tstarr/dotfiles
1
0
Fork 0
mirror of https://github.com/starr-dusT/dotfiles.git synced 2025-05-19 02:46:06 -07:00
Code Issues Packages Projects Releases Wiki Activity

updates for torus before rekey

Browse Source
This commit is contained in:
Tyler Starr 2024-07-21 12:47:13 -07:00
parent 017dc9f6e1
commit cb60c1dbe7
5 changed files with 27 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
provision/.sops.yaml
View File

@ -1,9 +0,0 @@
# .sops.yaml
keys:
- &primary age12g0gtcnhyaghs9vc5528yrstq4spe8p36fflhpwj79yz8jq9qg2s4v6mms
creation_rules:
- path_regex: secrets/secrets.yaml$
key_groups:
- age:
- *primary

7
provision/age-secrets/git/gitea-runner-1.age Normal file
View File

@ -0,0 +1,7 @@
age-encryption.org/v1
-> ssh-ed25519 47GzQA r28lf9eone5jtdB3WLJfa5vszCTpVMLudLAnsIL2eEY
5s7qyKaplHacc9HAQELdE8LJ7rfR0pPdHwAtodPkw4o
-> ssh-ed25519 6UNP1Q Kzg5Jfo6se5cnfN5oY3DpRNTM8kvOVWLpZUeEE7GZTg
kv76SZGEW5UZhZgXG2R46n6xfEsI/KTQwdti+MoPWSM
--- 6GSLqjnqZy6/5kgucw/7O+AYgX0yxtZlrSEpfjDZJFs
Œ6õ! TF³Šd´¨»£?o±oµEÈt1ØpN“<4E>ùU%mC¥4º5³ìÂMLÂ[¡¤x‰!¾d#ÍÕ<C38D>6tØD"¦Â”çc

7
provision/age-secrets/nextcloud/password.age Normal file
View File

@ -0,0 +1,7 @@
age-encryption.org/v1
-> ssh-ed25519 47GzQA MDM1Q/xLs24II9MATnzE4m+jjgdCaWxzxwR9wZFFdgU
XdbCAUaq7exmR5atSi7XT8Z2pHw0bzTmzVwxd5VH/4Y
-> ssh-ed25519 6UNP1Q JK3EgJyJlAAJ/f+I1ciEAuyrTAcBfEpClvxJ9R/qHWE
c92Y4Bs3osc1OUuThoaVqIlXjiDzFJQBjYNA/0Sr9U8
--- 3NG2ZxIstfL6QZnJwY9J7EEi+OZ86mVPqHcG4CzIc8I
|·;­á;Æ•ËÜÒëÎJ겎Sà ýçyœB¨*~[Énä?ôßîÔÎ

8
provision/age-secrets/secrets.nix
View File

@ -1,11 +1,15 @@
let let
kestrel = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM2iE16XVkriD0x6GhnqmvGDA1qNBibvHVIi5xY+c7Iu"; kestrel = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM2iE16XVkriD0x6GhnqmvGDA1qNBibvHVIi5xY+c7Iu";
systems = [ kestrel ]; torus = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN71z5g6QyCn5Go0Wm+NOSF4f22xOOCvtIA3IM4KzSpG";
systems = [ kestrel torus ];
tstarr_kestrel = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINr2BUUToMswbAbxZMXarl2pQEomM+jADyZbEK31VGu/"; tstarr_kestrel = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINr2BUUToMswbAbxZMXarl2pQEomM+jADyZbEK31VGu/";
users = [ tstarr_kestrel ]; tstarr_torus = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKhxsVgd8DH8c0zckjMUxSJrTimU709JLCgDGBMFoNxQ";
users = [ tstarr_kestrel tstarr_torus ];
in in
{ {
"git/github_personal.age".publicKeys = users ++ systems; "git/github_personal.age".publicKeys = users ++ systems;
"wireguard/kestrel.age".publicKeys = users ++ systems; "wireguard/kestrel.age".publicKeys = users ++ systems;
"git/gitea-runner-1.age".publicKeys = [ torus tstarr_torus ];
"nextcloud/password.age".publicKeys = [ torus tstarr_torus ];
} }

13
provision/hosts/torus/gitea.nix
View File

@ -17,19 +17,18 @@
}; };
}; };
sops.secrets = { # gitea runner secrets
"gitea-runner1" = { age.secrets."git/gitea-runner-1" = {
sopsFile = ../../secrets/secrets.yaml; file = ../../age-secrets/git/gitea-runner-1.age;
owner = "gitea-runner"; owner = "gitea-runner";
group = "gitea-runner";
}; };
};
services.gitea-actions-runner.instances = { services.gitea-actions-runner.instances = {
runner1 = { runner1 = {
enable = true; enable = true;
url = "https://git.tstarr.us"; url = "https://git.tstarr.us";
# tokenFile = config.sops.secrets."gitea-runner1".path; tokenFile = "/run/agenix/git/gitea-runner-1";
token = "kZ8YMUInzUYkvFK7bia5191QzLPF2xh9dAtxDI8d";
name = "runner1"; name = "runner1";
labels = [ labels = [
"native:host" "native:host"