https://www.hascode.com/tags/gpg/ Recent content in Gpg on Micha Kops' Tech Notes Hugo en Copyright © 2010 - 2025 Micha Kops. #e9d956c0c0154a221ad83c925346a8fa0e72f866 Fri, 19 Apr 2024 00:00:00 +0200 https://www.hascode.com/handling-secrets-with-sops/ Fri, 19 Apr 2024 00:00:00 +0200 https://www.hascode.com/handling-secrets-with-sops/ <div id="preamble"> <div class="sectionbody"> <div class="imageblock"> <div class="content"> <img src="sops-cover-image.webp" alt="sops cover image"/> </div> <div class="title">Figure 1. Handling Secret with SOPS</div> </div> </div> </div> <div class="sect1"> <h2 id="_installation">Installation</h2> <div class="sectionbody"> <div class="listingblock"> <div class="title">using homebrew</div> <div class="content"> <pre class="highlight"><code class="language-bash" data-lang="bash">brew install sops</code></pre> </div> </div> <div class="paragraph"> <div class="title">manual download</div> <p>download from GitHub <a href="https://github.com/getsops/sops/releases" class="bare">https://github.com/getsops/sops/releases</a></p> </div> </div> </div> <div class="sect1"> <h2 id="_using_sops">Using SOPS</h2> <div class="sectionbody"> <div class="olist arabic"> <ol class="arabic"> <li> <p>Create a <code>sops.yaml</code></p> <div class="listingblock"> <div class="title">sops.yaml</div> <div class="content"> <pre class="highlight"><code class="language-yaml" data-lang="yaml">creation_rules: # encrypt stuff in .secrets - aws_profile: default kms: arn:aws:kms:eu-central-1:1234567890:key/abcdefg-0123456-abcdefg <i class="conum" data-value="1"></i><b>(1)</b> path_regex: ^./secrets/.*$ <i class="conum" data-value="2"></i><b>(2)</b></code></pre> </div> </div> <div class="colist arabic"> <table> <tbody><tr> <td><i class="conum" data-value="1"></i><b>1</b></td> <td>We are using AWS KMS for encryption/decryption</td> </tr> <tr> <td><i class="conum" data-value="2"></i><b>2</b></td> <td>All files in the directory <code>.secrets</code> will be encrypted</td> </tr> </tbody></table> </div> </li> <li> <p>Inplace Encrypt</p> <div class="listingblock"> <div class="content"> <pre class="highlight"><code class="language-bash" data-lang="bash">sops -e -i .secrets/mysecret.yaml</code></pre> </div> </div> </li> <li> <p>Inplace Decrypt</p> <div class="listingblock"> <div class="content"> <pre class="highlight"><code class="language-bash" data-lang="bash">sops -d -i .secrets/mysecret.yaml</code></pre> </div> https://www.hascode.com/install-docker-on-linux/ Fri, 14 May 2021 00:00:00 +0200 https://www.hascode.com/install-docker-on-linux/ <div id="preamble"> <div class="sectionbody"> <div class="sidebarblock"> <div class="content"> <div class="title">Goals</div> <div class="olist arabic"> <ol class="arabic"> <li> <p>Installing a specific Docker version on (Debian-based) Linux</p> </li> <li> <p>Freeze the version to avoid automatic updates</p> </li> </ol> </div> </div> </div> </div> </div> <div class="sect1"> <h2 id="_installation">Installation</h2> <div class="sectionbody"> <div class="listingblock"> <div class="content"> <pre class="highlight"><code class="language-bash" data-lang="bash">curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - <i class="conum" data-value="1"></i><b>(1)</b> sudo add-apt-repository \ <i class="conum" data-value="2"></i><b>(2)</b> &#34;deb [arch=amd64] https://download.docker.com/linux/ubuntu \ $(lsb_release -cs) \ stable&#34; sudo apt-get update <i class="conum" data-value="3"></i><b>(3)</b> sudo apt-get install -y docker-ce=18.06.1~ce~3-0~ubuntu <i class="conum" data-value="4"></i><b>(4)</b> sudo apt-mark hold docker-ce <i class="conum" data-value="5"></i><b>(5)</b></code></pre> </div> </div> <div class="colist arabic"> <table> <tbody><tr> <td><i class="conum" data-value="1"></i><b>1</b></td> <td>Add the Docker GPG key</td> </tr> <tr> <td><i class="conum" data-value="2"></i><b>2</b></td> <td>Add the Docker repository</td> </tr> <tr> <td><i class="conum" data-value="3"></i><b>3</b></td> <td>Update the index</td> </tr> <tr> <td><i class="conum" data-value="4"></i><b>4</b></td> <td>Install docker</td> </tr> <tr> <td><i class="conum" data-value="5"></i><b>5</b></td> <td>Freeze the version to avoid unwanted automatic updates</td> </tr> </tbody></table> </div> https://www.hascode.com/install-kubernetes-components-kubeadm-kubectl-kubelet/ Fri, 14 May 2021 00:00:00 +0200 https://www.hascode.com/install-kubernetes-components-kubeadm-kubectl-kubelet/ <div id="preamble"> <div class="sectionbody"> <div class="sidebarblock"> <div class="content"> <div class="title">Goals</div> <div class="olist arabic"> <ol class="arabic"> <li> <p>Install kubeadm, kubectl and kubelet on Debian-based Linux</p> </li> <li> <p>Freeze their versions to avoid automatic updates</p> </li> </ol> </div> </div> </div> </div> </div> <div class="sect1"> <h2 id="_installation">Installation</h2> <div class="sectionbody"> <div class="listingblock"> <div class="content"> <pre class="highlight"><code class="language-bash" data-lang="bash">curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add - <i class="conum" data-value="1"></i><b>(1)</b> cat &lt;&lt; EOF | sudo tee /etc/apt/sources.list.d/kubernetes.list <i class="conum" data-value="2"></i><b>(2)</b> deb https://apt.kubernetes.io/ kubernetes-xenial main EOF sudo apt-get update <i class="conum" data-value="3"></i><b>(3)</b> sudo apt-get install -y kubelet=1.15.7-00 kubeadm=1.15.7-00 kubectl=1.15.7-00 <i class="conum" data-value="4"></i><b>(4)</b> sudo apt-mark hold kubelet kubeadm kubectl <i class="conum" data-value="5"></i><b>(5)</b></code></pre> </div> </div> <div class="colist arabic"> <table> <tbody><tr> <td><i class="conum" data-value="1"></i><b>1</b></td> <td>Add the GPG key</td> </tr> <tr> <td><i class="conum" data-value="2"></i><b>2</b></td> <td>Add the kubernetes repo to the sources list</td> </tr> <tr> <td><i class="conum" data-value="3"></i><b>3</b></td> <td>Update the index</td> </tr> <tr> <td><i class="conum" data-value="4"></i><b>4</b></td> <td>Install kubelet, kubeadm and kubectl <div class="admonitionblock warning"> <table> <tbody><tr> <td class="icon"> <i class="fa icon-warning" title="Warning"></i> </td> <td class="content"> It’s important to use the same version for kubelet, kubeadm and kubectl. </td> </tr> </tbody></table> </div>