From 6aeaa622d6faaadcdd95ee23de86add7c220385e Mon Sep 17 00:00:00 2001
From: Florian RICHER <florian.richer@protonmail.com>
Date: Sat, 31 Aug 2024 20:15:19 +0200
Subject: [PATCH] Update ryot key

---
 flake.nix              | 21 ++++++++---
 group_vars/all.enc.yml | 82 +++++++++++++++++++++---------------------
 2 files changed, 57 insertions(+), 46 deletions(-)

diff --git a/flake.nix b/flake.nix
index e4c544c..14ab302 100644
--- a/flake.nix
+++ b/flake.nix
@@ -25,18 +25,28 @@
           echo "Decrypting vars file"
           sops -d group_vars/all.enc.yml > group_vars/all.yml
 
-          echo "Decrypt inventory file"
+          echo "Decrypting inventory file"
           sops -d work/inventory.enc.yml > work/inventory.yml
         '';
 
         clean_sops = pkgs.writeScriptBin "clean_sops" ''
           #!${pkgs.runtimeShell}
           
-          echo "Decrypting vars file"
-          sops -d group_vars/all.enc.yml > group_vars/all.yml
+          echo "Deleting vars file"
+          rm group_vars/all.yml
 
-          echo "Decrypt inventory file"
-          sops -d work/inventory.enc.yml > work/inventory.yml
+          echo "Deleting inventory file"
+          rm work/inventory.yml
+        '';
+
+        encrypt_sops = pkgs.writeScriptBin "encrypt_sops" ''
+          #!${pkgs.runtimeShell}
+
+          echo "Crypting vars file"
+          sops -e group_vars/all.yml > group_vars/all.enc.yml
+
+          echo "Crypting inventory file"
+          sops -e work/inventory.yml > work/inventory.enc.yml
         '';
       in
       {
@@ -48,6 +58,7 @@
               import_pub_gpg
               init_sops
               clean_sops
+              encrypt_sops
             ];
           };
         };
diff --git a/group_vars/all.enc.yml b/group_vars/all.enc.yml
index c53a7c2..68b19a6 100644
--- a/group_vars/all.enc.yml
+++ b/group_vars/all.enc.yml
@@ -1,64 +1,64 @@
-#ENC[AES256_GCM,data:aA==,iv:geCq1qa4xxKC/TF2DTSj410uVDPROyDF7tN7tqOWN5Q=,tag:3OQboA7kAQxr6nbDC/ESrg==,type:comment]
