mirror of
https://github.com/Stunkymonkey/nixos.git
synced 2025-05-24 18:04:41 +02:00
fix sops-nix keys
This commit is contained in:
Felix Buehler
parent
48d6936889
commit
312632ac57
8 changed files with 95 additions and 61 deletions
|
|
@ -4,10 +4,18 @@ keys:
|
||||||
- &serverle age14nt7qcsrye0vrpk0xcgcfmhkxwwumna39fpn83g3x0zml62skatqpnmhk4
|
- &serverle age14nt7qcsrye0vrpk0xcgcfmhkxwwumna39fpn83g3x0zml62skatqpnmhk4
|
||||||
- &newton age1s9spl75rwhgm3cvvqsr9rze5m0kuxqes2tsxjmq07xg5ycn5j47s2m0dlu
|
- &newton age1s9spl75rwhgm3cvvqsr9rze5m0kuxqes2tsxjmq07xg5ycn5j47s2m0dlu
|
||||||
creation_rules:
|
creation_rules:
|
||||||
- path_regex: secrets.yaml$
|
- path_regex: thinkman/secrets.yaml$
|
||||||
key_groups:
|
key_groups:
|
||||||
- age:
|
- age:
|
||||||
- *admin_felix
|
- *admin_felix
|
||||||
- *thinkman
|
- *thinkman
|
||||||
- *serverle
|
- path_regex: newton/secrets.yaml$
|
||||||
|
key_groups:
|
||||||
|
- age:
|
||||||
|
- *admin_felix
|
||||||
- *newton
|
- *newton
|
||||||
|
- path_regex: serverle/secrets.yaml$
|
||||||
|
key_groups:
|
||||||
|
- age:
|
||||||
|
- *admin_felix
|
||||||
|
- *serverle
|
||||||
|
|
|
||||||
19
nixos/modules/webapps/paperless.nix
Normal file
19
nixos/modules/webapps/paperless.nix
Normal file
|
|
@ -0,0 +1,19 @@
|
||||||
|
{ config, pkgs, ... }:
|
||||||
|
{
|
||||||
|
services.paperless = {
|
||||||
|
enable = true;
|
||||||
|
#passwordFile = sops...
|
||||||
|
mediaDir = "/srv/data/docs";
|
||||||
|
extraConfig = {
|
||||||
|
PAPERLESS_OCR_LANGUAGE = "deu+eng";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
webapps.apps.paperless = {
|
||||||
|
dashboard = {
|
||||||
|
name = "Paperless";
|
||||||
|
category = "app";
|
||||||
|
icon = "book";
|
||||||
|
link = "http://buehler.rocks:28981";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
@ -19,7 +19,10 @@
|
||||||
];
|
];
|
||||||
networking.hostName = "newton";
|
networking.hostName = "newton";
|
||||||
|
|
||||||
sops.defaultSopsFile = ./secrets.yaml;
|
sops = {
|
||||||
|
defaultSopsFile = ./secrets.yaml;
|
||||||
|
gnupg.sshKeyPaths = [];
|
||||||
|
};
|
||||||
|
|
||||||
#environment.noXlibs = true;
|
#environment.noXlibs = true;
|
||||||
|
|
||||||
|
|
@ -32,7 +35,7 @@
|
||||||
boot.loader.grub.device = "/dev/sda";
|
boot.loader.grub.device = "/dev/sda";
|
||||||
#boot.loader.grub.copyKernels = true;
|
#boot.loader.grub.copyKernels = true;
|
||||||
|
|
||||||
services.openssh.permitRootLogin = "yes";
|
services.openssh.permitRootLogin = "prohibit-password";
|
||||||
users.extraUsers.root.openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOFx6OLwL9MbkD3mnMsv+xrzZHN/rwCTgVs758SCLG0h felix@thinkman" ];
|
users.extraUsers.root.openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOFx6OLwL9MbkD3mnMsv+xrzZHN/rwCTgVs758SCLG0h felix@thinkman" ];
