT17Nw/kOD6Uq0HPTWa96sQ4K7LNWljVZpzOGLYQMEJt73tCHY8ge0UL1GYekDNMAdVQXc=,iv:T6+SwarPAEQFeJcKmH5aogTdRM3YdxCgi8Oq8b4ZCac=,tag:JR9sx7LZoNeSm3BxpNUnmg==,type:str]
-    pgp:
-        - created_at: "2023-02-16T02:29:39Z"
+    age:
+        - recipient: age1jt8xg0lvzj5q4f7fn7nw670qsszm3kv3caa654eh62azra4x44zss4fad8
           enc: |
-            -----BEGIN PGP MESSAGE-----
-
-            hF4Dr9flwPWa1q8SAQdAI/6Vf2s+nzzaxwa0sWIBK61oIy7kNJUWxfzXMCqEbiww
-            3WYfihpq4CSClukTKYhBnMA/Pawmdidn8agXtAXqNbZUc11Iyl9XJDy8x0GxMtF1
-            0lwBjQg77xhUo+0IBb1XLKXfHQVYbs5JBasaZ0P3AgMUw+aUCFpnsSc2mkUmtzBg
-            9GqRwgPqEC3hGNtMHVADaZrNRRF7t8ZFS0VozYReOyboYWAkt8hz9P1NJfqIpw==
-            =59ZL
-            -----END PGP MESSAGE-----
-          fp: 387E2BF0402610B00A9CB7E689C80C5BD6DBE2B2
-        - created_at: "2023-02-16T02:29:39Z"
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmYllCKzZBaVNwOTBRbm0x
+            Ni9hMTJCZ3kydThsZmlxa2drOGwrZVhBVkIwCnV5eDZobE9zMy9xRjNId3NsRFRR
+            SmtTNm5ZaGZRRXRLczlJdjNmWDRXMzQKLS0tIDZlblFENENwa3hXVnZJSGtNNE9m
+            QzlUV21aeGx5bTlaSDA3MWY3T2VicjAKpQlU66hPMEk7Alp3ByqURXzrYxMwwA8y
+            1HIbch3PFkR5fTQ8TwTVSOxRYmi3oyHB3OEGytWZZ7eU85GSMFOBsA==
+            -----END AGE ENCRYPTED FILE-----
+        - recipient: age100jkyvgl8hqkapw3s4s4uu8jjgfkjn8kyl769x8u4x6tddk6rezshtf6gr
           enc: |
-            -----BEGIN PGP MESSAGE-----
-
-            hQIMA5St4d9ej4PxAQ//adx3JKnElng16kbl30e67y3HCHg4jHOHCU8ilmyAP5iT
-            UFSVO2SVVP3hny3WwqEPJvnkn2d8KeRklPSkhVgXDKU4kthw6rW8uYN991y9NUAa
-            n8d8lZlFz35OwmPmEhRoxdxC/JTj/8iM6N+heL4x6v4VjKOFnBQFY5QTvr0VmsKB
-            wM/pRjiK5KEmpoNd4G3NFJf9od//R5NXS9fFwnudUQXN2vdshJXsSjN69RpdA4vV
-            aL2D0NmufbTx3enaFQ6PwFm3vNs7iUoRNZ7P2diJkxjoVWiGHcepvYjhJTnjjMSA
-            3Vd4ypWvrfYjorJpWiwQMzmgPl6HDpRVZ7dFp0peIJ6gkrOaZTYVq9fMdYmh7tp6
-            ktqPzTAuEF0+13fDXK0fNrz/+Adb0NqWTRssmK+gleMVOjjsHWEmiMIyoSrPNB8U
-            DKPVC92AvShLVpP1HX8UiuXWyr87F6BREqmQbk4+N5QCm6bEQ+eS0ZL4N4wmK/B1
-            z/ee4CTiKZ4C4oUVfUUcSbH7aYfPFAyavKdtDx9tsyqvQYPDxOBtBb0EXcK3epOc
-            GaNDwfLirzlCd7/tv9/5IUf4aW6ghk2BWM7y2DfaCPzqOZVXBly/tiQR81mBZwYe
-            jGTjywLnrQrYGD1IT5TTpMFDtoB3wbioa4QR4sw0F7SygVsqtvfXZdXpm6qaaznS
-            VgHA5e9mYojB69TPa4z7UDhmIqATgEQ1Pig4GIVpDFGndHW4bCfVW6VWo3sLgpQs
-            YcG8Stk1/SrqLcnLYZCsEw7VdLD+y8qWQcWM5jO7pXLd5fx0xC6B
-            =uYfX
-            -----END PGP MESSAGE-----
-          fp: c8f082e7e8b1554f11bdf1f794ade1df5e8f83f1
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxTmEraC9kK3VJV25UR0ht
+            bXArM1BzVUtyN0dKQmZwYUdhUlFXOUVMQWxrCkdxcjdySUNBWjJ4a2FrRTExdE9J
+            aE5pTnY5bGtqdXlBRktUQUJ2Ryt2cGcKLS0tIFB6SUxmS0c3VUJiTGNSR3lOZEhy
+            Qkt1Y2RIWmcwMW91VTVxeEVrUDR4MHcKNzDtHEEa8McCXgADwXRNNnwllOB+MZvR
+            oDMuo1zZnKT0DzTxumd8DSgHK28PKNFOsWtxdunWF7lm30gZsFxQFQ==
+            -----END AGE ENCRYPTED FILE-----
+    lastmodified: "2023-02-20T07:25:46Z"
+    mac: ENC[AES256_GCM,data:bhzvZsSnOeXw56intd55UYhO57fzkPRlJPUj7clw7h4VovxT/NIi6iTKry27to3DflR2JVgQ8s2g5YNllippYPBXnnCKC190oEDeaCsw5lcH4HU//obgVHsmYaLmJIJZmvJ+dIAYIoonG2/ZezKYDvSC7bdsYZLGpaq4uCZGIWI=,iv:lrhejHDeOZIirsA28WnN2Kcfy26wuLHP+feTdzt+0PM=,tag:RMr5Vyg5MqF02UTwdez9Mw==,type:str]
+    pgp: []
     unencrypted_suffix: _unencrypted
     version: 3.7.3
diff --git a/nixos/kompakt/secrets/secrets.yaml b/nixos/kompakt/secrets/secrets.yaml
index b819391..f9d53ff 100644
--- a/nixos/kompakt/secrets/secrets.yaml
+++ b/nixos/kompakt/secrets/secrets.yaml
@@ -1,44 +1,31 @@
-root-password: ENC[AES256_GCM,data:5te9t+Sa5U2PKilFiMCnrTVgAJsjikkXxBzknpdkjntegdT7AoHuIsVpM/kQJzgfsgnd3bdf+Vzu+8xA6xS0DtpRt2jIhZk+mQ==,iv:ZcTkmodTXHbKUJ+Y9KX3q01Ni9cU7LFJXLoIzEje9Pk=,tag:ESjorSUe+wKInYvFUoMlsg==,type:str]
-sefidel-password: ENC[AES256_GCM,data:txMBDsKRvvVyXGkXPzFHi+Y0aeSBnS83tq1xMEXcY+24+oWHa0cNXsL9A0vbbZEFW6C4pedCKoV+8VuG87PUNBYM+xZqvvSP6g==,iv:0AFa+09kEsbINeoaH4QMMID+jykzyU5PWqhKfiXhrrc=,tag:8wWXBdZh2eDVulcEE2TaCQ==,type:str]
+root-password: ENC[AES256_GCM,data:YQnUoTGpz0JC1Ck3pPTkbHavcSAZJxVD9xvKYXQRmfIS27B9yz0TmLv0ozweb7qsvRAgO0m3tCO9rfIh+5qO3kGMG0h5OhP7dw==,iv:hFTEFEsOubYaWEu58xusBtT5c9K5sAcezKfVkCrtvrE=,tag:GZA6AVsFIdWjaGZe1c5aJQ==,type:str]
+sefidel-password: ENC[AES256_GCM,data:jphYVr3Wg8+1llflee0Hb2f2V6bgwq+uAoZ+ZTCHxh95vHRHGBSUYDDnMZdJr63hr9Kc+t/ZYRJpwmmxAbZqrFJAjCzuSrBqlKFY0AGRVhIvFg/jeZbocea+8T+Flpp/yQ5rMtJWIE5NSg==,iv:+3UCC8tCXVyyLmHDuxTTJpB6ufZoZUNvBwHb70S5iYc=,tag:44OdW9OFv9hibABsB4w6cw==,type:str]
 sops:
     kms: []
     gcp_kms: []
     azure_kv: []
     hc_vault: []
-    age: []
-    lastmodified: "2023-02-14T16:45:38Z"
-    mac: ENC[AES256_GCM,data:VIRMrvlfYGxGeZQ5OWVEYb7ugbDKShFVyOsipaG/4eF2FG0BJyummdLVplbgygbX61rBVsPCzsMGGcT2oOn44KgO6WSYbh3nrWf9dIdCjrBoXc1MTVAnNvCBd4qdeCLGb0r3HAzSCjL1kVaakJOW5dN9HB2W0YvZBe8SBhNHV28=,iv:DXeHA2ltreedVguZX6fABK/grXAeGiX1YK82Wi6A4CQ=,tag:kOV9QgQWqpGiZuRosqiZFw==,type:str]
-    pgp:
-        - created_at: "2023-02-14T16:45:28Z"
+    age:
+        - recipient: age1jt8xg0lvzj5q4f7fn7nw670qsszm3kv3caa654eh62azra4x44zss4fad8
           enc: |
-            -----BEGIN PGP MESSAGE-----
-
-            hF4Dr9flwPWa1q8SAQdAyiUgV18oKBdRvAS+P9nMyGZXqfwRohBtzTyRdAfiFlQw
-            l/3M7zVzHoWbGD3Shm5+cEWGMDjBvzl5PmMP05epBNCoVlslvBll9Cbbq2QuoPjl
-            0l4BeDabn+XxFQHOY7jHNPG710ZxeFc+EyhpnePDkKLQxZTl3izcJqXbwkrGZaDT
-            vA00Mm9VAMJ3lvwRQmrRzmyHpH4QihW+Y29kuXPTMnm0PUEgl7s5ChBhZn6N7vRp
