From e4679c8299f90d903e9f23cf3a285047dfa88615 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Motiejus=20Jak=C5=A1tys?= Date: Sat, 22 Jul 2023 20:25:28 +0300 Subject: [PATCH] rekeying --- secrets.nix | 7 +++-- secrets/hel1-a/borgbackup/password.age | 25 +++++++++-------- secrets/hel1-a/postfix/sasl_passwd.age | Bin 678 -> 766 bytes .../hel1-a/synapse/jakstys_lt_signing_key.age | Bin 701 -> 639 bytes .../hel1-a/synapse/macaroon_secret_key.age | Bin 735 -> 633 bytes .../synapse/registration_shared_secret.age | Bin 649 -> 720 bytes secrets/hel1-a/turn/static_auth_secret.age | 26 +++++++++--------- secrets/motiejus_passwd_hash.age | Bin 689 -> 831 bytes secrets/root_passwd_hash.age | Bin 745 -> 793 bytes 9 files changed, 30 insertions(+), 28 deletions(-) diff --git a/secrets.nix b/secrets.nix index 650cd17..48dba86 100644 --- a/secrets.nix +++ b/secrets.nix @@ -5,7 +5,8 @@ let motiejus = [motiejus_yk1 motiejus_yk2 motiejus_bk1]; hel1-a = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF6Wd2lKrpP2Gqul10obMo2dc1xKaaLv0I4FAnfIaFKu"; - systems = [hel1-a]; + vno1-oh2 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHtYsaht57g2sp6UmLHqsCK+fHjiiZ0rmGceFmFt88pY"; + systems = [hel1-a vno1-oh2]; in { "secrets/hel1-a/borgbackup/password.age".publicKeys = [hel1-a] ++ motiejus; "secrets/hel1-a/postfix/sasl_passwd.age".publicKeys = [hel1-a] ++ motiejus; @@ -14,6 +15,6 @@ in { "secrets/hel1-a/synapse/registration_shared_secret.age".publicKeys = [hel1-a] ++ motiejus; "secrets/hel1-a/synapse/macaroon_secret_key.age".publicKeys = [hel1-a] ++ motiejus; - "secrets/motiejus_passwd_hash.age".publicKeys = [hel1-a] ++ motiejus; - "secrets/root_passwd_hash.age".publicKeys = [hel1-a] ++ motiejus; + "secrets/motiejus_passwd_hash.age".publicKeys = [hel1-a vno1-oh2] ++ motiejus; + "secrets/root_passwd_hash.age".publicKeys = [hel1-a vno1-oh2] ++ motiejus; } diff --git a/secrets/hel1-a/borgbackup/password.age b/secrets/hel1-a/borgbackup/password.age index c6fa180..ec7b942 