nix/hosts/marvin/services/step-ca.json

{
	"root": "/run/agenix/step-root-ca-crt",
	"federatedRoots": null,
	"crt": "/run/agenix/step-inter-ca-crt",
	"key": "/run/agenix/step-inter-ca-key",
	"insecureAddress": "",
	"dnsNames": [
		"thehedgehog.internal",
    "ca.thehedgehog.internal",
    "ca"
	],
	"logger": {
		"format": "text"
	},
	"db": {
		"type": "badgerv2",
		"dataSource": "/var/lib/step-ca/db",
		"badgerFileLoadingMode": ""
	},
	"authority": {
		"provisioners": [
			{
				"type": "JWK",
				"name": "me@thehedgehog.me",
				"key": {
					"use": "sig",
					"kty": "EC",
					"kid": "JWz8cIrHJoYfqoo5YRgBhg3g2LO8oAeh1a9BA1OFRes",
					"crv": "P-256",
					"alg": "ES256",
					"x": "cemXte9woK4lSHy4kEFxNEkhkJwoQLKMHVjvRxh5Ta0",
					"y": "KqaJf-AWN_CNt64E2hyg3snAsappmiEc1_sAd3F8fQk"
				},
				"encryptedKey": "eyJhbGciOiJQQkVTMi1IUzI1NitBMTI4S1ciLCJjdHkiOiJqd2sranNvbiIsImVuYyI6IkEyNTZHQ00iLCJwMmMiOjEwMDAwMCwicDJzIjoiaWhiYzZsLVRnVEg5c2MtdDMyTXBmdyJ9.qxWgGkFHXDixOQNQ4vyqFxS9Cf-8jJDn3wx3hq22O3DqthHFeltq8Q.DfeI1nKGbMHpwQty.ihKjbEvP_a32pM0jHQ3vX-Os7-s9UgemWv6T9yRkFS5vz1mwXCWKh1c8MWzrF2Xz0zzF4hv_BSbB7frIf_O2vkRbHQ-8a8ErF7rBO5VXIs9r37PoaUt2FpvbKCkgn6CxJNUzNnkkiNw2EhVAwRx4V3SUnZQ6E5r-S758EK7_jslavxFmOCNjIOv0pW6sJt0rN3dZ5mGeSDnky5G4nWT_65spBz5KSIEKOOrYlvRt-6dGjqTzDhphw1-xoX9enRwagp1vYXIOkqTgu9XfD4Q2H311Xum0F7r7mPl501BggYVg9lyg3yeqNtJlYkFv6pWdyiNyH6Q4LaLOabyd9Kc.El21YJ6G-IsHoMvY1JICbw"
			},
      {
        "type": "ACME",
        "name": "acme",
        "claims": {
          "enableSSHCA": true,
          "disableRenewal": false,
          "allowRenewalAfterExpiry": false
        },
        "options": {
          "x509": {},
          "ssh": {}
        }
      }
		],
    "template": {},
    "backdate": "1m0s"
	},
	"tls": {
		"cipherSuites": [
			"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256",
			"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256"
		],
		"minVersion": 1.2,
		"maxVersion": 1.3,
		"renegotiation": false
	},
  "commonName": "The Hedgehog's CA"
}
marvin: Enable managed ACME 2022-07-01 15:59:51 +00:00			`{`
			`"root": "/run/agenix/step-root-ca-crt",`
			`"federatedRoots": null,`
			`"crt": "/run/agenix/step-inter-ca-crt",`
			`"key": "/run/agenix/step-inter-ca-key",`
			`"insecureAddress": "",`
			`"dnsNames": [`
step-ca: Add new valid dns names 2022-07-01 20:15:16 +00:00			`"thehedgehog.internal",`
			`"ca.thehedgehog.internal",`
			`"ca"`
marvin: Enable managed ACME 2022-07-01 15:59:51 +00:00			`],`
			`"logger": {`
			`"format": "text"`
			`},`
			`"db": {`
			`"type": "badgerv2",`
			`"dataSource": "/var/lib/step-ca/db",`
			`"badgerFileLoadingMode": ""`
			`},`
			`"authority": {`
			`"provisioners": [`
			`{`
			`"type": "JWK",`
meta: stop misgendering myself(mostly, still some legacy crap to clean up. 2022-07-15 02:16:21 +00:00			`"name": "me@thehedgehog.me",`
marvin: Enable managed ACME 2022-07-01 15:59:51 +00:00			`"key": {`
			`"use": "sig",`
			`"kty": "EC",`
			`"kid": "JWz8cIrHJoYfqoo5YRgBhg3g2LO8oAeh1a9BA1OFRes",`
			`"crv": "P-256",`
			`"alg": "ES256",`
			`"x": "cemXte9woK4lSHy4kEFxNEkhkJwoQLKMHVjvRxh5Ta0",`
			`"y": "KqaJf-AWN_CNt64E2hyg3snAsappmiEc1_sAd3F8fQk"`
			`},`
			"encryptedKey": "eyJhbGciOiJQQkVTMi1IUzI1NitBMTI4S1ciLCJjdHkiOiJqd2sranNvbiIsImVuYyI6IkEyNTZHQ00iLCJwMmMiOjEwMDAwMCwicDJzIjoiaWhiYzZsLVRnVEg5c2MtdDMyTXBmdyJ9.qxWgGkFHXDixOQNQ4vyqFxS9Cf-8jJDn3wx3hq22O3DqthHFeltq8Q.DfeI1nKGbMHpwQty.ihKjbEvP_a32pM0jHQ3vX-Os7-s9UgemWv6T9yRkFS5vz1mwXCWKh1c8MWzrF2Xz0zzF4hv_BSbB7frIf_O2vkRbHQ-8a8ErF7rBO5VXIs9r37PoaUt2FpvbKCkgn6CxJNUzNnkkiNw2EhVAwRx4V3SUnZQ6E5r-S758EK7_jslavxFmOCNjIOv0pW6sJt0rN3dZ5mGeSDnky5G4nWT_65spBz5KSIEKOOrYlvRt-6dGjqTzDhphw1-xoX9enRwagp1vYXIOkqTgu9XfD4Q2H311Xum0F7r7mPl501BggYVg9lyg3yeqNtJlYkFv6pWdyiNyH6Q4LaLOabyd9Kc.El21YJ6G-IsHoMvY1JICbw"
			`},`
			`{`
			`"type": "ACME",`
			`"name": "acme",`
			`"claims": {`
			`"enableSSHCA": true,`
			`"disableRenewal": false,`
			`"allowRenewalAfterExpiry": false`
			`},`
			`"options": {`
			`"x509": {},`
			`"ssh": {}`
			`}`
			`}`
			`],`
			`"template": {},`
			`"backdate": "1m0s"`
			`},`
			`"tls": {`
			`"cipherSuites": [`
			`"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256",`
			`"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256"`
			`],`
			`"minVersion": 1.2,`
			`"maxVersion": 1.3,`
			`"renegotiation": false`
			`},`
			`"commonName": "The Hedgehog's CA"`
			`}`