From 95519e0a48ab54c2e98ba4d1d009bb36b10acdb0 Mon Sep 17 00:00:00 2001 From: mc-fucker Date: Mon, 24 Apr 2023 01:13:52 +0200 Subject: [PATCH] added sops test --- .sops.yaml | 17 +++++++++++ secrets/secrets.yaml | 68 ++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 85 insertions(+) create mode 100644 .sops.yaml create mode 100644 secrets/secrets.yaml diff --git a/.sops.yaml b/.sops.yaml new file mode 100644 index 0000000..99c2973 --- /dev/null +++ b/.sops.yaml @@ -0,0 +1,17 @@ +keys: + - &mc-fucker age1kykrekyuvvsv2n0n5ncdpygjax4p0yalt2mypucdek07ze04vpaqr5uccr + - &mc4 age1pdx79uesad4ggg0r6zar8rg9hzdsyfgftge50usm29tfhjx869pqxh2vv3 + - &mc5 age1cymjdmd5ynlph2ftwk9d722tfma93tmahgpdktwvtjnt296k5g7qxmxlgc + - &mc6 age1vkd4y03vrulqlyc6x2ujgze8qzufzcsxuejuxlpss29eq3dc3pxqwmx66h + - &mc7 age12d2yxu08cncv52sjdzrx9t0pqc5z7yluyw3faw9qc9stnncqn5fqzwzkc5 + - &vpn age1cymjdmd5ynlph2ftwk9d722tfma93tmahgpdktwvtjnt296k5g7qxmxlgc +creation_rules: + - path_regex: secrets/[^/]+\.yaml$ + key_groups: + - age: + - *mc-fucker + - *mc4 + - *mc5 + - *mc6 + - *mc7 + - *vpn diff --git a/secrets/secrets.yaml b/secrets/secrets.yaml new file mode 100644 index 0000000..dfdfdf0 --- /dev/null +++ b/secrets/secrets.yaml @@ -0,0 +1,68 @@ +mariadb: + root: ENC[AES256_GCM,data:wgFoj9tLqwvI1JI+VDQQvlfKtjGiWszIPoF5YXOiePZnulT8k2MOdg==,iv:9rljSZ9Fnx7gHtDaOvXiBLs5qdtobjLO1BceMw8QHsY=,tag:TIFsAZmw4J1gfVp9Rjtbbg==,type:str] + bookstack: ENC[AES256_GCM,data:y9zVN8qJ870UlMUNY+4zQrZVuXjerg7R2HFZS9cIKfKd6pTj4CqvkQ==,iv:e+mZw0tfTjjhS1XdZfLd8hZVLKMTpKCGJPw2PrBpqIw=,tag:VD6VR5f3rhb72B8xItM+HQ==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1kykrekyuvvsv2n0n5ncdpygjax4p0yalt2mypucdek07ze04vpaqr5uccr + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvakRBc25TWmdKUDVlb3Iv + SnhuaEhwamEraEZDWDhuQ3RSSVE0SkZaMkZFClZZeFgza1lrU1dIY2dRVGpDY1hw + WWYvQUZocEhtRENTK0RFS3FoQjFjeXMKLS0tIFhyOFhoTUsvNDVEb1Q0Q3hBMUZk + Mm5uTHZPMWpPaHhHV3pFbHAwWW92STgKOj8Xxq/KkEikwh5q28c2lgCPS67whHa7 + SOD+tNZRCpL0w9ZVIqTH2De/DIrgWotacpofqdS0o/Thb1e35vyXuA== + -----END AGE ENCRYPTED FILE----- + - recipient: age1pdx79uesad4ggg0r6zar8rg9hzdsyfgftge50usm29tfhjx869pqxh2vv3 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvU1ZxU1NaY2RrbEtsS25U + Q0tUL3lJZE5OdTRYZWJQUG12c0RycC9IUDNRCnc0MkVRUERBbkpNaHhXWkh4b21Y + TlVndDJHak1MQkQyOWtrQ1VTL2t6QUkKLS0tIHBCS2JNSnRrRUNqMjVIbWpoUDln + c2VyVVlGZVUraURtdzhHYUt4L1B1T0EKvc/z44LI0HXUvGYq5J8Gqo8kKJWzLp/H + RKdf4cwTu6XzETgbIHR6CFfRt33CTjGfEZlMgr3jC8J0RYRFYhPQrQ== + -----END AGE ENCRYPTED FILE----- + - recipient: age1cymjdmd5ynlph2ftwk9d722tfma93tmahgpdktwvtjnt296k5g7qxmxlgc + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxeWNkQi9DSWw4RVExemo3 + aG1HZGFycnlIWk9xMWVWK2ZvN3cyak1wbWpzCkY1UDV2SUhzbzU1My9Ta2YxRDVV + UFpsWUViaEQ0RHNiUkFPUkxpeVgvVGMKLS0tIDJWbmZwenZBa3hLYU1OMjB0ZGZ0 + eVpLUzAreDd4SzRHblpZM1I1cXc5K3cK4RSjR8z9EUwGzgq9reZA1EVQUtJpPZyc + gxjs2JQ+tTf1QZ9k+FZdQAiJjJzsUocl4viEjljrqpozflvkesJF7A== + -----END AGE ENCRYPTED FILE----- + - recipient: age1vkd4y03vrulqlyc6x2ujgze8qzufzcsxuejuxlpss29eq3dc3pxqwmx66h + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRT3NqUkl1b3lTU2ZUdnZS + Y3FvTm9YQ015U1FVYVFkOWJOdm9XejZTNHpZCjRvdHpLSmNHTjA5a1oxSkNWR1Zk + Sjk1RWpDUmtZRG5jQ2d6Q2VKMHluOFUKLS0tIDZaMk5yNE80TEJ4YlBVSTE4K09l + RTVIcFBTY3cyZjVzSjNJRVlKcnZvTGsKz1y9xuZWd8hNQ3phAAYyjWqW1puMxOpi + mczRjn0RUMt47dwBZwfDnybNbfMFizYIWCENT/YoJLhPaOM3N4OOIw== + -----END AGE ENCRYPTED FILE----- + - recipient: age12d2yxu08cncv52sjdzrx9t0pqc5z7yluyw3faw9qc9stnncqn5fqzwzkc5 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvcE5US0FkNGk5VnJFRmxi + cTg2cldBUmxGaTl0dnJkOXQwM05yUFF5akU4CjkrRjhWdTZxL1p2SWQ4UnkrdExr + Z0RUOWZHOWk3SGEwdXg2RDBDbW5kR28KLS0tIGxDdkxKbFJUTjBuZGVxRWgreVRQ + YUVMaGh4THhkSzA4cklqNWNtQWZYWmMKYT2ZIqOnx+wNSPHbj0ZQaTxbELnvl2v1 + bfe4fRxTmA7u9y/nNDDJWKDD+WR2oSEzsBLpTC9jgF0AeTGluu4uMQ== + -----END AGE ENCRYPTED FILE----- + - recipient: age1cymjdmd5ynlph2ftwk9d722tfma93tmahgpdktwvtjnt296k5g7qxmxlgc + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBidjNzMmFLcVFmZUc5eHdh + aEhNUHRrNU8yZHp3cTJmczRYajIvSCs2aEdFCkhhNkhGVjl5M3pUeHFBNDN5Q3BS + NDdMZGV0YWM0Wm81RWR0dlFKeFpnMTAKLS0tIEEzeHRJUS9YNU95Uno3RUs1aHg4 + cEs3djRYblZicnU5TWt4UUsrZXlFZkkK+UnjkcfO59EUxlbzs2F02ij2w5KTFPo1 + /AZ3xjWr1d2vunzzmh3ABvn13r0vaGWCcTBsIBBCfxBrf6EZS+RJLQ== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2023-04-23T23:05:14Z" + mac: ENC[AES256_GCM,data:OrDpQ6v5PseXQx2r00lLS9Z6OH2ENzXhP3g0E9LEMSHYzOufsRrUYKE+sAi0MutZEknfWgomMzYGo2wIq+OSqy2+ElXlvuUuCDNxBddl0Q1QSwUFi4yPg/DfHDUhIjQKhOG3f6IEIpiKiZeq9HuUA9ORMrVEB4xp4lpUM6oqzAI=,iv:rB6zah7G7I13wIL4VPVH6F+uGunNlITkwltnBBS/rc0=,tag:ulHuANOYEcMQipvG2RU8xA==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.7.3