100644 --- a/secrets/hel1-a/borgbackup/password.age +++ b/secrets/hel1-a/borgbackup/password.age @@ -1,13 +1,14 @@ age-encryption.org/v1 --> ssh-ed25519 vDjOfg 364C2os+n+Ql2jN/VGkAn/qGpDuv1Z3tlR8a7LD6PAo -brzOmjiJfHq/GhUs+Q+HduKPNry2/s5Az4fi3QHaQ6A --> X25519 41BIZvGJSE92whjPVIdMtZ2mrv+nYFR3fAX6Qnga6Fg -cAkPwGWiBO3uzHHlI9mA+BVioIJKnoLZRjvllfkbeJY --> piv-p256 +y2G/w ApIK4bPqVqhXyTv2QtApM/SwAwKrcB9euOuOXxOsGtW1 -EmPYaZRboONQOJr/T//a5unCgRYW3BVQ3g2ejtexQj8 --> piv-p256 jNqd3A Ak+73XGPLVb/5TcGB8w8HFPyFLnyvKHHVD6ND9ohJ2F/ -bvC8Uu3A9m6ZFBI7CzimK14GSdcPBrGmflBPePWpHlY --> (!/%-grease Bxza_u 0eL_gi*M v$Tr2Q -r7xxL43b6wPWEc4rp/bck9ooqIj3e183nvUbwOkBISeB9Yj5DfjcnPohBGyXM8k ---- VrBiKWQ+JMwANJxNjgYbIuMvRawFHnNEyAnyRCq8vX4 -/xf 7FRS#yrYV0K,h ق/t * \ No newline at end of file +-> ssh-ed25519 vDjOfg jXKd84hBLGshv+pBkasnRvAOR6zJOv9kqj3MFhNEfSc +PR634A9Br6c0NTSZUoq6HpHfbIkbZxCrx+QzdK0tnHo +-> X25519 EQxm5Y1GnCgOAxq/sWSksofOs4bqh5thYKchFE7AVlY +i0eqmFuXZ2VGMOHqS42vifcYXuBCTlF+Ckp6M2Dxrrc +-> piv-p256 +y2G/w AvNFDhoheGvhx1OPcsYjNiXgcE2IyzNxnQa5o92TOfo/ +ORGLR75OPtt5t3ZntdrmKeWNqcoOh9/9l9LPrbNd9/s +-> piv-p256 jNqd3A A0hKbEWxWIgzjqC5rPnQvI6C89vvp3Ejm5X3hoSmJwcV +nae0utik6loEuMbOUe7EZoWszJYMsA4aYIT1fBu7rmk +-> W3-grease Bi-\Y /Yn +vVlW417ifsv6IU8m3IZWxis +--- 4+ia3CXXOvu7hPj9GLiTnzqQWwNPc8osiIysKZl1ApI +y?sAEoFk'E2ά**Zc-qS +JI6u,D \ No newline at end of file diff --git a/secrets/hel1-a/postfix/sasl_passwd.age b/secrets/hel1-a/postfix/sasl_passwd.age index 32d612f36e43c8b52c2b862de294905d91841484..1aa8836aaad23cbdb393f1c6d93d7851622c79cc 100644 GIT binary patch literal 766 zcmX}nO~}(`0KoBG95cu5=)@vJ(9-3jPud1y^J$v2P1-a~8JWcZ?ZN8eMP1Bs* zeS4LOP7nkS!^18rB6#p1co64h=s?EsAWVjM@$|y*u)Q02|HF?za_ov7TFGv;UPR%S zQR0vpO;o-rrKwx7=M2lzTq$cU2iPeoP)FpF=Nt7AA`OaC0S%f=Z%h{vyOIntG;8u~ zpo#ftNbFkcqP($-9tR4Rg3v8XT`nA2Srlcu1B%#2JUsxtg>D^a=Kqi%2@`Y4Y2j?J z1RV|a178>!eRE2Y)-nR2nWIrh@LD#c2!#yFG#-b7s*~S;a|gl-h(lRo2#gUJJcmm$iqX)aJW7rn_>P$;Bmeb&9IpcIw9)CvQsC{K@fOpTB-{@5C=OpGw!Nuip0`oZr8__t<%FUVM0dtG~sUe*5Xq zKT>>o&%g8C$M^4k@z>Mq_!