19 lines
667 B
YAML
19 lines
667 B
YAML
# SOPS encrypted secrets for amzebs-01
|
|
# Edit with: nix-shell -p sops --run 'sops hosts/amzebs-01/secrets.yaml'
|
|
#
|
|
# Required secrets:
|
|
# - borg-passphrase: Backup encryption passphrase
|
|
# - borg-ssh-key: SSH private key for backup server access
|
|
# - mysql-readonly-password: Password for read-only MySQL user (api_ebs_amz_at_ro)
|
|
#
|
|
# To initialize this file, first ensure the host SSH key exists, then run:
|
|
# sops hosts/amzebs-01/secrets.yaml
|
|
|
|
# Placeholder structure (will be encrypted after initialization):
|
|
borg-passphrase: CHANGEME
|
|
borg-ssh-key: |
|
|
-----BEGIN OPENSSH PRIVATE KEY-----
|
|
CHANGEME
|
|
-----END OPENSSH PRIVATE KEY-----
|
|
mysql-readonly-password: CHANGEME
|