|
||||||
|
|
||||||
# Nix
|
# Nix
|
||||||
|
|
|
||||||
|
|
@ -1,9 +1,8 @@
|
||||||
borgbackup_user: ENC[AES256_GCM,data:9eCWsSi9U2b4XKKc,iv:PDS8TrbmU5XmefLFdi8XIQeu9Rq0y+yJkdGrND6F3ts=,tag:651RHA5y6all5+2rhdjCdg==,type:str]
|
felix-password: ENC[AES256_GCM,data:YTXU1NHsS7TvAea1,iv:Og0NclqcdWY9DjtOqe8EHHj1NaBcqZnvCHQVt06IEHg=,tag:8dt1yqKHlGYFWRkPSp9yZQ==,type:str]
|
||||||
borgbackup_host: ENC[AES256_GCM,data:qYwTGE5kdp/jsKK8scVAUCXfOAi787lwiFB3VlntIg==,iv:sFerbhHMCw1lwm9CzAAW7G1JwuZxvTxMzoKP6U5l7bI=,tag:Mi1QFDUo5rWzKXBQ1fsrZg==,type:str]
|
|
||||||
borgbackup_dir: ENC[AES256_GCM,data:B8KO2IsfYA==,iv:NjyxpK0xMBio2xFdcmbOj+CoS54A8b7AfXUbAlQqH8A=,tag:PkrlX7XtctsfUmbZCIi/0Q==,type:str]
|
|
||||||
borgbackup_password: ENC[AES256_GCM,data:BJReaY2D2vtOKRWBytbieEYIhMKxn3U=,iv:DJv8s1onfO1FAAJYLwcRszkG9SjC+sJMdvqLEwcggFk=,tag:WYJvEuRilMLaOVcvXkDH3w==,type:str]
|
borgbackup_password: ENC[AES256_GCM,data:BJReaY2D2vtOKRWBytbieEYIhMKxn3U=,iv:DJv8s1onfO1FAAJYLwcRszkG9SjC+sJMdvqLEwcggFk=,tag:WYJvEuRilMLaOVcvXkDH3w==,type:str]
|
||||||
borgbackup_private_ssh_key: ENC[AES256_GCM,data:WDVQaAmNMtZP99lCOpeMDnsL26gziDHlDDSnct7QXU9KgveNhDnnh4vGR/DaPlsnp76dVaNKf1vpspsJjtJ+BcEOg4SKU7xyODK5f5tglRJqapmTymASzERNF9joP8Py1lW15zlgGy4s/J9oAQ8gsfwy7aUGMlPr5xafHatbKPXiy+OnxekTTzT+H5eGaMl+q5nPKX8yOwnwBnPwp6DKvK+rTrqBptNsYBxw0MYgdEK1hW1YUxE9d4oZM3Mi7ggklK+ztspuXNpqkbogqc+1XIZN8vMaL9MK5zSJjuCw9lFYsfHctgiBlEuOy5Hn4tyEhu49uWVvoJLb+q7+gNJcbKBrisFd4c9fa7EnaQ4AenP2l1arZqlqjaqLNhD9FWI47o0neXe6TDAv1msIMXHibQVEVyNdktl6LBxQerXiGq33fWe3J5usaUFVi2N4sOF/Pn1Hta25OvuO2N2gUWh1bqi11wYzljS445LOOPBT3jkoceV2m+5R7fpF0soc/beKdj0dP6u5sfKbXFolHk1K,iv:4ZS/6PfyUwXlFaCYxpO0VkjBoH9zM9DJvF5I7fLYR+M=,tag:9m6RHNgr9TunQJp1Q5MqJA==,type:str]
|
borgbackup_private_ssh_key: ENC[AES256_GCM,data:4vSa7GLeznVLc2jaTKX3aS8yvpUbiqjYNOqye9D9saiGDX8c+/KZXcDTPVey5TDvo1MNzyL9cxD0KKBtig4KVW8yszgkbKbUEifJMsBtK6mlN2jHcaeIY3ZU6t7zqXo8szAYpPdxE6tJACEr/fcruBXW7ek67cKKqCO9zleEXBRbUHKf2lqCwIPdI6TY9N3h89iIZe5ECkChRF47Sb77W5PonIeDf8GBdZlZyiHvf0VpVH5RN8Ci/FNE+gqwkAOicTQCjWKhl+yZzemDYEET8V0ydrzlO1vY4WLSplZ85/HKc9I2rYVLJz/ITd1K+RswFLfq44RjBjCEWagsnAo7pY7I7sYC8UtFrXRByUDvV0YRR0QcN0dPSVMs4b5WNz+L44gIGfBKDUH7dKKiqU3u4WrLRmm7VH/JjRms5vVBYUij3OsKZi+nGPJqvtm+k0Nw+LZED4x7bGzUoA1tOE8LgvJVmByl8Gee8FHcAmJp/yOij4xkZ49VLDPGFFWwJATxLyTmmOCvcNkIO1kGf+zO,iv:dXREfmOLFSNSHHDOv+kiyuXyGqJLmOtxbiqEp91a/uo=,tag:r5WCIURzQsrXei6KegQIvw==,type:str]
|
||||||
initrd_ssh_key: ENC[AES256_GCM,data:kt8S7FKIApR8Td4IC57yEODiYn13UoDF+ry73nazi7YZCVPwT415cjIY9iH2/5MoWBwLA7Wd65/NnQQwkkE6ls+d7ra+U5YTKCQPfPEhywkWFn/0s61xyM+HyjOr06O+IYm9fhJloaiag8EBPHULh+3g6Ta05db/eWOYPctYa1xIKKSbXQCrnIrZp5R1SUqA5Lnxj+U9n1ZYLVSunXn4+mtTkyPv6mAAbnk+Kvj0eMIWY/9yu0r4q2Lx7ubf90EIfn29V501X9MArUKtzSfyP6Y3rOrCuq98uYlu9STTauQojdChDeiTreUtpqRnqtRvgK+AfNwxkY+GVQALgsxphbsiK3Y/LRmUBdp8Gqq5zJwzczlEIUkAOy2Wy/ewx0exJj2k9D05iI66kA76Aj6lSIwzoGm6aqqEA1rRWeylUDtVAwV55DE/FKtKc/49Me+Q+3K62t30IeApgY4X+H0gN8LUH6AOTqj8WEd7s7cfjWEzZJfntpToI4q9nQ7SQxTNuyD4GBS/bo/ExT1pgb7Q,iv:LPmxOBkyxpfoZ5YzuO4Nbf2dLXhxXvXOoiG1vYLY7wA=,tag:aDuSCFfFsdk66fi4hlcHhg==,type:str]
