mirror of
https://git.sr.ht/~rouven/nixos-config
synced 2024-11-15 05:13:10 +01:00
agenix: migrate nuc
This commit is contained in:
parent
517f03c86e
commit
3c5095f144
14
.sops.yaml
14
.sops.yaml
|
@ -1,28 +1,14 @@
|
||||||
keys:
|
keys:
|
||||||
- &yubi 116987A8DD3F78FF8601BF4DB95E8FE6B11C4D09
|
- &yubi 116987A8DD3F78FF8601BF4DB95E8FE6B11C4D09
|
||||||
- &rouven age1l80slr486r82csm758q2a32j2e2qdxdyxgh46um6thsjv08la9sq7475p6
|
- &rouven age1l80slr486r82csm758q2a32j2e2qdxdyxgh46um6thsjv08la9sq7475p6
|
||||||
- &thinkpad age1ejusm7c5smk5r0lcu7yynudrqc6j63pcyk9m4uh23f8kqd84cfqs88hjl6
|
|
||||||
- &nuc age18z4z5pgw8eluu32xe3krg4sxd2rncsnjw6e2axcun7x3vrj62vhq8eyz00
|
|
||||||
- &falkenstein-1 age1de938w6hzpv4cuzss7v3pt0chv4d0t220ue5n9d93ffuak7u949sumnhz3
|
- &falkenstein-1 age1de938w6hzpv4cuzss7v3pt0chv4d0t220ue5n9d93ffuak7u949sumnhz3
|
||||||
creation_rules:
|
creation_rules:
|
||||||
- path_regex: secrets/thinkpad\.yaml$
|
|
||||||
key_groups:
|
|
||||||
- pgp:
|
|
||||||
- *yubi
|
|
||||||
age:
|
|
||||||
- *thinkpad
|
|
||||||
- path_regex: secrets/rouven\.yaml$
|
- path_regex: secrets/rouven\.yaml$
|
||||||
key_groups:
|
key_groups:
|
||||||
- pgp:
|
- pgp:
|
||||||
- *yubi
|
- *yubi
|
||||||
age:
|
age:
|
||||||
- *rouven
|
- *rouven
|
||||||
- path_regex: secrets/nuc\.yaml$
|
|
||||||
key_groups:
|
|
||||||
- pgp:
|
|
||||||
- *yubi
|
|
||||||
age:
|
|
||||||
- *nuc
|
|
||||||
- path_regex: secrets/falkenstein-1\.yaml$
|
- path_regex: secrets/falkenstein-1\.yaml$
|
||||||
key_groups:
|
key_groups:
|
||||||
- pgp:
|
- pgp:
|
||||||
|
|
|
@ -86,7 +86,6 @@
|
||||||
./users/rouven
|
./users/rouven
|
||||||
nixos-hardware.nixosModules.common-pc-laptop-ssd
|
nixos-hardware.nixosModules.common-pc-laptop-ssd
|
||||||
home-manager.nixosModules.home-manager
|
home-manager.nixosModules.home-manager
|
||||||
sops-nix.nixosModules.sops
|
|
||||||
agenix.nixosModules.default
|
agenix.nixosModules.default
|
||||||
nix-index-database.nixosModules.nix-index
|
nix-index-database.nixosModules.nix-index
|
||||||
impermanence.nixosModules.impermanence
|
impermanence.nixosModules.impermanence
|
||||||
|
@ -112,8 +111,7 @@
|
||||||
impermanence.nixosModules.impermanence
|
impermanence.nixosModules.impermanence
|
||||||
./hosts/nuc
|
./hosts/nuc
|
||||||
./shared
|
./shared
|
||||||
./shared/sops.nix
|
agenix.nixosModules.default
|
||||||
sops-nix.nixosModules.sops
|
|
||||||
{
|
{
|
||||||
nixpkgs.overlays = [ self.overlays.default ];
|
nixpkgs.overlays = [ self.overlays.default ];
|
||||||
}
|
}
|
||||||
|
|
|
@ -25,11 +25,6 @@
|
||||||
systemd.package = pkgs.systemd.override { withHomed = false; };
|
systemd.package = pkgs.systemd.override { withHomed = false; };
|
||||||
services.btrfs.autoScrub.enable = true;
|
services.btrfs.autoScrub.enable = true;
|
||||||
|
|
||||||
sops.secrets."store/secretkey" = { };
|
|
||||||
nix.extraOptions = ''
|
|
||||||
secret-key-files = ${config.sops.secrets."store/secretkey".path}
|
|
||||||
'';
|
|
||||||
|
|
||||||
environment.persistence."/nix/persist/system" = {
|
environment.persistence."/nix/persist/system" = {
|
