feat(ops/secrets): Bootstrap agenix secrets folder
Sets up the key set and adds an initial secret (besadii config with tokens) to be deployed to whitby. Change-Id: Ic07fd5e66b9e7a533013e04c35e052c2aa11f77d
This commit is contained in:
		
							parent
							
								
									2fa157ccd6
								
							
						
					
					
						commit
						f1e1f71883
					
				
					 4 changed files with 15 additions and 0 deletions
				
			
		
							
								
								
									
										2
									
								
								ops/secrets/.skip-subtree
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										2
									
								
								ops/secrets/.skip-subtree
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,2 @@ | ||||||
|  | The Nix configuration in here is read by agenix and not compatible | ||||||
|  | with readTree. | ||||||
							
								
								
									
										1
									
								
								ops/secrets/README.md
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										1
									
								
								ops/secrets/README.md
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1 @@ | ||||||
|  | TVL's deployment secrets, encrypted with [agenix](https://github.com/ryantm/agenix/commits/main) | ||||||
							
								
								
									
										
											BIN
										
									
								
								ops/secrets/besadii.age
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										
											BIN
										
									
								
								ops/secrets/besadii.age
									
										
									
									
									
										Normal file
									
								
							
										
											Binary file not shown.
										
									
								
							
							
								
								
									
										12
									
								
								ops/secrets/secrets.nix
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										12
									
								
								ops/secrets/secrets.nix
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,12 @@ | ||||||
|  | let | ||||||
|  |   tazjin = [ | ||||||
|  |     # tverskoy | ||||||
|  |     "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM1fGWz/gsq+ZeZXjvUrV+pBlanw1c3zJ9kLTax9FWQy" | ||||||
|  |   ]; | ||||||
|  | 
 | ||||||
|  |   whitby = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILNh/w4BSKov0jdz3gKBc98tpoLta5bb87fQXWBhAl2I"; | ||||||
|  | 
 | ||||||
|  |   default.publicKeys = tazjin ++ [ whitby ]; | ||||||
|  | in { | ||||||
|  |   "besadii.age" = default; | ||||||
|  | } | ||||||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue