diff --git a/nixos/telperion/configuration.nix b/nixos/telperion/configuration.nix index d6afbcf..90d54ca 100644 --- a/nixos/telperion/configuration.nix +++ b/nixos/telperion/configuration.nix @@ -13,17 +13,21 @@ sops = { # Mounts unencrypted sops values at /run/secrets/rndc_keys accessible by root only by default. secrets = { - "rndc_key_main" = { + "bind/rndc_keys/main" = { owner = config.users.users.named.name; inherit (config.users.users.named) group; }; - "rndc_key_externaldns" = { + "bind/rndc_keys/externaldns" = { owner = config.users.users.named.name; inherit (config.users.users.named) group; }; }; }; + environment.etc."bind/zones/jahanson.tech.zone" = { + + }; + # Use the systemd-boot EFI boot loader. boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; diff --git a/secrets.yaml b/secrets.yaml index 5748017..2bb3b5c 100644 --- a/secrets.yaml +++ b/secrets.yaml @@ -1,5 +1,9 @@ -rndc_key_main: ENC[AES256_GCM,data:EUcIAl9lq/Ssft6DJLwQTUwOLDvjPxcJNjofAzInJ3CfAHlCIgiXFPjzq04IZHvc2WdVzwEfca15jGMnmscU7d5fwSAWsgJyJI9JTJ/DllyR5ndHoibGg7lsmDpMBE+V1sG9l/UT,iv:w5JSaZCxVGjAmfI2ZFqaEPb2KU8JgqAhib2VY2ODX0A=,tag:KrgJr0y1GraBENXoRfvnlA==,type:str] -rndc_key_externaldns: ENC[AES256_GCM,data:OLw8W+XHb/uyi2v/1cq0wtZuKAaTrQn7z4ecbKCX5FLg4TmKFfVhkgwLENQsYQeUKTnap0BWiDayCr+ZDHGtew5JgxM+yG8tjznZN5CFv68OQQltnNii9blK0n3LnnArwsC7R81LCtIS,iv:QrFo7mJuzPMSw74GwGJgm/0OVp70djpgl+F0MfcOuko=,tag:ShhiG/uvomIZrqwaEEq6ug==,type:str] +bind: + rndc_keys: + main: ENC[AES256_GCM,data:fHA7GHqsS2A4W4sp8f/qW1CAsK9g4GOV6AJosDkJHYD1hm6gGP/c7qN3LPCVGNP1dLvwdFBMsJw9Zk11RXmqix+4RRVJe1H+b0kYYgdawiWpujQ3APlb6FNRJL05818vLYJs5gnP,iv:Kpq6AVJG/7gbztgxsDzY087Q/ykg9Pe92IXdk88LsOg=,tag:qSYN8JCzh8XJuagU7RHctg==,type:str] + externaldns: ENC[AES256_GCM,data:aAKeXstTUfpTSR7M3TMtXaHoYRiaQAVUsfEbIIOAP4V1vAwsTTZg7u8hKdyDh3xA+oXnrcZL9Z0/lKyfvEaZSkHdC1ATTNgnFXEhoJg+k52knETYQMRJMn54lxCwIgGxJ0pkcgIXxdg5,iv:VAUzo2UQ0DfLUcchlNJW7lmS0BK/KFgAYncqwmMDpxw=,tag:pLVWO63bIV4vn12kbeS6Ug==,type:str] + zones: + jahanson.tech: ENC[AES256_GCM,data:Q6vuMug4oNR8tn7hKhxFCeYlV16EV2fuenC/ZX5+VCpj+79YYuKWvegRihDFSF+pyzbSDXiN2VWBUgxR1nrNv7lQNr6Etz3q3fGZEj/+0H8hbKEnNsvqlh9r8XZvOYR+bcXF8cEuz8UUDmQmErC9b0m7VEfvz8ahlJ8kh7dgWWP4VUjrrLj3Fy3+/q48LwBMRRrqbNJMLbnF+JNSuL3W0TeO9mtXhXM4U27p1pW2ucfGlKoFBevEe+JiknDz6QKSlRae4En6xstXtlDsX20hmyTvmX9mjPo2PHdzn2hvBJ9PHUEUPUJfVSlErli0Y2Hl22MTmH0TbdGFoGWYVJjwPT25DGdxlEDuucw9ioTGZFC9X0ffdoBD8ffaiKdLywZwfmF4j2ZrqzaGqF7IsT1sCAnvo8iKcwU3P22ma7ZVBSGN2umll5f2+Go6yGEsNjQtsYrqqGHYi3OXTKskQdFcYy17hoAchcW8fYRlGwK3SvGKZGr/QZU0xkhPRbyFF25AVfto0LzKwOi3KwMRxkArQM/g4P42lzNs76OaqW7FZfBPsEL/H9z0Ff2ctyewwjck0HkFdCBrNZAr62HU74V8/Ytl039NFK6BCRH5K+3miDFw0px7IUdXIJx8sL8yzaP0fW/P5vmGF5ONBzJkzVmaB5ma8qij1W8zQlF6QRIVe0YuNfsiugatUEbRZppqpb7eIH9v4se+SBUN89w54mOuiQ/VY9oBT6nkSrEiJuVnWk/8z3rXGpxnEGCFjWAe2dqKo0c2D/xdmUHkJyoqDqBZdSphpXtEJ/UVWQMjCL8EBKKobARCmy2FiPQhuQ+PAy3Z991jhJ9RVTcckFu90Q4LWkrDHd4iZDVrLosdgV0GCE9VK5eH2OSHCGkiQ8Y7QaIfAqTYt+Asbvv5lad7n5n2PpXslGMOkQgz2xWMwv9SLNVn3xmegBxb14l4PT+lIQexXkewcBZ9JPTsuTTqJXT5VGDglncXXehJqnezQD+V2dSX6AUAUCAvOCRs1/uRAHzh4IZsQxsmaxPNrCybq8uiGj1bymfX2LbS8ZsQ,iv:Jnw8C+KA4DjKeitEGrqY51Os1ar+ZOIqivsF0x5hvQM=,tag:p/cDPkK3URWk8fTZhYO9nA==,type:str] sops: kms: [] gcp_kms: [] @@ -24,8 +28,8 @@ sops: SHZmN3JDL1ExVHZ5K2txM2h6MzRKWE0KbS3kO9teIcRDY4hnb54LgWzcRQu7aGGf TjnTJzqKqmRRMLOs5be6wbrxBiRe9p5nCN/WJ9nqhr7rfNNMUiZePw== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-04-29T16:07:13Z" - mac: ENC[AES256_GCM,data:3ql1GzR4+E3CeWc77TTJTDCws9YzPPlBA1nTVQfDF8RqDUInfF802LCKckuneEY+ihoy9ugP5xxXfdXsUwgNUDAaBmLIgI5lUvPNoYpXfqjzH1ElNSx+Qwv7ZphqQlcix2Yhq6y68z6CyfM5arZM1aVG99IPaf0HBuey8esZgAc=,iv:cwWqQ39kTXRPrPq4ocEhFQwxakCbzsWwmhpEi38B0kU=,tag:YZtkQxp0PTf2kMDm48bjUw==,type:str] + lastmodified: "2024-04-29T17:14:41Z" + mac: ENC[AES256_GCM,data:yi3rXlgX/xlfsaSlu78c/F8d3awI2qrE2UTZuLqqOhYP6XIyAa2f+4rS/kRmNSbMEne6z3nMKvlglp2/SyO11fkrACjesQjfGIbkmb2h9+5wH0HFIwMWb8mIRq5Gs/O/gISJ4wjolnijeURf1D6C1EuErTet6/LGcS0nVqJ4u/c=,iv:pDm3hBqqmIQp7DajCQqrgFtlMFw+OqnxzY0JH8F6/v4=,tag:YiuvJF5zFRZS8b2b5d1nOg==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.8.1