||||||
directories = [
|
directories = [
|
||||||
"/etc/ssh"
|
"/etc/ssh"
|
||||||
|
@ -41,9 +36,7 @@
|
||||||
"/etc/machine-id"
|
"/etc/machine-id"
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
# impermanence fixes
|
age.identityPaths = [ "/nix/persist/system/etc/ssh/ssh_host_ed25519_key" ];
|
||||||
sops.age.sshKeyPaths = lib.mkForce [ "/nix/persist/system/etc/ssh/ssh_host_ed25519_key" ];
|
|
||||||
sops.gnupg.sshKeyPaths = lib.mkForce [ ];
|
|
||||||
|
|
||||||
time.timeZone = "Europe/Berlin";
|
time.timeZone = "Europe/Berlin";
|
||||||
|
|
||||||
|
|
|
@ -1,6 +1,8 @@
|
||||||
{ config, pkgs, ... }:
|
{ config, pkgs, ... }:
|
||||||
{
|
{
|
||||||
sops.secrets."borg/passphrase" = { };
|
age.secrets."borg/passphrase" = {
|
||||||
|
file = ../../../../secrets/nuc/borg/passphrase.age;
|
||||||
|
};
|
||||||
environment.systemPackages = [ pkgs.borgbackup ];
|
environment.systemPackages = [ pkgs.borgbackup ];
|
||||||
fileSystems."/mnt/backup" =
|
fileSystems."/mnt/backup" =
|
||||||
{
|
{
|
||||||
|
@ -23,7 +25,7 @@
|
||||||
path = "/mnt/backup/nuc";
|
path = "/mnt/backup/nuc";
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
encryption_passcommand = "${pkgs.coreutils}/bin/cat ${config.sops.secrets."borg/passphrase".path}";
|
encryption_passcommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets."borg/passphrase".path}";
|
||||||
compression = "lz4";
|
compression = "lz4";
|
||||||
keep_daily = 7;
|
keep_daily = 7;
|
||||||
keep_weekly = 4;
|
keep_weekly = 4;
|
||||||
|
|
|
@ -4,12 +4,13 @@ let
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
|
|
||||||
sops.secrets = {
|
age.secrets = {
|
||||||
"matrix/shared_secret" = {
|
"matrix/shared" = {
|
||||||
|
file = ../../../../secrets/nuc/matrix/shared.age;
|
||||||
owner = config.systemd.services.matrix-synapse.serviceConfig.User;
|
owner = config.systemd.services.matrix-synapse.serviceConfig.User;
|
||||||
};
|
};
|
||||||
"matrix/sync/environment" = {
|
"matrix/sync" = {
|
||||||
# owner = "matrix-sliding-sync";
|
file = ../../../../secrets/nuc/matrix/sync.age;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -25,7 +26,7 @@ in
|
||||||
matrix-synapse = {
|
matrix-synapse = {
|
||||||
enable = true;
|
enable = true;
|
||||||
configureRedisLocally = true;
|
configureRedisLocally = true;
|
||||||
extraConfigFiles = [ config.sops.secrets."matrix/shared_secret".path ];
|
extraConfigFiles = [ config.age.secrets."matrix/shared".path ];
|
||||||
|
|
||||||
settings = {
|
settings = {
|
||||||
server_name = config.networking.domain;
|
server_name = config.networking.domain;
|
||||||
|
@ -47,7 +48,7 @@ in
|
||||||
settings = {
|
settings = {
|
||||||
SYNCV3_SERVER = "https://${domain}";
|
SYNCV3_SERVER = "https://${domain}";
|
||||||
};
|
};
|
||||||
environmentFile = config.sops.secrets."matrix/sync/environment".path;
|
environmentFile = config.age.secrets."matrix/sync".path;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -3,8 +3,9 @@ let
|
||||||
domain = "nextcloud.${config.networking.domain}";
|
domain = "nextcloud.${config.networking.domain}";
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
sops.secrets = {
|
age.secrets = {
|
||||||
"nextcloud/adminpass" = {
|
"nextcloud/adminpass" = {
|
||||||
|
file = ../../../../secrets/nuc/nextcloud/adminpass.age;
|
||||||
owner = "nextcloud";
|
owner = "nextcloud";
|
||||||
group = "nextcloud";
|
group = "nextcloud";
|
||||||
};
|
};
|
||||||
|
@ -21,7 +22,7 @@ in
|
||||||
dbuser = "nextcloud";
|
dbuser = "nextcloud";
|
||||||
dbhost = "/run/postgresql";
|
dbhost = "/run/postgresql";
|
||||||
dbname = "nextcloud";
|
dbname = "nextcloud";
|
||||||
adminpassFile = config.sops.secrets."nextcloud/adminpass".path;
|
adminpassFile = config.age.secrets."nextcloud/adminpass".path;
|
||||||
adminuser = "rouven";
|
adminuser = "rouven";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -3,11 +3,14 @@ let
|
||||||
domain = "vault.${config.networking.domain}";
|
domain = "vault.${config.networking.domain}";
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
sops.secrets."vaultwarden/env".owner = "vaultwarden";
|
age.secrets.vaultwarden = {
|
||||||
|
file = ../../../../secrets/nuc/vaultwarden.age;
|
||||||
|
owner = "vaultwarden";
|
||||||
|
};
|
||||||
services.vaultwarden = {
|
services.vaultwarden = {
|
||||||
enable = true;
|
enable = true;
|
||||||
dbBackend = "postgresql";
|
dbBackend = "postgresql";
|
||||||
environmentFile = config.sops.secrets."vaultwarden/env".path;
|
environmentFile = config.age.secrets.vaultwarden.path;
|
||||||
config = {
|
config = {
|
||||||
domain = "https://${domain}";
|
domain = "https://${domain}";
|
||||||
signupsAllowed = false;
|
signupsAllowed = false;
|
||||||
|
|
|
@ -48,9 +48,6 @@
|
||||||
"/etc/machine-id"
|
"/etc/machine-id"
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
# impermanence fixes
|
|
||||||
# sops.age.sshKeyPaths = lib.mkForce [ "/nix/persist/system/etc/ssh/ssh_host_ed25519_key" ];
|
|
||||||
# sops.gnupg.sshKeyPaths = lib.mkForce [ ];
|
|
||||||
age.identityPaths = [ "/nix/persist/system/etc/ssh/ssh_host_ed25519_key" ];
|
age.identityPaths = [ "/nix/persist/system/etc/ssh/ssh_host_ed25519_key" ];
|
||||||
|
|
||||||
time.timeZone = "Europe/Berlin";
|
time.timeZone = "Europe/Berlin";
|
||||||
|
|
|
@ -5,10 +5,19 @@ let
|
||||||
rouven = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILkxTuzjS3EswMfj+wSKu9ciRyStvjDlDUXzkqEUGDaP";
|
rouven = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILkxTuzjS3EswMfj+wSKu9ciRyStvjDlDUXzkqEUGDaP";
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
|
# thinkpad
|
||||||
"secrets/thinkpad/wireless.age".publicKeys = [ rouven thinkpad ];
|
"secrets/thinkpad/wireless.age".publicKeys = [ rouven thinkpad ];
|
||||||
"secrets/thinkpad/tud.age".publicKeys = [ rouven thinkpad ];
|
"secrets/thinkpad/tud.age".publicKeys = [ rouven thinkpad ];
|
||||||
"secrets/thinkpad/wireguard/dorm/private.age".publicKeys = [ rouven thinkpad ];
|
"secrets/thinkpad/wireguard/dorm/private.age".publicKeys = [ rouven thinkpad ];
|
||||||
"secrets/thinkpad/wireguard/dorm/preshared.age".publicKeys = [ rouven thinkpad ];
|
"secrets/thinkpad/wireguard/dorm/preshared.age".publicKeys = [ rouven thinkpad ];
