feat: move the secrets into the parent directory

fix #58
This commit is contained in:
Charlotte 🦝 Delenk 2022-03-09 17:27:09 +01:00
parent b2703dae1a
commit c2c8bfdde8
Signed by: darkkirb
GPG key ID: AB2BD8DAF2E37122
6 changed files with 4 additions and 40 deletions

View file

@ -4,25 +4,21 @@ keys:
- &nutty-noon age1zgxkntdp99dkvw7z29jjmgrzlla2ha542zrs3262dwat27a34asqckfkrl - &nutty-noon age1zgxkntdp99dkvw7z29jjmgrzlla2ha542zrs3262dwat27a34asqckfkrl
- &thinkrac age1azy4hfse3x9tzhjn0htelx8qeannscr7mydmuphp2qu73v72tp3qdxt7my - &thinkrac age1azy4hfse3x9tzhjn0htelx8qeannscr7mydmuphp2qu73v72tp3qdxt7my
creation_rules: creation_rules:
- path_regex: secrets/nixos-8gb-fsn1-1/[^/]+$ - path_regex: secrets/nixos-8gb-fsn1-1\.yaml$
key_groups: key_groups:
- age: - age:
- *nixos-8gb-fsn1-1 - *nixos-8gb-fsn1-1
pgp: pgp:
- *lotte - *lotte
- path_regex: secrets/nutty-noon/[^/]+$ - path_regex: secrets/nutty-noon\.yaml$
key_groups: key_groups:
- age: - age:
- *nutty-noon - *nutty-noon
pgp: pgp:
- *lotte - *lotte
- path_regex: secrets/thinkrac/[^/]+$ - path_regex: secrets/thinkrac\.yaml$
key_groups: key_groups:
- age: - age:
- *thinkrac - *thinkrac
pgp: pgp:
- *lotte - *lotte
- path_regex: secrets/rpi2/[^/]+$
key_groups:
- pgp:
- *lotte

View file

@ -1,5 +1,5 @@
{ config, ... }: { config, ... }:
{ {
sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
sops.defaultSopsFile = ../secrets + "/${config.networking.hostName}/secrets.yaml"; sops.defaultSopsFile = ../secrets + "/${config.networking.hostName}.yaml";
} }

View file

@ -1,32 +0,0 @@
network:
wireguard:
privkey: ENC[AES256_GCM,data:+mHow+Y5Y5kXS9iQwchvx+qKFOL54ZlJCGMxbEzjy1jt1V5nvf8181GKa/U=,iv:xCaNdyzJ6ZPlYC4Nm3lc5IRnuS4YLnzfpc7SyLbzsp8=,tag:lSgeMSHf8zH+dwGwDfMzhA==,type:str]
security:
restic:
password: ENC[AES256_GCM,data:YMoMhgOtXRa1aMXlhWCGWHvI4vc=,iv:HDJq3+aULRWKTKU3rLNdSXf0SaOKqvKE52rTbDPSY0Q=,tag:HUkOmWNkO6MoPPGgKhH8Aw==,type:str]
email:
darkkirb@darkkirb.de: ENC[AES256_GCM,data:y4U/BiN7kPPl8J8ivZuLoGuSiAk=,iv:jwGo25+UzaDjHTDRUgrCGOuplkfvSBGtcbtSL1BF360=,tag:cE/3NIZu0G1g5nmBey2z+A==,type:str]
lotte@chir.rs: ENC[AES256_GCM,data:Am08+fGqhr/ufpZg0ePziT/2dw==,iv:AhOoR44ZAiY2UTpo0WV94K1HeOE2cdxFmKAnM/2u7Dk=,tag:jvOoiP5SkPniXYPnLMRyuQ==,type:str]
mdelenk@hs-mittweida.de: ENC[AES256_GCM,data:iQzzdroSL7sIRWM5oR7CFjdW13oJzgy2ABuoaZw2el1hPJp9z7xCeQXMOB9CV/9gcIdUGF+kW6FXvayP3PeVYg==,iv:qGkzQKRhuV9MNTyuSWP+p1eJDTRQk94LP+b3DQkasz8=,tag:PORYS+LxNmmxVDXY9iej+Q==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age: []
lastmodified: "2022-02-26T08:35:22Z"
mac: ENC[AES256_GCM,data:ZLR59MvrNjypM4s/VA8M57p9Cxb40Nlos2EwrAiXcXEYoJ3AKG9mDSBzt+KiCsOe5Pgrfx2cUuVXwvK7IdfdZFl9DpBXXCpeByVqxdMq45Zqq2QM8+99dxSZt8IfZdEp8cVP99P1aB3IQlmeyMIGLPOpL45HofC3f5SG/wF7aKQ=,iv:q0tJo3aA/X38iQkYs+AUGROUwn80fV978nulTLSB15o=,tag:dihaOBXS8pgSISTzLcQ//w==,type:str]
pgp:
- created_at: "2022-02-26T08:28:49Z"
enc: |
-----BEGIN PGP MESSAGE-----
hF4DAAAAAAAAAAASAQdAAn6xyUBJJ9Ted13EUMccOI6uJF4kl1b3c2WXbxsIUH4w
2o1fl7kryh+dir4sZjlJn6MumIoFxCKLAGCtSVsnntKx73RCTGfm6wUWGLsalxUK
0lwBCbUvEEk0Uf5yoWcFHK1Ayyw9vkR0taxIgefJCTDt73iKvYe9O4ymrKZyHQd6
3eZViCGn4FQBn5oVEBUVRX44awq4i0DCeXfG90uxfbYkuro55aQCbDP9U5xmYg==
=2T85
-----END PGP MESSAGE-----
fp: 46C6A7E14BC7812E86C2700737FE303AAC2D06CD
unencrypted_suffix: _unencrypted
version: 3.7.1