From 5a8161e086232c5d2262fc53a005464d16006eb5 Mon Sep 17 00:00:00 2001
From: Mel <mel@rnrd.eu>
Date: Fri, 21 Feb 2025 00:04:39 +0100
Subject: Expose DNS server with additional DoH/DoT capabilities

Signed-off-by: Mel <mel@rnrd.eu>
---
 secrets/internal-tls.age | 12 ++++++++++++
 secrets/secrets.nix      |  4 ++++
 2 files changed, 16 insertions(+)
 create mode 100644 secrets/internal-tls.age

(limited to 'secrets')

diff --git a/secrets/internal-tls.age b/secrets/internal-tls.age
new file mode 100644
index 0000000..9739177
--- /dev/null
+++ b/secrets/internal-tls.age
@@ -0,0 +1,12 @@
+age-encryption.org/v1
+-> ssh-ed25519 QWV68w Zg5WaS3I4moNEdTVL4P2vOP3x167qcglRtcI+alpgik
+juZiGCS7mt69uYw+FPu48MJg6gPcUvkpIP8u75n7nFc
+-> ssh-ed25519 ztr2Fw gbBZeff8Le8yZjLK7FhRtXoSse/xLt3jXOv3EpOp7Hw
+yoq4YvmmLdXfkjKqcNB4RCFe09pFCYzhdAF1CH+hhGk
+-> ssh-ed25519 COVM9Q 3qjc1AURNkmokmwA1w4w65zoPb0HXPxMzq9qRWBd0Gk
+QmABFr6ETCE+nVgKQnFMdHaHj9x7iKdjc76V6hNI3LM
+-> ssh-ed25519 aV3pTQ MesVv49L93aUOkq29Dn8x8Qet2bJAtwJNdNgsWJdcXg
+qMy/C1oWQEt/xfwi0qqFiW5zOzTHtSF3Dtw8vcjjQBo
+--- oYdUWwxwhjtaCRtaSmcw0CfDcGpsBoFQ3gEPFinp+kU
+¥hrë•~Ï²Ù»þ¢Ò«×îcž¿wR“F¯Ùí›n¯0-Ãï£Ø”‘‘6òCl£‹B5Þ¹ÖcðÆ&<-}²ËôÌÊPÒŸƒ¯‹XzÈ5’Xq¶“µ¸,¿ ŸŽçôr´9çýÊ^0Ôä6¦–Ÿâ‚yOï;IJ\H©PV™r«Âw÷`rñ%’ÌÏ±³ˆÝû[ì‘²Líƒt—ØpçÝšÝ¥5 H uOœk£d•­ªÛó}:…+eÕò#!©ü€ØjÀP¯¹U¤ñýC\•ÿÓW96ƒp‰…®p0}íiK2²,ÿ•]éŸjÝøP¾œŒ^¥
+1yY,ƒÜ¦i•ßá¥ß¬Ô¦Ó&¹ „ìÂ±sÌ®¥2HMYÙ±J{­Pƒ¿—è{¸(6“ÿ±JàÃ@iÿpbRÃ@zFì-&»Æç]ÍTÎ‹
\ No newline at end of file
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index 1b768d4..704213e 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -23,5 +23,9 @@ in
     corsac
   ] ++ allAdmins;
 
+  "internal-tls.age".publicKeys = [
+    corsac
+  ] ++ allAdmins;
+
   "password.age".publicKeys = allSystems ++ allAdmins;
 }
-- 
cgit 1.4.1