gcp: init, add service account

commit: e98672864806fa5592246ea115ab0de192687858 [log] [tgz]
author: Sergiusz Bazanski <q3k@q3k.org> Wed May 15 19:19:19 2019 +0200
committer: Sergiusz Bazanski <q3k@q3k.org> Wed May 15 19:19:19 2019 +0200
tree: 96b1278f4881088f862bc2c24c04ded0546e6d0b
parent: bb77892924363b5eba8f8730395b1ac347e5d48a [diff]
diff --git a/gcp/README b/gcp/README
new file mode 100644
index 0000000..c6a3ff2
--- /dev/null
+++ b/gcp/README

@@ -0,0 +1,5 @@
+HSCloud-stuff-on-GCP
+====================
+
+We keep some services running off-site on GCP. We manage them via NixOS/NixOps.
+

diff --git a/gcp/secrets/cipher/sa.json b/gcp/secrets/cipher/sa.json
new file mode 100644
index 0000000..3e890f7
--- /dev/null
+++ b/gcp/secrets/cipher/sa.json

@@ -0,0 +1,62 @@
+-----BEGIN PGP MESSAGE-----
+
+hQEMAzhuiT4RC8VbAQf+KITgWe4i+3ohhquH4NP1sL845sfoJqbpRgzCLONOGEXl
+tkcOveTsishF3o1Jh1X3Ca50+7i0eHNbCIOImAbrdy4Hm36GQW6pkl0cZR5KFyt0
+rlsuaXNJ1WiR4oyv3YXGMl5asz2aHf7Z1gh0X8qfDfMJE6a2u/v6zMdy8Ihvi2jO
+qttsHzESfUOu4caH2Sx4wJVimAXAVj4kg9VgcaKONY27ZhTMo8cQ/KaPW2lDLNLg
+7YfadIY9k8LM3I+75JXDEEvSqGnluUoeHWDlckj0MmtEqHMolpgZ9tfD6pQETUf/
+NSTlwqtki53wu/erCL7g4D/S/cboxREvfIGqhsFXZIUBDANcG2tp6fXqvgEH/1xR
+ciF0ClkVmCyFPt1ZQubpkffbo3iWBDsqjamZrfX42fZxiEhEuRB4w2IBu/1bjATi
+pogevUExHSNA0o24Nkpe58WLIr5o4QRLu1K57whKc8TdERouSjiH47xKlDooWx+y
+IBZEIUSU7RcJ8+GyaF3yE7zPKeRKXjU43h6D3JB3zExI3O2d+bctEqKc3ENnYurI
+Bbq+2/54aWKvyzf7JYxTC/YIr7o7wOaWg4Nvx0E0fSCdn3bxiLshj3s89WPLf3KK
+1T+KYehv6eU5reroGb1g0vXyfH9rsHIPDAv2M80oV3J6bUqIu7BidR81qY1CSMVC
+ACzgbaijdXMnaxTQp++FAgwDodoT8VqRl4UBD/4zh67Y9RKKCtKRTRdrr7wW6dno
+SWviVIWuP6lxfMiIqP2A3bJf8azGN9bC8Tn807x6hvECrLOrYQQPAfFN3QJQYc61
+XzwDAditiDC0iW3imhmlX8yovH+OCq3Wya0wOhbIpsjLa1c8RU/OXAe7eHh1QqNd
++myBKwMN3PBf2OubEv71N3yrntdv2qgkmWFrt+cMhDrGfqNizS4BVoAMJ9cARu68
+uA9hGSVdoRe3FGaxVmYAyGI1qan+hINc6tDvoNgaNYDqWO2S1AoLTg9Z6BxnBole
+Alja7Do4EapfLT8UPvXgtyVVvQ8yekIObd/ISD3sYoen2sIgHEb7wFWv8qgINcZF
+AT5ZxxPARvCxq6QY4mWP9O4h/UNi59Cv03UDyd2wN0+vAIIndGfQ5iHIXvx7tbJh
+cYNgK3c0Q9eSXncmyUiI7Qsaxs0+ScrgTNi3PEaQO1LxiY5Ek/zz9/A0U2fFBrU+
+5RiB77HsTnx5HsuRO3IqEZXA7TTg2lwDqip2zeYUT1t6WBNGZMQRDk5evH9pmDq7
+hg4eblNISXNtAYfIT0QKa+CUcL+0TgBCnQA12s5LKQEiBWwbmO93QW2am1+nqvSg
+QddQAuAj2RMPyrN04L0PT4QOAs4eMgMh41KYJtHlulr6OwyD6M5T81CRw8AmvPWO
+DtebLO4M9A50nth249LqAflyvW4cvu42BYdsc6PCX/UnIWw6JPvD0j7XXgpK/H7v
+0pVBXZ4IK9Fev+2nuRTK7KbqQ8ODDmps3tfoRA6wlmzjIxd6JridTnTfaPWHjBqz
+QQXQdUTyos1R3PgDoAxDKfTqxYqvPIX9ShPcQ5QnL5S/7M42aHKPJdzwkTTMBi04
++4yDqlhl7x6LqzYGcYr7Rf4z+ECvwYpZmy9dR58+j4+MHGqZjPD9tJHI2VdoI28s
+0eOOJHBhz5hh+CAFs7M3oWN56JHM1IhLVp/PzjhMpUJLSnzrIHSrTc4wXvrY8p0o
+2Kqd2zc83BIlPsyREgzNEeQk3c/8/zViSAyeGiruYXIm9UT9mTvcNm8Jk4QCiwj/
+vKZ+f4SmsiGUnJFUSokf1gxpC/922v0jWIFy5xnY0kAqxFPUZtK8CWWwKIicvKXa
+tMPIXwUoHkmT4wRqjpSmM37ujPWN0dugm2RFzSmfsLaXDhTICd6MZF7LoRcRU29a
+KyFzH0eXiHvv4hUvd+NRzdh1su5vfQgE1AJ0v27ob+qLabJnTBLs2OdIK6XZohFG
+469CG+y6ldF13THTbmomDB95St+qxh3CYPUb3MgdDAtxIlarAP7DnwTpc1nAv9iW
+GJUqXIbQURfUeUdrHBit1SpDgjispsNn/7aOWEMNPfN0YyabOKTjixuPy24cmop9
+mIQGqQMf2R625Iw7vBV9kKzuH4lB9IfTQN8P4UBgyoOsqHhfxHutiS3kRWnIsBDA
++LUzxq5Gg7c2FmO+JCLJdvPGOcu0bH7Y4jn2uiRBY4Ej63WOVSU13afaHxvj25T0
+tOL+9qnSO1Jp6WpYMz5RsFACbitl0urKEOvgib9HxxphXchpYehbsj/E92/H88xL
+nqkBvYJtOJCImAl8hIUzn/XwTBZ16qcEpkWcsjTLtJmUNU3WkXQUyMUjvEUJbnNK
+XPQa6dhtxmlen/+siOXqxRrr0H9r70c69dat9H16z2O8Lx8c2ZYj13NlB9Li0PoA
+QqMJOFItWPMkMj8pRIc6b81RJ8qDbXI8Yuyu8KWga1pSqGqTLfhxBcEDurqiYFRk
++yJoo6Uj7VzSLbcdJt1tDaDQsWKOKxZasQXo9kc3AeAKpgblriD/l7lV2pIINjbN
+X+nRld9t8AkeSduN8KyJYJ1HVRXvj8XucNcV0qN03EfVVzY1Sp9SPfLe4PxDaTq9
+4I2XPPYMCq9TsDgSGeaAOybW0jay14hpzM5/k1qyyn3d7DB5j8gq7smNMHroLb7m
+ub93qASb7heF0n/VbDheLin/nrVMnNfz8sLuv4P90F8+K3y56JgHDP7UBkl0ahYB
+1msvRlnC3dqay/Y7VjMdkSbjk5eGlr8Hj3z+MuXrBOl0e0Xi9hkynadDsRykxzQ0
+oHS9eSm7ePQD8SYuW6M195ta8FPsmTPOvyTLq/5bHSRjkaoF3T+S07jyTh01oL9G
+MbBKdz72hiamm+Yf3fI99zSxhVYtjKBnnw418i2OGF19b9tOmNLmTnh+ioGR/6i/
+vlg8rVDchWutW5YpH3uaZVqHmXGWNeHgG/jR0AkeOtvibuJnz2XQ15t5SUoP/pDj
+Mejrvw1Pj/JvYhAmXz08BesySyLEGBwrhXrK+ZOcijIs8nesaTqiosofpLYmOEBJ
+8eUQCvTMtycjzPfhVv2m6rcwTIAmpdPmfsfcrKPKJnoG6iDZRqsLFUyvSFMO1HKD
+PHiGjWW8XTjMj3vXInCu9oIjZ0Ap4KLby1B+9igEdnRBLCNGdr6sLYo2ZJWj8KIM
+71+47DihxnQqjrNwx1GaIs5ViAxh/SxFkK3Tse8ENTuI+Jf+zfyyc2hrv41DM4YM
+NcG2iXd3S+mZPacm1qwDqvjqPmT6ZSkmUEfHdKdoglxdLBHAoC/yqwE/4ihK+cde
+8s89eAUQxXEVObLx5iyBQ5guHsELHjBqJXCIlHsybl0Xl5NLC2+JhKYQ7skaeYaA
+R8rf3LnZkk3YnQeq3yVcVzdHPi7vh3hpjBOTj/PQ9weM7oulRxwLkvYTZ1fBdjBR
+FDRt2kmiv7VmhpxZ3HbZapvehAl9FEBydj81x3pGmdPEf7+4ZcMmNv06FXcd6cw5
+HnOZTFTmRp2xmosHoGG3YuxqjNgQ+qlEqK9yIcsyz0FMZX/HTufuJNaPJiJtxpzf
+uiwkIx0c4Q+prAU0sDlAG2y/c0KohwjCORmv+oRpT80vA7r0W/Vn1Ng7LsezmzAU
+vGnkxqBGYf1we5gZFFKmjXLm5EdaHH+TNGENeA==
+=K/vG
+-----END PGP MESSAGE-----

diff --git a/gcp/secrets/plain/.gitignore b/gcp/secrets/plain/.gitignore
new file mode 100644
index 0000000..d6b7ef3
--- /dev/null
+++ b/gcp/secrets/plain/.gitignore

@@ -0,0 +1,2 @@
+*
+!.gitignore

diff --git a/tools/BUILD b/tools/BUILD
index 80678ca..4b3eb1b 100644
--- a/tools/BUILD
+++ b/tools/BUILD

@@ -57,7 +57,14 @@
 )
 
 copy_go_binary(
-	name = "nixops",
+	name = "nixops.bin",
     src = "@nixops//:bin",
     visibility = ["//visibility:public"],
 )
+
+sh_binary(
+    name = "nixops",
+    srcs = ["nixops.sh"],
+    data = [":nixops.bin", ":secretstore"],
+)
+
commit	e98672864806fa5592246ea115ab0de192687858	[log] [tgz]
author	Sergiusz Bazanski <q3k@q3k.org>	Wed May 15 19:19:19 2019 +0200
committer	Sergiusz Bazanski <q3k@q3k.org>	Wed May 15 19:19:19 2019 +0200
tree	96b1278f4881088f862bc2c24c04ded0546e6d0b
parent	bb77892924363b5eba8f8730395b1ac347e5d48a [diff]