From 9924811dc0c0c6c7bb252e9f17fabe16e73ba5f7 Mon Sep 17 00:00:00 2001
From: Gabriel Arazas <foo.dogsquared@gmail.com>
Date: Sat, 3 Dec 2022 13:39:56 +0800
Subject: [PATCH] hosts/plover: remove GCP KMS key for secrets

---
 .sops.yaml                        |  1 -
 hosts/plover/secrets/secrets.yaml | 43 ++++++++++++++-----------------
 2 files changed, 20 insertions(+), 24 deletions(-)

diff --git a/.sops.yaml b/.sops.yaml
index a2deccc7..8810fca4 100644
--- a/.sops.yaml
+++ b/.sops.yaml
@@ -9,7 +9,6 @@ creation_rules:
     age: *ni
   - path_regex: hosts/plover/secrets/[^/]+\.(yaml|json)$
     age: *plover
-    gcp-kms: *gcp-sops
   - path_regex: secrets/[^/]+\.(yaml|json)$
     key_groups:
       - age:
diff --git a/hosts/plover/secrets/secrets.yaml b/hosts/plover/secrets/secrets.yaml
index d0f33d4f..29433be2 100644
--- a/hosts/plover/secrets/secrets.yaml
+++ b/hosts/plover/secrets/secrets.yaml
@@ -1,44 +1,41 @@
-ssh-key: ENC[AES256_GCM,data:xkKDGZtID/MVa4RlNPOjiqkVYCsVqZp/Mn6IrT3gKa9tLZ7/+jA3Lnr0IochxfTrrdmoymJk6UqUT+9zjeBzQ6Wt0yrwTJwmAesR6E1sTTW7LDru+72Yur5D0Ov34p9wL6ALefLP/iEmYpoz6+tONcRaY8sXri8EDMCqB1p5idMHWjdzMztFBBp3suRfS/CgHdmJCBVcElNtnIAACWe4ppWr7P8iixVC+PP4sTPGnYh3bvtOK22sZqiWcwmtN0Btqgw0hPkwyqpnV42CXgVIOm85alZEiIVMVAjIXDnhCIyb+pTnfzKvVBs6YXABxphR9pC/uSlctl18bqrOnGnFJL4CRylC0wyqErEP56G/ypj7UZbC7O2ews45cGspvx5A2vJdzL5/mxs0QMH/llVgDUYYTVEb0BWS+31Q8zViSDGUNVn+MTIir7DXCveck/5PAPwbYQmck7ghtT5yk5TpMMD9+Yc4jBSVtrLuo6b35QQzepT/X4j7zVf4vwxO3xsJbJ5Tu/gc9zbMn6nZKF+S,iv:ffYR1jqrwm94SA9OlRwjALcaGvw4tcrJDdT3YhpM2Qk=,tag:bzb4kHxek0T51GbGmG4fEw==,type:str]
+ssh-key: ENC[AES256_GCM,data:hs0QGeppPB7fkhPKKHxC9B/gxwOKuJFUsXbcClFpP9mXCtsXj9PiKHiO5D6tA7XyhdGZVuaR/vES9RZ7iouHOWHd+yeqQYn1imXdb8KQyNG6SZ6O7M0XKuEzDPjCLXDLQAovhu71kk2/eqmQH0nieHMI7q4CrcV58/274jS1xcSVBnWVN+/OYr4Xp+StU0ow3kNcKbtCyt2vQqX4JU+g85U0eGsaowi890zYHproFhZUbUop78NLMOi+RNKfNDRfhft/F/MHXDBQkFzlT8VDvZEN0PxX5i/hBklRj4TmSXx7cOslde5m2AEKf9/jKQg8fyZ+o1q0PsSlBFu3n9yZvgpGXWunPB0AXuIhJ+wBAfq7c3bvNjJJcTDmTJYzHhOEuHN9ZnCeFujZySMrOyNAM+GAW5d47zwS9lsKXt+DuTCgegnkWyuewPOpt42idjcVzHbHKyonynITWPZGMLZQZkaidJy9YNfdG2XSQZ9Hfpd0ihkI2ZqVcxdwEhPpf8mjuPFpGUN/M3H/IKeP4o/A,iv:ffYR1jqrwm94SA9OlRwjALcaGvw4tcrJDdT3YhpM2Qk=,tag:yEYo8kMgQlIzJe1A3i6jXw==,type:str]
 lego:
-    env: ENC[AES256_GCM,data:QUAhhPoHOW2Vzi3UKBPpYOLJYpJveOTqll84gebXH6E4VPa6XQ7CJxUN02cKTmMcq/eavtAzYD/NMxMVHPGu14co2b7vKWY80MHcKVgSOX1r3jeF6H6UCGoUigOobTyhUQe20i4Aab4btvhO3KRZ8Z/niT2uWnihhVBE0bUrCzDDK/awyZSfvrSknc0KojrgUr86z1b6tf3fxSPM8tR+cnzH/SgzOmL4LoqN0t4/pyOt,iv:JaQ/Yz6nGUN4AAqnZWjnOZqfS59WwzOvpqyLWiY6grU=,tag:V4garlpvnO5W681yX4gcyw==,type:str]
+    env: ENC[AES256_GCM,data:P47pIM0H4GJht98Coo6H7anqUnBltUL5v83hMM+aHyk6fjM8C89vq1diEs6/YB4aw2Wf/XahW7fTzvAc3A0c/BtEiGmVwF0Zn4M+5ppO9VjnyOd93pEa4X3S+uflsv6OXyCfC9m4IeSBzbVnHKMg6e8y6CY2ZXZjsdUn/11pfItveMYTlpcNOFYd3a0x9CYFFBYLHzKTAZy/Eawov87SgiWDVhkEXAQIOeJ+VNQwNW6f,iv:JaQ/Yz6nGUN4AAqnZWjnOZqfS59WwzOvpqyLWiY6grU=,tag:1JbZYbRh/qdpTToR0GO/3Q==,type:str]
 sourcehut:
-    network-key: ENC[AES256_GCM,data:8W1cHjGGsvA8p/z07fS9QcPi5WI4Ho1lq5clQ5rFJMDyoWGBnxQ3TJ8eB/I=,iv:44VlT5ID8KXDquDOZMIEPBWl7r+JwbamRdqhBsFO4Rw=,tag:vEV8BEZHlrpZWXP1kRZ4nw==,type:str]
-    service-key: ENC[AES256_GCM,data:s/oq5ud8XZAAQwhJDPkPZg77MQAnbZVvposvR1RFMiVclOQtucK2CPxP1Lw65TCCLxMXIeRAOLfhKehIk6Jk5w==,iv:S4BzMYPZtVFhXV0g5qBxjItqCyEQ25Ct6swBut7FefQ=,tag:NNytSDn73zM2Z3uWYjknMw==,type:str]
-    webhook-key: ENC[AES256_GCM,data:cKOG9xM7jp1LYHfKjyFqds7ectatGklq8bIWFUeuAkFI2Mwm/XVRm30Lzfk=,iv:nUCkIgw5lNzEha6HVjBHtGD8ZzBwOlP8yMRQ/usD/64=,tag:NHNiPpH9GUq6lSsWTJ1SFw==,type:str]
+    network-key: ENC[AES256_GCM,data:e28WJt1POxWnCgjYG+6HdSOwhHiIArGPrGb/3pQ5o2P2R4gIuxm8YxRPg4E=,iv:44VlT5ID8KXDquDOZMIEPBWl7r+JwbamRdqhBsFO4Rw=,tag:JRTs4FRT8bBpPyetDbt6zg==,type:str]
+    service-key: ENC[AES256_GCM,data:glZuT+e9c2UOXieP313ny6Dl15HRXpeHtGr4XPWjhNSAvFgcwp/1AgFYrHDWZBf771MkN0pgVE/d/fx0oBOgSg==,iv:S4BzMYPZtVFhXV0g5qBxjItqCyEQ25Ct6swBut7FefQ=,tag:w3t59DqroYuAmgHlu/BhEQ==,type:str]
+    webhook-key: ENC[AES256_GCM,data:DDCHLYgYLnecG48XJJXqnsFP/Kl1W+R6eTGC4Ria0Rf5Z0dw8p0r+XaY4TY=,iv:nUCkIgw5lNzEha6HVjBHtGD8ZzBwOlP8yMRQ/usD/64=,tag:LenhvQyDDVulA9PCa2RWDQ==,type:str]
     smtp:
-        user: ENC[AES256_GCM,data:GPFxsIs=,iv:kF7GXxsJupbGZlvvgfL6gKGZl1+W2rsr++XsVykVYOI=,tag:gsDhGBTUbbPoO+R+y+Ssiw==,type:str]
-        password: ENC[AES256_GCM,data:uB5P8JfJFlbWnppzqnQh+2wdcnoUgYKHQSDnV6/3SCCMOUtblI39smo0Xy+pADRalDJypS2OeloHGAZZx+csCXKkODps,iv:O180YVKBJXRA/PvEotdBua6U6O6OQqncQsOepCNDGlM=,tag:/izrkM5WjrP3m/RkGTSDHw==,type:str]
+        user: ENC[AES256_GCM,data:9edqw3E=,iv:kF7GXxsJupbGZlvvgfL6gKGZl1+W2rsr++XsVykVYOI=,tag:0jNo1SDorCRJ8uNLERU8MA==,type:str]
+        password: ENC[AES256_GCM,data:1VvHDAkAI7cBEziZNN8uZNmeojiHxtsR08MpFEEuOLdwWeKj+OFtKGK6TTu/V6sUQKWsTV5cvBAvk0siE/G+mB/rmY63,iv:O180YVKBJXRA/PvEotdBua6U6O6OQqncQsOepCNDGlM=,tag:h0XPBWnJIj3JTR6M4GVLtQ==,type:str]
 gitea:
     db:
-        password: ENC[AES256_GCM,data:LcCwh4HKP4xuQFtzheE4OFHra8TFG/+jYMPNQdSKJEbdU2pcVp9JY1zbSUe7KwSuwLveGt8EqERCSoN5nmwT1GRw4krvDltJkA==,iv:zChXWYtY1BIwE0ROJYtVj3FNhJbSLh/mu7adbhliawU=,tag:2UpH2P6yJm9x7ZfMVZdoMQ==,type:str]
+        password: ENC[AES256_GCM,data:IyE1O7xzZqdycEayUAKh1L7+9rrpiPLQ6GevpsxWoDI7xmgCqlDCnY72jh1kQEvpGZxK1gfdP/fEQKX85T3imjwkAqPp4v6hRw==,iv:zChXWYtY1BIwE0ROJYtVj3FNhJbSLh/mu7adbhliawU=,tag:wSSx5horaghOjuiV7V/80w==,type:str]
     smtp:
-        password: ENC[AES256_GCM,data:nGARyIjZcqIyn+OcaztZnrfqe1X5IQPed7seLQ3NKo3a0llHLK/NNMpkREeyFr+fPTdiY5ptyZKQX29lbVGejc3E6ZAw,iv:Ou3TlnoiK/8kr4Kl/iNpvMWm7Wv5Y5NqLk4FkxhG3ag=,tag:rZBNAYPYYhladozQj4mAgA==,type:str]
+        password: ENC[AES256_GCM,data:XmpnfRtKJ/jA174CFKqCMWkbqbRZRPOq27RVKVZdc5sn5Q6xLg5mTWWN0cKwuy/o+Ikrrx4D4HOgQdyzubxl+n+P87LA,iv:Ou3TlnoiK/8kr4Kl/iNpvMWm7Wv5Y5NqLk4FkxhG3ag=,tag:xSDTgo9w3sZxF2WMM2+yjg==,type:str]
 vaultwarden:
-    env: ENC[AES256_GCM,data:C0advtRXZSRrm3D9iguxfYXTbK2XPMnsqHegN5JcNtxojQuGRry4hyM+PytB5t0rkaPrxffLGJkBsJo/oaYgXlkEBvoEVejMsVNsV2BBU/UrjkhvtjzS1q2BsnSW3rwy6K1IW1CCKHeknWiiT/qH/w0UvGSm3JxbkKnMShxy+mXkNeL99oPJS+5x4bcmCExaJ+EYlMiK1o/BjeBgk/sq/5TcguVpfZvIN0/PhSwqXGn0mwHR+GGApCQxSbB6kO9kKd8e+7zkbfWbK1cRsnZ6UpQl+ElVyQ==,iv:27TdCZYTYazXvi8gjNUkEvYDSRCzUE2IhbvT8k5Mqro=,tag:B+agm4rueu5B6jMkBd3FVQ==,type:str]
+    env: ENC[AES256_GCM,data:g0zlOfYTrmrT1FYSocTVa1Me7HRJV/0id4E1PSiYCWpZdFz2dgKh52P4Xqsy8fuuv9sa58rwua9ZtJ3ycTQt18/xEeZh/bPGKiTm88NhmHZ2LbbdhJMCF9cXaA13yfWuylB6ugFUsmgUJEsrZmfhbRA1ofP+07k+QuJ0xOzO36uZKLW9hcAerZV44bDXg2EUBvcG/4K1fMCBLsiv3luKSpQsnnypcuI5CfwF8qc5X8QumYSAl9H8hcm7be3ksc7Sp/y3IndKEdvuiqVojPYIio4MfSz9QQ==,iv:27TdCZYTYazXvi8gjNUkEvYDSRCzUE2IhbvT8k5Mqro=,tag:2uzyluBVfcMdU20G2soiYg==,type:str]
 borg:
-    password: ENC[AES256_GCM,data:jj5DARwujL3qMyOZ5jegFuWqAWKeEPbGihV2WZ45,iv:qiII9yWbUfQggeO3KdPwNXAQBwVmx6YEa5YIID3AUIs=,tag:Nz6iEf02N6UZTbNxP/vh/A==,type:str]
+    password: ENC[AES256_GCM,data:Fxz36DGpjl5brWRPlzkqmhgwuDAw4BrqlHazjFkV,iv:qiII9yWbUfQggeO3KdPwNXAQBwVmx6YEa5YIID3AUIs=,tag:74IJEGAQ+PiHsw1RKb+iJg==,type:str]
     patterns:
-        keys: ENC[AES256_GCM,data:0CDCFSvqUeGD6JOAuptnke6z3eSD+SgT3AhZYTPujR+6Q42IWXs5Oq+YZeI1CEASFbV7+DhXSNc08zsR/Uuu2xym,iv:xj/owX79CeWV2ztQ0DP5bQRBwLPZiCpHB/JAK5tCfH8=,tag:VXC/b3HDdmwwiZlcqX/C9g==,type:str]
+        keys: ENC[AES256_GCM,data:rv1I75M+3Y4vR65aloXyPgD594n2U9zcOFg4853yeA/+jUpDUC+Is9SaKVo1AB90LgnPl5yhGNzQbM5q9INaq9SL,iv:xj/owX79CeWV2ztQ0DP5bQRBwLPZiCpHB/JAK5tCfH8=,tag:sgkrWI/PtxZjw70lQfD8Jg==,type:str]
 sops:
     kms: []
-    gcp_kms:
-        - resource_id: projects/pivotal-sprite-295112/locations/global/keyRings/sops/cryptoKeys/plover-key
-          created_at: "2022-11-26T16:13:49Z"
-          enc: CiQAGtNpzlnA4uGgxLtVLU0Su4vN4MiIyh2pDOhs5za4pImeLLgSSQD/0un9N03PQnZSTunpJwA7BUq+B7t2D0w5tiL4eYz2kPUHbTSudfG4611eQa0oyxsMEylIRd0Ch6C2nyjo/PbO9BmRXbI1wz8=
+    gcp_kms: []
     azure_kv: []
     hc_vault: []
     age:
         - recipient: age1sj497yr895335rk77qqnrqyx9f7462ma3lz0a0x3w5cnla5uqgpspgggtz
           enc: |
             -----BEGIN AGE ENCRYPTED FILE-----
-            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2THVPWHdVdkR3bjZRbVI0
-            M0xNbHhQRnBrR2Y0cUlVMHdXOUpWdFh2K1JjCjNBTEJNdDgwckR2bWZuOEw2Z3VQ
-            Z0Q1Wm1JRkNIYmh2cExIdWJ3ZFZVVHMKLS0tIFppeTVGc0k0eHIrTndpMVJuTTV5
-            YTZnVWJBdkVKTDIyN0JjNUVkNU84bmsKVEvYry/jpwScC0wtDqbvE4WtYVm+bBss
-            /uTld6ObaI92LLVwdkcApVSzt8AD/vCRD/Kf084oi+fRDFn2JiYChQ==
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwMWVHc0J6OUhUSXN1V0hy
+            YmQxZ0QvVVd4UjJ5bDYyWGN0U1cwM1ZVckZZCmdsK2hjTThPUVRqcjBJR291Rjgv
+            NkwreGV5UlFQRCsrMCtFdVlBK2R6ZlkKLS0tIDJXOTBzZVdEa3NJU0MvT3RYd3NM
+            ZCtNbnFqdzNkVlBtNjVCdE4yNHMrRjQKfFV4GaReO0UO81xsTB0EuN5ibVsafXJY
+            miBgZAZWbJjSBcM4X+Fym/DlxHRoB1a6iFEFN9yg+Z9WI8PfjKnbsA==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2022-12-03T03:10:56Z"
-    mac: ENC[AES256_GCM,data:qfkFu2ZIVs+ZvRGRZKtrC20AFMG2z6r/wLl/jXpPQjNQTb1pj9WerrZyabJfWvU6BHRMsrOq9l3oRDD08TYG69zcGYgPpGvbQMmwrtxadI0clSTzF72Y83AGvvSW1EpA670v19CpCY1ERntIfWeGED+2ogddgm9a2rLhBzy/xdg=,iv:PpxHQ+ZfLYc+JH9E27/2VYVqOC5ANEDvTTJq+UBgSUw=,tag:uQr3KPNOvX6ZkuWGVCBZ1A==,type:str]
+    lastmodified: "2022-12-03T04:34:10Z"
+    mac: ENC[AES256_GCM,data:AfTha4YswSgi7Z/RlIZdTY0KnG7SyeVp1/eLXm8Gbg34j1UAyezfQI4C26Ily1/O+l4YX9T1RSIO2jdwiRmgLy7LVMTtlmHt12fLb720UJ6L2P4yWBWdxnMAuarC7eFQSX+q8XT0IS9rWZEntVQkGjRw+bJJquJvMTZs5+UrR+I=,iv:uzR3Cr7+s8DjKw3OrmDTPt9RLYtZ7EixPoZMHwGOJzg=,tag:+AhzAFQGWt5GvjPeZoIDCA==,type:str]
     pgp: []
     unencrypted_suffix: _unencrypted
     version: 3.7.3