From 0dde3ea565a3944f6a2cc6602f30171d67c7ad68 Mon Sep 17 00:00:00 2001
From: Stefan Junker <mail@stefanjunker.de>
Date: Thu, 4 Apr 2024 21:04:39 +0200
Subject: [PATCH] feat(bm-hostkey0): add zerotier config

---
 .sops.yaml                                    |  1 +
 .../devices/sj-bm-hostkey0/configuration.nix  |  2 ++
 secrets/sj-bm-hostkey0/secrets.yaml           |  8 ++---
 secrets/steveej-x13s/secrets.yaml             | 30 +++++++++----------
 secrets/work-holo/zerotierone.txt             | 10 +++++--
 5 files changed, 29 insertions(+), 22 deletions(-)

diff --git a/.sops.yaml b/.sops.yaml
index 2eac4bd..2abd5cb 100644
--- a/.sops.yaml
+++ b/.sops.yaml
@@ -104,3 +104,4 @@ creation_rules:
       - *steveej
       age:
       - *steveej-x13s
+      - *sj-bm-hostkey0
diff --git a/nix/os/devices/sj-bm-hostkey0/configuration.nix b/nix/os/devices/sj-bm-hostkey0/configuration.nix
index 72a634c..4e82eb8 100644
--- a/nix/os/devices/sj-bm-hostkey0/configuration.nix
+++ b/nix/os/devices/sj-bm-hostkey0/configuration.nix
@@ -25,6 +25,8 @@ in {
     ../../snippets/nix-settings.nix
     ../../snippets/nix-settings-holo-chain.nix
 
+    ../../snippets/holo-zerotier.nix
+
     # TODO
     # ./network.nix
     # ./monitoring.nix
diff --git a/secrets/sj-bm-hostkey0/secrets.yaml b/secrets/sj-bm-hostkey0/secrets.yaml
index 7d9cdc0..b98d798 100644
--- a/secrets/sj-bm-hostkey0/secrets.yaml
+++ b/secrets/sj-bm-hostkey0/secrets.yaml
@@ -1,4 +1,4 @@
-unused-secret: ENC[AES256_GCM,data:rKIjC2Ri,iv:PIs3Xuv9zEMhawvMyxwN0CI4Xzr1lTpg1o2scsosizs=,tag:++t0A80KDxctiXwxW5Vd2Q==,type:str]
+tf-eval-minio-root: ENC[AES256_GCM,data:83SacYkxLHU2fHbHNiLG9owDgakOY/nrZBnlDgltRlQDTSW9HkKejVrKtTaixjbxKCgsy9sgJBv8LZtqwthgZ6MI942YU2pJHL8le1wBsuY=,iv:uXbOw/9ljYjWCdafhupVJA7tIvcL801xszI8lrQnQIA=,tag:yolnZdYD1KZJFnH2gs8zzw==,type:str]
 sops:
     kms: []
     gcp_kms: []
@@ -14,8 +14,8 @@ sops:
             Y0xhYnI3MlhnbjhTS1dFMUdNZFdnSjgK4cl3R943LNMxA3dODf8nsSdmINkKIjB+
             fgp2whfSacWQchsWgpzdiayQoZ9XlWoklmTAX+yN0J8Q3j3CBb3S5g==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2023-11-23T11:45:17Z"
-    mac: ENC[AES256_GCM,data:VFEtWuEoqlU3wW8SwgWjlnnuv8aJw5Az9j82gc9YfexwR6lNyyQHY5EdZfqPdO4ZRNLen60Xq98kotTYiY7GJ9x3ZR8KPW3puRvqeD8qZf1NMwvkzQliZ+078HCBHmBTeoouWLuvWdP9uv3XOQWdR7/ZfMB/eC4bWS+Acq+tVZ4=,iv:5CRupDm9jNslcn96kUrhQdT5zadEqyKtrKbv+BtcYW0=,tag:ukHLjRdZCTRliB+LXGBHWQ==,type:str]
+    lastmodified: "2024-03-08T16:59:30Z"
+    mac: ENC[AES256_GCM,data:VIA7UaP1c2kli+BuppPl4LH1jiU9qAfqvfejZ0Mv0E8CxQ0eLAMJVkZIzSygLCx00cPbqAkESrniCeLYagyEP4tS/cff2ngplzig4uFbZzniYMXcYF9VIAyBhGgQGEZlZPgh4r4wmBdUFfhc0CPzmYt0obJ1LXElGdAoeM4OcPs=,iv:KPFJX2qJaxMwvrw/R8xrw5Fk5FRyTQdxq7DnszToy88=,tag:/H7iPZlWk2qMrWbwZdeF5w==,type:str]
     pgp:
         - created_at: "2023-11-23T20:47:08Z"
           enc: |-
@@ -33,4 +33,4 @@ sops:
             -----END PGP MESSAGE-----
           fp: 6F7069FE6B96E894E60EC45C6EEFA706CB17E89B
     unencrypted_suffix: _unencrypted
-    version: 3.7.3
+    version: 3.8.1
diff --git a/secrets/steveej-x13s/secrets.yaml b/secrets/steveej-x13s/secrets.yaml
index f8c2741..26663f9 100644
--- a/secrets/steveej-x13s/secrets.yaml
+++ b/secrets/steveej-x13s/secrets.yaml
@@ -8,28 +8,28 @@ sops:
         - recipient: age1y9urllccdcemlv7g5z4peuzeh5ah0a8nu6cnkvym8v2vfhqjd5jql483c6
           enc: |
             -----BEGIN AGE ENCRYPTED FILE-----
-            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBjU3VmRjNmYzhPT1A5WFpB
-            S2ZBeE0xWGkyR0pJVm9vVnc2ZzNWWHNkY2tvCnhHUlh6d3F2cDdHZWpvMGJ6ajhw
-            WHgyd21RZWQrSHA4bllsWVExRksrcm8KLS0tIGVvNVF1TkJ0MDBxMzRFZE01VVVz
-            Q1FmbW9BL3E1emwwWFhJTTZoRlhVdFEKCkpvkW65v0+fuh2bXZVNVbnwsl1Aca/O
-            9tkIMNLFhD/Rn8MFmkhIZmWYWB4IUwW/UNSxrmkt7cyFJNlpAH0+YA==
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSByZWRvaWFlU25sYkdTejg3
+            YXRrVHhHaDN2anR0WWJmcDdCZDNLUFhiU2hrCmZSNWNFbVd3Wm95SU9iNmhqaVE1
+            TlFuYzFNOVFEekYvWjlQWEpqbzZCU1UKLS0tIFczTHlsN2lNdlh3clI2VEI4Y0lI
+            dUQ5ZE9keUtxVU5mMklGODRjSld0TnMKGWu7m6/q6PhS1R8N9YBsxDs9O76U6Bta
+            wr8Tqr/1JLWoSLbPapltKH8+hKAb84LeILezVS1SrL+mjf2KYa3WQQ==
             -----END AGE ENCRYPTED FILE-----
     lastmodified: "2024-01-23T09:41:31Z"
     mac: ENC[AES256_GCM,data:xGspZnqqcwoxM0otV3m6RJdwp4laYC+b6DSOEhzbQDeS6hslD6BddQ2g+tS7l3QTtItOjmB6pLb1JJkyhaG3PDWaDu89GNlvUyTyTUxfZWzTfiB6LWJS7eDTwb6OvzDklzCRltoH+8bWTjedWkeWIOtYbjJPo6zwUAiXgiKOj2s=,iv:MSgm5HXlb/NtvqHvVmDdwzX5ebipf7UJnmPNFUV9Nzs=,tag:XT4Evu+Sn+t/+EPb+dZ61Q==,type:str]
     pgp:
-        - created_at: "2024-01-23T09:01:14Z"
+        - created_at: "2024-04-04T18:26:01Z"
           enc: |-
             -----BEGIN PGP MESSAGE-----
 
-            wcBMA0SHG/zF3227AQgAp6QdUiZPpktzBQ4kG3QctoiCJ6NwiYEtPJAftgbbBCDb
-            WdtjiLmp0+XFf4TvihdaFy7kDQh2wvMSj3dOLANV/V3BSJwk4WjtJoEEG+B8ZVEN
-            T0B2SauM7FcgN4eRe3jx0R9xoQGsE8vXdDbyU/rRpf1LZ6HuEjFC1Boe98mtWsAD
-            MRxYbBfmIsh0DBF9GZyaKR62PyHu7+doRHzxxDJXhItaGW96cKdydw4GhXBvqiXn
-            9SUxxXhg+FpIMXysncB4+yWKSV8FoCkmqPeNlONgk5hwDNpkeXEDND8mHbhZFN5n
-            ElUTO2ild4Cxh8E1U3A4IQ8ARMcmyag7wnCUmcxnTdJRAa11NhS+6h2PVNqRt53E
-            p2UKvgbpMgMYj3pWlP9dSuege0+YhynTGRpjTbbUqNJVGFAKfwvPa0zY0hc0hG6G
-            7Y5zpcqR+/NlVgerPZwLNFib
-            =0kQe
+            hQEMA0SHG/zF3227AQgAn6CqJhclheA82nJm39h/52Ir/gVGRZz1ViK157MxRVs3
+            NSrNZCPW+x9vGExPWJ8wnT3KZ7jeo7jEbJ260WSp4xwQtCuUrDR6Oyp0mrtN6SMo
+            4hHZo+OwLb3brQGHOng43Hedk6E74ZRMyUr5mmRKLTC1l9GeKtf3HoSvNq+bS7B8
+            SrmkemzsS2SrXYE7Qslzhi8QKwby8nsjN2pE5hk12wZKefT4XP3q+lf7n2QeboG0
+            8d4u+706BO4DoxtnXPs1Gop3sJ3TZdAXTdfjnuv+LDMOmIDoVp1tgXRPiAvCfMPV
+            9YiFS/WYMD5OA69SPBjCWIMPMw8PIU8OuHjy71eXlNJeAXeVLp70pGQOiPOZSvtl
+            vmfiPWOZnX+6jSpsSfmEa8FxAZYLgHUayF8YMtHi3kdz3x0kWMx3Pzvjvs4BfIyd
+            pp7PTfMycrk67Y3lcokNswt/fle0tN6xuqP4Uv4zWw==
+            =y1Sk
             -----END PGP MESSAGE-----
           fp: 6F7069FE6B96E894E60EC45C6EEFA706CB17E89B
     unencrypted_suffix: _unencrypted
diff --git a/secrets/work-holo/zerotierone.txt b/secrets/work-holo/zerotierone.txt
index a092cde..ba5eb65 100644
--- a/secrets/work-holo/zerotierone.txt
+++ b/secrets/work-holo/zerotierone.txt
@@ -8,15 +8,19 @@
 		"age": [
 			{
 				"recipient": "age1y9urllccdcemlv7g5z4peuzeh5ah0a8nu6cnkvym8v2vfhqjd5jql483c6",
-				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAydFBZWlJEdTkzWWFrVHdZ\nYVFxVEtCMS9tR3RMaFFWWnFEU2Z3dUc3dW5ZCmxTVGx2dHF6ejVVS0JQVjEwYU1X\nTE9wNmNQNWs4NlhXeEdtME5NV3FkUWMKLS0tIGJlamxpcndOTWR0b1l3b05WaXpT\nTkx3Rld2UnRPek5jNmdoWEYvbmZjVjgKirftt0yHRQj/JF6Ds6sFx6cX8pESZTy0\n+oPUdHEPAYpdii2FhDMxTPwy2ROGn5Bto1gMY38qopJ18bb1IFd4AA==\n-----END AGE ENCRYPTED FILE-----\n"
+				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBsRStxckpMNE5qaWx6NVBa\nb3RsVzRWZmhWM21HZldINkZsSEJ5N1kzMjA0CkZUUHVZUlcwTDBKSHg1YWVrWkVG\nVy8xalhiK3ZkY05WL1RyS1lOaE9jd2sKLS0tIE5JOEU2U2NlWE1VSmdNTEdSNGR6\nUUV1b3BhaVdOK2tNaldWNXRqOWEvclEKRgZ9VGYvzd8SyQhhNfk4auwfi1ms8E6f\nthS9Cv2UbC9jpBWR2ISuY4z4O5/6hLPZjuwJaJZlTjterIjl0rvyfw==\n-----END AGE ENCRYPTED FILE-----\n"
+			},
+			{
+				"recipient": "age1dw43sxtdxptzgyhsxhrj36x5gn7376gqk45t7wtyt3s97v7ux39sdmdd44",
+				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHRVVJWTBHRFdpOHZxTGZ2\nb2dLRmVmL2ZnMG43QzhUZktHdFQ0S1h5NG1FCnh3MmQzTDdtK2YwSmxNQkRBTFNG\nV0p5VjY4aFRIeU13aUZ6cmRDVXRjazAKLS0tIEM1VUUxNEpjNkI0NTd1NXhIUUQx\neVdwS3pMWi9DNWkvYjdhVlY1VzdoS3MK/vB6PRn4vCcR0RrV3gIzilZD9vWaSJxv\nETOC4TlVweiT8UVB/M0gCBnIdCceeft57h2iS4ljqD8zLEgGKdwgWQ==\n-----END AGE ENCRYPTED FILE-----\n"
 			}
 		],
 		"lastmodified": "2023-07-01T20:19:12Z",
 		"mac": "ENC[AES256_GCM,data:aIizzl+WFLI8rwp9r9p3kJIsbAISp8vRnSUQKKRIY8V8WdjBNuR+ebSlMf8kBg4e+D9hpTGEY0byv8bpgx/1m5MMEXIDBiBb8GHBk8qwB/3JWsBMyCHOyylw9AAgteyCDEKMCHgU/ZBvExW9n5gnuvkngKK8X1imrNG2ySL9cIo=,iv:UFacq8BdavyiHGRAcKq9obdAD7ZsW8wqugkvtbpi8pw=,tag:fkoaJKrA54tNlTLbAwRsug==,type:str]",
 		"pgp": [
 			{
-				"created_at": "2024-03-01T10:00:58Z",
-				"enc": "-----BEGIN PGP MESSAGE-----\n\nhQEMA0SHG/zF3227AQf+JWW5ihksSQw2X5TkcmdHb9FyGF9dAxjrYjjDdypM1F2O\nZjq8yevk+qyxq8NCaveAl4k8U2xQdqOTiirDYD8WhleLkj+sDNJv/RNMVpWywekb\ny24LmRNHlvVEPb92OjSHWy/QPbQGBGuoAA8KKZq+5sjR6vZIdzZeV1BWAvbkdDP2\nVVh0QjneXz0tHJ9HbytRb90xA/9Oyw0RQcxMad2A3THJO0L7OchPNkaIBmCjPSnO\n9x4ysbj87dkBmmCSOOqQAZAiWsDGRdgJyoNh0RFF3q5JCWLTRfPM6+eU8vXeenR4\nHqqO9AyhjCSjA0T1+/pPXY+C1WGkqHDODDfW3KrhGdJeATWyfi1D77SA7SQMiXjW\n+j0Oo3Y0K3aJAVn62aicgBNd5fhtTS4xIXXtnBsyjStVripW326g1b9LS0IcvouL\nwfQfrKNTkpX+Rui6Upb+KYIfTlGRl99ItJd4SMBLMQ==\n=Zlg1\n-----END PGP MESSAGE-----",
+				"created_at": "2024-04-04T18:27:45Z",
+				"enc": "-----BEGIN PGP MESSAGE-----\n\nhQEMA0SHG/zF3227AQf+Iq3qq7AWUE7jHzk8kW5VtfPhINqRadMhVWgt6/1oSebZ\nu6NTWAmjxhII9yGGfVxfCg7xqumw+M62UfTQZ6BbqxcDEavgITzUm/U/IiZ12z3f\nG6LfhMuuoCP2vvOYLYHpX363Ig7idudUBrM0MShun8iN8fuSEH24QJGLsO1WKX7b\nML+XKvPi+lrtit/1sXw55e1ixYafUhilAS54XrpwLXBw+ItpmgpvQBboVkneBP5U\nrs68ABQBQf4tTh+kFvwBDyV+EDGR5D58XtaDR2R1AhRIb433R8MV3XCvnnHdYWPx\nHBJSVFlRw7j5X6Bag+fTX0zvvmbtmGwQ72DSdJGl39JcAZQcBY50RtmNvn9YtWq3\nQkM3DcJ2Wfec//ugJ5uGBGujAzmKjW5dHLCzu5errPRckk/7ARGIUmxcLzWQXR2I\nwgTbKpEu1jwhrOiWIZODD4OOwilOSEWf14CEotU=\n=yoRw\n-----END PGP MESSAGE-----",
 				"fp": "6F7069FE6B96E894E60EC45C6EEFA706CB17E89B"
 			}
 		],