From 38423183eeb1d19318c3c0ec1e54b825728b1daa Mon Sep 17 00:00:00 2001 From: Colin Date: Sun, 14 May 2023 08:33:22 +0000 Subject: [PATCH] secrets: split mediawiki_pw out of servo.yaml --- hosts/by-name/servo/secrets.nix | 3 ++- secrets/servo.yaml | 5 ++--- secrets/servo/mediawiki_pw.bin | 32 ++++++++++++++++++++++++++++++++ 3 files changed, 36 insertions(+), 4 deletions(-) create mode 100644 secrets/servo/mediawiki_pw.bin diff --git a/hosts/by-name/servo/secrets.nix b/hosts/by-name/servo/secrets.nix index 9f522889..f3e3df0c 100644 --- a/hosts/by-name/servo/secrets.nix +++ b/hosts/by-name/servo/secrets.nix @@ -29,7 +29,8 @@ }; sops.secrets."mediawiki_pw" = { - sopsFile = ../../../secrets/servo.yaml; + sopsFile = ../../../secrets/servo/mediawiki_pw.bin; + format = "binary"; }; sops.secrets."nix_serve_privkey" = { diff --git a/secrets/servo.yaml b/secrets/servo.yaml index 6d82a9e1..426b6ab0 100644 --- a/secrets/servo.yaml +++ b/secrets/servo.yaml @@ -1,4 +1,3 @@ -mediawiki_pw: ENC[AES256_GCM,data:g7qM+CMU12apnGQ=,iv:q5K8sBAaUi47Hr0DAWiU1o5CVIO6zkdVVGJ5Zk4P9HA=,tag:CFpSmsflkNFG4kIBzrr5yQ==,type:str] duplicity_passphrase: ENC[AES256_GCM,data:LgPORB0HhIAfpJdQrwjS+/TWdOeddQ2YNYqfRbWhhuNlImuOlniPzrPaaFv+Mfght7OHs7rnuVr3tOHfeIEBo9S2z05ABOulttHEyeuyJZPE1/0t8IBz2gcNNWs4nhCYbVX3y/rSAG8bhz1Vdb2B/MiCicfJEZAqpXkRilQELXTR5cF5NnmEcR7zOso=,iv:NvwZhBbkYnTDt3izwwQPj4U4XAmiOD5Dv3sF50JA97o=,tag:HSJ5xr/WXn6MQdyV8QYWYw==,type:str] #ENC[AES256_GCM,data:5uf2kYCg8ZqoOLv50QNI73MYV0HDl4ML2xEKHPOEvCf/Z3aeM6ED,iv:ljqw6IBTPDodejMO2dcjLYyv+LlS/7r9nQ7RyiKC2Dg=,tag:Jko9tIhER4ByDbv5qhsfaQ==,type:comment] ddns_he: ENC[AES256_GCM,data:zAKbEAIMIsENUctG9bNAAjAty6g+w3QW5VM=,iv:ncIjblXnTiU3TQcHJutz9lCl0wBdWs+FybY0sZcnaH0=,tag:7O6EIob2/if1fcVDVEkVzQ==,type:str] @@ -60,8 +59,8 @@ sops: cWplOHBNWjlJdGI3ZWtJc0t4Mk9URG8KE+9IPGYZsIs2PaDJ2AUE4gB4QEj5zo6P aZVbubu6Tbg+tD/98RkfWAkNvoVeDYuLNPDNgqOL0UgCQiTrPPaTjw== -----END AGE ENCRYPTED FILE----- - lastmodified: "2023-04-24T09:06:45Z" - mac: ENC[AES256_GCM,data:TbognZqHbd7zCuaURGghuuekB4zaMGsN3FdeRycyZvAScIznSdqby1TDO7/Jm3UpabNZ3/JPJmeFFbu07xWQdj55Yh4SpMw2/c1bhO9BnoRpHJCi5D2O3tIKWUxTBWZcPGVLatGGEOLW/zoUQEi4pWz2wiKbwa4zoQT8KDsyHZ4=,iv:zoYcQyBgbzDdMz39oq0t47USRQohZCQ7j+cdzjOMMxI=,tag:KMMzbW00wtnhbZWlF33UeQ==,type:str] + lastmodified: "2023-05-14T08:32:20Z" + mac: ENC[AES256_GCM,data:rPfplkDrfnOyz9rKnzekaDUVdOCDHMBAhJqX1s5iZvQBkPXBrq7oUqtGc408Pz3BEsWtHHfH2znbJIbBRE3hC5pQ7GGyFD6woV01f8/ewJv4D6BlEJSPsK4mwPc74R0cEDuC06drL6b8plbLUwCVB02yfY9YEXFlAiMCXgJWQJk=,iv:F7j9IW6RBO4dxFHQqE/JMZwgZFpoKton4Ciy8PN/8Fs=,tag:7h3xtCNcYCn5ccv4NZnBUw==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.7.3 diff --git a/secrets/servo/mediawiki_pw.bin b/secrets/servo/mediawiki_pw.bin new file mode 100644 index 00000000..5d7a80ee --- /dev/null +++ b/secrets/servo/mediawiki_pw.bin @@ -0,0 +1,32 @@ +{ + "data": "ENC[AES256_GCM,data:WLDtem6SgJk5SKT7,iv:bGP+d45uytuX0lfgR9w+CcNvdnn8l4McwByJYcer6s0=,tag:Rvyx2wG6iIzn11Hh6jBlfg==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age1tnl4jfgacwkargzeqnhzernw29xx8mkv73xh6ufdyde6q7859slsnzf24x", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3SEQ1U0lQOE1yOCtTQTJv\nWW1KREp1UnFEd282WnJ1cGRLV1J5UVNBZ0ZNCmNYb05MR0FXamYzYm5uQ3U0bDND\nejRuS3kza012WlN3UmZpQnRrLzIxOTAKLS0tIFQydE9ON01GYW9KTllrM1ZuTWdi\nVi9vTFJMRkVUajJUMnUxWG5Hblc3RUEKQJmQTa/t6U0/jGitS+yBdedS3AWov7GJ\nv8MmKWFjChU8OfwfGog/cAqbCw5sYUS53B780FbD52vosDmiqNSEpw==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1j2pqnl8j0krdzk6npe93s4nnqrzwx978qrc0u570gzlamqpnje9sc8le2g", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHd0g3enpocVZoODdIVTQ2\nNVZzNXdTM215SVNjamQ1ZGREdk1sSi9Lcm5JCmxqZXBYT2NTdytSTEhwa1VWZmJG\nQUNQWVlPWm9Db1JpRjBwMjlsT0syek0KLS0tIHlzRFd4dzM5VWs4OXBKdDJiQk5i\nbkVWSGlmWEtDYlUyNzB0Q3czUWVFa1kKB2uvnr0GdNRsiy5rgVseSN5HJ1u6ApbO\nchVChfhd/WQqBzIixqkDZWnB5Lt9Yl+ZerEtA1VxXu+6LzyEIPTshA==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1z8fauff34cdecr6sjkre260luzxcca05kpcwvhx988d306tpcejsp63znu", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2aDJFYkVWckZOQmc4RnY2\nVHdjNTVSbldUZnowRlhPTWR4bWVnbGtKL1Y4Ckh5Vmx5ODYwNXUrMzBNVlk0OU1k\nTzI0UUhlS2ltN29BeUgzeUFwZEVFRWcKLS0tIFM4U1hERDdxNUE0YlFMZ1FwOXNR\nQ1dvcmd2Qnloa0h2VlhRNkVJeExGSFEKWEj8//xksTr5DIKS2DRBWllY15f3dUvT\nBbBPYYIRrxG37CBKEyPE46EKaMG2q3nyqqe0bLtymww2mq5ufLmWYA==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1tzlyex2z6t88tg9h82943e39shxhmqeyr7ywhlwpdjmyqsndv3qq27x0rf", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxRnlWSldBNUJMTkJYQndG\nN1RZempwbERxOGt1VW50d05Kc05DaDJ3cFZzCjQ1UzlCeFp6MGNNRG4yZTZyNnNV\ndWtZR1BlQ090eklRcUpzc0pPeTVRajAKLS0tIHlCcll6WWhLOEhQOGYybCtGb0dI\nK2Fqa2FyeW9QNDRjMlNBSldjU3p6UnMKDWxJhzxauIp2tvplisulYDY5rF751APT\n0PY/+STPvwVbPKXRKvxF0B2BoxijUqk6kYHxU/EkKs0CpGv88Euy7w==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2023-05-14T08:32:13Z", + "mac": "ENC[AES256_GCM,data:Nozu9cCTmKVm0FrPYDZoy94itJ2pebyfwVXtgNQqO1MWjdrIam4ddqpBA73t76WZb8LI2vPvvbjM5ofmE15YJWWv/WpFEJHu538msMVS+110DNwzggn6KkL9CNA9mOChJDrclGvu1ONDFvf7LRg/Uw40ZYirVjQ4RBmf2cQTRvo=,iv:NNb6BgWKyhB/aNsthYgVfiFtFNDlKf2pqyk93YjRsxQ=,tag:vdLmbJAZdbwdUWq9KzMuzQ==,type:str]", + "pgp": null, + "unencrypted_suffix": "_unencrypted", + "version": "3.7.3" + } +} \ No newline at end of file