Compare commits

...

2 commits

Author SHA1 Message Date
xqtc161 f77439160e Update keys; Add sops to systemPackages 2024-07-03 18:37:01 +02:00
xqtc161 f46f6ff427 Add lilith key 2024-07-03 18:35:23 +02:00
3 changed files with 28 additions and 15 deletions

View file

@ -4,6 +4,7 @@ keys:
- &hosts: - &hosts:
- &asmodeus age1lznc3dadzpc7vllpvnpdf8samadleep7sxfg0dnpzwl0nngzdv7suu73rh - &asmodeus age1lznc3dadzpc7vllpvnpdf8samadleep7sxfg0dnpzwl0nngzdv7suu73rh
- &beleth age1xf86ak2hu5efux42au4x7wlxqpxqpuld7kd6nnr2qzhl662wy3vq940d4p - &beleth age1xf86ak2hu5efux42au4x7wlxqpxqpuld7kd6nnr2qzhl662wy3vq940d4p
- &lilith age13704a3s08stwndvduk2qsqmkg703utsn96ak3gzexggvrdx3cpxsrlx92n
creation_rules: creation_rules:
- path_regex: secrets.yaml$ - path_regex: secrets.yaml$
@ -12,3 +13,4 @@ creation_rules:
- *xqtc - *xqtc
- *asmodeus - *asmodeus
- *beleth - *beleth
- *lilith

View file

@ -25,6 +25,8 @@
}; };
networking.firewall.allowedTCPPorts = [8384 22000]; networking.firewall.allowedTCPPorts = [8384 22000];
networking.firewall.allowedUDPPorts = [22000 21027]; networking.firewall.allowedUDPPorts = [22000 21027];
environment.systemPackages = with pkgs; [ sops ];
programs.nix-ld = { programs.nix-ld = {
enable = true; enable = true;

View file

@ -13,29 +13,38 @@ sops:
- recipient: age1jmqdy4ntgmunnh485qcvxg9yvc2rcvrwf8nq0jg8n4c5al7sza2qq3c80d - recipient: age1jmqdy4ntgmunnh485qcvxg9yvc2rcvrwf8nq0jg8n4c5al7sza2qq3c80d
enc: | enc: |
-----BEGIN AGE ENCRYPTED FILE----- -----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1UXN2bWFuL1oyUWY2aEMx YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB0MWZ2V0x6UW5ZQVlmZWlC
NkVJK0VZRHVZYVBzRDZQdFloWTFDbWJTdW4wCkkvdGozT2VzRTJjVnE5MExPRERR Tm11WGhKWGJWZWZmblVoc3k3NVVRcmd4T3pZCllJOXM0bU1WMGE4aVBIaWNRSkNH
eHVzazQxajg0Nm9DYWFMcWhiYXRqcmMKLS0tIDhGZWxsTEdlbnQ5TmE0V2gwVTlC cGFEQWNJK2FYcFJoT3NsNGpwc1hxWjgKLS0tIFdKaFM5Mk9QUjc4RVVtTi9zZEdv
U3ZRUXo2SlBSZitENnUwdFQxRzczczQKixuIzUUzWvr/587c2ALWqc+eb0tmwOGN Um5wM2FkOEFuN1dKWklRU00wVU5QVmcKUi/3VryE6dLnFFZc6ro+hvWybdgCDdFB
RTSBTCn5YM7RhoXqwvSWwb8Jkwa5gEajNo9c/yTKz14/TJFB3tJD/w== WWOiAK5uO/Tf8NVrLWbvd/a7byu8DODKsMFojW4PE4TLSHGyd5kXkQ==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
- recipient: age1lznc3dadzpc7vllpvnpdf8samadleep7sxfg0dnpzwl0nngzdv7suu73rh - recipient: age1lznc3dadzpc7vllpvnpdf8samadleep7sxfg0dnpzwl0nngzdv7suu73rh
enc: | enc: |
-----BEGIN AGE ENCRYPTED FILE----- -----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvZ3lBUDdrZWR5Qi91d2hQ YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBnUTBaT2JrWUM4YmZCdDNM
bzVSOStwTVVMeHhrZitmN2MvM0lWLyszMVVvCllwS0g3Z3NlMGN5Qy92eGdpMEND WU9zNGdCdlBPcHZCbzZ1V1UyTU50KzlGWm1jCjlCb3JXWFpmc21STVVzcUh4SGhI
NUczRDJWSGpYa3ljZkd5SmF2K3BDSlkKLS0tIGkrdkdHNXVUNEcxK0lqQzM2UFRX NGdGSFAzN2tQY2RRS295OEV2c1oybjgKLS0tIE5oTG83OGI1VWcxZEF1SVhqdURr
YWZYMUVlTEN0WGFrYm8xbEx1d3VwNUUKj7uYjZlxrzr3rtkKuhljgC2YRZFmAxzS T3lnRWp3VTR3dTF5eG1pMThObUl5S1EKYX6mkRgepGXI1TnGYl22kNmGNXRJB4z1
Jtv5WN8xnTGCLPQ3Pq7BfReDz5hVypBFtEc2xy/zBVgl+RQbs3oidg== IOzs8l2DsHtAJkj60MyJPL9enhvLmLQ2d5wIQkDZm/ZOdEjn8QXLFA==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
- recipient: age1xf86ak2hu5efux42au4x7wlxqpxqpuld7kd6nnr2qzhl662wy3vq940d4p - recipient: age1xf86ak2hu5efux42au4x7wlxqpxqpuld7kd6nnr2qzhl662wy3vq940d4p
enc: | enc: |
-----BEGIN AGE ENCRYPTED FILE----- -----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5UVQxUmd4Z3A0ZTVGMS9x YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5WDZ3RW1SSmhMWG5abW55
M0ZYV3RCN3hTenArZVZ3RHV4cGRGZEdCdUN3CjdyNDRDY0d3WmEycXNkb2F5OENu eGovbzZjelIxSi9GUTRIMjdaSmNMRzF6bHhFCmgvQlBLWmE4clBMUkYyTXVWYW5M
NGNVV2N2b3d3VmltMjd4M0NTWVhvQUUKLS0tIE1NWFFOcGV4YnBwcGNZSTkvNnFs Tk1zeTNQZWR1b2I5WmllbmdTbGlYcGcKLS0tIFQ3RDd0Z1lpd2dkUWlGcjUyZTJv
N2lwWWwxZFZkNzRRTXMxSDRNczZ3cEUKMC8rkGm0f0//n6yFaDTRpaFL8OE+4wEc ZjdMMGIvNWRWYlhRRXVCazVXYU9qU3MKBV8ypb76Mfu6l3t3UttiKEO/RYzYmGA4
zcpC9E/3rzB+DC8H/CB9DIa7/LO+RQzR0THjGjc4EtooX0/PTxvn4g== Z/5W2jW4xCmZpADkOby87wy+TXSGYinrE8k0a8FS2KMF6frABt54EA==
-----END AGE ENCRYPTED FILE-----
- recipient: age13704a3s08stwndvduk2qsqmkg703utsn96ak3gzexggvrdx3cpxsrlx92n
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvOHZtRXFiRkUwUWxMU3pt
UXNlcUpvbk1oUExyTlVFZDVZTmc0UEV2OGtFCi9iVWRRU1NhRlRhUys5dGJjVEV3
cUNtbE0zZDUyd2s1NWE5SSt5bGxRVjgKLS0tIGF4dmVsM1MrY2JUYVJEdk9EN0xV
VGQxNXhUWnNpWC90dUI5QjZFV1FJalkKQqJJoTi5tu1/s+/0MZ38h8O9cRPOGgYp
JVAoJJjfdYw3aiCnktmeBLg1MINE3LFFAyilvGvVIdBZMjc5fZFLlA==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2024-07-03T14:48:29Z" lastmodified: "2024-07-03T14:48:29Z"
mac: ENC[AES256_GCM,data:LHH3qUI92p9PFkheFlHV4EwfMebLnHyrEr6iyMCOPWLh+vyai039gFHP/qZuKO51qgQdWiNYagwTNGwh/wCPUsXqmrT6/zyUVRzY+qM8ei0mTsyATPT2N/nFurb0HUueSO1rNzkYFbb6Io+5KdkQQbgbXoKxVV3xaWPB0FvB5cg=,iv:YmO2DvOP+5XUFs+r2ywn3mS8igxwhdoMB4VmtFsxVDU=,tag:udN3POCZVJvh2MircwckKQ==,type:str] mac: ENC[AES256_GCM,data:LHH3qUI92p9PFkheFlHV4EwfMebLnHyrEr6iyMCOPWLh+vyai039gFHP/qZuKO51qgQdWiNYagwTNGwh/wCPUsXqmrT6/zyUVRzY+qM8ei0mTsyATPT2N/nFurb0HUueSO1rNzkYFbb6Io+5KdkQQbgbXoKxVV3xaWPB0FvB5cg=,iv:YmO2DvOP+5XUFs+r2ywn3mS8igxwhdoMB4VmtFsxVDU=,tag:udN3POCZVJvh2MircwckKQ==,type:str]