diff --git a/machines/.sops.yaml b/machines/.sops.yaml index ab17974..2e65fe2 100644 --- a/machines/.sops.yaml +++ b/machines/.sops.yaml @@ -9,7 +9,7 @@ keys: - &machine_moderatio 3b7027ab1933c4c5e0eb935f8f9b3c058aa6d4c2 - &machine_lucia 3474196f3adf27cfb70f8f56bcd52d1ed55033db - &machine_durruti 4095412245b6efc14cf92ca25911def5a4218567 - - &machine_vpn 66d360f3e1164bf664e8f2d9f90b44ccf8ff89a6 + - &machine_vpn age136npxupcslnv5hnhvph2gwj8efz8jvgtfuy9lelrgpwrkg0kfppsa6s8v3 creation_rules: - path_regex: moderatio/secrets/secrets.yaml$ key_groups: @@ -40,8 +40,8 @@ creation_rules: - pgp: - *admin_kalipso - *admin_kalipso_dsktp - - *machine_vpn age: + - *machine_vpn - *admin_atlan - path_regex: secrets/keys/wireguard/.* key_groups: diff --git a/machines/secrets/keys/hosts/vpn.asc b/machines/secrets/keys/hosts/vpn.asc deleted file mode 100644 index d417fa0..0000000 --- a/machines/secrets/keys/hosts/vpn.asc +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PGP PUBLIC KEY BLOCK----- - -xsFNBAAAAAABEACzyM+e0odv6+r3/n2eFJN02f0WAQJAUFflB6c94gx5pGEC4Hme -6nzQktuCkJSres+DxIAxB0Vwjz4so8rC6mdvruCTOU6QF6ksMVOBouf0Rv25rmaj -oQO5vzWEcu2mTBQrV9tO+aDe37SJxZYS7Dr6y2J8hCehHWN2h7fIQdpiQExRImwj -ZFG0WgeqxxRiCp08aBAQB4xPiagjNLSU2BeaQwVcIPLKSfRYB/7LNrnPDFyG2pKZ -SCGFDb6aaKwYs+7WyhUxijf1vB+xavzzgEhdh4sW4qxF4tMJ7/8yQC3FxYICI2se -MpA6gxtFFGa9Aw+QG6iBEd8MN/ReBbA3PfuxhXBix7O4OsQ+KRFQ+yvhSDtLBe6Z -iPkbWZhAfKMVuw2vYx2tb38pxvEhP2CWQhBwmLyKE/8rg6K1hdXXseL/R2Qia27X -QuQ8FdBkGnRdOqjRDPhCqTFdLR8cqVO2uNGQEVQ3RSN99gCDND0C6dx0nhHsGIRZ -2zh8ts2jc9gJ/hXPxgXDlMg5y/OESEoOgEpxyftVMnvFDSXyF/Iz5eyhLFROv50p -/poJmdBazkR6glh+KZuLQvt7QU74Y/5yn90d+oAizCWt9taHAlGdpFFv7zjZASea -Y4GS0Y/C9+4YPcNB5w/hmO/DKkGOoWXaye6XekJ6BcOwq6+KwBSqcRYNGwARAQAB -zSlyb290IChJbXBvcnRlZCBmcm9tIFNTSCkgPHJvb3RAbG9jYWxob3N0Pg== -=770m ------END PGP PUBLIC KEY BLOCK----- \ No newline at end of file diff --git a/machines/vpn/secrets.yaml b/machines/vpn/secrets.yaml new file mode 100644 index 0000000..6ff309a --- /dev/null +++ b/machines/vpn/secrets.yaml @@ -0,0 +1,68 @@ +wg_private: ENC[AES256_GCM,data:uuBYbOTiThZYiNetM+FOLFVMr/HII9otG4FvN5YvuRErvNjgmAYxVncV71k=,iv:Sy3HAEcALod2pL4IZ/GSjVybLAviOoO+DsW8OROzgTg=,tag:hynRmiilafVzWCjx2Xoxhw==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age136npxupcslnv5hnhvph2gwj8efz8jvgtfuy9lelrgpwrkg0kfppsa6s8v3 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3R3RYWGZTOHIrK29rSGVs + UFBvaDFNWGd0dTd2K0JTaXV4WldobjVPMzJnCjc2em4rUmY0R3VON29HZXRneHF5 + STh4VUxXcTlOcG81ZCtueVBTbnd3a3cKLS0tIEdEVElSMkxGcnF5a1pPbU5qblNB + YVdJRkVpeGZJTENMK3B6NCtHb1RqTnMKgmSZxCJIPM/J4AS81gYB2oNovj8p3KmX + b9fzYGoRmYURB61qHcbWU7i6/ejGpntd5uGzpAER+Wncr5DuupoZfw== + -----END AGE ENCRYPTED FILE----- + - recipient: age1ljpdczmg5ctqyeezn739hv589fwhssjjnuqf7276fqun6kc62v3qmhkd0c + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2SkZSdHJtR1gxRnVOR3Zo + VEZPc25WZ0srRG9GcncyOG43MUJrOU1GT2trCldOVXVENldpOStIRkFVQUtVaXc5 + Vm1iNnlJcDZQUDBPWDJFcjNiMGZ4SlUKLS0tIGxjN2tRNVMwdUJtUWsyWkRSYmlw + bmM5Qi9SRzVjdHU2N3hrRHBMTU5xc0kKYE16ox+fLiqI2/WRigwyl9/vsSJk4Vmm + ePZSOKoo2iwS+ZxXDUlbzZHUX0Y1hsAHkgA60mtzWUL/lFPj9S2SJQ== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-12-17T22:01:22Z" + mac: ENC[AES256_GCM,data:ctpzk2gUHSLThmZpRFwIBKX+SfwKt8/V8AWQbPnoBqJ9KwuHcRKkkT2yEMx3l2qKUy7DgrqRXhSVGbF57poXC9nshyjXMrrjMQA4PBB7a3SAwgpcX6j+aEx0xIt8GTUVxcn0xDvbP9xJ+adeACLUvkE+a4EB1jtdsL/iacxlv5Y=,iv:Zw+sG7oXmPRGa2jWc+mloGMBq6CnDQgz5x7ke5paeW8=,tag:RtfGmrSt8U8Je7Dq9FQGTg==,type:str] + pgp: + - created_at: "2024-12-17T21:55:28Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQGMA5HdvEwzh/H7AQwAnjxmm6LjOUNUEhGwkDiK06StK5fg3EXaNN0V/GA8aEcl + 2FAJ2EC66epPJQ0pMbBiuXrQI3tawGUkEL+J2Qm51qGpz7bVafbjUrRPDuOqO9Sl + kyxe9732u9NUKDofBAnwkv4paAHnFvJqUGpYIhnKuzVFgMjitKD4Lj/EkGsEjW+A + rS8B2C+8aUcxR6f8xxPui2pAKH7R95bQKsJHmpN9HOTkHd/0P8GJJI0F6rwPPnUD + 3YHsPzsvAXIvQadFyRzyz9Mfd47FuXG8DQYQdGQHem4s9QxSFrU8tG2CdFg6crd/ + huRf3BdbKptAV9E7N+z9UJudloK7pAEz1wI8cDrYm37EkeQ+Y3E7Ncl3twMuBhxO + b/6qs2sN6L4vGhyUPOqgdThcTLoi3W7VV59Zk21U3WqZcna+Vv4x50UdYrQdygsm + XQKVBkGLfC3WQEgl+xVtZynerlpAD3qMKdXb6hdAaar0AiNSQoNoubmMOPSK40Mt + rRc+8LLB1NxNdk/d6vjl0lgBQuTc/FjB64jeiBlj3ymU4EfVRwL233+yIwk4VW5T + gJCLYIwIEbGvs6NBM0HB1RlxEPKGG6cZeHjhq2mLVR1ICRoAVMG9oq0V563wlrBq + peNxBxsI8SA1 + =Irv5 + -----END PGP MESSAGE----- + fp: c4639370c41133a738f643a591ddbc4c3387f1fb + - created_at: "2024-12-17T21:55:28Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQIMA98TrrsQEbXUARAAh8JxMTVSBb4XcejACSSV32vOTj5b78JnZ0N2nVR/qlwW + NC+Qu/a3m+vOsJRyfwd3+EBozF7oRWvCG5WZxUgK1CTXm9QAeHLm+k0DZBjpS7LV + K3jLN5Bpu7asfqvXonwAt/c3ESJ7QeWPU98LzjKSPNwXfLM3bYmEQIt/JVF2nVll + +W4t/+1qG2T5+dKInZb49AY9nWS+SZeCUIIa739IL61ifEv4vi69wsi1CSWq10mp + Ibb56lCjCq2r44Vv1/Db2rm3rDz9mTQgvRAL0sTsGGsl34N9GbeROLxg+WF0m6Tr + rcMTthM/TcDQj4AbF7HItaNgUH04HNOjNUjf4aLpx3QiEvQ2KBpDfaUknSPAp++Y + 9j7nANC6U9XU1qDOE/+Ui4KfngBYs6XFd8cLLwaZoaHb23BLmK1z12AV0sFhG/bC + fPmYXN9Nv2aKELPNcq0pEBMu5aQer14ddCbCUt3KfwzwcQkpYcB/PoXpFBNGTxls + 4JkYY98FwALEYJH8LRlfMzoACNR4xzRF8c8IQCE+mCdKUXoxhxzRSQ/IrwOorQkr + HCBvoOLrSbsNRDExtCo7YhxFrtP4TaBodMpSK1zsvaixZWyBYylG4ilkU7XmIAHN + 4+eijX6avdfAwD7dihKvAToXSrwUZAeTwjh67SlMFSI7ocAQUmXGIxX8ilD1lwzS + WAGLipgRLgyaZ4i8BQSFVDPXxJv2JGAqtwdfs3NAdKF4ULTPebfI7c9gZ9f//IgH + hmSdKuI52BZRqjCuTAC+LyjLbLJu+cj8LAXc5Rw96yTvLEGeHt+1x64= + =ou4t + -----END PGP MESSAGE----- + fp: aef8d6c7e4761fc297cda833df13aebb1011b5d4 + unencrypted_suffix: _unencrypted + version: 3.9.2