diff --git a/.sops.yaml b/.sops.yaml new file mode 100644 index 0000000..a04d43f --- /dev/null +++ b/.sops.yaml @@ -0,0 +1,11 @@ +# Fingerprint | User ID +# keys in https://git.dev-at.de/smardigo-hetzner/communication-keys +creation_rules: + # list of keys for encryption in stage + - pgp: >- + E5B4FE1E0209DFFE320D2A2E47087747D89B72EC, + D65D400040387210377B6A71DFD775644EAAC77B, + BE3FB94982C2DE95B1EDD388A96613A6B1DB15B5, + 9F08DA9D42379AFE6610E9E615CCEC6801DBA02E, + 17B8FDF68AC123EB666934B17D0DF6EC048A5D77, + 73C2C9954D1BC94DC6682525D2FA233B52AEC75C \ No newline at end of file diff --git a/resources/kustomization.yaml b/resources/kustomization.yaml index af992f5..8c13e37 100644 --- a/resources/kustomization.yaml +++ b/resources/kustomization.yaml @@ -1,2 +1,3 @@ resources: - clusterissuer_prod.yaml +- secret_do_token.yaml diff --git a/resources/secret_do_token.yaml b/resources/secret_do_token.yaml new file mode 100644 index 0000000..73161bc --- /dev/null +++ b/resources/secret_do_token.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +stringData: + access-token: {{ .Values.do_token }} +kind: Secret +metadata: + name: digitalocean-dns + # namespace: {{ .Values.do_token_namespace }} + namespace: cert-manager +type: Opaque \ No newline at end of file diff --git a/secrets.yaml b/secrets.yaml new file mode 100644 index 0000000..0c02b80 --- /dev/null +++ b/secrets.yaml @@ -0,0 +1,121 @@ +do_token: ENC[AES256_GCM,data:4AaSFAvprPxtwfZaWqBDC+fJwdkHW5g4R40KHzCWpPK2+0GprPWfFusISG1bQm8IcJyhlw5CX5eQY9DIT4vAsiU1VyHKias=,iv:KPmrx07jPZFmF7K8y1lFtH3ZuYF6caDmE3OH9zV6neM=,tag:pMRFqeR1BHlWE1HdZBDqgQ==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: [] + lastmodified: "2022-10-19T14:33:40Z" + mac: ENC[AES256_GCM,data:Z0H6bhGvapr4ffcDCsJidDMa3dgIUzZVkQ9HEzegIq/iQ+IRg8mN0RvxTfna28x7oN+JdCf8qn2jOXoztswLUiz8ie5fv5xR9LXSmw2uGyTnV+wcAlklwhpfHoS+5EOT3bmmcmFFl2QijfMoT+LN4JGMRsAOxdYITanqpi6yJC4=,iv:KQsxNunRGE5VcbZXrom6PD+0xItNEWsS8ixR1BcQpAg=,tag:FH5wmUI7+rV6YY+MCGYCuw==,type:str] + pgp: + - created_at: "2022-10-19T14:33:39Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hQIMA911WKxzIy2nAQ/+LM1IoYT9T4LOExTYgT4cbhUYtVnMjFJbwXVF9X+6NLb5 + DpQKekqz85q7ytQDkEx9V1jz0pwF6V6/mqghUycwR+7iMxphrjTOHr4LkzW70Thl + OqhC97PRnwWRQhpQpfSr9GcVNUtSR0tPeFiKfzb3APKel1mpBTOIl7GqYHfwIqLd + DRpYjCPjZluaXofDLMjzkwUu6wWQro5Mv1yA7+32tNdqHaTiXTtYehlYTD83HUlX + J+bCUuUYyyIars/jjrO0LjdF9gXhJZa47NZU2Nm3QoG1QrkfOYw2SrQhdJBVg9dr + LafwjUo+G5rDP17ioT72yqQrdy6/w8URvUg+sJy9V5mB/+RcaiQIQ7H1SbqKv6uh + ekKGdoPSIDoPGzl3lm0p7tcHR8xi50b70ekiiBMobHmEvCFmjPFG+As05QMszLX6 + oGrnGTTaAzg/KpYt3xqcoRIjIqEYfvAB44oKewQYjaVNwDZ+58PXsLIihvLKEiTx + Dk4Fh0qr5/z7yKcayMYI1Rpxm3fGcuT6MRgSnY0OcP6vy0QJoJH4G3jIXkVjakRa + 4KWxenozHxGTE9e604gauOjD9xkLpXHKym4mkW8siO9N8XOy+U75lNWVbnR9hTh8 + pNA1Ho/A0Cx0cXnvVTb8sA5BLaPTL3sTyPngYpy2J3lMlTArgCFyH9GcpL8dY1TS + XAHVk7iJrVFVCVVC5Z6wR3rE1kFCc2cWvCe6sU7vqhxb2QHsDrUKEXYmz0Uu568v + DORELmQBTptVVV5MXXSwRDfp2FYo2vHkA3Hb2bSrU/wPw9+3WkmlP74MitxN + =gu6q + -----END PGP MESSAGE----- + fp: E5B4FE1E0209DFFE320D2A2E47087747D89B72EC + - created_at: "2022-10-19T14:33:39Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hQIMA4Npij8bx0m7AQ//a4DDpl8G7q6egyywx3rBqmzVn9v7hxJAAAS7u9OBrP8u + rlae8IuXtnS8DCkG7aehRFQ4V7UP+P//kN7tMfCpcKoxUc+4rq0GubWEQfQCLw1Z + hYgDmQTPOFTSDUjN0q0ttPgkAwDUvFTAfKU0iEly5SjDcoZk3MwiRr1LXMi7c+sZ + u7aU61kwfgXQRWXV7iDDa8C4G0iqHq/t778S0Dwh7NCldXTN/Hg+tOHSae4l5Qm/ + hhEW17OvTrb3FuOQVMRvapt2eRDRwxnf6D6lcW+bNdkvnq3ew5fyIBP8PKu2WTDO + N3F6SFKct338A5c2Q4L2cmbnwZGgnYBUeZd6O8pSzs64YPW7ZpZFaZA5fefAtvK4 + CcSur0CJVRAa/BnDm2HcMegFWrQfKjZMTTALtgk71ZobkHc4/A6N4nxn3lob52ej + MVbzhacRjr8T95xSnM4DBbvilroRHh6aTTST4BJS4hS3Bf2mtHtWjy+54tUbOyJo + gQfh4BPsUDIpSYufUj9gAkC6HIYP08TOY1jm6+e0CkAtBBdRpL0LqXKjRNzgrBf7 + /TytJFSX5YNBvzhyi/Dm1O75muPUZYtuDDT5wiEFBVv8v3eBIPe24W0Yl2OIUXZW + e55zVFqK5hilWw/U6MBnEUY9T+79xY8xxauVDzEdh5A8y35PHtIvaBFd6CzuHcjS + XAE61WMooVvWRvXlrm0N7E+JCOqkgOQLYIZFyZWWn0KydGSiuZd/4xV7ILlAJ0ay + vShX45qz8lAeXCEDa/hQMAeNiUeUkdPwmPS+bZRVN1M4J69uUXtiTkcx54Mv + =njW6 + -----END PGP MESSAGE----- + fp: D65D400040387210377B6A71DFD775644EAAC77B + - created_at: "2022-10-19T14:33:39Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hQIMA+5f33GLJ89bAQ/+I4Z0Vleoz/UWCoatyLf1sOzG4Mx484bmIGsDgCSril5u + fF1Fubyinx4OLuklQhrBiVopSgOA8wsll17xBdmnNnz7BTn9G561TlAUVVtiC5O/ + QWjdY+GU9qcjJbY2MD3JrnSMp5PHeSIoIcHt8trL6EqlIK7X0WF+oVDEiSW5XdUQ + qmgelUjQyzmL9UFz9X+HCN0Ch9XkIVM3zE+H+JPHvI9ryIipM8r+O4pPLa+gE3ym + hm1CJM6B6pOZBkxSP0246OWPyZtNcO7isuCxTT0g4DzHBzjhFYzSnEqqFbM9PkgJ + /TGaXYj5UgzWpto2n5C9dlfg/fv4zKdWu2T7Is8LYA/R7I9bDHVDf3fQVBNgyrKL + RwvokspkLcOtNo+u3HHwgk6B9LQRxrzwqdjc6FXcDK3iest1zJshggSh6n1XUYQq + hDuJnwY1znWX1mhrmKa4ua7q6G2t6c/D51/UUpK5jQWHFrNKHLlDHKO4PC6syVFd + YSD+SW/IzDmoHKyLFmKmtOxl04CY4AuushsoqKf7dZRaRWbS/hRBjwrhcvO1OCOd + 5deVD7B2bV4886q6RBgCr2LmIj0HeJvbRTnG20rNEfKUNDzq4zFvZ/Vt5amnJVo6 + aX02NxaPYING+dZItshIcf0hWU/jadas3wf+XM/IS/VDX3rQ3Q9GVNR79nLFTQbS + XAHNURJme04boifgqBy6CGDVTI7a4oyQ1setuHWg8PjQkRX0yslV7fVHrR8iXO8n + wGwZ3mcPP8nNX23z+4f5331g/3Yf1PHGNsQbyrk0MUwVOyaK3ybZExM9WEus + =s9ki + -----END PGP MESSAGE----- + fp: BE3FB94982C2DE95B1EDD388A96613A6B1DB15B5 + - created_at: "2022-10-19T14:33:39Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hQGMA+cOSmNXMUmKAQwAnrTdhSYR1AWT3809Bt4a/xaLIzwRIqLQAm1K95OCUiFV + Y6tBMBwmm3br0pDG/wH+Eice9Kd1MNOsTsbmARlBFgYcmb5sABD6VXo0v0Qa1eyv + Yu3meoehrLl7WtPT1ZDmkAX0fdk0AsAK7bpJoFA4buX/OJa1aoL8FpvtASlqRgTq + 1TEi/mRdnHAhlyUjC/Kfr+oFCPtzcuC8DjPVcfOwSP+W6dNHS4yuHSkguJjufCbH + wpjFmsVNxr6FiOve4xli0/E+MRCSuJ+e3egzOy1p0452wv/ijFhjnBi37szobg2A + jC18NiqSjl2nOTOxRP7d72UCVL1GVSiybF1MfBtIBi3yjmzJx941p2sykogxCEAv + EnXZ05CG0AHeE09ithKiolXZ4kr4HCn6vlQkCTZ2En6JWETV1XoeTiWMW9mKjNyw + bmnKy8yO0fnobihKrk3Mjw6QQTUJnDcLy0PCui3n/xvWdrOzMaPPmw6n/rYym9yD + EBKPhod8bUxPLHxcOlc30lwBGWDI11oXfnQHCEke4z6XEr4hgxt/nsonjRaVirBE + v8WniqvudQySMUNLYEqXjElNbocZ+Kh1VCtTSZlhj049ViqItUAAj6KFdTSI7UIZ + knHS0X1yoDcpyMO5+g== + =glqh + -----END PGP MESSAGE----- + fp: 9F08DA9D42379AFE6610E9E615CCEC6801DBA02E + - created_at: "2022-10-19T14:33:39Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hQIMA1kDHheI9SLWAQ//aQTYz4GqfIMsibqRpfqX5g7PtVxb/tBuZYLVTJOetszC + Y0YERdhmDT3rfAyf0m12sCEPO6TYMaOiRcXemGshUDvf8UX8mFiHD5wXMQjcwZ0Y + dHl/GUIjpwRSaYl9eKsNiYsSppSa8AIjxBs6PP/9UE3Pd3MYh9LEP9CcYucVJesU + QjiblzweeklDH/+icKk7VUOmsSXxIvpCfZUytyPNucA3Gfgsv10yHQWMmOlZZ6K5 + bMjTzowmPvpnJhXlzeo+E6HVlkMOtKu8wxBlWXXO0mNaLhd9rY3u1zGaBdap+b4b + UeVL4lK/TUB/cIRTU/BSQJNyX7ChRHjjqtA67cTZ4c01q4K7M1RXA9d0Zl0Fh9Lr + gKyfeGrDGi3y6CRRiL0TliEa+hreLbKah6X7R9xvNCRW/4kNmsWib7HYBPhAs/EK + /FkImFsUzXlVg8DXVWntjG3S+wGrBBXKMkNL2qkji1aVaW/M7zBkCtrgP5FLe+2e + jF/d6cDAL8Cl7/rzNuiTPCRAy3QVWWjOhuSFRzRUzYVfXG2AKHF6eWFIZkk9fAi2 + G1PECSDSNXdlcpkQjgmoX2yE+tz/48ObBRF+P4pa7oB2hyxmuCUGz9FzafjRJf5j + EuCVzz71b2WtpSQ73LutbVMDELpNYPGua48tg8L1HSGnlh715RsE5LRGuVNIXMfS + XAHBEYBqaZc21uMk84r399FTzXwj4diKmjEOt8b8yt7DY//QsqFk6Pr+SXzufRw1 + VItQI8gYlw1FaeYDZqECmYdIQ56svUJX948ZlnvjwXr8yGeMo7bGw6hfxVvu + =b3/m + -----END PGP MESSAGE----- + fp: 17B8FDF68AC123EB666934B17D0DF6EC048A5D77 + - created_at: "2022-10-19T14:33:39Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hF4DZmNQj/lmIGsSAQdAA6qBAw5m1STv3tkkHS34VBWHJvvq3k+mFkkc3fMzzCEw + sqGfMraMhVWfhFTJnRJ6cVUOTc6x+k7W4DWyx0BPV02+KGeZU2tDqsHr/UWLlLJd + 0lwBaLiDT7n1LMKfKIMzbIYdO9qttO18o6DKjubOoYGKjgSCxErBsWibPgkY2wJx + 4TUaq36aIAa7P6BdZFkwBI5N8FwfU7UPLdXtXLbnww1J3Pz5Zv7Q5Eftb4Fl3w== + =lEh6 + -----END PGP MESSAGE----- + fp: 73C2C9954D1BC94DC6682525D2FA233B52AEC75C + unencrypted_suffix: _unencrypted + version: 3.7.3