diff --git a/.sops.yaml b/.sops.yaml index ee31af7..f5bfacd 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -37,7 +37,6 @@ keys: - &summers-monitoring age1vn6ya0japzpgc256jg57fldsqe4udmq50sj5hmkywn7rxfnskevsx2q96u - &summers-nextcloud age1t7zagjfddns4yltupk7nx8xps4gh7mupyz85uuys0wd22cxj5qsq2hw0p7 - &summers-paperless age1rn0pxluh7m8dyeshek06d7scejqlrcewlk8xmyrwt5e5nev2dc2s3s78vq - - &summers-postgresql age12jh5836w3cmazec8ql652p9h3a3xn6quztztzqxg4n0kz7r96dnqqlhxxw - &summers-radicale age1gxg2peektn8x36kk3nsgmeawl73e54kaadqd649ygwrv43kkvejq2cw64z - &summers-storage age1kn34ny229gm0rg7wlcvxmcyjtz4gka6f2vd958fde6vmuzrxcvcsufra90 - &summers-transmission age1y69f2elvmq39lc3t3ucq9y7wt675520n7rvug88qg368qsmmk47qvwrtny @@ -79,7 +78,6 @@ creation_rules: - *summers-monitoring - *summers-nextcloud - *summers-paperless - - *summers-postgresql - *summers-radicale - *summers-storage - *summers-transmission @@ -322,14 +320,6 @@ creation_rules: - *summers - *summers-paperless - - path_regex: hosts/nixos/x86_64-linux/summers/secrets/postgresql/[^/]+\.(yaml|json|env|ini|enc)$ - key_groups: - - pgp: - - *swarsel - age: - - *summers - - *summers-postgresql - - path_regex: hosts/nixos/x86_64-linux/summers/secrets/radicale/[^/]+\.(yaml|json|env|ini|enc)$ key_groups: - pgp: diff --git a/SwarselSystems.org b/SwarselSystems.org index 23924af..26fcf60 100644 --- a/SwarselSystems.org +++ b/SwarselSystems.org @@ -2067,41 +2067,55 @@ The =_module.args= part is needed because we need to set/override the =flake-par More information on the actual packages build can be found in [[#h:64a5cc16-6b16-4802-b421-c67ccef853e1][Packages]]. #+begin_src nix-ts :tangle nix/packages.nix -{ self, inputs, ... }: -{ - imports = [ - ( - { lib, flake-parts-lib, ... }: - flake-parts-lib.mkTransposedPerSystemModule { - name = "pkgs"; - file = ./packages.nix; - option = lib.mkOption { - type = lib.types.unspecified; - }; - } - ) - ]; - flake = _: - let - inherit (self.outputs) lib; - in - { - packages = lib.swarselsystems.forEachLinuxSystem (pkgs: import "${self}/pkgs/flake" { inherit self lib pkgs; }); - }; - - perSystem = { pkgs, system, ... }: - { - # see https://flake.parts/module-arguments.html?highlight=modulewith#persystem-module-parameters - _module.args.pkgs = import inputs.nixpkgs { - inherit system; - config.allowUnfree = true; - overlays = [ - self.overlays.default - ]; + { self, inputs, ... }: + { + imports = [ + ( + { lib, flake-parts-lib, ... }: + flake-parts-lib.mkTransposedPerSystemModule { + name = "pkgs"; + file = ./packages.nix; + option = lib.mkOption { + type = lib.types.unspecified; + }; + } + ) + ]; + flake = _: + let + inherit (self.outputs) lib; + in + { + packages = lib.swarselsystems.forEachLinuxSystem (pkgs: import "${self}/pkgs/flake" { inherit self lib pkgs; }); }; - inherit pkgs; - }; -} + + perSystem = { pkgs, system, ... }: + { + # see https://flake.parts/module-arguments.html?highlight=modulewith#persystem-module-parameters + _module.args.pkgs = import inputs.nixpkgs { + inherit system; + config = { + allowUnfree = true; + + permittedInsecurePackages = [ + # matrix + "olm-3.2.16" + # sonarr + "aspnetcore-runtime-wrapped-6.0.36" + "aspnetcore-runtime-6.0.36" + "dotnet-sdk-wrapped-6.0.428" + "dotnet-sdk-6.0.428" + # + "SDL_ttf-2.0.11" + ]; + }; + overlays = [ + self.overlays.default + ]; + }; + inherit pkgs; + }; + } #+end_src ** Globals :PROPERTIES: @@ -2230,209 +2244,217 @@ The rest of the functions are used to build full NixOS systems as well as halfCo - =ConfigurationsPerArch= does the same for full NixOS systems (NixOS or darwin). These can further be specialized by passing in the corresponding =minimal= arg that is used during bootstrapping. #+begin_src nix-ts :tangle nix/hosts.nix - { self, inputs, ... }: - { - flake = { config, ... }: - let - inherit (self) outputs; - inherit (outputs) lib homeLib; - # lib = (inputs.nixpkgs.lib // inputs.home-manager.lib).extend (_: _: { swarselsystems = import "${self}/lib" { inherit self lib inputs outputs; inherit (inputs) systems; }; }); + { self, inputs, ... }: + { + flake = { config, ... }: + let + inherit (self) outputs; + inherit (outputs) lib homeLib; + # lib = (inputs.nixpkgs.lib // inputs.home-manager.lib).extend (_: _: { swarselsystems = import "${self}/lib" { inherit self lib inputs outputs; inherit (inputs) systems; }; }); - mkNixosHost = { minimal }: configName: arch: - inputs.nixpkgs.lib.nixosSystem { - specialArgs = { - inherit inputs outputs self minimal homeLib configName arch; - inherit (config.pkgs.${arch}) lib; - inherit (config) nodes topologyPrivate; - globals = config.globals.${arch}; - type = "nixos"; - withHomeManager = true; - extraModules = [ "${self}/modules/nixos/common/globals.nix" ]; - }; - modules = [ - inputs.disko.nixosModules.disko - inputs.home-manager.nixosModules.home-manager - inputs.impermanence.nixosModules.impermanence - inputs.lanzaboote.nixosModules.lanzaboote - inputs.microvm.nixosModules.host - inputs.microvm.nixosModules.microvm - inputs.nix-index-database.nixosModules.nix-index - inputs.nix-minecraft.nixosModules.minecraft-servers - inputs.nix-topology.nixosModules.default - inputs.nswitch-rcm-nix.nixosModules.nswitch-rcm - inputs.simple-nixos-mailserver.nixosModules.default - inputs.sops.nixosModules.sops - inputs.stylix.nixosModules.stylix - inputs.swarsel-nix.nixosModules.default - inputs.nixos-nftables-firewall.nixosModules.default - (inputs.nixos-extra-modules + "/modules/guests") - (inputs.nixos-extra-modules + "/modules/interface-naming.nix") - "${self}/hosts/nixos/${arch}/${configName}" - "${self}/profiles/nixos" - "${self}/modules/nixos" - { - _module.args.dns = inputs.dns; + mkNixosHost = { minimal }: configName: arch: + inputs.nixpkgs.lib.nixosSystem { + specialArgs = { + inherit inputs outputs self minimal homeLib configName arch; + inherit (config.pkgs.${arch}) lib; + inherit (config) nodes topologyPrivate; + globals = config.globals.${arch}; + type = "nixos"; + withHomeManager = true; + extraModules = [ "${self}/modules/nixos/common/globals.nix" ]; + }; + modules = [ + inputs.disko.nixosModules.disko + inputs.home-manager.nixosModules.home-manager + inputs.impermanence.nixosModules.impermanence + inputs.lanzaboote.nixosModules.lanzaboote + inputs.microvm.nixosModules.host + inputs.microvm.nixosModules.microvm + inputs.nix-index-database.nixosModules.nix-index + inputs.nix-minecraft.nixosModules.minecraft-servers + inputs.nix-topology.nixosModules.default + inputs.nswitch-rcm-nix.nixosModules.nswitch-rcm + inputs.simple-nixos-mailserver.nixosModules.default + inputs.sops.nixosModules.sops + inputs.stylix.nixosModules.stylix + inputs.swarsel-nix.nixosModules.default + inputs.nixos-nftables-firewall.nixosModules.default + (inputs.nixos-extra-modules + "/modules/guests") + (inputs.nixos-extra-modules + "/modules/interface-naming.nix") + "${self}/hosts/nixos/${arch}/${configName}" + "${self}/profiles/nixos" + "${self}/modules/nixos" + { + _module.args.dns = inputs.dns; - microvm.guest.enable = lib.mkDefault false; + microvm.guest.enable = lib.mkDefault false; - networking.hostName = lib.swarselsystems.mkStrong configName; + networking.hostName = lib.swarselsystems.mkStrong configName; - node = { - name = lib.mkForce configName; - arch = lib.mkForce arch; - type = lib.mkForce "nixos"; - secretsDir = ../hosts/nixos/${arch}/${configName}/secrets; - configDir = ../hosts/nixos/${arch}/${configName}; - lockFromBootstrapping = lib.mkIf (!minimal) (lib.swarselsystems.mkStrong true); - }; + node = { + name = lib.mkForce configName; + arch = lib.mkForce arch; + type = lib.mkForce "nixos"; + secretsDir = ../hosts/nixos/${arch}/${configName}/secrets; + configDir = ../hosts/nixos/${arch}/${configName}; + lockFromBootstrapping = lib.mkIf (!minimal) (lib.swarselsystems.mkStrong true); + }; - swarselprofiles = { - minimal = lib.mkIf minimal (lib.swarselsystems.mkStrong true); - }; + swarselprofiles = { + minimal = lib.mkIf minimal (lib.swarselsystems.mkStrong true); + }; - swarselmodules.server = { - ssh = lib.mkIf (!minimal) (lib.swarselsystems.mkStrong true); - }; + swarselmodules.server = { + ssh = lib.mkIf (!minimal) (lib.swarselsystems.mkStrong true); + }; - swarselsystems = { - mainUser = lib.swarselsystems.mkStrong "swarsel"; - }; - } - ]; - }; + swarselsystems = { + mainUser = lib.swarselsystems.mkStrong "swarsel"; + }; + } + ]; + }; - mkDarwinHost = { minimal }: configName: arch: - inputs.nix-darwin.lib.darwinSystem { - specialArgs = { - inherit inputs lib outputs self minimal configName; - inherit (config) nodes topologyPrivate; - withHomeManager = true; - globals = config.globals.${arch}; - }; - modules = [ - # inputs.disko.nixosModules.disko - # inputs.sops.nixosModules.sops - # inputs.impermanence.nixosModules.impermanence - # inputs.lanzaboote.nixosModules.lanzaboote - # inputs.fw-fanctrl.nixosModules.default - # inputs.nix-topology.nixosModules.default - inputs.home-manager.darwinModules.home-manager - "${self}/hosts/darwin/${arch}/${configName}" - "${self}/modules/nixos/darwin" - # needed for infrastructure - "${self}/modules/shared/meta.nix" - "${self}/modules/nixos/common/globals.nix" - { - node = { - name = lib.mkForce configName; - arch = lib.mkForce arch; - type = lib.mkForce "darwin"; - secretsDir = ../hosts/darwin/${arch}/${configName}/secrets; - }; - } - ]; - }; + mkDarwinHost = { minimal }: configName: arch: + inputs.nix-darwin.lib.darwinSystem { + specialArgs = { + inherit inputs lib outputs self minimal configName; + inherit (config) nodes topologyPrivate; + withHomeManager = true; + globals = config.globals.${arch}; + }; + modules = [ + # inputs.disko.nixosModules.disko + # inputs.sops.nixosModules.sops + # inputs.impermanence.nixosModules.impermanence + # inputs.lanzaboote.nixosModules.lanzaboote + # inputs.fw-fanctrl.nixosModules.default + # inputs.nix-topology.nixosModules.default + inputs.home-manager.darwinModules.home-manager + "${self}/hosts/darwin/${arch}/${configName}" + "${self}/modules/nixos/darwin" + # needed for infrastructure + "${self}/modules/shared/meta.nix" + "${self}/modules/nixos/common/globals.nix" + { + node = { + name = lib.mkForce configName; + arch = lib.mkForce arch; + type = lib.mkForce "darwin"; + secretsDir = ../hosts/darwin/${arch}/${configName}/secrets; + }; + } + ]; + }; - mkHalfHost = configName: type: arch: - let - systemFunc = if (type == "home") then inputs.home-manager.lib.homeManagerConfiguration else inputs.nix-on-droid.lib.nixOnDroidConfiguration; - pkgs = lib.swarselsystems.pkgsFor.${arch}; - in - systemFunc { - inherit pkgs; - extraSpecialArgs = { - inherit inputs lib outputs self configName arch type; - inherit (config) nodes topologyPrivate; - globals = config.globals.${arch}; - minimal = false; - }; - modules = [ - inputs.stylix.homeModules.stylix - inputs.nix-index-database.homeModules.nix-index - inputs.sops.homeManagerModules.sops - inputs.spicetify-nix.homeManagerModules.default - inputs.swarsel-nix.homeModules.default - "${self}/hosts/${type}/${arch}/${configName}" - "${self}/profiles/home" - "${self}/modules/nixos/common/pii.nix" - { - node = { - name = lib.mkForce configName; - arch = lib.mkForce arch; - type = lib.mkForce type; - secretsDir = ../hosts/${type}/${arch}/${configName}/secrets; - }; - } - ]; - }; + mkHalfHost = configName: type: arch: + let + systemFunc = if (type == "home") then inputs.home-manager.lib.homeManagerConfiguration else inputs.nix-on-droid.lib.nixOnDroidConfiguration; + pkgs = lib.swarselsystems.pkgsFor.${arch}; + in + systemFunc { + inherit pkgs; + extraSpecialArgs = { + inherit inputs lib outputs self configName arch type; + inherit (config) nodes topologyPrivate; + globals = config.globals.${arch}; + minimal = false; + }; + modules = [ + inputs.stylix.homeModules.stylix + inputs.nix-index-database.homeModules.nix-index + inputs.sops.homeManagerModules.sops + inputs.spicetify-nix.homeManagerModules.default + inputs.swarsel-nix.homeModules.default + "${self}/hosts/${type}/${arch}/${configName}" + "${self}/profiles/home" + "${self}/modules/nixos/common/pii.nix" + { + node = { + name = lib.mkForce configName; + arch = lib.mkForce arch; + type = lib.mkForce type; + secretsDir = ../hosts/${type}/${arch}/${configName}/secrets; + }; + } + ]; + }; - linuxArches = [ "x86_64-linux" "aarch64-linux" ]; - darwinArches = [ "x86_64-darwin" "aarch64-darwin" ]; - mkArches = type: if (type == "nixos") then linuxArches else if (type == "darwin") then darwinArches else linuxArches ++ darwinArches; + linuxArches = [ "x86_64-linux" "aarch64-linux" ]; + darwinArches = [ "x86_64-darwin" "aarch64-darwin" ]; + mkArches = type: if (type == "nixos") then linuxArches else if (type == "darwin") then darwinArches else linuxArches ++ darwinArches; - readHostDirs = hostDir: - if builtins.pathExists hostDir then - builtins.attrNames - ( - lib.filterAttrs (_: type: type == "directory") - (builtins.readDir hostDir) - ) else [ ]; + readHostDirs = hostDir: + if builtins.pathExists hostDir then + builtins.attrNames + ( + lib.filterAttrs (_: type: type == "directory") + (builtins.readDir hostDir) + ) else [ ]; - mkHalfHostsForArch = type: arch: - let - hostDir = "${self}/hosts/${type}/${arch}"; - hosts = readHostDirs hostDir; - in - lib.genAttrs hosts (host: mkHalfHost host type arch); + mkHalfHostsForArch = type: arch: + let + hostDir = "${self}/hosts/${type}/${arch}"; + hosts = readHostDirs hostDir; + in + lib.genAttrs hosts (host: mkHalfHost host type arch); - mkHostsForArch = type: arch: minimal: - let - hostDir = "${self}/hosts/${type}/${arch}"; - hosts = readHostDirs hostDir; - in - if (type == "nixos") then - lib.genAttrs hosts (host: mkNixosHost { inherit minimal; } host arch) - else if (type == "darwin") then - lib.genAttrs hosts (host: mkDarwinHost { inherit minimal; } host arch) - else { }; + mkHostsForArch = type: arch: minimal: + let + hostDir = "${self}/hosts/${type}/${arch}"; + hosts = readHostDirs hostDir; + in + if (type == "nixos") then + lib.genAttrs hosts (host: mkNixosHost { inherit minimal; } host arch) + else if (type == "darwin") then + lib.genAttrs hosts (host: mkDarwinHost { inherit minimal; } host arch) + else { }; - mkConfigurationsPerArch = type: minimal: - let - arches = mkArches type; - toMake = if (minimal == null) then (arch: _: mkHalfHostsForArch type arch) else (arch: _: mkHostsForArch type arch minimal); - in - lib.concatMapAttrs toMake - (lib.listToAttrs (map (a: { name = a; value = { }; }) arches)); + mkConfigurationsPerArch = type: minimal: + let + arches = mkArches type; + toMake = if (minimal == null) then (arch: _: mkHalfHostsForArch type arch) else (arch: _: mkHostsForArch type arch minimal); + in + lib.concatMapAttrs toMake + (lib.listToAttrs (map (a: { name = a; value = { }; }) arches)); - halfConfigurationsPerArch = type: mkConfigurationsPerArch type null; - configurationsPerArch = type: minimal: mkConfigurationsPerArch type minimal; + halfConfigurationsPerArch = type: mkConfigurationsPerArch type null; + configurationsPerArch = type: minimal: mkConfigurationsPerArch type minimal; - in - { - nixosConfigurations = configurationsPerArch "nixos" false; - nixosConfigurationsMinimal = configurationsPerArch "nixos" true; - darwinConfigurations = configurationsPerArch "darwin" false; - darwinConfigurationsMinimal = configurationsPerArch "darwin" true; - homeConfigurations = halfConfigurationsPerArch "home"; - nixOnDroidConfigurations = halfConfigurationsPerArch "android"; + in + rec { + nixosConfigurations = configurationsPerArch "nixos" false; + nixosConfigurationsMinimal = configurationsPerArch "nixos" true; + darwinConfigurations = configurationsPerArch "darwin" false; + darwinConfigurationsMinimal = configurationsPerArch "darwin" true; + homeConfigurations = halfConfigurationsPerArch "home"; + nixOnDroidConfigurations = halfConfigurationsPerArch "android"; - guestConfigurations = lib.flip lib.concatMapAttrs config.nixosConfigurations ( - _: node: - lib.flip lib.mapAttrs' (node.config.guests or { }) ( - guestName: guestDef: - lib.nameValuePair guestDef.nodeName node.config.microvm.vms.${guestName}.config - ) - ); + guestConfigurations = lib.flip lib.concatMapAttrs config.nixosConfigurations ( + _: node: + lib.flip lib.mapAttrs' (node.config.guests or { }) ( + guestName: guestDef: + lib.nameValuePair guestDef.nodeName node.config.microvm.vms.${guestName}.config + ) + ); - diskoConfigurations.default = import "${self}/files/templates/hosts/nixos/disk-config.nix"; + diskoConfigurations.default = import "${self}/files/templates/hosts/nixos/disk-config.nix"; - nodes = config.nixosConfigurations - // config.darwinConfigurations - // config.guestConfigurations; + nodes = config.nixosConfigurations + // config.darwinConfigurations + // config.guestConfigurations; - "@" = lib.mapAttrs (_: v: v.config.system.build.toplevel) config.nodes; - }; - } + guestResources = lib.mapAttrs + (name: _: let + f = arg: lib.foldr (base: acc: base + acc) 0 (map (node: nodes."${name}-${node}".config.microvm.${arg}) (builtins.attrNames nodes.${name}.config.guests)); + in { + mem = f "mem"; + vcpu = f "vcpu"; + }) nodes; + + "@" = lib.mapAttrs (_: v: v.config.system.build.toplevel) config.nodes; + }; + } #+end_src ** Topology (nix-topology generated network diagram) @@ -4201,26 +4223,6 @@ This is my main server that I run at home. It handles most tasks that require bi serverName = "hintbooth"; }; }; - restic = { - bucketName = "SwarselWinters"; - paths = [ - "/Vault/data/paperless" - "/Vault/data/koillection" - "/Vault/data/postgresql" - "/Vault/data/firefly-iii" - "/Vault/data/radicale" - "/Vault/data/matrix-synapse" - "/Vault/Eternor/Paperless" - "/Vault/Eternor/Bilder" - "/Vault/Eternor/Immich" - ]; - }; - garage = { - data_dir = { - capacity = "200G"; - path = "/Vault/data/garage/data"; - }; - }; }; }; @@ -4232,35 +4234,6 @@ This is my main server that I run at home. It handles most tasks that require bi swarselmodules.server = { diskEncryption = lib.mkForce false; - # nginx = true; # for php stuff - # acme = false; # cert handled by proxy - # wireguard = true; - - # nfs = true; - # kavita = true; - # restic = true; - # jellyfin = true; - # navidrome = true; - # spotifyd = true; - # mpd = true; - # postgresql = true; - # matrix = true; - # nextcloud = true; - # immich = true; - # paperless = true; - # transmission = true; - # syncthing = true; - # grafana = true; - # freshrss = true; - # kanidm = true; - # firefly-iii = true; - # koillection = true; - # radicale = true; - # atuin = true; - # forgejo = true; - # ankisync = true; - # homebox = true; - # opkssh = true; }; networking.nftables.firewall.zones.untrusted.interfaces = [ "lan" "enp3s0" ]; @@ -4385,19 +4358,19 @@ This is my main server that I run at home. It handles most tasks that require bi serverName = "hintbooth"; }; }; - restic = { - bucketName = "SwarselWinters"; - paths = [ - "/Vault/data/paperless" - "/Vault/data/koillection" - "/Vault/data/postgresql" - "/Vault/data/firefly-iii" - "/Vault/data/radicale" - "/Vault/data/matrix-synapse" - "/Vault/Eternor/Paperless" - "/Vault/Eternor/Bilder" - "/Vault/Eternor/Immich" - ]; + restic.targets = { + SwarselState = { + repository = config.repo.secrets.local.resticRepoState; + # nextcloud stores all data in state dir and has no data that needs backup + paths = lib.map (guest: "/Vault/guests/${guest}/state") (builtins.filter (name: name != "nextcloud") (builtins.attrNames config.guests)); + }; + SwarselStorage = { + repository = config.repo.secrets.local.resticRepoStorage; + paths = [ + "/Vault/Eternor/Pictures" + "/Vault/Eternor/Documents/paperless" + ]; + }; }; }; }; @@ -4410,59 +4383,31 @@ This is my main server that I run at home. It handles most tasks that require bi swarselmodules.server = { wireguard = true; - - nginx = true; # for php stuff - acme = false; # cert handled by proxy - - nfs = true; - # kavita = true; restic = true; - jellyfin = true; - navidrome = true; - spotifyd = true; - mpd = true; - postgresql = true; - matrix = true; - nextcloud = true; - immich = true; - paperless = true; - transmission = true; - syncthing = true; - grafana = true; - freshrss = true; - kanidm = true; - firefly-iii = true; - koillection = true; - radicale = true; - atuin = true; - forgejo = true; - ankisync = true; - homebox = true; opkssh = true; }; guests = lib.mkIf (!minimal && config.swarselsystems.withMicroVMs) ( { } - // confLib.mkMicrovm "kavita" { withZfs = true; } - // confLib.mkMicrovm "jellyfin" { withZfs = true; } - // confLib.mkMicrovm "audio" { withZfs = true; } - // confLib.mkMicrovm "postgresql" { withZfs = true; } - // confLib.mkMicrovm "matrix" { withZfs = true; } - // confLib.mkMicrovm "nextcloud" { withZfs = true; } - // confLib.mkMicrovm "immich" { withZfs = true; } - // confLib.mkMicrovm "paperless" { withZfs = true; } - // confLib.mkMicrovm "transmission" { withZfs = true; } - // confLib.mkMicrovm "storage" { withZfs = true; } - // confLib.mkMicrovm "monitoring" { withZfs = true; } - // confLib.mkMicrovm "freshrss" { withZfs = true; } - // confLib.mkMicrovm "kanidm" { withZfs = true; } - // confLib.mkMicrovm "firefly" { withZfs = true; } - // confLib.mkMicrovm "koillection" { withZfs = true; } - // confLib.mkMicrovm "radicale" { withZfs = true; } - // confLib.mkMicrovm "atuin" { withZfs = true; } - // confLib.mkMicrovm "forgejo" { withZfs = true; } // confLib.mkMicrovm "ankisync" { withZfs = true; } + // confLib.mkMicrovm "atuin" { withZfs = true; } + // confLib.mkMicrovm "audio" { withZfs = true; eternorPaths = [ "Music" ]; } + // confLib.mkMicrovm "firefly" { withZfs = true; } + // confLib.mkMicrovm "forgejo" { withZfs = true; } + // confLib.mkMicrovm "freshrss" { withZfs = true; } // confLib.mkMicrovm "homebox" { withZfs = true; } + // confLib.mkMicrovm "immich" { withZfs = true; eternorPaths = [ "Pictures" ]; } + // confLib.mkMicrovm "jellyfin" { withZfs = true; eternorPaths = [ "Videos" ]; } + // confLib.mkMicrovm "kanidm" { withZfs = true; } + // confLib.mkMicrovm "kavita" { withZfs = true; eternorPaths = [ "Books" ]; } + // confLib.mkMicrovm "koillection" { withZfs = true; } + // confLib.mkMicrovm "matrix" { withZfs = true; } + // confLib.mkMicrovm "monitoring" { withZfs = true; } + // confLib.mkMicrovm "nextcloud" { withZfs = true; } + // confLib.mkMicrovm "paperless" { withZfs = true; eternorPaths = [ "Documents" ]; } + // confLib.mkMicrovm "radicale" { withZfs = true; } + // confLib.mkMicrovm "storage" { withZfs = true; eternorPaths = [ "Books" "Videos" "Music" "Pictures" "Software" "Documents" ]; } + // confLib.mkMicrovm "transmission" { withZfs = true; eternorPaths = [ "Books" "Videos" "Music" "Software" ]; } ); networking.nftables.firewall.zones.untrusted.interfaces = [ "lan" "bmc" ]; @@ -4634,6 +4579,16 @@ This is my main server that I run at home. It handles most tasks that require bi :PROPERTIES: :CUSTOM_ID: h:5e571d89-6590-4aa4-a5f4-5c871683d09b :END: + +#+begin_src bash :results output :eval never-export + echo "Currently using $(nix eval .#guestResources.summers.mem 2>/dev/null) MB out of 128GB RAM" + echo "Currently using $(nix eval .#guestResources.summers.vcpu 2>/dev/null) vCPUs. 48 threads are available." +#+end_src + +#+RESULTS: +: Currently using 54272 MB out of 128GB RAM +: Currently using 40 vCPUs. 48 threads are available. + ****** Kavita :PROPERTIES: :CUSTOM_ID: h:14a705ff-1924-41da-a6f8-1537e2f5bfb6 @@ -4670,7 +4625,7 @@ This is my main server that I run at home. It handles most tasks that require bi microvm = { mem = 1024 * 1; - vcpu = 1; + vcpu = 2; }; @@ -4679,7 +4634,7 @@ This is my main server that I run at home. It handles most tasks that require bi }; swarselmodules.server = { - # kavita = true; + kavita = true; }; } @@ -4722,7 +4677,7 @@ This is my main server that I run at home. It handles most tasks that require bi microvm = { mem = 1024 * 3; - vcpu = 1; + vcpu = 4; }; swarselprofiles = { @@ -4730,7 +4685,7 @@ This is my main server that I run at home. It handles most tasks that require bi }; swarselmodules.server = { - # jellyfin = true; + jellyfin = true; }; } @@ -4781,60 +4736,9 @@ This is my main server that I run at home. It handles most tasks that require bi }; swarselmodules.server = { - # navidrome = true; - # spotifyd = true; - # mpd = true; - }; - - } - -#+end_src - -****** Postgresql -:PROPERTIES: -:CUSTOM_ID: h:4dee4e22-33b2-4e6a-b0ab-91061a4efffa -:END: - -#+begin_src nix-ts :tangle hosts/nixos/x86_64-linux/summers/guests/postgresql/default.nix - { self, lib, minimal, ... }: - { - imports = [ - "${self}/profiles/nixos/microvm" - "${self}/modules/nixos" - ]; - - swarselsystems = { - isMicroVM = true; - isImpermanence = true; - proxyHost = "twothreetunnel"; - server = { - wireguard.interfaces = { - wgHome = { - isClient = true; - serverName = "hintbooth"; - }; - wgProxy = { - isClient = true; - serverName = "twothreetunnel"; - }; - }; - }; - }; - - - } // lib.optionalAttrs (!minimal) { - - microvm = { - mem = 1024 * 1; - vcpu = 1; - }; - - swarselprofiles = { - microvm = true; - }; - - swarselmodules.server = { - # postgresql = true; + navidrome = true; + spotifyd = true; + mpd = true; }; } @@ -4876,7 +4780,7 @@ This is my main server that I run at home. It handles most tasks that require bi } // lib.optionalAttrs (!minimal) { microvm = { - mem = 1024 * 3; + mem = 1024 * 6; vcpu = 2; }; @@ -4885,7 +4789,7 @@ This is my main server that I run at home. It handles most tasks that require bi }; swarselmodules.server = { - # matrix = true; + matrix = true; }; } @@ -4936,9 +4840,9 @@ This is my main server that I run at home. It handles most tasks that require bi }; swarselmodules.server = { - # nextcloud = true; - # nginx = true; - # acme = true; + nextcloud = true; + nginx = true; + acme = false; }; } @@ -4980,8 +4884,8 @@ This is my main server that I run at home. It handles most tasks that require bi } // lib.optionalAttrs (!minimal) { microvm = { - mem = 1024 * 8; - vcpu = 8; + mem = 1024 * 16; + vcpu = 14; }; swarselprofiles = { @@ -4989,7 +4893,7 @@ This is my main server that I run at home. It handles most tasks that require bi }; swarselmodules.server = { - # immich = true; + immich = true; }; } @@ -5031,7 +4935,7 @@ This is my main server that I run at home. It handles most tasks that require bi } // lib.optionalAttrs (!minimal) { microvm = { - mem = 1024 * 4; + mem = 1024 * 8; vcpu = 4; }; @@ -5040,7 +4944,7 @@ This is my main server that I run at home. It handles most tasks that require bi }; swarselmodules.server = { - # paperless = true; + paperless = true; }; } @@ -5063,17 +4967,12 @@ This is my main server that I run at home. It handles most tasks that require bi swarselsystems = { isMicroVM = true; isImpermanence = true; - proxyHost = "twothreetunnel"; server = { wireguard.interfaces = { wgHome = { isClient = true; serverName = "hintbooth"; }; - wgProxy = { - isClient = true; - serverName = "twothreetunnel"; - }; }; }; }; @@ -5091,7 +4990,7 @@ This is my main server that I run at home. It handles most tasks that require bi }; swarselmodules.server = { - # transmission = true; + transmission = true; }; } @@ -5142,8 +5041,8 @@ This is my main server that I run at home. It handles most tasks that require bi }; swarselmodules.server = { - # nfs = true; - # syncthing = true; + nfs = true; + syncthing = true; }; } @@ -5194,7 +5093,7 @@ This is my main server that I run at home. It handles most tasks that require bi }; swarselmodules.server = { - # grafana = true; + grafana = true; }; } @@ -5245,9 +5144,9 @@ This is my main server that I run at home. It handles most tasks that require bi }; swarselmodules.server = { - # freshrss = true; - # nginx = true; - # acme = true; + freshrss = true; + nginx = true; + acme = false; }; } @@ -5290,7 +5189,7 @@ This is my main server that I run at home. It handles most tasks that require bi microvm = { mem = 1024 * 4; - vcpu = 1; + vcpu = 2; }; swarselprofiles = { @@ -5298,7 +5197,7 @@ This is my main server that I run at home. It handles most tasks that require bi }; swarselmodules.server = { - # kanidm = true; + kanidm = true; }; } @@ -5349,9 +5248,9 @@ This is my main server that I run at home. It handles most tasks that require bi }; swarselmodules.server = { - # firefly-iii = true; - # nginx = true; - # acme = true; + firefly-iii = true; + nginx = true; + acme = false; }; } @@ -5402,7 +5301,7 @@ This is my main server that I run at home. It handles most tasks that require bi }; swarselmodules.server = { - # koillection = true; + koillection = true; }; } @@ -5453,7 +5352,7 @@ This is my main server that I run at home. It handles most tasks that require bi }; swarselmodules.server = { - # radicale = true; + radicale = true; }; } @@ -5504,7 +5403,7 @@ This is my main server that I run at home. It handles most tasks that require bi }; swarselmodules.server = { - # atuin = true; + atuin = true; }; } @@ -5555,7 +5454,7 @@ This is my main server that I run at home. It handles most tasks that require bi }; swarselmodules.server = { - # forgejo = true; + forgejo = true; }; } @@ -5606,7 +5505,7 @@ This is my main server that I run at home. It handles most tasks that require bi }; swarselmodules.server = { - # ankisync = true; + ankisync = true; }; } @@ -5657,7 +5556,7 @@ This is my main server that I run at home. It handles most tasks that require bi }; swarselmodules.server = { - # homebox = true; + homebox = true; }; } @@ -5703,7 +5602,7 @@ This is my main server that I run at home. It handles most tasks that require bi info = "HUNSN RM02, 8GB RAM"; flakePath = "/root/.dotfiles"; isImpermanence = true; - isSecureBoot = false; + isSecureBoot = true; isCrypted = true; isBtrfs = true; isLinux = true; @@ -5722,6 +5621,25 @@ This is my main server that I run at home. It handles most tasks that require bi "hintbooth-adguardhome" "hintbooth-nginx" "summers" + "summers-ankisync" + "summers-atuin" + "summers-audio" + "summers-firefly" + "summers-forgejo" + "summers-freshrss" + "summers-homebox" + "summers-immich" + "summers-jellyfin" + "summers-kanidm" + "summers-kavita" + "summers-koillection" + "summers-matrix" + "summers-monitoring" + "summers-nextcloud" + "summers-paperless" + "summers-radicale" + "summers-storage" + "summers-transmission" "winters" ]; }; @@ -5743,10 +5661,10 @@ This is my main server that I run at home. It handles most tasks that require bi }; guests = lib.mkIf (!minimal && config.swarselsystems.withMicroVMs) ( - { } + { } // confLib.mkMicrovm "adguardhome" { } // confLib.mkMicrovm "nginx" { } - ); + ); } @@ -5911,6 +5829,16 @@ This is my main server that I run at home. It handles most tasks that require bi :PROPERTIES: :CUSTOM_ID: h:c19725c0-0523-40f2-8083-9a4f53b6c2d1 :END: + +#+begin_src bash :results output :eval never-export + echo "Currently using $(nix eval .#guestResources.hintbooth.mem 2>/dev/null) MB out of 8GB RAM" + echo "Currently using $(nix eval .#guestResources.hintbooth.vcpu 2>/dev/null) vCPUs. 4 threads are available." +#+end_src + +#+RESULTS: +: Currently using 4096 MB out of 8GB RAM +: Currently using 2 vCPUs. 2 cores are available for a total of 4 threads. + ****** Adguardhome :PROPERTIES: :CUSTOM_ID: h:f479a908-8071-4d69-97ea-c03bfd7b88bf @@ -6277,11 +6205,13 @@ This machine mainly acts as my proxy server to stand before my local machines. serverName = "twothreetunnel"; }; }; - restic = { - bucketName = "SwarselMoonside"; - paths = [ - "/persist/opt/minecraft" - ]; + restic.targets = { + SwarselMoonside = { + repository = config.repo.secrets.local.resticRepoState; + paths = [ + "/persist/opt/minecraft" + ]; + }; }; }; syncthing = { @@ -7162,6 +7092,24 @@ This machine mainly acts as my proxy server to stand before my local machines. "moonside" "winters" "summers" + "summers-ankisync" + "summers-atuin" + "summers-audio" + "summers-firefly" + "summers-forgejo" + "summers-freshrss" + "summers-homebox" + "summers-immich" + "summers-jellyfin" + "summers-kanidm" + "summers-kavita" + "summers-koillection" + "summers-matrix" + "summers-monitoring" + "summers-nextcloud" + "summers-paperless" + "summers-radicale" + "summers-storage" "belchsfactory" "eagleland" "hintbooth-adguardhome" @@ -9044,6 +8992,18 @@ For that reason, make sure that =sops-nix= is properly working before finishing isNormalUser = true; uid = 1000; autoSubUidGidRange = false; + subUidRanges = [ + { + count = 65534; + startUid = 100001; + } + ]; + subGidRanges = [ + { + count = 999; + startGid = 1001; + } + ]; description = "Leon S"; password = lib.mkIf (minimal || config.swarselsystems.isPublic) "setup"; hashedPasswordFile = lib.mkIf (!minimal && !config.swarselsystems.isPublic) config.sops.secrets.main-user-hashed-pw.path; @@ -11054,9 +11014,10 @@ Auto login for the initial session. Auto login for the initial session. #+begin_src nix-ts :tangle modules/nixos/client/uwsm.nix - { lib, config, ... }: + { lib, config, pkgs, ... }: let moduleName = "uwsm"; + cfg = config.programs.uwsm; in { options.swarselmodules.${moduleName} = lib.mkEnableOption "${moduleName} settings"; @@ -11076,6 +11037,40 @@ Auto login for the initial session. }; }; }; + + services.displayManager.sessionPackages = + let + mk_uwsm_desktop_entry = + opts: + (pkgs.writeTextFile { + name = "${opts.name}-uwsm"; + text = '' + [Desktop Entry] + Name=${opts.prettyName} (UWSM) + Comment=${opts.comment} + Exec=${lib.getExe cfg.package} start -F -- ${opts.binPath} ${lib.strings.escapeShellArgs opts.extraArgs} + Type=Application + ''; + destination = "/share/wayland-sessions/${opts.name}-uwsm.desktop"; + derivationArgs = { + passthru.providedSessions = [ "${opts.name}-uwsm" ]; + }; + }); + in + lib.mkForce (lib.mapAttrsToList + ( + name: value: + mk_uwsm_desktop_entry { + inherit name; + inherit (value) + prettyName + comment + binPath + extraArgs + ; + } + ) + cfg.waylandCompositors); }; } #+end_src @@ -11194,14 +11189,15 @@ Here we just define some aliases for rebuilding the system, and we allow some in mkIf mkOption types - ; + ; cfg = config.users.persistentIds; in - { - options = { - swarselmodules.server.ids = lib.mkEnableOption "enable persistent ids on server"; - users.persistentIds = mkOption { + { + options = { + swarselmodules.server.ids = lib.mkEnableOption "enable persistent ids on server"; + users = { + persistentIds = mkOption { default = { }; description = '' Maps a user or group name to its expected uid/gid values. If a user/group is @@ -11226,7 +11222,7 @@ Here we just define some aliases for rebuilding the system, and we allow some in ); }; - users.users = mkOption { + users = mkOption { type = types.attrsOf ( types.submodule ( { name, ... }: @@ -11235,13 +11231,13 @@ Here we just define some aliases for rebuilding the system, and we allow some in let persistentUid = cfg.${name}.uid or null; in - mkIf (persistentUid != null) (mkDefault persistentUid); + mkIf (persistentUid != null) (mkDefault persistentUid); } ) ); }; - users.groups = mkOption { + groups = mkOption { type = types.attrsOf ( types.submodule ( { name, ... }: @@ -11250,43 +11246,44 @@ Here we just define some aliases for rebuilding the system, and we allow some in let persistentGid = cfg.${name}.gid or null; in - mkIf (persistentGid != null) (mkDefault persistentGid); + mkIf (persistentGid != null) (mkDefault persistentGid); } ) ); }; }; - config = lib.mkIf config.swarselmodules.server.ids { - assertions = - concatLists - ( - flip mapAttrsToList config.users.users ( - name: user: [ - { - assertion = user.uid != null; - message = "non-persistent uid detected for '${name}', please assign one via `users.persistentIds`"; - } - { - assertion = !user.autoSubUidGidRange; - message = "non-persistent subUids/subGids detected for: ${name}"; - } - ] - ) + }; + config = lib.mkIf config.swarselmodules.server.ids { + assertions = + concatLists + ( + flip mapAttrsToList config.users.users ( + name: user: [ + { + assertion = user.uid != null; + message = "non-persistent uid detected for '${name}', please assign one via `users.persistentIds`"; + } + { + assertion = !user.autoSubUidGidRange; + message = "non-persistent subUids/subGids detected for: ${name}"; + } + ] ) - ++ flip mapAttrsToList config.users.groups ( - name: group: { - assertion = group.gid != null; - message = "non-persistent gid detected for '${name}', please assign one via `users.persistentIds`"; - } - ); - users.persistentIds = { - systemd-coredump = confLib.mkIds 998; - systemd-oom = confLib.mkIds 997; - polkituser = confLib.mkIds 973; - nscd = confLib.mkIds 972; - }; + ) + ++ flip mapAttrsToList config.users.groups ( + name: group: { + assertion = group.gid != null; + message = "non-persistent gid detected for '${name}', please assign one via `users.persistentIds`"; + } + ); + users.persistentIds = { + systemd-coredump = confLib.mkIds 998; + systemd-oom = confLib.mkIds 997; + polkituser = confLib.mkIds 973; + nscd = confLib.mkIds 972; }; - } + }; + } #+end_src **** System Packages (Server Programs) @@ -11341,6 +11338,12 @@ This is a collection of packages that are useful for server-type hosts that do n avahi = confLib.mkIds 978; }; + environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [ + { directory = "/var/cache/samba"; } + ]; + }; + services = { # add a user with sudo smbpasswd -a samba = { @@ -11366,7 +11369,7 @@ This is a collection of packages that are useful for server-type hosts that do n browseable = "yes"; "read only" = "no"; "guest ok" = "no"; - path = "/Vault/Eternor"; + path = "/storage"; writable = "true"; comment = "Eternor"; "valid users" = nfsUser; @@ -11539,8 +11542,15 @@ This is a collection of packages that are useful for server-type hosts that do n networking.firewall.allowedTCPPorts = [ 80 443 ]; - environment.persistence."/persist" = lib.mkIf config.swarselsystems.isImpermanence { - files = [ dhParamsPathBase ]; + environment.persistence = { + "/persist" = lib.mkIf config.swarselsystems.isImpermanence { + files = [ dhParamsPathBase ]; + }; + "/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [ + { directory = "/var/cache/nginx"; user = "nginx"; group = "nginx"; } + ]; + }; }; services.nginx = { @@ -12429,6 +12439,8 @@ This is the configuration to make [[#h:58c7563e-6954-42e6-a622-9d06523e8e24][Hin }) globals.networks.home-lan.vlans; selectVLANs = vlans: map (vlan: { VLAN = globals.networks.home-lan.vlans.${vlan}.id; }) vlans; + lan1VLANs = selectVLANs [ "home" "devices" "guests" ]; + lan2VLANs = selectVLANs [ "home" "devices" "services" ]; lan3VLANs = selectVLANs [ "home" "devices" "services" ]; lan4VLANs = lan3VLANs; lan5VLANs = selectVLANs [ "home" "devices" "guests" ]; @@ -12608,9 +12620,9 @@ This is the configuration to make [[#h:58c7563e-6954-42e6-a622-9d06523e8e24][Hin Bridge = "br"; ConfigureWithoutCarrier = true; }; - inherit bridgeVLANs; + bridgeVLANs = lan1VLANs; }; - # wifi + # winters "30-lan2" = { matchConfig.MACAddress = config.repo.secrets.local.networking.networks.lan2.mac; linkConfig.RequiredForOnline = "enslaved"; @@ -12618,7 +12630,7 @@ This is the configuration to make [[#h:58c7563e-6954-42e6-a622-9d06523e8e24][Hin Bridge = "br"; ConfigureWithoutCarrier = true; }; - inherit bridgeVLANs; + bridgeVLANs = lan2VLANs; }; # summers "30-lan3" = { @@ -12694,7 +12706,7 @@ This is the configuration to make [[#h:58c7563e-6954-42e6-a622-9d06523e8e24][Hin let inherit (config.swarselsystems) sopsFile; - inherit (confLib.gen { name = "kavita"; port = 8080; }) servicePort serviceName serviceUser serviceDomain serviceAddress proxyAddress4 proxyAddress6; + inherit (confLib.gen { name = "kavita"; port = 8080; }) servicePort serviceName serviceUser serviceGroup serviceDomain serviceAddress proxyAddress4 proxyAddress6; inherit (confLib.static) isHome isProxied webProxy homeWebProxy dnsServer homeProxyIf webProxyIf nginxAccessRules homeServiceAddress; in { @@ -12721,6 +12733,10 @@ This is the configuration to make [[#h:58c7563e-6954-42e6-a622-9d06523e8e24][Hin icon = "${self}/files/topology-images/${serviceName}.png"; }; + environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [{ directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; }]; + }; + globals = { networks = { ${webProxyIf}.hosts = lib.mkIf isProxied { @@ -12742,7 +12758,7 @@ This is the configuration to make [[#h:58c7563e-6954-42e6-a622-9d06523e8e24][Hin user = serviceUser; settings.Port = servicePort; tokenKeyFile = config.sops.secrets.kavita-token.path; - dataDir = "/Vault/data/${serviceName}"; + dataDir = "/var/lib/${serviceName}"; }; nodes = { @@ -12763,69 +12779,76 @@ This is the configuration to make [[#h:58c7563e-6954-42e6-a622-9d06523e8e24][Hin :END: #+begin_src nix-ts :tangle modules/nixos/server/jellyfin.nix - { pkgs, lib, config, globals, dns, confLib, ... }: - let - inherit (confLib.gen { name = "jellyfin"; port = 8096; }) servicePort serviceName serviceUser serviceDomain serviceAddress proxyAddress4 proxyAddress6; - inherit (confLib.static) isHome isProxied webProxy homeWebProxy dnsServer homeProxyIf webProxyIf nginxAccessRules homeServiceAddress; - in - { - options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server"; - config = lib.mkIf config.swarselmodules.server.