staging: Use a static ssh host key
This commit is contained in:
parent
4e5379eadd
commit
920e0eb28a
|
@ -1,7 +1,7 @@
|
|||
keys:
|
||||
- &tlater 535B61015823443941C744DD12264F6BBDFABA89
|
||||
- &server_tlaternet 8a3737d48f1035fe6c3a0a8fd6a1976ca74c7f3b
|
||||
- &server_staging 7762ec55a5727cabada621d961e53f94caa314e4
|
||||
- &server_staging 2f5caa73e7ceea4fcc8d2881fde587e6737d2dbc
|
||||
|
||||
creation_rules:
|
||||
- path_regex: keys/production.yaml
|
||||
|
|
|
@ -16,6 +16,17 @@
|
|||
networkConfig.DHCP = "yes";
|
||||
};
|
||||
|
||||
# Both so we have a predictable key for the staging env, as well as
|
||||
# to have a static key for decrypting the sops secrets for the
|
||||
# staging env.
|
||||
services.openssh.hostKeys = lib.mkForce [
|
||||
{
|
||||
type = "rsa";
|
||||
bits = 4096;
|
||||
path = ../../keys/hosts/staging.key;
|
||||
}
|
||||
];
|
||||
|
||||
# # Set up VM settings to match real VPS
|
||||
# virtualisation.memorySize = 3941;
|
||||
# virtualisation.cores = 2;
|
||||
|
|
|
@ -1,28 +1,28 @@
|
|||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
|
||||
xsFNBAAAAAABEAC32/CXnt4LDPdPZppQ0GcJAxVFHFu8SCl5WnU/PVPEnwgRkV8V
|
||||
ZeyQN4qgT5LPWgPYyDyAqUHBUwRxvVcguw0fOlDBZ3nECKQxZ53OVlay7xfhgXO1
|
||||
luNu657u5VYtxfLqx7lVHfY/TWp5DBOOEpOtoKfz031Zbg11+kdxW5eEg2ypCTvn
|
||||
+MVQgRH9AQI+0+jegQ9On3X9UaVdc8etuY/F8BAEwLCCbYpLUEUXwOo4YLB36Kg3
|
||||
P27q15Nl6g5P/oFEdS3fhHbh9636lJnxJcTTjAfJaDoQJ5rGDASiT8HJnkNWfrf/
|
||||
yzLMOiy6fRRIz8HTXKeZNeRvCPu1uHaWYi0RprWMu1HZ0cLzr5N2lHKcWgL8En5b
|
||||
fPyqldFfJBlY36L59F7hTk10QBgqFhibcXB44iK96jnYw6LgSuFkbfrJr7fx67JN
|
||||
lM2Xi4WXvzkp3gboDxd2Xy3ChQrQXmXcVAl8XNs78f5AQh5MJP6iC7ayiIsHq4aH
|
||||
rGVLhbncfKpw4OL9jVNTyRinwpvl5qibLAJbDA7arn8XqT6FT0KjeLa91jTFLHGn
|
||||
9IkJol+L0/zYrpyiid5ZKNJMousxJoXymzRkeYllr+nLjKNLv0L3MCnsiPEZ23iL
|
||||
y2/UZ6Vcjrs50L46VuiewCEaVbBp1H9Ps5eUa2YoJ65sfe7wnscXI8oOpQARAQAB
|
||||
xsFNBAAAAAABEADFaVmT5Xt4+nCM2hZ+Zq7Uybg26TISSrpU/3nZ+qxZSC65mqfB
|
||||
qWNR1kCpJpDvhwUhaTC2x00L/ckRoPcF60AqYR632owQ0AgyuG+xR0HJR5rpWzRs
|
||||
cMINk1NOLQ4Vw9IaRykfx5YtKL3mPo8iLNQom6SkFG1hPqwoAzzWNLBLKMfKrDtW
|
||||
uBnsbGLrkAB/2eJBw9xDmpMpLV5f2lJDA89RQYV8YQhe4TBL9B0WSSc9CqX9TP6m
