🔐 (secrets) rekey secrets

This commit is contained in:
Laureηt 2024-01-13 16:29:01 +01:00
parent f918c1fec3
commit 5895a66911
Signed by: Laurent
SSH key fingerprint: SHA256:kZEpW8cMJ54PDeCvOhzreNr4FSh6R13CMGH/POoO8DI
4 changed files with 13 additions and 27 deletions

View file

@ -1,7 +1,6 @@
{ {
description = "Laureηt's infrastructure"; description = "Laureηt's infrastructure";
# TODO: rekey les secrets + changer la key de cesium
# TODO: luks encrypt cesium (dropbear ?) # TODO: luks encrypt cesium (dropbear ?)
# TODO: setup disko sur silicium # TODO: setup disko sur silicium

View file

@ -1,12 +1,5 @@
-----BEGIN AGE ENCRYPTED FILE----- age-encryption.org/v1
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IGtaRXBXdyBCSFps -> ssh-ed25519 kZEpWw GRcmqKupwo/EZ5c28pu4Te0ODGmWU0rL+3HIbg7qgFE
YjhJT3l2NVMwUlc1L3laWmRoaHRjZUpzbFZyMXA2K3diZ1VuZWdzCktYa0V5Ujk5 dfnJzw6kZGgZQFoXjCNAOTnoLf4TO7ZTNT0ob0Q0qO4
M2JndmxSMkZpZFZCN25uaVFDMk1aNDJhbmo4YlU1MVVMTkkKLT4gTGo+Ti1ncmVh --- G6vG/80pcxtFNhbMacVxv393O4U9cpQEA8t0b4KMUzk
c2UgWFVaL0cKTTJ6ZGpRNzVkQTdBL00rd1NIVFpwQkV5WmVPWWJLMWNlaE51cDVy bØeãÝ$Çc•`.k#Ç^ºýƒ:ª"Κüh8]·÷î­—d$j"òaŸM»Åu@i Zק^e½Ïi ¶ÉÝ¢eìáô&¥åÒe÷,åçú–-¶yäFŽ m,„¤åÁ"‰ÊC¨ã[™Ï*\ÈôŒ7Õƒù•(jcÇCVf
ajVJd3VOL1pUSkxJVGJiejFQR3UwWFdQQwpqN2tTZzhWem85TGhEYmtRM3lKNHpz
azlreEFvbFgwYWxJK0JxMGV1MUFlUHQ4dVppYUtScjZ5Vjl2N1VQa21hCgotLS0g
bXA2YUxBNEc4NThjKzNKSXlNcEE5TE1DbWxoVUcxZTRLYXZrY1Rrb2cyTQqFtX6u
I6xKT4GsVsZONMHURFyBrwC6f9nyDcZv7w7i+0WjpalP3k26D3pLbB4I3g5p3X8U
A60vagUy20vBPYYh9P2dGsLDieGq6GRxQfwIXHkxZ+d7akAi3n+p5ltfJ2h9Zuti
RRBKtnxVIaHp6TZjausCKVfvIXW540gQogiUjadPm7xt
-----END AGE ENCRYPTED FILE-----

View file

@ -1,13 +1,7 @@
-----BEGIN AGE ENCRYPTED FILE----- age-encryption.org/v1
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IGtaRXBXdyBaTENK -> ssh-ed25519 kZEpWw wwRzGnuU1emv5/dIg1nmg6gsFIq+b/JBdML9nlZ54V8
NGt2K1pRRll2cStROFJDT0hMVzVSWEJQRmErUHpVVndyQzBDUmlvCnhlREd3YWc5 uw2/wrycilU5m0QH/JHVADH41mAqcl7udmfpKAwMQAY
c09LdldNeXZwMmg2SlNLRXhrelVwNnRua3BHN2JLYWlyZE0KLT4gc3NoLWVkMjU1 -> ssh-ed25519 mQMqbw OnupY43Uc/RGdHHUj9ItT5QBiASqwMpyih4Xnq1JSRU
MTkgdjhFOVV3IE1acEhiTElpTzVQc3ExdkNVaG41SlQ2TXUrcTZJVE9Oc1hqRVNt 1PEkalnMjdgObz6euu0PbuutOyly/F5AGYEzYWcWpgg
clhMMGsKZ1Z1THRhZzZ3MkNHODV3RWllbzJUSk4xTk1DcGl2MzV3UFlGZXdZRldz --- /KSY8DngUMetAF2hSb/scg2ZcV2I2bGu6B1JsdWHH+k
VQotPiA8ODZhZjAtZ3JlYXNlCjJidUIrVmZ3MHdYVUlzdDl2VHIzK3BUWUQxOGVG §ƒEêŠvR1/$~XJѹ Ì#õ¶<tÙbC¼ÎQ5(y¬¾BÁoüõ(ÁiÙÂg.ÉØyt{tJW¡™A¸c7D\tž#Û¥\§îR×p¥±Ÿ({"’¼¨864Å<34>Ó|úm}S÷§°ÚXPÇöªJ£¨~{>ÑWÈÅ0c%
OXFGMDNuY3VDTnNldEZjdlFQV2N2SUk1dkc2SnJ4b1ZXb3YKVzIrTVFxb1d0SE1X
Z3hSK0x2MWMKLS0tIHFwemhyYmxDSEhCUk90TW1nSmMxYVE2ajJYOUpNVG54SHBS
MWk2L01qMWcKhPYyts5zbaAtGuGVJpwReTxAj0iCR9Fqa3TwMzogeSEEZhyp3j3w
Vc+RiCM/ykf4DqFg/Xiulb2H+3TN0lT40UF2VEHbSnZFvJDDR9ltVwubI7fq8C5r
feA1+W0uQ7FDY4a+q1yjHcf47oirK6Q1+95hAn+Iq+koiEDP6TquTAWCaOIpMg==
-----END AGE ENCRYPTED FILE-----

View file

@ -1,6 +1,6 @@
let let
silicium = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINTvwXCT99s1EwOCeGQ28jyCAH/RBoLZza9k5I7wWdEu laurent@silicium"; silicium = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINTvwXCT99s1EwOCeGQ28jyCAH/RBoLZza9k5I7wWdEu laurent@silicium";
cesium = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAxh42mMYqftTU7WtfktZbkdMI07VuH7mhUv3m2Ca3fV root@cesium"; cesium = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDVxpWbNJl+OXe6YImMpsJprfuTd+9UJVTiteiuyx6oP root@cesium";
in { in {
"borgbackup.age".publicKeys = [silicium]; "borgbackup.age".publicKeys = [silicium];
"gitea.age".publicKeys = [silicium cesium]; "gitea.age".publicKeys = [silicium cesium];