|
syncthing_key: ENC[AES256_GCM,data:BcZrknmzMHtR9KqMZ5Hf1aZNMcfmuODjL4x7NCWxdYAXPpAMC07p/OmWKRfEviD+2qdgCYWBe9G7sprn0OX/R4zECLgWiUgIqHO8c/NwV0jCzFU6GiSuJF63p+wnSHpOzJY8mfapnnyWpeHDNfTTmt0ArqIFv4L/lXR+VSa17vNxzNzdt/PG4spDKDjssrutGFnH/2NmMcBIa9HSylJpX1qFO9rbV8H20wRCJdLXnoFzsQJjdU6nUcFPNKqhauYZ5EAEDHNjN5T71h7EoYbl5rCdLcSFe5Pm0BEXXSAJ/yd3cZvgE9vQjaFoFzepgYijFqMp23hDOTH3A5tkmVGBKB0McpGVMhneJsBhiQecpcCNO5pD52MAH/ZerdmKQ6V2,iv:6i+Ky8CPcJwj9QNFxyq0zbGWLagKYzXq90l/Ootc5DM=,tag:WCHyhGCL/S7N296oy5Z3cA==,type:str]
|
||||||
|
syncthing_cert: ENC[AES256_GCM,data:l9Zt5hq+/ASSlzO6P2KD9vVnJnwSaJV8H+oWn54R5OJpTcajc7EsGHyGPEqUAtD6vE1gnCdp1F1hojuiEWi4tG7ShQfRs7cP4UuwD/tKLy3Tv9xCIZmHlC+kNU36DwfWGqXPAWF2msKfJDpi+xeLs1kOP39tN7rKXiszm9iJsDDxuUK9CL46MP2O9Wpz/RuWlBMLWQDVLLtc1CuDO7AYruIGGLNMImrMQVveDy41zX0BKBDZ9U/+sGLutCrNgtLyZ7c2fuiSNsOGcyCU4cOTfBHrzLSeafjo+OwRcCgYAY3kvMrL042Jpe/r7VP8WjZMsaMPj/UjMzMz46apaY8jAlfKgyYXJNqp6yHoeBZLKoXWxPTlSIr4SINb/6vMW55y4n2lN8ASbrOQALcgHytzjDWVNqRTidcCqxvVFEUecGUPans8aY4GZs7hgzyJBf4cfgk71MiRJYaj8woB009Ln8knXzrpYJoxpIAO5MFhS08zx0DuFQKI87MLxkw79ni3x/WM2QM1yUUcQho5Ji81FQB1IumLAWpF7zFzck6T0LomR1FszZ5s8kG0O4WawvqxLJPpEe1Gi7yw++vUt6W6dQKuj0H6z8GvNhBEzfd6xeR34aXK2WG2QSK0PH0CxM7WA+mMYCTqCsvqlCuVnslOGqhw82AVOm1d2pDJP4kxL0AA1mp1Kp2VacEXW3ny7pWOSa907a3cRO/9Xrx7bJlBUV7Kj07Otuuh76kTmtDPcOxRXs56BZu3xAkeF1ZrEdOF72jIgPdsgDJ6Cb6eymzLkDVULcp8ymX6rcedmdg+LnME0PR94AkZsmhqf0FnkEBuGluiS7d+a2HgSvzZLa9ZYzJQ5BnF2BHinkD5GTWHWlzS3cWRtyB7kArOUKpkUGpGU5mvLaCbBotvqMpQIDmRMTeOk5Z1vH2y82WBOp+kCnBPrZQlhezpGATTqYi5HSxyLNa+8k5D0gXyTtXyqYzNmr51ndEAojgGMMRNEXqTdcrAIylH1C7aNRa87qz1npxZn5ssp9K4yOlcD9vouZm03GPwGulIYg==,iv:iodoz33q0H8WtWAHCdkhD5lewtGp72Pu+H60EspHqQA=,tag:ePV6dUwdrNMdj8/dkNSJqg==,type:str]
|
||||||
sops:
|
sops:
|
||||||
kms: []
|
kms: []
|
||||||
gcp_kms: []
|
gcp_kms: []
|
||||||
|
|
@ -13,23 +12,23 @@ sops:
|
||||||
- recipient: age1hf8m9upp00dr7qv2kmqdr50fpvd9ejzkfu8yknqnuda2aas2tvrs4l3u7m
|
- recipient: age1hf8m9upp00dr7qv2kmqdr50fpvd9ejzkfu8yknqnuda2aas2tvrs4l3u7m
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5STRaTnBIRFptdlBMenh4
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHOHlyV1B4SE9maDhmTVhB
|
||||||
UnhKdlQ1bDVzQzJqenRHeERWeU1pRU9vT2tRCitBVFhBbXMvQ0p2YUs0b0d2Q2hW
|
RWIzbkdhZzhwVjVuUEcxN3pQL2VNTU9Oa0VZCnN5YUhSZUVFTUVMS3dLRDExSFBW
|
||||||
aHVxRWVnMWw2dkNIVVBBN1pTaUZIeWcKLS0tIEZZN3haVkVJL2dnRW05WDhtenJI
|
SHNNM0pKeDRITG5heXhrNVRFbFJ4WkEKLS0tIHR2a3RXcUNzbjZQNythTnk1T0d1
|
||||||
YlZ5RVdyOFBVVkJmRUFIeGFEbW1XdkUKM0U4vXxIbHx31btXdRVB4oXRiEPbDK2L
|
bnlMMmY2NHRncEEvTlNob0JJU3dLdE0Kjo2Ge3OVnClKgAyUHvi//Qx74fqhtxjw
|
||||||
nY/sf0N9AOnR3n+RaoCF+gM7VlykKECKsbW538Lba6nX46FZc+LcCQ==
|
7IlsnpkmHbPPbmTWtcXwzS8S8/2tcurMj9mG1wrDou3POr/aHMPs/Q==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age14nt7qcsrye0vrpk0xcgcfmhkxwwumna39fpn83g3x0zml62skatqpnmhk4
|
- recipient: age1s9spl75rwhgm3cvvqsr9rze5m0kuxqes2tsxjmq07xg5ycn5j47s2m0dlu
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKdWovR2dKYjNZaFZ1czJ0
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKWmp0dGtsU3ZiMjN3SjU0
|
||||||
VFZUMytvb0dKUk5qb3F5ZHpnci9ibUt0QlJjClZ6YUdrZWJLb1d1bEFNNzgwWnRH
|
OFpGdkJ1SitjMlJkSFVhZm5lYjZHUFRjYWh3ClFKM1d1RG9GbFg5V0dWOGs2WmQv
|
||||||
amVxYldDU21HUk5jUENQV0dSSGtqSE0KLS0tIE12WGFUU1gyM1l5U2ZhM2c1d1JW
|
OFZpTlU2V0xITUNmSXlyWlkwdHFmbHMKLS0tIHNKb1lSaTB6cnE3RytaRklpbzVx
|
||||||
SkFGQ04yWEhBY3FPSE5RaXZ6N1NmSUkKpLf4gOnPBx1ao5slYIfvK9sShRep2bqO
|
NmNwT3N5UEVabFdLTDhseFRjeVZaWFkKL3HGFqfttU1tXY4OhnIr1ABFsHB0R0CX
|
||||||
IZvlGcsX1EHP0WB8XT1f9GUjBaEM1ZdIlXfaWRW2DDrDbgs+usQq2A==
|
s6wxb0ilut32ijjtnGXMIIa9y6XsMTpYskTb9FdRP9VnQQGVrMfdew==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
lastmodified: "2022-06-06T12:48:22Z"
|
lastmodified: "2022-06-26T10:50:04Z"
|
||||||
mac: ENC[AES256_GCM,data:5vkt5me5m81mVJQ4X94dFh7jzkNllJTeG8hlVm+nctqrHj5zEUdk6CCTmOQ6w/EMqpNOFX1vpEy8eakmH00+prLYuAuHYEb8IHbAKTA8b2aekUZX8saCust0DLTkwgOGiQ64xNEfrfgwB//TlbrT0Dw6a68KenUy0+riJCDpMP8=,iv:YcOpLsV/4Ahb0Gh5vrlNQL/13UFMxqpH0VPg4b4hU7U=,tag:hmyKAHuCaTw6Y47uP5lIxg==,type:str]
|
mac: ENC[AES256_GCM,data:rGN/XKzcc6qgExntb5TBZKUynOKSz2imiFSvBqFPUogLpNyRKkcgDxzr2Zdy0eh+mRpoeqFCCnG4yLNKmg6LE5LOoPWC3PygFoI+5BzIAMPmruk4+jxU2hlv4FfjV+E1F3jtKZWOE/XjSqUq7JikQYupADi+2v/hOnzgJjQwLCo=,iv:yX6v75pGBWfRFtH3lrB58LhHcPaSsCexlrYKhe10bRc=,tag:OSX4qNAXb4lvUkzyTLcD5g==,type:str]
|
||||||
pgp: []
|
pgp: []
|
||||||
unencrypted_suffix: _unencrypted
|
unencrypted_suffix: _unencrypted
|
||||||
version: 3.7.3
|
version: 3.7.3
|
||||||
|
|
|
||||||
|
|
@ -24,7 +24,10 @@
|
||||||
];
|
];
|
||||||
networking.hostName = "serverle";
|
networking.hostName = "serverle";
|
||||||
|
|
||||||
sops.defaultSopsFile = ./secrets.yaml;
|
sops = {
|
||||||
|
defaultSopsFile = ./secrets.yaml;
|
||||||
|
gnupg.sshKeyPaths = [];
|
||||||
|
};
|
||||||
|
|
||||||
#environment.noXlibs = true;
|
#environment.noXlibs = true;
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,9 +1,6 @@
|
||||||
borgbackup_user: ENC[AES256_GCM,data:9eCWsSi9U2b4XKKc,iv:PDS8TrbmU5XmefLFdi8XIQeu9Rq0y+yJkdGrND6F3ts=,tag:651RHA5y6all5+2rhdjCdg==,type:str]
|
felix-password: ENC[AES256_GCM,data:KJ9FE6rGUgzUU/6l,iv:xBa0vUYucQJ2oDBlatKsBAHzgCbHadNF+icYSJrmLFM=,tag:dbx00YzlrJXxEzGdDWtXlQ==,type:str]
|
||||||
borgbackup_host: ENC[AES256_GCM,data:qYwTGE5kdp/jsKK8scVAUCXfOAi787lwiFB3VlntIg==,iv:sFerbhHMCw1lwm9CzAAW7G1JwuZxvTxMzoKP6U5l7bI=,tag:Mi1QFDUo5rWzKXBQ1fsrZg==,type:str]
|
|
||||||
