swarsel/.dotfiles
1
0
Fork 0
mirror of https://github.com/Swarsel/.dotfiles.git synced 2025-12-06 00:57:22 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

chore: decomission milkywell

Browse source
This commit is contained in:
Leon Schwarzäugl 2025-11-11 00:57:47 +01:00
parent ca35e7894d
commit 910fef4914
Signed by: swarsel
GPG key ID: 26A54C31F2A4FD84
5 changed files with 148 additions and 538 deletions
Download patch file Download diff file Expand all files Collapse all files

495
SwarselSystems.org
View file

@ -3301,207 +3301,6 @@ I have removed most of the machines from this section. What remains are some hos
- =MilkyWell=: cloud server used for very lightweight sync tasks of non-critical data
- =Moonside=: Proxy server + some lightweight services
**** MilkyWell (OCI)
:PROPERTIES:
:CUSTOM_ID: h:4c5febb0-fdf6-44c5-8d51-7ea0f8930abf
:END:
For this I use a free Ampere instance from OCI with 50G of space. In case my account gets terminated, all of this data is easily replaceable or backed up regularly anyways.
***** Main configuration
:PROPERTIES:
:CUSTOM_ID: h:922105c3-a604-47d9-918b-db1803784c75
:END:
#+begin_src nix-ts :tangle hosts/nixos/aarch64-linux/milkywell/default.nix
{ lib, minimal, ... }:
{
imports = [
./hardware-configuration.nix
./disk-config.nix
];
boot = {
loader.systemd-boot.enable = true;
tmp.cleanOnBoot = true;
};
networking = {
nftables.enable = lib.mkForce false;
hostName = "milkywell";
enableIPv6 = true;
domain = "subnet03112148.vcn03112148.oraclevcn.com";
};
topology.self = {
icon = "devices.cloud-server";
};
hardware = {
enableAllFirmware = lib.mkForce false;
};
swarselsystems = {
info = "VM.Standard.E2.1.Micro";
isImpermanence = true;
isSecureBoot = false;
isCrypted = true;
isSwap = true;
rootDisk = "/dev/sda";
swapSize = "4G";
isBtrfs = true;
isLinux = true;
isNixos = true;
};
} // lib.optionalAttrs (!minimal) {
swarselprofiles = {
server = true;
};
swarselmodules.server = {
forgejo = lib.mkDefault false;
ankisync = lib.mkDefault false;
};
}
#+end_src
***** hardware-configuration
:PROPERTIES:
:CUSTOM_ID: h:64dddedd-9b13-4b74-baf0-1d54d5a89d3b
:END:
#+begin_src nix-ts :tangle hosts/nixos/aarch64-linux/milkywell/hardware-configuration.nix
{ config, lib, modulesPath, ... }: {
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
boot = {
initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" ];
initrd.kernelModules = [ ];
kernelModules = [ "kvm-amd" ];
extraModulePackages = [ ];
};
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.ens3.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}
#+end_src
***** disko
:PROPERTIES:
:CUSTOM_ID: h:cec82b06-39ca-4c0e-b4f5-c1fda9b14e6d
:END:
#+begin_src nix-ts :tangle hosts/nixos/aarch64-linux/milkywell/disk-config.nix
# NOTE: ... is needed because dikso passes diskoFile
{ lib
, config
, ...
}:
let
type = "btrfs";
extraArgs = [ "-L" "nixos" "-f" ]; # force overwrite