(=WlLPnB^y2t?^U8}o>hz%_x0q|MGGqVPH<#6;7Y^@V kefh(&)rS1L`{a{%zkmAZbM)@BBko6&o2P`UUq3zf55GbT@c;k- delta 629 zcmWm9%WKnc003YHo3bc)64{UuK^;KLl}Z62+m!^gBN!YchMc3pqC-TlNTT0MG@vfWq-lP_jly+$eptT9ca-i)5q{m zJ_DMmJ`+#cX*%An)H`9h5K>F5TeP(tPEjJ1Zjh~3s?Z3SNmbMYMTk$Mb}!@OM6ME~ zilE>}N>xH+?2G|<}H0hd#{ zxJv;@@e4$&)YVE^s*0ciU$7X}Ma!;Ab}feXfL>vQX1HBe2!Cy#Fq@9o#E1aw>0xoi zg(D`fM2I4ZVmTQ&8kcrmm-T2s&C;QYQ|IT=e!A$%g)@u*pgPN1lMP8?yCQ*;IK}p{Kw$8BM5>8ho#7>&X6byWpVtCJtRLBrETj|sDKD_( zN?V3!FTz@ld5rTapBU&)luZ|?l^XLZFu7Q^Wm8z5A~(3 z>nEQ5!B_e9;P#aZU#9Nw6jtv|@cJY=x_yIQpI8__z7inMJb1lB?A6lh%R_G$Z|R?d z%eUV@y7|TnADG?s4UN4r){gz#`<0s;9JJlJpPS3bx8aSkrQa{kzdQGJ_2ZN1(+~dv DB}w9+ diff --git a/secrets/hel1-a/synapse/jakstys_lt_signing_key.age b/secrets/hel1-a/synapse/jakstys_lt_signing_key.age index 6fa494ecd2296cab77f18fd655669f237bb2de57..fa1f1595140fe82aea0fd2f6a4abc6754f1e8cc8 100644 GIT binary patch delta 590 zcmWm9JB!l*003YG#Ns}~v2o@Jt zl>@=`Ksa3-MAShP6;5wcd~7!y2#TPhIEW|8{eqA0@xgxwuAQB`HMEm;Bx;6FRL`^$ zd1AAX-Ew$nL^Glz5v&R;>`XQw0`OJEitX}Bmv3Z>Bz~7)2p6r|EFjSRn-lWa&|PEI}097K))`H8H`N!%YpLYmp2ONq2<;bW|cD zrO&66iAri+cQ%8#BsRc6_FT3tgPB=}?9o6|(qxZ_{45{AD3$}KFjpAosD4QKQ@Tls zEmPr>>1xRPaZw1W+=wv5lv8+!lv|zQ0QRPUKWigP5J}UTpp`3WI_tVtpM?wJ6z|B; z)Ms!p?DQG290%jI=KkYz(xC~LuhNo(jO$_3w@tYaMTzPoi~<=!Ou!s3+oM28Ou$T9 zNH-l>y?~LcOb>#S2F?#K7x&7(rO_o2(ZY5?2f1N!FJkb;29iw9=e>B%~AmSS}s z9+fc5#a*nTTHEcNE7mf67bu+eC6ti>;?Yu!?~x6)Z({?ua@s@-F|YU8{J#C?e9l_zP@{3-Q8~d zIg|Y0>Nhr@KU+Vxv2+N%^y$5^dvW2^+ppUm3C7+6G+8A{Q>ABY^D=7q&3e6#w5HjF@VwvVB@r_>zUYf%ZN~r**Y1oHX=w;~ zk|?E@Gp>%t(K?uDS(ogMQg4}0IJBV$^7%IV7ul^Iud2#WYJ^5Lrm3KmH@PX96WqX3 z3mUc)C!ndBu$z=X3#)rwYmiMNiHd5ZwlZAkkHr;23#?!Ys)sXiD2aozyE-2>egSV9 z1PMZQLqJN9X(g3R;8;^vX3aY9WC)&_PWrp43O zH45E_7l}JhT~GtjK)wg0Y$3(uD)1G%mK|kF)I4eijO9WYrGcdF0h3heSJOh@c8b^$l#$I1e0(HYMhU<$3<_yaLUsY<2LxiJT`S9K z0_C!uib4p4WbP=z`=zd7ddUHs8_J`Xm(*vEskA*5FTA>cOMmzC4A9@cet7nMFF!hc ze)WxaeC_VH#s0~c7hUf_l0W$5ox|Tx_YeMD|N7wa=OgF+G5Ldia`W_Xe|quCFR$D? K8Gl0EkADH^mh$lc diff --git a/secrets/hel1-a/synapse/macaroon_secret_key.age b/secrets/hel1-a/synapse/macaroon_secret_key.age index 52f64b99a803c1fe306d494fffa615f332ce9dc9..132f06b5f65690e9f142ab00b9a61d2c248e3644 100644 GIT binary patch delta 582 zcmWlVO=#0#06-n6ha5bKB3?St9gL;1v1P>~Lf=87h!Y;}LhX?gA5Qm~5G7q8$!HbNEQ@7i@J>L6#V0-_yGlQz8j!W5C z%c)~X>_;%AOR!?uC{^iL#XyGRAtIZ7GmS$Yvw>(CUEKpdkfV$R)i#$=QXLf)`IO^W z0YYTETi}91sA0)-37w>Az$E}=LDB88HCqzctnaINWR3~-dK=C<)d9&;^Grl*DL8YQlHAC=?TyB9QsBkJLmUdBQ{K?h=1G*-s$LxZ+r*LQcNtdKE2|Oa@RG8oc z1iD$(D!HaMo3;XIIS3Y;E+-%8T=rw=bvfJ=uEw`0q{m_`ZwuTFw5ly7dab_4LT^E=|%rF6kq=f)M&#vtlUNxR)#P&1XakY3X+0Gbk!Aufv!I)Mgy zJaWq^ug1D)4ynjXNz~UuNnWK4gs2>@6{zq!&YkDDTyX% zo0xJ4O-`dqrjD6`BrBtesXNeY0qU+LJ8B*VZ8D70AZO>gm|_E;on)EMvx}gu*6k*N z?hCOuhhvx%(St?CMqb)b%{ zXJl=}$2m1zF;uiK4sdlmBYH7c)Z@G|Of_z(v{`2|`p@#^sa2s$6bS1~TptNmgLHIZ z74RNqNo*}@X|9B@IF`*boNOS(I2=G)e*hTA00dA6nu{-7NyXEKyEeD$HfDGgCfECJ zBk20l-?^3HDcAwFnb;*B!dK;TKsfqB&wBz}m~&HWa@A-$1!iB=Bw7lr?%cZa^3nE_123*_tRLN7$6x>aQe0kMx_x->{Ws$eNrnI# diff --git a/secrets/hel1-a/synapse/registration_shared_secret.age b/secrets/hel1-a/synapse/registration_shared_secret.age index 02ca7dc0b01f5d4b88eb42ab967a42c2131c14d4..13d204700ed4d7dcdac7291e32edf47320787aa5 100644 GIT binary patch literal 720 zcmY+-yNlCs007_{&LyXy2)YKHG}OGBOM|E+m$a8xA4%FYg&UIe*Yus_mo|?B5pi)+ z+(Zx+#6iJ9+*Hs>2Nyw95Cjo)5m6jO9hAe#?;rTw0F=Pohefm)h4W(}4DgghN+;1I z8J0kwVi=M`Q*qoF1SsAjy*P_W%cyHp9IGyJI`DF4TeFfzS6D(dbCz~e>t?)z6r162 z;E!MvHB}jO%tD>obOdFaNEZ{cg9ofy3)E^Wk1?qKca7_DpXO0MCDpD#*QPdsS$aC- z^=V*gV&Yv3PwbL)5A*DHX1@bsY{`;FxVDS zDwWW>%hYuiX4rJh6r78fXP8gp60ZR;35jjDx1lno$tm`zjoe&)bmjIyhu*Ec{M?M+WMB8a megOA8T`SICO}?EYv$c<>;}fqAo9}OJ&F+6k4!*4&SosTA5cnbh delta 599 zcmW;H%WKmB0Dy5P?2^NTp(68AM0bg$OVYeN$dW8g(|49MO^Qs~yqo6Lv`Jb91@WRM zVTXwb;$_M}chIvScyJf-;LVFSbqJ!c;lYECKj7oX_kQut;=QZ$fh*5~kQQb-jPM!1PNekq#%t} zl!#Qs1NrMY1x8Vb%q5uHHfaMYxBHn@g*;89(SAdqs~%hq=1Gwn7VAj4>XST60IWL0 zXPsI%76O+ng*>^rMv6(QGL?c0PQ#L?D4g$fHKdvTBSI(1hcJrez$wfX(i}B}h%Sa} zU@G~OM%6~pOpdT1cCx61_c=_ZZFK|MC6oCR*`8L<96m zEf^2%%)t99LpCNolNmHC1s+!{9$`j>I+V&76GhGTV?Zd-WnOb*vPH(p#aE8 z0#a}@;|xhaMaiAVOsQA5cnzW^!^GgZ(cd(m&n1LlTP$U9f!{&xd>JgB|ni zjf)HKr0**qFZf4|+h>etk6vuOy>fv6UR^nOdhYJ7s=vCVy=*KWcex)&r#^f>SvbAU K&Z{^3_TxVr^Uy#5 diff --git a/secrets/hel1-a/turn/static_auth_secret.age b/secrets/hel1-a/turn/static_auth_secret.age index 773d646..af7b896 100644 --- a/secrets/hel1-a/turn/static_auth_secret.age +++ b/secrets/hel1-a/turn/static_auth_secret.age @@ -1,14 +1,14 @@ age-encryption.org/v1 --> ssh-ed25519 vDjOfg sssiHOBSAurbFuJ4qF/l0sYbzBGefkLLSEssQK/a2zM -//zfg58LEypmb8l8qNor4g1BwPyHY+qTKWV2T27bW08 --> X25519 SCePnzyA6LXuqk6R0jG3BIf8Ob7Dvq7N/JLsga50lEw -qkH63cU+OETgLLSKf/1/0BEbcgfmUGruZTyIcrrVUAE --> piv-p256 +y2G/w A/ZT7U+JXFoR3Y7sRkwXfW97g4U2UWsJWSKZMoZkXHKF -vLi2hp4urxD43Yij0EzEcJLFy8iwxNF2Zyjs4u+zJCM --> piv-p256 jNqd3A A4ZwZmNfClY2uexezHA6iDnoA4p2ytdcp+9MARGIbXnq -Xpf5gYsq9wKscXHgDTUtJr3IJ9P7yEHsec2d0UjbM4g --> :w2e_Y-grease qQ6Bzl 2Yc P 1QW>yU&* -3sKAkYimXCaUqRwR845ezZu+rxLU0AbSCLrHoSVC6C0ZkfJzMEzVDWuRYaS67mKw -EKFB8LAkMMb4ITwOVMYCVw43QTbFJDwsXbrxBSncrfHt ---- mOUW0xQCSaVszKC9HqG7p8qNjVyiKAXHgFZ2QzSYX0Q -nև*ǰDq^`+~@&*pYJ ssh-ed25519 vDjOfg DGeT72n4VsH43Ns9yEnxfgy/uYKynfQGUzAtDPf+2mU +LPe1Uwll/Ee//jfjz4jRryl0Fej3jyev6QnYAtcEGD4 +-> X25519 LYVUZF8IQa2pfNevLpSI26VfzRe4wlMy23FeTIH9eVQ +HYXSzjCz7aeMm2BzGrD96m0CbWjLH/XYskhMNYtbX4g +-> piv-p256 +y2G/w AqE+qszNsNVu365Jq5MwieKVzPG2rAYMrO1bOF2z7Wh/ +KUdsBS22jiqWPB+9PoNSugsOKRk5PnFacCoRI05dnRg +-> piv-p256 jNqd3A A+sbeoWSbRRLu2mtTWPX/DJHjB19j7T7TR33zP0tqK3M +WCsLFXjWeDBNEnBwITpjAQz2HJjcv46YFO9OSB/0psc +-> -.}!Z;^n-grease K +fpu7Uos5Lia2hiTlW0SixCdyJP4FXRmmeHP5ufJGbk6qy972vmOeacC4M6/6Ck6h +eex4qQEs2epkNf0tsYvfeA +--- b54YQan0Bm8INDPrhn8N9LIt41/yGKQ8HeStn2Wqf5Q +_b6!NP%Ep'pp,VȊe6E \ No newline at end of file diff --git a/secrets/motiejus_passwd_hash.age b/secrets/motiejus_passwd_hash.age index 38840aa2836d91d528ca313139dbf19e40dd38c5..35c446456ab831bc8b5995b0ad8428861abdaa3b 100644 GIT binary patch literal 831 zcmZ9|%ZuCu0Dy5Ro^mLP2R$eoD(;}^bSBx!3q?rgkz^*5Y&OpsFU{ngOdgZxWDZ3< zsD~;dD0q>j2M;1H2%-lmDp24M^x;i6gS!