Compare commits
2 commits
334b521bdc
...
c9051283dd
Author | SHA1 | Date | |
---|---|---|---|
c9051283dd | |||
0a1255b438 |
4 changed files with 58 additions and 15 deletions
|
@ -13,6 +13,7 @@ keys:
|
|||
- &jahanson age18kj3xhlvgjeg2awwku3r8d95w360uysu0w5ejghnp4kh8qmtge5qwa2vjp
|
||||
- hosts:
|
||||
- &durincore age1d9p83j52m2xg0vh9k7q0uwlxwhs3y6tlv68yg9s2h9mdw2fmmsqshddz5m
|
||||
- &runner01 age1cqqclavfsmc0yl74cs9kxvkf4l6690aysq50qx32l7pcg9fs8gcspu3wgu
|
||||
|
||||
|
||||
creation_rules:
|
||||
|
@ -20,4 +21,5 @@ creation_rules:
|
|||
key_groups:
|
||||
- age:
|
||||
- *jahanson
|
||||
- *durincore
|
||||
- *durincore
|
||||
- *runner01
|
18
.taskfiles/sops/Taskfile.yaml
Normal file
18
.taskfiles/sops/Taskfile.yaml
Normal file
|
@ -0,0 +1,18 @@
|
|||
---
|
||||
# yaml-language-server: $schema=https://taskfile.dev/schema.json
|
||||
version: "3"
|
||||
|
||||
tasks:
|
||||
re-encrypt:
|
||||
desc: Decrypt and re-encrypt all sops secrets
|
||||
silent: true
|
||||
dir: "{{.USER_WORKING_DIR}}"
|
||||
vars:
|
||||
SECRET_FILES:
|
||||
sh: find . -type f -name '*.sops.yaml' ! -name ".sops.yaml"
|
||||
cmds:
|
||||
- for: { var: SECRET_FILES }
|
||||
cmd: |
|
||||
echo "Re-encrypting {{ .ITEM }}"
|
||||
sops --decrypt --in-place "{{ .ITEM }}"
|
||||
sops --encrypt --in-place "{{ .ITEM }}"
|
14
Taskfile.yaml
Normal file
14
Taskfile.yaml
Normal file
|
@ -0,0 +1,14 @@
|
|||
---
|
||||
# go-task runner file - rest of config in .taskfiles/**.*.yaml
|
||||
version: "3"
|
||||
|
||||
includes:
|
||||
sops:
|
||||
taskfile: ".taskfiles/sops"
|
||||
dir: .taskfiles/sops
|
||||
|
||||
tasks:
|
||||
default:
|
||||
silent: true
|
||||
cmds:
|
||||
- task -l
|
|
@ -1,6 +1,6 @@
|
|||
forgejo-runner-token: ENC[AES256_GCM,data:q/K34xSOcqauWTz/WgbfGLWNXuOcL10yghV90uvjc1hpBjDVOCGnSg==,iv:OHuHGPx2HMqKdrQIs8nup7E1D352U8fq/jz5dHGtemM=,tag:kZAxNfhOaftdIGNjeDmhaw==,type:str]
|
||||
forgejo-runner-token: ENC[AES256_GCM,data:aJzmXCePNLPvHqMixVP2tARC36UQZYrwtSweJRszI1GF8Pm5Dr4zAQ==,iv:C7iJW2lSnZKbUBQ6T3uW8kY6F/80kVxA1D2Ixhrkxvw=,tag:ZYW8Vo0hp8QxDyb+X+2ZMQ==,type:str]
|
||||
cachix:
|
||||
auth_token: ENC[AES256_GCM,data:h8xnfojQf+bxUDiUGx1gmGN9xj3QyqrU8kURtjrgJOWTDvg2t3osBkl9j4kUiT9gNyChA2TIUP8RKrHL/Bz8pxQuKLu337taJcj0ept2ksx0D7iMGk6chjez9Xiy+iF9cXqFgglmTHehtiR90BY1f1AFKAe241atpVyKXOdTzl61isANb0KdT6H1Iqyq+AanPO5FIAE=,iv:zVcp3zqmXYU2srHBI6FBzQZKAWu1kBp0zp3szsLhPrQ=,tag:bM3+WnhDXf6wlHT1w7rKLQ==,type:str]
|
||||
auth_token: ENC[AES256_GCM,data:4LrbKQw9XJ90gm7JiSlKoqLSOIcDv7JNu/vtkpSzDPFvo/ZxB4TTSO1pRFqf9FKy/IxE+IXSOV8XAEgtjPtvwq75/8sypZQgB1oIUmVuAaP8qUPGP1tgoObyF56eP9td1Fwm4PDzs48P52LdiN+tdoFrAju2YAAE0shIoeowQXHWN5HBEXhJpVDFfHIydrmqWYICR/A=,iv:34rhdr95kYb/FTTUoVCFx+kX1Z5hQJNCE26xLOS0euA=,tag:h9wxyhVySVGPM79ZB3XiHw==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
|
@ -10,23 +10,32 @@ sops:
|
|||
