diff --git a/kubenix-modules/all.nix b/kubenix-modules/all.nix index 1d02a5f..53b3368 100644 --- a/kubenix-modules/all.nix +++ b/kubenix-modules/all.nix @@ -1,5 +1,7 @@ -let - applications = [ +{ + imports = [ + ./base.nix + ./custom-types.nix ./freshrss.nix ./cyberchef.nix ./kms.nix @@ -15,21 +17,15 @@ let ./media.nix ./bind9 ./dnsmasq.nix + ./esrom.nix + ./metallb.nix + ./cert-manager.nix ./minecraft.nix + ./custom/ingress.nix + ./custom/nfs-volume.nix + ./traefik.nix ./blog.nix ./atticd.nix ./argo.nix ]; -in -{ - imports = [ - ./base.nix - ./custom-types.nix - ./esrom.nix - ./metallb.nix - ./cert-manager.nix - ./custom/ingress.nix - ./custom/nfs-volume.nix - ./traefik.nix - ] ++ applications; } diff --git a/kubenix-modules/bind9/default.nix b/kubenix-modules/bind9/default.nix index 7ce9a08..25a9925 100644 --- a/kubenix-modules/bind9/default.nix +++ b/kubenix-modules/bind9/default.nix @@ -51,52 +51,27 @@ in metadata.labels.app = "bind9"; spec = { - containers = { - bind9-udp = { - image = "ubuntu/bind9:9.18-22.04_beta"; - envFrom = [{ configMapRef.name = "bind9-env"; }]; + containers.bind9 = { + image = "ubuntu/bind9:9.18-22.04_beta"; + envFrom = [{ configMapRef.name = "bind9-env"; }]; - ports.dns-udp = { - containerPort = 53; - protocol = "UDP"; - }; - - volumeMounts = [ - { - name = "config"; - mountPath = "/etc/bind/named.conf"; - subPath = "config"; - } - { - name = "config"; - mountPath = "/etc/bind/kun.is.zone"; - subPath = "kunis-zone"; - } - ]; + ports.dns = { + containerPort = 53; + protocol = "UDP"; }; - bind9-tcp = { - image = "ubuntu/bind9:9.18-22.04_beta"; - envFrom = [{ configMapRef.name = "bind9-env"; }]; - - ports.dns-tcp = { - containerPort = 53; - protocol = "TCP"; - }; - - volumeMounts = [ - { - name = "config"; - mountPath = "/etc/bind/named.conf"; - subPath = "config"; - } - { - name = "config"; - mountPath = "/etc/bind/kun.is.zone"; - subPath = "kunis-zone"; - } - ]; - }; + volumeMounts = [ + { + name = "config"; + mountPath = "/etc/bind/named.conf"; + subPath = "config"; + } + { + name = "config"; + mountPath = "/etc/bind/kun.is.zone"; + subPath = "kunis-zone"; + } + ]; }; volumes = [{ @@ -108,45 +83,15 @@ in }; }; - services = { - bind9-udp = { - metadata.annotations = { - "metallb.universe.tf/loadBalancerIPs" = "${myLib.globals.bind9IPv4},${myLib.globals.bind9Ipv6}"; - "metallb.universe.tf/allow-shared-ip" = "dns"; - }; + services.bind9.spec = { + type = "LoadBalancer"; + loadBalancerIP = myLib.globals.bind9IPv4; + selector.app = "bind9"; - spec = { - type = "LoadBalancer"; - selector.app = "bind9"; - ipFamilies = [ "IPv4" "IPv6" ]; - ipFamilyPolicy = "RequireDualStack"; - - ports.dns = { - port = 53; - targetPort = "dns-udp"; - protocol = "UDP"; - }; - }; - }; - - bind9-tcp = { - metadata.annotations = { - "metallb.universe.tf/loadBalancerIPs" = "${myLib.globals.bind9IPv4},${myLib.globals.bind9Ipv6}"; - "metallb.universe.tf/allow-shared-ip" = "dns"; - }; - - spec = { - type = "LoadBalancer"; - selector.app = "bind9"; - ipFamilies = [ "IPv4" "IPv6" ]; - ipFamilyPolicy = "RequireDualStack"; - - ports.dns = { - port = 53; - targetPort = "dns-tcp"; - protocol = "TCP"; - }; - }; + ports.dns = { + port = 53; + targetPort = "dns"; + protocol = "UDP"; }; }; }; diff --git a/kubenix-modules/bind9/kun.is.zone.nix b/kubenix-modules/bind9/kun.is.zone.nix index 4f1b9b8..9e15cf0 100644 --- a/kubenix-modules/bind9/kun.is.zone.nix +++ b/kubenix-modules/bind9/kun.is.zone.nix @@ -3,8 +3,8 @@ myLib: dns: with dns.lib.combinators; { SOA = { nameServer = "ns1"; - adminEmail = "webmaster.kun.is"; - serial = 2024041301; + adminEmail = "webmaster@kun.is"; + serial = 2024041300; }; NS = [ @@ -23,7 +23,7 @@ myLib: dns: with dns.lib.combinators; { subdomains = rec { "*".A = [ myLib.globals.routerPublicIPv4 ]; - ns = host myLib.globals.routerPublicIPv4 myLib.globals.bind9Ipv6; + ns.A = [ myLib.globals.routerPublicIPv4 ]; ns1 = ns; ns2 = ns; diff --git a/kubenix-modules/metallb.nix b/kubenix-modules/metallb.nix index 4adc926..5988636 100644 --- a/kubenix-modules/metallb.nix +++ b/kubenix-modules/metallb.nix @@ -1,7 +1,7 @@ # TODO: These resources should probably exist within the kube-system namespace. { kubernetes.resources = { - ipAddressPools.main.spec.addresses = [ "192.168.30.128-192.168.30.200" "2a0d:6e00:1a77:30::2-2a0d:6e00:1a77:30:ffff:ffff:ffff:fffe" ]; + ipAddressPools.main.spec.addresses = [ "192.168.30.128-192.168.30.200" ]; l2Advertisements.main.metadata = { }; }; } diff --git a/kubenix-modules/traefik.nix b/kubenix-modules/traefik.nix index f431de7..4ff26dc 100644 --- a/kubenix-modules/traefik.nix +++ b/kubenix-modules/traefik.nix @@ -4,12 +4,12 @@ metadata.namespace = "kube-system"; # Override Traefik's service with a static load balancer IP. - # Create endpoint for HTTPS on port 444. + # Create endpoint for HTTPS on port444. # Allow external name services for esrom. spec.valuesContent = '' service: spec: - annotations: {"metallb.universe.tf/loadBalancerIPs":"${myLib.globals.traefikIPv4}"} + loadBalancerIP: "${myLib.globals.traefikIPv4}" ports: localsecure: port: 8444 diff --git a/machines/atlas.nix b/machines/atlas.nix index 34f146e..d9fc33b 100644 --- a/machines/atlas.nix +++ b/machines/atlas.nix @@ -10,7 +10,6 @@ k3s = { enable = true; - role = "agent"; serverAddr = "https://jefke.dmz:6443"; }; }; diff --git a/machines/jefke.nix b/machines/jefke.nix index d2df75c..b5c194b 100644 --- a/machines/jefke.nix +++ b/machines/jefke.nix @@ -8,10 +8,7 @@ dataPartition = "/dev/nvme0n1p1"; }; - k3s = { - enable = true; - clusterInit = true; - }; + k3s.enable = true; }; }; } diff --git a/my-lib/globals.nix b/my-lib/globals.nix index e070cc1..25dcc2f 100644 --- a/my-lib/globals.nix +++ b/my-lib/globals.nix @@ -4,7 +4,6 @@ minecraftIPv4 = "192.168.30.136"; dnsmasqIPv4 = "192.168.30.135"; bind9IPv4 = "192.168.30.134"; - bind9Ipv6 = "2a0d:6e00:1a77:30::134"; bittorrentIPv4 = "192.168.30.133"; gitIPv4 = "192.168.30.132"; piholeIPv4 = "192.168.30.131"; diff --git a/nixos-modules/k3s/default.nix b/nixos-modules/k3s/default.nix index b9e94fb..40db8bc 100644 --- a/nixos-modules/k3s/default.nix +++ b/nixos-modules/k3s/default.nix @@ -10,22 +10,6 @@ in { ''; }; - role = lib.mkOption { - default = "server"; - type = lib.types.str; - description = '' - Whether to run k3s as a server or an agent. - ''; - }; - - clusterInit = lib.mkOption { - default = false; - type = lib.types.bool; - description = '' - Whether this node should initialize the K8s cluster. - ''; - }; - serverAddr = lib.mkOption { default = null; type = with lib.types; nullOr str; @@ -44,76 +28,29 @@ in { firewall.enable = lib.mkForce false; }; - services.k3s = - let - serverFlags = "--tls-san ${config.networking.fqdn} --disable servicelb --cluster-cidr=10.42.0.0/16,2001:cafe:42::/56 --service-cidr=10.43.0.0/16,2001:cafe:43::/112"; - in - { - enable = true; - role = cfg.role; - tokenFile = config.age.secrets.k3s-server-token.path; - extraFlags = lib.mkIf (cfg.role == "server") serverFlags; - clusterInit = cfg.clusterInit; - serverAddr = lib.mkIf (! (cfg.serverAddr == null)) cfg.serverAddr; - }; - - system = lib.mkIf (cfg.role == "server") { - activationScripts = { - k3s-bootstrap.text = ( - let - k3sBootstrapFile = (kubenix.evalModules.x86_64-linux { - module = import ./bootstrap.nix; - }).config.kubernetes.result; - in - '' - mkdir -p /var/lib/rancher/k3s/server/manifests - ln -sf ${k3sBootstrapFile} /var/lib/rancher/k3s/server/manifests/k3s-bootstrap.json - '' - ); - - k3s-certs.text = '' - mkdir -p /var/lib/rancher/k3s/server/tls/etcd - ln -sf ${./k3s-ca/server-ca.crt} /var/lib/rancher/k3s/server/tls/server-ca.crt - ln -sf ${./k3s-ca/client-ca.crt} /var/lib/rancher/k3s/server/tls/client-ca.crt - ln -sf ${./k3s-ca/request-header-ca.crt} /var/lib/rancher/k3s/server/tls/request-header-ca.crt - ln -sf ${./k3s-ca/etcd/peer-ca.crt} /var/lib/rancher/k3s/server/tls/etcd/peer-ca.crt - ln -sf ${./k3s-ca/etcd/server-ca.crt} /var/lib/rancher/k3s/server/tls/etcd/server-ca.crt - ''; - }; + services.k3s = { + enable = true; + role = "server"; + tokenFile = config.age.secrets.k3s-server-token.path; + extraFlags = "--tls-san ${config.networking.fqdn} --disable servicelb"; + clusterInit = cfg.serverAddr == null; + serverAddr = lib.mkIf (! (cfg.serverAddr == null)) cfg.serverAddr; }; - age.secrets = { - k3s-server-token.file = ../../secrets/k3s-server-token.age; - - k3s-server-ca-key = lib.mkIf (cfg.role == "server") { - file = ../../secrets/k3s-ca/server-ca.key.age; - path = "/var/lib/rancher/k3s/server/tls/server-ca.key"; - }; - - k3s-client-ca-key = lib.mkIf (cfg.role == "server") { - file = ../../secrets/k3s-ca/client-ca.key.age; - path = "/var/lib/rancher/k3s/server/tls/client-ca.key"; - }; - - k3s-request-header-ca-key = lib.mkIf (cfg.role == "server") { - file = ../../secrets/k3s-ca/request-header-ca.key.age; - path = "/var/lib/rancher/k3s/server/tls/request-header-ca.key"; - }; - - k3s-etcd-peer-ca-key = lib.mkIf (cfg.role == "server") { - file = ../../secrets/k3s-ca/etcd/peer-ca.key.age; - path = "/var/lib/rancher/k3s/server/tls/etcd/peer-ca.key"; - }; - - k3s-etcd-server-ca-key = lib.mkIf (cfg.role == "server") { - file = ../../secrets/k3s-ca/etcd/server-ca.key.age; - path = "/var/lib/rancher/k3s/server/tls/etcd/server-ca.key"; - }; - - k3s-service-key = lib.mkIf (cfg.role == "server") { - file = ../../secrets/k3s-ca/service.key.age; - path = "/var/lib/rancher/k3s/server/tls/service.key"; - }; + system = lib.mkIf (cfg.serverAddr == null) { + activationScripts.k3s-bootstrap.text = ( + let + k3sBootstrapFile = (kubenix.evalModules.x86_64-linux { + module = import ./bootstrap.nix; + }).config.kubernetes.result; + in + '' + mkdir -p /var/lib/rancher/k3s/server/manifests + ln -sf ${k3sBootstrapFile} /var/lib/rancher/k3s/server/manifests/k3s-bootstrap.json + '' + ); }; + + age.secrets.k3s-server-token.file = ../../secrets/k3s-server-token.age; }; } diff --git a/nixos-modules/k3s/k3s-ca/client-ca.crt b/nixos-modules/k3s/k3s-ca/client-ca.crt deleted file mode 100644 index