rotate harmonia key
This commit is contained in:
parent
c740b866c7
commit
639d61d5fb
|
|
@ -1,7 +1,7 @@
|
|||
{ config, pkgs, ... }: {
|
||||
services.harmonia.enable = true;
|
||||
# $ nix-store --generate-binary-cache-key cache.yourdomain.tld-1 harmonia.secret harmonia.pub
|
||||
services.harmonia.signKeyPath = config.sops.secrets.harmonia-key.path;
|
||||
services.harmonia.signKeyPath = config.sops.secrets.harmonia-secret.path;
|
||||
|
||||
services.nginx = {
|
||||
package = pkgs.nginxStable.override {
|
||||
|
|
|
|||
|
|
@ -1,36 +0,0 @@
|
|||
{
|
||||
"data": "ENC[AES256_GCM,data:rD10VFg1jQLJwD9yfkro8jIfzHQo2gZUCfmXW5ocqaTXWJvj/3gEGuAqOFUrmkP7YfyD4QeYGnr/EjhMlAIEJPR/UijRY6U16AehROgVCzBCxdfEtlFFvkNt5zI9eJtAO0f0vYA1ETopHw==,iv:L+s0cQyT87Cn/56pIF1xGNLma9L+PYcvj/9NoWYYGPE=,tag:j64AhN4u3tlxbO7bZSalOA==,type:str]",
|
||||
"sops": {
|
||||
"kms": null,
|
||||
"gcp_kms": null,
|
||||
"azure_kv": null,
|
||||
"hc_vault": null,
|
||||
"age": [
|
||||
{
|
||||
"recipient": "age17n64ahe3wesh8l8lj0zylf4nljdmqn28hvqns2g7hgm9mdkhlsvsjuvkxz",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBMK1ROcTJaSG5lY0NzVUZU\nWFdCTVlDYS94U0JmR1NVN0FYb0hGM3RVTjFZCjNtblpMVklQbVZQTFVnYjdLZW9G\nandzcjdaQmRiSEFOTmdjWmFJY3lkY1UKLS0tIG10ZFd4WllIUjN5OHJYVkZ1eU1x\nS2lWclJQdlhWRDNHd3Y5SHdpQnM0YTgKafGQ0YBxSfKWVRX+j5bUZ7fU5z0FcIr+\nnKWIIcMnpp/MN3shmZZu1c1rdKC+O48Pu9dInQ3d3/VYZuXgviwP8Q==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
},
|
||||
{
|
||||
"recipient": "age17xuvz0fqtynzdmf8rfh4g3e46tx8w3mc6zgytrmuj5v9dhnldgxs7ue7ct",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBCSElxMnBMdFltMnN0aHoz\nc3J3UVFBemFNNmcwRzhGVXE1S21qTGJIbm1nClRLaU4xWktLVDZrRGxkV0swdXRJ\nWUpYWmtzRCtQWFl5Rnk4UmxRYkxxYncKLS0tIEZ0SEtZL05CcU1LTGE3Sko0U2NW\neFNSbTQwYWRrV05UTjZ5ZWNrRk8zUFEKiadOv+3Fq3/Tt7zqL1mb8eDRsSEctSlD\ncj2H4Xgm33sL3XlO1pvUwe/GC428VGtPrRERxywuV++Q/1hgQDw5lQ==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
},
|
||||
{
|
||||
"recipient": "age1eq0e6uhjj2tja8v338tkdz8ema2aw5anpuyaq2uru7rt4lq7msyqqut6m2",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPaXJLUzB3eGhhMy9pbFF4\nd1dDN1JuQ1Y1TEVxbmdhSWtiVlc3K1kxQUhzCnczU3phMXR2dkdSazVPL1dmYVYv\nT2FvNW5pRVhjbFF5WEN2V0gxYlhSOHMKLS0tIHl0SlR0dkFualVTMTlSejBydTht\nSzYrZ2lQK1hSazV4QXBMQVQ0NjZwUUUK7sHCwiTzefQ2/mJAZE8l615t1Egc5/1i\nKv1GAnn06HTR1TbchVfmpkZI792flAs77diwsDTBgP1fIKmcy9w4rw==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
},
|
||||
{
|
||||
"recipient": "age1vphy2sr6uw4ptsua3gh9khrm2cqyt65t46tusmt44z98qa7q6ymq6prrdl",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPWURNWUZXQWFKM0NPSkRN\nZTNlYUMrVWFPVDVTbEREUTVyQi9TZ2ozc1FZCjZ3c1FDcis3VFQ4ME55UXE5d0Jq\nWlo5M21NUjhONXR1Yk9vVXBtQlBNbHMKLS0tIHBkaStlMHFCWG1NaHkwZHAxWnBS\nQ0FxaGw5UzRmMUtSR0J1LzEzUmMxNmsKzIvnWnPrrmLaFE3WbqNjfLw0uUKpslrt\n3cWxm5HwQlLWyLChE6Hba3NNJAEJl8nlBxeJhA8Tg0liFY9231kcgg==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
},
|
||||
{
|
||||
"recipient": "age1zwte859d9nvg6wy5dugjkf38dqe8w8qkt2as7xcc5pw3285833xs797uan",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBuUkVLc2JldDh2bkF1TUZ4\nQm91UW84UWxOUXRkSHlmbmpoMS9aVDVwZ0hrCk5lZEwxNkNneEV4TUxlcVgzZFNr\nd0lpUzN1SVBjWDlDalNuOHgwU1JBMWcKLS0tIC9WVXRFNno3TkRjNFNaQkNUZ1I1\nVUFiSDV4bi81emNuUkJwNXVYdm81UFkKtsuX9ZNK4YbXsWEIXgZRq8nOBCuUe1J0\nWtRl+9R2h8z6tDDTH4UUEzBND27HrGvaRItcyqMFPKxPtZOQc3SbiA==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
}
|
||||
],
|
||||
"lastmodified": "2023-08-09T10:59:21Z",
|
||||
"mac": "ENC[AES256_GCM,data:CTJ99n1j2GyRfqnzOVGoiJkZeoAeC3g8YNepa2FDIVb/ktK26ir35UF+HP14VtftviRxmLZFt1V1MxMxhotox9YlcMxnMLSZVPPak2sNK4yPw73Wf91EYDlaDJxXsB1tC14vbnjn8EP06Pt59gG9AFEiKB+vAH4R2tGS/NU+es4=,iv:T0xJkwZjfMZGLHzmBeyffG4PHy96zCGNUzf49MXi5gg=,tag:lORQc1YfNacORs8qIdFr6w==,type:str]",
|
||||
"pgp": null,
|
||||
"unencrypted_suffix": "_unencrypted",
|
||||
"version": "3.7.3"
|
||||
}
|
||||
}
|
||||
36
sops/secrets/harmonia-public/secret
Normal file
36
sops/secrets/harmonia-public/secret
Normal file
|
|
@ -0,0 +1,36 @@
|
|||
{
|
||||
"data": "ENC[AES256_GCM,data:Ggt01QP6hYLo4iqRQ4yEJUK+G/HxOomb2th2WSctpfwy2KDV18Z2i1pt6y20bhAoY6JrvwpyAEOdGAme3w==,iv:Xr3ZFk4SU+z1XPecVu4/IpH7QZqysaXMKuOp82naf3w=,tag:bYZ7IlDYC+MAvdn77qHObA==,type:str]",
|
||||
"sops": {
|
||||
"kms": null,
|
||||
"gcp_kms": null,
|
||||
"azure_kv": null,
|
||||
"hc_vault": null,
|
||||
"age": [
|
||||
{
|
||||
