K3S-Cluster/home-cluster-ops
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add age encryption related scripts

Browse Source
This commit is contained in:
Edward Cheng
2024-07-15 09:45:02 +10:00
parent 5a803b92bd
commit fe75874c7f
4 changed files with 3663 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
scripts/3.install-sops.sh Normal file
View File

@@ -0,0 +1,7 @@
#!/bin/bash
set -e
curl -LO https://github.com/getsops/sops/releases/download/v3.8.1/sops-v3.8.1.linux.arm64 &&
sudo mv sops-v3.8.1.linux.arm64 /usr/local/bin/sops &&
chmod +x /usr/local/bin/sops
sudo apt install age -y

7
scripts/4.add-age-key.sh Normal file
View File

@@ -0,0 +1,7 @@
#!/bin/bash
set -e
cat /mnt/nfs/agekey/age.agekey |
kubectl create secret generic sops-age \
--namespace=argocd \
--from-file=age.agekey=/dev/stdin

3637
scripts/argocd-values-orig.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

12
scripts/encript-file-by-age.sh Normal file
View File

@@ -0,0 +1,12 @@
#!/usr/bin/bash
set -e
filePath=$1
AGE_PUB_KEY="age1d47q8mlty404pxx378q49hr93aqexca4mkeqtdm00w4gjd09xd0qhxcdcz"
sops --age=$AGE_PUB_KEY --encrypt --encrypted-regex '^(data|stringData)$' --in-place $filePath
echo "File encrypted: $filePath."
git add $filePath
git commit -am "Encrypt file $filePath by Age."