about summary refs log tree commit diff
path: root/users/aspen/secrets
diff options
context:
space:
mode:
authorAspen Smith <grfn@gws.fyi>2024-02-12T03·00-0500
committerclbot <clbot@tvl.fyi>2024-02-14T19·37+0000
commit82ecd61f5c699cf3af6c4eadf47a1c52b1d696c6 (patch)
tree429c5e078528000591742ec3211bc768ae913a78 /users/aspen/secrets
parent0ba476a4266015f278f18d74094299de74a5a111 (diff)
chore(users): grfn -> aspen r/7511
Change-Id: I6c6847fac56f0a9a1a2209792e00a3aec5e672b9
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10809
Autosubmit: aspen <root@gws.fyi>
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Reviewed-by: lukegb <lukegb@tvl.fyi>
Diffstat (limited to 'users/aspen/secrets')
-rw-r--r--users/aspen/secrets/.envrc1
-rw-r--r--users/aspen/secrets/bbbg.agebin0 -> 733 bytes
-rw-r--r--users/aspen/secrets/buildkite-ssh-key.agebin0 -> 3883 bytes
-rw-r--r--users/aspen/secrets/buildkite-token.agebin0 -> 623 bytes
-rw-r--r--users/aspen/secrets/cloudflare.age9
-rw-r--r--users/aspen/secrets/ddclient-password.agebin0 -> 429 bytes
-rw-r--r--users/aspen/secrets/default.nix2
-rw-r--r--users/aspen/secrets/secrets.nix15
-rw-r--r--users/aspen/secrets/shell.nix8
-rw-r--r--users/aspen/secrets/windtunnel-bot-github-token.age11
10 files changed, 46 insertions, 0 deletions
diff --git a/users/aspen/secrets/.envrc b/users/aspen/secrets/.envrc
new file mode 100644
index 000000000000..051d09d292a8
--- /dev/null
+++ b/users/aspen/secrets/.envrc
@@ -0,0 +1 @@
+eval "$(lorri direnv)"
diff --git a/users/aspen/secrets/bbbg.age b/users/aspen/secrets/bbbg.age
new file mode 100644
index 000000000000..ebc0df233898
--- /dev/null
+++ b/users/aspen/secrets/bbbg.age
Binary files differdiff --git a/users/aspen/secrets/buildkite-ssh-key.age b/users/aspen/secrets/buildkite-ssh-key.age
new file mode 100644
index 000000000000..d9587f11df4b
--- /dev/null
+++ b/users/aspen/secrets/buildkite-ssh-key.age
Binary files differdiff --git a/users/aspen/secrets/buildkite-token.age b/users/aspen/secrets/buildkite-token.age
new file mode 100644
index 000000000000..320ee06c0937
--- /dev/null
+++ b/users/aspen/secrets/buildkite-token.age
Binary files differdiff --git a/users/aspen/secrets/cloudflare.age b/users/aspen/secrets/cloudflare.age
new file mode 100644
index 000000000000..4f42ee782165
--- /dev/null
+++ b/users/aspen/secrets/cloudflare.age
@@ -0,0 +1,9 @@
+age-encryption.org/v1
+-> ssh-ed25519 CpJBgQ AVkUs8tuzVlDq3FH/zRrBr5f4KR05fONM6iCluq6hyM
+feS2cxFowSWfDdUQjtmIiMc5338n805yownSZ/ZWfS8
+-> ssh-ed25519 LfBFbQ F67irB+DYQ8WMhaFcO+3o0O0lJsf+tWFZ9cSGSuHgA8
+EKS4zRGUEgeldjxdx4sIsnorWHoeTlXa9LJtNf9lkAM
+-> QvY:XSvC-grease 04
+pBnXsOF6qugcSBp+pw
+--- +g65NbIxu6bVVerS93kYZpEO5ssUZfCD+sZMzOjDUdU
