diff options
author | Gregor Kleen <gkleen@yggdrasil.li> | 2022-12-27 15:28:59 +0100 |
---|---|---|
committer | Gregor Kleen <gkleen@yggdrasil.li> | 2022-12-27 15:28:59 +0100 |
commit | 17d24a633e75592f8b0dd5346c919c261332c90c (patch) | |
tree | 01eceef16b07fdb0e440e060bffb8ac38e222d93 /hosts/surtr/tls | |
parent | 47c4a1e7f3074ca10412abe5efd3a01ed6ba099e (diff) | |
download | nixos-17d24a633e75592f8b0dd5346c919c261332c90c.tar nixos-17d24a633e75592f8b0dd5346c919c261332c90c.tar.gz nixos-17d24a633e75592f8b0dd5346c919c261332c90c.tar.bz2 nixos-17d24a633e75592f8b0dd5346c919c261332c90c.tar.xz nixos-17d24a633e75592f8b0dd5346c919c261332c90c.zip |
kleen.consulting
Diffstat (limited to 'hosts/surtr/tls')
-rw-r--r-- | hosts/surtr/tls/default.nix | 2 | ||||
-rw-r--r-- | hosts/surtr/tls/tsig_keys/imap.kleen.consulting | 26 | ||||
-rw-r--r-- | hosts/surtr/tls/tsig_keys/kleen.consulting | 26 | ||||
-rw-r--r-- | hosts/surtr/tls/tsig_keys/mailin.kleen.consulting | 26 | ||||
-rw-r--r-- | hosts/surtr/tls/tsig_keys/mailsub.kleen.consulting | 26 | ||||
-rw-r--r-- | hosts/surtr/tls/tsig_keys/mta-sts.kleen.consulting | 26 |
6 files changed, 131 insertions, 1 deletions
diff --git a/hosts/surtr/tls/default.nix b/hosts/surtr/tls/default.nix index 0a3024d2..4e60a3f9 100644 --- a/hosts/surtr/tls/default.nix +++ b/hosts/surtr/tls/default.nix | |||
@@ -36,7 +36,7 @@ in { | |||
36 | }; | 36 | }; |
37 | 37 | ||
38 | config = { | 38 | config = { |
39 | security.acme.domains = genAttrs ["dirty-haskell.org" "141.li" "xmpp.li" "synapse.li" "yggdrasil.li" "praseodym.org" "rheperire.org" "kleen.li" "nights.email" "bouncy.email"] (domain: { wildcard = true; }); | 39 | security.acme.domains = genAttrs ["dirty-haskell.org" "141.li" "xmpp.li" "synapse.li" "yggdrasil.li" "praseodym.org" "rheperire.org" "kleen.li" "nights.email" "bouncy.email" "kleen.consulting"] (domain: { wildcard = true; }); |
40 | 40 | ||
41 | fileSystems."/var/lib/acme" = | 41 | fileSystems."/var/lib/acme" = |
42 | { device = "surtr/safe/var-lib-acme"; | 42 | { device = "surtr/safe/var-lib-acme"; |
diff --git a/hosts/surtr/tls/tsig_keys/imap.kleen.consulting b/hosts/surtr/tls/tsig_keys/imap.kleen.consulting new file mode 100644 index 00000000..4274b6c1 --- /dev/null +++ b/hosts/surtr/tls/tsig_keys/imap.kleen.consulting | |||
@@ -0,0 +1,26 @@ | |||
1 | { | ||
2 | "data": "ENC[AES256_GCM,data:Bj5DPnwGwY10vX35NbsWUawEjx5RoUe5tyQUhERD2VLRrnoyho3YI0c/3pIP,iv:6Mwcp8orH4sQGubV9FeSWqFgT4pyK57MWSKbDaijfvY=,tag:zQZLCavwRDIOz419pMrjbQ==,type:str]", | ||
