summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGregor Kleen <gkleen@yggdrasil.li>2022-02-22 11:05:14 +0100
committerGregor Kleen <gkleen@yggdrasil.li>2022-02-22 11:05:14 +0100
commit38e68a059c001f5caff2109c445f76dddac787a5 (patch)
treef12874803c45d2e712f09a9e95f61af73fa4c59e
parentc46de991b1964e58698dbcfbd8c15a53e51472ff (diff)
downloadnixos-38e68a059c001f5caff2109c445f76dddac787a5.tar
nixos-38e68a059c001f5caff2109c445f76dddac787a5.tar.gz
nixos-38e68a059c001f5caff2109c445f76dddac787a5.tar.bz2
nixos-38e68a059c001f5caff2109c445f76dddac787a5.tar.xz
nixos-38e68a059c001f5caff2109c445f76dddac787a5.zip
...
-rw-r--r--hosts/surtr/dns/keys/rheperire.org_acme.yaml14
-rw-r--r--hosts/surtr/tls/default.nix2
-rw-r--r--hosts/surtr/tls/tsig_keys/rheperire.org14
3 files changed, 15 insertions, 15 deletions
diff --git a/hosts/surtr/dns/keys/rheperire.org_acme.yaml b/hosts/surtr/dns/keys/rheperire.org_acme.yaml
index f4979c04..5fb94a1e 100644
--- a/hosts/surtr/dns/keys/rheperire.org_acme.yaml
+++ b/hosts/surtr/dns/keys/rheperire.org_acme.yaml
@@ -1,22 +1,22 @@
1{ 1{
2 "data": "ENC[AES256_GCM,data:INp3nmsSAye/Hqq4+xCMGDvdIOw7aeajWF/G+tnPr3yrEh1tUGZnFDiIEhLCnHjj5na//GIHv2SxGUA9hiiOxtF9pDMXv7qZbQW1jE2+6Dl3s61wSFdobepjx0RzUVSB1VjRueGVz9X37ryTDPBPTyBWOaCvadiS/aoAcbk71S0Zaruy27/aetcmzko4auAQiPjmBSOEaJ42r5KZys1HdRqf4+KkDfEQMGKKY2fDvB0hTSDfA6xdIuZOsgeVkyJtW8c=,iv:Qu7k+ph3hP/RtrJQluU0edtrNnk/Z4sGNsV+x9kCYMo=,tag:kBQWOCq2aHtFDqwoLyPdXg==,type:str]", 2 "data": "ENC[AES256_GCM,data:hIjVHJFFSY1ZxdRshObpEK/DKynonKOF1D5ohO20Vy3kRigNH/bRJA9WmCNjg8l7xstVzf17pPEuSFyFnP7T17bbJsWxMuIbknBmuWLE66pNyTE3uwXqx+7ckQOs0w82fu8cmPRdlu+Lg9tp8jbJ8ID9QRlOVQr+IRIIs175xzotMlLgfHC5j2RjyR/3LPLa6lr9CNpmb5J9UYqC/mhPan2YkNTvfFgwKjVOaFtiMvD7lbQ2avfy+ejWObAozaPAzArTl1xDM/C/vg==,iv:UunLoBDrQxphbQvAvOKtxJNOGO1aWXrNWptE/F/nxXA=,tag:ZuHSb22cUTHKqoouMnhxQw==,type:str]",
3 "sops": { 3 "sops": {
4 "kms": null, 4 "kms": null,
5 "gcp_kms": null, 5 "gcp_kms": null,
6 "azure_kv": null, 6 "azure_kv": null,
7 "hc_vault": null, 7 "hc_vault": null,
8 "age": null, 8 "age": null,
9 "lastmodified": "2022-02-22T10:00:36Z", 9 "lastmodified": "2022-02-22T10:03:06Z",
10 "mac": "ENC[AES256_GCM,data:1p3Uty+rTYb0KllLWh1V4fYqp2l+Mtocqt2WCXEWCSF5R/CQ27mub601O/nJk5q77R661tJ+gUGiXDMHL4QFDlLIKml0M94aQPwAjWARCADOgZy7j75Uxu40KA4Lxnk2DM4ULOCIzfPikidDwg10Q51d3wVFEy0Ya59RFuUPkCQ=,iv:34ngwu968HXC/TXZXNklTq2/7B/ppl30/KdXNuQ0cN0=,tag:VzFBNdm6IMkICO9PELBC1w==,type:str]", 10 "mac": "ENC[AES256_GCM,data:W9FBhr/dvXw1spmHe4xKutiFcLtqkv+L/EYd2b8h2YD2ptWGj7HUzArOwGgpce9WOz7mS5WRF22vhZPzpKQ0aE3w8S4g9kxoYLDYBBP6itGJVwuvodZs0iu/dg5RutlwD5mA/iiyjqP9aR6yg/w41zC2Arc0dtHHOP0z+7zaZXw=,iv:62tzgTnfdFy/qVHMXvDdmowuzwX9Hlnmqnkobd7jPGE=,tag:GpjsYHtrsJwyzxxSf7wv3A==,type:str]",
