diff --git a/.sops.yaml b/.sops.yaml index f5bfacd..ee31af7 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -37,6 +37,7 @@ keys: - &summers-monitoring age1vn6ya0japzpgc256jg57fldsqe4udmq50sj5hmkywn7rxfnskevsx2q96u - &summers-nextcloud age1t7zagjfddns4yltupk7nx8xps4gh7mupyz85uuys0wd22cxj5qsq2hw0p7 - &summers-paperless age1rn0pxluh7m8dyeshek06d7scejqlrcewlk8xmyrwt5e5nev2dc2s3s78vq + - &summers-postgresql age12jh5836w3cmazec8ql652p9h3a3xn6quztztzqxg4n0kz7r96dnqqlhxxw - &summers-radicale age1gxg2peektn8x36kk3nsgmeawl73e54kaadqd649ygwrv43kkvejq2cw64z - &summers-storage age1kn34ny229gm0rg7wlcvxmcyjtz4gka6f2vd958fde6vmuzrxcvcsufra90 - &summers-transmission age1y69f2elvmq39lc3t3ucq9y7wt675520n7rvug88qg368qsmmk47qvwrtny @@ -78,6 +79,7 @@ creation_rules: - *summers-monitoring - *summers-nextcloud - *summers-paperless + - *summers-postgresql - *summers-radicale - *summers-storage - *summers-transmission @@ -320,6 +322,14 @@ creation_rules: - *summers - *summers-paperless + - path_regex: hosts/nixos/x86_64-linux/summers/secrets/postgresql/[^/]+\.(yaml|json|env|ini|enc)$ + key_groups: + - pgp: + - *swarsel + age: + - *summers + - *summers-postgresql + - path_regex: hosts/nixos/x86_64-linux/summers/secrets/radicale/[^/]+\.(yaml|json|env|ini|enc)$ key_groups: - pgp: diff --git a/SwarselSystems.org b/SwarselSystems.org index 26fcf60..23924af 100644 --- a/SwarselSystems.org +++ b/SwarselSystems.org @@ -2067,55 +2067,41 @@ The =_module.args= part is needed because we need to set/override the =flake-par More information on the actual packages build can be found in [[#h:64a5cc16-6b16-4802-b421-c67ccef853e1][Packages]]. #+begin_src nix-ts :tangle nix/packages.nix - { self, inputs, ... }: - { - imports = [ - ( - { lib, flake-parts-lib, ... }: - flake-parts-lib.mkTransposedPerSystemModule { - name = "pkgs"; - file = ./packages.nix; - option = lib.mkOption { - type = lib.types.unspecified; - }; - } - ) - ]; - flake = _: - let - inherit (self.outputs) lib; - in - { - packages = lib.swarselsystems.forEachLinuxSystem (pkgs: import "${self}/pkgs/flake" { inherit self lib pkgs; }); - }; - - perSystem = { pkgs, system, ... }: - { - # see https://flake.parts/module-arguments.html?highlight=modulewith#persystem-module-parameters - _module.args.pkgs = import inputs.nixpkgs { - inherit system; - config = { - allowUnfree = true; - - permittedInsecurePackages = [ - # matrix - "olm-3.2.16" - # sonarr - "aspnetcore-runtime-wrapped-6.0.36" - "aspnetcore-runtime-6.0.36" - "dotnet-sdk-wrapped-6.0.428" - "dotnet-sdk-6.0.428" - # - "SDL_ttf-2.0.11" - ]; - }; - overlays = [ - self.overlays.default - ]; +{ self, inputs, ... }: +{ + imports = [ + ( + { lib, flake-parts-lib, ... }: + flake-parts-lib.mkTransposedPerSystemModule { + name = "pkgs"; + file = ./packages.nix; + option = lib.mkOption { + type = lib.types.unspecified; }; - inherit pkgs; + } + ) + ]; + flake = _: + let + inherit (self.outputs) lib; + in + { + packages = lib.swarselsystems.forEachLinuxSystem (pkgs: import "${self}/pkgs/flake" { inherit self lib pkgs; }); + }; + + perSystem = { pkgs, system, ... }: + { + # see https://flake.parts/module-arguments.html?highlight=modulewith#persystem-module-parameters + _module.args.pkgs = import inputs.nixpkgs { + inherit system; + config.allowUnfree = true; + overlays = [ + self.overlays.default + ]; }; - } + inherit pkgs; + }; +} #+end_src ** Globals :PROPERTIES: @@ -2244,217 +2230,209 @@ The rest of the functions are used to build full NixOS systems as well as halfCo - =ConfigurationsPerArch= does the same for full NixOS systems (NixOS or darwin). These can further be specialized by passing in the corresponding =minimal= arg that is used during bootstrapping. #+begin_src nix-ts :tangle nix/hosts.nix - { self, inputs, ... }: - { - flake = { config, ... }: - let - inherit (self) outputs; - inherit (outputs) lib homeLib; - # lib = (inputs.nixpkgs.lib // inputs.home-manager.lib).extend (_: _: { swarselsystems = import "${self}/lib" { inherit self lib inputs outputs; inherit (inputs) systems; }; }); + { self, inputs, ... }: + { + flake = { config, ... }: + let + inherit (self) outputs; + inherit (outputs) lib homeLib; + # lib = (inputs.nixpkgs.lib // inputs.home-manager.lib).extend (_: _: { swarselsystems = import "${self}/lib" { inherit self lib inputs outputs; inherit (inputs) systems; }; }); - mkNixosHost = { minimal }: configName: arch: - inputs.nixpkgs.lib.nixosSystem { - specialArgs = { - inherit inputs outputs self minimal homeLib configName arch; - inherit (config.pkgs.${arch}) lib; - inherit (config) nodes topologyPrivate; - globals = config.globals.${arch}; - type = "nixos"; - withHomeManager = true; - extraModules = [ "${self}/modules/nixos/common/globals.nix" ]; - }; - modules = [ - inputs.disko.nixosModules.disko - inputs.home-manager.nixosModules.home-manager - inputs.impermanence.nixosModules.impermanence - inputs.lanzaboote.nixosModules.lanzaboote - inputs.microvm.nixosModules.host - inputs.microvm.nixosModules.microvm - inputs.nix-index-database.nixosModules.nix-index - inputs.nix-minecraft.nixosModules.minecraft-servers - inputs.nix-topology.nixosModules.default - inputs.nswitch-rcm-nix.nixosModules.nswitch-rcm - inputs.simple-nixos-mailserver.nixosModules.default - inputs.sops.nixosModules.sops - inputs.stylix.nixosModules.stylix - inputs.swarsel-nix.nixosModules.default - inputs.nixos-nftables-firewall.nixosModules.default - (inputs.nixos-extra-modules + "/modules/guests") - (inputs.nixos-extra-modules + "/modules/interface-naming.nix") - "${self}/hosts/nixos/${arch}/${configName}" - "${self}/profiles/nixos" - "${self}/modules/nixos" - { - _module.args.dns = inputs.dns; + mkNixosHost = { minimal }: configName: arch: + inputs.nixpkgs.lib.nixosSystem { + specialArgs = { + inherit inputs outputs self minimal homeLib configName arch; + inherit (config.pkgs.${arch}) lib; + inherit (config) nodes topologyPrivate; + globals = config.globals.${arch}; + type = "nixos"; + withHomeManager = true; + extraModules = [ "${self}/modules/nixos/common/globals.nix" ]; + }; + modules = [ + inputs.disko.nixosModules.disko + inputs.home-manager.nixosModules.home-manager + inputs.impermanence.nixosModules.impermanence + inputs.lanzaboote.nixosModules.lanzaboote + inputs.microvm.nixosModules.host + inputs.microvm.nixosModules.microvm + inputs.nix-index-database.nixosModules.nix-index + inputs.nix-minecraft.nixosModules.minecraft-servers + inputs.nix-topology.nixosModules.default + inputs.nswitch-rcm-nix.nixosModules.nswitch-rcm + inputs.simple-nixos-mailserver.nixosModules.default + inputs.sops.nixosModules.sops + inputs.stylix.nixosModules.stylix + inputs.swarsel-nix.nixosModules.default + inputs.nixos-nftables-firewall.nixosModules.default + (inputs.nixos-extra-modules + "/modules/guests") + (inputs.nixos-extra-modules + "/modules/interface-naming.nix") + "${self}/hosts/nixos/${arch}/${configName}" + "${self}/profiles/nixos" + "${self}/modules/nixos" + { + _module.args.dns = inputs.dns; - microvm.guest.enable = lib.mkDefault false; + microvm.guest.enable = lib.mkDefault false; - networking.hostName = lib.swarselsystems.mkStrong configName; + networking.hostName = lib.swarselsystems.mkStrong configName; - node = { - name = lib.mkForce configName; - arch = lib.mkForce arch; - type = lib.mkForce "nixos"; - secretsDir = ../hosts/nixos/${arch}/${configName}/secrets; - configDir = ../hosts/nixos/${arch}/${configName}; - lockFromBootstrapping = lib.mkIf (!minimal) (lib.swarselsystems.mkStrong true); - }; + node = { + name = lib.mkForce configName; + arch = lib.mkForce arch; + type = lib.mkForce "nixos"; + secretsDir = ../hosts/nixos/${arch}/${configName}/secrets; + configDir = ../hosts/nixos/${arch}/${configName}; + lockFromBootstrapping = lib.mkIf (!minimal) (lib.swarselsystems.mkStrong true); + }; - swarselprofiles = { - minimal = lib.mkIf minimal (lib.swarselsystems.mkStrong true); - }; + swarselprofiles = { + minimal = lib.mkIf minimal (lib.swarselsystems.mkStrong true); + }; - swarselmodules.server = { - ssh = lib.mkIf (!minimal) (lib.swarselsystems.mkStrong true); - }; + swarselmodules.server = { + ssh = lib.mkIf (!minimal) (lib.swarselsystems.mkStrong true); + }; - swarselsystems = { - mainUser = lib.swarselsystems.mkStrong "swarsel"; - }; - } - ]; - }; + swarselsystems = { + mainUser = lib.swarselsystems.mkStrong "swarsel"; + }; + } + ]; + }; - mkDarwinHost = { minimal }: configName: arch: - inputs.nix-darwin.lib.darwinSystem { - specialArgs = { - inherit inputs lib outputs self minimal configName; - inherit (config) nodes topologyPrivate; - withHomeManager = true; - globals = config.globals.${arch}; - }; - modules = [ - # inputs.disko.nixosModules.disko - # inputs.sops.nixosModules.sops - # inputs.impermanence.nixosModules.impermanence - # inputs.lanzaboote.nixosModules.lanzaboote - # inputs.fw-fanctrl.nixosModules.default - # inputs.nix-topology.nixosModules.default - inputs.home-manager.darwinModules.home-manager - "${self}/hosts/darwin/${arch}/${configName}" - "${self}/modules/nixos/darwin" - # needed for infrastructure - "${self}/modules/shared/meta.nix" - "${self}/modules/nixos/common/globals.nix" - { - node = { - name = lib.mkForce configName; - arch = lib.mkForce arch; - type = lib.mkForce "darwin"; - secretsDir = ../hosts/darwin/${arch}/${configName}/secrets; - }; - } - ]; - }; + mkDarwinHost = { minimal }: configName: arch: + inputs.nix-darwin.lib.darwinSystem { + specialArgs = { + inherit inputs lib outputs self minimal configName; + inherit (config) nodes topologyPrivate; + withHomeManager = true; + globals = config.globals.${arch}; + }; + modules = [ + # inputs.disko.nixosModules.disko + # inputs.sops.nixosModules.sops + # inputs.impermanence.nixosModules.impermanence + # inputs.lanzaboote.nixosModules.lanzaboote + # inputs.fw-fanctrl.nixosModules.default + # inputs.nix-topology.nixosModules.default + inputs.home-manager.darwinModules.home-manager + "${self}/hosts/darwin/${arch}/${configName}" + "${self}/modules/nixos/darwin" + # needed for infrastructure + "${self}/modules/shared/meta.nix" + "${self}/modules/nixos/common/globals.nix" + { + node = { + name = lib.mkForce configName; + arch = lib.mkForce arch; + type = lib.mkForce "darwin"; + secretsDir = ../hosts/darwin/${arch}/${configName}/secrets; + }; + } + ]; + }; - mkHalfHost = configName: type: arch: - let - systemFunc = if (type == "home") then inputs.home-manager.lib.homeManagerConfiguration else inputs.nix-on-droid.lib.nixOnDroidConfiguration; - pkgs = lib.swarselsystems.pkgsFor.${arch}; - in - systemFunc { - inherit pkgs; - extraSpecialArgs = { - inherit inputs lib outputs self configName arch type; - inherit (config) nodes topologyPrivate; - globals = config.globals.${arch}; - minimal = false; - }; - modules = [ - inputs.stylix.homeModules.stylix - inputs.nix-index-database.homeModules.nix-index - inputs.sops.homeManagerModules.sops - inputs.spicetify-nix.homeManagerModules.default - inputs.swarsel-nix.homeModules.default - "${self}/hosts/${type}/${arch}/${configName}" - "${self}/profiles/home" - "${self}/modules/nixos/common/pii.nix" - { - node = { - name = lib.mkForce configName; - arch = lib.mkForce arch; - type = lib.mkForce type; - secretsDir = ../hosts/${type}/${arch}/${configName}/secrets; - }; - } - ]; - }; + mkHalfHost = configName: type: arch: + let + systemFunc = if (type == "home") then inputs.home-manager.lib.homeManagerConfiguration else inputs.nix-on-droid.lib.nixOnDroidConfiguration; + pkgs = lib.swarselsystems.pkgsFor.${arch}; + in + systemFunc { + inherit pkgs; + extraSpecialArgs = { + inherit inputs lib outputs self configName arch type; + inherit (config) nodes topologyPrivate; + globals = config.globals.${arch}; + minimal = false; + }; + modules = [ + inputs.stylix.homeModules.stylix + inputs.nix-index-database.homeModules.nix-index + inputs.sops.homeManagerModules.sops + inputs.spicetify-nix.homeManagerModules.default + inputs.swarsel-nix.homeModules.default + "${self}/hosts/${type}/${arch}/${configName}" + "${self}/profiles/home" + "${self}/modules/nixos/common/pii.nix" + { + node = { + name = lib.mkForce configName; + arch = lib.mkForce arch; + type = lib.mkForce type; + secretsDir = ../hosts/${type}/${arch}/${configName}/secrets; + }; + } + ]; + }; - linuxArches = [ "x86_64-linux" "aarch64-linux" ]; - darwinArches = [ "x86_64-darwin" "aarch64-darwin" ]; - mkArches = type: if (type == "nixos") then linuxArches else if (type == "darwin") then darwinArches else linuxArches ++ darwinArches; + linuxArches = [ "x86_64-linux" "aarch64-linux" ]; + darwinArches = [ "x86_64-darwin" "aarch64-darwin" ]; + mkArches = type: if (type == "nixos") then linuxArches else if (type == "darwin") then darwinArches else linuxArches ++ darwinArches; - readHostDirs = hostDir: - if builtins.pathExists hostDir then - builtins.attrNames - ( - lib.filterAttrs (_: type: type == "directory") - (builtins.readDir hostDir) - ) else [ ]; + readHostDirs = hostDir: + if builtins.pathExists hostDir then + builtins.attrNames + ( + lib.filterAttrs (_: type: type == "directory") + (builtins.readDir hostDir) + ) else [ ]; - mkHalfHostsForArch = type: arch: - let - hostDir = "${self}/hosts/${type}/${arch}"; - hosts = readHostDirs hostDir; - in - lib.genAttrs hosts (host: mkHalfHost host type arch); + mkHalfHostsForArch = type: arch: + let + hostDir = "${self}/hosts/${type}/${arch}"; + hosts = readHostDirs hostDir; + in + lib.genAttrs hosts (host: mkHalfHost host type arch); - mkHostsForArch = type: arch: minimal: - let - hostDir = "${self}/hosts/${type}/${arch}"; - hosts = readHostDirs hostDir; - in - if (type == "nixos") then - lib.genAttrs hosts (host: mkNixosHost { inherit minimal; } host arch) - else if (type == "darwin") then - lib.genAttrs hosts (host: mkDarwinHost { inherit minimal; } host arch) - else { }; + mkHostsForArch = type: arch: minimal: + let + hostDir = "${self}/hosts/${type}/${arch}"; + hosts = readHostDirs hostDir; + in + if (type == "nixos") then + lib.genAttrs hosts (host: mkNixosHost { inherit minimal; } host arch) + else if (type == "darwin") then + lib.genAttrs hosts (host: mkDarwinHost { inherit minimal; } host arch) + else { }; - mkConfigurationsPerArch = type: minimal: - let - arches = mkArches type; - toMake = if (minimal == null) then (arch: _: mkHalfHostsForArch type arch) else (arch: _: mkHostsForArch type arch minimal); - in - lib.concatMapAttrs toMake - (lib.listToAttrs (map (a: { name = a; value = { }; }) arches)); + mkConfigurationsPerArch = type: minimal: + let + arches = mkArches type; + toMake = if (minimal == null) then (arch: _: mkHalfHostsForArch type arch) else (arch: _: mkHostsForArch type arch minimal); + in + lib.concatMapAttrs toMake + (lib.listToAttrs (map (a: { name = a; value = { }; }) arches)); - halfConfigurationsPerArch = type: mkConfigurationsPerArch type null; - configurationsPerArch = type: minimal: mkConfigurationsPerArch type minimal; + halfConfigurationsPerArch = type: mkConfigurationsPerArch type null; + configurationsPerArch = type: minimal: mkConfigurationsPerArch type minimal; - in - rec { - nixosConfigurations = configurationsPerArch "nixos" false; - nixosConfigurationsMinimal = configurationsPerArch "nixos" true; - darwinConfigurations = configurationsPerArch "darwin" false; - darwinConfigurationsMinimal = configurationsPerArch "darwin" true; - homeConfigurations = halfConfigurationsPerArch "home"; - nixOnDroidConfigurations = halfConfigurationsPerArch "android"; + in + { + nixosConfigurations = configurationsPerArch "nixos" false; + nixosConfigurationsMinimal = configurationsPerArch "nixos" true; + darwinConfigurations = configurationsPerArch "darwin" false; + darwinConfigurationsMinimal = configurationsPerArch "darwin" true; + homeConfigurations = halfConfigurationsPerArch "home"; + nixOnDroidConfigurations = halfConfigurationsPerArch "android"; - guestConfigurations = lib.flip lib.concatMapAttrs config.nixosConfigurations ( - _: node: - lib.flip lib.mapAttrs' (node.config.guests or { }) ( - guestName: guestDef: - lib.nameValuePair guestDef.nodeName node.config.microvm.vms.${guestName}.config - ) - ); + guestConfigurations = lib.flip lib.concatMapAttrs config.nixosConfigurations ( + _: node: + lib.flip lib.mapAttrs' (node.config.guests or { }) ( + guestName: guestDef: + lib.nameValuePair guestDef.nodeName node.config.microvm.vms.${guestName}.config + ) + ); - diskoConfigurations.default = import "${self}/files/templates/hosts/nixos/disk-config.nix"; + diskoConfigurations.default = import "${self}/files/templates/hosts/nixos/disk-config.nix"; - nodes = config.nixosConfigurations - // config.darwinConfigurations - // config.guestConfigurations; + nodes = config.nixosConfigurations + // config.darwinConfigurations + // config.guestConfigurations; - guestResources = lib.mapAttrs - (name: _: let - f = arg: lib.foldr (base: acc: base + acc) 0 (map (node: nodes."${name}-${node}".config.microvm.${arg}) (builtins.attrNames nodes.${name}.config.guests)); - in { - mem = f "mem"; - vcpu = f "vcpu"; - }) nodes; - - "@" = lib.mapAttrs (_: v: v.config.system.build.toplevel) config.nodes; - }; - } + "@" = lib.mapAttrs (_: v: v.config.system.build.toplevel) config.nodes; + }; + } #+end_src ** Topology (nix-topology generated network diagram) @@ -4223,6 +4201,26 @@ This is my main server that I run at home. It handles most tasks that require bi serverName = "hintbooth"; }; }; + restic = { + bucketName = "SwarselWinters"; + paths = [ + "/Vault/data/paperless" + "/Vault/data/koillection" + "/Vault/data/postgresql" + "/Vault/data/firefly-iii" + "/Vault/data/radicale" + "/Vault/data/matrix-synapse" + "/Vault/Eternor/Paperless" + "/Vault/Eternor/Bilder" + "/Vault/Eternor/Immich" + ]; + }; + garage = { + data_dir = { + capacity = "200G"; + path = "/Vault/data/garage/data"; + }; + }; }; }; @@ -4234,6 +4232,35 @@ This is my main server that I run at home. It handles most tasks that require bi swarselmodules.server = { diskEncryption = lib.mkForce false; + # nginx = true; # for php stuff + # acme = false; # cert handled by proxy + # wireguard = true; + + # nfs = true; + # kavita = true; + # restic = true; + # jellyfin = true; + # navidrome = true; + # spotifyd = true; + # mpd = true; + # postgresql = true; + # matrix = true; + # nextcloud = true; + # immich = true; + # paperless = true; + # transmission = true; + # syncthing = true; + # grafana = true; + # freshrss = true; + # kanidm = true; + # firefly-iii = true; + # koillection = true; + # radicale = true; + # atuin = true; + # forgejo = true; + # ankisync = true; + # homebox = true; + # opkssh = true; }; networking.nftables.firewall.zones.untrusted.interfaces = [ "lan" "enp3s0" ]; @@ -4358,19 +4385,19 @@ This is my main server that I run at home. It handles most tasks that require bi serverName = "hintbooth"; }; }; - restic.targets = { - SwarselState = { - repository = config.repo.secrets.local.resticRepoState; - # nextcloud stores all data in state dir and has no data that needs backup - paths = lib.map (guest: "/Vault/guests/${guest}/state") (builtins.filter (name: name != "nextcloud") (builtins.attrNames config.guests)); - }; - SwarselStorage = { - repository = config.repo.secrets.local.resticRepoStorage; - paths = [ - "/Vault/Eternor/Pictures" - "/Vault/Eternor/Documents/paperless" - ]; - }; + restic = { + bucketName = "SwarselWinters"; + paths = [ + "/Vault/data/paperless" + "/Vault/data/koillection" + "/Vault/data/postgresql" + "/Vault/data/firefly-iii" + "/Vault/data/radicale" + "/Vault/data/matrix-synapse" + "/Vault/Eternor/Paperless" + "/Vault/Eternor/Bilder" + "/Vault/Eternor/Immich" + ]; }; }; }; @@ -4383,31 +4410,59 @@ This is my main server that I run at home. It handles most tasks that require bi swarselmodules.server = { wireguard = true; + + nginx = true; # for php stuff + acme = false; # cert handled by proxy + + nfs = true; + # kavita = true; restic = true; + jellyfin = true; + navidrome = true; + spotifyd = true; + mpd = true; + postgresql = true; + matrix = true; + nextcloud = true; + immich = true; + paperless = true; + transmission = true; + syncthing = true; + grafana = true; + freshrss = true; + kanidm = true; + firefly-iii = true; + koillection = true; + radicale = true; + atuin = true; + forgejo = true; + ankisync = true; + homebox = true; opkssh = true; }; guests = lib.mkIf (!minimal && config.swarselsystems.withMicroVMs) ( { } - // confLib.mkMicrovm "ankisync" { withZfs = true; } - // confLib.mkMicrovm "atuin" { withZfs = true; } - // confLib.mkMicrovm "audio" { withZfs = true; eternorPaths = [ "Music" ]; } - // confLib.mkMicrovm "firefly" { withZfs = true; } - // confLib.mkMicrovm "forgejo" { withZfs = true; } - // confLib.mkMicrovm "freshrss" { withZfs = true; } - // confLib.mkMicrovm "homebox" { withZfs = true; } - // confLib.mkMicrovm "immich" { withZfs = true; eternorPaths = [ "Pictures" ]; } - // confLib.mkMicrovm "jellyfin" { withZfs = true; eternorPaths = [ "Videos" ]; } - // confLib.mkMicrovm "kanidm" { withZfs = true; } - // confLib.mkMicrovm "kavita" { withZfs = true; eternorPaths = [ "Books" ]; } - // confLib.mkMicrovm "koillection" { withZfs = true; } + // confLib.mkMicrovm "kavita" { withZfs = true; } + // confLib.mkMicrovm "jellyfin" { withZfs = true; } + // confLib.mkMicrovm "audio" { withZfs = true; } + // confLib.mkMicrovm "postgresql" { withZfs = true; } // confLib.mkMicrovm "matrix" { withZfs = true; } - // confLib.mkMicrovm "monitoring" { withZfs = true; } // confLib.mkMicrovm "nextcloud" { withZfs = true; } - // confLib.mkMicrovm "paperless" { withZfs = true; eternorPaths = [ "Documents" ]; } + // confLib.mkMicrovm "immich" { withZfs = true; } + // confLib.mkMicrovm "paperless" { withZfs = true; } + // confLib.mkMicrovm "transmission" { withZfs = true; } + // confLib.mkMicrovm "storage" { withZfs = true; } + // confLib.mkMicrovm "monitoring" { withZfs = true; } + // confLib.mkMicrovm "freshrss" { withZfs = true; } + // confLib.mkMicrovm "kanidm" { withZfs = true; } + // confLib.mkMicrovm "firefly" { withZfs = true; } + // confLib.mkMicrovm "koillection" { withZfs = true; } // confLib.mkMicrovm "radicale" { withZfs = true; } - // confLib.mkMicrovm "storage" { withZfs = true; eternorPaths = [ "Books" "Videos" "Music" "Pictures" "Software" "Documents" ]; } - // confLib.mkMicrovm "transmission" { withZfs = true; eternorPaths = [ "Books" "Videos" "Music" "Software" ]; } + // confLib.mkMicrovm "atuin" { withZfs = true; } + // confLib.mkMicrovm "forgejo" { withZfs = true; } + // confLib.mkMicrovm "ankisync" { withZfs = true; } + // confLib.mkMicrovm "homebox" { withZfs = true; } ); networking.nftables.firewall.zones.untrusted.interfaces = [ "lan" "bmc" ]; @@ -4579,16 +4634,6 @@ This is my main server that I run at home. It handles most tasks that require bi :PROPERTIES: :CUSTOM_ID: h:5e571d89-6590-4aa4-a5f4-5c871683d09b :END: - -#+begin_src bash :results output :eval never-export - echo "Currently using $(nix eval .#guestResources.summers.mem 2>/dev/null) MB out of 128GB RAM" - echo "Currently using $(nix eval .#guestResources.summers.vcpu 2>/dev/null) vCPUs. 48 threads are available." -#+end_src - -#+RESULTS: -: Currently using 54272 MB out of 128GB RAM -: Currently using 40 vCPUs. 48 threads are available. - ****** Kavita :PROPERTIES: :CUSTOM_ID: h:14a705ff-1924-41da-a6f8-1537e2f5bfb6 @@ -4625,7 +4670,7 @@ This is my main server that I run at home. It handles most tasks that require bi microvm = { mem = 1024 * 1; - vcpu = 2; + vcpu = 1; }; @@ -4634,7 +4679,7 @@ This is my main server that I run at home. It handles most tasks that require bi }; swarselmodules.server = { - kavita = true; + # kavita = true; }; } @@ -4677,7 +4722,7 @@ This is my main server that I run at home. It handles most tasks that require bi microvm = { mem = 1024 * 3; - vcpu = 4; + vcpu = 1; }; swarselprofiles = { @@ -4685,7 +4730,7 @@ This is my main server that I run at home. It handles most tasks that require bi }; swarselmodules.server = { - jellyfin = true; + # jellyfin = true; }; } @@ -4736,9 +4781,60 @@ This is my main server that I run at home. It handles most tasks that require bi }; swarselmodules.server = { - navidrome = true; - spotifyd = true; - mpd = true; + # navidrome = true; + # spotifyd = true; + # mpd = true; + }; + + } + +#+end_src + +****** Postgresql +:PROPERTIES: +:CUSTOM_ID: h:4dee4e22-33b2-4e6a-b0ab-91061a4efffa +:END: + +#+begin_src nix-ts :tangle hosts/nixos/x86_64-linux/summers/guests/postgresql/default.nix + { self, lib, minimal, ... }: + { + imports = [ + "${self}/profiles/nixos/microvm" + "${self}/modules/nixos" + ]; + + swarselsystems = { + isMicroVM = true; + isImpermanence = true; + proxyHost = "twothreetunnel"; + server = { + wireguard.interfaces = { + wgHome = { + isClient = true; + serverName = "hintbooth"; + }; + wgProxy = { + isClient = true; + serverName = "twothreetunnel"; + }; + }; + }; + }; + + + } // lib.optionalAttrs (!minimal) { + + microvm = { + mem = 1024 * 1; + vcpu = 1; + }; + + swarselprofiles = { + microvm = true; + }; + + swarselmodules.server = { + # postgresql = true; }; } @@ -4780,7 +4876,7 @@ This is my main server that I run at home. It handles most tasks that require bi } // lib.optionalAttrs (!minimal) { microvm = { - mem = 1024 * 6; + mem = 1024 * 3; vcpu = 2; }; @@ -4789,7 +4885,7 @@ This is my main server that I run at home. It handles most tasks that require bi }; swarselmodules.server = { - matrix = true; + # matrix = true; }; } @@ -4840,9 +4936,9 @@ This is my main server that I run at home. It handles most tasks that require bi }; swarselmodules.server = { - nextcloud = true; - nginx = true; - acme = false; + # nextcloud = true; + # nginx = true; + # acme = true; }; } @@ -4884,8 +4980,8 @@ This is my main server that I run at home. It handles most tasks that require bi } // lib.optionalAttrs (!minimal) { microvm = { - mem = 1024 * 16; - vcpu = 14; + mem = 1024 * 8; + vcpu = 8; }; swarselprofiles = { @@ -4893,7 +4989,7 @@ This is my main server that I run at home. It handles most tasks that require bi }; swarselmodules.server = { - immich = true; + # immich = true; }; } @@ -4935,7 +5031,7 @@ This is my main server that I run at home. It handles most tasks that require bi } // lib.optionalAttrs (!minimal) { microvm = { - mem = 1024 * 8; + mem = 1024 * 4; vcpu = 4; }; @@ -4944,7 +5040,7 @@ This is my main server that I run at home. It handles most tasks that require bi }; swarselmodules.server = { - paperless = true; + # paperless = true; }; } @@ -4967,12 +5063,17 @@ This is my main server that I run at home. It handles most tasks that require bi swarselsystems = { isMicroVM = true; isImpermanence = true; + proxyHost = "twothreetunnel"; server = { wireguard.interfaces = { wgHome = { isClient = true; serverName = "hintbooth"; }; + wgProxy = { + isClient = true; + serverName = "twothreetunnel"; + }; }; }; }; @@ -4990,7 +5091,7 @@ This is my main server that I run at home. It handles most tasks that require bi }; swarselmodules.server = { - transmission = true; + # transmission = true; }; } @@ -5041,8 +5142,8 @@ This is my main server that I run at home. It handles most tasks that require bi }; swarselmodules.server = { - nfs = true; - syncthing = true; + # nfs = true; + # syncthing = true; }; } @@ -5093,7 +5194,7 @@ This is my main server that I run at home. It handles most tasks that require bi }; swarselmodules.server = { - grafana = true; + # grafana = true; }; } @@ -5144,9 +5245,9 @@ This is my main server that I run at home. It handles most tasks that require bi }; swarselmodules.server = { - freshrss = true; - nginx = true; - acme = false; + # freshrss = true; + # nginx = true; + # acme = true; }; } @@ -5189,7 +5290,7 @@ This is my main server that I run at home. It handles most tasks that require bi microvm = { mem = 1024 * 4; - vcpu = 2; + vcpu = 1; }; swarselprofiles = { @@ -5197,7 +5298,7 @@ This is my main server that I run at home. It handles most tasks that require bi }; swarselmodules.server = { - kanidm = true; + # kanidm = true; }; } @@ -5248,9 +5349,9 @@ This is my main server that I run at home. It handles most tasks that require bi }; swarselmodules.server = { - firefly-iii = true; - nginx = true; - acme = false; + # firefly-iii = true; + # nginx = true; + # acme = true; }; } @@ -5301,7 +5402,7 @@ This is my main server that I run at home. It handles most tasks that require bi }; swarselmodules.server = { - koillection = true; + # koillection = true; }; } @@ -5352,7 +5453,7 @@ This is my main server that I run at home. It handles most tasks that require bi }; swarselmodules.server = { - radicale = true; + # radicale = true; }; } @@ -5403,7 +5504,7 @@ This is my main server that I run at home. It handles most tasks that require bi }; swarselmodules.server = { - atuin = true; + # atuin = true; }; } @@ -5454,7 +5555,7 @@ This is my main server that I run at home. It handles most tasks that require bi }; swarselmodules.server = { - forgejo = true; + # forgejo = true; }; } @@ -5505,7 +5606,7 @@ This is my main server that I run at home. It handles most tasks that require bi }; swarselmodules.server = { - ankisync = true; + # ankisync = true; }; } @@ -5556,7 +5657,7 @@ This is my main server that I run at home. It handles most tasks that require bi }; swarselmodules.server = { - homebox = true; + # homebox = true; }; } @@ -5602,7 +5703,7 @@ This is my main server that I run at home. It handles most tasks that require bi info = "HUNSN RM02, 8GB RAM"; flakePath = "/root/.dotfiles"; isImpermanence = true; - isSecureBoot = true; + isSecureBoot = false; isCrypted = true; isBtrfs = true; isLinux = true; @@ -5621,25 +5722,6 @@ This is my main server that I run at home. It handles most tasks that require bi "hintbooth-adguardhome" "hintbooth-nginx" "summers" - "summers-ankisync" - "summers-atuin" - "summers-audio" - "summers-firefly" - "summers-forgejo" - "summers-freshrss" - "summers-homebox" - "summers-immich" - "summers-jellyfin" - "summers-kanidm" - "summers-kavita" - "summers-koillection" - "summers-matrix" - "summers-monitoring" - "summers-nextcloud" - "summers-paperless" - "summers-radicale" - "summers-storage" - "summers-transmission" "winters" ]; }; @@ -5661,10 +5743,10 @@ This is my main server that I run at home. It handles most tasks that require bi }; guests = lib.mkIf (!minimal && config.swarselsystems.withMicroVMs) ( - { } + { } // confLib.mkMicrovm "adguardhome" { } // confLib.mkMicrovm "nginx" { } - ); + ); } @@ -5829,16 +5911,6 @@ This is my main server that I run at home. It handles most tasks that require bi :PROPERTIES: :CUSTOM_ID: h:c19725c0-0523-40f2-8083-9a4f53b6c2d1 :END: - -#+begin_src bash :results output :eval never-export - echo "Currently using $(nix eval .#guestResources.hintbooth.mem 2>/dev/null) MB out of 8GB RAM" - echo "Currently using $(nix eval .#guestResources.hintbooth.vcpu 2>/dev/null) vCPUs. 4 threads are available." -#+end_src - -#+RESULTS: -: Currently using 4096 MB out of 8GB RAM -: Currently using 2 vCPUs. 2 cores are available for a total of 4 threads. - ****** Adguardhome :PROPERTIES: :CUSTOM_ID: h:f479a908-8071-4d69-97ea-c03bfd7b88bf @@ -6205,13 +6277,11 @@ This machine mainly acts as my proxy server to stand before my local machines. serverName = "twothreetunnel"; }; }; - restic.targets = { - SwarselMoonside = { - repository = config.repo.secrets.local.resticRepoState; - paths = [ - "/persist/opt/minecraft" - ]; - }; + restic = { + bucketName = "SwarselMoonside"; + paths = [ + "/persist/opt/minecraft" + ]; }; }; syncthing = { @@ -7092,24 +7162,6 @@ This machine mainly acts as my proxy server to stand before my local machines. "moonside" "winters" "summers" - "summers-ankisync" - "summers-atuin" - "summers-audio" - "summers-firefly" - "summers-forgejo" - "summers-freshrss" - "summers-homebox" - "summers-immich" - "summers-jellyfin" - "summers-kanidm" - "summers-kavita" - "summers-koillection" - "summers-matrix" - "summers-monitoring" - "summers-nextcloud" - "summers-paperless" - "summers-radicale" - "summers-storage" "belchsfactory" "eagleland" "hintbooth-adguardhome" @@ -8992,18 +9044,6 @@ For that reason, make sure that =sops-nix= is properly working before finishing isNormalUser = true; uid = 1000; autoSubUidGidRange = false; - subUidRanges = [ - { - count = 65534; - startUid = 100001; - } - ]; - subGidRanges = [ - { - count = 999; - startGid = 1001; - } - ]; description = "Leon S"; password = lib.mkIf (minimal || config.swarselsystems.isPublic) "setup"; hashedPasswordFile = lib.mkIf (!minimal && !config.swarselsystems.isPublic) config.sops.secrets.main-user-hashed-pw.path; @@ -11014,10 +11054,9 @@ Auto login for the initial session. Auto login for the initial session. #+begin_src nix-ts :tangle modules/nixos/client/uwsm.nix - { lib, config, pkgs, ... }: + { lib, config, ... }: let moduleName = "uwsm"; - cfg = config.programs.uwsm; in { options.swarselmodules.${moduleName} = lib.mkEnableOption "${moduleName} settings"; @@ -11037,40 +11076,6 @@ Auto login for the initial session. }; }; }; - - services.displayManager.sessionPackages = - let - mk_uwsm_desktop_entry = - opts: - (pkgs.writeTextFile { - name = "${opts.name}-uwsm"; - text = '' - [Desktop Entry] - Name=${opts.prettyName} (UWSM) - Comment=${opts.comment} - Exec=${lib.getExe cfg.package} start -F -- ${opts.binPath} ${lib.strings.escapeShellArgs opts.extraArgs} - Type=Application - ''; - destination = "/share/wayland-sessions/${opts.name}-uwsm.desktop"; - derivationArgs = { - passthru.providedSessions = [ "${opts.name}-uwsm" ]; - }; - }); - in - lib.mkForce (lib.mapAttrsToList - ( - name: value: - mk_uwsm_desktop_entry { - inherit name; - inherit (value) - prettyName - comment - binPath - extraArgs - ; - } - ) - cfg.waylandCompositors); }; } #+end_src @@ -11189,15 +11194,14 @@ Here we just define some aliases for rebuilding the system, and we allow some in mkIf mkOption types - ; + ; cfg = config.users.persistentIds; in - { - options = { - swarselmodules.server.ids = lib.mkEnableOption "enable persistent ids on server"; - users = { - persistentIds = mkOption { + { + options = { + swarselmodules.server.ids = lib.mkEnableOption "enable persistent ids on server"; + users.persistentIds = mkOption { default = { }; description = '' Maps a user or group name to its expected uid/gid values. If a user/group is @@ -11222,7 +11226,7 @@ Here we just define some aliases for rebuilding the system, and we allow some in ); }; - users = mkOption { + users.users = mkOption { type = types.attrsOf ( types.submodule ( { name, ... }: @@ -11231,13 +11235,13 @@ Here we just define some aliases for rebuilding the system, and we allow some in let persistentUid = cfg.${name}.uid or null; in - mkIf (persistentUid != null) (mkDefault persistentUid); + mkIf (persistentUid != null) (mkDefault persistentUid); } ) ); }; - groups = mkOption { + users.groups = mkOption { type = types.attrsOf ( types.submodule ( { name, ... }: @@ -11246,44 +11250,43 @@ Here we just define some aliases for rebuilding the system, and we allow some in let persistentGid = cfg.${name}.gid or null; in - mkIf (persistentGid != null) (mkDefault persistentGid); + mkIf (persistentGid != null) (mkDefault persistentGid); } ) ); }; }; - }; - config = lib.mkIf config.swarselmodules.server.ids { - assertions = - concatLists - ( - flip mapAttrsToList config.users.users ( - name: user: [ - { - assertion = user.uid != null; - message = "non-persistent uid detected for '${name}', please assign one via `users.persistentIds`"; - } - { - assertion = !user.autoSubUidGidRange; - message = "non-persistent subUids/subGids detected for: ${name}"; - } - ] + config = lib.mkIf config.swarselmodules.server.ids { + assertions = + concatLists + ( + flip mapAttrsToList config.users.users ( + name: user: [ + { + assertion = user.uid != null; + message = "non-persistent uid detected for '${name}', please assign one via `users.persistentIds`"; + } + { + assertion = !user.autoSubUidGidRange; + message = "non-persistent subUids/subGids detected for: ${name}"; + } + ] + ) ) - ) - ++ flip mapAttrsToList config.users.groups ( - name: group: { - assertion = group.gid != null; - message = "non-persistent gid detected for '${name}', please assign one via `users.persistentIds`"; - } - ); - users.persistentIds = { - systemd-coredump = confLib.mkIds 998; - systemd-oom = confLib.mkIds 997; - polkituser = confLib.mkIds 973; - nscd = confLib.mkIds 972; + ++ flip mapAttrsToList config.users.groups ( + name: group: { + assertion = group.gid != null; + message = "non-persistent gid detected for '${name}', please assign one via `users.persistentIds`"; + } + ); + users.persistentIds = { + systemd-coredump = confLib.mkIds 998; + systemd-oom = confLib.mkIds 997; + polkituser = confLib.mkIds 973; + nscd = confLib.mkIds 972; + }; }; - }; - } + } #+end_src **** System Packages (Server Programs) @@ -11338,12 +11341,6 @@ This is a collection of packages that are useful for server-type hosts that do n avahi = confLib.mkIds 978; }; - environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [ - { directory = "/var/cache/samba"; } - ]; - }; - services = { # add a user with sudo smbpasswd -a samba = { @@ -11369,7 +11366,7 @@ This is a collection of packages that are useful for server-type hosts that do n browseable = "yes"; "read only" = "no"; "guest ok" = "no"; - path = "/storage"; + path = "/Vault/Eternor"; writable = "true"; comment = "Eternor"; "valid users" = nfsUser; @@ -11542,15 +11539,8 @@ This is a collection of packages that are useful for server-type hosts that do n networking.firewall.allowedTCPPorts = [ 80 443 ]; - environment.persistence = { - "/persist" = lib.mkIf config.swarselsystems.isImpermanence { - files = [ dhParamsPathBase ]; - }; - "/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [ - { directory = "/var/cache/nginx"; user = "nginx"; group = "nginx"; } - ]; - }; + environment.persistence."/persist" = lib.mkIf config.swarselsystems.isImpermanence { + files = [ dhParamsPathBase ]; }; services.nginx = { @@ -12439,8 +12429,6 @@ This is the configuration to make [[#h:58c7563e-6954-42e6-a622-9d06523e8e24][Hin }) globals.networks.home-lan.vlans; selectVLANs = vlans: map (vlan: { VLAN = globals.networks.home-lan.vlans.${vlan}.id; }) vlans; - lan1VLANs = selectVLANs [ "home" "devices" "guests" ]; - lan2VLANs = selectVLANs [ "home" "devices" "services" ]; lan3VLANs = selectVLANs [ "home" "devices" "services" ]; lan4VLANs = lan3VLANs; lan5VLANs = selectVLANs [ "home" "devices" "guests" ]; @@ -12620,9 +12608,9 @@ This is the configuration to make [[#h:58c7563e-6954-42e6-a622-9d06523e8e24][Hin Bridge = "br"; ConfigureWithoutCarrier = true; }; - bridgeVLANs = lan1VLANs; + inherit bridgeVLANs; }; - # winters + # wifi "30-lan2" = { matchConfig.MACAddress = config.repo.secrets.local.networking.networks.lan2.mac; linkConfig.RequiredForOnline = "enslaved"; @@ -12630,7 +12618,7 @@ This is the configuration to make [[#h:58c7563e-6954-42e6-a622-9d06523e8e24][Hin Bridge = "br"; ConfigureWithoutCarrier = true; }; - bridgeVLANs = lan2VLANs; + inherit bridgeVLANs; }; # summers "30-lan3" = { @@ -12706,7 +12694,7 @@ This is the configuration to make [[#h:58c7563e-6954-42e6-a622-9d06523e8e24][Hin let inherit (config.swarselsystems) sopsFile; - inherit (confLib.gen { name = "kavita"; port = 8080; }) servicePort serviceName serviceUser serviceGroup serviceDomain serviceAddress proxyAddress4 proxyAddress6; + inherit (confLib.gen { name = "kavita"; port = 8080; }) servicePort serviceName serviceUser serviceDomain serviceAddress proxyAddress4 proxyAddress6; inherit (confLib.static) isHome isProxied webProxy homeWebProxy dnsServer homeProxyIf webProxyIf nginxAccessRules homeServiceAddress; in { @@ -12733,10 +12721,6 @@ This is the configuration to make [[#h:58c7563e-6954-42e6-a622-9d06523e8e24][Hin icon = "${self}/files/topology-images/${serviceName}.png"; }; - environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [{ directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; }]; - }; - globals = { networks = { ${webProxyIf}.hosts = lib.mkIf isProxied { @@ -12758,7 +12742,7 @@ This is the configuration to make [[#h:58c7563e-6954-42e6-a622-9d06523e8e24][Hin user = serviceUser; settings.Port = servicePort; tokenKeyFile = config.sops.secrets.kavita-token.path; - dataDir = "/var/lib/${serviceName}"; + dataDir = "/Vault/data/${serviceName}"; }; nodes = { @@ -12779,76 +12763,69 @@ This is the configuration to make [[#h:58c7563e-6954-42e6-a622-9d06523e8e24][Hin :END: #+begin_src nix-ts :tangle modules/nixos/server/jellyfin.nix - { pkgs, lib, config, globals, dns, confLib, ... }: - let - inherit (confLib.gen { name = "jellyfin"; port = 8096; }) servicePort serviceName serviceUser serviceGroup serviceDomain serviceAddress proxyAddress4 proxyAddress6; - inherit (confLib.static) isHome isProxied webProxy homeWebProxy dnsServer homeProxyIf webProxyIf nginxAccessRules homeServiceAddress; - in - { - options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server"; - config = lib.mkIf config.swarselmodules.server.${serviceName} { + { pkgs, lib, config, globals, dns, confLib, ... }: + let + inherit (confLib.gen { name = "jellyfin"; port = 8096; }) servicePort serviceName serviceUser serviceDomain serviceAddress proxyAddress4 proxyAddress6; + inherit (confLib.static) isHome isProxied webProxy homeWebProxy dnsServer homeProxyIf webProxyIf nginxAccessRules homeServiceAddress; + in + { + options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server"; + config = lib.mkIf config.swarselmodules.server.${serviceName} { - users = { - persistentIds.jellyfin = confLib.mkIds 994; - users.${serviceUser} = { - extraGroups = [ "video" "render" "users" ]; - }; - }; - # nixpkgs.config.packageOverrides = pkgs: { - # intel-vaapi-driver = pkgs.intel-vaapi-driver.override { enableHybridCodec = true; }; - # }; - - hardware.graphics = { - enable = true; - extraPackages = with pkgs; [ - intel-media-driver # LIBVA_DRIVER_NAME=iHD - # intel-vaapi-driver # LIBVA_DRIVER_NAME=i965 (older but works better for Firefox/Chromium) - libva-vdpau-driver - libvdpau-va-gl - ]; - }; - - topology.self.services.${serviceName}.info = "https://${serviceDomain}"; - - globals = { - networks = { - ${webProxyIf}.hosts = lib.mkIf isProxied { - ${config.node.name}.firewallRuleForNode.${webProxy}.allowedTCPPorts = [ servicePort ]; + users = { + persistentIds.jellyfin = confLib.mkIds 994; + users.${serviceUser} = { + extraGroups = [ "video" "render" "users" ]; + }; }; - ${homeProxyIf}.hosts = lib.mkIf isHome { - ${config.node.name}.firewallRuleForNode.${homeWebProxy}.allowedTCPPorts = [ servicePort ]; + # nixpkgs.config.packageOverrides = pkgs: { + # intel-vaapi-driver = pkgs.intel-vaapi-driver.override { enableHybridCodec = true; }; + # }; + + hardware.graphics = { + enable = true; + extraPackages = with pkgs; [ + intel-media-driver # LIBVA_DRIVER_NAME=iHD + # intel-vaapi-driver # LIBVA_DRIVER_NAME=i965 (older but works better for Firefox/Chromium) + libva-vdpau-driver + libvdpau-va-gl + ]; }; + + topology.self.services.${serviceName}.info = "https://${serviceDomain}"; + + globals = { + networks = { + ${webProxyIf}.hosts = lib.mkIf isProxied { + ${config.node.name}.firewallRuleForNode.${webProxy}.allowedTCPPorts = [ servicePort ]; + }; + ${homeProxyIf}.hosts = lib.mkIf isHome { + ${config.node.name}.firewallRuleForNode.${homeWebProxy}.allowedTCPPorts = [ servicePort ]; + }; + }; + services.${serviceName} = { + domain = serviceDomain; + inherit proxyAddress4 proxyAddress6 isHome serviceAddress; + homeServiceAddress = lib.mkIf isHome homeServiceAddress; + }; + }; + + services.${serviceName} = { + enable = true; + user = serviceUser; + # openFirewall = true; # this works only for the default ports + }; + + nodes = { + ${dnsServer}.swarselsystems.server.dns.${globals.services.${serviceName}.baseDomain}.subdomainRecords = { + "${globals.services.${serviceName}.subDomain}" = dns.lib.combinators.host proxyAddress4 proxyAddress6; + }; + ${webProxy}.services.nginx = confLib.genNginx { inherit serviceAddress servicePort serviceDomain serviceName; maxBody = 0; }; + ${homeWebProxy}.services.nginx = lib.mkIf isHome (confLib.genNginx { inherit servicePort serviceDomain serviceName; maxBody = 0; extraConfig = nginxAccessRules; serviceAddress = homeServiceAddress; }); + }; + }; - services.${serviceName} = { - domain = serviceDomain; - inherit proxyAddress4 proxyAddress6 isHome serviceAddress; - homeServiceAddress = lib.mkIf isHome homeServiceAddress; - }; - }; - - services.${serviceName} = { - enable = true; - user = serviceUser; - # openFirewall = true; # this works only for the default ports - }; - - environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [ - { directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; } - { directory = "/var/cache/${serviceName}"; user = serviceUser; group = serviceGroup; } - ]; - }; - - nodes = { - ${dnsServer}.swarselsystems.server.dns.${globals.services.${serviceName}.baseDomain}.subdomainRecords = { - "${globals.services.${serviceName}.subDomain}" = dns.lib.combinators.host proxyAddress4 proxyAddress6; - }; - ${webProxy}.services.nginx = confLib.genNginx { inherit serviceAddress servicePort serviceDomain serviceName; maxBody = 0; }; - ${homeWebProxy}.services.nginx = lib.mkIf isHome (confLib.genNginx { inherit servicePort serviceDomain serviceName; maxBody = 0; extraConfig = nginxAccessRules; serviceAddress = homeServiceAddress; }); - }; - - }; - } + } #+end_src **** navidrome @@ -12935,10 +12912,6 @@ This is the configuration to make [[#h:58c7563e-6954-42e6-a622-9d06523e8e24][Hin }; }; - environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [{ directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; }]; - }; - services.${serviceName} = { enable = true; # openFirewall = true; @@ -12946,7 +12919,7 @@ This is the configuration to make [[#h:58c7563e-6954-42e6-a622-9d06523e8e24][Hin LogLevel = "debug"; Address = "0.0.0.0"; Port = servicePort; - MusicFolder = "/storage/Music"; + MusicFolder = "/Vault/Eternor/Music"; PlaylistsPath = "./Playlists"; AutoImportPlaylists = false; EnableSharing = true; @@ -13083,12 +13056,6 @@ This is the configuration to make [[#h:58c7563e-6954-42e6-a622-9d06523e8e24][Hin # when another user connects, the service will crash and the new user will login systemd.services.spotifyd.serviceConfig.RestartSec = lib.mkForce 1; - environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [ - { directory = "/var/cache/private/spotifyd"; } - ]; - }; - services.spotifyd = { enable = true; settings = { @@ -13154,13 +13121,9 @@ This is the configuration to make [[#h:58c7563e-6954-42e6-a622-9d06523e8e24][Hin icon = "${self}/files/topology-images/${serviceName}.png"; }; - environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [{ directory = "/var/lib/${serviceName}"; user = "mpd"; group = "mpd"; }]; - }; - services.${serviceName} = { enable = true; - musicDirectory = "/storage/Music"; + musicDirectory = "/media"; user = serviceUser; group = serviceGroup; network = { @@ -13198,10 +13161,6 @@ This is the configuration to make [[#h:58c7563e-6954-42e6-a622-9d06523e8e24][Hin users.persistentIds.rtkit = confLib.mkIds 996; - environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [{ directory = "/var/lib/pipewire"; user = "pipewire"; group = "pipewire"; }]; - }; - services.pipewire = { enable = true; pulse.enable = true; @@ -13228,7 +13187,7 @@ This is the configuration to make [[#h:58c7563e-6954-42e6-a622-9d06523e8e24][Hin let inherit (confLib.gen { name = "postgresql"; port = 3254; }) serviceName; postgresVersion = 14; - postgresDirPrefix = "/var/lib"; + postgresDirPrefix = if config.swarselsystems.isCloud then "/var/lib" else "/Vault/data" ; in { options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server"; @@ -13248,14 +13207,9 @@ This is the configuration to make [[#h:58c7563e-6954-42e6-a622-9d06523e8e24][Hin dataDir = "${postgresDirPrefix}/${serviceName}/${builtins.toString postgresVersion}"; }; }; - environment.persistence = { - "/persist".directories = lib.mkIf (config.swarselsystems.isImpermanence && config.swarselsystems.isCloud) [ - { directory = "/var/lib/postgresql"; user = "postgres"; group = "postgres"; mode = "0750"; } - ]; - "/state".directories = lib.mkIf config.swarselsystems.isMicroVM [ - { directory = "/var/lib/postgresql"; user = "postgres"; group = "postgres"; mode = "0750"; } - ]; - }; + environment.persistence."/persist".directories = lib.mkIf (config.swarselsystems.isImpermanence && config.swarselsystems.isCloud) [ + { directory = "/var/lib/postgresql"; user = "postgres"; group = "postgres"; mode = "0750"; } + ]; }; } @@ -13284,12 +13238,6 @@ This is the configuration to make [[#h:58c7563e-6954-42e6-a622-9d06523e8e24][Hin oci-containers.backend = "podman"; }; - environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [ - { directory = "/var/lib/containers"; } - ]; - }; - networking.nftables.firewall = lib.mkIf config.networking.nftables.enable { zones.podman = { @@ -13317,7 +13265,7 @@ This is the configuration to make [[#h:58c7563e-6954-42e6-a622-9d06523e8e24][Hin } #+end_src -**** matrix (use db) +**** matrix :PROPERTIES: :CUSTOM_ID: h:1e68d84a-8f99-422f-89ac-78f664ac0013 :END: @@ -13326,7 +13274,7 @@ This is the configuration to make [[#h:58c7563e-6954-42e6-a622-9d06523e8e24][Hin { self, lib, config, pkgs, globals, dns, confLib, ... }: let inherit (config.swarselsystems) sopsFile; - inherit (confLib.gen { name = "matrix"; user = "matrix-synapse"; port = 8008; }) servicePort serviceName serviceUser serviceGroup serviceDomain serviceAddress proxyAddress4 proxyAddress6; + inherit (confLib.gen { name = "matrix"; user = "matrix-synapse"; port = 8008; }) servicePort serviceName serviceUser serviceDomain serviceAddress proxyAddress4 proxyAddress6; inherit (confLib.static) isHome isProxied webProxy homeWebProxy dnsServer homeProxyIf webProxyIf homeServiceAddress nginxAccessRules; federationPort = 8448; @@ -13346,10 +13294,6 @@ This is the configuration to make [[#h:58c7563e-6954-42e6-a622-9d06523e8e24][Hin options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server"; config = lib.mkIf config.swarselmodules.server.${serviceName} { - swarselmodules.server = { - postgresql = true; - }; - environment.systemPackages = with pkgs; [ matrix-synapse lottieconverter @@ -13447,18 +13391,9 @@ This is the configuration to make [[#h:58c7563e-6954-42e6-a622-9d06523e8e24][Hin }; }; - environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [ - { directory = "/var/lib/matrix-synapse"; user = serviceUser; group = serviceGroup; } - { directory = "/var/lib/mautrix-whatsapp"; user = "mautrix-whatsapp"; group = "mautrix-whatsapp"; } - { directory = "/var/lib/mautrix-telegram"; user = "mautrix-telegram"; group = "mautrix-telegram"; } - { directory = "/var/lib/mautrix-signal"; user = "mautrix-signal"; group = "mautrix-signal"; } - ]; - }; - - services = { postgresql = { + enable = true; initialScript = pkgs.writeText "synapse-init.sql" '' CREATE ROLE "matrix-synapse" WITH LOGIN PASSWORD 'synapse'; CREATE DATABASE "matrix-synapse" WITH OWNER "matrix-synapse" @@ -13485,7 +13420,7 @@ This is the configuration to make [[#h:58c7563e-6954-42e6-a622-9d06523e8e24][Hin matrix-synapse = { enable = true; - dataDir = "/var/lib/matrix-synapse"; + dataDir = "/Vault/data/matrix-synapse"; settings = { app_service_config_files = let @@ -13735,171 +13670,152 @@ This is the configuration to make [[#h:58c7563e-6954-42e6-a622-9d06523e8e24][Hin :END: #+begin_src nix-ts :tangle modules/nixos/server/nextcloud.nix - { pkgs, lib, config, globals, dns, confLib, ... }: - let - inherit (config.repo.secrets.local.nextcloud) adminuser; - inherit (config.swarselsystems) sopsFile; - inherit (confLib.gen { name = "nextcloud"; port = 80; }) servicePort serviceName serviceUser serviceGroup serviceDomain serviceAddress proxyAddress4 proxyAddress6; - inherit (confLib.static) isHome dnsServer webProxy homeWebProxy homeServiceAddress nginxAccessRules; + { pkgs, lib, config, globals, dns, confLib, ... }: + let + inherit (config.repo.secrets.local.nextcloud) adminuser; + inherit (config.swarselsystems) sopsFile; + inherit (confLib.gen { name = "nextcloud"; port = 80; }) servicePort serviceName serviceUser serviceGroup serviceDomain serviceAddress proxyAddress4 proxyAddress6; + inherit (confLib.static) isHome dnsServer webProxy homeWebProxy homeServiceAddress nginxAccessRules; - nextcloudVersion = "32"; - in - { - options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server"; - config = lib.mkIf config.swarselmodules.server.${serviceName} { + nextcloudVersion = "32"; + in + { + options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server"; + config = lib.mkIf config.swarselmodules.server.${serviceName} { - sops.secrets = { - nextcloud-admin-pw = { inherit sopsFile; owner = serviceUser; group = serviceGroup; mode = "0440"; }; - kanidm-nextcloud-client = { inherit sopsFile; owner = serviceUser; group = serviceGroup; mode = "0440"; }; + sops.secrets = { + nextcloud-admin-pw = { inherit sopsFile; owner = serviceUser; group = serviceGroup; mode = "0440"; }; + kanidm-nextcloud-client = { inherit sopsFile; owner = serviceUser; group = serviceGroup; mode = "0440"; }; + }; + + users.persistentIds = { + nextcloud = confLib.mkIds 990; + redis-nextcloud = confLib.mkIds 976; + }; + + globals.services.${serviceName} = { + domain = serviceDomain; + inherit proxyAddress4 proxyAddress6 isHome serviceAddress; + homeServiceAddress = lib.mkIf isHome homeServiceAddress; + }; + + services = { + ${serviceName} = { + enable = true; + settings = { + trusted_proxies = [ "0.0.0.0" ]; + overwriteprotocol = "https"; }; - - users.persistentIds = { - nextcloud = confLib.mkIds 990; - redis-nextcloud = confLib.mkIds 976; + package = pkgs."nextcloud${nextcloudVersion}"; + hostName = serviceDomain; + home = "/Vault/data/${serviceName}"; + datadir = "/Vault/data/${serviceName}"; + https = true; + configureRedis = true; + maxUploadSize = "4G"; + extraApps = { + inherit (pkgs."nextcloud${nextcloudVersion}Packages".apps) mail calendar contacts cospend phonetrack polls tasks sociallogin; }; - - globals.services.${serviceName} = { - domain = serviceDomain; - inherit proxyAddress4 proxyAddress6 isHome serviceAddress; - homeServiceAddress = lib.mkIf isHome homeServiceAddress; + extraAppsEnable = true; + config = { + inherit adminuser; + adminpassFile = config.sops.secrets.nextcloud-admin-pw.path; + dbtype = "sqlite"; }; - - environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [ - { directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; } - { directory = "/var/lib/redis-${serviceName}"; user = serviceUser; group = serviceGroup; } - ]; - }; - - services = { - ${serviceName} = { - enable = true; - settings = { - trusted_proxies = [ "0.0.0.0" ]; - overwriteprotocol = "https"; - }; - package = pkgs."nextcloud${nextcloudVersion}"; - hostName = serviceDomain; - home = "/var/lib/${serviceName}"; - datadir = "/var/lib/${serviceName}"; - https = true; - configureRedis = true; - maxUploadSize = "4G"; - extraApps = { - inherit (pkgs."nextcloud${nextcloudVersion}Packages".apps) mail calendar contacts cospend phonetrack polls tasks sociallogin; - }; - extraAppsEnable = true; - config = { - inherit adminuser; - adminpassFile = config.sops.secrets.nextcloud-admin-pw.path; - dbtype = "sqlite"; - }; - }; - }; - - nodes = { - ${dnsServer}.swarselsystems.server.dns.${globals.services.${serviceName}.baseDomain}.subdomainRecords = { - "${globals.services.${serviceName}.subDomain}" = dns.lib.combinators.host proxyAddress4 proxyAddress6; - }; - ${webProxy}.services.nginx = confLib.genNginx { inherit serviceAddress servicePort serviceDomain serviceName; maxBody = 0; }; - ${homeWebProxy}.services.nginx = lib.mkIf isHome (confLib.genNginx { inherit servicePort serviceDomain serviceName; maxBody = 0; extraConfig = nginxAccessRules; serviceAddress = homeServiceAddress; }); - }; - }; - } + }; + + nodes = { + ${dnsServer}.swarselsystems.server.dns.${globals.services.${serviceName}.baseDomain}.subdomainRecords = { + "${globals.services.${serviceName}.subDomain}" = dns.lib.combinators.host proxyAddress4 proxyAddress6; + }; + ${webProxy}.services.nginx = confLib.genNginx { inherit serviceAddress servicePort serviceDomain serviceName; maxBody = 0; }; + ${homeWebProxy}.services.nginx = lib.mkIf isHome (confLib.genNginx { inherit servicePort serviceDomain serviceName; maxBody = 0; extraConfig = nginxAccessRules; serviceAddress = homeServiceAddress; }); + }; + + }; + } #+end_src -**** immich (use db) +**** immich :PROPERTIES: :CUSTOM_ID: h:33bad8ad-b362-4bf1-8a49-b9df92329aed :END: #+begin_src nix-ts :tangle modules/nixos/server/immich.nix - { lib, pkgs, config, globals, dns, confLib, ... }: - let - inherit (confLib.gen { name = "immich"; port = 3001; }) servicePort serviceName serviceUser serviceGroup serviceDomain serviceAddress proxyAddress4 proxyAddress6; - inherit (confLib.static) isHome isProxied webProxy homeWebProxy dnsServer homeProxyIf webProxyIf homeServiceAddress nginxAccessRules; - in - { - options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server"; - config = lib.mkIf config.swarselmodules.server.${serviceName} { + { lib, pkgs, config, globals, dns, confLib, ... }: + let + inherit (confLib.gen { name = "immich"; port = 3001; }) servicePort serviceName serviceUser serviceDomain serviceAddress proxyAddress4 proxyAddress6; + inherit (confLib.static) isHome isProxied webProxy homeWebProxy dnsServer homeProxyIf webProxyIf homeServiceAddress nginxAccessRules; + in + { + options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server"; + config = lib.mkIf config.swarselmodules.server.${serviceName} { - swarselmodules.server = { - postgresql = true; + users = { + persistentIds = { + immich = confLib.mkIds 989; + redis-immich = confLib.mkIds 977; }; - - users = { - persistentIds = { - immich = confLib.mkIds 989; - redis-immich = confLib.mkIds 977; - }; - users.${serviceUser} = { - extraGroups = [ "video" "render" "users" ]; - }; + users.