3 | "sops": { | ||
4 | "kms": null, | ||
5 | "gcp_kms": null, | ||
6 | "azure_kv": null, | ||
7 | "hc_vault": null, | ||
8 | "age": null, | ||
9 | "lastmodified": "2022-12-27T14:23:03Z", | ||
10 | "mac": "ENC[AES256_GCM,data:A89e988MUk4M0hYPjt+rkidTT9G2t/pMvDWbA1pLp6ejuaDKOyqt8+4Z1ijA+ZWotam/+PS4OwiLYPWUv5yQYRZXEgIC4X+9zUqTzrk4YfHNzz5CxHv3xVRXDAv+THAuAZqpFcJHZsfwlrkJ8oT7aBM0QzGEYhRd6DqXrDm74Ec=,iv:rMrjW/5doBtymJipRPfS2HrAVOXmNLSESAmGfGrfRtM=,tag:hnnZaRoAajlaSs94Y1VF9Q==,type:str]", | ||
11 | "pgp": [ | ||
12 | { | ||
13 | "created_at": "2022-12-27T14:23:03Z", | ||
14 | "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdA1Z/0PugoNJs50gvZpRdFzp5vykDq3WiLr5TpMMOcrm0w\nwzLloHyQzuZixmbhj0zJ8JEW38kaSwjiJhkifIYI81ab49SJKzrJk0/+QhFQwgQQ\n0l4BwWaAGzxg+VCvWVasXpFrxD3XTIa2d1PntLTNkrnLO0W75rWBuAOrKR74BS8y\nnKPFtG+jRW36ziESeqyPF+Grb+lMiVhqEBe/W1eeeUtCL8HVVfTBnNSBrWockDnj\n=FOND\n-----END PGP MESSAGE-----\n", | ||
15 | "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" | ||
16 | }, | ||
17 | { | ||
18 | "created_at": "2022-12-27T14:23:03Z", | ||
19 | "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAuAdDkZ/i0CzkC8BtxDVRKXRYIPagMBUTue4T9hrfZjow\n2hCdSqXoiO9Nafl4p6hr+z/+hgvtd7+Vi6Vsx/hYEYyQGGMj4kBjtrCLaIXrNwzk\n0l4BWzYVis9DReZ4b9dQjqOqFOFXTNjjdDvKT2XvB6UC7Ak92Urp0aASQr6cOOa5\nr5k3j1AYlhMeYpSmz7uzWjLcIAqH84KFBAEvsm644ymmKkM0o6lZfzYN2TsoEjnP\n=CXUK\n-----END PGP MESSAGE-----\n", | ||
20 | "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" | ||
21 | } | ||
22 | ], | ||
23 | "unencrypted_suffix": "_unencrypted", | ||
24 | "version": "3.7.3" | ||
25 | } | ||
26 | } \ No newline at end of file | ||
diff --git a/hosts/surtr/tls/tsig_keys/kleen.consulting b/hosts/surtr/tls/tsig_keys/kleen.consulting new file mode 100644 index 00000000..48b6e4b4 --- /dev/null +++ b/hosts/surtr/tls/tsig_keys/kleen.consulting | |||
@@ -0,0 +1,26 @@ | |||
1 | { | ||
2 | "data": "ENC[AES256_GCM,data:hLR+WPUazhZzM+YIR6IMMFjKcupbhZ/Gnu2kv873FW9cnV6pPz5is+eX/Qh6,iv:FAuop9mU4RxBMr/9+cpQDnrRoTaIk7rFh1u2kdLTJ2g=,tag:swtnoDGWisJjGkv4/xE2nw==,type:str]", | ||
3 | "sops": { | ||
4 | "kms": null, | ||
5 | "gcp_kms": null, | ||
6 | "azure_kv": null, | ||
7 | "hc_vault": null, | ||
8 | "age": null, | ||
9 | "lastmodified": "2022-12-27T14:23:01Z", | ||
10 | "mac": "ENC[AES256_GCM,data:zDAuZdupb97yeKlS8j1J0SkP3xHMi62SVOgc4NAyqiQgSRnRVhO0uxf3Ms3nVhijqFOS0IeaHsEQM6cCcfq5Hf5/073XHV9/QTcCQsQxPqabwHLvO3Tkzc+lcWicwm0PUt3Plh4QybXwKSaYKJr8RZzlgltOl6CJN7fERIyNayY=,iv:G2te52MStm0o7+qjzIHs335x/PQHdcfiIrnF534+0sA=,tag:FwZRHR8vQiyhls04Ic97Aw==,type:str]", | ||
