mirror of
https://github.com/daylinmorgan/oizys.git
synced 2024-12-22 06:00:45 -06:00
try first secret
This commit is contained in:
parent
dba19e95f0
commit
f29fcf634b
3 changed files with 48 additions and 0 deletions
13
.sops.yaml
Normal file
13
.sops.yaml
Normal file
|
@ -0,0 +1,13 @@
|
||||||
|
# This document uses YAML anchors which allows reuse of multiple keys
|
||||||
|
# without having to repeat yourself.
|
||||||
|
# Also see https://github.com/Mic92/dotfiles/blob/master/nixos/.sops.yaml
|
||||||
|
# for a more complex example.
|
||||||
|
keys:
|
||||||
|
- &admin_daylin age10ft5tkswydhmassqeqzr8frpx6vc07g4rwam09rs8agvgfrsn95q9ml7u3
|
||||||
|
- &host_othalan age1t4k04mjltmmhljnwugm6y4dejtu72vv4fd4anxxfsdpkapfnfauqe765gy
|
||||||
|
creation_rules:
|
||||||
|
- path_regex: hosts/othalan/[^/]+\.(yaml|json|env|ini)$
|
||||||
|
key_groups:
|
||||||
|
- age:
|
||||||
|
- *admin_daylin
|
||||||
|
- *host_othalan
|
|
@ -25,4 +25,9 @@
|
||||||
|> listify
|
|> listify
|
||||||
|> enableAttrs
|
|> enableAttrs
|
||||||
);
|
);
|
||||||
|
|
||||||
|
sops.defaultSopsFile = ./secrets.yaml;
|
||||||
|
# This will automatically import SSH keys as age keys
|
||||||
|
sops.age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
|
||||||
|
sops.secrets.restic-othalan = {};
|
||||||
}
|
}
|
||||||
|
|
30
hosts/othalan/secrets.yaml
Normal file
30
hosts/othalan/secrets.yaml
Normal file
|
@ -0,0 +1,30 @@
|
||||||
|
restic-othalan: ENC[AES256_GCM,data:HNIya1Rp,iv:8QkDewpXoy+3ahuuaCN/HfbGOgfQQ0Ud5emD7zVPE2s=,tag:bDfumEnt20lun5hnLY+eVA==,type:str]
|
||||||
|
sops:
|
||||||
|
kms: []
|
||||||
|
gcp_kms: []
|
||||||
|
azure_kv: []
|
||||||
|
hc_vault: []
|
||||||
|
age:
|
||||||
|
- recipient: age10ft5tkswydhmassqeqzr8frpx6vc07g4rwam09rs8agvgfrsn95q9ml7u3
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBCK3pzZ3hXdG40L1JyK281
|
||||||
|
NDJ4WWEyWFBPeERabXpSUXYzOWMxdWJlMGdFCmQydi8rbVZCUFBzM0NUbWJlZzZ3
|
||||||
|
anV6a2FCL1BRTWg2V1RBZFJXUUNRUEkKLS0tIHIwTzl5NEdoTWRaUm9LR3I1MFph
|
||||||
|
TFJjQndHQUJZdEZsSElmY0xDMTMvc2MKCO9BP1jccmFXqLjJQyk5a1/QC69/WPaV
|
||||||
|
xl8U7gFoiOf6ZIESk/fADVtnG+thEYF1vwEMI8ClUfs+8kWgwBqoGw==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
- recipient: age1t4k04mjltmmhljnwugm6y4dejtu72vv4fd4anxxfsdpkapfnfauqe765gy
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBqWnBYVFRKMVJPVEQ1VlAy
|
||||||
|
Y000L1lHM2JyN0oyeTFROXh6OTVlTkc5RlVBCkdqU20yeGtVcWo3cmRoQmFKVG91
|
||||||
|
d3RQazc1UTJBdWQwUEdzNkNPYXZ3SmsKLS0tIHdzd0Q0a1pPeEJqS1Rrckt6aUdt
|
||||||
|
UmE2Mk4yV21TNTF2NjBqZ0txYThRRzAKgyWCwmF4mhX8lmfslmBf2UrcFqzT8m11
|
||||||
|
AqhJsG2LRU/9/6FXOYn2rYeCIDpTkPoQ4ez7F4m/zp+RvOc2eW3g2g==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
lastmodified: "2024-11-29T00:41:44Z"
|
||||||
|
mac: ENC[AES256_GCM,data:4+H5OmCCTrMrkz9sLHcdwu8EFc+iS3MUTfhLgH6crfE0QSmV87b4JKQTVtdoYnzB8f2hRS/DeAImaLs68NQ/c7raLKwKmX1Bx2htV92MEOhoEjnZ6IbpCzY9FhrtRFjjBrg/nAuMpK0ktYW3w9C/v/jq/YEnP+pabkPhsUav8GU=,iv:LtBd2nj21ZCOXmvfbCIz/lvYC4neRk7ZTnY/rbJnATU=,tag:o9K/TxIp/NLmcvpXHYPHoQ==,type:str]
|
||||||
|
pgp: []
|
||||||
|
unencrypted_suffix: _unencrypted
|
||||||
|
version: 3.9.1
|
Loading…
Reference in a new issue