From cdc59ce96f8b55f37693e341142f4cda0756c2c6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cyryl=20P=C5=82otnicki?= Date: Sat, 4 Jun 2022 13:12:29 +0100 Subject: [PATCH] reencrypt openweathermap key with new skinny secret --- .sops.yaml | 6 ++++-- nixos/i3/openweathermap.sops.yaml | 35 +++++++++++++++++++------------ 2 files changed, 26 insertions(+), 15 deletions(-) diff --git a/.sops.yaml b/.sops.yaml index baee90a9..bd6ac491 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -3,11 +3,13 @@ # Also see https://github.com/Mic92/dotfiles/blob/master/nixos/.sops.yaml # for a more complex example. keys: - - &skinnyv age1p76577kkfttxxj8ckwwkhyhhz7qq2d7qf2lenyaa0g3v2gd3eecqhhf9jn + - &skinnyv-source age1p76577kkfttxxj8ckwwkhyhhz7qq2d7qf2lenyaa0g3v2gd3eecqhhf9jn + - &skinnyv-target age1mpgtj57e256q9nqz8jt0jt9ntxrldu0p7aunxx3y5vnerfz04vqqdst2gt - &bolty age1msgz4lzqj3wd4yu3mfgxyl5gz0y94al59njv8fqu7s0dvwt9yuvsctlhvu creation_rules: - path_regex: /[^/]+\.yaml$ key_groups: - age: - - *skinnyv + - *skinnyv-source + - *skinnyv-target - *bolty diff --git a/nixos/i3/openweathermap.sops.yaml b/nixos/i3/openweathermap.sops.yaml index 70298980..f6feae04 100644 --- a/nixos/i3/openweathermap.sops.yaml +++ b/nixos/i3/openweathermap.sops.yaml @@ -1,4 +1,4 @@ -openweathermap-api-key: ENC[AES256_GCM,data:NNeVpkLxM9xDxV0oskAoUPjH6b3V8K3MfnNOOAEtg0k=,iv:0uOxqjmUvslHH7yyKJuZ9h0tY20BUmqr7zsRSX2AjBc=,tag:1rJHeWtct6pph58U9Nalkw==,type:str] +openweathermap-api-key: ENC[AES256_GCM,data:7nRwO5jMG14FvK9jUVt2WaGDVPybfyGEq4K5wEAtd9w=,iv:A+bLY72d1Q9+fI5ZNOmNhyc4Miojc4L+2LLPbqoAZUE=,tag:OcywZTa1U8YIhq0k6hKW8g==,type:str] sops: kms: [] gcp_kms: [] @@ -8,23 +8,32 @@ sops: - recipient: age1p76577kkfttxxj8ckwwkhyhhz7qq2d7qf2lenyaa0g3v2gd3eecqhhf9jn enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSByMXQzL3JVaTBOL0U3MlFm - d0tjUE9abDVUR2dVbHlBQ1diSWRRWUVnalVvCnNQbWZUUmJ3TFFpL0x6c0lQV3hx - UW5IU28xdlp6Mi9OdU9UNmFuRWRKWmsKLS0tIG9GUFNLblphdHdmMXFQbzJmSjBN - TVZMTWJCd1lyZU1tNFZJQTBhT0lGZTgKKM0mC1k7YsEBaogB4Y7TEhGliU/lbETQ - DuZ59BaXpOy9wzQ62m3oAhubP/cQZVOp1rH094BVdQqfNnDB4+F9xg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDaVpjSy9LaVFRRUxyS1RR + bEFNcWtKemVwWFZYTjl3VVExWjJVbXZrYldZCnRvZGo3LzdzYUtBeXEzNkNaRk9s + KzNxSHF3UE1RRTBIM3hzMFBFOWRiNVkKLS0tIFlJRFQ5cTBKQXgvd2hZN01wa01n + akxySFlvbVVTbnVjMjJOaCtoRHVmWDgKtaoAx92g+VYRFRn5iEzwjt8pblFPxDvn + hLa/zdyWhJNPGDgO6IrDEpVWn0jocmLSiVsd+HHIcHbt+ZYIo6QHtQ== + -----END AGE ENCRYPTED FILE----- + - recipient: age1mpgtj57e256q9nqz8jt0jt9ntxrldu0p7aunxx3y5vnerfz04vqqdst2gt + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBpWEl5b2I3ZWlzV2lhNlFF + SVY2MWh6MStJK3hXR2FpOUZ3Y1pBb3B5a2dZCjcvY1F6RjlWKzkyVmgxdDN4WU5m + ZWI3VjFNWCsxU08zQWFjMXhDcXlkSzgKLS0tIG0rRWIyVklPL0kyc3B3a0R2QlNO + dWtTZmR1Uk9sRnVxQmNWRXNpb1J0elkKufMelTocLqyNJuVv1xPyAJojR7YwKwmU + 9kAWdGs4DYKG7dRn6LV2U4y6Ziu40eMJdnX4ysA3FQfO6ZqbbUpTlg== -----END AGE ENCRYPTED FILE----- - recipient: age1msgz4lzqj3wd4yu3mfgxyl5gz0y94al59njv8fqu7s0dvwt9yuvsctlhvu enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3ekZTVjhnaUJkbS9tdm9w - cnJQYXpYbTVjOFhCMmFaQmdERCtzS1NBSlRzCnZpYUpGa01QRElhaDdaLzRtY0sy - UXQrU1hJRnlNNlJWME1NWWdPbG5rcjQKLS0tIHVmY2lHZ3NDR2FTZmRpSjhkM0FG - L0IzUmQvNS9PT2hXYUNYL1hoRVgyQTgKdJs/VaS7G076v2CPoGz71yjeQsu19GCZ - pIThhU9ppGJvgo1eD0kQFeNHwHB4Wg1jN38d/KoC5A0vWYWmk+Hhng== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBuU1BVUHduM2NDbHpJeEVs + OU5YMHJnWlgrMXhHYW0rSjZQcWNsUjROSlRnCjN2UGdDczlHSzJyQ0JJaW9qSTlx + bW9OM1UxNVJPYVB6Z2FJMkEwL0d5eGsKLS0tIHlabCtuWGZGUGZtMDVaOWk1Q3Na + OEs3UFhlR0hIajZ2R2xKb25JWmtPWlEKEXE+MYkkKP/G2KwcC2DwJ/T/ZoECRN7D + fOqPTR17VHDgwzFko+NP3uH4/IddgW8TZs5uF1QhaMUDtipYkCd9WA== -----END AGE ENCRYPTED FILE----- - lastmodified: "2022-06-04T08:35:33Z" - mac: ENC[AES256_GCM,data:Rne0FsSpBMOPSdwDryFtB9ui7hSxvbJMz1+Qkq3Ih1HYBdVuIldyWsoJK7D8wvAl2E/z3MMk/vBoYQUmkhuzZorqiseuFix6sAZBps08R9ZG1t7uJbHuU9Bt2/ebX3n2ZQXgWkPX06eglmqbqzE+WS/yzUxu/KGYa3aqpv2COt4=,iv:+ginG0RSy8aacTHwKnjO17XKkBU4iY5YzAcIovBIaTU=,tag:yyTxDGqK2BI1QNv+vg2ZqQ==,type:str] + lastmodified: "2022-06-04T12:09:53Z" + mac: ENC[AES256_GCM,data:f6gLZwQHYyukDDpzRu20n70R7ft4PrCjBmTeU27llY3Gg7LCJ+XBF1sMgQHAMFVYIexydi+ilIP4FTx2U74+lhE7MMEwKXpu+YEyyyhLO2JRliTgrSiv7u7ZzaowdkehH+PS372JZco4wv0IPiYUtObNTx7vFxmNQopLVMKdl+c=,iv:A8QVAMyqHJvxnPBXqEXwGANjwH7m60PV1nbvMMLMz2A=,tag:z1wSmvGVQQPJ0gbPLZo4Bw==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.7.3