borgbackup_dir: ENC[AES256_GCM,data:14thrxUMOl+2,iv:yjvQMCwcpN/AqbE/oLBNYbk3FpPHHibKZrxnK1gBdTY=,tag:CbEgg3WsNZ9MLw6iAMMW5A==,type:str]
|
|
||||||
borgbackup_password: ENC[AES256_GCM,data:+i3uY8b5K558QD86dtuAmaIxHDbh0k8=,iv:dvhqQYKY9ZvZVKs/j3mD3mqF5B6IgSX2RCC14eOMxJc=,tag:X8gJU1iOQGQfjJh4MaRYQg==,type:str]
|
borgbackup_password: ENC[AES256_GCM,data:+i3uY8b5K558QD86dtuAmaIxHDbh0k8=,iv:dvhqQYKY9ZvZVKs/j3mD3mqF5B6IgSX2RCC14eOMxJc=,tag:X8gJU1iOQGQfjJh4MaRYQg==,type:str]
|
||||||
borgbackup_private_ssh_key: ENC[AES256_GCM,data:WDVQaAmNMtZP99lCOpeMDnsL26gziDHlDDSnct7QXU9KgveNhDnnh4vGR/DaPlsnp76dVaNKf1vpspsJjtJ+BcEOg4SKU7xyODK5f5tglRJqapmTymASzERNF9joP8Py1lW15zlgGy4s/J9oAQ8gsfwy7aUGMlPr5xafHatbKPXiy+OnxekTTzT+H5eGaMl+q5nPKX8yOwnwBnPwp6DKvK+rTrqBptNsYBxw0MYgdEK1hW1YUxE9d4oZM3Mi7ggklK+ztspuXNpqkbogqc+1XIZN8vMaL9MK5zSJjuCw9lFYsfHctgiBlEuOy5Hn4tyEhu49uWVvoJLb+q7+gNJcbKBrisFd4c9fa7EnaQ4AenP2l1arZqlqjaqLNhD9FWI47o0neXe6TDAv1msIMXHibQVEVyNdktl6LBxQerXiGq33fWe3J5usaUFVi2N4sOF/Pn1Hta25OvuO2N2gUWh1bqi11wYzljS445LOOPBT3jkoceV2m+5R7fpF0soc/beKdj0dP6u5sfKbXFolHk1K,iv:4ZS/6PfyUwXlFaCYxpO0VkjBoH9zM9DJvF5I7fLYR+M=,tag:9m6RHNgr9TunQJp1Q5MqJA==,type:str]
|
borgbackup_private_ssh_key: ENC[AES256_GCM,data:WDVQaAmNMtZP99lCOpeMDnsL26gziDHlDDSnct7QXU9KgveNhDnnh4vGR/DaPlsnp76dVaNKf1vpspsJjtJ+BcEOg4SKU7xyODK5f5tglRJqapmTymASzERNF9joP8Py1lW15zlgGy4s/J9oAQ8gsfwy7aUGMlPr5xafHatbKPXiy+OnxekTTzT+H5eGaMl+q5nPKX8yOwnwBnPwp6DKvK+rTrqBptNsYBxw0MYgdEK1hW1YUxE9d4oZM3Mi7ggklK+ztspuXNpqkbogqc+1XIZN8vMaL9MK5zSJjuCw9lFYsfHctgiBlEuOy5Hn4tyEhu49uWVvoJLb+q7+gNJcbKBrisFd4c9fa7EnaQ4AenP2l1arZqlqjaqLNhD9FWI47o0neXe6TDAv1msIMXHibQVEVyNdktl6LBxQerXiGq33fWe3J5usaUFVi2N4sOF/Pn1Hta25OvuO2N2gUWh1bqi11wYzljS445LOOPBT3jkoceV2m+5R7fpF0soc/beKdj0dP6u5sfKbXFolHk1K,iv:4ZS/6PfyUwXlFaCYxpO0VkjBoH9zM9DJvF5I7fLYR+M=,tag:9m6RHNgr9TunQJp1Q5MqJA==,type:str]
|
||||||
initrd_ssk_key: ENC[AES256_GCM,data:G21oGK4o2M1l31EdH+ebvuQ/FErCW4kqCuAIkdLfPdkzHByBja22X4gadqwbMW43BxJ1aqlsPxO5l09ZRVnW4SY3Y2gAUQMgTUB58HgBr8m0a/48b6k7LXgLSbCasWnLCJ1e103+WaBar06DKL9EGO/+ckGRaoEE839tEksyKG+m/ijuk7F5jTiMIqkAloiqSp7UF85uNn6lytFZi2RVVJYbWjgRv6BpmgFlUnrEkWkwvF+dB61Lc+9uMOWMI2qCB8nJfiYrokxt6PNh7e1jN15vTJqWivkNwBl4gdesBzwRZIraHy8Q3m2Gl11g0Ai9x5GAFMQxzYMxIH/FTK5GlCi1mAqIX8vGp4nbuGUcbmt1jK9oLkVnRPg2u9G+qa8GduKfcDEWnIkepxNsR8aXolKGm+aDjD7pZFpJbn7YzzIgNXQBHvIcgL0DAYAaTPpZGno9gYFtqqlo9u2ltoha4nV8YpwrjJV4mTlswanSWNutWHLSuNDALvbzuFsjdXdJqKblXdeTk8h3i/eJx3pX,iv:vPOEYZGXyAlah8TRvRNQiI+rG5JZ+4//tCODeKS9XQE=,tag:mQM6R9a5iSYUBbAQC3KDEg==,type:str]
|
|
||||||
sops:
|
sops:
|
||||||
kms: []
|
kms: []
|
||||||
gcp_kms: []
|
gcp_kms: []
|
||||||
|
|
@ -13,23 +10,23 @@ sops:
|
||||||
- recipient: age1hf8m9upp00dr7qv2kmqdr50fpvd9ejzkfu8yknqnuda2aas2tvrs4l3u7m
|
- recipient: age1hf8m9upp00dr7qv2kmqdr50fpvd9ejzkfu8yknqnuda2aas2tvrs4l3u7m
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5STRaTnBIRFptdlBMenh4
