#2 Move age files to homelab/.sops/
Separate "authors" keys and "deploy" keys. Add features to setup, encrypt, and decrypt scripts: - Validate input arguments - Set age keyfile and recipients dynamically at runtime
This commit is contained in:
parent
383b8b3351
commit
676da8dca3
16
.age-aliases
16
.age-aliases
@ -1,16 +0,0 @@
|
||||
export SOPS_AGE_RECIPIENTS=$(cat .age-pubkeys)
|
||||
export SOPS_AGE_KEY_FILE=$HOME/.age/key
|
||||
|
||||
function enc () {
|
||||
input_file=$1
|
||||
file_extension=${input_file##*.}
|
||||
file_name=${input_file%%.*}
|
||||
output_file="$file_name.enc.$file_extension"
|
||||
|
||||
sops --encrypt --age ${SOPS_AGE_RECIPIENTS} $input_file > $output_file
|
||||
}
|
||||
|
||||
function dec () {
|
||||
sops --decrypt --age ${SOPS_AGE_RECIPIENTS} $1
|
||||
}
|
||||
|
||||
@ -1,10 +0,0 @@
|
||||
#!/bin/bash
|
||||
# Takes one file path as input
|
||||
# Outputs to a new file with `.enc` stripped from the end
|
||||
|
||||
input_file=$1
|
||||
file_extension=${input_file##*.}
|
||||
file_name=${input_file%%.*}
|
||||
output_file="$file_name.enc.$file_extension"
|
||||
|
||||
sops --decrypt --age ${SOPS_AGE_RECIPIENTS} $input_file
|
||||
@ -1,10 +0,0 @@
|
||||
#!/bin/bash
|
||||
# Takes one file path as input
|
||||
# Outputs to a new file named `$1.enc`
|
||||
|
||||
input_file=$1
|
||||
file_extension=${input_file##*.}
|
||||
file_name=${input_file%%.*}
|
||||
output_file="$file_name.enc.$file_extension"
|
||||
|
||||
sops --encrypt --age ${SOPS_AGE_RECIPIENTS} $input_file > $output_file
|
||||
@ -1 +0,0 @@
|
||||
age1zswcq6t5wl8spr3g2wpxhxukjklngcav0vw8py0jnfkqd2jm2ypq53ga00,age13prhyye2jy3ysa6ltnjgkrqtxrxgs0035d86jyn4ltgk3wxtqgrqgav855
|
||||
8
.sops.md
8
.sops.md
@ -1,8 +0,0 @@
|
||||
# Set up SOPS and age to encrypt and decrypt secrets in this repo
|
||||
|
||||
1. Install [sops](https://github.com/getsops/sops/releases)
|
||||
2. Install [age](https://github.com/FiloSottile/age)
|
||||
3. Generate a keypair with age. `mkdir ~/.age; age-keygen -o ~/.age/key`
|
||||
4. Append the publickey to [.age-pubkeys](.age-pubkeys).
|
||||
5. Add the encrypt and decrypt scripts to shell profile.
|
||||
|
||||
1
homelab/.sops/.age-author-pubkeys
Normal file
1
homelab/.sops/.age-author-pubkeys
Normal file
@ -0,0 +1 @@
|
||||
age1zswcq6t5wl8spr3g2wpxhxukjklngcav0vw8py0jnfkqd2jm2ypq53ga00
|
||||
32
homelab/.sops/.age-decrypt.sh
Executable file
32
homelab/.sops/.age-decrypt.sh
Executable file
@ -0,0 +1,32 @@
|
||||
#!/bin/bash
|
||||
# Takes one file path as input
|
||||
# Outputs to a new file with `.enc` stripped from the end
|
||||
|
||||
if [ "$#" -ne 1 ]; then
|
||||
echo "Usage: $0 <file_path>"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
SOPS_AGE_KEY_FILE=$HOME/.age/key
|
||||
if [[ -f $SOPS_AGE_KEY_FILE ]]; then
|
||||
export SOPS_AGE_KEY_FILE=$HOME/.age/key
|
||||
fi
|
||||
|
||||
# Set age directory and default recipients
|
||||
AGE_DIR=$(cd -- "$(dirname -- "${BASH_SOURCE[0]}")" &> /dev/null && pwd)
|
||||
SOPS_AGE_RECIPIENTS="$(<$AGE_DIR/.age-author-pubkeys)"
|
||||
|
||||
# Get host to which input file belongs
|
||||
FILE_PATH=$1
|
||||
HOST_AGE_PUBKEY="$AGE_DIR/../$(realpath -m --relative-to=$AGE_DIR $FILE_PATH | cut -d'/' -f2)/.age-pubkey"
|
||||
|
||||
if [[ -f $HOST_AGE_PUBKEY ]]; then
|
||||
SOPS_AGE_RECIPIENTS="$SOPS_AGE_RECIPIENTS,$(<$HOST_AGE_PUBKEY)"
|
||||
fi
|
||||
|
||||
input_file=$1
|
||||
file_extension=${input_file##*.}
|
||||
file_name=${input_file%%.*}
|
||||
output_file="$file_name.enc.$file_extension"
|
||||
|
||||
sops --decrypt --age ${SOPS_AGE_RECIPIENTS} $input_file
|
||||
26
homelab/.sops/.age-encrypt.sh
Executable file
26
homelab/.sops/.age-encrypt.sh
Executable file
@ -0,0 +1,26 @@
|
||||
#!/bin/bash
|
||||
# Takes one file path as input
|
||||
# Outputs to a new file named `$1.enc`
|
||||
|
||||
if [ "$#" -ne 1 ]; then
|
||||
echo "Usage: $0 <file_path>"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Set age directory and default recipients
|
||||
AGE_DIR=$(cd -- "$(dirname -- "${BASH_SOURCE[0]}")" &> /dev/null && pwd)
|
||||
SOPS_AGE_RECIPIENTS="$(<$AGE_DIR/.age-author-pubkeys)"
|
||||
|
||||
# Get host to which input file belongs
|
||||
FILE_PATH=$1
|
||||
HOST_AGE_PUBKEY="$AGE_DIR/../$(realpath -m --relative-to=$AGE_DIR $FILE_PATH | cut -d'/' -f2)/.age-pubkey"
|
||||
|
||||
if [[ -f $HOST_AGE_PUBKEY ]]; then
|
||||
SOPS_AGE_RECIPIENTS="$SOPS_AGE_RECIPIENTS,$(<$HOST_AGE_PUBKEY)"
|
||||
fi
|
||||
|
||||
FILE_EXT=${FILE_PATH##*.}
|
||||
FILE_NAME=${FILE_PATH%%.*}
|
||||
OUTPUT_FILE="$FILE_NAME.enc.$FILE_EXT"
|
||||
|
||||
sops --encrypt --age ${SOPS_AGE_RECIPIENTS} $FILE_PATH > $OUTPUT_FILE
|
||||
27
homelab/.sops/.age-setup.sh
Normal file
27
homelab/.sops/.age-setup.sh
Normal file
@ -0,0 +1,27 @@
|
||||
AGE_DIR=$(cd -- "$(dirname -- "${BASH_SOURCE[0]}")" &> /dev/null && pwd)
|
||||
|
||||
# Check for existing private key
|
||||
if ! [[ -f ~/.age/key ]]; then
|
||||
mkdir -p $HOME/.age
|
||||
age-keygen -o $HOME/.age/key > $AGE_DIR/../$HOSTNAME/.age-pubkey
|
||||
echo "Pubkey added to $AGE_DIR/.age-pubkeys"
|
||||
echo "Remember to add, commit, push, the new key, and then re-encrypt all secrets for the new pubkey list."
|
||||
fi
|
||||
|
||||
# Configure private key path, and pubkey list env vars.
|
||||
export SOPS_AGE_KEY_FILE=$HOME/.age/key
|
||||
#echo 'export SOPS_AGE_RECIPIENTS=$(cat $AGE_DIR/.age-pubkeys)' >> $HOME/.bashrc
|
||||
#echo 'export SOPS_AGE_KEY_FILE=$HOME/.age/key' >> $HOME/.bashrc
|
||||
|
||||
alias enc="$AGE_DIR/.age-encrypt.sh"
|
||||
alias dec="$AGE_DIR/.age-decrypt.sh"
|
||||
|
||||
# Configure the git filters
|
||||
# git config --local filter.sops.smudge $AGE_DIR/.age-decrypt.sh
|
||||
# git config --local filter.sops.clean $AGE_DIR/.age-encrypt.sh
|
||||
# git config --local filter.sops.required true
|
||||
|
||||
AGE_DIR=$(cd -- "$(dirname -- "${BASH_SOURCE[0]}")" &> /dev/null && pwd)
|
||||
|
||||
HOST_AGE_PUBKEY="$(realpath -m --relative-to=$AGE_DIR $FILE_PATH | cut -d'/' -f2)/.age-pubkey"
|
||||
SOPS_AGE_RECIPIENTS="$(echo $HOST_AGE_PUBKEY)"
|
||||
5
homelab/.sops/.sops.md
Normal file
5
homelab/.sops/.sops.md
Normal file
@ -0,0 +1,5 @@
|
||||
# Set up SOPS and age to encrypt and decrypt secrets in this repo
|
||||
|
||||
1. Install [sops](https://github.com/getsops/sops/releases).
|
||||
2. Install [age](https://github.com/FiloSottile/age).
|
||||
3. Run the [setup script](.age-setup.sh).
|
||||
1
homelab/dungeon-master/.age-pubkey
Normal file
1
homelab/dungeon-master/.age-pubkey
Normal file
@ -0,0 +1 @@
|
||||
age1zswcq6t5wl8spr3g2wpxhxukjklngcav0vw8py0jnfkqd2jm2ypq53ga00
|
||||
1
homelab/fighter/.age-pubkey
Normal file
1
homelab/fighter/.age-pubkey
Normal file
@ -0,0 +1 @@
|
||||
age13prhyye2jy3ysa6ltnjgkrqtxrxgs0035d86jyn4ltgk3wxtqgrqgav855
|
||||
@ -1,18 +1,18 @@
|
||||
keycloak_KC_DB_PASSWORD=ENC[AES256_GCM,data:Sa6/qn+gFQx+gthxrXpb9zpbSIqTyFh3lWy3uVdycR4xKw==,iv:hf/5wLeB6gYvN/GEKIlxSpQsYMovXobcEUkakhQP+eA=,tag:Sbz1jsEt9HvDvy+HcVw0Wg==,type:str]
|
||||
keycloak_DB_PASS=ENC[AES256_GCM,data:Pq0TO3aRxHVTs/216Q3YaJWRLbcYpuATWcyOtmtY5/EOAQ==,iv:sTEr5DnfCHGSCCybqskTNtI0M3V5IO1faAOROuRWo20=,tag:cdBcRfCtO4NriGwe7Yn1Vg==,type:str]
|
||||
keycloak_KEYCLOAK_ADMIN_PASSWORD=ENC[AES256_GCM,data:YZ4i8dpMwqJFOZKPBuQWw3YzthKVndIQvw5O4JmMocgkRMn2COAR6wTR32gN2tv+I8eO+Ke0U4mP3uxaNESx+86s,iv:7hLH9Qir1Q9c0xEvKEnKFx+mshku38iDaEsG227Fzps=,tag:RS7JNAw8FHiARmfwMrpT/Q==,type:str]
|
||||
forwardauth_CLIENT_SECRET=ENC[AES256_GCM,data:URHSO4KgdcSEsCQL1fiBVm+89U1H3DHSnsaJQswuQfIpMw==,iv:+IdIadL82TIutr2ffqPRtkF2SwL2WShJxB1XGgvefsU=,tag:5lJMLwZJxK4ldYBAavw3Dg==,type:str]
|
||||
forwardauth_SECRET=ENC[AES256_GCM,data:Kz5lvloDt45XBiwLTRGEtuz37vZu+3XmvhPuDtaDNjzmXbPrZt92x6HObcAzVvGmf95yOO+DXE1Z6FmENTVhywsW,iv:XRETk6CTv4EWtwqjfbbcvU1aflxPrZBViT55HY4hD10=,tag:dL5AsoXHa3+XZPa9Qf502Q==,type:str]
|
||||
forwardauth_ENCRYPTION_KEY=ENC[AES256_GCM,data:Fri2u0iO/GyI8vuJbjUI75A1CF/b4jJ224W8ZdWblrPhLA==,iv:+zbc2KuRw32x/uxlkRdCXtPgaRcXX5CNFvlmB9Wifoc=,tag:1NxvfUk3hkSCiL2lAnxK4w==,type:str]
|
||||
forwardauthprivileged_CLIENT_SECRET=ENC[AES256_GCM,data:E8CmrjhoAa+ByZW/GN2CR72YbRLMpPwtcrCuqkkPtQoaxg==,iv:a6gZ9lJuG+9QUt7cfp/EKQk8rIE9JivtGM5ryk5VLEo=,tag:r2Y/sDCbUmmRtMMrBi1KVA==,type:str]
|
||||
forwardauthprivileged_SECRET=ENC[AES256_GCM,data:vd0HwADInp+HRVXc4v7x9aP3usN2Q5ZCU2ro5ucm3OPWQ1uNIHgIYgquhaSitLSEVmA=,iv:jO83wNiUXgtTPIcgsdFMynG8bVCUB+1Z/ignoaNnYe4=,tag:X1X6ERgYp1tImaIIfNhFyA==,type:str]
|
||||
forwardauthprivileged_ENCRYPTION_KEY=ENC[AES256_GCM,data:mrkngv5W5PcB14tS3XqRcbqsNGuzKOaTqi8ZFu7kLL9m6A==,iv:w4E/MSq87im3EqMD//5/Bex6ktUQlnKZLC9NyMWQ48U=,tag:t/TTL4/CSPF7WhVGslAxgQ==,type:str]
|
||||
postgres_POSTGRES_PASSWORD=ENC[AES256_GCM,data:2eMWJK8LR1yNed8vardojB2+Xbl0u53mbr3MWxEZRy3IdA==,iv:MpV3yFfv/GRjP4r0hSuBBsApLW0lznDA0Rbm1Bokeps=,tag:RhGhTkR+O3up8+Cr440LSA==,type:str]
|
||||
sops_age__list_0__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1RGtUaUtlMVFORDBKU1JQ\nZUJSeXZ1aWhsZndwU2pDWktxY0lzb3lEQmpvCkV1Zk4rZVpFcXNITHNDemx4alIy\nQVJjZDE5Z0xhVU5hV05ydm1PR0Q1a0EKLS0tIDFnT3NpWGhPWW9MZ0xsbzZERmR2\nZjA2Zk92REhhUDlBTjk5VUw4Y1lKTnMKMNpzaYpazx0MeaDR931sPNG043OLHczz\nKB42qQe91dZ8xsxCR2j4Rv9R8iHljlexPEbdYdTXZB4qyoJcPfOzPw==\n-----END AGE ENCRYPTED FILE-----\n
|
||||
keycloak_KC_DB_PASSWORD=ENC[AES256_GCM,data:TNkK8sncew8xH413tJM0Cgwz/gwx7iaF0Gz5j+WmLA+L5g==,iv:DxTn795Mj+bK1kJFIvVtrc2sgNSgpdlgD2EUkkEqhbo=,tag:HhbVITHiDCKCoMnBfyiykA==,type:str]
|
||||
keycloak_DB_PASS=ENC[AES256_GCM,data:fnZzDKwci6PVHcJ40LPSBLhpxSp1A7lOsQ3XDwHCsk3NBw==,iv:AopariZfYuaADhiuRybTSpRdawIEGDcI9SlLmUTfnP0=,tag:Tk9hzbsvD2fb7G63JOT2gw==,type:str]
|
||||
keycloak_KEYCLOAK_ADMIN_PASSWORD=ENC[AES256_GCM,data:HOUdm8NS89P+DKNf059ZQmJBtlOabqKephWWLYtItjOAiRmtn5hpSZETRfQecMwvwbfHp6xVweffYl70OS0nBIcf,iv:o4+zpBtUtIlyQFjnBfjTrJf43RDYmr2WgARvHrRMxpA=,tag:+YiHAz5AtAwbXstbfn842Q==,type:str]
|
||||
forwardauth_CLIENT_SECRET=ENC[AES256_GCM,data:QgEBtdNL0xGi2ms52uERGEOlssudN+KyfjURCBePICv9DA==,iv:9DS2X8T0gjBSu/bwmHhnSx5EarHeIXC4aglrN7rKh/Y=,tag:8vyfeKNsbHpqAei65qv70w==,type:str]
|
||||
forwardauth_SECRET=ENC[AES256_GCM,data:6f+V4UWT2zl7tNMFd+VR5PFWr2V1c81QDwvsGPwNWwiihmF3SyMOVDq+6l+z4nZVRbnmAi0ytsbBaNRQZSrp8Zlk,iv:0NPpZ+lOIsQXb7wdRgx+2N43nx539chNyik1YtpY8m8=,tag:0lJsf2JqUBEaaD/PxJWuUg==,type:str]
|
||||
forwardauth_ENCRYPTION_KEY=ENC[AES256_GCM,data:d/lETqW1XEEH/m7yJnh1odq/j9ApJCNxg/MTs0bTh1WFuw==,iv:2h3HcHvs37YdAnjTktn8YhJEz6m1YK6FybrahnKMKsQ=,tag:MORJ/JK7zrEaPU0BXgGq2Q==,type:str]
|
||||
forwardauthprivileged_CLIENT_SECRET=ENC[AES256_GCM,data:AVW0r+QNYfId7M7GUpl6+hLXkynjK5YGAIQaaDiklfayrQ==,iv:X5WlRiU9BHOALrXLovz4UZDdfcBZw+CEmG8ESKLcqs8=,tag:Z6IK/2fzz1d827JYB7uEyA==,type:str]
|
||||
forwardauthprivileged_SECRET=ENC[AES256_GCM,data:zvxpyLKrQF//Hrl1dltGfmhvd40mLBsmWlmqi4fo+WRrocOIaCXSc3/gWqX3ZhWaaFw=,iv:M1T+eMtSqxbXo6A43pOljXw401dkWnsVbZKLoYK4IAc=,tag:K8WpbXTP3hzFo958dv0s6Q==,type:str]
|
||||
forwardauthprivileged_ENCRYPTION_KEY=ENC[AES256_GCM,data:kqQAXMLyOdCwl/1gnaholcMMpX1ZrTjlQre/M14E8jv2eg==,iv:/yxGmhJFBT1dLi3445+b1WAeKpgIBZ1uZR0M4HXP2do=,tag:E3QcK1Ardkg7TUadaYmOGQ==,type:str]
|
||||
postgres_POSTGRES_PASSWORD=ENC[AES256_GCM,data:tD21MCx1PuS2Q0zyqtHb8UljXLNRAW0kPfwwkn24jdmt2Q==,iv:4WFIL4kRs6/SHjC/ZlbynK3X2hMfuhLMBrall63u3CI=,tag:o5d5f8LaCiXWyO8PWReO4g==,type:str]
|
||||
sops_age__list_0__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBaeVdQQjhyVks3SjY5bmNI\nUzE1RXg1UEpLWUk3VGlseXAwTTg2TXVZWlVzCjcyczdrM0JmRUVhWlRvVHJORHRR\nTGJRWGIzN2RPM2F1K0pjVTRhZmI4REEKLS0tIE93UzZ6QnVjaUVwUnhmUkRaRTdB\nT0FnTHo2eXZZcndVSno5K2hLelM5NGcKuhmmsrKXnyjtuvG982jzs1AxVGnLNMrV\nc8lChL6tqTPSV5R/AJqYzHFqP/ul0XTMNqGV+UMQepdPYR3keC+F+Q==\n-----END AGE ENCRYPTED FILE-----\n
|
||||
sops_age__list_0__map_recipient=age1zswcq6t5wl8spr3g2wpxhxukjklngcav0vw8py0jnfkqd2jm2ypq53ga00
|
||||
sops_age__list_1__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBieVlsTmZSdGxidmlYRTJv\nQnVxLzh5bkp4bnpibE5RdEx1WEFtRWYrVWswCnJSaDJuV1YxRGtoaFptVUZhOUY2\nY0cxZlpKRmhteXF3RUw4S0RRa1RHM2MKLS0tIDhQOG5sNkFDL3hpQWJ5dFRpdEhO\nRk8xa2wrV1ZBRnB1VVdYcUdoeXlmMDAKa3LSvmSIIYdPLuUwy/Z+a+piiY3C1+ot\n76gYAhe6fTPkwk2479dQ2PyD2m4zuIxprsAHdRFuBhG5BvkVnG2mpw==\n-----END AGE ENCRYPTED FILE-----\n
|
||||
sops_age__list_1__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNS3JwN0ZOV0hjSDBCL1Fx\nazlmdnhMSm1HNXliMFd1aWtSV280aTRtOWxvCm8yZVpya0toTHZONW0yZ0xSeHNX\nd0tvYTVTWTdGRzZvd2plaVVIMzZYRlEKLS0tIDYxbmVENnp3eW9qUnpycG5ROWNm\nNjZSRE9meElMZzFRcEhLNVd5c0c2aHcKxYQH9Pfm6n9dh0EtpfWrvtwBBndXjndS\nlmoZ4fwu+/PV5bz41lk/GJu9se3haRjpXoI6jfdApIhyIuyKNpOlaA==\n-----END AGE ENCRYPTED FILE-----\n
|
||||
sops_age__list_1__map_recipient=age13prhyye2jy3ysa6ltnjgkrqtxrxgs0035d86jyn4ltgk3wxtqgrqgav855
|
||||
sops_lastmodified=2024-08-14T07:04:27Z
|
||||
sops_mac=ENC[AES256_GCM,data:CW8Jl6siqoaAkJaXW26x7LC7jqKW3yaLd9995F/pAJQCqJrpbrx+bJnFtukPFlH3LV9hvX5Hc2FASu9UXR6xbJ4Q8rzd6Yy1L0LhNy2cwl3m/qzvpYCrDViSX17V6AFp0cmbPN+qUsInsgqP4UhWNU8Qm7hfaBtzMyNGzSIva9k=,iv:PxOMsYbwQQ004e1ael6cqbicCpan6wZYfPQ8rRUx6us=,tag:VArxq+lteHYY7J8mRWgKHA==,type:str]
|
||||
sops_lastmodified=2024-08-14T19:11:07Z
|
||||
sops_mac=ENC[AES256_GCM,data:KSg9SbhFiHldI17UFK1mcOAeK6+nkE2lDphj4cBSE+ckc81KTP4nYSLRhnetcfbmOEBFY8YvxizPgoJxhh0Tpet2qBsxW3ZoHelFsqq138EYpFOKkY6wlf8tXDrHHLHxE1+ba3jBPYT9me3YtRBEPZukvAFZlKOb2hnytuzG5KI=,iv:E00Uc+BXR5HEoOaURBAKO5l0WU93TsipPCRUyZenSJ0=,tag:4TwB7qW09U98jw6Dn/iIsg==,type:str]
|
||||
sops_unencrypted_suffix=_unencrypted
|
||||
sops_version=3.9.0
|
||||
sops_version=3.9.0
|
||||
|
||||
@ -17,17 +17,11 @@ services:
|
||||
- ./config:/config
|
||||
- $DOCKER_DATA/acme.json:/acme.json
|
||||
- $DOCKER_DATA/acme-dns01.json:/acme-dns01.json
|
||||
secrets:
|
||||
- cloudflare_token
|
||||
environment:
|
||||
- CF_DNS_API_TOKEN=/run/secrets/cloudflare_token
|
||||
- CF_DNS_API_TOKEN=${traefik_CF_DNS_API_TOKEN}
|
||||
|
||||
networks:
|
||||
web:
|
||||
external: true
|
||||
monitoring:
|
||||
external: true
|
||||
|
||||
secrets:
|
||||
cloudflare_token:
|
||||
file: ./cloudflare_secret.txt
|
||||
9
homelab/fighter/config/traefik/secrets.enc.env
Normal file
9
homelab/fighter/config/traefik/secrets.enc.env
Normal file
@ -0,0 +1,9 @@
|
||||
traefik_CF_DNS_API_TOKEN=ENC[AES256_GCM,data:3kMrXC7zZwxpgPIYg3xTpC61EDkN/xO3R1Cc/b9bSoB4LMBOSUS+Kq/j,iv:uA/2dsEN6pLTRpG/IGKg2qd8TDWsXRAAZzW6i5ppG5s=,tag:CqjOOqrkhrB+9ALFRdJlkw==,type:str]
|
||||
sops_age__list_0__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBFZFVudjZpUGZjSGovWVp3\nMUt1UGlhNXhPQitSMjBaTVBCL2gvbWNoN3h3CllMc2ZndURYbkdzdHhaMWxDMFJ2\nN2F3Y0JFSzNrN2hKeGZobURFYXpHTm8KLS0tIFloV0NsMGlaTlNWQ0lhUUZhNWJN\ndmVac1hzWTZFa3lBb2VhREtsRHA2WEkKiqWViJQ2+RpXgSYfvbrPlH1ir2GQnNkA\nsNCKMKzB6JRU6w1aNZXBeiDBMacXS2rT70awKUYKfzx3t6PCrV8ouA==\n-----END AGE ENCRYPTED FILE-----\n
|
||||
sops_age__list_0__map_recipient=age1zswcq6t5wl8spr3g2wpxhxukjklngcav0vw8py0jnfkqd2jm2ypq53ga00
|
||||
sops_age__list_1__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtMGtKaHdzdnE1NldoZ0x5\neUExZy9aYjUzQWxXWE90VWxQYzZsNXpZY1c0CnlXbXdybmhDeDV4MWJTaFZibmRi\nTmxZbGNrbWo5RHdkL2xoemxERFQ2NmMKLS0tIGd0ZVR6U0h3WUc3bHhxZmlWWC95\nZUtZWG9vV0pZVDVQUkpyenMxaXgzL1UKOQl6FtqQUOTmbl/u6zJ6cGe9a/wdgx1K\n6ajpK5SarfYYrfQRNnZvM8zbsNP/SxLBBLIWXRZq8wFL4u1sPWYKaw==\n-----END AGE ENCRYPTED FILE-----\n
|
||||
sops_age__list_1__map_recipient=age13prhyye2jy3ysa6ltnjgkrqtxrxgs0035d86jyn4ltgk3wxtqgrqgav855
|
||||
sops_lastmodified=2024-08-14T21:18:27Z
|
||||
sops_mac=ENC[AES256_GCM,data:KA6D7PwVb/pA5b+yQRuGA1l8ohjFaI7cTOatoneRt6Z2+/B5wVZYiBb0gJxN2Kh4pfGlvwL477sceiGRkwn85E4Oz2oobzkt4By0qeo4uqRyfcse7ukSvQvGxAflg/pX8qahcEn5Z58OG2Vvfx0ocCBp6kcMLrKD7QLQ0ffk7Mg=,iv:Mg4ACF/IabibtULkPuQoLvAnH/Sbp2H6ayxYpddlxoY=,tag:gpq2bAgHojNzCR1718VsDg==,type:str]
|
||||
sops_unencrypted_suffix=_unencrypted
|
||||
sops_version=3.9.0
|
||||
Loading…
x
Reference in New Issue
Block a user