From 51b0e7c21bfc9fcef7c2e96b8a03de3525d81b4a Mon Sep 17 00:00:00 2001 From: NullBite Date: Sat, 29 Jun 2024 16:55:55 -0400 Subject: [PATCH] rpi4: add htpasswd secret --- hosts/rpi4/services.nix | 6 ++++++ secrets/htpasswd.age | 45 +++++++++++++++++++++++++++++++++++++++++ secrets/secrets.nix | 1 + 3 files changed, 52 insertions(+) create mode 100644 secrets/htpasswd.age diff --git a/hosts/rpi4/services.nix b/hosts/rpi4/services.nix index 404a43c..b3d941f 100644 --- a/hosts/rpi4/services.nix +++ b/hosts/rpi4/services.nix @@ -10,6 +10,12 @@ group = "secrets"; }; + age.secrets.htpasswd = { + file = ../../secrets/htpasswd.age; + group = "nginx"; + mode = "0750"; + }; + users.groups.secrets = {}; users.users.acme.extraGroups = [ "secrets" ]; diff --git a/secrets/htpasswd.age b/secrets/htpasswd.age new file mode 100644 index 0000000..aeff4fe --- /dev/null +++ b/secrets/htpasswd.age @@ -0,0 +1,45 @@ +age-encryption.org/v1 +-> ssh-ed25519 YUrFgQ 8WQBMCkjicWOLC2VK6jU2Ptdk4RT9WgdKXraRxi3PF0 +QYy5HHQARLGUAoPThtewY03oRiZLBqFoO0chAD3q/rg +-> ssh-rsa I7EAZw +isc+FnXDX30TOu3Sxv053CPMoS3uj62hoKp+GlPm7tCyM3Jx4QHRFgKKpIAgGT4A +5TFyfhCrdAcd7+qnEh7e6nuql06tDRM815KPdlNusVvmUbirmsXa3zrMV++S/AYX +L1KldsHHb6bWFb50iExvvzRwIUrxOwzqmxa95bBoeeRT75NcJt5RA0sixp2/eQNJ +qiapiKjB0c5AEuhxyiHxu4OcXK+2WOzn/fgCQTewyIoTBgcSl1GK4JXYO03KTPJY +pZdir6tmZVV9EV9rrR6imDTVYLafQ0on4yuXhHSieGO1rVhfcvITdGEzplfkdTa/ +KxPwEbmlJ2JtjakcV9Cgkd0iAZbePBnWb+5GIc3PbDErhXQUb84iNgBc7zSSdg8B +/FXo34wdbzfZRj8VQPyNDqlo1+UGZZVYC06dWJrX5R19CQWUgXzqxJajTyfzTAvO +T3PMQhaGKRbwl/t7VAz3zaZBM2lIMF2Rg0pOWwRcdLLPn9cwhmR1B8k4MpDC0LPn + +-> ssh-rsa 0pGLuA +M6m5KDIADEEpqZt0la7ClPdC0/v32qbB1fap2f6/FWQhf2mxEHu8cGbUvve0+Hqs +qJ41cU08leDcPFATwHM2agYvpyAyaTWTFtF10+7iQ5TYIbcynsMl/ycoHcTg/Fns +9Qn8Bh3neZ0ThF7U1DnuJG89mBbAWdZKs1W+h0Zz73XOU18J6x02TXsmCSr6Cwvz +I0svcVQ90S0g5un/lp4+HQ7TUILEPufkAAbnT7Yxofc/rU0yvsYFvA0CEilykbC8 ++IT1gwGpBCgLqdnQyOu2FuiIKHMIyExD+x/G8UA3T6GdyuhfUZWPgSxrUiSR3lz0 +9cAvEq0koDz3c3X/zvaCqZ3Ap0HbpAEF9yocmCZFhUBIh5z7q7NOQdglhsgD9Q0x +J+zHDVFYe0crxsz3AvXeFFTfzrA0jnJFIJM8y5jgZRVddKD5PJ/zmGGJTFLqzstn +Mc/7lnygZ762p3idjt2YFD+yWzqHcsnt4G+b/c9PYeP7wo1XCyM+3U3lXXhRGjlp + +-> ssh-rsa JoBDow +WtoZZECDEnZusujZ1CQwcG6yQPCiNipdwFZZQJg5FluuF3Oyqm/BWXRlUyb3QTMF +jhKhg1kbuIJONJZO2qVt4fxooQ/V6VOgOqDm1ULMYD6Slz1dpZslkxKsCRqNJJO8 +GNkCno8u96e/M20Htc+EldFjtNculr2WUXXT9JNWkrwqzF8CMWlkZweFXv3odn/p +iP2TogKveKngFoJxuotvcV/tJINeP6E9zqGmjCLBdWP1YM8J+cnCdAfJW4QBV8sX +0ZrsRMnl6xwTgZ8WFXp2HRaAz+ra598RACynYsAhJiQBQ8niZWc9DFTjLYvIOmhn +ycNLWvIKzPCtk3wxg2q0uJewloWgDVO9rcDIDkzBmxjkyLFRpqwqlVTsnPqoEBVD +B7g4LCmRHR9Jm6zFd8RY/m4xTmyYml3W3EgTV9F7yS5nKPSvsbxErWtT06VaOkGt +Uz9h93l65bqmcWwkq/PXQATAmcCIMx5bbtdmoVRX9HjcIz0rA5t3a+zbXklOBBBa + +-> ssh-rsa wzTCUg +pz+KL09EpRSoUDPzujMDlUEJXAPDtfRZuuykC6lhgGvUMrbc73JmOnckynkcUwVa +w/Y0dGc9Ajiq0ncIiKBpx/GxbD7DZ2kDGeiiBiS5MrHx9yITb7/4uBuEDgeDXEbs +11thUyLlTlkpIZFryFHcwdS5Fhj7l0255rsuHbs4M7yw/3ZCdnERrPqTr2ycbd+2 +bTowxquzR0sjBezUOLPNc6IMu0YGENywljCaybhvbKYMtTHJlSPgc2xP/MXXO63e +tOwfX3dc6rdwWj4IX/nQD8meWVjFjvEHU2NF7SUCv5Ofy6LSW9E07hq96MZ2HiaE +1HUIXQoBMEsV/p2DfxUfBwAXpr8uFdNdvoROCLYxSh4tK7eKwpxcevY8S3wAMkgJ +Rju5ZWt4tIzEc7/wZfdZ6wWDvXF53M8C8/FWuofSCaODamZTOp9pBraNvo/e75IP +b8URE+CIX9myynRnWLZtmjiZu3MP5/lPgArNmvNveZyGlfwxU9fCYeBX7rDqbS6O + +--- ExjpgvaIjii+XvdCimTY1jHyh1WvcVUxAepN3krSRQo +_ÎþP´Vq2qP®ùù3׌6¨œ ”WàØKÀUOuõ˜íR^ev˜áZÂ…51ö¥ƒZ›mC•H{&´p¬ÙÍ|ˈ%-—šà6-$%{ñm…äí'°ÊŽíi~6àÌÅ›·|€ÿ \ No newline at end of file diff --git a/secrets/secrets.nix b/secrets/secrets.nix index 90e5305..43ff922 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -14,5 +14,6 @@ in { "cloudflare-dns.age".publicKeys = [ rpi4 ] ++ all-user; "wireguard-rpi4.age".publicKeys = [ rpi4 ] ++ all-user; + "htpasswd.age".publicKeys = [ rpi4 ] ++ all-user; }