Migrate torrent to sops-nix
This commit is contained in:
parent
6282e3fed9
commit
f4265bbb5d
SSH key fingerprint:
SHA256:HQgl5VGC4+Yw3ds/0I/DqTge63SPBXvXwhNG/gRW26U
3 changed files with 32 additions and 14 deletions
|
|
@ -15,7 +15,7 @@
|
||||||
fsType = "cifs";
|
fsType = "cifs";
|
||||||
options = [
|
options = [
|
||||||
"username=torrent"
|
"username=torrent"
|
||||||
"credentials=/secrets/torrent-samba-credentials.secret"
|
"credentials=/run/secrets/torrent-samba-credentials"
|
||||||
"iocharset=utf8"
|
"iocharset=utf8"
|
||||||
"vers=3.1.1"
|
"vers=3.1.1"
|
||||||
"uid=torrent"
|
"uid=torrent"
|
||||||
|
|
@ -25,5 +25,11 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
sops.secrets."torrent-samba-credentials" = {
|
||||||
|
mode = "0440";
|
||||||
|
owner = "root";
|
||||||
|
group = "root";
|
||||||
|
};
|
||||||
|
|
||||||
system.stateVersion = "24.11";
|
system.stateVersion = "24.11";
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,13 +0,0 @@
|
||||||
{ keyCommandEnv, ... }:
|
|
||||||
{
|
|
||||||
deployment.keys = {
|
|
||||||
"torrent-samba-credentials.secret" = {
|
|
||||||
keyCommand = keyCommandEnv ++ [ "pass" "torrent/samba-credentials" ];
|
|
||||||
destDir = "/secrets";
|
|
||||||
user = "root";
|
|
||||||
group = "root";
|
|
||||||
permissions = "0640";
|
|
||||||
uploadAt = "pre-activation";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
||||||
25
config/hosts/torrent/secrets.yaml
Normal file
25
config/hosts/torrent/secrets.yaml
Normal file
|
|
@ -0,0 +1,25 @@
|
||||||
|
torrent-samba-credentials: ENC[AES256_GCM,data:dPK2pePHoH+bOvE1NsQ5N6/UncaLCTqpTvQEI0lmYBxCpaI6F14+JwwTYDzqxuNAgLDRDdRINoLQWdkMR8Cwk1AzRWObE6BKHA==,iv:cEImJtn9N3O8RJUYe77BbuDAMbLAzqWu3WVbcM5B6k8=,tag:MXPRfjvqViNa0uvJvH449Q==,type:str]
|
||||||
|
sops:
|
||||||
|
age:
|
||||||
|
- enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBLSE44bFdlQlArMUdwTDdD
|
||||||
|
TVdCdWF6QkVCTzFxRWd0T2xYSWJUWTdEY25rCnRhd0t6OVVpbzNQTDVwNHRybmMy
|
||||||
|
ZlYwdTRpVnFmTG1VbVlnT1ZtSHpMeFEKLS0tIGZNRDU0SFpMS0cvY3JOSnpLR2FK
|
||||||
|
TG1pZGpGRXA3bTc4NDQrWkFLVUxIS1EKrm9NENbpt/moVGrBhVLSOzFtBtLKoOJT
|
||||||
|
A87C8H4SHQ1W61X4Chz+eQdCRCqVUWUXvyOgJsC1cwECjXR177zQ3w==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
recipient: age1tf38ae8yzzzmtjp5cjyemf0a8cksq62dz0x0hsntyhsjk5pq6s6q3v9nm7
|
||||||
|
- enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJTlpSQlFZOFZqZ3BTR3Fj
|
||||||
|
WEV3TTBIYjZaSTd0MVl2V2owbS9VRS81bTI0CkJKQVBtcnhmZ2tKaThocTM2Q29O
|
||||||
|
NHJCczNSY01EeDNZQTdjUjI5cHFnRnMKLS0tIDlUKzkyUHdGbDlhekY4N3NMRTNm
|
||||||
|
c2tmVHBQTWprSVE0eEJGajNPcFJCWTQKPopTbKZuLVxipgl9S4wMzYyjFj9T0Euq
|
||||||
|
t8Yw2jG8s09EeKq2slwBUqev0JpIptwItT/yiuWNQgu70V9Cd7uZhA==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
recipient: age1m37wtvp7fpavaygn2jc6kq2gtuvgvf0jgwwhd3p5862djv5segqs97mg7c
|
||||||
|
lastmodified: "2026-05-23T23:24:28Z"
|
||||||
|
mac: ENC[AES256_GCM,data:3dwyQ1ZBoL/Pq8gqyBhGSLy3HHYCLtP75ezkJQR8ndY8n9yHtkfuR96H6+OkskASReDpFo4HfuYOLSiZZlli4pokYCrdtCbm53kE92L2n5jXWDXur/EIwjHfRe2rsPyvKbhe4zLB8GPQYMsxzHN0iYbO+6/TmPGTzi26iZvLlrc=,iv:Gf5oWQ7foRy1mb41X9+jYXS+20mSJBXWbuFtZP6FRmk=,tag:jigFUiga1zHJ+xLE4ObZTQ==,type:str]
|
||||||
|
unencrypted_suffix: _unencrypted
|
||||||
|
version: 3.13.0
|
||||||
Loading…
Add table
Add a link
Reference in a new issue