|
||||||
"secrets/thinkpad/borg/passphrase.age".publicKeys = [ rouven thinkpad ];
|
"secrets/thinkpad/borg/passphrase.age".publicKeys = [ rouven thinkpad ];
|
||||||
"secrets/thinkpad/borg/key.age".publicKeys = [ rouven thinkpad ];
|
"secrets/thinkpad/borg/key.age".publicKeys = [ rouven thinkpad ];
|
||||||
|
|
||||||
|
# nuc
|
||||||
|
"secrets/nuc/nextcloud/adminpass.age".publicKeys = [ rouven nuc ];
|
||||||
|
"secrets/nuc/matrix/shared.age".publicKeys = [ rouven nuc ];
|
||||||
|
"secrets/nuc/matrix/sync.age".publicKeys = [ rouven nuc ];
|
||||||
|
"secrets/nuc/vaultwarden.age".publicKeys = [ rouven nuc ];
|
||||||
|
"secrets/nuc/borg/passphrase.age".publicKeys = [ rouven nuc ];
|
||||||
|
"secrets/nuc/borg/key.age".publicKeys = [ rouven nuc ];
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,54 +0,0 @@
|
||||||
store:
|
|
||||||
secretkey: ENC[AES256_GCM,data:mfqSl4ZPML3eAQ0txmbjNcIlDSL/z4b6ot4tzzC4E929nTNTNa/K9e56UpSKpG+ybRM4gTdaAJYpXbkVia4OdoWkYaBoHeQqOzEHcWBPxHLFILkotbRQ8NZx7K1y/NyE,iv:bWRx/W7c4kXUj2XKSNkLYPkvd8S+/CYW3UoztTzQ/ZE=,tag:UYgFx6vVNCU2E+V5BzS2kA==,type:str]
|
|
||||||
publickey_unencrypted: nuc.lan:a9UkVw3AizAKCER1CfNGhx8UOMF4t4UGE3GJ9dmHwJc=
|
|
||||||
nextcloud:
|
|
||||||
adminpass: ENC[AES256_GCM,data:lfx7t/ewN23/O0qvSVHrX70W4NygAA0zTA==,iv:Px32DXH8BKQphldeW3CdJjRCXnmMgRx6g0YWZ6ON/pY=,tag:3Effg1hKNNlp+intUEmzxQ==,type:str]
|
|
||||||
matrix:
|
|
||||||
shared_secret: ENC[AES256_GCM,data:bX2RC82xNOYnN4cLewLw/t+sN7+1AjwoglmBZitkDyJThBdxM8UA3aa4KiAx4KQmR8d22VXAILank42CtM5Kl5S33mIwCri4wTBq7ZU7mKwjCQi2cMgLuZp3S6g=,iv:s2YKMHa3SZBwwAvFcYBfWnhP5mKlh7QADGabQPjtgTs=,tag:HnYZr8/snufw/RGKM9Bl5Q==,type:str]
|
|
||||||
sync:
|
|
||||||
environment: ENC[AES256_GCM,data:9KXJJmu7ruzndHs0QRZUH4SUBdensMad1BMJ4ztmR2IQkNDT8HxJaFSeGdaNJSo8rpj7NxyOD4MrxHJKe+Jjf2OvmZD0h/vyhURX0TZIRg==,iv:CdR+KzvqzdpcqBLNYSWmATFXrbgYw3Z8ZsC3L/E8+Ig=,tag:9iiL8BYPZ7sJeBbcUnkAqQ==,type:str]
|
|
||||||
vaultwarden:
|
|
||||||
env: ENC[AES256_GCM,data:LZ/geI1sqA6BgFqSYNpDlNm9tn0GVKyHcbsJJoWDs89MUjEgrk7QBK1VighKQkmW+4xJqqruLfDkrNMmsSQdyWXNISawuw==,iv:ukh3ggqJ1R8DqQQDad86QoKbpHBG5mTBx7oKWbgnrZg=,tag:PlYKW5jtYVCrjAWideG1Dg==,type:str]
|
|
||||||
borg:
|
|
||||||
passphrase: ENC[AES256_GCM,data:TGs4J64BmfpHi3PljOlfugoCzC21zg==,iv:Z3TyijL/0Ku7Ttx3+wLloUOS8ihA677nY/QTVC4eZwQ=,tag:yZrFkEKd9XtiT+BEX1Q6Yw==,type:str]
|
|
||||||
key: ENC[AES256_GCM,data:Lcm8DLgp00HZj8krqXkwaPhq/S0ppQOJADYa6ULESqjYGsu8gPU7rlQ22GSDTLZ7F2HW6eU5V/9lobaBesMSJ2U+1GgcKkDmsmlz89H3sctFzrCB6dPMABiOZX1V/dplFX2jp7AXagwYDqEYT1vZi8IEMcNxaGSTFyb0W5zwj3+8wL6eTQYHyYRIrGj19/XuYOh42v+t6jBBrcdzsnBb6F8BYeBKaqYA5iBQJZGxH0mrSCCelBXz5CcsH5GIh6GAbkYLC4Zg7HQuZl6w0IvjgqKMsXfWROMtLCYih86gLioZdDn5qdwMOPqmGWR4nxH9ABjfunR9fSjdtt/aeg9Iz3/sAGbjUfMoUCYqmUVox0FnuT0H/3OjChI/EFFGtOM5ZLSz1CSJ/VyyRmrvtDcTu2aXCvbRYuhXIWRLtOmVPUsNqNXyZnPx49/no3ilgttKJTQkv5A6NTwgmXSh5UMaz7Y6VFnXZlapfocJwihw5NwHHBm7VaxI6871eUwQefljMeaQK+iW3BMeP+eIA/SRX2U67xywsLzHy6esC4UIySXVHVMuNTkoImsJ8zxJYmkIue1vF5S+21M5ajFfCBXI6+Kof6iQxz8kiqDx4rchzy2cV9462BLKFCH//To3aQVrovtCx9dZNk55TYXmpqn0gV9IG6vpl8bt2zKzqfnyg5CSGoUnzvUZ8LongfVeyk6vu617Ye8jQCUU5vmhrfCWeH3nfCwXCRHwMHp+7Ie8ykjJUPUrUxZw1YuMo79X4WDPU2ctNz18Gq+Dni94FOL4eKXxlKcTpVUI1N5DFhb3eV6LoKyJ6GJB6Lf/Y1WbWwHS3QoVn3GIPBKdcy+zCBTqXrO1I+6E/cIEJ0OeMU50AuehLW7iuqlfjDn/MRRtLYcitE7jdwjLkifz1hteSvp/O3EdvlxyNmpAfVp6knidwCZDxVX3qMmIVTewi1Tq4C8XHbR9GTGv1FmPPwvfuRCL9M63T+lv5GB26WYfjQqrH8qPfH7DkUTgoX8pPfVTg5Fe4iBmTpDf3GrCNgVihyYC3loMAWRUvNEv7Jgyk1+P4fDE3MIFlv8uOUU6Ckiy,iv:ce7LXzs+YowBByyz4mQeBZHElLdRs4ifteheNYuYvRU=,tag:9g6J6gdQ0cmpAF9E/SPPeA==,type:str]
|
|
||||||
sops:
|
|
||||||
kms: []
|
|
||||||
gcp_kms: []
|
|
||||||
azure_kv: []
|
|
||||||
hc_vault: []
|
|
||||||
age:
|
|
||||||
- recipient: age18z4z5pgw8eluu32xe3krg4sxd2rncsnjw6e2axcun7x3vrj62vhq8eyz00
|
|
||||||
enc: |
|
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSaHE4OTN3YXJvL0ZBb2lL
|
|
||||||
ZkFiTmN4bEtCaEpxZlJKVGs3Zlgyc2lnSGdzCmNScE9IeGMyVTVXOTZoblhWVGZO
|
|
||||||
cVE1emliN0N2L0JzMU1hVjVZL2FFS2sKLS0tIG9FNlZ6TTBHT2hMNjhRVWdCTFBw
|
|
||||||
V3l5WVZhL1dVMUxoV1NYdFhVaElYUU0KtYzj7r6+/j2Sqo7AiVdPPKBqsFBiefpj
|
|
||||||
4nOJD81tJYMqh7deydKFB1kEYOX4HJ9HfQURzcdbhgWbUv6xys2eyg==
|
|
||||||
-----END AGE ENCRYPTED FILE-----
|
|
||||||
lastmodified: "2023-10-17T07:53:01Z"
|
|
||||||
mac: ENC[AES256_GCM,data:GXCw/3DxrOXrxnORd/5d5eG8Gp9Ds0x9BKzgSpwARWpZosj0zXA2yXAax42MSM3Yom3DwC+sWp1Gi9Gbj6db+8dGUhs6bADtukVD3l09f0/U49CKtCuut/u6uFhz6QWTmY24sVbGWXFx/SF8TFopmDkgcelJHBA191exbCCAglo=,iv:Oztg9GbA0cnUMF5vHrk/+Ha1rRH6qKaB4nQNN0hlpJw=,tag:jlfFY+zMa4Gv/SvICq128A==,type:str]
|
|
||||||
pgp:
|
|
||||||
- created_at: "2023-06-12T13:53:20Z"
|
|
||||||
enc: |-
|
|
||||||
-----BEGIN PGP MESSAGE-----
|
|
||||||
|
|
||||||
wcFMAzUXo8ZPJwGLAQ//S+sWiRzpTzfmCpM00k2bokPu9npV6ntJdQOXR3BDDfu3
|
|
||||||
fLN5bFdtbMdTuKur7Ft7a1fqIYlBdgbP4+L7u05Y+A6/LC+u4V+q20mGlD7JGcgm
|
|
||||||
/CwMW157dT4rHKZqa4oy7F1WFtFJHL4YOIr4of0eU4i7pipNmzcXLqm3Tt2Ls/0i
|
|
||||||
bshHFPYQK75EOWb6BoZG+s0H2+4JyAN05FKX7/q6QdY6Rm+UOMWje8COalfruEB2
|
|
||||||
OFy5Mf+zM4rWwialaQW6KVArDfV0gTZ6JVxRl1n0ADwOYMCqpYc6fxDGcmgFLQ5n
|
|
||||||
H2U93htxSVYwELYViNDwu8b0DTmVyuLSYIO4+6H9WC26/T7EBC7bTpH0JxPi7d65
|
|
||||||
DbZ796q0Ryb3Nxth/NXOcEHBwiUZLSkrCqGC0s5cfk+NX4udJW8sVHjpNN0UalqK
|
|
||||||
mM9dgKsCGNwNs6LV31o3ML7Z8SIRvk3J7ubwbS+HCYJOM8WgnTA+qCNIGLrFjgfM
|
|
||||||
kAcMmADr0UTuY+6n3v1ugkuJaMUgRGH0RXXISZhabOignxkBsHmruzrUQNl3MNps
|
|
||||||
PDmqxFlLsoansgSG8pUuRHCK8WNoFScmcPl5hN7uc709PHjrnzLUq4kKRIauocqJ
|
|
||||||
UCc63XJAUy6Sy3bwgM/7GazGQRn4NCdWPCds38B3w1FREde7RglnsFibsr19Y+3S
|
|
||||||
UQHJ1Fs0cum+WOy+kzl0jSm9Eumqg6x4eCQYZYhG+s6xW2CvKWGIPZTNeWkE1adF
|
|
||||||
0522Mb8J6VimqF6qwH9WGomL3P9IEJ8km483JlW0rm1frw==
|
|
||||||
=GU3+
|
|
||||||
-----END PGP MESSAGE-----
|
|
||||||
fp: 116987A8DD3F78FF8601BF4DB95E8FE6B11C4D09
|
|
||||||
unencrypted_suffix: _unencrypted
|
|
||||||
version: 3.8.0
|
|
BIN
secrets/nuc/borg/key.age
Normal file
BIN
secrets/nuc/borg/key.age
Normal file
Binary file not shown.
BIN
secrets/nuc/borg/passphrase.age
Normal file
BIN
secrets/nuc/borg/passphrase.age
Normal file
Binary file not shown.
BIN
secrets/nuc/matrix/shared.age
Normal file
BIN
secrets/nuc/matrix/shared.age
Normal file
Binary file not shown.
10
secrets/nuc/matrix/sync.age
Normal file
10
secrets/nuc/matrix/sync.age
Normal file
|
@ -0,0 +1,10 @@
|
||||||
|
age-encryption.org/v1
|
||||||
|
-> ssh-ed25519 uWbAHQ XsGbKNzqR/HTkmMZxCcmxAXDIpuJENpJR1GyFuumMlo
|
||||||
|
T2uxdQvSKHveDL7nY0tlNAWNuUX/h8wEORV0xmNfqm8
|
||||||
|
-> ssh-ed25519 2TRdXg 57Bliz2LRjK5sHjGtRVdIUWfV7Iji0/RACEDF0dNUno
|
||||||
|
TMBsr9g940Xrbiu8XwbLKQJRNadC2+BuaTBbSo09t5A
|
||||||
|
-> U1M[E6m-grease US!+ :Hx\j7A K
|
||||||
|
7AyVWcQChTJPlIoH7ZLebV7C+HJACc4vsBRrma+m47r9FV+KmVpfrhPy7jH1wSkX
|
||||||
|
sG2Du4OrPh5+xPAgNaPNw3rbex9I6oRjmbhJ
|
||||||
|
--- gW24zSlBpNtmQhp0Er4MaZV/K8TigsV+d7jMulAR3YQ
|
||||||
|
\4À‹±¼µƒOÒ<0B>ˆM©•_è–@…
Œ¾aÅ€@ã6¦³½ï[×XC–ͦ챞|<7C>|"£–—¢
÷z<C3B7>OÆ”!:>xMH( KBóy¼Z ‹1ù*“]‰d|ýÀ¦l?þ
t·¹öE_:
|
10
secrets/nuc/nextcloud/adminpass.age
Normal file
10
secrets/nuc/nextcloud/adminpass.age
Normal file
|
@ -0,0 +1,10 @@
|
||||||
|
age-encryption.org/v1
|
||||||
|
-> ssh-ed25519 uWbAHQ 04CqSy3PpePLQ60Ky55Bxtytnj4t+Wz5X9qZxaSWyDs
|
||||||
|
QM8jHjiXvx70ZokFiuwSnkfI3De3t3cQwFf2zezYc74
|
||||||
|
-> ssh-ed25519 2TRdXg wUXwM0JL1YjeQvIUGzoZhhQ4WBu9HwmMbOfsTj918E0
|
||||||
|
XlNUno46LV1LD1ni3DAhDL+MwBUtZYUEjgMWjiCy03Y
|
||||||
|
-> _yK#P&-grease x|25 "[ Eg]|<,
|
||||||
|
3fuuF3W/4MbQthuHpYwMSdh0QEgIi9OILjM3oXyNzVjbPdN99NvEJ+nYYuh3FDGP
|
||||||
|
vp02QsTygDBMaZBDtSBYGdQ
|
||||||
|
--- CvrR1mOa9m1ovX66PoB/1qi+fqMCyt4/6jrdnsoZKuo
|
||||||
|
1*JùÒ[LÇøt˜i5å§fbŒ[B£Ä%èÎ 1¡§35ÙÜÅÖijPÈ#ÿÉqšs&ˆ,<2C><07>”€
|
10
secrets/nuc/vaultwarden.age
Normal file
10
secrets/nuc/vaultwarden.age
Normal file
|
@ -0,0 +1,10 @@
|
||||||
|
age-encryption.org/v1
|
||||||
|
-> ssh-ed25519 uWbAHQ g7NPxuCparuO0tHg0kedeTgIYePFbrc6THp0sf+cbmY
|
||||||
|
YXTDC15Ljm+3o8e0s4IgQ9eNo0DNjN7epZ2v/3F+qeM
|
||||||
|
-> ssh-ed25519 2TRdXg W/rHOrVkQzPCNBCu6J2xsv4/yzsigwT/SM9FxHjaQAc
|
||||||
|
MI5WNlIzZPTLPetLfCcb76NDtJ+7mSN8UqXQklKv3hc
|
||||||
|
-> h`3/'SH-grease e|&qg 0Uy{ M5&
|
||||||
|
yZLdOHycHkENvjuF9S2UjE+dC8TpbZMrjor8qpwK3BhU3Wb+q9eDYeiXZKDMACRu
|
||||||
|
XeuCVT8NhzfzcFjMlM8A8sa6o5kAcqzkZ6ot2P2y2SXJc/1rYGxAtBc
|
||||||
|
--- 4bp3vaQZU2PFvto5mtSU68xh1nTR7FIUv3EF2VqrUYQ
|
||||||
|
½ÉºkQZÖoo‹˜µÊ\ó—õ…ôÜOÛÈá£eu=ʧCì5¨‰Z'•%±Ë¨¹Å4CV°‹é"ƒ÷~>qÌ” Íþˆä,-ð—%›´º·zi?}vñæ÷t<C3B7>jÞÒA£k?
