joe/gitops
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update gluetun encryption

Browse Source
This commit is contained in:
Joe Monk
2025-01-24 20:20:45 +00:00
parent 02c355308d
commit d74533afb5
3 changed files with 37 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
readme.md
View File

@@ -31,12 +31,13 @@ Go to https://gitea.home.joemonk.co.uk/joe/kairos-custom and add the new package
This image will be built when pushed
Follow the steps to upgrade/reinstall with the new image in the config - or just upgrade the image as per the docs (not tested yet)
## Upgrading/reinstalling
## Upgrading
- Update the `kairos-config.yaml` to update the image or other settings
- SSH into the server (`ssh 192.168.1.101`)
- Run `kairos-agent webui` to start the web ui
- Go to http://192.168.1.101:8080 and drop in the new config
SSH into the server and run `sudo kairos-agent upgrade --source oci:gitea.home.joemonk.co.uk/joe/kairos-custom:3`, restart and confirm all is good then run `sudo kairos-agent upgrade --recovery --source oci:gitea.home.joemonk.co.uk/joe/kairos-custom:3` to update the recovery image too.
## Reset
Reboot to the recovery image with `kairos-agent bootentry --select statereset` to clear all data.
## Kubectl
@@ -60,6 +61,10 @@ kubectl create secret generic sops-age \
Update the encryption with `sops updatekeys`, then delete age.agekey.
TODO - This doesn't appear to work as expected, need to do:
- `sops -d -i apps/gluetun/secret.yaml`
- `sops -e -i apps/gluetun/secret.yaml`
### Using sops
#### Encrypting