diff --git a/homelab/fighter/config/keycloak/secrets.env b/homelab/fighter/config/keycloak/secrets.env deleted file mode 100644 index 120d18ca..00000000 --- a/homelab/fighter/config/keycloak/secrets.env +++ /dev/null @@ -1,67 +0,0 @@ -{ - "keycloak_KC_DB_PASSWORD": "ENC[AES256_GCM,data:e28T/sMNA+/JBJaPs1k5oPVY/v0T7o/tNhgHu8WM+qW5PA==,iv:nyluRzkYCp+ODItqbRhDFOwHd7M5/VPfm8fCOWKUBIY=,tag:iFROqs6qnSgj00dXwHs2jQ==,type:str]", - "keycloak_DB_PASS": "ENC[AES256_GCM,data:YKL3HPWnN/8cHJxYcUgOrve4G9zLNbjT3093KoAqdh+fYg==,iv:rfmGcLEhOGek+fC/6f9i1QKEP3F9eVkUCFmSZZHtBUU=,tag:vZiMfTWqeDobeTc6+EVlQQ==,type:str]", - "keycloak_KEYCLOAK_ADMIN_PASSWORD": "ENC[AES256_GCM,data:5P1R/Jjy9JhAP6/V3G6B9nMmQZtFehXTOfTX3AEBKO8DAoYmq9hBogxbnJLtLbliFieLIidVl+HxzJJHafmX4eIm,iv:T7X3nUdgAu+62I6eDV7CPh8o8K1MJnDLWw1onnfgMc4=,tag:vNoYf41d5CL0zW3N9IYhAw==,type:str]", - "forwardauth_CLIENT_SECRET": "ENC[AES256_GCM,data:QxhkUacqMvLD16FvtTOBgwrFs9m2dBMtRDrJ9LfdTRHOsw==,iv:FzZuEXrV9xU3EJX1TRnDk+VJvrMCkB8z9/FZmp/Oh8M=,tag:fCPDbhURSBvnUaBt1Tvvvw==,type:str]", - "forwardauth_SECRET": "ENC[AES256_GCM,data:cv0CL5Bw3bnrPpnSDFuvAT1gmOgFMi6cHyXaP6L3RqDSPsqUi8MPpzqXxaJp8v/T2BgouNplCxnfAZcQu4X/vCOr,iv:qV9QaiuLpy94jdoYW6nzKYpsUAm1n2LW6JUbHvUmfDA=,tag:OGV80rTsDWzLic5wd4mRgg==,type:str]", - "forwardauth_ENCRYPTION_KEY": "ENC[AES256_GCM,data:LMfZTPEfsaA4FXkiU1iqpqMHvFpMOLSVKBQnBV4bHMH4Yw==,iv:TKywi8L+McgdhQY0AMvpD026gQXHfdxQdij4Wrw8Oxc=,tag:/M6X4oFVer8FExowiLWYuA==,type:str]", - "forwardauthprivileged_CLIENT_SECRET": "ENC[AES256_GCM,data:3JlFFTGdOXvm2qA5pzP/eGqlACnj3GbRAgHXnMZw2VVyvQ==,iv:+BGld+0Ew/yd8c3abFRy4N1a1OXXtRSo3nnXDktZDRI=,tag:E5F55FjEEEdt8qrT2qPKWQ==,type:str]", - "forwardauthprivileged_SECRET": "ENC[AES256_GCM,data:q+voCw9ANwAiXBcZ/2AphwhHyvsQEqo6W2fhPZcRrn0O2TekWAtdcbtixZtMRQsy4PM=,iv:QRaTcFCi/hyu/IkdIxOCTlSs7XsRcZDUWvn2vZBHThQ=,tag:ll7WqvCj5hBazF1gtbl3eA==,type:str]", - "forwardauthprivileged_ENCRYPTION_KEY": "ENC[AES256_GCM,data:go5ZqEBH6HCz+xZG5K4GX5fYxSBBsTVnzkbfxjOxBJHi/A==,iv:T1lAU3xqcw8h0++NoTl51arhzmU+8bqjrmF4EF1P9h8=,tag:ATygRQ/no0WOFqVgB0C9EA==,type:str]", - "postgres_POSTGRES_PASSWORD": "ENC[AES256_GCM,data:yMdlO+2YhJbDBkgQ0ZNbrHFv+OETY7/EjS/72dozpGsiPQ==,iv:GX+p/t1llArVDSFjmnHhUaUo4wMAIdFjpPDs6C4tJOo=,tag:wQAbOri9AKFZhn2Vg1yGzg==,type:str]", - "sops": { - "shamir_threshold": 2, - "key_groups": [ - { - "hc_vault": null, - "age": [ - { - "recipient": "age1zswcq6t5wl8spr3g2wpxhxukjklngcav0vw8py0jnfkqd2jm2ypq53ga00", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBubU9xWlJxc2srZWp5OUd5\nNXdSbGVRd3lZRi9JT2pNdlRSRG4yYXlISm5JCjVHOEFkbnFOM2xmUldQdnRsc0l3\nVnR3Y2hHd2ZIU0FabkI0a0F3QnlPRlUKLS0tIDBWRWZydEhaTiszMEJVaWdPbk5D\namRLSlpFTjBZUWN1WGlVdmFieWVJOVkK4wUkuAtCbCZnhT41i6YZ6vXlgBGWLp7y\nGsiqsnUoFGrwdueCU5rJzstx++euyl8zpcVBo1tGDkkelmpamS5AVwg=\n-----END AGE ENCRYPTED FILE-----\n" - } - ] - }, - { - "hc_vault": null, - "age": [ - { - "recipient": "age1zswcq6t5wl8spr3g2wpxhxukjklngcav0vw8py0jnfkqd2jm2ypq53ga00", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkNWFTRDBNSWZ1RUk2VUV4\ndE9OUVh0TXBRdFdPRDNUTTJNbHNYU3JCelE4CkVvUFJvaVE0OU1GemRnYUV4cHFo\nN2MvRWJTKzJ6cExjS2JQREE0WGlTVTgKLS0tIEVNZmxoQi8yS05ncXNhUWkzTUxS\nZ1gzWVBtUjZOY2Y3OGxGUmhCbkJJYUEK7CqtUbmCeLOizi7OAx+oZcsoVZjmorvU\nE9Dx5+YqLIYwFcDWNbI5T1bdOXTaDQeBIvsyvjNlmp65CczZyQOnCTU=\n-----END AGE ENCRYPTED FILE-----\n" - } - ] - }, - { - "hc_vault": null, - "age": [ - { - "recipient": "age193t908fjxl8ekl77p5xqnpj4xmw3y0khvyzlrw22hdzjduk6l53q05spq3", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkbXRhZ0FpWEhLYXV4cHI3\nL0VVVkYzMXJqWjlkUS9UTE92TlZmVHdLcW13CkY4ZWNRSUIxK1RPV05SSXk1MUJy\nRnlnQm1kQVVLUjgxa2ZwdkliVVMzN0kKLS0tIEJrazZwY3UyQk1vcnJUNUx0Nyt2\nR2tvQ3RoVUlXQmcwWjZrY3BPTHRRRVEKqe5Nh9EuT6ig0x9BLPbRWWyIHnEFNTQc\nOhmupIcx5vkAX5D5dOaGcDivP3kZwdGKBAjrz64X1RWONRM/qlxH1AY=\n-----END AGE ENCRYPTED FILE-----\n" - } - ] - }, - { - "hc_vault": null, - "age": [ - { - "recipient": "age13prhyye2jy3ysa6ltnjgkrqtxrxgs0035d86jyn4ltgk3wxtqgrqgav855", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBFNlFNdnJIeVZiZjB1VUxm\ncnhtcmxmN1NxRFpUaW5yTkVkbVhpcFNJc1FFCnJacldBTmxBZVpyTVAwcEo0MnVK\nZmhrbS9sWThhSTF0bWVLWC9IZzBiZHMKLS0tIHNEL3Vwdm9kN0RtbkMzUk1YK1VO\nSjZJbTZ2OEFvNmtTdW1HNmdKSDU2UG8KXsLtrdxvR58s5tCr8GU+m7PBq5hneZ6E\naO6tXvb2sTUvJEgBxGvwwQ5fZKpkC3yrTDJscF4V+ywqMTwix+9Zp7A=\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age1n20krynrj75jqfy2muvhrygvzd4ee8ngamljqavsrk033zwx0ses2tdtfe", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBiaUs4TUZ0ZHZNc2l0aGJY\neUdhU2dqYVIzMXhvQ29xWFRXMklMV3hvaUM4Cm1LUGxEYnBCaDZYdlptK3lJRlJU\nZzN1QVRwbHVVVEQ1S0xKcnNOeUUyUU0KLS0tIFJRaTR2ZVVZUy9WOFVEaFo0TXo4\nNTk2RkRmTkozR3dqd21hNk42M3FZeEUKOdovxyHLExBe+ujEJa4JPRJPn9CjeQRd\noxPrdsPO6RexnZDXCoAa/52g9bunC059gZdbS8yxpg/3CXGQ3uKrtPo=\n-----END AGE ENCRYPTED FILE-----\n" - } - ] - } - ], - "kms": null, - "gcp_kms": null, - "azure_kv": null, - "hc_vault": null, - "age": null, - "lastmodified": "2024-08-29T21:23:06Z", - "mac": "ENC[AES256_GCM,data:OUCe0ZI4W538v+v9cZ+K7e94kqP+/NSSPbhVKLBXaAcrRKbjEXv5m0aNwBricCE2MBZRSC180mMgDflKK9t0vDG81a/S3tJWklOyeRth9nhzr5QoLPLs6Ha91tHcmhaRWtG9xqxYYX916FPY+bxeZmplFZQJKqyPWAFm9qs3xqE=,iv:17NEPi/X6dHkek/8t4qz7aTJKmCNwXVBfnyGMcd58rg=,tag:UWZWvbQo/Dy98ojsGiLvXQ==,type:str]", - "pgp": null, - "unencrypted_suffix": "_unencrypted", - "version": "3.9.0" - } -} \ No newline at end of file diff --git a/homelab/fighter/config/keycloak/.env b/homelab/stacks/keycloak/.env similarity index 100% rename from homelab/fighter/config/keycloak/.env rename to homelab/stacks/keycloak/.env diff --git a/homelab/fighter/config/keycloak/README.md b/homelab/stacks/keycloak/README.md similarity index 100% rename from homelab/fighter/config/keycloak/README.md rename to homelab/stacks/keycloak/README.md diff --git a/homelab/fighter/config/keycloak/docker-compose.yml b/homelab/stacks/keycloak/docker-compose.yml similarity index 82% rename from homelab/fighter/config/keycloak/docker-compose.yml rename to homelab/stacks/keycloak/docker-compose.yml index 0d873f97..723345d4 100644 --- a/homelab/fighter/config/keycloak/docker-compose.yml +++ b/homelab/stacks/keycloak/docker-compose.yml @@ -1,4 +1,3 @@ - services: keycloak: image: quay.io/keycloak/keycloak:latest @@ -23,9 +22,9 @@ services: KC_HEALTH_ENABLED: true KC_METRICS_ENABLED: true KEYCLOAK_ADMIN: Jafner - KC_DB_PASSWORD: ${keycloak_KC_DB_PASSWORD} - DB_PASS: ${keycloak_DB_PASS} - KEYCLOAK_ADMIN_PASSWORD: ${keycloak_KEYCLOAK_ADMIN_PASSWORD} + env_file: + - path: ./keycloak.secrets + required: true labels: traefik.http.routers.keycloak.rule: Host(`keycloak.jafner.net`) traefik.http.routers.keycloak.tls.certresolver: lets-encrypt @@ -41,7 +40,7 @@ services: web: aliases: - forwardauth - restart: "no" + restart: "always" command: "./traefik-forward-auth" depends_on: - keycloak @@ -49,9 +48,9 @@ services: PROVIDER_URI: "https://keycloak.jafner.net/realms/Jafner.net" CLIENT_ID: "traefik-forward-auth" LOG_LEVEL: "debug" - CLIENT_SECRET: ${forwardauth_CLIENT_SECRET} - SECRET: ${forwardauth_SECRET} - ENCRYPTION_KEY: ${forwardauth_ENCRYPTION_KEY} + env_file: + - path: ./forwardauth.secrets + required: true labels: - "traefik.enable=false" - "traefik.http.routers.forwardauth.rule=Path(`/_oauth`)" @@ -64,7 +63,7 @@ services: web: aliases: - forwardauth-privileged - restart: "no" + restart: "always" command: "./traefik-forward-auth --whitelist=jafner425@gmail.com" depends_on: - keycloak @@ -72,9 +71,9 @@ services: PROVIDER_URI: "https://keycloak.jafner.net/realms/Jafner.net" CLIENT_ID: "traefik-forward-auth-privileged" LOG_LEVEL: "debug" - CLIENT_SECRET: ${forwardauthprivileged_CLIENT_SECRET} - SECRET: ${forwardauthprivileged_SECRET} - ENCRYPTION_KEY: ${forwardauthprivileged_ENCRYPTION_KEY} + env_file: + - path: ./forwardauth-privileged.secrets + required: true labels: - "traefik.enable=false" - "traefik.http.routers.forwardauth-privileged.rule=Path(`/_oauth`)" @@ -88,7 +87,9 @@ services: environment: POSTGRES_DB: keycloak POSTGRES_USER: keycloak - POSTGRES_PASSWORD: ${postgres_POSTGRES_PASSWORD} + env_file: + - path: ./postgres.secrets + required: true volumes: - postgres_data:/var/lib/postgresql/data diff --git a/homelab/stacks/keycloak/forwardauth-privileged.secrets b/homelab/stacks/keycloak/forwardauth-privileged.secrets new file mode 100644 index 00000000..83b43b3e --- /dev/null +++ b/homelab/stacks/keycloak/forwardauth-privileged.secrets @@ -0,0 +1,58 @@ +{ + "data": "ENC[AES256_GCM,data:jpguP28Vxd2gIgnCjoo1x78iyYfejg+EBrp3ji+PHZfQD8iqwCyswBYNnLlssPSOeOCjubp6DA1ujcwGed+a8dkXjufme1QCTfmo2BrFfXIKmcnl8YqbOf4Jxn5pK2IUNvKjwVoG9/MmDrXS5zdsl0RGaGdSPHZWbCeeVful6GHuBAxNotPk3ZlW9N9MrRZ9iD6X18cM,iv:z07y+Fz86lR81A/L9jLshkKds0seHiBN3UTnFbaF8SA=,tag:pX5ayIPNWp114sZE6oae+w==,type:str]", + "sops": { + "shamir_threshold": 2, + "key_groups": [ + { + "hc_vault": null, + "age": [ + { + "recipient": "age1zswcq6t5wl8spr3g2wpxhxukjklngcav0vw8py0jnfkqd2jm2ypq53ga00", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBMaWdXZjRkREc4eDJHaHl6\ncksvWDdZMkxZcTFLL0dUbDNDSUFhY1llTlVBCkUvSDduV3FJYk5udWhYVEFlTUJo\nVnBkTzJDeWFCYTVGZUIwMkdWM2cydTgKLS0tIEd0M3d2bnlpRkhFcHhLZStjUFNE\nLzY1bmVEblBUcXlLTnh4TWlFbUN2cE0K8HwwAiDS+7oZ+f1HaZXAyKI2ow4LFC6L\np7YqBrdvHBFhe/g4Tt/nV9RNzYS/AUq3xuSX2eBS76LVNvyRZGfePh0=\n-----END AGE ENCRYPTED FILE-----\n" + } + ] + }, + { + "hc_vault": null, + "age": [ + { + "recipient": "age1zswcq6t5wl8spr3g2wpxhxukjklngcav0vw8py0jnfkqd2jm2ypq53ga00", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBlWjJGRU1zQjRoN0tnMUxt\nTWd3aHNIcFdwZWFWZVNLRU42TmVQZUhyWTFzCjBuZytJMlBQaDhtWTNQVXhTbjA3\nVlczSmhtS3F3WjhhOFZTUTR2SFVERDgKLS0tICtzOVFpUDkvaEtPdSszN2FFZnJW\nWUVSa0Q1TFJUUEs4cFJVUFBCeXMzVUkKWij6wB2LntxLxRsurqjGZx7Yzk4B2meI\nctxz5gHGkfL4psY+snRx4IOtry2Hd9uQLVCxLDDiST6zFDG6KE29IMg=\n-----END AGE ENCRYPTED FILE-----\n" + } + ] + }, + { + "hc_vault": null, + "age": [ + { + "recipient": "age193t908fjxl8ekl77p5xqnpj4xmw3y0khvyzlrw22hdzjduk6l53q05spq3", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBpVnJDRjZveW5kYkduRGpK\nMU5ibHNGUFpRMGdIeDRGcStIVHZpZnFyeDJnCk1QSDB5VXlyNVcrQ0Y0YzJqeE1J\ncDJhT2FWNGdqUWUrYnNYVVlyQnh1SEEKLS0tIGZHYnJvNUxwa3NNREYwRk14WVlv\nY01seGd4WE5uMW5OaWJRY2hWMHpDT1EKWdLbmqge51ZRWh9t0umS+6MhLc1OWFNZ\n+suvSUGz/6DOYu4GwD3BVADttdBFr6yYF/VWO8aLWttOElF43t9/kWI=\n-----END AGE ENCRYPTED FILE-----\n" + } + ] + }, + { + "hc_vault": null, + "age": [ + { + "recipient": "age13prhyye2jy3ysa6ltnjgkrqtxrxgs0035d86jyn4ltgk3wxtqgrqgav855", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBFV3dwUXZjSnVxRlZwbjdS\ndmltRmM2RnZlWXBlUkg2dHk1eE1uc21HVUVrClBqU25jL3paU2lZQys3QnBrdWF3\nZGJyRlBWbGtkRkd0bGVVcDJWTDZTYnMKLS0tIERaSXRpOGpTOTZ5WEZqNkpNSk1I\nSkcwcnAxdDZaa2V4ZzEzKyttN0huWjQKypRdr8tVPaNMiT/LviPmoxRoILi7ilNr\nomllbweerJMduBEn19Cd/kUxvqFTNhRVpwl4RH522dOhXBnYtjZg3NQ=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1n20krynrj75jqfy2muvhrygvzd4ee8ngamljqavsrk033zwx0ses2tdtfe", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDa3N1T3hFUmZlOVc3cTVx\nSmVTWmc4bmk4djRPUjY2RlFnZFY3R0FDK25zCmJCVXFzSDhpVzhUTUVjS1lYa0xN\nSU9vYWJMNnpLUzd5c2p6REpBbDhTYnMKLS0tIGxWTEozM0RpY3N1VlE1bkxrNFJn\nbitRQWZkcEx0NDVWQTI1SzBlaG92MUEKQtbqZ4PKELfdi2NJAxqryCNQ8RQL5Hua\nnX0ArDF5FGd3KhePIY7vbaBE1S6z+D1kl8vM2+MwPWnNjxx/ln+HYF0=\n-----END AGE ENCRYPTED FILE-----\n" + } + ] + } + ], + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": null, + "lastmodified": "2024-10-08T18:51:47Z", + "mac": "ENC[AES256_GCM,data:AkjpXJ53ArZ7IdNg+tZBWNqQ6ik3prDRX93JGvDEgdJd0+lsci2m9uK+5sug2orr4tjzo0cf9o4j+N63IwXFCmyiDEBcgaLdPpgJKBcmf/a4pXWvu7aAs0sjHf1KEKLal6Za/6uBxPVdnaUxWo9G1hDtL9KAjhKWZ7c0dqGYkqI=,iv:9OY69R+M7E4THodVbxXewFQkiTFOjc4qiP0Y+HAJuLU=,tag:8lpeaPS59LAk9s79TGaJ9w==,type:str]", + "pgp": null, + "unencrypted_suffix": "_unencrypted", + "version": "3.9.0" + } +} \ No newline at end of file diff --git a/homelab/stacks/keycloak/forwardauth.secrets b/homelab/stacks/keycloak/forwardauth.secrets new file mode 100644 index 00000000..197d02e5 --- /dev/null +++ b/homelab/stacks/keycloak/forwardauth.secrets @@ -0,0 +1,58 @@ +{ + "data": "ENC[AES256_GCM,data:fgB0JOEvZSPwDyQngmRXltL1xWoMoMR8xQJqepTfZFaO5QzM/ifm2bkYWHreitgpgPUH8Fr7XiWwhMi+Ib3EeUavoDU2t6BXPYQbxgynLLEy1upIzWJpe4QHfrd6bWP35o6/XHjLc+zGArz8yFRey56ZwSUShlG20m1hudTviViD2CbgxX1iEpbcg96wrvnG0Y64bqiPKX+qfFlUesKRRpvJmCcmOA==,iv:wdtBxdbXHcXKozXt4gYQclvkYWWEJRX7nJ71ZMkWKy8=,tag:D3rRP5WAkQOYPC4IkcrN6w==,type:str]", + "sops": { + "shamir_threshold": 2, + "key_groups": [ + { + "hc_vault": null, + "age": [ + { + "recipient": "age1zswcq6t5wl8spr3g2wpxhxukjklngcav0vw8py0jnfkqd2jm2ypq53ga00", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAyYXZvUGQyclhnejVPbytV\nZGpQSFhGcXVNcHpEdHZNZ3U3a2VqL1g2VG1BClhyaldjY3lhdE9oTmN2Q1g4VUtR\nTThzOG84Z0JBTk1RNm5PdFh1SjVhUU0KLS0tIFUwS1lYMTlrakgyWjdKbHBzNWJW\nNDVpMmdIYlV1M1NXOU41c3pHMGRjL3cKlMDcXDkqVERs7p+R2DKmto/nc5LJC1L8\nRXaovEdpJ4furaCMJFYGdYjTtDM1/HVyDUMV+TMibNk8yAD1hUvZ4cI=\n-----END AGE ENCRYPTED FILE-----\n" + } + ] + }, + { + "hc_vault": null, + "age": [ + { + "recipient": "age1zswcq6t5wl8spr3g2wpxhxukjklngcav0vw8py0jnfkqd2jm2ypq53ga00", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4SVc0aDBrTi9zQUEvWGJX\naEk2V1U4b1Q2T1luemJoY1NJajR1TWhWbEdjCkdMamZhSG5jSkttYmpQc1FNR1cy\ndTJMVEdIK3c4MkVlMTdZaWR2d3NIK1EKLS0tIDBCeDJnWlZaSEN1cXU4bVBOYWFj\nT3I2MzdLS0JZbFRaS1pieG92VGVIQzgK4S639cS+k1gwGJdjDKouLUjHbYU6KXAZ\n7F8JVRqHuTn3C1VItdCOJCz48dRNfQJVbu6F/qXgZWmLjUVWTF9J7ww=\n-----END AGE ENCRYPTED FILE-----\n" + } + ] + }, + { + "hc_vault": null, + "age": [ + { + "recipient": "age193t908fjxl8ekl77p5xqnpj4xmw3y0khvyzlrw22hdzjduk6l53q05spq3", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVYXZ5bzNvNWpscFlpcHNP\nVlg4UEF5RFVoVUYvODFpWmllZXpqRkdUdW5zCkZxckgrQ20rQlZESVV0Vllpa1pw\neFlDNXZVNExUTWR3ekVyTHdTSS9ocDQKLS0tIHJzUVNMKzEwRmRqbzhHMXRzOW83\nTlpTTXFHTlpPZm5lYkVvZjZZMnJ0NlkKysir8GBF5FbCA9hweXUpVqrTdTknqCNZ\n+lFm3WPBpb8xXWffv2tt9QRxXeF84ZkGD20HBPTDHK9Klh5dVLlUITQ=\n-----END AGE ENCRYPTED FILE-----\n" + } + ] + }, + { + "hc_vault": null, + "age": [ + { + "recipient": "age13prhyye2jy3ysa6ltnjgkrqtxrxgs0035d86jyn4ltgk3wxtqgrqgav855", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBaHNGbzN3bEt2YjJiNWFm\nQU8vbWNta3NEcGF2NXJZMGRuQmV1Qk5GN0RzCkJBdTR3WEFoclBoQUh2b0szV2dr\neTd2QTNPY29FVGdMTmJMQlVHMHE2cWcKLS0tIFVicy96dDFEVnF4bk1RNUhOTXZI\nazdiREd0R0JYSnlLY3JObEZvUWJzOW8K9+j8aGBI4303Zb09EyXA7CoCDgI6Pwzk\nm/rCInEbR8keqhSHYI58JH42bmYEHae+xMhr+Jn6OnS2oQwxUGxK67A=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1n20krynrj75jqfy2muvhrygvzd4ee8ngamljqavsrk033zwx0ses2tdtfe", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBLQVRBWHFKRUhkRVliRzlL\nN3ZRQlJZdXZoSVRBWVU5SXVvOGxQZU5EKzBrCkp3TFFIaHdQaFV6ODBOL2hiWmhv\ndGRCKzZiNDN4N1RnQUpydXM1T3YybHcKLS0tIFhpVGZvdjZOamVhWVNWMCtCZktI\neUNEMmljc29jMzlwOGNHcjR2UDQwVVkKK+kcQ8Yozf0LfDGL5yKReM+WHEpDYOER\nhi4XfMQUVQiFoNOZcB8S/Jvnnpz7ku80XJku5kdgDhHwDuyVHO4KETs=\n-----END AGE ENCRYPTED FILE-----\n" + } + ] + } + ], + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": null, + "lastmodified": "2024-10-08T18:51:47Z", + "mac": "ENC[AES256_GCM,data:G4TdaahUtwpPtTxYg+7f4D8/K/oJ5Tl6iSpc5jP+WuUC2M9GXJCTAWc/eqyxjmucY5jVDmU9HhceCptnj9/YX/QqIgwlOBUvm8LpcM15DAAhX7YeaOxLudchGpZyDKrI+j8IvT3RQUEx5XyMkAdO3uP0MfC3rwL6xiaEpXyCJmc=,iv:QjXP31iTt6S2URA8JFkQRRcjbgVa/xOAOVsuPUwbHNU=,tag:f6OkacHIGWy6GPIJQVcs+g==,type:str]", + "pgp": null, + "unencrypted_suffix": "_unencrypted", + "version": "3.9.0" + } +} \ No newline at end of file diff --git a/homelab/stacks/keycloak/keycloak.secrets b/homelab/stacks/keycloak/keycloak.secrets new file mode 100644 index 00000000..e0f06fdf --- /dev/null +++ b/homelab/stacks/keycloak/keycloak.secrets @@ -0,0 +1,58 @@ +{ + "data": "ENC[AES256_GCM,data:UkqWdi0bt93s/QP4UvJt/hCf5gtzG57MTPS/sdXOvz8s6lGWGBz687BpNXHaJEtJD1lABHwuNLOwldWRVKeCUid/4ry5QmsXQ4Rpj9Gzzy4zqehg89icFoP23TFPWNrsjohl3LHgi7eno51tsoioyP35ZyPY9nxirOQ7UhK7ZndhaLue2H5qwhRgSmm7DTSNCfkV+Cg9z68p6bRCvcaNeyAJlr7XyhE0uoGoLO7F55yu,iv:qUaa+HYnX+aB+DdXu7wCUBSnZuo79DbemRQq58KLFXY=,tag:B/akezxRkfaz3WL01JEtvQ==,type:str]", + "sops": { + "shamir_threshold": 2, + "key_groups": [ + { + "hc_vault": null, + "age": [ + { + "recipient": "age1zswcq6t5wl8spr3g2wpxhxukjklngcav0vw8py0jnfkqd2jm2ypq53ga00", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBiY0Zrck53bWdhSEhEaUI5\nM3VDc0FMUzJuT0E4b0NFL1RaRTFTL09IVjI4ClFDTitmM28xcjE5NThPRjlZdjU4\ndy9STVhJeDRzOUZUeHh6bkcxUXFSRTgKLS0tIGhUOFRhTXY5WHp2MkV6RjBPbmFn\nZ1NKQzIwTlhzSXFZaXpadXdLaFByc2MKfLbxcHtCaSIMDnJxj1k59jZoT6AiuDPQ\np5OSPFs8T/vdwk4BeFKV29emZRi20j0X7H5DANjm/40u1+fXf1+aIjs=\n-----END AGE ENCRYPTED FILE-----\n" + } + ] + }, + { + "hc_vault": null, + "age": [ + { + "recipient": "age1zswcq6t5wl8spr3g2wpxhxukjklngcav0vw8py0jnfkqd2jm2ypq53ga00", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxb2FWRittSnBnV0s2RlRI\nWXJnbm1DUlMxZTFWd3E3TnBnekp6d1ZwK1M4CjI5TWFhWkFQNS9jMWI2VFVKTHRx\nY2VMNUNTYUMwY29VelFqanRINmlEcmMKLS0tIDJCYXFER0Irb1F6RGtPRjNEdDJT\nNitpKzNOMEpvWjlXQ0RTdmFuTTdFWWcKNLlWxjk4EfoSidbp3BAL+kGj+n/Kpmg8\n6vTAb55PbXDZIqaD+1tRE25jwzWtsAe+Xkg6lCEnOCZV63e9ulGU+sA=\n-----END AGE ENCRYPTED FILE-----\n" + } + ] + }, + { + "hc_vault": null, + "age": [ + { + "recipient": "age193t908fjxl8ekl77p5xqnpj4xmw3y0khvyzlrw22hdzjduk6l53q05spq3", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBIdGZ5eTQwOUVKK3lwSmk2\nUWdCREpXc2xaU0FiNTRwZjJWS3NkMmZyMUNZClIwR2ZLN3loRng0SEZZYlhJa1Q5\nSVl5TEp6QTk5bU5qc0tpblFKQzErTEUKLS0tIGJPeXhuWmFIMGkrdUU5eVZaeGRv\nMnB0bWdWRW0zNU9mTVRLWGFOSlY4NlkKIXd9HMzrhD+OLl/kVtuoirGIUmUNcee3\nQrbY1QznLjGhKyeGCEoQLb7Z8RezwYbKvOk0Acs0QEtzneeHB1LV1kE=\n-----END AGE ENCRYPTED FILE-----\n" + } + ] + }, + { + "hc_vault": null, + "age": [ + { + "recipient": "age13prhyye2jy3ysa6ltnjgkrqtxrxgs0035d86jyn4ltgk3wxtqgrqgav855", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3dHBrKzRFV0RoeHYrY3Vp\nZHVGN1RqMXNYbUhQMU5WcGcvYmsvZDdXZlZvCkxYTWsybzJVbjlxZ2pYRld2dkJo\nRWdLdnRtai9vc2VtNFpsVWViRFlHcUUKLS0tIHp5Y1dDc2Y2MGNiMVUwT0FKRkpD\nM3N4N0Q1YUtzNjNyQWxqWVJKV1dJNWMK2nr2N2mNQgQ22GkN/+GtAST6fRpDB6b4\n27gm2tC+vGYNLz3oyCelHAA4qtAI8h17y7K5NJwDzE2iiWQw5w+G+ZY=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1n20krynrj75jqfy2muvhrygvzd4ee8ngamljqavsrk033zwx0ses2tdtfe", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBlRURkS2V2VUpLay9BWEF0\nV2grNWJWbkJGWjdWZE12TmhFcnN6bGg4ejBzCnliaFZZeWJWQ2MrUkphSlVPT3dW\nNnBsVG5leTlBWnIyZkRnWXhvb1BhK2cKLS0tIDBpZTFYK0pCQUxTUnZQL09CaFpX\ncXFXMzRxVHRyaFMwMnJJemlieGJCRm8KKyjcvvV19odXZVAXOK89yHzPbfgtu3uC\npoSw67zzCA7wP8uGvNPT3q+oOA+9F20z4AffsrfVpzQlmaG2tGLq7lU=\n-----END AGE ENCRYPTED FILE-----\n" + } + ] + } + ], + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": null, + "lastmodified": "2024-10-08T18:51:47Z", + "mac": "ENC[AES256_GCM,data:xayrPlm3qZtbOynBz/mTHgkyRJZLMbVzTzbaL0LEsCZZJ7iAJ7Y+GDy4AFByI3gPBNV6hzIFptZzKswXYTmCY3jow5Jx/M+AAE6xRpHJ9R8h7c+RYtKYwA3Omg47lp1i95aHNfHLHZVgcrQXOTC8kPhCU8LFSLv4VURmQwFlcak=,iv:apKbLfaY0mmchQCOVva+QMB7PRknwj0ePvqkM93tPA0=,tag:wkDWOalwZmGW0rbRp76vYQ==,type:str]", + "pgp": null, + "unencrypted_suffix": "_unencrypted", + "version": "3.9.0" + } +} \ No newline at end of file diff --git a/homelab/stacks/keycloak/postgres.secrets b/homelab/stacks/keycloak/postgres.secrets new file mode 100644 index 00000000..fb5d83dc --- /dev/null +++ b/homelab/stacks/keycloak/postgres.secrets @@ -0,0 +1,58 @@ +{ + "data": "ENC[AES256_GCM,data:7+2r676ey+KfW9oiakYrSZq4ptWbeu0MHg1+KXMCS7J/HDDN30pwkS2llYo85j++7vCHcA5ntfSz4Uk30/bVI3Gh0id0pbC44w==,iv:d4YRFoEO3D7WBH/3ShBx3TPk5wow/F9QlZ7ve448KPg=,tag:GlziU8ZPqMaRxL440kam7g==,type:str]", + "sops": { + "shamir_threshold": 2, + "key_groups": [ + { + "hc_vault": null, + "age": [ + { + "recipient": "age1zswcq6t5wl8spr3g2wpxhxukjklngcav0vw8py0jnfkqd2jm2ypq53ga00", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBob0VwM2ljd3JRdFdiYisz\naWpndkd0QVU3aG82RmRRU0lFQ2xrMzB1dlFrCm5qTU0vZ0FjV2tZcUlwRVBpWDVQ\nNlV1TDlXNklETHF1NVpuMVdjdkhzck0KLS0tIHpXRTk5T0FCbUVCRWk4MGdNYnI3\na293UzZ1eko3N0lvMUIvWTE0RWlmMWsK6aEXPxED7J+FGzasLbUaHUdh1SgX7jIO\nPYgaJvbHN2l6/oYmimMY+iJyY1PvMpN6SiZ0r8cuxGlpyMkLBfoUUKc=\n-----END AGE ENCRYPTED FILE-----\n" + } + ] + }, + { + "hc_vault": null, + "age": [ + { + "recipient": "age1zswcq6t5wl8spr3g2wpxhxukjklngcav0vw8py0jnfkqd2jm2ypq53ga00", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4Zjh2bUpORVA3WHRDbmZX\nZWhGV1oyamtnMytQeUJvV0s1L1JTT09KQzBNCkx6SXN0OEZ6amovZ01mZTBJbmhF\nNllBOEFMRnhoSDUyOW84STJtQ0I1VEkKLS0tIG00d2E4RHAvRzNTVGJEMWFTYkNu\nT2Fmc0hjS3JHNFdpOGdGc2ZVcXJYNGsKOVWLYqa+JYdNH6whTvgV6FRBo/o4yAQ2\nXQ61UcGtYVVjY9Qr5XQZR7O0mTz1WD0F3rR+m90+F7m1mJpEIsSgp8s=\n-----END AGE ENCRYPTED FILE-----\n" + } + ] + }, + { + "hc_vault": null, + "age": [ + { + "recipient": "age193t908fjxl8ekl77p5xqnpj4xmw3y0khvyzlrw22hdzjduk6l53q05spq3", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzSml0a1pya1prMEtvOW9N\nL2xtSW5xU2R5WCtYOFdPTzRETWd1aGttWlNNCmFWWkxkSHBPOU1ZSkRvZ2ZlV0Vk\nOG4zMDIzT2dITVVlRG5KTmUrbDdQVUkKLS0tIHhMNFBqVm1EL1k1WUxwMHMwaUpt\nVjQ5L2RPNHFZL1ozdjR4UjBTbS9ITDAKD7h8Y4ocl7fQMaTXZP9I/FSTVeofFF39\nZxVLCtweHiDKIuCDSowk5WYOxuVlENBHgbp2HnCmGkcr0ob+oZScqLg=\n-----END AGE ENCRYPTED FILE-----\n" + } + ] + }, + { + "hc_vault": null, + "age": [ + { + "recipient": "age13prhyye2jy3ysa6ltnjgkrqtxrxgs0035d86jyn4ltgk3wxtqgrqgav855", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRWlI3L2Q5RUdUM0hsS29k\nakhpU0NWak1pdTZDdFZXMzdhMnRobmMvakhrCjVEN2o2RC9rb1VYQmJaY0VyaE0w\ncytTb0tqc0ZQNE5OWCt1YUVrWFlLN1kKLS0tIHdRT2FFWnhkclV1YUZOcnBmM2VJ\nc1d4b0dmTUQxS21EYTVGZ1V6MkFvcFkKzSvnqZG3Wdf20lt+yjXX/JXSrD0u7uP5\nZSecpyhCGMvoojG2SSrS20VbBJjELeqy8GSwRBl4VXiQ689Kb+R8htU=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1n20krynrj75jqfy2muvhrygvzd4ee8ngamljqavsrk033zwx0ses2tdtfe", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1MVdLTDhDSmFKUHdqb3lo\nTEI5YUpjak9jYzVoRk9tT2JNV0lGTjllcTBZCnBDb1Z2K2pHc3dOWTRkbWxzTlVm\nOS85em9hUG1kem1Qa3YvR2FLUnNDTW8KLS0tIHc4Z1hVOTRzbHdBNVVlQURiWWFE\nZUZnZVYvZ0hNN2FZUTNHTU0zbFRLNG8Kt593gm2FN4eM6OVsid50tajQlaTwufwi\nV9IEtfxuXqtL+TsyYbEiw6EGsXprpFvwCStgcMtRiTzCj0KxcfCVMNk=\n-----END AGE ENCRYPTED FILE-----\n" + } + ] + } + ], + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": null, + "lastmodified": "2024-10-08T18:51:47Z", + "mac": "ENC[AES256_GCM,data:vQZhr60Rw7+tss4JDlz6PhqE5fodK/enHYPeVrTW3ACCsehKw57ySbMtoQVCijhGcnOQ5PpV583PCaYxa2pDdpZ+lu0YS3KAVR5o/+sPVbGGXyuQSEFuxRAIB6kENnZEWbOev6eGM9lOoycVBrLCp8FfVChG2XKF7KRp5A4HoUI=,iv:3toT/mij4UodEKIx8qnXm7n/9zNZmN7MHbrb8zuJoUA=,tag:SYi6RvgMs0kGj3pvMNy7VQ==,type:str]", + "pgp": null, + "unencrypted_suffix": "_unencrypted", + "version": "3.9.0" + } +} \ No newline at end of file