11 | "pgp": [ | ||
12 | { | ||
13 | "created_at": "2022-12-27T14:23:01Z", | ||
14 | "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAVnsoiamZ0mwkgB/VDWMxCME/uxGYqZc50h332nFBGSQw\nhPTkYSghPXdCPzBAcFglpBnhTiluREUp0oWJuCoimJAkOmECLM6wACZPjit3cvSw\n0lwB0zzKGtRNsnIwy5pM70am1Yu54JAkcqdOGJZFEH24m3gNdJVWnnMcbXNNfxnN\nIgQDDmL8gw68lpw8wKOwGi5XIfwQwwSBm7cesLa2X4a6UKLgBRSYkwtkEkskJw==\n=bhXe\n-----END PGP MESSAGE-----\n", | ||
15 | "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" | ||
16 | }, | ||
17 | { | ||
18 | "created_at": "2022-12-27T14:23:01Z", | ||
19 | "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdA44YcVmRcpMqRAdiZrtA/cXds6gPgRFbu1QokzhovUTIw\ni1bumXheuSh1EwgV+ds/eP03LRwWjkRWApzl1h7D2SS3R+1U2e43kzIORyi33Cwb\n0lwB5GGeLSRPirj1WSMe1WEXCizl330mEwgNYGs2HT1r9tHESTIO9CRnPzed3EXP\nhfH92t4HMCwIzWI7D78ExR/uNHiHhOhBs0Jz3V6HSOmKpPReLtb2sVNMjO6fKA==\n=ak0g\n-----END PGP MESSAGE-----\n", | ||
20 | "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" | ||
21 | } | ||
22 | ], | ||
23 | "unencrypted_suffix": "_unencrypted", | ||
24 | "version": "3.7.3" | ||
25 | } | ||
26 | } \ No newline at end of file | ||
diff --git a/hosts/surtr/tls/tsig_keys/mailin.kleen.consulting b/hosts/surtr/tls/tsig_keys/mailin.kleen.consulting new file mode 100644 index 00000000..70fe6f95 --- /dev/null +++ b/hosts/surtr/tls/tsig_keys/mailin.kleen.consulting | |||
@@ -0,0 +1,26 @@ | |||
1 | { | ||
2 | "data": "ENC[AES256_GCM,data:iWIbjv56LHaOza+6l/5EwyOxrslupEjhyMJbe9hTYEeeqyxRkt2mQUXOjDYD,iv:CVUMbqzYGsgPA3wXHfi/XqR0NMDR+hEmYRQOUHUNhWw=,tag:YbMEErHIJL5tKaqWpXjs5A==,type:str]", | ||
3 | "sops": { | ||
4 | "kms": null, | ||
5 | "gcp_kms": null, | ||
6 | "azure_kv": null, | ||
7 | "hc_vault": null, | ||
8 | "age": null, | ||
9 | "lastmodified": "2022-12-27T14:23:02Z", | ||
10 | "mac": "ENC[AES256_GCM,data:e4oe95ZDgKZv6/Zy4P4r4u/fWHHLTsL1ieB1ut6Ktg4B2L/DPxuxEO0b5ajXFr8tkmA9/DL1Bfv5TT2145v/Kyy1NeXYGUGbg/BtrTYlUSekYVbHIHtNBYLgOQzNL5tlrhyFXsVHx8a0BZKVEmqMocNiz4kIjU4JJ1ORHxS5M4w=,iv:vN/y8TXg6RSxi7OyioIVA0NoiaPpIZU94tLEOCgvXHI=,tag:uAf7psK/HZ1cs621Y3LOoA==,type:str]", | ||
11 | "pgp": [ | ||
12 | { | ||
13 | "created_at": "2022-12-27T14:23:02Z", | ||
14 | "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdADTdcU/shxjYVUAxYWJKSM3oRDpYCCJ9al76z3glcNQYw\nmIlrpVfT3O+lOSgr1s07giFe/WEJb/A4ctYE7UUSpnowZbOHn8bia0JG/t58791I\n0l4BV7zeiWadAGJHDIRHZb2BRev/b4ho/UYnHG+LTaGnAa9phfeOlRn7k6+sw8Ad\nDUBe1MPbsnBD7hT5IACxNZ4neXDaSJ9mOe5CP9u6SuDwFlMicW8XV3INXBcRQKZY\n=7Uw6\n-----END PGP MESSAGE-----\n", | ||
