mirror of
https://github.com/starr-dusT/dotfiles.git
synced 2025-02-19 19:27:31 -08:00
change kestrel wireguard to sops-nix and add privates for bulwark and adjudicator to yaml
This commit is contained in:
parent
fff1179a3d
commit
602eaf2138
@ -1,3 +1,3 @@
|
||||
Host github.com
|
||||
AddKeysToAgent yes
|
||||
IdentityFile /run/secrets/github/private
|
||||
IdentityFile /run/secrets/github/starr-dusT
|
||||
|
||||
@ -1,11 +0,0 @@
|
||||
[Interface]
|
||||
# your own IP on the wireguard network
|
||||
Address = 192.168.3.2/24
|
||||
PrivateKey = {{ (secret "Wireguard - Adjudicator Secret" "NOTES") }}
|
||||
|
||||
[Peer]
|
||||
PublicKey = bd7bbZOngl/FTdBlnbIhgCLNf6yx5X8WjiRB7E1NEQQ=
|
||||
# restrict this to the wireguard subnet if you don't want to route everything to the tunnel
|
||||
AllowedIPs = 0.0.0.0/0, ::/0
|
||||
# ip and port of the peer
|
||||
Endpoint = 66.218.43.87:51820
|
||||
@ -1 +0,0 @@
|
||||
r2/IeYCO1T+l248387wUBoNnc2DK9O8pHcIr/NQqezM=
|
||||
@ -1 +0,0 @@
|
||||
{{ (secret "Wireguard - Adjudicator Secret" "NOTES") }}
|
||||
@ -1,11 +0,0 @@
|
||||
[Interface]
|
||||
# your own IP on the wireguard network
|
||||
Address = 192.168.3.4/24
|
||||
PrivateKey = {{ (secret "Wireguard - Bulwark Secret" "NOTES") }}
|
||||
|
||||
[Peer]
|
||||
PublicKey = bd7bbZOngl/FTdBlnbIhgCLNf6yx5X8WjiRB7E1NEQQ=
|
||||
# restrict this to the wireguard subnet if you don't want to route everything to the tunnel
|
||||
AllowedIPs = 0.0.0.0/0, ::/0
|
||||
# ip and port of the peer
|
||||
Endpoint = 66.218.43.87:51820
|
||||
@ -1 +0,0 @@
|
||||
CDoy/XI8FRQV/ySHigLWG2tpWVw8hgEZXRQCEE3qYHQ=
|
||||
@ -1 +0,0 @@
|
||||
{{ (secret "Wireguard - Bulwark Secret" "NOTES") }}
|
||||
@ -1 +0,0 @@
|
||||
hPso657fppLYvBU31Rtqqg792JEoPv7r82JgLoF8S2Y=
|
||||
@ -1 +0,0 @@
|
||||
{{ (secret "Wireguard - Kestrel Secret" "NOTES") }}
|
||||
@ -102,7 +102,7 @@
|
||||
terminal.enable = true;
|
||||
wireguard-client = {
|
||||
enable = true;
|
||||
privateKeyFile = "/home/${user}/.wireguard/kestrel";
|
||||
privateKeyFile = "/run/secrets/wireguard/kestrel";
|
||||
address = [ "192.168.3.3/24" ];
|
||||
publicKey = "bd7bbZOngl/FTdBlnbIhgCLNf6yx5X8WjiRB7E1NEQQ=";
|
||||
endpoint = "66.218.43.87";
|
||||
|
||||
@ -10,8 +10,13 @@ in {
|
||||
defaultSopsFormat = "yaml";
|
||||
age.keyFile = "/home/${user}/.config/sops/age/keys.txt";
|
||||
|
||||
# Github private key
|
||||
secrets."github/private" = { owner = "${user}"; };
|
||||
# Github secrets
|
||||
secrets."github/starr-dusT" = { owner = "${user}"; };
|
||||
|
||||
# Wireguard secrets
|
||||
secrets."wireguard/kestrel" = { owner = "${user}"; };
|
||||
secrets."wireguard/bulwark" = { owner = "${user}"; };
|
||||
secrets."wireguard/adjudicator" = { owner = "${user}"; };
|
||||
};
|
||||
};
|
||||
}
|
||||
|
||||
@ -1,5 +1,9 @@
|
||||
github:
|
||||
