From 58a5a8b56d52711b206b2ec3f3a55d03b2ad05ac Mon Sep 17 00:00:00 2001 From: colin Date: Thu, 19 Jan 2023 09:47:44 +0000 Subject: [PATCH] wg_home_privkey: move secret to common file --- hosts/common/net.nix | 5 --- hosts/common/secrets.nix | 3 ++ secrets/universal.yaml | 5 +-- secrets/universal/wg_home_privkey.bin | 48 --------------------------- 4 files changed, 6 insertions(+), 55 deletions(-) delete mode 100644 secrets/universal/wg_home_privkey.bin diff --git a/hosts/common/net.nix b/hosts/common/net.nix index cec2f2c7..9f890e73 100644 --- a/hosts/common/net.nix +++ b/hosts/common/net.nix @@ -64,9 +64,4 @@ } ]; }; - - sops.secrets."wg_home_privkey" = { - sopsFile = ../../secrets/universal/wg_home_privkey.bin; - format = "binary"; - }; } diff --git a/hosts/common/secrets.nix b/hosts/common/secrets.nix index 811e32bd..57b6e70b 100644 --- a/hosts/common/secrets.nix +++ b/hosts/common/secrets.nix @@ -67,6 +67,9 @@ sops.secrets."wg_ovpnd_ukr_privkey" = { sopsFile = ../../secrets/universal.yaml; }; + sops.secrets."wg_home_privkey" = { + sopsFile = ../../secrets/universal.yaml; + }; sops.secrets."snippets" = { sopsFile = ../../secrets/universal/snippets.bin; diff --git a/secrets/universal.yaml b/secrets/universal.yaml index f16bd52d..8fb1f7ff 100644 --- a/secrets/universal.yaml +++ b/secrets/universal.yaml @@ -9,6 +9,7 @@ wg_ovpnd_us_privkey: ENC[AES256_GCM,data:5YkQ4r7HNWiRr/5pa1XfexxtJAz6kDjX+hNiZch wg_ovpnd_us-atl_privkey: ENC[AES256_GCM,data:NMguzx35VvOAo37U9pGD5bYa/ghWeSK5tVh2XRNsfKjMPhMa44lm3pTscdU=,iv:f9hBhMksL0VGT8k2RsztU9AjR2AIIL+Z2Ls24UOPeNA=,tag:C46xDGb2d32mmHWl7WQb2g==,type:str] wg_ovpnd_us-mi_privkey: ENC[AES256_GCM,data:uEC3UOOqn1l7KwGmOxKvXccPR9Gu8/BNTlpXxXlNWf19/pIX1CLPORUWme0=,iv:cnPGghGBAsIsR86F1hPZawLWlY/pLCNF/1cg6gjrIKE=,tag:LqMbpGklQH0GX7dNNV3/8Q==,type:str] wg_ovpnd_ukr_privkey: ENC[AES256_GCM,data:5zfhsZnBk0Kb9Nb/3igsV/fN0ZDjwTAGTKyMLMly/l7MlJe6MEmd5Lv+JT8=,iv:Mov9eUP8WfvzfZ6NljgLolJ49GSqR7eSV+k0dgE1+1I=,tag:O9UtGX2qt+qEvabcsA0vIA==,type:str] +wg_home_privkey: ENC[AES256_GCM,data:c8wabBMlip3QlJ6P0ZMU/Y1Sp5V9NjVRB0sQGr9BGm1LFoSs9pkS+Su+SD8=,iv:hnIjd15g+zWqPnXu4puLrKSn2N4zVrXp32xnb315VQk=,tag:hFKSV6qb5ns9CvvuXBWLLg==,type:str] #ENC[AES256_GCM,data:qlF8rpSMUv6Z/YrOTp7WYs0lcpmSIi/r+gCuiw==,iv:cneNp/0av/ttQvnW4JVX9mj3261QFAzkLIzEMwiKwE8=,tag:FFsPUQBsSeImtymawY4eSg==,type:comment] router_passwd: ENC[AES256_GCM,data:Tya3Pd75Yu4=,iv:lqi7SavFnymL+uOQXDEzGxgikB6/ckNOBifjhyjXn1Q=,tag:HG3kf6e2g53uNUGI9FXyqQ==,type:str] jackett_apikey: ENC[AES256_GCM,data:2oGczau3f/w/5iCx3aft0V/t0tO5zsr5Xi/HQ1koTTo=,iv:33VPT8GYCPPJ2RUBP6yuLep9YX/VMW9Kt3MyQPmZuO0=,tag:TUIbutJKV5e3Kc9INk5VUA==,type:str] @@ -90,8 +91,8 @@ sops: YmhsY0FaSW5oWVNJMlhUSDRCeWQ4KzAKaQp321XYtAZ98f4QMl5PxivAYm6VMF43 wCThiQgvYAP59jvVDTZngvfWAD5PyWVVvMNbjHGvAzK5WnsTPmxlsg== -----END AGE ENCRYPTED FILE----- - lastmodified: "2022-12-26T08:04:00Z" - mac: ENC[AES256_GCM,data:zUXMF1Rwuf3ruypEqTxCPXidMERGVp/rx8kfHhEeEmcs61ejf6M1gjhXDBLk5A+s4FpVA++aUwn0Oix7FCEor5CUmcckITgLoZfQGhjz3kuxZ+fsUnJ7Cgp/+oQYsgsntVCVMKoE7u1D4IQt7PWyrJ9Ye0HVsN50y47jTsLKsKU=,iv:NZUnhxz5WVFvORIffynFLV6xRLdZgEoLW0T2D5yQ3Ac=,tag:IQ8Qq9/T49U+aQDjqvIEjA==,type:str] + lastmodified: "2023-01-19T09:45:50Z" + mac: ENC[AES256_GCM,data:v+gQu9PFcLXxatllrlMX67ZaIr4MIn7v0YuQEfw2ZnIgcxlukW/wInCf8aOt+172Yme1e/YVf4X8KePUNQlFwPdfw4S+NDUSC92Kuu3/ZD3tYk46VGNPGfhiz9APeCej6oBebo4RBrIhFq5HUJe5pm2W5So/YAldUnCmfgSNyBs=,iv:plMcyLC3fj7KpOBbYcSDmY7vZpV/klHre12jbTKUhVw=,tag:yiJR3HmVYApF9CXruGGq4g==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.7.3 diff --git a/secrets/universal/wg_home_privkey.bin b/secrets/universal/wg_home_privkey.bin deleted file mode 100644 index fe1fefa6..00000000 --- a/secrets/universal/wg_home_privkey.bin +++ /dev/null @@ -1,48 +0,0 @@ -{ - "data": "ENC[AES256_GCM,data:50c9YIh5/mxk0PMGCI8OtEUjzvi8H/6umaN3ZP7MEHa70gXS2gJvmht/3ma6,iv:OvnpFxXbhzMFuuxkQFCecr2DUlqWDgDNJ3cGkGlG8G4=,tag:36iEWn4pM+9MrklYMR+42A==,type:str]", - "sops": { - "kms": null, - "gcp_kms": null, - "azure_kv": null, - "hc_vault": null, - "age": [ - { - "recipient": "age1tnl4jfgacwkargzeqnhzernw29xx8mkv73xh6ufdyde6q7859slsnzf24x", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkS1o3UkFpTkdLL2tRNG8r\nMmFjb2pBTnlXYVc5cEVzUkcwRWV6aWl6YmdRCk5pa2Q0V1NTWUJxWkJEeVZIbXhH\nK1l2KzZ0NE1JQVJGdDhzRUVBc2o3UzgKLS0tIDFDNkROTWNvYmMwOTR0eWxPdmE3\nL3FHMTZaQ252d212d3hMQ3lnNnU1QkEKxuckX3jmHbR8UoGHgeGOD7cq6/Fzlj4B\nwkuWuOG+8N6Z3RuMwdGERxxzqiQZaaUMsvaWuSpOENT55/2o654J2g==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age1j2pqnl8j0krdzk6npe93s4nnqrzwx978qrc0u570gzlamqpnje9sc8le2g", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQN1Z5NE9ZYzdoSzk3eW95\nM0RiUy9WdVQ4R0R0WE0vSmdyQXpaRitzOURNCjNYQkhRZE9NUjlKVVRhUHlPem93\nUUdlNklESGxqZWt4ODlSSWxrWFZnYXMKLS0tIFNELzNYaFp5T2d0anBHSXFScVVu\nM1FLcVdXaDY3ZWZWZ3daZXNnSjNjV0UKWNHPJ/8KgTmkJR+5omVjzp3OLyz/NsQU\nghNRhEJaX6waOH/sXyLKnRkkrrzSfORyFisfGc+uGC1+7F3johVQdg==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age1z8fauff34cdecr6sjkre260luzxcca05kpcwvhx988d306tpcejsp63znu", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxS1ptbG0yTEJzWnhBOG52\nVXdrM1lpSkNWWXNVQXMrNWxGSEFlS2h2c1RjClQ0K2tqVjVVZjk5YmIwVW5CbWI4\nMWtENDZXcEI4elljU2pHWFVjNW14NkEKLS0tIFNLRXFmdUNrOXQ3YWs2UXlBKzZT\nZTV1VDNzU0p5VDk0cHg5bkdxL2oxSWsKWWjgG/bA9UOruAQhvPKh5hT32hWwmw50\nf3MACcF+PMYNUQVzUFR3EAMe4U6A2R7bGOOSNflklJ74znQtm9gBsQ==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