sokai/mynixos-config
1
1
Fork 0
forked from mirrors_public/oddlama_nix-config
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

chore: generate and use new secrets

Browse source
This commit is contained in:
oddlama 2023-08-27 01:19:03 +02:00
parent 7c48e51320
commit 0b8de70330
No known key found for this signature in database
GPG key ID: 14EFE510775FE39A
5 changed files with 36 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

6
hosts/sentinel/oauth2.nix
View file

@ -46,7 +46,6 @@
redeemURL = "https://${config.networking.providedDomains.kanidm}/oauth2/token"; redeemURL = "https://${config.networking.providedDomains.kanidm}/oauth2/token";
validateURL = "https://${config.networking.providedDomains.kanidm}/oauth2/openid/${clientId}/userinfo"; validateURL = "https://${config.networking.providedDomains.kanidm}/oauth2/openid/${clientId}/userinfo";
clientID = clientId; clientID = clientId;
keyFile = config.age.secrets.oauth2-cookie-secret.path;
email.domains = ["*"]; email.domains = ["*"];
extraConfig = { extraConfig = {
@ -55,4 +54,9 @@
#skip-provider-button = true; #skip-provider-button = true;
}; };
}; };
systemd.services.oauth2_proxy.serviceConfig.EnvironmentFile = [
config.age.secrets.oauth2-cookie-secret.path
config.age.secrets.oauth2-client-secret.path
];
} }

10
secrets/generated/sentinel/oauth2-client-secret.age Normal file
View file

@ -0,0 +1,10 @@
age-encryption.org/v1
-> X25519 5TjTxQw48pHP3ns0GRrkVjHedoEnu82sv/5OtYZBFyM
y3iPeOI5oGzTG+cZmIhFeOlvYVSbq+ISJq1XG7ouL00
-> piv-p256 xqSe8Q ArPaLs8WYjgMN+kOzXDEsiCBvqdjU/WVmFGsU9hSn5oz
HYpOCs8Mysegzk0VJ5i4yYxAV95s/B0RIb3opvGpFlo
-> O[]-grease 1TcN!PY
LArbTZLib5yBGl70FKw3Sfsy3LWfvcvDJCCCeHmn9j26hQx+NGIsj/KJ00cN/zb7
zj9v2QZZqOFafyUT7t3rdqkK
--- 9uRRxrzXDJ65tOb3Y13LGGyovnN+Se2x781QCDEHpz0
÷Ë6æp™>Jotþå�Í_Æí/*z¿xvÅ‘ËË¥¬ýÒ·âˆFSú¼ ›LGîmʵA\ëá™;«Ø¼! ,­ýÈEâ�…#XõNzyÀG~õ†¿�0ß$-”ò¦�S¨€„¿«

11
secrets/generated/ward-kanidm/kanidm-oauth2-forgejo.age Normal file
View file

@ -0,0 +1,11 @@
age-encryption.org/v1
-> X25519 6svR9FxeCfNCAHbxLZhh83mQTcmPKYRcIQovBFF15TI
vWV7btlmt0CvRX1iBBh+s1Sy0gI+XPIDQWlHct2T6k8
-> piv-p256 xqSe8Q AjJtyH+kwD0KROHPs6hmZfCFDGM9MH79URrmKcD0HXzr
JqlKNTOXebzG6iH6BYQ2nteiQEsunl0eWrTLkN/w2fE
-> jU-grease Q7, Tgb
CJ9w/mvrGz9ZTjj7H2anoA3Y70tFeoWQbXzKZUPHPG17OuB3lcIVEXMoruvV02eZ
nid+JBBulFiOqaatm+yL7DGt08nKfGm+YSS55R7LDGipmp5maDotqIRbm2w
--- 8c/0zJWpfnsDr0hAVs8Zl3Wo0F/jVOw3Dvi6rUDlpv0
ž]M„ñ ”Å‘ó5Mbå+×à}î
ö»�è[zŒ|”SfýP–/m6^™ù92À7pÁ Äð¿EÍÊ?l…Ð;Cš5Ÿ•f"ªöB,òãé

BIN
secrets/generated/ward-kanidm/kanidm-oauth2-grafana.age Normal file
View file

Binary file not shown.

10
secrets/generated/ward-kanidm/kanidm-oauth2-web-sentinel.age Normal file
View file

@ -0,0 +1,10 @@
age-encryption.org/v1
-> X25519 YpfsXOubxJqRA44WEtm4+DleuReMP3OXiCGNQLpwkGg
rrL3eqaG0GzvOBnqB09BuUosAkq4EQs1fF4Qe+p5csE
-> piv-p256 xqSe8Q Agz+luMhbrLq1vZdQg6FCxyp08Jhn0/H6zKJkl9xpcQw
5hjyXxHmOW1JW0fr2/BRI/lDLuOFqZHESUYrpPlSSyY
-> f@<uQkkp-grease
rVzwtoWqcRO7gHWrTlCyzRr385oCfk5lcdSq99TZO8GgjEg
--- 7pMqjksyzVIMPG0S23O/0LovRa96IMfmoZB+uWOAsvM
ç}7ÂKÊihYkýB¨[¿+åÆï[ï[b¶÷Šåm®L¡Û}'˜"Ã~Sp7Þ
{VÇjœ_â.þªâeâ»%i9’ìž¹Îóû”L¨Å^wÖÁ