cbcfa74..0000000 --- a/nixos-modules/k3s/k3s-ca/client-ca.crt +++ /dev/null @@ -1,81 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDZjCCAU6gAwIBAgIIK1UyUU0zJ3cwDQYJKoZIhvcNAQELBQAwKTEnMCUGA1UE -AwweazNzLWludGVybWVkaWF0ZS1jYUAxNzE1MjU3ODEzMB4XDTI0MDUwOTEyMzAy -MFoXDTQ0MDEyNTEyMzAyMFowIzEhMB8GA1UEAwwYazNzLWNsaWVudC1jYUAxNzE1 -MjU3ODEzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEBB8Y6sNAW10pxocoKo71 -BTJXo7gwFSxotKxht5rinAmpvVEZnRlIDcjtdRZ0mqTT3I8SXrhGtWjdTP37cmM1 -/KNjMGEwHQYDVR0OBBYEFA0aYftOY6QKQhCiWi2U3JEkGfqJMB8GA1UdIwQYMBaA -FPr9VQZaChg8JC0u+mpfJyqQvjdiMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/ -BAQDAgKkMA0GCSqGSIb3DQEBCwUAA4ICAQDDGSh4gVbI5zjCrHn4yFt/XdGq1MML -8wJf2UvRCddQULwhuWae21P5i6cGks3v3Yqd9h+uZJ2JKl6heChuq1/vZBQ9Y31G -LuRvaGdJnzgu2S1UQMUbkc39lgJf8j20XMK4NsIOP1N3rU5i5htEzjMsi9MtiabO -yjC9fzYXVW0j5uTi14swYG9ESKPJ7WQ1nETWWRiBrs4IlPRq3jIVOJTBAHxWjMtg -96zfvqK+jgH+rx3QolwiwV7ai0D1RbCvGoOhkoQcy506SztdlNRXfGpAbcXFJ+uP -esw9xLilIjF4o42Ga9uizBGjbk/gyN4r4lZ6ojSXGKDczcQxM6i2bGRvn96KbK/R -o0gbsb56niVt1ZQDCuYdOs3B9JlrQeZaeCUypx/UbAoYnVy1FECj0OcPDI69Es60 -wHjyp3EAOTJ/gSiUhdvDjwUYT2klP0d+GvsXWbPAcqJJJS8SuVhXIZZfZW5e7Cbn -+TwO3omtxg6b7Wh7QWTUajWtmLjFSoP0MlOp56u9U5R0rfNDG5mrV4gCh0QTNyzt -+CEIC8fHDUUDAphJnirYLZszzmg14vNQUR2gm3T9/j7XYHtmzrWA7eT2pk6h1HQz -yJwoW2EsGyT6GELjztXQN+lWlBqW05cedkMsGnfym2A4Y06MaUwjNmTA3kiAoUUr -Z6PMef1lNVlmUA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFLzCCAxegAwIBAgIIK1UyUU0zJ3YwDQYJKoZIhvcNAQELBQAwITEfMB0GA1UE -AwwWazNzLXJvb3QtY2FAMTcxNTI1NzgxMzAeFw0yNDA1MDkxMjMwMjBaFw00NDAx -MjUxMjMwMjBaMCkxJzAlBgNVBAMMHmszcy1pbnRlcm1lZGlhdGUtY2FAMTcxNTI1 -NzgxMzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMZQkDW8ULwu2iUP -ZeXf+v3alHj6MQioEebJqe8ZaCFwyzQuz6VgyJIkxc0qUtvAuan2WVek22+EqLnk -uQfmEgsfuWwHt8n69SGMqZ3SA+sH5eZt+KTGEWUNzyIFZumtNgsRkeJmF+oX5QQ4 -yVWqclLrEaYkfPAr0+pf5CPugY51G8v4ezuYU4wFPjXfja4ewZj9Otpmn+X/18OS -TkSMfKG6SoY6hQPoq0rqe/C9BdilWX79C6+2Hw3fs+jzXWPaq7hkRjYEzzBPSzNW -aDl4lYQi/70wZYC85LC0J0VW0NrbrgmxieMmATnTuQAb3Ud4iQGGlqUUV7pgJO/A -vywHNR+V6xyBV2riHloy50jVkQ2ecbdqYlWn89S2Yanca/DvEYm1URWroDvhtTsm -3QPHC/Y5B04+qBaGZif7PayvRWE1WM5h130jpeTEGRRhQ7e1hM+0rvP8gyBEMiFE -HhyYGFBJ4SmZu5kbSGVQNXwS9/F9Tm47yEFEKuMQ0eFw5OASVXX4sglT/5kn8/h0 -N6EyrFMgXAo4wyCJ/m3q8ngG9VLcz+vcbSBMtt8cWxs5LyhDvK06oPsy+aGq74Pb -ripTJHysnueCqG51jC/My/vL1TAXQH8kAsz2hHFnqi5LqvY2dpeHqPa4N/9oi7i5 -IN7hw1+9kD5zO6mYMnaEQnEiYLVRAgMBAAGjYzBhMB0GA1UdDgQWBBT6/VUGWgoY -PCQtLvpqXycqkL43YjAfBgNVHSMEGDAWgBTLIkPmeEX9fvysxUa/HvlxbPKG2TAP -BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwICpDANBgkqhkiG9w0BAQsFAAOC -AgEAE4Z9is2j6K6Kk7BvDbDjW83Gew7TIIP8kTC0jZIu1loV2K8YOnmhKjer7XN5 -VpcABZ2GOzKw0syN+Z+l54az/dnp1m81MlFhUoZCiNdIDjNwSOJuF/PuBszpODcy -P6LapwD52T0WH7HyUC1Grm84Bvmzwf87rpt29PBgRyt1ZPRgOCD96RvCH9v8/jWx -KkxrtjYpsje7SIagepWEsu4w+ZXMSCsJejj4bqH/mFpkUNGDSu+kgiHh2RXHSqTx -W1ZLHoz243vFyv1wrH1hFpZfEaOxa17zGEn8kdOXcRqkPMOEokKVrbjmv334SeE6 -36eWyFtcbrFLWES6wKw4/KLWEzBAuGWz+ujoy9G7ahpylJGTMk74+/njqLbgrOcR -dQom/UAoynkUY+U0Rj7bW1rYpxcjimpTPGyXsJ9AGz4nYtOwQEpQ441/nPxH6hAY -i7tODC4YSbP+HH8aGIkb+oSMExVnHLeypjUcbQWPLQ940p0bLIUu378yl62N9dOC -1JYW68PslezrIN/YViAF9aW7CxxI9mJQeGZlO8+4gpUTLkHX7vLws9GK2giCbvEY -JXnrtd3C2sY8BmP5Ps6hQKd//NyT0D+mIhOmoNXaTufvWSdRdWjgClcdNtEqk88E -XPWn6g0sW7r1usZQCms+bDSmO88ZZ0SDOg+Yw76pBHRAkAo= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFMzCCAxugAwIBAgIUVmq/U/xnr7TE0GqtUK9fdm6ClgAwDQYJKoZIhvcNAQEL -BQAwITEfMB0GA1UEAwwWazNzLXJvb3QtY2FAMTcxNTI1NzgxMzAeFw0yNDA1MDkx -MjMwMThaFw00NDA1MDQxMjMwMThaMCExHzAdBgNVBAMMFmszcy1yb290LWNhQDE3 -MTUyNTc4MTMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDAcIqRzsAP -tWnAxd3nkSyVutRe1gYGe4cqYExgwn6JLi34/ENZ8PTkUTA7crZ9okm66vn8Wcot -RCIrIQV/4FoQBKnTQgCv0TRaA59TyvLiES1W9EaFOpggrIz5TKx06DN+UhxhEOeQ -OaYpBfigVzODv3qw5+7V10a/9QErpy4PDv915zAO3fu6n/9Y3OJxpzb3vVwfQpLd -6vMl4o13gZq3Tp17DJ3pbs3RT1TMYiECCLEhuEgML9dXVFdW5HNcdiGx9mepzwcw -qyrlD4BufIJ9K6PPu3Ppp1311y0acvTLgYuRUBl9qOlrsMv0rS/7XcNEG6b9Vg+T -1s38y9FJIbtIwvLBlKPonfMatem2bkGcijlf7LHlkDmCd0GLsQtvklwzGPPa2lg9 -bCB909ivzRWtSW1ba0kLaQUbCJG7yRH/nqE+fA72IlUzxN01AvXUFtq7Hi3cw2Yc -zyyVk8IRRJLYq9EjFy8+14e1QAWCP4M4RbGLSRb53aVcOWm22KFyczaDg+NnnHtB -ASS6ODfYEeAujVj7tq90IPspT6ewPaZ91qRSanr2lABkEEEaX58ErQ6G2g4yuQLQ -8pzXX9v1crCIWGsclx77a5CV599loKcZOIIxT4e1u7Dhy0EQD0yX1tru3XaVkdP/ -TyidJLH2GS5MJ1vLuY7ezrocZJUrkSZOIwIDAQABo2MwYTAdBgNVHQ4EFgQUyyJD -5nhF/X78rMVGvx75cWzyhtkwHwYDVR0jBBgwFoAUyyJD5nhF/X78rMVGvx75cWzy -htkwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAqQwDQYJKoZIhvcNAQEL -BQADggIBAEM7KOB7myKORjA+smmMHXeHrfWMtS5R1mlp+JFeEZaMks6ktsicynRQ -PdD49F8Kk35XtB97sfNeM0/csIngq9ES0xhRvDbfEq68edFUUD/WpyPYIFjd1MGf -MiIbOYZSVG60xOJSFgE7f+ymK6XTwd61PRojNyIvb+2lVASKT//aWMlHU1ox+2rx -kihi0YJHH8yKhFyps4oJQyW7f+0NFfy2rknvLP55EIKiLCFPHmh636vx+bJ8AbUY -j96VEN96KqZE6YTygqHmYz5n/Vl9FibOBN1hQmHwyBy6mJI8Q0RxS4PMsxSEwKoE -H5RdpAdYPF4F23gsN0rbIFzEmgwXMnJkKPgGEIMniTHcKIEjSPTPnLWScQynqRu0 -jpNXpgJ9N22sRFAzJWAaB+67YSwymClOzzAe18A7lwBrQRFZldR+GYjpywBNVI0R -G8WVmyOcQCqNeycwED+z2UvRJcGR1yxkZFDhJjcV/kLbvQQj9zNRpS8cEHWyqXZ0 -RYqQMvYebLwydDkmZ9e73NaJPFTtWciFUzzxfDid9Ql6C1sMFURl4XxBthUXNH6+ -09T9IIivtoyHV+EWPo/9yr3cO+4B18PXJv3vlmFf1PGOGjpzNLnOxiPU+fDEmAhm -KasQJscK9c2FT6/6XnJjdOnyvgTBlLM7UrZ+9M0icf8vQSVjDudq ------END CERTIFICATE----- diff --git a/nixos-modules/k3s/k3s-ca/etcd/peer-ca.crt b/nixos-modules/k3s/k3s-ca/etcd/peer-ca.crt deleted file mode 100644 index 0c44c46..0000000 --- a/nixos-modules/k3s/k3s-ca/etcd/peer-ca.crt +++ /dev/null @@ -1,81 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDaTCCAVGgAwIBAgIIK1UyUU0zJ3owDQYJKoZIhvcNAQELBQAwKTEnMCUGA1UE -AwweazNzLWludGVybWVkaWF0ZS1jYUAxNzE1MjU3ODEzMB4XDTI0MDUwOTEyMzAy -MFoXDTQ0MDEyNTEyMzAyMFowJjEkMCIGA1UEAwwbazNzLWV0Y2QtcGVlci1jYUAx -NzE1MjU3ODEzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEnl/F0abKbhtunsAE -gFB/NapdHORdwEku2AlLLFZuBTWTm7bDPV6aL/QrSlqKOscrh0WqCJMAy+OrC3Uz -MgKgQKNjMGEwHQYDVR0OBBYEFH8weUS7ylk6JshWGj/UTH3vt/L6MB8GA1UdIwQY -MBaAFPr9VQZaChg8JC0u+mpfJyqQvjdiMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P -AQH/BAQDAgKkMA0GCSqGSIb3DQEBCwUAA4ICAQASumDCrfrfm9AAjCou3V1YEbZA -bM20GyWfFHIWzZOtCyKJQt0oOr2tXXv8RwsG0qWeVU7C0CeGUEhF8IFe/O01idWT -wv8Fiatugen6gx2ufawyEv4ATW3tPAizt+r4eZz0euYntGevPx2iM1R5xEcaNj01 -kRiydyeP/m1C+uEXTCemIcP0vC67UE5OFBntjub7+K5h+iFApt/3MpdAW51GSDZn -t+EgaMa98ozHhTRWpA0QlmbDzQLX8hIALvFvzqyJcUHSoVeJEo0J25IXi7mJKQP3 -kTG/1WjEXlZ2LUfWtBRlhfgxjdupLTULdOpHY3E0Zl5K7gBvDayMcrdcGNIgJ0iJ -qMRfB30Qwa1Hypgio5GOi4aOEyE3dNQke+M8UtI1oMXCyPeLTBMoc7rzZii0AnwD -5IuT4Uwx8SMHBuBPlU6TVe4UsChaw+k7kPDAWJ9yULW4x4o/zHQB/opjWMSpQqc0 -nrBfFEhgFyUbwYnGutfEczwhxPlDhdICKPK2bO5dh6LEPohvmoXVks6Dp98Ha371 -61/1ZLsMqO8spMrzlkONdSjZmoyFSIWiUivzXcnGVyiuSqYEbRokgoKg1mv61c3x -lcw7ChGafWws1odaHV0A6nXf7G5+K3I6wnKW5601GwrAiQVgEba8x290WWun4k8d -USo2/Dqkd9+wVScQHw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFLzCCAxegAwIBAgIIK1UyUU0zJ3YwDQYJKoZIhvcNAQELBQAwITEfMB0GA1UE -AwwWazNzLXJvb3QtY2FAMTcxNTI1NzgxMzAeFw0yNDA1MDkxMjMwMjBaFw00NDAx -MjUxMjMwMjBaMCkxJzAlBgNVBAMMHmszcy1pbnRlcm1lZGlhdGUtY2FAMTcxNTI1 -NzgxMzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMZQkDW8ULwu2iUP -ZeXf+v3alHj6MQioEebJqe8ZaCFwyzQuz6VgyJIkxc0qUtvAuan2WVek22+EqLnk -uQfmEgsfuWwHt8n69SGMqZ3SA+sH5eZt+KTGEWUNzyIFZumtNgsRkeJmF+oX5QQ4 -yVWqclLrEaYkfPAr0+pf5CPugY51G8v4ezuYU4wFPjXfja4ewZj9Otpmn+X/18OS -TkSMfKG6SoY6hQPoq0rqe/C9BdilWX79C6+2Hw3fs+jzXWPaq7hkRjYEzzBPSzNW -aDl4lYQi/70wZYC85LC0J0VW0NrbrgmxieMmATnTuQAb3Ud4iQGGlqUUV7pgJO/A -vywHNR+V6xyBV2riHloy50jVkQ2ecbdqYlWn89S2Yanca/DvEYm1URWroDvhtTsm -3QPHC/Y5B04+qBaGZif7PayvRWE1WM5h130jpeTEGRRhQ7e1hM+0rvP8gyBEMiFE -HhyYGFBJ4SmZu5kbSGVQNXwS9/F9Tm47yEFEKuMQ0eFw5OASVXX4sglT/5kn8/h0 -N6EyrFMgXAo4wyCJ/m3q8ngG9VLcz+vcbSBMtt8cWxs5LyhDvK06oPsy+aGq74Pb -ripTJHysnueCqG51jC/My/vL1TAXQH8kAsz2hHFnqi5LqvY2dpeHqPa4N/9oi7i5 -IN7hw1+9kD5zO6mYMnaEQnEiYLVRAgMBAAGjYzBhMB0GA1UdDgQWBBT6/VUGWgoY -PCQtLvpqXycqkL43YjAfBgNVHSMEGDAWgBTLIkPmeEX9fvysxUa/HvlxbPKG2TAP -BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwICpDANBgkqhkiG9w0BAQsFAAOC -AgEAE4Z9is2j6K6Kk7BvDbDjW83Gew7TIIP8kTC0jZIu1loV2K8YOnmhKjer7XN5 -VpcABZ2GOzKw0syN+Z+l54az/dnp1m81MlFhUoZCiNdIDjNwSOJuF/PuBszpODcy -P6LapwD52T0WH7HyUC1Grm84Bvmzwf87rpt29PBgRyt1ZPRgOCD96RvCH9v8/jWx -KkxrtjYpsje7SIagepWEsu4w+ZXMSCsJejj4bqH/mFpkUNGDSu+kgiHh2RXHSqTx -W1ZLHoz243vFyv1wrH1hFpZfEaOxa17zGEn8kdOXcRqkPMOEokKVrbjmv334SeE6 -36eWyFtcbrFLWES6wKw4/KLWEzBAuGWz+ujoy9G7ahpylJGTMk74+/njqLbgrOcR -dQom/UAoynkUY+U0Rj7bW1rYpxcjimpTPGyXsJ9AGz4nYtOwQEpQ441/nPxH6hAY -i7tODC4YSbP+HH8aGIkb+oSMExVnHLeypjUcbQWPLQ940p0bLIUu378yl62N9dOC -1JYW68PslezrIN/YViAF9aW7CxxI9mJQeGZlO8+4gpUTLkHX7vLws9GK2giCbvEY -JXnrtd3C2sY8BmP5Ps6hQKd//NyT0D+mIhOmoNXaTufvWSdRdWjgClcdNtEqk88E -XPWn6g0sW7r1usZQCms+bDSmO88ZZ0SDOg+Yw76pBHRAkAo= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFMzCCAxugAwIBAgIUVmq/U/xnr7TE0GqtUK9fdm6ClgAwDQYJKoZIhvcNAQEL -BQAwITEfMB0GA1UEAwwWazNzLXJvb3QtY2FAMTcxNTI1NzgxMzAeFw0yNDA1MDkx -MjMwMThaFw00NDA1MDQxMjMwMThaMCExHzAdBgNVBAMMFmszcy1yb290LWNhQDE3 -MTUyNTc4MTMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDAcIqRzsAP -tWnAxd3nkSyVutRe1gYGe4cqYExgwn6JLi34/ENZ8PTkUTA7crZ9okm66vn8Wcot -RCIrIQV/4FoQBKnTQgCv0TRaA59TyvLiES1W9EaFOpggrIz5TKx06DN+UhxhEOeQ -OaYpBfigVzODv3qw5+7V10a/9QErpy4PDv915zAO3fu6n/9Y3OJxpzb3vVwfQpLd -6vMl4o13gZq3Tp17DJ3pbs3RT1TMYiECCLEhuEgML9dXVFdW5HNcdiGx9mepzwcw -qyrlD4BufIJ9K6PPu3Ppp1311y0acvTLgYuRUBl9qOlrsMv0rS/7XcNEG6b9Vg+T -1s38y9FJIbtIwvLBlKPonfMatem2bkGcijlf7LHlkDmCd0GLsQtvklwzGPPa2lg9 -bCB909ivzRWtSW1ba0kLaQUbCJG7yRH/nqE+fA72IlUzxN01AvXUFtq7Hi3cw2Yc -zyyVk8IRRJLYq9EjFy8+14e1QAWCP4M4RbGLSRb53aVcOWm22KFyczaDg+NnnHtB -ASS6ODfYEeAujVj7tq90IPspT6ewPaZ91qRSanr2lABkEEEaX58ErQ6G2g4yuQLQ -8pzXX9v1crCIWGsclx77a5CV599loKcZOIIxT4e1u7Dhy0EQD0yX1tru3XaVkdP/ -TyidJLH2GS5MJ1vLuY7ezrocZJUrkSZOIwIDAQABo2MwYTAdBgNVHQ4EFgQUyyJD -5nhF/X78rMVGvx75cWzyhtkwHwYDVR0jBBgwFoAUyyJD5nhF/X78rMVGvx75cWzy -htkwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAqQwDQYJKoZIhvcNAQEL -BQADggIBAEM7KOB7myKORjA+smmMHXeHrfWMtS5R1mlp+JFeEZaMks6ktsicynRQ -PdD49F8Kk35XtB97sfNeM0/csIngq9ES0xhRvDbfEq68edFUUD/WpyPYIFjd1MGf -MiIbOYZSVG60xOJSFgE7f+ymK6XTwd61PRojNyIvb+2lVASKT//aWMlHU1ox+2rx -kihi0YJHH8yKhFyps4oJQyW7f+0NFfy2rknvLP55EIKiLCFPHmh636vx+bJ8AbUY -j96VEN96KqZE6YTygqHmYz5n/Vl9FibOBN1hQmHwyBy6mJI8Q0RxS4PMsxSEwKoE -H5RdpAdYPF4F23gsN0rbIFzEmgwXMnJkKPgGEIMniTHcKIEjSPTPnLWScQynqRu0 -jpNXpgJ9N22sRFAzJWAaB+67YSwymClOzzAe18A7lwBrQRFZldR+GYjpywBNVI0R -G8WVmyOcQCqNeycwED+z2UvRJcGR1yxkZFDhJjcV/kLbvQQj9zNRpS8cEHWyqXZ0 -RYqQMvYebLwydDkmZ9e73NaJPFTtWciFUzzxfDid9Ql6C1sMFURl4XxBthUXNH6+ -09T9IIivtoyHV+EWPo/9yr3cO+4B18PXJv3vlmFf1PGOGjpzNLnOxiPU+fDEmAhm -KasQJscK9c2FT6/6XnJjdOnyvgTBlLM7UrZ+9M0icf8vQSVjDudq ------END CERTIFICATE----- diff --git a/nixos-modules/k3s/k3s-ca/etcd/server-ca.crt b/nixos-modules/k3s/k3s-ca/etcd/server-ca.crt deleted file mode 100644 index bc0b6ef..0000000 --- a/nixos-modules/k3s/k3s-ca/etcd/server-ca.crt +++ /dev/null @@ -1,81 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDazCCAVOgAwIBAgIIK1UyUU0zJ3swDQYJKoZIhvcNAQELBQAwKTEnMCUGA1UE -AwweazNzLWludGVybWVkaWF0ZS1jYUAxNzE1MjU3ODEzMB4XDTI0MDUwOTEyMzAy -MFoXDTQ0MDEyNTEyMzAyMFowKDEmMCQGA1UEAwwdazNzLWV0Y2Qtc2VydmVyLWNh -QDE3MTUyNTc4MTMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARjDMY4U81p+y3C -k+g4MloNceEQ0+TKbnGc0xlGmJBXXKqB6zrolIdv/J9GABZ9eIUGEs8Xw0E4VEPM -l2iFGyoOo2MwYTAdBgNVHQ4EFgQUm/3f0yXxqbgLmU4a+H2QMavLUX0wHwYDVR0j -BBgwFoAU+v1VBloKGDwkLS76al8nKpC+N2IwDwYDVR0TAQH/BAUwAwEB/zAOBgNV -HQ8BAf8EBAMCAqQwDQYJKoZIhvcNAQELBQADggIBADcxOaGyetgWEqo5BqNZd9X6 -6Lj3rJZTYBmAJeISscG/Dwnv0MmRWw911zmRhikEu8jmLiGMQZUwFD1KoJ6Z/D2M -0Iqk87Ur4aS+mw2Yc60QatkZ2D1XBhrzk3gMaCtWMQBRiexA4qvaw8qlDkDR2eW9 -wyks+WsD6Am1Vb/9k7fIfDR1KkScpl07fAMil73URy+KNDZ6r8hW3xZulvZd5IWp -g2px4A+i4eUbevBU1xljpXjP5lrEqoApk5YQDlHHKARszWlQC9PbvyiRRn8dH69m -mC0cdt5tSWWT49bCRtfigoejeFr8SaYzDuvR4Wb31CgbH+qVZADfgggE1N6pQCsY -w+b8xvoZGAcKEWAlX3J159Rc1mV9HRCEzaGEt5kgJuPFyJUXCjQzrKTADOawFxGb -IYeKcmUJuJG0yDkYb5lNa5fv02PAqXVM+Wz+YpFryHRphKt/gGLlhg1HyqnLVowi -UhlRyPLj9XG8PH1ZRVF6/havkg9H78voMXdFMcotIF34wSP5k/wsDjmgsvuLUIek -ryImLiMuJT5sTM/xVdLT2B9cJrFz4XIAFV209PvIldDDp1ySsh7Tz8fWHdCjvd5o -8FTAcyBW72mpS5WP+FUnq0mgpHp9HrLCC3q4AQ7juJszD1PExGNW710rjMHlnrrF -w4VKyOziEAxsiuA390Ds ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFLzCCAxegAwIBAgIIK1UyUU0zJ3YwDQYJKoZIhvcNAQELBQAwITEfMB0GA1UE -AwwWazNzLXJvb3QtY2FAMTcxNTI1NzgxMzAeFw0yNDA1MDkxMjMwMjBaFw00NDAx -MjUxMjMwMjBaMCkxJzAlBgNVBAMMHmszcy1pbnRlcm1lZGlhdGUtY2FAMTcxNTI1 -NzgxMzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMZQkDW8ULwu2iUP -ZeXf+v3alHj6MQioEebJqe8ZaCFwyzQuz6VgyJIkxc0qUtvAuan2WVek22+EqLnk -uQfmEgsfuWwHt8n69SGMqZ3SA+sH5eZt+KTGEWUNzyIFZumtNgsRkeJmF+oX5QQ4 -yVWqclLrEaYkfPAr0+pf5CPugY51G8v4ezuYU4wFPjXfja4ewZj9Otpmn+X/18OS -TkSMfKG6SoY6hQPoq0rqe/C9BdilWX79C6+2Hw3fs+jzXWPaq7hkRjYEzzBPSzNW -aDl4lYQi/70wZYC85LC0J0VW0NrbrgmxieMmATnTuQAb3Ud4iQGGlqUUV7pgJO/A -vywHNR+V6xyBV2riHloy50jVkQ2ecbdqYlWn89S2Yanca/DvEYm1URWroDvhtTsm -3QPHC/Y5B04+qBaGZif7PayvRWE1WM5h130jpeTEGRRhQ7e1hM+0rvP8gyBEMiFE -HhyYGFBJ4SmZu5kbSGVQNXwS9/F9Tm47yEFEKuMQ0eFw5OASVXX4sglT/5kn8/h0 -N6EyrFMgXAo4wyCJ/m3q8ngG9VLcz+vcbSBMtt8cWxs5LyhDvK06oPsy+aGq74Pb -ripTJHysnueCqG51jC/My/vL1TAXQH8kAsz2hHFnqi5LqvY2dpeHqPa4N/9oi7i5 -IN7hw1+9kD5zO6mYMnaEQnEiYLVRAgMBAAGjYzBhMB0GA1UdDgQWBBT6/VUGWgoY -PCQtLvpqXycqkL43YjAfBgNVHSMEGDAWgBTLIkPmeEX9fvysxUa/HvlxbPKG2TAP -BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwICpDANBgkqhkiG9w0BAQsFAAOC -AgEAE4Z9is2j6K6Kk7BvDbDjW83Gew7TIIP8kTC0jZIu1loV2K8YOnmhKjer7XN5 -VpcABZ2GOzKw0syN+Z+l54az/dnp1m81MlFhUoZCiNdIDjNwSOJuF/PuBszpODcy -P6LapwD52T0WH7HyUC1Grm84Bvmzwf87rpt29PBgRyt1ZPRgOCD96RvCH9v8/jWx -KkxrtjYpsje7SIagepWEsu4w+ZXMSCsJejj4bqH/mFpkUNGDSu+kgiHh2RXHSqTx -W1ZLHoz243vFyv1wrH1hFpZfEaOxa17zGEn8kdOXcRqkPMOEokKVrbjmv334SeE6 -36eWyFtcbrFLWES6wKw4/KLWEzBAuGWz+ujoy9G7ahpylJGTMk74+/njqLbgrOcR -dQom/UAoynkUY+U0Rj7bW1rYpxcjimpTPGyXsJ9AGz4nYtOwQEpQ441/nPxH6hAY -i7tODC4YSbP+HH8aGIkb+oSMExVnHLeypjUcbQWPLQ940p0bLIUu378yl62N9dOC -1JYW68PslezrIN/YViAF9aW7CxxI9mJQeGZlO8+4gpUTLkHX7vLws9GK2giCbvEY -JXnrtd3C2sY8BmP5Ps6hQKd//NyT0D+mIhOmoNXaTufvWSdRdWjgClcdNtEqk88E -XPWn6g0sW7r1usZQCms+bDSmO88ZZ0SDOg+Yw76pBHRAkAo= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFMzCCAxugAwIBAgIUVmq/U/xnr7TE0GqtUK9fdm6ClgAwDQYJKoZIhvcNAQEL -BQAwITEfMB0GA1UEAwwWazNzLXJvb3QtY2FAMTcxNTI1NzgxMzAeFw0yNDA1MDkx -MjMwMThaFw00NDA1MDQxMjMwMThaMCExHzAdBgNVBAMMFmszcy1yb290LWNhQDE3 -MTUyNTc4MTMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDAcIqRzsAP -tWnAxd3nkSyVutRe1gYGe4cqYExgwn6JLi34/ENZ8PTkUTA7crZ9okm66vn8Wcot -RCIrIQV/4FoQBKnTQgCv0TRaA59TyvLiES1W9EaFOpggrIz5TKx06DN+UhxhEOeQ -OaYpBfigVzODv3qw5+7V10a/9QErpy4PDv915zAO3fu6n/9Y3OJxpzb3vVwfQpLd -6vMl4o13gZq3Tp17DJ3pbs3RT1TMYiECCLEhuEgML9dXVFdW5HNcdiGx9mepzwcw -qyrlD4BufIJ9K6PPu3Ppp1311y0acvTLgYuRUBl9qOlrsMv0rS/7XcNEG6b9Vg+T -1s38y9FJIbtIwvLBlKPonfMatem2bkGcijlf7LHlkDmCd0GLsQtvklwzGPPa2lg9 -bCB909ivzRWtSW1ba0kLaQUbCJG7yRH/nqE+fA72IlUzxN01AvXUFtq7Hi3cw2Yc -zyyVk8IRRJLYq9EjFy8+14e1QAWCP4M4RbGLSRb53aVcOWm22KFyczaDg+NnnHtB -ASS6ODfYEeAujVj7tq90IPspT6ewPaZ91qRSanr2lABkEEEaX58ErQ6G2g4yuQLQ -8pzXX9v1crCIWGsclx77a5CV599loKcZOIIxT4e1u7Dhy0EQD0yX1tru3XaVkdP/ -TyidJLH2GS5MJ1vLuY7ezrocZJUrkSZOIwIDAQABo2MwYTAdBgNVHQ4EFgQUyyJD -5nhF/X78rMVGvx75cWzyhtkwHwYDVR0jBBgwFoAUyyJD5nhF/X78rMVGvx75cWzy -htkwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAqQwDQYJKoZIhvcNAQEL -BQADggIBAEM7KOB7myKORjA+smmMHXeHrfWMtS5R1mlp+JFeEZaMks6ktsicynRQ -PdD49F8Kk35XtB97sfNeM0/csIngq9ES0xhRvDbfEq68edFUUD/WpyPYIFjd1MGf -MiIbOYZSVG60xOJSFgE7f+ymK6XTwd61PRojNyIvb+2lVASKT//aWMlHU1ox+2rx -kihi0YJHH8yKhFyps4oJQyW7f+0NFfy2rknvLP55EIKiLCFPHmh636vx+bJ8AbUY -j96VEN96KqZE6YTygqHmYz5n/Vl9FibOBN1hQmHwyBy6mJI8Q0RxS4PMsxSEwKoE -H5RdpAdYPF4F23gsN0rbIFzEmgwXMnJkKPgGEIMniTHcKIEjSPTPnLWScQynqRu0 -jpNXpgJ9N22sRFAzJWAaB+67YSwymClOzzAe18A7lwBrQRFZldR+GYjpywBNVI0R -G8WVmyOcQCqNeycwED+z2UvRJcGR1yxkZFDhJjcV/kLbvQQj9zNRpS8cEHWyqXZ0 -RYqQMvYebLwydDkmZ9e73NaJPFTtWciFUzzxfDid9Ql6C1sMFURl4XxBthUXNH6+ -09T9IIivtoyHV+EWPo/9yr3cO+4B18PXJv3vlmFf1PGOGjpzNLnOxiPU+fDEmAhm -KasQJscK9c2FT6/6XnJjdOnyvgTBlLM7UrZ+9M0icf8vQSVjDudq ------END CERTIFICATE----- diff --git a/nixos-modules/k3s/k3s-ca/request-header-ca.crt b/nixos-modules/k3s/k3s-ca/request-header-ca.crt deleted file mode 100644 index d675729..0000000 --- a/nixos-modules/k3s/k3s-ca/request-header-ca.crt +++ /dev/null @@ -1,81 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDbjCCAVagAwIBAgIIK1UyUU0zJ3kwDQYJKoZIhvcNAQELBQAwKTEnMCUGA1UE -AwweazNzLWludGVybWVkaWF0ZS1jYUAxNzE1MjU3ODEzMB4XDTI0MDUwOTEyMzAy -MFoXDTQ0MDEyNTEyMzAyMFowKzEpMCcGA1UEAwwgazNzLXJlcXVlc3QtaGVhZGVy -LWNhQDE3MTUyNTc4MTMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARAACYmLLW4 -6vaF9q1cqBefK/FQebhkwoDcuYuG597sjxQPEz8sO/yYVaNnNcVZZPqDsiF4OCOz -i9ge02pJJVXJo2MwYTAdBgNVHQ4EFgQUrVPDbR8zlHplrCIASYmcn8IrbDEwHwYD -VR0jBBgwFoAU+v1VBloKGDwkLS76al8nKpC+N2IwDwYDVR0TAQH/BAUwAwEB/zAO -BgNVHQ8BAf8EBAMCAqQwDQYJKoZIhvcNAQELBQADggIBABlvTQJx7B0LI95sOKjM -zul35QpHoMTJOM4IrtDVUQfRutsRVaJ8z2M/2PXY0OiP8ZURaUTR63fL1lklQOMq -xDM59mcyWTEB50+yTYZNCi0qUrxI7kiOGmsCWJ1JDcRRnXonF2htPdMUr8wIOrzR -CL/HIYObEqasmTZeBlaHMc7clLB+yROveCRG91MeC8iftu/ORoqUIMVhXuR2PEQn -mupksalzL71RdOPLdL7UQzhVaABDRD0JrWsb6F198PLWiGpslwqFumyxucgd4+Xq -lb9AB/Sac/2KJH2GEGUoUMac7tJ+BNNc1T6VQUeyKDCacNRemjKxOa58ilFGvGPK -xKuuPhaN/mdZNBI1EX1m8JbCTByP5naGB7DDsP8ekMg1jvfszU+BDZSZoBgDhMmu -7Hsu/CpS8LWDzZ0KRuBsCLTYwlA1H0rp3C2ZYc/cbBexo8oyHMisMvpzM/5NMkuT -aKCQFt3HOncNG6rTltTrFaJaH9sZJxaaR6Q+pKzTtRGpx3SabZnNQkmu2MoFTKoE -vApW1wYptjOm7k5+o0a7IcWWK8FbqGOwfTAiI+mNYkiwo+qunALY0q/MiX0c7beI -qDzvjAHEt/xuWLCVqXhCy7bsgAmiukICMVflWd1Bg5OlXHa9H6sXqE1hP74Wv2bo -kBKEUETfs+HldaQgT5ontb+T ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFLzCCAxegAwIBAgIIK1UyUU0zJ3YwDQYJKoZIhvcNAQELBQAwITEfMB0GA1UE -AwwWazNzLXJvb3QtY2FAMTcxNTI1NzgxMzAeFw0yNDA1MDkxMjMwMjBaFw00NDAx -MjUxMjMwMjBaMCkxJzAlBgNVBAMMHmszcy1pbnRlcm1lZGlhdGUtY2FAMTcxNTI1 -NzgxMzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMZQkDW8ULwu2iUP -ZeXf+v3alHj6MQioEebJqe8ZaCFwyzQuz6VgyJIkxc0qUtvAuan2WVek22+EqLnk -uQfmEgsfuWwHt8n69SGMqZ3SA+sH5eZt+KTGEWUNzyIFZumtNgsRkeJmF+oX5QQ4 -yVWqclLrEaYkfPAr0+pf5CPugY51G8v4ezuYU4wFPjXfja4ewZj9Otpmn+X/18OS -TkSMfKG6SoY6hQPoq0rqe/C9BdilWX79C6+2Hw3fs+jzXWPaq7hkRjYEzzBPSzNW -aDl4lYQi/70wZYC85LC0J0VW0NrbrgmxieMmATnTuQAb3Ud4iQGGlqUUV7pgJO/A -vywHNR+V6xyBV2riHloy50jVkQ2ecbdqYlWn89S2Yanca/DvEYm1URWroDvhtTsm -3QPHC/Y5B04+qBaGZif7PayvRWE1WM5h130jpeTEGRRhQ7e1hM+0rvP8gyBEMiFE -HhyYGFBJ4SmZu5kbSGVQNXwS9/F9Tm47yEFEKuMQ0eFw5OASVXX4sglT/5kn8/h0 -N6EyrFMgXAo4wyCJ/m3q8ngG9VLcz+vcbSBMtt8cWxs5LyhDvK06oPsy+aGq74Pb -ripTJHysnueCqG51jC/My/vL1TAXQH8kAsz2hHFnqi5LqvY2dpeHqPa4N/9oi7i5 -IN7hw1+9kD5zO6mYMnaEQnEiYLVRAgMBAAGjYzBhMB0GA1UdDgQWBBT6/VUGWgoY -PCQtLvpqXycqkL43YjAfBgNVHSMEGDAWgBTLIkPmeEX9fvysxUa/HvlxbPKG2TAP -BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwICpDANBgkqhkiG9w0BAQsFAAOC -AgEAE4Z9is2j6K6Kk7BvDbDjW83Gew7TIIP8kTC0jZIu1loV2K8YOnmhKjer7XN5 -VpcABZ2GOzKw0syN+Z+l54az/dnp1m81MlFhUoZCiNdIDjNwSOJuF/PuBszpODcy -P6LapwD52T0WH7HyUC1Grm84Bvmzwf87rpt29PBgRyt1ZPRgOCD96RvCH9v8/jWx -KkxrtjYpsje7SIagepWEsu4w+ZXMSCsJejj4bqH/mFpkUNGDSu+kgiHh2RXHSqTx -W1ZLHoz243vFyv1wrH1hFpZfEaOxa17zGEn8kdOXcRqkPMOEokKVrbjmv334SeE6 -36eWyFtcbrFLWES6wKw4/KLWEzBAuGWz+ujoy9G7ahpylJGTMk74+/njqLbgrOcR -dQom/UAoynkUY+U0Rj7bW1rYpxcjimpTPGyXsJ9AGz4nYtOwQEpQ441/nPxH6hAY -i7tODC4YSbP+HH8aGIkb+oSMExVnHLeypjUcbQWPLQ940p0bLIUu378yl62N9dOC -1JYW68PslezrIN/YViAF9aW7CxxI9mJQeGZlO8+4gpUTLkHX7vLws9GK2giCbvEY -JXnrtd3C2sY8BmP5Ps6hQKd//NyT0D+mIhOmoNXaTufvWSdRdWjgClcdNtEqk88E -XPWn6g0sW7r1usZQCms+bDSmO88ZZ0SDOg+Yw76pBHRAkAo= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFMzCCAxugAwIBAgIUVmq/U/xnr7TE0GqtUK9fdm6ClgAwDQYJKoZIhvcNAQEL -BQAwITEfMB0GA1UEAwwWazNzLXJvb3QtY2FAMTcxNTI1NzgxMzAeFw0yNDA1MDkx -MjMwMThaFw00NDA1MDQxMjMwMThaMCExHzAdBgNVBAMMFmszcy1yb290LWNhQDE3 -MTUyNTc4MTMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDAcIqRzsAP -tWnAxd3nkSyVutRe1gYGe4cqYExgwn6JLi34/ENZ8PTkUTA7crZ9okm66vn8Wcot -RCIrIQV/4FoQBKnTQgCv0TRaA59TyvLiES1W9EaFOpggrIz5TKx06DN+UhxhEOeQ -OaYpBfigVzODv3qw5+7V10a/9QErpy4PDv915zAO3fu6n/9Y3OJxpzb3vVwfQpLd -6vMl4o13gZq3Tp17DJ3pbs3RT1TMYiECCLEhuEgML9dXVFdW5HNcdiGx9mepzwcw -qyrlD4BufIJ9K6PPu3Ppp1311y0acvTLgYuRUBl9qOlrsMv0rS/7XcNEG6b9Vg+T -1s38y9FJIbtIwvLBlKPonfMatem2bkGcijlf7LHlkDmCd0GLsQtvklwzGPPa2lg9 -bCB909ivzRWtSW1ba0kLaQUbCJG7yRH/nqE+fA72IlUzxN01AvXUFtq7Hi3cw2Yc -zyyVk8IRRJLYq9EjFy8+14e1QAWCP4M4RbGLSRb53aVcOWm22KFyczaDg+NnnHtB -ASS6ODfYEeAujVj7tq90IPspT6ewPaZ91qRSanr2lABkEEEaX58ErQ6G2g4yuQLQ -8pzXX9v1crCIWGsclx77a5CV599loKcZOIIxT4e1u7Dhy0EQD0yX1tru3XaVkdP/ -TyidJLH2GS5MJ1vLuY7ezrocZJUrkSZOIwIDAQABo2MwYTAdBgNVHQ4EFgQUyyJD -5nhF/X78rMVGvx75cWzyhtkwHwYDVR0jBBgwFoAUyyJD5nhF/X78rMVGvx75cWzy -htkwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAqQwDQYJKoZIhvcNAQEL -BQADggIBAEM7KOB7myKORjA+smmMHXeHrfWMtS5R1mlp+JFeEZaMks6ktsicynRQ -PdD49F8Kk35XtB97sfNeM0/csIngq9ES0xhRvDbfEq68edFUUD/WpyPYIFjd1MGf -MiIbOYZSVG60xOJSFgE7f+ymK6XTwd61PRojNyIvb+2lVASKT//aWMlHU1ox+2rx -kihi0YJHH8yKhFyps4oJQyW7f+0NFfy2rknvLP55EIKiLCFPHmh636vx+bJ8AbUY -j96VEN96KqZE6YTygqHmYz5n/Vl9FibOBN1hQmHwyBy6mJI8Q0RxS4PMsxSEwKoE -H5RdpAdYPF4F23gsN0rbIFzEmgwXMnJkKPgGEIMniTHcKIEjSPTPnLWScQynqRu0 -jpNXpgJ9N22sRFAzJWAaB+67YSwymClOzzAe18A7lwBrQRFZldR+GYjpywBNVI0R -G8WVmyOcQCqNeycwED+z2UvRJcGR1yxkZFDhJjcV/kLbvQQj9zNRpS8cEHWyqXZ0 -RYqQMvYebLwydDkmZ9e73NaJPFTtWciFUzzxfDid9Ql6C1sMFURl4XxBthUXNH6+ -09T9IIivtoyHV+EWPo/9yr3cO+4B18PXJv3vlmFf1PGOGjpzNLnOxiPU+fDEmAhm -KasQJscK9c2FT6/6XnJjdOnyvgTBlLM7UrZ+9M0icf8vQSVjDudq ------END CERTIFICATE----- diff --git a/nixos-modules/k3s/k3s-ca/server-ca.crt b/nixos-modules/k3s/k3s-ca/server-ca.crt deleted file mode 100644 index a87f21f..0000000 --- a/nixos-modules/k3s/k3s-ca/server-ca.crt +++ /dev/null @@ -1,81 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDZjCCAU6gAwIBAgIIK1UyUU0zJ3gwDQYJKoZIhvcNAQELBQAwKTEnMCUGA1UE -AwweazNzLWludGVybWVkaWF0ZS1jYUAxNzE1MjU3ODEzMB4XDTI0MDUwOTEyMzAy -MFoXDTQ0MDEyNTEyMzAyMFowIzEhMB8GA1UEAwwYazNzLXNlcnZlci1jYUAxNzE1 -MjU3ODEzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEDhZobdYwh9+5PmK68/Pi -CETLWdTMftlpf4Kws1c1pu9diaQ2p2uAhgsdMxe8k5Su22HUG9soOsLpMfGn1fwS -dqNjMGEwHQYDVR0OBBYEFH4kXKFZ+MJI3cnwRtm2URRJk4ghMB8GA1UdIwQYMBaA -FPr9VQZaChg8JC0u+mpfJyqQvjdiMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/ -BAQDAgKkMA0GCSqGSIb3DQEBCwUAA4ICAQCWi/YtfU0RFX8vZenOolcbrtSiZDYO -yYuUUI3h7U1AW7Hmn3Gk0SYdNxUbJLB2sFt8s8TX+N80M5483prUi8O3CL/DTXxD -Ae4uag2MFGh0710JY0I/7paB9H9GU6T+BAKrjdru2mwlNC+DcUIY7UX5/PrmnG9z -HMt6tSdy6RuKTBu69tr/Mpdb3VZIjrEuJ/d1LrkbxEXXW+12AvBMociBXUW+7ooO -LlKji2LGFJUYvh7yjOXykjB5U75/9oBrRpASFkGqwcXk7c89UEL9RiPDLqAm6u1U -YoE8U9mZtgTV2E4DKUbamdeVRFalJMw1Pp6WrSLsK1wBgWxydEz8djUg8WLf01ml -mRtLH7AKgFy3u5s+fxMQMGSfSmSjzsV3HCKb8bssk8bm0Q4wLznqW1ClKTbBRdDb -lE0BkI0cJqaTkjBkcuPUd9yCEUT3mCFRPIqpiYAqzPwudZ9PynZVd4NfrItpEw1V -7hVFjN2q524LK3moPFd/adfEenZEXbkaUimUloADmnR/fuTjvqkUh0OVCta3SMTd -GjhMBidfBaDPs+b/wpI4oo3JzKL9U0AqDH9/KOsJk2W38VE8z+exgY0eU2E6HOaz -O18nrHF+eMY65Zxird7xLmu+I0h1aF0qp37ejBZnWMxawQwb0km0IcVE4xzixQ9F -NBWX9TfSjd17Tg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFLzCCAxegAwIBAgIIK1UyUU0zJ3YwDQYJKoZIhvcNAQELBQAwITEfMB0GA1UE -AwwWazNzLXJvb3QtY2FAMTcxNTI1NzgxMzAeFw0yNDA1MDkxMjMwMjBaFw00NDAx -MjUxMjMwMjBaMCkxJzAlBgNVBAMMHmszcy1pbnRlcm1lZGlhdGUtY2FAMTcxNTI1 -NzgxMzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMZQkDW8ULwu2iUP -ZeXf+v3alHj6MQioEebJqe8ZaCFwyzQuz6VgyJIkxc0qUtvAuan2WVek22+EqLnk -uQfmEgsfuWwHt8n69SGMqZ3SA+sH5eZt+KTGEWUNzyIFZumtNgsRkeJmF+oX5QQ4 -yVWqclLrEaYkfPAr0+pf5CPugY51G8v4ezuYU4wFPjXfja4ewZj9Otpmn+X/18OS -TkSMfKG6SoY6hQPoq0rqe/C9BdilWX79C6+2Hw3fs+jzXWPaq7hkRjYEzzBPSzNW -aDl4lYQi/70wZYC85LC0J0VW0NrbrgmxieMmATnTuQAb3Ud4iQGGlqUUV7pgJO/A -vywHNR+V6xyBV2riHloy50jVkQ2ecbdqYlWn89S2Yanca/DvEYm1URWroDvhtTsm -3QPHC/Y5B04+qBaGZif7PayvRWE1WM5h130jpeTEGRRhQ7e1hM+0rvP8gyBEMiFE -HhyYGFBJ4SmZu5kbSGVQNXwS9/F9Tm47yEFEKuMQ0eFw5OASVXX4sglT/5kn8/h0 -N6EyrFMgXAo4wyCJ/m3q8ngG9VLcz+vcbSBMtt8cWxs5LyhDvK06oPsy+aGq74Pb -ripTJHysnueCqG51jC/My/vL1TAXQH8kAsz2hHFnqi5LqvY2dpeHqPa4N/9oi7i5 -IN7hw1+9kD5zO6mYMnaEQnEiYLVRAgMBAAGjYzBhMB0GA1UdDgQWBBT6/VUGWgoY -PCQtLvpqXycqkL43YjAfBgNVHSMEGDAWgBTLIkPmeEX9fvysxUa/HvlxbPKG2TAP -BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwICpDANBgkqhkiG9w0BAQsFAAOC -AgEAE4Z9is2j6K6Kk7BvDbDjW83Gew7TIIP8kTC0jZIu1loV2K8YOnmhKjer7XN5 -VpcABZ2GOzKw0syN+Z+l54az/dnp1m81MlFhUoZCiNdIDjNwSOJuF/PuBszpODcy -P6LapwD52T0WH7HyUC1Grm84Bvmzwf87rpt29PBgRyt1ZPRgOCD96RvCH9v8/jWx -KkxrtjYpsje7SIagepWEsu4w+ZXMSCsJejj4bqH/mFpkUNGDSu+kgiHh2RXHSqTx -W1ZLHoz243vFyv1wrH1hFpZfEaOxa17zGEn8kdOXcRqkPMOEokKVrbjmv334SeE6 -36eWyFtcbrFLWES6wKw4/KLWEzBAuGWz+ujoy9G7ahpylJGTMk74+/njqLbgrOcR -dQom/UAoynkUY+U0Rj7bW1rYpxcjimpTPGyXsJ9AGz4nYtOwQEpQ441/nPxH6hAY -i7tODC4YSbP+HH8aGIkb+oSMExVnHLeypjUcbQWPLQ940p0bLIUu378yl62N9dOC -1JYW68PslezrIN/YViAF9aW7CxxI9mJQeGZlO8+4gpUTLkHX7vLws9GK2giCbvEY -JXnrtd3C2sY8BmP5Ps6hQKd//NyT0D+mIhOmoNXaTufvWSdRdWjgClcdNtEqk88E -XPWn6g0sW7r1usZQCms+bDSmO88ZZ0SDOg+Yw76pBHRAkAo= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFMzCCAxugAwIBAgIUVmq/U/xnr7TE0GqtUK9fdm6ClgAwDQYJKoZIhvcNAQEL -BQAwITEfMB0GA1UEAwwWazNzLXJvb3QtY2FAMTcxNTI1NzgxMzAeFw0yNDA1MDkx -MjMwMThaFw00NDA1MDQxMjMwMThaMCExHzAdBgNVBAMMFmszcy1yb290LWNhQDE3 -MTUyNTc4MTMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDAcIqRzsAP -tWnAxd3nkSyVutRe1gYGe4cqYExgwn6JLi34/ENZ8PTkUTA7crZ9okm66vn8Wcot -RCIrIQV/4FoQBKnTQgCv0TRaA59TyvLiES1W9EaFOpggrIz5TKx06DN+UhxhEOeQ -OaYpBfigVzODv3qw5+7V10a/9QErpy4PDv915zAO3fu6n/9Y3OJxpzb3vVwfQpLd -6vMl4o13gZq3Tp17DJ3pbs3RT1TMYiECCLEhuEgML9dXVFdW5HNcdiGx9mepzwcw -qyrlD4BufIJ9K6PPu3Ppp1311y0acvTLgYuRUBl9qOlrsMv0rS/7XcNEG6b9Vg+T -1s38y9FJIbtIwvLBlKPonfMatem2bkGcijlf7LHlkDmCd0GLsQtvklwzGPPa2lg9 -bCB909ivzRWtSW1ba0kLaQUbCJG7yRH/nqE+fA72IlUzxN01AvXUFtq7Hi3cw2Yc -zyyVk8IRRJLYq9EjFy8+14e1QAWCP4M4RbGLSRb53aVcOWm22KFyczaDg+NnnHtB -ASS6ODfYEeAujVj7tq90IPspT6ewPaZ91qRSanr2lABkEEEaX58ErQ6G2g4yuQLQ -8pzXX9v1crCIWGsclx77a5CV599loKcZOIIxT4e1u7Dhy0EQD0yX1tru3XaVkdP/ -TyidJLH2GS5MJ1vLuY7ezrocZJUrkSZOIwIDAQABo2MwYTAdBgNVHQ4EFgQUyyJD -5nhF/X78rMVGvx75cWzyhtkwHwYDVR0jBBgwFoAUyyJD5nhF/X78rMVGvx75cWzy -htkwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAqQwDQYJKoZIhvcNAQEL -BQADggIBAEM7KOB7myKORjA+smmMHXeHrfWMtS5R1mlp+JFeEZaMks6ktsicynRQ -PdD49F8Kk35XtB97sfNeM0/csIngq9ES0xhRvDbfEq68edFUUD/WpyPYIFjd1MGf -MiIbOYZSVG60xOJSFgE7f+ymK6XTwd61PRojNyIvb+2lVASKT//aWMlHU1ox+2rx -kihi0YJHH8yKhFyps4oJQyW7f+0NFfy2rknvLP55EIKiLCFPHmh636vx+bJ8AbUY -j96VEN96KqZE6YTygqHmYz5n/Vl9FibOBN1hQmHwyBy6mJI8Q0RxS4PMsxSEwKoE -H5RdpAdYPF4F23gsN0rbIFzEmgwXMnJkKPgGEIMniTHcKIEjSPTPnLWScQynqRu0 -jpNXpgJ9N22sRFAzJWAaB+67YSwymClOzzAe18A7lwBrQRFZldR+GYjpywBNVI0R -G8WVmyOcQCqNeycwED+z2UvRJcGR1yxkZFDhJjcV/kLbvQQj9zNRpS8cEHWyqXZ0 -RYqQMvYebLwydDkmZ9e73NaJPFTtWciFUzzxfDid9Ql6C1sMFURl4XxBthUXNH6+ -09T9IIivtoyHV+EWPo/9yr3cO+4B18PXJv3vlmFf1PGOGjpzNLnOxiPU+fDEmAhm -KasQJscK9c2FT6/6XnJjdOnyvgTBlLM7UrZ+9M0icf8vQSVjDudq ------END CERTIFICATE----- diff --git a/secrets/k3s-ca/client-ca.key.age b/secrets/k3s-ca/client-ca.key.age deleted file mode 100644 index 4c672ca..0000000 Binary files a/secrets/k3s-ca/client-ca.key.age and /dev/null differ diff --git a/secrets/k3s-ca/etcd/peer-ca.key.age b/secrets/k3s-ca/etcd/peer-ca.key.age deleted file mode 100644 index d67f9bf..0000000 --- a/secrets/k3s-ca/etcd/peer-ca.key.age +++ /dev/null @@ -1,17 +0,0 @@ -age-encryption.org/v1 --> ssh-ed25519 UwNSRQ 7VPm9hUzbKELjQBUfKKinUdOAUbNzY2pZp9ihry9sFU -ZPkr54gFnXE9b80OKX9NPk4DWmyRTKkcJH0C+6lLJZE --> ssh-ed25519 JJ7S4A 2TVdz1v5NBqCfPD3LzUdQsQ3ubsdJGSHwVKjj7NNpxE -uO4sRxj8RVqUQXRDlT0ZI4LxFx9MHaAWMrf9WYOZIas --> ssh-ed25519 aqswPA V+3scofJU1OnxJI9+ryPixGiD3Z1srePETEzUZ4zfAY -QoKHxyKr5XXxgJJeoJycShOqHowt/OkaYJOm8nXXeM8 --> ssh-ed25519 LAPUww V919z6/H/pC5smjiq1d8/7Q+QvbXcbfRKAfjiBugoSw -9urrVRscuLY6cKsfZKBdVcDdpPfex8sDHuEdH/EtujU --> ssh-ed25519 vBZj5g v7Pkzi9F2fc9++OsVfou2j60R2iq1ZfOCr/SfFVIvkQ -bknegfUOmc1G8PDcskOCS88OGa60B3t4R2ty7Rdt/mM --> ssh-ed25519 QP0PgA psOkHWvCkdQOpPHYJ/dpDZ/TlZhArARHT9PzsXLV9WU -EHfX0VdHJdm/0iqRfkYxmqmSqrwwgb3irBhDZPvjl3M ---- ekq08T+kFXk/v4//f8xSvqdumAFxd0jMnzUqMn180hs -͋*}`0",[vbuG_p\a#$gVq3/P3n @Bo;CmKp -#,I2_cݲʁTᇀd-`!p!}_ae"?Tjjܩ]ɔ"&"L3~= c8C ,1ܽm Bt -+D F \}I>"=alr -CU +d v \ No newline at end of file diff --git a/secrets/k3s-ca/etcd/server-ca.key.age b/secrets/k3s-ca/etcd/server-ca.key.age deleted file mode 100644 index 8684d17..0000000 --- a/secrets/k3s-ca/etcd/server-ca.key.age +++ /dev/null @@ -1,16 +0,0 @@ -age-encryption.org/v1 --> ssh-ed25519 UwNSRQ W6uEvGJIdlkC0or4dyFcK+ytKeEiwIJB1bebPLTERDA -uzMxRth4KMhqsQYhw2tWyqBeQdCbTgbBegHrkcuHI9o --> ssh-ed25519 JJ7S4A bw+MlxnWLuLecMuqMTrJl2TMXyXhqEWCpKFwsPgkgnw -zwWm3Fq9Q+mR+9rVaSzVO3i7qgPgWsv25ClCW1c0G8M --> ssh-ed25519 aqswPA ZIgGWu33QpKdUfPtlIHs9BeCurnk6pm+2XLi53RBFwc -wN8Qmo9CCqVTa+y6zcYiZYbslgTOtVMUjCCUVT0W7WA --> ssh-ed25519 LAPUww npNhPTPq8kfN2vgouVJZ5NXARHBD02L1CJHmas4ilAI -nTpXsq5BgfikRJUglFGjP9GoRIswyHZp6R7KxZhH/uc --> ssh-ed25519 vBZj5g JOUeBxwM5Qcz/YoeYCPM9dmkWp130Ze0E2n8qdsQzzo -1SL0HH+u48cDojytjSxRHXKo1sgil7EZYBLpQAOuzPI --> ssh-ed25519 QP0PgA /bQtDDcVg8DzFdgFkEDPzBTD02OYTC2Pe+WuEmP9j2A -IRUPa8tityX/FVKJKpcKWMtVvwRzFWueuvBIhlqcSv0 ---- DltN2dAJoEDuU6Ub6J7BZY84TjZfHGVN9P2SnoHrE7Q -q\!j> 3+4< -7adbт _.c(>5-3jwExHh;,hK*ȼmb*]Mmw~g{ʼn߀ZrVkfRXG% 1^?Y@1ڍ7*0߈d¸…2߯URG~:^X㎋5c8\t!,Ӫ \ No newline at end of file diff --git a/secrets/k3s-ca/request-header-ca.key.age b/secrets/k3s-ca/request-header-ca.key.age deleted file mode 100644 index 5740717..0000000 Binary files a/secrets/k3s-ca/request-header-ca.key.age and /dev/null differ diff --git a/secrets/k3s-ca/server-ca.key.age b/secrets/k3s-ca/server-ca.key.age deleted file mode 100644 index e4ed332..0000000 Binary files a/secrets/k3s-ca/server-ca.key.age and /dev/null differ diff --git a/secrets/k3s-ca/service.key.age b/secrets/k3s-ca/service.key.age deleted file mode 100644 index 190851b..0000000 Binary files a/secrets/k3s-ca/service.key.age and /dev/null differ diff --git a/secrets/secrets.nix b/secrets/secrets.nix index dff31d8..de7e4a3 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -12,12 +12,6 @@ let "borg_passphrase.age" "borgbase.pem.age" "k3s-server-token.age" - "k3s-ca/server-ca.key.age" - "k3s-ca/client-ca.key.age" - "k3s-ca/request-header-ca.key.age" - "k3s-ca/etcd/peer-ca.key.age" - "k3s-ca/etcd/server-ca.key.age" - "k3s-ca/service.key.age" ]; machinePublicKeys = [