Skip to content

Commit

Permalink
fix(vpn-gateway): disable dns-over-tls (#1329)
Browse files Browse the repository at this point in the history
  • Loading branch information
@thiagoalmeidasa
thiagoalmeidasa authored Nov 23, 2024
1 parent d603701 commit aeee2e4
Showing 1 changed file with 23 additions and 22 deletions.
45 changes: 23 additions & 22 deletions kubernetes/apps/vpn-gateway/gateway/app/secret.sops.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,21 +4,22 @@ metadata:
name: vpn-gateway-pod-gateway
namespace: vpn-gateway
stringData:
#ENC[AES256_GCM,data:9b2XCi3BFhSAwDzMv7yJlg==,iv:SZZTbshhmldXLwrC1Tv5+Fn0fAALWIhs4YpVPtHz97Y=,tag:xwKkFjFoV0fjsjqX//iIOQ==,type:comment]
VPN_SERVICE_PROVIDER: ENC[AES256_GCM,data:uGnXdM2UmA==,iv:LvXRUQcsmIY4QFnAnz4xyuYV9DiTk1H+z9GRLhN+qws=,tag:Fev90HR7WzhtUPRoITdlhQ==,type:str]
OPENVPN_USER: ENC[AES256_GCM,data:GNWPfy82NNMagpXHSgG1+Vfdlc+K8giz,iv:AdrhDIkuq16hB8LzQ/xSi6sBtAEmgjKnuvnZacDLBOg=,tag:cMoDJi0l+e5JMeeSfmQ8/A==,type:str]
OPENVPN_PASSWORD: ENC[AES256_GCM,data:8U1iv0/YGJp7OqbRwIpOdkHaJ3BehLiS,iv:z+qU8njBNknjMqVTTtxE29A4DxS676S8GevR2d96M/c=,tag:OtSh1S3wlxVw9RslDMkDKQ==,type:str]
SERVER_COUNTRIES: ENC[AES256_GCM,data:5Jzm1bDM,iv:JtSsoc53rsJ2lnr8MKhUteo2vFULz0C4OUnTtwOMQW0=,tag:qk3rtR4Dx5dpueRYfWs3ng==,type:str]
SERVER_CATEGORIES: ENC[AES256_GCM,data:dGkg,iv:MCatvlYzGY+gNjd0yQQ9FDkzsi6DCpH4Fl7KVu0Xqus=,tag:YAIkCtZIMygdAyspIVG4HQ==,type:str]
VPN_INTERFACE: ENC[AES256_GCM,data:5We6Ag==,iv:7yseYCdwSZJEDgd/ztYeKf8SozgfP+ZHEJpr7q/sPWA=,tag:QBv62YZZ4SGwwtJjy76XDQ==,type:str]
#ENC[AES256_GCM,data:4uR2Z+D0H/df,iv:Z4MvyZqtLJjGO75yolAp/RXXad8/+lPnZsRfABMorWQ=,tag:/OKufqevxqcmdWuTfv7GQQ==,type:comment]
FIREWALL_ENABLED_DISABLING_IT_SHOOTS_YOU_IN_YOUR_FOOT: ENC[AES256_GCM,data:/fmF,iv:PxRaHhvr+Cy4w/t5CTHXggFNxS5PxcIjDO12Ctc+iCY=,tag:4m9YJblHLh7LlCLDeBcgTQ==,type:str]
FIREWALL_DEBUG: ENC[AES256_GCM,data:HLM=,iv:vgYXQzHmpvsdfVPwdkDfmOJ7R4ktFNxXRAtBgHneZC4=,tag:vI80Ceoz/t5TkZ4TIdk3BA==,type:str]
#ENC[AES256_GCM,data:UO8bHQ==,iv:/GuvRJP2w/g7vICM1NDZVHTXm+sBo/kkjlevDi7LaYo=,tag:6P1aN6OXi2u2CckEc0+Eww==,type:comment]
BLOCK_MALICIOUS: ENC[AES256_GCM,data:wL+d,iv:9hoLzbQi2aNa2zQu9ZB9XzqmqpeDFj82iBTmhi6bfbk=,tag:C2s6RtSC93AROyDNZwKoZw==,type:str]
#ENC[AES256_GCM,data:gf8ng5oalgXLqEUNq9EF+DK9VOY=,iv:iMT0FkZ81zJLjwmgv6gaEPcDz5CLCzw4HV8OdrQyK6I=,tag:KHW4EyNAKc2EOfGQdfNncQ==,type:comment]
DNS_ADDRESS: ENC[AES256_GCM,data:Mld9rWXi8Dwhck9Ejw==,iv:Jz3TSOyaVNTj8cjZpGXSpaBX2GqrJEYFOTRkrciUQI0=,tag:3yN4Fkcyr98NYRl5+17xXw==,type:str]
DNS_UPDATE_PERIOD: ENC[AES256_GCM,data:CR1F,iv:X8m6tpU/h/Gk/D+9F1AES7O0wqEVDLodp/m+4Vu4+wk=,tag:Se8IDRZHJLIbjV6DoqxPIw==,type:str]
#ENC[AES256_GCM,data:5VFXKxnw/q7JK9YS8Cj8nA==,iv:FJUXcsJr8RsoEtw8Nk3aVzPHmJqeK7DtuvZrulf8yrI=,tag:37NE6etcm99LeDQIVh1u/g==,type:comment]
VPN_SERVICE_PROVIDER: ENC[AES256_GCM,data:1NDHCZfQwQ==,iv:elyfMMYD2Bctf0xgLHGQnAJGnKZdKy3CRAQ6yMzU6I4=,tag:tTBy1lkOYhZ8gXNBs2nt5w==,type:str]
OPENVPN_USER: ENC[AES256_GCM,data:tpvt2k2UJ+M1NAklrF0UTAeK9Z7kgKS1,iv:bDiTU7tXIK9k6bslmPZFZVARPPAuqdLcEGK3+eBVfTY=,tag:sevVKtUzwo0DgJOo5gxfHw==,type:str]
OPENVPN_PASSWORD: ENC[AES256_GCM,data:bH9OIvwI+3SMnYHY7qwHwPMEifQce/Y2,iv:Fag9Gc2LoazB91yjES4ypVB3g17WXrcUoqBfu/3KTQk=,tag:kFWcBu4H3JApSGVatZT+6A==,type:str]
SERVER_COUNTRIES: ENC[AES256_GCM,data:oyZUy/wH,iv:q/VULXV2PMVRbfGap22bgZsQth2IC653X5ZZHfeVmc0=,tag:Z3Dl1jcci3dxC3F4ruxZpQ==,type:str]
SERVER_CATEGORIES: ENC[AES256_GCM,data:BjNK,iv:ntZXVdqB5jn5Ry+VgR8a00JrJ110wY4rNhkVH08EXLE=,tag:BRL6Nl+p2KAAuMpJMOl7vA==,type:str]
VPN_INTERFACE: ENC[AES256_GCM,data:mBr96Q==,iv:h2/pCbKymTHd7BDZniDQdFWb2NkyMHmhYdei6qJdsRg=,tag:Qrp6b1yUKVz4iVUear59CA==,type:str]
#ENC[AES256_GCM,data:zWHtsN8M6uLA,iv:VYOvQMnJXTc4qzEIJOWtzPKZ8JpcKAniS/iNBIkEuJQ=,tag:mMmpkTMMvfEV1ePJvzPWEw==,type:comment]
FIREWALL_ENABLED_DISABLING_IT_SHOOTS_YOU_IN_YOUR_FOOT: ENC[AES256_GCM,data:iL9q,iv:D27dYOU6YYSewcBAc3PbFj4EJaR2g76yuaTHFvqoJT0=,tag:f0ot/D1OSyy1LybOaW7v6Q==,type:str]
FIREWALL_DEBUG: ENC[AES256_GCM,data:pnM=,iv:AR3mLavCb3dl+cg90mj1oh9xOulUEdp7P6t6ro3mBTk=,tag:91o5WVOU87xRPFEHrJqi9w==,type:str]
#ENC[AES256_GCM,data:IxdurA==,iv:IZbhb/NoB/bjj8vfSuroWpEX6nDWm0P9VatZTUqcR8M=,tag:BXXcbBOEQ/eT8c91yO1ImQ==,type:comment]
BLOCK_MALICIOUS: ENC[AES256_GCM,data:walS,iv:14oHbLGuhyRZZLYd9Ua5mY3Tw0sUcOGYDeV4EgSv+4w=,tag:qu9IVE007cg5ZmoISQL/5w==,type:str]
DOT: ENC[AES256_GCM,data:3pzX,iv:lE69Dwaods/ucF1Mrs2OKG3im+euIYkixR+B7ggT3o8=,tag:Ccuvc1rd39wtXgyZAnXpAQ==,type:str]
#ENC[AES256_GCM,data:6dAvqa/huZUlnKmCEwLv01YoDkU=,iv:O87dI8JGt6qEhAO8wFCG4c2C1IGHRJrGJfEl/15ap3g=,tag:7c9frBIvxyZS/JyiHg7uWQ==,type:comment]
DNS_ADDRESS: ENC[AES256_GCM,data:eObZXyNQY4HTYdcSOQ==,iv:WwG2auzVBB6xfY9pQalIKfWtCTfkofHq0R3BFMjD7Hc=,tag:br+ZrpvP8wdK7ClWb3/jJA==,type:str]
DNS_UPDATE_PERIOD: ENC[AES256_GCM,data:sVXQ,iv:R8HAIAxkKQkzKTq6euCyHBgn6RpEGb654/I7WaQa4fE=,tag:JNPmyiBQTb/JfECY79/JGw==,type:str]
sops:
kms: []
gcp_kms: []
Expand All @@ -28,14 +29,14 @@ sops:
- recipient: age1w02zzfg0y4ast9mgnd9w0yuym0wqx6q967kmrmq355w4cnw0xytq2x369r
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHQXRPdXN4cGJoS0VSNkNT
QVhBcHhEWTJ6YktjZVlhMmxZZ0h2VUNheW1BCnZUL09nSlUwTDBBS3NNRUdYNHBN
MHZoQ0dhODBjWUxCUmxPd0NOc0xER3MKLS0tIHBib3dLYUl2N0tpLzF3czNxRXRn
NUVGbkY1ZnFMRXZ4em9DckRmTnZvNjQKx/t/uKtGf/7mZMgdFJqVciyr52LQt1b2
2edS5U3Bhrv2bkKTbeAtsxkrkMNAFYITLGFD9voIRV2X4fv58+9PZQ==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB0NXR1Vk5NNFJRVVFKdVVr
NnFNT0ViYmRURXJoMnl2V1czSFBnYkpvaGhjCnRpd0diU1E3dzczRnpac0xzOWxC
VDk0c25VMWU0SlJJK1ptOWhFVUxhSkEKLS0tIEpZWm0vcWVuNVFyTzFUSnlhNVNk
elhpNTVTT2JGMU93NEsxUkhMTmVqd2sKdnm/tgyDSiK192IXLfjbiTVvd9MUR8om
5gwC7fdjDat+69tpSxFeFdBssSlny72m8zvLhOACCGXggV6mNcbqtQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-11-23T22:32:21Z"
mac: ENC[AES256_GCM,data:LfKSpfwHiQG0SOSA6pMxsVvvR6vRJeV3WZE7LNKlneEk4DCRFnbhK/Z6zLM8e2l2rxcQspOen806Zz35FfTvdwv50QVkgWx0JJDgJW4p2S+8J5BZ7yr3WsKcrHtRQxc5w1q1aoGbj5QGdZh1a9FYnXhLxuLkPNTnHcTn2DoJf6g=,iv:MtwzVY1lrgLt7CI/VXCwk34EXDMnd5hxspkJyzvqByo=,tag:Cd7do3V467dqy6GbYIoTPg==,type:str]
lastmodified: "2024-11-23T22:59:39Z"
mac: ENC[AES256_GCM,data:/7OThln1M5TXa+A+6eIxKvPvqusQCZbegWzkrfygTYC7a2r3VCiDgk+gIVwv+EBUbwzhwGCZyz/tMTQIuj4/VdRvfWWE5MP+aXv5Rsg1FP6bJ5VbfKwWSS1r+X7H4TvsJQzna7LPE2yTwMPd0mTbMxr8SLGJ1x/5FbdGdJXotGE=,iv:rvLzCYAVfFwF23++pxNYUuf9+OxWxv7vqHVe57L9PMA=,tag:DiGqZPZ7bBzkTEewdP5ZGQ==,type:str]
pgp: []
encrypted_regex: ^(data|stringData)$
version: 3.9.0

0 comments on commit aeee2e4

Please sign in to comment.