From 626d990b4a3047ae9311acca7d61ea5c529455d2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Leon=20Schwarz=C3=A4ugl?= Date: Fri, 28 Nov 2025 13:27:11 +0100 Subject: [PATCH] feat[server]: network management --- .sops.yaml | 15 +- SwarselSystems.org | 132 +++++++++------ .../nixos/aarch64-linux/stoicclub/default.nix | 83 +++++++++ .../stoicclub}/disk-config.nix | 0 .../stoicclub/hardware-configuration.nix | 15 ++ .../stoicclub}/secrets/pii.nix.enc | 6 +- .../nixos/x86_64-linux/eagleland/default.nix | 17 +- .../eagleland/secrets/pii.nix.enc | 6 +- .../nixos/x86_64-linux/milkywell/default.nix | 46 ----- .../milkywell/hardware-configuration.nix | 26 --- modules/nixos/common/globals.nix | 3 +- secrets/certs/secrets.yaml | 151 +++++++++-------- secrets/general/secrets.yaml | 160 +++++++++--------- secrets/milkywell/secrets.yaml | 51 ------ secrets/repo/globals.nix.enc | 6 +- secrets/repo/pii.nix.enc | 6 +- secrets/stoicclub/secrets.yaml | 48 ++++++ 17 files changed, 415 insertions(+), 356 deletions(-) create mode 100644 hosts/nixos/aarch64-linux/stoicclub/default.nix rename hosts/nixos/{x86_64-linux/milkywell => aarch64-linux/stoicclub}/disk-config.nix (100%) create mode 100644 hosts/nixos/aarch64-linux/stoicclub/hardware-configuration.nix rename hosts/nixos/{x86_64-linux/milkywell => aarch64-linux/stoicclub}/secrets/pii.nix.enc (60%) delete mode 100644 hosts/nixos/x86_64-linux/milkywell/default.nix delete mode 100644 hosts/nixos/x86_64-linux/milkywell/hardware-configuration.nix delete mode 100644 secrets/milkywell/secrets.yaml create mode 100644 secrets/stoicclub/secrets.yaml diff --git a/.sops.yaml b/.sops.yaml index c164f0d..73e5c32 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -7,6 +7,7 @@ keys: - &swarsel 4BE7925262289B476DBBC17B76FD3810215AE097 - &hosts - &winters age1h72072slm2pthn9m2qwjsyy2dsazc6hz97kpzh4gksvv0r2jqecqul8w63 + - &stoicclub age15klj4t7gpfp69472mne4ue62pp6m4e04dmjyw7yf30qtqd3vl3uqjmcyxm - &belchsfactory age1k73gy5em3js9zklnnkzp5hme9k04lny32fgahmzddknjw5c295asdyr4x6 - &eagleland age1cmzh82q8k59yzceuuy2epmqu22g7m84gqvq056mhgehwpmvjadfsc3glc8 - &hintbooth age1hsumymvh5mkqlaynrp9lv2w696yk3wtjzlyfmrpeuvh9u2tlwceqh3563x @@ -14,7 +15,6 @@ keys: - &toto age16vzhcvz8tyxj8e0f47fy0z4p3dsg0ak4vl52ut3l07a0tz465cxslmhevl - &surface age1zlnxraee6tddr07xn59mx5rdexw8qxryd53eqlsajasfhfy78fkq705dfg - &nbl age16lnmuuxfuxxtty3atnhut8wseppwnhp7rdhmxqd5tdvs9qnjffjq42sqyy - - &milkywell age1glge4e97vgqzh332mqs5990vteezu2m8k4wq3z35jk0q8czw3gks2d7a3h - &moonside age18quey88vge7xytclg2nuq4ncme86dg04lxwczqxczmdchnjg3p0saehsnh creation_rules: - path_regex: secrets/general/[^/]+\.(yaml|json|env|ini)$ @@ -23,6 +23,7 @@ creation_rules: - *swarsel age: - *winters + - *stoicclub - *belchsfactory - *eagleland - *hintbooth @@ -30,7 +31,6 @@ creation_rules: - *toto - *surface - *nbl - - *milkywell - *moonside - path_regex: secrets/repo/[^/]+$ key_groups: @@ -38,6 +38,7 @@ creation_rules: - *swarsel age: - *winters + - *stoicclub - *belchsfactory - *eagleland - *hintbooth @@ -45,7 +46,6 @@ creation_rules: - *toto - *surface - *nbl - - *milkywell - *moonside - path_regex: secrets/certs/[^/]+\.(yaml|json|env|ini)$ key_groups: @@ -53,6 +53,7 @@ creation_rules: - *swarsel age: - *nbl + - *stoicclub - *belchsfactory - *eagleland - *hintbooth @@ -149,18 +150,18 @@ creation_rules: - - path_regex: secrets/milkywell/[^/]+\.(yaml|json|env|ini)$ + - path_regex: secrets/stoicclub/[^/]+\.(yaml|json|env|ini)$ key_groups: - pgp: - *swarsel age: - - *milkywell - - path_regex: hosts/nixos/x86_64-linux/milkywell/secrets/pii.nix.enc + - *stoicclub + - path_regex: hosts/nixos/aarch64-linux/stoicclub/secrets/pii.nix.enc key_groups: - pgp: - *swarsel age: - - *milkywell + - *stoicclub - path_regex: hosts/nixos/x86_64-linux/summers/secrets/ key_groups: diff --git a/SwarselSystems.org b/SwarselSystems.org index 042da43..89f6aa7 100644 --- a/SwarselSystems.org +++ b/SwarselSystems.org @@ -789,7 +789,7 @@ Concerning the =flake = _:= part: forEachLinuxSystem = f: lib.genAttrs [ "x86_64-linux" "aarch64-linux" ] (system: f pkgsFor.${system}); readHosts = type: lib.attrNames (builtins.readDir "${self}/hosts/${type}"); - readNix = type: lib.filter (name: name != "default.nix") (lib.attrNames (builtins.readDir "${self}/${type}")); + readNix = type: lib.filter (name: name != "default.nix" && name != "optional") (lib.attrNames (builtins.readDir "${self}/${type}")); mkImports = names: baseDir: lib.map (name: "${self}/${baseDir}/${name}") names; }; @@ -4019,53 +4019,84 @@ This machine mainly acts as my proxy server to stand before my local machines. } #+end_src -**** Milkywell (OCI) -:PROPERTIES: -:CUSTOM_ID: h:d8869eca-cbde-45f0-9e54-9da8320b6a31 -:END: +**** Stoicclub (OCI) ***** Main Configuration -:PROPERTIES: -:CUSTOM_ID: h:314601a0-e1b7-4996-a96c-663b121f9377 -:END: -#+begin_src nix-ts :tangle hosts/nixos/x86_64-linux/milkywell/default.nix - { lib, config, minimal, ... }: +#+begin_src nix-ts :tangle hosts/nixos/aarch64-linux/stoicclub/default.nix + { lib, config, minimal, globals, ... }: { imports = [ ./hardware-configuration.nix ./disk-config.nix ]; - node.lockFromBootstrapping = false; - sops = { - age.sshKeyPaths = lib.mkDefault [ "/etc/ssh/ssh_host_ed25519_key" ]; - }; topology.self = { icon = "devices.cloud-server"; }; + swarselmodules.server.nginx = false; networking = { - domain = "subnet03112148.vcn03112148.oraclevcn.com"; - firewall = { - allowedTCPPorts = [ 53 ]; + useDHCP = lib.mkForce false; + useNetworkd = true; + dhcpcd.enable = false; + renameInterfacesByMac = lib.mapAttrs (_: v: v.mac) ( + config.repo.secrets.local.networking.networks or { } + ); + }; + boot.initrd.systemd.network = { + enable = true; + networks."10-${config.swarselsystems.server.localNetwork}" = config.systemd.network.networks."10-${config.swarselsystems.server.localNetwork}"; + }; + + systemd = { + network = { + enable = true; + wait-online.enable = false; + networks = + let + netConfig = config.repo.secrets.local.networking; + in + { + "10-${config.swarselsystems.server.localNetwork}" = { + address = [ + "${globals.networks."${if config.swarselsystems.isCloud then config.node.name else "home"}-${config.swarselsystems.server.localNetwork}".hosts.${config.node.name}.cidrv4}" + "${globals.networks."${if config.swarselsystems.isCloud then config.node.name else "home"}-${config.swarselsystems.server.localNetwork}".hosts.${config.node.name}.cidrv6}" + ]; + routes = [ + { + Gateway = netConfig.defaultGateway6; + GatewayOnLink = true; + } + { + Gateway = netConfig.defaultGateway4; + GatewayOnLink = true; + } + ]; + networkConfig = { + IPv6PrivacyExtensions = true; + IPv6AcceptRA = false; + }; + matchConfig.MACAddress = netConfig.networks.${config.swarselsystems.server.localNetwork}.mac; + linkConfig.RequiredForOnline = "routable"; + }; + }; }; }; - system.stateVersion = "23.11"; - swarselsystems = { flakePath = "/root/.dotfiles"; - info = "VM.Standard.E2.1.Micro"; + info = "VM.Standard.A1.Flex, 4 vCPUs, 24GB RAM"; isImpermanence = true; isSecureBoot = false; - isCrypted = false; - isSwap = true; - swapSize = "8G"; - rootDisk = "/dev/sda"; + isCrypted = true; + isSwap = false; + rootDisk = "/dev/disk/by-id/scsi-360e1a5236f034316a10a97cc703ce9e3"; isBtrfs = true; isNixos = true; isLinux = true; + isCloud = true; + proxyHost = "stoicclub"; server = { inherit (config.repo.secrets.local.networking) localNetwork; }; @@ -4079,45 +4110,27 @@ This machine mainly acts as my proxy server to stand before my local machines. #+end_src ***** hardware-configuration -:PROPERTIES: -:CUSTOM_ID: h:b1f37b5b-aa18-405a-bf76-4d95642b5acc -:END: -#+begin_src nix-ts :tangle hosts/nixos/x86_64-linux/milkywell/hardware-configuration.nix +#+begin_src nix-ts :tangle hosts/nixos/aarch64-linux/stoicclub/hardware-configuration.nix { lib, modulesPath, ... }: - { - imports = - [ - (modulesPath + "/profiles/qemu-guest.nix") - ]; + imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; boot = { initrd = { - availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" ]; - kernelModules = [ "dm-snapshot" ]; + availableKernelModules = [ "xhci_pci" "virtio_pci" "virtio_scsi" "usbhid" ]; + kernelModules = [ ]; }; - kernelModules = [ "kvm-amd" ]; + kernelModules = [ ]; extraModulePackages = [ ]; }; - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.ens3.useDHCP = lib.mkDefault true; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + nixpkgs.hostPlatform = lib.mkForce "aarch64-linux"; } - #+end_src ***** disko -:PROPERTIES: -:CUSTOM_ID: h:cec82b06-39ca-4c0e-b4f5-c1fda9b14e6d -:END: -#+begin_src nix-ts :tangle hosts/nixos/x86_64-linux/milkywell/disk-config.nix +#+begin_src nix-ts :tangle hosts/nixos/aarch64-linux/stoicclub/disk-config.nix { lib, pkgs, config, ... }: let type = "btrfs"; @@ -4239,6 +4252,7 @@ This machine mainly acts as my proxy server to stand before my local machines. fileSystems."/persist".neededForBoot = lib.mkIf config.swarselsystems.isImpermanence true; fileSystems."