diff --git a/.sops.yaml b/.sops.yaml index df235b5..fbe4bbf 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -2,7 +2,7 @@ keys: - &admin age1mpq8m4p7dnxh5ze3fh7etd2k6sp85zdnmp9te3e9chcw4pw07pcq960zh5 - &north age18x6herevmcuhcmeh47ll6p9ck9zk4ga6gfxwlc8yl49rwjxm7qusylwfgc - &inspiron age1jl9s4vp78wuwymjxaje6fg4ax0gg5aq8pn8khfmtn5rvap0d83tqfr05dv - - &proxima age1pryafed9elaea6zk5gnf6drjt4nznc02385y973lwt9t2s7j7vmsfnggkp + - &stratus age1pryafed9elaea6zk5gnf6drjt4nznc02385y973lwt9t2s7j7vmsfnggkp - &seb-north age1p32cyzakxtcx346ej82ftln4r2aw2pcuazq3583s85nzsan4ygqsj32hjf - &seb-inspiron age1s9h9hh8f0vudwn4awr90mj0ka2xh9gppwus0jmvmaz3j3uckz94s36gzkz creation_rules: @@ -16,11 +16,11 @@ creation_rules: - age: - *admin - *inspiron - - path_regex: hosts/proxima/secrets.yaml$ + - path_regex: hosts/stratus/secrets.yaml$ key_groups: - age: - *admin - - *proxima + - *stratus - path_regex: users/seb/@north/secrets.yaml$ key_groups: - age: diff --git a/flake/hosts.nix b/flake/hosts.nix index dca0d1e..82157bc 100644 --- a/flake/hosts.nix +++ b/flake/hosts.nix @@ -31,7 +31,7 @@ in flake.nixosConfigurations = lib.mkMerge [ (mkHost "north" unstable) (mkHost "inspiron" unstable) - (mkHost "proxima" stable) + (mkHost "stratus" stable) (mkHost "installer" stable) ]; } diff --git a/hosts/proxima/secrets.yaml b/hosts/proxima/secrets.yaml deleted file mode 100644 index da2e705..0000000 --- a/hosts/proxima/secrets.yaml +++ /dev/null @@ -1,34 +0,0 @@ -seb-password: ENC[AES256_GCM,data:N3w7niUZsyFmF2gF+gMhlDb6XfoYZ8yNrZvv2J0Cb3zDhstW7LsgYZVcM3+MXPbTDE9xJ00VGBayOT7fW+5IYYWdGgbRWvOH0w==,iv:rLCKJ9wUL+3sjIaqwV89pYJtt/ERuoR4AAgbt9H4oHg=,tag:nuh9rT0W500w8+y76MqC1Q==,type:str] -tailscale-auth-key: ENC[AES256_GCM,data:zKjJsG23GYrAIAoTe9pRI/b9w6JPB/0EDrdtspQq1/dw7eQq7BuzYMT5O5EAy+5A9ZP3fDaleO5nFXRFvg==,iv:p7Dpq30TZyb20E5TfscycxMiN1XUx66DbNPhwuZkwaA=,tag:V/fc99Zv4xJ6PDxNIWHRew==,type:str] -nextcloud: - admin-password: ENC[AES256_GCM,data:+gNp7oDzLk2gxalEtj8R0FWW3Jwvr1PzWo7+iZj0,iv:zZjwG+Z1KyrZN/i/rSg5LZ0lnQGBhxlAaREgKUCxco8=,tag:kBQjz1ISX5Gh9LeUfO4KdQ==,type:str] - gmail-password: ENC[AES256_GCM,data:lbdSZPEmXx1zU0fdaXHle9by9rk=,iv:SSN379SVvonVQjEpopFe8O6tY30k1l9YxKPB6a+xo6U=,tag:jiWy3b16i0zXTyaOhY+5Vw==,type:str] -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age1mpq8m4p7dnxh5ze3fh7etd2k6sp85zdnmp9te3e9chcw4pw07pcq960zh5 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmdU9yQjVQbEFtN3dYVjhN - dTVpaXV2bWEvQXlnVkJ5Z3ZLL2VhV0FhdnpVCmQySzJWL1RnU0xETGxNeGxEeHVy - K2JPSmtteXA3SHg4SHcwTWxRUVlDUnMKLS0tIGhlTXE3ZVdkQzdNV1RjQy85b3gw - U2xiejFuVzZKRFJkcVRhWGpXUDNSeW8KHdBFwQb0JItYgkZ7mDo3agTnDr3Ii8j6 - 9LdLwahPwqScGbEONp8A1yzyTEabCiI5Hl9+ptKJoGlJK/lzfrCfsw== - -----END AGE ENCRYPTED FILE----- - - recipient: age1pryafed9elaea6zk5gnf6drjt4nznc02385y973lwt9t2s7j7vmsfnggkp - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0Tm9tcVdHcVRpTmw2L0Qy - UWtjMG5uMUlodElDZ2cyZ3Q0NHQ4OGdFV1ZnCjF1RS9XaEltOHAzYmxUcHNLcVk4 - bHBpYUs3SzJlamI2dFozLzV6NThaRVEKLS0tIHN3YmJQNjhWaThPL1JmeUI5NlRT - aW00MUpGdXpYam5LYVFUenh2VndzcE0KT6Hfx1CYJFseFaEZxwi4Fds4v1HEFzBo - FdSC6pzpZkfXso8EtSftq0lPx10GfJ6GZXYb+bCB2S9ROvUMPYDH3A== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-08-29T13:58:05Z" - mac: ENC[AES256_GCM,data:E1zrsHL+mVaX6mVuPVw793e5/epoRV06nMguU7CT3v9yeDJ4ftO3dwqBChsR2xcISeIuTMc7W72GS57UMhrY08q/jwAKnR7WiPt6/6iK3TLyAKdOj9q/B8FYVuRu+T5cN5CY7cNE0EK+KAVXUcfNi6KAzt1Mow39cgjfddTMdA4=,iv:+GaMKNQaI4mtg0E5b0Ua0c7+K66/9cIUNkWFTxG6gzY=,tag:NnmL6HKv9J3RuqwH01UyNA==,type:str] - pgp: [] - unencrypted_suffix: _unencrypted - version: 3.9.0 diff --git a/hosts/proxima/containers/nextcloud/default.nix b/hosts/stratus/containers/nextcloud/default.nix similarity index 100% rename from hosts/proxima/containers/nextcloud/default.nix rename to hosts/stratus/containers/nextcloud/default.nix diff --git a/hosts/proxima/containers/nextcloud/email-server.nix b/hosts/stratus/containers/nextcloud/email-server.nix similarity index 100% rename from hosts/proxima/containers/nextcloud/email-server.nix rename to hosts/stratus/containers/nextcloud/email-server.nix diff --git a/hosts/proxima/containers/nextcloud/nextcloud.nix b/hosts/stratus/containers/nextcloud/nextcloud.nix similarity index 100% rename from hosts/proxima/containers/nextcloud/nextcloud.nix rename to hosts/stratus/containers/nextcloud/nextcloud.nix diff --git a/hosts/proxima/containers/nextcloud/tailscale.nix b/hosts/stratus/containers/nextcloud/tailscale.nix similarity index 100% rename from hosts/proxima/containers/nextcloud/tailscale.nix rename to hosts/stratus/containers/nextcloud/tailscale.nix diff --git a/hosts/proxima/default.nix b/hosts/stratus/default.nix similarity index 100% rename from hosts/proxima/default.nix rename to hosts/stratus/default.nix diff --git a/hosts/proxima/disko.nix b/hosts/stratus/disko.nix similarity index 100% rename from hosts/proxima/disko.nix rename to hosts/stratus/disko.nix diff --git a/hosts/proxima/hardware.nix b/hosts/stratus/hardware.nix similarity index 100% rename from hosts/proxima/hardware.nix rename to hosts/stratus/hardware.nix diff --git a/hosts/stratus/secrets.yaml b/hosts/stratus/secrets.yaml new file mode 100644 index 0000000..88481c2 --- /dev/null +++ b/hosts/stratus/secrets.yaml @@ -0,0 +1,34 @@ +seb-password: ENC[AES256_GCM,data:N3w7niUZsyFmF2gF+gMhlDb6XfoYZ8yNrZvv2J0Cb3zDhstW7LsgYZVcM3+MXPbTDE9xJ00VGBayOT7fW+5IYYWdGgbRWvOH0w==,iv:rLCKJ9wUL+3sjIaqwV89pYJtt/ERuoR4AAgbt9H4oHg=,tag:nuh9rT0W500w8+y76MqC1Q==,type:str] +tailscale-auth-key: ENC[AES256_GCM,data:zKjJsG23GYrAIAoTe9pRI/b9w6JPB/0EDrdtspQq1/dw7eQq7BuzYMT5O5EAy+5A9ZP3fDaleO5nFXRFvg==,iv:p7Dpq30TZyb20E5TfscycxMiN1XUx66DbNPhwuZkwaA=,tag:V/fc99Zv4xJ6PDxNIWHRew==,type:str] +nextcloud: + admin-password: ENC[AES256_GCM,data:+gNp7oDzLk2gxalEtj8R0FWW3Jwvr1PzWo7+iZj0,iv:zZjwG+Z1KyrZN/i/rSg5LZ0lnQGBhxlAaREgKUCxco8=,tag:kBQjz1ISX5Gh9LeUfO4KdQ==,type:str] + gmail-password: ENC[AES256_GCM,data:lbdSZPEmXx1zU0fdaXHle9by9rk=,iv:SSN379SVvonVQjEpopFe8O6tY30k1l9YxKPB6a+xo6U=,tag:jiWy3b16i0zXTyaOhY+5Vw==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1mpq8m4p7dnxh5ze3fh7etd2k6sp85zdnmp9te3e9chcw4pw07pcq960zh5 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmdU9yQjVQbEFtN3dYVjhN + dTVpaXV2bWEvQXlnVkJ5Z3ZLL2VhV0FhdnpVCmQySzJWL1RnU0xETGxNeGxEeHVy + K2JPSmtteXA3SHg4SHcwTWxRUVlDUnMKLS0tIGhlTXE3ZVdkQzdNV1RjQy85b3gw + U2xiejFuVzZKRFJkcVRhWGpXUDNSeW8KHdBFwQb0JItYgkZ7mDo3agTnDr3Ii8j6 + 9LdLwahPwqScGbEONp8A1yzyTEabCiI5Hl9+ptKJoGlJK/lzfrCfsw== + -----END AGE ENCRYPTED FILE----- + - recipient: age1pryafed9elaea6zk5gnf6drjt4nznc02385y973lwt9t2s7j7vmsfnggkp + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0Tm9tcVdHcVRpTmw2L0Qy + UWtjMG5uMUlodElDZ2cyZ3Q0NHQ4OGdFV1ZnCjF1RS9XaEltOHAzYmxUcHNLcVk4 + bHBpYUs3SzJlamI2dFozLzV6NThaRVEKLS0tIHN3YmJQNjhWaThPL1JmeUI5NlRT + aW00MUpGdXpYam5LYVFUenh2VndzcE0KT6Hfx1CYJFseFaEZxwi4Fds4v1HEFzBo + FdSC6pzpZkfXso8EtSftq0lPx10GfJ6GZXYb+bCB2S9ROvUMPYDH3A== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-08-29T13:58:05Z" + mac: ENC[AES256_GCM,data:E1zrsHL+mVaX6mVuPVw793e5/epoRV06nMguU7CT3v9yeDJ4ftO3dwqBChsR2xcISeIuTMc7W72GS57UMhrY08q/jwAKnR7WiPt6/6iK3TLyAKdOj9q/B8FYVuRu+T5cN5CY7cNE0EK+KAVXUcfNi6KAzt1Mow39cgjfddTMdA4=,iv:+GaMKNQaI4mtg0E5b0Ua0c7+K66/9cIUNkWFTxG6gzY=,tag:NnmL6HKv9J3RuqwH01UyNA==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.9.0 diff --git a/users/seb/@proxima/default.nix b/users/seb/@stratus/default.nix similarity index 100% rename from users/seb/@proxima/default.nix rename to users/seb/@stratus/default.nix