Juri, add sops and pds invocation
This commit is contained in:
parent
cb75b0a444
commit
eed568e289
SSH key fingerprint:
SHA256:50XUMcOFYPUs9/1j7p9SPnwASZ7QnxXm7THF7HkbqzQ
2 changed files with 55 additions and 0 deletions
|
|
@ -8,6 +8,22 @@
|
||||||
system.timezone = "America/Los_Angeles";
|
system.timezone = "America/Los_Angeles";
|
||||||
system.users.bigWheels = [ "pan" ];
|
system.users.bigWheels = [ "pan" ];
|
||||||
|
|
||||||
|
sops-nix = {
|
||||||
|
enable = true;
|
||||||
|
keyFile = "/etc/sops/age/keys.txt";
|
||||||
|
sopsFile = ./secrets.yaml;
|
||||||
|
secrets = {
|
||||||
|
pdsEnv = {};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
pds = {
|
||||||
|
enable = true;
|
||||||
|
hostname = "juri.woach.me";
|
||||||
|
adminEmail = "admin@woach.me";
|
||||||
|
environmentFile = config.sops.secrets.pdsEnv.path;
|
||||||
|
};
|
||||||
|
|
||||||
shell.enabledShells = [ "fish" ];
|
shell.enabledShells = [ "fish" ];
|
||||||
shell.defaultShell = "fish";
|
shell.defaultShell = "fish";
|
||||||
|
|
||||||
|
|
|
||||||
39
hosts/juri/secrets.yaml
Normal file
39
hosts/juri/secrets.yaml
Normal file
|
|
@ -0,0 +1,39 @@
|
||||||
|
pdsEnv: ENC[AES256_GCM,data:W1kKvcntrBOSgo7gLxwO8A9ZkWjkRWfUDZUMy5YNvhzqYS5xBPGL4QEcknWtQaVfaZklnO/+Gr5JEq/qgU2nIEY3xazfjYl4MNkZBhuwI20RwZB9voVubzHbPwjLtZbNTXRMa7BzO6a3ieSudKWAMP0dumG3/+wHtTYOM6lxUBfpw51+lNikc7kLqI+lzys0jC37ajP0/cm/U644BD0ozSSF289CLtXSkLt8sgHvA1ci8M+wEEq4aJ0JTVs98m0E7Udaride4tjLelESx3hPdoVzBIEa,iv:sQiYE//UGGA2qPfbM9//FcKEued6t8ORiKW8kfzLtz0=,tag:Fj+CzBgL8MH/6FLnUadIPQ==,type:str]
|
||||||
|
sops:
|
||||||
|
kms: []
|
||||||
|
gcp_kms: []
|
||||||
|
azure_kv: []
|
||||||
|
hc_vault: []
|
||||||
|
age:
|
||||||
|
- recipient: age1ey3wr2wnkgny3dfgvnyrf0cptwzr7s5x464p2y9ya58lpay8lfrsds3y68
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJVTNqTDZmRmcyek53SWtx
|
||||||
|
NDBIYzZYRHFmblNKTHh0WTQzQm1XMUlsQW53ClJibzc4VFlKWFpkZmJBVVFyRWJY
|
||||||
|
K000dXFzMlRnUTZuVGhCYy80NVZXUjQKLS0tIGVYdVh2SVdxam9aczNYK3ZZTmh2
|
||||||
|
TEFUOVk5MzBRbUJnd0JobUpuVjdweHcK7rSkAlsHsfxOeAOoY9FBn91x1+jJbG9l
|
||||||
|
5svl6BOCzbjso9n3EALJ+yBl58+9CKWn4ssQPr1C3NTIiCCQ9gjYww==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
- recipient: age1n8936ux6ushjyz3kuumdrz63jcwsvz7qkfj66rrkgk8d78wl2dssgev4tm
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxZ3dobkxsQm83VE1GY0dH
|
||||||
|
RTduRzRISmovWHhrYWFSQ1J6UkY2WGVleTBnCkYvR0J4d1cyQjhNTkErTVowLzRy
|
||||||
|
NkE4QzkrdGxaVStYODQ3Z0oxR0RxaVEKLS0tIFRhaXRZcnZpNjgrdGtlOC82Q0l5
|
||||||
|
eGZBNXV4SFVHUTFYazB3RFdab1pTdlUKPagc8o7qhryN8t8YllZW2/NFkcvVjihz
|
||||||
|
1i3VV7pdxjc870bwZ/gflHGygSDCsAcZnWwIjFDz2lbF/lEGfSE6Aw==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
- recipient: age13udaj4rx4g5fwqe5qg8e3lh3dqqp9me4qqq66z2s9qev4z8pyv5q9m8e72
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRK3MyYWFGeGZWNmhoTUoy
|
||||||
|
cFlNS1RVUmQwSTRYUXVkMVByV1ptdXpTdW40CjVtZDhIdnMxL3NLOEI1MGpOZHlv
|
||||||
|
cDc4Zmt4UmFEUFZoWERJbkFjKzRaSXcKLS0tIFQyNkh2V3RySkEyMHZmVGQxOGMw
|
||||||
|
N3NhMHp3V1ppclQvWTIxNkM5RjhRV0EKl8goB9tCl0BGi4jN7Fzuh0Ajm146x2Hu
|
||||||
|
vesj+ENu2E9II3OeYuBndD+Y4x2zugIpzNOPg1V8zkarJOf7R/sXEw==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
lastmodified: "2025-03-17T22:11:41Z"
|
||||||
|
mac: ENC[AES256_GCM,data:0eCl7IHwfmBVYXOESIjK4DXzAe56fWWQKprmAVVyaCipmnAfgZieDm9esU4asRibROUtbOXplTBvtAGSqG1C8C15ecNN+WCB4lXM8cKtrwkXqCp6u6bUPn+ioQSrHBDLDWK7M4NWCiPi+2FwIwQJSaKGxJtF+v2wuufd4/JsU8Q=,iv:vgz7gQ3lmG8+UhnGhcn0Z+xMzJbeC6lmWyPyrZ+mOcs=,tag:tEg4WZ5+KYGtr6iR8G1rlg==,type:str]
|
||||||
|
pgp: []
|
||||||
|
unencrypted_suffix: _unencrypted
|
||||||
|
version: 3.9.4
|
||||||
Loading…
Add table
Add a link
Reference in a new issue