new tailscale key, restart when key is changing
This commit is contained in:
parent
7a9ae3129a
commit
e63e1d9bef
2 changed files with 5 additions and 4 deletions
|
@ -15,6 +15,7 @@ in {
|
||||||
};
|
};
|
||||||
sops.secrets."tailscale-key-${config.networking.hostName}" = {
|
sops.secrets."tailscale-key-${config.networking.hostName}" = {
|
||||||
sopsFile = ./keys.sops.yaml;
|
sopsFile = ./keys.sops.yaml;
|
||||||
|
restartUnits = [ "tailscale-auth.service" ];
|
||||||
};
|
};
|
||||||
systemd.services.tailscale-auth = {
|
systemd.services.tailscale-auth = {
|
||||||
description = "Auth with tailscale";
|
description = "Auth with tailscale";
|
||||||
|
@ -35,7 +36,7 @@ in {
|
||||||
fi
|
fi
|
||||||
|
|
||||||
echo "$status, reauthing"
|
echo "$status, reauthing"
|
||||||
${tailscale}/bin/tailscale up --force-reauth --authkey `cat /run/secrets/tailscale-key-${config.networking.hostName}`
|
${tailscale}/bin/tailscale up --authkey `cat /run/secrets/tailscale-key-${config.networking.hostName}`
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
tailscale-key-foureighty: ENC[AES256_GCM,data:o5cVkNgdF8/yHeGkewLifI0ulagzxfXxHeeHGErgkaedAWLLbfNXAclGs6iH9EozrA3fx7XnJsLQ,iv:dEkqCvHlsN8dQ+1dVZHG0+4zi7OeHF9bUZ5qEI9PIPM=,tag:4fOnyFbR64E5KFR8bR5DuA==,type:str]
|
tailscale-key-foureighty: ENC[AES256_GCM,data:xb7EZ4TDLGXpstO2OTa+8gvK4206ik+DVQe2ZGqe+zxrhGsrkPu3MpjJYlL9vqakC4dzpRxwKN4=,iv:2Sq25zysjc2gS7SLi7QeFaIOtvKuBbNwADVyj7Hil50=,tag:65jC+Rk96s8xO+dKTo8uJg==,type:str]
|
||||||
tailscale-key-bolty: ENC[AES256_GCM,data:c1OC6WgYr18I2mP9NQQ1+ibqN28VNcxNMLanLdv6wnbqBLFUSUqJ8tlHgCI81qS1kzlvuCvZui4=,iv:YuNLgEfvBezS1+P/sKN96h1/88e2xU/gyfkzjIy3vNI=,tag:kY2jqCMgiF++sVISDiU7KA==,type:str]
|
tailscale-key-bolty: ENC[AES256_GCM,data:c1OC6WgYr18I2mP9NQQ1+ibqN28VNcxNMLanLdv6wnbqBLFUSUqJ8tlHgCI81qS1kzlvuCvZui4=,iv:YuNLgEfvBezS1+P/sKN96h1/88e2xU/gyfkzjIy3vNI=,tag:kY2jqCMgiF++sVISDiU7KA==,type:str]
|
||||||
tailscale-key-vpsfree1: ENC[AES256_GCM,data:RRfWVNXUumS9HuzqTjp/OYwwUy4Ljxd+ymaFWGSuCjWYy5uMyKDyF7FnyzLXD1jeegViM6sXJS2L,iv:b+zNGOP1lAQ7BRg6JetKCvo91hzZhqoYgwiQZzqMnKo=,tag:w+dVamXo3fM7AAyuzKtSjQ==,type:str]
|
tailscale-key-vpsfree1: ENC[AES256_GCM,data:RRfWVNXUumS9HuzqTjp/OYwwUy4Ljxd+ymaFWGSuCjWYy5uMyKDyF7FnyzLXD1jeegViM6sXJS2L,iv:b+zNGOP1lAQ7BRg6JetKCvo91hzZhqoYgwiQZzqMnKo=,tag:w+dVamXo3fM7AAyuzKtSjQ==,type:str]
|
||||||
tailscale-key-vultr1: ENC[AES256_GCM,data:8QKYuSY0/6jtIpaizGpgfyulESqPczw/J/qCDDpYpO/LS+ppRX5avg==,iv:QsKL4NqOUTCWSIxlaXqXbfzhFcAbJTkYXjkc1eCJv8M=,tag:g0vcE23ghCYevEpQsFh50A==,type:str]
|
tailscale-key-vultr1: ENC[AES256_GCM,data:8QKYuSY0/6jtIpaizGpgfyulESqPczw/J/qCDDpYpO/LS+ppRX5avg==,iv:QsKL4NqOUTCWSIxlaXqXbfzhFcAbJTkYXjkc1eCJv8M=,tag:g0vcE23ghCYevEpQsFh50A==,type:str]
|
||||||
|
@ -111,8 +111,8 @@ sops:
|
||||||
eDU3UnhLZWZnYkpwVWd1RWxSOWh3d2sKhtvrXSDt+IU6R9c/kJ9bM1lbmzPZmiXh
|
eDU3UnhLZWZnYkpwVWd1RWxSOWh3d2sKhtvrXSDt+IU6R9c/kJ9bM1lbmzPZmiXh
|
||||||
UYMyAqjLY906HafUf6GkbDTmdVA0CI11jcxtLPxb95tP1IvsG/YFKg==
|
UYMyAqjLY906HafUf6GkbDTmdVA0CI11jcxtLPxb95tP1IvsG/YFKg==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
lastmodified: "2023-04-07T13:56:42Z"
|
lastmodified: "2023-04-07T20:28:35Z"
|
||||||
mac: ENC[AES256_GCM,data:ERIWIFeEq+oTJOKPVWlQcgTiVeiHqGyMGpasgE81nrJCZXX8FzKZgbgIFo4V4P8aqXz8wSrLa3dGEL+H83rkZMtKuvLY7yOqZM/eDkykcKZzoxy17jb1QAtCHknHAu2yYbYujVON7HX0eHxkv75cvn8CwY+r/l+XGqwYnEiAgJo=,iv:NPGIPenk5OjMD49tvGd0PMKPUxRPGKNH9qOg6T5wV/g=,tag:6I65sUmqaU3BFvsNv1wvKQ==,type:str]
|
mac: ENC[AES256_GCM,data:XOHyakwvoL4/YCIbM57pBa/mg8v7BRGF+iV1iCZ4jl+L4TgT5LfA32pQBr46Tuj2eiW9lJUTgk6+09WdEUQiH0CitBe2hciVWVEtc0cKXidw6wh/hrwchuzj9lDGUaROsRuczWon5Md0QolHEzvE9DDJHFguuJw8rK+q0qkRp8w=,iv:3BRBw3ZjqUlx7hH8SW5MrBCbI/8/OGLnFwppXo+nfX8=,tag:WlDhO/Z6UqoCRxHUyKvT8w==,type:str]
|
||||||
pgp: []
|
pgp: []
|
||||||
unencrypted_suffix: _unencrypted
|
unencrypted_suffix: _unencrypted
|
||||||
version: 3.7.3
|
version: 3.7.3
|
||||||
|
|
Loading…
Reference in a new issue