From 7e02970b56c5da72ce06e9e44eba86054fc63b0f Mon Sep 17 00:00:00 2001 From: William Date: Fri, 17 Oct 2025 15:39:56 -0300 Subject: [PATCH] fix up secrets --- secrets/cloudflare.age | 22 ++++++--------- secrets/nextcloud-adminpass.age | 20 ++++++------- secrets/nextcloud-secrets.json.age | Bin 757 -> 537 bytes secrets/secrets.nix | 44 ++++++++++++++--------------- secrets/webdav.age | 15 ---------- 5 files changed, 38 insertions(+), 63 deletions(-) delete mode 100644 secrets/webdav.age diff --git a/secrets/cloudflare.age b/secrets/cloudflare.age index 11cfac6..9e989ec 100644 --- a/secrets/cloudflare.age +++ b/secrets/cloudflare.age @@ -1,15 +1,9 @@ age-encryption.org/v1 --> ssh-ed25519 Kfdnog HMpl/3mb59SsUvkDXXxO+odBNSc1dZS1nQtC8/BPlGI -4fPk0YtGxOoqXDfTN9kQlH0Pg2iaJXUZE5es6f317L4 --> ssh-ed25519 SP9f6A p1kh6UOFJ4xwulLY9IpbNZIJ7JSouR27j6HgK/XRegM -rJCzN+RCdQgo/xCkAmcdN6GfXsoQhpmE1HuGwYs/2CI --> ssh-ed25519 8YSAiw cCbMOE3PMa3bzGGQSeQZuq074iwt4p4HLDu8uiHhWRY -U6wR/DuBdMKfbmQfUZ8XLdTBxNsUMR2lOueYucR5+bY --> ssh-ed25519 7cojTQ iLDzC79YtZcrqldzCyIFHrpsEapOXYD5AXuNoQ+3ulI -v2NiE3pA+J8Po+PqTTUU9XYKy37AIyj5KWdlh7FOPG8 --> ssh-ed25519 J6tVTA Jw1pSpF1J2Ud46BDhdRCPErgUeim8uwWxiB1E3BiJB8 -hGdGFi46iqKJN0QviG1xRNf2kwlls0rM5k3LkAiw8jY --> ssh-ed25519 Kl5yTQ yXnKCsJNjTSQYiPuv6dAF6raB3EFcg2oag1cBVkdvwk -0hwjrZpclTrFWtr5JqAbwXImYzZwTJOJPkhNnlHmPeo ---- k97ZU6FfTWVqBwNcrF9QeEbnqnuQUQ9pR1qM/Sgjh7A -#L-q﹋hr&*hNbqܦHŠG=@uaku|Er^BOo}:5ju$%".A1qP\2C R_ S=(%sި \ No newline at end of file +-> ssh-ed25519 Kfdnog gEZvRtLBhGslmS97VaRqoucgExvOopsHAAne4lCmEEY +NkIeFYuQFntDOBqd3k0/OVYMcM7h73uO0jPXaHzEcZc +-> ssh-ed25519 8YSAiw bVV4jIDbBKxsr6mQ4Tv0rP6ylrAEOJWkqjpyvXjnQRU +6kUe5Syw7sd+aF2QEgr6Yj+fOPL5zSJN1PJvY9Kdhlg +-> ssh-ed25519 J6tVTA 4JMlJmhHAYUgjiWwB1Q278TSjJypwecALmfnosxan0s +WIubcIFrjMV0GpyU1ZGc48YwrqOtSmJxweonw1KnR+U +--- 78A7re4LLB/0n5AXLRlVqiMNFMAQ2ZvjjK21YGRveRE +_4pkVCKm#~kI8Em3kp|0^tSk s/΅?=l,7~̈́c{ȞAݭ>ZlGTJsGY //B4e'IIc ,"< \ No newline at end of file diff --git a/secrets/nextcloud-adminpass.age b/secrets/nextcloud-adminpass.age index 4adb2b1..3b6ff2a 100644 --- a/secrets/nextcloud-adminpass.age +++ b/secrets/nextcloud-adminpass.age @@ -1,13 +1,9 @@ age-encryption.org/v1 --> ssh-ed25519 hi+lKA KUVC7m5ch8uuseBHHPCspWWdSAs+3YK+LvBL7h14UT8 -8h5Tu47UJ/6wJZaEjB0KhUKZ8yw3FgwWv9Dem4ivgVI --> ssh-ed25519 SP9f6A IDnNmcjBKTiNWnBPw7mAuycOfzvj1bGi30OLi/mN+AA -xE9drPCFvOi8v74zqUuCOc9DOFnzfwFfoa0O84JHonA --> ssh-ed25519 8YSAiw vWnYElIL2jh/LmxZKFFGE/8H1o+bOnGsGxQ3UZ02FE8 -c6e/c1a1cUa6FPDaUYHeY50WB5E1cq398AgwVs421EA --> ssh-ed25519 3Chb7w