diff options
author | Franck Cuny <franck@fcuny.net> | 2023-03-07 19:05:46 -0800 |
---|---|---|
committer | Franck Cuny <franck@fcuny.net> | 2023-03-10 18:20:16 -0800 |
commit | b41aae5c88283d6efc03dd60253e4c0006460e9e (patch) | |
tree | 3df7946b1c821be7b6dbd1d66c111efdb05082cd /hosts | |
parent | hosts/aptos: re-key all the secrets with age identities (diff) | |
download | world-b41aae5c88283d6efc03dd60253e4c0006460e9e.tar.gz |
hosts/tahoe: re-key all the secrets with age identities
This is using the public keys from: - my user on my laptop - the root user on tahoe - the backup key stored on the USB drive
Diffstat (limited to '')
-rw-r--r-- | hosts/tahoe/secrets/acme/credentials.age | bin | 461 -> 551 bytes | |||
-rw-r--r-- | hosts/tahoe/secrets/acme/gcp_service_account.json.age | bin | 2763 -> 2795 bytes | |||
-rw-r--r-- | hosts/tahoe/secrets/drone/secrets.age | bin | 703 -> 788 bytes | |||
-rw-r--r-- | hosts/tahoe/secrets/rclone/config.ini.age | bin | 575 -> 515 bytes | |||
-rw-r--r-- | hosts/tahoe/secrets/rclone/gcs_service_account.json.age | bin | 2660 -> 2786 bytes | |||
-rw-r--r-- | hosts/tahoe/secrets/restic/repo-systems.age | 21 | ||||
-rw-r--r-- | hosts/tahoe/secrets/secrets.nix | 9 | ||||
-rw-r--r-- | hosts/tahoe/secrets/sendsms/config.age | bin | 628 -> 627 bytes | |||
-rw-r--r-- | hosts/tahoe/secrets/syncthing/cert.age | bin | 1248 -> 1325 bytes | |||
-rw-r--r-- | hosts/tahoe/secrets/syncthing/key.age | 22 | ||||
-rw-r--r-- | hosts/tahoe/secrets/unifi/unifi-poller.age | bin | 456 -> 430 bytes | |||
-rw-r--r-- | hosts/tahoe/secrets/wireguard_privatekey.age | 21 |
12 files changed, 41 insertions, 32 deletions
diff --git a/hosts/tahoe/secrets/acme/credentials.age b/hosts/tahoe/secrets/acme/credentials.age index 1a3f92f..62f2d8e 100644 --- a/hosts/tahoe/secrets/acme/credentials.age +++ b/hosts/tahoe/secrets/acme/credentials.age Binary files differdiff --git a/hosts/tahoe/secrets/acme/gcp_service_account.json.age b/hosts/tahoe/secrets/acme/gcp_service_account.json.age index d90b0e5..861220a 100644 --- a/hosts/tahoe/secrets/acme/gcp_service_account.json.age +++ b/hosts/tahoe/secrets/acme/gcp_service_account.json.age Binary files differdiff --git a/hosts/tahoe/secrets/drone/secrets.age b/hosts/tahoe/secrets/drone/secrets.age index c0eb97b..04b29c0 100644 --- a/hosts/tahoe/secrets/drone/secrets.age +++ b/hosts/tahoe/secrets/drone/secrets.age Binary files differdiff --git a/hosts/tahoe/secrets/rclone/config.ini.age b/hosts/tahoe/secrets/rclone/config.ini.age index ad44699..26857bc 100644 --- a/hosts/tahoe/secrets/rclone/config.ini.age +++ b/hosts/tahoe/secrets/rclone/config.ini.age Binary files differdiff --git a/hosts/tahoe/secrets/rclone/gcs_service_account.json.age