From cfc871cce6aefaa0ff64619780a807cba761c6b2 Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Mon, 30 Jan 2023 12:20:23 +0100 Subject: ... --- .sops.yaml | 39 ++ flake.lock | 113 ++-- flake.nix | 28 +- hosts/sif/gkleen-rclone.yaml | 34 +- hosts/sif/mail/secrets.yaml | 34 +- hosts/sif/wgrz/privkey | 16 +- hosts/surtr/bifrost/surtr.priv | 16 +- hosts/surtr/dns/default.nix | 12 +- hosts/surtr/dns/keys/141.li_acme | 26 + hosts/surtr/dns/keys/141.li_acme.yaml | 26 - hosts/surtr/dns/keys/app.etesync.yggdrasil.li_acme | 26 + .../dns/keys/app.etesync.yggdrasil.li_acme.yaml | 26 - hosts/surtr/dns/keys/bouncy.email_acme | 26 + hosts/surtr/dns/keys/bouncy.email_acme.yaml | 26 - hosts/surtr/dns/keys/dirty-haskell.org_acme | 26 + hosts/surtr/dns/keys/dirty-haskell.org_acme.yaml | 26 - hosts/surtr/dns/keys/element.synapse.li_acme | 26 + hosts/surtr/dns/keys/element.synapse.li_acme.yaml | 26 - hosts/surtr/dns/keys/etesync.yggdrasil.li_acme | 26 + .../surtr/dns/keys/etesync.yggdrasil.li_acme.yaml | 26 - hosts/surtr/dns/keys/imap.bouncy.email_acme | 26 + hosts/surtr/dns/keys/imap.bouncy.email_acme.yaml | 26 - hosts/surtr/dns/keys/imap.kleen.consulting_acme | 26 + .../surtr/dns/keys/imap.kleen.consulting_acme.yaml | 26 - hosts/surtr/dns/keys/kleen.consulting_acme | 26 + hosts/surtr/dns/keys/kleen.consulting_acme.yaml | 26 - hosts/surtr/dns/keys/kleen.li_acme | 26 + hosts/surtr/dns/keys/kleen.li_acme.yaml | 26 - hosts/surtr/dns/keys/knot_local | 26 + hosts/surtr/dns/keys/knot_local.yaml | 26 - hosts/surtr/dns/keys/mailin.bouncy.email_acme | 26 + hosts/surtr/dns/keys/mailin.bouncy.email_acme.yaml | 26 - hosts/surtr/dns/keys/mailin.kleen.consulting_acme | 26 + .../dns/keys/mailin.kleen.consulting_acme.yaml | 26 - hosts/surtr/dns/keys/mailsub.bouncy.email_acme | 26 + .../surtr/dns/keys/mailsub.bouncy.email_acme.yaml | 26 - hosts/surtr/dns/keys/mailsub.kleen.consulting_acme | 26 + .../dns/keys/mailsub.kleen.consulting_acme.yaml | 26 - hosts/surtr/dns/keys/mta-sts.bouncy.email_acme | 26 + .../surtr/dns/keys/mta-sts.bouncy.email_acme.yaml | 26 - hosts/surtr/dns/keys/mta-sts.kleen.consulting_acme | 26 + .../dns/keys/mta-sts.kleen.consulting_acme.yaml | 26 - hosts/surtr/dns/keys/nights.email_acme | 26 + hosts/surtr/dns/keys/nights.email_acme.yaml | 26 - hosts/surtr/dns/keys/praseodym.org_acme | 26 + hosts/surtr/dns/keys/praseodym.org_acme.yaml | 26 - hosts/surtr/dns/keys/rheperire.org_acme | 26 + hosts/surtr/dns/keys/rheperire.org_acme.yaml | 26 - hosts/surtr/dns/keys/spm.bouncy.email_acme | 26 + hosts/surtr/dns/keys/spm.bouncy.email_acme.yaml | 26 - hosts/surtr/dns/keys/surtr.yggdrasil.li_acme | 26 + hosts/surtr/dns/keys/surtr.yggdrasil.li_acme.yaml | 26 - hosts/surtr/dns/keys/synapse.li_acme | 26 + hosts/surtr/dns/keys/synapse.li_acme.yaml | 26 - hosts/surtr/dns/keys/turn.synapse.li_acme | 26 + hosts/surtr/dns/keys/turn.synapse.li_acme.yaml | 26 - hosts/surtr/dns/keys/webdav.141.li_acme | 26 + hosts/surtr/dns/keys/webdav.141.li_acme.yaml | 26 - hosts/surtr/dns/keys/xmpp.li_acme | 26 + hosts/surtr/dns/keys/xmpp.li_acme.yaml | 26 - hosts/surtr/dns/keys/yggdrasil.li_acme | 26 + hosts/surtr/dns/keys/yggdrasil.li_acme.yaml | 26 - hosts/surtr/dns/keys/ymir_acme | 26 + hosts/surtr/dns/keys/ymir_acme.yaml | 26 - hosts/surtr/email/ca/gkleen@sif.key | 9 +- hosts/surtr/email/default.nix | 22 +- hosts/surtr/email/spm-keys.json | 16 +- hosts/surtr/etebase/default.nix | 14 +- hosts/surtr/etebase/secret.txt | 16 +- hosts/surtr/http/webdav/default.nix | 8 +- hosts/surtr/matrix/coturn-auth-secret | 16 +- hosts/surtr/matrix/coturn-auth-secret.yaml | 26 - hosts/surtr/matrix/coturn-auth-secret_yaml | 26 + hosts/surtr/matrix/default.nix | 26 +- hosts/surtr/matrix/registration.yaml | 26 - hosts/surtr/matrix/registration_yaml | 26 + hosts/surtr/postgresql/pgbackrest.key | 16 +- hosts/surtr/prometheus/tls.key | 16 +- hosts/surtr/tls/default.nix | 155 +++-- hosts/surtr/tls/tsig_keys/141.li | 16 +- hosts/surtr/tls/tsig_keys/app.etesync.yggdrasil.li | 16 +- hosts/surtr/tls/tsig_keys/bouncy.email | 16 +- hosts/surtr/tls/tsig_keys/dirty-haskell.org | 16 +- hosts/surtr/tls/tsig_keys/element.synapse.li | 16 +- hosts/surtr/tls/tsig_keys/etesync.yggdrasil.li | 16 +- hosts/surtr/tls/tsig_keys/imap.bouncy.email | 16 +- hosts/surtr/tls/tsig_keys/imap.kleen.consulting | 16 +- hosts/surtr/tls/tsig_keys/kleen.consulting | 16 +- hosts/surtr/tls/tsig_keys/kleen.li | 16 +- hosts/surtr/tls/tsig_keys/mailin.bouncy.email | 16 +- hosts/surtr/tls/tsig_keys/mailin.kleen.consulting | 16 +- hosts/surtr/tls/tsig_keys/mailsub.bouncy.email | 16 +- hosts/surtr/tls/tsig_keys/mailsub.kleen.consulting | 16 +- hosts/surtr/tls/tsig_keys/mta-sts.bouncy.email | 16 +- hosts/surtr/tls/tsig_keys/mta-sts.kleen.consulting | 16 +- hosts/surtr/tls/tsig_keys/nights.email | 16 +- hosts/surtr/tls/tsig_keys/praseodym.org | 16 +- hosts/surtr/tls/tsig_keys/rheperire.org | 16 +- hosts/surtr/tls/tsig_keys/spm.bouncy.email | 16 +- hosts/surtr/tls/tsig_keys/surtr.yggdrasil.li | 16 +- hosts/surtr/tls/tsig_keys/synapse.li | 16 +- hosts/surtr/tls/tsig_keys/turn.synapse.li | 16 +- hosts/surtr/tls/tsig_keys/webdav.141.li | 16 +- hosts/surtr/tls/tsig_keys/xmpp.li | 16 +- hosts/surtr/tls/tsig_keys/yggdrasil.li | 16 +- hosts/surtr/vpn/sif.priv | 16 +- hosts/surtr/vpn/surtr.priv | 16 +- hosts/surtr/zfs.nix | 7 +- hosts/vidhar/borg/append.borgbase | 16 +- hosts/vidhar/borg/jotnar/surtr | 16 +- hosts/vidhar/borg/yggdrasil.borgkey | 16 +- hosts/vidhar/dns/keys/local.yaml | 26 - hosts/vidhar/dns/keys/local_yaml | 26 + hosts/vidhar/grafana-admin-password | 16 +- hosts/vidhar/grafana-secret-key | 16 +- hosts/vidhar/network/bifrost/vidhar.priv | 16 +- hosts/vidhar/network/dhcp/knot-tsig.json.frag | 16 +- hosts/vidhar/network/pap-secrets | 16 +- hosts/vidhar/pgbackrest/tls.key | 16 +- hosts/vidhar/prometheus/tls.key | 16 +- hosts/vidhar/prometheus/zte_dsl01.mgmt.yggdrasil | 16 +- hosts/vidhar/selfsigned.key | 16 +- hosts/vidhar/zfs.nix | 7 +- modules/yggdrasil-wg/hosts/4/sif.priv | 16 +- modules/yggdrasil-wg/hosts/4/surtr.priv | 16 +- modules/yggdrasil-wg/hosts/4/vidhar.priv | 16 +- modules/yggdrasil-wg/hosts/6/sif.priv | 16 +- modules/yggdrasil-wg/hosts/6/surtr.priv | 16 +- modules/yggdrasil-wg/hosts/6/vidhar.priv | 16 +- modules/yggdrasil/hosts/sif/private-keys.yaml | 39 +- shell.nix | 5 +- system-profiles/build-server/clients/sif/private | 16 +- system-profiles/core.nix | 4 +- .../initrd-ssh/host-keys/vidhar-private.yaml | 34 +- system-profiles/openssh/host-keys/sif.yaml | 39 +- system-profiles/openssh/host-keys/surtr.yaml | 34 +- system-profiles/openssh/host-keys/vidhar.yaml | 34 +- system-profiles/openssh/host-moduli/sif | 16 +- system-profiles/openssh/host-moduli/surtr | 16 +- system-profiles/openssh/host-moduli/vidhar | 16 +- system-profiles/rebuild-machines/ssh/sif/private | 16 +- system-profiles/rebuild-machines/ssh/surtr/private | 16 +- .../rebuild-machines/ssh/vidhar/private | 16 +- tools/.keep | 0 tools/ca/ca/__main__.py | 667 --------------------- tools/ca/default.nix | 25 - tools/ca/setup.py | 10 - tools/sops-inventory/default.nix | 19 + tools/sops-inventory/setup.py | 11 + tools/sops-inventory/sops_inventory/__init__.py | 0 tools/sops-inventory/sops_inventory/__main__.py | 85 +++ tools/tai64dec/default.nix | 18 - tools/tai64dec/setup.py | 10 - tools/tai64dec/tai64dec/__main__.py | 46 -- user-profiles/utils.nix | 6 +- 155 files changed, 1753 insertions(+), 2413 deletions(-) create mode 100644 .sops.yaml create mode 100644 hosts/surtr/dns/keys/141.li_acme delete mode 100644 hosts/surtr/dns/keys/141.li_acme.yaml create mode 100644 hosts/surtr/dns/keys/app.etesync.yggdrasil.li_acme delete mode 100644 hosts/surtr/dns/keys/app.etesync.yggdrasil.li_acme.yaml create mode 100644 hosts/surtr/dns/keys/bouncy.email_acme delete mode 100644 hosts/surtr/dns/keys/bouncy.email_acme.yaml create mode 100644 hosts/surtr/dns/keys/dirty-haskell.org_acme delete mode 100644 hosts/surtr/dns/keys/dirty-haskell.org_acme.yaml create mode 100644 hosts/surtr/dns/keys/element.synapse.li_acme delete mode 100644 hosts/surtr/dns/keys/element.synapse.li_acme.yaml create mode 100644 hosts/surtr/dns/keys/etesync.yggdrasil.li_acme delete mode 100644 hosts/surtr/dns/keys/etesync.yggdrasil.li_acme.yaml create mode 100644 hosts/surtr/dns/keys/imap.bouncy.email_acme delete mode 100644 hosts/surtr/dns/keys/imap.bouncy.email_acme.yaml create mode 100644 hosts/surtr/dns/keys/imap.kleen.consulting_acme delete mode 100644 hosts/surtr/dns/keys/imap.kleen.consulting_acme.yaml create mode 100644 hosts/surtr/dns/keys/kleen.consulting_acme delete mode 100644 hosts/surtr/dns/keys/kleen.consulting_acme.yaml create mode 100644 hosts/surtr/dns/keys/kleen.li_acme delete mode 100644 hosts/surtr/dns/keys/kleen.li_acme.yaml create mode 100644 hosts/surtr/dns/keys/knot_local delete mode 100644 hosts/surtr/dns/keys/knot_local.yaml create mode 100644 hosts/surtr/dns/keys/mailin.bouncy.email_acme delete mode 100644 hosts/surtr/dns/keys/mailin.bouncy.email_acme.yaml create mode 100644 hosts/surtr/dns/keys/mailin.kleen.consulting_acme delete mode 100644 hosts/surtr/dns/keys/mailin.kleen.consulting_acme.yaml create mode 100644 hosts/surtr/dns/keys/mailsub.bouncy.email_acme delete mode 100644 hosts/surtr/dns/keys/mailsub.bouncy.email_acme.yaml create mode 100644 hosts/surtr/dns/keys/mailsub.kleen.consulting_acme delete mode 100644 hosts/surtr/dns/keys/mailsub.kleen.consulting_acme.yaml create mode 100644 hosts/surtr/dns/keys/mta-sts.bouncy.email_acme delete mode 100644 hosts/surtr/dns/keys/mta-sts.bouncy.email_acme.yaml create mode 100644 hosts/surtr/dns/keys/mta-sts.kleen.consulting_acme delete mode 100644 hosts/surtr/dns/keys/mta-sts.kleen.consulting_acme.yaml create mode 100644 hosts/surtr/dns/keys/nights.email_acme delete mode 100644 hosts/surtr/dns/keys/nights.email_acme.yaml create mode 100644 hosts/surtr/dns/keys/praseodym.org_acme delete mode 100644 hosts/surtr/dns/keys/praseodym.org_acme.yaml create mode 100644 hosts/surtr/dns/keys/rheperire.org_acme delete mode 100644 hosts/surtr/dns/keys/rheperire.org_acme.yaml create mode 100644 hosts/surtr/dns/keys/spm.bouncy.email_acme delete mode 100644 hosts/surtr/dns/keys/spm.bouncy.email_acme.yaml create mode 100644 hosts/surtr/dns/keys/surtr.yggdrasil.li_acme delete mode 100644 hosts/surtr/dns/keys/surtr.yggdrasil.li_acme.yaml create mode 100644 hosts/surtr/dns/keys/synapse.li_acme delete mode 100644 hosts/surtr/dns/keys/synapse.li_acme.yaml create mode 100644 hosts/surtr/dns/keys/turn.synapse.li_acme delete mode 100644 hosts/surtr/dns/keys/turn.synapse.li_acme.yaml create mode 100644 hosts/surtr/dns/keys/webdav.141.li_acme delete mode 100644 hosts/surtr/dns/keys/webdav.141.li_acme.yaml create mode 100644 hosts/surtr/dns/keys/xmpp.li_acme delete mode 100644 hosts/surtr/dns/keys/xmpp.li_acme.yaml create mode 100644 hosts/surtr/dns/keys/yggdrasil.li_acme delete mode 100644 hosts/surtr/dns/keys/yggdrasil.li_acme.yaml create mode 100644 hosts/surtr/dns/keys/ymir_acme delete mode 100644 hosts/surtr/dns/keys/ymir_acme.yaml delete mode 100644 hosts/surtr/matrix/coturn-auth-secret.yaml create mode 100644 hosts/surtr/matrix/coturn-auth-secret_yaml delete mode 100644 hosts/surtr/matrix/registration.yaml create mode 100644 hosts/surtr/matrix/registration_yaml delete mode 100644 hosts/vidhar/dns/keys/local.yaml create mode 100644 hosts/vidhar/dns/keys/local_yaml create mode 100644 tools/.keep delete mode 100644 tools/ca/ca/__main__.py delete mode 100644 tools/ca/default.nix delete mode 100644 tools/ca/setup.py create mode 100644 tools/sops-inventory/default.nix create mode 100644 tools/sops-inventory/setup.py create mode 100644 tools/sops-inventory/sops_inventory/__init__.py create mode 100644 tools/sops-inventory/sops_inventory/__main__.py delete mode 100644 tools/tai64dec/default.nix delete mode 100644 tools/tai64dec/setup.py delete mode 100644 tools/tai64dec/tai64dec/__main__.py diff --git a/.sops.yaml b/.sops.yaml new file mode 100644 index 00000000..268904a1 --- /dev/null +++ b/.sops.yaml @@ -0,0 +1,39 @@ +keys: + - &admin_gkleen 30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51 + - &machine_surtr age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq + - &machine_sif age1ure0athvtnaqqw48pe0y3upqdzmkaen9h70yggd9va4hva6avd8qqm6s4d # F1AF20B9511B63F681A14E8D51AEFBCD1DEF68F8 + - &machine_vidhar age1qffdqvy9arld9zd5a5cylt0n98xhcns5shxhrhwjq5g4qa844ejselaa4l # A1C7C95E6CAF0A965CB47277BCF50A89C1B1F362 + +creation_rules: + - path_regex: ^hosts/surtr/vpn/surtr\.priv$ + key_groups: + - age: [ *machine_surtr ] + pgp: [ *admin_gkleen ] + - path_regex: ^hosts/surtr/vpn/sif\.priv$ + key_groups: + - age: [ *machine_sif ] + pgp: [ *admin_gkleen ] + - path_regex: ^hosts/surtr/email/ca/[^/]+.*$ + key_groups: + - pgp: [ *admin_gkleen ] + - path_regex: ^hosts/surtr/vpn/[^/]+.*$ + - path_regex: ^(.*/)?surtr(-private)?(/.+|\..+)?$ + key_groups: + - age: [ *machine_surtr ] + pgp: [ *admin_gkleen ] + - path_regex: ^hosts/vidhar/borg/jotnar/ymir$ + key_groups: + - pgp: [ *admin_gkleen ] + - path_regex: ^hosts/vidhar/borg/jotnar/[^/]+.*$ + - path_regex: ^hosts/vidhar/(prometheus|pgbackrest)/ca/[^/]+.*$ + key_groups: + - pgp: [ *admin_gkleen ] + - path_regex: ^(.*/)?vidhar(-private)?(/.+|\..+)?$ + key_groups: + - age: [ *machine_vidhar ] + pgp: [ *admin_gkleen ] + - path_regex: ^(.*/)?sif(-private)?(/.+|\..+)?$ + key_groups: + - age: [ *machine_sif ] + pgp: [ *admin_gkleen ] + diff --git a/flake.lock b/flake.lock index a120770d..76b91fd8 100644 --- a/flake.lock +++ b/flake.lock @@ -1,5 +1,33 @@ { "nodes": { + "ca-util": { + "inputs": { + "leapseconds": "leapseconds", + "mach-nix": [ + "mach-nix" + ], + "nixpkgs": [ + "nixpkgs" + ], + "pypi-deps-db": [ + "pypi-deps-db" + ] + }, + "locked": { + "lastModified": 1674031436, + "narHash": "sha256-4+vtkiFvRbs9NEmdQGHJaYpFrH8AbzBYH4U8XU3peMk=", + "owner": "gkleen", + "repo": "ca", + "rev": "2b4abef8f9d02de60be4bcfdfe8be8e5b15127aa", + "type": "gitlab" + }, + "original": { + "owner": "gkleen", + "ref": "v2.0.1", + "repo": "ca", + "type": "gitlab" + } + }, "deploy-rs": { "inputs": { "flake-compat": [ @@ -8,7 +36,9 @@ "nixpkgs": [ "nixpkgs" ], - "utils": "utils" + "utils": [ + "flake-utils" + ] }, "locked": { "lastModified": 1672327199, @@ -43,21 +73,6 @@ } }, "flake-utils": { - "locked": { - "lastModified": 1642700792, - "narHash": "sha256-XqHrk7hFb+zBvRg6Ghl+AZDq03ov6OshJLiSWOoX5es=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "846b2ae0fc4cc943637d3d1def4454213e203cba", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "flake-utils_2": { "locked": { "lastModified": 1667395993, "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", @@ -68,6 +83,7 @@ }, "original": { "owner": "numtide", + "ref": "master", "repo": "flake-utils", "type": "github" } @@ -77,7 +93,9 @@ "nixpkgs": [ "nixpkgs" ], - "utils": "utils_2" + "utils": [ + "flake-utils" + ] }, "locked": { "lastModified": 1673654363, @@ -108,7 +126,9 @@ }, "mach-nix": { "inputs": { - "flake-utils": "flake-utils", + "flake-utils": [ + "flake-utils" + ], "nixpkgs": [ "nixpkgs" ], @@ -184,28 +204,14 @@ "type": "github" } }, - "nixpkgs-stable_2": { - "locked": { - "lastModified": 1673100377, - "narHash": "sha256-mT76pTd0YFxT6CwtPhDgHJhuIgLY+ZLSMiQpBufwMG4=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "9f11a2df77cb945c115ae2a65f53f38121597d73", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "release-22.11", - "repo": "nixpkgs", - "type": "github" - } - }, "nvfetcher": { "inputs": { "flake-compat": [ "flake-compat" ], - "flake-utils": "flake-utils_2", + "flake-utils": [ + "flake-utils" + ], "nixpkgs": [ "nixpkgs" ] @@ -243,10 +249,11 @@ }, "root": { "inputs": { + "ca-util": "ca-util", "deploy-rs": "deploy-rs", "flake-compat": "flake-compat", + "flake-utils": "flake-utils", "home-manager": "home-manager", - "leapseconds": "leapseconds", "mach-nix": "mach-nix", "nix-index-database": "nix-index-database", "nixpkgs": "nixpkgs", @@ -261,7 +268,9 @@ "nixpkgs": [ "nixpkgs" ], - "nixpkgs-stable": "nixpkgs-stable_2" + "nixpkgs-stable": [ + "nixpkgs-stable" + ] }, "locked": { "lastModified": 1673481602, @@ -277,36 +286,6 @@ "repo": "sops-nix", "type": "github" } - }, - "utils": { - "locked": { - "lastModified": 1667395993, - "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "utils_2": { - "locked": { - "lastModified": 1667395993, - "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } } }, "root": "root", diff --git a/flake.nix b/flake.nix index 4913fe2f..0cd53be3 100644 --- a/flake.nix +++ b/flake.nix @@ -24,6 +24,7 @@ rev = "860d9f96de3c02ca3d5121f1a4b6d457c48a3c80"; inputs = { nixpkgs.follows = "nixpkgs"; + utils.follows = "flake-utils"; }; }; sops-nix = { @@ -31,7 +32,10 @@ owner = "Mic92"; repo = "sops-nix"; ref = "master"; - inputs.nixpkgs.follows = "nixpkgs"; + inputs = { + nixpkgs.follows = "nixpkgs"; + nixpkgs-stable.follows = "nixpkgs-stable"; + }; }; deploy-rs = { type = "github"; @@ -40,6 +44,7 @@ ref = "master"; inputs = { nixpkgs.follows = "nixpkgs"; + utils.follows = "flake-utils"; flake-compat.follows = "flake-compat"; }; }; @@ -50,6 +55,7 @@ ref = "master"; inputs = { nixpkgs.follows = "nixpkgs"; + flake-utils.follows = "flake-utils"; flake-compat.follows = "flake-compat"; }; }; @@ -60,6 +66,12 @@ ref = "master"; flake = false; }; + flake-utils = { + type = "github"; + owner = "numtide"; + repo = "flake-utils"; + ref = "master"; + }; nix-index-database = { type = "github"; owner = "Mic92"; @@ -81,13 +93,21 @@ ref = "65266b5cc867fec2cb6a25409dd7cd12251f6107"; inputs = { nixpkgs.follows = "nixpkgs"; + flake-utils.follows = "flake-utils"; pypi-deps-db.follows = "pypi-deps-db"; }; }; - leapseconds = { - url = "https://www.ietf.org/timezones/data/leap-seconds.list"; - flake = false; + ca-util = { + type = "gitlab"; + owner = "gkleen"; + repo = "ca"; + ref = "v2.0.1"; + inputs = { + nixpkgs.follows = "nixpkgs"; + mach-nix.follows = "mach-nix"; + pypi-deps-db.follows = "pypi-deps-db"; + }; }; }; diff --git a/hosts/sif/gkleen-rclone.yaml b/hosts/sif/gkleen-rclone.yaml index 2ea2ffa5..4bc07556 100644 --- a/hosts/sif/gkleen-rclone.yaml +++ b/hosts/sif/gkleen-rclone.yaml @@ -4,30 +4,28 @@ sops: gcp_kms: [] azure_kv: [] hc_vault: [] - age: [] + age: + - recipient: age1ure0athvtnaqqw48pe0y3upqdzmkaen9h70yggd9va4hva6avd8qqm6s4d + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhazlZcFRyY2ZxZ2dLb00v + SzZmM3paanI1b090NW8za1FKa3Q0bWlKeTJNCllhRGo2bDNaMkxpMHlweEZGU3FQ + SlFIQmxqK2trWm5TRFp0SEhVRUNNWncKLS0tIHc3OGNqbHF0eFozdWp1V3IvRFJJ + bzd6VTRPT1pqYVFPQ0IyblVQdWt4MUUKtp8FKeOVhZ6DTY0euegOFcmUL6bNYlml + 1DlbDUF47mAMz6HfsvpyoJmLG/uQBCXUVIpP18ignQtJJx043+vnEA== + -----END AGE ENCRYPTED FILE----- lastmodified: "2022-01-31T18:19:02Z" mac: ENC[AES256_GCM,data:E/XAsuv+EqFud686SHuRp6XZ4f8uoXMI2rnPI733lQg/x/zuvCoOil9AtnQpStnu9wchlbee/y53uUDzAdTiYsjBCRqqt+19iAPnRHPZ2eb82SPetIRA8leKhiJFtOpHFTmlPYHCokxVBH6qLDjaJj/1Dx7Iv9xoAB4ECYnWxTo=,iv:wY5p++ixK5KA+Xnpuj0/3YBLMr/CQwIm3Nj3DzQC4II=,tag:f+7rincFHPEJZp+QJ2iiMQ==,type:str] pgp: - - created_at: "2022-01-31T18:18:47Z" - enc: | - -----BEGIN PGP MESSAGE----- - - hF4Dgwm4NZSaLAcSAQdAUKSZSIjnxB4fF01PZ3olACus3BJ1Qp/w1Ce9HXDxnUkw - wzWheWvUd0V/yqW7m3zU4XD8fFaRByhlgWJiu7FJxXoeDpnYarxFWB6aeSyPEGrM - 0l4Bv9XXCd8ko5m+QkzCgSRMeg0oBIJFRX7RMN00T72Um85U2dkG2LxMS+diPhtu - RYZf11B5HUcj76GhRgEJUTiONZLskEfTaeB/No5c8A+v1RdKgTm2oHrzztgEnu0o - =noMa - -----END PGP MESSAGE----- - fp: F1AF20B9511B63F681A14E8D51AEFBCD1DEF68F8 - - created_at: "2022-01-31T18:18:47Z" + - created_at: "2023-01-30T10:58:04Z" enc: | -----BEGIN PGP MESSAGE----- - hF4DXxoViZlp6dISAQdAhx0jN7OoWV2Vrax1bkkG4ug00AcjP2OZmhctuYllEiMw - smClNFKFOpvVRziyCH39JhRPuEMzId5Y/J8L9U9ecoU0iX75tyA95qAHApYzrFQA - 0l4B+TmXkZZRMeNmV+r3CXUkYbbkIw19nkuT7wddbWd31tFvww9b3CaEnGCBwvhx - XdezFGbobmKF+O1NhD8cw/QLAlFcEXeYvOVXU65ryupy0LpBz7OIUd/umpSkjMk2 - =4582 + hF4DXxoViZlp6dISAQdAEEQ+ELalInEqD7WVWPyhz9C2WGOAqYZdW8wHn+i7c3cw + HgPkJXA0JJBawtQ+eqWtVBbmZbabVdiZ7xOAlVQWrVXa7tN7s2y4yY6KESB/5NFo + 0l4BvOF0KdMDkBx9rhVakSfCJ9w/3ZodD2tZ/KgttamnsYg9EwI2xDSsFowK0gUM + 2t7ZnDbDsQCrIR0y/qL5DwFVVKlvbDl5ZGLq5Py/ECMh5WdsEQ0dqBmeytxN44gw + =SxAd -----END PGP MESSAGE----- fp: 30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51 unencrypted_suffix: _unencrypted diff --git a/hosts/sif/mail/secrets.yaml b/hosts/sif/mail/secrets.yaml index 9b888f60..5ac36cc6 100644 --- a/hosts/sif/mail/secrets.yaml +++ b/hosts/sif/mail/secrets.yaml @@ -4,30 +4,28 @@ sops: gcp_kms: [] azure_kv: [] hc_vault: [] - age: [] + age: + - recipient: age1ure0athvtnaqqw48pe0y3upqdzmkaen9h70yggd9va4hva6avd8qqm6s4d + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBEYkM2VWRIZzZCQUVYeThv + eWhHZE5GVFVOSUtLcDBXQmhtdFhuTThBdTF3ClNVcDl3SUdRMGJXOENyNWdSb21z + OXY1QUNwUjRrbU00b2hHS3pJM3diTFkKLS0tIEFxV2JSbWphdEEzbE8xbkd2cXBz + dEhFSDVKbFJJZWRPY3o2am94ZURJL2cKwJkjD9jarS3zdcNBVpx3cIjh8XmXCL+C + AN1T7DQjzQpD65Mdbj9QqXx1p0HmjO/sqr1yNQopub8oQneLbtx8Gg== + -----END AGE ENCRYPTED FILE----- lastmodified: "2022-02-02T14:45:23Z" mac: ENC[AES256_GCM,data:UdM/VmdfqhYm1aFCHaO0mbJA/oyV/J2oKVVmGDa0Co3MWq9aWMqP726O+rLk36W0HOG4fmue//R1Q524au2hMW9bZUFzrubfQt2V78tZRZeHCJSRmOmi1D1EDdfPz9J3oWDvIEgIIsAk5H5EuuH0j6FILye6tzcomNGDAKZbwuc=,iv:a7dJAqkcroLp01gkGKV5gm6gTIIMa/9P8qJn44ISrw0=,tag:R9/6X6mgfVSLK7bmoWRnfQ==,type:str] pgp: - - created_at: "2021-01-02T19:29:14Z" - enc: | - -----BEGIN PGP MESSAGE----- - - hF4Dgwm4NZSaLAcSAQdAE/883Tbc7WXuzOxjm5jVrOSbnYe+BEg75ijtZP2L3UMw - 4mhqzy576jEQLPGrnMpX2zA2MwFAwGnMwC98sQ4vVTp/xgNQ0VHHNM4GnTi6VoUb - 0l4BLgQrT6p2ul69ADecadWJsGm6roqMHrpNGZeeczDLOBIzrrwN4sL92jQiEPw9 - Ih+EXJpJ1K4NouU1VRsfQPqJ6y+i295TnEgunlJeYc/MNQgBT4ABiPZgUZXnkhxl - =7rOv - -----END PGP MESSAGE----- - fp: F1AF20B9511B63F681A14E8D51AEFBCD1DEF68F8 - - created_at: "2021-01-02T19:29:14Z" + - created_at: "2023-01-30T10:58:14Z" enc: | -----BEGIN PGP MESSAGE----- - hF4DXxoViZlp6dISAQdAGifJ6qk40VdF/WKaYa9v97PdSVkPvHZt+j0G8+ZDJSEw - 8XC1622ElTWRCZ2bjUwMF77DMgMy3rEr8B7Bj6MnEzDd/Af63Np1cO+7juybxqhz - 0l4BO6uZ+gCvKg45jWX0GE6ZBkoUTvh24djTngHFyIHDnpCxSB6s+jcYR9otco2F - ++E2pcoQR4GuOeyYa/8UsW+RzKWpCfskYbSIt4gAXyCt8ua1y5Rw0DEVdw91uJNC - =E/qh + hF4DXxoViZlp6dISAQdAYwW96YVgfK1Y3Ue1EA3qbE3zw4k4gdTnzWeBB2Ljux4w + urG4pwe47rkuq3e1TMdZxxDeZe0OvLwaZBVfD+eFVUrnLYbkrm4shvrq+6xv70Zm + 0l4BvG9W6VvUXNyKR0Bl65K/hqm8A7GOBPfB35npsY+1ufeJJYdmxX6n7dL94SX5 + he4m9JRuiyPrRxomudU5nrWLQwKQk8WtavExfVq6zIlnkhlGerKbxDVEIsFaDleT + =7IFo -----END PGP MESSAGE----- fp: 30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51 unencrypted_suffix: _unencrypted diff --git a/hosts/sif/wgrz/privkey b/hosts/sif/wgrz/privkey index c17f3415..66ad2bd5 100644 --- a/hosts/sif/wgrz/privkey +++ b/hosts/sif/wgrz/privkey @@ -5,18 +5,18 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age1ure0athvtnaqqw48pe0y3upqdzmkaen9h70yggd9va4hva6avd8qqm6s4d", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHZWp5NWNJRDhGVzEza2hw\nR0dXSVljL2h0V3BKY0NBdHNGMUQ4VWZVQjNBCnMyWElnblBHLzF5VTB0R0xQMFd6\namRDb3JvNXJkNnFyMzloR2VPNFVyV1EKLS0tIDZiNkFFUnFKKzFObjd5VU04eXQ3\nVzdXem9FM2QwMjdvY3JRS1NYZEJHbk0KiyJDq69kk/gS7xMwqJRb3fzvl5wFIXN1\nxkdHl9pCQYGwgLUuHFgrNCseiDIO2n4hf2wEfbgS5F/errO91GGEBg==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2022-02-03T14:44:50Z", "mac": "ENC[AES256_GCM,data:LzYx8LqNy2NPr9+5v/f9ExE2PR1xHm1O1ldK2xPZFc3yMrgOpJpIF+sEHqf3Pv9prLbVC/2pSuAdtKrPqQdTWV8cCtaj8h4aBrnU9WHRESMe/ZkrpipeCEMuzBrhAjf94FQqI0gEkfUAq27nxyXJfaYw7eIfEKBqO6gZPGOiLpM=,iv:I1BGnMxm+R9ci0zBsJU0LbTkuxhZFfvgZ+01QcZCCTw=,tag:jeeeyW1rzt/BbSAbo4OSZw==,type:str]", "pgp": [ { - "created_at": "2022-02-03T14:44:49Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4Dgwm4NZSaLAcSAQdAM+OkIgQ+f3RN3I3Hmxg+KXwClm2G1vMDuPGRmA1X2zIw\nJKdwmkNX57Xa6KVOqOMwIt4GJxZe0ZOs5v9l3fcULpSZe9WZf3uQKHU27iU4SZDy\n0l4BT3EoOwoE4qKEQWlHBLCctHsIekfaelvztqKZBc/xulCbske5ccsqtpmBhSXc\niM7ZHvhf9/FgKmqAX/X8wpyVm5Ws/54sWeucXNx8r3s1BScUcyAopjlvvdKRcSgj\n=0sBo\n-----END PGP MESSAGE-----\n", - "fp": "F1AF20B9511B63F681A14E8D51AEFBCD1DEF68F8" - }, - { - "created_at": "2022-02-03T14:44:49Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAzkA7oGeASZcoz766pAaGRLJfbk2iS+mvPZLVFVMDdF4w\nMMrVGjowWKqWi7tq63g66caN7fPaBSVkQsEnIy7Ad5dopKXYl4Jab7nHVHo1wK2i\n0l4BqxfNxDENQ28qjnhUOR9qRm/tGkVhOmzsEm398fGOSUXoVc5fZDo8xddx+ohk\nPnSjOaQYlDjCepWeRilcsMGvhVJEj41TPyWeKG6boJ/x4dUTLpGc5oMydyHRxUeZ\n=0KFU\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T10:58:43Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAiQkff1SBFC/IhgcdXnIFcwOUlY5bd+tDy161X7Yag3gw\nrUrCJwLeE3LWzxIO0oUrhe9J73yjbnQadtGJT+MP8WWa88P7YNKxBULXn6Ry20Pc\n0l4Bi/HYhX3T11Z0buR5nqhO/+j2hAUl3qOTYql2qBxqQkgEf4/hDDuEQUe+5oY4\n/S7TtUJPE3xKreWo1byGqevoe4as98Hb6CFjC3MgIGJyyBZBxLABjQAhYEN+NGrW\n=+dMk\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" } ], diff --git a/hosts/surtr/bifrost/surtr.priv b/hosts/surtr/bifrost/surtr.priv index e7f2aeb4..a067e65c 100644 --- a/hosts/surtr/bifrost/surtr.priv +++ b/hosts/surtr/bifrost/surtr.priv @@ -5,18 +5,18 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0cVZBZkVpenFhdkhDd0w4\nNGR0c3B1VldHa0VaU3Q1Vjk4SnBMYzd6QUVNCk1kd3pDMkF3eVEzY1RaZTJZcGlX\nSnlvRHB3Z0NQY3N0Q2VVN2g5c0FxRW8KLS0tIDVrR0Rtd0pWZi9DTDNoUVVhTTZx\nck0wNTBxY3lGNnQvSzJBRHk3Sk53M1EKlf4fWXl3KRm5+9Iyur1KR2+mZLf7mekd\nr58Mc3Q3ancdZ4oGCbQQh3RsvXzwS96+89ZbPQb4pg2svgsabiRndg==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2022-02-06T16:09:36Z", "mac": "ENC[AES256_GCM,data:lzg4JDAyy1tL4dcuima26VWqQmCbr25+8AoecVIctX61V2STXiKzd938bEoJ02UVEPYAUzq+NP5fX6IrggYx2A0tII7oyo92EGBYJsvuCBpZWhZKpniXDsRcQo09PH3QJlJ9liSM8bCf6u//ubGU06xvLldt+g4xvvNOVfqMPSo=,iv:Ya2o/hhg18zp7PqLNSHJAAkyz/Lzibysylqsh0CvMzs=,tag:zeZZ0ilsCa/As7VOSCRgSQ==,type:str]", "pgp": [ { - "created_at": "2022-02-06T16:09:36Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAx1FJFTdMFdAzIAwO1rZ9ikD/cP1nTzfI1wLZf5ufB3Uw\nY8JVtL/aSLaO3tli5eZNuz6tEhTFA0GU8l3c/Ws6ocjC+l3IR5bS2CGZbMHjyIyT\n0l4BgxRFBMFJdpbgpIEPsthgZwJRGNQofSJ7A6/550ekM5b/n77CBZQOHwocuJ4q\n7LCSH6kFUH8GgkSC26OLC8f/QpWr9zTneZP0mBd2CiADDCg6oPI3rGwq6+jQKNny\n=wDDa\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-02-06T16:09:36Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdActA18sJwR4mjwyilHzHHBBuReg88U8QVMLphsqFvHFIw\nV5OTgNNvwiCPHSvGiYQ41Fnxa3VVDu0b3HSsq1Xvf5aFf65cRW39t/JHruwkpd1M\n0l4BbBOw5pksAlRcX25PNIIg7WEq4mlJjCi41INKJ1lF5YEu9kVZHT/+ayU6N5Kf\nVH3I6bpZiIKMc4fnF+yiVbCTWNC3EYTeCpe/ZnM8Gd0WLJh0KsLS+QVzMYagMHNm\n=Cc3x\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T11:01:37Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdA/rzuZLf8FGjq1l33fDEsqqn4iJzzD56NKBunJanRaUEw\nvTIHj6sXzzjN4cDTj6FlMLvR1HA99S6pqgD9a6KwmqjF5oSn4ygrDMhDNqSF/Zvp\n0l4BlzadFI1u3sDaZY6OqFUNYxuAqoam0vpC6bkYwfAwkwToV5V2L4bSDr9Ni30S\n+4m5RGpsJVfeCNn92iyHZtymHm+YQOVocxwr7oSgfQzHjmS8XpYwUQwAMQiMHGBL\n=adEc\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" } ], diff --git a/hosts/surtr/dns/default.nix b/hosts/surtr/dns/default.nix index fbfec256..e79f4bfb 100644 --- a/hosts/surtr/dns/default.nix +++ b/hosts/surtr/dns/default.nix @@ -24,7 +24,7 @@ let indentString = indentation: str: concatMapStringsSep "\n" (str: " ${str}") (splitString "\n" (removeSuffix "\n" str)); mkZone = {domain, path ? (./zones + "/${reverseDomain domain}.soa"), acmeDomains ? [domain], addACLs ? {}}: indentString " " (let - keys = acmeDomain: [(assert (config.sops.secrets ? "${acmeDomain}_acme.yaml"); "${acmeDomain}_acme_acl")] ++ (addACLs.${acmeDomain} or []); + keys = acmeDomain: [(assert (config.sops.secrets ? "${acmeDomain}_acme"); "${acmeDomain}_acme_acl")] ++ (addACLs.${acmeDomain} or []); in '' - domain: ${domain} template: inwx_zone @@ -79,13 +79,11 @@ in { update-type: DS ${let toACMEACL = { name, ... }: - if hasSuffix "_acme.yaml" name + if hasSuffix "_acme" name then - let - base = removeSuffix ".yaml" name; - in indentString " " '' - - id: ${base}_acl - key: ${base}_key + indentString " " '' + - id: ${name}_acl + key: ${name}_key action: update '' else null; diff --git a/hosts/surtr/dns/keys/141.li_acme b/hosts/surtr/dns/keys/141.li_acme new file mode 100644 index 00000000..fbc3cf5e --- /dev/null +++ b/hosts/surtr/dns/keys/141.li_acme @@ -0,0 +1,26 @@ +{ + "data": "ENC[AES256_GCM,data:2y3A/KCH2X8T/g9gVhNQuAHvorebyKnfAZc+kJE5hL06l7xieJsxpj7DBbWjh5y7Ae2fBNMFA1tU9Ig6S3qvjzxlCNQWSpq05GBTiU2AdUDWwn52gztEvNLEpFsdUDyUYZSPLy82dFckyegWuoBQbGe6vOPdXyM4aPCIuj3fp18A6cNSRp4YyERL/JoveLRQYFJUpV5Xr9JyNHj/4hDfikJJMG1OeKqCyeK5BTs6XbLN+70UO7R+orlh2F0=,iv:04N7t7lf0CG6Qbj3VqHmL9l+hl4PK6vahEHq8qJmjOs=,tag:x4H/oiDjvE/NzMKSeMO2NQ==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkUVJYODVrSER0QjFkM3pM\nNUo4YW1NQ2NJdXk1U01vZFNqMVlZWnd6eTJBCm0zZUp6RzFWbmVSLzJUQkJXMCtt\nd2ZwZityQytwMFpNSmRnWjhoVTNKT3MKLS0tIDhhOUowby8yZHJCRUJsWUdpUUkv\nK0xLYVVTUElOY2xjUVlTRzNEbXRpN28KELFaZoTeuDpHxSbUmd2CNRSoXdpar5cl\nbMKg2YRV8E2PvcTkJALk3GKAoFYqhq4WFidL8u44+gcEOuZuXtSJAg==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2022-02-22T14:12:08Z", + "mac": "ENC[AES256_GCM,data:At6rzhjC4EbtTjMaw44WKYNuT2XRniZpDAXGskxi9HW/xIQFghcWlgzXaddev5BUMkitz93gFCFD02YJOzOC12GXjDksoHGtvHKbxmodIgHTbhkXFYLe1JoFPrF14NsiIOmmoqcbrn03+iinNehkbJ2wXEkGyev4IMacQGqV7q0=,iv:7j26jeRvgBrnJRVHYay+3wug+IjOIpjFWLiccXD6Z8A=,tag:esnZH7MLQnqkxNVPdwmx8Q==,type:str]", + "pgp": [ + { + "created_at": "2023-01-30T11:01:43Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdARqDQVJiU556jzyh14VU0PWTwM8duRlyK+hswfrAAlEYw\nd5beRumTiEEd96aOKgOGoKUWrWNs6RSJ0gEox2kV9rmWmgsQciU24PCqMRqSuBH/\n0l4BTuXjqTqe6Q8D3Q3JPvyBb7ZX6TTQcWwROKl92XDwM+skn48/V56icko863ww\n/1wC1bMIkUVNJSRN7Relw50pin1tobDpbSH1HAcy4W5jwWIjxEirpkjGdG9ARF5D\n=5Drw\n-----END PGP MESSAGE-----\n", + "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.7.1" + } +} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/141.li_acme.yaml b/hosts/surtr/dns/keys/141.li_acme.yaml deleted file mode 100644 index 77fbc4b2..00000000 --- a/hosts/surtr/dns/keys/141.li_acme.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{ - "data": "ENC[AES256_GCM,data:2y3A/KCH2X8T/g9gVhNQuAHvorebyKnfAZc+kJE5hL06l7xieJsxpj7DBbWjh5y7Ae2fBNMFA1tU9Ig6S3qvjzxlCNQWSpq05GBTiU2AdUDWwn52gztEvNLEpFsdUDyUYZSPLy82dFckyegWuoBQbGe6vOPdXyM4aPCIuj3fp18A6cNSRp4YyERL/JoveLRQYFJUpV5Xr9JyNHj/4hDfikJJMG1OeKqCyeK5BTs6XbLN+70UO7R+orlh2F0=,iv:04N7t7lf0CG6Qbj3VqHmL9l+hl4PK6vahEHq8qJmjOs=,tag:x4H/oiDjvE/NzMKSeMO2NQ==,type:str]", - "sops": { - "kms": null, - "gcp_kms": null, - "azure_kv": null, - "hc_vault": null, - "age": null, - "lastmodified": "2022-02-22T14:12:08Z", - "mac": "ENC[AES256_GCM,data:At6rzhjC4EbtTjMaw44WKYNuT2XRniZpDAXGskxi9HW/xIQFghcWlgzXaddev5BUMkitz93gFCFD02YJOzOC12GXjDksoHGtvHKbxmodIgHTbhkXFYLe1JoFPrF14NsiIOmmoqcbrn03+iinNehkbJ2wXEkGyev4IMacQGqV7q0=,iv:7j26jeRvgBrnJRVHYay+3wug+IjOIpjFWLiccXD6Z8A=,tag:esnZH7MLQnqkxNVPdwmx8Q==,type:str]", - "pgp": [ - { - "created_at": "2022-02-22T14:12:08Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAvU6MNSb8ky78bJfnRRx14o4rA7Ezylbtc6cFUG+eGAow\nPvRGLI3qm36sDYXo6OHKS9A5DTxIQlQHQqj9U4CHGU/w4X8pCN2ulHkAh767DXV9\n0l4BHa/JTXNklF78vY3zUkySrIueA0QZXvmda2pcd3mO3M78J7812X9jCZ8LwrXz\nR3Wp77iQXW/0Tq83DMEkFwYmueFfZsCtRxQBL5f4NlyuLZizDb2s8YZzeRICz5w3\n=X6zh\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-02-22T14:12:08Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAIbKybblH4bBEhKyup4r+KzKdHLZhBmR79o5A2DdD1mAw\n4KVInlvs+LAFksp1oCqSLd3r1foM3/QOrDdB1ExwTXrxlTgk/qM9eTXT4gIdXwt3\n0l4B5rqrDzCwp3DE2dC+UuBFB9g9YtF77xpfOFfcGLB3fKsPYEvrK6MwGMJqUtoI\nq19d8Cf/mir0mlYHBN+Vez/8jFi0HmrLlphhf4m0l0/6XNLdRbuSpb5T20ecJM2L\n=nRup\n-----END PGP MESSAGE-----\n", - "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" - } - ], - "unencrypted_suffix": "_unencrypted", - "version": "3.7.1" - } -} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/app.etesync.yggdrasil.li_acme b/hosts/surtr/dns/keys/app.etesync.yggdrasil.li_acme new file mode 100644 index 00000000..06f3e299 --- /dev/null +++ b/hosts/surtr/dns/keys/app.etesync.yggdrasil.li_acme @@ -0,0 +1,26 @@ +{ + "data": "ENC[AES256_GCM,data:YW/R3Bi4IDGNBxtUFh9h/9i/kQaQTVQN019NDNQsGVBOFQSZxvy8+RBEfmZO1bvAYbBuQ72ksb3+dckupm8BQaO4lxsCZpGcPmDrWpYal4hirJAtiJ374j9jGTFVF0x7z6lb8B3aZ5Ztkov6ZxLLiXAEZ1owufKCYeqyemzuEUPPvrfAvF14vg3kqcr2OfeLE7XdMMMu1/ive5C2QGsKekRqJNDbO2iiWDaTFCY3N9Rqja895Of9lzUGNjsWhnNsZLzpEvm/NPFKAmStRq24XGk/KIxGoxBCLZYoCaqZNJ0=,iv:xWYRqkW8Oyple4EQegxx3Y+fwlm1ghm9pbP59UmM1bk=,tag:371XtqRpcbCLcDSJ0xtGgA==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwWFAwQU1TaHBEckkrdlhH\nTTJ3QytZekxMMVVLRzJGbWsrVHVNSXV2UUhJCmYzL2NoNlcrVmI4Q3JibnFKYllK\nTDB0V3JaTU1aU3NURFM4SW51WGJTOFkKLS0tIDd5dFFvK1U1ZHR2TGV0cHhLbjdG\ndzNVdjZLSGJuSTlodXhXOGZ2N0dtSkkKBi+hj5oekvbUaohtKWsHqPYQyOrer7jc\nGKsAbYaLk6YJSYuuntLLVtUiszXck6gceLa8A/vQd+aTmnQxv9Gr8A==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2022-11-09T19:02:47Z", + "mac": "ENC[AES256_GCM,data:1/v1EB5lz/cwKcUuOPVVXPBtEnTmFrZj0hTGv5uQEVU9fd66muY3J6HPEvS68g/YBaaYy6V2QLc2lDwbu9amaukqE1Mq7sv51kSPp7jQs7u91BKfN5K3OtCipFxG1fwjqY4k7zliaYESLwrQWXEhFz3k/nPT9xD/nDNc/czQi3I=,iv:zNUpuirl9gZp/kr/NdO3a6ibjX6Itc0JBpu/xxTpMAI=,tag:0twXpUS+/YCpSxZBfojQ0g==,type:str]", + "pgp": [ + { + "created_at": "2023-01-30T11:02:01Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAGSr83sNLgYxqN30jXwcCZRCWhROt5jmiW5pvL5ymER8w\nN3zsTpEfXBrPkHQif8utSBs5Lygb7g2CuBU7xTPPmqtIM6M+6tdicGGeHMSZHNq2\n0l4BSUEo1ErdwVLaxewsjb18zbxOZCm75ZbaO84zVdqKzIXx6gy1drdPajr9LhpM\nezWdxI3JCVIBEip3++grsIOYH1aThMAp8L2cyk2du5OUFk/ZDEJbh02gQfOniBYJ\n=81G9\n-----END PGP MESSAGE-----\n", + "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.7.3" + } +} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/app.etesync.yggdrasil.li_acme.yaml b/hosts/surtr/dns/keys/app.etesync.yggdrasil.li_acme.yaml deleted file mode 100644 index f8e0794d..00000000 --- a/hosts/surtr/dns/keys/app.etesync.yggdrasil.li_acme.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{ - "data": "ENC[AES256_GCM,data:YW/R3Bi4IDGNBxtUFh9h/9i/kQaQTVQN019NDNQsGVBOFQSZxvy8+RBEfmZO1bvAYbBuQ72ksb3+dckupm8BQaO4lxsCZpGcPmDrWpYal4hirJAtiJ374j9jGTFVF0x7z6lb8B3aZ5Ztkov6ZxLLiXAEZ1owufKCYeqyemzuEUPPvrfAvF14vg3kqcr2OfeLE7XdMMMu1/ive5C2QGsKekRqJNDbO2iiWDaTFCY3N9Rqja895Of9lzUGNjsWhnNsZLzpEvm/NPFKAmStRq24XGk/KIxGoxBCLZYoCaqZNJ0=,iv:xWYRqkW8Oyple4EQegxx3Y+fwlm1ghm9pbP59UmM1bk=,tag:371XtqRpcbCLcDSJ0xtGgA==,type:str]", - "sops": { - "kms": null, - "gcp_kms": null, - "azure_kv": null, - "hc_vault": null, - "age": null, - "lastmodified": "2022-11-09T19:02:47Z", - "mac": "ENC[AES256_GCM,data:1/v1EB5lz/cwKcUuOPVVXPBtEnTmFrZj0hTGv5uQEVU9fd66muY3J6HPEvS68g/YBaaYy6V2QLc2lDwbu9amaukqE1Mq7sv51kSPp7jQs7u91BKfN5K3OtCipFxG1fwjqY4k7zliaYESLwrQWXEhFz3k/nPT9xD/nDNc/czQi3I=,iv:zNUpuirl9gZp/kr/NdO3a6ibjX6Itc0JBpu/xxTpMAI=,tag:0twXpUS+/YCpSxZBfojQ0g==,type:str]", - "pgp": [ - { - "created_at": "2022-11-09T19:02:47Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAwgUrKA64oejQmFVmq/vVXUtB0cA1QFTD9tYjc47x+zUw\nwClB436nZMlbuVAltWoMwaW6SOF2I6pcl10j1mU2tSBTnAFmhYUKstYNN1QaBcsj\n0l4By0ALjyRuRkvhZI1Tx3pUJ25P4mGux5dIYPbM+tDcb8hwfmCBig6NG47HH3xp\nPxWXzP6LNFkAAzpZidkv9RaI1XDezbqweMHVTOMfgnaQR35bIbFKDBEd/Y7AvGOT\n=P2yg\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-11-09T19:02:47Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAbP0iUr2BYsdWpD0m2W4S8aTz8t4dp9mY23qAY5vbGV4w\nxETSJs6Luv32fHpG+kUFkNKIkkpte7Yq3qtxpFoIKroZAGR3/mXB2f0Nd+BKbDZy\n0l4Baouvj8guk0BxywGDyW3V88qMphaGxAwgVsZSiZ9++HxhGHu2fAozJdsJNNtv\njtQI/IM6TaR5/Ib5NxEZ2zR1AguaoI7iDIPhiLUwZmzk95/+xbNwo/bVjHXyh6vA\n=zxXy\n-----END PGP MESSAGE-----\n", - "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" - } - ], - "unencrypted_suffix": "_unencrypted", - "version": "3.7.3" - } -} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/bouncy.email_acme b/hosts/surtr/dns/keys/bouncy.email_acme new file mode 100644 index 00000000..e3175138 --- /dev/null +++ b/hosts/surtr/dns/keys/bouncy.email_acme @@ -0,0 +1,26 @@ +{ + "data": "ENC[AES256_GCM,data:+wtxY9yDbNOOorVS7Aur1hJjoRSEygv8kyaMT+9zb4hQ0hhaoLMnkKfB4qR56wOvAy7wvW1OhFhICe5Ii1GDEEHWiRXGGm4mICt+DG4xvqYD1uNUWGdwRNWyv1PPfpjV33/rALanlGqvD6K2hMQAKDzWgrI0oIh13N6v+8R13sC+YtcoaKmt+i6w4Pby3w5TmaxZD0Rfm7PcYz+ZOR+552E6y5OZ+69Kb1wFrDWhYrPBHy8zsV2VcQYgzsB0MUgwjpRtz5j1sbA=,iv:5axeSwNOy/Mbk2cLXCb2hyIhhMmufWMmGIBseIoAq8U=,tag:L3qS4esYwH6rLTHclRk0VQ==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPSGFOSGgvRmZqUktoV0sy\nZTF2bEhpc2R6NmdPdzh3eDd4SWlaeVZKazJzCkQ3RzQ4LzNrZTZKRXlhNUZMbkJ0\nZUV1eWJudjNzYTYydXFPTnMxV2lsWEUKLS0tIHRCSHFyaEpnVG9tSUdSTGRsYUNS\nTzhXNm9vWFRmSmgwSUdTNndpaVZseGMKDRmEUPX6h2+IIvgFvfQK3GeqFi40FSqq\noj5lJktuddWXFRsoG9+MkjSecBEP1nIq9eeEuhEGhwaH5AYAsF2cKg==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2022-05-05T09:11:47Z", + "mac": "ENC[AES256_GCM,data:BeR4eZ9AR8YGYy7eulvod4QwmFlstjS/ic3EIOpNaqDdeHCz5QCWM2+kR47ZQanSmVP1bFrIrnqIbL0lQXhX5a3mclFla61piC1oUELWXcn6jj6kd9QOZx9ZU/VlcKJEtt82nEXb7y8SEbiEHSs3btmAY9pHtYgLB/5grhBVnm8=,iv:3TEVp5wgtem43WEdh7LpMF77cSoP/+FjcH3oHnmmS4o=,tag:JceRss6y1lUbyem3Rqmd/w==,type:str]", + "pgp": [ + { + "created_at": "2023-01-30T11:01:10Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAFiFczzTNmUDPwddTn+X8kQzIzVaVYM3noIn3zwl+63ow\nMH+cdM0DZGr7jFqWMRk08qUBG3KfD9quoE77DGRh+ro6k/VLmtNK6n9m0NFWwWCX\n0lwBy/r6k+gk2d/lP3d+GBZao7VL0vT4XHyxMg6nfVjhjiqJskHm9A9/6hHOUosd\no1mNt4es87KNqsxJQ5awdaauUb3/G2c221jf5ewmUOpFmnonyHEmNTHFkK4I4w==\n=tUv8\n-----END PGP MESSAGE-----\n", + "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.7.2" + } +} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/bouncy.email_acme.yaml b/hosts/surtr/dns/keys/bouncy.email_acme.yaml deleted file mode 100644 index ef900376..00000000 --- a/hosts/surtr/dns/keys/bouncy.email_acme.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{ - "data": "ENC[AES256_GCM,data:+wtxY9yDbNOOorVS7Aur1hJjoRSEygv8kyaMT+9zb4hQ0hhaoLMnkKfB4qR56wOvAy7wvW1OhFhICe5Ii1GDEEHWiRXGGm4mICt+DG4xvqYD1uNUWGdwRNWyv1PPfpjV33/rALanlGqvD6K2hMQAKDzWgrI0oIh13N6v+8R13sC+YtcoaKmt+i6w4Pby3w5TmaxZD0Rfm7PcYz+ZOR+552E6y5OZ+69Kb1wFrDWhYrPBHy8zsV2VcQYgzsB0MUgwjpRtz5j1sbA=,iv:5axeSwNOy/Mbk2cLXCb2hyIhhMmufWMmGIBseIoAq8U=,tag:L3qS4esYwH6rLTHclRk0VQ==,type:str]", - "sops": { - "kms": null, - "gcp_kms": null, - "azure_kv": null, - "hc_vault": null, - "age": null, - "lastmodified": "2022-05-05T09:11:47Z", - "mac": "ENC[AES256_GCM,data:BeR4eZ9AR8YGYy7eulvod4QwmFlstjS/ic3EIOpNaqDdeHCz5QCWM2+kR47ZQanSmVP1bFrIrnqIbL0lQXhX5a3mclFla61piC1oUELWXcn6jj6kd9QOZx9ZU/VlcKJEtt82nEXb7y8SEbiEHSs3btmAY9pHtYgLB/5grhBVnm8=,iv:3TEVp5wgtem43WEdh7LpMF77cSoP/+FjcH3oHnmmS4o=,tag:JceRss6y1lUbyem3Rqmd/w==,type:str]", - "pgp": [ - { - "created_at": "2022-05-05T09:11:46Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAN7OICwH4WzjRMo9QTW242OioK0RQufqkN/KbUQUDPyQw\nXvLmJlDZeNKDDw6KWkbb7ZNZuNF1i43BkrwfOQmYAhDDH4Y+vPYhWK6x6umxULko\n0lwB1J0TOLS17TkTO8atGrGo++hu705cokSQ84mpcercl66d7OzpI5N7I0MhM1A2\nfVdlvj7QNM/AnwXYOpxLeoUJl7D3gL/c/LA9/+5WDOMvNQLDgZI8h72J3q10Aw==\n=EdX/\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-05-05T09:11:46Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAmsryLbhFP1Ac3Y5+ROeDOfiNS1E7veMwxHf9S1sZflEw\nQ4/524tpAa8rgikNV5gmVKE4UVxYrLqwJItskzOML8OMqW5QGVKtHweSvPcMhv3E\n0lwB3pOk770dv0wiyxDl4wEWH/NvK+PWwpvcP4hT7PkLRbaUpov63sj41QOxCQMj\npV/Uvzo5/bKN9ZmF5WfPRmRPRsL8CuZoXEV1F9ZxGFyuRHS4pb4TFLHv+rnbhg==\n=xLXq\n-----END PGP MESSAGE-----\n", - "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" - } - ], - "unencrypted_suffix": "_unencrypted", - "version": "3.7.2" - } -} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/dirty-haskell.org_acme b/hosts/surtr/dns/keys/dirty-haskell.org_acme new file mode 100644 index 00000000..2dd095ee --- /dev/null +++ b/hosts/surtr/dns/keys/dirty-haskell.org_acme @@ -0,0 +1,26 @@ +{ + "data": "ENC[AES256_GCM,data:Jxsg5dW3bhJKRHvigf9F5xkp+KdOd8OKibc1rKrqzwUPZcdebpzijFQMA5hRHwTJKdoqmk/aWosmqfBgmrUr9lrDQH2g1IzLoLYxLc8ssUuH9T4lLDMkSRa3PjL0jpW5ezDSb2omhE4EAJvRZF2nn1VC/IhKNCpY4oI/bLCt6unPiVYMi1ot+9JAl+9eRJS5UIYWp1DC/0oi8Uv6Ci3VwLmOFg1I/YcvXDkNdi0QpcGH3Ok241/O0HiOSboOfqCIwTy5v4P+Poko3dl9t3SkZK65,iv:HC+PzqqLgLWGijHYDC6MvIaB8T/sI1c6vTCf10DApFg=,tag:75fmY73TKw6bNz/xJp8q0A==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXNXRsMWYwYzUvMlRoSUhv\nblRrNUJBbm50SlcxVW9WL1Fqd1ViUmVGV3cwCkFxTGlFWGNrWER4VDNEWERVWmJr\nUE9kWk45VjZRNWZJYVBvSmk2MDcvQWsKLS0tIEszWkVDbDNXWVgyUUk2VmpkYXR6\nQk92ZFZvSVkzWkFISUY0cnpzSllMQXcKhqp1c03vV/RfZ7vubG/uVJC5jvhQRgR0\nq2ipHuhMfDsvDQqnpfuhtbXSjtLtCOIezYuaDTJAeSwcg0qWBEY63Q==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2022-02-22T14:20:35Z", + "mac": "ENC[AES256_GCM,data:pbKzZIor1lRxI20O4yi+h2Vk6yOL1MtTstx5A4Byul06uZiGMrNMFyBaVvGbb8evch9ptYm4TNiWZ3T8xHYTwy4HGV5HgOOqY2vJNwTSJ6Yi0F34UCQMIPnXHT/sqL+T1/etV5zY1eQhH6L7lXPtIh7TiYhV8o5y7tpSwhq2RUY=,iv:ZYhhncJv4AOkKDon/DIAYJUgDN4C/iVyukMDaqzu3k8=,tag:v2U/hTaRxk47UG+E6D4ExQ==,type:str]", + "pgp": [ + { + "created_at": "2023-01-30T11:01:59Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdApov7yUTmjSUbIXopLSpmMECywQK4ApL+We4MZ7U1bwAw\nLf5btEfenwECDR3Vzl7Uqx1RbfOb0XzMaS23XVdXUkNn+6KnKGGngN+Y/HkQ0GHl\n0l4Baul/OBUAtDpNYXn633PA3BMzoyL01FExIvArNOZuqrtTkrdLDgEC99bd0Cml\nwo5cz7ZDNM0+hSCNLy5QdKKjFB50NSinXXrQW3moL1CIHrAWBG34qlfVXuoMZvg2\n=Bxpm\n-----END PGP MESSAGE-----\n", + "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.7.1" + } +} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/dirty-haskell.org_acme.yaml b/hosts/surtr/dns/keys/dirty-haskell.org_acme.yaml deleted file mode 100644 index 0037910f..00000000 --- a/hosts/surtr/dns/keys/dirty-haskell.org_acme.