+RTmaF[BÊ0a_&˕=3dlzRVi6-9:U.E	JΙA-qྟ|}}a=H+]mtR%9\Jt|1B
\ No newline at end of file
diff --git a/users/aspen/secrets/ddclient-password.age b/users/aspen/secrets/ddclient-password.age
new file mode 100644
index 000000000000..8d25e3b539bd
--- /dev/null
+++ b/users/aspen/secrets/ddclient-password.age
Binary files differdiff --git a/users/aspen/secrets/default.nix b/users/aspen/secrets/default.nix
new file mode 100644
index 000000000000..26b1998f565b
--- /dev/null
+++ b/users/aspen/secrets/default.nix
@@ -0,0 +1,2 @@
+{ depot, ... }:
+depot.ops.secrets.mkSecrets ./. (import ./secrets.nix)
diff --git a/users/aspen/secrets/secrets.nix b/users/aspen/secrets/secrets.nix
new file mode 100644
index 000000000000..5bfb1c3eb08c
--- /dev/null
+++ b/users/aspen/secrets/secrets.nix
@@ -0,0 +1,15 @@
+let
+  grfn = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMcBGBoWd5pPIIQQP52rcFOQN3wAY0J/+K2fuU6SffjA";
+  mugwump = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFE2fxPgWO+zeQoLBTgsgxP7Vg7QNHlrQ+Rb3fHFTomB";
+  ogopogo = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINoS7PqM8d7xc8nn0yfiPGfRaH8U/nq2Jm27nRO3L5P0";
+  bbbg = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL/VzrNEY47KPTce3dgfORkAbweWkr4BI8j54BAIs7bG";
+in
+
+{
+  "bbbg.age".publicKeys = [ grfn mugwump bbbg ];
+  "cloudflare.age".publicKeys = [ grfn mugwump ];
+  "ddclient-password.age".publicKeys = [ grfn mugwump ];
+  "buildkite-ssh-key.age".publicKeys = [ grfn mugwump ogopogo ];
+  "buildkite-token.age".publicKeys = [ grfn mugwump ogopogo ];
+  "windtunnel-bot-github-token.age".publicKeys = [ grfn mugwump ogopogo ];
+}
diff --git a/users/aspen/secrets/shell.nix b/users/aspen/secrets/shell.nix
new file mode 100644
index 000000000000..6e70458d1972
--- /dev/null
+++ b/users/aspen/secrets/shell.nix
@@ -0,0 +1,8 @@
+let
+  depot = import ../../.. { };
+in
+depot.third_party.nixpkgs.mkShell {
+  buildInputs = [
+    depot.third_party.agenix.cli
+  ];
+}
diff --git a/users/aspen/secrets/windtunnel-bot-github-token.age b/users/aspen/secrets/windtunnel-bot-github-token.age
new file mode 100644
index 000000000000..daae99958276
--- /dev/null
+++ b/users/aspen/secrets/windtunnel-bot-github-token.age
@@ -0,0 +1,11 @@
+age-encryption.org/v1
+-> ssh-ed25519 CpJBgQ YaZ2VHyXofn2qnxRrOYO4yPPu77BEPFq/cbnfa+5WAA
+VgJQoyJVxirvASD0aDsuzmbNJdIP0kpHa5b72Ri7kr8
+-> ssh-ed25519 LfBFbQ cXXW3kQzZL7sU4heujIJGzvfpbX0toL2AgsJl5AZPEg
+mhkKn69c/QeCJhYAFgx/MsHrIrXim3OcjkZ/rrckVLs
+-> ssh-ed25519 GeE7sQ /XcP3pWg+aKF1F0sPu6RpYv3Rfj2J/QI0yjg3Wgfjm0
+d+rsgbMlDJx0VrjD4/nO4UcM10hcrLxcPA3QlY1t7sQ
+-> "0?-grease k}d?h6 |v
+7mV6AFUdCMCrkmLVQaWJPQ
+--- I9Ls9AWMkSFCKw7y4pLoTkeGw7h5iROwXLuUm0nfuj8
+~v8&3\.%$ɺtQ͜},BEh
w96?U
\ No newline at end of file