mirror of
https://github.com/Swarsel/.dotfiles.git
synced 2025-12-06 09:07:21 +01:00
feat: enable sops-nix on NixOS side
This commit is contained in:
Swarsel
parent
183c04212f
commit
fb8c7a946c
GPG key ID:
26A54C31F2A4FD84
7 changed files with 363 additions and 146 deletions
10
.sops.yaml
10
.sops.yaml
|
|
@ -28,6 +28,16 @@ creation_rules:
|
||||||
- *server_surface
|
- *server_surface
|
||||||
- *server_stand
|
- *server_stand
|
||||||
- *server_fourside
|
- *server_fourside
|
||||||
|
- path_regex: secrets/certs/[^/]+\.(yaml|json|env|ini)$
|
||||||
|
key_groups:
|
||||||
|
- pgp:
|
||||||
|
- *admin_swarsel
|
||||||
|
age:
|
||||||
|
- *server_nixos
|
||||||
|
- *server_surface
|
||||||
|
- *server_stand
|
||||||
|
- *server_fourside
|
||||||
|
- *server_transmiss
|
||||||
- path_regex: secrets/surface/[^/]+\.(yaml|json|env|ini)$
|
- path_regex: secrets/surface/[^/]+\.(yaml|json|env|ini)$
|
||||||
key_groups:
|
key_groups:
|
||||||
- pgp:
|
- pgp:
|
||||||
|
|
|
||||||
|
|
@ -528,6 +528,7 @@ Lastly I define some common module lists that I can simply load depending on the
|
||||||
|
|
||||||
# NixOS modules that can only be used on NixOS systems
|
# NixOS modules that can only be used on NixOS systems
|
||||||
nixModules = [ stylix.nixosModules.stylix
|
nixModules = [ stylix.nixosModules.stylix
|
||||||
|
sops-nix.nixosModules.sops
|
||||||
./profiles/common/nixos.nix
|
./profiles/common/nixos.nix
|
||||||
# dynamic library loading
|
# dynamic library loading
|
||||||
({ self, system, ... }: {
|
({ self, system, ... }: {
|
||||||
|
|
@ -619,6 +620,20 @@ This section is the biggest pain point of the configuration. For every system, I
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
winters = nixpkgs.lib.nixosSystem {
|
||||||
|
specialArgs = {inherit inputs pkgs; };
|
||||||
|
modules = nixModules ++ [
|
||||||
|
nixos-hardware.nixosModules.framework-16-inch-7040-amd
|
||||||
|
./profiles/winters/nixos.nix
|
||||||
|
home-manager.nixosModules.home-manager
|
||||||
|
{
|
||||||
|
home-manager.users.swarsel.imports = mixedModules ++ [
|
||||||
|
./profiles/winters/home.nix
|
||||||
|
];
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
stand = nixpkgs.lib.nixosSystem {
|
stand = nixpkgs.lib.nixosSystem {
|
||||||
specialArgs = {inherit inputs pkgs; };
|
specialArgs = {inherit inputs pkgs; };
|
||||||
modules = nixModules ++ [
|
modules = nixModules ++ [
|
||||||
|
|
@ -4769,6 +4784,51 @@ Setup timezone and locale. I want to use the US layout, but have the rest adapte
|
||||||
|
|
||||||
#+end_src
|
#+end_src
|
||||||
|
|
||||||
|
*** sops
|
||||||
|
:PROPERTIES:
|
||||||
|
:CUSTOM_ID: h:d87d80fd-2ac7-4f29-b338-0518d06b4deb
|
||||||
|
:END:
|
||||||
|
|
||||||
|
I use sops-nix to handle secrets that I want to have available on my machines at all times. Procedure to add a new machine:
|
||||||
|
- `ssh-keygen -t ed25519 -C "NAME sops"` in .ssh directory (or wherever) - name e.g. "sops"
|
||||||
|
- cat ~/.ssh/sops.pub | ssh-to-age | wl-copy
|
||||||
|
- add the output to .sops.yaml
|
||||||
|
- cp ~/.ssh/sops.pub ~/.dotfiles/secrets/keys/NAME.pub
|
||||||
|
- update entry for sops.age.sshKeyPaths
|
||||||
|
|
||||||
|
#+begin_src nix :tangle profiles/common/nixos.nix
|
||||||
|
|
||||||
|
sops = {
|
||||||
|
|
||||||
|
defaultSopsFile = "${config.users.users.swarsel.home}/.dotfiles/secrets/general/secrets.yaml";
|
||||||
|
validateSopsFiles = false;
|
||||||
|
|
||||||
|
secrets = {
|
||||||
|
swarseluser = {neededForUsers = true;};
|
||||||
|
ernest = {};
|
||||||
|
frauns = {};
|
||||||
|
hotspot = {};
|
||||||
|
eduid = {};
|
||||||
|
edupass = {};
|
||||||
|
handyhotspot = {};
|
||||||
|
vpnuser = {};
|
||||||
|
vpnpass = {};
|
||||||
|
};
|
||||||
|
templates = {
|
||||||
|
"network-manager.env".content = ''
|
||||||
|
ERNEST=${config.sops.placeholder.ernest}
|
||||||
|
FRAUNS=${config.sops.placeholder.frauns}
|
||||||
|
HOTSPOT=${config.sops.placeholder.hotspot}
|
||||||
|
EDUID=${config.sops.placeholder.eduid}
|
||||||
|
EDUPASS=${config.sops.placeholder.edupass}
|
||||||
|
HANDYHOTSPOT=${config.sops.placeholder.handyhotspot}
|
||||||
|
VPNUSER=${config.sops.placeholder.vpnuser}
|
||||||
|
VPNPASS=${config.sops.placeholder.vpnpass}
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
#+end_src
|
||||||
|
|
||||||
*** System Packages
|
*** System Packages
|
||||||
:PROPERTIES:
|
:PROPERTIES:
|
||||||
:CUSTOM_ID: h:0e7e8bea-ec58-499c-9731-09dddfc39532
|
:CUSTOM_ID: h:0e7e8bea-ec58-499c-9731-09dddfc39532
|
||||||
|
|
|
||||||
|
|
@ -112,6 +112,7 @@
|
||||||
|
|
||||||
# NixOS modules that can only be used on NixOS systems
|
# NixOS modules that can only be used on NixOS systems
|
||||||
nixModules = [ stylix.nixosModules.stylix
|
nixModules = [ stylix.nixosModules.stylix
|
||||||
|
sops-nix.nixosModules.sops
|
||||||
./profiles/common/nixos.nix
|
./profiles/common/nixos.nix
|
||||||
# dynamic library loading
|
# dynamic library loading
|
||||||
({ self, system, ... }: {
|
({ self, system, ... }: {
|
||||||
|
|
|
||||||
89
secrets/certs/secrets.yaml
Normal file
89
secrets/certs/secrets.yaml
Normal file
|
|
@ -0,0 +1,89 @@
|
||||||
|
sweden-aes-128-cbc-udp-dns-crl-verify.pem: ENC[AES256_GCM,data:5je4QCI3aR6jpE0O+0ssm/ZxrrgNL62XFF9XIh3mkwSKOMq3vz9H4xsDbDjnKxnZdMi7ogIEtAizbga7kuhyD3CuPlFX08poVFvALbjG95bdblphUQpKx2AN1wxpKUjLlt9DsU9sjdtCkVB8NEMwt9+CyJzyvT7ZgJYemM47Ts1gxlKvo4Vh5lHrpUWJ9Q0lHwW1J0PrAe5EBTkVc4/StdhKRgKAYnQKCAfVdrNe5SHSIqqjGvb3+5fjnwwIRE/5g6Zmn6nSpbsD7XNMDdrS1aPMLylY02sTd9BF6ZTfw2AqYbr9WSzTmMoc0Z1gMmwQX22rgvjuq0rf38Mx4TQRCCC2dPNnmSxQa5eyYfIKp3Y71Mnp07c1AVYQDOq/8Db71gapavudIV2F/iIOeJKpHmGB2HvI1