diff --git a/ansible/inventory/host_vars/borg0.sops.yaml b/ansible/inventory/host_vars/borg0.sops.yaml index 403902b..3302474 100644 --- a/ansible/inventory/host_vars/borg0.sops.yaml +++ b/ansible/inventory/host_vars/borg0.sops.yaml @@ -1,4 +1,4 @@ -ansible_become_pass: ENC[AES256_GCM,data:WJTbhfgwWhHEAAEbIlY=,iv:+xtFHPlTUAyqlYNCSD7HcuoJUnqTPM2addvmpFGtvu8=,tag:UzYvQTt1QNgnfUAmpD5ESQ==,type:str] +ansible_become_pass: ENC[AES256_GCM,data:dRqmKsG8uSqvHDFAzWY=,iv:HMCZ8h38z77Tj6Lhmz3PiDxl7SGweKXISATI/A+33gI=,tag:+HwcbwGTc4pkjUXmHBrVpw==,type:str] sops: kms: [] gcp_kms: [] @@ -8,14 +8,14 @@ sops: - recipient: age127vrhmu8g8sekvwvv7jkf23txad3cc48l5egvuvvr8tlsvyf2fsqq0y326 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBMUTdhM1hidHJQQ05OM1lJ - dVZNd2liTFlYaXdQMzQ3YmJDN0psYU92WHg0CnBPN0dYTlA1U1lvcHJDZ1lBSlF2 - ZXVHRnZwSkZWV2J1TWI3TXozUUdSR3MKLS0tIGxRTzJVS0VxQWhWcldUUDc3WGlh - aU5JOTlrQTdtRFpnS1ZRcDZRRExpNWcKDkwGmPfIkTnZqjid51Mqmp7PPrB1kIOI - tj8CI+49l+lrm61iYKhLhzYad/UN1TeNdL1ziDJNwWhG6OZP6Mk8BQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBsZ1c2SEtLT2dGWHZWNmZH + UXNNc2h5ajNBZkgwcTQ3N0FXMGVzK2NCQ0E0CkNKcjZtaGpDeWdSeWVjeUs4WVFt + RXhxWUhRZGdVTnc3ZzdoV3dteS9raTAKLS0tIGFscnp0SFlXZld3WEJPRFh5T3Bw + VzRXZFBRWFRtTHhXcWtqMC9RRHp3VGMKLNnItYCM3c+lIufnusIOTNxW8cTzyVcr + blRH7pKY2Z2VsNQE5rVRWIocI37Px9asAuY0T2OPJmYkozjH6M2a+w== -----END AGE ENCRYPTED FILE----- - lastmodified: "2023-12-16T20:44:28Z" - mac: ENC[AES256_GCM,data:NwnK8ZGTfieVnafW+vWbpMwB9W7jKXp7MYO80DiUCFNsdm6uxCsJUZoCjFuJoXYY6pNeHbBQ74UYODl+iex9ZTUxGKwd9AGFOS5i/FkiPKKbX28Qn8kUwt6x2gpz18y5hWpHz2p/zVSYkSX7vGmQG5ribGR5lESWhTbsP8YX5eY=,iv:AVCVM+mgjTnNybyNcAnbxsECKzjZDiVeoGnDrDS4ttI=,tag:NlwnWi9awO425PQoKfi5Yw==,type:str] + lastmodified: "2023-12-16T21:27:52Z" + mac: ENC[AES256_GCM,data:om1Rujob+HzvIxdW4+/frflB+omSUlytv6Ahy/HpEsKAnnExztp5sjenvBg2mzS5pHhYdgnN/Yj/F93h7CWtQjlqutEKAk7VFoVHKlpvHq3KBmGQvWKOFduRieGPmBxH1lrjWQN+5WtR7R5aBuMQFmmT/SykDX/n1g0Wt3n+JDI=,iv:5C5h3kYzXb7UA7EVs96IHCORWaY4YLJ7LvumJHBP8CI=,tag:IvUBU/uXR7Q85gW+pflXLg==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.8.1 diff --git a/ansible/inventory/host_vars/borg1.sops.yaml b/ansible/inventory/host_vars/borg1.sops.yaml index 8cfb50b..d8f0022 100644 --- a/ansible/inventory/host_vars/borg1.sops.yaml +++ b/ansible/inventory/host_vars/borg1.sops.yaml @@ -1,4 +1,4 @@ -ansible_become_pass: ENC[AES256_GCM,data:KMb3L2ZJndMsFtGWPWs=,iv:sQT4uUQADFmpGmnXODBq7WgOH1B5njyBRtOP/1+JJwc=,tag:5o3hNHmCuKPWRgH2bgvU9A==,type:str] +ansible_become_pass: ENC[AES256_GCM,data:KQ+aOt+b+TW9sE9czIE=,iv:Vtp579EpkzVhw+yrAS/o9LzjVlEnqfC8xzsKWJItFOE=,tag:u7JRs3lNi+Q9hg0W2H5TDg==,type:str] sops: kms: [] gcp_kms: [] @@ -8,14 +8,14 @@ sops: - recipient: age127vrhmu8g8sekvwvv7jkf23txad3cc48l5egvuvvr8tlsvyf2fsqq0y326 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSArTVNaMkYxUlNFWnVnUnRI - NytzZnFQVUNIT2JKczdPS2Qwc2FzRFVrdGowCnBBSGw4Z2V4RGJXNjQrUHdWbzJ5 - T2FvcmRqQWIvR0xiaVYzVmZ3RnViNHMKLS0tIGduZ3V3V1dKZXNmbXRnOHVieWp6 - RHlVN2ZwWElXVjhxTUdoakVYd09OUm8Klk8aWCkfxf3kb6kzK5l0P14+wh3MAxPv - sdFY375RjmYHyfk6miVoziUp3ch2s1iSHI4mythqJxpfn/6eQ4OxtQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtT1crMm4vOHk0dXk2ekdD + TFpjOW1xdFdOdkRQNm9FN0E4K3hoOFV5ank0Clc1TzJEVmpLcnhHTUIzM3NTZWR6 + TFhQeXF0Ynp0eXdvQ1R0Z0FkampGaE0KLS0tIHdRaTNrNm9jRXRMU3ZuOExxN0dZ + MjdwVHZXN2tWMXJQQitGcmtabUEySTQKpF7J+d8M9wXE7Ihkzo9dnHSAgUnh4YWu + YlHJ4ISr8Jz6o7kmp2w7WOKxYU4wOuMpBX7b3sjPJx4Bkpu6lAE1vw== -----END AGE ENCRYPTED FILE----- - lastmodified: "2023-12-16T20:44:28Z" - mac: ENC[AES256_GCM,data:6FV1zbB61sl0ylVSIwC14Hgs0NEVZINmQN/GL4t60QVIVVIsdrjEsaHZpheP+VA9pyzrFgYJF2Txg/xgEiW6If9KuKcCWltrCWV+tmTtYGiKdHVfSSsxdzH6BeZP1ALrAvHvg/tBqoYGzoc1TUfma/jGDIbVuGMzcbkoFLZ48qs=,iv:wN1LFFXqJiIm312yrUIxg3Udt1AuDcdCfDGt/VuOOw4=,tag:1aLT6c+cGfbZQ2NUNKy6mA==,type:str] + lastmodified: "2023-12-16T21:27:53Z" + mac: ENC[AES256_GCM,data:Cl06i+O4F8jHpzZq5Q0Q1jY+3yZjAKEepWO2P/BFEfZXvEeM/QOv4r3qkSpyCC1mvp7M4/fg6nMi9jf95r1RT9cPRRHBvjZgR9BrQpJLvLt2kFW9T/axlaScR+xav8cM1LiB+U1QDbMnvMVQIcUehliXtQWmPpQPqsH9mknix9M=,iv:rJN7f+mHle67KYvhDQBtYAb1NPe9hXrVe4VYVd9vXRo=,tag:RlSTV9oa3ikcJfUV6g23RA==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.8.1 diff --git a/kubernetes/apps/cert-manager/cert-manager/issuers/secret.sops.yaml b/kubernetes/apps/cert-manager/cert-manager/issuers/secret.sops.yaml index 41721d7..83d10af 100644 --- a/kubernetes/apps/cert-manager/cert-manager/issuers/secret.sops.yaml +++ b/kubernetes/apps/cert-manager/cert-manager/issuers/secret.sops.yaml @@ -3,7 +3,7 @@ kind: Secret metadata: name: cert-manager-secret stringData: - api-token: ENC[AES256_GCM,data:WHGw8Q66LiT5np/TS7BsZyXNEalyku2qdpKUKSIv8BG3GX9L6li80g==,iv:C1lPfggJZ68HzLHw5RlGxrIBP4yQXJXP0O8nqLgrCNg=,tag:MmHBmRm6vwc6zMNNPQ5CBA==,type:str] + api-token: ENC[AES256_GCM,data:DIUX4LmKIMulzSNTnSggCNN8gS8+YSzJ3zxDA8tF0PRpF0yeHBwpEQ==,iv:7RN6AyROBHOq9mrfUyCYF3UZYnewLQi2B1rQNaGgD2o=,tag:DVMJEATNVsPay+UwAWhbNg==,type:str] sops: kms: [] gcp_kms: [] @@ -13,14 +13,14 @@ sops: - recipient: age127vrhmu8g8sekvwvv7jkf23txad3cc48l5egvuvvr8tlsvyf2fsqq0y326 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTdndlNTVER09JZkpSTDdp - dGxBeEJtQ0lhVGRvM1c4V1RRNUozeVN3dldrCjRnZHBBalU1U3JuQUt3ekJOZXlu - RmJ0ZlVmRXE0bUo1M010TW5aQ0hGbUUKLS0tIHQwWVFGaTZQM3o4R0ZHSlRhS1h5 - T2dDYkRwRVlRc1IzSXpobmhLZUU2dm8KaSgIAfsB0XXJTkKsMx9l7GSIjtoWW23k - rbEiwclB1491cmnR96MnJRzT51tMM4K3ZB1UNW0gM5dOkAqrboNeEw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwZDFJQ1FLRitpZHRBVThL + V0NKa3NsNzlWTlBXemQwYXZORkxlMjJjRmxnClk2ZUJUeTRZZjQzaTA5ck5vRmVL + MEh3RjhPT1cyU3U5SlNsNGcwRWM0YW8KLS0tIEo5ZFl0T2R5bklGc0QzZXN0andT + Q0hZVFRJVWE3T0FUY1h1eFFIcUwvbjQKJ32vbDKHkhcB+BWHKaACMlZ51Zpq3zYj + I3KG2DfJ9Vy3NJRvi6ORpHICm1eKQt4TWEwOS+ZUJGYfdQbrGxXNyw== -----END AGE ENCRYPTED FILE----- - lastmodified: "2023-12-16T20:45:47Z" - mac: ENC[AES256_GCM,data:46Jx2FTVt7O3InL96z82xKoFNiaQoGoNIEJQEADCEL04Zgc05GY4aBg0lHsAKfIIWPcus1s4PFo7R5Dc162/rz0fr4Ugc7oQwsqozcXvhwPBqzepv7JDJCXfE4hlNhtInHF8BIs1XgPsP/GZwNkrdRbSZa7ikbFJUc/3AmU8CeQ=,iv:YtT1skchXIpRmXThCPVoq3+LDX6Maj2lPjkeW6TPtpg=,tag:I8Ch2v9ptg64PFs8gfhQPQ==,type:str] + lastmodified: "2023-12-16T21:29:18Z" + mac: ENC[AES256_GCM,data:vcgVVPvAUlUG55b/NxygQiH+QvL5cVvTqEYKkKkl0fDjILw9vKKI4rWB97PgKUC/szup1vrT0PY0m+KdUFztFcQ6ehNiw/z1vC8kAQTyCPXhpg7MCzwPAuDlI0GtLpd3wx79sGL60UH+7V1GPMC3iT1ozb9PlQ9xdlJkJGUX/Lo=,iv:1LEjdbL0wGTRwaIfyQYKgKURd51gl1C8pWGkPmMOoOQ=,tag:kiB6G0S6fcWIGtiWjyc69A==,type:str] pgp: [] encrypted_regex: ^(data|stringData)$ version: 3.8.1 diff --git a/kubernetes/apps/flux-system/addons/webhooks/github/secret.sops.yaml b/kubernetes/apps/flux-system/addons/webhooks/github/secret.sops.yaml index 3bc8087..e1159ee 100644 --- a/kubernetes/apps/flux-system/addons/webhooks/github/secret.sops.yaml +++ b/kubernetes/apps/flux-system/addons/webhooks/github/secret.sops.yaml @@ -3,7 +3,7 @@ kind: Secret metadata: name: github-webhook-token-secret stringData: - token: ENC[AES256_GCM,data:Bj5GFdHCC3rIJ9v7Jxu5yIrLc6Ejmpu6,iv:od7A7qFtlTpA8kv11+ggGaLoAnRDioSggWwz0uhLpY8=,tag:Ysacoht5u4zsOdGZ1B10Kw==,type:str] + token: ENC[AES256_GCM,data:oHbVaYB0KDbmkLZnjo4gVTY8fIgKBm//,iv:dIqPdrB591jGY9dHqLLJtAkTH1r/3/nPT7dk1moTvyA=,tag:EAL7si/vt2yRZnCLmtdcrA==,type:str] sops: kms: [] gcp_kms: [] @@ -13,14 +13,14 @@ sops: - recipient: age127vrhmu8g8sekvwvv7jkf23txad3cc48l5egvuvvr8tlsvyf2fsqq0y326 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBLN0xubThXRmpWelpEV3Np - VkttV1F6RWZzVFRCY0pQWmVzWmF3MG5PMFNJCmtiSzJ4YnpHSFk2dGFZc0pGVitC - N1VQMjBzbUNraWMrd1RUeXQ5YW13UGMKLS0tIFNSNjd6YVNGRFZSTEtPVmtmVFpP - OFVoTUdXVUtKQXJZSzNIdldjM0ppNUUKtcjVppssZijSCvQhAUrKazmzO+GnpAuZ - z2Mji1sy/B6PNmRZgXz3AiuP7k3P+M+d3c88HJPe24VHmYv21XCVKw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPMms3L1BVbXgyWDgxVzJF + ckc3OU9heEVrd25BVjBOY1pqMXVYVmxQUlc4CkJJcGpqdHRJdmdZbU9udTlIT2pU + QWpuWFZuaDY2eGFQOGMxdGUxQ1pKY2sKLS0tIHNMSlNaa2lJSnI0Y0V6Um9rOEpI + QzN4QlN5WXREVXVySjcxdDlYZU5YbEEKFk1tNiQROovzCOiFw7vEsvq9PDm6Xros + iZbM6r2qfxz0XaFT9fuiBedN/WdhHNhDRVeilFp4nfgt3W2KtMjWvA== -----END AGE ENCRYPTED FILE----- - lastmodified: "2023-12-16T20:45:46Z" - mac: ENC[AES256_GCM,data:QRyDbGeQQ6tnAyGWOzgCzlYOBrnZda9YtBrash56/wqAFobjCKr0a6FlD77lPx8v7XatgfMrrALFNz3bkrcIUDpCVaQ5pDfSgm7JLlp7tZOCPinWS9DAspTMr1bnSkT1H5ZGnJwV6eD38Gf35wELiWwG2t2bhtqNoepwQeU7hrM=,iv:ZoZrFa5IQ+ZQbSMH//iFX3Apq3H9W31r2cCV9uot+AE=,tag:IauKF/S0LK4tQt5yWDSx4g==,type:str] + lastmodified: "2023-12-16T21:29:16Z" + mac: ENC[AES256_GCM,data:Aqrt2a4ng79EyVjWzzn0nejTOnZMeENtXGiE9rwJy8GVSaNGD38SIbMwBJf0JWueNTJtCSPs36Tc4b/VXZKRCN7anWWTQk0b5kuabzkRuyqUzOFaC4RuQGxSel8MbFC2SOVpxzPHVeE2AW8DGCW2VmfE2AqY/FfpC4+gMkcPejE=,iv:rQ1GI70w3deIp7lCaJ6B1Pr6lK+DrzyNJe7uMPotFDY=,tag:1D17C4knLqmJuVAcihbr9g==,type:str] pgp: [] encrypted_regex: ^(data|stringData)$ version: 3.8.1 diff --git a/kubernetes/apps/networking/cloudflared/app/secret.sops.yaml b/kubernetes/apps/networking/cloudflared/app/secret.sops.yaml index 0f6a41e..39b4801 100644 --- a/kubernetes/apps/networking/cloudflared/app/secret.sops.yaml +++ b/kubernetes/apps/networking/cloudflared/app/secret.sops.yaml @@ -3,8 +3,8 @@ kind: Secret metadata: name: cloudflared-secret stringData: - TUNNEL_ID: ENC[AES256_GCM,data:mhWPo+wYvBw9pqBTNY5M21E+hq3Oqjna4uCX/v3+u7eMq7oo,iv:q/TtY6ZgPrefJ4P0tvu3oYbVsHTw9nqxyoIORAnL+aw=,tag:NwWx6h+xJQQCLZL7aRSIsg==,type:str] - credentials.json: ENC[AES256_GCM,data:oc9jaEXqi9NLBdF+TGH9ZxhVk0u/IUlNrGyJiWyop/8sgY0WI3s2nBeVNpOB1Gv3i9SAfHdMNp1bCO2A+/u9kNxCxxGHJWKy1FJ47LWUVgnmaMYHJtCzIfGDW2BLc46pA1zGjgricBG+ToduBWinLWwREMQqCQiqDF81K5aumgsnZHovSgcx/tu49R8os29Km8vdp0eD7oAfssTi+ukO23etxP7jZWSWWXbZyVH5gA==,iv:BSWws/Ae+iIhnk6KZCAOvVNRfh49HB2SCFJcIK5v8pc=,tag:/hMthwXOo5FnPMs13Lcs9g==,type:str] + TUNNEL_ID: ENC[AES256_GCM,data:mRsu/F8u4pfE8moQXWEifwIRZsxb7gapi5dC4Plh5594WXs8,iv:U6NqPegJIHsw1WcooPWwMuBrhD4M6Ey43UXArAVROYQ=,tag:VIq0hyLMmhxZ8rOFRdJ2JQ==,type:str] + credentials.json: ENC[AES256_GCM,data:+Um4iZkW2AhWOwk6V424DOsWvVYFnvQcz/ZQx5ShHbmEJ4MRZmJ/TEcAsZ43vr4LGAiw4bUgzu57b6uMwvXR9z/4HTYGPoSN6tj1wKPoow7/QzeVvisR6DugZD3CmlCWdqxM71r0Efj/FXs2qqOZINIoKswjJN5APY1y+9ksE9dabhvUCFEkopiN61y3Fg3FFPkx4aUxNOYQWk0cwMMcUy5nd+W5Lvub9HTdX9J8CA==,iv:mPeGHKGqY4kNMjMziWNj6kUczKhxaHPMsnC4PpCTOf4=,tag:W6/l9wpoMmsfPOtwOWLN8w==,type:str] sops: kms: [] gcp_kms: [] @@ -14,14 +14,14 @@ sops: - recipient: age127vrhmu8g8sekvwvv7jkf23txad3cc48l5egvuvvr8tlsvyf2fsqq0y326 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBLQ2dWOFpoa3VmQnlnZ1B1 - eVdZMVZpU3dxRjdJbm5TYmRKR2tuallNcFJRClRMUFFDMGVxQ0ZwU2RCVDJ5ZTcw - ZG5aR0YyTGIwTVNFTFdldGQ1RElyYTgKLS0tIDAvMU9JRlk0UzV6SEsxVWZaNjQ2 - TGdoZ1ZocnVuWUtwZzIzTDBmUFJQY0kKJM1CiLp6ul6634o/MfDXvdy2nAU3kk16 - X+UfLV+2NBkChgoOUB3TvA/Fq3u716R31szmJ818M450qPTQ/AO7Tg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBqYXlpSHVGMk50UnhTM1JM + dnVZVkRyZWlvWEd3V0VHQ0VrcHdZY3ZqNmc0CmFCV2lzYWxIbEUvbHpVaWJTdXN3 + ZGU4eXNBV2tQaGtnWUMrVks2SzBZWkkKLS0tIDFmNkZOV0FMa0FMNjZLUjhLMDBU + TmhMa0tWR3dqSWxoT2ZBaXNwYS9PTGsKEmLSsWKvsjS4El9m37ay7ftKRWSKATyi + m8Pn8QDqDyzUCqBg/qUed6pA/z3Tytnm3zCluxakQTRiGa2QBAHe/A== -----END AGE ENCRYPTED FILE----- - lastmodified: "2023-12-16T20:45:47Z" - mac: ENC[AES256_GCM,data:CfyqsF30Q0SoD+q/XKOrouJQgLxi493A0wfqVZYEm1oFvvCMq+vaiwECriF8wXCfGXcD3EgtdmXu+H9bvj1QZuCiu2hHYm/wBl5wNZEyOFFBXw8umHU5rYrqgiGOSKSfBA2yN8Vm/WejwMNofRs2wxPs6Ub/VLnFWxas7YwprBc=,iv:WJbDboB2xo//B57FtkCXV8npR1XMq0gVfnlDbBU/Qwg=,tag:1rHMJouf6KyKy7tV6DDP1g==,type:str] + lastmodified: "2023-12-16T21:29:17Z" + mac: ENC[AES256_GCM,data:mVIz1FczMl2XNmjZHdYer1tLsYOn+tIjkLHjvklO8Eo3O4txQF2XKImPVjM5n+YNZykqtEdm/7mNx6WRbP1v1ToCWiSorg6GtUdeDGLBtN3MaVB80qjI8mcHZ93SLMeJEjnzWDgNS8/Dw2GYqWAnlJEM4cjOQspP77TE9rh9ivA=,iv:8N91eEfUR+zLR8M+gpDle9VBO7O7d3MCwSjcd75l8D4=,tag:o0st/HXoxnrUlLfF7JkL3Q==,type:str] pgp: [] encrypted_regex: ^(data|stringData)$ version: 3.8.1 diff --git a/kubernetes/apps/networking/external-dns/app/secret.sops.yaml b/kubernetes/apps/networking/external-dns/app/secret.sops.yaml index 045ab93..d84725c 100644 --- a/kubernetes/apps/networking/external-dns/app/secret.sops.yaml +++ b/kubernetes/apps/networking/external-dns/app/secret.sops.yaml @@ -3,7 +3,7 @@ kind: Secret metadata: name: external-dns-secret stringData: - api-token: ENC[AES256_GCM,data:RwD27HlAtvBcuQex5YnoYY5zGoomTfvD0rgDjFg3h2d9eJrZiVrP3w==,iv:qbIUl+N895OvOBTJKwAJq8N38y60BVs9OrORKRjDVZ4=,tag:LS5x1cBTxxSxR/Ltxril7w==,type:str] + api-token: ENC[AES256_GCM,data:aVVtePWxtyALRJ77NlVYMKYF2s7ypA9g2FY3+M53cC1actNP/kK6JA==,iv:WhRYxbayDJvlsztELUpuJDwNEBh+2WVr6olmOgNAQ2M=,tag:6VlwA+YhOSXeW4t9LF19Ig==,type:str] sops: kms: [] gcp_kms: [] @@ -13,14 +13,14 @@ sops: - recipient: age127vrhmu8g8sekvwvv7jkf23txad3cc48l5egvuvvr8tlsvyf2fsqq0y326 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmZWtwT1liWmFnenE4dThM - ZU1PTGljV3VKRXc5aUN0b2FTUWJ4dldmZ3pVCjZwWnIxcmdadEtWbGJpOHltK0h3 - TFhkWExlWlBJNlFETGhheUY4VjEzc1EKLS0tIFhsRVRFU3pMQWd4NjRzS0k0STVv - WmpuazN1QzJ5MUhzNnlJSEpOcWVSaVEKBFSA6lGxWbVn9BXK5AGlFnuWt8NPP1Fu - Nd9TySZBvwolHi6kjipRrkXYEhq/h+DsKzeJlI8+wfQY+fWlOHIYfg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBsNUhSdFJ6eEt0WjNyZHUx + bi93ODRRcnU0RnlHNXBFVmIvRTNMZHpqSVE4ClNZZk1HWjFPQmNPRHRZSVVVbUcr + TWZscXJ3M0ZnaEFTMXpnUnRjUmp5NzgKLS0tIDdCcTZSbk5jNW02N3hRZk5MUXIw + WC9xTEZoV2V3ZDhMTlFlUTJDTGdIck0KAq8TfHObn85kJ7v94k3WMjnSF8o6Toon + YfZyiEtRb6aWNh8IxXmQ0uiAhPSRCI7ZHteDqiw12+mf2qObIdQnkA== -----END AGE ENCRYPTED FILE----- - lastmodified: "2023-12-16T20:45:47Z" - mac: ENC[AES256_GCM,data:CtWA1aqFgEWFZ9RjMaKiueybNed0msvlGlJZhuY3Q4UI5bQwRhNorZ+RndG9KkaIei6Q/igNTpdYxAcA9o7KqXyy+0R/1+y9IIkyWkZXMEGsXC8SXUm+KYeIPatGWre6PmNxhnaN9uMy4aCakVZQ0c7+cbqQqFAufPZloyxwZNc=,iv:0rewgO3P5RTugl1h3U7VFbZKVzvwnJW1UeHLY9sCK4M=,tag:HefmY8/xGVYGUJwWnwIwnA==,type:str] + lastmodified: "2023-12-16T21:29:17Z" + mac: ENC[AES256_GCM,data:alyKFw+SLISRxZF0R8uKiBYzGvmmWPoqmMSfGsJFT2VbOmDvUxZUTCbi1kaRafkTNf2MUDKrkWho9C9c1Wdnge0M/YMM5V89rjGL/CFmVcClloFIxKE0P6nxJ3Y8IJjY21zQ5jSRcCGEwlxx/Db2pQ6bt6IknkQGzZb+StHlEEs=,iv:6aakK64jkXqSIc3SE5R7wIW3acygfIch9s/aNNOC6wE=,tag:koVwLY3+xOTeCpdyZa2i9g==,type:str] pgp: [] encrypted_regex: ^(data|stringData)$ version: 3.8.1 diff --git a/kubernetes/apps/networking/nginx/certificates/kustomization.yaml b/kubernetes/apps/networking/nginx/certificates/kustomization.yaml index e789258..f58e4a7 100644 --- a/kubernetes/apps/networking/nginx/certificates/kustomization.yaml +++ b/kubernetes/apps/networking/nginx/certificates/kustomization.yaml @@ -3,3 +3,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - ./staging.yaml + - ./production.yaml diff --git a/kubernetes/apps/networking/nginx/external/helmrelease.yaml b/kubernetes/apps/networking/nginx/external/helmrelease.yaml index c282e42..f1d8b14 100644 --- a/kubernetes/apps/networking/nginx/external/helmrelease.yaml +++ b/kubernetes/apps/networking/nginx/external/helmrelease.yaml @@ -73,7 +73,7 @@ spec: namespaceSelector: any: true extraArgs: - default-ssl-certificate: "networking/${SECRET_DOMAIN/./-}-staging-tls" + default-ssl-certificate: "networking/${SECRET_DOMAIN/./-}-production-tls" topologySpreadConstraints: - maxSkew: 1 topologyKey: kubernetes.io/hostname diff --git a/kubernetes/apps/networking/nginx/internal/helmrelease.yaml b/kubernetes/apps/networking/nginx/internal/helmrelease.yaml index 7aad6ec..d3e45ca 100644 --- a/kubernetes/apps/networking/nginx/internal/helmrelease.yaml +++ b/kubernetes/apps/networking/nginx/internal/helmrelease.yaml @@ -70,7 +70,7 @@ spec: namespaceSelector: any: true extraArgs: - default-ssl-certificate: "networking/${SECRET_DOMAIN/./-}-staging-tls" + default-ssl-certificate: "networking/${SECRET_DOMAIN/./-}-production-tls" topologySpreadConstraints: - maxSkew: 1 topologyKey: kubernetes.io/hostname diff --git a/kubernetes/flux/vars/cluster-secrets-user.sops.yaml b/kubernetes/flux/vars/cluster-secrets-user.sops.yaml index 916e3f4..d57dcef 100644 --- a/kubernetes/flux/vars/cluster-secrets-user.sops.yaml +++ b/kubernetes/flux/vars/cluster-secrets-user.sops.yaml @@ -4,7 +4,7 @@ metadata: name: cluster-secrets-user namespace: flux-system stringData: - SECRET_PLACEHOLDER: ENC[AES256_GCM,data:cT5zz/IfnxAmrc97,iv:f0Age0gc2X5AzoJnuPcPKNXJHvDfa2XWRlQ3hlm9hPg=,tag:7GADI58do3ut9ceE+GLmpQ==,type:str] + SECRET_PLACEHOLDER: ENC[AES256_GCM,data:W7fByVgU00SNiLF9,iv:dpwjKbFPkWRSnBGFjyn2jplEPfi8YxvOUkE62GRQf7Q=,tag:vEXnOr/Ntdht/hm2chJaIA==,type:str] sops: kms: [] gcp_kms: [] @@ -14,14 +14,14 @@ sops: - recipient: age127vrhmu8g8sekvwvv7jkf23txad3cc48l5egvuvvr8tlsvyf2fsqq0y326 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBSWFZVzRobzdJYVIyZ3F6 - eERWbjlzb1loRFhaNjRwaW1PSlFQajZrN25rCjdxVGhnZlRaS29MWW9wbDV1Mlow - MWhLS3NBd1Y4YTBFRm1qSVgydFpOY3cKLS0tIFQ3SHkvSGtuMEFCVThDOUZDRDF4 - SHlZVWIwR2hDZWFPY2UrQVkvVVJ1TGsKlTwQkMoxN0owVVMr+4HanBQxxwCvFTGk - H2by66F3g36tVj0c1pwBhW7kq6+Qmvd8ZHEHsTxcQ68FRbPTxZGebw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhREVZWjkrcmRmbnlOSDlI + OUVuWFcvOFI1QUZsZDdtN3REQTZJTU9CNTEwCmw3cnJpazNIdlQ0R2dWWlM4aE8y + aDV2R296aUZyVEdUVGlDSG9FanY3bVEKLS0tIEs0VTVzbVlENUFTbW1TM2Iwb2dR + WmVOVGNXei9VbXpXYVRyZVFNSjJxSHMKgtz2ErTpxDXSF+vba6Kte/t4A373CF5L + HC0NdGTZVmqbnWi35m0EhxH9FyjVHUDq7jKdUXc5r3GPG5Lb6h8bIw== -----END AGE ENCRYPTED FILE----- - lastmodified: "2023-12-16T20:45:45Z" - mac: ENC[AES256_GCM,data:t05eB5mXogiikoN7nxoS61k5rIJIanmZCXHvtIalq9ZNaMQDM6hH6hJTKB80HviKUigJJyrL/k98grzAM4t2xfovAmyX7DPb0OAzILZ7rWRU5jwe/4M32VqrtC8x1CD6g62NDm7NP9IHY50/hINquPjnWjh1FMWWoNDxIEMJxU4=,iv:hJbCmKyMeCN2HJLexQprU5EBeGG60LSox69upKQYTC8=,tag:bbfVKCv8dfg2c/viAPg2Vw==,type:str] + lastmodified: "2023-12-16T21:29:15Z" + mac: ENC[AES256_GCM,data:ihcqKKOR/RmArxxDxJn+ocZiIN8vv8MspqVI4fj0Bd1J0BQEUTzDks/gQ6MbH67s9VZhKvmHcMHmMOa88ZJ1nUvQc2CvCQ8SWujE9d7Ezyd/TNXr8imfakeJGnUuxxWTDJ4uZP6Z5KGaiTuECtyaMFJjwAcsD8ermCzRXKmvroQ=,iv:3HSRqS4Tec/t+yeGueuqTqDip1ZoGDe3cWlPKxV9q2I=,tag:Hh8lOGofPk+oTFq1/LXxcw==,type:str] pgp: [] encrypted_regex: ^(data|stringData)$ version: 3.8.1 diff --git a/kubernetes/flux/vars/cluster-secrets.sops.yaml b/kubernetes/flux/vars/cluster-secrets.sops.yaml index d67a24d..f905c21 100644 --- a/kubernetes/flux/vars/cluster-secrets.sops.yaml +++ b/kubernetes/flux/vars/cluster-secrets.sops.yaml @@ -4,9 +4,9 @@ metadata: name: cluster-secrets namespace: flux-system stringData: - SECRET_ACME_EMAIL: ENC[AES256_GCM,data:PDcUGvQ56ekwCsEMVbdjV/BN248=,iv:HFTnJ2AqTCXRCP8eEdEDH6ym7QkDT56vBmJjLmLeo1k=,tag:aMaRipYbNEBK3Bps34Q+kQ==,type:str] - SECRET_CLOUDFLARE_TUNNEL_ID: ENC[AES256_GCM,data:pILsJAG4Fz2BcJSDeqgcCaHlPfXEWy5cD9XVbxh2ZVB4oUNo,iv:Nmla99rSD4GBSKkCVDUXA/v+O7HkHISB6S31JEIyKb4=,tag:JbVOG30LDYNLlvBu8O5kDQ==,type:str] - SECRET_DOMAIN: ENC[AES256_GCM,data:XGTB4mmC4jyZsTs=,iv:iIXm1YiXDNp/H2QPt5TTpT7TqbpykJDSHF/64P2yN6o=,tag:hZysnpmh/YaEbjUbgO5Alw==,type:str] + SECRET_ACME_EMAIL: ENC[AES256_GCM,data:fN9BXTAwXqpR4xU7NAff56SbzhY=,iv:sgS10YxNoIDPWn+N28PPpHjd0UwEAsjnOwQojAJqFv8=,tag:l01i3izbRIqfr44GuAnOxA==,type:str] + SECRET_CLOUDFLARE_TUNNEL_ID: ENC[AES256_GCM,data:2Qswpmsy3ji5p8M/GHa52K6wAY244FuiZdWyK0yzfmfutl3q,iv:pZ+BuZ3aJlZ8OcvCEk/aMAHu28FxOIrT0ax6pXv4XxA=,tag:aIOoT/ckx3jAoCn4XHIhgQ==,type:str] + SECRET_DOMAIN: ENC[AES256_GCM,data:ryYYW3Lg7EVSMOs=,iv:tnTHAhvDi0/B7cHMwUHfH2JfF/+aErTxIaXWLk+SNYM=,tag:uopqFeZeGY3HjrX4vl8oDg==,type:str] sops: kms: [] gcp_kms: [] @@ -16,14 +16,14 @@ sops: - recipient: age127vrhmu8g8sekvwvv7jkf23txad3cc48l5egvuvvr8tlsvyf2fsqq0y326 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDOURxb1dmSDlIanZpQlNl - YlZXUDVlMWtsMjFlU2kxeUZOY0Vpa1ZJdFhVCkJaVzc0NURQbE81Sk1vWGZucFZx - UzFETGlZZG90YnNxMnF0UVpFMDVJa0kKLS0tIC9jUGkwTStCMWNYVlIvVUp4TFVs - V3Z1RXEvZTFmUFphRUpJMW81N0NKQmMKFF6x2DVxvCj0c/g3U6Nbw14/NbjwLhbx - 0DEMPZfr2wkDLNVsfASyPLjUtgLtc9UxnaGx4GZScWNc/SsPlsVTCA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAraFNWaThBTnRkclhFaXdv + WThzQlA4MWhMQ3lXQ0k2SWJtcUoyYnNCTHpzCjJ1cDJWeGQ4K0VjdWM1aDFjc2pu + ejdxYXFYUSs1WjlDRm1DYkE4YXNiRGMKLS0tIDBPcEpHUEt2WnVZaTFFS0p2akVw + dTdCQXhEN1ZFcUpHN1V6aVEyT1NBTVUKSEaaBwmbX7v/jODPHRSDNPxg3+BqEbFV + BYcZSGI+i0fpJagYm+TxrmCkyEWLn7+8Kv8nKUE6FAMLHfhOEtVHxw== -----END AGE ENCRYPTED FILE----- - lastmodified: "2023-12-16T20:45:46Z" - mac: ENC[AES256_GCM,data:2qsrGxCUyFX9DOUSI4pKIyUqPYSfsek+3EbID42xQgGz6V2H8l+NhEezZd/euG61ekypkCTdtlNwxsgOAvjR3kPvx73E5Vw00VIucCy+pTp3QmgoXvBFowRARuSj/gtHJiuvM3Y71dqVv/7HriSeIoPg5BA7i8qDnQz8AztmDdA=,iv:8G870CZqUHeHACdaC65qnBQzQGMSafN6hqj7ElE8waA=,tag:806NuejwN+77fsjmBpvmuw==,type:str] + lastmodified: "2023-12-16T21:29:16Z" + mac: ENC[AES256_GCM,data:hFXIqyQnARig0ky53HSHZwk1xbpE/nb7EO2RZeGPZPkhD8lIcntFdlhqyIWGCWiYeoUOIdUc2ixIv4U5uQlFBwLj/WiWsi3g94lBJpAmcK4Q7dQEmfzKvoxeluX1TaFEV7in1KGj0RAm5D1iiSnUT1taAJUH7WGyt3GcdqveMm0=,iv:V8tu9Dv+z6CnZbrpD+WMXxVPAGRKSxU5RWN/D2avHXg=,tag:dOtAW1EYaaVe2/tgp4Ee7Q==,type:str] pgp: [] encrypted_regex: ^(data|stringData)$ version: 3.8.1