15 | "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" | ||
16 | }, | ||
17 | { | ||
18 | "created_at": "2022-12-27T14:23:02Z", | ||
19 | "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAgQrdU3Dqlv5ZuGkbBdroYvAFRbKdKTzG4gCkRR85DgUw\n8vPKNv3d93sWLqrvw1VqMKvmIfVGLujqM4j9ZuecHodUPiMuSgLmbzsGS5HpiubB\n0l4By0O/oVeNWAmFNYRMyfZ5CH+YYyOZ8u8tBTR/6eHjOp7wlKpCqcFVg8UILkbn\nrRvpNEM1PDh+oZJ4nMA7pQkm7297H0+uyTioGxHq9DLAODepnlfz2ofCKd/jEO1+\n=Fh1g\n-----END PGP MESSAGE-----\n", | ||
20 | "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" | ||
21 | } | ||
22 | ], | ||
23 | "unencrypted_suffix": "_unencrypted", | ||
24 | "version": "3.7.3" | ||
25 | } | ||
26 | } \ No newline at end of file | ||
diff --git a/hosts/surtr/tls/tsig_keys/mailsub.kleen.consulting b/hosts/surtr/tls/tsig_keys/mailsub.kleen.consulting new file mode 100644 index 00000000..23da47b2 --- /dev/null +++ b/hosts/surtr/tls/tsig_keys/mailsub.kleen.consulting | |||
@@ -0,0 +1,26 @@ | |||
1 | { | ||
2 | "data": "ENC[AES256_GCM,data:afqmlv3igzgTf1ezNK68FPOCEgxx1dhvpU7bLax+3kVIT1Be+/SIqMMKBbQj,iv:keoYQnGhTh46xKy/ARXInRl2BT6B/U1eqROQHNrybXY=,tag:/LHTlj1yxBVk5szKpFqXOw==,type:str]", | ||
3 | "sops": { | ||
4 | "kms": null, | ||
5 | "gcp_kms": null, | ||
6 | "azure_kv": null, | ||
7 | "hc_vault": null, | ||
8 | "age": null, | ||
9 | "lastmodified": "2022-12-27T14:23:03Z", | ||
10 | "mac": "ENC[AES256_GCM,data:Un195JsFhtA99AEx89SGdZflAYOa/AHbcDxyQaMPiBI01ic7/EsYe6M6olv4E/PS1/+5b6ki6IeObl66Fv0ikKa36q6op8bJK/S3Mvza80FKcC6YKjmZp8R46MqxlntpIEtl1SaxeWlOf6XFSGS0HMfnCfnZ6+R/MXGM4ZHTofM=,iv:CP9JM+uSmKSskwD7SHEQGp/p8NwPu+c2eg+s7XKn+YU=,tag:LnhFimxAvhCCxYztRhjfgw==,type:str]", | ||
11 | "pgp": [ | ||
12 | { | ||
13 | "created_at": "2022-12-27T14:23:02Z", | ||
14 | "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAwJ0Di7OfQ+O1k/D/tA3AzQAmwl/+8mN0kdLD/hAHyVMw\nSetR3yQECXHycm8uw24INYUg1gmVgSg8uunM06F9in15qC89nTBXyTwI37dvSRjM\n0l4BcfRGOenwU+XCRacm10eqZUtVTkgcD43Fz/wjghN6G6j4IGap6tJq6lnA21vb\nIM+qaaR1s8Abdd2CEqsvmB0vF4lacmr7yu1hr9c8C9ooe+pP6MTb4SOpoOjVIqqW\n=r9Oo\n-----END PGP MESSAGE-----\n", | ||
15 | "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" | ||
16 | }, | ||
17 | { | ||
18 | "created_at": "2022-12-27T14:23:02Z", | ||
19 | "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdA2xewM1PTAgVs4hggZclYUf3cElF/X1N/sDEsygP54UYw\nTby6Gv+iooRsVmE7FJbvFAVBYEHbNquHdyuSVs8KujoeunEB3xVqeARktC83dKaF\n0l4BzqnrEbTH9R3bnPKOiN8kGiOXS6UjmQZYfrFNphVGGOf/YcTOuGjUISsKd9K6\nDi3zyFY6NiY85Fb0U4LUtAlqz7mbqmjBho1kNezEFvmwLf12XdKE4SXmnnJMoruf\n=bZIq\n-----END PGP MESSAGE-----\n", | ||
20 | "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" | ||
21 | } | ||
22 | ], | ||
23 | "unencrypted_suffix": "_unencrypted", | ||
24 | "version": "3.7.3" | ||
25 | } | ||
26 | } \ No newline at end of file | ||
diff --git a/hosts/surtr/tls/tsig_keys/mta-sts.kleen.consulting b/hosts/surtr/tls/tsig_keys/mta-sts.kleen.consulting new file mode 100644 index 00000000..6f146483 --- /dev/null +++ b/hosts/surtr/tls/tsig_keys/mta-sts.kleen.consulting | |||
@@ -0,0 +1,26 @@ | |||
1 | { | ||
2 | "data": "ENC[AES256_GCM,data:32WD88YaqLsJO//uygFzPLknns8FR/19E7FeB2fyFXnTI2lscJWILD5NwKLJ,iv:gdR4hfH/ahbOwgsVjxmv3qldr/LHxmi59WiRwGKWo/Y=,tag:mmw+bVqiRnRExy8lJXdb3Q==,type:str]", | ||
3 | "sops": { | ||
4 | "kms": null, | ||
5 | "gcp_kms": null, | ||
6 | "azure_kv": null, | ||
7 | "hc_vault": null, | ||
8 | "age": null, | ||
9 | "lastmodified": "2022-12-27T14:23:04Z", | ||
10 | "mac": "ENC[AES256_GCM,data:8EPTej63BLWSW1h6bGPBymbmxn/MTAYGlQXfNAZYOG7bvOT/OJEepZGM+GpwbTDT5adDC9BIwjIaIuvN2YxyQxamC0v2kt64JIfOJqNcL2YDkKF6GgQkdo86T+5N/xq/gma6JIrl1ZHromiUJIU/nTgkU4ouaX+syXQ+H3TgxFE=,iv:nUNYWMXB4QHKT70B01AQiw4utByAMCSY54Zo5XJ6C3E=,tag:NsEyfxPfgCIQZsKIFQTuiw==,type:str]", | ||
11 | "pgp": [ | ||
12 | { | ||
13 | "created_at": "2022-12-27T14:23:04Z", | ||
14 | "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAeGtiVx4eUHTbjv3xB+wVYZawZIS/a2EmY47xxDX8O2gw\njMHI7vF4bQGlWbwnJLMXIfxtK5gUontCZgTHneqClXPF78hibtCUBuhvAvsu5DCs\n0l4ByzrIpQSjo51JYx0mmaPifSN30EvYbgtYRgExQ+b0FAUAzh7DyNvb++3kz1DI\nOUJ5Fwt6nwVdBZlgAPHIJaCF91DNhav833U/tY8DA9IzigAA5dVhB4pR0OMMsLND\n=nJtD\n-----END PGP MESSAGE-----\n", | ||
15 | "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" | ||
16 | }, | ||
17 | { | ||
18 | "created_at": "2022-12-27T14:23:04Z", | ||
19 | "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAUE75g5kvTpMz2+wm0CKP2P0AfSMADGKQ/GW5kz4Rkmkw\nqUIe0vaLueUkbvAzgHvoNC+og+CUQo9qhSozK/vJLfxmKZ0gNbc2H56w3IKexoZs\n0l4BWF9JMxJPysnr19GW9kEstGT6cLCEzumojbsRqtOkEsISrHhHUjv2IYD1Tvpt\n0s9gdLIrr9ovwJV09LeUZOZZS+a4hBa3tGfFnWw81dAGnuZlXeC0kmTYV3Xn5cH5\n=i4Df\n-----END PGP MESSAGE-----\n", | ||
20 | "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" | ||
21 | } | ||
22 | ], | ||
23 | "unencrypted_suffix": "_unencrypted", | ||
24 | "version": "3.7.3" | ||
25 | } | ||
26 | } \ No newline at end of file | ||