Pushes all secrets, NOW ENCRYPTED! WOOOOO

1Solon · Mar 30, 2024 · 9e8bc89 · 9e8bc89
1 parent c4e951d
commit 9e8bc89
Show file tree

Hide file tree

Showing 5 changed files with 100 additions and 1 deletion.
diff --git a/.gitignore b/.gitignore
@@ -1,5 +1,4 @@
 language-server-log.txt
-secret.yaml
 *decrypted*
 tailscale-repo
 key.txt
diff --git a/clusters/home-cluster/media/cloudflare/secret.yaml b/clusters/home-cluster/media/cloudflare/secret.yaml
@@ -0,0 +1,46 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: cloudflared-deployment
+ namespace: home-samba
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app: cloudflared
+ template:
+ metadata:
+ labels:
+ app: cloudflared
+ spec:
+ containers:
+ - name: cloudflared
+ image: cloudflare/cloudflared:latest
+ imagePullPolicy: Always
+ resources: {}
+ args:
+ - tunnel
+ - --no-autoupdate
+ - run
+ - --token
+ - eyJhIjoiNjJiNjZlOTQ5ZTdjNWUxYzQ3ZjRjN2YyN2E1MTFkZDkiLCJ0IjoiMWQ1YjY2NTgtOGViNS00MTA2LWExYmYtNjY5OTI5MDdlY2FiIiwicyI6Ik5UTTRZamt3WXprdE9EZ3pPQzAwTnpZMUxUbGhaV1F0T0RNNU1qQTFZVGMxTlRjeiJ9
+sops:
+ kms: []
+ gcp_kms: []
+ azure_kv: []
+ hc_vault: []
+ age:
+ - recipient: age13arp4yu8k7s9ck59ryj4vzedkggkp8eph6hq9ukdtcpdvnf8f9uqypjty6
+ enc: |
+ -----BEGIN AGE ENCRYPTED FILE-----
+ YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGQWdVY1B5NnhiWDlySGJl
+ NHpMcldKbXcxeXE2TmE0c3hHWUNuSVFSaUhBClgwVFpIajRmRHAxNDdRRWE4V2NR
+ dlQ2UVAxTWlQZ1ZUZEVpK3VEWDYvMkEKLS0tIEZ6UldMWkRJMWJnUDAxVmIwbDZm
+ NU5FT3VFbDJodlYyY1c2UlpKaGVJMGMK/aBbfzilMU6ucFn9lL9YOnTC+F+yeZAj
+ l9Q4WQgbKIDxS8sO01mIb+DRXGWJ005RWYstvxso9q/1G9iAF1Covw==
+ -----END AGE ENCRYPTED FILE-----
+ lastmodified: "2024-03-30T03:10:13Z"
+ mac: ENC[AES256_GCM,data:AjCrbbXpz6StrhuxbCIBRx8FCcoLPU8mj7vf/KRa7Vvpf1UdZaRwZ+ixaaPLIz7II5aVcXwpnNNZ0tiOwnvAyIZZvi5J+RKbpZSD/y0+qbhGfTUg1dGvmUte65bCGYN0nrdDr34HPVMSje7Bdr+c/6xB97qVjGI8lgecyWopAyU=,iv:p7pb8j6ewNdNWFydEN6QnrhUOBKhjxDtg/T16zV+hVA=,tag:loB1mT3kQK3qOj9hTtuVVA==,type:str]
+ pgp: []
+ encrypted_regex: ^(data|stringData)$
+ version: 3.7.3
diff --git a/clusters/home-cluster/media/samba/secret.yaml b/clusters/home-cluster/media/samba/secret.yaml
@@ -0,0 +1,28 @@
+apiVersion: v1
+kind: Secret
+metadata:
+ name: samba-secret
+ namespace: home-samba
+type: Opaque
+data:
+ secret: ENC[AES256_GCM,data:k1gQgqs4NGoqF254/+odvyHJIuEEKfzu1S/LEVRJELwGyHCP,iv:E7iZlmpAxfXuqg9gtxhdu/eRyyIZELN03m4f4AxnHu4=,tag:7QmByAwqQP6ZlyqWnimqYQ==,type:str]
+sops:
+ kms: []
+ gcp_kms: []
+ azure_kv: []
