From 791d5e66ae9928cbf88069b5ef34c98ebefe1d5d Mon Sep 17 00:00:00 2001 From: Petru Paler Date: Sun, 2 Feb 2025 14:03:07 +0000 Subject: [PATCH] Update key for c1. --- secrets/secrets.yaml | 72 ++++++++++++++++++++++---------------------- setup-host.txt | 2 +- 2 files changed, 37 insertions(+), 37 deletions(-) diff --git a/secrets/secrets.yaml b/secrets/secrets.yaml index 76172b2..f7b3c11 100644 --- a/secrets/secrets.yaml +++ b/secrets/secrets.yaml @@ -8,65 +8,65 @@ sops: - recipient: age1df9ukkmg9yn9cjeheq9m6wspa420su8qarmq570rdvf2de3rl38saqauwn enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxQmpXcU94M0ZRWW4xWUwz - VTdxU1FaaDZGSUlNN1BxVmIwZzA2WFhOY3dZCjNoMXdLTmNDL2xnS2lGR2RLMm9l - Nk9jdjR1dWRzOW55Q0VvSGRZUUVsa2MKLS0tIGZ4MmhBS3p1bUpUbTAxeTh0aFRF - Uk9rU0V2VWtJdHNqV0hGV29wS09WbjAK/3XVVNGsxii/jA8fhHC2ga3AiF5j1G1e - mA289KN8qzPRzjWmrlGx94iJ7FX2fvwYFBqYVcy1ZdhRNhPM5CuZMA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDZ0dzYmlHVHRnSjNwUWhI + M2ZhTVRtN2ZIb0JacXpaM2hxejFab2tkdTJrCnFaVUpBSGpKUUNzL0xEMUo4Qkg4 + eWpLL3RRMkovR1AvYklLNXcvZGtrR2cKLS0tIExPN3lPTjFueGlzc3c4UFVjcHVO + Y0N2cFlKSkNSU01SOEN1OXIvRmtQbFEKDGuIvYvMhXWOz9GLIDSs/PEaXpwn3Ust + BffIB24x01nPXdz0O+GHC8J4LkvdwRrYL5kX6vqZ/RWOQEpPDpjvFA== -----END AGE ENCRYPTED FILE----- - recipient: age1gtyw202hd07hddac9886as2cs8pm07e4exlnrgfm72lync75ng9qc5fjac enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1QXpXaDRjMkZjWVJkeHpL - b3lYdFcvOUVGczdjRXJpRTVoT2cvWU9kVGkwCm1UdWIxRDlDRWNuNFlyVFg0T0N1 - R3Fzbk5oRklBL2IzVS84cFF5bVM2aVkKLS0tIGo0TVRXSDk4T1MxRHRQU0JBdXd5 - RzlJdmNOdlRZMnJCNDBqNmJGb2RRRzAKMbGtX/f4qK9i35xVACyVJEylL0YRAY1p - VAwLKY6eqKrzrrG2EMmhPgwWJ0dz9GVjlWhCiFF119d41ZcKBt3w2g== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2TkxMSFJLbzdPTTdYR0hC + U1dSVENJckFjVlBkUThrYnRUN2Q5ek9JcFhjCllmVFYzenF6SHByUGtFQUhTZWg2 + UTBLckZpYWQ2QXkxaWMvR2d6eHREYTgKLS0tIC9DMmZ0QXVUMlJ1NVZielV6dWlv + QWpybkVtcVhXOEhHRVFNMUJhMXhqSW8KcrPWhqGA8J5zIu5JaBd7N4VjR4iq/6Mq + qfi3OPQQlisN6zLzpM1kWs+BTzeAVzfC+UXKmuFeOUHcVJFG6TbLMg== -----END AGE ENCRYPTED FILE----- - recipient: age16yqffw4yl5jqvsr7tyd883vn98zw0attuv9g5snc329juff6dy3qw2w5wp enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBWDVKVHlFUmh3SEE1cXhR - amVOREVvTVJNZWdvK3ExWkVBNisxdklqT1FrCjR1aitaV2ZlUTBFOVh5Y2ZXd2lp - N2pPbENSdTZ6RVNYeVl6QlhxKzJmZ0kKLS0tIE1vU0RDeVhIN3ptc0tDdWFqL2ow - SzQxdFlPTk1INWhmcUY2MmV0cDR5WVkKJuEww0+zYEmbZsq7leW85CNDAie55kta - L6ujJdm7I0YTYDTt2p4DfBrrFrYZ3Cc3PWRNCwKAt/J8or756Ctyvw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQMWltT2Yvdk96elVqWWI0 + WE5rR1ZjYXMxYXNiNWdlLzJWMkJObGFENnpVCnVsenJzdUIrc1M2cFJReUExSVU3 + dWpMUk53dU9UTG9EUlNOTHBja0JqazAKLS0tIGYzU2pxVmpFR3UzaDhCd0ZrdkRj + V1V5M2g2elRMR2lYZHM0QVRTdDFBOHcKFIlNxdy6KyZK42qsLgXNIR0lTmNnCOLS + xn0MT+YG6j4YP23OslkjXlr8lEAOggh6+2fFssRXtXZGKdQobQl3Jw== -----END AGE ENCRYPTED FILE----- - recipient: age1w5w4wfvtul3sge9mt205zvrkjaeh3qs9gsxhmq7df2g4dztnvv6qylup8z enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtTVhBdENNWndZNlgyWTNI - L3hMTzdHaFcyOWVuWitndmc5WFlzU1pnOTI4ClRzWStQRGZIc0g1Z096WUZsZjF0 - TDUzZjJOV2hweUx6U21uOUVoK1VKVlUKLS0tIGo2Y1hsdWFDWEl0Tzk5V25tdko2 - V2dKTkJhb01CZ2kwbGtEWFFMV1UvQncKPQdAkrciH4jz1Yz4924VK4/EpfhCWJ/9 - CNpKFEgrXT+NsBGnLPoeRwIM8G+D4RMGpixRzFLd2KIeIq4Tjpopuw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzK1FBcHh2NlBCMDVJTVJi + V3JzYmRqVnNxcTBZSWJacDF5NUF0dGJqWWxZCk1aaTdra3RRcklIb1VkU1VpRGlI + VVZNTUFXQzcwT1NRUFFtZTFaZERiOTgKLS0tIFNTbUVXQmRaWmdPWWVzMTJEYk83 + RGo1aDJJV3RiRkJsTXNoa2ZFSWJNcFUKM21CtHAX2swT++JqKSQ2R9htE0+Csvlz + h/SfoTkVlm8OPrYzaEQV0SB0yxC7jgBKL9X5HZQDaflGbTUBi9LP1A== -----END AGE ENCRYPTED FILE----- - - recipient: age1e7ejamlagumpgjw56h82e9rsz2aplgzmll4np073a9lyvxw2gauqswpqwl + - recipient: age1wwufz86tm3auxn6pn27c47s8rvu7en58rk00nghtaxsdpw0gya6qj6qxdt enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwNFlvS0pjc1BtRGpuMUIr - cjYvalNIdjN0eTJYaEltWmlSMnRYZmcxR1JzCi9BNVBTUkUxaXJXTFI3SWlzQklO - NXVzOTQ4cDg4VG8xQWF2NWRFUEVXMDQKLS0tIFlOZDM2bit5bmlJanpSUFNJS3dQ - a203MnVRYjlmaXd4V1k1TVUrd3pKNVEKuvS5aCDXVaPXDqaNZ4EN/WsmuIg1O95U - dkCDwM20NMWHcf3UpO/J+f1LZYFtBlPGme2TujKiDXBtf2bDbX4CQg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtRGxmaUE5V1NabytJT3E0 + elZ0T1YybS9OQXdERWdoSkxpbDcvM3Buem1jCnBjSWROT1NxWGxXOERCLy82akJ4 + clVyVVpZMTI3cTEvT0U5aWorQ21LN0UKLS0tIGJDZGhtUWVVQmpKcnFvNlZvUS9B + STdUQUxXcUNnRmZvNzVIZjlVUGVuWFUKp8qPooDNNFa73mRtmBuzwlccVBX7TF7P + NcQQUzTe5i1B2S5Q8iDVkEKnPJxb10KGJEGGD+gh29beOWsZXEu06g== -----END AGE ENCRYPTED FILE----- - recipient: age1gekmz8kc8r2lc2x6d4u63s2lnpmres4hu9wulxh29ch74ud7wfksq56xam enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2Tkg3YUpiZVMyZGpvbDEy - SFVPcmdMNGRoUHN2dnR6bGkwNElXQkpFY0U0CmNqVjFmU1JUTDJjOVluS0VMdFBi - ZXBWQUpkRzB5L3dIVzBiWnZEK1VCNlkKLS0tIEZXckdDUEx6d3ZXaG1EYnhaMDZU - UzR3Si9HSnk4YmRTTXdwVis4R3BPcDgK+0SihF0mPFe2WQjcqwVpMWVwpQYoB1Jr - lq1IvLNnz+pZUS5IxD+tu0kp3dTP3dNAdT2m6vMvEnaK/suX+5pdRA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwVVJQOXlXRVhYMHVZQjdD + VzRGSUw5L2hRbXdJYkJndUlOb3ZPVWJ1dUcwCkxGLzBLd0RUeWwxc1ZZL2hTYzUz + VVBjZVFzN3VCY3o4UXFIT0plSEFoWm8KLS0tIGhJRVRLMVE0eGtkeE82SlMydE1m + TDhLOENRREVlemt0ZHBid0RNelV0bUkK0MYZpO5AWieaHnW/tP8bND/bJQYKf85e + fEs1AE83bhS4pLGhf7elXUW9Yc7YG7M7maPyK9Yf3G8cFH1sYLYhVQ== -----END AGE ENCRYPTED FILE----- - recipient: age1zjgqu3zks5kvlw6hvy6ytyygq7n25lu0uj2435zlf30smpxuy4hshpmfer enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVYXpHOTh3bUE1MWtQTWJQ - U21hNmIvVXJvdFJpYXRGaFJEb01xVVNGMzNJClVsMXY1anZFdGkyM2FPcEdCSmlo - SVhRMTN3djZaT0xmOFFLc0lwWmhzRzgKLS0tIGVSaUU0N2MxalRmR3NuZkg0VXl6 - T0VYMzV2eUdmVHNsbjBFMXc5aXBKcE0K8H+aWk2p2Zl+hQLBEu+d0ssN986AQUhB - 7oZmsuS5KxBGCI+/r0MHMGrFv6IzA1KFa6RYk+gYu9vyNmrodCEnpA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBIcjlObDQ4eVE1SjJrUlBF + YlVyS1FDYThtdDNGSTVReTRidGVPMXRZVGdjCnkvZENzMkFBKzZaU0paOFJkRmMw + MWpQaTg0c1RweStNeFVZZ05KY0VDbmcKLS0tIGhjNkxMeDhxVEtLdTF5Qjl1MVJv + UHZwRmc2NjNDUlJCdWN1V1dhS1RkelEKF1KiZLQvruEAfjwbW8lIyzvcCqeAMReI + svl1uSaSaxPtCbnc9RA2nfo0vvCoz0a02dhr7CAy3syfQPLLZqRAIA== -----END AGE ENCRYPTED FILE----- lastmodified: "2025-01-19T14:26:29Z" mac: ENC[AES256_GCM,data:/IULS161NWmomr4jkVV2zgPJddcxIazq5AsuY9uNwfIlUDrKBiyhDcFPaQD2Ivih1v//ScphzhmaedMZbIhu88YEiMGSUXHjYtbXU8/Dxs9IvmJIq+e9ao7wgqtB/bc1G2z4aGNKifSwmVm0AClI1xK11e2ik6A9uFwMuYF2i4Y=,iv:MxaXnhyJfXg8qBs1LKl+Qe+oBhlpjaWtWL3JDDcM2ZY=,tag:/4NSLC4ksLNw6HHimS7AHQ==,type:str] diff --git a/setup-host.txt b/setup-host.txt index 31374e9..20099de 100644 --- a/setup-host.txt +++ b/setup-host.txt @@ -9,4 +9,4 @@ * set the actual device IDs in hosts//default.nix * on base host: nix run github:nix-community/nixos-anywhere -- --flake '.#' nixos@ * after confirmed working, update hosts//default.nix to set keyFile to /dev/sdX (otherwise when the USB drive fails it's harder to replace) -* if replacing failed host in place, update key in .sops.yaml with the output from "ssh-keyscan | ssh-to-age" +* if replacing failed host in place, update key in .sops.yaml with the output from "ssh-keyscan | ssh-to-age" then "sops updatekeys secrets/secrets.yaml"