${serviceUser} = { + extraGroups = [ "video" "render" "users" ]; }; - - topology.self.services.${serviceName}.info = "https://${serviceDomain}"; - - # networking.firewall.allowedTCPPorts = [ servicePort ]; - globals = { - networks = { - ${webProxyIf}.hosts = lib.mkIf isProxied { - ${config.node.name}.firewallRuleForNode.${webProxy}.allowedTCPPorts = [ servicePort ]; - }; - ${homeProxyIf}.hosts = lib.mkIf isHome { - ${config.node.name}.firewallRuleForNode.${homeWebProxy}.allowedTCPPorts = [ servicePort ]; - }; - }; - services.${serviceName} = { - domain = serviceDomain; - inherit proxyAddress4 proxyAddress6 isHome serviceAddress; - homeServiceAddress = lib.mkIf isHome homeServiceAddress; - }; - }; - - environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [ - { directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; } - { directory = "/var/cache/${serviceName}"; user = serviceUser; group = serviceGroup; } - { directory = "/var/lib/redis-${serviceName}"; user = "redis-${serviceUser}"; group = "redis-${serviceGroup}"; } - ]; - }; - - services.${serviceName} = { - enable = true; - package = pkgs.immich; - host = "0.0.0.0"; - port = servicePort; - # openFirewall = true; - mediaLocation = "/storage/Pictures/${serviceName}"; # dataDir - environment = { - IMMICH_MACHINE_LEARNING_URL = lib.mkForce "http://localhost:3003"; - }; - }; - - nodes = - let - extraConfigLoc = '' - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - proxy_redirect off; - - proxy_read_timeout 600s; - proxy_send_timeout 600s; - send_timeout 600s; - ''; - in - { - ${dnsServer}.swarselsystems.server.dns.${globals.services.${serviceName}.baseDomain}.subdomainRecords = { - "${globals.services.${serviceName}.subDomain}" = dns.lib.combinators.host proxyAddress4 proxyAddress6; - }; - ${webProxy}.services.nginx = confLib.genNginx { inherit serviceAddress servicePort serviceDomain serviceName extraConfigLoc; maxBody = 0; }; - ${homeWebProxy}.services.nginx = lib.mkIf isHome (confLib.genNginx { inherit servicePort serviceDomain serviceName extraConfigLoc; maxBody = 0; extraConfig = nginxAccessRules; serviceAddress = homeServiceAddress; }); - }; - }; - } + + topology.self.services.${serviceName}.info = "https://${serviceDomain}"; + + # networking.firewall.allowedTCPPorts = [ servicePort ]; + globals = { + networks = { + ${webProxyIf}.hosts = lib.mkIf isProxied { + ${config.node.name}.firewallRuleForNode.${webProxy}.allowedTCPPorts = [ servicePort ]; + }; + ${homeProxyIf}.hosts = lib.mkIf isHome { + ${config.node.name}.firewallRuleForNode.${homeWebProxy}.allowedTCPPorts = [ servicePort ]; + }; + }; + services.${serviceName} = { + domain = serviceDomain; + inherit proxyAddress4 proxyAddress6 isHome serviceAddress; + homeServiceAddress = lib.mkIf isHome homeServiceAddress; + }; + }; + + services.${serviceName} = { + enable = true; + package = pkgs.immich; + host = "0.0.0.0"; + port = servicePort; + # openFirewall = true; + mediaLocation = "/Vault/Eternor/Immich"; # dataDir + environment = { + IMMICH_MACHINE_LEARNING_URL = lib.mkForce "http://localhost:3003"; + }; + }; + + nodes = + let + extraConfigLoc = '' + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_redirect off; + + proxy_read_timeout 600s; + proxy_send_timeout 600s; + send_timeout 600s; + ''; + in + { + ${dnsServer}.swarselsystems.server.dns.${globals.services.${serviceName}.baseDomain}.subdomainRecords = { + "${globals.services.${serviceName}.subDomain}" = dns.lib.combinators.host proxyAddress4 proxyAddress6; + }; + ${webProxy}.services.nginx = confLib.genNginx { inherit serviceAddress servicePort serviceDomain serviceName extraConfigLoc; maxBody = 0; }; + ${homeWebProxy}.services.nginx = lib.mkIf isHome (confLib.genNginx { inherit servicePort serviceDomain serviceName extraConfigLoc; maxBody = 0; extraConfig = nginxAccessRules; serviceAddress = homeServiceAddress; }); + }; + + }; + } #+end_src **** paperless (tika, gotenberg) @@ -13958,21 +13874,11 @@ Also I install Tika and Gotenberg, which are needed to create PDFs out of =.eml= }; }; - environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [ - { directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; } - { directory = "/var/lib/redis-${serviceName}"; user = "redis-${serviceUser}"; group = "redis-${serviceGroup}"; } - { directory = "/var/lib/private/tika"; } - { directory = "/var/cache/${serviceName}"; user = serviceUser; group = serviceGroup; } - { directory = "/var/cache/private/tika"; } - ]; - }; - services = { ${serviceName} = { enable = true; - mediaDir = "/storage/Documents/${serviceName}"; - dataDir = "/var/lib/${serviceName}"; + mediaDir = "/Vault/Eternor/Paperless"; + dataDir = "/Vault/data/${serviceName}"; user = serviceUser; port = servicePort; passwordFile = config.sops.secrets.paperless-admin-pw.path; @@ -14065,8 +13971,8 @@ Also I install Tika and Gotenberg, which are needed to create PDFs out of =.eml= #+begin_src nix-ts :tangle modules/nixos/server/transmission.nix { self, pkgs, lib, config, confLib, ... }: let - inherit (confLib.gen { name = "transmission"; port = 9091; }) serviceName servicePort serviceDomain; - inherit (confLib.static) isHome homeServiceAddress homeWebProxy nginxAccessRules; + inherit (confLib.gen { name = "transmission"; }) serviceName serviceDomain; + inherit (confLib.static) isHome; lidarrUser = "lidarr"; lidarrGroup = lidarrUser; @@ -14161,16 +14067,6 @@ Also I install Tika and Gotenberg, which are needed to create PDFs out of =.eml= inherit isHome; }; - environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [ - { directory = "/var/lib/radarr"; user = radarrUser; group = radarrGroup; } - { directory = "/var/lib/readarr"; user = readarrUser; group = readarrGroup; } - { directory = "/var/lib/sonarr"; user = sonarrUser; group = sonarrGroup; } - { directory = "/var/lib/lidarr"; user = lidarrUser; group = lidarrGroup; } - { directory = "/var/lib/private/prowlarr"; user = prowlarrUser; group = prowlarrGroup; } - ]; - }; - services = { radarr = { enable = true; @@ -14178,7 +14074,7 @@ Also I install Tika and Gotenberg, which are needed to create PDFs out of =.eml= group = radarrGroup; settings.server.port = radarrPort; openFirewall = true; - dataDir = "/var/lib/radarr"; + dataDir = "/Vault/data/radarr"; }; readarr = { enable = true; @@ -14186,7 +14082,7 @@ Also I install Tika and Gotenberg, which are needed to create PDFs out of =.eml= group = readarrGroup; settings.server.port = readarrPort; openFirewall = true; - dataDir = "/var/lib/readarr"; + dataDir = "/Vault/data/readarr"; }; sonarr = { enable = true; @@ -14194,7 +14090,7 @@ Also I install Tika and Gotenberg, which are needed to create PDFs out of =.eml= group = sonarrGroup; settings.server.port = sonarrPort; openFirewall = true; - dataDir = "/var/lib/sonarr"; + dataDir = "/Vault/data/sonarr"; }; lidarr = { enable = true; @@ -14202,88 +14098,53 @@ Also I install Tika and Gotenberg, which are needed to create PDFs out of =.eml= group = lidarrGroup; settings.server.port = lidarrPort; openFirewall = true; - dataDir = "/var/lib/lidarr"; + dataDir = "/Vault/data/lidarr"; }; prowlarr = { enable = true; settings.server.port = prowlarrPort; openFirewall = true; }; - }; - nodes = { - ${homeWebProxy}.services.nginx = { - upstreams = { - transmission = { - servers = { - "${homeServiceAddress}:${builtins.toString servicePort}" = { }; - }; - }; - radarr = { - servers = { - "${homeServiceAddress}:${builtins.toString radarrPort}" = { }; - }; - }; - readarr = { - servers = { - "${homeServiceAddress}:${builtins.toString readarrPort}" = { }; - }; - }; - sonarr = { - servers = { - "${homeServiceAddress}:${builtins.toString sonarrPort}" = { }; - }; - }; - lidarr = { - servers = { - "${homeServiceAddress}:${builtins.toString lidarrPort}" = { }; - }; - }; - prowlarr = { - servers = { - "${homeServiceAddress}:${builtins.toString prowlarrPort}" = { }; - }; - }; - }; + nginx = { virtualHosts = { "${serviceDomain}" = { enableACME = false; forceSSL = false; acmeRoot = null; - extraConfig = nginxAccessRules; locations = { "/" = { - proxyPass = "http://transmission"; + proxyPass = "http://localhost:9091"; extraConfig = '' client_max_body_size 0; ''; }; "/radarr" = { - proxyPass = "http://radarr"; + proxyPass = "http://localhost:${builtins.toString radarrPort}"; extraConfig = '' client_max_body_size 0; ''; }; "/readarr" = { - proxyPass = "http://readarr"; + proxyPass = "http://localhost:${builtins.toString readarrPort}"; extraConfig = '' client_max_body_size 0; ''; }; "/sonarr" = { - proxyPass = "http://sonarr"; + proxyPass = "http://localhost:${builtins.toString sonarrPort}"; extraConfig = '' client_max_body_size 0; ''; }; "/lidarr" = { - proxyPass = "http://lidarr"; + proxyPass = "http://localhost:${builtins.toString lidarrPort}"; extraConfig = '' client_max_body_size 0; ''; }; "/prowlarr" = { - proxyPass = "http://prowlarr"; + proxyPass = "http://localhost:${builtins.toString prowlarrPort}"; extraConfig = '' client_max_body_size 0; ''; @@ -14381,16 +14242,12 @@ Also I install Tika and Gotenberg, which are needed to create PDFs out of =.eml= }; }; - environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [{ directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; }]; - }; - services.${serviceName} = rec { enable = true; user = serviceUser; group = serviceGroup; - dataDir = if config.swarselsystems.isMicroVM then "/storage/Documents/syncthing" else (lib.mkDefault "/var/lib/${serviceName}"); - configDir = if config.swarselsystems.isMicroVM then "/var/lib/syncthing/.config/syncthing" else "${cfg.dataDir}/.config/${serviceName}"; + dataDir = lib.mkDefault "/Vault/data/${serviceName}"; + configDir = "${cfg.dataDir}/.config/${serviceName}"; guiAddress = "0.0.0.0:${builtins.toString servicePort}"; openDefaultPorts = lib.mkIf (!isProxied) true; # opens ports TCP/UDP 22000 and UDP 21027 for discovery relay.enable = false; @@ -14463,92 +14320,68 @@ Note: you still need to run =restic- init= once on the host to get the buc { lib, pkgs, config, ... }: let inherit (config.swarselsystems) sopsFile; - - targets = config.swarselsystems.server.restic.targets; in { options.swarselmodules.server.restic = lib.mkEnableOption "enable restic backups on server"; options.swarselsystems.server.restic = { - targets = lib.mkOption { - type = lib.types.attrsOf (lib.types.submodule ({ name, ... }: { - options = { - bucketName = lib.mkOption { - type = lib.types.str; - default = name; - }; - repository = lib.mkOption { - type = lib.types.str; - }; - paths = lib.mkOption { - type = lib.types.listOf lib.types.str; - }; - withPostgres = lib.mkOption { - type = lib.types.bool; - default = false; - }; - }; - })); - default = { }; + bucketName = lib.mkOption { + type = lib.types.str; + }; + paths = lib.mkOption { + type = lib.types.listOf lib.types.str; + }; + withPostgres = lib.mkOption { + type = lib.types.bool; + default = false; }; }; - config = lib.mkIf config.swarselmodules.server.restic { sops = { - secrets = - lib.mkMerge (lib.mapAttrsToList - (name: _: { - "resticpw-${name}" = { inherit sopsFile; }; - "resticaccesskey-${name}" = { inherit sopsFile; }; - "resticsecretaccesskey-${name}" = { inherit sopsFile; }; - }) - targets); - - templates = - lib.mkMerge (lib.mapAttrsToList - (name: _: { - "restic-env-${name}".content = '' - AWS_ACCESS_KEY_ID=${config.sops.placeholder."resticaccesskey-${name}"} - AWS_SECRET_ACCESS_KEY=${config.sops.placeholder."resticsecretaccesskey-${name}"} - ''; - }) - targets); + secrets = { + resticpw = { inherit sopsFile; }; + resticaccesskey = { inherit sopsFile; }; + resticsecretaccesskey = { inherit sopsFile; }; + }; + templates = { + "restic-env".content = '' + AWS_ACCESS_KEY_ID=${config.sops.placeholder.resticaccesskey} + AWS_SECRET_ACCESS_KEY=${config.sops.placeholder.resticsecretaccesskey} + ''; + }; }; - services.restic.backups = - lib.mapAttrs' - (name: target: - lib.nameValuePair target.bucketName { - environmentFile = - config.sops.templates."restic-env-${name}".path; - - passwordFile = - config.sops.secrets."resticpw-${name}".path; - - inherit (target) paths repository; - + services.restic = + let + inherit (config.repo.secrets.local) resticRepo; + in + { + backups = { + "${config.swarselsystems.server.restic.bucketName}" = { + environmentFile = config.sops.templates."restic-env".path; + passwordFile = config.sops.secrets.resticpw.path; + inherit (config.swarselsystems.server.restic) paths; pruneOpts = [ "--keep-daily 3" "--keep-weekly 2" "--keep-monthly 3" "--keep-yearly 100" ]; - backupPrepareCommand = '' ${pkgs.restic}/bin/restic prune ''; - + repository = "${resticRepo}"; initialize = true; - timerConfig = { OnCalendar = "03:00"; }; - } - ) - targets; + }; + + }; + }; + }; } - #+end_src **** monitoring (Grafana, Prometheus) @@ -14608,10 +14441,8 @@ This section exposes several metrics that I use to check the health of my server node-exporter = confLib.mkIds 987; grafana = confLib.mkIds 974; }; - groups.nextcloud-exporter = {}; users = { nextcloud-exporter = { - group = "nextcloud-exporter"; extraGroups = [ "nextcloud" ]; }; @@ -14641,17 +14472,10 @@ This section exposes several metrics that I use to check the health of my server }; }; - environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [ - { directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; } - { directory = "/var/lib/prometheus2"; user = prometheusUser; group = prometheusGroup; } - ]; - }; - services = { ${serviceName} = { enable = true; - dataDir = "/var/lib/${serviceName}"; + dataDir = "/Vault/data/${serviceName}"; provision = { enable = true; datasources.settings = { @@ -14863,7 +14687,7 @@ This is a WIP Jenkins instance. It is used to automatically build a new system w #+begin_src nix-ts :tangle modules/nixos/server/jenkins.nix { pkgs, lib, config, globals, dns, confLib, ... }: let - inherit (confLib.gen { name = "jenkins"; port = 8088; }) servicePort serviceName serviceUser serviceGroup serviceDomain serviceAddress proxyAddress4 proxyAddress6; + inherit (confLib.gen { name = "jenkins"; port = 8088; }) servicePort serviceName serviceDomain serviceAddress proxyAddress4 proxyAddress6; inherit (confLib.static) isHome isProxied webProxy homeWebProxy dnsServer homeProxyIf webProxyIf homeServiceAddress nginxAccessRules; in { @@ -14886,17 +14710,13 @@ This is a WIP Jenkins instance. It is used to automatically build a new system w }; }; - environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [{ directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; }]; - }; - services.jenkins = { enable = true; withCLI = true; port = servicePort; packages = [ pkgs.stdenv pkgs.git pkgs.jdk17 config.programs.ssh.package pkgs.nix ]; listenAddress = "0.0.0.0"; - home = "/var/lib/${serviceName}"; + home = "/Vault/apps/${serviceName}"; }; nodes = { @@ -15017,10 +14837,6 @@ FreshRSS claims to support HTTP header auth, but at least it does not work with homeServiceAddress = lib.mkIf isHome homeServiceAddress; }; - environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [{ directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; }]; - }; - services.${serviceName} = let inherit (config.repo.secrets.local.freshrss) defaultUser; @@ -15031,7 +14847,7 @@ FreshRSS claims to support HTTP header auth, but at least it does not work with virtualHost = serviceDomain; baseUrl = "https://${serviceDomain}"; authType = "form"; - dataDir = "/var/lib/freshrss"; + dataDir = "/Vault/data/tt-rss"; passwordFile = config.sops.secrets.freshrss-pw.path; }; @@ -15136,13 +14952,9 @@ FreshRSS claims to support HTTP header auth, but at least it does not work with }; }; - environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [{ directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; }]; - }; - services.${serviceName} = { enable = true; - stateDir = "/var/lib/${serviceName}"; + stateDir = "/Vault/data/${serviceName}"; user = serviceUser; group = serviceGroup; lfs.enable = lib.mkDefault true; @@ -15295,10 +15107,6 @@ FreshRSS claims to support HTTP header auth, but at least it does not work with }; }; - environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [{ directory = "/var/lib/private/${serviceName}"; }]; - }; - services.anki-sync-server = { enable = true; port = servicePort; @@ -15425,19 +15233,12 @@ kanidm person credential create-reset-token }; }; - environment.persistence = { - "/persist" = lib.mkIf config.swarselsystems.isImpermanence { - files = [ - certPathBase - keyPathBase - ]; - }; - - "/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [{ directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; }]; - }; + environment.persistence."/persist" = lib.mkIf config.swarselsystems.isImpermanence { + files = [ + certPathBase + keyPathBase + ]; }; - systemd.services."generateSSLCert-${serviceName}" = let daysValid = 3650; @@ -15917,10 +15718,6 @@ kanidm person credential create-reset-token }; }; - users = { - persistentIds.oauth2-proxy = confLib.mkIds 966; - }; - # needed for homeWebProxy networking.firewall.allowedTCPPorts = [ servicePort ]; @@ -16059,16 +15856,12 @@ kanidm person credential create-reset-token homeServiceAddress = lib.mkIf isHome homeServiceAddress; }; - environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [{ directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; }]; - }; - services = { ${serviceName} = { enable = true; user = serviceUser; group = if cfg.enableNginx then nginxGroup else serviceGroup; - dataDir = "/var/lib/${serviceName}"; + dataDir = "/Vault/data/${serviceName}"; settings = { TZ = config.repo.secrets.common.location.timezone; APP_URL = "https://${serviceDomain}"; @@ -16150,160 +15943,156 @@ kanidm person credential create-reset-token } #+end_src -**** Koillection (use db) +**** Koillection :PROPERTIES: :CUSTOM_ID: h:09c0fed3-b9c6-487f-a5f6-49be039e5fa2 :END: #+begin_src nix-ts :tangle modules/nixos/server/koillection.nix - { self, lib, config, globals, dns, confLib, ... }: - let - inherit (confLib.gen { name = "koillection"; port = 2282; dir = "/var/lib/koillection"; }) servicePort serviceName serviceUser serviceDir serviceDomain serviceAddress proxyAddress4 proxyAddress6; - inherit (confLib.static) isHome isProxied webProxy homeWebProxy dnsServer homeProxyIf webProxyIf homeServiceAddress nginxAccessRules; - serviceDB = "koillection"; +{ self, lib, config, globals, dns, confLib, ... }: +let + inherit (confLib.gen { name = "koillection"; port = 2282; dir = "/Vault/data/koillection"; }) servicePort serviceName serviceUser serviceDir serviceDomain serviceAddress proxyAddress4 proxyAddress6; + inherit (confLib.static) isHome isProxied webProxy homeWebProxy dnsServer homeProxyIf webProxyIf homeServiceAddress nginxAccessRules; + serviceDB = "koillection"; - postgresUser = config.systemd.services.postgresql.serviceConfig.User; # postgres - postgresPort = config.services.postgresql.settings.port; # 5432 - containerRev = "sha256:96693e41a6eb2aae44f96033a090378270f024ddf4e6095edf8d57674f21095d"; - - inherit (config.swarselsystems) sopsFile; - in - { - options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server"; - config = lib.mkIf config.swarselmodules.server.${serviceName} { - - swarselmodules.server = { - podman = true; - postgresql = true; - }; - - sops.secrets = { - koillection-db-password = { inherit sopsFile; owner = postgresUser; group = postgresUser; mode = "0440"; }; - koillection-env-file = { inherit sopsFile; }; - }; - - topology.self.services.${serviceName} = { - name = lib.swarselsystems.toCapitalized serviceName; - info = "https://${serviceDomain}"; - icon = "${self}/files/topology-images/${serviceName}.png"; - }; - - globals = { - networks = { - ${webProxyIf}.hosts = lib.mkIf isProxied { - ${config.node.name}.firewallRuleForNode.${webProxy}.allowedTCPPorts = [ servicePort postgresPort ]; - }; - ${homeProxyIf}.hosts = lib.mkIf isHome { - ${config.node.name}.firewallRuleForNode.${homeWebProxy}.allowedTCPPorts = [ servicePort postgresPort ]; - }; - }; - services.${serviceName} = { - domain = serviceDomain; - inherit proxyAddress4 proxyAddress6 isHome serviceAddress; - homeServiceAddress = lib.mkIf isHome homeServiceAddress; - }; - }; - - environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [{ directory = "/var/lib/${serviceName}"; }]; - }; - - virtualisation.oci-containers.containers = { - koillection = { - image = "koillection/koillection@${containerRev}"; - - ports = [ - "${toString servicePort}:80" - ]; - - volumes = [ - "${serviceDir}/uploads:/uploads" - ]; - - environment = { - APP_DEBUG = "0"; - APP_ENV = "prod"; - HTTPS_ENABLED = "1"; - UPLOAD_MAX_FILESIZE = "512M"; - PHP_MEMORY_LIMIT = "512M"; - PHP_TZ = config.repo.secrets.common.location.timezone; - - CORS_ALLOW_ORIGIN = "https?://(localhost|swag\\.swarsel\\.win)(:[0-9]+)?$"; - - DB_DRIVER = "pdo_pgsql"; - DB_NAME = serviceDB; - DB_HOST = "host.docker.internal"; - DB_USER = serviceUser; - # DB_PASSWORD set in koillection-env-file - DB_PORT = "${toString postgresPort}"; - DB_VERSION = "16"; - }; - - environmentFiles = [ - config.sops.secrets.koillection-env-file.path - ]; - - extraOptions = [ - "--add-host=host.docker.internal:host-gateway" # podman - ]; - }; - }; - - # networking.firewall.allowedTCPPorts = [ servicePort postgresPort ]; - - systemd.services.postgresql.postStart = - let - passwordPath = config.sops.secrets.koillection-db-password.path; - in - '' - ${config.services.postgresql.package}/bin/psql -tA <<'EOF' - DO $$ - DECLARE password TEXT; - BEGIN - password := trim(both from replace(pg_read_file('${passwordPath}'), E'\n', ''')); - EXECUTE format('ALTER ROLE ${serviceDB} WITH PASSWORD '''%s''';', password); - END $$; - EOF - ''; - services = { - postgresql = { - enable = true; - enableTCPIP = true; - ensureDatabases = [ serviceDB ]; - ensureUsers = [ - { - name = serviceDB; - ensureDBOwnership = true; - } - ]; - authentication = '' - host ${serviceDB} ${serviceDB} 10.88.0.0/16 scram-sha-256 - ''; - }; - }; - - nodes = - let - extraConfigLoc = '' - proxy_buffer_size 128k; - proxy_buffers 4 256k; - proxy_busy_buffers_size 256k; - ''; - in - { - ${dnsServer}.swarselsystems.server.dns.${globals.services.${serviceName}.baseDomain}.subdomainRecords = { - "${globals.services.${serviceName}.subDomain}" = dns.lib.combinators.host proxyAddress4 proxyAddress6; - }; - ${webProxy}.services.nginx = confLib.genNginx { inherit serviceAddress servicePort serviceDomain serviceName extraConfigLoc; maxBody = 0; }; - ${homeWebProxy}.services.nginx = lib.mkIf isHome (confLib.genNginx { inherit servicePort serviceDomain serviceName extraConfigLoc; maxBody = 0; extraConfig = nginxAccessRules; serviceAddress = homeServiceAddress; }); - }; + postgresUser = config.systemd.services.postgresql.serviceConfig.User; # postgres + postgresPort = config.services.postgresql.settings.port; # 5432 + containerRev = "sha256:96693e41a6eb2aae44f96033a090378270f024ddf4e6095edf8d57674f21095d"; + inherit (config.swarselsystems) sopsFile; +in +{ + options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server"; + config = lib.mkIf config.swarselmodules.server.${serviceName} { + swarselmodules.server = { + podman = true; + postgresql = true; }; - } + + sops.secrets = { + koillection-db-password = { inherit sopsFile; owner = postgresUser; group = postgresUser; mode = "0440"; }; + koillection-env-file = { inherit sopsFile; }; + }; + + topology.self.services.${serviceName} = { + name = lib.swarselsystems.toCapitalized serviceName; + info = "https://${serviceDomain}"; + icon = "${self}/files/topology-images/${serviceName}.png"; + }; + + globals = { + networks = { + ${webProxyIf}.hosts = lib.mkIf isProxied { + ${config.node.name}.firewallRuleForNode.${webProxy}.allowedTCPPorts = [ servicePort postgresPort ]; + }; + ${homeProxyIf}.hosts = lib.mkIf isHome { + ${config.node.name}.firewallRuleForNode.${homeWebProxy}.allowedTCPPorts = [ servicePort postgresPort ]; + }; + }; + services.${serviceName} = { + domain = serviceDomain; + inherit proxyAddress4 proxyAddress6 isHome serviceAddress; + homeServiceAddress = lib.mkIf isHome homeServiceAddress; + }; + }; + + virtualisation.oci-containers.containers = { + koillection = { + image = "koillection/koillection@${containerRev}"; + + ports = [ + "${toString servicePort}:80" + ]; + + volumes = [ + "${serviceDir}/uploads:/uploads" + ]; + + environment = { + APP_DEBUG = "0"; + APP_ENV = "prod"; + HTTPS_ENABLED = "1"; + UPLOAD_MAX_FILESIZE = "512M"; + PHP_MEMORY_LIMIT = "512M"; + PHP_TZ = config.repo.secrets.common.location.timezone; + + CORS_ALLOW_ORIGIN = "https?://(localhost|swag\\.swarsel\\.win)(:[0-9]+)?$"; + + DB_DRIVER = "pdo_pgsql"; + DB_NAME = serviceDB; + DB_HOST = "host.docker.internal"; + DB_USER = serviceUser; + # DB_PASSWORD set in koillection-env-file + DB_PORT = "${toString postgresPort}"; + DB_VERSION = "16"; + }; + + environmentFiles = [ + config.sops.secrets.koillection-env-file.path + ]; + + extraOptions = [ + "--add-host=host.docker.internal:host-gateway" # podman + ]; + }; + }; + + # networking.firewall.allowedTCPPorts = [ servicePort postgresPort ]; + + systemd.services.postgresql.postStart = + let + passwordPath = config.sops.secrets.koillection-db-password.path; + in + '' + ${config.services.postgresql.package}/bin/psql -tA <<'EOF' + DO $$ + DECLARE password TEXT; + BEGIN + password := trim(both from replace(pg_read_file('${passwordPath}'), E'\n', ''')); + EXECUTE format('ALTER ROLE ${serviceDB} WITH PASSWORD '''%s''';', password); + END $$; + EOF + ''; + services = { + postgresql = { + enable = true; + enableTCPIP = true; + ensureDatabases = [ serviceDB ]; + ensureUsers = [ + { + name = serviceDB; + ensureDBOwnership = true; + } + ]; + authentication = '' + host ${serviceDB} ${serviceDB} 10.88.0.0/16 scram-sha-256 + ''; + }; + }; + + nodes = + let + extraConfigLoc = '' + proxy_buffer_size 128k; + proxy_buffers 4 256k; + proxy_busy_buffers_size 256k; + ''; + in + { + ${dnsServer}.swarselsystems.server.dns.${globals.services.${serviceName}.baseDomain}.subdomainRecords = { + "${globals.services.${serviceName}.subDomain}" = dns.lib.combinators.host proxyAddress4 proxyAddress6; + }; + ${webProxy}.services.nginx = confLib.genNginx { inherit serviceAddress servicePort serviceDomain serviceName extraConfigLoc; maxBody = 0; }; + ${homeWebProxy}.services.nginx = lib.mkIf isHome (confLib.genNginx { inherit servicePort serviceDomain serviceName extraConfigLoc; maxBody = 0; extraConfig = nginxAccessRules; serviceAddress = homeServiceAddress; }); + }; + + + }; +} #+end_src -**** Atuin (use db) +**** Atuin :PROPERTIES: :CUSTOM_ID: h:27eac8b9-c202-4e45-9b80-42592f1e41c8 :END: @@ -16314,51 +16103,47 @@ kanidm person credential create-reset-token inherit (confLib.gen { name = "atuin"; port = 8888; }) servicePort serviceName serviceDomain serviceAddress proxyAddress4 proxyAddress6; inherit (confLib.static) isHome isProxied webProxy homeWebProxy dnsServer homeProxyIf webProxyIf homeServiceAddress nginxAccessRules; in - { - options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server"; - config = lib.mkIf config.swarselmodules.server.${serviceName} { + { + options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server"; + config = lib.mkIf config.swarselmodules.server.${serviceName} { - swarselmodules.server = { - postgresql = true; - }; + topology.self.services.${serviceName}.info = "https://${serviceDomain}"; - topology.self.services.${serviceName}.info = "https://${serviceDomain}"; - - globals = { - networks = { - ${webProxyIf}.hosts = lib.mkIf isProxied { - ${config.node.name}.firewallRuleForNode.${webProxy}.allowedTCPPorts = [ servicePort ]; - }; - ${homeProxyIf}.hosts = lib.mkIf isHome { - ${config.node.name}.firewallRuleForNode.${homeWebProxy}.allowedTCPPorts = [ servicePort ]; - }; + globals = { + networks = { + ${webProxyIf}.hosts = lib.mkIf isProxied { + ${config.node.name}.firewallRuleForNode.${webProxy}.allowedTCPPorts = [ servicePort ]; }; - services.${serviceName} = { - domain = serviceDomain; - inherit proxyAddress4 proxyAddress6 isHome serviceAddress; - homeServiceAddress = lib.mkIf isHome homeServiceAddress; + ${homeProxyIf}.hosts = lib.mkIf isHome { + ${config.node.name}.firewallRuleForNode.${homeWebProxy}.allowedTCPPorts = [ servicePort ]; }; }; - services.${serviceName} = { - enable = true; - host = "0.0.0.0"; - port = servicePort; - # openFirewall = true; - openRegistration = false; + domain = serviceDomain; + inherit proxyAddress4 proxyAddress6 isHome serviceAddress; + homeServiceAddress = lib.mkIf isHome homeServiceAddress; }; - - nodes = { - ${dnsServer}.swarselsystems.server.dns.${globals.services.${serviceName}.baseDomain}.subdomainRecords = { - "${globals.services.${serviceName}.subDomain}" = dns.lib.combinators.host proxyAddress4 proxyAddress6; - }; - ${webProxy}.services.nginx = confLib.genNginx { inherit serviceAddress servicePort serviceDomain serviceName; maxBody = 0; }; - ${homeWebProxy}.services.nginx = lib.mkIf isHome (confLib.genNginx { inherit servicePort serviceDomain serviceName; maxBody = 0; extraConfig = nginxAccessRules; serviceAddress = homeServiceAddress; }); - }; - }; - } + services.${serviceName} = { + enable = true; + host = "0.0.0.0"; + port = servicePort; + # openFirewall = true; + openRegistration = false; + }; + + nodes = { + ${dnsServer}.swarselsystems.server.dns.${globals.services.${serviceName}.baseDomain}.subdomainRecords = { + "${globals.services.${serviceName}.subDomain}" = dns.lib.combinators.host proxyAddress4 proxyAddress6; + }; + ${webProxy}.services.nginx = confLib.genNginx { inherit serviceAddress servicePort serviceDomain serviceName; maxBody = 0; }; + ${homeWebProxy}.services.nginx = lib.mkIf isHome (confLib.genNginx { inherit servicePort serviceDomain serviceName; maxBody = 0; extraConfig = nginxAccessRules; serviceAddress = homeServiceAddress; }); + }; + + }; + + } #+end_src **** Radicale @@ -16404,10 +16189,6 @@ kanidm person credential create-reset-token topology.self.services.${serviceName}.info = "https://${serviceDomain}"; - environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [{ directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; }]; - }; - globals = { networks = { ${webProxyIf}.hosts = lib.mkIf isProxied { @@ -16440,7 +16221,7 @@ kanidm person credential create-reset-token htpasswd_encryption = "autodetect"; }; storage = { - filesystem_folder = "/var/lib/radicale/collections"; + filesystem_folder = "/Vault/data/radicale/collections"; }; }; rights = { @@ -17011,7 +16792,7 @@ in hostName = serviceDomain; user = serviceUser; group = serviceGroup; - dataDir = "/var/lib/snipeit"; + dataDir = "/Vault/data/snipeit"; database = { user = serviceUser; port = mysqlPort; @@ -17032,7 +16813,7 @@ in }; } #+end_src -**** Homebox (use db) +**** Homebox :PROPERTIES: :CUSTOM_ID: h:5b4feb1b-e7a3-43f1-9930-8d00012742ad :END: @@ -17040,7 +16821,7 @@ in #+begin_src nix-ts :tangle modules/nixos/server/homebox.nix { self, lib, pkgs, config, globals, dns, confLib, ... }: let - inherit (confLib.gen { name = "homebox"; port = 7745; }) servicePort serviceName serviceUser serviceGroup serviceDomain serviceAddress proxyAddress4 proxyAddress6; + inherit (confLib.gen { name = "homebox"; port = 7745; }) servicePort serviceName serviceDomain serviceAddress proxyAddress4 proxyAddress6; inherit (confLib.static) isHome isProxied webProxy homeWebProxy dnsServer homeProxyIf webProxyIf homeServiceAddress nginxAccessRules; in { @@ -17053,10 +16834,6 @@ in icon = "${self}/files/topology-images/${serviceName}.png"; }; - swarselmodules.server = { - postgresql = true; - }; - users.persistentIds = { homebox = confLib.mkIds 981; }; @@ -17077,14 +16854,14 @@ in }; }; - environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [{ directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; }]; - }; - systemd.services.homebox = { environment = { TMPDIR = "/var/lib/homebox/.tmp"; - HOME = "/var/lib/homebox"; + }; + serviceConfig = { + # ReadWritePaths = "/var/lib/homebox"; + RuntimeDirectory = "homebox"; + BindPaths="/run/homebox:/var/lib/homebox/.tmp"; }; }; @@ -17126,7 +16903,7 @@ in kanidmDomain = globals.services.kanidm.domain; inherit (config.swarselsystems) mainUser; - mailAddress = config.repo.secrets.common.mail.address4; + inherit (config.repo.secrets.local) persons; in { options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server"; @@ -17150,7 +16927,7 @@ in authorizations = [ { user = mainUser; - principal = mailAddress; + principal = builtins.head persons.${mainUser}.mailAddresses; inherit (config.services.opkssh.providers.kanidm) issuer; } ]; @@ -17925,7 +17702,7 @@ When changing the hashed passwords, =dovecot= needs to be restarted manually, it { self, lib, config, globals, dns, confLib, ... }: let inherit (config.swarselsystems) sopsFile; - inherit (confLib.gen { name = "mailserver"; dir = "/var/lib/dovecot"; user = "virtualMail"; group = "virtualMail"; port = 80; }) serviceName serviceDir servicePort serviceUser serviceGroup serviceAddress serviceDomain proxyAddress4 proxyAddress6; + inherit (confLib.gen { name = "mailserver"; dir = "/var/lib/dovecot"; user = "virtualMail"; group = "virtualMail"; port = 443; }) serviceName serviceDir servicePort serviceUser serviceGroup serviceAddress serviceDomain proxyAddress4 proxyAddress6; inherit (confLib.static) isHome webProxy homeWebProxy dnsServer homeServiceAddress nginxAccessRules; inherit (config.repo.secrets.local.mailserver) user1 alias1_1 alias1_2 alias1_3 alias1_4 user2 alias2_1 alias2_2 alias2_3 user3; baseDomain = globals.domains.main; @@ -19866,6 +19643,8 @@ Some standard options that should be set for every microvm guest. We set the def # NOTE: this is needed, we dont import sevrer network module for microvms globals.hosts.${config.node.name}.isHome = true; + fileSystems."/persist".neededForBoot = lib.mkForce true; + systemd.network.networks."10-vlan-services" = { dhcpV6Config = { WithoutRA = "solicit"; @@ -27388,220 +27167,210 @@ In short, the options defined here are passed to the modules systems using =_mod :CUSTOM_ID: h:a33322d5-014a-4072-a4a5-91bc71c343b8 :END: #+begin_src nix-ts :noweb yes :tangle modules/shared/config-lib.nix - { self, config, lib, globals, inputs, outputs, minimal, nixosConfig ? null, ... }: - let - domainDefault = service: config.repo.secrets.common.services.domains.${service}; - proxyDefault = config.swarselsystems.proxyHost; + { self, config, lib, globals, inputs, outputs, minimal, nixosConfig ? null, ... }: + let + domainDefault = service: config.repo.secrets.common.services.domains.${service}; + proxyDefault = config.swarselsystems.proxyHost; - addressDefault = + addressDefault = + if + config.swarselsystems.proxyHost != config.node.name + then if - config.swarselsystems.proxyHost != config.node.name + config.swarselsystems.server.wireguard.interfaces.wgProxy.isClient then - if - config.swarselsystems.server.wireguard.interfaces.wgProxy.isClient - then - globals.networks."${config.swarselsystems.server.wireguard.interfaces.wgProxy.serverNetConfigPrefix}-wgProxy".hosts.${config.node.name}.ipv4 - else - globals.networks.${config.swarselsystems.server.netConfigName}.hosts.${config.node.name}.ipv4 + globals.networks."${config.swarselsystems.server.wireguard.interfaces.wgProxy.serverNetConfigPrefix}-wgProxy".hosts.${config.node.name}.ipv4 else - "localhost"; - in - { - _module.args = { - confLib = rec { - getConfig = if nixosConfig == null then config else nixosConfig; + globals.networks.${config.swarselsystems.server.netConfigName}.hosts.${config.node.name}.ipv4 + else + "localhost"; + in + { + _module.args = { + confLib = rec { + getConfig = if nixosConfig == null then config else nixosConfig; - gen = { name ? "n/a", user ? name, group ? user, dir ? null, port ? null, domain ? (domainDefault name), address ? addressDefault, proxy ? proxyDefault }: rec { - servicePort = port; - serviceName = name; - specificServiceName = "${name}-${config.node.name}"; - serviceUser = user; - serviceGroup = group; - serviceDomain = domain; - baseDomain = lib.swarselsystems.getBaseDomain domain; - subDomain = lib.swarselsystems.getSubDomain domain; - serviceDir = dir; - serviceAddress = address; - serviceProxy = proxy; - proxyAddress4 = globals.hosts.${proxy}.wanAddress4 or null; - proxyAddress6 = globals.hosts.${proxy}.wanAddress6 or null; - }; + gen = { name ? "n/a", user ? name, group ? name, dir ? null, port ? null, domain ? (domainDefault name), address ? addressDefault, proxy ? proxyDefault }: rec { + servicePort = port; + serviceName = name; + specificServiceName = "${name}-${config.node.name}"; + serviceUser = user; + serviceGroup = group; + serviceDomain = domain; + baseDomain = lib.swarselsystems.getBaseDomain domain; + subDomain = lib.swarselsystems.getSubDomain domain; + serviceDir = dir; + serviceAddress = address; + serviceProxy = proxy; + proxyAddress4 = globals.hosts.${proxy}.wanAddress4 or null; + proxyAddress6 = globals.hosts.${proxy}.wanAddress6 or null; + }; - static = rec { - inherit (globals.hosts.${config.node.name}) isHome; - inherit (globals.general) homeProxy webProxy dnsServer homeDnsServer homeWebProxy idmServer oauthServer; - webProxyIf = "${webProxy}-wgProxy"; - homeProxyIf = "home-wgHome"; - isProxied = config.node.name != webProxy; - nginxAccessRules = '' - allow ${globals.networks.home-lan.vlans.home.cidrv4}; - allow ${globals.networks.home-lan.vlans.home.cidrv6}; - allow ${globals.networks.home-lan.vlans.services.hosts.${homeProxy}.ipv4}; - allow ${globals.networks.home-lan.vlans.services.hosts.${homeProxy}.ipv6}; - deny all; - ''; - homeServiceAddress = lib.optionalString (config.swarselsystems.server.wireguard.interfaces ? wgHome) globals.networks."${config.swarselsystems.server.wireguard.interfaces.wgHome.serverNetConfigPrefix}-wgHome".hosts.${config.node.name}.ipv4; - }; + static = rec { + inherit (globals.hosts.${config.node.name}) isHome; + inherit (globals.general) homeProxy webProxy dnsServer homeDnsServer homeWebProxy idmServer oauthServer; + webProxyIf = "${webProxy}-wgProxy"; + homeProxyIf = "home-wgHome"; + isProxied = config.node.name != webProxy; + nginxAccessRules = '' + allow ${globals.networks.home-lan.vlans.home.cidrv4}; + allow ${globals.networks.home-lan.vlans.home.cidrv6}; + allow ${globals.networks.home-lan.vlans.services.hosts.${homeProxy}.ipv4}; + allow ${globals.networks.home-lan.vlans.services.hosts.${homeProxy}.ipv6}; + deny all; + ''; + homeServiceAddress = lib.optionalString (config.swarselsystems.server.wireguard.interfaces ? wgHome) globals.networks."${config.swarselsystems.server.wireguard.interfaces.wgHome.serverNetConfigPrefix}-wgHome".hosts.${config.node.name}.ipv4; + }; - mkIds = id: { - uid = id; - gid = id; - }; + mkIds = id: { + uid = id; + gid = id; + }; - mkDeviceMac = id: - let - mod = n: d: n - (n / d) * d; - toHexByte = n: - let - hex = "0123456789abcdef"; - hi = n / 16; - lo = mod n 16; - in - builtins.substring hi 1 hex - + builtins.substring lo 1 hex; + mkDeviceMac = id: + let + mod = n: d: n - (n / d) * d; + toHexByte = n: + let + hex = "0123456789abcdef"; + hi = n / 16; + lo = mod n 16; + in + builtins.substring hi 1 hex + + builtins.substring lo 1 hex; - max = 16777215; # 256^3 - 1 + max = 16777215; # 256^3 - 1 - b1 = id / (256 * 256); - r1 = mod id (256 * 256); - b2 = r1 / 256; - b3 = mod r1 256; - in - if - (id <= max) - then - (builtins.concatStringsSep ":" - (map toHexByte [ b1 b2 b3 ])) - else - (throw "Device MAC ID too large (max is 16777215)"); + b1 = id / (256 * 256); + r1 = mod id (256 * 256); + b2 = r1 / 256; + b3 = mod r1 256; + in + if + (id <= max) + then + (builtins.concatStringsSep ":" + (map toHexByte [ b1 b2 b3 ])) + else + (throw "Device MAC ID too large (max is 16777215)"); - mkMicrovm = - if config.swarselsystems.withMicroVMs then - (guestName: - { eternorPaths ? [ ] - , withZfs ? false - , ... - }: - { - ${guestName} = - { - backend = "microvm"; - autostart = true; - zfs = lib.mkIf withZfs - ({ - # stateful config usually bind-mounted to /var/lib/ that should be backed up remotely - "/state" = { - pool = "Vault"; - dataset = "guests/${guestName}/state"; - }; - # other stuff that should only reside on zfs, not backed up remotely - "/persist" = { - pool = "Vault"; - dataset = "guests/${guestName}/persist"; - }; - } // lib.optionalAttrs (eternorPaths != [ ]) - (lib.listToAttrs (map - # data that is pulled in externally by services, some of which is backed up externally - (eternorPath: - lib.nameValuePair "/storage/${eternorPath}" { - pool = "Vault"; - dataset = "Eternor/${eternorPath}"; - }) eternorPaths))); - modules = [ - (config.node.configDir + /guests/${guestName}/default.nix) - { - node.secretsDir = config.node.configDir + /secrets/${guestName}; - node.configDir = config.node.configDir + /guests/${guestName}; - networking.nftables.firewall = { - zones.untrusted.interfaces = lib.mkIf - ( - lib.length config.guests.${guestName}.networking.links == 1 - ) - config.guests.${guestName}.networking.links; - }; - - fileSystems = { - "/persist".neededForBoot = true; - } // lib.optionalAttrs withZfs { - "/state".neededForBoot = true; - }; - } - "${self}/modules/nixos/optional/microvm-guest.nix" - "${self}/modules/nixos/optional/systemd-networkd-base.nix" - ]; - microvm = { - system = config.node.arch; - baseMac = config.repo.secrets.local.networking.networks.lan.mac; - interfaces.vlan-services = { - mac = lib.mkForce "02:${lib.substring 3 5 config.guests.${guestName}.microvm.baseMac}:${mkDeviceMac globals.networks.home-lan.vlans.services.hosts."${config.node.name}-${guestName}".id}"; - - }; - }; - extraSpecialArgs = { - inherit (inputs.self) nodes; - inherit (inputs.self.pkgs.${config.node.arch}) lib; - inherit inputs outputs minimal; - inherit (inputs) self; - withHomeManager = false; - microVMParent = config.node.name; - globals = inputs.self.globals.${config.node.arch}; - }; + mkMicrovm = + if config.swarselsystems.withMicroVMs then + (guestName: + { enableStorage ? false + , withZfs ? false + , ... + }: + { + ${guestName} = { + backend = "microvm"; + autostart = true; + zfs = lib.mkIf withZfs { + # stateful config that should be backed up + "/state" = { + pool = "Vault"; + dataset = "guests/${guestName}/state"; }; - }) else - (_: { - _ = { }; - }); + # data that should be backed up + "/storage" = lib.mkIf enableStorage { + pool = "Vault"; + dataset = "guests/${guestName}/storage"; + }; + # other stuff that should only reside on disk, not backed up + "/persist" = { + pool = "Vault"; + dataset = "guests/${guestName}/persist"; + }; + }; + modules = [ + (config.node.configDir + /guests/${guestName}/default.nix) + { + node.secretsDir = config.node.configDir + /secrets/${guestName}; + node.configDir = config.node.configDir + /guests/${guestName}; + networking.nftables.firewall = { + zones.untrusted.interfaces = lib.mkIf + ( + lib.length config.guests.${guestName}.networking.links == 1 + ) + config.guests.${guestName}.networking.links; + }; + } + "${self}/modules/nixos/optional/microvm-guest.nix" + "${self}/modules/nixos/optional/systemd-networkd-base.nix" + ]; + microvm = { + system = config.node.arch; + baseMac = config.repo.secrets.local.networking.networks.lan.mac; + interfaces.vlan-services = { + mac = lib.mkForce "02:${lib.substring 3 5 config.guests.${guestName}.microvm.baseMac}:${mkDeviceMac globals.networks.home-lan.vlans.services.hosts."${config.node.name}-${guestName}".id}"; - genNginx = - { serviceAddress - , serviceName - , serviceDomain - , servicePort - , protocol ? "http" - , maxBody ? (-1) - , maxBodyUnit ? "" - , noSslVerify ? false - , proxyWebsockets ? false - , oauth2 ? false - , oauth2Groups ? [ ] - , extraConfig ? "" - , extraConfigLoc ? "" - }: { - upstreams = { - ${serviceName} = { - servers = { - "${serviceAddress}:${builtins.toString servicePort}" = { }; + }; + }; + extraSpecialArgs = { + inherit (inputs.self) nodes; + inherit (inputs.self.pkgs.${config.node.arch}) lib; + inherit inputs outputs minimal; + inherit (inputs) self; + withHomeManager = false; + microVMParent = config.node.name; + globals = inputs.self.globals.${config.node.arch}; }; }; - }; - virtualHosts = { - "${serviceDomain}" = { - useACMEHost = globals.domains.main; - forceSSL = true; - acmeRoot = null; - oauth2 = { - enable = lib.mkIf oauth2 true; - allowedGroups = lib.mkIf (oauth2Groups != [ ]) oauth2Groups; - }; - locations = { - "/" = { - proxyPass = "${protocol}://${serviceName}"; - proxyWebsockets = lib.mkIf proxyWebsockets true; - extraConfig = lib.optionalString (maxBody != (-1)) '' - client_max_body_size ${builtins.toString maxBody}${maxBodyUnit}; - '' + extraConfigLoc; - }; - }; - extraConfig = lib.optionalString noSslVerify '' - proxy_ssl_verify off; - '' + extraConfig; + }) else + (_: { + _ = { }; + }); + + genNginx = + { serviceAddress + , serviceName + , serviceDomain + , servicePort + , protocol ? "http" + , maxBody ? (-1) + , maxBodyUnit ? "" + , noSslVerify ? false + , proxyWebsockets ? false + , oauth2 ? false + , oauth2Groups ? [ ] + , extraConfig ? "" + , extraConfigLoc ? "" + }: { + upstreams = { + ${serviceName} = { + servers = { + "${serviceAddress}:${builtins.toString servicePort}" = { }; }; }; }; + virtualHosts = { + "${serviceDomain}" = { + useACMEHost = globals.domains.main; + forceSSL = true; + acmeRoot = null; + oauth2 = { + enable = lib.mkIf oauth2 true; + allowedGroups = lib.mkIf (oauth2Groups != [ ]) oauth2Groups; + }; + locations = { + "/" = { + proxyPass = "${protocol}://${serviceName}"; + proxyWebsockets = lib.mkIf proxyWebsockets true; + extraConfig = lib.optionalString (maxBody != (-1)) '' + client_max_body_size ${builtins.toString maxBody}${maxBodyUnit}; + '' + extraConfigLoc; + }; + }; + extraConfig = lib.optionalString noSslVerify '' + proxy_ssl_verify off; + '' + extraConfig; + }; + }; + }; - }; }; - } + }; + } #+end_src *** Packages @@ -30126,7 +29895,6 @@ Modules that need to be loaded on the NixOS level. Note that these will not be a ssh = lib.mkDefault true; wireguard = lib.mkDefault true; dns-home = lib.mkDefault true; - opkssh = true; }; }; }; diff --git a/hosts/nixos/aarch64-linux/moonside/default.nix b/hosts/nixos/aarch64-linux/moonside/default.nix index 09d244b..bfbd912 100644 --- a/hosts/nixos/aarch64-linux/moonside/default.nix +++ b/hosts/nixos/aarch64-linux/moonside/default.nix @@ -82,13 +82,11 @@ in serverName = "twothreetunnel"; }; }; - restic.targets = { - SwarselMoonside = { - repository = config.repo.secrets.local.resticRepoState; - paths = [ - "/persist/opt/minecraft" - ]; - }; + restic = { + bucketName = "SwarselMoonside"; + paths = [ + "/persist/opt/minecraft" + ]; }; }; syncthing = { diff --git a/hosts/nixos/aarch64-linux/moonside/secrets/pii.nix.enc b/hosts/nixos/aarch64-linux/moonside/secrets/pii.nix.enc index a22bd90..e0d419c 100644 --- a/hosts/nixos/aarch64-linux/moonside/secrets/pii.nix.enc +++ b/hosts/nixos/aarch64-linux/moonside/secrets/pii.nix.enc @@ -1,5 +1,5 @@ { - "data": "ENC[AES256_GCM,data:MeJM7Y4TN0doXAHHxa5y+ZuatVyEsx4HL5sMBGJ77J6VIuqS1GvY9D2p+/JETZx5iwEf+oJ5CMUD4/PQtXbUM7RKzhyzU9AjCdfNos4ZTEyLUhmHgAup2AP0yVO/Qb7dYjDPwbT5wycAAQUx+3xc1GKX93MqsKfNVUqIHWAr20s5ct0RxBylvPWeZA6eNDmcdgNaA5QgKoEDrZtfK3inTg1UmhQZrvw7MWzFN68DdC7FRxeDxSdn1ctucGTJW8k1LT5MdwGCA7nX08vAMG7VBIuj61ZXXU3zFtNRtdHBiyzlqjgInHRWevajK7L/Vjxpy3ffBRAFFQYZi6jVaui5acOywSvCvvrzVKN6Z2Rzc72KfC/np0NElJBrTAqBfQ+8tXrjjd8uaTQXbcXc3qk/y6+kfjOcYB8lk0opA/r33xUR7QkMElu7zuw1+u5ClKTOIZSqkdqrEbTCnw+hn5fL2VH0bShEACXQal6z/XnJSULmzxE5YfSK7qsJxakVux+Ksz3E5EHYgyyMCNk5WEyJtFz5FFBV0+FDbar9ChdLPvY/SEGLGS7ekx6aA/PQGQtb/xsk5pylt5Ie6vxL4YBDAxgm1ss4ciK3HfoAZJnQbfa6kkqm1rfAvzr2rM4WH/Vyocakpqxv16QH4AtbX0A02Y4lwMhxTz+8XRFxLOm4CBXYBddKSMKEaW0VCMEl3U3g4e7vPRg2tp+1WxouJSjbejgnVeq/A026j6ZwQ44xADkWjG+4lCvIO0NLZIv5uE3Sb3a4sW4dphqrQPWMaiOmtzxxZWbO0GTnQ5/U2U6DCdyspGjFEFAGOxduFTBMhIeDzWfHLty/S17Hjaxp+v3qEnOs7aMznIzV/LmzAxMp0CVA6I7ehtzbHVNdaY4DfrrNZJgYzkoUG1F0De5in+Bk6g22UecAXBW2sLugmxPwV14sa0iD4IpAvrGE4LwdnGOFAXWunYvOK2zsn92v7ymESayGj9PqH9srL/yaB/RZuJ3VtwLNgPTc+Ly9G6PL3XMInjWdmI9+wIuBaDyWdUxLZhhlH+njc9Bc/rxQWbXHlggrTFQw+rLlQtw0w6rS+avbC+KDpnhhTKDV4gQZsvY8PpKlsmvgN8g6BKrY25JE9sLBMMxmzSbLfIUDGgfUi7BM9p0l4wpdWrHB+rBQtoULDXCWR3LRD4SnyBoNSgXhoXxMaelUVpfOlY105sLLYxMzkzSijQ+OJ1pST1ED+XEnjddcLJtJ+1zIQ5aRZCYDcRr0FGvLcfW+M2yORIc03r/RI/wKTASezuydtMGibUUwBq1jjb5ZDGQEVdABPCEdqBgubDllFm3JdkyPV6V0EoQ4Qq+dv021exQqclentdBqK/A/LJ+h1QQyg7+wDdeC0sJF0EHP,iv:5u/hx1/P7QsLpx/tXceGMjI2Hh5crdguiI30+HJfd/w=,tag:8k5G2WALcjD8S8lZ30EWGw==,type:str]", + "data": "ENC[AES256_GCM,data:t3En0FAhzVnLIv9tuvrTtmYMGeKvZ5e3FoVZHlEbHsmvUlVl+t1Po2uANatzIeKX3HRZJ1mURXMKh7Xk9O9DsKssadBYa2YqZTugU5m9o4+xESQlqHlnnKALaiyfSXFlhAZ6X50e8nfPCDLicjKzQnk7S/0XMaFB7XN9T4SfonVLElHSZtmOC+85WgAn4uAyfPq44UDVw116g7ogpjztsCG3deqTxP/mcY5trtk+SCEEHLHO6AiEe+Jz628Z+t+3YttQMKQulrakUzzvP07jQhW4m8X1cQOfX2xeTVTwNiqEq75Pt7g+mycKO952BVmMPYIvQAU2xUNC3YIqaFHUDS2QbooAeSJq8TT/s/zM/tjXXLsA7EsFTcduDKDGXhBFt7AlicruhymgtuGv2IwQLeprytRpwz2wcWFGLeiOKp/Zdqwf/3yhGeYlOEv+yhCXI2oZxS+8q4Vu0ejDkTtSeGzm5EtTrxzmS4X2psq2In+9Jb70TrkutAA6F50VyKJV6WQX7Q9yFU6Z6URHlxpwOUzwpto4Z3gxOn9Hm9VyrhTSJZ7sjd9sYf0WO4CJpUYrTu5/ZRcdy8i6Wu2GA/ylt+XXsG1yicgPxDvUcWSg6VfD5/tSTEHtUUVD/sAf7xl/sPcd76Z1DFfgkfA/s4BbbyZKzaZpAz1WYTuhambFpKWDY8YKCoLZdSCahP0jupm3OcnNw7ZCYu43k2JHp4X1mW0gb4TPvIGOcpC+pJvLsa2Q4AUAt4eUmlMCogJ7R89LPLy3fTYDeQV9ly6Z54N70kfsJVCuzrqOjFS4WxqJPZZ4HcRth4JmFE0mcCDsWQVOGJdJmShFxr7kijEoAyfrrZeRG29PgU+2CCcm2dvswJ8DdEtI4E8i/tOwQlHpUmWAM5dFFvKWZjxd89tofYyB/mrAQwXhD7+9Yu4KJM1C3v2IbrvkOgaSMVL7Ekn5YqU+g2BfGYQbkCYMM3DLpllTMGjiMFeOLgvHPAhA3ozR0KxJUaUVZe5B5XscA1xaKedl3hDxR6A9r/g1EQvv7F0n1rWpJvMVSZ3oo8YmzO2DKDwsfKglkR3TrmvQyPvwO/F5wnKMb2+GWh0EmeQLcxHldB6j5CpAj6O1AqfOZjZNcFc8/RfAdLS+OMXgNaWvahVjlPKqI17zLTSJCaCF8KP/T9Chj90l5XqgPsV0t6bPDueOrBOrieQD8UKOjQHR/fgSunjZQrVfYgDBTilb3UyGJ3sqlL9zcTjTgLkNSkNd41EmnCm6SdB3RpQb1fcXfzuCp4bD5Ty01PU380YWXXkAinXDP8961uexWryckhsCqkfbdDnjti3CPfEOBWc6u1R9cI6oLZRw34NpY/4z/fuLAnxgjEgwLAQLG0am/tT1ySH/Cmfy,iv:aa5FNi/z0WnPHFsLUk3odDnghUq7YyA9U6nI71ug4fI=,tag:kd3TDY3mWiEEXsB9RopnUg==,type:str]", "sops": { "age": [ { @@ -7,8 +7,8 @@ "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2YjdYNFF5Q1VzQTZ0WU1z\nN2R6cEVObU9RMXdpd2x0Mjh2cmpvY0VvNjE4CmF5Sm1vZWRoOTFIY2pkQUVRQ3FY\nVEd3eGpCbGQ3cUpvTE9JdjJMWnQvckEKLS0tIFRpZDZ1ZGZKaXpObFhZVlNqV0hB\nT20rRGV6S3gvWkZLUzQzVVNGQWNGVkUK0bAeRuI0vb7MJTtpxuD56nwZAk39sHAa\njEhntqsV9ts1Vbw2f0mZEqDdzd64NTtDm/YIwygZ2udV27mXNhVUVw==\n-----END AGE ENCRYPTED FILE-----\n" } ], - "lastmodified": "2026-01-19T14:14:55Z", - "mac": "ENC[AES256_GCM,data:tNJ4mSS9ulh3sQ1X5ccoswadbnQVm0+3bbyai486ljw59IBkGbf3mo35Dc1PHZJB+zXoiAj7d+hhY7YGJNz7CJjunI0o4+Aj38aEMUa/VpdO0LX+7xTz+r2wX3zaDYbAI16klElXJ30Z8PyVSoGosbz5DbPAKFED7silxVfiPbc=,iv:KOWA4/+jKqbrghw+LW91UQj5+IWSYx2RSi76ew7uNZ4=,tag:znrx6hMqFu+lykXu3DCHMQ==,type:str]", + "lastmodified": "2025-12-04T23:10:31Z", + "mac": "ENC[AES256_GCM,data:gNsVWFrs92csjnRvhtXcKLuZUiHo9dxpFRLwjWz7VQSLeOBL4iv+Hq3SNyx4F69AC2nr9HL1QTLzX+444EhDYot0jLqOH6xz/FaQPf6OXKHg+Nr05MUe8X2QsLjodOW81Vv7HqIMypU5dyt0FBr74++9oEz6072AuFl5JAUWIvo=,iv:tGX+wUKvWYOnxVCTqhra7tg+r+TT8tyAr1tlRP2FkWA=,tag:WI5D0FTguiCJcrQh47qJow==,type:str]", "pgp": [ { "created_at": "2025-06-13T20:12:55Z", diff --git a/hosts/nixos/aarch64-linux/moonside/secrets/secrets.yaml b/hosts/nixos/aarch64-linux/moonside/secrets/secrets.yaml index c78d1a6..08480fc 100644 --- a/hosts/nixos/aarch64-linux/moonside/secrets/secrets.yaml +++ b/hosts/nixos/aarch64-linux/moonside/secrets/secrets.yaml @@ -16,9 +16,9 @@ microbin-uploader-password: ENC[AES256_GCM,data:20QOWTMLS7iTS/Q=,iv:EuUYcY1l4ykK #ENC[AES256_GCM,data:ZnMVMv6M,iv:z53BHIVvMUfYseftc6DTU9Mlb9ywEvNHv24TvIZiMFI=,tag:QdeWjrw0pmJsXYobADzA1A==,type:comment] shlink-api: ENC[AES256_GCM,data:XdfDJMjyhJyeqVB4RKgCdkWT2nYC/Pw21D8H/JzkGLuwGx8Q,iv:zucJGNLX8018gD34NL/BwTe0fPFucqpBtMCYXd3IGHs=,tag:/sN/ayEhUaCPmu6fS+mMHQ==,type:str] #ENC[AES256_GCM,data:R5mm4WAJww==,iv:6Uyb7Qtl6vt7nur/NLBlrVtKoPkF3ZjXdAhT24HW/ug=,tag:6X9b1zZbpHoEZmaYb9NQSw==,type:comment] -resticpw-SwarselMoonside: ENC[AES256_GCM,data:+kPee07ZmnAv4V0=,iv:gi7sdKO+WE8qTuYb3wbjgmVzRvmF8hd1h5vV9QDx+6Q=,tag:0/azZWAqeXcXCsmx2HkFmQ==,type:str] -resticaccesskey-SwarselMoonside: ENC[AES256_GCM,data:R9yj4NFFeZ/iU8Jwp5r3BwnZDy1eSWsebQ==,iv:8C05b7pxA7fJC1Mh5oAH1A5LtNYhZaZnQfAjZMURGtc=,tag:pSGpJrOy/i9Iq22OQPtU9g==,type:str] -resticsecretaccesskey-SwarselMoonside: ENC[AES256_GCM,data:8dp2FGgoJa5TBy2HFITO2to8Z4xoowzhLrCZVDLrAA==,iv:2t3CoVp/4+8xZvSjuMnq4d4nFugnL53HPv1r/odKGvM=,tag:I5zxggxsNHVovq8bcRs0Pw==,type:str] +resticpw: ENC[AES256_GCM,data:PcrDphqR5Pin2hM=,iv:lnMlqwyCvbH75qbL2eJYblmuFOaVMmbPHjZ5l0n2Glw=,tag:YUxadLufJ2VPghLded851A==,type:str] +resticaccesskey: ENC[AES256_GCM,data:DOp2cFy1Y5HyXcsQ5O3nsrEOQBtlQQ3P8Q==,iv:0X6HF9kbPNDmhtENHgFeOSHln6xlCf5DNJfqavucDWI=,tag:+THGH00yBT9RhvJtENco2Q==,type:str] +resticsecretaccesskey: ENC[AES256_GCM,data:qpPTWx16Z92cup6ACh2KQPeIk8KPasQB4e/SwxUxfA==,iv:EqWTKXXA7wyArlF+D33tKF37tz8/ORsjsWjRPYBWPqg=,tag:F21+4cL/cozDIene7UQcyA==,type:str] sops: age: - recipient: age18quey88vge7xytclg2nuq4ncme86dg04lxwczqxczmdchnjg3p0saehsnh @@ -30,8 +30,8 @@ sops: bURRem1aY203VW0ya0tZWUY3WTJLQ3MKonflaevgNP91G1cVgzoE6/K800kyG6BK Goe81HCYFfm86pzv5wV3/38j7fTZNeZnKwPFkMgEUueF1kA8J9V5CA== -----END AGE ENCRYPTED FILE----- - lastmodified: "2026-01-19T14:13:20Z" - mac: ENC[AES256_GCM,data:XKsR8Gp6UHhAfoOdRozMxoGtdhfV7b6ogsqlqiAfTsuUayVVK6fRIgy5no5jcNnyyN8zveH/QZS1kGpNSY24N0l4gBA3u5ay5fsS0HjfW5b7mNpasOttqCrm6RpY2ZDdTUmsk3F25QEsdc28fajURJKOazZSs78dbdNq1LdJK1s=,iv:TgLuYGZtxx0ZPPeR1M/NgV1Wt7f5V89KEFOpKSjBxws=,tag:I/CGHZcT6n9X8R2EYRbOYw==,type:str] + lastmodified: "2025-11-28T17:44:47Z" + mac: ENC[AES256_GCM,data:h3skmRhVfBa/W6GB35O3sHdDLmo/4VQ3rgFbltdweDP+9qbQv+6tduRGknGiQjnyuaGGVyPlEOqfLKzYjP8Jsx+XnprblNfD75yiGckBFQaBKhd8l+hfcYVRNTrKCWkFUrYXIfCWgbrXNmq47SHn0+TBedXRw+9LoSyqsRdIJOk=,iv:Js2C7XfOD4d5fF+Otn7xJxBw0Nfh1cB7oLjyCrUA9es=,tag:4flxdWSlXyslNErlEFM2VA==,type:str] pgp: - created_at: "2025-06-13T21:18:31Z" enc: |- diff --git a/hosts/nixos/aarch64-linux/twothreetunnel/default.nix b/hosts/nixos/aarch64-linux/twothreetunnel/default.nix index 34cb243..81c5676 100644 --- a/hosts/nixos/aarch64-linux/twothreetunnel/default.nix +++ b/hosts/nixos/aarch64-linux/twothreetunnel/default.nix @@ -37,24 +37,6 @@ "moonside" "winters" "summers" - "summers-ankisync" - "summers-atuin" - "summers-audio" - "summers-firefly" - "summers-forgejo" - "summers-freshrss" - "summers-homebox" - "summers-immich" - "summers-jellyfin" - "summers-kanidm" - "summers-kavita" - "summers-koillection" - "summers-matrix" - "summers-monitoring" - "summers-nextcloud" - "summers-paperless" - "summers-radicale" - "summers-storage" "belchsfactory" "eagleland" "hintbooth-adguardhome" diff --git a/hosts/nixos/x86_64-linux/hintbooth/default.nix b/hosts/nixos/x86_64-linux/hintbooth/default.nix index 6721ebf..937ec67 100644 --- a/hosts/nixos/x86_64-linux/hintbooth/default.nix +++ b/hosts/nixos/x86_64-linux/hintbooth/default.nix @@ -27,7 +27,7 @@ info = "HUNSN RM02, 8GB RAM"; flakePath = "/root/.dotfiles"; isImpermanence = true; - isSecureBoot = true; + isSecureBoot = false; isCrypted = true; isBtrfs = true; isLinux = true; @@ -46,25 +46,6 @@ "hintbooth-adguardhome" "hintbooth-nginx" "summers" - "summers-ankisync" - "summers-atuin" - "summers-audio" - "summers-firefly" - "summers-forgejo" - "summers-freshrss" - "summers-homebox" - "summers-immich" - "summers-jellyfin" - "summers-kanidm" - "summers-kavita" - "summers-koillection" - "summers-matrix" - "summers-monitoring" - "summers-nextcloud" - "summers-paperless" - "summers-radicale" - "summers-storage" - "summers-transmission" "winters" ]; }; diff --git a/hosts/nixos/x86_64-linux/summers/default.nix b/hosts/nixos/x86_64-linux/summers/default.nix index 8e08ce4..ad093b0 100644 --- a/hosts/nixos/x86_64-linux/summers/default.nix +++ b/hosts/nixos/x86_64-linux/summers/default.nix @@ -53,19 +53,19 @@ serverName = "hintbooth"; }; }; - restic.targets = { - SwarselState = { - repository = config.repo.secrets.local.resticRepoState; - # nextcloud stores all data in state dir and has no data that needs backup - paths = lib.map (guest: "/Vault/guests/${guest}/state") (builtins.filter (name: name != "nextcloud") (builtins.attrNames config.guests)); - }; - SwarselStorage = { - repository = config.repo.secrets.local.resticRepoStorage; - paths = [ - "/Vault/Eternor/Pictures" - "/Vault/Eternor/Documents/paperless" - ]; - }; + restic = { + bucketName = "SwarselWinters"; + paths = [ + "/Vault/data/paperless" + "/Vault/data/koillection" + "/Vault/data/postgresql" + "/Vault/data/firefly-iii" + "/Vault/data/radicale" + "/Vault/data/matrix-synapse" + "/Vault/Eternor/Paperless" + "/Vault/Eternor/Bilder" + "/Vault/Eternor/Immich" + ]; }; }; }; @@ -78,31 +78,59 @@ swarselmodules.server = { wireguard = true; + + nginx = true; # for php stuff + acme = false; # cert handled by proxy + + nfs = true; + # kavita = true; restic = true; + jellyfin = true; + navidrome = true; + spotifyd = true; + mpd = true; + postgresql = true; + matrix = true; + nextcloud = true; + immich = true; + paperless = true; + transmission = true; + syncthing = true; + grafana = true; + freshrss = true; + kanidm = true; + firefly-iii = true; + koillection = true; + radicale = true; + atuin = true; + forgejo = true; + ankisync = true; + homebox = true; opkssh = true; }; guests = lib.mkIf (!minimal && config.swarselsystems.withMicroVMs) ( { } - // confLib.mkMicrovm "ankisync" { withZfs = true; } - // confLib.mkMicrovm "atuin" { withZfs = true; } - // confLib.mkMicrovm "audio" { withZfs = true; eternorPaths = [ "Music" ]; } - // confLib.mkMicrovm "firefly" { withZfs = true; } - // confLib.mkMicrovm "forgejo" { withZfs = true; } - // confLib.mkMicrovm "freshrss" { withZfs = true; } - // confLib.mkMicrovm "homebox" { withZfs = true; } - // confLib.mkMicrovm "immich" { withZfs = true; eternorPaths = [ "Pictures" ]; } - // confLib.mkMicrovm "jellyfin" { withZfs = true; eternorPaths = [ "Videos" ]; } - // confLib.mkMicrovm "kanidm" { withZfs = true; } - // confLib.mkMicrovm "kavita" { withZfs = true; eternorPaths = [ "Books" ]; } - // confLib.mkMicrovm "koillection" { withZfs = true; } + // confLib.mkMicrovm "kavita" { withZfs = true; } + // confLib.mkMicrovm "jellyfin" { withZfs = true; } + // confLib.mkMicrovm "audio" { withZfs = true; } + // confLib.mkMicrovm "postgresql" { withZfs = true; } // confLib.mkMicrovm "matrix" { withZfs = true; } - // confLib.mkMicrovm "monitoring" { withZfs = true; } // confLib.mkMicrovm "nextcloud" { withZfs = true; } - // confLib.mkMicrovm "paperless" { withZfs = true; eternorPaths = [ "Documents" ]; } + // confLib.mkMicrovm "immich" { withZfs = true; } + // confLib.mkMicrovm "paperless" { withZfs = true; } + // confLib.mkMicrovm "transmission" { withZfs = true; } + // confLib.mkMicrovm "storage" { withZfs = true; } + // confLib.mkMicrovm "monitoring" { withZfs = true; } + // confLib.mkMicrovm "freshrss" { withZfs = true; } + // confLib.mkMicrovm "kanidm" { withZfs = true; } + // confLib.mkMicrovm "firefly" { withZfs = true; } + // confLib.mkMicrovm "koillection" { withZfs = true; } // confLib.mkMicrovm "radicale" { withZfs = true; } - // confLib.mkMicrovm "storage" { withZfs = true; eternorPaths = [ "Books" "Videos" "Music" "Pictures" "Software" "Documents" ]; } - // confLib.mkMicrovm "transmission" { withZfs = true; eternorPaths = [ "Books" "Videos" "Music" "Software" ]; } + // confLib.mkMicrovm "atuin" { withZfs = true; } + // confLib.mkMicrovm "forgejo" { withZfs = true; } + // confLib.mkMicrovm "ankisync" { withZfs = true; } + // confLib.mkMicrovm "homebox" { withZfs = true; } ); networking.nftables.firewall.zones.untrusted.interfaces = [ "lan" "bmc" ]; diff --git a/hosts/nixos/x86_64-linux/summers/guests/ankisync/default.nix b/hosts/nixos/x86_64-linux/summers/guests/ankisync/default.nix index 1359ff4..84c16b1 100644 --- a/hosts/nixos/x86_64-linux/summers/guests/ankisync/default.nix +++ b/hosts/nixos/x86_64-linux/summers/guests/ankisync/default.nix @@ -36,7 +36,7 @@ }; swarselmodules.server = { - ankisync = true; + # ankisync = true; }; } diff --git a/hosts/nixos/x86_64-linux/summers/guests/atuin/default.nix b/hosts/nixos/x86_64-linux/summers/guests/atuin/default.nix index 7d4eeea..6a0e601 100644 --- a/hosts/nixos/x86_64-linux/summers/guests/atuin/default.nix +++ b/hosts/nixos/x86_64-linux/summers/guests/atuin/default.nix @@ -36,7 +36,7 @@ }; swarselmodules.server = { - atuin = true; + # atuin = true; }; } diff --git a/hosts/nixos/x86_64-linux/summers/guests/audio/default.nix b/hosts/nixos/x86_64-linux/summers/guests/audio/default.nix index 5f2ddd6..114e332 100644 --- a/hosts/nixos/x86_64-linux/summers/guests/audio/default.nix +++ b/hosts/nixos/x86_64-linux/summers/guests/audio/default.nix @@ -36,9 +36,9 @@ }; swarselmodules.server = { - navidrome = true; - spotifyd = true; - mpd = true; + # navidrome = true; + # spotifyd = true; + # mpd = true; }; } diff --git a/hosts/nixos/x86_64-linux/summers/guests/firefly/default.nix b/hosts/nixos/x86_64-linux/summers/guests/firefly/default.nix index 26ba724..461ebff 100644 --- a/hosts/nixos/x86_64-linux/summers/guests/firefly/default.nix +++ b/hosts/nixos/x86_64-linux/summers/guests/firefly/default.nix @@ -36,9 +36,9 @@ }; swarselmodules.server = { - firefly-iii = true; - nginx = true; - acme = false; + # firefly-iii = true; + # nginx = true; + # acme = true; }; } diff --git a/hosts/nixos/x86_64-linux/summers/guests/forgejo/default.nix b/hosts/nixos/x86_64-linux/summers/guests/forgejo/default.nix index 5d1822a..f19dc48 100644 --- a/hosts/nixos/x86_64-linux/summers/guests/forgejo/default.nix +++ b/hosts/nixos/x86_64-linux/summers/guests/forgejo/default.nix @@ -36,7 +36,7 @@ }; swarselmodules.server = { - forgejo = true; + # forgejo = true; }; } diff --git a/hosts/nixos/x86_64-linux/summers/guests/freshrss/default.nix b/hosts/nixos/x86_64-linux/summers/guests/freshrss/default.nix index adf2eca..bde8bbb 100644 --- a/hosts/nixos/x86_64-linux/summers/guests/freshrss/default.nix +++ b/hosts/nixos/x86_64-linux/summers/guests/freshrss/default.nix @@ -36,9 +36,9 @@ }; swarselmodules.server = { - freshrss = true; - nginx = true; - acme = false; + # freshrss = true; + # nginx = true; + # acme = true; }; } diff --git a/hosts/nixos/x86_64-linux/summers/guests/homebox/default.nix b/hosts/nixos/x86_64-linux/summers/guests/homebox/default.nix index 3f338f6..062c0df 100644 --- a/hosts/nixos/x86_64-linux/summers/guests/homebox/default.nix +++ b/hosts/nixos/x86_64-linux/summers/guests/homebox/default.nix @@ -36,7 +36,7 @@ }; swarselmodules.server = { - homebox = true; + # homebox = true; }; } diff --git a/hosts/nixos/x86_64-linux/summers/guests/immich/default.nix b/hosts/nixos/x86_64-linux/summers/guests/immich/default.nix index 1a94a4f..86a4814 100644 --- a/hosts/nixos/x86_64-linux/summers/guests/immich/default.nix +++ b/hosts/nixos/x86_64-linux/summers/guests/immich/default.nix @@ -27,8 +27,8 @@ } // lib.optionalAttrs (!minimal) { microvm = { - mem = 1024 * 16; - vcpu = 14; + mem = 1024 * 8; + vcpu = 8; }; swarselprofiles = { @@ -36,7 +36,7 @@ }; swarselmodules.server = { - immich = true; + # immich = true; }; } diff --git a/hosts/nixos/x86_64-linux/summers/guests/jellyfin/default.nix b/hosts/nixos/x86_64-linux/summers/guests/jellyfin/default.nix index 85a3fb1..3f80bef 100644 --- a/hosts/nixos/x86_64-linux/summers/guests/jellyfin/default.nix +++ b/hosts/nixos/x86_64-linux/summers/guests/jellyfin/default.nix @@ -28,7 +28,7 @@ microvm = { mem = 1024 * 3; - vcpu = 4; + vcpu = 1; }; swarselprofiles = { @@ -36,7 +36,7 @@ }; swarselmodules.server = { - jellyfin = true; + # jellyfin = true; }; } diff --git a/hosts/nixos/x86_64-linux/summers/guests/kanidm/default.nix b/hosts/nixos/x86_64-linux/summers/guests/kanidm/default.nix index 776e2f2..c70f9df 100644 --- a/hosts/nixos/x86_64-linux/summers/guests/kanidm/default.nix +++ b/hosts/nixos/x86_64-linux/summers/guests/kanidm/default.nix @@ -28,7 +28,7 @@ microvm = { mem = 1024 * 4; - vcpu = 2; + vcpu = 1; }; swarselprofiles = { @@ -36,7 +36,7 @@ }; swarselmodules.server = { - kanidm = true; + # kanidm = true; }; } diff --git a/hosts/nixos/x86_64-linux/summers/guests/kavita/default.nix b/hosts/nixos/x86_64-linux/summers/guests/kavita/default.nix index 91d20a3..4a3027b 100644 --- a/hosts/nixos/x86_64-linux/summers/guests/kavita/default.nix +++ b/hosts/nixos/x86_64-linux/summers/guests/kavita/default.nix @@ -28,7 +28,7 @@ microvm = { mem = 1024 * 1; - vcpu = 2; + vcpu = 1; }; @@ -37,7 +37,7 @@ }; swarselmodules.server = { - kavita = true; + # kavita = true; }; } diff --git a/hosts/nixos/x86_64-linux/summers/guests/koillection/default.nix b/hosts/nixos/x86_64-linux/summers/guests/koillection/default.nix index b5e55c1..cbd5f2a 100644 --- a/hosts/nixos/x86_64-linux/summers/guests/koillection/default.nix +++ b/hosts/nixos/x86_64-linux/summers/guests/koillection/default.nix @@ -36,7 +36,7 @@ }; swarselmodules.server = { - koillection = true; + # koillection = true; }; } diff --git a/hosts/nixos/x86_64-linux/summers/guests/matrix/default.nix b/hosts/nixos/x86_64-linux/summers/guests/matrix/default.nix index 024399b..1575ad4 100644 --- a/hosts/nixos/x86_64-linux/summers/guests/matrix/default.nix +++ b/hosts/nixos/x86_64-linux/summers/guests/matrix/default.nix @@ -27,7 +27,7 @@ } // lib.optionalAttrs (!minimal) { microvm = { - mem = 1024 * 6; + mem = 1024 * 3; vcpu = 2; }; @@ -36,7 +36,7 @@ }; swarselmodules.server = { - matrix = true; + # matrix = true; }; } diff --git a/hosts/nixos/x86_64-linux/summers/guests/monitoring/default.nix b/hosts/nixos/x86_64-linux/summers/guests/monitoring/default.nix index b91ed1a..d015cb2 100644 --- a/hosts/nixos/x86_64-linux/summers/guests/monitoring/default.nix +++ b/hosts/nixos/x86_64-linux/summers/guests/monitoring/default.nix @@ -36,7 +36,7 @@ }; swarselmodules.server = { - grafana = true; + # grafana = true; }; } diff --git a/hosts/nixos/x86_64-linux/summers/guests/nextcloud/default.nix b/hosts/nixos/x86_64-linux/summers/guests/nextcloud/default.nix index 3fe0800..d8580b0 100644 --- a/hosts/nixos/x86_64-linux/summers/guests/nextcloud/default.nix +++ b/hosts/nixos/x86_64-linux/summers/guests/nextcloud/default.nix @@ -36,9 +36,9 @@ }; swarselmodules.server = { - nextcloud = true; - nginx = true; - acme = false; + # nextcloud = true; + # nginx = true; + # acme = true; }; } diff --git a/hosts/nixos/x86_64-linux/summers/guests/paperless/default.nix b/hosts/nixos/x86_64-linux/summers/guests/paperless/default.nix index 8381a04..74fe3a6 100644 --- a/hosts/nixos/x86_64-linux/summers/guests/paperless/default.nix +++ b/hosts/nixos/x86_64-linux/summers/guests/paperless/default.nix @@ -27,7 +27,7 @@ } // lib.optionalAttrs (!minimal) { microvm = { - mem = 1024 * 8; + mem = 1024 * 4; vcpu = 4; }; @@ -36,7 +36,7 @@ }; swarselmodules.server = { - paperless = true; + # paperless = true; }; } diff --git a/hosts/nixos/x86_64-linux/summers/guests/postgresql/default.nix b/hosts/nixos/x86_64-linux/summers/guests/postgresql/default.nix new file mode 100644 index 0000000..f94f5f1 --- /dev/null +++ b/hosts/nixos/x86_64-linux/summers/guests/postgresql/default.nix @@ -0,0 +1,42 @@ +{ self, lib, minimal, ... }: +{ + imports = [ + "${self}/profiles/nixos/microvm" + "${self}/modules/nixos" + ]; + + swarselsystems = { + isMicroVM = true; + isImpermanence = true; + proxyHost = "twothreetunnel"; + server = { + wireguard.interfaces = { + wgHome = { + isClient = true; + serverName = "hintbooth"; + }; + wgProxy = { + isClient = true; + serverName = "twothreetunnel"; + }; + }; + }; + }; + + +} // lib.optionalAttrs (!minimal) { + + microvm = { + mem = 1024 * 1; + vcpu = 1; + }; + + swarselprofiles = { + microvm = true; + }; + + swarselmodules.server = { + # postgresql = true; + }; + +} diff --git a/hosts/nixos/x86_64-linux/summers/guests/radicale/default.nix b/hosts/nixos/x86_64-linux/summers/guests/radicale/default.nix index 74a6930..aa70516 100644 --- a/hosts/nixos/x86_64-linux/summers/guests/radicale/default.nix +++ b/hosts/nixos/x86_64-linux/summers/guests/radicale/default.nix @@ -36,7 +36,7 @@ }; swarselmodules.server = { - radicale = true; + # radicale = true; }; } diff --git a/hosts/nixos/x86_64-linux/summers/guests/storage/default.nix b/hosts/nixos/x86_64-linux/summers/guests/storage/default.nix index 3531298..b6da313 100644 --- a/hosts/nixos/x86_64-linux/summers/guests/storage/default.nix +++ b/hosts/nixos/x86_64-linux/summers/guests/storage/default.nix @@ -36,8 +36,8 @@ }; swarselmodules.server = { - nfs = true; - syncthing = true; + # nfs = true; + # syncthing = true; }; } diff --git a/hosts/nixos/x86_64-linux/summers/guests/transmission/default.nix b/hosts/nixos/x86_64-linux/summers/guests/transmission/default.nix index 6afde67..e4e7bd3 100644 --- a/hosts/nixos/x86_64-linux/summers/guests/transmission/default.nix +++ b/hosts/nixos/x86_64-linux/summers/guests/transmission/default.nix @@ -8,12 +8,17 @@ swarselsystems = { isMicroVM = true; isImpermanence = true; + proxyHost = "twothreetunnel"; server = { wireguard.interfaces = { wgHome = { isClient = true; serverName = "hintbooth"; }; + wgProxy = { + isClient = true; + serverName = "twothreetunnel"; + }; }; }; }; @@ -31,7 +36,7 @@ }; swarselmodules.server = { - transmission = true; + # transmission = true; }; } diff --git a/hosts/nixos/x86_64-linux/summers/secrets/ankisync/secrets.yaml b/hosts/nixos/x86_64-linux/summers/secrets/ankisync/secrets.yaml index 7b604e9..8e3d14f 100644 --- a/hosts/nixos/x86_64-linux/summers/secrets/ankisync/secrets.yaml +++ b/hosts/nixos/x86_64-linux/summers/secrets/ankisync/secrets.yaml @@ -2,56 +2,56 @@ wireguard-private-key: ENC[AES256_GCM,data:oJkwX64LSXAaGXvEKbK5UPVtgFbFZSh9EQD3s anki-pw: ENC[AES256_GCM,data:CVZxqubgfojCeA0=,iv:Ux7k27srI1bMh3nBlGGkuimcJkKkmkjaNBph0X0o5vM=,tag:yUfVrCl1srD1V+3wXSbFug==,type:str] sops: age: - - recipient: age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u + - recipient: age1wmx8y2hs83j2u5srdnfxljrzxm8jtxl6fr0mq7xf2ldxyglpzf2qq89rpx enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTVmVIbWc3UzNvQmU5b0cz - Qy9wWjU2MlJQNWNFVlgrVEpJNE12SmJLL3hvCjhZN1JURjVBZVE0R2IwbXhtaGxI - c1U1MlJBMkdWRXRVM3cyUFdCQ3hrTHcKLS0tIGlFZE9Cc05qT0M2cXBRZHZ3L0lm - eWUxa0pZN0hyTjQxRWdzWlBjblh5ak0KmVuGpc7DA+6XZdxJDwHYrJeqs/2fMEUq - w9KscmTXOdWOjIQjexhvhUdKT3eodSEK8MD21K9ebdbyo6fht+xMyQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBMEM4alliWlBCT3VsbVA5 + OGt5bmQvZW1TaUNkbWtFdzVGNDNpY0hBOVhzCm84TldYNHBrU01HMlBkbGNwZFAw + WVk0T3FycVRHUUNtM1pTYkQ4Qmw3RTgKLS0tIE9LUlNEVjJHOGVIK1RSMmRXUDF6 + QlRKY1hRVzNTVXhESUd3OElXL2pBZXcKDWYoOzi2b4qeIbCVCfTj0lTW+OfbnsXB + 8MugCHu7+b+ju0v/lUP66jDW9/2AH4PzHtCNHjsafyzr2qnW8HlOzA== -----END AGE ENCRYPTED FILE----- - - recipient: age1kyue7mfvzuxprjz2g6ulz2mxlr57rgzg6lfpnrqedkelehley5ls3enwsd + - recipient: age1c2enwel9un28dcs4wg0vcyamx9a4a6g3walkhu8w5lqhmd804paq9d24as enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBqdlBYTnQ5NTZSd3V0enFr - QjhCbFNDYks4OGpYVnlsd2oyQWVNZm9raUhzCndCNUpiUytOVTFkT1E3bjZkSk1J - enNpZXBwWlpIMHRKSmo3cHNJaFJLVDQKLS0tIDFyQTcxV3Z5WXpPWU9yZVRabW5u - OSt4dklrQWphdDBvZmtTaHc3MVlQeUUKJJD3xPgCRNqqFxPTENXfUU0CP7Jtc4m8 - gJFyP/XmwC0aGNpU0iQbuBYh74m/0n3dWa39kT0RDuAVxg/dfWtSMw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJRWJXR2tYdEd4cTZsSi9l + Tm1pSC9pek5BakpEMlkwVTcrMlBuVzlXWUVrCmlnV0xJc25nL0twK3VCZ3FRK2x2 + RW52Q1NxWUhTUGY0NnQ0WEhLMWxIcFUKLS0tIG83eVM0KzdLQ004aDRKNTYvdmVZ + d3ZOSStBMFpSU2ZjNWhFRkREQWlUdmcKggVvLy1mLYGf8084RQtlipS4+z4dfPsN + HZfid0srwYnezlQ5qOY8/HrDLWHEyuZ4xFZVi4n0k49qBpNwJdmvyQ== -----END AGE ENCRYPTED FILE----- lastmodified: "2026-01-08T08:02:47Z" mac: ENC[AES256_GCM,data:bZ0SeyqYFrtn5P5lkuK1aVTKxoMVpN3+CHnvMFp+bIYW3eoDTEAey7otLh8psqS+0r9KnbsDTODTfVn2fX4xmRCI2bchflcJ/O6bnGhFjx0dVlmQXVzZg8LJe4+qvFxdGbwh5yXJnE503wdF5xN6xuvOBLa0Z5yOIsmd+X8c63c=,iv:8BXVbteOxr8ZA5Lo0sGN6JhFZF96gdwy2RjLMgfWPbg=,tag:pBCPHAUeleUaOCMJgGjx+w==,type:str] pgp: - - created_at: "2026-01-12T22:05:16Z" + - created_at: "2026-01-02T21:12:51Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAwDh3VI7VctTARAAvuxf0dkraa6xeMfzFlVXfzr0UB8Uz67oh9WrQ+HKIOJr - tFBvGqQn2jxMr1cQxfYLmiqDqcMCKkRUoTde+tlweguea2NlviHdie9cZe9BPFel - iz10v2cfGXLv608deaIxHPoXvr11YDm74EtXI3Jhh9q8WIsjjmH3sg/Aa92Y8P+1 - Bgc5lPI5lgtyQMUDTiJhLWTH05yfhSMZIbgemB3snxPY7gQS7IJ7a2j3smg/Yb+k - 9SFFl4l3D7Aml6K5ZHpAh1fgZmJWGev7qXMwii86g2B+tyY99cwgThlEKqHiTBHF - RaPo4oMHQ3UjHpOjwgD22wKunL3WJWJONA81ACInkyzPJza21CNtEqNLdElWymVF - IrK5oDDTEYlOfbDWFaJlAGAueTnZgHMMp6wDmLzmzkUDSfTYMoMiMoi9CzN878R2 - QA0CXa+8Jjks+lNqmzreoZjJN+Iwip3ojDo9oK7afx8cS+Gat5rU0oBY3lzUJkVU - 9Qo1Z5Td2AGUlrVVvpKDZ1BGuNpNgGVQjOLwysBfv2rFTCWE6feZXQS/He1sz+9C - n4+tHppw8DQMLcjGKOcWFQKooy23SJC6ozvEhV59nKU0S4WXsMIJBaAH9N7yGw+p - +gSZvRLELJyAy4rS73+JKDozxKd1D3m64HdkxCGky9P30kuNvz6AYHLD3Bp+OLKF - AgwDC9FRLmchgYQBD/4pMJqUXAs1grPDANrJULEH7LIRQEK6O+7FyBSrQvXgFICx - Cxagn5ErwDLxbJ6Wkx8vW8hfZ++N3eSVQz2UWMemvWxcakgR6HoAHGtjsmydSzAI - qMHuKTrap2hHRqAKW49R8/9ZVkAP8IitmhsVRw6HGNjMTAh2t9yNXM6yBFIwbKXH - y6LTrLjJ+MmFY2UvkqIx2qFZhgdn7AzNbHriGmE2vSAGC8HVNTIfymuEleNLciRV - l8uoUn81E5NC7OAokCAvBX5CjO3sG8ZP0+wqkax4F1xdiNo+piD5QEx3HbP+fQpH - hUFiw5ZBBMn8LZLTv8HlBXP2GkkaYUO00yjDxkFsws9PrJOs/h/pYi8olaFX5OF+ - o6cuM370tHyXC160aCOKGS5miED6yceT8ixWgj0E4jqyO4WP3RlBiu9OTOsz0J4X - ylFAHdT6Dzlx8q4G5GfjWtHXIjhcR4qOquCI/mk8WkVDDCaOXplme8Ja/EnGT/cj - KEqjebGOINZRW3e1Ip/QAzwXwxM34ZNo6ltBkPGe+QmYIpZVYpQ12mepItduaGXc - LmUxJMODx2p+sgEyZi9lyIFMq/Ny+VifZQ6ux68jPOTq7Act3JRs7irlg5W2BCps - iT/6YnGLvmQMMpEaGtN1QIuXNvpR0QxL0+5x3AxT/eu+3FXuzVDBmb2w3dpq+dJe - Ad1Ft708DUYEAjf05YPsNsS1RycS1rz+WBCx+4bku59v2EHLupK6N2jrXDJbA1YQ - F0RZ8HESgLy6SSZltZaTNfcT4dz5/RFJ2hmk7WRrhzs9k1bX9N8vdYPuc43fhg== - =HCKN + hQIMAwDh3VI7VctTARAAmvkQ9V14f0BT/bNdFVZtTlY4yVon37CX32SZPUcHV7o8 + Dya0sZd9tuVATSv79TnybscuNx95fkoZJwujBfAadexn2zY8zl1oEWEHx7p+8/mE + W8JbQAjbcbX9sNQYXc8kYJylBThmgNN/HXK7CGtgDFr9xnGzDBnDm/M31P1HwYBm + IdIQgFGErEt1K3xvw28Lk3tPuZLK3Y+H2Yna7RRF6K1blGJUvEnL6yFdA10/eFW7 + 8066mO26F2l5xFuktK0nNeniLHKa5VVYp8iM+JMhX38l0wiIi8pGyxo3uAjNpa0w + IfpCneEBe/yyaUPcWMjXmUG5LJe3kWUup8cSzvu01Z3W159/QsflxIMkIsklqhim + B2zuPdAlYsjjS/05DIHInN2IIB/rjADkQvXji1XYLhWJj4jxDeck/UIc6Q22TED+ + autlbl8d/5sqyO5ghPpShF/s0vMTqUfpXZrDrbuyDFqCfwi0ahP03bUsv20ZEz6u + zG3K5HuXHh7ATSppwuMbcv7vcjF1tkbo6XhWZDv0rY0DFWqiYhnxWwlFlGLxf4zX + g6r7Ca/E/YXG/eOET6M9DxwHjj0D7u/ryAkCktqPL9w8oNGarZQ/xMx0+ocI3byc + Zvzlmd63BtgaGNSxH3stK29KN3ED8cDkG/JzAxCATWiUBBkqW/ga4sGZqtLlSO+F + AgwDC9FRLmchgYQBD/9JbFZie25PO2CyELlUWm5SmJcugT9SK/mIA2fe1PlA+Gnf + 5z9iXraMSQchz4R1IoiixDhubwKeKp/auqhlOPvo58Lsi6iDR/WaLWabD+hcyAb1 + ck/f/PUzTLhlLcfu18VPfXVzfnky3dX8P5aS0WMLAQblj2RaaiHxnPqf49kXSn3q + VSJ0pr0nEsPuWtoCkHUAwAJ8X5GPXN2OD4YbHsNaA9h2vrJAxNd5+HNsvg8JtI88 + X/uMM7cWcaXcmNZOz166HUIPcJ5cabJ48Sv8sDfMPOcTiJkMiESBnRYTwdUcp08m + nGipSrUeW3pVOC1bGyukZb6sF84pTtCpqS+kOSfKFlxFFdAEcpzFIPuOMeo2dbKj + GSGPDemZFC2yFq883yk9/mZbgjOUsqrj0ZP3rCD5ZHpfUM5IxGQ+mKaOucTXYmif + lrTPMYnAc7pHxKZ87BgiKBYrfRAZvorLYKv8zG8YagAUw8iCtc68YUUdvLW9haQf + rwWCU1z+sszYSac7I57gfqICQhMUbs1n9S2Cn0C0xo4q2Lu36ysip4rEVGg6TmUu + znXYu+3orodw2TwC0tGxXHYKwmlr7EGnBCbdVKpDoCbV6cYkDYoPUFg0alqIPd5r + KCkee9MaCLLX7IdBrbLf1lkHGwSAs81GfZRMLBauM7/hn+hMUeIJnMbtJnVIB9Je + AdT2nSH06+POnjvxa2t0dUasnG/6ISBRSk6FgBBZ+pdVlrvaB4javgWGpiAWCUu6 + b2CMZF3HullmLj+wwAKlsZsIOXGICN5GeQxLHYF8Kx7Doj68Owu/zGM5MS+7XQ== + =wYdb -----END PGP MESSAGE----- fp: 4BE7925262289B476DBBC17B76FD3810215AE097 unencrypted_suffix: _unencrypted diff --git a/hosts/nixos/x86_64-linux/summers/secrets/atuin/secrets.yaml b/hosts/nixos/x86_64-linux/summers/secrets/atuin/secrets.yaml index d894aca..3ae8d33 100644 --- a/hosts/nixos/x86_64-linux/summers/secrets/atuin/secrets.yaml +++ b/hosts/nixos/x86_64-linux/summers/secrets/atuin/secrets.yaml @@ -1,56 +1,56 @@ wireguard-private-key: ENC[AES256_GCM,data:CBL7h5Ip5Fp5tnY0Cg5iRC2MKlPjh6DG9BRVHbD6wuTO/EAV7O/OpSXxxG0=,iv:WnBTR+0GwmUO++JhMd/2alVuIPhXBT50Qwc7Z9umVC0=,tag:4j5ieGF0gedQUD8SWBEQ7g==,type:str] sops: age: - - recipient: age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u + - recipient: age18cgqlely56hgmhscllkmafwpjdk6dwep6ej3vkk97dzemp8jtuksqrrjjl enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBLb3VuQTBmWXNrSkVQcGZy - bWlSRDdmdUVGYVJ5d1Awc2orMHc0VDdTUDBBCi9ncWU4NWd5R0pqMStvb09NR0Nr - NTlNc3R3YnNmUm5XU01jVmd6OE8vZG8KLS0tIFNqa2xtVk5zWmJTZC9BbGFLQzN1 - aDNGUWo3Z1grUkJqbGlhV3pvNTNVREEKEito29fzKN6Gqzp2z0ZSfeTmYXnvTJGL - CZOLeeXMuaUf0jRD2hZnAJgGpglMjM4rIpEBvwCBHAUUN2/Nh1ONkA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBsQjFBcFdBNnB4M1NnT2FL + R2JJd0tKME9IMXZzdS9XckJGenNZNUFHaTBNCnJZUzlNdHlJbUdJeklSWDZmS1lI + MHNTbmY4Z3pvNmE1M213QlNGOVhnWVkKLS0tIGNRQkIwZklxRkMxVHZnZXJldlNy + STVlb2VUNlJqMktneTE4SlhsdEVLaW8KmPgkeyA3S4BI2zaU2QCcpAXrkG5pRMZt + 5nVp+cIBVipDRak+ZmFWpghVUAd6J4rlW/U/t+S6mzRfP8Ni83zOsw== -----END AGE ENCRYPTED FILE----- - - recipient: age1qpgj3ell93rzkpjq0ezs6t669ds3nyxx67pj50smx597pspz6fqs4jc6pt + - recipient: age1nanlervuderw4qskcuessycqy2yfmptl6nym9scgp9ky2265ssmq3u73r0 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwb1Z2cVNjVHNINkMwZVhm - c2dVUHRicWJBV0k3dU11QnpLUVk0c05FV1VNCkUvRS9yNml6SjczMGF6c3A1VWtY - cjlTNGl0NkZmNXFKWmRVU1ZlZFdKTk0KLS0tIHo4TmxrYm5scEdjQ1V0RXVHYmFy - bjE0WUoydVRRWDRHRkJtTEtGSHZVRDAKhsuhfBoI1I7pi/DBs4pMSiNzZ3qa23IH - Px5rvj3lMqvBuUHUhKaYIKEs4haNW7lKdVTQt2KZLZ6SUwAhmKZqLA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHQkZmRE5YRlVMZUsrano1 + K2VaNnQ0MlVhamx6TWtNWEFtTVczT2tmc0U0ClcrUHJJa0NLR3pYV1JhL2R4ZFF3 + TDE1VFNVOC9tQ01ydVdGTHlHcDBwRlkKLS0tIEpVOVVGZVNMeUJlYWQzc1ZuSzR5 + Q2c0eG9Jb1pVZWpVR3FzdzJXMXI0TTgKQ5u0O365QUiNPXsopBVSwwhVLyqGYp3i + 16Kbj4C0S7tuRzOQObuHgd8zlvgNM+qmqQ7J1mf5VNLn57jLcfYgGQ== -----END AGE ENCRYPTED FILE----- lastmodified: "2026-01-07T13:36:32Z" mac: ENC[AES256_GCM,data:TQWNPos7lbjMFN3w8gMUBdik0YqMjW6Wa0qBPHwrnnJZvpOJqzKBmKK4boHD/7kvrOD3yo7RKdp/n2gAJBa0+atSdV6LLf8gFBPOHFa6YWEu2adOjtayDetQiCy8G9ygjC4x/RDt25SUC/+UbgeKuoMKsjN2lOZFe+/zwAYpF0A=,iv:6l9Ev9WQZQMrLhC26z6ydBmbBtQJpJHBM/s97X6I3hk=,tag:QTQVTjOz+R19xWgWOfWC2A==,type:str] pgp: - - created_at: "2026-01-12T22:05:18Z" + - created_at: "2026-01-07T13:15:42Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAwDh3VI7VctTARAAxBmEq+L+C7Oq0wjXp5pWt76/ItnTLuvY2LryA17mhIzj - 9g3/dAtwD1nUlWPVku7uEC+bBgb1N5jNMgo+D/9gpgT7xTwLBPP6lTdZDOlcLr+F - DF/IDuFJ7nMIbKQ9Q50wuGxppV+OscmYhOYZO4Q1VYydaVFiOa7zcwOQk9a9w09S - l67YN5FYU8jk6S6RDq60+kOHtMIIgo4321QBgq8bQtzpdz6ikQXZG12zfG0R6wqT - 66JiBF2e/EfAdWN92yZtDCfsDOosxmKnz1HNe8thHKOAAN2xXyV0lSKgJ5X80Wuf - WGb9vLKpyl3tkAqf6RLumvZjTm3CY1YAifEuNmvxLL1JKvr2dOatnfV8EurpDji9 - N4RTjDAdSZPKVzzv5bL7BzeJjlIT0zKP96IkmAGFCpMhrrQVL+qxs0Ov+xzYR6uu - bQc38cvIdE3xYclY6dMLwdBpAyb9uij0nb9p/wuNmLYkV1c1tOcErwq80Uban3v5 - YgQ6MaJ6sNYSQNDApxZpsdLi7TG25Pm9rDM4OCbUXIyD6CrHuI/S4kfoCAOv/CcI - 1SCmQIhqkc+tc4bRYSA3vnZ6pRDCzMI16xI4rc1D1gH0Kk5d8eeFtwICKFPh7IAH - p1mfDbkMg/P7yXuXh779YWUzT/p18Z8PErCvVIp5YldF0TMGjlDOTFVZw0HvHFqF - AgwDC9FRLmchgYQBD/wM5Jz6VXbgn52zZ4FN9JNRW6tapuWy7HDmlOrZSMmWPmeX - 5VVDjHZ2o53J21jI/Mm4QZsoKE9+C2JTFDFIOvDeGzrvGF+VTE2EdNGLtU9HzjwK - 0mFnSo0GzSoo6UtrhdI6E6Fa/NjoUXI7n7A8m4Zg87Iq+UrVmiT/DKC9+7dV2zWg - JqZIHmGMItvNTuoUcMZmYG1AQt7dke1eE8cmGyxROLRz+z4laB54pBTIlN30p9Cj - 0f+vqetUwYchZm/Zu8FRPAxD/+WNLmVb08CGU1uO98aE5e6dcglGGX3qlmJZXdbS - XIwTUGEtnQfwDE1FdHdzJGmvnnNUqGRP1/Ld3GMUOcQkqiJa4qgeb///oVBqd6uh - Kfr52CPVariPIfuUVs0nlfNZMnbgo0vN7ri3Thn+IVfIuV4IBp2GXnilbzKyoyOj - q+xDuz6GkUt5bNFAzh/e+xTvXC353F3MBrxuwJ1bQ67mhEUsDwjf2AO1biejLelK - nYID80VWhSFlvmLXuwJpuB87D4CiwqMJeFwzK128VYjxk6I9p4H/4vmhGhkIDqRB - t+vzjK9eTFXdUGz1TJAiIjE3DcQHJpfMfIoVbVOamfROGlPu97owiDGFonQf3XWm - Rgwowom3qmEL17zziCqAQ7i0YxYVo4322vI/IC7u42JZjs9AK3vJdm2Vo5iCkNJe - AVLhenywDkZRvIfNlz5HdV/HdNAl8VvOWoDZGADwTM5r/n9d/6CQkk2whE/uGrMT - i5NaKF8Zgv1CteuAPiXsZsIZsqW5W7neOFeYwToaQT5mOLM5UD9Ev2NZh9RzOQ== - =FbVY + hQIMAwDh3VI7VctTAQ//VjPq0XFqmIXs5IQqTnCCYVYYF93wOrBagxx2NjI7/f4B + pOi0v2a5DJyBAgntCLTCP+AdglEz9QvbFOcDPseFVukmg6c20YYaI9gsq4wI46JW + Ws3j1nHe8nsh6TGJEpHw8Tmx9YrNymXaiwMtpsCfFvEhKrauscSvU4D2WTR2XrTH + nMmLZZkeZ/i3upivrOIMlrogBMN0/Zv0Cb/LBW9ifXen+Rq6LieYuHwJjOtyL9Vj + gpUzqVNutBwlLpoDbb+mRMWUl4G0rVckB6CIsuoKL8YXZEflWF4xO4jxBoa9OIGh + ty5faencnlUWCg/e1NwdoD1U55Qu2Qclu3sfPh4eIdIjcJ4AOhWlfAvybiANiJJO + 7OOALbo1/JJTv5cghVOtOhG7xG5g43WwqH1g9uV1cpUhvyB49Sg28b2qIvi4j8bj + zv2jMj3yceWstAmnqBW3CSWzO2b0U9+k8O4xUo3eJ7Qz1rn5rR1gfsYRT6o7+ev5 + VFRBaY5ax/y3/hxCfvXHsi+ZkvKfoh9a0t2zZrSU9eNxkPNoQTEDqqag0+/+aIJ3 + kesULKl1aANNlk7y2K/B3Ycwta/zSN4lAmMUM1v0H1TlgXBsrQHbv/7gvtrmIcBS + i5fiS4S3o5PEv3dj00LRHYI/mc/yGiwrn0Lhdn5unE8HiQx9f4o4iopE+Q4foIOF + AgwDC9FRLmchgYQBEACGP6RDBC9VrrJqwqXHba8GTgKvjvm1NdHVkswtbBEjTjRp + UCV19Tv1XLBF5jw9eom4ltTgf7PnOxvgadtTptGbT5/TzTPp6nFmAqjOwbyb9OZ5 + VQ4vOyJYXyTokrPAAO1zVEFL3dWVgeZbaGBCD+SoP5I5MkHBTvOiNySZajjyMMzd + rdLwx0HGYHVqhYs9cz+kBitPHino1rFvgWXaWGOb7Oi1IrxIF98Qt/xekST7MK4w + zXzVU1KJBbInvOzx7wISSknK3R5TeN0WIxRZgADgKa26nc18UrzBggx8l0iach0N + GB2vUsiNRT4DlEOG6qDrA1PlYpSWvV15pH5yoUF9bhSWQCIxpO9BOEI8DJ3FnM1l + cjA4GcoaU/4eBQdsW7cJ6I6w/8nPHQbrCjZ+XHQ+a6n6RBK6oNdvj2fnjXy8KwV9 + o9xd4w0ogDoN6h3qjlUxmYqTeZOw8cHNRVcG5fGNPg6jkZINqeVemh43sjeSt0qu + fMum7u4lFFrUElJasFec6SMDPgssMf+9VKpBDc33+hiY/g7i65zeTbfFMojBmt+O + 7MFSguUeQZi5ULxj7FWXLdpnl3nfXK0mhRbuoG071Byo4zMUfNVdeTInKlHxRiPa + rgXqrAJHoWngo9AKuNVQ8VaSE4lPCz2yrmsCHNkRkmNuGwu8lJgLGSEIvzXaVtJe + AQy9uc7cH1zjV/t5MdU8AThSyWnKCp8S5yAAaNAWc1zBj3xrqXuzTJurK5EbwGnt + i/r6xnHZtVW03VXM9KU8VvgV0mJHgEiOu5IjLpGq/16b2Wt8xBn5FI/a7hsO7A== + =DDOY -----END PGP MESSAGE----- fp: 4BE7925262289B476DBBC17B76FD3810215AE097 unencrypted_suffix: _unencrypted diff --git a/hosts/nixos/x86_64-linux/summers/secrets/audio/secrets.yaml b/hosts/nixos/x86_64-linux/summers/secrets/audio/secrets.yaml index 52112ca..4c058cb 100644 --- a/hosts/nixos/x86_64-linux/summers/secrets/audio/secrets.yaml +++ b/hosts/nixos/x86_64-linux/summers/secrets/audio/secrets.yaml @@ -2,56 +2,56 @@ wireguard-private-key: ENC[AES256_GCM,data:9elXuNwaA1gJ/KtVnlkFbovrDGmPUfiUAlzej mpd-pw: ENC[AES256_GCM,data:prKWr8XWo2jc3DBwqMcplwS5tUadHx4RWQ==,iv:jmUj+89dCc3cHjejikTfYIXlEI1K2/Uy3uSxzcx0wbk=,tag:/hXqt2ZH9pU0IY0gMmPl+g==,type:str] sops: age: - - recipient: age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u + - recipient: age1wmx8y2hs83j2u5srdnfxljrzxm8jtxl6fr0mq7xf2ldxyglpzf2qq89rpx enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkVFhPK0tVanQza3ZRZFRV - dVppUzJxeDF0T3Q1bVhwRG5LUUxjNmJuYkEwCkIwaW43WUJQeGhIZU9na3J5VGdv - MUZkT0c3TjhleEkxT1pTYXJEZlk5WUEKLS0tIHprTm9OUGVBbHVCVG5LcXdiRitO - WmNEZVAzb0Z3VmlJdUY2MmoxcS9FcGsKWX4LJd/06YtoplqG3gnXdn8Q3T/TXELM - WxGx8O0tFwCSWsW1qenMWtmHc4hA5edhdgpNY0Qng1KKc/8/IKibtQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBMEM4alliWlBCT3VsbVA5 + OGt5bmQvZW1TaUNkbWtFdzVGNDNpY0hBOVhzCm84TldYNHBrU01HMlBkbGNwZFAw + WVk0T3FycVRHUUNtM1pTYkQ4Qmw3RTgKLS0tIE9LUlNEVjJHOGVIK1RSMmRXUDF6 + QlRKY1hRVzNTVXhESUd3OElXL2pBZXcKDWYoOzi2b4qeIbCVCfTj0lTW+OfbnsXB + 8MugCHu7+b+ju0v/lUP66jDW9/2AH4PzHtCNHjsafyzr2qnW8HlOzA== -----END AGE ENCRYPTED FILE----- - - recipient: age1f63r2klnpfxmntswz5xydpa75ckgjqcs2yzkm0msqwqgz9aqgu0qwzr659 + - recipient: age1c2enwel9un28dcs4wg0vcyamx9a4a6g3walkhu8w5lqhmd804paq9d24as enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5eUkrL1Bja2g2TDAzZkpr - Wm1IalhEdWNlTUxyd1lqL21pNWtZZmVhTUJFCll2V2ZTYjd3Z01vT3NQTTBpMk1Q - cGV5MjVuQjg0N3VvSzB5OEZnUzJDOVkKLS0tIG1hWCs0K0ptQ0N1WkFPNGNnRVJo - dC9HZnJuUGF1TElMckhTNS90VzBxVTQKt9wAUfJRc7fFLwzOiPN5ilDCY/nl1DPL - 0KGjEPHfATki2sq7pIjAeY7J2LWwdnxLT4/mdj0xCltPB4zCpvEFqw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJRWJXR2tYdEd4cTZsSi9l + Tm1pSC9pek5BakpEMlkwVTcrMlBuVzlXWUVrCmlnV0xJc25nL0twK3VCZ3FRK2x2 + RW52Q1NxWUhTUGY0NnQ0WEhLMWxIcFUKLS0tIG83eVM0KzdLQ004aDRKNTYvdmVZ + d3ZOSStBMFpSU2ZjNWhFRkREQWlUdmcKggVvLy1mLYGf8084RQtlipS4+z4dfPsN + HZfid0srwYnezlQ5qOY8/HrDLWHEyuZ4xFZVi4n0k49qBpNwJdmvyQ== -----END AGE ENCRYPTED FILE----- lastmodified: "2026-01-08T08:00:54Z" mac: ENC[AES256_GCM,data:QMkeCVeiq7+b4ft6ykag3VO5FDqIQp0hsBTnSEduYiA0FIR4QYmDhGVHUipUSZH/xllflxMv/CXNQqtW852LWWy8PXn7GzEXn3nEjRBZi89sEOoh03I6SfQMDWYR5wjKBy1hL7e8dZfEGONZobViM7U9YynEFqYpkvd1fK97DB4=,iv:MbchKNzaDBMF/YbBxkEUwxA0Uc/+fju4dgl/28trVV8=,tag:VwfuskgULOyBdJmJ2LCVxg==,type:str] pgp: - - created_at: "2026-01-12T22:05:19Z" + - created_at: "2026-01-02T21:12:51Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAwDh3VI7VctTAQ/8CK6XOO+aso5SPpmPytXSyMW0D2GPtsQGloehxIeSWcSC - oUKgC4PuiTB3RBKIrYkySo3a/5esJoCvB9U2oShIf8ONHHvdrqIU6+gl5n/4LcOo - V7vCy2qYs2qZkch/4KRQYDUsBbGomoEoOVachvrI5EQLViBcZ67JUiaX2vlrmycU - udDehrw9BeHWLPZ3B2cmVH4IH3ylZqFtU8xzV770IKqdCirbv5c/Rz8XynpIqKZv - dzzXIjVvWp/n0C9nLuNWj2XYFTSSDE//k3hXQ6zDXnuAM6/1tlp8Ym0/CxpRe1cf - rx2XKa41J3Tq6kJK5d+BKY2TzC9rimO2DAvvDe1dPYofQd/YGmXMII71j3xSitsm - MCyR9X4fA+MiY89kf+keAg/UggvyBPitbimvUJXiuDuSRdkMxPnpP7cNYnzPdyy+ - DK6nqujDsw0JvRGyP/vvMk50hmniJTVtJtg5g6VOrfZ8wVN/8lHqe75oTy4nr2Ai - /0vKWMw78K8xsD/Sok1T9KDquov5DpLz0r8HnbfpRShSOzHOsFAgAjJrVjTeDMuy - 9ZayxRVv9TLw5SDUmeCJsiiYjzySHKxw42qAVBb8XDRMTZXWoDczG0qtTpB6HhJj - ZNBpOTttnaKJDz8Njsdw36zEJnxtyRWGeR35g38ikrzaKJTUvRPx0f91D/o4kZCF - AgwDC9FRLmchgYQBEADLSYEbTJgmYy8eE5ut8SldIpx0FNlZ50cDsbX3SB7H0+Lh - nEhy8TFRm9nj0Hu839EpnmS7fydlV+ba+NztIFk7NvrDt6vsf2gETO1NJbOrGv2X - iDIX1fuSZPO0MGdX4Jtj3tgSbT3LR62mLZBwdDl45PaT27E1Kf/2N8FYcZVsU/Fw - CFxngjVm8vngjBMOBLRumG3LOzgL+AUMjfJNrIkPwCqrfvBfuAZR8QQbpnqbIMFn - Qko/qYQKT0Q7+Gc5VC6nqITuG1UegDTolKFKncr0CG+tV6ydvvMpp7GYhDv2iFrS - GK+Lc2QHnS1uzb7gWoEbemwirJ9jax1Vs51pTwH6JuxMux4CKx2V5xDhvjKqbutM - l7qGVJdfnfe7uooP9mPZMoyhbm1rzkQzN1yXkkEVl8v9QMNpCTSC/Z3WSJdhnXTT - WCz3XgOZNld8xfyP/DvmBOSIx1ywhVxPiWPcMRU/bQMFwKrapmDqEeOCT8cm8yMt - FIpBxzD/DO6qgcegWPgNPhs4GYrIxRIBUloinvDPDj1qPX0wAk/4LVm8UTG32Mo/ - oyBVWu6Z+OpqfOJqIjapRwpYcaZj3GPgJR7qt6JK+uSSHQZQdBdhXtBCdIivlRjs - qkn7YZqLYC1Xfo9XbC9aQDZNAaQcxxM4bMMJCkJiTN76kIl35XLG9ggUff8ncdJe - AbcUeV780SsPhEVmokT8Dl2QwJ9ndA5IVoYue7SA4/Aaj/iy0nlMMUSWi0xzoB+d - Ztu27YrQwkHeFSoVeePm7kNScQsz63mByZn8s8n1Cu9gKO+Klo7ewMLgjkhPfQ== - =WLga + hQIMAwDh3VI7VctTARAAmvkQ9V14f0BT/bNdFVZtTlY4yVon37CX32SZPUcHV7o8 + Dya0sZd9tuVATSv79TnybscuNx95fkoZJwujBfAadexn2zY8zl1oEWEHx7p+8/mE + W8JbQAjbcbX9sNQYXc8kYJylBThmgNN/HXK7CGtgDFr9xnGzDBnDm/M31P1HwYBm + IdIQgFGErEt1K3xvw28Lk3tPuZLK3Y+H2Yna7RRF6K1blGJUvEnL6yFdA10/eFW7 + 8066mO26F2l5xFuktK0nNeniLHKa5VVYp8iM+JMhX38l0wiIi8pGyxo3uAjNpa0w + IfpCneEBe/yyaUPcWMjXmUG5LJe3kWUup8cSzvu01Z3W159/QsflxIMkIsklqhim + B2zuPdAlYsjjS/05DIHInN2IIB/rjADkQvXji1XYLhWJj4jxDeck/UIc6Q22TED+ + autlbl8d/5sqyO5ghPpShF/s0vMTqUfpXZrDrbuyDFqCfwi0ahP03bUsv20ZEz6u + zG3K5HuXHh7ATSppwuMbcv7vcjF1tkbo6XhWZDv0rY0DFWqiYhnxWwlFlGLxf4zX + g6r7Ca/E/YXG/eOET6M9DxwHjj0D7u/ryAkCktqPL9w8oNGarZQ/xMx0+ocI3byc + Zvzlmd63BtgaGNSxH3stK29KN3ED8cDkG/JzAxCATWiUBBkqW/ga4sGZqtLlSO+F + AgwDC9FRLmchgYQBD/9JbFZie25PO2CyELlUWm5SmJcugT9SK/mIA2fe1PlA+Gnf + 5z9iXraMSQchz4R1IoiixDhubwKeKp/auqhlOPvo58Lsi6iDR/WaLWabD+hcyAb1 + ck/f/PUzTLhlLcfu18VPfXVzfnky3dX8P5aS0WMLAQblj2RaaiHxnPqf49kXSn3q + VSJ0pr0nEsPuWtoCkHUAwAJ8X5GPXN2OD4YbHsNaA9h2vrJAxNd5+HNsvg8JtI88 + X/uMM7cWcaXcmNZOz166HUIPcJ5cabJ48Sv8sDfMPOcTiJkMiESBnRYTwdUcp08m + nGipSrUeW3pVOC1bGyukZb6sF84pTtCpqS+kOSfKFlxFFdAEcpzFIPuOMeo2dbKj + GSGPDemZFC2yFq883yk9/mZbgjOUsqrj0ZP3rCD5ZHpfUM5IxGQ+mKaOucTXYmif + lrTPMYnAc7pHxKZ87BgiKBYrfRAZvorLYKv8zG8YagAUw8iCtc68YUUdvLW9haQf + rwWCU1z+sszYSac7I57gfqICQhMUbs1n9S2Cn0C0xo4q2Lu36ysip4rEVGg6TmUu + znXYu+3orodw2TwC0tGxXHYKwmlr7EGnBCbdVKpDoCbV6cYkDYoPUFg0alqIPd5r + KCkee9MaCLLX7IdBrbLf1lkHGwSAs81GfZRMLBauM7/hn+hMUeIJnMbtJnVIB9Je + AdT2nSH06+POnjvxa2t0dUasnG/6ISBRSk6FgBBZ+pdVlrvaB4javgWGpiAWCUu6 + b2CMZF3HullmLj+wwAKlsZsIOXGICN5GeQxLHYF8Kx7Doj68Owu/zGM5MS+7XQ== + =wYdb -----END PGP MESSAGE----- fp: 4BE7925262289B476DBBC17B76FD3810215AE097 unencrypted_suffix: _unencrypted diff --git a/hosts/nixos/x86_64-linux/summers/secrets/firefly/secrets.yaml b/hosts/nixos/x86_64-linux/summers/secrets/firefly/secrets.yaml index c9a2874..8be7ce8 100644 --- a/hosts/nixos/x86_64-linux/summers/secrets/firefly/secrets.yaml +++ b/hosts/nixos/x86_64-linux/summers/secrets/firefly/secrets.yaml @@ -2,56 +2,56 @@ wireguard-private-key: ENC[AES256_GCM,data:PGK3JHj/xacJgxx6Ubwz/3bQlE2hYQXM6A2Lv firefly-iii-app-key: ENC[AES256_GCM,data:Wu/gr1vzVcRXm96hTvSO9bIRsvZ//2ZsTVJ9igrPU1h5dGV0fkI4rwQfb+5zhy4f56Na,iv:5+c0DYC0qVNRQMwibCpWfN/ZIiDUTtjXhKuZxMq+qs8=,tag:Jx2axAZr95/EqvH2gl+rYA==,type:str] sops: age: - - recipient: age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u + - recipient: age1wmx8y2hs83j2u5srdnfxljrzxm8jtxl6fr0mq7xf2ldxyglpzf2qq89rpx enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJWkVMY3FMV2poVW4yMkpP - OE9idHFvd3RxOVM5QVp6RU15R01ocVpZalh3CjRuWGRwektMa0kvZ21ucXRCTnFL - TStZSHdLOUhjS2FZYkNJU3dZalhkT2sKLS0tIEhpRTBMVjZzcHBjYkdnMFhxYUZR - YVhteGpyM0szc3hFOGdlOG4zTzVPVEEKij1r1aB2Z1aSN7kYB+ZS7GExkSOzv6NJ - AdMEkwaO3v0zdPh1CM+4d4MwTDhtwUoRwkBjN8sbCPrPozp7wZz+gQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBMEM4alliWlBCT3VsbVA5 + OGt5bmQvZW1TaUNkbWtFdzVGNDNpY0hBOVhzCm84TldYNHBrU01HMlBkbGNwZFAw + WVk0T3FycVRHUUNtM1pTYkQ4Qmw3RTgKLS0tIE9LUlNEVjJHOGVIK1RSMmRXUDF6 + QlRKY1hRVzNTVXhESUd3OElXL2pBZXcKDWYoOzi2b4qeIbCVCfTj0lTW+OfbnsXB + 8MugCHu7+b+ju0v/lUP66jDW9/2AH4PzHtCNHjsafyzr2qnW8HlOzA== -----END AGE ENCRYPTED FILE----- - - recipient: age17328xwk0z3znalpmma5rvp0lt5ghn5p8xfvnrtdxwsw80dqysacqj9j37q + - recipient: age1c2enwel9un28dcs4wg0vcyamx9a4a6g3walkhu8w5lqhmd804paq9d24as enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJYkFhWjlucDByY2U5M2R0 - THZhNGZOTEdwRW4rR2hqQ0t1anBydnpzaXhnCkZZbmt2MEZSSjdwUkxKVVlaNUpr - Qkp4OUVVd05jZEc1dSsxdXpZV2lSQkEKLS0tIHlNMzNlK2xVcVJVSVBlTGxtWUND - MU9HcURLQXJVVnhUbkozRUNYZDdjU3MKXGFS875yubuu5HJE5Iu1QMzdSM3BsnkH - YytEKFSIXQ+8Seu6lYSkGvdHgE3V7AQ8iamtWbO2Q7/6tUBw8EQ78w== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJRWJXR2tYdEd4cTZsSi9l + Tm1pSC9pek5BakpEMlkwVTcrMlBuVzlXWUVrCmlnV0xJc25nL0twK3VCZ3FRK2x2 + RW52Q1NxWUhTUGY0NnQ0WEhLMWxIcFUKLS0tIG83eVM0KzdLQ004aDRKNTYvdmVZ + d3ZOSStBMFpSU2ZjNWhFRkREQWlUdmcKggVvLy1mLYGf8084RQtlipS4+z4dfPsN + HZfid0srwYnezlQ5qOY8/HrDLWHEyuZ4xFZVi4n0k49qBpNwJdmvyQ== -----END AGE ENCRYPTED FILE----- lastmodified: "2026-01-08T08:02:26Z" mac: ENC[AES256_GCM,data:lqey6BT0Wf/manMLp7LyApRqtnerCHrPndo3w/9i3GBkpWeas9JLx6+sXZFdodc3tLjA00FF0MLm0sjDSWSz3fDfSclVNEYWUdrspH9W0a6p95GAdclJARna9ncVG2pn+Hk1QoD5EjEhvOayz2A7e3yIO2aBh8U6coc21h9L0lo=,iv:n68z6eL9UYI28eBJzYe+1QLOfkE4Fba69VgOCnFVELg=,tag:a6jli1+cn8s0Mlg65sVy8w==,type:str] pgp: - - created_at: "2026-01-12T22:05:21Z" + - created_at: "2026-01-02T21:12:51Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAwDh3VI7VctTARAAmUd73XL+lkM83C7ysNjtPbfHXiTVLUu1rgd9zyfM0iiY - yZ+t0FbgQ9fiRTz7myrry/EYTVo7iCWZGS+v6qYfXvOdQfRdn+0///VHZS3iL60+ - V3/idjs5029dpxQg47FS1DzwKs/Vyz8VEJz7ppOHFsuwE3Mb90+W0dccfXqE/MG9 - wCfidUaP2CQVtjcLQRUSpk7kAUONZF81nWQfLcR0jJA00hlyjNKftKTasEPouiWB - QbkDkvTLYZg+2PbCx7r648BlWlR+7gDhjanDZi40i+CarmUD2zutscza9hx8H6JA - 1PzYZ2BgW/A8Dogtmy6iJ5INB4Eyd9FiIr/CG4wizWbB6a/0QY8V9+iAI4aflvoU - 6/HQ/BYSgqd/C+NjlNAXBBEjSXhrFbtEo1K1Sb0Z+Q2OKK19sJrrv8shGl0gtUi2 - xSbVUUff2KnIWrX7tpNdveAkpX2Bs1ijzHxnQOVTwJyKetUoxVZB3ir3JnWqTfkF - XQwcJawvzwN7wHRIasBUh+FdZZSDsM9ujApKJiNKRz4ZIFaoallV95+YyU5cl00Y - g2wVfDgXdwnBQQKxa0NqNC+DGdEKc9Tfv01nz90rlbEUmTBKWD+sZGm/rsq4NV7c - yBqy6hLkE516wT0F6Z0osMtW8RmTARx2ayv1glwdRVTo9Qs8RkDxjRmy/r0/2dKF - AgwDC9FRLmchgYQBEACGlxYcVJzuJZn+oSMxRtirnpFNeKOgvlbgc5Jy/HmCQBge - I/h7QEaevr0XSmPc311OekXOWIVF6JOf6HJQsN0W6oU5uo7fXecqpEG5WqVQjouJ - +sVxcPAZVGbbhTycf9VXySilGXFbCbiM8nBHYF5VrCTrRYpnmJBnJ1qJ2qfzG+4C - Iys2UQHymHfumz5qj28VDv/j+DTn0ZbYEbIE9vhhtYngzXOBYkPdOX8YsWkQvGB8 - AhCO4OMGNbisIjufc6TTrVO2edqt2JcacXrSzOHj5lNpGqpK45a9lDKjm5eQAO2V - SJu5MPC5S9lLn4SjzHGMQBAr5WFH9GcftWs0WIPrPqJxRVXQt/av/fBMrnsoI0K8 - XEfyfOL56KcG95xnXFJzcgQJ1RnXAQzGPVv3fPvA39EyHDUu2VM4hN167+Y8Jgns - Iaxb2xMl1qXB6dUD/8mpyCzXdsp5JtK4jPGfOk6A2Uj4EWALbTpGhcGuPJ59Qe23 - Aao0N5Q6NU0EGzzgHMu4S+VMWk91Tol9tIgYCf80aXB30lQ1lFoXWhnItg7jrm81 - a1f+f25UKyDPQBMFmNwbmp4xjEsFqOTvGJJ1K3lI1OCGNnCeKuonpcBZlH2FovLi - c9+P8rvmmzucTndDt41ywXNaSqDl0yB+Qu/rTG4ov/17Y0vZ9sUn2kDJlfEtbdJe - AfHjxuXT9nVKeWi93hFn1Gea7oOXMeh18KqBMS440ZiymFrR5EPadXSTtQiK/LyX - 6VdwX+N/bGLdwMN+AQ3hMe/q5XtwaXle1MGTFqFdG6OjHlQDLgxng5gAP3k+5A== - =18JY + hQIMAwDh3VI7VctTARAAmvkQ9V14f0BT/bNdFVZtTlY4yVon37CX32SZPUcHV7o8 + Dya0sZd9tuVATSv79TnybscuNx95fkoZJwujBfAadexn2zY8zl1oEWEHx7p+8/mE + W8JbQAjbcbX9sNQYXc8kYJylBThmgNN/HXK7CGtgDFr9xnGzDBnDm/M31P1HwYBm + IdIQgFGErEt1K3xvw28Lk3tPuZLK3Y+H2Yna7RRF6K1blGJUvEnL6yFdA10/eFW7 + 8066mO26F2l5xFuktK0nNeniLHKa5VVYp8iM+JMhX38l0wiIi8pGyxo3uAjNpa0w + IfpCneEBe/yyaUPcWMjXmUG5LJe3kWUup8cSzvu01Z3W159/QsflxIMkIsklqhim + B2zuPdAlYsjjS/05DIHInN2IIB/rjADkQvXji1XYLhWJj4jxDeck/UIc6Q22TED+ + autlbl8d/5sqyO5ghPpShF/s0vMTqUfpXZrDrbuyDFqCfwi0ahP03bUsv20ZEz6u + zG3K5HuXHh7ATSppwuMbcv7vcjF1tkbo6XhWZDv0rY0DFWqiYhnxWwlFlGLxf4zX + g6r7Ca/E/YXG/eOET6M9DxwHjj0D7u/ryAkCktqPL9w8oNGarZQ/xMx0+ocI3byc + Zvzlmd63BtgaGNSxH3stK29KN3ED8cDkG/JzAxCATWiUBBkqW/ga4sGZqtLlSO+F + AgwDC9FRLmchgYQBD/9JbFZie25PO2CyELlUWm5SmJcugT9SK/mIA2fe1PlA+Gnf + 5z9iXraMSQchz4R1IoiixDhubwKeKp/auqhlOPvo58Lsi6iDR/WaLWabD+hcyAb1 + ck/f/PUzTLhlLcfu18VPfXVzfnky3dX8P5aS0WMLAQblj2RaaiHxnPqf49kXSn3q + VSJ0pr0nEsPuWtoCkHUAwAJ8X5GPXN2OD4YbHsNaA9h2vrJAxNd5+HNsvg8JtI88 + X/uMM7cWcaXcmNZOz166HUIPcJ5cabJ48Sv8sDfMPOcTiJkMiESBnRYTwdUcp08m + nGipSrUeW3pVOC1bGyukZb6sF84pTtCpqS+kOSfKFlxFFdAEcpzFIPuOMeo2dbKj + GSGPDemZFC2yFq883yk9/mZbgjOUsqrj0ZP3rCD5ZHpfUM5IxGQ+mKaOucTXYmif + lrTPMYnAc7pHxKZ87BgiKBYrfRAZvorLYKv8zG8YagAUw8iCtc68YUUdvLW9haQf + rwWCU1z+sszYSac7I57gfqICQhMUbs1n9S2Cn0C0xo4q2Lu36ysip4rEVGg6TmUu + znXYu+3orodw2TwC0tGxXHYKwmlr7EGnBCbdVKpDoCbV6cYkDYoPUFg0alqIPd5r + KCkee9MaCLLX7IdBrbLf1lkHGwSAs81GfZRMLBauM7/hn+hMUeIJnMbtJnVIB9Je + AdT2nSH06+POnjvxa2t0dUasnG/6ISBRSk6FgBBZ+pdVlrvaB4javgWGpiAWCUu6 + b2CMZF3HullmLj+wwAKlsZsIOXGICN5GeQxLHYF8Kx7Doj68Owu/zGM5MS+7XQ== + =wYdb -----END PGP MESSAGE----- fp: 4BE7925262289B476DBBC17B76FD3810215AE097 unencrypted_suffix: _unencrypted diff --git a/hosts/nixos/x86_64-linux/summers/secrets/forgejo/secrets.yaml b/hosts/nixos/x86_64-linux/summers/secrets/forgejo/secrets.yaml index 074fe3e..1b59023 100644 --- a/hosts/nixos/x86_64-linux/summers/secrets/forgejo/secrets.yaml +++ b/hosts/nixos/x86_64-linux/summers/secrets/forgejo/secrets.yaml @@ -2,56 +2,56 @@ wireguard-private-key: ENC[AES256_GCM,data:2/usWvtboQJ3Yc5ixT/7ZUvk74aZqYr7ZUZVE kanidm-forgejo-client: ENC[AES256_GCM,data:0S2Wt2/hP8e5qMXgI2cM3GApWoQ9pEHwiA==,iv:Utq8Q1LWk0TefpcwhSvXrulrgslCSnPanGGHSMPi/pA=,tag:ou/1y+DtFi/z4P54zzZ2Uw==,type:str] sops: age: - - recipient: age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u + - recipient: age1wmx8y2hs83j2u5srdnfxljrzxm8jtxl6fr0mq7xf2ldxyglpzf2qq89rpx enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBZZmZSdzdjUm1wRlo2aEgz - QVU5VHp4OGJsZmZaaTJOOURlczgvd21oM0RvCndQM2ZHMXNNQ2dnc2tNU2RLcFRx - UDlUZlBTdmZSR3dRNXNxRHc2a3cwdmMKLS0tIFZLYjlQdUIyTjM3SEluUVFyMTFE - Ly9qUUFqYXpDSGVrN2VkYmEvUkQ3clUKpgrTAWRPGuwyZL1PGVBhskPLxXt/j3Ez - iCEGbfAhrVeXRZuX/KXhjzefrjfrAq8ClZqdLatWF19L9lrVU8ytDg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBMEM4alliWlBCT3VsbVA5 + OGt5bmQvZW1TaUNkbWtFdzVGNDNpY0hBOVhzCm84TldYNHBrU01HMlBkbGNwZFAw + WVk0T3FycVRHUUNtM1pTYkQ4Qmw3RTgKLS0tIE9LUlNEVjJHOGVIK1RSMmRXUDF6 + QlRKY1hRVzNTVXhESUd3OElXL2pBZXcKDWYoOzi2b4qeIbCVCfTj0lTW+OfbnsXB + 8MugCHu7+b+ju0v/lUP66jDW9/2AH4PzHtCNHjsafyzr2qnW8HlOzA== -----END AGE ENCRYPTED FILE----- - - recipient: age1qdzkn6v3xhrfjwe8jxz3945dhyyhevwal0narjtr8whf9y7nh3wsn524u5 + - recipient: age1c2enwel9un28dcs4wg0vcyamx9a4a6g3walkhu8w5lqhmd804paq9d24as enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBaT2EwNlBDMHBXSEhNam9W - WTAzWlNxTHNoSm1ZcGZaV2liN2E0b3UvcUNnCkNOQmxXMHZveDgzVFAzL3NLRm1M - ZlBVUCtpUjJ0ZzFEL3N6Njk1VTlFUDQKLS0tIDRKRTdHcUJyRUZ4RDZHN3ZTWXZT - Nms2RkhTMmJyVlA0WWI1Y2Q2ZHpXV3MKQKvjzOvay04EATmgojC72aqbhq83c7jA - 0guRoaULHaszycMsqICteNRn+tdLBh8L6EHXZC1GlJzm0e9WMeAOsw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJRWJXR2tYdEd4cTZsSi9l + Tm1pSC9pek5BakpEMlkwVTcrMlBuVzlXWUVrCmlnV0xJc25nL0twK3VCZ3FRK2x2 + RW52Q1NxWUhTUGY0NnQ0WEhLMWxIcFUKLS0tIG83eVM0KzdLQ004aDRKNTYvdmVZ + d3ZOSStBMFpSU2ZjNWhFRkREQWlUdmcKggVvLy1mLYGf8084RQtlipS4+z4dfPsN + HZfid0srwYnezlQ5qOY8/HrDLWHEyuZ4xFZVi4n0k49qBpNwJdmvyQ== -----END AGE ENCRYPTED FILE----- lastmodified: "2026-01-08T08:03:05Z" mac: ENC[AES256_GCM,data:Ko12SPrZ65B+T8JIERI8a08uN87wwVndIweIxbr+TkcEsRyLCPziB8tMsTGtDIZkTG7dJywT/SeZ9gqnMgiH9mvsk7Uqi0hrmEf65fsqCVGTOi17DBRGS2rwbXkEmT3xiSL2LSe6+9rjlZ5B9ZUfO3hdhw+jy7rSdcaLu7R8LL0=,iv:GPBDabdBLbCYuKr//XlC578Mpw9LGJ/gM1etek/PtWI=,tag:5/qXhTCHxiCRka4N2qYVzw==,type:str] pgp: - - created_at: "2026-01-12T22:05:22Z" + - created_at: "2026-01-02T21:12:51Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAwDh3VI7VctTAQ//WFYndpAApuPwCK8Xotduipm1kp1m9/7oy5q3l+WDHR2N - RYQyVUPYSlqzLRfRd65xgy18MHZwUP8iavWU0cnKNveB2c82rMtMRrLU1mvHPTBQ - XmLkSDAepqhbcMcXfVpOQEDjcesIKNMqLiiZtmcOPFcT2RvoyCovx3EKxlvPd4R4 - 0CGiAiApgxz2XSOLoalzHF85p3I0/Sfvf/V9CfZ/oB199PCYF4qlPzq9Xn4D28qT - 67EglnxyFY4esd+9/QRt3B/5RRmzVK4Cc3+JxFO47V+PbkFo+GvF6tv8eUakzCI0 - Dn04VvLsQ9HhaZsjLU8WoX0GRrLjDD/1TaLmM+JFV6c97fN3IBGBSKZTdjOt55ZR - F/oAS8W6aOuqPSr4PaHEOgpzLwpu8IHZ4FNzjeHAGYlK8QjRGpq8Jm/Lz8A9Buy5 - XLS47JspVFLIU9FaWzOBHn6IIkewG/b3fM1kA51f3OFP6RprQ1OvX5g98epW8Eea - M/wFdVMU6HXS8FLAhQZ8Sll5iO0SYyzDM/tgXpXBo5/gjU17Ry1vkzJqQyWmuYWI - UqqxzHnOq/eUJIiXS8Qgkxo/WgMAEEJxLfH+KALzO/KD5PsIRmriSXVGJysXP3lY - tiJPouhDTt4+lapMjipV1bH4kHPoPlfr9fY0t7YSf7NOC5mDNqqTjSYMZXY8UKiF - AgwDC9FRLmchgYQBD/0ccxFMrAOMz4eXqQQXwTf2/nJh7Xz7GxgdhbiPprKDVSoq - mcnnyMfHTAFahRYdCczU0sIj9uX5CVZuSSCv/PqjeSZb+L3ib24EhF+TxgqEPRer - XruneHFK9yu1Y1h++3Li/77DKKDObnqgCZGrdKSgIuakkK2Ki6b9gcaTKLZN5Wmh - tE7zpYQcnRxGW3GdQAuOShsfPZqEO2YIzIecitodPxPaO8PzqTZRhoRclmL91MDT - MtthC4ik7MDEV9nz8oV/u4pqf1j+xJZ23u96Kl4KkowIK7rSE1OYU4onw2mKXgNR - FS+3xqw/BFXgXMkXW+F9GyGPZkxCWuztZozIh9UyCiOErpzPDG/5Hy7v6BzzKaJQ - YMlukdhUw3B9ciB86lKoJSgiZpHeU2J8LZ649lGQXNlplEZnWOkyWWS0/g1Bt2VC - B5egnFOA2ueFGWg1VUzKcIFq/DsqMOXnUMh63KuQrAIovuQnYLyDavGt2Il1LVHj - tiVE5svsFd3o9JyUE8YcP0VDKTcbr/kVJHYA3o+7fLtUD6TEdiQxp3Z/ZPHdCftE - o9t80iekS8k5TYOJ79XWlGw7o+Ip9Zh4G+NpHmKLZaLGrnEFuBMnDRVUsU0CxG0S - ZgUbjLwcX4QxdBEKEgnDip2ink1IdciSlNBpYX6btRt2EPDz6bxISGsI5kTKZtJe - AV6D7C/OYyDUPCfT8WlcDfF/hGiSnf5NWeIlZQ+g1DOuEYDt2jztNFhziVvhsQoO - VEC3iYgq28WyTrQog+3F/ktu4x883js1bbtFZ/b6o9ZM8oKbfuYtUO0v/7CmCg== - =5YlB + hQIMAwDh3VI7VctTARAAmvkQ9V14f0BT/bNdFVZtTlY4yVon37CX32SZPUcHV7o8 + Dya0sZd9tuVATSv79TnybscuNx95fkoZJwujBfAadexn2zY8zl1oEWEHx7p+8/mE + W8JbQAjbcbX9sNQYXc8kYJylBThmgNN/HXK7CGtgDFr9xnGzDBnDm/M31P1HwYBm + IdIQgFGErEt1K3xvw28Lk3tPuZLK3Y+H2Yna7RRF6K1blGJUvEnL6yFdA10/eFW7 + 8066mO26F2l5xFuktK0nNeniLHKa5VVYp8iM+JMhX38l0wiIi8pGyxo3uAjNpa0w + IfpCneEBe/yyaUPcWMjXmUG5LJe3kWUup8cSzvu01Z3W159/QsflxIMkIsklqhim + B2zuPdAlYsjjS/05DIHInN2IIB/rjADkQvXji1XYLhWJj4jxDeck/UIc6Q22TED+ + autlbl8d/5sqyO5ghPpShF/s0vMTqUfpXZrDrbuyDFqCfwi0ahP03bUsv20ZEz6u + zG3K5HuXHh7ATSppwuMbcv7vcjF1tkbo6XhWZDv0rY0DFWqiYhnxWwlFlGLxf4zX + g6r7Ca/E/YXG/eOET6M9DxwHjj0D7u/ryAkCktqPL9w8oNGarZQ/xMx0+ocI3byc + Zvzlmd63BtgaGNSxH3stK29KN3ED8cDkG/JzAxCATWiUBBkqW/ga4sGZqtLlSO+F + AgwDC9FRLmchgYQBD/9JbFZie25PO2CyELlUWm5SmJcugT9SK/mIA2fe1PlA+Gnf + 5z9iXraMSQchz4R1IoiixDhubwKeKp/auqhlOPvo58Lsi6iDR/WaLWabD+hcyAb1 + ck/f/PUzTLhlLcfu18VPfXVzfnky3dX8P5aS0WMLAQblj2RaaiHxnPqf49kXSn3q + VSJ0pr0nEsPuWtoCkHUAwAJ8X5GPXN2OD4YbHsNaA9h2vrJAxNd5+HNsvg8JtI88 + X/uMM7cWcaXcmNZOz166HUIPcJ5cabJ48Sv8sDfMPOcTiJkMiESBnRYTwdUcp08m + nGipSrUeW3pVOC1bGyukZb6sF84pTtCpqS+kOSfKFlxFFdAEcpzFIPuOMeo2dbKj + GSGPDemZFC2yFq883yk9/mZbgjOUsqrj0ZP3rCD5ZHpfUM5IxGQ+mKaOucTXYmif + lrTPMYnAc7pHxKZ87BgiKBYrfRAZvorLYKv8zG8YagAUw8iCtc68YUUdvLW9haQf + rwWCU1z+sszYSac7I57gfqICQhMUbs1n9S2Cn0C0xo4q2Lu36ysip4rEVGg6TmUu + znXYu+3orodw2TwC0tGxXHYKwmlr7EGnBCbdVKpDoCbV6cYkDYoPUFg0alqIPd5r + KCkee9MaCLLX7IdBrbLf1lkHGwSAs81GfZRMLBauM7/hn+hMUeIJnMbtJnVIB9Je + AdT2nSH06+POnjvxa2t0dUasnG/6ISBRSk6FgBBZ+pdVlrvaB4javgWGpiAWCUu6 + b2CMZF3HullmLj+wwAKlsZsIOXGICN5GeQxLHYF8Kx7Doj68Owu/zGM5MS+7XQ== + =wYdb -----END PGP MESSAGE----- fp: 4BE7925262289B476DBBC17B76FD3810215AE097 unencrypted_suffix: _unencrypted diff --git a/hosts/nixos/x86_64-linux/summers/secrets/freshrss/secrets.yaml b/hosts/nixos/x86_64-linux/summers/secrets/freshrss/secrets.yaml index a327548..b9b6f62 100644 --- a/hosts/nixos/x86_64-linux/summers/secrets/freshrss/secrets.yaml +++ b/hosts/nixos/x86_64-linux/summers/secrets/freshrss/secrets.yaml @@ -4,56 +4,56 @@ freshrss-oidc-crypto-key: ENC[AES256_GCM,data:nEoIHlKXpgKlJ1iFKLUdb6QVcU8fMRoZ+o kanidm-freshrss-client: ENC[AES256_GCM,data:BTPaUyI7qrBpiB+0zQKJw9odT0fRLc+zFg==,iv:9u25+thsHm+0Ganm0z5QtsgFBGccpAIPQa0aYqqHkXA=,tag:cgCvMIs7jUMe7QiDPznbtA==,type:str] sops: age: - - recipient: age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u + - recipient: age1wmx8y2hs83j2u5srdnfxljrzxm8jtxl6fr0mq7xf2ldxyglpzf2qq89rpx enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBCclk0UDk1MDhkWXZZUGxM - Zkg4SVdpWmYwZGx1QW1uVWYzU1JZWUgzcVFvCml4RjBydWk0cUVaUkVhWENYSE1G - RC9pTHdPRzBNOEVSdUZnWWthQjFxajQKLS0tIDBtOHlxRTJTRENIMGR5SmUrTWpZ - RElERUIxWW1NZkdLa3M5ZkQrMkFuWTAKODsEiS7hjvztH4YYkiK8Fr4Do+wbroun - 5SGawFG8NmN8P0WWVURKpDDafP4plVHj5YOkoAZJXgo0NyoOLsXjmA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBMEM4alliWlBCT3VsbVA5 + OGt5bmQvZW1TaUNkbWtFdzVGNDNpY0hBOVhzCm84TldYNHBrU01HMlBkbGNwZFAw + WVk0T3FycVRHUUNtM1pTYkQ4Qmw3RTgKLS0tIE9LUlNEVjJHOGVIK1RSMmRXUDF6 + QlRKY1hRVzNTVXhESUd3OElXL2pBZXcKDWYoOzi2b4qeIbCVCfTj0lTW+OfbnsXB + 8MugCHu7+b+ju0v/lUP66jDW9/2AH4PzHtCNHjsafyzr2qnW8HlOzA== -----END AGE ENCRYPTED FILE----- - - recipient: age1etgfym5m8hn3hxs6cgg757zcv5zg5n22wq38fuq59n7qk7nef5uqyg6vvs + - recipient: age1c2enwel9un28dcs4wg0vcyamx9a4a6g3walkhu8w5lqhmd804paq9d24as enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOUW4zTWhQOTEraldVeUp2 - ZHpVeStLRmlvcCtpOHlGTDFYZWVKYXpka1JVCk5IblN5OHZDRnZid1RwenlCRlJh - MnRYSVRXcEtyRHo1M2JNdEJHTkpNazQKLS0tIHUvMkUyQ24vSk9hWnl0cjlEQnlN - MTJsZzFzVDZoZ3lnKzVLNk5MZ3N4WmcKEziK8e7aqxGqJwOG4s8jfUmjiL+gs6sY - KEI5LugBaF66fAB3Qf9RX3XaaWWSQ3C/yuiv7h60kE5tEZLPtZxssA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJRWJXR2tYdEd4cTZsSi9l + Tm1pSC9pek5BakpEMlkwVTcrMlBuVzlXWUVrCmlnV0xJc25nL0twK3VCZ3FRK2x2 + RW52Q1NxWUhTUGY0NnQ0WEhLMWxIcFUKLS0tIG83eVM0KzdLQ004aDRKNTYvdmVZ + d3ZOSStBMFpSU2ZjNWhFRkREQWlUdmcKggVvLy1mLYGf8084RQtlipS4+z4dfPsN + HZfid0srwYnezlQ5qOY8/HrDLWHEyuZ4xFZVi4n0k49qBpNwJdmvyQ== -----END AGE ENCRYPTED FILE----- lastmodified: "2026-01-08T08:01:49Z" mac: ENC[AES256_GCM,data:+RtsIjA8DXxCGeTqsb24DQdP04/8oEvviiYp+SSfvCiUL4nu/WkAIAHdcC+Gvw379vnq1N38JPycB3mQbyabC2lUJ85oEMmfn6YDdsoIxvdDuJuN5VGhLkqXdwgkfJZU+e1XUDkGmAalWeNFTlE7i51qecVevdjPf10YW/V1QZw=,iv:TEYHADkS50xgUCQ4ftWv5YcIqSX+cYgeNbPxSbp0+fI=,tag:+PoSBjFfV99vOZIkNJaXcQ==,type:str] pgp: - - created_at: "2026-01-12T22:05:23Z" + - created_at: "2026-01-02T21:12:51Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAwDh3VI7VctTAQ//TVYAbB7pn/T+SaE0DRIYBFVG8PAiyh3zLt3LcJyYZcwy - sVqcJgbIMMTDqJck0XC/RCzIAGhHiSai2rK/TUh1Wm+xQxPIVu5YnmP5mZlX6jVU - EZ9KRuzBK2Kc6FTbinOR9KZlxHKre8QaUNKtXReha4J7A+qQ2wqt41uKupXXGGNv - /NejcbMjeyBUQjkIzT3H5bVZLTOeiv4/tc66Y24p/pz3vcSlUO0GubJ1/sbu3B4o - K/NZ2HC/OchsBJt2Y27PvEIbZJEzY7ysW9tOs6TNEBTCgx1o86WxeHAxvyx9PRGs - 6Rx2aSBLSiZe3AJSauOVmJJDQ1nIOg0vHAH86+vLjqeXGAAvJgJOOTo+/q9M059k - xKYmXSI6LNnqu+6vGPHutzv+oO/6Gv2vSy8n7zO1bahlAndluFMkOMKzkxqooCV6 - v6a1r6slW29Z8UeUlG1iRV5634NvvlQBhp4ig9euKwq8FEY+dz6XUFqnMbY+auE2 - NRwVstJTriTKuBo8stXP2tyvwdpfMem4A5ZSpl6kowx9gvWMiU7aG+U/CLEMHtHY - hWv66eNnjC99tLAJ3lqH8Bd4UY0m0i/P5NFZWRASESay/NSa2BFubNYI6krVWTo8 - uLuvUXSnS+QmlZnr6Bj8nuKUto7naMVkRbiT7t/IMe2vLZrX572c4Ye4/oJJIXKF - AgwDC9FRLmchgYQBEACLXg3KxCtZvfv9ACfHU0jR05aq4vq6/RNwb82KHNNjHSYb - LWSiEkBVl4bb5isRv4EK3CpuuTL1Jv2XIfmd/NjHjZsQRAu2gBcmftXNpBzX4VwT - rB0mBBKGyUWdeleGPOyXvucrAjOqJ4gOVJxrGp2RUbPcUG/aqpuSbmJFx8S5qpsb - ZEdMdNLVZfKzzP4Z7fpPuu5AXyJ+O3IPpFqvChdM04VMYAECGhoZZzIt6UIHkzrO - BBNaXLniznNZ5LKArog8G9WfYcC6egmEP50SYygGok+66QwkTdM0XttUq2M17KwP - xA2Ybgh8JuSI44LJOfx6zeLQqku0hBfmVuvyw9YVoicoZisN/jJYtkk9XOmILlPk - Fw0tn/cy6h51CqNbweGY0KTDxY6pZTEXP21CyLqAWQ+B01JB+zuEq6C7MEH+bfZU - L7Z61tN+j64IRvYGf0YP03Dj4D1vsJ+zp7asQ41MFu5HpAzfU7xcrpa3EgGRYxkT - 6b9m/eAyf8+olEbzVgLC0UkzofXvJLjxuk4zmxdF2WOuKoV+yt5kFjXQGaLozqTN - ypbERn5QCZ6hLYUFOvsqw9avfVLRPVq8JF1YLKEQfVjC20wo6BuwcosbwLeHLI08 - NAHCLHC/6iv2/Fji/57sKcy+qgoIYOhAvWE8wtqCU75379UUIORNFaERaqizy9Je - AXWoZICaEAb556k67dLO73IW5/2yhNiYGzMluHWRcczaKaVmKzrdjjFKhFx3mMof - SmR3Ga9QprYqOXas+Ouok4Qe/zj6YCW8BUcDHFB05OUl5pFRL5ksTNh5V1WrlA== - =RK/j + hQIMAwDh3VI7VctTARAAmvkQ9V14f0BT/bNdFVZtTlY4yVon37CX32SZPUcHV7o8 + Dya0sZd9tuVATSv79TnybscuNx95fkoZJwujBfAadexn2zY8zl1oEWEHx7p+8/mE + W8JbQAjbcbX9sNQYXc8kYJylBThmgNN/HXK7CGtgDFr9xnGzDBnDm/M31P1HwYBm + IdIQgFGErEt1K3xvw28Lk3tPuZLK3Y+H2Yna7RRF6K1blGJUvEnL6yFdA10/eFW7 + 8066mO26F2l5xFuktK0nNeniLHKa5VVYp8iM+JMhX38l0wiIi8pGyxo3uAjNpa0w + IfpCneEBe/yyaUPcWMjXmUG5LJe3kWUup8cSzvu01Z3W159/QsflxIMkIsklqhim + B2zuPdAlYsjjS/05DIHInN2IIB/rjADkQvXji1XYLhWJj4jxDeck/UIc6Q22TED+ + autlbl8d/5sqyO5ghPpShF/s0vMTqUfpXZrDrbuyDFqCfwi0ahP03bUsv20ZEz6u + zG3K5HuXHh7ATSppwuMbcv7vcjF1tkbo6XhWZDv0rY0DFWqiYhnxWwlFlGLxf4zX + g6r7Ca/E/YXG/eOET6M9DxwHjj0D7u/ryAkCktqPL9w8oNGarZQ/xMx0+ocI3byc + Zvzlmd63BtgaGNSxH3stK29KN3ED8cDkG/JzAxCATWiUBBkqW/ga4sGZqtLlSO+F + AgwDC9FRLmchgYQBD/9JbFZie25PO2CyELlUWm5SmJcugT9SK/mIA2fe1PlA+Gnf + 5z9iXraMSQchz4R1IoiixDhubwKeKp/auqhlOPvo58Lsi6iDR/WaLWabD+hcyAb1 + ck/f/PUzTLhlLcfu18VPfXVzfnky3dX8P5aS0WMLAQblj2RaaiHxnPqf49kXSn3q + VSJ0pr0nEsPuWtoCkHUAwAJ8X5GPXN2OD4YbHsNaA9h2vrJAxNd5+HNsvg8JtI88 + X/uMM7cWcaXcmNZOz166HUIPcJ5cabJ48Sv8sDfMPOcTiJkMiESBnRYTwdUcp08m + nGipSrUeW3pVOC1bGyukZb6sF84pTtCpqS+kOSfKFlxFFdAEcpzFIPuOMeo2dbKj + GSGPDemZFC2yFq883yk9/mZbgjOUsqrj0ZP3rCD5ZHpfUM5IxGQ+mKaOucTXYmif + lrTPMYnAc7pHxKZ87BgiKBYrfRAZvorLYKv8zG8YagAUw8iCtc68YUUdvLW9haQf + rwWCU1z+sszYSac7I57gfqICQhMUbs1n9S2Cn0C0xo4q2Lu36ysip4rEVGg6TmUu + znXYu+3orodw2TwC0tGxXHYKwmlr7EGnBCbdVKpDoCbV6cYkDYoPUFg0alqIPd5r + KCkee9MaCLLX7IdBrbLf1lkHGwSAs81GfZRMLBauM7/hn+hMUeIJnMbtJnVIB9Je + AdT2nSH06+POnjvxa2t0dUasnG/6ISBRSk6FgBBZ+pdVlrvaB4javgWGpiAWCUu6 + b2CMZF3HullmLj+wwAKlsZsIOXGICN5GeQxLHYF8Kx7Doj68Owu/zGM5MS+7XQ== + =wYdb -----END PGP MESSAGE----- fp: 4BE7925262289B476DBBC17B76FD3810215AE097 unencrypted_suffix: _unencrypted diff --git a/hosts/nixos/x86_64-linux/summers/secrets/homebox/secrets.yaml b/hosts/nixos/x86_64-linux/summers/secrets/homebox/secrets.yaml index d939671..57e3bc2 100644 --- a/hosts/nixos/x86_64-linux/summers/secrets/homebox/secrets.yaml +++ b/hosts/nixos/x86_64-linux/summers/secrets/homebox/secrets.yaml @@ -1,56 +1,56 @@ wireguard-private-key: ENC[AES256_GCM,data:uDvv70RDyd0DEA0IAowsBLKew2k1TzMPmrVmIW1ZuMtSYxpstq8x5l2MPN8=,iv:02HfUl4lUkhlBzgOfvv+hRoyMMAaGcf9PooRAZzgjK0=,tag:dL/qhDLjzMP/4ENUcF3WHQ==,type:str] sops: age: - - recipient: age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u + - recipient: age1wmx8y2hs83j2u5srdnfxljrzxm8jtxl6fr0mq7xf2ldxyglpzf2qq89rpx enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGaE9zbmtDVHpBd3NYcWEv - aVVFVmlESDJJb1ZhaDJoei9VeVRQQURaanlVCjErQ2FUYkhyajczSUxSbmF6R2Z3 - em9RVUlnTHdrNXMzRzIvOTJ5UE84RFEKLS0tIDg2WFNQWktUQnAraW9HeDB5OXhT - MTMzMW5zWFloeGxpeGpjcFFZQktJc0EKnuwMW7Zrtr8XZCJM2E8M3WcH+0Ecxz6n - y1bQvo329+Ssx6Igf/NYLzaQVtTgrjrAVgQb4zSu93Ofa8tFRHbcaA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBMEM4alliWlBCT3VsbVA5 + OGt5bmQvZW1TaUNkbWtFdzVGNDNpY0hBOVhzCm84TldYNHBrU01HMlBkbGNwZFAw + WVk0T3FycVRHUUNtM1pTYkQ4Qmw3RTgKLS0tIE9LUlNEVjJHOGVIK1RSMmRXUDF6 + QlRKY1hRVzNTVXhESUd3OElXL2pBZXcKDWYoOzi2b4qeIbCVCfTj0lTW+OfbnsXB + 8MugCHu7+b+ju0v/lUP66jDW9/2AH4PzHtCNHjsafyzr2qnW8HlOzA== -----END AGE ENCRYPTED FILE----- - - recipient: age17mugmkdw0y768a3huuf37r45eff9apyknxvwk3agg6xzsjmqp96q57tcty + - recipient: age1c2enwel9un28dcs4wg0vcyamx9a4a6g3walkhu8w5lqhmd804paq9d24as enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJQ1F4NkdvTmpwQ2w2YUVX - WFV2MGkwb1dGT21Xa2c4TlJiZlUwUmgxWHpnCkVOcGZVV1pRSGhIUDhVUXRpM2E4 - dWRKM0VNRTdqN3V1b3hZSUVCRnEveXcKLS0tIGN6b3ppcmg4VFNyNzlSTHY4YzVh - REhGbStZeENKNStwVEZiZVpPRGRmYTQKCBks5jrHBOT8xMGtssxM0ojTED/j3KWP - d3vcpKALxweAgdYExZBYrfg54gL+swAqEB8rLW13+ZOB1xskrg/HkQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJRWJXR2tYdEd4cTZsSi9l + Tm1pSC9pek5BakpEMlkwVTcrMlBuVzlXWUVrCmlnV0xJc25nL0twK3VCZ3FRK2x2 + RW52Q1NxWUhTUGY0NnQ0WEhLMWxIcFUKLS0tIG83eVM0KzdLQ004aDRKNTYvdmVZ + d3ZOSStBMFpSU2ZjNWhFRkREQWlUdmcKggVvLy1mLYGf8084RQtlipS4+z4dfPsN + HZfid0srwYnezlQ5qOY8/HrDLWHEyuZ4xFZVi4n0k49qBpNwJdmvyQ== -----END AGE ENCRYPTED FILE----- lastmodified: "2026-01-07T13:36:38Z" mac: ENC[AES256_GCM,data:4ZeARGvSyuzNT2vFJ9ou0JeZ9wyTU443BLHINsEzchHDCB/xlMjhrt9N0DIX+EfkMZiRukUw5C56HNgBfD5uEBgt1lbdBfLQOnUgVlP3EC7HXPZXYEOtS9kj2j2VTBHnGFOZKDiBVgQNJkJ6QBmJtx2rEwQcCax3DeHO/RyLleY=,iv:sCrpoKKTN6X6GoxPQvSaCaiY3b4o9QzLWCus62ltLwk=,tag:kN4UXDS68/OvEi8ZYafLFA==,type:str] pgp: - - created_at: "2026-01-12T22:05:25Z" + - created_at: "2026-01-02T21:12:51Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAwDh3VI7VctTAQ/+KFmJTYxoCvXPkfwNcE0+ikAQ82yGFshGAdcF78Hw0i1y - CxWY6qhMi9AmJ59Omqkh0IVHqETUicBLoEGvKIZTb6KBf304TYP6DYZs9+Azg/9O - acdJDz0rkYDP0c3CAKGhGic66acaxxiRiDvkYuYNtpiR+vzvZPmG07SDBw71uxfZ - GKug0y8+6i2vdQKx8ddfiNwey3IGTj6o/B1jW1f1HeRno/qfRjmb29O9HF0JcAnD - syWa2jjVY8hz1CcxErPx3iA5U+I7L2wMj4mIIG2x0kJo3hKRwnkRGG5o5pi4RbAg - tzR5t5Sg8TsLWGA5Btx4HJkTOIVEG3oIuwBUGwlGu/f5U43KCt8Pyf9wmQ9Zy793 - aDLTMpe6kQP/23vkzVSKQVPduNPMntvqmDXuq2iu3c9reO++Cri5z/uEM74gjdTF - b0raKr45o++YaZwbU0iCDSkUY39Ne9IUoqyiQTfKCS6VqtwzzpscgpzwV9ND8O6l - J5ynTpAHBQMUF91Tx108b7F0BKLs+8I/t28ehqv2WdkxvoNSfmHGwCmIzKuf/C6W - j/sIjUAFNU6qpjlYVa4n9Ko9jvmM2aL8WVO51QSFiqDT7OOWAr8vYKdYRaMOk81V - NIyqE7lPlR+MKBaYW+LJfp2JLoyYlvi5vrVnfZuxxVw6HWzf0ejiIDiTReRbg3CF - AgwDC9FRLmchgYQBEACs+xJcoHuykH7AUANoOgya6GKTENYbH5ICGmxwxGQbtA/q - Vs/wqmK3eWkLLOqiGKKHdynvUx1/jSUSqxSUtLY/KMb3905MOH8ar84K8fgJpPQF - Du3SJFWfuZJ7xni2HNLrmaR57hl9DN5evnJ3U043Gey4b6BQV4jeanvNCSF2F8oQ - v9Vc1EKZM02Ia0NjtYkDHVoGyjTKB1su2ah4vlyD8pqyjMu+WYtay4lTcWCOLxKA - ivR5X8QWfm9jFuINTTt8YdLkx9KsM9ecc3+NDgYOVY9RbrnReOaHPgYjmEXddVd8 - J+ok/ekoIw4wa6w/fiRYjNMYYAcenxc/mVBBVE10jeDaL9YwJUnwaa+8G/wGcrFL - iWjI9BeP54YJhpI08oaK3UWSFg5673XX6Na8p/pgbxPyIT88axoqNMU80VW0mvc1 - rd5j1LQiKNqDMEPV5hLbfBlKYrTzIG2V0F9YYlh9NWMzOyUdHoMmY75AmKKJB/p1 - M/Mz2ILI57ubuq3Oj0MAkX/fOsNefVs7VmTybuAdI2lViB9FzBGtb1TlFvTmW5LZ - cu19rt4N0vxfcrAbLhsVTAsA1zKwAnyQUSRRd9aRqXPVCRr4pPTLxEOZCPHnCBDZ - tTX8/27F85sUU4iozC8Nb8O37NRy7sRWL4BfPLeq9QWG8n7XmnH6zAn55V93Y9Je - Aaxk9LcteNGywk6hxyI50cBir4PEIEwQj9oRwy0URH7UIX7BUojRF1hV+Mus38is - Va1BiIOCn0YHfd7tBeggbjV5A+OkD6exDVCZBXaC4E7Ueoxd2udaYXsfHvjABA== - =tJZv + hQIMAwDh3VI7VctTARAAmvkQ9V14f0BT/bNdFVZtTlY4yVon37CX32SZPUcHV7o8 + Dya0sZd9tuVATSv79TnybscuNx95fkoZJwujBfAadexn2zY8zl1oEWEHx7p+8/mE + W8JbQAjbcbX9sNQYXc8kYJylBThmgNN/HXK7CGtgDFr9xnGzDBnDm/M31P1HwYBm + IdIQgFGErEt1K3xvw28Lk3tPuZLK3Y+H2Yna7RRF6K1blGJUvEnL6yFdA10/eFW7 + 8066mO26F2l5xFuktK0nNeniLHKa5VVYp8iM+JMhX38l0wiIi8pGyxo3uAjNpa0w + IfpCneEBe/yyaUPcWMjXmUG5LJe3kWUup8cSzvu01Z3W159/QsflxIMkIsklqhim + B2zuPdAlYsjjS/05DIHInN2IIB/rjADkQvXji1XYLhWJj4jxDeck/UIc6Q22TED+ + autlbl8d/5sqyO5ghPpShF/s0vMTqUfpXZrDrbuyDFqCfwi0ahP03bUsv20ZEz6u + zG3K5HuXHh7ATSppwuMbcv7vcjF1tkbo6XhWZDv0rY0DFWqiYhnxWwlFlGLxf4zX + g6r7Ca/E/YXG/eOET6M9DxwHjj0D7u/ryAkCktqPL9w8oNGarZQ/xMx0+ocI3byc + Zvzlmd63BtgaGNSxH3stK29KN3ED8cDkG/JzAxCATWiUBBkqW/ga4sGZqtLlSO+F + AgwDC9FRLmchgYQBD/9JbFZie25PO2CyELlUWm5SmJcugT9SK/mIA2fe1PlA+Gnf + 5z9iXraMSQchz4R1IoiixDhubwKeKp/auqhlOPvo58Lsi6iDR/WaLWabD+hcyAb1 + ck/f/PUzTLhlLcfu18VPfXVzfnky3dX8P5aS0WMLAQblj2RaaiHxnPqf49kXSn3q + VSJ0pr0nEsPuWtoCkHUAwAJ8X5GPXN2OD4YbHsNaA9h2vrJAxNd5+HNsvg8JtI88 + X/uMM7cWcaXcmNZOz166HUIPcJ5cabJ48Sv8sDfMPOcTiJkMiESBnRYTwdUcp08m + nGipSrUeW3pVOC1bGyukZb6sF84pTtCpqS+kOSfKFlxFFdAEcpzFIPuOMeo2dbKj + GSGPDemZFC2yFq883yk9/mZbgjOUsqrj0ZP3rCD5ZHpfUM5IxGQ+mKaOucTXYmif + lrTPMYnAc7pHxKZ87BgiKBYrfRAZvorLYKv8zG8YagAUw8iCtc68YUUdvLW9haQf + rwWCU1z+sszYSac7I57gfqICQhMUbs1n9S2Cn0C0xo4q2Lu36ysip4rEVGg6TmUu + znXYu+3orodw2TwC0tGxXHYKwmlr7EGnBCbdVKpDoCbV6cYkDYoPUFg0alqIPd5r + KCkee9MaCLLX7IdBrbLf1lkHGwSAs81GfZRMLBauM7/hn+hMUeIJnMbtJnVIB9Je + AdT2nSH06+POnjvxa2t0dUasnG/6ISBRSk6FgBBZ+pdVlrvaB4javgWGpiAWCUu6 + b2CMZF3HullmLj+wwAKlsZsIOXGICN5GeQxLHYF8Kx7Doj68Owu/zGM5MS+7XQ== + =wYdb -----END PGP MESSAGE----- fp: 4BE7925262289B476DBBC17B76FD3810215AE097 unencrypted_suffix: _unencrypted diff --git a/hosts/nixos/x86_64-linux/summers/secrets/immich/secrets.yaml b/hosts/nixos/x86_64-linux/summers/secrets/immich/secrets.yaml index e56b4c6..00948b6 100644 --- a/hosts/nixos/x86_64-linux/summers/secrets/immich/secrets.yaml +++ b/hosts/nixos/x86_64-linux/summers/secrets/immich/secrets.yaml @@ -1,56 +1,56 @@ wireguard-private-key: ENC[AES256_GCM,data:rTVAsx0XyI7i1coICpFjANV6CpWSjDTlvdOxu1yLggei/XZKeRuDmv1PsE8=,iv:P0S+juvE3LswavDMPpoxUYkKCzGlYaaEpIg7DBwvoc4=,tag:hIrOXG4F5qkK10VIjtiggg==,type:str] sops: age: - - recipient: age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u + - recipient: age1wmx8y2hs83j2u5srdnfxljrzxm8jtxl6fr0mq7xf2ldxyglpzf2qq89rpx enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBoYXU2U1JseXZLZEVOanMr - RW52NlZJcTgrZTRpQkwvcG54YUFqYzJkSkZzCnhwczNqeXozSm90a2RkTDBiZnpW - RUpRUFpHd01uUWRhMVZ1UnBJQk9SZXcKLS0tIDNmQlF2YlkrWmxwWU5wb01odjdy - Mk93dFJnd0tDR1BOL3RBa00yOWd1OEEKL1DJeQo76MdgbZlq2N6yribiUtlD3wiV - 1UcZWDnGMM3uC7LjdR6xK2qDiG64SqWhlo8FSrHLL/42GTJ/1irfXw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBMEM4alliWlBCT3VsbVA5 + OGt5bmQvZW1TaUNkbWtFdzVGNDNpY0hBOVhzCm84TldYNHBrU01HMlBkbGNwZFAw + WVk0T3FycVRHUUNtM1pTYkQ4Qmw3RTgKLS0tIE9LUlNEVjJHOGVIK1RSMmRXUDF6 + QlRKY1hRVzNTVXhESUd3OElXL2pBZXcKDWYoOzi2b4qeIbCVCfTj0lTW+OfbnsXB + 8MugCHu7+b+ju0v/lUP66jDW9/2AH4PzHtCNHjsafyzr2qnW8HlOzA== -----END AGE ENCRYPTED FILE----- - - recipient: age16gf76uustmyyksm3t56zcq9g6j8avy0wrngh8laknfq733s5welqedeg4x + - recipient: age1c2enwel9un28dcs4wg0vcyamx9a4a6g3walkhu8w5lqhmd804paq9d24as enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBoS0lrTWJielNmS1ZTMTh3 - bmx4anJ0NHdONlVGKzZPdGs2emlMck9lN2pvCmhVRHBWUFV1Y21STXYxaXRXWm9k - dDFhTU9qSTV3NW94Wk5CeFJJOXhGeWcKLS0tIFB6dFVzVm1oTmczYlgrVmphSngy - NitRanVvVS9XalBxYVJjT0dhSEVMK2MK4+NFlbWqdCEDSln+gSIsCqIsYwRXb/aN - 8GW2+Jl/4zrPiM6vG0s9IxZq/4qJkIO9UX1AIFuKemz3S63WYcpE2A== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJRWJXR2tYdEd4cTZsSi9l + Tm1pSC9pek5BakpEMlkwVTcrMlBuVzlXWUVrCmlnV0xJc25nL0twK3VCZ3FRK2x2 + RW52Q1NxWUhTUGY0NnQ0WEhLMWxIcFUKLS0tIG83eVM0KzdLQ004aDRKNTYvdmVZ + d3ZOSStBMFpSU2ZjNWhFRkREQWlUdmcKggVvLy1mLYGf8084RQtlipS4+z4dfPsN + HZfid0srwYnezlQ5qOY8/HrDLWHEyuZ4xFZVi4n0k49qBpNwJdmvyQ== -----END AGE ENCRYPTED FILE----- lastmodified: "2026-01-07T13:36:39Z" mac: ENC[AES256_GCM,data:KYqOMm6Xk04/1nwEXaX+Htkovwa+RbHtZH3Nd9S/K1bjdZZESpka7Kxib+mf9ezBnTdJTBzwacf0bgQnU+rpQWxBvWz65K8RAHcJms0JoNYEPWJkIeG9/KdV2iefPcml5SOFID8Xr/KpISfnayS4CGUWRFU8DyDtb30g9DQ2Peg=,iv:3QT6PqinySd6lUWBNxpxBxsY7VVmrnFqUxjLbsMMYR0=,tag:SLkWHWnnxNn0j+lnGnJGeQ==,type:str] pgp: - - created_at: "2026-01-12T22:05:26Z" + - created_at: "2026-01-02T21:12:51Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAwDh3VI7VctTAQ//XiTwGjbH1zmdMP9/hLdvavEYfiVKD6TjtMiSKrGMOa9h - VIr7DRjrIzYm6E8j5sbpEFRNIjOu/vcHvr5NCoZN0tmwqXvbi56RE/QypbZcx7nt - fGtOj6hgFdm3deWU/JCx1uAXF0fFiyy7G0+YqrZEfzihaOzyPrUp6uqu+Bb4Eli2 - 2CuupTa6zBP1kAzJKToT+F8pGFPHGk4Ji55wWQTnaRe24A4xFQryGhAGTkrnMxpW - 796XN18IqRXcpvg4tOEADILzmjJ3WcNeYi2oF4WSqpRDUadEoUwWWo5Zdtt1SGFs - H77wIAArmoRHsPWojfjWGQNi6Xcfazy1F8HocaanEJ/dV0MwTiIfhXjeZSevo/WP - VDs1UsITkBGpG7FF1sYZv/9GhL3CE74e0LuAifx14tmPhRk46vAnNXjR3vHNSR8+ - iREIAZXluLnhWn63bC9TGBm2ROEP0hpXVyHELiBXS5Pa36DaPDnrJVxehjzwerTC - Ow/R7GkqAPDHqtOcXNpt1hJtMETKmZ8lXcauZWBWCHgHS2nDTBv03zsfk+7GwCpj - O49Gr40nxU4rSxPqoMuwJY1A4/dYeEAC0QpuDnddPq3O0tHgcvlFYgw4Tb0EAtWf - TYUN7hd6WCHc4QUjmoLq2b5Lt5DpNEfPhAqWX3sL9bEr1EBKRxuGxF1WuJ1Ki+2F - AgwDC9FRLmchgYQBD/0aedT/5S53nq2U49lJNxXhlo6X3bD9TD/NAmooQeiCqFgJ - xY9YJd/Z2eboKOQwoySXozrIM797WfIZ0W8ywUnGfYnboncojiQfASMvW483EHum - h3KdpTa2IOZ2cnqJmUQZrGVO7iG+gkiLXZJpRupGLp+XLVVaN7w4mN8bB1anQT4S - yn0i3+SFBstDgfFjHbvt7nrWE5KEavCzLbYAO5MJ0JYs0ei7ScZeyI0q0IvwaQLm - HL0cbnVXyrLtj70UpbgrIemRMZqjyGZ5IPmx62ssc7CuKgvnT76ybDmcw/REs1qv - bCibxeBaiWBAhZPz5bHEcTnFQgAFdqiycoXRXYgTUgM98tHjTv09sKTVVfZnxcMr - I+ca3bHXb7OxZjaoeYFqqV09vyBnibqVVJ9BsyLsRZtUSN5Fwih3d3Vw25oA/UOU - DCvwjL/V1gzOgLqfRWJRBxdNWbtbmzF4SbyK/P62PPX8pVE8EZbsISJZOkUajKXX - 5aT/IvDUHjo7aVdK8ulMK/ljlHyAM/DgqnhxnVCe6xfQMiEVB2iJwN1925eDm3MY - N0UAItV6SR4FaXLnzEsgO2Hkks3nWKVjdjGU++9AOawKdORLJPvrP+apxuftxb6k - szB6s+r59yjxVugKM8IHEPvUZ6n75Kr/FiQZP6vPnBMgh6vfaYcAXs3FvwBR29Je - Acfyypf9TzhI/s1a52FCX96etZj3e+CmLpBJVbbALPpWnggGKCcKpkIxEAa+CAoR - ZOZj1ZjcdHVc84U3lma8yi66pK9J1sVb2Td68oN5Axma0hQwG1GIjdfTPWklbg== - =Dv7n + hQIMAwDh3VI7VctTARAAmvkQ9V14f0BT/bNdFVZtTlY4yVon37CX32SZPUcHV7o8 + Dya0sZd9tuVATSv79TnybscuNx95fkoZJwujBfAadexn2zY8zl1oEWEHx7p+8/mE + W8JbQAjbcbX9sNQYXc8kYJylBThmgNN/HXK7CGtgDFr9xnGzDBnDm/M31P1HwYBm + IdIQgFGErEt1K3xvw28Lk3tPuZLK3Y+H2Yna7RRF6K1blGJUvEnL6yFdA10/eFW7 + 8066mO26F2l5xFuktK0nNeniLHKa5VVYp8iM+JMhX38l0wiIi8pGyxo3uAjNpa0w + IfpCneEBe/yyaUPcWMjXmUG5LJe3kWUup8cSzvu01Z3W159/QsflxIMkIsklqhim + B2zuPdAlYsjjS/05DIHInN2IIB/rjADkQvXji1XYLhWJj4jxDeck/UIc6Q22TED+ + autlbl8d/5sqyO5ghPpShF/s0vMTqUfpXZrDrbuyDFqCfwi0ahP03bUsv20ZEz6u + zG3K5HuXHh7ATSppwuMbcv7vcjF1tkbo6XhWZDv0rY0DFWqiYhnxWwlFlGLxf4zX + g6r7Ca/E/YXG/eOET6M9DxwHjj0D7u/ryAkCktqPL9w8oNGarZQ/xMx0+ocI3byc + Zvzlmd63BtgaGNSxH3stK29KN3ED8cDkG/JzAxCATWiUBBkqW/ga4sGZqtLlSO+F + AgwDC9FRLmchgYQBD/9JbFZie25PO2CyELlUWm5SmJcugT9SK/mIA2fe1PlA+Gnf + 5z9iXraMSQchz4R1IoiixDhubwKeKp/auqhlOPvo58Lsi6iDR/WaLWabD+hcyAb1 + ck/f/PUzTLhlLcfu18VPfXVzfnky3dX8P5aS0WMLAQblj2RaaiHxnPqf49kXSn3q + VSJ0pr0nEsPuWtoCkHUAwAJ8X5GPXN2OD4YbHsNaA9h2vrJAxNd5+HNsvg8JtI88 + X/uMM7cWcaXcmNZOz166HUIPcJ5cabJ48Sv8sDfMPOcTiJkMiESBnRYTwdUcp08m + nGipSrUeW3pVOC1bGyukZb6sF84pTtCpqS+kOSfKFlxFFdAEcpzFIPuOMeo2dbKj + GSGPDemZFC2yFq883yk9/mZbgjOUsqrj0ZP3rCD5ZHpfUM5IxGQ+mKaOucTXYmif + lrTPMYnAc7pHxKZ87BgiKBYrfRAZvorLYKv8zG8YagAUw8iCtc68YUUdvLW9haQf + rwWCU1z+sszYSac7I57gfqICQhMUbs1n9S2Cn0C0xo4q2Lu36ysip4rEVGg6TmUu + znXYu+3orodw2TwC0tGxXHYKwmlr7EGnBCbdVKpDoCbV6cYkDYoPUFg0alqIPd5r + KCkee9MaCLLX7IdBrbLf1lkHGwSAs81GfZRMLBauM7/hn+hMUeIJnMbtJnVIB9Je + AdT2nSH06+POnjvxa2t0dUasnG/6ISBRSk6FgBBZ+pdVlrvaB4javgWGpiAWCUu6 + b2CMZF3HullmLj+wwAKlsZsIOXGICN5GeQxLHYF8Kx7Doj68Owu/zGM5MS+7XQ== + =wYdb -----END PGP MESSAGE----- fp: 4BE7925262289B476DBBC17B76FD3810215AE097 unencrypted_suffix: _unencrypted diff --git a/hosts/nixos/x86_64-linux/summers/secrets/jellyfin/secrets.yaml b/hosts/nixos/x86_64-linux/summers/secrets/jellyfin/secrets.yaml index 0f284c9..9f10fb0 100644 --- a/hosts/nixos/x86_64-linux/summers/secrets/jellyfin/secrets.yaml +++ b/hosts/nixos/x86_64-linux/summers/secrets/jellyfin/secrets.yaml @@ -1,56 +1,56 @@ wireguard-private-key: ENC[AES256_GCM,data:5o3vhdHriS1Iau5/wS/QM2IKlIGn1Aua+M9blroPrOgfBWLtLxzhBcAzJ/A=,iv:zv4ZvP5gIJ5Y1dC2H0AqqMRIGFE/QJ8ztp6yG/QfDZE=,tag:W6BWuHk594xqd6WwEN6n4w==,type:str] sops: age: - - recipient: age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u + - recipient: age1wmx8y2hs83j2u5srdnfxljrzxm8jtxl6fr0mq7xf2ldxyglpzf2qq89rpx enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzbGwveGRMZ1pGRkJXTlB6 - cVQrdng4VHR1dUo5WnFBUTRSUERsT3ZmcTJnCjQrUWpaZ3JwNVYvOEMyTUNGTzF2 - VVE0aldqcWR3ZitNamloVVRCYVJEM1EKLS0tIGVGTEF3RDNJRGtzL0NtNytKd3N2 - d1kyZnhFY3llb3BCVjZqK3Z5WXMxMjQKrRw1Bc1TLgErVOgwfbAvZPFJiBfOExGl - Sri9+si8AmsqmtjRsXOHesI32LrCgJfSAnxUZgdXzJQeaIyhnxvDog== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBMEM4alliWlBCT3VsbVA5 + OGt5bmQvZW1TaUNkbWtFdzVGNDNpY0hBOVhzCm84TldYNHBrU01HMlBkbGNwZFAw + WVk0T3FycVRHUUNtM1pTYkQ4Qmw3RTgKLS0tIE9LUlNEVjJHOGVIK1RSMmRXUDF6 + QlRKY1hRVzNTVXhESUd3OElXL2pBZXcKDWYoOzi2b4qeIbCVCfTj0lTW+OfbnsXB + 8MugCHu7+b+ju0v/lUP66jDW9/2AH4PzHtCNHjsafyzr2qnW8HlOzA== -----END AGE ENCRYPTED FILE----- - - recipient: age1fnvlmhzju0yq908xtgags0sy85q3tacl2sc3w3vdd3yfp27xv5aq06v948 + - recipient: age1c2enwel9un28dcs4wg0vcyamx9a4a6g3walkhu8w5lqhmd804paq9d24as enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGazRvZnczUVp2MGhYOW9F - UkJlV3pxMjM5VkVwaEJMZFZTNmE5bDdxUHlBCm1HY3lVUVIwNGNUUUhnM2ZseVlj - ejJJNi9OTnhBZjJTbUsrUS9rd2d6TDAKLS0tIHNIMGpwT01BS2gxODZQMUhBUGRN - NE5IWnpBQUhsK3BVUjFOQUZnOWw2SlkK5KKCFPVNSM6ceIIMtmLqBUNyasu3y7Y1 - 6FR9AFTK/hP6s71OdVEChEG6GX3Gsm8ym3AiSFF573wfUPs9GM9gXw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJRWJXR2tYdEd4cTZsSi9l + Tm1pSC9pek5BakpEMlkwVTcrMlBuVzlXWUVrCmlnV0xJc25nL0twK3VCZ3FRK2x2 + RW52Q1NxWUhTUGY0NnQ0WEhLMWxIcFUKLS0tIG83eVM0KzdLQ004aDRKNTYvdmVZ + d3ZOSStBMFpSU2ZjNWhFRkREQWlUdmcKggVvLy1mLYGf8084RQtlipS4+z4dfPsN + HZfid0srwYnezlQ5qOY8/HrDLWHEyuZ4xFZVi4n0k49qBpNwJdmvyQ== -----END AGE ENCRYPTED FILE----- lastmodified: "2026-01-07T13:36:40Z" mac: ENC[AES256_GCM,data:Ep/6toPN64tEaCGEnO8dIUd14x5JB5TSfw9A5J3KFkhCAhCoMW29yzuqHMy7iBRwS9VqJS3R0g7SL8x6dIzsHmT9sZ3m0gihGZsM9Psc24NOi6iWfOLyNApwTsI+LhL1CEcspb/quvm4Nh+xSnYXhap+3+rPtMGpyVtgyNgN2eU=,iv:zhi6NU4lPOJ+X5KIbVpDS3mz418psH9nu8qtguKQ7po=,tag:FjePycuZddog47Wwmu94wg==,type:str] pgp: - - created_at: "2026-01-12T22:05:27Z" + - created_at: "2026-01-02T21:12:51Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAwDh3VI7VctTARAA0bPcknehmkuWwEODvm6Y8L/a/R3QyZWOnFYQF1RCeJ2U - w6VAkCLRjog8cpi8CiWLUY8JJo2Ui/Ei+0SiUYUuaxkIdlqonhddXa1VxOANRLLd - OIguTv+YQtGuZF6vmlABtV3ntUbC590iuZdHHjOa6BUBLFWJgqBNe4Adkrj5WP4e - 76uZgFTEtBt0paaijd7HuIhdYiAbM9pOKkWRbuHNqlMSdbJJSFCVspL6oBwHWJrs - xPCUVZIRR2rVjaj9VoQPKAucbLyxBc7TQVpZQlMNSJTNGRmeCaj2Dzm23rAvRch9 - 0t8YGsiovwDBe/JZLQPliqEYjIvst1r9+Fjd1YYuwPFJlYQLL5hj3tVL/RJ/XiOu - 8r4ftgKbwon9KMQCUALXvHzPnD/3+YzdXk2jr6/B7e/N8d93P46xIivCtu3wN+yY - zkpbJbtjLzyQ2Ixazo9zVFmammoGLt/amZdBwD1DRWNI1dE6a7l9Kelza6S8XEwg - 5OQ3bQU/n5/adjmyP3wdQW+1+lIZY0F7CQ1Lh0mBNFe84jVus3tg/sExuTD+rVpF - ACUKaoNhEK/S90TUMVTbRL86wSTE6gsdgg/NB2BS1W0rGnxpCAr49stebWRT+lCM - ic3qvni6b9EDz56bWYOWjPwsKjdxgnXTmcMHChDCRwoGNsJcDj3CxXiG1B48ltiF - AgwDC9FRLmchgYQBEACeYohAxHIrt66T7PChHNbvADgC9u+Q4fnk1w4sSZHYxcxk - r4UB4ocJb25VmUh8JhJTY3E2XmtsViMoSlu05cGyOsg8afgadl4Q35KXWhaU+UyV - n+gUWHycZxy3cyaa5o7m+Xk/jlz+dBHf25F2iUT0PVacQ/idjfSY/nlt9GhXYJfD - 5MVwLfJKgJ71xatgHwI60hg+a/im2TgP2t25lVlNotDoLfuGAXuCISLdtIN6k+xq - rX0spBd2PnF19joXqb+m/OTOM+4l+PcKAWcbkL8PWnUSO9w87soIlE4HdMN3sqlX - HJVuyI+Dra97P9ALr+z3jyzoObgQmx72xt8jGGxdMLbhDmXpYWJ9TnTMxOwF5/T9 - HUpg1cipbz2hCuFC2TtCyoE1yzZIuNvzyMRapK4yGwdeBlTzPBOEWVVokd5GS7wj - r9aqWDDbeC+oPTtufIcxRup6USlX3eEIVtF2zFPyg82XJKzzIT/4x4sY1pulm7NZ - fjHZNv6h2PUSfVqneMr92ViBPyn6nU5YA++6n60LAkntNSoDWtSbIi8hpQa1XIVs - LPGi3z1TVNO5fZtzXJFfyKID5dd9l4/Xjm/IBOXbLrVTJgb98Iop2XfssJhAxjGp - ydV7fxcUrVh9RbJe4NiDTFE5Pw9t+f0QxQnSyFcsS1jC+g786MPbM81X4Q/cWdJe - Abdk26c22iMEpRch7qJxo9tddXrao5P10Tr3FSy4WEUDScglb75NGxgTXloWNaiL - pKS56PaycTEJ7y2rb8T3e7c6dJj/Kx2N1rkxikI8UYO9DbRE1AU4czgVwRLUZA== - =hRaf + hQIMAwDh3VI7VctTARAAmvkQ9V14f0BT/bNdFVZtTlY4yVon37CX32SZPUcHV7o8 + Dya0sZd9tuVATSv79TnybscuNx95fkoZJwujBfAadexn2zY8zl1oEWEHx7p+8/mE + W8JbQAjbcbX9sNQYXc8kYJylBThmgNN/HXK7CGtgDFr9xnGzDBnDm/M31P1HwYBm + IdIQgFGErEt1K3xvw28Lk3tPuZLK3Y+H2Yna7RRF6K1blGJUvEnL6yFdA10/eFW7 + 8066mO26F2l5xFuktK0nNeniLHKa5VVYp8iM+JMhX38l0wiIi8pGyxo3uAjNpa0w + IfpCneEBe/yyaUPcWMjXmUG5LJe3kWUup8cSzvu01Z3W159/QsflxIMkIsklqhim + B2zuPdAlYsjjS/05DIHInN2IIB/rjADkQvXji1XYLhWJj4jxDeck/UIc6Q22TED+ + autlbl8d/5sqyO5ghPpShF/s0vMTqUfpXZrDrbuyDFqCfwi0ahP03bUsv20ZEz6u + zG3K5HuXHh7ATSppwuMbcv7vcjF1tkbo6XhWZDv0rY0DFWqiYhnxWwlFlGLxf4zX + g6r7Ca/E/YXG/eOET6M9DxwHjj0D7u/ryAkCktqPL9w8oNGarZQ/xMx0+ocI3byc + Zvzlmd63BtgaGNSxH3stK29KN3ED8cDkG/JzAxCATWiUBBkqW/ga4sGZqtLlSO+F + AgwDC9FRLmchgYQBD/9JbFZie25PO2CyELlUWm5SmJcugT9SK/mIA2fe1PlA+Gnf + 5z9iXraMSQchz4R1IoiixDhubwKeKp/auqhlOPvo58Lsi6iDR/WaLWabD+hcyAb1 + ck/f/PUzTLhlLcfu18VPfXVzfnky3dX8P5aS0WMLAQblj2RaaiHxnPqf49kXSn3q + VSJ0pr0nEsPuWtoCkHUAwAJ8X5GPXN2OD4YbHsNaA9h2vrJAxNd5+HNsvg8JtI88 + X/uMM7cWcaXcmNZOz166HUIPcJ5cabJ48Sv8sDfMPOcTiJkMiESBnRYTwdUcp08m + nGipSrUeW3pVOC1bGyukZb6sF84pTtCpqS+kOSfKFlxFFdAEcpzFIPuOMeo2dbKj + GSGPDemZFC2yFq883yk9/mZbgjOUsqrj0ZP3rCD5ZHpfUM5IxGQ+mKaOucTXYmif + lrTPMYnAc7pHxKZ87BgiKBYrfRAZvorLYKv8zG8YagAUw8iCtc68YUUdvLW9haQf + rwWCU1z+sszYSac7I57gfqICQhMUbs1n9S2Cn0C0xo4q2Lu36ysip4rEVGg6TmUu + znXYu+3orodw2TwC0tGxXHYKwmlr7EGnBCbdVKpDoCbV6cYkDYoPUFg0alqIPd5r + KCkee9MaCLLX7IdBrbLf1lkHGwSAs81GfZRMLBauM7/hn+hMUeIJnMbtJnVIB9Je + AdT2nSH06+POnjvxa2t0dUasnG/6ISBRSk6FgBBZ+pdVlrvaB4javgWGpiAWCUu6 + b2CMZF3HullmLj+wwAKlsZsIOXGICN5GeQxLHYF8Kx7Doj68Owu/zGM5MS+7XQ== + =wYdb -----END PGP MESSAGE----- fp: 4BE7925262289B476DBBC17B76FD3810215AE097 unencrypted_suffix: _unencrypted diff --git a/hosts/nixos/x86_64-linux/summers/secrets/kanidm/secrets.yaml b/hosts/nixos/x86_64-linux/summers/secrets/kanidm/secrets.yaml index 67cc06a..5eb407c 100644 --- a/hosts/nixos/x86_64-linux/summers/secrets/kanidm/secrets.yaml +++ b/hosts/nixos/x86_64-linux/summers/secrets/kanidm/secrets.yaml @@ -11,56 +11,56 @@ kanidm-freshrss: ENC[AES256_GCM,data:t2iIWLeyChAPFKfWeLkEnWC0zbpuSP/tmQ==,iv:fPp kanidm-firezone: ENC[AES256_GCM,data:/at/1dhYtPzeh6F7/juE1XyY6abq1OQIgw==,iv:Qp1QXBKHYoDJfTbZZYDRcdM+/GFu8WonhO6uSI7NdVA=,tag:lvSei5/yGk3aU7HX9KOgaw==,type:str] sops: age: - - recipient: age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u + - recipient: age1wmx8y2hs83j2u5srdnfxljrzxm8jtxl6fr0mq7xf2ldxyglpzf2qq89rpx enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSc09FTHFDcWxidTFWTGJ5 - VEc5MGhEaDlvZzVXVVQxQ1ltcVJuVDNHaEg0Ck40UldXamFocS9zZVhicjQvMjcv - ajRuTDRiWUlJSEdaZHhjNEdPSUsxUncKLS0tIFJvdDJiL25tNXd1U0c0V202VGNr - YVoweFo0MWp3SGpTT3lDSzljL05MV28K3AH/JPtkI/zcJILPYmY90bDNplj8H9/h - 1Nn1ceS5frxOCYN8b2wS42NupId2yhFojfbJAGw73unHp+CJaNfnNQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBMEM4alliWlBCT3VsbVA5 + OGt5bmQvZW1TaUNkbWtFdzVGNDNpY0hBOVhzCm84TldYNHBrU01HMlBkbGNwZFAw + WVk0T3FycVRHUUNtM1pTYkQ4Qmw3RTgKLS0tIE9LUlNEVjJHOGVIK1RSMmRXUDF6 + QlRKY1hRVzNTVXhESUd3OElXL2pBZXcKDWYoOzi2b4qeIbCVCfTj0lTW+OfbnsXB + 8MugCHu7+b+ju0v/lUP66jDW9/2AH4PzHtCNHjsafyzr2qnW8HlOzA== -----END AGE ENCRYPTED FILE----- - - recipient: age1s5gcxtatd9frwctzwg54fqycsx2sa73ll36k7qrpm9wwyknkldtst90gn4 + - recipient: age1c2enwel9un28dcs4wg0vcyamx9a4a6g3walkhu8w5lqhmd804paq9d24as enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB6WUxEWk94ekRXWGNoQVdm - K1A5cVJLUzNZK0JXMmJacGI0Z3Z0Nmo5KzJRCk8rZ0JINlpRbnFKMmIwejhyeldW - U3FWS1M4K1FZQzY3Wks0Ui9IRXA5TlUKLS0tIG9PQWhDR3ZXaDBLZVBpandxSXRO - Mi8zVFlmbldWVFZPRzV6eWpWMUZjMncK1x41Dvs5LXsSKdg69CPQJ44/x1eNwSHz - xGNb5lgtduTF7mDtlNnp+QdDYVLnMQCiwlUcYeyckej1KAdvOM2Sog== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJRWJXR2tYdEd4cTZsSi9l + Tm1pSC9pek5BakpEMlkwVTcrMlBuVzlXWUVrCmlnV0xJc25nL0twK3VCZ3FRK2x2 + RW52Q1NxWUhTUGY0NnQ0WEhLMWxIcFUKLS0tIG83eVM0KzdLQ004aDRKNTYvdmVZ + d3ZOSStBMFpSU2ZjNWhFRkREQWlUdmcKggVvLy1mLYGf8084RQtlipS4+z4dfPsN + HZfid0srwYnezlQ5qOY8/HrDLWHEyuZ4xFZVi4n0k49qBpNwJdmvyQ== -----END AGE ENCRYPTED FILE----- lastmodified: "2026-01-08T08:02:14Z" mac: ENC[AES256_GCM,data:YRVfa2nuKJ392zbrVDB8XILDa7zsdmdKak4tXAiru5SY9vGzY68sHSu1R0pBr0RxPZ4Z0NYyvJwiH1ni2PKabuJzAIyZLV0KL6ekKIFg2B+2o5nMUT2s2+7yjQ8VJ9nZSdjN+Qk4O9yF3L6GTg3CMKk+wahrySAPuyMn4rTMzcQ=,iv:JoGWfR4Ld0QsTIWnm5bZKwma2vPutEsSL0x6Siz5eGY=,tag:zzGyZs2wSwEo2yTUgKgcpQ==,type:str] pgp: - - created_at: "2026-01-12T22:05:29Z" + - created_at: "2026-01-02T21:12:51Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAwDh3VI7VctTARAAsHsyz+edy6SFpx2p0aDsDGl1i1ehNruViAWEvFhuI59E - LGzqXZ+U1MN+O1s7Jyyv6CkbOXvQh7G/ebJVPViXz+fSS7XL0R9vLfJpvGbSGQSb - n+vCODar0cBQrqw+fa2LgoAILfyeSAemh3Ezu6NyI1T895RnS6Ns39C0//6qUYIM - QPoAVzCUFm3bb/5b38K8DhiXMpdaltdxD3RK20k9nUCde8+LRV7KiBfHZgmjX3TF - AK6078wXbmuyh9qIqJp4oQG/HBk2AbExGPsYTlmTJTcPUsN2iHE9s89G+lUm44+p - utCxf94b87gZuYaYRumrU2NtB+FJQg3UEq65CZB+hDGUg6G/jHmrAfFjzfq3gfI2 - NJL6bboUKdsrv4DKxNhnOA06RYgmoYh1K8OGZYruWwDBiPX8Reo7o51N0WkA5zhe - //iySBRY4js5QRwkz1HZ6JkK0/ag90GHKAdFxaSQ3RGrWKfzwypgvRgUHnFRv9am - sjYEI26c9srPUu7Q2bhBI+iO5pbiWvA7JGa0t1Sn3bMjCh/1tjgn8wyIqHQySwee - Mqu1BUufsYvU7aD8tUCqbSvT5g1LgoZovod923rY3P9e/jrOAQox3Ua2aKOGb9XD - C2hZb9H9n+4Nlh7h0m2wvsWWpvYjWo6uvJEfFrXwPzHP9s1A0/EaKEt6n8CkASWF - AgwDC9FRLmchgYQBD/9uUz0LLwg2G5EIV701wxQ0EPu8zVhVB9xl+4GBJ9mNDTT1 - P/4d9PCneah1lsxfw3p9SD5DWFwJm3YIqOr1OsiYqGKbH+GnrqoH+mDHCng+TgLR - 7cd0hCrjnYVBgiu5LlO7a8UgTemIhMkPRNOvzToecOwcJeCgLQkhJQ4bV5Z3cvxp - yI/tHcbmnXx1hmpNhDm5Hzbp9Yztv0YfXdem4jknl4aw+U8sTIq+HV3DUCuM23tT - 8wPKaXrAqq8ksMi20SQ5i7Ee2BIKxw3gNL7uGCg6asIvWtguTurKLRjXEgkcGoFr - 33RA420JoK1d2uDy1ksyfN3qW5ZknXgaoH2A/8DzB6L4k8I9s7MZareK63jEd9pq - uu/VKUoKbDXJd7j3UcS7+4TQlKN6qCpx8MZLcWWnLT8J4UHBeRwv+xO5F/E/N17E - lTJF/I7nkkdarlFM7jNTYTz1+Gc/war+E5L3UmgB1gVDDTn5vLKjM8ub/rdgeBCD - RE+p5KjvcsI8U8wWvhZIrLiZggNY1MANGytvICRWnpGSN2XgBMoTdrNJDTy4TiL7 - SlXH+GF25bx0H0MwV82KrWC7VbbhzcuXnO5ZybJmymlCPYKMPZ7PtuoUAv7ksUXh - UQUAe2Oigm2WFmAIWl8GCRltOKAfoDKmujJnIaOx8y32XM1dyPzk3i9K0uAjT9Je - AUw0GQ0X5FspwHYpHWeGC7FX4CNvM16BZdygt6BZlMvUMw/vm1ojz73mltc9xI0I - NlC8ou//9vW4FYenpYxnu+6KHi+9dAGp0D0vrsNp0by6EEcO3EwzfRCaZVfO7w== - =oNjr + hQIMAwDh3VI7VctTARAAmvkQ9V14f0BT/bNdFVZtTlY4yVon37CX32SZPUcHV7o8 + Dya0sZd9tuVATSv79TnybscuNx95fkoZJwujBfAadexn2zY8zl1oEWEHx7p+8/mE + W8JbQAjbcbX9sNQYXc8kYJylBThmgNN/HXK7CGtgDFr9xnGzDBnDm/M31P1HwYBm + IdIQgFGErEt1K3xvw28Lk3tPuZLK3Y+H2Yna7RRF6K1blGJUvEnL6yFdA10/eFW7 + 8066mO26F2l5xFuktK0nNeniLHKa5VVYp8iM+JMhX38l0wiIi8pGyxo3uAjNpa0w + IfpCneEBe/yyaUPcWMjXmUG5LJe3kWUup8cSzvu01Z3W159/QsflxIMkIsklqhim + B2zuPdAlYsjjS/05DIHInN2IIB/rjADkQvXji1XYLhWJj4jxDeck/UIc6Q22TED+ + autlbl8d/5sqyO5ghPpShF/s0vMTqUfpXZrDrbuyDFqCfwi0ahP03bUsv20ZEz6u + zG3K5HuXHh7ATSppwuMbcv7vcjF1tkbo6XhWZDv0rY0DFWqiYhnxWwlFlGLxf4zX + g6r7Ca/E/YXG/eOET6M9DxwHjj0D7u/ryAkCktqPL9w8oNGarZQ/xMx0+ocI3byc + Zvzlmd63BtgaGNSxH3stK29KN3ED8cDkG/JzAxCATWiUBBkqW/ga4sGZqtLlSO+F + AgwDC9FRLmchgYQBD/9JbFZie25PO2CyELlUWm5SmJcugT9SK/mIA2fe1PlA+Gnf + 5z9iXraMSQchz4R1IoiixDhubwKeKp/auqhlOPvo58Lsi6iDR/WaLWabD+hcyAb1 + ck/f/PUzTLhlLcfu18VPfXVzfnky3dX8P5aS0WMLAQblj2RaaiHxnPqf49kXSn3q + VSJ0pr0nEsPuWtoCkHUAwAJ8X5GPXN2OD4YbHsNaA9h2vrJAxNd5+HNsvg8JtI88 + X/uMM7cWcaXcmNZOz166HUIPcJ5cabJ48Sv8sDfMPOcTiJkMiESBnRYTwdUcp08m + nGipSrUeW3pVOC1bGyukZb6sF84pTtCpqS+kOSfKFlxFFdAEcpzFIPuOMeo2dbKj + GSGPDemZFC2yFq883yk9/mZbgjOUsqrj0ZP3rCD5ZHpfUM5IxGQ+mKaOucTXYmif + lrTPMYnAc7pHxKZ87BgiKBYrfRAZvorLYKv8zG8YagAUw8iCtc68YUUdvLW9haQf + rwWCU1z+sszYSac7I57gfqICQhMUbs1n9S2Cn0C0xo4q2Lu36ysip4rEVGg6TmUu + znXYu+3orodw2TwC0tGxXHYKwmlr7EGnBCbdVKpDoCbV6cYkDYoPUFg0alqIPd5r + KCkee9MaCLLX7IdBrbLf1lkHGwSAs81GfZRMLBauM7/hn+hMUeIJnMbtJnVIB9Je + AdT2nSH06+POnjvxa2t0dUasnG/6ISBRSk6FgBBZ+pdVlrvaB4javgWGpiAWCUu6 + b2CMZF3HullmLj+wwAKlsZsIOXGICN5GeQxLHYF8Kx7Doj68Owu/zGM5MS+7XQ== + =wYdb -----END PGP MESSAGE----- fp: 4BE7925262289B476DBBC17B76FD3810215AE097 unencrypted_suffix: _unencrypted diff --git a/hosts/nixos/x86_64-linux/summers/secrets/kavita/secrets.yaml b/hosts/nixos/x86_64-linux/summers/secrets/kavita/secrets.yaml index 76f3cfd..ffc70ab 100644 --- a/hosts/nixos/x86_64-linux/summers/secrets/kavita/secrets.yaml +++ b/hosts/nixos/x86_64-linux/summers/secrets/kavita/secrets.yaml @@ -2,56 +2,56 @@ wireguard-private-key: ENC[AES256_GCM,data:rZ4bOiYyBa2Pq9TuxNRifoZ9uRSeL1cRA2JK1 kavita-token: ENC[AES256_GCM,data:yKwv9L24Ek4q8KNaTJcW3Xx6d1GCnEZ3LS+GkW2i7C+eE2XgBuG1Ff0L8xcdTPGFVkPPb2bvCP+CKVgnSVd5W+FFek/XQtVcFgWQVDUjG4mBbonQ3VnTKw==,iv:b/UfgHVBviUEMtt4Q6RQSkTVujH+qMIyuiZxD4mwMTc=,tag:rIVUGYOluyXU8fEd/dgQEw==,type:str] sops: age: - - recipient: age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u + - recipient: age1wmx8y2hs83j2u5srdnfxljrzxm8jtxl6fr0mq7xf2ldxyglpzf2qq89rpx enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSByVGpSZzBhMElPZDVxQURn - Nkl4ZzU4SjVYRG9rYTBxQVNyQ1g1YVo5eURJCmorQzljcmtHRkwrajZOemR3MFRH - WTVnZkE4SGZ6YVlyd1RXak1TZ1huRk0KLS0tIDFacFBabHZUQlBrTW9SOHJTWG1K - Y29uUjJnYkJHNEl6M3NWMkF1U3N5N2sKKA5+GygCOBaISqK5SRL51q6YfjuXWr0z - bXpOVdppHXYWNb4jdR9yxc8KEf2T+eMHJtZF9/Ub6oRxo/1a5fmvOA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBMEM4alliWlBCT3VsbVA5 + OGt5bmQvZW1TaUNkbWtFdzVGNDNpY0hBOVhzCm84TldYNHBrU01HMlBkbGNwZFAw + WVk0T3FycVRHUUNtM1pTYkQ4Qmw3RTgKLS0tIE9LUlNEVjJHOGVIK1RSMmRXUDF6 + QlRKY1hRVzNTVXhESUd3OElXL2pBZXcKDWYoOzi2b4qeIbCVCfTj0lTW+OfbnsXB + 8MugCHu7+b+ju0v/lUP66jDW9/2AH4PzHtCNHjsafyzr2qnW8HlOzA== -----END AGE ENCRYPTED FILE----- - - recipient: age1d89878cvt7wsa07ydwtexspku5gppwstrpnpph4ufx5pcd4fadyqgf6lvl + - recipient: age1c2enwel9un28dcs4wg0vcyamx9a4a6g3walkhu8w5lqhmd804paq9d24as enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJcDFETHJjQkRDYy83WGJR - ZHdvbXorM3ZBSDRkV1pMb2xQSzI0Uys3aVhRCkpJQ2xnUVcyMVRFMHI4OVVqcFEx - clVZR1hrTGFEbVpaRUNleGU1aDFOYlkKLS0tIDhEbFFlUEZjUlpjWUpTd3pQTy9D - cmtZcHpBRTZCRXFqZjFBekdKRlorWmMK5D+TK1M4FXDh7v7wMH/sEmI+nzbMrchp - CPHs/Doxnx5lSXmXcqRC0HedbLJ1GQ1kL7PxRlAAsUg/UPN/OXPW6w== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJRWJXR2tYdEd4cTZsSi9l + Tm1pSC9pek5BakpEMlkwVTcrMlBuVzlXWUVrCmlnV0xJc25nL0twK3VCZ3FRK2x2 + RW52Q1NxWUhTUGY0NnQ0WEhLMWxIcFUKLS0tIG83eVM0KzdLQ004aDRKNTYvdmVZ + d3ZOSStBMFpSU2ZjNWhFRkREQWlUdmcKggVvLy1mLYGf8084RQtlipS4+z4dfPsN + HZfid0srwYnezlQ5qOY8/HrDLWHEyuZ4xFZVi4n0k49qBpNwJdmvyQ== -----END AGE ENCRYPTED FILE----- lastmodified: "2026-01-08T07:59:40Z" mac: ENC[AES256_GCM,data:MpnXoqLkHYbPHvA6ZdfgJ2sPzM/BtmhbzEjymvnUp4zLIojE15pTEvYKXOedr2RKYZk1BCF+ksfyyVgJxy+HFZ28baC3dPXRMAHH7InEkf144N2Kmodv2czohz45gnbBz38d2DBU1/7pbpktc2Iuw1bQZTBbg5xAw5Nkd3pzKJw=,iv:O2vkWIDuzKzStrDLcVnVnWBa8Moy48fPE3YeSlV1scA=,tag:OreHXW+REVZC6sOa0t7idA==,type:str] pgp: - - created_at: "2026-01-12T22:05:30Z" + - created_at: "2026-01-02T21:12:51Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAwDh3VI7VctTAQ/+KR1lX2Jc2XsR7qbHnRkvdAOtcV3ETYHj26zTuOt4YG2D - i1azOUcQA2aImfHj9jqB0SN2b2TJZ/JuVB0NqYG2oPtNhHzn/MtWLE8CCQN+dT4P - 3WyYjAeg4/LA9KysfdrIFPNfHGleaHHRpRBmWxSCLDgbdlcf9QLD8bHj2puKwVlv - 85KSMfdqQcfnI2ORfv68AkpO9DTeQhzg6YaJlePaM9ToUD20BfhhkRhCZqIbtpQt - OGr4oO6HyfE2cB0E16U0ICYnVbIyriNGkTM1fqMNVZ5MetmF8FAcxMZmOnEcDk34 - 7nnHuwA/129hsPwAIf7YnzAByPdMvDImAj6w4b+TfrEGqetqjrytGfi6BE97rwjo - CfOd3figRvBIPtwXwj5+WE3QgANVN10leJSLTqvWCX98XyMFS7A1yBuj4k0fhTk9 - z93TP6T9h3GitieiTFjMyz1dFt8WBbHbaOGz99sTsBFDWERSs6wx5OyUttLTM++N - iccyYTn0ETFZyEKaY6ZBCD3VH/FVepXRudM+822vcksy6PP2JcFm63k941jMltJA - t+MPQcX3haZp7UnIcPZ0bX1G7oiEcZNsp7vXVYZ3UBANWojqkfmQ9yE7x6mtC+Vd - 46/c4pH2mOJOETKguj/WkZrKbk4YlRKceUWYe2+ywKxUjGq3Q6nA0u9kfSn90HuF - AgwDC9FRLmchgYQBEACryx5GKRlJLHUlbnxkPoveKdWBdGrBDaNlGDy8qjhe7qPX - SriU7jgCq7ewpjEaxNZERSzhAhb1QC1HcqLwFwcxwNat+KbgkvKZxUixloE5Uk0Y - YUnekcLDjqh03T06dW6xlSyzICTRgd1YCSvT9qa3xTPyWhKFi36+VDrl5XqdDnlA - 4GZhSVXP887xneQYYBMyj4t4pIFpDVJ/6LxakmOr6o8TjfxA+4Wesd7Jy71EdEJS - kduGlGGxFAEXyAokWEuJhuD7L8n220/vHtY4FO5dGpuQZrHR5JQd+DAWXwj2ZMVT - DhXC3lBRJjcWACJ/6YiMoHLdmwuK91D6AmDCwunBlkHSiF1Rga+StnQQY3LOpP38 - GAZqBwqjVVYan0x+Z/yYZ0bGyNX9tJtw39yDOex6+hfZ/ciXnSYIb8FRcvbyKreG - wX/rdk1pOqHYXth4ghvodprFxify0ee7CYuJ73Gt7JelB7w2X3uepq3wc+hyptsc - v4feA/ZtKEKeeqaGuSA+M6fQw5ON2SrOTp6o9LTVBqlN1OR6gOik6Vh5NO88Olwf - 7OlosAIVwaFpA+45i/hftSgPghPKBgzrlclcg0KAxy0hZjbY4iqZZJgIbnEnGo7K - 3X4ml8LfrZuUSy99hNXztXZbBFt38QzxiUaQTzzKEJSbN5EjAsva3c+EoVr54tJe - AVO66ohfsV+GyAMgCbqKzIAOQPPLdgABcEtBoCSpH/fhEBfhffYEOdynKKP3IY64 - FQaEB+IM/7OofP8pSFYvvMz5qMb6zhkLMGgQvnTBm9abO4JoAAGzA37SxGEU3Q== - =BnuJ + hQIMAwDh3VI7VctTARAAmvkQ9V14f0BT/bNdFVZtTlY4yVon37CX32SZPUcHV7o8 + Dya0sZd9tuVATSv79TnybscuNx95fkoZJwujBfAadexn2zY8zl1oEWEHx7p+8/mE + W8JbQAjbcbX9sNQYXc8kYJylBThmgNN/HXK7CGtgDFr9xnGzDBnDm/M31P1HwYBm + IdIQgFGErEt1K3xvw28Lk3tPuZLK3Y+H2Yna7RRF6K1blGJUvEnL6yFdA10/eFW7 + 8066mO26F2l5xFuktK0nNeniLHKa5VVYp8iM+JMhX38l0wiIi8pGyxo3uAjNpa0w + IfpCneEBe/yyaUPcWMjXmUG5LJe3kWUup8cSzvu01Z3W159/QsflxIMkIsklqhim + B2zuPdAlYsjjS/05DIHInN2IIB/rjADkQvXji1XYLhWJj4jxDeck/UIc6Q22TED+ + autlbl8d/5sqyO5ghPpShF/s0vMTqUfpXZrDrbuyDFqCfwi0ahP03bUsv20ZEz6u + zG3K5HuXHh7ATSppwuMbcv7vcjF1tkbo6XhWZDv0rY0DFWqiYhnxWwlFlGLxf4zX + g6r7Ca/E/YXG/eOET6M9DxwHjj0D7u/ryAkCktqPL9w8oNGarZQ/xMx0+ocI3byc + Zvzlmd63BtgaGNSxH3stK29KN3ED8cDkG/JzAxCATWiUBBkqW/ga4sGZqtLlSO+F + AgwDC9FRLmchgYQBD/9JbFZie25PO2CyELlUWm5SmJcugT9SK/mIA2fe1PlA+Gnf + 5z9iXraMSQchz4R1IoiixDhubwKeKp/auqhlOPvo58Lsi6iDR/WaLWabD+hcyAb1 + ck/f/PUzTLhlLcfu18VPfXVzfnky3dX8P5aS0WMLAQblj2RaaiHxnPqf49kXSn3q + VSJ0pr0nEsPuWtoCkHUAwAJ8X5GPXN2OD4YbHsNaA9h2vrJAxNd5+HNsvg8JtI88 + X/uMM7cWcaXcmNZOz166HUIPcJ5cabJ48Sv8sDfMPOcTiJkMiESBnRYTwdUcp08m + nGipSrUeW3pVOC1bGyukZb6sF84pTtCpqS+kOSfKFlxFFdAEcpzFIPuOMeo2dbKj + GSGPDemZFC2yFq883yk9/mZbgjOUsqrj0ZP3rCD5ZHpfUM5IxGQ+mKaOucTXYmif + lrTPMYnAc7pHxKZ87BgiKBYrfRAZvorLYKv8zG8YagAUw8iCtc68YUUdvLW9haQf + rwWCU1z+sszYSac7I57gfqICQhMUbs1n9S2Cn0C0xo4q2Lu36ysip4rEVGg6TmUu + znXYu+3orodw2TwC0tGxXHYKwmlr7EGnBCbdVKpDoCbV6cYkDYoPUFg0alqIPd5r + KCkee9MaCLLX7IdBrbLf1lkHGwSAs81GfZRMLBauM7/hn+hMUeIJnMbtJnVIB9Je + AdT2nSH06+POnjvxa2t0dUasnG/6ISBRSk6FgBBZ+pdVlrvaB4javgWGpiAWCUu6 + b2CMZF3HullmLj+wwAKlsZsIOXGICN5GeQxLHYF8Kx7Doj68Owu/zGM5MS+7XQ== + =wYdb -----END PGP MESSAGE----- fp: 4BE7925262289B476DBBC17B76FD3810215AE097 unencrypted_suffix: _unencrypted diff --git a/hosts/nixos/x86_64-linux/summers/secrets/koillection/secrets.yaml b/hosts/nixos/x86_64-linux/summers/secrets/koillection/secrets.yaml index 6290dec..4f4e244 100644 --- a/hosts/nixos/x86_64-linux/summers/secrets/koillection/secrets.yaml +++ b/hosts/nixos/x86_64-linux/summers/secrets/koillection/secrets.yaml @@ -3,56 +3,56 @@ koillection-env-file: ENC[AES256_GCM,data:rELcMMdigW1SSCgyTyD4Tugqmv8nZCMnI1Pmwa koillection-db-password: ENC[AES256_GCM,data:GxqSXFrTR1am4vmJtW162v8ekM8=,iv:b4T8Rsy7HOnQt0OnFPuKKSByrWxzYKdIsSQntfbh9Pc=,tag:xZHJPexSvNQb9EgmTyxvEA==,type:str] sops: age: - - recipient: age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u + - recipient: age1wmx8y2hs83j2u5srdnfxljrzxm8jtxl6fr0mq7xf2ldxyglpzf2qq89rpx enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvMzl6R0tOQm96RUludWJU - TS9tRlJLNklZMkdPTElYR29IRGxZcE9XNDFnCmMxb1FmWHY2UmMyN0lldXpqUFZj - eVZ3RGdpUUZzNitwTXhCK2VnU0k2c2cKLS0tIFZNeE5vZ1JNdWgzdkRRY05DQU9O - V1BQeHFzZnVCRDFCLytxRmxtRWVrSEEKkzXol9r2TBJITL8mYtTpnFymYIpj7UMJ - RdrIn7k41fi0pzgROxKFg/HgDvquo4eNkI5WsOb+LnX/RZ/p69Of2Q== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBMEM4alliWlBCT3VsbVA5 + OGt5bmQvZW1TaUNkbWtFdzVGNDNpY0hBOVhzCm84TldYNHBrU01HMlBkbGNwZFAw + WVk0T3FycVRHUUNtM1pTYkQ4Qmw3RTgKLS0tIE9LUlNEVjJHOGVIK1RSMmRXUDF6 + QlRKY1hRVzNTVXhESUd3OElXL2pBZXcKDWYoOzi2b4qeIbCVCfTj0lTW+OfbnsXB + 8MugCHu7+b+ju0v/lUP66jDW9/2AH4PzHtCNHjsafyzr2qnW8HlOzA== -----END AGE ENCRYPTED FILE----- - - recipient: age1ayupuxlrkepyvjk7xwgrd0pvcj3tfcha688mcuc8ees2hg3g2ersd0q3nc + - recipient: age1c2enwel9un28dcs4wg0vcyamx9a4a6g3walkhu8w5lqhmd804paq9d24as enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBCSExMRnhucFE3eno3bDNu - VjJPV1FSTytwVnBUOGo1YzFoRi9HbEx4RlI4CnBhNEpqV0FzNDFpZDVrNVZRbkRj - ZWV2KzEzMjdDbFVBa2JoQitXZkdIb2cKLS0tIDdOZzZtY0ozNS93Y1JkZmQ2SlFJ - cjZiYU1qQUJoVFhGSEN5STVkUGkrMjQKhr4pF+7qjuo1t0wP8K8acJsPu8e+28/9 - E+ejqDL8XDOD0/K5aUWXHQk8lE/+w3mPSAypClZ/2szzeF76XJCTcg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJRWJXR2tYdEd4cTZsSi9l + Tm1pSC9pek5BakpEMlkwVTcrMlBuVzlXWUVrCmlnV0xJc25nL0twK3VCZ3FRK2x2 + RW52Q1NxWUhTUGY0NnQ0WEhLMWxIcFUKLS0tIG83eVM0KzdLQ004aDRKNTYvdmVZ + d3ZOSStBMFpSU2ZjNWhFRkREQWlUdmcKggVvLy1mLYGf8084RQtlipS4+z4dfPsN + HZfid0srwYnezlQ5qOY8/HrDLWHEyuZ4xFZVi4n0k49qBpNwJdmvyQ== -----END AGE ENCRYPTED FILE----- lastmodified: "2026-01-08T08:02:37Z" mac: ENC[AES256_GCM,data:rjxF+XnvVS7Yo39xXq77aeCMttnMaIOB77o7LrZdTMlcL+doTJFh9uOA0dh7vfP4Q9Aq8JWS7IHP1f4D99+uAKBf0BxCmapPgFnFxomFLqxVXYnF0iC85XGZXdWSFZY78Lo7Ilfn7ahyjcvJI4UUdshQVULbJr8cpJfR+KNM3h0=,iv:XNXXxHLQuncyHp7rPiyRXlYBoqfsv1OSv9Z+ktvFUzg=,tag:SFmFapugipfG7feXsuUYfQ==,type:str] pgp: - - created_at: "2026-01-12T22:05:31Z" + - created_at: "2026-01-02T21:12:51Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAwDh3VI7VctTAQ/+K8CydCXNDvfUCwILow8t6CNRmbEJ6ci+3JuAEwhYlfwq - XxUWWzl0asy6wNLs3izTv+puPFYcVWnbhK7+fgFIV4AotjrBRH9Xqh3irPJgoRsc - jA0pcfcdVGMrzsjFChoM4Lz6u8BF9jMobqsGo+yvttJf9v5CFGjVIVo4gLA1ZV9m - 34txfuZ6phOePCcs5ApmDJ2yuVSs+irAu5YkUXQI67RHstSwaRq48oZbTDnPP0bl - 2ZJM5GXdY3rXLLRHFj/skunwee6V9UPJe+hwiGY3j0oVZ4aQqHaQ8r5/6mD6Ba9N - bLLZsIHxl5gflQhnsejEUvwOzdivPc0X74Glam7QveeIyAhKxGXaBJ5UE3YV1GfY - FRlCLOwdC49DRMjZiF799BUxtvTLCwZVA77Lpg3E6egJb3hlVcdqx/GpRC8yZqG5 - WAPe+wYg8kxVAHWNtyWHhnQDYW4L/vQCzoAPDKUKQO8rh9LivcqensXy0O+Lb0nu - P1Lm8RGaZF/87FuzQrQbrO84TVgV6X1ZK26qTbZiBE2WXNtN+OTI2wSpQSn40rg2 - ifP865LtmE6yRvQAPcVwCa0/DK+GfJtVBXAOMZPYST/Di51Wdd+ze5TS0jIerZW7 - exl3cvGgxjNEKG+LZXfLB4k6pe969aZIaq7JhHVZ9vZCmgYLXVemSBUiZWx1nQmF - AgwDC9FRLmchgYQBEACHWLAdrmXaT7fcDjv5Oq7wwHLhK8L8cJOBX+EQ+nPtsYld - kZoKNJiQv0B50I00iJO5L5vuvgmlGSrrn5knTX8uswM/nMa+f0KeVGFJhRDt4+dt - U/HulFPtT58nWkaCiawWz7jXoBe6zcDN1TlmJI7fPHW+DoPi+V14IT/WIsgQ4PUD - cTbkvvMeMnYdV89RTQwponM6VTN0NFTdWofXIwQ+xyo5jsXTyYDO8HgmG477iZ7W - vKLaEuRk1iuHfYss4ThgFJYIafPa2C9GLIEryKLrQiYEWVJHPn697iqkBT7jegeO - OJ7fOfztlXpXL0ZMOvhaNWSdrQWVqtl6XdXYEGCF0SgQ+GGEF3ISQLEkq2dK4MMT - oFXNUSLl05Vb9+LIsLpZGIp2lO/pHaB4YVsT//+giwlOcqMOLsJfhhiySwA8qALY - +xliizf7u4CxY4eOZ4+nu2A9nEvsuK41j94RuLgwIxn4SXy1rOtEvXF1HpiNleV/ - U5115er5QSF76sFni4kVp7NHpGOViJnbTUlO3dferojCZ5NVEQd6Pi3mJBH8JqmV - 538hLqQCGardPtg14r1cvmJ3Fx1gEXM4+oeKlvhCioyrCT357jOo5/ceRW927zv4 - 5bQulS14zMRut8N0KtSuCEGAHrs69yv2Vvni++W9rX6S8WCUoRYIwu2348MYyNJe - AT8xotEr5YRoucZ257heJhG2V+N6pVz6zxMekW+6WKC0fRwPRq5k9MLGVINhVxTH - DODXFCVpDkT9zSXScajDOExDgKnV7Z9Rzjhom1ktVIqEXH5ylLo3D5W4YzzEpQ== - =hmtA + hQIMAwDh3VI7VctTARAAmvkQ9V14f0BT/bNdFVZtTlY4yVon37CX32SZPUcHV7o8 + Dya0sZd9tuVATSv79TnybscuNx95fkoZJwujBfAadexn2zY8zl1oEWEHx7p+8/mE + W8JbQAjbcbX9sNQYXc8kYJylBThmgNN/HXK7CGtgDFr9xnGzDBnDm/M31P1HwYBm + IdIQgFGErEt1K3xvw28Lk3tPuZLK3Y+H2Yna7RRF6K1blGJUvEnL6yFdA10/eFW7 + 8066mO26F2l5xFuktK0nNeniLHKa5VVYp8iM+JMhX38l0wiIi8pGyxo3uAjNpa0w + IfpCneEBe/yyaUPcWMjXmUG5LJe3kWUup8cSzvu01Z3W159/QsflxIMkIsklqhim + B2zuPdAlYsjjS/05DIHInN2IIB/rjADkQvXji1XYLhWJj4jxDeck/UIc6Q22TED+ + autlbl8d/5sqyO5ghPpShF/s0vMTqUfpXZrDrbuyDFqCfwi0ahP03bUsv20ZEz6u + zG3K5HuXHh7ATSppwuMbcv7vcjF1tkbo6XhWZDv0rY0DFWqiYhnxWwlFlGLxf4zX + g6r7Ca/E/YXG/eOET6M9DxwHjj0D7u/ryAkCktqPL9w8oNGarZQ/xMx0+ocI3byc + Zvzlmd63BtgaGNSxH3stK29KN3ED8cDkG/JzAxCATWiUBBkqW/ga4sGZqtLlSO+F + AgwDC9FRLmchgYQBD/9JbFZie25PO2CyELlUWm5SmJcugT9SK/mIA2fe1PlA+Gnf + 5z9iXraMSQchz4R1IoiixDhubwKeKp/auqhlOPvo58Lsi6iDR/WaLWabD+hcyAb1 + ck/f/PUzTLhlLcfu18VPfXVzfnky3dX8P5aS0WMLAQblj2RaaiHxnPqf49kXSn3q + VSJ0pr0nEsPuWtoCkHUAwAJ8X5GPXN2OD4YbHsNaA9h2vrJAxNd5+HNsvg8JtI88 + X/uMM7cWcaXcmNZOz166HUIPcJ5cabJ48Sv8sDfMPOcTiJkMiESBnRYTwdUcp08m + nGipSrUeW3pVOC1bGyukZb6sF84pTtCpqS+kOSfKFlxFFdAEcpzFIPuOMeo2dbKj + GSGPDemZFC2yFq883yk9/mZbgjOUsqrj0ZP3rCD5ZHpfUM5IxGQ+mKaOucTXYmif + lrTPMYnAc7pHxKZ87BgiKBYrfRAZvorLYKv8zG8YagAUw8iCtc68YUUdvLW9haQf + rwWCU1z+sszYSac7I57gfqICQhMUbs1n9S2Cn0C0xo4q2Lu36ysip4rEVGg6TmUu + znXYu+3orodw2TwC0tGxXHYKwmlr7EGnBCbdVKpDoCbV6cYkDYoPUFg0alqIPd5r + KCkee9MaCLLX7IdBrbLf1lkHGwSAs81GfZRMLBauM7/hn+hMUeIJnMbtJnVIB9Je + AdT2nSH06+POnjvxa2t0dUasnG/6ISBRSk6FgBBZ+pdVlrvaB4javgWGpiAWCUu6 + b2CMZF3HullmLj+wwAKlsZsIOXGICN5GeQxLHYF8Kx7Doj68Owu/zGM5MS+7XQ== + =wYdb -----END PGP MESSAGE----- fp: 4BE7925262289B476DBBC17B76FD3810215AE097 unencrypted_suffix: _unencrypted diff --git a/hosts/nixos/x86_64-linux/summers/secrets/matrix/secrets.yaml b/hosts/nixos/x86_64-linux/summers/secrets/matrix/secrets.yaml index b6a701f..4bd4392 100644 --- a/hosts/nixos/x86_64-linux/summers/secrets/matrix/secrets.yaml +++ b/hosts/nixos/x86_64-linux/summers/secrets/matrix/secrets.yaml @@ -6,56 +6,56 @@ mautrix-telegram-api-id: ENC[AES256_GCM,data:qAYbVdgeUw==,iv:D5AjnZdDQyDMGQe7FSV mautrix-telegram-api-hash: ENC[AES256_GCM,data:bwfQP/EuyS+iWGlx6IoC7VrJPYbYtsU5cmtnCn+L8z4=,iv:lardLJjfWVvQqXcPm4b4b6iS+U8De+P61GnyfqjkKDk=,tag:YbsSPAqeSqIWsUoxdjbyGQ==,type:str] sops: age: - - recipient: age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u + - recipient: age1wmx8y2hs83j2u5srdnfxljrzxm8jtxl6fr0mq7xf2ldxyglpzf2qq89rpx enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwaXMxY1hDa295WGNnd01t - czVWUFhKdjdWMzdTbnVBOWV2WFpDYktSVWtZCk9xYndvOWZZOExCV0dqQi9QWVB0 - ZDh1ZXpXVXMyN3llNVFuYW9XRyt2RFkKLS0tIFRDYnRiUE9kNG00Ri9oV3VMS2hr - Q0xDNzZRSHp3enJ5VFdEdkFZN0Zrd00Km6r0HfLe7PjRzFli8+J//R9IGQOb91A2 - rlvETneqiIqngJKAHEFglfMTpkg7pmaYkOxm2/GWpq34ozond74Rmw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBMEM4alliWlBCT3VsbVA5 + OGt5bmQvZW1TaUNkbWtFdzVGNDNpY0hBOVhzCm84TldYNHBrU01HMlBkbGNwZFAw + WVk0T3FycVRHUUNtM1pTYkQ4Qmw3RTgKLS0tIE9LUlNEVjJHOGVIK1RSMmRXUDF6 + QlRKY1hRVzNTVXhESUd3OElXL2pBZXcKDWYoOzi2b4qeIbCVCfTj0lTW+OfbnsXB + 8MugCHu7+b+ju0v/lUP66jDW9/2AH4PzHtCNHjsafyzr2qnW8HlOzA== -----END AGE ENCRYPTED FILE----- - - recipient: age1cq7wxnugpfvjk6dgqpfmc8vemzhkg75drkgeaqjd9fuylz5qh40slazr4u + - recipient: age1c2enwel9un28dcs4wg0vcyamx9a4a6g3walkhu8w5lqhmd804paq9d24as enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQbnBWMk9FL2ZlcGZjMWR2 - Y1BkU3VpRS9jQWxsZUhOanNjZG9Gdjd3R1ZFCk9oK28xU0NVTXBCdml5SWw2ZDY2 - ZmlnZCtRbHdTelVEZjRJZ083M3pSVWcKLS0tIDdNYi9wYkh1OUt6MTRwOGdWOXJC - TWhPeDR0aFl3SnRQbDFsZHJyTFE1ZWMKRi8PfCZK00OKkA72WTjTXa1h73AOnziO - 2aHR7PRVsmiMpK8E5+uUqcX+k2yTIPmDwL8fH8yCdICWBM0hTPKsSg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJRWJXR2tYdEd4cTZsSi9l + Tm1pSC9pek5BakpEMlkwVTcrMlBuVzlXWUVrCmlnV0xJc25nL0twK3VCZ3FRK2x2 + RW52Q1NxWUhTUGY0NnQ0WEhLMWxIcFUKLS0tIG83eVM0KzdLQ004aDRKNTYvdmVZ + d3ZOSStBMFpSU2ZjNWhFRkREQWlUdmcKggVvLy1mLYGf8084RQtlipS4+z4dfPsN + HZfid0srwYnezlQ5qOY8/HrDLWHEyuZ4xFZVi4n0k49qBpNwJdmvyQ== -----END AGE ENCRYPTED FILE----- lastmodified: "2026-01-08T07:59:58Z" mac: ENC[AES256_GCM,data:ZT6hdEn/UkUqa2SMgbN6rUj1Aq+x4kvmf8wyWdgnPiCM4+EzY6N9AP0QcaVTssPH6hO5jj37jPCY8W6FCJQFOkxU0VsF/mYUq0k36xuPMyS4ztZ8zTVSW+0oV6YHZFzE/epbhcIiXIHaoFSyIoVtlMawl/LeBZ92R8MU8kUn5MU=,iv:nDA22BM9tpFAMflconxFsf6mj07W/+tcS3nJHhzqpS8=,tag:jYEm3IpmlwIEGpQZYJ0mJQ==,type:str] pgp: - - created_at: "2026-01-12T22:05:33Z" + - created_at: "2026-01-02T21:12:51Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAwDh3VI7VctTAQ//YzRg5yUkAGFzdYKhCL1JFnw8Zbz8CGI+FY5n3Kdk+WDN - Bu19M9fRZudImVj60GZpuS+08R6WMkayanmv70sGbVc4xYaHqwyAY6czCardkP2/ - KviTAQMQYNJlw843uwAn3R1e6JDA2490ZSTDoi/qubKBkL/6LXxl5o9psGq/nFIO - eR7i2sOzr1SF3j34U6hCqbFxKVDETQ36COaNzr5AlrF+Byyn9y5i81h9hVsDfay2 - PRGiuWWroVi99A38f6QWqgsf5vm/IcWaSjnQwarQajJAtmspKxPyohohWWmU0zuW - AYVwHKcwsLYbQIp68siRSnpEkzy8Mwp8Zj/K47mqXTdN2WiiCu0ybK5nMtU7VqV9 - CTSmpl7HFlC+tpQ+mSI/gcG9F/BvoQb3nhv9gSyRCJJ7kOy0jzXxKgfYy2X4VLWu - MVtPvJFeh84Ni7dWTzby2EErMlbEdNoP3dcFse1FJgrvaZdCxJgZ+tunoOaEPLC1 - ATDT7wrXt3h1m0mEaMo4PTmK5hkzvm3UdXW4mr3UUtVbf9rqedCmigjbBr1SEG4o - wjLoQaZtKK7FOcAADaXa9Qgk9WV8PyqQO1+AkV8GTt6YlyUDV2kab2pjqjUIB7t7 - VFbOWIwJVL/OiAhwIGu2UqQiekP5gB5TE39X9jzE1FHhbw61Deb6OK2TMhsmRuWF - AgwDC9FRLmchgYQBD/0SsgaBElWGqYpGJfr/dKSOb+5BivLlwT8V37GWcjjNY/RN - k7/5GpnlZdrQ+1cXLNdAMNghjlV+dXpqWxuu7DBav9alnyVnfgID1UtRSEyeAMFe - I4n5fNR2TQ45fDu/3Mj1HWruoypDyLCGIenpQ2jZrWIqm574qZ5VFWZQlWP2+m07 - lSnTSvIp+KjGq1EJ/ut+UuGupqwkYihgewrtisJ8BnDEIUMAHD81OLc11ZcPTaXQ - K88MrcJrqEEJpMG5kj+tMKUhpmkpCkjG2WJyOZtQh3FuTQDl68uCh1YcMUmVijig - PI/WdsA3A85Q6lwLgc6YTIr5AUi56PqJiWLgeYxPvWWSE1AnFrrnDYfHRPZdKexQ - VAWSPlQFcEt7LS6LK+hJAjKteMJNFviFnlCYam3eWTcIw/sSle03JmGf+2xhZJRp - ZwN63sCNLTd3JJlSmIhTW8LbypaNIXfDh1x80FHoIRh5xZXfdJxz59gS4yJGdS43 - NT1QRhg/AQrOX9oOKdOHF8L7tiDk740CU6DMvlwdv1hc045LcTBCXT8O+mIyl4KM - Mkgcnx8lpoIyEyvGAcBSAzZLE52ub3d8VNAK5ABhgLkaTTGWqiWwNKSU5GVEKB7O - OP5hWZn24cx6mAWk/5aUHvcM0cUktlpnzFkuG1m7XQbHxnYU8yi7w1YwGjKXB9Je - Acy13H85upSvPs1vyvIHf3WUVut00wdsUB0IrPaPLPYh0a+3rU+5B+JZ7hlBWRfm - ZyQY6VCrh/mP0w3YBfb+Og9jdaYFkDXEGB65kw/sw0pz/6WrGV+sX2mFXDPa+w== - =T86X + hQIMAwDh3VI7VctTARAAmvkQ9V14f0BT/bNdFVZtTlY4yVon37CX32SZPUcHV7o8 + Dya0sZd9tuVATSv79TnybscuNx95fkoZJwujBfAadexn2zY8zl1oEWEHx7p+8/mE + W8JbQAjbcbX9sNQYXc8kYJylBThmgNN/HXK7CGtgDFr9xnGzDBnDm/M31P1HwYBm + IdIQgFGErEt1K3xvw28Lk3tPuZLK3Y+H2Yna7RRF6K1blGJUvEnL6yFdA10/eFW7 + 8066mO26F2l5xFuktK0nNeniLHKa5VVYp8iM+JMhX38l0wiIi8pGyxo3uAjNpa0w + IfpCneEBe/yyaUPcWMjXmUG5LJe3kWUup8cSzvu01Z3W159/QsflxIMkIsklqhim + B2zuPdAlYsjjS/05DIHInN2IIB/rjADkQvXji1XYLhWJj4jxDeck/UIc6Q22TED+ + autlbl8d/5sqyO5ghPpShF/s0vMTqUfpXZrDrbuyDFqCfwi0ahP03bUsv20ZEz6u + zG3K5HuXHh7ATSppwuMbcv7vcjF1tkbo6XhWZDv0rY0DFWqiYhnxWwlFlGLxf4zX + g6r7Ca/E/YXG/eOET6M9DxwHjj0D7u/ryAkCktqPL9w8oNGarZQ/xMx0+ocI3byc + Zvzlmd63BtgaGNSxH3stK29KN3ED8cDkG/JzAxCATWiUBBkqW/ga4sGZqtLlSO+F + AgwDC9FRLmchgYQBD/9JbFZie25PO2CyELlUWm5SmJcugT9SK/mIA2fe1PlA+Gnf + 5z9iXraMSQchz4R1IoiixDhubwKeKp/auqhlOPvo58Lsi6iDR/WaLWabD+hcyAb1 + ck/f/PUzTLhlLcfu18VPfXVzfnky3dX8P5aS0WMLAQblj2RaaiHxnPqf49kXSn3q + VSJ0pr0nEsPuWtoCkHUAwAJ8X5GPXN2OD4YbHsNaA9h2vrJAxNd5+HNsvg8JtI88 + X/uMM7cWcaXcmNZOz166HUIPcJ5cabJ48Sv8sDfMPOcTiJkMiESBnRYTwdUcp08m + nGipSrUeW3pVOC1bGyukZb6sF84pTtCpqS+kOSfKFlxFFdAEcpzFIPuOMeo2dbKj + GSGPDemZFC2yFq883yk9/mZbgjOUsqrj0ZP3rCD5ZHpfUM5IxGQ+mKaOucTXYmif + lrTPMYnAc7pHxKZ87BgiKBYrfRAZvorLYKv8zG8YagAUw8iCtc68YUUdvLW9haQf + rwWCU1z+sszYSac7I57gfqICQhMUbs1n9S2Cn0C0xo4q2Lu36ysip4rEVGg6TmUu + znXYu+3orodw2TwC0tGxXHYKwmlr7EGnBCbdVKpDoCbV6cYkDYoPUFg0alqIPd5r + KCkee9MaCLLX7IdBrbLf1lkHGwSAs81GfZRMLBauM7/hn+hMUeIJnMbtJnVIB9Je + AdT2nSH06+POnjvxa2t0dUasnG/6ISBRSk6FgBBZ+pdVlrvaB4javgWGpiAWCUu6 + b2CMZF3HullmLj+wwAKlsZsIOXGICN5GeQxLHYF8Kx7Doj68Owu/zGM5MS+7XQ== + =wYdb -----END PGP MESSAGE----- fp: 4BE7925262289B476DBBC17B76FD3810215AE097 unencrypted_suffix: _unencrypted diff --git a/hosts/nixos/x86_64-linux/summers/secrets/monitoring/secrets.yaml b/hosts/nixos/x86_64-linux/summers/secrets/monitoring/secrets.yaml index 6ab9580..3030b81 100644 --- a/hosts/nixos/x86_64-linux/summers/secrets/monitoring/secrets.yaml +++ b/hosts/nixos/x86_64-linux/summers/secrets/monitoring/secrets.yaml @@ -5,56 +5,56 @@ kanidm-grafana-client: ENC[AES256_GCM,data:ppEqUFZC59A1Fv55l6VroWPzUiKtMO+5XQ==, prometheus-admin-hash: ENC[AES256_GCM,data:6qIEAwDQQdMeiJ8oQsnRxvMV/x+p/rgHfViLMgGh9Lg5FoarzAoZjxNeyE63X87UzsjXY3+7/9khJ9PD,iv:O0VsqAUyiQ3YwLHSx2Pje3trlinz4CjxZ+h4lPPPRN4=,tag:fo2U43uEtfB8LWjP3zpkDA==,type:str] sops: age: - - recipient: age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u + - recipient: age1wmx8y2hs83j2u5srdnfxljrzxm8jtxl6fr0mq7xf2ldxyglpzf2qq89rpx enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSMm5NVnFKdjVDc1Z5WkI1 - bVBuU0sydTNHSEc0anVoSmwrbUI1TDV6RlYwCmhDTm53clJlOEZsVG8rWEZyTnlo - em9DdHUzUklZQmNlK3N6bzNuOVhkRVUKLS0tIG83QjJIZGFIakdTZ0tJYThDQU9j - a2theDZ6UUo0L1Evcy9FcmxnelZHNzQK6w6FdZ6kGFo3TE2UsJULOFds1/xT6/Ce - KB6H5rEXcU4fLreuLJA/tjQkq2CRPq58ACs25Y2GuA+tv0dBa5ud8A== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBMEM4alliWlBCT3VsbVA5 + OGt5bmQvZW1TaUNkbWtFdzVGNDNpY0hBOVhzCm84TldYNHBrU01HMlBkbGNwZFAw + WVk0T3FycVRHUUNtM1pTYkQ4Qmw3RTgKLS0tIE9LUlNEVjJHOGVIK1RSMmRXUDF6 + QlRKY1hRVzNTVXhESUd3OElXL2pBZXcKDWYoOzi2b4qeIbCVCfTj0lTW+OfbnsXB + 8MugCHu7+b+ju0v/lUP66jDW9/2AH4PzHtCNHjsafyzr2qnW8HlOzA== -----END AGE ENCRYPTED FILE----- - - recipient: age1vn6ya0japzpgc256jg57fldsqe4udmq50sj5hmkywn7rxfnskevsx2q96u + - recipient: age1c2enwel9un28dcs4wg0vcyamx9a4a6g3walkhu8w5lqhmd804paq9d24as enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5SHJxYks4M3BZWWxsbURH - OVViZ1lLZDZGTXZ1ajNvN2hTVlRqZ0JGVFRRCmtYUW9zd2NGcHhvSzY2VExCMXVs - SjVjU0dsQ3loaFRTdnpQTXJtYVZHczQKLS0tIE5lRTlvUi9CM1IrUmJqWXkxV1JL - U1R6WEpIOEdMc1JJaXlIWGE3bk52eWMKV55X1Ub6xclaNVAGotUMHodOZxeCpjnr - dH2egZc78PacamhvBiTKpxZLscfqss7zhGSqLbFRjPNDpPGkUazAmw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJRWJXR2tYdEd4cTZsSi9l + Tm1pSC9pek5BakpEMlkwVTcrMlBuVzlXWUVrCmlnV0xJc25nL0twK3VCZ3FRK2x2 + RW52Q1NxWUhTUGY0NnQ0WEhLMWxIcFUKLS0tIG83eVM0KzdLQ004aDRKNTYvdmVZ + d3ZOSStBMFpSU2ZjNWhFRkREQWlUdmcKggVvLy1mLYGf8084RQtlipS4+z4dfPsN + HZfid0srwYnezlQ5qOY8/HrDLWHEyuZ4xFZVi4n0k49qBpNwJdmvyQ== -----END AGE ENCRYPTED FILE----- lastmodified: "2026-01-08T08:03:30Z" mac: ENC[AES256_GCM,data:k/1raTPyx+paIzNg6vIuOh2GwAwyBuejMe8QTjRcmOU3Cb6rLovI4kElP8mmC5lNPZtK/z16UKONw9Wj4PJyXpeFr06wUpN64P7qHZ104lJWnixR6kisZ7Vv4AUGAUaRCVC/IebA8If0/Sm6/Vtz+QqoJXNY6vZRg/e4POavwOc=,iv:X40QnY6vzU7E5QmJGM7pHnPreLqUoD6shuqMnE0C1bA=,tag:QqTdb0hUjtWF5bBIiS1PLA==,type:str] pgp: - - created_at: "2026-01-12T22:05:34Z" + - created_at: "2026-01-02T21:12:51Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAwDh3VI7VctTAQ//aFEsFOzREYPu1el49vp3ZBNP8fme7XcxiR9CSs+qfZqy - loMQyyv4rPGHlXBzEWL0Bas+56fqv+uSeW94h7fyR2dLzjtnkIe4DR7tDrGsODjB - mqQ/mUgPr3eUi4a3p/q2heRsxR5fYMZqjjK606NYh3zxGDFoIHKdI82xL/PcS0OD - mmDl++GbVN+qR+mcBVlPPL+H87klO+HZsLRiEnur07RDB1qLLVkTi+0YWeSzvneX - +MghbNOZ9WzAJ8DbDBjznIU6DnzxqNpiI9+acBVyZJgu2QmPG2VcoujlCkoP21F8 - 8mMiduh5hzK/XvNkYVAb0wj1Es6CjLWUR5zxNo7jZdd7wOBR2fchm+VTsY3xxdmR - +tnT14UneAxr87jVzSElhwAD/sNTTXZfdyEbWv9qp86mrz4MpH729vNFL6mPSo7Y - rpSZUHV8ic/Oz3t5E/qWu0TVVlzI8cra9XfvqzS5MCaWDHdT/+UKviYNzvYC0HDP - yIDQ1QMGcyO2mW4nOQFbf7+rrjSqUGufDs3rBhwv4ExNa+jZvGposFv09mClr26T - hZKudJQMBW7CHE1FZg+1fEqdfxu6M/0yckgNbs5p5/sgdxvI9E+q1IeidvtYSK0U - VaiAqavbL11BCcBgrND+7qN352aaA2VXtATqJwgrF5LhDkq28Gn4zNEj2/Sdj7mF - AgwDC9FRLmchgYQBD/9VlDer7Fl+R8WsF/BbAd9lHic4KIrxBS/jnHTIwL9q/d+7 - HM6C72HRggdFKkS6+lF0y8dMjYrKzV9VUzi/tSnbc2kIACk27hH0VMdrBUESDqag - ZI90TmvuaphzdHeyD5VFs5cZ6Oa1jE6TQbXYQ2ejmL2XS6Botjz1yG3me4b6pwDN - gK7bQ1pJyLoXJ+5cOWgYB0o5apFNFkeetBjT6YlSpz9FOojDmQYYfQw5juK/K1Db - vsiYaJDPbPz8Q5HXnVqP83PPMLoB5WzYW4sTrIsdY6Rr6gWSGqejoUKQo1WnqfkW - 5gkKgf11M2tzPJZ/Bm34TGcaml5oLSlVt8lK6g/CAOneTKExWIuYDYP705WHkA/5 - kzWPsWRS2f4oQbeVF+IgpOIs3gK+8kkMZz6UUuknoEKLnwhOCjuZwQvhaYgDb7UU - 64f1xceJycwxWPgttmL7ffhMGjMZc8NyHqxTbHacmHwHa3Ja3Q17eI9JMD0Qd2j3 - Yti/1oNOQcWh98aIaMiusnXeoFPZHxiLmNkrqZSH5g9/KLTkdX8RcNQShFBjRTWb - PUriECYANObFBVXt+6wHac4ULRAFDy9DoZ/skIP27EPdcbVPa2J0bSYmcIfo6O3M - tu4MzeRtOJEsVo+7KqEX8fMXpqsmSFiIZw3KPVQWYnAypmxh9Esqxt+REsw1ttJe - AR2F562k73ZXJs5sBAsTqY7Mqdj98I38yX9toOYfEMZeOYhCBK4MYhHefl1bmhyS - 4CTs7B04XKJBnxcZqwtWqAr0YFW89i1ej91W9sVLrwdvdAt0AXHhhIl3yZbs4w== - =gJhU + hQIMAwDh3VI7VctTARAAmvkQ9V14f0BT/bNdFVZtTlY4yVon37CX32SZPUcHV7o8 + Dya0sZd9tuVATSv79TnybscuNx95fkoZJwujBfAadexn2zY8zl1oEWEHx7p+8/mE + W8JbQAjbcbX9sNQYXc8kYJylBThmgNN/HXK7CGtgDFr9xnGzDBnDm/M31P1HwYBm + IdIQgFGErEt1K3xvw28Lk3tPuZLK3Y+H2Yna7RRF6K1blGJUvEnL6yFdA10/eFW7 + 8066mO26F2l5xFuktK0nNeniLHKa5VVYp8iM+JMhX38l0wiIi8pGyxo3uAjNpa0w + IfpCneEBe/yyaUPcWMjXmUG5LJe3kWUup8cSzvu01Z3W159/QsflxIMkIsklqhim + B2zuPdAlYsjjS/05DIHInN2IIB/rjADkQvXji1XYLhWJj4jxDeck/UIc6Q22TED+ + autlbl8d/5sqyO5ghPpShF/s0vMTqUfpXZrDrbuyDFqCfwi0ahP03bUsv20ZEz6u + zG3K5HuXHh7ATSppwuMbcv7vcjF1tkbo6XhWZDv0rY0DFWqiYhnxWwlFlGLxf4zX + g6r7Ca/E/YXG/eOET6M9DxwHjj0D7u/ryAkCktqPL9w8oNGarZQ/xMx0+ocI3byc + Zvzlmd63BtgaGNSxH3stK29KN3ED8cDkG/JzAxCATWiUBBkqW/ga4sGZqtLlSO+F + AgwDC9FRLmchgYQBD/9JbFZie25PO2CyELlUWm5SmJcugT9SK/mIA2fe1PlA+Gnf + 5z9iXraMSQchz4R1IoiixDhubwKeKp/auqhlOPvo58Lsi6iDR/WaLWabD+hcyAb1 + ck/f/PUzTLhlLcfu18VPfXVzfnky3dX8P5aS0WMLAQblj2RaaiHxnPqf49kXSn3q + VSJ0pr0nEsPuWtoCkHUAwAJ8X5GPXN2OD4YbHsNaA9h2vrJAxNd5+HNsvg8JtI88 + X/uMM7cWcaXcmNZOz166HUIPcJ5cabJ48Sv8sDfMPOcTiJkMiESBnRYTwdUcp08m + nGipSrUeW3pVOC1bGyukZb6sF84pTtCpqS+kOSfKFlxFFdAEcpzFIPuOMeo2dbKj + GSGPDemZFC2yFq883yk9/mZbgjOUsqrj0ZP3rCD5ZHpfUM5IxGQ+mKaOucTXYmif + lrTPMYnAc7pHxKZ87BgiKBYrfRAZvorLYKv8zG8YagAUw8iCtc68YUUdvLW9haQf + rwWCU1z+sszYSac7I57gfqICQhMUbs1n9S2Cn0C0xo4q2Lu36ysip4rEVGg6TmUu + znXYu+3orodw2TwC0tGxXHYKwmlr7EGnBCbdVKpDoCbV6cYkDYoPUFg0alqIPd5r + KCkee9MaCLLX7IdBrbLf1lkHGwSAs81GfZRMLBauM7/hn+hMUeIJnMbtJnVIB9Je + AdT2nSH06+POnjvxa2t0dUasnG/6ISBRSk6FgBBZ+pdVlrvaB4javgWGpiAWCUu6 + b2CMZF3HullmLj+wwAKlsZsIOXGICN5GeQxLHYF8Kx7Doj68Owu/zGM5MS+7XQ== + =wYdb -----END PGP MESSAGE----- fp: 4BE7925262289B476DBBC17B76FD3810215AE097 unencrypted_suffix: _unencrypted diff --git a/hosts/nixos/x86_64-linux/summers/secrets/nextcloud/secrets.yaml b/hosts/nixos/x86_64-linux/summers/secrets/nextcloud/secrets.yaml index c6413ed..f3d8a99 100644 --- a/hosts/nixos/x86_64-linux/summers/secrets/nextcloud/secrets.yaml +++ b/hosts/nixos/x86_64-linux/summers/secrets/nextcloud/secrets.yaml @@ -3,56 +3,56 @@ nextcloud-admin-pw: ENC[AES256_GCM,data:paK35a5bPIHioXMzGPZ9XU6t,iv:VkSLO1VhIbDT kanidm-nextcloud-client: ENC[AES256_GCM,data:QOl4sP/+N3GIxrQMyD2TmyveZo4Wm88u7A==,iv:S409ur/y9j8HYLEbuVhUbSPO0JwD1zQST+J5035Cd2E=,tag:VgQs30NNosDdxwEL1iAvbg==,type:str] sops: age: - - recipient: age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u + - recipient: age1wmx8y2hs83j2u5srdnfxljrzxm8jtxl6fr0mq7xf2ldxyglpzf2qq89rpx enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3R2F5WER0c3EvcDZQNlIx - RlFKTkdlVUoxekp2VlZMNFZnU1BFU1hBY21NCkdLQVljZ1FCaWdvNUEvVXZ4ZGo3 - aUtSSUJlbjBRbklLcVBCTFRkV0U1VVkKLS0tIEh1eDI2T3lNTHZnVFZjc0pWcHdT - Q3JPcmxnNWRLN3FTNUFxMGg5cUhnUXcKpv+VwF01Vh7wJes+cU71HV7lVh+ATd2i - +mbwlNTYORdpVa5+LX3gm4Q1O8AovMIB3k2/JUXurWdOQ1RCOr6bWQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBMEM4alliWlBCT3VsbVA5 + OGt5bmQvZW1TaUNkbWtFdzVGNDNpY0hBOVhzCm84TldYNHBrU01HMlBkbGNwZFAw + WVk0T3FycVRHUUNtM1pTYkQ4Qmw3RTgKLS0tIE9LUlNEVjJHOGVIK1RSMmRXUDF6 + QlRKY1hRVzNTVXhESUd3OElXL2pBZXcKDWYoOzi2b4qeIbCVCfTj0lTW+OfbnsXB + 8MugCHu7+b+ju0v/lUP66jDW9/2AH4PzHtCNHjsafyzr2qnW8HlOzA== -----END AGE ENCRYPTED FILE----- - - recipient: age1t7zagjfddns4yltupk7nx8xps4gh7mupyz85uuys0wd22cxj5qsq2hw0p7 + - recipient: age1c2enwel9un28dcs4wg0vcyamx9a4a6g3walkhu8w5lqhmd804paq9d24as enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBLMkZ6dW9sMHp2SW14Y3V1 - VXdPUUNJOTNQVlFUc01tb0hMYWlWZUtvaVdnCkVEVWtUL3lDMEdjdmtXMk5ObEh6 - SWQzRkppczdtTnFUT1d3R0lEcnE1VWsKLS0tIFNEamwzd1dQcDNVbXVxSkQ1dEZi - cnNFSk85YmVEQ2RGaFlZTER3a1l0eW8Kel7WlG6U58FDxWXA7mYxMPTCXs06sLaX - fX/sHr2SJpnRLfsIAl4vkxLY2UCdwDkPM5NNtrQdFIu2oVkj4xYkrQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJRWJXR2tYdEd4cTZsSi9l + Tm1pSC9pek5BakpEMlkwVTcrMlBuVzlXWUVrCmlnV0xJc25nL0twK3VCZ3FRK2x2 + RW52Q1NxWUhTUGY0NnQ0WEhLMWxIcFUKLS0tIG83eVM0KzdLQ004aDRKNTYvdmVZ + d3ZOSStBMFpSU2ZjNWhFRkREQWlUdmcKggVvLy1mLYGf8084RQtlipS4+z4dfPsN + HZfid0srwYnezlQ5qOY8/HrDLWHEyuZ4xFZVi4n0k49qBpNwJdmvyQ== -----END AGE ENCRYPTED FILE----- lastmodified: "2026-01-08T08:01:15Z" mac: ENC[AES256_GCM,data:UdaDVFUew2OaFnmdD+sULrrXQlvhASqomUt6kUxCoyXydotNL//X8tc6U9iUOhrXLKXsLB1fWKpiIQGGTtkK02p9F/IjWtakeSN8AiSCw60vVBueIdG4dDFXpOvLf4JVkLG2FkRqcLxLqyWLGzgXSFEIaaCTK/tRLWLXlCxitZo=,iv:1VgXeCIlQx89J4dW7Mldae47yvmej3Wu1NRnKK31oPE=,tag:GKfotJ6uoq+Jhf5uh2L6OQ==,type:str] pgp: - - created_at: "2026-01-12T22:05:35Z" + - created_at: "2026-01-02T21:12:51Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAwDh3VI7VctTAQ/8DGQDydqwLR9kOQC0Pbyq46HDI/MHIXjuicAJdPdVqW3J - euLBwcF7do2tbsPpEG3FyyD3uWpk1sSMeHq0ev1SheFozf0vwiGm5ksKt6LrhyVI - XJDPjqyDWC5+prHoYvSBvrc+nuv3uy8iCqYQKdT9ODx9HXg/3gBgEDerFiI7n4wB - m4cRMMlem6VIug5tyKlRzhhpWGXls7BXqNgFTAGqGt+vjVjWGIh7MON+ftePTupV - PxE3ZkmlyAPXvjeP02zWgJpKf/zCJGHmgay8NU03WEw0YdpzfIT9eAlDQOVOE4y1 - GSGA8fgOnhwTjS0Q8x6MxFEY+TgLpz+y78klDvIoax9fI+HQgNyf9OzPUrbMNXtf - Lyh5RoXbNneqJ/cuFuxefg81oor6r4JUaC/AAPd0xIrNtzETT+Bigy+3XYJAZUhx - S/PCEOuaKNq+i+0ptfmRZ+3bL9h0JlXExMDP8EpD5ychjEoWX41aSEWlOTxSEej+ - qfvcDoPeAyvJXU+VFhTXYzWog6V90qz91J/ULSJbV/ql+Dc94PBy08rD4I8O9YVd - 7slxT9wIqXuKg0U9dRfJZ2b9+Fattd+JMnr5bDfVhFfp6EQNTdWeo7f1hr2fzdE0 - CCmb/8x8RWUP/tez6mDQGBDBMBkxU9hNiQsaQv+JXit31uFTHJqW45Ci0VJmKzWF - AgwDC9FRLmchgYQBD/9e9rnpwFeVE/wMmoYzve0SuVCPbTByitZuNxQu0zjyTCy0 - Vyr5xqwg9vjEfY4kXZ2iypVlPTzDf1UurwTZMTkusbOYZP0yBwHnamqvirhCFKjN - V2sj+LkEwuBajXO3md0QL/eWNaPY+wQFxO3NRg9sjuJJgMR+Da8ZPV7U6y0U+Gtb - oARFsyDLaFmDiibczlGa9miCKriHidq6MjWJSxXeCSsA1ZqyyQ78jxfBELiQ6yuJ - RYixb8pNb9j24gQKJqKv0xcL7X0OD97QgfhRH+FVFyGbXSqMEVBqEHXUfHecrwE1 - Dq2LRZCNTuM2XsAOKIwOf1FrJu38TpO9g60UQq+NrTJxVeR6b2DcCzOm67I5pQhQ - MjMs20WmgVWM345PEOZ9OnADATzbZp9GDeJY5OKlX4OiklcEM4/xEeo9ebujoFSC - 3ChNvL8N4Vm14oPgEjZsJ4hPUJ/g49lGq/rhOSDr5tGqtfoO6DSN8wXP9nmS1uFK - ff7cbxBCVoPeiUSUOHXmg4KAw2cdlNh/cS0x9pndE5tLz+Nmo9QvpPE+5PowUMFs - edhr9OcEIPDCW20UhmiQ68eIZ50SIEXRqBZdL6uYdyHCVA80Ope8KJdGozzuiqfU - n6e/T0a/uisAG5M4D08yfMYdwALyZQUmWo/6wm0oAAIcErYCVzBT4D6HXwWq8tJe - AfCcM9w2NbTDTKqvlweAF2+PYoDqFFS+5flwQomnXxL1TQGNN7iFwDK7+PXg27tt - Ozjyq5rEir6GWdQwo4xWKLL+b3lQNpixHSF+ApL0e4pS9e1Zg/6I5dVsCfTTYw== - =cE28 + hQIMAwDh3VI7VctTARAAmvkQ9V14f0BT/bNdFVZtTlY4yVon37CX32SZPUcHV7o8 + Dya0sZd9tuVATSv79TnybscuNx95fkoZJwujBfAadexn2zY8zl1oEWEHx7p+8/mE + W8JbQAjbcbX9sNQYXc8kYJylBThmgNN/HXK7CGtgDFr9xnGzDBnDm/M31P1HwYBm + IdIQgFGErEt1K3xvw28Lk3tPuZLK3Y+H2Yna7RRF6K1blGJUvEnL6yFdA10/eFW7 + 8066mO26F2l5xFuktK0nNeniLHKa5VVYp8iM+JMhX38l0wiIi8pGyxo3uAjNpa0w + IfpCneEBe/yyaUPcWMjXmUG5LJe3kWUup8cSzvu01Z3W159/QsflxIMkIsklqhim + B2zuPdAlYsjjS/05DIHInN2IIB/rjADkQvXji1XYLhWJj4jxDeck/UIc6Q22TED+ + autlbl8d/5sqyO5ghPpShF/s0vMTqUfpXZrDrbuyDFqCfwi0ahP03bUsv20ZEz6u + zG3K5HuXHh7ATSppwuMbcv7vcjF1tkbo6XhWZDv0rY0DFWqiYhnxWwlFlGLxf4zX + g6r7Ca/E/YXG/eOET6M9DxwHjj0D7u/ryAkCktqPL9w8oNGarZQ/xMx0+ocI3byc + Zvzlmd63BtgaGNSxH3stK29KN3ED8cDkG/JzAxCATWiUBBkqW/ga4sGZqtLlSO+F + AgwDC9FRLmchgYQBD/9JbFZie25PO2CyELlUWm5SmJcugT9SK/mIA2fe1PlA+Gnf + 5z9iXraMSQchz4R1IoiixDhubwKeKp/auqhlOPvo58Lsi6iDR/WaLWabD+hcyAb1 + ck/f/PUzTLhlLcfu18VPfXVzfnky3dX8P5aS0WMLAQblj2RaaiHxnPqf49kXSn3q + VSJ0pr0nEsPuWtoCkHUAwAJ8X5GPXN2OD4YbHsNaA9h2vrJAxNd5+HNsvg8JtI88 + X/uMM7cWcaXcmNZOz166HUIPcJ5cabJ48Sv8sDfMPOcTiJkMiESBnRYTwdUcp08m + nGipSrUeW3pVOC1bGyukZb6sF84pTtCpqS+kOSfKFlxFFdAEcpzFIPuOMeo2dbKj + GSGPDemZFC2yFq883yk9/mZbgjOUsqrj0ZP3rCD5ZHpfUM5IxGQ+mKaOucTXYmif + lrTPMYnAc7pHxKZ87BgiKBYrfRAZvorLYKv8zG8YagAUw8iCtc68YUUdvLW9haQf + rwWCU1z+sszYSac7I57gfqICQhMUbs1n9S2Cn0C0xo4q2Lu36ysip4rEVGg6TmUu + znXYu+3orodw2TwC0tGxXHYKwmlr7EGnBCbdVKpDoCbV6cYkDYoPUFg0alqIPd5r + KCkee9MaCLLX7IdBrbLf1lkHGwSAs81GfZRMLBauM7/hn+hMUeIJnMbtJnVIB9Je + AdT2nSH06+POnjvxa2t0dUasnG/6ISBRSk6FgBBZ+pdVlrvaB4javgWGpiAWCUu6 + b2CMZF3HullmLj+wwAKlsZsIOXGICN5GeQxLHYF8Kx7Doj68Owu/zGM5MS+7XQ== + =wYdb -----END PGP MESSAGE----- fp: 4BE7925262289B476DBBC17B76FD3810215AE097 unencrypted_suffix: _unencrypted diff --git a/hosts/nixos/x86_64-linux/summers/secrets/paperless/secrets.yaml b/hosts/nixos/x86_64-linux/summers/secrets/paperless/secrets.yaml index d8b97bb..c279f6a 100644 --- a/hosts/nixos/x86_64-linux/summers/secrets/paperless/secrets.yaml +++ b/hosts/nixos/x86_64-linux/summers/secrets/paperless/secrets.yaml @@ -3,56 +3,56 @@ paperless-admin-pw: ENC[AES256_GCM,data:2t5nZmpPblts6nZ6Pm4JZMBpwxVMap2NGg==,iv: kanidm-paperless-client: ENC[AES256_GCM,data:mEJBDT1qEz6vHrjnT5b9iBjXYbRwcoG2sw==,iv:SL91pO4QgtD+458dy/7ra7+mQgW5P+n7qUdVaXxYbHM=,tag:dGD5mzVRNFLORrMgiVYJbg==,type:str] sops: age: - - recipient: age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u + - recipient: age1wmx8y2hs83j2u5srdnfxljrzxm8jtxl6fr0mq7xf2ldxyglpzf2qq89rpx enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxd1NIOWR4WUFrWEdtMzNE - L1ptYlUxc1cvcEd2Si9NbVZQSUFWV1NUTkJRCmhNSzQ2SjhxeGhKTVNIRTdQMS9u - aDNIQ3FpOUloUjJ0SXJQT3N4WFdjbVUKLS0tIElZUmxlQTRFVTZuSDNrVFhlS1FD - SFNJc0xhZEFUektXOXRiQ2xZSFBWbHMKUXObVn6jjRIm197zdOWF7Y04VeyDJMDq - dXrY6aceQDtgbxlgdfDyU1TZ4pKCU4B5pFKJakvmyaDWHbJY9J0Z0w== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBMEM4alliWlBCT3VsbVA5 + OGt5bmQvZW1TaUNkbWtFdzVGNDNpY0hBOVhzCm84TldYNHBrU01HMlBkbGNwZFAw + WVk0T3FycVRHUUNtM1pTYkQ4Qmw3RTgKLS0tIE9LUlNEVjJHOGVIK1RSMmRXUDF6 + QlRKY1hRVzNTVXhESUd3OElXL2pBZXcKDWYoOzi2b4qeIbCVCfTj0lTW+OfbnsXB + 8MugCHu7+b+ju0v/lUP66jDW9/2AH4PzHtCNHjsafyzr2qnW8HlOzA== -----END AGE ENCRYPTED FILE----- - - recipient: age1rn0pxluh7m8dyeshek06d7scejqlrcewlk8xmyrwt5e5nev2dc2s3s78vq + - recipient: age1c2enwel9un28dcs4wg0vcyamx9a4a6g3walkhu8w5lqhmd804paq9d24as enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwRzRwVWh1SDVFUVpqbTg2 - c0xGY2dQSTZKelNpNS8vamE1Z1N1c3Q1eGprCnZDQ2dZN2x1YkN6R3RjYW5nN2hQ - Vzl4SWY0cjRYYzZpQWowS2tIaWwyZTQKLS0tIDNLTVdhWGVLai9LOTJGY2dDNE9a - L052WXVhQ21WckwvYmQyTWxhZUQvRTQKJFa0KXsbW3V8Spi6MC8i400tBAHs4d9o - oX5D4HSOUwmbxlzrc4OlNgx8lBrcur1St1RF7MBaarUiVAIpswaDnw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJRWJXR2tYdEd4cTZsSi9l + Tm1pSC9pek5BakpEMlkwVTcrMlBuVzlXWUVrCmlnV0xJc25nL0twK3VCZ3FRK2x2 + RW52Q1NxWUhTUGY0NnQ0WEhLMWxIcFUKLS0tIG83eVM0KzdLQ004aDRKNTYvdmVZ + d3ZOSStBMFpSU2ZjNWhFRkREQWlUdmcKggVvLy1mLYGf8084RQtlipS4+z4dfPsN + HZfid0srwYnezlQ5qOY8/HrDLWHEyuZ4xFZVi4n0k49qBpNwJdmvyQ== -----END AGE ENCRYPTED FILE----- lastmodified: "2026-01-08T08:00:28Z" mac: ENC[AES256_GCM,data:ssSrHidYu6SUIVk07FMJ8p5W64INqRLdynQdizq+n37c69Ogj02LjcuRCH9W4vI0vIsbZv/Az0PnQRUfPwW9nHqJPtvWb5cUS9AK/kpQKRDd60QK8Le7+PPEzemvR61xeUv3CiUE5qh5Lf/AGUs0g/Mw1Ur8qSaj7FZUkKWMp7o=,iv:5KgI5vbEfquerHrKo0JpJbJaoAVJp7gblaUvQyr8TPg=,tag:BiGm5Lk53F0w79gnrBglbQ==,type:str] pgp: - - created_at: "2026-01-12T22:05:37Z" + - created_at: "2026-01-02T21:12:51Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAwDh3VI7VctTAQ/6ArJY33wV19ZxD+05B8roXhBNUHr7BXI8zBLwtiVNHFTQ - XC7o/Ku/xbVtktWvUA/nRf2xwZoKKHUS34Bf67HZisb2ErTh1VJGRl0Ul56/Acd+ - CCe/usmQFxNKExlXsAV724LNhdC2ETcr1i25Ri3tuacNUfal86jG3P6OOSBMsH6u - VGvB/NO+Wg66piG2+VbkQ4XY/tBDtCHWibqPDDFR//FBZK6akzSj+nhOTaRyVjjp - NGOTLFHhoPNhn7VDtXpRBqTdsEvK9c91tN12n7urVDagPeHFLdJogtzJxwHO+nCB - uctTrhe3Vbo9nsIHIlYol4y4IQTAPddbtXsrQq7Iep8++eQlQSkg9ugjIDRRevZI - eu34dd0m205edZqpLARMvydqQe8L3l5MNH2Tugw2+N5BdbJQtcWk1AcC8HFS9agC - hEOzSVVbqvq1Vcq+UkPeEgG/O94BR6y/mRanSHqIBuzvyuuzEmpOygPG2CCiQJD3 - Oxy/MJ7JJ5hdQ6obFHnd8VST16OflJ8+PVacPiX3IhT7AUgMrGKKPZAJpRpKncJg - FKikVD2Hx9TZPhnL/EDG6tOnRY+C9lTALHYLIAntZRagBS7mv5zcaul1W7c+egRl - 1nvd5NVdGYdFBnV0L9HITm6EsbzCvikFGx5PUjNlku7SVKDTmqDESfzrRjCoMWCF - AgwDC9FRLmchgYQBEADCL1MqvU8w8jYqIvZg35Erm97HHuTBXQIvZgGRFNrZUNcn - nkw1e0gFGsDjBbsuSzKJtlY3y/BB3zhq9WJTtPM2Zlvosvo81eKr4rfJUEVN6s8Y - WjErjdLHRgm4NvH/sMMmX3NhBgFnBzXdN6K0icikjtv7JuoZ0FVQFMUbjispLtf4 - FzrzBnxO6OckJkcRlXurwuovfyT7VbYrPzy/SACwXRx29QcrxWXOB26bMEl7PIc5 - /wYxgIu34nQLqujPXsRH9yxwdB0ke49XFEjH5QpiRWiLGOMF65GFOwYPO615h4M8 - oEg6G06uzFASwEhru0craW5Axq9BgSDrQPsQJJkU+yE9Zl5HRmjBrykl7uidd2vw - z47VWMExNBWM9sUYlna7ztwxXwLQldgwaYlpsMgsdkKvSp6W91Qfuswg/64Nnzg2 - R/8gYv/AWGHwjIIVDBgi2N6/71Xqk6BFU0FxXs3SIGkGj4U6NcaJN1KXWM3kUmmn - utrhh5KNv+7CbSZimWH1ReJdPAmg1R/pz0LouQN/g6pQLvNN+zPO6bLCs3DKMKth - X7r6jBbxyc6iTY7VbPxna0hcmrZHIX2HVyYnPMsEarJcF9swTR3wdU2kxzNIa7Mg - ctMCuivTTnna/cizzvWISDyG0N9q05h6BKoim8V1v1iVtWtjg76+7IoDoP79d9Je - AXFEpO0QZrcY8uNw95b3u4bdM7m7Urd2/zDqAYltySM2MjrNcgwwNO6CYvL5fEkS - AFlYlvCtiqBIUQIxqk8lzxDWyy5DOb2/sSOWnf669a4CBNreOTHjaVaJvoD2LQ== - =ZVbl + hQIMAwDh3VI7VctTARAAmvkQ9V14f0BT/bNdFVZtTlY4yVon37CX32SZPUcHV7o8 + Dya0sZd9tuVATSv79TnybscuNx95fkoZJwujBfAadexn2zY8zl1oEWEHx7p+8/mE + W8JbQAjbcbX9sNQYXc8kYJylBThmgNN/HXK7CGtgDFr9xnGzDBnDm/M31P1HwYBm + IdIQgFGErEt1K3xvw28Lk3tPuZLK3Y+H2Yna7RRF6K1blGJUvEnL6yFdA10/eFW7 + 8066mO26F2l5xFuktK0nNeniLHKa5VVYp8iM+JMhX38l0wiIi8pGyxo3uAjNpa0w + IfpCneEBe/yyaUPcWMjXmUG5LJe3kWUup8cSzvu01Z3W159/QsflxIMkIsklqhim + B2zuPdAlYsjjS/05DIHInN2IIB/rjADkQvXji1XYLhWJj4jxDeck/UIc6Q22TED+ + autlbl8d/5sqyO5ghPpShF/s0vMTqUfpXZrDrbuyDFqCfwi0ahP03bUsv20ZEz6u + zG3K5HuXHh7ATSppwuMbcv7vcjF1tkbo6XhWZDv0rY0DFWqiYhnxWwlFlGLxf4zX + g6r7Ca/E/YXG/eOET6M9DxwHjj0D7u/ryAkCktqPL9w8oNGarZQ/xMx0+ocI3byc + Zvzlmd63BtgaGNSxH3stK29KN3ED8cDkG/JzAxCATWiUBBkqW/ga4sGZqtLlSO+F + AgwDC9FRLmchgYQBD/9JbFZie25PO2CyELlUWm5SmJcugT9SK/mIA2fe1PlA+Gnf + 5z9iXraMSQchz4R1IoiixDhubwKeKp/auqhlOPvo58Lsi6iDR/WaLWabD+hcyAb1 + ck/f/PUzTLhlLcfu18VPfXVzfnky3dX8P5aS0WMLAQblj2RaaiHxnPqf49kXSn3q + VSJ0pr0nEsPuWtoCkHUAwAJ8X5GPXN2OD4YbHsNaA9h2vrJAxNd5+HNsvg8JtI88 + X/uMM7cWcaXcmNZOz166HUIPcJ5cabJ48Sv8sDfMPOcTiJkMiESBnRYTwdUcp08m + nGipSrUeW3pVOC1bGyukZb6sF84pTtCpqS+kOSfKFlxFFdAEcpzFIPuOMeo2dbKj + GSGPDemZFC2yFq883yk9/mZbgjOUsqrj0ZP3rCD5ZHpfUM5IxGQ+mKaOucTXYmif + lrTPMYnAc7pHxKZ87BgiKBYrfRAZvorLYKv8zG8YagAUw8iCtc68YUUdvLW9haQf + rwWCU1z+sszYSac7I57gfqICQhMUbs1n9S2Cn0C0xo4q2Lu36ysip4rEVGg6TmUu + znXYu+3orodw2TwC0tGxXHYKwmlr7EGnBCbdVKpDoCbV6cYkDYoPUFg0alqIPd5r + KCkee9MaCLLX7IdBrbLf1lkHGwSAs81GfZRMLBauM7/hn+hMUeIJnMbtJnVIB9Je + AdT2nSH06+POnjvxa2t0dUasnG/6ISBRSk6FgBBZ+pdVlrvaB4javgWGpiAWCUu6 + b2CMZF3HullmLj+wwAKlsZsIOXGICN5GeQxLHYF8Kx7Doj68Owu/zGM5MS+7XQ== + =wYdb -----END PGP MESSAGE----- fp: 4BE7925262289B476DBBC17B76FD3810215AE097 unencrypted_suffix: _unencrypted diff --git a/hosts/nixos/x86_64-linux/summers/secrets/pii.nix.enc b/hosts/nixos/x86_64-linux/summers/secrets/pii.nix.enc index 91992c6..d911ed6 100644 --- a/hosts/nixos/x86_64-linux/summers/secrets/pii.nix.enc +++ b/hosts/nixos/x86_64-linux/summers/secrets/pii.nix.enc @@ -1,5 +1,5 @@ { - "data": "ENC[AES256_GCM,data:F3RDXp9c69ZGzLlhWHDGDse6s3qYDbUjGQZi0iSS1J9Bb+K2SToOyxIg51UUp7K3TMQCiwj1OnwdP3FJlaA7CHpKYYEX+hL5/msA+ITs0dWNiuSaI7Hd0HE7kplU+jHVEOoFP36e6sdVlsUO1H2ICUTCIPU6zjQ9FqQkHBeKg9jPnOYkI1AV638F8261nqsfsmrN4yDS4bWgI7WsXBGAZJQ9nuvHIMUBXkLNOGI9o45vOZXW3LZmWLLJUddal8TNeitQ3tzJXnO+4pZbvlHhVxbkwB40Fc3mt/ZYqHfRK9W70dEDa63zYIVoyai8BlXmWl5mScxPerhvt05+NUeswV/yXf4UpsdAUttzNXuWenN7I9bIMrEODFocdPvELB/N/26smXaRFbtakSTeyDSuqwOefUashiZ+LyNB9lLpKyUXUiLxsOusucQIrL9kiMTvr2atPAXfEGJYC25uxNGOghffcwquitcMAKtGyLAMfnI606FkFE1MZxPc60OZo2y1yHhqV/QVFjoAwkFW5sSNUbe5DLoijuoNT+MZGxypwDUhgzCqWXzwz300jzpV3dla2tKeOjcJZk1JmlfXOrPsCNGkL1MtC5kRXFjA9HUV25fSHzrChDiyBek4fTCtZNphJz0yGBbNfX30vpY=,iv:w/D7rqHWsvBxUJaY4D2b3+aJRfoSfDwwU5L3facXFtY=,tag:3pwiviZYNiKe0FwteR7CxA==,type:str]", + "data": "ENC[AES256_GCM,data:l0LIC8IP4wVA8wI5Ef1yKYfvJw4b4izz7HemWgoKjx34GWLnVYKYqrsXuGD8QN0GzbK9ZAPsWXYa3VejnVXv8Qe1B9GPEJbPtP//ExZ9lDYoKICLpy/yLxSiG85xSQQ46UcipCpA5ZjJPnmYeimTlW+PH5BmuL3LD/OteGVcIwRVznBaQwQ/DnzxE7eBOyF3l0apIIzk4paMswF5OSh0+0EfIS0wKJ1zBLW3OfVc9N1npC7nn7x01X/fde9k4s0gt2XjPQ/Qo5HdBfEfqzzOTu1jiYuvuoiQ4KmlME75HWfLoGLjCYCespoEnH0v45vJALiKNk6wBbHwidY00HH8DSxRujYxl23IuW+r6x5B/rpXUanrHzfKmQyx3crYqDl3URHwycW49GXxWBy8PPE49SGmWMh25ceuLjIgqQaGppza1X/V3RV7tvA96/L/kAIvmoDaYJMncFv89Q+fi0obp1YqVNkxsdGuBawOnCzyL2RAhf9t1no2ak7zJnMqaiHY6BU0Sg2OSwWEJQEEBzmj4P5k9SXqVBF/MUL65sp76hq7Wk6mqtofHvzY0ugLw/b2G4+RlWNAyDQnb3dSmldSc/U7bLZ+2Z6IFlMrRGg0niZd8g2283CQACvNBSonZ9v1SMfgN6ChG2U8ry6McYwsrO0dDshiFyyyvy1GxPAzc8nf/n40i0ipnTydJ3vxlaPq3rKZPfsXQdfiqDDu5tGiF+7JpdBtoJQ2Pp8pRKkS6sVPIY2OsTdu/ZQ34aW9aBKLfGMB/YPm9vid1Nlp/5TSbmbXfC9Lwz5s3I50N/iLI9F8W+hhR4RpOQLufkS0+neFqK1N38s6P/lXAfIrDdq9+QNZvSE61bZqjx7oxl6QKJKvZCFmkTIZOP/xANrSe17f2MZ1ugh1MBMb/5/Zh9BznJBEjNMsaCdEEBe8Anbum0oO9CXlldFMqUf+LufI1VDWj/68oBjNmHgHFVzUofxD7q4EZ/8HTtfTWOivVLg0F2l4fR6JIdTqKEk/g1tVll2gWfH9H/xNrdZQ9PQI/XKiSa6LIWEdlPz3TuH2Fw6bo6UC1YfVMvoWPUQsUhqrCBv0eb7snvYBkUJg+/BWhWelL9W8FD0gce3WrJfAe12TXqgWb0zSHtPk9C9E0+UkXEM/SAciBJTSowR0edM8QyPzT8nP/9qrHz390V8EIbENWU9AYDuo6o5fh0E34FHNCuX/+toq9VrZZLVUR1pb+o4=,iv:o6qAis1FnoabxGMQDDXrubSFHIgP0XHkjO4Usx+eQoM=,tag:rC+nrChrFNfT/3C71szrfg==,type:str]", "sops": { "age": [ { @@ -7,8 +7,8 @@ "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKcWF5cDZnWlZBYko2UFV2\nNGRMNlNzejVGR3hJSXNjaFQrWk1FWU9WZDM4CjZBRW9PbG9XY0V2T0dZTVhGU1Nn\nOXpXSWdaeHRNbmd5S0xuUkVuLzlidTgKLS0tIGNXckVXK0d6R2dNKzFzYTNPZWVW\nT0QzY0kvNEJvSC9CWExaRjBsQjdVYU0KavAD19+DC502a44wxbtz8fbxwIgpgE2c\nU4LlkgvkrhtTTiu6d/LiAKfqM9PrSajBdO8YrTpFxkqYgfi1tMoC8w==\n-----END AGE ENCRYPTED FILE-----\n" } ], - "lastmodified": "2026-01-19T14:24:03Z", - "mac": "ENC[AES256_GCM,data:b87qyAxWtLycdtKTN2x+k9+CQB+JBUarfjDdrIiKBSaBwC0Gg05W5t2j1TRqi5NjA8GITYRRIHkzS0jx37zoLSmrJZqzSg4hTlbMDdjeGZiJt+zi7rDSv1HRSoOHz6CoG8XQYULNri1qcLzjBOCcdIFISh9EhXOTNbrwJ8uF/Eo=,iv:sFefD/bK514/SJ3PWJgL5a5Z4UHj6NKvJkLi0HhqpxI=,tag:v6CvJ1o8lKAAx1CApW6sdw==,type:str]", + "lastmodified": "2026-01-10T11:23:49Z", + "mac": "ENC[AES256_GCM,data:p/kSeOGsEFw1NxehT0UVNOrf20K+YEK/heZakNf+X4C4GabctvCTyGouoRDDq3ea/O7TeTT+uVRiveZ6TOE7S7rKwFX5yTuB1wKDqsFLjDgFidwzicHIBmfceB3XolU/l0cIkEH4UcYYOelfiHr5gtjLefnCUojttlUhRZz9CD4=,iv:2QDqwkwlaKZwtnuzfkmBDYmTTvt7FN2op6/O8JcHSBA=,tag:cOgrxorAFDwpBF2NfxxuVw==,type:str]", "pgp": [ { "created_at": "2026-01-10T00:38:26Z", diff --git a/hosts/nixos/x86_64-linux/summers/secrets/postgresql/secrets.yaml b/hosts/nixos/x86_64-linux/summers/secrets/postgresql/secrets.yaml new file mode 100644 index 0000000..47270a6 --- /dev/null +++ b/hosts/nixos/x86_64-linux/summers/secrets/postgresql/secrets.yaml @@ -0,0 +1,57 @@ +wireguard-private-key: ENC[AES256_GCM,data:iSjQO7EUVOYgh3378FTGPOf7fUFLBoA7KhxroPv3iyWfbDI8r0yB/ewoMOI=,iv:Z9KlHucjpU44VvYWkq443njeSs0TREKTIeq65ieUXv4=,tag:6fjf3Ce/tuvK4vHvBaQn4A==,type:str] +sops: + age: + - recipient: age1wmx8y2hs83j2u5srdnfxljrzxm8jtxl6fr0mq7xf2ldxyglpzf2qq89rpx + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBMEM4alliWlBCT3VsbVA5 + OGt5bmQvZW1TaUNkbWtFdzVGNDNpY0hBOVhzCm84TldYNHBrU01HMlBkbGNwZFAw + WVk0T3FycVRHUUNtM1pTYkQ4Qmw3RTgKLS0tIE9LUlNEVjJHOGVIK1RSMmRXUDF6 + QlRKY1hRVzNTVXhESUd3OElXL2pBZXcKDWYoOzi2b4qeIbCVCfTj0lTW+OfbnsXB + 8MugCHu7+b+ju0v/lUP66jDW9/2AH4PzHtCNHjsafyzr2qnW8HlOzA== + -----END AGE ENCRYPTED FILE----- + - recipient: age1c2enwel9un28dcs4wg0vcyamx9a4a6g3walkhu8w5lqhmd804paq9d24as + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJRWJXR2tYdEd4cTZsSi9l + Tm1pSC9pek5BakpEMlkwVTcrMlBuVzlXWUVrCmlnV0xJc25nL0twK3VCZ3FRK2x2 + RW52Q1NxWUhTUGY0NnQ0WEhLMWxIcFUKLS0tIG83eVM0KzdLQ004aDRKNTYvdmVZ + d3ZOSStBMFpSU2ZjNWhFRkREQWlUdmcKggVvLy1mLYGf8084RQtlipS4+z4dfPsN + HZfid0srwYnezlQ5qOY8/HrDLWHEyuZ4xFZVi4n0k49qBpNwJdmvyQ== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2026-01-07T13:36:49Z" + mac: ENC[AES256_GCM,data:FVo2l0qd8E0G4252lmbPqhBKBu1WRXdqD5iYNJ5VTcFwM2ErC1RXVFFzX5jnBdq8yPUozS5/Vjm5p4B+N1bxwDe8nmKUJcXFy5AdMMgrVmXySPqEF6+uMQM5Mfh5yLgLnxscpCo6SV0kESfD86TeHI/HJ73EL4L8tD5V0tiDcSg=,iv:igf9D+MLI0rhagUP6IZLe6sP2HL5UpT5Z0DtLbXVq50=,tag:c0CGV69zbtIUxZMRJHh8yg==,type:str] + pgp: + - created_at: "2026-01-02T21:12:51Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQIMAwDh3VI7VctTARAAmvkQ9V14f0BT/bNdFVZtTlY4yVon37CX32SZPUcHV7o8 + Dya0sZd9tuVATSv79TnybscuNx95fkoZJwujBfAadexn2zY8zl1oEWEHx7p+8/mE + W8JbQAjbcbX9sNQYXc8kYJylBThmgNN/HXK7CGtgDFr9xnGzDBnDm/M31P1HwYBm + IdIQgFGErEt1K3xvw28Lk3tPuZLK3Y+H2Yna7RRF6K1blGJUvEnL6yFdA10/eFW7 + 8066mO26F2l5xFuktK0nNeniLHKa5VVYp8iM+JMhX38l0wiIi8pGyxo3uAjNpa0w + IfpCneEBe/yyaUPcWMjXmUG5LJe3kWUup8cSzvu01Z3W159/QsflxIMkIsklqhim + B2zuPdAlYsjjS/05DIHInN2IIB/rjADkQvXji1XYLhWJj4jxDeck/UIc6Q22TED+ + autlbl8d/5sqyO5ghPpShF/s0vMTqUfpXZrDrbuyDFqCfwi0ahP03bUsv20ZEz6u + zG3K5HuXHh7ATSppwuMbcv7vcjF1tkbo6XhWZDv0rY0DFWqiYhnxWwlFlGLxf4zX + g6r7Ca/E/YXG/eOET6M9DxwHjj0D7u/ryAkCktqPL9w8oNGarZQ/xMx0+ocI3byc + Zvzlmd63BtgaGNSxH3stK29KN3ED8cDkG/JzAxCATWiUBBkqW/ga4sGZqtLlSO+F + AgwDC9FRLmchgYQBD/9JbFZie25PO2CyELlUWm5SmJcugT9SK/mIA2fe1PlA+Gnf + 5z9iXraMSQchz4R1IoiixDhubwKeKp/auqhlOPvo58Lsi6iDR/WaLWabD+hcyAb1 + ck/f/PUzTLhlLcfu18VPfXVzfnky3dX8P5aS0WMLAQblj2RaaiHxnPqf49kXSn3q + VSJ0pr0nEsPuWtoCkHUAwAJ8X5GPXN2OD4YbHsNaA9h2vrJAxNd5+HNsvg8JtI88 + X/uMM7cWcaXcmNZOz166HUIPcJ5cabJ48Sv8sDfMPOcTiJkMiESBnRYTwdUcp08m + nGipSrUeW3pVOC1bGyukZb6sF84pTtCpqS+kOSfKFlxFFdAEcpzFIPuOMeo2dbKj + GSGPDemZFC2yFq883yk9/mZbgjOUsqrj0ZP3rCD5ZHpfUM5IxGQ+mKaOucTXYmif + lrTPMYnAc7pHxKZ87BgiKBYrfRAZvorLYKv8zG8YagAUw8iCtc68YUUdvLW9haQf + rwWCU1z+sszYSac7I57gfqICQhMUbs1n9S2Cn0C0xo4q2Lu36ysip4rEVGg6TmUu + znXYu+3orodw2TwC0tGxXHYKwmlr7EGnBCbdVKpDoCbV6cYkDYoPUFg0alqIPd5r + KCkee9MaCLLX7IdBrbLf1lkHGwSAs81GfZRMLBauM7/hn+hMUeIJnMbtJnVIB9Je + AdT2nSH06+POnjvxa2t0dUasnG/6ISBRSk6FgBBZ+pdVlrvaB4javgWGpiAWCUu6 + b2CMZF3HullmLj+wwAKlsZsIOXGICN5GeQxLHYF8Kx7Doj68Owu/zGM5MS+7XQ== + =wYdb + -----END PGP MESSAGE----- + fp: 4BE7925262289B476DBBC17B76FD3810215AE097 + unencrypted_suffix: _unencrypted + version: 3.11.0 diff --git a/hosts/nixos/x86_64-linux/summers/secrets/radicale/secrets.yaml b/hosts/nixos/x86_64-linux/summers/secrets/radicale/secrets.yaml index d4f74ef..ff5dd8f 100644 --- a/hosts/nixos/x86_64-linux/summers/secrets/radicale/secrets.yaml +++ b/hosts/nixos/x86_64-linux/summers/secrets/radicale/secrets.yaml @@ -2,56 +2,56 @@ wireguard-private-key: ENC[AES256_GCM,data:1yvGiPIViIM7PZc8fi4MRFo6X4ZP0ospI4bx0 radicale-user: ENC[AES256_GCM,data:BBo1TscIK622Whg=,iv:yRxEy4sVlZNzqGGML+dCeGzN2viMT7N9Eg9lWYSGljE=,tag:3cX1cfTzhxNYrtk1u3lLXw==,type:str] sops: age: - - recipient: age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u + - recipient: age1wmx8y2hs83j2u5srdnfxljrzxm8jtxl6fr0mq7xf2ldxyglpzf2qq89rpx enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1YU82S1BwWXJubVNNMFFu - VTN6Tm9TaTMzdjVmdzB4amVqYlRPemlHa0VnCkNqQ0JEQnBkYnMwZFVYZzlCQ1d1 - dlBXNDRCb05QSUNhS3EyOCswVjZ0bUEKLS0tIHhiTkdOTE9LNDRGRnE5Vit4MXBW - cXdtV1FCNWNZYkxvOWQ1NU1zbHlXVzAKWVblTzYX5NJ7GDZ1ma1L7fo3XU9K93w9 - /qVeTSiP8KhoE3BLueaEUZ5J9CTPXmb5SQ+4D7P9i2DQAqcVDtlccw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBMEM4alliWlBCT3VsbVA5 + OGt5bmQvZW1TaUNkbWtFdzVGNDNpY0hBOVhzCm84TldYNHBrU01HMlBkbGNwZFAw + WVk0T3FycVRHUUNtM1pTYkQ4Qmw3RTgKLS0tIE9LUlNEVjJHOGVIK1RSMmRXUDF6 + QlRKY1hRVzNTVXhESUd3OElXL2pBZXcKDWYoOzi2b4qeIbCVCfTj0lTW+OfbnsXB + 8MugCHu7+b+ju0v/lUP66jDW9/2AH4PzHtCNHjsafyzr2qnW8HlOzA== -----END AGE ENCRYPTED FILE----- - - recipient: age1gxg2peektn8x36kk3nsgmeawl73e54kaadqd649ygwrv43kkvejq2cw64z + - recipient: age1c2enwel9un28dcs4wg0vcyamx9a4a6g3walkhu8w5lqhmd804paq9d24as enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBrd0tiT2gvbTNUMjQzM2ZN - aUl2MllvZlFsaVhjQ2FNR29wOWVmSnkycUNJClNsdnd3alpCSUROSXBkSEx4c1lr - b2lvVXJtWWZRT3RMaVpjendaSks1UjAKLS0tIHN5eVRXYkJWSm9pYmZXVnRab0Zr - OEpYaWt2TWFmWmUyZWx6NUJpZnVWYkEKJxAulYLyTBmFPBCcYhCLmgBUIGJgYaCh - NC4k7PzIdiKl29tAolW24aZO70EH8JVCirjpWQlKo8W5hPSaJv/q/A== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJRWJXR2tYdEd4cTZsSi9l + Tm1pSC9pek5BakpEMlkwVTcrMlBuVzlXWUVrCmlnV0xJc25nL0twK3VCZ3FRK2x2 + RW52Q1NxWUhTUGY0NnQ0WEhLMWxIcFUKLS0tIG83eVM0KzdLQ004aDRKNTYvdmVZ + d3ZOSStBMFpSU2ZjNWhFRkREQWlUdmcKggVvLy1mLYGf8084RQtlipS4+z4dfPsN + HZfid0srwYnezlQ5qOY8/HrDLWHEyuZ4xFZVi4n0k49qBpNwJdmvyQ== -----END AGE ENCRYPTED FILE----- lastmodified: "2026-01-08T08:03:16Z" mac: ENC[AES256_GCM,data:z+ETj7inVkrg3lniueJNw4VwMp52S0wH+6kEH3bWPvMjml4Biy9wUqatlayi4cHsYQaEL/2ok8bi9rNuMrYYWs7qieLDZfRQuHEJNdylPxIKrQn0xn91ihbQJRyGMCweEtaHNR6uZY0uKH/wvvBlBLcZmuiXtPU9CGPIh72fTdA=,iv:41h4pi70SArumCJ+RqdLKlaiPwyqW0Kzro8u/GHNvxI=,tag:1kitWfua42WtVlWRrGJ/TA==,type:str] pgp: - - created_at: "2026-01-12T22:05:39Z" + - created_at: "2026-01-02T21:12:51Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAwDh3VI7VctTARAArEo4xS5vSvBRMoU9IiazfF78cObwThwoes/HQL5wSnpX - 6rOOOIaFZv8MZDcfeS7IZCoUxBsuDIpCSHY6bo/iaGOzQ5616+wS8SZTz0x4aU6f - QLfmAIeqoNU0mcXVsGbm202d76XNYsGARpHprIktjhewzRFa2B0akZGxQ4RnuErT - 5lIkyFPKXB4FxXmakwdUnVj5lcx5VEbmyNtsrcqFpY81m+DH9hhRsI6Q3ac2Z2Wl - iC4vVmjGSgex//HXve/YDuUGndzfZQDtk0HmTgfD3+PU+YAWF8ikyE/GhtTV14mg - dFsqYhKEQLGziCxIkx91vejX2/80eh00uVSGWJ/XiYl/xaXwEz202pVfEIJNZE5t - LPe8mYw2IyYkq3CQy8iyB2DRZGqHKcMftXU5upP1jeDUXvzj3nUEaG95XTWT6hmy - 2tWS86ZjQpfTX2e/q28L/knl2yHI9/f7e/udpYG+5xIuVY/0732aIKwBNVmEDI6+ - y/08NcJJKRCE1aTdfGf3jNJteKQzUlnaQD+HThpFq06RW/e4PXitKyWvdDydAmfr - vKFVlQchdT81fA6J6SK1GohDa8/q9frbaX8iLpyV/l6c7KGJ8BgTUl/rMHCwZrhm - eJMweyc9KUgkjmhcSvZ0puyp5xhPPy6DD6EXwIGyWiAIbZ3sKLFuWC63CJwQQHqF - AgwDC9FRLmchgYQBD/9mRhx5N3zfewIc5ZKZLwo7gqv3qex0m8fLmRHMZxGREeDT - hH0hrvYoab0eddg/vywzIcvqzysErvKcT61Wdo6kv+XDAojJFCN1xAhGbgYF/M51 - LID3j3oo5TL4kMBU8NES6VQHieAtV/eUIYbx/G75X/bOIdloxL1V2MzKu59YOdEv - P8KgtkA2kfbdR/PLl724R1nHHoCrt707T7RdJP8vOAE6Vu1v4xPMC3Y2vgkrAr42 - K9/qecQg0RZQJRA73fEyX6IIsktJxjm7YaaznXSyBqw3YlqSsPSyT6sd8SDgTBju - N0n/SOcrgM+X8tnq38XTbQFVlT7dMr/e3Flh2a7igA+Ceaqn//gJi+fOzd/9kP4m - ESCG36+qBRYaqDyYK4BzLVJhhG4qr6pIHPd8t61UDB4QbjvwOmr70OQ/Dmsp4KOJ - +dADOOoIe5fHbpAr8Fc5Mj7hvkEwl3B5uOgkkaW7xfmwhbogsLBRKBu/ZhK7QAJL - LjmMzSOvbw/Vai7X1myDiBtkubnGHJ0zrWqXLIlagH7zts2jygL4VuYJftmCJ+R+ - kAQ/x/AYew6DgLdtOWJpOrs9lNX/T2uEtCQSNt5l8/7EfLAHp65LPSo4KgoBhflp - bRR4azACGhnH0VOzpQD6grn5XKLJmtRq2+LTRM80TNlNp4kCysm4HwijxgaxENJe - AfU03Aj5CVREQwC3sUllLtz1W2BPFh5jzisktuNU9QlExGZXGUPSxFuxv1Pi5m5Y - dRfutHRl+2kDAgXj+nP5b1rdFxTHLaxCVtrL1qsu2Xq/jJDpsfryqt+preZMyg== - =cyX1 + hQIMAwDh3VI7VctTARAAmvkQ9V14f0BT/bNdFVZtTlY4yVon37CX32SZPUcHV7o8 + Dya0sZd9tuVATSv79TnybscuNx95fkoZJwujBfAadexn2zY8zl1oEWEHx7p+8/mE + W8JbQAjbcbX9sNQYXc8kYJylBThmgNN/HXK7CGtgDFr9xnGzDBnDm/M31P1HwYBm + IdIQgFGErEt1K3xvw28Lk3tPuZLK3Y+H2Yna7RRF6K1blGJUvEnL6yFdA10/eFW7 + 8066mO26F2l5xFuktK0nNeniLHKa5VVYp8iM+JMhX38l0wiIi8pGyxo3uAjNpa0w + IfpCneEBe/yyaUPcWMjXmUG5LJe3kWUup8cSzvu01Z3W159/QsflxIMkIsklqhim + B2zuPdAlYsjjS/05DIHInN2IIB/rjADkQvXji1XYLhWJj4jxDeck/UIc6Q22TED+ + autlbl8d/5sqyO5ghPpShF/s0vMTqUfpXZrDrbuyDFqCfwi0ahP03bUsv20ZEz6u + zG3K5HuXHh7ATSppwuMbcv7vcjF1tkbo6XhWZDv0rY0DFWqiYhnxWwlFlGLxf4zX + g6r7Ca/E/YXG/eOET6M9DxwHjj0D7u/ryAkCktqPL9w8oNGarZQ/xMx0+ocI3byc + Zvzlmd63BtgaGNSxH3stK29KN3ED8cDkG/JzAxCATWiUBBkqW/ga4sGZqtLlSO+F + AgwDC9FRLmchgYQBD/9JbFZie25PO2CyELlUWm5SmJcugT9SK/mIA2fe1PlA+Gnf + 5z9iXraMSQchz4R1IoiixDhubwKeKp/auqhlOPvo58Lsi6iDR/WaLWabD+hcyAb1 + ck/f/PUzTLhlLcfu18VPfXVzfnky3dX8P5aS0WMLAQblj2RaaiHxnPqf49kXSn3q + VSJ0pr0nEsPuWtoCkHUAwAJ8X5GPXN2OD4YbHsNaA9h2vrJAxNd5+HNsvg8JtI88 + X/uMM7cWcaXcmNZOz166HUIPcJ5cabJ48Sv8sDfMPOcTiJkMiESBnRYTwdUcp08m + nGipSrUeW3pVOC1bGyukZb6sF84pTtCpqS+kOSfKFlxFFdAEcpzFIPuOMeo2dbKj + GSGPDemZFC2yFq883yk9/mZbgjOUsqrj0ZP3rCD5ZHpfUM5IxGQ+mKaOucTXYmif + lrTPMYnAc7pHxKZ87BgiKBYrfRAZvorLYKv8zG8YagAUw8iCtc68YUUdvLW9haQf + rwWCU1z+sszYSac7I57gfqICQhMUbs1n9S2Cn0C0xo4q2Lu36ysip4rEVGg6TmUu + znXYu+3orodw2TwC0tGxXHYKwmlr7EGnBCbdVKpDoCbV6cYkDYoPUFg0alqIPd5r + KCkee9MaCLLX7IdBrbLf1lkHGwSAs81GfZRMLBauM7/hn+hMUeIJnMbtJnVIB9Je + AdT2nSH06+POnjvxa2t0dUasnG/6ISBRSk6FgBBZ+pdVlrvaB4javgWGpiAWCUu6 + b2CMZF3HullmLj+wwAKlsZsIOXGICN5GeQxLHYF8Kx7Doj68Owu/zGM5MS+7XQ== + =wYdb -----END PGP MESSAGE----- fp: 4BE7925262289B476DBBC17B76FD3810215AE097 unencrypted_suffix: _unencrypted diff --git a/hosts/nixos/x86_64-linux/summers/secrets/secrets.yaml b/hosts/nixos/x86_64-linux/summers/secrets/secrets.yaml index 18099db..f1ff4a4 100644 --- a/hosts/nixos/x86_64-linux/summers/secrets/secrets.yaml +++ b/hosts/nixos/x86_64-linux/summers/secrets/secrets.yaml @@ -1,10 +1,62 @@ -resticpw-SwarselState: ENC[AES256_GCM,data:rJrpeiNxdGZ3NF0=,iv:NHf5tp9h9lHDzTNogFkzhyBXgJVSbawT45sSvlSn27c=,tag:D36aXm3Q09cFiaNuJjL9SQ==,type:str] -resticpw-SwarselStorage: ENC[AES256_GCM,data:uj8smcKXrOzm+Sc=,iv:ASXoj5ZDgW26ri4LpxtbyUbPoc1IvxIYxjMcM/waLus=,tag:sP1Q3561lMKXYzuDkPC3HQ==,type:str] -resticaccesskey-SwarselState: ENC[AES256_GCM,data:boY2ai1iHwjaEUXFrpQK3Jpi47GhhTF+5A==,iv:qcYJE2BidxvesBOBJU/KI0PqXCpb9Fa5fr9gRcE4ox8=,tag:XAArkrmA6n0hGxU4+3OSGA==,type:str] -resticaccesskey-SwarselStorage: ENC[AES256_GCM,data:b3pHjKJP8+pNwoR/0nj8kidtKZcqUHAkkQ==,iv:MKEV6AkkTgbZrc63DipIxPvm4pl5/elInY6N0ewl3ac=,tag:OZVUdGBq5HYCX/NL7RJgrA==,type:str] -resticsecretaccesskey-SwarselState: ENC[AES256_GCM,data:2tC7RKRQM55dekqc6DLsgZqIBQbmWJySIXCOyUjTMw==,iv:a0bjCwmFTUZcJlz9WMp2vorwm9dUxg/7ulKWtL14LiU=,tag:7jbl6AGx7dguM8GmTD6MHw==,type:str] -resticsecretaccesskey-SwarselStorage: ENC[AES256_GCM,data:yjhLY7AuW3m5tOqfiAt6IbVHTnGkzSGzjkoqWD3wvQ==,iv:+2/dSke3LlWQpWa8adNS65M2sbfNw7DbiFCruMHnBRU=,tag:XgV4J9/c5yg0X1eBN1myXQ==,type:str] +resticpw: ENC[AES256_GCM,data:duM1dMkCRdckaOg=,iv:mPRxC5KgBMHRUcgHJQTfLA9P5EfGwnbnfzCp8CNIr9o=,tag:VZlFcaVnm4eay+JM0Sd7cA==,type:str] +resticaccesskey: ENC[AES256_GCM,data:Jt4uKdD7WqjaRjnKLeJhYoFSTtpwqPuARw==,iv:s1Ff5h2uKVxZY0hIZObZLXDlxgoUIFTYSiO17JKPUWY=,tag:DenvTp2ny8i+XjgTF3MPNA==,type:str] +resticsecretaccesskey: ENC[AES256_GCM,data:ijvux8Uldkct48gqVIC+jtfJ8m2oQ8ZbIZUZbyY79A==,iv:BxC2CZ87hxZhf35xqLe4ArGO8EnsYCABmiN+OM7t6tk=,tag:I61Ne5ztK5CUDUu+yvBcig==,type:str] wireguard-private-key: ENC[AES256_GCM,data:lP5wnI1YUSb2PJUo8LvCogz0gfwwnqgYtNEly2i8P4geQVGnsxCz2c0ZKgM=,iv:55gjJ2K15EB8i9iwNNsuKwzHZsX3RvsTKNAnr+Ac4to=,tag:GPscRLTJSj+TNJ/15pM1mw==,type:str] +#ENC[AES256_GCM,data:D3AMwX0rBg==,iv:4AaUSc9Swp4RJIqeNzTW7MvAi5cZ3c53alWY3P4wS5U=,tag:IUzpcX38+495WM3O7L0uGQ==,type:comment] +kavita-token: ENC[AES256_GCM,data:coBAnDN4tWB0b05z+SRv8tGau+KrvMbEBICpPPYrjAqS/jVIrsKfpiVp+jJ2ruKnrwFnE8aVzWMB423fFk/GzpLDJZHF7oPjlr5QQVsGQ+NP7Ls7lAu6/A==,iv:pk+sZqRcx+WgS0Nwa4z4I2RmTobL7QME8E77bYdlcsw=,tag:XJ46v//ploErgSNLlUfPBg==,type:str] +#ENC[AES256_GCM,data:KxuybG2VSA==,iv:5HnK8dQsTW+shG+EzGh9BomfoBGl5cdSQpZjD4OF8y4=,tag:S2EgHIoHyXpxpU48hWiiYQ==,type:comment] +matrix-shared-secret: ENC[AES256_GCM,data:wCDMXzV18aFk4h1tf60N61K8j+gRJxIfbQLvqbfoDWPH2gbuNsg3SfDyFgDZQUzAzfaYC+jcbUAFOPm7ZD6axQ==,iv:9Rpx5jHyxqoyLSD39zPopj7m5ZZcPIhiRTh9tZXIero=,tag:JQg1uOorQvN3m7Cm6fT0vA==,type:str] +mautrix-telegram-as-token: ENC[AES256_GCM,data:/34XoVkm/8o84PUDXGWzFphEu+0LyvfEo+HOEbEB5GfrHzJmPpWgdGmedAYLpupvOzWWjODXgNk0zC3l4a+4gQ==,iv:7AdLQ3/SCJM9VxEFOBZnmVWKeSDTKyFLq+dysahlErI=,tag:NP/iV6aVZLy4RFOK1OqOPA==,type:str] +mautrix-telegram-hs-token: ENC[AES256_GCM,data:6je3dFrFAoNCbUuZD7C+kMoQpNeqBxoUusEJBFM0IYcVAqsmclMktHWLFDerkfzgGmKverqnf+rINDVEX8Df5A==,iv:iDqeYSsw1OTxu4K+zAEU+eUz+TLnXSzXbr6J4cLp7KQ=,tag:PBHqaqJEVEN8nk5hmIVEpQ==,type:str] +mautrix-telegram-api-id: ENC[AES256_GCM,data:R6C4gFh+NQ==,iv:30LZQR0CRmtAxqXVu/GOihdvdsWqGqiLMQJAM1yaSg0=,tag:9QM9VlCqSFuDo2k0WJx7/w==,type:str] +mautrix-telegram-api-hash: ENC[AES256_GCM,data:m6RhyLX2wNtMG/rZtLtwPVYiF9rD6bqsulJTE4tNkeA=,iv:aGq8TGQCOVlf55XfM4A9V0eDF75E8Rg8Jg+Vc72NJ00=,tag:J2fJ+Q7KToQirY87t4mvzQ==,type:str] +#ENC[AES256_GCM,data:6lE2jJal,iv:n6GbM2CZy9KSVRPJvnYYhcN81P77TUoy9ZJwplbtPLg=,tag:UaI3x5tu9meuZc2Wj+s82w==,type:comment] +acme-dns-token: ENC[AES256_GCM,data:Q5rGOFLYvCQ0h8BZKC3JlcWHp2q3ucIoE1E3NujEGoBltdUj3RpY3Q==,iv:T38LtQ02/11zlJUUahIeDNXyd9fQ7MYAOYgAY5ioLMw=,tag:5G0emN3Oje+Otl4uBxe8Ow==,type:str] +#ENC[AES256_GCM,data:XTHlwp41c52pmg==,iv:P82FtV4f+KziNF5QNca/xx8ZvdeZu+4tQmtePvjhKGU=,tag:AdVhiRLboyDT3jaSBjD0Mw==,type:comment] +paperless-admin-pw: ENC[AES256_GCM,data:mfk+N/cxddgUiandSNIYvbt0X1nDLaWOzw==,iv:CbHsz5ldL4sdnMCghh5DFbIBeR7e7c8ftuB3cTRBXBQ=,tag:SGk6QsUO7+H30Mi8fFuaRQ==,type:str] +kanidm-paperless-client: ENC[AES256_GCM,data:9mqdKyyuPyezSiNIVBe4/ViHydfkfZmAiA==,iv:frksTnlKbIHG1XdXUTQwKHLtlpRdZeQOOCBFRQ9DY1o=,tag:DBUy4xV0drIxXL9IxV30/w==,type:str] +#ENC[AES256_GCM,data:4n9xtQ==,iv:Qa+X5jJ/PQLkEB/EdRoB6pic642twVkt8zTIkHLOGz8=,tag:cZP9TyLPNACeHRMqTsRnlw==,type:comment] +mpd-pw: ENC[AES256_GCM,data:umt4fAgqaLBIXLhLLGUAay/YbSKC2r4uZA==,iv:yBOe8MpJZGrko30+zmP6LYI7uPJvQUf9+KhZAsSKk90=,tag:JWpGwG5trY/kLyQo707jDQ==,type:str] +#ENC[AES256_GCM,data:mHqhDMd0XorN,iv:LFGTMK375H8QenyYVSSF0IfummbSa6XPSCrrQryy0/8=,tag:r7qqAYPVfVkgZXObQLYMGQ==,type:comment] +nextcloud-admin-pw: ENC[AES256_GCM,data:WIS+dK+6sNa8l9sfqILcVXpI,iv:pAOX6uUusKKOGrzHzij6tNOHJkacxyac/YFbU8ZmFhY=,tag:NQByvZhCu1qf1Qb/Eor0sA==,type:str] +kanidm-nextcloud-client: ENC[AES256_GCM,data:qEamdf1+i9Je6l2uswgDfrc/KkbLDDnZ/Q==,iv:T9g7V86o9sTIWZ6MwRg2Li2ntpR5B+DgvXbrM/pBHo0=,tag:OH4FKB6qgsdAEVb8wdkKCg==,type:str] +#ENC[AES256_GCM,data:mRjlEtwcsjs=,iv:l+6IJr+nyIUF45vhNAw84eVoypF+grcKvXa3Z4mDntI=,tag:A8guEoZcPnAzlvsbQGI1NQ==,type:comment] +grafana-admin-pw: ENC[AES256_GCM,data:OZRhYLC8mKGT1dLpYNA=,iv:JWLDUXsHEgISVX5qPOY/SyEyMbd1wBPRcX4aB9V1VY4=,tag:UnM7Ki9rqcv+QKEkbD5geQ==,type:str] +prometheus-admin-pw: ENC[AES256_GCM,data:zKtPGDIDN/pJxdRuQthIOkvVgjmx+FrEcA==,iv:M/gY7JGCcf3qOR3abTOhW4oK+cEZ+qrA7Ej1dXXWXnU=,tag:LD4faKNGJnJSPv0w2UtCqw==,type:str] +kanidm-grafana-client: ENC[AES256_GCM,data:wIPvYpMuT3cJKImJ/NrvfZg4u841DQNjow==,iv:BMIrNgd5p5kaQOqC7GyCz6tF76HOx7GHJ5TcWL/Qeaw=,tag:pfhys3Q1WBzv8lcaz4gSZA==,type:str] +#ENC[AES256_GCM,data:jWNwieXkgftTIg==,iv:3fYUvETktHqHxg1MR2ZK6Bkz4DGjILS7gIU7taGj534=,tag:cLIde4jkQUo2kZ1nxACQ2A==,type:comment] +freshrss-pw: ENC[AES256_GCM,data:+jKVUjkpNCjGSgE=,iv:SZu/AZxue9Y4xEdrAEHkwzuoL7THI6MS8YQFwcoRPMI=,tag:M/iBUKcKe1d6gW1cUpeBew==,type:str] +freshrss-oidc-crypto-key: ENC[AES256_GCM,data:bsnB53+pm+1AlPx6kvQ46GUtocDZJW2+MyJDC7tuSbgY3hnFOhmbbQ==,iv:9gF7OLOTxva4znYIEsdvrfI9JFPhuFucuH3oK9Rj3f8=,tag:TY7QfUpI1GmkNYXDNyl4zQ==,type:str] +kanidm-freshrss-client: ENC[AES256_GCM,data:7CO/LL3uKxQHFjfC3VR4JfL13hT7T/OG5w==,iv:Q5BZSrxMgUM5dXKKLeTXG/kWUgFb1RCmUQSg+B0H32w=,tag:gX2O/2l9XFk2r9HfGzWliA==,type:str] +#ENC[AES256_GCM,data:fs3hYmSnPA==,iv:AO/BtxZ//pNQESSDYSUZzSWc1daj6aa2vXteC04HivI=,tag:HfRZ2YUWO2XNtjN8IZMmvQ==,type:comment] +kanidm-admin-pw: ENC[AES256_GCM,data:OF7rhjmg0I7V5qc2nWfQzSAIMlowXapbvg==,iv:I3Ig16YFPP2BeoAdYmRLQe8fqdV/MC+GW3T61kNiftY=,tag:n/WcJsNejgoZIK4GmnaPlA==,type:str] +kanidm-idm-admin-pw: ENC[AES256_GCM,data:UdGmzkgeDVWzFR+jqmwzxB2U0yjbOMf5ZQ==,iv:dB1rS0d7/hgA4UGSu/P2OIu43PHZbif3UkNd9vZ962Y=,tag:6mYDZUcobB0Vi/sZ+nOt/g==,type:str] +kanidm-immich: ENC[AES256_GCM,data:9vIcSVknbeitmmj5SVWcfOkji+0tTyvEJA==,iv:cMorkTF7swSLShonZqkuPl2RfrGBOQVnR2XTFr8Rwy0=,tag:BK4QRnCsxNPpdqQk03ghMw==,type:str] +kanidm-paperless: ENC[AES256_GCM,data:IjB3ZySYVS3OZU3pq4dE4qzm4F3enTEwYw==,iv:UZyYN5zyyvsAwLf55mAw32/CdygYbtfZvQY6BBzlchE=,tag:Tz3TOqf7oIyw1j414bvHDw==,type:str] +kanidm-forgejo: ENC[AES256_GCM,data:hDPeC5CPg2yHvxtw5Z6uIwr9TtiJM+PjGg==,iv:+pEDpmePUbbH9H5edZ5IPPXY1g2Daw8lLgyDM+h/0Zc=,tag:tugJxGP2LTYrHnNKb4/wgg==,type:str] +kanidm-grafana: ENC[AES256_GCM,data:+tfJr1mrfD7Kza9R26av7G+QgzzQhjeUmw==,iv:StWa8qivQZFhA1V5pSskeXL2IF8QkZd/tdOdAmWJLL8=,tag:U5A137+ACOWl1LdmLwb+xA==,type:str] +kanidm-nextcloud: ENC[AES256_GCM,data:yTBSlSN7O+ywGB6j8dvORE8C3xabayg3NA==,iv:kprbm7NR/ukczINENzdLOgBl2fwSs1CWkW+XFmLYxTw=,tag:U1fwlVRwcJBMbxCPAqovBg==,type:str] +kanidm-oauth2-proxy: ENC[AES256_GCM,data:Wj+tqtfxI/JDZwM8dFKvWaq6P5xrdPeszw==,iv:9WNcoLs4zMzVgGAMIanS8IAJKZU/IV9AY4YXw8gsl4c=,tag:JTZMI7xmzlVbpoN7T35bJA==,type:str] +kanidm-freshrss: ENC[AES256_GCM,data:pO6j+ZAD8NXUiHMZ5jg1Dsu6OcFr8BUIfQ==,iv:2vxDhyGqafbOBLsmQFuiBVN/2H4h2ZIJfG7h4iV/dIE=,tag:cYO2ANzUMAwVBiq87SQ0wA==,type:str] +kanidm-firezone: ENC[AES256_GCM,data:5QcRJy1kn1bk8zBqPznyq6vHHukmIIQpiQ==,iv:GL0QkqhsgRIeE+1rIDqVuC+UyIKPJTu5AHALBMZq2Yg=,tag:+kF/HQexEgg6JJyv3LeGvw==,type:str] +#ENC[AES256_GCM,data:nkfK+2JT/zAFEN5r,iv:zhequNAlsknCC1ROXYm+tzaUy6mN6XmuqS13Q6HU0a0=,tag:FQw0dwMR/yitjGSFWW6/RQ==,type:comment] +firefly-iii-app-key: ENC[AES256_GCM,data:1jLFVD8tMVF9hYiNeUZn1ZpPcKuvpYEZxLJcylg415PXl7ngmDa6H3ruYKFk/rt0sjh7,iv:uFBKrNOa5NdHWsLW5knd16tF0HQH7j4nsoF2TGEcrl0=,tag:X61hLERJNS//sSkhtkBEwA==,type:str] +#ENC[AES256_GCM,data:ZeR7BLj26KJabuQx,iv:Fp8Etgu5tg9xmqT421n7vvQvL27evPslZmVgIiGCGDs=,tag:DjirUtjNCh09D2JGJXqaYQ==,type:comment] +koillection-env-file: ENC[AES256_GCM,data:G/Nwzw5wQAr7aUfM+JclpmXaVwLKr9DV4M0F69Sya1U=,iv:gAYrD2XFKl0gWyU0wQ2JU0Vrn9bXVLJf5p1HdunZxqw=,tag:y64flWvqJ2KGETBnnnSDOw==,type:str] +koillection-db-password: ENC[AES256_GCM,data:vKHnmcvSOKhHOt6Mdbw+uT7GdM8=,iv:/pHI4ficUG81gkAUTATUt1SLDxiWYZoONqXUrIuEjcM=,tag:2kRNBut9P8qSGvy1D5mJzA==,type:str] +#ENC[AES256_GCM,data:QgzAs3Xq1wgb10RNZzl0uJA=,iv:oCIr3yh3iiaskY1en7QPZvRGhC4wmzGI2MQ9qJ1FoW0=,tag:Fjcr+5Xz3gmEckizaUczgQ==,type:comment] +anki-pw: ENC[AES256_GCM,data:TGKLFfBD9UEZlvc=,iv:8GsOAxr7DI4uEsGREfsbRPA6p6/7Jl9oUXWpCmobBZ4=,tag:ZpmubPgfwmLw817sMpHRcg==,type:str] +#ENC[AES256_GCM,data:g1yoM9Q8wfA=,iv:Gj/srSIg6aI0lybHMQGu8wu2KfvzdKJ3XetoTaZwJpg=,tag:N1lqDLoqhiT7YNu4hyvwmw==,type:comment] +kanidm-forgejo-client: ENC[AES256_GCM,data:eQwwaqdWAHQ+1HgfKtx9v/5kT1rzbFfUhA==,iv:HKylHTkifgSIuq4tKPIsyOzDCn5ynl66/PLDyWW/pEQ=,tag:k3ZjA0BvdLvpbogq+e9JUQ==,type:str] +#ENC[AES256_GCM,data:7ZIGRjWPgI9l,iv:YXDxvRZ9SPO9cJBsGQ2T1i5DojjaghrlF5h53ECgukE=,tag:uXvmB3kINl4jg+18OoSpHA==,type:comment] +radicale-user: ENC[AES256_GCM,data:jsrSPQ9bk5IPSaw=,iv:4o4BYlQlWONCv5M51C1EhgbxGvg8Bir/rIdMjGO+yeo=,tag:oxrSuJS9LKRQurSM+0gfYg==,type:str] +#ENC[AES256_GCM,data:MiKHFUmTDvnrjhw=,iv:Y72pVFthqLq+LVj5bmy7dNDvXMxvTtFPEHSAfB1Dcoo=,tag:802/jEiC4zWXmvjXPwSYEw==,type:comment] +prometheus-admin-hash: ENC[AES256_GCM,data:Zp2yXBiFudvD75Yupi5mjQwL5wai+atnJ0ltzM+TnzFNzFgYv8hdilsxYSD0VDo6CZJWhEtp9ozfiETs,iv:jidoobYusa5RfAZfcdVSNj5yKBJvlRRCfcN7MYkN6Ko=,tag:2tYV/SFajv9VE+lIOuH/5w==,type:str] +snipe-it-appkey: ENC[AES256_GCM,data:6nsXRMr2Fr7e0b/0WJS7ntlg5HEedGMCGe/69kwfyb6llSp4Pn1H4eQc0Mk=,iv:ZtL9tTNZhUT+YL7Ps7ZyUBKd5W0i7ZZAeqyZbJB6ELs=,tag:nJnqHXg6OhQhRnRtraW3bA==,type:str] +snipe-it-db-password: ENC[AES256_GCM,data:Jpk3Ka4/Fk3CMdUZDf1SbaUbGbmkYl1L2YvEpGR/H4kq32Q=,iv:7t4bM8c2huTEYxUJDxu72dTueiGNOzwFjoedcQK5hdY=,tag:IHXqtICjjd4O/9MqqCyu2Q==,type:str] +#ENC[AES256_GCM,data:Z2MArzHJ5g==,iv:5IFG5SSmOOQU8hUiwLXG2UBRbPmgeq09/XU7UcPqoDc=,tag:93YLtbQgBMdDWCSl5BUVvw==,type:comment] +garage-admin-token: ENC[AES256_GCM,data:XZ4OVmqy4O2+NBqV+TlVCYb9Lk5bNoKFLcCNaNIRv0YEKcIgAlnL3bTuIaw=,iv:KvYTpvnmupx5DIVIh/EkKPkX3yr/3eLMzWB1vA5KM9k=,tag:L+kMrGSHXUsEqH0oFuBB2Q==,type:str] +garage-rpc-secret: ENC[AES256_GCM,data:uTLsZv1viatNX3f1qdDvFDKfVRgDDLv2+AUHCPo3lx/cUiB9HMcuUHJoNP8sLeuX77WXon29ZKMd5fKnydo77g==,iv:IJgDZZkA4QQfOWTWh7OLtWRZi0yE4dKE0BoJCqopWl8=,tag:wh9aWZhEehHx0nQ8UBBNKg==,type:str] sops: age: - recipient: age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u @@ -16,8 +68,8 @@ sops: cUpZZzBOZHlZdzRoS0l4SkRER1JQeTQKBeYA2sVQab9moaYlT0jE7/zMJvOJoC7V QwHXwnkjZCavAC5HIn82PzJ0DNrMKSZ136AgA+F99X0ZFyFnEIFZCQ== -----END AGE ENCRYPTED FILE----- - lastmodified: "2026-01-19T14:12:00Z" - mac: ENC[AES256_GCM,data:VsZDoY88nMtY6S87Odi641VrenfVOraWDgfGuKVKKrcUJtTTF4hkwI5b8dZ4Qz/9g4IxW0Siht8qodqAEnA5bvDbMlabIgIRrbO4hAJjPYEtD3Q+J2n8PVvWLU94DusgN0A4rHXbEq1Am2bUjcXKWOg2FpkUGrkJyYfj6R4l6kk=,iv:ZPMPs71eoiEddKTDwIZbYUziKDVknXGMyw062i3X3oU=,tag:IiXOOiJzuN4M1jU6dZdTJg==,type:str] + lastmodified: "2026-01-10T11:56:45Z" + mac: ENC[AES256_GCM,data:3Y124JX/6MsyIeOv9t0DPSv6YUICgvQn688LpXvW2jSWYRuJCbSWG67cPQHCNYP3NjFWXuASlKhDRJQicwgamh3WrE7gC7QxtqCVtwL0FTfZeOQ+vRoIejWIldcKC3YK6vKYW/O//Uhd+5rG8ah2b7XqRvgv8bwIdUKFUQqG0EA=,iv:VfsIS6+QTbv4WhykReXOGkGul7dWj0Voux2vrkv6Ecw=,tag:h7zZqbe4NAZ0PlcWBq0r2w==,type:str] pgp: - created_at: "2026-01-10T00:38:27Z" enc: |- diff --git a/hosts/nixos/x86_64-linux/summers/secrets/storage/secrets.yaml b/hosts/nixos/x86_64-linux/summers/secrets/storage/secrets.yaml index 5f81b8e..6978c86 100644 --- a/hosts/nixos/x86_64-linux/summers/secrets/storage/secrets.yaml +++ b/hosts/nixos/x86_64-linux/summers/secrets/storage/secrets.yaml @@ -1,56 +1,56 @@ wireguard-private-key: ENC[AES256_GCM,data:IsQLebLnWOCmERQLSmZAASOgxyg8itWr0o3rt6062cbWIDLO+TPJTDtlWRE=,iv:bhhFTLjhHMTfEyynklpWPTU6KCpBZJZoRLlr0o+Pk7Q=,tag:j4pCfGDo2CQPpKmpn6gVyg==,type:str] sops: age: - - recipient: age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u + - recipient: age1wmx8y2hs83j2u5srdnfxljrzxm8jtxl6fr0mq7xf2ldxyglpzf2qq89rpx enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSByQ1BZbTJZVEJRLzN2N0F5 - c0VWbDVTZE5WaGw4WmM1RzUvMnVXOXVvOUFVClBCK1N6NnlxS1VzN1FOY2I0OWpI - S0VCc2djck53NFZ2TXdqbE1GQnBTSk0KLS0tIG1XNnNpQXRnbnlsU2UyMG9VRU5E - WCszSmVmQWZncU50RThkcHQvdVFMQkEKVB6ETsGVlWYqTgwX00wgasCTucYUlamR - HqiwLA5dpoLCpTVoZvp4C7iIe4b3oQtXeY+5cAWF9hXvzAGybSM6DQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBMEM4alliWlBCT3VsbVA5 + OGt5bmQvZW1TaUNkbWtFdzVGNDNpY0hBOVhzCm84TldYNHBrU01HMlBkbGNwZFAw + WVk0T3FycVRHUUNtM1pTYkQ4Qmw3RTgKLS0tIE9LUlNEVjJHOGVIK1RSMmRXUDF6 + QlRKY1hRVzNTVXhESUd3OElXL2pBZXcKDWYoOzi2b4qeIbCVCfTj0lTW+OfbnsXB + 8MugCHu7+b+ju0v/lUP66jDW9/2AH4PzHtCNHjsafyzr2qnW8HlOzA== -----END AGE ENCRYPTED FILE----- - - recipient: age1kn34ny229gm0rg7wlcvxmcyjtz4gka6f2vd958fde6vmuzrxcvcsufra90 + - recipient: age1c2enwel9un28dcs4wg0vcyamx9a4a6g3walkhu8w5lqhmd804paq9d24as enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBIeDhOUWN1SmRuZ1VaN2ha - SlduNWd0L3hBYjVGV1JMYUhEUzFPZHpwZXo4CkpRb0ZqeUFSemVSK3ZYRnNrUmty - dmpua0ZlVkhSOTdpMFRUdkg4bG5yYkEKLS0tIDU2SjFMRE45NS9KWTZyTzY2aUpi - NG9kUHZNaEF1R1BaMm4rc2NMSXdhd28KY45+ozWXWkKWaMQWh0QmkMheQiF2sqos - oEQ/q/heFzj/nK88GmlRfZY1UqGYflhBsPQqUz3RhWKGVuLWZXIe/Q== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJRWJXR2tYdEd4cTZsSi9l + Tm1pSC9pek5BakpEMlkwVTcrMlBuVzlXWUVrCmlnV0xJc25nL0twK3VCZ3FRK2x2 + RW52Q1NxWUhTUGY0NnQ0WEhLMWxIcFUKLS0tIG83eVM0KzdLQ004aDRKNTYvdmVZ + d3ZOSStBMFpSU2ZjNWhFRkREQWlUdmcKggVvLy1mLYGf8084RQtlipS4+z4dfPsN + HZfid0srwYnezlQ5qOY8/HrDLWHEyuZ4xFZVi4n0k49qBpNwJdmvyQ== -----END AGE ENCRYPTED FILE----- lastmodified: "2026-01-07T13:36:51Z" mac: ENC[AES256_GCM,data:eRO2+uoeWo+qeZR1gf7QJbydXvrLWwQQytNDM0Hxo9S8ONrSK6uA6Vac050Tmo9JM3606pr9RR3RvtRn20jcKI9X1PNVayE/hhdgug7O2CzpR7Xnekh7PM2N9hLgdH8lKdOASPXTYMQxnvKfX0oWEjLnRa28kK48GzdyrLh2iU4=,iv:UQuaMAcVjgz+fD99lJPMRvcWNduYxCccKDnwPT1ikf0=,tag:7VgsxiXcYaHnQyUoOSvmoQ==,type:str] pgp: - - created_at: "2026-01-12T22:05:41Z" + - created_at: "2026-01-02T21:12:51Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAwDh3VI7VctTAQ//fL7J9QIrlwSjvG2jM/KqEkdJZ8RKiXGF3qcWMFeMJqoP - 0DYgX0/M1c9TAcr/JzFCSzBhKzd7O7v0FLHDLaEpD5I3NsoPjfpJZB3j5tfvJD9i - O7lR3cLKiBXvA5JCkuNifKok63fR+k6RNirLJVY0UJe126xL8K3gCb7GHxSd5EOy - OUZtO6caY48gxAboVn0biNtJRZBS5wo9kaNhAahy0xsHmf/K1DCxpznFlVTGgFMQ - plnIeLSNTVgDjX9gm7/E3574FOONeU3MsUgFqxEcm9wul9cLk4+0sDZ+5OVpxP8W - o3RDO1uLm+NhmfmFamo+grSbYLHRx+dfk3I2JrK2e7z9xDqsQ7a+ZRiLmNErpG52 - 0MZTIkbm5MZRt/QU5bLNs4W5dtEqwf114LG9Nkux9i6auKfuKkTCMaGvixncdcIc - mXDCjzqWriQFEIPpwTwpBpEqfXE2au2gnj4oC8Ayu9khG3hH5Oi2VU3PjFtrUOcy - saCFJi+3n34idHqFgCYzBnqQwtCG927EoDT+KYqXIGQuxLyEn2yO0JiTI9Z5so8L - +cPrJmOT4e3TfdsIGpLGPRNvysPc5TLO7neplLy00QzOMPy6RidQPeI3E68NCTjw - mvztc1x8pMqPQZ4skamnbF+xVGYCPJFrO0MRxvr2iRpCfPTRK5AsTnMTOC3lnaKF - AgwDC9FRLmchgYQBEACwiOm8QhxZh5/ODnAM8KhRpZPepFMx5QhgAcQsvpo9KExQ - JPd7BqDGNe6Vj5I+eqAg7KihXLiv5PiOZ0CFp8pEflJrLUmh2mdB8khoVs7Q/MvE - JgiZ29EmN6nowpJAPTWHRooo63vQADCVaPfzNgAGcDeC6lz7xOFLyI2FMMBDMM3T - /H3D3QnwU4l8lEWx49LNHIH/028wj/pccTvgk+zBgfCM3zhpGzQJM5wtno6Mfv25 - di53YEzx4PlPBeR/hqtdPm0LwpqIcAVPEzjHEX7Hwe6vZ9+OaqjHtna6fo1HMh1l - wUlKCwf6/p5vKGS2lOKkM3pmrU7ADIs5Bdn+uncTw4hRtF6ZdOY1ReJKKkxTzxN+ - jKLed4NeBIy659jzHKdKqtCDXradVT/Axt+RQ/zQguijVQmOjmfMPindCbaoGA9W - g09cRxiGV87hDOgj3cjX/PMDxAjkperYaIEh4p6zbrH2nwHzbjpQXTCgOhZSByJ+ - z6J39hvFjB4w2vF63xoceZoiQgh4iQdClU5API4vHX00tDBLoUSCEzMFOon0+yo9 - j0wOKt9UIAY/3pJL1WxOWf/3AoiTxdyBa6f9meji6OOtTupZ3TqFLR9lKKl1jd5Q - cn83a7FIXnyVto1Azql5d8Vd1VxAX/XkwH5mUiI5/D45wXbSoNtRu9P2+DeHs9Je - AbpwcZthRNHDncWRCs+wnLTlTANoSJrvdKI9xYWgfmFxnoAMhqnZF08EKxQLg3zD - /W///uyfXYRRnVwg7YH0zihBoKp042bp8bZPRuj1JgyyS8dzidSWSs+jCDed5g== - =7i0m + hQIMAwDh3VI7VctTARAAmvkQ9V14f0BT/bNdFVZtTlY4yVon37CX32SZPUcHV7o8 + Dya0sZd9tuVATSv79TnybscuNx95fkoZJwujBfAadexn2zY8zl1oEWEHx7p+8/mE + W8JbQAjbcbX9sNQYXc8kYJylBThmgNN/HXK7CGtgDFr9xnGzDBnDm/M31P1HwYBm + IdIQgFGErEt1K3xvw28Lk3tPuZLK3Y+H2Yna7RRF6K1blGJUvEnL6yFdA10/eFW7 + 8066mO26F2l5xFuktK0nNeniLHKa5VVYp8iM+JMhX38l0wiIi8pGyxo3uAjNpa0w + IfpCneEBe/yyaUPcWMjXmUG5LJe3kWUup8cSzvu01Z3W159/QsflxIMkIsklqhim + B2zuPdAlYsjjS/05DIHInN2IIB/rjADkQvXji1XYLhWJj4jxDeck/UIc6Q22TED+ + autlbl8d/5sqyO5ghPpShF/s0vMTqUfpXZrDrbuyDFqCfwi0ahP03bUsv20ZEz6u + zG3K5HuXHh7ATSppwuMbcv7vcjF1tkbo6XhWZDv0rY0DFWqiYhnxWwlFlGLxf4zX + g6r7Ca/E/YXG/eOET6M9DxwHjj0D7u/ryAkCktqPL9w8oNGarZQ/xMx0+ocI3byc + Zvzlmd63BtgaGNSxH3stK29KN3ED8cDkG/JzAxCATWiUBBkqW/ga4sGZqtLlSO+F + AgwDC9FRLmchgYQBD/9JbFZie25PO2CyELlUWm5SmJcugT9SK/mIA2fe1PlA+Gnf + 5z9iXraMSQchz4R1IoiixDhubwKeKp/auqhlOPvo58Lsi6iDR/WaLWabD+hcyAb1 + ck/f/PUzTLhlLcfu18VPfXVzfnky3dX8P5aS0WMLAQblj2RaaiHxnPqf49kXSn3q + VSJ0pr0nEsPuWtoCkHUAwAJ8X5GPXN2OD4YbHsNaA9h2vrJAxNd5+HNsvg8JtI88 + X/uMM7cWcaXcmNZOz166HUIPcJ5cabJ48Sv8sDfMPOcTiJkMiESBnRYTwdUcp08m + nGipSrUeW3pVOC1bGyukZb6sF84pTtCpqS+kOSfKFlxFFdAEcpzFIPuOMeo2dbKj + GSGPDemZFC2yFq883yk9/mZbgjOUsqrj0ZP3rCD5ZHpfUM5IxGQ+mKaOucTXYmif + lrTPMYnAc7pHxKZ87BgiKBYrfRAZvorLYKv8zG8YagAUw8iCtc68YUUdvLW9haQf + rwWCU1z+sszYSac7I57gfqICQhMUbs1n9S2Cn0C0xo4q2Lu36ysip4rEVGg6TmUu + znXYu+3orodw2TwC0tGxXHYKwmlr7EGnBCbdVKpDoCbV6cYkDYoPUFg0alqIPd5r + KCkee9MaCLLX7IdBrbLf1lkHGwSAs81GfZRMLBauM7/hn+hMUeIJnMbtJnVIB9Je + AdT2nSH06+POnjvxa2t0dUasnG/6ISBRSk6FgBBZ+pdVlrvaB4javgWGpiAWCUu6 + b2CMZF3HullmLj+wwAKlsZsIOXGICN5GeQxLHYF8Kx7Doj68Owu/zGM5MS+7XQ== + =wYdb -----END PGP MESSAGE----- fp: 4BE7925262289B476DBBC17B76FD3810215AE097 unencrypted_suffix: _unencrypted diff --git a/hosts/nixos/x86_64-linux/summers/secrets/transmission/secrets.yaml b/hosts/nixos/x86_64-linux/summers/secrets/transmission/secrets.yaml index c4f3a52..054393a 100644 --- a/hosts/nixos/x86_64-linux/summers/secrets/transmission/secrets.yaml +++ b/hosts/nixos/x86_64-linux/summers/secrets/transmission/secrets.yaml @@ -1,56 +1,56 @@ wireguard-private-key: ENC[AES256_GCM,data:o3wV7UI5BSV9YU0uaumgfFWBJlgMewpUqOusvcGWxOW8dSrT/aqpT9iu1K0=,iv:fNf6fOL8KcYBxmfFLi5K/qPmNfon16HE1fgQ86qNDNU=,tag:BoRbtrw7jvENAn5wiP/sWQ==,type:str] sops: age: - - recipient: age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u + - recipient: age1wmx8y2hs83j2u5srdnfxljrzxm8jtxl6fr0mq7xf2ldxyglpzf2qq89rpx enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBMUppRWJtOVdFa2hvQmtW - ZCtjUEwxTlVXTlJjUWpERVlJYjhQNTI5aFJFClRpaWFWbmExRC93dDFQNDVlRDNP - N3JHVzBGU1g0RVBHUVg3RGhBaitOOW8KLS0tIC9uTW9tcDFxSFppdEt5ZWpzUzd3 - dTVFelhnWUk2YVNCczA5ZVFEdmpHakEKBkd/XczNimSP/5kny3axRbXZOfPAhMVW - H0OSWxamGLQpnsSHgrYdSk93Bcq24ziuVzHEaPEDag6XC7UNvsNERQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBMEM4alliWlBCT3VsbVA5 + OGt5bmQvZW1TaUNkbWtFdzVGNDNpY0hBOVhzCm84TldYNHBrU01HMlBkbGNwZFAw + WVk0T3FycVRHUUNtM1pTYkQ4Qmw3RTgKLS0tIE9LUlNEVjJHOGVIK1RSMmRXUDF6 + QlRKY1hRVzNTVXhESUd3OElXL2pBZXcKDWYoOzi2b4qeIbCVCfTj0lTW+OfbnsXB + 8MugCHu7+b+ju0v/lUP66jDW9/2AH4PzHtCNHjsafyzr2qnW8HlOzA== -----END AGE ENCRYPTED FILE----- - - recipient: age1y69f2elvmq39lc3t3ucq9y7wt675520n7rvug88qg368qsmmk47qvwrtny + - recipient: age1c2enwel9un28dcs4wg0vcyamx9a4a6g3walkhu8w5lqhmd804paq9d24as enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhYTV6MHNtOHdwSTdTaVlj - Q051M1A2eEVMZHhTRXNIRXVrSjJWZzlMTHhvCkNMaXZsRFlVTXlINGlIWjhZR25q - OTE0QXpiS3NiQ1JHVlZ5QXV1VEVNelUKLS0tIGNBR0dFRGZxYys1OUpSU2NHcWV0 - aEg5NzQxeVZPaUY1bTBBa1ZidXJrS2MKUCsDOnsmpOZTQsnvdYguDK8uH4FetcXq - nKzlSJ8zvYXzb91PfCcjYbp3ttUGeeJLVPnrD42+3i8H2U8btSrR8w== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJRWJXR2tYdEd4cTZsSi9l + Tm1pSC9pek5BakpEMlkwVTcrMlBuVzlXWUVrCmlnV0xJc25nL0twK3VCZ3FRK2x2 + RW52Q1NxWUhTUGY0NnQ0WEhLMWxIcFUKLS0tIG83eVM0KzdLQ004aDRKNTYvdmVZ + d3ZOSStBMFpSU2ZjNWhFRkREQWlUdmcKggVvLy1mLYGf8084RQtlipS4+z4dfPsN + HZfid0srwYnezlQ5qOY8/HrDLWHEyuZ4xFZVi4n0k49qBpNwJdmvyQ== -----END AGE ENCRYPTED FILE----- lastmodified: "2026-01-07T13:36:52Z" mac: ENC[AES256_GCM,data:Sb9HItfMt5WaTYJw1/OcPVR3SBKzAifgK0NTwSb59ByxAsaOhkXrGL2cx+6p7QpVBw2V9duiFVmZhOp9vW2clCQX2RwiSAxaRLcDtVIoqB7YfmiNTdzrEDFHJNndbT6Vs0qOb42tjMyKXGZIcrA55G3Vh8S5Qy5w3IW4CSwI20U=,iv:pRjPa71yPRy4X29IPjk9Jju4JZkhIK2uucgK/dBX4L8=,tag:2RD746vX1mlQu3GyDELF8w==,type:str] pgp: - - created_at: "2026-01-12T22:05:42Z" + - created_at: "2026-01-02T21:12:51Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAwDh3VI7VctTAQ/+K/beVKMITwy7ZM0X3cUvtYuMzo0FaH7qEcoN7Ie9tuT6 - ZF6/BIBHVrS+953Gw0HJajWQENAKphKqL6TT8SHSpsdUpTns7rxJZlRm8C2FP3SV - eqrtQuzm2GhRVzm/69nOkq7vzrRJjP7/6ZmO+1E3gURiBLJla/MHRHi+NRrYrq+H - VdWWwBAe1T7Kd1WNRL+o7zxwkH+b9OIL5Ia6WI8jtQizDAI33iTbtfxO5ppXIyoL - PEV+2ePTWJxV+dJBbCfDHioY7l7I5yWCKkuVmVBp+CNrNGLPdU1Ta49wODt2Isy7 - 4F3YihAX3N8MDZ09aB8UeCmzNIDXt0Y+1Nrd8Z7ctIgu/Gji7Jyc5bBCgpi9Q9N7 - 2uVm6m8P6uSeifZ5e+obJUqYwaRUO4va2/tSX2TTWK5l5svIEQh/hPmWowJrCCSl - 1lh0cA24M8ljphdltBgxzfiByGobde3nNeak+8CGYZUZq7xIMwyIMoWTlnSy0Fno - oJxe6nasxZqQTIqBu3Dra4oBnSTxWJ6SWbuaeegbnGWRp8Pfjs1mGWF6oNYaBwoa - gvT2qzjzah/b6VEfo9m3mGnLAubU14a2zoSnQ2zZOZp3k7JUbkCB1Q90NACD3wl6 - Z+qCEP9YHA39Dga52jwy5yfYmxuZVKPIXJgtUrSAzGQrTGyBmOorN0NhbLFoD0WF - AgwDC9FRLmchgYQBD/9Ro2xVCqlyifNx7ec+yBLufPsgqq1x12EPOEEtDthfzUdc - FV3K/+kv0QmYveqfhBQsMqGvVUGW6UW4b4YijUMd2eoJin4UcwUJNpXUS9aKohcH - bHFH0gExhDGruRs0z1rBbjuZTWYhzeYv9kl9HdJx7Hh2eFJR+0T6DrLlJ6GoVERd - HKy4nmWtO8wbkVT1akSZVavZLwB3J/5EG0zH/CD6x15Spk+1aurWqbmPlEy8S0qA - Nf002A7RV1YD3ykZg/Ie8bPXt2ghuO7UU73mz83dTskoYggf+L01BXA3K/xd1ei9 - tTeLn+INrLcQ+3FNI+zl+b9HbWo1hIO0xG1IRyWWUDTbssU2HdVO5ppnmYC/15h0 - 6loY4EJeWAiMe/LZlXpeW9y3YdTPQvzjhKi63KYh184RoZNBjdRtrgIKX/zJJnyG - 4UqX8d6yQrbAABnBslradSNzsMuf9504MJ81ZKeJPF3JwDEtkW/i6VMnkRCgvDsG - FWMIsrWttTd3BcqvgHUkxHHwnGglvvmPh3SvkdPB4ctzYFGCxyQHV0ymFC8xmkNc - gP+U5cYj/tdGSbP0P7SW09cj8nbSClZ7OZMpHViQTSOyFkPvVQYOtjJt54WwJn09 - aXTIiK3+xSORpgKLxFJYeLRY7OjtFqyVPUh0VE5GlGA7LxqpAa18w1bfS1XR8NJe - AZKgUbEp1prBgI4aeLqTr7qk4LkdmaVPxjuAUX1mg6annIHOnPLlaY54GzWtG4Cn - 5/F6ZRNQK8pxr82lctEqGPN0I+/Fp7nky7xmBBzymV26LJLWG77UrQONeLlNWQ== - =gUDk + hQIMAwDh3VI7VctTARAAmvkQ9V14f0BT/bNdFVZtTlY4yVon37CX32SZPUcHV7o8 + Dya0sZd9tuVATSv79TnybscuNx95fkoZJwujBfAadexn2zY8zl1oEWEHx7p+8/mE + W8JbQAjbcbX9sNQYXc8kYJylBThmgNN/HXK7CGtgDFr9xnGzDBnDm/M31P1HwYBm + IdIQgFGErEt1K3xvw28Lk3tPuZLK3Y+H2Yna7RRF6K1blGJUvEnL6yFdA10/eFW7 + 8066mO26F2l5xFuktK0nNeniLHKa5VVYp8iM+JMhX38l0wiIi8pGyxo3uAjNpa0w + IfpCneEBe/yyaUPcWMjXmUG5LJe3kWUup8cSzvu01Z3W159/QsflxIMkIsklqhim + B2zuPdAlYsjjS/05DIHInN2IIB/rjADkQvXji1XYLhWJj4jxDeck/UIc6Q22TED+ + autlbl8d/5sqyO5ghPpShF/s0vMTqUfpXZrDrbuyDFqCfwi0ahP03bUsv20ZEz6u + zG3K5HuXHh7ATSppwuMbcv7vcjF1tkbo6XhWZDv0rY0DFWqiYhnxWwlFlGLxf4zX + g6r7Ca/E/YXG/eOET6M9DxwHjj0D7u/ryAkCktqPL9w8oNGarZQ/xMx0+ocI3byc + Zvzlmd63BtgaGNSxH3stK29KN3ED8cDkG/JzAxCATWiUBBkqW/ga4sGZqtLlSO+F + AgwDC9FRLmchgYQBD/9JbFZie25PO2CyELlUWm5SmJcugT9SK/mIA2fe1PlA+Gnf + 5z9iXraMSQchz4R1IoiixDhubwKeKp/auqhlOPvo58Lsi6iDR/WaLWabD+hcyAb1 + ck/f/PUzTLhlLcfu18VPfXVzfnky3dX8P5aS0WMLAQblj2RaaiHxnPqf49kXSn3q + VSJ0pr0nEsPuWtoCkHUAwAJ8X5GPXN2OD4YbHsNaA9h2vrJAxNd5+HNsvg8JtI88 + X/uMM7cWcaXcmNZOz166HUIPcJ5cabJ48Sv8sDfMPOcTiJkMiESBnRYTwdUcp08m + nGipSrUeW3pVOC1bGyukZb6sF84pTtCpqS+kOSfKFlxFFdAEcpzFIPuOMeo2dbKj + GSGPDemZFC2yFq883yk9/mZbgjOUsqrj0ZP3rCD5ZHpfUM5IxGQ+mKaOucTXYmif + lrTPMYnAc7pHxKZ87BgiKBYrfRAZvorLYKv8zG8YagAUw8iCtc68YUUdvLW9haQf + rwWCU1z+sszYSac7I57gfqICQhMUbs1n9S2Cn0C0xo4q2Lu36ysip4rEVGg6TmUu + znXYu+3orodw2TwC0tGxXHYKwmlr7EGnBCbdVKpDoCbV6cYkDYoPUFg0alqIPd5r + KCkee9MaCLLX7IdBrbLf1lkHGwSAs81GfZRMLBauM7/hn+hMUeIJnMbtJnVIB9Je + AdT2nSH06+POnjvxa2t0dUasnG/6ISBRSk6FgBBZ+pdVlrvaB4javgWGpiAWCUu6 + b2CMZF3HullmLj+wwAKlsZsIOXGICN5GeQxLHYF8Kx7Doj68Owu/zGM5MS+7XQ== + =wYdb -----END PGP MESSAGE----- fp: 4BE7925262289B476DBBC17B76FD3810215AE097 unencrypted_suffix: _unencrypted diff --git a/hosts/nixos/x86_64-linux/winters/default.nix b/hosts/nixos/x86_64-linux/winters/default.nix index 570ccfb..a167da3 100644 --- a/hosts/nixos/x86_64-linux/winters/default.nix +++ b/hosts/nixos/x86_64-linux/winters/default.nix @@ -41,6 +41,26 @@ serverName = "hintbooth"; }; }; + restic = { + bucketName = "SwarselWinters"; + paths = [ + "/Vault/data/paperless" + "/Vault/data/koillection" + "/Vault/data/postgresql" + "/Vault/data/firefly-iii" + "/Vault/data/radicale" + "/Vault/data/matrix-synapse" + "/Vault/Eternor/Paperless" + "/Vault/Eternor/Bilder" + "/Vault/Eternor/Immich" + ]; + }; + garage = { + data_dir = { + capacity = "200G"; + path = "/Vault/data/garage/data"; + }; + }; }; }; @@ -52,6 +72,35 @@ swarselmodules.server = { diskEncryption = lib.mkForce false; + # nginx = true; # for php stuff + # acme = false; # cert handled by proxy + # wireguard = true; + + # nfs = true; + # kavita = true; + # restic = true; + # jellyfin = true; + # navidrome = true; + # spotifyd = true; + # mpd = true; + # postgresql = true; + # matrix = true; + # nextcloud = true; + # immich = true; + # paperless = true; + # transmission = true; + # syncthing = true; + # grafana = true; + # freshrss = true; + # kanidm = true; + # firefly-iii = true; + # koillection = true; + # radicale = true; + # atuin = true; + # forgejo = true; + # ankisync = true; + # homebox = true; + # opkssh = true; }; networking.nftables.firewall.zones.untrusted.interfaces = [ "lan" "enp3s0" ]; diff --git a/modules/nixos/client/uwsm.nix b/modules/nixos/client/uwsm.nix index 2304d27..5c9d66e 100644 --- a/modules/nixos/client/uwsm.nix +++ b/modules/nixos/client/uwsm.nix @@ -1,7 +1,6 @@ -{ lib, config, pkgs, ... }: +{ lib, config, ... }: let moduleName = "uwsm"; - cfg = config.programs.uwsm; in { options.swarselmodules.${moduleName} = lib.mkEnableOption "${moduleName} settings"; @@ -21,39 +20,5 @@ in }; }; }; - - services.displayManager.sessionPackages = - let - mk_uwsm_desktop_entry = - opts: - (pkgs.writeTextFile { - name = "${opts.name}-uwsm"; - text = '' - [Desktop Entry] - Name=${opts.prettyName} (UWSM) - Comment=${opts.comment} - Exec=${lib.getExe cfg.package} start -F -- ${opts.binPath} ${lib.strings.escapeShellArgs opts.extraArgs} - Type=Application - ''; - destination = "/share/wayland-sessions/${opts.name}-uwsm.desktop"; - derivationArgs = { - passthru.providedSessions = [ "${opts.name}-uwsm" ]; - }; - }); - in - lib.mkForce (lib.mapAttrsToList - ( - name: value: - mk_uwsm_desktop_entry { - inherit name; - inherit (value) - prettyName - comment - binPath - extraArgs - ; - } - ) - cfg.waylandCompositors); }; } diff --git a/modules/nixos/common/users.nix b/modules/nixos/common/users.nix index be4d0b4..e6c11a4 100644 --- a/modules/nixos/common/users.nix +++ b/modules/nixos/common/users.nix @@ -15,18 +15,6 @@ isNormalUser = true; uid = 1000; autoSubUidGidRange = false; - subUidRanges = [ - { - count = 65534; - startUid = 100001; - } - ]; - subGidRanges = [ - { - count = 999; - startGid = 1001; - } - ]; description = "Leon S"; password = lib.mkIf (minimal || config.swarselsystems.isPublic) "setup"; hashedPasswordFile = lib.mkIf (!minimal && !config.swarselsystems.isPublic) config.sops.secrets.main-user-hashed-pw.path; diff --git a/modules/nixos/optional/microvm-guest.nix b/modules/nixos/optional/microvm-guest.nix index 73e0794..28c8c91 100644 --- a/modules/nixos/optional/microvm-guest.nix +++ b/modules/nixos/optional/microvm-guest.nix @@ -32,6 +32,8 @@ # NOTE: this is needed, we dont import sevrer network module for microvms globals.hosts.${config.node.name}.isHome = true; + fileSystems."/persist".neededForBoot = lib.mkForce true; + systemd.network.networks."10-vlan-services" = { dhcpV6Config = { WithoutRA = "solicit"; diff --git a/modules/nixos/server/ankisync.nix b/modules/nixos/server/ankisync.nix index 3585ec4..65e928f 100644 --- a/modules/nixos/server/ankisync.nix +++ b/modules/nixos/server/ankisync.nix @@ -36,10 +36,6 @@ in }; }; - environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [{ directory = "/var/lib/private/${serviceName}"; }]; - }; - services.anki-sync-server = { enable = true; port = servicePort; diff --git a/modules/nixos/server/atuin.nix b/modules/nixos/server/atuin.nix index 351139f..19b706c 100644 --- a/modules/nixos/server/atuin.nix +++ b/modules/nixos/server/atuin.nix @@ -7,10 +7,6 @@ in options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server"; config = lib.mkIf config.swarselmodules.server.${serviceName} { - swarselmodules.server = { - postgresql = true; - }; - topology.self.services.${serviceName}.info = "https://${serviceDomain}"; globals = { diff --git a/modules/nixos/server/firefly-iii.nix b/modules/nixos/server/firefly-iii.nix index 2f952c2..cf77b73 100644 --- a/modules/nixos/server/firefly-iii.nix +++ b/modules/nixos/server/firefly-iii.nix @@ -42,16 +42,12 @@ in homeServiceAddress = lib.mkIf isHome homeServiceAddress; }; - environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [{ directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; }]; - }; - services = { ${serviceName} = { enable = true; user = serviceUser; group = if cfg.enableNginx then nginxGroup else serviceGroup; - dataDir = "/var/lib/${serviceName}"; + dataDir = "/Vault/data/${serviceName}"; settings = { TZ = config.repo.secrets.common.location.timezone; APP_URL = "https://${serviceDomain}"; diff --git a/modules/nixos/server/forgejo.nix b/modules/nixos/server/forgejo.nix index 146ac7c..5ae8125 100644 --- a/modules/nixos/server/forgejo.nix +++ b/modules/nixos/server/forgejo.nix @@ -44,13 +44,9 @@ in }; }; - environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [{ directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; }]; - }; - services.${serviceName} = { enable = true; - stateDir = "/var/lib/${serviceName}"; + stateDir = "/Vault/data/${serviceName}"; user = serviceUser; group = serviceGroup; lfs.enable = lib.mkDefault true; diff --git a/modules/nixos/server/freshrss.nix b/modules/nixos/server/freshrss.nix index bdae10f..df0a809 100644 --- a/modules/nixos/server/freshrss.nix +++ b/modules/nixos/server/freshrss.nix @@ -61,10 +61,6 @@ in homeServiceAddress = lib.mkIf isHome homeServiceAddress; }; - environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [{ directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; }]; - }; - services.${serviceName} = let inherit (config.repo.secrets.local.freshrss) defaultUser; @@ -75,7 +71,7 @@ in virtualHost = serviceDomain; baseUrl = "https://${serviceDomain}"; authType = "form"; - dataDir = "/var/lib/freshrss"; + dataDir = "/Vault/data/tt-rss"; passwordFile = config.sops.secrets.freshrss-pw.path; }; diff --git a/modules/nixos/server/homebox.nix b/modules/nixos/server/homebox.nix index b076405..5325cce 100644 --- a/modules/nixos/server/homebox.nix +++ b/modules/nixos/server/homebox.nix @@ -1,6 +1,6 @@ { self, lib, pkgs, config, globals, dns, confLib, ... }: let - inherit (confLib.gen { name = "homebox"; port = 7745; }) servicePort serviceName serviceUser serviceGroup serviceDomain serviceAddress proxyAddress4 proxyAddress6; + inherit (confLib.gen { name = "homebox"; port = 7745; }) servicePort serviceName serviceDomain serviceAddress proxyAddress4 proxyAddress6; inherit (confLib.static) isHome isProxied webProxy homeWebProxy dnsServer homeProxyIf webProxyIf homeServiceAddress nginxAccessRules; in { @@ -13,10 +13,6 @@ in icon = "${self}/files/topology-images/${serviceName}.png"; }; - swarselmodules.server = { - postgresql = true; - }; - users.persistentIds = { homebox = confLib.mkIds 981; }; @@ -37,14 +33,14 @@ in }; }; - environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [{ directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; }]; - }; - systemd.services.homebox = { environment = { TMPDIR = "/var/lib/homebox/.tmp"; - HOME = "/var/lib/homebox"; + }; + serviceConfig = { + # ReadWritePaths = "/var/lib/homebox"; + RuntimeDirectory = "homebox"; + BindPaths = "/run/homebox:/var/lib/homebox/.tmp"; }; }; diff --git a/modules/nixos/server/id.nix b/modules/nixos/server/id.nix index fa67280..f6db715 100644 --- a/modules/nixos/server/id.nix +++ b/modules/nixos/server/id.nix @@ -15,61 +15,59 @@ in { options = { swarselmodules.server.ids = lib.mkEnableOption "enable persistent ids on server"; - users = { - persistentIds = mkOption { - default = { }; - description = '' - Maps a user or group name to its expected uid/gid values. If a user/group is - used on the system without specifying a uid/gid, this module will assign the - corresponding ids defined here, or show an error if the definition is missing. - ''; - type = types.attrsOf ( - types.submodule { - options = { - uid = mkOption { - type = types.nullOr types.int; - default = null; - description = "The uid to assign if it is missing in `users.users.`."; - }; - gid = mkOption { - type = types.nullOr types.int; - default = null; - description = "The gid to assign if it is missing in `users.groups.`."; - }; + users.persistentIds = mkOption { + default = { }; + description = '' + Maps a user or group name to its expected uid/gid values. If a user/group is + used on the system without specifying a uid/gid, this module will assign the + corresponding ids defined here, or show an error if the definition is missing. + ''; + type = types.attrsOf ( + types.submodule { + options = { + uid = mkOption { + type = types.nullOr types.int; + default = null; + description = "The uid to assign if it is missing in `users.users.`."; }; + gid = mkOption { + type = types.nullOr types.int; + default = null; + description = "The gid to assign if it is missing in `users.groups.`."; + }; + }; + } + ); + }; + + users.users = mkOption { + type = types.attrsOf ( + types.submodule ( + { name, ... }: + { + config.uid = + let + persistentUid = cfg.${name}.uid or null; + in + mkIf (persistentUid != null) (mkDefault persistentUid); } - ); - }; + ) + ); + }; - users = mkOption { - type = types.attrsOf ( - types.submodule ( - { name, ... }: - { - config.uid = - let - persistentUid = cfg.${name}.uid or null; - in - mkIf (persistentUid != null) (mkDefault persistentUid); - } - ) - ); - }; - - groups = mkOption { - type = types.attrsOf ( - types.submodule ( - { name, ... }: - { - config.gid = - let - persistentGid = cfg.${name}.gid or null; - in - mkIf (persistentGid != null) (mkDefault persistentGid); - } - ) - ); - }; + users.groups = mkOption { + type = types.attrsOf ( + types.submodule ( + { name, ... }: + { + config.gid = + let + persistentGid = cfg.${name}.gid or null; + in + mkIf (persistentGid != null) (mkDefault persistentGid); + } + ) + ); }; }; config = lib.mkIf config.swarselmodules.server.ids { diff --git a/modules/nixos/server/immich.nix b/modules/nixos/server/immich.nix index 3772b59..568b516 100644 --- a/modules/nixos/server/immich.nix +++ b/modules/nixos/server/immich.nix @@ -1,16 +1,12 @@ { lib, pkgs, config, globals, dns, confLib, ... }: let - inherit (confLib.gen { name = "immich"; port = 3001; }) servicePort serviceName serviceUser serviceGroup serviceDomain serviceAddress proxyAddress4 proxyAddress6; + inherit (confLib.gen { name = "immich"; port = 3001; }) servicePort serviceName serviceUser serviceDomain serviceAddress proxyAddress4 proxyAddress6; inherit (confLib.static) isHome isProxied webProxy homeWebProxy dnsServer homeProxyIf webProxyIf homeServiceAddress nginxAccessRules; in { options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server"; config = lib.mkIf config.swarselmodules.server.${serviceName} { - swarselmodules.server = { - postgresql = true; - }; - users = { persistentIds = { immich = confLib.mkIds 989; @@ -40,21 +36,13 @@ in }; }; - environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [ - { directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; } - { directory = "/var/cache/${serviceName}"; user = serviceUser; group = serviceGroup; } - { directory = "/var/lib/redis-${serviceName}"; user = "redis-${serviceUser}"; group = "redis-${serviceGroup}"; } - ]; - }; - services.${serviceName} = { enable = true; package = pkgs.immich; host = "0.0.0.0"; port = servicePort; # openFirewall = true; - mediaLocation = "/storage/Pictures/${serviceName}"; # dataDir + mediaLocation = "/Vault/Eternor/Immich"; # dataDir environment = { IMMICH_MACHINE_LEARNING_URL = lib.mkForce "http://localhost:3003"; }; diff --git a/modules/nixos/server/jellyfin.nix b/modules/nixos/server/jellyfin.nix index 6627a68..fcd9910 100644 --- a/modules/nixos/server/jellyfin.nix +++ b/modules/nixos/server/jellyfin.nix @@ -1,6 +1,6 @@ { pkgs, lib, config, globals, dns, confLib, ... }: let - inherit (confLib.gen { name = "jellyfin"; port = 8096; }) servicePort serviceName serviceUser serviceGroup serviceDomain serviceAddress proxyAddress4 proxyAddress6; + inherit (confLib.gen { name = "jellyfin"; port = 8096; }) servicePort serviceName serviceUser serviceDomain serviceAddress proxyAddress4 proxyAddress6; inherit (confLib.static) isHome isProxied webProxy homeWebProxy dnsServer homeProxyIf webProxyIf nginxAccessRules homeServiceAddress; in { @@ -51,13 +51,6 @@ in # openFirewall = true; # this works only for the default ports }; - environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [ - { directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; } - { directory = "/var/cache/${serviceName}"; user = serviceUser; group = serviceGroup; } - ]; - }; - nodes = { ${dnsServer}.swarselsystems.server.dns.${globals.services.${serviceName}.baseDomain}.subdomainRecords = { "${globals.services.${serviceName}.subDomain}" = dns.lib.combinators.host proxyAddress4 proxyAddress6; diff --git a/modules/nixos/server/jenkins.nix b/modules/nixos/server/jenkins.nix index cda5315..e400172 100644 --- a/modules/nixos/server/jenkins.nix +++ b/modules/nixos/server/jenkins.nix @@ -1,6 +1,6 @@ { pkgs, lib, config, globals, dns, confLib, ... }: let - inherit (confLib.gen { name = "jenkins"; port = 8088; }) servicePort serviceName serviceUser serviceGroup serviceDomain serviceAddress proxyAddress4 proxyAddress6; + inherit (confLib.gen { name = "jenkins"; port = 8088; }) servicePort serviceName serviceDomain serviceAddress proxyAddress4 proxyAddress6; inherit (confLib.static) isHome isProxied webProxy homeWebProxy dnsServer homeProxyIf webProxyIf homeServiceAddress nginxAccessRules; in { @@ -23,17 +23,13 @@ in }; }; - environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [{ directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; }]; - }; - services.jenkins = { enable = true; withCLI = true; port = servicePort; packages = [ pkgs.stdenv pkgs.git pkgs.jdk17 config.programs.ssh.package pkgs.nix ]; listenAddress = "0.0.0.0"; - home = "/var/lib/${serviceName}"; + home = "/Vault/apps/${serviceName}"; }; nodes = { diff --git a/modules/nixos/server/kanidm.nix b/modules/nixos/server/kanidm.nix index 6de8284..17dd259 100644 --- a/modules/nixos/server/kanidm.nix +++ b/modules/nixos/server/kanidm.nix @@ -80,19 +80,12 @@ in }; }; - environment.persistence = { - "/persist" = lib.mkIf config.swarselsystems.isImpermanence { - files = [ - certPathBase - keyPathBase - ]; - }; - - "/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [{ directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; }]; - }; + environment.persistence."/persist" = lib.mkIf config.swarselsystems.isImpermanence { + files = [ + certPathBase + keyPathBase + ]; }; - systemd.services."generateSSLCert-${serviceName}" = let daysValid = 3650; diff --git a/modules/nixos/server/kavita.nix b/modules/nixos/server/kavita.nix index 2e59d4f..ce6bf10 100644 --- a/modules/nixos/server/kavita.nix +++ b/modules/nixos/server/kavita.nix @@ -2,7 +2,7 @@ let inherit (config.swarselsystems) sopsFile; - inherit (confLib.gen { name = "kavita"; port = 8080; }) servicePort serviceName serviceUser serviceGroup serviceDomain serviceAddress proxyAddress4 proxyAddress6; + inherit (confLib.gen { name = "kavita"; port = 8080; }) servicePort serviceName serviceUser serviceDomain serviceAddress proxyAddress4 proxyAddress6; inherit (confLib.static) isHome isProxied webProxy homeWebProxy dnsServer homeProxyIf webProxyIf nginxAccessRules homeServiceAddress; in { @@ -29,10 +29,6 @@ in icon = "${self}/files/topology-images/${serviceName}.png"; }; - environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [{ directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; }]; - }; - globals = { networks = { ${webProxyIf}.hosts = lib.mkIf isProxied { @@ -54,7 +50,7 @@ in user = serviceUser; settings.Port = servicePort; tokenKeyFile = config.sops.secrets.kavita-token.path; - dataDir = "/var/lib/${serviceName}"; + dataDir = "/Vault/data/${serviceName}"; }; nodes = { diff --git a/modules/nixos/server/koillection.nix b/modules/nixos/server/koillection.nix index 7adf1db..d7ad07c 100644 --- a/modules/nixos/server/koillection.nix +++ b/modules/nixos/server/koillection.nix @@ -1,6 +1,6 @@ { self, lib, config, globals, dns, confLib, ... }: let - inherit (confLib.gen { name = "koillection"; port = 2282; dir = "/var/lib/koillection"; }) servicePort serviceName serviceUser serviceDir serviceDomain serviceAddress proxyAddress4 proxyAddress6; + inherit (confLib.gen { name = "koillection"; port = 2282; dir = "/Vault/data/koillection"; }) servicePort serviceName serviceUser serviceDir serviceDomain serviceAddress proxyAddress4 proxyAddress6; inherit (confLib.static) isHome isProxied webProxy homeWebProxy dnsServer homeProxyIf webProxyIf homeServiceAddress nginxAccessRules; serviceDB = "koillection"; @@ -46,10 +46,6 @@ in }; }; - environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [{ directory = "/var/lib/${serviceName}"; }]; - }; - virtualisation.oci-containers.containers = { koillection = { image = "koillection/koillection@${containerRev}"; diff --git a/modules/nixos/server/mailserver.nix b/modules/nixos/server/mailserver.nix index df187e3..b2f910c 100644 --- a/modules/nixos/server/mailserver.nix +++ b/modules/nixos/server/mailserver.nix @@ -1,7 +1,7 @@ { self, lib, config, globals, dns, confLib, ... }: let inherit (config.swarselsystems) sopsFile; - inherit (confLib.gen { name = "mailserver"; dir = "/var/lib/dovecot"; user = "virtualMail"; group = "virtualMail"; port = 80; }) serviceName serviceDir servicePort serviceUser serviceGroup serviceAddress serviceDomain proxyAddress4 proxyAddress6; + inherit (confLib.gen { name = "mailserver"; dir = "/var/lib/dovecot"; user = "virtualMail"; group = "virtualMail"; port = 443; }) serviceName serviceDir servicePort serviceUser serviceGroup serviceAddress serviceDomain proxyAddress4 proxyAddress6; inherit (confLib.static) isHome webProxy homeWebProxy dnsServer homeServiceAddress nginxAccessRules; inherit (config.repo.secrets.local.mailserver) user1 alias1_1 alias1_2 alias1_3 alias1_4 user2 alias2_1 alias2_2 alias2_3 user3; baseDomain = globals.domains.main; diff --git a/modules/nixos/server/matrix.nix b/modules/nixos/server/matrix.nix index 9835376..c77caa7 100644 --- a/modules/nixos/server/matrix.nix +++ b/modules/nixos/server/matrix.nix @@ -1,7 +1,7 @@ { self, lib, config, pkgs, globals, dns, confLib, ... }: let inherit (config.swarselsystems) sopsFile; - inherit (confLib.gen { name = "matrix"; user = "matrix-synapse"; port = 8008; }) servicePort serviceName serviceUser serviceGroup serviceDomain serviceAddress proxyAddress4 proxyAddress6; + inherit (confLib.gen { name = "matrix"; user = "matrix-synapse"; port = 8008; }) servicePort serviceName serviceUser serviceDomain serviceAddress proxyAddress4 proxyAddress6; inherit (confLib.static) isHome isProxied webProxy homeWebProxy dnsServer homeProxyIf webProxyIf homeServiceAddress nginxAccessRules; federationPort = 8448; @@ -21,10 +21,6 @@ in options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server"; config = lib.mkIf config.swarselmodules.server.${serviceName} { - swarselmodules.server = { - postgresql = true; - }; - environment.systemPackages = with pkgs; [ matrix-synapse lottieconverter @@ -122,18 +118,9 @@ in }; }; - environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [ - { directory = "/var/lib/matrix-synapse"; user = serviceUser; group = serviceGroup; } - { directory = "/var/lib/mautrix-whatsapp"; user = "mautrix-whatsapp"; group = "mautrix-whatsapp"; } - { directory = "/var/lib/mautrix-telegram"; user = "mautrix-telegram"; group = "mautrix-telegram"; } - { directory = "/var/lib/mautrix-signal"; user = "mautrix-signal"; group = "mautrix-signal"; } - ]; - }; - - services = { postgresql = { + enable = true; initialScript = pkgs.writeText "synapse-init.sql" '' CREATE ROLE "matrix-synapse" WITH LOGIN PASSWORD 'synapse'; CREATE DATABASE "matrix-synapse" WITH OWNER "matrix-synapse" @@ -160,7 +147,7 @@ in matrix-synapse = { enable = true; - dataDir = "/var/lib/matrix-synapse"; + dataDir = "/Vault/data/matrix-synapse"; settings = { app_service_config_files = let diff --git a/modules/nixos/server/monitoring.nix b/modules/nixos/server/monitoring.nix index 95a634a..a74489e 100644 --- a/modules/nixos/server/monitoring.nix +++ b/modules/nixos/server/monitoring.nix @@ -47,10 +47,8 @@ in node-exporter = confLib.mkIds 987; grafana = confLib.mkIds 974; }; - groups.nextcloud-exporter = { }; users = { nextcloud-exporter = { - group = "nextcloud-exporter"; extraGroups = [ "nextcloud" ]; }; @@ -80,17 +78,10 @@ in }; }; - environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [ - { directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; } - { directory = "/var/lib/prometheus2"; user = prometheusUser; group = prometheusGroup; } - ]; - }; - services = { ${serviceName} = { enable = true; - dataDir = "/var/lib/${serviceName}"; + dataDir = "/Vault/data/${serviceName}"; provision = { enable = true; datasources.settings = { diff --git a/modules/nixos/server/mpd.nix b/modules/nixos/server/mpd.nix index 807135d..e5734f5 100644 --- a/modules/nixos/server/mpd.nix +++ b/modules/nixos/server/mpd.nix @@ -36,13 +36,9 @@ in icon = "${self}/files/topology-images/${serviceName}.png"; }; - environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [{ directory = "/var/lib/${serviceName}"; user = "mpd"; group = "mpd"; }]; - }; - services.${serviceName} = { enable = true; - musicDirectory = "/storage/Music"; + musicDirectory = "/media"; user = serviceUser; group = serviceGroup; network = { diff --git a/modules/nixos/server/navidrome.nix b/modules/nixos/server/navidrome.nix index 0374395..c202573 100644 --- a/modules/nixos/server/navidrome.nix +++ b/modules/nixos/server/navidrome.nix @@ -76,10 +76,6 @@ in }; }; - environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [{ directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; }]; - }; - services.${serviceName} = { enable = true; # openFirewall = true; @@ -87,7 +83,7 @@ in LogLevel = "debug"; Address = "0.0.0.0"; Port = servicePort; - MusicFolder = "/storage/Music"; + MusicFolder = "/Vault/Eternor/Music"; PlaylistsPath = "./Playlists"; AutoImportPlaylists = false; EnableSharing = true; diff --git a/modules/nixos/server/nextcloud.nix b/modules/nixos/server/nextcloud.nix index 0f84490..c91e79a 100644 --- a/modules/nixos/server/nextcloud.nix +++ b/modules/nixos/server/nextcloud.nix @@ -27,13 +27,6 @@ in homeServiceAddress = lib.mkIf isHome homeServiceAddress; }; - environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [ - { directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; } - { directory = "/var/lib/redis-${serviceName}"; user = serviceUser; group = serviceGroup; } - ]; - }; - services = { ${serviceName} = { enable = true; @@ -43,8 +36,8 @@ in }; package = pkgs."nextcloud${nextcloudVersion}"; hostName = serviceDomain; - home = "/var/lib/${serviceName}"; - datadir = "/var/lib/${serviceName}"; + home = "/Vault/data/${serviceName}"; + datadir = "/Vault/data/${serviceName}"; https = true; configureRedis = true; maxUploadSize = "4G"; diff --git a/modules/nixos/server/nfs.nix b/modules/nixos/server/nfs.nix index cff9b09..fb6a776 100644 --- a/modules/nixos/server/nfs.nix +++ b/modules/nixos/server/nfs.nix @@ -10,12 +10,6 @@ in avahi = confLib.mkIds 978; }; - environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [ - { directory = "/var/cache/samba"; } - ]; - }; - services = { # add a user with sudo smbpasswd -a samba = { @@ -41,7 +35,7 @@ in browseable = "yes"; "read only" = "no"; "guest ok" = "no"; - path = "/storage"; + path = "/Vault/Eternor"; writable = "true"; comment = "Eternor"; "valid users" = nfsUser; diff --git a/modules/nixos/server/nginx.nix b/modules/nixos/server/nginx.nix index 918da3e..4f57d92 100644 --- a/modules/nixos/server/nginx.nix +++ b/modules/nixos/server/nginx.nix @@ -84,15 +84,8 @@ in networking.firewall.allowedTCPPorts = [ 80 443 ]; - environment.persistence = { - "/persist" = lib.mkIf config.swarselsystems.isImpermanence { - files = [ dhParamsPathBase ]; - }; - "/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [ - { directory = "/var/cache/nginx"; user = "nginx"; group = "nginx"; } - ]; - }; + environment.persistence."/persist" = lib.mkIf config.swarselsystems.isImpermanence { + files = [ dhParamsPathBase ]; }; services.nginx = { diff --git a/modules/nixos/server/oauth2-proxy.nix b/modules/nixos/server/oauth2-proxy.nix index 0650a88..f6c6a23 100644 --- a/modules/nixos/server/oauth2-proxy.nix +++ b/modules/nixos/server/oauth2-proxy.nix @@ -139,10 +139,6 @@ in }; }; - users = { - persistentIds.oauth2-proxy = confLib.mkIds 966; - }; - # needed for homeWebProxy networking.firewall.allowedTCPPorts = [ servicePort ]; diff --git a/modules/nixos/server/opkssh.nix b/modules/nixos/server/opkssh.nix index 6f2a4de..597240d 100644 --- a/modules/nixos/server/opkssh.nix +++ b/modules/nixos/server/opkssh.nix @@ -5,7 +5,7 @@ let kanidmDomain = globals.services.kanidm.domain; inherit (config.swarselsystems) mainUser; - mailAddress = config.repo.secrets.common.mail.address4; + inherit (config.repo.secrets.local) persons; in { options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server"; @@ -29,7 +29,7 @@ in authorizations = [ { user = mainUser; - principal = mailAddress; + principal = builtins.head persons.${mainUser}.mailAddresses; inherit (config.services.opkssh.providers.kanidm) issuer; } ]; diff --git a/modules/nixos/server/paperless.nix b/modules/nixos/server/paperless.nix index ad1efa6..0d119a5 100644 --- a/modules/nixos/server/paperless.nix +++ b/modules/nixos/server/paperless.nix @@ -44,21 +44,11 @@ in }; }; - environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [ - { directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; } - { directory = "/var/lib/redis-${serviceName}"; user = "redis-${serviceUser}"; group = "redis-${serviceGroup}"; } - { directory = "/var/lib/private/tika"; } - { directory = "/var/cache/${serviceName}"; user = serviceUser; group = serviceGroup; } - { directory = "/var/cache/private/tika"; } - ]; - }; - services = { ${serviceName} = { enable = true; - mediaDir = "/storage/Documents/${serviceName}"; - dataDir = "/var/lib/${serviceName}"; + mediaDir = "/Vault/Eternor/Paperless"; + dataDir = "/Vault/data/${serviceName}"; user = serviceUser; port = servicePort; passwordFile = config.sops.secrets.paperless-admin-pw.path; diff --git a/modules/nixos/server/pipewire.nix b/modules/nixos/server/pipewire.nix index d6549f2..41a602d 100644 --- a/modules/nixos/server/pipewire.nix +++ b/modules/nixos/server/pipewire.nix @@ -6,10 +6,6 @@ users.persistentIds.rtkit = confLib.mkIds 996; - environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [{ directory = "/var/lib/pipewire"; user = "pipewire"; group = "pipewire"; }]; - }; - services.pipewire = { enable = true; pulse.enable = true; diff --git a/modules/nixos/server/podman.nix b/modules/nixos/server/podman.nix index f1f397b..0a27be5 100644 --- a/modules/nixos/server/podman.nix +++ b/modules/nixos/server/podman.nix @@ -15,12 +15,6 @@ in oci-containers.backend = "podman"; }; - environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [ - { directory = "/var/lib/containers"; } - ]; - }; - networking.nftables.firewall = lib.mkIf config.networking.nftables.enable { zones.podman = { diff --git a/modules/nixos/server/postgresql.nix b/modules/nixos/server/postgresql.nix index 4cf3554..97850c1 100644 --- a/modules/nixos/server/postgresql.nix +++ b/modules/nixos/server/postgresql.nix @@ -2,7 +2,7 @@ let inherit (confLib.gen { name = "postgresql"; port = 3254; }) serviceName; postgresVersion = 14; - postgresDirPrefix = "/var/lib"; + postgresDirPrefix = if config.swarselsystems.isCloud then "/var/lib" else "/Vault/data"; in { options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server"; @@ -22,14 +22,9 @@ in dataDir = "${postgresDirPrefix}/${serviceName}/${builtins.toString postgresVersion}"; }; }; - environment.persistence = { - "/persist".directories = lib.mkIf (config.swarselsystems.isImpermanence && config.swarselsystems.isCloud) [ - { directory = "/var/lib/postgresql"; user = "postgres"; group = "postgres"; mode = "0750"; } - ]; - "/state".directories = lib.mkIf config.swarselsystems.isMicroVM [ - { directory = "/var/lib/postgresql"; user = "postgres"; group = "postgres"; mode = "0750"; } - ]; - }; + environment.persistence."/persist".directories = lib.mkIf (config.swarselsystems.isImpermanence && config.swarselsystems.isCloud) [ + { directory = "/var/lib/postgresql"; user = "postgres"; group = "postgres"; mode = "0750"; } + ]; }; } diff --git a/modules/nixos/server/radicale.nix b/modules/nixos/server/radicale.nix index 25ba047..5953bdc 100644 --- a/modules/nixos/server/radicale.nix +++ b/modules/nixos/server/radicale.nix @@ -35,10 +35,6 @@ in topology.self.services.${serviceName}.info = "https://${serviceDomain}"; - environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [{ directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; }]; - }; - globals = { networks = { ${webProxyIf}.hosts = lib.mkIf isProxied { @@ -71,7 +67,7 @@ in htpasswd_encryption = "autodetect"; }; storage = { - filesystem_folder = "/var/lib/radicale/collections"; + filesystem_folder = "/Vault/data/radicale/collections"; }; }; rights = { diff --git a/modules/nixos/server/restic.nix b/modules/nixos/server/restic.nix index e56cd59..2b0bd01 100644 --- a/modules/nixos/server/restic.nix +++ b/modules/nixos/server/restic.nix @@ -1,88 +1,65 @@ { lib, pkgs, config, ... }: let inherit (config.swarselsystems) sopsFile; - - targets = config.swarselsystems.server.restic.targets; in { options.swarselmodules.server.restic = lib.mkEnableOption "enable restic backups on server"; options.swarselsystems.server.restic = { - targets = lib.mkOption { - type = lib.types.attrsOf (lib.types.submodule ({ name, ... }: { - options = { - bucketName = lib.mkOption { - type = lib.types.str; - default = name; - }; - repository = lib.mkOption { - type = lib.types.str; - }; - paths = lib.mkOption { - type = lib.types.listOf lib.types.str; - }; - withPostgres = lib.mkOption { - type = lib.types.bool; - default = false; - }; - }; - })); - default = { }; + bucketName = lib.mkOption { + type = lib.types.str; + }; + paths = lib.mkOption { + type = lib.types.listOf lib.types.str; + }; + withPostgres = lib.mkOption { + type = lib.types.bool; + default = false; }; }; - config = lib.mkIf config.swarselmodules.server.restic { sops = { - secrets = - lib.mkMerge (lib.mapAttrsToList - (name: _: { - "resticpw-${name}" = { inherit sopsFile; }; - "resticaccesskey-${name}" = { inherit sopsFile; }; - "resticsecretaccesskey-${name}" = { inherit sopsFile; }; - }) - targets); - - templates = - lib.mkMerge (lib.mapAttrsToList - (name: _: { - "restic-env-${name}".content = '' - AWS_ACCESS_KEY_ID=${config.sops.placeholder."resticaccesskey-${name}"} - AWS_SECRET_ACCESS_KEY=${config.sops.placeholder."resticsecretaccesskey-${name}"} - ''; - }) - targets); + secrets = { + resticpw = { inherit sopsFile; }; + resticaccesskey = { inherit sopsFile; }; + resticsecretaccesskey = { inherit sopsFile; }; + }; + templates = { + "restic-env".content = '' + AWS_ACCESS_KEY_ID=${config.sops.placeholder.resticaccesskey} + AWS_SECRET_ACCESS_KEY=${config.sops.placeholder.resticsecretaccesskey} + ''; + }; }; - services.restic.backups = - lib.mapAttrs' - (name: target: - lib.nameValuePair target.bucketName { - environmentFile = - config.sops.templates."restic-env-${name}".path; - - passwordFile = - config.sops.secrets."resticpw-${name}".path; - - inherit (target) paths repository; - + services.restic = + let + inherit (config.repo.secrets.local) resticRepo; + in + { + backups = { + "${config.swarselsystems.server.restic.bucketName}" = { + environmentFile = config.sops.templates."restic-env".path; + passwordFile = config.sops.secrets.resticpw.path; + inherit (config.swarselsystems.server.restic) paths; pruneOpts = [ "--keep-daily 3" "--keep-weekly 2" "--keep-monthly 3" "--keep-yearly 100" ]; - backupPrepareCommand = '' ${pkgs.restic}/bin/restic prune ''; - + repository = "${resticRepo}"; initialize = true; - timerConfig = { OnCalendar = "03:00"; }; - } - ) - targets; + }; + + }; + }; + }; } diff --git a/modules/nixos/server/router.nix b/modules/nixos/server/router.nix index 5e9f40f..6e69770 100644 --- a/modules/nixos/server/router.nix +++ b/modules/nixos/server/router.nix @@ -7,8 +7,6 @@ let }) globals.networks.home-lan.vlans; selectVLANs = vlans: map (vlan: { VLAN = globals.networks.home-lan.vlans.${vlan}.id; }) vlans; - lan1VLANs = selectVLANs [ "home" "devices" "guests" ]; - lan2VLANs = selectVLANs [ "home" "devices" "services" ]; lan3VLANs = selectVLANs [ "home" "devices" "services" ]; lan4VLANs = lan3VLANs; lan5VLANs = selectVLANs [ "home" "devices" "guests" ]; @@ -188,9 +186,9 @@ in Bridge = "br"; ConfigureWithoutCarrier = true; }; - bridgeVLANs = lan1VLANs; + inherit bridgeVLANs; }; - # winters + # wifi "30-lan2" = { matchConfig.MACAddress = config.repo.secrets.local.networking.networks.lan2.mac; linkConfig.RequiredForOnline = "enslaved"; @@ -198,7 +196,7 @@ in Bridge = "br"; ConfigureWithoutCarrier = true; }; - bridgeVLANs = lan2VLANs; + inherit bridgeVLANs; }; # summers "30-lan3" = { diff --git a/modules/nixos/server/snipe-it.nix b/modules/nixos/server/snipe-it.nix index 3ebb784..a9c105b 100644 --- a/modules/nixos/server/snipe-it.nix +++ b/modules/nixos/server/snipe-it.nix @@ -44,7 +44,7 @@ in hostName = serviceDomain; user = serviceUser; group = serviceGroup; - dataDir = "/var/lib/snipeit"; + dataDir = "/Vault/data/snipeit"; database = { user = serviceUser; port = mysqlPort; diff --git a/modules/nixos/server/spotifyd.nix b/modules/nixos/server/spotifyd.nix index a392313..e5dc58d 100644 --- a/modules/nixos/server/spotifyd.nix +++ b/modules/nixos/server/spotifyd.nix @@ -27,12 +27,6 @@ in # when another user connects, the service will crash and the new user will login systemd.services.spotifyd.serviceConfig.RestartSec = lib.mkForce 1; - environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [ - { directory = "/var/cache/private/spotifyd"; } - ]; - }; - services.spotifyd = { enable = true; settings = { diff --git a/modules/nixos/server/syncthing.nix b/modules/nixos/server/syncthing.nix index 6998326..8a1945e 100644 --- a/modules/nixos/server/syncthing.nix +++ b/modules/nixos/server/syncthing.nix @@ -75,16 +75,12 @@ in }; }; - environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [{ directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; }]; - }; - services.${serviceName} = rec { enable = true; user = serviceUser; group = serviceGroup; - dataDir = if config.swarselsystems.isMicroVM then "/storage/Documents/syncthing" else (lib.mkDefault "/var/lib/${serviceName}"); - configDir = if config.swarselsystems.isMicroVM then "/var/lib/syncthing/.config/syncthing" else "${cfg.dataDir}/.config/${serviceName}"; + dataDir = lib.mkDefault "/Vault/data/${serviceName}"; + configDir = "${cfg.dataDir}/.config/${serviceName}"; guiAddress = "0.0.0.0:${builtins.toString servicePort}"; openDefaultPorts = lib.mkIf (!isProxied) true; # opens ports TCP/UDP 22000 and UDP 21027 for discovery relay.enable = false; diff --git a/modules/nixos/server/transmission.nix b/modules/nixos/server/transmission.nix index d737e38..c3f8e4c 100644 --- a/modules/nixos/server/transmission.nix +++ b/modules/nixos/server/transmission.nix @@ -1,7 +1,7 @@ { self, pkgs, lib, config, confLib, ... }: let - inherit (confLib.gen { name = "transmission"; port = 9091; }) serviceName servicePort serviceDomain; - inherit (confLib.static) isHome homeServiceAddress homeWebProxy nginxAccessRules; + inherit (confLib.gen { name = "transmission"; }) serviceName serviceDomain; + inherit (confLib.static) isHome; lidarrUser = "lidarr"; lidarrGroup = lidarrUser; @@ -96,16 +96,6 @@ in inherit isHome; }; - environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { - directories = [ - { directory = "/var/lib/radarr"; user = radarrUser; group = radarrGroup; } - { directory = "/var/lib/readarr"; user = readarrUser; group = readarrGroup; } - { directory = "/var/lib/sonarr"; user = sonarrUser; group = sonarrGroup; } - { directory = "/var/lib/lidarr"; user = lidarrUser; group = lidarrGroup; } - { directory = "/var/lib/private/prowlarr"; user = prowlarrUser; group = prowlarrGroup; } - ]; - }; - services = { radarr = { enable = true; @@ -113,7 +103,7 @@ in group = radarrGroup; settings.server.port = radarrPort; openFirewall = true; - dataDir = "/var/lib/radarr"; + dataDir = "/Vault/data/radarr"; }; readarr = { enable = true; @@ -121,7 +111,7 @@ in group = readarrGroup; settings.server.port = readarrPort; openFirewall = true; - dataDir = "/var/lib/readarr"; + dataDir = "/Vault/data/readarr"; }; sonarr = { enable = true; @@ -129,7 +119,7 @@ in group = sonarrGroup; settings.server.port = sonarrPort; openFirewall = true; - dataDir = "/var/lib/sonarr"; + dataDir = "/Vault/data/sonarr"; }; lidarr = { enable = true; @@ -137,88 +127,53 @@ in group = lidarrGroup; settings.server.port = lidarrPort; openFirewall = true; - dataDir = "/var/lib/lidarr"; + dataDir = "/Vault/data/lidarr"; }; prowlarr = { enable = true; settings.server.port = prowlarrPort; openFirewall = true; }; - }; - nodes = { - ${homeWebProxy}.services.nginx = { - upstreams = { - transmission = { - servers = { - "${homeServiceAddress}:${builtins.toString servicePort}" = { }; - }; - }; - radarr = { - servers = { - "${homeServiceAddress}:${builtins.toString radarrPort}" = { }; - }; - }; - readarr = { - servers = { - "${homeServiceAddress}:${builtins.toString readarrPort}" = { }; - }; - }; - sonarr = { - servers = { - "${homeServiceAddress}:${builtins.toString sonarrPort}" = { }; - }; - }; - lidarr = { - servers = { - "${homeServiceAddress}:${builtins.toString lidarrPort}" = { }; - }; - }; - prowlarr = { - servers = { - "${homeServiceAddress}:${builtins.toString prowlarrPort}" = { }; - }; - }; - }; + nginx = { virtualHosts = { "${serviceDomain}" = { enableACME = false; forceSSL = false; acmeRoot = null; - extraConfig = nginxAccessRules; locations = { "/" = { - proxyPass = "http://transmission"; + proxyPass = "http://localhost:9091"; extraConfig = '' client_max_body_size 0; ''; }; "/radarr" = { - proxyPass = "http://radarr"; + proxyPass = "http://localhost:${builtins.toString radarrPort}"; extraConfig = '' client_max_body_size 0; ''; }; "/readarr" = { - proxyPass = "http://readarr"; + proxyPass = "http://localhost:${builtins.toString readarrPort}"; extraConfig = '' client_max_body_size 0; ''; }; "/sonarr" = { - proxyPass = "http://sonarr"; + proxyPass = "http://localhost:${builtins.toString sonarrPort}"; extraConfig = '' client_max_body_size 0; ''; }; "/lidarr" = { - proxyPass = "http://lidarr"; + proxyPass = "http://localhost:${builtins.toString lidarrPort}"; extraConfig = '' client_max_body_size 0; ''; }; "/prowlarr" = { - proxyPass = "http://prowlarr"; + proxyPass = "http://localhost:${builtins.toString prowlarrPort}"; extraConfig = '' client_max_body_size 0; ''; diff --git a/modules/shared/config-lib.nix b/modules/shared/config-lib.nix index bf21184..4439036 100644 --- a/modules/shared/config-lib.nix +++ b/modules/shared/config-lib.nix @@ -21,7 +21,7 @@ in confLib = rec { getConfig = if nixosConfig == null then config else nixosConfig; - gen = { name ? "n/a", user ? name, group ? user, dir ? null, port ? null, domain ? (domainDefault name), address ? addressDefault, proxy ? proxyDefault }: rec { + gen = { name ? "n/a", user ? name, group ? name, dir ? null, port ? null, domain ? (domainDefault name), address ? addressDefault, proxy ? proxyDefault }: rec { servicePort = port; serviceName = name; specificServiceName = "${name}-${config.node.name}"; @@ -88,76 +88,65 @@ in mkMicrovm = if config.swarselsystems.withMicroVMs then (guestName: - { eternorPaths ? [ ] + { enableStorage ? false , withZfs ? false , ... }: { - ${guestName} = - { - backend = "microvm"; - autostart = true; - zfs = lib.mkIf withZfs - ({ - # stateful config usually bind-mounted to /var/lib/ that should be backed up remotely - "/state" = { - pool = "Vault"; - dataset = "guests/${guestName}/state"; - }; - # other stuff that should only reside on zfs, not backed up remotely - "/persist" = { - pool = "Vault"; - dataset = "guests/${guestName}/persist"; - }; - } // lib.optionalAttrs (eternorPaths != [ ]) - (lib.listToAttrs (map - # data that is pulled in externally by services, some of which is backed up externally - (eternorPath: - lib.nameValuePair "/storage/${eternorPath}" { - pool = "Vault"; - dataset = "Eternor/${eternorPath}"; - }) - eternorPaths))); - modules = [ - (config.node.configDir + /guests/${guestName}/default.nix) - { - node.secretsDir = config.node.configDir + /secrets/${guestName}; - node.configDir = config.node.configDir + /guests/${guestName}; - networking.nftables.firewall = { - zones.untrusted.interfaces = lib.mkIf - ( - lib.length config.guests.${guestName}.networking.links == 1 - ) - config.guests.${guestName}.networking.links; - }; - - fileSystems = { - "/persist".neededForBoot = true; - } // lib.optionalAttrs withZfs { - "/state".neededForBoot = true; - }; - } - "${self}/modules/nixos/optional/microvm-guest.nix" - "${self}/modules/nixos/optional/systemd-networkd-base.nix" - ]; - microvm = { - system = config.node.arch; - baseMac = config.repo.secrets.local.networking.networks.lan.mac; - interfaces.vlan-services = { - mac = lib.mkForce "02:${lib.substring 3 5 config.guests.${guestName}.microvm.baseMac}:${mkDeviceMac globals.networks.home-lan.vlans.services.hosts."${config.node.name}-${guestName}".id}"; - - }; + ${guestName} = { + backend = "microvm"; + autostart = true; + zfs = lib.mkIf withZfs { + # stateful config that should be backed up + "/state" = { + pool = "Vault"; + dataset = "guests/${guestName}/state"; }; - extraSpecialArgs = { - inherit (inputs.self) nodes; - inherit (inputs.self.pkgs.${config.node.arch}) lib; - inherit inputs outputs minimal; - inherit (inputs) self; - withHomeManager = false; - microVMParent = config.node.name; - globals = inputs.self.globals.${config.node.arch}; + # data that should be backed up + "/storage" = lib.mkIf enableStorage { + pool = "Vault"; + dataset = "guests/${guestName}/storage"; + }; + # other stuff that should only reside on disk, not backed up + "/persist" = { + pool = "Vault"; + dataset = "guests/${guestName}/persist"; }; }; + modules = [ + (config.node.configDir + /guests/${guestName}/default.nix) + { + node.secretsDir = config.node.configDir + /secrets/${guestName}; + node.configDir = config.node.configDir + /guests/${guestName}; + networking.nftables.firewall = { + zones.untrusted.interfaces = lib.mkIf + ( + lib.length config.guests.${guestName}.networking.links == 1 + ) + config.guests.${guestName}.networking.links; + }; + } + "${self}/modules/nixos/optional/microvm-guest.nix" + "${self}/modules/nixos/optional/systemd-networkd-base.nix" + ]; + microvm = { + system = config.node.arch; + baseMac = config.repo.secrets.local.networking.networks.lan.mac; + interfaces.vlan-services = { + mac = lib.mkForce "02:${lib.substring 3 5 config.guests.${guestName}.microvm.baseMac}:${mkDeviceMac globals.networks.home-lan.vlans.services.hosts."${config.node.name}-${guestName}".id}"; + + }; + }; + extraSpecialArgs = { + inherit (inputs.self) nodes; + inherit (inputs.self.pkgs.${config.node.arch}) lib; + inherit inputs outputs minimal; + inherit (inputs) self; + withHomeManager = false; + microVMParent = config.node.name; + globals = inputs.self.globals.${config.node.arch}; + }; + }; }) else (_: { _ = { }; diff --git a/nix/hosts.nix b/nix/hosts.nix index 31f7406..29de26e 100644 --- a/nix/hosts.nix +++ b/nix/hosts.nix @@ -176,7 +176,7 @@ configurationsPerArch = type: minimal: mkConfigurationsPerArch type minimal; in - rec { + { nixosConfigurations = configurationsPerArch "nixos" false; nixosConfigurationsMinimal = configurationsPerArch "nixos" true; darwinConfigurations = configurationsPerArch "darwin" false; @@ -198,17 +198,6 @@ // config.darwinConfigurations // config.guestConfigurations; - guestResources = lib.mapAttrs - (name: _: - let - f = arg: lib.foldr (base: acc: base + acc) 0 (map (node: nodes."${name}-${node}".config.microvm.${arg}) (builtins.attrNames nodes.${name}.config.guests)); - in - { - mem = f "mem"; - vcpu = f "vcpu"; - }) - nodes; - "@" = lib.mapAttrs (_: v: v.config.system.build.toplevel) config.nodes; }; } diff --git a/nix/packages.nix b/nix/packages.nix index 3707fb6..2f2f525 100644 --- a/nix/packages.nix +++ b/nix/packages.nix @@ -25,21 +25,7 @@ # see https://flake.parts/module-arguments.html?highlight=modulewith#persystem-module-parameters _module.args.pkgs = import inputs.nixpkgs { inherit system; - config = { - allowUnfree = true; - - permittedInsecurePackages = [ - # matrix - "olm-3.2.16" - # sonarr - "aspnetcore-runtime-wrapped-6.0.36" - "aspnetcore-runtime-6.0.36" - "dotnet-sdk-wrapped-6.0.428" - "dotnet-sdk-6.0.428" - # - "SDL_ttf-2.0.11" - ]; - }; + config.allowUnfree = true; overlays = [ self.overlays.default ]; diff --git a/profiles/nixos/microvm/default.nix b/profiles/nixos/microvm/default.nix index 2b88350..226edc7 100644 --- a/profiles/nixos/microvm/default.nix +++ b/profiles/nixos/microvm/default.nix @@ -23,7 +23,6 @@ ssh = lib.mkDefault true; wireguard = lib.mkDefault true; dns-home = lib.mkDefault true; - opkssh = true; }; }; }; diff --git a/secrets/public/wg/summers-ankisync.pub b/secrets/public/wg/ankisync.pub similarity index 100% rename from secrets/public/wg/summers-ankisync.pub rename to secrets/public/wg/ankisync.pub diff --git a/secrets/public/wg/summers-atuin.pub b/secrets/public/wg/atuin.pub similarity index 100% rename from secrets/public/wg/summers-atuin.pub rename to secrets/public/wg/atuin.pub diff --git a/secrets/public/wg/summers-audio.pub b/secrets/public/wg/audio.pub similarity index 100% rename from secrets/public/wg/summers-audio.pub rename to secrets/public/wg/audio.pub diff --git a/secrets/public/wg/summers-firefly.pub b/secrets/public/wg/firefly.pub similarity index 100% rename from secrets/public/wg/summers-firefly.pub rename to secrets/public/wg/firefly.pub diff --git a/secrets/public/wg/summers-forgejo.pub b/secrets/public/wg/forgejo.pub similarity index 100% rename from secrets/public/wg/summers-forgejo.pub rename to secrets/public/wg/forgejo.pub diff --git a/secrets/public/wg/summers-freshrss.pub b/secrets/public/wg/freshrss.pub similarity index 100% rename from secrets/public/wg/summers-freshrss.pub rename to secrets/public/wg/freshrss.pub diff --git a/secrets/public/wg/summers-homebox.pub b/secrets/public/wg/homebox.pub similarity index 100% rename from secrets/public/wg/summers-homebox.pub rename to secrets/public/wg/homebox.pub diff --git a/secrets/public/wg/summers-immich.pub b/secrets/public/wg/immich.pub similarity index 100% rename from secrets/public/wg/summers-immich.pub rename to secrets/public/wg/immich.pub diff --git a/secrets/public/wg/summers-jellyfin.pub b/secrets/public/wg/jellyfin.pub similarity index 100% rename from secrets/public/wg/summers-jellyfin.pub rename to secrets/public/wg/jellyfin.pub diff --git a/secrets/public/wg/summers-kanidm.pub b/secrets/public/wg/kanidm.pub similarity index 100% rename from secrets/public/wg/summers-kanidm.pub rename to secrets/public/wg/kanidm.pub diff --git a/secrets/public/wg/summers-kavita.pub b/secrets/public/wg/kavita.pub similarity index 100% rename from secrets/public/wg/summers-kavita.pub rename to secrets/public/wg/kavita.pub diff --git a/secrets/public/wg/summers-koillection.pub b/secrets/public/wg/koillection.pub similarity index 100% rename from secrets/public/wg/summers-koillection.pub rename to secrets/public/wg/koillection.pub diff --git a/secrets/public/wg/summers-matrix.pub b/secrets/public/wg/matrix.pub similarity index 100% rename from secrets/public/wg/summers-matrix.pub rename to secrets/public/wg/matrix.pub diff --git a/secrets/public/wg/summers-monitoring.pub b/secrets/public/wg/monitoring.pub similarity index 100% rename from secrets/public/wg/summers-monitoring.pub rename to secrets/public/wg/monitoring.pub diff --git a/secrets/public/wg/summers-nextcloud.pub b/secrets/public/wg/nextcloud.pub similarity index 100% rename from secrets/public/wg/summers-nextcloud.pub rename to secrets/public/wg/nextcloud.pub diff --git a/secrets/public/wg/summers-paperless.pub b/secrets/public/wg/paperless.pub similarity index 100% rename from secrets/public/wg/summers-paperless.pub rename to secrets/public/wg/paperless.pub diff --git a/secrets/public/wg/summers-postgresql.pub b/secrets/public/wg/postgresql.pub similarity index 100% rename from secrets/public/wg/summers-postgresql.pub rename to secrets/public/wg/postgresql.pub diff --git a/secrets/public/wg/summers-radicale.pub b/secrets/public/wg/radicale.pub similarity index 100% rename from secrets/public/wg/summers-radicale.pub rename to secrets/public/wg/radicale.pub diff --git a/secrets/public/wg/summers-storage.pub b/secrets/public/wg/storage.pub similarity index 100% rename from secrets/public/wg/summers-storage.pub rename to secrets/public/wg/storage.pub diff --git a/secrets/public/wg/summers-transmission.pub b/secrets/public/wg/transmission.pub similarity index 100% rename from secrets/public/wg/summers-transmission.pub rename to secrets/public/wg/transmission.pub diff --git a/secrets/repo/certs.yaml b/secrets/repo/certs.yaml index e08ba2f..db504d7 100644 --- a/secrets/repo/certs.yaml +++ b/secrets/repo/certs.yaml @@ -8,350 +8,170 @@ sops: - recipient: age1s0vssf9fey2l456hucppzx2x58xep279nsdcglvkqm30sr9ht37s8rvpza enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNNjZLWnRFNThZV21TbTNr - S045SnZhS2RialJTNmExdW5QYU1Qd0Fqa20wCkUxU0ZTTmowV2xZZzBNMjd2aFFP - alIyQmxrK0VnSFhwNFNXR3dxUDNpRzQKLS0tIDJtdEJ5TVN1VWNFN010L2NocW0v - ZUhhZUFITWt6R29IZTBvNVp1K2IyT00KBcZ3Kb/beJCyEugzMOx+rk5Un+Hg/Q9A - ldAMpStVP9/rIYfZo86L6mh8INzZrriDVoshi6pUL+8MdGmuE7f50g== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBnWWx3YkdrRklsM0R0M3Fj + VmhDNkpicjVPZmgwUzk0b2JseTRoVld1TXlzCmRIVjZTZThVeHQ3NCtaVGtTN0RK + UmR2cksrT2xXeGNKT2FTRXFiZE82N0kKLS0tIFZLVjh6Tm50a1g5b0tGMFB5QjBQ + aDNib1gzUGk3MGk0N3BWbEhOUnRoRG8KKNX9e1cc3kikcyVmKcAr0b2vp2catXrA + 1W8aaTgB/V7o0c1ZfxLVCj2B+Niavs2UZ0hsl2o/LEPhob5NgmGxnQ== -----END AGE ENCRYPTED FILE----- - recipient: age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4THRYV1RjU2grRGNqZjdE - Q2hIR1B4eHprRWEwSTZ3RUs2K1RvT1dpVDBrCnZFbStTL3NmZ1I0SFNrUDJTbmdX - OTNUN3kyOGlpbDVDT0kxVjJHV0ZCL2sKLS0tIFE5SXc2eXlPR2FZTm9wSUtRNnh0 - SytwRERLVUI3SHVpSjVzQXpIN3lPYWMKq/asM4wSRLgnN6PehhPswxMUwClqp5ZS - XFkCxIAhU3VXj+0Vg4as4kg1msXMQtegd3TA2/0Hj0Bwb8QFNZSPrw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtZnBLMmo0V3FJQktqY242 + YVZ5Z3N6cHZuQ0dER0pyWmNzOUhCVGpJTlhzCmtXeEZRUGpYYkI0UkZ4djJBRThJ + OE9Ibzl6TzUwQm4yZ21yN3ZkSC9kdjgKLS0tIHF5bkNvWlNOMUd6bzF3QktYNDk5 + OFI4VFU3ZEpxN251d28vK1V3UFNWa2sKwcmJy3nLqX9OiH6yCOOcheQTasu1LKUk + nXvG3SESEEuhuzJHOlREgF8xiZz3n2t4uJGcdVsrn7PGdytpgvqmgw== -----END AGE ENCRYPTED FILE----- - recipient: age1g7atkxdlt4ymeh7v7aa2yzr2hq2qkvzrc4r49ugttm3n582ymv9qrmpk8d enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBuMzNjODg2bU1PNFY4ZFZ2 - cXIwK01mblhrUnJQd3RFc1hjSGp4VFNlZVE4CjFDeGdseHNvTGdYZWh1alg1QWxn - MEdJY1F0RWdkcW5oeGdjKzdTRFZGZ2MKLS0tIHdNNTVEOXdkY0RJUTJRQTdVbmNa - RVY2OTFacXhlWkxJSHhKS2JvdVpiemcKNqexY5tRAF+vmiM/Ilbfpr1gNWasexFP - bOq1TWr7euQEoPJhgziZwukHv0fpc2j0MK6VYwR2UBQ6HVc96tc0/A== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQdkFwbCs5ODZTVmVRVXBp + N3RkUGUrcU4zNEZXUDN6ZUhsdjIyRWl0eUZRCk5NUkNXQjFuTjhYRG1vRWQzRE1X + OHc0RzJYaSt4eGlSZUl0aXEzd2RXUWcKLS0tIEE0cklRYzNJYkx3T0hOaXJET1pM + RzVtWU9OTmwzMXV2SXZ1RlhtU1AwaEkKnPwyerahQb+dQExCvYYTQLpCk759gY+K + bErEkJiwnE2B8jScPjRcv5lHxFjXkJDhWDf9yiwfdpChYa5TsdNXOw== -----END AGE ENCRYPTED FILE----- - recipient: age1ly2endyt0y9xyddj6yuj4nw6fa3ltvzlvew4cr4lzs6dv8dkavpqadmyxx enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0WGp6dUliSytzZWFKSzUy - SG5TUU0yU1BkQVR0MDFscEsrdzBQTTM1L21BClJTZk9vZWhWbEZiSnRlQWVDdk4y - dlZ2Tzh1Ti95Q3VRM2VqVStYdnJ5R00KLS0tIFRvZFNOOHRPSjJiSU5jeUJiRDBl - T2xKUXZsVTFyR2ExSmt5bEFmN1BlT3MKGgwMrgNHTW/toorF/2lq1SNfYMqnU/uO - TKZ5KDrLNnTB/jomm96KQAUWCK35HrTTsEjZz6ZOl3vw7vxdeY1jMA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYRkVxajBrWStPU3d4dEo4 + bEVkemZPZ0I0ZUhVMlh5Z09HR3VhRzhTNWk0CkxXeUxoanFUa1U4VnNsT08yZU5p + Ymp4TG4wYUtYajB1ZnM4cE1qaWtpdE0KLS0tIHVFTU9wVVgzMTVEWk9QU2pLUXhP + dGNEbUN5SHRDNS9lUEtWSjFZVEJOL3cK17zNZodyRDHyGhdPjhQ1y4GD9hgZjv6Q + I6aG92b3PqhL2djlUCZWz3laec1n0pm07N2BLeQipukiTUBta2opeg== -----END AGE ENCRYPTED FILE----- - recipient: age15klj4t7gpfp69472mne4ue62pp6m4e04dmjyw7yf30qtqd3vl3uqjmcyxm enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5Ri9lZG9SZ1MwaURqYnRl - QXhhdFlNdlBTZ2xNb1hUdUdBNjlhNFBoZkFNCjRuWVlKVzM0akRRcXpCOTR0VDhH - ZWg5Y0ZNQmJQNkNvd0laanNaTm5XRmsKLS0tIEIvTHVQZWtQeVRuWlh6bGFGa2t4 - aDYvMXU3T0c2bGpZOFViVUd5a25TWFkKOF0eSurlqjUipXjVH6dJh2OxON+cJk2f - n5g5eqYp/kG+wTKp2/WA4tJFhRNZRRh0zqrBjv8cp+zo9mCA8d2Ewg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKRTNIaXg3OTd4THBLWlUz + RXJNVkhSekRiZVIrVU1RYlNIbWhYMjNDSTNzCmQvQU1FYitZMUpQS0tLS3ZjMjJV + aGg0dTBLMWJRRWN2ZUV0dklLSVdXNGsKLS0tIFAxY1VpWE1pd09HeUFvdFBPeHdl + eFBHK0RaL0xwSjE1MVZ1VDN3aFlHbTgKUfl/Hcf/ZPgQkBQN8ZEPdHEZvBuGcmCS + ZWEYmMAM5GDdfv0Uei63b6JEiwoFIOdzOkoGczYuINo7bjgdG3aKQw== -----END AGE ENCRYPTED FILE----- - recipient: age1k73gy5em3js9zklnnkzp5hme9k04lny32fgahmzddknjw5c295asdyr4x6 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBqUzFVUHlZWjZYSHFSd21N - dkt3bEo1Y2xxYWt0S3N3ZllJem01Y2NFdUdNCnY4dHZLSzMyQVRRS3dsQVhtbnp5 - a0ZhUlQ3Qk5wdGlpcDFiem4rSlU1Q1UKLS0tIExLOW9rdmRNdkpKQUh4UlBoYTRi - aEdnWklzL0NIdDFzU3dLLzJOVHFOS2MKYzms9+UBWyCwY0PKN8Cx3h4ebi/aKDqL - NMNbtlghvHcbN0+DROMK9qRGeiy9KQi2Ja+bMqPOObTNJuCXJluqXA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmWGRnakRiSFVYdU1uY0Vt + cEMvVkE4VVZKSTFvMENHNWhhWElmSytlczNZCjkxWGVyTzQwVWF2UmhNWWYvSHI2 + emljVGloMTZnWmZLYVJwMVJGMzdodDAKLS0tIDFkclQrOHVqMWxWR1NjNE13UG9P + aGpTbUQ3UHN1ajlGWWdUaTFyK1VvY1kKwid1CxcpA3yl/STfuOMGNvdSShzjMLwL + gWXJ+6RPJcxNknKWzUuI4XIdlVmQ1o11Ju+I0/Ls9KeZJO4WK5DMsg== -----END AGE ENCRYPTED FILE----- - recipient: age1cmzh82q8k59yzceuuy2epmqu22g7m84gqvq056mhgehwpmvjadfsc3glc8 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBidUdKNGR0Unc5VE9QNHJQ - VjJZRGltVGJaY3M5U255TElpZDR6dC9NTHg0CnBKc3ZBbzgxM1hZWG5vWjUydjc5 - SmJ5a2VIR1g1TGloVjJkUG4xWGZ1TjAKLS0tIEh4c1BoNzlIRGxWSE1FTHY3M292 - dHJ4OG0yampBR0tSSkdrWjJ3eGxReE0KM9V5MxA8R8QMJGEknG45IaX/4ukuyBnh - C1IuqlqhBBj+ziLHHoa2eKw4p2vVFxdNgOyapLjLbMdzIHg8b8sfAQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3cmxMRGxhUE9RR0trZzJW + cWM5SnErdllIRjB3cmd5Z3Y1TTh4NHBhZEZjCkthM09qZkhTaWQ2RGlaa3NCdTBo + TjdLS05QeFl0c3lQRUlic2JaSEhpMzAKLS0tIFB2STlHMXRRNE0zNitPbTIrWkQ4 + emFmU05tbEl3OEEzMURmMnZDdXFMVWsKjnnTZqEb1n92LpeQy5oqA7jD1KcCXWol + 6HryhCI0IDVrJ4V3guihdcaRPUhnQCHllQK15RFkrVduYZ5BxmbNGA== -----END AGE ENCRYPTED FILE----- - recipient: age1wmx8y2hs83j2u5srdnfxljrzxm8jtxl6fr0mq7xf2ldxyglpzf2qq89rpx enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBqWVRSOW1uT2k3ZnlueWhG - cG8zeWZoTlFNc09DdThBQzJVa3ZVV0RTUFY0CjJZWlFOekdTSW5WWW9neFhGZjlh - am51MEQwRkhmYVQva2M3OTZIdlhGYkEKLS0tIHkxOVpuOFJOS3B3aWJxT3pFMWVR - ZWdiUDFSSDFGNTBPKytQOVQyK0pHdjgKLqn0aAHxf8bRGJS+D1rvCRQ3H14H6HoM - KmfNe4/IsDsJT9/MS/sfcGMEvI/bQd/RX4hcjAi9cbH2C+ajceGMpg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQd2hHU0x6WE5nY28wMWlJ + YXVUdEFTTUl0enp2aUZpa2NuVWpnMFVYS3p3ClNyeFljNTRHeVJKOFp3bEl3QW5S + ZXkrWi9JczgyQnZYNmJSWVNZcjFrRjQKLS0tIGYrdkpaVFlnaEpialFmRkZpVmJZ + T1VKWWFXeXdvcW1FOVVpdDJIcXJWWk0KRVwWBLOuA3HNJQTy3wGM8Vh9eAitgxZX + g/eL11CvU2/2sw2pyFCV0hIea46iU1P7s+dWirjiuear5phGNlUa6A== -----END AGE ENCRYPTED FILE----- - recipient: age1mjgw3nxlnqdj04mgjz3wn7fj2nl2nxla4p2r2fn4nkvayfgp09pqllxzyh enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0SVJYMExubGkvbW9SVG5Z - OVpvNnlnaDdKNnAvS2hZV1FvZDRKdkRZYTBnCnFETXpqZzhjTHBXcThKU1FWYUUy - aGpVTElMZkF5bXMyRlNkNDBwaTlwZVEKLS0tIEtCbmdrb1FkTzJZNVdCcWJHWmU2 - YUpLMURlWE5zdzBPRjZIRitEeXNScWMKzapn5yL6p7gG/IGawqa76xH1rzB0phDE - Pstp8Ot6opo/m3+EA7OJRpAjT8K1ghGkJYFCzHMB3zNy7q4/0gfqOg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOcytidVZGbUVNcitZVkFF + SnRLMEFJVUZ6MWpPcjZsR2srbHl1NlFXRjFZCmovRmUyeWtUMnA2bGhVQzMraWZK + Y3haVDBINmRFTmMxa1YvSlA3MmVyNkUKLS0tIFBiNUZJRyt3TU8vMTJyZE12NEhm + YzFRbzRWRUZ6UEJFUXJuOW1xYzRqRWMKkUmIofugd7oUSKqE+t1L4NDm/mAyKl8T + ppUKu6fM5Ka4qOpPmudHlFhToE1QumDkPwo4GajdiNXjxEKWHHN3Xg== -----END AGE ENCRYPTED FILE----- - recipient: age16vzhcvz8tyxj8e0f47fy0z4p3dsg0ak4vl52ut3l07a0tz465cxslmhevl enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAza04yTnRWcGRNenlJUkVG - MW9pSStqSmlRdXM4eERzZHlodTgxbzJSVlFVCjJma296L3NFVHhwL0tpZG8zZFZr - Y254RHVkTTk0eHJPUklrc28xZnovYVkKLS0tIGRZRXp5SG9xOFB3OS90VzJWQmlC - WjJNaC9LQ1hDbnFtUVRvaTRqL09tOEUK57Ro2BxOfQs9j6LifuqhPfSKbPIcWuZX - zkBojFe4tP+M793YkCDfQJGigowq0SjnonQIeTvDFMz5IUXhBXZsrg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBySVBqd0kxSmtWQVNuVVhm + SGVxNDZJRHUwek4zL0hwVGZUMkV2UjZCWlQ4CjB1ZFNiY003Y3RyY2doVFVXRVFL + Q05EMW1EUWZjZGV6elJLSG4wYTRrRHMKLS0tIGZERHFoS1NlY0FPZXNDZDlqeTdP + U3ByUFVQTEZXNGxmcXRDWFYrZGZqZWsKXpukgZmmjugmJOuBvg5FVJo41os0dC4P + 1+YhulpwF2ioa8zINFqx+LMrfQYdOInjmRbquWjco4XhHJj4yWW/+Q== -----END AGE ENCRYPTED FILE----- - recipient: age15cx90pnp54xp5gxlt02yn9j2pz968wp3l5ukdkx55xuecp34e5pszjku4m enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkTTNpODR2ME1XUWdmMFpt - REh0MGZXUUFtcWw4czI1aWVSMUg1d3UvM2wwCmRyd1BSWGR0NFEzYVZFL05VckFy - b2tuSFNvaHpLcXhrMHRESVVWcDhDMDQKLS0tIGhCUFZ0ZzVKaVQzcTFDUnpCdWRu - OHhzUDhaVUVSbUlTdlVkSXErUDhjT3MK40vVZElcLenWX6TqH6fljD53NNZYvUJL - /yU3RXOh2F8V4akatH0WzX+fCZGhyanMbbnpIuwHuwjAtNti7Y22Hg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzeS9icFd3YXRkbmxiSml6 + WlAxTFkwSXR1RjFmR2tWR0Y4WlR4ODFuSkVzCjlDd1hsczJUOEVyeTZSYmVmRm0y + bitNZmFqTU1WL0E0aWxXRnEzK2FMRUkKLS0tIFFHZytFdVFnaTVUbjh6U3gxRGI3 + UnRESStWWUtodmNCMTY2Z1p5OG51K0UKakbANM86Z27f/qsYMXwcJ1wNBaUZEkiy + ng7aqlbapKA1MA3rStEP+xgW3JnKg3i00ll26wABzX/qD6KmANyuyg== -----END AGE ENCRYPTED FILE----- - recipient: age18quey88vge7xytclg2nuq4ncme86dg04lxwczqxczmdchnjg3p0saehsnh enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1ZEl2LzN6VG1HditFbkNH - TkFqVExHejRLMzV1MU9Va0FjMnB3Sk1GWDNjCmpwWnlGSnEwbFl2T2I3TlNTcWc5 - a3dCcTN6TVY4MU43djlONkRXVUorcHMKLS0tIGxrQ0RRblRWTHVybyttSHJYekNw - Z2VUNEhRektGajJLdGd6ck0vMnE4SFEKqsA0RJOt8A14bsM5aMX9v+2dLu514atg - tX+Y0l4Xw0F+N796fQlRHpeuMPPQO9W+2M32aDTHulnMUyL+l17aRg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQRC93YThoQTdaemY5M1cw + dFR4eGZzeW1TcXBmRysyQXFySkdaeGRNZUJRCi9NRDE0WjIzeUNHcFpqNjF2Y3Nj + Ry83aEZ0RC9BVGtCbzlkcTFpSWRhM3cKLS0tIEtIMWc5TDgyVGI4MkR2amJOU0du + QTlWZlhJNzZ0Z0pIRHh3RXhMdWhJalUKiawxO7zWAjalJHz6UxXFCvhGEFr4RT3u + HsDl71bqZI/iSuAHngcIgIulCWNXuiJaG9hCgq7E9iIqc7ynLluMow== -----END AGE ENCRYPTED FILE----- - recipient: age1ax5hqk6e2ekgfx5u7pl8ayc3vvhrehyvtvf07llaxhs5azpnny0qpltrns enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzTFN5TkpaeExsOVUvWnEr - aW9ra1ZzSWk2UCtEalMxRW4rbGx6UHJJTmp3ClZab1NINGcxc0FLSWtsdnFhdlgx - ZVdLMGMvU1F2V1NHRklRQ1dJZkdxR28KLS0tIHBQUkZ0NDQ0WjRVZ0tybWg5TjFD - Tm84c05NeVp5WEhUdWVTLzRDYzJLcjAKsWF9855iPjJlf2OFPm5TUv2Qd3Y3lhB0 - x9pibEayVzHnT9+JBlsfLMwmw481weJ17BI05N/HhEtfPxD8/nAx1A== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTM2NGbjg3dzEvRHAvbFdX + V3M0N0Z0THR0UW5MWFQ2UHhoSjk1YitwZUFjClpuT2VYWXVGZzQ2ZGRhQ2dqZGNM + WUZPRGM0TzFNRUoyMW44dERWdDNaSGMKLS0tIE9tL01EeHdxVEJjdG1NNXBOZUxM + RjBUYU9xdGNnWTR6Y0VCeUxIOCtoNW8KrctxQ5yZFEGukZhgTXGooDNo0VxnOSKs + qTitU6rCMqMp7mERFWizn8GNJau6J7fhkHWEFK/cA7Vn4ur2rphdNw== -----END AGE ENCRYPTED FILE----- - recipient: age1c2enwel9un28dcs4wg0vcyamx9a4a6g3walkhu8w5lqhmd804paq9d24as enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSByMGpRRXlneGlHTkM1VnZi - R3RzSkFjakJqMDdjYlRFYWRPbU5neGtJZWd3CnVNbkgxZzVqcGE3MkgrbVBSVGIr - Z0dGVkhYZGErRTZsK0ZtNXNJVmhVNkkKLS0tIEpBQjFKcEM4T25pTS9sTFRwMHFs - cjVWbENSNGhTRjB2QlhYaGdTRXh6dlkKt4ljMjn/IMZXq5fjWn/s9R/A6/FA/BLN - SH9fKgW7CC5iTj6c1c66h/PoZaEHOwzS+pWhP14sRBRN1Rb2mfx1gA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXSE12VTVMMUI0dElFZ1dJ + eUJ4QjRwcEc5S3BwTk9ZTVNYYStNNHg4NWtFCnlMbWQzb3V1S2dmMEh5MzJ3em1u + b2pjU2hxWHA4cEpNekNWMy9VOWJ4ejgKLS0tIHZKMzdaTExpNzNlY1FVN1lwT2Mr + QUJqVzdRK2lXbUo5SHJ1TjJMdDc4amMKE6ITfECZBGbIAltRTE8emGhsMxCCezAi + av6BqoRotYm+yc0/bHXubRmA7pLqA0z87WmheYDa7C1N81QZGFBV5Q== -----END AGE ENCRYPTED FILE----- - recipient: age1nanlervuderw4qskcuessycqy2yfmptl6nym9scgp9ky2265ssmq3u73r0 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBFcDBHWWZQVTF6MmlDV0Qr - MVQ3c0ExNFl2RENMbWRyWHRMRld6SFBCdFdjCjdQK0dibWlnSzd6WmlZMFNtYWxw - cHVzT2ozNUswbVoveXZnQWJiLzQyRmMKLS0tIDFEcStBSVdWRHZTOHFoYVJUR2V6 - c3I1RHl4L2IrMGVsTmhKYXFpZkl6TU0Kl5j7KKl30a5KYgb0n6n2AbTCoAA/aZSE - aYiTD3ZHLhMedBGOk38hcnRvP+PpEpF3djFwZlBzK+JHdzIbkTjGkQ== - -----END AGE ENCRYPTED FILE----- - - recipient: age1kyue7mfvzuxprjz2g6ulz2mxlr57rgzg6lfpnrqedkelehley5ls3enwsd - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHV25FZEZvUzF4b0QveEdF - SE5RVkZqSjhBQmdQNGFnNzZWcVNZdWNQSVRFCmFKNlM2bkFXT0Z2NzBnRnFDSnRh - alRzUmo2MzNJTmcyMFNsTHdyQ1hGTjgKLS0tIDUzS3B1ZlZWVFV6UXdlbkxxZFk2 - T29PYWhJLzlscm5QTUNCSlF1Vm9udTgKDcBcGNwtZvm9ZqmpW+K1zWCy6Cj5AYu6 - 9s6myBjasLwnAB1IeFBrH8GP2VyjEDdAgjclnIjCJvCUmIC4+Fa6iQ== - -----END AGE ENCRYPTED FILE----- - - recipient: age1qpgj3ell93rzkpjq0ezs6t669ds3nyxx67pj50smx597pspz6fqs4jc6pt - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBadkhtR0w2VXNxMWZHVE1D - VXI1N1gxYlprY0VHZFlvek9xZDhTeDJjZ1NRClhCM3Bkd0lPV0FBc0gzeTlQa3NZ - QlRleW1jV3JYcWw5emlOS1A0SGxhVE0KLS0tIEppd3dTbTBKLzRCWGFLR2dlVy9H - VU1NcHlSamwrTTI2MU5NdVJaeko1QTAKEzkdZ4PB6JWLI7IeF35vbw5oko0FRXyV - +M+UQHvGxfb2PN1O9CevmyGXKtCH3Zi1IKBrWA+WtqMO5X/+/FHyrw== - -----END AGE ENCRYPTED FILE----- - - recipient: age1f63r2klnpfxmntswz5xydpa75ckgjqcs2yzkm0msqwqgz9aqgu0qwzr659 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBZVHJZV1hPaUV6aTl4Rmh0 - OGRnK2tub2NBUlN6d2NoMWlnN2dja2RlTmdFCmdLNVloOEFLMzdEZWRGdGd1K08x - aGlUNXlYekM2UXNxU1VRODRjdmJBVU0KLS0tIG5IL2ZsbzdnTEV1c0kvM205ZXhr - alllblg5LzFoNjRSYmxOeWpNOHRMKzQKN/Yqm84+1I3jBxkb4IClhfn6n96DxAsF - QMYSafaOkxQaCR0C3eRacI0TEhSadY8E0o1pomyoMLCH7Xbc/vIQnQ== - -----END AGE ENCRYPTED FILE----- - - recipient: age17328xwk0z3znalpmma5rvp0lt5ghn5p8xfvnrtdxwsw80dqysacqj9j37q - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3d2Job0FSa1BaUi9Sa1A0 - aDN2U2Fmd01oZW94OGVVcGI1eGo0YW1XcERFClZZTmJXblEvaXpiU0NWTzllK2pJ - WEZDcjZlTml6MzRRbUNIaFVRc1Jka2MKLS0tIEQvajVzZjNsM1V2MHo5cjM1c1l1 - WDhGZFd2TGNTbFB6bVJiQmFWa2dyZm8KqLtLkFlauxtieNB+/r8NOP4ZJFAXsnSp - wb3N7gnZb8U5LW3rWRIJMqWA3KsmEUqegeH8SL902KPxX+UYrdkmZw== - -----END AGE ENCRYPTED FILE----- - - recipient: age1qdzkn6v3xhrfjwe8jxz3945dhyyhevwal0narjtr8whf9y7nh3wsn524u5 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBrVzBwYTFjdCtaMVVkT2lv - MDJPTlhIcFJkUDE3RG8yTkdqUEdmdmxTWkhJCkxCV2NsQzJVUEtUT0poNjJqTHVr - aG93RFNXVUU5LzNZWHVydFMzVlZyNmsKLS0tIGhkakJHSENqbzVQdkF3aksvVU1Y - YUFEWTVnNm5qNVJJOUk3aHpna2k3eXcK0et5D7VtlAVob53HKOjIz3Nk2oZ3hO1S - r3ebZT2/X0k5KWpjH7XOetzke1pTVx+bWyYZz8xWUqgcbNGxTKlAjA== - -----END AGE ENCRYPTED FILE----- - - recipient: age1etgfym5m8hn3hxs6cgg757zcv5zg5n22wq38fuq59n7qk7nef5uqyg6vvs - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBUREFJOXF4UjIwNXA4M0ta - SWFRK2QxQlVtZzFKSEllRmJXM29KQkZOaURBCnB1SUc4VzR4SHp3M3lXSndaMDNP - TzhjZUFMT2RwcG9CNVBrL0lMTXFQYlUKLS0tIFh4R1BCNzJBQUJmbG1mTEhyM1J4 - dmJWUVhYcXFVYS9zL1NiRjdYL2h0QU0KyWn6Qr/22sEjnLzrSqoo3vc6WR5uUnj5 - +ysCMgfHXzF6qPaEF6CeXagNhpMm5/2tmiomuaD/op1ZehAYPhYFuQ== - -----END AGE ENCRYPTED FILE----- - - recipient: age17mugmkdw0y768a3huuf37r45eff9apyknxvwk3agg6xzsjmqp96q57tcty - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRQVdIY3dhS2tERllqdmxQ - STFXSFU3a1BJT2NQSkxVWmJoUlFDaVhpVkU0CnNqU2FpY1pnZDI4UXBHTjVZeExH - ZUhBZDRpVEZBajM1cmsyLzloVkp5cmsKLS0tIEhEUkJXYkVqbUtwME9XZVUreDJp - T0crb04vWHl4U2VGcU5nVFBwUlh6czgKjt2ivpL3mjqJJEnYFfjMh0B9guuaOVpY - 3GvAoDdCUHRmB8iAhmf6+WLRTklL7yHZlrUbYLJMGPY81zs95Z3UNA== - -----END AGE ENCRYPTED FILE----- - - recipient: age16gf76uustmyyksm3t56zcq9g6j8avy0wrngh8laknfq733s5welqedeg4x - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGUjNvWk1VT00vbkZSM0RO - VXkyYUR3ZEUvUXRGUFh5L3EzYnJTcXBGc0ZvClVQMEdzSmVXczJhYTcvRHJ0QmJE - NkNRdG8yMWlnOUhUaGpzNTlJNGFnZzgKLS0tIHhXZ0Z3ODRPVGZTNVk4MXI2dGtS - THBvbVZ2N1h6MWkwZ3lPY2lJekZXQW8KGrpLpzP64z0QVUY/vc/+a2WynzMSh7Uc - sWeX1nU73bu19tHj+DSPy45kXu3ZVm9nbJ24crgVa/G6qoimwHvJ/w== - -----END AGE ENCRYPTED FILE----- - - recipient: age1fnvlmhzju0yq908xtgags0sy85q3tacl2sc3w3vdd3yfp27xv5aq06v948 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmT2pFR2hWVGVoeDBpNXd4 - aG5zVEVCNDRDMkxtQklmT3gyeGNNUk45bDE4Cno0NGFPN25kWGlFV2pFRFBhbVBX - cExiZUlMbFdjOVNFeHdDNEtmQ1RwOTAKLS0tIG5UbjFnbTNLQVlYdjBmamtPeDNT - VU9MK0dQeWRUWnp5d05LTGg3QmxsMmMKazT8tiPAPZvQTn4E2ZoKwajmtNxnaXJK - cPhhieYY2DeNB+nLakultSShg4B9Ke4gC6VxE7JWqO3t49w/+lH0OQ== - -----END AGE ENCRYPTED FILE----- - - recipient: age1s5gcxtatd9frwctzwg54fqycsx2sa73ll36k7qrpm9wwyknkldtst90gn4 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKcVNxS0FrbFdlakxrb3M0 - bHFyWWlmWVpVeGZZN3djeFJ3RmFaZkNNdndBCitXQi81aFpBM3hrS3ZHcUhsR1hE - MzBhVkRPbGtlUDFHeGVvOEtIR3hRZVEKLS0tIExlejhoc3JocVp2eU1CK3FLNkZY - NmtGaGV6TEs2L0U5cU1yYmkzcCtzM1UKOIQ1uw1lsQWjwfwZF49hIwvc7eBDe+NM - 8HMo5IFvi06LJELym37BalzCThZDtGlbpXf/WOhjo8RRqAZoA2DY8Q== - -----END AGE ENCRYPTED FILE----- - - recipient: age1d89878cvt7wsa07ydwtexspku5gppwstrpnpph4ufx5pcd4fadyqgf6lvl - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBMR3MzRUIwanZDdkN1UUpQ - aytHMmhCb0xYWGRyWktXVFlGcmpYNGphQmdnClNBMldNbzlZeW1oTTV1RGM3WGU4 - dkd5Q0FqMitmOVArblpMcklNR2h2bWsKLS0tIHdhS1BuYVNhQlUzR2ttelNwek9p - RW44azJqUWgwbWRwM3ZxN0duaEllTVUKcaij6u7mCxHRYk+KrGy//d4XVjujH64Z - xtjbUM5moNNN7eQo703ozFHAqEm0Lfhv8/GslGT3W+k93td1EqO1Yg== - -----END AGE ENCRYPTED FILE----- - - recipient: age1ayupuxlrkepyvjk7xwgrd0pvcj3tfcha688mcuc8ees2hg3g2ersd0q3nc - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBnOFh3SDRYV2lhdGtpRE1r - dlhORTlFUG94eHZqaHNSa2NKb0JxT0N3b1ZvCjFZbGp0Y0pRNTg4MHJSaTc2M2lv - Y01jTDE0WFNEaVF6NXh6U2IzVnFoU0UKLS0tIFRRWDZkYjR3WlBJSCtub1RmWjF2 - YlU0K0V0NGE2V0JmbU9YRWNjUG8rQ00K0R3OkLbmEsqumG2dnEL4sWRftr9dINYe - lGeHp4gRBL9/z94rnWTNA8w9lMftOeBPuceuFOFTmsj3Nr2q4iG7ng== - -----END AGE ENCRYPTED FILE----- - - recipient: age1cq7wxnugpfvjk6dgqpfmc8vemzhkg75drkgeaqjd9fuylz5qh40slazr4u - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBsZG0zZ3lBWkFWK1FoNDZj - YVZ4d1pmSFdzMXNmWG1scFZXcDhmbG5pTjNZCk42SmN4T3pGeGkvbXhaeEM0K2s0 - ZDB1cUxsUC9OMVRrWnhwRVREYVVoZUkKLS0tIE05eDRQODB5bXEyalM0b080b3B2 - SkRDWStoZHRKT1l0REdhZ2l6S0ZoK2cKqjYPVM+ZBZCashTkyUGxsNuCPYPOqBiW - TM/2efF/xb56dSRZ+ji0TyG4s3bG8nu//7j/fZxAfg3f3KmUjnnplw== - -----END AGE ENCRYPTED FILE----- - - recipient: age1vn6ya0japzpgc256jg57fldsqe4udmq50sj5hmkywn7rxfnskevsx2q96u - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4OVVNRlFOV2dESUVLT0Zk - MlBNaVIxd0RMWnRUcFhKZ01HWmRDaDdmc2k0ClRDT0pMSG5IVW1yalBsZDdCT3VX - VmpDVzlVMGhJcExET3dlTWNYbE1rNGsKLS0tIEw0QmY2YXhic1BTOWw4MWFkVUZJ - WDBLd3Z6QmwxQlFnRUFqNlVqY3loVUkKMyH4boZCefmbiRpk5nOdooHar3IkNce8 - S/dBOVkGya0/khZm2FtiXt3lf79XloztWKe/Ix2gQPFquU+UfBCKIg== - -----END AGE ENCRYPTED FILE----- - - recipient: age1t7zagjfddns4yltupk7nx8xps4gh7mupyz85uuys0wd22cxj5qsq2hw0p7 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtV2Q0bU5zVXN5OTE2V3dK - emdMZnNrUDZ2cU40VitBSWtkdUI5d3hCYlZzCnR4L2RSYkwwWGRheTNlbTAwTldV - a1JLRmprSllaZFA3Wi9kWlJkN1JpckkKLS0tIEl5UFU1OHV0Y3U5R3l4d1ZsRWpG - UnpiOE1lTWJEd3VsdXJiQ1NMVWQzSjgK6YdkLGinSNX/1gI5cnkEeYDvPjsaSNmO - r0dCzf//+OYb+rtHi1UDeeHDcN7lxzftoE3/TA3bqkz92gB6KVa1xQ== - -----END AGE ENCRYPTED FILE----- - - recipient: age1rn0pxluh7m8dyeshek06d7scejqlrcewlk8xmyrwt5e5nev2dc2s3s78vq - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0eGFqMzEwUWE2Rks4YUFX - Y0JQdnFCVXJaQmFhaHhLVE9OYkw2cVRnNXowCjRwZnkrdnNYUGlVenh6OFlQaGZC - VDBMUzFYZmF4dlBZY3Q1ZGk3UGZ2Rm8KLS0tIC9Qd2l0ZFczRlJ2bG9JeGZEY0xI - eXoyUDlOS1JFVGd0aTRFbU05b1JYVTQKiGry5ImDk5BYbCLSPAdkdUCHngUYKOs6 - RRSV8qGhEEG7SvSiMHzu5noduq28wIyFBPfKacwcpvqCWCfd9P0RdA== - -----END AGE ENCRYPTED FILE----- - - recipient: age12jh5836w3cmazec8ql652p9h3a3xn6quztztzqxg4n0kz7r96dnqqlhxxw - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5RDg4NDU2QTIrVm9nQW8w - RlhvQnZwWDFpMEZTK1FtQTdkb05XOGl1MnljCkVOS2E2dk0vdk5FNEZpTHlERE9z - eVlCUEpMSzVMNmE0d2ZVcHUxMTZTdGMKLS0tIExZN2R2QTZGMXBjZXQxZU9VYkdj - Vm9NSEhxWkNXbFlSZll2TkRPZWI1dnMKPG7Wa+eNLCQ9Gxo5ehAvUljX23TLYzFL - XDy/X6X+Qgz2762XfJ7yCz7opd5GhfDK14y+9UKrqXPBdjubbSEC3w== - -----END AGE ENCRYPTED FILE----- - - recipient: age1gxg2peektn8x36kk3nsgmeawl73e54kaadqd649ygwrv43kkvejq2cw64z - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5bTVEU1M0OG83cFJnZW1i - d3VsNzI1VERlazE4YzZXZVZtVlRnMmg5NHk4CkpheVNFL2Voc3JPTWcxZ0REME1D - aTRPdmh5VFpML3J3OEZaYUlDWUY4T2sKLS0tIDk2bU9ub0MxaTJlblduK1lWcS9i - cWg0bE9QQTcrcktEZUtzdHVWRDFKdWcK0ZQ1bR5J+QNA/smbNiGvR/K5qWdBP8XG - u6ObgJiG1+zTI9ji0y7bLsEU+BgWE0GZPg8QLnyQ1CwxVr89i2lSaw== - -----END AGE ENCRYPTED FILE----- - - recipient: age1kn34ny229gm0rg7wlcvxmcyjtz4gka6f2vd958fde6vmuzrxcvcsufra90 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB6clpTR0NSajFEM2VuZ2hW - ak83QnpVZ1Q0TVpXditmeTZVL3Y0MTE2Qlc4CnorbTFkY1BQQ2svK2ZaRExkZHE3 - clpGcE9rYTFKMnpYUXB2NUJCMUd5bm8KLS0tIGFSRkFzY3JyWEhYUVdPbkRnSGJ3 - M1lNUitoN2Z1bFcvQ2oxWjlzVnRlcEkKhg3t/TN0jry4Uagkq+cRkT5AUeM8l8So - 2rRxSA9z1X3r3AoO6AsOZE4R7raNnIGiloeLQ0vBTsYzMo14JtY5Xg== - -----END AGE ENCRYPTED FILE----- - - recipient: age1y69f2elvmq39lc3t3ucq9y7wt675520n7rvug88qg368qsmmk47qvwrtny - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1ZXZqK09LK0ZSekV3MmZB - dmFMYk4vZlNTTFlqQWtldGFKUnlUSUpJdUFjCkxOOHZIUVF0SzlnaXFsN2ZuOC9y - UjkyNDliVDE4djdjZUgvUmppQXZhNnMKLS0tIE1QSkFtMGVNSG95MlBpOWkwR2N0 - czkvN0w2U3Iyemp5ODc4K3ViM3FPS1kKZT3T8sujnOADEFEwqml25wF/frgwSz68 - 878UHjeWqxkbFHa4YYtSz5redsmmblnHcsZIv+medSBKOQkWkb3byg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBINC93RThSRElqYnY0bGRX + NWlrZFM4cys2dzRFejhhRW55TWY3ZFRMMW5zClV3Y0RjcDhFQk5nZUtpc2U5dU1v + QWZUdXdydlpSMUdUVlJPdXB6T3hGSFEKLS0tIEhEOVRKUVdHenNWV3dmdzJZWW9m + VWs0V1RwUFdqcjlTb1NLUUN1ejRqQkUKMc5kOO6iq/6cNJrr2agaJq/OlVzNyKIn + tJ7JRN6OxpQPApfoZ22jA7fDDX17lpyAQXOd+b7Y805OSLkzvFNcKw== -----END AGE ENCRYPTED FILE----- lastmodified: "2025-11-19T14:09:27Z" mac: ENC[AES256_GCM,data:tZ6QzVPivueZiC9Qfb3KNZAv02QatgHRNnlM+Y0iV4BZkYoBjxeDojutizvAMwUarnubUdk5I6m2OZK1mvVDZKXyI6zALX4JMeT2xYQWRHYzHpOygLhhGwTFVhV+0C4jN+eJFF2cNf9lu7NuZI9ylZSOY8I3YKUl+l0l3CkXUl4=,iv:JSGOUq+j9T/NXspn70dfu0J4ISV6vVFZUe/Z1CirrJk=,tag:Hm9N55f9qMc056nSTR1piw==,type:str] pgp: - - created_at: "2026-01-12T22:05:02Z" + - created_at: "2026-01-10T00:52:52Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAwDh3VI7VctTARAAoWH0nPleLQSaRLORTZoXEI7lLvj3YBSSVwF26z3gypOC - g+fNlFw4CCL9i4BoWYpnBeIC4CLWapsza33c1evo1Mj3we8zzcQ/8eogaBCwS3Nl - 9Etq3pEntaN1XicnVFyXJ3npDI+7nJFI/SMUrxzteIKNOgujNuXQ9S6YbenwTmD1 - gtffSNb2VU+MWHawqDPgknSZeD1hVVAEQ+kPcr8k5C/rJyfVr9Bu0tp+FD8cILU5 - Xls83KQ0Mw+QjkkbPHTuO0RTm4Chj3aU8mJXBRe/FYfQLvHR3/OFiROXfCCbBLww - PP7Sbj5rfRdHp96OKxZEufZNAWzFXwWy8Q8xHTiBA5v5QG1IEqwjj4LSRBYqgH7t - PMF8o7lgPKMMPCHcUtB3+b4DKjUTMBOOXYJ2FsywgGYNjegi+shWcBmEX/V3vwG/ - GtA9JyiSDwUe/rC8CbUd12Mdej06uW9CmOtgQBscggYU5vSkj1hCkTsKC+NDMnQa - DCEls0CRPkTqbYQxbRL7+avYd/GCyQGLFnGBw/mLc7BHie1TD4IXmQXv3Ehupodx - zNUHJSIG9j4HqG9fVVW3wic4kIHgpPBCIoYyhFGISyHmcubT++3fV+Wz6EtLxn7e - EVg1123Aqz551vfYblQLhTKCEsnIB7T1tSSCiaHu82NIyNuN+vaJqL4jFOwcnN2F - AgwDC9FRLmchgYQBEAC+We+PL1g8jD+Tn5D5zficHDJbtXEPRdZCSuiTN2N/KOlL - vUkARreyIVXRtlHzRqeb3/yGJ6EAeKfYqp1D71rhf9RJnhwLbNdlLPj/GKRuYzcG - fOXUy5NgqVYIrIY5auqhaxnL3ndtzhS1jvMFlmp5A06Lol1SRRLuYQ7TkonR9dZo - e5Zgx2QESK0z8/uqsGmT5SDM2SB9H3QIYykxRaROVAMHn2QM4C4SBPjOR/ThNoET - pjj1UtqPAexIvOTgHU0uVPxrL85Ri1E4+tMD6tlqUETJEMo6W7/mR1X/UloVjlrx - zDYfLIBS5UpOwMIRUaSP/ib+TKX5A/zof3yorg+lMNNF6AePt/MVgsMSuTJtJ0w5 - zQNAyO1WDOlP0XdSUFuFKntCeSKSDmKsFije9inltbykhjSpYtJcIgDV5UX7/K5s - /Q47n5xGmDVowQiuh2/ImLVzRXEmBUUDBcNnbaQ/UTFOP8KUvePAdRk2XwmOqO8z - K3QjvZ9oh4SmthNdg5Z+QanVC5AUXsdBBe8sJ4mkd0UbkHU/gKtxeEGso6AeGEwB - 7xv7KEliVcQ/u3SHX8iACF/YTgWYBQi89Ex9lJzCRwBlB10n9PyCg7FEOBCoxfMf - N58Au+1IIqGUpBkB2jEG2+5LhJBaxnAuH4KgwRk4n96mSgxzt165k5RiOUx3YNJc - Af5PtY2TVugmbAJVNDCGlSA3gGV/99grl1LhHUVLe31C/B3TUV3BrvLpQ+UHkxOr - 6vbujII1GdfO8eY2IMX8Xa9gfNLMdwobOy7Bf5EUYuZFM5X5l7aGSu/2qkM= - =cAkH + hQIMAwDh3VI7VctTAQ//aH39kmsBuiu8hQdukid5k/KNtTX9HKgZNkm6wBp+QRHf + IfFCSz5LFTjhLAsqJokL9+i3FWcSQGi7YA9q/ZGQnnZeM8h2Y09tmCFt7vQBw8tp + eUayDt4Et4J6DVbPAol1PslldpkBaZdqKX4jUIX/1JL+hIqUv+VFfnOCRd85psFj + fD6x8UjQgpBIRjSZ60OWQMLQviQSMKheOIT9/TPVPMB5u2EYpBfxrKtw8/7ZB4iY + mbQsm2onThl5HPqvTV2U+TwM9hiO3hVpgDFk0G8BgFfw6dUl+c+dn80DcgpEpiV6 + yqF8fUrHp4Lmg6lH64i7s15wOP+V9um2DunVIWgSvFzug2P4EUtzhay+bz7s8ddO + pTBicvfN5D4ZLzkCKvSzhFTfG03JNkTq0qM56tc4OmP3rGfcZzfC1IwL+75Y+ZA1 + b59d392RNcQFkLVO3MHNfYB1NEKYz9ociuoKhMyxHrOME+wbacJhN1wbn6LWSAX0 + WGZVmEWix2sGVwNbfYWsxF9Wg5ON4uLST+V1EzAdxN2BXvHjJ2KIKh0QffH47X/Q + vmGA/GtdKSayKDz/BsGaNIxY5iZdvlX/2aupeofrHRM7KB4D/WxfREtdgzb2g2VR + cXfixtpLNX9Qkn1cOd9suM5WmjSB1UB/53mdmfTrJTqu194j91OZLVUOdIueqOiF + AgwDC9FRLmchgYQBD/wNvg130hfn8JpFeH+5mlTNTXY6/lxIIzkwAtgPUZl4usl9 + uhpPc4n3XzgqBY1AhGHixuYg1LE+iShOHknLa75pOCKnIXjMxnzO6ZtnsuMPVlOj + sDteupKZ8ke+DbI3NtsYX/+1h4PpYgWsHc6bnm0KeNBk9jsRobZMmEq9+g+9BYjg + xIVqdg6Rw0SKHbSEb7SFx23rvE/aa+Rm+ffe3o0iSHhs7y+uo9yJxKIzWzwDfXjD + QXk+Riz6AnK6pRIky0En8L9TiuQL8sV+gNvbZLoZoJviyzpsOk5aqg8/8wFrplD9 + mMyT3xOM1mBv+gdF7rzqYKJWdGUtSaRvWOgDEt9r/l8Ik7xFEwEvOLIQefwZ9jrp + /LRWAJqAnhqlzQ5y0IHjBbxwzjDuUdS/ylXZQZFndVkWFNvJ62eJhc8OmzQbNX1O + 611nkjhuGrCsJjzu1IuflYoUfNx09LEHq+tldahgeL4oha/DaODZbrezZ0PqD9GT + SBoJ1kLS5IXXBjA8no+IRsgkehbwj8PRaXekT2eRhYTlDUlyB2ttjPwwl8uEIrcD + v5pEV2ik3JeWKwN8mxyPOnmX8RYC2dVvitBXaxFxrKr2XM4L+Q/F/f7CobHmck0a + NGq3lC+L4oQ4nXoNHBkvYJ9cehbFvbAM9Ya2gJiBH2KC4T4OCm1Gw/WzUd1LbNJe + AZutn1deDF9+SJf8TogbMBSuYSaChLJpLT504xJh7T2kHHH1SbOMK2GealYN2XBA + W3VdIq1g92p0ZmoV6NyURg/QuiwdoKwSeQY5kd8Bvil+dQ/axbf8mwRWNy9Ejw== + =MDqw -----END PGP MESSAGE----- fp: 4BE7925262289B476DBBC17B76FD3810215AE097 unencrypted_suffix: _unencrypted diff --git a/secrets/repo/common.yaml b/secrets/repo/common.yaml index 353b941..c4aa06b 100644 --- a/secrets/repo/common.yaml +++ b/secrets/repo/common.yaml @@ -41,350 +41,170 @@ sops: - recipient: age1s0vssf9fey2l456hucppzx2x58xep279nsdcglvkqm30sr9ht37s8rvpza enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB0Tmx3elh3aHV5R2R4TU0v - OW0xeUpiNjFMVGJqUUZTa3RzUndkTmcrVmtzCjJoenlwcThYTU9idkEvZUYyTGZy - ekVzcFJBWEoveVdJWGowZEdaS3I0bmMKLS0tIFZjUVJIK0hWaHNZRVFzUkJkaGNy - ek1MQVEwNFljeUxOMHMvdjlpRmdPaEUKBIzaaa/S/4eWFzzLSREfJM7oSwYXdy5B - Lc/ZmLO7UdfiSdK23xHo/5AZCdttv7r6RgfJYq/T0M+Mtbr963SmXQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXMTBGU0FqWU1ZUXdLdVUr + K1hpbHpxUWFvZ21ZcWthS05iaVJnVzFiQ1RVCjUyZGtPQ1ovTVBrRFdsVEFRdW9u + Y1Z2cUx0Z294dHNrdytNR1dIU01FRVEKLS0tIDdrdERabFJXWHpSankzQlA5WVhM + SU1lcXRvd0hUenIwVWJRUlJJT1NLdkkKZ+bLWPFE2WaBDw3QQeJHt6TuaLZ6iJbN + AmjOG9lxVK3WHXgNMVLY2dTCuvqlcTlY9orfYkZ4NjUFeUGVO1oodg== -----END AGE ENCRYPTED FILE----- - recipient: age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKWnpkMHlXbGgrSlpUcms1 - dnEwS3hqVVR2ZEt6ME1vWk5oVWdweElGM1dVCm1FTGdkdFYvYzlXOVN1VG01TlJD - QWQ4anRBRlZ1K1lwU29mVXkxc3ZhRm8KLS0tIHhWNmRQQlZNOS8vNHB6TkNIM2NY - OFVBYkhabE8zaklOaXM4Wk9IM241V2MKEqb4SNuH0td53jJiHo875xMEPGfHcEoE - eY2HgUW53qwGZhmowsnpJ/JqPKevIx6EXtIUQlCIT5NQOz/yhSpzPg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzT3JxWGlQSlpIb3ZEeXM0 + QUxaQkRTam5XTWw2b21yemlmYmxHVGZaam53CnVDQ0ZWR0hhaGV3Ly8rRnc0VDd6 + dkxoVkVqVFVKUUhyTE53Q3FjamgzZ00KLS0tIHlvRHZHZDJwUWRkYUlzZWVYNmIv + UTNYOEM4ekdVamtqbHUzNlZKRFkvR00KfUBHAC2lEoLD4imP95l10MTxmhD7Cepq + L8DPA9e8rzbmjhhuGRLKg9KzNVbStWGBwpuqkpWUSKfSKZugodZvRQ== -----END AGE ENCRYPTED FILE----- - recipient: age1g7atkxdlt4ymeh7v7aa2yzr2hq2qkvzrc4r49ugttm3n582ymv9qrmpk8d enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvai82Q2hQVnc2M2NnVmo1 - MjhHSFJ1QWNRR3Y5RnA1THJaUzFDR0lHaGhjCkNTNHJ5cVpVdEdnRWxja1R6blVo - Z0pwckRyRUI1SkovSm5PS2R5VjNpWkUKLS0tIGw4dnRwMStlM3ZYZGVxTnRXbGxQ - WkxsczRmSGxWMkdFRklCV1ZaVHI3Um8KJh1pyWusUrjh0HikeV8o9EyAzozk5LYR - SEa110llM8sy+6VRndN+yUUc9DBejeuEHPDqHXoWCsskXhjiPx8daA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSByU3J2UlRCWis4ak9BYWt1 + L1FrQXg2QUREOTA0R0FiemUrMmZ6cWNtUDFVClBUZXRXKzRZSGl3Y2hUUHdpL29h + Q3M2cjgyV09uL0xHOFYrcDZuMlFhK1UKLS0tIFhDVGYyYlVnR0NGbmZuQnNNelJm + RlNCWm1qcVVlQ012U3pGdzNPOWg0dk0K4cexHDKWn+ps9qQU3wboJYxnIvFbY37k + FrSUEGU8eDb1S9y95pXEYQHDyCuGhuKXocuvFPy68pMeFV1lQXXfrw== -----END AGE ENCRYPTED FILE----- - recipient: age1ly2endyt0y9xyddj6yuj4nw6fa3ltvzlvew4cr4lzs6dv8dkavpqadmyxx enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBTVMxWHRXM2xiWlp1ek5J - dS9xMytuc2xWWVdWMjVEbmJZdDltTzJWQkE0Ck0wY3k0Y1dkOEtyZzFBejdlVlhO - T0llbHZVUHdNZiswZUxvcldmTjc2R2cKLS0tIEM3QzdkbHlkR1MxUlhQL2RwSjhL - bGdnb21ROFdhQVM3TUwzcXhLMkdOdXcKWEJduFjYwfhRu0MXkDm6Pb3eFzxO6RxE - haC+ymh5a5ElB0zOCh3IyfxA5q/vSKmzPcuMW1ZYNV+oJ//gX++ngA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOcTlBVUs5b1Rkc0FPSVhD + cTVhazVUdGhwM3NtU0RjbnFEY3FlanBCVlJBCmZyUVdNV21wbmNUaVJGcVR4RVJZ + dTJRQS9NWk11RmxWb3hZa242MHdzdEUKLS0tIGphZElybzlYT1NXYlM5RVQ4VDYr + TTc0c3NsSE9qY2E2UlhBcVo4SzVIN0UKIU9hBFSmEBzEg8dTmXN8pETltwfuZqkU + WOin+YLzyyO4dpI7fl4sRyensTu/XwyIb9l4MtnvqJ5ftUebB/FY0g== -----END AGE ENCRYPTED FILE----- - recipient: age15klj4t7gpfp69472mne4ue62pp6m4e04dmjyw7yf30qtqd3vl3uqjmcyxm enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBoNVJuZ0RFT25kU2JTcDRU - dFlhb0F2SGJPeXAwbU9rY1B2WXUvRUFiOGg0Ck5Vdmk0bkhZV3pkZ2V5VUFMdC9U - NnkvMkwxM0dqZkFKcmIveUE0bmIwSE0KLS0tIElBVzJGOGdVVHlZdy9jcWlNZjlC - NmlXRWVmeUw2L0xkR1lkS3JONnZhN3MK8+v64RUKt5JtrVeKp1UuOzmFDadmJC3x - VPmxNxZHPRTUwyt6vfM68P7DdodXd5jj9faDh5jOt2T8PWGkAT4rug== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBIelpweU1vMTN1d1FaaVBp + TGs3T3BUbG4rYUg2WGNpd01zR0JEa3lWTFRRCk5aV1kzemtrQjB4UFRsUmZlVkc0 + YVRiVzlZTXc2WTdQeXRjK0pnNlpKZncKLS0tIGFyTjFkK05UelV6ckl2UGRFeVh4 + RVNibjFyWmhMQWlvNUtuRkFMWFNya3cK76MKBHt0iIPr3T9/8jn1h3vb+f2AZ4e/ + ZUrI5sgD0bxjl92qY1FDzQD++tyX3CbY5lMewY03C6Xlm+8UkResuA== -----END AGE ENCRYPTED FILE----- - recipient: age1k73gy5em3js9zklnnkzp5hme9k04lny32fgahmzddknjw5c295asdyr4x6 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTNkZackNKS0MxNW5EMTg2 - UEdjNkVBR0FYeDBqUi8xVzdNR0NLNDlnamc4CkR0MHhSWlVWaVd4Sll3akdOT1VC - aWdzQStVZ1BCbkEyT1p5cUlPY0pvR2cKLS0tIGtqODhxVWFUb3ZQanA2NWZOaHk2 - MnlKeWtzVnB4WVZFM2RLL0ZFU290bkUK5S/R53pZDa2kHcN/BMT27G8gpG0bscOx - 8yoH3gcJjDAILT4JMw3lItqIMWAp4OIacFOr9+Mby4xjZbQeYPlqRw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQaHpkWG1lOWgvcmZsVWVL + c05QMHFuWVg0S0ZYNVRhUTNsRjVzMWZvVjE4CldRMFB2bkZ2Z3VUYm5hTzdCUHhD + OUZxM09mbUpvUVNXUWNBTnNmbGNBM2MKLS0tICt6Uy9ZenZHVFZzZzZzaG9oYVo4 + VTBnMEJCc3hCdHJ1WmZJTnMvSzNFNGsKAIg6M/eaPur6IRSU7pVCLGg5yiQsr3Fc + vSX6dvFKNghlYNiJygrBIuB85++WM+yywttDYbavC86ythu3TY4JrA== -----END AGE ENCRYPTED FILE----- - recipient: age1cmzh82q8k59yzceuuy2epmqu22g7m84gqvq056mhgehwpmvjadfsc3glc8 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwZWFzWGNPb3NJdGd4STJ4 - NlY0S2VRY0d5ejM4eFg5dTRsZVdlU2h2WlhNCjMzdlFqSFM3bGVTd0dyZmV5dytU - VjFELzl2cEk1eGlibCtnL3hFbnJkTGsKLS0tIFVaMWpYMGNRcnhTeDZrNmtOL2tF - L0VpMHdpTi9OOGIrT1Brc0pRZ3hFN3MK/Lrfqm59epkQOA1cmrw8uqYdVubacDwh - 1hrhxfcVLfnWVYHEbZTiB1w1UTIiod4iF03PBDKdA4vcjhdXy7pr8A== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGMnlnVHlRN3RzRlliMzIy + bk80VU5GV3JUckdQMGhjYVpKOXlNMGtGL1hFClBLNmhzTUZ6SzdyN2ppN0ZOdEc3 + b0IrY0p1SkhJa29GMHdvdnNUd0N5TzAKLS0tIDY5Rk9HcDcwSkhPVEVHSVRxbVl1 + KzRwVUo1SnlrckROQTBRVEc1eEZOWTAKrMH5tCxKzmvuGo7FL1TZtpoYlLV1obIa + 5OVekmkvGU0trhxybAgz+hYSofnLaU4r9N601c+fbHQk4ekjpdIDNw== -----END AGE ENCRYPTED FILE----- - recipient: age1wmx8y2hs83j2u5srdnfxljrzxm8jtxl6fr0mq7xf2ldxyglpzf2qq89rpx enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5Q0JqTUloRWhOQitscW90 - NTR1eDVudGVWZ0FlQzVKbmp4cEk5MFlha0JzCjhnMzBsMCtEY25rdHJTLzlLVmhr - bGd4ZnpYOXJhSXBTTnpDUkticlpJZ3cKLS0tIE5FL1p6S28zUStYUWVlYXJ3bkNP - VXYxcWlpaWNNSVBmOUpRcjRaVTVnWWsK6XQExwxdagJBtQQHIulfUpABpQ0qDccu - 2GDm3GwV4GXWF4eM6/g+UI1D/gzi9jUW9a0KCt04gRrQiOsok49fJA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSByTnJPcmwydDRaTGV4MDU4 + b2IzOE9vNFh3bG4ydHhwcmwyQ2Y5SFQ3VDBRCmRXQVdjZ3EyRHFQY3FYdVp4TFhj + emxLZi9KM2U2aGRMOVF4T29mZVpMb1UKLS0tIGtzQ0dFZlhHaFVFTVdCekI2T2pH + UEFwOUd4OGhXOG9MWGNnQlFVbGlSNGMKqw3juHHxNaEnU3eROfw/1WL2zfvyHEOx + r3p/bmz6VZVYEEVUlRmlFkLQ2TBKiFV9aq1fBa9HmbXN4b3j1G/IYw== -----END AGE ENCRYPTED FILE----- - recipient: age1mjgw3nxlnqdj04mgjz3wn7fj2nl2nxla4p2r2fn4nkvayfgp09pqllxzyh enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5YW5WMlJybzJVSTFTQTJF - Sk11aC81VUd1bC9SVUxUOU1tWFo3b0FaTkJZCkUzeGZBZUR2eVBRYVFZRmFFMVBv - OFJWUS9mUDU2ai9VaWMwOFg0WHRSVzgKLS0tIFliSGU0SkIyMnptWWVTemV0STFk - QmlRODE2MDI1bFRORWpmYVVabnNuMk0KeEhmPV3Q21YbkgRsHdcWcHi6nYSn2dOf - jITmcrBSjJ1wIxc0K8jl5s6YGnr0bFsR05+jZCZWilx/Y8m9ZkDvQQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4U0FQSytJSzVvSzNsMmNC + RDJZUUNyQ0FBSHpyUEhmZzFkV3ZTdDViVnpVCmhZRTFYblFJNStrdjV4djN6SHRT + N0d0YlAxbGFLOFlSRTRNaFUwQ1JpTkEKLS0tIGN5WEpmaHM1d1ZZOUxzVzNuekt2 + ejJYelJKZUZTb3NxWlZZaFA2T0FrL0UKl6f8m0ELOZtHvbcrRzDBbJOnmEbZkWQy + CWuoEuaUz8fIP4Yv8nuwyADczIQ4Tm/KMUzyp71JE7Xw6EcVCvkfag== -----END AGE ENCRYPTED FILE----- - recipient: age16vzhcvz8tyxj8e0f47fy0z4p3dsg0ak4vl52ut3l07a0tz465cxslmhevl enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBCNm9DREp1Ky9hOWdsc3ov - VFJhakJ0ZkZ3Yi9zVlZOMkY4UzhmYnVPT21zClZwNS9pVUlnWU14cXAvOEEyK3cz - aXNVMWRURTVlMnJuZGpmR0d0MGhkWXcKLS0tIEwzV1NRTVJNY0NoQk9lZmJPcWI4 - V1h2VVhWN1hBdG55VUdjV2dPNklFZG8KLlRxT7oDjsMBDO6ERFejIChHw5IjQK0k - PagBSFPkEiwfdzm9S8/n1ETGO4+NPdeaL7FUnGGdDOIw8nfA8Oh8nA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBnVE5yUzBrS05kV3dRcDZz + ejBydVVoaThoYStPVzRaU0p0VW5rb3hrcWg4CmhUeENSeXVxOVdrVWNaTE9LZ2hP + SWowMUt3MXgwa21tTHRnRUNla0VQLzgKLS0tIFVFK1E1Y3Fra1RVeDhJNUJlNytj + N1BaZC9hOVdwLzNRcDRtR1Nqam9POHMKwdPVSlwMcg7zzn/hdQw0Y0PHJyqdgui5 + 12QBHA9L8+AB9rFk3h/w4gEiMN/BgvR3a4rdGXuY9CA9ZZpgJUUtEg== -----END AGE ENCRYPTED FILE----- - recipient: age15cx90pnp54xp5gxlt02yn9j2pz968wp3l5ukdkx55xuecp34e5pszjku4m enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWdlRKbExtL01LZjlCL1BZ - TXZpS0R1Z0dROTdOckRBNGlBZjhERTNOdmdrCnVKOUlncUwycmp2Q01zOHVCUjZp - aTNzSFNKaGs4dFZINi8vaTIzUVdvcE0KLS0tIDZJRm9MM1dOUWJva2E4MlV2MHpu - dkIzdDg0c2VsRUl5OCs3WVV0V3NXb00KcfSgaOyZvj4bkBwhUfEqle8tyiza2gT4 - 0BOZzIDNjo3KdzB2w0XVuDNXWbAAtGz61N8VNEWpC5+5vuxpEuS9qQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBaNHo3cjZ4WnpCMWpwdFZr + RFZRUmxtZTZZVjlJZkhpeTBmeDF4VTdRM1VNCkN4U1pNUGVnT25OeVdxM0ttREVv + VzBoblB5QWR5K1g1M1B3M3BaUHpiVk0KLS0tIDhGOFV4RkY2VTFvRldRaTJpZ21P + eTYydUoxWTREY1pZT0hWM3VncFBVUkkKWe9bsP1eKeOnhPReB45dBpDS9zLSBhNh + M5YwCS30yntlPoie7P9G6OhNxUUB73GpC0YzSoLXvzYoQAhuFKpRXQ== -----END AGE ENCRYPTED FILE----- - recipient: age18quey88vge7xytclg2nuq4ncme86dg04lxwczqxczmdchnjg3p0saehsnh enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBEbnNrYzBHaUx3b2U1VWpH - TEs4OWJsQmpXMk5FUVVkS202WWYvbDdlbFY4CnpnZEpCODZRTmlXcy9kdTFMb0pW - bWRYMy9tZ25RZ3ZSRjZ0RHAyMzlDcGcKLS0tIGp0M1dId0VjTDJqSzFhdmxMZ2hU - UmpSRHp4alZldFpkZjl3QkZiS0ZPYUEK2SbIzKF2XO7C6a6b2gohULnXXhBRV0xI - eag1ZoM9Ih/fEvmHgCUfriHBxyAKXWT8x/vRm4fNSGTcHW5il/4m6g== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBuY0VNdktWRVMxdVZ2SGdu + UUR1bmVYWXlaR2xQWW8rL0hsUHBUU2sxM2lVCnFRYjJIUzBGRzJEUjh4T0tIdFJp + dTFpR1RkcWduQVhNSlJGZVZXUVVLNTgKLS0tIDhac1RYeG1YZjQxTUtvTU14ZGgz + clVHaHpITXI0TXdTQWF5a3lxb1QzZE0K6s2CaTu846VadMHsYMP3uIOcgzFeDigJ + IWgb+jQpcWY0UZ4pXMzu8nn/yNXd9+GKIy6sY/z9UgTe6bfzaIM5cg== -----END AGE ENCRYPTED FILE----- - recipient: age1ax5hqk6e2ekgfx5u7pl8ayc3vvhrehyvtvf07llaxhs5azpnny0qpltrns enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzODJCbGFoTWxPRFI0QWhx - UWpuNmxOa1dSanc0UXFDYXRBT0pJSWtGTVc4CkdueTB0OE91VFN6QjdKeFpFUHJp - Qk5VYVZUb0VWTmJnS2wvRFhYQlRqM1EKLS0tIDV0Q1dqanlJeHZSY0tWVnFiY0p6 - Z2VPYVRjVDJDMTJrbzdPK1NPRzhiVmsKY8luku16SftuXTjb11dEZAINtwXkvJxO - I7J/4mW7nvuAXeekBcQeGcagsFY3yWHh/H7Eh89F1TZ0fLQ6w+/WCQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBpbGFLKzh0LzZ1WEh0ejl2 + N1dMSTJkMEJRYkdRRDZ1WkNDb3RLREVPdEhjCldGVGJ0WG9ENmtVMmVZbVNRVE9S + bDViWGRUcktNS2J6NVNNR01zY3phancKLS0tIEUrWXlla3l0MTdFQ3orMU9iYXFV + dUlIQVk4SFNLMnAxczl4Z3ZyTTBscGcKiWJtWO91bThjPYkhP8pzu10q0eeEiff0 + b9VKxUFL1MnSXgOrEAbeluOZdWDEN16BUKLlTCUI9mzel3CZVtyGjQ== -----END AGE ENCRYPTED FILE----- - recipient: age1c2enwel9un28dcs4wg0vcyamx9a4a6g3walkhu8w5lqhmd804paq9d24as enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBESkc3eDFmS2d2bXRhWVlP - ZGVkN1VENnVpY08raXBuSFdVNVl6VUpLeW1zCkN3MXo5Z0Q3cy9oQUxzL2Vmejhj - WlNhVmhpaGVqYU0rNU1qZzI0amdmUTAKLS0tIFdkdWNncEpmTUVYbVoyZzUrYUFR - K1Q3WEVPZ2UvdjhTQWtlOWFSalVTS1kK8jdLGw/94bu4tInTl7YihQt1jL1upKhU - P4aDISIi0FxBhCnazZNgDzbkWHYRfWl4hg+Hpz1P7rcNZ6SpgfAfyg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBMeG1EN1pzMGdrclFGR2NG + dDE5NXJITU5lclZwVHUvRjJkL3BITkZSWHlBCjZWT2JRdkhQaWY1M0Fwb1ROcmo0 + Q2FWZldSRkFiVFV3SjZ5YmlzSXNiMVEKLS0tIExwWHdsUGNFSGRNQmpiVG9GRVZQ + UlI2VFFteVpEZVNERkFZRzJHdWNQZE0K/hO+xriuQNbutdysroL9KomNW7qdOgZf + zcO3Kq6TqY3B4EP5HttCwhIARonPy4XpjYvWqZVqSKnzEpD8dGoJ3Q== -----END AGE ENCRYPTED FILE----- - recipient: age1nanlervuderw4qskcuessycqy2yfmptl6nym9scgp9ky2265ssmq3u73r0 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTdDZCRkNtMEhpcjVTZ3Ay - RUdmTEQ0MGdsRE1aYTNEa2FiaEpDSm5LN3lFCnVxKzdnSC9MQjcvdHlsSzMrMzE2 - ekRDSmhRRFJxbzFJREZ4ZGV4aXVtT1UKLS0tIFZJRDQ2eVlqVWc4TkI4TVVoOTEz - aHhSeGdsSWx0V3NUaldTWEZlak1keUkKPvI0Rf3LTU4lLIXo5bRv9PgXf/VY9y/L - gVwnDKzlzyobCfqDAvQlIiYeVAbtgJQ22erJ+PscOBv8AIRbcRAS7w== - -----END AGE ENCRYPTED FILE----- - - recipient: age1kyue7mfvzuxprjz2g6ulz2mxlr57rgzg6lfpnrqedkelehley5ls3enwsd - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmZ21RR1ZNeTJxZUZhRXZT - L1dGbFZIZUxpSW80NjZnS2F0d0RLNlRJTHhjCmpGb3Y3SUxuSkxPMnViamJqRWVn - WStwZW1uYzZWSnF1RkxrbmlaeWlTRmsKLS0tIFhGcVJrNCtHVm9FWHYzRkNnZWts - dEM1MzRjQXdoZ0tWUU54T2crU0haVDAKC17PiuVlQ3aoopJd1+g2Ov53GqmL9wJP - m4Zga9cgdLA4F7RRt5TiTSISt+rfixAYuE4KOq5VCoXk1quGtu6wBQ== - -----END AGE ENCRYPTED FILE----- - - recipient: age1qpgj3ell93rzkpjq0ezs6t669ds3nyxx67pj50smx597pspz6fqs4jc6pt - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVMWM4Z0M5QUpENVA5VGVI - aXpnSFAvQ3hhMEZzV1EwSzQ2VWFGVmwzTWc4ClkxYmpEZnVjdVFKRmd2WHFxcVI3 - MWxTamZhN0JrUlV3RzB0Y1RpR251S2MKLS0tIEFZck01RGdteno1VmlmZEwvTW1U - QlJlRWlqdWJuVVhKVzlUSDlJTjJRVXMKRmQs3AIJqOShnBnxHdpwUByV6CTvDhTD - zUKN7fLt0AiI/yqM9O2uMou4B/4AZSAdGYnetHMUDKz301hDIVg6iQ== - -----END AGE ENCRYPTED FILE----- - - recipient: age1f63r2klnpfxmntswz5xydpa75ckgjqcs2yzkm0msqwqgz9aqgu0qwzr659 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhNzdpUW42RTNFdXJsY2t4 - ODdMM29rMjJUNjNsOW1BZVRkNlR3dW1jcmxzCnA1NnRoUW1lNzJQYzhRcXo1cll5 - amRNUEV6Wk5MWDBxTVNJRVE4bi8ydzgKLS0tIGFwc0doSHc0RE15OXk1V243R0hF - TDZZeHEzd1ZLS2UyMmgrM0t1YVVoaFkK7uV2IebkF556mv1w63LGyGpPe2T9FXaW - 4IAE7FMVwt9zJ68gqb1u5fF8TNqZNY4fewbs0fFurN5gfGeFwmVjmA== - -----END AGE ENCRYPTED FILE----- - - recipient: age17328xwk0z3znalpmma5rvp0lt5ghn5p8xfvnrtdxwsw80dqysacqj9j37q - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTbmRIRmpubGx0d2JSN2xh - c2RpbmloVzBOU1Z2NFhCRS8yZ3hGSVNFTFNvClN5Ky9aL1pvRlJIVUtkQlIzUGFa - elFFakh1UjZEYm5sN0NtbUhqS08wRU0KLS0tIHJXMkNiVmhHUENNT09peXR5S2da - TmNWdE9ZUWRpcHlrQVV2NzBsRGFMa3MKmjqoQua4m6Ry8TlVsgwp6/ACHt5/5E5t - vliGK3bjyZsoDhT+cvyvzDBZzbuLsUod2h05ZWn18bHfeqOQSUdWnw== - -----END AGE ENCRYPTED FILE----- - - recipient: age1qdzkn6v3xhrfjwe8jxz3945dhyyhevwal0narjtr8whf9y7nh3wsn524u5 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkYnYxNmRyNlU2WXNtd1NK - TGE5Q0F4eTlDbll3TkhSRERMelBxdDdqbDFrCm0yZnVVdUowTzFSdm9BdlVKZVVi - WTFWSmJLbjFYZlNzbmg1OEtnZ3hPWEEKLS0tIERCZ1RJcnlsTlBKSlNtM3h3T0E4 - aURhaHk5TGh5R3dycjhCMW0zZzJpdUUKs9Py9QLJcu9xgc4svNRPO8fnHJrHoCWh - 3LXs9EpMHtku2mit3hMb+UjWfpDPnClAyTdT2tXPcfnMkvjwdXJEvw== - -----END AGE ENCRYPTED FILE----- - - recipient: age1etgfym5m8hn3hxs6cgg757zcv5zg5n22wq38fuq59n7qk7nef5uqyg6vvs - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3RmlqUlV1VXhiTDgrU0Nk - cUdIT3ZSdWFyZC9XWjl0MjM4R3hBdHRHUVh3Cnhqc0Zzb3JrY3RQNzN5RkVFNm1x - S1lTT2xyNGtneGYyUVhELy9FaU5zWVUKLS0tIGFOQ3REemYyWE9xNHhad0NMUVAv - Q09xQlJpalc1azB5bUVtYVJiK1dmMDgKuypbRRM82RX0GS2AUEwFZuIqemiBvFWE - sTQXRiISo5ClGOfRu7zExgMxSw21N6DjrKG8jmghGfbe9C34b7ecag== - -----END AGE ENCRYPTED FILE----- - - recipient: age17mugmkdw0y768a3huuf37r45eff9apyknxvwk3agg6xzsjmqp96q57tcty - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBrZ1BVRWRoWmZIQ0ZVaHYx - VlJPOVp5b0txNmFHd1JOc2piMk53Tzk4OVJjCnEyZmw2NGtZRFdnRWJwUThlZEQ2 - STlzOWc5TEhSSWJCa1JSNDdZaTZoYVEKLS0tIEQvTjJncmoySzQzeTljK1ZXUEd6 - MWdDS1FVOHh4RUc1VXB5Y0s2T0lOKzAKX5Syx8R0/Ns22cShJW+xw3ByiY7b+M9R - PsUKdGiUpyQZ7dl/zsC7/x/DRtRZQ7TECfxZNg8Eh6qnB8LavhOILw== - -----END AGE ENCRYPTED FILE----- - - recipient: age16gf76uustmyyksm3t56zcq9g6j8avy0wrngh8laknfq733s5welqedeg4x - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB0d1pBZGEyclJGL3laOG9U - enNYSFkrUnJtQlRLeVpsWFVmQ2NzY3dkYVdvClNHQVlmZlVOeEJVcmg3MFVKOGFn - OXFob0hKYlBQKzVNUHJjUUt1cU1ZblkKLS0tIG1ZWEduTkZabkFWNEEwTWJzZFp4 - Q0Frd2RXUjRvN3c2QnNQNjZIVHNMTlkK2/s6sMjUP/Bmy3OYBLPIKmO8E255N6GE - 0j6mK64ziBsiWZI19GxxvFmuJphi2bO7Euel9b6a5q2rdcWvayc5Sg== - -----END AGE ENCRYPTED FILE----- - - recipient: age1fnvlmhzju0yq908xtgags0sy85q3tacl2sc3w3vdd3yfp27xv5aq06v948 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkMndESVl1R3NydWR3MlI4 - bHdsbFJIbU5uMFhvUUsrdDZ3ODl4UHlJU3lJCnk2Nmp5ZFlGbzdhQndXRTJFYys1 - V1Rjd2xMZmpRS3pSazhpeTR4cUtIaWsKLS0tIGFBM0k2bUhBVXIwalVsbXJqU0dp - WnJ3SlZIT1hPVnNBd0phUUJBUDJSVnMKpKoMKA2Ii5ixpqY2bWHDbtYZVXBECXcn - 7oGFjbnlutFnXgYX5RDsVr9uscGd+GmcVai9S3wPnApXeUrCWNukwg== - -----END AGE ENCRYPTED FILE----- - - recipient: age1s5gcxtatd9frwctzwg54fqycsx2sa73ll36k7qrpm9wwyknkldtst90gn4 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBZMVh4MFJObDFDaTVpVXd4 - RTFOM2VpNUtwZVV6Q0JsWll5MjhtMkVYMlE4CjRqRi95dWdpbk16bUZmNHZIT3FW - bjdlUjM3UHYxRm5FRjVCa205SUhhcjQKLS0tIGpxLzRsd2Q1ZENNVzR2d0NZd3Vo - UUI5UGpuTHZTM1BJcUY4amU2c3VCbk0KTXh7pQJvunFsGp+vhkPTB5V5/+6RAQFe - BM3AWFpf5J2ciaQjk/Wer+yawb+JxyPl0HPNB9955TowoOZs/Kqplg== - -----END AGE ENCRYPTED FILE----- - - recipient: age1d89878cvt7wsa07ydwtexspku5gppwstrpnpph4ufx5pcd4fadyqgf6lvl - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBZQW9DekZmcFFKOTJiV0pu - aDVyMWtYczF6VkRFVTF0eFJ1eThBajFXbmwwCnAzeCtmOENzbHZVbUZNbFJLL0xO - R3FsdXkxWmI0alc5RThSR2NMWEx0cEUKLS0tIEhQcEFXMHdwUVdRaHBNNGdqOFZu - RzNDdEJhekN1NzdMSm0vTk9sYVhRYWMKF6Wx/LS34eXza0ktcrkhWh9oTXBUGUIv - 9jWjRbD7goJDOuOoQsT+UroGfK1yt4ShBauPZvAE8fFTHKiFk2seqQ== - -----END AGE ENCRYPTED FILE----- - - recipient: age1ayupuxlrkepyvjk7xwgrd0pvcj3tfcha688mcuc8ees2hg3g2ersd0q3nc - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB0M2tHcmVTcmkzRWZVQ0pv - RmhMSHhPQkNkS0Y4Q3FEalBMMnp2bjBObEZZClpaRGJSZzJ2TGxMV0xjaHBOdXpv - R1V5Yk5JT2EvWnMyc0FtTndGYUxkSzAKLS0tIEVnOUtKNTJoQ1FtWldQcVB5SjlR - QzRGWGRWcnBUOXJCc1pZaHRaODF1ZHcKh4DpR4FeJ+Wa83xQCgEByHap6XW90g84 - XDFTrsQYtMQMd9tmXeO8Xb/aSqo+Z5tHzoyZ9UuLnXygm6W0jXM15w== - -----END AGE ENCRYPTED FILE----- - - recipient: age1cq7wxnugpfvjk6dgqpfmc8vemzhkg75drkgeaqjd9fuylz5qh40slazr4u - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPeXlyUXV1RWFSY2JaQzVm - Zy9ReFlLU1BPeThna3FpWVpiTTRpbFhrd1RBCmVHejlQMWZiRThSaDl1TTNSRWZ0 - OGEzRjgwZlpxc0VYbndhc00rM0R4VDAKLS0tIHVIVnAzQ0VHQnRlVXU5Z0JvbVVB - UVptanRQd1p4b2NjaVZTOXNzdGxFdmMKowNCM2GOIpeLvE/VHWQ+ygC3uIO//Gr8 - jBIaOSVPDHMCrgxOnmjM2R3O5C7JYe0DdmuvdtYogR6aJIzUsjK6xg== - -----END AGE ENCRYPTED FILE----- - - recipient: age1vn6ya0japzpgc256jg57fldsqe4udmq50sj5hmkywn7rxfnskevsx2q96u - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBFTUY3SmNiaTEvTjYxNTlr - ajdEME91WTcreGNsNnY1VWM3MUtaRmlnUVRFCnRVdzBPVFF6S3kzNjBlSktjMGc0 - ZkFoZGVwSHBLWFYxUkk2VUZKOHNZaEUKLS0tIFRIM2cwTlZFV2FlWmdjNTIwYWFn - czNGTURCbkRLSm9EL3ZjTmdpTlhCcGMKIiyPflqSR0XYltQosek3kJ/K4Mli0S5I - 3P9XsgWPzZEL/9GtzzlT35j7I1DCguCZ0FjwYgaNpJoWvrGmZW89nA== - -----END AGE ENCRYPTED FILE----- - - recipient: age1t7zagjfddns4yltupk7nx8xps4gh7mupyz85uuys0wd22cxj5qsq2hw0p7 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhQVFUUWxJK1o5Z2hGdWxo - ZXF0U2J3MFNOd2x1UkFqemhzVWxSZHZON3dVCi9oc2drWTAxbGtyZlE3ME94R1gv - N1lhMFNNblVRSnF4QmpJcHVxcSt4VzAKLS0tIGxCRW5xc3JBVGd1UEpTcDYyTlQx - OG5rNkpnNHIrUktmM2hSNUdjSkpsSjAKfZEswHDyrgfcS8x/i+BsSvGoo+2eqFXb - go7pTPJ34uDJrJS4wNF9UXH6VYayYEgroaG+zA808HPAgbpTbTPCPw== - -----END AGE ENCRYPTED FILE----- - - recipient: age1rn0pxluh7m8dyeshek06d7scejqlrcewlk8xmyrwt5e5nev2dc2s3s78vq - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGZHdSeDB0bGR1M2dNR1lt - cmZGK29saUI0OHIxRExiYlFqejVsdWk4eVM4Ci9kd002cEVvZFg0bW5wc244cjR1 - UFdQYlBKUTBUR3NqVWg2WHlzYU9LbHMKLS0tIGNRRGVyc0huRGNXemhhODc5MmFS - SE9qVDVvbjN4TjdaRHV6RWUwTHBGejAKIrK03kbNdtQa5drJ7SwIg1L2xSMFf3+G - mknfqNXRucxpaXz/iEOQf6n7bwFyGoqHaLiJJohDFebag6mWx0gCEw== - -----END AGE ENCRYPTED FILE----- - - recipient: age12jh5836w3cmazec8ql652p9h3a3xn6quztztzqxg4n0kz7r96dnqqlhxxw - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAyZjRoU1JLSjFBeXpnMXht - N1o2Zmlrb1NldXpGTTJ1TkNoL29pRHZZMFdBCkpIaHpiYmJaZHZXQ3I3Q3RUWHpD - MUtUNzFpNCs3OFZKSXRxNGpPLzNYbzgKLS0tIDM0RUVEL2dYSjNOZFg5OGVQWUsv - SmFMSGJGVVl3T1ozU3F6QkdoRWhpdzgKi0F8UOAu+tI6rLzLMo3Cjbs6CzX/zgK0 - DcP9H41L28q2NO6estGgywBzv5yCCP6Telr9YRYJJE0M/VQL6czH5g== - -----END AGE ENCRYPTED FILE----- - - recipient: age1gxg2peektn8x36kk3nsgmeawl73e54kaadqd649ygwrv43kkvejq2cw64z - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxN0JqTGtlaTJhNndRbjBk - SUhWLzhYMVlJNlVqM1FlMnhHYkpIQy9NYlJrCjUrc01XSEhhWlU4c1lzK2dlQ2l1 - TUgvdFdFQjZJaTFOeGV3R2tyMVhvZTgKLS0tIHNaeG5FSjc0Z3VQanlER1N0eGYz - RTBLcnArdzB1eUZaczFZdmlaaVFMZVEKiK9LwpdElYVxmnzYQ/Yzu/jbd3rFeSbJ - V4rUahiTL4YG0Q7yI6qVEeMuunaXbN1bbD6WEft3H24uRxNopeWqUw== - -----END AGE ENCRYPTED FILE----- - - recipient: age1kn34ny229gm0rg7wlcvxmcyjtz4gka6f2vd958fde6vmuzrxcvcsufra90 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBacGFBY3IvUTh2TE96aitT - NzlxUms5em9FZnhtRlYzVHNHS3pQSmpJOWk0CnNjZTNwbjZ6RFlwNjNQbWNSMkZu - U2dGL1U4cVZZMFcyeXprdlF4VjkwR1EKLS0tIHpRcTJlWEc5d2ZzaUN5TGtPd2hO - RmJFcDdoUDl3T08wcnZ1eGI1WW8rTUkKI3wTGR2wHkbn1F6OpDiqHNTgIRjrf3IK - vJVMer+X/gQ1+ssJZxlTHNVySQcgr7vstkcot19yd6OwmrPvOowSrQ== - -----END AGE ENCRYPTED FILE----- - - recipient: age1y69f2elvmq39lc3t3ucq9y7wt675520n7rvug88qg368qsmmk47qvwrtny - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkbks4R2UvVHFPTkNJQU1n - bldkWVhaUWpZQWdPcFdTSFcrTVM2a3U4eTA4CjB3L2lZakxxeEZKZmNnMlF6OHox - bVRlc0JlTHNtc3NBQmlncWZSSTA0WFkKLS0tIFNhbkxMM1FNaERpTk8vVWZDbTBX - OVRuazF6YzBRckJQdVlJZWZrbThyZGsKxMDtLfQDPiHN934xE98if3cFHLwFpNdm - /RGFLObFn2saTI86D83xmmjgjeosxPX47JvGHyzCHSVeA8Hd+Qp93A== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBML25tL1RzZWI2Vm9WMWpa + M2FGckxHVkZpY1d3M2ZRZmxEZ2VHUkJJQkRVCnBreTc4eGRtbVF1ZTFHVDNtMExI + ZHQ1ZUwvWjlPUjNMM2t4dEI1L3JaY1UKLS0tIEpuWFN5c0VRSHhuVmRVRmp3ZjFW + QnlWVCtKMXhZWFZzVEZMdkhXcUxmbzQKqscNABsPeruY1L9qu2QetnP94zFxiQsg + bTrGvv/wBpw1VddO4xeCJSsr9izXE2NSjYKWzBAIGKc41protZ6z9g== -----END AGE ENCRYPTED FILE----- lastmodified: "2025-12-23T01:11:36Z" mac: ENC[AES256_GCM,data:e0WoFBQSR5q3GOQ+GMJGBd4lNBAMqlnVjtUq3snxrdvcytb9YvKnoYQH+GjbdGIiqrND8pOVnZt34AjkR8YfpWe+VrkP3Vj/3l+1GjF1XIHbzBNKOQHdYPSVsH2NZwftcAdphbStf3GTlb+b+cpTn4a9Y4pTNGVoOaOA1tBr8bM=,iv:sPXktitTNMkBhHr6E/QRZCVKrgyED9/o9hiivbObACI=,tag:tTNr4UEf92UrtI0Jvi5o3g==,type:str] pgp: - - created_at: "2026-01-12T22:05:05Z" + - created_at: "2026-01-10T00:52:54Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAwDh3VI7VctTAQ//UcF/Q2fFKsmf3HFpNrSG1SB/Pm66QKzQ8iYFNuwlgOnx - UwGpoer07OTbUwlVEDd8lxLDTw2V+oycelnNAyqpjrkh9lzIupAsOAMFN0BEBruK - Z1Bw/uhjbEmOSKds86HkUly98Zhvgl8vY95//9kD6/mUZ+mKcRBRin798UBE6/2i - hF41LQ6plw+COt1SnIUcUaicTQYUKnP0WvUCEIxNHLamC3jYCISgUx7/HDDE3/nZ - OMUg9hQKd6779qN+QYiIxxd+f9aQGyeiDYdW8EL2BfclV743n5mWWx+Kn1CDkFcP - T+Bs476BpgH28CGQ7384m86qLuDFpyyA1YlctNPoqN76fZLlcrCIFD7maTtbvATI - 1+mUmi7DEiok+cRb1ns3EXBq5LTaC/UobZAnj2svK2mwPkxdOFPHHRGG2NTObfHi - 4zXzBPvePsK8cYyum/p+hhZZzbNaCJxRQDQrkO3csAdu9iQ3tHhpXINN/+JyGZe0 - gONnt0w4/pHZhacrir7Ok61T42hPmtQn+lWYBSHoLZi4f+9LaqsYUgjudm7W1tLE - OcEDNz/mzsqqvYYIIUEpi20/zr+ABUWlkd3F17DPprt6mVfc7Ma3RJtB6d0CRaTB - IrdccCB+voZRX+TYamgMqRIkALQeMwrujI1f2ytgGU2RcLINfHc82c3iobO3pWWF - AgwDC9FRLmchgYQBD/wKXn0wbow5uxX00RPLUOB1a7n0J3p3on+QDr5mv2amhrVa - 8frHwy7xCeE7DQ4IaUBlo5ttiJqqqgTwfYQiXOmxZ/oOz0Ovpmq3evjjmv/Gkv8W - p8GgTULrHMBAsHzl5tVCgow5QWlehyROQn513K6wWxRAmxVZzDVCF8XK9lkMDyY+ - YoRALwni12i9O+XsOeAr/uaurhu0Dx5GfYfHJjLQc9XdLuyqy/shhZvgnVrJBTZ/ - QY6A+BhVyh5q8LIHxtUFH0PaiHeYeVF8LWeFG2SNUG+rkdyxaR62tYLwkbntszZV - EOjlNo24c7BJJ/h0zFRNIaa+hRoUFn4qqeIZ3KmwAWaO13KoNejLqAe+h7MmqhDo - VVRIhlcIxas45brh7O56oDTSk6znBE98WKGtRNSmS0lQxy7t5bHa7dJaqSqS3jgr - 4ThlUDbvi1L8eUV9Hpzc2iG8Il6yqmh5i+yMkUVmp6leTTJDCgNsMwrb7VKoVEi6 - DqvZkWB3ZqjBgxsm2ud/kRXyWqNQDV9wV8K674ciBY/0mlpwHSvFwJ34biAlUuHA - al1TT0Sn9L9zQbie+br8e7IdxsGSFZqDcxlV6InlBbxEVPnqj1FRspiQUW2QGu0T - 3xyT8t9mXnlefcqEiVm2EjZ908cFr4EgMGymBJvP8+ueSyOZdJ16QApXrDJWQtJe - ARYWMv6h9EWX5Hz5YzLQQ+suPA9Z2fGtq6U65uGOegKRkUUQbUDFx+wN7k/WQtHp - lcu0Nrs94oZLmYPtL7bAlR4OkjIQbC/5/V7NVEwtj91E3eiJCZFmZKSlDFd6Lg== - =fBnf + hQIMAwDh3VI7VctTARAAwMUZnWmCPACr88oJaBkqzBT5YXBDOxuhKRPdMllXhfji + 7u9nvjbsW5a1+Jp1hc6mB2tFwPeXs9jTKDbYdAsObaDGPgljNm5ONkijyFISGziq + facsQwWGtFykROPxT+Zc4deXY/zx/WLI40jyRz6xyduKpa95tYN0GbfjaxXP8Cow + MVdPqAFxQd3DHXkOvoBqAa08O79k02d+MUOV0Itg/+f5caIkksbAgXIAPsRob7LI + d/bjl+iVfKJLBPRhPtxNNEr/f+wHyfsApZb1EBM6wbGkmPxDRPlTiqHdOIuu2XU7 + aDf/62ayla+1+HnWH/2zKAmf3yZ1BUFJDqLQxOwexpVB6HPkS1YyRJTbw3uo2hrj + ixR2H0uishnZ83+AxYlRfaFCC9zioeMUZL0BV/vlMgIYRWNIJ5fjwNExJqsI0Gdp + 3MqAGdxFiWY6dpOfCXZmvR9MN3Iu52qe7rq1miPP2YY92bBDfhP3QQB38MM0UR4z + Z9Pt6kz7tQS/NNrjvlf2vWJ/qh6UuGiDRX/x9xfY+jaW3EGbO6CxeX5oPpGQMupZ + 6ofeLAxbTiVm7f/rNCIU7lKubGZ1QBVagm4Z6zSNJ0DQzcfa2LrYLhl8eqFPcvqq + 4gH7jd21Yp773jEQLhwRs2lLIgGZoWDyUy3kfNam1QeK4wwBrYtnDs/nvAcCws6F + AgwDC9FRLmchgYQBEACzYSZnIf+GQv0jzTkCX//gOUG4iuRxmIopX3vl8j9WWAFS + vboerj1Oxs6RgqkXddtEBYIevjD+bSzPdhby/hkE3Cct7oLWc3BDK4bp1YksEFWj + v+K9ctkOfyh6ZxNLnOOQG8hFxEbMnmFe1cKuCnn8ARmv0xu4NaUJoG7Qb6DgHYDO + eJZyWhq1LuRx7ILxxyG5lLj7IfPgUofQPxKsy6ifwk+XtvWFLdhacf1ClC+Z4Wlh + TlE0yIdktQXxsSwS5ZSUzRl4coeQjP7xtWUGU7qPGkflFW75TtJAKKt9JlOZQe5g + fsQfXgAGzLdHiNSNpScm27napu12zjsmLe3YbYxTafxVRgccQAL0TppaqDHhhPmn + qspb76rvid1xGwTUl5MLyEcs6E+N24tshWP2lmakk9S+sRhR1nNBjq6CT++JDbMi + N0vTWz4lzAQLYKdB3jp8Hx0/fsuj/ImXjW5Yh02x4vhrwEyTPk4wdoLfIuKm9Sat + SoIhPBo1kkIRHQXpdG9Xd1XsEuqsbR485PclsOn2wFz0Pi/MA1fc6gFYWgw33V4B + nSmbQoZdJAtEDxusQQy7q7uKOQ8cgTSzcVzDrUB3+rIVRrTIqnfTfPXF+mEhu1cK + ZNlPiUXGNEqo1OUog5TZ3glj9fffL+kvNsK74/Zway2WndGO4V6TxgF1KZWcuNJe + AXpNAjTHSu4RMUpmKV7QTw509liC/0ouaX35MNmVxv1uxqS6vLQqXjQXksJdgfmj + xVpXUdwa/oG0B7hcXaG0Ttrakwyt5jmQEkf+v/LzljIDLEhZJQg1SXv+WOhsuw== + =oawp -----END PGP MESSAGE----- fp: 4BE7925262289B476DBBC17B76FD3810215AE097 unencrypted_suffix: _unencrypted diff --git a/secrets/repo/globals.nix.enc b/secrets/repo/globals.nix.enc index 2de962c..b153729 100644 --- a/secrets/repo/globals.nix.enc +++ b/secrets/repo/globals.nix.enc @@ -1,154 +1,74 @@ { - "data": "ENC[AES256_GCM,data:32cZWuO9seRvIz6Rf1qOstMEiS3Qjcnv96wkr9I7S5COnjof13JdNPhgIn+0PHHtO/UBmreolO2E0Dd5QcWtgJgUr2tFvRvWyD+gtQjzpZg9ndqRzCoESYS/OjwhLkoFGGiEmc4rMFYMrxiQivfYkUUmPpb0MlVyVfA7GgjgHFfDU9DnHt4I1x11OVcQmziNJzSrSH+xnvTH+X2rgDZySrN6UzeqZIHphAaKcaAcDlMXWzxDZUrdgEsVpxRMjWBuVZ4gZLeGvi5BQhBiAu6s9s5dhts0okA6m2lqInFui32dyIDDw83ZXnC3KwfyRbksCuBp+7LDWUENGEOxwS/AuEFsVnfM7CEwoHFY3a51dsSVT+m5ogT0pEG6LTG+aYwOlhe8+ToSEy8JJqo7GVDerzmUjeb/jIFVCZNShqbFdswL8e/NsThEHxJgVDOfmElNYpxfReaS1ApwwrFdQj3eIY7lUJC96ivbwb/pXVgYru6LYtnHFj+mRdfv8O13lCOiYyEdF13I0RQ+i1apy/3oO9eHDYcSJryZWPMPO+16PbkMovjmbdvnqygLLJQARqEnJ4rKYM2XdACz899KfExNLP05EclAsZnId2KFZfdVBv+yJUgJ9HtvFccKtYwJqO8Ko7J2dnBSq8cmCk8QCZGlZul1YtMbFOMo6fv2JkEcas1VoKEuTx3GFAsyjxZKLccASxBfxPpE2if3HrsoU86LNPxcTn5MKR3njx9MkSdEah9tA6sO4PujO/wjlCyDef+wDC2j4fVFk0GzB35m2PGK8E6rOXRX8mvX70TaJhka4jXvrxsTYBW+G5c11qbSST3MVi2Iz17xOfla866M5fxbHbrQnjLiO/D810g42SyzddAfdg7iSjP+7OjC0Z/eCwS9Jm5X8XO1vNvpf9IwEgB4H/BbN+7r05FKZFpVzYakt6n2oi7hKK++iAP5GARZFUPW4fG0QEBEDp4rVYgjTpMaUQdrBvVuafz7KW6uYoz0VUNLJIE/vzsZj4ts2HTgzLYnZ3HwDMPqwM2yOrrvjBw/6/dkBoLLorpqoTyJdD/2LzLI4WJHj7ypC5SrUiBDLK4xtl4xYaQpZ+Vn87I2/b9UWet2hUu1W7/uoo4G3tqntJrF1G0Xtfuea7m7d9IpfvJIDUBm94zuX1sYvrLB2pNh5Yq4zf/D1EI1/voaze9LUm3ijz5L5ym+NRzcC3CMZIg5qLgmMnlVx38+4udLt5+R7zBugT/GHoZKLPdjWt5oIUIaG7MiOqaIpxNPudXYaPX3jGI+1YSVdt8pDdwyHG2kHtW7woIjC07EV7hrf9swWdJGyj03mg5VKlezRixrckLsO4CfKcVTULM2g0xQ7rNo2GxETnnfqtqnIk8fd48doN6SYV84qIHMvCSyhZJvmfStRZLOugomAZQkabi0thjep2WWITVnyxiEpDjLHWFKsFKnd/II8GxzljhwZy+bYgZz+mDC7MUuDJxQTwH+TKp2gAbfepfCCSRYE5e1lJ7/KVU8pWx23pagxmJzfOCe1sWVMHrNnf3xpMNojlXzrL9PyEZx5T9Ul9Y/8F/BhqYYFo3bXsMem/n10Ze5oPjOkrpr5QcpfyMcpd2OOEv/yfak3K97qPUZvkIZaA6qwStNfmV/zinTK7f3vMPciP3uPducAJMhTM323//x37+BBkIJbnDwi3Bo2HXtQEb1th76TKC2A1n4qcw7MFbz76IShnJ3S/dV6mrtBJvysQIcsYp1aohb9Z918RIjMH8fLcvAIPbzpkeMlv2neMM3ArKiRvu3athMtjoPfhFNHyEs+nFXT+wjGdzpHFMLyEgvhXvVJL4M3alveO5yzcuR8UWfz/VrvFEO+XlQ1q5cVgTFIX9gxq5WJLX1ZsMyFAyGaFTxEPiDBeQeGW7+ywlOzSRydSjf0bPzp2OVWFryUlR44VueNYN5lqLZ8Rljl5JxW3n1Y/sy4SDq3j0JEpn4vF59+6iEZ9icGUyNonZFLRLbwxGGWDff4VLMQ41Mf1eC/M+gpPpRzO+VRX72KVKQ6eQ3uMJHd3Cwpz9JNkNtAh5b5JIg1JbjPY8Xm1dx5qPlliHW8vsibWupPIZ0sujuFyspBKSh7skyO9IIDuV0X9LAwQyG2QDpYhsGPvWB7z0XmEqvANeQbCDOpbTQEIhn0l5ieigzJ26kTUU1a/wEGv0Qvy07/JLXD9GD/B8sDbcJKoCyH1I/un51An81DTCzRoUfvhNS1YZLh3XzXG5u1ovwrOn68ULpKEx2rurot1RvXhB+imlYRp1Pb1Tjfjo6zB48sP0F7oAjWVAG25OuHsEJ/EGCfFMnvgIppDlIO9XvLXGdr4wrLnbK8xMKE9mug4S2v+ISmMzy4bMysMus/fSo8DbmClh37OumU33mm1nQKZjdyqlA8dVe9avGbNFVegRQUJegl7JfCeTZWXRQsK4amdqEt3/oZru6smaczxIALF8Nqw+k7uQTYHCectsOBbSB54rDW0Zg8obXpkubnCDdykgSsX5c2XYhjAUfuTpu6j3IwJlClB1Nd3IbzqWvcpdl9VTyDZFXcYsEH/eobF8YDi3mve3RvNOd0GnJcEa4O9bYTzmPZBTL1VupnIiJftOTxE2f279y/MF8j//mPXs8r3VhLVo+fZwAX9MhQoJFi8gcW1gfKHmaOT4sx2m29T2HGHt9xHSj6EWvsmi3HBE0OTmLswF+5fIhq4kv85dmCJ6bo+CoOyHFkTCvTV49poZCN3+Er4Bh84/izudIYC9l4PD9cU0ID/e5NNumlM+omyHshR0u0gqJhMsBO5TPyBMmNt+ecF8zhVuXQUXFKOZspF9lXr9ZoCzS9qjW/F3KKILXbcCVYq9UNQV2Cd+XnUQlyr3BEBGWU6LESdayZex1P0m6SpSbF+/alFWiMtC5U+Ub4xaUw3cy2Wo8lcHCZEtFZ1oIn4+Pt1ZYSudu3E16Tsh1nQlwvq3bsR57Q5Kq5UHXWJldWNu2dL96tD9mgBD4ruqTeL8o/osyZkyEajNKiiCw86CVUSlA/gK+t9c5ET2cGTfS7zzh9QCafjLRmySWH8sHgm+S1wJIvZIt4BvsxhwRYxVDBIWGzIZAEwUZoiJsBlhcLiJFiwxexNoZoS3sK81anMA66HJyf3YYS9udkMC+pVpJGBNt2sHSLXAo2F0BDX0MiLth6uNsiKG/1DKIO1Lurgar5rUTRQtGz+25FHTKcZnhU67nbLfJDbTk91Ga6hrwxJV7of8GwrLyUhPXpYl7XhHUziiXwvQS5YrWEoPo2mhOfkpaOHc6tesrbvd1ex/iQUekye9wxGFbSWBJ2JwGv/bxT9onkBE/NwydauGA13ZXIKq0NpUAR1adDW1kssHBjbLW7Ugv0MUrCfrrViZhlIUOxRkFETNM/EGC5me8qacG3f3GbwUY+4G8K8RPhvmNLrDivLEegMYoiW/Ptt6+nxgSFdSwQb/jiHbOliDeHmBwBdunlQBDfzV6oaQa/YktxTGlnQw7hn2sHqJJj8A7jLRu2bayR6DKdjLcDy4W9FK7wn4tFb5n5gVkSwfWpNqe7QPwtmQr2yJyyBYJLlsOdIXd7nMC7FNn01CgsyGN110PmReNPxemlb00kYewtJ7dBgA3RDVHCNk9s1rcNu6locWi3nfyB4JJrvcP4l1vY4zWKbR0VgkSA62iTDOK4y3G0sKRo4+iz68mXpPDqgrKzxDL2h2Hjd0tDFcc2yw/qM1w7tVXhOVLMV923kmMpVXs6sS/oWqoqNWYo4IrmOiv4AsZs5lfZNxykAF9lHOI6V4346Vbv20eyw3oAoXM3F7LnbTKF/PcxQmfuiUZraRcyOTuUAArUEMP57S+0PepQ4o1Z5ck864C99VOudkROQysrY8VnN3ADBNGUagYymk9/kSFYZ2ASMXcM3AioTCrd3JbC7J1ya4RAeLrSFNBBh/X1DSVL6xhxLfVWoLd/UnJ5BS0kqySEHPiy42Z6qw2ppT5QqbCCTsEQVOqonNetjVC82Y6dzKfYkt8W/4mpJaKbVL01BBvm1zA85URcirHnaaejzKJVOMUDZIyBZ4Ezm2OYDARV4qufYslPumki4G5NP6z9W91SY4D0d/KjI+UueTYPzyKFM01Xa1kJ0Qsamp08NQCQ6tHSQ/mJrFNkN9yJEvoAD1f7JpmRcWHGrS/IE3RhAf76byAxUkXkmtsX4dvCbio2kiY1pZh4xeaHrKi7Y/H5QV5dsc/0KSNNdeRzSX979VODikYxkmOCAsPk5CTSnvV3NiRi7DL4bqoPwN8gcBmw9JH248SylOVShj5NZV5skrgAZXZ+9WjHgD1AhYpncL1GK6hO30dzstLFy7bYSBG19Pemovb20T2cS+xHWnQDUpzDYjWs9HzLBgHzqOoHDd89s1qhrVl/IXoeMB2EcYKXIvZoBVaHCqQyWY+lO53qg6Lf5+tdQUiZr+u46TTIKi7pf1afW4N+wu4pXiARjUIPHUL/+hM79YwHdg3oP7jLbcAVmh5lAwoFBWiJHMmCr22t47iRCUJ6hYJfKBIL0CxWDuZlzr5Rm5tN3Vh8ehN8hQMLzqEdkONPRxLBsd4BqDwgWRP/KYT/O8/biJ+B9mDj1rXAE3brF0jHx7HsRPjAaFyJC5gYYX0k7f1QfBPL+PvPSI030+k+MWgdxG0pchN4unFeBhulgMPEo7c335oX7pBq9ajX6Lhg5I26XzvXt5ZOHRiBGpbB3kt4C2IxXgyv9e/stEYz7cNiaLkxyadxPkRXvYuxsYcS9XwnRQtGR4CvOQTVrg+C2BE/WQOPDBajoUaLsbtkjuMMotjzr6gvZx0oJ1BgHNH1Bs4/kcddyjlsZJgRMNPRru3UM7sPnghqQTAx+9hrKj0yUSjaL5WxMppYVRvELY64r+M06M2ZyZvoQpYWWPOYumn1KSyQ2WSB9WO7iPe3V6qdj2c+XRtlyX4UlPz1lGm1DgPwkO3IG3JyhfEvM9tDD/9XYKcvbhduHcMPbCuCiKLarSS3r3g7KPX6VdNkfUx2F9klLWEjPZOP98yXNaKrbgASZ966YOjgB64qXDnT6Hewx48d5PUqcwbZzyYT7Oqk+SNunEqApO03DVZQo4gPXTRN+KzOO5jYyQcGxJrbpIXPC/okx2P0Ee3a1Ess8aQ+sn5Ftq0rEY8f2jb6YcVjsxsvY0TrTwjftbm5gqY99CDf4GS9vRVW9bQPYw+wFSz0ds0wDvw+BKKB2g9uiTMUt2NcKjHyC6s7VVyIvc/lD+cL54ZHiMX22tx8eq5jABiDqEc+mRvnxvxnHTgvQgEhRRyvdnC5vJ7GyXmtlijQQEDtPWtXtMV+Njtkg8q6ZTkitRfQ1ofb2KVqq11EfDEI0MZMWRi+le2PXJguL72cev4N8bKRQdvMj7NqEh1nhoz9Rx5+oY68ZonYwkTMGYJA3bvzHe00aD+wLmcRZFRg0Ipjxj57id1ArI+YDx68GY+jZgsml/XQr1qvv3KCL5Cb+i1yUUMAJOczTkEnxLuaOAj+ntL4Xy0BOVqyFq3MF4gF7xmDauumf+bGt5rUlsKTABWabhrH5ZaG2t0bOp6xFpRu2Jli/9WVNTmj14yVJ9qY7wBNJsvz3n0sSntxHcEUQyPAgrRKch1GWOCAPKg2HkyMmntHCgTwzgM9igPK1/KLS0hmjsQsh3IJYUPR2DCebWYDUdfcxIoMK6Qf2+1paKziX+bwGttyLOPs3OTv9ig6sns3fpvn1C3ZljlEEMpihsZdvJwqQxVc9L7CxUGc2p21kA9Ts1YTkXw/G/rEgubr99UYUjbNrwcwVWqp5Xw/TADlTFcPsEcpzFhKIFOq0t3n3k+3Kfy+rV/5RfE2oEMHhz0FeuIXppCJXfqY73pyaoSoGoK2FWwGLq3g7V9bp6I0n5BJV+C+jPfe/Cn24yDsssyGmn6Vqz/CJCn3ifDEHK7Ohptq6L3HmPmI5Onwz72acPKUeIolpc+x+Id/cliLn1TKiHTQgLGVmR6grCZy6DJLQZUPsPhtf+e0bL+mzqN8FBiYMkfhyP/Wk2yllurKIyUCVIiMB55vGml6QnlG3Of35GjFuSpBfKTdUga/zFO66CP6sxsINbgqZihL8E2Bm9OKak+Z1gV0YLQxBX48hUpO+3N/6qlCUsURvVRJpx344/qWGrdiAwKEnOzWZ7jWSk7NQnLhzq7TBBPkYNOlV8Wd8WgbpAvobR08wKYtJbfMWBXz247nYOkVWKL9lbtzowAyj8JkNaYIuOXjM+yUiKcykTIEOg9m0WfoOp1FE++Qwa59GUytOGKyfwZwOWIJMYD9TxqBAPYCuesXERDxYBOVIYz4dbKs5Y+kbu54UfK/uHMw9mDOQltoWaBDVqckXKUaw3MW4IqZmvwvCvVnkjRXd+GRDvDZBvLkmv92B6dga9EEmMmQkSp6InLn1zvPgELEBgdM4jgcsVB94fBFflDNQ0QMq4SRuzqxTSc9yrLENDrmxqvwOW/vKrPk/9nDnl8P+lPkiuFuE0eVKZx4Vw3p0lxmRyJ8OfgNyNuwcwIwPHhmgDya+k+KRu+Ro74OvJvWRi8jExIWuvmbSjpfAU0/6ohPyVCq6Ct1fSIyB9oQyITrFmWHGr3pEqtHiJ8SpR4aXc/Wgc8c6+bjbBxAUdgIdqdKimr/0RRGtkoCypg2892vpUc9TovvfPpayfVKS79yPJVCqMqB7oAOMMcuOGxpv3plQ99EhtSwqzOI7HI4OXcm5Tn302RhiZIZ+Ew3yd3JUN49yJkIM+FCm3LLVQnMyxaXc2nNfmNmhok0UEdTBfsAk8/8k3asFwuunQY8fWY0oXE8SnfB5tqe2QKrswNqOlkYegGjD6LV29il3Xu0/HKdVtABgLwqiuSFTGd0jWtkMp5Jz3N7/bx0yGU75ZRGMAct4qfoXwU2watLFDtbGiXPEq+LESH1EOQSPdzPlg+mgBWd0dHLNET2i8rOekvyBRmarKbG/H9NTexYtVz2DWKDtJhkFPcJJxG5CF5w+jeKIYKBR+ibe3ayYXY3lyMrayE7jY/rCumMva5YXktCWxdBQj6s+uQkGxMGS0p/l5s02HuXfRbq+b02nuNM3bKd4D0QZ4SWOncmo+TzjQaVugerhWk0a+HLuahzoBFhUU9JC7kDj/6v45Nb42TCxjA8AOpiaTPaMdXXkuyid7XsGKeEQuFN0tpqNKzCWI+Thjhd6OZs94nkWF3rKPYm2gNjt/A/uWVBLUXWMRAyWz3c7LlA2FKkhHtiTeamlO0qWDiUvKeKgC/NTw2Z2veMaVfMDv+JihykPFgG/yAxv453JnnnBYbfJwtwac3vYSK1oVKGPAyKOICSh1/b+JFeDEYMkO2fythbThp6OfGFkPIk91o3UK/+sB5M1CZIppB6Rknf4+wx/sZ4v9KMmtG7JhTpaL/tmEmjxNT2sOtsQA9edqmJGHk2HSfCKRo1vTE9c3E9VUEI2gl9mhOe6W19h0Eav1ePA1yx2kMxBxO4bACZm4Tp4VwR+W6ewzB63yBSDUAV8+woVLKc9UHIrBcPWfTApT/0pWxD0+1b1GZMSa/5c2yIEnIcIhcR3t8WJBpKJcep6QdJXBXwh4rnpwczi2WIGs34r4nt/1ax6x7pRJVCZ/XXBeoj5/jdV8WI36yYQVqBmskOLyRN4OcVcWjgVNk2OiqopYjfcKBVi+FP2hI/psTBQv7urrxv/HnQExioJd/4rr4SQDC1krpOawvml5yzUd69YlXHdR3MS9BuOe3oqz/HQqxD+diDVdmlp6puvlb7petIX+BUNedLk0grpIgvzGkAaBI7ec6idb+EzPIhvOQubsgHp6AOGbqrES4bJP6wHZPAImdEkq/Op78c9f536LI5VXdm8qycWT0unMHWUK9878I3tDxLedwb5nTUpmZhQN0b+JvFEaBXOnenoxmH+/eANJzTGCOKpfjt27iuCAJQujMyQKQLQy9iceAY5LzsLdmpXlGCEA1HFA7ratDDkCXAarz95PEOsFnpU4mpcbyBUlpZCwZO4v/SjYdEa6u5MkkGl+hnos/0rEO/89Pp0Athy4vXvuzpQnPNNRT2KWJDatuDoiUwE20tVVQs2jZ+O2wKasKJZmJMM56g+Gy0pseJugqkjMmokcfJhnAsdZ10YPW5fDaS1gC588tFhCb69O30zRXKs+tTaxB6XF19znWCsMnjwhk+nwO+mC+RoGS9+jvKjW/cobFXl7m39czcWnKeFi5eClu0Z6f8JM1dpUFgHb4fjiAIjQc2CRTlme9dlbIBLu3J9lQzXtIPUfJHWrlBpa8BS0V04U9yg3VQvzA7xDMLlzkjjj6F8nit3QPlLKd5MJ55FJx7Apy3cn2ilXn7Heccq5y/FEmDj3XUxiWdDC+B6LgJqBE+az8xoCXTvWliwDdan5n8ofghNlfxtHJTz8vqPTVBXOsvl1oOzX/JMtn/aXBrc/xwxNObcq9DXc0u1HpcogCnP0ynoE/RBaJX60bFJTuVg4yNhJ5826uPJI4bGQx9+oc2ab4qmHWsiTViGv2ZX4LcrpwsF5u2iRSgQZ7Qgy0cggwykTzj5//vIBTUbYyAxUdenoWTGxYBGeg8rYiQeetoPouBq4P7+U7Ky4yK8xX0ZVYzLs9XchBFa0dJ5kItAAMOnwhdbjiN4EoUBJAUEHzo6ppIsjVqFV+PjqMfs9O2KTcA5yxmTzRbpr/NqLWMxCX/5Fh4ohNsj0sDx88FIZSo2qJwVBnFxX3b/ZeNNNkL/tVoXzmbYdi7A5qnhYfIJl7DILRqrxDC52rvH5j3Yx5o+AQsOGbzVYUpQtDmidfH1SKUaptQYMO2iU8FNaTC81VEvezXPGEJVLU4oSd5ZogKOlmwwnLRaL0lhhPYRTbQcBq7X3KaAm+4mD7MPcExBBLjbAG3uA+2cwIEVIU/NuR70PFdodg94iNQrJTVSHO+waZxScp7eV0xT0Gr5CQ6dcc8sj4obajOmZOOj85w0gmcaD77dH+lkblDrd6TlLdHeFPC/eiKOpNkkJCnahB/PbFhWFTuw/Lc40cs4rs5SPmK1ajnfpjrZ/blFPXPaU5OjxeN/OUSV/XEU8xndn5RSQ8iVXwqpmmpVdD+F6XC6k8lu+b45NPMj+YKfJep68tic/gAKfWiF/1syMnguC6Ium9WCYZSAbbxIDba5X8DZo4m6kwNIVrAkeC3B+LmikV2yRM4S2neyHiktB/ty69/zNPtNd3KA6WM6ww+MRq8gSC+DUYq3qSSI/D9rqHIBuFet0vCSbjqdUbnjS6L17gVUEzSa1RzXnwcCvA76f+f0wzTZH6ogpAEFheLIV4lhUjCThaY2rH0zRJByqbXwQp4zxQQybW/h9PJc/pT4NFaXB9NwEfDNIM8U9/S8COrU00hOyjO2DOx/PWvn38EFPDezHFJ94yiH2NgMUtJcGZPHCKRIJ6Ptx3SQ0gJavBDzwig6ixJWxcteOBrkEOm/RZfdWP0wDEnxxeqvVNUmugRuohWYtv79Mynh7HxTFORKjtA7vNkPfhbLTvcH3fheyqLYsmn8zqm3oF1hH3uw621ItDTTZpLwpD7tLsBt8J/NOGINrgoG1ffEN4iv/6z+7nyVrffvC1LWFoqDx3bdiKxFEsLct5yhoCbtgWFVjcH7OnbQzxX0AjABb/06keEX8Y+31/LBxYS3sGYcAeAzRL8+0+v/vyvy+Uu6bYh6NWbxQ+i+qnXO0TIgb98QPqlByZzATglsA1nFAyWLfrgegu9LaCQoAzDfmJDIUnXvHaVtPS3PYdTOHveAvfxlAdTjNfMJzpFETE+mXTrrol5XwKy4NfzJZAYL/d50H6cfWfHRWBQiO002D1SRwfozCEEqOs2frISdGyEE9U4iEJxBvWKSHUyecOP1KNhUOOb2adhR728f/J1oZ7ZN+YdhFEFmlnezWgVU+xeiA0DYnQK3PnK3t7TntI0loKF/uNAeoipCM7S+vtaSCq65UNq/CPkz4DEDdUiz/Tmwqjf3G7tPyiZGbPoLhxcXfSkeShPNGvk+Ev03nYkdK1lEgmjtbNJMSKWNQtdf0aJgw/FP2MNEVPPu4DS1Yp3t7Is67jUqn3AApUAh7gU0iGBjaF2K7fE6UG4iszecWztp8OlxEQPb95nGnWHayboa3tHTjmkLFsCmN6hDQEgE9IF71+zh6ZOsElqssfXg3l5jWxKmG4B0mzklMu2JJvWvwbH+YEAmtcyry/bezp2mHvt6n4rlLKofUe9OuSgLnHmGpYQV4J4KoCqKI34+mmYl1jD/n/tY5m/pJPwEhxRNt66t2VqzybJ4pj+MOC2GgQS60TTb0wBON4jvBEr5owN7J20d0Nrq/lLHOwy4lt+E2JoC8pB/4LkLjYj7VSFqPNeUq8s427KtbWNwHsPv+NVvSEMRD0HJALjKkwDlTRwGZzUf4rbty39LerllSsr84rQmd+6bH5yd39vRIyJ9k7ptRzm/sUrW56t47eFtkGztycVpjEmGHZZA3aJJ4rCI/3wMmOVFmAYp80VO/fPOLIMbg8SGICrK0Uhlg0jpas+ZVyUdq57VgdSYxRMjVDtkDOOxwK7kLhaIZUFESHcduUQ8adqHqGS58Unw28F+6qOo7pX5o0Hx96oawD1eUf0GwPLc/ZnRcb0WsHCQcrOLNZQ1QNQSa7RzwKYMvrykHxIEv+bLALfqBujm4EGmwbXdp3chVf0qgfrjp4eZ4GDM1kXdbYOmCsjDSEyagt6Df3ATNCVVNzIkA4jixgMGU9gXhJ+0Oi13AIPL1TjyZuIEVslI60r4unQwVFodXqRu7keAocpEMYP1HGo+zjxcpZmWaIK0oz89IbHOvssbdhT36qHA5Mvbr8Vxk2PuQP97i3alm2XGkdzktNLq4rGYFAYEkXtdo3P+uQfWzCekhulTweAc2EEojBNv+4HVjMgNNCpgyHmVekB05GcvSoz+EO6BH+pWO8BBladi8albYSj3Id0+3vqXrxgS1ln9Ocv9ZKl4rTwJFk0av+DDV0o+BbbblHx4eQOBfpdqpNIuvdCE6xZni/WGOhsOLrt38p4rSd+Ij9dqa034aLKg6XLjJ/cRndsWWMhwMuK/W+Di7TDXhaerYY7iKbjVG9BQbcTeeJI7vjhI7aquFchx7MqTB//62tKb7cPiVHPCZ3xDHAClHA/K79/WRYy0q6tB+XJGzLpxg4TrGwrskZi8pfq/lHqWUvjzP683qlTuiT2NlgH8C9U7rCjH8eF577zl/N1ihd30IK8MNaKC2ns+qjwyFgdsTF3LRpw6lXFbbJg/+WoQd5k0SCvOikZf0BETMduAWxP80piHAxrEAIduDuK+fcDPCYRiuqMN3A8hBtrPudkKvWTZ3jPmRdnJ4sVzPmwQH+ZdXYkjOGwYAGvmAJZDidyNGU2kea85jR0znYWJ/qCBgQaHKvgG+Qbxws0aMHbOyyOxpmxJAW5+XDR4Ai8RtYmrXnhMMXoEQ7RqJrHMn1NVUdRjHFDx+S5s0XTWZMYg8H5ho9AftyN4Io8zTpQ1yEuSar5yBVD6dIQ9VvZ8VMvx4B77q2zUfRnA7GT9V7Op5C8ne6yceqRa/RsAaE14v9VHZ0wfq62ynvINZrSGWxscTK2hXahnT3/7xnVGT6zyfnxerl2tTncnhj762rugeGfuuXRSMAZJj+UW4wn8Sk8siLdzfKQoINalzqrzKXYk8JUvqWqDXlPKbD+WAbNwcL+g8TDT2dVfaLCWS2/sZox85sls7Gz3h1BNgyXx64vYPuPFyRM8+cgqAUZeBV0Tx5vzxdq0OHYXdVACLvuhfj1ETWAOOJOMLMDSJTjnIVcKQXh67pv1XqtDD/bbC+KUnTQUkx06fkZA9JF/tw1uUo/STyXblYfhwRH9bXflzitoOSJXDHNF/HOthPELEXyOlQ4eXNi8Ea0Eh9974dTSA/M+nuca4PK7iljYd19ayQBOxve4mHdAJKxZ/HZgAy/aBpcF4beyzUDupQGZI7jerS093NH7148Me9WkbsqJ0nm8ibkmfQiZu1JcHaQppKYtqWtGfhT1lWEnogZSzwsypYxKJ+AKGql/NfOFewkciDfN0ghqcLhg5MOMrIkZ2Hm3Mjdf3OOaP3Zk/gT4+YUtH7btIz6pfXGooFbVdi+UIi3++gu0FNpG6MzTZizbHZKRq2loUR/p3Wr24NectNKgMxoal0mmX8muWrmHK8k29uDkFsTY0+e4y0Q6C6cFHT/M1OYFTYu8R5qYEbNuGLd2SyU/LSpWifzDWaofqb5q/bhDrJTLuhsQdsrVJHtSK2Av/KWJBFZ0gMMet1rpKFPQNfcB0HuA/nJpl5jUt52l0IQcyCuqn7YoHBM9XNLOvybjDxpVxybZ9NBQi8qfywcd5KFxaHCYfTAJJCYGNVCNu00xh82KVv56naxM7XpEQF9z110FfewMUrHbfjvbJUArzGG2e1b0dYYTKk+f0zjynnFqRToi1egtPbYfgGspjCXyHYRmwTnt1qF77YhE2ZLffhwgGzXjgQtPhbB2jZkxHDeSQX1oK3vqAfwYEX2wGp28AwfEvFQwoIeiBoqsYo/wFBfpDH6rIVH99RuVsar8rN2PsSGh/Xi2e/gw8IrsmYLUIkqXByK7hH5ppObLx/CyxqNNoj9BZkemrMU3N6u+OEEPWn5CzcF6S0dr7rr5Tc00xDCG09/hszXKYRTYzvdrfDUKW+zVF7gpiB68v+COxUQtE56CzLie2hzmU+2q/+l0rJ7Ly/cAivCxd8qg6xhmGE/nJobotWdpPndg+LZ5N1NnJZ5Ztts86HtZ5Ju59ruOUmL2FNrNqkN2SN0EzrqnkXYsLn/PjIeYLMncQG8jZx0uHF5PzJ+ncNG1sSAHvVulyNxQjQBLJei5ztK/3zv+/kAUrqof0cjro66JoZWK1dMP0EDAWwtEbeoMgXgE42iVGJSRsT7YGVEHlztuFIv4jjc4HAzod0bhn8Yff2/E+fr2gI5osVoVGnf95qoqhbTnwd+TojnbFzgqAPCHv1a5kTKf/JKjsvAYHia2GCh0TQo1VgEehp28y2qBcT9PaFC3JJlqWawWdkD4eAtYz0N7N+yWoK2W+hPyLcS46eRNlGnOUN0MxcFLPUXtnsDhf9W021yKjZBdDGsnYYq6dJriPepQJ4PTPw9zc00Fxy1bc2sLRSF8BjT53MwygUGRt9J5tSmXj8eI3PcJ+L/xThD2ofrjWQlwiPjrNsvaluAraS1kzxjI22Qxv3HylXqFEgV4YZwR+p0AGMxDQ40SiFOmx8NOCKcNDiY10wrvaXSAkrJ8mpaeT/DnX9POJ8r/CKZIxCw5gjMY1/yOjeEsoi0thvgFcDZzrdBjWd0f7TSlB9sBcmRhGIjGbD2cuYMShj8gV7hADJZ0PgsuZ44LC3FxA76cA7xWK+LedqVnpJnbSIK3EKghrEGFvJ6T/HwrWPm4pnO97beajO+eFJK6S+Y9clRlVNuIrOOqagsTZUXdUt6Z9baO0NjassEfjWmPzLnStbsfMQlmXvEA9Eircw8QRFuLTlD4aUTuYA6zsQKlZu5bar9dJ1kfKA0jsFTHp16G1MyH0If+jplqItxp7EtlalBwl6itSDdRRayJnG/QfA6Zw6PBintgfpGdjTcxkUGOUfyQcT3BeaNyCdjW24/Hs6N3ZKfwAP2nPNBSxhczId9bhNIibrfCvOYVRPdIdJR8QvbEhO/9puF9MnX+GjYUUZP0yL8nmykZzhzDRlTmwwnFR8oURTngqVshnWaiSjpjXwBxCwMSQuU6MUstSV507rFZTtjFfhJ8DzLe0D6vCYmFuOrRhKQO/cC2feMmAo/GF8zELJButq3ktPeU6iLJUyLSrE7bZ3iCardfDB4YvEc6nFpd8rcnAd4xUFJiZ9HH/JfgfjyxLuxHoNxMdcOeoVmR4Ng2K4YlfZPd1WckO2DSbEiwn/glC+IuCiIJKOdNZxyD5KCppqwe53jZ03JwhFLKgChxfkaiUzykMTjCarfQrcbW2POBi5IljxHIif1/T1Gp7ZAeSIATjaqgvpUKRoRnAg2WBa/CaZ/cqlDYtZjha/NWAuvTWiio6IWAVWyXorGXkrG6d93XQ15M6wo/Y/lnFmvs9GCdzdBtKVNeQ8eERNq5OfSct7MZUTwMj7Da9S5+77QpgBURf1JwmwaC4Vgt/O3b8OrtvIsSpVRlylPra293L0u8xRHQ0LidRxI4jrLiECbm2k6iHdeameh7olaSvYxIO5Ln6h2ITG7xT9+efBinHqUBV1QLdW4sMiil4n5axjlJ5J6XaAVbkuvb8ODxVSApX7y1jTfG3eymCO0oYsYeAQbDUQI/1sWWqj2azf9fPqcCOluIl/Mt4Io9cNUkqsgujqDEpOsbTUEjRMqactoBbERmkcTKPhJxv+QRYfV5D5dM8lrUMReLl8jhMStwCR6pZvSpba3uB32uNhDYkRHNRbrsOLg8sVI48fDduH/9HpPFFBk1Sq,iv:tiOrqnqaXb0jd6e7nwCe714Q43iqm9hljyuOfsVsDEs=,tag:nvr2pu/r9O8GwHRqGX0M3g==,type:str]", + "data": "ENC[AES256_GCM,data:H426SsDhgoKaBUGAekwU+DeE00rOuaQvRWT1HukJQksnYU6FoPIC4AhV2oGZall5JwhhqnKM8IZ2QTlW/gKEBLsRwQAU0AqFKRo2ULj73TpW8HwpWyXrCTrrod499+An3NT613Xux+CZLm6nSlPAEm4xz79FwoIJs5vUThF2hhu/fKZvxdV4QWcXqoJ44cPyHRrGEPZiM+JNjPKgIehmbdqXSZrA63K9vlH7oS3lkg4jKDYSLpiLg+jzf5WQe5PTKdCO/De89vq2qwAW3hFoUTYLxFTr/41+6vpO+76MytAbOjiZDF3YG2NruuNoiq2qZyCyRQ3THbiymmL4DqmHpWa2SafxiK7uvKXf2B5XWyveH/8U4vVxFBqsboq1Ot8Tf8hxV+ZO5sRYxL1RczOZ68CjFqfKHH4+fnvfIZRoVIsJ7J4M1r22rzZ5d4YnAFgC4z8dmRMmMXFwXv2xkKBC+Wpew5EEccEDVJ824ZcPTk7gXU1O7ZwKFkca9M9Nj1EwTfGN0x4XVv5zQAPrVUajtyJspzilIS7gDqpOTIxk56psV8EaK7cIAkuGa1XOIgH+wjJkxzXTFazG/NRuTDtwrs8y+aFDSlq1j+6hIK6+x7dQILdNTEgKSg4ItB6FlN3ZhBFZWcvF7aeKogyWLa9+uyQ3o+4V2n65MAytwg8nthAHPOK6xk3mbrIhY0AmRXgtOOKWydUGOR7ggInlGC/aeIjD831LTyjHG/rNepqQjfc4sKtkivNNNy6zp9LH++VPklzAL+T+SHoyS7X1luDyXpKD6Suyef87cfPdVNnHKRo1MKPVGIsD241994CsQ9repMS7XpTCbtiM4TpKDX2fW6W9PnR59vi3v/NjvOsVmRPsPTKqtyjDTJxcHrc2tLg4E+z2mBgdRFxGs8DsrhpNMhhhDrRSw2YrZjfejMZcKEz0W5hxTNrdLnf21ORDXC4Pj35xdWXoSbPnYCnE+2odLHJtNtPbrKsdw9QqUO5BARM7erj4ZbiVVAX3E89/Jh00xct4itofokHgDQwOGusgC7Y4PLbBbP0ZMzFFTCFd85rIagkYNx/SwEX7+wnfSAIDSunlB59Wk+sP6kDYQ+/Y66zSLejqlglskCJE2IbgXIETK24/w20doH2CHj6Bhx/wmixOd2IKBytkOvB392Bu8GLJx3BdSicPCgRrt9II6ifgHy4dbJrLIGeUnpz2/kWPotr9DSfjwNkNsW1tHQ2WOQQhBZ8BDn6E6xVteU8svqTCYKT+/NUmKH838WL4hAk6XkBbZJRpk4C18SBM0k0YaydjCkQ2+5Aryj7K3ohiqcjrDygEmnMWSKQ16Az8MI4S4KPQhUk8zhBKAerekBIsCEEZaNKC6p4JkKIaz0qVejy5DuZzQPL/j6oRXCBhgks3DwfiTvW9qPuyYlAFVMJGoY74sAajSWViJR+1ygiE6ttgOdzqtEsFXuHcO5VIvjsajf8Z0+V2XfDuYvwajHPcu+3JXFqwePK5KgwzhF5JzlcXh9czmPFNbTMGnTfMvG+hDoivDXj0lf/HEoQIy6XTt4zL5jaLo0+o1H1CrsRQrvkge4lwwVGf2rc2FPYbdrpd/PFygTX5VvmspQZfRwGsFILWR7SEz14cHe/aBBv+EZ6qtqPhAiugvwUZiM+m2DRnAXxgKAni1F0pQTC0Qpa9lEseR7nhJbGR1KzogkxPmmPcrjDK3jn05oHiZE8L3mJTG6S4hUTguYjBcP08c4mealYQti8MRuBVtg6j+ebXwlwPjOjwhEjOWpQG5aDhUrbca60tfJlwIjYzAwzzcmsVZmqOdIYcEpXQcKi2daE6rnSR0wO9gkMvon7VcqVHDHnrkAhdCQtieds9vGy6i91WZKLzsvuhpHM0iUMSG0sWP4bVUq/X/M65WuHQqQy+09EM+EijOCBIDglL63DkW8Od0t9WvZ6il7NkslOwsU2r8LbOdWnzTRPxCrICj7rGaF6fTnQoX3tl4EpcspvAYzSHiMuzaKx9ohfSylC48psKjDDBC38ZhhK1UxRYxrmEyIfkwKakFGt+zhAT0u0OwPl7BzLzT/TFrmisOp0xKnsfGKOS1qq3I8mcE+tJ/1dugkfKui3a9FrpTBrNNUYMOHo9XFT3vm0D+5feulhm/f2iByUWXJ2HuqZSLwfRQuSnO9HdyYdcPxMmGPbxUnNf05gwprpdoL1RHpdVCBBsVYpKgxQrWwFuANDVBQn3FAfVRDTIQNVNt5/ezc62N51rxWJbIu0ccsaIdsxrZOKcK58HEEvA9P++k4sbNY2w0zSRuC7gNGnlli5I3Ll6/avIqGfnc21uzWX0ua46n0SbNQ1frODLW7RzoalgaxIG88aeWBKvqEG8n0O/IhEkrnUkx7ZJRpfhgXI+0m7LMiteh8qD3yYR9dvI9PNIm+iYsWa5NvZFRSrigz98ZdVu/6Z8c9E3OdtcLQq4hVlRhM1eXOReAhtZ6076cDEAHEKtoIoNo3kcZlsexLUBHE4XIPkJ6G4bbCW1iLBaXeGgoylY0Lwf7gNNGHZu1g/3RNuK+jzLSly+Uhx/8f45/qcQegMDfvCayfYB37ez/uiUNVuGZOIilJC9eQFVAq9XE2C+cxk8kcESIoBzkwdbUV7N56ZJ9TT2x4ND62qxxuPgh+7MOyBHsRJWlUoYPRU+64fkkRsZdxl10R1EeZpheUyywWSRE5kW62N+P/UUPmK0GeWf8JYPzXyB0bXP+d+h99FsxBXAcUMR2wV5Hbau3h8acgystLTj23AXWZumtzNmR7lmLdyHZ8SwdAoDgO7cylGI3Z6UH/ret2TdI6HUwUtEgOxgk+7bgs3S94gpqGwVr4FtIQSF7vD7LoXF3/Qouad4TqdBF1apcL00dvocSIMFOVZsB83VtcpFwHWIOLLW3FvQXt/M7uXFPwvGIPkDXIIbtQX3QcNWYUYARwDmlHv6lTVc7CC+Gk32k7bYd/kcUIBv5fE+sRk1Ivng6BlduTnXfTftMleHF9hQ+CHqZ+8JaQMP8xl4pJCBjvQ0hi6yTr9t9aWXltseh4HnFKssOWrQZyBbrLMqCde9s3bFjcF2ZZhimsN4NqB8/7zQsZZYyUY5mC5OZaVY0d93h3PmnPIaLqp3+wN8x0bmYoTgsPpqexvaMxaA+NSKb5Cec1f+KOU8DWHNHJYi7zc4h8yEB6Pwp5pfcrcuK4tS6CWzDp0lqwCDAsALdI0cgfqJHKnvgwrt/BdPE+fzYTOgb5RWrs0bfTqPOq9cJAey+YG4cvQITNresOyJtW9ohlUc0z6EJnbUoRO3ycGQhYSAsur5E7/XdbZIHzfWGjdc1ySwA7GFEN066Bwp8yNFXBCqdqz4reif0hwImiZPyJEadCE4KTNDH3OFaT94BQyifHuUiAIwklpuQFT+ryiQgnmIR5rWi/RBFVxbJyFW78KJGdSBeIVUBqXdkSxhaBRgIVfN7k2lghfue/VFAnUAUp+lmbf6SALbIKH+RQyqxgTV1tZky2795E5AotTkGJ1wxJbyrHzSO1fNUcOKQ7Q35wnV3hHDVZ6pG4XZezehacVSLAgSmpyYL/6M1yJGQJZzZ6H0MvTWoMuvcOA+IF+qP5pcVbuxM2IsWHw0/hyel9AiPery56A8GDZfHidYnWfg00ePewJKLmusxoEsAps33iVYHJSApdvqxdrj3Ba04ez45p1DfFO5/ZlqviJ8dg0wKIbRNoIOxLjUNQy8l7rEGfphe9l0VvnNPGVbHXlxkt7yq1zrq4yMfd4oRCcW7PMChcSicjhwXhS2F0U3ybYnKnK9YS/dIhNm4l/K0REF2E+QvgT2ur5dLYsr0O+FVzBS18tldJV9dofyzUsDknBJ4MGnhEOrbmPonbQlfm3adqj7vUK9/J2cbFR5JH0cClxkGqlc9tkBxSOGkNVi6qmMHsoJWfz3VwkdW7RaSc+IKkeJSoP2wMfrJLdrY2WUMxf6NcVKwrFYee6lOSWnhM3Xx78i/wMiHJcVmXjHkj+7NeaM8ZeKz1S2yDsiMMrvSQk7WPYl5SqUihkUTLIOWkbRp9yt872OAWrNCtbon1spWMFG5J8BvS0cpEBVJiPARNwT9keWCddPoTOx/MWMRyJ5G7fwFvJg0KLO7i4XuuO9ZF756npM5lyG5oIuJDl0QRBTtGWk/C55puIsL5xSXuWUHpbgsaeaP7r+HYLWOdlkgcZJ/U5HGRnoKMOpa/mavzQSRU4mQABOGck1wsecTi+1kUdvJS0zGxk8VXlqgFq2thUKKp0i5894+iSuiy6X5/dWgxHRMPQGAigE7AnPeWq80kTREakm1BuSmFyvpHqWHrYAmlGT8dunuqIerpei10REPDhxNzPROFDolrTji6qARBhCUBYffnxg4xGHQwLV7aN/u3cAngg/jay12uLm6AhdkAuhpEdIcQUYNJ3STEon7rzP6vlXNrifuxOPmq9Ru+57pkbU5eZJ+yIGisUyOj9JqXZbrh7niRCZjQhI6B0q/F99q5yeFhI7dYIT+UxXRiw3gOjShuDDsEvb7s3WuOu8cDZ6mFKkpLE7IruTbTPWZnqiq8aDf/2x96PSiCxXFYKhf3T7YmC3SgwST9i+vddetQ7NK4I8Emjn1Nqnbqg13knKlnh/cjJ6q4KGj99eKxKV98MdLqVF6aLtsNzzCRqhuuFR8kmM4kBo32waQGP54ceaHtbMNcML4417UIHyU/yjFOONHfE0zu8D90hxfs4UjuHqxL5MC854PbITweFCtZ85M++JFTRpiihfDtsdi/zyoEU2x83V8G/lCBB/14taHcVcbTBqpYFurPYsU75lNGr5NtWPwxNnJFZlIBde38cBBma5C84CLFaQgN96J+oMRZngCOdqXtxKxaWUb4O+Ek6InmtJIb/pFckq6GGQComCJ1x5YwUsAQgp2AuBo5q8/amIBw+Yke5BEy8PYKc5/RM46CQYz8w0J3rsZzjEmSgUSNY2MWVwfxNWMIYw5UB7JXyE10OBmxfu7OF9Ay40qvwSfKyDycwcQwSzqTaO+iu03gtLCCX3FLd7N8QHRCtP4wftVwLap6Ukbg9le5/W3olrJrBiKk4BSIvZK438L2+ptxdOLM+6SwREv0x1tbf0N7YPjgO9QQvOfNsv4sVs+KsxrrqLi0ao87JTn/mJDMHhPi2ZJW0Oxty8Ym1EOyzT3BhsORkcU72E/tYqLTYd3BToDeYLrk4TlT9QE5Xaaq2vhqI2JS/fH+1z0HWDhjz3tG4DV9aoVPdsPwJsRabicEbpCeqJlBQB/6FFQOHwiSDzlHfb4r7agkyJWfB2wReuzRyxOOOcWhrg4WluoouvJAQHxY7PKiUqBS56ZQ6XKVhZBdDnPfd+NWut7zhZ7F96cQ3fz8cuQ67e3LIACqnXEgc9ox5BjAvi/PXyQvuknlZXParlsdlgOzkv2nWBxocP5uSEE51RkjNGYrgnaxvKxsx9TDg1H7ofO68ioHhqZnbQwzHn8zMauz00dAgXqeQgNMAdCASpkMQ1COvcO8DUQOWHCXiq16/xRo850gV68QdR0PorXhOs8dxsk+oc4JsDAE+JwiaYU7yWecQ+jyJK0HuQIjaA3eE2MQlEOTDs3JfyXOmFRCEh640Uy5AM+4//v8z+r2v+OBPyw3MnIl+ldqpKK7Y/E6deXbx1Lix6Vq25MDoZCejhivokwJtZVyMjpLQVcBasveZ7GjJac7wR3dQyLXWBhxOvL9lARu40/Xo7itgran+YtRSFhQ2D35U4NdW/PmGqETC00qxInkCvVdO5whYxRjN7su7OChaETjzC58tqD8qN/f0uy2XkR1m/zkFD66bQ3/UohooW2YV1D3gway1Kri3cR2ueZY2beeIZPj/ODBEOpn7fva6hbwxsSdrSqFR3bWdxAM419ASa791J7nGlVEkEmGyL2vAhm6/0JBCPq8oAPrcfzw5n91dlvBRTJ+U1hhUn8vZDBL/F3kCb1WHBjGzQuJ4iVUwIcQ8vlF+T28+CV4zRA2U8OlSHDLuHtAoY0LqR8Yaz+snVJDH2wV3jMAryRf9/IS+1BYHpsJVylz4Ms+6FN/Ok5fLhVfTfHIqW7Mic0h/feaeBQ9I/6tvEeYEX4HHN8yRNYmElQUEmHT/Y4Y/Zzu1Uxh5qVvxwEIsH7obr8+awSWjhxDljhLBvcC9rfnj1lYaAv3cwtSWYyyjhGgAcDoJhLXTY2mQ9YucywHdXF/CtSlHGxD3wjTNE15xnRLcKD6MCPRZ4+dUWaOcAqAPDUzTwy9KHvKH0MRjaB+CccsXMJxvL44lqRzQUbK0iEt2Hq0p0O2IdXDdvEea1CFGzA88QHG1x+tVYZMkMhKFIZq9p2dlBUfYwgiCSCqxgeTlp3x0kQ/12hQdVkWVw4xyv+5LCuRqo3dVD31wLRkYg6WKYahaobDzuK0p+3+H2MsFhr/ZNiKtpzS3mGBgybZrQBUy0eEF/sggYXQzsolU71gCMTyBPFBpl0n72MsuEINNlRo6EaLPwWcdZGWcjYFYDVltUBLt68I9V2DRVN1F31VfT3HjqxhNkh7khj28AQlzOsA/PcTaEzK5580HW7kS6TZHy0gGox3b3Vj2lg/uXQeLry2x0+UBUtZVoeNoWH3A3UeyaYw8mUMcc2TopEt0oAUxHO3SAYL+M1/D7MN1axmcdCoKtmD1SEo6SeLmXIvBAzYNEDC1gIBjKEylyHqmbmWYqUODuV64R/MQaXYjcLUg6R4xnrodJCUiLfZf6142WUMGvg5nAehimnVl+O3j+XXCYl7lgmpxkGWuOinZXpq29yBgLVogCJkq404sjpUtIEyXHWmQR449FGg07iU6P1Tl4TUGEnpXw+asKQqoZvLyqPwNjs1cTZkdkAK3e0GBCNA3uohkI7z2f8nIRssgK86b0RM1/XF9GCs+6POqo0VC50115AKEsOj+diOfhvIOEwi1CuI8A1rv5/800UR15ajZS4xnap+pmkz4d3/+HsrK6wWLtx5obBX4j54SpUzurCSUiVdO7ye/x/wWQcME2Oz/4FaaG9OI5QGe5WxUp2VZWhX2nAS8Vb6AiJVFEVgZS47OlcxAFqBLkLVNgh0LjfJzhHX1mk7PW6ose+mzGajlUfT6bDdI5PwDBPHPGphSwuBXOxePwZfaIcHFU4B0PjcoA/1m8CDn/bFE631JeLvigOhNtH63HEZmRxwYpSbmFYZU5IplKjHYMGEN1uY3NSrO7SOu7NrT+UKyqJKPSzw+cEBNs4naUdb5OYujn0JvRz8H49n4R6Aul8NSWLOcbqMHcymI+k1j5MJ2jntg+6IgRAp4EZCSfrat7QyLKadpE3GmZ+mphMLacfSBDYrCe7GWpQwCzMQKKzliG/qcfIZmyfCZv54jlEa7lpeABefx1zyyXkTPuji+KEw3q7brVlaBJ9dSNNCWj0AdhO+JDC8x4HYqW4WLo4BPWZTEpPifLRZ6FrG/uxPxka76atVyCjMbLgmbhTokBctRECYXDrf+mHLnjicfVVt76SdxDUx9FgUuyuHZalIO/hTh7gWF1YY3C1KBk8wEBXdrrJ3I/FFVOdvMVcrhuRtRKEkRaFRBBOOCmBAKqzVvzm5LesseSDwZY0npHuwFtATrfucbxo4ht+uwNUwBstZtawi/F0YbTCXoIPI5iqd03u8r87NOBM7S5T4tix8ifwqLohp7YSQecMsSOWZpHoRxe3YOWYxIHYXbZACmDCMDFgUbgBjgUdEqHovIWYPPgiF600N6ge5l/Ny6ZHllA0+fY6Z0LS+b2+R//RBbZPqZaSfOS+hPyL7ixzCE6/O7XmkwUsgj7qsuJHQsG34fUQmwSZ5pj8VqbMejxTed1z1SWz5m8ddOZ2lQchfGm7gkU1tR+L2tM6C9olrEMVWj94gR2eD1E1CXS7DhD4hKS77WaeuCHQtOAT/gyko5Vb4T3II+K3/1CIh5Rnd+GRBt+fkN7zqYPJyObtMmiE7nz5onurO5rXj4DPSaMT8s4RJ50TrQvwpNJDC0CuMLsjTUfNyUQM6ht44gfmkmxOPLyNdxJBENZPda2dAG6ZfxabGyfyvj42zGJgVERFAOc1q5RTq7Xt21KyJirTs0D0/l3UinTRp4PUIaEtPZIOn9xfV0ccd1u0hT+pYVDJc2wZI0uxMpdiGdBQHuLYGfm9Q7gxqD8kiPQZqFOHSueqEGi1/LoiNNMihncx/tJP9msMhm/oe7EGQF/g06f2s/2bIFmjKhO03iSM8Sj9Zwrir7ZfjuBmK3EnaIJ9OAxXmvG0gL15AbVXv7JY/bXitvxaxSAOK2057i0pl/dFoA8ZIfSbEWJB8+wla03EjwKPHh4ZkAfr/VF0iC4h62uJB/JokDSzlVtb3gkYLeV9LYhwge4D5wmgbjKwhqaz0sa3kCvOsHHln0y/IVaciCxFiaQ1du0eq0aaOQU2oiiD1tTz+gWhGb9qTqgs/jFXOlc6LC1oCHqK3mzG4UMu9qRavLiyyOJGwKLzI5tKfzvZDy2dzXCEujGmpjCrFDsm3VtXmMQ6hMnTrU0fRQftQJz7RlRY9bKuhYhokBG72eKfREI7ipwitqsBdE/sR+4GafI6OmDPDPDjOMVRpLtPQsRaNmoOp6fzCQwH0h19FBnk49NqO10Pi1j+KevGITHTTsBqg3M9tRXR0Tv+8KrNMR4dHt1Jjri1Ut/fC3oWeBoGjI4AxTaRZuAHZWnQ91azKoZJ18OCbA1mKd9sxhHIS+Yxxp4jLiLfgDJvpO0IjCQWmeNwjzqw5Z1HVHBwZlULkPbtSvFdWzNfzQMRKVHntDMQwrvMJuiLXvD3vDngfYA+Ya7qmpvlkqu8+KRaTfw6juKXnyyYJqfHegndYuLPVKq+zF7X6kQzcAyjvMEDml1FLC7GOfD7CEMPf85V/pWk2efSVI4cNvuoe7brZVfuoEtmEollHXewHStEH9U2XDRH37n19+WiYekajjojjBnMa2uIhy7kkyEQb5eF/Ks3+3DEjA8NXeZoosFJYMPf8dziXJflwhI1i2IHUN34RHf42cS1XvnUoHZyMaqZGNo5a4j7HrDw/2DXAeqOwinYOwPG/Pw8je0HrXMmLZUOjyS8hoAp/3w/9Esl1P5dCxdKmu8Eh40gxN4xx82sCl1PRp3S29MyP+QMS8V6gfdQgsEHZY14jHWhCG6PQARJPsZy+14SndYl0qPNGhmEzDuezbWB2R7XP53K7AIsAXarQd7W4fKJo/BpUoe9nF237WmvTTU4kRRpTfux8yvyjmD8VZH0kbjvNkfHYMwbUEXyWzr/Z38+CxpRDzTKA/F4Tfv/OAhh+8ALRyKGc6sfxoIoQdBRTvI4YntKbtvtpUqTR41E+9TIPw/JdI0R8F8DT/otxoXl0vBPx1EYdqxGkjWJ7VIO5fgq7MT3sK2KddVTNmNOW224buqFS0ZIFKEyXu2/EqpyhYxld+WP4i3xdIx5rLbXLcHyO18+DV+/86fKMV2n+4sFNPqVyoORyuEb5R3lm3iEvsebYpn25js8p5QLRidW0Uw3ei1xehN8W97H9MDOPU9eAibNcVgr7qdQwhkrC1Bc+7su2HPLkLvunMASGiaUbafS+YQeorODQ1LFlfQGuXfa7IEBTuhwymj6bREBqjRjl3cC8rzMmgSC65tDl4rEGs870CuE0YQVcC15s6kuHwIphtR54Qemm+WjnV4Xp12Sg28GvhbBsRsGmPqKpMRUKnzRqZHXXdjTpPDhx3CdJTRZXgP2wuTRMIPd4KwlWktaqe+DlSU32u1Ybrjhf3SrWvc6qKDqAYRG0EDOHyMoWcyEXBSc6E7uSzk7zfM1EPr6fVDGx9IsqQhibIOetTqF3TyBaO8sKrTU0BULn6CDbLrOceGewqm1mwMp4oah+ZYwt1B0LT64aAQfahc96fCUxhc76MjYRk8TcwQTsLFL7RFiOe4NimgbOb5/GO8lojWk9GluSSD+S9Lwl16D77hbYxAqhWciePR58SBBeDasd8xI6//CaX1jT+MSfPT+20heNg40mBTq2XVODuHFw5XBRrMKsxJCWTaVZzCJJipQgm7MJNikhlPZH88VzBGzFvLbbz7SkypGxns58tFSQy2CXaOCVQeJv8dZ5yRxOzKSwU1Vyb/tZxZIpinweP8Skfo1k89KviI4gBWmSud1IRYYCWAxNWy6d4m5vmezC1Cw9Y23pu8Puv+5YltWGqkgxRjvK7qeBjzrTcqEQvGHuRemrDeehuO3Np/BKbCu2USWzhr+s3Kghkuby3I5sJRB8kGIIIekc/JS6ynSksQkatoprySrnmIuei1Q6QbzGJg3OjgXNj7/tJvcO5vMJqaSIxCm8ZZhm6LmCnuMWrNqdo+bB/BX2XJNn24Gqy9OapaQHgifcc0QSLyQajHlTBbn5aL1QvDfe8is9nfyqDvibo5lj0+raj7kjaMY7RmthFqd6HeTXW6EpugHPzSuvn+roAa/Zfp0SNEc+MeQtADn3bueuCNGRbPbgzzG5gaFV4UpWdAYzCLGbwXFN1s2aPBy3rVtl4TGKxG1fXlA3I0NZ/KEg/leMnvwy2+WLkZxQFNBW0XXMJsYIlCUEwheSaPD6ST7HkNWQzXClLzKd0UBIUc91wIa526Vfr4hT7ARAIAKaSRGmyBaZHDEuX2GjNm/09YfF49CMOQQzV4MGBvFlqIIhJBGYjy5oz7Gk20xSKlDJd0p7k1cgbyke9gf3u4dQ49zueYUeJv0Iti6VR5/mHnlM85a29mz6tir2ewr+5v2dwZoDnTfRES3HUgzcWlu3pE3wKHg32Q++4cz2IaSyUge21Ikyh5wNyfkmdtp5XmA+HVkXoZvYJzciEj4H8dKTmpCo6LPokpXtzxR0614ap+wuEoq/K+XDq8bm1t1DEwTaRrFnvFFklcJaTlFTVEskEMGndDRPI4/AU0w6hVO6grURyw6G7bPj03adft/ImOwotqeqfeR4SWJBrGFkgrja1zhjYYshrjTcJnNKHxYCPap5e6ZouFfNwbNxP0ABN/tobDsA8Fg4CTfl98lriP/EKnjSpP3M6RRxGCc2daD57b3K+G01ov/Xby0qpQThdCL752nPvA3irCmuyNlXkzNIMMw0ZQhZ+/yM+5SQ0TsLqoQFFVGdmQFlPB4IdB1OoKwlCsaJxSMN2QGn+XfBykWgrt5TuEsyH6+H/yfd5fTB9X/KQQigkwhmb0vXFct24jAtjxM8T8XYbR9kHnmn1vyQZeO3yvOspBNMZei4GPOi7LeGSDzZO/rP749PvnXKXk8CBjIWJGnQHV1m1nZRRA6igxxmkIuKEsSzAspm1cPXuLUYM43soLpY+ummQusqcuzS45lBU7qzbzfzoUMIqEh/CkMsohd+taUdmRQbU7zUAB6UkDKylldOLkJljJ8ierOhCkCPKKxOHB85G5W6ffWFV8GBX96AR/De1lLJGi1vbtXuaC5FpmvadxwZOsjAcsiF5hh3miAI4x/2TGS48YIPGH0O8IdUjanbA01oAI61p//2N2n7m5o3vis8GDZBVhmVdgdxO4ts9T4ra7wz1Po8/qbnknkyInNP2G+Pu2Lc2kxR3IMHnMvZbvG21vP+SfAe0t2fG0lDmvG6/tzEUd0H0EGUYgokEWmGN6xYBfA2Zgzn6oZGIvWrMi/vGQDilhs5uGT3PCQX3iDmpVc6UoyUpcZ8BYTj1JTYBacmpr1j6lSVNBYnluH4CCxoSVIoXjDjoYdJ/tLeYBDeeBrzY60wR5UpKAGSM2s2wBuuMMrVgjTncWi4rP6qPsDrABPDAMusaxuJX1b1PBV+XtDIEqAJXLQOY9mT5/m4Wr04zHmoWQvW3lDS630svp7GPbvr9f/KjglqP26WV927W8vJ1EgB/8g1r7cvzxfVuqr4ewywCyQXa6f7CWjePO5Dcw7l40dsY7dn81RIhEHyt6n/ifc9MpHPgOu5P0G1LTr1Mt8JI0FyhDqEkZkyApUgnFxMSfhVIePlM9qK0oliXSD0YZv6EMQk0nQrSne+lla+wvJJUVAPQR6H7gTDz6vy0hTfsIHNgzHJ5MsQiR4S+0e2ta7p38bbHMHSeSHk0DBDYv9zNh8NTuRPeQS41dLGr/54XpKGX5AmT3bTJnb3D6j+Itiqn5KqsLpCENbypbmFH10QbVAavGo0O2aog5w9CyjxrztxjpI4k3z1rW+C1O6W53MpceLV5Nd30qAcPf2pBstXSjpFnapHXg+wdgtP8I8IJmzE0Sw7JXyel42qXr7Z/esgeLjZXtp9F7Wl7d5H5g7yOExQUegaijT6eR0GBzcbnRDATNnHiyx8u75TabwV6aCPMyD6QGVl8ioDA2NVARMiBPaGpw7BvqCQ9OM+5zOf4VhQ3hODW35usDUqEuV1WTl447i0HW12y6dZwZfdHMU69xtJwFCM3hf7VmFHi+JN+9qwdim0ZX9+DQsPflkoQXUrvlCdIhCxd8Dr9f5b1sQyL//PvzOkawXfNUtOWIUxoLkiU2xc3O4X32CIsJdTVg95G9HOTlRSNDpL2jbkAfObKW3OlcLors8dNVRSPoHhajY4evLMYO2Xq/2lFkaxzXU58I4xCk+IkgtXUJ6mUZTEINdi6yEMbOPQ7KNF4YCHLv4/m142mGkvyOTuOo0G6Bv9wPnEHerhKeC4AKkR7qNU0aJNY9OjNUnQB7lBe3ZHy1jbITl78cPQezuChOQkDb17zkrNjRzFmQ1hG9FzRFLoZ1AX/wp+IBI/98CHNM6knVR6V9WoHfpD5fkTunPOwM+605Gj10RGwq4sZR9rc9On55kBXaiPMCaXNrfhnLo0t1TAMDNldL/b9VL6qfJEQh40vw+J+HbT0dWK4JZClKaHehrvJCXhYm2om23aXAC4P4nG89FPKS4lYYK+9tBX4W5c114l7p8DQbvQhHR2HZCBic291D7b04eOt3sK/bO3PUB32fLhaxzt4dUipxhBCg0/EHKnWNT6UmEAo6W0RW00n84Mh5Abq5P4ZUSOcBJPnwaDWRE4TjD5W1aSuN1j+SSJNHOD9uLLQnH5t30JVYFnm/pz9tsM5vrd+qk40mLkw5nFOB/miDBA1KAHMQWRn7Z8iJyAGvXbXT8izHmEfVl9ubpy58XeM8voCoMc2YvV+9I2JUtYRr7uzuZAHkt6/tGGl72R+X5vP/GdhQHO5oB7rdqLnrocWFOXJ3T1jHecdgJU6sz6SfmkchEhhe7lwzc86LuM51tjt7r0mWY93O6uX+vEVNpuKKstwbIn+hyK8SRZ9nsWonuVqWLeIndE09U5bnaw9kPZxdyFMtoJQ1sTa47zs9tg+9aXN9hxcT8bQb4g494aWpIgZ36WfSkhFoQR0IPJDMKbC7wMALjrsnVqY8esxUNULysS4II98vyXft3VzC/I7nj7KBxbI3eKfBccYo7kdDXDcH9N4WS/0QHU9xMsiRl/XBrN0PiHDuBumulN8+PfELQhdhG4uJ1pE0i6GM1eaK16BugFcho9gnNRlUUP55YuothPEO2gRF1szVSpYhMvGfHmcSBkdt5cRuV0wy6onIqgnYr90vCOUIG8J9nwzxG+w+qG1quDkcyH5a15BQvkl4QGbs4AvcpWbxppniglLUDfhNTNAV97VFP6bxmOGjyWNoaC00jQFlxM0/ipguX6bjoPq8WgeB4yghfkv4gs1EJtwA49cPRDP9j02/HScECOoZ7JQyAZ6Kc/wjJ8cvnHxceQmV48/2K1TxcKl23eBJYIN4hivjcRTVPg5YwZ6eRnhNs/8K2uyxzOvFZpph+hNnwcJiv1LY+U8iv5QHk67a/HIUXRzuje4nMnLVgSGHeeQUSzPV6KEumm9FKmS000Fkb6qBgC6Qq+7q15oiFtctYN8GvtTv5kG4utTr2e/HrSL59E29VHhbZaTJUJSS3GrTMDoOZxpm7cESHop0XgTjb9dpCwPfIl96Fa6wEWYzvI9bwNv+/CCr03IRhFuAmePQ3E/rCQutnxyqJit46anudJ8NMzPHeK+z5/Dj9MN2S4m5LHBD6+YGRV9zkQsmGJLtmFarQiPEGhVFsdFRk1GxUs+Jkfmt3XpUHlSvw378pY3U0WdVXCB156BakXVR2cYDf/DRq5lSrgcTUmzhsNrfJArMHY7077+1+Ka96IKs/j3Tsu6ZumcanmGlyMLG+J+1NIytksQ/ehhHIam5NrwgzpiIQeUji17KuUe8qbmdTnEDRFhp/il+tSgAbO4EV3F4p+HcO1YxbpwxGH9f27xtqYFBvW2xyEJP4VYH8eExSM9pIbem715yN2NNOy5U4HOFkw7/89QESgtwhY2Ndev9Dy0GAGmziA257m3Vk+awubQeJM18YO9kHezA69n/tbKgIv+OqOdGpnycXFbhIyBnevEYxLpyT72VhaUiqf5dXBux3SmY3zvLpFqNYD0FVRdSAYM+teDEWPF8YzwfS+s/TBI4vSQAJrJe5LDF9yLd4bP0HEjPRLLwpdqw41VCCZQmYP2Npcqm9v4e0JUfBfiX7+RCIH87gBW3lrm3lxuNZvtPpMbBJhok6L7mMZaZQR1WIE7gmig/ivnGMr/KzOmrGbMQWdYQ6HIVUE5MZyEXZaB1C2wkx3s24GUenDxIRneZPt0O1dbUu4ikRUOQYQFwCGGMjwvrDG5irL9o9jtaon1fVzjh3Mn+jDVw3dq8KTwc6M06nKuQz0VfdrPqQ+Xv9EbEYx+Y7fs65Yk7xysVVAhMQd3ebKbEbAj7++4iKb3lrsumMGgKqAxBU7Htjqbe7pbmB8FHy4U2nbqptVONHkyPBYWS9+MaZOLPRQ9kcuzG/7fJ7ZydXLcALqPVqzxj,iv:zBTf+IXwjEJa+x64pNqfRoaUHiiEvjwSUUB4q8EkkQU=,tag:L/7ZvprEBuLywT44Nf7geA==,type:str]", "sops": { "age": [ { "recipient": "age1s0vssf9fey2l456hucppzx2x58xep279nsdcglvkqm30sr9ht37s8rvpza", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1a0M5Q2s5MVJVRFhCWm15\nMU1YcVZjQXJpTWlmUGZVVFBZQlBZZmFmUEhjCjJuQjRqbkg2U3Y3SnZkNkk4Mk1X\nR3o2L0NveUZPMnVRaUFxSFNDS3BJdGcKLS0tIFBpOGwySjRJMzJZclZyVFlSS1I5\nSUgvTHUyRzk3UUY2VXRvZ3JpeVIzVkEK1PAAlj0Wygum8MnwO56V7vdVWrDc66Dl\nRJn1qoAC9NIzObkvwTrDqEnUPbZ5YMETPMc1gtQNi/eQyxkeWPbWoA==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBiYUVBTlowQmtRcWxWNzRp\nU1ZFVTdmSmpzYWZTSnhDVXJ0TTRxbnBDOEYwCnhHazNBaDJkaHJ4VlczN1E0N3Y4\nV25GOE9uUmExL0J2ODVwVGRxRVBuNWMKLS0tIGxjU3lMOVdEQlJKWWxBME9CS1Vk\nQWVuWURFenBxSC9XS0VleGhsMHRoL2MKm6RRdlpMCvJbtlH8kxai1lUic7Hs6fMl\nK3JBXZeiJ1j9NDYxxT+BAnnJ+VY0HWj5B1F5IFav3sdLgxeytkW7ew==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBsVFVnaFhqTnN2MFJMN0ZV\naUdSeEFNTGw0ZDhmU0hjUno5MTlJbHc0bTNRCnBjNFl2VGVZU2h5c242M3dBMUU4\nVmJLTDhrRkYwd1YzNGV5OHozS2FWYm8KLS0tIFdkMGdRa3J3L055MVU1VjBPM2Nt\nc1VYU0kvVkxxM1hiaEdrU0llK1BXS2MKhF5LHTiXzSYWRuaTUGWQ6Z3PSWq6NZ8D\nLvYpCkJohe/FPIRH/OInKV2J+C70vc0DTWGjpY5/+thrf94IG/CTZA==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzL1dzaXIzQ1ByR1lGb2Jj\nS3FqbGFvRUhCdmMvcklNVzBGT09YS3I5cDJnCkMrWEVjSjlxRGptM0wrSDhjT3oz\nUFpQWDl5NUx3SkRLZjFoeWhtUlRNWGMKLS0tIE9xZmZZQmxTUzZMTG9tM2ZvMTRk\nb2RnWVNQVVJkcjlBekQzaTU0TUxuV2MKxKEG40iYs7MMEMj0VEu+0YwanUtMLfgZ\nySCMlZ3efyufh09obcNMm4JSD+ZPZewTRZhZW82bB9f4uAvo1m8OTQ==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age1g7atkxdlt4ymeh7v7aa2yzr2hq2qkvzrc4r49ugttm3n582ymv9qrmpk8d", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzSCtRMmhWZENRZ3EzeEVI\ndlpXM0Z1dHNKNnd1bmd3V0pYcDA0WkFmUDFvCitqQVBRblRUNXp3Z2Q5TndRa3ZP\nTGx3Szk0N3Q2d1E1ZkxPamkvNWJzTkEKLS0tIDVibVF5SmxYMUZPaGk5MXVzdkdi\ncnUrbTNGSnpnTmExZGVpSzdUbnk3K2MKrjuVZwGd5OqcwV1GiScoCiuNWJYcLqrS\nIIXy0t+0txtmzvinjMKmK2QKmpOVt2tqdRFbv/6KufbFRScnsCkh2Q==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBrallvdi9sUVYvaDAweXg0\nTFZzWm1vWGpZR1psaG5TaEhJWTQrVkhkczJBCnh6RVdqVEdZam40MDkyM1luWnRY\ncW0vbkNqTC9oNWRaNUdBam5xQUkyME0KLS0tIEFTZ1dwTXRVS1dWYW9qSzcvV0wx\nMzJveTRoMUFRL3JHcTVLK1dRamY0MmMKNxiJ3pDoSXKLbn903EmaZpfZ7sIfBNYJ\n5mLJdWXtv9dNHOQnJMsJh8L099Liba2Bt9e4kaL57SjO8JGswZ+TkQ==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age1ly2endyt0y9xyddj6yuj4nw6fa3ltvzlvew4cr4lzs6dv8dkavpqadmyxx", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBoWXRROWhvQW1IcjZSTTQ2\nSE02UnZxaUVPQlpTR2tiZ29LN0hseTdhTmk4CjdTQS9zU0RWUGc4Rks1Umh3OU9h\nd0EzSmVJUTVzOXpzKzZTalp5MUVVMnMKLS0tIGFIcUFjRHMvNFV2YkNrNzFCV3dx\nZ1pXVy91OUZQR0VvRHJ3UTdqSUJmcWsKRkrCHSDtZyW9UBDQXdcPYCBWPp0E27wL\nCfF04uJIHhR+Ets5q/hOjE7gL0+PN6Tne7LRSeiJ//3KgD2iWoZCew==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRam5HRElCdEJMSjl6MlN1\nVFRZRjRCZVI0aG9sdkprN1dJU0kxTzVPRlZFCmVkai9PemZMNUoxMmhUQ3VDZkpX\neUhMVDJRVlgvRUZXMVB6K21qb0I5ZEEKLS0tIC9IZ0Z0MGhGMkpxMUJsMTdHbG5Z\nZWNCWUtHcGVCa1h3enBTNFdXbmVtcnMKXasZ8w4XZgCWSQjNiZ5NbyVpwsv8zXNZ\nruw9WpCkqen23AOr7cVYfz/y9pIaFTzzWIbXbqZF2WeYJmHAOXHpgA==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age15klj4t7gpfp69472mne4ue62pp6m4e04dmjyw7yf30qtqd3vl3uqjmcyxm", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTYW1WS1ZRZXpyME4vZ1Bx\nbkFSUlprTXB2clhjL2JoNGxvZnhzSk01dkRvCisrS3dheTZDeTZkNUVUWlcrclpr\nZ2ppMlVmamY4THQrZXhPR0lyL1B3NFEKLS0tIDFPK3FzYXVzTWY1L1JUNXV5WXU3\nczR0NWsrNlJCSDlZemprTk9MNEN2cGsKQBhwtfVoBY3V49qpBWnLa2Fp43xOKHCg\nvJ7oJIPovvDqz6dsCrANknIHAM1U5GVJZ+e7dgJ5WpVugCjC6tVpPg==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwaklESVdJTE8yUzVjeHEr\nY3pCWUU4OG13NXZFdTh1cUIvQUI5SVdIam1VCllDSDRRdDltM09Id24rNGsxL08w\na2ZRQnNUdTQzR2xKMWVZbmNaMXJ5OXcKLS0tIHVYYUhHNUlvVUdwZlo5bXB1Wkgx\nZ2Q5TDhjZVJKb2NoaWJGVHlEYndFdTAKDJ48QyJPbTbDtdu4rn6sBU1gJOCy0Dpq\nILCEWbJchEnp2LqnVuzuPCPbuB5XqO4WbXzdmCZAxUFwzi6cGj6p0w==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age1k73gy5em3js9zklnnkzp5hme9k04lny32fgahmzddknjw5c295asdyr4x6", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzWDRlTlMvc2hoYU11dk51\naUlIT1Q3SGxCbHcya0tBdXdwODNyWGxXSkN3CkJvV1hsZG14SEQ2VllsUVNrVTJ5\nUFY0NmIxVVZDcFVZOXB6RFdVQ0VsZUkKLS0tIDNDRVVqN0ZzeDdYUys5ZHlEczhH\nS1hwNDFyNTd5SlBUS3kxRFJ0cnprUVkKpcCEmwN19TLtlqrjb+trl/mD/5JFMZqv\nubQZSsQ8eUoZ7GwfKwKECPrbu709vKeVELC8SS22Br3T/Ba+Rd09AQ==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOUkRTaUxLb1VVRldjNFdy\nMG5TYjdWTVdvQTk3aEJhRHRRWWdQVGF5SENvCnlXaWxlY3JFTDVrd3c5ejg0VVhn\nZ09adnBKaW5DWkVKZWYxcDFianhyOEUKLS0tIEFFS2cxWVIvWHZhNC9lVkcxa1kx\naUdpc01lQ1FJNTFBVS9iR2xpaDJVT2MKvovzuejM2JdMY7QG38yT4HWqVjNhSITf\nfw6Ht/NFIJRjJS6QcM/AGGsdHHMGQUNrf/e6ivQlokAnAKqaM5JLDA==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age1cmzh82q8k59yzceuuy2epmqu22g7m84gqvq056mhgehwpmvjadfsc3glc8", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzWTRYTTJQamZJMUhiczRo\neTVNbDA2dVJzRk9jUVpNUStpK05WNFlDbkdzCkZsbTBOQkg4UGVqSTBkQjRTSGNq\nUTVyQ1ZzZ0xORFBSd0tncXdPQWgwSm8KLS0tIG83cmJRMVlNRkROL3JtS1p1L3Jl\nUHZrYXdlV3A3ZW81b01NSjMydSs4VmsKm6O4RqLB1aHGY5oDJamQbKkpPmUjuXCM\n7bi+ZHOLGRcIVX21man6UcPV0+dp32dpo6C8E/AXSAsktYTk+FSX8Q==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBIOXB6ZVRVY0NaVFdGRXVQ\nVUxTai9KVmhZZ2pSV3lSUW5VSDYwRitnRkVFClR5VUpzdTd4dlJWSlU4ZVVkOW5a\nY1Bncm1Hck80Q2V4ZWpNQ1U1dmdtcGMKLS0tIDFzeFZNTFpzWFZoclJCc3JBQWJB\nSU1HV21ObFBPbFd2aDNrQmRZcjhMMzQKrE/bHN5xtZSs8iSHn/xb79ywc4HuJq7K\nWOijTqpMgvWlFvRvWGJGYk6p2WrByhvh5HlLBGMgXLKiMp8AT6TfkQ==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age1wmx8y2hs83j2u5srdnfxljrzxm8jtxl6fr0mq7xf2ldxyglpzf2qq89rpx", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKVHFscWpTR3ZxUTVEL1Ex\nUlNOb1NKVFlLTW1rRHZCTWt6ZjR6MzBod3l3ClRSRFpKYnhHYUg4TGkwS2tCZlFG\nL1JXVUdSVktvWFZCVXRpTjRZZzBrZEUKLS0tIG5WangvNEpWSUZWUlh4ZmJKWFNT\nRVYrNzFzZFkrWXZ4RHBkL3FoN243Vk0KElGdVOmAGOeiRorwp5VmhFjnnSy5IGGU\ns7ycNajQjYz6uDjHaArXnB8UC+9CowPtixVL/tQF/ednJPlkBX9d/Q==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBERzczMTBUZ2xJWmtHVTR2\nSE10NjZoV1dhanlaNHoyV0xyQStKM0J0SlNVCi9PV2M5clJEeGhnZUMwb0lYaVZy\nSEF3amRWZjFQSkxwalhTdkJYcnJpbTAKLS0tIHBTL2g4TnZ4ZFJla0NyWk5LMW1T\nOERubUtKT2dwdytMQUNxZml1SnF3MDgK16wBkfHd1fg7dVt5t8VJ4LH2cs9RKLBE\n7QcZuD/AlI1fintvfeR/0EFAXZz7/CuO+BxCNcvdSJT17YlsMKFmRQ==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age1mjgw3nxlnqdj04mgjz3wn7fj2nl2nxla4p2r2fn4nkvayfgp09pqllxzyh", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1WHQ0WWw0YnU2SGZjaE9i\nMEZLVmh1Z2VXc1loKzF4amtjbS9qUUR5M3dZCjdrOURUblBGTmJUc3V2cTlrck5I\ncWxycDhUS01Zck9CU0RKbllEdG0yYkkKLS0tIExNbDZxRzh2VzJUbGQ3RERuUzJX\nSWxrNEVZUlB6RElYVDRBaHBraldic2cKCQ9YkDE3fh9ev87ZfQLC+IRwtvlSuJRf\nakG+vvcv+2eMf6XIeEVFsfbFxVEV6M3pZAdW0RlxCLK28qcoiM09bA==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSbEV4c3pYZE5KR2tubDJE\nZEJKc00vR1dqOEVzcE5sbTRVY3MzQ2s5ZjFVCkRpekdjTVA0aTJlMlltN3RRTDZZ\nSXdjNHNZdDBYdmFWNGl6UE9mZjczYXMKLS0tIDBUcHdNaUxtbEVYMVdTUVZJUDk3\nb2dmaC9DdDNPcmorNjkyRkhUTHM1OVkKsF50Yg3NCSMqMRYzjJZilvNYlmoba5J7\nCfRB7zY99u5M/QS32XuzgBhbV/vUoXjj3aVwc2XWfdZecXUpSySfTg==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age16vzhcvz8tyxj8e0f47fy0z4p3dsg0ak4vl52ut3l07a0tz465cxslmhevl", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0S1BaVjBCSzZUb04yT3Ux\nL1dpekFMUzQxZkl4U1NIQXNVU2F2VlpWWERvClJNTGdNTDNvam9CMlVRNFA1UGEy\naHhTMVRXS1VmVWp3T1dBRCtHSkFCNTAKLS0tIEdyUTB5RFB5MzhnQ01UaGRPWnlM\nS1ExWGptMEVnRDQxQkdzeTFqbENhL1UKNU+4JPYaqjVsuRhJ00lP9E7HtRMNEGHL\n61tz2VNJBSKBZI+UrlqttiFFeBwvMl+Qyyh1+a3wCOJOeaFaE7BkKA==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwQ1RzYUYvYU1jeXk4Y3kz\nODFFL2s5TlNUbDlYc1VuZkRJbzI2c3lpbDNJCk5CSlJJOTBJczBuQllJRzZKUy9t\nL0FNeWJtWlU4bTNlVDBZVFF4Nm1Qb3cKLS0tIHpkUmxjZjhsOThGZElQcEZKOTJv\nWVJaVE5wSmZOZWlrTU81VG9qVFhQVVEK5yfB8Cu2/xg0RQiVezFgE3hRF9Bq7c4M\nWstt2Ls5hKCyOaC2icEBA/vHfJSer/aa7x4NP9gzECGwYfLk1fB0jg==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age15cx90pnp54xp5gxlt02yn9j2pz968wp3l5ukdkx55xuecp34e5pszjku4m", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAyZS8xRnFPR3dkNmd6dCsz\ndmtpL3JlYlNoVFdMcElLMTRpZXBFUmtETUdnCm1LakJhYSszYnBDQUdxSlV6elBi\ndU15MkE1TXBSSXFTQlZtY3YvTUJoMGcKLS0tIFg0WDI3ZVJ1WnM4V04xSFY1cnBu\neXVYNTYwZndQb0cwc1V6WDI1N251L0UKp2tjkiGcsshyO4jZVUSm7eN2ddqQ+JhT\nWi0DbUAKPzHQ6UOARSeNkDJNz7hDy6Lbf6IZH3s4jRbOv0yYMy5JEg==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBpazZ6R0l6bkdLOUk5aERm\nR3dSWmVYN2p3Nzk1RVlwdE5NUEE1L2Q0Z3dFCk5SYnBWTWtuVDRxTy9yUy92bXl6\nSW9ybis5WTdkYmxMRXNKVlJHa3NIck0KLS0tIDhsNkptcXQrSEtTWVhUKzJTVldz\nS0srTHVrdno5RWdNOTFST2doQ2xpVjAKCwztOXU+Ub3RVsL/0g2U6POAm/NgalDe\nIMNqp5COYSDWVb1WafhT1S2OAZwL+JuCUDfusUzZ9XbVMA5GH3s2Ew==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age18quey88vge7xytclg2nuq4ncme86dg04lxwczqxczmdchnjg3p0saehsnh", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKaDQzVHUxdjlwM01tbEhs\nLy9wWHh5aFB3RGpWNVRGQ2tscGlkMlo0U3gwCnB2SnNBWUpqL1I4blV1WHpCOXZs\nOEp3WnVZK1VUT3NPbjE3NHVBcFdTS0UKLS0tIEMxM3paUjJiSHJsNWo5YklvNHJV\nNjNwbHhxT0gxOUE3SkR4T1I1bnZpQTgKEYyGn2v7E5atNZdsH4EkuzU0lpW7O42R\nGiwTnlqjkAY8qkjIQIPLatv7wJqApCSVO8m176DmDn+NlOT88vgNGQ==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwNmNmd0h2dHc0cGt0YWdv\nTS9xUTc3T3VwSFU3ejRYRXUxZ1BQOVJCU1FjCkdBWnpxSHptaTY0ek9aNWprMEdk\na3NiQ3dIL016c2ozYlE3L0VSeEVmRmcKLS0tIGVTazdoQnIycUt4aG1NVE1KQzN6\nMXRoYkNJY0JRNk5kQTRtdTB2Ri9xSTgKEZcODK+OkPFCgckHHLhvFdFM2U20mjvg\nmTgvTxQbBRGaBFBAWhpdJDssBMwztAEcJVv37uH0X9czZMcuhEBHBQ==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age1ax5hqk6e2ekgfx5u7pl8ayc3vvhrehyvtvf07llaxhs5azpnny0qpltrns", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwT0tKWU83RS94RnVKMGR3\nVWVNR2VSZUNFT0ZTbnN3ZGk2VnlXWWsrQ2hFCkw5Y0NjS0JSWEpvZi90dENFVHZk\nNXg0d3FpVkMwNjI2ZFBPQTF6VWtuWWsKLS0tIFpIUkxkb0V1OVpMNmYzQU9QTVVj\nYzRBWUhsdXRDQUFFZzMwaW5kR3lqSkkKAK0U/m5wnEtkmK1ObSK9x6QDygdgnL2g\nJfEX7uD7QGggZKe88Sxa+Yq4gmliV2hEHSYUSGXlQpvpzRUz/Cm+4g==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBteUcvc3Qra1drdyt4dmhI\nanV3QnQ1UU9uVXBCeTZ4RjN1ZmFXZWlHRkFZCjdXME1tOUEyZit5RWhzL3F4ZUVP\nb3VqcGp2NXVGR3Y1a0ZGQThjNVdha2cKLS0tIGNIL2Y4TWZ6Y2dJUmhMSjRReWpQ\nRW5UelB5QWJjWmRiTFlGK1RpcHBhSTQKLeEZxeRDLctJnf1XFgAMh9RVuMNSOI6C\nveMoBrB8IywPvXa3XhBNGckzTKmnAK678UwwDkZK8eMYYUu+Z73eqg==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age1c2enwel9un28dcs4wg0vcyamx9a4a6g3walkhu8w5lqhmd804paq9d24as", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBIai83K3dEOTBnVlI1d1Bz\nWmRqS0svQzlDeVo1d2Z6a2Rqa0hZa1B3ZVNrCmlRekdTTlZEaHZkSXFZU3lDUzFQ\nNWVCUGhBblI3UFNhdjFZQzF5SzFXQ0kKLS0tIG9mVVoyQk4wU1E1SDZkdzg4R0ow\nVlhVVGVZMzJrL2hWWmVIcVVqREEvcEkKHsJLeSSj0H/EVrNmSSMXtIgn/WeLkZxH\n2Jnjq3FmnQl9vqj3ym9RLsCh+wQs0dikvyDC5pGd4441L3TogNNesA==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzT0gxVUhoOXZWb3JOalFZ\nVmlVbEttdDBUTS95akNieS9oNEFRRGxvN1hBCnJka09RdFZubnVncytaWEFPaElH\ncG5sMkt1NW93bmJJdkgrQjdYUlk3QUUKLS0tIHh5U1hLQjh2OVlGcTR2VnAyQlhY\nWTA1dVg5R0tZYjdBajdPK0lCcmZUbDgKq7Ald0LkaSvELNBWmsVFwr7P9ItxI0gG\nG9MgnuskEOEMdva2fYL5Tb1/sDRoNK/Fp88g1e2sSP2xT7y95F4xYQ==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age1nanlervuderw4qskcuessycqy2yfmptl6nym9scgp9ky2265ssmq3u73r0", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhMFJ1eVlHVVA5R1FUVE0w\ndnYvbmJXUkwyYnFKSmg3YzlxTU04TnJkeEZVCktnN1Z0QTdRU2xXV2ZWRlJyT2VE\nMzdQbEJtLzBXQkdGazFLN1kyYTUrbDQKLS0tIHNESDU5Qlo0UEY3UTA5MUJLaDR1\nWlNUa2doOEhPaTlWa3Y2Nkc4NVdST3cKnITTFoVOnTea2embpVqpcNy3kaaBub9x\nJ12GxBPDJbt0QK6fECGijVnxRmm3WxgBBHRU2e6DPeeCwBd6HFYmKQ==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age1kyue7mfvzuxprjz2g6ulz2mxlr57rgzg6lfpnrqedkelehley5ls3enwsd", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBrVWpqS1YxNUZRR3lKdkVS\nSVY4YXVCME94YWtGdVdZdkhEV0U5SlFYWEJnClRXRyt6bkM1eGRvQyt3djZsWVND\nQnZOYXFFWXBWaTRSRFV0N2pYbE81U1EKLS0tIHhmdmRDcnFWejJ1SFMzV3Qrcjds\nS2ExN0wzUDR5b09adlF4U0FrRGJjMGMK2v+cnv094mSTMx/53+iGTwOlrM0IHeBB\nMVgF812atIlRjNuSGcJxqvvh0G5W2jJ4SUbMUqbW9oFga++Kw0PpXQ==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age1qpgj3ell93rzkpjq0ezs6t669ds3nyxx67pj50smx597pspz6fqs4jc6pt", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPQWplZ0w2dDVOU3VPL2Zz\nenBNbVk2am50OTFFRUxyb29HU1Btd1plZEdRCnRtWkpRWFRKdTZLS2ZyM2hueFJ5\nMXk4TTU3cysvdVY4SGIrYXhDZ3lLU2MKLS0tIHd5cXhoS0JIN3VQeVExMU5IcUV2\nZVJaR0tnczlTa1RLdmRpWjJVYVFMa1UKM+mv8R33XbYw9FZUN2OAvNmYvXOoo7Eo\n+8L+TgOXVjRzFzx6alYzEJiIj/lHYnddFpHid4Vce08eoa+YbUuP1A==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age1f63r2klnpfxmntswz5xydpa75ckgjqcs2yzkm0msqwqgz9aqgu0qwzr659", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwRkg0bkFERjFZbHI5S0sx\nOFFzUkg5TjJzaWF6bEYwb3VEcEhoVGxqKzNvClNuMGNPbmtTUnN6ZlFJTi9zVHdI\nTHpEdFZBMVNpZGljUXJVbTFmR09VSk0KLS0tIHFtdnYvNXN1VFZKV05aVnF6MWxD\nZzNXSEhxcVNSeS9iUmZBWFE2bEZaREEKy7hWJqchRVVOBxWPEf5u5d8VBk84aGWy\nZ83mfKO31LKXmoL67DqRgjHyBzUXvLXTm6721Wjc5UxcEI1+1CkDZQ==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age17328xwk0z3znalpmma5rvp0lt5ghn5p8xfvnrtdxwsw80dqysacqj9j37q", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRcFFlKzdVVE91UFFvbXVp\nWUk1UHRXRFJ5aCtiOGxZTmVPeGJBcDBaTkRRCm1Gc0RrWjVtWEYyR1ZJZVdrMmEz\nMkt0TlBUcFRMWEQvdW5JTnR3NFplVHMKLS0tIFFYOU1sQVVUZmQ1WHdJMnNkNWFH\nNXg1RGlrVjFOUGUxZFRDNDVFUi9ETVUK3T7u3yv+sNq7pEVkdA5T9+hJWEC/IgJs\nox4l052bEL4+JqR5pI1g2Iq0bQwwXaG+RXkBoYwkyjzOxv7r4tJJAw==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age1qdzkn6v3xhrfjwe8jxz3945dhyyhevwal0narjtr8whf9y7nh3wsn524u5", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2ZGdLSmh6UElkekptaHhS\nSHBSdlo3WnhrVVN1RGd5Zzh2TGZ4Y25SMzFZCmlhdlBjRy9UVlRTdEU4OWFkdkNl\nMHFIaVJmdndxT2VOV3kzRml4Qm1ZUWMKLS0tIHp3YXJmV2RXU2hqVzd5alFMQkJB\nK3FXK1M2aHBsRnplUk4xOXhEZEhzN2sKmeDUqtwBvRFY8gnan45ytZ3V4Quhf7xm\nLW0nN0+InGfMGSohwqNb7+T8j45k5Bvl6QRkVt3ZfeUvM4PgoVTgjw==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age1etgfym5m8hn3hxs6cgg757zcv5zg5n22wq38fuq59n7qk7nef5uqyg6vvs", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBIZTFDa0lkVmRhY3VlYXJK\nY01JVlc5SEhlLzFYNitURzRScEs3RC9WZ3dzClFTdlRKY2dmM2lRWWJoaEVyN0p4\nYWRYVTh2akhFK1BCUldQWTFXZG5SZEEKLS0tIHBoLy9WVHkzRXFnZ05pZ0FsRk9N\nMmJJbk1Da255N3JkYlNnR2tiUzUrS28Kz6peXUjr/9GMDVSaQviN3JBINztJPDDH\n69eB0BPYVb1GhyjF19/8c0NocRkxqVfQ2myu7qhJOckxr+D40ToUdQ==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age17mugmkdw0y768a3huuf37r45eff9apyknxvwk3agg6xzsjmqp96q57tcty", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQYVVrckEyOUV2aFpNNWkx\nSGg3bWU1ZklQR2orZkJnczRJamdoa1NydWhVCkNBVzNGNHVnNzQ2QitoN1J3MDZp\nMlhwK0ZBRmJwN1lsclpjaW5rTmRHWTgKLS0tIENITnpLUFc3RTBZeFpvelRGaVg2\nbjBWWWxTM1hla1E2WHlzelg3a1dDU2cKlpAi5vL5vtuS00zuGrMV0FdBJmJO4qZg\nZL16TXRLjxnP0zz0NpPs7yjocaeYPJrlxECXyPSfLk/OpwfOonnFOg==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age16gf76uustmyyksm3t56zcq9g6j8avy0wrngh8laknfq733s5welqedeg4x", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBydEtTWVc1YXZBNVhiU3Ra\nSk9nWlppNjRWdUxVYVdTcllkVmJycGxLMFVzCnFLbmV0ajVSWWNTYnEzdWdFUHcx\nOWRTQUE1Wmh0ZkNVcWc5S2h5Sy9RSWMKLS0tIENJMCtDYWVIZlBlRkVOZHFzRW92\nL2ZmWVFYam1PQU9ERlNTMDVBRkF6OTAKygzI+Tn4HAXyGFUznIgq1YT23EzqTQLq\nWi2Z7yMX/EAKfv+TZgXBQdy2cPC1zrHKrCgR3BE91F8aYgJbMkOaEw==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age1fnvlmhzju0yq908xtgags0sy85q3tacl2sc3w3vdd3yfp27xv5aq06v948", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBS1MwOExpN3ZnRWxCeDBi\nUm1yWG9paDBITCtjWUM0UnNiL1FVSGZtZVNZCjhkU2R1VDYzN2NYQ0ZTWlJrTENF\ndm5QRDMrTHFCUDQ0d0ZaTTJ6SXZQYXMKLS0tIHZXTUd3RW5FM0JDT3JMb1NWdG0v\nOHFTVkNhb2pnZ0NFbzhjcGFsVDNXNUkKao9jDid/C+UlytDCMRo5Znc62H4pclPX\nY6GaBkfWdOSvzlA1CulH8AGF7aHAsTux0miPKSEY/azLS2SZ+kLSYg==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age1s5gcxtatd9frwctzwg54fqycsx2sa73ll36k7qrpm9wwyknkldtst90gn4", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBqSkJ0eDRxMXVLcksxc09a\nZVdtTjVVdExneEtxdVVudnpBWHlFNTFZR1FZCm1wUlpYMSthcW5DSGZhL0JGeVdj\nYkZqNDNoVGJ1cUlVUUExS1Vub2diT0EKLS0tIFJNcVdDV3ltZDdDVVlLUE1MaEpE\ndk9pNnVTbk9HRzE2V1BnaWpJSmJObDAKoKseaCkuSZkqAZGRWPefBiacj8sXpLqZ\nwCV995fvEOot8t5ratamMXYBK+QX6J+5HOUGPBrAbyJVs0aobeB/cg==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age1d89878cvt7wsa07ydwtexspku5gppwstrpnpph4ufx5pcd4fadyqgf6lvl", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTNmVoVkdMTVAxQUNua2JQ\nU1k2ejErNHdDRWtqTlRwRXdWYkRITDV0Q1hBClVHVHhoeTdONk40bFc5UXJ0c25v\nS21UUEQxOStSMndKbGhLOGpHMHdPR0UKLS0tIG9zZGdVWTBSVm1zQ3Z3NmFoNVNH\nbDcvTGs5YzFHUmpmelA5SDZNYlN6OG8Kt8A5B0pWYNh6bRPPuvHEFGWG0LBktdkp\nfhIbMeH7trojP8LqS19newUUJVj/F9L1IoDMnr45sA1Z3IB8IGZKuQ==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age1ayupuxlrkepyvjk7xwgrd0pvcj3tfcha688mcuc8ees2hg3g2ersd0q3nc", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBUVnNHUXp4QVF4T21uS1Qr\naXY4Skt4ZDQ2Qkk1d0tIRzAwM2pob2FvWWdJCjRMMk9iVE9Hb3VwbjRMcVk5Q0JO\nbzdWOG5XWWhVeFhtRjlhTG1kbDlPRXcKLS0tIDhWUGNVVUJlUmIrcUhVZXg5Y2ky\nTXhVQnl6MGJZUzljRm9lZzJ6azBLY0kKxmcOFP21jUwvmKxIWpyB7MbGw6xedWpQ\nmgV4vgjomfe6yhy1WHO1//FbUMnKYcX/AII5Lh9CehouzQJKU/J3EQ==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age1cq7wxnugpfvjk6dgqpfmc8vemzhkg75drkgeaqjd9fuylz5qh40slazr4u", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRd2RrWFJ6bit2c1dQd3Vp\nRmNFQ3hXZGhCa2JrVElVTTc0WFJJaE1VYnc0CmpJMnBXQmtFYmdzVW4xVXVOSDdZ\nNGp6NzB2SFRYeTFkREl5Ny9WM3Jwb00KLS0tIDh4WjJEZStETXREOGZzTTE1M2R4\nTWNQSm5ORnRMVURjbmo3Nk01Q1poRGcK1Emwn4YeV34ornVmXjsUJ+skC0FmE5jL\n3jIUBaYkdlC59gEmHECvIeiBSZ7rcKWSxw4lwXaB4wfRTTGuEMvA8A==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age1vn6ya0japzpgc256jg57fldsqe4udmq50sj5hmkywn7rxfnskevsx2q96u", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBVklpZmlnYUlYS1laRXBp\nMkdWR0xRdWUxZXhKOW1TSGduUEs1d0p6emdJCkQ5bmt4aGl3cVBMQnB1NlR0Ylht\nV1diaEExdkJPV2FWZ3NwMEFTYTJNeVkKLS0tIEV5QlRpSGs4UDBWR0JDSlNBMTdt\nMnhxTzQ0eDNNQTc2UHkxSWd3Mkd5ekkKJWAEZPi/zH1loPekzmMKbQC1EyrcYLRI\nc+gqjgQXunf1gJf50D9pADxawNGQVKLl4G086B3MJJ0qRLJbsYWQrQ==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age1t7zagjfddns4yltupk7nx8xps4gh7mupyz85uuys0wd22cxj5qsq2hw0p7", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDN1V4K29zN3hTdXo2OTBa\nSE03TGRlRlBTNU1SYjRzZVdIVDR4SngvUjF3CmdBRjdkMVV0em52Y1lIaS84N2l0\nUjdtOVVXcEtXTzJWdUNpdGZ3VzhKeTQKLS0tIHVLZU9xcnNGWHpTVE4xMkhDc3Rk\nSitOeEo1N2Rpc2lVZVRaZGtqcUJBTnMKtIMp5jEq3x66/EirMkXTmN/hmfFsRy0+\nXw8UE13H4N3jFxQxYsSNIUU3kptjOmU1/i+5Fzti9pbXSLLc+lICIg==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age1rn0pxluh7m8dyeshek06d7scejqlrcewlk8xmyrwt5e5nev2dc2s3s78vq", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBIVC8xS3BqWi9icUczMm40\nLzVlaEM4N2tKRjJHNUpld3dSTnMxQmtocGt3CkFDYVpXUTJYd2hCRDB2KzVydWpi\nUlZqK0RSQzdHajJvRG8vaVlwK0dXcm8KLS0tIEd5N2l6QzRXM003blE2RHc2ZzZy\nN2x6YkxnQ1ZPWnpybkRQbWQ3bXFwL1kKsb9bwShqBiEQVwc3jOYAA3+Vf/fP9H/q\nX0qziuuvqnb5AdQiEDjs0VwVJwQ1etj0pQFIJlhaCXM622Q4UJUpig==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age12jh5836w3cmazec8ql652p9h3a3xn6quztztzqxg4n0kz7r96dnqqlhxxw", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBuelcxM0szMldOOFBBOTFG\nWEE2aDRqcFNTS0FTVTNLM1lDOVBYeUVrMnprCnZJcmFBVUVvbnRxcU9FSDhYUk1J\nZkZ2YmRjeDcxdTYzWUhiNDlBY1czMEEKLS0tIFcvMmt2dFlJa0dYM2Qrd3V0Nktq\nVUFMYW0zT3JMdi9GUGF2SHNBc1orbGMKkn4E51oFrcnoaJaWDe02z0Dvv9axKgb7\nX12CXCSHZBRg0zibAGnPAAERmMf7HZVVbPz2TUpB1Zl/07z9qJWrPg==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age1gxg2peektn8x36kk3nsgmeawl73e54kaadqd649ygwrv43kkvejq2cw64z", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPdW5nK2VRTmYreDJ2aGs4\nekFZRERjZVkxem5RaTBVWlZ3RUJPWW83c3dBCmszTHN4SjRaa3B4ZmxRMmJZMmFt\nZkppYTUyQUNZYzh5U1ExdWZwMEdhNTgKLS0tIENiaGY3VFdQa2Nkdy9XOXFFYUdm\nbUwvZTVKeEQySll4SmVsQitoVlhUb3cKEK08DZLhCoByyCAhByY+lSMhjisCvw1u\ng2j2JeSXBe6ZZBWPBUsj3ueBgAqbgCW4LEJLZoCWx1M9mBVZu1eIaw==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age1kn34ny229gm0rg7wlcvxmcyjtz4gka6f2vd958fde6vmuzrxcvcsufra90", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBZeVhXS0hCTUJvYnp1YjBO\na1lEam0vczFjRC9DZEErRHMybVhXY2dSUjBRCjdvd3ErVHdhVDdBcUluYjRwRTZx\nblhVaXNlZmU1UUl2QWx0VGQ3dGhYbkkKLS0tIE5zKzdYV05HckpvTm9jMU9TaWps\nRkFhSU91VitqRENMR00zRDA5cHhNRVUKqP5hLXQZaDOd8QHQVrJWeHjWqAbspUSw\nkVkw2wSNALCF7mHdldhBr8GRKwGAknGjvXyEkdsVS0kpgFVBHpOcWA==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age1y69f2elvmq39lc3t3ucq9y7wt675520n7rvug88qg368qsmmk47qvwrtny", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmZHkzbHVZcmpwdzZHMVkv\nRXJZeXRTNmhUOTZHTGxlVDBqMkg5Z0pPNHlVCmI0TnFobDZuSGx0cDUxQ08yd0tj\na0h0cU13aFZNcFh4VE1xZ3FtcWZSN0kKLS0tIEhwbmdkaDZpSGo2WjdIRU41d3Ra\nczJhWFFyOVF0dG9FenVFcFhIUnVFSmcKjUsUDUe7bSM6k0Sw2Ygh8Ivk6UC1PTFh\nRvLsDcxOS4QK8OiJPZLCFH6iHsVuzvHHcpra4Q5ZD0EVeXXZkjPXzg==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2M21kK1JsdkxoQzVoQ29o\naTAxZ2JHK2w1eWdkL1drMWNZaTVJQ1VmSVJRCkFpQittSmpkcEwrUlVFbTVzVkVo\nR3F0TjBpSTUrTG5lZ2hNeHNQMlY0QzgKLS0tIFM0VVFNV2tmL3VvVTg3RWg1SWxx\naWprdUdzYkVzWm1lNjlsMHJDQkR1aW8KeBRFmDoEvhyETnEVTyGzPv4sfZSjhO3M\nOgdJmjtLy/nV2hE7ZuvT9VR7h4kvJuy6/GzJrLPjEVu9BSrfNyKrKg==\n-----END AGE ENCRYPTED FILE-----\n" } ], - "lastmodified": "2026-01-19T13:22:10Z", - "mac": "ENC[AES256_GCM,data:bA+aPggCsNoTx0MCD/bRRbWbchyUL3wcpKF64j2sbtL0ID44IcN8hKO7739Lg1omoxk31id1j3/PsFlFArbLF8tR7yxYpb4nSjgrOYPvhvO6kXGoS74iKndTu5BpNzufrOJIJlXCrKs43m0iFy7KPpM2jTm9tSTWMsloA5xyfb0=,iv:XCPlxgunWqb8bcYbeFmGFtJSlYugqYH7CSB/83hVmgg=,tag:YUKItD5hFQk/lJUdFP9nCg==,type:str]", + "lastmodified": "2026-01-10T12:50:53Z", + "mac": "ENC[AES256_GCM,data:/WKrvjiwGbsl1DDzDqZekZFRCVB6u6xyZ4x2P/ZEmQXxRzvXMr85DYeO2xjt+kyPGq5TFsQYgeot1z/WSMbM8xHw8vxNRuP1cocrxxHIw1VEA9yBsA0Oy2+hs89aKsrrT6K6xl4PQAgHCZJh777z3QOpqReSiKnIXg8EZU5jEgk=,iv:oLCxZ9GEFFfaU3C/NqvXZrZtQk5uI4AtGZdSO0SK6K8=,tag:t5XF4iNqC+g7o2FAsffaXg==,type:str]", "pgp": [ { - "created_at": "2026-01-12T22:05:06Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhQIMAwDh3VI7VctTARAApQrc42jadgrKucyfqGHpBvLIWqqZf4jQpIVVVcYzy2oW\nCXnUeTr3wX2vySoCUwVhN7kiJE2ThpTF7blpteHgdTf3ykRd3gAcizccgbY0+WHy\n8qHXH//2sz5hUs0RU/6rfeov15obVxB/puMIgvdCy7H/TTJq1IdZLCH9qBuQTqPV\nVfcY1cHRf0zCVeCqcx4A8A9dJQd/jAr9iN8DOmXMSzWcTbvsqtwI6KxIuA+2FLIZ\nR4p4TBRjghwfVz0zrqNax/hGA1UhfKO7j9OJ+cMLNKaoHMp0AEfJ1ksg0lkhy+07\nqABZ0yuB7AP0JhU8bBe7KKfnR1FGq3Hrk89uLhTxD9ltwPYt/nkDNr4yD5EhA9cF\nm+TOd+7RglGf6FM/EMnLCBCleWrUg4QrDgkjTMRQCdT2d0Fd7r009kWSruVjCyHW\n+YsLrCcsqPkGB0Q0+mIdcD5skoxQur/g5t64ysIsPymVunaYC6IqjfddidqnC7ah\nyoczSf+vedi3vOwtlVGetvzqerrM0/dy72PIec9m6++tzoH7qtee6WcIgGMgJOCs\nSSYqkFjNkaxh2bZpKsm7GbwpFk8MAUBtVEl4Nx/yFa9hHKzl/BlSqSGoAP+ZJHMK\nBPmIViJXSadeADGu1AApXhbX2ZjAzJmK1JKJydL36/5X1ntaM1FTCQKlLYR5142F\nAgwDC9FRLmchgYQBD/40An72RMAFcDMcDrGgnPi4/aqIjwJjsLaMBq+aG3tPUuqM\n2zm/84zVu0lFxruGGFTvBAk+SyAKYdaGsQryDUn1j3YQP4k2ZZWxTuD94u7LrOXw\nbsHnAw+/eZ5z1+KxprC8KCmaCMmBcqi2gGpaA5CT7zD14orb88ozFAaKll3lxPXX\nzQjG+iHva+Yqqq38fTcsufLdQx3zpenplSyRd618ysEXlQM+wcmKeK3j4jiwIgWr\nhYOR3HLDSAmYDX5hg4HJ3JwrwoyeqbwnvS7MvUO4jHPJZeBVHN3T4mKjjYSikNVf\n1rrlaidj1J4HoN76fjvVwDFF1WZ8mr5Q+L+k8OX/ZSv6D6oedl2lPJtieYvXG/as\n77WPPu1SAGb7EqTUntaSXzJGGOkp5JUNgrv5TnUFCiGQA6G4GujkEofFrvT1DkdD\nhyD/Pnvmv5ZywwhfDXp5D/HX8xlAE8H9fn4j4v9rpQ5Eg40thtyvmIk7LnhhO8m9\nEMy/YBxe3MpQ37j0Q229cniDsAAf6M6xmvhs6xoXXwWfv5a4dItog9M//pAvRMV+\nT5o2Zc9Qrx6e7fuJ3ltIXkujXS05bu1fghe5z7m97wgpDK978ge/fhuWWyn+NqxU\nLeXb1WlOd9RObMQ26gXfP63bopRjt6nbjJMCrxXdEIKNKU44t3ax8DBQ7a4II9Je\nAYRmEI2aLCdCawbOGXWX+lZuAWo8hsqQu0qzRUIg9v3uDDHuThIxmh7fuDnFB/o9\n/RAOSoeEhIdG1HnZUZA/bH60arIAPvyyBnJAKJJCSGSnuQxyOLPYDF7AQ9NUwQ==\n=4yHw\n-----END PGP MESSAGE-----", + "created_at": "2026-01-10T00:52:55Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhQIMAwDh3VI7VctTARAA1bnIjTp/jX+Oo1OuConNkZ1gKsWccPJtum+V0IjF06mT\npy88pa73BXeNiVqhwZtYDF9aSn7HtZh6OWN1a8UIqDenBODxak85CvfNZq/7eXqW\nytY74rYeA+yv5tglZuj/JCbK1SlZPPVB4yirL2xADYwsupFhqKChnFS9sV3tLyh0\n7/egP+86ZFt7ejP4D2Ts4/Sbz95jUtKptUQ2hm9dJAK8wMQzHdvWRkd6PR1eUaMi\nhWVUDYPNh0yaBbLDBsODBmbTQkNqF/Accbdg5cqy4l+DLDwR8iBQXy+JMH8+Yb9s\nDMGn4l7N+vrOz979ESbaKmGpHSggs7+mii82Zq6uPkQ1NEvgQB9RRsR+Dfcr2cxH\na3Cg/O/RKx0RPNGJZ67g8ehj9RTyU/uQpEAhyqoPaZqLGO8z3BViRKaFmZ8h6MKo\nT+fFy9HadekBg+zNrvzPtMCLofwksDoCFksd0E4dN6zYSD2WWKNzVqfJpIfwbn00\nQ0NoTTj0kjlt7+qwE6PtKYXBx3kRoYjR4vCXR5l0jDAn8cDshIsnW7q/vEA7Hwhx\nnzgXbsw0c0h6n3u8IvRGKM3IBJTz7XqXKsWjrdZMUVaaXXdekLhp3uzZ6rs2CqlV\nIc3M0dz0cHl9gaRG33f6uUGZxiWoWwbgKqkiJM9effKIC/2jxLkYtps1AGn9C2aF\nAgwDC9FRLmchgYQBD/9eYySQ2qrPvOheTo+kgYgm4Oz4wlutBliHAzcQby4WLHLs\nAacd0VuEBtfuinKMkJZnwK0O+HjPM9BRiFFR+F48ONL/mBrGcI+bHD4iOjnoz11g\nWEyFypXTpOGGJgwLAmK3GYvophaA7a7zBtqbVZ8XE5X2G1uKW3vq1F1rEUNE4yuo\nB8oriPCxqpsTbfUvXuDYS6klBHIqZj/uWUGe/Tc6rtLWg4efjp3XHrhsz7xw4ycn\nOYYZFCb0RR9wM87nChaXiFwea8givy/2+4EIlcFR7ks8Sjl6pYe3Jtwmmo4dSppf\nXb2gVScK6z2Zq4WurUKiiZoCznk4cmpC3WIPDF0q81hOCrw279DqGf/OXpycMcai\n5EtFlZszvfX83ELSlryPKlGMqFtgC5qB3pn0Ncu2i162rp/RsMwuShQyP7mQ5mgi\nG8xU+jaOvkKKCKAv6vUS2KbK9rPADH9jTbDhHItBx5+NZO+dCADOx1qRsS1JzHpu\nfoWJ0ieFsInfmTcmsHgE1C6qhIzuH07CqdAg3DD7yW+vwsobHraY+D/y6g6pOSZP\nlEe29hNlumq9kREa0u4YXyAn90VI1QwuJaawOqZ1KWGreVGIv66kbqfoBJYRnHkU\nDlOcj2/ce4fyuuwGn5G9VI4wOfAeb6jx7vniYTYwuyvRZkGR14mE4WUvgNZ1HdJe\nARhtkqMnaA0qYtWPyTXmkW6x/vPrTqUU7+5MWIrzSKdS6TAMPT1Wen4VSKKnvgbA\nkD5U8ioRwaxmGXWVnQao1YiU72JeOZyOpXLzO17n3m6T5eNSR5+32Sb9RXGdmw==\n=OEsm\n-----END PGP MESSAGE-----", "fp": "4BE7925262289B476DBBC17B76FD3810215AE097" } ], diff --git a/secrets/repo/pii.nix.enc b/secrets/repo/pii.nix.enc index 79cc512..f2d6444 100644 --- a/secrets/repo/pii.nix.enc +++ b/secrets/repo/pii.nix.enc @@ -4,151 +4,71 @@ "age": [ { "recipient": "age1s0vssf9fey2l456hucppzx2x58xep279nsdcglvkqm30sr9ht37s8rvpza", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBFTTNBRXJiYk5DYjhxQ20y\nZnJIMmRmUnJjUnRONnU3SzU1Y2VJZUdsR0hZCmxWcG9MeXBiMXNZdENtbUtaSVJo\nY1FWQjNBamxEd1Vxc1NPZXZLV0dTYXcKLS0tIHM3MnI3YVFyd2F6SWFuRzMzc0VY\nejJRYjdBN0hZbnUyMjdRQzI3MmM4ZmsK915UC2WitPfe8kKagnhTQzGa5FB+9EBO\n8nv7EAab+dMxPhr1DAQ4XxWfC/0NxOfce0MfVSukgsgZePKv+t7Fhw==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxbURneFM2V3lkWlhNYU8z\naFNYa3BKUkFyTU5pby92KzVHRzRuVnB5ekE4Ck5VdFZKN3JrTlVXZzU3M0ZRRjBX\nMDVpd2YxWHZvcTVMUFQrNmZqZjdrSzgKLS0tIGdFeTV5eHdUbUNPV0JrTEdlY2I2\nanpZTFhDN0hsRHBSb2RvS1kxY0NiS0kK5UHs3xKgl6m4ptvvb1fIQnvczVEYNoTB\nC87CHUanOeorFNRPorTzqZ5iy3kbHILWSuCIzzFbSJzHGF6CXmfBug==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhNjdqU243Uk5lZTBGQVI1\nVDFNWWtoRitBUlNPOHNFaUJlZ1NXYzBGTXhnCnpSMmJ6aVk4Y3hvVjdYZVpIZW8y\naE8ydHZiWTMyaE9WMXFQUnNlZndteGMKLS0tIGtyUTlRYm8xR0ErcUNrK3lYNHp6\nVmRrYkdsYldUU1JEVHZkVCtidnhiazAKzOxBA+ZyW2ws79lIYyXpeBVWL7B5VpyM\nyk/IDcvFX+fmSlRu8zZJ/jr2nPLTliVueYq3KanWQnnb7BcWaqYr/Q==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2RS94TU1YOWFtYWlHUmV2\nWEdDNlJycXN3USt1NXpyU1lmdnk4QjVFNEFFCk1Cd0NML0x2MFhaOEo0V0g3ODJj\neGtZM3lWOWJZY0Y0YUpGcFhaNjdKOFkKLS0tIGNjMXoyZ0tIRWdmUkUvWjlxRnhN\nVjRFbzZjMURrN0wrTXZSdkNjYUlFUFUKf0v4JZcoYiGTpL0pnO6aG9OrnhNRk3FA\nsY7qIHtTUaSRd/KrHXIHfrrBMDoYIW0p9e63ocqvYys0freKghkvsw==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age1g7atkxdlt4ymeh7v7aa2yzr2hq2qkvzrc4r49ugttm3n582ymv9qrmpk8d", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4N2lkYktsN3JKZzBjWitN\nQlRxVUU0WVAxMXVueGtwSDVVQ014c0RxZDBZCkxOalBocnROK0JQWHlwYWp6Vytt\nQmtGTVltbXNCelpUK0h0ZWlGN3RuYW8KLS0tIG5GVGJ5SXRWY1pkYnRQckxiRmFw\ndzFGYWpMejhnbVJvK3h6a0dXaDVhdlUKrk5x0pJUSWJkc/4D7wgFSidL0GwXTPf8\nGzSxa5+77gUR6aeeCHVJivZ0neqG0wXDwDxWJ32548M8Z3mg2vNlyg==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3djkxMFhIdDJCNXpCVjZr\nSEVCQy9Fd2l5d1g3RndwMDFiVUt6UlpZSjNVClkrbnB3NGpHc0dld0xheDFOWDY0\nRmZjZXRnb3dqYiswaTc0OEN2VmREWjAKLS0tIGo5Z3Q2L0w5akYvendvNjgrdkly\nL3FRMWxKYndaaVB2QmJSWDk0bTVWdXcKyc91a0SmfgLnDLmztGrrsCe5Z70aj4le\ncMnfRqAiuPhzogxATLzaCcYmVVirqnm2UFX88HzjvPxzHcnwkjjxYg==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age1ly2endyt0y9xyddj6yuj4nw6fa3ltvzlvew4cr4lzs6dv8dkavpqadmyxx", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQYnorakNtSGRka0JCMEdr\nLzlkZllxSG53a3JHbFVVSVdFM1g4Z0xyNURNCkZDcGtialNiWSs2SUVVNlVOL0V0\nbXYvVHR1L1ZLYTJKNGtFUGNoNks4c0UKLS0tIFNGTXJhRTZJbWhacFdQVVdOSWsy\nN0VCeUQ4aWtCQXVDb1RTaEJxN0RjTFEKD9O1ApMLZnvg237XRcFEIckAGaYBEnbE\nvXgr7/DCOu3IBny0IVxV7tDj0rUw5u0UgfXuzLUU3txfK1Uyu0Jdqw==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBrSUg5ZXhZKzFuZHYzSWx0\nbGszekV2STB3MWZtRVExYlNtdWRFdkR6MFN3CnN3M3NFTDlia3pyRnJHYm1nU25O\nNEFHQW9od0h2b0JrN0RMdkNpeGwvRU0KLS0tIG1LdlkweUtPbkZkVkpjOFZ1anRs\nTkEvL0grWDNGTXdOamZ2RTJ2TG9EdjgKtGZjEbfQK04UCmIo0MNwB4TGvbbMhY1d\nHSM+6/4KyhEzwo7x/oy9MA7wSKBurE2CdsUwNLxeJ4eMRyC4xjrtGw==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age15klj4t7gpfp69472mne4ue62pp6m4e04dmjyw7yf30qtqd3vl3uqjmcyxm", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB6Sm91dkdsSVhsYW93TWZ5\nOTJqSGd3N05tQlQweDd6aWNQY3REb0kwZ3o4CjJMeXdPVXZ1cCtMcjUxZXlHZkxB\nU0I2RXRZL2taTjk4MjFqR0ZpT3BwSzAKLS0tIHdmeEE3WDV3MkRVTWF5U2N4VEQr\nOHFveFJtcmN2TEFwQnBmTU16TklQMzgKfyMR0bGRHBvg/22AaezqqoT5VFJc6ase\nBMU4jTQjjY36999mpWntBvEjjKC2oXTKj+cww6Z0MovnqYG4qvlqXw==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNOTgxcE1DV3owZDhpM29R\nd25UVWxZUnliUlEzUmhuaTlxdEZRSHhkNGxZCi8yYWZZQzBvL0hPb29LNVp4TVpG\nZC8wa3hoUDhrTHJBS0dqRzg1VGJucTQKLS0tIG9vckZaOEc3NEtpdDZpdG00UExB\nQi95UU9hajlmOVlBZjFocmRtQm1vNm8KMe740I1/MXjO6bajs6i6wuJqLCfveNq7\n1WXHfRY0mQ8zisy6sT+CaD5NmamT0NU2X7wrkQkQZewvZHhGyG7z4Q==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age1k73gy5em3js9zklnnkzp5hme9k04lny32fgahmzddknjw5c295asdyr4x6", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBLV2NRd3dBcjhtZkFaOHZj\nNTVJa3JKQmlDbncrS2taSDVGdjR2R1pCOEg0CjRONDN3Qmdqdy9vYnMweWxMZkpl\nY3NRRExNdnQ2VDBCSTJoSHBRU1ZvajgKLS0tIERvZC9rYmo5RW1iM0dldGlVOVNO\nTlQvRnpqeWJFU3FHdnhxanFSdU5RM3cKEipbKBIdbGyB0YskAOGtNVWRCyiRO2lN\nVrQzXlUAqdq3uQyq5Pk6cKZgaqnEummU98pW4fEghDMk+FKS8zlMAA==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3Y0dEcWQwa2Vodm9QMzNI\ndlMrS0d3dDlSZ1J5RCsvZ1lvSVYrTUY5U3dZCmZWT3JzWjR5dlhQczUyMFVodnA1\nNDlxOWc1bC9hUkxKcEs1SEZWZnpGV28KLS0tIEZFOCtiS2FWcjkrbTBNQ2phOXFy\nc2FMTGhMOVdzS2lEZFlKMWtRUVU3cUkKhUv1yvsOumLAAtl3ss8Ox9V6Boo3PGI1\nnI72ieLQd+agJCzNRGyCKhBsbSCT5XbJ6ByIUBlMR3fTHQtYX8Ztag==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age1cmzh82q8k59yzceuuy2epmqu22g7m84gqvq056mhgehwpmvjadfsc3glc8", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwcTZkNDlCdEsvQzN1T2Rh\ncDdUTEtxSUtJM29tUmEyd3NlenBLdW9pOG13Ck9aQklsa1hhS2RUbUFEcFc4SjY2\nUHU2WGhPYTRWUDZHOUNzTEQ2cERUV1kKLS0tIGJEbmhYeThJSnJOWmFhR1dtRWRa\nb3JSb2g5ek94V29ta0h4V0ZRdk9udWsKPRXSniu7m1NQW9TN2Giq5QWdY5ScQCY3\n/BW8VH3Sq94cv3VHY/cYDOaMn8uqlFscBKDpV5mu1eBFRCL9FnnO5w==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBrNkJjRkdXa1NMa1V4dG9J\nZGg3anVrNGJYSVAyK1lZUWVML25jWWRiZVNRCmNHNmpkY1lGSEF0NWM4eUxkLzY1\nMSt4SllIc2F0NVR2RGtGMGZsNTc1RW8KLS0tIG95czFsejFWUEpzTVV2QktyZzRy\nN0VVNmZwN2NTRHBFRmtzT0RwUk8vdzAKpbQTvTaiCpE6YGtLyuQ9N/MKOCEi3Y8E\n3qO8BT3c05tdoVf75oe7MtP7vYwqNmCrozRUBnIgXXpNcU/W6w8Hig==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age1wmx8y2hs83j2u5srdnfxljrzxm8jtxl6fr0mq7xf2ldxyglpzf2qq89rpx", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBFVFV2VG5EczJWNld3eU9m\nMndMSWtRT2MyY2k5d1grYXB4RDg2anVKNlFJCndlQVZWR29Ma09RZWpvZzJ3ckVU\nb3pmLzBpWU40dWJINllUbXZqOE44ZHMKLS0tIEtHcURtYWZoN3Q3NmNSeHV6U1lF\nWkRiZTZucXhQNDJjTGN2azlZZGxNVzgKSkW+X4vZ8RIWb8jr4WGKxufWOaKNduuv\nNk1fAa7gbbfQIH/G2THrHUit4uv+DvA0crFjvIVyKxvCUc56nhmY1w==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYK0lqVk1VeFA3THNsc0o4\neldmN1ZhZ0V6TS82eTM3OXhDWGZ0MlEvSURRCit1WG92bVYyVllyb3V2L3Eva0Mw\nZlc5eXRZcHIzUzJidWh3bUZ5U1hDNjQKLS0tIHgzSUtBOTBuQzZPMWdKaG4yREY5\ncGh6QXYxUndDa1JFbUdnSkZSSFJ1WDgKYDSmU1vl5nom6hkPP4tE7QqtvxGcR6hf\nOCxKNW2UOCmC0G2wDEtykJYCbyvjlz0mLG8UTNFfcp34lIRNzXdsqg==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age1mjgw3nxlnqdj04mgjz3wn7fj2nl2nxla4p2r2fn4nkvayfgp09pqllxzyh", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzdFJ4UXFLazZMc2hMb3d5\ndDEyZWJ4Wmp1VjhRMW50a2l2dFBOWmVaVlJZClVUd3VwUDNmZ3ZycVR5eFkzWlJ0\nZXpEWU4vMU1udStSOE0xaFhUNTRBS0kKLS0tIENjejZjZExFajlpN2Y3bTFvN0Jy\neGlkNGNoZnl6ZTdJay8vdmppdThtOXcKbki0almQdiYvtwbNZfyKbvOjgBA/N3E8\n7VtuwkXjYQh0jMitRZqaZWBrC0OSvqp/rXT8AGbdSHSOtTc0xfxfxA==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB6Vy9qNUgrdlVLTlNmOTVO\nWUxHNFNoTEM0Wk9ZSjIreTJEZzkxOVVYaW5ZCnhCT3ZzR2dLVjdGVVB6UU42aDZQ\nQUtWemh2clg1T1JsNFlGbUhuOE1GNGsKLS0tIGFSVElySmZWbFE4R0kyRnN6VTN6\nb0dtR1ZHMDcvNWFkZDlSaTMyL29GNFEKLKXf4xihjfDM1Lj1LNOt06BoSaWcvIk3\npW+skCovQ88FRxIJeD5i5vXIQivlI/98OF8chmtfPM7GkfhwvBRJMg==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age16vzhcvz8tyxj8e0f47fy0z4p3dsg0ak4vl52ut3l07a0tz465cxslmhevl", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1RWRaWktUWjk0dVFMa1hY\nam1Tb3AyV0FVMHcyeGFTMFRZNi9Zb1p2NWgwClVodnZ5S1MxZHIwcmlJbjhEUGhJ\nQ3ZGbEZGSW9rUGhGYWVlc2NzQUw0QUkKLS0tIEwybjlSWkxQY1B4UWZRaW9vRmxw\nVzYzWHdjNE1uYzU5eGhsZWJZSFlJU2sKWgiLjOL21VF3R8PBC51ibZtaUSydjjTY\nvWhHItQyVF79oX0Fy3kV418vKkQu9jCc8OuiqSdT2KRqfr+mQ5Yqlg==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOZlVJRVJ1aWpOTU9JRWRM\nSVBkYUwrdnA2TlBLdUFmZTVBRFJqQlRaOW00CjVlRXVaVUpYWTJCeXkwbFFOOVRk\nV0FNSFN2WFZuVm1EUFVMUVY1UVM5Y2sKLS0tIFhtWmdoNTVQeE1WeXpVVGlNKzk0\nd2IwdUtVSjdFbjlGQitDYkpNYy8yTG8K+D6ZHo1Yk9Bs9/mCrODylYdIm7mmm9Le\nY2ubH1OAwgX42mfTTMwuvHEgDJ6CJotbrijBnegi7VLTAkTI6Z1zIw==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age15cx90pnp54xp5gxlt02yn9j2pz968wp3l5ukdkx55xuecp34e5pszjku4m", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3WCtTK0tGVjUrLzRjYlVR\nd01Yd2dFU2VEUWc3YTU1emY0QVdrTXk5bGpjCnZUUmovMG50U1hhSDZIbXpCMmhl\nTjU3aTUwR3grd24vWEc5YnAzbHZXNTAKLS0tIElxdXhxcEdjRkhVbS8yRGc0ZmRW\nYlVHTXZ5Y1l4UVJkR1pwUTVHODR4Yk0KUxduPOod/S6u7lP40prr76/kK4CtSHrZ\n3527jzNf2pRmOrTkcvWKMhBgJ0W/B91wXMeAE+I0FFIyXbfORBbYww==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBUTU2bm9ld0pGTHI2SytY\nRXhwTTEyTno3YXYvdGxyTXRpY25rWUdoVEMwCkZITE42L1UreENOU3dLQTlBUEdZ\nR2JhbDJaUFdvOSt5V29aQy9vWFV1NjgKLS0tIHhWUXlNQS9GaEpnaFJYOVlvYm1x\nL1A4OGhteUhFK0Z5dERuT2RrV0gva1UKA/8Ry899BrZw/OKMesiyYGSESqrhld5V\nqumrjYNhC4ImcFPI8YP4J8zOghz/5u2xu3xx9Q3D5FLQskPkMVfMvA==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age18quey88vge7xytclg2nuq4ncme86dg04lxwczqxczmdchnjg3p0saehsnh", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB6Z05aOTlvVEhHY0huTzcy\nenh3WlRzTStUWlg3ZHZuRkVHU09pZVZWK2lRCm8wLzNGTkd5ZDA5b2ZiZmhxTENK\nRE1Da3Qrb2xTc3Rsc1FRVVRrSjZJdXMKLS0tIHFzMUJDZnBCVnlRTm5lYno2MlRr\nV3psbVROQThha2RjK1VEYVRvdUNLTVkKiRFYCBw/k8Uz67NUgOkWBCFNoNvSHO5k\nEthPMa9UGPKlq2dRfAG+0KaUtwyWoBTiXhwoZ0Hds6aeJhJRWmXP6A==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0dDVQREZaTk9jbTlIUnZw\nWFA0dlBkZU02elNYbXh5T2lQYjJ3K2tqK1NJCmFTMWF5MFZnNU5rWk9raXRkYW1P\nQnRPdkxpR0l0bzZucVV4b2lSSXRna1EKLS0tIGt5SkFqdEdrSkh0WmVYbHE0enNY\nTTI0UWV5M2tDRzlUdExTZ1hFN2lGUVUKB9SjTXlpqZOfxoutzU+rcA8BOQTiRzpl\nZh7ZNrs4M3+Tna+dVC9am1wZIFc4jTGdWs9xIPlpyHQ4HGBKRXo7sg==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age1ax5hqk6e2ekgfx5u7pl8ayc3vvhrehyvtvf07llaxhs5azpnny0qpltrns", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3Tkd3dFhRd1cvV3c4Vytk\nL0paWVVheTVFM2hmTDk2OWZzb0xha3VCVHlJCnJ0Z2NXdmo5V3Rid2h2MG0zb3Vz\nSW5RTmxEbW5jekN4QU1NRHErS29KcG8KLS0tIDNzMHhXZVFSVU9XemlFWmlVUVEw\nWi9DSFplSkxPMkJ5eWZZVjA2WXFSYkUK/ktTyhCoyP+JC0NAAgGI/H2OdmqKCcNC\ntfo1zCzcQvoelM/HlODw/hGMIY/6ogpn6tsL0sZxepYZSWuF4eT2EQ==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxeFNGTE9OTDJGSXNnRWhH\nd2xqVXNMaDRvOE90eFcxTkMybmZqaERuN0ZzClBCQWFLUmdLVGx4YkZoVWZLRFFO\nTXhkR2sxbnY4bUhHU01yVTgyam9iY2sKLS0tICsyaGpyNGg2TFYwM2xUNGZBUFY3\naVpuOVZyZWp1T0NDMXZpNXk4cDZvNnMKzdAVwpvlcCvbKjrgbja+UA8gNA+z5UOX\nXntvfGydRFkhzk2Pxv9sB9fD/LpmEi1FGql2qfyU+9ufzv8mKKmGiA==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age1c2enwel9un28dcs4wg0vcyamx9a4a6g3walkhu8w5lqhmd804paq9d24as", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNOWhva25DcEdrcUk1QWYx\nVk90WHJKUW1OL0hpaUdCSFB6WitJb3ZoWUJNClk2bzU1MFl4eXl2VWxSdWtBWjRq\nZUM2elRYcmw2Wm0wUXRpTGhaQStFNG8KLS0tIHppbWtjTVZ4aEJRc3E0cXdRMkg1\nUGg2RWYrYmlDeCtLN0lISW91M1l2N00Kb7QcLb3JA5Qo/JN15tys2Uc5Gc20OBO5\nF/bjP5jQFU9V5gXhEgmvoNB0hVg6V3Dh/yqH3Cco+Xeb+QLgBKcidg==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4bHordlBWbVYweTNITkxW\nOVorendkVVZqMzZ4WlgrQTVwK1hjRVhnOFJJCjV1dFFYK3cwRmxzUXZmUTBPQitz\ndUZzMGFpZGJxbHovRkRPSE5WclQvaWsKLS0tIEYvVTkwdUx0WGR6bFRhVU1pbjRx\nZUp2OVorbDFCTmdtazlkdHpMM1diZGcKppf+Gm5fIckXROPVDoy+BmFNOt7g4v1u\n0vjjakwRyYv9iZK++oF0fmfmxmNuJV8f4LdyuzBWDURmJgGe928Czw==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age1nanlervuderw4qskcuessycqy2yfmptl6nym9scgp9ky2265ssmq3u73r0", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxbCtGQUR0RENmb1Q2dVNE\nUUMwQnpxYjJhbXBLTG42b0Y4N0UwVzlrMkFvCjhTRjR2cmhzcHVqeExwdDFQUUxz\nVXJPYWY0OG83VGVZaFpwbHJHMnBFVTAKLS0tIGg4Z0ZZUWFHRks4bGFSUnlac1Mz\ndTVPYlJzdWFoYUo2K1p3TlMvL2FuVFUKzRnTD461D3GWY9ZMkgqO+bstuyHKCeDm\n7b8pf2ApjltGxGGQVo9oGRQR8ZVql/ke0adw/6f3xSAZTtYxqf3rCQ==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age1kyue7mfvzuxprjz2g6ulz2mxlr57rgzg6lfpnrqedkelehley5ls3enwsd", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvUVA5QTJ1VFA3NXJKT1VP\naW1ZemVSbjlmR3g5aDJyMzhoa25kSUpIbVE4CldvY3Jyb0NaZDdYTzN3OHM1cVBY\nbmx5S0p3TzE1ZXJ4N3VLTTkwcXBPR2MKLS0tIGd2Z3BFazRTNjhOS3R0ZTFnb1py\nNzlxRFdXZWZnUEhIVGIyVVNpdWI2cE0Kfu4NzvEcxQ7olFmALV9Ndp5dj6PmDrYU\nSNOWIGXgZirdESOPPBEVw9bK/kEe6PzWnd4IQYOF6/QAW47OcDAYhA==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age1qpgj3ell93rzkpjq0ezs6t669ds3nyxx67pj50smx597pspz6fqs4jc6pt", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0WnhoOXd2YnlUdW9lWS9r\nVlk5UXkvdVpENFNvQ1BqUnk3dnl3aFhLWTJNCjlqdzl2dnkyNUhkUVl1V1ZTSUx6\nNldtNzFMYjRDdWdLeis5OWRxa0t6QkkKLS0tIE1pRnlCRVA3L0VlUW9BQXovNG0z\nazZaZmhoZ0dUWDJWbDJCdnkxcm0xZWcKWQj7yo9Y6nlPnIt6BtdwJHtZQSDvS0s5\nY6SZQDqwP+2EGnSF8m2jLlQU9hRAenG2R8+uaNUAcc+pq2dShhslKw==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age1f63r2klnpfxmntswz5xydpa75ckgjqcs2yzkm0msqwqgz9aqgu0qwzr659", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBUSUgyemhNc1h1cFgxZmlw\nVGFKOEt5SENySWdHbWJnR2RWU2VMNGNIRlMwCkVWNTZRTVlCZlhSSTFJOTZXMWVk\nMCt5V1J3TnVXdGFFdjRzTEc5N243eU0KLS0tIFNHOE5NWkdEeFNpV1NCNUo2Y2s0\nQ3phbThsRXZYSi84eGFsS29DM1p2cjAKuinmTvnwkydQH50SdgKgi3U4z9gnlEhC\n/gMueer1HholV8Af6Vh8WkOZVb3UB7u5OAv4x+NWR0Q5S85CWYuzpQ==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age17328xwk0z3znalpmma5rvp0lt5ghn5p8xfvnrtdxwsw80dqysacqj9j37q", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTVTV4SzZUejJSQjNhdmhC\nZW1ZNkY3Z2VBaU1uRkJBOS9PMFJrVnA2VGdZCmhNUVBkQXdzTFhRVzdmN3VqN0tx\nUkJrWlRVOTdRY25RSkJvd0NwRlJZQjgKLS0tIEdTcmlqWm9TdlR3WEtYcFZCOFcx\nKzZWNHRUMGppMHdUODcyQkUzUmZEQlkKM2Ni7YGqfLpnTTLoFLXEjHSljRKfoCYh\nAuAKWSo5G0LEdU93yJePlQ1c1KxlV/hbHhHUK/NVU4DI39/HLZ4i2w==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age1qdzkn6v3xhrfjwe8jxz3945dhyyhevwal0narjtr8whf9y7nh3wsn524u5", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBL3NaOGx1NytXeU5xbUFC\ncDFXRjV3QTNPNmZidzBHeWwyMG9zcFpUazJNCjBrb2FERUZJb3VXUVNZc0JFRGtY\nNGt2dXQ3cGVqL1l3UTdjQ1BPYytJOHcKLS0tIDkzczQ0TWZPbEl3NWhGaFRUQ21G\nR0tqTW44RGdZM05Cc3NsaU1jV1N6TkEKql1+2BkDpmjzm1cKtXk3idavZrsRaWn+\nTtEFtvRnY6TIkhIN7I1hv+cqvFVza3BT0SqME5pPcvt5o/wlZqRSiQ==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age1etgfym5m8hn3hxs6cgg757zcv5zg5n22wq38fuq59n7qk7nef5uqyg6vvs", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYRSsya2toZ21KdldJVnli\nSDgreW41Y3ZUOXorWjdMWkFFNXJ3S1l2MEVRCjZFUUpGZDQyenF5OWRKa0NId0JG\nRVMxRTB3Z0tSUlF5ZW8vbHlHZjlJU3MKLS0tIFFOeUR0UFNzbWNQUGJIZjl6TXFy\nNW44cHdtM2E1TWU4MXFNM0ozRG5TWXcKZS1lgNP2fm6LjT1TDYEzKY5krZ9vEP+z\n2GkHKKVO/u2jInX/YeryjDgVO1OnzWf0oHSqOGsmGkJIepRI/xpIqg==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age17mugmkdw0y768a3huuf37r45eff9apyknxvwk3agg6xzsjmqp96q57tcty", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPYjdoNWVMczVCK3ZCbkgy\nclVUM2dyRUErWmZXbFNsOFVJeFZUdk5tWURrCmJHa2JBUy8zQnRSUzBlaTkwdlNs\ncmROOGhsZnZ2Q0V1TlZ6N1FDQ0NMVVUKLS0tIGxXT1NwaXJsMnpnOENqNGo2c2kx\nRXY0TFBjbmxpemZMTFlFWDFURnM5R28KImG7n52CpTubdV0mVnt/avvQ70c255BC\nETn/I2+OYhGt6SDkivgMlpcZNmqIjbHY4pFDIEiWQgJtw6cZhRgY3g==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age16gf76uustmyyksm3t56zcq9g6j8avy0wrngh8laknfq733s5welqedeg4x", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1cnJaSW0wMTVKZ3BhajZE\nUll5RXliSVVsMThIQXBTTVpzNUtKSDBoMDFBCmY2Um50MndXUjJWa0w4dVNwODVB\nZnlWRU5yS0hrVnlnN3VUK0pURkFRMFUKLS0tIDY3L1lvR3hoK0UyQ2hqMDljWnVk\ncFR3VmMrR1ZVNWsyYlRvMWdEVExma2cKrNBMXgrdIL/9TDhT+1kZNyFfOdfQ3kjP\n0YdKbZ1It7UvTVMy/amSWzs7YJ+AptSq9vRuJNqEPbmx0tPLgx8Udg==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age1fnvlmhzju0yq908xtgags0sy85q3tacl2sc3w3vdd3yfp27xv5aq06v948", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvUnZLS3JSQzhwRjBjMzlP\nKzFCNEtocmxGUkVBcGwyQmZvQ3Qwa3VWaFNzCnRrYm9mSGtUV1VlRldTR3BoSDVZ\ncGtNR0R2d0JYdlU3VTdsV0k5eTBHcjQKLS0tIHJJanBCTkE4cTh4MTFLUEYyaWxX\nNVU1dXh1bnJCRHpsRmNHUTBTcGFUSDAKRzdFl9XzeavDg9dQ27GPi/Cz6AuRCERd\nnjVR4G0Cal9oU9WpNFxCfloBt3y9dkACdzgqklDkVhnTCVpfLwSyIQ==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age1s5gcxtatd9frwctzwg54fqycsx2sa73ll36k7qrpm9wwyknkldtst90gn4", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4WCtYcmFwVVNCbnhQL2Y3\nbTZJdHQvRFcxbVRDQUhrN0J5TjBONU4xTFRNCmgzT1ZrcmpQaHZyRW9jNm9ISUpk\nYU1Ua1I0eXhvbzJvL1FRRGhROGM3dXcKLS0tICtjNGl3UTJJZVgvZjVPODVHRGQx\nRWtRSmx0TzlSVUV2UU5TcEx3ZTY5WUkKzWx1zZlgk2d5VyT++rXRKgzShaVIsjCZ\nPrGvnT+RnnRUK4cZhQEhAkNM/ZqZCjEZ9PSPS4PGBGUletXT1FBkLg==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age1d89878cvt7wsa07ydwtexspku5gppwstrpnpph4ufx5pcd4fadyqgf6lvl", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwc29LeC9rRFZVc3V4ZFJv\nTGo1L0VwN3Z2NlYvdk9uRWhGMnRwa09zOEZrCkYveHQ5UFBJOHZISUROUUJzYllx\naGlTZ1RIcTFEcUlTMUZocTlMSTZxV2cKLS0tIGpsOTJHNDQxOGMrVEwzbVJRYkFt\nT29nQUxqRjhoT2hKOTdMRUpqMFBYVWsKaDC/Qhtsxquz4/E1IJnIqzv1UsReWK1U\nE/0NVOdsYpKLc4fYUU6mpF3waLJeSlFiAz6M/hHb/KltaxRuwoUCzw==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age1ayupuxlrkepyvjk7xwgrd0pvcj3tfcha688mcuc8ees2hg3g2ersd0q3nc", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBIV0ZQbkhFTDdHNkpxUFFI\nV0VNSzR1RkZYRG0wV1dvSjV3TU42TlNjc1ZjClZDQUJvalBzQVJ5eEdRMTdoSER5\nVEVDS3daa3F3RmorNXd1NDBKb2FNeVUKLS0tIGdVN3BOWEtjSGZsNjFzRTVLSnVC\ncHpxdDYxSXRQTUdMUThFSkRmeVBkckUKJrdXoaRqF/z2JqVQmZBLute+W3OA093/\ndgtFZgVgheBQ45mya7ZLidTRBheCTGfWpCfH9Nob+L6McYV6XK1awQ==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age1cq7wxnugpfvjk6dgqpfmc8vemzhkg75drkgeaqjd9fuylz5qh40slazr4u", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBESnB1d3hGcllPUmdEK1kr\nZjB2MTd6MGlBT3lObURKaTI2VWlzdFBHUjFrCjFPQm5oaGF1ZHppaW9FNlNOOXNP\nZkIrRzNTZTVxaVd6dzU2em93SG9iR2cKLS0tIDBtbGNLZWhDeldZbTUzc05mR1Jt\nc3pRNHJ1aWpNSGpLdkx3eGo4eUxMeEEKSCkS3zqr0LegRm+FBWeGxyCZUd2jg11L\noqZW+CXapLUywTh/TcJ7Z1xBXk5/mCivEfjqpwri5GZQBE8S5PRMhA==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age1vn6ya0japzpgc256jg57fldsqe4udmq50sj5hmkywn7rxfnskevsx2q96u", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4UzlxVmhUNVUxdnVCK21m\ncERFY2pxU0xYSnl2RlJIQUtCWExjNjlMV3pJCnpZUVF1aWVHRG5SSGpuV0tUNU1j\nMzhGNzQvZW5kY1JkdjB2ZUdRQ3JBTGcKLS0tIHh5R0JOSFpFT1dKcmF0a0dDZGFG\nbkViVFBzV2VNUVFxcUxFUEdyamlNb2sKpbWlKEBKt4D1AzVIvHx1A9eAjpwkJkEy\nQ9occIVMkIb/+9nM0NmXU6wKGFeRNsJkYAQ7BEo6zrh0GXZVbkG18Q==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age1t7zagjfddns4yltupk7nx8xps4gh7mupyz85uuys0wd22cxj5qsq2hw0p7", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSbWJtK0tDNk1VbENDUm1P\nMkVNeXJ5NWVSMG5zK0IzSkV3VjJCN0NtcnhjCnlSWnVQZTJpNXlPSG8vRmcrS0pE\nN2MvVWFoVmNja2xvUFdWNnZkb3RZSU0KLS0tIFFPeTZCenBlVTZOamg0MWJOdnFU\nY2hkY0ZrZHduOTdkZS9NSmNtZ2QzZjAKu+XwOO43thMiQ14hmJJGu5U0/oQw8B1W\nIqJAaz6F258qatwMQB2j+BVHut0NwDyBz8skpcAM4CfX9ugWv2+Hbg==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age1rn0pxluh7m8dyeshek06d7scejqlrcewlk8xmyrwt5e5nev2dc2s3s78vq", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYaFlhNGZMSm1KdHRmSjBR\nWURUNitWZkVwNGJ6dW5DNDgyTTBjTm9hODJZCmFZNEFWYTdrYkVNbWVTRmtmZ3Vl\nZ0RKVDk5NlBHanlZR3R5SGZ0MlVNWFkKLS0tIFhHVnlmSmdJdHIwR1EyTDJiNXRH\nanp6VFJlZnV1UHcwRFR1RTZCWXllRFkKU9UhM8Tl8b6OFbV8FUQWU2UTWNBx6lxh\n1IqeUz/n9qd1z6oIphUIHz4akjz094nVixYQG6oemjTsHr7Cn8wfgg==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age12jh5836w3cmazec8ql652p9h3a3xn6quztztzqxg4n0kz7r96dnqqlhxxw", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmNWZnWGVUZGN2VlpxOWRn\nWGI3VjFMRytCRExXUERuVzhIZndVVlRwbWo0Cm43ZC92b2NMaXkzeDg0ZmxSdXJE\na1E1YnVERjNBR09XQmpUUEpBMmgwOVkKLS0tIHRCZERmUHVvVnJXWmUrTmJFSUV2\nU2NzZklJbXhFVVBQYkdrWU45ZkNYZ00KcJ66eCXQLZ8yOeF/LJC55UxAebWIDRHl\n+Lhf9a9z1CDKcCvZAdh0ln7q9qBTp7LWrIkvpbbY572r4dsbhB+A2Q==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age1gxg2peektn8x36kk3nsgmeawl73e54kaadqd649ygwrv43kkvejq2cw64z", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvQkFVYXVOZmYxOTMxWUdV\ncTZscnJsK0NyMFowcXVicitGSmZGYUE0Qlg4CmlnZFk0L25ZekZrQ0MxQVV3NE1S\nTzVaVWtERGtQUlc1NndqZXlvWklxajAKLS0tIE96Q0h2Q1hSY2dKLzV4RS9nL0xu\nbitibzBsdDh2SkRGVFgzUWlrUDBxbEUKHLp4h8pc41RTfBA7S0Oj7II/7vaOjhi6\n6dvxfTqi2WGtRvZy+mZMXEjksps6Dngz7ekxuRuvu0SraGt0kXQBHA==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age1kn34ny229gm0rg7wlcvxmcyjtz4gka6f2vd958fde6vmuzrxcvcsufra90", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRN1phZFFZa1d5Z3I2djQ2\nZGsyNzV0akRuZW52UElVSVdZc3NhVGh1aFU0ClpVV0FjUTFSNFZwcHdCbW1jQ0hW\nSWFFQWZCOUtET25mMEo3QjZySnlRN0kKLS0tIHVMOCtOYXV2VUh5cXBVS01QRTNM\nTTdiQlJSTFBhTTN0dlZVa0tRT3MzVTgKoapXW+VLK8Huwh9ZVq0Y/CoDFNma7tsJ\nQv2GQy6fVUM7Y8qcx0/WedcitMcsr/0ZemJd0zesNCaXg6TGb2E6Qg==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age1y69f2elvmq39lc3t3ucq9y7wt675520n7rvug88qg368qsmmk47qvwrtny", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBpYWx1Yy9aNEpnbTdnMmR4\nK1hNTXkrSUVMaE9wR2xTbFVwYzJVVnpQZ1dJCnlKQ2FMa20wUy9nVlFTVmI3WEdu\nMDdIUjVjRCtBVXJzOEVLWHNFTWNkNjgKLS0tIDZiNkVzSzFRa2J6bTFIcFRMemRQ\nOFdPb0xEV2pVVUdsdmFNNGQ5d3hOc2sKeR3NUDYRGDCywMfylXpbo+FOPdtNKkKA\nVffrmB7VKnL+jhKOCjgYeLpSzAQFa3L8QZ9R1xYHa/AmlnEk3IMEBw==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1RGpibkIreUVYNlA2TXUw\nNmZzdnFtNHNOQ21QTE5ycTZHaFU0U0d3RzFnClFXRGFlZnB1WjRBZW5WN1BSR3dK\nY0Q4R3FGdEQycDEranUzWFJyWWVwOWMKLS0tIHp1Rm0wdi94Tk9kM3crWUtjb2Vo\nSHU4ay9WenpGTTg5T2Y1TzVicHBPZWMKEpeP/SVorT881MiLvR+6O9lcc9Fn0VV9\n5PqcowYMKFFXBQ27qjoFBDSwmD0UxpUgJeMtMAL+QLMILZ+G/0EcGw==\n-----END AGE ENCRYPTED FILE-----\n" } ], "lastmodified": "2026-01-12T20:26:18Z", "mac": "ENC[AES256_GCM,data:jIB7rrK4yYjLlqUdl10JfYg3qaAYbuePPjZoGCBCCaohFdTWJPDoJMg5EFMFrZIDVOeWDjYVh6bB+PvXiIvU39NrEymS/Gu50ehCG7Lls7a90K+NSZQhuHS1y91+93t8vOq3kPisN0fh0J9tJwphB/NbmgDrE5e/NQsA4FjOsWU=,iv:VITEc80bKA5ZXuy9iUz7NjobYvVDKXDWhnXFyFwy84c=,tag:POCbrUFiKcc0418v9njPNw==,type:str]", "pgp": [ { - "created_at": "2026-01-12T22:05:07Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhQIMAwDh3VI7VctTARAAgK+dArwicM/S3UrgZr8rIxmMxpM9veTegURe38QEw3MO\nvzobPAbeD4A7H7hqHcbrDuDO7vhjD3GJnktI/sPelf9h8VRyA9XES5A70xKTY+zD\n3emqS7g+QexluqgL9UnUlkpCxv7NFnIbZGJO/x93nMindXro9zeDqeg9s90Lx8D4\nckdgN3N4b3CUcguf/YlZSz5O1zDK5uSSYbnmZ00t/LAAwwF/W0WZRjLw6UGjBHS9\nbRoLB85qtEnTk9GwE2WPkOxKnHZGHitVa0+6PQRGl7ddVTnWTZF9FoD9iO0aocPw\nueuRxHIHIAHX/tZ+N9+kxlH1oPe7wnP+HXLIwI1RiPPeJ8cYAbjfShGQAujqzy15\nYWF2ZO5p60ObBdOJMgslUuvyL7434XZvz425yCjFaAZHvluNaw7wRm2ZOUpxJcxW\nBuB1HJs5Bqvq7hYQulOyBWRoux7sRzR7Cu8FGXegVUEaen9Y8F2L7Hboe5NUFwLD\n8Ab0RCfgkM0U1MrPrBo2T3Vc2B6rGXD7naTgw8NVKPJ31X48f6bbb4D7q1bm1CXh\nQanVFxtjUehY+NQVkgdRmUi4OfFkbqbNeb1YIFOqUmblaDwv8/7dwvKzExmSg8Mh\nvKzh/d0G9BC49URDVUGlALAlYIuf786lj7kQRq6B992lakbOFL1itJ0zB4sK+WSF\nAgwDC9FRLmchgYQBD/9DAUyU96ITnQRg0tpQ4RbQ+GHTVNNLzdUm7jJKmTWj51Gd\nUNXfIYfnVIsSC/B1wqvzhjJZCrCKz1UxaIaof3NCHntwfy65WlhbQ/JDJOZOqcXW\nE+7X667Qbswlaxnm+q9M7jQ4xOuH9AYYY72ywIbKaBU2OYBu4wp3MiMbprHNtFbO\negSRLiZEhqrW4jlqk+it2jgyj3LOrRtCDawyxsL/1IOiOn1VtCFlYt37Uc04G5jA\nfvmSULaV8+lYpPh5EggqgEvyvtZulhps/P/anjj984tFvFcwx2eAoa1S1dh4MEVM\nps8Vw9zfwk3MUHIuzwuUtkQ6WxrvjDy3lJ1h/tv7NUu/aR4iFxBXkB94jyDepesC\nBRfyl+86O5ts11T6/1JrvsEqvFNJw5cE9BI0Og49tXdVjIxk7xgZr/JuIzdCQHvh\n48olCs9C9fxZLONeO2gRlWfIrpuO8JbImZzUNlfUpAGRCa36CAdN+FzqWrYwQNh+\nnQH1w+syD1SUN0CoDJDT5amCJopZXDXWhXOM+ZpRJT9mCYYIIekGgangbihpd7Cu\nWgP5kUynUYO3o59+wSmd4AKPMcXha1vPncK0C9ti1s+DkNn3jGf4lLO6eTLCUaq2\nrMDIwZdqSnX4fgFEBxIq2iFr566Mg0l9ROBBR+Z8vy3jt1JokNuJMihAT2EXadJc\nAb/duqW/n7WBS+6CrzjSufpekxgrCWoXxPKqgBUsiBI8bRfZlmhUX7IcnW3A8Eph\nnigzikigdcKsBxSAGwij1/ja71PoWhWkNxnRKVFnzxMvWzlHbkP48r+dvs0=\n=Vl69\n-----END PGP MESSAGE-----", + "created_at": "2026-01-10T00:52:57Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhQIMAwDh3VI7VctTARAAzqg5EyqoyPPB++MUMwBsAy/Yo+MgvXZ1QSt/gInq8ii5\nzcRl7vOmGtWw0T9gRSLT+gJXp4bjGuYOhtC3NWL3y2pDiL0tSGC+fKd0vJDwNyca\nYnwUG7pDHxKOw/UrcFJar9dhf0b1R6aHh6AvL4YzFA+iH0ZY9gRWozPBMkJKxZ6Y\nHAL53dclITW+zif00yVaBMjiIFMr8tcVMefU5BMwDpLLXMXZL7Po9h0EEh+4Jq7L\nctxJQvfk0UF2flkHju3VHV7qdZFJwbskF4z1QVQTKUgVYqPiwFqsBQ//D+sDY7Wa\nkhleX/LTaz91fIxdOAhSo37l5U1uh8tkAtrQ+ls2nYl3gn/Tm9hz/nEhqN9SSiMi\nmEhDRM/rLJflCzuzsVNgqGG2MSGzErsii8DrOwIZPAISjflnoZCUoDKuvro2Z1cC\nNSP2FMOY3P1dpubYMUik+k7PZHf3jydUMQxfOzZ6VAyzdd1AF4SQ27CaWnOkIwGp\nsdvsQlJa5Pyu2iw89vDavYGPoW2hO/MuURdHgh7DRwAnjFmq9Z5miOsIFkJOBMsE\noFomVuqaaX1P8u0bXfhSqsMOZDs61BYut7/1tMawm6tBsYs3xVhqNkMDUi+wJzZs\n9UOQ8VuOUBJ3oAQ0ZDinnJ2EFIKICod1G/fOJFA5FIlL2Ng1xeJ9ZEcsg1K6qLOF\nAgwDC9FRLmchgYQBD/9MQD5tfWOn/bdCAJ3LT/lT6y9SNtk2t/75kfAdXDFLCS1n\nH7Ri9ngDHVnFHDg3W3APF1+zbRFC/UeP6pODqFE08ln3+vvsXblRexnjRCc3NQak\n26H8cnbH1kd0hkn1D4k7+YnF3gvsMd3tk1ipZQUZkkk/7v0yKAjKphkdXgAF2M1C\n88IfcIlQwCghDFhlV/4IRP2+2KVCseJb5ZE1K8eLtKYVpW3t/tAMHSfwhBO0OqZA\nSeN4iLMyY7/qAOdqo+tMo1aMC0nzYLfGKD4bw1fZ5oFE1sESewCv0s2lxWeGj++k\nIabWcg8BQKbRXxxvvWfsuPRIU/S+K6JWP2emrbAw2jVZYzPjoKr4nM71VZOd98hY\nLUKecR72hOeH3k0hVgGqY44kvlVB/nOTMaMn5ZmwtuhIlA3iLYBctq+MkIbkr4ft\nPKQxJbwBnIgzupkGJfDn4wVUSQ5kV/6d08Tkw3z4ldVfMlkcYAvC1m8K1N8KlQNr\n+Zivq+iaKoyVFYTT+qcw1cnHU+JV784vJUc8Rbvu/aGJn2fjGXThp0Yknum38rTv\nvG+kO+W65rpAOvROeSbCYAD+tF4szAYtbbiN1rtpddQMHXTGVkyBJ1TXJ17RqxMD\nNP7wmbL8kTS/rB3SP7hgrJV35pihC6V0dPA1XW0g3ZhKCA37GaoVVt9jSTNQx9Jc\nAd0uZTvhFNgzaCIVcE7h/Q7cnNWGpRP0IugyrdzokXufbqGNSnzRaROpIZodVBgd\nrqW+lJOxfhAEUQaoKi5Z04oalPWzto5oaHl5iTP/+y0ABbpZ0cXTIw7abhg=\n=ie2N\n-----END PGP MESSAGE-----", "fp": "4BE7925262289B476DBBC17B76FD3810215AE097" } ], diff --git a/secrets/repo/wg.yaml b/secrets/repo/wg.yaml index e23879d..8380fa3 100644 --- a/secrets/repo/wg.yaml +++ b/secrets/repo/wg.yaml @@ -54,350 +54,170 @@ sops: - recipient: age1s0vssf9fey2l456hucppzx2x58xep279nsdcglvkqm30sr9ht37s8rvpza enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmMStvY0tyMkZMeUhCaWdx - Ujd4K2JVRWhoRFFGT1B5TzliQjg0WTB3U3prCmNOd1NaRlc5SERpNERNWS9ZR2xY - MTZteUtaTjJKYUxmUGs1ZVZkc1IzT0kKLS0tIE1KbEZvcC9WQktTNDU0eEtDT25Y - cWYvMHEyeldQeXlLNFRCMTFOTWNsUWcKpjtPMgxtE5ngPU5qUavCtow3qI6k+2Kn - xp+eIdBNoIjS15me6Cyy27nmywCZvyGES+gwMsZ3SrEzHj3UzMLInw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXTGdxaHBJN1IxclRmNzRS + amQxMnQydnNsRnh4MU9Kb1lPbDdRKy9MdVZBCm55ay9aM3piRWQrbGhpalB5OFU1 + b001ZEh2dGwxY0dDSExwbmpFRUJvSWsKLS0tIHdZUGVnTUh0Ulo0eFZRZEVxNGNP + OTkxeHN0cGZvanZ3QzR3SzhkcklSQ1EKdgzK5MU0e+UeJ/5tgYV9AqYHLn/V93t1 + PCOwSQ9nheycRpENbi6LpRduc0fiPWjvVJfzMCIU2vLLFW92MjLpeA== -----END AGE ENCRYPTED FILE----- - recipient: age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1a0xkOFk0VTB3Q0NBZHhn - TGNBME9NS1ZWTVdIZkxjSXNvNHBmTHdtMm5VCjR2UHV2MWtjcS8yNGErZ25qK3lr - Z0RpcmFaNkZ0ZVRoUzdDQTJGMy8vdUEKLS0tIFMzbFNNY2RWUjlyWmxYQWF2TnRN - ZlNKUWtTS3ZCczdLSWpzajhYQW1iOWMK1rMh6p/y49G4+iOmv9XPKGQQVoLhRTAn - Mb4uyarFo7NYM6adwYE+mZGII9oo1FzBGXjV2eQtsBcdV9flpCS05w== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxa25YZXVvMkxpV0VOQ05L + SWVLcHh3emZoOFMrVlI2NzlPaVRONHlEUFZzCm9US2VKSWI4YS80NmZoSVFNaHhw + NkJhVEpsU1hOVHViS2tuV1RhdWRTcmsKLS0tIGw0d0t4ajZTWHRWTmpOODQzMFQ1 + M092dHo4UWoyUysxcXM3REN0R05yMVUK88l1YrWP1fAqDK5cewmKnGleGZM94cLC + X5ebNMFFg4TjYFWkfuPvxPVDXe6c1d0kG5OD/4znuHgy4Cm7th4ZAw== -----END AGE ENCRYPTED FILE----- - recipient: age1g7atkxdlt4ymeh7v7aa2yzr2hq2qkvzrc4r49ugttm3n582ymv9qrmpk8d enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0a1dodkJ3RjhvMGVlNDVY - TUt1S1cwRXBKNExRWUg0c1A1VzNzNm9IVGgwCndLV1NTOU05N2gwRnJwTFlSWTZV - R3VsaGVHdHQzeVo5V0oyMmJKV3hQTkEKLS0tIEhnT29nTVV3WWcwbEJhT24xcjNo - NTVEUStVZkI4R004ZExMbW9jd3BRWWcKC2MtzQ8KpOQO+P/oaNAEx3zkpbJQ/Mlc - rtUv0vavicH9rO+Wi3DPBSGSA0GHcQeZ+rCPsU9TZQCvvcEO+RtXiw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWYjNxUFNLSVhoY3NrcWJS + Tzd2R3l6UDZEOGZiSzlZenBQTlp2bmZsQkVnCjllRGovMkVDOEcydjdNdTNTZDdF + S29GbSsxd1JKc1JWdG4xSmgzUDZicWsKLS0tIEtpMkJiMnkyNGRwSWxjRHNUdFBB + UUFpUUNRdU9GcnNBSlRmUzN6UFAvaWMKjHC6TlaAGWF6YLC8B4hNaRWmfi5+4syx + jz8TE03yR+Y/ZSigodw6rTz5FD70qV2h2YTmTVgiXIxm9x9xc1rx9w== -----END AGE ENCRYPTED FILE----- - recipient: age1ly2endyt0y9xyddj6yuj4nw6fa3ltvzlvew4cr4lzs6dv8dkavpqadmyxx enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBraHpyd1IxdWg3MTF3ZU4y - NC8rK0E0RU1HYTF5MFc1azU5TFU2dzFTV0E4CjVJbVJIcC8wUllEVmhUNEc1WEtS - Q0FvSlp3K1V5N1h5SytiYlVLaXlZYXcKLS0tIDBKWUdTZFpkcVdvSHJXL3ZYV1VS - aExZMWhXWGJ0V1hOVlRsT1FLcjBhU3MKm5ffniILsaJ0+zxAgLtkxGPdXwI/TTea - Cg77nJovnJCxpukCBZ0CXNi8DzPZipm9476qbCI4TrIPvomO7wXmow== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3TG9JT0dDbnlVVlNqamhW + dklMeFY4U1RkNFpPQTB2RHFHcFkzMnhBamdRClJlQkJPMS8xdnFYcWlYK2h2NU12 + Vlh3ZFg3cEtSQWdoQjJhOGRFNUNCWU0KLS0tIDEzRk5zOW1xN0RtWkg1Q2I1azBy + N1JpcFJjTU8rNlNSRGQyOGMySUJvaUUKNuH2uqQqpwQx84puS1qFXKf3n7wE3Bpc + Y+knCdSmOx6111qYqcwcOPQOiU6t37UKCrspW2eeQf0grjhx+DCH+Q== -----END AGE ENCRYPTED FILE----- - recipient: age15klj4t7gpfp69472mne4ue62pp6m4e04dmjyw7yf30qtqd3vl3uqjmcyxm enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWYWhDN1I5SUk5L2F6QWNp - d05uL0JIYTN1WGJtS21OS096dmx1ZWd6UWlJCkNVM0h1UkRQL0dkU1NPdGUwMmNI - eStiaDhQNVd1MTl5N1NOSkIxd3lMM0UKLS0tIFZtSXlhdk54aGNPVzBoWEk4U0Uw - K1dJNmdwRGxEeGVtNDgwQUREc3lLc3MKtDsnekEVfk5yxaXyDkNf/2j2mcOwgXTG - rEiC5jBNMTGnbpuw+l7LSFrb2LTM7UI43AJd8rv04ZDg2S1qdMaJLw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKaFdxOVNwV042TmozL3N4 + QzJsZTN6LzVQckg2YzdsbjFZMVZUS1Yzemk0CiszNkdURXlWZjZGL1lJaGwxa2tu + Wng1LzlVejluRTJ6VjErejc0eStoR1EKLS0tIDh2MVJZOWNOVitVTHJaYlRVaFh3 + eXYzS1J3dWljbFdlbHFvc0JKQmtSNXMK1lO1PaQZVwyxH7sfpkn8SjGiXUh5Q9v/ + LHlqqsM6P9wSQ4BNK14r7NsGO49R/FXfL1flKxvL6Cz35hnlqbstKA== -----END AGE ENCRYPTED FILE----- - recipient: age1k73gy5em3js9zklnnkzp5hme9k04lny32fgahmzddknjw5c295asdyr4x6 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQZ1gySFNZTnp4U3hWSmlS - cFA1MEFhckRYQW82c1dQUHZITVIwV2NGSUM0CmJpbFFGQi9pMkZ4eW5BSFE0a3Jh - OEZjNHo1UUcvZGhXOG12c2xvVkExVkEKLS0tIHM2b1lDYkhoK1ZhRkwrcjY2V2Jy - NWo1bTk1SlVQVlNNbmN5ZmhjYUVES2MKd8hQL/DpwRd1ZDY2IiYt0eiR7iZn+dKY - 8fzdJgZQxVsgjJ/ABzPYh251p5DyWUOQutVrfAjAKtXPZ0EB/sSLNA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBsczc2R1BLenlLK2N5eW5H + Z2c2UlM2aVRZSlNGNkQxdmhqRjBLV2dLM1hzCklhdzNqL0FzRkNwejYyekxjU1pK + eXk5ZFRHditVQnh2dWhHZHhnR3FmOFkKLS0tIDZ3WXFGcWJIVmptQWJ4V1hSUnpO + VE8vMEM2d3hkVGlXY3VCTzBrNlFjY28KGKzigFQQTbBqI55NbEk/WTxZAp4/XDxE + U0/aTYjgH5KkwA91sCcJSuxi9bSfdEhtWj5t+7Rby5N99r0nBiYPCA== -----END AGE ENCRYPTED FILE----- - recipient: age1cmzh82q8k59yzceuuy2epmqu22g7m84gqvq056mhgehwpmvjadfsc3glc8 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBONktDMnU2ajBDRE0veGM2 - cjJTVlRMRHArc3docDdzdVBLRythNzV5eGk4Ck5SeVJ1Q3VYQm1zOHdFYWlrQW1U - YXpJdjdlSGJsaXNGdWRTUjZnOXFkdlUKLS0tIDJZZ0tOdTVQUVZLYUI5SUpKUGVi - dDZ1dVgyWU1BU0cyQmgwNXlHWTEzNUEKmniqWiQd4KiwpV1P9fC9Iwd5ml/uO41k - GuEl8wrjYbjHN65lLpP3LW1g1nIQlgFy3KN9IyUoSqhZBxRmUTBrKA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1UU9FeEFkUjI2NFF2blFW + aVRSM3hnL09qNDhVMHl0eFRtYjZUYTkycTFFCmFsK0VNR0U1dEVaUEJNVGMxSDUz + YUFKbFBEZjhENmZYcHhSeXdGd1dxalEKLS0tIFl2Vll1K3UxTi9tcHErTFlTUVd6 + dmIwd3RNcW9ISlFHMm5PMnNKUDlrQmsKkQErB4yMrq1apJgGB/q6Q7fN3BQKNUtA + 12+YULNihaSfOLZsjE6TbNx4twMgcTzDy5zQDDMthrEKpmPUvhFsdg== -----END AGE ENCRYPTED FILE----- - recipient: age1wmx8y2hs83j2u5srdnfxljrzxm8jtxl6fr0mq7xf2ldxyglpzf2qq89rpx enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRUThtdGkzbnFjWHlGYmRu - cmo3MWltSDZBSmV6SEZGSUZpc2NleVhTR3hRClZCQmpSM04vSERWV0lpRGNCV3RJ - elNNVnlRb2xRWGpiTWFEQlFKMmsvVzAKLS0tIEpSdE9XQUJpblRXWDFmcGFCMG5W - RTNKUnJxVC9ScklsaGYyaFVwQjF6eXMK5bQCG7YD0VzoGrgRTOlxqZXk1DSOVKG8 - tWVz6PPrY8/hI5UijDPl2Pa9Wqhf21DdfHxDqv5uEdbaKOZND1uT0w== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNcFVtbmFRVVJoTlQzU2FB + NDRDZEVMWXRkUUhkMDJFWE9HcUVES3NsRVV3Ck8vN2JhWDMrMEkxRlBEdk85NTZF + eDRSaVA2bUwxdGcrNkpWazlQaTlGYWsKLS0tIHRtSHI4UjFWTmpMRUlsV2J0QmF1 + bmoxOW5EUkJnbFZ6TnY3SVoyUVdtVUUK1ru3L0W8XRggXBdiCEE/qII+eyL6Qqgh + NQPpd6sEb/4nGDI8gLyvBB3DGLsrXAxUtauVfmMctJiSndZ1Je5y9w== -----END AGE ENCRYPTED FILE----- - recipient: age1mjgw3nxlnqdj04mgjz3wn7fj2nl2nxla4p2r2fn4nkvayfgp09pqllxzyh enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVR3dVN1ZvaDZIdmZJa2RC - QTdqa2RqVWIxcUFGd01hSmJrNmE1c2ZPQ1hRCnB6QzJuSFh3aGhac2FTV2d3aDhx - MUxPL1dVMml1YmFQUkgwbmd5T2I0bkEKLS0tIG9CS24zc3ZpQnpqb0FFY3kwYkZQ - bWlJelN0WGFVOGN3SnlZU0dOMWRGa1UKMUCWpiEM94lUi4Ne/qgIbzZijZa35yTF - /JLO3AGYqHq8gLT/u6PrvwgUadAjcw+zuehPJhMA/DLMtcCXr3tQ9g== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNVS9xamRPK0IyelBMbG55 + Rjlmb3VZRHBYcEZFK1I5ZnJWZ1JFV3NMMWkwCkNWV29XS3Mrb2xVdHdWUU9aVTdO + TWlNMTBZRUpOSzltUHlYZ2tXS1JsQVUKLS0tIE1nTW9ZdEQrMUFCd0YrWVRzVEtI + NlpJR2xjTFRWSGRxU3QxN29kbVR3cE0KgMHIfv8cf9oa9wsusihkSkb/PUCJCzyv + zK54JkBBUq1nVcDkaElPmJGa2P2+w63a7bvGnMWeHtzTEqQL+WvL8w== -----END AGE ENCRYPTED FILE----- - recipient: age16vzhcvz8tyxj8e0f47fy0z4p3dsg0ak4vl52ut3l07a0tz465cxslmhevl enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2L2ZFZDdlYitsNkcwQ3ov - ZWE5NjNOS2pyT2tEWmJUMytWRUpDdkJCMmdzCjZpSVcwcUUxR2pWTEFqV2dlRitF - enNmQlYzMm5tdGhKNVZJRCsxa0x6WFUKLS0tIDdCZmJaN29wL1FYYnRHaStnQmE0 - aVl5WTcxcUduMHk4OWxPdHNQekxnL1EKQL71hnTBQu2c8N0uz9Joa4IeIFazyZZg - v9+zsNd0UJ9KpI4uaztJYeSZcaCpncC7kLFhewiPVUdZHRBC2JiGtg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3bXZYTllvbzZ4Yk9XMThv + ZzFxUG9LODliQlc2WU96MFRsYmdBMCs2SW1NCmdVamN1V0Ryak9rTEp6NVllcjBF + NVhsKzFCNjFwL1BidzJwSVhzZTFva2sKLS0tIEs5OU5aODRId3FhYWd1ZGpuRGIz + UWRMaGNHTTRhcEtoaWRRMmY1UmFXYU0KkEOYHQJ5RXlmmfm9NEccfL6Y84TuvVGm + dt2WprGx5vRKA1Vf/xqjF8o52FHOIhbUQ2fAoT5ICPLBn/UHPTGggQ== -----END AGE ENCRYPTED FILE----- - recipient: age15cx90pnp54xp5gxlt02yn9j2pz968wp3l5ukdkx55xuecp34e5pszjku4m enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4UHR3bVZFd2tNQ05WQmc2 - K3ZxVzlIdDBpN0tPWXNRZkk0Vk9qME1rVFFFCjd3TUtxWFRqSFpCSC9YcjlmOUJl - WE9NMTBlU3dhZkVrcE5ma3RjZ1F4RWcKLS0tIHdVcE1mZXNNcHBqZG5yaTU0V1hH - V0tNdXArZUh3YjNmNDh5VW1UcFV3N1EKsIYXK7Lp8Apen8q//00mIbqJqpiPB7Bo - GzHr42K5i0vthtAIabMSCpm+p5WDnjrGWVsb8SAPArufljmIx1Sy0Q== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxSnpMNE55NVhjbnkzRENQ + SHJSQTE1TGtOeEo2RnZrOTgwek5XM2RTUTNNCk9wczlrN3M0U0lwZEgzVHdJSmVZ + elpUaUpXczZmbVgxUG9EbU9pMVFJY0UKLS0tIEVsb1RBOEo4elVyU1N2ZEtpazBC + Q3dHZlZDYUU5dzF5OFVZdmhIM01jNjgKRH6qY1LB0B/njR+5CHREGuJHhzNgWoOV + 0dbBOvEzBsaoPDwddn99gttM7A9IZwF/YGSP4paFZvI0Rg4uP7WT1A== -----END AGE ENCRYPTED FILE----- - recipient: age18quey88vge7xytclg2nuq4ncme86dg04lxwczqxczmdchnjg3p0saehsnh enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBidE5tRTY4Vis0TzBoQ0hm - Y0JSdTR5NkJrSm5MTXNuWFVSMmN3VXkxaTEwCnlqV1dlcDhvNkNzOERmQ21MeW5L - WjZGSG1nWmNXTnpQWkF2d1VoaFFHNncKLS0tIFVST0hsYVkvWUtGemttYS9QNENC - Z2VwU0MySUNHS01MckFaQTNSbzh0emMK+Bz6Sj0d25ss9e0KzknViUMU3NTyAno4 - 3usUsco42NKMtJhwbq94oY0g+W400EjwRhOBmCHB0symaXb47V2RtQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBrTVNOMG9WT0c2RnRqYnk1 + aldzcnU1Z01yNU1MK3lpWnh3TXo3d0h5TWdJCjBVc0NPU3FVTjdwWXlCNzlCVDVp + bXVCSHJhNnpaQzFrU3d2R1hsbm5yN3MKLS0tIDVVZDgxZGxlWGUwZk1ZQTNXcDZB + c3U4WktWOHdDY3oreUttdEdRd2R3bGsKHKqX70YgYDmXTjA3hvgrp3v6WFrhkruq + hEmOwXvTHvyBxbHJ1iP28fZ4sv/IK3KHm++0PNdg07zai84hVTnrCA== -----END AGE ENCRYPTED FILE----- - recipient: age1ax5hqk6e2ekgfx5u7pl8ayc3vvhrehyvtvf07llaxhs5azpnny0qpltrns enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxRGpmWm56a0VoRVdLSEd0 - eXhHdzNVOTlqRzdnQWJJekRMejlFNmR5MDA0CklKSHJ6Rnp2SlFraVVKK3d3OGN6 - bUFZREhHVFVFODlmMEVjLy92YXhFU28KLS0tIHAzcWo2TGpCaHBaMGpsUm5WeXd6 - Yi9GSEV6TWtvaHBzTWRnY1VOOFVkYTAK/Mi+A9obMlnOPk1ye0XVtvTS/Rvtff5y - /chhPVz5GbQWifIJPQt46mJHBVEPrk8QXduFLa7RT8qhD77piecj7g== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWMGc5amJ3M1ZrQ2c1VHNM + QVZ1b0RRNnRiaEJBcHMzVmJpZmtCeE43OHdvCjV4RStQWndEVi96Y1dkS2EwcklV + MHlpQ0doaTN4NFR2MTlYai8welFob0kKLS0tIE41NDI4K1U4SXowRUM2RmZCWk10 + RCt1R1BsSWVhNjMvNmxPWDl3R2prdzAKpC9xwpWrTtFxLkGm5EjZgM1e6r/yeo41 + saskc5tFRTtnr3X4VlegLEqcW3dtOr4nd3kFuEDewBhNziHLPH30EQ== -----END AGE ENCRYPTED FILE----- - recipient: age1c2enwel9un28dcs4wg0vcyamx9a4a6g3walkhu8w5lqhmd804paq9d24as enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYWERheVg5OEh2Q3g5eHph - REQ4cVREWmx4TkVvemtwWldQR20xTHRJUERJClhwd0ZVMEkxcWI0WmNDZEM5RWtp - aUR2Rytic1lhQ1pkUVMvdnluUUpiaXMKLS0tIC9vRi82V0pMeGR4Z3loMWt5U1Qw - U1ZvTjRvdzBMdUpzVkw4aW1uM1RGTmsKKoXRH5xUvYrU6rjGFjFvebbjvg5cKHR/ - vAls1XYnJkqDWeznK3Yelz/zB3zM1V3QWR4GIwvrykKoeyFtqG/hlw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1dFN6UHhtaVpHUkwvKytI + Rk0xNkJiMm9TRjlHdWRBYVNRdUpCc2pSbUVrCk14Y1FmM2FQZ1M0QU1lWUxPdlBw + ZGFsb0luNmsrWTQrRzcvZllqRVBXOUEKLS0tIDRVaFZ2Y2tWNW9WcGRZMjZKM0Jh + K3FpUU5qamoxRitwRkVoWEQ3SjNLNFkKE4IqY685vdr+UADGr+t6G9G8M2uTpBH4 + Md1SIAXcXqbNNZbRDNNdHIJ3BuzDhRx1riR+chSkeL7n9ebUHg19ZA== -----END AGE ENCRYPTED FILE----- - recipient: age1nanlervuderw4qskcuessycqy2yfmptl6nym9scgp9ky2265ssmq3u73r0 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2MjhtaUJQQjdmdGpiSmJS - b3NTcHgyOU5SaUJqYWkwRnd5L282UjhtZG13ClJSM2xHeUY5RVB3VWxpb3NLN0Zv - NnVNNXJ6WWRSSjFBVVljcHhIS2dRU0UKLS0tIERJQ240QWpzYmtDdDlzN01RQzVa - Tmw1b2FUTXRTRzcrZ0F1dlREMENRSWMKpGeNTOWF9DWMzWoiaEE3o2OnxdF7QfID - 1hLIbV9Q7qojICZYEcWiogNbwJ8tfToTJMDf0X3ihKbDbw9pXRhtpw== - -----END AGE ENCRYPTED FILE----- - - recipient: age1kyue7mfvzuxprjz2g6ulz2mxlr57rgzg6lfpnrqedkelehley5ls3enwsd - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAyQm53QW9RaWN0dFk2TnZn - YTJUaHJOeUhnNWFsZDU5MnB5SE1nUGR4a3pJCmZyVUlxWEpkd3d2eDhRZUhrNlVG - dTlxZCt5azBlWEpmUjc0bHFibU5zeDAKLS0tIG5XZ0FYSitlTkorOTFIQTc0YmR4 - WFRaZHptV25oak9ySDJENUxUSGNTY1UKniLC2bVFNiHlWeOgFDmiUJSIp+a9nQp/ - gOZrbsca3TGmWH6JeQUuwksAlu5Sd7ka1Z1KG6kluXLwWqt0m0N+hg== - -----END AGE ENCRYPTED FILE----- - - recipient: age1qpgj3ell93rzkpjq0ezs6t669ds3nyxx67pj50smx597pspz6fqs4jc6pt - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBjZk1STVlRaXBjcUdzK2Jt - b2JwVk5Hejh3MFovM1RHWlhMTitkd082WTBrCnI0MGtrK0JhT3BtTkVIdGozbjlj - OVF4bnBSNjFSeXQ3ekxMdERvRC9GcGcKLS0tIFkyNkZoc2JNcmpUa0JpdkZleU4r - WnRvcWZnQXVTUjd1d05mektIUEVPaGMKI8fau7+U9voSaSJ0lepWK20Hv2sXPJrN - eUiXSQo4rzDnXjf0GA37oIr0Sn4bNa7MSRuG5Zya7bjvuRaOMjbHLw== - -----END AGE ENCRYPTED FILE----- - - recipient: age1f63r2klnpfxmntswz5xydpa75ckgjqcs2yzkm0msqwqgz9aqgu0qwzr659 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxT3BzQS9YSEN2WEZqZlNL - dTVuWGdNS0p0eHJQWDM1VVhSR3VMNkJ2cGxFCmRxWlRtSE1ZWTlOcDVueDJ3WUtM - YVVkb3RreFU2MEYwczd5bHphNk1YOVkKLS0tIE5QbWFodEViYU03dG5uMkpSSno0 - amlXVnRPZDBXa3kwVFByS2tsOFlxZ0UKdhnvEbLutZxslCuJMA1MPyjTZTBAYq6F - l6q27sIWPi+1BCh2ge+spk1H4H1jzNjFXhebYyy/IX0La9lKwU8wAA== - -----END AGE ENCRYPTED FILE----- - - recipient: age17328xwk0z3znalpmma5rvp0lt5ghn5p8xfvnrtdxwsw80dqysacqj9j37q - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2NERCMnlFVjd2OVl0allB - b29UWlYvRjNGWjJhMmFMNzljUkNKNDcwd2lNCjZDVmQ2ODRPNWFWcFIrK2FQYlJq - VHEzN2MyeWFCOVc5K0M2cGZlbytSOTQKLS0tIDhTb3NtcUJoa25yL2tiWHZxTU84 - RUNQemFWcXdZNVRqTnErNG9hZXNlYlUKbwIszuH6/gy7sk2nen2A/JzpmxuGH719 - h/OBRVcRK5TnjsCylyK5hhRUDsl1P2A8HIGBvoIRstVAJrDFw0eCZg== - -----END AGE ENCRYPTED FILE----- - - recipient: age1qdzkn6v3xhrfjwe8jxz3945dhyyhevwal0narjtr8whf9y7nh3wsn524u5 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhSmdQR2JXbnVFSzRwb2t1 - Y2poYnhQMUwyRkVzK3RqN05sZHFhanpKcEZVClJhY3BFTHcwbFJ0WC9rZ3ZWcmVu - emNPTmFFNlFOcXBYaEVMRDJYTTRLZ1kKLS0tIHpSQjVaZy9CSmd0TUgrZnVnRzlS - Rmo5UGlFam5rNVN4Ym5ZR3VNdkdlb2cKk44TcU4qNtrSbC29ipK93RF38Tn+Qbzi - ctjQsuhipYc/2FLvsVLUdg605MDWjs7SX5owjMBRVxeKJJH50fIglA== - -----END AGE ENCRYPTED FILE----- - - recipient: age1etgfym5m8hn3hxs6cgg757zcv5zg5n22wq38fuq59n7qk7nef5uqyg6vvs - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhTVJSZXVUNFhhaWpFR0U1 - d25Jd0tLQmlYTDNna1U5MzRLQ2pFL0FKWGlvCnNQeGhaYldmeEpkY2tRVVgrYU1G - bm50QzhOaml3Uk9yai8yekNDcmE0Zm8KLS0tIExUM2dVQUxKWjV1Vm5CZUlSMDQ0 - aXlaWTRTQUllK2c1N2I5bUhVcE92Qm8KkVGWocNrywzxwuUVFsNKn7FiqU2FiY/5 - zb0KxYOWOORu+B1jQMI5Hocb67kIx4CEkbCL9bxsCq1qZS+RBRkeUw== - -----END AGE ENCRYPTED FILE----- - - recipient: age17mugmkdw0y768a3huuf37r45eff9apyknxvwk3agg6xzsjmqp96q57tcty - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzbXJwU01pTm8zZStpb1F2 - b3BhZW95UER1T3hYeHlLekZ1NExuSWx4cWw0CjlpYWVFR1QzVU8ra1hJeFNXRlhK - ZXhnMzk5RHlaT1JHQkUzZEVQMko4aHcKLS0tIHNTYlowRWUyWHF1MzJud0FpN1Fi - Q2s3dzhVSGplVmlRRE5YcGM5SmdZR1kKn7tLO1863OUl/ZK1x7saGZshMoCq0YxI - AA96lgZ6/rfA65O+bNbk6VxeYY6WAH2pDEIlS5ePK7o17ishrw2dlg== - -----END AGE ENCRYPTED FILE----- - - recipient: age16gf76uustmyyksm3t56zcq9g6j8avy0wrngh8laknfq733s5welqedeg4x - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBsazY3aTZjSkxtYXN1bzBE - cHdOOFdlZzhlVHJ2WW5WV1ZESEVxZWFuM21jCmwyTjlRRFRkNWtOV2tUMjhuZmJE - UHMzckhCOWg5N0ZSRmViOHFzN3FmTWcKLS0tIFVJa0FnWGd6NU5haVJ6VHpRSjVn - OWM0SmhHYjV4UGQ3TlBGcmMrWUxTYUUKiiNBrlTee7QixXS5UtyMd7cQY9fJKO37 - ficDdGDwajdbkk/Lul8ynmeDykwS9ZijCCRnGW8PBM5Eck+oaRNDeg== - -----END AGE ENCRYPTED FILE----- - - recipient: age1fnvlmhzju0yq908xtgags0sy85q3tacl2sc3w3vdd3yfp27xv5aq06v948 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSByaTBSS0d1ekFlZXM0Y0Fu - NXNXQlI3QnprTVo2b2pnWVlkSFlidGRPbGlRCk1mSHJXZEwzVzRIOHN0VVp4cUhN - SS9lWnN3bklJWHNMTytWTlBUVy92b1UKLS0tIDRDWUpjeU1sTnVKTlg5Vi9YY3NI - YkZKYWpYdG55WW1rUTUrVzd1alczd1UKgJ+DtAEhqD3VusfyW4VdQ1TILEku5nGo - FGVoAD+lpiDX2ADtg7SqDzPyVdJYSowZJrVOXDuG9rK+RpDB0QPc4g== - -----END AGE ENCRYPTED FILE----- - - recipient: age1s5gcxtatd9frwctzwg54fqycsx2sa73ll36k7qrpm9wwyknkldtst90gn4 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4Q2RCWTV4MFFKUnR3VUsy - VFo2Vnh3bXd5MFJzWVp3dVlmdVhnT3NKeFZ3CllSQi9wNGI4QnBybC9acjIzM0hp - dkpuS3FCYWhxNWEyR096VDdMTzVCTG8KLS0tIGJaYjUvQWNlRzdra1F4cTkwdXBl - OVFnajZpS08rc3ZEOW5ndlV6bGRnUmsKm6TDNN5ieagZmOX4nUAKWNICa4m07ZNo - +JygTSszWE0ziEl3pCQChpPhhHUHy6QoW+gLCjn7PQB+TX6HAB4zYA== - -----END AGE ENCRYPTED FILE----- - - recipient: age1d89878cvt7wsa07ydwtexspku5gppwstrpnpph4ufx5pcd4fadyqgf6lvl - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1bER2ZzhzZ0xvbklDaHpC - N3ljUnl6VTh2MlB4d3lrb0lPcmZIcTZ4WkdjCktFcHJmd00rK1c1eUwxYmdGWWZC - OTFldlFKYU1Pcng5cXpCZ0hmVlJHcnMKLS0tIDMrT2V1ZkRFbXVYekQzQmZ3TWFY - WGMraFpYelFIdmNlanVJWUVINW9McmcKawxuuc7q8u7CmBpWlLph9SX8ZwKju7PZ - zlGQYsJensouHafNrZY+seDRdQhmRSJrq2ubsfs/x+7iyChdu3t/Lg== - -----END AGE ENCRYPTED FILE----- - - recipient: age1ayupuxlrkepyvjk7xwgrd0pvcj3tfcha688mcuc8ees2hg3g2ersd0q3nc - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPTnNoZDRldzhUNzJxUHhD - QkowRGxxRGZ1dUhYbUp0Nkc3TzN1WkU3NzFVClM4Y1g1NmhpcnIvd1pJWHJoVnk0 - ZkdySHlXUXRPUjBKYWVRWXFNTjVHR2sKLS0tIFA5a2FuNUZ3emtxeGpXcS8ydlUx - WEl4TGNOWXBVZ3JRamVpT2ZvMmZiTW8KlS31pRTd728VrLYgqTI6876jzCinyTyO - K5n0EjAYSMIDLAzznA3F9MvW5Bs0peUQ1uWKglp1UH0dBggG0dd3ag== - -----END AGE ENCRYPTED FILE----- - - recipient: age1cq7wxnugpfvjk6dgqpfmc8vemzhkg75drkgeaqjd9fuylz5qh40slazr4u - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXdDdEYXVWK2FPeEh3MUJR - WDUrMGNGR2lNcThLWU1uejVCNWlHNU81UkdnClJBRzgwU0FROUZmUkdOUUFFQjl1 - a2ZNQ1c5RmduVjNCRVM0ZE1TV1lFNFEKLS0tIGlyTHF6Zm5hY1BuVlVSVE1ucnV4 - bFVaT1BmQnM4WG9ER084TmVQbEJ2NTgKTW1m08X9hSgQ1F6lKiRE3sSZtKMdk6ps - OTBSMmnjTD82H02MnGLpcYzADERzI3cjZnJ1jObq2OmK0GlJx9TCoQ== - -----END AGE ENCRYPTED FILE----- - - recipient: age1vn6ya0japzpgc256jg57fldsqe4udmq50sj5hmkywn7rxfnskevsx2q96u - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBpU1U4VWJqVXhNbGU0SXJh - dzRRRjBUeHM2cGtURzlML3dLRkVreC9OVXowCjMxR0QzL0dPbS8yUVprMFNFYWFk - YXBaTlVRUUg0emVwK3pnamlRRkdxN0EKLS0tIG9MTEl1RktkdWRFSkVPY2UralQv - SlVsUGtobGpCcXkycWRhK3MrTm82NncKKfEymPS56iNlRyQRuDIfYt0uQmCDZ3tZ - 3A8It3gPcWVCP0xm9Jq1Fc759EzmiCkuJwgenI7iDepAwB35zU62CA== - -----END AGE ENCRYPTED FILE----- - - recipient: age1t7zagjfddns4yltupk7nx8xps4gh7mupyz85uuys0wd22cxj5qsq2hw0p7 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBqazhoWVY4MWI2TTBKdGhW - dnF3T0JNMzlrZnd0SHdDQzdjN0RQNEIyWUNNCnRaamJyOHd4VnlGTWhsTHdJTGlx - R0NUZ3RsU0tic0ZRNjB1WVMxL3lvTlkKLS0tIEtwbTlZSDVGWkp0V2Naa2I2ZVB0 - WW1xTVlHczR1NkpyN3VvNUF6cjAxdlkKXN85aBzWwm90CgwcaK8KWbYxTKc0ZhQt - adZY00ohE740VN00wrt1GGoVNxSk6fTcFZzHUR61rJHuRqu9CKDv3A== - -----END AGE ENCRYPTED FILE----- - - recipient: age1rn0pxluh7m8dyeshek06d7scejqlrcewlk8xmyrwt5e5nev2dc2s3s78vq - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzbWFDY3U1K1VIcjlOYitW - cmUwVkVmcitTYmE4S3g0MHNxWmUxZmIwRjBZCnhOdWdqbmtSV2lORmJrMzBCZmZ6 - S1Fja2tUMHA5bzB3Ky9sZW1wcFZJbjgKLS0tIDFvazR1R3pCQkY1a2xWK0JWak5B - TU5FWFJSYnBzdUdrOWhKekgxQ0tPZDAKAaAlXcQW3g5/AQ+LzuYxOml4BmfbMKrx - tJIeajT86J5YvpDl6fiy2Nu6WYGXmcTidUAZd/RQO7fjXgEOZgktMw== - -----END AGE ENCRYPTED FILE----- - - recipient: age12jh5836w3cmazec8ql652p9h3a3xn6quztztzqxg4n0kz7r96dnqqlhxxw - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAyblkvTUVweFJaM2hZMHBp - R3FUOFRkWTQyWFJmNW5nMU5YZXJzeXl2b0VvCjdLTE0xZFgxTW9tb0hBY2lxWkVM - U1hPMXFCQTlvRElFN0V5ellSdlFBNXcKLS0tIHd4WmNtM0NnZUNHZVJteURxWm91 - QnltSFFrdzh3U3pWdFpib0ZXWkFYUWMKFcWBVrkonmjB3xumCO4epUIUudPwuiCM - pJHdBeENCH4U5p11g8kLPNPWrjcegnhDK/KlCO/pAhw/SK7z9e87tw== - -----END AGE ENCRYPTED FILE----- - - recipient: age1gxg2peektn8x36kk3nsgmeawl73e54kaadqd649ygwrv43kkvejq2cw64z - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBiWjRTd2wxVE9DaEE0dWdF - Y0RXVkxxbVp5Vi8vdi9DNTJQbEpJalRDUGdZClg2QjJTT0p3MXJjWmJ2SzhJRDZz - UnVxSkpZelNFZ0xOS0R1bDN6cEs5RG8KLS0tIGt0RXFDQTh6TmhQNXJOQk1YNURq - Q3VscHpPSlNXVnVnNjVZazdEejJDWGMK4bU76DcN4QbI+KgvKCUNzrDjTQTm+PhP - WHvkRfFIup0RnZuORwi07qYnLsF+DK4sQxRcN0XMunq1RWpPLFMKFg== - -----END AGE ENCRYPTED FILE----- - - recipient: age1kn34ny229gm0rg7wlcvxmcyjtz4gka6f2vd958fde6vmuzrxcvcsufra90 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5UmMvVjdQL25ib25rTW92 - ajU0RnF6UzY0UTNnQ29HS2VtQUJ2OXc3UkJBClNmbTFOYUdmUEYwZUhwYkVpb3po - bnVGZEk3ckpHVjJIR1VZN0tzK0hoUjAKLS0tIGtzOUFSZVhyaFNZYjJwL0Q2VXJa - YlRBRGhUcU1oRENMcldlWDMwZkRXQWcK6r5ezG1hXO5PkW6ymoTGtIVq2b7ZswuD - M8KAJNMrj414TfTVcOWxj8JZ6kcPx/W+wflBT44ueshpwUS1yfOoOA== - -----END AGE ENCRYPTED FILE----- - - recipient: age1y69f2elvmq39lc3t3ucq9y7wt675520n7rvug88qg368qsmmk47qvwrtny - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBnZnFETU9OSEdwd0FmWEF3 - b1VtT3lMbld5WFM2TU9VOFM0V2ZoN0l6aHlRCkNhN2x0RitMUFRXZXEzUjkyeEZE - STladUViVWhkclRmclYxOGY3UitDaWMKLS0tIFRxbkdSNWdXbldSaWJyTEtkWkxR - akVFZjBGY1U3Tjlac2RXWVBpdENQZUkK5duYbs6aaVmAl2lCOuBlkd5MKnSTCTux - IBexcfLJXBw22GHE7GiDoFcMY1yAblXZlCOHOk8WMYDRUI5KVFgm0Q== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmODBwY3VIZEpZaEM2YXdk + NHNXVmxUbG1oSGtya0ZpUHdDbWc3MFhuVFhNCnpHdmIvZWFJNjhZV2JxTWlQeWZl + S0lPRHVYS3JUUXVlNloybGk5N1RFWTgKLS0tIGhibE5SR01UaGlibE9laW9ZVUtH + UGdac2FHOVNIL0dKZVMzcC9USEVDT00KC0h8U+SZhHoTUoMBpQ1CwGJXYRa10SNu + JmgwuX9KPWlrxJUre7NtSnsFNQOmSr3uThYLs6HpclBB7/NEDJpywg== -----END AGE ENCRYPTED FILE----- lastmodified: "2026-01-10T01:51:28Z" mac: ENC[AES256_GCM,data:iC+mSzhxPTvG/ZUNkgtp26EGTU/GJoUZH9ZOD27rKsu+uKuORb1dmys6jEdw2UYgziQ+mF49Vkrw/82rgw5npaaCXsZbDOpiHRoNMtVCG+734FKK0a1NqJbEZe4iChX8icXlQqlayMdsYnP1IFTiu/xouL58PKLqNTm7wexL91A=,iv:gXkmuc0bYRS2blLkzoHMdGXA/1GFh7LmLi3L+Vr9/rY=,tag:n4kNdcMaZM/BCT1ajvdCLA==,type:str] pgp: - - created_at: "2026-01-12T22:05:09Z" + - created_at: "2026-01-10T00:52:59Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAwDh3VI7VctTAQ//UiWR3ycyze5KjCHhc438L7llQvficbLLy3FZmZF2YWeI - Xb7L01J5pZU4un1qKfdeXBB/L+AQgjhCYwQ/pbHiDxD8CxW+xbjuS2rVlVDEb5SU - XM8GZSmwe4ROcpeILp9w0hj7xlE8w4odrV9gi3LLubfAc4DhPm248d8fTcf2lbBu - goN9rPodN131uBUg4evwYCvtPXthGXfVYCk507WBKI2hG5S7nCc386p4XOLBLlsC - 0OLIOGDCuzRVz1ZA2JH8PVL4hsA/CrzDIxMWoRraXsardj6potjdx0B8hYG1p+Td - l3cqiERHyCz2yn7Z5CRP0+okFYojeWrImmiM7AxM0XhHV/1MCXe8EJyFiUlkIvJv - oYqZSn8I9kbdT97zPBCDvoe+OxH3v9m5dbihQjlhy5Q8ePrzQczkiaGjsJ859VZS - sfe+siKU+QMgpw1dw7Y0I3kRXz5iMJxpqP40Yn9rgb0wUfNPuMY9Of/Z7vry0Igu - /ZvDUwuqaYdJiSF2sYXyU58vv5TkjGL5/tCuFFJ7upEcj7DMG8a3VWZ9vzUMxI9B - ZYmMgmiavy/xgIzG65mfQ/ujCei7PVgdQvb/Q8sSG7OSaz6Zkuhv31uB53F4Eveq - exKzH3QGwPraQWs9E3z+W1n4mx/bCfRHSd1Qjmqz9NPi/ZuQFXM8OvEMUvpQlZKF - AgwDC9FRLmchgYQBD/9Ui2QDbI8aKSgOutalaPUxZpGDJFgfHeHNZAT0/ptZyZ1K - Q/ik7PcxvZTgsaXd0rm8tC39MJqfmKz/tZ6pEXCerqBeTDB69QRNw9Ov1ov2ygdl - pKSq7lQoCM/lFyc1YLZRKDm66JuxUTMddBhJM5bkprzUKwxjvEZbriUfdwYSmAMU - pshiaiG4MuKXJob8XuhHWorU+tQ7iImZpt0PhZdYmSj0krqsugbBgKr+H10tsuyX - G7zrU0lO/JzapXjll5a+GKJs+8p+0TV5M8WvIoZhNsjEI2WVqTzl+6ufVmDFJL2E - DSs0okk9Iw99B7KD8J94lmODgri0dpqWA4gfEwt2p5VQdEwFLn3JDqp7tH7EpTI5 - bVfqSMRJJI/hJ5dtPd31BUi2DJywKRUIsxsowdWQOxgPqFF4rQ5wK1cI3Fr7eRi1 - 0HRYhrm4LUcAFAS8Jvx8v3Nkr2eB7vJ21ZfOx4EKeenvI5pc7NUxK/hnI0/DmZAj - +4xxiKyJQD6JcE7s8rubz/YCzI5Q4cWJlbXvIdHJNBddoJU6ButylawoQGP5ld6a - wST6Xo9QNuCboMHEgP4KbjYs3JTp8RpT9lN2HBT/lRyQzRA2QbV6JSTHfKwAVGXI - +tkN4xdZT40gkPHc2l/ljbqQT96QvQwdBLZyUdhW80Oz+IlA3tLoXGDtux1pDtJe - AW1yKpjt2yjNM+ONyxN0f61CrJVNn1AcDI6MBVOdh3ErK+nSvV9ii2lA66GZuyDW - FKlt3OyY+FPKXPZYsZp65lmZfkoUu9AcX160aBK/cr/NRiZQUoXGAiSzsKcxeg== - =KAG6 + hQIMAwDh3VI7VctTARAA3QJGg6Y0j0Q0/UiejpfoqWZMCmiRk8CHP6IHJhQDm5Kt + VVg8Z1wZC6+B6lDqW6rUWgCktJRYp5CLFKFIJNjcOpWU8UnyV9XKzRiGs6L8tfpI + MeQEPrjJ32CsU3+Lj2ciKJcMzaaRwBsQLofPu+c3Rl42uRIjVnDD8rKcFmZeSfk5 + mrms8XMeJW8yPlEfFcfgfHn+a2U6jDMVhlBJaMkolc4FYwbNhHxJwSgAn/SDjQAi + fdkL2zbd2fcWk49C8o6Fo6WBWDj+9Zs3iXp7ee53POXwdqG/KdTR7a1p9nFpfZ6o + hb7c8yW0eEafFP66ZMapLfE4K/0WSbWyutHyQ6Av+aZ1YxDwqts6kw17g5XCLAr6 + MfT7RI4ZYJKGDSM+d3sBekHYLEQi/OpdzK5Zo8Eukkfjd2eHqO+dCSAbc1vp/ZV/ + rhRCDhRwzxSoTxhJa46TekR1X7tMDL4edRHfdn3grauTtFlTygn3ooRBS2GKPWpV + kvbfWrZKHpPQkBnx7UYwZMFesuS+V9nGGMy26wf39N2m8ZWeLbroUHxPeXNRBgJm + 5c9rBZRNDzovh/80f4iFiuyJ0s47nhW7Eq7VNrgb5JFgGO8t3iVaQPtLEqLuzHk5 + uUEFmv7bfsuuUFDhimZElBbYDekdwqNmYa7dbbk4CkOM+ooUs3EREXmjJll5OQqF + AgwDC9FRLmchgYQBD/wOMPPiRB+lsBcIbuKaRsSZlNYLjY9WTFYph4jq5wJtaQyZ + gsmHp8D3I8rMfLJmKtwHSjylOFnjeUaX8BwAXJPn1KYU3PYQKQrvHWPrb2TAdKUZ + h0jP1nG9d9YAi38hXrtYa+KKWvjS0yHIoIbAjOa+LIHU7Ro+RusY+mL4F49q4lxD + 5jdBQBVNBk15QsYklmUi87n/HNoP6+q7rqXlcL7qbRC7ZYnGMmcbnbIqzg8DhIUO + EGLwjY6fw7n0gaHOgSSi6ZKl8ZrU/zbVr0PP+o/Nm3ySaaJ/IZQm5p10V9UDfZW2 + mNi8hf9lkX6nx/+f8Upvi8B7I0pqgm41vQaffZHbBPdDSqeFnwmb57KJQ+QA/vTZ + WRfUF22uXOaRk00UM0mcJUf/HGW+qIVzS0iMm5Xh9+5rPK8x5QYLwUT+QLL7NWSx + g6hgtf0m6w8uF/ah6CZlfpghv15MqEschpg6Lv0hSfwX70l639QAfeAzptaFrItq + Dv9qci0G7yhx1AQp7YkkvOsCaprJe/2WwNqi85iCAhr7zqd9ZGTh8x3snsV0wj4V + 9V+91RCDcaPRyKBV2Al+oKcyFVhnyWm6GVijgqj0wh7tpgHKVx1XmvoAG5mZRR72 + P5l+8913eYllVg+wX756+b824zRtJF9KB0m+mlUvZxRrdq48qSoCZDfTYunyG9Je + AQ4SPPXKjJWnT4BuRP9DoE0Rnn93G7pg0kHutoto6da7k8NcmKyvrxPSNo+DdbPD + hdle6NfeAsZ6lyvf0Mbi5bUI72ykkKq15GeuUcs1g/5e2OCPpM6jFz9Fwf2CRw== + =kWQ8 -----END PGP MESSAGE----- fp: 4BE7925262289B476DBBC17B76FD3810215AE097 unencrypted_suffix: _unencrypted