From dc2bf1a6ca56315e203245195c945e3646e20b25 Mon Sep 17 00:00:00 2001 From: Oscar Romeu Date: Sat, 4 May 2024 22:12:32 +0200 Subject: [PATCH] feat: add cluster user secrets --- .../flux/vars/cluster-secrets-user.sops.yaml | 35 ++++++++++++++----- 1 file changed, 27 insertions(+), 8 deletions(-) diff --git a/kubernetes/flux/vars/cluster-secrets-user.sops.yaml b/kubernetes/flux/vars/cluster-secrets-user.sops.yaml index f1c808fe6..4875220e4 100644 --- a/kubernetes/flux/vars/cluster-secrets-user.sops.yaml +++ b/kubernetes/flux/vars/cluster-secrets-user.sops.yaml @@ -4,7 +4,26 @@ metadata: name: cluster-secrets-user namespace: flux-system stringData: - SECRET_PLACEHOLDER: ENC[AES256_GCM,data:o1aI52QnrEGCHOFD,iv:23QKDIbpVBOxdAiPUvoOAdXcHJjbbt+++ZVkjp8pur4=,tag:lN2e0/pgMynK9/q3buG/ug==,type:str] + SECRET_PLACEHOLDER: ENC[AES256_GCM,data:qdTr8cioQCrmKDvj,iv:qPV+N3RAgeLqxtP5mAHF9Y74KEWKkIRpT7PXKrb9eZk=,tag:GvCi2ZiS7W4rmh58yumMYA==,type:str] + #ENC[AES256_GCM,data:0xTv5ws=,iv:FSWs/msnU5s0G25PiyWM0m8OrQFB57xHpXGBqKZW1B0=,tag:gvCUxECkskXKZ9f8NcrEOw==,type:comment] + SECRET_LDAP_USER: ENC[AES256_GCM,data:A95TeDtx/jbqTjYa,iv:aXj4jKbgUQ9eHzVef2Ha+/Zi6Bhvf/dE12UZ/LniqLs=,tag:BwWAlbdRC9pbiZ75MmcOHw==,type:str] + SECRET_LDAP_BASE_DN: ENC[AES256_GCM,data:jNq0oewEhw0DMp6OLIOr,iv:+xJL44TxABzo8kek4bu2rEDvfv1i9xcq5qp6R78elj8=,tag:hqW82iu35SCCdIYC1bPzNQ==,type:str] + #ENC[AES256_GCM,data:fm03LlMo,iv:Xr1g6Pts3raj1XB2sbrLlV4vQVtKub0rQ2GNamrzlbQ=,tag:98qRHTsRSN/qud97Et7iow==,type:comment] + SECRET_ACME_EMAIL: ENC[AES256_GCM,data:jcgpts0a9n4LIR7ttS5nWfPRQw==,iv:2C1/wSZ6Cp52EzKFmym/ex5Saq/oPF0m2Lb/neKXNGE=,tag:j1ghjk71T9JJ00DVFTsMaA==,type:str] + #ENC[AES256_GCM,data:Dt743i0=,iv:kdLSJzT01Mu3YjPcbmZ8/BHYMPQcJin/2/MeXWiXiww=,tag:L2VFuiZPPK+ZmFtvUWk8rg==,type:comment] + OUTLINE_OAUTH_CLIENT_SECRET: ENC[AES256_GCM,data:TWKFfj7k7kvWcmqrTyiVgor6Cb1Ljl+RQbjhVPpMkN/bPhbZvIZBK0NF2kjqELTmH2xBIR+FZDbPB011goDazw==,iv:XNkmu7eTsJ4TKwhgYmtlSvKN+JBfblgQfeCm9Frh4lE=,tag:jboB6psowl6Rd7CSlmzJXw==,type:str] + MINIO_ROOT_USER: ENC[AES256_GCM,data:SIhvtJk=,iv:vqcmH+EiSDwIlaqMthTMHVb6E5zy8bFMOAN0fNNx3Oo=,tag:AG6SkrNW8bb4ZFJtswff7Q==,type:str] + MINIO_ROOT_PASSWORD: ENC[AES256_GCM,data:jiszSXfxHm+4x1KEikmM1rjkOAZwHMjr6icL9+XsL3k=,iv:k1jE1hk3DsU0K80znkTKqF46zg4rtsSmWFOIFSBX5/M=,tag:CTfZNfIGKHhJ9Df8/4M5lA==,type:str] + MINIO_AWS_ACCESS_KEY_ID: ENC[AES256_GCM,data:WulUfMSX2p8/m8uN3GdALRNH0VU=,iv:pLmxK3fmsbdo/qL/MSdJh6OkA+/VNduyt9RzE9dsyJo=,tag:pe+c3ljsfmslkMx+QJ0EBQ==,type:str] + MINIO_AWS_SECRET_ACCESS_KEY: ENC[AES256_GCM,data:nWVpvL/HYrxOcWoM6DpnmtM+gMUO5nEZzNYkob7GcCoM9vGyVqnY0Q==,iv:eqESA++95JNeQBxVEQV+Ev6odWj7pdKB93EzFiVT/1E=,tag:C5X4sXsyqqcpFwMoOOEB2w==,type:str] + #ENC[AES256_GCM,data:oBOJpFSJ,iv:8pfvIJ5gHdCCEYK2oI3n4qFasGRUlLjISzSAoBfLif8=,tag:slVCjWDXMP68QM5BVXRCow==,type:comment] + KAFKA_USER: ENC[AES256_GCM,data:d3vuZQJ76jcIAQ==,iv:/wQIphay8paHPcADZldMKrbR0a/PBMDS3vN7gb5T5RE=,tag:pgvvxF9mpNAxO3Xs3NVhxg==,type:str] + KAFKA_PASS: ENC[AES256_GCM,data:RxaclJEXm1VfOmRLwH7bnocjOGgLfdCIgtAD6DjeeXI=,iv:6sPD142XBf+fvfpLt8tIDzmfn0lHj1fKI2Kfxw3hFko=,tag:hn7v9+vOlTEaNXbWa8xOsg==,type:str] + #ENC[AES256_GCM,data:GaQ+wPMeseSV,iv:aEErxzpTSZbi0awV4A4WvHJckVUBbkv0bewC/yhLnu0=,tag:hO+O0FJcIysI6DUcTJ4lEg==,type:comment] + CUSTOM_PUSHOVER_TOKEN: ENC[AES256_GCM,data:aL75izbozUUfZp7MVmZoNtRsuPp4vndzbSmKiSUh,iv:8/gejNBancSOINXKEYh5YPeMpNmII9rJdU673OpW8Dc=,tag:isbeLNhwMwv5v9p9oXh+Xw==,type:str] + CUSTOM_PUSHOVER_USER_KEY: ENC[AES256_GCM,data:xi2Sxr0YBawKQClyP8uIM9YUAQ0se2ysxGPXCZFe,iv:vAau7DWsnTENE658WCsRoUIoiiD92M1dvHvCDgAybhU=,tag:z8Q1jy6Q9pUtTim+lf+wTw==,type:str] + #ENC[AES256_GCM,data:MZZOwg==,iv:vbq65mFHA1SGLaY7cKkJSHPXnjgrs0SqpA7ifh1P1vE=,tag:pwRtqc8ukdXZF22wlty6Og==,type:comment] + SSH_KEY: ENC[AES256_GCM,data:IOTqA/32DvuVeBZQPPDgWKDRwY/hs57zqqOoFT5ZadOUIIKOI1mcYjBPJ0/FiPJjY7rUf606/lCmMlXy6J/u5u2QggJquKQCcJ5qXzjHdYVt+2WLhqlOoObU5CL0t/ilMsBkpA==,iv:jAsCJC1jyy1T2ljINUQmu3r3yOOlALnVO2XJ10RkeRQ=,tag:sMN+iJwXtASIQy8jxYAqHA==,type:str] sops: kms: [] gcp_kms: [] @@ -14,14 +33,14 @@ sops: - recipient: age1ptththqpxnx0zuzmq0peq9x30vqgdedjsdlsuzxr5gfc36mnwqlsylrpr8 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGdWs1TWtDK1Q5VGt4YWxn - VG5RN3pXQnFVY3IxMXhoYmg2UVY1UkQwRDBvCjg3RDFuK2t0UHB5bXlLUlNobWNi - OG9YQ0JQMGVGZVEwaUxaNDY2UlNwYzQKLS0tIEpRUjZjY3U4Z2hLTVVOSXlBYndp - eHgzVG5jWDdCWDc3QXZ4RVlEeDFGWlkKYZDomwVnuTqHF/JnrSTrYxAPiLH7weW+ - Mrb7HG1BAX8yzlMlKPa9RHhr8iTGX4pm8V8+DjFEU+U/ogaOc17Tqw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB0RlNXQmhLT2pHYXUxR2lj + U3ZSalVUSDZORjJjVFVBRysvbzk2dzNQQzNRCnNpRVdnQXo2UVhnZVU2MnBCUVpN + NTdZYVhNaWo3WXBHdENsN3VuQ0xpNmsKLS0tIGZqZUE1ZFB1NU5WZTlzaE1BbXVN + TlU5NkdhWmtLK1B0SjBKN2NxcisrTEUK1bWvGBomxsxWVT27V6GIo2Hp6QdYXEnv + DSyzrdf1lLC6647NWF4HyB0/Lx7V/hyZo8g6AtSVU5U0+dgnHss32g== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-05-04T19:39:41Z" - mac: ENC[AES256_GCM,data:YDR17MY6Zr5cbfdksQY97QlxsL6ui/L6ylL36SrxtwIpRoaZzG9yi8vIBIl2kxfIf2TY/QtO4kgat1q7LGXWVBGi2oYsCEVNhjeOTj5rLpzdMgK5fKenxo6KvkNOvt+B5Q4vTxeM9cCV2ceGjz+07zOj4gBRmSwNIZnhTBoE/bs=,iv:LLZSWKitCAsmFvYY/o6AkfBwuxlvoTWE/T3J4gctGxE=,tag:rvDVateqNNC+FlTpro44sQ==,type:str] + lastmodified: "2024-05-04T20:12:23Z" + mac: ENC[AES256_GCM,data:UUKv/e3tEJVjWSuniN7v8IWT9suhRPPRB+r12Obx5TBt59XgFwU6psOD9wKnk0DaDGzHaD0OsOSYcXeeLHHxfiRobSVuY0YCXqCD+yOCzjcZnTDNjkCDrFAJF79xhCMUOdINphElemi1W4hgdsZiZaUYEZuZm+9M1y4MSJgnjGo=,iv:s50Ff/qh3GdUMe2ysSomDywcGazGpENymg+g0G/L5Eg=,tag:hD2sVAPWyMk1Ua+NyhfBsQ==,type:str] pgp: [] encrypted_regex: ^(data|stringData)$ version: 3.7.3