fix(secrets): update sopsFile path for internetbs
Change the sopsFile path in acme.nix to point to the sgx directory instead of hetzner to ensure the correct configuration file is referenced. Added a new encrypted secrets file specific to the sgx directory to maintain security and confidentiality.
This commit is contained in:
parent
818ae41e58
commit
95c68ccc7d
30
.secrets/sgx/internetbs.yaml
Normal file
30
.secrets/sgx/internetbs.yaml
Normal file
|
|
@ -0,0 +1,30 @@
|
||||||
|
internetbs: ENC[AES256_GCM,data:HTTxPwcGWFo/WkWD6UZhE6qUaBmJSVFzDux3EFn2uH1mCPoW0vKykfUbbMCJo0tWMvQszetAuO5jnQJJBrIkM6vaXX06ZlDUWluh+sPavqKFeq9HDobgf9qhhaaSHgrD/hLgz+dJ+Lj87/huEMhWj8KrnPY1Hj5uDUFVaJOMgNzczSt6iLA/mdL/cEiBT5st8qk8,iv:Ug59B4G7p0zVEAuMQlEYk+GcOjy/QOxEvxbdLnRTgpA=,tag:Z/7ceoVgr3ciNFKSlncjpA==,type:str]
|
||||||
|
sops:
|
||||||
|
kms: []
|
||||||
|
gcp_kms: []
|
||||||
|
azure_kv: []
|
||||||
|
hc_vault: []
|
||||||
|
age:
|
||||||
|
- recipient: age149fqcw5jze00vd7jauylrp4j5xyv7amlu57jjfuzghkqtzlnxajs704uz3
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBaalQzV0VpQXJVUFVOZWJw
|
||||||
|
UVNMNHI1UURCSEVaaUxlZHN4MnRSeTlRandJCmlwRlNFTHlHY2g5WTc0OHpEVG9m
|
||||||
|
U3ZsYkhPMHd2Z2FMSlF5TWlRR29OVVUKLS0tIHhyYzNUcjlhL2J4VlVWcTIxNE9D
|
||||||
|
aDN5RURrZXF0YnVEZjNDN215ZWd2OHMKtyOhWXFIJOhRUf8UoKql2S9xd4vXuZR1
|
||||||
|
SCpyveq4Pe518MX2wQ3cnLBJxHrEKiEhtzCQu+7vfsHIaPBKUSBcsQ==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
- recipient: age1dwcz3fmp29ju4svy0t0wz4ylhpwlqa8xpw4l7t4gmgqr0ev37qrsfn840l
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4VTRLV3BpYlJqSjVTSzJ2
|
||||||
|
c01XZi9EcWFlOVhONWJUTEV4ViszZ1JadGt3CmttRi96NVVqQm9MdnM0OTZnWmRG
|
||||||
|
WUhlTmNjWWlhNC9Oa29ITDBDRXRlUEkKLS0tIEt4Y2dlNE9BN21YQjBLZ0JmazFS
|
||||||
|
NUVyeW1lQzl0YWY5ZTRNODJWUXBkQk0KzzDHgmAGdc6PwaoMYm1p+vZBREjNVPv2
|
||||||
|
Yi13wXXtWPV1hhHATZKplEeuw5JaalAsGwZeeoKWNBiVUDNXywEFng==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
lastmodified: "2024-12-06T08:50:35Z"
|
||||||
|
mac: ENC[AES256_GCM,data:Tz1EutxDgl2DQgNWNJWap5cwSAgR/Y4EjLUva7qHtXIMWa5jKPKqimY2IQhcsbqYv1zZmm+OnbO+OCIdZRbpnDCk5waBhywQNxNxjGAbv9fo/hbRFg9cm/vwA2BrXk9BR1L+gMcejRyZnnlMwEK+NomBkqAkpDZDlKjE7ebHoz0=,iv:Lk9kE3opD9y4oheETzLOiPn6Z5dLx8JEAuyCaYbkpQ4=,tag:/KtGrq7sGUxfi7BaJObhOQ==,type:str]
|
||||||
|
pgp: []
|
||||||
|
unencrypted_suffix: _unencrypted
|
||||||
|
version: 3.9.1
|
||||||
|
|
@ -6,7 +6,7 @@
|
||||||
}:
|
}:
|
||||||
{
|
{
|
||||||
sops.secrets.internetbs = {
|
sops.secrets.internetbs = {
|
||||||
sopsFile = ../../../.secrets/hetzner/internetbs.yaml; # bring your own password file
|
sopsFile = ../../../.secrets/sgx/internetbs.yaml; # bring your own password file
|
||||||
};
|
};
|
||||||
|
|
||||||
security.acme = {
|
security.acme = {
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue