Add a bucket for terraform states

This commit is contained in:
Nikolai Rodionov 2024-10-16 18:35:18 +02:00
parent 6f941b2368
commit 76cb1aed4f
Signed by: allanger
GPG Key ID: 0AA46A90E25592AD
2 changed files with 42 additions and 28 deletions

View File

@ -1,27 +1,30 @@
rootPassword: ENC[AES256_GCM,data:H6gFoNxw3Fjc5Ofn7c6jF99bbvY=,iv:J9zahaE9qdZDSG9JmZx1jtlaaZGawAbtueSlmCUj/FU=,tag:qrQHjpoG7nXcRK3zoEWqJw==,type:str] rootPassword: ENC[AES256_GCM,data:MRpbGapXvs6Ho6kBz7HpIQ/rwxc=,iv:xbuvxa9pWaa5anN2P9nv4iq8aymffZNv0rzZx9YM6Lo=,tag:RkRdJSxyAOsDAPT1sPagBw==,type:str]
users: users:
- accessKey: ENC[AES256_GCM,data:LCAeaA/w7VE=,iv:c1b3EhvX6CU1uM3xONB/v4RZ7XrdGBDyLLp8D+fGqkY=,tag:ZRT/jm45n/oWbse05CsQQg==,type:str] - accessKey: ENC[AES256_GCM,data:McoZzi3LkJo=,iv:jg2VmnIw8WC99wK9Khlsbr5iUrEAQypkYu7WVaUyAFA=,tag:qSL0Bh2ukY1L9P21t1ZHeQ==,type:str]
secretKey: ENC[AES256_GCM,data:tr5E53Y4uVUK4onO4HJPJB5rNw==,iv:SMxERlNMX+r2PLQ4sF2hqOIFcu7Dk5c8rA+Zki8NAWQ=,tag:ia33MftRyjbsc+pS4b9ihA==,type:str] secretKey: ENC[AES256_GCM,data:JQgXpiVENMZaMo0DAItc/9C7Lg==,iv:iKiX5ZuS4h80/gnwVSVucDxhd28KkbX9ocu9xh5dJJw=,tag:Apy51+2BpjtJdpPLdfyt1g==,type:str]
policy: ENC[AES256_GCM,data:AwdruRAck7s=,iv:CtGRo2nsO6t4EH7KgB+aeIh+Cjz+A7VGI7ZqnaYjSq0=,tag:xmGzbfcMSQFc3jMULe7oVw==,type:str] policy: ENC[AES256_GCM,data:Dl06BtxOuDc=,iv:aIum0yH0/XtfF/sOKKu+dNkBVzxKn2xRnvMKTOm91DM=,tag:JyQ/z9/m553LIID/ODf8ow==,type:str]
- accessKey: ENC[AES256_GCM,data:YYS2,iv:4kqNzeBcwIKUj/4c6FQmZzm6X8pmps5mSd7ghQ0nFE4=,tag:wqjomvit4lMG0GnUWCtNLw==,type:str] - accessKey: ENC[AES256_GCM,data:HNdC,iv:beX9wt+6Jv6OemBAPdCdWX/Gxy+B/R4kcZdw1ZoN2Po=,tag:hBh7lrEgU16bRJ9gxLb8xw==,type:str]
secretKey: ENC[AES256_GCM,data:yZfe8xaqZZqB0E2homugL1DTjFTqt/rQNA==,iv:OyYHz1S7twRdQbklYsda7vErGt9jfrT0+diBll2t+cc=,tag:mhed2NBCURzavv4ONNg2ww==,type:str] secretKey: ENC[AES256_GCM,data:sG95JL5aMx6KwL9IR85m7lFk0Xul+ufbKg==,iv:4fJwt8P0RdnyTCXnOcwawu5+tK7L/CtcKYM8H1ZURXc=,tag:QNFUu/Tid9hN8GNyonBqWQ==,type:str]
policy: ENC[AES256_GCM,data:mE8B,iv:MMvufe5Oz25NPRDWWAPfefGxrD2EFROdzmdyqas3Bbk=,tag:w5AHEkh9nTJFMqrhtS1I3Q==,type:str] policy: ENC[AES256_GCM,data:3Jd5,iv:fenkoWP8QYCfvdNb5yYyqcJCkhqUei5lDnUYYRnDPks=,tag:F3B/JN/k2b0YUvgchItIoQ==,type:str]
- accessKey: ENC[AES256_GCM,data:jxzKaeoqz1VT,iv:QtukHCab73nJogtaR/ublLXWjMAxcchx75pj1HmzUl8=,tag:I2V/g75k9hsw8KgJPnso9Q==,type:str] - accessKey: ENC[AES256_GCM,data:ilw3a4CCL2JO,iv:H1rOW7EA57rqJApOd3bYxHglZ9x7FuqIxTXh6DkZFRY=,tag:kHR78DDa+jsp0tHmz6qmwg==,type:str]
secretKey: ENC[AES256_GCM,data:9N4opWHpfraM+UAbvbN0Ndtbeb0=,iv:6ZS8u7ZIcC1b+q/pfrZLQH5HVkS0aMjS9ubY3QiU2NA=,tag:0dZSXLaEQMfFZBvxN213Xw==,type:str] secretKey: ENC[AES256_GCM,data:3XpEgsBy95k46AOydT+eC/gAS+Q=,iv:OaFyatG3wOMAPIxZFMLWfA8+Htw4W+FwVUFM1bXRc/0=,tag:2yZ2mGGAFYtmCscnJiZR9A==,type:str]
policy: ENC[AES256_GCM,data:NQLHs60CZyxI,iv:lNImrjcqBwJayWOUNqRgpsP2Jc/xQ8SN51EbYSgdVC0=,tag:s9/Uz5DZaIPRXoAGD7SvsQ==,type:str] policy: ENC[AES256_GCM,data:MxTzdjHZINi+,iv:Ay/r3BP/f3viVbYCbqyYFdIGeBVMRrLUH579VA+x5Hs=,tag:llpf+TNjoR5dgRVKWafbrw==,type:str]
- accessKey: ENC[AES256_GCM,data:dTlMzwU=,iv:wWrmA0Ydjm5eXzjosLBB5I1MJm5VLw/Orn/mKLJo6gg=,tag:2lp+yujTvpS4KAln3s9pNA==,type:str] - accessKey: ENC[AES256_GCM,data:ddLUXeE=,iv:p1CtqvI29uFc5sYkUBz6Z+Pzlf6+eEMxM0TKwiHP2PI=,tag:dOO6dUAHNRScBUPoEy1SYw==,type:str]
secretKey: ENC[AES256_GCM,data:SLjohW/AizmolWpE6Yu/03LB+3n2znze+Q==,iv:qaLV4iFsY7EqgqySNfbbjhnrhA2bz4C8tVWnQ6ercts=,tag:wUPjyob6X+Zq9OkQKpEumQ==,type:str] secretKey: ENC[AES256_GCM,data:DF1rWr6UmI8R8P3iRTA7ykOCSF8slT113g==,iv:kw1yIzFKJT/dAyulB7jhzRk8EiZBlHo8Jb7tlTigZ8M=,tag:Te2Kfw0O06xkUghpgovbXw==,type:str]
policy: ENC[AES256_GCM,data:FFF8EGI=,iv:16njVrSGw9ZEEQDTs6AH8Lvr/se+2CSEUQJOar4+sWY=,tag:fehozEgXBFtCq/U1dAPa9w==,type:str] policy: ENC[AES256_GCM,data:0MFxBGA=,iv:Tggkq2LWG1OM0LDQKUnr96YGRAfDTkwijg2dumrJTHg=,tag:smbfXnFh2KsxVoXSlcHI0w==,type:str]
- accessKey: ENC[AES256_GCM,data:Lz9Kbh61T0sM,iv:QAE9uJNrg7zMQ1b22/qRfpXhZGXe3mV9fE6ENSEO2uc=,tag:h++/pQXiX5OnAak3kmPUUg==,type:str]
secretKey: ENC[AES256_GCM,data:QNA8V2lpGAkVoXiG//iY9QBECDTlY6eqkg==,iv:94EYRBe6aDfmGT/O8Tze+FMdZE3AOztl3ZOwMd0Ezbo=,tag:6VZAgvbuW4uQHExsZg3tMQ==,type:str]
policy: ENC[AES256_GCM,data:nwG27SUYS3Ay,iv:8gnFwHS4t8XZX0IXJc4dlWTqH4BrT9MaJzUZz/cpGPk=,tag:vGZUgJtvvthvs3ZhdVLjtA==,type:str]
oidc: oidc:
enabled: ENC[AES256_GCM,data:0u1FMQ==,iv:f6PXoX8EAEN0ELKVXurqnv0TYo+w8IOT2+lJtiujsU8=,tag:GckqekNB99PywIj8TNmk6w==,type:bool] enabled: ENC[AES256_GCM,data:CgF67A==,iv:oyIIS/oiNIAxBxw0jZy/pGkXBvD+S3hW3+QB2Fny4oE=,tag:/NeeyTeXOHugOlBtXKWhHA==,type:bool]
configUrl: ENC[AES256_GCM,data:Dq/m9B5B+JNN/fG5GbkcKTKc76/RFPmsq0Y/uXOPa7Y+PKCNVx4+DuMaFmlkGkbyitHj9YK4H0NwiBAZnGN20A1ASNskyoePr2sLEkQ3tOCtbh9q3l0oCZ0=,iv:F8sKtK+zAgXsADV9ulSeXaloThVgmx0PHj0OXTZPsGY=,tag:F92OIgho2jxuRgjmoPVdVw==,type:str] configUrl: ENC[AES256_GCM,data:xiIOfOvDffXlbJIqA0RWTGfooop2BemoP6c7hTB2lEw62WqCgCTNct0VaIvuJvJELqJzfHj5U0T7Orv6dK86csOokqtTmD48SWYH/g5jKoul458EUCMX+Cg=,iv:f3bZk+fUTUovE8LjWTX8c2Q241j5T5ok/zhp4Vf/jhE=,tag:YwbLBjOBaH0MT+aBPSxSdA==,type:str]
clientId: ENC[AES256_GCM,data:H6ZalZ8=,iv:2+N9qR1CAJgWkC2Vk20jPRUmeIXLGaVQ2uOg1UYRk9U=,tag:/VoSfYEoI8ev7S2umYIDsw==,type:str] clientId: ENC[AES256_GCM,data:+uy316Q=,iv:I4pA2kOvDMbJJuEvcsTncT3gv52EMVGNIxPa/92DhW0=,tag:BiAIrws9ZNqIBQ7Ha1nsjw==,type:str]
clientSecret: ENC[AES256_GCM,data:SWPrWZOyOeZzpio9hFT6SE9OPzfNAmrQNEotFt9fqP/AeWVwAzx1zgzKrKIHAHAUvHQ1aAbxzT/Vzc9B1iINdaKpB5tY9SNPT9gr0CW0cYj15qZQviMWqGXHhlq4LSfK3M/kHCGmzbwb5qOnCDZx313LsIorz0dyOITh7ONMc5Y=,iv:63tI2/hBslrQrtunDRhVOVoGXhlCAL3AxQfmtAgSfVw=,tag:mJNpBVHy5GDvDMED4d5J7A==,type:str] clientSecret: ENC[AES256_GCM,data:+7lFxNJN8O4KBqlSx78Y1ujmEPKseEoMccYOKmNPfReSmaJ8Eet3Th7nD6T6NEC8vZ66l/e80GaNm9ZhQbFDSJwuOpM5iSRSSB4JMkCNCUXbVPCFaEd+Fvg4j5dlN0TP6m7WHjx2cL9Ll4kEydzz1vpGKv8eTBPcJQc208f2Tw0=,iv:hU6YJKqBA5vHVP6JrH8kvBEZz+xJe+IiU7cZQA1JL1I=,tag:oghnQZoC9uw/BFOv1w5Rjg==,type:str]
claimName: ENC[AES256_GCM,data:jjWJLHzO,iv:jKDsP5gqRBP5QYPczzsARMB5zZysCsAjgmRWc75xfXw=,tag:2lwbjHaFYy3erhqWV5upQg==,type:str] claimName: ENC[AES256_GCM,data:vHLuLgrw,iv:P2MXZa0VkAV97klRrYaSQ3hAJXGnnxWs4Cbcx80zOzg=,tag:JfBwQCDo65JKe3r5I2NrFQ==,type:str]
redirectUri: ENC[AES256_GCM,data:CnxlaJLf3rp3dEmz+4WbMWYy3wgrbwplVGj1boZDCz4zsw5urHEJZ9G4V9HtVZ0=,iv:hGvhb6aoxbMN12p5XgXaLa0uE557ZxUYfdHR8/y4ZWY=,tag:+xD5fpMEEGCsFBKxfN+CeA==,type:str] redirectUri: ENC[AES256_GCM,data:KbeLxdRCaKyVUfZt1MXH4LYk1+6BAR+NsKe2hymMjS9m5BmqX0bqa9QRzRF+s7Y=,iv:4WiLKtJhfHiKv5ULd8MofSrdW0DmmlJP/+lAerxtt3k=,tag:zx7UJ/ZaTK2gGVOKQ4CLIg==,type:str]
comment: ENC[AES256_GCM,data:iWplne3ZDdi5/MGaksIUSyiqRpg=,iv:HeCLXyP60uyCOLrkPazg+Btm3p/ebRsSWb5oI8R7k54=,tag:eNeCzZe+630z0io/NHCn3A==,type:str] comment: ENC[AES256_GCM,data:5VpKrJ5qbndr1B/r3rzU1Hv7ngA=,iv:Oh2gDnyxVJ3S9Ufu1YHwocCcdPIobLRlxPOypT3Yuo0=,tag:CordNdO2MAJB30fNwsOB9A==,type:str]
claimPrefix: "" claimPrefix: ""
scopes: ENC[AES256_GCM,data:AAS04fWVH+fHVekQGegspGufNLJN0PXNfKIg,iv:zt7rAhgwD/dOx9Fa8/6Dwsx7pwzW0dh3o9tDF/4Ap+U=,tag:9e8YsIP4iSDAhl/+9TuLSA==,type:str] scopes: ENC[AES256_GCM,data:v5Rf5T5K5XyYPXD7GJZ8nNz3ZaNc7evO2d0r,iv:G+NUVJnyODVO+Gy5ecVXWo3UrprwojRRrN67LiY51RU=,tag:aA2e0Y8335ADRoAWMIg9bQ==,type:str]
sops: sops:
kms: [] kms: []
gcp_kms: [] gcp_kms: []
@ -31,14 +34,14 @@ sops:
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8 - recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
enc: | enc: |
-----BEGIN AGE ENCRYPTED FILE----- -----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvd3l4NGFjOFZScUFNV0Fu YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBuY3RDMmVQZEVBYmJIZVhv
R1lhWDNDd3p4VHQzbjEwZ1hqSnd0bjNlZ0I0ClZaOWd5YVp0OFJDMzlTQ0JNKzlR ZEowZnZMVC9iYUFES3pyZmUyaWROTEdqYkhrCmMrNlNIUHIvR09GQzZqalZETFpl
cW01WmgyVnZycXdSRUUrQ1FkZDk3OEUKLS0tIE9ER3lHYzlBLys4Qy9JczNtbUpJ Vmk4L0Q4ZXB0b0pCK0h5UFdjR3E5TkkKLS0tIHlSeTY5Umx6VUtON0hBSTVNQUNo
eExDQmd2M1Z5UzUraXpMZkJHWnh6L0UKz5dTiwNAO/S/2JI5XiNgnp0njSryES89 Uis0TjF0SnZnYmE2RTBDWFdlU3VPWmMKis+XR4MYZeyAlkosYsex0YamztWAuJrk
XKVf7MFj4EMIMgQNJOO6AcVdS/FDuJ8I0DoI0Z/VUPTfnOSl8Tp/xQ== uY1FZlWuTQCilZZ4xTPLLJ6OEOsTRftQm+j2Fg/51Ooa0X8Oj67HBQ==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2024-10-14T08:08:22Z" lastmodified: "2024-10-16T16:33:20Z"
mac: ENC[AES256_GCM,data:kq5Au0VMwvP8s9DXn34FwNLjSNm9fsFYKK1aLpvg9GhBgcrlXIJX013bUvUcL/vJDpcu1cNA+vtgcF4OxRxmT3T8uiXdc8/V7c7n2SewOujPndn9Y3Wy4JWrmpivkbzvxo0ka/MbsbRQcBmDjeWWuKBpNysbhlXdBXXHSrLW94w=,iv:Ny22ZNkN04cJmtiI5mrMt8ibXij45McvwaMfA+xkB10=,tag:2Ge9puLUCNrmcbfPLuAkDQ==,type:str] mac: ENC[AES256_GCM,data:gEdkpSFifCnTEwPtcX+aJlUMloSOwPHD8DXlKtK+77A2yCQAbzazJz7055Fz3Kfvt2xTqGt5/ZK7CkifR7DcQSFJNIWJYq8LAkV9LbXOrJQfF5EHUifDRLHxTXXPazpS9ldGZU3/ej132KurBbESsbbTQ1mvALNgwEUoOkES86Q=,iv:8ZyBqZYjBniWrg4B+7BmI7NcsSKFsgzUZIXveoU29QQ=,tag:bxi9he1q631uiB2GjKNXIQ==,type:str]
pgp: [] pgp: []
unencrypted_suffix: _unencrypted unencrypted_suffix: _unencrypted
version: 3.9.1 version: 3.9.1

View File

@ -115,6 +115,10 @@ buckets:
policy: download policy: download
purge: false purge: false
versioning: false versioning: false
- name: states
policy: false
purge: false
versioning: false
metrics: metrics:
serviceMonitor: serviceMonitor:
enabled: false enabled: false
@ -186,3 +190,10 @@ policies:
- 'arn:aws:s3:::gitea/*' - 'arn:aws:s3:::gitea/*'
actions: actions:
- 's3:*' - 's3:*'
- name: terraform
statements:
- resources:
- 'arn:aws:s3:::states'
- 'arn:aws:s3:::states/*'
actions:
- 's3:*'