bVKYfvccOdyVPZu3T+qrBHrr6kj0+PJed27tihMbVKkPTELwQJFFTAtQJcG/F2W6WEaYgu4ap51cGXOMm4SF2ANL+bSSl8mQcyOU/N69WXbfKFpHO4tV+me1lnuJwl/YcukZnzqrYvA0BwrfNHnIyyApUyqB2cLxLAJ6cH2ixceNC22j5P8s2DBBan68NJFewTqgEoyPJdbtBvHTVRM0CRHekGBjtUznwrB74iXI/BvddfAWk006f6vbja2IJ1BcE9GHG74ZEYUIag5BErQ6Rds2+pBnr+xh9wjJsYeLLiKATkvjM/4pCND+RwKLpHNlyUxw7mBeJJAsfE4EZC8ZP5Mb8bq0G2Suxe20YgIWvx4M2RskJlAX/XJcQSJqLBVb29altiOiVEcdzZRDpGPqJwPr0iWGSQuXJ2VOZFRyqRu2JxFa/DCnxVyk9fbqTMKnh7jROdh7gS7++1MGrdzg/hJw9Q0uD1bLVo472i4s2wJqt/VYYc+/3UHR0kmt2ftSiux/lSb/+gmGk5onOyWZKLmkFEYG++MJVRksXTjn1xnFT1CFmQ8c+/qWUqSmcbHuAg2btCzlpuOuANYSRmmMbFTTkMkYjKDRKrQD/CmbW52cVUIm93WuELQIJ1Ri02XVM2pwoZfnKr3VY0y4yLXSylWLnXJDydDZv0ZmfU9Gyi77M88VCzYlQX6SSpRJ/r+cjdscauXzxo4BNVxjRgvNGOe4DkAeKXy50N79sw/WMY=,iv:b4QKl9Qr2reO3kgZ4Ls1vKyz5tKAP93s9pZe4UihwW4=,tag:Xe5jcylBt4D2jhc+ZkCRWw==,type:str]
|
||||||
|
sweden-aes-128-cbc-udp-dns-ca.pem: ENC[AES256_GCM,data:G2IiEee0cVH/7fZbaGDiyyE4iphqlhsLCaWOwznl11k/rDximnc8B1y3vT9C7eZcQ9Cj0XB9C5tzeVP3Cqhq4wxOP5bqDCYvoBG6ZzMxsDXM9OcvWe6Cxv94C+t7bHwL89yroDhfz08I/YMiCc0HGXTlf1aAVyD0NBh+LM20Q3Bh1Xhpl3gITf1Xs7BJxpHDXCAEku7ufnIxZb4aTWwWn4DGG6NmzQt2we39/pW17s7/1rM7Jo6BljfqmMBLyLry004tn1tvzXjqOY64SLl0h4ufLrAIFoxg+nsnc4ymNYTuR/4eh0JzeJaNNSqZjXT7aVhTKV36HRV9vMkXIHCC83kfHLU9rB8gtb9b+pPDaSDO25yYaNS1+VkMEZNRtpq9A3Nag25z2qpIOVfRLZgIj4ScWsD+5PIwRnwn9M+hRGfYsblhf1fYtYUQnByl5K4Lh/MycMFdp8JKJMedVKRzlHNhWqDqu1zpiYTFK5wiZ+PJVshh4zzIaFbvmrHZINzVsAmhNGQBptUW2oFe+Py/c1zGpWJkZ4fk4PlhppiQ5zr4r82p3fFK0JtbSbAhprzUkgwu2nPwzFcplKDGlT/a4FpmUgYjIgNEWRjBDqk8hrMLgHayiQaZ3D2EH5FlWiKpO+kx/np/hPj7gIPMs+5IDGtFfMESlJ+wM7bxZOkk0DyNvfJkPBlJa7d8imv7XIw9hTu5ii8cfqha1rBfx8P1hy9kSq5kGqO8x8NA50Ynktrl7uu/qLJiUkSdR3bdfakWXid8wjh79saY1OXc83cooCW9DRNuFP9+murzbA+hYXvc6dr5fFvsk5mH6oVzqudgFD1UD6s16+9xwN39Z0qVloLpaZbUN5Jbl83Y0MxhzeNOL1cu2fGx8O2Pt7XsmhMs+RstGIORSjFPiGkVT3ejUJ9icIMcTVkzvT+8lW97purrJqmMUmuUEtReLFYdt8NNSLVpyZdVWhnuLlUbO05HzAOUgqKmcLoK8eTJlTkkB3qlB4LtjUKvaLKm2HD5hV3RUiEoec3rQhRsOjXox92iIdct3l2YK7TWU+xxZoM2PlajWfDVm88r+jUhckUmIuZaGNAyGWFtju3de/x1vvdsSvkjibV1eh8w1CKNU3rC38eTdLLMpAgpel/KsHk9+GyHOg/LOocUeb5BDb7NE34SHpC8LTUCYq7mh3PbyoDGkErmi4OI2qSrZzaONUcU1/nBOXYyixPfhZqa47mCTd6Czcc7d7izI+c06UXvd1lxyxDZoIpBYoIBgKBNuSE6Ek83PHx2eShI5PIZ5o+R1TbR+LRYkYLJLyxQbiFL6SIRMngTNHvSFlbTIB1RXxBhTO6RX/dBt1ZM08Ga6NCgpSbsRiuFGOS54TSi9s54b1DCWgNs3CDAoFAtkvWWr0N9uk3IvcxpDMpR5Tw5DmKk21I/gsRWfQqr3bUYcI95upQ0N6Z7li3vjUwQd7mQ7vOzteKjZitAa0VBr8gfz7DOYXJaRfzFkcdZS54O/dWCr2N8A0CcgXfUEpXanc7JR7qiYwqv4GJZ47ZcjD5uVwqbrcdXj97v4LBV+zYf49LBq2OwqssgOJ2F3N9j2PR7x4+O3Xp4aw7V7pLii4/W/LxBED++b3dUvIX2+Mv19mpU5GIX+EyXLe1Ds6pEHFW3mbKEBOdPv5iQML2qhCIsjfw6v8Flge0xaK/Ex+LY/zBtIFv4rMpDVwtkDBYEeQAmSAFPLoPxz+l7Q7xkVbgnW1vwHqt7fZ9zhoTU26y00nX/B74rLxTNLoHcoyoErmpuAJeg+53P9vvXj0F7lx5EgQaybckgx8svhrWpX+BlrZXz9clTp9DGZsZg+Uy7k5/Fc3sFZ7Y4Vatwx2e3SH6vV3g15BLjEbnM3a7e3TfUKGxUVi7bZG2Z5z+9w3aF1zuAH/tZZNO4Dgv7PoGtU4/uxzzW88dPMH+oU9M/LueepyAtIJ/AbH8b5GMCl9/TiWUsP3FZlhuDH9hf2bHaZ2Vv5trj9Y31C87RbLKGueOfY6S7GyQXbHuEygZqxI+4OPw1oBcPHh/+7twL5ltLZj/NUQSjGKcoxHhTvOoE8pjNNTDtMX9WHqiyCiy8mM7qEuSdXm48UwFB0R897kYZoa5mZoSgj3WfjkqY2yu8wmXQx2ArSeHxF/9u88+d90pRgF9LcjLzO76/aGqlkbitBCOF7wtNuMj9mAYr84Yp4/PeNxPTiYaG0hj2ysjZhL8awnt5Ua6O83TPY8obU7G98xeYO5dl4B62TbdXwrqO+0NH0k0VZWEHA1TQbbn3DKXgWl1ehr6qKZKo+vuKzUFgjEU7EKIjnuXlv5AHsdsbKul1x4mtN0lGRGpc8xB0EzFfsxRzkb8LBjZjm13HsD54KayEnZHVKtKscMAYf1+VzasHLAQJzLXQNrSTqsfknhWZ0bkRdBr5bT+4V0mU3G02Us4WqhlBfGuuot5K5z+OUy0rsC1uvgl92Q6wR/a44ikPs4b60wyRYlxStfAPM3Kqw3hQAdAw5fpPT54yE5eHF9kU3zdo2XMKhxmhV2+i1eHauPCp88xEVTNLiR22rSDwoYMdDikZIyihdWH8dZfpq2bbCDnCscAuELJD3H0+3nFeM3RvtMx+l4ySSD3cj9tyhSwKTvvvPzsbanlo0S/82LJU5hDaM9C2vDtl/EYSsYN216J0hpxDTMwZQQ5NN2JNI1qm,iv:DcPiMfGUlnOZXuULOujLhY1qhN5sUbpWX25bexN3OKc=,tag:/i7U8WVqlFdP4DGwx7SxKA==,type:str]
|
||||||
|
sops:
|
||||||
|
kms: []
|
||||||
|
gcp_kms: []
|
||||||
|
azure_kv: []
|
||||||
|
hc_vault: []
|
||||||
|
age:
|
||||||
|
- recipient: age1zdjm8qa5t25mca0xxhhkpuh85mgg4l267mqjj2pdttksq7zg4unqdmqyp4
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBZNUU0OUZsd0hBd2M5SnBI
|
||||||
|
WHFyOGZyRHpwN0ppV3pwY1BMYmhXYVphK1RJCjJWQ0xIVlR5a3Y3QmUyaUdmMGRN
|
||||||
|
ZVBNUnJRWmNoTGtiZGNLdHJvMFJ4cmcKLS0tIG12TFFaRTVRVzRBeC9XbUVxRC8y
|
||||||
|
Y0FrbjBnUFpYKy9qOW1nNEh1YUk4M1UKO8X1LrW1GNX9lcCypG+0xGph89HDvXoD
|
||||||
|
ks525d1APxklHFJjcVUkeU5nFj7U7TO4lzgF5dAIh/bgeQxa+mmp6A==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
- recipient: age1zlnxraee6tddr07xn59mx5rdexw8qxryd53eqlsajasfhfy78fkq705dfg
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSaVBxazBKaW01aUlEcTBT
|
||||||
|
TGVxZ0lUV2d3d3FFd2RzclRTSnRHU1dNdDFBCkVKWFd1RkU1ejFlbVlYaFVWWDFK
|
||||||
|
YXc5alpFOTZ3cVFYTWdibjlFeVlFQkEKLS0tIFZKcE5BKy9FbVVkbGFkb0JtbDU4
|
||||||
|
NDEyU3ZDdWg1d3lRQjRRZUZWcGwwRmMKKL5nxFPA+CHPQ7QfCiBzpF35NgedZ9my
|
||||||
|
xIl3ZJRe4VxYwZ0fuRuQ+SSSi6lJMAIPNF6rULwbS/r2TwQnqyhgOw==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
- recipient: age1hkajkcje5xvg8jd4zj2e0s9tndpv36hwhn7p38x9lyq2z8g7v45q2nhlej
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBiSFR0U2JkR1hhQzJSSGhS
|
||||||
|
N3FLK1oyMjY5dFBOZXRkYkFuK1dMR2J1akRFClVndkY4VUlPdFIrOEpEQzJxZkgv
|
||||||
|
N2R6U0xwWEVTdW9ENXhPa0w0UHZVUjQKLS0tIGwydG5hOC9US0VjL1NWeWNKb0xy
|
||||||
|
dVB4MzJqQ1BGbVM5WXhyV0p4RG56KzAKTfZ3t8jjRXwNU0Tie9EXV+CbHSJVSI5j
|
||||||
|
QNUxyLMHtumr4rltzM0E9CMd810Pczyo0F9SFx33/01Zx6J5AoK3CQ==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
- recipient: age1s3faa0due0fvp9qu2rd8ex0upg4mcms8wl936yazylv72r6nn3rq2xv5g0
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBoNHExSVZnWklTK2lobjlS
|
||||||
|
aVFELytZNDQxb2ZpZ0tQNHR4RVFWMmkrckZjCjRPSVFPOEJxWFZJQ3JLTWtYQUxh
|
||||||
|
enRKUjVoOEt5eHIrV3hUMFVteVNjZDQKLS0tIHA1MTFmSU5Db3YwTmZ4eFhYTGhv