|
||||
30zY6jCWvfYL+Hi+YiR2K+dp9qXB55ViYcw8hRG99n5fSyZSB0hyttnIV76G0I27
|
||||
McFueWu6LzZ/lMEJM8OeFVgyMJFMVXHCBxLYHLqlJvxk4tV43Jkl4IOn4gBgG2oS
|
||||
7Sk1woz57UNug/AGcGAHL/YAbk+WcEut2RiwoTUEyQpRrP4QPnZivEkeTs0H4lf3
|
||||
3SHW6snMdcCDkjO6VCo9DTsSpX8eNLj9hW8UMuUMsU3jLtV4L2TMoDnqRHO7icbC
|
||||
r+3CIi/yA5EWry/AReOPTFY+etX3XrVUUdA/SJL/OXLB8QD2jW0XbVeaHLgdhlt5
|
||||
UeDwSWDYHn4LXYr8SXa3YKC2OmIAU8yNInPCGizHPm8IZVG4zjzPNjM3BihxpZjj
|
||||
IVajFe07INd8sM6RXE+YA0QTmEDoGW2QcltRyHdAPz5XVkRypbV5ONZLTQARAQAB
|
||||
zSlyb290IChJbXBvcnRlZCBmcm9tIFNTSCkgPHJvb3RAbG9jYWxob3N0PsLBYgQT
|
||||
AQgAFgUCAAAAAAkQYeU/lMqjFOQCGw8CGQEAAEKvEABZo9JRHnwrKr7UGmynctmF
|
||||
aR+1KApeWrqahhobgfvMjJLfnUV7UDSeiuf3juoZC+L1d8LqEp0czcqU1YuGtjTT
|
||||
Yk/4WDwc7G9MjHDgVXPZlQ/qxSYBFwowbUkfhj49UA4Np2PW3yLtoZnBHLz6tmaD
|
||||
mTtdNjzEw+L0GQ9Wi2pQYSUV4I9URF/NH7NGmurNl8Y5SHb3rqFQ4CPGXk5UQYL5
|
||||
s0ZdArwgWNH+ceC1Kq0baKu5WJINFfCIJbJajATBqgPy6FPEmhUdgt8awOp01oEc
|
||||
zs2930sc6YY5GJVEGnxR/qBLTA5lANS1mpqHd9s4YF7jj8h/q8SV4iegTeKHrLox
|
||||
v1bP+QzHquCn7BpO9V6GD/eaqBKfx6k6+HDb5YmKnBvBV/c3yJ6wiv1H32nauWs1
|
||||
CgiJNYV+A/+YnWf0uPRqelAzT06JUtnSBZ0ppKLR68X3IKisXVNzW/3pM/ZWWfFM
|
||||
uKHCoppH2iuStn2wPkdjJD4UHduAFyF1oj1jFwP9r+EuhhPH1qr40405jRdOR98P
|
||||
RuPhrSkLBdWiUlNintDOyFzNbKXMZlreZeATeT5y/H+IF3CDvgAhBo7KqhfBfgUK
|
||||
6P/1xk8DozTmlsKY/cOsK0aL47CJcg8LU6tHrxa8uP6qV2HbUD31WbCRr1eL8k2G
|
||||
xszxEVPuKG8ckw58WpT4vA==
|
||||
=kJ/7
|
||||
AQgAFgUCAAAAAAkQ/eWH5nN9LbwCGw8CGQEAAM6kEACsZmMOZd5qMOOJReo/cu5p
|
||||
8JcXZ1c3wAUGm/Nw7xN68AGxHHWqUJqs5hGqICqSxnjtDD95H5tb9ahrEIxszfVd
|
||||
fj/CR1XRu4Scu7MZ45u4q/whLIwe1vqROmL1G0bR52WVvaHjcS+2h3NlxauO8bld
|
||||
uCwwQrCEBv86XjCZNtcVWEjqBffIfJQYAywyprqL3LGB5ypuW1tb/fnTZSd/1k9D
|
||||
3LZ26FRvPd8XsBAZ5zSilpTdE9yhDPQb49VLP4iVwPkIjbw0us1KxlGJapU1nYfx
|
||||
pX23F1f3tRGah/QOuZYa9J2dnr8A9FJQ+x616nrxnJ4DIRsS/mG+ES1HiVKa9u+2
|
||||
ZHxXqRHY+eb2QYaWI25F4BYrADOMcDLHvNL4T8E21Nt7QJ0hUeTeMCROICoVOtF9
|
||||
JNaHwD7AhOIwZHA28WNcrDoOpYmXXeRd+Vohvx5LO0loq/3dQdr5KMH/VGVP0VzK
|
||||
YgPjh+z7HT66oMUz1fOeWtIqzLj7Un6rfodfq50OouDwhkAGseupDHnY2MBrfi6v
|
||||
fexpttnBuOx5NSeuYYxkWK8cUfAFVFO5bFCb3MW1e2waaiceS1vq3dXiZx3l23Pr
|
||||
