Add aws credentials
This commit is contained in:
parent
a55a4b9f4c
commit
34f7e3f0ac
GPG key ID:
AB2BD8DAF2E37122
3 changed files with 86 additions and 0 deletions
10
.sops.yaml
10
.sops.yaml
|
|
@ -6,6 +6,16 @@ keys:
|
|||
- &nas age1c7y687sxh428wk34s8ws6kemu62mggafpt40rmanevgkuj5xa59q6f7tlc
|
||||
- &instance-20221213-1915 age1s7xxqxk6t6rw3zvfylgpwp5362v5guqsf8vjcvjjdj7wcnnxncvqc62frn
|
||||
creation_rules:
|
||||
- path_regex: secrets/shared\.yaml$
|
||||
key_groups:
|
||||
- age:
|
||||
- *nixos-8gb-fsn1-1
|
||||
- *nutty-noon
|
||||
- *thinkrac
|
||||
- *nas
|
||||
- *instance-20221213-1915
|
||||
pgp:
|
||||
- *lotte
|
||||
- path_regex: secrets/nixos-8gb-fsn1-1\.yaml$
|
||||
key_groups:
|
||||
- age:
|
||||
|
|
|
|||
|
|
@ -66,4 +66,11 @@
|
|||
};
|
||||
users.mutableUsers = false;
|
||||
boot.kernelParams = ["nohibernate"];
|
||||
|
||||
sops.secrets."root/aws/credentials" = {
|
||||
sopsFile = ../secrets/shared.yaml;
|
||||
owner = "root";
|
||||
key = "aws/credentials";
|
||||
path = "/root/.aws/credentials";
|
||||
};
|
||||
}
|
||||
|
|
|
|||
69
secrets/shared.yaml
Normal file
69
secrets/shared.yaml
Normal file
|
|
@ -0,0 +1,69 @@
|
|||
aws:
|
||||
credentials: ENC[AES256_GCM,data:FJH+8to7i/5gNLWJNMr3iQDSOoufshcRADTZB8FSvCWbvp0j+OiDZmI2xjYLr2w29S1AW8A270l1QdqKxQuOsJM5NHpsT1GxeVfK4UyAfDU27F3LQ5gaeUN4U+vQVqUxgtmSwutDTYL736Xo4hO92w==,iv:GPFzsVrku3p5dnj/oxBKV/0A2gwEJd7H9Wmg6eggZos=,tag:FJdSbdBjjp8hi7/vgbtXEg==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1273ps5thcy70ckdt0270s2nysqgu48t38pq3wq975v3y7mf4eavsw38wsl
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBEZGs0TndublFyQi9yM0R4
|
||||
NmdoYTZtZUtEU05pa25rL0hWMjVTZGc1WHpNCmwvNHJpTzg3ZDlkR2hEbzJDSmw0
|
||||
SjI5bWJ4Q1lGZDJvS2trdkFSdVZ6dlkKLS0tIFhhaFhHOFZ4MUhIYVpsQ2NqTGxn
|
||||
WFBaSGdXRTIzZUVmQTZVc1V1cWJETUkKyoqWYVV07acsjWOX+7B1LO2QZwCUhFTT
|
||||
tncKrSCRKOryRi/sCBI8wTuJ5h4ZOnFGuYcWe7rX61zv6MJmB7PeZg==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
- recipient: age1wfftrnyngg7nxcwvt7m590fwx3w7p4kkrjn9uprjq0u3k3ym4s3qqzkmzm
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtcU5GeGRXcllRMFdYclFu
|
||||
OUtNaFVWS2xFRFY1Tkt5V2pBYzQ5UkhMSVdVCkF4VXloNVFEMGp3MmFVTXRZby9T
|
||||
eldEQXNQK0UwUk9pRXNKeDNNdjJiZWMKLS0tIGxITmhSalZabSt3M3Y1MWV2WFg3
|
||||
Um41TWc1Zk15WVZleWw3YjBtdjJrK3MKChfeKSRpvkMVc9XWas94cXOeftKEMD8v
|
||||
Tbs80DBDsCRcA5FXyA8OglYMsszgKbBwO402ziy8XsZ2ndsKbzmyCA==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