|
|
@ -1,50 +0,0 @@
|
||||||
wireless-env: ENC[AES256_GCM,data:IbvDlDV5Yg4rqqo5JIzX3eyR4c37BGsqzejBHvSWjk81hfxblhL2cBZcw1hlXW7Q5zjaD0eP9akdqG1RzhdH3iaIhaIVKO8LrXsbYI7fyG3OHCxZYZZ+5QA0LnASi9QD5Olxo0b0RIdomUehnWfTegBiVi8QshrfN+G1HOWL1YxuTv67DWMnA1/XCMOgYpznYS8wzRy7VM9PQWYYISqzoFbl1QIxTJEEVKEL529NzM7TBd4YU+NpcV/TQpy5qQ7F7hSVPxXx/m4RN+Km3EbM1q8Nr0Bckjc7GeDK/P0959ofSzwBzvQyZuQ3WrALqroI21wxQHO3HgDWJlPu7+aRTxPXE2SQka7gqDK4UnZU0GBxDRFi9GKWjhAsqQyKuRH6do9b,iv:t42Gu9j+Qe9TCnjbeH6o4pz1cc1IYHZoHbWOrfIpazA=,tag:68UhGtmx3gH0n9hTO1xalQ==,type:str]
|
|
||||||
uni:
|
|
||||||
zih: ENC[AES256_GCM,data:toYEAmGZPwwV7seHcC4oCvS3Q3FFxQ==,iv:iGvVTZstsebStrD40J6cULFg/I31ynHogYjl9irW0nI=,tag:zeoo2uFTcsL25mNwG2ZjHA==,type:str]
|
|
||||||
wireguard:
|
|
||||||
dorm:
|
|
||||||
private: ENC[AES256_GCM,data:qZ8HCTv14z3+2AL1dHLd60MVUsUV458QdQteZJYQLVC1KMlzGe7KbgM1U8c=,iv:HMGxB4l7D/PL5Xt8A6jKIejJRL0QZF3x3eb2BtttXWM=,tag:KDyQWfk2EO5AR997JKdW+Q==,type:str]
|
|
||||||
preshared: ENC[AES256_GCM,data:5nEsJczcv6yl/0vQQYruv/di+qzrPNX4iAqZ/khXBZTh+095QNv5iStG7e0=,iv:pJof85k/bXuD04VvpSyn75uzvibGJ5h4HZOMta24FBk=,tag:YZ5SsLgkqaHLVU8tgvvhTw==,type:str]
|
|
||||||
borg:
|
|
||||||
passphrase: ENC[AES256_GCM,data:jhn7XwzEai+MISQpMnUDre6nJg6Gtx7B,iv:B7CDuHICxcnQJCY5fECTyAeSqh2YEmVqiCrzklmCF8w=,tag:DdtVluSE9ot2BiYtq0eUNg==,type:str]
|
|
||||||
key: ENC[AES256_GCM,data:rce8JHkx8JU83MJKYkMG9ylv1FdIbwSbKzD4JXxU+BEsHMGIHmqy95OASYasKRFJ8VjXiMoJbz2BtS6A5xcBbAKqrHx+ejgQ1qA70x7HFBMebRkBHZYP8n5p4zb2a+wD4pBKCHP2U3qq7A6ywU/2eVwNUPIqrJpTZ4VDxXZGpiz1KhDc60ryqzBZHZHX5QBLLQX+YWkNKd2P25+bZ1ub16VVGVUKA2VNK9prkD4vEtCbVZl/HjjS08bBwUzCvDxGRyqFPB6wtdE+L5tn5hY3/9A2lq0fisjo9tf6+XC8uH2gjgNjE+kzBqBLBk+974OI9BGRrx5mjIhSrx9HVDN/p10vAF7nuQeInIdH5P6vTfu5mEmwF8h6VoJ9UwDeuz82m+XwfvCRVSZh+nV5c7hMYEF255gEOt146BMXkJf2tKE+dBb2J/zr7zI5zHm9PcaDN5/Y57XCdDww2DQzxSCpleXcJhJl4xw3SXRNyZsnhD62INPzlF/ZSroj6QhDFJhDhLWcK7dGlQWgR6YbEiY0iJPNjAB/MeCv6jodyj6xlLBCcwEp8RA+dVIJxDVElFRTSAdmW0b/co3BeyEnjF1k8lExkUpyoVC1qWxanytlVM2lPy9//6iocQcniAFSQBMi9U89BRONMuopFZMGRc3/uEqnvoBq2GHVgj2xtc7R9fLyAOXw8jG+mT06XBNtrVWbjkY3Wl1A6n/rZ2y4No2rISm1PwQidPpNaiUYZJyccB7PZKY4F/E49n3jV3fmg2l/D33PRl347MhRg4Ae6itWc4uzU8/D3xU1LWe9W4AUTHYflpzlQ+xbLNCC4f3NQMbkxNDsks1MePuBW15erUaahsdkcoeqL7D/ry7NtOb1vk5cS181/IVL1F2MFGa/7Jk3b9RpvIByF9qIbR+I2noaSymPfTGDXHkC5urfUSMojzOxzm5dayBGuvHMkoCjfyIv47ZqyYegW1fM/DPn/bo+ck84zYQuj3zJY5ph/A3g7KcwVYNWRs7XQtSYyKm9Ytf2TKBaZBdIlqq2RJIQ0iHiN5W1OCRgKPEk6u9HvxTte7tqTLiV+aJ8vy9235Q=,iv:vRfpAtZoOAfTFLHdLYSUzftX1OaEr5cdm6L4FOKuFUE=,tag:TRpS0iMdU8wIFIBSkLtyJA==,type:str]