|
||||||
|
WDRNb0c3MXl3b3ZZSTRSeDRlTnJJL1EKObu5vdmqICKqzC9sl5Wm5EY3kcTE1Nkm
|
||||||
|
P+588lX9ud2ZUCXCfOFZecAxl/pWMtbVI187YowqQGYXNSNZpP4z+w==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
- recipient: age1wevwwytv5q8wx8yttc85gly678hn4k3qe4csgnq2frf3wxes63jqlt8kqs
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQSUNYVXNNc0lNRTROVVMw
|
||||||
|
T1VjcVdQbjFKYzc2alVvSTFWaGZBc2lmZHo4Ck1hUXlpTEFub2tDeXBwK3Z2RlFw
|
||||||
|
TUwvSXBMMWhKNzBPbTVFR21uT2FFS1UKLS0tIENyZEoxdG5pWHBGbnhOaCtacnVr
|
||||||
|
c1lzenUxZkJhNHFrOEVhc3Nad0tiblkKUfSvlAGnRfhlpr3FoKx4LPRJ/jlZTFOs
|
||||||
|
reL7J7kdM7UctjNpAZ8btlyu8DfhvKSOozsIdGkSBijBip/du/80Ag==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
lastmodified: "2024-07-16T23:56:59Z"
|
||||||
|
mac: ENC[AES256_GCM,data:bo8SHGmkNGQqR8nnlIKvAMzd+4vWJ19u9Kga2U1mOEYKMCyZ2nTXju6e327ppmx6KJUnzzieS7F8myE/5jzfd1+LyAN7QlL1xixtyLZH784Eh3c3Rd3sXKO/Tuj00gSsz8PsXzq8VK5RdR6NggxhMM6l3Mji4mTQibEzFQ0XPwo=,iv:6mAVBuMwxkO/ms0O/lpLEAg9lzVtZywMbwhL7diB4Z4=,tag:oGnwY5Ikc8qOrwNyiWqtGg==,type:str]
|
||||||
|
pgp:
|
||||||
|
- created_at: "2024-07-16T23:33:32Z"
|
||||||
|
enc: |-
|
||||||
|
-----BEGIN PGP MESSAGE-----
|
||||||
|
|
||||||
|
hQIMAwDh3VI7VctTAQ//egR02ZcmtW9DIl65MmIYoKVqAOKSN01J4Miyv991R28u
|
||||||
|
mnFG/MQGz+7b9B7J061oyoBN3tSSSgLHKHTrmZ16CSM6dgdyzcXz7Ul9dAalaSxw
|
||||||
|
zu2Q3YvZdQHU8SSKlKE2AkpC6WCMK3lMa340CWsdK+N61Th/WzpDB93NP1Y+mxDR
|
||||||
|
JWhJoLS9Rs9Lbwdhs03LGTnVpb/URpYtVQQcYypwR6JEn6RYJaLF199nv3pdvC/l
|
||||||
|
9VKnzJjpeU/E/2LGx6ovmF+wCRCp1bXYZLeTHIxmPBOIDfHFy3MyN16taUTZWIOL
|
||||||
|
oC+2FY4bXT2UUB7rZp0ciAZAybM4VpCgTA2oqIcwfiUvCxc6ib+sD7VvnOP27dbE
|
||||||
|
0BXit/oxdE1V5N80OV1DKOlK9urttRzMU4uazdDY4px7z91i1plJKsmrK1XLeP1B
|
||||||
|
55yiX9RHt68/7aRQfHshzOwi31vKNPCx+/PgiZSex7WzqwTwA31Gz2web9NiHALs
|
||||||
|
H9NuOuISFcjd/nTHTwfdDZ0OPuJpW+chXRS5u+02l5RyEVze4fc0+TBXuYFXIbVx
|
||||||
|
VLiSe4kJh8bFRplwCN5vpMWSgwL76rjo866mSSr4bK4H5wFStogOpZzhbxsGAvfv
|
||||||
|
ztZUQQhkg80OnAQVocJMm8lYrAFNmjwqm4dijaoxa7kWvRX/Sti3f13ZmrlU6eCF
|
||||||
|
AgwDC9FRLmchgYQBD/49WGCbRExcXg5DwAyvMIBrDFez+ZiOMYz8ehyswLnSIJmH
|
||||||
|
56lIXj7FKNbI9dVdm2K4lPik/9vrXYZ4vuaGo2W6WzSewRVkLc27XSPFOkENYC5J
|
||||||
|
fqGNwIMttYgtXNE1Cd+iL8IsQ1n9HoT44LoBjaU3X2Jvof04cFBp5jVjBEZ/LGTR
|
||||||
|
mv5EmaJoVrPkDjnx7sv1231WC9Q8LiA0NLsxsSJkQjFIPkxzTqUn6GDXZ6EnGFL9
|
||||||
|
WIb9eE7II6VvMijH4NJGjxwT2jG0ioYzSu1cNavICcQKDoSoSYYodBXdl/1XKABJ
|
||||||
|
TrAfxHAwKOKiuoudHg7/tNqYiInBENHdkMEVANH6fZrcIkzg9G/IlRkHr18NYmx0
|
||||||
|
UWfdP/ZIntQIAs5I2+SKUJldpa1/kvwBR+i7BoMeGtBxKCjVWc2sCne7Dq6+HK5V
|
||||||
|
QoU9Eu+k/L20zOL4swPQSiZ50zjS9oc0zjEkIP9vKUd2Gv2cgsyKyaTCh9ITuykS
|
||||||
|
UuJfK1kQMoYf+vV4ozq9MmbEUTSVKXl/cv0G5NdEGXOQ3bFzR/OQW+y3Z6dhRJPQ
|
||||||
|
xJ4pxBgadqIEW+AXpnR/0ezWjjD3khswtWagebf3Sr49RP52yYxaLowodSecZjGf
|
||||||
|
LsD6wvXtnwv9Ee0TzlCqCNWwSzVgTtfLZYwjVqq7HctCFlCc5qFz/wgmitkxxNJc
|
||||||
|
AV1QfUkykbrk5ExmG5tEy0WpEWjK0DKE0UMuL726B8rvs4DxClNajDhmwAA4ho4a
|
||||||
|
svimyhlwId1bOjIAzNiKLRQi9FcXhXX1BndWoTTf4hxufzIrhY5y4CpfUHI=
|
||||||
|
=OnB/
|
||||||
|
-----END PGP MESSAGE-----
|
||||||
|
fp: 4BE7925262289B476DBBC17B76FD3810215AE097
|
||||||
|
unencrypted_suffix: _unencrypted
|
||||||
|
version: 3.9.0
|
||||||
33
secrets/certs/sweden-aes-128-cbc-udp-dns-ca.pem
Normal file
33
secrets/certs/sweden-aes-128-cbc-udp-dns-ca.pem
Normal file
|
|
@ -0,0 +1,33 @@
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIFqzCCBJOgAwIBAgIJAKZ7D5Yv87qDMA0GCSqGSIb3DQEBDQUAMIHoMQswCQYD
|
||||||
|
VQQGEwJVUzELMAkGA1UECBMCQ0ExEzARBgNVBAcTCkxvc0FuZ2VsZXMxIDAeBgNV
|
||||||
|
BAoTF1ByaXZhdGUgSW50ZXJuZXQgQWNjZXNzMSAwHgYDVQQLExdQcml2YXRlIElu
|
||||||
|
dGVybmV0IEFjY2VzczEgMB4GA1UEAxMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3Mx
|
||||||
|
IDAeBgNVBCkTF1ByaXZhdGUgSW50ZXJuZXQgQWNjZXNzMS8wLQYJKoZIhvcNAQkB
|
||||||
|
FiBzZWN1cmVAcHJpdmF0ZWludGVybmV0YWNjZXNzLmNvbTAeFw0xNDA0MTcxNzM1
|
||||||
|
MThaFw0zNDA0MTIxNzM1MThaMIHoMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0Ex
|
||||||
|
EzARBgNVBAcTCkxvc0FuZ2VsZXMxIDAeBgNVBAoTF1ByaXZhdGUgSW50ZXJuZXQg
|
||||||
|
QWNjZXNzMSAwHgYDVQQLExdQcml2YXRlIEludGVybmV0IEFjY2VzczEgMB4GA1UE
|
||||||
|
AxMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxIDAeBgNVBCkTF1ByaXZhdGUgSW50
|
||||||
|
ZXJuZXQgQWNjZXNzMS8wLQYJKoZIhvcNAQkBFiBzZWN1cmVAcHJpdmF0ZWludGVy
|
||||||
|
bmV0YWNjZXNzLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPXD
|
||||||
|
L1L9tX6DGf36liA7UBTy5I869z0UVo3lImfOs/GSiFKPtInlesP65577nd7UNzzX
|
||||||
|
lH/P/CnFPdBWlLp5ze3HRBCc/Avgr5CdMRkEsySL5GHBZsx6w2cayQ2EcRhVTwWp
|
||||||
|
cdldeNO+pPr9rIgPrtXqT4SWViTQRBeGM8CDxAyTopTsobjSiYZCF9Ta1gunl0G/
|
||||||
|
8Vfp+SXfYCC+ZzWvP+L1pFhPRqzQQ8k+wMZIovObK1s+nlwPaLyayzw9a8sUnvWB
|
||||||
|
/5rGPdIYnQWPgoNlLN9HpSmsAcw2z8DXI9pIxbr74cb3/HSfuYGOLkRqrOk6h4RC
|
||||||
|
OfuWoTrZup1uEOn+fw8CAwEAAaOCAVQwggFQMB0GA1UdDgQWBBQv63nQ/pJAt5tL
|
||||||
|
y8VJcbHe22ZOsjCCAR8GA1UdIwSCARYwggESgBQv63nQ/pJAt5tLy8VJcbHe22ZO
|
||||||
|
sqGB7qSB6zCB6DELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRMwEQYDVQQHEwpM
|
||||||
|
b3NBbmdlbGVzMSAwHgYDVQQKExdQcml2YXRlIEludGVybmV0IEFjY2VzczEgMB4G
|
||||||
|
A1UECxMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxIDAeBgNVBAMTF1ByaXZhdGUg
|
||||||
|
SW50ZXJuZXQgQWNjZXNzMSAwHgYDVQQpExdQcml2YXRlIEludGVybmV0IEFjY2Vz
|
||||||
|
czEvMC0GCSqGSIb3DQEJARYgc2VjdXJlQHByaXZhdGVpbnRlcm5ldGFjY2Vzcy5j
|
||||||
|
b22CCQCmew+WL/O6gzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBDQUAA4IBAQAn
|
||||||
|
a5PgrtxfwTumD4+3/SYvwoD66cB8IcK//h1mCzAduU8KgUXocLx7QgJWo9lnZ8xU
|
||||||
|
ryXvWab2usg4fqk7FPi00bED4f4qVQFVfGfPZIH9QQ7/48bPM9RyfzImZWUCenK3
|
||||||
|
7pdw4Bvgoys2rHLHbGen7f28knT2j/cbMxd78tQc20TIObGjo8+ISTRclSTRBtyC
|
||||||
|
GohseKYpTS9himFERpUgNtefvYHbn70mIOzfOJFTVqfrptf9jXa9N8Mpy3ayfodz
|
||||||
|
1wiqdteqFXkTYoSDctgKMiZ6GdocK9nMroQipIQtpnwd4yBDWIyC6Bvlkrq5TQUt
|
||||||
|
YDQ8z9v+DMO6iwyIDRiU
|
||||||
|
-----END CERTIFICATE-----
|
||||||
15
secrets/certs/sweden-aes-128-cbc-udp-dns-crl-verify.pem
Normal file
15
secrets/certs/sweden-aes-128-cbc-udp-dns-crl-verify.pem
Normal file
|
|
@ -0,0 +1,15 @@
|
||||||
|
-----BEGIN X509 CRL-----
|
||||||
|
MIICWDCCAUAwDQYJKoZIhvcNAQENBQAwgegxCzAJBgNVBAYTAlVTMQswCQYDVQQI
|
||||||
|
EwJDQTETMBEGA1UEBxMKTG9zQW5nZWxlczEgMB4GA1UEChMXUHJpdmF0ZSBJbnRl
|
||||||
|
cm5ldCBBY2Nlc3MxIDAeBgNVBAsTF1ByaXZhdGUgSW50ZXJuZXQgQWNjZXNzMSAw
|
||||||
|
HgYDVQQDExdQcml2YXRlIEludGVybmV0IEFjY2VzczEgMB4GA1UEKRMXUHJpdmF0
|
||||||
|
ZSBJbnRlcm5ldCBBY2Nlc3MxLzAtBgkqhkiG9w0BCQEWIHNlY3VyZUBwcml2YXRl
|
||||||
|
aW50ZXJuZXRhY2Nlc3MuY29tFw0xNjA3MDgxOTAwNDZaFw0zNjA3MDMxOTAwNDZa
|
||||||
|
MCYwEQIBARcMMTYwNzA4MTkwMDQ2MBECAQYXDDE2MDcwODE5MDA0NjANBgkqhkiG
|
||||||
|
9w0BAQ0FAAOCAQEAQZo9X97ci8EcPYu/uK2HB152OZbeZCINmYyluLDOdcSvg6B5
|
||||||
|
jI+ffKN3laDvczsG6CxmY3jNyc79XVpEYUnq4rT3FfveW1+Ralf+Vf38HdpwB8EW
|
||||||
|
B4hZlQ205+21CALLvZvR8HcPxC9KEnev1mU46wkTiov0EKc+EdRxkj5yMgv0V2Re
|
||||||
|
ze7AP+NQ9ykvDScH4eYCsmufNpIjBLhpLE2cuZZXBLcPhuRzVoU3l7A9lvzG9mjA
|
||||||
|
5YijHJGHNjlWFqyrn1CfYS6koa4TGEPngBoAziWRbDGdhEgJABHrpoaFYaL61zqy
|
||||||
|
MR6jC0K2ps9qyZAN74LEBedEfK7tBOzWMwr58A==
|
||||||
|
-----END X509 CRL-----
|
||||||
|
|
@ -4,6 +4,15 @@ leon: ENC[AES256_GCM,data:5OAaO/8XiOJEUicx+otLoUUG9w==,iv:cxoNYOQCFIjX53ZgaL/Pu4
|
||||||
caldav: ENC[AES256_GCM,data:CfWibtX+/BJcpXJNlpO8dpYJsdORzQZX5pEXX82CB2z+ZpIhIF66+x1GsXFFgP+MnQOS6O7hSUgckxtJBh7Bmy9jLmcdf3VMwnaAcg==,iv:bcahyj8MXSxvFOveFnXbEWHG03yHURb2zWelT5MiDo0=,tag:EguaYYuYNZUQlrKE8zjjrQ==,type:str]
|
caldav: ENC[AES256_GCM,data:CfWibtX+/BJcpXJNlpO8dpYJsdORzQZX5pEXX82CB2z+ZpIhIF66+x1GsXFFgP+MnQOS6O7hSUgckxtJBh7Bmy9jLmcdf3VMwnaAcg==,iv:bcahyj8MXSxvFOveFnXbEWHG03yHURb2zWelT5MiDo0=,tag:EguaYYuYNZUQlrKE8zjjrQ==,type:str]
|
||||||
restic: ENC[AES256_GCM,data:YZv3dsx2U1XHfv4=,iv:82WoS3n6nlZpPLrwKFRiYwVSvB4R3AfQQDSR6vjiyno=,tag:Y88Lz2i43UEjUduUmfz/OQ==,type:str]
|
restic: ENC[AES256_GCM,data:YZv3dsx2U1XHfv4=,iv:82WoS3n6nlZpPLrwKFRiYwVSvB4R3AfQQDSR6vjiyno=,tag:Y88Lz2i43UEjUduUmfz/OQ==,type:str]
|
||||||
swarselmail: ENC[AES256_GCM,data:QqOGUsip/nmbwFcCX5EhM9u3hCNN4onZpsQAg6qS6lw=,iv:LvQEHkhHJ7+7r4iV1VhxxPW23hJ+h6RMcNIX3NTlB0Y=,tag:/+iH0P/Dmc5m6DLUeUikGw==,type:str]
|
swarselmail: ENC[AES256_GCM,data:QqOGUsip/nmbwFcCX5EhM9u3hCNN4onZpsQAg6qS6lw=,iv:LvQEHkhHJ7+7r4iV1VhxxPW23hJ+h6RMcNIX3NTlB0Y=,tag:/+iH0P/Dmc5m6DLUeUikGw==,type:str]
|
||||||
|
swarseluser: ENC[AES256_GCM,data:sBfmHzW4Abu/rMHopLWmSglC+l7e6UwiobIQ3+FewlnOnUzj0sD1GASq4q+VwIv141CHT+0d0iGk880iVIQpx2jxh+EefnxRUQ==,iv:/KzkOkMab6oTbWIT6ZZdIJNNlaJiiAy9SfTBsvumGBc=,tag:ZNfk7EXK5xX7W8NpdRyAJQ==,type:str]
