Migrate torrent to sops-nix
This commit is contained in:
parent
6282e3fed9
commit
f4265bbb5d
SSH key fingerprint:
SHA256:HQgl5VGC4+Yw3ds/0I/DqTge63SPBXvXwhNG/gRW26U
3 changed files with 32 additions and 14 deletions
|
|
@ -15,7 +15,7 @@
|
|||
fsType = "cifs";
|
||||
options = [
|
||||
"username=torrent"
|
||||
"credentials=/secrets/torrent-samba-credentials.secret"
|
||||
"credentials=/run/secrets/torrent-samba-credentials"
|
||||
"iocharset=utf8"
|
||||
"vers=3.1.1"
|
||||
"uid=torrent"
|
||||
|
|
@ -25,5 +25,11 @@
|
|||
};
|
||||
};
|
||||
|
||||
sops.secrets."torrent-samba-credentials" = {
|
||||
mode = "0440";
|
||||
owner = "root";
|
||||
group = "root";
|
||||
};
|
||||
|
||||
system.stateVersion = "24.11";
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,13 +0,0 @@
|
|||
{ keyCommandEnv, ... }:
|
||||
{
|
||||
deployment.keys = {
|
||||
"torrent-samba-credentials.secret" = {
|
||||
keyCommand = keyCommandEnv ++ [ "pass" "torrent/samba-credentials" ];
|
||||
destDir = "/secrets";
|
||||
user = "root";
|
||||
group = "root";
|
||||
permissions = "0640";
|
||||
uploadAt = "pre-activation";
|
||||
};
|
||||
};
|
||||
}
|
||||
25
config/hosts/torrent/secrets.yaml
Normal file
25
config/hosts/torrent/secrets.yaml
Normal file
|
|
@ -0,0 +1,25 @@
|
|||
torrent-samba-credentials: ENC[AES256_GCM,data:dPK2pePHoH+bOvE1NsQ5N6/UncaLCTqpTvQEI0lmYBxCpaI6F14+JwwTYDzqxuNAgLDRDdRINoLQWdkMR8Cwk1AzRWObE6BKHA==,iv:cEImJtn9N3O8RJUYe77BbuDAMbLAzqWu3WVbcM5B6k8=,tag:MXPRfjvqViNa0uvJvH449Q==,type:str]
|
||||
sops:
|
||||
age:
|
||||
- enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBLSE44bFdlQlArMUdwTDdD
|
||||
TVdCdWF6QkVCTzFxRWd0T2xYSWJUWTdEY25rCnRhd0t6OVVpbzNQTDVwNHRybmMy
|
||||
ZlYwdTRpVnFmTG1VbVlnT1ZtSHpMeFEKLS0tIGZNRDU0SFpMS0cvY3JOSnpLR2FK
|
||||
TG1pZGpGRXA3bTc4NDQrWkFLVUxIS1EKrm9NENbpt/moVGrBhVLSOzFtBtLKoOJT
|
||||
A87C8H4SHQ1W61X4Chz+eQdCRCqVUWUXvyOgJsC1cwECjXR177zQ3w==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
recipient: age1tf38ae8yzzzmtjp5cjyemf0a8cksq62dz0x0hsntyhsjk5pq6s6q3v9nm7
|
||||
- enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJTlpSQlFZOFZqZ3BTR3Fj
|
||||
WEV3TTBIYjZaSTd0MVl2V2owbS9VRS81bTI0CkJKQVBtcnhmZ2tKaThocTM2Q29O
|
||||
NHJCczNSY01EeDNZQTdjUjI5cHFnRnMKLS0tIDlUKzkyUHdGbDlhekY4N3NMRTNm
|
||||
c2tmVHBQTWprSVE0eEJGajNPcFJCWTQKPopTbKZuLVxipgl9S4wMzYyjFj9T0Euq
|
||||
t8Yw2jG8s09EeKq2slwBUqev0JpIptwItT/yiuWNQgu70V9Cd7uZhA==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
recipient: age1m37wtvp7fpavaygn2jc6kq2gtuvgvf0jgwwhd3p5862djv5segqs97mg7c
|
||||
lastmodified: "2026-05-23T23:24:28Z"
|
||||
mac: ENC[AES256_GCM,data:3dwyQ1ZBoL/Pq8gqyBhGSLy3HHYCLtP75ezkJQR8ndY8n9yHtkfuR96H6+OkskASReDpFo4HfuYOLSiZZlli4pokYCrdtCbm53kE92L2n5jXWDXur/EIwjHfRe2rsPyvKbhe4zLB8GPQYMsxzHN0iYbO+6/TmPGTzi26iZvLlrc=,iv:Gf5oWQ7foRy1mb41X9+jYXS+20mSJBXWbuFtZP6FRmk=,tag:jigFUiga1zHJ+xLE4ObZTQ==,type:str]
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.13.0
|
||||
Loading…
Add table
Add a link
Reference in a new issue