-#ENC[AES256_GCM,data:cjIfu+hAjIcdHF0zPyiypD5Rkwjl,iv:0XcmELPiFNcaDf2SzlIRMSsaFSVS1HZdYGYe5n4/4fI=,tag:r6I/OrDY8sNRYJlpN9t5lg==,type:comment]
+#ENC[AES256_GCM,data:zw==,iv:yGe87pkOWKSW5ExIDNPyFcOf3JkiD6CfmditaqNOcIE=,tag:NdSlw+oX6K+bqvEmiDKNwg==,type:comment]
+#ENC[AES256_GCM,data:P87wUPXCrcwj8pysdDtzgyRGC3H6,iv:BB4UtqwG1usoGEIaWq+EmynITtIhYmTAksN39gj8Nvs=,tag:76XXXGDo6kK1Z45FwKOOVA==,type:comment]
 server:
-    domain: ENC[AES256_GCM,data:iZ0+7cQKofIWqjo=,iv:K4GEFD1STlRoaoWzpy7YJkXv63j0HSKjnKy8hmzwtGI=,tag:IhZ3I4lmAOTGcvfcQo4XGA==,type:str]
-    ssh_port: ENC[AES256_GCM,data:RhEKAg==,iv:gIjgMK+bEngBsKJ70uBGOjU4URFmUsB9eQgYngJhbq4=,tag:GUbyuBm3QUOJf95Rh1E2wA==,type:int]
-    work_dir: ENC[AES256_GCM,data:ofRrJKNU5HHc,iv:Z/jGcs3Fj6Y25BFb6fIKLsSL7kE/rtvJGvHJu9e+kos=,tag:Cx0bkAVTfGLYJGMVesSiqA==,type:str]
-    backup_dir: ENC[AES256_GCM,data:KJ9BlZaU359MIaw=,iv:ut6XVRkPt81cOszXYKBddYAhB3IdVocmoVA+PkyMkJk=,tag:hTOsrXeM/CciI6glneFWnA==,type:str]
-    ip: ENC[AES256_GCM,data:QdK0f45VnvFSuPOUXjma,iv:jITTCz2AlaC0Z6C0qsH4TiioR1lxXuVpvlwUaAMxL8o=,tag:xvWxaQiWkg3idy9JUyVSEA==,type:str]
+    domain: ENC[AES256_GCM,data:rNPBfyHnZYbcwCI=,iv:5GFGYfCwwKIHUBEOY9oYtQoYd423vNCjGoc1qjfpdOQ=,tag:vsqYoiyIVM0cJKC4+2i36w==,type:str]
+    ssh_port: ENC[AES256_GCM,data:f+MGHA==,iv:Qb+wOoTmh8+09OVlUXrB7PQnCguW++xenBGjbvVlRcg=,tag:rjePPm7ZKJAleZbVT9EvwA==,type:int]
+    work_dir: ENC[AES256_GCM,data:mU36IwSyRCKZ,iv:01614e77X1UhpXo1Sqfim0qikUfkU4uGahaQ7SXwxjo=,tag:e4+qt6EYec5Zo7l60l3Hrw==,type:str]
+    backup_dir: ENC[AES256_GCM,data:+1IX4bqcrUv6jFc=,iv:9V9ZIK/3UY/1NbpALOpupMj3Z2BLIT2RApXeA+QldMk=,tag:D/tzUMKq3AVfKjFTkHwhrQ==,type:str]
+    ip: ENC[AES256_GCM,data:VrF0qnXOjKOrHSttJWim,iv:eNDmtDolwD6/7n7n30k5meKDHgPGMBiwP+34tZE57nI=,tag:n3n6qYJWsfq0KMS0MbM7cw==,type:str]
     vpn:
-        subnet: ENC[AES256_GCM,data:uoEWy6KBcXWrpNRluds=,iv:nckrDcLINR1ttDWImJNBdZzHc2wTRaofWbeFlySdqIU=,tag:zuOlqPk5MtLnKx2WHtsTlw==,type:str]
-        ip: ENC[AES256_GCM,data:Dsxszspp1o9ap41e,iv:/urcE4E75e2au0uoIGP+E1GnXposj3zaVrlgFA9J7rg=,tag:vLLPJfs9hySpVUfDckd3sQ==,type:str]
-        reverse_proxy_ip: ENC[AES256_GCM,data:bIb4mkSGysxIoTgR,iv:adnou2mcAXnneOQUjVSvqJJNhdA+fJNrZgpzS25vn8o=,tag:QvmpYAY5RqYoZlougk5ARA==,type:str]
-        dns_ip: ENC[AES256_GCM,data:owyRGCnc7SR9rgv2,iv:0q9D5XY1MReALbLt5xY7t95vQUWY56q2eHBF6wM5fn4=,tag:Y8RJS2RtDTwq3czAzFlLMQ==,type:str]
-        port: ENC[AES256_GCM,data:lxkVCY0=,iv:+Yl9o09GyCIjzVd18WP/QxC7sNs4x1DNQboalGvjWaE=,tag:pKcYp11JracLSMWeW4M72g==,type:int]
-        peers: ENC[AES256_GCM,data:wSxDTY9WWgu9H+WYMNi3Lpm8XAflbQ1pFz0O,iv:GyIvi1gDn25xIO8619+BWWBP3riNNloE2jg60y7Ye2c=,tag:Wu5tMdD35bCjguPKvu0NdA==,type:str]
+        subnet: ENC[AES256_GCM,data:17F3acssIE5vDf+oeCk=,iv:TQ6GSw3piSZjpYy/0I3JHYCmY6XjyHjmUZ8QsJm371Y=,tag:E1ggbsiX6NlsA4tu4dPA2g==,type:str]
+        ip: ENC[AES256_GCM,data:Fk1RLutUvToxAjWZ,iv:P19VCKLai0bf4jH7PmfFqc2mSC/7tAlXNe0+xx6u2GM=,tag:cgI4eRpze4K0Q5kcTJNTqA==,type:str]
+        reverse_proxy_ip: ENC[AES256_GCM,data:J3Z+2VuEY00Z4vUN,iv:rs+x7Gz/4o/ezqKERmbV6u4df8m+cNu48tsYvByyjb8=,tag:aIDOOi1+dTGrD7qt/Ts4mw==,type:str]
+        dns_ip: ENC[AES256_GCM,data:8s+axvnJRHVWv711,iv:QjvNey354VwBqV7HZqxcEKbgyY8fC9jpzfExrvV0I4A=,tag:RcvTqQQbn/NGw4K+yz+rRA==,type:str]
+        port: ENC[AES256_GCM,data:ce+pAC4=,iv:HqcN+qnJEtFSH9OKuQtmKEBJp51bJh0r0A8YAtTs+c4=,tag:cGJ/+xyEY8X63C0sP3XnxQ==,type:int]
+        peers: ENC[AES256_GCM,data:q2Lvvj4EivqF/pOSlasqUh7WL/Sh3CPYKqT6,iv:q+8Xwlc6Wao/U2YEteyTArAPqou4r09tpigc6NOgSO8=,tag:63A81wgq1VaOPbhnybh2ag==,type:str]
 private_network:
     extra_ips_whitelist:
-        - ENC[AES256_GCM,data:pyCUeRj2xlLtahk/bQ==,iv:wDqxhXwcWilOrl0fpmeiE8sB5vALg8bopnZ8LVjDvqw=,tag:3mmuDIKkXt5MPwoZQXYVJw==,type:str]
+        - ENC[AES256_GCM,data:EXdMBH666ZhuXrRsww==,iv:vp/XUMAZJbCjkkdDJ2Y2I7DjXxTgKwppXMl98GlB4OE=,tag:GNEPnd8nQMkcXeMXHDUGOg==,type:str]
 acme:
-    email: ENC[AES256_GCM,data:ZuRm8Y8RTGNT5VruFStF31AMEnLD+eEgmIO7uaQ=,iv:FQMi0ujFs33cms6FuHS6qUL6BPhu/+MY45oIGPrhU1g=,tag:r85eVcWxAKWr+TDgzqqlBw==,type:str]
-    debug: ENC[AES256_GCM,data:ZhvMv10=,iv:x2Hp4qHrJyCdcp1JljIJGf9VdDcv2AKRWfBpVQ6zKJw=,tag:hpZX9fGzg15ZgIDRJQI6RA==,type:bool]
-#ENC[AES256_GCM,data:hKeiJESM,iv:zmY8e5nSBIrM3jo9+Q+omU7AhuDMTwEL6cVrnHkMDoc=,tag:4n+EzFXJ57OnQpoDwrE5rA==,type:comment]
+    email: ENC[AES256_GCM,data:n+G0ktoYdHfExsRCobbQNS1gKzwqluBV51mwPEE=,iv:p3MM+Q7bY6UCS3GwK0mm5vDTmqhzdJRHpKjA4/p6y8o=,tag:ZfitmnFTRvcvKP422gqKKw==,type:str]
+    debug: ENC[AES256_GCM,data:cvVCP68=,iv:/UizGc/0bhYms7tvtWbS3tpwVQNLKu+MdGl03KdrQIk=,tag:Nc/6khmpqlXbhTSxjju2+Q==,type:bool]
+#ENC[AES256_GCM,data:kLRm1qNj,iv:/8Uu2mGVDaLY9K2wdIgCTE3drCBqnPJyUFJzUYxAgAg=,tag:ApzjObouwyz67Ml0inFm8Q==,type:comment]
 protonmail:
-    initialized: ENC[AES256_GCM,data:15st2Sk=,iv:3H60/v9E1Wv28BkcV9ce+vqYhst+W7bBuCabQQCxq+Y=,tag:A2onHAJl/xZUv1uxIQP5Zg==,type:bool]
+    initialized: ENC[AES256_GCM,data:e3a1EkU=,iv:V8b70/L830jE7moRZmRDc7YDoLvTQgnZ2Apq/+0dFL8=,tag:gHMOjOVjvxwoJwK9IpGUzg==,type:bool]
 vaultwarden:
-    admin_token: ENC[AES256_GCM,data:pLdWlPPVwllYnL9o21VOm5glTzpgICMadJuV13r/W1X20SgpPTfLDC2AntIY67rLqnDHtvXHOwfxuZ7GzI2+ttwCY6na8ZtNR2GP9M8cuw8gGCITsiJtt+Jrnjp9hS+Zjzt8HANcc9qfq0NHDfd9/iro69/tXw==,iv:f4FvVV6ZQYL6UwOUCVEVmE52wU06Ml8WI2wuK0MESWA=,tag:OiAYDpb5LWE3PNhPo9ExWQ==,type:str]
+    admin_token: ENC[AES256_GCM,data:aO6AVxDdrPWis7Y8suLMgJD2p3dM1AjhOTgeB7Fz/Dodq0q/Gy2QSARqF1q4mKgZbuuY8kgaTQ9uiu+bv/Od9AvGb562dipFN1CtyWtAgqZWjkTd/XtA8+SBVzwt4N9PRP9qAoft9RPl0tReifOtE0vkaWX8xA==,iv:CcE5UDcBqRWdQbMt6xm52oqV3Ph2uB3etvsBeHgNZZM=,tag:FcIAXhAHXAVkcBRKT/tmRA==,type:str]
 gitea:
-    runner_registration_token: ENC[AES256_GCM,data:bBp9/8Qc1t0YWAzHSKjG1bV3xyfEnkBFOiPMybBCJFks9TzBkIJwNg==,iv:8Lvmw2L6/zA14ifjTxgFKZ6WibTXYQaWiknzGRh90BI=,tag:6zDNhJdciy1LInRE5YrxJw==,type:str]
+    runner_registration_token: ENC[AES256_GCM,data:GpUslxwXSlpsZywG3tEEuFY3f2DRtxm482dmsNgM7XJZqHojHKrYkg==,iv:Gt8BzvNbDdezgr/ESYaOIeIRkj1q+5rMwNhuGPjqHJc=,tag:ddWj91Wu1LyVif3Wrk4hmw==,type:str]
 ryot:
-    server_pro_key: ENC[AES256_GCM,data:cD6hDSP60DHCIqO9NRnLQnB59cWDTdCUwNLMbyhGcdc=,iv:5jfQZHo3Hp9nHvKIZt3AcXPqVhFvK4JYQ7odilJeFX8=,tag:pXW4hYn/ob8CeAk20vno2g==,type:str]
-#ENC[AES256_GCM,data:Yk8a53u6S9hZF87fSxAS7ixo+sMY,iv:pbT/8LGcgI0Taa/vlh4+h9upBMiWWKJ2W8Rt+X36C7s=,tag:LfPadWlJ0W5bCSpKxptYRA==,type:comment]
+    server_pro_key: ENC[AES256_GCM,data:ZHzaAqDOP/jVcs4muQNo4JamuuEDdcAH,iv:Hi0kXOhSWRnunSqWt3asSFdXq6dIniNxQVx9Qu+PNo8=,tag:/FzvB9OmneJXVCanMHxexQ==,type:str]
+#ENC[AES256_GCM,data:jdFEdE8qOpYEBha6IG7VrIC3EZVb,iv:qRL16HP5duk3Da88PJcphguDa2buuG2vW2o/w6qNqlk=,tag:3vl373RYoitMs7n4fghpXA==,type:comment]
 amazon:
-    client_id: ENC[AES256_GCM,data:cFDd3jkWo6qStREkLvSMIY1ik0pPO1i9HCqmd9PK,iv:vAsZJUEUTjqt5yAYi+hcc0TTSzWUjws6VggRWNNtDOw=,tag:69HixF5cJWQjXiYW9qNKvQ==,type:str]
-    client_secret: ENC[AES256_GCM,data:NBqyzmnx069C16TVEqErQodwVuvWTPODkA5FivoQ,iv:j2QX8FucANzRJZI07piraXLtjB+zQk3NI4C4EcHd7Zw=,tag:yO42GafhPLz0oUhlmiRUWQ==,type:str]
+    client_id: ENC[AES256_GCM,data:hbBV7n95524FBMWnbrUJ2lKbYVUvZH69kUlp38Y5,iv:WOijZgZFfE+ta1vLwPXshypE0iY/zINrZK/kjgX5fMM=,tag:CO+GBBTBmid3KhOGAsRYlQ==,type:str]
+    client_secret: ENC[AES256_GCM,data:Y+JWlEXZhBAb/dEfILX4vHTsc8uKrr1++3H9yZdA,iv:dVNFgipXJf5u/3ciSJ6l69qv+lZx728wgkqYYf+GQBY=,tag:ZsR28eph5tG9RVzIsM5lgQ==,type:str]
 sops:
     kms: []
     gcp_kms: []
     azure_kv: []
     hc_vault: []
     age: []
-    lastmodified: "2024-08-18T18:06:08Z"
-    mac: ENC[AES256_GCM,data:7F3tvtsIM4lpOWbGTcCP834zqzDPcpoHFkyyBIy4oBvv12/JqZNRG2aACkUbD2ls/znp99cMQfKRmJD1QrH1blrQtRi4VxLoKA7mv0IyVH7O2tclkcUQPa62j8V5Jj41hgPaQkRd0MTLWHfZa2qu6NllJxQMQ00J2XXxS3cVVlE=,iv:tW2oSRi7GsydEWjdtg+f+gkJRj+isfq9Xsh8J/pwQ5Q=,tag:z1kZxns4DrnSIiuNvLRHCQ==,type:str]
+    lastmodified: "2024-08-31T18:12:08Z"
+    mac: ENC[AES256_GCM,data:xVSD4pvg4dKLPJ5NN7YDtPfctbHQjTBlI2E/5wPo5BLowkyVeP2Z+sqL5n+zMni6/B/iUyfLq6Io3NR3DPt57I9kd6QpNVGaN3g7eY4EHa8LOUjVIk5j6Kp2LYbQHRwM0UIDSEQO9VOKB4U60sfhdRbr3V8kn/rYQvqbCERy+Do=,iv:Y7IN/ZYfVgiEBJuTKG07eWg1mH0nwFRTlO0NUONOQkY=,tag:UMOUn6J93FtQvmtw5FS8tA==,type:str]
     pgp:
-        - created_at: "2024-08-18T18:06:08Z"
+        - created_at: "2024-08-31T18:12:08Z"
           enc: |-
             -----BEGIN PGP MESSAGE-----
 
-            hQIMA1Ns3cJaRR/oARAAjjRkn2th5wMC7ZF7wYEUA5zNev/f/pHe4Y7fK2Rm2/H6
-            /slJh644xp9qepextu1nrtbyMDdykaZdG03LU1eKsQ3GtlFe9Z1CjgTg5nCSZ6iA
-            lsuYCcv4Q4IGGjX+aBwuMHNdlBBP8iE4jZU9D97jb3zfILBCY155yAjSIJ4VGqMZ
-            WqMFPaDQIpFScE3JQ0obmkxGhYVGjiK0/TsuH4pYCN6kAOZJ65AOnKK/1eA8HD7C
-            95YOXSvdHs9ZIPxNgbzcKd+9QuVehIExNxp2KmRFdLs2cU6EsiEYscxWcQDEt4Nb
-            KibE8kybzMcfQFEir4ujgwUXxZVBA+99ok7yot86rJtwyb7ZaQMuGaBJy9IuHTkU
-            g3VMxKm1M5NxML3ke7Tkfhv5zlTPvW63G4xaXcAnGzofAutn6t2Pc5/rnu2t0MGK
-            1c/SxCWgzKFbUBXQLbN5JGSh93wYUS06SAkEosoXetOCMceGMVe7VGdHT9WQKudR
-            ipK5x9myINgKq3HwYmazfgbSUDthwya4p7WpMZLAQBqtB46jSO9cNzkW0z2VdQsH
-            zN8zPAQSlNlK5GiTUeRnP7r9MBop0s/pewlIm7eh86GA/OMKsWDeo1wtcZY0unEf
-            CvhptOcwDBkgX5TXc9SsR5BxOjyM1+jbUCY+CYM52yjhi72gAS711ScECrfna33S
-            VgEhD8Tc7i2I3Z/Y4s2ocQv3cVZ/4QTvMnMAM9L7+0WZvi2+bR/CTkjzPhd1KbRX
-            aZGd8wc7d/IgEOBBC9nK8fwkYdbARSZ8ukr0RDWD9CKyZ+XL8dtc
-            =mLaD
+            hQIMA1Ns3cJaRR/oARAA2vflZYE82RXVX3jE7Fz9ZuNKhphgGk9GaH1Y34l/Weih
+            Qcx09fnmgsFGrimOdztxrNjqEwJC/RyLdS+QcADF0V+e5L7FRUuTzQzyM++LE1yR
+            n2+TKkpQFVZJkSTCSBP3O5g9cjysG/PQpi3UdQe2NuIL3AIfipCv6NTypBVyQfDp
+            6VBcyYRzBcfnRHWEPv1BQAsdYFgSqFrdmJWKkcVgphLV2ZiZ1LvqX/UAMkFcAwb3
+            K4Ox1jQmUCkNCZOTkJzU8JD+PvYq7NZMJa/IwuGZBdV+s7naWFKvAf5jX11JMfSW
+            qzX/fBncY10c5967AR+LqJOkig6Pbi8c46dP3oWmtHSbi24XU2aMMijEh7ptwotc
+            5uBdcG3LTmlYmdfxtJzFY5Fte+KlzkFW3tfcVSvU+rHhs9tHsU1ON74x24GHits1
+            n96tAZrRy5fI/b1rbAHAEDd8VTeLwHYyw0vUkUS20+eKIIK2ki2j43DaYZFEWvYm
+            vhjp5rU7RU+EXdkuAQp4mlAr0E6Jh9HMdEYX2sEPg1qUYslQlG6VgN7u/q3AoPUc
+            LgTijHatmohz3vYyxsFQJJ9omMLTEl6hI6i9q7X8yoXkwJaGzKs603fsfrV1DQUq
+            u6s2kHleWkaT4sieYNAVgoyLf28J6/gUcmYfIPhaLChzhRT182dSoE5UOlDzn7jS
+            WAHehhiFbSe/MxqIw7EN7ItKjs8gi5d9l31VweTPoYCuBvzNz9C8mBC/bkVLGbkF
+            ZxDCsoMKb6dPokkZuuehzXcGIg2n67vtwiB3lkqWAjRxM2jyL2RxUHE=
+            =kz40
             -----END PGP MESSAGE-----
           fp: B19E3F4A2D806AB4793FDF2FC73D37CBED7BFC77
     unencrypted_suffix: _unencrypted