Update secrets to reflect updated fortress configuration

2025-08-03 00:31:55 -05:00 · 2025-08-03 00:31:55 -05:00 · 81206cbb8a
commit 81206cbb8a
parent 66de69830e
3 changed files with 42 additions and 76 deletions
--- a/.sops.yaml
+++ b/.sops.yaml
@ -6,7 +6,7 @@
 #   nix-shell -p ssh-to-age --run 'ssh-to-age -i ~/.ssh/id_ed25519.pub'
 keys:
  - &system_bastion age1up8uth9hwtd9gup3v32l8dypdarj77s2lysm8js8w8mwa80rk4ds76ke6d
-  - &system_fortress age1v3nya8n8fys8une6cp0t4agrqh4zjk7dk3lel5403xjkf6k87qdqhgjrk8
+  - &system_fortress age1fraz2lnnqtcxnu6tnjy4f7y9tuc0fnqekzmdynnhtt0h8a230v5qddpxdu
  - &system_blockhouse age14j6ns297c49wx5d8jddctfmek0kvn8rvw3y03nw3pankc03dlpuqhvvy7c
  - &system_living_room age1kmt2khucyvscmwvrjnt0v90zggttuap9utx7rw54g9amhtrkzdlq94fe4j
  - &system_ll_latitude age19v2gpucsykaqu3hsvskl67ss8mpqstp59vn687am6px9nmg585ksvlhctz
--- a/secrets.yaml
+++ b/secrets.yaml
@ -14,69 +14,69 @@ sops:
        - recipient: age1up8uth9hwtd9gup3v32l8dypdarj77s2lysm8js8w8mwa80rk4ds76ke6d
          enc: |
            -----BEGIN AGE ENCRYPTED FILE-----
-            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBUUWZEWGNhSlFoZ3lyTDFB
-            UFRoMzJUVllDaTJoUWk4ZDRmRkszRGZlMjNjCkFjMVJFeThWcDJWbEtQcGgyUGd3
-            Q0xDMjU1WVhPL2Z5Smg4bnFtM09uREEKLS0tIEVtcnlITDhSSmRnNmJScHQ4ZGRU
-            MlJ0SHRDZEI0S1BIL3A1ZGp1Ym5VUDgKXStZQ9SkULr9Lix0uhCJ5enszs3sDpMR
-            PLoNroOYYfUPnzxNyIlTqpdvR+KeRQLLe0rQhX8ddbVf6CXKP3dUXg==
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkV21KRTRiMXdLakxLOE1M
+            M0tpTU9CaFVrOG52Q0VGOTdnbkVWS3RwSDNrCjNoaFBhL25TSlB3NmMxc3RGbkVz
+            cTgrRHhlQXZLYldRSWFjckpTaWZOUkEKLS0tIFd2clU2WTQvazRiTkNpMmJyZnRv
+            eXpjT1paSnFrUVpuUENBL3AwQmdUUzQKMX07cQYaY26stpcw+KwuEzOuNDZLp1wl
+            yBwVDfwBOoQU7s5s9JraU9NRA24neEX3ZOaiB4cGZU93VHCA7FyCiQ==
            -----END AGE ENCRYPTED FILE-----
-        - recipient: age1v3nya8n8fys8une6cp0t4agrqh4zjk7dk3lel5403xjkf6k87qdqhgjrk8
+        - recipient: age1fraz2lnnqtcxnu6tnjy4f7y9tuc0fnqekzmdynnhtt0h8a230v5qddpxdu
          enc: |
            -----BEGIN AGE ENCRYPTED FILE-----
-            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvWmxXSFk1ZkpzUUlIcDNx
-            YUdLQmpxSnNBVkY5MC9RNTNQcHd6ZDl4VkQ4CmF4UG8vNS9FYjJCeU5YN1lCY2xG
-            ajZVdHJoWHFjSlU3dGtSaGdFSG13NWMKLS0tIHNtUTlVVTY3U0dIOWJjcGxVZlJE
-            a1ZFSUpkQXlYNjh2RlZuL09jdmVraE0K0YOa5s4Z81fQXnL2KSEPO8t6riiXFwVw
