From b1174feff216752517583ff0a95ccc67119648ab Mon Sep 17 00:00:00 2001 From: Grigory Shipunov Date: Fri, 24 Jun 2022 18:19:40 +0200 Subject: [PATCH] add nextcloud secrets to sops --- .sops.yaml | 7 ++++++ secrets/nextcloud/secrets.yaml | 42 ++++++++++++++++++++++++++++++++++ 2 files changed, 49 insertions(+) create mode 100644 secrets/nextcloud/secrets.yaml diff --git a/.sops.yaml b/.sops.yaml index f878cb3..328d14b 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -3,6 +3,7 @@ keys: - µwave age1eysr2m8ust6gq9jk88lpzzcy8gdrzlts69zlfqul766t6gvqw9qq24z68l - &cirrus age1qm70jkg7us4ft4x3nh7kwxlul022kteescjj83ywvjhysj6nsq5sw7l6p8 - &dishwasher age1cxlskqynwl5njjm0qf363308dsjwxjq59rq7pn6ucpscpzpvry4qwtpx73 + - &nextcloud age17ucx2sux2n7xnphzu0ajgdemz3th05m7lkl5gculetdms8a7mpdsycg5lf creation_rules: - path_regex: secrets/microwave/[^/]+\.yaml$ key_groups: @@ -22,3 +23,9 @@ creation_rules: - *admin_oxa age: - *dishwasher + - path_regex: secrets/nextcloud/[^/]+\.yaml$ + key_groups: + - pgp: + - *admin_oxa + age: + - *nextcloud diff --git a/secrets/nextcloud/secrets.yaml b/secrets/nextcloud/secrets.yaml new file mode 100644 index 0000000..417bc0e --- /dev/null +++ b/secrets/nextcloud/secrets.yaml @@ -0,0 +1,42 @@ +wg: + - oxaproxy-seckey: ENC[AES256_GCM,data:aiom4K+5aJx+XH5ufd1fjgYa8YyqdTBiet6XKdzvtVC8ctVvuBfK34vVIXg=,iv:EXqxbNr9bxOvYjrKR59sp+XP8tPhqnBleaWsLSO6igk=,tag:0/oTWYuzna9OGriSg0vIEg==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age17ucx2sux2n7xnphzu0ajgdemz3th05m7lkl5gculetdms8a7mpdsycg5lf + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBEaGd0M25MYmI2MXhCTXJN + RlBEVWNIallrYjVpVzlBN25aWFROeXRoU0hVCmxQOFRVTTNVaWZJQ2FsaWJuNU1K + TnRNUlJEWm91S01TTUdiNmluenVlRGcKLS0tIFRGV2RuMklhSDFrZGFjMUhFZndZ + L09MbnYzck1GaHNUOXgxWjNWdEZFVUEK5/yjruDVu7a3dqLXPYIoXt4IPp+1pGuT + 01ZjK8CUBnQ9UwYF4bu1Td09Kig5zkDDXQeq1X/FV5MGUARWL30XTQ== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2022-06-23T14:07:26Z" + mac: ENC[AES256_GCM,data:amfDlYzfxYpNdNQcswt8QsHvMwVD49Xc7KQwGb4mrk+Rf5txwVeICVb6lh0vQDA24YHAdJeJmkpdu9DBvTzvU062zCsHnNnRnnefpE1lG0fFU8EB2vZ8wCeixMbcAfhM6coPht/hctcUZglt3gvG4QwdD/Azeprv0PMSOpaWv+M=,iv:XNUIFFoOMRmYqOktpScZEBHs/BjySpiioHx5zXVbz0w=,tag:QVOtgIfeq+pUXvpSaMcC0g==,type:str] + pgp: + - created_at: "2022-06-23T14:06:14Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMA7zUOKwzpAE7ARAAgFRIZXy4wwkI46l7BglQBMPTMrYEsXnaCy3qCCWGws/3 + 4Ygu+9GF0bNzafws43y51T7RbbEfCFVQKV/mYkCVw0jDk7IyKl61qkyPb2hZzeyA + alHpE6gW07v3ltzNURENp6lkOLLrTr4yBB/EQz4+ejsnAIlHn99NoUNHxEGPqnBg + qGHNe3yY2PsEoJY81FA8IBmLgmRKiJ0E4TM+67MteLj3hvhnVqxramGKY2YuA7/v + zznW8SoV76zz8HVHEWhXDnLkacxlOdLLnpQWEl3MHdGqLH5vOimJNhyx+KtLDxu1 + tFVv+xPxm+RAcy3GoEAuMzWiXU7sEGY1C7/PW207I4BVVrY22PfeFozVWWKr3m40 + WbNY4Ro7RywW1Kzz7wBZ7zjMRF4InafgrLrEpeeQpxftad8sC97C37M5VP8Gydkj + 3LC3SqnannYOohhMdf7+0EJgNVoXIfBcobMO4ryb8DnhtUVlGu49yGI/iY9cWVy9 + 2y65B440FcrfZkVuolH0Rkq4FlDCywgxcDDtD9gWYvW0gWmKIZG/mDebglQOnjIU + eNor/gwib4leRHBeC1e+epjzRcwB9tz3AC2KyELZ1MH8h5VRi7WZ75KeWK/Xoi0F + SBp5poDaGXsLxt0o5HJsVrGwRUjiage8TSMNaFbslBbqHChbLQhvIv8o9yVDjHXS + 5gG6DSo+cVylGmYBG2iYSP50uZByIiSz5dFSNeRTFX73ho9vpirIQ1VYovTXVHVB + DKP3wgBK/ORNGSoGcUDQkHvkPcglCEA4mmGpYcENqOLUUOLJOVhtAA== + =DOaN + -----END PGP MESSAGE----- + fp: DD0998E6CDF294537FC604F991FA5E5BF9AA901C + unencrypted_suffix: _unencrypted + version: 3.7.2