- recipient: age18kj3xhlvgjeg2awwku3r8d95w360uysu0w5ejghnp4kh8qmtge5qwa2vjp
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2SGpyVy9ETldIalAvY2Yy
|
||||
SzQzTzBYQVRiUklsUFU5dUtHdXUvbkhjcVVFCkhKSkZLRmN5MzZFQUdiYlN0RWdF
|
||||
bWhadC9DOTExNk5PMkM3OGhmZ3ovNk0KLS0tICtIVjFMdEo4M1ZPRG5XRDFodEps
|
||||
SHgzM29SNklYQ2NyWXY2K0xOQWUwUGcKfTaZ4MPjq1XicLcNigcYTB0fWGOSre07
|
||||
DVh8UHbykCAZBFutF3ATC/ssYUTfMriG4xkI9Hrn04pEvlf52AgD+g==
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBCNERxeDBORCtBRDlkYk5l
|
||||
Y28ydkVxUE5NR1VxdmUwT1pWK3hQZHJabVhFCk0zS0FoazBTVkJZTGtaTTdhcWFq
|
||||
ZVQ3SFhieFFlSWF6YzFuS3p3SDdHRUkKLS0tIGRISjRvU2lUM01HcldUYnpDZ2hX
|
||||
S2RWYWdsVUU2VlEvZmJaWlJsWi9CeEkKp6iYa0YB57CvfGaJJaI0phbFWLNNeSEd
|
||||
V1IYFGg3yxuuOtozFkKWLJnYbTvQU1dwODtp5fr2FvxTqTHBsSZ+UQ==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
- recipient: age1d9p83j52m2xg0vh9k7q0uwlxwhs3y6tlv68yg9s2h9mdw2fmmsqshddz5m
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB6R2x1emhYOCtXTnhwcTRD
|
||||
TjJjQmNkMG40Y0YxNFJzQ01uYzJNb3d3SmhVCkx5cmRiWDk2TWY4bDE3clpMM0hM
|
||||
RGYyRVZ1cFdYZUxycWNQS2J3am5IVlUKLS0tIFNuMklpZGJRY2lMRjhWNU8rcWxG
|
||||
SEdEMHdpcUlROVFhNkVzVHNJOHdvdFUKGNZo/gsmqQLc1xtwoMGA2Gy2yL1U/5DJ
|
||||
Ltqz8nRTteaSayhS2dxGqkRM0QKEqz/MhPno6mcfMXaRCZLxisQzww==
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBUeFozYXBjM01NTUVXUW5G
|
||||
ZHgwcE81YjlQNlAxV3gwRmRyK0lrU0ZsSlhrCklJOGdsVVJrbEFOQzZDRDNDbWQ3
|
||||
d1JlbmdCVkdYK2sxKzdaZkxLS3FrdEEKLS0tIHkrOCsxcU40T1A3UkFPeklyMm5I
|
||||
L2c4cFlUdGcydjBaYlVmSExUd0lyOFEKapBIbtamc7PcIcvNMWiEJVnV7Ik/gijD
|
||||
94EBb+oVoxJaXhj70wpW9S5XAw7qac3QY9m9ZG6LTyeIJvbGFs1fog==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2024-05-14T16:14:00Z"
|
||||
mac: ENC[AES256_GCM,data:GATqt5ftIkdZ4jtlrgwmD4pSm0CSdsMkTOZP2E3gqC2kdqbVveseQgOWe/o7gvtn4VkQMWeJSL9Q9xxtCTH3VPSX415BgANeUJfZ8sfH1WJjSPUOKTRzN6VRXWceO4C8yd9PCHMYYhrVw0wd3h+bJEhh6G4Yq9J1lRQ8WKAxdzE=,iv:ehwPu7qGaPoQeQQ9KpX1AXLJsdmyLSMdSFJ8EtGj9P8=,tag:cRr+KGtbePlc/cRYBXsRAQ==,type:str]
|
||||
- recipient: age1cqqclavfsmc0yl74cs9kxvkf4l6690aysq50qx32l7pcg9fs8gcspu3wgu
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPSFhKL1BGNWtUaHp2bWJx
|
||||
SXZtSmdoOHdhSkYrQWVLcXN2YUJCcHBtNUZFCkdWME1oKzQzUDgzWmJxOXA1WFFz
|
||||
SEZnN05TblB4UnFaemQ2MVJXY2dnc2MKLS0tIGZXekl0dmNvN0IrTmo5Zi9DclRz
|
||||
dXZEdjhKS1VyMDR5SzdUQTR0RjFrRkEKeF4EWi9l0S2rzDqhE/6wblhfWiuZiztS
|
||||
Ip6GKEkqMLQgZjU6TW+/t7nDRGFhXw6DtSN+1Y69dRxqh5OdvInEGQ==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2024-05-14T17:46:58Z"
|
||||
mac: ENC[AES256_GCM,data:yyP0V5C67psrs+GrO34Rwoe87Dpg8TNB34AOxO4igAbUy4/2EefFD8EAY2pxTCU/jGZkYbFj7l3bDRt9kECxLXrhOhywxeU347DshK1J26NjtGyBzI8gjhhR7D9z2L/+NiOaVoyew3OWBFJKe6jgtel9iRjkHtwuuxf+RIQLdLE=,iv:3D5P/PTQlyWTrVBNuKfZHZ6Dnh3H3vhkOZkiU340IiM=,tag:uHw21nf7LtS9cFTfaKhIIA==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.8.1
|
||||
|
|
Loading…
Reference in a new issue