diff options
author | Gregor Kleen <gkleen@yggdrasil.li> | 2022-02-22 11:05:14 +0100 |
---|---|---|
committer | Gregor Kleen <gkleen@yggdrasil.li> | 2022-02-22 11:05:14 +0100 |
commit | 38e68a059c001f5caff2109c445f76dddac787a5 (patch) | |
tree | f12874803c45d2e712f09a9e95f61af73fa4c59e | |
parent | c46de991b1964e58698dbcfbd8c15a53e51472ff (diff) | |
download | nixos-38e68a059c001f5caff2109c445f76dddac787a5.tar nixos-38e68a059c001f5caff2109c445f76dddac787a5.tar.gz nixos-38e68a059c001f5caff2109c445f76dddac787a5.tar.bz2 nixos-38e68a059c001f5caff2109c445f76dddac787a5.tar.xz nixos-38e68a059c001f5caff2109c445f76dddac787a5.zip |
...
-rw-r--r-- | hosts/surtr/dns/keys/rheperire.org_acme.yaml | 14 | ||||
-rw-r--r-- | hosts/surtr/tls/default.nix | 2 | ||||
-rw-r--r-- | hosts/surtr/tls/tsig_keys/rheperire.org | 14 |
3 files changed, 15 insertions, 15 deletions
diff --git a/hosts/surtr/dns/keys/rheperire.org_acme.yaml b/hosts/surtr/dns/keys/rheperire.org_acme.yaml index f4979c04..5fb94a1e 100644 --- a/hosts/surtr/dns/keys/rheperire.org_acme.yaml +++ b/hosts/surtr/dns/keys/rheperire.org_acme.yaml | |||
@@ -1,22 +1,22 @@ | |||
1 | { | 1 | { |
2 | "data": "ENC[AES256_GCM,data:INp3nmsSAye/Hqq4+xCMGDvdIOw7aeajWF/G+tnPr3yrEh1tUGZnFDiIEhLCnHjj5na//GIHv2SxGUA9hiiOxtF9pDMXv7qZbQW1jE2+6Dl3s61wSFdobepjx0RzUVSB1VjRueGVz9X37ryTDPBPTyBWOaCvadiS/aoAcbk71S0Zaruy27/aetcmzko4auAQiPjmBSOEaJ42r5KZys1HdRqf4+KkDfEQMGKKY2fDvB0hTSDfA6xdIuZOsgeVkyJtW8c=,iv:Qu7k+ph3hP/RtrJQluU0edtrNnk/Z4sGNsV+x9kCYMo=,tag:kBQWOCq2aHtFDqwoLyPdXg==,type:str]", | 2 | "data": "ENC[AES256_GCM,data:hIjVHJFFSY1ZxdRshObpEK/DKynonKOF1D5ohO20Vy3kRigNH/bRJA9WmCNjg8l7xstVzf17pPEuSFyFnP7T17bbJsWxMuIbknBmuWLE66pNyTE3uwXqx+7ckQOs0w82fu8cmPRdlu+Lg9tp8jbJ8ID9QRlOVQr+IRIIs175xzotMlLgfHC5j2RjyR/3LPLa6lr9CNpmb5J9UYqC/mhPan2YkNTvfFgwKjVOaFtiMvD7lbQ2avfy+ejWObAozaPAzArTl1xDM/C/vg==,iv:UunLoBDrQxphbQvAvOKtxJNOGO1aWXrNWptE/F/nxXA=,tag:ZuHSb22cUTHKqoouMnhxQw==,type:str]", |
3 | "sops": { | 3 | "sops": { |
4 | "kms": null, | 4 | "kms": null, |
5 | "gcp_kms": null, | 5 | "gcp_kms": null, |
6 | "azure_kv": null, | 6 | "azure_kv": null, |
7 | "hc_vault": null, | 7 | "hc_vault": null, |
8 | "age": null, | 8 | "age": null, |
9 | "lastmodified": "2022-02-22T10:00:36Z", | 9 | "lastmodified": "2022-02-22T10:03:06Z", |
10 | "mac": "ENC[AES256_GCM,data:1p3Uty+rTYb0KllLWh1V4fYqp2l+Mtocqt2WCXEWCSF5R/CQ27mub601O/nJk5q77R661tJ+gUGiXDMHL4QFDlLIKml0M94aQPwAjWARCADOgZy7j75Uxu40KA4Lxnk2DM4ULOCIzfPikidDwg10Q51d3wVFEy0Ya59RFuUPkCQ=,iv:34ngwu968HXC/TXZXNklTq2/7B/ppl30/KdXNuQ0cN0=,tag:VzFBNdm6IMkICO9PELBC1w==,type:str]", | 10 | "mac": "ENC[AES256_GCM,data:W9FBhr/dvXw1spmHe4xKutiFcLtqkv+L/EYd2b8h2YD2ptWGj7HUzArOwGgpce9WOz7mS5WRF22vhZPzpKQ0aE3w8S4g9kxoYLDYBBP6itGJVwuvodZs0iu/dg5RutlwD5mA/iiyjqP9aR6yg/w41zC2Arc0dtHHOP0z+7zaZXw=,iv:62tzgTnfdFy/qVHMXvDdmowuzwX9Hlnmqnkobd7jPGE=,tag:GpjsYHtrsJwyzxxSf7wv3A==,type:str]", |
11 | "pgp": [ | 11 | "pgp": [ |
12 | { | 12 | { |
13 | "created_at": "2022-02-22T10:00:36Z", | 13 | "created_at": "2022-02-22T10:03:06Z", |
14 | "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAj1TjwhggIK+t8dso3N/AIIE+lRNqIS3DG9ZWUzhorG8w\nOmZI5Z24xUOjgYMgy/VD1N2vrr7O/WZya8EbbMLm3bddsD712ai/dGEpJQqlCgUg\n0l4BEUlPkLTpQQ+PeStaCJ+tM1xrMWkGqhfvWFPcr3llmkTL1BsPfPjZYqOhE/hI\nxqTpcbDZTEU+lHZFShwW+JH/KsGkGg9IZruxXUUCufRzcPx7vp2nNtBAIEmyKYHe\n=u66i\n-----END PGP MESSAGE-----\n", | 14 | "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAKlsVaoap1ggCLt6/FssPFSQaYVpFdfm1T70mOZ5kGgMw\nH57MoD30qRWwgXWqS6XWRsHtzEcLBs9GepOCHplkiTGTmtiJT3P4xDIIvbFvLCOi\n0l4B0H1Nj+xUejKbkkCpzFZwcr1URP6tdOALMBo+SEqtiEJZjey/3oK+eH965nAq\ndkgBUoaW5V0iF5dOAtWk35m6ZJq6KY5VFcgtqrKk4AEr7tc1QaolIsRRKKlPTuWa\n=tcS9\n-----END PGP MESSAGE-----\n", |
15 | "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" | 15 | "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" |
16 | }, | 16 | }, |
17 | { | 17 | { |
18 | "created_at": "2022-02-22T10:00:36Z", | 18 | "created_at": "2022-02-22T10:03:06Z", |
19 | "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAcn87FCyYBMPp+mDXBgFP/mKOioWZ5jN+mBJeseyTr14w\nmtyhuzgtREpYWeMG9Q4qFcQa9UVp4GrB8F43RgPdJQMe4AJA6kojMU07Y1Z3M0Br\n0l4BxmSpGxxNOzlzHuQ82HQACNkQD3g6l+IHWCkIYXvFRph/dNNzLOoa0lgXHhet\nCIysU7aD7Hil6bJQn7ayCW54qzURcvizQlmG7hVb48tFdxF+Fzm0EZ1xPvS9FG8u\n=tiEl\n-----END PGP MESSAGE-----\n", | 19 | "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdA0Pq+4uKichWgU6MdnrScKcfKow1TGG42Gb+sbuQjglMw\njEUbtoJAPmkyFXEBqQdJKiOvTQ0SPdA6AxsxvQzVudRe/Rlscmp1831EcMnsb/2p\n0l4BZZvVg+bSCWOKNwrWj66pzNIvLdGpdLn+K42zTreq4jwmfy9Wm855enyXSj/b\npWdH+LT9KQcasjET6+N8jZwTtDcZatwx+n57rJ9N6bG3fvbVy1oC17BrbRH9vzaY\n=JtBh\n-----END PGP MESSAGE-----\n", |