|
|
||||||
sops:
|
|
||||||
kms: []
|
|
||||||
gcp_kms: []
|
|
||||||
azure_kv: []
|
|
||||||
hc_vault: []
|
|
||||||
age:
|
|
||||||
- recipient: age1ejusm7c5smk5r0lcu7yynudrqc6j63pcyk9m4uh23f8kqd84cfqs88hjl6
|
|
||||||
enc: |
|
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXZ3BTZ1ZiMGozVUhFUDYx
|
|
||||||
UFhUV1Q5YzVuR1N1V25WckpMV3Fod2hmejJVCmRnQjRUMmhVbll6b0N2TmJOSFVF
|
|
||||||
cHNiK3NVSkJyUjAzMkNXWTNYejBsbUkKLS0tIFRMWXRac1lzZ3dvb1BxTExucDNh
|
|
||||||
YW1scVZDOUFaNUJ4UkFNT2U4eFh6VGsKfv6BaEvr0ibn1cSqE9GeUe4BrYwY9RTB
|
|
||||||
PNnqxnwBX01rCitKFfpNe1rBHazp+DDh9Dw2N+m/hH6gXvu7LjcwGQ==
|
|
||||||
-----END AGE ENCRYPTED FILE-----
|
|
||||||
lastmodified: "2023-11-10T22:08:45Z"
|
|
||||||
mac: ENC[AES256_GCM,data:77bQVALWGfVS9/KXc6B2kQAGiPgcoIepyaJfIckimhMPUe8qiwypn1n0S+RD46alXq7yPTiYACRdTZVvBoEO2eNxdYH8Lha4k2WWBlfucyosfrw/CdzegQ0hGo12JYukDChHRuf7RRjmrvTZ/o4EBFOJoElhtW3Kq0PQLFewPTI=,iv:6HEiVBwwATGmUomKmBkBmk5nRGkhSVJu89foTthw++o=,tag:Zkf6Ljqhn9Tle44BfF2QEA==,type:str]
|
|
||||||
pgp:
|
|
||||||
- created_at: "2023-08-02T14:13:52Z"
|
|
||||||
enc: |-
|
|
||||||
-----BEGIN PGP MESSAGE-----
|
|
||||||
|
|
||||||
wcFMAzUXo8ZPJwGLAQ//VVEf2kjskLK9GCYh0d51LrosaUAutDYvG/QKUqO7o1HQ
|
|
||||||
vXYHjSo6A927Z3uWPCEgJBufMgAEen/VNOLC/3nZ94Qb18ORLpvWYr3xFL6uQuGF
|
|
||||||
/8l2r0MMCkulClJDkwEd/BR2wp/VEwVnlAk22EYuGqn1xbp7IO48YMpMG1qSNcZ0
|
|
||||||
4BaXgkVfe11fB4mv5FGN3D6EA1PvXNBt5Fx64AUv6AqJRlkpjOmrpm88gPOuKQ4a
|
|
||||||
vwcqZnP7ryWGTJ+IFeKYDxUFYMhq0Dm+xvkfER5py9qIy3D/5rcG4kl73I+5sN+2
|
|
||||||
hN9/pmGEzi5EkHmkyRBSZ1oqLDlW/lXa3FcuAyjMRzU1sGesJLiDW7P8pTdVb63a
|
|
||||||
o+rVaj78V0dk7TZ3bIteJ/sMzZBM5z3h4hXIvyyhA5aiuw48FcPRqChdlbI6rDRJ
|
|
||||||
ZRlh0uYJdtGN1nqln24Do+Dp40pvceZCJbzxJjI9MZyQY3G3ilTTKSVt8V4+XRYr
|
|
||||||
89jffQEYH1qA0HmPP8QvrW3dRHsPYRsZgLNco8yOqOj6wdL/QqTfQLI7uZKtNBOt
|
|
||||||
M7rVKpcmCBoMBlc95qALI+v6eh21AbTMYkblWAEf36ufjyOTwWqh1lfl9UI/MwMD
|
|
||||||
vLJ9Z+UxP1GLRwz2kh5vr3b+6FKIahUuWsNH+MhaTYqCo4rzzXpIFYeB9Gcut/XS
|
|
||||||
UQHQajWoKDl/Gd/VOZHZWZEuNKz+3TzJzhVIY/RoI7QvhZipAIH+/UflEUcSEHP2
|
|
||||||
p20IEABHoFu38njZquAMRQoEljIl8T9bc4DxTrnWjoz4JA==
|
|
||||||
=1/wz
|
|
||||||
-----END PGP MESSAGE-----
|
|
||||||
fp: 116987A8DD3F78FF8601BF4DB95E8FE6B11C4D09
|
|
||||||
unencrypted_suffix: _unencrypted
|
|
||||||
version: 3.8.1
|
|
Loading…
Reference in a new issue