qOs7Ahdz5P4/GZGjIDKNrdLid5tfBI12hxFOSuXoF7G9Ak24a77A9qks40NL6TMi
|
||||
hK7IB8p3wuRzngwa0WY3QQ==
|
||||
=6Ym/
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
49
keys/hosts/staging.key
Normal file
49
keys/hosts/staging.key
Normal file
|
@ -0,0 +1,49 @@
|
|||
-----BEGIN OPENSSH PRIVATE KEY-----
|
||||
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAACFwAAAAdzc2gtcn
|
||||
NhAAAAAwEAAQAAAgEAxWlZk+V7ePpwjNoWfmau1Mm4NukyEkq6VP952fqsWUguuZqnwalj
|
||||
UdZAqSaQ74cFIWkwtsdNC/3JEaD3BetAKmEet9qMENAIMrhvsUdByUea6Vs0bHDCDZNTTi
|
||||
0OFcPSGkcpH8eWLSi95j6PIizUKJukpBRtYT6sKAM81jSwSyjHyqw7VrgZ7Gxi65AAf9ni
|
||||
QcPcQ5qTKS1eX9pSQwPPUUGFfGEIXuEwS/QdFkknPQql/Uz+pt9M2Oowlr32C/h4vmIkdi
|
||||
vnafalweeVYmHMPIURvfZ+X0smUgdIcrbZyFe+htCNuzHBbnlrui82f5TBCTPDnhVYMjCR
|
||||
TFVxwgcS2By6pSb8ZOLVeNyZJeCDp+IAYBtqEu0pNcKM+e1DboPwBnBgBy/2AG5PlnBLrd
|
||||
kYsKE1BMkKUaz+ED52YrxJHk7NB+JX990h1urJzHXAg5IzulQqPQ07EqV/HjS4/YVvFDLl
|
||||
DLFN4y7VeC9kzKA56kRzu4nGwq/twiIv8gORFq8vwEXjj0xWPnrV9161VFHQP0iS/zlywf
|
||||
EA9o1tF21Xmhy4HYZbeVHg8Elg2B5+C12K/El2t2CgtjpiAFPMjSJzwhosxz5vCGVRuM48
|
||||
zzYzNwYocaWY4yFWoxXtOyDXfLDOkVxPmANEE5hA6BltkHJbUch3QD8+V1ZEcqW1eTjWS0
|
||||
0AAAdAO1rPtDtaz7QAAAAHc3NoLXJzYQAAAgEAxWlZk+V7ePpwjNoWfmau1Mm4NukyEkq6
|
||||
VP952fqsWUguuZqnwaljUdZAqSaQ74cFIWkwtsdNC/3JEaD3BetAKmEet9qMENAIMrhvsU
|
||||
dByUea6Vs0bHDCDZNTTi0OFcPSGkcpH8eWLSi95j6PIizUKJukpBRtYT6sKAM81jSwSyjH
|
||||
yqw7VrgZ7Gxi65AAf9niQcPcQ5qTKS1eX9pSQwPPUUGFfGEIXuEwS/QdFkknPQql/Uz+pt
|
||||
9M2Oowlr32C/h4vmIkdivnafalweeVYmHMPIURvfZ+X0smUgdIcrbZyFe+htCNuzHBbnlr
|
||||
ui82f5TBCTPDnhVYMjCRTFVxwgcS2By6pSb8ZOLVeNyZJeCDp+IAYBtqEu0pNcKM+e1Dbo
|
||||
PwBnBgBy/2AG5PlnBLrdkYsKE1BMkKUaz+ED52YrxJHk7NB+JX990h1urJzHXAg5IzulQq
|
||||
PQ07EqV/HjS4/YVvFDLlDLFN4y7VeC9kzKA56kRzu4nGwq/twiIv8gORFq8vwEXjj0xWPn
|
||||
rV9161VFHQP0iS/zlywfEA9o1tF21Xmhy4HYZbeVHg8Elg2B5+C12K/El2t2CgtjpiAFPM
|
||||
jSJzwhosxz5vCGVRuM48zzYzNwYocaWY4yFWoxXtOyDXfLDOkVxPmANEE5hA6BltkHJbUc
|
||||
h3QD8+V1ZEcqW1eTjWS00AAAADAQABAAACAFMv1CQK+U9e9UudYQotufGH+V0GQmfL3p4P
|
||||
s+jDhZnv3WSwA44Lk4M6TjAZRMzysBpGqdTzwgdSD8cidcWkPvs8xsWBzjENgM7iwopJNT
|
||||
Mcve4k1T/2+gbfdKTGPp+0T1ZscytlnuZzuyYJaaZkjph4EdZklzz5vHD2AE5hkIJzclF4
|
||||
