diff --git a/.sops.yaml b/.sops.yaml index 24abd47..5c1d8c7 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -1,6 +1,12 @@ keys: - &admin_jrpotter age1huyyxsy4g0e5svmcejxvvdjnnk6qkulgd3qfpue59exnfrnqzudspxnn62 + - &server_phobos age16twzd97nh7tstk5meh277w02le6dxqmv7wzrjlemn87n36dzlyfq7uusj2 creation_rules: + - path_regex: phobos/[^/]+\.(yaml|json|env|ini|enc)$ + key_groups: + - age: + - *admin_jrpotter + - *server_phobos - path_regex: .* key_groups: - age: diff --git a/hive/phobos/default.nix b/hive/phobos/default.nix index c927813..59671e6 100644 --- a/hive/phobos/default.nix +++ b/hive/phobos/default.nix @@ -11,7 +11,7 @@ in sops-nix.nixosModules.sops ]; - deployment.targetHost = null; + deployment.targetHost = "143.198.142.171"; networking = { hostName = "phobos"; diff --git a/hive/phobos/secrets.yaml b/hive/phobos/secrets.yaml index 82784cb..2bc2137 100644 --- a/hive/phobos/secrets.yaml +++ b/hive/phobos/secrets.yaml @@ -1,4 +1,4 @@ -SECRET_KEY_BASE: ENC[AES256_GCM,data:1p8IKwVEPRCtrhIitv3WztJmCo9LsbWgYuroQ2DzdHJWEtN1Ye/0sIhmrjEBugiRT5zVUEKip16VQRvq9i6DkVFi3cF2qlvslc1dycGtbtQ=,iv:Q2Tm87vSH8JLQbHcKU649X3KcLJtEOPcneHEYBjmSPY=,tag:RYOXrShhwBvdrguq/lbSKQ==,type:str] +SECRET_KEY_BASE: ENC[AES256_GCM,data:7momHRbT88d1hVkABk9altYurje6s/NQCuDRttBZm9JND1Gtdlf/xaPBHHBH/S0zYGZirzFsYHUYsCNeSNDao9Wa6zpb/ISt9gdMJ4kng3s=,iv:xcPtA1h1LapQpH2A2cyRIh22w5obrIibatE3b2EKpQ8=,tag:pxatJLQv2lBCFja6a/lSzQ==,type:str] sops: kms: [] gcp_kms: [] @@ -8,23 +8,23 @@ sops: - recipient: age1huyyxsy4g0e5svmcejxvvdjnnk6qkulgd3qfpue59exnfrnqzudspxnn62 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBCbXdCWVllY0xzaVJ4K3VL - anJsd0FFN1J1amlKTVpzaHE1dlVKL05ObDJBCnVKa1ZFZmNyTS9mRlJyM0NiaGFO - TDh2ak1wZmNqSXYwOEF4M1ZlY1BlcjAKLS0tIDZWbXVpSzkyS2lBK1hZVUI0Zklk - RDMveTJ0UkdmRE1HV3BaQlpvWTlXOUkKwrhRj5eqNafOUqYrwT20hMm+ocJxSv+X - eV4+7r6m4Y142XsQENvfk4ow0fLO8h1Fuvh09GHLoBAZGAfbNCop9Q== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvalIvZDJGbTl6bW1yRWxN + MTUzOG5NTEV4YUZYYU1jajhrc25GaVJ2SzIwCm1NN0Z4TFFyRFpwUTgvRTBIVzFo + dUhLSytmc3h2WmI5d29ueFdJU1hxSlkKLS0tIEdxN3FHS0IxMGtHMTBqRVNkQkdt + aXdEZWttYm9nK0NGQ3FnNHozWkRYcE0KLYe1ObAipGDJlP51n6p9i5cUuyv2yGob + BkAb0MKZSe3itmr2YCvdq4ZhR6HEO56DDdOgWA7lN62Aml8L4y51IQ== -----END AGE ENCRYPTED FILE----- - - recipient: age1lmx6334s0y2ecfpve00vcjemyechycda2g8c5nnpzs5py2qay9pqx8m3vs + - recipient: age16twzd97nh7tstk5meh277w02le6dxqmv7wzrjlemn87n36dzlyfq7uusj2 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVb3oyOW9mUmp5YWg1Ulln - bXgxRlhxQi9lZGFhK3NpblRVS0lRTDNtK2pzCnVFdzBHSGUyNGlDV2VaLzhEeS8x - a0txMU0zNHMyRnlrTlMvT09vVG5GTWsKLS0tIGNyRWVsRTFOYkhxY0J2Qks4ZFYv - VmhpRjhXZEQ0WlZaOVhXZWx6SXpPczAKNJh8yms/llCJanKKcTBHmnUgUdwzRFfJ - /jB3RhjIAehrt3zFl7b6hW8sWJipjkhwXkl9KmXGkmgVvrEdfmM5kg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzZDJHOFd6STlZM1ZSc1pX + bmh0eXNDQ1FvZlpLWkpQcGxrMXVuSXUxaUFrCkc5QjdEM2xlV1N0K0MxUi9MeVhU + dmp3U2lBQVcrTld2T2RHR2t2UjVJd3MKLS0tIHJhamRwQ3ZmZWFrSFA5dEpDVm1n + eVRiNzAyRk9mUXpPZmRCcU5BVitjQW8KPFKtQSwOKtp5pLI2mlAXtkc8nJYoXjo0 + jdqxptc4a7uKywi8s1lffUSkV/ifMxVc9uH2M+0ry227aU+r2Lk0tA== -----END AGE ENCRYPTED FILE----- - lastmodified: "2023-12-09T00:29:20Z" - mac: ENC[AES256_GCM,data:jVA9UKjBfLJzlOnU0Wvzq8MTsIXURpB3d5ER9OuFz9t/aBuMzPsFcOE5zzgYYisc1s4UnHowuGz72ZAAbIZTP6GaaJ2Mta3rbqUvJrYZMmD+1AujedGzKHbwD6Pc8V70v17PoMCiX3psJy8B+COksIX4nhJEnh4rpgv4HHRehGk=,iv:LA4Zgpbyd8AaKhsN7ei72sSWJr5Qpt8AbON7F99Qyv4=,tag:1DCjPbQldhGIwSGNpKvgNQ==,type:str] + lastmodified: "2023-12-12T13:34:11Z" + mac: ENC[AES256_GCM,data:dfaKEgUVSUMKAs1gwwegunrDpjYCxVVfbXn36wODeDspNB9ub1j7d2aV11ayVh8TtVTmOY7+oV1Zo6t1SpWFV9cbkkeJ47bHHVget1eQkmvLuwpRywhIxXhkW7JOzXwQxGpnJLCB0U7M3XlGUdJXbq38VHuL/DEbSpS3YY6x9NQ=,iv:vlfb0DX4UiKv5oQ+gW+h/E7E/lvmCGSfdxV/nAZg15o=,tag:VGoHePRK6abeXgnEDWvpHQ==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.7.3 diff --git a/hive/titan/default.nix b/hive/titan/default.nix index ed562ee..3ce6b82 100644 --- a/hive/titan/default.nix +++ b/hive/titan/default.nix @@ -5,7 +5,7 @@ home-manager.nixosModules.home-manager ]; - deployment.targetHost = "161.35.235.205"; + deployment.targetHost = "143.110.158.6"; networking.hostName = "titan";