Fix Secrets Setup.
This commit is contained in:
parent
f1e5c7eb41
commit
01353b87ac
GPG key ID:
7FCD64BD81180ED0
3 changed files with 33 additions and 25 deletions
|
|
@ -9,21 +9,23 @@
|
||||||
};
|
};
|
||||||
in {
|
in {
|
||||||
admin-password.neededForUsers = true;
|
admin-password.neededForUsers = true;
|
||||||
|
|
||||||
tskey = {};
|
tskey = {};
|
||||||
|
|
||||||
vaultwarden-env = {};
|
vaultwarden-env = {};
|
||||||
|
|
||||||
restic-env = {owner = "restic";};
|
restic-env = {owner = "restic";};
|
||||||
restic-password = {owner = "restic";};
|
restic-password = {owner = "restic";};
|
||||||
restic-repository = {owner = "restic";};
|
restic-repository = {owner = "restic";};
|
||||||
|
|
||||||
authelia-jwtsecret = autheliaSecret;
|
authelia-jwtsecret = autheliaSecret;
|
||||||
authelia-oidc-privkey = autheliaSecret;
|
authelia-oidc-privkey = autheliaSecret;
|
||||||
authelia-oidc-hmac = autheliaSecret;
|
authelia-oidc-hmac = autheliaSecret;
|
||||||
authelia-session-secret = autheliaSecret;
|
authelia-session-secret = autheliaSecret;
|
||||||
authelia-storage-encryption = autheliaSecret;
|
authelia-storage-encryption = autheliaSecret;
|
||||||
|
|
||||||
authelia-users = {
|
authelia-users = {
|
||||||
owner = "authelia-main";
|
owner = "authelia-main";
|
||||||
sopsFile = ../secrets/authelia/users.yaml.bin;
|
sopsFile = ../secrets/authelia/users.yaml;
|
||||||
format = "binary";
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
||||||
28
machines/lebesgue/secrets/authelia/users.yaml
Normal file
28
machines/lebesgue/secrets/authelia/users.yaml
Normal file
|
|
@ -0,0 +1,28 @@
|
||||||
|
authelia-users: ENC[AES256_GCM,data:1EkFsvUed3CIjoDU1iskEsGPYdyWhsD6+uCUdhRvj2YDF4gVJkYEQx3o3arJr62NgHBMM1E8djCUFSP3zWpeA0zdgUEL6V2572exa7VrfAgdW0F1iP1o8n+iAD2kORYuX+z+cLbuG28U5WiZEDFThGsLNIed4+T49iKQ+rXfMlhZchwNb/U8CPTwYjGNzXs6/TFSWu8/JNw7bpScZZWbZGmx2fOSu9Y6evG5mIffekZEJMHNqRlgoiCOXsbYf00h86eD8TyIi35mv4bwqjEz8wLbrY5+T9HfwBUu,iv:evquSSnMSzCBDmCXulR4HkWIxpL0S+6Hx2caO7ZOOBw=,tag:5wAIrUVgTpjXF+w2eIOj+Q==,type:str]
|
||||||
|
sops:
|
||||||
|
age:
|
||||||
|
- recipient: age1kjy9wym6cmz6wqmewws4ledsne47c0e4sr0ksmm66rff3u2f6u3qxvnyg9
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvdnprVVFKQU1sQWdyR3d2
|
||||||
|
elhzL0l6RkQrbGl4NEMwMU5lM1R1OFZQZFJBCmpFSHZYZUlHZTBDZmdhVkFJTzNR
|
||||||
|
SzlpK2ZHR3AxRElrVUFaYzlNZ2RJQlEKLS0tIGdxVml4NVhMazIrRURaV2QzZU83
|
||||||
|
LzdhU1U3MFp0Y3FqTHBjd2JRMFZiM1EKJDuKlkmxI/ibZBjjTS01RPHv51PSE+1C
|
||||||
|
PoaazhTi02Eh8Imnh9jiiQVcTO9o7Xo3V3y3TCNgvoh1gWdVWXzCfg==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
lastmodified: "2025-06-10T02:20:04Z"
|
||||||
|