20 | "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" | 20 | "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" |
21 | } | 21 | } |
22 | ], | 22 | ], |
diff --git a/hosts/surtr/tls/default.nix b/hosts/surtr/tls/default.nix index 0126a3a5..936aa106 100644 --- a/hosts/surtr/tls/default.nix +++ b/hosts/surtr/tls/default.nix | |||
@@ -118,7 +118,7 @@ in { | |||
118 | credentialsFile = pkgs.writeText "${domain}_credentials.env" '' | 118 | credentialsFile = pkgs.writeText "${domain}_credentials.env" '' |
119 | RFC2136_NAMESERVER=127.0.0.1:53 | 119 | RFC2136_NAMESERVER=127.0.0.1:53 |
120 | RFC2136_TSIG_ALGORITHM=hmac-sha256. | 120 | RFC2136_TSIG_ALGORITHM=hmac-sha256. |
121 | RFC2136_TSIG_KEY=${domain}_acme | 121 | RFC2136_TSIG_KEY=${domain}_acme_key |
122 | RFC2136_TSIG_SECRET_FILE=${tsigSecret.path} | 122 | RFC2136_TSIG_SECRET_FILE=${tsigSecret.path} |
123 | RFC2136_PROPAGATION_TIMEOUT=300 | 123 | RFC2136_PROPAGATION_TIMEOUT=300 |
124 | RFC2136_POLLING_INTERVAL=5 | 124 | RFC2136_POLLING_INTERVAL=5 |
diff --git a/hosts/surtr/tls/tsig_keys/rheperire.org b/hosts/surtr/tls/tsig_keys/rheperire.org index 1f3dc4a4..a6af56fe 100644 --- a/hosts/surtr/tls/tsig_keys/rheperire.org +++ b/hosts/surtr/tls/tsig_keys/rheperire.org | |||
@@ -1,22 +1,22 @@ | |||
1 | { | 1 | { |
2 | "data": "ENC[AES256_GCM,data:Lb1IWtwPdBxeXGrOr74MlR7lKBMIg2ix3enRMVN4MPEDh7CIFv1nhAfLCDU=,iv:TcyGtcKEL7yUXgHrfJ5pDjl8r5V7ltYQw2wcnsFN1bc=,tag:gBaYj6MkQKvD/uO+Pudnzg==,type:str]", | 2 | "data": "ENC[AES256_GCM,data:CH0kDBtyv4Zqi9DrSDgnuGuIwy83p5EAXxu2O543qk2SMT8aJO59+VF1ZcNg,iv:D6QcGgucKwpjYQaJgBgafi4cJRj6B6BX2HJG4SrWQOo=,tag:zT8oDCnQerhFHHKCQbx70g==,type:str]", |
3 | "sops": { | 3 | "sops": { |
4 | "kms": null, | 4 | "kms": null, |
5 | "gcp_kms": null, | 5 | "gcp_kms": null, |
6 | "azure_kv": null, | 6 | "azure_kv": null, |
7 | "hc_vault": null, | 7 | "hc_vault": null, |
8 | "age": null, | 8 | "age": null, |
9 | "lastmodified": "2022-02-22T09:46:27Z", | 9 | "lastmodified": "2022-02-22T10:05:06Z", |
10 | "mac": "ENC[AES256_GCM,data:vtymuSymOeh34ZbAumxCEcemtI0UFBoQwj4axpKf7AzVnQOubWYxPI5x23CiOE12Y+FThg1dYEnDWlkkQjMVWQvcJzfP1g25S98MuZ42E9R0nBxGzTrIaKS7kgNAriYDy8ib7Z3DUbajEGfvLLazCdHu3g9gE0dLewKcUTHaXwM=,iv:j8vS2Ej58HLf+CP9fe1rN+4UuniGlv/0M+Zzt3nlk5I=,tag:xn33GGm2knsIdH+EJ1zDcA==,type:str]", | 10 | "mac": "ENC[AES256_GCM,data:QJnaf5EFcTRk0tTQy9ZWUxEdZvfPZY3HvHkGLTrBMoNZf0rA4gwwhl7/TQhxmlS79/PS3eaf0QsLCwJVuuGJwsdQBfB516pl6F3kcFfGU0H1ydFpdQb7Y69UhHcOGCfep6G9qBdYGlM/u2c2xpLd3J52WwDfstrV/W79S9x0M4s=,iv:A9U7zI4Qc5AexJymJoBn71UQ0I21crs6o783JILQkhM=,tag:GDctWmgNNoQvRP5X1fPbGw==,type:str]", |
11 | "pgp": [ | 11 | "pgp": [ |
12 | { | 12 | { |
13 | "created_at": "2022-02-22T09:46:26Z", | 13 | "created_at": "2022-02-22T10:05:06Z", |
14 | "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdA1++YsCSiRkVGoVF6uvYeY7JjZjsdjAUwubCF3fLDtS8w\nHFSQltgrqkul1Ei1fUFQqFbSpMSfBQhk0kMH0Xuk5SoDd1lWumqTP9gaJj/CM+yz\n0l4BHiQ4Ktyc01f127Az36nQZGKdJvL9etQAceNtNM7Y4XkLQ78OXFJoERrf81s/\n4wm5za7xqEBE1oE0QWAelzyjBqxI1iCjDl3p6heUdhqlcvAifXgqAk0qxq/4T4FG\n=2Bwl\n-----END PGP MESSAGE-----\n", | 14 | "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAGFBLAv0AjRVBrt6bx0LjjXJ+F1HMItYH+ARVivmvqn0w\nTu4haSHe/+Y5OGppPz/AKscUahtKlD9Xc+wDEO7VwnGeqYmCmtfz71s6Mnzx5J4Z\n0lwBmnxPoyq4n3gObkaK+w/sXQCtrPzcr3eb7WwsEtOapNg1NOgveTkMGivhSltv\nEHOxA3Zb3j64VRFeiBEUhwo45QT8+XIkSogAtTsMtyJjsDdlSx9Se5hm9LuFaQ==\n=cFm2\n-----END PGP MESSAGE-----\n", |
15 | "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" | 15 | "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" |
16 | }, | 16 | }, |
17 | { | 17 | { |
18 | "created_at": "2022-02-22T09:46:26Z", | 18 | "created_at": "2022-02-22T10:05:06Z", |
19 | "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdA4jg570qc5Zu3yAJPmjf11r20eYMyjAeEWw/RreZga3Uw\nmTy2jo/de11m3r/aIxp0Q/vFZ1m4JGeoIzIgQxGnhX0s0NpfCbCih0P7UMjZRatC\n0l4BCzWq7c0A2GbjPq+aKF2IYfQV5gdwjgCAJO3Oylb/SAltwnyGChANw4ckUCjV\n9DWYIcerMP2scxpjf5nJXpHNMjpGR7fcqS71PoVoJoActMqrG0deOMUSUEOVP8nR\n=+ux+\n-----END PGP MESSAGE-----\n", | 19 | "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdARVp4AmaIEZyYrmVaTjF+qIlyB26EdjC3d4D+Jv5TkCMw\nQ8/pshECLLazpepPPxsQ2SHNNqlqiyIPkRaKIcCxp0ViMVG+C0C82QE5oJemnryW\n0lwBhYa5Ug65KISzIy2LsxiaXcyH8qTOa2vvza8NWdFyao6qH2N4MtdN4PoHo4k4\nSsxxtPtOrNo2PRjqSqg1WhCP9HQ9OOrTxXXL1Cei1LySN56/IBmTHs/CnDIjUQ==\n=gG/G\n-----END PGP MESSAGE-----\n", |
20 | "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" | 20 | "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" |
21 | } | 21 | } |
22 | ], | 22 | ], |