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1dVYyRDRWUkNKQXN2c2N2
|
||||||
UnhKdlQ1bDVzQzJqenRHeERWeU1pRU9vT2tRCitBVFhBbXMvQ0p2YUs0b0d2Q2hW
|
MDVGajJzWVl4S2FkVkNHc1FlcEtYdmc1aVV3CmRFckplMWVyNVhJWDdNOFlXK2xK
|
||||||
aHVxRWVnMWw2dkNIVVBBN1pTaUZIeWcKLS0tIEZZN3haVkVJL2dnRW05WDhtenJI
|
VW9MdmdvbTkrQiswdlU3SkZhUU9TK28KLS0tIHdxY05qaHlHbGVMejBzYk5MUSty
|
||||||
YlZ5RVdyOFBVVkJmRUFIeGFEbW1XdkUKM0U4vXxIbHx31btXdRVB4oXRiEPbDK2L
|
cTF3ZTZKdm9WK29Da21oRU9ERVJVS00Kp/VflSZZB0evGinqjFBnqR1zI0CIwF5s
|
||||||
nY/sf0N9AOnR3n+RaoCF+gM7VlykKECKsbW538Lba6nX46FZc+LcCQ==
|
jqQhA0OQV5tHcP/SBoLRJeEn5iH7aAcUzXseV1DZ2kwkZ8eKUUWmdA==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
- recipient: age14nt7qcsrye0vrpk0xcgcfmhkxwwumna39fpn83g3x0zml62skatqpnmhk4
|
- recipient: age14nt7qcsrye0vrpk0xcgcfmhkxwwumna39fpn83g3x0zml62skatqpnmhk4
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKdWovR2dKYjNZaFZ1czJ0
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOd2ozNTBXMTB0UlBnTWZs
|
||||||
VFZUMytvb0dKUk5qb3F5ZHpnci9ibUt0QlJjClZ6YUdrZWJLb1d1bEFNNzgwWnRH
|
VVJqdC9nUXFHUjBBdGk2RjFaRVhTeS96WENRCjJUNGJNTmJ6Nmd0ME5XTjNyaGsw
|
||||||
amVxYldDU21HUk5jUENQV0dSSGtqSE0KLS0tIE12WGFUU1gyM1l5U2ZhM2c1d1JW
|
SFp2Z1F5djJETnpsa0tNOFJpY0F3ZmcKLS0tIEsrQ0tvZ09QeVdxTmhxSXdBUjAw
|
||||||
SkFGQ04yWEhBY3FPSE5RaXZ6N1NmSUkKpLf4gOnPBx1ao5slYIfvK9sShRep2bqO
|
a1BjcjVaM01UV0o5bTFTVTE5QUZKMmsKPAGYDf1FVtp4+Z/KUrI6z0aZYEwN1DYa
|
||||||
IZvlGcsX1EHP0WB8XT1f9GUjBaEM1ZdIlXfaWRW2DDrDbgs+usQq2A==
|
jKtA1IUXrmdaRllN0SfC+YjMXTk7IoJvrjagCv9Zo0zEKasfO8PL4g==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
lastmodified: "2022-06-06T12:47:04Z"
|
lastmodified: "2022-06-24T16:01:43Z"
|
||||||
mac: ENC[AES256_GCM,data:XQx8J0b8KDwek3WG10rBBD972y1KmFieZRvnLBIURiWOGp+M6haI44iVV1TKCfa9RRLMhhv1dn4KqHgZwQsDz1iuA9B48a9rFvEyaljD3DC9e89d92FSHpGM2+8ThSsLb9kCYRBHQ3piut9YFbq+CSnyCJ1I9x4tgbcw/NqWsjk=,iv:sD+QhkIQMoZhqG//7zBf9/wXl3fxwYG/JFE/VtF65OA=,tag:F+37as3mSR/sjCYpmcopbg==,type:str]
|
mac: ENC[AES256_GCM,data:ZdHbO7BUlRlJr4I7GwU0QxZl7NuAtK1o/9k8XraVm9ztBemMGW5lMAqEObyg4jN5tB/BtvomGTYspDAIncD5iPgxpbU2WCMdEh41zAhnweAbdHkgGtFo2Cy9WEolX5arfJrkq8lY/ZLe+2ehhvqFivmNpNwZ2PKRa3CwF523Ehs=,iv:RZ7BH9MJJR5moFGI1Q+GdRn/c57cjVSEpqbGv28Tcl0=,tag:IRU2XcT2eO9fUZbzjx3VSQ==,type:str]
|
||||||
pgp: []
|
pgp: []
|
||||||
unencrypted_suffix: _unencrypted
|
unencrypted_suffix: _unencrypted
|
||||||
version: 3.7.3
|
version: 3.7.3
|
||||||
|
|
|
||||||
|
|
@ -41,8 +41,10 @@
|
||||||
|
|
||||||
networking.hostName = "thinkman";
|
networking.hostName = "thinkman";
|
||||||
|
|
||||||
sops.defaultSopsFile = ./secrets.yaml;
|
sops = {
|
||||||
sops.age.keyFile = "/var/lib/sops-nix/key.txt";
|
defaultSopsFile = ./secrets.yaml;
|
||||||
|
gnupg.sshKeyPaths = [];
|
||||||
|
};
|
||||||
|
|
||||||
# Use latest kernel
|
# Use latest kernel
|
||||||
boot.kernelPackages = pkgs.linuxPackages_latest;
|
boot.kernelPackages = pkgs.linuxPackages_latest;
|
||||||
|
|
|
||||||
|
|
@ -1,4 +1,7 @@
|
||||||
felix-password: ENC[AES256_GCM,data:xISAZHKQgH4DcKTl,iv:Q9TbDnVz6dBquPLgXfFYcpDeFOQfGBTbuCOOWKNhXX8=,tag:Eq7EGOv5mZrtaET6h2eEwg==,type:str]
|
felix-password: ENC[AES256_GCM,data:xISAZHKQgH4DcKTl,iv:Q9TbDnVz6dBquPLgXfFYcpDeFOQfGBTbuCOOWKNhXX8=,tag:Eq7EGOv5mZrtaET6h2eEwg==,type:str]
|
||||||
|
borgbackup_user: ENC[AES256_GCM,data:E67CuFxRLJF/sZQq,iv:a0T86Ov5/sQEXC/Z1HNfp79goiUTtuDCFUbEc4pE1gU=,tag:si/Mt5jVLEEy3KU7cumiOw==,type:str]
|
||||||
|
borgbackup_host: ENC[AES256_GCM,data:uDB3/zFDonmnk+XPufgElTuJvOobkkqvK5p3HpIW6Q==,iv:+BN2PAzXtDYIsRU7ipg6Nk7TOQiVHuPlkyiw4+0fTHg=,tag:NQcAu5xbZp7iDqpKHEBE3g==,type:str]
|
||||||
|
borgbackup_dir: ENC[AES256_GCM,data:48GibEY3qNvE,iv:HDCDD9RXH4Wg0P8bbCE4vfpJXgNruZbMf2zdn4j6nHc=,tag:/G7Ot3l0FEqxjCDc6ItzMw==,type:str]
|
||||||
borgbackup_password: ENC[AES256_GCM,data:+LCiZ3ttCR4lsy3vJPPUdhbSKxbghoT3lg==,iv:FaIJoZggZNCRuHyfWUQ+DDSBFzbP8Nh90nn7+gUlRak=,tag:7FysidMti7NBkLyHvoYZtw==,type:str]
|
borgbackup_password: ENC[AES256_GCM,data:+LCiZ3ttCR4lsy3vJPPUdhbSKxbghoT3lg==,iv:FaIJoZggZNCRuHyfWUQ+DDSBFzbP8Nh90nn7+gUlRak=,tag:7FysidMti7NBkLyHvoYZtw==,type:str]
|
||||||
borgbackup_private_ssh_key: ENC[AES256_GCM,data:XO43VMaX0T0OlImTZWvmrKl5Ph48TMXVWNHcP0Ez9whJLTArnySImh5Tv5i9v7c4ASDypBuUarZYwbdcYbOBwJV3PQxD4RR7QSuP/nB3QVha7ytgGYPbH3CZ3+uHCCyf1f5ZUoZMxTrJRDGURJNKpfkCySizXvEHhrDiO1mLZzuHq7kRujNR/+ymDp9gooacMPwGunj3fd8P3QQ3t7EM844Q02tLVy5og82qDePw0h/S9CTjnJkt5Rjl/CCc/pKn9oZ9XYOG57RUOcWyyF0PTc4wlZiBnG1H/m0LvKt3ThnLNRrOrOyulven35gMbr0cfs1UeBcAj6OnmrFeWIa72d/JTSMCa+KtUuIWrG3H2InqVLan9rMrQpQl92onb6vEnCIlhZdgWfRjRotplcxCFlLKpAgUo+bIIuWpb5hIoTKjAuHmz2byNbEgeYxIMSty93aj1BEbMIuzmTjWabsd0vqkKKouzlCN+9avT1TBoOG2anOEHWmYs44wsJN30z4px5c7pEP3qWpXkPhf1ecz,iv:v73n2tYZ2b4NF0xjeBvC3rKijkchb93xZA+Z9LUzBqE=,tag:6yhSJH3UB3Rajr36WdcXfA==,type:str]
|
borgbackup_private_ssh_key: ENC[AES256_GCM,data:XO43VMaX0T0OlImTZWvmrKl5Ph48TMXVWNHcP0Ez9whJLTArnySImh5Tv5i9v7c4ASDypBuUarZYwbdcYbOBwJV3PQxD4RR7QSuP/nB3QVha7ytgGYPbH3CZ3+uHCCyf1f5ZUoZMxTrJRDGURJNKpfkCySizXvEHhrDiO1mLZzuHq7kRujNR/+ymDp9gooacMPwGunj3fd8P3QQ3t7EM844Q02tLVy5og82qDePw0h/S9CTjnJkt5Rjl/CCc/pKn9oZ9XYOG57RUOcWyyF0PTc4wlZiBnG1H/m0LvKt3ThnLNRrOrOyulven35gMbr0cfs1UeBcAj6OnmrFeWIa72d/JTSMCa+KtUuIWrG3H2InqVLan9rMrQpQl92onb6vEnCIlhZdgWfRjRotplcxCFlLKpAgUo+bIIuWpb5hIoTKjAuHmz2byNbEgeYxIMSty93aj1BEbMIuzmTjWabsd0vqkKKouzlCN+9avT1TBoOG2anOEHWmYs44wsJN30z4px5c7pEP3qWpXkPhf1ecz,iv:v73n2tYZ2b4NF0xjeBvC3rKijkchb93xZA+Z9LUzBqE=,tag:6yhSJH3UB3Rajr36WdcXfA==,type:str]
|
||||||
sops:
|
sops:
|
||||||
|
|
@ -7,26 +10,26 @@ sops:
|
||||||
azure_kv: []
|
azure_kv: []
|
||||||
hc_vault: []
|
hc_vault: []
|
||||||
age:
|
age:
|
||||||