*SGSymiIz^5XxRH_che1KY~gJl-et z;TBR@{BV*=6Iv@*xsDk_qDl!KQEip9vDN}uXts6(VPUD|gp{^g+RD7)v;)RBUP0N&KFEW5we1^e3sD#RceE|E-zzW7-Ks`Ry@vDAS-qx;N;7@zptJ;119T z-Lp6DMJM*Fr=Jk!$@RCQJ0Cr=|I^3D-nGRdb36CXFE2p1pSY<0VGH={uU+K#-rLXb zU;X)A>H4kHQ~jH#n+mvT-0d76?FG-j|L{TQ-f!n`9DgnU^4F~w-+uhZcYeM4+@mj? hi=TPy5I&003Y_bP|*?4}yYN5vLGKlQdry*=W-=?b@bk)0niUwP~6rP183?o3wRO z5kYrw4mOl_?Ce2M4}upx$bP}Y^LqcYeaq*@-Mq*8x<1e0!wpn19L?Tu#)Ap1~t<{Q#4f7<|vQgUDM=^xoD0+dDE}7Xff*%-Bcl+ z%>fc9ZL%J7Xec}rQZRx*W1#_$1cDhY)g87e+Cd~KB1pEU=G1J}H^u@i3Y1JG{73?} zixA}m$x_M$wPLYvS2afoxQlk+qoio2htg1`O}Jjlr)e3l>=MB6!vG`55In@VNDzvT z`WZ?q78+%{45W4!2#pc2JiOMaD{(5S!vvNoH(I2k0tt!%NuCy}j*4hD4p&p9cF>YR zRrN~^p3{-GS3)u@OSBjpUwO6X$T;Gas7^&s;+1;P@jM1e4%$kcEx2aDB%K(S5O~$W zX`azwDBF;1(lfYTR5v(TC1o{;pJy_~MnuV5 z9v2sEkV>S1Y=EB6D18*+`7ZQv=l9_cOP9BHuKUN{ZXMVdk86JODE?ym(^~ZX#Dzao z%>4J>PiK{EPF6Nnb=-PNI-}{cm04-~(t0y*fW>=D-=y1M{c-Z$mun02`OTZZv>U74 zi67{h(<}1bTMwT{pS(P2xqt7>-v7FG=*;`qyd{?> zg9c=z3A8iMOv;_50f)*Jwx(vL7zRekSRrwm;|GoZHCPSA21K%eiR=p36$Bn_McTM0 z$2f4}0#$NQ0A^H-PffSx3gwQQZ)B|*p3?rHQC;yQrJeMnkXkG8v^K9y)QonmL2pT= zSr?UmYueu|gCC4*IBHZDM;X^Ip|oVScrlK;q!+cc@iK@(lXP3-juz(mc}d1FiD7z8 z7{^VgI`SYZ^>lwWUTLtItWt_pjz-JIX8We#4U?jWlN3@&aRHqoY$DNorS7(|C7=V( zRYNYY#A;Hr@NVC#q9LdwWP%QavJP~cp#E5A#UczWJ+u(Jyo$tqcmhe0yDi@@-noH2dNtg8efz1o>)URvOVaW^ zbK~aS6E}pP7aw=t_H$dk^vA>d4-V|!@xwXO^>dx)A2!bI&tBhuvi0MGU9Ok=eDZ6~ u$X&X$fBnGuPh~84apvV*>&~~Y3rFxpW$uEGnd|#5I&003YGH)aIUfiT#?4iAd4q{)(|6&xmAKH9Whnlx)#5J}p!X_IDY@-}G; zS`R8Bhy&d~P;gAW2;0Gfh^Q#y&3O_L4;~z-mnj|u1yT149-bScUq=>?4LyQwi$p_J zBp0&;I*Ayd2oWg?6a!MFbZf}B16R&ly>5}2 zM|04u>DW4$W8sPm1}-`X_=+HQd{t7&kWDd3A8D17Rz6?{x(YA@RG z49z#7UPCZK)|F&A;xf8>Az2>R7F#WK6Ebb_qF!lRe95 zG`hM5^?bjJ#OLV*XkrVz04IW$!j)~1fft}?G#U~01*=J=jU)&h)8)B%!=3lk7(S;c z0#hrug*IJf>3A>g6rh!A_tD6iVWoKTxwzxb?9qK2cye`P^5e^!uP>~l?x9_F%c;%) zJ{!CmSG29&YpcH=l=j?&aa^M)!aD{$z3a EA8OwCCIA2c