b/hosts/tahoe/secrets/rclone/gcs_service_account.json.age index ff5260f..57926a6 100644 --- a/hosts/tahoe/secrets/rclone/gcs_service_account.json.age +++ b/hosts/tahoe/secrets/rclone/gcs_service_account.json.age Binary files differdiff --git a/hosts/tahoe/secrets/restic/repo-systems.age b/hosts/tahoe/secrets/restic/repo-systems.age index cd39590..e3e975e 100644 --- a/hosts/tahoe/secrets/restic/repo-systems.age +++ b/hosts/tahoe/secrets/restic/repo-systems.age @@ -1,9 +1,14 @@ age-encryption.org/v1 --> ssh-ed25519 dtgBNg I6aC5eB9FuJuQh0qEtjJ6Ho6UrybXBCIqeqErJtsOEc -uo23S1l1Fb2G+vG7GI7Nc+SPCl3d0Obc3tHPeDESAuw --> ssh-ed25519 wtownA NoFRHiQRgQrHmTLJ5wi/rORy4J1Wf4iU6Hr+FlaFfyE -gZsVc9ptglFYrvE4gRl+L/RpkB9uVDOeAr3z9Dk4J4I --> Pz-grease -iWN7 ---- t14q3Wr5y4TZFZmwGEf6ARvo63x2AEQhU4tnhdRrLa0 -S+sHt=@}CѦO{<jM=;*+9tٱ&:4 \ No newline at end of file +-> X25519 9ic8vm8qcpzWoqMDi6eN1dIM8v8ENzdrU9ef/hYptgo +vRrH93V+KVEfjWcZGTO4jvuE9vItKs2JC0LoXmEo5J0 +-> X25519 oKF2qEVOVa1FvaiAmm+8poCTM6TCNkAkKlu9LjdnPQY +sJAs8bVoJKWyO1doUkY7Ppky3Q8u3JMP99Pcwtcwrk8 +-> X25519 5jPqZeXJPZVD6YEkF/JuLyZDc1z6dOfkNTXV6w1R62M +fZKW+cqYJBAcA2H0mDGsKFaAMbdHe8p7hF+y1IjobVs +-> /-grease zG>:_b +rUaFTPq15hon1gmx7J0IGytSHoqQceYGL2XB6h00RdWZuanXZI1F2hWbEvgWFIqB +xXxPJ4Le +--- wrrYjOQ0i4YtHfNs2g594CFVLTAKfMRJCptxZ12YkYM +>襝%@xV1sJ`'C +6/b֖xVؠW( +,8 \ No newline at end of file diff --git a/hosts/tahoe/secrets/secrets.nix b/hosts/tahoe/secrets/secrets.nix index 2d23fda..8cdd5cf 100644 --- a/hosts/tahoe/secrets/secrets.nix +++ b/hosts/tahoe/secrets/secrets.nix @@ -1,9 +1,8 @@ let - fcuny_aptos = - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIdlm/qoR/dnMjZhVSTtqFzkgN3Yf9eQ3pgKMiipg+dl"; - tahoe = - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEq1IQRvj2jofCHOO6M28w2SRdgtHU06NJvwAwv/b69F"; - all = [ fcuny_aptos tahoe ]; + root = "age1nxwgdy3p9fft0zsae440wyulknf5rk82s0wnxssrpxu4nezysa4qexcvpl"; + fcuny = "age1keyvdhpspgqp4g5zjthdphau5q5qlt6fs0ex0wqnve66dmup9pzqn4sakj"; + backup = "age1fh4960rdrk4d7m4c5lwd3trvw9ylk09dvucj2gd2udy7d5cz2a0svcqws6"; + all = [ root fcuny backup ]; in { "wireguard_privatekey.age".publicKeys = all; diff --git a/hosts/tahoe/secrets/sendsms/config.age b/hosts/tahoe/secrets/sendsms/config.age index 5ba820d..d925f98 100644 --- a/hosts/tahoe/secrets/sendsms/config.age +++ b/hosts/tahoe/secrets/sendsms/config.age Binary files differdiff --git a/hosts/tahoe/secrets/syncthing/cert.age b/hosts/tahoe/secrets/syncthing/cert.age index aceb120..cbc59bd 100644 --- a/hosts/tahoe/secrets/syncthing/cert.age +++ b/hosts/tahoe/secrets/syncthing/cert.age Binary files differdiff --git a/hosts/tahoe/secrets/syncthing/key.age b/hosts/tahoe/secrets/syncthing/key.age index 8c22933..d8f21e1 100644 --- a/hosts/tahoe/secrets/syncthing/key.age +++ b/hosts/tahoe/secrets/syncthing/key.age @@ -1,10 +1,14 @@ age-encryption.org/v1 --> ssh-ed25519 dtgBNg ChSBoRw7XwKHqNfO43UkA1mL3gYzVrt9u2CYpxw6oSI -witLAp/ilF/wcWnGx0QReqe7mBdR3lZspzOjpEpMi1I --> ssh-ed25519 wtownA NdY9VIDwwMlAfw39yIMsAGUMIRghUOBWlZ4ham9DRSc -HucEPuec5Y3MGvp3kIZa/NFWxSGPhL01qE1P4L24P8g --> 2/x-grease Op@o& x -u7C9+kZlujVO76tqT07yS+pYtUa7lyTu4ksZeXhTlgAGP59Zl5tq7DkT ---- ddK2/N4jHQ2jB1nvuQWfElP+LR+pgQW0Ozzc3n7FhSs -<Yv(3yܲđk*r '-+wnv0|*@-Rԙ*rg[$f]X6+M6nsuD`=V{Àw2E?"yWWXP2spang?<su=rEhb^`1VX;gv˜ףp#U4@;kTô+btv5I"N1mh!8T``v[$ -:痙uj0cS(GVqtem+T>vRI \ No newline at end of file +-> X25519 Y52YsCYjJDZKhCIu+7kTs6jxJjwW6m84yTFX58jyt34 +4GHnB54xrAVyU0oxZhl+wnL296HA4AXPmMRzuZmOGkA +-> X25519 vKd7jTrBShvHFFY67+xooWxDtmNYbc2Fh2G/cYV0tmo +CWBEcJTVuHZy9tSIcq7RSQKhvEmcJr6CT1T36e2//D0 +-> X25519 tq3r1Zdz7QJdHjE8ly9Uzw54jkAyq63D6iw2JXpUDWk +ktxqJh7S1kH47G77mUB31IKrY8eHpW9huRVOoxPPOd4 +-> -pi[:-grease zVwevS +mO8 +--- EBzdJICAmJmFzQ1pqU1eyGLBBcYc4DMqAgxJq25/hzg +SW Eo96GcC +?}d`:֟tu왾xRvmS:0Ŷa^zS +J`{o oUtfTA,tLߐsOCyPg5O4(R ;`qksnT_d3AG[lAϪifsa ҙEVsPr:bṆoƺ3pɪ(:.Lc}46<m*trM l>VV!: +-rG$YM7X}ljrL4zb24z \ No newline at end of file diff --git a/hosts/tahoe/secrets/unifi/unifi-poller.age b/hosts/tahoe/secrets/unifi/unifi-poller.age index 4fb0e7f..0bba247 100644 --- a/hosts/tahoe/secrets/unifi/unifi-poller.age +++ b/hosts/tahoe/secrets/unifi/unifi-poller.age Binary files differdiff --git a/hosts/tahoe/secrets/wireguard_privatekey.age b/hosts/tahoe/secrets/wireguard_privatekey.age index edd8bee..f08c7aa 100644 --- a/hosts/tahoe/secrets/wireguard_privatekey.age +++ b/hosts/tahoe/secrets/wireguard_privatekey.age @@ -1,11 +1,12 @@ age-encryption.org/v1 --> ssh-ed25519 dtgBNg qNmKLv3MGfcZrBGuX3/+WlJh/2W7ailKCl1XwC1Dczk -6Z5ZsPmBsDVIn/CTAgujuuQMc9UgYsjOU2FjcXOgzXM --> ssh-ed25519 wtownA reQNIQYlaC/rWXO791VWzwdlSXe+Vo1dBU/yVLYEmhI -0kZxEr3DfYTSl2F0UzuZkHLWq/BGd1XqBddEl4Ml9SQ --> kQ-grease Q^i|R~ &PWMBI U3Y<>Kji -pSfA5OfoiOKuMhBIgliAdmVPAQg97f9ZiNUABNP8KFzZiaGY9D1Co9rkkvOA97LR -rl3U8SfGb+RUyFB5lQZBkvH1tgz9GbakV2rRhZNGjabLO6V7NEVFa4ka3ODL4rlS -ggM ---- Yds61EVDl84C0IbJCRO5CRatN76JPxSauRkm8Ui8L4U -ZFΎĀ <ܠ0X}l!+P&,:y!ZGd!vkhL;8MnvGlFJ0! \ No newline at end of file +-> X25519 eyw1uK0XuDb6Iaq8pY4VUQNbEKSmj2JltoXIlqUWsn8 +ZzfbNdgoYIvWSeLNyUoitEFvueZiPlYUrsLJzGlUp30 +-> X25519 WcbSf4EMR2Bhn1lkkvGlb6NFG3vdVp/KOSO7m4dLRAc +3rNJ7W5idYYpNr1pavUeGtfT30whV+b2htBjQSE3jlc +-> X25519 v5INWoeE7B+cdBuOWGkJ6qITX4O0cuLPEZjFV7JpEXE +D9sbaowN+HsnjVW3qyLiO2XeXudFT0BlFtUAaz1oWxE +-> x-grease x +CQMrW2t0tVTjuvj+otbdZS/sxUGHDqDoyMVyAkVYhOfpxm8lZCVVlwXPhe6HEufB +oSG6QFkJ8BrPIKn2XA +--- /XVESiNkDBYD0NYoXQhomrWbAC7RufQusQ9lAj8Jgzs +$?i1-*W<9i)thXK9XsE#PX$ 8QqfFozqgr^} \ No newline at end of file |