about summary refs log tree commit diff
path: root/hosts/tahoe/secrets
diff options
context:
space:
mode:
Diffstat (limited to 'hosts/tahoe/secrets')
-rw-r--r--hosts/tahoe/secrets/acme/credentials.agebin0 -> 461 bytes
-rw-r--r--hosts/tahoe/secrets/acme/gcp_service_account.json.agebin0 -> 2763 bytes
-rw-r--r--hosts/tahoe/secrets/drone/secrets.agebin0 -> 697 bytes
-rw-r--r--hosts/tahoe/secrets/drone/shared-secrets5
-rw-r--r--hosts/tahoe/secrets/rclone/config.ini.age11
-rw-r--r--hosts/tahoe/secrets/rclone/gcs_service_account.json.agebin0 -> 2660 bytes
-rw-r--r--hosts/tahoe/secrets/restic/repo-systems.age9
-rw-r--r--hosts/tahoe/secrets/secrets.nix36
-rw-r--r--hosts/tahoe/secrets/syncthing/cert.agebin0 -> 1248 bytes
-rw-r--r--hosts/tahoe/secrets/syncthing/key.age10
-rw-r--r--hosts/tahoe/secrets/traefik/gcp_service_account.json.agebin0 -> 2827 bytes
-rw-r--r--hosts/tahoe/secrets/unifi/unifi-poller.age10
-rw-r--r--hosts/tahoe/secrets/wireguard_privatekey.age11
13 files changed, 92 insertions, 0 deletions
diff --git a/hosts/tahoe/secrets/acme/credentials.age b/hosts/tahoe/secrets/acme/credentials.age
new file mode 100644
index 0000000..1a3f92f
--- /dev/null
+++ b/hosts/tahoe/secrets/acme/credentials.age
Binary files differdiff --git a/hosts/tahoe/secrets/acme/gcp_service_account.json.age b/hosts/tahoe/secrets/acme/gcp_service_account.json.age
new file mode 100644
index 0000000..d90b0e5
--- /dev/null
+++ b/hosts/tahoe/secrets/acme/gcp_service_account.json.age
Binary files differdiff --git a/hosts/tahoe/secrets/drone/secrets.age b/hosts/tahoe/secrets/drone/secrets.age
new file mode 100644
index 0000000..618bbc6
--- /dev/null
+++ b/hosts/tahoe/secrets/drone/secrets.age
Binary files differdiff --git a/hosts/tahoe/secrets/drone/shared-secrets b/hosts/tahoe/secrets/drone/shared-secrets
new file mode 100644
index 0000000..47612be
--- /dev/null
+++ b/hosts/tahoe/secrets/drone/shared-secrets
@@ -0,0 +1,5 @@
+DRONE_GITEA_CLIENT_ID=21ef7412-a58a-493c-beec-2e1dc27ebe79
+DRONE_GITEA_CLIENT_SECRET=GCXGi97PXxAoMTpHveMtNJXDyzdvI8jeC0TaEtCgpPab
+DRONE_GITEA_SERVER=https://git.fcuny.net
+DRONE_GIT_ALWAYS_AUTH=1
+DRONE_RPC_SECRET=d3daa6782d0f4ed66f7f557fa384ff8f
diff --git a/hosts/tahoe/secrets/rclone/config.ini.age b/hosts/tahoe/secrets/rclone/config.ini.age
new file mode 100644
index 0000000..1c4f7c0
--- /dev/null
+++ b/hosts/tahoe/secrets/rclone/config.ini.age
@@ -0,0 +1,11 @@
+age-encryption.org/v1
+-> ssh-ed25519 dtgBNg flk9dqXjiNJJcadn58Tkra0KoYp7ALlogSgryrOukns
+Ha4UVvpR4xcYuf5zKPhStkghZby7SrDk+bwvHvO/j00
+-> ssh-ed25519 wtownA Ml9OWVPS8ikt2baMVaM7B4r/vi0tTaKTt+TmbZhr7xg
+8kuan5CA93vCAyOclC+RX/RCh7G1XbTqLuGvg04mqLA
+-> 7-grease
+mfeTWZr97OI6k9CBqi+VbmiuNRc6wZHlonUnGS+b20UKp+ZfGjmczrvPeV7VhqH/
+4SPz9GwCWlJkJAtyPhfjb8X+2VJMxRTpLNfGn4WtADb151GQ
+--- B/G2/6lOCuA82g23qiyi3ESh80fo1ejwKjTsw/wcDXA
+51m痢[B煂胭L球櫁(S鸉kr鐸WCq	]%鴧dC1瑷cY骇E'焐;餬,忠$3睆2楽^嶒2(叧晤嗚Wqy,W%潓g轚2労&顊U#u柆鞚ИF凼8
+佩豸寚褆r
\ No newline at end of file
diff --git a/hosts/tahoe/secrets/rclone/gcs_service_account.json.age b/hosts/tahoe/secrets/rclone/gcs_service_account.json.age
new file mode 100644
index 0000000..ff5260f
--- /dev/null
+++ b/hosts/tahoe/secrets/rclone/gcs_service_account.json.age
Binary files differdiff --git a/hosts/tahoe/secrets/restic/repo-systems.age b/hosts/tahoe/secrets/restic/repo-systems.age
new file mode 100644
index 0000000..cd39590
--- /dev/null
+++ b/hosts/tahoe/secrets/restic/repo-systems.age
@@ -0,0 +1,9 @@
+age-encryption.org/v1
+-> ssh-ed25519 dtgBNg I6aC5eB9FuJuQh0qEtjJ6Ho6UrybXBCIqeqErJtsOEc
+uo23S1l1Fb2G+vG7GI7Nc+SPCl3d0Obc3tHPeDESAuw
+-> ssh-ed25519 wtownA NoFRHiQRgQrHmTLJ5wi/rORy4J1Wf4iU6Hr+FlaFfyE
+gZsVc9ptglFYrvE4gRl+L/RpkB9uVDOeAr3z9Dk4J4I
+-> Pz-grease
+iWN7
+--- t14q3Wr5y4TZFZmwGEf6ARvo63x2AEQhU4tnhdRrLa0
+稴+泂Ht=@苶罜摕薛ぜO{┒熹閳<塲M=;*苕+9鐃少逼&:4
\ No newline at end of file
diff --git a/hosts/tahoe/secrets/secrets.nix b/hosts/tahoe/secrets/secrets.nix
new file mode 100644
index 0000000..01ff035
--- /dev/null
+++ b/hosts/tahoe/secrets/secrets.nix
@@ -0,0 +1,36 @@
+let
+  fcuny_aptos =
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIdlm/qoR/dnMjZhVSTtqFzkgN3Yf9eQ3pgKMiipg+dl";
+  tahoe =
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEq1IQRvj2jofCHOO6M28w2SRdgtHU06NJvwAwv/b69F";
+  all = [ fcuny_aptos tahoe ];
+in {
+  "wireguard_privatekey.age".publicKeys = all;
+
+  "acme/credentials.age".publicKeys = all;
+  "acme/gcp_service_account.json.age" = {
+    publicKeys = all;
+    owner = "acme";
+  };
+
+  "drone/secrets.age" = {
+    publicKeys = all;
+    owner = "drone";
+  };
+
+  "syncthing/key.age" = {
+    publicKeys = all;
+    owner = "fcuny";
+  };
+
+  "syncthing/cert.age" = {
+    publicKeys = all;
+    owner = "fcuny";
+  };
+
+  "unifi/unifi-poller.age".publicKeys = all;
+
+  "restic/repo-systems.age".publicKeys = all;
+  "rclone/config.ini.age".publicKeys = all;
+  "rclone/gcs_service_account.json.age".publicKeys = all;
+}
diff --git a/hosts/tahoe/secrets/syncthing/cert.age b/hosts/tahoe/secrets/syncthing/cert.age
new file mode 100644
index 0000000..aceb120
--- /dev/null
+++ b/hosts/tahoe/secrets/syncthing/cert.age
Binary files differdiff --git a/hosts/tahoe/secrets/syncthing/key.age b/hosts/tahoe/secrets/syncthing/key.age
new file mode 100644
index 0000000..8c22933
--- /dev/null
+++ b/hosts/tahoe/secrets/syncthing/key.age
@@ -0,0 +1,10 @@
+age-encryption.org/v1
+-> ssh-ed25519 dtgBNg ChSBoRw7XwKHqNfO43UkA1mL3gYzVrt9u2CYpxw6oSI
+witLAp/ilF/wcWnGx0QReqe7mBdR3lZspzOjpEpMi1I
+-> ssh-ed25519 wtownA NdY9VIDwwMlAfw39yIMsAGUMIRghUOBWlZ4ham9DRSc
+HucEPuec5Y3MGvp3kIZa/NFWxSGPhL01qE1P4L24P8g
+-> 2/x-grease Op@o& x
+u7C9+kZlujVO76tqT07yS+pYtUa7lyTu4ksZeXhTlgAGP59Zl5tq7DkT
+--- ddK2/N4jHQ2jB1nvuQWfElP+LR+pgQW0Ozzc3n7FhSs
+<Y腑v(3y姸獎懿谀慿珵*舝 '-幈+硍n笓鱲0|*馌-巛皙鯮詸*rg[$f昡X眻6+M6n牿s萿D`缴凝褚=V痣{脌w2E?"yWWX2s萷骛灿ag?<s壒u=痿rE輍獩鵥ㄞ^`┅锤1骑屻VX;揼v藴祝煠p#U愯4揁;蒶頣ビ么歆+bt噕驄彋5I涎"爧錉N1mh肫!8皶T``v[$
+:鐥檸搯蕌アj0洐c皙S(GVqt恊m髅+T叴哞>趘礅RI
\ No newline at end of file
diff --git a/hosts/tahoe/secrets/traefik/gcp_service_account.json.age b/hosts/tahoe/secrets/traefik/gcp_service_account.json.age
new file mode 100644
index 0000000..0f99905
--- /dev/null
+++ b/hosts/tahoe/secrets/traefik/gcp_service_account.json.age
Binary files differdiff --git a/hosts/tahoe/secrets/unifi/unifi-poller.age b/hosts/tahoe/secrets/unifi/unifi-poller.age
new file mode 100644
index 0000000..4fb0e7f
--- /dev/null
+++ b/hosts/tahoe/secrets/unifi/unifi-poller.age
@@ -0,0 +1,10 @@
+age-encryption.org/v1
+-> ssh-ed25519 dtgBNg uqkCRrdoOMyrsbpfK8+7LwHZ9HAtZVmPMDHMT24mHXk
+BooBKT31kAEjWOHvx5B4g82R/Wl6f/1kp0BiEn6X6jE
+-> ssh-ed25519 wtownA 7TZMv8CNmwIbYh6tHu5hzI+YmXem+u6Ni4dJ8brAyj4
+CUPF2SgqA/Rz9bnA2w1jvoZpWKTmFrKYACySbzXHrqU
+-> *"=7-grease >"jI\ )%!Hr*2 }Br{nQX
+Zo1RbBeC8QYmLO7rPbQCxe0YUGCYsf5xN4lXpqBNS42ZPg/oeIE1ZvYTU47p5SbE
+CjuxcicfzgPApwp8o9s
+--- M8GY2JUWDT87vxiZ4RrYjJp6yUW6Gz993Ens/65PPQo
+嵈~s耺w轪磇!=讼袸妝″>F}S骲*.鐠1&Kc姳
\ No newline at end of file
diff --git a/hosts/tahoe/secrets/wireguard_privatekey.age b/hosts/tahoe/secrets/wireguard_privatekey.age
new file mode 100644
index 0000000..edd8bee
--- /dev/null
+++ b/hosts/tahoe/secrets/wireguard_privatekey.age
@@ -0,0 +1,11 @@
+age-encryption.org/v1
+-> ssh-ed25519 dtgBNg qNmKLv3MGfcZrBGuX3/+WlJh/2W7ailKCl1XwC1Dczk
+6Z5ZsPmBsDVIn/CTAgujuuQMc9UgYsjOU2FjcXOgzXM
+-> ssh-ed25519 wtownA reQNIQYlaC/rWXO791VWzwdlSXe+Vo1dBU/yVLYEmhI
+0kZxEr3DfYTSl2F0UzuZkHLWq/BGd1XqBddEl4Ml9SQ
+-> kQ-grease Q^i|R~ &PWMBI U3Y<>Kji
+pSfA5OfoiOKuMhBIgliAdmVPAQg97f9ZiNUABNP8KFzZiaGY9D1Co9rkkvOA97LR
+rl3U8SfGb+RUyFB5lQZBkvH1tgz9GbakV2rRhZNGjabLO6V7NEVFa4ka3ODL4rlS
+ggM
+--- Yds61EVDl84C0IbJCRO5CRatN76JPxSauRkm8Ui8L4U
+Z陞F螏履 <軤0媂}关l!ы+P&,:y!ZG璬!vk醜L;8M鋘vGl桭J0!关
\ No newline at end of file
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-10-17 06:29:25 +0000