diff --git a/.zshrc b/.zshrc index 4b0ad3e..91456ca 100644 --- a/.zshrc +++ b/.zshrc @@ -138,6 +138,7 @@ # User configuration source ~/.dotenv + source ${XDG_RUNTIME_DIR}/secrets/envs source ~/.zsh/aliases.zsh source ~/.zsh/functions.zsh diff --git a/home-leo.nix b/home-leo.nix index 59c2316..69a435a 100644 --- a/home-leo.nix +++ b/home-leo.nix @@ -35,6 +35,18 @@ in { # can be "copies" or "symlink" symlinks = [".config/sops/age/keys.txt"]; }; + + file."envs" = { + source = ./secrets/envs.age; + }; + + # infra secrets. + file."infra-backend" = { + source = ./secrets/infra-backend.age; + }; + file."infra-vars" = { + source = ./secrets/infra-vars.age; + }; }; # build a configuration and switch: diff --git a/secrets/.recipients b/secrets/.recipients new file mode 100644 index 0000000..e421d14 --- /dev/null +++ b/secrets/.recipients @@ -0,0 +1,2 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGzJL8/M+tTejrAPoomHKtlYk8lINBLHaH+p4SLt3sBG +age15959gprm59azjflvpj97yt0lj6dj4d2yv0nd6u9jp32lzwp3de7qzhf85y diff --git a/secrets/envs.age b/secrets/envs.age new file mode 100644 index 0000000..9113b60 --- /dev/null +++ b/secrets/envs.age @@ -0,0 +1,19 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDZUei9UUSBvSUtX +b2FkTXgwQ3IxeThvNC9lOERXOVNjbEtNRjVIY0tyMXBQalByMFR3CmhOMlRoS09q +UzJvTWpBTVUwMEFkT29tTEx5UGQzUml3bUtxOXNmdUd5R2MKLT4gWDI1NTE5IGFm +dDZZVWRYbHlIY2NjbUtmNU80Rno4R0lTdSt5b3g3a1hXVG00eGJXMk0KeFVGZWtm +VU1uenJaZU9CbFpBSFdSYnFYYWNpRTFRbkRKdDVqUVVLdktzdwotLS0gU1BvOGpl +d01Meks4VnRkVlRjRjRsdXV4eG1aUjlkcUJIQ3Z2aG85bmJxWQqm0MSO0q9WZyS+ +FFOOTm7RDZp6jF2GSmLnTV+RCx2Cmt+pGb96qqBdHj6LwqZjL6PjhxbLkPBy5aO8 +MQfHSukMcKiGeHYw+go35z4ZbB2u98N1R9YzxKLrVLhr1rJXfuL0Hs9YILAZ2c73 +mPk57KA04ni6USxbdmoetWScnppUUis/59elYSVabYC0+KXE0pTPqBOFlB8uIei/ +15ZeudfVgGZwijGzAZF6xLHXbx+P4BDZypQA8YPgcPbp4GCpFb+n1c4DuZxAGS2g +OlfCTOHl81vubPiqemQ+VS/GGahxdzjhXs2TRqRdHgPSMwidzIjEtjx4r+xhgCoG +WrK+0v7zyUU6G3ykhbttto2LMxWPS98K9pP1iWGr4J1+UykQiG/GyWoZYa5UwmHN +Km06kEHC51tZ8GwF/ALZWk80+Wubc35dYLZNfb0R6FG3Lvel3Su0ZhosvKlTTrnP +U9ituCCy8+XwLXGb5t2oioGUxA/QSBdzcGFGSqOLQG5OtikR/Kl3np3MITpXpwLB +uGxeAed0/DAGjMfen8eGlGPXIM2RWshvsXvtBoKfkkaSgW3r0eV+JENefP0Ls3P5 +SezfBwEymwZwGTgD2PH41T6k3bJNfdNPaTrivd66fnNyTevpQf2LshDAotm7dqWM +FNArctQ6406/wrS5Fn79ibEV8hEgQRawrbA= +-----END AGE ENCRYPTED FILE----- diff --git a/secrets/infra-backend.age b/secrets/infra-backend.age new file mode 100644 index 0000000..da05433 --- /dev/null +++ b/secrets/infra-backend.age @@ -0,0 +1,12 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDZUei9UUSBzb3dt +M2prVGp6dlArbk1wT1VrK05ZcDJXTmgyM0JITmFHblpLcTRpSzNNCjU1Y1BvOXZS +NTJEVDFWeENSSWZZWG1rRTlKZHJHYTA1MXpiUDliTkpWbWMKLT4gWDI1NTE5IFgz +V3A1WEtXVWcybEh5NFFOMS9iZS9hVXJHTVV3bDE1MmE0c2Z5UVRFVXcKT3p3cmRX +VlZLdnBmZG53aDJqOWJrc0M5cE5qVWxRbWJMU2hLSVdtYmNpWQotLS0gYzIzbmVW +Wi9IM256TFJMWkFzckc3K0RqdHYrcHlNOVhlc2F3b3hYQitvZwrCioyrYO/hFHDT +AAiwVCvCCYiNYhKtuEOFqPjnOEeK7c+3lJVP+ZLJifL45TMF1fwl5cVG1r7ToQk1 +giJGDtwffkAYtYBa8GkqsEwAvbTiJa0DGmM9MSrTzLFXHS/hhtfl0E4Otwn7rH+z +n5QQBnpJVaoU/WvIt0DoT6rDYYtgsOFegR9Wgui066pFB3YXBkLiuS7afZCryPSG +JmDpxoaQReYpV/8orMVHrqdSKK5F8ekBg2rK2QKVNlniqj/qLswBqPSL/xutXoy1 +-----END AGE ENCRYPTED FILE----- diff --git a/secrets/infra-vars.age b/secrets/infra-vars.age new file mode 100644 index 0000000..50eee09 --- /dev/null +++ b/secrets/infra-vars.age @@ -0,0 +1,16 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDZUei9UUSBYZUc5 +WVhUVkdraDlvbXkzYllJYUdydDlLdmNSZGlTMzE4Q0ZrcWJaN0dZCms1NUUzaVR3 +eWtEci9kdGNXa0JNNWxjRGdWZjVaTVRlUlRRaW9MUngwSUEKLT4gWDI1NTE5ICs0 +OW5oWDNNUFF4c1BLeWJiaWIwZExrVlFpeEtZN1l2OTFIZ2hKUFk3UkkKUmhnSEM4 +VFZUZWd2WHlRQkFZRnNDUzJRV2E0NWRXTExXWmpiQnUvMlNldwotLS0gaWtpZ1ow +U3Y0b25naGJ2bTk1dXcyYVd2U2M0dlp6WG9EaDVyOUt6WnFGOAqvuD3+A22eJGJW +awMb51pWjgC+dc3vu07rfm8n4XpQrYMJ5sO2i4++Bszg5Y4VYdRy7nX5XfvBcVoo +/q3BVXKXdNL2c+UIyoRR8Kh/FOvrK13mXSnwvCOL8xo/OCFUyBsUSapSKLuvMuIQ +DLWB5feiEeKzdI6vEQHGcRkT2mokCCvWdbn4XuyBr9gkXaxiVxkzHHenAsCyxz9Y +osEpDpnqaioZ8hq33jm/wWCDHDj12XHWSj9oPH0yaTDUhoknDqxyH2TW00+PjHbf +dPECATbsHHcEzMQ/8/xfTsUdQBa6DjOQMmhX6aGw6bg7Oq+Egffb8ky4YYIXEv5u +cchVpZxYFUxJLvUjlwjV+O71D64yNBtQavTGlvqqxeFxuMP/gOiUlNJDtigAZEa+ +2ltZih+oSue90MhC3RBNAwMLuo/jDR8DQOYzGTWbvDQAVzJAk2uC25tZ+2FaoGbO +gNcl4E8KBpsOg6nU7+nJLYdK9PlIdyHy7GfN/QLNvwnCs/yAUQ== +-----END AGE ENCRYPTED FILE-----