- recipient: age14nt7qcsrye0vrpk0xcgcfmhkxwwumna39fpn83g3x0zml62skatqpnmhk4
|
|
||||||
enc: |
|
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXRUo1SC9MbkFveEQrczU4
|
|
||||||
OCtoZ1g0MDFjOGp3WHZ6d0gwVjNHcEdsckRBClhHblhwT2xicWJKazZjbm4xeEVU
|
|
||||||
alRBTksxUEloeDJWdC9wU3VmQ2YyWjAKLS0tIEZHNUlNUXNvd2JMTlllcldTeW44
|
|
||||||
T1JrV210WWQ3VTV0dEtidXoyMXQ0UmcKqFDvDdAVDjO23xZYQzmnmf7fbp23RnRC
|
|
||||||
6Uyi7N5nuJib3GWnMiiPfNI9aeq0IpehuevrvrPhsY42jqx7n+z/ug==
|
|
||||||
-----END AGE ENCRYPTED FILE-----
|
|
||||||
- recipient: age1hf8m9upp00dr7qv2kmqdr50fpvd9ejzkfu8yknqnuda2aas2tvrs4l3u7m
|
- recipient: age1hf8m9upp00dr7qv2kmqdr50fpvd9ejzkfu8yknqnuda2aas2tvrs4l3u7m
|
||||||
enc: |
|
enc: |
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvMzUxdEZEaGRuTTlNQ0Fk
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBuMHpBZmU4ZVo5UitOQ1la
|
||||||
YXB3TTZLR1BMMW1wd0dWM21JSmtCbVJJU1JNClNrdk9pM3NvaU5xdG1HZ2lqWW9v
|
UUNZNEU5OVFqM2hsY2g0YzRkemRvbUdyYVVjCjhFbDR2cUxTYUU2dU1Oekc4VEZ5
|
||||||
ZTJqeHJxL1dJbUN4aDZUU3V4QVM3QWMKLS0tIG1tR1A2V3FDMW1lZWJSanpKTGdi
|
K2JEd1JZMkFhUXhFaTVnTytFeFU4TmcKLS0tIG5zTGZ4OG9GN2tNVE5zUG95dXFk
|
||||||
V0RYMTRlSmtxQXgxeURDTWoxNW40MEUKsAaewEOrlH3XFXLs4vGt62J3uU9hlbkN
|
cG01NlA0YlpzcENqWjJMUkQwZXJMcUEKv94rjj5iHY1HAZQiE5yleC4f0WABcXbm
|
||||||
a+3MDTcPzwTdT46q7cRp/vLFvEtWj1alwY+wzF8m3H4aLy2pdKz7+g==
|
Wf4xYYCCWUmcTKXabIyPWn9eCNYCQgy29YTcTKu4/8BvebrGkRHuHw==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
lastmodified: "2022-06-05T10:38:15Z"
|
- recipient: age1spt854cdscqs757a8kazth52rv4p9udh54suw9lpzlqg5savyapq2u0c03
|
||||||
mac: ENC[AES256_GCM,data:CYINKjObzXgBDTjvkIOzvOzi+MuSnlcRGrD931CS+s+Cezp6wI0PnDa4hRtLgZpVsz3Q8D4gVDuSvT77w4EeU/FNWWJglYvB8gVP0/a6yGokn3KGpT6XGSvUJkvjpX4PAPrUSS6Eoqm16AEQFsqAST8cV/nHugDzXe7vgtv560U=,iv:/AZOg1/y8WFiZladDscVF5wo8olnAaCnMao5mcuEPi0=,tag:D0atRcbRZCboxr42mXAtrw==,type:str]
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBLSUlHb04rMGR5YWFhUUZq
|
||||||
|
QXVHYnZQUUdQc0FzbTgyalBPZktBdDVvZ2lRClpzcDltOFA0eFlqTGRUNFptcW1C
|
||||||
|
WGZyamIyNEFTQXQ4R2pmdU9FS3lma0kKLS0tIFphS0ZhbmxDb3A5MnVvaVJGT1Iw
|
||||||
|
bzY2ZTY1QUtSRjlOZ1E0Vkw5Q1cxYmMKqwvWUv2XpRIenGwCpZuwKQc0ZsiX2AAx
|
||||||
|
pmIh4f10G7wr1rLeodRi2KxYIrrudPbxEWIuzmBRyHc7+3EPpzLetw==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
lastmodified: "2022-06-16T10:04:20Z"
|
||||||
|
mac: ENC[AES256_GCM,data:8g6v+n6+a4n3taqlrkiIT29ZNhO1IY6JofH6UbQEKfVvTBQ9F0B+HGH0Y+eKcBtdEOf8wC2A75pf4VaPiCocp7sQozds5OkDAiUwlH0t5MeL6WrbQ0iOqB7qTi1syNsBTQKfGmqNyb2AtCBVRslRvmJEyng3WAVpF5IaPNuEvBQ=,iv:IyyarbvdmT/hXcjf4Y45FeZb5bKMwN+hLLBJe0thWbI=,tag:52eEvGx28vJJl7ulZ1euWw==,type:str]
|
||||||
pgp: []
|
pgp: []
|
||||||
unencrypted_suffix: _unencrypted
|
unencrypted_suffix: _unencrypted
|
||||||
version: 3.7.3
|
version: 3.7.3
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue