From fe2351fe6ebc9851109954dba415f9462fa2372c Mon Sep 17 00:00:00 2001 From: Joey Hafner Date: Fri, 16 Aug 2024 16:59:50 -0700 Subject: [PATCH] #3 Delete secrets.env, init gitignore and gitattributes for git-crypt --- .gitignore | 1 + homelab/.git-crypt/setup-git-crypt.sh | 5 +++++ homelab/.gitattributes | 3 ++- homelab/fighter/config/zipline/secrets.env | 11 ----------- 4 files changed, 8 insertions(+), 12 deletions(-) create mode 100644 homelab/.git-crypt/setup-git-crypt.sh delete mode 100644 homelab/fighter/config/zipline/secrets.env diff --git a/.gitignore b/.gitignore index 555ab8b1..bdb2c352 100644 --- a/.gitignore +++ b/.gitignore @@ -5,6 +5,7 @@ TODO.md *.tfstate *.tfstate.backup *.secret.yml +.git-crypt.key dotfiles/.zsh_history dotfiles/.bash_history diff --git a/homelab/.git-crypt/setup-git-crypt.sh b/homelab/.git-crypt/setup-git-crypt.sh new file mode 100644 index 00000000..f9f20f61 --- /dev/null +++ b/homelab/.git-crypt/setup-git-crypt.sh @@ -0,0 +1,5 @@ +# TODO + +# 1. Install git-crypt (or verify installation) +# 2. Unlock the encrypted files with `git-crypt unlock ` + diff --git a/homelab/.gitattributes b/homelab/.gitattributes index 250b3dc3..83d82701 100644 --- a/homelab/.gitattributes +++ b/homelab/.gitattributes @@ -1 +1,2 @@ -secrets.env filter=sops diff=sops \ No newline at end of file +secrets.env filter=sops diff=sops +secrets.env filter=git-crypt diff=git-crypt \ No newline at end of file diff --git a/homelab/fighter/config/zipline/secrets.env b/homelab/fighter/config/zipline/secrets.env deleted file mode 100644 index 4ddfd1d0..00000000 --- a/homelab/fighter/config/zipline/secrets.env +++ /dev/null @@ -1,11 +0,0 @@ -postgres_POSTGRES_PASSWORD=ENC[AES256_GCM,data:Q7vC/TGJUOhJwyoJKclFZ3j6h+ztneQwIGLgbAksZ2e2ukh418m7aw==,iv:H/f0HcDARCWJx7zAgl2QK8uQAeMpkPD/uX9mQSNqF2Q=,tag:Mf8S/cnJi4evTs8MqgFo2w==,type:str] -zipline_CORE_DATABASE_URL=ENC[AES256_GCM,data:YdcJqvuNBNbm1DnoSo07h1tglGWOfedCAYcGpswFACdQTBNhomZ1RCH0S3hoJm3UL2Fc0o8UX/RkO1M//U9PHjjNbrAt3VkYeO692A==,iv:rfsUH36fv+ezfBMP80uNvvnIZAJPDvBKnqWMFc9Ndws=,tag:t6XvuyO4iElCumfkbRxVAQ==,type:str] -zipline_CORE_SECRET=ENC[AES256_GCM,data:oY3Kj89Rvh6HTeZC5rBbw0+sn0Xmsceo/L14YF5d+zI25rBVPdwkyw==,iv:vVjFoJoZ9uATXR7q9bYB7HmAiZDeyFtgTjSp4vA+7+w=,tag:40wmcS5KgXKjauilA6+OmA==,type:str] -sops_age__list_0__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBIWTEvQnQ1ai9PZjFvd0E4\nZkVLNDEzckZmVDVwa2ExSStPNjNLRU90a3dvCm56RW1VaFhmWHJSaEp1WEFNcHNz\nRmZIQTJkNDNxS1drejg4M2FCY3lSRGMKLS0tIDdjYnh1L1VnRGZBeGJvVzhwWFA3\ncVdzZHVGV09CcFk2dVNRbWgreVJQOEUKpu39lhm8oPqz33vdvnubvs8PF1+B1cqL\n2Kyy2mE/agXn3wJcTf2U7O+4raYUgzvvNV6u2HuvqAmkZXz1TA2Ssg==\n-----END AGE ENCRYPTED FILE-----\n -sops_age__list_0__map_recipient=age1zswcq6t5wl8spr3g2wpxhxukjklngcav0vw8py0jnfkqd2jm2ypq53ga00 -sops_age__list_1__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBUFdFZDdKQzVBTFFXd1Vo\naHFEYStNK21hS2FEeVBTZTg4NFB2RTlHREVZCk1xWkNIZ08vTFNqZmRzT1Z2NXBB\nMklDbitTUndXSG94bXBXbHRXc3kwSk0KLS0tIFA3dWhoYVR1djFncDAzMTJKV1dt\neDhaZndrc1paNHlDN1piRTczeEY1RWcKgTevuXh5nIv8nAMYVKAZQGFnA6DWDkLY\nqnpD7hVO2C1NPZbqnIeYIMaMldbwHtIXw5zC4uXMxpd/2pdUt4YPnQ==\n-----END AGE ENCRYPTED FILE-----\n -sops_age__list_1__map_recipient=age13prhyye2jy3ysa6ltnjgkrqtxrxgs0035d86jyn4ltgk3wxtqgrqgav855 -sops_lastmodified=2024-08-16T22:28:13Z -sops_mac=ENC[AES256_GCM,data:5U5pRMmaxtajhVRma8Xh8Yeu/P4vyl4G2ius0sznoRs0olUCUKKQg+d098TfLOSI0V8jO64Z0UqlA/RprMf+IuTWWBermomHupi2lXvBUjQyRXtWhjUmRvnHNb2MRyRZnOaFTWHAl5F/6EuVMy0GgMCyToZfU4UAtTooGoMUlbE=,iv:l8CCYW5nTJSHGLv/nDYpW0rgxInlCK924bhbexL0H18=,tag:phcL3PJ8MNWuE3nEZyJRwg==,type:str] -sops_unencrypted_suffix=_unencrypted -sops_version=3.9.0