subvolumes = {
"/root" = {
mountpoint = "/";
mountOptions = [
"subvol=root"
"compress=zstd"
"noatime"
];
};
"/home" = lib.mkIf config.swarselsystems.isImpermanence {
mountpoint = "/home";
mountOptions = [
"subvol=home"
"compress=zstd"
"noatime"
];
};
"/persist" = lib.mkIf config.swarselsystems.isImpermanence {
mountpoint = "/persist";
mountOptions = [
"subvol=persist"
"compress=zstd"
"noatime"
];
};
"/log" = lib.mkIf config.swarselsystems.isImpermanence {
mountpoint = "/var/log";
mountOptions = [
"subvol=log"
"compress=zstd"
"noatime"
];
};
"/nix" = {
mountpoint = "/nix";
mountOptions = [
"subvol=nix"
"compress=zstd"
"noatime"
];
};
"/swap" = lib.mkIf config.swarselsystems.isSwap {
mountpoint = "/.swapvol";
swap.swapfile.size = config.swarselsystems.swapSize;
};
};
in
{
disko.devices = {
disk = {
disk0 = {
type = "disk";
device = config.swarselsystems.rootDisk;
content = {
type = "gpt";
partitions = {
ESP = {
priority = 1;
name = "ESP";
size = "512M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [ "defaults" ];
};
};
root = {
size = "100%";
content = {
inherit type subvolumes extraArgs;
postCreateHook = lib.mkIf config.swarselsystems.isImpermanence ''
MNTPOINT=$(mktemp -d)
mount "/dev/disk/by-label/nixos" "$MNTPOINT" -o subvolid=5
trap 'umount $MNTPOINT; rm -rf $MNTPOINT' EXIT
btrfs subvolume snapshot -r $MNTPOINT/root $MNTPOINT/root-blank
'';
};
};
};
};
};
};
};
fileSystems."/persist".neededForBoot = lib.mkIf config.swarselsystems.isImpermanence true;
fileSystems."/home".neededForBoot = lib.mkIf config.swarselsystems.isImpermanence true;
}
#+end_src
**** Moonside (OCI)
:PROPERTIES:
:CUSTOM_ID: h:f547ed16-5e6e-4744-9e33-af090e0a175b
@ -3515,168 +3314,166 @@ This machine mainly acts as my proxy server to stand before my local machines.
:END:
#+begin_src nix-ts :tangle hosts/nixos/aarch64-linux/moonside/default.nix
{ lib, config, minimal, ... }:
let
inherit (config.repo.secrets.local.syncthing) dev1 dev2 dev3 loc1;
inherit (config.swarselsystems) sopsFile;
in
{
imports = [
./hardware-configuration.nix
./disk-config.nix
];
{ lib, config, minimal, ... }:
let
inherit (config.repo.secrets.local.syncthing) dev1 dev2 dev3 loc1;
inherit (config.swarselsystems) sopsFile;
in
{
imports = [
./hardware-configuration.nix
./disk-config.nix
];
sops = {
age.sshKeyPaths = lib.mkDefault [ "/etc/ssh/ssh_host_ed25519_key" ];
# defaultSopsFile = lib.mkForce "/home/swarsel/.dotfiles/secrets/moonside/secrets.yaml";
secrets = {
wireguard-private-key = { inherit sopsFile; };
wireguard-home-preshared-key = { inherit sopsFile; };
};
};
sops = {
age.sshKeyPaths = lib.mkDefault [ "/etc/ssh/ssh_host_ed25519_key" ];
# defaultSopsFile = lib.mkForce "/home/swarsel/.dotfiles/secrets/moonside/secrets.yaml";
secrets = {
wireguard-private-key = { inherit sopsFile; };
wireguard-home-preshared-key = { inherit sopsFile; };
};
};
boot = {
loader.systemd-boot.enable = true;
tmp.cleanOnBoot = true;
};
boot = {
loader.systemd-boot.enable = true;
tmp.cleanOnBoot = true;
};
environment = {
etc."issue".text = "\4";
};
environment = {
etc."issue".text = "\4";
};
topology.self = {
icon = "devices.cloud-server";
interfaces.wg = {
addresses = [ "192.168.3.4" ];
renderer.hidePhysicalConnections = true;
virtual = true;
type = "wireguard";
};
};
topology.self = {
icon = "devices.cloud-server";
interfaces.wg = {
addresses = [ "192.168.3.4" ];
renderer.hidePhysicalConnections = true;
virtual = true;
type = "wireguard";
};
};
networking = {
nftables.enable = lib.mkForce false;
hostName = "moonside";
enableIPv6 = false;
domain = "subnet03291956.vcn03291956.oraclevcn.com";
firewall = {
allowedTCPPorts = [ 80 443 8384 ];
};
wireguard = {
enable = true;
interfaces = {
home-vpn = {
privateKeyFile = config.sops.secrets.wireguard-private-key.path;
# ips = [ "192.168.3.4/32" ];
ips = [ "192.168.178.201/24" ];
peers = [
{
# publicKey = "NNGvakADslOTCmN9HJOW/7qiM+oJ3jAlSZGoShg4ZWw=";
publicKey = "PmeFInoEJcKx+7Kva4dNnjOEnJ8lbudSf1cbdo/tzgw=";
presharedKeyFile = config.sops.secrets.wireguard-home-preshared-key.path;
name = "moonside";
persistentKeepalive = 25;
# endpoint = "${config.repo.secrets.common.ipv4}:51820";
endpoint = "${config.repo.secrets.common.wireguardEndpoint}";
# allowedIPs = [
# "192.168.3.0/24"
# "192.168.1.0/24"
# ];
allowedIPs = [
"192.168.178.0/24"
];
}
networking = {
domain = "subnet03291956.vcn03291956.oraclevcn.com";
firewall = {
allowedTCPPorts = [ 8384 ];
};
wireguard = {
enable = true;
interfaces = {
home-vpn = {
privateKeyFile = config.sops.secrets.wireguard-private-key.path;
# ips = [ "192.168.3.4/32" ];
ips = [ "192.168.178.201/24" ];
peers = [
{
# publicKey = "NNGvakADslOTCmN9HJOW/7qiM+oJ3jAlSZGoShg4ZWw=";
publicKey = "PmeFInoEJcKx+7Kva4dNnjOEnJ8lbudSf1cbdo/tzgw=";
presharedKeyFile = config.sops.secrets.wireguard-home-preshared-key.path;
name = "moonside";
persistentKeepalive = 25;
# endpoint = "${config.repo.secrets.common.ipv4}:51820";
endpoint = "${config.repo.secrets.common.wireguardEndpoint}";
# allowedIPs = [
# "192.168.3.0/24"
# "192.168.1.0/24"
# ];
allowedIPs = [
"192.168.178.0/24"
];
};
};
}
];
};
};
};
};
hardware = {
enableAllFirmware = lib.mkForce false;
};
hardware = {
enableAllFirmware = lib.mkForce false;
};
system.stateVersion = "23.11";
system.stateVersion = "23.11";
services.syncthing = {
dataDir = lib.mkForce "/sync";
settings = {
devices = config.swarselsystems.syncthing.devices // {
"${dev1}" = {
id = "OCCDGDF-IPZ6HHQ-5SSLQ3L-MSSL5ZW-IX5JTAM-PW4PYEK-BRNMJ7E-Q7YDMA7";
};
"${dev2}" = {
id = "LPCFIIB-ENUM2V6-F2BWVZ6-F2HXCL2-BSBZXUF-TIMNKYB-7CATP7H-YU5D3AH";
};
"${dev3}" = {
id = "LAUT2ZP-KEZY35H-AHR3ARD-URAREJI-2B22P5T-PIMUNWW-PQRDETU-7KIGNQR";
};
};
folders = {
"Documents" = {
path = "/sync/Documents";
type = "receiveonly";
versioning = {
type = "simple";
params.keep = "2";
};
devices = [ "pyramid" ];
id = "hgr3d-pfu3w";
};
"runandbun" = {
path = "/sync/runandbun";
type = "receiveonly";
versioning = {
type = "simple";
params.keep = "5";
};
devices = [ "winters" "magicant" ];
id = "kwnql-ev64v";
};
"${loc1}" = {
path = "/sync/${loc1}";
type = "receiveonly";
versioning = {
type = "simple";
params.keep = "3";
};
devices = [ dev1 dev2 dev3 ];
id = "5gsxv-rzzst";
};
};
services.syncthing = {
dataDir = lib.mkForce "/sync";
settings = {
devices = config.swarselsystems.syncthing.devices // {
"${dev1}" = {
id = "OCCDGDF-IPZ6HHQ-5SSLQ3L-MSSL5ZW-IX5JTAM-PW4PYEK-BRNMJ7E-Q7YDMA7";
};
"${dev2}" = {
id = "LPCFIIB-ENUM2V6-F2BWVZ6-F2HXCL2-BSBZXUF-TIMNKYB-7CATP7H-YU5D3AH";
};
"${dev3}" = {
id = "LAUT2ZP-KEZY35H-AHR3ARD-URAREJI-2B22P5T-PIMUNWW-PQRDETU-7KIGNQR";
};
};
swarselsystems = {
flakePath = "/root/.dotfiles";
info = "VM.Standard.A1.Flex, 4 OCPUs, 24GB RAM";
isImpermanence = true;
isSecureBoot = false;
isCrypted = false;
isSwap = false;
rootDisk = "/dev/sda";
isBtrfs = true;
isNixos = true;
isLinux = true;
syncthing = {
serviceDomain = config.repo.secrets.common.services.domains.syncthing3;
serviceIP = "localhost";
folders = {
"Documents" = {
path = "/sync/Documents";
type = "receiveonly";
versioning = {
type = "simple";
params.keep = "2";
};
devices = [ "pyramid" ];
id = "hgr3d-pfu3w";
};
"runandbun" = {
path = "/sync/runandbun";
type = "receiveonly";
versioning = {
type = "simple";
params.keep = "5";
};
devices = [ "winters" "magicant" ];
id = "kwnql-ev64v";
};
"${loc1}" = {
path = "/sync/${loc1}";
type = "receiveonly";
versioning = {
type = "simple";
params.keep = "3";
};
devices = [ dev1 dev2 dev3 ];
id = "5gsxv-rzzst";
};
};
} // lib.optionalAttrs (!minimal) {
swarselprofiles = {
server = true;
};
};
};
swarselmodules.server = {
oauth2-proxy = lib.mkDefault true;
croc = lib.mkDefault true;
microbin = lib.mkDefault true;
shlink = lib.mkDefault true;
slink = lib.mkDefault true;
syncthing = lib.mkDefault true;
};
}
swarselsystems = {
flakePath = "/root/.dotfiles";
info = "VM.Standard.A1.Flex, 4 vCPUs, 24GB RAM";
isImpermanence = true;
isSecureBoot = false;
isCrypted = false;
isSwap = false;
rootDisk = "/dev/sda";
isBtrfs = true;
isNixos = true;
isLinux = true;
syncthing = {
serviceDomain = config.repo.secrets.common.services.domains.syncthing3;
serviceIP = "localhost";
};
};
} // lib.optionalAttrs (!minimal) {
swarselprofiles = {
server = true;
};
swarselmodules.server = {
oauth2-proxy = true;
croc = true;
microbin = true;
shlink = true;
slink = true;
syncthing = true;
diskEncryption = lib.mkForce false;
};
}
#+end_src
***** hardware-configuration
@ -3866,6 +3663,10 @@ This is a slim setup for developing base configuration. I do not track the hardw
minimal = lib.mkForce true;
};
swarselmodules = {
servevr.network = lib.mkForce false;
};
swarselsystems = {
info = "~SwarselSystems~ remote install helper";
wallpaper = self + /files/wallpaper/lenovowp.png;

50
hosts/nixos/aarch64-linux/milkywell/default.nix
View file

@ -1,50 +0,0 @@
{ lib, minimal, ... }:
{
imports = [
./hardware-configuration.nix
./disk-config.nix
];
boot = {
loader.systemd-boot.enable = true;
tmp.cleanOnBoot = true;
};
networking = {
nftables.enable = lib.mkForce false;
hostName = "milkywell";
enableIPv6 = true;
domain = "subnet03112148.vcn03112148.oraclevcn.com";
};
topology.self = {
icon = "devices.cloud-server";
};
hardware = {
enableAllFirmware = lib.mkForce false;
};
swarselsystems = {
info = "VM.Standard.E2.1.Micro";
isImpermanence = true;
isSecureBoot = false;
isCrypted = true;
isSwap = true;
rootDisk = "/dev/sda";
swapSize = "4G";
isBtrfs = true;
isLinux = true;
isNixos = true;
};
} // lib.optionalAttrs (!minimal) {
swarselprofiles = {
server = true;
};
swarselmodules.server = {
forgejo = lib.mkDefault false;
ankisync = lib.mkDefault false;
};
}

97
hosts/nixos/aarch64-linux/milkywell/disk-config.nix
View file

@ -1,97 +0,0 @@
# NOTE: ... is needed because dikso passes diskoFile
{ lib
, config
, ...
}:
let
type = "btrfs";
extraArgs = [ "-L" "nixos" "-f" ]; # force overwrite
subvolumes = {
"/root" = {
mountpoint = "/";
mountOptions = [
"subvol=root"
"compress=zstd"
"noatime"
];
};
"/home" = lib.mkIf config.swarselsystems.isImpermanence {
mountpoint = "/home";
mountOptions = [
"subvol=home"
"compress=zstd"
"noatime"
];
};
"/persist" = lib.mkIf config.swarselsystems.isImpermanence {
mountpoint = "/persist";
mountOptions = [
"subvol=persist"
"compress=zstd"
"noatime"
];
};
"/log" = lib.mkIf config.swarselsystems.isImpermanence {
mountpoint = "/var/log";
mountOptions = [
"subvol=log"
"compress=zstd"
"noatime"
];
};
"/nix" = {
mountpoint = "/nix";
mountOptions = [
"subvol=nix"
"compress=zstd"
"noatime"
];
};
"/swap" = lib.mkIf config.swarselsystems.isSwap {
mountpoint = "/.swapvol";
swap.swapfile.size = config.swarselsystems.swapSize;
};
};
in
{
disko.devices = {
disk = {
disk0 = {
type = "disk";
device = config.swarselsystems.rootDisk;
content = {
type = "gpt";
partitions = {
ESP = {
priority = 1;
name = "ESP";
size = "512M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [ "defaults" ];
};
};
root = {
size = "100%";
content = {
inherit type subvolumes extraArgs;
postCreateHook = lib.mkIf config.swarselsystems.isImpermanence ''
MNTPOINT=$(mktemp -d)
mount "/dev/disk/by-label/nixos" "$MNTPOINT" -o subvolid=5
trap 'umount $MNTPOINT; rm -rf $MNTPOINT' EXIT
btrfs subvolume snapshot -r $MNTPOINT/root $MNTPOINT/root-blank
'';
};
};
};
};
};
};
};
fileSystems."/persist".neededForBoot = lib.mkIf config.swarselsystems.isImpermanence true;
fileSystems."/home".neededForBoot = lib.mkIf config.swarselsystems.isImpermanence true;
}

22
hosts/nixos/aarch64-linux/milkywell/hardware-configuration.nix
View file

@ -1,22 +0,0 @@
{ config, lib, modulesPath, ... }: {
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
boot = {
initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" ];
initrd.kernelModules = [ ];
kernelModules = [ "kvm-amd" ];
extraModulePackages = [ ];
};
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.ens3.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

22
hosts/nixos/aarch64-linux/milkywell/secrets/pii.nix.enc
View file

@ -1,22 +0,0 @@
{
"data": "ENC[AES256_GCM,data:4mDIWJ+WBn4c3US7Gby15hCtYYS6gYR1asm3SafO6/qyPKrcfKN42d2iIZEIPEq5yVj6OKt7ccFjQI2q3p8Dpb+HNYzHeGRcwBXKPL5hbVziP7Ik8pAYib7klUSmMelqOkc0aS1kyRyQzpvQoA6T7vNqEdm8kBR4SRs=,iv:7ZTbZh7TnCnfZ33g88Bsk3TISfhxz3+4cB1KiFucCMM=,tag:QgPChPUmZiB4AhH2xXturA==,type:str]",
"sops": {
"age": [
{
"recipient": "age1glge4e97vgqzh332mqs5990vteezu2m8k4wq3z35jk0q8czw3gks2d7a3h",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1ZWxybEZUcjlIdmtOS3Az\nbGt2czliWHBlUWNsNDA0cTJLeXdFOXE1NHh3CllaWGh1ZEZINDhPMUdCZUQ3Ritj\ncTdpRFRHaFdBa3NPWk40WjVlaTlrQmMKLS0tIEZnYkc3Z2hzZXV1eGlsaktyckVT\nbTIrZ3BvZDNkRGpoZ2ZncVlwZysxMW8KU0vsVA9gG63M1ecqk918QHh7P+MSbKaM\nRv/HVAvCzNcMFwPUC7zF0jN0FpAl7eNGkniUMCzGyXHty4anSDyt1g==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2025-06-11T13:01:41Z",
"mac": "ENC[AES256_GCM,data:urkp4cEP8fzSvroewVTbVfFK4O03qKnd+Ch3ASJAo1xu++y+fuFFyRcvrY57xU32H+mK2ipSkl2FkeTYB2fNDpXzTIyCWGQPZ4i3doqmFkV1UPjjov8Cc/LY7eRQYj84pF9sFRMdAwtaUL3Kd4Ab45mO1fy7KYAW57zuUeZks/o=,iv:efnEEPHFu2EtRSyob3ozjHz4L1YHJ0AqzLb566pg5ZQ=,tag:VnrO5QFhdQFe9/7aJ9C/qw==,type:str]",
"pgp": [
{
"created_at": "2025-06-11T12:59:00Z",
"enc": "-----BEGIN PGP MESSAGE-----\n\nhQIMAwDh3VI7VctTARAAvlrXaui4wqN1kgpfcZMf53RsJYbZp6//miZzas2xKVW3\nyvtubrrYBrHGPEnUuoHexsN4xiQ0zayOn+eLrbv5+8/jhjL6cxtv894+iHYcgkD7\nDc9M4f57Lf7qF9lGTo1pgPKRf2GbHbHfDgUjz5XcIUD0WAz0PCkGQqutP5daw7wV\nMo+fKm6yOxb+e89rlOUY26/LSy+5WMIoQ03tcWu92UZeVRvtEL2LIDQJ3+gCEBrL\nPI0SU84tIl1At1TkKhJkcZ9axn0vOc+LzhcdZ3K5AkAlvnx6/+KdFiVj7xQNQyfN\nJJs3U1HKDca0R6efTRveEoi5nWew2FPGmRfOD34DorokM46Ol0l1c4gL+2LjvPUj\ntEG3slBFoKYbPuj6GSA2H3U2LcgVbPtZggr7VN7d4bLiqT/PkUa2jjAcsqyb+Twc\ng9nmCiWFvrGR76dpvSdx6oO6O/etMcWT9A4fYMPStXcnT32N4q+qrV/+nFZm4BLp\nWvDYkgVWmiAwYTcwuAHS12yH9ymEQMRanSNyzRqjax+GVN70B5nNU5sn8Ch0ex7Q\n6qJZq1j+i/OtNITvnnCdOxefntM4UZzyeyqvU+rZx40KepyVD2XFWkp+9abev0iL\nVbJK5PmNRRxqLaRWxJu2f/Jb86hy60XjCcsWGxuo67ZReRWOHIuyQB15tr3DdReF\nAgwDC9FRLmchgYQBD/49wGPgfs1G4Y0qcAoqZWbdpbcqCwYEzlRK1DJdjFTtE8LO\n+IpA03seoy7qCAp3v86qg7YwjydA+vCJUk7FRFbLiesKDxS1ZRwZSWHuM/v46rj4\nJoTqOPjuJDzed8dFdl4082PrQ0z+dXjsK/ua6d6eQRw6JEgpTLbv7f6Ru4RyM93h\n3wUodncoqcyZ/Wy7qLKCy10CTaD/RRpVrKt18J0L17Qbevmap6tqRZI11GWBnb+R\nqChAvuBQnhN19+MxgJ9AC20SqUht2pBvUXAhWf9vEGoygWR2kXuxyxK2XYu26zXa\nBb33xNAd2BZ/zr7fDnwjROkhRJ0YWk4GqaUCfo3zmT/OtHUzoyIvi0um7obOPzUk\n6RJw3q3siiUXavvTvgJMhCySwzHLtrPGYzCiHfkQc555yRqoz1XrdZOoQyba288y\niMFVzrIp+jlN+shNfsumGIgtogiYl3yI+Ecib7ozwIXDyOmBfsGUFLZkleGXWoH+\n/ZU3stAVFsSzOVkw656NWgsAEnqP1T7TGBMP1vibDPNZBp9aExA+1XLyVbr7sFJG\nWT9ypYorj7hF3UW1Ep/1fmcYovXICieKPR8sLVdWrPxRXArezfoqMAFhxdw6y87n\nQUrOTy8XOwsERmMOWhcU54NgdU21MDI3/sgh20KznNUU1iIOPQgfeobJ0rR/htJe\nAYaaMHhkJvSkiuXBKJIaz125xQrKvwLpB+OsuezPhT5Qn4MZUEoUa5Ft1GhiDqWM\nSB8o70nlAcw0CFvNlsYRZdVY5FACj81B1H6JH5eNUx6f2FVhcO61kc60LJvzug==\n=zX1v\n-----END PGP MESSAGE-----",
"fp": "4BE7925262289B476DBBC17B76FD3810215AE097"
}
],
"unencrypted_suffix": "_unencrypted",
"version": "3.10.2"
}
}