age1zsrsvd7j6l62fjxpfd2qnhqlk8wk4p8r0dtxpe4sdgnh2474095qdu7xj9", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5aEp3V0xablF5ekZ3OTJT\neTZGMTUyNC9qMG1qWG9VdzA4Vm1HSEdpUUFrCkd2b2drOVVMQk5Za2x6WUJtM0wy\neFdndXVmQVYzMDJ1a1hhMStWTjlnT3MKLS0tIElOc1RjN3B5TmVHNjBJVjZxR2Uw\nQ0xjaWZBWk5VQ0RCQWhHU1J5QWl1VWcKCPspteJbcAIWU3kEmQ3lBd+/jmVvnXrU\nGplajH0n+vEPesEUwQZ2+2rzKtKpfcsL4JLIP+qJ6CYt2vSTEt/LKA==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age1vnw7lnfpdpjn62l3u5nyv5xt2c965k96p98kc43mcnyzpetrts9q54mc9v", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBObjBhWjVyRXI3ayszcUR6\ncTAweksySTZhZHNRVm54OUdGTVFzWlgxNkhzCmQ3eFlHQ09xdEErb0t0MmEvWTlx\ndmVKbFhRWHNTNVJGaXgwMVcydmlYM0kKLS0tIE9ZbHJGYkJmd2lsaXpibnlkeThM\nQnBHYjRCZWdhSjFES2FHZ25yWGxoWWMKJeaLXPxsqdq7qnv9/c8wEZav9aF2ql04\nGLd60we3gGLi0hmztgzErreuBN7WUNLVRU9laFIMuNv8+On12LcHmA==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age1w7mectcjku6x3sd8plm8wkn2qfrhv9n6zhzlf329e2r2uycgke8qkf9dyn", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBoZ21IY2xRYnRoRHUvRy9I\nbStiblNNNmJBUitQZFBGTmVWLzUrWVg1T1VvCjJXQnhDcnFDdEp3ampnT1d2dVVa\nb0RodENFN3JYdGQ5L1RWeEFTQUVQZUUKLS0tIFNuZ0R2WEdING15eHhHd1VKNHlL\nbHdGYXFoRGgzdzNVZm1oNWEvWS9pM2MKJptfiZhRVlG/pdyce5lXLKEEJz+Zkhyc\nh88n7nUgmpt876CDyssKTMsE9AEsMe4HTITmFPJ/Tawo3oG8F2Qqxg==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age1tzlyex2z6t88tg9h82943e39shxhmqeyr7ywhlwpdjmyqsndv3qq27x0rf", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwZEYvSVBPVTBad0VvQ21Y\nckVQYnNiZWxNSmdIRnN0NmVKSmgvL2VBeGlzCit0ZTJkdE1samtQeGRWZnhBSVJR\nNFArR29xYnhwbEY1cUt5MWxiL0diaEUKLS0tIEtLemZQWVV5QkFZWEd0RFltZHo3\nZmNLcWMzRzNpNHBKTzUybFBYNlhvRTgKL8K4uy8BFi651jRe8E+Ay3bbvgfIbmQ6\npn63oLsaOZ2BwpcuqSN+gz5XHqaTMdje69+m8/e9VlNQnAJGdwmW0Q==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age18vq5ktwgeaysucvw9t67drqmg5zd5c5k3le34yqxckkfj7wqdqgsd4ejmt", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtMStPdVFTVUJpNzFEUmpi\nUUpKVjk3WEFlNWxhY3ErMWUxZ3FwK3VQYmhvCmRENkEvTEpkUjFFTFh6TUM0YU9G\nM0JiaXVYQ1dUV2xNWnJBUC9JQzg2QUEKLS0tIFBZc3FnNGsvaTZDVy9aOVlpc1pt\neFNnZWhadWQ4NFdCY05ZUDF6bnIxQTAKdGHkxjSzyEPjx3n9Zv94oZFQtihv3Llo\nUCyCdXkYXgK1n9G3A+60bX8IKE86t7AF9n/r8afmIzRiOGNU/PLlEg==\n-----END AGE ENCRYPTED FILE-----\n" - } - ], - "lastmodified": "2023-01-19T09:21:24Z", - "mac": "ENC[AES256_GCM,data:txvXxDFVDBGJGndePZ+Bun2/+0MReMU7JSlcE02ERPMoKr5nix3WWYWxngbXLCCXkqtacor7gsH8I+YYDwci4nnrr0DuLFpT/4K8x2SWsceD0XthbctjaFWsxjRx9ot9bRfkVjVJbIeGo7q/oOhv/QNdY8jOhLuMClPejK/xZQA=,iv:CSPEDPn3O6vcUNJ9HFEF9iCm3kninFUe4jg7UKSX2oo=,tag:hM3SyWvly7/EPn/TOciroA==,type:str]", - "pgp": null, - "unencrypted_suffix": "_unencrypted", - "version": "3.7.3" - } -} \ No newline at end of file