/home".neededForBoot = lib.mkIf config.swarselsystems.isImpermanence true; } + #+end_src **** Eagleland (Hetzner) :PROPERTIES: @@ -4251,7 +4265,7 @@ This machine mainly acts as my proxy server to stand before my local machines. :END: #+begin_src nix-ts :tangle hosts/nixos/x86_64-linux/eagleland/default.nix - { lib, config, minimal, ... }: + { lib, config, minimal, globals, ... }: { imports = [ ./hardware-configuration.nix @@ -4288,19 +4302,24 @@ This machine mainly acts as my proxy server to stand before my local machines. { "10-wan" = { address = [ - "${netConfig.wanAddress4}/32" - "${netConfig.wanAddress6}/64" + "${globals.networks."${if config.swarselsystems.isCloud then config.node.name else "home"}-${config.swarselsystems.server.localNetwork}".hosts.${config.node.name}.cidrv4}" + "${globals.networks."${if config.swarselsystems.isCloud then config.node.name else "home"}-${config.swarselsystems.server.localNetwork}".hosts.${config.node.name}.cidrv6}" ]; - gateway = [ "fe80::1" ]; routes = [ - { Destination = netConfig.defaultGateway4; } + { + Gateway = netConfig.defaultGateway6; + GatewayOnLink = true; + } { Gateway = netConfig.defaultGateway4; GatewayOnLink = true; } ]; + networkConfig = { + IPv6PrivacyExtensions = true; + IPv6AcceptRA = false; + }; matchConfig.MACAddress = netConfig.networks.${config.swarselsystems.server.localNetwork}.mac; - networkConfig.IPv6PrivacyExtensions = "yes"; linkConfig.RequiredForOnline = "routable"; }; }; @@ -5415,7 +5434,8 @@ in if netSubmod.config.cidrv6 == null then null else - lib.net.cidr.hostCidr hostSubmod.config.id netSubmod.config.cidrv6; + # if we use the /32 wan address as local address directly, do not use the network address in ipv6 + lib.net.cidr.hostCidr (if hostSubmod.config.id == 0 then 1 else hostSubmod.config.id) netSubmod.config.cidrv6; }; }; }) diff --git a/hosts/nixos/aarch64-linux/stoicclub/default.nix b/hosts/nixos/aarch64-linux/stoicclub/default.nix new file mode 100644 index 0000000..870da0b --- /dev/null +++ b/hosts/nixos/aarch64-linux/stoicclub/default.nix @@ -0,0 +1,83 @@ +{ lib, config, minimal, globals, ... }: +{ + imports = [ + ./hardware-configuration.nix + ./disk-config.nix + ]; + + topology.self = { + icon = "devices.cloud-server"; + }; + swarselmodules.server.nginx = false; + + networking = { + useDHCP = lib.mkForce false; + useNetworkd = true; + dhcpcd.enable = false; + renameInterfacesByMac = lib.mapAttrs (_: v: v.mac) ( + config.repo.secrets.local.networking.networks or { } + ); + }; + boot.initrd.systemd.network = { + enable = true; + networks."10-${config.swarselsystems.server.localNetwork}" = config.systemd.network.networks."10-${config.swarselsystems.server.localNetwork}"; + }; + + systemd = { + network = { + enable = true; + wait-online.enable = false; + networks = + let + netConfig = config.repo.secrets.local.networking; + in + { + "10-${config.swarselsystems.server.localNetwork}" = { + address = [ + "${globals.networks."${if config.swarselsystems.isCloud then config.node.name else "home"}-${config.swarselsystems.server.localNetwork}".hosts.${config.node.name}.cidrv4}" + "${globals.networks."${if config.swarselsystems.isCloud then config.node.name else "home"}-${config.swarselsystems.server.localNetwork}".hosts.${config.node.name}.cidrv6}" + ]; + routes = [ + { + Gateway = netConfig.defaultGateway6; + GatewayOnLink = true; + } + { + Gateway = netConfig.defaultGateway4; + GatewayOnLink = true; + } + ]; + networkConfig = { + IPv6PrivacyExtensions = true; + IPv6AcceptRA = false; + }; + matchConfig.MACAddress = netConfig.networks.${config.swarselsystems.server.localNetwork}.mac; + linkConfig.RequiredForOnline = "routable"; + }; + }; + }; + }; + + swarselsystems = { + flakePath = "/root/.dotfiles"; + info = "VM.Standard.A1.Flex, 4 vCPUs, 24GB RAM"; + isImpermanence = true; + isSecureBoot = false; + isCrypted = true; + isSwap = false; + rootDisk = "/dev/disk/by-id/scsi-360e1a5236f034316a10a97cc703ce9e3"; + isBtrfs = true; + isNixos = true; + isLinux = true; + isCloud = true; + proxyHost = "stoicclub"; + server = { + inherit (config.repo.secrets.local.networking) localNetwork; + }; + }; +} // lib.optionalAttrs (!minimal) { + swarselprofiles = { + server = true; + }; + +} diff --git a/hosts/nixos/x86_64-linux/milkywell/disk-config.nix b/hosts/nixos/aarch64-linux/stoicclub/disk-config.nix similarity index 100% rename from hosts/nixos/x86_64-linux/milkywell/disk-config.nix rename to hosts/nixos/aarch64-linux/stoicclub/disk-config.nix diff --git a/hosts/nixos/aarch64-linux/stoicclub/hardware-configuration.nix b/hosts/nixos/aarch64-linux/stoicclub/hardware-configuration.nix new file mode 100644 index 0000000..2278aaf --- /dev/null +++ b/hosts/nixos/aarch64-linux/stoicclub/hardware-configuration.nix @@ -0,0 +1,15 @@ +{ lib, modulesPath, ... }: +{ + imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; + + boot = { + initrd = { + availableKernelModules = [ "xhci_pci" "virtio_pci" "virtio_scsi" "usbhid" ]; + kernelModules = [ ]; + }; + kernelModules = [ ]; + extraModulePackages = [ ]; + }; + + nixpkgs.hostPlatform = lib.mkForce "aarch64-linux"; +} diff --git a/hosts/nixos/x86_64-linux/milkywell/secrets/pii.nix.enc b/hosts/nixos/aarch64-linux/stoicclub/secrets/pii.nix.enc similarity index 60% rename from hosts/nixos/x86_64-linux/milkywell/secrets/pii.nix.enc rename to hosts/nixos/aarch64-linux/stoicclub/secrets/pii.nix.enc index d5c5740..2581da1 100644 --- a/hosts/nixos/x86_64-linux/milkywell/secrets/pii.nix.enc +++ b/hosts/nixos/aarch64-linux/stoicclub/secrets/pii.nix.enc @@ -1,5 +1,5 @@ { - "data": "ENC[AES256_GCM,data:pikVONWg81bulGRM+enUyBGxFw4C51177O3WrhRzvCiWpulc9RHVH12AfVh4uAkoOANrPyLZuEUGdu8hvFgcTWBzJXPSPZ2sMfAjx593RhSsW+VM58IS0Oa+N9XxwpYnKiUBHrvAxgJD3vhVgCIrL+1LSylZG/RF4Wj6fw4dkttlCqioRkyNPufBtpMEN+MTw9IFsAKaCV5LTFnetIzm6wUPepExaPOpdFhf61JYyzsHkKZslA4FKs1cWgK5ggJkfQS1aA3KCh8pU8vU6uXRgl4ixyUzn/l1HnGZRhFxjcc0x4RqrJYFW9Qyj7oehHU6AxuzD2bf0vuVxZn7nQy8MrDfsvYL5yU34MSdokwrvg3IBXvPogbmjWoBLl6+0WSlV5s6o8GbTkhFi0kWv5H9AKcywY54ltyzoxAQ/9hsZa9IIGCNMFjVfcrKPQKAfrdLbYQxdioq62lHX0LbXKWU9WPRhiG9eRsETudIPan8VRMvHx/6qS6bXSaEjYkKsVSmUOhcVYp7bp58wl9JKu4qYUOLyE2T00IdmbUWrQ+MP14lj6XKNyLN6//8qFyTyhDBLPBJ5DxOMt6qn1qe/lqD4R8Iqvvj63IFq3/psdDXHu+WNmq2/LQH3Y8GTxIoEQ+uPK/I7Tqdh2DXQgKYK162ybczcqsQwGwQWe+DWtno8fauypNrFp6Wgd7c62pxY+8nJzTU9gYSyAIHWEHmRW1LV231X+7kB+JwB2AxfDFXRChuNtJkOK9pdwo4SSS/tGDS5RLmsO4VpE2mPmhxA78IuU88c0LF/e4fC8N5hteecXjMMsSswbC1VUO/3B0JfN8nI0/BnE5Hhau8McSZ1Z06/GsxC+6ArX+zIXthcLIr95nAnLDgJUOKOU7XvLQ9Y22u4lmYWedSTg+vjdljjUG3aBNyp5ZI2xXQmOOgL21aE9aQgBN27GQGqgzECrNEbK0osBefjw14sxv/aZlWU9hHlVROLVbpyWl3edN9ZEMYSJDCpMPwFkEOshlkZ78IfQw7fWRKoBW3W9uHyRPEFeldy8KQ2Lux8A5KwokgFFrp4JI92gjUSubfFsCZp/NHrV5k5UltfMz50QdaKw==,iv:5tRqYZwfz4AeC/HSetPfDaysniUoAgklLl7mEiWBqiM=,tag:7TnVeBMtP8Q81eqeRu02gg==,type:str]", + "data": "ENC[AES256_GCM,data:RvrGk0fGCxkhhxPaJ0zg/Jl24mv3PyMFz5mkX05zaytgQ9l2yUs2rsAe/GW7CjarVQYi+5Mkc+BDWFUPMjsmu7mTXLXckcjv3YPukO2cvUEHr/Cywj8RZXFxzJaZwc0wpN0vZIXcDDhdZWjrb/WuBykPuYekIu2DaNJ6Ioe0OO4wcoyI3dSyj/1dwWHDqvDgn8v8I8FFm87gGoBn4Po2DZ308C2ge+B4vKcL5S1Lwruz1ocJRh03SDR5cyuDvGioyuSiyDSC1+Sz9mwsRSoTkO94Iv7MJDYmUxDBc2cDPyUP2py9L/BAx42tBpGkHxNctjrTQz9gTaRknpx6sfBmxyNCrg6uv6tBlXujXvyIPA4z6mD9dS6LOP1QKmYOjOrg+l3WYorFZYE5wb93G+bfqwPnd8CcnUQsJ17GzWQ0RMEQ+UDJCASvuuU7osSzJJlBi0vMXmF/sXPgjweuO0xiRuT/KiwKchmWUuygWCFW3PvjY3QkVvLe7mTXxHRZTxw2XsMyFvaMgn+fyCKQ0RUic+j5itXcJS93v5PHX62XgNtziQ4RF7Qnxj+gpNWcBWjEDtgS8v+v+imQVTUu5Mvkqv1XhK+e3iPeiHkvqP3S0UJzvxlwgeRoGziKOiOWpqQynig/sRwQNhcN7L8k4woDbFBf6OgAT8yVMB+WwTT2EFk0L12Is8W0vw4nlWChH8D+QyMvP5Wz0Q3clwlVjfHKWm8s4pIntknoKvGDvbzqTkJCQjPs1gTIbnbckvsrWvm9xu9d85vCL/AP4HFWHE+ZS3nYJYMsxegog3qUka1gHBkfbpwh9bbPvVAD4DPzTs7gDQ7ZSQlzA5hAHEsbOJF8vz+fYqhp6raJ8fXN6Yq2iQcEjbzTFhb+ukzcEln8l+6QWviMI+yr730tx4f2OEGEH0ydvFUUEGx/BBcVuKx4EN+SVPC4TkZUaaHtfE+Fz1WxY+Woh5Bl93J9KhVtK8tficRNW0lGRpbbUGixPrLozl3rNS1OHhbAzA0QJ0ZtzKTa848rFS667YEO/85ZBna/kAH7RGLHWXF3taRHCDqUo2aXbQcGSkhNpPi7XOcOgaujvvHNlg==,iv:M+6rUkhstAIiLRK8Tzd6wnXFu3cKupBImGo1yI4AciM=,tag:FMHnrshyG1Fk2QERIzu98g==,type:str]", "sops": { "age": [ { @@ -7,8 +7,8 @@ "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJZzY0QVQ4ZUxxZkdhQ2Zn\nOHpmTnRaR0R3cXh2Z2JFM1RDVDB2QnE3M3prCm43NjQyOS93UTZKaUlUUmhVcTdG\nUWp1YU1kVmZPc0tBN2FMY2FFVkI1a0UKLS0tIFovZi9FQlhMaXpvcnRYN2FiSm16\nTzJESjNyZ1NzajJRNDR6ZTd2TitoQTgKe2hC6OpYIzgqzhmeJuHWe0yXNE+/Ek26\nGt7s1B6OKnrj+S3es84ePOjAbLHr/ez282b/h0y55ws4R7jMemUIrQ==\n-----END AGE ENCRYPTED FILE-----\n" } ], - "lastmodified": "2025-11-25T15:37:26Z", - "mac": "ENC[AES256_GCM,data:nZoyO4iZKAgecFiQ0tBdTEogMIDhe+Tg28L73DLVGCDTaG4QTR4ulvh77R3+Guun6eV5CsH86hTgENgDvybEVJV9bZmJWVbVQ0a+QYsZKIVDcH+o1ZK5EiOoaUb+Tfze1CGey2aw8zBgz3hl7ZeVjb5XNsKOhQz00Oc8xQ7z2CQ=,iv:x7oSgep++DVe2JQ1PPORcqfgBpCRbjO+MNPpDVSlzeI=,tag:JlibH3nTCf64bqxpnCxJAg==,type:str]", + "lastmodified": "2025-11-28T00:08:44Z", + "mac": "ENC[AES256_GCM,data:16eXbpMM+scd4NxLrANCiAZuWrtoFMgbjCgo4/TbihhiXGPkO6YP6ERS5F4+Wu282ABRyJoS+ia8EaX2Ug9r5mRtdiNmfbMFibNMXK3hXTqtlquTqCQ0vdYVa5b6XT1dX52MZQ53f9MRSY4V/sPmcpJZaXWbZOIYaqbqxg/iKV4=,iv:1n8OWQuRZzHd2A/uMI7bVkUVyVoe2/GSv3CKlJkFmNE=,tag:Rl0n/9pnJGlKif8TER3cFw==,type:str]", "pgp": [ { "created_at": "2025-11-20T01:03:05Z", diff --git a/hosts/nixos/x86_64-linux/eagleland/default.nix b/hosts/nixos/x86_64-linux/eagleland/default.nix index 47ef03e..b893db7 100644 --- a/hosts/nixos/x86_64-linux/eagleland/default.nix +++ b/hosts/nixos/x86_64-linux/eagleland/default.nix @@ -1,4 +1,4 @@ -{ lib, config, minimal, ... }: +{ lib, config, minimal, globals, ... }: { imports = [ ./hardware-configuration.nix @@ -35,19 +35,24 @@ { "10-wan" = { address = [ - "${netConfig.wanAddress4}/32" - "${netConfig.wanAddress6}/64" + "${globals.networks."${if config.swarselsystems.isCloud then config.node.name else "home"}-${config.swarselsystems.server.localNetwork}".hosts.${config.node.name}.cidrv4}" + "${globals.networks."${if config.swarselsystems.isCloud then config.node.name else "home"}-${config.swarselsystems.server.localNetwork}".hosts.${config.node.name}.cidrv6}" ]; - gateway = [ "fe80::1" ]; routes = [ - { Destination = netConfig.defaultGateway4; } + { + Gateway = netConfig.defaultGateway6; + GatewayOnLink = true; + } { Gateway = netConfig.defaultGateway4; GatewayOnLink = true; } ]; + networkConfig = { + IPv6PrivacyExtensions = true; + IPv6AcceptRA = false; + }; matchConfig.MACAddress = netConfig.networks.${config.swarselsystems.server.localNetwork}.mac; - networkConfig.IPv6PrivacyExtensions = "yes"; linkConfig.RequiredForOnline = "routable"; }; }; diff --git a/hosts/nixos/x86_64-linux/eagleland/secrets/pii.nix.enc b/hosts/nixos/x86_64-linux/eagleland/secrets/pii.nix.enc index e7516a5..7407819 100644 --- a/hosts/nixos/x86_64-linux/eagleland/secrets/pii.nix.enc +++ b/hosts/nixos/x86_64-linux/eagleland/secrets/pii.nix.enc @@ -1,5 +1,5 @@ { - "data": "ENC[AES256_GCM,data:vLTAWtyZJVHtXifwicSRYRYj1PjoEiumhE3bcsMuhj5P0PjyT9f2wzse7GDtusUFXDNWQXNWMNwk1V0auQmWayJa0zvpfRGtnGJrwdl/dImK+UN7ddJ6x6tNU6kjNZ05UplaUsJAJ9tm4eg050muY7KLBuEw1E4Ki9clDDxhxULXv4bdv5QpXaYSiK33ZORnD2EWcYvqUJayU/d8zSRTHV456ePHDIJPfXo22XQSLY7//q1v44ZMKDptOwlktxVQr9/asvE4eLDjdDTA5DXHTfsAGBDZCHqPI33CxZbHENM9UOHw7S0qYpKW2f232Huwv4J7llmsOIT8Axppz6fC8neBKOFPH+n4bZQTaZUL/xSLCQrF/T8k8k84lKJ3eBJdfyTpU8oInu8VAe/w+s2lC+n/zAjGoSGIF412xQ5VS0fsG1Wi/veRDr50KybYUuYQNjwtIXle3fUibUaMGFwd4Y9uSlxrWwWQxJhFpoZhoPPfeNMrT+7BSpVax27HvM7p9+VKkLfWtHiwuSZNSI3HKRmrsxHJVUxuJdXO87TCbabQAvPWoqR6qKMwixN/gvN1JNZ6Ml59HPSe6SKBAh5SI95kzXaBMZ9d7Yy7bUy/xkbbFHNYLwXR62H89XyK3yW6CMr+M7JLSC0WErAVHkUEuIEkWILBIiTeqU3Q,iv:KoTbJUnhbZp7jX/jPmX8gBobDJDoLPAvhBU9j9RYr/g=,tag:qhd6OAHNkbn0xN7wJhF1Fw==,type:str]", + "data": "ENC[AES256_GCM,data:nIgv3b+6o5Ce9X9xZtBK62f6dgsAGLPqq7aVFCw2qjD9UiHCrAY9vTn5NSW2O2pbLAfx6h7falS3/0yU+AkJ2H3zhxBy7ZxQ0m9dLoQGrYY/E9Z45xZmdFRxtzexCaxr2DxbP8haJKomQ22cHk07HGsrEZ/CFGkyjRxUr3Y4rewgZPBXahVtM75mWbNpVGApc8cs/W4JbjuXw3qlCQcACz8sZVPHKCjbEypypo6nTmU7NO7worrAJ2QgU75oGJ9g96wp9paFMEDofVp2Y25IVYReGg8T1Qi/kTcZzfzGfSpEwnQBB/ZCW6gNYhMK3shfB8DxKy6+romVXm1K+/0yUmwsCM8xC5zJX0GsO8Uu63YFrW/Y2E6aYZfBHdIgfy4lYOFKC2o0ixirw9EO8HyfsDt47QYB970vLPjYZfKNAZBgltbV3KPsOHxmgiZbTbAl0cb9zRc+jV2voH9T5VhFiUWdfaLBY1HUAVAjU7h62uZoCsi1HWyAroEROKS96npTD+3/vHehYuEGBf1IxYnLwHnKeqsr/Bqoukf3OecOH2EkMTTFQ7E0k9s0keRypoHmeYIh2a3dRcaXXbNEgiAMfabhgUh1NNcYKSZhcIekN8WN8azXjbVIrfEakJ8S+PUf5fJdspN/3Ppm06fDLv7yLHnLc8Eae2COOR8vYKIo3Onu4doxNjisfpHujLXYaCGhWpINEGWF7fkeC1B7,iv:v9MxvhcHg+P00UnOWujSgVlMNcOnDm/gK8kNcN54E2E=,tag:XnPMzsDeGJMt9yv6GnFzqg==,type:str]", "sops": { "age": [ { @@ -7,8 +7,8 @@ "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJR1ZPZFUxRTh0QjB6UDJ4\nOFd2c2lFejhHck5UdUxVbmFFbVRYNEJaSzJZCkNxbndVVThObDkxUmx2WW9ESzhh\na2o0LzFCbWdJVlRIV00rTVUwTktoek0KLS0tIC9qalVvZmpGQXZsV3RIYWRPbmRY\nam80NkRkT2l0ak8wV3pTSW9kSC9nZ3cKCH8eEMmku6WMliEDdAiW2Lk1jAGH9SoP\nWQ5Y6e90jEnp8XbGE7KYiG+jy5fHSc6Y5/YyMmi/b9bF9AhmRT6rdw==\n-----END AGE ENCRYPTED FILE-----\n" } ], - "lastmodified": "2025-11-25T15:44:12Z", - "mac": "ENC[AES256_GCM,data:EqEvcd75Si3I0Tgxm0ffeVRKrKNqaFNI+NqZcB02mKPYPWTR6fX4VT2oVhLIxvn+5MQY2BBR/VzSxblcX6K149REpk/22aGuHfk45giq8q1xBnZeNzEQDuhoY8XZd8dzqxk1pHmQFS+jL/zl42a2Qib/jVmlnPof0bcwa/HlZDU=,iv:5V2zSQOCG/XkRF7zgFe1oDuzrP3dx6pWZpsvdVT8hz8=,tag:DYHQIFEedflw43aCTT/ACA==,type:str]", + "lastmodified": "2025-11-28T10:50:22Z", + "mac": "ENC[AES256_GCM,data:lwkkp8YSzX8NM7E65kmPpF/q9Vn+FnCTeePLswDH6AVgndo/7QOy0GtJeXmiwt2YsA4AhRqxexWl2R8tjEysP35pyfQJ4vEkVi+V2tEnoLgftriNJzpoeVuRNXLxTPhPezOZgAcTDDL4yyqJXpcFj0PE1DPHKxazT28BoilaBYE=,iv:3dcAqkw/y6rAPL8wb5iewz37S4xszYFGHxvQiQ98sLk=,tag:SEmbptei6GrTXXyb7zwrIg==,type:str]", "pgp": [ { "created_at": "2025-11-23T15:25:41Z", diff --git a/hosts/nixos/x86_64-linux/milkywell/default.nix b/hosts/nixos/x86_64-linux/milkywell/default.nix deleted file mode 100644 index 3945349..0000000 --- a/hosts/nixos/x86_64-linux/milkywell/default.nix +++ /dev/null @@ -1,46 +0,0 @@ -{ lib, config, minimal, ... }: -{ - imports = [ - ./hardware-configuration.nix - ./disk-config.nix - ]; - node.lockFromBootstrapping = false; - sops = { - age.sshKeyPaths = lib.mkDefault [ "/etc/ssh/ssh_host_ed25519_key" ]; - }; - - topology.self = { - icon = "devices.cloud-server"; - }; - - networking = { - domain = "subnet03112148.vcn03112148.oraclevcn.com"; - firewall = { - allowedTCPPorts = [ 53 ]; - }; - }; - - system.stateVersion = "23.11"; - - swarselsystems = { - flakePath = "/root/.dotfiles"; - info = "VM.Standard.E2.1.Micro"; - isImpermanence = true; - isSecureBoot = false; - isCrypted = false; - isSwap = true; - swapSize = "8G"; - rootDisk = "/dev/sda"; - isBtrfs = true; - isNixos = true; - isLinux = true; - server = { - inherit (config.repo.secrets.local.networking) localNetwork; - }; - }; -} // lib.optionalAttrs (!minimal) { - swarselprofiles = { - server = true; - }; - -} diff --git a/hosts/nixos/x86_64-linux/milkywell/hardware-configuration.nix b/hosts/nixos/x86_64-linux/milkywell/hardware-configuration.nix deleted file mode 100644 index 61b6d63..0000000 --- a/hosts/nixos/x86_64-linux/milkywell/hardware-configuration.nix +++ /dev/null @@ -1,26 +0,0 @@ -{ lib, modulesPath, ... }: - -{ - imports = - [ - (modulesPath + "/profiles/qemu-guest.nix") - ]; - - boot = { - initrd = { - availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" ]; - kernelModules = [ "dm-snapshot" ]; - }; - kernelModules = [ "kvm-amd" ]; - extraModulePackages = [ ]; - }; - - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.ens3.useDHCP = lib.mkDefault true; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; -} diff --git a/modules/nixos/common/globals.nix b/modules/nixos/common/globals.nix index b152069..1fb5fb9 100644 --- a/modules/nixos/common/globals.nix +++ b/modules/nixos/common/globals.nix @@ -82,7 +82,8 @@ let if netSubmod.config.cidrv6 == null then null else - lib.net.cidr.hostCidr hostSubmod.config.id netSubmod.config.cidrv6; + # if we use the /32 wan address as local address directly, do not use the network address in ipv6 + lib.net.cidr.hostCidr (if hostSubmod.config.id == 0 then 1 else hostSubmod.config.id) netSubmod.config.cidrv6; }; }; }) diff --git a/secrets/certs/secrets.yaml b/secrets/certs/secrets.yaml index f45c150..8e105cf 100644 --- a/secrets/certs/secrets.yaml +++ b/secrets/certs/secrets.yaml @@ -8,116 +8,125 @@ sops: - recipient: age16lnmuuxfuxxtty3atnhut8wseppwnhp7rdhmxqd5tdvs9qnjffjq42sqyy enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3Vzk2RWVCUk51cWtVRk1K - dXA4dmJSNGVMQ2VlUXJsbGZjbjRaMUFZdVJFCm1RMk1PbDQyOWpjaXVVdWoxVUJq - dGQxMmlVcEovZGZ4bzdnbS9kRE9NZHMKLS0tIFdEeHJVS0NjcElNQ2hDNkJNaURZ - VWR2RXZHd2ZON2VQZW9KL1NlME5hNDgKvEn7GMfQgA3FBDmimP32i8QQ8NuUAt4p - uM2Z7UJP8i75x6GWku6eEKWO3M+rNsTPFL1VJfYORjiG8JKGWb4IOw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBIanB6TFU1bHFETzZhZnNZ + VjVRU2J6bzdkdlJGTHJ0YzN6OUozd2N4WVFvClBObjlGSEhOeDJYYjRrdStFM0N6 + M3lQSHJSUWVwUDFXNWVuUStIcE5pbUEKLS0tIEV6TnRQdHAzTmY3ZHZmZ0R1ZVFt + V214OFExb1p5Njl2YjRkNkhJVjQ4bGcKZt+SrlTvKEwQtZUYFud4LC4mVNYJcgNq + YvIyoe9qbNg11xxN483a7xgwclUulhD4DH8MJ1JViHZAj3NYjbJtwA== + -----END AGE ENCRYPTED FILE----- + - recipient: age15klj4t7gpfp69472mne4ue62pp6m4e04dmjyw7yf30qtqd3vl3uqjmcyxm + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2VlMwK2hpSDNMZ201LzRu + VEFuSmpMblk4R2tkVVJia01EcmZlT3pXblNnCnZIUEhESEhWbmI3VWNYT0U5SlVH + Q1RaaW5HcGVWQmViMWJhcVJPeG83UGcKLS0tIDYwWWZRVVVGaExaeVRaRG9CRnFW + djdsU1BmQXdHSlNGaHhaaGlTQ3BycFkKXGBbjYAKJls9+1CELx1dtJPpToRL1xqP + p4XNj7Q98HdoiKXXanKP0+vpDVd2TVWtTO8H6o9lpmgLVp+1zHgFUA== -----END AGE ENCRYPTED FILE----- - recipient: age1k73gy5em3js9zklnnkzp5hme9k04lny32fgahmzddknjw5c295asdyr4x6 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtMHlrMUlkYnJWTkZPSEhq - VnpVd2c0VUxwZnJsaElxcXVCQldMblhoc1hVClJGOEZReVgyaDBTUndFUUhJaU9r - QkxySldYMFVpSjh2VVQ2aXBleUFFM0UKLS0tIEtZZW9KNS9sMzd6STdJTXQ4Vkxo - UU0rRTZDUnJsRkVrdFljRXlEanF6RTgKuXPEvoGgBtQX21yBJGBJSRnDw5uK7iUa - NIB6YUZjGpzzjgdStSrqBe74Q5Jz0z1uy41l5r1YW4SMs8xP9N2EzA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBuN242VmJiWmNBYVdBSXAz + WnhRQStMZm93VSt2NHNTQUN1YmlNNkYxV3hnClU0K1d5ZFFYY1cyeVNvYTFtc0dI + VU1Fb1dDLy9UdWVmTjMzSWMxMTNmUXcKLS0tIEx4bHczSU5ERGZpR3kzVFRUWmIr + MFZoL0ZFRTNFZWFaZmhKS2NGTEZPcnMKq9PNIHyRe1QCwSi8XlFXDQqexuadobVo + qsQ7xsMEFCS6ONOv4r8IwnTRntHlaZ6caIQbswdTc8AmfMlUi/ROJg== -----END AGE ENCRYPTED FILE----- - recipient: age1cmzh82q8k59yzceuuy2epmqu22g7m84gqvq056mhgehwpmvjadfsc3glc8 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBjK2tQYVUzOGxlWGE3Ulc2 - TmFpMnVaanQrdFoyUW1iKzdjQkFra0JSUEZJCmxObElTWExJanBxNVVPV3dLZzZw - WThURHFkQUlpOXBEZGZFTUkxZ3lMbVkKLS0tIGI2QTg3UUhPRjlZVDFWQjZiT0px - MGdUdjR3S1k0V0FzTzFTQ3ZXSkxaMlUKxH8TdDacUtyTmG/rpDg7tmpN7XGUXzgj - Fqg5QSpDSB06945MGt+zgHGEArcg9v+PtfX0MbF/Lj6uW871J6Ihiw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBMV1RWRzNYa0F0cWRScFFn + clV4WnFWUU5rKy9mejJUWi91ZTl3Tzh5VjE0CklCTzBBVmVYZWZpVzl0L3A0YWd6 + anM3UjdsTitqMHdHc2FrV2ZYQW9YRTQKLS0tIEdVOXZia1RjazNONnh0MmphL3Vp + ZC95bnNqY3RzaXJMR1BUcmZ6Z29zVGsKT5Z1RXWzqDlwsx6LbubE0OeGuysG3H0W + 6s68Yb4CJmrQppHgi2gKdtUzSf62aSo7AVvjDhMSGwfPF7akmSnH+g== -----END AGE ENCRYPTED FILE----- - recipient: age1hsumymvh5mkqlaynrp9lv2w696yk3wtjzlyfmrpeuvh9u2tlwceqh3563x enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBLa1hlZ2JuS0JOc01IZTBv - ZkUrQ25SeGU3VC9YcXFrbzlpeEtLZ09DLzJRClRZc1NuNG9OTlY1enphbjdrc1BZ - L0w1ZVR1SGNSekdSb0FSdXRYMDAvc28KLS0tIEJHSFo5YzZIVVNaNUdOa1pHamlq - bFNWM0g4MG9ZQnIwTG40VFVXL3ByS1kKPOt/Y66db5aZ/PRihBX1JMMjtZGV4RJd - s6REyW9R2VvwCtDQMewEFTSXZgeGQeyH6i3hEuYRDxb0VNZibXFHIQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQQUVGL1FKRTJOS2dQMS9D + b3FINFBRMGt1aHNZaVQ5Smp3Q1Z5RENjQlhnCnpyUzZ2ejZOSXh3TzNOYnNKbU1O + QTh4WXRXRmxxNU0zamdIZVFaeSs0TVkKLS0tIDFRM3pCNDEyVGEvdzNncEE1TnFJ + bm9oakw0ZUJGeUpsN1JaTXpmR3RoNFUKIiCqoa89Ch2mvm0cEp6PKScrv29qV23U + S1/JQZTKS/8QFI+Kjpp2UDPdYzkornogW0u8kvICf1jiSccPu0gJVg== -----END AGE ENCRYPTED FILE----- - recipient: age1mjgw3nxlnqdj04mgjz3wn7fj2nl2nxla4p2r2fn4nkvayfgp09pqllxzyh enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSArQXdwNWhEK3dodjNaK2Zm - cWVWQ3BsTWQybVRUOUx6TWNDcjhRam01ODFFCi9BcUFFSHN0UVZoOUdrQ3piejFY - R0grN3M1U0NLYXlFUEpjdEpVOEJmckUKLS0tIEtKc0N2OXF0aXg0bGhWMUZBNlJ6 - NTdWcmtVNHA4WUczb0xpZVc0TGczV0kKmnoGm9V6amumqlClGjlFcGIX05KeV2qW - f11xsg8pjGpPldzT/Wqb6vWYJDJL7c7J/AJkm9d8k/7GtJQ1qKngCg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvcXUzdDNOd1F2d2lEYjlq + RkZIVktQTXRUNld4YWJvT3BEeER3UDhKRFQwCm9Lcnl3RVh6ZXpJNzA2dWRqM3ZT + ZGlQQjNSSDhFRytsUWo0V0JnTEhjZ00KLS0tIHEzMnJIR3d2TlJrNmVaVTZjRWRP + K1RmSDVENmppUHYxbFZQTFcxcjhyNFUKBnWd0+erCTjB9IIyY2jBeciKJrAb2lOC + CcFmIwig6oVAnNtEt/8jr83SCPEvhNXs7out76IIvzFmL4FsHfwz8w== -----END AGE ENCRYPTED FILE----- - recipient: age16vzhcvz8tyxj8e0f47fy0z4p3dsg0ak4vl52ut3l07a0tz465cxslmhevl enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQUHJVd1BQeXYyQ1BzSlFv - bkpBYTA2Z0J0WGtWZ3NxOE5wYmZRSU92aFc4Clg4Ly9qREV6eGV6ZWk1WTY4SjBB - QzZTVmlRSTgwSlUxTVJTOWIrZnNKWnMKLS0tIGtiSTJ0Y3F4S09FSnR6WGdJaC9D - a2FvbEgwejlob0U3Q25lK1M2TDczT1kKTzSG1q51CEr/dBgYJ37HceXZYS5cnBtJ - 1zxmURZaXpsOtzB9KJn6iUt7FwpqIJss/+p1AELvHUZgjJI9DiFfkg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmcWdSRTBva3p3ZXhITERq + c1pLVzROR0dSTkRtbUVnWTQrM0tCMktjRjBJCmxWQ1U1bURWU2loL0tNL1NWSDBn + TWxPT2ZBVEx6SUZpUDJpdWhsQmx1T0kKLS0tIDg3Q3FRRjdLOEk1QllFUVV3eCtn + R09oS1R4ak14KzJGbWlLWnFUbitNM0EKYEdWXNqimNBiTXSTouXmV2MZmnLN6KAz + lHAgA9GFHOYs3179cSbjNxurtMIPS0Ic6FpGRBwJRXVVktDqiFWk/Q== -----END AGE ENCRYPTED FILE----- - recipient: age1zlnxraee6tddr07xn59mx5rdexw8qxryd53eqlsajasfhfy78fkq705dfg enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVTzc5NjI0TnRYREVIZFIr - VDFkK1Q4WmJGNnBBLzN3SVJBQ3dZMTVrWkE0ClpselBZaEdNeEdjTGQ3SjJuUkhH - alpEbGF6TDRSRVZLelROcVJxcG5id0EKLS0tIFRPMG82VG45Qm9uNlBzQWVFdC9C - UzFWUGhINDRQUS9TZHRLblRybzBIU0kKV3nNWCLMZliDnW4PCZ/6HAMJSTy6arjE - Eh89+SCKBpVecZM+DrwPDQOYY3BSihTYD4bawfhbTxFI8RQXA/ljkw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBqYzRsWVBMTHlBSVBYNXZm + Z2xab1RjWUtXaFUxemxSSU9CZzhyNVJaaVVJCmtHbDd5MEIwUUpMQk13b3F5MWtl + OWRTdTIxa1dvNEVCUE00cktSSmRIdUUKLS0tIFhiTjV5ZUwwQkt6WlZhYkFzeXRY + Q0FkcVJ2SUFIZjdPUFNURW1MNFNlZkkK3C/BErZHSr3YN4I0WYAv1k056GqQ2YBY + MvlnWwTKHs3uB+90R3g0eXJU+4xm7OcvtWog9XF/A9e/wo5OqU4D8A== -----END AGE ENCRYPTED FILE----- - recipient: age1h72072slm2pthn9m2qwjsyy2dsazc6hz97kpzh4gksvv0r2jqecqul8w63 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSByQjlhcGtKRDdCdkFMZ1l5 - Mm4zUXJCTmdkMVh5TUpwc2dndFNOUHBLaTI0CmZGaDQxRHAwcWdyT1BtUDRQT2xq - NEZsYnNVOEpzckZYUEM5WTg4eU9yUjQKLS0tIDRzeFRkZHZUQkpiNGFjeSt5SThK - NXVYOUdMQk9NRjlKTFlHTU1leFZISkUK/hudtpolmk19shnGFstPflmotm3uvfF/ - 5ZiXoVKcptQne33YczlhY13+0QPpV7hXuXBw+YTHRRXvjGN3wrtgNA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvdmdqTFJ5aGRJdjJpcUVs + azRRVmNuZ1c3bGtxREZ6Mi8wYXBZRENnbVN3CjZSTytnMTEzM2dwakVNMTdsVDBQ + czVXNEVic3hGVHNhQWJzMmM4OTVkcncKLS0tIHhGbXZOZ1VQYW9KdStVc2hVN3p6 + STVDZU5aZUI4amd0TEtxcHAwVEpGUWcKiNW3aLuO3DVVUZzzpN69o4FzDLjVmFMh + MbmLg9DA4LU72E5BUuR5Jrv4F5/2nf3nWzDjyPOIE4kPmWdq+TQsqw== -----END AGE ENCRYPTED FILE----- - recipient: age18quey88vge7xytclg2nuq4ncme86dg04lxwczqxczmdchnjg3p0saehsnh enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1dHJTL2I4NEFxakJmTk5F - RURmSUVwcGEvR0NLRE8yNlkwbW9WRWV0c2hZCm5KUXROZ3k3ZzBpV1dQcnN0TWNI - R2lTbUNjaWlpQ3dXd0dVS3IrbmYzVjgKLS0tIHlHTk1ITDE0d0tnNW02T3Q1OFVM - UitSdTNFM1JTTVYycDNoeEdhSmpOajAK3G02xLW42AEcJxHKmqoSsmss33xXkH5j - 9ewQOxAAdR0teBoHRC8hE5wNrnL4u4xGTOAq3zXxhidEq0fMc0C9tg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzQmxBTWRucGl1cXFJRFlF + a2ZwKzA4SERqUmhIS1VoUmhnMEJwUHBBcjBzCndPK0hEVDM3bzNOZTc3bEMyN3cy + NDIzS3dEcnZHK0Q3Y0ZYWG90a2JyRnMKLS0tIGFQbldNdEVwRUdEVEl2RkxKRVpj + MktpSnRTSjFlOFJVUzNsVVlIN1BsN2MKttNPA2nkdkrsBAuzbie3FUEOTm1WRG9v + Vc+8G3v9jIQQJ3WkdMZWtGAI5Ip0Bi87vtFyJVYP1/Jz2zcD/HallA== -----END AGE ENCRYPTED FILE----- lastmodified: "2025-11-19T14:09:27Z" mac: ENC[AES256_GCM,data:tZ6QzVPivueZiC9Qfb3KNZAv02QatgHRNnlM+Y0iV4BZkYoBjxeDojutizvAMwUarnubUdk5I6m2OZK1mvVDZKXyI6zALX4JMeT2xYQWRHYzHpOygLhhGwTFVhV+0C4jN+eJFF2cNf9lu7NuZI9ylZSOY8I3YKUl+l0l3CkXUl4=,iv:JSGOUq+j9T/NXspn70dfu0J4ISV6vVFZUe/Z1CirrJk=,tag:Hm9N55f9qMc056nSTR1piw==,type:str] pgp: - - created_at: "2025-11-25T18:32:47Z" + - created_at: "2025-11-28T00:25:02Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAwDh3VI7VctTARAAzpWulcVroUoACaD2ruC3zk49IbaTntS5BnduZgckvHWU - YREVjz48tuE2KLDm/AHkEdJAOlTS5jkhz5L2k74wg9MehqwVEzMfaLaJyDm7J9oW - CdsI16TPpr3j68m7yMn45GUwNMmMj0NBYfpd+ydFbqcswC4Is5vFn9hIPAlQgQLt - G3uKh8IWOxWT/6rHSL2ajQNGTg6h08yvgoIas8JBq3J7RPa5vPL/XJXh3yCUIjgF - wFNprivM9CiYf7rwJUEa9TUdjPoj0Vo4mfZIBh85YJ7LCI3hyxFLMgxqNNFtq+Op - NKrznWjpzyxDSrXGz4os2khg8bVWXEbV5H0pvvwtLf9ADRp9KhB7Jdd5VX61KHta - 0j32SuX86m3KAFzXV+s8xM/abVcfb3g2ECZIJ0qjX7kJ3q5F/Zzv99JoutjJ1Qko - Zv1XrsfdFPR9Z6XJyU2No4aegiYtFxKp3Uo8u5yAetXO8uG/aPXXVI1VphYAheuU - TKaWirIRC6jA9I2fI0WEk9pKi0vcjbK/RdkYUyfeTmxzE8F50rCuclXRkR4yVWCm - 09xrcyZK04BkYdgSx5ldhq3LpW0DqtP79KFZ9M2Vr8+9wOcJFkA2g5jQh+/b/0U0 - 0lOUVg+PRkBQ4SEi4UauFmhgnt/nrMfXwty5XyW6MvTUSZo3N1SW4CaSmBEGxUKF - AgwDC9FRLmchgYQBD/9iknczA7d6KW/t1Ek/R2MIcvHN4lndzcLzzctR5CpJVbne - dHuz6DEFb/x/134iSPZhkJHLLUgCBaasgEzL8vniaoWq6uccdxYL6nK/P11z2fVA - NFUwR4t1NWodi8xZ2lKiv6MFpDekjphS/9qL9NTmjdXxpyd6gnz+tRn3Kdnm4cSx - /ESJQ9DOVGxa04EEup6TN5HttGIoP/kxJfgGCTG93AAIYbCRJEQJaLqpoiuUZmL6 - EccOivMlqwEaV3fAFx93tPJzMOZwJeVO03qnAPjqrIsJpuFBSqerLZdxZcgipoia - skIW/FMI1ei5qTFgq29mJZvEixK0zu86jRi53pNmyPHKqNEaH9rRi5X7zJXk4Wij - 1KdeNl9XdbtXjNmqOQHD8D5cIV43Hko69ZAxCXVJ1dYq3tjM6OuDTUWAxhfXOcE4 - qfb9hdQ5l7NpPaK44NEVCjVZHyNYq9Tu2V/5od3uz18Y7L7RPX1EnnSq6swsE1Yk - qBg10Uh1a9vh3tu2gcoHA5qUrpukzX+ndWmtJ7P0k51VqdQGSkamo2YfPj1BYxQa - TJ0VMIo9936rcBPFy8WxemERhkOPtzWfIaeiK4sUREK/z6bQl1aY1y85pKS1vyPn - CFx+7lt4ITRgiuaTCGRgTQ3xYBhqUufA1+dtbLDf9WOT3kBtktXU3KNjC+QEWNJc - AQSLv5CljoYo/FV16RZKwmCWADMZ6qB5cuJTGpI/TDyiap7jDiVXYX0A97FbwS09 - a+XS7M5vCVpPLY+lXsM34m3Enn7uLnfsj8Y6GDFs+7vn43ajcsWJtuN1sbk= - =ySlA + hQIMAwDh3VI7VctTAQ/9GBFhguJChvHHEoWRb4hwNZIkQUtgy4u7YWImOHRLIjIM + OqcO6/wMWGIG8meQBTelzXicSH6ugyVjX6K45JLomKwe0ZUV6aRWheop09tmYiok + +ksm4X9y8Rrk9zAOqRCAzqvXcwFrvL4eu9KOvLU8KctG3iBnBomBZ+iVaBX6fmsh + EVScz3mLE10oK9bgNe7yuLvhZjx8wwhnRBh/1J/JPKX7EUkV08c29MpXlCqTKzK0 + Chd+VkVkEs6l9TGqN736FfvJfe37Nr81Kg4g26av1SR5qsuIThDp6oB1ClYcrHYh + 7JBik/TrwdOGso5c+roR5Y81k1DHK+VvaqZRJMsxt5NwxFNSCH7Im9Um0b1hQKn9 + Leuk8PWurqd69edPUDLHXOcQvchzIWrIiOFOPZUa0yYV9YOY7T0rwI54YPwReSXN + iIynNTz/Uqcadd+XnJbGdhnqef2oGonJrSHIcRpTyAbVaZpm7gXyAWxGgXCQjnrS + aLfOFV5COIQGAt7JmxBEIVl8Q7HdBY/Df8mcIHGYUnh8SM/Vn7e/EERBmgFnlNZU + Ak9Qi7AJxufqqY1odrgNoLTYk1xae968+JleukuoCTEja5mt6e4zgODnLeKJlvVF + xMy1WymuWudbLfjQRzzXd05sXHvEIyvbdpzi+ZG/mvNgcDnQdGcnAA+EnAWtEGyF + AgwDC9FRLmchgYQBD/90zGA4dklZhpLdnZGA3pKnLcJmnbsSse6IVSowtR/x4lys + NODp47NjLz3d1BTBhr6r5mUVLvgagxkYUUg5W1UWERpfC2WBBResc5Rohpv8g23S + U/D8SwUDIs22Oq1t3cKdByuuE+9Y42EoaJbblJchvhgtYLyx9B/X7as6+ikNnZ7q + s9qiDAy5VgnlZfDbEn78kssptFgy0sSgnvPNwxch7Yjgl/OqTbkwExBw+dEuACRi + uPSsL1i/AkeCRXm5NwNGRk0+ZB/7u5FhdfMTpKZwDrteeeDGwk3LAjNhoN25gp7O + YSWkZ3JQyBvNKuP6n88QfqlX2OWvxBnaaQjPyd64XK1HoV1ngkVLJYUJP4RJlLKT + iWfsIwrTyM5+KCrIm4xlIEpA1GITR3AzNm5hP67BGMvBr2DeImo+EkVonAg1q9vI + r4QXldEDLEC1DTiGIORsecbdtuJe3tBigTNySXHSbMgPRzBuCe5PDthL0T9pJRpt + 36o2VVmsEECf8C0azKjBExAdHhP++c1Bv1FO6KpcBDB77W02bsG/OgrR+fq0ZCT0 + U3/YNmSekxaxgEM+fzxwUHQ70HUSeRGmDzHjkiXaVIhUF0Py/Y1+EerOjjqMtM41 + huWNqo9QvYeVzFGNrEVlZzTATOkJGzzsSQ0Y0sLNGyKOHD7fdxRi3XFURT/Pt9Je + ASCA7q4i9VV4QeRJUbZOd9n7PYSUG3gatwEihipYRBYCYoVbf3wbGqGWLewGwIJl + 0JC4krcog8++zojFsDuHYJMXtaJx6jo9QJuuw6/wjE+bwATAXPOJ3Ek3PrbWig== + =tynD -----END PGP MESSAGE----- fp: 4BE7925262289B476DBBC17B76FD3810215AE097 unencrypted_suffix: _unencrypted diff --git a/secrets/general/secrets.yaml b/secrets/general/secrets.yaml index 12d8016..c25b3c2 100644 --- a/secrets/general/secrets.yaml +++ b/secrets/general/secrets.yaml @@ -36,125 +36,125 @@ sops: - recipient: age1h72072slm2pthn9m2qwjsyy2dsazc6hz97kpzh4gksvv0r2jqecqul8w63 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2cmdUWlNuSDdOcWo3eHRD - c0tGY3FmWjdhclN0dFdJSlEveDJPbGxPSnlnCnlTM1dKNTY4SC82MWJqMVFLQ1pi - ZXNwaVAvNnJnRDlyQm5DRFM3MktRcmcKLS0tIGF2bTcxRFRGamZ0N3U4YnFoeXdT - ZENWbnBjM0VlSitYdXhCVVlUQ1ZKUjgKetWVsf1xLsqfAKkO0yQSJWDmxETYWBCQ - CSJn0mbabacvgLFZh9CIbm1GBm1CRR+pPVdygwy2ISQSpB27tbHApg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvVXQ0NTJFQ0dMUXgwa0J3 + bDNHMCtiQjhyQWVFRURUZXhMeFhZdklONlJJCk42QU5RdjJJTTNZbkpwU1ROaG9v + Z0loRDN6dFVvRGF6MU9QSjFOSFdEMk0KLS0tIHRpU2szSGt3dFFHZnpLSkI5Y04r + RDc5QzBrRVd5ZGUyT1dhRXBBRHFKT1kKribCx17AV6lvMqOwPiz4x1PUHE+2FKJG + f2VsmPAUi/Up7eMWcL2gJIRSKV3PQ0o6HO1L1cI/rZvdNRoH9rBwRA== + -----END AGE ENCRYPTED FILE----- + - recipient: age15klj4t7gpfp69472mne4ue62pp6m4e04dmjyw7yf30qtqd3vl3uqjmcyxm + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0ZGlpQUt6VFVvcjU2WjB0 + K2VodWJobVVQWEZRM20wWmlWQmhVck1uR1NJCjE2bkk4OXNaMVE3ck4yelNvSzhN + STZmNVRXZmsxU1p0WTgwOEJVSSswbEEKLS0tIEdGQVc5L2N2QXRxL3Nhb0tRcDRy + NFFPb3BSMDQyejcrdFppUU9RVTA1SDgKHqit3i9tkXzPkYFOvRXvZ+ANwZM9hXwv + eDa5eKXeRIaJrCDV4U+JM7icDLsqa0qcYJCTYWEWP+znUb0mzoKtSQ== -----END AGE ENCRYPTED FILE----- - recipient: age1k73gy5em3js9zklnnkzp5hme9k04lny32fgahmzddknjw5c295asdyr4x6 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAydTFkbFVtUGFQUFpBbjhx - cnZwVEVaWElKbVN4bWM0RnR5T1g3NndvejJrCngrY1NJVXpxNC9TN3dmK3VzZTFx - bG1FZEpubU8rSWYyU1NObW42TG1uancKLS0tIGg1dEowTVM0R2hKUWIyVVlRY3N6 - YitZNW5TamlJbWtNUFhiWmNoV3dXN00KDaQWoCLomSLPzt969bwa/pxOdlAUqPKg - 5jbzSJX22N671dhwzJY1IiGTRKNnh54hCZbb1Jvl0l2mUifkxZazIg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxVGFWQ0JnNEtURzhqRnNY + ZGtPZHBtQnFOeWNmUlNQaW5ZV2dTS1lYMEdNCk1lQXRZOHN0TzV0N21GUDdmQkpV + RzcxY2VsbStxczdoVjE2V3NPVUtrR28KLS0tIEQ1Q0pqbjNaZllkTUVYMHlXZ0Q1 + Szc2NDVNdlk2V1JQUVpWdVFBRXBod1kK/wTaGHUdgD3qcXGu7WaCmnNI0xJMG+Qz + 9uIBvZR+8rn8YWgnK2sZONembSA6Y/lbv5GNm1gm+nBxQRNf8PGPUg== -----END AGE ENCRYPTED FILE----- - recipient: age1cmzh82q8k59yzceuuy2epmqu22g7m84gqvq056mhgehwpmvjadfsc3glc8 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSArMUlHOGE3cjVuVnkzSS9L - aFRWZExPbUJDZUhXL29oaVlyZ2JUSmtpV3pvCkhGREdZYWVPZ29KSkErSkgrUVBt - YjNPVXVaeXlyNXIrdzRBVFVEMDR0VEkKLS0tIHFNdHFlQUtwcWx4TDMrRDFac3hW - M2ozakkvSGxSTi80Q3YzV0lJbUx4eTQKC7bf1qkqKM2YkHYuk67Ub7XAO3engfBi - nk/kDjf47A5LWUzGFDYb7UizmaI7lkPjw2mOhWPLGfX6uFK7sZAt2Q== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYOHAra1hJOWZoTjNnWVlm + QlozUUdFb1FnM25OMi85Z3VEL01IMjk5bmpFCkZ5VC9qS0pBNXZ6VWN1N1BvenFz + NTh4Zi9nZDVybEVSa2U1SWZubHJ3YUkKLS0tIFFXdWRZOXBWY0NrWVZITUlvT3Zp + Wm03aGN3eUo4VTgzblowcW5ac25pUlkKWr6fFxZhgD5MpOnqXgz9mLVcHZNK1yTX + XzYjejvUgnfijrHgv7X8M/aRTtx1MM31v0JFQOpIzYi6htgIs33r9A== -----END AGE ENCRYPTED FILE----- - recipient: age1hsumymvh5mkqlaynrp9lv2w696yk3wtjzlyfmrpeuvh9u2tlwceqh3563x enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBZOE1xRTJaWUR3cDBhS0ZX - eDJ3aW1vU1o1eW1yRW5UUWN4QWN6TFY2QUVnCnRGUkgvNmRFMkdFRHhPMlZrczB5 - VjRvb05NTHRxTkQ2Rmx3clJwUVovVTAKLS0tIGRzdm5vL2NTdTRpNmY1dUtXcGN2 - OEVSOEIydnRJaTdocVBNK3pQSk9lOVEKgD2xXVdgrk4Ur6UdbdEMsjCqu+w1VxTc - HIvvvx6JhXU5ZD7kjFru2eg2g9ZalikZuL7wt4OGfIkyZZrg0QwLZw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5VURSN1JHb0RZWUk0b3l6 + TzVqM3dKQXc4QjBEYk9Hakc5Tlo3Yy9DOFVrClZpb0ZmY01OVkNUWFRORFFleFY3 + UkhJTTZ3cnRJOHFOK0R4cUVjT1R5T0UKLS0tIC8zZkZySHQvZzZlODRxUFo4VndL + SHBTQS95VUhJMCtDdHhGa1UyOXl2SUUK32ydlugM4bzJuED7e2mZYaGl3H8A9qr8 + agXrRuxkN/0FIL+h+Vi3gNSpfOYG3bVMgeBJ/In+N9L448xmelxUgg== -----END AGE ENCRYPTED FILE----- - recipient: age1mjgw3nxlnqdj04mgjz3wn7fj2nl2nxla4p2r2fn4nkvayfgp09pqllxzyh enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQTU9jZXBtanR3RFZxRk91 - OGNDcnJFSU5UTEZDMHFRTmh0bGg3VkxNdTJBCitDNzVQZ3NOSWtGR0RhS3NvdC9E - NTFyejl6TFAyZk9ZK0hBMXVLUHplNU0KLS0tIGwyWnl4aVZxZ1BoR09kZDE1Z1hP - UWhnZVdhaGNtekdqVWV4UENJTGhiWUUK2Mo/VAq6pTUC919opBOVoqe8rDhx+7YG - WEEbFrsuncwU5E7lTRveIhI3E9cEA2+Fy88dN/p8ntCR2doaZjlu8w== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwM3ZQbnlNOHJ2cEJRdkN0 + VkNlMys2aU03WmxwKzBIR0Y0SHBKL01RdDBZCjVmSFhWblAvb0JDNy9UL242QmJx + bGh5N1Fwb3BSbW1JLytTZ0NIMDBzRUEKLS0tIHdtMjlRZ2pLOXMwMjQwTkgzelYz + ek1tbjdDdk1xdmt2Vkx1eDRjT3k1MTgKjWgvRxo7wMLjg3rMWU/96Kdch9Keo92R + lF0CvPRMT6u82tTwlz0uA+lqeW9EqK02vMlZ+joZ/uuUwPRpxFwu/Q== -----END AGE ENCRYPTED FILE----- - recipient: age16vzhcvz8tyxj8e0f47fy0z4p3dsg0ak4vl52ut3l07a0tz465cxslmhevl enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5V1ZTYW9KUmFKWFdWanpH - Q0dTcDZVd0pDSTVUWlVYVGptRndkVU1sRjNFCnVmQ0ZFRnBVWGk0ZExHeW5oTFNN - eFRYVzV2SDA1RmNZRXlrRmV4SGMvZzgKLS0tIHpkZS9ZbnViYmtqa1A3WmZjU2x5 - M3FaM0RaeURQT1lCb1oyNVcvbU1iRUUKDk3bCkZf+xGf40JoiC/lLmI9xVVrkHaK - AwSeHtRHhvunWdFRyNlO5gLeeAqQuIBAUlwuMTgMdLYKzueOjdzJiQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBLaW9FTnd0aDJqQzYzNmdP + bi9BZ0VPb0sxaFN2RFhGM2hRTGo1WHBOMG1rCjFFKzVQTVg1TkVaVnh6ZWdlWWVK + M3VlUU1RT3l5cEpFekN1a2VGbWdaRU0KLS0tIFdDZE1qejdlTEdzVGZWekpqVGpw + bFhUczRGOGJtS2YyaitKRkM4RkpqU2sKup7X2DTctWGdK4jtLMvuZdU6CD/KWsKS + 0ogvXK7WNRXsN3oAiJZUD4VN/nF1Fm8AAhIg+I0sbU18kSw7RW2JQg== -----END AGE ENCRYPTED FILE----- - recipient: age1zlnxraee6tddr07xn59mx5rdexw8qxryd53eqlsajasfhfy78fkq705dfg enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTMVB4N1NvWlN3d2IrYm84 - d09jWU00RUtUVTY4WTZ1d0w3N2tPZmcwVFFRCk9qNjM4UFB1b3NTTFowV3dmWGl5 - bEJNeE5LSlNGdGdGcjAzZ3A3RENqeE0KLS0tIDR2a0RXSVFQRHNSZzRjVThkVm5B - U1NhUjNYcmpVV1JBdGVEYWZha3dEbzQKeci1Kak+wj+tCEsQiKg52IvWbjrmx/aZ - ZEpwZOeuputFvxDVUAvkTtE/qthfstDjFnHYtKgTz2vtBUDachnhhw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAyUUN2MC8zdlRtN2pyTU10 + djIrRldJNCtJTkk3TkNtdDFUdjZGVWpScHdBCjBRU0JUYU02aC8yUEFjMmxMU2Fy + UGpkcjA3YVN0bTlCQTMwdTh3a2twLzAKLS0tIFpQODA0RFpwVU81YXFtRG5UenNQ + SWJ6TWpKTlZKTEhnQWhCVDdlTjc4akEKOTW8y3I7Mkoj1GiODTYx3oCAFfUula38 + ZsDQn+dKxG2ghzf2T6ePEHpmNSxnPWntap5NRBw7hzg6orrvfFTWXQ== -----END AGE ENCRYPTED FILE----- - recipient: age16lnmuuxfuxxtty3atnhut8wseppwnhp7rdhmxqd5tdvs9qnjffjq42sqyy enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBpYmpJMFgwWmsySWlzZk8v - OGtTTG9xZXNQL0pHMnlSdWxNSDlWY0NKdmdzCkd5VG5vcTZKSTBOVnFYQkdGNzRB - M0lPOGdNamJHcWxHRUFXUEp0ejF6eFEKLS0tIFM1VVpFK2UrcDk0YWoxOXo1Z2JO - OWpGV09wOVBEWnZ0M0xBdmc4TFlnYTgKlPTvteJrwkEfNAPGOKK84WNXz0ZWEkFQ - irEIJV+SQD75KCfsFQRNL9s0Phd6t1wknqAbB5L4GLPdLAZKY2hf1A== - -----END AGE ENCRYPTED FILE----- - - recipient: age1glge4e97vgqzh332mqs5990vteezu2m8k4wq3z35jk0q8czw3gks2d7a3h - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4OE5nYkFrbTZUWmdnVWN0 - YUhDNFRmblU2MFk4UFlXNmtoOVYvZkY2cWlRCmJ2VGwxUENxS0VKbnRXUVNRSWNW - ZlFTcTNVVnZKVXhqczc4ekF4M1FUTFEKLS0tIFhiR2QrYTFNcTZtZjduTWg3OFAz - aThXZ0c4MmNVU21NK2UyZGJjUkNQencKiyEdqY1J9MGYfbEQ6U/7xOulYFTemU9i - 2gg0P+3MhxBu1zcVTq+0+YbOxjw7O3/TKTO9Qj7MqdM3Gh1DXlix+A== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWYVJidGZlT3RPbmMxN2p6 + UVlHb0thVkJ3VGZkVEVta2lhVnZlSmZHMGlNCjRrcUIxSHEveDVjTWNDYy9LMTlJ + QXFCVXl6NWY4N08yQzJQRUVSb0o4WHcKLS0tIHhhUmxGWms4YmcreURweGZ2RndL + MldPOVRqektNcUgxd1NQSCtBR3I4MWsK85P4b4G9iR6OKN47LPQqV8k0Hk56twLc + UCFfJnxbajWgQkNO+4zErKobM1rlckYMImpS+KiHkep+nvdJa58Ccw== -----END AGE ENCRYPTED FILE----- - recipient: age18quey88vge7xytclg2nuq4ncme86dg04lxwczqxczmdchnjg3p0saehsnh enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBEQnZpbi80Qmx3WTYzc3p5 - TElMWkJYVlNLdlVZS0Q5cFNTei9ITVVkd0dZCldrdGQyZmxPUFFMLzFnL1c0VWpk - Z09XdktuNHQzTzh6ZnJueXoySHYwa28KLS0tIEc0ZXBHZ3ZvOVVlelVhNTZpS0hL - ZmhYMGhpcndEMlNFMWVPWmFUQitmRkEKQoi4hri+lEDo7FWiiYlbw11MK+PRnIbD - YYGmu44YDEMFZWAfszAaT6dYF0tJpyEuH0bOgcDEg7GlQf+BIIogtg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBIZ0w1cFV3WWRyaXlkOUJC + eGZEQmwyUUdXUmdiYy9wODJTVk5PRXdhYjNjCmRlbTNyNndSajFyVEZ6VkRqMlU3 + NEdkVlorMmpreGhRME1zeWpqQ2R1a3MKLS0tIGVVa1RHeWc4K0lXclkyaDJyZmZs + Rld4T05qTVl2NkJ1VFhpMmliaFNFaDAKthLpcXHY4hUnBZczBBl/aj07S1WNbVlA + 3Di1W1rNondKD1qzPsJyTdCIOjFsgUlTEvz6u46lscAMdPJcS5IrUA== -----END AGE ENCRYPTED FILE----- lastmodified: "2025-11-25T21:30:24Z" mac: ENC[AES256_GCM,data:kdyRIJYzWvHJp6Zu/1+JySrcfhjZpD5JQPIAuyHM5mxuUKBdH3dQGhrcJ3I7MOJBUrF+Bby4zakA57L7NBzwshNXsCFv9kCFolvE6m/Vhpv0SW2mzE8SguwxiU1xFC0kx2849YN539plhOEXK2be4TBxgTaFlimVtD4TtoWqt8c=,iv:DHKISvoLH4PFwqrd/iYULl+dFG7DYC57WuPHB5OyrAQ=,tag:TzTu8PWUBBAIBUmg6/fK+A==,type:str] pgp: - - created_at: "2025-11-25T18:32:48Z" + - created_at: "2025-11-28T00:25:03Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAwDh3VI7VctTARAA2KVbwbh02Bofe+Fp5xuwOZ8vezg5dQp9ZRq57NlnvTcN - LgygtWBkBYhle9PtkU+GoaIxD12cTErEXjwt70HpFlUtSQso8xzi8/wo0cvSynDp - pN7j6SLF4jNjQzF8d0CP2Pw0nz/kK2yt20G3WOEAsRdvaHsbd+IefPWX91hhM0cr - svTkPU1sVT/svhyhgSw6MllAxxHQ8s35RJD456MIzoQMr/R28cJz539R+R3NGQ8s - ecLK+8qaqBrKWkXvucs2E4zOMyN41ND7vWDbxQGHy2RY5xpXzXSvpw3eDljK8mcY - 6MOiuWgGzLl20ww5TD/c7EwD/V3mecu+DO/qReWFe+UzAZOP7DdH4gcrbmDyvrIk - vM5Es3rkLwp+N31bBEZoBOX7ebD5CjToz4WUgWDgiaIpiSsAsCW5wO4e85Lc6L0+ - MgqqicIcLQrUHLK6t/X68lFTHCmjKttKCYFnvA3pVi0BCpcTjGJiF7ywHhbVeBEE - Zp4zjbrz6hP6Sg4yE6DUFBf7cK5BrTbdw9DNO6h6wre2SFCGan3AlWyr2l+U6gq4 - fCgtLHJcjchf41bIdCNod+FImRBrkJYGdIff+ZqFQ8a3C10blmqoaHXii72ig+RJ - vwR/ND0BQWsV56tNkviEapBr3n196xR4ueXFTuXe69PX0BI95jP4ybyQlUmx6rCF - AgwDC9FRLmchgYQBD/95o/4k1QFCtDhpD0H2RXtlP9HH3Mlul9vsd1Heqf9I4oZ/ - XcwrXcaep/3Sf3VWIzzYtiid3gkO4yO/jBdxaQUY06h+32v9EsEbbE8TcpRCjUXz - fh5TBtPIPCDaZjj8Zg8CbJPeQL/9ePg85OLk8OL3kwbS8j77cAYnJwk2ghoyHMAD - Ty4Vy/qzyxmSMXXK/V8WDBuUb8D41iD8lTk0swTUKkwPQmn9IZvpD4uHB3M2L4ll - GneOcFET5RqpltUmm72DOoy/wcOCAb19IzRz1j9Emtob4BElhYyMHShyXof/8JUr - PiwMm5PWj30YRD7GvsfWpEHhpmN+uTauoRlQ5WNSDIMuDIVjIMq5whEQ3cnO1Wp0 - LPqL2KqE8U7nl2lsxEp9siZpt8yawOBZlHRqXrqsdQ94UrgBa/AkfqNC/WgSHi/5 - mgFKulRqT82Y7Gr0HZYmfAF3M1z4NZ1xOk3/LsmhkEc5NvMV1sWqIEOahKrUMwL6 - EfhxIdfYZ4RBf19A+L1ZFV9cxeI7NhBTK8IZNgJypTpih7Ue3igECuYNHxOrtTON - tIAqRU3Ow8V/JvO5SGXYtDk3SmFyaEEPQXb/ZDTuh0c3nRhbeIaHjF26nD22krht - B4MxaK+/UOsD61W3OICanep5fBREUN+Ku6BuYyT8hvZUJ+Kjjnp0G+EvL3dKX9Je - AZkb6xguhuMcgbS0K+mEItPcrozbNZ6t6KN9Gk/dn+6D9kONypkSlRveETyQHPkx - +jPJtJnro7ADZyFHzQTF2/2o6pEnyG2xwn3m32n9UAU0vZ30gV04AQYE9zMa0g== - =Z5aJ + hQIMAwDh3VI7VctTARAAxvLVJ3/HHHtBpSTiiBeywTeMHIAQcZEQLyZuX1uP/Z9q + HYt0LnLIFMfFfVKPc4abbtf7NlehfY13UHDYanWrS3ocWZP3GIaAmfpJoNiCgatk + Lat8ET75JPPjLsnWvh1cuyw3VUl/XwaZEobBTOgxzrlMbMa2o0Zj/XFxz4HQUlCw + eN/oBFr4YBRqtVBP79tSeTYSurtIe6HgaLu2KZSgClj8mvLysWne5yngllsSgBHA + LAhao2giJ7n3lgwSdIym4jzNmasLsMctPTbeYdaWYFUt6jAafJPVRDHw3TbmWHlm + jNpPQkUusfcRn4YgNT0YO2OerHgEfch5a/6iosA7fXFNM5X7gZ+X+tHfR/8PMIdU + 0PjBmpLiOjKfYoXSzKHv4spJ8B1VIiLPCr0I4nEeP/wHqvTnMak7A5l9mVBFVYXn + tfRgT0uuTZ4Y54hG2+HE8yzl4poetG1SOhyKZO4A8dRPbWol8GFEn9ioktIun2H2 + LBMQ11ERM+PDNhw/MsthiEt/L8gi2t2XRdHeYb+jEozgqgOEmYQe8N4/qBQji+uL + XKQVJjmQOfuIdPTl4KlajR1HTL21vxMhanNdnkJHDmyD18dAGjmll8fD61CD0Bw+ + pw592Sv5el0FfI7LiuoTEHgepWaZ+ntCTb+7TNUCi+jQZJEEaoZ20/QlD7n4APOF + AgwDC9FRLmchgYQBD/42kn1Iyr57d8a3pmHep3RFcxda+Hf52E5eSbtohSa1t4He + 0SotlD/+erXsFMTq7ivxV4hNjVDYLmlyBZDKafyoAakgArmNrAL9wYsGHlvbGY+T + 98mWXV3vco18Q0K2nvIvWeI1K7BvzWxiOFKjoayUwQn+PtQPcTK7m9Hmo44bkoVJ + j6whoFfHHKmYZmjjfMyGcK4rq7Eo/RGRhz8vEc5Fmh6yXAvjVzr+zOwDRarp4JM3 + XG5bOhxZSoILxfX9TossCQBNkExew6cG7W5CNn1JXQPiCCN1zk4wXHvZWcncKVx/ + XFDYvzcMPggayAVjOr/5ZN3jIOspg9AWHcWAjP0QHepwPPykQEpPbdO+A5hgLgYk + xXr1QTdZhVu53daJ+3HwLIkTSbm9H30wqXLy7NZGAqSNUrwzwf7leu487sbwE5Wb + zC4bMwQ87jQJMaQTN0XNhQNiRSCM1DCt3RLwZu2VxLwp9mlesR6sBTFEf4K4z8JD + t2PKL7InoLeC8ZsaHg9nlt3NXLMAEzx1dubA4gdzfsBG4UFonG4EVxH2qvDyIA47 + UtCljS4rppiOfgb1YbOMaxol1DaJ0fc0lUZnALAupHEufXgAHxMwUszARYAJn8g9 + l9/AVpaaa7AGCJFVoW39DfSrEZLs0mC0dTzZ7U5hgRP9W0HUIiA9tnqzefBNRdJe + AU1Av1PO+AHW6nh4bojR0ASAKIogb1sw/aX9H4hcDOyYgcgPatWbn4H7nKtbwVO1 + sPZacNrBfmWyVXMm2FSMkoGF/WOCXA46Rz0iULh15CYK1ZHnrR8nqH66nqpIPQ== + =iUhv -----END PGP MESSAGE----- fp: 4BE7925262289B476DBBC17B76FD3810215AE097 unencrypted_suffix: _unencrypted diff --git a/secrets/milkywell/secrets.yaml b/secrets/milkywell/secrets.yaml deleted file mode 100644 index 1177071..0000000 --- a/secrets/milkywell/secrets.yaml +++ /dev/null @@ -1,51 +0,0 @@ -#ENC[AES256_GCM,data:VljHjyZqPvnVxhuoEMhGrWA=,iv:nCHj+sdhAOJx37fGFkRzfrK+PsEP+tRELBhnP3bfoIU=,tag:fH5QNt5TeM3K4nXkeIC4wA==,type:comment] -anki-pw: ENC[AES256_GCM,data:TR3roG7I1213Lj8=,iv:bK3WIC8Q4Cm6cccXPFx4K25GRRUq7Le6bEAVdEZdNPA=,tag:LLC/agUxZT0MIKxk+TSevw==,type:str] -#ENC[AES256_GCM,data:EUHyFduvRqc=,iv:RHW3wsx8P1V4hkwnrl456qMgi9uz/1qoSOg5AvqwmhM=,tag:p26hGYMn5fbuNJ7Qr98E0Q==,type:comment] -kanidm-forgejo-client: ENC[AES256_GCM,data:LuOFq+bj9TIbaN6Arz/etcjEO0WnjswJNw==,iv:eqACcjjr7usTl7Dv8HTqH53cHDa0+HV5IYN8Rh5aChg=,tag:upBfWOUOEoZRPgUtlMZE4Q==,type:str] -sops: - age: - - recipient: age1glge4e97vgqzh332mqs5990vteezu2m8k4wq3z35jk0q8czw3gks2d7a3h - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNN3FrdkRTeUVOR2JsRWNT - QTV4bUw1TXN0SVRnNUREQ3VxNzdHN0duS0hRCm1FTGh0a1UxSDlLYnNxRndWNHpP - Um51WDlEZm9SMklXWDhjRFBRRHRkaE0KLS0tIDlkK0xhWXAvcTZjcmt2TUJyVGJ6 - cUUxYkVGN0hVZ3UrNHdmSXBQbVpkNTQK7yfeX133PekxsK/2BXxsx0pxmWBcZkZY - UO4ZHCcZQQKMg22BY/3pPz/Ui+uUfZ7AIdLjQb6WQvUbmgz5Lb0M9w== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-07-09T13:41:17Z" - mac: ENC[AES256_GCM,data:9SntfZTrKnCMwrQAncIcGO9qPXM4PT+ZWnmk0F6S0Lb2xx5O35/i39P9vYN/QMPMzKc5KmmLCzhictWvBE8mr4+17pfJBH0KgiAqaOm9Vgy8Zg79/xH4fCia8bwYDfKe5uNwvRwknM3u5/eXLNcr6MnkDspDYTusXhw/qTQav54=,iv:P+fHF35oMNP24vadFA/rAYDm6n0ieAMB43ovP+7vJCo=,tag:4gJqIhqRg+3P84aUgRIPbA==,type:str] - pgp: - - created_at: "2024-12-17T11:38:27Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAwDh3VI7VctTAQ/6AvUzw5v7J7zEN+rBs6A0CkOD4U9TG2akgch7eKkdKSB8 - FfVOheGz/R4IvrCx328yonhx1c6oNdaKE/zlQ4TZhzAiuKcPmAjYogi03OeIsPoH - X58lN44KrIIp47UGD0gPSfLDVjCy0M6UoNhXiYaDcvCngoQQT7o8KKPkqNCMK3Qd - yomU6Te4uO9A635z6N/dUeO6vmHK2Xt3ek/AaVdGbhjPzcLRq2t6vfsTT+fP1gLZ - V182+fPQ7aftyH0zuNCXOxrd2VbvCY8cmq/Sqztr7V/k2Wr1V2G2RTwlYo/VIEgL - 35Vpz0YXa/aUk27Ifvy40zscK31YH/N3UssgsCBzUHGl4JsbVntDtUrZmU/3Gi5r - yvz4icX4fXi/k3UyKxRcakfz+L5Lh0x/lI7+rCG/1AuxGawKxGBuBZzA4gsRNV8o - va1JzdxMvMDUkCx/kKCcH7Cn4vuDzmvhoLiATqWyMjjNSiBwaDL0Elc3Zydt9Y7B - 4ZKfeYW3wPxXqsqoxfKt9X2g6UYZZXSWoXmgcXhV66uUr66aPp2qqL9p47Mlm1tp - TpxuGYbtPnTCp5XT+AUHzUv4oFzTt0f6cpr82og0mOjOsy6huKZzpEC4O+QV5tX9 - aKbmSplCrcuUrELxqy1xec45N1lIHS0r5+BkIMirIrUwMDEgmkP8lBkVjyTr6ViF - AgwDC9FRLmchgYQBD/9ISXYyr89r9L1LchFKKSbffMn752vbUULJXa5/wY9yl3ad - jh9yLY//4Z317zMs1JjmVubjiwufYZvDEnHmZYdsREXzrpDTjGzdq7bg0pUp85rV - VXzX/1ZpQmYeCu6/DRSSHjGxbxWa5he77WtyKKhDK/uasHe6GFoSJTdi/I+/ps3K - mC0Famrj3QlC1G1RbyTMNUzUJO3+ggVdaDJhUIQUhQ4mYk/7p9VvmYbXUc49zyBY - tmkl5ULEfvwuYaDZumlfCtJwDuFBPVmZvB9c6pT1x+HD/t/+2hwpozQS88Kzvuwx - 6MblAjZiYiA0n4tteKjELjrQbmCrz0K+/euJi5DeIspAkjzJKac8/R6poVcDPuUk - OlpSe2mSJDyXjpK+zS46412eIyG7FtmtXscCFaru5PKU+7PCFWkXY0gErEZEyi9Q - LyrKhgsKAagaNhh87Ar9Sm/NKjhkRvgqk5lHkDp13hl7y7PX9qc5/tJukK0DIJEG - 08KGLjM6+vudjRJA0JljBNeCnlDljwcOLKNbxqVzeNQFLH7PVjOzC2O4QLJTxlE3 - 1QmPnVBewqfz4V5oQs6su52n81QTU+ywFJfhMjCr91+pqpZrh8j2fo7oMhHmR9QN - VYCVE61prZzV5B6rylXvk1aqyy9a1WMahBImqtsJS4xP6avNqXN41fog0B7FA9Jc - AexORDzza/Hp0SeiV4UQZlBpJ34HrONUiSUry9m2UZ4vbFAxBSXZdt6CVpBGHvCR - Dl4GxekAxaiaj2hvNNXJaVMupsMYpOCzyuUBayv0BFouCuaIFkoqOK9tAy0= - =pG8D - -----END PGP MESSAGE----- - fp: 4BE7925262289B476DBBC17B76FD3810215AE097 - unencrypted_suffix: _unencrypted - version: 3.10.2 diff --git a/secrets/repo/globals.nix.enc b/secrets/repo/globals.nix.enc index a1d18bb..68ef6ba 100644 --- a/secrets/repo/globals.nix.enc +++ b/secrets/repo/globals.nix.enc @@ -1,5 +1,5 @@ { - "data": "ENC[AES256_GCM,data:4xUewD3bW8oAY4nG78bYXC6LxCyG9Wd8S6bzlvOBpUNkkVdNpQo5OarlkKZrP7dNOFDw3fYjthRympGhPiWS/0JGTgCocEZyvTFbYdHsqtGvS0MBSd7tWcaQNfYcGUS69ueQz2xa9WN5AL5r3XMvdZzXWdOX3uap0m/KmfnRmrKsF060pMO1Ll7TCCRSOrj31r64HPG6mcwSPYe3DhkuMeOCKQRUNsfpe5T3PaQqwfgFqGrtKturYGg3YzwN1p7l5m+jc2BEWAswIJg7IuKgTSRqqtgfbduTlGZADxTcGDpczJ+wazH3LGqhhRB/ZUKeA0l5oezBrML7sJdTEfgiM/7xHT4cpW2TQewCQoSNDPxnHBxOz+2wa1mz9gXrBx24gLFpeHKYSIu7X3k/t4sG1ll2a1DjFvV+I+B4ALEj6kVkMnlieTpzreI7zsnuWR7TbhTFIN5xiPSWPITZpRH5SkYwicwv6j8KZqPVDoMnEKBq7PSZnjEFODzchrrEXCkahEJ/1Hw27Lz8PSLIsA+HQyjzhYJ/35OkG6QCbSoms8FONnJ6uK0iNXNau8mBO7memlXJNSdnuPtU/jd5CiGrBc85BaWU0aTOlXPJA+kJ2FKaL66JkOtObIEYhQWqt9ao4FwH+gXupnZDdPyX0ZpP/4CGa95FlhqpSVV3vzOFZyXhUi/QN8bBC5ESa0WgnXOf2p8y4Z35+AHbJX/RMsjG5yk8gDQU0BDU7+aXWNYX+JrQZgVFShgba5KFN7G45oYz8hbFBfpkOjfe8i8xiEMoGPnov9QhqjRpEN9eRFoT/tD4fY/6ztfBMcqr4pPZuZCU+wcZGM8k1y6/eguX+cJ0sVPYhB7ZZ/pa6Dea3JVekRFUdqQJBElteRIloRGoNuNaU+LLNTfO+H3ys9f4rhMOVumU4sffWTmnSwgQCCoPxbY1A4a5G69N2DnnRQwsN5qtsbN7aUb9eRECfNHcmldpwhUeUYOlfoLVKaJitfEU8+GgXB0umpd0wr6LD6GlmxPYKA/NZfnDk8+mkzJx1eul/x1YweH79+ifqdu1+TURc5AYEFcB5P2vxz185Q3HiWYMLvjClO4jyKaWZ0IuNq8jENmBYjsk8/G7Cec+/tdHFBbV5Ctn7g0gzwziAJ9mPgDUpRF7BpNWgJOpW8E1giFkiBUdPJoO/zfKJHdV5CKY6Qyq4kAv/eLyi2qhfHhKTkSiuW4nCYpqHDsFi51QnGM=,iv:N3Bs1Arc+0g9tCd66OMsrPyeB2be+76EFYBPPSchIpE=,tag:h5zh01CkvZj3ikWWwbJXEQ==,type:str]", + "data": "ENC[AES256_GCM,data:BIQdehLlRbxpiwHGl63ZI1a7Vn+KWwNSG8MdhcnOWIUPWtEHYuvwhvg1OfiDHhTvl3NFJRauVM5CSo7l7uPJvm6gAMPoky8tPZMBQOgiwFgBx9KH24VZZ555sQ6ura/etp++JoJ9E4JPmjgA3pI2M1KM9SJm5RuHpPjwnOnFYHmN2mx0xOnLilXcU5WgLb+10HwV7rHF86kyh63o/jXibjNBpfr9/QjrgpjzoVblf35G+ngi/Qg3a1bZNHrYF6Pcsqj4XnV9JnZxZj0SCFHQVswvnGaHqOAkJ6tUFmW3UFmtzTi9xc3VOPWaTQPBQMQ3ZThQgte8X+5/8H6ZzARC4i6x9RuZF+eC3HEB4kh4mOpTPsHbTz57FDgeHhh10JjqHNUa07lGCNszHQu4TQvylgKQKeWPW4yLSztSsZ1R03Vd51KGTRAHl1Jwqa4tt13oVbpqVGCh9e9Q78St1zbqAEg1TR9QnTPp7OAyE615VRlSqNgQ1PKda9GNftQuywl5tdf90EAvtH4DXOL6yERmFWfiXQ+GwKcuSnroVxggS6cvyce6DAPR9cCYqglpGNTrjOXNyBuJklgdc3tQryF9sSr7h9IYxzH0Ma43AXbnZPNYFg7ZYXUzD604dISS5RZG3a/sQqrFvokl2Q9koI72Qbl88geK0ZwZw8w3BqoUnsKHLQMkY91/bN0Z4/8kDhKAXEM4Egoevm3F9axZqnGCPvlhzb7JBHRdBcMV+WLRbnZzNqchxfdjD0R0W2qKq7T6iY3gzvyIsJqjtpJrtND5uZp4D9BSSmmEZvczTAVOjIB3g0A5mAj3lua/lfhj9JRtPZXi1c5Ggir4PrxfJXnrCo84cd2bUELUd7PIyrmqKVfFA2N3vAoEGlUZE7iTz5s/yT7IxId9GIQ1wvPBG1mrWh/AQEgDDVbz5pJgabqKpmg5/Huq3++PT6TAJqsf+fqRiBmlHctV9UcCCCVJu1bXPeCrxfvs7Tk/mEcVZoSv6qKGeYXxxQyyh5xEFdr8i5iCiFN9WVEwr5/R/A+kSF6fw9ZcWzIacSUNT4vg7enIS6N32ItrsyZB11LmAkhZjQaqN9t9ll57aC+SvJzqijNrjCyRR6GyGfMhyrDvA8tTtNuwhh/TsEADAqIE9Nls1KasVgZhQNLEmYj30d+Kr5l8Nd8OlK+Iv+xhEdZHNgajIxil/Dueo8IRp2etN2S4bWbMKLdQqDZGXYYmBS5EzHTrCj4F9u1/q5CcZbz6zMtoVz6UNsz9V15a5dFHDnGKRD1VdbkqMFxRhHCEd91MP9NWfos1PK+8uBSBtMgn1HOvAiM/2/VPosds4nB8+CH1AaJ1cBBAu1Ps7bGgq2vXin0l+Q+Ksv9Ae8QYINyPIREN6Gf691C4B/JzTUmM/9XHDjC7YsarF6l0fkFBX2grzPOJ28XlcvVAtGO3A2JPmrqM0ulUOjpOw0BxJNawCHsc/6MgNVqDzLV4Yxcqbfr332DOGPasujd1K2rn6/y1xwiP5kzUjQJNggkrnV6Pnv8YfCigspcnU5RjcCLJDtxqxCFtDR6AdE2kE7W9VLN8ncctgGTgUZje8d+IRuw7J8jPUNw/uWcUrZEJWRT0Jxf7macWAcS+TPew2PlBDE2xRYQ6//JOfdlPhHRXGwLFpuVxtSliDrFuaI3ZHsclKYubvKFtRD92DdiS0OcPPUDNRwQZy7HkxROJG3mYvazxNbQD9eLBo6smMbXzhJs8NACAcvaFBUubq/bFD7XtJP9wVP0R1VewIGFhLSvTrOCENXFnrkvhHr8lVmAE8iRleyaTcaYSllOiHX5SwOboU0pSlDZGrHIQP/qcZnzSs1fKSR/W2Q77I3Oo/joHVJThIIMAdWyuBA72OgqWXwF6AFTaGp90pAvU2HfojRXFRxcKZ5ZeGaekNLpt4G5hJD54SrbURQ308DQ2dkF6G6U9M7XYoNmvmPXAE+kvjWi8MRV29iVDWfYRCT637Eb6tHZfwyqTRyni9cuf8rOUf8rwhpF6mrIfyppw/4rA8mFqX0xzeoCva7ta5l2GcG5l441M7IDLA8Hfg6J0upchIZ4rquYiSeXUSFxXkObzQ5/+Pzg1lFwqYkESyJxs1vIH0oaxdrLHQDwTOan6DeMLitSVfHjleft2fKI2cU31,iv:2mWZV0MHwJ/o3f87DJZlMLDG68chyNp797iHXiuwFjU=,tag:Mn825hCcu5StKBdRBWN/4A==,type:str]", "sops": { "age": [ { @@ -39,8 +39,8 @@ "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHblFPenlYNDA2WnlVdFBm\nait3bEpqR2ZUUjlOM0tMT1Q4UEpFSXpNUGxFCmtvQjVyc3RUT2pMKzdBbHNwaFUz\nelFFRVZFVzdSekY3c2M3RmJvcDR1N28KLS0tIFZBazRsTW41N0tHdXJWZnpwUUJB\nNk1iMkxZOFFDY2JtVnM4WU5KUVVEVmsKHb8PCo8cTyipymup/F8Oue5DiP+uPznd\nXbD74jiB732WPPNOrXh+wU74Uj7EpYoazvTcs4tHu30cCpbCz6cqCw==\n-----END AGE ENCRYPTED FILE-----\n" } ], - "lastmodified": "2025-11-24T23:32:32Z", - "mac": "ENC[AES256_GCM,data:OAAUaCDJF3BOex3Mwl3CViPvrvkyYosgiC+hj1yvVDstRxM1hdpztl4GXA68jEykH3cw7tvSAom5ldeIr0FvZfwQ0WZXoYad6zPcQVvrdmuqev3B1TVnclvYTDKnt4UaJJleM9rYXmWYUgZSkKOr8Fgntx/YITl07kvJ8fCeIqc=,iv:a9utBRpGmwlhneyZEKWDytM8sD1z31fHQ942MTXzZ+8=,tag:n4sp39nXsmYlOXl4y37b9Q==,type:str]", + "lastmodified": "2025-11-28T12:19:27Z", + "mac": "ENC[AES256_GCM,data:twZisQ6z6fvOtU/0890bRyfM78WOx1gKhHuzlYh+T07VP77ykouZq15OnAz3FxxhwFm5X3LoEPbSl5ftBTj/X2bq6hNkApPdJyHgLPhpn1+56yCNn1sAUKngLbgv1fV1uzkR+a3m+4IKwz/EtVpJ+XY6u/Bc7YdAA9otpxQDMa4=,iv:pz8KncFgyn2wGt9D+IC9zz5/n4XczndVUqNfEWlqOL8=,tag:4PtXuWlgHocpR6ZhmmXc4Q==,type:str]", "pgp": [ { "created_at": "2025-11-23T20:29:01Z", diff --git a/secrets/repo/pii.nix.enc b/secrets/repo/pii.nix.enc index 2b632c9..0b60ce6 100644 --- a/secrets/repo/pii.nix.enc +++ b/secrets/repo/pii.nix.enc @@ -1,5 +1,5 @@ { - "data": "ENC[AES256_GCM,data:64kCBNazJSPYmdAr3f0t5VqXu7IeYXKOimQfXI+PGTdKq+GRfzXtm4c7Dn1ZS/qU+1fS6XvzrX5RMLwd5JEFFi8+UAvyfHQaggZ8hIAxbn90rfvYrdPwdzpBaX2DGvGRxtvA+7d44a2/QKkenwPvryfL+lkLmJ7s5bU8KGcSZtIqVO5AgQ8LvY4GN4GWJzVSdaksTnimywEyrzecNPByqMWxjVWJaxmfW1cc8sBeoXvxrg6rvAvqvVNNtMng2+O3rkIxC8w2EKf3WKVgjds8hSdML6yvShkVgI6rJAJq28dX6IG1Ju3orw4Ky+jc1qNWiPR+iKxvNzX9MmiUZR941I2znlfi9F5Z8fLzZO1oyiiJbTzqkOpVfP5UcIG7dk+JfHnW1JMg4BUmWX2i+KdwLUY/6X81CNedHpTgYnKsv8Ds9juAlgHvwGVF1Y0CoX6vhhKk0MPc2mKBdnz2VdXEdS9XMbkakLrF7CjsBSpuX9jJNJhRJ1lPKom0iezhyzUPNYwHmdulcGyI1Znu9XQZeQnMOXWa13PsQhae5Nx2lbIjaLtlabXPDIJNQGsUXkUGrumeh9OscAjuqvd2ld9AdRdXm/Irz/SifnkrFLiEefAlrhwUnViJOQ6trGDv3VD/1Py4PS2Ilq8Gevr6RPliVFatIMBLKnMUzviqO58cqoZw0hF4bRWUk8zX7ATCYx9l+SW7qCxvK9dIGzzS0IkXbiYYv1yaCYV/9FTiJJnKHiLQeOUmhiZgil7AW5A31klYesWAGNCMTKPkLQXqLCcQnwwEnM+wc7ud5+PbJZXr/Uy/0dzkcbcS4Q7NfIfn4N5MuOcV+FFKGS/brvrHSXfR+/tfFZrAe55px5OpxvO4Kt9PF4B/j49QmW7GxoAh2PpxkGaMfqAL91fJskrxx0YUa++ogxiI5XraUYbKPX5PJUjyHabC06P/mcwnw0mprdtJadhkVN3/9Xz67J4dpcLFFV3KF8JTimpnKgZVv3G7vmEuvitnUVERL7nG6mMFDOv2LkYrs6Rghg8tQHGTBybbIleOcdLeYk0kGtBuDNzjW4PN44syftMrBk17ALVRoeqVJxdvucLmRvhbpW70Whg9raJUwnuLj95cAGt2gH5lPLf6inX+iCxOxIojrUzH410hzqOLcLmTx/vZ5bxzWot/9WzyFlb4onk25lceJtDHF6LkoVx10rDaa3I0WPs95sCCN88ZfuDwMqaSm8ZeW/dZGgDsar45MBFWqJNSwxg25k19ifSFmUCxfbxd7nJfI8REXs8AOzsq12c8Ll9Z1UmoILla5QwRBnVGONqbl08AET99JPIoLUgmp8IbxRWhpzxpASH60zfzlZbbf79qGbP8B0EyCMdTzR2G98fxTyuIgHeCSA7sEiXuZtyZ/5yCGwPcAmy4sKZn55NdvANAWeyqYpXflMOqDtgyyyt0cHp8r6vwClB6T4nt6gvqmcx0fDh36yRyQmfpL/j5uIOSITq32OUw9C5FH+3uJi18QZPN7t6sdjI/OuoynFoXDTpjjRTzBQgItsaXPM1QdmkxMC68yvs/rMqNkdKZSzjVXKmM82QqtwObyiL41sJBj1Sqea29DMscSlKvdjJpHyDk5avO+ZBM6LdzU7sbr+E7DUOSKN0JPtrPnCfZV/OJjpNzsZjAeXXr4pMciRU0qHoKIpdvyA66gFTEvfZ1kenuOJ0jDuHR5+DqNUgVM/gvexRxpCMKESURomnJQCILjcHyAjpgQtuhLPyQQ2CUW/1b1JhULDIZBdjaTr8cIFyEtmOvnGMwCqo7glpmjmsy2tVqClqs7YK5wt5HjkWxUHl3xMwOxC2pFeZm+Qg7Cvh2nU7wP2hSQKCYl7HvxS6LlOQaA4ds0Nft1Iv0Af76d2C37pQUfCk02CheXub6glCDwnEwpgjMMRovuz3e+EJB5b9QZwBKY3tkiSs5vpcQa+PKrdEiSoUAagqEqeU4bakIkruLvQlfyV37qIw1GWf4btJP/i1zRNhKlBrK4ycd6Jxxcs141iyorrt1cH4wVDmLD9RZsJBJXXoq3bK5TDkqTSTBNtBSoMAB+Z4OPrd85NPlhbrIjN5rx7F2boP99j47rRS2Ja1bUHVoWoxqmG2I2ksEmgBGdwyQPNJXP2/uF9fGytQLT/J9wdkqt12Gse7Brrd//sFzk4tffkSdWrgwwRhTmxbR6MbDRWi3wT/6zvwQ2n5RQfmzA2aOyCBVMOvdymINc+DWT3F6tnqLkyv7hW5DZmf5OGnj3dOpdrt3no+TRrbF1O/tJ3fAOwrflJ17QOpBAVVSPIIU5CJ4hSUXszHhKwBUE3UXz+QRvN0n/ZfoQ0EwttpIF3fPV1Ob8PPQ6i6RJdIhFwYXSm0UwdUuW8Kb24LuLgSFJk5n7woX/5fquT2cV/4hTkSzV8vYotGic2sQzm+yyBR/VVVyO5r6Md1ippOg1kXeg5Yf3uBq5CCuXr0JeOEXDlcKPVGpTMAhvso2p10ylfhKvFdJRbVweUK3k5UADsMYqiAInThJZg1gxvVXWp6P6Oi/hwXCJvV0Zmu48A0T8q+AQ0FegwqoucbjatxUZVIJOtU35gFxiFxNvoVGslbzhDlZ7dmdv8Bsp3RR1CuNxKcTwXCb4q8JgEK3f2YlqnWSUmBNngYysx60AqYJ7+m+CKdaQyWsf0sMb+dkWgQ8ZZt/flyUT8AIMU/c6tcLRjpN9HgM+NXl8DfQnqXLOyJcVm56Ie5W4z8FLCnG9qPXanUQPuVD/LxRvUXlFPCnCCy91rhwSKP9uQAWi5NNuHq828EcKVZsJcqg5Cj5fAOdGJADQUnGyKM9Xdj91xnRXpnnUlbPG9kl72g/39epRfLonyhekCIgxeDWHPfLvS3YtXVnjtJ+CydcQ8/EpoYh9b22hcmgVXz1i7ufI9iwskb0VEtSxXE0cTpOL5e0XYkyMo1ZS51MSZamyrtkbsFXGYhWJEq1/yIdVQgTIHDU3SXmamoGWHZr4FJ29ErYk2BofzeLctmX3sATTyaYE3brA9X7q8LP3rYqf7bH+TzURE2SQmDysMCXs4dboww7RxjV5FjdeswLgkV0Sq2xaqxnUR4WzzvWeE+Yimz9ub1/T/oO6d2C1Qu5sEuVawrdeG94rleErp065EbiBcR6PK9/EZ4Ipls5qZ33GZ5NpL14J7ZWlLM91EPVtSsO+qDgh31pU9ZHGEwzmyYfLCh1ohA5yRyYJlNRUBbQg6vcbCj4R8Z1ufa1T7BdXm0onC85uQ4kRbRCfmY28uFPNXbVO9IOkajuiqwypl2Yp1DX7IjMCEwXsNlZtu+WSxSOsnciYSKRvKsgpXwx6C6dLiDIFx5fNCaWMeYIv95XoKYeH0ROB25JkKIA7RcwkyGegRkxQpVRk4UOLUm0MVuJtpDDzqG39BnereuNT8pmQelYWJTnVMUhx8Y2gtTjzp/EaRSyRuPddxsSvjT5gafuW47VaAKR+/iL1zLE6F+GcQS3J4rt22Kz6Y5M7cHXx0pqb3e6tRentbSjmTeVQDoqDIm7xbdxWJkMhM5Jlut1gqZHR3yAhr2+Jl8ouo9SA9Yu1A2VzyMBMOtG8fBDifvJY72RbhiZIwA2XMpBcHb8ll8gHgmiIS/lBAia4CsU6m+CVFdTntLQiD6xymqEAPGvVpQBiHqsivwKrqQTY2b7TVVgO4WUMRvJtvcyg5HOGwMS5tjkOw13ICEpUh+7pC54tGD/k/z1MeveJvv+EH5Ov59BtHXme3PCs8M4wHKbZOw/G344jI6ClkYt18u17dogo9FK9s2zlA6GVLhK/2R2w46bY1SN2xZ8vBATnJaeBXT66Ta3S21CqaiZ4VmweZ7TsVI/5nH7+d1NMOSnOHEojkg/vObtg4q5WNW2XeSY+ymOAWDH9tEz2wcKnAlWrLLITO0wVQiJkQqskLzqNvkrTrKEZplbxwd2+R+fiP8PivLXIV9ibThIvr0p2UhrCpSJ703nksYdzcYOt5+JAYYC0+2f3CGc1hd9fZ2Qlfc/1JgVrOHBhoixaJgYWqPQU6gAXWlPMnXepDrR0YXL/4yIi8VDNRCFmdOxFlG94kF4Ha6Q6NQGhONUajkT+JoYGFVHLnt+ZPOzcnLyCrNh/BCEEDr1vYfA625tUsTrol+7qP8UWH87qzRh6EdPwkaNOKSuMSIEyWV8hgZuephvfFdYSYf9VE9pkzQAtgFXvqwmI+6VW2vQ8XX0mGYuTk1DW8SFGYIcKmEUzAW6+mBk7F4uzD5Ziv0kmlYJbR5RifQpqgGDAN7LtmAr9ePcdzgErKxzNYwh9l28PRFyAZlNtQKXfom2XpmokyHFE/dLfMuab8/J12MOF2f4iECqyQSLBugNQCQFbDsmi4znRlP+YKvop7bI04VGe9Hd2bUYhb75xo8LMaU2bwuetW44NKjQa0lb/RK/oKHGVumcJhZsz2MbPNYCxoJ5E3W6IqtAY4QisGAh5YU0NEsgN6DTjFDMc8GxvbkD/H+HsONBfvErWvMQjOAa8I6/33bNJmlwDyw4JZkGjO0HAO9ng+lDIGZ0nAvFsgavVNRZJApXMnOKDFMHA2JeFPZCLl088C6MvG4t7b+4fJqlezbjavs/V7yXZ8h7fzWRr9ZFk2mBe7LwLCk/TVOPdNHD+DTjV+tMZPcL8ElhLPGHe29py8/TlS7KEJ7AsZ1VIbul+ljMJsuSFqjEwiIjJtaVi0AwSS64Afsj6NvxJhkgyNQC170gMCJx9xp/YEJpxw8w2skfnHaBc2XstSGDDkWTk1cgxIYtUR2aU1jxHraf+n9Y6HOz+QPYzezEMrBYscRK1OTjPlJ2+YDxicDcyiYBMtmREA+fJftwyffw2SjRWUinkM6Ax6QVCP3mbNRsrJivlhBrde2iLC7qyiJhjcz4o7oYz14AOIzJx8fDq1IxN2V5UMbBKwQQOarCqZwKW1k9kqVQ4orTqK6FHh7T1Qtiyy9p++cDv531y519l4nZZjL+OiCWASukIvN4du+VLNqiGMReh5ll218qwS6ldDV9dcYyTxL8TLNlNn43sF5HEP63tGEU4cQ35D7Ku/K62xp2dWWfvQay2F138jDjPem874iEd+bqKgxyOck24k/XRU8IsAUe7I1WkrJj7QtgLiQwohKedago3UOv3AZSgXCoeavSTngt+O95CUztCi2iH1mcHU+TIfqwP4v2GO2GbE5FWN5hE6Eqhf1FXZyvpE4qhVJ3wDg1vr9IQNsW+w/WQsQdRaP9hI31OS5YeIqTmqj57X7kkK6pa9vw0PJpcLOrdhETUdlThjMknlxxshXhKB1loBZa5YIQ0CAvgyFUFJMH7Ebe+NKKcmEReEs+kMqaf38cFJKuIDSrBvBkJvWqTAsOD38JiFJ8mT3OcKpHnOzCa18oulfe1jrXNnzXl9o7LnRQ3u0Cpyuo/07Z8+CM06aH2CMfUG7CG4E/xllKsvMfp/yf193j/gokYG8tfM3Tsxx167NgDYxuQ4T3m/eHDS9YjmvFzNOwQYTLV+uEYn4LniNYVtj3Z0tCSZcamA/UdayU3Xp3dE3qmjYCkIM9IynO+5m+d9iQhjNvG5L2oe7DXUoGfLFkDWb2TS9fBbpDekHSgXsWuEEgL7bYpcfZZmF18SNsT62JG//OJnWGrcRyPym4L7391jIrQuDsi7Uj5Mt1wSwEet9m/05b0kzro7EqegBsGJ50/3a5ou2ngJY0FDc6+ThgCTyjNNwfqt+Gv54KdpVgdRkEgWB0Q9VUPFxSmhV/u1EEveTHAX8Cwu0LvZrSFT5nT5D/r75+aqyAM7dmNJIrR4jiLa8h3eht+L0ROKXRny1uWz/ABKIHWPITM+UlxFF+ImRlDZpTzCZwXGzlSn53SP7k/clbLFJGdfJoQ04uV/NNA7Gs1IC4RFbXUAuAiLdMIVlbPfiBtJGw4MUkQ6qImrFjg4Gruch/1rTiHbCaVzc6yjQoRLAt3fVT93FbgcdSBIwqOH96PBI9GFKM2QF0T7/gt16zcjRrYtcspfGl2odzhql/lUrR0NysVSat5G2WBjPr2zLj/qZ2iVzTPf7rXUOaEoVMaNcrKKFhiplHTkuNV0xzrlN+xtBYy4mi1+GHw/rtqdeDnQS59y99T0ujhUFRMt7hR6Exv1vSw0PcrtOHWXRzPlpc7vKGjhvJi0NQxJi5L+iON1hFeozamvCoE4gCQsI3soCojavVRd8ywdx08ZCAHcpJkh1RVEuCGNng50IKOr48IP9jbaCO87RZTGjFUXVk3c7fn7nDIlCoKDM8O5apYYAbN0ueZF/n8qn8VJhC7fziUGkZye7oy6zGUMwSVPCYehsu/VE=,iv:kscgLxpTxzGmXqsLpjVzCQC/G7BAHVGskJwIW5bBbPI=,tag:CG29z/rzs9vhcWfzy6ZHkQ==,type:str]", + "data": "ENC[AES256_GCM,data:jfdUwKqEcpdCH9fgrePCUwy/q97eWyhe9vX4s5NoqbgSoNcCulxAVDuUbmrLpOIRGpqaaFEMHPX85Rv5RllJ//lfiwHjm5I1VET3xIZHUsUDWcGJVk32/NQHI1C0maMNeDDgjNhMyMPXMYGB+vh9nvaQ63I3t/D1bLTJu74JcMyrTWeSXXxrwx4iFvTx3DZgh3vWAVC/aRNsHVN2AOEfZoaOW4ixAE+qd6obu40ac1w0r32FRrzV9jUhR/XX3RjMNTm/7+KuKq8VLLn/D6h/XIp2Xdv8hn1xh9j2ekmKGTsmvdDUBjR2XuYbRHM3M0C7x4vp9lIEqRfTBUSiR4sSmWBHFnZNAm/E3Kbs3J14ITuU/mZFxkxCB3MjtzPJmKB9QhDX9bbAKebabkL1RDYeLMvoJC4rpdUbIniqfLxxy6CRK4OxIB6gT2J1Je/2QzCOOveahoSFjDe0VGM3X3dpYILqgGCg+RltFo88a00SToDMJtimbLErBGY6wLrYEv3B+iqntFrg/uShk6FIbyzqLrLAjJ8L2O+07eQcKRtyT1vKK8epgp/25PPk1j0evRk7DwvUC3dp2tO4Zcibg9RaIGy9MrMNvBc/fHg6/2b6uHhW6Abmu3ho3+PSpAukdAusF1X5bxinnxDADf/wIFP1XBqsM+AXWFzj1lXmW8xfpPupqyeMMLYW0kobHBwgM2ZQXYHWEbYCy9C3pGeOrfbxVnilnmcXhsChgttTekrFwHzostqhalrYOd/BE14YxWVxS0q8f2nRarF4p151LWOFfvBYb5oJiMygnuFSpvZprgew4QZ2icqi50hHziFFk52ASy+HFpVHHpSaKW2A6SWAC/aLsAiMMWCamCmG72ovdE5PkZLxha+EHbB460UkZO6CSuzRP3Kf9lcvugqFQPsC1cEJMKnCSMWBKSdCHedw683MrClbvJJ1QA5HWn8tsd/rtKLfSvoY1xfstOHq4PSlfuedVXJ4gQVRUzBa7wERUuCeEYT9VFBsmbGx6cHXYVcBrqK/sLoika7fX3nAZYbL6P8MxQ4j+EfZB7BPfp/x/hqQhFeCiATPHHryNZewfqMisnTjpVJX9/Op4CG7X37qZk5ca9gL1Ow/lv6gR1OqI8pBTsZGv9ufJD/GouHS5OuYuBL9BfCqBwB9ZZDP+UV3YwTt8gtkM96k1xYM7mHtaF4npKUGrEwhWwF1XL+7miZKkb3qVx0JNDHESTC4BOSLXwj7//9I+LSN7FFD0KcO6WG8/6T7c3RoYIRY8WSlEzIwKVhAuVvEwTAYXtDBjOtGKIJ3XEIpUeEE1IiCp14r/wnpt6qKsjZdwjH/VDsmdu0ts+I5lLyjs09OPJCV9fN2qWIj5J9vMxhIuc3bJKdunh7fwoYyuGRjo6jWa1Hhda7MLFdUUcMltQ5v+Of0K0GIakPpsiwdu0hi0SbFYposp5lrYyJqX/YT1+V2MZrSmjCuh4oi/G78zz+FbCKZQdyyU75WZiE3/0lRMM/5is79gU2azGZNzRIZbymKgFT06gVocKdWeg5kbr75eczK3ybcwC4TzivP4Wmdb+3W2hq4FUIc6sw8JjqHRR0Xp7u+8RS07Om4UugHC2nX02ilDj89w1V9ZoOOqURwgvkqEhVCI6S13AQbGZHbAw9R7id80DYQiMXBvN3v/k0QtynZAGWzjmwsT17lL304bgWJWQSw92iCax/D+3xLcUwlYwNYuNnisxywlm/KomwLzoFFZvuZJvWQ+Uq6bK/d/5+kTOMm0tn3C0HjBk3kaGINFLkn7YZIp5GnQegiNpkrDGjvSbjJc4aMu90XQI1efMi9Xq8qeGwC0HMB/VZkkKXAZRNC2Q81BFWfONQeaF1h+gi1ko+GoJG2NsuYLfNBhpgzRBF06yjSvFOGjWfsgnOpzMEJCIz/+peR4a24U4rtcy5UuFaoLc/jdhoLhKtOHsrFbaxVqFHljE2Zy7sVWiDIPu0TiFYC+OMnmVYuUmA1gFSHf95GOZQICjVSwvfXPQrW9bXa4Sar0ojE376ugLJ2sVLTM/k7RmcVjfrzGOfI2CZS7dOwrAuLT/9B0gBtVuLF1Hffhdg1VpPt4mfbWSV9mUbj1DiGKDsLTYzcANnDkVL+doYKb13CF1vTEtZ5P0xyIMFtgxcLNNjOUaw9isqcQ4gK6lZf3j3QQ5MMENJ+fZbwmiz1e4YpooV/Ed4ftbbqJVW/LxBpegsDDEAMM5GW/kj7SRl4iqF2CCUNJlojLp3Q07vVo5+Xz2vaHn6+rR7d6xvab2PHdukQ0yHyc+/V4ktQUdIe+jjikfgMNxgu5uceU4PRc6iE45WO7hCp5pxNIyyqv6Dajjqe6VYQPQD/fzdeMXttJ0YXL+QO8f9FsTwudzcL8ZSUtzvyUpkDS3b20Gf422kQTm2fBRy29aIljaKenKtHh0HEk5UUJJOGG5saVwFJBI+Uocc2MQihKtQp/X+pj7/Qfbi+yd7oEB8Oe1MaKws4Hr6+gpcMSlr5SWIq0VLe9O3Nd5viEu8Y1Nkf+8y0NYnK830alzVi1nI49GhD0IBn5dbhrQfmatziD+mXPdPCO7s+HBWUaZyzyKV72bXk8FIyHrj94LJrSxGD+BCrSJq4B7E1owkpSmKSiP55jEpWB2NbbWMd0EqvDTWd1oOpw/qfm2gEve9zzoFphmwVTnZ9Yjykb08CC6yij+/52V3un1qgPlvGNnIEVDpX5OfioqAm5pSym93JaZoiRaA/8kAOHhWNt9z0yzt9nTZL3V4ueYSOEDKXbVwy9sXkA+NW5C2ojgunefZ74i4KlreaKpiHndz+UkSLoFXJ3AvzpnklUZpgMH0IpItuI5ZKbZPoWX/vXtxV1AR0B4hRUmEu9zlj40XRyNg60Op5ytGTFFskh1h7tKJP0d4c7xxlK5nJh8wpTesPugMdL8ZaKt1SL/DZH61YX8eXenHfN+/ddBbN82S2Vy/6u8TH8TnZuaBaEklwB2dQng1OBMAQBJ592tMCHBVdUyZZjdJhUXFEnV4XUCwJ7/+6V71CbCkJmg7qaMEW8UBlAtGfXPswmNP+tKkVj4bU83HrrYTG28li7aCISUdt++LYV2hjCNwBYO5Ds15bfLbpOrtGuKAbbnf/xquY4qnvaS8MT1dOJwUOjNCvOQ5ui4/H/tg/BIrPnDU5uZMcHnzih6GimtJ/KfrZ1IdOGGPQY4a0bIXQBI6jQK0F3SqFi2HqsiCzl2bvz4k6Y1ghXRl+T3Ip99M3K9+oWvRCa0ybNQ/LA5rEcf56nxivPwfM3pJyfgJwRkAZymlDrUSq0CMLOxQzkjK+Y0Zegm7dEXIJ9mPLTdnkDzjB6HVUCLnux5HRBvv7ojR7LZndn6TBHcJ3Azgiw0Y+ueXtv7dGwdshPQjy9Hc4bVJugzzokelZCcJiDL8Lq9HpW1t9Big5e0fCj/tm4bT/YBchLM+JVhqBqU/0S9XRYRWFsJ09rQuHBZh+cLdCa/oPMUKdRfrw3R4p2cdKK10x/mZV+ueQ5mi/X3vhQs7w88hXg060zfNWV1RrGEmZTyG1RzpZ5AEQ4EPmfM+9vXk01tq+I8WVu7Cs4K3jCHs7uUPxF7ZKjH3iT8G5xG5nc1TiwfVXaikkl6nvXjmanfRMTGwO9AgFlBS3NB0x+NS812Crp0idS9cGHibg2expGKjF7QhmiM1lgxJn4FrPvJPVAMiw4VKWC/WJWK97LtXsq/B4kbrt2Qe7LTizEwNCmo+kjuJyFdJl2DztZTQihl302yKJCIUB3xjHe63X8DqSfequQ5tcFtI3AeiWEQlnvJR+djNw6m2NLQV+qnjy7P9dVCfW4M3zYp1GVIGqL1CBd172y49NOWLVarUrxB6sVMQdaOxgbVVS88XvHIH5yJtTlP/ZK0U8waSDev8NfXaQS5z2inV0qrhGPLJVxP1RSEs3lt6xBB5AxuQqeO6f90Bailyjp4aalV/oPTi89uIqP8qHnkRI3p6WQ7zYkqkDwLuz1pfMxlxP24RcDkut8ivhDgGCksmpShJaDIW8lVdXjXiuwuGA3cWNey0sRrvJ/Yj00KtgIzEecjy2zqlw+EwdBWW1JIQs0N8bQQDZfKkG8f3un1eFCOWGmBOVmD+sLNNO09C3j+1n9OOHOfQ0lQFU3exOJ/Atmzk+DuDe5WGb8v+2fCQJ+Zk9+0cEf8h0FAoOYJb0bP7f6LBrwkvKMl1BHJ5ybrcy5ScuD5KPwuQmF3uUop3soF4op6k+jvid/mLR2/XFtfbPuGA1zy6KfW5LsHAKXiGMsc+nXAPX5VsNIbOKHPpOUj27pKLivsq5CvBspiUSIGwb9LELNopTfikhqQ4Mu+CQIxjUyU10xJJf7MgYA2Cv0Rh151+QwNz9P0UAON6tPCMV5p1o4PQpSL0rTyromx3vP9By7HwHG1wrs9oL2lGTfEOd5Ro/qcP2EJuj3mo42ZoKXzqSkv5Fq7ShR3Y4G+OmRwX80f5fuzNh/pL+hexIkDqLPk7g6YlsEDVkKGeVU93Dvdj1dIyi3wvHSjR0b9LS59LbgmWm5x8acP+ZvrWheReSZV6mQ6DtzomUAkRv4EImPSA1bVzhtoz3SOEAFaZaTOizIYW7PTjQx5TX3mLMX+lazInvQfhGnkcpSOUGWMrq8kXYNjvwzke2i3Qv84wLsYfCiji38YWGBrcdioX6YmhIGP/XdSpOJc3OWPUcQNCbDk162ylSUsiyApol2JM0RMdHIVJK8rsqRau/f0nx+4ZOfnGyPCABElXQvUxu8vunv/GX7dTp9aB6W2YfU8BX5knOxNI3nmdF79XV/u8pE5qQ/KDW/IhDyU/JGYOKDzc1gU3NOGsRL8COlN55tbE35MFvlObfmdLECn5HEDTob7oCI05PtUek5nJ3LEaVt62Vv6ZGQNJ0Vvv++xbjloSbGF3yDt4nztDbsvCd3HCCt77dsdIarIME8mnRtdf2avVJrQ+cu0cHT/U5abj8rf5+bDks4SQujf4eklBYKSBbClNWXcRfh3aAoAY7idA9H4ul17hcdNQitG+KDRMBJXKGk4ixyqZtvwlKzk1F5EjeLxb4I++88gJnC+7h3rxbInTBh1ZUjRgaykQnHCFsX9mHWG1LACv3tAZsug4OQ57yQT8UKAgrkw1cG7+Y4/EhUCA+B6ao0dyBmhVQNl7N8HiwepzsyXZ0sdvvrlh5f2MQP5YTVzOsza2/WPX/j8zFMmwc3iDg9ZUEUyYOUv+YtneE/r7kBLIFs97BqrptTFbT3zx0f1lh6Hw/mOvt/qO4Sy6A4+zF94MypT8yHhlAfETi/srbT6FK7a6axuRFDTM5ccvQFYMo729jdvRnvpkqexk5nJW2vIcI5/KP+o6XWO6PHirz4TQXJSVwffO3I/RbtUrtcU3DhQUaHfbjwQ15MjZ29n3n7tAw5oqHMNEfgixL5H6glFNFdrXd5agVHf3Iqr0kyDXME0q+gyqgaqLE3AYdW/NtFOb5zTOw1EokkCgPRSX1iK08RaY1S86Sxk5IheAQrMdB2CJtec4lok+yOQ/Qed9nt3lUwsuW3VYDleRBzV8jM646YGOBVW4AB/kTmByGKjD1oSp06lLkw7n8i9ZBlAVvHjR6LQRsnzlHI+icnB4PxjwVPDLdbSpIT1Yq0Ts6w6F/y9HFHzErn84TtEtZOqSpiXLcdfmWqbjpFbAPn5PTdIUcI2PjjSk3dnRj6MuDG4l2Z1jK9Y/WNhVum0qBX4FJpqyQQ0rQQ4LdPs4VfT6QIVdsHXljLszMbD2/D0hQpySAiWItgtbAbNE2FobRoohy+1OFqClHqYjFYVFZD/70Y4yMYaQZBW097R9Y+bS9fPMkThtiUy3jNKMPrAO/kxgq9TTJmWxkkKUXuWthnQwDRJHE9NRTaVT/5ENPf03u8qu2jKblV53pR4+C6EW9Qp9sBhuJhmqsCQr6hCRSOnin09Q9hCIfGptlM/+NTSu856VbGWEPveJ2UPvIjs8BdBF5ik77IEjva7Wy4Zp4YrfGeQkRp20GDxhG+E5RhsTz/KSscs4+EFJ0EyVHTOblLd4ELkXcdETGcwzfbc3aXpTmplDB6j/Zp3LiwvNMLsimnqbSgspAFW6gAzi2SeiNuCFcK5RlinpJ5MwSaixDX20EVU/Ts2uyGWIdPUZ8bzhjwCVmKqmfIsFu8/al61hhNn3SfptSn7Qa8+AjnXLM2QT6nCLjyHDnIzukl3BuUBzw2svaacP7O6upi1b+QkIvWGyO1jX9OMb1rhx6BuxS4xx8z5X4hCLzdAY2LxRLHHLZWcSEDPPsoIafDhYjEH6Tjk9Byl9fP2GaVHU+udp//oJ4gixsXITHtLpC2NqaP3QxvWxaRF0fHhgYFHyUw8RyWZ2o2SZ5apV5sarHz+PFhXDYuuJnq+x2R2Vyw1Rhci+pQHt8WZoyIzM7/8BUhetnZZN87/cSe/AbPrQCgKIiahstyO9nil+uiryfO40g1cWNPZSJEpprTPD5BZk0zkozeJJCdVSU1utbQi0uMKyUP96DcWiHDAgebQ1VuC5x01Ok4F1GzH+HLjHSPOStzC9TE9M1W83usCJWmlAnPuX7sehT6tlTGIlnBPRixBGlK6bQGyKVhGa6/2o2xsJre5M/oRrn/OuCe+rq53IEiIZaureT9eNLwfg3bysS9mJKJw==,iv:N9mhzTM1a9g03ak55Bsh8+gopdHQNrbvJ//JiSULJyA=,tag:qhT837k21faROuAZ9hchwg==,type:str]", "sops": { "age": [ { @@ -39,8 +39,8 @@ "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBEdC8yODJqc2dBZzFodlJw\ndEJUejNMbVZXZm1uQ0FHeFhKd0craG14N2o4CnlvVkp6eFVLcDlnYStHaVRoajlm\nb05yZXA2aGpNaXROY2paYmpqM0dCencKLS0tIEVhMDR3d0Fla1RKY3l5cXZsNEFP\nZk9vdGl4eGxhcnBxVE91Z3ZoZ3Zzd1UKavS6iLiXL5acrtOc34OT2V/Ol6lWLtCo\nZglO7H8Agh58FRhyQUvDu+bHXTGnxWIhOnyAjJYwP3XUk0p/3E4PPA==\n-----END AGE ENCRYPTED FILE-----\n" } ], - "lastmodified": "2025-11-27T02:14:40Z", - "mac": "ENC[AES256_GCM,data:8APHtkscFHpzAzbvcjtsa6LpYPtTzH0nKDA59DDEZLxLT+IEDUSm+DD+HSF4GX4l7uawPCUGMMMZ9K++uvogi6ctfETFFwTN15a2P68r1DPU19tnrq3Oq4//08rSh0t6KXQXuwTeVda85WTQjd28eqNIcsMj7rtPIa7NzgS67Fs=,iv:JrKP9cU/hjWeN0f8EkNHQOq88GHRgmlmyxAQWc0IhP0=,tag:7MNCxxxCjpgOOhNkjK/qAw==,type:str]", + "lastmodified": "2025-11-28T00:28:27Z", + "mac": "ENC[AES256_GCM,data:GySJPXcFtuC2t+iw2uMR/rwefIGgDf1kztiPEbtnbCTVbs6VC5FSI55s0PXYJrJVl2GOwl9vhs/yaRnli5vfrdtETm4cTh9dkciATtcYGg6BoZyChQ0jR/wg6cs+txt2bHG21ebFASGsqLJZhnVBVlJ8QTMbC7/P1uqPngvu2qw=,iv:3lbhnN96KIbpr0EkH4wMVtU/hYfSMPDLRqyoj0zTsCM=,tag:cvl/dSS3OX3O3XpzIY6ZgA==,type:str]", "pgp": [ { "created_at": "2025-11-23T20:29:17Z", diff --git a/secrets/stoicclub/secrets.yaml b/secrets/stoicclub/secrets.yaml new file mode 100644 index 0000000..79c9d84 --- /dev/null +++ b/secrets/stoicclub/secrets.yaml @@ -0,0 +1,48 @@ +hello: ENC[AES256_GCM,data:FcovD7TctkGA+k33XCeGkgMPVnDmqh8IPKDF4ozL0zKCfTk9d3jNYFTyZc4LmQ==,iv:mOSuI7sb4EBA+q1hC1oc6c7trBDiGLEbACcpdVtWzJA=,tag:n6YRbF/pygNqQ9QlXiCjJw==,type:str] +sops: + age: + - recipient: age15klj4t7gpfp69472mne4ue62pp6m4e04dmjyw7yf30qtqd3vl3uqjmcyxm + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBMREU0eVFEbnRaVEJlRG5L + QjhVQ2F2WHZFaXJOM2hsOTBPMTQ2ditVMXpVClA5bndRc1YzV29NUEorSFNDNUxE + eEFwMnJoMHhMbDJtY0J2UnNIME1DRVEKLS0tIHN1dVNLWGRvbTRsWE1rT3c5aS96 + VXBRUEc0eDlQOXg5YlNJSmhDL0ZiUW8KvzVC0PMvMRjBaAS9WhpYvsWc34coUupY + aoF/zkgPmPWj6SY1vURpgUHC5FHolHL3DYQS/SQxdOXSrXIDxlIJyQ== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2025-11-28T00:26:29Z" + mac: ENC[AES256_GCM,data:ZiVgJ68aUtO9LAWq/GsW5aGlGKdWFDE3RULGiZOL+dfmozCwJJPFNpJsDs8uotdbJl0eu4FCZ1uravUGc9mkv8DlJwt/RVaHqXR1gxOGPRvRoXFAulatS8SvZ+g6Y1RDXW9MCvfaTA75WcbGXaSfaQLMkJgxXFXQ05FWjLMTvM8=,iv:i8Yw7WA7Xw0kpbEFlllO+LUrpqBSwuQi/j8CNJAYUac=,tag:ur0AtUdaDxwLfwftFNeSLA==,type:str] + pgp: + - created_at: "2025-11-28T00:26:23Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQIMAwDh3VI7VctTARAAhPx3hRyNLnIXwbGsjD6lAwhdqhe1yfJikB3+kWa+vaKC + /WOu22h0HB8cQwzeU6+LKeieuy70fEMcE2EHh8HjTuAIoi6kCDFjXA37pEtyIKaJ + 9uAc7EBNPOcv2TzFEnHjJXlMIRX1M4RegiZpOiZbkVkJeC7lJSe1mQhvHEqw3wmT + 7ye3ohDvHB7y2W040AD5wymntNOO3BSxQJEVPaKo7sLmbkUSPXRCBj7H715dHyFe + jf6nWbAElfUVM9oSK/TiYZwVcZv4/LbexAivRrlkFmnPpQMTrTeafS8r0sUtOoDn + 8YKuBu0JQMVFJpLA0hUrH/MIkEalbgv3DWsC5DoEEni5oQY3vC/bd0nM7P0hETop + wGFoBHM/kvGK8AnhcRmWy1fj15/TNrzF4uXn1Xr2tOLFrlLTor3JKCqIYTBWUIAl + Ve98SrZcvEdZKRqQiRyAXueJ1S4R60pCtTp6AtKxc7RyJuw6YM3VD3jcKBeIWf2l + UZr8yKfu24Rhy1WAe8+HT/LBzkB6/RKacBtJZVd0Ffnp8Cjaid3BJN3OQTLSSRCc + /t037ctWN/nSC8M/P6F/ZbSN4xEHRxT75c/qGpSBaMJgtwlD0wNIBCS9McuYD8p6 + e74KFlmm4901fytpHJvrdeQl6IAJCPV80540z3N78cdSxfTOF4Qj4/Dr4Flcp4CF + AgwDC9FRLmchgYQBD/4vX3zwM6MDpwW7+zeKrAgXYsHjIj2TYz8EIJ+bIH5/sUPn + F+o8kZyVjAc/c4AnKcCyWz1aYR47p9iHnk7Tf3mh8+MzZ4LCkuZjKmYjlfExd3RI + J0upRtTak4M/k2nxfVnosYwwFJhUnJpBlIt9DIU1AcDshAHnAOOeysIsfV7ahNQB + iYMvk196d+2HGdIPFPIG5tgJOFqamY3TtHrPmFx5SSj1ep4V2IMPqDudZDoyMscn + /8dYZCgnSFBDTFY/X8ngftxaXsdyRE/0QJFjG+c2M6G5gkccfpxkNU0toAwz3m9p + hS3s2YYkrMem/VdkqEvGW3cHnmM3ZHAttrfO49z91nmRaWDMm2ocl4CNoAsiEmc9 + /pQN9spgQGonDLM/yMpiuHEZNT8Pv+1YDS7kN2FlHuodsTazAi2ZoMDOrvHQhXkG + 9mS8fgVIJncthfxwbswjz77OZo/zyF41WgYzet9Lr8g7RDegmA+nPeFIJ+EVDKXH + o+KMJVbRrCiGnSvcVtBXQtvhcuJLe/LWvXbnsAo18+HPqA1PyaJtuMgc3dihuddV + KXGtDIpiy7UFw5o2w7Plqs2T+N0wQI2MTEkKS/TdWVO5zTMoI1uPE+b5H7z56Cnj + Xa65aUphUxxLMN9rbVXBSfhTyZCFM+nj7fY9pFmoUgfhKSZ83j3w5XlVL6bz9tJR + AUc8r4d6z59EE5vsIuImiM7/jsSudYewau2wnMuli3FmYISiR6kU+bRBmm0nF6Q/ + Kqt5nLxrcGKz2ivRxU6Hxc9D4gRaekoTkeP5J0Cr0IYt + =D/qK + -----END PGP MESSAGE----- + fp: 4BE7925262289B476DBBC17B76FD3810215AE097 + unencrypted_suffix: _unencrypted + version: 3.11.0