fixup

author: Mike Vink <ivi@vinkies.net> 2024-01-09 01:04:55 +0100
committer: Mike Vink <ivi@vinkies.net> 2024-01-09 01:04:55 +0100
commit: 4735894ae350d80d131d5f08c734109f769f18d5 (patch)
tree: 49fdd5d5e69837e06eeb93e3e11925b22aaf0817
parent: 7e3185d8b09aa8e53c9c0b3486ef56cb235ebf94 (diff)
4 files changed, 27 insertions, 22 deletions
diff --git a/.sops.yaml b/.sops.yaml
index 3526bf0..faa725f 100644
--- a/.sops.yaml
+++ b/.sops.yaml
@@ -1,14 +1,14 @@
 keys:
   - &ivi age10q9wse8dh0749ffj576q775q496pycucxlla9rjdq5rd7f4csyhqqrmkk0
   - &serber age1vvr5amtuf7cyhsmc8ge8ujlzpuwvwhleqafrjg2e8mcevnq2zs3qzzqq5m
-  - &cal age1t8trmc0lpfgqg6cvt5f2prjc77tgqyw4ux8lf67xmuk2tsyjyvlsskalwc
+  - &pump age1tzsvgxaxwvh4874d977fk0z7ghm4mqpm0c80vhxft87dv46p5uesq7mk42
 creation_rules:
   - path_regex: secrets/[^/]+\.?(yaml|json|env|ini)?$
     key_groups:
     - age:
       - *ivi
       - *serber
-      - *cal
+      - *pump
   - path_regex: secrets/lemptop/[^/]+\.?(yaml|json|env|ini)?$
     key_groups:
     - age:
diff --git a/ivi/ivi.nix b/ivi/ivi.nix
index b3dbd6c..8974d57 100644
--- a/ivi/ivi.nix
+++ b/ivi/ivi.nix
@@ -89,10 +89,11 @@ self: lib: with lib; let
           };
           pump = {
             isDeployed = true;
-            secrets = false;
+            secrets = true;
             addroot = true;
             profiles = [
               "core"
+              "homeserver"
             ];
           };
         };
diff --git a/secrets/serber/porkbun b/secrets/porkbun
index bd610cc..3899c17 100644
--- a/secrets/serber/porkbun
+++ b/secrets/porkbun
@@ -7,12 +7,16 @@
 		"hc_vault": null,
 		"age": [
 			{
+				"recipient": "age10q9wse8dh0749ffj576q775q496pycucxlla9rjdq5rd7f4csyhqqrmkk0",
+				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB0aW1UQzE5cHFQWFkyQjl2\nSTZaMHAxUlJ5MlcxVlRZallIM0F6ZEVXOEE0CnVwcXZKZ0h5Q1JnY3dwbFQzYWsy\neGlpNmpnZm9icmFYcGg4V0Urb1Fid3MKLS0tIFhWc2NaY0xMa0VLR1d5UlpzcDdE\neGdOTTU5Q3VDU1lLdnY0VzU4K2cxZGsKzCHLyTGTOwct6qH6jy+iXyY9UArBvvPk\n7Z+6dGSE4z/qsrRmzWpV6M66fl0gaNVDgXDPP5lNzI966zqfnQ4Nog==\n-----END AGE ENCRYPTED FILE-----\n"
+			},
+			{
 				"recipient": "age1vvr5amtuf7cyhsmc8ge8ujlzpuwvwhleqafrjg2e8mcevnq2zs3qzzqq5m",
-				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtZ3BXYmNCa0xFL00yQ1pJ\nY2VabkVkdDMvYytvdFM1MFlxVHJPdmJOUUNNCjRERHJrRURyMm5UM1RhQ05nTi8z\ncnpxczl5TFBtbHVRSjdJSjBneThrVE0KLS0tIEpUTmlUVXdTelYxUGhJdWFoTXds\nUDM4bHpmQUJId1M1RE0yeDRKNzlSV3MKbTSttMmQmALfvl4V/HfAtIsXqf0BxEaU\n9cZ1ip+600vmTqifYqCYF7uf4pGlwpkHu68gEsZakBjUX8uSK8JRRQ==\n-----END AGE ENCRYPTED FILE-----\n"
