From 147b1c50b2ba273f04f39f7545b355ec07a3a7cb Mon Sep 17 00:00:00 2001 From: Colin Date: Sun, 14 May 2023 08:44:37 +0000 Subject: [PATCH] secrets: split pleroma_secrets out of servo.yaml --- hosts/by-name/servo/secrets.nix | 2 +- secrets/servo.yaml | 5 ++--- secrets/servo/pleroma_secrets.bin | 32 +++++++++++++++++++++++++++++++ 3 files changed, 35 insertions(+), 4 deletions(-) create mode 100644 secrets/servo/pleroma_secrets.bin diff --git a/hosts/by-name/servo/secrets.nix b/hosts/by-name/servo/secrets.nix index 49b6e47b..b8911060 100644 --- a/hosts/by-name/servo/secrets.nix +++ b/hosts/by-name/servo/secrets.nix @@ -38,7 +38,7 @@ }; sops.secrets."pleroma_secrets" = { - sopsFile = ../../../secrets/servo.yaml; + sopsFile = ../../../secrets/servo/pleroma_secrets.bin; }; sops.secrets."wg_ovpns_privkey" = { diff --git a/secrets/servo.yaml b/secrets/servo.yaml index 1e4152c0..95bd6f57 100644 --- a/secrets/servo.yaml +++ b/secrets/servo.yaml @@ -1,4 +1,3 @@ -pleroma_secrets: ENC[AES256_GCM,data:TSbNUptz/1vybQAl1cBh6h75JR/yYue/zkAOoCrevQtZLuwOioTNGCesSeD/Y2O387N0BD+reVovdmfDA8WqvUnUZ4KpIjXRe+fxAxw4s14/BNChaSohCtADN0919JrvxjiKACizvgMNKmcP7PXsaoXMLmY1jh1VjK/3xL5+OMa1sHH58fndwgVF7f4XO+7VRRgYfUdyDobLPyE5ESKCYLWA2dUIuGPMo7zYQPVe++mgJ3S44Spx1AmJ+XNOf8z+GhQB3Fcc1yITv+drUHeBGC4Y6vVH1gEQA2K1kqSTEaNcPFhKBnN1ITzee24ULozNotdNPDWvv71K/ZdgZ8qx3hRECUGTgTSpqE5IlCk7kDYyyLcH28+yUurto6sNo4k28tiGh64QM5r4mQepfkFpDs2aNXE+EwF4/+wxlzZj69flIAtkN7i5YTj9tKBf93rs5zNuRpNnNCclcD1XukbUp4mMt4t74TdYH3uN35j/bIApEGliiU8TTBxxLXFLsCSxXJPUhNGdIPwuYivp4m9joezID/U/LBT+0qOB4+tuPk+C2Z2vp4i2a8G+VvBFqCKQWpflZS9hO4flyfOTJ3zquuWozbsqFugLjeqj+/4c0BYOL5gWnvitbqTQJtmzf/XncNL9UjmztbQg+IzCx90xb6OHX77G+beiiyz+ASglXkiN++17Wi5+0PJQFSLgY4JKbQ5Au7X5KzRAHFrB5NpekhaoIno1QULcrl8QJ0jiB3NLW5uE9MPLZDv8kwK01mcR5iaUv/sYP3OXDui4uQ==,iv:FmAx/D4u7XBysO53kbpl9ASnGwTD0w9wSi+9hqQOKl8=,tag:5pngKmp07l2KCjMXUgZqhw==,type:str] #ENC[AES256_GCM,data:RdKGF5jpu91pgr8dkekaBED+3vlA8C/ccWSeS8fNFXZ0JcWaeDq+za6JO2X13+7QHIMQ0doOFJmvVmAlrV7pM6tenCqXxyvYmNL1dfHS/x7s8XJFCzDzubzFbWc=,iv:SisRMWRBHOkBIvdNmbdpaWLQ6Nt3JuPpddGdg+ufwSs=,tag:r+7lgrucNMIc07sG7RVE7Q==,type:comment] matrix_synapse_secrets: ENC[AES256_GCM,data:bjqs4r8g2RHNnlr+nr0EH+gfLkh2xntLZgd/ArMXvmpkW3ldjzrUPQGVlJLUkrkHG03NaCVCNthnb3PxurowjLh2J3fPXMvDXWQlmOIwOAq7Bixq3LIA5ejNFLieRLe5lacPVkkrBrdJEzXeUISuuTaEw4QPrpntXuqlQ36HNgfXLQvOjTWbo0cI51AKjz0SHzFsPw0gYRsUkvbnVu9dYEhj+tybZjWTKvYeVVXFegop50z3utLJPZf5G9bjUE/7U/AburW3iMyvdpyEJQG4pc+4Yw+cMoZIWbUBQkTK6lQJZVTDRffj4vfyVlQm5D0ZRv/QhRsKa1jy9PvmrNUCiAtMfSh0OThlOd5CwGcMKnaQZfl5jG3E/Q6/GoeJzzhN0Oe20x5hJFEh3qlsEeuHTyzP4/rL6ZVuwZH/IpDEL8lWgFSKeud4VSPfacpstNmtEhwMXrr+JNsw6WoJYpItqJ2oaYXL7NlVO7TK7nsu0vuT9H2pRcfweqfdHwkje2Af965QEM3zT4qEgHXf2ZFPrLgySCibCV4IxxV72Y60FN9kSq5zEVA0WhkaiHjqc8T7QZ4NnU78GT5w1SSVQR11hgq0R7/MgSp7egDGuEbuMoIuqqHTWvaNeOUZRFcTSgHLt1A3Mb0War5ngNLnyRrJ79P9DrU=,iv:q2LBAhexpFSg/EFCYzCc8TcQuqLkPPM+8fGaFYhnOQA=,tag:vIOLhtadKkuxBS4cVWzwvA==,type:str] sops: @@ -43,8 +42,8 @@ sops: cWplOHBNWjlJdGI3ZWtJc0t4Mk9URG8KE+9IPGYZsIs2PaDJ2AUE4gB4QEj5zo6P aZVbubu6Tbg+tD/98RkfWAkNvoVeDYuLNPDNgqOL0UgCQiTrPPaTjw== -----END AGE ENCRYPTED FILE----- - lastmodified: "2023-05-14T08:42:45Z" - mac: ENC[AES256_GCM,data:+wHKgZC0fzQXMvs4AhwiwqYGg/JotVNZFsBrW/HtffEll1RxH4umjA9BTtRCv1Xjd4g9NODpLj6BVvlbioUGuQENAx1RpUsnET43dIs5a6THLVOKNpcsMiek83VofFWzWdOovsbB5z4F6px/9puUMqLogAeVC0JENVst0nkfAYA=,iv:3v41zlq8Oczuz5C4fvTkXOPRmE+ufDH/ZrlX5sKTkcA=,tag:YJNnmnyAQVyWm2fghekz1A==,type:str] + lastmodified: "2023-05-14T08:44:24Z" + mac: ENC[AES256_GCM,data:xJpopjd+RE0BDoRuZYYj9+jqDN0BR9fejcCX4/XuqB3gsZ0xGoF1ir4mth0Gl1/7R+sMfkOrPGw2XsQ6AKqQJeAEHRuKtfmJOrTYIOhbRp+dW9QnLYQaJQhHzHwZV7OtsdrWRdMQ6/VXCXpW4QFOUoFGR1/6Z/tjH2tQV03J/To=,iv:e5GLYo4lavAjs6zYfExTDEkiWUZ00ZYqEsB1iBDS0JE=,tag:ij70qxpqvhKwMD9R142L5w==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.7.3 diff --git a/secrets/servo/pleroma_secrets.bin b/secrets/servo/pleroma_secrets.bin new file mode 100644 index 00000000..36aa7515 --- /dev/null +++ b/secrets/servo/pleroma_secrets.bin @@ -0,0 +1,32 @@ +{ + "data": "ENC[AES256_GCM,data:YrFJZ2Z5bx7YxEdCWQN1ufWYqtfWtHV27xCMnzhnqrK6J/XysxIhUhvVaiPgJaIspthD3LztdcjnqhXCWkEgE1Oin7yUcyIcHPzgESOBb/Z5uhcKs+LIpc/s89gypPjFgoA8eRKWZ33CxdmOTfxPQC9K814WGG9pLwcD4+Du4CJCJPtlnJVZOpkYp0CBk5Vz/mVZwe6k0K5sbXaxhX7/Yn77QMNfuiqPFqJ1sJe7s77pVMycz67AJbcXyZBlzujpqmjW8slDCGbCWMhSVBgbNdOwg+vLP802izcXAMMDsbK5WVN6E/cUs2WN+YCupTKz9IOZ3txG295050PeVbkYbxjBDduWRodUOkfniz5cD2SxE/0EX6KGYnO1jcT8SbVg53Gp4AoS+BcN99U/L/SfLX+ZbDnVizbhfuCGjNLFExPwV+ZuyT/GXdPvjoaGSqRO6GIzYvlPujRSpf4YBOlDpiEeytkALKZLI7kWV3HBu5PAT6sv3aonwXmvIEfnHwx5WAkUsTncwu/u6h2pYkdxy94aCYvjYI4+d827gBSwkySYffUHA7c9dq8DPCDVkP+WP0csS6RkC7QfI8USeZ15LNXD9YfOXBPBZkYc08QYNOtCPQNDEkXBpnUnYCJcHmqqukxfajFZ9H9UqRjEFTKzF1GFDmm2MIADE9WSK7qyJILHoaQlYOCHRpYwWlpVJp80qbfgcz5R53MO7YSA8IKCQhoIIvnttio2