private: ENC[AES256_GCM,data:DIIKWqeqCAKJKCffAEIbPKvYiJ1j/zqIzpeBPwJUEXlDgcKHCb7fdIwuHMGYYocNX7hKwGQQWsI/48Karot6EGJ+TbsTlD6WG3tintS2R9Gw3PFdvuKVKybjQ/3yDvFm/CJlEl0+2XG5sjHoanMtJPXEIIeRbbLxgrH2uu5W6Xt8DgT8R0BR69+rJ6U4tBcfBgrssYNHTOC/aOCAltq2tS5XoZ4i8tv94iZPZPdV5dntoXDiSNnJwFRvofrakVCuCt/8MBZMNzzUPlbkR73gwNUWMJDgr1OZCzJJNDXhl6H+LsW3DRy9/8wFeAlwb0oGOn0j+DR9VmYKSxjJYeS3LxulslEtCFNirLlK1Ht5vKjeMUAVSS8ALHKFw0VeCYitF+IYev8opcWwU7ZLWZgi/iAIP+WzLLzEhYPnTfvindtffSOzBmRLbPmtjwiNe3SJTR8UA/APlilRYDruO7jVgftFB3iAnw5vCEjBsnGYvloe5Q4qBlGsJLSUS1xoeAyvHL2rVh9Pirs3BA==,iv:8WSRbanE8hM1O039BjsXsxnAUKFrvPxyZhFEYpJ7kSk=,tag:34VH6H600ow+B0CV8hQNTA==,type:str]
|
||||
starr-dusT: ENC[AES256_GCM,data:rNds9CsqxjPQg5uSkFNEsMHh7EZfU5Cdqx2MBhlTmkWmA9YY7QOxtskoL7elZzYTldCkzNQyeBrxQsuTbxzMhZxtKXXcEjaS0PpZToQGyw/mkXGXLOrf5YGkBnKUCPUrMgs5PecaE2CTlv/Dy95R/7IF6iKd1ZWJ6F6WbxihzokR42BYd1vAuAhaR/Yy3rwpYc488H9zWserBni+aB/f/lWX1kmoxeD+c+7D/1SZvSTSnd0ObNVJ4Na8GJ0MTmnF2l1lCoIATSjNsNo4sWtOsQSshyX2GmccAJvulGCAVQjevoBDZdBY/+qzzjgoP9PyBwBTcdHwYX7HQPY8KKwmBwHLwawPIV5aqTjJ4JeeHKwkkqtMX9nnWwWlTBUuo0lRz2dk9zUgXocV4T8dTbEQuhi26lf1EdW1MJlzBbkjcFCFpbnV9y4A35NAyPnxQx4ZBiXyXw8S6+RgClIqB5gi70FqR4GgObwUl7LpOzaPaJBBrm/BNDCJ5w6rh6DV4WErBSi9TK8T0DwDTA==,iv:ZP/u6lV+GE7MpwQDrmNrfoHCBvA5B8+5pd6NNVUNt18=,tag:fKnHXbCibkP/3is8/gboiA==,type:str]
|
||||
wireguard:
|
||||
kestrel: ENC[AES256_GCM,data:RLDesKMUtpurv+C2YkxMcbBdiP6cHHUGRCYkgO5Qf6FZLxl4vKRyhTdDzWc=,iv:V/9bpCMTT9YQ8QCNYdpfrhu0lc4Yt5Eu0DJMc0uZkNA=,tag:kFnN7GwT4UKqUyvOdlbXxg==,type:str]
|
||||
bulwark: ENC[AES256_GCM,data:wMMZ1zJ2nPvkAFA5SgcSyl1z+9blDqf/6pVp8olmGaXJsbWc+/gBtDKzTog=,iv:2lZdsFYZhiTumRmYN/q2606gpyS7lCjf4cgeaCIjoxo=,tag:o81+t3pRwfomEys1veQecA==,type:str]
|
||||
adjudicator: ENC[AES256_GCM,data:sK2e6miw5UDLV0RQa/pSoI3boKn39/z+jEI0OSGQjhv6PXqIx4HiEtZJptM=,iv:2XjVv5gxL+E0fCzi1/3I1bbxLBOAYzmtu5S4VlZwyxU=,tag:8cahB2CJ4YDN/LSGqWUPnQ==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
@ -15,8 +19,8 @@ sops:
|
||||
ajM3YlJYU21PaHRyaGlUNy84RHN2SE0KAvMFdqnfV0TzfNcBdY7OvRLZrBb9uXSI
|
||||
3y50yFhYnyXtWKLQFTwjN6S5dLaZgqhaGhEQyNCQxb5RGZJDR6g7Yw==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2023-11-20T06:27:54Z"
|
||||
mac: ENC[AES256_GCM,data:U15biwKX1mCmnqqutKTOigSzdF5MyS6WrfpMvAW1n5fx0CGMZY07FWRK52ACHNP/eF5Zayq+BfzIAtkyMVfF37J8q5PO6o/G1F6OvldXagvMY4UbqUIb64kHr1aCeQAp+Yd4tGxmsyprkRDLZsJb0Q9Dj8PX30ZiWKUyoWfSlkE=,iv:GRjli6tHFUXAHoc+K4IRP9iAOWEwUlKHQHcdeNyWV3Y=,tag:kntSZLX/te2o6SCmJxhK9g==,type:str]
|
||||
lastmodified: "2023-11-20T07:18:51Z"
|
||||
mac: ENC[AES256_GCM,data:c2jgENQOU6PpskH67qBlH73/9ETExMIClbBTH5yBHUus6UeghWlQ5JZ7FGv1RtQiJ+sqXIsyyjt8vaGzcqMtMuUPtJP7I/YEz/IylSVuDQu5bi2E5tsuRh0U5bSfL1AP6vzrJ7E36FOGX+vqVtDjzgDcwqR1NzWj91mq+5o0KSY=,iv:5xUPWZC4pHdfdhS+YHkX9EOzJseIkFlfYcyri+jY3mI=,tag:2wTru+9n7E/88ma9zaNocw==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.7.3
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user