diff --git a/SwarselSystems.org b/SwarselSystems.org index 90714d7..1a583ca 100644 --- a/SwarselSystems.org +++ b/SwarselSystems.org @@ -15115,613 +15115,631 @@ The rest of the settings is at [[#h:bbf2ecb6-c8ff-4462-b5d5-d45b28604ddf][work]] #+begin_src nix-ts :tangle modules/home/optional/work.nix :noweb yes { self, config, pkgs, lib, vars, nixosConfig ? config, ... }: - let - inherit (config.swarselsystems) homeDir; - in - { - options.swarselmodules.optional.work = lib.mkEnableOption "optional work settings"; - config = lib.mkIf config.swarselmodules.optional.work + let + inherit (config.swarselsystems) homeDir; + in { - home.packages = with pkgs; [ - stable.teams-for-linux - shellcheck - dig - docker - postman - rclone - stable24_05.awscli2 - libguestfs-with-appliance - stable.prometheus.cli - tigervnc - openstackclient - - vscode - ]; - - systemd.user.sessionVariables = { - DOCUMENT_DIR_WORK = lib.mkForce "${homeDir}/Documents/Work"; - }; - - accounts.email.accounts.work = - let - inherit (nixosConfig.repo.secrets.local.work) mailAddress mailName; - in + options.swarselmodules.optional.work = lib.mkEnableOption "optional work settings"; + config = lib.mkIf config.swarselmodules.optional.work { - primary = false; - address = mailAddress; - userName = mailAddress; - realName = mailName; - passwordCommand = "pizauth show work"; - imap = { - host = "outlook.office365.com"; - port = 993; - tls.enable = true; # SSL/TLS - }; - smtp = { - host = "outlook.office365.com"; - port = 587; - tls = { - enable = true; # SSL/TLS - useStartTls = true; - }; - }; - thunderbird = { - enable = true; - profiles = [ "default" ]; - settings = id: { - "mail.smtpserver.smtp_${id}.authMethod" = 10; # oauth - "mail.server.server_${id}.authMethod" = 10; # oauth - # "toolkit.telemetry.enabled" = false; - # "toolkit.telemetry.rejected" = true; - # "toolkit.telemetry.prompted" = 2; - }; - }; - msmtp = { - enable = true; - extraConfig = { - auth = "xoauth2"; - host = "outlook.office365.com"; - protocol = "smtp"; - port = "587"; - tls = "on"; - tls_starttls = "on"; - from = "${mailAddress}"; - user = "${mailAddress}"; - passwordeval = "pizauth show work"; - }; - }; - mu.enable = true; - mbsync = { - enable = true; - expunge = "both"; - patterns = [ "INBOX" ]; - extraConfig = { - account = { - AuthMechs = "XOAUTH2"; - }; - }; - }; - }; + home.packages = with pkgs; [ + stable.teams-for-linux + shellcheck + dig + docker + postman + # rclone + libguestfs-with-appliance + stable.prometheus.cli + tigervnc + # openstackclient - # wayland.windowManager.sway.config = { - # output = { - # "Applied Creative Technology Transmitter QUATTRO201811" = { - # bg = "${self}/files/wallpaper/navidrome.png ${config.stylix.imageScalingMode}"; - # }; - # "Hewlett Packard HP Z24i CN44250RDT" = { - # bg = "${self}/files/wallpaper/op6wp.png ${config.stylix.imageScalingMode}"; - # }; - # "HP Inc. HP 732pk CNC4080YL5" = { - # bg = "${self}/files/wallpaper/botanicswp.png ${config.stylix.imageScalingMode}"; - # }; - # }; - # }; - - stylix = { - targets.firefox.profileNames = - let - inherit (nixosConfig.repo.secrets.local.work) user1 user2 user3; - in - [ - "${user1}" - "${user2}" - "${user3}" - "work" + vscode ]; - }; - programs = - let - inherit (nixosConfig.repo.secrets.local.work) user1 user1Long user2 user2Long user3 user3Long user4 path1 loc1 loc2 site1 site2 site3 site4 site5 site6 site7 lifecycle1 lifecycle2 domain1 domain2 gitMail; - in - { - git.userEmail = lib.mkForce gitMail; - zsh = { - shellAliases = { - dssh = "ssh -l ${user1Long}"; - cssh = "ssh -l ${user2Long}"; - wssh = "ssh -l ${user3Long}"; - }; - cdpath = [ - "~/Documents/Work" - ]; - dirHashes = { - d = "$HOME/.dotfiles"; - w = "$HOME/Documents/Work"; - s = "$HOME/.dotfiles/secrets"; - pr = "$HOME/Documents/Private"; - ac = path1; - }; - - sessionVariables = { - VSPHERE_USER = "$(cat ${nixosConfig.sops.secrets.vcuser.path})"; - VSPHERE_PW = "$(cat ${nixosConfig.sops.secrets.vcpw.path})"; - GOVC_USERNAME = "$(cat ${nixosConfig.sops.secrets.govcuser.path})"; - GOVC_PASSWORD = "$(cat ${nixosConfig.sops.secrets.govcpw.path})"; - GOVC_URL = "$(cat ${nixosConfig.sops.secrets.govcurl.path})"; - GOVC_DATACENTER = "$(cat ${nixosConfig.sops.secrets.govcdc.path})"; - GOVC_DATASTORE = "$(cat ${nixosConfig.sops.secrets.govcds.path})"; - GOVC_HOST = "$(cat ${nixosConfig.sops.secrets.govchost.path})"; - GOVC_RESOURCE_POOL = "$(cat ${nixosConfig.sops.secrets.govcpool.path})"; - GOVC_NETWORK = "$(cat ${nixosConfig.sops.secrets.govcnetwork.path})"; - }; + systemd.user.sessionVariables = { + DOCUMENT_DIR_WORK = lib.mkForce "${homeDir}/Documents/Work"; }; - ssh = { - matchBlocks = { - "${loc1}" = { - hostname = "${loc1}.${domain2}"; - user = user4; - }; - "${loc1}.stg" = { - hostname = "${loc1}.${lifecycle1}.${domain2}"; - user = user4; - }; - "${loc1}.staging" = { - hostname = "${loc1}.${lifecycle1}.${domain2}"; - user = user4; - }; - "${loc1}.dev" = { - hostname = "${loc1}.${lifecycle2}.${domain2}"; - user = user4; - }; - "${loc2}" = { - hostname = "${loc2}.${domain1}"; - user = user1Long; - }; - "${loc2}.stg" = { - hostname = "${loc2}.${lifecycle1}.${domain2}"; - user = user1Long; - }; - "${loc2}.staging" = { - hostname = "${loc2}.${lifecycle1}.${domain2}"; - user = user1Long; - }; - "*.${domain1}" = { - user = user1Long; - }; - }; - }; - - firefox = { - profiles = - let - isDefault = false; - in - { - "${user1}" = lib.recursiveUpdate - { - inherit isDefault; - id = 1; - settings = { - "browser.startup.homepage" = "${site1}|${site2}"; - }; - } - vars.firefox; - "${user2}" = lib.recursiveUpdate - { - inherit isDefault; - id = 2; - settings = { - "browser.startup.homepage" = "${site3}"; - }; - } - vars.firefox; - "${user3}" = lib.recursiveUpdate - { - inherit isDefault; - id = 3; - } - vars.firefox; - work = lib.recursiveUpdate - { - inherit isDefault; - id = 4; - settings = { - "browser.startup.homepage" = "${site4}|${site5}|${site6}|${site7}"; - }; - } - vars.firefox; - }; - }; - - chromium = { - enable = true; - package = pkgs.chromium; - - extensions = [ - # 1password - "gejiddohjgogedgjnonbofjigllpkmbf" - # dark reader - "eimadpbcbfnmbkopoojfekhnkhdbieeh" - # ublock origin - "cjpalhdlnbpafiamejdnhcphjbkeiagm" - # i still dont care about cookies - "edibdbjcniadpccecjdfdjjppcpchdlm" - # browserpass - "naepdomgkenhinolocfifgehidddafch" - ]; - }; - }; - - services = { - kanshi = { - settings = [ + accounts.email.accounts.work = + let + inherit (nixosConfig.repo.secrets.local.work) mailAddress mailName; + in { - # seminary room - output = { - criteria = "Applied Creative Technology Transmitter QUATTRO201811"; - scale = 1.0; - mode = "1280x720"; + primary = false; + address = mailAddress; + userName = mailAddress; + realName = mailName; + passwordCommand = "pizauth show work"; + imap = { + host = "outlook.office365.com"; + port = 993; + tls.enable = true; # SSL/TLS }; - } - { - # work main screen - output = { - criteria = "HP Inc. HP 732pk CNC4080YL5"; - scale = 1.0; - mode = "3840x2160"; - }; - } - { - # work side screen - output = { - criteria = "Hewlett Packard HP Z24i CN44250RDT"; - scale = 1.0; - mode = "1920x1200"; - transform = "270"; - }; - } - { - profile = { - name = "lidopen"; - exec = [ - "${pkgs.swaybg}/bin/swaybg --output 'HP Inc. HP 732pk CNC4080YL5' --image ${self}/files/wallpaper/botanicswp.png --mode ${config.stylix.imageScalingMode}" - "${pkgs.swaybg}/bin/swaybg --output 'Hewlett Packard HP Z24i CN44250RDT' --image ${self}/files/wallpaper/op6wp.png --mode ${config.stylix.imageScalingMode}" - ]; - outputs = [ - { - criteria = config.swarselsystems.sharescreen; - status = "enable"; - scale = 1.5; - position = "1462,0"; - } - { - criteria = "HP Inc. HP 732pk CNC4080YL5"; - scale = 1.4; - mode = "3840x2160"; - position = "-1280,0"; - } - { - criteria = "Hewlett Packard HP Z24i CN44250RDT"; - scale = 1.0; - mode = "1920x1200"; - transform = "90"; - position = "-2480,0"; - } - ]; - }; - } - { - profile = - let - monitor = "Applied Creative Technology Transmitter QUATTRO201811"; - in - { - name = "lidopen"; - exec = [ - "${pkgs.swaybg}/bin/swaybg --output '${monitor}' --image ${self}/files/wallpaper/navidrome.png --mode ${config.stylix.imageScalingMode}" - "${pkgs.kanshare}/bin/kanshare ${config.swarselsystems.sharescreen} '${monitor}'" - ]; - outputs = [ - { - criteria = config.swarselsystems.sharescreen; - status = "enable"; - scale = 1.7; - position = "2560,0"; - } - { - criteria = "Applied Creative Technology Transmitter QUATTRO201811"; - scale = 1.0; - mode = "1280x720"; - position = "10000,10000"; - } - ]; + smtp = { + host = "outlook.office365.com"; + port = 587; + tls = { + enable = true; # SSL/TLS + useStartTls = true; }; - } + }; + thunderbird = { + enable = true; + profiles = [ "default" ]; + settings = id: { + "mail.smtpserver.smtp_${id}.authMethod" = 10; # oauth + "mail.server.server_${id}.authMethod" = 10; # oauth + # "toolkit.telemetry.enabled" = false; + # "toolkit.telemetry.rejected" = true; + # "toolkit.telemetry.prompted" = 2; + }; + }; + msmtp = { + enable = true; + extraConfig = { + auth = "xoauth2"; + host = "outlook.office365.com"; + protocol = "smtp"; + port = "587"; + tls = "on"; + tls_starttls = "on"; + from = "${mailAddress}"; + user = "${mailAddress}"; + passwordeval = "pizauth show work"; + }; + }; + mu.enable = true; + mbsync = { + enable = true; + expunge = "both"; + patterns = [ "INBOX" ]; + extraConfig = { + account = { + AuthMechs = "XOAUTH2"; + }; + }; + }; + }; + + # wayland.windowManager.sway.config = { + # output = { + # "Applied Creative Technology Transmitter QUATTRO201811" = { + # bg = "${self}/files/wallpaper/navidrome.png ${config.stylix.imageScalingMode}"; + # }; + # "Hewlett Packard HP Z24i CN44250RDT" = { + # bg = "${self}/files/wallpaper/op6wp.png ${config.stylix.imageScalingMode}"; + # }; + # "HP Inc. HP 732pk CNC4080YL5" = { + # bg = "${self}/files/wallpaper/botanicswp.png ${config.stylix.imageScalingMode}"; + # }; + # }; + # }; + + stylix = { + targets.firefox.profileNames = + let + inherit (nixosConfig.repo.secrets.local.work) user1 user2 user3; + in + [ + "${user1}" + "${user2}" + "${user3}" + "work" + ]; + }; + + programs = + let + inherit (nixosConfig.repo.secrets.local.work) user1 user1Long user2 user2Long user3 user3Long user4 path1 loc1 loc2 site1 site2 site3 site4 site5 site6 site7 lifecycle1 lifecycle2 domain1 domain2 gitMail clouds; + in { - profile = { - name = "lidclosed"; - exec = [ - "${pkgs.swaybg}/bin/swaybg --output 'HP Inc. HP 732pk CNC4080YL5' --image ${self}/files/wallpaper/botanicswp.png --mode ${config.stylix.imageScalingMode}" - "${pkgs.swaybg}/bin/swaybg --output 'Hewlett Packard HP Z24i CN44250RDT' --image ${self}/files/wallpaper/op6wp.png --mode ${config.stylix.imageScalingMode}" + openstackclient = { + enable = true; + inherit clouds; + }; + awscli = { + enable = true; + package = pkgs.stable24_05.awscli2; + settings = { + "default" = { }; + "profile s3-imagebuilder-prod" = { }; + }; + credentials = { + "s3-imagebuilder-prod" = { + aws_access_key_id = "5OYXY4879EJG9I91K1B6"; + credential_process = "${pkgs.pass}/bin/pass show work/awscli/s3-imagebuilder-prod/secret-key"; + }; + }; + }; + git.userEmail = lib.mkForce gitMail; + + zsh = { + shellAliases = { + dssh = "ssh -l ${user1Long}"; + cssh = "ssh -l ${user2Long}"; + wssh = "ssh -l ${user3Long}"; + }; + cdpath = [ + "~/Documents/Work" ]; - outputs = [ - { - criteria = config.swarselsystems.sharescreen; - status = "disable"; - } + dirHashes = { + d = "$HOME/.dotfiles"; + w = "$HOME/Documents/Work"; + s = "$HOME/.dotfiles/secrets"; + pr = "$HOME/Documents/Private"; + ac = path1; + }; + + sessionVariables = { + VSPHERE_USER = "$(cat ${nixosConfig.sops.secrets.vcuser.path})"; + VSPHERE_PW = "$(cat ${nixosConfig.sops.secrets.vcpw.path})"; + GOVC_USERNAME = "$(cat ${nixosConfig.sops.secrets.govcuser.path})"; + GOVC_PASSWORD = "$(cat ${nixosConfig.sops.secrets.govcpw.path})"; + GOVC_URL = "$(cat ${nixosConfig.sops.secrets.govcurl.path})"; + GOVC_DATACENTER = "$(cat ${nixosConfig.sops.secrets.govcdc.path})"; + GOVC_DATASTORE = "$(cat ${nixosConfig.sops.secrets.govcds.path})"; + GOVC_HOST = "$(cat ${nixosConfig.sops.secrets.govchost.path})"; + GOVC_RESOURCE_POOL = "$(cat ${nixosConfig.sops.secrets.govcpool.path})"; + GOVC_NETWORK = "$(cat ${nixosConfig.sops.secrets.govcnetwork.path})"; + }; + }; + + ssh = { + matchBlocks = { + "${loc1}" = { + hostname = "${loc1}.${domain2}"; + user = user4; + }; + "${loc1}.stg" = { + hostname = "${loc1}.${lifecycle1}.${domain2}"; + user = user4; + }; + "${loc1}.staging" = { + hostname = "${loc1}.${lifecycle1}.${domain2}"; + user = user4; + }; + "${loc1}.dev" = { + hostname = "${loc1}.${lifecycle2}.${domain2}"; + user = user4; + }; + "${loc2}" = { + hostname = "${loc2}.${domain1}"; + user = user1Long; + }; + "${loc2}.stg" = { + hostname = "${loc2}.${lifecycle1}.${domain2}"; + user = user1Long; + }; + "${loc2}.staging" = { + hostname = "${loc2}.${lifecycle1}.${domain2}"; + user = user1Long; + }; + "*.${domain1}" = { + user = user1Long; + }; + }; + }; + + firefox = { + profiles = + let + isDefault = false; + in { + "${user1}" = lib.recursiveUpdate + { + inherit isDefault; + id = 1; + settings = { + "browser.startup.homepage" = "${site1}|${site2}"; + }; + } + vars.firefox; + "${user2}" = lib.recursiveUpdate + { + inherit isDefault; + id = 2; + settings = { + "browser.startup.homepage" = "${site3}"; + }; + } + vars.firefox; + "${user3}" = lib.recursiveUpdate + { + inherit isDefault; + id = 3; + } + vars.firefox; + work = lib.recursiveUpdate + { + inherit isDefault; + id = 4; + settings = { + "browser.startup.homepage" = "${site4}|${site5}|${site6}|${site7}"; + }; + } + vars.firefox; + }; + }; + + chromium = { + enable = true; + package = pkgs.chromium; + + extensions = [ + # 1password + "gejiddohjgogedgjnonbofjigllpkmbf" + # dark reader + "eimadpbcbfnmbkopoojfekhnkhdbieeh" + # ublock origin + "cjpalhdlnbpafiamejdnhcphjbkeiagm" + # i still dont care about cookies + "edibdbjcniadpccecjdfdjjppcpchdlm" + # browserpass + "naepdomgkenhinolocfifgehidddafch" + ]; + }; + }; + + services = { + kanshi = { + settings = [ + { + # seminary room + output = { + criteria = "Applied Creative Technology Transmitter QUATTRO201811"; + scale = 1.0; + mode = "1280x720"; + }; + } + { + # work main screen + output = { criteria = "HP Inc. HP 732pk CNC4080YL5"; - scale = 1.4; + scale = 1.0; mode = "3840x2160"; - position = "-1280,0"; - } - { + }; + } + { + # work side screen + output = { criteria = "Hewlett Packard HP Z24i CN44250RDT"; scale = 1.0; mode = "1920x1200"; transform = "270"; - position = "-2480,0"; - } - ]; - }; - } - { - profile = - let - monitor = "Applied Creative Technology Transmitter QUATTRO201811"; - in + }; + } { - name = "lidclosed"; - exec = [ - "${pkgs.swaybg}/bin/swaybg --output '${monitor}' --image ${self}/files/wallpaper/navidrome.png --mode ${config.stylix.imageScalingMode}" - ]; - outputs = [ + profile = { + name = "lidopen"; + exec = [ + "${pkgs.swaybg}/bin/swaybg --output 'HP Inc. HP 732pk CNC4080YL5' --image ${self}/files/wallpaper/botanicswp.png --mode ${config.stylix.imageScalingMode}" + "${pkgs.swaybg}/bin/swaybg --output 'Hewlett Packard HP Z24i CN44250RDT' --image ${self}/files/wallpaper/op6wp.png --mode ${config.stylix.imageScalingMode}" + ]; + outputs = [ + { + criteria = config.swarselsystems.sharescreen; + status = "enable"; + scale = 1.5; + position = "1462,0"; + } + { + criteria = "HP Inc. HP 732pk CNC4080YL5"; + scale = 1.4; + mode = "3840x2160"; + position = "-1280,0"; + } + { + criteria = "Hewlett Packard HP Z24i CN44250RDT"; + scale = 1.0; + mode = "1920x1200"; + transform = "90"; + position = "-2480,0"; + } + ]; + }; + } + { + profile = + let + monitor = "Applied Creative Technology Transmitter QUATTRO201811"; + in { - criteria = config.swarselsystems.sharescreen; - status = "disable"; - } + name = "lidopen"; + exec = [ + "${pkgs.swaybg}/bin/swaybg --output '${monitor}' --image ${self}/files/wallpaper/navidrome.png --mode ${config.stylix.imageScalingMode}" + "${pkgs.kanshare}/bin/kanshare ${config.swarselsystems.sharescreen} '${monitor}'" + ]; + outputs = [ + { + criteria = config.swarselsystems.sharescreen; + status = "enable"; + scale = 1.7; + position = "2560,0"; + } + { + criteria = "Applied Creative Technology Transmitter QUATTRO201811"; + scale = 1.0; + mode = "1280x720"; + position = "10000,10000"; + } + ]; + }; + } + { + profile = { + name = "lidclosed"; + exec = [ + "${pkgs.swaybg}/bin/swaybg --output 'HP Inc. HP 732pk CNC4080YL5' --image ${self}/files/wallpaper/botanicswp.png --mode ${config.stylix.imageScalingMode}" + "${pkgs.swaybg}/bin/swaybg --output 'Hewlett Packard HP Z24i CN44250RDT' --image ${self}/files/wallpaper/op6wp.png --mode ${config.stylix.imageScalingMode}" + ]; + outputs = [ + { + criteria = config.swarselsystems.sharescreen; + status = "disable"; + } + { + criteria = "HP Inc. HP 732pk CNC4080YL5"; + scale = 1.4; + mode = "3840x2160"; + position = "-1280,0"; + } + { + criteria = "Hewlett Packard HP Z24i CN44250RDT"; + scale = 1.0; + mode = "1920x1200"; + transform = "270"; + position = "-2480,0"; + } + ]; + }; + } + { + profile = + let + monitor = "Applied Creative Technology Transmitter QUATTRO201811"; + in { - criteria = "Applied Creative Technology Transmitter QUATTRO201811"; - scale = 1.0; - mode = "1280x720"; - position = "10000,10000"; - } - ]; - }; - } - ]; - }; - }; - - systemd.user.services = { - pizauth.Service = { - ExecStartPost = [ - "${pkgs.toybox}/bin/sleep 1" - "//bin/sh -c '${lib.getExe pkgs.pizauth} restore < ${homeDir}/.pizauth.state'" - ]; - }; - - teams-applet = { - Unit = { - Description = "teams applet"; - Requires = [ "tray.target" ]; - After = [ - "graphical-session.target" - "tray.target" - ]; - PartOf = [ "graphical-session.target" ]; - }; - - Install = { - WantedBy = [ "graphical-session.target" ]; - }; - - Service = { - ExecStart = "${pkgs.stable.teams-for-linux}/bin/teams-for-linux --disableGpu=true --minimized=true --trayIconEnabled=true"; - }; - }; - - onepassword-applet = { - Unit = { - Description = "1password applet"; - Requires = [ "tray.target" ]; - After = [ - "graphical-session.target" - "tray.target" - ]; - PartOf = [ "graphical-session.target" ]; - }; - - Install = { - WantedBy = [ "graphical-session.target" ]; - }; - - Service = { - ExecStart = "${pkgs._1password-gui}/bin/1password"; - }; - }; - - }; - - swarselservices.pizauth = { - enable = true; - extraConfig = '' - auth_notify_cmd = "if [[ \"$(notify-send -A \"Open $PIZAUTH_ACCOUNT\" -t 30000 'pizauth authorisation')\" == \"0\" ]]; then open \"$PIZAUTH_URL\"; fi"; - error_notify_cmd = "notify-send -t 90000 \"pizauth error for $PIZAUTH_ACCOUNT\" \"$PIZAUTH_MSG\""; - token_event_cmd = "pizauth dump > ${homeDir}/.pizauth.state"; - ''; - accounts = { - work = { - authUri = "https://login.microsoftonline.com/common/oauth2/v2.0/authorize"; - tokenUri = "https://login.microsoftonline.com/common/oauth2/v2.0/token"; - clientId = "08162f7c-0fd2-4200-a84a-f25a4db0b584"; - clientSecret = "TxRBilcHdC6WGBee]fs?QR:SJ8nI[g82"; - scopes = [ - "https://outlook.office365.com/IMAP.AccessAsUser.All" - "https://outlook.office365.com/SMTP.Send" - "offline_access" - ]; - loginHint = "${nixosConfig.repo.secrets.local.work.mailAddress}"; - }; - }; - - }; - - xdg = - let - inherit (nixosConfig.repo.secrets.local.work) user1 user2 user3; - in - { - mimeApps = { - defaultApplications = { - "x-scheme-handler/msteams" = [ "teams-for-linux.desktop" ]; + name = "lidclosed"; + exec = [ + "${pkgs.swaybg}/bin/swaybg --output '${monitor}' --image ${self}/files/wallpaper/navidrome.png --mode ${config.stylix.imageScalingMode}" + ]; + outputs = [ + { + criteria = config.swarselsystems.sharescreen; + status = "disable"; + } + { + criteria = "Applied Creative Technology Transmitter QUATTRO201811"; + scale = 1.0; + mode = "1280x720"; + position = "10000,10000"; + } + ]; + }; + } + ]; }; }; - desktopEntries = + + systemd.user.services = { + pizauth.Service = { + ExecStartPost = [ + "${pkgs.toybox}/bin/sleep 1" + "//bin/sh -c '${lib.getExe pkgs.pizauth} restore < ${homeDir}/.pizauth.state'" + ]; + }; + + teams-applet = { + Unit = { + Description = "teams applet"; + Requires = [ "tray.target" ]; + After = [ + "graphical-session.target" + "tray.target" + ]; + PartOf = [ "graphical-session.target" ]; + }; + + Install = { + WantedBy = [ "graphical-session.target" ]; + }; + + Service = { + ExecStart = "${pkgs.stable.teams-for-linux}/bin/teams-for-linux --disableGpu=true --minimized=true --trayIconEnabled=true"; + }; + }; + + onepassword-applet = { + Unit = { + Description = "1password applet"; + Requires = [ "tray.target" ]; + After = [ + "graphical-session.target" + "tray.target" + ]; + PartOf = [ "graphical-session.target" ]; + }; + + Install = { + WantedBy = [ "graphical-session.target" ]; + }; + + Service = { + ExecStart = "${pkgs._1password-gui}/bin/1password"; + }; + }; + + }; + + swarselservices.pizauth = { + enable = true; + extraConfig = '' + auth_notify_cmd = "if [[ \"$(notify-send -A \"Open $PIZAUTH_ACCOUNT\" -t 30000 'pizauth authorisation')\" == \"0\" ]]; then open \"$PIZAUTH_URL\"; fi"; + error_notify_cmd = "notify-send -t 90000 \"pizauth error for $PIZAUTH_ACCOUNT\" \"$PIZAUTH_MSG\""; + token_event_cmd = "pizauth dump > ${homeDir}/.pizauth.state"; + ''; + accounts = { + work = { + authUri = "https://login.microsoftonline.com/common/oauth2/v2.0/authorize"; + tokenUri = "https://login.microsoftonline.com/common/oauth2/v2.0/token"; + clientId = "08162f7c-0fd2-4200-a84a-f25a4db0b584"; + clientSecret = "TxRBilcHdC6WGBee]fs?QR:SJ8nI[g82"; + scopes = [ + "https://outlook.office365.com/IMAP.AccessAsUser.All" + "https://outlook.office365.com/SMTP.Send" + "offline_access" + ]; + loginHint = "${nixosConfig.repo.secrets.local.work.mailAddress}"; + }; + }; + + }; + + xdg = let - terminal = false; - categories = [ "Application" ]; - icon = "firefox"; + inherit (nixosConfig.repo.secrets.local.work) user1 user2 user3; in { - firefox_work = { - name = "Firefox (work)"; - genericName = "Firefox work"; - exec = "firefox -p work"; - inherit terminal categories icon; - }; - "firefox_${user1}" = { - name = "Firefox (${user1})"; - genericName = "Firefox ${user1}"; - exec = "firefox -p ${user1}"; - inherit terminal categories icon; + mimeApps = { + defaultApplications = { + "x-scheme-handler/msteams" = [ "teams-for-linux.desktop" ]; + }; }; + desktopEntries = + let + terminal = false; + categories = [ "Application" ]; + icon = "firefox"; + in + { + firefox_work = { + name = "Firefox (work)"; + genericName = "Firefox work"; + exec = "firefox -p work"; + inherit terminal categories icon; + }; + "firefox_${user1}" = { + name = "Firefox (${user1})"; + genericName = "Firefox ${user1}"; + exec = "firefox -p ${user1}"; + inherit terminal categories icon; + }; - "firefox_${user2}" = { - name = "Firefox (${user2})"; - genericName = "Firefox ${user2}"; - exec = "firefox -p ${user2}"; - inherit terminal categories icon; - }; + "firefox_${user2}" = { + name = "Firefox (${user2})"; + genericName = "Firefox ${user2}"; + exec = "firefox -p ${user2}"; + inherit terminal categories icon; + }; - "firefox_${user3}" = { - name = "Firefox (${user3})"; - genericName = "Firefox ${user3}"; - exec = "firefox -p ${user3}"; - inherit terminal categories icon; - }; + "firefox_${user3}" = { + name = "Firefox (${user3})"; + genericName = "Firefox ${user3}"; + exec = "firefox -p ${user3}"; + inherit terminal categories icon; + }; + }; }; - }; - swarselsystems = { - startup = [ - # { command = "nextcloud --background"; } - # { command = "vesktop --start-minimized --enable-speech-dispatcher --ozone-platform-hint=auto --enable-features=WaylandWindowDecorations --enable-wayland-ime"; } - # { command = "element-desktop --hidden --enable-features=UseOzonePlatform --ozone-platform=wayland --disable-gpu-driver-bug-workarounds"; } - # { command = "anki"; } - # { command = "obsidian"; } - # { command = "nm-applet"; } - # { command = "feishin"; } - # { command = "teams-for-linux --disableGpu=true --minimized=true --trayIconEnabled=true"; } - # { command = "1password"; } - ]; - monitors = { - work_back_middle = rec { - name = "LG Electronics LG Ultra HD 0x000305A6"; - mode = "2560x1440"; - scale = "1"; - position = "5120,0"; - workspace = "1:一"; - # output = "DP-10"; - output = name; - }; - work_front_left = rec { - name = "LG Electronics LG Ultra HD 0x0007AB45"; - mode = "3840x2160"; - scale = "1"; - position = "5120,0"; - workspace = "1:一"; - # output = "DP-7"; - output = name; - }; - work_back_right = rec { - name = "HP Inc. HP Z32 CN41212T55"; - mode = "3840x2160"; - scale = "1"; - position = "5120,0"; - workspace = "1:一"; - # output = "DP-3"; - output = name; - }; - work_middle_middle_main = rec { - name = "HP Inc. HP 732pk CNC4080YL5"; - mode = "3840x2160"; - scale = "1"; - position = "-1280,0"; - workspace = "11:M"; - # output = "DP-8"; - output = name; - }; - work_middle_middle_side = rec { - name = "Hewlett Packard HP Z24i CN44250RDT"; - mode = "1920x1200"; - transform = "270"; - scale = "1"; - position = "-2480,0"; - workspace = "12:S"; - # output = "DP-9"; - output = name; - }; - work_seminary = rec { - name = "Applied Creative Technology Transmitter QUATTRO201811"; - mode = "1280x720"; - scale = "1"; - position = "10000,10000"; # i.e. this screen is inaccessible by moving the mouse - workspace = "14:T"; - # output = "DP-4"; - output = name; - }; - }; - inputs = { - "1133:45081:MX_Master_2S_Keyboard" = { - xkb_layout = "us"; - xkb_variant = "altgr-intl"; - }; - # "2362:628:PIXA3854:00_093A:0274_Touchpad" = { - # dwt = "enabled"; - # tap = "enabled"; - # natural_scroll = "enabled"; - # middle_emulation = "enabled"; - # drag_lock = "disabled"; - # }; - "1133:50504:Logitech_USB_Receiver" = { - xkb_layout = "us"; - xkb_variant = "altgr-intl"; - }; - "1133:45944:MX_KEYS_S" = { - xkb_layout = "us"; - xkb_variant = "altgr-intl"; + swarselsystems = { + startup = [ + # { command = "nextcloud --background"; } + # { command = "vesktop --start-minimized --enable-speech-dispatcher --ozone-platform-hint=auto --enable-features=WaylandWindowDecorations --enable-wayland-ime"; } + # { command = "element-desktop --hidden --enable-features=UseOzonePlatform --ozone-platform=wayland --disable-gpu-driver-bug-workarounds"; } + # { command = "anki"; } + # { command = "obsidian"; } + # { command = "nm-applet"; } + # { command = "feishin"; } + # { command = "teams-for-linux --disableGpu=true --minimized=true --trayIconEnabled=true"; } + # { command = "1password"; } + ]; + monitors = { + work_back_middle = rec { + name = "LG Electronics LG Ultra HD 0x000305A6"; + mode = "2560x1440"; + scale = "1"; + position = "5120,0"; + workspace = "1:一"; + # output = "DP-10"; + output = name; + }; + work_front_left = rec { + name = "LG Electronics LG Ultra HD 0x0007AB45"; + mode = "3840x2160"; + scale = "1"; + position = "5120,0"; + workspace = "1:一"; + # output = "DP-7"; + output = name; + }; + work_back_right = rec { + name = "HP Inc. HP Z32 CN41212T55"; + mode = "3840x2160"; + scale = "1"; + position = "5120,0"; + workspace = "1:一"; + # output = "DP-3"; + output = name; + }; + work_middle_middle_main = rec { + name = "HP Inc. HP 732pk CNC4080YL5"; + mode = "3840x2160"; + scale = "1"; + position = "-1280,0"; + workspace = "11:M"; + # output = "DP-8"; + output = name; + }; + work_middle_middle_side = rec { + name = "Hewlett Packard HP Z24i CN44250RDT"; + mode = "1920x1200"; + transform = "270"; + scale = "1"; + position = "-2480,0"; + workspace = "12:S"; + # output = "DP-9"; + output = name; + }; + work_seminary = rec { + name = "Applied Creative Technology Transmitter QUATTRO201811"; + mode = "1280x720"; + scale = "1"; + position = "10000,10000"; # i.e. this screen is inaccessible by moving the mouse + workspace = "14:T"; + # output = "DP-4"; + output = name; + }; + }; + inputs = { + "1133:45081:MX_Master_2S_Keyboard" = { + xkb_layout = "us"; + xkb_variant = "altgr-intl"; + }; + # "2362:628:PIXA3854:00_093A:0274_Touchpad" = { + # dwt = "enabled"; + # tap = "enabled"; + # natural_scroll = "enabled"; + # middle_emulation = "enabled"; + # drag_lock = "disabled"; + # }; + "1133:50504:Logitech_USB_Receiver" = { + xkb_layout = "us"; + xkb_variant = "altgr-intl"; + }; + "1133:45944:MX_KEYS_S" = { + xkb_layout = "us"; + xkb_variant = "altgr-intl"; + }; + }; + }; }; - }; - }; - - } + } #+end_src diff --git a/modules/home/optional/work.nix b/modules/home/optional/work.nix index ef5ca2d..11f4a98 100644 --- a/modules/home/optional/work.nix +++ b/modules/home/optional/work.nix @@ -12,16 +12,16 @@ in dig docker postman - rclone - stable24_05.awscli2 + # rclone libguestfs-with-appliance stable.prometheus.cli tigervnc - openstackclient + # openstackclient vscode ]; + systemd.user.sessionVariables = { DOCUMENT_DIR_WORK = lib.mkForce "${homeDir}/Documents/Work"; }; @@ -116,9 +116,27 @@ in programs = let - inherit (nixosConfig.repo.secrets.local.work) user1 user1Long user2 user2Long user3 user3Long user4 path1 loc1 loc2 site1 site2 site3 site4 site5 site6 site7 lifecycle1 lifecycle2 domain1 domain2 gitMail; + inherit (nixosConfig.repo.secrets.local.work) user1 user1Long user2 user2Long user3 user3Long user4 path1 loc1 loc2 site1 site2 site3 site4 site5 site6 site7 lifecycle1 lifecycle2 domain1 domain2 gitMail clouds; in { + openstackclient = { + enable = true; + inherit clouds; + }; + awscli = { + enable = true; + package = pkgs.stable24_05.awscli2; + settings = { + "default" = { }; + "profile s3-imagebuilder-prod" = { }; + }; + credentials = { + "s3-imagebuilder-prod" = { + aws_access_key_id = "5OYXY4879EJG9I91K1B6"; + credential_process = "${pkgs.pass}/bin/pass show work/awscli/s3-imagebuilder-prod/secret-key"; + }; + }; + }; git.userEmail = lib.mkForce gitMail; zsh = { diff --git a/secrets/repo/pii.nix.enc b/secrets/repo/pii.nix.enc index 36a13b9..89f4f54 100644 --- a/secrets/repo/pii.nix.enc +++ b/secrets/repo/pii.nix.enc @@ -1,5 +1,5 @@ { - "data": "ENC[AES256_GCM,data:2XUOb8XRrH+rDb7IEip6mtCRd4S43OdI1QlAjIQ7wilWeiNer70xBIx3F3cC6NJwGSr2O+uogJpV31OzLFf6mj8i5o3YVwBBg9L2cvj/vSRiLZnBOWxA+gl1puASc1A8dV2gNkts10Z9RL/UbQ4078jXxkgjui1J1Ma88A49AffHhnwIe2xBFcTXfTDALATYCwiGhR3u8VLxlvkbGddSjV+GrbonHmqm6/Bnvn7vaP5X+jjz+L1ijraNnsbfh4n2eXtH7M/Fz/QzQqgxMcSdHNSr8IwyZDc05B94jw4ifUhBoodthJZYKrPpUHt6xfULQHZ0cmq476n/wtlK8YAYJryXFx2wHz26OK9TZyWPAiUGRB2dapbHHepCE3y5nTxdIWqVLadv2gMqhxIJDeIe4pTgxPJYakz+Sit9Jpn7ds9OeQ5wW9ViTsQ3dnZH9KZo97LFE30oXUHj/2iC4tsfk46cwGlMTP+GUXlP0ylpl4VQ0Hqogp9HiQGC8a2FlynE+1vSm83jKfJtj5cLL9D5L0bYJ0oBsIrTxx/dgwyNaj1L1K1iFPT/8rL/gjo4YF9K34IkFyiX4Olsn92Tf+fTLxogIS+QPRkw0H5VIfK8moduiSi6M10WjeIU5+1s6h1SLLUTd0zQ1L8YT1blDrvw3CnEbMO8cwk0WN3qkMG1vxT1n3jVAdkYkivBFvkfBASdMG9YsUJjX6TP1ZuKgEogrTHfXzkF1UV9OPx9krZEPHkASrLjwdFj/ApjtjAazZjeUGEEGFel4t95zOGxcarJfscaCHy3TYncteJt6jC9i05bCy87CFii7y4ce1ZXSwqIAzZ6xdfeY6Lyd7XHb5cTuv3BC1UvBq94Rp/TqErm4VJK9rh9QN2BPVl6Yyogh5phH/VQ+SvI7QAwtwHJT1IWNFmCGIkWYrk8KXdqCehgBt2JJGQculH2r1GOSay4M/JgSAGo/K7KqweHN/xYlYFS0Br49V+6Cv2RAUhth5/44nS+QdKiqojlEbyVWRJYF+oyn3VzQbyJTzjS8d8uQcfh7ismOmtpABj3nzXWsmeUjevqyxlDT1+xQNEpG+v7FUdv8U9cFKy4IRVmvWJuZxKwyL/psq4/l9uZlrAtVCWupfL4aceCDxTsxOTKSsybMovnf669RnWe0Hvc8GV7h2OKQouFn1hnF+jMwZpBorA79J/eDnCJtc9BB9f8eVvsQI7CmGNzLJ1CvKMxdq+DRzLiwM7WwOzJJUx/t06XLaf7KyQpI3pNvLYReDSblapG8rrcX3uumzf8Je36TpfbChQFhn3IHjkOnHEVmL1So93OVoSX7elL9Gx2NMraiS7KswEjTg3bqqWQ+18hZEqyjIMM2rq3duLVGw/S+LpE/Oc9nWUIkHp7ea8otzKgXoGNJlC3KHmxY+W+Lur8ObFY5z0Xyy3OFoXQZMLG3GER6CxIi4yVG/8hue5LPvdDm0038Jha+GZt4vLXNZxPRlMhy+WCWWptJRRnQnemvbXhO+C0d1yvOwsTPXxlE6N4lhk16B4h9CfG3RLNfxT2Q7mjDliBXAeefXDQSfOOEkTyFSPDDisIm4WWzKGzbX3eUqwfFft77kLY1Uj8EhsFtrPAhrg8DEUGGzNslrq/3e78MsISglPlbcfJ+cZQb7e1Q5cmWqBJ3bMl6JfeeIlDMcB06MjTDQz0BYDcNfneZxRJQlANlK5hP7luPG0Hbn5dHo1RIhKPXjhGtsAztKI2GVxXL7wmOJ/5zKHOKs458rQz2MZCvX6GtX3jvM+PwnPyDWAD/Gk3pPLuQvXLhEmBMzvIR5+Tmb+K6AVqwKhtgHx6EMC7NqxiwRj20xgsOxneA/yuu0gRjOPW3FWgQdtEz6confdiPThxjYHLYywV25XKNlPaOXZuBWcUg+3g5dxX5i9NzWccwN0adg7pVt498M5yBXum7FqXTdqkC5bvOqkoywXD5DyS14mdTwgBJ08xwGAX1zQujay0UgKK9Gk5exA+u36dCp43Xn5GzogI8aHLIUsyCYJ8xRdl0OHgu4PILW7IOyIVjGZj4sEsu1YT8uP9F1aALdW3ebCFUVfh0r+Ll5AvlajQHGVJxic5TILBI0N25im3WIF17GKd/ry3ETqXcP/b5whSTPj+zlOdoVP1Pvn2aKhoNqfWr4jAnJzIsRdWZa3gDbA0Ub8KmzIEADk7P6NHCyOw0oG8o3pnlgNhpJb/brpsUAhSNpfGFReOcpeq6v4wQ91uvhcSRzbSdJRTCYXqfFmUStOSPOHs5g9zWBCMPDaLCjXn/jTDm0Chxacjph/aLAHMezkAKoc0oLBy+UCVstNfXj6WsNbk5evB2iTQB6awYmH0xP0EOImyri185vF6OHUzfQN4ZzT45v8icp/eResPCwxSnl46h8TpIGEdHsuFAkUBvilM/4V5ldeqXtgTiG2sBju+Q2ZB11t6DNpyjMoaJXTVP0DVJxBi+IGTOWeHsqucW0w5N7pn1IB5lpXCjgBEB5QM3aqvUANjV5VahFGnXrVljrJp+Fk2Vruw8FnKckhbqOPhMmhOXr97nudGufyQB8YcP1cySPSfj032mntmBbd2W2RXr3khE6IujkLOC9Wg04/15xTD75HgXpCBj0JPqoS3psUFMCQLSewZ0KU7HiBQ/4b7RSyCN8d6IWECBp9cqIRqDwIPmzF1edRcJLbXamWExflpU461gmZy2JtIFn4mHbBq7NZL6VDAeWSZmyaBuoZTZhuPCSn9p0HeURgHkuoRGOxMgf/e31CuEjImRH/j9q2VuG3JPssveqAb/5oEV0lDZtUmtinnP64eRPgeSg96kQJEXOvfjQxdrY1qRdBoD6IGewnKAymX8qSqqM4geCGzyC8RQsLt1H3sSdGf4UhQkZ3GT0MEidSgr/QpPAGvcKWAXwdVtXKcTgnS5HzCoDWI9oUESG7hYYvdaq1oEWL0OcbEPukfHQUKiw3gef4+H1TMoDfVN3qKGsLTBrI4Hx9+zdSbcx0Qx1V279gbwFqsTGie3YIoH13/ZAPnEkG+bD64FOo0CmDE00xSZa/XnOQEABDmNMb0LIbFUp+c70CmA/jDABRtCchLckDyl6Ay3IBuBrwxQypbB8ZXMUrun3rMmDSUXLJg3FmoZ0hjBh392tptwxP7gwezREGaDiTGsURCIHzatLRrTsT0xKN4Wk5bLKT8z5g+9Fu01qNEZW2vlcTCGWSHKWtALxe+lH7xbu5ksoX++JNsPlpQTwDOzaEUaM7N9mRX7fl/dK1NyDCP3WH6sbKDvqQB1G5yaPsYcNBSJnpARuz4O90KdtNnyTcZvM2GD8KAV9gYy5Lu8RT6RtQMugRAGc9TsvisAOd7Kor6CpDxI40LPajcrGas720ODEKQjhd6560dMm7VDXfONLHeY3yRmE374j0LvvyP8mpyA4vrf5rSjNltU/VvqHidKIZNZXFWJqGJZeReQUgLgUKmuN273uY4YiDtgwMfKECkkYk4zjB5UahznC5XY9XUpjm56JKPxVpYcL/zKEzkMy6t71JgzzZjPgBqOABbhtUark+ARrIakrsDhsVf0iAfI/ReHZNYNsqFnwySUQ7BgmC5BoTHLO1OwSJHPb+/8nigtJf6lN4DdBllKTVQ4QQwrk8UUq6ivEviZCvddQFb2SIa4VOjKM3FSzv1cD2PYv16EBZHWPYVboqlUUyg3MCF2toRd8AJjx/UgrrJL0wC6N2rdzhZmbWfiMVd54VHgMjj2KZ9E3z4uYdPZuUyLtkvpEKqAHUCybOxPzUTEfpRlGl3DQ3TXnDYxE+x3oIrEvkALfNkmLNmLi0Mn97yjVtbmHpb6imlfyJ36jLbDl0WAkmCBZAGs/h30W2ae8AAjizDGJmfUJ3mxnAGOEu8F3K3rfuANDjRfNzEJRZFg8A3CDgpx/1BPGUtjwr4qtTjZr6hXhGdeSwjbOL/H50lH9XgTkZImBoU2CIGfWew1LckrcRtdP2uCZYLet4Xx5BQQAvoZjbgLs619XRC/Nt2u4oO+X7ArVYDF/OCZq1T1oS1sX+fM2caGJ+ifVnJ5rHQxNWgBFxK044B/Q4h//bUc58pl0oON8g42YpSDjFhCbs275+muJGzRGdOsI1ucV+grr+BN3y/bSgirWVZWLDwNGIgPVg7ssBME+NcaOKvWtBsA4PaAGRvaVDV77wEubVb+Z9HcDwsg9Ykb36un5x4E0fHhr6t4mxianqwYQKH1DFXVgNAt4i2arc2rXLgfZRG0nqrEYW3nT8lxYEIKpbKhaln7mIvJfETSvwfe/KaEi7PQ9CRiV7cwdIF/zfrAXgdiqy01/oIJVCWgfTLffJEROT5C2cbmivMjsBbNTyClJVEpZPEco5tal8+mUhWG+mNYIsKaXL8HfSVIXXNRzknBhAP47Zna86ERO8I8AF5RJWXUANnLOg+yvmXFaEFdM1XBX7Pi5pwb9gVcM5MKu0VvG3Rl28epI4+Rnin8trTSMu5LcUEBlPfygCSs/bUkfZUvt53EY/IkbUqOcEnCU/HKETUd0ARJqpjvSP6Yf1jnsuEu0lnLhEidTHHMylAElVx1NsI8la1JxzUC4yhf+ppQN7PdVx65FSstRgvKD97mhp7Bj4Fq0AtcX88uuct8VMY/VaxBSW6DVXIJxFnjtwpILGWMsVo3Nt1RQI/yx6qCnZSJFHoZgSu9dQiFsJx0FFsAsZOoSWU4lVRR8gAoxPKBhTXLe6YS7fVo2YPhMjndeS3omelFbBJHA5oL3b6sO30A7k+yBeq5vE5jIykxt3qv7+nCDveFHhbj3slVZuY,iv:9zObdum4T/ejBPPtX06ncAdgBe3ypZHbtOBaelS9100=,tag:MQxyCpZ2Z7dB5Re1ty+jGA==,type:str]", + "data": "ENC[AES256_GCM,data:4J1fELKd55+B/WTnmKrP/uRFFsSQWrbtDIaFqMkdqqjGuGlni0QXll/qVRGNhRw5rHRWThZf5Gb2Pll92YVfb5j9Jq2m+Yz2dZvQNpaTB3be8RD9OzExc1mjqMGuy6Oa0J2XuRXh4hy3oAXDgQxRkICLssRwB2aC3wHlXCyxr3jDIlWEZMM1wvTJ9zIiClamOaS+oABdjR/W151QSa7VcVIMyXfyk19xCxAvlD8kjB1Pyhvn1hgfRY7Sv/R67Wo7IrlfHaH0dK6xng+5EkxZOJtcsQy0jPQRXUCLOHWYr6UVXI7f9OPfRzr8WEL0mz0Qvv/ML6OadycXJnW/rOsxV0domBa93dNO4V3smydlizgTCekswyw7CU9q1MrOSc2SQquez2pBJK6nQUrVurOP98RN/GXn7fEQg1c1CEKkCqlax8CKqGFMlET9ek/LqQD9N2fv3Vu7IdqZSORpSP4Ti0UeuXibybURHCblV1lETxqDqMhdwrBR6knsI+/5EO6BzV2p1Lh2HkE8gacoekqHg3+mTIEmsn2/Gb+7r1ja1vj8P4h0V+CKse4sq19ae2azxPzBMon4RvCcMKskUIojZVYgi5RfZkKYdQGPWKIRXmekwmceDKO21L1SDOxkmxa/fqtVJWiNLU4/6zzu83K2nKoc4kMtIm9hA3DZf3jk4KfZ2EcAuqcrzAPTAQiPDG/StP1SWbjbj8xG8yGpCHNLUgxlxq01oi5KgbpfZ9d0Ap5PwDxiMsX2N/8kikldhN3610rdI+K8fxYrYDfQZ4ZJtM46JpeL4zZvxU2gTc1vfN4xfhzXFT442GWg652TFsCDpq9EqyG7R+/8V5LwRTW59JsyBy91ZptEypq/v8QM4bP1w9Wigkl3v/8zq/RtReiwPfcxNXpSkMYFAs0iLq6M/Zlb7VLr3iA4qogiMAY6C8KbP23PHvWTpP2lUHNR5AptL11DqfG5wj+7NPyj4WCpX+3nrzLYku0iJnpMcOLTwzNenOTlSAC6toRsKqnFHwubIRykTN9ARyGW+qjiew37x6tRb7yovFJZfeQMJQCtdAtQHiANiV5n9n7IBCaesZuhMPqusXhEhzapjpo7WV1ONyAsDvWS6Y/Fiakm371QWHtN81YU+1vNXhYcFiXGeIUK8Pxrs0pD3Ega+G19/kisfngYoXK50gSrCKJ7UVK0pShYRsknPkDFsDGiLT1Mf8ZyQFyKNtr4FQJY+GtpfKPsjdt+XMjGh3ewx4cL0vxuDU33flgsR0dBWLTwUtZIs3fgt0oU03sXVUuCHAg+hIiuNyh+O36eiTVo0vOBJ+KiP7Vb/ng3+cGU1ZYyXpfE+xFV/vRwEE4SvNX67BGrhk2Avw5shOiU9QncLBpP6RnLTlEIQXw+J6ez/FfUQh9F06jLZ0j/PWG1QIpT75KEmbW7GrTKqsD70XW0Lx1jd09SieyYnUgTSGQmdHB+BbtNJfJKRk55PGfRE+3IkrC/i82racawunjJnuLn/6Q05+dlVhrfBdxMLB1RA0biSFIJuwEQfDEGjBcQA2qg4IvOrsmOa15dVcs8waxQmj/7ABUeODV9Fj4xuNrPS44q+BLAZU+4oRejMORImvPuh3f/dMoH2n18aqSkXYLk+fGEXKrvfzVt7M85z/Jx4YgqTn9YkzOZbveR3UUFfhIdOUKBgeeh15ts/BfQGRB8VUsDfIXygcS5BOAHys09JigJ3yZWtaHzI8kMZwIvBpFltciQ4eLPpEF2NSAuPU7hVAwnwI5Vkl9N14eWJFLHL6xwhD68H9zS1Z3wt234bDeHhKTzQ9tyPioYGj8mG5TJZcufVB+sg6HDLAjAIsi2EratJfDRyEr+E7QF+kyHv+KPslF5rH8W3fdo+wh1ULMduIB4EtD3MqOhCliXNN71P3ESQAQSjEHFqAW+mZ3BjWw1JY2rH0FbT2/gJJU4ZHBAycMqC/9zOtG+M6WrivSaYK61k7Y9poN1TJRWV/C6kmfvhRZylalmbjqUx3xYO+oB9+yiEp1PI8QEVDeSg8i0zeDvmII6ijg1p/tq3oAPfXOWyzcxrWFy/mHW4O4NgtYsDYoPu6+reYgAVqgsREg4wHDZetbn4JGbc4/qqQt8RSUlTLXJ3jEZYwovLg89x0CigXrAKvWjEgFkq8T52wFcHB4GBgzjTLD0Y2PL4RK+c1Zc8ARkRbHel0EER4Zj4fEM0kVwuvIhtCxDM13L2HYAO2Dbk0i2VnjjiKgmVnwQuBPv0hlOV97Vw5Jq+Sx8AyOImVmBULhDxCVIZ891PewLhmb9xioM7TewRGV5cDdqDtF+nwtik8zF4YUTTzxjAS08v9B2G9ZBmsA7RkA+hfhIY5QMiQNndqQex/WzNZaOnbMf91gKRsfKMixFevtMCyqXIMK5hfqrbxaUSPe5pISMdnBbIpmVBjwMJGAfzSTCxeEfMtrLsufYeS5NxeamZQtAmaHDP4KhFpyQ7ZIhtvyMXpHA+6tTHCDpmdv/NvuRcVAHNUrgHkYjtBLZdK7MxX61yYt0+3N25gPQ7edXqb3xWxpyV7XPGlm71Q1R8G7+YfUK9BcqKDCD9OFf+dPLiNbtOBj4MNh38op1X9TBmzzrbQr41LWQCJOI6lL0L2FF5NJiWE/Kk0a4rX7b0c0OeXubIidaGXMeP/ZDCNgxTe+BuEDTAAtlusbayEE/8VPtVyzempR4rMlNi50YR3Z8XfkRdw/W0PTQR/uDkNf3Ox4qzyAiLogDbD/xxZzlHWHiJOrbMbpQvQvBzJIUih/OFDP5fQZCvt06KHXANmlS2Yb8Vu7az0v2JCpjlKb4P9/8NoPtwm06adGfBzpP42zgJBmysxFCWO9ndxromt+JqhijL/lIndn7GWjX6w+Dunchs7Hz+l7pakzw2qKhmYAy15hKPfRkkxu2w9hxjx2LrpW/QQQhrKUTiTpoSwmqefGqZqDPtnajzL3Udhm0Azmj8ub7CAD5k2KVLadu/IDXfUZGzoyZgQvpLUGSmNOCn2Zp8VJOXed5RfTIeDbelpD7tOYglL0Cx0b3PpYhmLh2Xn1zx3em65Kp5RCr6UZxmTbhew38DibnNDtXISSd2ZKnwh+ZRAnfCEfsr3pYRdg9YXbHglxI9oUMz1gsSzSUESk32SfwxCskUYiGpom1Tpfe3MO9FDWkA3dy0fmeFU4FKHX+jNhfMw6si76j4/RHdm1A/DSG0QKvuL3LBJXJvWAxCD13idL4L3IXAKu4iJIgORrhcIa50lXn0C8H/iSFymeWMzMfMIhvKOuUVyRjhGlMNT/xAWuC2nqIqrqpik8pFUGU/JQQBt9bTzpnoE7UF/IXsnp6iAzQVwXaeGHzEOk9i3WOR3iCXVM/OIWYGUiA86Fy0rWt0IxDAEantmxSkZELdOyYVHFhkZHsQ5uLuvvohDshSN7MDF1njoMZRq+PCsf0UflTCbSvIWhu5z4YzX6J+9xYfIt3apNW2zWWUc292VruofKSOb71LzuIOqqW8OdcSKhGW/MsUC1LSQZpNg6mE4iidoiKyZQKgliA6ox2ubrzbD+xXx7Hpn3Mlk26/b/84zsAEnsNDZY5FQwFTbM1yKDJ7MRpNnksgZ+b5bkwI3Xc1qhBzLd5hRPoSqeD5nd2O/us5YC+dcHdzZjnPg97E5Lha/+b2fz7H7+N49BN7ArjWW2vEIuO4oJNqCY2wAUm039pJikh4V0aSQw0hMZjDZOzajxaSwRw4TXXPqzcjxWNXQLJTRz1/IfZnsKbRSmTqYpb8SXwSu7H6vV8+LD08HtVyf1lCCwtv0B0yR9U9a1cyGoeg0AZfWrGbalorYS3NEwYpabwDWX292K0TtQMsJypFJvudAPp43T5VK1WKx9pU9KXsZzz3CI1bQPFByMSMtbfcxODVhncN8egC3JiBiMR47TxGG9cGykWtEVj9/jzGTuREKqmAwlwZCL3hog4dgFaXYpd0grCtDw7PABk6Xi7NcXeJ3fCtWZukyTrFxyIxZsadfXK+VwuUEpbARLYU24qYW4cus8ySomaiLw5k5wrBjhYdt3Q3GiLi/jJQKrMCl8RzS+PuBubExDHoqAslh0Q0Cnjy/610ZOPVpomqMKRhLrvaWa5Hh5pGlx9bBfFTb5jCC3Qr+87z++hj5Ta+FcfIRAW/ze0ivTjuuGHnOEc1rx4Um12F7rCF6PNkceReJGMLyZa/wAk8f2nFrjpBcnfqrTDeg1B8pOTxYy1IiCoeMuqt7h9YWu1U45ljoCcM2Pbv7i1n9Qkt6Q+ZphV931RJQ/turPfQkYjkUspvRDVVPQvsSMTzXkssA224mLkBUwwQ0cVU7/pM4GlbzlGuSOg2A6vka6CG4lPg25iHzkK8dxzDIEm09iSGFnioDFg0fA9WPoYFYHekY+cpNjHvQERuGHBPJb2ZnHPyYpvtzOcTpLKJm8gL+M6J/bxkPkLQLXfa3kJg+mBs9ciYG1YLiMmKs4zDk7bw2XSOXo0+O/4Sv4npwJLbMXly0aY85ERY3woYpknbk5BeNnh8mxIIllZUXr16GsFYg5HdBu4kbY9RSCG6SPYZw8vVUmFDwXg8uaWFFgMg48ShhNQ8bPBeYwkqwaitPr+VnKDw/j+p6cMfOs8HsJSUrEB/OGFTG2jz103pFp3ZqqJeC/fEXACZMuhgXT1WL/pZQ6cBZ0ZccRU4XNIyPu/ia2NmcVgZFtVHzlufFeYQSjYgzjRzvsIb5DicckvH/zKrpXhcx4ytHBWOQinYbKYpbbjv5SSPNXV6IcLwaZajK6FWMFZtKILZhbIhGSDb0HIXYmU/EjuxiO4qhduZXSMecAdk5cH3Rp6aqACg2/4xUxcuH+L+bT6bJdiFFLOZLKy5qU=,iv:Y6SA957nt4h9t7KP2btXKIVhWZXBjW+6BrZ6ylYidT0=,tag:eRzQgj1EU6eGAZjzgL4mhw==,type:str]", "sops": { "age": [ {