kmynqT3znBmSdsKfhb4VFhGt0jMKaD7eVbid7grBsQm3hbx9paXY,iv:zPc3xc1RnHmibuwSh1wRAU8k5IiFc1rB+lSP0kxBwfE=,tag:oKNXs5UVHR1st/9YQPTDvw==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age1tnl4jfgacwkargzeqnhzernw29xx8mkv73xh6ufdyde6q7859slsnzf24x", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB6RXlTcHMxMWJyamhORXcz\nZVpHUjg0RkFCV3g4RU0wV3JhOUovcURXeGdZCitmK1NRSXZzWExoTENMaWYrV2p6\nZmx0MlZHdnBTRm8rbnhPZEk2NVd2T0UKLS0tIGVwTlVxdVRydFVObk1yc0tERzB3\nMDdvQlpjS3U1NnZ5Sko0aGdieElkQjAKz775oFvvRKN2VQe8Bw6WUb0+cVmyRHdq\nut75ViIXdLA501DuD4vWuI9XmQQW413JVohYFUA81a99FNfE/CIftQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1j2pqnl8j0krdzk6npe93s4nnqrzwx978qrc0u570gzlamqpnje9sc8le2g", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4UFlQem9QZ3ZKUHloaGZT\nR0ozdXFSOHRHWHpQZi9XSWgwcS9IWFE2TmdJCmx5dmpNTURyWTZzMU91K2FkY0hQ\ndk91Z0p2aUNoMWhVdW1CTDc4anpXNG8KLS0tIEppeDh1UUlyZ2pVMTV3ZGFSRnRX\naTBDUm11dUlPcU1ENStPYjJtdXJEMWsKqJbHpqa/LyH+Rmu03V6pwdcG4heM7wge\nrBhLW7NhI/3qZCUdpE3F2PC/jhf4BDPHHAjlGAwUFhfK1aoKNuo2+Q==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1z8fauff34cdecr6sjkre260luzxcca05kpcwvhx988d306tpcejsp63znu", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmUURUaGZYV3ZsSmpoQUZZ\nMDdZYTkvVDllU1Bzb3Z1bGlOZGw2MWFyRlFZClRRVUtXM0xwK0l6QkRES2FERCtr\nV2tsNXRMTHhpaE14VitQK2xWZU9wclEKLS0tIDNMckZuM3dWOG8rcDdpOUJUekNw\nSU5kNEVETFFOL1A1K3VQeE1xcEdEcWsKWTm+2/5Osi3rdAAkV/mpQfMBchU/l1RZ\niXH1mScHg8IiySub6ABiSUtoZKkswR4yftM6radeAkd72qpnPrFXBw==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1tzlyex2z6t88tg9h82943e39shxhmqeyr7ywhlwpdjmyqsndv3qq27x0rf", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5cWowbkhZTEd1VUh4dnBM\nalorSjFkOFNLcmpFeWwvSHdvWWlLSWVpT1QwCm9LQjBFT3JZRHdCUmlVK0tmdkhO\nc0lXeUpkNEkxNFJ6VDVoM3FWVU90M2MKLS0tICs4aVkybGhTZVB0U29nTDd3Smow\naG1FR0hDN1B5RjdZMFplYkkzUjlISTgKNE6O7+0Gwsvkq1BZJZXAVv651V7J880I\nkgb8yqsiOVqQNoeq+mmsp+yoOXWPURIwkxIlCnFNcftnWfCuruI51w==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2023-05-14T08:44:10Z", + "mac": "ENC[AES256_GCM,data:EqIfK3yUUoNRP2IOg9KTBF3MmXRnKbIfKrMDKrk1aKxEk/p8iyP7cx5APxFOrYSKxNYq1c/uLx9zBFXafG9njOnjdV7Yy3xkANZaZDxXEAS4MnxkX/DCOyw0nSofcSKB8L9Dyn7X15CicKIGtwdyiQLht8+4Hfhef1sKdQVGou0=,iv:Dsw16si362vcl9tDuoWaJGN8Dv0eBJGGPcrjuEycaiM=,tag:0LyMJ5OMlVFUq1UzeYCvdA==,type:str]", + "pgp": null, + "unencrypted_suffix": "_unencrypted", + "version": "3.7.3" + } +} \ No newline at end of file