iDSXb9BYJ/2EUJx77Uch3eFYukxTD5nHbdU+iTBWXkk -QBrCOSmjKeX0giQxYGMHinOeTrDs9ZGmdjThxEvyXn0 --> ssh-ed25519 J6tVTA tZ5yMoYaLdgs0WoaRju3h+zfKSCrYoYO7aDcmnNta3s -seYPrbd8PmVZJKSltp4qI7i137be01ydWhkdOPP7Zzw ---- LElLg1Mrmw0iExirSvb6KWSA8bugbVggM2RwZSWlWGM -]͠l0dNnݾ0578qƈKƌ_# ̓agXDC:L6̾R魧 \ No newline at end of file +-> ssh-ed25519 Kfdnog aE5/4P3r4e4fh7fFYI+0ci4n5egCI9XxMUsVUQJvmjE +ILlTNB342CLNpdX8SEnSnzEqjvSj8smDjGBQXjQ3pVc +-> ssh-ed25519 8YSAiw tedtmECa3YP0wjOZsCJKAU/izbPcPHWnL++PRSjBIA4 +Rk4E8SbG5ThaBKvtOEe+MWB1JrzFnQAgH/TJGv3+hT8 +-> ssh-ed25519 J6tVTA gozo087SB3PrKK3dTRpmLfUH+pWA67TEHJOmgj1+ASY +pdLnZWvQHyN9lZuS4jjvsnGne+TMZ0PagvfvQJXJW2w +--- hJpVSU9xNlac99VD26i0uW6Jw/U/CoOcAwHSUCk0acs +?hš) IסЇKx::<J BVMx0L \ No newline at end of file diff --git a/secrets/nextcloud-secrets.json.age b/secrets/nextcloud-secrets.json.age index 3860d4e3352a711b3c6e1aa60cdbc562c6ca04ae..473f3cb97a38fcb01d2d7512306b9576963b2754 100644 GIT binary patch delta 472 zcmey$I+JCBYMggkN?v}tLZ(@Xu}g@*Wrc4^Vy=m0L{7e^aX_YJd8J#5lbL~uNw7g! zZit6jVUAlmSDJp7e_CpAQAJ|0e~M3vg-d3Yb4iXzwo6u|Z$@!}r%|$HX1IG!fwrON z#E;_PMme6DrNud=j-}ylmZ_!5sgWjm#znzCrRB~!hNU?LrYQxU{t+4Bx!JBmgg;!YQIcFpmhoo6#dKpzDyLpDY`(^nh=ll3NSGlEgm75g>hI)kM>05?*>KAyL zn-=?)Rg{~0N9dOaW(Ow~8s_*{xFi|`g(oL->FVk#xETb8mgbeEMOnIO=jVB(yZV}% zl^XfFRX7EES_JwQ8wQxwJEjGsmFb&>a(!53p;qHcGzOhHdr?!)Yy?)B}jRjm0}ob&b+NbC~!2$`=~ U*|Bd)>My+|#f!Ip+dAn605j{k7XSbN delta 713 zcmbQq@|AUhYJEngc8<5BLQ08#dakQsPL^w!S!!meNpfXjrFNN#Wo}7UPOg4oUUrzV zi>beJQmC6Jmrr(3YKl*)Szwxlm#J^6hqjAfSZ->mTcw9bmP=}6Wl>gsWmQ0KVN|6j zm#&>cadC!jYKoDmsiCDpaDZi+nWI8cesOWIi=|7pe!Y{cWoed6vR9-_Qkg1<#sE|1y_+)1$YeyD)J7oq|RJyr&r>9302d4QNm`waAULWPF z?dV?~85ELV=I51Ho@!K{5}Ir29ct#2Wnxm4?o?KiQSK4!R_>CQ&gJ4&p6aTvpP%lV zoEel`Y2Y4`Wl`l4ROML`RFabxlI>KP7ZmK|Qe>Q6%%!WVtB~U7>{DT!Vwq`ZWEvP) zm{J@VmRFwQXBp`06RPbSUSZ^&RUhf*?N(-*6UsGfMfL0LylgMbT(gQoezZ5IKhYNJ zy!hU8=c@UicG+*cc1nw}g0)nAi^?mzP&t#CZvvfMjx10L_MBKan_t?o=GBif({C01 zUVJGJyZ?CH+UIE|d-SZzYV|Jj#Ts`CtG~?r7X5vS-m|uco>~EIJ63Qv*c@4N@wmS5 YR{r>!%HJXtXJ>X5X#Ja0vFm390H{Fzn*aa+ diff --git a/secrets/secrets.nix b/secrets/secrets.nix index ba71b7a..d47309f 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -1,29 +1,29 @@ let - io-user = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO3Y0PVpGfJHonqDS7qoCFhqzUvqGq9I9sax+F9e/5cs"; - io-host = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKCIrKJk5zWzWEHvLMPMK8T3PyeBjsCsqzxPN+OrXfhA"; - io = [ - io-user - io-host - ]; + io-user = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO3Y0PVpGfJHonqDS7qoCFhqzUvqGq9I9sax+F9e/5cs user@io"; + io = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKCIrKJk5zWzWEHvLMPMK8T3PyeBjsCsqzxPN+OrXfhA root@io"; - rotterdam-user = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA1v3+q3EaruiiStWjubEJWvtejam/r41uoOpCdwJtLL"; - rotterdam-host = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIjXcqQqlu03x2VVTdWOyxtKRszXAKX0AxTkGvF1oeJL"; - rotterdam = [ - rotterdam-user - rotterdam-host - ]; + rotterdam-user = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA1v3+q3EaruiiStWjubEJWvtejam/r41uoOpCdwJtLL user@rotterdam"; + rotterdam = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIjXcqQqlu03x2VVTdWOyxtKRszXAKX0AxTkGvF1oeJL root@rotterdam"; - alexandria-host = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK95QueW+jp1ZmF299Xr3XkgHJ6dL7aZVsfWxqbOKVKA"; - alexandria = [ alexandria-host ]; + alexandria = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK95QueW+jp1ZmF299Xr3XkgHJ6dL7aZVsfWxqbOKVKA root@alexandria"; - trantor-host = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINkGuGLZPnYJbCGY4BhJ9uTupp6ruuR1NZ7FEYEaLPA7"; - trantor = [ trantor-host ]; - - desktops = io ++ rotterdam; - servers = alexandria ++ trantor; - all-hosts = desktops ++ servers; + trantor = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINkGuGLZPnYJbCGY4BhJ9uTupp6ruuR1NZ7FEYEaLPA7 root@alexandria"; in + { - "cloudflare.age".publicKeys = all-hosts; - "webdav.age".publicKeys = all-hosts; + "cloudflare.age".publicKeys = [ + io-user + rotterdam-user + alexandria + ]; + "nextcloud-adminpass.age".publicKeys = [ + io-user + rotterdam-user + alexandria + ]; + "nextcloud-secrets.json.age".publicKeys = [ + io-user + rotterdam-user + alexandria + ]; } diff --git a/secrets/webdav.age b/secrets/webdav.age deleted file mode 100644 index 93bd850..0000000 --- a/secrets/webdav.age +++ /dev/null @@ -1,15 +0,0 @@ -age-encryption.org/v1 --> ssh-ed25519 Kfdnog 9oKx6Oz/J/QJ0mmgoLX5AUx0sFdxnPVnjF42bElPSXA -BJ6h4lHGDsf1Npc4bwkvz5htGRT/x/b2bs9WFM2W/pc --> ssh-ed25519 SP9f6A T5t4apynXLYN/4YEvaHRCI28rrKzet4r6LrbAye5VGk -BsXkZYBxG9zcfLYCd9H0+LW078oCDyYx9zG+DPfE7bA --> ssh-ed25519 8YSAiw RY0YR30qyJPvhy7eTJLoj2JXpH9qHP43fJaHilJykXM -E5/P0Egz/LKwEhYLYd5Cnrat47gnYn93yDSeYgLi934 --> ssh-ed25519 7cojTQ qTCTw7CjilThFLmXYph4YhVBhnk1DpnFCGwgioo/XB0 -N31nZ8nInQuddLD3b0bxI5Es/pTvTQD8nz0f/AZtNFg --> ssh-ed25519 J6tVTA 7OawDsWwtVxu76ZgF0dFclMr19sBNdtu7H+Tr7Pd+SQ -hhVKcscIKIH1WChhRo/RYqUWy1rgs/EKnlHr9uY7QrQ --> ssh-ed25519 Kl5yTQ +i2Q3uNHw1jAVH76NHy4QbjCc6sBBYjsbr7w4mLaHW4 -JOJ02zU0+IxlbXMBsW4UrvzvLUbifdzABBNL+bc0bBs ---- W40oEFdBUKbi0teNTc6B1sX0ReHDvkIJcBm1dlROnk8 -zҼCn箱e7{{N6az"EHB/BYbD \ No newline at end of file