- recipient: age15c2dquc22epmmndpmd8pa3077fdl8nyr5qehr7y0c9uvavrledsq326ak9
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtY09EWEI5YkI4OUNHTlVj
|
||||
Mnp0V2hCM2wrK0JCQVY3RmlxeGRFODl3ZFNjCnp0RGgreElHMWRNZXo1dk93RG1w
|
||||
Q0t3eXo1NW02M3VSS2NGOURpQlpxRm8KLS0tIHJlMExYUnE4L3M0T0NRVEZ5SFd5
|
||||
RkFzemNNeUwvcjZsUzRvWmI3SVVzMDQKwG0YSsitrfuCKcPo9jEwIkTx+Amu9oWv
|
||||
9gWMndg0mH2V+3gLfnOeWgLO7q00wil10/QPYtBv1eKHWbeflXhTcw==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
- recipient: age1c7y687sxh428wk34s8ws6kemu62mggafpt40rmanevgkuj5xa59q6f7tlc
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxK1p3QzdJUzFKVGJHRzBV
|
||||
VFkvUFVob3p0WE1RZGxWaDBVUTl6Q3VlS0JNCm53alJXUlhkWnR0OGVOZTdVbTA3
|
||||
RWl3dDQvTEpGa0FMZFRac0VxZkFNYUkKLS0tIFdZUGNVejlkNzNkUnd6Y1RwZ3VG
|
||||
ck54anBlVFZwSHhLNytYUDdqaFU3QUEK2EEhYevcyM2Z9Yzg1yll8VvtrOJ6rRts
|
||||
2UUjeIefQcSdOPQ+sAWC5U4nWlPodjbb8vrX9rAakVPeJsVDR216kQ==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
- recipient: age1s7xxqxk6t6rw3zvfylgpwp5362v5guqsf8vjcvjjdj7wcnnxncvqc62frn
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4V0ZVTmxScWhOWVkwTnps
|
||||
d1VZRUdXRGNYemNuTFJWWkZlUGM4cnUrNUhjCnE2cVJ2THdJQnF1dk9FY1M0SnBM
|
||||
UGNJWmVTSlRIbDhOVG45Y1RVM0UrVXcKLS0tIGFJTkdwS25MS2k2Q0hwbVlvU0Rv
|
||||
SEFmTkdnWkw2YTVXOVNIcXp2MXhZczgK1i8ibaQLEVdXcmdmeSQBNwt/glN6pd9Z
|
||||
8xLX40YKUnGUBlLHkQJPEOsZvhTDq+4PLd41S93Y2kv8p1y+IKnQ+Q==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2022-12-14T09:44:37Z"
|
||||
mac: ENC[AES256_GCM,data:T1dbLpD1LU9JsMafgzA/nBzM/hcqhZtir9RMrARaEwqDnA2kGra0TWIG0SIt2adi6mym5OJXqowswE2kkBqqybV1nG/spZBaHYM4FkRV4mec0mkFGxCSG3CqiBF43dZfM1d90sUf+QC+j5hnvL75y0AkjH8qDjmMp5zLkpzKj5Y=,iv:r3yFan7qIunwSIMJQuJ6byk6IAGyUhIu42UTnVkjcpg=,tag:e/PiaaMzZEG3OyV8bPAaYA==,type:str]
|
||||
pgp:
|
||||
- created_at: "2022-12-14T09:44:12Z"
|
||||
enc: |
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hF4DAAAAAAAAAAASAQdABfkbgMrxNMpI/9PEceVXQqEyHF+JLOqPdbldJKvITBgw
|
||||
AV8pN2F2pEFwIHoARpi42LZQpqMlbNIgRR7x+dPmv4UIY0BwqcDoiX6D8WHQIW3I
|
||||
0l4Bvej8D2IMF/8sA7JytITOBa5PZwuz/doyM10jisMeE/gRSA42GrtLtE7+YxL6
|
||||
Tj1UAwMmU70xKFBntkvQwheRxkKY4JqXHKmVtGwPJAPVYKRIIBy5L+fdF9MQYPty
|
||||
=q380
|
||||
-----END PGP MESSAGE-----
|
||||
fp: 46C6A7E14BC7812E86C2700737FE303AAC2D06CD
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.7.3
|
||||
Loading…
Reference in a new issue