secrets management with SOPS

2026-02-22 21:02:22 -05:00
parent de4c297252
commit 2a7521ee77
10 changed files with 119 additions and 4 deletions
--- a/security/ssl.nix
+++ b/security/ssl.nix
@@ -0,0 +1,30 @@
+{
+    security = {
+        pki.certificates = [
+            ''
+                -----BEGIN CERTIFICATE-----
+                MIIDZDCCAkygAwIBAgIUBURUWatoNahkcEbEfsHu8XfvRD8wDQYJKoZIhvcNAQEL
+                BQAwJTEjMCEGA1UEAxMad2V5bWEtY2EuaW5mcmEuZHVieWF0cC54eXowHhcNMjUw
+                NTA3MTkwODUyWhcNMzUwNTA1MTkwOTIyWjAlMSMwIQYDVQQDExp3ZXltYS1jYS5p
+                bmZyYS5kdWJ5YXRwLnh5ejCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
+                AKRMM0GABCHa8s1jnGyRyoOZs8lhY0amPs2Z3ojxLd/aNoYyeF1D/lg3lriDalZI
+                vMabTo0b4Y1lKbMQdDfk6HvVd/1eeV48NhCynxt3ssZgHtYwho/kPdJMlsnxguaS
+                iUuMMgXzjnksonQO2UjKOo6P8hyouY8z7P8JFAeD3s1pO2fmvA/iZnSxBnGOzqvA
+                LHrnfsU03u9ma3iiufaF7HhpL9pxvC1gonfyxwMUa/WIHhziB4t0DijR7FY3K/CU
+                EFoR+B2LVJCjzt2d17DUS9A78H2YdQwqaNNGecGGG78eRcJJTUK9MxduhiO5FpjG
+                /K7E3GMMRuUnWc5vJCmljJkCAwEAAaOBizCBiDAOBgNVHQ8BAf8EBAMCAQYwDwYD
+                VR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU21dLq6kC5DAdR9wI9KT9DoMGdZ8wHwYD
+                VR0jBBgwFoAU21dLq6kC5DAdR9wI9KT9DoMGdZ8wJQYDVR0RBB4wHIIad2V5bWEt
+                Y2EuaW5mcmEuZHVieWF0cC54eXowDQYJKoZIhvcNAQELBQADggEBAFnfte2iJqvI
+                htJLnnIeoYnKo0l68MVL1kn2xVAciqHsoGnnbyDelGSYJU9Tc5aUEgrCECbM+Ssp
+                Fc8ZEA0y0gLyRIVs53obtCPBQ2yVS5LE95dd6g+o3ZSPbhZqu2ioT579BIVGyTxH
+                /DPA0QdMI5hGLL+ZgsooS2Q4IsIvlzSJEBd5G+qbXnC1p0UVzMlsAM6ubIKnCD9e
+                urnpvvYP68Re+U1H9xa0is1r7zcCQOyVgRk4ttqJ9ye9eRP11IDHmhZSpQtj8LR5
+                V43pqIG7H/yUOlHmhCl+anLWnuDUYMHRvFXhnfc6sybVL0ibUJZJOs6VaNJ8zdnM
+                Dh0mNAKi790=
+                -----END CERTIFICATE-----
+
+            ''
+        ];
+    };
+}