-            YSybBxht1U4l45dGuhRH3+o8YA+aWrk5GaKU+qc6SXhfjd0wsl0J+w==
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBrM3g0V2JMbmhJOXlYWGlL
+            UWZaR0trM1JrT3Z0MnhRb05VQmgxTGdLRXdnCmhpSXVsRDZpYmpTODRkc2YrSUpQ
+            WHRMNWUzSVRiZkZMVkdjaFZvd2xTdnMKLS0tIFNzOEJ5QjVhUVp3L2EvcC84VytH
+            NzQyZDdld292YzF0bFBXM0hWNlpZWk0Kp5FZbVoVVye6JGLwwryli8XfwMrie6dB
+            CucvY3jhh0wQIr/GcRDDYLIu6els+FMQwkAvEn1vyWQk3RQjLbOfjA==
            -----END AGE ENCRYPTED FILE-----
        - recipient: age14j6ns297c49wx5d8jddctfmek0kvn8rvw3y03nw3pankc03dlpuqhvvy7c
          enc: |
            -----BEGIN AGE ENCRYPTED FILE-----
-            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0WGtCY3lrSCs5emIvVy92
-            M2VCa2hwaHVGOTgyVlNwTE0ySmQzYW9zMGxVCmlvOVdBVVRUSHlWWG9wcWhQK1hW
-            dERYdDhOdXE3My9iU3YwMmNOYVZqZlkKLS0tIEpZeGxCZHpIV0E0bjNaK2NyYUZu
-            SjJBTjE3T29DYy9PeHRLSXEwZkVFZHMKHRQX2I7W3NULFuLwI+/6dY4AG480TYgs
-            KHy5xKcfj8IeJ8g2szxcOQ5dWP6N1F9bSuez83umSCIJVNOhbz7khA==
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAreVpHOVJKZWF2SDNBTW1r
+            aUgxSXJYcjBZK3JvZmZVd2ZQZXVITnlCdUU4CjBHM0Z1d1Q1Y29UaEx5TkZDWGdS
+            K2lvMzlOTE1wL05EWEt0U1NvNFNhWVEKLS0tIERJeUVUcTZQaGFJU1NmaGxjS2xE
+            cWtaZytaNW9XRzlvVnpkZ0hJRmVHV00Kg1O6dk9/0vO4887sATej5A+cCGEa3gIl
+            CY6tx5YzU3rImIk+otM/XerIl++oahaiSr47FU0WygPGtvndRtb8Dw==
            -----END AGE ENCRYPTED FILE-----
        - recipient: age1kmt2khucyvscmwvrjnt0v90zggttuap9utx7rw54g9amhtrkzdlq94fe4j
          enc: |
            -----BEGIN AGE ENCRYPTED FILE-----
-            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXM0k1VDdDa2l4L1RMY1hi
-            VEdreld0cnRiOGVtbzlxSlIyUDBPRktLTzFjCkpNOFhoVGxRdWVtdTFrOWN1M1NH
-            U2JsbWV3MUhiL1JTYnkrZ3daZkRDa1UKLS0tIEtkMFl0SXBSU3FIUU5RS1ZzNHZ0
-            cjNHdUxaSWd5Qy9wREFyU3FPci9HOHcKrd+gWMEhyRfKHrUXbRiwktTGw4pK9A+c
-            c0IKcGmZdI6lPNIFiVh5yYOndT0NMyEBAiPNXXS5+AYmNccI3X2g9A==
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBLU2VDdjJ3cWludjhnUmRH
+            U1VSVHMwZnNjM1pjYk40UERXVjhTMndZckNNCktNSVpkYnd0Uy9LdGhWZHhCNTJ2
+            VjE5QjNHL09XZFUvaklpdlNJc0FWbUkKLS0tIEhwS1hjV0ZCS051Tlh1aTJVQTBi
+            cjNtYzduaXFDR1hrakplYzgvREkyRnMKFJL4q1J98Eh9Cbyx1Hlx2daH9aapcuGE
+            Q5dlfeYTANNPNZ5tLmQ2++p3nWfyojPgkEwUgQK1HiOaLdxma5ku2w==
            -----END AGE ENCRYPTED FILE-----
        - recipient: age19v2gpucsykaqu3hsvskl67ss8mpqstp59vn687am6px9nmg585ksvlhctz
