diff --git a/build-iso.sh b/build-iso.sh index ccf8d53..0f31592 100755 --- a/build-iso.sh +++ b/build-iso.sh @@ -41,10 +41,8 @@ error() { exit 1 } function envsubst_in_place() { - set -x local _filename=$1 envsubst "\$TARGET_USER" <"$_filename" >$_filename.tmp && mv $_filename.tmp $_filename - set +x } while [[ $# -gt 0 ]]; do diff --git a/secrets.sops.yaml b/secrets.sops.yaml index a12026d..ae75319 100644 --- a/secrets.sops.yaml +++ b/secrets.sops.yaml @@ -1,4 +1,5 @@ LUKS_PASSPHRASE: ENC[AES256_GCM,data:hQb2+WHc,iv:WlYVzMqk3TAfnjMkIYaO8KgrxmCAXrCizsdXf4tk2Uc=,tag:rHL6h3/Q1QR7UHHMVXRXAA==,type:str] +#ENC[AES256_GCM,data:xDdtkwj4qwd2qYDUrYavbOtlBfo5kxqaBNcY1z0roxxL,iv:2K9jm4JS/JSOUmf3lViX57dNmRv6QtorVCNRPA0+pwE=,tag:IiX2UvrZOu9V0BcCVIB+lg==,type:comment] USER_PASSWORD_HASH: ENC[AES256_GCM,data:QIuXH4DNq1Ze953ujkmN+1NnybSiy3m006fT73DKdnvl4KtZs8Vy03axndGeRI+GiKD8+qGhdEoF82jtEeYGdvmJTwVx6wG7vmnGpY8k5Fq2KVQuOcfDlS2yAMd5juAZ8juMND7NfH09YA==,iv:w11BwtmKVlracTKtRuYxMqul49DPARUdoD6uzuJaC4s=,tag:S2bFI/jSgImkOcV3TyAEsA==,type:str] WIFI_HOUSE_PASSWORD: ENC[AES256_GCM,data:STCwx2Qtim9M,iv:zpuaiGmlJayuYhx+/KTUa43NQVo/qYF2n3B5ql92JR8=,tag:kFfDMclnZE68/YEHM8en4A==,type:str] NOKIA_WIFI_KEY_PASSWORD: ENC[AES256_GCM,data:uYolfxM8L/oH/hBxo40=,iv:gykJUI636NV4UCtdfEhAJC4gIrfNWbT0qF52dMz0bnI=,tag:R77mpur+JSvNPAAbXqlXMQ==,type:str] @@ -22,7 +23,7 @@ sops: WnJIZTZZZnltdXBvUmY2WnNUeUQ4UEEKd6JetWdvpQ9mqmwhHPTkScnGUErvlnY8 qj4x80YNrnUarQnTial0gk3o5YfpS33pmpLkZFMmNtKl80QCT14cpQ== -----END AGE ENCRYPTED FILE----- - lastmodified: "2026-02-26T09:50:00Z" - mac: ENC[AES256_GCM,data:+TNnpcRacAEYkM0D1Yk+cq/y4blOWqDOCZ80jkSeFY1Q0u2RFM2QyTMhnJrvufzJnZ6YkGd0IAGjwRJDOysOEjiNF+UwYgP1hMDicYg+Akw5S5VkeyohY+buhxC8ZAafl7kqtM9jCxAe/ReJ2NTagd8l/weKuM3XPb+UOcK7e4Y=,iv:U/8+9yW2aGuyFmYV5sjMHcQcohJmwGllG+3bOmUwi54=,tag:VVFDQmUfIJ12GKUWq3ZLVg==,type:str] + lastmodified: "2026-02-28T23:23:56Z" + mac: ENC[AES256_GCM,data:+9WonizVvaaUC+uWbIF1peakew8fvV8/Qqi0AYOKCY3lBpwTMiORZGyhl3qVeHRCA+D1xO+4CdkHcGWWrOH6pZ+Ewyzaomh/AZuwBEJjGGIr5iWSSS4LuRQj+0WvjbYcQL8ePfDnlBVh6Cm6j3ihe4wPfPOX5rWUyUFzGdSVGM8=,iv:HNlP3pKVXbkgW9Og1Ac5hHUs5MGGml6l7lbJDIrYX0c=,tag:JyUSu0Q+1QsQ2JTolubTsw==,type:str] unencrypted_suffix: _unencrypted version: 3.11.0 diff --git a/secrets.sops.yaml.example b/secrets.sops.yaml.example new file mode 100644 index 0000000..cbfd67e --- /dev/null +++ b/secrets.sops.yaml.example @@ -0,0 +1,11 @@ +LUKS_PASSPHRASE: passss +# openssl passwd -6 'yourpassword' +USER_PASSWORD_HASH: $6$vG.... +WIFI_HOUSE_PASSWORD: passs +NOKIA_WIFI_KEY_PASSWORD: passs +# base64 -w0 NOKIA_Root_CA.crt +NOKIA_CA_CERT_B64: b64passs +# base64 -w0 .ipa.nsn-net.net.crt +NOKIA_CLIENT_CERT_B64: b64passs +# base64 -w0 .ipa.nsn-net.net.key +NOKIA_CLIENT_KEY_B64: b64passs