-            =4Bjf
-            -----END PGP MESSAGE-----
-          fp: 387E2BF0402610B00A9CB7E689C80C5BD6DBE2B2
-        - created_at: "2023-02-14T16:45:28Z"
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1UkJnR2czcm90MHBoUUtE
+            Zi94UFJvRUlhbjhZMStUWlhUVzlXTE5MSkRvCjZOck9kWTBKMHhUai9kbklGVUF1
+            RTNESGZyZFVucGlDM2cxbUVPS0w5cjQKLS0tIGhDeFN2KzkzZTVmWHBVTFhScHBR
+            czFyOHArSHNpaGN2R1p5aDJjd2JEOWsKThjzyM88xKZPrMjLOzrS7q2GQzS9+Xl/
+            df1X1guIS3i7fwjc9DuvaDlnuz3QpIwOQ1/1M8NR/gjBfYRJ+0pLcw==
+            -----END AGE ENCRYPTED FILE-----
+        - recipient: age180yj8dn9jhjzj9c0y6qr5fa76g0ls3p772dvn60nu67wveqv8pvsahvur6
           enc: |
-            -----BEGIN PGP MESSAGE-----
-
-            hQIMAwxZNjkb5Z3AAQ/+KGRrC1Cg57a0dOnsIqgmtS9lzROEYBsRfiIkOxTtq46k
-            jqPB3FTLTbOEfuh1K+ZNbs3M08+eZfH1uTZqxw1Vec39tPq9W88z4ucwSsa6v6B/
-            li0GaOXw3r3t2qVtmtq5/57ijPlhbBP7scM6iGHeFMR0kdZrQpcxOOzV7QgGKpss
-            FwF2Z0Jgl19vBl4a+sbAtgjktCyGzu4UmSAzQSEfYaYLIcpPjC19gb8fEgw0s1RP
-            k0MCgApFUg/k3IrHbGhuu02RZcd+/XQqy1qo7WLeaoHbIsbnjCIFsbR90so0dwvT
-            9jDdStP12pmNMg0zBmir8N24audnYmTU5OENpl7l7TcEKLu8QrqVyNGUyugtDhUw
-            CUczYBbV/OCOTxGQnGwaOK9q8mVvjHk7RgJplawKNwxuhyDddZ/yep6q1/CxL4G2
-            u+0KGxZjchUbJpakIpn7RO29Kv0ZqreSp18pD15a9sxQt+66w9V8PjX7qxbZINCD
-            WXpwcBNmZYbTa2JiVNF8KwGkwGvegBkf9MmxF9eprjeBm1ViyT0gH+8Ap2tvyHxl
-            GYyoX43xh/cef408ZK0UW70/SAvZE9cP0QaZbv6cCKjmQ4B5K8nWxMnMSdyr7ceW
-            /OJqJ8wfh/+xioAVtrj3pOWh4WHJp9VCZQjHMjc0XR2aYXSkHFtnt6qPMUl77ZDS
-            WAEiNt4dwmcw3Djz4zYY9mmnL/lLyqAWzWsXWs+iiFA0kDEJY2K0MYHwyhXyIZep
-            fuHohenWI27g9ZrfRsH8BIP/5AFdYTQiZZEbgNaL0lrauOo0rP1BMbE=
-            =v6C0
-            -----END PGP MESSAGE-----
-          fp: e6a9ee28ea91e2dbf24d817d0c5936391be59DC0
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHNlVqOGFYUEl2TVR5dlBp
+            aVRUSjhjYXBVVFVZaTlWN0hiblVvSXhMWFV3Ci9haDA1V0w1MjYwSThyU25ia3NJ
+            L1htVTZnUGRPakQyQUVxbzJYWmxvblEKLS0tIGFOSTZ3cmI0NnBxdzl3N2dvUW92
+            bjJCVUJDMm50V3pwaU1zQkUwRXdpdjAK39fVzMaVj7WRv7CcrTTrWyaSqohVZ59Z
+            coo75mzw8ImC8Evk1ZqkOAjmN4FbXrsWnpF+pLp17fsqbINkQM3QvA==
+            -----END AGE ENCRYPTED FILE-----
+    lastmodified: "2023-02-20T07:26:03Z"
+    mac: ENC[AES256_GCM,data:xH89h6MC0LNk8RkxDGrp0m92PZcjBWI0itMCS1OoHKEo+pRNYVVlQT4sqKyY5SWs1UAKKhF/Ks7jHNtAHFvo7gxw56mziYXhtnOTV3uzxLkVmhOH1qkma+4eztwVdLzBny9v9MtqCWdVdEPnCgeJfM3lLCEuT/Rif/b3wdnLcwQ=,iv:7K+xpkjUtxCEhplksrxl73GbMtzQM6YIFdGJQELGUOQ=,tag:UoTyR1rlEEMsg0/SCclfUg==,type:str]
+    pgp: []
     unencrypted_suffix: _unencrypted
     version: 3.7.3