11 "pgp": [ 11 "pgp": [
12 { 12 {
13 "created_at": "2022-02-22T10:00:36Z", 13 "created_at": "2022-02-22T10:03:06Z",
14 "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAj1TjwhggIK+t8dso3N/AIIE+lRNqIS3DG9ZWUzhorG8w\nOmZI5Z24xUOjgYMgy/VD1N2vrr7O/WZya8EbbMLm3bddsD712ai/dGEpJQqlCgUg\n0l4BEUlPkLTpQQ+PeStaCJ+tM1xrMWkGqhfvWFPcr3llmkTL1BsPfPjZYqOhE/hI\nxqTpcbDZTEU+lHZFShwW+JH/KsGkGg9IZruxXUUCufRzcPx7vp2nNtBAIEmyKYHe\n=u66i\n-----END PGP MESSAGE-----\n", 14 "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAKlsVaoap1ggCLt6/FssPFSQaYVpFdfm1T70mOZ5kGgMw\nH57MoD30qRWwgXWqS6XWRsHtzEcLBs9GepOCHplkiTGTmtiJT3P4xDIIvbFvLCOi\n0l4B0H1Nj+xUejKbkkCpzFZwcr1URP6tdOALMBo+SEqtiEJZjey/3oK+eH965nAq\ndkgBUoaW5V0iF5dOAtWk35m6ZJq6KY5VFcgtqrKk4AEr7tc1QaolIsRRKKlPTuWa\n=tcS9\n-----END PGP MESSAGE-----\n",
15 "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" 15 "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8"
16 }, 16 },
17 { 17 {
18 "created_at": "2022-02-22T10:00:36Z", 18 "created_at": "2022-02-22T10:03:06Z",
19 "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAcn87FCyYBMPp+mDXBgFP/mKOioWZ5jN+mBJeseyTr14w\nmtyhuzgtREpYWeMG9Q4qFcQa9UVp4GrB8F43RgPdJQMe4AJA6kojMU07Y1Z3M0Br\n0l4BxmSpGxxNOzlzHuQ82HQACNkQD3g6l+IHWCkIYXvFRph/dNNzLOoa0lgXHhet\nCIysU7aD7Hil6bJQn7ayCW54qzURcvizQlmG7hVb48tFdxF+Fzm0EZ1xPvS9FG8u\n=tiEl\n-----END PGP MESSAGE-----\n", 19 "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdA0Pq+4uKichWgU6MdnrScKcfKow1TGG42Gb+sbuQjglMw\njEUbtoJAPmkyFXEBqQdJKiOvTQ0SPdA6AxsxvQzVudRe/Rlscmp1831EcMnsb/2p\n0l4BZZvVg+bSCWOKNwrWj66pzNIvLdGpdLn+K42zTreq4jwmfy9Wm855enyXSj/b\npWdH+LT9KQcasjET6+N8jZwTtDcZatwx+n57rJ9N6bG3fvbVy1oC17BrbRH9vzaY\n=JtBh\n-----END PGP MESSAGE-----\n",
20 "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" 20 "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51"
21 } 21 }
22 ], 22 ],
diff --git a/hosts/surtr/tls/default.nix b/hosts/surtr/tls/default.nix
index 0126a3a5..936aa106 100644
--- a/hosts/surtr/tls/default.nix
+++ b/hosts/surtr/tls/default.nix
@@ -118,7 +118,7 @@ in {
118 credentialsFile = pkgs.writeText "${domain}_credentials.env" '' 118 credentialsFile = pkgs.writeText "${domain}_credentials.env" ''
119 RFC2136_NAMESERVER=127.0.0.1:53 119 RFC2136_NAMESERVER=127.0.0.1:53
120 RFC2136_TSIG_ALGORITHM=hmac-sha256. 120 RFC2136_TSIG_ALGORITHM=hmac-sha256.
121 RFC2136_TSIG_KEY=${domain}_acme 121 RFC2136_TSIG_KEY=${domain}_acme_key
122 RFC2136_TSIG_SECRET_FILE=${tsigSecret.path} 122 RFC2136_TSIG_SECRET_FILE=${tsigSecret.path}
123 RFC2136_PROPAGATION_TIMEOUT=300 123 RFC2136_PROPAGATION_TIMEOUT=300
124 RFC2136_POLLING_INTERVAL=5 124 RFC2136_POLLING_INTERVAL=5
diff --git a/hosts/surtr/tls/tsig_keys/rheperire.org b/hosts/surtr/tls/tsig_keys/rheperire.org
index 1f3dc4a4..a6af56fe 100644
--- a/hosts/surtr/tls/tsig_keys/rheperire.org
+++ b/hosts/surtr/tls/tsig_keys/rheperire.org
@@ -1,22 +1,22 @@
1{ 1{
2 "data": "ENC[AES256_GCM,data:Lb1IWtwPdBxeXGrOr74MlR7lKBMIg2ix3enRMVN4MPEDh7CIFv1nhAfLCDU=,iv:TcyGtcKEL7yUXgHrfJ5pDjl8r5V7ltYQw2wcnsFN1bc=,tag:gBaYj6MkQKvD/uO+Pudnzg==,type:str]", 2 "data": "ENC[AES256_GCM,data:CH0kDBtyv4Zqi9DrSDgnuGuIwy83p5EAXxu2O543qk2SMT8aJO59+VF1ZcNg,iv:D6QcGgucKwpjYQaJgBgafi4cJRj6B6BX2HJG4SrWQOo=,tag:zT8oDCnQerhFHHKCQbx70g==,type:str]",
3 "sops": { 3 "sops": {
4 "kms": null, 4 "kms": null,
5 "gcp_kms": null, 5 "gcp_kms": null,
6 "azure_kv": null, 6 "azure_kv": null,
7 "hc_vault": null, 7 "hc_vault": null,
8 "age": null, 8 "age": null,
9 "lastmodified": "2022-02-22T09:46:27Z", 9 "lastmodified": "2022-02-22T10:05:06Z",
10 "mac": "ENC[AES256_GCM,data:vtymuSymOeh34ZbAumxCEcemtI0UFBoQwj4axpKf7AzVnQOubWYxPI5x23CiOE12Y+FThg1dYEnDWlkkQjMVWQvcJzfP1g25S98MuZ42E9R0nBxGzTrIaKS7kgNAriYDy8ib7Z3DUbajEGfvLLazCdHu3g9gE0dLewKcUTHaXwM=,iv:j8vS2Ej58HLf+CP9fe1rN+4UuniGlv/0M+Zzt3nlk5I=,tag:xn33GGm2knsIdH+EJ1zDcA==,type:str]", 10 "mac": "ENC[AES256_GCM,data:QJnaf5EFcTRk0tTQy9ZWUxEdZvfPZY3HvHkGLTrBMoNZf0rA4gwwhl7/TQhxmlS79/PS3eaf0QsLCwJVuuGJwsdQBfB516pl6F3kcFfGU0H1ydFpdQb7Y69UhHcOGCfep6G9qBdYGlM/u2c2xpLd3J52WwDfstrV/W79S9x0M4s=,iv:A9U7zI4Qc5AexJymJoBn71UQ0I21crs6o783JILQkhM=,tag:GDctWmgNNoQvRP5X1fPbGw==,type:str]",
