From 88c4095a29602e84d95841620c6f427b936c2aa3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Th=C3=A9o=20Barnouin?= <theo.barnouin@protonmail.com>
Date: Fri, 4 Apr 2025 15:33:53 +0200
Subject: [PATCH] Try to use age for crowdsec lapi config

---
 secrets/secrets.nix => secrets.nix            |  0
 secrets/initialPassword.age                   | 32 +++++++++----------
 services/forgejo/secrets/forgejoDBPass.age    | 19 ++++++-----
 services/grafana/secrets/grafana-db.age       | 16 +++++-----
 .../grafana/secrets/grafana-oauth_secret.age  | 25 ++++++++-------
 services/grafana/secrets/kuma-token.age       | 21 ++++++------
 services/nginx/secrets/cs-lapi-key.age        | 13 ++++++++
 7 files changed, 70 insertions(+), 56 deletions(-)
 rename secrets/secrets.nix => secrets.nix (100%)
 create mode 100644 services/nginx/secrets/cs-lapi-key.age

diff --git a/secrets/secrets.nix b/secrets.nix
similarity index 100%
rename from secrets/secrets.nix
rename to secrets.nix
diff --git a/secrets/initialPassword.age b/secrets/initialPassword.age
index bedb9bb..04ba975 100644
--- a/secrets/initialPassword.age
+++ b/secrets/initialPassword.age
@@ -1,18 +1,18 @@
 -----BEGIN AGE ENCRYPTED FILE-----
-YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IE9Xa1ZYdyBkcDhX
-WHFGRlJFUll0TFlEVzBiUmkxd3duVHFEdFU0K3hta2JGZzdENzJrCnNBcVRtUkkz
-NFFoamExVjNhOXh0UjBJS3p0WmtBOWFGZTNkTTdlMm9aMWsKLT4gc3NoLWVkMjU1
-MTkgd25FVXB3IGpKemJpTGJlMU0zU0hPaFpVd2pZcGFlNUhYTHdxS1NlemlwaWY0
-UFRBMDAKbm9CSlpxZE1JNnNsZHdtL0R6U2Q3STVLbGQxd1F1ZzY1VkNXeWlSQk55
-TQotPiBzc2gtZWQyNTUxOSBubUtTK0EgUzMyMGJXczlic2NUOUl1d1N6MGhxZlZ6
-UXlPNEVMYk1zR3UxZkozcXVTbwpyd1UyK0dGSWhIcXpPTk5TU2ZRTjFadGRXRVlY
-OG9tbVhvZzNLcjlQL3FZCi0+IHNzaC1lZDI1NTE5IHNpbmd2USA4a0JFRmlBQjV4
-VTNhbCtMVUE2YzFwTTFwT09HT240RHRGUFdsUFNsN25nCi9zdllEcHRudmFRTC84
-c2QrbjR6eThUdW0zclBFdzVXRTRPU0R1YzlTb2cKLT4gc3NoLWVkMjU1MTkgeHFt
-eWpBIGR5ZlljUVZSZHFFZThIcHJJc1J1R2o3eGpyQ3A5T1Q2ODRyTFFqN0JyU0EK
-TFBpdTVjdTQzUmdRUUVkZDVOSlh4KzM1T1FDUXhaMVAwM2t1ZHFhdmhHVQotPiA9
-LWdyZWFzZSBlc2h8UitCIHsyIC41KS4gX1JBdnwKdUpQSm1tdXQwUFZPb0FMNENj
-TFZRM3o0Wk1lN3RobHpxZUVnZHFiT2hWcmoKLS0tIDV0d3NTWUZFNHFpQTJqNGh4
-UFdtVGJ2ZFFBMkVpaDdKN0hFcC9tSGwrWTAKSJMImvBdD1SGCFOYFpEqj0xcohO4
-9Eb1cfj6OeUsC5GMsXXJ78/XSjYtCu1wtWBml3HeQzg=
+YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IE9Xa1ZYdyBwZ0Fl
+Rm50ZmJmeWM5blk0RU5sQVExcGRsamJ2M2t3Uk9tQUJMK3JXeFd3CmJZWFJJdXVi
+Zk0yZGRFVlR1eHJoZlBTQ09FU3ZhdUJpUTZyMHZoSlhhZVUKLT4gc3NoLWVkMjU1
+MTkgd25FVXB3IFdxU0REZzdQSG5OdzBNVVN1VHJNcVZ4a2N1VTlHTWdyejlXUmpX
+UXQxem8KdnY5eUdCbWJMNkJRY1pBOFQrSUd3OCtLczlUWFJnZ0dTZzhlMXp6dHk5
+ZwotPiBzc2gtZWQyNTUxOSBubUtTK0EgalR0bGUzY1orS2Jqc1FVZVczUG84YmIx
+WUdrUnFFNHlLbHFQcWJoMTJsWQo3cjY1Zi8zUUlqeXU2clk0RS9uY2xCT1V3bHNV
+NWd1cjBaR0JnV2Q4N1VRCi0+IHNzaC1lZDI1NTE5IHNpbmd2USBWdnFrdGpIeVZX
+S3pLOWhsdFpJUUhKUmVGN1FiSE5NcWFYZ0EyaXI1a1RFClN5VU5BZXZFWkRycVlE
+dW5WYStEMS9LUGk3aFlNb1V2NDRrRkh6Qzc5ZTAKLT4gc3NoLWVkMjU1MTkgeHFt
+eWpBIHpjaEdBWitvVWtjMlNBb0I2dUlyRG5GdkppV2F0Tk9SNTNCRUVsd25LM1kK
+dGhuLzFnN2JDZ05aTEM1ZXp6K0k3dG1pdVBuNms4UjRCU0dzemFHTDAyUQotPiBv
+dCVudi1ncmVhc2UgcCAqa1xVXGwKSjcwMHU5ZG9EYTFqdmk0bGF1cVQ1QUVlYUJV
+K0Fvb2RiK1FpK2RBeDErWjhmaThFYWNndWtDR2U5eFF3ZGcKLS0tIDRFMHI1aGd5
+S2V1NU1UMGN2MzF6Z2ZUR0xEdHlBNWo5MGg3aFByN3NrZ2MK61WFEz2M9I38JC0R
+zMvY1Nw9CwpmUkRT7fQzH2LksXkMTv1kxsAy61xo8XjJerUeYjfNJmo=
 -----END AGE ENCRYPTED FILE-----
diff --git a/services/forgejo/secrets/forgejoDBPass.age b/services/forgejo/secrets/forgejoDBPass.age
index dbefd2a..43367ee 100644
--- a/services/forgejo/secrets/forgejoDBPass.age
+++ b/services/forgejo/secrets/forgejoDBPass.age
@@ -1,12 +1,11 @@
 -----BEGIN AGE ENCRYPTED FILE-----
-YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IE9Xa1ZYdyBibzZy
-TVF2MnoyblpvVmJtNEsvQnR1Y1YxMkNPakpUWmNUdzcyY283MFM0CnpkaDkxcFp5
-VGc1aWZFUkF0bTZMU2tHV05ZYk1JSnpPWmpzbXhHNFlQNUEKLT4gc3NoLWVkMjU1
-MTkgeHFteWpBIG82LzhFd2JsaVpHZVA5cFE2ekwwTU9JZ3hoc3ZoWDliUHdmK3R1
-V293VUEKSWpUYk9iQkpXSXNKcnhQSVJJbkR6RXdnK0lIWUdJbHZWUm9Fc1ZpZ1hq
-RQotPiBiQnZNWy4tZ3JlYXNlIDMmID00QyMuV2ggQQpGRk1TT3FhVFBldWpvRXpr
-Sk81d0RIYi9obUQ0cUxraXBDYmJaSWlKVDFPVWVHSVQ0dlNySjZLNG1HRktaNGVN
-CndEaHNNdVdqVFEKLS0tIG8rdEJ1VXpxRnJLUGkxblRwaXBJUVBLaGNrWXM0TkJH
-REYveDhLTmFyZUEK4ptpcutNLxsjRtwUIq95en3faY2H6GuLjtmDKP3Cp+gdOL31
-D0wzCw14zDU=
+YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IE9Xa1ZYdyBWZlV5
+WGlxaFpTSUF5dXozM20xZUZ5QzdVVmVOUC9rV1YySTFSKys0UWo4ClJ0RUxjVWNq
+Nktkb0hTNjBVVkgwbmJmeWFidHhXMnE4elQ1WllMNDhVL2MKLT4gc3NoLWVkMjU1
+MTkgeHFteWpBIERnRDVWKzE0cEtmV2RZd3NHTnRYbXZBZUZISjVEd1FRczFYS3hL
+cGg1bkEKMmpicDNFa1lkQ1pqQW1OZFNCeGdrOVJJWUFOWlBuZXhadGZRazkvWG5H
+dwotPiBxenMtZ3JlYXNlIEBEayFdJVEgJzcgOyFMdApaU3VoekdmaUc5cTFJY0h4
+RmdNSm5YcTlmZjZLUmRRNXJQeXV4YlFzM0dVWWxTS1JOZ0l4Ci0tLSBNWG5nZEJ1
+VFpuNHczRWF4UU15TEVrZzQydzJuVDRIbWU4M3FaZ1BFZURFCvPZt4lkp3K9Uwt1
+zTiWeel1vTPPB1qSYstgkp82FsvDMsqx2bAedAhc8eiH
 -----END AGE ENCRYPTED FILE-----
diff --git a/services/grafana/secrets/grafana-db.age b/services/grafana/secrets/grafana-db.age
index 8e877c3..d888e98 100644
--- a/services/grafana/secrets/grafana-db.age
+++ b/services/grafana/secrets/grafana-db.age
@@ -1,10 +1,10 @@
 -----BEGIN AGE ENCRYPTED FILE-----
-YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IE9Xa1ZYdyB2Mmts
-SGNkcnhPak5uei90a3ZoTlZyakxTUUZUV0xaQnBZKy82YStDbHhzCmw0Rk5MN2E3
-WFdsQ3NOSXJXY1RqQTJvMFh4Y29NblhPOUxGZWFwRFl5ZzgKLT4gc3NoLWVkMjU1
-MTkgd25FVXB3IFNMaC91cFZaNk53anZ6cWFSRmVYYm1DVFFEanJXejQreE5yKzFV
-bU13VmsKclpQQ2tvZGtERmRBam9DUXVrRkd3amt4V2psUkhaY0ZNUXBLeHFhSExj
-MAotPiBoLWdyZWFzZSBQbGUnfHhDXQpzcXdteFZrKzFEQWFmVmcKLS0tIHRYOXMy
-cXNnaUk0c3QrUHRaUXVNNWN1dTJVcWM4UWIyWEtuYWxRdk4rUTQKyaaS0dtamqzZ
-dPOcuIxUDx/G/lzes6ABI1gB2i+vr20/DvtTaNklcXHQY2BO4Q==
+YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IE9Xa1ZYdyBXVW1Q
+ZVE4V2UvWW1pQ3NOOWJ0S1VaWnhHRlFIemNOa3QzOHlubzN1UGxBCjZtdkJSOWxH
+ZXRKYmR5Q0VmSy9tMmFPOWdVaXFQcElHVWZwQ2J4ZVFyYmsKLT4gc3NoLWVkMjU1
+MTkgd25FVXB3IGFldTZzbFZqcm93dnRKNTVQWHZOMXBBT3dwRmZRQSt3NFlYc1NG
+SmtMekkKdXE4MUtkYzA1UG9uOFR6djl3L2lTRSt1cFZyQnJ2VFU5RHBWeTFQc2xX
+WQotPiBALWdyZWFzZSBRdG4je2xTYgpFVklHeEsyeGFKM0wKLS0tIEpqQTRLbjVj
+QW1kL1dtT0lxSnZ0UFNmajJ5bWtZOHNzNXoybEYyejlwaVEKgpYJEUuCz+AWecEf
+8GiHeRChjlT4rH7Ka5U/xvj58hvt9DvYetDIgLrm38Xr1Q==
 -----END AGE ENCRYPTED FILE-----
diff --git a/services/grafana/secrets/grafana-oauth_secret.age b/services/grafana/secrets/grafana-oauth_secret.age
index ca36679..a44a89e 100644
--- a/services/grafana/secrets/grafana-oauth_secret.age
+++ b/services/grafana/secrets/grafana-oauth_secret.age
@@ -1,14 +1,15 @@
 -----BEGIN AGE ENCRYPTED FILE-----
-YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IE9Xa1ZYdyBtM3Fu
-K0RUSmtPd0sxd2Z0dEZkN1FpVTBjTkJhYWI3V2dJR3FnZk1vaXo4CkgrRUNRc0ZO
-TXdhTGhkWVpobUY2eENGT0h3aDVpNGt1dVJJM2JrQ3pERkkKLT4gc3NoLWVkMjU1
-MTkgd25FVXB3IGhNYmZwdWp0YXB4VWdmbHh1TjlSNEljNFFSajRNbkpkaElwS0dj
-VTZTVGMKYkU3ZC9KZW54ZVFqTFk0S1dTL2JnVEFPNVBCR3JscjBLUWVWb2ZYNXJO
-QQotPiBEVVpNLWdyZWFzZSBKN24yXCBcVnYrXkcKcmptQ09wRlRLWEI2WlA3bnBo
-NExuM1YwTWZsd1JmN05mMG1wMjVmbW5RTWpncVZ0YUpwVjA4b3Urajk5TjJnCi0t
-LSB0Q1NRYjJBb0ZpNVQ3Q2dSZVFwYXN5ZG93N0JMWENjQU11QWxQWC8zZEI0Cpi4
-5dU4RfIEAsKkX79fe3Vjt7EAO5Qmszzy0N0Jlkagn/ZxAsn8Y4NVH/WmD4l3xyTO
-pzq5Cc6zL/TU9LMjcq1hXzwbQuueWkQTrVop+pfa5KRH1PCh4ntVVMIXBmlHpjoL
-pfx7k1PzTMwO0ACw2sClHM40kafeGG0Rb0SgmyyfcQtO/JpdgC1rLFAO+4lM+UlC
-4CR3D2IfaeL1ojFGKHgU
+YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IE9Xa1ZYdyBRNSt3
+Y3p2WWw0WUtXeG5YQ2VWVjA0M3U0UEhQYkw5TGdvQmdPcGQxTVNnCnVDYXA2bmNN
+R3hTQXJHVmc2TGIyTVFwVkdIU1UvQ0ppWnQvQ1Nsb2dJcDAKLT4gc3NoLWVkMjU1
+MTkgd25FVXB3IGgxRWhrM01FL3BRV0FkT0VmU2dzcU1HZnY3c0lTVHd5RjE4KzJh
+M2pKQTgKQ2l3eUI1RXdjWVRVRHdUTkFJaTVvT1FtMExJWmhmQzhFang3U0dxYThS
+RQotPiB9bEZWOjRPLWdyZWFzZSBbKG4gWzZfQyBPSEsgWigKaUV4VjBLdmVCbVNl
+bUwydWpUTnhOYWt3ZWYxNjhtUWoxMEw1R3dlNG1iM2UydWRma3FZemUzTG9USDI0
+VThmTQpUUXdCSFhUN1JRcHdscHNYQzdpamhQc2VycWE4ZmcKLS0tIGdoVzU2aHVt
+U2V1N21MRjhrQmtyWHdMbzdObHNlU29YTEJsaXhWek1WV28KXlaD1WpX0ZFHNDbS
+Wp6PLbR5W/qM6jhMr2D221KcI1XL55Wj51EHVQZwjywHi/S7iC1GwaUY3fYmXZfV
+RTvGYEubawKoMCQwM9qLw7xXg8sq91mXYLvV9yivMYtfINV258fcf7cPv91BOXio
+jjCKrJ4pb0ROMiWR5JHYHvWgdW571v8SuMoz9cc/EMacKpQBqPaF2Duo024M/O16
+zeRP+BM=
 -----END AGE ENCRYPTED FILE-----
diff --git a/services/grafana/secrets/kuma-token.age b/services/grafana/secrets/kuma-token.age
index 6099526..ccf0393 100644
--- a/services/grafana/secrets/kuma-token.age
+++ b/services/grafana/secrets/kuma-token.age
@@ -1,12 +1,13 @@
 -----BEGIN AGE ENCRYPTED FILE-----
-YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IE9Xa1ZYdyBMY0Z6
-STRvMWVUVDRMM2I3bkFsUEo3OFJyNDVPQzlWcHRFSVplUXEyaW13CnJoclhhL2Vo
-d1M1cVhLcXVpNEZzdmtsZUlTZjVMamJHdC8xekNzM01oWE0KLT4gc3NoLWVkMjU1
-MTkgd25FVXB3IGYyeTlEeEpTWkZsMFdvVzhlU2p0Yk0zMmtRL1ZRTHp5YzEwNk5q
-ZGNHMEkKaFNMQW1RTXJkLzlYR0Zjd09YNlhVVlhPV0tpWkJOLzIva0NsWGtGbHk5
-dwotPiBmeyVXdS1ncmVhc2UgPF9kIyNNNm4geidlbUMgL1R6Xz5YCk1rMnZPYnI2
-Q1Q4RGlDRDIxRmFaMStqakxud244d2YrMWttUUxGWVBuZVBrTHZMbVdHN3p6ZnYr
-eUEKLS0tIGVOUlJaZU01UGpTVXBxSjZjL3RuL3JlQWlDVkIreHZJdEZRTVExeGRi
-OHMKBgnrlp1sTW9RJkzeHCgKExVm909fmlzm4J0OkaJDTNBeehEZsRLg72J7G8Em
-u4FvLjakI+VMbsOJ5HmDsCXTGDLSJevK9e45o3Ik3sw=
+YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IE9Xa1ZYdyA2Ulhw
+NmszUHQ5VlVGV2VJYTdNOEoyc2hWM2RKbUJWdGtvQ0ZnZUx1Nkg0Cnp4YUFsWkVw
+eG0wa1puTkNBbWNzdnpnZ0VUN01tK29zcjJGUFFmUVkyY00KLT4gc3NoLWVkMjU1
+MTkgd25FVXB3IEhnYXdzaFlYNEUrZm1PcUtjbDZlMERORHlhNzdGTUJIYjdkQU9i
+UlFDMkEKMUxVbEFDTHJJZ2d5aDl3c2UxNU42ZTlTZzRpUlFEMWE5NFFpVC91NVdn
+SQotPiAreC1ncmVhc2UgUGc5OSBZcEM+Rlgga3N8YTgKV2pCcS9Bd25aUklDaGRH
+Q3M2MTdLd3B1YUZtb2htT3M3VXlZSld6VWlqUFN1azRsS296aWNLVmwvL0dVelhM
+RgpFcE04THVYdTdqOGlBbXdrTENoMUpzTGN0dnVCMWs1UmpaYlhhMjVUc0hNVmJ1
+djhrOE5jVzQ4aAotLS0gWW0rTUVKelJSZ2R5UmRvbGVDMHA3cS96WVI4aE1RbUFQ
+eG9iT243bXY1VQoJ0Wi0xaPoJ1uTAp/PpEBhspnoSI4FlOuXURMi4+OG8tbCg5LH
+jL20iYfhWvZgD1DOV9Z5j09n+XdGtPZsxf2VJtWcXxFtOnyuM67ywQ==
 -----END AGE ENCRYPTED FILE-----
diff --git a/services/nginx/secrets/cs-lapi-key.age b/services/nginx/secrets/cs-lapi-key.age
new file mode 100644
index 0000000..1894af4
--- /dev/null
+++ b/services/nginx/secrets/cs-lapi-key.age
@@ -0,0 +1,13 @@
+-----BEGIN AGE ENCRYPTED FILE-----
+YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IE9Xa1ZYdyBPc0Q4
+UU1TbDBWL3RKQ2VQRDZncE9sZC8vVVdESzYxNkQ0amoySFdNZFRJClVpS3ZaeFhP
+WVNpQXJQbWp2aDMyMldkdVczdkZCTU5McFpRMTN6NXBtQkkKLT4gc3NoLWVkMjU1
+MTkgbXUwZm5BIFlxK0RKY0plTmtGV2FYZHBUMjlVa1FwYkRkalVyUEsvREJ3VmFz
+SXVUVWMKZGF1eW9MbkhuajU5aFhHcml4TDVHQVZtZ1ZDbXIzdXRXNERmOGtkYm50
+NAotPiBGLWdyZWFzZSBaUnNXYQo0U0ovMWZTaXhZdy96dWRpY1lud3V3cFNoSnFS
+WExsWEs5VVI2NG5XcHI4eVlJWFZoQVpCVEs2QnkxT3p6b01RCmIrbjZVTWU5U2VV
+VHpTcVIxM01ECi0tLSBqV0ZTbndQU2xQMjcwQUxRR1dCQ2JsSnlpUzlrMmRVUXRH
+aytLOStjYmJnCg2ocDo5O53RoiV3p9kGD+NulQKb1+01Ay1R2W0Upcgpu132Rexy
+nwUvMrRbPgWUdgeUjkhKJ/ZR1gCVEav38aUsZugs39ndLYOwpluw5lUs+i2piB7k
+rOC+NhPXSXJLMb4vKdkkioJehv+VbSZ9M4PW2vbsziQAhfWErm7RAi/FvtoUdypT
+-----END AGE ENCRYPTED FILE-----