+ hc_vault: []
+ age:
+ - recipient: age13arp4yu8k7s9ck59ryj4vzedkggkp8eph6hq9ukdtcpdvnf8f9uqypjty6
+ enc: |
+ -----BEGIN AGE ENCRYPTED FILE-----
+ YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxUkZoNUdDVjNaT3RIYlJU
+ TjN2YTcrcyttS0U2S280bnNySG02blIzTVQwClNmNzZPc0d3eWd6MXA4QzQzSDFO
+ VCtWSFl4amQ5UGlUdjhQV3BUdmtjZHMKLS0tIDJrM0dic043ZkdLQklOYm5ZM0pn
+ NXFrSkVMakFjUE8xczMyTDAzdnQvaVUKcfOrTx6caF8daVYYvnQ/qGDjauwhYINj
+ cXSUWNUWJo8qCnJAEQ6g5ovHx8lQniqmZLBdXBF0sl6m1kswkOuT+g==
+ -----END AGE ENCRYPTED FILE-----
+ lastmodified: "2024-03-30T03:10:59Z"
+ mac: ENC[AES256_GCM,data:oohC4ZwsajPfJXAWtn/BEDxAbnJOMTLzltkK3OprkYUPABlGfDTqJ+Gm/gkS9mKNJyijiyfJfIe3dHn7kkFUs5aP0LI2I3oVYCm6LUw4miMNxsbfs6FzCxoc1BIQvo82OfRabXcTIFrjw6LnaQcilioeD2vi45+OxLlVIbyC9cc=,iv:YuFobqN8slOqaESHJhSEHnT7DqYXEpSxkytfe5F951M=,tag:aQlEp53uW7i3wZ0hJEGCZw==,type:str]
+ pgp: []
+ encrypted_regex: ^(data|stringData)$
+ version: 3.7.3
diff --git a/...rs/home-cluster/pihole/pihole-secret.yaml → clusters/home-cluster/pihole/secret.yaml b/...rs/home-cluster/pihole/pihole-secret.yaml → clusters/home-cluster/pihole/secret.yaml
diff --git a/clusters/home-cluster/tailscale/secret.yaml b/clusters/home-cluster/tailscale/secret.yaml
@@ -0,0 +1,26 @@
+apiVersion: v1
+kind: Secret
+metadata:
+ name: tailscale-auth
+stringData:
+ TS_AUTHKEY: ENC[AES256_GCM,data:GB932crYGmWaS5XeTbMftPDpkcskuLXDKxVzVe22KCazw64lYmA2cpWIaukTH6ftuNr83VdakF0=,iv:7hPQGn7kJGPmOl8Sk+bAbKRqSD0KVTiBd42H7QEDuA4=,tag:GFJKhPkkYuX0G8A3LJ6FSg==,type:str]
+sops:
+ kms: []
+ gcp_kms: []
+ azure_kv: []
+ hc_vault: []
+ age:
+ - recipient: age13arp4yu8k7s9ck59ryj4vzedkggkp8eph6hq9ukdtcpdvnf8f9uqypjty6
+ enc: |
+ -----BEGIN AGE ENCRYPTED FILE-----
+ YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXUTVWVmVUOXR0ZXgrYTA1
+ RElQMEp1dnQ2emhsbWNwaEx0Ym1YUVNyK0VZCk4vMWxqd2tReEpZK1Y4WFpSdWRs
+ SmhUVkc1emVDczVMdDBRWDAxdmlISWMKLS0tIGtxWjY1anMzTndIei9FOHFjQ0dZ
+ MW5yTktmVTI0QnRtRWh3U3NjTFJpdVEK8EH8lrJK16NdiU6WNVtUA7A/BR49jynk
+ IEV9BDsJaJIG/+bOVJlTDpCUqZBv4YItoE/nROT7zB7pdrWgqguHlQ==
+ -----END AGE ENCRYPTED FILE-----
+ lastmodified: "2024-03-30T03:11:41Z"
+ mac: ENC[AES256_GCM,data:8ya4YhtIM9VxhsyVmQCGHSAVviTU3JgCaLKzz3/b/u+bBwa36edIgOauOeV2EYgud4TF5u4IG+plNctAGJ4p+dEXs5KI9gHQLZSSzsC5rYx6c+iA1F96uxo1bFOsONv+ILdxGM6Oat48368OP2vKh46VSiK8l6I/mJRCQXM56jA=,iv:XD+dj6CasepT8zAgtR506Wd3atnQL0TON3NlnC/SXqU=,tag:eVULS8bAsHnK2Gbpo9YXqg==,type:str]
+ pgp: []
+ encrypted_regex: ^(data|stringData)$
+ version: 3.7.3