From 5d8cf1b67c31efcc2f49ea3d0d74a3d8150874c1 Mon Sep 17 00:00:00 2001 From: Moritz 'e1mo' Fromm Date: Sun, 11 Dec 2022 11:48:50 +0100 Subject: [PATCH] Remove leonas access as requested --- .sops.yaml | 5 ++-- common/users.nix | 11 +-------- secrets/all/secrets.yaml | 45 ++++++++++++++---------------------- secrets/shirley/secrets.yaml | 45 ++++++++++++++---------------------- 4 files changed, 37 insertions(+), 69 deletions(-) diff --git a/.sops.yaml b/.sops.yaml index a25b9f6..062c97f 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -2,7 +2,6 @@ keys: # People # TODO: Add @ruru (I was not able to find a current gpg key @e1mo) - &e1mo 0x6D617FD0A85BAADA - - &leona 0xD5B08ADFC75E3605 - &n0emis 0xE0262A773B824745 # Servers @@ -10,11 +9,11 @@ keys: creation_rules: - path_regex: secrets\/all\/* key_groups: - - pgp: [ *e1mo, *leona, *n0emis ] + - pgp: [ *e1mo, *n0emis ] age: - *shirley - path_regex: secrets\/shirley\/* key_groups: - - pgp: [ *e1mo, *leona, *n0emis ] + - pgp: [ *e1mo, *n0emis ] age: - *shirley diff --git a/common/users.nix b/common/users.nix index 487a542..8273eb1 100644 --- a/common/users.nix +++ b/common/users.nix @@ -17,15 +17,6 @@ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID9x/kL2fFqQSEyFvdEgiM2UKYAZyV1oct9alS6mweVa e1mo (ssh_0x6D617FD0A85BAADA)" ]; }; - leona = { - isNormalUser = true; - extraGroups = [ "wheel" ]; - openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILN9nTU+lsrfp+uLo1IvMEIi64m6ke0FmfZ6FxBgmKXp leona@leona.is" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOkvy9P1Qweq1kykgn3IWIBWe/v/dTNAx+hd9i2aKe1O openpgp:0xCACA6CB6" - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDR9Kp84lHQRnaWU6gd8MHppZD3pQCI2TCeGF/kHm/A/kqADWqtTWjnD5ad1ZhOTSThCF35VGH3ICdnSCHh0uAHV7eK3GDjhxdrIJHY/WiubEpQJcS5OX/qTEn6QrPDIAZy2ykdHX7XrNWDGOlxpTjkPpHJmmDIQTZn/mMADuhVhIm03aFyVbUxpHSU+v7N8yxV5RehIw0RTy+qSjWcthDgTGPjPk1a2sElNVbsgF4VhqpdUfzG0BQCqr+zPDbeH66+gumDPXC5Pw4NQB596UWPDKaQv7juzveiPTpIjhTfpoWBjCmexGPbSYecXNee61NXe6HsGrGLtw/pRLEYVYH0ecU/b0A7TGd2gznKBgvk8xXoxkqHbDPoCPqC3moPD3BwCXTGNi6DBDAquC/Ho266AgZ+z83mP7TuDJmZ/F4f/glbb2hdZ6ITDS7Dvd+jGlw6UXlKeZThHOy+B1c9at4FeyQs6JBd4P5RwekUCF45gk0RfRu1+HE3YOXbN1s1DRXJs689DaBzTbD9rhROEjZgNT/m0VxC6w2i6WRvxcEvy+wL4HyJxdSK0MMVhZJza4MOB7qLvIq8z3L9kLDrKh6R49m+LsH7NCS9gh0wAH17E2cImSoX4IiRemn39oKZTplAwvvaGNXOmH/SqeZlGpYOL9Yn9nE5mC10/5In/KIZMQ== openpgp:0xF5B75815" - ]; - }; n0emis = { isNormalUser = true; extraGroups = [ "wheel" ]; @@ -41,4 +32,4 @@ ]; }; }; -} \ No newline at end of file +} diff --git a/secrets/all/secrets.yaml b/secrets/all/secrets.yaml index e027980..aee7f63 100644 --- a/secrets/all/secrets.yaml +++ b/secrets/all/secrets.yaml @@ -9,46 +9,35 @@ sops: - recipient: age14ysl953378r2vvy7ft3gwce9xp83pr6wypf5lgx2yjwx2lxra5qs6j8eqe enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB6dEdFZXVINmI2YTZHWnVM - NVREK3lSbFB2b01KYVBMTEpJcEpDOEFzVXpBCmNPdk5Fd2tFcVdSZmFHbk9NVHFv - L3NmNktjZWpNbVdqSmh6bGdBWWZRSHcKLS0tICtSTGRQSzFFWHFaRWxReS9QU3BI - REtURzRrZ1phZFhicCs1OFhsYkpHdDAK6+PpCcZkk2RN0AtdzEdamADncYHsZ1Cg - qynxxBpAyc7xaJX7RQAxuZSEH05sKJ/no5ap+tFyofxc6qJayg31vA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBia0lkeWRnRGxpNmpRdzh5 + NGZDYkh1RDNGMXF6UGxMMXo1TFhmQytndUEwCm5YalBFZHF5MDV6WTFNWWEvaGxK + YVVoL2JUaTVrVTNMSURIcGF0Uno2SDQKLS0tIE95SzYrMEpCeFQ3bVI5ckRNVXcw + K0Z4RGdWakQwb01iek51ek5JNkc1b0kKK+lyOKzhkRLgKG9XtnNqdnsAPbEShAF3 + GQDhanhdVKmhyythXz+a0B6FrJmCppy7ZuNSucewqIx2ZCnLaSuUXw== -----END AGE ENCRYPTED FILE----- lastmodified: "2022-11-27T21:53:46Z" mac: ENC[AES256_GCM,data:8rzaM8lDGLwwMbgcqaB3zj73l3mV0OFeshrHGRVw+akk9ipz0WKnhKHPGbGcaktWd61cg52/F2Fz573PWHthqoI/v0NJc7bpOKG3HreKyJyJ5AbZ+eFYrSLSNKaOXvKmwWHRMnFASOd97QaSYxQaHCDhQObf0XBXEnRktX9NtXs=,iv:j5E/YS1yI/Tgqq9Dio/b7EKrPwcJFBnVDtry91suym0=,tag:Hev9lYgsMxKFxcfozX+VdA==,type:str] pgp: - - created_at: "2022-11-27T01:42:46Z" + - created_at: "2022-12-11T10:48:10Z" enc: | -----BEGIN PGP MESSAGE----- - hF4DOnsoj685gdcSAQdAfObqsRYcqS3ajTXsyhchzoclYXtc8RY+s3eig5nL4Vsw - FjgYcICzqSwxskBWxPTC+wE5sZFWtpQgQC7iBW9kMrM3tyOLHiAWiYUj6Slowb4T - 0l4BUqFYYiGO0U6odYapCo9X4jeTwovV1NEne7UQHoUMLy73d4wcAwxDqFOFbW7T - pfkKSunmpkeYaJVwpqFh/jkPNIZzXF/21vPXMWTjQDJfUjl2kf5CWjpf1WaA7YTJ - =jWsU + hF4DOnsoj685gdcSAQdAbaU5s15Yn2pvSi74qur3WF9+1GeQCN4jXeDH8iSLrmAw + nup2BZX10Kk+xeX9s0W+1HBE5kCLecbkWx/VJPplajHrz296Kb5Z7/9etbDo/ij3 + 0l4Bab4RQ4tD/xfJblCSp+pjTRKoyHptZTFK3MYg1TWEP7BlXkNfkvbtG4soq38O + iJZJGIo/pdkfTSxUz0vAXkKQO46XHW26eNVkOVTkpGHCfIBTMudR1cE/AwoXS96T + =27WM -----END PGP MESSAGE----- fp: "0x6D617FD0A85BAADA" - - created_at: "2022-11-27T01:42:46Z" + - created_at: "2022-12-11T10:48:10Z" enc: | -----BEGIN PGP MESSAGE----- - hF4D/2siLyjns28SAQdANLVNXn+mLHefaf8++uArNCSxYdreGR/wbNTOUROjHUIw - QlO5BemuANtiOVje50wh7Z1blYmVimu3B8GhLWgfoEb2XkOH08UK/ngUrU6nQtyl - 0l4BsBum3yQvasUmzFKdqx6932h6NPNHxhF92kTspnCiNgWZTuaR+xq5Q62I9CUp - ntZAjIkVmD/Zlblg5sLz1c4dtRMkt385pyDJirneMWYcw2EetH+frhdNRwYMwE4W - =Kk5a - -----END PGP MESSAGE----- - fp: "0xD5B08ADFC75E3605" - - created_at: "2022-11-27T01:42:46Z" - enc: | - -----BEGIN PGP MESSAGE----- - - hF4D6iFd6webPCUSAQdAD4eqSFTnqARe7eET9LSFhLM7W0gjPrKxGR/2+egbfAkw - rqXJkIRpRnp0Qa65i46X992a0cv+zzXhYlS25Ve3c0onM2JOZ17JD1SfOdU1H2l8 - 0l4BysZauzbFSu9B7m1ooVxRZZAhVWq5ISbej9sCpiZ6pZURNAQOvyrizgZAXPMW - gscWMUt+jNXPFU9zhsYB8sMw2sqzv8O3nYgWQ/F1IQyqWCBRiUMUquKDuz0qZkWd - =Gc4R + hF4D6iFd6webPCUSAQdAcYhXFsMoghf0Hg6FP1DslsjmbaXJrBdnQhDbuLUpx2cw + HWvyvqwyqKTLY1tPudoNQlkMjD/SiIy8vmQXMSsw0IicV+5hmigKKv1U3PkG9qbB + 0l4BRBmuJIn/zaGKxOHa/oxSvuLXOd8sCBh/gU7jv9MhWecfnz83SAIcv5zsMWs3 + bEoq5SiRJsdiw7/EtfSvDpsDCXvOvNt3T4wFWknVX0TjO6u65frWLVYdHTTCWKU3 + =WjCa -----END PGP MESSAGE----- fp: "0xE0262A773B824745" unencrypted_suffix: _unencrypted diff --git a/secrets/shirley/secrets.yaml b/secrets/shirley/secrets.yaml index ee5d276..f184488 100644 --- a/secrets/shirley/secrets.yaml +++ b/secrets/shirley/secrets.yaml @@ -9,46 +9,35 @@ sops: - recipient: age14ysl953378r2vvy7ft3gwce9xp83pr6wypf5lgx2yjwx2lxra5qs6j8eqe enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBEWTgxaWtDa0wxZjUvbjZl - dXdTWGVFSEExMjZUbXR3SDlWL1lVbXBvNFVrCkE4cmdzODRjK3ZPUGhPd3NvK0Vi - YU1KWDcwQzRLLzhGMHpsbHNpTXJHOFkKLS0tIHpBOWh1SkNrSGxYdU5kcnMzN0xN - SmhVYUl6a0RFNUtnTGo4S3hGSmJVM1kK9I/qqZXJZAncX5ypv3J/VbC81ugFyCPQ - 0a1GOwxQU8NG2VYhyLIUuxEiM/Xi4F1dIt/2A9x6r9xf3anT/pQLlA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVcGl1dXdHZ3hyWGJkczA5 + clRQcXpyVXlaaFZURDJYd3lLVFFSVnlZdHhvCnp0ZHo2ZythOUNCWkR6WmVaTG9V + N3R6eDZiYkErbkd5dXdCMEVla2lPQ2MKLS0tIG9GM09FZzhWaThFY1p6TDg3Zk13 + YWxWc0trcU4yQ1ZyMkI2T3FCZW1SSkEKNI/ja9qkbm0DWEymkZKC/drXfOnAFHly + hhVbBGIvdLPHfyxgEEvk1Pajb/30n9tyXdZU4IEPi8gBspfq5dEdSQ== -----END AGE ENCRYPTED FILE----- lastmodified: "2022-11-26T23:55:22Z" mac: ENC[AES256_GCM,data:ec3JBflxNEo9aHsben5oXb4FlCZzNGh6u6Xc+oa1TFL6rpL2qmOErT8RMkvzij49cz2hLEHMWbiD12fPO2sU/ZHjck7G+dvyRphavEsflzRmLWMj8k7SZR6e/UZIhwcBx15uQndbKhTTSH5EMtiH3Kq+HDNPgAtG6fFQLjNJWk8=,iv:3Od/41rv8YOXdq6uNUcRUtEdFuO4HL9xAtcGRrw6OQ4=,tag:JpVVVveJZfLQteBOOFndCg==,type:str] pgp: - - created_at: "2022-11-27T01:42:41Z" + - created_at: "2022-12-11T10:48:08Z" enc: | -----BEGIN PGP MESSAGE----- - hF4DOnsoj685gdcSAQdAfd5WjaVver30W/+mLzXe3TrzafrtnEvSkFF4i9WUk2sw - CrodsBhVaQ7eeVgYC4E+WYkcCUtZutu8sFWHXHeLv4MKQk1QESjvWbahOjfDOxm6 - 0l4B+bgPdVsNyQDMeHbLoyN5XpNUUOZviLAzpGDsawTNSXBeb6UPxnMI6JTpWfFU - J1XdA7X7T82zC0dzR1jyXVaJQjSTM8/luCD4HGN6wFXKK3FQzNBg8eI/P+JNSS3i - =JH3B + hF4DOnsoj685gdcSAQdAwCC1IJu/RfgJM20KBd/GydJ6mYnOUmY7JriYStvKalkw + 0j09cWJsiTbsAXSscvssQHQm0s71p3A4Kcq1K5b0vOgWTy6vWokBX+RiXt7bw2l1 + 0l4BBm5CBhNGbblQi5bcVtyLvVNCY2E7TcSHXwadb5Nq4lFRU9FCBKcE9bT/0gzn + Lk/rHd5ATPQPwsMo+ASygvFBIsR6b/lYA25zytA2WiVBuhAj19L5mszsnryRzEgw + =Oe3I -----END PGP MESSAGE----- fp: "0x6D617FD0A85BAADA" - - created_at: "2022-11-27T01:42:41Z" + - created_at: "2022-12-11T10:48:08Z" enc: | -----BEGIN PGP MESSAGE----- - hF4D/2siLyjns28SAQdA70ZeRS3+4ObvIupaiH6T1aB/YnteeRKdVuKlfwp/kBIw - ff0pcDD2Mk+q0Wi7ydbMSGle9KmDfEAYQezg3HHj7H5HD5Navd0GthBac+LnDTjU - 0l4BcLhkodpQO5hu4+7nBXrh9cuZvovImxGwYImnWJYqO7tBPaYF8Dbou9e+PiQh - Q4wOx03Jq+YY8SPO4li0DHSVf3JmUF6NBY7fA1yKkPb4y1JNksHfubAOjpGoV2YT - =fepQ - -----END PGP MESSAGE----- - fp: "0xD5B08ADFC75E3605" - - created_at: "2022-11-27T01:42:41Z" - enc: | - -----BEGIN PGP MESSAGE----- - - hF4D6iFd6webPCUSAQdAHBFUxEGTQTnsmD8jYHBvbUmppGOPFF9AGPJo68mcH3Uw - ORFO7ThT3Wi0ocZwK9ZmE8AUZeOhgm6T2PJpPLfMV8gYw5WcCBoL5uSAZFcyyiR8 - 0l4B7LT9IxjzGxx5TPztSUuEcUEwFHGR4lwlqIjNP3SxS/fBlpgh3nBveU1SKsn7 - 2LHQXzN3oe4wLi22st3VYFyK/yDH3/WkrYFT0/Kqw5A9RRbRIxI5URuIgDtyR9Vi - =KMfp + hF4D6iFd6webPCUSAQdArUNFICFSbEYVrlQL6CKc82zdvEj96LcbhYUT5WZ8Hhww + JLSNT2BLt7S8Q4NwT4/zsN5oQW7nL24Db0IdDsVZe22tvdHaurOzKsZh7HoGF5dP + 0l4BZpAJ1QkQlvl8+GnuuomqBIe7L0UnomwajI8SWb+xB8/pXkf3GX+PPrdO9ghX + DvcyLoXh7A8+9MNfTZIFdtdonI5j3p7RB1KAFqQa9bHWGg6hMiwG93RkpXzGGvgl + =IFDP -----END PGP MESSAGE----- fp: "0xE0262A773B824745" unencrypted_suffix: _unencrypted