|
||||||
|
ernest: ENC[AES256_GCM,data:jgzoxnhq3Sk=,iv:oDhm5MA7vR3y/osIbancG4OUQ4HansY6MhB2FxYdzuw=,tag:wYmCak6t0CAhCj8oWhC27g==,type:str]
|
||||||
|
frauns: ENC[AES256_GCM,data:zRnPcOCmwHs=,iv:Un3iCZU7Btp2F6xrJs7e4Kyy0YdP/N+o03sDHOIbr1s=,tag:v+PD9BJl+j2V8fKFb2Tr/g==,type:str]
|
||||||
|
hotspot: ENC[AES256_GCM,data:8SWbiTvii+E=,iv:6aU6JNLVeCM520Sc8EQkXB+DFPqhu6CI9eYqSzC1Aw0=,tag:gNbZHFL09yyfet7YB59FVw==,type:str]
|
||||||
|
eduid: ENC[AES256_GCM,data:OR5yB7pfunrHMCWqsBPU13wDwgbw6qBj2Bn5q4Q=,iv:2tUTXUGpd3sDU44h203xU7VuEGV/7yUMzW073N/WEp8=,tag:+FyxO1wK9vsOeZ7+xnNYLQ==,type:str]
|
||||||
|
edupass: ENC[AES256_GCM,data:iLH0v9pAGWLt7PU=,iv:wJbW71SnKyi07UMropNYHAyPhf9P7VSO8GZpDY5TAsg=,tag:hAt+atdz5QR9GaQJauLwmg==,type:str]
|
||||||
|
handyhotspot: ENC[AES256_GCM,data:Am6KgE4VAV4=,iv:wcn9F6bRqPN368ZkGRvl9r4+2cvShfWnm+dI4AbAK6Q=,tag:mBfYH3segy9u4qOJfsCPcw==,type:str]
|
||||||
|
vpnuser: ENC[AES256_GCM,data:JOwgeXVc+U8=,iv:m5/iyZloymJ5WqX0O6lAMNFauh755R76Vae89vkULhk=,tag:Y+ecq8rPKMGSwXeXLdfAGA==,type:str]
|
||||||
|
vpnpass: ENC[AES256_GCM,data:8PAAEfmNFLOTDA==,iv:GBQAF2IxqL6rfrxwm69GsAkfACSzTPac+7Cl6EX9bpw=,tag:S8/+TzL2icVouFVhkxc0OQ==,type:str]
|
||||||
sops:
|
sops:
|
||||||
kms: []
|
kms: []
|
||||||
gcp_kms: []
|
gcp_kms: []
|
||||||
|
|
@ -46,8 +55,8 @@ sops:
|
||||||
Q0NTRzR0cFVPT2phTlUyL0phU25TdncKD/4ZFw/oR2FEm0U8hUkF6ts5AkxfdXrS
|
Q0NTRzR0cFVPT2phTlUyL0phU25TdncKD/4ZFw/oR2FEm0U8hUkF6ts5AkxfdXrS
|
||||||
2KdJTSXqy+UmbMHSoapcMQoeaOkfpIpmHZZzwhHzOBd3YPtBYMc91Q==
|
2KdJTSXqy+UmbMHSoapcMQoeaOkfpIpmHZZzwhHzOBd3YPtBYMc91Q==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
lastmodified: "2024-05-29T13:25:38Z"
|
lastmodified: "2024-07-16T23:20:25Z"
|
||||||
mac: ENC[AES256_GCM,data:4zcLmHkzyg4UEHsDYNEKQ6gmgHHBquGWd2hMVYHg/1k2XPd24mNKOPSj9yLxJKkXKpKRRLi6M0HyxbSeONnP+YiNEvmjt9RM8DqOz+ykG7IPmnVUaLtWysS1aM46fUFBTQFhneZ3flypRbByHtaA7k+SIp86249A3ooffL0HWyY=,iv:SC7dfSEhesTCI2M8PRKUYCIWynlu1l2oW4wgCvtvnuw=,tag:u40eCLDX14/aJRJRSeb1GQ==,type:str]
|
mac: ENC[AES256_GCM,data:o/VXKsxpvHbXCynyPMoVHpFPjJTDLZASIJ13yntB42fYg5xKEAQJE7+AVlL/HEprP8NlJ2yV2KSC64nALqucz1gkzFjZTNBYINpz6bgehkZ1/58Qoln/1cUvn3jwgbHY+cxvYsAeA+cmTYQf3yD7Eng2HmfN4r/jKbQpOgssSBY=,iv:7GwCMJH7v61KBBfiyLFXe+PcnAjk8/nF3Qrsne7GhIA=,tag:XHrconuMvauPoF3JlVhEhQ==,type:str]
|
||||||
pgp:
|
pgp:
|
||||||
- created_at: "2024-02-07T21:17:55Z"
|
- created_at: "2024-02-07T21:17:55Z"
|
||||||
enc: |-
|
enc: |-
|
||||||
|
|
@ -81,4 +90,4 @@ sops:
|
||||||
-----END PGP MESSAGE-----
|
-----END PGP MESSAGE-----
|
||||||
fp: 4BE7925262289B476DBBC17B76FD3810215AE097
|
fp: 4BE7925262289B476DBBC17B76FD3810215AE097
|
||||||
unencrypted_suffix: _unencrypted
|
unencrypted_suffix: _unencrypted
|
||||||
version: 3.8.1
|
version: 3.9.0
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue