From 4a448a1bf10f8c6f89a1a988313fb012730b8619 Mon Sep 17 00:00:00 2001 From: Colin Date: Sun, 14 May 2023 08:37:13 +0000 Subject: [PATCH] secrets: split ddns_afraid out of servo.yaml --- hosts/by-name/servo/secrets.nix | 2 +- secrets/servo.yaml | 6 ++---- secrets/servo/README.md | 2 ++ secrets/servo/ddns_afraid.env.bin | 32 +++++++++++++++++++++++++++++++ 4 files changed, 37 insertions(+), 5 deletions(-) create mode 100644 secrets/servo/ddns_afraid.env.bin diff --git a/hosts/by-name/servo/secrets.nix b/hosts/by-name/servo/secrets.nix index 8e4b1653..4529152b 100644 --- a/hosts/by-name/servo/secrets.nix +++ b/hosts/by-name/servo/secrets.nix @@ -2,7 +2,7 @@ { sops.secrets."ddns_afraid" = { - sopsFile = ../../../secrets/servo.yaml; + sopsFile = ../../../secrets/servo/ddns_afraid.env.bin; }; sops.secrets."ddns_he" = { sopsFile = ../../../secrets/servo/ddns_he.env.bin; diff --git a/secrets/servo.yaml b/secrets/servo.yaml index 9d73ee61..591594f7 100644 --- a/secrets/servo.yaml +++ b/secrets/servo.yaml @@ -1,5 +1,3 @@ -#ENC[AES256_GCM,data:s9NlxWPP5H3OV0PNEWz81XuPX3EXCz7GWcoJcicXpMatLM8d7MvvUJzTWCX29KIcpfXnN/ASjhML+SnAN4l+JLm2ltTJbcIVnpcWvcQ=,iv:9q73OtDm2o0YwpOYB5x5NH1Wr+QQN4lmbgJkCY/UW2c=,tag:qO6UvqGQCCl04pr2nNFauw==,type:comment] -ddns_afraid: ENC[AES256_GCM,data:fTjwU7DoPDXulmjUNXSe5FVLGv4DvPvIHYCLwagVmKXlWOc39Rsco2YGf/kcoAk5oXqUdtdwuA==,iv:x0QwZb2xne8w7BaOXq4Srh5YbFldwLFsgdfK7WE2LGI=,tag:s8QyDBma/ljcSzAY4V1vkA==,type:str] #ENC[AES256_GCM,data:LMfqz2Rih6CR7RcCbA==,iv:MQ7z93Mhus2Z2q7HZMk4BzkkY/apBIR+9hIiZlknolc=,tag:HU5McecdYk12I3AcvVHEBw==,type:comment] #ENC[AES256_GCM,data:zhL2iNWZ8xPbBneffWcc93ZCW/SDv5FH,iv:P3a8+oucJRM8o7hnHUxAvefHdZEAbKJKhK2Y1+r75GA=,tag:VFvFucE5c780RmspW7p8Qg==,type:comment] #ENC[AES256_GCM,data:N0wn6NUjQKXFbSULhrKzqDc4bHVbM3JLWJwOu5Zoi00gCKSiMA==,iv:9NhoT+OM+bjz4DwRRm2c4rTBZ3Jr6eMOY7F1l4WeE1k=,tag:inkd6kw8HvT5Tz3UAbIklw==,type:comment] @@ -56,8 +54,8 @@ sops: cWplOHBNWjlJdGI3ZWtJc0t4Mk9URG8KE+9IPGYZsIs2PaDJ2AUE4gB4QEj5zo6P aZVbubu6Tbg+tD/98RkfWAkNvoVeDYuLNPDNgqOL0UgCQiTrPPaTjw== -----END AGE ENCRYPTED FILE----- - lastmodified: "2023-05-14T08:35:31Z" - mac: ENC[AES256_GCM,data:YwsU9d+FIRzH+aHLNkmyXS3dUC/hd/RZQSCuJSK5SiHsla/3OFPZ1m3WQjPGdz1f3y6J8mENfIa/HWjsKBQvC7TSozUpAmEYlJvU9tMHL1xfZOgWTMbc02k49wx6Qmgc13kYhEnFq6ilsxc6zJEzf6q04v4n8WhNbHx91YpeE+k=,iv:EgMKr98SBYDP3KZ9Ys51EcRbCBxmekjmMkRm41OrrTQ=,tag:geRl7b+blhFscycy6mOTgw==,type:str] + lastmodified: "2023-05-14T08:36:58Z" + mac: ENC[AES256_GCM,data:2gMKos8YZ/hhdOVbcRNFFh9OLQyeUZHoQOZRLNbmxRg48+gwBtNz1gUfkS3+7RjITt0xG+kwftKtwc0VlUwSZYlwtCcFym13cRs4Aqr1ITuR243lRz8lzGGt6eF0GZcf5mpFzratR6r3PBFFmXxrYqa6MpFgLd0J1l26WqNwsuE=,iv:pnDwYOWaFRw7fEUhxK6Csz21NxPdZ3e8UK3Twf54v84=,tag:ZA3w1r4w4kIqQ46gXj+ehQ==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.7.3 diff --git a/secrets/servo/README.md b/secrets/servo/README.md index d2eda349..72c416b6 100644 --- a/secrets/servo/README.md +++ b/secrets/servo/README.md @@ -1 +1,3 @@ - ddns_he.env.bin: Hurricane Electric (he.net) passphrase +- ddns_afraid.env.bin: freedns.afraid.org API key + - viewable: diff --git a/secrets/servo/ddns_afraid.env.bin b/secrets/servo/ddns_afraid.env.bin new file mode 100644 index 00000000..7e732d24 --- /dev/null +++ b/secrets/servo/ddns_afraid.env.bin @@ -0,0 +1,32 @@ +{ + "data": "ENC[AES256_GCM,data:osFpGo9Xww4E+h2XaU/6rXPJyg/7Gq/3nOaa8OytLtMXNie95foysy18RmyBBOevDvQGcshRH7w=,iv:s3Mn+Ma0X+/Z6SvlMNx9E/IrQO58pTZTo17ouglq63g=,tag:HYrdnvGBCPqpwACekN5FqQ==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age1tnl4jfgacwkargzeqnhzernw29xx8mkv73xh6ufdyde6q7859slsnzf24x", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB0WkJ4bGVuWVJBb1llNGEz\nQUFiMmQ5YjZKNXhIL0tleHJNdTlUREpPVXlJCk1pUmtSa1piUmRhTkNyNXNFeTNK\nUlgzS0Y0U2NVZG42WTNRUm5iVHZtL2sKLS0tIHd0RmE2OGR5T2lSU25Yb1VTVDBE\nQUUwam1DemhzUU9hQ3pCeEljTnBOQlEKGruMYOaLTg1c8f+MsoAzFrPz5Msi3Tiy\nOl8Imhfk/jnTeI7fQd8h+UZ1F+V3r/NTrIKiIJwAbdKhA9TPr6cMXg==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1j2pqnl8j0krdzk6npe93s4nnqrzwx978qrc0u570gzlamqpnje9sc8le2g", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4MWo2dVlNblUvWHdaakdt\nU1RYMWQ1ZjRYQXg1amhFL2Jkb3EvNEo3T2tFCk9pZlNOdUhvYmJHcmZuczg0ZFRp\nZENXMmdXWUZtODZhSUxMa0dMUUdTVzAKLS0tIGpKSFVVelMrTHRYK2ZYaXJrNXRV\nZUJ5TDFwZjRaNUdyWlZzM21zS2lKejgKrlm3S0eq0NuL+bpGnsaeQRbUydtOZLjx\nA9me74Y9QxuJ7B6CcF7n2wcIh6QdratpCjJUZdDDbxObZCZmwes55g==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1z8fauff34cdecr6sjkre260luzxcca05kpcwvhx988d306tpcejsp63znu", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkZS82YnVUQXlpVExHVUlK\nVlREa1A3L2Y2NW93bWp4bW1xbFdqUGZaMEFnCmE2VnBGOElXTXE3aUk5VEk3L1Jj\nY1dLRzNyMEZiVktkZ2diTzRoMk1tZUkKLS0tIG1XcVp4UTFQdTFJQXFxZHNjdnZq\nU1NPM1B1ektaM0IyK3FWOUNMMmFvaVEK4+CmM2fbvNLTe1IPNdQ8MdOZtvvGclv7\n/RTzzpfKoULpt2KqaGOTIgj7WqsJ4va/8wblGuaJd2lCW5+BJodyEA==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1tzlyex2z6t88tg9h82943e39shxhmqeyr7ywhlwpdjmyqsndv3qq27x0rf", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKTGRtL2ZWZHdtTVFXVUJM\nTjBHQ0JsNnFsZXdvUnc2VUFjZUpJbHkzMUhjCjJ5eWE1cTZhdEpobHYxclNvVFMz\nSmhUeVAvU212YkJZQk5jVklXL0ZJcmcKLS0tIFAwVDNvNGtEWkNYamlqM0pCTkQr\nYXh5YlB3WklnYlFEVDFRRStkU1lTT0EKxTEMkT2Q1UX3frdMWF1IbHGkT50b56u4\n/JwLrXOMItFwgph1UDwwVXSVoBsWXaLWNRSvTN8u+DOGmCUX7bMcrw==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2023-05-14T08:36:21Z", + "mac": "ENC[AES256_GCM,data:WL5DXm//VlkZ8SJdpqekZ0D0RuXE1ZtAK8wD21eQ+ZxUfI3OshesNfXDw9+SDncfpnRaaMEu7rngfAaUIzkLN7EtCfpTMiLj0oFzQCNOLXG36DHX835+P+1eBjv/QwwwCySFthDrrrV7dg5hCpUV1w8V9APEXIIJr+VpMc8/DSU=,iv:Y3NP+SJiTsYdr/IuWTEQcRsN0zPDTls0deEQEu9dh+Q=,tag:knmwOb0EiOVEGO9CcTWAUg==,type:str]", + "pgp": null, + "unencrypted_suffix": "_unencrypted", + "version": "3.7.3" + } +} \ No newline at end of file