mac: ENC[AES256_GCM,data:O1PcsOOYIVmYZCv5ds+9oqjwTDqmL4FYmJ5zHUKjt/YAHMKO81x/E35sZ44iBVYUyOFBFz5GD2CPJfyWu3CIMNU6xAXYzrQs8XvDUXvVmZigMuxBm1IjATH0GgZEfWxutsLYGXjuCaHe8oWPKG0ynhEort9Bwp11DESMVuvJkpI=,iv:j3CtGchVJzwJ3injinEdbjClKx03ZDXAWQ6jsWFT7Q4=,tag:MKJzIyrj1nxT0gh4tV7Yew==,type:str]
|
||||||
|
pgp:
|
||||||
|
- created_at: "2025-06-10T02:19:29Z"
|
||||||
|
enc: |-
|
||||||
|
-----BEGIN PGP MESSAGE-----
|
||||||
|
|
||||||
|
hF4DAAAAAAAAAAASAQdA0p2w1T6ALDUvOGNaZRSvOvN3QnKy8hkRHt9s+uYzqRUw
|
||||||
|
kipYH5FR1+BcRehiga5SXzNHzbHRhp3kQLcw5BupyPjI5s9XQYgoyD8d/0DpNQUc
|
||||||
|
0l4B62CI/Naqv5aAMcsvtcq3xFwznCAMOX477dWMAtdPuC/mRJV6NagpmAmF5SEl
|
||||||
|
w1udTJuFysQ8Y5XQHhMu8Sz221rd6QQ/qASb0yWqjYeyw8Jx9sRwn4o9rLJTcOPc
|
||||||
|
=OTMQ
|
||||||
|
-----END PGP MESSAGE-----
|
||||||
|
fp: A972C2063F4F2554
|
||||||
|
unencrypted_suffix: _unencrypted
|
||||||
|
version: 3.10.2
|
||||||
|
|
@ -1,22 +0,0 @@
|
||||||
{
|
|
||||||
"data": "ENC[AES256_GCM,data:YMncaBj6fPMX8HgKUZ3NVwyIzSnKG4E0RN47QR+2kf0Cr4MbnAcqHnjbWV8M7vXMzFtW7LyMSS+61xZdHWg27w3t5yFK3szbWhvFYhK+KoOnRw0virVXjcKTuiPdPIQ6qG9FI8UZixljRh1fKNZxUhe2Yzhq3CG8+F+SJ5yQjdXKw0wY9DqehMd1MnhFqF0hAfLDTHwTrYwP2D8YeWpg0euaCw8WhzKDqZu1PdG4MP0GJ7VZfJ3gnAaUJAgyNQ9gVQmEnNUaHN8GTie9m0PBruOzVbZwmwWUk62UTPU=,iv:z0u60Fu89q+iT4f7BNEJ/b57W+XBYqUj0yf9oMO2Ddc=,tag:Cn2iCxI1wvUhIKQPefMA6A==,type:str]",
|
|
||||||
"sops": {
|
|
||||||
"age": [
|
|
||||||
{
|
|
||||||
"recipient": "age1kjy9wym6cmz6wqmewws4ledsne47c0e4sr0ksmm66rff3u2f6u3qxvnyg9",
|
|
||||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOZVdLbzVjcSsyU3Mvdkdp\nYU43bXREbTVwNnZqVXhTZnZnY2UyeGkrMWhzCnN4WkF2T3l5Zk5OTzFTUzMvdkhU\nS0lmMjFHbEE4VlJjU0xPR2V3ZDdnN0UKLS0tIGRMWkROWVdiS1piRTZFZ1ZXVUFo\nMFkvNzdsL24yVlRRRnNuK0MvMjFDUWMKio15sHTVTCzoW6xDZ8xW1R1f3FZWJ70c\nAxVlwdhZHFsfXK++vsU+PT42ejqodEMpZiHvIjQzg6EulopdKUYU/g==\n-----END AGE ENCRYPTED FILE-----\n"
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"lastmodified": "2025-06-06T04:17:10Z",
|
|
||||||
"mac": "ENC[AES256_GCM,data:HdHskDeNiLLfykGqtv6azJUFa0jMiOoOJMhs0GYmNDRWHIN08IXc2Lvsyp35vi2MRglQvf38NEgFS1SwUXebwDfqNCMou+ge+yYErsg+qXdj0maqm7MKRWtdtk3ahpX+bcFLHDzikPxPtno5K9noxCnMebVIBCrCoMP8sKGLi6o=,iv:Dm14azLoWTGBqWneg588ihGaCeOTCRYgIQ8/nbqrPTU=,tag:ksinhud6U7ueJAwcwYuKiw==,type:str]",
|
|
||||||
"pgp": [
|
|
||||||
{
|
|
||||||
"created_at": "2025-06-04T20:14:12Z",
|
|
||||||
"enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DAAAAAAAAAAASAQdARkN3yYHRUH/nfobwd2YF4ePWpbruXUNCZkNQubo/EV4w\n/1ybFvY9O+p6X/U//a6WuiQoli12nNUYegEHDJc8CzH6Q+9BwqKqYfMoa+Ahy2hi\n0l4BOQfnONeflgF9bctA7BJB1lvF4pbhbxTf2bImf6HDAajFyaYfvML0ad4MMRBU\nqmBCXG9WAf6VQb99uUj8wwbxunny4pLF1Q4YhMdC/hbkG9unN4slsQUr7jM8N9Dz\n=C1Sa\n-----END PGP MESSAGE-----",
|
|
||||||
"fp": "A972C2063F4F2554"
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"unencrypted_suffix": "_unencrypted",
|
|
||||||
"version": "3.10.2"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue