From 4dd8a02129b2893283779f9bd01ca0339dbd8a69 Mon Sep 17 00:00:00 2001 From: derped Date: Mon, 11 Sep 2023 21:36:54 +0200 Subject: [PATCH] Ophanim: update secrets. --- machines/Ophanim/secrets.yaml | 12 ++++++------ services/gitea.nix | 5 ++++- 2 files changed, 10 insertions(+), 7 deletions(-) diff --git a/machines/Ophanim/secrets.yaml b/machines/Ophanim/secrets.yaml index 30542c6..c903fea 100644 --- a/machines/Ophanim/secrets.yaml +++ b/machines/Ophanim/secrets.yaml @@ -1,16 +1,16 @@ users: derped: - password: ENC[AES256_GCM,data:XpUNgLLdbzS31XaZm0PbZ6Q/6sDP66YP97VIOV7/ixExFSpJW0gfwIiHuj7ROCeAi8lqcKAnAcTuflUx378HUFtaZ9lSE9GQ26sWcrx9/PYOX0bYnn8nE7S7gVQgf83fIlrK,iv:duZ+xAg/6KgCjEYQbxV4Uhi6RbRhsWW/bHMnlDHzc0M=,tag:iN8uDzDmh7QAMO3ZYiYFLA==,type:str] - mail: ENC[AES256_GCM,data:hEQBzZ4IN9BmwA4s/wDUTFiKyuHl/iVep/xJT5fyOfTaQUPuBMWspDsdEG5g/h1dFf5ujHts2+rcWZiZTjiZbrqCj2/Ivsbqy5xG28VztGPh7M7439TMIq6LrgVUaNVmKxU7,iv:KosKUgGPYicjFSR9njgI/NGSQwBkZR46c6DKyiJITp4=,tag:XIC70j6adWTvvKJJojifPg==,type:str] + password: ENC[AES256_GCM,data:LODa3S3CpToxDcILSXIAwjZKq+KBh2HwnmxM6NLjuGpHWLGG+olvYxYju4vd1bF4c0OFdKfJFzM99JENt+OLp7tR/NQhvpiu6f1IhcxSrjJTBTXHlRHSGm2JD3a7HB3E7DUH,iv:MrhBrInvFbHq086pc9cyvtXVSLBDDuuWFGm1KLnElk8=,tag:VqxDD1PXgZzeTGogtFgbrQ==,type:str] + mail: ENC[AES256_GCM,data:b8/EiGUiUmCsxeOSFLE4lETrdi6Dn6wpWdYyNb22kHo/Ws0PXMLu4FJKeP/lZj0kKigdm4I94eEYyC8UmZKcJtilW/JtUpfmGzDkiGTxY7VxVFZYbamsQ1wq1r3BuWZorn+m,iv:+kyH2h+0++NnR/NPyUOPkEj1HSMI7+gciCXuebdlvkc=,tag:J6ltTqx34sJbkUAaiZJR6g==,type:str] publicKey: ENC[AES256_GCM,data:n1o+2pBdstnnC7b3Oub8Cen6JYZzR4ouaVlANsqxr2B8apPgY3ZaWoYO7b773MiKlhfPGPDpnL6H+jBGRc+adUjuaLFl2fnWwHCo8bIe/esIMf+bgyMefodg35R6j02bT0BM8dQGRyU/Qw==,iv:zCZdEvdTNvz/pAG6fAlsG5ZTCzOyfpo5OJswFa9n0ws=,tag:efQOpShXKmTJeK3odLt7cw==,type:str] services: gitea: - dbPass: ENC[AES256_GCM,data:Td8oYUkIPi0xDgepRW4LNTLpWRbGYin4VT8gxGP6fAIADaX2F3pf5g==,iv:pTUvtCkpSZXQLheHfOEKLivervrsCc/lHqXbZ1ennGY=,tag:LcEGyoZNigEYXEHp2lCgDQ==,type:str] + dbPass: ENC[AES256_GCM,data:mZ159aEd0S8blrBtGL5yp9THAH96ru6wr6m5Sp0TFwgOJ4KfoU+1Zj+D2YEP3jc=,iv:JP0WhWZOOfz2ZoM387NVNpOt5mzhJLeVwUGFHJ2cE2c=,tag:cYSzUI4dfa6kql1qlm6Syg==,type:str] hydra: secretKey: ENC[AES256_GCM,data:TkAFImyj7ESA72aPjUTvUwTVzZ3KpXNdw41Bk2yGOJrNRiP3aA/+iK45BzJdeAssc5evZyvhFE+JE4ovOSuaWUz4YFH/TH41N5dkhSmPTND+hU6u24rv/gTcCH9BH/8uvFOnWCBmkKmFopE=,iv:NSCINUwyNCRMsGNjwfO/P1nMpYDQLxt448W2AfCBmLI=,tag:pfMpTExIabCmsHOiOIf6Qg==,type:str] nextcloud: adminPass: ENC[AES256_GCM,data:OEqdKKwpDdnlFA5mTOTaow==,iv:DFHIYqqNNBzmtE+ZbXy1ga2UQyQ9YXE+jYprdEJwYjI=,tag:Rc1viogmOxaK9d60lmGlgg==,type:str] - dbPass: ENC[AES256_GCM,data:6x6efRMiBvIt44SrZANwEGe3iZn3U+ZvY6bdOS/q3Olymm+kEwY+cQ==,iv:aJEADtgIbUu1ewV4MjDvepzoJ6nlFG3J4JgVonPNWfM=,tag:2Sgj1dmr8WcahKnpo3nTSg==,type:str] + dbPass: ENC[AES256_GCM,data:M5hqFQi3zUjKL2ZezMg5D7luJyUsPkZvFKgFS5hDw7v2iNH3cA3Pog==,iv:DaABDCPcZOuNuFl5nK1ub/NKerdizGjDP/QBP8B/gnA=,tag:GR9eY3nLRFhAO8tBYIRt2Q==,type:str] sops: kms: [] gcp_kms: [] @@ -26,8 +26,8 @@ sops: Mzh6aFZKM2k3TTZveWRPc2ZkKzNvYm8KpNozbSJDJ3Yd2FsR0krsPXsn1beIyniD 0tJNmBFphav57LDQrYz5D+J4pMKKQI1P/USCPDDu1km2dJF/RJzeJQ== -----END AGE ENCRYPTED FILE----- - lastmodified: "2023-09-10T19:07:35Z" - mac: ENC[AES256_GCM,data:bi/q9zTMO/spgCIF+nj5Y/Yixvsene5wiWAWVlgeqDBfixeNdLnCjAmDdKzGp+FJhwbEWBu7z5r1jdgK37pG7lzWyGVYqVsbKDZEx5ArYX85oM42BlgXIhBVPddaf819WXMnIyhYx1y9ebXVdRRRkOgi7cK85BRZgeW5dWC0yZ8=,iv:WI5HF5g65YxVS7/mOqNdU+W6TWz300J0GVhJXpkeVwU=,tag:LTyfKVzjZZwB5m9FtR6Mvg==,type:str] + lastmodified: "2023-09-11T20:01:29Z" + mac: ENC[AES256_GCM,data:3SvL0KQjxHZYxZHuqri6ghx0/v/UJa0MozNvzldvLzK4mpM5xD0zBxIyZ6LkXwQ7Fhe7BxrPJ6oDa0wiOn5JSbCihJJ7xn4vhjvNWX7HE1Hl9HviNSW6qebO+cgK/oSz+Yi1MZZ/NCqDtkOi08GDwmBoaqXyp84TPGf79fChuTo=,iv:i2vsbTFrb+daXfEgLTRZZdITdhwM/LreFYvKjtykmRU=,tag:iTSR4baH+wBayt4ik+U46A==,type:str] pgp: - created_at: "2023-09-10T17:32:58Z" enc: | diff --git a/services/gitea.nix b/services/gitea.nix index 29b46aa..3d5ec99 100644 --- a/services/gitea.nix +++ b/services/gitea.nix @@ -45,7 +45,10 @@ with lib; }; }; }; - sops.secrets."services/gitea/dbPass" = {}; + sops.secrets."services/gitea/dbPass" = { + owner = "git"; + group = "gitea"; + }; users.users.git = { description = "Gitea Service"; isNormalUser = true;