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{ - "data": "ENC[AES256_GCM,data:Jxsg5dW3bhJKRHvigf9F5xkp+KdOd8OKibc1rKrqzwUPZcdebpzijFQMA5hRHwTJKdoqmk/aWosmqfBgmrUr9lrDQH2g1IzLoLYxLc8ssUuH9T4lLDMkSRa3PjL0jpW5ezDSb2omhE4EAJvRZF2nn1VC/IhKNCpY4oI/bLCt6unPiVYMi1ot+9JAl+9eRJS5UIYWp1DC/0oi8Uv6Ci3VwLmOFg1I/YcvXDkNdi0QpcGH3Ok241/O0HiOSboOfqCIwTy5v4P+Poko3dl9t3SkZK65,iv:HC+PzqqLgLWGijHYDC6MvIaB8T/sI1c6vTCf10DApFg=,tag:75fmY73TKw6bNz/xJp8q0A==,type:str]", - "sops": { - "kms": null, - "gcp_kms": null, - "azure_kv": null, - "hc_vault": null, - "age": null, - "lastmodified": "2022-02-22T14:20:35Z", - "mac": "ENC[AES256_GCM,data:pbKzZIor1lRxI20O4yi+h2Vk6yOL1MtTstx5A4Byul06uZiGMrNMFyBaVvGbb8evch9ptYm4TNiWZ3T8xHYTwy4HGV5HgOOqY2vJNwTSJ6Yi0F34UCQMIPnXHT/sqL+T1/etV5zY1eQhH6L7lXPtIh7TiYhV8o5y7tpSwhq2RUY=,iv:ZYhhncJv4AOkKDon/DIAYJUgDN4C/iVyukMDaqzu3k8=,tag:v2U/hTaRxk47UG+E6D4ExQ==,type:str]", - "pgp": [ - { - "created_at": "2022-02-22T14:20:35Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdA/I9pk6iikcFckUsUigf3MJSL1JN6HHUIG/PKeOoEMx4w\n6MoYrjveZeXJbQLJHEVwkanElOfmb7jNFfDQntu6VIEwxvb2vdFDY43JgX6SAuLf\n0l4BvsQcSIPm/3jZu14kLjZgK/S6wrQKbUmymLVQSADwYP2sq+u710bYnRk/QxGG\nRwo82yKyBAZ+EK4DWxB6VtAry8LBYlKY8uhJ17f1/95tc+GeuHEEqzcllz+le67l\n=AxIv\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-02-22T14:20:35Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdACQne60rRG40kMku2GFVQhsrpa3RLAgjJGt2oPKrkgQ0w\nVWHpGyfpg0urSkS7+qecfhqeKAkaQ6CF2F6w2fCgn6Xdw28vs4pro1lHWhwYD+XT\n0l4BtxoVpKHysoL4qO9dQLjwAjHAcYnMPaNONIQMvU8DNrJ9ZiHkzJZPNQOeYL97\nEJCWUkR7V0OP8syMIKy37ii3l2aJd58w1DUd90BwvBrv5JBbNxIPalhZKULWI96U\n=dovS\n-----END PGP MESSAGE-----\n", - "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" - } - ], - "unencrypted_suffix": "_unencrypted", - "version": "3.7.1" - } -} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/element.synapse.li_acme b/hosts/surtr/dns/keys/element.synapse.li_acme new file mode 100644 index 00000000..43a57e94 --- /dev/null +++ b/hosts/surtr/dns/keys/element.synapse.li_acme @@ -0,0 +1,26 @@ +{ + "data": "ENC[AES256_GCM,data:RTDtH+0lW2z9fuSqIVkjazSDMj34Qg2bPOpySNguEnBxLq76FEMGAR+5epI25vqgTJlWb8oBbyIo5tQLQ6vEkZ4uXm694e9Zm41mcwdMFDbvYW8m1hMwLoM4QptSIrSkUEq6s7aGiY/qiTYUpAdhEGcYyGLMbw21ibp/af208MJVpJa6LErl9G0xVvWaPEOd9Lc1LqGAYYaJHFBW15/ML2wtiFWxfDAdk4PRWFX/lwSAGScmmUIhJr1+4loPTkWTjo7pudZ+O+15N8r2CXO09G0e/is=,iv:xvIg4V+QJdiddrsTVWm0Y1oZboByNtyU52cy/hu7neo=,tag:Oswkdv6eDcd8M6kDaFrd1A==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBlaEMxMHJkM1d0OUwxZnRa\na3RjaU55Yk1mb3ZlZU5NN2JjcjZ0bGNVSlFvCkJmZXdiVWZxUWViWUtxZTZZRXds\nRS8vMVB6Vzl2ODlZQitnNjVFNDFLWkUKLS0tIGNLUEd4a0pDZUJTZ05IeHlraFc2\nUXMrYUltb1hRVVp4a09yZkgvYmpWU3cKYD9lvi2BYSdhy6OsO2oYvNzlO60JF1jR\nce7+krZMaBv/xz19zULsgGD7fk3tkMyJSjFvioezZKNgItEHIkuL9g==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2022-02-24T20:22:12Z", + "mac": "ENC[AES256_GCM,data:M+IxhSEaBsmZzkE8/g38IqnRP1v0NKwa9i7oZnn3LWYnfFT9xkbHq25GHTFt+0XNSa0CT1zpbvqHl1sGL2OgAY9aWIICVFRaikuxPGF5mu6jFn634THzMggCz9u6aOQUjYIBJITaEYkXGaMqy9/+fmb0gM8/P8ruPa0+0HHy0es=,iv:Ga9soOAqGWqr9ndFGOg0+4qU52nvh+wwOXFTr4MhJUg=,tag:W7y5SUhnf6yxhNXkJA9QzQ==,type:str]", + "pgp": [ + { + "created_at": "2023-01-30T11:01:16Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAUkFzMZeAk3QB6ajpUIJ0icHIgp25ocbWfCWyphJxHWgw\nnJ2wJoioURiB1wF3ytjKb8Ix0aD16AMQkJBydKQ6Xn4GdvEcq54V/ds6NI7gU3ow\n0l4BY2WV289DsMqYmkTfg4f3390syJ4qPEOJH1wqTQPALAZv4sYqbUfRlYAcsrcR\nKpBDnWBH8kOoJaGEzRXOTniB7sGGO2a6Sldf31ldnf7rQOGEpdEP4RGqmEba8mIJ\n=k8Q1\n-----END PGP MESSAGE-----\n", + "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.7.1" + } +} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/element.synapse.li_acme.yaml b/hosts/surtr/dns/keys/element.synapse.li_acme.yaml deleted file mode 100644 index 2835a7d0..00000000 --- a/hosts/surtr/dns/keys/element.synapse.li_acme.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{ - "data": "ENC[AES256_GCM,data:RTDtH+0lW2z9fuSqIVkjazSDMj34Qg2bPOpySNguEnBxLq76FEMGAR+5epI25vqgTJlWb8oBbyIo5tQLQ6vEkZ4uXm694e9Zm41mcwdMFDbvYW8m1hMwLoM4QptSIrSkUEq6s7aGiY/qiTYUpAdhEGcYyGLMbw21ibp/af208MJVpJa6LErl9G0xVvWaPEOd9Lc1LqGAYYaJHFBW15/ML2wtiFWxfDAdk4PRWFX/lwSAGScmmUIhJr1+4loPTkWTjo7pudZ+O+15N8r2CXO09G0e/is=,iv:xvIg4V+QJdiddrsTVWm0Y1oZboByNtyU52cy/hu7neo=,tag:Oswkdv6eDcd8M6kDaFrd1A==,type:str]", - "sops": { - "kms": null, - "gcp_kms": null, - "azure_kv": null, - "hc_vault": null, - "age": null, - "lastmodified": "2022-02-24T20:22:12Z", - "mac": "ENC[AES256_GCM,data:M+IxhSEaBsmZzkE8/g38IqnRP1v0NKwa9i7oZnn3LWYnfFT9xkbHq25GHTFt+0XNSa0CT1zpbvqHl1sGL2OgAY9aWIICVFRaikuxPGF5mu6jFn634THzMggCz9u6aOQUjYIBJITaEYkXGaMqy9/+fmb0gM8/P8ruPa0+0HHy0es=,iv:Ga9soOAqGWqr9ndFGOg0+4qU52nvh+wwOXFTr4MhJUg=,tag:W7y5SUhnf6yxhNXkJA9QzQ==,type:str]", - "pgp": [ - { - "created_at": "2022-02-24T20:22:12Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdA3uYKDAg2a8ybbl8+CWTG5JGrpSaK10MRn6U+7+OjfVww\nGpuUxXdtZNTdluD4oMbnTLd85mhV4cuCLawk9uUAEJDXgVnxf/JtlvQxESuDX24Z\n0l4BMwoclLzAfflqGmOOopodFpU6841Xa6SD7T9a6YA1uwJxUmt9qCAogAs34d3i\nNcf0NI3Ysmu0bwcVAMwHRkfI3DYn4YpwVkkHmXVH5n0TepzZ38+7DN2CdXEjIN1a\n=mcXf\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-02-24T20:22:12Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAeaMxIbBT/u8dnmI4SV3MC7p0XsHPdxNWZFJitsBj2TAw\nA1wLYBpbKPF+JFf3VF1FhozlA3cdxvFubDtOLCv95k/X/fqVgXi6DhQKRTD/9juh\n0l4B05OGvMUGTfZul/9xBChi0eTQEY7QA9XfKMqncKlXaCdP+iUTiGdtO1LGB7M8\n6fpufAHsp/nq0vZEs5AbMsE9pEiJOSNL5vQE/TIHzvMR+NElQ6rwBAgrxZoBNYmy\n=Ue4A\n-----END PGP MESSAGE-----\n", - "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" - } - ], - "unencrypted_suffix": "_unencrypted", - "version": "3.7.1" - } -} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/etesync.yggdrasil.li_acme b/hosts/surtr/dns/keys/etesync.yggdrasil.li_acme new file mode 100644 index 00000000..acdfc884 --- /dev/null +++ b/hosts/surtr/dns/keys/etesync.yggdrasil.li_acme @@ -0,0 +1,26 @@ +{ + "data": "ENC[AES256_GCM,data:9VkwZFnF/WJZx4eHBV0psppNd+XbtCO3flQeO9YIVLYA7Hlyu7YZKkILgQDheHN/KjKfuRXsXUNjojEGgkyzU3Hc03LUQkrF4dFP99/Fqwjl9TUWKHPPxCXKPzEuEpJI3krwFOLWoD++aGmQKzAW4vG9oMF4vErkzUAchxfvVnC6TiswuSAsOF34/A3JP4dZKo78iMf90MhXSrqzQ60tUSrSGUBipBne40a5kVHw6Jc4N5zUemnYAInftIvQ+8VKhxhIxLIPrYslM159w0HgTta2Jio+6UHq,iv:UwDkUeaXY6IrVJf4BxPy52ssE32AiKkpWSOj8JeZrTw=,tag:Jdz4tOhu41kjGbBOMqQC1A==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwQTBudzdBa2luZlR1Wmd6\neDgvaTR2eEMweW1TNlAwUG55aHhJc2lpYUZFCjI3bk91dmpFWTFobzRobWV2YnRo\nV0RqMW1heGVoSTJNWTFFd0JCUjRPVEEKLS0tIGVsUFVUeE5DTnBTaGtuTFpySEFj\nNTRQRFFIMjY1UWo3TFZ2YjdWbnh4M3cKsGlFvuC5DNex8uPOT/pDCvyrx4mh5Tcs\nIZ1bUZTCpuBYmtVLelGWzmLJWS6wIsZxTIjFYAGoCrKYwBIbqeRBEQ==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2022-11-09T15:58:56Z", + "mac": "ENC[AES256_GCM,data:bLVoRyiCj/t39dC62YuhwDlpVdniufta6wie+bTD3CmC7RxFrSVTIuRZbKlYgue+sxhtIsG2AaO4/FrpFGm9i3tQAi47wHMhr4NRtxXYALAiBKgREjap1q19ePMeN9vdbdxB2SsnnJBhlRAsZzyFqoeKuo67pEWWPuwJz3QXSGI=,iv:fmr313AD4xbQHNP94HLzKzVTGdL7E0m0u4F/oQay/2w=,tag:gs7GWUWuCISO0WVu/C+wuQ==,type:str]", + "pgp": [ + { + "created_at": "2023-01-30T11:01:12Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdArW+prJ5AgMLqh7Z6jPV+mdtusyov1t05Vm9O5q1QMBAw\nQPxCVm34VDbTeTxiCLHK9OEmZBhmri5Gz7Lqyt44QhD9l4OILESWy9PV8FEcrC8E\n0l4BYr81bqmqYyo8Qbpjj5LSe6jtKGFYW8tNQgO2LmbWluo/K9iUFKWmXUaVGaCE\n3Hbrl+OcMA3/q4Gtd1B1wFRfNCeI/6cAvJPZ6wUo55/FTw2KuHINjldjyA9MgW3x\n=ENw9\n-----END PGP MESSAGE-----\n", + "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.7.3" + } +} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/etesync.yggdrasil.li_acme.yaml b/hosts/surtr/dns/keys/etesync.yggdrasil.li_acme.yaml deleted file mode 100644 index 1c588b07..00000000 --- a/hosts/surtr/dns/keys/etesync.yggdrasil.li_acme.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{ - "data": "ENC[AES256_GCM,data:9VkwZFnF/WJZx4eHBV0psppNd+XbtCO3flQeO9YIVLYA7Hlyu7YZKkILgQDheHN/KjKfuRXsXUNjojEGgkyzU3Hc03LUQkrF4dFP99/Fqwjl9TUWKHPPxCXKPzEuEpJI3krwFOLWoD++aGmQKzAW4vG9oMF4vErkzUAchxfvVnC6TiswuSAsOF34/A3JP4dZKo78iMf90MhXSrqzQ60tUSrSGUBipBne40a5kVHw6Jc4N5zUemnYAInftIvQ+8VKhxhIxLIPrYslM159w0HgTta2Jio+6UHq,iv:UwDkUeaXY6IrVJf4BxPy52ssE32AiKkpWSOj8JeZrTw=,tag:Jdz4tOhu41kjGbBOMqQC1A==,type:str]", - "sops": { - "kms": null, - "gcp_kms": null, - "azure_kv": null, - "hc_vault": null, - "age": null, - "lastmodified": "2022-11-09T15:58:56Z", - "mac": "ENC[AES256_GCM,data:bLVoRyiCj/t39dC62YuhwDlpVdniufta6wie+bTD3CmC7RxFrSVTIuRZbKlYgue+sxhtIsG2AaO4/FrpFGm9i3tQAi47wHMhr4NRtxXYALAiBKgREjap1q19ePMeN9vdbdxB2SsnnJBhlRAsZzyFqoeKuo67pEWWPuwJz3QXSGI=,iv:fmr313AD4xbQHNP94HLzKzVTGdL7E0m0u4F/oQay/2w=,tag:gs7GWUWuCISO0WVu/C+wuQ==,type:str]", - "pgp": [ - { - "created_at": "2022-11-09T15:58:56Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdATu1XElbAp1jN1ON1K5dOrePlVtucKDXpu1316bi0pQsw\n8YHSJkrIS0LaAGSPnZkNtxXMOWNcmLrbUhDwLcLnmYG2VSv4oaOhgHJ7qHxlwFTM\n0l4B67lzysh5ah1XEQMn5J/tERwHp9S2s5vN61olviMetrlAV6n03JTHjMSsV2nZ\nM5JflAbE3amxEdlAIcKyRh5pcTz1cnwEk5dVQMN6to8alhBOsEd2j40S7ixvuAmB\n=UUbW\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-11-09T15:58:56Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdANUUZ//nrQaWaN09s/He7ZvgVDBNSoSoor5PPpeFkogYw\nxtwRVqp4/bqkiBDk0Szgjna98hnC0LKLfiO1zDDzSZ1c8NhUSo2mI52qnq6PAkOZ\n0l4BlYEjEcCYhuZJrGErzFnxWdPVUlTy/DOVN8AWwJCgvvbKKL0R4As7gwyoGg8a\nAPYgA4J9p62dlTCTHFXZNdQ6Iml/sBcgafcWAq5B6anQ6bmFGUF7s/+ntT5Ergr9\n=LVUN\n-----END PGP MESSAGE-----\n", - "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" - } - ], - "unencrypted_suffix": "_unencrypted", - "version": "3.7.3" - } -} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/imap.bouncy.email_acme b/hosts/surtr/dns/keys/imap.bouncy.email_acme new file mode 100644 index 00000000..c5c8bc5a --- /dev/null +++ b/hosts/surtr/dns/keys/imap.bouncy.email_acme @@ -0,0 +1,26 @@ +{ + "data": "ENC[AES256_GCM,data:xcDcVLIIZXus19oDIoFvZsyy0XUN26/B2yFQpt/apVBmhxC4qmHf+5SuzXx6KnL+LRCFnh0kxw5NUnLFaADUesUAWSBTCMLyirIT37NMUNAnGcP8ikqmOk2HUHE8/3BSER9Sr/9bXhA4ikzJnWVOWGJ9lT6qkw+DUHihundf+tHKnutxP/CoXM84T0YU4U6Jzw55BhyavaT7hSjm5Pa/CmvzUfu57GK8LBQchULqPXL1/GkcZbm/BJwI2RrYkhZG8CieRiey0WaD16qxsJ4lnhSb,iv:Spb+VtjR0XEj0HldOFNORYFbPDPeS7XgTdqZPi45wuw=,tag:QRQfOTwuh6lWJNrXZkNl0w==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBqSlEvWVFxWHZFSUNpTE9C\nRUJrK0ZiNjM0eVc2WUVBcGFsYVF6TUNGOENnCldHc2g5RXNsMkVUSlJBZHBERzRQ\nTEpvOG0yOXVrdmppUzdveDI0OXNuaXcKLS0tIG1jV0M0SWhra3ZDekp1RW45Skhv\nby9LSGxrREM5QmJndENvM2U0QVV0WXMKNGzUHR3PueOUL0/ZJHtKtU8phZCsxoEi\nzwxmNoMM/AMqGUJ+6KP0BXqm28jhEsdMD9/lf6Y+uIsXI5rt8kVSLg==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2022-05-05T11:44:35Z", + "mac": "ENC[AES256_GCM,data:fQmb4Az33ypsJowyPrwBlkDYDNNtJWev5RzOQdvk3FOXINfeVXqBqRmK/FqYTwonWg+oQ1j7HptvEHXnNBXyHSjLs0eBNUwQAGDVYCQO2zGwmvwnRoyvSfgqESAeSWKMhzHvEA67dAm8l1HZuAXOKpnfMF2y2Z2bD4t6Ipz1FOU=,iv:UzpWjwBiC7te1IxneH/rueVKyRQ8IulRQYAQ9AybueI=,tag:s+FpPWQ0qu187LRcFb+7eg==,type:str]", + "pgp": [ + { + "created_at": "2023-01-30T11:01:18Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdA0kv4q/YOTY8E0xl+Ppnx71EkCC/4gCYgb4MxhyLkdn8w\nQ/56uGmVxl+WYRHeuc19fN8JhMGkWIIbfLJhnTGfMOFOrWaF0iELA9lYTzAEIxUU\n0l4B5tR2sMveRv7kRfquaH5al1Mtq3JEehu6NoQq1+ASUyGqo/TYH074R5ijjfuY\nl2Cxd6OV7biEiD9Vi/uwxva/+iGboTi0N1p2MXPBJ1e7yvxOQyVjRkJ0pvZMMjn5\n=xakb\n-----END PGP MESSAGE-----\n", + "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.7.2" + } +} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/imap.bouncy.email_acme.yaml b/hosts/surtr/dns/keys/imap.bouncy.email_acme.yaml deleted file mode 100644 index f57a5b9f..00000000 --- a/hosts/surtr/dns/keys/imap.bouncy.email_acme.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{ - "data": "ENC[AES256_GCM,data:xcDcVLIIZXus19oDIoFvZsyy0XUN26/B2yFQpt/apVBmhxC4qmHf+5SuzXx6KnL+LRCFnh0kxw5NUnLFaADUesUAWSBTCMLyirIT37NMUNAnGcP8ikqmOk2HUHE8/3BSER9Sr/9bXhA4ikzJnWVOWGJ9lT6qkw+DUHihundf+tHKnutxP/CoXM84T0YU4U6Jzw55BhyavaT7hSjm5Pa/CmvzUfu57GK8LBQchULqPXL1/GkcZbm/BJwI2RrYkhZG8CieRiey0WaD16qxsJ4lnhSb,iv:Spb+VtjR0XEj0HldOFNORYFbPDPeS7XgTdqZPi45wuw=,tag:QRQfOTwuh6lWJNrXZkNl0w==,type:str]", - "sops": { - "kms": null, - "gcp_kms": null, - "azure_kv": null, - "hc_vault": null, - "age": null, - "lastmodified": "2022-05-05T11:44:35Z", - "mac": "ENC[AES256_GCM,data:fQmb4Az33ypsJowyPrwBlkDYDNNtJWev5RzOQdvk3FOXINfeVXqBqRmK/FqYTwonWg+oQ1j7HptvEHXnNBXyHSjLs0eBNUwQAGDVYCQO2zGwmvwnRoyvSfgqESAeSWKMhzHvEA67dAm8l1HZuAXOKpnfMF2y2Z2bD4t6Ipz1FOU=,iv:UzpWjwBiC7te1IxneH/rueVKyRQ8IulRQYAQ9AybueI=,tag:s+FpPWQ0qu187LRcFb+7eg==,type:str]", - "pgp": [ - { - "created_at": "2022-05-05T11:44:34Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAl2GftHJU72CZwTRupXE9S1Z/w7vwrRQlFrme9woZ2QUw\nvan+u4DvpbWsv8jH4rPERxz7aIHcIUMnnDHMls7Ma8rqwE4GzjBnqJ4afYEgbUyc\n0l4B9IVHcML8hwLMRnox+/+DqMw9QJALjiLshid+6lxQOjiKj7AvLCsMA3llsT7H\ncyGwyhm99BaLO48zsXlSmGgg2/YSTPuiJtddwp9CWv0oeOrySnw5Rk0VqdVTzreK\n=EV9D\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-05-05T11:44:34Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAHdryYLAJhmbfQOq+tXxuuOYuB2stUUnq8/lRg6/nDyMw\nMeq1lqDPZmqcMGPuz1gaopZ+I30FBdASTaLMt2jPhd09mVccpY0nFuyvjJHHV32R\n0l4B2kHMD+NWtWCxPWGAUYBHI73xggVNMkDbr2FhwJgruN/4WRNGlgEszl6MQ43v\nI98doI69oLocwl7ZmXurspzyJA4btFIayAUgKc0uF28k4ulniTPlB75QxLAvXHNy\n=AQHH\n-----END PGP MESSAGE-----\n", - "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" - } - ], - "unencrypted_suffix": "_unencrypted", - "version": "3.7.2" - } -} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/imap.kleen.consulting_acme b/hosts/surtr/dns/keys/imap.kleen.consulting_acme new file mode 100644 index 00000000..93c7179d --- /dev/null +++ b/hosts/surtr/dns/keys/imap.kleen.consulting_acme @@ -0,0 +1,26 @@ +{ + "data": "ENC[AES256_GCM,data:t7xEYLesuzkfihA3sVd7Q+0QxZDsJd3qrIHmoqGsYuXO19Ae1pyEJyMfEYe09bxCaFStah1OMoL0ZdalzDBztfPj1f8Rn2270Yft+1i5qLOawKeTG7NUD00DPUfAxtwjxxr/fpxPLryI32hRwJ7lTTibZDVGN2dLTgsYCHiZcaWTTi9ZW2W1WGGEF3EMYsId2AIa00e1aX8xxauemoCtnEoyHzfJHiTBhJwQE10YzmY0yvTGtJySfNVRFqYnoJWaBS7Qt1FbpUcv2Pd9ZqU3immYZJY0og2+Mts=,iv:IuOgRaV8qm7vRg27psvKvUYaaYtecOo2WW74G5+6Ddg=,tag:sWZ0Qyk21mSg0Ze8ZisS1A==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBROTZRTlFZRDVUK2ZiM1RM\nVGcrMitKbkU5MjdxMm5EMVgxYlhTMXVtZjFjCmR0SXZnSld1WGIvakhkZjdsZ0RN\nZnpGMWZCeVE4UEV0dThUejFoTjU3a0EKLS0tIDRGYlNYZiszRW42c3QrMTlaeGJC\nUVVrbkRVMHNiU3MvMzN1YjR4ZjdnckkKhb4FXwaRS+e3MJJ5ACFlTrB8Z+jJYpoc\nLjrhkBP2/5hBt5xn3cC967u1MSffYHUOO29liQESfpFkVuh4sF5x9w==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2022-12-27T14:23:03Z", + "mac": "ENC[AES256_GCM,data:EE1byrlNG3y+62hcdTlC2R5s1Q9FJvzpbT8yVIZfaXpK8V/0BUZo3oNfiv43qGeSXBda58XQ0a+WEhoW0PETHZEKwqDMcOwkB/39JRInIIjy4AO73gq+8Q2f0Uz4vFWJszPbuc1Sx/2zPcqjN8r53pG8dAnAtpIxJHBmDBlRp78=,iv:SZOzFjdRdhGKDkg10lM5EeF/1LzVbVL78PCg6+x0nvo=,tag:m4yyLcjMz6yuTEU1HQyzcw==,type:str]", + "pgp": [ + { + "created_at": "2023-01-30T11:01:31Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdA+G2M86XLy6oYKPEk2dNzRsAPD+ImOeYYYeoorC4O+Xsw\nyUlY3aKp/Hrb4JWHvC1voJ46iLD2Monay6y/wHIo7gyzsKuCArgbUZn5AbHNpE4Q\n0l4BgzoIsI3UzIGJJjEbQ8PYiYUQfe8NESTzPpAKukuHTpdQNzkwI+ru1Z6oV9ja\niaxoUSimR+tNwPBj7gybwMwFHwukz48FRfonXFFzt4lp/iuKBNrLlOaMCDFWiU3s\n=N9in\n-----END PGP MESSAGE-----\n", + "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.7.3" + } +} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/imap.kleen.consulting_acme.yaml b/hosts/surtr/dns/keys/imap.kleen.consulting_acme.yaml deleted file mode 100644 index 37a94693..00000000 --- a/hosts/surtr/dns/keys/imap.kleen.consulting_acme.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{ - "data": "ENC[AES256_GCM,data:t7xEYLesuzkfihA3sVd7Q+0QxZDsJd3qrIHmoqGsYuXO19Ae1pyEJyMfEYe09bxCaFStah1OMoL0ZdalzDBztfPj1f8Rn2270Yft+1i5qLOawKeTG7NUD00DPUfAxtwjxxr/fpxPLryI32hRwJ7lTTibZDVGN2dLTgsYCHiZcaWTTi9ZW2W1WGGEF3EMYsId2AIa00e1aX8xxauemoCtnEoyHzfJHiTBhJwQE10YzmY0yvTGtJySfNVRFqYnoJWaBS7Qt1FbpUcv2Pd9ZqU3immYZJY0og2+Mts=,iv:IuOgRaV8qm7vRg27psvKvUYaaYtecOo2WW74G5+6Ddg=,tag:sWZ0Qyk21mSg0Ze8ZisS1A==,type:str]", - "sops": { - "kms": null, - "gcp_kms": null, - "azure_kv": null, - "hc_vault": null, - "age": null, - "lastmodified": "2022-12-27T14:23:03Z", - "mac": "ENC[AES256_GCM,data:EE1byrlNG3y+62hcdTlC2R5s1Q9FJvzpbT8yVIZfaXpK8V/0BUZo3oNfiv43qGeSXBda58XQ0a+WEhoW0PETHZEKwqDMcOwkB/39JRInIIjy4AO73gq+8Q2f0Uz4vFWJszPbuc1Sx/2zPcqjN8r53pG8dAnAtpIxJHBmDBlRp78=,iv:SZOzFjdRdhGKDkg10lM5EeF/1LzVbVL78PCg6+x0nvo=,tag:m4yyLcjMz6yuTEU1HQyzcw==,type:str]", - "pgp": [ - { - "created_at": "2022-12-27T14:23:03Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAzgKPZSReVLFxDv5FrRDVvrN/KuaJtilnbXiunrbjj0Qw\nJrhb9u9CEfSbw2Awr893DssCEmBsmcgJsu2tO+WYJLLl9EMqiv/a3BUxP7EdSi4A\n0l4B6dplMxktqE9CTSxO/H2WNYobng32PxfIHtQUfdg/E66QJuKR6pj6ExmITTOV\nlkBfyTOoPreKI5+cdy8hBGH4/5Mfga88UTrB+lk0kXog6s/QaXPz2HDlPDw3gTZq\n=h4Vw\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-12-27T14:23:03Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdABNXiiUHXBlVqB/44Z7CkjkJ8BJrp3XfsdFKCU4EClTww\n6kNZVhi3zk5WJo2Rs5FL/8tyAXzzwGF/9nGiN/91Rk+KUW3poXO/ENkxoEacyXqT\n0l4B+4VSajdP7MDVw0x48xr/D6qobx4rsBVrT1YX/YtSWymF3/ytddgVxqAyysWC\nQONCydTfRn0jBAjyLu3+e10zZ961WYxe1Nq5hJZR+BiJ0m/FjU1Z4ukebyOG1ks+\n=MyJj\n-----END PGP MESSAGE-----\n", - "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" - } - ], - "unencrypted_suffix": "_unencrypted", - "version": "3.7.3" - } -} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/kleen.consulting_acme b/hosts/surtr/dns/keys/kleen.consulting_acme new file mode 100644 index 00000000..bb53810b --- /dev/null +++ b/hosts/surtr/dns/keys/kleen.consulting_acme @@ -0,0 +1,26 @@ +{ + "data": "ENC[AES256_GCM,data:hve7CwUKajPdbRYUnd58j4+MkJWk3Vr2cNxmFJ+E1cUtRlQF3UeOBaZ2a+yDXJrTwtw4tw7+by+ZQ8HUJ0Z7LTE7mx/EQ/FMMyQEopvPgaBjDk9xmWVe4JJsO6w31Hpl1Niu49TQyCakptvgTHs3cFUYFBTNTJeYAZuDq3BvZ5Hagr8UKiGcyu3jCaohPYqFZuRhhasnpF5kLQ5m8oP78iyKx+kuqUoryrP0atkveB9VGH2obVlRRrMQkE7VTlM3UNGl1TjmV6W+XPcWnQp2BQ==,iv:eiYnWiBCgGzDCXgREDg1sHzQhKpel8zb8MMQUOGSLFU=,tag:VKowaUlQ8zxR1OVHwAa8Zw==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxRW03RHVDYTlzMEc1b1Fp\ncktmRGJ2OVJUN1JibmdmT01KcjVTamNpQ1FVCnYybjBMdmRsazlFWEJIaHgzL3ph\nMnpsbUl1c1lEZVBCNGljR1F3VXNtSWcKLS0tIFlQeFRVR05XTldEaEpMZDNHTjNj\neGtuSU41Zm10ZnplNmdxNWI1MlE1NHMKcl+I9oAe/9neixl9elJCFtMYGZ+YufjB\niSCXe7uw95ugRFVBE1bjLxH/I60PGKTLtAI2T/dFgn7RuJYBBDaFyA==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2022-12-27T14:22:55Z", + "mac": "ENC[AES256_GCM,data:7HS406wQjJAkjJ/nessmXyYjSZUvvt3c+rh6g1DGY5Qx4OiMjsqtPdKqwyd8GflaHOwveXYl+l3Ws3hqvVItIWUscrA8YRVuvvLiXNHTOJ35I1xpfOfrJR6R4GjncZ3NLn/uXmT88Rd+5wyVzxG/NSajEX6vRFfJMH1YIZzvJIY=,iv:camTYTuw/huEsNkPudN7ZZPb36rRdIdqVvqhqwVY9y8=,tag:lzAjBUzyok6W7rWxKARs5g==,type:str]", + "pgp": [ + { + "created_at": "2023-01-30T11:01:02Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAAX8EZDsAl1e+qxuypr81+0VkaklzmTibZ99m0RPJLTsw\nySGL1LncxNlNnmBJ5xIu/KYDsvzFxXTRgKfb/qSSzZDeCcwJpBDUGuJlLHouUHe7\n0lwB0rnyleIvrMsVIhs5nl9+6yYgKhAcIJVOSoA72CirsS0ZVCgG+B8hy2JMIHb2\nYAVcWXaNfCsM9kzYuyMJzCvD0t3MtnKGIF3peq14I4WslIFx+jMYsL5kNV5MGg==\n=FlBJ\n-----END PGP MESSAGE-----\n", + "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.7.3" + } +} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/kleen.consulting_acme.yaml b/hosts/surtr/dns/keys/kleen.consulting_acme.yaml deleted file mode 100644 index 443533ca..00000000 --- a/hosts/surtr/dns/keys/kleen.consulting_acme.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{ - "data": "ENC[AES256_GCM,data:hve7CwUKajPdbRYUnd58j4+MkJWk3Vr2cNxmFJ+E1cUtRlQF3UeOBaZ2a+yDXJrTwtw4tw7+by+ZQ8HUJ0Z7LTE7mx/EQ/FMMyQEopvPgaBjDk9xmWVe4JJsO6w31Hpl1Niu49TQyCakptvgTHs3cFUYFBTNTJeYAZuDq3BvZ5Hagr8UKiGcyu3jCaohPYqFZuRhhasnpF5kLQ5m8oP78iyKx+kuqUoryrP0atkveB9VGH2obVlRRrMQkE7VTlM3UNGl1TjmV6W+XPcWnQp2BQ==,iv:eiYnWiBCgGzDCXgREDg1sHzQhKpel8zb8MMQUOGSLFU=,tag:VKowaUlQ8zxR1OVHwAa8Zw==,type:str]", - "sops": { - "kms": null, - "gcp_kms": null, - "azure_kv": null, - "hc_vault": null, - "age": null, - "lastmodified": "2022-12-27T14:22:55Z", - "mac": "ENC[AES256_GCM,data:7HS406wQjJAkjJ/nessmXyYjSZUvvt3c+rh6g1DGY5Qx4OiMjsqtPdKqwyd8GflaHOwveXYl+l3Ws3hqvVItIWUscrA8YRVuvvLiXNHTOJ35I1xpfOfrJR6R4GjncZ3NLn/uXmT88Rd+5wyVzxG/NSajEX6vRFfJMH1YIZzvJIY=,iv:camTYTuw/huEsNkPudN7ZZPb36rRdIdqVvqhqwVY9y8=,tag:lzAjBUzyok6W7rWxKARs5g==,type:str]", - "pgp": [ - { - "created_at": "2022-12-27T14:22:54Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAjPnl2v4+xAwAupY8EA94bLsHr0TxTrzos3xpUWzsMy4w\n2D0uNr0+NPuOqMD0psr+Mv/WfDW1SMhHcK9sa5Y0JEmdLg3jBUFrUInyqdYGj8j5\n0lwBcsyp7uvsMDbQHYzrX7Zz3Fo5NInZtgwyAAVoLZTzXTOj7U/mGpl0WFf+7t+6\nfPkp4b1DeORFrgkggciZy9fGqac7eLLn2fcqdXqDFcE2TIk7Ahtf52Y8TbHMRQ==\n=/D9Q\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-12-27T14:22:54Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdApyLDGhMx8Ie5VncLqBa6qOed4Fq9gGXZN+/Y1nlRQBgw\n+8PmRdb+7xggzDcyzdOB9cYfYB1XBj9x7JhjK3O2U1Pclcr0d9G4/AsMm5CJa8cm\n0lwBxpCBkK5GQTNJ8SHEaY+EEmDnTWf+9Fe8yU+bMumq8FX03E2MVj3TX9TIXfpi\nFwF/nlov3ecpG7IYT1tsd5AsXvZcA3l1//o0Xr24ck8qDaWvuEu/y1dvUzTUQQ==\n=EUFK\n-----END PGP MESSAGE-----\n", - "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" - } - ], - "unencrypted_suffix": "_unencrypted", - "version": "3.7.3" - } -} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/kleen.li_acme b/hosts/surtr/dns/keys/kleen.li_acme new file mode 100644 index 00000000..9e606fd7 --- /dev/null +++ b/hosts/surtr/dns/keys/kleen.li_acme @@ -0,0 +1,26 @@ +{ + "data": "ENC[AES256_GCM,data:ClN4TVWJoCYh6Rl/Vp+x+jPlIDkkz9SV7qzLBenjPDviIzkBqGmNwySsV5Dy/uxbrmNkc+C4sYkv+5H+3O7R1fWwTDlZuiWpd+lAJrco9f8CjyZku2RQi1UfP31z+/nAKo4wSy22++UfLmYR5NGWWB6pbfm/KL27vC75RNOvPZXhOBxxl5imObdY6i3cJ7A5e9PsbR7qZq+gFBtq7IisSHD1sDvpiOAcstKo8ITsZ5bXCYmrFiJ41LJNSINN+/mE,iv:a/T6pQGuDW3qBzr2y0GrPyeoMRlCI0VvKUZJQFGYTew=,tag:2rL3o/L+xYAsP/vWbWFsOw==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhTW5HbmtybTFOcHpRQ3BX\nQUhRclpPOUF6Ymg4dWFaWmllWWZjWnRYYnpjCmVGOWhDV1RXdVJHR3dMWmVHaGRo\nbzFmOVRWNDkvM0IxQVNHdVRFcnhMWWMKLS0tIFlKUHhveE4vVW02ZDFkR3Y2SmI4\nMnU3bUk5ZXNuZGxXRGJRN3dhejQyNDQKtZZuZ4oYF95R5kcHh/xwFD38LE3HFVXs\ndMFFGoroo+Wfe+Vw4y2hZWM2dxir++XuL24ywuDf2v5veZr0KFG+6A==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2022-02-22T14:43:57Z", + "mac": "ENC[AES256_GCM,data:KGOS17/BCjGbzBXOAJav9aAs1d0ymAISoAu14nGCVdxLrhySM+sRgoo7XO3kG5xCfIn7dJGMhC5vIyLoHLl7il0FuSjhFztr1AvSAvmb09CaQksj/KTSXk3N+Tp2++Lvn8xPtNGcYTu/pK+0WLC2jt52KcbsXTVRSMtZO59+ekg=,iv:l2tcVM8c1HkJ5W4rc8ZPffx5fzAKcn7IjgjU3zxSpdE=,tag:KRabrd9nNhqmN/2YtzzPig==,type:str]", + "pgp": [ + { + "created_at": "2023-01-30T11:01:17Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAMWLHWiyJuTZmgKVZ0+JljLQDV0Ifv6l8zg3t3KbvTTQw\nCGYKVNHGMKbFNm92CXB0RS3wxA5RyBsviqgPyyCE5BQ9T7GDrnNOPRhtfY6h5Etl\n0l4BKufzu2YJHEVkBy+TmDsKC9nD6GR/Zw7uk2PpgA00Xe24g2QXjSGnOM897ahN\nSs1Ow+orruXNxwU4Ct34XQ56wyZr6kqIyp17VJZ295lCVxQ8UdofBExHHuX8rqwD\n=dx9q\n-----END PGP MESSAGE-----\n", + "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.7.1" + } +} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/kleen.li_acme.yaml b/hosts/surtr/dns/keys/kleen.li_acme.yaml deleted file mode 100644 index 18122f48..00000000 --- a/hosts/surtr/dns/keys/kleen.li_acme.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{ - "data": "ENC[AES256_GCM,data:ClN4TVWJoCYh6Rl/Vp+x+jPlIDkkz9SV7qzLBenjPDviIzkBqGmNwySsV5Dy/uxbrmNkc+C4sYkv+5H+3O7R1fWwTDlZuiWpd+lAJrco9f8CjyZku2RQi1UfP31z+/nAKo4wSy22++UfLmYR5NGWWB6pbfm/KL27vC75RNOvPZXhOBxxl5imObdY6i3cJ7A5e9PsbR7qZq+gFBtq7IisSHD1sDvpiOAcstKo8ITsZ5bXCYmrFiJ41LJNSINN+/mE,iv:a/T6pQGuDW3qBzr2y0GrPyeoMRlCI0VvKUZJQFGYTew=,tag:2rL3o/L+xYAsP/vWbWFsOw==,type:str]", - "sops": { - "kms": null, - "gcp_kms": null, - "azure_kv": null, - "hc_vault": null, - "age": null, - "lastmodified": "2022-02-22T14:43:57Z", - "mac": "ENC[AES256_GCM,data:KGOS17/BCjGbzBXOAJav9aAs1d0ymAISoAu14nGCVdxLrhySM+sRgoo7XO3kG5xCfIn7dJGMhC5vIyLoHLl7il0FuSjhFztr1AvSAvmb09CaQksj/KTSXk3N+Tp2++Lvn8xPtNGcYTu/pK+0WLC2jt52KcbsXTVRSMtZO59+ekg=,iv:l2tcVM8c1HkJ5W4rc8ZPffx5fzAKcn7IjgjU3zxSpdE=,tag:KRabrd9nNhqmN/2YtzzPig==,type:str]", - "pgp": [ - { - "created_at": "2022-02-22T14:43:57Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAyCmRdezTNHo04OWMJRfeOfkNwA8iN5ORlR4MSnxHvi8w\n5qxpEl+NtPyGunAOm58zc6Ai8+2yuXsCGoTVDar5jL1poNgYMecwCHkMopYBOreC\n0l4BcGGs4AkKTzqEU/tBe4YKqp/6QBZ3N0giPeGWedA248Vnz9Lq9eHynhCkCB1O\n8y0wUf6159s+00MEaMlAHODPKetBTve2xa8W+6OvQqIYSxaaTJ01cI9n1deYSa1e\n=ke67\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-02-22T14:43:57Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAPlaZrCGl5FDZ3v+RG62I/FfyPA+qTepdegSTFo6m+lgw\nyEacJxkCO28hMsFgHhLXRveP7tKrWt7WAi91rU8j1LFrTLGV6PogA+jLGbAJeBQI\n0l4B8UDf/vNK7d1cWeScOO7a4HPsJ9jQDxEk3JB1c5funVqbK3h8HUMmbtbBABXF\n9ga0Ra4UC9s3pLUz8ykMQ5C/GCCd446HDHLbi9daXVTTGMnlkXhSgyA7VvCWUjnL\n=mwTD\n-----END PGP MESSAGE-----\n", - "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" - } - ], - "unencrypted_suffix": "_unencrypted", - "version": "3.7.1" - } -} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/knot_local b/hosts/surtr/dns/keys/knot_local new file mode 100644 index 00000000..fd9ad42f --- /dev/null +++ b/hosts/surtr/dns/keys/knot_local @@ -0,0 +1,26 @@ +{ + "data": "ENC[AES256_GCM,data:kSTzSFxJhKHPlAfdDT04v88yha8cIagAZZ3hJKqKrfB5tHi5Ek2Yzz/qndvjyBHb3B2PbbeVOUGuNXdZziJYpT0rdwK9vTGnxkaZS1cw0jKf9p/CLRAi3bDgCUti4oPjtQDh5Jj8gDokRs3u6SthaBcz2tZOqDyjKfWWzGlIMtRfSnx7KjgX2Anrhf2/B7vr2Van9XhMTTFiacLpYjZUXeo7v6ZOb49G2b+XxzxrYrY=,iv:b5DeWUu+BpvxhYrKBxpr6m+Ivz+1oLPY5sTZYq6GsJA=,tag:Tvb6w/8Qbro3I7MZ97HKlA==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzRWVHTzUwTEJ0aGxiSnlm\nL0VCTi8xMGdvREovUVlXYW00K3JyZU80Y1FzCkxhRWZxUkJjVVVjUkNlMGdCRWVH\na3RSd2RDQldNMjdhSFNsV3RlNVRST00KLS0tIDF0UmtKT3RWcE4waVFKdWFMV3c5\nQmFweFFaSTNKWERGdS9UMmxZd0UvZVEKADUXjSonpTZrPZhs92HIz4a0ZqcdxyRO\nD1uYTtBUHwZMvIwG1p49RzOfJX48feZGc7L5foIqbnzaCIHTYE/FrQ==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2022-02-22T10:29:34Z", + "mac": "ENC[AES256_GCM,data:wBzMMSuaNfITvC42rOCWznMCATwjLrz66h+0QURoJONGw/GMVejkdQ+F9s0UFz7PyVKPAxWgSC4Km+ve9nX2c+f1lGyo4YpWDYKtVlZuUd7/Alf1ctl4epZLZihZVc0XLRNgH/Th7D4c+7WyHi8XT1l/AHmbixG4Jxwh8/b0TIY=,iv:vTs3qIMHLIt39RSze3YRkJUkuOUganvtIs90qsXekcc=,tag:EaVQq7DyPvM1CufOtrFDsw==,type:str]", + "pgp": [ + { + "created_at": "2023-01-30T11:01:24Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAwWqVll2MtAeCbvk45lMh1mmCoWVoiFUOXct5YUkE5zgw\nu6VF6vJpn1t68IWSAy9rM+H7D8B+dCdxehkjNEOUO8jfA2WgDpecmCJUrTqv2VaW\n0l4BKxaOBd9jfTi1RYKkzo99C0RpHaUJqKjVpPYmCqrEw3KpFEattdYS6/TDKuEY\nFOQxbR6+n/X8JcgrmrUpmmlXIeDAQCoNnyYG75MCcJkCJP18E/Vmn68K5JQnyR+B\n=bRoI\n-----END PGP MESSAGE-----\n", + "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.7.1" + } +} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/knot_local.yaml b/hosts/surtr/dns/keys/knot_local.yaml deleted file mode 100644 index a170ff72..00000000 --- a/hosts/surtr/dns/keys/knot_local.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{ - "data": "ENC[AES256_GCM,data:kSTzSFxJhKHPlAfdDT04v88yha8cIagAZZ3hJKqKrfB5tHi5Ek2Yzz/qndvjyBHb3B2PbbeVOUGuNXdZziJYpT0rdwK9vTGnxkaZS1cw0jKf9p/CLRAi3bDgCUti4oPjtQDh5Jj8gDokRs3u6SthaBcz2tZOqDyjKfWWzGlIMtRfSnx7KjgX2Anrhf2/B7vr2Van9XhMTTFiacLpYjZUXeo7v6ZOb49G2b+XxzxrYrY=,iv:b5DeWUu+BpvxhYrKBxpr6m+Ivz+1oLPY5sTZYq6GsJA=,tag:Tvb6w/8Qbro3I7MZ97HKlA==,type:str]", - "sops": { - "kms": null, - "gcp_kms": null, - "azure_kv": null, - "hc_vault": null, - "age": null, - "lastmodified": "2022-02-22T10:29:34Z", - "mac": "ENC[AES256_GCM,data:wBzMMSuaNfITvC42rOCWznMCATwjLrz66h+0QURoJONGw/GMVejkdQ+F9s0UFz7PyVKPAxWgSC4Km+ve9nX2c+f1lGyo4YpWDYKtVlZuUd7/Alf1ctl4epZLZihZVc0XLRNgH/Th7D4c+7WyHi8XT1l/AHmbixG4Jxwh8/b0TIY=,iv:vTs3qIMHLIt39RSze3YRkJUkuOUganvtIs90qsXekcc=,tag:EaVQq7DyPvM1CufOtrFDsw==,type:str]", - "pgp": [ - { - "created_at": "2022-02-22T10:29:34Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAqtTjcOaobAeRPtdIlgNBWcHMyJjWoeDdXI/s/Um0lX4w\nIe0pVT/t8t5vakDey0Mu6uTZOM64UKFyH2mTJCOWtbf96tI1ML+03bJGrKNTKEKU\n0l4BTRKRJwKrnjST0/NBc6YwBYfBeKoStoh60aBm072JlWS5/SprDysqMa9xpSxy\npz9HuF5g3/slPaeohUCh8457LtdQgLzZDBbpOWHwpU55Oix+518qAEZ5AspdnHHe\n=8Y8Z\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-02-22T10:29:34Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAk0ne1fjj2mV1P+4GDfDE/1SuyvWJ6sqKjkfYgdneNEIw\ns1qLAQzboXcMm073fV/XiegSP4AVL5sa6TOy+ajHGedOk2AkTBa9dYj0QJLJAxxW\n0l4BJdS01hYhj51x2CjAMan37oDZaoNr1Z9V6SPxfnLIs74kPZuAWT9U5YvoD8bj\nwEPGgvJOHPSQbmKpRXsd7MIHxRAe2PEsTGujd6CEv+ZAfjG95EpW5P6Aie73ZZE+\n=1kB3\n-----END PGP MESSAGE-----\n", - "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" - } - ], - "unencrypted_suffix": "_unencrypted", - "version": "3.7.1" - } -} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/mailin.bouncy.email_acme b/hosts/surtr/dns/keys/mailin.bouncy.email_acme new file mode 100644 index 00000000..9686ea93 --- /dev/null +++ b/hosts/surtr/dns/keys/mailin.bouncy.email_acme @@ -0,0 +1,26 @@ +{ + "data": "ENC[AES256_GCM,data:aRpq+iUmoEQoy7wlDjTorLK0hUQdUE0RrlFAPYzoInAxrtm58xWLWYBb6FSm7oPv+B+uM04hXbTyH9xh4ZIogiV95qva1FaK+OSO9zkhP2i4SyroRyT4IKhs8ajCAj2wRSXCcUgK13UotF45y+2yJyPEOAsIossOaAJceQdi+fbW7L5z93copWyPa5XG3/KUZBNAoGFprTzB0c9luGWp8GmJ0zFZhbI+ZnKFgL9ZDTfh2e8N0VUih748AZw7YzL3uEu68BWPdXhgDo+f/DJARizmH/NyMQ==,iv:AomUPijrVdXiYI3fl8PAbJEjWZIeh7tuIZaDzJOieDk=,tag:AWkWJ+I9m7TrKKBL5cYWVw==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzSzJUVDljTFNjTmx2Wjcz\nMHJsYlM4bFJNOGM0dzFHRlBKMjJUVjY5S2lJCksraXlSMWJZUjkzZS9STllqUmhY\nb0wvVHNEQlJBUzhVeUp5d0s2a3dtbTQKLS0tIGxkQmgvcEtJZjlpL0Vya3pueFpt\nakttKzkxWkZiUnBEbUZta3k1dzk1eFEK47tV/1zvgLsbHen1SPtTDrCpXZZGxZXh\nyyQnKygL5TQJrPSMxOwfnSYaoTmSoUnKzeQo2kwiKo5XQAt5Lw0dfw==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2022-05-05T11:44:33Z", + "mac": "ENC[AES256_GCM,data:o2QxYW9SPIbOWP/iQ2Mk1imSUWBwPOkPUTIVub/Y4Yse0RkR6qp1LlRdhB5aOKirInKNulA0iCm5uiDyGS02N52wrmQpnWjeMcFysZ9rzzRPIaEUa31GIWRQAt11amO56hM9JTBZGmq5bhPVRxRBfMT4PSgUT/KrRJSQCVXGyAs=,iv:OWk/08GxYylbjqcOjJnC81L4P+QyUkyxYaJ+qReGzIo=,tag:4r4eVCB5s462uMbb8lrnXg==,type:str]", + "pgp": [ + { + "created_at": "2023-01-30T11:02:04Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAq41eSHW4AL+7p4OKovN/uch4Nh1zmcws1d5hxo40ayMw\nHwPOzn2yIjkUMIVLYqxtlN3KlClPiDUrjcOBhS+Xvu/77SRQeu27X+JynaHqDLt5\n0l4BZmgxTT1z/s8LCyKPK+woRZheVoXlvORbZkzKW1zjObVxXcyFqDytbeFtiS/G\n0PKbfPenf+VfEUN0Qiw9i4ggx41bsS1qKVeiVe7YR6aisThv0ZdXc3Fo2L+Lq7lB\n=Sq6N\n-----END PGP MESSAGE-----\n", + "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.7.2" + } +} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/mailin.bouncy.email_acme.yaml b/hosts/surtr/dns/keys/mailin.bouncy.email_acme.yaml deleted file mode 100644 index 495af908..00000000 --- a/hosts/surtr/dns/keys/mailin.bouncy.email_acme.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{ - "data": "ENC[AES256_GCM,data:aRpq+iUmoEQoy7wlDjTorLK0hUQdUE0RrlFAPYzoInAxrtm58xWLWYBb6FSm7oPv+B+uM04hXbTyH9xh4ZIogiV95qva1FaK+OSO9zkhP2i4SyroRyT4IKhs8ajCAj2wRSXCcUgK13UotF45y+2yJyPEOAsIossOaAJceQdi+fbW7L5z93copWyPa5XG3/KUZBNAoGFprTzB0c9luGWp8GmJ0zFZhbI+ZnKFgL9ZDTfh2e8N0VUih748AZw7YzL3uEu68BWPdXhgDo+f/DJARizmH/NyMQ==,iv:AomUPijrVdXiYI3fl8PAbJEjWZIeh7tuIZaDzJOieDk=,tag:AWkWJ+I9m7TrKKBL5cYWVw==,type:str]", - "sops": { - "kms": null, - "gcp_kms": null, - "azure_kv": null, - "hc_vault": null, - "age": null, - "lastmodified": "2022-05-05T11:44:33Z", - "mac": "ENC[AES256_GCM,data:o2QxYW9SPIbOWP/iQ2Mk1imSUWBwPOkPUTIVub/Y4Yse0RkR6qp1LlRdhB5aOKirInKNulA0iCm5uiDyGS02N52wrmQpnWjeMcFysZ9rzzRPIaEUa31GIWRQAt11amO56hM9JTBZGmq5bhPVRxRBfMT4PSgUT/KrRJSQCVXGyAs=,iv:OWk/08GxYylbjqcOjJnC81L4P+QyUkyxYaJ+qReGzIo=,tag:4r4eVCB5s462uMbb8lrnXg==,type:str]", - "pgp": [ - { - "created_at": "2022-05-05T11:44:33Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAymwXeFtQyiAgb+/Rm5jxPCnKWG3n7libf3zmYbQw7B0w\ndAmL/pukd3B8n3+lcdHDZodtr3W4LyatgdSXOUG51hRoqEq16b2MmCM43jTUnYQd\n0l4BWTk98DfAZ/6z7ulexqbCmfJSfJzUJGBnLqTBq2dnxeHHWpY/tpGp6BAi2n+p\nxtooPP9PUC2wbXFyf0FB5nGg+JvsNi4FspDwFYljnDKmXBnn1H3IfCmUhy1chWty\n=a8nm\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-05-05T11:44:33Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdA0t4v/UKyR3uWG2NpFqxZRG7Hj05+akMq5ZnU7B/VrgQw\n4WIpnT+nqxM7c+vFNe/AVyO+R82qQrMbTL0QHpD5rUDdszFVw1UH/ELMH3rrcRlz\n0l4Bf8bWylnKOvPqeyklEktiSUXoMWqs0AbD+LuTUgqz/JvuO6AqvgbfPUvm5eOM\npI2DEW11SZeqiUai3N/H34myzQ7kSoVSfJobUfmBazIq69DBSSWz0sksMw98+yWK\n=q0Ui\n-----END PGP MESSAGE-----\n", - "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" - } - ], - "unencrypted_suffix": "_unencrypted", - "version": "3.7.2" - } -} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/mailin.kleen.consulting_acme b/hosts/surtr/dns/keys/mailin.kleen.consulting_acme new file mode 100644 index 00000000..d8c92fd4 --- /dev/null +++ b/hosts/surtr/dns/keys/mailin.kleen.consulting_acme @@ -0,0 +1,26 @@ +{ + "data": "ENC[AES256_GCM,data:6oOxLQ4chP/DRzs7DImi/kx4R86JLrjgtCyqSPn75HJMxVntcxkJDYIkDtIbvqdvCGDoYsMD0RfZy8hRTO+t76R0WPW160Z5XHuKFvLl5to/xgfb4fHZKby7paYdGScPho8kszQnFKEaM78JpkVWxqYq3sl620unkw4H6QZR4fMmEzaZWKAu2tjTn0Ytl+9fj9mwmWZRJXtqby2MQP3xbVhFuLgLWI/15S1wygbX7ORlnmZvWunKpH/D6m109Xxo8IRfpApPwYlnZw79rMse/4QYUDT/ekeeE/4RTAwC,iv:uqz5Yp7BpxQFg14swjNS5yvW2xH4HUFbZwKGoTVXrIE=,tag:RiBW3FbSsy1D2JYyK5kTIg==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHQW04dmV0cEcrb1crb3NL\nN2NTWTh4K2YxK0NGbkdzVWgwT200blBPUWhVCmRIZ3FjV3FMMzM0MVB0VFJLMUV2\nanZlamIyQzhBaXROQUJzWGd0U0xNU3MKLS0tIEZzNHdSYU9xamNNT0V0aC9DdXNk\nOWxaS1BGNTNKa1pMZlNKYXYxSStuSlUK51CXywenaleKF4p+UYbPzPjueIc47Iak\nhzd9wf0wARTD4Z9UAUtpx1c034x+G7j2WHGaoXAA6KqiETbdA1Jdog==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2022-12-27T14:23:02Z", + "mac": "ENC[AES256_GCM,data:Hm7dawU5Gw9Fm2ERSfaX97q6ia6iw999qofUIWAznEQSqeat8n6cGxiVsXU2scG1LYHUvtyGowFZ9KIbRBXSr1DootH5BzHYqP7Fh3/kKIgk2VToKqr2fUTcjQz0vSxJq9gdIeUpX68qLBptJJYbMtnk0tZUVMcXExiqIHB/9hA=,iv:W4WX0J0jXzixLFBnzvEv/p7Ockv5O7hf/x6WgoIRNTw=,tag:N6zfewA0bIIR3UVqRlUOqA==,type:str]", + "pgp": [ + { + "created_at": "2023-01-30T11:02:03Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAtVYPFDtr+tLgOQBWalYhx0STngd/dRake3RjjX9kC20w\n+B9TCRYK3T/dx6/9JiSr/6/9U4wPiOulI49PlPHtTzoBdovoWG8j5o87EFjWMmGY\n0l4BKdlpdOFwURQMOqsV4+htXH0OjD5lB2AVWeumfCdcDj6BQvCHeFPMoktzkWcW\nr5/2FXp410DokwnEfFa6x/h+UTz3pKCwEp3NskuxdaPLby0Yn9Sx/VbD+oGOte/c\n=XZy2\n-----END PGP MESSAGE-----\n", + "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.7.3" + } +} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/mailin.kleen.consulting_acme.yaml b/hosts/surtr/dns/keys/mailin.kleen.consulting_acme.yaml deleted file mode 100644 index 13bfe96e..00000000 --- a/hosts/surtr/dns/keys/mailin.kleen.consulting_acme.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{ - "data": "ENC[AES256_GCM,data:6oOxLQ4chP/DRzs7DImi/kx4R86JLrjgtCyqSPn75HJMxVntcxkJDYIkDtIbvqdvCGDoYsMD0RfZy8hRTO+t76R0WPW160Z5XHuKFvLl5to/xgfb4fHZKby7paYdGScPho8kszQnFKEaM78JpkVWxqYq3sl620unkw4H6QZR4fMmEzaZWKAu2tjTn0Ytl+9fj9mwmWZRJXtqby2MQP3xbVhFuLgLWI/15S1wygbX7ORlnmZvWunKpH/D6m109Xxo8IRfpApPwYlnZw79rMse/4QYUDT/ekeeE/4RTAwC,iv:uqz5Yp7BpxQFg14swjNS5yvW2xH4HUFbZwKGoTVXrIE=,tag:RiBW3FbSsy1D2JYyK5kTIg==,type:str]", - "sops": { - "kms": null, - "gcp_kms": null, - "azure_kv": null, - "hc_vault": null, - "age": null, - "lastmodified": "2022-12-27T14:23:02Z", - "mac": "ENC[AES256_GCM,data:Hm7dawU5Gw9Fm2ERSfaX97q6ia6iw999qofUIWAznEQSqeat8n6cGxiVsXU2scG1LYHUvtyGowFZ9KIbRBXSr1DootH5BzHYqP7Fh3/kKIgk2VToKqr2fUTcjQz0vSxJq9gdIeUpX68qLBptJJYbMtnk0tZUVMcXExiqIHB/9hA=,iv:W4WX0J0jXzixLFBnzvEv/p7Ockv5O7hf/x6WgoIRNTw=,tag:N6zfewA0bIIR3UVqRlUOqA==,type:str]", - "pgp": [ - { - "created_at": "2022-12-27T14:23:02Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAxGlaM4KVKBdUNjCIY1uBXJgRJhPBOoZTjZ1fntNXwU4w\nu82oB1vDeIzdDtRqvA6iv5QHV7MOAgv9hVtQemiDAjzrhUlzGkw/TGzmmbfhKbtB\n0l4B+HNbxNOqimYxBNHeJeeTAgPU3lu1AI8bDbQqpIyp7WXJ5nuxPKWxFgSEPgqX\nXRdNgardnV4XElgascQdvN7aGgb9qTXu/5lp/4btQ2PdO1at9io7RsE7tvJWKno0\n=lMzD\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-12-27T14:23:02Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAs4KR4Eed6EPThcPa8ngRTwuj048jtx4o7Bpg18SF/iIw\nih5u3V1RtclZeee/q4fsckoJeenIUGp0YzUUqligWALbxTwyPwJzHQX9yovTtkbR\n0l4BHtPvjbTmb3agauGVPS/xrBJDLu408mrQ6jTE61XwMVeNYwHGo5+FVvNq6xpl\nlRtgKHHrjJ35+1BBZ4tKKrnx3OskdAE9f/ZpNfF2/jPVtJystjOp01sGhpfMD4Nz\n=XbgW\n-----END PGP MESSAGE-----\n", - "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" - } - ], - "unencrypted_suffix": "_unencrypted", - "version": "3.7.3" - } -} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/mailsub.bouncy.email_acme b/hosts/surtr/dns/keys/mailsub.bouncy.email_acme new file mode 100644 index 00000000..5a643b8e --- /dev/null +++ b/hosts/surtr/dns/keys/mailsub.bouncy.email_acme @@ -0,0 +1,26 @@ +{ + "data": "ENC[AES256_GCM,data:wjU+ojwNIfiQamoOpB2MVyOB6WCCjpt1xwWO/LYD2YJqXkjl8ko4hf/wC+Q1SPkvvHPFtxxiQh1dzcl+8Wh6Xicb5HNMxiAXUQAr7gMG25nfyv3m0vB9msPDeEcbrE4t7bXOuZUBuOx9iU5UmA5kN9oTOcCT5i/db9ILEjcSvkvysk10WytyXK5CEHu5Y+gwlIJ+tP/eG/zEcXGHbDb/feQSn+Xwt3Jrdef9cau+pZB7zexIpMkvwryG9cpZCJUUDBYOhaHO+iLiO3+IEoDpr5Dabsuk9Nez,iv:ogd5X7Ss0Izl7AuJ0NvO4zKsMDDjsew3JLb0wElFhHE=,tag:f2IWgpCELipQdM+4IrtIVg==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBpallLaEkxeG4rUHAxSEF5\nOGNqUE5xT0w2ZHA1akJreVpFZ2g1OG5CMFM0CnJGOGFFTTRuVUlyd3NoMEJEVnBM\nbjB0aDNoQmUyMDRlb1F6MC9rLy9RSEkKLS0tIDlnZ3U1VHB2WW9NM3M3ZmFKaDZU\nNGMyRWdsTENUTDR4YXo1eWdZV0p6OXMKVnCoPGLibG1tPHf9Rgn1Nn2yAYaicgE4\nWERPB4CSJ4fWvV9ftunZeDvt6TahRL7J9Lzb+HidpVFLs4GmGEm0mg==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2022-05-05T11:44:34Z", + "mac": "ENC[AES256_GCM,data:cCqLh/qhAiicPFl1p16icG8JacpQTYjnRByjRVkD1wZ2i+M/4/LXL1O46GZJvNMNlOTN6Be6IIeazGnO7MP6oxo6He2hovD0Ej5WbSruiwL2cuVvZ3vSpFI8psWS22NBgnNXCcxA+giS5b/jlRI7pcTQ2Knwwzh7Y4Xdp/UBAi8=,iv:6wC4JpdL90zwezMsoLeE5XGwxMvUdHGaVnZqfLcd//M=,tag:7peBKCXYlivsVY9hgNojyA==,type:str]", + "pgp": [ + { + "created_at": "2023-01-30T11:01:32Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAFuIV3AN1SJmuRRm6oPfnR9OHseOTn23Vkh6D2DWLkSkw\nuAJdvUMsYEEIFA7KPUFBWNmr5TbBWlvP+fpub0HscN3zWM49jFWufswqNKFgj3+t\n0l4BRUgiJOcItfip64gJN3tydsnAXFDfPbBq5ctysEF1SLmNVHPK+UveTcY5KurU\nhm5ilR0+uMbgW31L7wX5+utimfzNNkCzURR3QHCw0CO6hai+meRhekw0eabcze4E\n=JX0x\n-----END PGP MESSAGE-----\n", + "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.7.2" + } +} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/mailsub.bouncy.email_acme.yaml b/hosts/surtr/dns/keys/mailsub.bouncy.email_acme.yaml deleted file mode 100644 index 63d18e50..00000000 --- a/hosts/surtr/dns/keys/mailsub.bouncy.email_acme.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{ - "data": "ENC[AES256_GCM,data:wjU+ojwNIfiQamoOpB2MVyOB6WCCjpt1xwWO/LYD2YJqXkjl8ko4hf/wC+Q1SPkvvHPFtxxiQh1dzcl+8Wh6Xicb5HNMxiAXUQAr7gMG25nfyv3m0vB9msPDeEcbrE4t7bXOuZUBuOx9iU5UmA5kN9oTOcCT5i/db9ILEjcSvkvysk10WytyXK5CEHu5Y+gwlIJ+tP/eG/zEcXGHbDb/feQSn+Xwt3Jrdef9cau+pZB7zexIpMkvwryG9cpZCJUUDBYOhaHO+iLiO3+IEoDpr5Dabsuk9Nez,iv:ogd5X7Ss0Izl7AuJ0NvO4zKsMDDjsew3JLb0wElFhHE=,tag:f2IWgpCELipQdM+4IrtIVg==,type:str]", - "sops": { - "kms": null, - "gcp_kms": null, - "azure_kv": null, - "hc_vault": null, - "age": null, - "lastmodified": "2022-05-05T11:44:34Z", - "mac": "ENC[AES256_GCM,data:cCqLh/qhAiicPFl1p16icG8JacpQTYjnRByjRVkD1wZ2i+M/4/LXL1O46GZJvNMNlOTN6Be6IIeazGnO7MP6oxo6He2hovD0Ej5WbSruiwL2cuVvZ3vSpFI8psWS22NBgnNXCcxA+giS5b/jlRI7pcTQ2Knwwzh7Y4Xdp/UBAi8=,iv:6wC4JpdL90zwezMsoLeE5XGwxMvUdHGaVnZqfLcd//M=,tag:7peBKCXYlivsVY9hgNojyA==,type:str]", - "pgp": [ - { - "created_at": "2022-05-05T11:44:34Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAJ2Nl+Jhuqa6LwqsC/EPuYPU9YzPaD11JMhPxyMnk2CMw\nIJWVCeIbXlUWulQF497/yvCX+gpODsk//xTc9J1Uv02uH0HZPYQaVMVs9sqg1NW/\n0l4BpYd98/J0fFwvjhlu/6AB8zrQ2OEegjlOSGDhrAObOBx5xly3IJOF0dObl3fO\nKuauEC3fXJ/s6dugdGDklNhrdRSlfgmigSErUyB0kjo9mF/mAQ8lbzw6b5OXXBwE\n=U3Fx\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-05-05T11:44:34Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAuAXp4XtRgiQe/Nhs1oBhZxxre6e6R8uBXCUuLgp5IxIw\nUZNOL8NJB94jyqC1yxOr9mILMJw0+cQYFq8CuwSea7Cuz3WOgtVRl1ezKQlpusu5\n0l4BK5ByaesUw7P+wYuXC9VDFnKUCkSn+AA76zikuHHFu9KMd/4p6FcHboQyFz54\nguRNReB6U3y2g9KIwKo/hAk+8NHnuqH9w9Cfb2IIsU5a663AhLv/GKKkCbo0s7Ur\n=jNYe\n-----END PGP MESSAGE-----\n", - "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" - } - ], - "unencrypted_suffix": "_unencrypted", - "version": "3.7.2" - } -} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/mailsub.kleen.consulting_acme b/hosts/surtr/dns/keys/mailsub.kleen.consulting_acme new file mode 100644 index 00000000..dce49a7c --- /dev/null +++ b/hosts/surtr/dns/keys/mailsub.kleen.consulting_acme @@ -0,0 +1,26 @@ +{ + "data": "ENC[AES256_GCM,data:ef1zV1ci2IDU/lo+EzyyFknDTvGt1z8XYbdaY2zu0H5FxXk5IfKZdnM51zKgHLUy3Rx70tAgNYvWFaeaxCLT+MpTKAZqvf9bfcVweWy3lzSpva5NRRFxHppLfUt+PPyD/6DpxtHh1K61qfdWUb84Hz9X87urzJKLVWjj/4Djy96gjv9AlfOuUVMd/rpzL6zPxaISBMuG7IQMoEQBoRruMkjZFf0ZYX2S1b43h+IYjzO6ax6wHUgdDK/OBEKC6nnhp/+AcDgpDq0wpdcsTDxL2QeqJSvBoFXdJy3XVAtF2+U=,iv:PYokWslsh62z/A0ovueEKmp4Ft7zczPlUsTbHaP3464=,tag:9tf3gtmo9ps/TR6RWwAIhg==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBLbkpweXk2VVRCSkkxQXdN\nN2x5WmJJN0hyZUNsQXZINkExdGpYZlhpSzM4CnZJRU5WMlVSMXgxdzZiRzgxZUdY\ndmc0TjdZQ3lrOUFrdnVBdGNPUHVobTgKLS0tIGNOMGpJL1hXU1hsSjd0VkQvaXI1\nR2Y0NHU0aVlHaHl2RjQ1V093WEVkejAKfJr15S8JJpTPS3hVx9DS5HpdD3Qs7BD3\nMi9WHv0smQ1nQd1ENlaaLAudA22YCawRQa+TaGPAYuRcvkOkZFPAZw==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2022-12-27T14:23:02Z", + "mac": "ENC[AES256_GCM,data:e9KCj4IT+JozPfGGI+6h9l2XzIp+X4GWd2eJaJtvkh1AwrGeMHrOsODSed7VrXvEphWdp6lpur6RLjRpOjfjYx2pLvSmwlzEmPMNEdXsqUOZ9TBcfvr0GNS9jjqODigZdkV9xk4ewTHUu/mHI+E1YaVvvmxdtY5J5OxPSfp3v1k=,iv:nMU/9cksmCYI3gDqajZgrOJiK/XUMnj/xbxpceHQSVc=,tag:fDnEQC8LGvwQkK3yT/j93A==,type:str]", + "pgp": [ + { + "created_at": "2023-01-30T11:00:56Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdA+snk/qeL57fTFa2yZB3q3qY/NOP0EwLS4Y9RJ2/aGCkw\nk9SVgaq5mlZn5oizdGQUXr4iS4jhSwYHCT9PYHuKdSKnWizoF8V3AI+S5YKqDEQq\n0l4BSWoU57QJ7VyOY0WmirYfNfbAGHsr8qBjj66+nkR3QrYJ1t0+AyCUJBa2Se84\n8T4L1zcae+qJeNP/UxqlGWCGoh+YQ6gwuxuPLvsQTRfAnv51hCWzGpRxyhJ0SycF\n=ALKF\n-----END PGP MESSAGE-----\n", + "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.7.3" + } +} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/mailsub.kleen.consulting_acme.yaml b/hosts/surtr/dns/keys/mailsub.kleen.consulting_acme.yaml deleted file mode 100644 index 5c5fe95f..00000000 --- a/hosts/surtr/dns/keys/mailsub.kleen.consulting_acme.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{ - "data": "ENC[AES256_GCM,data:ef1zV1ci2IDU/lo+EzyyFknDTvGt1z8XYbdaY2zu0H5FxXk5IfKZdnM51zKgHLUy3Rx70tAgNYvWFaeaxCLT+MpTKAZqvf9bfcVweWy3lzSpva5NRRFxHppLfUt+PPyD/6DpxtHh1K61qfdWUb84Hz9X87urzJKLVWjj/4Djy96gjv9AlfOuUVMd/rpzL6zPxaISBMuG7IQMoEQBoRruMkjZFf0ZYX2S1b43h+IYjzO6ax6wHUgdDK/OBEKC6nnhp/+AcDgpDq0wpdcsTDxL2QeqJSvBoFXdJy3XVAtF2+U=,iv:PYokWslsh62z/A0ovueEKmp4Ft7zczPlUsTbHaP3464=,tag:9tf3gtmo9ps/TR6RWwAIhg==,type:str]", - "sops": { - "kms": null, - "gcp_kms": null, - "azure_kv": null, - "hc_vault": null, - "age": null, - "lastmodified": "2022-12-27T14:23:02Z", - "mac": "ENC[AES256_GCM,data:e9KCj4IT+JozPfGGI+6h9l2XzIp+X4GWd2eJaJtvkh1AwrGeMHrOsODSed7VrXvEphWdp6lpur6RLjRpOjfjYx2pLvSmwlzEmPMNEdXsqUOZ9TBcfvr0GNS9jjqODigZdkV9xk4ewTHUu/mHI+E1YaVvvmxdtY5J5OxPSfp3v1k=,iv:nMU/9cksmCYI3gDqajZgrOJiK/XUMnj/xbxpceHQSVc=,tag:fDnEQC8LGvwQkK3yT/j93A==,type:str]", - "pgp": [ - { - "created_at": "2022-12-27T14:23:02Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAKR2IFELTa7fiOCfmNK/LQpubb6nfsckcjRI3SkCCTzAw\nEXQlE3uffl5nS5asRHClbAlqMjJ8VUu6rRFn5CA9WE4WRhMwyb43OGjfbq/XZ3Qd\n0l4Bt8aFVuG9qABrJz0Af0fxbMkudvAYfrOYC3xBRRXplfT9C1nsequ8iB3p6P4U\nHPOa8C+x2Nxcdj3LQb5Y9wZPxPFe83FOeZsc4NU8Owyg2JHd4+WZwb/GlsEoyzPd\n=++pf\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-12-27T14:23:02Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAQA9FxCaP4DlenocEO1QjHxHml29D3Z4Z+kc+j8y8czYw\nLgPW/609sH8154aQ9RetBTKExT6rfztU+mz51lTDt+26Ob5ubTQkupiJW6jLjQ0l\n0l4BNKCAh3wbq8UZrSAAGlAIND2sdln/AgCW1u6Is79kbTOiio3lTz0ANpeex34Q\nmgdAnT4cjMmFUND4DUBjY132VZAO6Mm8hUq/cwLPq30Hw96ziqqKA7QvV/DJTrTy\n=voja\n-----END PGP MESSAGE-----\n", - "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" - } - ], - "unencrypted_suffix": "_unencrypted", - "version": "3.7.3" - } -} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/mta-sts.bouncy.email_acme b/hosts/surtr/dns/keys/mta-sts.bouncy.email_acme new file mode 100644 index 00000000..6f75f420 --- /dev/null +++ b/hosts/surtr/dns/keys/mta-sts.bouncy.email_acme @@ -0,0 +1,26 @@ +{ + "data": "ENC[AES256_GCM,data:MKHoCzI9odlwPov5Ci9r2IaFCCT7DhOB8EJIFNdgG8xLwdk67SkTQ3kMGXM52EDPWdZ6a90HyKVDgL3O2vl8wbRu49jAIxCYr4t3QhLserNpMikxvAqItivtJKvBL0ah8B4mbjEH1KLou8DZgpDPdL8s+MxTOuYuLBvu/LPGRyabhKVSXmSRIL1iYx7RShe6r2PxiHN6wPmISj9YcwuuWygQRxkEqpybjUQzJe8tYFzuJ19rIUCZ26hI+k3khtFVET4TnouQAdTYXx6I/t/8Q8P7oILPFq4c,iv:w85RawhDWoLtTpWcbHo8W7bXCMa6apQNa4pQLd/whZc=,tag:z3WELFieEDeP9Zrna5brfQ==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwUUhXZjVuUTZHcVBxTXAv\nYkJLeDJ5ZmpSQVJBQ0NxT3h3c0xmZjNKcmdBClVLQ0NUa0drQ0hEaWVwTnJZdXc4\nMENmL2RlS2JwdTBwWnc5bDlibU9qRXMKLS0tIFdLOXhqcXhrU0VDSU5NU0R6bllL\ncmFPVHZ4RmJsSm5xaisySTFueENwVm8Kxy5iDIRnmtJScCV+XgyTSlNYzilN5N9y\nh21w8NCz/8m3RJXu/dYbYZQDUKSis1fsf1Rt/WF1rikYzR3n7NSsMA==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2022-07-10T09:38:55Z", + "mac": "ENC[AES256_GCM,data:w2Ir2YQgkH0+5jNFW7mHyFVW2VEh98ADI99v6e55U7jKdEn70oF8cv787kMHNqpbwYamO9pSAz14is5Po+n11MH0UxESuU0cE7tfvoaUDIDgHNFVENB9dlKrKmnzXyEbN0+p33EP+/QmKYu4yLGc8t33NqoeD7Mc2McnmXJUvm0=,iv:7N480RaBLjIBXWJZG76VzIEyxm2eIxOi9GoZbGm2H50=,tag:JceWZoMQMwqxTYBRMPRnzA==,type:str]", + "pgp": [ + { + "created_at": "2023-01-30T11:01:13Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdASX71DcGthG2E6rdE7SGC1bCL2Dnj1YQh+ObsyDK1Y1Mw\nqv0NDR2db4HM/hCcaGD/Nw4+94b9UYD5C4LQBw2Yp4BXSR1HShD4NPSwYwXh3XIj\n0l4BCeTy6yLAqxiiY/DjltHbNnff7/lLrc1HmQYYJa9pOefhfs2Lm2ezmr8Mzi7M\n6rJBe8t7b12xd2k3NVdDaH5p9pl+4XQK73nyXEmD9pQt28tMxqoBNNKaTgABQ+qw\n=xHEu\n-----END PGP MESSAGE-----\n", + "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.7.3" + } +} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/mta-sts.bouncy.email_acme.yaml b/hosts/surtr/dns/keys/mta-sts.bouncy.email_acme.yaml deleted file mode 100644 index ee78810d..00000000 --- a/hosts/surtr/dns/keys/mta-sts.bouncy.email_acme.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{ - "data": "ENC[AES256_GCM,data:MKHoCzI9odlwPov5Ci9r2IaFCCT7DhOB8EJIFNdgG8xLwdk67SkTQ3kMGXM52EDPWdZ6a90HyKVDgL3O2vl8wbRu49jAIxCYr4t3QhLserNpMikxvAqItivtJKvBL0ah8B4mbjEH1KLou8DZgpDPdL8s+MxTOuYuLBvu/LPGRyabhKVSXmSRIL1iYx7RShe6r2PxiHN6wPmISj9YcwuuWygQRxkEqpybjUQzJe8tYFzuJ19rIUCZ26hI+k3khtFVET4TnouQAdTYXx6I/t/8Q8P7oILPFq4c,iv:w85RawhDWoLtTpWcbHo8W7bXCMa6apQNa4pQLd/whZc=,tag:z3WELFieEDeP9Zrna5brfQ==,type:str]", - "sops": { - "kms": null, - "gcp_kms": null, - "azure_kv": null, - "hc_vault": null, - "age": null, - "lastmodified": "2022-07-10T09:38:55Z", - "mac": "ENC[AES256_GCM,data:w2Ir2YQgkH0+5jNFW7mHyFVW2VEh98ADI99v6e55U7jKdEn70oF8cv787kMHNqpbwYamO9pSAz14is5Po+n11MH0UxESuU0cE7tfvoaUDIDgHNFVENB9dlKrKmnzXyEbN0+p33EP+/QmKYu4yLGc8t33NqoeD7Mc2McnmXJUvm0=,iv:7N480RaBLjIBXWJZG76VzIEyxm2eIxOi9GoZbGm2H50=,tag:JceWZoMQMwqxTYBRMPRnzA==,type:str]", - "pgp": [ - { - "created_at": "2022-07-10T09:38:54Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAYwPoDNsPVr3pUAih0sMWoebzWi8KQk6nthYKrBvc5mAw\nnuAjBhLc6Tzr8/vf5JbYcPiopd4qgIbPwqW8KAK28EdAz1+VrfM/mpI3wy0lO2YT\n0l4BQBjlvteoUfgV3nYDVbma7hh78Ip7vn0ebzeYCXbGqfCmhZXuZVG9k9rQ+v5t\nenIL1aLxLOBZSbcuDF415MZvKndU5LoQdciVfsFrex8TVzrYKQ62dBr00uysEgTz\n=TPo8\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-07-10T09:38:54Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAxFqsAJsqWvEmwQiLdSmcVP29dwQF9uLgGCwQCTtjuQYw\njFRrmwCYoCAMM0J7jExm6h7bVwy3pyGeIuya8X1sf6ZRJczGXvGwByK16kVdfgN2\n0l4BAlEaxS/5F6pMNJ0TMdYBMMGJWEa4H0xSE8DkF4Ep5bdxjaY3Pz09m8HWzJRA\nelshtXB8QcFLRG9BQRcPYd4ZEM+HqUCWF1C+7hBJ2SytDSHNZlXtxfd7ey3Jxg8+\n=oqf0\n-----END PGP MESSAGE-----\n", - "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" - } - ], - "unencrypted_suffix": "_unencrypted", - "version": "3.7.3" - } -} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/mta-sts.kleen.consulting_acme b/hosts/surtr/dns/keys/mta-sts.kleen.consulting_acme new file mode 100644 index 00000000..189d9d71 --- /dev/null +++ b/hosts/surtr/dns/keys/mta-sts.kleen.consulting_acme @@ -0,0 +1,26 @@ +{ + "data": "ENC[AES256_GCM,data:23qTQLFAPxPZoyZTzWRO7FUiaJqX4OqPibgo7vwf8xMHxY4+f40CJIsPzqxY++2ibJTOdazIHrA4qc5DYXU+CQyaUgLOJR1TDlqYvOh0b3OW44dJxKrFN2SAHHLOrOlYl5lG8wJBfY6Wlimu5lPAwVLe3T3J9sjVsyC5cq2x3UZHXN0sQuo8D1xuQKW+Mnjk7Ps63XC6dmhT3T6lsZiYgaZD15MNCVrhyHZIJ0gVJiqbwF/JFWN9fngpzYjoP+P2p5X3L8ny8+wPQ8Asfx49FF6ulMr1TXrDAn4ulGSmQUU=,iv:PGSTIaRbBfd9HDN9GY/rpCwByJ3hWohDs4TC3BApSB0=,tag:eOSnZBplKoNXbuinQ7SOjw==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRb05RL1RQZGlPeHIzLzZM\nRWFjSDNqcEp5dGJIUjcrRm9yYXJld2xMVmxzCnYvZHNEbDErb2FPY2dROXIzZngw\nNkQxTVNhcUErV3RQL01UVkVNeGdHbU0KLS0tIFpaMG5hYktLL1Z5UTRlR1VzRDE4\nZ2xxaWpvZG9WRWlrYThHaEpDQ0psclUKzmBCBGOa3fZfZ/P0DA04B0eayopclIEm\n2bXxOLc68YRod8jrDvEiDGD4caj5Eq83Et0ffuntpGxasRSwbpfXbQ==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2022-12-27T14:23:03Z", + "mac": "ENC[AES256_GCM,data:5pc74n2LKOcmkEam04IsaoXsbihL9GeT37N51OH8tL7kBKARebdp4U+/ZALnCWlmlnTwvW1mqIxIamQlITITfPXIfa+oKjB8ywNnvG0EMYSYSfnebjstpz7GqyFJfNMh7nDXm9VdoJktsnzzLDD+iwfIpsfFSkqyJkY92gThuds=,iv:nO4XyZACLjj6V2URqbOBRYlHPuKFlI+B07xq5SPgaIo=,tag:s/4D5K8+SiLCACTwG1Woxg==,type:str]", + "pgp": [ + { + "created_at": "2023-01-30T11:01:35Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAirfF+yqtqtlN3NyLyHJid6U19bpSVEYuFvy/0ZrURWQw\nVuAiyuqVIqDg2RAm+bf9gwAGE1wpn7XLsqHXmSzSMhMPNBeFWgifSOK9iOQPoeOB\n0l4B6xzTcLTA1E5Kqajzn+d8Hms+AyqarKJyq4JSo978WA0JpTydiQ1nMB8F2IYA\ns8YtU7KjdDA7LDbPurcYxBMMQm8iif7+PtlF07rtX2W3u2pYAnti+rqTdxzOwp2p\n=VblR\n-----END PGP MESSAGE-----\n", + "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.7.3" + } +} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/mta-sts.kleen.consulting_acme.yaml b/hosts/surtr/dns/keys/mta-sts.kleen.consulting_acme.yaml deleted file mode 100644 index fb11861d..00000000 --- a/hosts/surtr/dns/keys/mta-sts.kleen.consulting_acme.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{ - "data": "ENC[AES256_GCM,data:23qTQLFAPxPZoyZTzWRO7FUiaJqX4OqPibgo7vwf8xMHxY4+f40CJIsPzqxY++2ibJTOdazIHrA4qc5DYXU+CQyaUgLOJR1TDlqYvOh0b3OW44dJxKrFN2SAHHLOrOlYl5lG8wJBfY6Wlimu5lPAwVLe3T3J9sjVsyC5cq2x3UZHXN0sQuo8D1xuQKW+Mnjk7Ps63XC6dmhT3T6lsZiYgaZD15MNCVrhyHZIJ0gVJiqbwF/JFWN9fngpzYjoP+P2p5X3L8ny8+wPQ8Asfx49FF6ulMr1TXrDAn4ulGSmQUU=,iv:PGSTIaRbBfd9HDN9GY/rpCwByJ3hWohDs4TC3BApSB0=,tag:eOSnZBplKoNXbuinQ7SOjw==,type:str]", - "sops": { - "kms": null, - "gcp_kms": null, - "azure_kv": null, - "hc_vault": null, - "age": null, - "lastmodified": "2022-12-27T14:23:03Z", - "mac": "ENC[AES256_GCM,data:5pc74n2LKOcmkEam04IsaoXsbihL9GeT37N51OH8tL7kBKARebdp4U+/ZALnCWlmlnTwvW1mqIxIamQlITITfPXIfa+oKjB8ywNnvG0EMYSYSfnebjstpz7GqyFJfNMh7nDXm9VdoJktsnzzLDD+iwfIpsfFSkqyJkY92gThuds=,iv:nO4XyZACLjj6V2URqbOBRYlHPuKFlI+B07xq5SPgaIo=,tag:s/4D5K8+SiLCACTwG1Woxg==,type:str]", - "pgp": [ - { - "created_at": "2022-12-27T14:23:03Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAPNnBI8+RdSV2BArAqqBQZ2AEjkrvKtl9KA/ZUyEqJyEw\nykVNwIOFa/LkWGojkbuozkvAaZnLaHVq90dAtGmeapfshTwocHWQrwYUpsDKpg86\n0l4BmfY8MR35TAzi8PLN/twTwKJGeuqaelNF8pYA6cLTqfMOCwTBqzq/GxvtLmOC\nfGG0WfktIVqJ2dsg/GSUaef86R4coq4RbzSZ48+9wCqM0M2PXz/ZjoTesmNSpGJU\n=WW0d\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-12-27T14:23:03Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAysI9J0A1cdISPE6qONk2wGbgmub7Kc5an4XVWUj0vUow\nZW3RIBQXwTDyrcWjGDeoxK4k/2uWCuDWcUUKtiNtitQioaq1RLPrHACKRbfJQrX8\n0l4BzrBvz6FmTFVCgrK9+knE+VxOCkYRKR9qE6OI5I8gLGTeF2HOkxQCtC3ibbEX\nTmvUh88riy613MWe8RbgNgpLINOkBa7ifkUenoDuDbZ5FvcKNzNSv25lYewPFbaz\n=rds+\n-----END PGP MESSAGE-----\n", - "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" - } - ], - "unencrypted_suffix": "_unencrypted", - "version": "3.7.3" - } -} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/nights.email_acme b/hosts/surtr/dns/keys/nights.email_acme new file mode 100644 index 00000000..2d557677 --- /dev/null +++ b/hosts/surtr/dns/keys/nights.email_acme @@ -0,0 +1,26 @@ +{ + "data": "ENC[AES256_GCM,data:HAAFVb+g52gyAhYLsuqsVI4rPyl+jRTGm41Pf+AOykWK9cythHSTiUeCJGKQMvmSqjsCFqwswJWaFwz9qbSzGcrcI3CVLpjbi++x9sv5xhV+bSX9ROqpNSOtgHp08irgCST+rFXtwj7VX3SYZnV8NyEPzyk8ztPBZpn0VHIt7tS+t/oT7GHqhe0c4Ct8FXVzEkfBC28CQdJaJw4m1ZSE00Lm/sFj0On2y2BZfMhq4a3SnE1ktZNVHyBbCdVrMs83Zjq09DBSLDo=,iv:iRR3JPrl0sGij4WUNRaFna9ijKfeIPZusAiCYuS/faw=,tag:+txhhwlBbzncdUhRd0b2Ew==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB0RTdOazUzbEJnMXgwa2Ft\nbjUyV2RoVWtjUnZJRnNRV3VveUd5a1A5ckVRClRlMWJKaEYvaFhVeWhUc01XY3A3\nRnBRWGZtQXZrSkVKaFlYbjlheDRGSlUKLS0tIHZTOGpNd0ZmVmlDeXI3c1J0Ym5i\nWFBsOU9nUkF0bjlQNmRBQkg3VWxPME0Kul5SVpKrqSybIb3+svKry+YaDPsyBQyV\n0MxplxBegmij+kxe7z6AWE5aBhPHlsgMvatWIAsGS5Dyizou24us2g==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2022-02-22T14:44:08Z", + "mac": "ENC[AES256_GCM,data:zsV4ZC/+H0d5EVRsGy7niGAXjhw9iEJ2IIT3ED8OaYd/TNDu/pCyCH5YvSnCGfi8/d4caaCUhUUKMCz8SG46lmvVPqHz516MfS2/lp21py8LhGuHReeAa6/xFrbBDmuECiY7RHv8tm8VnwQHOlZNFUpCIJufeZQUoAcYPXW+L7s=,iv:1wq8YlBhnzV6fofpA1QfX4mDcxJyzQUv+HphyjsvzcA=,tag:CEZIlqv0VfyKkFLxH3VK+A==,type:str]", + "pgp": [ + { + "created_at": "2023-01-30T11:01:25Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdA/BFyVdLikkGm6Zj34k8ZrB2Jx3QAXElfanVrespkmHow\nXt5RTi6flunmXc+PyYNuLETdwqegoDuZ2SN76QU9D30DqPLcFCq4PMK5D5eaPbxW\n0l4BACp6/UA4Eudf9DXfLEpM7O7WycZRVOC037FGNfaNgSxp8OgkS8+18kr4l31i\neSVh6/8zDKjAPFc8kcMWsR9woBI5IgH2B02u/RORXIG016wEFNF7G3BC2zzTM/Yp\n=cpAa\n-----END PGP MESSAGE-----\n", + "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.7.1" + } +} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/nights.email_acme.yaml b/hosts/surtr/dns/keys/nights.email_acme.yaml deleted file mode 100644 index 5bf19aa9..00000000 --- a/hosts/surtr/dns/keys/nights.email_acme.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{ - "data": "ENC[AES256_GCM,data:HAAFVb+g52gyAhYLsuqsVI4rPyl+jRTGm41Pf+AOykWK9cythHSTiUeCJGKQMvmSqjsCFqwswJWaFwz9qbSzGcrcI3CVLpjbi++x9sv5xhV+bSX9ROqpNSOtgHp08irgCST+rFXtwj7VX3SYZnV8NyEPzyk8ztPBZpn0VHIt7tS+t/oT7GHqhe0c4Ct8FXVzEkfBC28CQdJaJw4m1ZSE00Lm/sFj0On2y2BZfMhq4a3SnE1ktZNVHyBbCdVrMs83Zjq09DBSLDo=,iv:iRR3JPrl0sGij4WUNRaFna9ijKfeIPZusAiCYuS/faw=,tag:+txhhwlBbzncdUhRd0b2Ew==,type:str]", - "sops": { - "kms": null, - "gcp_kms": null, - "azure_kv": null, - "hc_vault": null, - "age": null, - "lastmodified": "2022-02-22T14:44:08Z", - "mac": "ENC[AES256_GCM,data:zsV4ZC/+H0d5EVRsGy7niGAXjhw9iEJ2IIT3ED8OaYd/TNDu/pCyCH5YvSnCGfi8/d4caaCUhUUKMCz8SG46lmvVPqHz516MfS2/lp21py8LhGuHReeAa6/xFrbBDmuECiY7RHv8tm8VnwQHOlZNFUpCIJufeZQUoAcYPXW+L7s=,iv:1wq8YlBhnzV6fofpA1QfX4mDcxJyzQUv+HphyjsvzcA=,tag:CEZIlqv0VfyKkFLxH3VK+A==,type:str]", - "pgp": [ - { - "created_at": "2022-02-22T14:44:08Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdA4RV9j0rSlCLozIMcNjo3GokziWshqVqu1WWuPDPpimMw\nZs/OH5ejj7cLMl/BddTZ8AAUrjAskRj3aqwYAt+BBc8dZYFVcuRuZzSGGSkMy6VN\n0l4BCBTyyU21D0uv6EEzqG4yiiOfs5JZmny3B7wMc0qh1vK4qClF4IUPmEvEpGuR\nTBOICnfuenUaDktMHixqgXFKx7SSF+8Qs0anlSP6OG8s2G82I2f2cN7lozdgGppG\n=WZxx\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-02-22T14:44:08Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAAgoEDDUeIWqxm64kZ3DLaki5V5MFF3c7Kl/TbbmoKSww\nlZyHJtSACTrwfGBMAN+1NSKkTLTlE/q2FN7CtjfTyAWC0JLU9r3u5FVpQAXbBlht\n0l4BN8jltnkwlgw/CkKoq9rDHxfavDjfNBuSp4+8gzHj5XAvrKZKRWu0/T9LCr2A\nEon5f4kkjm99fiZVbojhjMM9drUrpaiofzMGvZeYgESRSmhTeLa1Qu6u7wb9ARkl\n=fqR3\n-----END PGP MESSAGE-----\n", - "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" - } - ], - "unencrypted_suffix": "_unencrypted", - "version": "3.7.1" - } -} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/praseodym.org_acme b/hosts/surtr/dns/keys/praseodym.org_acme new file mode 100644 index 00000000..617e3860 --- /dev/null +++ b/hosts/surtr/dns/keys/praseodym.org_acme @@ -0,0 +1,26 @@ +{ + "data": "ENC[AES256_GCM,data:c2hvYDv13AuxudKvGtbSYngACzJroxw9P98N/a8p9wB3K98vPY60JTVMxZkPQTbJGGCbi+FfqnezVSHNiSYtrD7RMeoh+BbOXfrWCkPUQ8vKP0P0F6CO3K3orFSckeSgi/NrkO9OD+8m2y19QGkgxd+BNs8KjCSYWruyt3kCuDvDN26vQY9AWD6HcPr/trDEY5uepQwjJFL4mT9JGGB5/B7G0d6VA61soJxVTdxp8oCzRGcSjaVoPlr77A8GDOJfFYviVfniLqZc6Q==,iv:MqhPxouSV5nQWXptSlINyW+AB5pwUVnSFT6R0+VZO0c=,tag:4p0wypyqWRk+ussoi9OXPw==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1SUtQQmJpQmZ5OXhScE1p\nSmo0NHU5cTVHZUhzc0ZJNEs4cHRkRnl3R1RFCjVocmpqdUJUczFtU1c4YjA2di9n\na2VaeGtMcXN0Y0Y0RlMyL1BpTVIzVmsKLS0tIHdYWTN0N21BU3d2Vjl4dnN5K0hN\ncHNUdGxFbkMyK01iZStqdjdqd3RIeTgKyWEFQSFVMFyaAF0WnjEvdcCv+v9bIFyg\npKQ735dIAa/Xk7gWy3hie/DEgfJlel3Y0I7qStrm77Zggxtp8ApD8A==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2022-02-22T14:43:36Z", + "mac": "ENC[AES256_GCM,data:YqS+uQXyBP0BMdz9R/SxjidSo7pVUFW78M8cPX6z55+j1gGKfDhEwQMUNZaGly1bvoma+a63NjUi4O4iEYR46fC3PUsVaf8S3Uqk0KYWIedDr9XqAxPBnb6wWFrNo4wwgq2mhaIitziK1QC6pdAgS/iNlGNNbCCbYmjzMLzQc8Q=,iv:BraowcHMeSQfImK1sONbefGIn2VWVGzLBBFLDwYGf10=,tag:oXvnGalny9kvvQpKMx8OcA==,type:str]", + "pgp": [ + { + "created_at": "2023-01-30T11:00:57Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdA5N60d1tDqQ0Kmp+mQkSgsTePvlmzEZ26pDjENukriVAw\n4TW5AZlAINdptcSpW8qCoUvOqtQuChrm3wnqXJo+suRWzkn51lFoD0zxWLNfyum6\n0l4BhliJoMXOVzD/t1gdoKpjfvTiUX8bnyxQhZTFSxvVOnGCQwRDVxoBNg93jMau\nt9YIir4fEKAr5299GxKflEmF6bj842OBzDvSB8l246Roli1OIyKDWK7KOVA4nlqN\n=eefR\n-----END PGP MESSAGE-----\n", + "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.7.1" + } +} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/praseodym.org_acme.yaml b/hosts/surtr/dns/keys/praseodym.org_acme.yaml deleted file mode 100644 index ab0000c9..00000000 --- a/hosts/surtr/dns/keys/praseodym.org_acme.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{ - "data": "ENC[AES256_GCM,data:c2hvYDv13AuxudKvGtbSYngACzJroxw9P98N/a8p9wB3K98vPY60JTVMxZkPQTbJGGCbi+FfqnezVSHNiSYtrD7RMeoh+BbOXfrWCkPUQ8vKP0P0F6CO3K3orFSckeSgi/NrkO9OD+8m2y19QGkgxd+BNs8KjCSYWruyt3kCuDvDN26vQY9AWD6HcPr/trDEY5uepQwjJFL4mT9JGGB5/B7G0d6VA61soJxVTdxp8oCzRGcSjaVoPlr77A8GDOJfFYviVfniLqZc6Q==,iv:MqhPxouSV5nQWXptSlINyW+AB5pwUVnSFT6R0+VZO0c=,tag:4p0wypyqWRk+ussoi9OXPw==,type:str]", - "sops": { - "kms": null, - "gcp_kms": null, - "azure_kv": null, - "hc_vault": null, - "age": null, - "lastmodified": "2022-02-22T14:43:36Z", - "mac": "ENC[AES256_GCM,data:YqS+uQXyBP0BMdz9R/SxjidSo7pVUFW78M8cPX6z55+j1gGKfDhEwQMUNZaGly1bvoma+a63NjUi4O4iEYR46fC3PUsVaf8S3Uqk0KYWIedDr9XqAxPBnb6wWFrNo4wwgq2mhaIitziK1QC6pdAgS/iNlGNNbCCbYmjzMLzQc8Q=,iv:BraowcHMeSQfImK1sONbefGIn2VWVGzLBBFLDwYGf10=,tag:oXvnGalny9kvvQpKMx8OcA==,type:str]", - "pgp": [ - { - "created_at": "2022-02-22T14:43:36Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAWVg759WL5YeSVLnx4g7PlD0DKo1+zBiZUOgnf9RHnl4w\n5wLTfTaYvXhd8j8y359dbvDER4r9isbpBfVZP+MGP4d3FdLgJCKm5WV6K5ES0bFN\n0l4BUX/KQeh0t/Phy2GZkmFyKu+3nr5Jl+veKIWJLZEfUCILX8c+X3e/4bZr8++n\nR2u5ZrFBENtaGxIdUpkxemQhGtd7BGtXyy/aCjRKY3MbCj4pmnAyushPaMC1+igp\n=LMQ4\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-02-22T14:43:36Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAxpKmbaTfh5aDBOZWebVK/eA3T5sxS5fbW+cE/I54zF0w\ne0QDeamgTVrMQaDH1zCqoJcFNNkWnTErQVaOMSDBlwuFQ7KaoghONl8qCbY60MuI\n0l4Bt++Iu5e3bOLOkdl+RugclmGHpdpHAuJxbcnw88BKV/gYX1ntNEGgMHGcOl4R\nC8JjHYFdOtohPAUEbWf1ogkllwxxkCttWGFa01hL6W+ogJxGFhRcOm/zcjBE/3Vm\n=MKMA\n-----END PGP MESSAGE-----\n", - "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" - } - ], - "unencrypted_suffix": "_unencrypted", - "version": "3.7.1" - } -} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/rheperire.org_acme b/hosts/surtr/dns/keys/rheperire.org_acme new file mode 100644 index 00000000..b892e39f --- /dev/null +++ b/hosts/surtr/dns/keys/rheperire.org_acme @@ -0,0 +1,26 @@ +{ + "data": "ENC[AES256_GCM,data:hIjVHJFFSY1ZxdRshObpEK/DKynonKOF1D5ohO20Vy3kRigNH/bRJA9WmCNjg8l7xstVzf17pPEuSFyFnP7T17bbJsWxMuIbknBmuWLE66pNyTE3uwXqx+7ckQOs0w82fu8cmPRdlu+Lg9tp8jbJ8ID9QRlOVQr+IRIIs175xzotMlLgfHC5j2RjyR/3LPLa6lr9CNpmb5J9UYqC/mhPan2YkNTvfFgwKjVOaFtiMvD7lbQ2avfy+ejWObAozaPAzArTl1xDM/C/vg==,iv:UunLoBDrQxphbQvAvOKtxJNOGO1aWXrNWptE/F/nxXA=,tag:ZuHSb22cUTHKqoouMnhxQw==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB6RmxxTnl5a2NtOXJuTHhE\nSFNVWC9qVklzZmpnejgxU3BrNnd5elorblIwClhlMEZ5ekhpQ3FYekNQSVdGZWhH\nWDZUNHJLZWhkMjVoTDdJck5tRElDYlUKLS0tIDd1RjlmMjg2VjQ0am8xZytnc2hC\nWGFXaVRRdW9NODNxOEkxZlRTazJ6d2MKOOM+J0RLdHulmFxuYdphuHekD4rAmz3z\nUcUENDiEl9rk7HztufpmQeW5po1CUWcVnyA5RlIJhO7s8HkIHfwe4g==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2022-02-22T10:03:06Z", + "mac": "ENC[AES256_GCM,data:W9FBhr/dvXw1spmHe4xKutiFcLtqkv+L/EYd2b8h2YD2ptWGj7HUzArOwGgpce9WOz7mS5WRF22vhZPzpKQ0aE3w8S4g9kxoYLDYBBP6itGJVwuvodZs0iu/dg5RutlwD5mA/iiyjqP9aR6yg/w41zC2Arc0dtHHOP0z+7zaZXw=,iv:62tzgTnfdFy/qVHMXvDdmowuzwX9Hlnmqnkobd7jPGE=,tag:GpjsYHtrsJwyzxxSf7wv3A==,type:str]", + "pgp": [ + { + "created_at": "2023-01-30T11:01:51Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdApcCDRpDnVmPvQLemD6z75rKRlfxKfxhu46FkXp4fvCsw\nrbwih2RTCkikT9gyZmYCPoRQrUo3V32PgT9o0UT5WLtNV6EhOSjjL9JB6oYQtT1Q\n0l4BWRo4E0av73xZKq7W+3qf6ufwzKJ2BC7wWM+Tvh+Oggym6dy5ig+cGP80mfLV\nSF6AiH+nC2JMm7aYpLpXpY8zrVIuIsSd0bswycrFD+rOK7G8iK2WAuTInP+zzV53\n=r6TL\n-----END PGP MESSAGE-----\n", + "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.7.1" + } +} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/rheperire.org_acme.yaml b/hosts/surtr/dns/keys/rheperire.org_acme.yaml deleted file mode 100644 index 5fb94a1e..00000000 --- a/hosts/surtr/dns/keys/rheperire.org_acme.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{ - "data": "ENC[AES256_GCM,data:hIjVHJFFSY1ZxdRshObpEK/DKynonKOF1D5ohO20Vy3kRigNH/bRJA9WmCNjg8l7xstVzf17pPEuSFyFnP7T17bbJsWxMuIbknBmuWLE66pNyTE3uwXqx+7ckQOs0w82fu8cmPRdlu+Lg9tp8jbJ8ID9QRlOVQr+IRIIs175xzotMlLgfHC5j2RjyR/3LPLa6lr9CNpmb5J9UYqC/mhPan2YkNTvfFgwKjVOaFtiMvD7lbQ2avfy+ejWObAozaPAzArTl1xDM/C/vg==,iv:UunLoBDrQxphbQvAvOKtxJNOGO1aWXrNWptE/F/nxXA=,tag:ZuHSb22cUTHKqoouMnhxQw==,type:str]", - "sops": { - "kms": null, - "gcp_kms": null, - "azure_kv": null, - "hc_vault": null, - "age": null, - "lastmodified": "2022-02-22T10:03:06Z", - "mac": "ENC[AES256_GCM,data:W9FBhr/dvXw1spmHe4xKutiFcLtqkv+L/EYd2b8h2YD2ptWGj7HUzArOwGgpce9WOz7mS5WRF22vhZPzpKQ0aE3w8S4g9kxoYLDYBBP6itGJVwuvodZs0iu/dg5RutlwD5mA/iiyjqP9aR6yg/w41zC2Arc0dtHHOP0z+7zaZXw=,iv:62tzgTnfdFy/qVHMXvDdmowuzwX9Hlnmqnkobd7jPGE=,tag:GpjsYHtrsJwyzxxSf7wv3A==,type:str]", - "pgp": [ - { - "created_at": "2022-02-22T10:03:06Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAKlsVaoap1ggCLt6/FssPFSQaYVpFdfm1T70mOZ5kGgMw\nH57MoD30qRWwgXWqS6XWRsHtzEcLBs9GepOCHplkiTGTmtiJT3P4xDIIvbFvLCOi\n0l4B0H1Nj+xUejKbkkCpzFZwcr1URP6tdOALMBo+SEqtiEJZjey/3oK+eH965nAq\ndkgBUoaW5V0iF5dOAtWk35m6ZJq6KY5VFcgtqrKk4AEr7tc1QaolIsRRKKlPTuWa\n=tcS9\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-02-22T10:03:06Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdA0Pq+4uKichWgU6MdnrScKcfKow1TGG42Gb+sbuQjglMw\njEUbtoJAPmkyFXEBqQdJKiOvTQ0SPdA6AxsxvQzVudRe/Rlscmp1831EcMnsb/2p\n0l4BZZvVg+bSCWOKNwrWj66pzNIvLdGpdLn+K42zTreq4jwmfy9Wm855enyXSj/b\npWdH+LT9KQcasjET6+N8jZwTtDcZatwx+n57rJ9N6bG3fvbVy1oC17BrbRH9vzaY\n=JtBh\n-----END PGP MESSAGE-----\n", - "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" - } - ], - "unencrypted_suffix": "_unencrypted", - "version": "3.7.1" - } -} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/spm.bouncy.email_acme b/hosts/surtr/dns/keys/spm.bouncy.email_acme new file mode 100644 index 00000000..254dca46 --- /dev/null +++ b/hosts/surtr/dns/keys/spm.bouncy.email_acme @@ -0,0 +1,26 @@ +{ + "data": "ENC[AES256_GCM,data:I8Fc6jr7yq63KQNKP1LlnZFX/AXC15HK9+3hMHFvTrqpCOZ/Pg+N5Vw+QUy2MP4F4CTE7m7yPSrejqwHiMT7OUVvEbxywgwbT9JBN8YUVhorp5FcAMXoSWDFOxgzpQ3YRR+2FcRO7M6VbCFzp7yCQY9I7/OLWShUPZv9oEBI1LRtx9Zko4yMPRF895wvIqR50KHmvL4YQhPubIt4dozYi3yJSAKLLgBDVF64I+YactydP1LLpkq+JGb8DIYRwyGxFCxM3U+1wrkbSioR3Ut+Xw==,iv:46KiDfXa3eVewPDouUYOz7PenuwaRbOgbuSDmMTVBXs=,tag:DZphA+jv7FpYhW+spnFnIA==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQVWZsVEpuM2Vra2txWWF3\nMEpkL01GV2tHWTB3djUyQktlMk1tWWhxR3pNCm44bkhSSWxGZ2JoZFVFekorNzlZ\neUZSSjMrbVNSZnpkdkY1MkVSZXVUb2cKLS0tIFRWQTZPcGtuZ21MZCtTSTVtU1NL\namN2US9NNnlSdmZoWE1nSVNSTkVuT2cKKWrP20Q/Af6NNat66M95GensgbfiLFEu\nbje31iwmG680e5XI6jAB3COnFUZ33iKeQCDyGD1c0k4fBEbcHUVTeQ==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2022-05-15T13:16:43Z", + "mac": "ENC[AES256_GCM,data:ctSwR9AUO7jcAto8H+qic4bZ14Zu3Vh/yH/TANLLDomEOcpfUjGneLO2mv5J4RM0O+G0mMULseqMXYWPYPAaXLz91ynkROoX76q/H+yf+mDBl7bfO/tzg8XmAZvQjtBCv7ctLY1OXe144uOoxeYfrM4Tv72K1dehEI/eJPCNIak=,iv:bwhXaEOJte0LmpKS0pQ4nLgrCrcmUNIqCdcrm6c/7b0=,tag:pzCYdGnYC8cPUL/h9V5z9w==,type:str]", + "pgp": [ + { + "created_at": "2023-01-30T11:01:37Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdA1olWUsnPciRmWYn6JWD43zWVwz+1dHUTB6Wj1nyyATUw\n6qjZASa+xhauJaHCgF6gRNhiNEuN/a+a+jhQFJV096cYQwI6BXfi0pUbACpNwwOK\n0l4B7rFp/0lkGIkZWPYHdZ7Cj1qTIaPXyEgohGp0gjMuaxn9Ef/lE0gx5kQQWXwU\nNCwYFmNm9huNxd5SpMxve12Cikwhlne2J7KjqOfYrDRbB/eKYrv62KWBaMa4cMuu\n=d0Sx\n-----END PGP MESSAGE-----\n", + "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.7.2" + } +} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/spm.bouncy.email_acme.yaml b/hosts/surtr/dns/keys/spm.bouncy.email_acme.yaml deleted file mode 100644 index abddfb7c..00000000 --- a/hosts/surtr/dns/keys/spm.bouncy.email_acme.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{ - "data": "ENC[AES256_GCM,data:I8Fc6jr7yq63KQNKP1LlnZFX/AXC15HK9+3hMHFvTrqpCOZ/Pg+N5Vw+QUy2MP4F4CTE7m7yPSrejqwHiMT7OUVvEbxywgwbT9JBN8YUVhorp5FcAMXoSWDFOxgzpQ3YRR+2FcRO7M6VbCFzp7yCQY9I7/OLWShUPZv9oEBI1LRtx9Zko4yMPRF895wvIqR50KHmvL4YQhPubIt4dozYi3yJSAKLLgBDVF64I+YactydP1LLpkq+JGb8DIYRwyGxFCxM3U+1wrkbSioR3Ut+Xw==,iv:46KiDfXa3eVewPDouUYOz7PenuwaRbOgbuSDmMTVBXs=,tag:DZphA+jv7FpYhW+spnFnIA==,type:str]", - "sops": { - "kms": null, - "gcp_kms": null, - "azure_kv": null, - "hc_vault": null, - "age": null, - "lastmodified": "2022-05-15T13:16:43Z", - "mac": "ENC[AES256_GCM,data:ctSwR9AUO7jcAto8H+qic4bZ14Zu3Vh/yH/TANLLDomEOcpfUjGneLO2mv5J4RM0O+G0mMULseqMXYWPYPAaXLz91ynkROoX76q/H+yf+mDBl7bfO/tzg8XmAZvQjtBCv7ctLY1OXe144uOoxeYfrM4Tv72K1dehEI/eJPCNIak=,iv:bwhXaEOJte0LmpKS0pQ4nLgrCrcmUNIqCdcrm6c/7b0=,tag:pzCYdGnYC8cPUL/h9V5z9w==,type:str]", - "pgp": [ - { - "created_at": "2022-05-15T13:16:43Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdA8Qw/R0Q22h6YqOt3yLHzFH8ef5tc6oBNx+1lGtxOi3Qw\nEJko8z7Lv5DScheFgECls03rlt9HH7cmPnkQhUnqmfbyzYuosLVM+G0bswpu01ot\n0l4BNBsavoLAa68LFtJGBViM1kojb/UteeYC1cvq2TeXLNaQ90QmGnC6GJHZvzpi\n/u7Rl0DdGoagHrTtVKnNGtvOdwFYeG6iPRHl8Ko9D0HTkgW7dkJ77tw2Wqt0POjs\n=BhzO\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-05-15T13:16:43Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAFp33Ruo0AivhV6jjRzoZQvtexS5WEkeoKf4xjRjmKB8w\nRCCCUGiwg8+sz9q+T89QeV26yIQBFQR3kvoamPltW+VZfGuh3oPjl6NbL0MpGsr5\n0l4BDJgG7sIJRZokW0/pwdAJ0PZrKlPxtUoaorM//pLGd0eNbIUGlNT2Jcvsc3Z9\nIkMISOK4wcTj/KvCXfPsN0KiedEKYEj4pq80h1hIWu2910yicSKVNjfL7lARUgTk\n=qTBm\n-----END PGP MESSAGE-----\n", - "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" - } - ], - "unencrypted_suffix": "_unencrypted", - "version": "3.7.2" - } -} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/surtr.yggdrasil.li_acme b/hosts/surtr/dns/keys/surtr.yggdrasil.li_acme new file mode 100644 index 00000000..2aed1a5d --- /dev/null +++ b/hosts/surtr/dns/keys/surtr.yggdrasil.li_acme @@ -0,0 +1,26 @@ +{ + "data": "ENC[AES256_GCM,data:4+Pvq42ibLYLxaBBf0Q8gVYglcCdABu8R3M5haawnPSadC53u1+2vx5cujznaUE0vpNJKRDhrHKmctbY6azhgWWvd+PIJ7QtbIEn+9ZhFPsaufrVxXCF/2/wPR505cJiIx0ydeE5G8a8AwsSexLPNg8cBENjkPlImd9LnxIVM3xwpjnNasV7B+OkOnK9twAh51waJLsVYrlS1VOJRh3Q7tuJWlBtQu0YWdImmxvtrz30h2MHg8g03bkL91z5NSf6mbMkLwj6dRZYlXpPMKMi4ZjsXFk=,iv:7bXn7FQwQbLF8gp115OAO+r1eqjlQklar/ADrVJaJOw=,tag:R2NmSMATA1rRQazoV6WfMw==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBjVnNQU21NYnBTY2x2R1Vk\nclNMYkgwbWM4a3JIdUhKcUFFWEFndnc5aWw0Ck83QTBBbEpkVlVZcHpwOEF2bExR\nUlVpaGRiSk02dVJSSGtpNzd3bU0vWHMKLS0tIE5iVU5CcUlTMEhQWlhGeXUzSHpz\nY0pJREkzcGQ4by9JNWhjbHE4eUd6STAKb2qpOMHJuHEieljvyv2Cw9BDGovTwXtc\nsT3yb+nVI6jUIG4zx3G2Bfs0K0zGV5gWRbrKF5tbhWqtBNuKzAMf0g==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2022-05-05T11:44:30Z", + "mac": "ENC[AES256_GCM,data:fLYGT6nZqQEE71WV6lhmXcX2HpQBwqRqd4j9D7YwXXCQolK2v4vqND8cjn2Ni71eWxoJRqHSVWOcvK39EM+kphcmH/wqLMYhdfjkP+DisYecO8LSF8MC1mhADz/YAQQfSs1Fp73JBEOruWqeyXsCB0uSfuIk5w6P0oihzZEddys=,iv:kdLy5pPPfOhyT4E0PV+cbb/007A5maBtQ90ZaCvUHGM=,tag:QJrlCAoFTosBYTgqfca/SA==,type:str]", + "pgp": [ + { + "created_at": "2023-01-30T11:01:47Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAvY/jNy+EebMXl+HC52ZZqpaTbmrwOirWpS8qXq6rozAw\nmdXNMqWkxbOo2P2KzaiSYEis3Wxx3HJ7HQj8rC6tpe9nhzeOK1wJJIgQTsuTXF/Y\n0l4B4OlrloP4ecgEK/atvMR+lNqFKTOIeDT1LFBPipZDsqFdUhThECzALqAIVCnK\n4HVlGO3qL+AitTCEOdr640ntOl5dmR42kSdHcrO58ndoNR4fP1uwD6Qbtt0wxwDP\n=Ybk7\n-----END PGP MESSAGE-----\n", + "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.7.2" + } +} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/surtr.yggdrasil.li_acme.yaml b/hosts/surtr/dns/keys/surtr.yggdrasil.li_acme.yaml deleted file mode 100644 index 4523b3ba..00000000 --- a/hosts/surtr/dns/keys/surtr.yggdrasil.li_acme.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{ - "data": "ENC[AES256_GCM,data:4+Pvq42ibLYLxaBBf0Q8gVYglcCdABu8R3M5haawnPSadC53u1+2vx5cujznaUE0vpNJKRDhrHKmctbY6azhgWWvd+PIJ7QtbIEn+9ZhFPsaufrVxXCF/2/wPR505cJiIx0ydeE5G8a8AwsSexLPNg8cBENjkPlImd9LnxIVM3xwpjnNasV7B+OkOnK9twAh51waJLsVYrlS1VOJRh3Q7tuJWlBtQu0YWdImmxvtrz30h2MHg8g03bkL91z5NSf6mbMkLwj6dRZYlXpPMKMi4ZjsXFk=,iv:7bXn7FQwQbLF8gp115OAO+r1eqjlQklar/ADrVJaJOw=,tag:R2NmSMATA1rRQazoV6WfMw==,type:str]", - "sops": { - "kms": null, - "gcp_kms": null, - "azure_kv": null, - "hc_vault": null, - "age": null, - "lastmodified": "2022-05-05T11:44:30Z", - "mac": "ENC[AES256_GCM,data:fLYGT6nZqQEE71WV6lhmXcX2HpQBwqRqd4j9D7YwXXCQolK2v4vqND8cjn2Ni71eWxoJRqHSVWOcvK39EM+kphcmH/wqLMYhdfjkP+DisYecO8LSF8MC1mhADz/YAQQfSs1Fp73JBEOruWqeyXsCB0uSfuIk5w6P0oihzZEddys=,iv:kdLy5pPPfOhyT4E0PV+cbb/007A5maBtQ90ZaCvUHGM=,tag:QJrlCAoFTosBYTgqfca/SA==,type:str]", - "pgp": [ - { - "created_at": "2022-05-05T11:44:30Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAO6YzCUEucOdXkrSHAVb7Evv2ouIgsI44bvG39sM9mTcw\nExiQR9nGBTrVUIRX7Gcb6GbDOHfYiSXhIi6CVzF7gRwe1iJGM1T6fheA30VuJ4uk\n0l4B3F4m/Pqvgp9NaBGQQDQOaCTD5NjwK/2lZtuMckQMUi9df4nEA9khJHsw8nx5\nSGU8QZquE4Kyi//pEFycoQ2q0QvKqg8JoT2m7TG5EBFXea1xfbZOZNIANUB8LnOW\n=vaJN\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-05-05T11:44:30Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAgqn8CAAZu2yB5YUfmQtMxMNJr3D40jzBH1oVmV862lYw\nlEAvxqlzV7xj/pLLfcQm/fxVu6c1tQlD4nA00VceQVZN8bm0kOzwbl+MnCYBiHps\n0l4Bcus9lKpaEpz/SB2no38/VCeM2mFnWPkUuyaLN0+xlosq4/laLhLe4NzXW8BX\nQKv8FLX0GxywRzonaLBf4p9Za8EXKXv9xMf5iYst4vG0epj4MCCxp6IH/uNDJwFt\n=yguK\n-----END PGP MESSAGE-----\n", - "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" - } - ], - "unencrypted_suffix": "_unencrypted", - "version": "3.7.2" - } -} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/synapse.li_acme b/hosts/surtr/dns/keys/synapse.li_acme new file mode 100644 index 00000000..8d3e1c35 --- /dev/null +++ b/hosts/surtr/dns/keys/synapse.li_acme @@ -0,0 +1,26 @@ +{ + "data": "ENC[AES256_GCM,data:y50gYDyWH4dbXyFoIyxcsJu2bZRCIrlCP7lyIMp4p2Q0kHogUWlFfAxGI75cQ8aRGx2TqhuILgdn8Aq4pDll2d76leZ4GfITk0dhYf9ACShzn4hKcmWzmxH+vUu5vH3L38L5SAUaTVZc+8CWKLlXNROeiZhehkkbP80HDB5Zplfr5izioKj4A8eYcP+FqmM34kbtx4KGnaciVSmHcnsCOOUkwXnbmiCA/TjVBUyH/fsjfHFAp7tj9UXYK9aG2am3e/i+YQ==,iv:yd9oie3xIG596TuaCRo6tLYKr1r3P03/ggDElaBpwsM=,tag:28dSWp+wFsQOyz1WFo0PrQ==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBFdEJ3TXNIWTB2K0FXM0xM\ndGJGWFlYU3F1bStlL0tMRmtseWVMNDg2OEZBClFCRExGNWdUM0RVY3NwU1J2ZzE0\nWjU4OHZjUXVZUm5jRlFIMmVwV055WmMKLS0tIFJVZ3lqVEZ6S1UvZlRBZzdjRTFF\nR1BnYjR3eXFGQTBwNUFPbzQxUUoxOUEK6xuvpXbJOpbSoMjcZ66gMHLLwsO48abS\ngp2peOgV6eJOud3BpZVb4uk7ZURzT/np6oy9NjCve90sW2Vjb6c53w==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2022-02-24T19:18:59Z", + "mac": "ENC[AES256_GCM,data:Tg6sB+/2rO4PpW9bCYGUl2L6TpfsFok6m1e5kHIScfpHc0PBbr6KoMJ17sDnvjFahg7vGBi9abUTX2956+Qrko0MeyJK0iawVCxKJUY0V9zRFQFyqEaCnzSW8raXdLqmWwB7hl8FI/LrNE7+a3b8AmlaleUojXtJ3q+uJ75MxrY=,iv:eweO0KdOPzfYsyWzbDeKWZrbd5kVyJstx6JiMpO0ApA=,tag:Q/SMnAlZs9tEhbAGv9639A==,type:str]", + "pgp": [ + { + "created_at": "2023-01-30T11:01:38Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdA6I8VcbNmIhHzbm1VQ/ufL/WQk5o1m3x36Fup+EuViwUw\n1dSGH7lnzJoRd2TwXsBULzhqCblA+i0aw607oyWObO66MdcWbbRWDN5ogJpQzCHr\n0l4Bl83NzKaezqUsZDeZkNRp0dl4dIFdymBFwzwdMYV6pe15wJu7ZH3Dnx6DiRI3\niGxKFulBlcTlEBFLK8HOJTKLVvj3r43ycJYcdtsdbIaeRdFIlj6tR/jbDVaFLFH+\n=cBo7\n-----END PGP MESSAGE-----\n", + "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.7.1" + } +} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/synapse.li_acme.yaml b/hosts/surtr/dns/keys/synapse.li_acme.yaml deleted file mode 100644 index 7d219661..00000000 --- a/hosts/surtr/dns/keys/synapse.li_acme.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{ - "data": "ENC[AES256_GCM,data:y50gYDyWH4dbXyFoIyxcsJu2bZRCIrlCP7lyIMp4p2Q0kHogUWlFfAxGI75cQ8aRGx2TqhuILgdn8Aq4pDll2d76leZ4GfITk0dhYf9ACShzn4hKcmWzmxH+vUu5vH3L38L5SAUaTVZc+8CWKLlXNROeiZhehkkbP80HDB5Zplfr5izioKj4A8eYcP+FqmM34kbtx4KGnaciVSmHcnsCOOUkwXnbmiCA/TjVBUyH/fsjfHFAp7tj9UXYK9aG2am3e/i+YQ==,iv:yd9oie3xIG596TuaCRo6tLYKr1r3P03/ggDElaBpwsM=,tag:28dSWp+wFsQOyz1WFo0PrQ==,type:str]", - "sops": { - "kms": null, - "gcp_kms": null, - "azure_kv": null, - "hc_vault": null, - "age": null, - "lastmodified": "2022-02-24T19:18:59Z", - "mac": "ENC[AES256_GCM,data:Tg6sB+/2rO4PpW9bCYGUl2L6TpfsFok6m1e5kHIScfpHc0PBbr6KoMJ17sDnvjFahg7vGBi9abUTX2956+Qrko0MeyJK0iawVCxKJUY0V9zRFQFyqEaCnzSW8raXdLqmWwB7hl8FI/LrNE7+a3b8AmlaleUojXtJ3q+uJ75MxrY=,iv:eweO0KdOPzfYsyWzbDeKWZrbd5kVyJstx6JiMpO0ApA=,tag:Q/SMnAlZs9tEhbAGv9639A==,type:str]", - "pgp": [ - { - "created_at": "2022-02-24T19:18:59Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdA6+LF+H/wPOo9c9vULtkX4eFIdme1yVr4yXP/Txm1SBcw\nPfZzGMSJ5znMqkCba/+BWKksqh2a2bBWOFVxsuq4r1wjwD60F2EIlag+gT87lArq\n0lwBH3xUvEr6/FFlB8uS/se92tgVveOgxNrE5pvoH0GBcsrPMjwR6LvQkP8dD6Jl\npiFIKSYqCMUAwJ9u1aSsnHgwM1YlmAXHGK96xA4ljlglqK/aQbxw1i7vfL54mA==\n=IKpe\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-02-24T19:18:59Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAa2Z54/kxjkMbObZQ8axkNuKXD9mW4egT3pK+K7Dbj0kw\n10MA6CDqDkERh1sJaYUMSQff7AjjNsnV3KQ2WwENp4m4NuHVL4M2gVeO6sAWll5+\n0lwBLkARkdFvFCYbgfeKKM65RLNSIHLxR6H5gYFfaefjI7Ir5yGu+DhqVziAIF4y\n2UfgSMiaktqbKF4Eq/SUOTHPjjKeACx193eG06/rxQRwWrkwiiNfBtAWURAPCA==\n=2+q0\n-----END PGP MESSAGE-----\n", - "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" - } - ], - "unencrypted_suffix": "_unencrypted", - "version": "3.7.1" - } -} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/turn.synapse.li_acme b/hosts/surtr/dns/keys/turn.synapse.li_acme new file mode 100644 index 00000000..9501e970 --- /dev/null +++ b/hosts/surtr/dns/keys/turn.synapse.li_acme @@ -0,0 +1,26 @@ +{ + "data": "ENC[AES256_GCM,data:7DNWPIDOyyokRIxX5a6LA9K3THxZfGU2xYJgL1zW+wmR7VlDmivRyn+FjGhKBmKNSbkpejefn4EwhTM9/qTz/h0hGzjSfSfMMf7b5IvMayCk13WWSOYVYEFsBw/U1OraQYKHrAe8xz3Af6dcoYvO2HYbbuGrSQFzL7+Ni5thvsO3dvvJIIiH8dkMheNqkQS0q0yhzXxKnNo0zWmw1VZSTQhZObdnF/mY9GT/uNxYLuHTb4FrcMEwcd/dIoM1S44U2RVfzepI0bzXpnlWRK8=,iv:KgVPWx4mfhb9vGN3BjsHu1jseQdL+bbsiHQxGKzuze4=,tag:dKu5W/qv/nEmZ5H7XK6ymA==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhQnBacC96WitIMzZBYUgz\nak4rMjNkeGtuY0cyWmNyWkZham1qTElHUVQwClZoRTJGa0tXN0IwZ01uQ0gxdWJn\nZHYwZEFMWU1aL2hjVnFINjhvVy9PS0kKLS0tIG1FOHlvcmdOMnE2RWcwRUZodU96\nQzJzeXlRMmtIZ0xRSFdmcTJIYndwS00KS0fWivBST8JDJDYS/m9I7HWUx9I6pOpo\nJxC2XZIBrgqyfvxjgtdNmgSyIEYDdBTMimh4DvW3Tnmzqtz5oe1iEA==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2022-02-24T23:02:47Z", + "mac": "ENC[AES256_GCM,data:zZgvnIrVOELiAUT2d9wWx5PBgv2T/elihv5P+SD8YMZfrykAPalYWeCOAg+yGGlCWhj4G5d6g3jomrHaxKUBhmQWBhKREZJnu4n8dv3xBGHq6Y0K43+EGiqZaKSCPaomkIJ5HKDavT0r0uJFQ+Z6CA+NdUMMsE4mHwFTQrGlPkY=,iv:R0UY3aIwpZojcB8XpQmuxNKDslItb9caUnckdNP05Yk=,tag:sc6aM5eE2zw0XBbX/K6xqQ==,type:str]", + "pgp": [ + { + "created_at": "2023-01-30T11:00:59Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAsBcu5RE/As2XoS8230fLInwaiQaR6R57w/gtDcIAg0kw\nOFnlDgsavFdXizaeI3193CA6flVL5s+7tdjOoUd6BDY3cx29UN+7sXHoOSk5hVmq\n0lwB2//hc3XU5siyUEpfWA6s7yfPZB9eSrmNnBVaRThBFNedIMZh+xWjUx3abUIV\nw1evcFFTH8vQMFepXjdIn3VF9g/+fpw7jHw3nUwKn7eFHakHlL/qJwLzmELzXA==\n=Sgxt\n-----END PGP MESSAGE-----\n", + "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.7.1" + } +} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/turn.synapse.li_acme.yaml b/hosts/surtr/dns/keys/turn.synapse.li_acme.yaml deleted file mode 100644 index 036fd519..00000000 --- a/hosts/surtr/dns/keys/turn.synapse.li_acme.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{ - "data": "ENC[AES256_GCM,data:7DNWPIDOyyokRIxX5a6LA9K3THxZfGU2xYJgL1zW+wmR7VlDmivRyn+FjGhKBmKNSbkpejefn4EwhTM9/qTz/h0hGzjSfSfMMf7b5IvMayCk13WWSOYVYEFsBw/U1OraQYKHrAe8xz3Af6dcoYvO2HYbbuGrSQFzL7+Ni5thvsO3dvvJIIiH8dkMheNqkQS0q0yhzXxKnNo0zWmw1VZSTQhZObdnF/mY9GT/uNxYLuHTb4FrcMEwcd/dIoM1S44U2RVfzepI0bzXpnlWRK8=,iv:KgVPWx4mfhb9vGN3BjsHu1jseQdL+bbsiHQxGKzuze4=,tag:dKu5W/qv/nEmZ5H7XK6ymA==,type:str]", - "sops": { - "kms": null, - "gcp_kms": null, - "azure_kv": null, - "hc_vault": null, - "age": null, - "lastmodified": "2022-02-24T23:02:47Z", - "mac": "ENC[AES256_GCM,data:zZgvnIrVOELiAUT2d9wWx5PBgv2T/elihv5P+SD8YMZfrykAPalYWeCOAg+yGGlCWhj4G5d6g3jomrHaxKUBhmQWBhKREZJnu4n8dv3xBGHq6Y0K43+EGiqZaKSCPaomkIJ5HKDavT0r0uJFQ+Z6CA+NdUMMsE4mHwFTQrGlPkY=,iv:R0UY3aIwpZojcB8XpQmuxNKDslItb9caUnckdNP05Yk=,tag:sc6aM5eE2zw0XBbX/K6xqQ==,type:str]", - "pgp": [ - { - "created_at": "2022-02-24T23:02:47Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAnEe5Fp4OyvdRGfTpEw5j/E60wPULMj9HGvHqYhnPt2kw\nFVhJzEu19VNX/TR66X0PGTXQ0oJjeQzEw3ZOYNXKkmAnwBseg1IpHX5of2f1UrJI\n0lwBe9ZYVeIkWq5Eo1Tt4H98p0sg0O6e84GiUxXcBClJ00y8EJUgCgVty2q6feF2\nY5UctbVtTLCH+STEeD1obeq9S066NBFv0cEd5ygDiJgyaoZ7yVKdyP4ACb509Q==\n=bcFt\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-02-24T23:02:47Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAqFUV4o517EeRaFb6/+cTvvBphr+2PkXLKez7KS+oPgww\nBkaqfdNH8BIw+5a08sH+P26YsX9zDMIJJrMl9WODDB0z+8/Yj0KvXAOaUc5QHHku\n0lwBzCjN+8odiBgcU+SRHPxCAd1FJDWNErjW7Ks80nCuHw1iUSxFo2UzhinyJ2x9\nLIhow3V8OA0Fw9k4kG4jylBKuGXQpwlhL0laY9SV65wWYjQWilmncirDmlv/6Q==\n=HltA\n-----END PGP MESSAGE-----\n", - "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" - } - ], - "unencrypted_suffix": "_unencrypted", - "version": "3.7.1" - } -} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/webdav.141.li_acme b/hosts/surtr/dns/keys/webdav.141.li_acme new file mode 100644 index 00000000..60f02713 --- /dev/null +++ b/hosts/surtr/dns/keys/webdav.141.li_acme @@ -0,0 +1,26 @@ +{ + "data": "ENC[AES256_GCM,data:WNZ6BAzz5b0mnr2XqVQM82NFuQJz3bBK76DmnA/xvFPLvAmN4tCDzcu4NrdihcpQZ9J5ZiiIynJH1RBB/hd9ut+e/ByHv954XW3o/Ml5gb1Nl6zkCSAb3uxnjTlf5dm9ROWzx+NBLvIt8DELMYuV/NRtRq6w3ZCWbEp/I3N/r/VPhIw7PkagI9QWNkXp0l2qBml/xwxO2HnZxE7WXtphpOfNZtBuWPF49gO2UeVHrsAfxVgtGNmY9IjBExSQDThDJmo8nFUvrLVydQ==,iv:MQHy1Hi2kASjm684tL3JT5xcdc4mrTWjJWCB4adl1Uk=,tag:IzUtLbMoeRu/Km7o3RTxbg==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXc0cwalIveUtZVlNsNG4y\nbHVseGNqc2pTZ3djMDlmb0tPVGtUTjNQSTJ3CjAybTdyYTgvTC9KdXVIdHFSWDl2\neDZVbjNMb0NKaWQwZ05kRkhmUitUODgKLS0tIGY5S2owWnVSUkpRYWoyd2JZdTJz\nbWRscFljMXE3RTcxcklPKzE0YWZISEkKmAZ8xfZt+iQzXnb3J8/9v/GVFsp1mRxb\n8o5ppl9+QKtoW0WPhbmmY89cGEG7IiFgMSGiEav/ac/9OT9Yt7bqeg==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2022-02-22T12:22:44Z", + "mac": "ENC[AES256_GCM,data:tGfEoG8C+zqkBRtfaCNrmuR6dG8kmaRexM6szkSmOsFVgzl3wGsPmVai4rFhgXsozOmt2Lchc01uRqERA+HIkkaMFdVDLWzMEGytEeE1s1JYCVNEc/RmjgeKqxwHuAv5cFGn8ZNZ9JKMF566wUFjjWM/AQffNYCdtSni8tV6eWg=,iv:qoyig97CBgl9X9Z6qbKunu8fvbiiW4uRtErM8nrb9MM=,tag:zFuAbP7ZsEgKGDOo9ACmrw==,type:str]", + "pgp": [ + { + "created_at": "2023-01-30T11:01:04Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAFgjDs+o3WlwEXNgAbVe9MLFqkCPz+Z4CLOJd0BtI32Qw\nOnZ1GTzo48Em6VRWvfy+SsE4BEn8b8do7VFBoc2WsHsiMVn+OhB4SJw10Zx+7qtk\n0l4BDcUsnvLPNWt/wucr8PxYJg3Bfkog3WE7pUfTGEFcWGcekPRx6G6u+lBQtKFk\nzysFCkNGW4Tjxdp0nR8m2d/mp4VpUTiqpH9GqXm1L9yMs8gBpQY8tskh4QFjIiFv\n=IJk8\n-----END PGP MESSAGE-----\n", + "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.7.1" + } +} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/webdav.141.li_acme.yaml b/hosts/surtr/dns/keys/webdav.141.li_acme.yaml deleted file mode 100644 index b0f05df6..00000000 --- a/hosts/surtr/dns/keys/webdav.141.li_acme.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{ - "data": "ENC[AES256_GCM,data:WNZ6BAzz5b0mnr2XqVQM82NFuQJz3bBK76DmnA/xvFPLvAmN4tCDzcu4NrdihcpQZ9J5ZiiIynJH1RBB/hd9ut+e/ByHv954XW3o/Ml5gb1Nl6zkCSAb3uxnjTlf5dm9ROWzx+NBLvIt8DELMYuV/NRtRq6w3ZCWbEp/I3N/r/VPhIw7PkagI9QWNkXp0l2qBml/xwxO2HnZxE7WXtphpOfNZtBuWPF49gO2UeVHrsAfxVgtGNmY9IjBExSQDThDJmo8nFUvrLVydQ==,iv:MQHy1Hi2kASjm684tL3JT5xcdc4mrTWjJWCB4adl1Uk=,tag:IzUtLbMoeRu/Km7o3RTxbg==,type:str]", - "sops": { - "kms": null, - "gcp_kms": null, - "azure_kv": null, - "hc_vault": null, - "age": null, - "lastmodified": "2022-02-22T12:22:44Z", - "mac": "ENC[AES256_GCM,data:tGfEoG8C+zqkBRtfaCNrmuR6dG8kmaRexM6szkSmOsFVgzl3wGsPmVai4rFhgXsozOmt2Lchc01uRqERA+HIkkaMFdVDLWzMEGytEeE1s1JYCVNEc/RmjgeKqxwHuAv5cFGn8ZNZ9JKMF566wUFjjWM/AQffNYCdtSni8tV6eWg=,iv:qoyig97CBgl9X9Z6qbKunu8fvbiiW4uRtErM8nrb9MM=,tag:zFuAbP7ZsEgKGDOo9ACmrw==,type:str]", - "pgp": [ - { - "created_at": "2022-02-22T12:22:44Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAEvqLWBZvD3I4xE6W7MKPD9eDGyKa3hpXracLRTHT4hYw\nqy+itvTL207VL0fU8Ve+rmxFjEaMvowFgwWk7+p98thgtbCcUNTxIF4gH2HjSOWS\n0l4Bb3G2vvDhUv1i0AR5WohSdfi5eyQjvt8HqJQ/0hBBwIL4IEcWjpBE+rX/460S\n4gigrXHpgSKZ/i/Aselm6XZhB0jNUf3pZ3pnCQPJpyrLGnFXwCSqB6EaREKU+6BK\n=dSPd\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-02-22T12:22:44Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAWXk1C46X8TTkWhHfTMhgo1KnKlCl8A8lzsAo7mqnpzcw\ncoae53lNWGeoCSfOl5E2oSVCgZzEu5R9kC9aLRJgDushXZ56XtTUUF4ggCHogJqE\n0l4B942HOIlWHSlbfOs1/0R5QPnXC1OQ0E6XEVJmBgnUNB3EG473eCTJeabwlaq8\nNgFlL09go4ISjnlKDIgfQZGI9u1j0PyDJ3MtQTnb2j8kzfbcsGcpSLQRn7kzSsjO\n=x5xi\n-----END PGP MESSAGE-----\n", - "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" - } - ], - "unencrypted_suffix": "_unencrypted", - "version": "3.7.1" - } -} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/xmpp.li_acme b/hosts/surtr/dns/keys/xmpp.li_acme new file mode 100644 index 00000000..dccc30ec --- /dev/null +++ b/hosts/surtr/dns/keys/xmpp.li_acme @@ -0,0 +1,26 @@ +{ + "data": "ENC[AES256_GCM,data:kivOcI972j/fbloZCjH+nD9mBnk5s25NA+WDud3Hhfk3C70GhGKQaTHgnNIH11z9Pst4DX4liAvFjCzGP/sUGQuJmEfIHKckAOMrz8m5796fUIAZjrH36/NwB7Ytk2pYKy3lGZgO+CAxDvH/pzxD6WQPoVrgnyM3rjw7rgKLTMr94mp8ui9j4DdIwScwyWhOit8WrivDVwnNOz8GpxI45qogyeYMRESfeka3brzXVJ871nLjhbokcrKsja7Yiw==,iv:HkS/b5YjJ7iS4hYIOl5DACf9g2zoTO7cEIKdocKzWpo=,tag:HFLzoTJu+i6nmT9NNC6NAg==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBiaWdnclZ3dmZ5NmJuSUV6\ncWtweDd5M0ZjcEl5MlJjdzFjL2IwRUdDTEJZClRaUVIwY3VTQkF2cmFNRW0rN041\nU0ZydXA1TTlHREIxL3pqL0k3S2xsdU0KLS0tIFhXR3NFKzVPT01MZDdIcmszR3Ju\nTjRNTGpLSjQ2elhpa1JuUzA3VitqU3cKvWh3k9Y/GD+jfSELEVGOvslL+n/ZE/F1\nHrLiNjxguMoiqTsfzUCZQaH6sh1VIcsOPjo5905QiM7RZWuQgp/siw==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2022-02-22T14:43:10Z", + "mac": "ENC[AES256_GCM,data:RQ9MBn/V8k41ax6KKlCmtCwlVMBsSzYtsG1zpwIutmuWRb39n2v/1oolW3hRkagSS7Q2Nu03d7L09KntAv77yjFKRYwMI3CFqU1JTsKYmW8c3ggTMS9RXFme+tAk85Wl33QzCnIYgI071tgmnlzct8yimh/oR2XyvMrMXm6IsbI=,iv:I6Dxhv0Up7LVUZ7j7SD3gCsiqsCYh3N0GtMuxnMcctg=,tag:I5OqFU1WPBM/m/6OPpUdow==,type:str]", + "pgp": [ + { + "created_at": "2023-01-30T11:01:26Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdA4uoHDOMNieKQJEXsCZs1SwNv+TSH439TntsxsTMtmHUw\n++hLK0+mBe0jfeNZeFy6sYMeHq/tWHIK1hNpSdy8vAkU//tLaWkVFYEcTyyjIRqg\n0l4BnMPYLSqOp7oPOI1c+OBb1dDm7xmXR6kpBxAyaOlAUKMYpTgtr7CpJquUXnLk\nPyie/AR6H8aJ5PKBUrB1VHc9z2x53FIw/1pNG+38GAbrUccYnY3BaRM8yqlwrGqe\n=cxKP\n-----END PGP MESSAGE-----\n", + "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.7.1" + } +} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/xmpp.li_acme.yaml b/hosts/surtr/dns/keys/xmpp.li_acme.yaml deleted file mode 100644 index 7d85bd25..00000000 --- a/hosts/surtr/dns/keys/xmpp.li_acme.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{ - "data": "ENC[AES256_GCM,data:kivOcI972j/fbloZCjH+nD9mBnk5s25NA+WDud3Hhfk3C70GhGKQaTHgnNIH11z9Pst4DX4liAvFjCzGP/sUGQuJmEfIHKckAOMrz8m5796fUIAZjrH36/NwB7Ytk2pYKy3lGZgO+CAxDvH/pzxD6WQPoVrgnyM3rjw7rgKLTMr94mp8ui9j4DdIwScwyWhOit8WrivDVwnNOz8GpxI45qogyeYMRESfeka3brzXVJ871nLjhbokcrKsja7Yiw==,iv:HkS/b5YjJ7iS4hYIOl5DACf9g2zoTO7cEIKdocKzWpo=,tag:HFLzoTJu+i6nmT9NNC6NAg==,type:str]", - "sops": { - "kms": null, - "gcp_kms": null, - "azure_kv": null, - "hc_vault": null, - "age": null, - "lastmodified": "2022-02-22T14:43:10Z", - "mac": "ENC[AES256_GCM,data:RQ9MBn/V8k41ax6KKlCmtCwlVMBsSzYtsG1zpwIutmuWRb39n2v/1oolW3hRkagSS7Q2Nu03d7L09KntAv77yjFKRYwMI3CFqU1JTsKYmW8c3ggTMS9RXFme+tAk85Wl33QzCnIYgI071tgmnlzct8yimh/oR2XyvMrMXm6IsbI=,iv:I6Dxhv0Up7LVUZ7j7SD3gCsiqsCYh3N0GtMuxnMcctg=,tag:I5OqFU1WPBM/m/6OPpUdow==,type:str]", - "pgp": [ - { - "created_at": "2022-02-22T14:43:10Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdANreqp4K9J56f70slxXnpJfHu5evjcVByLbHVYav0FlMw\n17qsPAAo4F0mj0zatV5EfnfYuNSsXR3j/9YocSHcMvBVzLsYdtV61fVtSrHiLt2a\n0lwBTfysYjor4J5h7G6ew7f1zicup3t9/ZPT2Q5fneRukpKExyM8o2ldjjRW7bq3\nt9kbihbTtB2t6k4iZUQRoYsfBKcM3hHeszv2W0xN9yOa/C5M8mOGNDJi48dEDQ==\n=3MEN\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-02-22T14:43:10Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdARVdKf6ppaqBQnaJ7WhwBPcdnbmjom9aNrXtymThq3TEw\nnjH6Emd1QLBaXGr1Eb7RNzrWkrU1P+n3ihLEvW0easkceRv8T3+xID1E/+6R06JK\n0lwBw53C9ExWPpy8CUGs6HeOK901cRRV6XWErHXF4QVSoqhNXjjJTzUmf+7zxKnR\npCZL0HOykPazHmkZHcKvkGSKoEiDmK/wStQwHoO+pLGbUvbsCX+GMlYV6ySljw==\n=RPEC\n-----END PGP MESSAGE-----\n", - "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" - } - ], - "unencrypted_suffix": "_unencrypted", - "version": "3.7.1" - } -} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/yggdrasil.li_acme b/hosts/surtr/dns/keys/yggdrasil.li_acme new file mode 100644 index 00000000..baca94c5 --- /dev/null +++ b/hosts/surtr/dns/keys/yggdrasil.li_acme @@ -0,0 +1,26 @@ +{ + "data": "ENC[AES256_GCM,data:QhWlBM7VZOagGaQICX31aaC69E00xUcVMvusxLLSz4mNy2B0l1Ngp7XGONI5+viq+nq/P9KytxoFybGwxjnxEcu++efsc+BjbKuylzq93rspQOoI/WjRxE/DoZCWQzK/UKWd1x1L3a/1+9IfKswkBEesgWx0Ug/bLlbr7GfQ3cpI6EwRGMba4VzfdmWPYAqAsfJmmOIY/WTShUEVbAmYQuUMhmZ9geWfjHonX42w7G8ICtlPcMc68ApK0nuhgKpzKisfHC/ddg8=,iv:rOePsUqnm0SSxHm4lc4Ikq9tbOnIgunIw3tqeFsEFTs=,tag:ESzqhFRmTUBvZQBzISQ2Qg==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAyV2tlQ0lFam0rUWlTZndP\nLzIyVzVOUXZ4aGxreDRXVjNzeVpjTVRidzNRCmdscWVIR0JTbzdDTkhkSWloTlFR\nbnNuM3pWNGRLeENJdlZkL2xKQUFoajAKLS0tIDFDaWQ3TDdhaW9sWUVHN1dMclR1\nNGt3ZzBQV2s2UDU4SHlnVWdQU2FaR0kKPq/2guVhyCW4Lwn5TRSAaISf0tTQ/n9y\nhz//oYZ6Kw7x2qvn9lh5DTbokl6J8K6DnnB9nGEDvDWo9bqdCgbS7g==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2022-02-22T14:43:23Z", + "mac": "ENC[AES256_GCM,data:g2DNekY/VbytxwTxxIgXH+RldXCab3wtx5cOYriKxC6MDr3/E1A/rZm6nWqRI6lvD/dsmLsYmfvwEpfkTMvSi3/kFJZSr2y0wUBHMsZSs2cqtmZ7i+9YHMLrb//KTbkZHFw/NiH2pra29oFN1vdVrHwMvf0uVazBXyHABSb+DJE=,iv:jc+4u9sgWfBpF4lJtv2T6vxN5xhG/z7Vf3eADI37rKo=,tag:hhaDRwsOgCUoTDHdr8y9DQ==,type:str]", + "pgp": [ + { + "created_at": "2023-01-30T11:01:40Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAFBxGfVOUPq+avm0tzz+CixDxiWR7/sKrDXnhdEKhtQsw\n0IBeg3N1rrLy3QZ49DhBBvez3qQF4zXwyaNKomAT38gCt3qMT+IKMEEPQw6wxJng\n0l4BkbAvXfQctKk9G+ltHMlbAD2avGYBrT/gbGA3cdy7LUOjuGu3Hlei0aFK6teZ\nB567PvTsh/6PiTFSXDPsOuNfvt7MDem0gJKAvbckUgiO6L9IlCTFkjSZMofnZNF+\n=Ym9I\n-----END PGP MESSAGE-----\n", + "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.7.1" + } +} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/yggdrasil.li_acme.yaml b/hosts/surtr/dns/keys/yggdrasil.li_acme.yaml deleted file mode 100644 index 0eb8f2f4..00000000 --- a/hosts/surtr/dns/keys/yggdrasil.li_acme.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{ - "data": "ENC[AES256_GCM,data:QhWlBM7VZOagGaQICX31aaC69E00xUcVMvusxLLSz4mNy2B0l1Ngp7XGONI5+viq+nq/P9KytxoFybGwxjnxEcu++efsc+BjbKuylzq93rspQOoI/WjRxE/DoZCWQzK/UKWd1x1L3a/1+9IfKswkBEesgWx0Ug/bLlbr7GfQ3cpI6EwRGMba4VzfdmWPYAqAsfJmmOIY/WTShUEVbAmYQuUMhmZ9geWfjHonX42w7G8ICtlPcMc68ApK0nuhgKpzKisfHC/ddg8=,iv:rOePsUqnm0SSxHm4lc4Ikq9tbOnIgunIw3tqeFsEFTs=,tag:ESzqhFRmTUBvZQBzISQ2Qg==,type:str]", - "sops": { - "kms": null, - "gcp_kms": null, - "azure_kv": null, - "hc_vault": null, - "age": null, - "lastmodified": "2022-02-22T14:43:23Z", - "mac": "ENC[AES256_GCM,data:g2DNekY/VbytxwTxxIgXH+RldXCab3wtx5cOYriKxC6MDr3/E1A/rZm6nWqRI6lvD/dsmLsYmfvwEpfkTMvSi3/kFJZSr2y0wUBHMsZSs2cqtmZ7i+9YHMLrb//KTbkZHFw/NiH2pra29oFN1vdVrHwMvf0uVazBXyHABSb+DJE=,iv:jc+4u9sgWfBpF4lJtv2T6vxN5xhG/z7Vf3eADI37rKo=,tag:hhaDRwsOgCUoTDHdr8y9DQ==,type:str]", - "pgp": [ - { - "created_at": "2022-02-22T14:43:23Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAzEmCD9ROaiWV0ludmvPP0qGXznkk2J6bQQr0rWCZv2Yw\nF9JbGeiFyqnlPJKDs6rQyIzqmK/1IDjLNJ7KArQaJX5Htua64Iyb1M+Rxc8ugG52\n0l4BPxSJ76HAI0iHLM0UdGRfeyyYuwnShaqM5X4qEQu7Mh7L83s8Ym8a4tJpv+Zq\nGh1Uz7G+MyevcAT4J+bZY5VDyk6rwuMpS4mrzIMl30gkoiorQMyoSmji4ymLJ8NS\n=tRMa\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-02-22T14:43:23Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAmy1AUOAkS9tkTu+GbDAS7SD+cT83CnRYd1O1ZG+eYwcw\nou88Nz3AGUcSa99om+yVY22nvztrIDOmqMih27ArB1Ruqhh4l4cm4mMrt35Jgezv\n0l4BiKZMHk6cwYGDopEfGU9m1l7lWZJofYIJZ8W0WSUtbHBXzZjwh5N7rh6EF2Te\njRJ72f6+/IaVeyhQjZocwQvFr0mfezontWlJb8hTOGBiWt16UPZ2UUgWMNIhepcy\n=AlJs\n-----END PGP MESSAGE-----\n", - "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" - } - ], - "unencrypted_suffix": "_unencrypted", - "version": "3.7.1" - } -} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/ymir_acme b/hosts/surtr/dns/keys/ymir_acme new file mode 100644 index 00000000..a1fc7240 --- /dev/null +++ b/hosts/surtr/dns/keys/ymir_acme @@ -0,0 +1,26 @@ +{ + "data": "ENC[AES256_GCM,data:byBJwbC+WjFdWWnlSQUkSyNw9J7FwNqXuXMl68IzVsIMNmRHrRj/1cUgf7q1MN4YbNHwW5SV53wM0iIsNIObXNIdhe3QVK0X6hWfEXBuZ1yf1kdcCWleIVzh7swJXNoudWCcFYQz527pUKB7FoqalzTZED8+qok7zvyrB9YAyrXhFS7+RUM/6LgmAUcd99ojhPE5N4WZOk/+rUYx/lRmDqjteBUlTsg2zbyJI5aiPJRgmeRUr6nY/g==,iv:mv0jAiWU1kD8+fOD8C/gbUryGcB2jl4g9HypRsrMqcI=,tag:1IURck5WIqn5CqpVRMGeTA==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzSGs3Ym5ZejZUQVhtUHJI\nR3FXbC8wUW5CVTJzellsSmVWZHZ2Wm5UL0JJCkpYMU1qVERtTkt4bUpENWltbDRq\nNk4yM2NmTXBydUU5UlZKOUVrQ1BWaDgKLS0tIEFrTzBUT1dUWjZoQ1N0dnRNcGJT\nS2NNNjlUemtIRGorUTJNN1d6Q0dpU2cKLHJBPscyElneQfukXugFjxWvuWi0wwZ6\nbi+ES1+pxQEC1PxBiOqmKjChwgMNSWA87pdxV+NriCjZS9d1CB6uzA==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2022-02-22T16:07:25Z", + "mac": "ENC[AES256_GCM,data:mwXrUm7h+Hn6klCDmz9ni1bqVpaJlpLTDuUUvXGKnX0RjG763szhjbvI/NVj42e7pkgoArDN83Zf0KdugmTCIEQB15PYsGvc5uRcBK8I28Gktwdz9InCbArOvXGO6BoGF47VxjNDeFy5OnUUbST0pF94WXEIeGaD/QxXn0c5ljo=,iv:koaB3cA9IxyuLY3R1qF7FOwgzh4QnkNrMmVomu4MugI=,tag:7D8qzyGF2hibcumXV3HqGQ==,type:str]", + "pgp": [ + { + "created_at": "2023-01-30T11:02:04Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAj/BpjiWnHwbVPGobLk6OGOqs7bNUHsUpZdriJC6Pzm4w\n4LKYBMgHqPtBaxI5fS3Rk0MNlsUU5txUyMb4kjKNfmWLuUmN7hSs3Kvuup7xLGcK\n0l4B14g+iBso9ZAVYczwIUfhV4+74E5HihnF5yAqrXhgbfv2SjIgxG68KmcgM+YD\n7cd0Fg5ZaPCRk569BLr4ynEKANimbjmgYXUvWgMKjxF5n0d4LfHxxS29JNejo0fQ\n=cacm\n-----END PGP MESSAGE-----\n", + "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.7.1" + } +} \ No newline at end of file diff --git a/hosts/surtr/dns/keys/ymir_acme.yaml b/hosts/surtr/dns/keys/ymir_acme.yaml deleted file mode 100644 index fd3383ff..00000000 --- a/hosts/surtr/dns/keys/ymir_acme.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{ - "data": "ENC[AES256_GCM,data:byBJwbC+WjFdWWnlSQUkSyNw9J7FwNqXuXMl68IzVsIMNmRHrRj/1cUgf7q1MN4YbNHwW5SV53wM0iIsNIObXNIdhe3QVK0X6hWfEXBuZ1yf1kdcCWleIVzh7swJXNoudWCcFYQz527pUKB7FoqalzTZED8+qok7zvyrB9YAyrXhFS7+RUM/6LgmAUcd99ojhPE5N4WZOk/+rUYx/lRmDqjteBUlTsg2zbyJI5aiPJRgmeRUr6nY/g==,iv:mv0jAiWU1kD8+fOD8C/gbUryGcB2jl4g9HypRsrMqcI=,tag:1IURck5WIqn5CqpVRMGeTA==,type:str]", - "sops": { - "kms": null, - "gcp_kms": null, - "azure_kv": null, - "hc_vault": null, - "age": null, - "lastmodified": "2022-02-22T16:07:25Z", - "mac": "ENC[AES256_GCM,data:mwXrUm7h+Hn6klCDmz9ni1bqVpaJlpLTDuUUvXGKnX0RjG763szhjbvI/NVj42e7pkgoArDN83Zf0KdugmTCIEQB15PYsGvc5uRcBK8I28Gktwdz9InCbArOvXGO6BoGF47VxjNDeFy5OnUUbST0pF94WXEIeGaD/QxXn0c5ljo=,iv:koaB3cA9IxyuLY3R1qF7FOwgzh4QnkNrMmVomu4MugI=,tag:7D8qzyGF2hibcumXV3HqGQ==,type:str]", - "pgp": [ - { - "created_at": "2022-02-22T16:07:25Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAmcJoxHfANstUX5rNuujHRm1VVe8RNrwMItzqvMyh/Ssw\nha1cGkBRxuVkkSMNGX3A0uMD3bYY/CGS8706ttaSNxlkPERExs+1YT/ds1nmR3VN\n0l4BpTrOGwKutMwjbB30Jmoy9EkqkqjC6948q/lJGl+bCk0ByJ99vQR0hv8KNvIj\nV6TkiKbCHHXy+Z1n/XkKPqWcjjcth4cJBKwsDB2EU6hbc9MGrM7PgVtR9Vce/mGv\n=WPOy\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-02-22T16:07:25Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdArf8QXVpdQJH0v/0o9KN3LVbtEQAsuVco3mhjnhh5nVYw\ns0YqUAmN6hDTcDvfKljR5D/iK2iEfbZgBLGJyNsy3AbYdu3lhdGbxWerbVgrNA+p\n0l4BEzSmhqAlNqPvTwgCqRBaBnbsI7OLrqxIG08K+SAnRHs+BPc1xB0DLT4OZerm\nKNvcKNeYrEWluhipt9AVwuQzMTo3b/ZLGi97nICPsb8tu9DwS4fjcPaA52q70oSx\n=vWLx\n-----END PGP MESSAGE-----\n", - "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" - } - ], - "unencrypted_suffix": "_unencrypted", - "version": "3.7.1" - } -} \ No newline at end of file diff --git a/hosts/surtr/email/ca/gkleen@sif.key b/hosts/surtr/email/ca/gkleen@sif.key index 4578f4c2..5654d1d7 100644 --- a/hosts/surtr/email/ca/gkleen@sif.key +++ b/hosts/surtr/email/ca/gkleen@sif.key @@ -10,14 +10,9 @@ "mac": "ENC[AES256_GCM,data:A81DUOL1HrVuDyPUvVzqCk0MZB6PfOc0SRp6fg+EIiup28VIi+m3fbaiekEHGGRCAWJpmVJdS6ZZjfME92apl4264RxGZQ19apEYvdS2U2Oz3yC2G46ms3kUPfo2CGWw9bo2u9dOido3SA6SE7gnxzonAW4/JPpiSQaYCDLhJ68=,iv:+d1a55uqKCzp8DVcDypFgLrp8OPRy2i+r++Eu2xhPHU=,tag:wUvunpEkpa7poQsmrFYMRQ==,type:str]", "pgp": [ { - "created_at": "2022-11-07T15:55:22Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAnyLj503gWwWQEwVhWGx7IawWB7ISqFZk3EDGrlBLv3ww\n69Kbr5bqYg4guusvifS9KHBun8sIuHWf6QImZk5ugNBDLjHiHgqZq7mfhHXX0dUh\n0l4BqKsVGFprOOKAPT6hfXzXx0riJiaVSHAyJHyJkSygMgtZvROU2MbI0yqpO8RL\no495NGNGUPd6LQZMfQ/vHu6ZDFdz0O+pyuu6gOkixAMZCtvge4S4pCJnyJ4bW+x9\n=ExO9\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T10:58:17Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAPvQbjiSDLyHSZCnkrXCCY84/Q37oh4owBhYkV+6KuAEw\nuJnPKkKZ1tSZtBqBdGpQbO3pBPaDsYZ4oAQuyAp7ppjEWS5K2uLzsiaWeWv2tWik\n0l4BahpAbfvJr4tX1PRKixd2RT7rB7NpBv5GJ/5XgwxeMZ1t+Rtbzro3jXz8VQPX\nBS7SWk/TcyR2oljQxKCvQe7PZXmQ7Ue4sa5rtBCQwdYKz4c4OiNWE4lIt208xY3x\n=+UgS\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" - }, - { - "created_at": "2022-11-07T15:55:22Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4Dgwm4NZSaLAcSAQdA6ksiCbMWMGNLINj9knm+fZSLmCts8JkDWsWxm6VkSCgw\nB/EhaM8A6dWTJYG8T1hSFLak+FVl64g7ZeDW7dCp2sqJAMJ6DOOADsbWv2daVYP0\n0l4Bg39WApIorvMyTuZkmIwAQezucXJpI2rP/ZtximsG+ykFU2xpymL0+nCLbAcU\nRmVEiJERyrhWXVIQo0Czicis11LwS9thp4xseejpFAoSR5yse7oIAm8NJ6SRCpWg\n=bfoG\n-----END PGP MESSAGE-----\n", - "fp": "F1AF20B9511B63F681A14E8D51AEFBCD1DEF68F8" } ], "unencrypted_suffix": "_unencrypted", diff --git a/hosts/surtr/email/default.nix b/hosts/surtr/email/default.nix index 0d1ccf30..0e2a78eb 100644 --- a/hosts/surtr/email/default.nix +++ b/hosts/surtr/email/default.nix @@ -663,13 +663,18 @@ in { }; }; - security.acme.domains = { - "surtr.yggdrasil.li" = {}; - } // listToAttrs (map (domain: nameValuePair "spm.${domain}" {}) spmDomains) - // listToAttrs (concatMap (domain: - map (subdomain: nameValuePair subdomain {}) - [domain "mailin.${domain}" "mailsub.${domain}" "imap.${domain}" "mta-sts.${domain}"] - ) emailDomains); + security.acme.rfc2136Domains = { + "surtr.yggdrasil.li" = { + restartUnits = [ "postfix.service" "dovecot2.service" ]; + }; + } // listToAttrs (map (domain: nameValuePair "spm.${domain}" { restartUnits = ["nginx.service"]; }) spmDomains) + // listToAttrs (concatMap (domain: [ + (nameValuePair domain { restartUnits = ["postfix.service" "dovecot2.service"]; }) + (nameValuePair "mailin.${domain}" { restartUnits = ["postfix.service"]; }) + (nameValuePair "mailsub.${domain}" { restartUnits = ["postfix.service"]; }) + (nameValuePair "imap.${domain}" { restartUnits = ["dovecot2.service"]; }) + (nameValuePair "mta-sts.${domain}" { restartUnits = ["nginx.service"]; }) + ]) emailDomains); systemd.services.postfix = { serviceConfig.LoadCredential = [ @@ -824,6 +829,9 @@ in { }; }; systemd.services."postfix-ccert-sender-policy" = { + after = [ "postgresql.service" ]; + bindsTo = [ "postgresql.service" ]; + serviceConfig = { Type = "notify"; diff --git a/hosts/surtr/email/spm-keys.json b/hosts/surtr/email/spm-keys.json index cefe27b1..92d07326 100644 --- a/hosts/surtr/email/spm-keys.json +++ b/hosts/surtr/email/spm-keys.json @@ -5,19 +5,19 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4UndNL21iM2plWnJPS1FC\nK0JCWDhtT25UaW93azZFZXdRR2V2Wmd6d1FJCmJFbEVzUzNKOHBKK0dvVUJMNjRG\nR25nbHBIU2tKSjVRS0tWdU1GVldkNTgKLS0tIG5yTDJmU1dLZk5VQ2xMSjRJVVd1\nblFkeGVqYm12Y3AyUmVKc3hEWk9Cd3MKkJMsM1B5AYx7Y133EQsMMddMGAqWuFNl\nMGQtdf7dyF2UmKFRZRztJiH+z5vf0UY9pHpQHYvW77NMHbtzo/360Q==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2022-05-19T18:42:23Z", "mac": "ENC[AES256_GCM,data:dQAeiVPBGotOd3dnD9P3o1dlDIrOom369SAlzY9VHe4y/Bck8brrx4fUjjxfFB9/Oew83Pdpl1WXbVp6RVrsdY/xTmVD+1bgZJJRJ5KYe0QcoWl4Sv1E6Y1b5jKZVYbeiCU7NI6gITmM5sLNBzEm2WYsYBtRCxWMh3iGV7ZqmAk=,iv:loxamarLwR6NCHaH/K8tq8XQj7Xl+Onbgu3hEYZycKQ=,tag:WojOpPzi/ajmzBAKKJ7g1Q==,type:str]", "pgp": [ { - "created_at": "2022-05-19T18:42:23Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAy74slNS/OZAJ2BczfZtCWNdIfrCpT9qg3K17zaam930w\nWRVJeL/4JLyaCvDybqNjyoi7TkCxMtKNu5LzWv+c7iTQgAwyH/aRdaLx4HmEnwqW\n0l4BsKAIB+GNBAO/HUrjrxc16euyNPP0zbguiEUxhzNGb3xwngixbcDBIe8d4yXa\nHQ+mhjG35wQbjcPrQFUvZ5YWkwthL3pY1Jx8l/9V8ajTC3SbHlI2akbun6EMuoZo\n=LKNF\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T11:02:06Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAlJMfokF5FgwyUTPEyFucysg7qXbeSbIxupFJDtAwqn8w\nq3mrEfNT36IccWSoLy+x0hR+VuQPg5cmptv8fV4I5QXZ6TVVgFzgioVn2kNOuFdB\n0l4BtfZmibSpsdtd+kShIOpf8S0Jdai/VuvByOtJ5fX0UmVxEJpYXd3KtYZcuBFT\ny2RPDdTibNmxcj7KW8R53hzrGM11oumnYMu7DeKPwIFUt1Elzmymw6u0NPRuHAMt\n=SwFl\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" - }, - { - "created_at": "2022-05-19T18:42:23Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAT8dopGD88h4G6EBdFbDWizpUreWer6d7U+ii48YYe2Aw\nh8NZe+WplrMmjIWalVylf/MqQKlAwbOZBj5PpFIxFXKvtRxGGYKZ7mBj7kkFaDKG\n0l4BkYVQRhouZdVFcpTtTPlG7ATVpJQAi8UiBuO0HhQBmxQUGLl5vM9bvb9cY5mH\nBnBOWYzff/f0Jl8gn3tGMr9Sxeg7VRcCm+YGMPMQSimKbEZnXUjGEYuflXzopY09\n=6n0A\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" } ], "unencrypted_suffix": "_unencrypted", diff --git a/hosts/surtr/etebase/default.nix b/hosts/surtr/etebase/default.nix index 3c71bed0..ca6d84fe 100644 --- a/hosts/surtr/etebase/default.nix +++ b/hosts/surtr/etebase/default.nix @@ -32,16 +32,12 @@ restartUnits = ["etebase-server.service"]; }; - security.acme.domains = { - "etesync.yggdrasil.li".certCfg = { - postRun = '' - ${pkgs.systemd}/bin/systemctl try-restart nginx.service - ''; + security.acme.rfc2136Domains = { + "etesync.yggdrasil.li" = { + restartUnits = ["nginx.service"]; }; - "app.etesync.yggdrasil.li".certCfg = { - postRun = '' - ${pkgs.systemd}/bin/systemctl try-restart nginx.service - ''; + "app.etesync.yggdrasil.li" = { + restartUnits = ["nginx.service"]; }; }; diff --git a/hosts/surtr/etebase/secret.txt b/hosts/surtr/etebase/secret.txt index acedb549..e107b0de 100644 --- a/hosts/surtr/etebase/secret.txt +++ b/hosts/surtr/etebase/secret.txt @@ -5,19 +5,19 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBidVRZandlRmhUQlBmQnBW\nU2I4bWwzM1ZoejAxdlpvL1lMMXhKcXg2M21jCkJuNGI5cHkvQmVGRVRrdzlpcTMr\nVC9nMVh5Q1podTVDQjVRY1paeFhGdlEKLS0tIDlVaTVZZmE3MFgvUlNDWUdwWmFu\ncEZJY2syTkZ5b1dzdldBY0dPYUNIYUEKZACWetBikotrKll5VWBDzaCz5lQlFE6J\nSTbnYhwxUIva/QdYGoFIQHaTHRVc5pG8uGSXSmW1QcprQ9BJnHwFNQ==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2022-11-09T15:30:57Z", "mac": "ENC[AES256_GCM,data:zb9S3tgUEja6IfCvrh6AJkzoiqAj5RyBtEvHHV7RkANGHxRer79YdDJW39I4qrg2WC8odr5CyJF3sVqw4fUeUeeq0QAJYupJVmINBqIaFcy6f5XtFDpHRNPmHT1WwrN6t5o8pqb4cv8H7JRfjySxlwFNmItgrQIQn6QBqE2ZkEc=,iv:BTzROI/DxqCmRYzsRkMrj+kTG3KTLP+nAF4z0l/dRbU=,tag:S+w0+XL55PBiHWkUKtDggQ==,type:str]", "pgp": [ { - "created_at": "2022-11-09T14:03:17Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAfsNj4UmCNc1Qo5hi1YLaRjoeoudRZwNgVfaQTMsOPA8w\nfuIRUgq9Mybq4Frp4U/l86LwekOIwiF5tk1hPcK2HrmHG2z/ewr6WnrhczjFy+Qi\n0lwBMEtZWrD4h8GdTwan7E/jDLytEZYjDmXK72Ep5PubyO86H1BKy4Da5YIZw4Bc\nq3RaJ65wcp1EwIJ7gbEvG7a1a00AjFhXIwtsT/DhKTBy/OwPj9w4mFJ5rka8FQ==\n=2FIT\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T11:00:42Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAvE9VzEnmrMOn4PvS4PuDFxYaVK+YMTvT+fG1GVJdcDcw\nxr/12h73rdCTfC/a4cBN2z02NMxpaQAN1+HMi1k3C2eeSXS+q3ishXjv7CIaNfE0\n0l4Bs5Nq78QXIxcZGddsfSxQxMJSmdbSv4QvRyesGM6dvfEQnLfG+79O8qppC3BG\nSxd3rwOqPzqFcVXliTe2X4sxhv8xS06z40eyWiJTqP9nuF4BW1wPe08VbP0kVnzC\n=153I\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" - }, - { - "created_at": "2022-11-09T14:03:17Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdATs6pQrq07RGgFTTrNTI26pt3WSSF8tg9ywhepFvxfyUw\nItZrRfQUi42Yj6UC0GuxNmVYcS/Ogv7SngtM+22kofS476gfhkHT45/9gMhqve0D\n0lwBPaW0UHfU8Z3tbA6aRpMSYF20Srvvqfs2Q+PFSEWDFXx06RqpmH72LrhI3uYm\nbK9LykI7ucQAGJSSkHJQEbvEqyv1CMFGdDHkI1LyAetmcqgPZH8JRPx3LDagyg==\n=EsHC\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" } ], "unencrypted_suffix": "_unencrypted", diff --git a/hosts/surtr/http/webdav/default.nix b/hosts/surtr/http/webdav/default.nix index 0443bc97..c5a94996 100644 --- a/hosts/surtr/http/webdav/default.nix +++ b/hosts/surtr/http/webdav/default.nix @@ -68,12 +68,8 @@ in { ''; }; }; - security.acme.domains."webdav.141.li" = { - certCfg = { - postRun = '' - ${pkgs.systemd}/bin/systemctl try-restart nginx.service - ''; - }; + security.acme.rfc2136Domains."webdav.141.li" = { + restartUnits = ["nginx.service"]; }; systemd.services.nginx.serviceConfig = { diff --git a/hosts/surtr/matrix/coturn-auth-secret b/hosts/surtr/matrix/coturn-auth-secret index 95e4b21a..1fdccfc3 100644 --- a/hosts/surtr/matrix/coturn-auth-secret +++ b/hosts/surtr/matrix/coturn-auth-secret @@ -5,18 +5,18 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3c3BHcjdMQ0FQRy9JREFq\nUi8rNW55NXFIcUN6a056QXZ6MGUrYWdRNGxVCjA1ZnF3ME1YbitxS2h2RU1EU1Vs\ndUorVGpqaFMzRWY0cHIxdFRiMmhwR2sKLS0tIFBZWjIzWjk0ekFjb0FUcExPcmI2\ndlQ1cjFPZ3pGVHduSEVZbFRnU2RYUzAK78yGOcKO3IZlf2d1zBr9hVix/FPIH/+0\nQr3RstH8WG4z92zJcjWVoSyOZ76t3p1nyL7VbCtEewU1miU1S+VKdQ==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2022-02-25T10:32:29Z", "mac": "ENC[AES256_GCM,data:R671lXt7nS3uUElvpVOJPLVZJH7FTYPUH5Qz54kKhrMdReFei5dSXr7XwaxhloCMnEppM4+cTr+7xn++j9I9H5S3/bo1rxxPRSRa/AbO8w9VjGXzYIe+SA/VLx6vY8B2zjizWroZnL+SdZuYkUDzoBYIYm6MrLZDuK6m2AYLiK4=,iv:dAl5o087g/KV4l3EJN1okXqN5dDRb3qK3JOZD9S7o8o=,tag:XgFta6DXWgn5pXS5Cm2vzA==,type:str]", "pgp": [ { - "created_at": "2022-02-25T10:32:28Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdArxQlwu//uFR3wnA2qvHaHxH1Nmi2273msPeSK5xnpEow\nVZyeSzDzbXL/EIICUVmvnPaEvQ+hwgSRs6UQ2WUvj4KNTSQkLlcc5DSUF2hI220H\n0l4BMzQzLS9WqZvFDHWxM4A550s/kT8XOknr6EtmNpcUX+Iqxev+nJtIiawrAY2d\nb5UYgOm8daPdfkuph/ckD8fz8lRpAiaOA6c9BAxwcygR9rA5LrTISr06gDegKTyU\n=qnpg\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-02-25T10:32:28Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAn2Nv11If4PfUagCEXFjiVaqTlFRVyz+CY7PXuyV5iCQw\ng+nkSlqpiEGh33xCVFXFlOzrsfzc7N5oAwvXHdKi6mk1J4nXTE48q3r8ngP87F2U\n0l4BdHhdgp02XXXXRj3Z81rTG1PEOOhjWHTO3fE3SsSk7VB1HTI+3HiaQdkZK31J\nZ0jUT/WOEXDP/0v6jMWspCjSayzYqNW7z+iY0V0qzm/ny1Hc+3/fazsmVMDu45Oe\n=f9au\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T11:01:22Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAEbTqeFLafUwkP+hejHgyHA4q5Tv5YOYac8Ds/BwS6Dcw\n07oIsxZUH+v7e1FmnF1+CJvXLkEwgCVvtOUp2g5vaDoRK8c862NuQmsVnBnthOnc\n0l4BE9p07QwAhBKcRl9SW1ltkjVs1fl1hwY5IyJJ0iX/4n0LgJSdDv6NbWS/bRhC\neq63pYNg0Wr/3t5DXoGgbJjOlG6bR9QeKXNYLP0qNmVy9/mC0zuoj81Lw6U0WW6r\n=dukm\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" } ], diff --git a/hosts/surtr/matrix/coturn-auth-secret.yaml b/hosts/surtr/matrix/coturn-auth-secret.yaml deleted file mode 100644 index b6d08fb7..00000000 --- a/hosts/surtr/matrix/coturn-auth-secret.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{ - "data": "ENC[AES256_GCM,data:IkOhX6yVHpcgEPF1lsSe+ZJ4E6X5eHQNRD5Epub9zQMRBsiVH+Kqdw6zOZcWHXXfcSE72Q44Hv1Xy2qjlC4i9T9K/w==,iv:1nVKgOVpYVMpK/XexGcVEww8GRP6ydpjcVxFyzTJcUs=,tag:j98GvQMrV171Q/2lj4jR+g==,type:str]", - "sops": { - "kms": null, - "gcp_kms": null, - "azure_kv": null, - "hc_vault": null, - "age": null, - "lastmodified": "2022-02-25T10:33:27Z", - "mac": "ENC[AES256_GCM,data:3vHGQ14yM2M5q9h3P6OYnJmyBTJ7CsawjBoNeooNwfSMAQfqsUH5NOSNV66L7q42XsBXgD0+U9XB5+FIYNl1wkqAY3Q84S/hlYKdLYc80nhT1YvG8+o+6YLJCNj51ZvL2kN6V3qwk15XpSVXqK5dS5NSllCm+AXyaGQg3s6gyPI=,iv:Vg1R+UU6vvOL2NM3SREvc/jBILqWshQjc+lz17j9njE=,tag:lqSzXErc6Y319E+yJ4H5UA==,type:str]", - "pgp": [ - { - "created_at": "2022-02-25T10:33:04Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAT7ONJCB0zAFZsBxJaltYzG2C7PMvrfihMZFVn55SbXYw\nY6UFWL26pF3Rt+8nwGBUFvS8nW1Oqez7zGRDc5cJOZlf2OfL1tlMYWWf7diEc910\n0l4BNdcLviLG/GShe2d/fYu7UkLnaLEyKsrecF2T8ezF6k3/G/P1qI8T8lIGSMF5\nkfqCO70okg3qdLDxVV75beHOtOVWdT+O3MrteEHCv54Yu4TFe7nwVj41lVYEIaZd\n=67a3\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-02-25T10:33:04Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAK8sRxj63lDfEn661bNR5YkC8kMpeM06/h+0/ONH5dA4w\nAkZcicFVb++DsYK6W+ixEZO5c8r/TJ57KfeL/Q+oWwPKPfp+wsSJMtRVh+u+1wfO\n0l4BxR8kpEJCtBHU+zdiUNEvS4sAPQaGaUj40lUMmPCYqh30ehGWXJsZcsUfSeV5\n40ArIdljVy+MFK8SJHpH18U+1cRu7cD350Gtt0QRPiTWGbN0u/c6ihIAe29BLZdb\n=GTZL\n-----END PGP MESSAGE-----\n", - "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" - } - ], - "unencrypted_suffix": "_unencrypted", - "version": "3.7.1" - } -} \ No newline at end of file diff --git a/hosts/surtr/matrix/coturn-auth-secret_yaml b/hosts/surtr/matrix/coturn-auth-secret_yaml new file mode 100644 index 00000000..a59aee14 --- /dev/null +++ b/hosts/surtr/matrix/coturn-auth-secret_yaml @@ -0,0 +1,26 @@ +{ + "data": "ENC[AES256_GCM,data:IkOhX6yVHpcgEPF1lsSe+ZJ4E6X5eHQNRD5Epub9zQMRBsiVH+Kqdw6zOZcWHXXfcSE72Q44Hv1Xy2qjlC4i9T9K/w==,iv:1nVKgOVpYVMpK/XexGcVEww8GRP6ydpjcVxFyzTJcUs=,tag:j98GvQMrV171Q/2lj4jR+g==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxUGRYV3RFYVc4c0FiZU1z\nSEhMbVR2OFFKTjVUbFBUOVl4aEhVRUtMbFRnCnNjTUxiNnhWeUNBVC8yc1AzSXNN\nQUdkZ3plMXNDeHZxWElaV0VlVWlINjAKLS0tIGRUM2Q0Qi9EK3pQNW5qYW8wdUNW\nM05HejN0QkxjR2t4TnVWR1hud0N0cmMK3crZ+0zqkeMf7y3KJ5Q2qDXOLbAoREim\nq1hlTTU1vbHMpS3ZFdOpsx1aj7zkday7WqIgOTl3Uro5KT02uI0y3Q==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2022-02-25T10:33:27Z", + "mac": "ENC[AES256_GCM,data:3vHGQ14yM2M5q9h3P6OYnJmyBTJ7CsawjBoNeooNwfSMAQfqsUH5NOSNV66L7q42XsBXgD0+U9XB5+FIYNl1wkqAY3Q84S/hlYKdLYc80nhT1YvG8+o+6YLJCNj51ZvL2kN6V3qwk15XpSVXqK5dS5NSllCm+AXyaGQg3s6gyPI=,iv:Vg1R+UU6vvOL2NM3SREvc/jBILqWshQjc+lz17j9njE=,tag:lqSzXErc6Y319E+yJ4H5UA==,type:str]", + "pgp": [ + { + "created_at": "2023-01-30T11:16:04Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdA/y2slhvN579NGaAU+tJW5h9XhM56LcYiF4DjlEXJpmcw\n92MlQtinGuYhSyuJEIWuvi0oRPqGM5S+aUrYB2JzW0Qr57xXZh/cDliF0ZwzyEZ1\n0l4B1O9m3dpny69edGuUo+dBlembo+CljXSFQcQ5/cyYk9e1aZC1cpqoMLjkqiDN\nycyjObhTmwh3hq5+93azbmu8GbRAs0UGObt6nzT4YK1GuDnV4hlqM3vF0Y44blg8\n=AAhr\n-----END PGP MESSAGE-----\n", + "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.7.1" + } +} \ No newline at end of file diff --git a/hosts/surtr/matrix/default.nix b/hosts/surtr/matrix/default.nix index df044622..5b89e321 100644 --- a/hosts/surtr/matrix/default.nix +++ b/hosts/surtr/matrix/default.nix @@ -77,11 +77,11 @@ with lib; }; sops.secrets."matrix-synapse-registration.yaml" = { format = "binary"; - sopsFile = ./registration.yaml; + sopsFile = ./registration_yaml; }; sops.secrets."matrix-synapse-turn-secret.yaml" = { format = "binary"; - sopsFile = ./coturn-auth-secret.yaml; + sopsFile = ./coturn-auth-secret_yaml; }; systemd.services.matrix-synapse = { @@ -222,27 +222,15 @@ with lib; }; }; - security.acme.domains = { + security.acme.rfc2136Domains = { "element.synapse.li" = { - zone = "synapse.li"; - certCfg = { - postRun = '' - ${pkgs.systemd}/bin/systemctl try-restart nginx.service - ''; - }; + restartUnits = ["nginx.service"]; }; "turn.synapse.li" = { - zone = "synapse.li"; - certCfg = { - postRun = '' - ${pkgs.systemd}/bin/systemctl try-restart coturn.service - ''; - }; + restartUnits = ["coturn.service"]; }; - "synapse.li".certCfg = { - postRun = '' - ${pkgs.systemd}/bin/systemctl try-restart nginx.service - ''; + "synapse.li" = { + restartUnits = ["nginx.service"]; }; }; diff --git a/hosts/surtr/matrix/registration.yaml b/hosts/surtr/matrix/registration.yaml deleted file mode 100644 index 44b9ca89..00000000 --- a/hosts/surtr/matrix/registration.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{ - "data": "ENC[AES256_GCM,data:RrFw7leN405vBuzzDi8HMMsZ68gGRNuEJ7tuPjgIsGbcI1eYQwaV1+81J3TUMFhqsgpsF3OuPEVcTEBAAaSSPJbPMiUo2dbS1AzZ,iv:+sfQ9yW+rbSDQiRlaPF5plMxwgKI6qa9o/FzLVeVHV0=,tag:Y1dnxQgFDUeRoELbSCiQBg==,type:str]", - "sops": { - "kms": null, - "gcp_kms": null, - "azure_kv": null, - "hc_vault": null, - "age": null, - "lastmodified": "2022-02-24T21:20:09Z", - "mac": "ENC[AES256_GCM,data:llCJ+LjuyaPhslNPzdARtBt67R7EcllGER9u/w8NEPd1kC2RyGGsUiO2y+LywO1SY4OO0JG5M3FAIYuXEefKofzeDMCzFlmDjPRdjts9N6e6ObGyVSppOCcRIn7J1lyy+Ml+qbxuV0VrP0DN6OxLGO/dOcvtsYjftPKxcUiplNQ=,iv:ZtBLC4Tl++1yNGK07/4GL+Qzq+Hy25gfRNRxJTvL53U=,tag:V6NyCT/1ZN0qNd1tc+NRQg==,type:str]", - "pgp": [ - { - "created_at": "2022-02-24T21:18:14Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAd77XebsH3fPMPEHxFn2zEVKiHBKkhSsCLESuR2PPRksw\nw8zx2eJsnnW7GnjTF7LH/OPYyDEHgSu73ZFcsUebjESupZKbeu/EL/fkNaVdHfFk\n0l4BC8BYAXh22mgnHYV2ZJp0WAfv2WL0nhemY2uQ8Zs2Zdf9866/j57xvj6RQEXP\nbInXWALV1wdXhnBGlYILdEo7U9RPHRVsbqdiRq7KZVi2gNAn93lBk5qcHsQTgIkz\n=4bf7\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-02-24T21:18:14Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAi4YnLeLo0H8uz6DbU8knoDxsgxqFcwp1M7kQp4GllFsw\nNjwT3AdoMxCYOOqFF9dNzcEieI4hqwfeN3pxe8hw5TG7EvlUbiY3x7udzoO0+9Tm\n0l4BdV1+kQsB1tldnVo+II7EvP9HWWtNowmZzZgmVRxHt/wTL2VrB3gS7EZFssoV\nDtHpqD7cQ6Pbe+R1bzg1TDmNRamzvMUKYIaJ8tuUgA2HmZI4SiaNBPLX4XML5Zbz\n=9njW\n-----END PGP MESSAGE-----\n", - "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" - } - ], - "unencrypted_suffix": "_unencrypted", - "version": "3.7.1" - } -} \ No newline at end of file diff --git a/hosts/surtr/matrix/registration_yaml b/hosts/surtr/matrix/registration_yaml new file mode 100644 index 00000000..690d6624 --- /dev/null +++ b/hosts/surtr/matrix/registration_yaml @@ -0,0 +1,26 @@ +{ + "data": "ENC[AES256_GCM,data:RrFw7leN405vBuzzDi8HMMsZ68gGRNuEJ7tuPjgIsGbcI1eYQwaV1+81J3TUMFhqsgpsF3OuPEVcTEBAAaSSPJbPMiUo2dbS1AzZ,iv:+sfQ9yW+rbSDQiRlaPF5plMxwgKI6qa9o/FzLVeVHV0=,tag:Y1dnxQgFDUeRoELbSCiQBg==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBpZFpSL2VkY0tJN2oyYmRk\naWZPOUNNZmJHUi9CbmwxcUdKcko1RFlMY2xvCmd0YXB1K3JGTGdWeDhpVkl3cjlC\nM3orWDNrQXlDT3E1YlVhMnBPV213U1UKLS0tIHZqY0pxckFwd1BNbHAvcDZLS1dn\nN2V5bHNzWVdTekdDRFlXNUNLSElQYTQKzUaW39wz2nQGeektGar+s7tGAS+2mT1w\n0qcB87XMc7rTIRd/BEg1eaP7gkPGOg1MjnQ08f1yMi3bEcaQTIUK1A==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2022-02-24T21:20:09Z", + "mac": "ENC[AES256_GCM,data:llCJ+LjuyaPhslNPzdARtBt67R7EcllGER9u/w8NEPd1kC2RyGGsUiO2y+LywO1SY4OO0JG5M3FAIYuXEefKofzeDMCzFlmDjPRdjts9N6e6ObGyVSppOCcRIn7J1lyy+Ml+qbxuV0VrP0DN6OxLGO/dOcvtsYjftPKxcUiplNQ=,iv:ZtBLC4Tl++1yNGK07/4GL+Qzq+Hy25gfRNRxJTvL53U=,tag:V6NyCT/1ZN0qNd1tc+NRQg==,type:str]", + "pgp": [ + { + "created_at": "2023-01-30T11:16:07Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAzZvOhQPLBqBlDLWEuWvuVHRVLlFWpPrM2pmNcnGr5VEw\nok3er4p7bzIvWcUIX+7hifHaDpGIN7K9eJmDN3RSfdmDZhL82KaFwizHBNfYJzf6\n0l4BgUkKJeakv7qCUBuI8rp3z/b/puMp+hy4N7bgbMEOZ4m2y+ZWdZs9L6xTR9bX\nYhq/9wz0p1QAgNcamt8f/lMH7ef/bn/7qaS6byIeblveWIYnhPQS/h0Dpay5khkX\n=JPSD\n-----END PGP MESSAGE-----\n", + "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.7.1" + } +} \ No newline at end of file diff --git a/hosts/surtr/postgresql/pgbackrest.key b/hosts/surtr/postgresql/pgbackrest.key index bc2af12d..c7057e6b 100644 --- a/hosts/surtr/postgresql/pgbackrest.key +++ b/hosts/surtr/postgresql/pgbackrest.key @@ -5,19 +5,19 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzM08wK2tWTGZqSXlkZkNC\nZmZGRVZONm8rU0tpUXVrQnZRSVlUd2JuOUU0Cno4MlVyYk5ILzB4TEtyMTdRUzJl\nUTdnOEcvMFkwZlZ1QmpEREJVNFhNYTgKLS0tIFg1QnlxeXZBYkpXVEppTUFEcnNC\nVEFnUnEwWjI2aFYvZ2EvRW5LR1NVQncK3K1sspt2zHemubUglQBkTRLvXUQyndiv\nQtaU/f5m3f70UoydE7jK1WfEbpUujjaTv5qZeQhA85OtsjRs20SRdA==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2022-11-21T14:30:27Z", "mac": "ENC[AES256_GCM,data:Dsfc1XrGl4abSnDqRl/IwC11bVy+kHz1RaI0V/nkkaJ3fM/qTXPVc5mMoWCiPn1nz5BTABQRSnrf79qHc0wpZ1WUpn07yOf7JejJ/T/bUC7D8BuoVdWRh1og+NzWCEIwaGXg0Eo04yli+GXisdM3YVM9g3BrxYrSInjnNZFyB+Q=,iv:T5QprwIhB8ZWwmmfWVtxkXqbMB1onW+wX7GPIFMn+z0=,tag:zMi77nMepajhg2Djgz8rBA==,type:str]", "pgp": [ { - "created_at": "2022-11-21T14:30:27Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAi3pfg9DA+1v5r5sEijbkdwmOopWh05IuhRJxuy1btyAw\nuo0iV7VpngK8tFcBHnmhx3QsxIJo/gU+xrOwczW3RoSGrWo9tV2FantQPRp6f1aS\n0lwBEJSxmTApD/YDu3M6WhxN49/ZVEXG+KQ/mOdoBo0ITGKa6No0btMolzJ0bCJU\n+/avVdlDdZzfXo9XP0iJUoqh+1yMn+XdnD5deGac8a/QGvXZkxsYQ8KpK9sONA==\n=QyKr\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T11:02:32Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdA8rLHh5XmLvkM8spHa/iIxYYSecBwXitGydVcegMQQEgw\nKKxjDQ+6ffkdVqRt/9L9rg+LVcU5q0a8cxr6uRrTOVwdLyukczh1cj0qX+fjfLXc\n0lwBmw3j8IKtFLQYYiK8z+IAaujhlg8vRQyCaMfMWO0ZXA8NkhZlYhEBcwbvV/M2\nCVCcoUXeo+kimv+8eYg0jrmegCr2FI9f/FQSU1QnEg4sQiVe2i50Im8MC/8TTQ==\n=1j/D\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" - }, - { - "created_at": "2022-11-21T14:30:27Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAYU2U/anEJ8JSiG7NBppmsFeogXN3ynOEdq2tHXf+mUww\nIS7kW1pqcGMjnf7RQNuL91Wek5GEk4T498IFadiYDImAfIdS5jeX2w7UvxWLX5OZ\n0lwBlnxOwkYRWZzAhB6jHthmk2zEc+0JKuFolXhrwXqsFwFGoLTO9fctJrV7ry0u\naM9DqXru+/cEUZJDSq5GYDQaxTjyaFMVwLVdfxrtFwc8YMlqU8vVoWTqLaUVYA==\n=Tg80\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" } ], "unencrypted_suffix": "_unencrypted", diff --git a/hosts/surtr/prometheus/tls.key b/hosts/surtr/prometheus/tls.key index 95e28db2..4366bcec 100644 --- a/hosts/surtr/prometheus/tls.key +++ b/hosts/surtr/prometheus/tls.key @@ -5,18 +5,18 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5MjE1LzBubjJaTWVycFdV\nRWtWYWh2REhlVGpVd2pYSnFFMmNjcmhmSXlBClhlOGRSZVpkbkxsb3BIZ0l3S0lz\na0o0a0RBVXVKSk9KUDlaQzVrTFE5VXcKLS0tIE1ZeGI2SFgyLzNyWmlXMVMyd2Mr\nSmw2Yks4Z1kzLzAyWFRlU3RpQVZTNWsKtbCGcpHckgqUv7ZX29J4ueqI8l+GYRjU\nkY1GuueuM68ATrBn9GhFOuI8EQ5rZg9ZNMAPjbqrmcJ9Y24MZrU1NA==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2022-04-08T20:09:16Z", "mac": "ENC[AES256_GCM,data:UW3ngxCjYl2kmOinRNmwNliBg2Xm/5rCrLp39bo7PXksZcuijV800IKuY91PWjkgaIbjD2jlU0ycJNDw3MzxfVim6gz91kUXQgQV+me8AEXAiO6Sf2j08jEtTh1SCr4qqdw0FE5aULDvGRtTgR+hhNk0xbbeG9fPhU95eeLW8vg=,iv:wG54336E4PouNgXhZbW4/onqbecsRrdYzTXSXDft/VI=,tag:BASCu9YNPMPfbScepLDiRQ==,type:str]", "pgp": [ { - "created_at": "2022-04-08T20:09:16Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAfzL8SSjlYxe8e5yOipQClJffUgxFnlew+N6VK4UhRGYw\naHaDmOmusuTRoBOX4V4PpRg3gLFRoPPy+q9L4Z+gtX97JK+9UgN1mxYPkB9X5M8K\n0l4BQ9caVjtlmMuKp3EROUYrSjau6Ulkzd43P+BwwQ6jv8T52EtKO8WLVnQEheIV\njOMH4DWaxKYbad7lXphix1oFhVvQQVGEzawceWolKDt/T+QS4spJBFoL7V1ml105\n=Cdh0\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-04-08T20:09:16Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdACGP5pn9MiRCa7CJYqosY9Aw4TJx+/9tOsdO5YZn1ZSIw\n/xOMfKjHvT5PlMT9gnk9187MhjR9G/2YcW5ggfyEypo8ei65RkJYzTG2m5Pdneg3\n0l4BzMEQtYAbmZBp9XSkqjacCTpc2y6YV55qcuFudtRfsFFi28JSb5NxZ61AKy0g\nSk/e+IHQvTGahD2akrHBNIPncUOo4GHHzEjADvdDuJNpMkYUgnhEUod2JPYBjFmL\n=JN/O\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T11:01:36Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdA/nDUY7M/3POBOzPF9mWneVrKCIg0q6CXI2+GpJuHPVcw\ns486diOZ9gSZ0dhh6CjKNotuKpvfV18Py9ih1vXtLMMQxfl74uewS3hstxOYMYjC\n0l4BZIQb47ymfUelKhE/wMDOPnxaBhWUh5nOXX5Q5qgJzXoBIB1klQX2+44joB7U\nAzrBkZzDGVwLBcEm7+oZvokQDNv86D0n9WU2zXyRYpI0YcVAHaL55n+C/I0APA+D\n=77fg\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" } ], diff --git a/hosts/surtr/tls/default.nix b/hosts/surtr/tls/default.nix index f1a515db..b1c05888 100644 --- a/hosts/surtr/tls/default.nix +++ b/hosts/surtr/tls/default.nix @@ -3,111 +3,94 @@ with lib; let - inherit (customUtils) mapFilterAttrs; - tsigSecretName = domain: "${domain}_tsig-secret"; + tsigKey = domain: + let + tsigKeyPath = ./tsig_keys + "/${domain}"; + in assert assertMsg (pathExists tsigKeyPath) "‘${domain}’ does not exist in `tls/tsig_keys` -- is this a new ACME domain and you forgot to generate the TSIG key? If so, run `gup tls/tsig_keys/${domain}`"; tsigKeyPath; cfg = config.security.acme; - - domainOptions = { - options = { - wildcard = mkOption { - type = types.bool; - default = false; - }; - zone = mkOption { - type = types.nullOr types.str; - default = null; - }; - certCfg = mkOption { - type = types.attrs; - default = {}; - }; - }; - }; in { options = { security.acme = { - domains = mkOption { - type = types.attrsOf (types.submodule domainOptions); + # This file introduces an additional nixos module option + # `security.acme.rfc2136Domains`. + # The new option is an attrset of domain names mapping to + # additional settings. + rfc2136Domains = mkOption { + type = types.attrsOf (types.submodule { + options = { + wildcard = mkOption { + type = types.bool; + default = false; + }; + restartUnits = mkOption { + type = types.listOf types.str; + default = []; + }; + }; + }); default = {}; }; }; }; config = { - security.acme.domains = genAttrs ["dirty-haskell.org" "141.li" "xmpp.li" "synapse.li" "yggdrasil.li" "praseodym.org" "rheperire.org" "kleen.li" "nights.email" "bouncy.email" "kleen.consulting"] (domain: { wildcard = true; }); - - fileSystems."/var/lib/acme" = - { device = "surtr/safe/var-lib-acme"; - fsType = "zfs"; - }; - security.acme = { + # Some default/global ACME settings + acceptTerms = true; - preliminarySelfsigned = true; # DNS challenge is slow + # DNS challenge is slow + preliminarySelfsigned = true; defaults = { email = "phikeebaogobaegh@141.li"; - keyType = "rsa4096"; # we don't like NIST curves - extraLegoRenewFlags = [ - # "--preferred-chain" "ISRG Root X1" - # "--always-deactivate-authorizations" "true" - ]; - extraLegoRunFlags = config.security.acme.defaults.extraLegoRenewFlags; + # We don't like NIST curves and Let's Encrypt doesn't support + # anything better + keyType = "rsa4096"; }; - certs = - let - domainAttrset = domain: let - tsigPath = ./tsig_keys + "/${domain}"; - isTsig = pathExists tsigPath; - shared = { - inherit domain; - extraDomainNames = optional cfg.domains.${domain}.wildcard "*.${domain}"; - dnsResolver = "127.0.0.1:5353"; - }; - mkRFC2136 = shared // rec { - dnsProvider = "rfc2136"; - credentialsFile = pkgs.writeText "${domain}_credentials.env" '' - RFC2136_NAMESERVER=127.0.0.1:53 - RFC2136_TSIG_ALGORITHM=hmac-sha256. - RFC2136_TSIG_KEY=${domain}_acme_key - RFC2136_TSIG_SECRET_FILE=/run/credentials/acme-${domain}.service/tsig_secret - RFC2136_TTL=0 - RFC2136_PROPAGATION_TIMEOUT=60 - RFC2136_POLLING_INTERVAL=2 - RFC2136_SEQUENCE_INTERVAL=1 - ''; - dnsPropagationCheck = false; - }; - in assert isTsig; mkRFC2136 // cfg.domains.${domain}.certCfg; - in genAttrs (attrNames cfg.domains) domainAttrset; - }; - sops.secrets = let - toTSIGSecret = n: v: - if v == "regular" || v == "symlink" - then nameValuePair (tsigSecretName n) { - format = "binary"; - sopsFile = ./tsig_keys + "/${n}"; - } else null; - in mapFilterAttrs (_: v: v != null) toTSIGSecret (builtins.readDir ./tsig_keys); + # For each domain specified in + # `config.security.acme.rfc2136Domains`, configure an additional + # entry in `config.security.acme.certs` containing appropriate + # settings to provision the certificate via DNS-01 + certs = mapAttrs (domain: domainCfg: { + inherit domain; + extraDomainNames = optional domainCfg.wildcard "*.${domain}"; + dnsResolver = "127.0.0.1:53"; + dnsProvider = "rfc2136"; + credentialsFile = pkgs.writeText "${domain}_credentials.env" '' + RFC2136_NAMESERVER=127.0.0.1:53 + RFC2136_TSIG_ALGORITHM=hmac-sha256. + RFC2136_TSIG_KEY=${domain}_acme_key + RFC2136_TSIG_SECRET_FILE=/run/credentials/acme-${domain}.service/${tsigSecretName domain} + RFC2136_TTL=0 + RFC2136_PROPAGATION_TIMEOUT=60 + RFC2136_POLLING_INTERVAL=2 + RFC2136_SEQUENCE_INTERVAL=1 + ''; + dnsPropagationCheck = false; + postRun = mkIf (domainCfg.restartUnits != []) '' + systemctl --no-block try-restart ${escapeShellArgs domainCfg.restartUnits} + ''; + }) cfg.rfc2136Domains; + }; - systemd.services = - let - serviceAttrset = domain: { - after = [ "knot.service" ]; - bindsTo = [ "knot.service" ]; - serviceConfig = { - LoadCredential = ["tsig_secret:${config.sops.secrets.${tsigSecretName domain}.path}"]; - SystemCallFilter = mkForce [ "@system-service" "~@privileged" "@chown" ]; - }; - }; - in mapAttrs' (domain: nameValuePair "acme-${domain}") (genAttrs (attrNames config.security.acme.certs) serviceAttrset); + # Decrypt all `tsig_keys/*` at runtime + sops.secrets = mapAttrs' (domain: domainCfg: nameValuePair (tsigSecretName domain) { + format = "binary"; + sopsFile = tsigKey domain; + restartUnits = [ "acme-${domain}.service" ]; + }) cfg.rfc2136Domains; - services.certspotter = { - extraOptions = [ "-verbose" "-num_workers" "4" "-batch_size" "2000" ]; - watchList = map (domain: ".${domain}") (attrNames cfg.domains); - logs = "https://www.gstatic.com/ct/log_list/v2/all_logs_list.json"; - }; + # Provide appropriate `tsig_key/*` to systemd service performing + # certificate provisioning + systemd.services = mapAttrs' (domain: domainCfg: nameValuePair "acme-${domain}" { + after = [ "knot.service" ]; + bindsTo = [ "knot.service" ]; + serviceConfig = { + LoadCredential = [ "${tsigSecretName domain}:${config.sops.secrets.${tsigSecretName domain}.path}" ]; + SystemCallFilter = mkForce [ "@system-service" "~@privileged" "@chown" ]; + }; + }) cfg.rfc2136Domains; }; } diff --git a/hosts/surtr/tls/tsig_keys/141.li b/hosts/surtr/tls/tsig_keys/141.li index f94b492f..d1e9450d 100644 --- a/hosts/surtr/tls/tsig_keys/141.li +++ b/hosts/surtr/tls/tsig_keys/141.li @@ -5,18 +5,18 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBrWDVoZU9sNzA2TFlXMHlJ\nQ2dncVpWK3N5ODRicEhZWTQyeTVzVEdsNUF3ClZPTlI1dTJsMGM4VzJhRm5OUXF1\nNG5wK29lLzFpR0N0ejEyYTEvd1R3L00KLS0tIExkbUdaZzJOU3J3OFFyU2dyVTlR\naThkdnkya3I1eEJ4ZmVRS0dzeVVmazgKJ+WBIR3A7Gu2zT44H9j6eIcOaBAuPFru\nWU4dEGzS8aGP1e8PGdNqvFt8Cb9JvQVSwo1mxpM6wnRKro+PSwXucA==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2022-02-22T14:15:30Z", "mac": "ENC[AES256_GCM,data:NVzJqLoMPP1I322E002PPHB4hp6K2FpZTz1+E+eggsVnXtcU3da0zzRZTe+1JRRRLgTp1nFafxkDZbOF53byUgcuA+YVD0lIcX/Zk4JtkihS/AKBgCFSDXox+WFPulT+Jy8piRQuLFIj9m//FrPqbbZje4tT9MqtU8GFtQ/RZSA=,iv:ZXv5MXjUH939pbFZTHLICovdKgDxN3HkJWjzEBu0mIM=,tag:0h6XiH4oIeFEH3dFivHe2g==,type:str]", "pgp": [ { - "created_at": "2022-02-22T14:15:29Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdA3LvoKvgJIXhXYc5cnoUHE4k9EnJzrSokuwHX6vsXMF4w\nl/Am3E8SYCRLW6GH84v5nRogvRi4/njDTUMltRil4AreR8AKs6O22K/dotFDFpm8\n0l4BjzIFo5lin5t/fJQnam+Q9N0sRu6CKe74id93IEWn4fh8jnGm2z45VQf08edv\n5TT3atYJPXK3BoOGZqWLbYk1zZMxlj/yNDC/gsoNzkv7tFfQyd8Rk0pbGOELrvlq\n=QUbV\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-02-22T14:15:29Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdApyLjA3a/6MiK3911+Dp7+GldIgztIqDfePqSVGQ9Tngw\n8ojc86qm6daCc2aceZGmmvt28kPX4XNmd5KOnFhF6B33o1tSI2duoVeYMOMY5sc0\n0l4BXL2CeNPvdX5To1I4OAUV6t3HEhgnW41/b6B3LqaGg34KBI4i7xNb8+djVSxu\nMEtYkD9QoSkDdNOpDAlH5GnPmrIVPHY9ml70agC1ctwET+P6L9qt0lzwCs2K1oT2\n=/Ukj\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T11:01:00Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdANQMH95wliy2z85pn7Ld3nc+u2XcaJgGoNpyU+4c82kYw\nHqpVBNY4K5mCJw6mVoH2X5dTpdxkOq065YAT5GCN3X6V7a4AalZwjBLyv01iXoTW\n0l4BSaj41+nbru4qEbUAgGw8q7m/MYVFw+chSjRXlAmJjDrhHy2nwWQbjN9DHy74\nz8dfB1n3IHKDVtmWOiVuIT8shqzCu8Q5tw8QBv2QxypIVFS4pIeQG+CwSEsBGzF9\n=/klc\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" } ], diff --git a/hosts/surtr/tls/tsig_keys/app.etesync.yggdrasil.li b/hosts/surtr/tls/tsig_keys/app.etesync.yggdrasil.li index a50469a0..41b4a51a 100644 --- a/hosts/surtr/tls/tsig_keys/app.etesync.yggdrasil.li +++ b/hosts/surtr/tls/tsig_keys/app.etesync.yggdrasil.li @@ -5,18 +5,18 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBrVW5qUytpOTU4VFNydzFr\nMTE1MjcrK1dlWmF4SlJrZS9yMVUwNkc1WldFCnErS2JmSTY3aXllOHRxams5bkFw\nWDlBZ3BJeGVwNC9wb1hUMnpPRitERlkKLS0tIHlhNEFtRHFBM1lmSHBqMVdlTHpl\nelN5WUxrNU54MUtIRnZwbmZVWEl3RkUKSDOhVUimHUJoXjsApIO9Z1mXdf6Jgw5E\nvdDkMUsh1MBbW97wPYej8jiBTM5FW6cUkbimjonyncmNAF8l39iBfA==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2022-11-09T19:02:47Z", "mac": "ENC[AES256_GCM,data:9yn9o50V7+e09RBZfNgjaPeoDDv0cdSZSSH5QV9RJUaFbV/5razGbqtDa3aASor2o9aGRdxV8aTS8r0HUnXBvAtKvj957PgRprf7D9J3iU9iHmitrEStuRIQTz1u9rbxxPxi45Cp136n6XcVoRUrIO9XmpzYZ5lPSGCu3CXyk98=,iv:8HPj8B9nRzlBryt+gPNvSsl6YoF4zl3VvI5+aZ4UkLU=,tag:GJKnHL5mt0rO73HUCxC8Qw==,type:str]", "pgp": [ { - "created_at": "2022-11-09T19:02:47Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAAEW7XxblC2ra6d6tKyiJczKy6sX8iCQzzJq1uenZH1Ew\ngRZp56DapGmV1+Ihb2tasyVRTl07QLc4dP+OmO1/pKNnMLaPk4djy5YWNyGvNyUK\n0l4BSfhJmO+Jxwq21VCefaA+sFr1bkLaQUILzyr33QSXrwnunwj4BV3pKIvXT0mB\ncJdyoXQlZbHkGxLxo/0qxfpERfeGluOSA/J59Qf4oAGT5GkTqfyFkNMmQJFb/kNn\n=cIev\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-11-09T19:02:47Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdARJp9uSk59SGgYyNwybohjzbjTak/OdgPogdlHM4ui0ow\nNIONcLnzKHX7NFv0BIcwJ8iG5/R2JQ/CKkHi1c5D8RWi6fHEcGYeGk78VDaUT5vi\n0l4BT9vPO/DWHQxw+C7XlUTAwUD3g78W2AkV8H46fMaUBQNITkcXdV1E4T3oNBkv\n/IVY+C1l8NpxzVHYQdo+BRICZ3CKpRXci3ZwQK00epXd6uPyUEpWrVh8bN22oxJT\n=aSHb\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T11:01:39Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAHIHVuCydtfWRzGzvzHUlw8wV2s9epzr6b7l9JO7TUCMw\nPV4ptrzydVNuH7bOjsizCpzFkmQB1a0PhDWNu81Pd4T/UItIf59AVQlK1JZPI3os\n0l4BDHWHEXy4kbGkiobBVNKiyikCFkNkKOVpmHOVxNXHCUBNVekCA1rjOQBjoBsz\n4KdrUPw5XPuOsG4G1l+NQIQIa3gLCDdio75o5LsvtB4P2OklM0Z2tMhGaYSWvDrs\n=G5TX\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" } ], diff --git a/hosts/surtr/tls/tsig_keys/bouncy.email b/hosts/surtr/tls/tsig_keys/bouncy.email index f6b8377b..dbb8a54c 100644 --- a/hosts/surtr/tls/tsig_keys/bouncy.email +++ b/hosts/surtr/tls/tsig_keys/bouncy.email @@ -5,18 +5,18 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNQWhtamJqZUVuT0ZGYWdB\ndHNNbDk4NURKWHp5UHVXMDM2ZHBzbUc4aEQ0CnN2bGdFSlB6YVBPMW1TZFZ5TTlT\nK0ROYnlFUTh1ZVA1Z3BCZEJPa3lhbGcKLS0tIHBZSUFJeUNFTEJTclY5S0czUFd3\nK1FYbWk3VGFtbjZBV3dsUDBTeEtFdDgK/rq1EpWafGEBzn/oioVJ6Z3RdYEwQcVr\nADj11pRUYSV+HDQn5d9PYH+eZ7jWG/IIsS18t4S31dXtGPUFSQQjdA==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2022-05-05T09:11:47Z", "mac": "ENC[AES256_GCM,data:Rp9OZdZ83nXKJqZGq8bEgkrjdDzGIWD1SsaPSEzKdTmL5+N2aqv0hQhmlKqgINSipy3pPr27ojQgDUqSGXNkiOdxOMn1wwxBFL7DBAFOW294KxU1uCXhQMLcYwGHlaEVrzGrNvPE3SEfjgWFTJHyT7j+hI7dVUfPiGYxWJFHg6A=,iv:IQ5x4u8MeChI7Mf5vfUv4s9Y8EaUja8En5yzPP6Vz/U=,tag:64Xu995aal53KQLWl3UOgw==,type:str]", "pgp": [ { - "created_at": "2022-05-05T09:11:47Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAAg2F1LygQ9z7q2KuTamS1ZyAlKrSsFXevqRRN9LZrzEw\n7JXermDoMQzMuTPdjMUL6E5Rlfk5j2UTHKqa1SoQyUDgmF1hCOny/8+gbVqQySLw\n0lwB2MNRJGOcLWSoxEXHU+bIRiwLX5QZ8MFFrtxkk1hd28RL8JozFio/ZwuNSFSK\nU3jNEajWwxX/Y1ct0KmcVvhhCOwKTinZCebCocB0I12V7ZRMbDzKUc1avLIoVA==\n=JlNZ\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-05-05T09:11:47Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAfoOzVooUt/RCvN/Gyzfg/Ci/6SPOavIFz6a1VY8RCTsw\nbdfL6HQaU+I14B6DdJYV3ThZTvchspexKCt/3tve4fQtLS4YP43Yc/cKyuvJjKhi\n0lwBdH92sKoNZCF8sC+AoH8fOP20jR6DvIXcvvnYrlpOPolQ2xJffrzpFnDmxSC5\n5tKMotnX5iPi0zNR4riAf+li0vboFYpOWyO1vJWtF97EaMdrIaqqC5i98/5qlg==\n=iFkv\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T11:01:44Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAosu3wR3thEqsYsO0BcYOaDEKRMy5f1KPJaH4l5tERB8w\nstKrIvy7GWv2D1enuMuxoHFPfHxCauiBudDDCvU5ic/KGufMoOWpQptYYWRoYsvG\n0lwB4p7Xq2FYCJDhnu9BJihD58VyehMyMydai84on6bYXVDSxIznfMTHB4W9+N8D\nFzFhcUfOW3/Aw3C8TjWq8CUDtBU4dut5T3PQBVgQy87CKAtrpDrhZAi+P6n/0A==\n=vwZc\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" } ], diff --git a/hosts/surtr/tls/tsig_keys/dirty-haskell.org b/hosts/surtr/tls/tsig_keys/dirty-haskell.org index b9effeda..6ac1b071 100644 --- a/hosts/surtr/tls/tsig_keys/dirty-haskell.org +++ b/hosts/surtr/tls/tsig_keys/dirty-haskell.org @@ -5,18 +5,18 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVSktzT0V0bG10SUNoZFFU\ncWIwemg0eEZQYmVoZ2hnVU03bTgzaVVJRzFBCnFldFRZYi8xYU85cGNNZEVYTnNI\nYTh3NkQ2SWxPSHErRFJnYkI1YnN5M0UKLS0tIFBhbFk5Q1ZLZUQ4MXA3STJFL1R2\nQ2UwTGsyb1hwcWpXUmJiWUpLZ2tpYkkKDHKtfjoxmsdk7jya3mbWnZnyl8f4K7bG\nJ2ZOrnOBRDcU30s0wu+xUTcT9XbTyfbbzdvEmjuxTBr1YxE2NiwDbw==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2022-02-22T14:20:36Z", "mac": "ENC[AES256_GCM,data:AZxoNR2oE7c5LXEg8o3cBYTflBMeGadPWr1cJ5GEyBJUJUloN9V9iTjnN/62Pj1zkTQvOhL4vkoOd0q812mOV1QgCi/RbLTPIn55dDWJ8d8jYQLlqrMV3LR+xtsGDDBDOPWJ8pNIug9D7f3BwVQpbvj3W2WOnJvm3oAZNHa0RJ8=,iv:YVFNSC74bZQgGpVLxWFCkC1oouSYwJjQ+k3beSeXUJc=,tag:oi7bSs83GsDl4qpsJ8zqCw==,type:str]", "pgp": [ { - "created_at": "2022-02-22T14:20:35Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAhNF59zErbJlEDeJjF5kFLUVeAF81ageD34K/7NjVf3Ew\nFAn32mbWKZmoY4ekfOyZesKWTvpaYH8vnLj0r0vTc4nnqIejrVbz5T7nxl9mKgxX\n0l4BS9jVKuC7mGvTlKvpABPEP7uQS083JRVdTQ9nLFF3kOgf3rHWTX7I+QNMT+7E\nWqdm0q8OV09wk0I94lpRVjQjeosZmLGV58E8Q1D5x9xKjwS1Z9IT2SHONaZDAc5a\n=jdQT\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-02-22T14:20:35Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAMpNL9Ff2tSQLZYJlJCc3zUeTIiJYBwPXngz89tnrtxMw\n7cBQezv8MW/nKS5+8VPsr5NA2EfbPRlPAGDs3i7c82iNyaq8wjlZ7E5kJt9Cp1UA\n0l4BUddH560+QD8JZ7Tas943jI0GvBSrP3gm/dpILXS6APmIo8cY1Ex8Qkyvp0vn\nfumu+TRaUIjgSo5ZbqbJx+/duUjTg+j+p0Zu1xvBDQizbP894y5LFfsEsWQB2tkC\n=QZbr\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T11:01:52Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdA3VUCkxqxcGqpwgpOIt2PFyk304lJtUi689Etl8kGYxEw\n1PhanLg4Ot806akBnXAVbaGzSw/pbQ4lKwj5f8XPUpz3WZXuAiYrwxr25RzQot8/\n0l4BPPLAr8rsVfLVL6r2Do9/Ae7UV/Ko23SLl6cxT+JTgXy5e36eZJqMNJ4v/Jti\nL0VHuThIdgdJodFNR5AJFpEYN0OrLvkW/vB7sfB/pQrWIWhKOow/R285ESAuJqcO\n=s0pn\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" } ], diff --git a/hosts/surtr/tls/tsig_keys/element.synapse.li b/hosts/surtr/tls/tsig_keys/element.synapse.li index c633e1ed..a4c60817 100644 --- a/hosts/surtr/tls/tsig_keys/element.synapse.li +++ b/hosts/surtr/tls/tsig_keys/element.synapse.li @@ -5,18 +5,18 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWUzkvd3N3WlpVSDhMNlQ0\nTmdrSmY0M2VZcTh3ZkJmcDVxMHBOcitIT0VFCkFZcURzWHBhQkpSUFZiUTVLQ2FP\nWVF3SHpERU9JSm11ak5HOEVIMytQb0kKLS0tIGE1bTVEYndVR29uakpxYktvZStD\nTU5nb2owWnQ5Q0NOM1VxdW41eitxMjAKotJafHfIrUuOhplV4WA2M0bMplj7FTBg\nZVX8/+4Vh8jb7latiARsa3XiicKG8QYT1g1Vv8K8f26LJsCn3pG3vg==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2022-02-24T20:22:12Z", "mac": "ENC[AES256_GCM,data:4X+aOHyoKN6CvrGziOeQ24pqi3xTP6Hsl+32IcCmFvRNr4Cb3mSj8pU6kP0S1PdLpgfUdzWU97B9W2ND+1IUkMOI+g6DKcQKvegT7KAt55FVnpH98Ls1dxL/eFQxufQLMymTNiE7uuVKPpsFkT6iVnMSfy8JHHQPaw2zfgW9Awk=,iv:VwJGG5tpBD1RxeOoaGY4W/sMS1Pmd+jc2FH4X2MEmFE=,tag:0kUj6f7zfcx/5j5bum8DJg==,type:str]", "pgp": [ { - "created_at": "2022-02-24T20:22:12Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAAyA3QRnlZfj/s/gnHYyA5DEzz1oHnpWD7hc2eOayNXQw\nJugmUWO9a6nYeLIAZohvh3Mi7+BIPHr8tAgHsG7593nScxFYxq7dbE9SiJFKIGuo\n0lwB5qUtK8Cs0vXXsmrssMZ95TmUGizBhCvseYsZa0RAr+5BMxHfE/qokpOuBPW3\nnD6va9cBvpjta7rrUf10z2vtQvG2ViVfDLiN2YTz+F5WkJx0Ut/wQvxh7WhE+A==\n=l3pp\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-02-24T20:22:12Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAfDVWe9yac8vCFP+Rt+99kqGK0TBrL43QqTylQZm8hDAw\nDo3L3P1rUhFU2Ubgaf2NsVo2Eu5sC+OW3SGtUtd4YvUXYO+ntI8yYNmWG+Dm7Gnn\n0lwBXNGWaaObwgIHZE3znUk6r5Adyfxw3eP+0ct5MRd/OaRoUjsvBa0Lpz5zvPJB\n6/lF3xiJsjcQy8u27J93d3oEdtw3YtDr0PLxYklv3pZdTP/6T7RYEgPmd5Tsrw==\n=Asam\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T11:01:20Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAavy16vyK8hEuRECWVZwmMeG3JEUF4rCEKeohr3kFymEw\nxNjefxqGjBZzvqiluzUJODjHHKygH4YngQwwzXoyx/mvDsjCatq9MiyZTV3uW1r7\n0lwBpGTnf3/uvATij6q5wZIYQyRLElfwgWVA9IS+3PCvCFcQQCD5oF9pt+JQsktl\nM57WWjNHWWqD9v0n9BwkDykluUHyqTwYOODSvxbe1guoA4dzW2xFvJ0v+/54rA==\n=8IZk\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" } ], diff --git a/hosts/surtr/tls/tsig_keys/etesync.yggdrasil.li b/hosts/surtr/tls/tsig_keys/etesync.yggdrasil.li index 36b088ee..99ef24bd 100644 --- a/hosts/surtr/tls/tsig_keys/etesync.yggdrasil.li +++ b/hosts/surtr/tls/tsig_keys/etesync.yggdrasil.li @@ -5,18 +5,18 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBqWWNEUlBjaTBNbzdSOUZG\nN1NRdEhMVUgwcGdMZHFyYUs3RmozdkFkZm1ZCjNJT3g5Vmp0VWg0WjY1SEM3d3B5\nL2NrR0VwdDB5L2pjTVRGajZJVkp0NUUKLS0tIHh4Nlk1MXlzaC9Ma1JJNjlYRFlC\nam85ZHN3aDVMbXpJVStiMm45TUlMRHcKx6WDswKNT3ZxfInYArClVV75p/2skgp/\ncFZ/vfPObSrI9L3+XIFeAQLqyR5EaFZhoYy6+2XGtAh+WHMzK2bZ9w==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2022-11-09T15:58:57Z", "mac": "ENC[AES256_GCM,data:jnayMaU/b7Ga0LY8aTT83ZfveBpyZQONYxZg7m7wtQsJ9R9fBz8Hj8RCTe/kQHI9J6QjDkM0BRtQjKWkth3BJMyzsLpBWvxdYen3AVROs/MHaX9rQ2MlKbZT6sQHiOgJaYiKem6cogMmLgQvb23I56gJNPGaM+0av6evCyu9+Oo=,iv:eiJQQChxu9ncxt8v1DXFFCRHMBuOnjOkOAVLv2tZjgk=,tag:14R6xM+2jIN03ZnleF788Q==,type:str]", "pgp": [ { - "created_at": "2022-11-09T15:58:56Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAKFpHfMQJnP8nDjHzxTxavExHX5z7JE3xPL6RCAJIX3kw\nbZ01Kd8gS3K4o69Nmfq8pXnPi6Oth7cuU4sQMN6TDz7/TCbyGSfdeh69A6d5WiU3\n0lwBNIuAyXvDIbtfOO3hqlQSzyBI0FBdj95DkyDu9el5KFHgD9VYm+of//pcdFV6\nVvoRQV2Cgb7kfzRQJxb//XqGZ1X/+TeETAoHVeEwCTCyi205tdH7eKJ21oGgQQ==\n=ovuM\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-11-09T15:58:56Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdA0Dcxxnlrr5jyhG3c2391EURXEHWCozH1dZwVXjE9pkQw\nL4WrL9LBnUBNgNXse83Va20k1VQxZUvOQ/xlLhCoFgJX/oa3++BIzuZSA2/Uh/yv\n0lwBmpMYnHdoFYxlxLX5xYE9wo7cye/eNHcoZeP/InOGOEkQc2dbIari/Y4z1+2Q\n18Z8eCRD/iLCbFXJmH+/pHhQhjzWM+p08DSxQqKAfYhEN/cAs6e2T9Mp85wU1A==\n=X+4i\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T11:01:15Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdACZpzi5O6Yv8PiiuPftPmcUyLgA5qHZjKZkYKs1elZlsw\nVjQet4Ky824ivYE+AXqLvO+3duqcokQg9yaMcaY9QtfY621T+Imj3ntXUgyzMysG\n0l4Ba2uRZFFj39z2Xdm2eGHxkKmGNHt9V83dRcLnEXy0Ecfb49xq6Miiouw/qfzb\ntdND8qPAchlZSmyw2zbHbgyqxdirukonkO7rbpA9SmtIh+RQsEvT+S3dx4pbBRHs\n=69Qw\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" } ], diff --git a/hosts/surtr/tls/tsig_keys/imap.bouncy.email b/hosts/surtr/tls/tsig_keys/imap.bouncy.email index d3f86b23..4c7e8f2e 100644 --- a/hosts/surtr/tls/tsig_keys/imap.bouncy.email +++ b/hosts/surtr/tls/tsig_keys/imap.bouncy.email @@ -5,18 +5,18 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXVUhCcDlNdXphWDNNaUVo\nWDIrVlp4aG1QRzlmMTdia29VLzBZRFJ3bXhJClA2aWRBY05TN0Z4eTZuVTh1WHk3\nVU1id2kvMFZqSUNVUVBvcmFpYnFML28KLS0tIGtDd01Pc0ZCVjI0dTRnekpBQ1gz\ncXRCNkhUUWQxYkJUK3RuRWJoL1NSQ3cKpUUX0IcwtrQT7KhM7Arhrt2DBl4CYxZn\nXwCJzXtQUTDeNtqPs1WOlK5ZwSK3ZtxTpiH+mUZrcv8S6fl0l3WkkA==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2022-05-05T11:44:35Z", "mac": "ENC[AES256_GCM,data:C8C327hR+CdEZjqkQUoPNCXXmUbNSl2oHChLQuz0MOSvU0laN7rLcdJ2Mb/WodVgHdVNXtzAzLdOluXi5ikW6pZH4ZAkV1Dsr5E/WLR3TuSr0ULJx3+ZQnT6XJkzKn0MSS5/u/ctUpGoFki+xG2S4yQiGqArqXUktEF2XAROBSw=,iv:Sp22bqbXBBWX3wLWBqHuZaQ4ki3PNx7BFKb16uHHU7U=,tag:OxVOI2K0Tliven8sPXnzlw==,type:str]", "pgp": [ { - "created_at": "2022-05-05T11:44:35Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAg+bD8OFCZiufY4QRUyLA3K0UMJS9rEbyE7vCExAazhUw\nYLPtQLtH3MFfS+HoDqrOtTy/1FadBbSBO8YC6bEeBpTksLpH5o3dqYCOPEzYWTKN\n0l4B66Bq+BgNuR+Ld4A+TdzNOfsmjIsEtVh2AKyfKFsg4+29MH5ImX11Wd4ek/5R\n1qD8evoz8DT+1sE2mX7gpGZj24x4A8CzhOPU/zQBaD7tf8omw6okERIi03jCpfml\n=C4Vt\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-05-05T11:44:35Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdA2g2y4txmaQ1pjMKcRqwjqCSzdOeyxqgaO7hNzVzRvwgw\nXggd7yj7dSW+JZ1/SOmeMDR2aL28B6lB89q2IdGDORBaa8/m6mSSnP/aNiMtj71M\n0l4BgV6lelcYvGJfqb9TDZFZVsCYAiONBzhOjJ4y31H09BTFrFEnTOK+iipiqjti\nlM4ejpSuKPrSwx16+7B/Pa/OEMWfRWn7tIIoRC8rEdWKCm1utKLlOoqpR4OA+5mT\n=VcqH\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T11:00:58Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAVUsf+nO2XReMWZXUqW4YpeOm7oRv2RewCZlksB4zRTMw\nhGANiT9E6qhcnf/j+lq9UtjUSMti6LMaXbMxhKXn9/Brhlq3iYZO/TDxtBIm4Qim\n0l4BdM179Ytc1vH6stFuAMBmICqLnfk7vbv+zclllsttzTB8BumMZuu8bEV8FjtF\nHuNz55zHeIgJiFBoe95KJ0ZBgjNiiNu4Dn9YKoWXIim7w2UdF04YRABV1o7dHYnn\n=slnj\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" } ], diff --git a/hosts/surtr/tls/tsig_keys/imap.kleen.consulting b/hosts/surtr/tls/tsig_keys/imap.kleen.consulting index 4274b6c1..c64fccbb 100644 --- a/hosts/surtr/tls/tsig_keys/imap.kleen.consulting +++ b/hosts/surtr/tls/tsig_keys/imap.kleen.consulting @@ -5,18 +5,18 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNMldUMTBmTzNnK1RXYUd5\nODBKT2g5S3lwS3NCeWlzVkhJTzdoT1dhNmpBCjl2VFljSXNUSUc0UXBlQ0lLWDY0\ndStXS01DR0JxQlRqVFhjZVZwYVN4WEUKLS0tIFppb2RERkFsRjR6OXJpa3E2WEhE\nV25BV09kNTZjVmhVakRERWI5WjBaSjAKhz0vCrRcCGIO+t/kfg4QRVqXKNpXER7A\nW4Y3PWyEdSnOVhUmNHTi6mAegG/ytZFojf8gdCZfnoffwgq04wn7hA==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2022-12-27T14:23:03Z", "mac": "ENC[AES256_GCM,data:A89e988MUk4M0hYPjt+rkidTT9G2t/pMvDWbA1pLp6ejuaDKOyqt8+4Z1ijA+ZWotam/+PS4OwiLYPWUv5yQYRZXEgIC4X+9zUqTzrk4YfHNzz5CxHv3xVRXDAv+THAuAZqpFcJHZsfwlrkJ8oT7aBM0QzGEYhRd6DqXrDm74Ec=,iv:rMrjW/5doBtymJipRPfS2HrAVOXmNLSESAmGfGrfRtM=,tag:hnnZaRoAajlaSs94Y1VF9Q==,type:str]", "pgp": [ { - "created_at": "2022-12-27T14:23:03Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdA1Z/0PugoNJs50gvZpRdFzp5vykDq3WiLr5TpMMOcrm0w\nwzLloHyQzuZixmbhj0zJ8JEW38kaSwjiJhkifIYI81ab49SJKzrJk0/+QhFQwgQQ\n0l4BwWaAGzxg+VCvWVasXpFrxD3XTIa2d1PntLTNkrnLO0W75rWBuAOrKR74BS8y\nnKPFtG+jRW36ziESeqyPF+Grb+lMiVhqEBe/W1eeeUtCL8HVVfTBnNSBrWockDnj\n=FOND\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-12-27T14:23:03Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAuAdDkZ/i0CzkC8BtxDVRKXRYIPagMBUTue4T9hrfZjow\n2hCdSqXoiO9Nafl4p6hr+z/+hgvtd7+Vi6Vsx/hYEYyQGGMj4kBjtrCLaIXrNwzk\n0l4BWzYVis9DReZ4b9dQjqOqFOFXTNjjdDvKT2XvB6UC7Ak92Urp0aASQr6cOOa5\nr5k3j1AYlhMeYpSmz7uzWjLcIAqH84KFBAEvsm644ymmKkM0o6lZfzYN2TsoEjnP\n=CXUK\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T11:01:42Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAyP03+VC7d21C7NHi32qnfkr3jZDcAZgmWvrtdx35Plsw\n63/4kdqtWedhlPM68CDOmweaPhCV2osEz3f4cOHToz7N8eIcBpbyx/bNaYgAfil5\n0l4BgjZErUUSnrevrk5kKvHIN5KBYVBR1SIW5L5xKVRLCLYswHSQiLUtekPQ1K4r\nt6J2eRmVnDuIdGNB39m0UKTQ3NHrcYUe2o94KsQqiVNjEBdRmzgoVw9h2noiTTq3\n=voMP\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" } ], diff --git a/hosts/surtr/tls/tsig_keys/kleen.consulting b/hosts/surtr/tls/tsig_keys/kleen.consulting index 48b6e4b4..3670a50b 100644 --- a/hosts/surtr/tls/tsig_keys/kleen.consulting +++ b/hosts/surtr/tls/tsig_keys/kleen.consulting @@ -5,18 +5,18 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBqVlJpcTJ3bDdQbXMyN0hm\nSHpDN3F6cVFWdVc4WG85TDRmdllWWDRadkZrCnBVR25wTEVVWkxqbHdOSjArVVFj\nRk4vSkZRRnNEL3NyMEkvMkdoUHJqRGsKLS0tIDBiZzFuVG45RDI5Z1dMb2F2VWJ0\nc0FlMkMrSGswdWNneTRad2g2RTlxWTQKooHU96GOlHCACaOz8edd8fxDj64clksV\nD6BlMp1eW6u43NCMJfUSSM/A6Oj04eBw9nCuGA1ADDTtACeVowOctQ==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2022-12-27T14:23:01Z", "mac": "ENC[AES256_GCM,data:zDAuZdupb97yeKlS8j1J0SkP3xHMi62SVOgc4NAyqiQgSRnRVhO0uxf3Ms3nVhijqFOS0IeaHsEQM6cCcfq5Hf5/073XHV9/QTcCQsQxPqabwHLvO3Tkzc+lcWicwm0PUt3Plh4QybXwKSaYKJr8RZzlgltOl6CJN7fERIyNayY=,iv:G2te52MStm0o7+qjzIHs335x/PQHdcfiIrnF534+0sA=,tag:FwZRHR8vQiyhls04Ic97Aw==,type:str]", "pgp": [ { - "created_at": "2022-12-27T14:23:01Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAVnsoiamZ0mwkgB/VDWMxCME/uxGYqZc50h332nFBGSQw\nhPTkYSghPXdCPzBAcFglpBnhTiluREUp0oWJuCoimJAkOmECLM6wACZPjit3cvSw\n0lwB0zzKGtRNsnIwy5pM70am1Yu54JAkcqdOGJZFEH24m3gNdJVWnnMcbXNNfxnN\nIgQDDmL8gw68lpw8wKOwGi5XIfwQwwSBm7cesLa2X4a6UKLgBRSYkwtkEkskJw==\n=bhXe\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-12-27T14:23:01Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdA44YcVmRcpMqRAdiZrtA/cXds6gPgRFbu1QokzhovUTIw\ni1bumXheuSh1EwgV+ds/eP03LRwWjkRWApzl1h7D2SS3R+1U2e43kzIORyi33Cwb\n0lwB5GGeLSRPirj1WSMe1WEXCizl330mEwgNYGs2HT1r9tHESTIO9CRnPzed3EXP\nhfH92t4HMCwIzWI7D78ExR/uNHiHhOhBs0Jz3V6HSOmKpPReLtb2sVNMjO6fKA==\n=ak0g\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T11:01:01Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAPsAXdEPbuoIOTnR2s3naYv4IeJFO/8ubGtb3Sibuiygw\nBStM09B7+ZfFZD9MWcl+V6Z/SlLVwUWsTQcuP19ngcDvIrnODo/MiQ83x37YAJKD\n0lwBI1h7CUTm23CEWcRjfZIHhvnW+eoEOdcnMYkEq79LvNpap7oR7Zj//b2IbO3Y\nDxKJYszrGxrYLzAtR2oT+XG+Z948UEq8/A26itnvV/Afkhs+7MONNCY2RjHz+w==\n=U3bV\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" } ], diff --git a/hosts/surtr/tls/tsig_keys/kleen.li b/hosts/surtr/tls/tsig_keys/kleen.li index 3f31b1ec..36f0b43a 100644 --- a/hosts/surtr/tls/tsig_keys/kleen.li +++ b/hosts/surtr/tls/tsig_keys/kleen.li @@ -5,18 +5,18 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBORS94M0xaMWcvOEFqaEZi\nU3hOVVVZWEZOL2dzWUc4MWdLaU5TYm5aWkRJCldHZmE0UjRvWU5aVFVpUmRnMHhu\nc2QxOWQ4SXZYQVBjbjlDUmJYRVFLTmMKLS0tIDFNaVlJRzAzcWcybVREd1JIQU9J\nN0dBQnJvRmZaOWt2RjZrQm5rMFFwYjAK1gpceK9NaHPd8/9BQwnZyEY7+SGYStqN\n/jq6f8+tTZalR2eM1nTTUMtQerSckf1w2y8mlvZ2FXCI5+JK2xCU7g==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2022-02-22T14:43:58Z", "mac": "ENC[AES256_GCM,data:Ws+LHpDFB9tKzfV5zVg5POTbzwb5KNFigPCQON85yIupazVMKesW5mpBZTzbknL0IwPfVnCQNX92bnJ6RBqJ+vIdOdax/eZzuIMvXyUGw1gjafkE3F9gv0CWu3n34SoLOynEIHXOrM/nTVWOLs6+DP1fH8MmscjhvaX52yIxe8E=,iv:OhYYyc0tcI2BrL8i2ZWADso9AcHzhb/wNrqVEnTXUJY=,tag:+GoBXxlveNe2puCbFz2foQ==,type:str]", "pgp": [ { - "created_at": "2022-02-22T14:43:58Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAHUWRBd0g/lAt4SNSRTyY084xlAmLVFiWY38oItiWEzUw\ngFigoJRqCtFsfRgmPC/VyasEAsUCSmmA15rGH+C1DA0HRyXLNUVGEcsnL1J7yNxS\n0lwBVaPi+AgmKtV48v6YzArTeY36TA9CInZl588Wy/YFitnTX6wqIuoZeJlDgEhN\nVF4XQVjb1mQhHFHbgD7SJSW6fHi8KWb+B3Tr6qt+p+CzwCycH/IaDbWbhIRSZg==\n=06jP\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-02-22T14:43:58Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAZbcJU1YXpht/sVq+NgOi23+BCjuiT/DH2Q4o9oQwEBkw\nLlQGzqtLfKPAjZWCECgsgz7ssAQVY90S9MDM3fUYWX56TXZabFkgz18Bn0cq1Ywa\n0lwBeS1RQX6gyjLNrO3B52eL9t/FW01RtWWS51nGN0WafVgoIaohV00lDCFZPAD/\noajw9vLd7Njjk11Pqv6H7pUanQOk69+tX5pKpzwGlRE0eZre6OSPZp9WTgfLTQ==\n=Af2i\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T11:01:19Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdA1eo1M2eXnofs/Y+/2XQ58fNPfaui1PRJkGHUFJusDgMw\n/qmqzz8vR2cydHrPjjYiQL9qigTsCypJmy6b9Nmmfad4NiyThZ5dbctQkhhQFTDq\n0lwBpGVmG7SzsX7KmWmguT8vfR90cLOwpvO+c0o05ggIYevw3OLfWxnwW79N09o5\nJh6vUmL0bntNL2h7ows+Q+xMtg+kaZ1ltZLGq6dKNZoQ2eSHHnvi+R5Pmz5+TQ==\n=CThx\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" } ], diff --git a/hosts/surtr/tls/tsig_keys/mailin.bouncy.email b/hosts/surtr/tls/tsig_keys/mailin.bouncy.email index b7dbe8b9..6564f592 100644 --- a/hosts/surtr/tls/tsig_keys/mailin.bouncy.email +++ b/hosts/surtr/tls/tsig_keys/mailin.bouncy.email @@ -5,18 +5,18 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBUamw2MFhOamFMSFhialcw\nNWR2THhiaVFZM0h4SDAwcGZXY0F3Z3p0UGw0Cm5tRWx2WTFXL3k0SngzdTdyOGts\nOW5EdUpFamhKN292TmJEUThtSmxiOEEKLS0tIGF6UytZb1hKWE9rd0pUYVV0by9t\nSklSaENheXhZUDY2NXNPZzdiL0o3TDgKdgrdy8hIw3AIqsUCbyz61zea2vNO9EA/\n/658KGtbC1qnJuQF6/byUuxAMpdcuw7psV3WwaNYHD4R9kaWTiTmYQ==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2022-05-05T11:44:34Z", "mac": "ENC[AES256_GCM,data:bIjM+KaKivOu3xy4+p+zXaQtzRGO5wQ/tZXCgEBA9TEjkTli+ypzUlaf8gtjPOED2nCie9+GX+6kKhopP+P28/PoIGVmTpMLtRgInpNh8/APlTN2TQoVyCld2zEJDi+Cqa+nMBispyQF06bB3UGeOdGnlZwgW2IlYH5wUcgGBng=,iv:SMJMogMoLmCFaBqMjgB2P+pVhC8JVZS3BzZyEjqhDM8=,tag:07SSpA0HP3oIpTzyUExr+Q==,type:str]", "pgp": [ { - "created_at": "2022-05-05T11:44:33Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAfNwDDkgU3oYgQQzWu808G0xd8wwbDdRPzAvZpSW4ZUAw\nGKXrug34UAsJoCezXIArCbAXq8DGnsejkca90qS8JQAw94QxW/EVwjXXG1aUs2+2\n0l4B1WxA5Lt2/nQyeJjTOBcbTz07SPBlkdG5tZQEmJvoP33CTUUHNMQ9D1n3BFwZ\nOuWzFDBTXLqOzseL6PYCdjHMaU5fIll+GCIBufG9lZuqfP1YTyqLhgPLNpaO5kCX\n=4dC9\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-05-05T11:44:33Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdActPNakdiaMdVMhHlp0L77VgtR6x7NZmJ2RU1pKcqCnsw\n4hJbSauDdaUXirG6ircfJeKfwSOobdDjFmrVfkhpV2JKRc8XQyKm9nx8B3nHLPRb\n0l4BY8LfKmiH4lSocO/3thKurtZKOCmk5kfvCTVC96aWOFab6+YapJvRIqvgupap\nM+bRH+xEqS5rmooQBwsFFya5kykVVODiwAkh9dIV0EdGhqJgChjd+LHetch08iyw\n=KnpG\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T11:01:21Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAb+Hi6mywx0nVrfdpNy7VrYeHabgw5KbUiAG5xrwc+EMw\ncZLM6tFQ9dLNsK241d//UD3rzvco580eK3DNICl/ydYKpIjNoLFDKNA2Szqn2yfx\n0l4BmTHWDQ/Slel86p8MbUJxtKRlSHELfYEAzVZIR7rTc7VabmiFviZuI+MMuPF+\nLprLow8bPzcGmkHITZUFuz7QAdVrFN4fkPKPnvGiuVwU8nhXHY6/1p2hiXPzkh81\n=fGa1\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" } ], diff --git a/hosts/surtr/tls/tsig_keys/mailin.kleen.consulting b/hosts/surtr/tls/tsig_keys/mailin.kleen.consulting index 70fe6f95..948b5cb9 100644 --- a/hosts/surtr/tls/tsig_keys/mailin.kleen.consulting +++ b/hosts/surtr/tls/tsig_keys/mailin.kleen.consulting @@ -5,18 +5,18 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOclg5MnEvYm9hRHZTN3pa\nNGFLdjBWUFBya3BmNmxMeXJzcWQ1ZDJSdFNFCk9RSW5IQnlURGlHWXBCZkc4bE03\nUTNSc1BBUnlFdXhuVjhzV2dHeGRpR2MKLS0tIEdhYXRlZURuUGQ2L1lZNG5zbHUy\nekE4cTFvY253blJBd2xhNnNDaFN1K0EKQ6zOlymScxgmi/Q+wOciN6MpGLLDLsun\ncH37Fp9+cJJ4dunL18GOmapoiepYWGWJdvgr4dzoehiqgs7Sq3n3fQ==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2022-12-27T14:23:02Z", "mac": "ENC[AES256_GCM,data:e4oe95ZDgKZv6/Zy4P4r4u/fWHHLTsL1ieB1ut6Ktg4B2L/DPxuxEO0b5ajXFr8tkmA9/DL1Bfv5TT2145v/Kyy1NeXYGUGbg/BtrTYlUSekYVbHIHtNBYLgOQzNL5tlrhyFXsVHx8a0BZKVEmqMocNiz4kIjU4JJ1ORHxS5M4w=,iv:vN/y8TXg6RSxi7OyioIVA0NoiaPpIZU94tLEOCgvXHI=,tag:uAf7psK/HZ1cs621Y3LOoA==,type:str]", "pgp": [ { - "created_at": "2022-12-27T14:23:02Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdADTdcU/shxjYVUAxYWJKSM3oRDpYCCJ9al76z3glcNQYw\nmIlrpVfT3O+lOSgr1s07giFe/WEJb/A4ctYE7UUSpnowZbOHn8bia0JG/t58791I\n0l4BV7zeiWadAGJHDIRHZb2BRev/b4ho/UYnHG+LTaGnAa9phfeOlRn7k6+sw8Ad\nDUBe1MPbsnBD7hT5IACxNZ4neXDaSJ9mOe5CP9u6SuDwFlMicW8XV3INXBcRQKZY\n=7Uw6\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-12-27T14:23:02Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAgQrdU3Dqlv5ZuGkbBdroYvAFRbKdKTzG4gCkRR85DgUw\n8vPKNv3d93sWLqrvw1VqMKvmIfVGLujqM4j9ZuecHodUPiMuSgLmbzsGS5HpiubB\n0l4By0O/oVeNWAmFNYRMyfZ5CH+YYyOZ8u8tBTR/6eHjOp7wlKpCqcFVg8UILkbn\nrRvpNEM1PDh+oZJ4nMA7pQkm7297H0+uyTioGxHq9DLAODepnlfz2ofCKd/jEO1+\n=Fh1g\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T11:01:05Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAc/ZIB/lV+wb2f3Zxh5Hz73eThS8AABIFDaTwWXcjT0cw\nENrjQJ+TfwKgv2ltDwICf/6MhPfyCSw7NTQES093Ua8fH0kf7a980mDREtccTXiq\n0l4B/zqWiyZCabBHaEdKSHzx4wdV5ZC9xJc5p+nmt+f5urC8xxXz+C5Kpmpj/UlN\nfyJ0A1JScce8jVB2wF5qpu1HSY+AMwnpW78XjdyTjmYM7UivPP0H4ptb8frlovkV\n=zRrB\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" } ], diff --git a/hosts/surtr/tls/tsig_keys/mailsub.bouncy.email b/hosts/surtr/tls/tsig_keys/mailsub.bouncy.email index ec2fa339..da9c623a 100644 --- a/hosts/surtr/tls/tsig_keys/mailsub.bouncy.email +++ b/hosts/surtr/tls/tsig_keys/mailsub.bouncy.email @@ -5,18 +5,18 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSByUHJtazJTS3AzU3BqdjVG\nSTRNYUcxZU9VSjZMOStQWjNIejFUSjdpaHo0CnNmazllWlhZSFM0bGhxV0JiYXVO\nUmR2ZEtkaThaWEpTRE5mTEZjUHFDcG8KLS0tIC9Zc2RGenltdUJOSmxGSzNRL2hp\nZ1YyOGV4NXZSa2lBZ2hVNGRXRno5ZHcKCAOvHRcuog9OH8LIo3zQKaOsdv1RDL8V\nJGb/XR6NgAryuCdUXgpk3SIwP3oKKqiyOUsOUKPeOhTJQG4rkuAC1Q==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2022-05-05T11:44:34Z", "mac": "ENC[AES256_GCM,data:4RGSNI/aLfDMTH2r95uo+5bYNj1oIaKTSIuLu+a9jnihnoJgh1BIpi6q7ayTV25J31WvpqUdYtHmAqp0cgsgPnxleCA0rmL4KupMPPTx4RNmMDzPfHb+mez6iFwepkLpPSqLMs2hPvc9PuSJDY7r7gkGvRfxqT5U+1+d2m/31LM=,iv:5fEkvnz9HzUAV/Nxd0Y0OYUdNiqEkMwPkgQ+wA5u6nE=,tag:/LyrsMWedbpLOifj0/k9Ug==,type:str]", "pgp": [ { - "created_at": "2022-05-05T11:44:34Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAwar8wbCJkkIsCWa4ADR82XxMQ9uywWi+1kOv0Hz3cSAw\nk4KuWWFjXhuRPGN+ueRrWaZbL2035RL9qjz6AzTf7dYd06q9uY/StQ4iwFGTrSWk\n0l4BSx9tzJ17BfrmDc8gHi7iJJzVWrSQS2BEkjQBvOqOz1RUFnyboe/whdBe3GLD\nTKN0tMUts9wliS2w1qtMrZJhHS4vNRICKlNcmVlShH42En4T9hlcIjwcdeX3Abjb\n=0DrA\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-05-05T11:44:34Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAkd4osWJcn0o+iwi+92bCRf5PvZ++tKLOgUmzZ6AUIQ8w\nRRLkK9U03T6UFMeWvBv5oHLJIgtaseqQJ7P8YG3fhFFdKYkjpoFSvz0ofcdPpORE\n0l4BqBwoLFoVNF9vmjdm7Ggb3JeSRlp5dvn4ihppN5sMOVNMP9iVjFGZr4lHO6m3\n0sInfK2Gz1HZ+u74RaR+urMzr5kfD5ZAFymE93Ae9QASBBj98qM462w6vT2izVgV\n=ZDDP\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T11:01:55Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAYMVjjcgVJFl5WZoqzXSCzo5fGBaQlt3xF3hYxEmnPkww\nwYyNvV0WvZaiqZoSccKwkPmotNUzThb5gS3Jcb78TSNqBaI1rtkstuZDkGrYn2AC\n0l4BpyOw4EG70KBbVm6e4mIC6srvxZFpesG1Q0RcjIzxHuvz0MH/nDQgF5uCLGNg\nemZs5jo2CC6P4xVeE0bUHrzlEnYm3tVpbLcjG6gmLt0LIgtixd3aNV3UbLEU9d2M\n=qIGU\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" } ], diff --git a/hosts/surtr/tls/tsig_keys/mailsub.kleen.consulting b/hosts/surtr/tls/tsig_keys/mailsub.kleen.consulting index 23da47b2..2625c5e0 100644 --- a/hosts/surtr/tls/tsig_keys/mailsub.kleen.consulting +++ b/hosts/surtr/tls/tsig_keys/mailsub.kleen.consulting @@ -5,18 +5,18 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1L04wa1g2WEVMKzQxaVJC\nWEVEN3ZmTHB2V2s2cnMwSW51U0FIeWl5bFdNCmpFUjNLY3lpUWZmZ3NITHMvcVIw\na0hNdDRoMU9pL1pUZi9TMGNBeU9aUkEKLS0tIHlCTzVCU3FMUXhEeFFXZFNCWDVX\nV2lCakhQOVBSTEEwTERCK2E4TUdSTkEKOsHN78WMFBn31TL6Jt+1xkVMx+oroy/t\nmTI/p+j+3RBNZMSLWLfy0I4OWN9iWkUBSQzhOFk+QwXLEwW70daZ4g==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2022-12-27T14:23:03Z", "mac": "ENC[AES256_GCM,data:Un195JsFhtA99AEx89SGdZflAYOa/AHbcDxyQaMPiBI01ic7/EsYe6M6olv4E/PS1/+5b6ki6IeObl66Fv0ikKa36q6op8bJK/S3Mvza80FKcC6YKjmZp8R46MqxlntpIEtl1SaxeWlOf6XFSGS0HMfnCfnZ6+R/MXGM4ZHTofM=,iv:CP9JM+uSmKSskwD7SHEQGp/p8NwPu+c2eg+s7XKn+YU=,tag:LnhFimxAvhCCxYztRhjfgw==,type:str]", "pgp": [ { - "created_at": "2022-12-27T14:23:02Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAwJ0Di7OfQ+O1k/D/tA3AzQAmwl/+8mN0kdLD/hAHyVMw\nSetR3yQECXHycm8uw24INYUg1gmVgSg8uunM06F9in15qC89nTBXyTwI37dvSRjM\n0l4BcfRGOenwU+XCRacm10eqZUtVTkgcD43Fz/wjghN6G6j4IGap6tJq6lnA21vb\nIM+qaaR1s8Abdd2CEqsvmB0vF4lacmr7yu1hr9c8C9ooe+pP6MTb4SOpoOjVIqqW\n=r9Oo\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-12-27T14:23:02Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdA2xewM1PTAgVs4hggZclYUf3cElF/X1N/sDEsygP54UYw\nTby6Gv+iooRsVmE7FJbvFAVBYEHbNquHdyuSVs8KujoeunEB3xVqeARktC83dKaF\n0l4BzqnrEbTH9R3bnPKOiN8kGiOXS6UjmQZYfrFNphVGGOf/YcTOuGjUISsKd9K6\nDi3zyFY6NiY85Fb0U4LUtAlqz7mbqmjBho1kNezEFvmwLf12XdKE4SXmnnJMoruf\n=bZIq\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T11:01:26Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdA885WGCj9sDXpCSaCz05BaMm0I7jbqruKnUh8JY82XmEw\nJJwBBNgwaqws+FSprsdUSA++EzU/CUVGAtcegyDar6eKSgEw2l/JyoeF0OUTyrc7\n0l4BcPy4VZzA18OIvLKEWfGaMIiaB8YzCz+V2Z7Hv1WnkMem81QVueUkGSd40sg1\nr5IrqslwLwd1W6WTcY/aHd/L3mHFIeQeM3zkbz/SFieRRNg9a7ium7lf28lBZ9fT\n=7uWW\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" } ], diff --git a/hosts/surtr/tls/tsig_keys/mta-sts.bouncy.email b/hosts/surtr/tls/tsig_keys/mta-sts.bouncy.email index ce10db57..300cc17f 100644 --- a/hosts/surtr/tls/tsig_keys/mta-sts.bouncy.email +++ b/hosts/surtr/tls/tsig_keys/mta-sts.bouncy.email @@ -5,18 +5,18 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKU2NwRXVxRU1LTWsxbnNW\nRUhqTTJuZisxaWR1ZHlKZHVhM1pXTFVGcUU0Cmp2alZPMUVmUGRYVUo4T2U3c3Fv\ncnNZR3l6ZWdESXFkc09qVS9adThlUVEKLS0tIHB4dTVQOVRoWTZwSDVMeDRML2tU\nWkRBZ2d0czhWS1A5NzJvVE10ejcxVFEKqp7YMzYRSinAJYsgpwYxYoRPR3qRkeKs\nTwel36wB6VUbpclgkmqBG/GP4z0clma6ZCD8jwGmA5E3BSaHFr4fiw==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2022-07-10T09:39:02Z", "mac": "ENC[AES256_GCM,data:7dvWXtZd++BwWH6Qaw0WzRhxVVT9U8PFyE9MJ1E/NssSfkAZHaxDpV1kgRaHJav4lIjvUq83oWxBkEcnasfg6zF12xawxbCckf597r3ctndGtyyHLk0b0xBciiJRR8rFKeB81nKTiDzEA7ydfgbkPIktB/4xgi4vke5WHWPQ2Xs=,iv:NTTWRPUFvhDL5KndTwPEB4c3NCw6X9nDdWVPcowVN+Y=,tag:BO+TEaTY0RvptmlF9yhQfQ==,type:str]", "pgp": [ { - "created_at": "2022-07-10T09:39:02Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdA1eY+DFYwuexG+2C53SzO1qsn60d1UOeBgeBojLbKwSQw\n55k9cM4vYE50bRrnqEfEXn45u2qYj4NIl2WhfJ4luwvNcmLmqvQCKDOKblOEe6Qi\n0l4B6zMGpHNTSkbaKB/Y2zRpczJxRBJz/cEuimbHs57nMQKpFGst5tMvsGilq4tq\nE8iC77K6S+OFJmJulJ/Rw4Yrg+raZ0KkpVKo+hOOKEi2QaWdBLf6dL+NdH2Qpxqu\n=iJRT\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-07-10T09:39:02Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAMl+sivtfp0HDutQ2ENSGsoqeIG1//4F0TrmX3GlFVysw\nSA3Env4jdFAtHplG9/6J6PTtnRZNvnqlwoq3Gz1kEIdf8DhQP7/8uPzi2mJz916n\n0l4BOuQfwtJn/M6a7T4xWW4fPh/CgTD8e0TNV4lYboW/YwAhCgOSaRKnObMzGquR\nJ6Fx6q7+y2Be3zpHdOMHpQ1OmEVmysLRo4DeuV6WYDqSOqSklNMVi6D9b+KIQAJo\n=jbRk\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T11:01:03Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAUgXR/6eJRUx7HCNrYFtq3kz6G88i7aliUNkWfvjebQww\nBqNToO/cRnulEjZyLygIUpMPM5lqq3LuNA8bqRiX+0s3Ybj5D0iQRTJwWJ+bBeW4\n0l4BymBPiYKemG/txn2wuEB8A18U/yWd0fSkG3yHIKvRflgikf5aXb/mjkBZtxHw\n4Ym2ytuyaSJOO0wQ8e/z8DB6JhpiMBk3O5qC2zHik0Sp+lifQczVacVyK8hxI10w\n=gf+H\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" } ], diff --git a/hosts/surtr/tls/tsig_keys/mta-sts.kleen.consulting b/hosts/surtr/tls/tsig_keys/mta-sts.kleen.consulting index 6f146483..93c39a0f 100644 --- a/hosts/surtr/tls/tsig_keys/mta-sts.kleen.consulting +++ b/hosts/surtr/tls/tsig_keys/mta-sts.kleen.consulting @@ -5,18 +5,18 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAyZ0tkOXhSaDlTQkxZOVhv\nTjdPM1FkQWlTUkgxVm9aRlJPV28yZ0FWbEJnCnBDV2FTUWZRbDBNM1pNaytUYmFt\nWlBrdC9OaWxVbWxDU3QvNHphV3NObG8KLS0tIGs2THV4VnM0aTJvWVNlWWlvVXN0\nbWlrQjB0eXNrSWZteEJnN2tvRVR6Y00KVvFzgda5dFKadaHUj5JYriqJZc4VOsKp\n5ySPhmVlD2u0yvbvQ3tk6YpmcXKpKHC5t/5K8DjUhx5MJbJNhXRDIQ==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2022-12-27T14:23:04Z", "mac": "ENC[AES256_GCM,data:8EPTej63BLWSW1h6bGPBymbmxn/MTAYGlQXfNAZYOG7bvOT/OJEepZGM+GpwbTDT5adDC9BIwjIaIuvN2YxyQxamC0v2kt64JIfOJqNcL2YDkKF6GgQkdo86T+5N/xq/gma6JIrl1ZHromiUJIU/nTgkU4ouaX+syXQ+H3TgxFE=,iv:nUNYWMXB4QHKT70B01AQiw4utByAMCSY54Zo5XJ6C3E=,tag:NsEyfxPfgCIQZsKIFQTuiw==,type:str]", "pgp": [ { - "created_at": "2022-12-27T14:23:04Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAeGtiVx4eUHTbjv3xB+wVYZawZIS/a2EmY47xxDX8O2gw\njMHI7vF4bQGlWbwnJLMXIfxtK5gUontCZgTHneqClXPF78hibtCUBuhvAvsu5DCs\n0l4ByzrIpQSjo51JYx0mmaPifSN30EvYbgtYRgExQ+b0FAUAzh7DyNvb++3kz1DI\nOUJ5Fwt6nwVdBZlgAPHIJaCF91DNhav833U/tY8DA9IzigAA5dVhB4pR0OMMsLND\n=nJtD\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-12-27T14:23:04Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAUE75g5kvTpMz2+wm0CKP2P0AfSMADGKQ/GW5kz4Rkmkw\nqUIe0vaLueUkbvAzgHvoNC+og+CUQo9qhSozK/vJLfxmKZ0gNbc2H56w3IKexoZs\n0l4BWF9JMxJPysnr19GW9kEstGT6cLCEzumojbsRqtOkEsISrHhHUjv2IYD1Tvpt\n0s9gdLIrr9ovwJV09LeUZOZZS+a4hBa3tGfFnWw81dAGnuZlXeC0kmTYV3Xn5cH5\n=i4Df\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T11:01:14Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAI65l3SKWWGi1IOgxYaQLiM3swc6u/jNYTk+knGybPVAw\nQgeuw6ixhrUEoWQbnV5oUqErP3LE/p9tduMr2pDRY4hD7uHR0LsdRsx/hM0KpHm+\n0l4Bjc0M72aLujC2iyEfgc/cBSeR/I82/sgU7TGL2VA51GIF2rDTqLvPHkdlUw3R\nUwCCRZ6k+AqdqS+QWMciy1K02ddth7dTbRhiiruGkZ3/qu6/iWZAgwCG7f9yHyxD\n=mvtN\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" } ], diff --git a/hosts/surtr/tls/tsig_keys/nights.email b/hosts/surtr/tls/tsig_keys/nights.email index 5e387091..72c2615f 100644 --- a/hosts/surtr/tls/tsig_keys/nights.email +++ b/hosts/surtr/tls/tsig_keys/nights.email @@ -5,18 +5,18 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOeUNmVzJ3QVo3UzhZMEcv\nZnBJNW54SVRnSDUzc0h1emhyTTE4U1hTNEQ4CjFhOUxFdkF3djE2M092QjlQcE12\nZm9ETlJ6MTIwdFdTVkJaYUZkaHJENUkKLS0tIEJmRzFrYjJDMm9CMzVjenl2Q2lW\nUmwybml1cmo3TFZMai9JTUFwWDcreGMKmA2EA/jyJCYwfdzvRPdNQnTtcmYF0Zsy\nfQ3Aue3U6gZvOjllAdTszWb+VsJ+sgUlWu+GSJ7/mUk6F9HkCqZz0g==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2022-02-22T14:44:08Z", "mac": "ENC[AES256_GCM,data:+/9QfW6yc0AXNKu73Mkp7hK98lWWyNn3WLJ2wdi6mh7dAR/pYxcuIa8a9b8Kv41WrExwExVbWbI886v2hC63GMI+rZeiOXAZEEFNCpYQwyog0bzWedZ9gE5ZmymaErrPsVJYauys+8NYomhtj+3ufB5FZNwfmEOO76dzcr10qZY=,iv:ecyJqhBYHHNj97JvOCFgFg4jxaBySUdj3ZgZKY6ulLw=,tag:a62hRw50887xQarS6O/GgA==,type:str]", "pgp": [ { - "created_at": "2022-02-22T14:44:08Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAwkyJitOwmF+FeN4F3Z72t5wf8vTizR+TjlBPU/OwRUYw\nYVBQCma/uqjRj4UZeWXo6lq3weKI+gRp17z3Fvzc0YCWdtGq7lKyVtmwPltrvEXc\n0l4B4h6XT2+EcPuqtvkpNwIUoNphYZV8xGUD4v6lAQqUOYFsJvZfZbYe7tukcAQg\nwvbuWE2Hht0cxPpY65cVURA92wEcs7aP6Bp9Mqb/lQn7Ju1sv1a4bAvYvNVFnqu2\n=OkoI\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-02-22T14:44:08Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAFIJLO7eo3lhEVg13E2zI8DMn3ljuQv9JggBD2mHk4Xcw\nDjk54ugbH3AacQN4zsoGJsAjZEUpfCBhGl/fpVZYEVzgMLzA2SRqRol94YPyNpM3\n0l4Bived0rDJwIYAEhpCplpX/JKAN48BaauPC14QuWDxgBpZTWSKqa+BoYpTbBoc\nN0amWuqWp7WGLrRizpfah1w/+Og6QycgccXzG/dz5aRVC71ddxycvjbR2k6sH3tr\n=m8ZH\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T11:01:45Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAi1CUE79Nkerp0l7z2nYt25pekhsH/8EsIvc3o2g5cTUw\nRWRz+UMg9N7zwEoNvxbTg8EWQXUAW5TdjmrtxhgZ38+UDMoGeQw5Dxn6cvZVHdGs\n0l4BqERiLgVZxA2qF9SXJjRcqLEtkvBTN4wu3WhXv6N591ef378XCNescZ+Vf245\n047EuVXEwhOwzfz/v/NeelKRCrtbh3I/ezCP4Eg6EfDN2M5++RsaVW8KXcKVbcqH\n=BJ++\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" } ], diff --git a/hosts/surtr/tls/tsig_keys/praseodym.org b/hosts/surtr/tls/tsig_keys/praseodym.org index c4afce5d..b3034ac6 100644 --- a/hosts/surtr/tls/tsig_keys/praseodym.org +++ b/hosts/surtr/tls/tsig_keys/praseodym.org @@ -5,18 +5,18 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmdnNYVnl2cEtYSWZ3VnFj\nR2VhR3VqL1JHRW5CYkwzNTludXk4Q0lIYzFVClEyYkJKYUdOSjBzVENhM0ZpUmJG\naFZOZ0NYQk93ckFXdEpMNVRKeTlYSzQKLS0tIHI0SHZZdXI5TEZ0V09EZGFjSWtN\ndUFGcTU5eVBGM01TZUxnWk9TRnI1T0EK+xCGB657ZP2rVuBV3UkLn9a98UwdvFwm\nuy6k+YTca4O+Lq3ZILdFnieAbZBV4G5/4MTK3m8Q7Akv3DCjRTJsaA==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2022-02-22T14:43:37Z", "mac": "ENC[AES256_GCM,data:dMgOwAv7CWEsP568dNX/1mGOcVIXc/eU92gJUSkZaQBWoJExa7Y1K0Ocyin9YsdQsFGcBFgjyo1DtdVUrf8j5/V69CG8xXiWwf82O247lifK+V2/Etgys7W71GZXxX+C5+fnN8SgsVQeOKX47ljiDeajKMXOptQEx7Awooe1vYM=,iv:GP57gibgf20yrZTgGzGxewOEWnu+1E7uJUYYJO85n9Q=,tag:Zhl9FmLYUyydiNzbXjLN4g==,type:str]", "pgp": [ { - "created_at": "2022-02-22T14:43:37Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAEwneu5Lzspri3SHXIFgp8G+nTOpl3DGEoQTCaxeJvkgw\n/q3IUfiNFbpH32V7V07oOk3CD3SIlVVLNcxD/3DuOLHLeCehnWJ6OAtzaakvR2zW\n0l4BEBu/NBzhrtxbOt2vJnUyIoPwJIQuzQ92nUppd3gdaMoHyA+Wk/CAByTZ6+Gu\nq4jPWyeVwGeItpQ3PfpnCKJJQGhs/2E9TQrrovr2vhurnaxiEW80U/NdCQ3eMXiw\n=vKZP\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-02-22T14:43:37Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdA1KY9DWpdJsUWLsvl4jJWel1tsdiNJ4z1VJw1W1Uiti0w\nLBhjFCiX4trrvYZf/s27t3CEE3j1xHpk+nhG+5rvh4PKOy9+4Z4dQ7ePr3khWK8d\n0l4BrSZXnmP1+i49AjR4F94EvezVS5MMNlqbHOfChBaybXO95oXl8CamSu2X0kSC\naJJe/ovfYblK2QCD1+kAb/e4LOedAHkL/YSOFtKa0WVhKNJoRIocAAYfCAXuQSRP\n=GWol\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T11:01:52Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAsvVWb24Xl8qbhctmiw+9epiKCSm6e2HPEu0kg49AwS4w\nDsXjZ5lMCFX6Rhz9IXkLF9Xm1JcM5pHzwYEu4C+eeChKF8/HkILgabGW5fIfK1LE\n0l4BDPMbqy1cOPlAc3o4sFz3Kzf4e4G3/lVYLa/lOSrlMiZezsVQuxjEUESdI20J\nZO95PoMdX0fRx27gwGt9TS+6vA1Ij27yR/ud5zNPjbwm8GPPKRxqVn/IPsq9YFJ0\n=L6zq\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" } ], diff --git a/hosts/surtr/tls/tsig_keys/rheperire.org b/hosts/surtr/tls/tsig_keys/rheperire.org index a6af56fe..7c23d714 100644 --- a/hosts/surtr/tls/tsig_keys/rheperire.org +++ b/hosts/surtr/tls/tsig_keys/rheperire.org @@ -5,18 +5,18 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYNVVWaUxxR3JDUXJ6dmEr\nN3BtdHFkakVZTWJDSVJVYmVvZGx4bDJ0RHhBCnREeE95VzlheUQ3cjloUEE0K3dG\nOVJqSW5memYwWnR2WjBzV1JpdWh6TmMKLS0tIFV1VDFNZkREV2YxbzVSYmZ4Sk11\nRU1VbXdzSDdJL09uL1BYeW54Ym1YMjQKfCIdDhNwqz5lZVpgAZTIfZ1K3MRxnY5/\n9YV3sCQ58KkkDpCDzNT3MSA+PzKCdhXWDJmv98ZyUhBX9gTu2FYA6Q==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2022-02-22T10:05:06Z", "mac": "ENC[AES256_GCM,data:QJnaf5EFcTRk0tTQy9ZWUxEdZvfPZY3HvHkGLTrBMoNZf0rA4gwwhl7/TQhxmlS79/PS3eaf0QsLCwJVuuGJwsdQBfB516pl6F3kcFfGU0H1ydFpdQb7Y69UhHcOGCfep6G9qBdYGlM/u2c2xpLd3J52WwDfstrV/W79S9x0M4s=,iv:A9U7zI4Qc5AexJymJoBn71UQ0I21crs6o783JILQkhM=,tag:GDctWmgNNoQvRP5X1fPbGw==,type:str]", "pgp": [ { - "created_at": "2022-02-22T10:05:06Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAGFBLAv0AjRVBrt6bx0LjjXJ+F1HMItYH+ARVivmvqn0w\nTu4haSHe/+Y5OGppPz/AKscUahtKlD9Xc+wDEO7VwnGeqYmCmtfz71s6Mnzx5J4Z\n0lwBmnxPoyq4n3gObkaK+w/sXQCtrPzcr3eb7WwsEtOapNg1NOgveTkMGivhSltv\nEHOxA3Zb3j64VRFeiBEUhwo45QT8+XIkSogAtTsMtyJjsDdlSx9Se5hm9LuFaQ==\n=cFm2\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-02-22T10:05:06Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdARVp4AmaIEZyYrmVaTjF+qIlyB26EdjC3d4D+Jv5TkCMw\nQ8/pshECLLazpepPPxsQ2SHNNqlqiyIPkRaKIcCxp0ViMVG+C0C82QE5oJemnryW\n0lwBhYa5Ug65KISzIy2LsxiaXcyH8qTOa2vvza8NWdFyao6qH2N4MtdN4PoHo4k4\nSsxxtPtOrNo2PRjqSqg1WhCP9HQ9OOrTxXXL1Cei1LySN56/IBmTHs/CnDIjUQ==\n=gG/G\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T11:01:09Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdArLLFwpGwaUp0zA9W8zwRHDCBlwqY3ve1L6L1Tqrt+mow\nMv/kpMcKUVePFd2PMP/pGBshfolivoT/xOzm4UHLErOwxPNlmocsz2KzdZo3BwPu\n0lwBpIJWvKl5kLP86YY3UlPGr32ANZrmj9obnnFqnI8Bxvn74LzQNdwnlx6Cz7nL\npa28EkwKuru7buUQlhXrhV1xTXUN9bI9+c5WDYwyszDV4TUrsRL1sa1lCpweEA==\n=Vuyo\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" } ], diff --git a/hosts/surtr/tls/tsig_keys/spm.bouncy.email b/hosts/surtr/tls/tsig_keys/spm.bouncy.email index 46756f68..83bfe4f9 100644 --- a/hosts/surtr/tls/tsig_keys/spm.bouncy.email +++ b/hosts/surtr/tls/tsig_keys/spm.bouncy.email @@ -5,18 +5,18 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5NzBFVG9CR25EcnJZMnNI\nRFVEL0ExSTB2M2FFeDlGRmNsVDVhOU4xS3dnCjdHNGhhc3hhQWtBcnZmSHdma0xJ\ncGJFbXdPMkpHVVVVU2xUTEpzVm5nVEUKLS0tIDlZRDQ1V2NmYkZPMlNtZGxVWlZu\nWU8xUFR3SmE1MVZwaytZNXAxb0R4aFUK5Ds4ucb8CanfQOctQzqcrHThZQyvUCWQ\nGM6V/WJ/m3tJpILn73BbNPUgAWPirmf/ouOGejrZxGzwWm4i98UgYw==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2022-05-15T13:17:01Z", "mac": "ENC[AES256_GCM,data:/iqvcLW489vCFnTyVldH9IniRZ1cSavzoAqpkTtVT12ur9vIC9H38psHypgMRqSCrMTciispQM/gLTHFkUxMEFlm44zEbcsI2krJaB+PV+LGy+1gpJksD7JLQp+o5jCHB3CcY8pEk1NaCLMxekJbOj2Kd3LYnMHXk87LOdI9cfk=,iv:m20mpovM6sjDYeuCdRSCEUDz0/orhLlKYLsenxshl6g=,tag:3XaAxA4B2rN3ugLUTlA6tA==,type:str]", "pgp": [ { - "created_at": "2022-05-15T13:17:01Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAVKePqPnN7JgcDtSPrtJw+1Zdkf/fQwzxfq4WC+lPzhEw\nSJSOsfh2jv3z2SmbYPCpi+T2Gu12C5rBwP6FeB3s8IZpNs/+8oxflG2gH2xtAPmd\n0lwB1gaDej+yLf1GmVLI3e6aSa5WsWEmDgj8jcsjUqp2Ws2LYlTcyDZvhyd1G4RN\n2G6k8TjdKnTsrXHVqwTKdYtND6U8Bh6wqXFhFWNvqFc8wtrXcz8Nfx//gbQGdA==\n=vu0v\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-05-15T13:17:01Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAaeTRfIyydnIVadNeupg2ZyNyS+j6wuvaIrhLgFyNui0w\ntGLO4P7iVXgyWQXRfowRzJPBrDvfE2P8mLTwH4nXVtpILZuZsoASMdmy5Fasc3eh\n0lwBIiucRLpz24kquPzeS0mN8gQ63Cfk5jmc3lI65g2yxmVNhkdNH7V8tk/h0lHZ\nPASmxnPxNfPTBJYYQki+vBWOgqLm0S5W24nRDAUrHWdPprj1Umej7/vg6Edx5A==\n=N8cz\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T11:01:46Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAlguvr8HermknUjT0pIGosZTOjwubwlWPpHJmcROChTQw\njjGRPu0MuTa9iah74rpROqzpvCcoq4cerHTqnRHyXjPUP2xEb2ppCsy8bfPQWv6B\n0l4B1eiwfDpHS+fKhgRVI7kqf7m9yqvbgExelQ+pwAm4xOfu/lMNoCeJ826iaejp\ntwVvjE8rnmeB92zXQKO9BfxJwjCd77j7dgP4jFpYI0eHjcg2RshdJFMrtOxiIYBL\n=DlAy\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" } ], diff --git a/hosts/surtr/tls/tsig_keys/surtr.yggdrasil.li b/hosts/surtr/tls/tsig_keys/surtr.yggdrasil.li index 6b3648e0..23e25fc9 100644 --- a/hosts/surtr/tls/tsig_keys/surtr.yggdrasil.li +++ b/hosts/surtr/tls/tsig_keys/surtr.yggdrasil.li @@ -5,18 +5,18 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBERnpoL09nWU1KSmxlOVhL\naVdtSTA5TkdTbU50UUxhMWd1V0xkczRMTUM4CnRKdSt0N3hOYkV6OEhjQjJHdFRY\nMWVtSXB3RDRKQ1pPNFJKRVBsOWdEWEkKLS0tIGxQY0djK3Bya1czdFZLL1NxUDgr\naHhxTllmeWNKQjhiclR6LzZUdGx1cTQKSW8X6ndiX2kciF5DZsHAk1EO9ndU49lq\n0yvxErSGOwXNakQ25PTAVlP0iVyJsuBtStZEK7lDfYT+GbzLptyBFw==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2022-05-05T11:44:33Z", "mac": "ENC[AES256_GCM,data:LffMGjgzNp1gQQPBF+hUDh1YvgZqRYnS5521s0P1I0/1QlXj/iLYhNwIaTdBxYWFoeBcmvdkOXJV4YcTNqCmw8XaV9bNfezQTRlbskvAKZ1NPU6RRx6horWpguSWONnCMoFk5eaqeQA2Nr5rJ4kn8MSo46TMmHfR9Aj0fctuY1Q=,iv:E6Hu/jyY8WV+lm1AzRHVhI2Mdj2vDDwZcdR+KhM6gkc=,tag:I3F4gAQ3Eo86KL3fdeBz3g==,type:str]", "pgp": [ { - "created_at": "2022-05-05T11:44:33Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdA37udf4bGP58tefZPCe6GXJMyu+cCzmVwUh0Y78MZ4BEw\nC0kHrjRb/2EZHrWPiFrEuTipIw3GVe5THmQfQwA6AJnmYtIZywCB07SFF+myS1Qz\n0l4BY2H6MsZEhPUxEK/ek83XMzLdcm0uLbIoEZFjL6lM47v3C8/MipxE2+zqzzUr\n7KWtpZekshX3kc5Qgj+Brs+X+Vz35PheGgHs6mX1rOFbHGxcOcNlu1UK3n8p3W9i\n=B4Qz\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-05-05T11:44:33Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdALq2tsHKjoVkxuF2LubirDKj1mXBL8D9gEtBAgUL+e1Ew\nCircY5+tjUj067L94tbr59tyqVdbXhEXZWfk+yqarIErIlwW7VKYM4RMc+0ePUjA\n0l4BYQIILqERGv4uJG7nZhDVu4YMatMR9ALgED47OhXwjnVG40Ncwt669YpRqmcF\nlxCgqbcBcCc1MfRn+C7Q7hYmruqc9cIBRYlssZmMC10CCETRASxTgeNcDve24AVo\n=z5ML\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T11:01:57Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAPA2L/PyEDznBEhms3JO2divEwewzwS8B5EEIMYGKbXgw\nbX2dIKEAoT8S0FkjkWoBnUwApQg65CVGTV/Pz6WDBhIldAPQOqMVSMtMapleZDR1\n0l4BTEcWYCanDctCuKPTuz2ncqrVjVYxOvO6H3mjVsWvak/BU0Ou/1v/+udMU3pA\nUJ8Qd4H3/pA1ZRZSAlCUqZrH0JEYwYGIcsLpgwsnICwpty7dMlAsbDb3iRKLqOr+\n=UKGj\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" } ], diff --git a/hosts/surtr/tls/tsig_keys/synapse.li b/hosts/surtr/tls/tsig_keys/synapse.li index eaa5e4a4..9304c0b4 100644 --- a/hosts/surtr/tls/tsig_keys/synapse.li +++ b/hosts/surtr/tls/tsig_keys/synapse.li @@ -5,18 +5,18 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBoalBTMXQxT000VHF5eVU4\neE53R0VWc3JqaERRZ1VuVTZ1UWliaXFpYWtVCkhNaWRiLy9zaFRQTjhrNUdDWmE2\nN3pOaWpKOEYrcmJVMFJNSDArUUF2UlUKLS0tIFoxYllRRVNvcDgvUnp5ZCsvb28w\nSmxLWjZybXoxREdoVXRNS2VRZjJGREUKDXtG2FxGidWW7DFt4EEsppVZedtK7jfs\n12Fqpa/26q9OhuqAUCdxQsLfPkJodIBCK/Dd3uQpiCc3LuuFn6rS4g==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2022-02-24T19:19:00Z", "mac": "ENC[AES256_GCM,data:T/ta/YjbqybvlnRxiTNskvfiZxWGcMmwwOA4zrSOIqLe4pSX7OEtg42rZ6hU/jQldaujesFRl/Q7PSqcQGuDNstMW1XmRLYfSevJXthgpMRjdahrm3N8/kjWLlVaBbe7gP8p1d0GyWB3Aq2WGPAQS/WtKcmJQk5ObsIdImO/XAo=,iv:+1uBDXXOSznwhtcqa8Bh5qqwhgZlR3oz4lrIH8RyN0w=,tag:ejSDocMdIoCvNRjBX6NrDg==,type:str]", "pgp": [ { - "created_at": "2022-02-24T19:19:00Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAGfbmtH5MpFqWJZfFLndsjMh8zjPjpuYQhNCdqf+rYTQw\nUBmEjVr2GuBpdGmT8De77gexEDWWo6JnQ0FhRtRJhQLz1BSWutn/nOHNamPKGrsA\n0lwBBDMpQ/7jO37Y/utTPwRZvRITGSoSBFTgxL+2bDQJf0vh48+bl4BxpsJcT/pA\nMHBi5qfnbQcGqMEOOJUWjtMpL8st1VUVo5IP5hJq0z20b9dq8CKDnH81q7pQCg==\n=Js+/\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-02-24T19:19:00Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdADkUSyKMT5advcJw30bHEQ7qcIyNLb7+gAlOjJJPt3l8w\nUHNJFp/aquvlMwVmfXkPFRbV27oDOjC7HB03cOMZgcNLWZD7121ocDNaJPERhLRk\n0lwBJJm3tQwPxsEUGoqbzt/YY6qXMskWfKqDP6WkKCNjbTWob99zR6ygukPzRnHy\nvI7Cd4QHQ9di8GMSG9bpch/wcsM1OV/hcB15qVj5w5F0uft9kwgCIQ4GNmsYZw==\n=F66K\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T11:01:21Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAumgr0KIM1Je/FraKooXprl5Q8IAixOAPMgSYVXC42Dsw\nUX2EJTk2bj5OWJGMgygaGqJ2XaWwcFal6oQWneM08wgMcX+cZJbgqT/KdZVa0ecw\n0l4BVPwaXZLpXmRN4QuPCQ7qlEpk/e9VGgsbAVV5jQR20NWtzwhbWKdM+oZieEF4\nSn2zogkvajR02VaTffbHPITYPQh+6bF6RmRYP5kR/TWtH0Q0u0fYLV3DP9FZOfa8\n=kHMG\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" } ], diff --git a/hosts/surtr/tls/tsig_keys/turn.synapse.li b/hosts/surtr/tls/tsig_keys/turn.synapse.li index 019a03ab..d71d46a7 100644 --- a/hosts/surtr/tls/tsig_keys/turn.synapse.li +++ b/hosts/surtr/tls/tsig_keys/turn.synapse.li @@ -5,18 +5,18 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTN05Xa05BMURydGpDN1lM\nUHJMT1h4YkJHNU9raWlVU09HVFNjTmhtbzEwCnVIN1RhM2ltaE1hQ1lFRUVITzNQ\nZUMyV1AwOFRESzdTdHRUTmVYV1YwMlEKLS0tIEwvQlhEaGh3MHBPeXVjOWlpSThW\nclBaMkFhMnJxMEIxRWlaald1dWxJWEUKTtit7dcWmikpppnrf3UFopLD0aKiRkJy\npTJMX2AoBo61P0eYqIIupT4MMvRHJ/w6JwgDw9+kXrMY5K63o8HETQ==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2022-02-24T23:02:47Z", "mac": "ENC[AES256_GCM,data:G5hTMG3zfk2AIoKuIXZoQN8oUo/Zqd36B2Iz1fhsJg5k/Ns1kgHu3emNi0inhkryPTY8+4kNlLLk8T207RMn7mmu5Ya6zEMASxHrMp/1IgES1C88CZNAqIAmTVlmLEzXsh6O/8f7xtPjgNzfgbbDb6td/CNBQPyBfsuGeB9XM6E=,iv:3El86ZrV10IK0MTikO/Zs85afOv7t6Mz75sbl6yUNew=,tag:H4bNDQoF8Q8lTHImP0YFzQ==,type:str]", "pgp": [ { - "created_at": "2022-02-24T23:02:47Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdA75TO939bjxbE1DVdU7jxN92WBA9+FXLGzLVuYC9rjmUw\nB3jCi3+Q5Ig1N8moAy5SbuwvWuwunqksLipygk0zQCkrQAP5Yw8zTuaed1TUj61Y\n0l4BAfnWJkhG66fNaJ8bYLpnPelF/q5A8Ttqj6Yxj/NJwpqn8A43uOIgYZwUH/d3\nr/o1fT6hmsVgwRZsk7wTqletauc29SyA79nL3ObsP+3Mq3WSLaxoXNN/41+aPAyZ\n=oSp+\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-02-24T23:02:47Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAEjr8onFpTD5dlA6pFGE8Z7JWfIzZMK3APnpY84e1iVQw\nlWIlbx9T9UjPpp3TgTgDz5ve1ZeQuKm95VcjvfWOamo8Nf9rgX8+yaNjFe9Cl9EX\n0l4BKcFRgwZoiNPyuWFlPGbW9K/GmPY2DX/KKdPuCWjDktdDzrgD07RyIdXnlaob\nPBjFDkMDpFMt6meE/Unux9fNE6MeyAsJvEHkKjNq9AEvqKZgdrNkzmUzjWm4DIsx\n=9W7b\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T11:02:05Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAe/lLJGWEfOKVw1m9vbSFCSPajE02t27+CD3mobqrkxIw\nE4U4fzfPfmyb8TcIAYWBmgEf1w0WDCFLcW9a3Zk83ObimhsRmpDM9sf8lkSC3077\n0l4BQtnQxGxNO24DsMVdESXTE98rESxoacuC4lKDA9sTZLddGzv30969yyECVwv5\nFsvc5vjdKoLaSlrywwhinuxsiEv6+HRCvLG+xeNjyFvttvCggNT52gInxs8r1/ed\n=N9mn\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" } ], diff --git a/hosts/surtr/tls/tsig_keys/webdav.141.li b/hosts/surtr/tls/tsig_keys/webdav.141.li index cb2e332e..be790436 100644 --- a/hosts/surtr/tls/tsig_keys/webdav.141.li +++ b/hosts/surtr/tls/tsig_keys/webdav.141.li @@ -5,18 +5,18 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGbnM5RTRVajVUcGtpWnJw\nTjdxMXdMTjAwVldwak91cWxXanZtVk5vaTF3ClFuWVhVYjgySWkyb3dpU1luTjZ5\ndG5CRkIzZFpjS0h5TVVqdC9OaTJWTUkKLS0tIEJJaVFoV20zaEZzVCtxcG1qQ1A5\nNitTUVJnTWw5VERkcnhIVFhnUFp1MlUKELulSZylWR+SqhA4a5EUzJum50bSdraG\nbPQNQP7TGrxLRyV7Q54lcyOz9pe6nOuFVNpj0QizGaqLat7wr30TlA==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2022-02-22T12:23:26Z", "mac": "ENC[AES256_GCM,data:XwQKJBBJ3luAqk0S6auD7q+QLPwxG6Gnn/Aim5AJIO4FzgiluvuL8oNk4Ez/5Q/FVOtbMDKCQbwz+tgWJN6i2mlu8W4xR+bLOlGzcBQmnY5QIcmyRGDNhumrThoHtE+3agLwyVhWrvZmpeSruTRZ5n2EkGshOnSAi2SGZulVrPg=,iv:pInwne4YHzWd92gKgoNB0VBVMH7Hmu7q6LZMU8GO1yw=,tag:Y8J6cJommccQTR7guU4Rmw==,type:str]", "pgp": [ { - "created_at": "2022-02-22T12:23:26Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdA0kfMkCzKUHK7Ox8TXe/Z+RNrU3yk8WNk5Gb0LKgc/iow\nQHecugi4Gk+ZEGLcko5MXPDXee9PDQDLGNCxLiRcClc4lLC/AgWNwfSL5j1Gw2Mg\n0l4BJGJq5dK5acKKuLjgmehIDEi2ZJZl2/Sgw3TymUZyc9Y6Xw8k2ouAidSQwyuh\n5pLkzGAOS9qeHedOR7BuZSHVkPzFeM2JE/bkQyVx2im4UBDYMw3sDc0VMsQgV8Gp\n=ZqOO\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-02-22T12:23:26Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdA+tTfPKdULqJRo6n4UDMGJdH06I5iHTnNf0slTxfhp1cw\n0DUkmp715+saoXFTACUEiiiBv+8r7cLTb7qOWXcRq5LP7kAPwHZ5p++9vzePyQ84\n0l4ByVQ5Ywn0t2nyYKbnRktvg3Ea0XUErBVVg1+iGpnfVT6rcUroHqqpkb8KXfBL\nQ1Mg/pHXMCHlbjnVRG/zyO3Mu6mvWpLgw39j6S3jtAFhdEmTUXSd1tdZXYPKWpyT\n=1egy\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T11:02:00Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAQSNzTmennWMvLbsjtI3EHve5UbY7OCZTvPo4dWRvwTow\nh5puystWA9OsiIwY2Foo/L3Fg2oL4KpOup/Mz79y8HDl62561Rj4IDSXUj+6ybtU\n0l4BHjz6MHLMu/dUmnBPacUrF7gxknF0TINAeGVi4rhiCb7+hQntLhURqswGzccW\nlpn/wVITcKnLbFEeT6JmxTbVHd/BrHV9gEqApT7Apha/swZE/tpiU2Dk5Ee6fdbz\n=cqUw\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" } ], diff --git a/hosts/surtr/tls/tsig_keys/xmpp.li b/hosts/surtr/tls/tsig_keys/xmpp.li index 35acd462..560d7e26 100644 --- a/hosts/surtr/tls/tsig_keys/xmpp.li +++ b/hosts/surtr/tls/tsig_keys/xmpp.li @@ -5,18 +5,18 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBnMjhwcXN2bXM2Tnh3ek53\nVVdhemxPaktZUEZmZUl4SEVTKzRGNllMRDFFCjJpd2Zuay80U1pTdVFMdy9oSkFv\nakJaTDExVVRmL0lOQjB2bDdubE05cDQKLS0tIGYwLzJvUzhJMTMvbFlZbkNDdlQw\nUVhlMjJrbGhORUFqS0c4U0Y1QndKckEKmghm31+4wGiyRtUuyUM9ews4JK7EeXHJ\nPEYTZDJ4IpOcPyUKKZAnFEvp3/Q2oodLie/5ucj7somfBlXQFQXw1g==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2022-02-22T14:43:10Z", "mac": "ENC[AES256_GCM,data:IACasoGWgaouc0QnJAztTJkRnD60D0r0pXdxhXnDqpsz3qeS4Nnc5wgjMjSC6iTLNTDsGHw5s8egoIYKNhMVv1Gi7jYPgaIMGkjtg5iGIGmd12dqQTT4LPTfvrA0zqvu6BjzjO1BEBaJ26u8SBWw6yIg76b0BPpmM6afmyKo4X0=,iv:el8SzvnpQzURe1POMWNI3d2vYbAHqgfWzkzFi6GTQx8=,tag:HWABf4iOAZZLiJiMivGQ7Q==,type:str]", "pgp": [ { - "created_at": "2022-02-22T14:43:10Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAqBgOG0dMrKdKrPfL605eIH0q4zc/qLSepP3Mbi4wUCAw\nwVXV+LDTZKtCiT3RioyM3Vlf6blY1i5A8VgCKPHKFSy7TEMmhsHKKQGExahE35tm\n0l4BSmNYGiyW6mdiOlVS4uHlztG0SkzxAKoWs7lgwXufP97M0c9GaGLwVUCaOrWj\n416XfTI1wL8HmLBHaa8s2GyVPo+VWRKUpPu9gXAjTpqmRxeFjt7j749nIK8X27y8\n=2zXf\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-02-22T14:43:10Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdA4FILrqlN0ta93yHezBedT+3UuCQqonGlarHvrwi77DUw\nIi4IxaLcYRwqISIhsjz0k7MzJ/BlP1/Qg/NMaB9CoSQIoVc8P7TK/gdP81ORE+r2\n0l4BT9n00HJPJ4IHJKcKmG+Ta5xOPHsVqRNgLSp7Ss71I0HLEa6YqhE/4z3kwvcE\nD7fWKVLkMuA6PMzjEa+ZGY/baqHL0VFW+Vy3/Fn+E0nStUT17Ya0ANB5kuyRp/v6\n=cwHX\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T11:01:23Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAw7q4oSlYjhOZfndyOD6CJhb+hCSBgGZW0erXn0DBUCww\nqGF0jaW2UPBLy3W0TSbJL+3hoouxPZp5r2h32RnLkAWIa9UIiqqLon+fGsDk3fNO\n0l4BaDhDaujb46lPAAxiYaRgsphxr9S31Of7MDIbIMTXqAHhBTdhtKjjikVoXaqT\nRr2ePkPjvl+Kr3Ox7O41bgG4u6V775AEm/zjwXBIFaFZiGBjRP3RAGQv45Pza3Xy\n=K2kK\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" } ], diff --git a/hosts/surtr/tls/tsig_keys/yggdrasil.li b/hosts/surtr/tls/tsig_keys/yggdrasil.li index 7c75602c..38759315 100644 --- a/hosts/surtr/tls/tsig_keys/yggdrasil.li +++ b/hosts/surtr/tls/tsig_keys/yggdrasil.li @@ -5,18 +5,18 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmc241aUxxcUpTSzAwVHRG\nUDBGVU81Z1JtT29QQ2JZSE0vemduMm9xVG5jCkR0Ujl4VmlSa3ZJay9oUUNwZFBi\nSVFUR0ZKTFBZc1JCYllxdXhOblZ3T2cKLS0tIFZSaWwwZ1UzNTFXTVR5bTd1M3NB\naUNqZ0I3VWs4eUFFRVNrSWUzRkhyUnMKct7qRvIfNSuz/zf0WwamkiTOh59bCKB6\nzmkAOCtRzMCAN/Lcc9nBLdSF8tN0ZPmgQmqjs4iqgRwPmk1vsPbyFA==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2022-02-22T14:43:24Z", "mac": "ENC[AES256_GCM,data:DzSO3ir1Q2KWzwcmrW9ksw9GFRJXOVkb2tuhgDQxzV+sHC8O6VLMvYUZCNrYSKlZR0i2xiGuQD+3cO09YRYMF9MoR3ODl1BAGi5C0z0UKYPxf8BE/8x1qj2ak4Qdp7BHtaAQHo+IU+dX8AK64DJ5b2pJ/ThZzRSlfaeYp3X8cgA=,iv:FeuDzZzI8R2sZxWry5Jr1eoUWQlLkSqiNLutrvBviKI=,tag:VQJoQSodDkHIkrDXsnPG7Q==,type:str]", "pgp": [ { - "created_at": "2022-02-22T14:43:23Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAP/YAe2yfGvQ3TcChWjoRsi1bSezMKA2VDWPgRZuA1xQw\nEXhjL2Iu/ORRaktmd6ortqSxckYo2WOosqLXLLWXSnSpBK0mpSFO4/DJbMeKapCA\n0lwB0Tq0hP1Knh7jrTm/9mj2zcqonJY4P8mDwobBI4p1Ll29HxG4KCExrsxFFV6S\nQj1/r9Sz3SLsA9+z8hS8SQO3+877ITmAF518LTjs5clelO4I3KYCQqezXTVOSA==\n=2jir\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-02-22T14:43:23Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdArOyejysX1GDvK5g928BoioPtvEz1VzindL8Ng3Ta/Bcw\nUCB1/NKkCM8Ex2jALoGrBeZ5GdL2eRAOmQysaYPpeYRSG84/6e3DUixsbavL63tO\n0lwB+fVTe4tsLKFQ/j+GRJrBkHWNLVSjq50t68OhqTMQ31e8FejeTdAmsFG33MjH\ntumC/AGjz9qAGR7G690wu6WZaJRFD+aPMAJdFN2Fu3A+Imdra3hlTExs8ZAVaA==\n=7NiP\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T11:01:41Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAZ9qFpH1UltHmoZihHJM38H1twVPp9R6ShAQjSuqvGz4w\n7ps+sMw8o2Vy8BsnEHVF/pFgz4VXQ5FjkWiERqEoMzorugz29dnK4SivnZ6g5thV\n0l4B4EdX3Oo/8stFNb/M5rVn2l8f86U62mPaNTICjMYT1Up6zTUDyGkhhTcXOKDX\nm4k76TDsLgNhOrgFAUzep5YD/PJk/MyxdBxcQ8MxyVsbAQZSgRLfb56PDIDMsv8A\n=N796\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" } ], diff --git a/hosts/surtr/vpn/sif.priv b/hosts/surtr/vpn/sif.priv index 30a08fcc..a3c13416 100644 --- a/hosts/surtr/vpn/sif.priv +++ b/hosts/surtr/vpn/sif.priv @@ -5,19 +5,19 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age1ure0athvtnaqqw48pe0y3upqdzmkaen9h70yggd9va4hva6avd8qqm6s4d", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBjVzdKYllJMkJ5TE1lY25D\nOTh6WGtYcmRhY244MUdyRnFCa3ZTMGx4ZVFjCllRaElWVlZ1b0dKL09qUWNEYkhS\nNnowRFdjSDVnSzNLQVByQm00Q1NHWFEKLS0tIDhiN2pjeU1nL2tWMFFrZUl1TGto\nY04wY0o3ZEhsR3hrQjh1eHREZHgrUXcKhd3BZiC6NfQ1kDvpN+HG4z6xdLJZaR7B\nvyEQ/p0VpNKXW83BhiM+FFzJ0WLP7nS7gQ89RyjAOQ0/oIb+b29xiw==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2022-07-29T12:15:02Z", "mac": "ENC[AES256_GCM,data:MQFmmdTgHlwYplUt51VdMUAnezhypB0Yh0PW5LX4L0lsF0/qlHofRXvqHYI6sx21r8UuTjvLIZ+7LSo8px2wELDol77ufh1zxSDBdbGq6J2ITPEMtmqIXwGJQKweEBr4B4H4mxoiIVQUgNj5TxzxhL7KTm+sVi1uCqTcJjnSY5o=,iv:YJ1GuHd3I4QaJxSJitLrUagaBth1jcQNlIAIahiOCgs=,tag:pcFpscLzTe1egToIzcZh8Q==,type:str]", "pgp": [ { - "created_at": "2022-07-29T12:15:02Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAmyIyOWJBhIOV4q1b/e2SQdDJuN+feiBQKvYxXPUICyUw\nZ4+HZhYYxERG5FC6fH0dK2UDuL2lSzda8YPwCaVYnvjBGHef7fe+8VvVIGZw+Ymc\n0lwBlA/MBCoUXTVAIxySC3yBpqHu0lPZsLExjlKYWuikvKYC4tkre6MgYhQOiAAz\nM5rlatVv3NC978MeoLjlqYz5kZqIfo8OBllPGMG0ig1q8ZiECrWion03e8MyUQ==\n=TJ+U\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T10:58:41Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdA8xX+2sUmk2pxjs8kIEoCSijlD2Fpc+4iDBfFbT5Apxkw\nTQYHXzajO77NqiRFu/6s/pzZRhzqlWb6+SqZ31BCws/IZjChXQjrV3p1biAQh5Y7\n0lwBVMoawwg2glvW1CanysrUTC4T0r70CViYhoM7RuwRp79FA4r7xKWct+Igsk8V\n6wy13zSRhPqK5yC9Xk5GmMlUiSu1f5SDTQ+dD+QNjHp0JninoNmTxfPrBbLfpg==\n=eeWj\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" - }, - { - "created_at": "2022-07-29T12:15:02Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4Dgwm4NZSaLAcSAQdAdTUxSzzwhgyqWg+wtBDJDOllNljRAel4HSuEEfBs9Wsw\nFa6AQYYnQl4XbE4TRQzJ3iqymVDDpQ5RbF/EWhSV2391VmAXznl6VT5u5+8mdbQh\n0lwBcsjy3BnPAFbnQWaYe6MTZocnCSi1Q+YOVKzHYBiAkbKiJMmbnGKIgBmrAa2j\n4Gv+bYCTm8gnmqvXQbVPe9sU9Vaiv9geMj1SQ3YaWe0lOXIpIRvjg8+9WjuDlQ==\n=xVuX\n-----END PGP MESSAGE-----\n", - "fp": "F1AF20B9511B63F681A14E8D51AEFBCD1DEF68F8" } ], "unencrypted_suffix": "_unencrypted", diff --git a/hosts/surtr/vpn/surtr.priv b/hosts/surtr/vpn/surtr.priv index 707287f5..ae0d707c 100644 --- a/hosts/surtr/vpn/surtr.priv +++ b/hosts/surtr/vpn/surtr.priv @@ -5,19 +5,19 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBMkxKZVF3MVB3eWxsNzRm\nVldpVXlvOVZhYTY5TXFrOTFUMWZlZ0pCaDAwCnpsdnFLMHpBNmJ1U3h6YVMrNUo3\nYVVWbnBrcUJNamkxamh6bkhIaDFSVU0KLS0tIHg1UWFUa2FjOTJSMjk3Zi9hbHA3\nMitLd1dFT3BoMkFtMXRDcG9EL2lETW8K28FtN1p//w8W0nbu0c0qZ9bOMr5tcE9T\nUYUSAvGiK9FkS5RazxIBZO5l7o+NJUcHk4alp9DYS6QM8jI1/8P6DA==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2022-07-28T19:09:57Z", "mac": "ENC[AES256_GCM,data:Q2179Mp3h/FXVzM1T5sRfci+mo/gCGfUm5824GBTbCzwIsTMjSpPz/wByg0WQJ/WB3wnns+VfCh+epqnKcP73KKUmNysGNJ9DH1hNukmTWMZEI309yLE/GgDs76xGyt9hXdHClq30qhKT17bXQ7Pq08c437vfSwSCcKoKOcr6Ls=,iv:u81NRHwKSKb7Nfz2gC1tjdYlfrFETjF/gEMGAha4Y7g=,tag:zdxYtbiKtY46MGP/nO8S5w==,type:str]", "pgp": [ { - "created_at": "2022-07-28T19:09:57Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAa7ohlS2wGvuH11I4GvYZQmKbQVZUcwpV1XX6YMvLQV0w\n8fMshflTFWUnmHAR5ERg6ZpESFiAXAlkUMTLIZBhDTAN92jCu7+nnNFK1QgBVE07\n0lwBilABJT++m953o6ic4h/9yeyx5Wc6+XxS3d1Mc4qgNBzX/TBVEoKmuUgkHwET\nd0nftLYbKmICgCBgDgllWJLSOU4XSksmYIeMwiSpyNzv8oKz8u73SZz20rJ9kQ==\n=phWI\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T11:01:34Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAa28I7wQMXDsmmmfk7NVap+Ob858/4lAXIwX3z366yy4w\n+TqIbP63OBAhhMfyX8hMexe1tpY46/aAYN+Pvgv3bJWlijEke/kH9jfeI0iMVFUH\n0lwBh1vt/22QKd5w/oj0uYsV5LTnndZ4u8HcLt86Bn/8hWii0hRJpNK2UJXJN5fn\nuy9uEPItjfUnk0B9ItqPBnTpbTncOhKQNW06Gc71tmJTKgyKaic5uPJ794XJrQ==\n=XTmI\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" - }, - { - "created_at": "2022-07-28T19:09:57Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAV4pW8CJP/QP0S/w5e7S/Xrox+Ix/NBvw2N2fWp+5FwAw\nATp3d/QGyk+vwuQpQj3zq/cEzrWrrq19Gl+UUjSyI2rkpUnxWboA2xICYVkb91Oz\n0lwBLu54X/3X5Nd2krPv+Qa7AWPBKF6BkE2PIjjrvPgyJ4/XiFzawJsILH37QPqs\n7PcrteF15UNR416omVNZoWpF3Tq/j4Jw+ewRhU9WjOXe2GO8/X9zjTD9fRrpIQ==\n=YtV+\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" } ], "unencrypted_suffix": "_unencrypted", diff --git a/hosts/surtr/zfs.nix b/hosts/surtr/zfs.nix index 736d5cc9..583ab8e1 100644 --- a/hosts/surtr/zfs.nix +++ b/hosts/surtr/zfs.nix @@ -10,7 +10,6 @@ "/root" = { device = "surtr/safe/home-root"; fsType = "zfs"; - neededForBoot = true; }; "/var/lib/systemd" = @@ -25,6 +24,12 @@ neededForBoot = true; }; + "/var/lib/sops-nix" = + { device = "surtr/local/var-lib-sops--nix"; + fsType = "zfs"; + neededForBoot = true; + }; + "/var/log" = { device = "surtr/local/var-log"; fsType = "zfs"; diff --git a/hosts/vidhar/borg/append.borgbase b/hosts/vidhar/borg/append.borgbase index 4ed28024..78ee4fa6 100644 --- a/hosts/vidhar/borg/append.borgbase +++ b/hosts/vidhar/borg/append.borgbase @@ -5,18 +5,18 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age1qffdqvy9arld9zd5a5cylt0n98xhcns5shxhrhwjq5g4qa844ejselaa4l", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVY0xSWDErclZlRmk3VFg5\nbHkzdDk4N2Vjd2VsMXNUTU9wa0tPZzZsOURVCk82ZVhkdTVUZkszL0ZpUXVrd2dj\nN00vQUp4UHJEK2ROQlRweHVVMk0xcGMKLS0tIEM1dDcvZ29xU1FWc1FJYnJGbjIw\nNGdSdFpIeFVaNlRuamwxWmVEQWlvWTgKiBj2EieX98o6Sta5qIisMiuH371i45vJ\n4ZqGkpdyBQdPeWVV0NemC7bTNwjZQDaoDRc/8pfP8rvf61dacQQn2A==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2022-02-17T11:54:23Z", "mac": "ENC[AES256_GCM,data:eURkhSdM7cEno4+W/TSQG7C64D+j5spR8aykewF3n3CyZDDqJ3AtJoyzQePZ/XWd28nx3z4vdZQwSJ+PNkReKUDfJpt+Fe8FVIFDIEWylnY4FmcgVrOTABoNwRkJwqNGeyJTBQNYx0jdr/cuoCyJuVw+/S+WdJ9uNSr7fXlBvJ4=,iv:xf/86Kf0ZWgEwYP8fQOHfPuVMuF+Q3abS5RSF8XXL+g=,tag:ns48lDgX/jmdtitic5fwPg==,type:str]", "pgp": [ { - "created_at": "2022-02-17T11:54:23Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DbYDvGI0HDr0SAQdAy60KUNPr8e1Dd7OQjJeU8ejdznNEClAXAhzN5xLLuWww\nLE7O/7glpApHO2r7WMRRs2rn2PfjC51DakxU/6KnQ9HVZKcaxukn8qLzUwzCG++g\n0lwB2gl/kIY5EM+E6S+1Fx0lXK8XVKcbkiySsg+OogdKLbbBvTtYidke2y7FDb/B\ngH3UyuqFl5+v5CdGeMqttn/1pHo2Qw2Ig1FHIu93PR2PtQZXf84jrSi5NLARFQ==\n=Wwcr\n-----END PGP MESSAGE-----\n", - "fp": "A1C7C95E6CAF0A965CB47277BCF50A89C1B1F362" - }, - { - "created_at": "2022-02-17T11:54:23Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAqC1MAhMF0UJH0SzcnMhybD1hp2RFkwgKYVJCL075214w\nFmpGt0cjolC0tcRVGrgvar4PbT7C/2SdYcpjMPT++7mYDyirsrQbSrWKqlxaBsrP\n0lwBdK8CP5+xfJxlDHxn4g9Y0YM6TO+96gfEPYW4wiBJRyLDyVGB91hq20ln1vvC\nNfMYuvv68swlB+YpvBnXw3bA9tNtve1N/coX2azFRgWPwTdPlGGpzpc7oewNCA==\n=8A0o\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T11:00:40Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAk9t6xQ807lXCjNOGMmIr72E19DTMSDQPqoMPPTDh+Dcw\nZjXYbwP9Grh7r5Ft8SPeH0Lde8lmR8XmPBYcPlCGBIaip0e8s2q5qLPDvBIanR9L\n0lwBjpjiemJmFpNtH0FFV+a3GqNX/SkNVhwWY1d8HbH6moXP8QUxIyMqT/uuM/IO\nQODUFOnZFipbUaGFcYCr7Q03/g5Rh0o8TzL4D191Tr3Kflw8+fwyzUAl7w1MbQ==\n=f6me\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" } ], diff --git a/hosts/vidhar/borg/jotnar/surtr b/hosts/vidhar/borg/jotnar/surtr index 26d286b4..53bf27dc 100644 --- a/hosts/vidhar/borg/jotnar/surtr +++ b/hosts/vidhar/borg/jotnar/surtr @@ -5,18 +5,18 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAweWZMbUZaRzBkUUExT1dM\nWHNrVkZEVFkrRlVFQ0FteDVuak5lSzBFYm5FCkxZYTRZR1Q0ZHE4VUVMM1Q0dnNO\nMFpzbkZ6TFRMZjg2NkMwNlRaSTdjMEkKLS0tICtweGNwRkJGbFNhNmh6eGlGZ2ow\nWWpKOTNLZnFaQmdWL0dWaGVZblRYNlUKF46CcNq0QaGjfjSptQGaFc9+f1BN35OT\n+9kVmbf3xL2S+6u8zdK+XXLKR8q/aQUNcET4K2AfsmyWes+Q2MuFNw==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2022-02-06T19:43:25Z", "mac": "ENC[AES256_GCM,data:K3Y96+TM4/Jsl8JQ56tpJNHmkDVuetUtQbUpDqIHbqm65d+RKoL/Qy/IWVGqcfUxZMUvzM2J3fEo/05q8mcxn+wZd2tECSJEUbgFDhGrpPZV8Ir8cQCYlPn+UBTS4rNUfEpSBlymND/vFjQ0lneqMo5lapbetSs4h/GvFzUFw8M=,iv:TyzMk7wKzZpq8TrE9uHRFXi+JzvNePcWrmyogcoCZo0=,tag:KB6ZBlGrBSGuQFg4fB407w==,type:str]", "pgp": [ { - "created_at": "2022-02-06T19:43:24Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAWSCnyt9/7PkWecNhcOwuw0TRJMld9dmV0Ti6KjR6bkAw\nQxTdj0rMaXFayEyyXxotbjxb/ZMTesYCqAce7RKoj0GS2GngmP6Xzpt151uSmyPs\n0l4Bh5Ohfln3bAq6iJvJfOZvwYqmoIicRZFFY7afuBDO7oad4fkoWpQWDRtuLc9M\nIC0ReFXCuQOI5eoFF3V8xT+X+icjFUCVC2OktO/6AlAtXxi6BSL+574CUMivuQz0\n=3v/M\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2022-02-06T19:43:24Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAqlj4zYxkXgnJEEt/RfxQORgOzyfiZdQKzlhm78OhsBkw\nc2EdfAgpGwIm1F8tpVtwYcfNXYgfaJdADMzYSHL8qqn8DJrvhCArJdT/m7ZPWKy2\n0l4B1hpQdga7KQTD/iDlIrTJtiZ9/AMtUJM/HU9KtCl9AFGRNEGTAEdlHTUBDzOP\nTSF+R4NAqoY742C7Lf7pkHbVhhpXige37qJhvu7AMgnT5TT17McsXUj52Sy+Qv3z\n=cBYd\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T11:01:58Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAz6SbyhB/2PnlB6PSsC/wgwRiMM+bAfN+naeRhJpmxW0w\nm2B0PgujNzYESth3KFfo5z5AYdL+Pwyd2Kptffw4S/wwbI8l0lnK5mfNbP3cVqno\n0l4BPeNP+Vv+a1HCXFdL0iYbWSeG3jid+UlaqXrVMlL9npR9T9bSTeVzWEeOSzA6\nxf/BJISSDm0XuCiNHxifgPLbh+0gs2mVusESkjCwGiXKgK412LFemYD/LEJZWqWv\n=D/yv\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" } ], diff --git a/hosts/vidhar/borg/yggdrasil.borgkey b/hosts/vidhar/borg/yggdrasil.borgkey index 3540792b..9d2b54f0 100644 --- a/hosts/vidhar/borg/yggdrasil.borgkey +++ b/hosts/vidhar/borg/yggdrasil.borgkey @@ -5,18 +5,18 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age1qffdqvy9arld9zd5a5cylt0n98xhcns5shxhrhwjq5g4qa844ejselaa4l", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYOFdvVzlHMEE1T1hMWXI5\nY3E4Z3NpN0pGVEZCcitNd3grUGZSRURLcFNNCkJJU3c2NHVKcU9wbG1GNFllSHRx\neXhmTlJHWFdxWEtuMWNDczUrY0djUGcKLS0tIHpEbVB3NDlrYWpQQmV2RDFicFhv\nazAzK091SzZnTWxTUERlTEkvM1JvaWMKPuPXehQ0RcoeSxZ4ZuurxDX1Ln4hgB9P\nRFFECBev0IrHdBas6BCwh98HUGv+zR+9PlQLA0l3G9NZ93KTh2GM0Q==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2022-02-17T11:07:24Z", "mac": "ENC[AES256_GCM,data:5dmDZTT0+xwtUMLRHxQ8O8pviyzZOtcZXufdRkpbQrCImhk1B4eSm2gaT8GavJYswu3I/Z7Yt6BNeiKkccf/PXWAFsOn7L6R2B52X5TdgUD49HXiLcu9V5Sy2/YDqlCcC1IpxwylilxypP1ht/M19VdPl/vFClQTwsQcwpBujtE=,iv:u90ozqlzOnvp0ly/x1hZAnR67XPo5pWGSvPSbzI5eA4=,tag:WKc64wNitiU/x0Baugky9w==,type:str]", "pgp": [ { - "created_at": "2022-02-17T11:07:24Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DbYDvGI0HDr0SAQdAnvb/5Kls/HsLN0dWxkew1E9ppPKI3IDS8fHUun+emnYw\nNJ4XjE2VbM2sdPaAsdeEtmONof8r8k0EEmvV8YFb2iH4EvuwB/LE3sb5Ldjp2QHm\n0l4BS/e7YzESnua/yHA26caeRaqBBbD8mXpKjTaA40v9mbOkpcQpqqP62WO1ox6J\nXLBuV7O1gGjaoWfN/xjkzB2PVsAs5WeTBelMQc0M0/RmlPgOQmOD19SWQop+4npR\n=qLw1\n-----END PGP MESSAGE-----\n", - "fp": "A1C7C95E6CAF0A965CB47277BCF50A89C1B1F362" - }, - { - "created_at": "2022-02-17T11:07:24Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdACICrWK61VYsHz08d5cUN4S0zOsmas6/KMs9Eok2+hyAw\n5H5cWdUMtKXCG70Cws3pP9Xq0fRrAQ4ta+HBd38w+fDhm/y4HQPcdv7T7ekcEMHH\n0l4BDO10UfkHAiVrhp5jbpdolkH/0uOb90tZPvN1RGJkDoyJjqp5XTn13c9kfsFg\ni5txaJPTp7XvIBiLLwhmb2z3a1XCDjd1qS2hiaD9c7+fxcanU5a9QwlT5ANnzm/X\n=/xps\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T11:00:35Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAie63YKU3IGnr0x0Cgp8WrZfZhOZW463d+M5daEvutwUw\nbkmueZVrS9Vfk6ofsbTZbP6arBYnVVSKFgyy2mKNZF0nsH5w779rAbLMK44lR/mf\n0l4BHEUCISMVpCfpJ9MoZCB4ZYQzb6qxfFD9+qAQSHAL9K0htewsrx0VutwXe6+b\n37qlJDNBqq9f6UgHW/DBg2BRAkn1jPBYdgI1v0QrG/oyBq4HSbvwMNpc0f2HE/fl\n=0S87\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" } ], diff --git a/hosts/vidhar/dns/keys/local.yaml b/hosts/vidhar/dns/keys/local.yaml deleted file mode 100644 index e66f4b61..00000000 --- a/hosts/vidhar/dns/keys/local.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{ - "data": "ENC[AES256_GCM,data:hpWdnmsmBmO01PkTlmRLHdmXrPX6POuU/PWrOUMgH6glThzsFdk84tskUExnsl3N39ryCmgZwotIZ8zCWduPBn+nN3VTEP5Z4xltC8I82C6F283gWC3gxpTXFSwF7JetRM5uBQV0FFd9iXHUySEHdzoRqsGuZTMYdT44Bm6gGQHyt7N3/EeLHyJKa7MH+SLLznjlaTnmrAxEyGP8Talda0s/mkh4nRqQnbxX6aOTQpQ=,iv:eRQuxRNQGU2Zwudaqjr+QvLLpJ5QqrjvAN/uL6x8hUs=,tag:CYEt1K+gOGiOX9qQR/Q9jw==,type:str]", - "sops": { - "kms": null, - "gcp_kms": null, - "azure_kv": null, - "hc_vault": null, - "age": null, - "lastmodified": "2022-03-15T13:30:32Z", - "mac": "ENC[AES256_GCM,data:PG4ywF/U6ITmdRB4OU5uXu54YabYt9Yyy2oYEMx0XpMlpKWH5bmg2qQNFakxBD6wCy2H6e3LmwcUl2N692crm3n/qQRNPQ0ETHVlaPlRFG85tiz/Ngi6tasoKG+ciLAXMy05c+yY6oENN7grm1TTMZRGSIyxo27ZU+k4kmz4eVM=,iv:fluwCnXHAJ/z2oGWCLXbjooymXbViPrZdVJOnoSrn1g=,tag:QtNGIKMBDtKnb3JPuRqmiA==,type:str]", - "pgp": [ - { - "created_at": "2022-03-15T13:30:31Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DbYDvGI0HDr0SAQdAQAK54tXtgsLn6MmWQC/4irGRJd160lpAxCIT+nt/MBUw\nznjpLnbZXSft1RQI6/B95udkm0U/MBKt7wSMe9I/Po44qJrqHqb4jofz6NCeqxD3\n0l4Bl/DpnWfam9knZFQ9NIEaKYWXSmVuxVduhpYYGopXUrKol8BVTdXU6qHaPKgV\nQc72FvezgyHngZwXNEggvS1IWPq4m6pamLi77e8hNGiQx5CiaFXWwCP4gY6A80pS\n=FNi5\n-----END PGP MESSAGE-----\n", - "fp": "A1C7C95E6CAF0A965CB47277BCF50A89C1B1F362" - }, - { - "created_at": "2022-03-15T13:30:31Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdA+/lLWPxgadpnWQlbAVbdzpbevoVKuaGrQmp79m4wKycw\nBeErMZugDNzHWXkTHXez5SpS94RYlGzhLcVLGfMg7C0h3wN192QaMrcH01udnjhK\n0l4BRYt9+9CCZL+Nb/ss+BIyOAFCZi2RkwzvXl9wVk+mb1As9/UYml9zqh/juU5F\nBZXqwNPA5RSNCoB0wy3A5yIB3uniMuYczTs67VHJ5cw2VVSQvXF5zue90i2F4mC4\n=IsU1\n-----END PGP MESSAGE-----\n", - "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" - } - ], - "unencrypted_suffix": "_unencrypted", - "version": "3.7.1" - } -} \ No newline at end of file diff --git a/hosts/vidhar/dns/keys/local_yaml b/hosts/vidhar/dns/keys/local_yaml new file mode 100644 index 00000000..f682f05e --- /dev/null +++ b/hosts/vidhar/dns/keys/local_yaml @@ -0,0 +1,26 @@ +{ + "data": "ENC[AES256_GCM,data:hpWdnmsmBmO01PkTlmRLHdmXrPX6POuU/PWrOUMgH6glThzsFdk84tskUExnsl3N39ryCmgZwotIZ8zCWduPBn+nN3VTEP5Z4xltC8I82C6F283gWC3gxpTXFSwF7JetRM5uBQV0FFd9iXHUySEHdzoRqsGuZTMYdT44Bm6gGQHyt7N3/EeLHyJKa7MH+SLLznjlaTnmrAxEyGP8Talda0s/mkh4nRqQnbxX6aOTQpQ=,iv:eRQuxRNQGU2Zwudaqjr+QvLLpJ5QqrjvAN/uL6x8hUs=,tag:CYEt1K+gOGiOX9qQR/Q9jw==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age1qffdqvy9arld9zd5a5cylt0n98xhcns5shxhrhwjq5g4qa844ejselaa4l", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3RzluYjcwZ0lzb2dkQ1dW\nTi9WUVNzcFl2SFlKOWhydDRJUDZwV0ZiRlE4ClpJMi9iKys2c0UzMC91aDAyUmdi\nM2hGM2pEbldvWVJxVE9xTGkzS3k1M3cKLS0tIHZ6amlrK2MrTk0zbVM3K0hud2R0\naEpTUFdLbTJDeUdtV3B3ZlRiaEhRVnMKnhQlTzVT4SexBeLOfr2lzmt/HNLX3i8L\nMzy38YXRX7zlyABV7ARCUfv8iJuTEdwagmN7GNFKjBYJKnJdx/I5KA==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2022-03-15T13:30:32Z", + "mac": "ENC[AES256_GCM,data:PG4ywF/U6ITmdRB4OU5uXu54YabYt9Yyy2oYEMx0XpMlpKWH5bmg2qQNFakxBD6wCy2H6e3LmwcUl2N692crm3n/qQRNPQ0ETHVlaPlRFG85tiz/Ngi6tasoKG+ciLAXMy05c+yY6oENN7grm1TTMZRGSIyxo27ZU+k4kmz4eVM=,iv:fluwCnXHAJ/z2oGWCLXbjooymXbViPrZdVJOnoSrn1g=,tag:QtNGIKMBDtKnb3JPuRqmiA==,type:str]", + "pgp": [ + { + "created_at": "2023-01-30T11:19:26Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdA3cFA0mdDezP+pRvGq6iso68awdx9b7MBBUIiHEzcBEow\ndsh5K9hQX2fe7zhBkS2wqt9uMvfXrohAgibJj/XmgFoiJFh6dg+t5AQNNZ1YPZ10\n0l4BVavPT6fUC2xusU7XH0oJ6ALL8WEA5PEipzxANTCgZZ6mz9H2inYOJAFLvWeU\nQoZVGQVAIU1HksNi2gC671IkfL9yLQpxafOVYIsD+aP/D7unXcZ4u30nJa/ACcsk\n=yXpx\n-----END PGP MESSAGE-----\n", + "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.7.1" + } +} \ No newline at end of file diff --git a/hosts/vidhar/grafana-admin-password b/hosts/vidhar/grafana-admin-password index 56a69070..c27b0fa5 100644 --- a/hosts/vidhar/grafana-admin-password +++ b/hosts/vidhar/grafana-admin-password @@ -5,18 +5,18 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age1qffdqvy9arld9zd5a5cylt0n98xhcns5shxhrhwjq5g4qa844ejselaa4l", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBac2NVdkNJVlRVMzZoQmNy\najZpTGx6eGJKcVhqNnN3TlpsU0orN1Rja1hRCi9RWVBwSU9LOFBwSFZaWlNmQUxS\nTm1FUEhPWTRoZE5jRzNZY3BHa1lwQVkKLS0tIHBOMnZmN1lYd3Y2UGxDWGg1UVJB\nTWs0M25aWUpucStDa2hkRWF1SUZiTG8K75EbaiWS5ew+HCxbJaHPgc4lopxLScrW\n6t6+sjtI+RpFzx/ZwEoc89jJ6K2AcYHamlG6zlDQf7g9glYC8d9FsQ==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2021-12-31T15:57:51Z", "mac": "ENC[AES256_GCM,data:Dqp4zA7D/hV5FQsp0czjym4MOjusC1CkmsitIHsD2XE87PN0LdAKTL/8tYSH+UGRdoSAnjyPYL5EastF5l4ubWNibom0R/it+TotvFBfaD27DWquZ3zvrwgjBXjaswGPYD5YbRocUmi1kOmZQtjegb6KTGpKicxwKbxg0xU/oHk=,iv:oHCqnCCSmwz23FItsThtNZC2J4doebMNVdhNkGv5+UM=,tag:u3owTxS9FHCZtG7YmDGbuw==,type:str]", "pgp": [ { - "created_at": "2021-12-31T15:57:38Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DbYDvGI0HDr0SAQdAQzuwBJzuzxQRohpEqMZtMaJo3c7FWAxJ1BrC0zOAJCQw\nzLfsrjUWCsxqBJkbK4h84Iun8OdulMHyAbg2knSGNWOQoe7ec1cGl06gFhuxkXzy\n0l4BEW/pamCejbYKw+OISBBB6atjs4b3aOzSbnJSBjauommsCnn8aJtZt1ZfctiY\nNo6tawcodNzYCzVmVDjfBM1270yrIP3W0hsttoyO/DQeZn2vB9YiFI59xnVqhrE7\n=tNlA\n-----END PGP MESSAGE-----\n", - "fp": "A1C7C95E6CAF0A965CB47277BCF50A89C1B1F362" - }, - { - "created_at": "2021-12-31T15:57:38Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdA10EukKZpWrIMHrNrhbGBjKMvpco+UusoYebYNuSi9RAw\nc+UuuxmshOxq0n0RTjNBZvhixPcj7P9t12ldk1V1NYlHOocMFf5te1wPbkMoqZKz\n0l4Bl93nSz43RQYjeoQWleUSrBchNQ/WOs7Wr4DKgoZ5nC3q+Pn6qQ/yYayhDjpW\nHR+06wk41uF3lnoa1vhu43eK/7CbaqzUZPInBrYbkat7MvE33Mq9rcoXBomNT4eO\n=dSyp\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T10:58:54Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAfYLfpXL4DJbkUsnSoqDJUbjkTcRUKdk6JQyaUe8IOTww\ndD4rgm8nEf5HBLnsqos0Y1pmfscxCYxh20kdWFUF1OWQy+VAUXmTl4NtfLMb+IKH\n0l4B6QxDP9mSgEccj7g2hv+FgDGD3g5/bY5dAQQsx/3SxveQ/39Zwy+7EjZF+L++\nsKGOF6/9JietP1ySsx64Kmwk7nhZorQCc0FNb7G72fy6motM72DqKEgDiKoyPNm4\n=rPJu\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" } ], diff --git a/hosts/vidhar/grafana-secret-key b/hosts/vidhar/grafana-secret-key index aea7a8b6..a37b1dcb 100644 --- a/hosts/vidhar/grafana-secret-key +++ b/hosts/vidhar/grafana-secret-key @@ -5,18 +5,18 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age1qffdqvy9arld9zd5a5cylt0n98xhcns5shxhrhwjq5g4qa844ejselaa4l", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxSDVER0NFNDBFc1RzejNp\nQVduV3gwaUtlTWNtZkRJR09vZUViVXQrMkhRCldoWVd6S2FvVjE0ODhSUW9vWlBh\nRHNDanZIT1ZlUlU4SUJoam95bjJGK3MKLS0tIGpkbHppamhmZEZIeW9GNmFIT3hp\nTVZVay9NdXkrUUJYeFNCc2JoR3l6SFkKS4+gfRkPk/63HX+wzJOIMlFkgeK2qS25\n0F4qYbya2vAA8F8+ttAEs0lFpuVPZokuJmxYg9uS4shVmtHIB9nz7Q==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2021-12-31T15:58:23Z", "mac": "ENC[AES256_GCM,data:6UhUWxJ1IAgM4tubK0dD1bTQwmJZCZ6KkLTlkPRkbVRpN6zQAK/RT665Ok2lGpxEZ2yYrAMUMGs4Kvpii7NwEd6vj2Ad+4rKZygJ1V2hnmSCN0AUC/EdzGorFheMy+yjqJSJIZTc+ZIpQ7n/mtdPe6SyxJfzJOLXIZ6xFlteAhQ=,iv:3Xwa0pBwieGDmPTCD1i8qavRI5oa1Bm8AIz+EA/l2X4=,tag:X0s9WfxtlaR6GKtnmnFvDg==,type:str]", "pgp": [ { - "created_at": "2021-12-31T15:57:56Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DbYDvGI0HDr0SAQdA9CYiNCA1h7DNMvPg4qeFT1Yg1v3HdQRgUEj48QIYrDAw\navNJMsqFby1udTs4j80eY7hUm6FbD98MIr/Od0Pb1RznrLPcmTWYbSM6dHKLUjav\n0l4BJkl3Q8AiLsSWMfg9YQ7s5kBpzWmdajRJnV41lbMBKph0tRzzf/DvGjm9dDe2\nUS+rzi7WzWlmQS1ekMwNKAzz3ip4yJA4J591JOhtt96SqmQAHV8ww2q9IE6bOw6k\n=LmRs\n-----END PGP MESSAGE-----\n", - "fp": "A1C7C95E6CAF0A965CB47277BCF50A89C1B1F362" - }, - { - "created_at": "2021-12-31T15:57:56Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAQbyLmRaWWln+lPYj5lAtbcQ4KQ7ntPyJJIsMl2kkBFYw\nIedaJ+SpExs2kXTlAWxa5B74RFmAPRlCq+ByErWDorovhn1uYI2ljeYIHKvrcgbY\n0l4B7XQlAV3pz3v/ZwUhB20zatPCprUWdJH+3Gd8xQr46djdHGK9WQSetxxEuL8j\nyfENUOu/jnPlfMVyDwRHbweq7Ar60GXVfs2UrjsL7yRjr0FpMNu3Ho4O4kO9HBn6\n=B+g2\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T11:00:39Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAX74SROmIM9R/4BORJGL2xYh3dUhBQuS1FjuZPu7gJFQw\nGTDgmi3R066bF6BLhuxu/cEKSsvHovA6ZJHIJdphXYR90l/ewmwVCwOh5EdiA9C1\n0l4BfixOgLLVfJF+qQnfENKV+dnSxzhCEBfS6d4QM6pjmsnNncOHOG0dkXsOOx7A\nzWX5GkY1n+Q3H8lGElqdnrx+b6pzRroJz4el89Q+qd9P7Pabr028k2ni4vYEf+Xx\n=+zmI\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" } ], diff --git a/hosts/vidhar/network/bifrost/vidhar.priv b/hosts/vidhar/network/bifrost/vidhar.priv index 273e9ba7..a83a1509 100644 --- a/hosts/vidhar/network/bifrost/vidhar.priv +++ b/hosts/vidhar/network/bifrost/vidhar.priv @@ -5,18 +5,18 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age1qffdqvy9arld9zd5a5cylt0n98xhcns5shxhrhwjq5g4qa844ejselaa4l", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBrQkw4UURZS01wSnh1MnFI\nSThmRjhlblNXOTQ5M3B5NU9tZ1hFV0Y2RlRJClVYOEdvZ3F2Nm13NlgrZW8weUw0\ndmk3VU1tbzY1K2tGcnVnWkdiSEFWV1UKLS0tIGtiZStwL3l0QnFkZ0dibXNTWjdQ\nOGVCR01kUXQ0ODd4WnQvRGRXdk9rZ2cKi3rihCktaZBl3UVeoPk3Xb8CEtTkFMFa\neoOo77sm9AGqI1Dle4fFwomm4d0WjtnTY3yBn2nSEn2MpOWT3AmoQA==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2022-02-06T16:09:08Z", "mac": "ENC[AES256_GCM,data:SXCQKrqkOoXlm8Mrs7UZ1CGJe/HnHhvNCuGpt8yhsnchWICfGGWEIrh99TrKkia2X1inoElwXQYYPfyKHFshLaoNjH2GduR287OXluxZs+Thnm1Fnq6oZUBO9mDDUlykZAB3Mjm4WmUnirKB87Q6DFtTRZjh26amt3oC6GwnEfE=,iv:NtPsuStBnJuVfnlbxunL9PxbPdlYktJtV+MYSa53Oc8=,tag:HKJayT/YNP8PJ/ZIlKdQSg==,type:str]", "pgp": [ { - "created_at": "2022-02-06T16:09:08Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DbYDvGI0HDr0SAQdAnjYlc0bHToon5ayDJk+08sRPPEww8MBOprZZswYU1V8w\n5+QzHJXtSbb4lEwKwdwxkkSg1wBiW+kwrV2L2yyYOvoMhWKQsntjQuzaK7I1Kjix\n0l4BOIcMVJEyJk49CEQQyFlqmgJrh9L/dMhl1D7pD842GcpGFxlB7OHRXsLo9axj\nFAuLUc35LyVgnHd2InqDwG0JKiySdI7fN3dXWiD5H3feoCDisBZvaH/5DlufdIl7\n=sLA+\n-----END PGP MESSAGE-----\n", - "fp": "A1C7C95E6CAF0A965CB47277BCF50A89C1B1F362" - }, - { - "created_at": "2022-02-06T16:09:08Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAeG22AYCyEYq1Fvqj853ZE7oeuOWOrpDOXiAvnSl83EUw\nofhjhoZ9nMyZlsy+nD06hIvaYdcFeAuSV8iHwANAjarmKlnKicT7b7mBCkOjMJDX\n0l4BAox2QUqhcYbGUKT+/Ei7RXYMP8ht1N+iisBVnzN055VrGQhvDadpcpVzQGKH\n8Hbmmdi9O2PQWRYnvRK+0I7GJFiC4Q36Kzf8X9MojMhb/GIwiBKCU0ZK2BLM9FtA\n=WbKA\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T10:58:52Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdARSKDb7ilKfOz7fIo+KWUT98zMY0IFiRqBVjeWNHbB2Yw\niLEpRKl2uq4Ul5eaZnpllWHwmP7F4xLIyxvK7TyoV3qgDlZWhbM2raYCmRHm6kjc\n0l4BiYr0WxLIR55j0RdQGtbfvh9cWroOwl9AEaMDbTrmcZMsrLldfoAQQlW2rzqj\nhE9HrY57bAJqjUO6krtttt3sWyHk9LDzP3WsoDaSIz5SStR0+bTcGdvVe5NSu6d2\n=PxGo\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" } ], diff --git a/hosts/vidhar/network/dhcp/knot-tsig.json.frag b/hosts/vidhar/network/dhcp/knot-tsig.json.frag index 75deb41c..c10115cf 100644 --- a/hosts/vidhar/network/dhcp/knot-tsig.json.frag +++ b/hosts/vidhar/network/dhcp/knot-tsig.json.frag @@ -5,18 +5,18 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age1qffdqvy9arld9zd5a5cylt0n98xhcns5shxhrhwjq5g4qa844ejselaa4l", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBCYk5tM1lPRXc0MGpHZENQ\ndDU2M2VKY2t2VGFrcTUvd0NrU3VMZGQ3NHlNClNTaWVjdDNTQXh6WDFmMDk3SWtn\ncjJjRzUxODFFL25Ic0dabyt1ZW5xRE0KLS0tIDJlT0NTVDlXNWphQ1B0VTQ1U0NH\nNktRNlIrQzdhRjZ0SjR0T3oyRkZiWXMKX28S4SySQguT1cgMZpDY4o/OKY6IvjT9\n1oUzwx/BzBbC2JbpGYvQQgp/qfiM2k0oXmQlfdTv8kD/MoOqPO8E1Q==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2022-03-15T13:52:17Z", "mac": "ENC[AES256_GCM,data:rTelaGx5S2E2oYPNGfctFbgDKdyRX8tpVTqLtpcCAJ8MS5ppFTjnSwYi4yQHvTicfAPNz7hGJYAnTdyC2QDTciJgkS6KC3CCXWCimkTybBdVW4Azwz9iBZCpWu+rB1vcQhSLlLCaKmKskkqDZZ5+mfuaXc+TT2uwTA0SDtZWvnM=,iv:ANCZ1fHy6w/svEE53o7rWsp5qU15qoriqyVMzClH6J0=,tag:H92RM5GuLIl9/kslq4tzkQ==,type:str]", "pgp": [ { - "created_at": "2022-03-15T13:50:52Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DbYDvGI0HDr0SAQdANAtB0un04iI+foGRefRK249LhT6Mz+yzdhkWa0UYoxcw\nUGDSh6la4ijiaqdeVfJ3vckXfAqee7dLseNQ64dafdlk2hVI0ZNv6mjfwgWk698v\n0l4B4EOHfDrmFNhZFcj1/sCRnukgx7PSeybZn3miTLQgMGOydrfYuisA3we/4EUo\nU55PGINdtAu268OUHQjj3yF1S72Yeh1MXEdvajRQdqorQJ4TpsPUtJolM25Df/kK\n=etIn\n-----END PGP MESSAGE-----\n", - "fp": "A1C7C95E6CAF0A965CB47277BCF50A89C1B1F362" - }, - { - "created_at": "2022-03-15T13:50:52Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdABm/Qf3pX4SxvTzq6sJKWc5o3Fzu/nH3XAH1WE2L/BUMw\nMFFmYmq3399ZcZ6JvaHdbJFUdavo/+wOg3ecWok039wbsr9qwn8YA4cR7VBsUPLa\n0l4BxuaiT3M+mTVvr5WpGFc3Xj7Mp4/z6hBUS+qTFIFZI2U5JsmZgC7VGTm+dlSJ\nexN6yr9mlQXvDIkx8w5/eaiYGViZ90SxN9BPYDqfGGigAw+xdXaafcOx8uBldAL1\n=HLRI\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T11:00:34Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAW2hoabFaeKDrI2eHwiIS9/StK+WxwPR3S8GEZmuHBFsw\nIJY/tRUsM7RWc50pQAAGtnlx0NoJksVv8K4bqzPHZ3pfBUxkNmXneKLE5qhxxIGL\n0l4BNd566uIhDhpvI0mLOeLePKO8d9aARXdwkuG9bohAfx2NyWSWqo7tdvfgWQAu\n05KLdefzKH3eC9XARIJSAAM90QH+tyojxoFIBSNgY17f1T3TNz2KtzERKHOKvemB\n=7+SI\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" } ], diff --git a/hosts/vidhar/network/pap-secrets b/hosts/vidhar/network/pap-secrets index a7937caa..3516de6c 100644 --- a/hosts/vidhar/network/pap-secrets +++ b/hosts/vidhar/network/pap-secrets @@ -5,18 +5,18 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age1qffdqvy9arld9zd5a5cylt0n98xhcns5shxhrhwjq5g4qa844ejselaa4l", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwYTFaTDZRbDd6cFBRSTNN\nVk1kcFJXRG9TT21IMDZsVmtoZjBTNDNjeDFzCkhxNEI2Ujd6SW1STG43eE5EdzZa\nS3phenJZN0RxajBXQ1BnbUhTa3htdFEKLS0tIGVlT3lReHJSQ2UvQ1FST0M0RzVP\nNmxWNzJmNlFPclJTeDUycDJiUzA4Yk0K4JHtkEPY49TGnKPZzEoEZ131RxeQEWkR\nK1ftH2ilr2tUhiErhpqxoTqfAm33xvruqTsePxh1uC7svzKtKBlS2g==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2021-11-15T08:30:09Z", "mac": "ENC[AES256_GCM,data:TAgZ4ktdN9sZPMo1UtwjKdTM2QBjLorcm84HYXTGYNNEorPoqrXAWOvyWRLjx+zxzpRuDLBPQHCkjwkVO2CctxnTaWPMwITbYtQqj/5ZxACuAeX8MaSximB8s5MJK2faCuVXEnFehbnnPr5Fs8ZsgHwu2iH6DU8ScLEkgckzGV0=,iv:keUbKwWfoIIBsp5Rsm2lEba1ZHAozQY2YpA6p5qDBiU=,tag:1llGytMGvOjSVYKJXGUmXg==,type:str]", "pgp": [ { - "created_at": "2021-11-15T07:45:08Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DbYDvGI0HDr0SAQdADLXtluBBuSsm9CIPG1mEJnOJ0IQmCpwQPcU+Bl/zOE8w\nseSG0fcoBnRX7ngWMoJZ7a0G1ARjBql63SJN7OJ8E7OLcMBeaRkjl/F9jRM6gfIJ\n0l4BCu/V/objPnHxlQ9ETKheAjr7aEH+Wuttut1U+a8Ad5kl5/hKtkK5gv+q0WTi\nRBCe8OIKFbkzd8OvvzZlQBBEa4G/2Az2lVYFrxHq0a7XyJOxmnUJWurbsPUK6EMk\n=ksU8\n-----END PGP MESSAGE-----\n", - "fp": "A1C7C95E6CAF0A965CB47277BCF50A89C1B1F362" - }, - { - "created_at": "2021-11-15T07:45:08Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAf37n8FlEvDjECfajRNxIh+sLj+VZOSYfzt+GovJN1C4w\nQRkd//w4h6CqMcVz3LzNZIn2Pa8lhBLFV2tBfFqZDa80HcBWCtBgDivq8l7onmJm\n0l4BiAv4DzVVjBOZqhBnzla6SmRqAZDwE1WO7gN+R3/7S/0DXUxopjvdFaheLVj9\n/tKup9Dn2n3mr7gCvgvuPIaoJqdJSG5v8rgp1IrFSIlVtLv+ThgCsGCKZ/P9ef56\n=aqGg\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T10:58:50Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdA+cwEt6Gv5oKvym4ceJek+J/5guNpmsLLXWIY5CCCSXUw\npXyQpqxm7LQnasIqYNNsNCVbB1mAu6WU6MKn0BG03YWjr8buLB+7PpwZcxeZzRfD\n0l4BAsl+vKwa2YSMCR+EWYSfeEzEVHqoGBJ60dYXuiFiNZInCik+g69PdhsGygNH\nRtIcRiCB8t94GkvdWySTq5ohi1wKOe224l9evbt4zXntVngCHxixuufLrr3Cj+EE\n=3lw4\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" } ], diff --git a/hosts/vidhar/pgbackrest/tls.key b/hosts/vidhar/pgbackrest/tls.key index 6ab308ac..9218b7b0 100644 --- a/hosts/vidhar/pgbackrest/tls.key +++ b/hosts/vidhar/pgbackrest/tls.key @@ -5,19 +5,19 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age1qffdqvy9arld9zd5a5cylt0n98xhcns5shxhrhwjq5g4qa844ejselaa4l", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtcmNKbVA3VnB1eHZVcm9u\nWTFMRTlGdDRWM01TYUNmK3lUU3hIYmx4Q0VzCk81RFVWYWx1ZFYwVW5sRW93WWRU\nVVJmSWpmcnM5QjlFczloMjBBRE80OFEKLS0tIEVDdEN4Q2E2bDNuMDQ4Q2s3WnF3\nVW84b0JKZ0xGdzVZd2NQOGgrMEpOczAKoorQ99mTL66IEp2Ckl+lYirbKd6NPh6Z\nJ7Ygv2BIKhHsgEhx4sWrakapEUeze88hDd+9oaofZvENx5xPgCzBCA==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2022-11-21T14:21:06Z", "mac": "ENC[AES256_GCM,data:OQnaCFEsi5Xka2L7KoC0UX0L+NtihG1hk7koxH51WiiL/JF1NrOs7PpgNbhVzqiAPWlBF1X/2ZhWyEZris9iVZ9RKa1lgF2VXjuwVHZNGA9G9Dr0ipriupOEdQABRA2MM0PlfdW7CdbzxmBcA4uwfL3m4b0uMB87A/cRG8mSm3U=,iv:2yuhHIjWRHipcOx+2hFUx2RJG/L/icGMH0QxR9w+MTM=,tag:pnwNVPzyqu4t6AklWd6HGA==,type:str]", "pgp": [ { - "created_at": "2022-11-21T14:21:06Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdARaz8S4iFbM7+9cUv/WGQDsbnv51AKznQzs3W31w4Cy0w\nh3UzddwF0lH57GYBnVN6S8h5zEjbtz6tRHVsim6ltnVGmsT+t+fmEbASoPF0mvmc\n0lwB9JoMB9l32cFeCQ6Y1Hxryvu/FeL+iXe+7zouKpW67HQ235+Zx5481xxOg1fy\nwmDb+iZ9R+iNO5twraf1BOG+3y8yrJpZV7SZq4H958Kk35QnHlRiPqDfkx9NEg==\n=GAV2\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T11:02:25Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAraO/4uAAKwQ6+Cs83SuApQ4xbR5QcTp2zlVWzoxoD1Aw\n+67QzvTMmAr9tayCv/HjYJvnjT7vQfIHaRFr/ewXh37B05jfPUFe17hdlT8lUi7Q\n0l4B+WTgJH+d0pUaCo3RedCEFR+pbemaDFIosA6z//cpbM4nNc6sI32BUBw7eQC1\neVjR6n2iNiYNPsk6vgrKnF1/TBGnNAjap/eJi0Ro5J0ng/BFu4SFeEAvMocrDkJ9\n=isPu\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" - }, - { - "created_at": "2022-11-21T14:21:06Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DbYDvGI0HDr0SAQdAgjL9+LcR5m5vHngB9DWE2zfkjsQDsIKrEw2RLKrKdVMw\nQ5B131gL7QKEfAc0vd+HQDANo/pfB9ArI/lNkVvlBYfbO8paadJWvDt9fdmOtJ9J\n0lwBcT1xLhPxCrUVEY1Clsv4y3liNZ78iOBuqaOx0W1A7CQonM2B9ghTDq4bsEE0\n8CxD/mNCn/D8WOqu4dJg6wvIzkk6faSBCbxBjmzTcJ6oDj9RdnnnZ6M/uNWw7g==\n=jZqN\n-----END PGP MESSAGE-----\n", - "fp": "A1C7C95E6CAF0A965CB47277BCF50A89C1B1F362" } ], "unencrypted_suffix": "_unencrypted", diff --git a/hosts/vidhar/prometheus/tls.key b/hosts/vidhar/prometheus/tls.key index eba3bb5c..1a6cb5e6 100644 --- a/hosts/vidhar/prometheus/tls.key +++ b/hosts/vidhar/prometheus/tls.key @@ -5,18 +5,18 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age1qffdqvy9arld9zd5a5cylt0n98xhcns5shxhrhwjq5g4qa844ejselaa4l", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKUW1zb1hDOEtnSG1lWkxN\nVHBVN0xzSDFzdWg4bk9kTVNIQnFsYkVYcFIwCjlGSjI3VXF2WCs2TEZkb1RqQUNG\nTmo4SzJRbmlsTE9Ubm9HVW5sVDM5SUEKLS0tICtibmZ1UWJPaytFdHQwZGRqODZP\ndnE0SnE0cmZ0dGloaXZDMWJZaGh4MUEKN6D8v2hhuOwzaJPU6AbE2RAPM1h2aZ4/\n6GzrqsRGgmLAvZd96B2sbADP9xkBHzLty414Nt004/yOSue026246w==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2022-04-08T20:08:57Z", "mac": "ENC[AES256_GCM,data:UfFRVfPGtGle1yHVj3FrZGb+LKzIBdAsAWJY0qzJTXR+uMxAjCOIBmtBBmzGViBX4mBXFXVbYHvXVlpJPYw1kUhQW+uVERJHvhsRsC9cg3MyNrGNkZIi+QazJaI5Xe+9yO5yjy0NE1e6jia/+BxOZ2tGv8uItRQxfyDCRT0+sWU=,iv:yDgjpubvnF2G07ulC+bopb90wMhfop3z3mEXgeIRQxg=,tag:+J6campz4SYk5xec1uHMog==,type:str]", "pgp": [ { - "created_at": "2022-04-08T20:08:56Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DbYDvGI0HDr0SAQdAvXcM76hJxWHJ0i/XMqtIUSxdT6AaHqduia7V1qUmEA8w\ntM89Pshkp8atxmCdRgTiS1e3qgGHRqp6pYEjt2gT6fGDh8nTmswWDNBqmAUw7gj6\n0l4BpBZgCgGsuAL49qiezBuR7BsrKmRxIPV7ZZFl5CNofy/38qjxY8FxJl+GsiHn\n3jkXh8kJEO3dPXSU+7ID7syxifFFkLcKhRcNXeeZdvz2J/8zYFUhqE4+7+S3AKjs\n=7IAZ\n-----END PGP MESSAGE-----\n", - "fp": "A1C7C95E6CAF0A965CB47277BCF50A89C1B1F362" - }, - { - "created_at": "2022-04-08T20:08:56Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAfS68HcCu+AgaXTG9VdIakO+Jr6Y04INcZTJ6vkNQPFEw\nclmmwVcjylP6BHUML9tSHsgxyW9IK7CYdojtmqRsYF4NCvbWlFRBbehjPlLL4yKs\n0l4Ba+3HaHK8w+lCdMWCLcxzzd2dfkTPNAJUzIAl/AIOx6EwdZseitYN9EkeJStt\nNXcoDPDmnntVlqpUYwHkTKaLSUVuwesaQ8LdHHInvvOXZ97xEcN7575vI0Stde/u\n=dNgh\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T11:00:31Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAPPgzdDykRuSybzSrDHRFBaaArK7YbUd09yWMO5pO1Xsw\nZJiCHfuTo0tzB50ZFXbPKFMHAeN1Zu8CbCi2g0tdbzy708T9BML3I8GtnVnBJoCO\n0l4BxmQ8aI4WYJ1oCRy8YriEM/XZVkxXlFpPw+vUYTMUSt/gswVnCgHesnE3Gb3z\na/iFTd8G4qway+jlnmYxhLdZW1lNXCQfi7ZwWEtzpbwjSFyGNOqxbqJKrYRXOM/k\n=nVAU\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" } ], diff --git a/hosts/vidhar/prometheus/zte_dsl01.mgmt.yggdrasil b/hosts/vidhar/prometheus/zte_dsl01.mgmt.yggdrasil index b455ea50..1c9c1fe0 100644 --- a/hosts/vidhar/prometheus/zte_dsl01.mgmt.yggdrasil +++ b/hosts/vidhar/prometheus/zte_dsl01.mgmt.yggdrasil @@ -5,18 +5,18 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age1qffdqvy9arld9zd5a5cylt0n98xhcns5shxhrhwjq5g4qa844ejselaa4l", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBIaEE3bUFBY0xKSDUrVnc2\nbFpjSkNOSm56amJTNjdXcTljdDNRREhITm1NCjZrOUEwNFpxN2FmTVV5T2xCbENk\nMEFmVzlPZ29CTlJ4dVNCRUsyRFFseXcKLS0tIEhscVZ4VUVsaG9OUnBIRFE4WXA2\ncGFnbWpNMlNIQzFLc1Ryc1Z3NUl1bVUKi9zYBlF2vslGKu4GP368ApbvuxjZnQpF\nuOujXSNoEps21wY6xUENm+CbYbgaJjSgmb5c1IjAmnubVI4JVY9OyQ==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2021-12-31T15:00:33Z", "mac": "ENC[AES256_GCM,data:sw2NVXHLibbuOChgScLhSTjGZBjSoHpzIuRqfCW0eL3DwhL5CekG6T/oYu06KjNmxVjxwb3OmqECSU0TUvPn9ySOWwMSoBfyJpDoTHnZ+YOjOH351IOAMBNcBDJse7aLGRWW5YXKLDfmp8Dhg2hlMhCmkVwAquQjPhfmAdJfj64=,iv:wgM/BlRU2XJSGj7KvAo1WRamecffUDnFvv2+4twtsQY=,tag:0mXblJtTGMTvxndedws94A==,type:str]", "pgp": [ { - "created_at": "2021-12-31T15:00:06Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DbYDvGI0HDr0SAQdAn++RT4a1DwWe5FutYxwjV9kCaXPnKYjgNK5T5NQthF4w\nnWprU35P7saYuJqxXfReNxFDahkdju7GyDJPEo1sqtzUdBJilcykTlpno3KgVt5+\n0l4BB0Nab5e9oOx5XdoMLjpQ023qbmOCVdt1/Sny99qFWwCdxubJv1R8nQlCpD/p\nkNnMszzuH+UjYHDap84OQPuD92zbowqljBe3lC9/dHfg3yK+ajRnK3jpZA2V3aBz\n=DY6n\n-----END PGP MESSAGE-----\n", - "fp": "A1C7C95E6CAF0A965CB47277BCF50A89C1B1F362" - }, - { - "created_at": "2021-12-31T15:00:06Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAU2jZECgVflkSbtQkNYD4aeOHEEahbJUJNmXncqoBt2Ew\na7dVkHlBp1WdUF9UBAbkiUEP364fGttFFUf6xORhWiNnWok8gwkzaFKF1Y/zNEjV\n0l4BpY/GSUIFnD92AW/ymrGGDODnDdoLKiyiptkraZO74Ox/hezHJyNwKX4XJq68\naedJ+Xz6JYfYMafHSEMFQsdhihwESt4eIjGM4y8fNEQ97RuaN82tIbUjkWJASoS2\n=ExBD\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T10:58:49Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAcwl1Blp3J5wgpRJKbYI1G1yEZrRYeYuoDtYUh3ToMAQw\nd92/bIJJR5Ml91eDym9uBN0fFRRy72r6FOx4qZT7S4DhmuA84qCbASjF8bKSclc0\n0l4BBXvDS5Dz1Q7iYc+LxZjHASV1v73A+MaeCFvG/pjmHzF0z0EzBiAJD4ZWGcP0\nX2dDbjl+n9VFrvmeLRxQNh4XZW43iTXdRjwHDgm16zhd9X6VOVhr5UkC4Nyjq2Ar\n=4ZEa\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" } ], diff --git a/hosts/vidhar/selfsigned.key b/hosts/vidhar/selfsigned.key index 8e6d0e2f..9b7bde7a 100644 --- a/hosts/vidhar/selfsigned.key +++ b/hosts/vidhar/selfsigned.key @@ -5,18 +5,18 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age1qffdqvy9arld9zd5a5cylt0n98xhcns5shxhrhwjq5g4qa844ejselaa4l", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBaeWVGaHhUUTJGZFFuVExU\nYmZTQTlzS1p0WWZ5SUpORWI1Qk45YzJDRkdJCmR1ODdFREhUNHpvRUswdDdCRWlS\nWHhHTEw4RCs4aElnRzhKKzBiV0FJQzQKLS0tIDNZMWgvSDRTbVVlbVp0OExwOEEv\nWk0yb3I0cnBjQ3JrMFRIS2RYdStRQTAK74DHR+kJjwad/L5PmZ/WOWuktDtmKk9k\nAp2d8uQiNYIOvWjCOaD0yX4FUr9e04q12DOVHtksLkYDYodK1oe1ug==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2022-01-23T18:21:33Z", "mac": "ENC[AES256_GCM,data:Djr/AQmBawg4DQpbOeUPqPlWhU/sBjjSWWzF1wB20Aq1FkM+po9e0Gb4G7sDuBlJUqbggfZd3SoivVqTZtPAvVY4JDqVsOPMXwuelDuyrjgvLxyTlq4BkCZBszSqqgSH3JqiYixr1Ll9Mb03mzDUKyxvLoiaOMyB4FDwyv1kf/U=,iv:t00OtWQh2Le9f9IG6XbuIoWAgTzeXqhv/VrGc3oHUv0=,tag:dekwpHTSFTVIR6oaLWawwQ==,type:str]", "pgp": [ { - "created_at": "2022-01-23T18:21:32Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DbYDvGI0HDr0SAQdAzS1Wo7bBBtUQE1UO3ToaxuYzpYOT76xCedRzNovNtQMw\neQuVratbHcuAPYaElry4ckmDTn97oCf+5XreAdfn9pKqosLhcgvg3fz+tMYo6Df5\n0lwBVUZimeibwARxk88XbPUqcIhh5a25v9Q31mk7fpxV3Ynm2/3Blhgv5mbLvn0u\n0LdDSga7LJRj/n2En5fzgpwn/X+K6fHmLtStbb7lQfmDhyxF3Crlb1thkmS7RA==\n=tkqB\n-----END PGP MESSAGE-----\n", - "fp": "A1C7C95E6CAF0A965CB47277BCF50A89C1B1F362" - }, - { - "created_at": "2022-01-23T18:21:32Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdALOQl2LfVp6B0oJTEgtj4y8f2eTLj+DzTE6tUPdOR8lMw\nV5ECy1s6PBm49+nsU8nGt5gJsZAWU00CKg0YJovlXcNrsZP/Yc6Ta5vfjz5ENCI5\n0lwBANrOIuqrk4WzrIbImWHts6M10TPdbx7//LIbU1tDdRpCoRTG/1WeSBJci0VO\nCSDFzjhvH1EgSO+nNfGCBpYwYJ0ZqDdUolbdYpaU8U1n6EHwkI47syV30BkpNw==\n=tSEP\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T11:00:41Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAcSSxwRnKC5amFllI4GiRHceaZPiGKKZ/pX3kJEnMkWcw\nmTEuyZ6wyOG/0OkXMNipByGYW6mZPsJz8ETobFsvTvZSSTrGi8fbc2QbRVP60ra4\n0lwB9yRbsVrkPMPL5Jp4BSvkD7zVdYcgvfiDz8FqTtdk5BVVHt64E6sxOXPuQpVj\n3bteXoQiNCnRIbxm6N5kGR0EgU0THqk8fE98X/oG3G5gdpyl6Xyl7+otI9ad6g==\n=mrLv\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" } ], diff --git a/hosts/vidhar/zfs.nix b/hosts/vidhar/zfs.nix index afb155b2..b490a6c2 100644 --- a/hosts/vidhar/zfs.nix +++ b/hosts/vidhar/zfs.nix @@ -15,7 +15,6 @@ "/root" = { device = "ssd-raid1/safe/home-root"; fsType = "zfs"; - neededForBoot = true; }; "/var/lib/systemd" = @@ -30,6 +29,12 @@ neededForBoot = true; }; + "/var/lib/sops-nix" = + { device = "ssd-raid1/local/var-lib-sops--nix"; + fsType = "zfs"; + neededForBoot = true; + }; + "/var/lib/unbound" = { device = "ssd-raid1/local/var-lib-unbound"; fsType = "zfs"; diff --git a/modules/yggdrasil-wg/hosts/4/sif.priv b/modules/yggdrasil-wg/hosts/4/sif.priv index 5641c1f2..bb1ce86a 100644 --- a/modules/yggdrasil-wg/hosts/4/sif.priv +++ b/modules/yggdrasil-wg/hosts/4/sif.priv @@ -5,18 +5,18 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age1ure0athvtnaqqw48pe0y3upqdzmkaen9h70yggd9va4hva6avd8qqm6s4d", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0R1AwUUR5L1dXN0l6Rnhy\neDZiS0g1MGhVZXBjdGNNTkg3dC92NlNScmlzClhRbzZyb1MwNFowK2JsMjJ1b1No\nYVBUSXd1QUwxaW8rMXd5akpJWkh1R1EKLS0tIDIwK1BLRFhabXpXcTRXU2hnKzhr\nKythRTh2QVNwRFdHeGcxYlIzelRuajAKXyDuk9GmR0sTYwfiCSFVMBlva4Ee1RpR\nF112J+L7NevzdcO8i0pFKbDiMZGvKuokl1YyQicbBno8iGgNiLwGPg==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2021-10-09T08:19:12Z", "mac": "ENC[AES256_GCM,data:XCMsYdeKpMO5K0qb+qk9jd93/dgYDz/FCRD4XMcKAggZAl2WiVphjybeAX8pjOhZAt+JGmUFdb1icbnPAkQ741B5msF79PemnRFqElF6yQZRsmfDmuo9xLenNWSLM00YpsBlZnsdUrz11uburgm78wPr/Fvj/6fryTkEYlNQrLM=,iv:u8rgprTsegxOzM2v5zMHq3aMNTaOta45EYJCL684xFY=,tag:IGZbYmsc58sKzBaujH5l5g==,type:str]", "pgp": [ { - "created_at": "2021-10-09T08:19:11Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4Dgwm4NZSaLAcSAQdA7ENCPeYBw3QHeCIVeZtjnX4k1iWK+NZPP3uUQkh8JWMw\noxlc9S0yqG7AerCJszSwmF4hC7B41Zsq97QFVQ+vecohermef7ZZZclw7adnMYl1\n0lwBT1RNT1V+9Tow0uNHKJpMzAwmlG0t5KZrXqsSKnjyvCkdTSKWg0yVMtLgy4lN\nnjk1P66Q3vGEFd9aVLVvtxrJ1TBtN7MTVtS/g0yMzz0WaZoTL4kFRjkaoBDSVw==\n=eJe0\n-----END PGP MESSAGE-----\n", - "fp": "F1AF20B9511B63F681A14E8D51AEFBCD1DEF68F8" - }, - { - "created_at": "2021-10-09T08:19:11Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAv3YnirqRXgFoLz/XTNx1gccOW/lylh0iEDGNcr1seVsw\nJdrmxN8sAsDKIsem8JEBNhT9RFHtUfVY2SjWpwWX5Xcm5EJSUFaa9lTDA8e6q7SB\n0lwBPFnboct+bXp22xpahkz5NOgbnNNIS27S9bizGfUu5w6cHYs8BGzaXXdLRjuh\nSKX57025OXD9sEScsQoakFMKbAgtMIDbhArCFRdxNLCNqCn7Dpy+R4DbKcWc+A==\n=gLxH\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T10:58:39Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAfgGtpp0c1/CtwtJvq7LeuFdSjI6XsFAWN6fe3V1rI0Aw\nttJyvxQURQ3sm4RwN1Qw9ut+6uoEds/8hT9xLMpzYbuM8zfWVZQV0vFufo67TPt/\n0l4BppAN5P0G0zWHFzKsxZOJl+uUfRRaO76CvW6uR5OuyLCKo3twyQqHQTQqg/3e\nPnZlYOJaDxxE8voNJHLIdwynuwdd4Yv7W0t+/sm8P2MnDpbw5F4iSzfvcOZ2xLRE\n=t2pN\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" } ], diff --git a/modules/yggdrasil-wg/hosts/4/surtr.priv b/modules/yggdrasil-wg/hosts/4/surtr.priv index b5d107f5..547a6d05 100644 --- a/modules/yggdrasil-wg/hosts/4/surtr.priv +++ b/modules/yggdrasil-wg/hosts/4/surtr.priv @@ -5,19 +5,19 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBjVWdmSW5LUEhxOThUVCsx\ncGRjcWlyRHFkckFjSlpvQkJTbUNSU0VOZ21zCnpqMVRTTGhLTDJiL1ZsdWpzWjBH\nR3c2a01ZNFpJQVZjNDNQdFVWenFDcjgKLS0tIGZPKzlYaXNhK1ZKczJabk5LVy9t\nNk9yYjlJZzM4cnlKQTRLRWh4OXkwbWcKgkfqv1DybzCuOxg2Weqfi7VhzStwNiEQ\nVxQ0Cftdza3SM/em277BH73yVvBsRaKeDc3bL4iEFbVUzKS8eMqr6w==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2021-09-29T19:10:07Z", "mac": "ENC[AES256_GCM,data:/hFdwXsAxrt3SCU0rbPPeBZ6mBsWcGkN3IMcOP3c28Df452/H0FM67/54NXwSErubnfIY4RXyGfj1dgLBV3A3r43E/F3uN4K8Qt1Ms+dJJdMjKiYpsOuCMgLe27yvI6LtUu0ePPJAPu+me1dOMSdvlQAMwNByrtKmLceMFVJ7gw=,iv:UauO61EBRWvVxYU2vlMI8nqIWw+KO1lEVIc82vVs4ZA=,tag:BzYnM9XcefVd/2T0JcMM2A==,type:str]", "pgp": [ { - "created_at": "2021-09-29T19:10:06Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAoHdrbuBJjuTnrUDbeAf7aeb6Kz6HbLuLiHZmSt/rSlow\nfgcSqsdYKMdSFeemRzAw++dBuIeduye31GGNDpsZUYyK9r90x0PJaFL3AABudAsj\n0l4Bm1YyqMDv/gzZeK87QDGpYZPu7+dkSrYO1sRe1qHrdI0L1WUs38l0eQM1qSUR\n4Gv4JBXNipoVTH8cfcGRvAy9y2+deEdzDtNK8rqLaQrc+q2TdV8Qlngp/EZqsQef\n=PM7q\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T11:01:33Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAuqiDxCHFrVmb5qQox+HVmv8L9t6VKRxd5QSpQs4F/2Iw\n49oXhoqsVK/yVWiJ7HwpnqK7aSKAP4EjnRcMtk01kl45yZX58Q1GB3iUQy8h/k+t\n0l4BA3v5B+rWtWPifc7VZRnA+T97rgQdPVCKTIaijVeRx1j/GqrzH9ZiVAT/kuKV\n7TnbH6Jzt04hH5684zViJKqYPBwAufcLv5Ezay4L7gHkdZxWKKa/ttC5sIe46Yr5\n=ItrL\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" - }, - { - "created_at": "2021-09-29T19:10:06Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAIQL7kGdUkG3CgEyRFdayydeTJGxjD4epYvaQBl4L0g4w\npKoTQuDf8FD3HeFI6ZO/jaE0BFX9Ifd3TYINK/XtqePOkYteos8aqJ/83t35aCIa\n0l4Bq2wt9BRR1pOQzJxnu8Dn9BsnOAQTp8JpwX5fY/FuPXTP8SV2XwWuHKnRd0j/\np7cSOUrog9agk9pc8tjwR+M451xN5AOpqdbqLkuNhi1b6QuxvI+sGsdh3sMz0UBs\n=5ozm\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" } ], "unencrypted_suffix": "_unencrypted", diff --git a/modules/yggdrasil-wg/hosts/4/vidhar.priv b/modules/yggdrasil-wg/hosts/4/vidhar.priv index c5b2ea99..efaff173 100644 --- a/modules/yggdrasil-wg/hosts/4/vidhar.priv +++ b/modules/yggdrasil-wg/hosts/4/vidhar.priv @@ -5,19 +5,19 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age1qffdqvy9arld9zd5a5cylt0n98xhcns5shxhrhwjq5g4qa844ejselaa4l", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB6dnRQUHYveW56cVJHajhX\nYjdxRmg5SkVJSW1xZFZUaHNYTk9nM0d6Snc0CjhwSzc1cWZXRGk3TXNGVUVsdTZH\nTkV3QnEyQ3REbGd4NG5ZdEd3Rkc5SzQKLS0tIEpSUGNjMm9aYWdVdkNlaEhDc05K\nUWtKMThZU2tEejhxNTRNQ2o5VHZtQkUKqEtBGxwWfAlgHNsqW4ZXc4Ujw+Wf9HRW\nK4xw0foPTrL0XivkYcU8DomBS/77tjWgHe1BcK5DrqpjuZDJnS5log==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2021-09-29T19:10:37Z", "mac": "ENC[AES256_GCM,data:iglf4GccydO5//TZbw2TWndqeIuZz3G1k7blAW1fNgoxdEDGN16NtsH+/iduQj27BsFhRdPXLO9JWmpeOjwzUMnmkuEOhmALYMZGaZRBzO/x6k5EICFacm6lGUHDm307hexzWtIpNaViuZJiWVlT4IDi5k3N2QaUCYp02AqzPeU=,iv:c5RCIl4zLxrWewc37QIwKIyK5lrBWwSe7Me/yP3UCoU=,tag:LfjGnveOB/lMGhOYk3Ev3A==,type:str]", "pgp": [ { - "created_at": "2021-09-29T19:10:37Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdA0wHAgvPYDG0FBH2rql1gX37YtzsK1K/AUNSarn71dAQw\nJ6FEldRQ6M+hN41ooX9DSebEtumtiLNQHnvShICw8ULFhrsgyGdUkZAb9eJ9pHnO\n0l4BDS9/MbcTpsZWW+LfFPAZCGsVi1eF5abQKDFDt5RMvxERefIR7jHd6vmjDKgy\nrESOG1nGFsvLnU5/OKJtSmWKDsnMh4ohJ1Agojh4YeVRUnFkM0vdihdZnEAlMz6E\n=DO1o\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T11:00:36Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAlKOiWmlABA+GmrO2WYQEpYH9iET0+VNv9s0nrOYH6jcw\nzmcxvYhJo9nevOjZi0iggw0oCJvPsrQWr0MDWvvivYIF+WYTwixvj2YOO4qUfaX8\n0l4BN24clzpL89V5jVQjM0xN4tKOrEH4RqVSLJ7Fd3JH2A7271OxLwhC4ZQtG+QZ\nugKRFCloZ5+lSiTMeywdknL5F++m1p5+tRVek3jHJUYCSXEqkck71QfKIo+HdBAu\n=dq2a\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" - }, - { - "created_at": "2021-09-29T19:10:37Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DbYDvGI0HDr0SAQdAJ09HBaaPhDdTOfpzVxuhtzG7s5ZjVrpZWmKKeO23bGYw\n2ctQ4YdNJt5Wv0AhgA0XVZK06rHtBV18utaeXhP7DYZID+wyMUkO7UR4/hhEGmb9\n0l4BzTxnL9liRwH5zB9r7erJYcDOUixtqtriRaoHUM2hDemprMqg+GoBj/Js7V52\nOKCiNGx5uDZ83W6+SFITIExm6I9pvBIcKUNc5aXSov3IWRRik46nU1iqYqYg5n/0\n=2+px\n-----END PGP MESSAGE-----\n", - "fp": "A1C7C95E6CAF0A965CB47277BCF50A89C1B1F362" } ], "unencrypted_suffix": "_unencrypted", diff --git a/modules/yggdrasil-wg/hosts/6/sif.priv b/modules/yggdrasil-wg/hosts/6/sif.priv index 56a4c6fe..c2df72f7 100644 --- a/modules/yggdrasil-wg/hosts/6/sif.priv +++ b/modules/yggdrasil-wg/hosts/6/sif.priv @@ -5,18 +5,18 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age1ure0athvtnaqqw48pe0y3upqdzmkaen9h70yggd9va4hva6avd8qqm6s4d", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBZNW50elZTWklNMGZ4TDU2\nOUlxbkN3SlB3U3ZnL1NJRW9XbFBoWW5yUEFRCmQ5VE40MUVEOEFkdHJHUHJMTmR4\nVnlMdmJ1M3d3ME9HY1NCRGZyYTYrOWcKLS0tIGdCeG8vM3lIcDRPakR5d3ZKcjhl\nN0xndjlOZXdiOHovbmJPZGhLdklCaHMKQycxaXqGVYh4ghuiyTJVQuNJxbNbr2Jw\nTUKmEZFYnrU+t+5uucSar4B/sxTHEcPaFOY9UDNMLa+n3rydJzpleg==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2021-11-03T22:06:48Z", "mac": "ENC[AES256_GCM,data:rJRrcBJnmEcLp27LYO72GR62ESX9VF9115JJi5w438LGWSloEt9AS8qwC4sMwG4pe8FFhsB0108El+RcPDJaIKiNyCNP/KnFtNABJttkxd1ldFv1tP+a150ydFZyxtlyEApiLxJNv54/ut1XZfbtgWRT+YaqNjLx0Mdxvptg+5s=,iv:nn5xw8jB4PCvR9/ickJqwVWatgUg0UeUwKwM/jqCQDY=,tag:D4AqHdklo+dS1fOamTDn0A==,type:str]", "pgp": [ { - "created_at": "2021-11-03T22:06:44Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4Dgwm4NZSaLAcSAQdASEiKC1/IWGM9kw+rR9wQTooxQNjFU80myZmmK/qIBw4w\nM3oBU1Jx3XLmbbkx+okzwzHI792Mfgb2dPaMnoy7GaiwdBhDcZQBg6wxJ0bV0WcR\n0l4BJ+3IQNgHRbmluWrb6WOmwfjMQoVP8apT4TMrJ2RQVd4sLNjucgqZ71qKlPpT\nVSEsff0EwQintmGU7+9xeTJSqbTCjyGph+S/ZvWPb8yRaw+RfGlV5XpJzuETx/Y1\n=GASC\n-----END PGP MESSAGE-----\n", - "fp": "F1AF20B9511B63F681A14E8D51AEFBCD1DEF68F8" - }, - { - "created_at": "2021-11-03T22:06:44Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdA6KDXI2M9dQVaCTfbixQtx3TWEp3nsJrzX6xUOiVjs30w\n3dvPXRgVODNgkqg+GJQGgkyvrnnNjZU222Y8HpF8HBuFMjAigsUdpI0BoKTwSo82\n0l4BNgxO/SoxxPfekvTcqrTTL71rNjNnsR/aU3wOef2K4MUT4VpPPOsB/aGFAXNf\n/wi7sPXR0zVpafqI8ZdAupKjF+/A8wtkI2hnMi19P+zkZuG5AQ8ymlHGaCsUXWPZ\n=BfQt\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T10:58:16Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAitUzFTAXY988U9StftlD4hFZFBwOtA/cMEjigFuy/GYw\nnVNFcTmvW8hLny9TP3NyCSIq6jv9RI0c70ipvatw0K7P+EDxbGUyGskieoBSUU5w\n0l4BIHzI2C7Q0uOl0y57zwxd+Xc6ZqQbKxIaszZ9hZ0qA3F29hk7pKHGtKfe1Z/q\nX7T2yYcedDzG0hkfuLxCoWEBKt8luAb40vXP4Bas/NUTZfpqP2hNF+TLzqNPEpxe\n=l8qu\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" } ], diff --git a/modules/yggdrasil-wg/hosts/6/surtr.priv b/modules/yggdrasil-wg/hosts/6/surtr.priv index 59000d34..e74eebaa 100644 --- a/modules/yggdrasil-wg/hosts/6/surtr.priv +++ b/modules/yggdrasil-wg/hosts/6/surtr.priv @@ -5,18 +5,18 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1VXF6TURLRXIzeVVreDY0\ncnRCbStjNDlURkJFN1NYcXl0dHRmRy9FQldvClFwRzlmdGhIZitEc0o1c3U1MDRX\nbzB1UWlGOWZuM1dmbTRpZWxNbXpPcWMKLS0tIGh1MUlVcWdCcW5uWWN6R3hBOWpB\nNEFRUnBOSDRKZitoTVFNUVZIUWdlb28KpxpB767bmLAD9uuWWgnwt48uixC3eCTj\nDhoGzo45a4FNnvIBex/NxLe2IpLl1ZSS5ISXmOFUnxsfzUrIFFlLPA==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2021-11-03T22:07:35Z", "mac": "ENC[AES256_GCM,data:ao6Sw1yljXJ5MtiuQx7/8Dajrvn1bs9qivA6z57nAjdYbRPulLMlwq4Aqdp3FGUdw3itIqO2GLGxfdxsNcOmN73+sR3ElLJB0VfD2uPpscR5JAGtc/Z9zTyjp2n+8X2ZcxpRIK4C/v/8kI7ruz0/DDf+UyWXmEYuL2cpnuCp2T0=,iv:RpSJjMtCZPamyQN8BVrqWMc8NWz8Ni+ktTaS7eEQABo=,tag:mr736mcGxje+q20NdPk2gg==,type:str]", "pgp": [ { - "created_at": "2021-11-03T22:07:34Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAocjF7FLoL3ZmU+TYqYNFeuA7YYueJ5lcF73p/+/Hclgw\njBsAZP7kDzZaQ+40cLfHwRFn6N0SoLlOI3P/gcLbC8hpGGsbRIDHQEPYDML1Aodu\n0l4BL1xwtqtVkdfr/YxCZgUeBgjuN9wcCqzKy+VeWNGOpM+l6A7Fnn51ycFLLiCg\nzHzBhYhkpHwU6wE8DAG7w1awvbZTSGpQhruoQu3TVCgdIdpgEdbCRcDptDDoAKS7\n=BezJ\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2021-11-03T22:07:34Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAzqWPGgn4kKXUIsZscibGXyyihcISJDam75X5lZMfVVsw\nht/PSnpV/U0K8N7ABJ4YLSadxrCZ3L3EdoQWovAVIZpDf5slFN4C9RTgHQ4QOl4y\n0l4BoUau5bHJMvNXERmjCSg5dNrF4EsYA6qd1hRlSOj8Vfgl0rwcrvt99GGSXs4l\nqFRb9khKkN/dPrUZEynZl4xo+gyGM5PIwNkre+1SGD9AYTqN91WOFVHiokpsSxId\n=InEY\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T11:01:11Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdALkvn+9skYnaxT0BfqXP+Uy9oNvleKZpq5PzQYNm2BEgw\nPK7jStEfb76FNvyj1ylHl85MUUZ2XXIecjB0z/IeAWL8YT+yeDz3tmouQ7FkhehD\n0l4BfGhKgZuIDLhTz5fBbZYVJ3Kud1vpwwUOLpGZTLpE0QaGS9WNL6rQJMl14sSF\nvG/sX53swmxAltJXZx8NHVYH26hOgRa8q9Du6+n+Fk/LOQG7argkhasqtKsUe2mh\n=g+qu\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" } ], diff --git a/modules/yggdrasil-wg/hosts/6/vidhar.priv b/modules/yggdrasil-wg/hosts/6/vidhar.priv index d2a30501..015fb7fb 100644 --- a/modules/yggdrasil-wg/hosts/6/vidhar.priv +++ b/modules/yggdrasil-wg/hosts/6/vidhar.priv @@ -5,18 +5,18 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age1qffdqvy9arld9zd5a5cylt0n98xhcns5shxhrhwjq5g4qa844ejselaa4l", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPVVBsVG14MnpiZ2dxaU9m\ncXhBa3lCemdMWHNPS2RqRVF6WHJpd3F6T1drCnNjNVlTdnZIb3RHRTkxL2loNzFG\nNXJpMlNydzRxT0N0VWpJQ1I5ekQvSEEKLS0tIG91L2YzTXViNGhDM0VER09kVGcz\nNHYzMnF1cS9Nd0xCNlU3WHlJYmkrNnMKX5KbInIp2zVP8VJ7GmbV9XaUViZzyyye\nc57m/QMfLoazq4+5TylqTELYiwXmgddMaAYOynLP8fskJegVHw8O9A==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2021-11-03T22:08:03Z", "mac": "ENC[AES256_GCM,data:DYVkiZUQgVXacVTab21+RqERTrwbKt4eiHB1pWpoTx9gyJIpNX4zOYOeWzye5u7oEh6Gsd0+LepRt3k5ne0BvkctDrVcElHREaIOh8+Dt/kC6x3RzZbyIG5IhVz1WPePAYXIIAtbYy4Ummp4gOxCsQ7mx1yod/tEEQ8bzNy3nhI=,iv:IpFZrxS5s6cx99DAifT7JDfTb0Kcu02w5ffTv+IPkYs=,tag:OwqBZC63PGbshj0W+JZa5w==,type:str]", "pgp": [ { - "created_at": "2021-11-03T22:08:03Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DbYDvGI0HDr0SAQdAG9h5v/5dQvH2I2F+0hRLWwKbTBeQgq1+OA2v0tEk9hUw\n4vt1Wt56cx4BbkhagNVX35UVS+yrJjJB9d+CDWSJCMegicew6IHqelnCv8Zglrxm\n0l4BI866f5QVEEP4+UVJeKlxqcwwW8xgJTvi1rgmACBhvnwDoq3ImO1S+PEDJx/N\noQodaudvWTCkzAq2ChpITv3KMF8IV9n88ivk7n40jj8siECO19J0GOTAxGsG3Dfv\n=R/DA\n-----END PGP MESSAGE-----\n", - "fp": "A1C7C95E6CAF0A965CB47277BCF50A89C1B1F362" - }, - { - "created_at": "2021-11-03T22:08:03Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdA6n6jG3A5oRo5VrJeXejiFKmEibWZ32O5+m1FrfXMrhUw\nxAIy7qTBKl4jU1zlTFF8up45vzSTZTAvOhG4Nt3hmniJOXZpc6L18HVMLU1ka6CH\n0l4BvQ6n//4okOLO97OhInFijX58u5v5QbNdrcHYte8yctZ5bu9Ssqo0PpJo5MWZ\nX1SLzAdllgHbAdHgrhq/F5o2SN9tAbaxREKDQzV73TLvfIGOPjDRgoFgQHXRhu6N\n=OQrL\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T11:00:33Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAM+eVI1kFPyRhNcySQuM/lxseyeI0oOA0bk/JRNshUzgw\naxqY1yQzaCaqQR+uxZIffqWTfON6V9L+KOPi3G7G75rve1W65XRnWRr14ahUblqj\n0l4BU47uZ3EhBMMQyZwSdxbtup1E58ZPiMskyl3OckSSzIDMGyAtyHl/ldt+t/TS\nXo55zXaamS1evuMnGdxLIzuL72SvaO3TJ9JJFXcRuMdS/RPhx67S6TiM3z3vD4dM\n=6Blm\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" } ], diff --git a/modules/yggdrasil/hosts/sif/private-keys.yaml b/modules/yggdrasil/hosts/sif/private-keys.yaml index 9be82bc1..d48eaba3 100644 --- a/modules/yggdrasil/hosts/sif/private-keys.yaml +++ b/modules/yggdrasil/hosts/sif/private-keys.yaml @@ -5,30 +5,29 @@ sops: gcp_kms: [] azure_kv: [] hc_vault: [] - lastmodified: '2021-01-02T14:46:16Z' + age: + - recipient: age1ure0athvtnaqqw48pe0y3upqdzmkaen9h70yggd9va4hva6avd8qqm6s4d + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBscEJ6K01KUDdNd1lTUSs3 + T3FKcS9ZQ1g1UHRSeDBqbWJkYm40dVVPSVN3CjNIY2JHL2lrcXY4TnB2Ky9tcUZl + emRiMWUrSFgwK0FLUHpKelhvaG1jRzgKLS0tIExaeVV3OTBJVm5WL09hMnV4OHU4 + ZkszeE0vMlo3WUpJNmxkNTl5YW55VEEKA+so8j95RSMcjx6yUrTmrovPBFAXiV75 + FnAME65A9Mry+OyOwFPDhC7lvMY11Gw71H01Mo2vXbR96eCBS7K0og== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2021-01-02T14:46:16Z" mac: ENC[AES256_GCM,data:Phng7z7UlE6nO3FFIQPOHgKCqDm2uOGL57ryJbokjipSSdoWPinpz0zIJv9Z67b9uOf3CQoGtV4YwcudNkzDBKOyD8uA6RYwCKpbYcZIdiy8DLL46+VT/wq9toTkeDXM6jKupzzOARZhHT8DCOLqW7u8Q3S645cbTJmw0+LMIGk=,iv:y4KEh0+bKhtnSobKVdfaPuRsueNC1lcrEbUGfEAn+Bg=,tag:3Oi4e/hSgPVsoFQpnVQj+g==,type:str] pgp: - - created_at: '2021-01-02T14:45:04Z' - enc: | + - created_at: "2023-01-30T10:58:15Z" + enc: | -----BEGIN PGP MESSAGE----- - hF4Dgwm4NZSaLAcSAQdAwWM12Zara3T2xDIX3rhakGxXFyme4LE5QZgE2GjnnWEw - T/vhPfsKFCjA2kAmj41NupjvTPL/nzfd7+MrdHRfC462Jrq+UF1W8A4bUa3OMH5J - 0l4BuFhl93w/VBftvnG8oSBAFCPNDapNADjTVJQStgsZa0/uD93NnCxyQmtuJYsQ - URlH0KMT6Kouaec4qk3SqkAHzaIIAukahBHAPf2C5cvXYw7AAOOBOdRaWycsmZDc - =S4Ig + hF4DXxoViZlp6dISAQdAtt8EY8x8Ue/kqTgv49k+1RhZ3U3MJ9i8UzUmwpaq0mIw + zHXj+7l+QuHHuI1SGraQ7GwWYbOK/BGhY6GgsjKGNPOBe0tVxjqIu9d6l2VnvI4D + 0l4BfCR6ClScDi4Me1+rGaZz5NVLZZKeXKIXmPXWixjk0YXJEtVCfcp5oQHIpd/F + i1JniOvH9lEMjNkM3BuwNlG+5bVVlx2vzOqm/U6nUqMRw/KtyIBMpr3olq3rQjwp + =ZA3T -----END PGP MESSAGE----- - fp: F1AF20B9511B63F681A14E8D51AEFBCD1DEF68F8 - - created_at: '2021-01-02T14:45:04Z' - enc: | - -----BEGIN PGP MESSAGE----- - - hF4DXxoViZlp6dISAQdA7apd+ipJ0lUiuPI5Sq6uj6iOQYFfuNDuzse1JFJMfn4w - McsGPcbMorZV0OVFmg9vuZ0GP9sb7mkm+oRuY9OeMDEifjWGHJ2UN4TvdEcCO1zx - 0l4BvYyzFbShlQjge7+nrzVi2lzEvqsozEW76K3arWb/iYLCRyl0/Vhw5WT4K/UE - fw4cbqz7JrogVLFNeWSRPk3Y+Dg4Pf9rQnw1EJhUEIczYjnfajPhYe5K4M01mOby - =B0n7 - -----END PGP MESSAGE----- - fp: 30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51 + fp: 30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51 unencrypted_suffix: _unencrypted version: 3.6.1 diff --git a/shell.nix b/shell.nix index 5f883cd1..c50c1991 100644 --- a/shell.nix +++ b/shell.nix @@ -1,10 +1,9 @@ -inputs@{ system, self, deploy-rs, nvfetcher, nixpkgs, ... }: +inputs@{ system, self, deploy-rs, nvfetcher, nixpkgs, ca-util, ... }: let pkgs = self.legacyPackages.${system}; utils = import ./utils { inherit (nixpkgs) lib; }; inherit (utils) nixImport; in pkgs.mkShell { - name = "nixos"; nativeBuildInputs = builtins.attrValues self.packages.${system} ++ (with pkgs; [ sops wireguard-tools @@ -14,5 +13,7 @@ in pkgs.mkShell { knot-dns yq nvfetcher.packages.${system}.default + ca-util.packages.${system}.ca ]); + } diff --git a/system-profiles/build-server/clients/sif/private b/system-profiles/build-server/clients/sif/private index 3b39664f..11a4bcbc 100644 --- a/system-profiles/build-server/clients/sif/private +++ b/system-profiles/build-server/clients/sif/private @@ -5,19 +5,19 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age1ure0athvtnaqqw48pe0y3upqdzmkaen9h70yggd9va4hva6avd8qqm6s4d", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1c2cveXlHRC80NitqUHAy\nTGpDZU1POXVqUVZGUENwaXA2UzNRUG5IdWpNCjl2Nnl6S3dqbzA4VGp5OUYzVnBP\nR21tVTRSMHdhUVdHUGZ5MzNVWGMyTGsKLS0tIDR6UW5rTjBqSXZieUpZd3NMSWNl\nWW1xTDRtbWpxQTdDSlVwcnJBUmtlb0kKY3ArjYsxohdmy+fJDY65jgvUea73ECdC\nmro/2A+vpSsFGijCKoHnXL7/gcwBk7mY7tai9sjNdvam1BvrmkdPJQ==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2021-09-27T18:11:41Z", "mac": "ENC[AES256_GCM,data:LeLaxKnUhMpXXlxiZaRw3pKnd8tzcd8I9CwO2SRuzvzo/Bi8cBHq7IrJUmG6PWrTHhwTEI2Ul4DEF4PygRZybjRYUEVLbnKqYGPf4P0nZPhBBH6Ogpdc0o2C1t7A+HIka99A75oXx81k0bEaj6WuqgtPpOA6JhirCyOCJ7xDQE0=,iv:5XNCFDirM1NzS56AVDiJxP+4IuSMComezM+1pD6rayc=,tag:8ECDILhztr3NAVl0RhiwfQ==,type:str]", "pgp": [ { - "created_at": "2021-09-27T18:11:40Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdA9mZ6ZMwa4Y4QmXMM1nMeFT6grP/xRfoObWlejEHcBC0w\noDm5V5YffnpSqTEKE8AzYbMvZqjme5Xwyxy79pqAbiHaThkQr8YN8HhHyRFIrLIq\n0l4BwKFGlxfxbmEcxx0B4NuUhOzs1S/lMvQhqhr38naFht3Bz9G3GhSrJdDiHVDb\nUwxvqv7GFnacRf9LMgIVCsi6485h2jbOZfx+xB3jT3p11eMyPMgEW1Q5Hwq+NM9k\n=DWiW\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T10:58:12Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAAIyaBar/+e4YSSPS9eelsVpjzXf5kBSh1W3EgOZjblAw\nuIKrr4Qds/bgFHSoKZtzC6U8fbMddn6ua+tlguj8m5GCihUF0PgvtMb7tvZO0mGV\n0l4BrRfRDAr7THk5C1JCF2pWOpgyMVZP3X4kBt7Adbtg7HBSP/VVnRqlUUdwGAom\nt5q7Q+jdGrFdhoVczocAwUkypWF3GhGmAxAwAr9WgQWo3ruWBAcqFsbOSFhC5EQE\n=bfnH\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" - }, - { - "created_at": "2021-09-27T18:11:40Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4Dgwm4NZSaLAcSAQdAt2OVBFZSyyqqZtXnwN2h16edqa70UBrhDGhsID6jpnYw\nSuFSqkEZ7uGe38JDfA4fbhYHCMPIwt2E8o35Sr/UbzanKhjWu9+7R2v92zBBzBcG\n0l4BDU29ZKhQ65In2PhURs+5G3/qB9THB5vKAmP43RtS4pphFGH3uKwY1T7JSDuX\nYytSMKKBG4OnKlbMJd4SMRICD7aBuV6VPTmA6B3p+c8m5qcg7Uh1eDN0AxWJKr5o\n=pUaa\n-----END PGP MESSAGE-----\n", - "fp": "F1AF20B9511B63F681A14E8D51AEFBCD1DEF68F8" } ], "unencrypted_suffix": "_unencrypted", diff --git a/system-profiles/core.nix b/system-profiles/core.nix index e6c0e085..4d39d7ea 100644 --- a/system-profiles/core.nix +++ b/system-profiles/core.nix @@ -91,12 +91,12 @@ in { sops = lib.mkIf hasSops { age = { - keyFile = null; + keyFile = "/var/lib/sops-nix/key.txt"; generateKey = false; sshKeyPaths = []; }; gnupg = { - home = "/root/.gnupg"; + home = null; sshKeyPaths = []; }; }; diff --git a/system-profiles/initrd-ssh/host-keys/vidhar-private.yaml b/system-profiles/initrd-ssh/host-keys/vidhar-private.yaml index ea424974..44ff123a 100644 --- a/system-profiles/initrd-ssh/host-keys/vidhar-private.yaml +++ b/system-profiles/initrd-ssh/host-keys/vidhar-private.yaml @@ -5,31 +5,29 @@ sops: gcp_kms: [] azure_kv: [] hc_vault: [] - age: [] + age: + - recipient: age1qffdqvy9arld9zd5a5cylt0n98xhcns5shxhrhwjq5g4qa844ejselaa4l + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwRGR6UlVvdVg4WGZtUjZD + bU5LemdRQUdtZ0diVDdGdkc1TzVqOEtDWUNZCkVQQXIzUlV4c0pPSTZDdFZRRytX + NFNJYXgrU1JmSHJmdnY2bHNEeGFoS1UKLS0tIGZpRDdLUytQbmZkeHlodEE3VWJF + UGdOQmU1elEwM2lXbnRDNWtsTXVsY2cK9yhnGeJDWMPs9ibCpgfN0+NItG1Yy9aV + SyZsDQ7p+rg9n/uVji45ptNUN9vTvJAopyjo7fByRBc0YkYpCF7dlw== + -----END AGE ENCRYPTED FILE----- lastmodified: "2021-08-03T14:47:32Z" mac: ENC[AES256_GCM,data:gWbmGMZ+/Ts7NP9J1q/kjQmJ7V6lJ5xFpjZNJ+aTOmkz7a6sG8SRvNEW/qrpJfCzEFdQJYhOW3X9FhWpb5U6j4gINrgqUGdusQpw0PmIieC5tCPQPlTPHMReK0xaZ3NViMdHJhGdtehGfPqAtA3Bifn2ZZzOrzTOaPN2fH11fZw=,iv:FhKERfmDPmWn5ZKkuHWMc/vINpmJTr0jZ1iCkSgAUEs=,tag:ibe+m8vz6b+a+as5mz4+eA==,type:str] pgp: - - created_at: "2021-08-03T14:47:02Z" + - created_at: "2023-01-30T11:02:30Z" enc: | -----BEGIN PGP MESSAGE----- - hF4DXxoViZlp6dISAQdAFyVws/2vIBK6ohlM93FpgKt6RXI8RPgaJSgHKsSeMB8w - XJqXQ2YGG8X6kHR/SW3A//1hBbLAaT6cRj7PLtkabr/5vgJ1Yk+k2mCFg+fte61o - 0l4Bppl+iqVjECSJlrRp/GtbbyGlSS+pAItDZKAZOnrIYbx27CFfxNDDHv8EAFDP - HoYtgpeVxgRuvIBMHexMiuFExExkddHpHkSDoT1iJOsK+SQEqbxSfZpEJIRLcjb9 - =hvve + hF4DXxoViZlp6dISAQdAsxgiRdcehq5VsZ8SjbHnUW5oSI1k72TvbWFhM05k2Row + K9eYEtHiS9RItCQiJz78EeIbHNVX2Mj31kR8f068hyFPKE0s806uweRyQ4NZmUzl + 0l4B0WbbQSieq7+Y60b0VhRfwEQZ2HDu48b9vSLezX2maK1+Rig7P/B0cfnbENt8 + koOItAU6YRllpNxMI4Amof30K2FELikTmVtTDQI5v3etcAsZoXryq2BczE2oONrG + =/on8 -----END PGP MESSAGE----- fp: 30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51 - - created_at: "2021-08-03T14:47:02Z" - enc: | - -----BEGIN PGP MESSAGE----- - - hF4DbYDvGI0HDr0SAQdAvLR7Ngh3gqQAnmlCeSwKGwWXBNlBZxxliQBOkhhKcSow - V9mWDn01Iue3qHQwGCd7Om/9EqU7SkFrkxzgAIBRJpAmj0eP1zsgiWepawzQ4glb - 0l4ByB+6R+V2SyGI9HcABJiLcTOIjVLgn1QzK0l4K2ewS2K5FSBGNzVKoT+p4J5a - ja6A7vM0u12ddlqkifBsqN7900gI2ZTUz00rDZqis3sJk9J8dyWsAdkscig7Htlg - =hZHL - -----END PGP MESSAGE----- - fp: A1C7C95E6CAF0A965CB47277BCF50A89C1B1F362 unencrypted_suffix: _unencrypted version: 3.7.1 diff --git a/system-profiles/openssh/host-keys/sif.yaml b/system-profiles/openssh/host-keys/sif.yaml index ddef6dd5..bc66c1a2 100644 --- a/system-profiles/openssh/host-keys/sif.yaml +++ b/system-profiles/openssh/host-keys/sif.yaml @@ -5,30 +5,29 @@ sops: gcp_kms: [] azure_kv: [] hc_vault: [] - lastmodified: '2021-01-02T19:05:26Z' + age: + - recipient: age1ure0athvtnaqqw48pe0y3upqdzmkaen9h70yggd9va4hva6avd8qqm6s4d + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBsMzdPNTFsSmJtVzIrV2c3 + aG9HbVo0Y0F2ZkRaclhuTlR1b0prVnVpSDNzCkxweHkwYnVaVnFLQWJkVmw2cExD + VEh2TU9NUzJkRzBlQnpUR09sUkY1RHMKLS0tIDhsWkh3OXRrY3JDaXR5b2ZzWWhN + MWVzNlBTa0xkZDZrMWdsU0lvemVRb0kKbTUwFHMXZqbVdKqBWSa0B81ymVGqS7G3 + ZhchZZpZdQcKMQ/I/rkvJqFstuOuEHYvUWeKz04zL3W2BuMp/TwOXQ== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2021-01-02T19:05:26Z" mac: ENC[AES256_GCM,data:yJGzs0W0R+b6WPkUaQc9cxeTBBEXot0ffUAG77Of88kREFsD5ams9qEDCs8LhPhMtLSH5L8bqMLF28n2w6d9gf41NDBl/oj+XTJE26c4D+MWF2A0fqTvwv1l3524TfavVU8iur0bCbytNfcHSZ3zCQAYElswOGupO+K0Y3hwKKI=,iv:jHSgQV6Jg2Yckp8G0Z23Ny74ZQxZ/+C/neXKrEWUVak=,tag:DhOr2cVhIq8i4JAO+fdXxA==,type:str] pgp: - - created_at: '2021-01-02T19:04:29Z' - enc: | + - created_at: "2023-01-30T10:57:39Z" + enc: | -----BEGIN PGP MESSAGE----- - hF4Dgwm4NZSaLAcSAQdArkswGx9w0Rbfp1N89qALAbPMhboirsnlNvms/FomXiUw - taW9n4oEJ5oW2UYzNNn72SwF1jYbrqczAbxt3dM9PSz1gHFoh+ZJhGokVFJvJ7sO - 0l4BEOkWmL/9uyOiCq574nH6OxxTPu9C4GNU8lv/Z/qJ+oAocJkGknsIJzd8M5ax - Fo/HqAGGfvnH3RI5FO3tTxfAKlfxlO2MJ2lsCypJuez5WewPnaTPjTbogjhzG2aQ - =HXLp + hF4DXxoViZlp6dISAQdANv2DNGghv2Kh8xkNTxD7zLoo9CA0wg3QKJ6MHIFfDyMw + v6VzYeLDETRzJnqbmNrUD4iumJJfLUsbiBdCFNYsuiGgwrzRKLRyFYZ/vU6WGetm + 0l4BK8qWw4Te7oRdHymqckpf9G6elyM+5z7ZDVqcFp8frmKJexP3e95UJU4I0rOj + MM6S/XcDsMVdxDo9hliZ1t6aTiBizqpBCK+YK6SrQ+OuoS5PSpSqfq2w5sLIDGiJ + =cLdo -----END PGP MESSAGE----- - fp: F1AF20B9511B63F681A14E8D51AEFBCD1DEF68F8 - - created_at: '2021-01-02T19:04:29Z' - enc: | - -----BEGIN PGP MESSAGE----- - - hF4DXxoViZlp6dISAQdAUSTwFAciB+Yh2IieFoN/xmQd+GU/g+cuKej6cZk78TUw - ETM8c1TSovML5q9usUX0pl/AbRBwp2In47RMkTn4Mul1XxJuXhgCnrc5swwYrS+h - 0l4BOxJ3bF/yYyKfGrmc/mNe51sdHH+fgQ9IXaQhcopw4kyZqvBXhJF/oP/mhnOL - VMhsfg50ol1XmXVefyo5JPedbzABm3vRZv9U+/zvKNJxIro2hWchd5CxvzN4l/MR - =30r5 - -----END PGP MESSAGE----- - fp: 30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51 + fp: 30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51 unencrypted_suffix: _unencrypted version: 3.6.1 diff --git a/system-profiles/openssh/host-keys/surtr.yaml b/system-profiles/openssh/host-keys/surtr.yaml index d31fda3c..0f52b912 100644 --- a/system-profiles/openssh/host-keys/surtr.yaml +++ b/system-profiles/openssh/host-keys/surtr.yaml @@ -7,31 +7,29 @@ sops: gcp_kms: [] azure_kv: [] hc_vault: [] - age: [] + age: + - recipient: age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtSjcrWU1JMTZ6QW10WHN1 + bE1CSFY0elZJMmFkeHk2RUc4T0NUc3FRNFJRCkYvOER1TkNCVWdnclBTWTFvSFdy + cC9Cb2x3WE9rbXE3T3VmRndGekNoZEEKLS0tIHlpVkltY0sycjFEOHlGTmxaekdw + MEUyS2pPNEVzczREV3B2VUg2MWtaZG8KERalK2XJUSaM869qorBm7HedJyh/K1er + 31FqcarjOFG2TYMqWfxiWwA2bU23+QW2r1u+gld+KBUVblHB230XsQ== + -----END AGE ENCRYPTED FILE----- lastmodified: "2021-05-15T13:05:09Z" mac: ENC[AES256_GCM,data:ATdT6u3dMOgaBVg7cS5tpaA0fyoQdlW/jSzwPjm1mi7j5rNkilIiqIR+C159MrI5eeApkyOpzQP2lIAlANjbO+TlO2YIYd0Ue8pdoEZGQvDyWv3AARLfdlaPzFAGAnBnjihVmKp2kQjfmcSJkASBQM8e89R1PsAKGhH5xS5b0zM=,iv:UyMsuxYWVs/Q9/HTfPtjDNf+tUOHSAqA3klFt7yewYQ=,tag:Vu8xY4NVdw6MvjDWZwiO4A==,type:str] pgp: - - created_at: "2021-05-15T13:03:47Z" + - created_at: "2023-01-30T11:01:54Z" enc: | -----BEGIN PGP MESSAGE----- - hF4DXxoViZlp6dISAQdAr0a9IJdY95UvcmMkCS73pQZVdjqHnVTTcpCXYuqkmiYw - rTIqyEsqpoSrkR57LBNX98ix99H/hvj6x8+dsv+K/nJQ9Jjs921UW2HJ8hPMD44Q - 0l4B2MyG+We3OClbt8BJmDo38/+/k9zSBdW2zbYEr4zhG7SCw0BryrPJwGAW54KT - 1fdnNwzN5jdFRObhkq8I725IaU4d7GYrpVebw29HP2fd0Uf+62iBToraRJNj3sxL - =JRkx + hF4DXxoViZlp6dISAQdAjSdETS6d69a1/oKUI8daYrFlgxUoZFio/da+sNKNXQkw + RmSdXtBEyeAbWVG7kakE175ZebeL6OR75bakr/iwfEzEx+B9mkwgWVcLbTkfPpBg + 0l4Bpd+/q0P/B6S2Uzbr1I3IKWUFQP42nTVyqZu3BK226hLbZo/JItVPZdduKyX1 + c4I991LRc8Z5wSa6yoS8fLem+GTiLlgCyfGHOt2j0WN8ofuhYP0qfLHtiFeF1ys8 + =vUaH -----END PGP MESSAGE----- fp: 30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51 - - created_at: "2021-05-15T13:03:47Z" - enc: | - -----BEGIN PGP MESSAGE----- - - hF4DyFKFNkTVG5oSAQdAINIHQVygfLGVo2gdlKCoojmD5layNM6K/QlQR/CsaTsw - SY+3psZUwnwwe7QRnt2gHSOUgYrG6/nhiCAfxoZBQZ6zm+v0IUdbRKEJhhGJnHfV - 0l4BUMxGLYHapIPjzTUwYQv9rF30zO7pJ3vU+4zkReNOcPzENLGX1uZu/1aULOcO - F33lTLP2B9B7pjvPoetJiuds3jO7JZrN3mFhIf7MTZyg5dMBbDSnUMJ6NIW+ug5F - =SAFL - -----END PGP MESSAGE----- - fp: 7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8 unencrypted_suffix: _unencrypted version: 3.7.1 diff --git a/system-profiles/openssh/host-keys/vidhar.yaml b/system-profiles/openssh/host-keys/vidhar.yaml index 23c43194..c1411bb7 100644 --- a/system-profiles/openssh/host-keys/vidhar.yaml +++ b/system-profiles/openssh/host-keys/vidhar.yaml @@ -5,31 +5,29 @@ sops: gcp_kms: [] azure_kv: [] hc_vault: [] - age: [] + age: + - recipient: age1qffdqvy9arld9zd5a5cylt0n98xhcns5shxhrhwjq5g4qa844ejselaa4l + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNaFFEWHNodTZOMkdTampi + QVpJSWdtUXFBTWZ0OC9MQzlheTNScEJ5WGhzCjQrVit2VjBaUmxGSXJQNzFRc29F + TTNKV2Q4MkJCdXVHYVJERkVmVkIzblkKLS0tIEx2SzZFK3plc2E2Wis3WE5xQjI5 + cXA1aWpKZkFkb1lRckEwdnZUcnloNHMK8UEdVQDvisvcmZQiUqz+IuRfcTIXkKBS + UM8G8/VCmw5Dns2Z5QnpcjYrnGNFKj7THbTtzIdgBT303PlThj8dyA== + -----END AGE ENCRYPTED FILE----- lastmodified: "2021-06-17T18:42:01Z" mac: ENC[AES256_GCM,data:Mqnozqkhcfom0F1lSjZbCJDPXKLqWnRKwHh9tpbhpVYSmSeGk3iHVR+qOkL5/cTCnaWyzsAlJuRm5rmKGuKVqXSXWYSzphZ37c0l8NfPgDKomu5iHyQ6oEJsvSv411zdgHKZximeEwZhVfNf9I3FmTujXK0JiZwDRPoOTwnd7wY=,iv:zjfELB9DmW4vhVg6dbT6vf8SIBLfZod6JAXYkotiiL0=,tag:PkgF5uTST2UkM1ftl8ggmQ==,type:str] pgp: - - created_at: "2021-06-17T18:40:20Z" + - created_at: "2023-01-30T11:00:38Z" enc: | -----BEGIN PGP MESSAGE----- - hF4DXxoViZlp6dISAQdAQwuTgiFIyIrS4Qc9tUIsLuh4RtjuoVRgChVkCs1Svyow - KBGrbWCC5tqnQfCySglrwK7Zz8vg8nsGeDAshQvCf67YDaj+FUrdz68DH0WYRZ9D - 0l4BrmFTOnCPZHY/488E14BBm2lNWYwEimWx4FnEQmoTL+ph/XdTtizgQkQlQLc9 - tXdHGbeVkEACKE0znF4pFrBs3qKmp9EPJQ4aFUkvdJkb7aadnukUUFzO7/WgMuSN - =G8tT + hF4DXxoViZlp6dISAQdAlWuohv2wVcF7jjPke0PDChWc4zsft4kU9v1P6Gq9ZDcw + pAC2BNsjeQr0Pcg/rf5kf/m2dh/+9B6eVf4TkdNtc/PA/6jqryNvBFHI3OG5Hux3 + 0l4BCTURwauath8oQMvnJz9LX9YzZ36NSRH74HzNNu1KM/0BoAWUkAkZL9RLXzsR + ct/0gk/jp+SvdaGUCYIjCPdqNU8I/oAhNs0ANPzJEMjcUEfJJ8nFOObck5j5u2mg + =HSQH -----END PGP MESSAGE----- fp: 30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51 - - created_at: "2021-06-17T18:40:20Z" - enc: | - -----BEGIN PGP MESSAGE----- - - hF4DbYDvGI0HDr0SAQdA9zTLIX+OV+zv8R7SrXOkrV1koa1aYkg+164QngxWpwAw - wyhwHxqISWYeSAmM9xA27vsJ754sXGVVMB5V3FyUlFTWuIVUkUuhq4ijY/PIJle9 - 0l4Bryp2R72fLE9W82DmEE1XWlxSrAJ15HGIjMI1RVop3UDXQfYdlaP9paebLVaY - cnGncYKIs33GzVDXfaMFmPqamvwpwR5yw25KYGnUfBhaIgSQgcpmU3zwua73ICH0 - =bvYm - -----END PGP MESSAGE----- - fp: A1C7C95E6CAF0A965CB47277BCF50A89C1B1F362 unencrypted_suffix: _unencrypted version: 3.7.1 diff --git a/system-profiles/openssh/host-moduli/sif b/system-profiles/openssh/host-moduli/sif index 185611ad..334d23ff 100644 --- a/system-profiles/openssh/host-moduli/sif +++ b/system-profiles/openssh/host-moduli/sif @@ -5,18 +5,18 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age1ure0athvtnaqqw48pe0y3upqdzmkaen9h70yggd9va4hva6avd8qqm6s4d", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBacUpEWGR2Q3pwekRiYllz\nSWlsbG9rWjFCMlRZd2lXNkI5QmNZekFrRUhjCmxDamlwK09EMjFoaC9IR0hTZnFN\nOXJpYkg5clVvVDBabGQvSzhTRHZ2Z0kKLS0tIDYyTXJIRUV5TTdnbllTTUVhemV6\nVFlxaXBZUTYyNlUwRk9YWlA3NDZRakUKYHKZf7bYI4xm2plyI4QFGzMJMnQ1Nipu\nbR6jbSnHJTaYCJLUZTa0lVcrHBdbHK5gjV0tWOjAkG7z/PUXc8oInA==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2021-12-15T15:25:47Z", "mac": "ENC[AES256_GCM,data:21q8E/Ngod7Yp2eqtJXlXuYnxfDiWI4xvNGGX1kqVwj+4/7xUOHh9ieCBNrbJsF5q4HEHom9XIrMJBbDzqcNq0vlyw/KdYKP68bKUEQsaQh38tRgYpAnpRdXCOtzsfP8mTX2uIZasHM16HHLNkEo6K/poGxUMUdf1xrBnhOIwes=,iv:vFfGnkEkn6+UiFni1wGQexdB6I2VXmt7ZgMkXT1mDU4=,tag:f3f9PY8mF+CG2KnOL60n0g==,type:str]", "pgp": [ { - "created_at": "2021-12-15T15:25:47Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4Dgwm4NZSaLAcSAQdAW6DaLuD3PBHWOi/FhLypLG8ztlLA7iEM9dHpaCWZQ1Uw\ncQWK+bwQ5OqJmdpwWy7h00Qg7H54s1wFEhfd5ahelvh9cGJhPPTQ/7N2M9T4RmiH\n0l4BAzeYWqGMZZMIm3x7Z2iWYPyUhDauWyfI7M4Q6sRL0rIZbM5uoVPfKSJI5xQO\nUdfxo9HYaD5WqTwzv/nvJppLcEKiXmxBI8BCdOsj0brwZqxddsj/0LxbPZZX6qm4\n=KIzd\n-----END PGP MESSAGE-----\n", - "fp": "F1AF20B9511B63F681A14E8D51AEFBCD1DEF68F8" - }, - { - "created_at": "2021-12-15T15:25:47Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdA/UzNxEltkfAAR1sGy7xW8A2VFlpzmenYaO0yBLOtUScw\nlebIwkrypFVgFFoF9IKWP/2BF0iK9IWoEvmOMvNNvXqA25m7NGFc4T1JIPbGQxCn\n0l4Bi/jbkWH1ONXVUvRqluHT9mrLRsSmxOZRRQgoaeagziD0Lk4lbGumY18/vdEb\nzH1U6a1ut8NdfpfTPsRRQvkcKVP5WskTQaC9dV+pHe8ilAJofM7JHDamZLgFIs1H\n=SIt/\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T10:58:08Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdA6BH/4ATbobDju0iNWQyZrkXSAiXzj5JI+5rHFWCoJGkw\nmTl6Z+ztLz6lq/07WTDcmbwaxe9G9bvgiAy5/DBzLdBhBFpYb9CYK5zg4l5hBchA\n0l4B1gS8DB8WLlCwDECr9TwEvF/GE9IPU/tXL4/Gw8ELsiXFFfJbpQo67AfJFZyq\nBbzlLi22Wiqrs1TycFPDMBEb7s1uD5hRYgNxgrBiZN7HGI9AWAx0FIMIWnMddxBv\n=FTc3\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" } ], diff --git a/system-profiles/openssh/host-moduli/surtr b/system-profiles/openssh/host-moduli/surtr index add17d92..354835d6 100644 --- a/system-profiles/openssh/host-moduli/surtr +++ b/system-profiles/openssh/host-moduli/surtr @@ -5,18 +5,18 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGdUJjR2dONzRFaUtuR2hj\nSndzVzcwZlo4bkRYc1p2UjZubW56MG1wSFdVCjJVdmVGYW5yc1JFSDFoMXlvSCtD\nbHBwRlg3eHFtYU9YK0Nyd29jL1p3azAKLS0tIHFHQ0pxQlYycFdUbWhSTUVmKy9a\naGJXZU4wb2ViZDVIU0NYTlV6eWF6MEEK7OP2gCsPOQ+5URsVfmyXn2RVW+/Lp2ze\nDfqeVo4M34NdYbe9mDVR1dCJYaan0EKemXDlY8F1T2HPS8feIvNoZg==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2021-12-15T15:25:43Z", "mac": "ENC[AES256_GCM,data:YMeb6szcGvurFuuvlb8L8AKQHH64r6a3mY/KQdjSf2vkdQDDGC6EzsH19Ct7QAmJaMRPS8zL4cTSF8TMrKqEfvkOl0QDuyUZmu9rKVJsZKdgxe525BbJ9v/FwmCA3vu8HQvWG3tX8GQrWMzPzGWhLFBqzAKl1OENfuF6xsCxznE=,iv:h8ARohKVaSZ1uejsRW2o1b90W8Z812UVIdfC9FCRRWA=,tag:FmMNB/eSVYJuamezhH0MLg==,type:str]", "pgp": [ { - "created_at": "2021-12-15T15:25:43Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdAX8kv17uqd4B748RbahV3p8ACfHYJNcbISk+ixdujmW0w\nlNVl6ApjAuL/NetnRAKEFDYOO5SkFvF7Xg6pLtDeb0Muj5U9L9QJthaYcflKP63t\n0lwBQvZiNLHGLIOVDy2/2f/vHOxHoxnCb6F9Kxwbvkn/UOSYvzPgYRGnIoloEjG8\niA4gVX3gp+/Qa2EZOpnGRLLawrNyQEWh2xj1uNQigDC72YZq4MFetMaMVoMhcQ==\n=rDe4\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" - }, - { - "created_at": "2021-12-15T15:25:43Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdANEPf+2mPvxZFAflTwftmQ4xOnfwxtjZORevRbzaT+yQw\n1K/u+AiK/3FmBcyFL+eQlaVDSxMk+CkeAqOC/4Mt/yGhnkUmj67/gqexKu7VIHVI\n0lwBK2KxGTtR3qmFLDVfEVBBd3OP38t40oV9izR8iFNuT7JDp/6QcZ/mczamLRdf\nJst018V/2xJ91tP0ROswFKLkAnLcrg925G2ug0qe9ImQxYcW9qf6VRQNYAGIJA==\n=Mezc\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T11:01:11Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAzwTfDBoUHh6BK9+gIAZ9y2g2nnc/KnqafmI8NX1L31Yw\noU45Ov8YXFOU1fvxXZhgABOCwol3i9qUqVIo1Y2bihy46pmxle0tZhABsYki2ZaD\n0lwBQ0SrmGJp21FiV6iT7BhM23NrqrEEoIjSQh4eOaYwiAY9h9D7EM9vm+vhqZDr\npTE4pgV8JVGFYrc3caZQz+bZS0bV1/k8D3OKRVbsBUzt+G6XYP4U1MvRgmJeLA==\n=r38R\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" } ], diff --git a/system-profiles/openssh/host-moduli/vidhar b/system-profiles/openssh/host-moduli/vidhar index 1a14d907..9fc11fda 100644 --- a/system-profiles/openssh/host-moduli/vidhar +++ b/system-profiles/openssh/host-moduli/vidhar @@ -5,18 +5,18 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age1qffdqvy9arld9zd5a5cylt0n98xhcns5shxhrhwjq5g4qa844ejselaa4l", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwdG8wVDREaHY1b1FIdUFR\nTnZXSWRVZkp1S1UyNHdCeEJuZzY2M0dET0RBCjhPOW9KWjJkU0RUUG9HZyttR2p5\nNkVMOXZtdFhWamdaRFpwLy82U1BwOXMKLS0tIGtrWXlOWVhPK3VmZ1VuZkVENHM4\nS0VyMC9nU3RxbjlWV1UvVGZQcFduVE0KkVGPZsy6lgvkDRf72D5nTdeJDqn1X2hf\nXXkMELfSavUPWbCytAQ8nLQ2fGpOfFQud3OSbNSVOSInimWutcCe3Q==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2021-12-15T15:25:22Z", "mac": "ENC[AES256_GCM,data:TGN7cJWHvZqLSN9LsrzdtkajrFMVI82s4F052ujz6q2aU8R9SR0+kw/tOV8Pe3SyQ62RSDykxjI/ONaaJXtPx5U0QcIH/v1SLliox3q/RfludXdz1DBLiKxG+8DMPgT/vfIweAk3409qgfbiE6EIBw+WaBJY3LbAFDsUUaulwno=,iv:lcie69ZCGKTykv41ZKfcqytt4T9BDIGPlDA2cqtbQiw=,tag:lDnq5X9G8deScusDcat3ew==,type:str]", "pgp": [ { - "created_at": "2021-12-15T15:25:22Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DbYDvGI0HDr0SAQdAOMM5qr8oIMrwC9XnI81qXanL+mNES3BUtSEQja2rIxkw\nUcPUQwHVfdLxORsWvBST5rxAl80Zd7OtEIwW/8jv+rWrPin3p/QyE74QjbteGP1N\n0lwB/jfcWF/gQ6JNl8npLzJjhAsKcF48F73LZNIdgPN0y18Bsw769AvHfnnoEv8S\n7QkOGvsxcxMGbOF3MC6KQS4/v9HB5WYxYYTv64ghv4fiLlsY4pWC++YKhRU0ig==\n=mXew\n-----END PGP MESSAGE-----\n", - "fp": "A1C7C95E6CAF0A965CB47277BCF50A89C1B1F362" - }, - { - "created_at": "2021-12-15T15:25:22Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAS1MGd9uGu4TkT4lhQGD7+xIJc/aIDnJ2BTpugL41NGow\nuwl7T9uPfzD9Z4VR8kkHLey9aTHIsEloeKwc3RSZllSI0MPLMxOT1m5f4NDKikoe\n0lwB0BQEjwS4TDzzlAKHZOjEXLH8nnjCwLMvphgcZv577NQb1PK5DxJYwOY6IPA3\nsVw2WqO6yejjn2aKh8ysCd5PFpT27W/7YCotleS74rZ+4njMtro0nFEetoq8SQ==\n=U6E0\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T10:58:44Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAlMB0ggiMSddBEhLfCGK3gOlVH4aRkbGeE33oFLHUYE8w\nxCPwrLtRWk5RY07DNgY5YqPm7zQbLl92XMrPoQCH6wT3cLioTp5xnqZYeg8hcEKp\n0l4BwhTdbPpaxOPsM/yL+to5/azduvt4Kkoa98biYsaHKBBP7ftargoRqpfZpAtH\nz6lntvvN6dZxzQZPJOxhtyBWSJrD07RwOAnH8mISQeGZ3TtI/H0XX2TMUtk9WUIW\n=ugnu\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" } ], diff --git a/system-profiles/rebuild-machines/ssh/sif/private b/system-profiles/rebuild-machines/ssh/sif/private index ffac520a..47c6f5e3 100644 --- a/system-profiles/rebuild-machines/ssh/sif/private +++ b/system-profiles/rebuild-machines/ssh/sif/private @@ -5,19 +5,19 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age1ure0athvtnaqqw48pe0y3upqdzmkaen9h70yggd9va4hva6avd8qqm6s4d", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKeElJa2JFRHoxcy8zL24x\nYVdkRUVmb25ZYXBmaCtOZG52MzYybFcxUkNFCmJlU0swY0tTSFlPRnQyaTVjTDFW\ndTF1RE5wRDFXNDdOWnJWSWtOY3haYjQKLS0tIDZwU2xiSUttTHNGclN6YitiUmtE\na2hBTzJSWVJoYnhiUWpURVZQQ2ZFeU0KzftYJbiS284NdmxHpFSiqiZSem4qhAOU\nhdZKbLhtiuoZbTfDqcgyfjh8CZ+TULRGIFD5Jl7N18MXhGql+BY0qQ==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2021-06-06T15:05:54Z", "mac": "ENC[AES256_GCM,data:Cf8WbqV4bqkg+W84hRSjMsrqzV7QZqAJeU/DrlN94NRaLDbayXK/kbxz9gMWY6Eyv3D70ulc75EBojZF1SXfk/WpDHpVJ4DEizb28oIfE4x88MmQ7ZJuskqXQaFa4MohJVQ/7ukr9bTjNMm7RFtq+yNKkIy6mj2YBk6BYsPgwic=,iv:kq+FpwQEWJo18QEEqG1uZ3uJ1MpklqN7Oaj0fPw8/0k=,tag:FYHLHjzeD+28KHD7x5JwGA==,type:str]", "pgp": [ { - "created_at": "2021-06-06T15:05:54Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAO0QzeTgAkvdr+w43Yk9a0X1AmwQd1b1CFPNbINQbvSww\noa85a30JfMy9r2LRfTd9S8sd7rAfOaRCaPrJVWHQBXd0s36Ux8gSktcAM+PzYBCE\n0l4BkVI6bLaO756h5ru+gANRuqMRKgpV8PB3PMmIlhinUAZFsmNJb1T1O13JkMsM\nMuygJ8cg8LukjEeXM7jnWO52cX1NcoquhJK7f0eVvFMNW3Iexf9pI0XC0iSYW69B\n=lQQZ\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T10:58:10Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAoV2p3twYsmVqs8zC/TxZzLuuPS3ElbJA+rIZdrZj5mUw\nc0Kzc9WxaJidh/1lx5FN3wNC7qe+jAhpOVmgrWt9oMVoFXutXGSXu+aFi2jk3AM4\n0l4Bz1nkRfku/MLer7zbJPFe+FrIiOxZOvakES7SnAci6nWUn/yaUNJl6R18tbLA\nJ71CF5TzpQaRYeR3a3EfAgQaZiTX8KJrlUSnCl9eNphgQVbgB05eRI74O40tQb7k\n=X6e2\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" - }, - { - "created_at": "2021-06-06T15:05:54Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4Dgwm4NZSaLAcSAQdANW63iv/Mn2irKYdSZxX7iwIPyDGmGDUDUnbWEgel/jcw\nLILXuiWOkgfG2G4tvqdM4AHkYoKEA1mAfH9ybFJMhiS12WI60or6Z8e0cd23mteo\n0l4BU7FiVt9p8/96qJlVuGUS3GRlhnczFN9GIBaj9BkzuifFbC+S4iphvO6u59m1\nGodFjFZ5ayfvgSRLb93DN7cGUfhcZ80oQHSiuJxFC7I0xnTcg/LKxYvX49yHE6/I\n=63VB\n-----END PGP MESSAGE-----\n", - "fp": "F1AF20B9511B63F681A14E8D51AEFBCD1DEF68F8" } ], "unencrypted_suffix": "_unencrypted", diff --git a/system-profiles/rebuild-machines/ssh/surtr/private b/system-profiles/rebuild-machines/ssh/surtr/private index 40651674..2eacb9ca 100644 --- a/system-profiles/rebuild-machines/ssh/surtr/private +++ b/system-profiles/rebuild-machines/ssh/surtr/private @@ -5,19 +5,19 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDdGlIZTNtS2pZZ1NSc1lo\ndnFnbEI4WExWK3VtV3dPNnAwQUc0eHViSWdjCmo5Q29EeXhaRnZiWTVXUFhsaHda\nTmhjUGdXTTAzYVdUeEhHZllsbEdPbncKLS0tIEdLMVlxS1RpTER5WFlBdmliVG13\nelBrRUR5b3pxYWErWE8xcmVtOEVqQ2cKS/ypNZ76XCoN1v3x9ls34MHVk0J81QZ1\nFRwUzfbdDls382UpMqf67BqMqnG2O0+4VlNT/ciTN0x5pf8JXEHxfQ==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2021-05-15T17:58:53Z", "mac": "ENC[AES256_GCM,data:N/CM/+4b02tRBFqFioX/FRPPj4bG3QGltIg7KZk7BYrl+5rJ/6QKL1g+CqsLTteRAbHiluBNFMT/dUBSmiQ+So95sUTc+rICRNKmxCX5GFxw3Kr5/y4r9W/sw/NOSXQD4+dctkhKmzg9NFR+T4pLM8W4KErtV384Wy3ccAW/g8g=,iv:Rr4rDloQRRsLTErUNbB1OIKbi5qyh2gU1y55sU7ecTY=,tag:sYHPOKcAWNfjz26X+w4r3g==,type:str]", "pgp": [ { - "created_at": "2021-05-15T17:58:52Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAJOYE8FC5GREn7xoQfuSMvow0GwajGfi4bw+FEydrDhAw\n+F8ryseAyQPgVouzlO2aItBy20dYYNs6zkcfnuZemDdBSpQQmahtXBs5Dt3wGhvg\n0l4BPJeJ3cpuLDQMFnNfTOLJRdoR0kvxVHJBBYJ+Jn4ArPrpiMReJvyLl7i83wDb\nsb+WCcu83IFLM/oInb22cto3shATTLgr30hq65+RwAXlGBNmoAT0HH9MDsgq+VQw\n=nsV9\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T11:01:28Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdA40dzVUKC/3L8oY/Kz6rz1jLeyMEWoVwf5GdRIuWmITkw\neZgjGQ2x3QDigyri7XOzQE3lTAyQbSAPKnzn1KqLPNqskA7tpKVnQz5l2N83BA9z\n0l4BTaEWMVlENuvkfNuEUB9ZVBKmy3Dogq+1OnlGGmsdq8Dtp3Go8lhXvlUrrwEW\nDwKCaPBUtUFqv5U57pNCvDuDp66jTue+xzHI7G/hJHGXOuGVGKspqWtVQm21XSGA\n=+l8H\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" - }, - { - "created_at": "2021-05-15T17:58:52Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DyFKFNkTVG5oSAQdA12ftTan1dZSX50t5H1/LdTse+nhePZS6RxqV7WcRi04w\nyiqJt+C6AFBZl4esCqHQjpPnmkb5pvI2/P9e8bvK8uszIF35KC+r55LAaB2RXkr2\n0l4BX0fPwE6XNtiBn2hQo7KYnci6s25itij+uppRyu6Cnc3Hi4Emro4MFBBJlot8\no773ulk8jmOeR2k9fLDSMQ0EO+3zZbm7zz/fK46SyFzBIAPvCx0fEpXi0ZdLES2k\n=rULf\n-----END PGP MESSAGE-----\n", - "fp": "7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8" } ], "unencrypted_suffix": "_unencrypted", diff --git a/system-profiles/rebuild-machines/ssh/vidhar/private b/system-profiles/rebuild-machines/ssh/vidhar/private index b45a1172..10de68e6 100644 --- a/system-profiles/rebuild-machines/ssh/vidhar/private +++ b/system-profiles/rebuild-machines/ssh/vidhar/private @@ -5,19 +5,19 @@ "gcp_kms": null, "azure_kv": null, "hc_vault": null, - "age": null, + "age": [ + { + "recipient": "age1qffdqvy9arld9zd5a5cylt0n98xhcns5shxhrhwjq5g4qa844ejselaa4l", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhNi80YWo3UDdtRGFFZ1hw\nYTR0VTdaUzRsVzFtdGNSTDlTcG5oMk5pbFFnCm5UamRLb2RlVmhnVnJMbmRKNHRv\nWlMzZE15WTh1L3cyTVJEaitWMVB0MlEKLS0tIFA2dlRoK0dFY3Y3VkJLWmlGTWdY\nU0cyeUhSOUFPcDFUcklINlZVTk5BZlkKfbwlfqSqH3ilgIVNZOFDve7fK49kIT6C\naBi4iloIv7RXOyMhVDZVJDjNHzmYxWEnvboQ6KoQQ6b7z6Wk+JWeVA==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], "lastmodified": "2021-06-17T18:39:16Z", "mac": "ENC[AES256_GCM,data:6E11CWkKpVxoPDw8jpg7Q1Jp+oIAS4W5PVTqzFJXeOOz2ZstVTlyhWdSRFJ/Xd09NuIRak+vAcOcU/t7v2d/mvNlogjCPdQE3ypRtm1HbawZUXwGgml9PRt0iMwS6MchMLWpze+eVu1j/hHvtAuqgRydMTCbT+T+qJOpax9olws=,iv:5VxHFHEFuTWYbKbwNIJAMYDDBoKkHOYLbe+l8amizhU=,tag:T7NBal0l4Nw8Pxm64CPDaA==,type:str]", "pgp": [ { - "created_at": "2021-06-17T18:39:10Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAuCBzgHL7hYw9643MOm4Y3Zunz2N3cKg5c/RoPzm+D10w\neaMjK+pjFEUrGgptKyNEDRwaWnhtqXfHOvF/FCTKzr0yC2TRR1GRAEcz6vSJhL9f\n0l4BsshxfcB/ZUB5jE2F8No/MbD/beSKvUwgXlEMz8blOBbGUqkpp5zwjt91GXml\n2Fwrxzi5j3T2DgI8wH6XGpN9lNfFNk/JudFm0Y0yaXA4dFou1T+4hKWTb1mfTcTd\n=phfT\n-----END PGP MESSAGE-----\n", + "created_at": "2023-01-30T10:58:53Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DXxoViZlp6dISAQdAriP7hopf6z9zKWgURzDv1Bj4wR05udp4oX85/O64+xww\nrEs5BuLN1hB3nAb+biMUJUg7xlEvjXpWv0I/JxjRIJmVmnVAGiB90RejqFSoUYcU\n0l4BldpmYxeihoqFxE8awR8uKuKiGImJcPlECnHn5lIceF9CkCSndamt2CzSqZUS\nHhsIDG5kXSM+x1RIRj+S+fgeNCpnRGmZHKznucfYviuyjS9KmTghJCZWSnH6CNO2\n=tJda\n-----END PGP MESSAGE-----\n", "fp": "30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51" - }, - { - "created_at": "2021-06-17T18:39:10Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhF4DbYDvGI0HDr0SAQdAwkrIrbqgFCr75iDMH94Jv7rmJ87i6YUF+DUHOU6zF0Qw\nHXDlYeeEagxRch/WEkWiRM/g+5oZFLHDPIL86MenyTt0HbACekRNIqHxA6Q5uZLK\n0l4BzVzVxjusQolYvvWiwWxMmqVc19nrEqNHYDmxKAZqNiLUGBDO2KHNNA+6MAAP\nxAqmhmdWD/Kk7/X9WqOSiLvL6bsvHXOdmtnoqiXiuRDfPCJMZ3rma15WXjEe6EXq\n=3pEu\n-----END PGP MESSAGE-----\n", - "fp": "A1C7C95E6CAF0A965CB47277BCF50A89C1B1F362" } ], "unencrypted_suffix": "_unencrypted", diff --git a/tools/.keep b/tools/.keep new file mode 100644 index 00000000..e69de29b diff --git a/tools/ca/ca/__main__.py b/tools/ca/ca/__main__.py deleted file mode 100644 index bfaee63a..00000000 --- a/tools/ca/ca/__main__.py +++ /dev/null @@ -1,667 +0,0 @@ -import sys, os - -import logging -import argparse - -from inspect import signature - -from enum import Enum, auto -from contextlib import contextmanager - -from cryptography import __version__ as cryptography_version -from cryptography.hazmat.backends import openssl -from cryptography import x509 -from cryptography.x509.oid import NameOID, ExtendedKeyUsageOID, ExtensionOID -from cryptography.x509.extensions import ExtensionNotFound -from cryptography.hazmat.primitives import serialization, hashes -from cryptography.hazmat.primitives.serialization import PrivateFormat, pkcs12 -from cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PrivateKey -from cryptography.hazmat.primitives.asymmetric.ed448 import Ed448PrivateKey -from cryptography.hazmat.primitives.asymmetric.rsa import RSAPrivateKey -from cryptography.hazmat.primitives.asymmetric import rsa -from pathlib import Path -from atomicwrites import atomic_write -from fqdn import FQDN -from datetime import datetime, timedelta, timezone -from math import ceil, ldexp -import re -from getpass import getpass -from itertools import count -from tempfile import TemporaryFile, mkstemp -import subprocess -import json -from leapseconddata import LeapSecondData -from collections.abc import Iterable -import ipaddress - - -class KeyType(Enum): - ED448 = 'ed448' - ED25519 = 'ed25519' - RSA4096 = 'rsa4096' - RSA2048 = 'rsa2048' - - def generate(self): - match self: - case KeyType.ED448: - return Ed448PrivateKey.generate() - case KeyType.ED25519: - return Ed25519PrivateKey.generate() - case KeyType.RSA4096: - return rsa.generate_private_key( - public_exponent = 65537, - key_size = 4096, - ) - case KeyType.RSA2048: - return rsa.generate_private_key( - public_exponent = 65537, - key_size = 2048, - ) - - def aligned(self, key): - match self: - case KeyType.ED448: - return isinstance(key, Ed448PrivateKey) - case KeyType.ED25519: - return isinstance(key, Ed25519PrivateKey) - case KeyType.RSA4096: - return isinstance(key, RSAPrivateKey) and key.key_size == 4096 - case KeyType.RSA2048: - return isinstance(key, RSAPrivateKey) and key.key_size == 2048 - - def __str__(self): - return self.value - - @classmethod - def from_string(cls, s): - try: - return cls(s) - except KeyError: - raise ValueError() - -class SupportedKeyUsage(Enum): - SERVER_AUTH = 'server' - CLIENT_AUTH = 'client' - - @property - def oid(self): - match self: - case SupportedKeyUsage.SERVER_AUTH: - return ExtendedKeyUsageOID.SERVER_AUTH - case SupportedKeyUsage.CLIENT_AUTH: - return ExtendedKeyUsageOID.CLIENT_AUTH - - def __str__(self): - return self.value - - @classmethod - def from_string(cls, s): - try: - return cls(s) - except KeyError: - raise ValueError() - -class ValidFQDN(FQDN): - def __init__(self, *args, **kwds): - super().__init__(*args, **kwds) - - if not self.is_valid: - raise ValueError(f'‘{self}’ is not valid') - -def duration(inp_str): - delta = timedelta() - - item_re = re.compile(r'\W*(?P\d+)\W*(?P(?i:d|h|m(?!s)|s|ms|µs))') - - match = item_re.match(inp_str) - while match: - val = int(match.group('value')) - unit = match.group('unit').lower() - - if unit == 'd': - delta += timedelta(days=val) - elif unit == 'h': - delta += timedelta(hours=val) - elif unit == 'm': - delta += timedelta(minutes=val) - elif unit == 's': - delta += timedelta(seconds=val) - elif unit == 'ms': - delta += timedelta(milliseconds=val) - elif unit == 'µs' or unit == 'us': - delta += timedelta(microseconds=val) - else: - raise ValueError(f'Unknown time unit ‘{unit:s}’') - - inp_str = inp_str[match.end():] - match = item_re.match(inp_str) - else: - if re.match('\w', inp_str): - raise ValueError(f'Parsing of duration resulted in leftovers: ‘{inp_str:s}’') - - return delta - -@contextmanager -def umask(desired_umask): - """ A little helper to safely set and restore umask(2). """ - try: - prev_umask = os.umask(0) - os.umask(prev_umask | desired_umask) - yield - finally: - os.umask(prev_umask) - -class BooleanAction(argparse.Action): - def __init__(self, option_strings, dest, nargs=None, **kwargs): - super(BooleanAction, self).__init__(option_strings, dest, nargs=0, **kwargs) - - def __call__(self, parser, namespace, values, option_string=None): - setattr(namespace, self.dest, False if option_string.startswith('--no') else True) - -class ExtendAction(argparse.Action): - def __init__(self, *args, **kwargs): - super().__init__(*args, **kwargs) - self.reset_dest = False - def __call__(self, parser, namespace, values, option_string=None): - if not self.reset_dest: - setattr(namespace, self.dest, []) - self.reset_dest = True - if isinstance(values, Iterable): - getattr(namespace, self.dest).extend(values) - else: - getattr(namespace, self.dest).append(values) - - -def load_key(keyfile, prompt='CA private key password: '): - key = None - with open(keyfile, 'rb') as f: - is_sops = False - try: - sops_json = json.load(f) - is_sops = 'sops' in sops_json - except json.JSONDecodeError: - pass - - f.seek(0) - - if not is_sops: - try: - key = serialization.load_pem_private_key(f.read(), password=None) - except TypeError: - pw = getpass(prompt=prompt) - key = serialization.load_pem_private_key(f.read(), password=bytes(pw, sys.stdin.encoding)) - else: - cmd = ['sops', '-d', f'/dev/fd/{f.fileno()}'] - with subprocess.Popen(cmd, stdout=subprocess.PIPE, pass_fds=(f.fileno(),)) as proc: - key = serialization.load_pem_private_key(proc.stdout.read(), password=None) - ret = proc.wait() - if ret != 0: - raise subprocess.CalledProcessErrror(ret, cmd) - - return key - -def mv_bak(path): - global logger - - bak_path = path.parent / f'{path.name}.bak' - for n in count(2): - if not bak_path.exists(): - break - bak_path = path.parent / f'{path.name}.bak{n}' - - try: - path.rename(bak_path) - except FileNotFoundError: - pass - else: - logger.warn('Renamed ‘%s’ to ‘%s’...', path, bak_path) - -def tai64nint(dt): - global leapsecond_data - - have_data = False - try: - have_data = bool(leapsecond_data) - except NameError: - pass - - if not have_data: - leapsecond_data = LeapSecondData.from_file(Path(os.getenv('LEAPSECONDS_FILE'))) - - tai_dt = leapsecond_data.to_tai(dt) - seconds = int(tai_dt.timestamp()) - nanoseconds = int((tai_dt.timestamp() - seconds) / 1e-9) - seconds += int(ldexp(1, 62)) - return seconds << 32 | nanoseconds - -def write_genkey(key_type, sops, keyfile): - if keyfile.exists(): - raise ValueError(f'Keyfile exists: {keyfile}') - - key = None - - def genkey(fh): - nonlocal key, key_type - - logger.debug('Generating new privkey...') - key = key_type.generate() - priv_bytes = key.private_bytes(encoding=serialization.Encoding.PEM, format=serialization.PrivateFormat.PKCS8, encryption_algorithm=serialization.NoEncryption()) - fh.write(priv_bytes) - - if not sops: - with umask(0o0177), atomic_write(keyfile, overwrite=False, mode='wb') as fh: - logger.info('Writing new privkey to ‘%s’...', keyfile) - genkey(fh) - logger.debug('Adjusting permissions for ‘%s’...', keyfile) - os.chmod(keyfile, 0o0400) - else: - with TemporaryFile(mode='wb') as tf: - genkey(tf) - tf.seek(0) - - with umask(0o0177), atomic_write(keyfile, overwrite=False, mode='wb') as fh: - logger.info('Encrypting new privkey to ‘%s’...', keyfile) - subprocess.run(['sops', '-e', f'/dev/fd/{tf.fileno()}'], stdout=fh, pass_fds=(tf.fileno(),), check=True) - logger.debug('Adjusting permissions for ‘%s’...', keyfile) - os.chmod(keyfile, 0o0400) - - return key - -def to_dn(alternative_names): - def go(alternative_name): - dn = None - try: - dn = x509.Name.from_rfc4514_string(alternative_name) - except ValueError: - pass - - if dn: - logger.info('‘%s’ interpreted as directory name: %s', alternative_name, dn) - return x509.DirectoryName(dn) - - addr = None - try: - addr = ipaddress.IPv4Network(alternative_name) - except (ipaddress.AddressValueError, ipaddress.NetmaskValueError, ValueError): - pass - try: - addr = ipaddress.IPv4Address(alternative_name) - except ipaddress.AddressValueError: - pass - try: - addr = ipaddress.IPv6Network(alternative_name) - except (ipaddress.AddressValueError, ipaddress.NetmaskValueError, ValueError): - pass - try: - addr = ipaddress.IPv6Address(alternative_name) - except ipaddress.AddressValueError: - pass - - if addr: - logger.info('‘%s’ interpreted as ip address/subnet: %s', alternative_name, addr) - return x509.IPAddress(addr) - - return x509.DNSName(alternative_name) - - return map(go, alternative_names) - -def initca(ca_cert, ca_key, key_type, subject, clock_skew, validity, sops): - global logger - - key = None - try: - key = load_key(ca_key) - logger.info('Successfully loaded privkey from ‘%s’', ca_key) - - if not key_type.aligned(key): - logger.warn('Private key ‘%s’ does not align with requested type %s', ca_key, key_type) - - mv_bak(ca_key) - mv_bak(ca_cert) - - raise FileNotFoundError(f'Key does not align with requested type: {ca_key}') - except FileNotFoundError: - key = write_genkey(key_type, sops, ca_key) - - cert = None - try: - with open(ca_cert, 'rb') as fh: - cert = x509.load_pem_x509_certificate(fh.read()) - logger.info('Successfully loaded certificate from ‘%s’', ca_cert) - except FileNotFoundError: - logger.debug('Generating new certificate...') - - now = datetime.utcnow() - name = None - try: - name = x509.Name.from_rfc4514_string(subject) - logger.info('‘%s’ interpreted as directory name: %s', subject, name) - except ValueError: - name = x509.Name([ - x509.NameAttribute(NameOID.COMMON_NAME, subject) - ]) - - cert = x509.CertificateBuilder().subject_name( - name - ).public_key( - key.public_key() - ).serial_number( - x509.random_serial_number() - ).not_valid_before( - now - clock_skew - ).not_valid_after( - now + validity - ).issuer_name( - name - ).add_extension( - x509.AuthorityKeyIdentifier.from_issuer_public_key(key.public_key()), - False - ).add_extension( - x509.SubjectKeyIdentifier.from_public_key(key.public_key()), - False - ).add_extension( - x509.KeyUsage(digital_signature=True, content_commitment=False, key_encipherment=False, data_encipherment=False, key_agreement=False, key_cert_sign=True, crl_sign=True, encipher_only=False, decipher_only=False), - True - ).add_extension( - x509.BasicConstraints(ca=True, path_length=None), - True - ).sign(key, None if isinstance(key, Ed25519PrivateKey) or isinstance(key, Ed448PrivateKey) else hashes.SHA512()) - - with umask(0o0133), atomic_write(ca_cert, overwrite=False, mode='wb') as cf: - logger.info('Writing new certificate to ‘%s’...', ca_cert) - cf.write(cert.public_bytes(serialization.Encoding.PEM)) - logger.debug('Adjusting permissions for ‘%s’...', ca_cert) - os.chmod(ca_cert, 0o0444) - -def signcsr(ca_cert, ca_key, clock_skew, validity, subject, alternative_name, key_usage, ignore_alternative_names, csr, output): - if not key_usage: - raise InvalidParamsError('No extended key usages specified') - - csr_bytes = None - try: - csr_bytes = csr.read() - except AttributeError: - csr_bytes = csr - - csr = x509.load_pem_x509_csr(csr_bytes) - name = None - if not subject: - name = csr.subject - else: - try: - name = x509.Name.from_rfc4514_string(subject) - logger.info('‘%s’ interpreted as directory name: %s', subject, name) - except ValueError: - name = x509.Name([ - x509.NameAttribute(NameOID.COMMON_NAME, subject) - ]) - - if not ignore_alternative_names: - try: - ext = csr.extensions.get_extension_for_oid(ExtensionOID.SUBJECT_ALTERNATIVE_NAME) - csr_alt_names = set(ext.value) - logger.warn('Using alternative names from csr: %s', csr_alt_names) - alternative_name = set(to_dn(alternative_name)) | csr_alt_names - except ExtensionNotFound: - pass - else: - alternative_name = to_dn(alternative_name) - - ca_key = load_key(ca_key) - with open(ca_cert, 'rb') as fh: - ca_cert = x509.load_pem_x509_certificate(fh.read()) - - now = datetime.now(tz=timezone.utc) - cert = x509.CertificateBuilder().subject_name( - name - ).public_key( - csr.public_key() - ).serial_number( - (tai64nint(now) << 24) | (x509.random_serial_number() & int(ldexp(1, 24) - 1)) - ).not_valid_before( - now - clock_skew - ).not_valid_after( - now + validity - ).issuer_name( - ca_cert.subject - ).add_extension( - x509.AuthorityKeyIdentifier.from_issuer_public_key(ca_cert.public_key()), - False - ).add_extension( - x509.SubjectKeyIdentifier.from_public_key(csr.public_key()), - False - ).add_extension( - x509.KeyUsage(digital_signature=True, content_commitment=True, key_encipherment=True, data_encipherment=False, key_agreement=False, key_cert_sign=False, crl_sign=False, encipher_only=False, decipher_only=False), - True - ).add_extension( - x509.BasicConstraints(ca=False, path_length=None), - True - ).add_extension( - x509.ExtendedKeyUsage(list(map(lambda ku: ku.oid, key_usage))), - False - ) - - if alternative_name: - cert = cert.add_extension( - x509.SubjectAlternativeName(alternative_name), - False - ) - - cert = cert.sign(ca_key, None if isinstance(ca_key, Ed25519PrivateKey) or isinstance(ca_key, Ed448PrivateKey) else hashes.SHA256()) - - output = output.with_suffix('.crt') - - mv_bak(output) - with umask(0o0133), atomic_write(output, overwrite=False, mode='wb') as cf: - logger.info('Writing new certificate to ‘%s’...', output) - cf.write(cert.public_bytes(serialization.Encoding.PEM)) - logger.debug('Adjusting permissions for ‘%s’...', output) - os.chmod(output, 0o0444) - -def new_client(ca_cert, ca_key, key_type, clock_skew, validity, subject, alternative_name, key_usage, sops, output): - key_file = output.with_suffix('.key') - cert_file = output.with_suffix('.crt') - - key = None - try: - key = load_key(key_file) - logger.info('Successfully loaded privkey from ‘%s’', key_file) - - if not key_type.aligned(key): - logger.warn('Private key ‘%s’ does not align with requested type %s', key_file, key_type) - - mv_bak(key_file) - mv_bak(cert_file) - - raise FileNotFoundError(f'Key does not align with requested type: {key_file}') - except FileNotFoundError: - key = write_genkey(key_type, sops, key_file) - - name = None - try: - name = x509.Name.from_rfc4514_string(subject) - logger.info('‘%s’ interpreted as directory name: %s', subject, name) - except ValueError: - name = x509.Name([ - x509.NameAttribute(NameOID.COMMON_NAME, subject) - ]) - - csr = x509.CertificateSigningRequestBuilder().subject_name(name) - - if alternative_name: - csr = csr.add_extension( - x509.SubjectAlternativeName( - to_dn(alternative_name) - ), - False - ) - - return signcsr( - ca_cert=ca_cert, - ca_key=ca_key, - clock_skew=clock_skew, - validity=validity, - subject=None, - alternative_name=[], - key_usage=key_usage, - ignore_alternative_names=False, - output=cert_file, - csr=csr.sign( - key, - None if isinstance(key, Ed25519PrivateKey) or isinstance(key, Ed448PrivateKey) else hashes.SHA256(), - ).public_bytes(serialization.Encoding.PEM) - ) - -def to_pkcs12(random_password, random_password_length, weak_encryption, filename, temporary_output, output): - key_file = filename.with_suffix('.key') - cert_file = filename.with_suffix('.crt') - - output_handle = None - if not output: - if not temporary_output: - output = filename.with_suffix('.p12') - else: - output_handle, output = mkstemp(suffix='.p12', prefix=filename.stem + '.') - - key = load_key(key_file) - logger.info('Successfully loaded privkey from ‘%s’', key_file) - cert = None - with open(cert_file, mode='rb') as fh: - cert = x509.load_pem_x509_certificate(fh.read()) - logger.info('Successfully loaded certificate from ‘%s’', cert_file) - - with umask(0o0177), atomic_write(output, overwrite=False, mode='wb') if not output_handle else os.fdopen(output_handle, mode='wb') as fh: - logger.info('Writing to ‘%s’...', output) - common_name_attrs = cert.subject.get_attributes_for_oid(NameOID.COMMON_NAME) - if len(common_name_attrs) != 1: - raise InvalidParamsError('Invalid name structure in cert') - subject = common_name_attrs[0].value.lower() - - pw = None - if not random_password: - pw2 = None - while not pw2 or pw2 != pw: - pw = getpass(prompt='Password: ') - if not pw: - pw = None - break - else: - pw2 = getpass(prompt='Repeat password: ') - else: - from xkcdpass import xkcd_password as xp - ws = xp.generate_wordlist(wordfile=xp.locate_wordfile()) - pw = xp.generate_xkcdpassword(ws, numwords=random_password_length) - print(f'Password: {pw}', file=sys.stderr) - - encryption = None - if pw: - encryption = PrivateFormat.PKCS12.encryption_builder().kdf_rounds( - 500000 if not weak_encryption else 50000 - ).key_cert_algorithm( - pkcs12.PBES.PBESv2SHA256AndAES256CBC if not weak_encryption else pkcs12.PBES.PBESv1SHA1And3KeyTripleDESCBC - ).hmac_hash( - hashes.SHA256() if not weak_encryption else hashes.SHA1() - ).build(bytes(pw, 'utf-8')) - fh.write(pkcs12.serialize_key_and_certificates( - bytes(subject, 'utf-8'), - key, - cert, - None, - encryption, - )) - logger.debug('Adjusting permissions for ‘%s’...', output) - os.chmod(output, 0o0400) - - if temporary_output: - print(f'Temporary output file: {output}', file=sys.stderr) - - -def main(): - global logger - logger = logging.getLogger(__name__) - console_handler = logging.StreamHandler() - console_handler.setFormatter( logging.Formatter('[%(levelname)s](%(name)s): %(message)s') ) - if sys.stderr.isatty(): - console_handler.setFormatter( logging.Formatter('%(asctime)s [%(levelname)s](%(name)s): %(message)s') ) - logger.addHandler(console_handler) - - # log uncaught exceptions - def log_exceptions(type, value, tb): - global logger - - logger.error(value) - sys.__excepthook__(type, value, tb) # calls default excepthook - - sys.excepthook = log_exceptions - - - parser = argparse.ArgumentParser(prog='ca', formatter_class=argparse.ArgumentDefaultsHelpFormatter) - parser.add_argument('--verbosity', dest='log_level', action='append', type=int, help='Numeric verbosity') - parser.add_argument('--verbose', '-v', dest='log_level', action='append_const', const=1, help='Increase verbosity') - parser.add_argument('--quiet', '-q', dest='log_level', action='append_const', const=-1, help='Decrease verbosity') - subparsers = parser.add_subparsers(help='Subcommands', required=True) - - subparser = subparsers.add_parser('init', aliases=['initca', 'init-ca', 'ca'], formatter_class=argparse.ArgumentDefaultsHelpFormatter, description="Generate a new selfsigned CA certificate and associated private key\n\nPrivate key is only generated if it does not yet exist") - subparser.add_argument('--ca-cert', type=Path, default=Path('ca.crt'), help='Path to file containing CA certificate') - subparser.add_argument('--ca-key', type=Path, default=Path('ca.key'), help='Path to file containing CA private key') - subparser.add_argument('--key-type', type=KeyType.from_string, choices=list(KeyType), default=KeyType.ED448.value, help='Type of private key to generate') - subparser.add_argument('--clock-skew', metavar='DURATION', type=duration, default=timedelta(minutes=5), help='How far to shift begin of validity into the past') - subparser.add_argument('--validity', metavar='DURATION', type=duration, default=timedelta(days=ceil(365.2425*10)), help='How far to shift end of validity into the future') - subparser.add_argument('--sops', '--no-sops', action=BooleanAction, default=True, help='Encrypt private key using SOPS') - subparser.add_argument('--subject', metavar='DN', type=str, required=True, help='Subject name') - subparser.set_defaults(cmd=initca) - - subparser = subparsers.add_parser('sign', aliases=['signcsr', 'sign-csr'], formatter_class=argparse.ArgumentDefaultsHelpFormatter, description='Sign an existing CSR') - subparser.add_argument('--ca-cert', type=Path, default=Path('ca.crt'), help='Path to file containing CA certificate') - subparser.add_argument('--ca-key', type=Path, default=Path('ca.key'), help='Path to file containing CA private key') - subparser.add_argument('--clock-skew', metavar='DURATION', type=duration, default=timedelta(minutes=5), help='How far to shift begin of validity into the past') - subparser.add_argument('--validity', metavar='DURATION', type=duration, default=timedelta(days=ceil(365.2425*10)), help='How far to shift end of validity into the future') - subparser.add_argument('--subject', metavar='DN', type=str, required=False, help='Override subject name') - subparser.add_argument('--ignore-alternative-names', '--no-ignore-alternative-names', action=BooleanAction, default=True, help='Ignore subject alternative names provided in CSR') - subparser.add_argument('--key-usage', metavar='KEY_USAGE', type=SupportedKeyUsage, action=ExtendAction, default=[SupportedKeyUsage.CLIENT_AUTH], help='Allowed key usages') - subparser.add_argument('--alternative-name', metavar='CN', type=str, action='append', help='Subject alternative names') - subparser.add_argument('--output', type=Path, required=True, help='Output path') - subparser.add_argument('csr', metavar='FILE', type=argparse.FileType(mode='rb'), help='Path to file containing CSR') - subparser.set_defaults(cmd=signcsr) - - subparser = subparsers.add_parser('new-client', aliases=['new', 'new-client', 'client'], formatter_class=argparse.ArgumentDefaultsHelpFormatter, description='Generate a new CSR and sign it immediately') - subparser.add_argument('--ca-cert', type=Path, default=Path('ca.crt'), help='Path to file containing CA certificate') - subparser.add_argument('--ca-key', type=Path, default=Path('ca.key'), help='Path to file containing CA private key') - subparser.add_argument('--key-type', type=KeyType.from_string, choices=list(KeyType), default=KeyType.ED25519.value, help='Type of private key to generate') - subparser.add_argument('--clock-skew', metavar='DURATION', type=duration, default=timedelta(minutes=5), help='How far to shift begin of validity into the past') - subparser.add_argument('--validity', metavar='DURATION', type=duration, default=timedelta(days=ceil(365.2425*10)), help='How far to shift end of validity into the future') - subparser.add_argument('--sops', '--no-sops', action=BooleanAction, default=True, help='Encrypt private key using SOPS') - subparser.add_argument('--subject', metavar='DN', type=str, required=True, help='Subject name') - subparser.add_argument('--key-usage', metavar='KEY_USAGE', type=SupportedKeyUsage, action=ExtendAction, default=[SupportedKeyUsage.CLIENT_AUTH], help='Allowed key usages') - subparser.add_argument('--alternative-name', metavar='CN', type=str, action='append', help='Subject alternative names') - subparser.add_argument('--output', type=Path, required=True, help='Output path') - subparser.set_defaults(cmd=new_client) - - subparser = subparsers.add_parser('pkcs12', aliases=['p12', 'pfx'], formatter_class=argparse.ArgumentDefaultsHelpFormatter, description='Convert existing certificate and private key to PKCS#12 format') - subparser.add_argument('--random-password', '--no-random-password', action=BooleanAction, default=True, help='Encrypt PKCS#12 file with random passphrase -- otherwise prompt for one') - subparser.add_argument('--random-password-length', type=int, default=12, help='Number of words in random passphrase') - subparser.add_argument('--weak-encryption', '--no-weak-encryption', action=BooleanAction, default=False, help='Use weak, but more compatible, encryption') - subparser.add_argument('--temporary-output', '--no-temporary-output', action=BooleanAction, default=True, help='If output path is not given, generate output file in temporary directory') - subparser.add_argument('--output', type=Path, help='Output path') - subparser.add_argument('filename', metavar='BASENAME', type=Path, help='Input path') - subparser.set_defaults(cmd=to_pkcs12) - - args = parser.parse_args() - - - LOG_LEVELS = [logging.DEBUG, logging.INFO, logging.WARNING, logging.ERROR, logging.CRITICAL] - DEFAULT_LOG_LEVEL = logging.INFO - log_level = LOG_LEVELS.index(DEFAULT_LOG_LEVEL) - - for adjustment in args.log_level or (): - log_level = min(len(LOG_LEVELS) - 1, max(log_level - adjustment, 0)) - logger.setLevel(LOG_LEVELS[log_level]) - - - logger.debug('Using cryptography %s (%s)', cryptography_version, openssl.backend.openssl_version_text()) - - - args.cmd(**{ k: v for k, v in vars(args).items() if k in signature(args.cmd).parameters.keys() }) - -if __name__ == '__main__': - sys.exit(main()) diff --git a/tools/ca/default.nix b/tools/ca/default.nix deleted file mode 100644 index c5fe0cea..00000000 --- a/tools/ca/default.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ system, self, mach-nix, leapseconds, ... }: -let - pkgs = self.legacyPackages.${system}; -in mach-nix.lib.${system}.buildPythonPackage { - pname = "ca"; - src = pkgs.lib.sourceByRegex ./. ["^setup\.py$" "^ca(/[^/]+.*)?$"]; - version = "0.0.0"; - ignoreDataOutdated = true; - - requirements = '' - cryptography >=38.0.0 - fqdn - atomicwrites - leapseconddata - xkcdpass - ''; - - _.cryptography.buildInputs = with pkgs; [ openssl ]; - - postInstall = '' - wrapProgram $out/bin/ca \ - --set-default LEAPSECONDS_FILE ${leapseconds} \ - --prefix PATH : ${pkgs.lib.makeBinPath (with pkgs; [sops])} - ''; -} diff --git a/tools/ca/setup.py b/tools/ca/setup.py deleted file mode 100644 index 3342a7a6..00000000 --- a/tools/ca/setup.py +++ /dev/null @@ -1,10 +0,0 @@ -from setuptools import setup - -setup(name='ca', - packages=['ca'], - entry_points={ - 'console_scripts': [ - 'ca=ca.__main__:main' - ], - }, -) diff --git a/tools/sops-inventory/default.nix b/tools/sops-inventory/default.nix new file mode 100644 index 00000000..94c455e5 --- /dev/null +++ b/tools/sops-inventory/default.nix @@ -0,0 +1,19 @@ +{ system, self, mach-nix, ... }: +let + pkgs = self.legacyPackages.${system}; +in mach-nix.lib.${system}.buildPythonPackage { + pname = "sops-inventory"; + version = "0.0.0"; + + src = pkgs.lib.sourceByRegex ./. ["^setup\.py$" "^sops_inventory(/[^/]+.*)?$"]; + + ignoreDataOutdated = true; + requirements = '' + pyyaml + ''; + + postInstall = '' + wrapProgram $out/bin/sops-inventory \ + --set-default SOPS_INVENTORY_BASE ${self} + ''; +} diff --git a/tools/sops-inventory/setup.py b/tools/sops-inventory/setup.py new file mode 100644 index 00000000..3ea2a5d1 --- /dev/null +++ b/tools/sops-inventory/setup.py @@ -0,0 +1,11 @@ +from setuptools import setup + +setup( + name='sops-inventory', + packages=['sops_inventory'], + entry_points={ + 'console_scripts': [ + 'sops-inventory=sops_inventory.__main__:main' + ], + }, +) diff --git a/tools/sops-inventory/sops_inventory/__init__.py b/tools/sops-inventory/sops_inventory/__init__.py new file mode 100644 index 00000000..e69de29b diff --git a/tools/sops-inventory/sops_inventory/__main__.py b/tools/sops-inventory/sops_inventory/__main__.py new file mode 100644 index 00000000..68f72b60 --- /dev/null +++ b/tools/sops-inventory/sops_inventory/__main__.py @@ -0,0 +1,85 @@ +import os,sys + +from pathlib import Path +from collections import deque, defaultdict + +import argparse + +from yaml import load, YAMLError +try: + from yaml import CLoader as Loader +except ImportError: + from yaml import Loader + + +SOPS_TYPES = frozenset({'kms', 'gcp_kms', 'azure_kv', 'hc_vault', 'age', 'pgp'}) + + +class BooleanAction(argparse.Action): + def __init__(self, option_strings, dest, nargs=None, **kwargs): + super(BooleanAction, self).__init__(option_strings, dest, nargs=0, **kwargs) + + def __call__(self, parser, namespace, values, option_string=None): + setattr(namespace, self.dest, False if option_string.startswith('--no') else True) + + +def main(): + default_base = os.getenv('SOPS_INVENTORY_BASE', default=[]) + if default_base: + default_base = Path(default_base) + + parser = argparse.ArgumentParser(formatter_class=argparse.ArgumentDefaultsHelpFormatter) + parser.add_argument('--list-files', '--no-list-files', action=BooleanAction, default=False, help='Only list sops files') + parser.add_argument('path', metavar='PATH', nargs='?' if default_base else None, type=Path, default=default_base, help='Base directory to take inventory of') + args = parser.parse_args() + + inventory = defaultdict(set) + + queue = deque([args.path]) + while queue: + baseDir = queue.popleft() + for child in baseDir.iterdir(): + if child.is_dir(): + queue.append(child) + else: + try: + with child.open(mode='r') as fh: + yaml = load(fh, Loader=Loader) + if not yaml: + raise ValueError('Could not parse YAML') + if not isinstance(yaml, dict) or not 'sops' in yaml: + raise ValueError('Did not find "sops" key') + sops = yaml['sops'] + + key_info = set() + for k in SOPS_TYPES: + if k in sops: + v = sops[k] + if not v: + continue + + match k: + case 'pgp': + for r in v: + key_info.add(r['fp']) + case 'age': + for r in v: + key_info.add(r['recipient']) + case _: + raise NotImplementedError + inventory[frozenset(key_info)].add(child.relative_to(args.path)) + except (YAMLError, ValueError) as e: + pass + + if not args.list_files: + for keys, files in inventory.items(): + print(','.join(keys) + ':') + for file in files: + print(' - ' + str(file)) + else: + for _, files in inventory.items(): + for file in files: + print(file) + +if __name__ == '__main__': + os.exit(main()) diff --git a/tools/tai64dec/default.nix b/tools/tai64dec/default.nix deleted file mode 100644 index 380c22bf..00000000 --- a/tools/tai64dec/default.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ system, self, mach-nix, leapseconds, ... }: -let - pkgs = self.legacyPackages.${system}; -in mach-nix.lib.${system}.buildPythonPackage { - pname = "tai64dec"; - src = pkgs.lib.sourceByRegex ./. ["^setup\.py$" "^tai64dec(/[^/]+.*)?$"]; - version = "0.0.0"; - ignoreDataOutdated = true; - - requirements = '' - leapseconddata - ''; - - postInstall = '' - wrapProgram $out/bin/tai64dec \ - --set-default LEAPSECONDS_FILE ${leapseconds} - ''; -} diff --git a/tools/tai64dec/setup.py b/tools/tai64dec/setup.py deleted file mode 100644 index d936796b..00000000 --- a/tools/tai64dec/setup.py +++ /dev/null @@ -1,10 +0,0 @@ -from setuptools import setup - -setup(name='tai64dec', - packages=['tai64dec'], - entry_points={ - 'console_scripts': [ - 'tai64dec=tai64dec.__main__:main' - ], - }, -) diff --git a/tools/tai64dec/tai64dec/__main__.py b/tools/tai64dec/tai64dec/__main__.py deleted file mode 100644 index a8854523..00000000 --- a/tools/tai64dec/tai64dec/__main__.py +++ /dev/null @@ -1,46 +0,0 @@ -import sys, os - -import argparse - -from leapseconddata import LeapSecondData -from math import ldexp -from pathlib import Path -from datetime import datetime, timezone -import secrets - - -class BooleanAction(argparse.Action): - def __init__(self, option_strings, dest, nargs=None, **kwargs): - super(BooleanAction, self).__init__(option_strings, dest, nargs=0, **kwargs) - - def __call__(self, parser, namespace, values, option_string=None): - setattr(namespace, self.dest, False if option_string.startswith('--no') else True) - - -def main(): - parser = argparse.ArgumentParser(prog='tai64dec', formatter_class=argparse.ArgumentDefaultsHelpFormatter) - parser.add_argument('--random', '--no-random', action=BooleanAction, default=False) - parser.add_argument('--ns', '--no-ns', action=BooleanAction, default=True) - args = parser.parse_args() - - - leapsecond_data = LeapSecondData.from_file(Path(os.getenv('LEAPSECONDS_FILE'))) - - now = datetime.now(tz=timezone.utc) - - tai_dt = leapsecond_data.to_tai(now) - seconds = int(tai_dt.timestamp()) - seconds += int(ldexp(1, 62)) - out = seconds - - if args.ns: - nanoseconds = int((tai_dt.timestamp() - seconds) / 1e-9) - out = out << 32 | nanoseconds - - if args.random: - out = out << 24 | int.from_bytes(secrets.token_bytes(3), byteorder='little', signed=False) - - print('{:d}'.format(out), file=sys.stdout) - -if __name__ == '__main__': - sys.exit(main()) diff --git a/user-profiles/utils.nix b/user-profiles/utils.nix index c04e3a03..48df50ea 100644 --- a/user-profiles/utils.nix +++ b/user-profiles/utils.nix @@ -62,9 +62,9 @@ in { }; home.packages = with pkgs; [ - autossh usbutils pciutils exa silver-searcher pwgen unzip - magic-wormhole qrencode tty-clock dnsutils openssl sshfs psmisc - mosh tree vnstat file pv bc zip nmap aspell + autossh usbutils pciutils exa silver-searcher pwgen xkcdpass + unzip magic-wormhole qrencode tty-clock dnsutils openssl sshfs + psmisc mosh tree vnstat file pv bc zip nmap aspell aspellDicts.de aspellDicts.en borgbackup man-pages rsync socat inetutils yq cached-nix-shell persistent-nix-shell rage smartmontools hdparm nix-output-monitor wrappedLess -- cgit v1.2.3