cheshire
/
hscloud
forked from hswaw/hscloud
1
0
Fork 0
Code Pull Requests Activity
459 Commits
1 Branch
0 Tags
55 MiB
Commit Graph

10 Commits (cb96eb6df661fdc0557e323062ffe03b594125fb)

Author SHA1 Message Date
q3k 02aae3628c hswaw/kube: encrypt keys, update expired keys 
cz2's key has expired. Removing it for now as there's no easy way to
force gpg to encrypt content for expired keys.

Change-Id: Ib27b9a09385fcead1ba2d48ebf45426038d8b647
 2020-02-18 23:28:14 +01:00
q3k d493ab66ca *: add dcr01s{22,24} 
Change-Id: I072e825e2e1d199d9da50b9d38a9ffba68e61182
 2019-10-31 17:07:50 +01:00
q3k 29afb4cc51 secretstore: restore implr 2019-05-19 03:10:25 +02:00
q3k a9bb1d5b5b tools/secretstore: fix decryption of updated secrets 2019-04-28 17:13:12 +02:00
informatic c10f00b7da tools/secretstore: decrypt secrets when requesting plaintext path 2019-04-09 13:29:33 +02:00
q3k 73cef11c85 *: rejigger tls certs and more 
This pretty large change does the following:

 - moves nix from bootstrap.hswaw.net to nix/
 - changes clustercfg to use cfssl and moves it to cluster/clustercfg
 - changes clustercfg to source information about target location of
   certs from nix
 - changes clustercfg to push nix config
 - changes tls certs to have more than one CA
 - recalculates all TLS certs
   (it keeps the old serviceaccoutns key, otherwise we end up with
   invalid serviceaccounts - the cert doesn't match, but who cares,
   it's not used anyway)
 2019-04-07 00:06:23 +02:00
q3k 41bd2b52c2 cluster/secrets: add implr 2019-01-17 23:37:36 +01:00
q3k f3010ee1cb cluster/secrets: add cz2 2019-01-17 21:35:52 +01:00
q3k de061801db *: k0.hswaw.net somewhat working 2019-01-13 21:14:02 +01:00
q3k f2a812b9fd *: bazelify 2019-01-13 17:51:34 +01:00