          enc: |
            -----BEGIN AGE ENCRYPTED FILE-----
-            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1b0VQcUJCa1VvYUhTMHlT
-            QmVlV283RUFxYWhxTjRmOTc0VENrRlJhV0JVCi9mK2Z5eHd1OTJ0NzEzU1J3cDEv
-            d2NZWFJ6U29qSEhiSnR4dC9yQW5oL2sKLS0tIDRCWGQ2OXB4VUlwYWZkYXBBbXkv
-            Qk0zN3U4SzhzTUlUaGZpUHRVUDBVeU0Kp7uE1zpFtNYBZFerWHaRyKHSa0ccIN0Q
-            B+Vi806d1pvaUBTfhkDCCkSBFB12wP82yA2XrJ8ask6ztc6X/gui0g==
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhKzFla0JUZ1RRSWtYUkNJ
+            R2lhMHJJdXpLUU0wVnlWQk1nWjZwQmJVN253ClZIc1BlOEVlUEp5eUJsKzZpdG1y
+            Ti9maENqdC82SGJzWmtpUWhBL0hLWXcKLS0tIDN6bE9SS2tDSXVqd0JQVVFpcmkx
+            REwzTS84OFdmNGprZzNLZnNVaWp1Y2cKHLAwPJ9+vb4ux4XPzNXs9O3oLfTy8744
+            fkhkVr+2pEn4YN3tz70MVtYhRYPSZn2t26GeQxznODFFoN6tch5E6A==
            -----END AGE ENCRYPTED FILE-----
    lastmodified: "2025-07-31T04:05:03Z"
    mac: ENC[AES256_GCM,data:OjQEe6aaTRsjMS1Zb/XlP4MhyrxIGYfn0mkB3GA81iOAGU02r79+uhx7vausjEgYN4IY+wXxyFju7M+xgRqTIWAfQrQtOuPIzsZUNvUd2FUzYAPhW0W2YrRJKa1gYYOHxKiyf4vaP1I/G7I4A0DG9pYRVDcDzvN6MzIvy97XGxI=,iv:/GYxPBSArfTZzUwRrLl+jkq7u24EU81+d00nnuyO98U=,tag:5CP5DihSPSZMhyc+3CyCEg==,type:str]
    pgp:
-        - created_at: "2025-07-31T04:06:37Z"
+        - created_at: "2025-08-03T05:29:55Z"
          enc: |-
            -----BEGIN PGP MESSAGE-----

-            hQIMA9BR1U1EkAnnAQ/+NSwCzekHKQuS1DEx2z3Llg2r1NYP21Pvzb3WKxzIlH/Y
-            rH2FJ4RhFJsG8GVWgURySHtqNKcafpB+8mm50b56IKKUiZe6A2ULIW4tBmU7wEb4
-            uEgFQ/YtJg4JyQxwYuZHX4ra3IsHIdbV/dsH9bv1A02Z95Eyb7nQutAiq/pz/DbS
-            /J2ndBzZmYO9cb4aHJ4h8cqdvWDcH+vWcNW8uqCaLKiNPYQLcPZOvMfGNia306Y6
-            9QSMIIvWP9eAcHIeBBP3U6blQJ/XXdoq0CuWfJim5fJGyfrkNgGQufYOADpJHJgL
-            nNIRkI4RF04ky9ghoSPCxpGy9Rd4YQU1iqA5QWC+VqBFH9e8aFmptlCVSAZ0t74Z
-            iPDBWHLBVkjxGyTvNWtpmOmyB2ZAhR9OQjkX6EDnVL/YqPVSvwvlvkzDoscmzvl1
-            64OU3hSJ/vwCsXyb2iN+62JV+NP3UgvXJnJvpEdcohKfTfEJScegv2P/xk+vt8k9
-            PXrW66jtBgT3XFssRAq1TUCfivYehzbdmS2iRIjnST0cjOJB/vX3Mc1gZ88zBqGS
-            fiqXryegdBUHULfJnGPK4ymQLEipFNxZXkFSLL6KTOCUpNeOJ46NqYgizKt4Ewio
-            BiJ0YCg91GrftElJIHhsehUiK+6C75TTL+c281l37zjv/tMZ1nmcUX0in1s/gJ3S
-            XgHrdCoe/vXYCQ2hTS+o8kHV1ksQPPGAvoEWvJrFPwUQhjJiqRKy7j5zwaYWSTth
-            p5YfPoLRWjwGS9V7VD99gYQVDgMzWpkzO/JqZxmNgV5ki5tN4eoR+rAUg19E064=
-            =DDSk
+            hQIMA9BR1U1EkAnnAQ//XjNIHXlHxW1gqTUGmBIIB0uRb3nyfaC0jqLFuLilYERG