"recipient": "age17n64ahe3wesh8l8lj0zylf4nljdmqn28hvqns2g7hgm9mdkhlsvsjuvkxz",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmRjZYd3BJR25KQk5sNEZX\nVVFIMDh2OC9FMkQ5V2JscmVHL2F6N3Bic2xBCmQyTEtTRTBpVndOd05ZU1d5alEz\nTE9LTEdvOU5QV0FkYmQ4NWx1ays4WTAKLS0tIC81M3IrMUE0Sno1Rm1ZNVNjaVpw\nV0FseEFnemZCVFdIVm5MRUVaL3BpYVkKSC6m7nn+QbPqT+QOavqOu+at/7I78qcK\n7BmpwTRxHpv/Lzpa20K0AmgD8OmPiI0IIOkwnKCzYSLPX6/s+HYqTA==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
},
|
||||
{
|
||||
"recipient": "age17xuvz0fqtynzdmf8rfh4g3e46tx8w3mc6zgytrmuj5v9dhnldgxs7ue7ct",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBjK2pTOFdhcVl3ZEdVVHlP\nN1IyUVRwWXh2NmYxc1NIV2VmcXh5UzM5TldBCmw5SjcvQmxTc0VpSWswOEU3SWg4\nWEFudGhQdzdtTnpxY3djMVFXM1RvbmMKLS0tIG01bjhQcHhnQTNRaktNcjN2NzNl\nc0MvdDF4ZUNXTEJXbkppV045QmNUUnMKNECqfLlI6XwrfA5cOQk3VGRKX+hMqvNd\npEHUJ8fsHXb1myq/KJ65F1U+1V8F9sI+Vmf01d2ZuXB4Zi1j1bY5dQ==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
},
|
||||
{
|
||||
"recipient": "age1eq0e6uhjj2tja8v338tkdz8ema2aw5anpuyaq2uru7rt4lq7msyqqut6m2",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRVlJHTFJCL0twc2w1bVdP\ncjNMN0ZSd2NlT0M1R0doY2U0NXZUK0kwdkU0CmVJcUUwcVMwNjBPQ2lINFZLUU1X\ndVoyTEJCY2tOSFR2L3NWWkNXTWhQL2sKLS0tIE5sQlE0WVdVRWFSRHl4Q0FDcHc2\nMXphWDltbE9KcHJiUzZxOEVsS01FeHcKTpriffBPZT5ttUd1VeFFGnCx3pKCOvK9\n/QCoY5Ta74spuQkY45gdOXp3iYRFi/fYiHLYGZemb3aZkSdWpKkdNQ==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
},
|
||||
{
|
||||
"recipient": "age1vphy2sr6uw4ptsua3gh9khrm2cqyt65t46tusmt44z98qa7q6ymq6prrdl",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBFc09JdnMrcCs5ejQ5SU02\nM3dJTllPWWszQTVUZHBzUnFVeDNRczBnSXlnCkFzT0FrQlpTV3JkQW5vNzF6OWhS\nSHVSTzIzeVp5RWRqdVp4WThYeFF1Z1EKLS0tIFhTUGtDM1ZmaldzSitLYUM1c05v\nOWFzYW0rZDJmc2hnazhHYTdEWVpwV1kK/I15tNlcbzryPW6ABSLCkVDyVX16lXSW\nP2MgA8kssjarCwQAYZXBbNvsqOswacEzTBeOimm5J9NMDAt9aF8nUg==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
},
|
||||
{
|
||||
"recipient": "age1zwte859d9nvg6wy5dugjkf38dqe8w8qkt2as7xcc5pw3285833xs797uan",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPNENVSm5BVWwrejYzS2Zx\nM2xkNEo1Rmk0TEJrVjRkODhVV0hwV2VGQ1JJCmYzSnVoVEZGZGM1K2M5UGcyaktJ\nL29PU2ljcjdwNXo3UnY4cHRKU3hjejgKLS0tIGE2TEcxTmhvY0paZ3k0SHluRTdV\najlUUDhjNjB1MWdEQ0RpZ25EdHNvT1UKal/QfcSV8sFF3ZcU/NlMR2f3kVWfwmsP\nuD5EQ1tsp5Fbayrwc3CzIWukV8EVkEGHinY682sS0hu0RoV99X4IRw==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
}
|
||||
],
|
||||
"lastmodified": "2023-10-04T05:57:13Z",
|
||||
"mac": "ENC[AES256_GCM,data:sKISFOO84xWMd8oUsK54FHqd7DY+muCq+CavvFOFU/vkOyIunmGt7RRKFdKWMbnVLjeMjWiQpL58NpRWcXRa2BA4y4lsH4T9hJN1U7XP9T9V/ADzPq6TXKERWKwrUcy1FZN3my3i9taq/N4Oam8qnhNfnzK6UBoF5pWdc2/efl4=,iv:xMCIgxeo+qT8y1xJsljMziVPXPKsbN2vO2Hd2RtNUg8=,tag:6dSewJcXLMIBToGKapCBoQ==,type:str]",
|
||||
"pgp": null,
|
||||
"unencrypted_suffix": "_unencrypted",
|
||||
"version": "3.8.0"
|
||||
}
|
||||
}
|
||||
1
sops/secrets/harmonia-secret/groups/admins
Symbolic link
1
sops/secrets/harmonia-secret/groups/admins
Symbolic link
|
|
@ -0,0 +1 @@
|
|||
../../../groups/admins
|
||||
1
sops/secrets/harmonia-secret/machines/web01
Symbolic link
1
sops/secrets/harmonia-secret/machines/web01
Symbolic link
|
|
@ -0,0 +1 @@
|
|||
../../../machines/web01
|
||||
36
sops/secrets/harmonia-secret/secret
Normal file
36
sops/secrets/harmonia-secret/secret
Normal file
|
|
@ -0,0 +1,36 @@
|
|||
{
|
||||
"data": "ENC[AES256_GCM,data:VYMzJssS+WYht3G8DNFI8xuT/bKBZW97FUiC0pFrTVQgQX2S1MGcErXgOnL1joV57t9W5QSrORzygYUoJYwB43t5Go2tleRIWHiJg7vw1t+W9GWpHtoONB6Xsxasm9PeAUd3dh0QcusF,iv:/QWSp128zNqQqHdO1dA7bGcyIP8ECAVMz5Iq2X3Qk6Y=,tag:IibC8bkmWiOOTXtbuwxYbw==,type:str]",
|
||||
"sops": {
|
||||
"kms": null,
|
||||
"gcp_kms": null,
|
||||
"azure_kv": null,
|
||||
"hc_vault": null,
|
||||
"age": [
|
||||
{
|
||||
"recipient": "age17n64ahe3wesh8l8lj0zylf4nljdmqn28hvqns2g7hgm9mdkhlsvsjuvkxz",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBUejFTVS9mWTBVRVZBOGNI\nT1FxQmhEc2VuQkptVVJCNjdVSnNKcGhDV0VzCnBkN1oveURuUmk0dmo4a0x4NFhW\nL01hV2lEVUZqWjdKYm9wRGxTZXZ4Q0kKLS0tIDlSY3dBUFErNkhwbE5hTTNKUWZo\naTVkZUwxdHBmWmFQNmtUUmcyaUh0ZEUKpat16JYBDVdSNrIh0kVMzLelyzJCIIB+\nytAYILW4muReME+gWkgrmgpIJnCsT7gpBRYZSp9BZrxELP5+9Cax+Q==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
},
|
||||
{
|
||||
"recipient": "age17xuvz0fqtynzdmf8rfh4g3e46tx8w3mc6zgytrmuj5v9dhnldgxs7ue7ct",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSByR2UvWkpHNnVtM3FvVkFw\naWRMZEJaUWoydHA4b0Q4bU9USmlSK2tjY1hRCnd6dFUwdElLY3dvL1lwcjhNVzRO\nMUdCTElJZzgzQUMxdFNMUDMwaDU3MzAKLS0tIEZQZ3JJWVFMUzJmRlA4RFNZWWpL\nT1EvYWVvWit4MXVxMm1UZndaa3FQa0kKML2cqL0HMWcpncAqiTVvB2+PVrvot5oJ\n7kIcpVs72hMywAQ4+jxwh6MVRyfggXrIr7R8IpsKPe/MA9SPXl+AgA==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
},
|
||||
{
|
||||
"recipient": "age1eq0e6uhjj2tja8v338tkdz8ema2aw5anpuyaq2uru7rt4lq7msyqqut6m2",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYZkxuS09nK0VkUHhoOSto\nRkhhVGQ4MEZrbVcrck1DZmx2T1JpSEdHSUhNCnJVTEdjNGd4SCtvMUJsR2Q0K0N3\ndTZibm5TRGVxTURtQXF3eFE4Wi9XV1EKLS0tIDhSZ0hTTG8vTXpLejduSkc1VWtt\nK1o5bXk1M3RMK2ZzZ3pOZnA5bmJETzAKYmMqHPNtzcXK94tBAJO4siYTET6eZXmh\npWnx5UEMUhPsdWDyFiD9h0vSM+Or155iZoo6vbTVbflSSuY/LxT5Xg==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
},
|
||||
{
|
||||
"recipient": "age1vphy2sr6uw4ptsua3gh9khrm2cqyt65t46tusmt44z98qa7q6ymq6prrdl",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBZQVVQdTN3QkN5UmlGSmt4\nZFZ3bSsyM1gzUGdURkoySTRIVms3RHY1WDJZCnovZWRmalRNVlNOaWVvOW1IZThR\nTVZnMm9mNG9UNWFDOXUzLzZFSlRSN2sKLS0tIFgrMTMrblEvciticVlSNVRsbEE1\nalQrZU9jd1VOVitPbjNiTHloakpPR2cKxCHBiCuuWIwNG96enMprUnVmLa03lJTl\nOw6SYKUXgTa/GBeEhskjCUMyIxlW0o+WRWa9ZWlaYBXFbCiX0aPQTw==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
},
|
||||
{
|
||||
"recipient": "age1zwte859d9nvg6wy5dugjkf38dqe8w8qkt2as7xcc5pw3285833xs797uan",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQZ0gzQUxYTjdOYWNDMzUv\naWlBMFViT1dQb2hjNUxDSlIrcWdwMm8xN3dJClVGdkt5QTVQOVpvZ1NMWnZJVlln\nZjY4RER5T1h0UitmVStYRERSbnIvN2cKLS0tIFZjNWF3UDk2R1ROdHh5Zm9Fb1Nz\nbFJVeklsU0RKVzhzaUh3OFJmRk4rWEUKT1tm9otO9CaYyN+HpwuIr0HPEwyPWmrR\nhoUDq2nqIUmsXzEDEPGfD47ipCBcsfggb6a1iuSL6i3NeHYZSxi9dg==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
}
|
||||
],
|
||||
"lastmodified": "2023-10-04T05:57:01Z",
|
||||
"mac": "ENC[AES256_GCM,data:Pa7mGbrXuLOQVM9pJW97Nel1ebNNVOEDJReTEZg1OKWHFlJUFD/a01q8IbUPrVQoPD8TTfxFQDb/LC4i7qzoJkFr65M7lbn99ctQQyDZPRjWYz/4NkNgvF3KASeQ35UCxBqM990q2DR45pw0r+1+rMaFrNrupYBiqmP+/rh8+Bk=,iv:1m+6p77zpJiiiuYBU307fmH4jo0MRvPPEBfIbJejru4=,tag:sWlZ6d+L8cq91aFYGJERVg==,type:str]",
|
||||
"pgp": null,
|
||||
"unencrypted_suffix": "_unencrypted",
|
||||
"version": "3.8.0"
|
||||
}
|
||||
}
|
||||
Loading…
Reference in New Issue
Block a user