+				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4NUJXTGcvbjhMVFVSU1ZS\nT1VsVTdLVFoyNVhoaEpjM21XQTZTL1F4cUJRCnIrYmpacnJyNkRCajgyVktNSTVn\nR1hXV2FNREp1bzFvNHZmM2h5ZGVTNlUKLS0tIGVPSE4rWFdjUkNlWmlJeGZWOFFN\nMmo1cnYyQzBUaWRxOUd2S1VlblFHNHcK1g4+wF4CWS5Qc/jBwGfKOEhhh6tx0434\nkwPa0GeXM/LKBwE9YH4gZ8eRx3SrEikzp+55dy+FsLbXiI1USEZU/g==\n-----END AGE ENCRYPTED FILE-----\n"
 			},
 			{
-				"recipient": "age10q9wse8dh0749ffj576q775q496pycucxlla9rjdq5rd7f4csyhqqrmkk0",
-				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB6eG1ZT0Zqd0R6NjZ1S005\nM3ozcm9IbjREV3dnUkhmZndxVjlhalZzY1dNCjlrQncyV2JzbERsbFNrSlJWZDRK\nZ0RSMU41WTk2MWtZVmszQ3FMdGpjcnMKLS0tIGtNU0Q5VGwwMHd3TEJBNlcrNTdY\nSk5xQ0NnUUhyVDAzZGhXdXRvOFhWYjAKfveW9AxWCX1VjlIr6Ung3jMjou2Yiyvn\nP9o1yP9nu1nWdSfoHjuIlv3epDVIkq0s/Xq/Vl0Af4/FACPEUhOeLw==\n-----END AGE ENCRYPTED FILE-----\n"
+				"recipient": "age1tzsvgxaxwvh4874d977fk0z7ghm4mqpm0c80vhxft87dv46p5uesq7mk42",
+				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYaHlEK2xLTjd3T2thdHU0\nT2JXQnhnMDRkQXlpODkvRnZGbGFsVC9RK2tZCnc4cGd3V0FKNEFwd0NIWEFvdmVn\nM2ozckMxd0tRUld6UFdqNkZVOXc1eWcKLS0tIHFyUlllbU9yV3JSVTl2VG9HUkxG\ncmJKQndaNkxWenFuaEpqRERTa0xUWEEKHuE6nfwKRS7gsbf8IuISXrWanrLTvE82\nnnwDIA4kgt+2sFbgygYhTO+duvMSVkGflc7SjZMNiIm6gklC1A5yPg==\n-----END AGE ENCRYPTED FILE-----\n"
 			}
 		],
 		"lastmodified": "2023-10-17T23:45:30Z",
diff --git a/secrets/root.yaml b/secrets/root.yaml
index ece2386..00a3ead 100644
--- a/secrets/root.yaml
+++ b/secrets/root.yaml
@@ -10,29 +10,29 @@ sops:
         - recipient: age10q9wse8dh0749ffj576q775q496pycucxlla9rjdq5rd7f4csyhqqrmkk0
           enc: |
             -----BEGIN AGE ENCRYPTED FILE-----
-            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1UzY4ZGU2T25acERnaDB2
-            UXh4eU1nbEg5Z0JYMXlLcms4OG9ZQXJrM2lVCnJ2WTAvcVFHdk50U00vV1loQUJz
-            YWEvN09UYXVpOE52RERFc1RlWXZsdmsKLS0tIFliMkwzaGUwNmt0ZVJNRFdKUkN2
-            bHNvSW5ZbXBLeG1HWWtFcmNLUjN1SlEKThAwYUzXW3uht56zrAhfBQ4YYRK3JJN1
-            IF165Ndn0LvxH6jh8ag8RcgO7HnMVzlcVW1Jkmygw6uj8q0K1WQ/TA==
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3SXFYYUxwa3FZWjBTS1pO
+            NUgySEFVclg1QXowR2dud1Y3ZmJ0a3BVZDFzCjRxaERzbVloMmZBUEJoeEhYb0hW
+            UGlzNmY5M1lkQmo5cXZtdi91VCtSV00KLS0tIFZqbVNJNkV4S1Z2YStOakIrZW5J
+            Q0YvakIyZW05K29zRDR5Qm1hUzdhdlkKuuQBr5JwPpUy6obJHNSMkTP7eAyNHiNW
+            gTnhkoQkngskhd0evg3jdgip82JxVo/b/nzuih5fHxjrPxMH0aIqBw==
             -----END AGE ENCRYPTED FILE-----
         - recipient: age1vvr5amtuf7cyhsmc8ge8ujlzpuwvwhleqafrjg2e8mcevnq2zs3qzzqq5m
           enc: |
             -----BEGIN AGE ENCRYPTED FILE-----
-            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSArdlNYM2xkSnl5RVlLS2ZN
-            V04yN2piOWFTSWRNS2JDblROcCtLTTZEZVhNCnFqWHRscjZjMEhHcmhlNG1xTFMr
-            Z29tdFcrYkVWUkhUcmR3TElFa2lvSTgKLS0tIDh5SUtmclN0WnM2MWhKMjRxNElI
-            dTMvTGNxVFBlRy9nMlU1OGxPc29MVlUKWUPvkdAlKPtlKqrMlPQda2Y15m9etRyp
-            BlG585AtfYJ9JxLGbe91tTs8/rvBGAgRWvPgj+2aM3PwSZJ/MzRv4Q==
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBpNHJObGJKaEVXWVUvbERU
+            VHFhWWYvdHB5cXVyOEhWRkovTllYOTBWN1RvCkpXWG40VzkvQXRNMmRaRjhLb3pn
+            OWR3ZnpKb2thbmVSc1FRVERGNnRsUjQKLS0tIEh5VFlmTVAwWjZtZExueDJCeWdt
+            MEVqQ0RLVm9BdE9LTE5ZWTdxM0ZXcFUKQglVwJZX+nQ5JwAz+1Oj7uvf7mLrJxZC
+            K6KJCWZItDJ0fx2eQC2fs1IqktZxmWdLlv88meeNfknyUZxm+9wUAQ==
             -----END AGE ENCRYPTED FILE-----
-        - recipient: age1t8trmc0lpfgqg6cvt5f2prjc77tgqyw4ux8lf67xmuk2tsyjyvlsskalwc
+        - recipient: age1tzsvgxaxwvh4874d977fk0z7ghm4mqpm0c80vhxft87dv46p5uesq7mk42
           enc: |
             -----BEGIN AGE ENCRYPTED FILE-----
-            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNWlBiQ3N6bkFLM2M2d2dZ
-            b0J1Q2lPakJkT0x0QTg0U25Ld0prYmtDc0d3CmZqY1ZNaHVZNzhrZ0FVQmwwdjJr
-            ZTRqRGxSaGNibVBVSjlWS0NyU3E2VmMKLS0tIDBqcVl4cGoxc2FiZlRLc3JFdmxK
-            ZGFRN0dOTjZldlEvRFF0VWg4QWl1eDgKjoVYWCnteTH7bN1AMoyZA885u4eG7OCu
-            VwV0Nue13e5GRP6C7Ot6DEBlOzj0xJqE8ll9yAAUwyfn4/GzEagzyQ==
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBocTJ1clMwUC9NVzUvQXha
+            TVRKQk1NWDhxeDB4MzJmTFFKb3VyYWpCZGwwClloSjhKVWxneHZ1M0xxMkdFZHRp
+            REVRK0FuTUc1S21obFJoYWxCaFZWcE0KLS0tIHhlcnIvSnA1Z2FYNTlITFVYUlpx
+            c3VOK3h5RlU2WlJ1RXVaM25ZRGVMa3MK5vIL3iafMql0xUw4RxmDA562UFbVK9rs
+            sUTxHfOHbZCrdzPqW2rECZTsWeyq+Ay1+z3NkmJTQVhZz6ePiZPD4w==
             -----END AGE ENCRYPTED FILE-----
     lastmodified: "2023-11-09T21:52:07Z"
     mac: ENC[AES256_GCM,data:/EtDIoCPQqwDJDfBh6/UqlMVrXcWgk7BUNiNZHoCkIY8ZAIQlU1NQIFKvQ9sV/K/gqheV3Pw73Tv533Z2BGKFIY3sNUGW05XdEDvv+QAq4kAZWbPtYPDNI8AFXfyTSFv8q4sa284gWiOtGJ4rHJ7kbzaEpyqxVWMqpfwCLEQ0lU=,iv:ykZ5yswTRRmZIPs86jvaq+bD846qPUJjsTSqwRdL4N4=,tag:kVlJmNNfL+69JroGQJua5A==,type:str]
author	Mike Vink <ivi@vinkies.net>	2024-01-09 01:04:55 +0100
committer	Mike Vink <ivi@vinkies.net>	2024-01-09 01:04:55 +0100
commit	4735894ae350d80d131d5f08c734109f769f18d5 (patch)
tree	49fdd5d5e69837e06eeb93e3e11925b22aaf0817
parent	7e3185d8b09aa8e53c9c0b3486ef56cb235ebf94 (diff)