+            shoKYmHYt7X9BYX4fxDLeT1zbuITCv0+rUyZPPYDEClExT3ygt0VFweu666YRAbu
+            GmzjLnanrGCq4EB5kzYX1wDIJFo9MLBiJaB30sfy7V/3nZUEvtYyYDibONRV0Slf
+            JYWdJXuhsRasdC8EVKp/YePTTIHJBt774fvCL2C6edJbCXsftAnzyrRGglp8DuBI
+            fRZ1hOYb/skVphNsDGUPIhp9VV0zjfVJpQ7iKF9BObXtsxnogvdLaox0cTd2CUb8
+            YJ9SGcQVw8LhreVtSj9Y1iViYFVrsJHt38PJ1EtfzytqoYrGFat5aG4NvIrrE8fK
+            LhKU1ba2615tAMuwyf7hLr/hc7NW1GJa3m3Iy4oqXJmXs2p82CUdiPydc2kOG0HN
+            tLInrTLidLstDJULW8OZm7+yUjlg7Gv3YePLdgS0XQ2PWtuV4jlouo611qHle+Fg
+            DaqHlBpkKs0fiOfN+OVjr+26iRF7EFsr5vOIRLrA9VDsJnzRFwGNdrb33aFBbO7V
+            ekxL9kVQTzeSqZ8getsTIUGuDWDKa9EU8Vp2msCNAzbYZO8T0k/OPyRIuUj8adUn
+            m/RGWE3eeLFGOxaw2jMR3fmUqSmCctJ9V1zvy0hvKI0WLYFUTaS9LMTm8QcVpNnS
+            XgHLE+jjte0CqJOOXEymd960TSPnyOcxCcXA8eeDbrDZfu92h34b81QwBXUF/crp
+            MUtOn7Pqgj/5e8Ld6q381kQKb8audsOEfPDv2i6qCA7ziGVyMann0XmqukVNv3I=
+            =/Uk2
            -----END PGP MESSAGE-----
          fp: 5F78261B65C565041662A3B7FF8FC3C735BD4A51
    unencrypted_suffix: _unencrypted
--- a/systems/fortress/compose.yml
+++ b/systems/fortress/compose.yml
@ -1,34 +0,0 @@
-services:
-  secrets:
-    image: nixos/nix:latest
-    command: nix-shell -p ssh-to-age -p sops --command "mkdir -p /root/.config/sops/age && ssh-to-age -private-key -i /etc/ssh/ssh_host_ed25519_key > /root/.config/sops/age/keys.txt && sops --decrypt /app/secrets.yaml"
-    volumes:
-      - .:/app
-      - /etc/ssh/ssh_host_ed25519_key:/etc/ssh/ssh_host_ed25519_key
-
-  ##############################################################################
-  ##############################################################################
-  ##############################################################################
-  # External Services
-  
-  #httpd:
-  #haproxy:
-
-  #coturn:
-
-  ##############################################################################
-  ##############################################################################
-  ##############################################################################
-  # Internal Services
-  
-  #dnsmasq:
-  #tinc:
-  #wireguard:
-
-  ##############################################################################
-  ##############################################################################
-  ##############################################################################
-  # Local Services
-
-  #dockge:
-  #uptime-kuma: