radar231
/
k8s_pihole-1
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

encrypted secrets data values with sops/age

This commit is contained in:
Radar231 2021-12-22 11:22:42 -05:00
parent 34985fb0eb
commit d419aa74d0
3 changed files with 34 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@ -1 +1 @@
*_secret.yml
pihole-1_secret.yml

33
pihole-1_secret.enc.yml Normal file
View File

@ -0,0 +1,33 @@
#############################################
# - creds for pihole-1
# - generate value using;
# echo -n '<text>' | base64
#############################################
apiVersion: v1
kind: Secret
metadata:
name: pihole-1-pass
data:
#ENC[AES256_GCM,data:HL+ReCmmfvan+8r50F/aJZuvmG6WEXXM+N2ZDA==,iv:xNfilMa/Eh36yRN1J0HsWn1W36xDLSBHBhfA1UHgOdk=,tag:lVNW4+Va2AbnV+o234Tw0w==,type:comment]
WEBPASSWORD: ENC[AES256_GCM,data:LEQI5ewukzRqTNIu8fQG6A==,iv:ahRZx5jsw2/lFgCpcUvDSqSamY7DXeDv3anPqLSH758=,tag:L50FPC8fhNa1KUKX8P243w==,type:str]
# EOF
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1x7aazmg26qf5vm7hnvxjqy77yvv5lc7jez7untjfnwrg8pa6aqysxlaa42
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxeVlCb1lGREoxNGtoRjR1
dk1qSEE3SFdET2J4U0JkVWFiVkdnVXFuOVU4CjJGamoyc2JCeTRsYnVOUXJwZEI1
WHMrS2lQYjhGajlxam9JR3lNMmZzV28KLS0tIHpUY0JURHRWVloxdEthSm8zb0Fz
QVA2NEhrSmY0Z3pFVmxTZEswcjAxbXMK0j5GivNodEcrOeLtJAH/ggvYMYx6JuCD
3wIhlNC2PUlIBwwZwHr46kIx/hyC12IUrBYnqHiRtc3fsRD0p3QfRg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2021-12-22T16:20:13Z"
mac: ENC[AES256_GCM,data:++awtPJZDDDzVHSQzWCyBQAO+kjxa662QwAtHa2U1qGgHyWnZMnlVioX7Ob5DEtvOuaAPkYRhH9u7MuXyJm8jFTK9qJTzyarVIYIh0ez/1B5jQ+Zr4H/+DtuVGV59FV3XVerLgmuFw0Z0F05vWJdNWJ7yCMhEdCuOK3l4Cb4n0M=,iv:FNOSE6EoW7mf6zH6oabDUZ/Wl2qe3cCXhTvDianHv1M=,tag:/jYgkkiGjXU5rCTWzUF3Eg==,type:str]
pgp: []
encrypted_regex: ^(data|stringData)$
version: 3.7.1

16
pihole-1_secret.yml.tmpl
View File

@ -1,16 +0,0 @@
---
#############################################
# - creds for pihole-1
# - generate value using;
# echo -n '<text>' | base64
#############################################
apiVersion: v1
kind: Secret
metadata:
name: pihole-1-pass
data:
# plaintext pw = "xxxxxxx"
WEBPASSWORD: xxxxxxx
# EOF