515hIOdsOvj5ywQVLA87ehdwzR92c0TgCncb5WJfwmDJwM2+hewTt6ga9nJ2CMFnDw4Bne
|
||||
/wK75x2PttXnAXijbTxGX2Hh5KOLxm6rn79yB9/P2p/MFnOUPBwp72Pp6vxnHCAzlK6Dbi
|
||||
S0xSwk9e5Uk5xFsN9URd4xx4f5scwxyk8RQCh/sMqn3JIOwodNwVjv+AWc3YNFR+aP+qXR
|
||||
wggXSypKDbVIAp2+cGKCobktNBiM/fEPMHe20Ssn+SBclUSeAYMpjRrn8Kxwb2oSMASrsV
|
||||
1ykyY+/j+Xb3jC2V+/XTV+5WtKt4SW4RV45g/+C65H+zy+56BoyPqJKyI8d3FB0dp/ICwo
|
||||
zfrmo/X00XF77d3ZThLoapSnOVeaNIiFtG5Ia635gNUyr/81xNhOeX5NMBUHSqdxrtZfC2
|
||||
PeuBcspWOg2tp/6UPjBppwrT3VnM/K27lqmDx9jPE4tMY4kl55KdSJ4uBr7H5Lu6w2zNnZ
|
||||
zGYToWbhXNDHqm9PqPAAABAQCCBatZmvEyP+7+qBFkvU1t8nseupa/Lu6Va5qV9ZLvUI0Q
|
||||
8nMYMZ/lMMB6TROyy9OJY59srkCjyF7COqNH6A/eo2XBCVdkAEBpUta8gzbLTtzRaDY+tH
|
||||
64tzDJYTLPumfE1M2IfztVwVgJuwrz/t6eAtakXfjNRG8nKVlTI5UALRLIIqVK5ReDs5NU
|
||||
7FbO5MwYtrsVHmpiXqNA8d1pZkjXNmU+I67DblPTCWraNnEC6mcIgau9n+mGuQjrHzpUqn
|
||||
kbQF3GSJTwgJSlKhkNGLyH4qrFsK0yemCkxKtzi1fXy/iLKXUG2A1uovuugXwQZmV7nHRM
|
||||
+oDKZz13CWk14kDtAAABAQD07kRtO22XTklTf3w/cC67aVj+Ltifl0bVwbsFgY9zu0F7yl
|
||||
odYYfxV/rDn639V80JoAaTZ3lSuBvOwgtGWr298rwkkkV4CLKu7+bTLdS2L9YScKmKL8N+
|
||||
FGoYgVCTZZxaUe49eUdLaUcjxYTPC5FWGFCztLG7uAvydIbTFKG6++j4poow6q2AwejC8f
|
||||
ZiO2r0srZM1ouYW5j+6YCbLCKKcgJdZvZFBhDXyHwQXF5rCtB8htg6BgsTu3Fx6oZR3PXc
|
||||
RoO5A2CmoZ3bUSAzUOH4g80yB6Fq0dvpFr1CtzzNCda5TLNS6ediLqlP62NEez+wduv+Rs
|
||||
Xd+EhFect0lmETAAABAQDOVU7PqTLZFTxUx++JVFmdrd5FqTHwOrnEYWo8Hzx8X4RomIBg
|
||||
kY4oIGLXsBfZINyWKOKjQqhfh+nRgsCR7OQ9IjeWh/0eRma6b9kjBQT4UKYvylBjchoVci
|
||||
6DrxXWhwbRTCV2Vxpn/+Bx2JexUJx5oQ8yZ7a/H/w9J5GjgT3OR6d/ogzHr3FqdeAnvUle
|
||||
PBlaCZUQxuI2ADmdWpzxwmCalAxrLQiUCdRtY6X8TWYi35DWvGgVU1nz5VWYRvI1/+pQdt
|
||||
Qe9lP4uFNOpc05G7xcloEe+wE4aIqL4fLGVOrOqtHOps1W62Owk8iU7OFXw6Aoc4yjNWcj
|
||||
SEsRv2HtGI4fAAAACnRsYXRlckB5dWk=
|
||||
-----END OPENSSH PRIVATE KEY-----
|
1
keys/hosts/staging.key.pub
Normal file
1
keys/hosts/staging.key.pub
Normal file
|
@ -0,0 +1 @@
|
|||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDFaVmT5Xt4+nCM2hZ+Zq7Uybg26TISSrpU/3nZ+qxZSC65mqfBqWNR1kCpJpDvhwUhaTC2x00L/ckRoPcF60AqYR632owQ0AgyuG+xR0HJR5rpWzRscMINk1NOLQ4Vw9IaRykfx5YtKL3mPo8iLNQom6SkFG1hPqwoAzzWNLBLKMfKrDtWuBnsbGLrkAB/2eJBw9xDmpMpLV5f2lJDA89RQYV8YQhe4TBL9B0WSSc9CqX9TP6m30zY6jCWvfYL+Hi+YiR2K+dp9qXB55ViYcw8hRG99n5fSyZSB0hyttnIV76G0I27McFueWu6LzZ/lMEJM8OeFVgyMJFMVXHCBxLYHLqlJvxk4tV43Jkl4IOn4gBgG2oS7Sk1woz57UNug/AGcGAHL/YAbk+WcEut2RiwoTUEyQpRrP4QPnZivEkeTs0H4lf33SHW6snMdcCDkjO6VCo9DTsSpX8eNLj9hW8UMuUMsU3jLtV4L2TMoDnqRHO7icbCr+3CIi/yA5EWry/AReOPTFY+etX3XrVUUdA/SJL/OXLB8QD2jW0XbVeaHLgdhlt5UeDwSWDYHn4LXYr8SXa3YKC2OmIAU8yNInPCGizHPm8IZVG4zjzPNjM3BihxpZjjIVajFe07INd8sM6RXE+YA0QTmEDoGW2QcltRyHdAPz5XVkRypbV5ONZLTQ== tlater@yui
|
|
@ -1,5 +1,5 @@
|
|||
gitea:
|
||||
metrics-token: ENC[AES256_GCM,data:J4QdfI1wKyM=,iv:8fqCbftyhj90eIVFxjEp9RXKC1y1IaLnV1r2MOdY15M=,tag:8W/juv1OZh4hJco02qXO6g==,type:str]
|
||||
forgejo:
|
||||
metrics-token: ENC[AES256_GCM,data:fy+RsphQT9E=,iv:/7dvDv/VLZHceTijRXJ69ELna5PbyVDmW1rVS7hquZI=,tag:dL2OBUshmoQafyExrjJwWA==,type:str]
|
||||
grafana:
|
||||
adminPassword: ENC[AES256_GCM,data:dYfaxUpQpzA=,iv:j5wSem8C5+V4c5qRzXQJhsU7/FOtpvrnaEyFBmW6zJ4=,tag:oc8n3TkEbjF2gjuOobZuLA==,type:str]
|
||||
secretKey: ENC[AES256_GCM,data:Atruvh2MsNY=,iv:y2MaCUCEzGIydHp6G0DJHfk289S1is0twKm2oUYwDhM=,tag:nAWeg+YqaYqk6k22oBkAhQ==,type:str]
|
||||
|
@ -26,8 +26,8 @@ sops:
|
|||
azure_kv: []
|
||||
hc_vault: []
|
||||
age: []
|
||||
lastmodified: "2023-10-07T02:17:50Z"
|
||||
mac: ENC[AES256_GCM,data:vZDq33YIn0Nf1FQ2+ySezox6igiw6zNFCu3l3kaIsBKo1797pohmAxj2Lcc+OmlBjj98khaBIlbQuA5ULM+uPN5ILaz3NuXD5PZtsV+rL2PsLNMW9FBSmJ0m0YQrt0nZ0tpzifn12XghcSK2IXv+FnxlfrAJCxDvr5tRm90uUwU=,iv:ct8CzIWjaoJ1UjZcdFSr8lZ626vA0RvM883V6H5plWc=,tag:waJNtp/UbRDOfyzNElrung==,type:str]
|
||||
lastmodified: "2023-12-28T00:07:15Z"
|
||||
mac: ENC[AES256_GCM,data:WRwC7ETtL5yUIgmNk+ktxtHTnDcS7dx07KAfgn8w8V/OAaNDaaTeNU99V2Sgk5emhlSr5PyHaAARpJk8SBYhmJZo/iIcG65yhsnv9D7/JFzBMjuoin3qIeGCZ2Yzagpospd1e1YB/cDATfPug3+iMxLysQSKBd5zRgeYPACZwMU=,iv:iSj+J239khh5PS5ZK6vqgHpD/SSJ+DYMeledOEXhcB0=,tag:UkK3/aoTBquY1cGlxjSGOQ==,type:str]
|
||||
pgp:
|
||||
- created_at: "2022-10-12T16:48:23Z"
|
||||
enc: |
|
||||
|
@ -65,4 +65,4 @@ sops:
|
|||
-----END PGP MESSAGE-----
|
||||
fp: 7762ec55a5727cabada621d961e53f94caa314e4
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.7.3
|
||||
version: 3.8.1
|
||||
|
|
Loading…
Reference in a new issue