11 "pgp": [ 11 "pgp": [
12 { 12 {
13 "created_at": "2022-02-22T09:46:26Z", 13 "created_at": "2022-02-22T10:05:06Z",
14 "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdA1++YsCSiRkVGoVF6uvYeY7JjZjsdjAUwubCF3fLDtS8w\nHFSQltgrqkul1Ei1fUFQqFbSpMSfBQhk0kMH0Xuk5SoDd1lWumqTP9gaJj/CM+yz\n0l4BHiQ4Ktyc01f127Az36nQZGKdJvL9etQAceNtNM7Y4XkLQ78OXFJoERrf81s/\n4wm5za7xqEBE1oE0QWAelzyjBqxI1iCjDl3p6heUdhqlcvAifXgqAk0qxq/4T4FG\n=2Bwl\n-----END PGP MESSAGE-----\n", 14 "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAGFBLAv0AjRVBrt6bx0LjjXJ+F1HMItYH+ARVivmvqn0w\nTu4haSHe/+Y5OGppPz/AKscUahtKlD9Xc+wDEO7VwnGeqYmCmtfz71s6Mnzx5J4Z\n0lwBmnxPoyq4n3gObkaK+w/sXQCtrPzcr3eb7WwsEtOapNg1NOgveTkMGivhSltv\nEHOxA3Zb3j64VRFeiBEUhwo45QT8+XIkSogAtTsMtyJjsDdlSx9Se5hm9LuFaQ==\n=cFm2\n-----END PGP MESSAGE-----\n",
15 "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" 15 "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8"
16 }, 16 },
17 { 17 {
18 "created_at": "2022-02-22T09:46:26Z", 18 "created_at": "2022-02-22T10:05:06Z",
19 "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdA4jg570qc5Zu3yAJPmjf11r20eYMyjAeEWw/RreZga3Uw\nmTy2jo/de11m3r/aIxp0Q/vFZ1m4JGeoIzIgQxGnhX0s0NpfCbCih0P7UMjZRatC\n0l4BCzWq7c0A2GbjPq+aKF2IYfQV5gdwjgCAJO3Oylb/SAltwnyGChANw4ckUCjV\n9DWYIcerMP2scxpjf5nJXpHNMjpGR7fcqS71PoVoJoActMqrG0deOMUSUEOVP8nR\n=+ux+\n-----END PGP MESSAGE-----\n", 19 "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdARVp4AmaIEZyYrmVaTjF+qIlyB26EdjC3d4D+Jv5TkCMw\nQ8/pshECLLazpepPPxsQ2SHNNqlqiyIPkRaKIcCxp0ViMVG+C0C82QE5oJemnryW\n0lwBhYa5Ug65KISzIy2LsxiaXcyH8qTOa2vvza8NWdFyao6qH2N4MtdN4PoHo4k4\nSsxxtPtOrNo2PRjqSqg1WhCP9HQ9OOrTxXXL1Cei1LySN56/IBmTHs/CnDIjUQ==\n=gG/G\n-----END PGP MESSAGE-----\n",
20 "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" 20 "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51"
21 } 21 }
22 ], 22 ],