${serviceName} { - - users = { - persistentIds.jellyfin = confLib.mkIds 994; - users.${serviceUser} = { - extraGroups = [ "video" "render" "users" ]; - }; - }; - # nixpkgs.config.packageOverrides = pkgs: { - # intel-vaapi-driver = pkgs.intel-vaapi-driver.override { enableHybridCodec = true; }; - # }; - - hardware.graphics = { - enable = true; - extraPackages = with pkgs; [ - intel-media-driver # LIBVA_DRIVER_NAME=iHD - # intel-vaapi-driver # LIBVA_DRIVER_NAME=i965 (older but works better for Firefox/Chromium) - libva-vdpau-driver - libvdpau-va-gl - ]; - }; - - topology.self.services.${serviceName}.info = "https://${serviceDomain}"; - - globals = { - networks = { - ${webProxyIf}.hosts = lib.mkIf isProxied { - ${config.node.name}.firewallRuleForNode.${webProxy}.allowedTCPPorts = [ servicePort ]; - }; - ${homeProxyIf}.hosts = lib.mkIf isHome { - ${config.node.name}.firewallRuleForNode.${homeWebProxy}.allowedTCPPorts = [ servicePort ]; - }; - }; - services.${serviceName} = { - domain = serviceDomain; - inherit proxyAddress4 proxyAddress6 isHome serviceAddress; - homeServiceAddress = lib.mkIf isHome homeServiceAddress; - }; - }; - - services.${serviceName} = { - enable = true; - user = serviceUser; - # openFirewall = true; # this works only for the default ports - }; - - nodes = { - ${dnsServer}.swarselsystems.server.dns.${globals.services.${serviceName}.baseDomain}.subdomainRecords = { - "${globals.services.${serviceName}.subDomain}" = dns.lib.combinators.host proxyAddress4 proxyAddress6; - }; - ${webProxy}.services.nginx = confLib.genNginx { inherit serviceAddress servicePort serviceDomain serviceName; maxBody = 0; }; - ${homeWebProxy}.services.nginx = lib.mkIf isHome (confLib.genNginx { inherit servicePort serviceDomain serviceName; maxBody = 0; extraConfig = nginxAccessRules; serviceAddress = homeServiceAddress; }); - }; + { pkgs, lib, config, globals, dns, confLib, ... }: + let + inherit (confLib.gen { name = "jellyfin"; port = 8096; }) servicePort serviceName serviceUser serviceGroup serviceDomain serviceAddress proxyAddress4 proxyAddress6; + inherit (confLib.static) isHome isProxied webProxy homeWebProxy dnsServer homeProxyIf webProxyIf nginxAccessRules homeServiceAddress; + in + { + options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server"; + config = lib.mkIf config.swarselmodules.server.${serviceName} { + users = { + persistentIds.jellyfin = confLib.mkIds 994; + users.${serviceUser} = { + extraGroups = [ "video" "render" "users" ]; }; - } + }; + # nixpkgs.config.packageOverrides = pkgs: { + # intel-vaapi-driver = pkgs.intel-vaapi-driver.override { enableHybridCodec = true; }; + # }; + + hardware.graphics = { + enable = true; + extraPackages = with pkgs; [ + intel-media-driver # LIBVA_DRIVER_NAME=iHD + # intel-vaapi-driver # LIBVA_DRIVER_NAME=i965 (older but works better for Firefox/Chromium) + libva-vdpau-driver + libvdpau-va-gl + ]; + }; + + topology.self.services.${serviceName}.info = "https://${serviceDomain}"; + + globals = { + networks = { + ${webProxyIf}.hosts = lib.mkIf isProxied { + ${config.node.name}.firewallRuleForNode.${webProxy}.allowedTCPPorts = [ servicePort ]; + }; + ${homeProxyIf}.hosts = lib.mkIf isHome { + ${config.node.name}.firewallRuleForNode.${homeWebProxy}.allowedTCPPorts = [ servicePort ]; + }; + }; + services.${serviceName} = { + domain = serviceDomain; + inherit proxyAddress4 proxyAddress6 isHome serviceAddress; + homeServiceAddress = lib.mkIf isHome homeServiceAddress; + }; + }; + + services.${serviceName} = { + enable = true; + user = serviceUser; + # openFirewall = true; # this works only for the default ports + }; + + environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [ + { directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; } + { directory = "/var/cache/${serviceName}"; user = serviceUser; group = serviceGroup; } + ]; + }; + + nodes = { + ${dnsServer}.swarselsystems.server.dns.${globals.services.${serviceName}.baseDomain}.subdomainRecords = { + "${globals.services.${serviceName}.subDomain}" = dns.lib.combinators.host proxyAddress4 proxyAddress6; + }; + ${webProxy}.services.nginx = confLib.genNginx { inherit serviceAddress servicePort serviceDomain serviceName; maxBody = 0; }; + ${homeWebProxy}.services.nginx = lib.mkIf isHome (confLib.genNginx { inherit servicePort serviceDomain serviceName; maxBody = 0; extraConfig = nginxAccessRules; serviceAddress = homeServiceAddress; }); + }; + + }; + } #+end_src **** navidrome @@ -12912,6 +12935,10 @@ This is the configuration to make [[#h:58c7563e-6954-42e6-a622-9d06523e8e24][Hin }; }; + environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [{ directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; }]; + }; + services.${serviceName} = { enable = true; # openFirewall = true; @@ -12919,7 +12946,7 @@ This is the configuration to make [[#h:58c7563e-6954-42e6-a622-9d06523e8e24][Hin LogLevel = "debug"; Address = "0.0.0.0"; Port = servicePort; - MusicFolder = "/Vault/Eternor/Music"; + MusicFolder = "/storage/Music"; PlaylistsPath = "./Playlists"; AutoImportPlaylists = false; EnableSharing = true; @@ -13056,6 +13083,12 @@ This is the configuration to make [[#h:58c7563e-6954-42e6-a622-9d06523e8e24][Hin # when another user connects, the service will crash and the new user will login systemd.services.spotifyd.serviceConfig.RestartSec = lib.mkForce 1; + environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [ + { directory = "/var/cache/private/spotifyd"; } + ]; + }; + services.spotifyd = { enable = true; settings = { @@ -13121,9 +13154,13 @@ This is the configuration to make [[#h:58c7563e-6954-42e6-a622-9d06523e8e24][Hin icon = "${self}/files/topology-images/${serviceName}.png"; }; + environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [{ directory = "/var/lib/${serviceName}"; user = "mpd"; group = "mpd"; }]; + }; + services.${serviceName} = { enable = true; - musicDirectory = "/media"; + musicDirectory = "/storage/Music"; user = serviceUser; group = serviceGroup; network = { @@ -13161,6 +13198,10 @@ This is the configuration to make [[#h:58c7563e-6954-42e6-a622-9d06523e8e24][Hin users.persistentIds.rtkit = confLib.mkIds 996; + environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [{ directory = "/var/lib/pipewire"; user = "pipewire"; group = "pipewire"; }]; + }; + services.pipewire = { enable = true; pulse.enable = true; @@ -13187,7 +13228,7 @@ This is the configuration to make [[#h:58c7563e-6954-42e6-a622-9d06523e8e24][Hin let inherit (confLib.gen { name = "postgresql"; port = 3254; }) serviceName; postgresVersion = 14; - postgresDirPrefix = if config.swarselsystems.isCloud then "/var/lib" else "/Vault/data" ; + postgresDirPrefix = "/var/lib"; in { options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server"; @@ -13207,9 +13248,14 @@ This is the configuration to make [[#h:58c7563e-6954-42e6-a622-9d06523e8e24][Hin dataDir = "${postgresDirPrefix}/${serviceName}/${builtins.toString postgresVersion}"; }; }; - environment.persistence."/persist".directories = lib.mkIf (config.swarselsystems.isImpermanence && config.swarselsystems.isCloud) [ - { directory = "/var/lib/postgresql"; user = "postgres"; group = "postgres"; mode = "0750"; } - ]; + environment.persistence = { + "/persist".directories = lib.mkIf (config.swarselsystems.isImpermanence && config.swarselsystems.isCloud) [ + { directory = "/var/lib/postgresql"; user = "postgres"; group = "postgres"; mode = "0750"; } + ]; + "/state".directories = lib.mkIf config.swarselsystems.isMicroVM [ + { directory = "/var/lib/postgresql"; user = "postgres"; group = "postgres"; mode = "0750"; } + ]; + }; }; } @@ -13238,6 +13284,12 @@ This is the configuration to make [[#h:58c7563e-6954-42e6-a622-9d06523e8e24][Hin oci-containers.backend = "podman"; }; + environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [ + { directory = "/var/lib/containers"; } + ]; + }; + networking.nftables.firewall = lib.mkIf config.networking.nftables.enable { zones.podman = { @@ -13265,7 +13317,7 @@ This is the configuration to make [[#h:58c7563e-6954-42e6-a622-9d06523e8e24][Hin } #+end_src -**** matrix +**** matrix (use db) :PROPERTIES: :CUSTOM_ID: h:1e68d84a-8f99-422f-89ac-78f664ac0013 :END: @@ -13274,7 +13326,7 @@ This is the configuration to make [[#h:58c7563e-6954-42e6-a622-9d06523e8e24][Hin { self, lib, config, pkgs, globals, dns, confLib, ... }: let inherit (config.swarselsystems) sopsFile; - inherit (confLib.gen { name = "matrix"; user = "matrix-synapse"; port = 8008; }) servicePort serviceName serviceUser serviceDomain serviceAddress proxyAddress4 proxyAddress6; + inherit (confLib.gen { name = "matrix"; user = "matrix-synapse"; port = 8008; }) servicePort serviceName serviceUser serviceGroup serviceDomain serviceAddress proxyAddress4 proxyAddress6; inherit (confLib.static) isHome isProxied webProxy homeWebProxy dnsServer homeProxyIf webProxyIf homeServiceAddress nginxAccessRules; federationPort = 8448; @@ -13294,6 +13346,10 @@ This is the configuration to make [[#h:58c7563e-6954-42e6-a622-9d06523e8e24][Hin options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server"; config = lib.mkIf config.swarselmodules.server.${serviceName} { + swarselmodules.server = { + postgresql = true; + }; + environment.systemPackages = with pkgs; [ matrix-synapse lottieconverter @@ -13391,9 +13447,18 @@ This is the configuration to make [[#h:58c7563e-6954-42e6-a622-9d06523e8e24][Hin }; }; + environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [ + { directory = "/var/lib/matrix-synapse"; user = serviceUser; group = serviceGroup; } + { directory = "/var/lib/mautrix-whatsapp"; user = "mautrix-whatsapp"; group = "mautrix-whatsapp"; } + { directory = "/var/lib/mautrix-telegram"; user = "mautrix-telegram"; group = "mautrix-telegram"; } + { directory = "/var/lib/mautrix-signal"; user = "mautrix-signal"; group = "mautrix-signal"; } + ]; + }; + + services = { postgresql = { - enable = true; initialScript = pkgs.writeText "synapse-init.sql" '' CREATE ROLE "matrix-synapse" WITH LOGIN PASSWORD 'synapse'; CREATE DATABASE "matrix-synapse" WITH OWNER "matrix-synapse" @@ -13420,7 +13485,7 @@ This is the configuration to make [[#h:58c7563e-6954-42e6-a622-9d06523e8e24][Hin matrix-synapse = { enable = true; - dataDir = "/Vault/data/matrix-synapse"; + dataDir = "/var/lib/matrix-synapse"; settings = { app_service_config_files = let @@ -13670,152 +13735,171 @@ This is the configuration to make [[#h:58c7563e-6954-42e6-a622-9d06523e8e24][Hin :END: #+begin_src nix-ts :tangle modules/nixos/server/nextcloud.nix - { pkgs, lib, config, globals, dns, confLib, ... }: - let - inherit (config.repo.secrets.local.nextcloud) adminuser; - inherit (config.swarselsystems) sopsFile; - inherit (confLib.gen { name = "nextcloud"; port = 80; }) servicePort serviceName serviceUser serviceGroup serviceDomain serviceAddress proxyAddress4 proxyAddress6; - inherit (confLib.static) isHome dnsServer webProxy homeWebProxy homeServiceAddress nginxAccessRules; + { pkgs, lib, config, globals, dns, confLib, ... }: + let + inherit (config.repo.secrets.local.nextcloud) adminuser; + inherit (config.swarselsystems) sopsFile; + inherit (confLib.gen { name = "nextcloud"; port = 80; }) servicePort serviceName serviceUser serviceGroup serviceDomain serviceAddress proxyAddress4 proxyAddress6; + inherit (confLib.static) isHome dnsServer webProxy homeWebProxy homeServiceAddress nginxAccessRules; - nextcloudVersion = "32"; - in - { - options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server"; - config = lib.mkIf config.swarselmodules.server.${serviceName} { + nextcloudVersion = "32"; + in + { + options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server"; + config = lib.mkIf config.swarselmodules.server.${serviceName} { - sops.secrets = { - nextcloud-admin-pw = { inherit sopsFile; owner = serviceUser; group = serviceGroup; mode = "0440"; }; - kanidm-nextcloud-client = { inherit sopsFile; owner = serviceUser; group = serviceGroup; mode = "0440"; }; - }; - - users.persistentIds = { - nextcloud = confLib.mkIds 990; - redis-nextcloud = confLib.mkIds 976; - }; - - globals.services.${serviceName} = { - domain = serviceDomain; - inherit proxyAddress4 proxyAddress6 isHome serviceAddress; - homeServiceAddress = lib.mkIf isHome homeServiceAddress; - }; - - services = { - ${serviceName} = { - enable = true; - settings = { - trusted_proxies = [ "0.0.0.0" ]; - overwriteprotocol = "https"; + sops.secrets = { + nextcloud-admin-pw = { inherit sopsFile; owner = serviceUser; group = serviceGroup; mode = "0440"; }; + kanidm-nextcloud-client = { inherit sopsFile; owner = serviceUser; group = serviceGroup; mode = "0440"; }; }; - package = pkgs."nextcloud${nextcloudVersion}"; - hostName = serviceDomain; - home = "/Vault/data/${serviceName}"; - datadir = "/Vault/data/${serviceName}"; - https = true; - configureRedis = true; - maxUploadSize = "4G"; - extraApps = { - inherit (pkgs."nextcloud${nextcloudVersion}Packages".apps) mail calendar contacts cospend phonetrack polls tasks sociallogin; + + users.persistentIds = { + nextcloud = confLib.mkIds 990; + redis-nextcloud = confLib.mkIds 976; }; - extraAppsEnable = true; - config = { - inherit adminuser; - adminpassFile = config.sops.secrets.nextcloud-admin-pw.path; - dbtype = "sqlite"; + + globals.services.${serviceName} = { + domain = serviceDomain; + inherit proxyAddress4 proxyAddress6 isHome serviceAddress; + homeServiceAddress = lib.mkIf isHome homeServiceAddress; }; + + environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [ + { directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; } + { directory = "/var/lib/redis-${serviceName}"; user = serviceUser; group = serviceGroup; } + ]; + }; + + services = { + ${serviceName} = { + enable = true; + settings = { + trusted_proxies = [ "0.0.0.0" ]; + overwriteprotocol = "https"; + }; + package = pkgs."nextcloud${nextcloudVersion}"; + hostName = serviceDomain; + home = "/var/lib/${serviceName}"; + datadir = "/var/lib/${serviceName}"; + https = true; + configureRedis = true; + maxUploadSize = "4G"; + extraApps = { + inherit (pkgs."nextcloud${nextcloudVersion}Packages".apps) mail calendar contacts cospend phonetrack polls tasks sociallogin; + }; + extraAppsEnable = true; + config = { + inherit adminuser; + adminpassFile = config.sops.secrets.nextcloud-admin-pw.path; + dbtype = "sqlite"; + }; + }; + }; + + nodes = { + ${dnsServer}.swarselsystems.server.dns.${globals.services.${serviceName}.baseDomain}.subdomainRecords = { + "${globals.services.${serviceName}.subDomain}" = dns.lib.combinators.host proxyAddress4 proxyAddress6; + }; + ${webProxy}.services.nginx = confLib.genNginx { inherit serviceAddress servicePort serviceDomain serviceName; maxBody = 0; }; + ${homeWebProxy}.services.nginx = lib.mkIf isHome (confLib.genNginx { inherit servicePort serviceDomain serviceName; maxBody = 0; extraConfig = nginxAccessRules; serviceAddress = homeServiceAddress; }); + }; + }; - }; - - nodes = { - ${dnsServer}.swarselsystems.server.dns.${globals.services.${serviceName}.baseDomain}.subdomainRecords = { - "${globals.services.${serviceName}.subDomain}" = dns.lib.combinators.host proxyAddress4 proxyAddress6; - }; - ${webProxy}.services.nginx = confLib.genNginx { inherit serviceAddress servicePort serviceDomain serviceName; maxBody = 0; }; - ${homeWebProxy}.services.nginx = lib.mkIf isHome (confLib.genNginx { inherit servicePort serviceDomain serviceName; maxBody = 0; extraConfig = nginxAccessRules; serviceAddress = homeServiceAddress; }); - }; - - }; - } + } #+end_src -**** immich +**** immich (use db) :PROPERTIES: :CUSTOM_ID: h:33bad8ad-b362-4bf1-8a49-b9df92329aed :END: #+begin_src nix-ts :tangle modules/nixos/server/immich.nix - { lib, pkgs, config, globals, dns, confLib, ... }: - let - inherit (confLib.gen { name = "immich"; port = 3001; }) servicePort serviceName serviceUser serviceDomain serviceAddress proxyAddress4 proxyAddress6; - inherit (confLib.static) isHome isProxied webProxy homeWebProxy dnsServer homeProxyIf webProxyIf homeServiceAddress nginxAccessRules; - in - { - options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server"; - config = lib.mkIf config.swarselmodules.server.${serviceName} { + { lib, pkgs, config, globals, dns, confLib, ... }: + let + inherit (confLib.gen { name = "immich"; port = 3001; }) servicePort serviceName serviceUser serviceGroup serviceDomain serviceAddress proxyAddress4 proxyAddress6; + inherit (confLib.static) isHome isProxied webProxy homeWebProxy dnsServer homeProxyIf webProxyIf homeServiceAddress nginxAccessRules; + in + { + options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server"; + config = lib.mkIf config.swarselmodules.server.${serviceName} { - users = { - persistentIds = { - immich = confLib.mkIds 989; - redis-immich = confLib.mkIds 977; + swarselmodules.server = { + postgresql = true; }; - users.${serviceUser} = { - extraGroups = [ "video" "render" "users" ]; - }; - }; - topology.self.services.${serviceName}.info = "https://${serviceDomain}"; - - # networking.firewall.allowedTCPPorts = [ servicePort ]; - globals = { - networks = { - ${webProxyIf}.hosts = lib.mkIf isProxied { - ${config.node.name}.firewallRuleForNode.${webProxy}.allowedTCPPorts = [ servicePort ]; + users = { + persistentIds = { + immich = confLib.mkIds 989; + redis-immich = confLib.mkIds 977; }; - ${homeProxyIf}.hosts = lib.mkIf isHome { - ${config.node.name}.firewallRuleForNode.${homeWebProxy}.allowedTCPPorts = [ servicePort ]; + users.${serviceUser} = { + extraGroups = [ "video" "render" "users" ]; }; }; + + topology.self.services.${serviceName}.info = "https://${serviceDomain}"; + + # networking.firewall.allowedTCPPorts = [ servicePort ]; + globals = { + networks = { + ${webProxyIf}.hosts = lib.mkIf isProxied { + ${config.node.name}.firewallRuleForNode.${webProxy}.allowedTCPPorts = [ servicePort ]; + }; + ${homeProxyIf}.hosts = lib.mkIf isHome { + ${config.node.name}.firewallRuleForNode.${homeWebProxy}.allowedTCPPorts = [ servicePort ]; + }; + }; + services.${serviceName} = { + domain = serviceDomain; + inherit proxyAddress4 proxyAddress6 isHome serviceAddress; + homeServiceAddress = lib.mkIf isHome homeServiceAddress; + }; + }; + + environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [ + { directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; } + { directory = "/var/cache/${serviceName}"; user = serviceUser; group = serviceGroup; } + { directory = "/var/lib/redis-${serviceName}"; user = "redis-${serviceUser}"; group = "redis-${serviceGroup}"; } + ]; + }; + services.${serviceName} = { - domain = serviceDomain; - inherit proxyAddress4 proxyAddress6 isHome serviceAddress; - homeServiceAddress = lib.mkIf isHome homeServiceAddress; - }; - }; - - services.${serviceName} = { - enable = true; - package = pkgs.immich; - host = "0.0.0.0"; - port = servicePort; - # openFirewall = true; - mediaLocation = "/Vault/Eternor/Immich"; # dataDir - environment = { - IMMICH_MACHINE_LEARNING_URL = lib.mkForce "http://localhost:3003"; - }; - }; - - nodes = - let - extraConfigLoc = '' - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - proxy_redirect off; - - proxy_read_timeout 600s; - proxy_send_timeout 600s; - send_timeout 600s; - ''; - in - { - ${dnsServer}.swarselsystems.server.dns.${globals.services.${serviceName}.baseDomain}.subdomainRecords = { - "${globals.services.${serviceName}.subDomain}" = dns.lib.combinators.host proxyAddress4 proxyAddress6; + enable = true; + package = pkgs.immich; + host = "0.0.0.0"; + port = servicePort; + # openFirewall = true; + mediaLocation = "/storage/Pictures/${serviceName}"; # dataDir + environment = { + IMMICH_MACHINE_LEARNING_URL = lib.mkForce "http://localhost:3003"; }; - ${webProxy}.services.nginx = confLib.genNginx { inherit serviceAddress servicePort serviceDomain serviceName extraConfigLoc; maxBody = 0; }; - ${homeWebProxy}.services.nginx = lib.mkIf isHome (confLib.genNginx { inherit servicePort serviceDomain serviceName extraConfigLoc; maxBody = 0; extraConfig = nginxAccessRules; serviceAddress = homeServiceAddress; }); }; - }; - } + nodes = + let + extraConfigLoc = '' + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_redirect off; + + proxy_read_timeout 600s; + proxy_send_timeout 600s; + send_timeout 600s; + ''; + in + { + ${dnsServer}.swarselsystems.server.dns.${globals.services.${serviceName}.baseDomain}.subdomainRecords = { + "${globals.services.${serviceName}.subDomain}" = dns.lib.combinators.host proxyAddress4 proxyAddress6; + }; + ${webProxy}.services.nginx = confLib.genNginx { inherit serviceAddress servicePort serviceDomain serviceName extraConfigLoc; maxBody = 0; }; + ${homeWebProxy}.services.nginx = lib.mkIf isHome (confLib.genNginx { inherit servicePort serviceDomain serviceName extraConfigLoc; maxBody = 0; extraConfig = nginxAccessRules; serviceAddress = homeServiceAddress; }); + }; + + }; + } #+end_src **** paperless (tika, gotenberg) @@ -13874,11 +13958,21 @@ Also I install Tika and Gotenberg, which are needed to create PDFs out of =.eml= }; }; + environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [ + { directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; } + { directory = "/var/lib/redis-${serviceName}"; user = "redis-${serviceUser}"; group = "redis-${serviceGroup}"; } + { directory = "/var/lib/private/tika"; } + { directory = "/var/cache/${serviceName}"; user = serviceUser; group = serviceGroup; } + { directory = "/var/cache/private/tika"; } + ]; + }; + services = { ${serviceName} = { enable = true; - mediaDir = "/Vault/Eternor/Paperless"; - dataDir = "/Vault/data/${serviceName}"; + mediaDir = "/storage/Documents/${serviceName}"; + dataDir = "/var/lib/${serviceName}"; user = serviceUser; port = servicePort; passwordFile = config.sops.secrets.paperless-admin-pw.path; @@ -13971,8 +14065,8 @@ Also I install Tika and Gotenberg, which are needed to create PDFs out of =.eml= #+begin_src nix-ts :tangle modules/nixos/server/transmission.nix { self, pkgs, lib, config, confLib, ... }: let - inherit (confLib.gen { name = "transmission"; }) serviceName serviceDomain; - inherit (confLib.static) isHome; + inherit (confLib.gen { name = "transmission"; port = 9091; }) serviceName servicePort serviceDomain; + inherit (confLib.static) isHome homeServiceAddress homeWebProxy nginxAccessRules; lidarrUser = "lidarr"; lidarrGroup = lidarrUser; @@ -14067,6 +14161,16 @@ Also I install Tika and Gotenberg, which are needed to create PDFs out of =.eml= inherit isHome; }; + environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [ + { directory = "/var/lib/radarr"; user = radarrUser; group = radarrGroup; } + { directory = "/var/lib/readarr"; user = readarrUser; group = readarrGroup; } + { directory = "/var/lib/sonarr"; user = sonarrUser; group = sonarrGroup; } + { directory = "/var/lib/lidarr"; user = lidarrUser; group = lidarrGroup; } + { directory = "/var/lib/private/prowlarr"; user = prowlarrUser; group = prowlarrGroup; } + ]; + }; + services = { radarr = { enable = true; @@ -14074,7 +14178,7 @@ Also I install Tika and Gotenberg, which are needed to create PDFs out of =.eml= group = radarrGroup; settings.server.port = radarrPort; openFirewall = true; - dataDir = "/Vault/data/radarr"; + dataDir = "/var/lib/radarr"; }; readarr = { enable = true; @@ -14082,7 +14186,7 @@ Also I install Tika and Gotenberg, which are needed to create PDFs out of =.eml= group = readarrGroup; settings.server.port = readarrPort; openFirewall = true; - dataDir = "/Vault/data/readarr"; + dataDir = "/var/lib/readarr"; }; sonarr = { enable = true; @@ -14090,7 +14194,7 @@ Also I install Tika and Gotenberg, which are needed to create PDFs out of =.eml= group = sonarrGroup; settings.server.port = sonarrPort; openFirewall = true; - dataDir = "/Vault/data/sonarr"; + dataDir = "/var/lib/sonarr"; }; lidarr = { enable = true; @@ -14098,53 +14202,88 @@ Also I install Tika and Gotenberg, which are needed to create PDFs out of =.eml= group = lidarrGroup; settings.server.port = lidarrPort; openFirewall = true; - dataDir = "/Vault/data/lidarr"; + dataDir = "/var/lib/lidarr"; }; prowlarr = { enable = true; settings.server.port = prowlarrPort; openFirewall = true; }; + }; - nginx = { + nodes = { + ${homeWebProxy}.services.nginx = { + upstreams = { + transmission = { + servers = { + "${homeServiceAddress}:${builtins.toString servicePort}" = { }; + }; + }; + radarr = { + servers = { + "${homeServiceAddress}:${builtins.toString radarrPort}" = { }; + }; + }; + readarr = { + servers = { + "${homeServiceAddress}:${builtins.toString readarrPort}" = { }; + }; + }; + sonarr = { + servers = { + "${homeServiceAddress}:${builtins.toString sonarrPort}" = { }; + }; + }; + lidarr = { + servers = { + "${homeServiceAddress}:${builtins.toString lidarrPort}" = { }; + }; + }; + prowlarr = { + servers = { + "${homeServiceAddress}:${builtins.toString prowlarrPort}" = { }; + }; + }; + }; virtualHosts = { "${serviceDomain}" = { enableACME = false; forceSSL = false; acmeRoot = null; + extraConfig = nginxAccessRules; locations = { "/" = { - proxyPass = "http://localhost:9091"; + proxyPass = "http://transmission"; extraConfig = '' client_max_body_size 0; ''; }; "/radarr" = { - proxyPass = "http://localhost:${builtins.toString radarrPort}"; + proxyPass = "http://radarr"; extraConfig = '' client_max_body_size 0; ''; }; "/readarr" = { - proxyPass = "http://localhost:${builtins.toString readarrPort}"; + proxyPass = "http://readarr"; extraConfig = '' client_max_body_size 0; ''; }; "/sonarr" = { - proxyPass = "http://localhost:${builtins.toString sonarrPort}"; + proxyPass = "http://sonarr"; extraConfig = '' client_max_body_size 0; ''; }; "/lidarr" = { - proxyPass = "http://localhost:${builtins.toString lidarrPort}"; + proxyPass = "http://lidarr"; extraConfig = '' client_max_body_size 0; ''; }; "/prowlarr" = { - proxyPass = "http://localhost:${builtins.toString prowlarrPort}"; + proxyPass = "http://prowlarr"; extraConfig = '' client_max_body_size 0; ''; @@ -14242,12 +14381,16 @@ Also I install Tika and Gotenberg, which are needed to create PDFs out of =.eml= }; }; + environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [{ directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; }]; + }; + services.${serviceName} = rec { enable = true; user = serviceUser; group = serviceGroup; - dataDir = lib.mkDefault "/Vault/data/${serviceName}"; - configDir = "${cfg.dataDir}/.config/${serviceName}"; + dataDir = if config.swarselsystems.isMicroVM then "/storage/Documents/syncthing" else (lib.mkDefault "/var/lib/${serviceName}"); + configDir = if config.swarselsystems.isMicroVM then "/var/lib/syncthing/.config/syncthing" else "${cfg.dataDir}/.config/${serviceName}"; guiAddress = "0.0.0.0:${builtins.toString servicePort}"; openDefaultPorts = lib.mkIf (!isProxied) true; # opens ports TCP/UDP 22000 and UDP 21027 for discovery relay.enable = false; @@ -14320,68 +14463,92 @@ Note: you still need to run =restic- init= once on the host to get the buc { lib, pkgs, config, ... }: let inherit (config.swarselsystems) sopsFile; + + targets = config.swarselsystems.server.restic.targets; in { options.swarselmodules.server.restic = lib.mkEnableOption "enable restic backups on server"; options.swarselsystems.server.restic = { - bucketName = lib.mkOption { - type = lib.types.str; - }; - paths = lib.mkOption { - type = lib.types.listOf lib.types.str; - }; - withPostgres = lib.mkOption { - type = lib.types.bool; - default = false; + targets = lib.mkOption { + type = lib.types.attrsOf (lib.types.submodule ({ name, ... }: { + options = { + bucketName = lib.mkOption { + type = lib.types.str; + default = name; + }; + repository = lib.mkOption { + type = lib.types.str; + }; + paths = lib.mkOption { + type = lib.types.listOf lib.types.str; + }; + withPostgres = lib.mkOption { + type = lib.types.bool; + default = false; + }; + }; + })); + default = { }; }; }; + config = lib.mkIf config.swarselmodules.server.restic { sops = { - secrets = { - resticpw = { inherit sopsFile; }; - resticaccesskey = { inherit sopsFile; }; - resticsecretaccesskey = { inherit sopsFile; }; - }; - templates = { - "restic-env".content = '' - AWS_ACCESS_KEY_ID=${config.sops.placeholder.resticaccesskey} - AWS_SECRET_ACCESS_KEY=${config.sops.placeholder.resticsecretaccesskey} - ''; - }; + secrets = + lib.mkMerge (lib.mapAttrsToList + (name: _: { + "resticpw-${name}" = { inherit sopsFile; }; + "resticaccesskey-${name}" = { inherit sopsFile; }; + "resticsecretaccesskey-${name}" = { inherit sopsFile; }; + }) + targets); + + templates = + lib.mkMerge (lib.mapAttrsToList + (name: _: { + "restic-env-${name}".content = '' + AWS_ACCESS_KEY_ID=${config.sops.placeholder."resticaccesskey-${name}"} + AWS_SECRET_ACCESS_KEY=${config.sops.placeholder."resticsecretaccesskey-${name}"} + ''; + }) + targets); }; - services.restic = - let - inherit (config.repo.secrets.local) resticRepo; - in - { - backups = { - "${config.swarselsystems.server.restic.bucketName}" = { - environmentFile = config.sops.templates."restic-env".path; - passwordFile = config.sops.secrets.resticpw.path; - inherit (config.swarselsystems.server.restic) paths; + services.restic.backups = + lib.mapAttrs' + (name: target: + lib.nameValuePair target.bucketName { + environmentFile = + config.sops.templates."restic-env-${name}".path; + + passwordFile = + config.sops.secrets."resticpw-${name}".path; + + inherit (target) paths repository; + pruneOpts = [ "--keep-daily 3" "--keep-weekly 2" "--keep-monthly 3" "--keep-yearly 100" ]; + backupPrepareCommand = '' ${pkgs.restic}/bin/restic prune ''; - repository = "${resticRepo}"; + initialize = true; + timerConfig = { OnCalendar = "03:00"; }; - }; - - }; - }; - + } + ) + targets; }; } + #+end_src **** monitoring (Grafana, Prometheus) @@ -14441,8 +14608,10 @@ This section exposes several metrics that I use to check the health of my server node-exporter = confLib.mkIds 987; grafana = confLib.mkIds 974; }; + groups.nextcloud-exporter = {}; users = { nextcloud-exporter = { + group = "nextcloud-exporter"; extraGroups = [ "nextcloud" ]; }; @@ -14472,10 +14641,17 @@ This section exposes several metrics that I use to check the health of my server }; }; + environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [ + { directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; } + { directory = "/var/lib/prometheus2"; user = prometheusUser; group = prometheusGroup; } + ]; + }; + services = { ${serviceName} = { enable = true; - dataDir = "/Vault/data/${serviceName}"; + dataDir = "/var/lib/${serviceName}"; provision = { enable = true; datasources.settings = { @@ -14687,7 +14863,7 @@ This is a WIP Jenkins instance. It is used to automatically build a new system w #+begin_src nix-ts :tangle modules/nixos/server/jenkins.nix { pkgs, lib, config, globals, dns, confLib, ... }: let - inherit (confLib.gen { name = "jenkins"; port = 8088; }) servicePort serviceName serviceDomain serviceAddress proxyAddress4 proxyAddress6; + inherit (confLib.gen { name = "jenkins"; port = 8088; }) servicePort serviceName serviceUser serviceGroup serviceDomain serviceAddress proxyAddress4 proxyAddress6; inherit (confLib.static) isHome isProxied webProxy homeWebProxy dnsServer homeProxyIf webProxyIf homeServiceAddress nginxAccessRules; in { @@ -14710,13 +14886,17 @@ This is a WIP Jenkins instance. It is used to automatically build a new system w }; }; + environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [{ directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; }]; + }; + services.jenkins = { enable = true; withCLI = true; port = servicePort; packages = [ pkgs.stdenv pkgs.git pkgs.jdk17 config.programs.ssh.package pkgs.nix ]; listenAddress = "0.0.0.0"; - home = "/Vault/apps/${serviceName}"; + home = "/var/lib/${serviceName}"; }; nodes = { @@ -14837,6 +15017,10 @@ FreshRSS claims to support HTTP header auth, but at least it does not work with homeServiceAddress = lib.mkIf isHome homeServiceAddress; }; + environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [{ directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; }]; + }; + services.${serviceName} = let inherit (config.repo.secrets.local.freshrss) defaultUser; @@ -14847,7 +15031,7 @@ FreshRSS claims to support HTTP header auth, but at least it does not work with virtualHost = serviceDomain; baseUrl = "https://${serviceDomain}"; authType = "form"; - dataDir = "/Vault/data/tt-rss"; + dataDir = "/var/lib/freshrss"; passwordFile = config.sops.secrets.freshrss-pw.path; }; @@ -14952,9 +15136,13 @@ FreshRSS claims to support HTTP header auth, but at least it does not work with }; }; + environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [{ directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; }]; + }; + services.${serviceName} = { enable = true; - stateDir = "/Vault/data/${serviceName}"; + stateDir = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; lfs.enable = lib.mkDefault true; @@ -15107,6 +15295,10 @@ FreshRSS claims to support HTTP header auth, but at least it does not work with }; }; + environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [{ directory = "/var/lib/private/${serviceName}"; }]; + }; + services.anki-sync-server = { enable = true; port = servicePort; @@ -15233,12 +15425,19 @@ kanidm person credential create-reset-token }; }; - environment.persistence."/persist" = lib.mkIf config.swarselsystems.isImpermanence { - files = [ - certPathBase - keyPathBase - ]; + environment.persistence = { + "/persist" = lib.mkIf config.swarselsystems.isImpermanence { + files = [ + certPathBase + keyPathBase + ]; + }; + + "/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [{ directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; }]; + }; }; + systemd.services."generateSSLCert-${serviceName}" = let daysValid = 3650; @@ -15718,6 +15917,10 @@ kanidm person credential create-reset-token }; }; + users = { + persistentIds.oauth2-proxy = confLib.mkIds 966; + }; + # needed for homeWebProxy networking.firewall.allowedTCPPorts = [ servicePort ]; @@ -15856,12 +16059,16 @@ kanidm person credential create-reset-token homeServiceAddress = lib.mkIf isHome homeServiceAddress; }; + environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [{ directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; }]; + }; + services = { ${serviceName} = { enable = true; user = serviceUser; group = if cfg.enableNginx then nginxGroup else serviceGroup; - dataDir = "/Vault/data/${serviceName}"; + dataDir = "/var/lib/${serviceName}"; settings = { TZ = config.repo.secrets.common.location.timezone; APP_URL = "https://${serviceDomain}"; @@ -15943,156 +16150,160 @@ kanidm person credential create-reset-token } #+end_src -**** Koillection +**** Koillection (use db) :PROPERTIES: :CUSTOM_ID: h:09c0fed3-b9c6-487f-a5f6-49be039e5fa2 :END: #+begin_src nix-ts :tangle modules/nixos/server/koillection.nix -{ self, lib, config, globals, dns, confLib, ... }: -let - inherit (confLib.gen { name = "koillection"; port = 2282; dir = "/Vault/data/koillection"; }) servicePort serviceName serviceUser serviceDir serviceDomain serviceAddress proxyAddress4 proxyAddress6; - inherit (confLib.static) isHome isProxied webProxy homeWebProxy dnsServer homeProxyIf webProxyIf homeServiceAddress nginxAccessRules; - serviceDB = "koillection"; + { self, lib, config, globals, dns, confLib, ... }: + let + inherit (confLib.gen { name = "koillection"; port = 2282; dir = "/var/lib/koillection"; }) servicePort serviceName serviceUser serviceDir serviceDomain serviceAddress proxyAddress4 proxyAddress6; + inherit (confLib.static) isHome isProxied webProxy homeWebProxy dnsServer homeProxyIf webProxyIf homeServiceAddress nginxAccessRules; + serviceDB = "koillection"; - postgresUser = config.systemd.services.postgresql.serviceConfig.User; # postgres - postgresPort = config.services.postgresql.settings.port; # 5432 - containerRev = "sha256:96693e41a6eb2aae44f96033a090378270f024ddf4e6095edf8d57674f21095d"; + postgresUser = config.systemd.services.postgresql.serviceConfig.User; # postgres + postgresPort = config.services.postgresql.settings.port; # 5432 + containerRev = "sha256:96693e41a6eb2aae44f96033a090378270f024ddf4e6095edf8d57674f21095d"; - inherit (config.swarselsystems) sopsFile; -in -{ - options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server"; - config = lib.mkIf config.swarselmodules.server.${serviceName} { + inherit (config.swarselsystems) sopsFile; + in + { + options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server"; + config = lib.mkIf config.swarselmodules.server.${serviceName} { - swarselmodules.server = { - podman = true; - postgresql = true; - }; + swarselmodules.server = { + podman = true; + postgresql = true; + }; - sops.secrets = { - koillection-db-password = { inherit sopsFile; owner = postgresUser; group = postgresUser; mode = "0440"; }; - koillection-env-file = { inherit sopsFile; }; - }; + sops.secrets = { + koillection-db-password = { inherit sopsFile; owner = postgresUser; group = postgresUser; mode = "0440"; }; + koillection-env-file = { inherit sopsFile; }; + }; - topology.self.services.${serviceName} = { - name = lib.swarselsystems.toCapitalized serviceName; - info = "https://${serviceDomain}"; - icon = "${self}/files/topology-images/${serviceName}.png"; - }; + topology.self.services.${serviceName} = { + name = lib.swarselsystems.toCapitalized serviceName; + info = "https://${serviceDomain}"; + icon = "${self}/files/topology-images/${serviceName}.png"; + }; - globals = { - networks = { - ${webProxyIf}.hosts = lib.mkIf isProxied { - ${config.node.name}.firewallRuleForNode.${webProxy}.allowedTCPPorts = [ servicePort postgresPort ]; + globals = { + networks = { + ${webProxyIf}.hosts = lib.mkIf isProxied { + ${config.node.name}.firewallRuleForNode.${webProxy}.allowedTCPPorts = [ servicePort postgresPort ]; + }; + ${homeProxyIf}.hosts = lib.mkIf isHome { + ${config.node.name}.firewallRuleForNode.${homeWebProxy}.allowedTCPPorts = [ servicePort postgresPort ]; + }; }; - ${homeProxyIf}.hosts = lib.mkIf isHome { - ${config.node.name}.firewallRuleForNode.${homeWebProxy}.allowedTCPPorts = [ servicePort postgresPort ]; + services.${serviceName} = { + domain = serviceDomain; + inherit proxyAddress4 proxyAddress6 isHome serviceAddress; + homeServiceAddress = lib.mkIf isHome homeServiceAddress; }; }; - services.${serviceName} = { - domain = serviceDomain; - inherit proxyAddress4 proxyAddress6 isHome serviceAddress; - homeServiceAddress = lib.mkIf isHome homeServiceAddress; + + environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [{ directory = "/var/lib/${serviceName}"; }]; }; - }; - virtualisation.oci-containers.containers = { - koillection = { - image = "koillection/koillection@${containerRev}"; + virtualisation.oci-containers.containers = { + koillection = { + image = "koillection/koillection@${containerRev}"; - ports = [ - "${toString servicePort}:80" - ]; + ports = [ + "${toString servicePort}:80" + ]; - volumes = [ - "${serviceDir}/uploads:/uploads" - ]; + volumes = [ + "${serviceDir}/uploads:/uploads" + ]; - environment = { - APP_DEBUG = "0"; - APP_ENV = "prod"; - HTTPS_ENABLED = "1"; - UPLOAD_MAX_FILESIZE = "512M"; - PHP_MEMORY_LIMIT = "512M"; - PHP_TZ = config.repo.secrets.common.location.timezone; + environment = { + APP_DEBUG = "0"; + APP_ENV = "prod"; + HTTPS_ENABLED = "1"; + UPLOAD_MAX_FILESIZE = "512M"; + PHP_MEMORY_LIMIT = "512M"; + PHP_TZ = config.repo.secrets.common.location.timezone; - CORS_ALLOW_ORIGIN = "https?://(localhost|swag\\.swarsel\\.win)(:[0-9]+)?$"; + CORS_ALLOW_ORIGIN = "https?://(localhost|swag\\.swarsel\\.win)(:[0-9]+)?$"; - DB_DRIVER = "pdo_pgsql"; - DB_NAME = serviceDB; - DB_HOST = "host.docker.internal"; - DB_USER = serviceUser; - # DB_PASSWORD set in koillection-env-file - DB_PORT = "${toString postgresPort}"; - DB_VERSION = "16"; + DB_DRIVER = "pdo_pgsql"; + DB_NAME = serviceDB; + DB_HOST = "host.docker.internal"; + DB_USER = serviceUser; + # DB_PASSWORD set in koillection-env-file + DB_PORT = "${toString postgresPort}"; + DB_VERSION = "16"; + }; + + environmentFiles = [ + config.sops.secrets.koillection-env-file.path + ]; + + extraOptions = [ + "--add-host=host.docker.internal:host-gateway" # podman + ]; }; - - environmentFiles = [ - config.sops.secrets.koillection-env-file.path - ]; - - extraOptions = [ - "--add-host=host.docker.internal:host-gateway" # podman - ]; }; - }; - # networking.firewall.allowedTCPPorts = [ servicePort postgresPort ]; + # networking.firewall.allowedTCPPorts = [ servicePort postgresPort ]; - systemd.services.postgresql.postStart = - let - passwordPath = config.sops.secrets.koillection-db-password.path; - in - '' - ${config.services.postgresql.package}/bin/psql -tA <<'EOF' - DO $$ - DECLARE password TEXT; - BEGIN - password := trim(both from replace(pg_read_file('${passwordPath}'), E'\n', ''')); - EXECUTE format('ALTER ROLE ${serviceDB} WITH PASSWORD '''%s''';', password); - END $$; - EOF - ''; - services = { - postgresql = { - enable = true; - enableTCPIP = true; - ensureDatabases = [ serviceDB ]; - ensureUsers = [ - { - name = serviceDB; - ensureDBOwnership = true; - } - ]; - authentication = '' - host ${serviceDB} ${serviceDB} 10.88.0.0/16 scram-sha-256 + systemd.services.postgresql.postStart = + let + passwordPath = config.sops.secrets.koillection-db-password.path; + in + '' + ${config.services.postgresql.package}/bin/psql -tA <<'EOF' + DO $$ + DECLARE password TEXT; + BEGIN + password := trim(both from replace(pg_read_file('${passwordPath}'), E'\n', ''')); + EXECUTE format('ALTER ROLE ${serviceDB} WITH PASSWORD '''%s''';', password); + END $$; + EOF ''; - }; - }; - - nodes = - let - extraConfigLoc = '' - proxy_buffer_size 128k; - proxy_buffers 4 256k; - proxy_busy_buffers_size 256k; - ''; - in - { - ${dnsServer}.swarselsystems.server.dns.${globals.services.${serviceName}.baseDomain}.subdomainRecords = { - "${globals.services.${serviceName}.subDomain}" = dns.lib.combinators.host proxyAddress4 proxyAddress6; + services = { + postgresql = { + enable = true; + enableTCPIP = true; + ensureDatabases = [ serviceDB ]; + ensureUsers = [ + { + name = serviceDB; + ensureDBOwnership = true; + } + ]; + authentication = '' + host ${serviceDB} ${serviceDB} 10.88.0.0/16 scram-sha-256 + ''; }; - ${webProxy}.services.nginx = confLib.genNginx { inherit serviceAddress servicePort serviceDomain serviceName extraConfigLoc; maxBody = 0; }; - ${homeWebProxy}.services.nginx = lib.mkIf isHome (confLib.genNginx { inherit servicePort serviceDomain serviceName extraConfigLoc; maxBody = 0; extraConfig = nginxAccessRules; serviceAddress = homeServiceAddress; }); }; + nodes = + let + extraConfigLoc = '' + proxy_buffer_size 128k; + proxy_buffers 4 256k; + proxy_busy_buffers_size 256k; + ''; + in + { + ${dnsServer}.swarselsystems.server.dns.${globals.services.${serviceName}.baseDomain}.subdomainRecords = { + "${globals.services.${serviceName}.subDomain}" = dns.lib.combinators.host proxyAddress4 proxyAddress6; + }; + ${webProxy}.services.nginx = confLib.genNginx { inherit serviceAddress servicePort serviceDomain serviceName extraConfigLoc; maxBody = 0; }; + ${homeWebProxy}.services.nginx = lib.mkIf isHome (confLib.genNginx { inherit servicePort serviceDomain serviceName extraConfigLoc; maxBody = 0; extraConfig = nginxAccessRules; serviceAddress = homeServiceAddress; }); + }; - }; -} + + }; + } #+end_src -**** Atuin +**** Atuin (use db) :PROPERTIES: :CUSTOM_ID: h:27eac8b9-c202-4e45-9b80-42592f1e41c8 :END: @@ -16103,47 +16314,51 @@ in inherit (confLib.gen { name = "atuin"; port = 8888; }) servicePort serviceName serviceDomain serviceAddress proxyAddress4 proxyAddress6; inherit (confLib.static) isHome isProxied webProxy homeWebProxy dnsServer homeProxyIf webProxyIf homeServiceAddress nginxAccessRules; in - { - options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server"; - config = lib.mkIf config.swarselmodules.server.${serviceName} { + { + options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server"; + config = lib.mkIf config.swarselmodules.server.${serviceName} { - topology.self.services.${serviceName}.info = "https://${serviceDomain}"; + swarselmodules.server = { + postgresql = true; + }; - globals = { - networks = { - ${webProxyIf}.hosts = lib.mkIf isProxied { - ${config.node.name}.firewallRuleForNode.${webProxy}.allowedTCPPorts = [ servicePort ]; + topology.self.services.${serviceName}.info = "https://${serviceDomain}"; + + globals = { + networks = { + ${webProxyIf}.hosts = lib.mkIf isProxied { + ${config.node.name}.firewallRuleForNode.${webProxy}.allowedTCPPorts = [ servicePort ]; + }; + ${homeProxyIf}.hosts = lib.mkIf isHome { + ${config.node.name}.firewallRuleForNode.${homeWebProxy}.allowedTCPPorts = [ servicePort ]; + }; }; - ${homeProxyIf}.hosts = lib.mkIf isHome { - ${config.node.name}.firewallRuleForNode.${homeWebProxy}.allowedTCPPorts = [ servicePort ]; + services.${serviceName} = { + domain = serviceDomain; + inherit proxyAddress4 proxyAddress6 isHome serviceAddress; + homeServiceAddress = lib.mkIf isHome homeServiceAddress; }; }; + services.${serviceName} = { - domain = serviceDomain; - inherit proxyAddress4 proxyAddress6 isHome serviceAddress; - homeServiceAddress = lib.mkIf isHome homeServiceAddress; + enable = true; + host = "0.0.0.0"; + port = servicePort; + # openFirewall = true; + openRegistration = false; }; - }; - services.${serviceName} = { - enable = true; - host = "0.0.0.0"; - port = servicePort; - # openFirewall = true; - openRegistration = false; - }; - - nodes = { - ${dnsServer}.swarselsystems.server.dns.${globals.services.${serviceName}.baseDomain}.subdomainRecords = { - "${globals.services.${serviceName}.subDomain}" = dns.lib.combinators.host proxyAddress4 proxyAddress6; + nodes = { + ${dnsServer}.swarselsystems.server.dns.${globals.services.${serviceName}.baseDomain}.subdomainRecords = { + "${globals.services.${serviceName}.subDomain}" = dns.lib.combinators.host proxyAddress4 proxyAddress6; + }; + ${webProxy}.services.nginx = confLib.genNginx { inherit serviceAddress servicePort serviceDomain serviceName; maxBody = 0; }; + ${homeWebProxy}.services.nginx = lib.mkIf isHome (confLib.genNginx { inherit servicePort serviceDomain serviceName; maxBody = 0; extraConfig = nginxAccessRules; serviceAddress = homeServiceAddress; }); }; - ${webProxy}.services.nginx = confLib.genNginx { inherit serviceAddress servicePort serviceDomain serviceName; maxBody = 0; }; - ${homeWebProxy}.services.nginx = lib.mkIf isHome (confLib.genNginx { inherit servicePort serviceDomain serviceName; maxBody = 0; extraConfig = nginxAccessRules; serviceAddress = homeServiceAddress; }); + }; - }; - - } + } #+end_src **** Radicale @@ -16189,6 +16404,10 @@ in topology.self.services.${serviceName}.info = "https://${serviceDomain}"; + environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [{ directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; }]; + }; + globals = { networks = { ${webProxyIf}.hosts = lib.mkIf isProxied { @@ -16221,7 +16440,7 @@ in htpasswd_encryption = "autodetect"; }; storage = { - filesystem_folder = "/Vault/data/radicale/collections"; + filesystem_folder = "/var/lib/radicale/collections"; }; }; rights = { @@ -16792,7 +17011,7 @@ in hostName = serviceDomain; user = serviceUser; group = serviceGroup; - dataDir = "/Vault/data/snipeit"; + dataDir = "/var/lib/snipeit"; database = { user = serviceUser; port = mysqlPort; @@ -16813,7 +17032,7 @@ in }; } #+end_src -**** Homebox +**** Homebox (use db) :PROPERTIES: :CUSTOM_ID: h:5b4feb1b-e7a3-43f1-9930-8d00012742ad :END: @@ -16821,7 +17040,7 @@ in #+begin_src nix-ts :tangle modules/nixos/server/homebox.nix { self, lib, pkgs, config, globals, dns, confLib, ... }: let - inherit (confLib.gen { name = "homebox"; port = 7745; }) servicePort serviceName serviceDomain serviceAddress proxyAddress4 proxyAddress6; + inherit (confLib.gen { name = "homebox"; port = 7745; }) servicePort serviceName serviceUser serviceGroup serviceDomain serviceAddress proxyAddress4 proxyAddress6; inherit (confLib.static) isHome isProxied webProxy homeWebProxy dnsServer homeProxyIf webProxyIf homeServiceAddress nginxAccessRules; in { @@ -16834,6 +17053,10 @@ in icon = "${self}/files/topology-images/${serviceName}.png"; }; + swarselmodules.server = { + postgresql = true; + }; + users.persistentIds = { homebox = confLib.mkIds 981; }; @@ -16854,14 +17077,14 @@ in }; }; + environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [{ directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; }]; + }; + systemd.services.homebox = { environment = { TMPDIR = "/var/lib/homebox/.tmp"; - }; - serviceConfig = { - # ReadWritePaths = "/var/lib/homebox"; - RuntimeDirectory = "homebox"; - BindPaths="/run/homebox:/var/lib/homebox/.tmp"; + HOME = "/var/lib/homebox"; }; }; @@ -16903,7 +17126,7 @@ in kanidmDomain = globals.services.kanidm.domain; inherit (config.swarselsystems) mainUser; - inherit (config.repo.secrets.local) persons; + mailAddress = config.repo.secrets.common.mail.address4; in { options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server"; @@ -16927,7 +17150,7 @@ in authorizations = [ { user = mainUser; - principal = builtins.head persons.${mainUser}.mailAddresses; + principal = mailAddress; inherit (config.services.opkssh.providers.kanidm) issuer; } ]; @@ -17702,7 +17925,7 @@ When changing the hashed passwords, =dovecot= needs to be restarted manually, it { self, lib, config, globals, dns, confLib, ... }: let inherit (config.swarselsystems) sopsFile; - inherit (confLib.gen { name = "mailserver"; dir = "/var/lib/dovecot"; user = "virtualMail"; group = "virtualMail"; port = 443; }) serviceName serviceDir servicePort serviceUser serviceGroup serviceAddress serviceDomain proxyAddress4 proxyAddress6; + inherit (confLib.gen { name = "mailserver"; dir = "/var/lib/dovecot"; user = "virtualMail"; group = "virtualMail"; port = 80; }) serviceName serviceDir servicePort serviceUser serviceGroup serviceAddress serviceDomain proxyAddress4 proxyAddress6; inherit (confLib.static) isHome webProxy homeWebProxy dnsServer homeServiceAddress nginxAccessRules; inherit (config.repo.secrets.local.mailserver) user1 alias1_1 alias1_2 alias1_3 alias1_4 user2 alias2_1 alias2_2 alias2_3 user3; baseDomain = globals.domains.main; @@ -19643,8 +19866,6 @@ Some standard options that should be set for every microvm guest. We set the def # NOTE: this is needed, we dont import sevrer network module for microvms globals.hosts.${config.node.name}.isHome = true; - fileSystems."/persist".neededForBoot = lib.mkForce true; - systemd.network.networks."10-vlan-services" = { dhcpV6Config = { WithoutRA = "solicit"; @@ -27167,210 +27388,220 @@ In short, the options defined here are passed to the modules systems using =_mod :CUSTOM_ID: h:a33322d5-014a-4072-a4a5-91bc71c343b8 :END: #+begin_src nix-ts :noweb yes :tangle modules/shared/config-lib.nix - { self, config, lib, globals, inputs, outputs, minimal, nixosConfig ? null, ... }: - let - domainDefault = service: config.repo.secrets.common.services.domains.${service}; - proxyDefault = config.swarselsystems.proxyHost; + { self, config, lib, globals, inputs, outputs, minimal, nixosConfig ? null, ... }: + let + domainDefault = service: config.repo.secrets.common.services.domains.${service}; + proxyDefault = config.swarselsystems.proxyHost; - addressDefault = - if - config.swarselsystems.proxyHost != config.node.name - then + addressDefault = if - config.swarselsystems.server.wireguard.interfaces.wgProxy.isClient + config.swarselsystems.proxyHost != config.node.name then - globals.networks."${config.swarselsystems.server.wireguard.interfaces.wgProxy.serverNetConfigPrefix}-wgProxy".hosts.${config.node.name}.ipv4 - else - globals.networks.${config.swarselsystems.server.netConfigName}.hosts.${config.node.name}.ipv4 - else - "localhost"; - in - { - _module.args = { - confLib = rec { - getConfig = if nixosConfig == null then config else nixosConfig; - - gen = { name ? "n/a", user ? name, group ? name, dir ? null, port ? null, domain ? (domainDefault name), address ? addressDefault, proxy ? proxyDefault }: rec { - servicePort = port; - serviceName = name; - specificServiceName = "${name}-${config.node.name}"; - serviceUser = user; - serviceGroup = group; - serviceDomain = domain; - baseDomain = lib.swarselsystems.getBaseDomain domain; - subDomain = lib.swarselsystems.getSubDomain domain; - serviceDir = dir; - serviceAddress = address; - serviceProxy = proxy; - proxyAddress4 = globals.hosts.${proxy}.wanAddress4 or null; - proxyAddress6 = globals.hosts.${proxy}.wanAddress6 or null; - }; - - static = rec { - inherit (globals.hosts.${config.node.name}) isHome; - inherit (globals.general) homeProxy webProxy dnsServer homeDnsServer homeWebProxy idmServer oauthServer; - webProxyIf = "${webProxy}-wgProxy"; - homeProxyIf = "home-wgHome"; - isProxied = config.node.name != webProxy; - nginxAccessRules = '' - allow ${globals.networks.home-lan.vlans.home.cidrv4}; - allow ${globals.networks.home-lan.vlans.home.cidrv6}; - allow ${globals.networks.home-lan.vlans.services.hosts.${homeProxy}.ipv4}; - allow ${globals.networks.home-lan.vlans.services.hosts.${homeProxy}.ipv6}; - deny all; - ''; - homeServiceAddress = lib.optionalString (config.swarselsystems.server.wireguard.interfaces ? wgHome) globals.networks."${config.swarselsystems.server.wireguard.interfaces.wgHome.serverNetConfigPrefix}-wgHome".hosts.${config.node.name}.ipv4; - }; - - mkIds = id: { - uid = id; - gid = id; - }; - - mkDeviceMac = id: - let - mod = n: d: n - (n / d) * d; - toHexByte = n: - let - hex = "0123456789abcdef"; - hi = n / 16; - lo = mod n 16; - in - builtins.substring hi 1 hex - + builtins.substring lo 1 hex; - - max = 16777215; # 256^3 - 1 - - b1 = id / (256 * 256); - r1 = mod id (256 * 256); - b2 = r1 / 256; - b3 = mod r1 256; - in if - (id <= max) + config.swarselsystems.server.wireguard.interfaces.wgProxy.isClient then - (builtins.concatStringsSep ":" - (map toHexByte [ b1 b2 b3 ])) + globals.networks."${config.swarselsystems.server.wireguard.interfaces.wgProxy.serverNetConfigPrefix}-wgProxy".hosts.${config.node.name}.ipv4 else - (throw "Device MAC ID too large (max is 16777215)"); + globals.networks.${config.swarselsystems.server.netConfigName}.hosts.${config.node.name}.ipv4 + else + "localhost"; + in + { + _module.args = { + confLib = rec { + getConfig = if nixosConfig == null then config else nixosConfig; - mkMicrovm = - if config.swarselsystems.withMicroVMs then - (guestName: - { enableStorage ? false - , withZfs ? false - , ... - }: - { - ${guestName} = { - backend = "microvm"; - autostart = true; - zfs = lib.mkIf withZfs { - # stateful config that should be backed up - "/state" = { - pool = "Vault"; - dataset = "guests/${guestName}/state"; - }; - # data that should be backed up - "/storage" = lib.mkIf enableStorage { - pool = "Vault"; - dataset = "guests/${guestName}/storage"; - }; - # other stuff that should only reside on disk, not backed up - "/persist" = { - pool = "Vault"; - dataset = "guests/${guestName}/persist"; - }; - }; - modules = [ - (config.node.configDir + /guests/${guestName}/default.nix) - { - node.secretsDir = config.node.configDir + /secrets/${guestName}; - node.configDir = config.node.configDir + /guests/${guestName}; - networking.nftables.firewall = { - zones.untrusted.interfaces = lib.mkIf - ( - lib.length config.guests.${guestName}.networking.links == 1 - ) - config.guests.${guestName}.networking.links; - }; - } - "${self}/modules/nixos/optional/microvm-guest.nix" - "${self}/modules/nixos/optional/systemd-networkd-base.nix" - ]; - microvm = { - system = config.node.arch; - baseMac = config.repo.secrets.local.networking.networks.lan.mac; - interfaces.vlan-services = { - mac = lib.mkForce "02:${lib.substring 3 5 config.guests.${guestName}.microvm.baseMac}:${mkDeviceMac globals.networks.home-lan.vlans.services.hosts."${config.node.name}-${guestName}".id}"; - - }; - }; - extraSpecialArgs = { - inherit (inputs.self) nodes; - inherit (inputs.self.pkgs.${config.node.arch}) lib; - inherit inputs outputs minimal; - inherit (inputs) self; - withHomeManager = false; - microVMParent = config.node.name; - globals = inputs.self.globals.${config.node.arch}; - }; - }; - }) else - (_: { - _ = { }; - }); - - genNginx = - { serviceAddress - , serviceName - , serviceDomain - , servicePort - , protocol ? "http" - , maxBody ? (-1) - , maxBodyUnit ? "" - , noSslVerify ? false - , proxyWebsockets ? false - , oauth2 ? false - , oauth2Groups ? [ ] - , extraConfig ? "" - , extraConfigLoc ? "" - }: { - upstreams = { - ${serviceName} = { - servers = { - "${serviceAddress}:${builtins.toString servicePort}" = { }; - }; - }; - }; - virtualHosts = { - "${serviceDomain}" = { - useACMEHost = globals.domains.main; - forceSSL = true; - acmeRoot = null; - oauth2 = { - enable = lib.mkIf oauth2 true; - allowedGroups = lib.mkIf (oauth2Groups != [ ]) oauth2Groups; - }; - locations = { - "/" = { - proxyPass = "${protocol}://${serviceName}"; - proxyWebsockets = lib.mkIf proxyWebsockets true; - extraConfig = lib.optionalString (maxBody != (-1)) '' - client_max_body_size ${builtins.toString maxBody}${maxBodyUnit}; - '' + extraConfigLoc; - }; - }; - extraConfig = lib.optionalString noSslVerify '' - proxy_ssl_verify off; - '' + extraConfig; - }; - }; + gen = { name ? "n/a", user ? name, group ? user, dir ? null, port ? null, domain ? (domainDefault name), address ? addressDefault, proxy ? proxyDefault }: rec { + servicePort = port; + serviceName = name; + specificServiceName = "${name}-${config.node.name}"; + serviceUser = user; + serviceGroup = group; + serviceDomain = domain; + baseDomain = lib.swarselsystems.getBaseDomain domain; + subDomain = lib.swarselsystems.getSubDomain domain; + serviceDir = dir; + serviceAddress = address; + serviceProxy = proxy; + proxyAddress4 = globals.hosts.${proxy}.wanAddress4 or null; + proxyAddress6 = globals.hosts.${proxy}.wanAddress6 or null; }; + static = rec { + inherit (globals.hosts.${config.node.name}) isHome; + inherit (globals.general) homeProxy webProxy dnsServer homeDnsServer homeWebProxy idmServer oauthServer; + webProxyIf = "${webProxy}-wgProxy"; + homeProxyIf = "home-wgHome"; + isProxied = config.node.name != webProxy; + nginxAccessRules = '' + allow ${globals.networks.home-lan.vlans.home.cidrv4}; + allow ${globals.networks.home-lan.vlans.home.cidrv6}; + allow ${globals.networks.home-lan.vlans.services.hosts.${homeProxy}.ipv4}; + allow ${globals.networks.home-lan.vlans.services.hosts.${homeProxy}.ipv6}; + deny all; + ''; + homeServiceAddress = lib.optionalString (config.swarselsystems.server.wireguard.interfaces ? wgHome) globals.networks."${config.swarselsystems.server.wireguard.interfaces.wgHome.serverNetConfigPrefix}-wgHome".hosts.${config.node.name}.ipv4; + }; + + mkIds = id: { + uid = id; + gid = id; + }; + + mkDeviceMac = id: + let + mod = n: d: n - (n / d) * d; + toHexByte = n: + let + hex = "0123456789abcdef"; + hi = n / 16; + lo = mod n 16; + in + builtins.substring hi 1 hex + + builtins.substring lo 1 hex; + + max = 16777215; # 256^3 - 1 + + b1 = id / (256 * 256); + r1 = mod id (256 * 256); + b2 = r1 / 256; + b3 = mod r1 256; + in + if + (id <= max) + then + (builtins.concatStringsSep ":" + (map toHexByte [ b1 b2 b3 ])) + else + (throw "Device MAC ID too large (max is 16777215)"); + + mkMicrovm = + if config.swarselsystems.withMicroVMs then + (guestName: + { eternorPaths ? [ ] + , withZfs ? false + , ... + }: + { + ${guestName} = + { + backend = "microvm"; + autostart = true; + zfs = lib.mkIf withZfs + ({ + # stateful config usually bind-mounted to /var/lib/ that should be backed up remotely + "/state" = { + pool = "Vault"; + dataset = "guests/${guestName}/state"; + }; + # other stuff that should only reside on zfs, not backed up remotely + "/persist" = { + pool = "Vault"; + dataset = "guests/${guestName}/persist"; + }; + } // lib.optionalAttrs (eternorPaths != [ ]) + (lib.listToAttrs (map + # data that is pulled in externally by services, some of which is backed up externally + (eternorPath: + lib.nameValuePair "/storage/${eternorPath}" { + pool = "Vault"; + dataset = "Eternor/${eternorPath}"; + }) eternorPaths))); + modules = [ + (config.node.configDir + /guests/${guestName}/default.nix) + { + node.secretsDir = config.node.configDir + /secrets/${guestName}; + node.configDir = config.node.configDir + /guests/${guestName}; + networking.nftables.firewall = { + zones.untrusted.interfaces = lib.mkIf + ( + lib.length config.guests.${guestName}.networking.links == 1 + ) + config.guests.${guestName}.networking.links; + }; + + fileSystems = { + "/persist".neededForBoot = true; + } // lib.optionalAttrs withZfs { + "/state".neededForBoot = true; + }; + } + "${self}/modules/nixos/optional/microvm-guest.nix" + "${self}/modules/nixos/optional/systemd-networkd-base.nix" + ]; + microvm = { + system = config.node.arch; + baseMac = config.repo.secrets.local.networking.networks.lan.mac; + interfaces.vlan-services = { + mac = lib.mkForce "02:${lib.substring 3 5 config.guests.${guestName}.microvm.baseMac}:${mkDeviceMac globals.networks.home-lan.vlans.services.hosts."${config.node.name}-${guestName}".id}"; + + }; + }; + extraSpecialArgs = { + inherit (inputs.self) nodes; + inherit (inputs.self.pkgs.${config.node.arch}) lib; + inherit inputs outputs minimal; + inherit (inputs) self; + withHomeManager = false; + microVMParent = config.node.name; + globals = inputs.self.globals.${config.node.arch}; + }; + }; + }) else + (_: { + _ = { }; + }); + + genNginx = + { serviceAddress + , serviceName + , serviceDomain + , servicePort + , protocol ? "http" + , maxBody ? (-1) + , maxBodyUnit ? "" + , noSslVerify ? false + , proxyWebsockets ? false + , oauth2 ? false + , oauth2Groups ? [ ] + , extraConfig ? "" + , extraConfigLoc ? "" + }: { + upstreams = { + ${serviceName} = { + servers = { + "${serviceAddress}:${builtins.toString servicePort}" = { }; + }; + }; + }; + virtualHosts = { + "${serviceDomain}" = { + useACMEHost = globals.domains.main; + forceSSL = true; + acmeRoot = null; + oauth2 = { + enable = lib.mkIf oauth2 true; + allowedGroups = lib.mkIf (oauth2Groups != [ ]) oauth2Groups; + }; + locations = { + "/" = { + proxyPass = "${protocol}://${serviceName}"; + proxyWebsockets = lib.mkIf proxyWebsockets true; + extraConfig = lib.optionalString (maxBody != (-1)) '' + client_max_body_size ${builtins.toString maxBody}${maxBodyUnit}; + '' + extraConfigLoc; + }; + }; + extraConfig = lib.optionalString noSslVerify '' + proxy_ssl_verify off; + '' + extraConfig; + }; + }; + }; + + }; }; - }; - } + } #+end_src *** Packages @@ -29895,6 +30126,7 @@ Modules that need to be loaded on the NixOS level. Note that these will not be a ssh = lib.mkDefault true; wireguard = lib.mkDefault true; dns-home = lib.mkDefault true; + opkssh = true; }; }; }; diff --git a/hosts/nixos/aarch64-linux/moonside/default.nix b/hosts/nixos/aarch64-linux/moonside/default.nix index bfbd912..09d244b 100644 --- a/hosts/nixos/aarch64-linux/moonside/default.nix +++ b/hosts/nixos/aarch64-linux/moonside/default.nix @@ -82,11 +82,13 @@ in serverName = "twothreetunnel"; }; }; - restic = { - bucketName = "SwarselMoonside"; - paths = [ - "/persist/opt/minecraft" - ]; + restic.targets = { + SwarselMoonside = { + repository = config.repo.secrets.local.resticRepoState; + paths = [ + "/persist/opt/minecraft" + ]; + }; }; }; syncthing = { diff --git a/hosts/nixos/aarch64-linux/moonside/secrets/pii.nix.enc b/hosts/nixos/aarch64-linux/moonside/secrets/pii.nix.enc index e0d419c..a22bd90 100644 --- a/hosts/nixos/aarch64-linux/moonside/secrets/pii.nix.enc +++ b/hosts/nixos/aarch64-linux/moonside/secrets/pii.nix.enc @@ -1,5 +1,5 @@ { - "data": "ENC[AES256_GCM,data:t3En0FAhzVnLIv9tuvrTtmYMGeKvZ5e3FoVZHlEbHsmvUlVl+t1Po2uANatzIeKX3HRZJ1mURXMKh7Xk9O9DsKssadBYa2YqZTugU5m9o4+xESQlqHlnnKALaiyfSXFlhAZ6X50e8nfPCDLicjKzQnk7S/0XMaFB7XN9T4SfonVLElHSZtmOC+85WgAn4uAyfPq44UDVw116g7ogpjztsCG3deqTxP/mcY5trtk+SCEEHLHO6AiEe+Jz628Z+t+3YttQMKQulrakUzzvP07jQhW4m8X1cQOfX2xeTVTwNiqEq75Pt7g+mycKO952BVmMPYIvQAU2xUNC3YIqaFHUDS2QbooAeSJq8TT/s/zM/tjXXLsA7EsFTcduDKDGXhBFt7AlicruhymgtuGv2IwQLeprytRpwz2wcWFGLeiOKp/Zdqwf/3yhGeYlOEv+yhCXI2oZxS+8q4Vu0ejDkTtSeGzm5EtTrxzmS4X2psq2In+9Jb70TrkutAA6F50VyKJV6WQX7Q9yFU6Z6URHlxpwOUzwpto4Z3gxOn9Hm9VyrhTSJZ7sjd9sYf0WO4CJpUYrTu5/ZRcdy8i6Wu2GA/ylt+XXsG1yicgPxDvUcWSg6VfD5/tSTEHtUUVD/sAf7xl/sPcd76Z1DFfgkfA/s4BbbyZKzaZpAz1WYTuhambFpKWDY8YKCoLZdSCahP0jupm3OcnNw7ZCYu43k2JHp4X1mW0gb4TPvIGOcpC+pJvLsa2Q4AUAt4eUmlMCogJ7R89LPLy3fTYDeQV9ly6Z54N70kfsJVCuzrqOjFS4WxqJPZZ4HcRth4JmFE0mcCDsWQVOGJdJmShFxr7kijEoAyfrrZeRG29PgU+2CCcm2dvswJ8DdEtI4E8i/tOwQlHpUmWAM5dFFvKWZjxd89tofYyB/mrAQwXhD7+9Yu4KJM1C3v2IbrvkOgaSMVL7Ekn5YqU+g2BfGYQbkCYMM3DLpllTMGjiMFeOLgvHPAhA3ozR0KxJUaUVZe5B5XscA1xaKedl3hDxR6A9r/g1EQvv7F0n1rWpJvMVSZ3oo8YmzO2DKDwsfKglkR3TrmvQyPvwO/F5wnKMb2+GWh0EmeQLcxHldB6j5CpAj6O1AqfOZjZNcFc8/RfAdLS+OMXgNaWvahVjlPKqI17zLTSJCaCF8KP/T9Chj90l5XqgPsV0t6bPDueOrBOrieQD8UKOjQHR/fgSunjZQrVfYgDBTilb3UyGJ3sqlL9zcTjTgLkNSkNd41EmnCm6SdB3RpQb1fcXfzuCp4bD5Ty01PU380YWXXkAinXDP8961uexWryckhsCqkfbdDnjti3CPfEOBWc6u1R9cI6oLZRw34NpY/4z/fuLAnxgjEgwLAQLG0am/tT1ySH/Cmfy,iv:aa5FNi/z0WnPHFsLUk3odDnghUq7YyA9U6nI71ug4fI=,tag:kd3TDY3mWiEEXsB9RopnUg==,type:str]", + "data": "ENC[AES256_GCM,data:MeJM7Y4TN0doXAHHxa5y+ZuatVyEsx4HL5sMBGJ77J6VIuqS1GvY9D2p+/JETZx5iwEf+oJ5CMUD4/PQtXbUM7RKzhyzU9AjCdfNos4ZTEyLUhmHgAup2AP0yVO/Qb7dYjDPwbT5wycAAQUx+3xc1GKX93MqsKfNVUqIHWAr20s5ct0RxBylvPWeZA6eNDmcdgNaA5QgKoEDrZtfK3inTg1UmhQZrvw7MWzFN68DdC7FRxeDxSdn1ctucGTJW8k1LT5MdwGCA7nX08vAMG7VBIuj61ZXXU3zFtNRtdHBiyzlqjgInHRWevajK7L/Vjxpy3ffBRAFFQYZi6jVaui5acOywSvCvvrzVKN6Z2Rzc72KfC/np0NElJBrTAqBfQ+8tXrjjd8uaTQXbcXc3qk/y6+kfjOcYB8lk0opA/r33xUR7QkMElu7zuw1+u5ClKTOIZSqkdqrEbTCnw+hn5fL2VH0bShEACXQal6z/XnJSULmzxE5YfSK7qsJxakVux+Ksz3E5EHYgyyMCNk5WEyJtFz5FFBV0+FDbar9ChdLPvY/SEGLGS7ekx6aA/PQGQtb/xsk5pylt5Ie6vxL4YBDAxgm1ss4ciK3HfoAZJnQbfa6kkqm1rfAvzr2rM4WH/Vyocakpqxv16QH4AtbX0A02Y4lwMhxTz+8XRFxLOm4CBXYBddKSMKEaW0VCMEl3U3g4e7vPRg2tp+1WxouJSjbejgnVeq/A026j6ZwQ44xADkWjG+4lCvIO0NLZIv5uE3Sb3a4sW4dphqrQPWMaiOmtzxxZWbO0GTnQ5/U2U6DCdyspGjFEFAGOxduFTBMhIeDzWfHLty/S17Hjaxp+v3qEnOs7aMznIzV/LmzAxMp0CVA6I7ehtzbHVNdaY4DfrrNZJgYzkoUG1F0De5in+Bk6g22UecAXBW2sLugmxPwV14sa0iD4IpAvrGE4LwdnGOFAXWunYvOK2zsn92v7ymESayGj9PqH9srL/yaB/RZuJ3VtwLNgPTc+Ly9G6PL3XMInjWdmI9+wIuBaDyWdUxLZhhlH+njc9Bc/rxQWbXHlggrTFQw+rLlQtw0w6rS+avbC+KDpnhhTKDV4gQZsvY8PpKlsmvgN8g6BKrY25JE9sLBMMxmzSbLfIUDGgfUi7BM9p0l4wpdWrHB+rBQtoULDXCWR3LRD4SnyBoNSgXhoXxMaelUVpfOlY105sLLYxMzkzSijQ+OJ1pST1ED+XEnjddcLJtJ+1zIQ5aRZCYDcRr0FGvLcfW+M2yORIc03r/RI/wKTASezuydtMGibUUwBq1jjb5ZDGQEVdABPCEdqBgubDllFm3JdkyPV6V0EoQ4Qq+dv021exQqclentdBqK/A/LJ+h1QQyg7+wDdeC0sJF0EHP,iv:5u/hx1/P7QsLpx/tXceGMjI2Hh5crdguiI30+HJfd/w=,tag:8k5G2WALcjD8S8lZ30EWGw==,type:str]", "sops": { "age": [ { @@ -7,8 +7,8 @@ "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2YjdYNFF5Q1VzQTZ0WU1z\nN2R6cEVObU9RMXdpd2x0Mjh2cmpvY0VvNjE4CmF5Sm1vZWRoOTFIY2pkQUVRQ3FY\nVEd3eGpCbGQ3cUpvTE9JdjJMWnQvckEKLS0tIFRpZDZ1ZGZKaXpObFhZVlNqV0hB\nT20rRGV6S3gvWkZLUzQzVVNGQWNGVkUK0bAeRuI0vb7MJTtpxuD56nwZAk39sHAa\njEhntqsV9ts1Vbw2f0mZEqDdzd64NTtDm/YIwygZ2udV27mXNhVUVw==\n-----END AGE ENCRYPTED FILE-----\n" } ], - "lastmodified": "2025-12-04T23:10:31Z", - "mac": "ENC[AES256_GCM,data:gNsVWFrs92csjnRvhtXcKLuZUiHo9dxpFRLwjWz7VQSLeOBL4iv+Hq3SNyx4F69AC2nr9HL1QTLzX+444EhDYot0jLqOH6xz/FaQPf6OXKHg+Nr05MUe8X2QsLjodOW81Vv7HqIMypU5dyt0FBr74++9oEz6072AuFl5JAUWIvo=,iv:tGX+wUKvWYOnxVCTqhra7tg+r+TT8tyAr1tlRP2FkWA=,tag:WI5D0FTguiCJcrQh47qJow==,type:str]", + "lastmodified": "2026-01-19T14:14:55Z", + "mac": "ENC[AES256_GCM,data:tNJ4mSS9ulh3sQ1X5ccoswadbnQVm0+3bbyai486ljw59IBkGbf3mo35Dc1PHZJB+zXoiAj7d+hhY7YGJNz7CJjunI0o4+Aj38aEMUa/VpdO0LX+7xTz+r2wX3zaDYbAI16klElXJ30Z8PyVSoGosbz5DbPAKFED7silxVfiPbc=,iv:KOWA4/+jKqbrghw+LW91UQj5+IWSYx2RSi76ew7uNZ4=,tag:znrx6hMqFu+lykXu3DCHMQ==,type:str]", "pgp": [ { "created_at": "2025-06-13T20:12:55Z", diff --git a/hosts/nixos/aarch64-linux/moonside/secrets/secrets.yaml b/hosts/nixos/aarch64-linux/moonside/secrets/secrets.yaml index 08480fc..c78d1a6 100644 --- a/hosts/nixos/aarch64-linux/moonside/secrets/secrets.yaml +++ b/hosts/nixos/aarch64-linux/moonside/secrets/secrets.yaml @@ -16,9 +16,9 @@ microbin-uploader-password: ENC[AES256_GCM,data:20QOWTMLS7iTS/Q=,iv:EuUYcY1l4ykK #ENC[AES256_GCM,data:ZnMVMv6M,iv:z53BHIVvMUfYseftc6DTU9Mlb9ywEvNHv24TvIZiMFI=,tag:QdeWjrw0pmJsXYobADzA1A==,type:comment] shlink-api: ENC[AES256_GCM,data:XdfDJMjyhJyeqVB4RKgCdkWT2nYC/Pw21D8H/JzkGLuwGx8Q,iv:zucJGNLX8018gD34NL/BwTe0fPFucqpBtMCYXd3IGHs=,tag:/sN/ayEhUaCPmu6fS+mMHQ==,type:str] #ENC[AES256_GCM,data:R5mm4WAJww==,iv:6Uyb7Qtl6vt7nur/NLBlrVtKoPkF3ZjXdAhT24HW/ug=,tag:6X9b1zZbpHoEZmaYb9NQSw==,type:comment] -resticpw: ENC[AES256_GCM,data:PcrDphqR5Pin2hM=,iv:lnMlqwyCvbH75qbL2eJYblmuFOaVMmbPHjZ5l0n2Glw=,tag:YUxadLufJ2VPghLded851A==,type:str] -resticaccesskey: ENC[AES256_GCM,data:DOp2cFy1Y5HyXcsQ5O3nsrEOQBtlQQ3P8Q==,iv:0X6HF9kbPNDmhtENHgFeOSHln6xlCf5DNJfqavucDWI=,tag:+THGH00yBT9RhvJtENco2Q==,type:str] -resticsecretaccesskey: ENC[AES256_GCM,data:qpPTWx16Z92cup6ACh2KQPeIk8KPasQB4e/SwxUxfA==,iv:EqWTKXXA7wyArlF+D33tKF37tz8/ORsjsWjRPYBWPqg=,tag:F21+4cL/cozDIene7UQcyA==,type:str] +resticpw-SwarselMoonside: ENC[AES256_GCM,data:+kPee07ZmnAv4V0=,iv:gi7sdKO+WE8qTuYb3wbjgmVzRvmF8hd1h5vV9QDx+6Q=,tag:0/azZWAqeXcXCsmx2HkFmQ==,type:str] +resticaccesskey-SwarselMoonside: ENC[AES256_GCM,data:R9yj4NFFeZ/iU8Jwp5r3BwnZDy1eSWsebQ==,iv:8C05b7pxA7fJC1Mh5oAH1A5LtNYhZaZnQfAjZMURGtc=,tag:pSGpJrOy/i9Iq22OQPtU9g==,type:str] +resticsecretaccesskey-SwarselMoonside: ENC[AES256_GCM,data:8dp2FGgoJa5TBy2HFITO2to8Z4xoowzhLrCZVDLrAA==,iv:2t3CoVp/4+8xZvSjuMnq4d4nFugnL53HPv1r/odKGvM=,tag:I5zxggxsNHVovq8bcRs0Pw==,type:str] sops: age: - recipient: age18quey88vge7xytclg2nuq4ncme86dg04lxwczqxczmdchnjg3p0saehsnh @@ -30,8 +30,8 @@ sops: bURRem1aY203VW0ya0tZWUY3WTJLQ3MKonflaevgNP91G1cVgzoE6/K800kyG6BK Goe81HCYFfm86pzv5wV3/38j7fTZNeZnKwPFkMgEUueF1kA8J9V5CA== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-11-28T17:44:47Z" - mac: ENC[AES256_GCM,data:h3skmRhVfBa/W6GB35O3sHdDLmo/4VQ3rgFbltdweDP+9qbQv+6tduRGknGiQjnyuaGGVyPlEOqfLKzYjP8Jsx+XnprblNfD75yiGckBFQaBKhd8l+hfcYVRNTrKCWkFUrYXIfCWgbrXNmq47SHn0+TBedXRw+9LoSyqsRdIJOk=,iv:Js2C7XfOD4d5fF+Otn7xJxBw0Nfh1cB7oLjyCrUA9es=,tag:4flxdWSlXyslNErlEFM2VA==,type:str] + lastmodified: "2026-01-19T14:13:20Z" + mac: ENC[AES256_GCM,data:XKsR8Gp6UHhAfoOdRozMxoGtdhfV7b6ogsqlqiAfTsuUayVVK6fRIgy5no5jcNnyyN8zveH/QZS1kGpNSY24N0l4gBA3u5ay5fsS0HjfW5b7mNpasOttqCrm6RpY2ZDdTUmsk3F25QEsdc28fajURJKOazZSs78dbdNq1LdJK1s=,iv:TgLuYGZtxx0ZPPeR1M/NgV1Wt7f5V89KEFOpKSjBxws=,tag:I/CGHZcT6n9X8R2EYRbOYw==,type:str] pgp: - created_at: "2025-06-13T21:18:31Z" enc: |- diff --git a/hosts/nixos/aarch64-linux/twothreetunnel/default.nix b/hosts/nixos/aarch64-linux/twothreetunnel/default.nix index 81c5676..34cb243 100644 --- a/hosts/nixos/aarch64-linux/twothreetunnel/default.nix +++ b/hosts/nixos/aarch64-linux/twothreetunnel/default.nix @@ -37,6 +37,24 @@ "moonside" "winters" "summers" + "summers-ankisync" + "summers-atuin" + "summers-audio" + "summers-firefly" + "summers-forgejo" + "summers-freshrss" + "summers-homebox" + "summers-immich" + "summers-jellyfin" + "summers-kanidm" + "summers-kavita" + "summers-koillection" + "summers-matrix" + "summers-monitoring" + "summers-nextcloud" + "summers-paperless" + "summers-radicale" + "summers-storage" "belchsfactory" "eagleland" "hintbooth-adguardhome" diff --git a/hosts/nixos/x86_64-linux/hintbooth/default.nix b/hosts/nixos/x86_64-linux/hintbooth/default.nix index 937ec67..6721ebf 100644 --- a/hosts/nixos/x86_64-linux/hintbooth/default.nix +++ b/hosts/nixos/x86_64-linux/hintbooth/default.nix @@ -27,7 +27,7 @@ info = "HUNSN RM02, 8GB RAM"; flakePath = "/root/.dotfiles"; isImpermanence = true; - isSecureBoot = false; + isSecureBoot = true; isCrypted = true; isBtrfs = true; isLinux = true; @@ -46,6 +46,25 @@ "hintbooth-adguardhome" "hintbooth-nginx" "summers" + "summers-ankisync" + "summers-atuin" + "summers-audio" + "summers-firefly" + "summers-forgejo" + "summers-freshrss" + "summers-homebox" + "summers-immich" + "summers-jellyfin" + "summers-kanidm" + "summers-kavita" + "summers-koillection" + "summers-matrix" + "summers-monitoring" + "summers-nextcloud" + "summers-paperless" + "summers-radicale" + "summers-storage" + "summers-transmission" "winters" ]; }; diff --git a/hosts/nixos/x86_64-linux/summers/default.nix b/hosts/nixos/x86_64-linux/summers/default.nix index ad093b0..8e08ce4 100644 --- a/hosts/nixos/x86_64-linux/summers/default.nix +++ b/hosts/nixos/x86_64-linux/summers/default.nix @@ -53,19 +53,19 @@ serverName = "hintbooth"; }; }; - restic = { - bucketName = "SwarselWinters"; - paths = [ - "/Vault/data/paperless" - "/Vault/data/koillection" - "/Vault/data/postgresql" - "/Vault/data/firefly-iii" - "/Vault/data/radicale" - "/Vault/data/matrix-synapse" - "/Vault/Eternor/Paperless" - "/Vault/Eternor/Bilder" - "/Vault/Eternor/Immich" - ]; + restic.targets = { + SwarselState = { + repository = config.repo.secrets.local.resticRepoState; + # nextcloud stores all data in state dir and has no data that needs backup + paths = lib.map (guest: "/Vault/guests/${guest}/state") (builtins.filter (name: name != "nextcloud") (builtins.attrNames config.guests)); + }; + SwarselStorage = { + repository = config.repo.secrets.local.resticRepoStorage; + paths = [ + "/Vault/Eternor/Pictures" + "/Vault/Eternor/Documents/paperless" + ]; + }; }; }; }; @@ -78,59 +78,31 @@ swarselmodules.server = { wireguard = true; - - nginx = true; # for php stuff - acme = false; # cert handled by proxy - - nfs = true; - # kavita = true; restic = true; - jellyfin = true; - navidrome = true; - spotifyd = true; - mpd = true; - postgresql = true; - matrix = true; - nextcloud = true; - immich = true; - paperless = true; - transmission = true; - syncthing = true; - grafana = true; - freshrss = true; - kanidm = true; - firefly-iii = true; - koillection = true; - radicale = true; - atuin = true; - forgejo = true; - ankisync = true; - homebox = true; opkssh = true; }; guests = lib.mkIf (!minimal && config.swarselsystems.withMicroVMs) ( { } - // confLib.mkMicrovm "kavita" { withZfs = true; } - // confLib.mkMicrovm "jellyfin" { withZfs = true; } - // confLib.mkMicrovm "audio" { withZfs = true; } - // confLib.mkMicrovm "postgresql" { withZfs = true; } - // confLib.mkMicrovm "matrix" { withZfs = true; } - // confLib.mkMicrovm "nextcloud" { withZfs = true; } - // confLib.mkMicrovm "immich" { withZfs = true; } - // confLib.mkMicrovm "paperless" { withZfs = true; } - // confLib.mkMicrovm "transmission" { withZfs = true; } - // confLib.mkMicrovm "storage" { withZfs = true; } - // confLib.mkMicrovm "monitoring" { withZfs = true; } - // confLib.mkMicrovm "freshrss" { withZfs = true; } - // confLib.mkMicrovm "kanidm" { withZfs = true; } - // confLib.mkMicrovm "firefly" { withZfs = true; } - // confLib.mkMicrovm "koillection" { withZfs = true; } - // confLib.mkMicrovm "radicale" { withZfs = true; } - // confLib.mkMicrovm "atuin" { withZfs = true; } - // confLib.mkMicrovm "forgejo" { withZfs = true; } // confLib.mkMicrovm "ankisync" { withZfs = true; } + // confLib.mkMicrovm "atuin" { withZfs = true; } + // confLib.mkMicrovm "audio" { withZfs = true; eternorPaths = [ "Music" ]; } + // confLib.mkMicrovm "firefly" { withZfs = true; } + // confLib.mkMicrovm "forgejo" { withZfs = true; } + // confLib.mkMicrovm "freshrss" { withZfs = true; } // confLib.mkMicrovm "homebox" { withZfs = true; } + // confLib.mkMicrovm "immich" { withZfs = true; eternorPaths = [ "Pictures" ]; } + // confLib.mkMicrovm "jellyfin" { withZfs = true; eternorPaths = [ "Videos" ]; } + // confLib.mkMicrovm "kanidm" { withZfs = true; } + // confLib.mkMicrovm "kavita" { withZfs = true; eternorPaths = [ "Books" ]; } + // confLib.mkMicrovm "koillection" { withZfs = true; } + // confLib.mkMicrovm "matrix" { withZfs = true; } + // confLib.mkMicrovm "monitoring" { withZfs = true; } + // confLib.mkMicrovm "nextcloud" { withZfs = true; } + // confLib.mkMicrovm "paperless" { withZfs = true; eternorPaths = [ "Documents" ]; } + // confLib.mkMicrovm "radicale" { withZfs = true; } + // confLib.mkMicrovm "storage" { withZfs = true; eternorPaths = [ "Books" "Videos" "Music" "Pictures" "Software" "Documents" ]; } + // confLib.mkMicrovm "transmission" { withZfs = true; eternorPaths = [ "Books" "Videos" "Music" "Software" ]; } ); networking.nftables.firewall.zones.untrusted.interfaces = [ "lan" "bmc" ]; diff --git a/hosts/nixos/x86_64-linux/summers/guests/ankisync/default.nix b/hosts/nixos/x86_64-linux/summers/guests/ankisync/default.nix index 84c16b1..1359ff4 100644 --- a/hosts/nixos/x86_64-linux/summers/guests/ankisync/default.nix +++ b/hosts/nixos/x86_64-linux/summers/guests/ankisync/default.nix @@ -36,7 +36,7 @@ }; swarselmodules.server = { - # ankisync = true; + ankisync = true; }; } diff --git a/hosts/nixos/x86_64-linux/summers/guests/atuin/default.nix b/hosts/nixos/x86_64-linux/summers/guests/atuin/default.nix index 6a0e601..7d4eeea 100644 --- a/hosts/nixos/x86_64-linux/summers/guests/atuin/default.nix +++ b/hosts/nixos/x86_64-linux/summers/guests/atuin/default.nix @@ -36,7 +36,7 @@ }; swarselmodules.server = { - # atuin = true; + atuin = true; }; } diff --git a/hosts/nixos/x86_64-linux/summers/guests/audio/default.nix b/hosts/nixos/x86_64-linux/summers/guests/audio/default.nix index 114e332..5f2ddd6 100644 --- a/hosts/nixos/x86_64-linux/summers/guests/audio/default.nix +++ b/hosts/nixos/x86_64-linux/summers/guests/audio/default.nix @@ -36,9 +36,9 @@ }; swarselmodules.server = { - # navidrome = true; - # spotifyd = true; - # mpd = true; + navidrome = true; + spotifyd = true; + mpd = true; }; } diff --git a/hosts/nixos/x86_64-linux/summers/guests/firefly/default.nix b/hosts/nixos/x86_64-linux/summers/guests/firefly/default.nix index 461ebff..26ba724 100644 --- a/hosts/nixos/x86_64-linux/summers/guests/firefly/default.nix +++ b/hosts/nixos/x86_64-linux/summers/guests/firefly/default.nix @@ -36,9 +36,9 @@ }; swarselmodules.server = { - # firefly-iii = true; - # nginx = true; - # acme = true; + firefly-iii = true; + nginx = true; + acme = false; }; } diff --git a/hosts/nixos/x86_64-linux/summers/guests/forgejo/default.nix b/hosts/nixos/x86_64-linux/summers/guests/forgejo/default.nix index f19dc48..5d1822a 100644 --- a/hosts/nixos/x86_64-linux/summers/guests/forgejo/default.nix +++ b/hosts/nixos/x86_64-linux/summers/guests/forgejo/default.nix @@ -36,7 +36,7 @@ }; swarselmodules.server = { - # forgejo = true; + forgejo = true; }; } diff --git a/hosts/nixos/x86_64-linux/summers/guests/freshrss/default.nix b/hosts/nixos/x86_64-linux/summers/guests/freshrss/default.nix index bde8bbb..adf2eca 100644 --- a/hosts/nixos/x86_64-linux/summers/guests/freshrss/default.nix +++ b/hosts/nixos/x86_64-linux/summers/guests/freshrss/default.nix @@ -36,9 +36,9 @@ }; swarselmodules.server = { - # freshrss = true; - # nginx = true; - # acme = true; + freshrss = true; + nginx = true; + acme = false; }; } diff --git a/hosts/nixos/x86_64-linux/summers/guests/homebox/default.nix b/hosts/nixos/x86_64-linux/summers/guests/homebox/default.nix index 062c0df..3f338f6 100644 --- a/hosts/nixos/x86_64-linux/summers/guests/homebox/default.nix +++ b/hosts/nixos/x86_64-linux/summers/guests/homebox/default.nix @@ -36,7 +36,7 @@ }; swarselmodules.server = { - # homebox = true; + homebox = true; }; } diff --git a/hosts/nixos/x86_64-linux/summers/guests/immich/default.nix b/hosts/nixos/x86_64-linux/summers/guests/immich/default.nix index 86a4814..1a94a4f 100644 --- a/hosts/nixos/x86_64-linux/summers/guests/immich/default.nix +++ b/hosts/nixos/x86_64-linux/summers/guests/immich/default.nix @@ -27,8 +27,8 @@ } // lib.optionalAttrs (!minimal) { microvm = { - mem = 1024 * 8; - vcpu = 8; + mem = 1024 * 16; + vcpu = 14; }; swarselprofiles = { @@ -36,7 +36,7 @@ }; swarselmodules.server = { - # immich = true; + immich = true; }; } diff --git a/hosts/nixos/x86_64-linux/summers/guests/jellyfin/default.nix b/hosts/nixos/x86_64-linux/summers/guests/jellyfin/default.nix index 3f80bef..85a3fb1 100644 --- a/hosts/nixos/x86_64-linux/summers/guests/jellyfin/default.nix +++ b/hosts/nixos/x86_64-linux/summers/guests/jellyfin/default.nix @@ -28,7 +28,7 @@ microvm = { mem = 1024 * 3; - vcpu = 1; + vcpu = 4; }; swarselprofiles = { @@ -36,7 +36,7 @@ }; swarselmodules.server = { - # jellyfin = true; + jellyfin = true; }; } diff --git a/hosts/nixos/x86_64-linux/summers/guests/kanidm/default.nix b/hosts/nixos/x86_64-linux/summers/guests/kanidm/default.nix index c70f9df..776e2f2 100644 --- a/hosts/nixos/x86_64-linux/summers/guests/kanidm/default.nix +++ b/hosts/nixos/x86_64-linux/summers/guests/kanidm/default.nix @@ -28,7 +28,7 @@ microvm = { mem = 1024 * 4; - vcpu = 1; + vcpu = 2; }; swarselprofiles = { @@ -36,7 +36,7 @@ }; swarselmodules.server = { - # kanidm = true; + kanidm = true; }; } diff --git a/hosts/nixos/x86_64-linux/summers/guests/kavita/default.nix b/hosts/nixos/x86_64-linux/summers/guests/kavita/default.nix index 4a3027b..91d20a3 100644 --- a/hosts/nixos/x86_64-linux/summers/guests/kavita/default.nix +++ b/hosts/nixos/x86_64-linux/summers/guests/kavita/default.nix @@ -28,7 +28,7 @@ microvm = { mem = 1024 * 1; - vcpu = 1; + vcpu = 2; }; @@ -37,7 +37,7 @@ }; swarselmodules.server = { - # kavita = true; + kavita = true; }; } diff --git a/hosts/nixos/x86_64-linux/summers/guests/koillection/default.nix b/hosts/nixos/x86_64-linux/summers/guests/koillection/default.nix index cbd5f2a..b5e55c1 100644 --- a/hosts/nixos/x86_64-linux/summers/guests/koillection/default.nix +++ b/hosts/nixos/x86_64-linux/summers/guests/koillection/default.nix @@ -36,7 +36,7 @@ }; swarselmodules.server = { - # koillection = true; + koillection = true; }; } diff --git a/hosts/nixos/x86_64-linux/summers/guests/matrix/default.nix b/hosts/nixos/x86_64-linux/summers/guests/matrix/default.nix index 1575ad4..024399b 100644 --- a/hosts/nixos/x86_64-linux/summers/guests/matrix/default.nix +++ b/hosts/nixos/x86_64-linux/summers/guests/matrix/default.nix @@ -27,7 +27,7 @@ } // lib.optionalAttrs (!minimal) { microvm = { - mem = 1024 * 3; + mem = 1024 * 6; vcpu = 2; }; @@ -36,7 +36,7 @@ }; swarselmodules.server = { - # matrix = true; + matrix = true; }; } diff --git a/hosts/nixos/x86_64-linux/summers/guests/monitoring/default.nix b/hosts/nixos/x86_64-linux/summers/guests/monitoring/default.nix index d015cb2..b91ed1a 100644 --- a/hosts/nixos/x86_64-linux/summers/guests/monitoring/default.nix +++ b/hosts/nixos/x86_64-linux/summers/guests/monitoring/default.nix @@ -36,7 +36,7 @@ }; swarselmodules.server = { - # grafana = true; + grafana = true; }; } diff --git a/hosts/nixos/x86_64-linux/summers/guests/nextcloud/default.nix b/hosts/nixos/x86_64-linux/summers/guests/nextcloud/default.nix index d8580b0..3fe0800 100644 --- a/hosts/nixos/x86_64-linux/summers/guests/nextcloud/default.nix +++ b/hosts/nixos/x86_64-linux/summers/guests/nextcloud/default.nix @@ -36,9 +36,9 @@ }; swarselmodules.server = { - # nextcloud = true; - # nginx = true; - # acme = true; + nextcloud = true; + nginx = true; + acme = false; }; } diff --git a/hosts/nixos/x86_64-linux/summers/guests/paperless/default.nix b/hosts/nixos/x86_64-linux/summers/guests/paperless/default.nix index 74fe3a6..8381a04 100644 --- a/hosts/nixos/x86_64-linux/summers/guests/paperless/default.nix +++ b/hosts/nixos/x86_64-linux/summers/guests/paperless/default.nix @@ -27,7 +27,7 @@ } // lib.optionalAttrs (!minimal) { microvm = { - mem = 1024 * 4; + mem = 1024 * 8; vcpu = 4; }; @@ -36,7 +36,7 @@ }; swarselmodules.server = { - # paperless = true; + paperless = true; }; } diff --git a/hosts/nixos/x86_64-linux/summers/guests/postgresql/default.nix b/hosts/nixos/x86_64-linux/summers/guests/postgresql/default.nix deleted file mode 100644 index f94f5f1..0000000 --- a/hosts/nixos/x86_64-linux/summers/guests/postgresql/default.nix +++ /dev/null @@ -1,42 +0,0 @@ -{ self, lib, minimal, ... }: -{ - imports = [ - "${self}/profiles/nixos/microvm" - "${self}/modules/nixos" - ]; - - swarselsystems = { - isMicroVM = true; - isImpermanence = true; - proxyHost = "twothreetunnel"; - server = { - wireguard.interfaces = { - wgHome = { - isClient = true; - serverName = "hintbooth"; - }; - wgProxy = { - isClient = true; - serverName = "twothreetunnel"; - }; - }; - }; - }; - - -} // lib.optionalAttrs (!minimal) { - - microvm = { - mem = 1024 * 1; - vcpu = 1; - }; - - swarselprofiles = { - microvm = true; - }; - - swarselmodules.server = { - # postgresql = true; - }; - -} diff --git a/hosts/nixos/x86_64-linux/summers/guests/radicale/default.nix b/hosts/nixos/x86_64-linux/summers/guests/radicale/default.nix index aa70516..74a6930 100644 --- a/hosts/nixos/x86_64-linux/summers/guests/radicale/default.nix +++ b/hosts/nixos/x86_64-linux/summers/guests/radicale/default.nix @@ -36,7 +36,7 @@ }; swarselmodules.server = { - # radicale = true; + radicale = true; }; } diff --git a/hosts/nixos/x86_64-linux/summers/guests/storage/default.nix b/hosts/nixos/x86_64-linux/summers/guests/storage/default.nix index b6da313..3531298 100644 --- a/hosts/nixos/x86_64-linux/summers/guests/storage/default.nix +++ b/hosts/nixos/x86_64-linux/summers/guests/storage/default.nix @@ -36,8 +36,8 @@ }; swarselmodules.server = { - # nfs = true; - # syncthing = true; + nfs = true; + syncthing = true; }; } diff --git a/hosts/nixos/x86_64-linux/summers/guests/transmission/default.nix b/hosts/nixos/x86_64-linux/summers/guests/transmission/default.nix index e4e7bd3..6afde67 100644 --- a/hosts/nixos/x86_64-linux/summers/guests/transmission/default.nix +++ b/hosts/nixos/x86_64-linux/summers/guests/transmission/default.nix @@ -8,17 +8,12 @@ swarselsystems = { isMicroVM = true; isImpermanence = true; - proxyHost = "twothreetunnel"; server = { wireguard.interfaces = { wgHome = { isClient = true; serverName = "hintbooth"; }; - wgProxy = { - isClient = true; - serverName = "twothreetunnel"; - }; }; }; }; @@ -36,7 +31,7 @@ }; swarselmodules.server = { - # transmission = true; + transmission = true; }; } diff --git a/hosts/nixos/x86_64-linux/summers/secrets/ankisync/secrets.yaml b/hosts/nixos/x86_64-linux/summers/secrets/ankisync/secrets.yaml index 8e3d14f..7b604e9 100644 --- a/hosts/nixos/x86_64-linux/summers/secrets/ankisync/secrets.yaml +++ b/hosts/nixos/x86_64-linux/summers/secrets/ankisync/secrets.yaml @@ -2,56 +2,56 @@ wireguard-private-key: ENC[AES256_GCM,data:oJkwX64LSXAaGXvEKbK5UPVtgFbFZSh9EQD3s anki-pw: ENC[AES256_GCM,data:CVZxqubgfojCeA0=,iv:Ux7k27srI1bMh3nBlGGkuimcJkKkmkjaNBph0X0o5vM=,tag:yUfVrCl1srD1V+3wXSbFug==,type:str] sops: age: - - recipient: age1wmx8y2hs83j2u5srdnfxljrzxm8jtxl6fr0mq7xf2ldxyglpzf2qq89rpx + - recipient: age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBMEM4alliWlBCT3VsbVA5 - OGt5bmQvZW1TaUNkbWtFdzVGNDNpY0hBOVhzCm84TldYNHBrU01HMlBkbGNwZFAw - WVk0T3FycVRHUUNtM1pTYkQ4Qmw3RTgKLS0tIE9LUlNEVjJHOGVIK1RSMmRXUDF6 - QlRKY1hRVzNTVXhESUd3OElXL2pBZXcKDWYoOzi2b4qeIbCVCfTj0lTW+OfbnsXB - 8MugCHu7+b+ju0v/lUP66jDW9/2AH4PzHtCNHjsafyzr2qnW8HlOzA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTVmVIbWc3UzNvQmU5b0cz + Qy9wWjU2MlJQNWNFVlgrVEpJNE12SmJLL3hvCjhZN1JURjVBZVE0R2IwbXhtaGxI + c1U1MlJBMkdWRXRVM3cyUFdCQ3hrTHcKLS0tIGlFZE9Cc05qT0M2cXBRZHZ3L0lm + eWUxa0pZN0hyTjQxRWdzWlBjblh5ak0KmVuGpc7DA+6XZdxJDwHYrJeqs/2fMEUq + w9KscmTXOdWOjIQjexhvhUdKT3eodSEK8MD21K9ebdbyo6fht+xMyQ== -----END AGE ENCRYPTED FILE----- - - recipient: age1c2enwel9un28dcs4wg0vcyamx9a4a6g3walkhu8w5lqhmd804paq9d24as + - recipient: age1kyue7mfvzuxprjz2g6ulz2mxlr57rgzg6lfpnrqedkelehley5ls3enwsd enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJRWJXR2tYdEd4cTZsSi9l - Tm1pSC9pek5BakpEMlkwVTcrMlBuVzlXWUVrCmlnV0xJc25nL0twK3VCZ3FRK2x2 - RW52Q1NxWUhTUGY0NnQ0WEhLMWxIcFUKLS0tIG83eVM0KzdLQ004aDRKNTYvdmVZ - d3ZOSStBMFpSU2ZjNWhFRkREQWlUdmcKggVvLy1mLYGf8084RQtlipS4+z4dfPsN - HZfid0srwYnezlQ5qOY8/HrDLWHEyuZ4xFZVi4n0k49qBpNwJdmvyQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBqdlBYTnQ5NTZSd3V0enFr + QjhCbFNDYks4OGpYVnlsd2oyQWVNZm9raUhzCndCNUpiUytOVTFkT1E3bjZkSk1J + enNpZXBwWlpIMHRKSmo3cHNJaFJLVDQKLS0tIDFyQTcxV3Z5WXpPWU9yZVRabW5u + OSt4dklrQWphdDBvZmtTaHc3MVlQeUUKJJD3xPgCRNqqFxPTENXfUU0CP7Jtc4m8 + gJFyP/XmwC0aGNpU0iQbuBYh74m/0n3dWa39kT0RDuAVxg/dfWtSMw== -----END AGE ENCRYPTED FILE----- lastmodified: "2026-01-08T08:02:47Z" mac: ENC[AES256_GCM,data:bZ0SeyqYFrtn5P5lkuK1aVTKxoMVpN3+CHnvMFp+bIYW3eoDTEAey7otLh8psqS+0r9KnbsDTODTfVn2fX4xmRCI2bchflcJ/O6bnGhFjx0dVlmQXVzZg8LJe4+qvFxdGbwh5yXJnE503wdF5xN6xuvOBLa0Z5yOIsmd+X8c63c=,iv:8BXVbteOxr8ZA5Lo0sGN6JhFZF96gdwy2RjLMgfWPbg=,tag:pBCPHAUeleUaOCMJgGjx+w==,type:str] pgp: - - created_at: "2026-01-02T21:12:51Z" + - created_at: "2026-01-12T22:05:16Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAwDh3VI7VctTARAAmvkQ9V14f0BT/bNdFVZtTlY4yVon37CX32SZPUcHV7o8 - Dya0sZd9tuVATSv79TnybscuNx95fkoZJwujBfAadexn2zY8zl1oEWEHx7p+8/mE - W8JbQAjbcbX9sNQYXc8kYJylBThmgNN/HXK7CGtgDFr9xnGzDBnDm/M31P1HwYBm - IdIQgFGErEt1K3xvw28Lk3tPuZLK3Y+H2Yna7RRF6K1blGJUvEnL6yFdA10/eFW7 - 8066mO26F2l5xFuktK0nNeniLHKa5VVYp8iM+JMhX38l0wiIi8pGyxo3uAjNpa0w - IfpCneEBe/yyaUPcWMjXmUG5LJe3kWUup8cSzvu01Z3W159/QsflxIMkIsklqhim - B2zuPdAlYsjjS/05DIHInN2IIB/rjADkQvXji1XYLhWJj4jxDeck/UIc6Q22TED+ - autlbl8d/5sqyO5ghPpShF/s0vMTqUfpXZrDrbuyDFqCfwi0ahP03bUsv20ZEz6u - zG3K5HuXHh7ATSppwuMbcv7vcjF1tkbo6XhWZDv0rY0DFWqiYhnxWwlFlGLxf4zX - g6r7Ca/E/YXG/eOET6M9DxwHjj0D7u/ryAkCktqPL9w8oNGarZQ/xMx0+ocI3byc - Zvzlmd63BtgaGNSxH3stK29KN3ED8cDkG/JzAxCATWiUBBkqW/ga4sGZqtLlSO+F - AgwDC9FRLmchgYQBD/9JbFZie25PO2CyELlUWm5SmJcugT9SK/mIA2fe1PlA+Gnf - 5z9iXraMSQchz4R1IoiixDhubwKeKp/auqhlOPvo58Lsi6iDR/WaLWabD+hcyAb1 - ck/f/PUzTLhlLcfu18VPfXVzfnky3dX8P5aS0WMLAQblj2RaaiHxnPqf49kXSn3q - VSJ0pr0nEsPuWtoCkHUAwAJ8X5GPXN2OD4YbHsNaA9h2vrJAxNd5+HNsvg8JtI88 - X/uMM7cWcaXcmNZOz166HUIPcJ5cabJ48Sv8sDfMPOcTiJkMiESBnRYTwdUcp08m - nGipSrUeW3pVOC1bGyukZb6sF84pTtCpqS+kOSfKFlxFFdAEcpzFIPuOMeo2dbKj - GSGPDemZFC2yFq883yk9/mZbgjOUsqrj0ZP3rCD5ZHpfUM5IxGQ+mKaOucTXYmif - lrTPMYnAc7pHxKZ87BgiKBYrfRAZvorLYKv8zG8YagAUw8iCtc68YUUdvLW9haQf - rwWCU1z+sszYSac7I57gfqICQhMUbs1n9S2Cn0C0xo4q2Lu36ysip4rEVGg6TmUu - znXYu+3orodw2TwC0tGxXHYKwmlr7EGnBCbdVKpDoCbV6cYkDYoPUFg0alqIPd5r - KCkee9MaCLLX7IdBrbLf1lkHGwSAs81GfZRMLBauM7/hn+hMUeIJnMbtJnVIB9Je - AdT2nSH06+POnjvxa2t0dUasnG/6ISBRSk6FgBBZ+pdVlrvaB4javgWGpiAWCUu6 - b2CMZF3HullmLj+wwAKlsZsIOXGICN5GeQxLHYF8Kx7Doj68Owu/zGM5MS+7XQ== - =wYdb + hQIMAwDh3VI7VctTARAAvuxf0dkraa6xeMfzFlVXfzr0UB8Uz67oh9WrQ+HKIOJr + tFBvGqQn2jxMr1cQxfYLmiqDqcMCKkRUoTde+tlweguea2NlviHdie9cZe9BPFel + iz10v2cfGXLv608deaIxHPoXvr11YDm74EtXI3Jhh9q8WIsjjmH3sg/Aa92Y8P+1 + Bgc5lPI5lgtyQMUDTiJhLWTH05yfhSMZIbgemB3snxPY7gQS7IJ7a2j3smg/Yb+k + 9SFFl4l3D7Aml6K5ZHpAh1fgZmJWGev7qXMwii86g2B+tyY99cwgThlEKqHiTBHF + RaPo4oMHQ3UjHpOjwgD22wKunL3WJWJONA81ACInkyzPJza21CNtEqNLdElWymVF + IrK5oDDTEYlOfbDWFaJlAGAueTnZgHMMp6wDmLzmzkUDSfTYMoMiMoi9CzN878R2 + QA0CXa+8Jjks+lNqmzreoZjJN+Iwip3ojDo9oK7afx8cS+Gat5rU0oBY3lzUJkVU + 9Qo1Z5Td2AGUlrVVvpKDZ1BGuNpNgGVQjOLwysBfv2rFTCWE6feZXQS/He1sz+9C + n4+tHppw8DQMLcjGKOcWFQKooy23SJC6ozvEhV59nKU0S4WXsMIJBaAH9N7yGw+p + +gSZvRLELJyAy4rS73+JKDozxKd1D3m64HdkxCGky9P30kuNvz6AYHLD3Bp+OLKF + AgwDC9FRLmchgYQBD/4pMJqUXAs1grPDANrJULEH7LIRQEK6O+7FyBSrQvXgFICx + Cxagn5ErwDLxbJ6Wkx8vW8hfZ++N3eSVQz2UWMemvWxcakgR6HoAHGtjsmydSzAI + qMHuKTrap2hHRqAKW49R8/9ZVkAP8IitmhsVRw6HGNjMTAh2t9yNXM6yBFIwbKXH + y6LTrLjJ+MmFY2UvkqIx2qFZhgdn7AzNbHriGmE2vSAGC8HVNTIfymuEleNLciRV + l8uoUn81E5NC7OAokCAvBX5CjO3sG8ZP0+wqkax4F1xdiNo+piD5QEx3HbP+fQpH + hUFiw5ZBBMn8LZLTv8HlBXP2GkkaYUO00yjDxkFsws9PrJOs/h/pYi8olaFX5OF+ + o6cuM370tHyXC160aCOKGS5miED6yceT8ixWgj0E4jqyO4WP3RlBiu9OTOsz0J4X + ylFAHdT6Dzlx8q4G5GfjWtHXIjhcR4qOquCI/mk8WkVDDCaOXplme8Ja/EnGT/cj + KEqjebGOINZRW3e1Ip/QAzwXwxM34ZNo6ltBkPGe+QmYIpZVYpQ12mepItduaGXc + LmUxJMODx2p+sgEyZi9lyIFMq/Ny+VifZQ6ux68jPOTq7Act3JRs7irlg5W2BCps + iT/6YnGLvmQMMpEaGtN1QIuXNvpR0QxL0+5x3AxT/eu+3FXuzVDBmb2w3dpq+dJe + Ad1Ft708DUYEAjf05YPsNsS1RycS1rz+WBCx+4bku59v2EHLupK6N2jrXDJbA1YQ + F0RZ8HESgLy6SSZltZaTNfcT4dz5/RFJ2hmk7WRrhzs9k1bX9N8vdYPuc43fhg== + =HCKN -----END PGP MESSAGE----- fp: 4BE7925262289B476DBBC17B76FD3810215AE097 unencrypted_suffix: _unencrypted diff --git a/hosts/nixos/x86_64-linux/summers/secrets/atuin/secrets.yaml b/hosts/nixos/x86_64-linux/summers/secrets/atuin/secrets.yaml index 3ae8d33..d894aca 100644 --- a/hosts/nixos/x86_64-linux/summers/secrets/atuin/secrets.yaml +++ b/hosts/nixos/x86_64-linux/summers/secrets/atuin/secrets.yaml @@ -1,56 +1,56 @@ wireguard-private-key: ENC[AES256_GCM,data:CBL7h5Ip5Fp5tnY0Cg5iRC2MKlPjh6DG9BRVHbD6wuTO/EAV7O/OpSXxxG0=,iv:WnBTR+0GwmUO++JhMd/2alVuIPhXBT50Qwc7Z9umVC0=,tag:4j5ieGF0gedQUD8SWBEQ7g==,type:str] sops: age: - - recipient: age18cgqlely56hgmhscllkmafwpjdk6dwep6ej3vkk97dzemp8jtuksqrrjjl + - recipient: age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBsQjFBcFdBNnB4M1NnT2FL - R2JJd0tKME9IMXZzdS9XckJGenNZNUFHaTBNCnJZUzlNdHlJbUdJeklSWDZmS1lI - MHNTbmY4Z3pvNmE1M213QlNGOVhnWVkKLS0tIGNRQkIwZklxRkMxVHZnZXJldlNy - STVlb2VUNlJqMktneTE4SlhsdEVLaW8KmPgkeyA3S4BI2zaU2QCcpAXrkG5pRMZt - 5nVp+cIBVipDRak+ZmFWpghVUAd6J4rlW/U/t+S6mzRfP8Ni83zOsw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBLb3VuQTBmWXNrSkVQcGZy + bWlSRDdmdUVGYVJ5d1Awc2orMHc0VDdTUDBBCi9ncWU4NWd5R0pqMStvb09NR0Nr + NTlNc3R3YnNmUm5XU01jVmd6OE8vZG8KLS0tIFNqa2xtVk5zWmJTZC9BbGFLQzN1 + aDNGUWo3Z1grUkJqbGlhV3pvNTNVREEKEito29fzKN6Gqzp2z0ZSfeTmYXnvTJGL + CZOLeeXMuaUf0jRD2hZnAJgGpglMjM4rIpEBvwCBHAUUN2/Nh1ONkA== -----END AGE ENCRYPTED FILE----- - - recipient: age1nanlervuderw4qskcuessycqy2yfmptl6nym9scgp9ky2265ssmq3u73r0 + - recipient: age1qpgj3ell93rzkpjq0ezs6t669ds3nyxx67pj50smx597pspz6fqs4jc6pt enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHQkZmRE5YRlVMZUsrano1 - K2VaNnQ0MlVhamx6TWtNWEFtTVczT2tmc0U0ClcrUHJJa0NLR3pYV1JhL2R4ZFF3 - TDE1VFNVOC9tQ01ydVdGTHlHcDBwRlkKLS0tIEpVOVVGZVNMeUJlYWQzc1ZuSzR5 - Q2c0eG9Jb1pVZWpVR3FzdzJXMXI0TTgKQ5u0O365QUiNPXsopBVSwwhVLyqGYp3i - 16Kbj4C0S7tuRzOQObuHgd8zlvgNM+qmqQ7J1mf5VNLn57jLcfYgGQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwb1Z2cVNjVHNINkMwZVhm + c2dVUHRicWJBV0k3dU11QnpLUVk0c05FV1VNCkUvRS9yNml6SjczMGF6c3A1VWtY + cjlTNGl0NkZmNXFKWmRVU1ZlZFdKTk0KLS0tIHo4TmxrYm5scEdjQ1V0RXVHYmFy + bjE0WUoydVRRWDRHRkJtTEtGSHZVRDAKhsuhfBoI1I7pi/DBs4pMSiNzZ3qa23IH + Px5rvj3lMqvBuUHUhKaYIKEs4haNW7lKdVTQt2KZLZ6SUwAhmKZqLA== -----END AGE ENCRYPTED FILE----- lastmodified: "2026-01-07T13:36:32Z" mac: ENC[AES256_GCM,data:TQWNPos7lbjMFN3w8gMUBdik0YqMjW6Wa0qBPHwrnnJZvpOJqzKBmKK4boHD/7kvrOD3yo7RKdp/n2gAJBa0+atSdV6LLf8gFBPOHFa6YWEu2adOjtayDetQiCy8G9ygjC4x/RDt25SUC/+UbgeKuoMKsjN2lOZFe+/zwAYpF0A=,iv:6l9Ev9WQZQMrLhC26z6ydBmbBtQJpJHBM/s97X6I3hk=,tag:QTQVTjOz+R19xWgWOfWC2A==,type:str] pgp: - - created_at: "2026-01-07T13:15:42Z" + - created_at: "2026-01-12T22:05:18Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAwDh3VI7VctTAQ//VjPq0XFqmIXs5IQqTnCCYVYYF93wOrBagxx2NjI7/f4B - pOi0v2a5DJyBAgntCLTCP+AdglEz9QvbFOcDPseFVukmg6c20YYaI9gsq4wI46JW - Ws3j1nHe8nsh6TGJEpHw8Tmx9YrNymXaiwMtpsCfFvEhKrauscSvU4D2WTR2XrTH - nMmLZZkeZ/i3upivrOIMlrogBMN0/Zv0Cb/LBW9ifXen+Rq6LieYuHwJjOtyL9Vj - gpUzqVNutBwlLpoDbb+mRMWUl4G0rVckB6CIsuoKL8YXZEflWF4xO4jxBoa9OIGh - ty5faencnlUWCg/e1NwdoD1U55Qu2Qclu3sfPh4eIdIjcJ4AOhWlfAvybiANiJJO - 7OOALbo1/JJTv5cghVOtOhG7xG5g43WwqH1g9uV1cpUhvyB49Sg28b2qIvi4j8bj - zv2jMj3yceWstAmnqBW3CSWzO2b0U9+k8O4xUo3eJ7Qz1rn5rR1gfsYRT6o7+ev5 - VFRBaY5ax/y3/hxCfvXHsi+ZkvKfoh9a0t2zZrSU9eNxkPNoQTEDqqag0+/+aIJ3 - kesULKl1aANNlk7y2K/B3Ycwta/zSN4lAmMUM1v0H1TlgXBsrQHbv/7gvtrmIcBS - i5fiS4S3o5PEv3dj00LRHYI/mc/yGiwrn0Lhdn5unE8HiQx9f4o4iopE+Q4foIOF - AgwDC9FRLmchgYQBEACGP6RDBC9VrrJqwqXHba8GTgKvjvm1NdHVkswtbBEjTjRp - UCV19Tv1XLBF5jw9eom4ltTgf7PnOxvgadtTptGbT5/TzTPp6nFmAqjOwbyb9OZ5 - VQ4vOyJYXyTokrPAAO1zVEFL3dWVgeZbaGBCD+SoP5I5MkHBTvOiNySZajjyMMzd - rdLwx0HGYHVqhYs9cz+kBitPHino1rFvgWXaWGOb7Oi1IrxIF98Qt/xekST7MK4w - zXzVU1KJBbInvOzx7wISSknK3R5TeN0WIxRZgADgKa26nc18UrzBggx8l0iach0N - GB2vUsiNRT4DlEOG6qDrA1PlYpSWvV15pH5yoUF9bhSWQCIxpO9BOEI8DJ3FnM1l - cjA4GcoaU/4eBQdsW7cJ6I6w/8nPHQbrCjZ+XHQ+a6n6RBK6oNdvj2fnjXy8KwV9 - o9xd4w0ogDoN6h3qjlUxmYqTeZOw8cHNRVcG5fGNPg6jkZINqeVemh43sjeSt0qu - fMum7u4lFFrUElJasFec6SMDPgssMf+9VKpBDc33+hiY/g7i65zeTbfFMojBmt+O - 7MFSguUeQZi5ULxj7FWXLdpnl3nfXK0mhRbuoG071Byo4zMUfNVdeTInKlHxRiPa - rgXqrAJHoWngo9AKuNVQ8VaSE4lPCz2yrmsCHNkRkmNuGwu8lJgLGSEIvzXaVtJe - AQy9uc7cH1zjV/t5MdU8AThSyWnKCp8S5yAAaNAWc1zBj3xrqXuzTJurK5EbwGnt - i/r6xnHZtVW03VXM9KU8VvgV0mJHgEiOu5IjLpGq/16b2Wt8xBn5FI/a7hsO7A== - =DDOY + hQIMAwDh3VI7VctTARAAxBmEq+L+C7Oq0wjXp5pWt76/ItnTLuvY2LryA17mhIzj + 9g3/dAtwD1nUlWPVku7uEC+bBgb1N5jNMgo+D/9gpgT7xTwLBPP6lTdZDOlcLr+F + DF/IDuFJ7nMIbKQ9Q50wuGxppV+OscmYhOYZO4Q1VYydaVFiOa7zcwOQk9a9w09S + l67YN5FYU8jk6S6RDq60+kOHtMIIgo4321QBgq8bQtzpdz6ikQXZG12zfG0R6wqT + 66JiBF2e/EfAdWN92yZtDCfsDOosxmKnz1HNe8thHKOAAN2xXyV0lSKgJ5X80Wuf + WGb9vLKpyl3tkAqf6RLumvZjTm3CY1YAifEuNmvxLL1JKvr2dOatnfV8EurpDji9 + N4RTjDAdSZPKVzzv5bL7BzeJjlIT0zKP96IkmAGFCpMhrrQVL+qxs0Ov+xzYR6uu + bQc38cvIdE3xYclY6dMLwdBpAyb9uij0nb9p/wuNmLYkV1c1tOcErwq80Uban3v5 + YgQ6MaJ6sNYSQNDApxZpsdLi7TG25Pm9rDM4OCbUXIyD6CrHuI/S4kfoCAOv/CcI + 1SCmQIhqkc+tc4bRYSA3vnZ6pRDCzMI16xI4rc1D1gH0Kk5d8eeFtwICKFPh7IAH + p1mfDbkMg/P7yXuXh779YWUzT/p18Z8PErCvVIp5YldF0TMGjlDOTFVZw0HvHFqF + AgwDC9FRLmchgYQBD/wM5Jz6VXbgn52zZ4FN9JNRW6tapuWy7HDmlOrZSMmWPmeX + 5VVDjHZ2o53J21jI/Mm4QZsoKE9+C2JTFDFIOvDeGzrvGF+VTE2EdNGLtU9HzjwK + 0mFnSo0GzSoo6UtrhdI6E6Fa/NjoUXI7n7A8m4Zg87Iq+UrVmiT/DKC9+7dV2zWg + JqZIHmGMItvNTuoUcMZmYG1AQt7dke1eE8cmGyxROLRz+z4laB54pBTIlN30p9Cj + 0f+vqetUwYchZm/Zu8FRPAxD/+WNLmVb08CGU1uO98aE5e6dcglGGX3qlmJZXdbS + XIwTUGEtnQfwDE1FdHdzJGmvnnNUqGRP1/Ld3GMUOcQkqiJa4qgeb///oVBqd6uh + Kfr52CPVariPIfuUVs0nlfNZMnbgo0vN7ri3Thn+IVfIuV4IBp2GXnilbzKyoyOj + q+xDuz6GkUt5bNFAzh/e+xTvXC353F3MBrxuwJ1bQ67mhEUsDwjf2AO1biejLelK + nYID80VWhSFlvmLXuwJpuB87D4CiwqMJeFwzK128VYjxk6I9p4H/4vmhGhkIDqRB + t+vzjK9eTFXdUGz1TJAiIjE3DcQHJpfMfIoVbVOamfROGlPu97owiDGFonQf3XWm + Rgwowom3qmEL17zziCqAQ7i0YxYVo4322vI/IC7u42JZjs9AK3vJdm2Vo5iCkNJe + AVLhenywDkZRvIfNlz5HdV/HdNAl8VvOWoDZGADwTM5r/n9d/6CQkk2whE/uGrMT + i5NaKF8Zgv1CteuAPiXsZsIZsqW5W7neOFeYwToaQT5mOLM5UD9Ev2NZh9RzOQ== + =FbVY -----END PGP MESSAGE----- fp: 4BE7925262289B476DBBC17B76FD3810215AE097 unencrypted_suffix: _unencrypted diff --git a/hosts/nixos/x86_64-linux/summers/secrets/audio/secrets.yaml b/hosts/nixos/x86_64-linux/summers/secrets/audio/secrets.yaml index 4c058cb..52112ca 100644 --- a/hosts/nixos/x86_64-linux/summers/secrets/audio/secrets.yaml +++ b/hosts/nixos/x86_64-linux/summers/secrets/audio/secrets.yaml @@ -2,56 +2,56 @@ wireguard-private-key: ENC[AES256_GCM,data:9elXuNwaA1gJ/KtVnlkFbovrDGmPUfiUAlzej mpd-pw: ENC[AES256_GCM,data:prKWr8XWo2jc3DBwqMcplwS5tUadHx4RWQ==,iv:jmUj+89dCc3cHjejikTfYIXlEI1K2/Uy3uSxzcx0wbk=,tag:/hXqt2ZH9pU0IY0gMmPl+g==,type:str] sops: age: - - recipient: age1wmx8y2hs83j2u5srdnfxljrzxm8jtxl6fr0mq7xf2ldxyglpzf2qq89rpx + - recipient: age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBMEM4alliWlBCT3VsbVA5 - OGt5bmQvZW1TaUNkbWtFdzVGNDNpY0hBOVhzCm84TldYNHBrU01HMlBkbGNwZFAw - WVk0T3FycVRHUUNtM1pTYkQ4Qmw3RTgKLS0tIE9LUlNEVjJHOGVIK1RSMmRXUDF6 - QlRKY1hRVzNTVXhESUd3OElXL2pBZXcKDWYoOzi2b4qeIbCVCfTj0lTW+OfbnsXB - 8MugCHu7+b+ju0v/lUP66jDW9/2AH4PzHtCNHjsafyzr2qnW8HlOzA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkVFhPK0tVanQza3ZRZFRV + dVppUzJxeDF0T3Q1bVhwRG5LUUxjNmJuYkEwCkIwaW43WUJQeGhIZU9na3J5VGdv + MUZkT0c3TjhleEkxT1pTYXJEZlk5WUEKLS0tIHprTm9OUGVBbHVCVG5LcXdiRitO + WmNEZVAzb0Z3VmlJdUY2MmoxcS9FcGsKWX4LJd/06YtoplqG3gnXdn8Q3T/TXELM + WxGx8O0tFwCSWsW1qenMWtmHc4hA5edhdgpNY0Qng1KKc/8/IKibtQ== -----END AGE ENCRYPTED FILE----- - - recipient: age1c2enwel9un28dcs4wg0vcyamx9a4a6g3walkhu8w5lqhmd804paq9d24as + - recipient: age1f63r2klnpfxmntswz5xydpa75ckgjqcs2yzkm0msqwqgz9aqgu0qwzr659 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJRWJXR2tYdEd4cTZsSi9l - Tm1pSC9pek5BakpEMlkwVTcrMlBuVzlXWUVrCmlnV0xJc25nL0twK3VCZ3FRK2x2 - RW52Q1NxWUhTUGY0NnQ0WEhLMWxIcFUKLS0tIG83eVM0KzdLQ004aDRKNTYvdmVZ - d3ZOSStBMFpSU2ZjNWhFRkREQWlUdmcKggVvLy1mLYGf8084RQtlipS4+z4dfPsN - HZfid0srwYnezlQ5qOY8/HrDLWHEyuZ4xFZVi4n0k49qBpNwJdmvyQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5eUkrL1Bja2g2TDAzZkpr + Wm1IalhEdWNlTUxyd1lqL21pNWtZZmVhTUJFCll2V2ZTYjd3Z01vT3NQTTBpMk1Q + cGV5MjVuQjg0N3VvSzB5OEZnUzJDOVkKLS0tIG1hWCs0K0ptQ0N1WkFPNGNnRVJo + dC9HZnJuUGF1TElMckhTNS90VzBxVTQKt9wAUfJRc7fFLwzOiPN5ilDCY/nl1DPL + 0KGjEPHfATki2sq7pIjAeY7J2LWwdnxLT4/mdj0xCltPB4zCpvEFqw== -----END AGE ENCRYPTED FILE----- lastmodified: "2026-01-08T08:00:54Z" mac: ENC[AES256_GCM,data:QMkeCVeiq7+b4ft6ykag3VO5FDqIQp0hsBTnSEduYiA0FIR4QYmDhGVHUipUSZH/xllflxMv/CXNQqtW852LWWy8PXn7GzEXn3nEjRBZi89sEOoh03I6SfQMDWYR5wjKBy1hL7e8dZfEGONZobViM7U9YynEFqYpkvd1fK97DB4=,iv:MbchKNzaDBMF/YbBxkEUwxA0Uc/+fju4dgl/28trVV8=,tag:VwfuskgULOyBdJmJ2LCVxg==,type:str] pgp: - - created_at: "2026-01-02T21:12:51Z" + - created_at: "2026-01-12T22:05:19Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAwDh3VI7VctTARAAmvkQ9V14f0BT/bNdFVZtTlY4yVon37CX32SZPUcHV7o8 - Dya0sZd9tuVATSv79TnybscuNx95fkoZJwujBfAadexn2zY8zl1oEWEHx7p+8/mE - W8JbQAjbcbX9sNQYXc8kYJylBThmgNN/HXK7CGtgDFr9xnGzDBnDm/M31P1HwYBm - IdIQgFGErEt1K3xvw28Lk3tPuZLK3Y+H2Yna7RRF6K1blGJUvEnL6yFdA10/eFW7 - 8066mO26F2l5xFuktK0nNeniLHKa5VVYp8iM+JMhX38l0wiIi8pGyxo3uAjNpa0w - IfpCneEBe/yyaUPcWMjXmUG5LJe3kWUup8cSzvu01Z3W159/QsflxIMkIsklqhim - B2zuPdAlYsjjS/05DIHInN2IIB/rjADkQvXji1XYLhWJj4jxDeck/UIc6Q22TED+ - autlbl8d/5sqyO5ghPpShF/s0vMTqUfpXZrDrbuyDFqCfwi0ahP03bUsv20ZEz6u - zG3K5HuXHh7ATSppwuMbcv7vcjF1tkbo6XhWZDv0rY0DFWqiYhnxWwlFlGLxf4zX - g6r7Ca/E/YXG/eOET6M9DxwHjj0D7u/ryAkCktqPL9w8oNGarZQ/xMx0+ocI3byc - Zvzlmd63BtgaGNSxH3stK29KN3ED8cDkG/JzAxCATWiUBBkqW/ga4sGZqtLlSO+F - AgwDC9FRLmchgYQBD/9JbFZie25PO2CyELlUWm5SmJcugT9SK/mIA2fe1PlA+Gnf - 5z9iXraMSQchz4R1IoiixDhubwKeKp/auqhlOPvo58Lsi6iDR/WaLWabD+hcyAb1 - ck/f/PUzTLhlLcfu18VPfXVzfnky3dX8P5aS0WMLAQblj2RaaiHxnPqf49kXSn3q - VSJ0pr0nEsPuWtoCkHUAwAJ8X5GPXN2OD4YbHsNaA9h2vrJAxNd5+HNsvg8JtI88 - X/uMM7cWcaXcmNZOz166HUIPcJ5cabJ48Sv8sDfMPOcTiJkMiESBnRYTwdUcp08m - nGipSrUeW3pVOC1bGyukZb6sF84pTtCpqS+kOSfKFlxFFdAEcpzFIPuOMeo2dbKj - GSGPDemZFC2yFq883yk9/mZbgjOUsqrj0ZP3rCD5ZHpfUM5IxGQ+mKaOucTXYmif - lrTPMYnAc7pHxKZ87BgiKBYrfRAZvorLYKv8zG8YagAUw8iCtc68YUUdvLW9haQf - rwWCU1z+sszYSac7I57gfqICQhMUbs1n9S2Cn0C0xo4q2Lu36ysip4rEVGg6TmUu - znXYu+3orodw2TwC0tGxXHYKwmlr7EGnBCbdVKpDoCbV6cYkDYoPUFg0alqIPd5r - KCkee9MaCLLX7IdBrbLf1lkHGwSAs81GfZRMLBauM7/hn+hMUeIJnMbtJnVIB9Je - AdT2nSH06+POnjvxa2t0dUasnG/6ISBRSk6FgBBZ+pdVlrvaB4javgWGpiAWCUu6 - b2CMZF3HullmLj+wwAKlsZsIOXGICN5GeQxLHYF8Kx7Doj68Owu/zGM5MS+7XQ== - =wYdb + hQIMAwDh3VI7VctTAQ/8CK6XOO+aso5SPpmPytXSyMW0D2GPtsQGloehxIeSWcSC + oUKgC4PuiTB3RBKIrYkySo3a/5esJoCvB9U2oShIf8ONHHvdrqIU6+gl5n/4LcOo + V7vCy2qYs2qZkch/4KRQYDUsBbGomoEoOVachvrI5EQLViBcZ67JUiaX2vlrmycU + udDehrw9BeHWLPZ3B2cmVH4IH3ylZqFtU8xzV770IKqdCirbv5c/Rz8XynpIqKZv + dzzXIjVvWp/n0C9nLuNWj2XYFTSSDE//k3hXQ6zDXnuAM6/1tlp8Ym0/CxpRe1cf + rx2XKa41J3Tq6kJK5d+BKY2TzC9rimO2DAvvDe1dPYofQd/YGmXMII71j3xSitsm + MCyR9X4fA+MiY89kf+keAg/UggvyBPitbimvUJXiuDuSRdkMxPnpP7cNYnzPdyy+ + DK6nqujDsw0JvRGyP/vvMk50hmniJTVtJtg5g6VOrfZ8wVN/8lHqe75oTy4nr2Ai + /0vKWMw78K8xsD/Sok1T9KDquov5DpLz0r8HnbfpRShSOzHOsFAgAjJrVjTeDMuy + 9ZayxRVv9TLw5SDUmeCJsiiYjzySHKxw42qAVBb8XDRMTZXWoDczG0qtTpB6HhJj + ZNBpOTttnaKJDz8Njsdw36zEJnxtyRWGeR35g38ikrzaKJTUvRPx0f91D/o4kZCF + AgwDC9FRLmchgYQBEADLSYEbTJgmYy8eE5ut8SldIpx0FNlZ50cDsbX3SB7H0+Lh + nEhy8TFRm9nj0Hu839EpnmS7fydlV+ba+NztIFk7NvrDt6vsf2gETO1NJbOrGv2X + iDIX1fuSZPO0MGdX4Jtj3tgSbT3LR62mLZBwdDl45PaT27E1Kf/2N8FYcZVsU/Fw + CFxngjVm8vngjBMOBLRumG3LOzgL+AUMjfJNrIkPwCqrfvBfuAZR8QQbpnqbIMFn + Qko/qYQKT0Q7+Gc5VC6nqITuG1UegDTolKFKncr0CG+tV6ydvvMpp7GYhDv2iFrS + GK+Lc2QHnS1uzb7gWoEbemwirJ9jax1Vs51pTwH6JuxMux4CKx2V5xDhvjKqbutM + l7qGVJdfnfe7uooP9mPZMoyhbm1rzkQzN1yXkkEVl8v9QMNpCTSC/Z3WSJdhnXTT + WCz3XgOZNld8xfyP/DvmBOSIx1ywhVxPiWPcMRU/bQMFwKrapmDqEeOCT8cm8yMt + FIpBxzD/DO6qgcegWPgNPhs4GYrIxRIBUloinvDPDj1qPX0wAk/4LVm8UTG32Mo/ + oyBVWu6Z+OpqfOJqIjapRwpYcaZj3GPgJR7qt6JK+uSSHQZQdBdhXtBCdIivlRjs + qkn7YZqLYC1Xfo9XbC9aQDZNAaQcxxM4bMMJCkJiTN76kIl35XLG9ggUff8ncdJe + AbcUeV780SsPhEVmokT8Dl2QwJ9ndA5IVoYue7SA4/Aaj/iy0nlMMUSWi0xzoB+d + Ztu27YrQwkHeFSoVeePm7kNScQsz63mByZn8s8n1Cu9gKO+Klo7ewMLgjkhPfQ== + =WLga -----END PGP MESSAGE----- fp: 4BE7925262289B476DBBC17B76FD3810215AE097 unencrypted_suffix: _unencrypted diff --git a/hosts/nixos/x86_64-linux/summers/secrets/firefly/secrets.yaml b/hosts/nixos/x86_64-linux/summers/secrets/firefly/secrets.yaml index 8be7ce8..c9a2874 100644 --- a/hosts/nixos/x86_64-linux/summers/secrets/firefly/secrets.yaml +++ b/hosts/nixos/x86_64-linux/summers/secrets/firefly/secrets.yaml @@ -2,56 +2,56 @@ wireguard-private-key: ENC[AES256_GCM,data:PGK3JHj/xacJgxx6Ubwz/3bQlE2hYQXM6A2Lv firefly-iii-app-key: ENC[AES256_GCM,data:Wu/gr1vzVcRXm96hTvSO9bIRsvZ//2ZsTVJ9igrPU1h5dGV0fkI4rwQfb+5zhy4f56Na,iv:5+c0DYC0qVNRQMwibCpWfN/ZIiDUTtjXhKuZxMq+qs8=,tag:Jx2axAZr95/EqvH2gl+rYA==,type:str] sops: age: - - recipient: age1wmx8y2hs83j2u5srdnfxljrzxm8jtxl6fr0mq7xf2ldxyglpzf2qq89rpx + - recipient: age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBMEM4alliWlBCT3VsbVA5 - OGt5bmQvZW1TaUNkbWtFdzVGNDNpY0hBOVhzCm84TldYNHBrU01HMlBkbGNwZFAw - WVk0T3FycVRHUUNtM1pTYkQ4Qmw3RTgKLS0tIE9LUlNEVjJHOGVIK1RSMmRXUDF6 - QlRKY1hRVzNTVXhESUd3OElXL2pBZXcKDWYoOzi2b4qeIbCVCfTj0lTW+OfbnsXB - 8MugCHu7+b+ju0v/lUP66jDW9/2AH4PzHtCNHjsafyzr2qnW8HlOzA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJWkVMY3FMV2poVW4yMkpP + OE9idHFvd3RxOVM5QVp6RU15R01ocVpZalh3CjRuWGRwektMa0kvZ21ucXRCTnFL + TStZSHdLOUhjS2FZYkNJU3dZalhkT2sKLS0tIEhpRTBMVjZzcHBjYkdnMFhxYUZR + YVhteGpyM0szc3hFOGdlOG4zTzVPVEEKij1r1aB2Z1aSN7kYB+ZS7GExkSOzv6NJ + AdMEkwaO3v0zdPh1CM+4d4MwTDhtwUoRwkBjN8sbCPrPozp7wZz+gQ== -----END AGE ENCRYPTED FILE----- - - recipient: age1c2enwel9un28dcs4wg0vcyamx9a4a6g3walkhu8w5lqhmd804paq9d24as + - recipient: age17328xwk0z3znalpmma5rvp0lt5ghn5p8xfvnrtdxwsw80dqysacqj9j37q enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJRWJXR2tYdEd4cTZsSi9l - Tm1pSC9pek5BakpEMlkwVTcrMlBuVzlXWUVrCmlnV0xJc25nL0twK3VCZ3FRK2x2 - RW52Q1NxWUhTUGY0NnQ0WEhLMWxIcFUKLS0tIG83eVM0KzdLQ004aDRKNTYvdmVZ - d3ZOSStBMFpSU2ZjNWhFRkREQWlUdmcKggVvLy1mLYGf8084RQtlipS4+z4dfPsN - HZfid0srwYnezlQ5qOY8/HrDLWHEyuZ4xFZVi4n0k49qBpNwJdmvyQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJYkFhWjlucDByY2U5M2R0 + THZhNGZOTEdwRW4rR2hqQ0t1anBydnpzaXhnCkZZbmt2MEZSSjdwUkxKVVlaNUpr + Qkp4OUVVd05jZEc1dSsxdXpZV2lSQkEKLS0tIHlNMzNlK2xVcVJVSVBlTGxtWUND + MU9HcURLQXJVVnhUbkozRUNYZDdjU3MKXGFS875yubuu5HJE5Iu1QMzdSM3BsnkH + YytEKFSIXQ+8Seu6lYSkGvdHgE3V7AQ8iamtWbO2Q7/6tUBw8EQ78w== -----END AGE ENCRYPTED FILE----- lastmodified: "2026-01-08T08:02:26Z" mac: ENC[AES256_GCM,data:lqey6BT0Wf/manMLp7LyApRqtnerCHrPndo3w/9i3GBkpWeas9JLx6+sXZFdodc3tLjA00FF0MLm0sjDSWSz3fDfSclVNEYWUdrspH9W0a6p95GAdclJARna9ncVG2pn+Hk1QoD5EjEhvOayz2A7e3yIO2aBh8U6coc21h9L0lo=,iv:n68z6eL9UYI28eBJzYe+1QLOfkE4Fba69VgOCnFVELg=,tag:a6jli1+cn8s0Mlg65sVy8w==,type:str] pgp: - - created_at: "2026-01-02T21:12:51Z" + - created_at: "2026-01-12T22:05:21Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAwDh3VI7VctTARAAmvkQ9V14f0BT/bNdFVZtTlY4yVon37CX32SZPUcHV7o8 - Dya0sZd9tuVATSv79TnybscuNx95fkoZJwujBfAadexn2zY8zl1oEWEHx7p+8/mE - W8JbQAjbcbX9sNQYXc8kYJylBThmgNN/HXK7CGtgDFr9xnGzDBnDm/M31P1HwYBm - IdIQgFGErEt1K3xvw28Lk3tPuZLK3Y+H2Yna7RRF6K1blGJUvEnL6yFdA10/eFW7 - 8066mO26F2l5xFuktK0nNeniLHKa5VVYp8iM+JMhX38l0wiIi8pGyxo3uAjNpa0w - IfpCneEBe/yyaUPcWMjXmUG5LJe3kWUup8cSzvu01Z3W159/QsflxIMkIsklqhim - B2zuPdAlYsjjS/05DIHInN2IIB/rjADkQvXji1XYLhWJj4jxDeck/UIc6Q22TED+ - autlbl8d/5sqyO5ghPpShF/s0vMTqUfpXZrDrbuyDFqCfwi0ahP03bUsv20ZEz6u - zG3K5HuXHh7ATSppwuMbcv7vcjF1tkbo6XhWZDv0rY0DFWqiYhnxWwlFlGLxf4zX - g6r7Ca/E/YXG/eOET6M9DxwHjj0D7u/ryAkCktqPL9w8oNGarZQ/xMx0+ocI3byc - Zvzlmd63BtgaGNSxH3stK29KN3ED8cDkG/JzAxCATWiUBBkqW/ga4sGZqtLlSO+F - AgwDC9FRLmchgYQBD/9JbFZie25PO2CyELlUWm5SmJcugT9SK/mIA2fe1PlA+Gnf - 5z9iXraMSQchz4R1IoiixDhubwKeKp/auqhlOPvo58Lsi6iDR/WaLWabD+hcyAb1 - ck/f/PUzTLhlLcfu18VPfXVzfnky3dX8P5aS0WMLAQblj2RaaiHxnPqf49kXSn3q - VSJ0pr0nEsPuWtoCkHUAwAJ8X5GPXN2OD4YbHsNaA9h2vrJAxNd5+HNsvg8JtI88 - X/uMM7cWcaXcmNZOz166HUIPcJ5cabJ48Sv8sDfMPOcTiJkMiESBnRYTwdUcp08m - nGipSrUeW3pVOC1bGyukZb6sF84pTtCpqS+kOSfKFlxFFdAEcpzFIPuOMeo2dbKj - GSGPDemZFC2yFq883yk9/mZbgjOUsqrj0ZP3rCD5ZHpfUM5IxGQ+mKaOucTXYmif - lrTPMYnAc7pHxKZ87BgiKBYrfRAZvorLYKv8zG8YagAUw8iCtc68YUUdvLW9haQf - rwWCU1z+sszYSac7I57gfqICQhMUbs1n9S2Cn0C0xo4q2Lu36ysip4rEVGg6TmUu - znXYu+3orodw2TwC0tGxXHYKwmlr7EGnBCbdVKpDoCbV6cYkDYoPUFg0alqIPd5r - KCkee9MaCLLX7IdBrbLf1lkHGwSAs81GfZRMLBauM7/hn+hMUeIJnMbtJnVIB9Je - AdT2nSH06+POnjvxa2t0dUasnG/6ISBRSk6FgBBZ+pdVlrvaB4javgWGpiAWCUu6 - b2CMZF3HullmLj+wwAKlsZsIOXGICN5GeQxLHYF8Kx7Doj68Owu/zGM5MS+7XQ== - =wYdb + hQIMAwDh3VI7VctTARAAmUd73XL+lkM83C7ysNjtPbfHXiTVLUu1rgd9zyfM0iiY + yZ+t0FbgQ9fiRTz7myrry/EYTVo7iCWZGS+v6qYfXvOdQfRdn+0///VHZS3iL60+ + V3/idjs5029dpxQg47FS1DzwKs/Vyz8VEJz7ppOHFsuwE3Mb90+W0dccfXqE/MG9 + wCfidUaP2CQVtjcLQRUSpk7kAUONZF81nWQfLcR0jJA00hlyjNKftKTasEPouiWB + QbkDkvTLYZg+2PbCx7r648BlWlR+7gDhjanDZi40i+CarmUD2zutscza9hx8H6JA + 1PzYZ2BgW/A8Dogtmy6iJ5INB4Eyd9FiIr/CG4wizWbB6a/0QY8V9+iAI4aflvoU + 6/HQ/BYSgqd/C+NjlNAXBBEjSXhrFbtEo1K1Sb0Z+Q2OKK19sJrrv8shGl0gtUi2 + xSbVUUff2KnIWrX7tpNdveAkpX2Bs1ijzHxnQOVTwJyKetUoxVZB3ir3JnWqTfkF + XQwcJawvzwN7wHRIasBUh+FdZZSDsM9ujApKJiNKRz4ZIFaoallV95+YyU5cl00Y + g2wVfDgXdwnBQQKxa0NqNC+DGdEKc9Tfv01nz90rlbEUmTBKWD+sZGm/rsq4NV7c + yBqy6hLkE516wT0F6Z0osMtW8RmTARx2ayv1glwdRVTo9Qs8RkDxjRmy/r0/2dKF + AgwDC9FRLmchgYQBEACGlxYcVJzuJZn+oSMxRtirnpFNeKOgvlbgc5Jy/HmCQBge + I/h7QEaevr0XSmPc311OekXOWIVF6JOf6HJQsN0W6oU5uo7fXecqpEG5WqVQjouJ + +sVxcPAZVGbbhTycf9VXySilGXFbCbiM8nBHYF5VrCTrRYpnmJBnJ1qJ2qfzG+4C + Iys2UQHymHfumz5qj28VDv/j+DTn0ZbYEbIE9vhhtYngzXOBYkPdOX8YsWkQvGB8 + AhCO4OMGNbisIjufc6TTrVO2edqt2JcacXrSzOHj5lNpGqpK45a9lDKjm5eQAO2V + SJu5MPC5S9lLn4SjzHGMQBAr5WFH9GcftWs0WIPrPqJxRVXQt/av/fBMrnsoI0K8 + XEfyfOL56KcG95xnXFJzcgQJ1RnXAQzGPVv3fPvA39EyHDUu2VM4hN167+Y8Jgns + Iaxb2xMl1qXB6dUD/8mpyCzXdsp5JtK4jPGfOk6A2Uj4EWALbTpGhcGuPJ59Qe23 + Aao0N5Q6NU0EGzzgHMu4S+VMWk91Tol9tIgYCf80aXB30lQ1lFoXWhnItg7jrm81 + a1f+f25UKyDPQBMFmNwbmp4xjEsFqOTvGJJ1K3lI1OCGNnCeKuonpcBZlH2FovLi + c9+P8rvmmzucTndDt41ywXNaSqDl0yB+Qu/rTG4ov/17Y0vZ9sUn2kDJlfEtbdJe + AfHjxuXT9nVKeWi93hFn1Gea7oOXMeh18KqBMS440ZiymFrR5EPadXSTtQiK/LyX + 6VdwX+N/bGLdwMN+AQ3hMe/q5XtwaXle1MGTFqFdG6OjHlQDLgxng5gAP3k+5A== + =18JY -----END PGP MESSAGE----- fp: 4BE7925262289B476DBBC17B76FD3810215AE097 unencrypted_suffix: _unencrypted diff --git a/hosts/nixos/x86_64-linux/summers/secrets/forgejo/secrets.yaml b/hosts/nixos/x86_64-linux/summers/secrets/forgejo/secrets.yaml index 1b59023..074fe3e 100644 --- a/hosts/nixos/x86_64-linux/summers/secrets/forgejo/secrets.yaml +++ b/hosts/nixos/x86_64-linux/summers/secrets/forgejo/secrets.yaml @@ -2,56 +2,56 @@ wireguard-private-key: ENC[AES256_GCM,data:2/usWvtboQJ3Yc5ixT/7ZUvk74aZqYr7ZUZVE kanidm-forgejo-client: ENC[AES256_GCM,data:0S2Wt2/hP8e5qMXgI2cM3GApWoQ9pEHwiA==,iv:Utq8Q1LWk0TefpcwhSvXrulrgslCSnPanGGHSMPi/pA=,tag:ou/1y+DtFi/z4P54zzZ2Uw==,type:str] sops: age: - - recipient: age1wmx8y2hs83j2u5srdnfxljrzxm8jtxl6fr0mq7xf2ldxyglpzf2qq89rpx + - recipient: age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBMEM4alliWlBCT3VsbVA5 - OGt5bmQvZW1TaUNkbWtFdzVGNDNpY0hBOVhzCm84TldYNHBrU01HMlBkbGNwZFAw - WVk0T3FycVRHUUNtM1pTYkQ4Qmw3RTgKLS0tIE9LUlNEVjJHOGVIK1RSMmRXUDF6 - QlRKY1hRVzNTVXhESUd3OElXL2pBZXcKDWYoOzi2b4qeIbCVCfTj0lTW+OfbnsXB - 8MugCHu7+b+ju0v/lUP66jDW9/2AH4PzHtCNHjsafyzr2qnW8HlOzA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBZZmZSdzdjUm1wRlo2aEgz + QVU5VHp4OGJsZmZaaTJOOURlczgvd21oM0RvCndQM2ZHMXNNQ2dnc2tNU2RLcFRx + UDlUZlBTdmZSR3dRNXNxRHc2a3cwdmMKLS0tIFZLYjlQdUIyTjM3SEluUVFyMTFE + Ly9qUUFqYXpDSGVrN2VkYmEvUkQ3clUKpgrTAWRPGuwyZL1PGVBhskPLxXt/j3Ez + iCEGbfAhrVeXRZuX/KXhjzefrjfrAq8ClZqdLatWF19L9lrVU8ytDg== -----END AGE ENCRYPTED FILE----- - - recipient: age1c2enwel9un28dcs4wg0vcyamx9a4a6g3walkhu8w5lqhmd804paq9d24as + - recipient: age1qdzkn6v3xhrfjwe8jxz3945dhyyhevwal0narjtr8whf9y7nh3wsn524u5 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJRWJXR2tYdEd4cTZsSi9l - Tm1pSC9pek5BakpEMlkwVTcrMlBuVzlXWUVrCmlnV0xJc25nL0twK3VCZ3FRK2x2 - RW52Q1NxWUhTUGY0NnQ0WEhLMWxIcFUKLS0tIG83eVM0KzdLQ004aDRKNTYvdmVZ - d3ZOSStBMFpSU2ZjNWhFRkREQWlUdmcKggVvLy1mLYGf8084RQtlipS4+z4dfPsN - HZfid0srwYnezlQ5qOY8/HrDLWHEyuZ4xFZVi4n0k49qBpNwJdmvyQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBaT2EwNlBDMHBXSEhNam9W + WTAzWlNxTHNoSm1ZcGZaV2liN2E0b3UvcUNnCkNOQmxXMHZveDgzVFAzL3NLRm1M + ZlBVUCtpUjJ0ZzFEL3N6Njk1VTlFUDQKLS0tIDRKRTdHcUJyRUZ4RDZHN3ZTWXZT + Nms2RkhTMmJyVlA0WWI1Y2Q2ZHpXV3MKQKvjzOvay04EATmgojC72aqbhq83c7jA + 0guRoaULHaszycMsqICteNRn+tdLBh8L6EHXZC1GlJzm0e9WMeAOsw== -----END AGE ENCRYPTED FILE----- lastmodified: "2026-01-08T08:03:05Z" mac: ENC[AES256_GCM,data:Ko12SPrZ65B+T8JIERI8a08uN87wwVndIweIxbr+TkcEsRyLCPziB8tMsTGtDIZkTG7dJywT/SeZ9gqnMgiH9mvsk7Uqi0hrmEf65fsqCVGTOi17DBRGS2rwbXkEmT3xiSL2LSe6+9rjlZ5B9ZUfO3hdhw+jy7rSdcaLu7R8LL0=,iv:GPBDabdBLbCYuKr//XlC578Mpw9LGJ/gM1etek/PtWI=,tag:5/qXhTCHxiCRka4N2qYVzw==,type:str] pgp: - - created_at: "2026-01-02T21:12:51Z" + - created_at: "2026-01-12T22:05:22Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAwDh3VI7VctTARAAmvkQ9V14f0BT/bNdFVZtTlY4yVon37CX32SZPUcHV7o8 - Dya0sZd9tuVATSv79TnybscuNx95fkoZJwujBfAadexn2zY8zl1oEWEHx7p+8/mE - W8JbQAjbcbX9sNQYXc8kYJylBThmgNN/HXK7CGtgDFr9xnGzDBnDm/M31P1HwYBm - IdIQgFGErEt1K3xvw28Lk3tPuZLK3Y+H2Yna7RRF6K1blGJUvEnL6yFdA10/eFW7 - 8066mO26F2l5xFuktK0nNeniLHKa5VVYp8iM+JMhX38l0wiIi8pGyxo3uAjNpa0w - IfpCneEBe/yyaUPcWMjXmUG5LJe3kWUup8cSzvu01Z3W159/QsflxIMkIsklqhim - B2zuPdAlYsjjS/05DIHInN2IIB/rjADkQvXji1XYLhWJj4jxDeck/UIc6Q22TED+ - autlbl8d/5sqyO5ghPpShF/s0vMTqUfpXZrDrbuyDFqCfwi0ahP03bUsv20ZEz6u - zG3K5HuXHh7ATSppwuMbcv7vcjF1tkbo6XhWZDv0rY0DFWqiYhnxWwlFlGLxf4zX - g6r7Ca/E/YXG/eOET6M9DxwHjj0D7u/ryAkCktqPL9w8oNGarZQ/xMx0+ocI3byc - Zvzlmd63BtgaGNSxH3stK29KN3ED8cDkG/JzAxCATWiUBBkqW/ga4sGZqtLlSO+F - AgwDC9FRLmchgYQBD/9JbFZie25PO2CyELlUWm5SmJcugT9SK/mIA2fe1PlA+Gnf - 5z9iXraMSQchz4R1IoiixDhubwKeKp/auqhlOPvo58Lsi6iDR/WaLWabD+hcyAb1 - ck/f/PUzTLhlLcfu18VPfXVzfnky3dX8P5aS0WMLAQblj2RaaiHxnPqf49kXSn3q - VSJ0pr0nEsPuWtoCkHUAwAJ8X5GPXN2OD4YbHsNaA9h2vrJAxNd5+HNsvg8JtI88 - X/uMM7cWcaXcmNZOz166HUIPcJ5cabJ48Sv8sDfMPOcTiJkMiESBnRYTwdUcp08m - nGipSrUeW3pVOC1bGyukZb6sF84pTtCpqS+kOSfKFlxFFdAEcpzFIPuOMeo2dbKj - GSGPDemZFC2yFq883yk9/mZbgjOUsqrj0ZP3rCD5ZHpfUM5IxGQ+mKaOucTXYmif - lrTPMYnAc7pHxKZ87BgiKBYrfRAZvorLYKv8zG8YagAUw8iCtc68YUUdvLW9haQf - rwWCU1z+sszYSac7I57gfqICQhMUbs1n9S2Cn0C0xo4q2Lu36ysip4rEVGg6TmUu - znXYu+3orodw2TwC0tGxXHYKwmlr7EGnBCbdVKpDoCbV6cYkDYoPUFg0alqIPd5r - KCkee9MaCLLX7IdBrbLf1lkHGwSAs81GfZRMLBauM7/hn+hMUeIJnMbtJnVIB9Je - AdT2nSH06+POnjvxa2t0dUasnG/6ISBRSk6FgBBZ+pdVlrvaB4javgWGpiAWCUu6 - b2CMZF3HullmLj+wwAKlsZsIOXGICN5GeQxLHYF8Kx7Doj68Owu/zGM5MS+7XQ== - =wYdb + hQIMAwDh3VI7VctTAQ//WFYndpAApuPwCK8Xotduipm1kp1m9/7oy5q3l+WDHR2N + RYQyVUPYSlqzLRfRd65xgy18MHZwUP8iavWU0cnKNveB2c82rMtMRrLU1mvHPTBQ + XmLkSDAepqhbcMcXfVpOQEDjcesIKNMqLiiZtmcOPFcT2RvoyCovx3EKxlvPd4R4 + 0CGiAiApgxz2XSOLoalzHF85p3I0/Sfvf/V9CfZ/oB199PCYF4qlPzq9Xn4D28qT + 67EglnxyFY4esd+9/QRt3B/5RRmzVK4Cc3+JxFO47V+PbkFo+GvF6tv8eUakzCI0 + Dn04VvLsQ9HhaZsjLU8WoX0GRrLjDD/1TaLmM+JFV6c97fN3IBGBSKZTdjOt55ZR + F/oAS8W6aOuqPSr4PaHEOgpzLwpu8IHZ4FNzjeHAGYlK8QjRGpq8Jm/Lz8A9Buy5 + XLS47JspVFLIU9FaWzOBHn6IIkewG/b3fM1kA51f3OFP6RprQ1OvX5g98epW8Eea + M/wFdVMU6HXS8FLAhQZ8Sll5iO0SYyzDM/tgXpXBo5/gjU17Ry1vkzJqQyWmuYWI + UqqxzHnOq/eUJIiXS8Qgkxo/WgMAEEJxLfH+KALzO/KD5PsIRmriSXVGJysXP3lY + tiJPouhDTt4+lapMjipV1bH4kHPoPlfr9fY0t7YSf7NOC5mDNqqTjSYMZXY8UKiF + AgwDC9FRLmchgYQBD/0ccxFMrAOMz4eXqQQXwTf2/nJh7Xz7GxgdhbiPprKDVSoq + mcnnyMfHTAFahRYdCczU0sIj9uX5CVZuSSCv/PqjeSZb+L3ib24EhF+TxgqEPRer + XruneHFK9yu1Y1h++3Li/77DKKDObnqgCZGrdKSgIuakkK2Ki6b9gcaTKLZN5Wmh + tE7zpYQcnRxGW3GdQAuOShsfPZqEO2YIzIecitodPxPaO8PzqTZRhoRclmL91MDT + MtthC4ik7MDEV9nz8oV/u4pqf1j+xJZ23u96Kl4KkowIK7rSE1OYU4onw2mKXgNR + FS+3xqw/BFXgXMkXW+F9GyGPZkxCWuztZozIh9UyCiOErpzPDG/5Hy7v6BzzKaJQ + YMlukdhUw3B9ciB86lKoJSgiZpHeU2J8LZ649lGQXNlplEZnWOkyWWS0/g1Bt2VC + B5egnFOA2ueFGWg1VUzKcIFq/DsqMOXnUMh63KuQrAIovuQnYLyDavGt2Il1LVHj + tiVE5svsFd3o9JyUE8YcP0VDKTcbr/kVJHYA3o+7fLtUD6TEdiQxp3Z/ZPHdCftE + o9t80iekS8k5TYOJ79XWlGw7o+Ip9Zh4G+NpHmKLZaLGrnEFuBMnDRVUsU0CxG0S + ZgUbjLwcX4QxdBEKEgnDip2ink1IdciSlNBpYX6btRt2EPDz6bxISGsI5kTKZtJe + AV6D7C/OYyDUPCfT8WlcDfF/hGiSnf5NWeIlZQ+g1DOuEYDt2jztNFhziVvhsQoO + VEC3iYgq28WyTrQog+3F/ktu4x883js1bbtFZ/b6o9ZM8oKbfuYtUO0v/7CmCg== + =5YlB -----END PGP MESSAGE----- fp: 4BE7925262289B476DBBC17B76FD3810215AE097 unencrypted_suffix: _unencrypted diff --git a/hosts/nixos/x86_64-linux/summers/secrets/freshrss/secrets.yaml b/hosts/nixos/x86_64-linux/summers/secrets/freshrss/secrets.yaml index b9b6f62..a327548 100644 --- a/hosts/nixos/x86_64-linux/summers/secrets/freshrss/secrets.yaml +++ b/hosts/nixos/x86_64-linux/summers/secrets/freshrss/secrets.yaml @@ -4,56 +4,56 @@ freshrss-oidc-crypto-key: ENC[AES256_GCM,data:nEoIHlKXpgKlJ1iFKLUdb6QVcU8fMRoZ+o kanidm-freshrss-client: ENC[AES256_GCM,data:BTPaUyI7qrBpiB+0zQKJw9odT0fRLc+zFg==,iv:9u25+thsHm+0Ganm0z5QtsgFBGccpAIPQa0aYqqHkXA=,tag:cgCvMIs7jUMe7QiDPznbtA==,type:str] sops: age: - - recipient: age1wmx8y2hs83j2u5srdnfxljrzxm8jtxl6fr0mq7xf2ldxyglpzf2qq89rpx + - recipient: age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBMEM4alliWlBCT3VsbVA5 - OGt5bmQvZW1TaUNkbWtFdzVGNDNpY0hBOVhzCm84TldYNHBrU01HMlBkbGNwZFAw - WVk0T3FycVRHUUNtM1pTYkQ4Qmw3RTgKLS0tIE9LUlNEVjJHOGVIK1RSMmRXUDF6 - QlRKY1hRVzNTVXhESUd3OElXL2pBZXcKDWYoOzi2b4qeIbCVCfTj0lTW+OfbnsXB - 8MugCHu7+b+ju0v/lUP66jDW9/2AH4PzHtCNHjsafyzr2qnW8HlOzA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBCclk0UDk1MDhkWXZZUGxM + Zkg4SVdpWmYwZGx1QW1uVWYzU1JZWUgzcVFvCml4RjBydWk0cUVaUkVhWENYSE1G + RC9pTHdPRzBNOEVSdUZnWWthQjFxajQKLS0tIDBtOHlxRTJTRENIMGR5SmUrTWpZ + RElERUIxWW1NZkdLa3M5ZkQrMkFuWTAKODsEiS7hjvztH4YYkiK8Fr4Do+wbroun + 5SGawFG8NmN8P0WWVURKpDDafP4plVHj5YOkoAZJXgo0NyoOLsXjmA== -----END AGE ENCRYPTED FILE----- - - recipient: age1c2enwel9un28dcs4wg0vcyamx9a4a6g3walkhu8w5lqhmd804paq9d24as + - recipient: age1etgfym5m8hn3hxs6cgg757zcv5zg5n22wq38fuq59n7qk7nef5uqyg6vvs enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJRWJXR2tYdEd4cTZsSi9l - Tm1pSC9pek5BakpEMlkwVTcrMlBuVzlXWUVrCmlnV0xJc25nL0twK3VCZ3FRK2x2 - RW52Q1NxWUhTUGY0NnQ0WEhLMWxIcFUKLS0tIG83eVM0KzdLQ004aDRKNTYvdmVZ - d3ZOSStBMFpSU2ZjNWhFRkREQWlUdmcKggVvLy1mLYGf8084RQtlipS4+z4dfPsN - HZfid0srwYnezlQ5qOY8/HrDLWHEyuZ4xFZVi4n0k49qBpNwJdmvyQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOUW4zTWhQOTEraldVeUp2 + ZHpVeStLRmlvcCtpOHlGTDFYZWVKYXpka1JVCk5IblN5OHZDRnZid1RwenlCRlJh + MnRYSVRXcEtyRHo1M2JNdEJHTkpNazQKLS0tIHUvMkUyQ24vSk9hWnl0cjlEQnlN + MTJsZzFzVDZoZ3lnKzVLNk5MZ3N4WmcKEziK8e7aqxGqJwOG4s8jfUmjiL+gs6sY + KEI5LugBaF66fAB3Qf9RX3XaaWWSQ3C/yuiv7h60kE5tEZLPtZxssA== -----END AGE ENCRYPTED FILE----- lastmodified: "2026-01-08T08:01:49Z" mac: ENC[AES256_GCM,data:+RtsIjA8DXxCGeTqsb24DQdP04/8oEvviiYp+SSfvCiUL4nu/WkAIAHdcC+Gvw379vnq1N38JPycB3mQbyabC2lUJ85oEMmfn6YDdsoIxvdDuJuN5VGhLkqXdwgkfJZU+e1XUDkGmAalWeNFTlE7i51qecVevdjPf10YW/V1QZw=,iv:TEYHADkS50xgUCQ4ftWv5YcIqSX+cYgeNbPxSbp0+fI=,tag:+PoSBjFfV99vOZIkNJaXcQ==,type:str] pgp: - - created_at: "2026-01-02T21:12:51Z" + - created_at: "2026-01-12T22:05:23Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAwDh3VI7VctTARAAmvkQ9V14f0BT/bNdFVZtTlY4yVon37CX32SZPUcHV7o8 - Dya0sZd9tuVATSv79TnybscuNx95fkoZJwujBfAadexn2zY8zl1oEWEHx7p+8/mE - W8JbQAjbcbX9sNQYXc8kYJylBThmgNN/HXK7CGtgDFr9xnGzDBnDm/M31P1HwYBm - IdIQgFGErEt1K3xvw28Lk3tPuZLK3Y+H2Yna7RRF6K1blGJUvEnL6yFdA10/eFW7 - 8066mO26F2l5xFuktK0nNeniLHKa5VVYp8iM+JMhX38l0wiIi8pGyxo3uAjNpa0w - IfpCneEBe/yyaUPcWMjXmUG5LJe3kWUup8cSzvu01Z3W159/QsflxIMkIsklqhim - B2zuPdAlYsjjS/05DIHInN2IIB/rjADkQvXji1XYLhWJj4jxDeck/UIc6Q22TED+ - autlbl8d/5sqyO5ghPpShF/s0vMTqUfpXZrDrbuyDFqCfwi0ahP03bUsv20ZEz6u - zG3K5HuXHh7ATSppwuMbcv7vcjF1tkbo6XhWZDv0rY0DFWqiYhnxWwlFlGLxf4zX - g6r7Ca/E/YXG/eOET6M9DxwHjj0D7u/ryAkCktqPL9w8oNGarZQ/xMx0+ocI3byc - Zvzlmd63BtgaGNSxH3stK29KN3ED8cDkG/JzAxCATWiUBBkqW/ga4sGZqtLlSO+F - AgwDC9FRLmchgYQBD/9JbFZie25PO2CyELlUWm5SmJcugT9SK/mIA2fe1PlA+Gnf - 5z9iXraMSQchz4R1IoiixDhubwKeKp/auqhlOPvo58Lsi6iDR/WaLWabD+hcyAb1 - ck/f/PUzTLhlLcfu18VPfXVzfnky3dX8P5aS0WMLAQblj2RaaiHxnPqf49kXSn3q - VSJ0pr0nEsPuWtoCkHUAwAJ8X5GPXN2OD4YbHsNaA9h2vrJAxNd5+HNsvg8JtI88 - X/uMM7cWcaXcmNZOz166HUIPcJ5cabJ48Sv8sDfMPOcTiJkMiESBnRYTwdUcp08m - nGipSrUeW3pVOC1bGyukZb6sF84pTtCpqS+kOSfKFlxFFdAEcpzFIPuOMeo2dbKj - GSGPDemZFC2yFq883yk9/mZbgjOUsqrj0ZP3rCD5ZHpfUM5IxGQ+mKaOucTXYmif - lrTPMYnAc7pHxKZ87BgiKBYrfRAZvorLYKv8zG8YagAUw8iCtc68YUUdvLW9haQf - rwWCU1z+sszYSac7I57gfqICQhMUbs1n9S2Cn0C0xo4q2Lu36ysip4rEVGg6TmUu - znXYu+3orodw2TwC0tGxXHYKwmlr7EGnBCbdVKpDoCbV6cYkDYoPUFg0alqIPd5r - KCkee9MaCLLX7IdBrbLf1lkHGwSAs81GfZRMLBauM7/hn+hMUeIJnMbtJnVIB9Je - AdT2nSH06+POnjvxa2t0dUasnG/6ISBRSk6FgBBZ+pdVlrvaB4javgWGpiAWCUu6 - b2CMZF3HullmLj+wwAKlsZsIOXGICN5GeQxLHYF8Kx7Doj68Owu/zGM5MS+7XQ== - =wYdb + hQIMAwDh3VI7VctTAQ//TVYAbB7pn/T+SaE0DRIYBFVG8PAiyh3zLt3LcJyYZcwy + sVqcJgbIMMTDqJck0XC/RCzIAGhHiSai2rK/TUh1Wm+xQxPIVu5YnmP5mZlX6jVU + EZ9KRuzBK2Kc6FTbinOR9KZlxHKre8QaUNKtXReha4J7A+qQ2wqt41uKupXXGGNv + /NejcbMjeyBUQjkIzT3H5bVZLTOeiv4/tc66Y24p/pz3vcSlUO0GubJ1/sbu3B4o + K/NZ2HC/OchsBJt2Y27PvEIbZJEzY7ysW9tOs6TNEBTCgx1o86WxeHAxvyx9PRGs + 6Rx2aSBLSiZe3AJSauOVmJJDQ1nIOg0vHAH86+vLjqeXGAAvJgJOOTo+/q9M059k + xKYmXSI6LNnqu+6vGPHutzv+oO/6Gv2vSy8n7zO1bahlAndluFMkOMKzkxqooCV6 + v6a1r6slW29Z8UeUlG1iRV5634NvvlQBhp4ig9euKwq8FEY+dz6XUFqnMbY+auE2 + NRwVstJTriTKuBo8stXP2tyvwdpfMem4A5ZSpl6kowx9gvWMiU7aG+U/CLEMHtHY + hWv66eNnjC99tLAJ3lqH8Bd4UY0m0i/P5NFZWRASESay/NSa2BFubNYI6krVWTo8 + uLuvUXSnS+QmlZnr6Bj8nuKUto7naMVkRbiT7t/IMe2vLZrX572c4Ye4/oJJIXKF + AgwDC9FRLmchgYQBEACLXg3KxCtZvfv9ACfHU0jR05aq4vq6/RNwb82KHNNjHSYb + LWSiEkBVl4bb5isRv4EK3CpuuTL1Jv2XIfmd/NjHjZsQRAu2gBcmftXNpBzX4VwT + rB0mBBKGyUWdeleGPOyXvucrAjOqJ4gOVJxrGp2RUbPcUG/aqpuSbmJFx8S5qpsb + ZEdMdNLVZfKzzP4Z7fpPuu5AXyJ+O3IPpFqvChdM04VMYAECGhoZZzIt6UIHkzrO + BBNaXLniznNZ5LKArog8G9WfYcC6egmEP50SYygGok+66QwkTdM0XttUq2M17KwP + xA2Ybgh8JuSI44LJOfx6zeLQqku0hBfmVuvyw9YVoicoZisN/jJYtkk9XOmILlPk + Fw0tn/cy6h51CqNbweGY0KTDxY6pZTEXP21CyLqAWQ+B01JB+zuEq6C7MEH+bfZU + L7Z61tN+j64IRvYGf0YP03Dj4D1vsJ+zp7asQ41MFu5HpAzfU7xcrpa3EgGRYxkT + 6b9m/eAyf8+olEbzVgLC0UkzofXvJLjxuk4zmxdF2WOuKoV+yt5kFjXQGaLozqTN + ypbERn5QCZ6hLYUFOvsqw9avfVLRPVq8JF1YLKEQfVjC20wo6BuwcosbwLeHLI08 + NAHCLHC/6iv2/Fji/57sKcy+qgoIYOhAvWE8wtqCU75379UUIORNFaERaqizy9Je + AXWoZICaEAb556k67dLO73IW5/2yhNiYGzMluHWRcczaKaVmKzrdjjFKhFx3mMof + SmR3Ga9QprYqOXas+Ouok4Qe/zj6YCW8BUcDHFB05OUl5pFRL5ksTNh5V1WrlA== + =RK/j -----END PGP MESSAGE----- fp: 4BE7925262289B476DBBC17B76FD3810215AE097 unencrypted_suffix: _unencrypted diff --git a/hosts/nixos/x86_64-linux/summers/secrets/homebox/secrets.yaml b/hosts/nixos/x86_64-linux/summers/secrets/homebox/secrets.yaml index 57e3bc2..d939671 100644 --- a/hosts/nixos/x86_64-linux/summers/secrets/homebox/secrets.yaml +++ b/hosts/nixos/x86_64-linux/summers/secrets/homebox/secrets.yaml @@ -1,56 +1,56 @@ wireguard-private-key: ENC[AES256_GCM,data:uDvv70RDyd0DEA0IAowsBLKew2k1TzMPmrVmIW1ZuMtSYxpstq8x5l2MPN8=,iv:02HfUl4lUkhlBzgOfvv+hRoyMMAaGcf9PooRAZzgjK0=,tag:dL/qhDLjzMP/4ENUcF3WHQ==,type:str] sops: age: - - recipient: age1wmx8y2hs83j2u5srdnfxljrzxm8jtxl6fr0mq7xf2ldxyglpzf2qq89rpx + - recipient: age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBMEM4alliWlBCT3VsbVA5 - OGt5bmQvZW1TaUNkbWtFdzVGNDNpY0hBOVhzCm84TldYNHBrU01HMlBkbGNwZFAw - WVk0T3FycVRHUUNtM1pTYkQ4Qmw3RTgKLS0tIE9LUlNEVjJHOGVIK1RSMmRXUDF6 - QlRKY1hRVzNTVXhESUd3OElXL2pBZXcKDWYoOzi2b4qeIbCVCfTj0lTW+OfbnsXB - 8MugCHu7+b+ju0v/lUP66jDW9/2AH4PzHtCNHjsafyzr2qnW8HlOzA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGaE9zbmtDVHpBd3NYcWEv + aVVFVmlESDJJb1ZhaDJoei9VeVRQQURaanlVCjErQ2FUYkhyajczSUxSbmF6R2Z3 + em9RVUlnTHdrNXMzRzIvOTJ5UE84RFEKLS0tIDg2WFNQWktUQnAraW9HeDB5OXhT + MTMzMW5zWFloeGxpeGpjcFFZQktJc0EKnuwMW7Zrtr8XZCJM2E8M3WcH+0Ecxz6n + y1bQvo329+Ssx6Igf/NYLzaQVtTgrjrAVgQb4zSu93Ofa8tFRHbcaA== -----END AGE ENCRYPTED FILE----- - - recipient: age1c2enwel9un28dcs4wg0vcyamx9a4a6g3walkhu8w5lqhmd804paq9d24as + - recipient: age17mugmkdw0y768a3huuf37r45eff9apyknxvwk3agg6xzsjmqp96q57tcty enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJRWJXR2tYdEd4cTZsSi9l - Tm1pSC9pek5BakpEMlkwVTcrMlBuVzlXWUVrCmlnV0xJc25nL0twK3VCZ3FRK2x2 - RW52Q1NxWUhTUGY0NnQ0WEhLMWxIcFUKLS0tIG83eVM0KzdLQ004aDRKNTYvdmVZ - d3ZOSStBMFpSU2ZjNWhFRkREQWlUdmcKggVvLy1mLYGf8084RQtlipS4+z4dfPsN - HZfid0srwYnezlQ5qOY8/HrDLWHEyuZ4xFZVi4n0k49qBpNwJdmvyQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJQ1F4NkdvTmpwQ2w2YUVX + WFV2MGkwb1dGT21Xa2c4TlJiZlUwUmgxWHpnCkVOcGZVV1pRSGhIUDhVUXRpM2E4 + dWRKM0VNRTdqN3V1b3hZSUVCRnEveXcKLS0tIGN6b3ppcmg4VFNyNzlSTHY4YzVh + REhGbStZeENKNStwVEZiZVpPRGRmYTQKCBks5jrHBOT8xMGtssxM0ojTED/j3KWP + d3vcpKALxweAgdYExZBYrfg54gL+swAqEB8rLW13+ZOB1xskrg/HkQ== -----END AGE ENCRYPTED FILE----- lastmodified: "2026-01-07T13:36:38Z" mac: ENC[AES256_GCM,data:4ZeARGvSyuzNT2vFJ9ou0JeZ9wyTU443BLHINsEzchHDCB/xlMjhrt9N0DIX+EfkMZiRukUw5C56HNgBfD5uEBgt1lbdBfLQOnUgVlP3EC7HXPZXYEOtS9kj2j2VTBHnGFOZKDiBVgQNJkJ6QBmJtx2rEwQcCax3DeHO/RyLleY=,iv:sCrpoKKTN6X6GoxPQvSaCaiY3b4o9QzLWCus62ltLwk=,tag:kN4UXDS68/OvEi8ZYafLFA==,type:str] pgp: - - created_at: "2026-01-02T21:12:51Z" + - created_at: "2026-01-12T22:05:25Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAwDh3VI7VctTARAAmvkQ9V14f0BT/bNdFVZtTlY4yVon37CX32SZPUcHV7o8 - Dya0sZd9tuVATSv79TnybscuNx95fkoZJwujBfAadexn2zY8zl1oEWEHx7p+8/mE - W8JbQAjbcbX9sNQYXc8kYJylBThmgNN/HXK7CGtgDFr9xnGzDBnDm/M31P1HwYBm - IdIQgFGErEt1K3xvw28Lk3tPuZLK3Y+H2Yna7RRF6K1blGJUvEnL6yFdA10/eFW7 - 8066mO26F2l5xFuktK0nNeniLHKa5VVYp8iM+JMhX38l0wiIi8pGyxo3uAjNpa0w - IfpCneEBe/yyaUPcWMjXmUG5LJe3kWUup8cSzvu01Z3W159/QsflxIMkIsklqhim - B2zuPdAlYsjjS/05DIHInN2IIB/rjADkQvXji1XYLhWJj4jxDeck/UIc6Q22TED+ - autlbl8d/5sqyO5ghPpShF/s0vMTqUfpXZrDrbuyDFqCfwi0ahP03bUsv20ZEz6u - zG3K5HuXHh7ATSppwuMbcv7vcjF1tkbo6XhWZDv0rY0DFWqiYhnxWwlFlGLxf4zX - g6r7Ca/E/YXG/eOET6M9DxwHjj0D7u/ryAkCktqPL9w8oNGarZQ/xMx0+ocI3byc - Zvzlmd63BtgaGNSxH3stK29KN3ED8cDkG/JzAxCATWiUBBkqW/ga4sGZqtLlSO+F - AgwDC9FRLmchgYQBD/9JbFZie25PO2CyELlUWm5SmJcugT9SK/mIA2fe1PlA+Gnf - 5z9iXraMSQchz4R1IoiixDhubwKeKp/auqhlOPvo58Lsi6iDR/WaLWabD+hcyAb1 - ck/f/PUzTLhlLcfu18VPfXVzfnky3dX8P5aS0WMLAQblj2RaaiHxnPqf49kXSn3q - VSJ0pr0nEsPuWtoCkHUAwAJ8X5GPXN2OD4YbHsNaA9h2vrJAxNd5+HNsvg8JtI88 - X/uMM7cWcaXcmNZOz166HUIPcJ5cabJ48Sv8sDfMPOcTiJkMiESBnRYTwdUcp08m - nGipSrUeW3pVOC1bGyukZb6sF84pTtCpqS+kOSfKFlxFFdAEcpzFIPuOMeo2dbKj - GSGPDemZFC2yFq883yk9/mZbgjOUsqrj0ZP3rCD5ZHpfUM5IxGQ+mKaOucTXYmif - lrTPMYnAc7pHxKZ87BgiKBYrfRAZvorLYKv8zG8YagAUw8iCtc68YUUdvLW9haQf - rwWCU1z+sszYSac7I57gfqICQhMUbs1n9S2Cn0C0xo4q2Lu36ysip4rEVGg6TmUu - znXYu+3orodw2TwC0tGxXHYKwmlr7EGnBCbdVKpDoCbV6cYkDYoPUFg0alqIPd5r - KCkee9MaCLLX7IdBrbLf1lkHGwSAs81GfZRMLBauM7/hn+hMUeIJnMbtJnVIB9Je - AdT2nSH06+POnjvxa2t0dUasnG/6ISBRSk6FgBBZ+pdVlrvaB4javgWGpiAWCUu6 - b2CMZF3HullmLj+wwAKlsZsIOXGICN5GeQxLHYF8Kx7Doj68Owu/zGM5MS+7XQ== - =wYdb + hQIMAwDh3VI7VctTAQ/+KFmJTYxoCvXPkfwNcE0+ikAQ82yGFshGAdcF78Hw0i1y + CxWY6qhMi9AmJ59Omqkh0IVHqETUicBLoEGvKIZTb6KBf304TYP6DYZs9+Azg/9O + acdJDz0rkYDP0c3CAKGhGic66acaxxiRiDvkYuYNtpiR+vzvZPmG07SDBw71uxfZ + GKug0y8+6i2vdQKx8ddfiNwey3IGTj6o/B1jW1f1HeRno/qfRjmb29O9HF0JcAnD + syWa2jjVY8hz1CcxErPx3iA5U+I7L2wMj4mIIG2x0kJo3hKRwnkRGG5o5pi4RbAg + tzR5t5Sg8TsLWGA5Btx4HJkTOIVEG3oIuwBUGwlGu/f5U43KCt8Pyf9wmQ9Zy793 + aDLTMpe6kQP/23vkzVSKQVPduNPMntvqmDXuq2iu3c9reO++Cri5z/uEM74gjdTF + b0raKr45o++YaZwbU0iCDSkUY39Ne9IUoqyiQTfKCS6VqtwzzpscgpzwV9ND8O6l + J5ynTpAHBQMUF91Tx108b7F0BKLs+8I/t28ehqv2WdkxvoNSfmHGwCmIzKuf/C6W + j/sIjUAFNU6qpjlYVa4n9Ko9jvmM2aL8WVO51QSFiqDT7OOWAr8vYKdYRaMOk81V + NIyqE7lPlR+MKBaYW+LJfp2JLoyYlvi5vrVnfZuxxVw6HWzf0ejiIDiTReRbg3CF + AgwDC9FRLmchgYQBEACs+xJcoHuykH7AUANoOgya6GKTENYbH5ICGmxwxGQbtA/q + Vs/wqmK3eWkLLOqiGKKHdynvUx1/jSUSqxSUtLY/KMb3905MOH8ar84K8fgJpPQF + Du3SJFWfuZJ7xni2HNLrmaR57hl9DN5evnJ3U043Gey4b6BQV4jeanvNCSF2F8oQ + v9Vc1EKZM02Ia0NjtYkDHVoGyjTKB1su2ah4vlyD8pqyjMu+WYtay4lTcWCOLxKA + ivR5X8QWfm9jFuINTTt8YdLkx9KsM9ecc3+NDgYOVY9RbrnReOaHPgYjmEXddVd8 + J+ok/ekoIw4wa6w/fiRYjNMYYAcenxc/mVBBVE10jeDaL9YwJUnwaa+8G/wGcrFL + iWjI9BeP54YJhpI08oaK3UWSFg5673XX6Na8p/pgbxPyIT88axoqNMU80VW0mvc1 + rd5j1LQiKNqDMEPV5hLbfBlKYrTzIG2V0F9YYlh9NWMzOyUdHoMmY75AmKKJB/p1 + M/Mz2ILI57ubuq3Oj0MAkX/fOsNefVs7VmTybuAdI2lViB9FzBGtb1TlFvTmW5LZ + cu19rt4N0vxfcrAbLhsVTAsA1zKwAnyQUSRRd9aRqXPVCRr4pPTLxEOZCPHnCBDZ + tTX8/27F85sUU4iozC8Nb8O37NRy7sRWL4BfPLeq9QWG8n7XmnH6zAn55V93Y9Je + Aaxk9LcteNGywk6hxyI50cBir4PEIEwQj9oRwy0URH7UIX7BUojRF1hV+Mus38is + Va1BiIOCn0YHfd7tBeggbjV5A+OkD6exDVCZBXaC4E7Ueoxd2udaYXsfHvjABA== + =tJZv -----END PGP MESSAGE----- fp: 4BE7925262289B476DBBC17B76FD3810215AE097 unencrypted_suffix: _unencrypted diff --git a/hosts/nixos/x86_64-linux/summers/secrets/immich/secrets.yaml b/hosts/nixos/x86_64-linux/summers/secrets/immich/secrets.yaml index 00948b6..e56b4c6 100644 --- a/hosts/nixos/x86_64-linux/summers/secrets/immich/secrets.yaml +++ b/hosts/nixos/x86_64-linux/summers/secrets/immich/secrets.yaml @@ -1,56 +1,56 @@ wireguard-private-key: ENC[AES256_GCM,data:rTVAsx0XyI7i1coICpFjANV6CpWSjDTlvdOxu1yLggei/XZKeRuDmv1PsE8=,iv:P0S+juvE3LswavDMPpoxUYkKCzGlYaaEpIg7DBwvoc4=,tag:hIrOXG4F5qkK10VIjtiggg==,type:str] sops: age: - - recipient: age1wmx8y2hs83j2u5srdnfxljrzxm8jtxl6fr0mq7xf2ldxyglpzf2qq89rpx + - recipient: age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBMEM4alliWlBCT3VsbVA5 - OGt5bmQvZW1TaUNkbWtFdzVGNDNpY0hBOVhzCm84TldYNHBrU01HMlBkbGNwZFAw - WVk0T3FycVRHUUNtM1pTYkQ4Qmw3RTgKLS0tIE9LUlNEVjJHOGVIK1RSMmRXUDF6 - QlRKY1hRVzNTVXhESUd3OElXL2pBZXcKDWYoOzi2b4qeIbCVCfTj0lTW+OfbnsXB - 8MugCHu7+b+ju0v/lUP66jDW9/2AH4PzHtCNHjsafyzr2qnW8HlOzA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBoYXU2U1JseXZLZEVOanMr + RW52NlZJcTgrZTRpQkwvcG54YUFqYzJkSkZzCnhwczNqeXozSm90a2RkTDBiZnpW + RUpRUFpHd01uUWRhMVZ1UnBJQk9SZXcKLS0tIDNmQlF2YlkrWmxwWU5wb01odjdy + Mk93dFJnd0tDR1BOL3RBa00yOWd1OEEKL1DJeQo76MdgbZlq2N6yribiUtlD3wiV + 1UcZWDnGMM3uC7LjdR6xK2qDiG64SqWhlo8FSrHLL/42GTJ/1irfXw== -----END AGE ENCRYPTED FILE----- - - recipient: age1c2enwel9un28dcs4wg0vcyamx9a4a6g3walkhu8w5lqhmd804paq9d24as + - recipient: age16gf76uustmyyksm3t56zcq9g6j8avy0wrngh8laknfq733s5welqedeg4x enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJRWJXR2tYdEd4cTZsSi9l - Tm1pSC9pek5BakpEMlkwVTcrMlBuVzlXWUVrCmlnV0xJc25nL0twK3VCZ3FRK2x2 - RW52Q1NxWUhTUGY0NnQ0WEhLMWxIcFUKLS0tIG83eVM0KzdLQ004aDRKNTYvdmVZ - d3ZOSStBMFpSU2ZjNWhFRkREQWlUdmcKggVvLy1mLYGf8084RQtlipS4+z4dfPsN - HZfid0srwYnezlQ5qOY8/HrDLWHEyuZ4xFZVi4n0k49qBpNwJdmvyQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBoS0lrTWJielNmS1ZTMTh3 + bmx4anJ0NHdONlVGKzZPdGs2emlMck9lN2pvCmhVRHBWUFV1Y21STXYxaXRXWm9k + dDFhTU9qSTV3NW94Wk5CeFJJOXhGeWcKLS0tIFB6dFVzVm1oTmczYlgrVmphSngy + NitRanVvVS9XalBxYVJjT0dhSEVMK2MK4+NFlbWqdCEDSln+gSIsCqIsYwRXb/aN + 8GW2+Jl/4zrPiM6vG0s9IxZq/4qJkIO9UX1AIFuKemz3S63WYcpE2A== -----END AGE ENCRYPTED FILE----- lastmodified: "2026-01-07T13:36:39Z" mac: ENC[AES256_GCM,data:KYqOMm6Xk04/1nwEXaX+Htkovwa+RbHtZH3Nd9S/K1bjdZZESpka7Kxib+mf9ezBnTdJTBzwacf0bgQnU+rpQWxBvWz65K8RAHcJms0JoNYEPWJkIeG9/KdV2iefPcml5SOFID8Xr/KpISfnayS4CGUWRFU8DyDtb30g9DQ2Peg=,iv:3QT6PqinySd6lUWBNxpxBxsY7VVmrnFqUxjLbsMMYR0=,tag:SLkWHWnnxNn0j+lnGnJGeQ==,type:str] pgp: - - created_at: "2026-01-02T21:12:51Z" + - created_at: "2026-01-12T22:05:26Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAwDh3VI7VctTARAAmvkQ9V14f0BT/bNdFVZtTlY4yVon37CX32SZPUcHV7o8 - Dya0sZd9tuVATSv79TnybscuNx95fkoZJwujBfAadexn2zY8zl1oEWEHx7p+8/mE - W8JbQAjbcbX9sNQYXc8kYJylBThmgNN/HXK7CGtgDFr9xnGzDBnDm/M31P1HwYBm - IdIQgFGErEt1K3xvw28Lk3tPuZLK3Y+H2Yna7RRF6K1blGJUvEnL6yFdA10/eFW7 - 8066mO26F2l5xFuktK0nNeniLHKa5VVYp8iM+JMhX38l0wiIi8pGyxo3uAjNpa0w - IfpCneEBe/yyaUPcWMjXmUG5LJe3kWUup8cSzvu01Z3W159/QsflxIMkIsklqhim - B2zuPdAlYsjjS/05DIHInN2IIB/rjADkQvXji1XYLhWJj4jxDeck/UIc6Q22TED+ - autlbl8d/5sqyO5ghPpShF/s0vMTqUfpXZrDrbuyDFqCfwi0ahP03bUsv20ZEz6u - zG3K5HuXHh7ATSppwuMbcv7vcjF1tkbo6XhWZDv0rY0DFWqiYhnxWwlFlGLxf4zX - g6r7Ca/E/YXG/eOET6M9DxwHjj0D7u/ryAkCktqPL9w8oNGarZQ/xMx0+ocI3byc - Zvzlmd63BtgaGNSxH3stK29KN3ED8cDkG/JzAxCATWiUBBkqW/ga4sGZqtLlSO+F - AgwDC9FRLmchgYQBD/9JbFZie25PO2CyELlUWm5SmJcugT9SK/mIA2fe1PlA+Gnf - 5z9iXraMSQchz4R1IoiixDhubwKeKp/auqhlOPvo58Lsi6iDR/WaLWabD+hcyAb1 - ck/f/PUzTLhlLcfu18VPfXVzfnky3dX8P5aS0WMLAQblj2RaaiHxnPqf49kXSn3q - VSJ0pr0nEsPuWtoCkHUAwAJ8X5GPXN2OD4YbHsNaA9h2vrJAxNd5+HNsvg8JtI88 - X/uMM7cWcaXcmNZOz166HUIPcJ5cabJ48Sv8sDfMPOcTiJkMiESBnRYTwdUcp08m - nGipSrUeW3pVOC1bGyukZb6sF84pTtCpqS+kOSfKFlxFFdAEcpzFIPuOMeo2dbKj - GSGPDemZFC2yFq883yk9/mZbgjOUsqrj0ZP3rCD5ZHpfUM5IxGQ+mKaOucTXYmif - lrTPMYnAc7pHxKZ87BgiKBYrfRAZvorLYKv8zG8YagAUw8iCtc68YUUdvLW9haQf - rwWCU1z+sszYSac7I57gfqICQhMUbs1n9S2Cn0C0xo4q2Lu36ysip4rEVGg6TmUu - znXYu+3orodw2TwC0tGxXHYKwmlr7EGnBCbdVKpDoCbV6cYkDYoPUFg0alqIPd5r - KCkee9MaCLLX7IdBrbLf1lkHGwSAs81GfZRMLBauM7/hn+hMUeIJnMbtJnVIB9Je - AdT2nSH06+POnjvxa2t0dUasnG/6ISBRSk6FgBBZ+pdVlrvaB4javgWGpiAWCUu6 - b2CMZF3HullmLj+wwAKlsZsIOXGICN5GeQxLHYF8Kx7Doj68Owu/zGM5MS+7XQ== - =wYdb + hQIMAwDh3VI7VctTAQ//XiTwGjbH1zmdMP9/hLdvavEYfiVKD6TjtMiSKrGMOa9h + VIr7DRjrIzYm6E8j5sbpEFRNIjOu/vcHvr5NCoZN0tmwqXvbi56RE/QypbZcx7nt + fGtOj6hgFdm3deWU/JCx1uAXF0fFiyy7G0+YqrZEfzihaOzyPrUp6uqu+Bb4Eli2 + 2CuupTa6zBP1kAzJKToT+F8pGFPHGk4Ji55wWQTnaRe24A4xFQryGhAGTkrnMxpW + 796XN18IqRXcpvg4tOEADILzmjJ3WcNeYi2oF4WSqpRDUadEoUwWWo5Zdtt1SGFs + H77wIAArmoRHsPWojfjWGQNi6Xcfazy1F8HocaanEJ/dV0MwTiIfhXjeZSevo/WP + VDs1UsITkBGpG7FF1sYZv/9GhL3CE74e0LuAifx14tmPhRk46vAnNXjR3vHNSR8+ + iREIAZXluLnhWn63bC9TGBm2ROEP0hpXVyHELiBXS5Pa36DaPDnrJVxehjzwerTC + Ow/R7GkqAPDHqtOcXNpt1hJtMETKmZ8lXcauZWBWCHgHS2nDTBv03zsfk+7GwCpj + O49Gr40nxU4rSxPqoMuwJY1A4/dYeEAC0QpuDnddPq3O0tHgcvlFYgw4Tb0EAtWf + TYUN7hd6WCHc4QUjmoLq2b5Lt5DpNEfPhAqWX3sL9bEr1EBKRxuGxF1WuJ1Ki+2F + AgwDC9FRLmchgYQBD/0aedT/5S53nq2U49lJNxXhlo6X3bD9TD/NAmooQeiCqFgJ + xY9YJd/Z2eboKOQwoySXozrIM797WfIZ0W8ywUnGfYnboncojiQfASMvW483EHum + h3KdpTa2IOZ2cnqJmUQZrGVO7iG+gkiLXZJpRupGLp+XLVVaN7w4mN8bB1anQT4S + yn0i3+SFBstDgfFjHbvt7nrWE5KEavCzLbYAO5MJ0JYs0ei7ScZeyI0q0IvwaQLm + HL0cbnVXyrLtj70UpbgrIemRMZqjyGZ5IPmx62ssc7CuKgvnT76ybDmcw/REs1qv + bCibxeBaiWBAhZPz5bHEcTnFQgAFdqiycoXRXYgTUgM98tHjTv09sKTVVfZnxcMr + I+ca3bHXb7OxZjaoeYFqqV09vyBnibqVVJ9BsyLsRZtUSN5Fwih3d3Vw25oA/UOU + DCvwjL/V1gzOgLqfRWJRBxdNWbtbmzF4SbyK/P62PPX8pVE8EZbsISJZOkUajKXX + 5aT/IvDUHjo7aVdK8ulMK/ljlHyAM/DgqnhxnVCe6xfQMiEVB2iJwN1925eDm3MY + N0UAItV6SR4FaXLnzEsgO2Hkks3nWKVjdjGU++9AOawKdORLJPvrP+apxuftxb6k + szB6s+r59yjxVugKM8IHEPvUZ6n75Kr/FiQZP6vPnBMgh6vfaYcAXs3FvwBR29Je + Acfyypf9TzhI/s1a52FCX96etZj3e+CmLpBJVbbALPpWnggGKCcKpkIxEAa+CAoR + ZOZj1ZjcdHVc84U3lma8yi66pK9J1sVb2Td68oN5Axma0hQwG1GIjdfTPWklbg== + =Dv7n -----END PGP MESSAGE----- fp: 4BE7925262289B476DBBC17B76FD3810215AE097 unencrypted_suffix: _unencrypted diff --git a/hosts/nixos/x86_64-linux/summers/secrets/jellyfin/secrets.yaml b/hosts/nixos/x86_64-linux/summers/secrets/jellyfin/secrets.yaml index 9f10fb0..0f284c9 100644 --- a/hosts/nixos/x86_64-linux/summers/secrets/jellyfin/secrets.yaml +++ b/hosts/nixos/x86_64-linux/summers/secrets/jellyfin/secrets.yaml @@ -1,56 +1,56 @@ wireguard-private-key: ENC[AES256_GCM,data:5o3vhdHriS1Iau5/wS/QM2IKlIGn1Aua+M9blroPrOgfBWLtLxzhBcAzJ/A=,iv:zv4ZvP5gIJ5Y1dC2H0AqqMRIGFE/QJ8ztp6yG/QfDZE=,tag:W6BWuHk594xqd6WwEN6n4w==,type:str] sops: age: - - recipient: age1wmx8y2hs83j2u5srdnfxljrzxm8jtxl6fr0mq7xf2ldxyglpzf2qq89rpx + - recipient: age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBMEM4alliWlBCT3VsbVA5 - OGt5bmQvZW1TaUNkbWtFdzVGNDNpY0hBOVhzCm84TldYNHBrU01HMlBkbGNwZFAw - WVk0T3FycVRHUUNtM1pTYkQ4Qmw3RTgKLS0tIE9LUlNEVjJHOGVIK1RSMmRXUDF6 - QlRKY1hRVzNTVXhESUd3OElXL2pBZXcKDWYoOzi2b4qeIbCVCfTj0lTW+OfbnsXB - 8MugCHu7+b+ju0v/lUP66jDW9/2AH4PzHtCNHjsafyzr2qnW8HlOzA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzbGwveGRMZ1pGRkJXTlB6 + cVQrdng4VHR1dUo5WnFBUTRSUERsT3ZmcTJnCjQrUWpaZ3JwNVYvOEMyTUNGTzF2 + VVE0aldqcWR3ZitNamloVVRCYVJEM1EKLS0tIGVGTEF3RDNJRGtzL0NtNytKd3N2 + d1kyZnhFY3llb3BCVjZqK3Z5WXMxMjQKrRw1Bc1TLgErVOgwfbAvZPFJiBfOExGl + Sri9+si8AmsqmtjRsXOHesI32LrCgJfSAnxUZgdXzJQeaIyhnxvDog== -----END AGE ENCRYPTED FILE----- - - recipient: age1c2enwel9un28dcs4wg0vcyamx9a4a6g3walkhu8w5lqhmd804paq9d24as + - recipient: age1fnvlmhzju0yq908xtgags0sy85q3tacl2sc3w3vdd3yfp27xv5aq06v948 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJRWJXR2tYdEd4cTZsSi9l - Tm1pSC9pek5BakpEMlkwVTcrMlBuVzlXWUVrCmlnV0xJc25nL0twK3VCZ3FRK2x2 - RW52Q1NxWUhTUGY0NnQ0WEhLMWxIcFUKLS0tIG83eVM0KzdLQ004aDRKNTYvdmVZ - d3ZOSStBMFpSU2ZjNWhFRkREQWlUdmcKggVvLy1mLYGf8084RQtlipS4+z4dfPsN - HZfid0srwYnezlQ5qOY8/HrDLWHEyuZ4xFZVi4n0k49qBpNwJdmvyQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGazRvZnczUVp2MGhYOW9F + UkJlV3pxMjM5VkVwaEJMZFZTNmE5bDdxUHlBCm1HY3lVUVIwNGNUUUhnM2ZseVlj + ejJJNi9OTnhBZjJTbUsrUS9rd2d6TDAKLS0tIHNIMGpwT01BS2gxODZQMUhBUGRN + NE5IWnpBQUhsK3BVUjFOQUZnOWw2SlkK5KKCFPVNSM6ceIIMtmLqBUNyasu3y7Y1 + 6FR9AFTK/hP6s71OdVEChEG6GX3Gsm8ym3AiSFF573wfUPs9GM9gXw== -----END AGE ENCRYPTED FILE----- lastmodified: "2026-01-07T13:36:40Z" mac: ENC[AES256_GCM,data:Ep/6toPN64tEaCGEnO8dIUd14x5JB5TSfw9A5J3KFkhCAhCoMW29yzuqHMy7iBRwS9VqJS3R0g7SL8x6dIzsHmT9sZ3m0gihGZsM9Psc24NOi6iWfOLyNApwTsI+LhL1CEcspb/quvm4Nh+xSnYXhap+3+rPtMGpyVtgyNgN2eU=,iv:zhi6NU4lPOJ+X5KIbVpDS3mz418psH9nu8qtguKQ7po=,tag:FjePycuZddog47Wwmu94wg==,type:str] pgp: - - created_at: "2026-01-02T21:12:51Z" + - created_at: "2026-01-12T22:05:27Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAwDh3VI7VctTARAAmvkQ9V14f0BT/bNdFVZtTlY4yVon37CX32SZPUcHV7o8 - Dya0sZd9tuVATSv79TnybscuNx95fkoZJwujBfAadexn2zY8zl1oEWEHx7p+8/mE - W8JbQAjbcbX9sNQYXc8kYJylBThmgNN/HXK7CGtgDFr9xnGzDBnDm/M31P1HwYBm - IdIQgFGErEt1K3xvw28Lk3tPuZLK3Y+H2Yna7RRF6K1blGJUvEnL6yFdA10/eFW7 - 8066mO26F2l5xFuktK0nNeniLHKa5VVYp8iM+JMhX38l0wiIi8pGyxo3uAjNpa0w - IfpCneEBe/yyaUPcWMjXmUG5LJe3kWUup8cSzvu01Z3W159/QsflxIMkIsklqhim - B2zuPdAlYsjjS/05DIHInN2IIB/rjADkQvXji1XYLhWJj4jxDeck/UIc6Q22TED+ - autlbl8d/5sqyO5ghPpShF/s0vMTqUfpXZrDrbuyDFqCfwi0ahP03bUsv20ZEz6u - zG3K5HuXHh7ATSppwuMbcv7vcjF1tkbo6XhWZDv0rY0DFWqiYhnxWwlFlGLxf4zX - g6r7Ca/E/YXG/eOET6M9DxwHjj0D7u/ryAkCktqPL9w8oNGarZQ/xMx0+ocI3byc - Zvzlmd63BtgaGNSxH3stK29KN3ED8cDkG/JzAxCATWiUBBkqW/ga4sGZqtLlSO+F - AgwDC9FRLmchgYQBD/9JbFZie25PO2CyELlUWm5SmJcugT9SK/mIA2fe1PlA+Gnf - 5z9iXraMSQchz4R1IoiixDhubwKeKp/auqhlOPvo58Lsi6iDR/WaLWabD+hcyAb1 - ck/f/PUzTLhlLcfu18VPfXVzfnky3dX8P5aS0WMLAQblj2RaaiHxnPqf49kXSn3q - VSJ0pr0nEsPuWtoCkHUAwAJ8X5GPXN2OD4YbHsNaA9h2vrJAxNd5+HNsvg8JtI88 - X/uMM7cWcaXcmNZOz166HUIPcJ5cabJ48Sv8sDfMPOcTiJkMiESBnRYTwdUcp08m - nGipSrUeW3pVOC1bGyukZb6sF84pTtCpqS+kOSfKFlxFFdAEcpzFIPuOMeo2dbKj - GSGPDemZFC2yFq883yk9/mZbgjOUsqrj0ZP3rCD5ZHpfUM5IxGQ+mKaOucTXYmif - lrTPMYnAc7pHxKZ87BgiKBYrfRAZvorLYKv8zG8YagAUw8iCtc68YUUdvLW9haQf - rwWCU1z+sszYSac7I57gfqICQhMUbs1n9S2Cn0C0xo4q2Lu36ysip4rEVGg6TmUu - znXYu+3orodw2TwC0tGxXHYKwmlr7EGnBCbdVKpDoCbV6cYkDYoPUFg0alqIPd5r - KCkee9MaCLLX7IdBrbLf1lkHGwSAs81GfZRMLBauM7/hn+hMUeIJnMbtJnVIB9Je - AdT2nSH06+POnjvxa2t0dUasnG/6ISBRSk6FgBBZ+pdVlrvaB4javgWGpiAWCUu6 - b2CMZF3HullmLj+wwAKlsZsIOXGICN5GeQxLHYF8Kx7Doj68Owu/zGM5MS+7XQ== - =wYdb + hQIMAwDh3VI7VctTARAA0bPcknehmkuWwEODvm6Y8L/a/R3QyZWOnFYQF1RCeJ2U + w6VAkCLRjog8cpi8CiWLUY8JJo2Ui/Ei+0SiUYUuaxkIdlqonhddXa1VxOANRLLd + OIguTv+YQtGuZF6vmlABtV3ntUbC590iuZdHHjOa6BUBLFWJgqBNe4Adkrj5WP4e + 76uZgFTEtBt0paaijd7HuIhdYiAbM9pOKkWRbuHNqlMSdbJJSFCVspL6oBwHWJrs + xPCUVZIRR2rVjaj9VoQPKAucbLyxBc7TQVpZQlMNSJTNGRmeCaj2Dzm23rAvRch9 + 0t8YGsiovwDBe/JZLQPliqEYjIvst1r9+Fjd1YYuwPFJlYQLL5hj3tVL/RJ/XiOu + 8r4ftgKbwon9KMQCUALXvHzPnD/3+YzdXk2jr6/B7e/N8d93P46xIivCtu3wN+yY + zkpbJbtjLzyQ2Ixazo9zVFmammoGLt/amZdBwD1DRWNI1dE6a7l9Kelza6S8XEwg + 5OQ3bQU/n5/adjmyP3wdQW+1+lIZY0F7CQ1Lh0mBNFe84jVus3tg/sExuTD+rVpF + ACUKaoNhEK/S90TUMVTbRL86wSTE6gsdgg/NB2BS1W0rGnxpCAr49stebWRT+lCM + ic3qvni6b9EDz56bWYOWjPwsKjdxgnXTmcMHChDCRwoGNsJcDj3CxXiG1B48ltiF + AgwDC9FRLmchgYQBEACeYohAxHIrt66T7PChHNbvADgC9u+Q4fnk1w4sSZHYxcxk + r4UB4ocJb25VmUh8JhJTY3E2XmtsViMoSlu05cGyOsg8afgadl4Q35KXWhaU+UyV + n+gUWHycZxy3cyaa5o7m+Xk/jlz+dBHf25F2iUT0PVacQ/idjfSY/nlt9GhXYJfD + 5MVwLfJKgJ71xatgHwI60hg+a/im2TgP2t25lVlNotDoLfuGAXuCISLdtIN6k+xq + rX0spBd2PnF19joXqb+m/OTOM+4l+PcKAWcbkL8PWnUSO9w87soIlE4HdMN3sqlX + HJVuyI+Dra97P9ALr+z3jyzoObgQmx72xt8jGGxdMLbhDmXpYWJ9TnTMxOwF5/T9 + HUpg1cipbz2hCuFC2TtCyoE1yzZIuNvzyMRapK4yGwdeBlTzPBOEWVVokd5GS7wj + r9aqWDDbeC+oPTtufIcxRup6USlX3eEIVtF2zFPyg82XJKzzIT/4x4sY1pulm7NZ + fjHZNv6h2PUSfVqneMr92ViBPyn6nU5YA++6n60LAkntNSoDWtSbIi8hpQa1XIVs + LPGi3z1TVNO5fZtzXJFfyKID5dd9l4/Xjm/IBOXbLrVTJgb98Iop2XfssJhAxjGp + ydV7fxcUrVh9RbJe4NiDTFE5Pw9t+f0QxQnSyFcsS1jC+g786MPbM81X4Q/cWdJe + Abdk26c22iMEpRch7qJxo9tddXrao5P10Tr3FSy4WEUDScglb75NGxgTXloWNaiL + pKS56PaycTEJ7y2rb8T3e7c6dJj/Kx2N1rkxikI8UYO9DbRE1AU4czgVwRLUZA== + =hRaf -----END PGP MESSAGE----- fp: 4BE7925262289B476DBBC17B76FD3810215AE097 unencrypted_suffix: _unencrypted diff --git a/hosts/nixos/x86_64-linux/summers/secrets/kanidm/secrets.yaml b/hosts/nixos/x86_64-linux/summers/secrets/kanidm/secrets.yaml index 5eb407c..67cc06a 100644 --- a/hosts/nixos/x86_64-linux/summers/secrets/kanidm/secrets.yaml +++ b/hosts/nixos/x86_64-linux/summers/secrets/kanidm/secrets.yaml @@ -11,56 +11,56 @@ kanidm-freshrss: ENC[AES256_GCM,data:t2iIWLeyChAPFKfWeLkEnWC0zbpuSP/tmQ==,iv:fPp kanidm-firezone: ENC[AES256_GCM,data:/at/1dhYtPzeh6F7/juE1XyY6abq1OQIgw==,iv:Qp1QXBKHYoDJfTbZZYDRcdM+/GFu8WonhO6uSI7NdVA=,tag:lvSei5/yGk3aU7HX9KOgaw==,type:str] sops: age: - - recipient: age1wmx8y2hs83j2u5srdnfxljrzxm8jtxl6fr0mq7xf2ldxyglpzf2qq89rpx + - recipient: age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBMEM4alliWlBCT3VsbVA5 - OGt5bmQvZW1TaUNkbWtFdzVGNDNpY0hBOVhzCm84TldYNHBrU01HMlBkbGNwZFAw - WVk0T3FycVRHUUNtM1pTYkQ4Qmw3RTgKLS0tIE9LUlNEVjJHOGVIK1RSMmRXUDF6 - QlRKY1hRVzNTVXhESUd3OElXL2pBZXcKDWYoOzi2b4qeIbCVCfTj0lTW+OfbnsXB - 8MugCHu7+b+ju0v/lUP66jDW9/2AH4PzHtCNHjsafyzr2qnW8HlOzA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSc09FTHFDcWxidTFWTGJ5 + VEc5MGhEaDlvZzVXVVQxQ1ltcVJuVDNHaEg0Ck40UldXamFocS9zZVhicjQvMjcv + ajRuTDRiWUlJSEdaZHhjNEdPSUsxUncKLS0tIFJvdDJiL25tNXd1U0c0V202VGNr + YVoweFo0MWp3SGpTT3lDSzljL05MV28K3AH/JPtkI/zcJILPYmY90bDNplj8H9/h + 1Nn1ceS5frxOCYN8b2wS42NupId2yhFojfbJAGw73unHp+CJaNfnNQ== -----END AGE ENCRYPTED FILE----- - - recipient: age1c2enwel9un28dcs4wg0vcyamx9a4a6g3walkhu8w5lqhmd804paq9d24as + - recipient: age1s5gcxtatd9frwctzwg54fqycsx2sa73ll36k7qrpm9wwyknkldtst90gn4 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJRWJXR2tYdEd4cTZsSi9l - Tm1pSC9pek5BakpEMlkwVTcrMlBuVzlXWUVrCmlnV0xJc25nL0twK3VCZ3FRK2x2 - RW52Q1NxWUhTUGY0NnQ0WEhLMWxIcFUKLS0tIG83eVM0KzdLQ004aDRKNTYvdmVZ - d3ZOSStBMFpSU2ZjNWhFRkREQWlUdmcKggVvLy1mLYGf8084RQtlipS4+z4dfPsN - HZfid0srwYnezlQ5qOY8/HrDLWHEyuZ4xFZVi4n0k49qBpNwJdmvyQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB6WUxEWk94ekRXWGNoQVdm + K1A5cVJLUzNZK0JXMmJacGI0Z3Z0Nmo5KzJRCk8rZ0JINlpRbnFKMmIwejhyeldW + U3FWS1M4K1FZQzY3Wks0Ui9IRXA5TlUKLS0tIG9PQWhDR3ZXaDBLZVBpandxSXRO + Mi8zVFlmbldWVFZPRzV6eWpWMUZjMncK1x41Dvs5LXsSKdg69CPQJ44/x1eNwSHz + xGNb5lgtduTF7mDtlNnp+QdDYVLnMQCiwlUcYeyckej1KAdvOM2Sog== -----END AGE ENCRYPTED FILE----- lastmodified: "2026-01-08T08:02:14Z" mac: ENC[AES256_GCM,data:YRVfa2nuKJ392zbrVDB8XILDa7zsdmdKak4tXAiru5SY9vGzY68sHSu1R0pBr0RxPZ4Z0NYyvJwiH1ni2PKabuJzAIyZLV0KL6ekKIFg2B+2o5nMUT2s2+7yjQ8VJ9nZSdjN+Qk4O9yF3L6GTg3CMKk+wahrySAPuyMn4rTMzcQ=,iv:JoGWfR4Ld0QsTIWnm5bZKwma2vPutEsSL0x6Siz5eGY=,tag:zzGyZs2wSwEo2yTUgKgcpQ==,type:str] pgp: - - created_at: "2026-01-02T21:12:51Z" + - created_at: "2026-01-12T22:05:29Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAwDh3VI7VctTARAAmvkQ9V14f0BT/bNdFVZtTlY4yVon37CX32SZPUcHV7o8 - Dya0sZd9tuVATSv79TnybscuNx95fkoZJwujBfAadexn2zY8zl1oEWEHx7p+8/mE - W8JbQAjbcbX9sNQYXc8kYJylBThmgNN/HXK7CGtgDFr9xnGzDBnDm/M31P1HwYBm - IdIQgFGErEt1K3xvw28Lk3tPuZLK3Y+H2Yna7RRF6K1blGJUvEnL6yFdA10/eFW7 - 8066mO26F2l5xFuktK0nNeniLHKa5VVYp8iM+JMhX38l0wiIi8pGyxo3uAjNpa0w - IfpCneEBe/yyaUPcWMjXmUG5LJe3kWUup8cSzvu01Z3W159/QsflxIMkIsklqhim - B2zuPdAlYsjjS/05DIHInN2IIB/rjADkQvXji1XYLhWJj4jxDeck/UIc6Q22TED+ - autlbl8d/5sqyO5ghPpShF/s0vMTqUfpXZrDrbuyDFqCfwi0ahP03bUsv20ZEz6u - zG3K5HuXHh7ATSppwuMbcv7vcjF1tkbo6XhWZDv0rY0DFWqiYhnxWwlFlGLxf4zX - g6r7Ca/E/YXG/eOET6M9DxwHjj0D7u/ryAkCktqPL9w8oNGarZQ/xMx0+ocI3byc - Zvzlmd63BtgaGNSxH3stK29KN3ED8cDkG/JzAxCATWiUBBkqW/ga4sGZqtLlSO+F - AgwDC9FRLmchgYQBD/9JbFZie25PO2CyELlUWm5SmJcugT9SK/mIA2fe1PlA+Gnf - 5z9iXraMSQchz4R1IoiixDhubwKeKp/auqhlOPvo58Lsi6iDR/WaLWabD+hcyAb1 - ck/f/PUzTLhlLcfu18VPfXVzfnky3dX8P5aS0WMLAQblj2RaaiHxnPqf49kXSn3q - VSJ0pr0nEsPuWtoCkHUAwAJ8X5GPXN2OD4YbHsNaA9h2vrJAxNd5+HNsvg8JtI88 - X/uMM7cWcaXcmNZOz166HUIPcJ5cabJ48Sv8sDfMPOcTiJkMiESBnRYTwdUcp08m - nGipSrUeW3pVOC1bGyukZb6sF84pTtCpqS+kOSfKFlxFFdAEcpzFIPuOMeo2dbKj - GSGPDemZFC2yFq883yk9/mZbgjOUsqrj0ZP3rCD5ZHpfUM5IxGQ+mKaOucTXYmif - lrTPMYnAc7pHxKZ87BgiKBYrfRAZvorLYKv8zG8YagAUw8iCtc68YUUdvLW9haQf - rwWCU1z+sszYSac7I57gfqICQhMUbs1n9S2Cn0C0xo4q2Lu36ysip4rEVGg6TmUu - znXYu+3orodw2TwC0tGxXHYKwmlr7EGnBCbdVKpDoCbV6cYkDYoPUFg0alqIPd5r - KCkee9MaCLLX7IdBrbLf1lkHGwSAs81GfZRMLBauM7/hn+hMUeIJnMbtJnVIB9Je - AdT2nSH06+POnjvxa2t0dUasnG/6ISBRSk6FgBBZ+pdVlrvaB4javgWGpiAWCUu6 - b2CMZF3HullmLj+wwAKlsZsIOXGICN5GeQxLHYF8Kx7Doj68Owu/zGM5MS+7XQ== - =wYdb + hQIMAwDh3VI7VctTARAAsHsyz+edy6SFpx2p0aDsDGl1i1ehNruViAWEvFhuI59E + LGzqXZ+U1MN+O1s7Jyyv6CkbOXvQh7G/ebJVPViXz+fSS7XL0R9vLfJpvGbSGQSb + n+vCODar0cBQrqw+fa2LgoAILfyeSAemh3Ezu6NyI1T895RnS6Ns39C0//6qUYIM + QPoAVzCUFm3bb/5b38K8DhiXMpdaltdxD3RK20k9nUCde8+LRV7KiBfHZgmjX3TF + AK6078wXbmuyh9qIqJp4oQG/HBk2AbExGPsYTlmTJTcPUsN2iHE9s89G+lUm44+p + utCxf94b87gZuYaYRumrU2NtB+FJQg3UEq65CZB+hDGUg6G/jHmrAfFjzfq3gfI2 + NJL6bboUKdsrv4DKxNhnOA06RYgmoYh1K8OGZYruWwDBiPX8Reo7o51N0WkA5zhe + //iySBRY4js5QRwkz1HZ6JkK0/ag90GHKAdFxaSQ3RGrWKfzwypgvRgUHnFRv9am + sjYEI26c9srPUu7Q2bhBI+iO5pbiWvA7JGa0t1Sn3bMjCh/1tjgn8wyIqHQySwee + Mqu1BUufsYvU7aD8tUCqbSvT5g1LgoZovod923rY3P9e/jrOAQox3Ua2aKOGb9XD + C2hZb9H9n+4Nlh7h0m2wvsWWpvYjWo6uvJEfFrXwPzHP9s1A0/EaKEt6n8CkASWF + AgwDC9FRLmchgYQBD/9uUz0LLwg2G5EIV701wxQ0EPu8zVhVB9xl+4GBJ9mNDTT1 + P/4d9PCneah1lsxfw3p9SD5DWFwJm3YIqOr1OsiYqGKbH+GnrqoH+mDHCng+TgLR + 7cd0hCrjnYVBgiu5LlO7a8UgTemIhMkPRNOvzToecOwcJeCgLQkhJQ4bV5Z3cvxp + yI/tHcbmnXx1hmpNhDm5Hzbp9Yztv0YfXdem4jknl4aw+U8sTIq+HV3DUCuM23tT + 8wPKaXrAqq8ksMi20SQ5i7Ee2BIKxw3gNL7uGCg6asIvWtguTurKLRjXEgkcGoFr + 33RA420JoK1d2uDy1ksyfN3qW5ZknXgaoH2A/8DzB6L4k8I9s7MZareK63jEd9pq + uu/VKUoKbDXJd7j3UcS7+4TQlKN6qCpx8MZLcWWnLT8J4UHBeRwv+xO5F/E/N17E + lTJF/I7nkkdarlFM7jNTYTz1+Gc/war+E5L3UmgB1gVDDTn5vLKjM8ub/rdgeBCD + RE+p5KjvcsI8U8wWvhZIrLiZggNY1MANGytvICRWnpGSN2XgBMoTdrNJDTy4TiL7 + SlXH+GF25bx0H0MwV82KrWC7VbbhzcuXnO5ZybJmymlCPYKMPZ7PtuoUAv7ksUXh + UQUAe2Oigm2WFmAIWl8GCRltOKAfoDKmujJnIaOx8y32XM1dyPzk3i9K0uAjT9Je + AUw0GQ0X5FspwHYpHWeGC7FX4CNvM16BZdygt6BZlMvUMw/vm1ojz73mltc9xI0I + NlC8ou//9vW4FYenpYxnu+6KHi+9dAGp0D0vrsNp0by6EEcO3EwzfRCaZVfO7w== + =oNjr -----END PGP MESSAGE----- fp: 4BE7925262289B476DBBC17B76FD3810215AE097 unencrypted_suffix: _unencrypted diff --git a/hosts/nixos/x86_64-linux/summers/secrets/kavita/secrets.yaml b/hosts/nixos/x86_64-linux/summers/secrets/kavita/secrets.yaml index ffc70ab..76f3cfd 100644 --- a/hosts/nixos/x86_64-linux/summers/secrets/kavita/secrets.yaml +++ b/hosts/nixos/x86_64-linux/summers/secrets/kavita/secrets.yaml @@ -2,56 +2,56 @@ wireguard-private-key: ENC[AES256_GCM,data:rZ4bOiYyBa2Pq9TuxNRifoZ9uRSeL1cRA2JK1 kavita-token: ENC[AES256_GCM,data:yKwv9L24Ek4q8KNaTJcW3Xx6d1GCnEZ3LS+GkW2i7C+eE2XgBuG1Ff0L8xcdTPGFVkPPb2bvCP+CKVgnSVd5W+FFek/XQtVcFgWQVDUjG4mBbonQ3VnTKw==,iv:b/UfgHVBviUEMtt4Q6RQSkTVujH+qMIyuiZxD4mwMTc=,tag:rIVUGYOluyXU8fEd/dgQEw==,type:str] sops: age: - - recipient: age1wmx8y2hs83j2u5srdnfxljrzxm8jtxl6fr0mq7xf2ldxyglpzf2qq89rpx + - recipient: age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBMEM4alliWlBCT3VsbVA5 - OGt5bmQvZW1TaUNkbWtFdzVGNDNpY0hBOVhzCm84TldYNHBrU01HMlBkbGNwZFAw - WVk0T3FycVRHUUNtM1pTYkQ4Qmw3RTgKLS0tIE9LUlNEVjJHOGVIK1RSMmRXUDF6 - QlRKY1hRVzNTVXhESUd3OElXL2pBZXcKDWYoOzi2b4qeIbCVCfTj0lTW+OfbnsXB - 8MugCHu7+b+ju0v/lUP66jDW9/2AH4PzHtCNHjsafyzr2qnW8HlOzA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSByVGpSZzBhMElPZDVxQURn + Nkl4ZzU4SjVYRG9rYTBxQVNyQ1g1YVo5eURJCmorQzljcmtHRkwrajZOemR3MFRH + WTVnZkE4SGZ6YVlyd1RXak1TZ1huRk0KLS0tIDFacFBabHZUQlBrTW9SOHJTWG1K + Y29uUjJnYkJHNEl6M3NWMkF1U3N5N2sKKA5+GygCOBaISqK5SRL51q6YfjuXWr0z + bXpOVdppHXYWNb4jdR9yxc8KEf2T+eMHJtZF9/Ub6oRxo/1a5fmvOA== -----END AGE ENCRYPTED FILE----- - - recipient: age1c2enwel9un28dcs4wg0vcyamx9a4a6g3walkhu8w5lqhmd804paq9d24as + - recipient: age1d89878cvt7wsa07ydwtexspku5gppwstrpnpph4ufx5pcd4fadyqgf6lvl enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJRWJXR2tYdEd4cTZsSi9l - Tm1pSC9pek5BakpEMlkwVTcrMlBuVzlXWUVrCmlnV0xJc25nL0twK3VCZ3FRK2x2 - RW52Q1NxWUhTUGY0NnQ0WEhLMWxIcFUKLS0tIG83eVM0KzdLQ004aDRKNTYvdmVZ - d3ZOSStBMFpSU2ZjNWhFRkREQWlUdmcKggVvLy1mLYGf8084RQtlipS4+z4dfPsN - HZfid0srwYnezlQ5qOY8/HrDLWHEyuZ4xFZVi4n0k49qBpNwJdmvyQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJcDFETHJjQkRDYy83WGJR + ZHdvbXorM3ZBSDRkV1pMb2xQSzI0Uys3aVhRCkpJQ2xnUVcyMVRFMHI4OVVqcFEx + clVZR1hrTGFEbVpaRUNleGU1aDFOYlkKLS0tIDhEbFFlUEZjUlpjWUpTd3pQTy9D + cmtZcHpBRTZCRXFqZjFBekdKRlorWmMK5D+TK1M4FXDh7v7wMH/sEmI+nzbMrchp + CPHs/Doxnx5lSXmXcqRC0HedbLJ1GQ1kL7PxRlAAsUg/UPN/OXPW6w== -----END AGE ENCRYPTED FILE----- lastmodified: "2026-01-08T07:59:40Z" mac: ENC[AES256_GCM,data:MpnXoqLkHYbPHvA6ZdfgJ2sPzM/BtmhbzEjymvnUp4zLIojE15pTEvYKXOedr2RKYZk1BCF+ksfyyVgJxy+HFZ28baC3dPXRMAHH7InEkf144N2Kmodv2czohz45gnbBz38d2DBU1/7pbpktc2Iuw1bQZTBbg5xAw5Nkd3pzKJw=,iv:O2vkWIDuzKzStrDLcVnVnWBa8Moy48fPE3YeSlV1scA=,tag:OreHXW+REVZC6sOa0t7idA==,type:str] pgp: - - created_at: "2026-01-02T21:12:51Z" + - created_at: "2026-01-12T22:05:30Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAwDh3VI7VctTARAAmvkQ9V14f0BT/bNdFVZtTlY4yVon37CX32SZPUcHV7o8 - Dya0sZd9tuVATSv79TnybscuNx95fkoZJwujBfAadexn2zY8zl1oEWEHx7p+8/mE - W8JbQAjbcbX9sNQYXc8kYJylBThmgNN/HXK7CGtgDFr9xnGzDBnDm/M31P1HwYBm - IdIQgFGErEt1K3xvw28Lk3tPuZLK3Y+H2Yna7RRF6K1blGJUvEnL6yFdA10/eFW7 - 8066mO26F2l5xFuktK0nNeniLHKa5VVYp8iM+JMhX38l0wiIi8pGyxo3uAjNpa0w - IfpCneEBe/yyaUPcWMjXmUG5LJe3kWUup8cSzvu01Z3W159/QsflxIMkIsklqhim - B2zuPdAlYsjjS/05DIHInN2IIB/rjADkQvXji1XYLhWJj4jxDeck/UIc6Q22TED+ - autlbl8d/5sqyO5ghPpShF/s0vMTqUfpXZrDrbuyDFqCfwi0ahP03bUsv20ZEz6u - zG3K5HuXHh7ATSppwuMbcv7vcjF1tkbo6XhWZDv0rY0DFWqiYhnxWwlFlGLxf4zX - g6r7Ca/E/YXG/eOET6M9DxwHjj0D7u/ryAkCktqPL9w8oNGarZQ/xMx0+ocI3byc - Zvzlmd63BtgaGNSxH3stK29KN3ED8cDkG/JzAxCATWiUBBkqW/ga4sGZqtLlSO+F - AgwDC9FRLmchgYQBD/9JbFZie25PO2CyELlUWm5SmJcugT9SK/mIA2fe1PlA+Gnf - 5z9iXraMSQchz4R1IoiixDhubwKeKp/auqhlOPvo58Lsi6iDR/WaLWabD+hcyAb1 - ck/f/PUzTLhlLcfu18VPfXVzfnky3dX8P5aS0WMLAQblj2RaaiHxnPqf49kXSn3q - VSJ0pr0nEsPuWtoCkHUAwAJ8X5GPXN2OD4YbHsNaA9h2vrJAxNd5+HNsvg8JtI88 - X/uMM7cWcaXcmNZOz166HUIPcJ5cabJ48Sv8sDfMPOcTiJkMiESBnRYTwdUcp08m - nGipSrUeW3pVOC1bGyukZb6sF84pTtCpqS+kOSfKFlxFFdAEcpzFIPuOMeo2dbKj - GSGPDemZFC2yFq883yk9/mZbgjOUsqrj0ZP3rCD5ZHpfUM5IxGQ+mKaOucTXYmif - lrTPMYnAc7pHxKZ87BgiKBYrfRAZvorLYKv8zG8YagAUw8iCtc68YUUdvLW9haQf - rwWCU1z+sszYSac7I57gfqICQhMUbs1n9S2Cn0C0xo4q2Lu36ysip4rEVGg6TmUu - znXYu+3orodw2TwC0tGxXHYKwmlr7EGnBCbdVKpDoCbV6cYkDYoPUFg0alqIPd5r - KCkee9MaCLLX7IdBrbLf1lkHGwSAs81GfZRMLBauM7/hn+hMUeIJnMbtJnVIB9Je - AdT2nSH06+POnjvxa2t0dUasnG/6ISBRSk6FgBBZ+pdVlrvaB4javgWGpiAWCUu6 - b2CMZF3HullmLj+wwAKlsZsIOXGICN5GeQxLHYF8Kx7Doj68Owu/zGM5MS+7XQ== - =wYdb + hQIMAwDh3VI7VctTAQ/+KR1lX2Jc2XsR7qbHnRkvdAOtcV3ETYHj26zTuOt4YG2D + i1azOUcQA2aImfHj9jqB0SN2b2TJZ/JuVB0NqYG2oPtNhHzn/MtWLE8CCQN+dT4P + 3WyYjAeg4/LA9KysfdrIFPNfHGleaHHRpRBmWxSCLDgbdlcf9QLD8bHj2puKwVlv + 85KSMfdqQcfnI2ORfv68AkpO9DTeQhzg6YaJlePaM9ToUD20BfhhkRhCZqIbtpQt + OGr4oO6HyfE2cB0E16U0ICYnVbIyriNGkTM1fqMNVZ5MetmF8FAcxMZmOnEcDk34 + 7nnHuwA/129hsPwAIf7YnzAByPdMvDImAj6w4b+TfrEGqetqjrytGfi6BE97rwjo + CfOd3figRvBIPtwXwj5+WE3QgANVN10leJSLTqvWCX98XyMFS7A1yBuj4k0fhTk9 + z93TP6T9h3GitieiTFjMyz1dFt8WBbHbaOGz99sTsBFDWERSs6wx5OyUttLTM++N + iccyYTn0ETFZyEKaY6ZBCD3VH/FVepXRudM+822vcksy6PP2JcFm63k941jMltJA + t+MPQcX3haZp7UnIcPZ0bX1G7oiEcZNsp7vXVYZ3UBANWojqkfmQ9yE7x6mtC+Vd + 46/c4pH2mOJOETKguj/WkZrKbk4YlRKceUWYe2+ywKxUjGq3Q6nA0u9kfSn90HuF + AgwDC9FRLmchgYQBEACryx5GKRlJLHUlbnxkPoveKdWBdGrBDaNlGDy8qjhe7qPX + SriU7jgCq7ewpjEaxNZERSzhAhb1QC1HcqLwFwcxwNat+KbgkvKZxUixloE5Uk0Y + YUnekcLDjqh03T06dW6xlSyzICTRgd1YCSvT9qa3xTPyWhKFi36+VDrl5XqdDnlA + 4GZhSVXP887xneQYYBMyj4t4pIFpDVJ/6LxakmOr6o8TjfxA+4Wesd7Jy71EdEJS + kduGlGGxFAEXyAokWEuJhuD7L8n220/vHtY4FO5dGpuQZrHR5JQd+DAWXwj2ZMVT + DhXC3lBRJjcWACJ/6YiMoHLdmwuK91D6AmDCwunBlkHSiF1Rga+StnQQY3LOpP38 + GAZqBwqjVVYan0x+Z/yYZ0bGyNX9tJtw39yDOex6+hfZ/ciXnSYIb8FRcvbyKreG + wX/rdk1pOqHYXth4ghvodprFxify0ee7CYuJ73Gt7JelB7w2X3uepq3wc+hyptsc + v4feA/ZtKEKeeqaGuSA+M6fQw5ON2SrOTp6o9LTVBqlN1OR6gOik6Vh5NO88Olwf + 7OlosAIVwaFpA+45i/hftSgPghPKBgzrlclcg0KAxy0hZjbY4iqZZJgIbnEnGo7K + 3X4ml8LfrZuUSy99hNXztXZbBFt38QzxiUaQTzzKEJSbN5EjAsva3c+EoVr54tJe + AVO66ohfsV+GyAMgCbqKzIAOQPPLdgABcEtBoCSpH/fhEBfhffYEOdynKKP3IY64 + FQaEB+IM/7OofP8pSFYvvMz5qMb6zhkLMGgQvnTBm9abO4JoAAGzA37SxGEU3Q== + =BnuJ -----END PGP MESSAGE----- fp: 4BE7925262289B476DBBC17B76FD3810215AE097 unencrypted_suffix: _unencrypted diff --git a/hosts/nixos/x86_64-linux/summers/secrets/koillection/secrets.yaml b/hosts/nixos/x86_64-linux/summers/secrets/koillection/secrets.yaml index 4f4e244..6290dec 100644 --- a/hosts/nixos/x86_64-linux/summers/secrets/koillection/secrets.yaml +++ b/hosts/nixos/x86_64-linux/summers/secrets/koillection/secrets.yaml @@ -3,56 +3,56 @@ koillection-env-file: ENC[AES256_GCM,data:rELcMMdigW1SSCgyTyD4Tugqmv8nZCMnI1Pmwa koillection-db-password: ENC[AES256_GCM,data:GxqSXFrTR1am4vmJtW162v8ekM8=,iv:b4T8Rsy7HOnQt0OnFPuKKSByrWxzYKdIsSQntfbh9Pc=,tag:xZHJPexSvNQb9EgmTyxvEA==,type:str] sops: age: - - recipient: age1wmx8y2hs83j2u5srdnfxljrzxm8jtxl6fr0mq7xf2ldxyglpzf2qq89rpx + - recipient: age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBMEM4alliWlBCT3VsbVA5 - OGt5bmQvZW1TaUNkbWtFdzVGNDNpY0hBOVhzCm84TldYNHBrU01HMlBkbGNwZFAw - WVk0T3FycVRHUUNtM1pTYkQ4Qmw3RTgKLS0tIE9LUlNEVjJHOGVIK1RSMmRXUDF6 - QlRKY1hRVzNTVXhESUd3OElXL2pBZXcKDWYoOzi2b4qeIbCVCfTj0lTW+OfbnsXB - 8MugCHu7+b+ju0v/lUP66jDW9/2AH4PzHtCNHjsafyzr2qnW8HlOzA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvMzl6R0tOQm96RUludWJU + TS9tRlJLNklZMkdPTElYR29IRGxZcE9XNDFnCmMxb1FmWHY2UmMyN0lldXpqUFZj + eVZ3RGdpUUZzNitwTXhCK2VnU0k2c2cKLS0tIFZNeE5vZ1JNdWgzdkRRY05DQU9O + V1BQeHFzZnVCRDFCLytxRmxtRWVrSEEKkzXol9r2TBJITL8mYtTpnFymYIpj7UMJ + RdrIn7k41fi0pzgROxKFg/HgDvquo4eNkI5WsOb+LnX/RZ/p69Of2Q== -----END AGE ENCRYPTED FILE----- - - recipient: age1c2enwel9un28dcs4wg0vcyamx9a4a6g3walkhu8w5lqhmd804paq9d24as + - recipient: age1ayupuxlrkepyvjk7xwgrd0pvcj3tfcha688mcuc8ees2hg3g2ersd0q3nc enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJRWJXR2tYdEd4cTZsSi9l - Tm1pSC9pek5BakpEMlkwVTcrMlBuVzlXWUVrCmlnV0xJc25nL0twK3VCZ3FRK2x2 - RW52Q1NxWUhTUGY0NnQ0WEhLMWxIcFUKLS0tIG83eVM0KzdLQ004aDRKNTYvdmVZ - d3ZOSStBMFpSU2ZjNWhFRkREQWlUdmcKggVvLy1mLYGf8084RQtlipS4+z4dfPsN - HZfid0srwYnezlQ5qOY8/HrDLWHEyuZ4xFZVi4n0k49qBpNwJdmvyQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBCSExMRnhucFE3eno3bDNu + VjJPV1FSTytwVnBUOGo1YzFoRi9HbEx4RlI4CnBhNEpqV0FzNDFpZDVrNVZRbkRj + ZWV2KzEzMjdDbFVBa2JoQitXZkdIb2cKLS0tIDdOZzZtY0ozNS93Y1JkZmQ2SlFJ + cjZiYU1qQUJoVFhGSEN5STVkUGkrMjQKhr4pF+7qjuo1t0wP8K8acJsPu8e+28/9 + E+ejqDL8XDOD0/K5aUWXHQk8lE/+w3mPSAypClZ/2szzeF76XJCTcg== -----END AGE ENCRYPTED FILE----- lastmodified: "2026-01-08T08:02:37Z" mac: ENC[AES256_GCM,data:rjxF+XnvVS7Yo39xXq77aeCMttnMaIOB77o7LrZdTMlcL+doTJFh9uOA0dh7vfP4Q9Aq8JWS7IHP1f4D99+uAKBf0BxCmapPgFnFxomFLqxVXYnF0iC85XGZXdWSFZY78Lo7Ilfn7ahyjcvJI4UUdshQVULbJr8cpJfR+KNM3h0=,iv:XNXXxHLQuncyHp7rPiyRXlYBoqfsv1OSv9Z+ktvFUzg=,tag:SFmFapugipfG7feXsuUYfQ==,type:str] pgp: - - created_at: "2026-01-02T21:12:51Z" + - created_at: "2026-01-12T22:05:31Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAwDh3VI7VctTARAAmvkQ9V14f0BT/bNdFVZtTlY4yVon37CX32SZPUcHV7o8 - Dya0sZd9tuVATSv79TnybscuNx95fkoZJwujBfAadexn2zY8zl1oEWEHx7p+8/mE - W8JbQAjbcbX9sNQYXc8kYJylBThmgNN/HXK7CGtgDFr9xnGzDBnDm/M31P1HwYBm - IdIQgFGErEt1K3xvw28Lk3tPuZLK3Y+H2Yna7RRF6K1blGJUvEnL6yFdA10/eFW7 - 8066mO26F2l5xFuktK0nNeniLHKa5VVYp8iM+JMhX38l0wiIi8pGyxo3uAjNpa0w - IfpCneEBe/yyaUPcWMjXmUG5LJe3kWUup8cSzvu01Z3W159/QsflxIMkIsklqhim - B2zuPdAlYsjjS/05DIHInN2IIB/rjADkQvXji1XYLhWJj4jxDeck/UIc6Q22TED+ - autlbl8d/5sqyO5ghPpShF/s0vMTqUfpXZrDrbuyDFqCfwi0ahP03bUsv20ZEz6u - zG3K5HuXHh7ATSppwuMbcv7vcjF1tkbo6XhWZDv0rY0DFWqiYhnxWwlFlGLxf4zX - g6r7Ca/E/YXG/eOET6M9DxwHjj0D7u/ryAkCktqPL9w8oNGarZQ/xMx0+ocI3byc - Zvzlmd63BtgaGNSxH3stK29KN3ED8cDkG/JzAxCATWiUBBkqW/ga4sGZqtLlSO+F - AgwDC9FRLmchgYQBD/9JbFZie25PO2CyELlUWm5SmJcugT9SK/mIA2fe1PlA+Gnf - 5z9iXraMSQchz4R1IoiixDhubwKeKp/auqhlOPvo58Lsi6iDR/WaLWabD+hcyAb1 - ck/f/PUzTLhlLcfu18VPfXVzfnky3dX8P5aS0WMLAQblj2RaaiHxnPqf49kXSn3q - VSJ0pr0nEsPuWtoCkHUAwAJ8X5GPXN2OD4YbHsNaA9h2vrJAxNd5+HNsvg8JtI88 - X/uMM7cWcaXcmNZOz166HUIPcJ5cabJ48Sv8sDfMPOcTiJkMiESBnRYTwdUcp08m - nGipSrUeW3pVOC1bGyukZb6sF84pTtCpqS+kOSfKFlxFFdAEcpzFIPuOMeo2dbKj - GSGPDemZFC2yFq883yk9/mZbgjOUsqrj0ZP3rCD5ZHpfUM5IxGQ+mKaOucTXYmif - lrTPMYnAc7pHxKZ87BgiKBYrfRAZvorLYKv8zG8YagAUw8iCtc68YUUdvLW9haQf - rwWCU1z+sszYSac7I57gfqICQhMUbs1n9S2Cn0C0xo4q2Lu36ysip4rEVGg6TmUu - znXYu+3orodw2TwC0tGxXHYKwmlr7EGnBCbdVKpDoCbV6cYkDYoPUFg0alqIPd5r - KCkee9MaCLLX7IdBrbLf1lkHGwSAs81GfZRMLBauM7/hn+hMUeIJnMbtJnVIB9Je - AdT2nSH06+POnjvxa2t0dUasnG/6ISBRSk6FgBBZ+pdVlrvaB4javgWGpiAWCUu6 - b2CMZF3HullmLj+wwAKlsZsIOXGICN5GeQxLHYF8Kx7Doj68Owu/zGM5MS+7XQ== - =wYdb + hQIMAwDh3VI7VctTAQ/+K8CydCXNDvfUCwILow8t6CNRmbEJ6ci+3JuAEwhYlfwq + XxUWWzl0asy6wNLs3izTv+puPFYcVWnbhK7+fgFIV4AotjrBRH9Xqh3irPJgoRsc + jA0pcfcdVGMrzsjFChoM4Lz6u8BF9jMobqsGo+yvttJf9v5CFGjVIVo4gLA1ZV9m + 34txfuZ6phOePCcs5ApmDJ2yuVSs+irAu5YkUXQI67RHstSwaRq48oZbTDnPP0bl + 2ZJM5GXdY3rXLLRHFj/skunwee6V9UPJe+hwiGY3j0oVZ4aQqHaQ8r5/6mD6Ba9N + bLLZsIHxl5gflQhnsejEUvwOzdivPc0X74Glam7QveeIyAhKxGXaBJ5UE3YV1GfY + FRlCLOwdC49DRMjZiF799BUxtvTLCwZVA77Lpg3E6egJb3hlVcdqx/GpRC8yZqG5 + WAPe+wYg8kxVAHWNtyWHhnQDYW4L/vQCzoAPDKUKQO8rh9LivcqensXy0O+Lb0nu + P1Lm8RGaZF/87FuzQrQbrO84TVgV6X1ZK26qTbZiBE2WXNtN+OTI2wSpQSn40rg2 + ifP865LtmE6yRvQAPcVwCa0/DK+GfJtVBXAOMZPYST/Di51Wdd+ze5TS0jIerZW7 + exl3cvGgxjNEKG+LZXfLB4k6pe969aZIaq7JhHVZ9vZCmgYLXVemSBUiZWx1nQmF + AgwDC9FRLmchgYQBEACHWLAdrmXaT7fcDjv5Oq7wwHLhK8L8cJOBX+EQ+nPtsYld + kZoKNJiQv0B50I00iJO5L5vuvgmlGSrrn5knTX8uswM/nMa+f0KeVGFJhRDt4+dt + U/HulFPtT58nWkaCiawWz7jXoBe6zcDN1TlmJI7fPHW+DoPi+V14IT/WIsgQ4PUD + cTbkvvMeMnYdV89RTQwponM6VTN0NFTdWofXIwQ+xyo5jsXTyYDO8HgmG477iZ7W + vKLaEuRk1iuHfYss4ThgFJYIafPa2C9GLIEryKLrQiYEWVJHPn697iqkBT7jegeO + OJ7fOfztlXpXL0ZMOvhaNWSdrQWVqtl6XdXYEGCF0SgQ+GGEF3ISQLEkq2dK4MMT + oFXNUSLl05Vb9+LIsLpZGIp2lO/pHaB4YVsT//+giwlOcqMOLsJfhhiySwA8qALY + +xliizf7u4CxY4eOZ4+nu2A9nEvsuK41j94RuLgwIxn4SXy1rOtEvXF1HpiNleV/ + U5115er5QSF76sFni4kVp7NHpGOViJnbTUlO3dferojCZ5NVEQd6Pi3mJBH8JqmV + 538hLqQCGardPtg14r1cvmJ3Fx1gEXM4+oeKlvhCioyrCT357jOo5/ceRW927zv4 + 5bQulS14zMRut8N0KtSuCEGAHrs69yv2Vvni++W9rX6S8WCUoRYIwu2348MYyNJe + AT8xotEr5YRoucZ257heJhG2V+N6pVz6zxMekW+6WKC0fRwPRq5k9MLGVINhVxTH + DODXFCVpDkT9zSXScajDOExDgKnV7Z9Rzjhom1ktVIqEXH5ylLo3D5W4YzzEpQ== + =hmtA -----END PGP MESSAGE----- fp: 4BE7925262289B476DBBC17B76FD3810215AE097 unencrypted_suffix: _unencrypted diff --git a/hosts/nixos/x86_64-linux/summers/secrets/matrix/secrets.yaml b/hosts/nixos/x86_64-linux/summers/secrets/matrix/secrets.yaml index 4bd4392..b6a701f 100644 --- a/hosts/nixos/x86_64-linux/summers/secrets/matrix/secrets.yaml +++ b/hosts/nixos/x86_64-linux/summers/secrets/matrix/secrets.yaml @@ -6,56 +6,56 @@ mautrix-telegram-api-id: ENC[AES256_GCM,data:qAYbVdgeUw==,iv:D5AjnZdDQyDMGQe7FSV mautrix-telegram-api-hash: ENC[AES256_GCM,data:bwfQP/EuyS+iWGlx6IoC7VrJPYbYtsU5cmtnCn+L8z4=,iv:lardLJjfWVvQqXcPm4b4b6iS+U8De+P61GnyfqjkKDk=,tag:YbsSPAqeSqIWsUoxdjbyGQ==,type:str] sops: age: - - recipient: age1wmx8y2hs83j2u5srdnfxljrzxm8jtxl6fr0mq7xf2ldxyglpzf2qq89rpx + - recipient: age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBMEM4alliWlBCT3VsbVA5 - OGt5bmQvZW1TaUNkbWtFdzVGNDNpY0hBOVhzCm84TldYNHBrU01HMlBkbGNwZFAw - WVk0T3FycVRHUUNtM1pTYkQ4Qmw3RTgKLS0tIE9LUlNEVjJHOGVIK1RSMmRXUDF6 - QlRKY1hRVzNTVXhESUd3OElXL2pBZXcKDWYoOzi2b4qeIbCVCfTj0lTW+OfbnsXB - 8MugCHu7+b+ju0v/lUP66jDW9/2AH4PzHtCNHjsafyzr2qnW8HlOzA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwaXMxY1hDa295WGNnd01t + czVWUFhKdjdWMzdTbnVBOWV2WFpDYktSVWtZCk9xYndvOWZZOExCV0dqQi9QWVB0 + ZDh1ZXpXVXMyN3llNVFuYW9XRyt2RFkKLS0tIFRDYnRiUE9kNG00Ri9oV3VMS2hr + Q0xDNzZRSHp3enJ5VFdEdkFZN0Zrd00Km6r0HfLe7PjRzFli8+J//R9IGQOb91A2 + rlvETneqiIqngJKAHEFglfMTpkg7pmaYkOxm2/GWpq34ozond74Rmw== -----END AGE ENCRYPTED FILE----- - - recipient: age1c2enwel9un28dcs4wg0vcyamx9a4a6g3walkhu8w5lqhmd804paq9d24as + - recipient: age1cq7wxnugpfvjk6dgqpfmc8vemzhkg75drkgeaqjd9fuylz5qh40slazr4u enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJRWJXR2tYdEd4cTZsSi9l - Tm1pSC9pek5BakpEMlkwVTcrMlBuVzlXWUVrCmlnV0xJc25nL0twK3VCZ3FRK2x2 - RW52Q1NxWUhTUGY0NnQ0WEhLMWxIcFUKLS0tIG83eVM0KzdLQ004aDRKNTYvdmVZ - d3ZOSStBMFpSU2ZjNWhFRkREQWlUdmcKggVvLy1mLYGf8084RQtlipS4+z4dfPsN - HZfid0srwYnezlQ5qOY8/HrDLWHEyuZ4xFZVi4n0k49qBpNwJdmvyQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQbnBWMk9FL2ZlcGZjMWR2 + Y1BkU3VpRS9jQWxsZUhOanNjZG9Gdjd3R1ZFCk9oK28xU0NVTXBCdml5SWw2ZDY2 + ZmlnZCtRbHdTelVEZjRJZ083M3pSVWcKLS0tIDdNYi9wYkh1OUt6MTRwOGdWOXJC + TWhPeDR0aFl3SnRQbDFsZHJyTFE1ZWMKRi8PfCZK00OKkA72WTjTXa1h73AOnziO + 2aHR7PRVsmiMpK8E5+uUqcX+k2yTIPmDwL8fH8yCdICWBM0hTPKsSg== -----END AGE ENCRYPTED FILE----- lastmodified: "2026-01-08T07:59:58Z" mac: ENC[AES256_GCM,data:ZT6hdEn/UkUqa2SMgbN6rUj1Aq+x4kvmf8wyWdgnPiCM4+EzY6N9AP0QcaVTssPH6hO5jj37jPCY8W6FCJQFOkxU0VsF/mYUq0k36xuPMyS4ztZ8zTVSW+0oV6YHZFzE/epbhcIiXIHaoFSyIoVtlMawl/LeBZ92R8MU8kUn5MU=,iv:nDA22BM9tpFAMflconxFsf6mj07W/+tcS3nJHhzqpS8=,tag:jYEm3IpmlwIEGpQZYJ0mJQ==,type:str] pgp: - - created_at: "2026-01-02T21:12:51Z" + - created_at: "2026-01-12T22:05:33Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAwDh3VI7VctTARAAmvkQ9V14f0BT/bNdFVZtTlY4yVon37CX32SZPUcHV7o8 - Dya0sZd9tuVATSv79TnybscuNx95fkoZJwujBfAadexn2zY8zl1oEWEHx7p+8/mE - W8JbQAjbcbX9sNQYXc8kYJylBThmgNN/HXK7CGtgDFr9xnGzDBnDm/M31P1HwYBm - IdIQgFGErEt1K3xvw28Lk3tPuZLK3Y+H2Yna7RRF6K1blGJUvEnL6yFdA10/eFW7 - 8066mO26F2l5xFuktK0nNeniLHKa5VVYp8iM+JMhX38l0wiIi8pGyxo3uAjNpa0w - IfpCneEBe/yyaUPcWMjXmUG5LJe3kWUup8cSzvu01Z3W159/QsflxIMkIsklqhim - B2zuPdAlYsjjS/05DIHInN2IIB/rjADkQvXji1XYLhWJj4jxDeck/UIc6Q22TED+ - autlbl8d/5sqyO5ghPpShF/s0vMTqUfpXZrDrbuyDFqCfwi0ahP03bUsv20ZEz6u - zG3K5HuXHh7ATSppwuMbcv7vcjF1tkbo6XhWZDv0rY0DFWqiYhnxWwlFlGLxf4zX - g6r7Ca/E/YXG/eOET6M9DxwHjj0D7u/ryAkCktqPL9w8oNGarZQ/xMx0+ocI3byc - Zvzlmd63BtgaGNSxH3stK29KN3ED8cDkG/JzAxCATWiUBBkqW/ga4sGZqtLlSO+F - AgwDC9FRLmchgYQBD/9JbFZie25PO2CyELlUWm5SmJcugT9SK/mIA2fe1PlA+Gnf - 5z9iXraMSQchz4R1IoiixDhubwKeKp/auqhlOPvo58Lsi6iDR/WaLWabD+hcyAb1 - ck/f/PUzTLhlLcfu18VPfXVzfnky3dX8P5aS0WMLAQblj2RaaiHxnPqf49kXSn3q - VSJ0pr0nEsPuWtoCkHUAwAJ8X5GPXN2OD4YbHsNaA9h2vrJAxNd5+HNsvg8JtI88 - X/uMM7cWcaXcmNZOz166HUIPcJ5cabJ48Sv8sDfMPOcTiJkMiESBnRYTwdUcp08m - nGipSrUeW3pVOC1bGyukZb6sF84pTtCpqS+kOSfKFlxFFdAEcpzFIPuOMeo2dbKj - GSGPDemZFC2yFq883yk9/mZbgjOUsqrj0ZP3rCD5ZHpfUM5IxGQ+mKaOucTXYmif - lrTPMYnAc7pHxKZ87BgiKBYrfRAZvorLYKv8zG8YagAUw8iCtc68YUUdvLW9haQf - rwWCU1z+sszYSac7I57gfqICQhMUbs1n9S2Cn0C0xo4q2Lu36ysip4rEVGg6TmUu - znXYu+3orodw2TwC0tGxXHYKwmlr7EGnBCbdVKpDoCbV6cYkDYoPUFg0alqIPd5r - KCkee9MaCLLX7IdBrbLf1lkHGwSAs81GfZRMLBauM7/hn+hMUeIJnMbtJnVIB9Je - AdT2nSH06+POnjvxa2t0dUasnG/6ISBRSk6FgBBZ+pdVlrvaB4javgWGpiAWCUu6 - b2CMZF3HullmLj+wwAKlsZsIOXGICN5GeQxLHYF8Kx7Doj68Owu/zGM5MS+7XQ== - =wYdb + hQIMAwDh3VI7VctTAQ//YzRg5yUkAGFzdYKhCL1JFnw8Zbz8CGI+FY5n3Kdk+WDN + Bu19M9fRZudImVj60GZpuS+08R6WMkayanmv70sGbVc4xYaHqwyAY6czCardkP2/ + KviTAQMQYNJlw843uwAn3R1e6JDA2490ZSTDoi/qubKBkL/6LXxl5o9psGq/nFIO + eR7i2sOzr1SF3j34U6hCqbFxKVDETQ36COaNzr5AlrF+Byyn9y5i81h9hVsDfay2 + PRGiuWWroVi99A38f6QWqgsf5vm/IcWaSjnQwarQajJAtmspKxPyohohWWmU0zuW + AYVwHKcwsLYbQIp68siRSnpEkzy8Mwp8Zj/K47mqXTdN2WiiCu0ybK5nMtU7VqV9 + CTSmpl7HFlC+tpQ+mSI/gcG9F/BvoQb3nhv9gSyRCJJ7kOy0jzXxKgfYy2X4VLWu + MVtPvJFeh84Ni7dWTzby2EErMlbEdNoP3dcFse1FJgrvaZdCxJgZ+tunoOaEPLC1 + ATDT7wrXt3h1m0mEaMo4PTmK5hkzvm3UdXW4mr3UUtVbf9rqedCmigjbBr1SEG4o + wjLoQaZtKK7FOcAADaXa9Qgk9WV8PyqQO1+AkV8GTt6YlyUDV2kab2pjqjUIB7t7 + VFbOWIwJVL/OiAhwIGu2UqQiekP5gB5TE39X9jzE1FHhbw61Deb6OK2TMhsmRuWF + AgwDC9FRLmchgYQBD/0SsgaBElWGqYpGJfr/dKSOb+5BivLlwT8V37GWcjjNY/RN + k7/5GpnlZdrQ+1cXLNdAMNghjlV+dXpqWxuu7DBav9alnyVnfgID1UtRSEyeAMFe + I4n5fNR2TQ45fDu/3Mj1HWruoypDyLCGIenpQ2jZrWIqm574qZ5VFWZQlWP2+m07 + lSnTSvIp+KjGq1EJ/ut+UuGupqwkYihgewrtisJ8BnDEIUMAHD81OLc11ZcPTaXQ + K88MrcJrqEEJpMG5kj+tMKUhpmkpCkjG2WJyOZtQh3FuTQDl68uCh1YcMUmVijig + PI/WdsA3A85Q6lwLgc6YTIr5AUi56PqJiWLgeYxPvWWSE1AnFrrnDYfHRPZdKexQ + VAWSPlQFcEt7LS6LK+hJAjKteMJNFviFnlCYam3eWTcIw/sSle03JmGf+2xhZJRp + ZwN63sCNLTd3JJlSmIhTW8LbypaNIXfDh1x80FHoIRh5xZXfdJxz59gS4yJGdS43 + NT1QRhg/AQrOX9oOKdOHF8L7tiDk740CU6DMvlwdv1hc045LcTBCXT8O+mIyl4KM + Mkgcnx8lpoIyEyvGAcBSAzZLE52ub3d8VNAK5ABhgLkaTTGWqiWwNKSU5GVEKB7O + OP5hWZn24cx6mAWk/5aUHvcM0cUktlpnzFkuG1m7XQbHxnYU8yi7w1YwGjKXB9Je + Acy13H85upSvPs1vyvIHf3WUVut00wdsUB0IrPaPLPYh0a+3rU+5B+JZ7hlBWRfm + ZyQY6VCrh/mP0w3YBfb+Og9jdaYFkDXEGB65kw/sw0pz/6WrGV+sX2mFXDPa+w== + =T86X -----END PGP MESSAGE----- fp: 4BE7925262289B476DBBC17B76FD3810215AE097 unencrypted_suffix: _unencrypted diff --git a/hosts/nixos/x86_64-linux/summers/secrets/monitoring/secrets.yaml b/hosts/nixos/x86_64-linux/summers/secrets/monitoring/secrets.yaml index 3030b81..6ab9580 100644 --- a/hosts/nixos/x86_64-linux/summers/secrets/monitoring/secrets.yaml +++ b/hosts/nixos/x86_64-linux/summers/secrets/monitoring/secrets.yaml @@ -5,56 +5,56 @@ kanidm-grafana-client: ENC[AES256_GCM,data:ppEqUFZC59A1Fv55l6VroWPzUiKtMO+5XQ==, prometheus-admin-hash: ENC[AES256_GCM,data:6qIEAwDQQdMeiJ8oQsnRxvMV/x+p/rgHfViLMgGh9Lg5FoarzAoZjxNeyE63X87UzsjXY3+7/9khJ9PD,iv:O0VsqAUyiQ3YwLHSx2Pje3trlinz4CjxZ+h4lPPPRN4=,tag:fo2U43uEtfB8LWjP3zpkDA==,type:str] sops: age: - - recipient: age1wmx8y2hs83j2u5srdnfxljrzxm8jtxl6fr0mq7xf2ldxyglpzf2qq89rpx + - recipient: age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBMEM4alliWlBCT3VsbVA5 - OGt5bmQvZW1TaUNkbWtFdzVGNDNpY0hBOVhzCm84TldYNHBrU01HMlBkbGNwZFAw - WVk0T3FycVRHUUNtM1pTYkQ4Qmw3RTgKLS0tIE9LUlNEVjJHOGVIK1RSMmRXUDF6 - QlRKY1hRVzNTVXhESUd3OElXL2pBZXcKDWYoOzi2b4qeIbCVCfTj0lTW+OfbnsXB - 8MugCHu7+b+ju0v/lUP66jDW9/2AH4PzHtCNHjsafyzr2qnW8HlOzA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSMm5NVnFKdjVDc1Z5WkI1 + bVBuU0sydTNHSEc0anVoSmwrbUI1TDV6RlYwCmhDTm53clJlOEZsVG8rWEZyTnlo + em9DdHUzUklZQmNlK3N6bzNuOVhkRVUKLS0tIG83QjJIZGFIakdTZ0tJYThDQU9j + a2theDZ6UUo0L1Evcy9FcmxnelZHNzQK6w6FdZ6kGFo3TE2UsJULOFds1/xT6/Ce + KB6H5rEXcU4fLreuLJA/tjQkq2CRPq58ACs25Y2GuA+tv0dBa5ud8A== -----END AGE ENCRYPTED FILE----- - - recipient: age1c2enwel9un28dcs4wg0vcyamx9a4a6g3walkhu8w5lqhmd804paq9d24as + - recipient: age1vn6ya0japzpgc256jg57fldsqe4udmq50sj5hmkywn7rxfnskevsx2q96u enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJRWJXR2tYdEd4cTZsSi9l - Tm1pSC9pek5BakpEMlkwVTcrMlBuVzlXWUVrCmlnV0xJc25nL0twK3VCZ3FRK2x2 - RW52Q1NxWUhTUGY0NnQ0WEhLMWxIcFUKLS0tIG83eVM0KzdLQ004aDRKNTYvdmVZ - d3ZOSStBMFpSU2ZjNWhFRkREQWlUdmcKggVvLy1mLYGf8084RQtlipS4+z4dfPsN - HZfid0srwYnezlQ5qOY8/HrDLWHEyuZ4xFZVi4n0k49qBpNwJdmvyQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5SHJxYks4M3BZWWxsbURH + OVViZ1lLZDZGTXZ1ajNvN2hTVlRqZ0JGVFRRCmtYUW9zd2NGcHhvSzY2VExCMXVs + SjVjU0dsQ3loaFRTdnpQTXJtYVZHczQKLS0tIE5lRTlvUi9CM1IrUmJqWXkxV1JL + U1R6WEpIOEdMc1JJaXlIWGE3bk52eWMKV55X1Ub6xclaNVAGotUMHodOZxeCpjnr + dH2egZc78PacamhvBiTKpxZLscfqss7zhGSqLbFRjPNDpPGkUazAmw== -----END AGE ENCRYPTED FILE----- lastmodified: "2026-01-08T08:03:30Z" mac: ENC[AES256_GCM,data:k/1raTPyx+paIzNg6vIuOh2GwAwyBuejMe8QTjRcmOU3Cb6rLovI4kElP8mmC5lNPZtK/z16UKONw9Wj4PJyXpeFr06wUpN64P7qHZ104lJWnixR6kisZ7Vv4AUGAUaRCVC/IebA8If0/Sm6/Vtz+QqoJXNY6vZRg/e4POavwOc=,iv:X40QnY6vzU7E5QmJGM7pHnPreLqUoD6shuqMnE0C1bA=,tag:QqTdb0hUjtWF5bBIiS1PLA==,type:str] pgp: - - created_at: "2026-01-02T21:12:51Z" + - created_at: "2026-01-12T22:05:34Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAwDh3VI7VctTARAAmvkQ9V14f0BT/bNdFVZtTlY4yVon37CX32SZPUcHV7o8 - Dya0sZd9tuVATSv79TnybscuNx95fkoZJwujBfAadexn2zY8zl1oEWEHx7p+8/mE - W8JbQAjbcbX9sNQYXc8kYJylBThmgNN/HXK7CGtgDFr9xnGzDBnDm/M31P1HwYBm - IdIQgFGErEt1K3xvw28Lk3tPuZLK3Y+H2Yna7RRF6K1blGJUvEnL6yFdA10/eFW7 - 8066mO26F2l5xFuktK0nNeniLHKa5VVYp8iM+JMhX38l0wiIi8pGyxo3uAjNpa0w - IfpCneEBe/yyaUPcWMjXmUG5LJe3kWUup8cSzvu01Z3W159/QsflxIMkIsklqhim - B2zuPdAlYsjjS/05DIHInN2IIB/rjADkQvXji1XYLhWJj4jxDeck/UIc6Q22TED+ - autlbl8d/5sqyO5ghPpShF/s0vMTqUfpXZrDrbuyDFqCfwi0ahP03bUsv20ZEz6u - zG3K5HuXHh7ATSppwuMbcv7vcjF1tkbo6XhWZDv0rY0DFWqiYhnxWwlFlGLxf4zX - g6r7Ca/E/YXG/eOET6M9DxwHjj0D7u/ryAkCktqPL9w8oNGarZQ/xMx0+ocI3byc - Zvzlmd63BtgaGNSxH3stK29KN3ED8cDkG/JzAxCATWiUBBkqW/ga4sGZqtLlSO+F - AgwDC9FRLmchgYQBD/9JbFZie25PO2CyELlUWm5SmJcugT9SK/mIA2fe1PlA+Gnf - 5z9iXraMSQchz4R1IoiixDhubwKeKp/auqhlOPvo58Lsi6iDR/WaLWabD+hcyAb1 - ck/f/PUzTLhlLcfu18VPfXVzfnky3dX8P5aS0WMLAQblj2RaaiHxnPqf49kXSn3q - VSJ0pr0nEsPuWtoCkHUAwAJ8X5GPXN2OD4YbHsNaA9h2vrJAxNd5+HNsvg8JtI88 - X/uMM7cWcaXcmNZOz166HUIPcJ5cabJ48Sv8sDfMPOcTiJkMiESBnRYTwdUcp08m - nGipSrUeW3pVOC1bGyukZb6sF84pTtCpqS+kOSfKFlxFFdAEcpzFIPuOMeo2dbKj - GSGPDemZFC2yFq883yk9/mZbgjOUsqrj0ZP3rCD5ZHpfUM5IxGQ+mKaOucTXYmif - lrTPMYnAc7pHxKZ87BgiKBYrfRAZvorLYKv8zG8YagAUw8iCtc68YUUdvLW9haQf - rwWCU1z+sszYSac7I57gfqICQhMUbs1n9S2Cn0C0xo4q2Lu36ysip4rEVGg6TmUu - znXYu+3orodw2TwC0tGxXHYKwmlr7EGnBCbdVKpDoCbV6cYkDYoPUFg0alqIPd5r - KCkee9MaCLLX7IdBrbLf1lkHGwSAs81GfZRMLBauM7/hn+hMUeIJnMbtJnVIB9Je - AdT2nSH06+POnjvxa2t0dUasnG/6ISBRSk6FgBBZ+pdVlrvaB4javgWGpiAWCUu6 - b2CMZF3HullmLj+wwAKlsZsIOXGICN5GeQxLHYF8Kx7Doj68Owu/zGM5MS+7XQ== - =wYdb + hQIMAwDh3VI7VctTAQ//aFEsFOzREYPu1el49vp3ZBNP8fme7XcxiR9CSs+qfZqy + loMQyyv4rPGHlXBzEWL0Bas+56fqv+uSeW94h7fyR2dLzjtnkIe4DR7tDrGsODjB + mqQ/mUgPr3eUi4a3p/q2heRsxR5fYMZqjjK606NYh3zxGDFoIHKdI82xL/PcS0OD + mmDl++GbVN+qR+mcBVlPPL+H87klO+HZsLRiEnur07RDB1qLLVkTi+0YWeSzvneX + +MghbNOZ9WzAJ8DbDBjznIU6DnzxqNpiI9+acBVyZJgu2QmPG2VcoujlCkoP21F8 + 8mMiduh5hzK/XvNkYVAb0wj1Es6CjLWUR5zxNo7jZdd7wOBR2fchm+VTsY3xxdmR + +tnT14UneAxr87jVzSElhwAD/sNTTXZfdyEbWv9qp86mrz4MpH729vNFL6mPSo7Y + rpSZUHV8ic/Oz3t5E/qWu0TVVlzI8cra9XfvqzS5MCaWDHdT/+UKviYNzvYC0HDP + yIDQ1QMGcyO2mW4nOQFbf7+rrjSqUGufDs3rBhwv4ExNa+jZvGposFv09mClr26T + hZKudJQMBW7CHE1FZg+1fEqdfxu6M/0yckgNbs5p5/sgdxvI9E+q1IeidvtYSK0U + VaiAqavbL11BCcBgrND+7qN352aaA2VXtATqJwgrF5LhDkq28Gn4zNEj2/Sdj7mF + AgwDC9FRLmchgYQBD/9VlDer7Fl+R8WsF/BbAd9lHic4KIrxBS/jnHTIwL9q/d+7 + HM6C72HRggdFKkS6+lF0y8dMjYrKzV9VUzi/tSnbc2kIACk27hH0VMdrBUESDqag + ZI90TmvuaphzdHeyD5VFs5cZ6Oa1jE6TQbXYQ2ejmL2XS6Botjz1yG3me4b6pwDN + gK7bQ1pJyLoXJ+5cOWgYB0o5apFNFkeetBjT6YlSpz9FOojDmQYYfQw5juK/K1Db + vsiYaJDPbPz8Q5HXnVqP83PPMLoB5WzYW4sTrIsdY6Rr6gWSGqejoUKQo1WnqfkW + 5gkKgf11M2tzPJZ/Bm34TGcaml5oLSlVt8lK6g/CAOneTKExWIuYDYP705WHkA/5 + kzWPsWRS2f4oQbeVF+IgpOIs3gK+8kkMZz6UUuknoEKLnwhOCjuZwQvhaYgDb7UU + 64f1xceJycwxWPgttmL7ffhMGjMZc8NyHqxTbHacmHwHa3Ja3Q17eI9JMD0Qd2j3 + Yti/1oNOQcWh98aIaMiusnXeoFPZHxiLmNkrqZSH5g9/KLTkdX8RcNQShFBjRTWb + PUriECYANObFBVXt+6wHac4ULRAFDy9DoZ/skIP27EPdcbVPa2J0bSYmcIfo6O3M + tu4MzeRtOJEsVo+7KqEX8fMXpqsmSFiIZw3KPVQWYnAypmxh9Esqxt+REsw1ttJe + AR2F562k73ZXJs5sBAsTqY7Mqdj98I38yX9toOYfEMZeOYhCBK4MYhHefl1bmhyS + 4CTs7B04XKJBnxcZqwtWqAr0YFW89i1ej91W9sVLrwdvdAt0AXHhhIl3yZbs4w== + =gJhU -----END PGP MESSAGE----- fp: 4BE7925262289B476DBBC17B76FD3810215AE097 unencrypted_suffix: _unencrypted diff --git a/hosts/nixos/x86_64-linux/summers/secrets/nextcloud/secrets.yaml b/hosts/nixos/x86_64-linux/summers/secrets/nextcloud/secrets.yaml index f3d8a99..c6413ed 100644 --- a/hosts/nixos/x86_64-linux/summers/secrets/nextcloud/secrets.yaml +++ b/hosts/nixos/x86_64-linux/summers/secrets/nextcloud/secrets.yaml @@ -3,56 +3,56 @@ nextcloud-admin-pw: ENC[AES256_GCM,data:paK35a5bPIHioXMzGPZ9XU6t,iv:VkSLO1VhIbDT kanidm-nextcloud-client: ENC[AES256_GCM,data:QOl4sP/+N3GIxrQMyD2TmyveZo4Wm88u7A==,iv:S409ur/y9j8HYLEbuVhUbSPO0JwD1zQST+J5035Cd2E=,tag:VgQs30NNosDdxwEL1iAvbg==,type:str] sops: age: - - recipient: age1wmx8y2hs83j2u5srdnfxljrzxm8jtxl6fr0mq7xf2ldxyglpzf2qq89rpx + - recipient: age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBMEM4alliWlBCT3VsbVA5 - OGt5bmQvZW1TaUNkbWtFdzVGNDNpY0hBOVhzCm84TldYNHBrU01HMlBkbGNwZFAw - WVk0T3FycVRHUUNtM1pTYkQ4Qmw3RTgKLS0tIE9LUlNEVjJHOGVIK1RSMmRXUDF6 - QlRKY1hRVzNTVXhESUd3OElXL2pBZXcKDWYoOzi2b4qeIbCVCfTj0lTW+OfbnsXB - 8MugCHu7+b+ju0v/lUP66jDW9/2AH4PzHtCNHjsafyzr2qnW8HlOzA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3R2F5WER0c3EvcDZQNlIx + RlFKTkdlVUoxekp2VlZMNFZnU1BFU1hBY21NCkdLQVljZ1FCaWdvNUEvVXZ4ZGo3 + aUtSSUJlbjBRbklLcVBCTFRkV0U1VVkKLS0tIEh1eDI2T3lNTHZnVFZjc0pWcHdT + Q3JPcmxnNWRLN3FTNUFxMGg5cUhnUXcKpv+VwF01Vh7wJes+cU71HV7lVh+ATd2i + +mbwlNTYORdpVa5+LX3gm4Q1O8AovMIB3k2/JUXurWdOQ1RCOr6bWQ== -----END AGE ENCRYPTED FILE----- - - recipient: age1c2enwel9un28dcs4wg0vcyamx9a4a6g3walkhu8w5lqhmd804paq9d24as + - recipient: age1t7zagjfddns4yltupk7nx8xps4gh7mupyz85uuys0wd22cxj5qsq2hw0p7 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJRWJXR2tYdEd4cTZsSi9l - Tm1pSC9pek5BakpEMlkwVTcrMlBuVzlXWUVrCmlnV0xJc25nL0twK3VCZ3FRK2x2 - RW52Q1NxWUhTUGY0NnQ0WEhLMWxIcFUKLS0tIG83eVM0KzdLQ004aDRKNTYvdmVZ - d3ZOSStBMFpSU2ZjNWhFRkREQWlUdmcKggVvLy1mLYGf8084RQtlipS4+z4dfPsN - HZfid0srwYnezlQ5qOY8/HrDLWHEyuZ4xFZVi4n0k49qBpNwJdmvyQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBLMkZ6dW9sMHp2SW14Y3V1 + VXdPUUNJOTNQVlFUc01tb0hMYWlWZUtvaVdnCkVEVWtUL3lDMEdjdmtXMk5ObEh6 + SWQzRkppczdtTnFUT1d3R0lEcnE1VWsKLS0tIFNEamwzd1dQcDNVbXVxSkQ1dEZi + cnNFSk85YmVEQ2RGaFlZTER3a1l0eW8Kel7WlG6U58FDxWXA7mYxMPTCXs06sLaX + fX/sHr2SJpnRLfsIAl4vkxLY2UCdwDkPM5NNtrQdFIu2oVkj4xYkrQ== -----END AGE ENCRYPTED FILE----- lastmodified: "2026-01-08T08:01:15Z" mac: ENC[AES256_GCM,data:UdaDVFUew2OaFnmdD+sULrrXQlvhASqomUt6kUxCoyXydotNL//X8tc6U9iUOhrXLKXsLB1fWKpiIQGGTtkK02p9F/IjWtakeSN8AiSCw60vVBueIdG4dDFXpOvLf4JVkLG2FkRqcLxLqyWLGzgXSFEIaaCTK/tRLWLXlCxitZo=,iv:1VgXeCIlQx89J4dW7Mldae47yvmej3Wu1NRnKK31oPE=,tag:GKfotJ6uoq+Jhf5uh2L6OQ==,type:str] pgp: - - created_at: "2026-01-02T21:12:51Z" + - created_at: "2026-01-12T22:05:35Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAwDh3VI7VctTARAAmvkQ9V14f0BT/bNdFVZtTlY4yVon37CX32SZPUcHV7o8 - Dya0sZd9tuVATSv79TnybscuNx95fkoZJwujBfAadexn2zY8zl1oEWEHx7p+8/mE - W8JbQAjbcbX9sNQYXc8kYJylBThmgNN/HXK7CGtgDFr9xnGzDBnDm/M31P1HwYBm - IdIQgFGErEt1K3xvw28Lk3tPuZLK3Y+H2Yna7RRF6K1blGJUvEnL6yFdA10/eFW7 - 8066mO26F2l5xFuktK0nNeniLHKa5VVYp8iM+JMhX38l0wiIi8pGyxo3uAjNpa0w - IfpCneEBe/yyaUPcWMjXmUG5LJe3kWUup8cSzvu01Z3W159/QsflxIMkIsklqhim - B2zuPdAlYsjjS/05DIHInN2IIB/rjADkQvXji1XYLhWJj4jxDeck/UIc6Q22TED+ - autlbl8d/5sqyO5ghPpShF/s0vMTqUfpXZrDrbuyDFqCfwi0ahP03bUsv20ZEz6u - zG3K5HuXHh7ATSppwuMbcv7vcjF1tkbo6XhWZDv0rY0DFWqiYhnxWwlFlGLxf4zX - g6r7Ca/E/YXG/eOET6M9DxwHjj0D7u/ryAkCktqPL9w8oNGarZQ/xMx0+ocI3byc - Zvzlmd63BtgaGNSxH3stK29KN3ED8cDkG/JzAxCATWiUBBkqW/ga4sGZqtLlSO+F - AgwDC9FRLmchgYQBD/9JbFZie25PO2CyELlUWm5SmJcugT9SK/mIA2fe1PlA+Gnf - 5z9iXraMSQchz4R1IoiixDhubwKeKp/auqhlOPvo58Lsi6iDR/WaLWabD+hcyAb1 - ck/f/PUzTLhlLcfu18VPfXVzfnky3dX8P5aS0WMLAQblj2RaaiHxnPqf49kXSn3q - VSJ0pr0nEsPuWtoCkHUAwAJ8X5GPXN2OD4YbHsNaA9h2vrJAxNd5+HNsvg8JtI88 - X/uMM7cWcaXcmNZOz166HUIPcJ5cabJ48Sv8sDfMPOcTiJkMiESBnRYTwdUcp08m - nGipSrUeW3pVOC1bGyukZb6sF84pTtCpqS+kOSfKFlxFFdAEcpzFIPuOMeo2dbKj - GSGPDemZFC2yFq883yk9/mZbgjOUsqrj0ZP3rCD5ZHpfUM5IxGQ+mKaOucTXYmif - lrTPMYnAc7pHxKZ87BgiKBYrfRAZvorLYKv8zG8YagAUw8iCtc68YUUdvLW9haQf - rwWCU1z+sszYSac7I57gfqICQhMUbs1n9S2Cn0C0xo4q2Lu36ysip4rEVGg6TmUu - znXYu+3orodw2TwC0tGxXHYKwmlr7EGnBCbdVKpDoCbV6cYkDYoPUFg0alqIPd5r - KCkee9MaCLLX7IdBrbLf1lkHGwSAs81GfZRMLBauM7/hn+hMUeIJnMbtJnVIB9Je - AdT2nSH06+POnjvxa2t0dUasnG/6ISBRSk6FgBBZ+pdVlrvaB4javgWGpiAWCUu6 - b2CMZF3HullmLj+wwAKlsZsIOXGICN5GeQxLHYF8Kx7Doj68Owu/zGM5MS+7XQ== - =wYdb + hQIMAwDh3VI7VctTAQ/8DGQDydqwLR9kOQC0Pbyq46HDI/MHIXjuicAJdPdVqW3J + euLBwcF7do2tbsPpEG3FyyD3uWpk1sSMeHq0ev1SheFozf0vwiGm5ksKt6LrhyVI + XJDPjqyDWC5+prHoYvSBvrc+nuv3uy8iCqYQKdT9ODx9HXg/3gBgEDerFiI7n4wB + m4cRMMlem6VIug5tyKlRzhhpWGXls7BXqNgFTAGqGt+vjVjWGIh7MON+ftePTupV + PxE3ZkmlyAPXvjeP02zWgJpKf/zCJGHmgay8NU03WEw0YdpzfIT9eAlDQOVOE4y1 + GSGA8fgOnhwTjS0Q8x6MxFEY+TgLpz+y78klDvIoax9fI+HQgNyf9OzPUrbMNXtf + Lyh5RoXbNneqJ/cuFuxefg81oor6r4JUaC/AAPd0xIrNtzETT+Bigy+3XYJAZUhx + S/PCEOuaKNq+i+0ptfmRZ+3bL9h0JlXExMDP8EpD5ychjEoWX41aSEWlOTxSEej+ + qfvcDoPeAyvJXU+VFhTXYzWog6V90qz91J/ULSJbV/ql+Dc94PBy08rD4I8O9YVd + 7slxT9wIqXuKg0U9dRfJZ2b9+Fattd+JMnr5bDfVhFfp6EQNTdWeo7f1hr2fzdE0 + CCmb/8x8RWUP/tez6mDQGBDBMBkxU9hNiQsaQv+JXit31uFTHJqW45Ci0VJmKzWF + AgwDC9FRLmchgYQBD/9e9rnpwFeVE/wMmoYzve0SuVCPbTByitZuNxQu0zjyTCy0 + Vyr5xqwg9vjEfY4kXZ2iypVlPTzDf1UurwTZMTkusbOYZP0yBwHnamqvirhCFKjN + V2sj+LkEwuBajXO3md0QL/eWNaPY+wQFxO3NRg9sjuJJgMR+Da8ZPV7U6y0U+Gtb + oARFsyDLaFmDiibczlGa9miCKriHidq6MjWJSxXeCSsA1ZqyyQ78jxfBELiQ6yuJ + RYixb8pNb9j24gQKJqKv0xcL7X0OD97QgfhRH+FVFyGbXSqMEVBqEHXUfHecrwE1 + Dq2LRZCNTuM2XsAOKIwOf1FrJu38TpO9g60UQq+NrTJxVeR6b2DcCzOm67I5pQhQ + MjMs20WmgVWM345PEOZ9OnADATzbZp9GDeJY5OKlX4OiklcEM4/xEeo9ebujoFSC + 3ChNvL8N4Vm14oPgEjZsJ4hPUJ/g49lGq/rhOSDr5tGqtfoO6DSN8wXP9nmS1uFK + ff7cbxBCVoPeiUSUOHXmg4KAw2cdlNh/cS0x9pndE5tLz+Nmo9QvpPE+5PowUMFs + edhr9OcEIPDCW20UhmiQ68eIZ50SIEXRqBZdL6uYdyHCVA80Ope8KJdGozzuiqfU + n6e/T0a/uisAG5M4D08yfMYdwALyZQUmWo/6wm0oAAIcErYCVzBT4D6HXwWq8tJe + AfCcM9w2NbTDTKqvlweAF2+PYoDqFFS+5flwQomnXxL1TQGNN7iFwDK7+PXg27tt + Ozjyq5rEir6GWdQwo4xWKLL+b3lQNpixHSF+ApL0e4pS9e1Zg/6I5dVsCfTTYw== + =cE28 -----END PGP MESSAGE----- fp: 4BE7925262289B476DBBC17B76FD3810215AE097 unencrypted_suffix: _unencrypted diff --git a/hosts/nixos/x86_64-linux/summers/secrets/paperless/secrets.yaml b/hosts/nixos/x86_64-linux/summers/secrets/paperless/secrets.yaml index c279f6a..d8b97bb 100644 --- a/hosts/nixos/x86_64-linux/summers/secrets/paperless/secrets.yaml +++ b/hosts/nixos/x86_64-linux/summers/secrets/paperless/secrets.yaml @@ -3,56 +3,56 @@ paperless-admin-pw: ENC[AES256_GCM,data:2t5nZmpPblts6nZ6Pm4JZMBpwxVMap2NGg==,iv: kanidm-paperless-client: ENC[AES256_GCM,data:mEJBDT1qEz6vHrjnT5b9iBjXYbRwcoG2sw==,iv:SL91pO4QgtD+458dy/7ra7+mQgW5P+n7qUdVaXxYbHM=,tag:dGD5mzVRNFLORrMgiVYJbg==,type:str] sops: age: - - recipient: age1wmx8y2hs83j2u5srdnfxljrzxm8jtxl6fr0mq7xf2ldxyglpzf2qq89rpx + - recipient: age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBMEM4alliWlBCT3VsbVA5 - OGt5bmQvZW1TaUNkbWtFdzVGNDNpY0hBOVhzCm84TldYNHBrU01HMlBkbGNwZFAw - WVk0T3FycVRHUUNtM1pTYkQ4Qmw3RTgKLS0tIE9LUlNEVjJHOGVIK1RSMmRXUDF6 - QlRKY1hRVzNTVXhESUd3OElXL2pBZXcKDWYoOzi2b4qeIbCVCfTj0lTW+OfbnsXB - 8MugCHu7+b+ju0v/lUP66jDW9/2AH4PzHtCNHjsafyzr2qnW8HlOzA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxd1NIOWR4WUFrWEdtMzNE + L1ptYlUxc1cvcEd2Si9NbVZQSUFWV1NUTkJRCmhNSzQ2SjhxeGhKTVNIRTdQMS9u + aDNIQ3FpOUloUjJ0SXJQT3N4WFdjbVUKLS0tIElZUmxlQTRFVTZuSDNrVFhlS1FD + SFNJc0xhZEFUektXOXRiQ2xZSFBWbHMKUXObVn6jjRIm197zdOWF7Y04VeyDJMDq + dXrY6aceQDtgbxlgdfDyU1TZ4pKCU4B5pFKJakvmyaDWHbJY9J0Z0w== -----END AGE ENCRYPTED FILE----- - - recipient: age1c2enwel9un28dcs4wg0vcyamx9a4a6g3walkhu8w5lqhmd804paq9d24as + - recipient: age1rn0pxluh7m8dyeshek06d7scejqlrcewlk8xmyrwt5e5nev2dc2s3s78vq enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJRWJXR2tYdEd4cTZsSi9l - Tm1pSC9pek5BakpEMlkwVTcrMlBuVzlXWUVrCmlnV0xJc25nL0twK3VCZ3FRK2x2 - RW52Q1NxWUhTUGY0NnQ0WEhLMWxIcFUKLS0tIG83eVM0KzdLQ004aDRKNTYvdmVZ - d3ZOSStBMFpSU2ZjNWhFRkREQWlUdmcKggVvLy1mLYGf8084RQtlipS4+z4dfPsN - HZfid0srwYnezlQ5qOY8/HrDLWHEyuZ4xFZVi4n0k49qBpNwJdmvyQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwRzRwVWh1SDVFUVpqbTg2 + c0xGY2dQSTZKelNpNS8vamE1Z1N1c3Q1eGprCnZDQ2dZN2x1YkN6R3RjYW5nN2hQ + Vzl4SWY0cjRYYzZpQWowS2tIaWwyZTQKLS0tIDNLTVdhWGVLai9LOTJGY2dDNE9a + L052WXVhQ21WckwvYmQyTWxhZUQvRTQKJFa0KXsbW3V8Spi6MC8i400tBAHs4d9o + oX5D4HSOUwmbxlzrc4OlNgx8lBrcur1St1RF7MBaarUiVAIpswaDnw== -----END AGE ENCRYPTED FILE----- lastmodified: "2026-01-08T08:00:28Z" mac: ENC[AES256_GCM,data:ssSrHidYu6SUIVk07FMJ8p5W64INqRLdynQdizq+n37c69Ogj02LjcuRCH9W4vI0vIsbZv/Az0PnQRUfPwW9nHqJPtvWb5cUS9AK/kpQKRDd60QK8Le7+PPEzemvR61xeUv3CiUE5qh5Lf/AGUs0g/Mw1Ur8qSaj7FZUkKWMp7o=,iv:5KgI5vbEfquerHrKo0JpJbJaoAVJp7gblaUvQyr8TPg=,tag:BiGm5Lk53F0w79gnrBglbQ==,type:str] pgp: - - created_at: "2026-01-02T21:12:51Z" + - created_at: "2026-01-12T22:05:37Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAwDh3VI7VctTARAAmvkQ9V14f0BT/bNdFVZtTlY4yVon37CX32SZPUcHV7o8 - Dya0sZd9tuVATSv79TnybscuNx95fkoZJwujBfAadexn2zY8zl1oEWEHx7p+8/mE - W8JbQAjbcbX9sNQYXc8kYJylBThmgNN/HXK7CGtgDFr9xnGzDBnDm/M31P1HwYBm - IdIQgFGErEt1K3xvw28Lk3tPuZLK3Y+H2Yna7RRF6K1blGJUvEnL6yFdA10/eFW7 - 8066mO26F2l5xFuktK0nNeniLHKa5VVYp8iM+JMhX38l0wiIi8pGyxo3uAjNpa0w - IfpCneEBe/yyaUPcWMjXmUG5LJe3kWUup8cSzvu01Z3W159/QsflxIMkIsklqhim - B2zuPdAlYsjjS/05DIHInN2IIB/rjADkQvXji1XYLhWJj4jxDeck/UIc6Q22TED+ - autlbl8d/5sqyO5ghPpShF/s0vMTqUfpXZrDrbuyDFqCfwi0ahP03bUsv20ZEz6u - zG3K5HuXHh7ATSppwuMbcv7vcjF1tkbo6XhWZDv0rY0DFWqiYhnxWwlFlGLxf4zX - g6r7Ca/E/YXG/eOET6M9DxwHjj0D7u/ryAkCktqPL9w8oNGarZQ/xMx0+ocI3byc - Zvzlmd63BtgaGNSxH3stK29KN3ED8cDkG/JzAxCATWiUBBkqW/ga4sGZqtLlSO+F - AgwDC9FRLmchgYQBD/9JbFZie25PO2CyELlUWm5SmJcugT9SK/mIA2fe1PlA+Gnf - 5z9iXraMSQchz4R1IoiixDhubwKeKp/auqhlOPvo58Lsi6iDR/WaLWabD+hcyAb1 - ck/f/PUzTLhlLcfu18VPfXVzfnky3dX8P5aS0WMLAQblj2RaaiHxnPqf49kXSn3q - VSJ0pr0nEsPuWtoCkHUAwAJ8X5GPXN2OD4YbHsNaA9h2vrJAxNd5+HNsvg8JtI88 - X/uMM7cWcaXcmNZOz166HUIPcJ5cabJ48Sv8sDfMPOcTiJkMiESBnRYTwdUcp08m - nGipSrUeW3pVOC1bGyukZb6sF84pTtCpqS+kOSfKFlxFFdAEcpzFIPuOMeo2dbKj - GSGPDemZFC2yFq883yk9/mZbgjOUsqrj0ZP3rCD5ZHpfUM5IxGQ+mKaOucTXYmif - lrTPMYnAc7pHxKZ87BgiKBYrfRAZvorLYKv8zG8YagAUw8iCtc68YUUdvLW9haQf - rwWCU1z+sszYSac7I57gfqICQhMUbs1n9S2Cn0C0xo4q2Lu36ysip4rEVGg6TmUu - znXYu+3orodw2TwC0tGxXHYKwmlr7EGnBCbdVKpDoCbV6cYkDYoPUFg0alqIPd5r - KCkee9MaCLLX7IdBrbLf1lkHGwSAs81GfZRMLBauM7/hn+hMUeIJnMbtJnVIB9Je - AdT2nSH06+POnjvxa2t0dUasnG/6ISBRSk6FgBBZ+pdVlrvaB4javgWGpiAWCUu6 - b2CMZF3HullmLj+wwAKlsZsIOXGICN5GeQxLHYF8Kx7Doj68Owu/zGM5MS+7XQ== - =wYdb + hQIMAwDh3VI7VctTAQ/6ArJY33wV19ZxD+05B8roXhBNUHr7BXI8zBLwtiVNHFTQ + XC7o/Ku/xbVtktWvUA/nRf2xwZoKKHUS34Bf67HZisb2ErTh1VJGRl0Ul56/Acd+ + CCe/usmQFxNKExlXsAV724LNhdC2ETcr1i25Ri3tuacNUfal86jG3P6OOSBMsH6u + VGvB/NO+Wg66piG2+VbkQ4XY/tBDtCHWibqPDDFR//FBZK6akzSj+nhOTaRyVjjp + NGOTLFHhoPNhn7VDtXpRBqTdsEvK9c91tN12n7urVDagPeHFLdJogtzJxwHO+nCB + uctTrhe3Vbo9nsIHIlYol4y4IQTAPddbtXsrQq7Iep8++eQlQSkg9ugjIDRRevZI + eu34dd0m205edZqpLARMvydqQe8L3l5MNH2Tugw2+N5BdbJQtcWk1AcC8HFS9agC + hEOzSVVbqvq1Vcq+UkPeEgG/O94BR6y/mRanSHqIBuzvyuuzEmpOygPG2CCiQJD3 + Oxy/MJ7JJ5hdQ6obFHnd8VST16OflJ8+PVacPiX3IhT7AUgMrGKKPZAJpRpKncJg + FKikVD2Hx9TZPhnL/EDG6tOnRY+C9lTALHYLIAntZRagBS7mv5zcaul1W7c+egRl + 1nvd5NVdGYdFBnV0L9HITm6EsbzCvikFGx5PUjNlku7SVKDTmqDESfzrRjCoMWCF + AgwDC9FRLmchgYQBEADCL1MqvU8w8jYqIvZg35Erm97HHuTBXQIvZgGRFNrZUNcn + nkw1e0gFGsDjBbsuSzKJtlY3y/BB3zhq9WJTtPM2Zlvosvo81eKr4rfJUEVN6s8Y + WjErjdLHRgm4NvH/sMMmX3NhBgFnBzXdN6K0icikjtv7JuoZ0FVQFMUbjispLtf4 + FzrzBnxO6OckJkcRlXurwuovfyT7VbYrPzy/SACwXRx29QcrxWXOB26bMEl7PIc5 + /wYxgIu34nQLqujPXsRH9yxwdB0ke49XFEjH5QpiRWiLGOMF65GFOwYPO615h4M8 + oEg6G06uzFASwEhru0craW5Axq9BgSDrQPsQJJkU+yE9Zl5HRmjBrykl7uidd2vw + z47VWMExNBWM9sUYlna7ztwxXwLQldgwaYlpsMgsdkKvSp6W91Qfuswg/64Nnzg2 + R/8gYv/AWGHwjIIVDBgi2N6/71Xqk6BFU0FxXs3SIGkGj4U6NcaJN1KXWM3kUmmn + utrhh5KNv+7CbSZimWH1ReJdPAmg1R/pz0LouQN/g6pQLvNN+zPO6bLCs3DKMKth + X7r6jBbxyc6iTY7VbPxna0hcmrZHIX2HVyYnPMsEarJcF9swTR3wdU2kxzNIa7Mg + ctMCuivTTnna/cizzvWISDyG0N9q05h6BKoim8V1v1iVtWtjg76+7IoDoP79d9Je + AXFEpO0QZrcY8uNw95b3u4bdM7m7Urd2/zDqAYltySM2MjrNcgwwNO6CYvL5fEkS + AFlYlvCtiqBIUQIxqk8lzxDWyy5DOb2/sSOWnf669a4CBNreOTHjaVaJvoD2LQ== + =ZVbl -----END PGP MESSAGE----- fp: 4BE7925262289B476DBBC17B76FD3810215AE097 unencrypted_suffix: _unencrypted diff --git a/hosts/nixos/x86_64-linux/summers/secrets/pii.nix.enc b/hosts/nixos/x86_64-linux/summers/secrets/pii.nix.enc index d911ed6..91992c6 100644 --- a/hosts/nixos/x86_64-linux/summers/secrets/pii.nix.enc +++ b/hosts/nixos/x86_64-linux/summers/secrets/pii.nix.enc @@ -1,5 +1,5 @@ { - "data": "ENC[AES256_GCM,data:l0LIC8IP4wVA8wI5Ef1yKYfvJw4b4izz7HemWgoKjx34GWLnVYKYqrsXuGD8QN0GzbK9ZAPsWXYa3VejnVXv8Qe1B9GPEJbPtP//ExZ9lDYoKICLpy/yLxSiG85xSQQ46UcipCpA5ZjJPnmYeimTlW+PH5BmuL3LD/OteGVcIwRVznBaQwQ/DnzxE7eBOyF3l0apIIzk4paMswF5OSh0+0EfIS0wKJ1zBLW3OfVc9N1npC7nn7x01X/fde9k4s0gt2XjPQ/Qo5HdBfEfqzzOTu1jiYuvuoiQ4KmlME75HWfLoGLjCYCespoEnH0v45vJALiKNk6wBbHwidY00HH8DSxRujYxl23IuW+r6x5B/rpXUanrHzfKmQyx3crYqDl3URHwycW49GXxWBy8PPE49SGmWMh25ceuLjIgqQaGppza1X/V3RV7tvA96/L/kAIvmoDaYJMncFv89Q+fi0obp1YqVNkxsdGuBawOnCzyL2RAhf9t1no2ak7zJnMqaiHY6BU0Sg2OSwWEJQEEBzmj4P5k9SXqVBF/MUL65sp76hq7Wk6mqtofHvzY0ugLw/b2G4+RlWNAyDQnb3dSmldSc/U7bLZ+2Z6IFlMrRGg0niZd8g2283CQACvNBSonZ9v1SMfgN6ChG2U8ry6McYwsrO0dDshiFyyyvy1GxPAzc8nf/n40i0ipnTydJ3vxlaPq3rKZPfsXQdfiqDDu5tGiF+7JpdBtoJQ2Pp8pRKkS6sVPIY2OsTdu/ZQ34aW9aBKLfGMB/YPm9vid1Nlp/5TSbmbXfC9Lwz5s3I50N/iLI9F8W+hhR4RpOQLufkS0+neFqK1N38s6P/lXAfIrDdq9+QNZvSE61bZqjx7oxl6QKJKvZCFmkTIZOP/xANrSe17f2MZ1ugh1MBMb/5/Zh9BznJBEjNMsaCdEEBe8Anbum0oO9CXlldFMqUf+LufI1VDWj/68oBjNmHgHFVzUofxD7q4EZ/8HTtfTWOivVLg0F2l4fR6JIdTqKEk/g1tVll2gWfH9H/xNrdZQ9PQI/XKiSa6LIWEdlPz3TuH2Fw6bo6UC1YfVMvoWPUQsUhqrCBv0eb7snvYBkUJg+/BWhWelL9W8FD0gce3WrJfAe12TXqgWb0zSHtPk9C9E0+UkXEM/SAciBJTSowR0edM8QyPzT8nP/9qrHz390V8EIbENWU9AYDuo6o5fh0E34FHNCuX/+toq9VrZZLVUR1pb+o4=,iv:o6qAis1FnoabxGMQDDXrubSFHIgP0XHkjO4Usx+eQoM=,tag:rC+nrChrFNfT/3C71szrfg==,type:str]", + "data": "ENC[AES256_GCM,data:F3RDXp9c69ZGzLlhWHDGDse6s3qYDbUjGQZi0iSS1J9Bb+K2SToOyxIg51UUp7K3TMQCiwj1OnwdP3FJlaA7CHpKYYEX+hL5/msA+ITs0dWNiuSaI7Hd0HE7kplU+jHVEOoFP36e6sdVlsUO1H2ICUTCIPU6zjQ9FqQkHBeKg9jPnOYkI1AV638F8261nqsfsmrN4yDS4bWgI7WsXBGAZJQ9nuvHIMUBXkLNOGI9o45vOZXW3LZmWLLJUddal8TNeitQ3tzJXnO+4pZbvlHhVxbkwB40Fc3mt/ZYqHfRK9W70dEDa63zYIVoyai8BlXmWl5mScxPerhvt05+NUeswV/yXf4UpsdAUttzNXuWenN7I9bIMrEODFocdPvELB/N/26smXaRFbtakSTeyDSuqwOefUashiZ+LyNB9lLpKyUXUiLxsOusucQIrL9kiMTvr2atPAXfEGJYC25uxNGOghffcwquitcMAKtGyLAMfnI606FkFE1MZxPc60OZo2y1yHhqV/QVFjoAwkFW5sSNUbe5DLoijuoNT+MZGxypwDUhgzCqWXzwz300jzpV3dla2tKeOjcJZk1JmlfXOrPsCNGkL1MtC5kRXFjA9HUV25fSHzrChDiyBek4fTCtZNphJz0yGBbNfX30vpY=,iv:w/D7rqHWsvBxUJaY4D2b3+aJRfoSfDwwU5L3facXFtY=,tag:3pwiviZYNiKe0FwteR7CxA==,type:str]", "sops": { "age": [ { @@ -7,8 +7,8 @@ "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKcWF5cDZnWlZBYko2UFV2\nNGRMNlNzejVGR3hJSXNjaFQrWk1FWU9WZDM4CjZBRW9PbG9XY0V2T0dZTVhGU1Nn\nOXpXSWdaeHRNbmd5S0xuUkVuLzlidTgKLS0tIGNXckVXK0d6R2dNKzFzYTNPZWVW\nT0QzY0kvNEJvSC9CWExaRjBsQjdVYU0KavAD19+DC502a44wxbtz8fbxwIgpgE2c\nU4LlkgvkrhtTTiu6d/LiAKfqM9PrSajBdO8YrTpFxkqYgfi1tMoC8w==\n-----END AGE ENCRYPTED FILE-----\n" } ], - "lastmodified": "2026-01-10T11:23:49Z", - "mac": "ENC[AES256_GCM,data:p/kSeOGsEFw1NxehT0UVNOrf20K+YEK/heZakNf+X4C4GabctvCTyGouoRDDq3ea/O7TeTT+uVRiveZ6TOE7S7rKwFX5yTuB1wKDqsFLjDgFidwzicHIBmfceB3XolU/l0cIkEH4UcYYOelfiHr5gtjLefnCUojttlUhRZz9CD4=,iv:2QDqwkwlaKZwtnuzfkmBDYmTTvt7FN2op6/O8JcHSBA=,tag:cOgrxorAFDwpBF2NfxxuVw==,type:str]", + "lastmodified": "2026-01-19T14:24:03Z", + "mac": "ENC[AES256_GCM,data:b87qyAxWtLycdtKTN2x+k9+CQB+JBUarfjDdrIiKBSaBwC0Gg05W5t2j1TRqi5NjA8GITYRRIHkzS0jx37zoLSmrJZqzSg4hTlbMDdjeGZiJt+zi7rDSv1HRSoOHz6CoG8XQYULNri1qcLzjBOCcdIFISh9EhXOTNbrwJ8uF/Eo=,iv:sFefD/bK514/SJ3PWJgL5a5Z4UHj6NKvJkLi0HhqpxI=,tag:v6CvJ1o8lKAAx1CApW6sdw==,type:str]", "pgp": [ { "created_at": "2026-01-10T00:38:26Z", diff --git a/hosts/nixos/x86_64-linux/summers/secrets/postgresql/secrets.yaml b/hosts/nixos/x86_64-linux/summers/secrets/postgresql/secrets.yaml deleted file mode 100644 index 47270a6..0000000 --- a/hosts/nixos/x86_64-linux/summers/secrets/postgresql/secrets.yaml +++ /dev/null @@ -1,57 +0,0 @@ -wireguard-private-key: ENC[AES256_GCM,data:iSjQO7EUVOYgh3378FTGPOf7fUFLBoA7KhxroPv3iyWfbDI8r0yB/ewoMOI=,iv:Z9KlHucjpU44VvYWkq443njeSs0TREKTIeq65ieUXv4=,tag:6fjf3Ce/tuvK4vHvBaQn4A==,type:str] -sops: - age: - - recipient: age1wmx8y2hs83j2u5srdnfxljrzxm8jtxl6fr0mq7xf2ldxyglpzf2qq89rpx - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBMEM4alliWlBCT3VsbVA5 - OGt5bmQvZW1TaUNkbWtFdzVGNDNpY0hBOVhzCm84TldYNHBrU01HMlBkbGNwZFAw - WVk0T3FycVRHUUNtM1pTYkQ4Qmw3RTgKLS0tIE9LUlNEVjJHOGVIK1RSMmRXUDF6 - QlRKY1hRVzNTVXhESUd3OElXL2pBZXcKDWYoOzi2b4qeIbCVCfTj0lTW+OfbnsXB - 8MugCHu7+b+ju0v/lUP66jDW9/2AH4PzHtCNHjsafyzr2qnW8HlOzA== - -----END AGE ENCRYPTED FILE----- - - recipient: age1c2enwel9un28dcs4wg0vcyamx9a4a6g3walkhu8w5lqhmd804paq9d24as - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJRWJXR2tYdEd4cTZsSi9l - Tm1pSC9pek5BakpEMlkwVTcrMlBuVzlXWUVrCmlnV0xJc25nL0twK3VCZ3FRK2x2 - RW52Q1NxWUhTUGY0NnQ0WEhLMWxIcFUKLS0tIG83eVM0KzdLQ004aDRKNTYvdmVZ - d3ZOSStBMFpSU2ZjNWhFRkREQWlUdmcKggVvLy1mLYGf8084RQtlipS4+z4dfPsN - HZfid0srwYnezlQ5qOY8/HrDLWHEyuZ4xFZVi4n0k49qBpNwJdmvyQ== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2026-01-07T13:36:49Z" - mac: ENC[AES256_GCM,data:FVo2l0qd8E0G4252lmbPqhBKBu1WRXdqD5iYNJ5VTcFwM2ErC1RXVFFzX5jnBdq8yPUozS5/Vjm5p4B+N1bxwDe8nmKUJcXFy5AdMMgrVmXySPqEF6+uMQM5Mfh5yLgLnxscpCo6SV0kESfD86TeHI/HJ73EL4L8tD5V0tiDcSg=,iv:igf9D+MLI0rhagUP6IZLe6sP2HL5UpT5Z0DtLbXVq50=,tag:c0CGV69zbtIUxZMRJHh8yg==,type:str] - pgp: - - created_at: "2026-01-02T21:12:51Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAwDh3VI7VctTARAAmvkQ9V14f0BT/bNdFVZtTlY4yVon37CX32SZPUcHV7o8 - Dya0sZd9tuVATSv79TnybscuNx95fkoZJwujBfAadexn2zY8zl1oEWEHx7p+8/mE - W8JbQAjbcbX9sNQYXc8kYJylBThmgNN/HXK7CGtgDFr9xnGzDBnDm/M31P1HwYBm - IdIQgFGErEt1K3xvw28Lk3tPuZLK3Y+H2Yna7RRF6K1blGJUvEnL6yFdA10/eFW7 - 8066mO26F2l5xFuktK0nNeniLHKa5VVYp8iM+JMhX38l0wiIi8pGyxo3uAjNpa0w - IfpCneEBe/yyaUPcWMjXmUG5LJe3kWUup8cSzvu01Z3W159/QsflxIMkIsklqhim - B2zuPdAlYsjjS/05DIHInN2IIB/rjADkQvXji1XYLhWJj4jxDeck/UIc6Q22TED+ - autlbl8d/5sqyO5ghPpShF/s0vMTqUfpXZrDrbuyDFqCfwi0ahP03bUsv20ZEz6u - zG3K5HuXHh7ATSppwuMbcv7vcjF1tkbo6XhWZDv0rY0DFWqiYhnxWwlFlGLxf4zX - g6r7Ca/E/YXG/eOET6M9DxwHjj0D7u/ryAkCktqPL9w8oNGarZQ/xMx0+ocI3byc - Zvzlmd63BtgaGNSxH3stK29KN3ED8cDkG/JzAxCATWiUBBkqW/ga4sGZqtLlSO+F - AgwDC9FRLmchgYQBD/9JbFZie25PO2CyELlUWm5SmJcugT9SK/mIA2fe1PlA+Gnf - 5z9iXraMSQchz4R1IoiixDhubwKeKp/auqhlOPvo58Lsi6iDR/WaLWabD+hcyAb1 - ck/f/PUzTLhlLcfu18VPfXVzfnky3dX8P5aS0WMLAQblj2RaaiHxnPqf49kXSn3q - VSJ0pr0nEsPuWtoCkHUAwAJ8X5GPXN2OD4YbHsNaA9h2vrJAxNd5+HNsvg8JtI88 - X/uMM7cWcaXcmNZOz166HUIPcJ5cabJ48Sv8sDfMPOcTiJkMiESBnRYTwdUcp08m - nGipSrUeW3pVOC1bGyukZb6sF84pTtCpqS+kOSfKFlxFFdAEcpzFIPuOMeo2dbKj - GSGPDemZFC2yFq883yk9/mZbgjOUsqrj0ZP3rCD5ZHpfUM5IxGQ+mKaOucTXYmif - lrTPMYnAc7pHxKZ87BgiKBYrfRAZvorLYKv8zG8YagAUw8iCtc68YUUdvLW9haQf - rwWCU1z+sszYSac7I57gfqICQhMUbs1n9S2Cn0C0xo4q2Lu36ysip4rEVGg6TmUu - znXYu+3orodw2TwC0tGxXHYKwmlr7EGnBCbdVKpDoCbV6cYkDYoPUFg0alqIPd5r - KCkee9MaCLLX7IdBrbLf1lkHGwSAs81GfZRMLBauM7/hn+hMUeIJnMbtJnVIB9Je - AdT2nSH06+POnjvxa2t0dUasnG/6ISBRSk6FgBBZ+pdVlrvaB4javgWGpiAWCUu6 - b2CMZF3HullmLj+wwAKlsZsIOXGICN5GeQxLHYF8Kx7Doj68Owu/zGM5MS+7XQ== - =wYdb - -----END PGP MESSAGE----- - fp: 4BE7925262289B476DBBC17B76FD3810215AE097 - unencrypted_suffix: _unencrypted - version: 3.11.0 diff --git a/hosts/nixos/x86_64-linux/summers/secrets/radicale/secrets.yaml b/hosts/nixos/x86_64-linux/summers/secrets/radicale/secrets.yaml index ff5dd8f..d4f74ef 100644 --- a/hosts/nixos/x86_64-linux/summers/secrets/radicale/secrets.yaml +++ b/hosts/nixos/x86_64-linux/summers/secrets/radicale/secrets.yaml @@ -2,56 +2,56 @@ wireguard-private-key: ENC[AES256_GCM,data:1yvGiPIViIM7PZc8fi4MRFo6X4ZP0ospI4bx0 radicale-user: ENC[AES256_GCM,data:BBo1TscIK622Whg=,iv:yRxEy4sVlZNzqGGML+dCeGzN2viMT7N9Eg9lWYSGljE=,tag:3cX1cfTzhxNYrtk1u3lLXw==,type:str] sops: age: - - recipient: age1wmx8y2hs83j2u5srdnfxljrzxm8jtxl6fr0mq7xf2ldxyglpzf2qq89rpx + - recipient: age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBMEM4alliWlBCT3VsbVA5 - OGt5bmQvZW1TaUNkbWtFdzVGNDNpY0hBOVhzCm84TldYNHBrU01HMlBkbGNwZFAw - WVk0T3FycVRHUUNtM1pTYkQ4Qmw3RTgKLS0tIE9LUlNEVjJHOGVIK1RSMmRXUDF6 - QlRKY1hRVzNTVXhESUd3OElXL2pBZXcKDWYoOzi2b4qeIbCVCfTj0lTW+OfbnsXB - 8MugCHu7+b+ju0v/lUP66jDW9/2AH4PzHtCNHjsafyzr2qnW8HlOzA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1YU82S1BwWXJubVNNMFFu + VTN6Tm9TaTMzdjVmdzB4amVqYlRPemlHa0VnCkNqQ0JEQnBkYnMwZFVYZzlCQ1d1 + dlBXNDRCb05QSUNhS3EyOCswVjZ0bUEKLS0tIHhiTkdOTE9LNDRGRnE5Vit4MXBW + cXdtV1FCNWNZYkxvOWQ1NU1zbHlXVzAKWVblTzYX5NJ7GDZ1ma1L7fo3XU9K93w9 + /qVeTSiP8KhoE3BLueaEUZ5J9CTPXmb5SQ+4D7P9i2DQAqcVDtlccw== -----END AGE ENCRYPTED FILE----- - - recipient: age1c2enwel9un28dcs4wg0vcyamx9a4a6g3walkhu8w5lqhmd804paq9d24as + - recipient: age1gxg2peektn8x36kk3nsgmeawl73e54kaadqd649ygwrv43kkvejq2cw64z enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJRWJXR2tYdEd4cTZsSi9l - Tm1pSC9pek5BakpEMlkwVTcrMlBuVzlXWUVrCmlnV0xJc25nL0twK3VCZ3FRK2x2 - RW52Q1NxWUhTUGY0NnQ0WEhLMWxIcFUKLS0tIG83eVM0KzdLQ004aDRKNTYvdmVZ - d3ZOSStBMFpSU2ZjNWhFRkREQWlUdmcKggVvLy1mLYGf8084RQtlipS4+z4dfPsN - HZfid0srwYnezlQ5qOY8/HrDLWHEyuZ4xFZVi4n0k49qBpNwJdmvyQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBrd0tiT2gvbTNUMjQzM2ZN + aUl2MllvZlFsaVhjQ2FNR29wOWVmSnkycUNJClNsdnd3alpCSUROSXBkSEx4c1lr + b2lvVXJtWWZRT3RMaVpjendaSks1UjAKLS0tIHN5eVRXYkJWSm9pYmZXVnRab0Zr + OEpYaWt2TWFmWmUyZWx6NUJpZnVWYkEKJxAulYLyTBmFPBCcYhCLmgBUIGJgYaCh + NC4k7PzIdiKl29tAolW24aZO70EH8JVCirjpWQlKo8W5hPSaJv/q/A== -----END AGE ENCRYPTED FILE----- lastmodified: "2026-01-08T08:03:16Z" mac: ENC[AES256_GCM,data:z+ETj7inVkrg3lniueJNw4VwMp52S0wH+6kEH3bWPvMjml4Biy9wUqatlayi4cHsYQaEL/2ok8bi9rNuMrYYWs7qieLDZfRQuHEJNdylPxIKrQn0xn91ihbQJRyGMCweEtaHNR6uZY0uKH/wvvBlBLcZmuiXtPU9CGPIh72fTdA=,iv:41h4pi70SArumCJ+RqdLKlaiPwyqW0Kzro8u/GHNvxI=,tag:1kitWfua42WtVlWRrGJ/TA==,type:str] pgp: - - created_at: "2026-01-02T21:12:51Z" + - created_at: "2026-01-12T22:05:39Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAwDh3VI7VctTARAAmvkQ9V14f0BT/bNdFVZtTlY4yVon37CX32SZPUcHV7o8 - Dya0sZd9tuVATSv79TnybscuNx95fkoZJwujBfAadexn2zY8zl1oEWEHx7p+8/mE - W8JbQAjbcbX9sNQYXc8kYJylBThmgNN/HXK7CGtgDFr9xnGzDBnDm/M31P1HwYBm - IdIQgFGErEt1K3xvw28Lk3tPuZLK3Y+H2Yna7RRF6K1blGJUvEnL6yFdA10/eFW7 - 8066mO26F2l5xFuktK0nNeniLHKa5VVYp8iM+JMhX38l0wiIi8pGyxo3uAjNpa0w - IfpCneEBe/yyaUPcWMjXmUG5LJe3kWUup8cSzvu01Z3W159/QsflxIMkIsklqhim - B2zuPdAlYsjjS/05DIHInN2IIB/rjADkQvXji1XYLhWJj4jxDeck/UIc6Q22TED+ - autlbl8d/5sqyO5ghPpShF/s0vMTqUfpXZrDrbuyDFqCfwi0ahP03bUsv20ZEz6u - zG3K5HuXHh7ATSppwuMbcv7vcjF1tkbo6XhWZDv0rY0DFWqiYhnxWwlFlGLxf4zX - g6r7Ca/E/YXG/eOET6M9DxwHjj0D7u/ryAkCktqPL9w8oNGarZQ/xMx0+ocI3byc - Zvzlmd63BtgaGNSxH3stK29KN3ED8cDkG/JzAxCATWiUBBkqW/ga4sGZqtLlSO+F - AgwDC9FRLmchgYQBD/9JbFZie25PO2CyELlUWm5SmJcugT9SK/mIA2fe1PlA+Gnf - 5z9iXraMSQchz4R1IoiixDhubwKeKp/auqhlOPvo58Lsi6iDR/WaLWabD+hcyAb1 - ck/f/PUzTLhlLcfu18VPfXVzfnky3dX8P5aS0WMLAQblj2RaaiHxnPqf49kXSn3q - VSJ0pr0nEsPuWtoCkHUAwAJ8X5GPXN2OD4YbHsNaA9h2vrJAxNd5+HNsvg8JtI88 - X/uMM7cWcaXcmNZOz166HUIPcJ5cabJ48Sv8sDfMPOcTiJkMiESBnRYTwdUcp08m - nGipSrUeW3pVOC1bGyukZb6sF84pTtCpqS+kOSfKFlxFFdAEcpzFIPuOMeo2dbKj - GSGPDemZFC2yFq883yk9/mZbgjOUsqrj0ZP3rCD5ZHpfUM5IxGQ+mKaOucTXYmif - lrTPMYnAc7pHxKZ87BgiKBYrfRAZvorLYKv8zG8YagAUw8iCtc68YUUdvLW9haQf - rwWCU1z+sszYSac7I57gfqICQhMUbs1n9S2Cn0C0xo4q2Lu36ysip4rEVGg6TmUu - znXYu+3orodw2TwC0tGxXHYKwmlr7EGnBCbdVKpDoCbV6cYkDYoPUFg0alqIPd5r - KCkee9MaCLLX7IdBrbLf1lkHGwSAs81GfZRMLBauM7/hn+hMUeIJnMbtJnVIB9Je - AdT2nSH06+POnjvxa2t0dUasnG/6ISBRSk6FgBBZ+pdVlrvaB4javgWGpiAWCUu6 - b2CMZF3HullmLj+wwAKlsZsIOXGICN5GeQxLHYF8Kx7Doj68Owu/zGM5MS+7XQ== - =wYdb + hQIMAwDh3VI7VctTARAArEo4xS5vSvBRMoU9IiazfF78cObwThwoes/HQL5wSnpX + 6rOOOIaFZv8MZDcfeS7IZCoUxBsuDIpCSHY6bo/iaGOzQ5616+wS8SZTz0x4aU6f + QLfmAIeqoNU0mcXVsGbm202d76XNYsGARpHprIktjhewzRFa2B0akZGxQ4RnuErT + 5lIkyFPKXB4FxXmakwdUnVj5lcx5VEbmyNtsrcqFpY81m+DH9hhRsI6Q3ac2Z2Wl + iC4vVmjGSgex//HXve/YDuUGndzfZQDtk0HmTgfD3+PU+YAWF8ikyE/GhtTV14mg + dFsqYhKEQLGziCxIkx91vejX2/80eh00uVSGWJ/XiYl/xaXwEz202pVfEIJNZE5t + LPe8mYw2IyYkq3CQy8iyB2DRZGqHKcMftXU5upP1jeDUXvzj3nUEaG95XTWT6hmy + 2tWS86ZjQpfTX2e/q28L/knl2yHI9/f7e/udpYG+5xIuVY/0732aIKwBNVmEDI6+ + y/08NcJJKRCE1aTdfGf3jNJteKQzUlnaQD+HThpFq06RW/e4PXitKyWvdDydAmfr + vKFVlQchdT81fA6J6SK1GohDa8/q9frbaX8iLpyV/l6c7KGJ8BgTUl/rMHCwZrhm + eJMweyc9KUgkjmhcSvZ0puyp5xhPPy6DD6EXwIGyWiAIbZ3sKLFuWC63CJwQQHqF + AgwDC9FRLmchgYQBD/9mRhx5N3zfewIc5ZKZLwo7gqv3qex0m8fLmRHMZxGREeDT + hH0hrvYoab0eddg/vywzIcvqzysErvKcT61Wdo6kv+XDAojJFCN1xAhGbgYF/M51 + LID3j3oo5TL4kMBU8NES6VQHieAtV/eUIYbx/G75X/bOIdloxL1V2MzKu59YOdEv + P8KgtkA2kfbdR/PLl724R1nHHoCrt707T7RdJP8vOAE6Vu1v4xPMC3Y2vgkrAr42 + K9/qecQg0RZQJRA73fEyX6IIsktJxjm7YaaznXSyBqw3YlqSsPSyT6sd8SDgTBju + N0n/SOcrgM+X8tnq38XTbQFVlT7dMr/e3Flh2a7igA+Ceaqn//gJi+fOzd/9kP4m + ESCG36+qBRYaqDyYK4BzLVJhhG4qr6pIHPd8t61UDB4QbjvwOmr70OQ/Dmsp4KOJ + +dADOOoIe5fHbpAr8Fc5Mj7hvkEwl3B5uOgkkaW7xfmwhbogsLBRKBu/ZhK7QAJL + LjmMzSOvbw/Vai7X1myDiBtkubnGHJ0zrWqXLIlagH7zts2jygL4VuYJftmCJ+R+ + kAQ/x/AYew6DgLdtOWJpOrs9lNX/T2uEtCQSNt5l8/7EfLAHp65LPSo4KgoBhflp + bRR4azACGhnH0VOzpQD6grn5XKLJmtRq2+LTRM80TNlNp4kCysm4HwijxgaxENJe + AfU03Aj5CVREQwC3sUllLtz1W2BPFh5jzisktuNU9QlExGZXGUPSxFuxv1Pi5m5Y + dRfutHRl+2kDAgXj+nP5b1rdFxTHLaxCVtrL1qsu2Xq/jJDpsfryqt+preZMyg== + =cyX1 -----END PGP MESSAGE----- fp: 4BE7925262289B476DBBC17B76FD3810215AE097 unencrypted_suffix: _unencrypted diff --git a/hosts/nixos/x86_64-linux/summers/secrets/secrets.yaml b/hosts/nixos/x86_64-linux/summers/secrets/secrets.yaml index f1ff4a4..18099db 100644 --- a/hosts/nixos/x86_64-linux/summers/secrets/secrets.yaml +++ b/hosts/nixos/x86_64-linux/summers/secrets/secrets.yaml @@ -1,62 +1,10 @@ -resticpw: ENC[AES256_GCM,data:duM1dMkCRdckaOg=,iv:mPRxC5KgBMHRUcgHJQTfLA9P5EfGwnbnfzCp8CNIr9o=,tag:VZlFcaVnm4eay+JM0Sd7cA==,type:str] -resticaccesskey: ENC[AES256_GCM,data:Jt4uKdD7WqjaRjnKLeJhYoFSTtpwqPuARw==,iv:s1Ff5h2uKVxZY0hIZObZLXDlxgoUIFTYSiO17JKPUWY=,tag:DenvTp2ny8i+XjgTF3MPNA==,type:str] -resticsecretaccesskey: ENC[AES256_GCM,data:ijvux8Uldkct48gqVIC+jtfJ8m2oQ8ZbIZUZbyY79A==,iv:BxC2CZ87hxZhf35xqLe4ArGO8EnsYCABmiN+OM7t6tk=,tag:I61Ne5ztK5CUDUu+yvBcig==,type:str] +resticpw-SwarselState: ENC[AES256_GCM,data:rJrpeiNxdGZ3NF0=,iv:NHf5tp9h9lHDzTNogFkzhyBXgJVSbawT45sSvlSn27c=,tag:D36aXm3Q09cFiaNuJjL9SQ==,type:str] +resticpw-SwarselStorage: ENC[AES256_GCM,data:uj8smcKXrOzm+Sc=,iv:ASXoj5ZDgW26ri4LpxtbyUbPoc1IvxIYxjMcM/waLus=,tag:sP1Q3561lMKXYzuDkPC3HQ==,type:str] +resticaccesskey-SwarselState: ENC[AES256_GCM,data:boY2ai1iHwjaEUXFrpQK3Jpi47GhhTF+5A==,iv:qcYJE2BidxvesBOBJU/KI0PqXCpb9Fa5fr9gRcE4ox8=,tag:XAArkrmA6n0hGxU4+3OSGA==,type:str] +resticaccesskey-SwarselStorage: ENC[AES256_GCM,data:b3pHjKJP8+pNwoR/0nj8kidtKZcqUHAkkQ==,iv:MKEV6AkkTgbZrc63DipIxPvm4pl5/elInY6N0ewl3ac=,tag:OZVUdGBq5HYCX/NL7RJgrA==,type:str] +resticsecretaccesskey-SwarselState: ENC[AES256_GCM,data:2tC7RKRQM55dekqc6DLsgZqIBQbmWJySIXCOyUjTMw==,iv:a0bjCwmFTUZcJlz9WMp2vorwm9dUxg/7ulKWtL14LiU=,tag:7jbl6AGx7dguM8GmTD6MHw==,type:str] +resticsecretaccesskey-SwarselStorage: ENC[AES256_GCM,data:yjhLY7AuW3m5tOqfiAt6IbVHTnGkzSGzjkoqWD3wvQ==,iv:+2/dSke3LlWQpWa8adNS65M2sbfNw7DbiFCruMHnBRU=,tag:XgV4J9/c5yg0X1eBN1myXQ==,type:str] wireguard-private-key: ENC[AES256_GCM,data:lP5wnI1YUSb2PJUo8LvCogz0gfwwnqgYtNEly2i8P4geQVGnsxCz2c0ZKgM=,iv:55gjJ2K15EB8i9iwNNsuKwzHZsX3RvsTKNAnr+Ac4to=,tag:GPscRLTJSj+TNJ/15pM1mw==,type:str] -#ENC[AES256_GCM,data:D3AMwX0rBg==,iv:4AaUSc9Swp4RJIqeNzTW7MvAi5cZ3c53alWY3P4wS5U=,tag:IUzpcX38+495WM3O7L0uGQ==,type:comment] -kavita-token: ENC[AES256_GCM,data:coBAnDN4tWB0b05z+SRv8tGau+KrvMbEBICpPPYrjAqS/jVIrsKfpiVp+jJ2ruKnrwFnE8aVzWMB423fFk/GzpLDJZHF7oPjlr5QQVsGQ+NP7Ls7lAu6/A==,iv:pk+sZqRcx+WgS0Nwa4z4I2RmTobL7QME8E77bYdlcsw=,tag:XJ46v//ploErgSNLlUfPBg==,type:str] -#ENC[AES256_GCM,data:KxuybG2VSA==,iv:5HnK8dQsTW+shG+EzGh9BomfoBGl5cdSQpZjD4OF8y4=,tag:S2EgHIoHyXpxpU48hWiiYQ==,type:comment] -matrix-shared-secret: ENC[AES256_GCM,data:wCDMXzV18aFk4h1tf60N61K8j+gRJxIfbQLvqbfoDWPH2gbuNsg3SfDyFgDZQUzAzfaYC+jcbUAFOPm7ZD6axQ==,iv:9Rpx5jHyxqoyLSD39zPopj7m5ZZcPIhiRTh9tZXIero=,tag:JQg1uOorQvN3m7Cm6fT0vA==,type:str] -mautrix-telegram-as-token: ENC[AES256_GCM,data:/34XoVkm/8o84PUDXGWzFphEu+0LyvfEo+HOEbEB5GfrHzJmPpWgdGmedAYLpupvOzWWjODXgNk0zC3l4a+4gQ==,iv:7AdLQ3/SCJM9VxEFOBZnmVWKeSDTKyFLq+dysahlErI=,tag:NP/iV6aVZLy4RFOK1OqOPA==,type:str] -mautrix-telegram-hs-token: ENC[AES256_GCM,data:6je3dFrFAoNCbUuZD7C+kMoQpNeqBxoUusEJBFM0IYcVAqsmclMktHWLFDerkfzgGmKverqnf+rINDVEX8Df5A==,iv:iDqeYSsw1OTxu4K+zAEU+eUz+TLnXSzXbr6J4cLp7KQ=,tag:PBHqaqJEVEN8nk5hmIVEpQ==,type:str] -mautrix-telegram-api-id: ENC[AES256_GCM,data:R6C4gFh+NQ==,iv:30LZQR0CRmtAxqXVu/GOihdvdsWqGqiLMQJAM1yaSg0=,tag:9QM9VlCqSFuDo2k0WJx7/w==,type:str] -mautrix-telegram-api-hash: ENC[AES256_GCM,data:m6RhyLX2wNtMG/rZtLtwPVYiF9rD6bqsulJTE4tNkeA=,iv:aGq8TGQCOVlf55XfM4A9V0eDF75E8Rg8Jg+Vc72NJ00=,tag:J2fJ+Q7KToQirY87t4mvzQ==,type:str] -#ENC[AES256_GCM,data:6lE2jJal,iv:n6GbM2CZy9KSVRPJvnYYhcN81P77TUoy9ZJwplbtPLg=,tag:UaI3x5tu9meuZc2Wj+s82w==,type:comment] -acme-dns-token: ENC[AES256_GCM,data:Q5rGOFLYvCQ0h8BZKC3JlcWHp2q3ucIoE1E3NujEGoBltdUj3RpY3Q==,iv:T38LtQ02/11zlJUUahIeDNXyd9fQ7MYAOYgAY5ioLMw=,tag:5G0emN3Oje+Otl4uBxe8Ow==,type:str] -#ENC[AES256_GCM,data:XTHlwp41c52pmg==,iv:P82FtV4f+KziNF5QNca/xx8ZvdeZu+4tQmtePvjhKGU=,tag:AdVhiRLboyDT3jaSBjD0Mw==,type:comment] -paperless-admin-pw: ENC[AES256_GCM,data:mfk+N/cxddgUiandSNIYvbt0X1nDLaWOzw==,iv:CbHsz5ldL4sdnMCghh5DFbIBeR7e7c8ftuB3cTRBXBQ=,tag:SGk6QsUO7+H30Mi8fFuaRQ==,type:str] -kanidm-paperless-client: ENC[AES256_GCM,data:9mqdKyyuPyezSiNIVBe4/ViHydfkfZmAiA==,iv:frksTnlKbIHG1XdXUTQwKHLtlpRdZeQOOCBFRQ9DY1o=,tag:DBUy4xV0drIxXL9IxV30/w==,type:str] -#ENC[AES256_GCM,data:4n9xtQ==,iv:Qa+X5jJ/PQLkEB/EdRoB6pic642twVkt8zTIkHLOGz8=,tag:cZP9TyLPNACeHRMqTsRnlw==,type:comment] -mpd-pw: ENC[AES256_GCM,data:umt4fAgqaLBIXLhLLGUAay/YbSKC2r4uZA==,iv:yBOe8MpJZGrko30+zmP6LYI7uPJvQUf9+KhZAsSKk90=,tag:JWpGwG5trY/kLyQo707jDQ==,type:str] -#ENC[AES256_GCM,data:mHqhDMd0XorN,iv:LFGTMK375H8QenyYVSSF0IfummbSa6XPSCrrQryy0/8=,tag:r7qqAYPVfVkgZXObQLYMGQ==,type:comment] -nextcloud-admin-pw: ENC[AES256_GCM,data:WIS+dK+6sNa8l9sfqILcVXpI,iv:pAOX6uUusKKOGrzHzij6tNOHJkacxyac/YFbU8ZmFhY=,tag:NQByvZhCu1qf1Qb/Eor0sA==,type:str] -kanidm-nextcloud-client: ENC[AES256_GCM,data:qEamdf1+i9Je6l2uswgDfrc/KkbLDDnZ/Q==,iv:T9g7V86o9sTIWZ6MwRg2Li2ntpR5B+DgvXbrM/pBHo0=,tag:OH4FKB6qgsdAEVb8wdkKCg==,type:str] -#ENC[AES256_GCM,data:mRjlEtwcsjs=,iv:l+6IJr+nyIUF45vhNAw84eVoypF+grcKvXa3Z4mDntI=,tag:A8guEoZcPnAzlvsbQGI1NQ==,type:comment] -grafana-admin-pw: ENC[AES256_GCM,data:OZRhYLC8mKGT1dLpYNA=,iv:JWLDUXsHEgISVX5qPOY/SyEyMbd1wBPRcX4aB9V1VY4=,tag:UnM7Ki9rqcv+QKEkbD5geQ==,type:str] -prometheus-admin-pw: ENC[AES256_GCM,data:zKtPGDIDN/pJxdRuQthIOkvVgjmx+FrEcA==,iv:M/gY7JGCcf3qOR3abTOhW4oK+cEZ+qrA7Ej1dXXWXnU=,tag:LD4faKNGJnJSPv0w2UtCqw==,type:str] -kanidm-grafana-client: ENC[AES256_GCM,data:wIPvYpMuT3cJKImJ/NrvfZg4u841DQNjow==,iv:BMIrNgd5p5kaQOqC7GyCz6tF76HOx7GHJ5TcWL/Qeaw=,tag:pfhys3Q1WBzv8lcaz4gSZA==,type:str] -#ENC[AES256_GCM,data:jWNwieXkgftTIg==,iv:3fYUvETktHqHxg1MR2ZK6Bkz4DGjILS7gIU7taGj534=,tag:cLIde4jkQUo2kZ1nxACQ2A==,type:comment] -freshrss-pw: ENC[AES256_GCM,data:+jKVUjkpNCjGSgE=,iv:SZu/AZxue9Y4xEdrAEHkwzuoL7THI6MS8YQFwcoRPMI=,tag:M/iBUKcKe1d6gW1cUpeBew==,type:str] -freshrss-oidc-crypto-key: ENC[AES256_GCM,data:bsnB53+pm+1AlPx6kvQ46GUtocDZJW2+MyJDC7tuSbgY3hnFOhmbbQ==,iv:9gF7OLOTxva4znYIEsdvrfI9JFPhuFucuH3oK9Rj3f8=,tag:TY7QfUpI1GmkNYXDNyl4zQ==,type:str] -kanidm-freshrss-client: ENC[AES256_GCM,data:7CO/LL3uKxQHFjfC3VR4JfL13hT7T/OG5w==,iv:Q5BZSrxMgUM5dXKKLeTXG/kWUgFb1RCmUQSg+B0H32w=,tag:gX2O/2l9XFk2r9HfGzWliA==,type:str] -#ENC[AES256_GCM,data:fs3hYmSnPA==,iv:AO/BtxZ//pNQESSDYSUZzSWc1daj6aa2vXteC04HivI=,tag:HfRZ2YUWO2XNtjN8IZMmvQ==,type:comment] -kanidm-admin-pw: ENC[AES256_GCM,data:OF7rhjmg0I7V5qc2nWfQzSAIMlowXapbvg==,iv:I3Ig16YFPP2BeoAdYmRLQe8fqdV/MC+GW3T61kNiftY=,tag:n/WcJsNejgoZIK4GmnaPlA==,type:str] -kanidm-idm-admin-pw: ENC[AES256_GCM,data:UdGmzkgeDVWzFR+jqmwzxB2U0yjbOMf5ZQ==,iv:dB1rS0d7/hgA4UGSu/P2OIu43PHZbif3UkNd9vZ962Y=,tag:6mYDZUcobB0Vi/sZ+nOt/g==,type:str] -kanidm-immich: ENC[AES256_GCM,data:9vIcSVknbeitmmj5SVWcfOkji+0tTyvEJA==,iv:cMorkTF7swSLShonZqkuPl2RfrGBOQVnR2XTFr8Rwy0=,tag:BK4QRnCsxNPpdqQk03ghMw==,type:str] -kanidm-paperless: ENC[AES256_GCM,data:IjB3ZySYVS3OZU3pq4dE4qzm4F3enTEwYw==,iv:UZyYN5zyyvsAwLf55mAw32/CdygYbtfZvQY6BBzlchE=,tag:Tz3TOqf7oIyw1j414bvHDw==,type:str] -kanidm-forgejo: ENC[AES256_GCM,data:hDPeC5CPg2yHvxtw5Z6uIwr9TtiJM+PjGg==,iv:+pEDpmePUbbH9H5edZ5IPPXY1g2Daw8lLgyDM+h/0Zc=,tag:tugJxGP2LTYrHnNKb4/wgg==,type:str] -kanidm-grafana: ENC[AES256_GCM,data:+tfJr1mrfD7Kza9R26av7G+QgzzQhjeUmw==,iv:StWa8qivQZFhA1V5pSskeXL2IF8QkZd/tdOdAmWJLL8=,tag:U5A137+ACOWl1LdmLwb+xA==,type:str] -kanidm-nextcloud: ENC[AES256_GCM,data:yTBSlSN7O+ywGB6j8dvORE8C3xabayg3NA==,iv:kprbm7NR/ukczINENzdLOgBl2fwSs1CWkW+XFmLYxTw=,tag:U1fwlVRwcJBMbxCPAqovBg==,type:str] -kanidm-oauth2-proxy: ENC[AES256_GCM,data:Wj+tqtfxI/JDZwM8dFKvWaq6P5xrdPeszw==,iv:9WNcoLs4zMzVgGAMIanS8IAJKZU/IV9AY4YXw8gsl4c=,tag:JTZMI7xmzlVbpoN7T35bJA==,type:str] -kanidm-freshrss: ENC[AES256_GCM,data:pO6j+ZAD8NXUiHMZ5jg1Dsu6OcFr8BUIfQ==,iv:2vxDhyGqafbOBLsmQFuiBVN/2H4h2ZIJfG7h4iV/dIE=,tag:cYO2ANzUMAwVBiq87SQ0wA==,type:str] -kanidm-firezone: ENC[AES256_GCM,data:5QcRJy1kn1bk8zBqPznyq6vHHukmIIQpiQ==,iv:GL0QkqhsgRIeE+1rIDqVuC+UyIKPJTu5AHALBMZq2Yg=,tag:+kF/HQexEgg6JJyv3LeGvw==,type:str] -#ENC[AES256_GCM,data:nkfK+2JT/zAFEN5r,iv:zhequNAlsknCC1ROXYm+tzaUy6mN6XmuqS13Q6HU0a0=,tag:FQw0dwMR/yitjGSFWW6/RQ==,type:comment] -firefly-iii-app-key: ENC[AES256_GCM,data:1jLFVD8tMVF9hYiNeUZn1ZpPcKuvpYEZxLJcylg415PXl7ngmDa6H3ruYKFk/rt0sjh7,iv:uFBKrNOa5NdHWsLW5knd16tF0HQH7j4nsoF2TGEcrl0=,tag:X61hLERJNS//sSkhtkBEwA==,type:str] -#ENC[AES256_GCM,data:ZeR7BLj26KJabuQx,iv:Fp8Etgu5tg9xmqT421n7vvQvL27evPslZmVgIiGCGDs=,tag:DjirUtjNCh09D2JGJXqaYQ==,type:comment] -koillection-env-file: ENC[AES256_GCM,data:G/Nwzw5wQAr7aUfM+JclpmXaVwLKr9DV4M0F69Sya1U=,iv:gAYrD2XFKl0gWyU0wQ2JU0Vrn9bXVLJf5p1HdunZxqw=,tag:y64flWvqJ2KGETBnnnSDOw==,type:str] -koillection-db-password: ENC[AES256_GCM,data:vKHnmcvSOKhHOt6Mdbw+uT7GdM8=,iv:/pHI4ficUG81gkAUTATUt1SLDxiWYZoONqXUrIuEjcM=,tag:2kRNBut9P8qSGvy1D5mJzA==,type:str] -#ENC[AES256_GCM,data:QgzAs3Xq1wgb10RNZzl0uJA=,iv:oCIr3yh3iiaskY1en7QPZvRGhC4wmzGI2MQ9qJ1FoW0=,tag:Fjcr+5Xz3gmEckizaUczgQ==,type:comment] -anki-pw: ENC[AES256_GCM,data:TGKLFfBD9UEZlvc=,iv:8GsOAxr7DI4uEsGREfsbRPA6p6/7Jl9oUXWpCmobBZ4=,tag:ZpmubPgfwmLw817sMpHRcg==,type:str] -#ENC[AES256_GCM,data:g1yoM9Q8wfA=,iv:Gj/srSIg6aI0lybHMQGu8wu2KfvzdKJ3XetoTaZwJpg=,tag:N1lqDLoqhiT7YNu4hyvwmw==,type:comment] -kanidm-forgejo-client: ENC[AES256_GCM,data:eQwwaqdWAHQ+1HgfKtx9v/5kT1rzbFfUhA==,iv:HKylHTkifgSIuq4tKPIsyOzDCn5ynl66/PLDyWW/pEQ=,tag:k3ZjA0BvdLvpbogq+e9JUQ==,type:str] -#ENC[AES256_GCM,data:7ZIGRjWPgI9l,iv:YXDxvRZ9SPO9cJBsGQ2T1i5DojjaghrlF5h53ECgukE=,tag:uXvmB3kINl4jg+18OoSpHA==,type:comment] -radicale-user: ENC[AES256_GCM,data:jsrSPQ9bk5IPSaw=,iv:4o4BYlQlWONCv5M51C1EhgbxGvg8Bir/rIdMjGO+yeo=,tag:oxrSuJS9LKRQurSM+0gfYg==,type:str] -#ENC[AES256_GCM,data:MiKHFUmTDvnrjhw=,iv:Y72pVFthqLq+LVj5bmy7dNDvXMxvTtFPEHSAfB1Dcoo=,tag:802/jEiC4zWXmvjXPwSYEw==,type:comment] -prometheus-admin-hash: ENC[AES256_GCM,data:Zp2yXBiFudvD75Yupi5mjQwL5wai+atnJ0ltzM+TnzFNzFgYv8hdilsxYSD0VDo6CZJWhEtp9ozfiETs,iv:jidoobYusa5RfAZfcdVSNj5yKBJvlRRCfcN7MYkN6Ko=,tag:2tYV/SFajv9VE+lIOuH/5w==,type:str] -snipe-it-appkey: ENC[AES256_GCM,data:6nsXRMr2Fr7e0b/0WJS7ntlg5HEedGMCGe/69kwfyb6llSp4Pn1H4eQc0Mk=,iv:ZtL9tTNZhUT+YL7Ps7ZyUBKd5W0i7ZZAeqyZbJB6ELs=,tag:nJnqHXg6OhQhRnRtraW3bA==,type:str] -snipe-it-db-password: ENC[AES256_GCM,data:Jpk3Ka4/Fk3CMdUZDf1SbaUbGbmkYl1L2YvEpGR/H4kq32Q=,iv:7t4bM8c2huTEYxUJDxu72dTueiGNOzwFjoedcQK5hdY=,tag:IHXqtICjjd4O/9MqqCyu2Q==,type:str] -#ENC[AES256_GCM,data:Z2MArzHJ5g==,iv:5IFG5SSmOOQU8hUiwLXG2UBRbPmgeq09/XU7UcPqoDc=,tag:93YLtbQgBMdDWCSl5BUVvw==,type:comment] -garage-admin-token: ENC[AES256_GCM,data:XZ4OVmqy4O2+NBqV+TlVCYb9Lk5bNoKFLcCNaNIRv0YEKcIgAlnL3bTuIaw=,iv:KvYTpvnmupx5DIVIh/EkKPkX3yr/3eLMzWB1vA5KM9k=,tag:L+kMrGSHXUsEqH0oFuBB2Q==,type:str] -garage-rpc-secret: ENC[AES256_GCM,data:uTLsZv1viatNX3f1qdDvFDKfVRgDDLv2+AUHCPo3lx/cUiB9HMcuUHJoNP8sLeuX77WXon29ZKMd5fKnydo77g==,iv:IJgDZZkA4QQfOWTWh7OLtWRZi0yE4dKE0BoJCqopWl8=,tag:wh9aWZhEehHx0nQ8UBBNKg==,type:str] sops: age: - recipient: age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u @@ -68,8 +16,8 @@ sops: cUpZZzBOZHlZdzRoS0l4SkRER1JQeTQKBeYA2sVQab9moaYlT0jE7/zMJvOJoC7V QwHXwnkjZCavAC5HIn82PzJ0DNrMKSZ136AgA+F99X0ZFyFnEIFZCQ== -----END AGE ENCRYPTED FILE----- - lastmodified: "2026-01-10T11:56:45Z" - mac: ENC[AES256_GCM,data:3Y124JX/6MsyIeOv9t0DPSv6YUICgvQn688LpXvW2jSWYRuJCbSWG67cPQHCNYP3NjFWXuASlKhDRJQicwgamh3WrE7gC7QxtqCVtwL0FTfZeOQ+vRoIejWIldcKC3YK6vKYW/O//Uhd+5rG8ah2b7XqRvgv8bwIdUKFUQqG0EA=,iv:VfsIS6+QTbv4WhykReXOGkGul7dWj0Voux2vrkv6Ecw=,tag:h7zZqbe4NAZ0PlcWBq0r2w==,type:str] + lastmodified: "2026-01-19T14:12:00Z" + mac: ENC[AES256_GCM,data:VsZDoY88nMtY6S87Odi641VrenfVOraWDgfGuKVKKrcUJtTTF4hkwI5b8dZ4Qz/9g4IxW0Siht8qodqAEnA5bvDbMlabIgIRrbO4hAJjPYEtD3Q+J2n8PVvWLU94DusgN0A4rHXbEq1Am2bUjcXKWOg2FpkUGrkJyYfj6R4l6kk=,iv:ZPMPs71eoiEddKTDwIZbYUziKDVknXGMyw062i3X3oU=,tag:IiXOOiJzuN4M1jU6dZdTJg==,type:str] pgp: - created_at: "2026-01-10T00:38:27Z" enc: |- diff --git a/hosts/nixos/x86_64-linux/summers/secrets/storage/secrets.yaml b/hosts/nixos/x86_64-linux/summers/secrets/storage/secrets.yaml index 6978c86..5f81b8e 100644 --- a/hosts/nixos/x86_64-linux/summers/secrets/storage/secrets.yaml +++ b/hosts/nixos/x86_64-linux/summers/secrets/storage/secrets.yaml @@ -1,56 +1,56 @@ wireguard-private-key: ENC[AES256_GCM,data:IsQLebLnWOCmERQLSmZAASOgxyg8itWr0o3rt6062cbWIDLO+TPJTDtlWRE=,iv:bhhFTLjhHMTfEyynklpWPTU6KCpBZJZoRLlr0o+Pk7Q=,tag:j4pCfGDo2CQPpKmpn6gVyg==,type:str] sops: age: - - recipient: age1wmx8y2hs83j2u5srdnfxljrzxm8jtxl6fr0mq7xf2ldxyglpzf2qq89rpx + - recipient: age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBMEM4alliWlBCT3VsbVA5 - OGt5bmQvZW1TaUNkbWtFdzVGNDNpY0hBOVhzCm84TldYNHBrU01HMlBkbGNwZFAw - WVk0T3FycVRHUUNtM1pTYkQ4Qmw3RTgKLS0tIE9LUlNEVjJHOGVIK1RSMmRXUDF6 - QlRKY1hRVzNTVXhESUd3OElXL2pBZXcKDWYoOzi2b4qeIbCVCfTj0lTW+OfbnsXB - 8MugCHu7+b+ju0v/lUP66jDW9/2AH4PzHtCNHjsafyzr2qnW8HlOzA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSByQ1BZbTJZVEJRLzN2N0F5 + c0VWbDVTZE5WaGw4WmM1RzUvMnVXOXVvOUFVClBCK1N6NnlxS1VzN1FOY2I0OWpI + S0VCc2djck53NFZ2TXdqbE1GQnBTSk0KLS0tIG1XNnNpQXRnbnlsU2UyMG9VRU5E + WCszSmVmQWZncU50RThkcHQvdVFMQkEKVB6ETsGVlWYqTgwX00wgasCTucYUlamR + HqiwLA5dpoLCpTVoZvp4C7iIe4b3oQtXeY+5cAWF9hXvzAGybSM6DQ== -----END AGE ENCRYPTED FILE----- - - recipient: age1c2enwel9un28dcs4wg0vcyamx9a4a6g3walkhu8w5lqhmd804paq9d24as + - recipient: age1kn34ny229gm0rg7wlcvxmcyjtz4gka6f2vd958fde6vmuzrxcvcsufra90 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJRWJXR2tYdEd4cTZsSi9l - Tm1pSC9pek5BakpEMlkwVTcrMlBuVzlXWUVrCmlnV0xJc25nL0twK3VCZ3FRK2x2 - RW52Q1NxWUhTUGY0NnQ0WEhLMWxIcFUKLS0tIG83eVM0KzdLQ004aDRKNTYvdmVZ - d3ZOSStBMFpSU2ZjNWhFRkREQWlUdmcKggVvLy1mLYGf8084RQtlipS4+z4dfPsN - HZfid0srwYnezlQ5qOY8/HrDLWHEyuZ4xFZVi4n0k49qBpNwJdmvyQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBIeDhOUWN1SmRuZ1VaN2ha + SlduNWd0L3hBYjVGV1JMYUhEUzFPZHpwZXo4CkpRb0ZqeUFSemVSK3ZYRnNrUmty + dmpua0ZlVkhSOTdpMFRUdkg4bG5yYkEKLS0tIDU2SjFMRE45NS9KWTZyTzY2aUpi + NG9kUHZNaEF1R1BaMm4rc2NMSXdhd28KY45+ozWXWkKWaMQWh0QmkMheQiF2sqos + oEQ/q/heFzj/nK88GmlRfZY1UqGYflhBsPQqUz3RhWKGVuLWZXIe/Q== -----END AGE ENCRYPTED FILE----- lastmodified: "2026-01-07T13:36:51Z" mac: ENC[AES256_GCM,data:eRO2+uoeWo+qeZR1gf7QJbydXvrLWwQQytNDM0Hxo9S8ONrSK6uA6Vac050Tmo9JM3606pr9RR3RvtRn20jcKI9X1PNVayE/hhdgug7O2CzpR7Xnekh7PM2N9hLgdH8lKdOASPXTYMQxnvKfX0oWEjLnRa28kK48GzdyrLh2iU4=,iv:UQuaMAcVjgz+fD99lJPMRvcWNduYxCccKDnwPT1ikf0=,tag:7VgsxiXcYaHnQyUoOSvmoQ==,type:str] pgp: - - created_at: "2026-01-02T21:12:51Z" + - created_at: "2026-01-12T22:05:41Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAwDh3VI7VctTARAAmvkQ9V14f0BT/bNdFVZtTlY4yVon37CX32SZPUcHV7o8 - Dya0sZd9tuVATSv79TnybscuNx95fkoZJwujBfAadexn2zY8zl1oEWEHx7p+8/mE - W8JbQAjbcbX9sNQYXc8kYJylBThmgNN/HXK7CGtgDFr9xnGzDBnDm/M31P1HwYBm - IdIQgFGErEt1K3xvw28Lk3tPuZLK3Y+H2Yna7RRF6K1blGJUvEnL6yFdA10/eFW7 - 8066mO26F2l5xFuktK0nNeniLHKa5VVYp8iM+JMhX38l0wiIi8pGyxo3uAjNpa0w - IfpCneEBe/yyaUPcWMjXmUG5LJe3kWUup8cSzvu01Z3W159/QsflxIMkIsklqhim - B2zuPdAlYsjjS/05DIHInN2IIB/rjADkQvXji1XYLhWJj4jxDeck/UIc6Q22TED+ - autlbl8d/5sqyO5ghPpShF/s0vMTqUfpXZrDrbuyDFqCfwi0ahP03bUsv20ZEz6u - zG3K5HuXHh7ATSppwuMbcv7vcjF1tkbo6XhWZDv0rY0DFWqiYhnxWwlFlGLxf4zX - g6r7Ca/E/YXG/eOET6M9DxwHjj0D7u/ryAkCktqPL9w8oNGarZQ/xMx0+ocI3byc - Zvzlmd63BtgaGNSxH3stK29KN3ED8cDkG/JzAxCATWiUBBkqW/ga4sGZqtLlSO+F - AgwDC9FRLmchgYQBD/9JbFZie25PO2CyELlUWm5SmJcugT9SK/mIA2fe1PlA+Gnf - 5z9iXraMSQchz4R1IoiixDhubwKeKp/auqhlOPvo58Lsi6iDR/WaLWabD+hcyAb1 - ck/f/PUzTLhlLcfu18VPfXVzfnky3dX8P5aS0WMLAQblj2RaaiHxnPqf49kXSn3q - VSJ0pr0nEsPuWtoCkHUAwAJ8X5GPXN2OD4YbHsNaA9h2vrJAxNd5+HNsvg8JtI88 - X/uMM7cWcaXcmNZOz166HUIPcJ5cabJ48Sv8sDfMPOcTiJkMiESBnRYTwdUcp08m - nGipSrUeW3pVOC1bGyukZb6sF84pTtCpqS+kOSfKFlxFFdAEcpzFIPuOMeo2dbKj - GSGPDemZFC2yFq883yk9/mZbgjOUsqrj0ZP3rCD5ZHpfUM5IxGQ+mKaOucTXYmif - lrTPMYnAc7pHxKZ87BgiKBYrfRAZvorLYKv8zG8YagAUw8iCtc68YUUdvLW9haQf - rwWCU1z+sszYSac7I57gfqICQhMUbs1n9S2Cn0C0xo4q2Lu36ysip4rEVGg6TmUu - znXYu+3orodw2TwC0tGxXHYKwmlr7EGnBCbdVKpDoCbV6cYkDYoPUFg0alqIPd5r - KCkee9MaCLLX7IdBrbLf1lkHGwSAs81GfZRMLBauM7/hn+hMUeIJnMbtJnVIB9Je - AdT2nSH06+POnjvxa2t0dUasnG/6ISBRSk6FgBBZ+pdVlrvaB4javgWGpiAWCUu6 - b2CMZF3HullmLj+wwAKlsZsIOXGICN5GeQxLHYF8Kx7Doj68Owu/zGM5MS+7XQ== - =wYdb + hQIMAwDh3VI7VctTAQ//fL7J9QIrlwSjvG2jM/KqEkdJZ8RKiXGF3qcWMFeMJqoP + 0DYgX0/M1c9TAcr/JzFCSzBhKzd7O7v0FLHDLaEpD5I3NsoPjfpJZB3j5tfvJD9i + O7lR3cLKiBXvA5JCkuNifKok63fR+k6RNirLJVY0UJe126xL8K3gCb7GHxSd5EOy + OUZtO6caY48gxAboVn0biNtJRZBS5wo9kaNhAahy0xsHmf/K1DCxpznFlVTGgFMQ + plnIeLSNTVgDjX9gm7/E3574FOONeU3MsUgFqxEcm9wul9cLk4+0sDZ+5OVpxP8W + o3RDO1uLm+NhmfmFamo+grSbYLHRx+dfk3I2JrK2e7z9xDqsQ7a+ZRiLmNErpG52 + 0MZTIkbm5MZRt/QU5bLNs4W5dtEqwf114LG9Nkux9i6auKfuKkTCMaGvixncdcIc + mXDCjzqWriQFEIPpwTwpBpEqfXE2au2gnj4oC8Ayu9khG3hH5Oi2VU3PjFtrUOcy + saCFJi+3n34idHqFgCYzBnqQwtCG927EoDT+KYqXIGQuxLyEn2yO0JiTI9Z5so8L + +cPrJmOT4e3TfdsIGpLGPRNvysPc5TLO7neplLy00QzOMPy6RidQPeI3E68NCTjw + mvztc1x8pMqPQZ4skamnbF+xVGYCPJFrO0MRxvr2iRpCfPTRK5AsTnMTOC3lnaKF + AgwDC9FRLmchgYQBEACwiOm8QhxZh5/ODnAM8KhRpZPepFMx5QhgAcQsvpo9KExQ + JPd7BqDGNe6Vj5I+eqAg7KihXLiv5PiOZ0CFp8pEflJrLUmh2mdB8khoVs7Q/MvE + JgiZ29EmN6nowpJAPTWHRooo63vQADCVaPfzNgAGcDeC6lz7xOFLyI2FMMBDMM3T + /H3D3QnwU4l8lEWx49LNHIH/028wj/pccTvgk+zBgfCM3zhpGzQJM5wtno6Mfv25 + di53YEzx4PlPBeR/hqtdPm0LwpqIcAVPEzjHEX7Hwe6vZ9+OaqjHtna6fo1HMh1l + wUlKCwf6/p5vKGS2lOKkM3pmrU7ADIs5Bdn+uncTw4hRtF6ZdOY1ReJKKkxTzxN+ + jKLed4NeBIy659jzHKdKqtCDXradVT/Axt+RQ/zQguijVQmOjmfMPindCbaoGA9W + g09cRxiGV87hDOgj3cjX/PMDxAjkperYaIEh4p6zbrH2nwHzbjpQXTCgOhZSByJ+ + z6J39hvFjB4w2vF63xoceZoiQgh4iQdClU5API4vHX00tDBLoUSCEzMFOon0+yo9 + j0wOKt9UIAY/3pJL1WxOWf/3AoiTxdyBa6f9meji6OOtTupZ3TqFLR9lKKl1jd5Q + cn83a7FIXnyVto1Azql5d8Vd1VxAX/XkwH5mUiI5/D45wXbSoNtRu9P2+DeHs9Je + AbpwcZthRNHDncWRCs+wnLTlTANoSJrvdKI9xYWgfmFxnoAMhqnZF08EKxQLg3zD + /W///uyfXYRRnVwg7YH0zihBoKp042bp8bZPRuj1JgyyS8dzidSWSs+jCDed5g== + =7i0m -----END PGP MESSAGE----- fp: 4BE7925262289B476DBBC17B76FD3810215AE097 unencrypted_suffix: _unencrypted diff --git a/hosts/nixos/x86_64-linux/summers/secrets/transmission/secrets.yaml b/hosts/nixos/x86_64-linux/summers/secrets/transmission/secrets.yaml index 054393a..c4f3a52 100644 --- a/hosts/nixos/x86_64-linux/summers/secrets/transmission/secrets.yaml +++ b/hosts/nixos/x86_64-linux/summers/secrets/transmission/secrets.yaml @@ -1,56 +1,56 @@ wireguard-private-key: ENC[AES256_GCM,data:o3wV7UI5BSV9YU0uaumgfFWBJlgMewpUqOusvcGWxOW8dSrT/aqpT9iu1K0=,iv:fNf6fOL8KcYBxmfFLi5K/qPmNfon16HE1fgQ86qNDNU=,tag:BoRbtrw7jvENAn5wiP/sWQ==,type:str] sops: age: - - recipient: age1wmx8y2hs83j2u5srdnfxljrzxm8jtxl6fr0mq7xf2ldxyglpzf2qq89rpx + - recipient: age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBMEM4alliWlBCT3VsbVA5 - OGt5bmQvZW1TaUNkbWtFdzVGNDNpY0hBOVhzCm84TldYNHBrU01HMlBkbGNwZFAw - WVk0T3FycVRHUUNtM1pTYkQ4Qmw3RTgKLS0tIE9LUlNEVjJHOGVIK1RSMmRXUDF6 - QlRKY1hRVzNTVXhESUd3OElXL2pBZXcKDWYoOzi2b4qeIbCVCfTj0lTW+OfbnsXB - 8MugCHu7+b+ju0v/lUP66jDW9/2AH4PzHtCNHjsafyzr2qnW8HlOzA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBMUppRWJtOVdFa2hvQmtW + ZCtjUEwxTlVXTlJjUWpERVlJYjhQNTI5aFJFClRpaWFWbmExRC93dDFQNDVlRDNP + N3JHVzBGU1g0RVBHUVg3RGhBaitOOW8KLS0tIC9uTW9tcDFxSFppdEt5ZWpzUzd3 + dTVFelhnWUk2YVNCczA5ZVFEdmpHakEKBkd/XczNimSP/5kny3axRbXZOfPAhMVW + H0OSWxamGLQpnsSHgrYdSk93Bcq24ziuVzHEaPEDag6XC7UNvsNERQ== -----END AGE ENCRYPTED FILE----- - - recipient: age1c2enwel9un28dcs4wg0vcyamx9a4a6g3walkhu8w5lqhmd804paq9d24as + - recipient: age1y69f2elvmq39lc3t3ucq9y7wt675520n7rvug88qg368qsmmk47qvwrtny enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJRWJXR2tYdEd4cTZsSi9l - Tm1pSC9pek5BakpEMlkwVTcrMlBuVzlXWUVrCmlnV0xJc25nL0twK3VCZ3FRK2x2 - RW52Q1NxWUhTUGY0NnQ0WEhLMWxIcFUKLS0tIG83eVM0KzdLQ004aDRKNTYvdmVZ - d3ZOSStBMFpSU2ZjNWhFRkREQWlUdmcKggVvLy1mLYGf8084RQtlipS4+z4dfPsN - HZfid0srwYnezlQ5qOY8/HrDLWHEyuZ4xFZVi4n0k49qBpNwJdmvyQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhYTV6MHNtOHdwSTdTaVlj + Q051M1A2eEVMZHhTRXNIRXVrSjJWZzlMTHhvCkNMaXZsRFlVTXlINGlIWjhZR25q + OTE0QXpiS3NiQ1JHVlZ5QXV1VEVNelUKLS0tIGNBR0dFRGZxYys1OUpSU2NHcWV0 + aEg5NzQxeVZPaUY1bTBBa1ZidXJrS2MKUCsDOnsmpOZTQsnvdYguDK8uH4FetcXq + nKzlSJ8zvYXzb91PfCcjYbp3ttUGeeJLVPnrD42+3i8H2U8btSrR8w== -----END AGE ENCRYPTED FILE----- lastmodified: "2026-01-07T13:36:52Z" mac: ENC[AES256_GCM,data:Sb9HItfMt5WaTYJw1/OcPVR3SBKzAifgK0NTwSb59ByxAsaOhkXrGL2cx+6p7QpVBw2V9duiFVmZhOp9vW2clCQX2RwiSAxaRLcDtVIoqB7YfmiNTdzrEDFHJNndbT6Vs0qOb42tjMyKXGZIcrA55G3Vh8S5Qy5w3IW4CSwI20U=,iv:pRjPa71yPRy4X29IPjk9Jju4JZkhIK2uucgK/dBX4L8=,tag:2RD746vX1mlQu3GyDELF8w==,type:str] pgp: - - created_at: "2026-01-02T21:12:51Z" + - created_at: "2026-01-12T22:05:42Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAwDh3VI7VctTARAAmvkQ9V14f0BT/bNdFVZtTlY4yVon37CX32SZPUcHV7o8 - Dya0sZd9tuVATSv79TnybscuNx95fkoZJwujBfAadexn2zY8zl1oEWEHx7p+8/mE - W8JbQAjbcbX9sNQYXc8kYJylBThmgNN/HXK7CGtgDFr9xnGzDBnDm/M31P1HwYBm - IdIQgFGErEt1K3xvw28Lk3tPuZLK3Y+H2Yna7RRF6K1blGJUvEnL6yFdA10/eFW7 - 8066mO26F2l5xFuktK0nNeniLHKa5VVYp8iM+JMhX38l0wiIi8pGyxo3uAjNpa0w - IfpCneEBe/yyaUPcWMjXmUG5LJe3kWUup8cSzvu01Z3W159/QsflxIMkIsklqhim - B2zuPdAlYsjjS/05DIHInN2IIB/rjADkQvXji1XYLhWJj4jxDeck/UIc6Q22TED+ - autlbl8d/5sqyO5ghPpShF/s0vMTqUfpXZrDrbuyDFqCfwi0ahP03bUsv20ZEz6u - zG3K5HuXHh7ATSppwuMbcv7vcjF1tkbo6XhWZDv0rY0DFWqiYhnxWwlFlGLxf4zX - g6r7Ca/E/YXG/eOET6M9DxwHjj0D7u/ryAkCktqPL9w8oNGarZQ/xMx0+ocI3byc - Zvzlmd63BtgaGNSxH3stK29KN3ED8cDkG/JzAxCATWiUBBkqW/ga4sGZqtLlSO+F - AgwDC9FRLmchgYQBD/9JbFZie25PO2CyELlUWm5SmJcugT9SK/mIA2fe1PlA+Gnf - 5z9iXraMSQchz4R1IoiixDhubwKeKp/auqhlOPvo58Lsi6iDR/WaLWabD+hcyAb1 - ck/f/PUzTLhlLcfu18VPfXVzfnky3dX8P5aS0WMLAQblj2RaaiHxnPqf49kXSn3q - VSJ0pr0nEsPuWtoCkHUAwAJ8X5GPXN2OD4YbHsNaA9h2vrJAxNd5+HNsvg8JtI88 - X/uMM7cWcaXcmNZOz166HUIPcJ5cabJ48Sv8sDfMPOcTiJkMiESBnRYTwdUcp08m - nGipSrUeW3pVOC1bGyukZb6sF84pTtCpqS+kOSfKFlxFFdAEcpzFIPuOMeo2dbKj - GSGPDemZFC2yFq883yk9/mZbgjOUsqrj0ZP3rCD5ZHpfUM5IxGQ+mKaOucTXYmif - lrTPMYnAc7pHxKZ87BgiKBYrfRAZvorLYKv8zG8YagAUw8iCtc68YUUdvLW9haQf - rwWCU1z+sszYSac7I57gfqICQhMUbs1n9S2Cn0C0xo4q2Lu36ysip4rEVGg6TmUu - znXYu+3orodw2TwC0tGxXHYKwmlr7EGnBCbdVKpDoCbV6cYkDYoPUFg0alqIPd5r - KCkee9MaCLLX7IdBrbLf1lkHGwSAs81GfZRMLBauM7/hn+hMUeIJnMbtJnVIB9Je - AdT2nSH06+POnjvxa2t0dUasnG/6ISBRSk6FgBBZ+pdVlrvaB4javgWGpiAWCUu6 - b2CMZF3HullmLj+wwAKlsZsIOXGICN5GeQxLHYF8Kx7Doj68Owu/zGM5MS+7XQ== - =wYdb + hQIMAwDh3VI7VctTAQ/+K/beVKMITwy7ZM0X3cUvtYuMzo0FaH7qEcoN7Ie9tuT6 + ZF6/BIBHVrS+953Gw0HJajWQENAKphKqL6TT8SHSpsdUpTns7rxJZlRm8C2FP3SV + eqrtQuzm2GhRVzm/69nOkq7vzrRJjP7/6ZmO+1E3gURiBLJla/MHRHi+NRrYrq+H + VdWWwBAe1T7Kd1WNRL+o7zxwkH+b9OIL5Ia6WI8jtQizDAI33iTbtfxO5ppXIyoL + PEV+2ePTWJxV+dJBbCfDHioY7l7I5yWCKkuVmVBp+CNrNGLPdU1Ta49wODt2Isy7 + 4F3YihAX3N8MDZ09aB8UeCmzNIDXt0Y+1Nrd8Z7ctIgu/Gji7Jyc5bBCgpi9Q9N7 + 2uVm6m8P6uSeifZ5e+obJUqYwaRUO4va2/tSX2TTWK5l5svIEQh/hPmWowJrCCSl + 1lh0cA24M8ljphdltBgxzfiByGobde3nNeak+8CGYZUZq7xIMwyIMoWTlnSy0Fno + oJxe6nasxZqQTIqBu3Dra4oBnSTxWJ6SWbuaeegbnGWRp8Pfjs1mGWF6oNYaBwoa + gvT2qzjzah/b6VEfo9m3mGnLAubU14a2zoSnQ2zZOZp3k7JUbkCB1Q90NACD3wl6 + Z+qCEP9YHA39Dga52jwy5yfYmxuZVKPIXJgtUrSAzGQrTGyBmOorN0NhbLFoD0WF + AgwDC9FRLmchgYQBD/9Ro2xVCqlyifNx7ec+yBLufPsgqq1x12EPOEEtDthfzUdc + FV3K/+kv0QmYveqfhBQsMqGvVUGW6UW4b4YijUMd2eoJin4UcwUJNpXUS9aKohcH + bHFH0gExhDGruRs0z1rBbjuZTWYhzeYv9kl9HdJx7Hh2eFJR+0T6DrLlJ6GoVERd + HKy4nmWtO8wbkVT1akSZVavZLwB3J/5EG0zH/CD6x15Spk+1aurWqbmPlEy8S0qA + Nf002A7RV1YD3ykZg/Ie8bPXt2ghuO7UU73mz83dTskoYggf+L01BXA3K/xd1ei9 + tTeLn+INrLcQ+3FNI+zl+b9HbWo1hIO0xG1IRyWWUDTbssU2HdVO5ppnmYC/15h0 + 6loY4EJeWAiMe/LZlXpeW9y3YdTPQvzjhKi63KYh184RoZNBjdRtrgIKX/zJJnyG + 4UqX8d6yQrbAABnBslradSNzsMuf9504MJ81ZKeJPF3JwDEtkW/i6VMnkRCgvDsG + FWMIsrWttTd3BcqvgHUkxHHwnGglvvmPh3SvkdPB4ctzYFGCxyQHV0ymFC8xmkNc + gP+U5cYj/tdGSbP0P7SW09cj8nbSClZ7OZMpHViQTSOyFkPvVQYOtjJt54WwJn09 + aXTIiK3+xSORpgKLxFJYeLRY7OjtFqyVPUh0VE5GlGA7LxqpAa18w1bfS1XR8NJe + AZKgUbEp1prBgI4aeLqTr7qk4LkdmaVPxjuAUX1mg6annIHOnPLlaY54GzWtG4Cn + 5/F6ZRNQK8pxr82lctEqGPN0I+/Fp7nky7xmBBzymV26LJLWG77UrQONeLlNWQ== + =gUDk -----END PGP MESSAGE----- fp: 4BE7925262289B476DBBC17B76FD3810215AE097 unencrypted_suffix: _unencrypted diff --git a/hosts/nixos/x86_64-linux/winters/default.nix b/hosts/nixos/x86_64-linux/winters/default.nix index a167da3..570ccfb 100644 --- a/hosts/nixos/x86_64-linux/winters/default.nix +++ b/hosts/nixos/x86_64-linux/winters/default.nix @@ -41,26 +41,6 @@ serverName = "hintbooth"; }; }; - restic = { - bucketName = "SwarselWinters"; - paths = [ - "/Vault/data/paperless" - "/Vault/data/koillection" - "/Vault/data/postgresql" - "/Vault/data/firefly-iii" - "/Vault/data/radicale" - "/Vault/data/matrix-synapse" - "/Vault/Eternor/Paperless" - "/Vault/Eternor/Bilder" - "/Vault/Eternor/Immich" - ]; - }; - garage = { - data_dir = { - capacity = "200G"; - path = "/Vault/data/garage/data"; - }; - }; }; }; @@ -72,35 +52,6 @@ swarselmodules.server = { diskEncryption = lib.mkForce false; - # nginx = true; # for php stuff - # acme = false; # cert handled by proxy - # wireguard = true; - - # nfs = true; - # kavita = true; - # restic = true; - # jellyfin = true; - # navidrome = true; - # spotifyd = true; - # mpd = true; - # postgresql = true; - # matrix = true; - # nextcloud = true; - # immich = true; - # paperless = true; - # transmission = true; - # syncthing = true; - # grafana = true; - # freshrss = true; - # kanidm = true; - # firefly-iii = true; - # koillection = true; - # radicale = true; - # atuin = true; - # forgejo = true; - # ankisync = true; - # homebox = true; - # opkssh = true; }; networking.nftables.firewall.zones.untrusted.interfaces = [ "lan" "enp3s0" ]; diff --git a/modules/nixos/client/uwsm.nix b/modules/nixos/client/uwsm.nix index 5c9d66e..2304d27 100644 --- a/modules/nixos/client/uwsm.nix +++ b/modules/nixos/client/uwsm.nix @@ -1,6 +1,7 @@ -{ lib, config, ... }: +{ lib, config, pkgs, ... }: let moduleName = "uwsm"; + cfg = config.programs.uwsm; in { options.swarselmodules.${moduleName} = lib.mkEnableOption "${moduleName} settings"; @@ -20,5 +21,39 @@ in }; }; }; + + services.displayManager.sessionPackages = + let + mk_uwsm_desktop_entry = + opts: + (pkgs.writeTextFile { + name = "${opts.name}-uwsm"; + text = '' + [Desktop Entry] + Name=${opts.prettyName} (UWSM) + Comment=${opts.comment} + Exec=${lib.getExe cfg.package} start -F -- ${opts.binPath} ${lib.strings.escapeShellArgs opts.extraArgs} + Type=Application + ''; + destination = "/share/wayland-sessions/${opts.name}-uwsm.desktop"; + derivationArgs = { + passthru.providedSessions = [ "${opts.name}-uwsm" ]; + }; + }); + in + lib.mkForce (lib.mapAttrsToList + ( + name: value: + mk_uwsm_desktop_entry { + inherit name; + inherit (value) + prettyName + comment + binPath + extraArgs + ; + } + ) + cfg.waylandCompositors); }; } diff --git a/modules/nixos/common/users.nix b/modules/nixos/common/users.nix index e6c11a4..be4d0b4 100644 --- a/modules/nixos/common/users.nix +++ b/modules/nixos/common/users.nix @@ -15,6 +15,18 @@ isNormalUser = true; uid = 1000; autoSubUidGidRange = false; + subUidRanges = [ + { + count = 65534; + startUid = 100001; + } + ]; + subGidRanges = [ + { + count = 999; + startGid = 1001; + } + ]; description = "Leon S"; password = lib.mkIf (minimal || config.swarselsystems.isPublic) "setup"; hashedPasswordFile = lib.mkIf (!minimal && !config.swarselsystems.isPublic) config.sops.secrets.main-user-hashed-pw.path; diff --git a/modules/nixos/optional/microvm-guest.nix b/modules/nixos/optional/microvm-guest.nix index 28c8c91..73e0794 100644 --- a/modules/nixos/optional/microvm-guest.nix +++ b/modules/nixos/optional/microvm-guest.nix @@ -32,8 +32,6 @@ # NOTE: this is needed, we dont import sevrer network module for microvms globals.hosts.${config.node.name}.isHome = true; - fileSystems."/persist".neededForBoot = lib.mkForce true; - systemd.network.networks."10-vlan-services" = { dhcpV6Config = { WithoutRA = "solicit"; diff --git a/modules/nixos/server/ankisync.nix b/modules/nixos/server/ankisync.nix index 65e928f..3585ec4 100644 --- a/modules/nixos/server/ankisync.nix +++ b/modules/nixos/server/ankisync.nix @@ -36,6 +36,10 @@ in }; }; + environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [{ directory = "/var/lib/private/${serviceName}"; }]; + }; + services.anki-sync-server = { enable = true; port = servicePort; diff --git a/modules/nixos/server/atuin.nix b/modules/nixos/server/atuin.nix index 19b706c..351139f 100644 --- a/modules/nixos/server/atuin.nix +++ b/modules/nixos/server/atuin.nix @@ -7,6 +7,10 @@ in options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server"; config = lib.mkIf config.swarselmodules.server.${serviceName} { + swarselmodules.server = { + postgresql = true; + }; + topology.self.services.${serviceName}.info = "https://${serviceDomain}"; globals = { diff --git a/modules/nixos/server/firefly-iii.nix b/modules/nixos/server/firefly-iii.nix index cf77b73..2f952c2 100644 --- a/modules/nixos/server/firefly-iii.nix +++ b/modules/nixos/server/firefly-iii.nix @@ -42,12 +42,16 @@ in homeServiceAddress = lib.mkIf isHome homeServiceAddress; }; + environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [{ directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; }]; + }; + services = { ${serviceName} = { enable = true; user = serviceUser; group = if cfg.enableNginx then nginxGroup else serviceGroup; - dataDir = "/Vault/data/${serviceName}"; + dataDir = "/var/lib/${serviceName}"; settings = { TZ = config.repo.secrets.common.location.timezone; APP_URL = "https://${serviceDomain}"; diff --git a/modules/nixos/server/forgejo.nix b/modules/nixos/server/forgejo.nix index 5ae8125..146ac7c 100644 --- a/modules/nixos/server/forgejo.nix +++ b/modules/nixos/server/forgejo.nix @@ -44,9 +44,13 @@ in }; }; + environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [{ directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; }]; + }; + services.${serviceName} = { enable = true; - stateDir = "/Vault/data/${serviceName}"; + stateDir = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; lfs.enable = lib.mkDefault true; diff --git a/modules/nixos/server/freshrss.nix b/modules/nixos/server/freshrss.nix index df0a809..bdae10f 100644 --- a/modules/nixos/server/freshrss.nix +++ b/modules/nixos/server/freshrss.nix @@ -61,6 +61,10 @@ in homeServiceAddress = lib.mkIf isHome homeServiceAddress; }; + environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [{ directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; }]; + }; + services.${serviceName} = let inherit (config.repo.secrets.local.freshrss) defaultUser; @@ -71,7 +75,7 @@ in virtualHost = serviceDomain; baseUrl = "https://${serviceDomain}"; authType = "form"; - dataDir = "/Vault/data/tt-rss"; + dataDir = "/var/lib/freshrss"; passwordFile = config.sops.secrets.freshrss-pw.path; }; diff --git a/modules/nixos/server/homebox.nix b/modules/nixos/server/homebox.nix index 5325cce..b076405 100644 --- a/modules/nixos/server/homebox.nix +++ b/modules/nixos/server/homebox.nix @@ -1,6 +1,6 @@ { self, lib, pkgs, config, globals, dns, confLib, ... }: let - inherit (confLib.gen { name = "homebox"; port = 7745; }) servicePort serviceName serviceDomain serviceAddress proxyAddress4 proxyAddress6; + inherit (confLib.gen { name = "homebox"; port = 7745; }) servicePort serviceName serviceUser serviceGroup serviceDomain serviceAddress proxyAddress4 proxyAddress6; inherit (confLib.static) isHome isProxied webProxy homeWebProxy dnsServer homeProxyIf webProxyIf homeServiceAddress nginxAccessRules; in { @@ -13,6 +13,10 @@ in icon = "${self}/files/topology-images/${serviceName}.png"; }; + swarselmodules.server = { + postgresql = true; + }; + users.persistentIds = { homebox = confLib.mkIds 981; }; @@ -33,14 +37,14 @@ in }; }; + environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [{ directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; }]; + }; + systemd.services.homebox = { environment = { TMPDIR = "/var/lib/homebox/.tmp"; - }; - serviceConfig = { - # ReadWritePaths = "/var/lib/homebox"; - RuntimeDirectory = "homebox"; - BindPaths = "/run/homebox:/var/lib/homebox/.tmp"; + HOME = "/var/lib/homebox"; }; }; diff --git a/modules/nixos/server/id.nix b/modules/nixos/server/id.nix index f6db715..fa67280 100644 --- a/modules/nixos/server/id.nix +++ b/modules/nixos/server/id.nix @@ -15,59 +15,61 @@ in { options = { swarselmodules.server.ids = lib.mkEnableOption "enable persistent ids on server"; - users.persistentIds = mkOption { - default = { }; - description = '' - Maps a user or group name to its expected uid/gid values. If a user/group is - used on the system without specifying a uid/gid, this module will assign the - corresponding ids defined here, or show an error if the definition is missing. - ''; - type = types.attrsOf ( - types.submodule { - options = { - uid = mkOption { - type = types.nullOr types.int; - default = null; - description = "The uid to assign if it is missing in `users.users.`."; + users = { + persistentIds = mkOption { + default = { }; + description = '' + Maps a user or group name to its expected uid/gid values. If a user/group is + used on the system without specifying a uid/gid, this module will assign the + corresponding ids defined here, or show an error if the definition is missing. + ''; + type = types.attrsOf ( + types.submodule { + options = { + uid = mkOption { + type = types.nullOr types.int; + default = null; + description = "The uid to assign if it is missing in `users.users.`."; + }; + gid = mkOption { + type = types.nullOr types.int; + default = null; + description = "The gid to assign if it is missing in `users.groups.`."; + }; }; - gid = mkOption { - type = types.nullOr types.int; - default = null; - description = "The gid to assign if it is missing in `users.groups.`."; - }; - }; - } - ); - }; - - users.users = mkOption { - type = types.attrsOf ( - types.submodule ( - { name, ... }: - { - config.uid = - let - persistentUid = cfg.${name}.uid or null; - in - mkIf (persistentUid != null) (mkDefault persistentUid); } - ) - ); - }; + ); + }; - users.groups = mkOption { - type = types.attrsOf ( - types.submodule ( - { name, ... }: - { - config.gid = - let - persistentGid = cfg.${name}.gid or null; - in - mkIf (persistentGid != null) (mkDefault persistentGid); - } - ) - ); + users = mkOption { + type = types.attrsOf ( + types.submodule ( + { name, ... }: + { + config.uid = + let + persistentUid = cfg.${name}.uid or null; + in + mkIf (persistentUid != null) (mkDefault persistentUid); + } + ) + ); + }; + + groups = mkOption { + type = types.attrsOf ( + types.submodule ( + { name, ... }: + { + config.gid = + let + persistentGid = cfg.${name}.gid or null; + in + mkIf (persistentGid != null) (mkDefault persistentGid); + } + ) + ); + }; }; }; config = lib.mkIf config.swarselmodules.server.ids { diff --git a/modules/nixos/server/immich.nix b/modules/nixos/server/immich.nix index 568b516..3772b59 100644 --- a/modules/nixos/server/immich.nix +++ b/modules/nixos/server/immich.nix @@ -1,12 +1,16 @@ { lib, pkgs, config, globals, dns, confLib, ... }: let - inherit (confLib.gen { name = "immich"; port = 3001; }) servicePort serviceName serviceUser serviceDomain serviceAddress proxyAddress4 proxyAddress6; + inherit (confLib.gen { name = "immich"; port = 3001; }) servicePort serviceName serviceUser serviceGroup serviceDomain serviceAddress proxyAddress4 proxyAddress6; inherit (confLib.static) isHome isProxied webProxy homeWebProxy dnsServer homeProxyIf webProxyIf homeServiceAddress nginxAccessRules; in { options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server"; config = lib.mkIf config.swarselmodules.server.${serviceName} { + swarselmodules.server = { + postgresql = true; + }; + users = { persistentIds = { immich = confLib.mkIds 989; @@ -36,13 +40,21 @@ in }; }; + environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [ + { directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; } + { directory = "/var/cache/${serviceName}"; user = serviceUser; group = serviceGroup; } + { directory = "/var/lib/redis-${serviceName}"; user = "redis-${serviceUser}"; group = "redis-${serviceGroup}"; } + ]; + }; + services.${serviceName} = { enable = true; package = pkgs.immich; host = "0.0.0.0"; port = servicePort; # openFirewall = true; - mediaLocation = "/Vault/Eternor/Immich"; # dataDir + mediaLocation = "/storage/Pictures/${serviceName}"; # dataDir environment = { IMMICH_MACHINE_LEARNING_URL = lib.mkForce "http://localhost:3003"; }; diff --git a/modules/nixos/server/jellyfin.nix b/modules/nixos/server/jellyfin.nix index fcd9910..6627a68 100644 --- a/modules/nixos/server/jellyfin.nix +++ b/modules/nixos/server/jellyfin.nix @@ -1,6 +1,6 @@ { pkgs, lib, config, globals, dns, confLib, ... }: let - inherit (confLib.gen { name = "jellyfin"; port = 8096; }) servicePort serviceName serviceUser serviceDomain serviceAddress proxyAddress4 proxyAddress6; + inherit (confLib.gen { name = "jellyfin"; port = 8096; }) servicePort serviceName serviceUser serviceGroup serviceDomain serviceAddress proxyAddress4 proxyAddress6; inherit (confLib.static) isHome isProxied webProxy homeWebProxy dnsServer homeProxyIf webProxyIf nginxAccessRules homeServiceAddress; in { @@ -51,6 +51,13 @@ in # openFirewall = true; # this works only for the default ports }; + environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [ + { directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; } + { directory = "/var/cache/${serviceName}"; user = serviceUser; group = serviceGroup; } + ]; + }; + nodes = { ${dnsServer}.swarselsystems.server.dns.${globals.services.${serviceName}.baseDomain}.subdomainRecords = { "${globals.services.${serviceName}.subDomain}" = dns.lib.combinators.host proxyAddress4 proxyAddress6; diff --git a/modules/nixos/server/jenkins.nix b/modules/nixos/server/jenkins.nix index e400172..cda5315 100644 --- a/modules/nixos/server/jenkins.nix +++ b/modules/nixos/server/jenkins.nix @@ -1,6 +1,6 @@ { pkgs, lib, config, globals, dns, confLib, ... }: let - inherit (confLib.gen { name = "jenkins"; port = 8088; }) servicePort serviceName serviceDomain serviceAddress proxyAddress4 proxyAddress6; + inherit (confLib.gen { name = "jenkins"; port = 8088; }) servicePort serviceName serviceUser serviceGroup serviceDomain serviceAddress proxyAddress4 proxyAddress6; inherit (confLib.static) isHome isProxied webProxy homeWebProxy dnsServer homeProxyIf webProxyIf homeServiceAddress nginxAccessRules; in { @@ -23,13 +23,17 @@ in }; }; + environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [{ directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; }]; + }; + services.jenkins = { enable = true; withCLI = true; port = servicePort; packages = [ pkgs.stdenv pkgs.git pkgs.jdk17 config.programs.ssh.package pkgs.nix ]; listenAddress = "0.0.0.0"; - home = "/Vault/apps/${serviceName}"; + home = "/var/lib/${serviceName}"; }; nodes = { diff --git a/modules/nixos/server/kanidm.nix b/modules/nixos/server/kanidm.nix index 17dd259..6de8284 100644 --- a/modules/nixos/server/kanidm.nix +++ b/modules/nixos/server/kanidm.nix @@ -80,12 +80,19 @@ in }; }; - environment.persistence."/persist" = lib.mkIf config.swarselsystems.isImpermanence { - files = [ - certPathBase - keyPathBase - ]; + environment.persistence = { + "/persist" = lib.mkIf config.swarselsystems.isImpermanence { + files = [ + certPathBase + keyPathBase + ]; + }; + + "/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [{ directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; }]; + }; }; + systemd.services."generateSSLCert-${serviceName}" = let daysValid = 3650; diff --git a/modules/nixos/server/kavita.nix b/modules/nixos/server/kavita.nix index ce6bf10..2e59d4f 100644 --- a/modules/nixos/server/kavita.nix +++ b/modules/nixos/server/kavita.nix @@ -2,7 +2,7 @@ let inherit (config.swarselsystems) sopsFile; - inherit (confLib.gen { name = "kavita"; port = 8080; }) servicePort serviceName serviceUser serviceDomain serviceAddress proxyAddress4 proxyAddress6; + inherit (confLib.gen { name = "kavita"; port = 8080; }) servicePort serviceName serviceUser serviceGroup serviceDomain serviceAddress proxyAddress4 proxyAddress6; inherit (confLib.static) isHome isProxied webProxy homeWebProxy dnsServer homeProxyIf webProxyIf nginxAccessRules homeServiceAddress; in { @@ -29,6 +29,10 @@ in icon = "${self}/files/topology-images/${serviceName}.png"; }; + environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [{ directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; }]; + }; + globals = { networks = { ${webProxyIf}.hosts = lib.mkIf isProxied { @@ -50,7 +54,7 @@ in user = serviceUser; settings.Port = servicePort; tokenKeyFile = config.sops.secrets.kavita-token.path; - dataDir = "/Vault/data/${serviceName}"; + dataDir = "/var/lib/${serviceName}"; }; nodes = { diff --git a/modules/nixos/server/koillection.nix b/modules/nixos/server/koillection.nix index d7ad07c..7adf1db 100644 --- a/modules/nixos/server/koillection.nix +++ b/modules/nixos/server/koillection.nix @@ -1,6 +1,6 @@ { self, lib, config, globals, dns, confLib, ... }: let - inherit (confLib.gen { name = "koillection"; port = 2282; dir = "/Vault/data/koillection"; }) servicePort serviceName serviceUser serviceDir serviceDomain serviceAddress proxyAddress4 proxyAddress6; + inherit (confLib.gen { name = "koillection"; port = 2282; dir = "/var/lib/koillection"; }) servicePort serviceName serviceUser serviceDir serviceDomain serviceAddress proxyAddress4 proxyAddress6; inherit (confLib.static) isHome isProxied webProxy homeWebProxy dnsServer homeProxyIf webProxyIf homeServiceAddress nginxAccessRules; serviceDB = "koillection"; @@ -46,6 +46,10 @@ in }; }; + environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [{ directory = "/var/lib/${serviceName}"; }]; + }; + virtualisation.oci-containers.containers = { koillection = { image = "koillection/koillection@${containerRev}"; diff --git a/modules/nixos/server/mailserver.nix b/modules/nixos/server/mailserver.nix index b2f910c..df187e3 100644 --- a/modules/nixos/server/mailserver.nix +++ b/modules/nixos/server/mailserver.nix @@ -1,7 +1,7 @@ { self, lib, config, globals, dns, confLib, ... }: let inherit (config.swarselsystems) sopsFile; - inherit (confLib.gen { name = "mailserver"; dir = "/var/lib/dovecot"; user = "virtualMail"; group = "virtualMail"; port = 443; }) serviceName serviceDir servicePort serviceUser serviceGroup serviceAddress serviceDomain proxyAddress4 proxyAddress6; + inherit (confLib.gen { name = "mailserver"; dir = "/var/lib/dovecot"; user = "virtualMail"; group = "virtualMail"; port = 80; }) serviceName serviceDir servicePort serviceUser serviceGroup serviceAddress serviceDomain proxyAddress4 proxyAddress6; inherit (confLib.static) isHome webProxy homeWebProxy dnsServer homeServiceAddress nginxAccessRules; inherit (config.repo.secrets.local.mailserver) user1 alias1_1 alias1_2 alias1_3 alias1_4 user2 alias2_1 alias2_2 alias2_3 user3; baseDomain = globals.domains.main; diff --git a/modules/nixos/server/matrix.nix b/modules/nixos/server/matrix.nix index c77caa7..9835376 100644 --- a/modules/nixos/server/matrix.nix +++ b/modules/nixos/server/matrix.nix @@ -1,7 +1,7 @@ { self, lib, config, pkgs, globals, dns, confLib, ... }: let inherit (config.swarselsystems) sopsFile; - inherit (confLib.gen { name = "matrix"; user = "matrix-synapse"; port = 8008; }) servicePort serviceName serviceUser serviceDomain serviceAddress proxyAddress4 proxyAddress6; + inherit (confLib.gen { name = "matrix"; user = "matrix-synapse"; port = 8008; }) servicePort serviceName serviceUser serviceGroup serviceDomain serviceAddress proxyAddress4 proxyAddress6; inherit (confLib.static) isHome isProxied webProxy homeWebProxy dnsServer homeProxyIf webProxyIf homeServiceAddress nginxAccessRules; federationPort = 8448; @@ -21,6 +21,10 @@ in options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server"; config = lib.mkIf config.swarselmodules.server.${serviceName} { + swarselmodules.server = { + postgresql = true; + }; + environment.systemPackages = with pkgs; [ matrix-synapse lottieconverter @@ -118,9 +122,18 @@ in }; }; + environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [ + { directory = "/var/lib/matrix-synapse"; user = serviceUser; group = serviceGroup; } + { directory = "/var/lib/mautrix-whatsapp"; user = "mautrix-whatsapp"; group = "mautrix-whatsapp"; } + { directory = "/var/lib/mautrix-telegram"; user = "mautrix-telegram"; group = "mautrix-telegram"; } + { directory = "/var/lib/mautrix-signal"; user = "mautrix-signal"; group = "mautrix-signal"; } + ]; + }; + + services = { postgresql = { - enable = true; initialScript = pkgs.writeText "synapse-init.sql" '' CREATE ROLE "matrix-synapse" WITH LOGIN PASSWORD 'synapse'; CREATE DATABASE "matrix-synapse" WITH OWNER "matrix-synapse" @@ -147,7 +160,7 @@ in matrix-synapse = { enable = true; - dataDir = "/Vault/data/matrix-synapse"; + dataDir = "/var/lib/matrix-synapse"; settings = { app_service_config_files = let diff --git a/modules/nixos/server/monitoring.nix b/modules/nixos/server/monitoring.nix index a74489e..95a634a 100644 --- a/modules/nixos/server/monitoring.nix +++ b/modules/nixos/server/monitoring.nix @@ -47,8 +47,10 @@ in node-exporter = confLib.mkIds 987; grafana = confLib.mkIds 974; }; + groups.nextcloud-exporter = { }; users = { nextcloud-exporter = { + group = "nextcloud-exporter"; extraGroups = [ "nextcloud" ]; }; @@ -78,10 +80,17 @@ in }; }; + environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [ + { directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; } + { directory = "/var/lib/prometheus2"; user = prometheusUser; group = prometheusGroup; } + ]; + }; + services = { ${serviceName} = { enable = true; - dataDir = "/Vault/data/${serviceName}"; + dataDir = "/var/lib/${serviceName}"; provision = { enable = true; datasources.settings = { diff --git a/modules/nixos/server/mpd.nix b/modules/nixos/server/mpd.nix index e5734f5..807135d 100644 --- a/modules/nixos/server/mpd.nix +++ b/modules/nixos/server/mpd.nix @@ -36,9 +36,13 @@ in icon = "${self}/files/topology-images/${serviceName}.png"; }; + environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [{ directory = "/var/lib/${serviceName}"; user = "mpd"; group = "mpd"; }]; + }; + services.${serviceName} = { enable = true; - musicDirectory = "/media"; + musicDirectory = "/storage/Music"; user = serviceUser; group = serviceGroup; network = { diff --git a/modules/nixos/server/navidrome.nix b/modules/nixos/server/navidrome.nix index c202573..0374395 100644 --- a/modules/nixos/server/navidrome.nix +++ b/modules/nixos/server/navidrome.nix @@ -76,6 +76,10 @@ in }; }; + environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [{ directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; }]; + }; + services.${serviceName} = { enable = true; # openFirewall = true; @@ -83,7 +87,7 @@ in LogLevel = "debug"; Address = "0.0.0.0"; Port = servicePort; - MusicFolder = "/Vault/Eternor/Music"; + MusicFolder = "/storage/Music"; PlaylistsPath = "./Playlists"; AutoImportPlaylists = false; EnableSharing = true; diff --git a/modules/nixos/server/nextcloud.nix b/modules/nixos/server/nextcloud.nix index c91e79a..0f84490 100644 --- a/modules/nixos/server/nextcloud.nix +++ b/modules/nixos/server/nextcloud.nix @@ -27,6 +27,13 @@ in homeServiceAddress = lib.mkIf isHome homeServiceAddress; }; + environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [ + { directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; } + { directory = "/var/lib/redis-${serviceName}"; user = serviceUser; group = serviceGroup; } + ]; + }; + services = { ${serviceName} = { enable = true; @@ -36,8 +43,8 @@ in }; package = pkgs."nextcloud${nextcloudVersion}"; hostName = serviceDomain; - home = "/Vault/data/${serviceName}"; - datadir = "/Vault/data/${serviceName}"; + home = "/var/lib/${serviceName}"; + datadir = "/var/lib/${serviceName}"; https = true; configureRedis = true; maxUploadSize = "4G"; diff --git a/modules/nixos/server/nfs.nix b/modules/nixos/server/nfs.nix index fb6a776..cff9b09 100644 --- a/modules/nixos/server/nfs.nix +++ b/modules/nixos/server/nfs.nix @@ -10,6 +10,12 @@ in avahi = confLib.mkIds 978; }; + environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [ + { directory = "/var/cache/samba"; } + ]; + }; + services = { # add a user with sudo smbpasswd -a samba = { @@ -35,7 +41,7 @@ in browseable = "yes"; "read only" = "no"; "guest ok" = "no"; - path = "/Vault/Eternor"; + path = "/storage"; writable = "true"; comment = "Eternor"; "valid users" = nfsUser; diff --git a/modules/nixos/server/nginx.nix b/modules/nixos/server/nginx.nix index 4f57d92..918da3e 100644 --- a/modules/nixos/server/nginx.nix +++ b/modules/nixos/server/nginx.nix @@ -84,8 +84,15 @@ in networking.firewall.allowedTCPPorts = [ 80 443 ]; - environment.persistence."/persist" = lib.mkIf config.swarselsystems.isImpermanence { - files = [ dhParamsPathBase ]; + environment.persistence = { + "/persist" = lib.mkIf config.swarselsystems.isImpermanence { + files = [ dhParamsPathBase ]; + }; + "/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [ + { directory = "/var/cache/nginx"; user = "nginx"; group = "nginx"; } + ]; + }; }; services.nginx = { diff --git a/modules/nixos/server/oauth2-proxy.nix b/modules/nixos/server/oauth2-proxy.nix index f6c6a23..0650a88 100644 --- a/modules/nixos/server/oauth2-proxy.nix +++ b/modules/nixos/server/oauth2-proxy.nix @@ -139,6 +139,10 @@ in }; }; + users = { + persistentIds.oauth2-proxy = confLib.mkIds 966; + }; + # needed for homeWebProxy networking.firewall.allowedTCPPorts = [ servicePort ]; diff --git a/modules/nixos/server/opkssh.nix b/modules/nixos/server/opkssh.nix index 597240d..6f2a4de 100644 --- a/modules/nixos/server/opkssh.nix +++ b/modules/nixos/server/opkssh.nix @@ -5,7 +5,7 @@ let kanidmDomain = globals.services.kanidm.domain; inherit (config.swarselsystems) mainUser; - inherit (config.repo.secrets.local) persons; + mailAddress = config.repo.secrets.common.mail.address4; in { options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server"; @@ -29,7 +29,7 @@ in authorizations = [ { user = mainUser; - principal = builtins.head persons.${mainUser}.mailAddresses; + principal = mailAddress; inherit (config.services.opkssh.providers.kanidm) issuer; } ]; diff --git a/modules/nixos/server/paperless.nix b/modules/nixos/server/paperless.nix index 0d119a5..ad1efa6 100644 --- a/modules/nixos/server/paperless.nix +++ b/modules/nixos/server/paperless.nix @@ -44,11 +44,21 @@ in }; }; + environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [ + { directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; } + { directory = "/var/lib/redis-${serviceName}"; user = "redis-${serviceUser}"; group = "redis-${serviceGroup}"; } + { directory = "/var/lib/private/tika"; } + { directory = "/var/cache/${serviceName}"; user = serviceUser; group = serviceGroup; } + { directory = "/var/cache/private/tika"; } + ]; + }; + services = { ${serviceName} = { enable = true; - mediaDir = "/Vault/Eternor/Paperless"; - dataDir = "/Vault/data/${serviceName}"; + mediaDir = "/storage/Documents/${serviceName}"; + dataDir = "/var/lib/${serviceName}"; user = serviceUser; port = servicePort; passwordFile = config.sops.secrets.paperless-admin-pw.path; diff --git a/modules/nixos/server/pipewire.nix b/modules/nixos/server/pipewire.nix index 41a602d..d6549f2 100644 --- a/modules/nixos/server/pipewire.nix +++ b/modules/nixos/server/pipewire.nix @@ -6,6 +6,10 @@ users.persistentIds.rtkit = confLib.mkIds 996; + environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [{ directory = "/var/lib/pipewire"; user = "pipewire"; group = "pipewire"; }]; + }; + services.pipewire = { enable = true; pulse.enable = true; diff --git a/modules/nixos/server/podman.nix b/modules/nixos/server/podman.nix index 0a27be5..f1f397b 100644 --- a/modules/nixos/server/podman.nix +++ b/modules/nixos/server/podman.nix @@ -15,6 +15,12 @@ in oci-containers.backend = "podman"; }; + environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [ + { directory = "/var/lib/containers"; } + ]; + }; + networking.nftables.firewall = lib.mkIf config.networking.nftables.enable { zones.podman = { diff --git a/modules/nixos/server/postgresql.nix b/modules/nixos/server/postgresql.nix index 97850c1..4cf3554 100644 --- a/modules/nixos/server/postgresql.nix +++ b/modules/nixos/server/postgresql.nix @@ -2,7 +2,7 @@ let inherit (confLib.gen { name = "postgresql"; port = 3254; }) serviceName; postgresVersion = 14; - postgresDirPrefix = if config.swarselsystems.isCloud then "/var/lib" else "/Vault/data"; + postgresDirPrefix = "/var/lib"; in { options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server"; @@ -22,9 +22,14 @@ in dataDir = "${postgresDirPrefix}/${serviceName}/${builtins.toString postgresVersion}"; }; }; - environment.persistence."/persist".directories = lib.mkIf (config.swarselsystems.isImpermanence && config.swarselsystems.isCloud) [ - { directory = "/var/lib/postgresql"; user = "postgres"; group = "postgres"; mode = "0750"; } - ]; + environment.persistence = { + "/persist".directories = lib.mkIf (config.swarselsystems.isImpermanence && config.swarselsystems.isCloud) [ + { directory = "/var/lib/postgresql"; user = "postgres"; group = "postgres"; mode = "0750"; } + ]; + "/state".directories = lib.mkIf config.swarselsystems.isMicroVM [ + { directory = "/var/lib/postgresql"; user = "postgres"; group = "postgres"; mode = "0750"; } + ]; + }; }; } diff --git a/modules/nixos/server/radicale.nix b/modules/nixos/server/radicale.nix index 5953bdc..25ba047 100644 --- a/modules/nixos/server/radicale.nix +++ b/modules/nixos/server/radicale.nix @@ -35,6 +35,10 @@ in topology.self.services.${serviceName}.info = "https://${serviceDomain}"; + environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [{ directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; }]; + }; + globals = { networks = { ${webProxyIf}.hosts = lib.mkIf isProxied { @@ -67,7 +71,7 @@ in htpasswd_encryption = "autodetect"; }; storage = { - filesystem_folder = "/Vault/data/radicale/collections"; + filesystem_folder = "/var/lib/radicale/collections"; }; }; rights = { diff --git a/modules/nixos/server/restic.nix b/modules/nixos/server/restic.nix index 2b0bd01..e56cd59 100644 --- a/modules/nixos/server/restic.nix +++ b/modules/nixos/server/restic.nix @@ -1,65 +1,88 @@ { lib, pkgs, config, ... }: let inherit (config.swarselsystems) sopsFile; + + targets = config.swarselsystems.server.restic.targets; in { options.swarselmodules.server.restic = lib.mkEnableOption "enable restic backups on server"; options.swarselsystems.server.restic = { - bucketName = lib.mkOption { - type = lib.types.str; - }; - paths = lib.mkOption { - type = lib.types.listOf lib.types.str; - }; - withPostgres = lib.mkOption { - type = lib.types.bool; - default = false; + targets = lib.mkOption { + type = lib.types.attrsOf (lib.types.submodule ({ name, ... }: { + options = { + bucketName = lib.mkOption { + type = lib.types.str; + default = name; + }; + repository = lib.mkOption { + type = lib.types.str; + }; + paths = lib.mkOption { + type = lib.types.listOf lib.types.str; + }; + withPostgres = lib.mkOption { + type = lib.types.bool; + default = false; + }; + }; + })); + default = { }; }; }; + config = lib.mkIf config.swarselmodules.server.restic { sops = { - secrets = { - resticpw = { inherit sopsFile; }; - resticaccesskey = { inherit sopsFile; }; - resticsecretaccesskey = { inherit sopsFile; }; - }; - templates = { - "restic-env".content = '' - AWS_ACCESS_KEY_ID=${config.sops.placeholder.resticaccesskey} - AWS_SECRET_ACCESS_KEY=${config.sops.placeholder.resticsecretaccesskey} - ''; - }; + secrets = + lib.mkMerge (lib.mapAttrsToList + (name: _: { + "resticpw-${name}" = { inherit sopsFile; }; + "resticaccesskey-${name}" = { inherit sopsFile; }; + "resticsecretaccesskey-${name}" = { inherit sopsFile; }; + }) + targets); + + templates = + lib.mkMerge (lib.mapAttrsToList + (name: _: { + "restic-env-${name}".content = '' + AWS_ACCESS_KEY_ID=${config.sops.placeholder."resticaccesskey-${name}"} + AWS_SECRET_ACCESS_KEY=${config.sops.placeholder."resticsecretaccesskey-${name}"} + ''; + }) + targets); }; - services.restic = - let - inherit (config.repo.secrets.local) resticRepo; - in - { - backups = { - "${config.swarselsystems.server.restic.bucketName}" = { - environmentFile = config.sops.templates."restic-env".path; - passwordFile = config.sops.secrets.resticpw.path; - inherit (config.swarselsystems.server.restic) paths; + services.restic.backups = + lib.mapAttrs' + (name: target: + lib.nameValuePair target.bucketName { + environmentFile = + config.sops.templates."restic-env-${name}".path; + + passwordFile = + config.sops.secrets."resticpw-${name}".path; + + inherit (target) paths repository; + pruneOpts = [ "--keep-daily 3" "--keep-weekly 2" "--keep-monthly 3" "--keep-yearly 100" ]; + backupPrepareCommand = '' ${pkgs.restic}/bin/restic prune ''; - repository = "${resticRepo}"; + initialize = true; + timerConfig = { OnCalendar = "03:00"; }; - }; - - }; - }; - + } + ) + targets; }; } diff --git a/modules/nixos/server/router.nix b/modules/nixos/server/router.nix index 6e69770..5e9f40f 100644 --- a/modules/nixos/server/router.nix +++ b/modules/nixos/server/router.nix @@ -7,6 +7,8 @@ let }) globals.networks.home-lan.vlans; selectVLANs = vlans: map (vlan: { VLAN = globals.networks.home-lan.vlans.${vlan}.id; }) vlans; + lan1VLANs = selectVLANs [ "home" "devices" "guests" ]; + lan2VLANs = selectVLANs [ "home" "devices" "services" ]; lan3VLANs = selectVLANs [ "home" "devices" "services" ]; lan4VLANs = lan3VLANs; lan5VLANs = selectVLANs [ "home" "devices" "guests" ]; @@ -186,9 +188,9 @@ in Bridge = "br"; ConfigureWithoutCarrier = true; }; - inherit bridgeVLANs; + bridgeVLANs = lan1VLANs; }; - # wifi + # winters "30-lan2" = { matchConfig.MACAddress = config.repo.secrets.local.networking.networks.lan2.mac; linkConfig.RequiredForOnline = "enslaved"; @@ -196,7 +198,7 @@ in Bridge = "br"; ConfigureWithoutCarrier = true; }; - inherit bridgeVLANs; + bridgeVLANs = lan2VLANs; }; # summers "30-lan3" = { diff --git a/modules/nixos/server/snipe-it.nix b/modules/nixos/server/snipe-it.nix index a9c105b..3ebb784 100644 --- a/modules/nixos/server/snipe-it.nix +++ b/modules/nixos/server/snipe-it.nix @@ -44,7 +44,7 @@ in hostName = serviceDomain; user = serviceUser; group = serviceGroup; - dataDir = "/Vault/data/snipeit"; + dataDir = "/var/lib/snipeit"; database = { user = serviceUser; port = mysqlPort; diff --git a/modules/nixos/server/spotifyd.nix b/modules/nixos/server/spotifyd.nix index e5dc58d..a392313 100644 --- a/modules/nixos/server/spotifyd.nix +++ b/modules/nixos/server/spotifyd.nix @@ -27,6 +27,12 @@ in # when another user connects, the service will crash and the new user will login systemd.services.spotifyd.serviceConfig.RestartSec = lib.mkForce 1; + environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [ + { directory = "/var/cache/private/spotifyd"; } + ]; + }; + services.spotifyd = { enable = true; settings = { diff --git a/modules/nixos/server/syncthing.nix b/modules/nixos/server/syncthing.nix index 8a1945e..6998326 100644 --- a/modules/nixos/server/syncthing.nix +++ b/modules/nixos/server/syncthing.nix @@ -75,12 +75,16 @@ in }; }; + environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [{ directory = "/var/lib/${serviceName}"; user = serviceUser; group = serviceGroup; }]; + }; + services.${serviceName} = rec { enable = true; user = serviceUser; group = serviceGroup; - dataDir = lib.mkDefault "/Vault/data/${serviceName}"; - configDir = "${cfg.dataDir}/.config/${serviceName}"; + dataDir = if config.swarselsystems.isMicroVM then "/storage/Documents/syncthing" else (lib.mkDefault "/var/lib/${serviceName}"); + configDir = if config.swarselsystems.isMicroVM then "/var/lib/syncthing/.config/syncthing" else "${cfg.dataDir}/.config/${serviceName}"; guiAddress = "0.0.0.0:${builtins.toString servicePort}"; openDefaultPorts = lib.mkIf (!isProxied) true; # opens ports TCP/UDP 22000 and UDP 21027 for discovery relay.enable = false; diff --git a/modules/nixos/server/transmission.nix b/modules/nixos/server/transmission.nix index c3f8e4c..d737e38 100644 --- a/modules/nixos/server/transmission.nix +++ b/modules/nixos/server/transmission.nix @@ -1,7 +1,7 @@ { self, pkgs, lib, config, confLib, ... }: let - inherit (confLib.gen { name = "transmission"; }) serviceName serviceDomain; - inherit (confLib.static) isHome; + inherit (confLib.gen { name = "transmission"; port = 9091; }) serviceName servicePort serviceDomain; + inherit (confLib.static) isHome homeServiceAddress homeWebProxy nginxAccessRules; lidarrUser = "lidarr"; lidarrGroup = lidarrUser; @@ -96,6 +96,16 @@ in inherit isHome; }; + environment.persistence."/state" = lib.mkIf config.swarselsystems.isMicroVM { + directories = [ + { directory = "/var/lib/radarr"; user = radarrUser; group = radarrGroup; } + { directory = "/var/lib/readarr"; user = readarrUser; group = readarrGroup; } + { directory = "/var/lib/sonarr"; user = sonarrUser; group = sonarrGroup; } + { directory = "/var/lib/lidarr"; user = lidarrUser; group = lidarrGroup; } + { directory = "/var/lib/private/prowlarr"; user = prowlarrUser; group = prowlarrGroup; } + ]; + }; + services = { radarr = { enable = true; @@ -103,7 +113,7 @@ in group = radarrGroup; settings.server.port = radarrPort; openFirewall = true; - dataDir = "/Vault/data/radarr"; + dataDir = "/var/lib/radarr"; }; readarr = { enable = true; @@ -111,7 +121,7 @@ in group = readarrGroup; settings.server.port = readarrPort; openFirewall = true; - dataDir = "/Vault/data/readarr"; + dataDir = "/var/lib/readarr"; }; sonarr = { enable = true; @@ -119,7 +129,7 @@ in group = sonarrGroup; settings.server.port = sonarrPort; openFirewall = true; - dataDir = "/Vault/data/sonarr"; + dataDir = "/var/lib/sonarr"; }; lidarr = { enable = true; @@ -127,53 +137,88 @@ in group = lidarrGroup; settings.server.port = lidarrPort; openFirewall = true; - dataDir = "/Vault/data/lidarr"; + dataDir = "/var/lib/lidarr"; }; prowlarr = { enable = true; settings.server.port = prowlarrPort; openFirewall = true; }; + }; - nginx = { + nodes = { + ${homeWebProxy}.services.nginx = { + upstreams = { + transmission = { + servers = { + "${homeServiceAddress}:${builtins.toString servicePort}" = { }; + }; + }; + radarr = { + servers = { + "${homeServiceAddress}:${builtins.toString radarrPort}" = { }; + }; + }; + readarr = { + servers = { + "${homeServiceAddress}:${builtins.toString readarrPort}" = { }; + }; + }; + sonarr = { + servers = { + "${homeServiceAddress}:${builtins.toString sonarrPort}" = { }; + }; + }; + lidarr = { + servers = { + "${homeServiceAddress}:${builtins.toString lidarrPort}" = { }; + }; + }; + prowlarr = { + servers = { + "${homeServiceAddress}:${builtins.toString prowlarrPort}" = { }; + }; + }; + }; virtualHosts = { "${serviceDomain}" = { enableACME = false; forceSSL = false; acmeRoot = null; + extraConfig = nginxAccessRules; locations = { "/" = { - proxyPass = "http://localhost:9091"; + proxyPass = "http://transmission"; extraConfig = '' client_max_body_size 0; ''; }; "/radarr" = { - proxyPass = "http://localhost:${builtins.toString radarrPort}"; + proxyPass = "http://radarr"; extraConfig = '' client_max_body_size 0; ''; }; "/readarr" = { - proxyPass = "http://localhost:${builtins.toString readarrPort}"; + proxyPass = "http://readarr"; extraConfig = '' client_max_body_size 0; ''; }; "/sonarr" = { - proxyPass = "http://localhost:${builtins.toString sonarrPort}"; + proxyPass = "http://sonarr"; extraConfig = '' client_max_body_size 0; ''; }; "/lidarr" = { - proxyPass = "http://localhost:${builtins.toString lidarrPort}"; + proxyPass = "http://lidarr"; extraConfig = '' client_max_body_size 0; ''; }; "/prowlarr" = { - proxyPass = "http://localhost:${builtins.toString prowlarrPort}"; + proxyPass = "http://prowlarr"; extraConfig = '' client_max_body_size 0; ''; diff --git a/modules/shared/config-lib.nix b/modules/shared/config-lib.nix index 4439036..bf21184 100644 --- a/modules/shared/config-lib.nix +++ b/modules/shared/config-lib.nix @@ -21,7 +21,7 @@ in confLib = rec { getConfig = if nixosConfig == null then config else nixosConfig; - gen = { name ? "n/a", user ? name, group ? name, dir ? null, port ? null, domain ? (domainDefault name), address ? addressDefault, proxy ? proxyDefault }: rec { + gen = { name ? "n/a", user ? name, group ? user, dir ? null, port ? null, domain ? (domainDefault name), address ? addressDefault, proxy ? proxyDefault }: rec { servicePort = port; serviceName = name; specificServiceName = "${name}-${config.node.name}"; @@ -88,65 +88,76 @@ in mkMicrovm = if config.swarselsystems.withMicroVMs then (guestName: - { enableStorage ? false + { eternorPaths ? [ ] , withZfs ? false , ... }: { - ${guestName} = { - backend = "microvm"; - autostart = true; - zfs = lib.mkIf withZfs { - # stateful config that should be backed up - "/state" = { - pool = "Vault"; - dataset = "guests/${guestName}/state"; - }; - # data that should be backed up - "/storage" = lib.mkIf enableStorage { - pool = "Vault"; - dataset = "guests/${guestName}/storage"; - }; - # other stuff that should only reside on disk, not backed up - "/persist" = { - pool = "Vault"; - dataset = "guests/${guestName}/persist"; - }; - }; - modules = [ - (config.node.configDir + /guests/${guestName}/default.nix) - { - node.secretsDir = config.node.configDir + /secrets/${guestName}; - node.configDir = config.node.configDir + /guests/${guestName}; - networking.nftables.firewall = { - zones.untrusted.interfaces = lib.mkIf - ( - lib.length config.guests.${guestName}.networking.links == 1 - ) - config.guests.${guestName}.networking.links; - }; - } - "${self}/modules/nixos/optional/microvm-guest.nix" - "${self}/modules/nixos/optional/systemd-networkd-base.nix" - ]; - microvm = { - system = config.node.arch; - baseMac = config.repo.secrets.local.networking.networks.lan.mac; - interfaces.vlan-services = { - mac = lib.mkForce "02:${lib.substring 3 5 config.guests.${guestName}.microvm.baseMac}:${mkDeviceMac globals.networks.home-lan.vlans.services.hosts."${config.node.name}-${guestName}".id}"; + ${guestName} = + { + backend = "microvm"; + autostart = true; + zfs = lib.mkIf withZfs + ({ + # stateful config usually bind-mounted to /var/lib/ that should be backed up remotely + "/state" = { + pool = "Vault"; + dataset = "guests/${guestName}/state"; + }; + # other stuff that should only reside on zfs, not backed up remotely + "/persist" = { + pool = "Vault"; + dataset = "guests/${guestName}/persist"; + }; + } // lib.optionalAttrs (eternorPaths != [ ]) + (lib.listToAttrs (map + # data that is pulled in externally by services, some of which is backed up externally + (eternorPath: + lib.nameValuePair "/storage/${eternorPath}" { + pool = "Vault"; + dataset = "Eternor/${eternorPath}"; + }) + eternorPaths))); + modules = [ + (config.node.configDir + /guests/${guestName}/default.nix) + { + node.secretsDir = config.node.configDir + /secrets/${guestName}; + node.configDir = config.node.configDir + /guests/${guestName}; + networking.nftables.firewall = { + zones.untrusted.interfaces = lib.mkIf + ( + lib.length config.guests.${guestName}.networking.links == 1 + ) + config.guests.${guestName}.networking.links; + }; + fileSystems = { + "/persist".neededForBoot = true; + } // lib.optionalAttrs withZfs { + "/state".neededForBoot = true; + }; + } + "${self}/modules/nixos/optional/microvm-guest.nix" + "${self}/modules/nixos/optional/systemd-networkd-base.nix" + ]; + microvm = { + system = config.node.arch; + baseMac = config.repo.secrets.local.networking.networks.lan.mac; + interfaces.vlan-services = { + mac = lib.mkForce "02:${lib.substring 3 5 config.guests.${guestName}.microvm.baseMac}:${mkDeviceMac globals.networks.home-lan.vlans.services.hosts."${config.node.name}-${guestName}".id}"; + + }; + }; + extraSpecialArgs = { + inherit (inputs.self) nodes; + inherit (inputs.self.pkgs.${config.node.arch}) lib; + inherit inputs outputs minimal; + inherit (inputs) self; + withHomeManager = false; + microVMParent = config.node.name; + globals = inputs.self.globals.${config.node.arch}; }; }; - extraSpecialArgs = { - inherit (inputs.self) nodes; - inherit (inputs.self.pkgs.${config.node.arch}) lib; - inherit inputs outputs minimal; - inherit (inputs) self; - withHomeManager = false; - microVMParent = config.node.name; - globals = inputs.self.globals.${config.node.arch}; - }; - }; }) else (_: { _ = { }; diff --git a/nix/hosts.nix b/nix/hosts.nix index 29de26e..31f7406 100644 --- a/nix/hosts.nix +++ b/nix/hosts.nix @@ -176,7 +176,7 @@ configurationsPerArch = type: minimal: mkConfigurationsPerArch type minimal; in - { + rec { nixosConfigurations = configurationsPerArch "nixos" false; nixosConfigurationsMinimal = configurationsPerArch "nixos" true; darwinConfigurations = configurationsPerArch "darwin" false; @@ -198,6 +198,17 @@ // config.darwinConfigurations // config.guestConfigurations; + guestResources = lib.mapAttrs + (name: _: + let + f = arg: lib.foldr (base: acc: base + acc) 0 (map (node: nodes."${name}-${node}".config.microvm.${arg}) (builtins.attrNames nodes.${name}.config.guests)); + in + { + mem = f "mem"; + vcpu = f "vcpu"; + }) + nodes; + "@" = lib.mapAttrs (_: v: v.config.system.build.toplevel) config.nodes; }; } diff --git a/nix/packages.nix b/nix/packages.nix index 2f2f525..3707fb6 100644 --- a/nix/packages.nix +++ b/nix/packages.nix @@ -25,7 +25,21 @@ # see https://flake.parts/module-arguments.html?highlight=modulewith#persystem-module-parameters _module.args.pkgs = import inputs.nixpkgs { inherit system; - config.allowUnfree = true; + config = { + allowUnfree = true; + + permittedInsecurePackages = [ + # matrix + "olm-3.2.16" + # sonarr + "aspnetcore-runtime-wrapped-6.0.36" + "aspnetcore-runtime-6.0.36" + "dotnet-sdk-wrapped-6.0.428" + "dotnet-sdk-6.0.428" + # + "SDL_ttf-2.0.11" + ]; + }; overlays = [ self.overlays.default ]; diff --git a/profiles/nixos/microvm/default.nix b/profiles/nixos/microvm/default.nix index 226edc7..2b88350 100644 --- a/profiles/nixos/microvm/default.nix +++ b/profiles/nixos/microvm/default.nix @@ -23,6 +23,7 @@ ssh = lib.mkDefault true; wireguard = lib.mkDefault true; dns-home = lib.mkDefault true; + opkssh = true; }; }; }; diff --git a/secrets/public/wg/ankisync.pub b/secrets/public/wg/summers-ankisync.pub similarity index 100% rename from secrets/public/wg/ankisync.pub rename to secrets/public/wg/summers-ankisync.pub diff --git a/secrets/public/wg/atuin.pub b/secrets/public/wg/summers-atuin.pub similarity index 100% rename from secrets/public/wg/atuin.pub rename to secrets/public/wg/summers-atuin.pub diff --git a/secrets/public/wg/audio.pub b/secrets/public/wg/summers-audio.pub similarity index 100% rename from secrets/public/wg/audio.pub rename to secrets/public/wg/summers-audio.pub diff --git a/secrets/public/wg/firefly.pub b/secrets/public/wg/summers-firefly.pub similarity index 100% rename from secrets/public/wg/firefly.pub rename to secrets/public/wg/summers-firefly.pub diff --git a/secrets/public/wg/forgejo.pub b/secrets/public/wg/summers-forgejo.pub similarity index 100% rename from secrets/public/wg/forgejo.pub rename to secrets/public/wg/summers-forgejo.pub diff --git a/secrets/public/wg/freshrss.pub b/secrets/public/wg/summers-freshrss.pub similarity index 100% rename from secrets/public/wg/freshrss.pub rename to secrets/public/wg/summers-freshrss.pub diff --git a/secrets/public/wg/homebox.pub b/secrets/public/wg/summers-homebox.pub similarity index 100% rename from secrets/public/wg/homebox.pub rename to secrets/public/wg/summers-homebox.pub diff --git a/secrets/public/wg/immich.pub b/secrets/public/wg/summers-immich.pub similarity index 100% rename from secrets/public/wg/immich.pub rename to secrets/public/wg/summers-immich.pub diff --git a/secrets/public/wg/jellyfin.pub b/secrets/public/wg/summers-jellyfin.pub similarity index 100% rename from secrets/public/wg/jellyfin.pub rename to secrets/public/wg/summers-jellyfin.pub diff --git a/secrets/public/wg/kanidm.pub b/secrets/public/wg/summers-kanidm.pub similarity index 100% rename from secrets/public/wg/kanidm.pub rename to secrets/public/wg/summers-kanidm.pub diff --git a/secrets/public/wg/kavita.pub b/secrets/public/wg/summers-kavita.pub similarity index 100% rename from secrets/public/wg/kavita.pub rename to secrets/public/wg/summers-kavita.pub diff --git a/secrets/public/wg/koillection.pub b/secrets/public/wg/summers-koillection.pub similarity index 100% rename from secrets/public/wg/koillection.pub rename to secrets/public/wg/summers-koillection.pub diff --git a/secrets/public/wg/matrix.pub b/secrets/public/wg/summers-matrix.pub similarity index 100% rename from secrets/public/wg/matrix.pub rename to secrets/public/wg/summers-matrix.pub diff --git a/secrets/public/wg/monitoring.pub b/secrets/public/wg/summers-monitoring.pub similarity index 100% rename from secrets/public/wg/monitoring.pub rename to secrets/public/wg/summers-monitoring.pub diff --git a/secrets/public/wg/nextcloud.pub b/secrets/public/wg/summers-nextcloud.pub similarity index 100% rename from secrets/public/wg/nextcloud.pub rename to secrets/public/wg/summers-nextcloud.pub diff --git a/secrets/public/wg/paperless.pub b/secrets/public/wg/summers-paperless.pub similarity index 100% rename from secrets/public/wg/paperless.pub rename to secrets/public/wg/summers-paperless.pub diff --git a/secrets/public/wg/postgresql.pub b/secrets/public/wg/summers-postgresql.pub similarity index 100% rename from secrets/public/wg/postgresql.pub rename to secrets/public/wg/summers-postgresql.pub diff --git a/secrets/public/wg/radicale.pub b/secrets/public/wg/summers-radicale.pub similarity index 100% rename from secrets/public/wg/radicale.pub rename to secrets/public/wg/summers-radicale.pub diff --git a/secrets/public/wg/storage.pub b/secrets/public/wg/summers-storage.pub similarity index 100% rename from secrets/public/wg/storage.pub rename to secrets/public/wg/summers-storage.pub diff --git a/secrets/public/wg/transmission.pub b/secrets/public/wg/summers-transmission.pub similarity index 100% rename from secrets/public/wg/transmission.pub rename to secrets/public/wg/summers-transmission.pub diff --git a/secrets/repo/certs.yaml b/secrets/repo/certs.yaml index db504d7..e08ba2f 100644 --- a/secrets/repo/certs.yaml +++ b/secrets/repo/certs.yaml @@ -8,170 +8,350 @@ sops: - recipient: age1s0vssf9fey2l456hucppzx2x58xep279nsdcglvkqm30sr9ht37s8rvpza enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBnWWx3YkdrRklsM0R0M3Fj - VmhDNkpicjVPZmgwUzk0b2JseTRoVld1TXlzCmRIVjZTZThVeHQ3NCtaVGtTN0RK - UmR2cksrT2xXeGNKT2FTRXFiZE82N0kKLS0tIFZLVjh6Tm50a1g5b0tGMFB5QjBQ - aDNib1gzUGk3MGk0N3BWbEhOUnRoRG8KKNX9e1cc3kikcyVmKcAr0b2vp2catXrA - 1W8aaTgB/V7o0c1ZfxLVCj2B+Niavs2UZ0hsl2o/LEPhob5NgmGxnQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNNjZLWnRFNThZV21TbTNr + S045SnZhS2RialJTNmExdW5QYU1Qd0Fqa20wCkUxU0ZTTmowV2xZZzBNMjd2aFFP + alIyQmxrK0VnSFhwNFNXR3dxUDNpRzQKLS0tIDJtdEJ5TVN1VWNFN010L2NocW0v + ZUhhZUFITWt6R29IZTBvNVp1K2IyT00KBcZ3Kb/beJCyEugzMOx+rk5Un+Hg/Q9A + ldAMpStVP9/rIYfZo86L6mh8INzZrriDVoshi6pUL+8MdGmuE7f50g== -----END AGE ENCRYPTED FILE----- - recipient: age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtZnBLMmo0V3FJQktqY242 - YVZ5Z3N6cHZuQ0dER0pyWmNzOUhCVGpJTlhzCmtXeEZRUGpYYkI0UkZ4djJBRThJ - OE9Ibzl6TzUwQm4yZ21yN3ZkSC9kdjgKLS0tIHF5bkNvWlNOMUd6bzF3QktYNDk5 - OFI4VFU3ZEpxN251d28vK1V3UFNWa2sKwcmJy3nLqX9OiH6yCOOcheQTasu1LKUk - nXvG3SESEEuhuzJHOlREgF8xiZz3n2t4uJGcdVsrn7PGdytpgvqmgw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4THRYV1RjU2grRGNqZjdE + Q2hIR1B4eHprRWEwSTZ3RUs2K1RvT1dpVDBrCnZFbStTL3NmZ1I0SFNrUDJTbmdX + OTNUN3kyOGlpbDVDT0kxVjJHV0ZCL2sKLS0tIFE5SXc2eXlPR2FZTm9wSUtRNnh0 + SytwRERLVUI3SHVpSjVzQXpIN3lPYWMKq/asM4wSRLgnN6PehhPswxMUwClqp5ZS + XFkCxIAhU3VXj+0Vg4as4kg1msXMQtegd3TA2/0Hj0Bwb8QFNZSPrw== -----END AGE ENCRYPTED FILE----- - recipient: age1g7atkxdlt4ymeh7v7aa2yzr2hq2qkvzrc4r49ugttm3n582ymv9qrmpk8d enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQdkFwbCs5ODZTVmVRVXBp - N3RkUGUrcU4zNEZXUDN6ZUhsdjIyRWl0eUZRCk5NUkNXQjFuTjhYRG1vRWQzRE1X - OHc0RzJYaSt4eGlSZUl0aXEzd2RXUWcKLS0tIEE0cklRYzNJYkx3T0hOaXJET1pM - RzVtWU9OTmwzMXV2SXZ1RlhtU1AwaEkKnPwyerahQb+dQExCvYYTQLpCk759gY+K - bErEkJiwnE2B8jScPjRcv5lHxFjXkJDhWDf9yiwfdpChYa5TsdNXOw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBuMzNjODg2bU1PNFY4ZFZ2 + cXIwK01mblhrUnJQd3RFc1hjSGp4VFNlZVE4CjFDeGdseHNvTGdYZWh1alg1QWxn + MEdJY1F0RWdkcW5oeGdjKzdTRFZGZ2MKLS0tIHdNNTVEOXdkY0RJUTJRQTdVbmNa + RVY2OTFacXhlWkxJSHhKS2JvdVpiemcKNqexY5tRAF+vmiM/Ilbfpr1gNWasexFP + bOq1TWr7euQEoPJhgziZwukHv0fpc2j0MK6VYwR2UBQ6HVc96tc0/A== -----END AGE ENCRYPTED FILE----- - recipient: age1ly2endyt0y9xyddj6yuj4nw6fa3ltvzlvew4cr4lzs6dv8dkavpqadmyxx enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYRkVxajBrWStPU3d4dEo4 - bEVkemZPZ0I0ZUhVMlh5Z09HR3VhRzhTNWk0CkxXeUxoanFUa1U4VnNsT08yZU5p - Ymp4TG4wYUtYajB1ZnM4cE1qaWtpdE0KLS0tIHVFTU9wVVgzMTVEWk9QU2pLUXhP - dGNEbUN5SHRDNS9lUEtWSjFZVEJOL3cK17zNZodyRDHyGhdPjhQ1y4GD9hgZjv6Q - I6aG92b3PqhL2djlUCZWz3laec1n0pm07N2BLeQipukiTUBta2opeg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0WGp6dUliSytzZWFKSzUy + SG5TUU0yU1BkQVR0MDFscEsrdzBQTTM1L21BClJTZk9vZWhWbEZiSnRlQWVDdk4y + dlZ2Tzh1Ti95Q3VRM2VqVStYdnJ5R00KLS0tIFRvZFNOOHRPSjJiSU5jeUJiRDBl + T2xKUXZsVTFyR2ExSmt5bEFmN1BlT3MKGgwMrgNHTW/toorF/2lq1SNfYMqnU/uO + TKZ5KDrLNnTB/jomm96KQAUWCK35HrTTsEjZz6ZOl3vw7vxdeY1jMA== -----END AGE ENCRYPTED FILE----- - recipient: age15klj4t7gpfp69472mne4ue62pp6m4e04dmjyw7yf30qtqd3vl3uqjmcyxm enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKRTNIaXg3OTd4THBLWlUz - RXJNVkhSekRiZVIrVU1RYlNIbWhYMjNDSTNzCmQvQU1FYitZMUpQS0tLS3ZjMjJV - aGg0dTBLMWJRRWN2ZUV0dklLSVdXNGsKLS0tIFAxY1VpWE1pd09HeUFvdFBPeHdl - eFBHK0RaL0xwSjE1MVZ1VDN3aFlHbTgKUfl/Hcf/ZPgQkBQN8ZEPdHEZvBuGcmCS - ZWEYmMAM5GDdfv0Uei63b6JEiwoFIOdzOkoGczYuINo7bjgdG3aKQw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5Ri9lZG9SZ1MwaURqYnRl + QXhhdFlNdlBTZ2xNb1hUdUdBNjlhNFBoZkFNCjRuWVlKVzM0akRRcXpCOTR0VDhH + ZWg5Y0ZNQmJQNkNvd0laanNaTm5XRmsKLS0tIEIvTHVQZWtQeVRuWlh6bGFGa2t4 + aDYvMXU3T0c2bGpZOFViVUd5a25TWFkKOF0eSurlqjUipXjVH6dJh2OxON+cJk2f + n5g5eqYp/kG+wTKp2/WA4tJFhRNZRRh0zqrBjv8cp+zo9mCA8d2Ewg== -----END AGE ENCRYPTED FILE----- - recipient: age1k73gy5em3js9zklnnkzp5hme9k04lny32fgahmzddknjw5c295asdyr4x6 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmWGRnakRiSFVYdU1uY0Vt - cEMvVkE4VVZKSTFvMENHNWhhWElmSytlczNZCjkxWGVyTzQwVWF2UmhNWWYvSHI2 - emljVGloMTZnWmZLYVJwMVJGMzdodDAKLS0tIDFkclQrOHVqMWxWR1NjNE13UG9P - aGpTbUQ3UHN1ajlGWWdUaTFyK1VvY1kKwid1CxcpA3yl/STfuOMGNvdSShzjMLwL - gWXJ+6RPJcxNknKWzUuI4XIdlVmQ1o11Ju+I0/Ls9KeZJO4WK5DMsg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBqUzFVUHlZWjZYSHFSd21N + dkt3bEo1Y2xxYWt0S3N3ZllJem01Y2NFdUdNCnY4dHZLSzMyQVRRS3dsQVhtbnp5 + a0ZhUlQ3Qk5wdGlpcDFiem4rSlU1Q1UKLS0tIExLOW9rdmRNdkpKQUh4UlBoYTRi + aEdnWklzL0NIdDFzU3dLLzJOVHFOS2MKYzms9+UBWyCwY0PKN8Cx3h4ebi/aKDqL + NMNbtlghvHcbN0+DROMK9qRGeiy9KQi2Ja+bMqPOObTNJuCXJluqXA== -----END AGE ENCRYPTED FILE----- - recipient: age1cmzh82q8k59yzceuuy2epmqu22g7m84gqvq056mhgehwpmvjadfsc3glc8 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3cmxMRGxhUE9RR0trZzJW - cWM5SnErdllIRjB3cmd5Z3Y1TTh4NHBhZEZjCkthM09qZkhTaWQ2RGlaa3NCdTBo - TjdLS05QeFl0c3lQRUlic2JaSEhpMzAKLS0tIFB2STlHMXRRNE0zNitPbTIrWkQ4 - emFmU05tbEl3OEEzMURmMnZDdXFMVWsKjnnTZqEb1n92LpeQy5oqA7jD1KcCXWol - 6HryhCI0IDVrJ4V3guihdcaRPUhnQCHllQK15RFkrVduYZ5BxmbNGA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBidUdKNGR0Unc5VE9QNHJQ + VjJZRGltVGJaY3M5U255TElpZDR6dC9NTHg0CnBKc3ZBbzgxM1hZWG5vWjUydjc5 + SmJ5a2VIR1g1TGloVjJkUG4xWGZ1TjAKLS0tIEh4c1BoNzlIRGxWSE1FTHY3M292 + dHJ4OG0yampBR0tSSkdrWjJ3eGxReE0KM9V5MxA8R8QMJGEknG45IaX/4ukuyBnh + C1IuqlqhBBj+ziLHHoa2eKw4p2vVFxdNgOyapLjLbMdzIHg8b8sfAQ== -----END AGE ENCRYPTED FILE----- - recipient: age1wmx8y2hs83j2u5srdnfxljrzxm8jtxl6fr0mq7xf2ldxyglpzf2qq89rpx enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQd2hHU0x6WE5nY28wMWlJ - YXVUdEFTTUl0enp2aUZpa2NuVWpnMFVYS3p3ClNyeFljNTRHeVJKOFp3bEl3QW5S - ZXkrWi9JczgyQnZYNmJSWVNZcjFrRjQKLS0tIGYrdkpaVFlnaEpialFmRkZpVmJZ - T1VKWWFXeXdvcW1FOVVpdDJIcXJWWk0KRVwWBLOuA3HNJQTy3wGM8Vh9eAitgxZX - g/eL11CvU2/2sw2pyFCV0hIea46iU1P7s+dWirjiuear5phGNlUa6A== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBqWVRSOW1uT2k3ZnlueWhG + cG8zeWZoTlFNc09DdThBQzJVa3ZVV0RTUFY0CjJZWlFOekdTSW5WWW9neFhGZjlh + am51MEQwRkhmYVQva2M3OTZIdlhGYkEKLS0tIHkxOVpuOFJOS3B3aWJxT3pFMWVR + ZWdiUDFSSDFGNTBPKytQOVQyK0pHdjgKLqn0aAHxf8bRGJS+D1rvCRQ3H14H6HoM + KmfNe4/IsDsJT9/MS/sfcGMEvI/bQd/RX4hcjAi9cbH2C+ajceGMpg== -----END AGE ENCRYPTED FILE----- - recipient: age1mjgw3nxlnqdj04mgjz3wn7fj2nl2nxla4p2r2fn4nkvayfgp09pqllxzyh enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOcytidVZGbUVNcitZVkFF - SnRLMEFJVUZ6MWpPcjZsR2srbHl1NlFXRjFZCmovRmUyeWtUMnA2bGhVQzMraWZK - Y3haVDBINmRFTmMxa1YvSlA3MmVyNkUKLS0tIFBiNUZJRyt3TU8vMTJyZE12NEhm - YzFRbzRWRUZ6UEJFUXJuOW1xYzRqRWMKkUmIofugd7oUSKqE+t1L4NDm/mAyKl8T - ppUKu6fM5Ka4qOpPmudHlFhToE1QumDkPwo4GajdiNXjxEKWHHN3Xg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0SVJYMExubGkvbW9SVG5Z + OVpvNnlnaDdKNnAvS2hZV1FvZDRKdkRZYTBnCnFETXpqZzhjTHBXcThKU1FWYUUy + aGpVTElMZkF5bXMyRlNkNDBwaTlwZVEKLS0tIEtCbmdrb1FkTzJZNVdCcWJHWmU2 + YUpLMURlWE5zdzBPRjZIRitEeXNScWMKzapn5yL6p7gG/IGawqa76xH1rzB0phDE + Pstp8Ot6opo/m3+EA7OJRpAjT8K1ghGkJYFCzHMB3zNy7q4/0gfqOg== -----END AGE ENCRYPTED FILE----- - recipient: age16vzhcvz8tyxj8e0f47fy0z4p3dsg0ak4vl52ut3l07a0tz465cxslmhevl enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBySVBqd0kxSmtWQVNuVVhm - SGVxNDZJRHUwek4zL0hwVGZUMkV2UjZCWlQ4CjB1ZFNiY003Y3RyY2doVFVXRVFL - Q05EMW1EUWZjZGV6elJLSG4wYTRrRHMKLS0tIGZERHFoS1NlY0FPZXNDZDlqeTdP - U3ByUFVQTEZXNGxmcXRDWFYrZGZqZWsKXpukgZmmjugmJOuBvg5FVJo41os0dC4P - 1+YhulpwF2ioa8zINFqx+LMrfQYdOInjmRbquWjco4XhHJj4yWW/+Q== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAza04yTnRWcGRNenlJUkVG + MW9pSStqSmlRdXM4eERzZHlodTgxbzJSVlFVCjJma296L3NFVHhwL0tpZG8zZFZr + Y254RHVkTTk0eHJPUklrc28xZnovYVkKLS0tIGRZRXp5SG9xOFB3OS90VzJWQmlC + WjJNaC9LQ1hDbnFtUVRvaTRqL09tOEUK57Ro2BxOfQs9j6LifuqhPfSKbPIcWuZX + zkBojFe4tP+M793YkCDfQJGigowq0SjnonQIeTvDFMz5IUXhBXZsrg== -----END AGE ENCRYPTED FILE----- - recipient: age15cx90pnp54xp5gxlt02yn9j2pz968wp3l5ukdkx55xuecp34e5pszjku4m enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzeS9icFd3YXRkbmxiSml6 - WlAxTFkwSXR1RjFmR2tWR0Y4WlR4ODFuSkVzCjlDd1hsczJUOEVyeTZSYmVmRm0y - bitNZmFqTU1WL0E0aWxXRnEzK2FMRUkKLS0tIFFHZytFdVFnaTVUbjh6U3gxRGI3 - UnRESStWWUtodmNCMTY2Z1p5OG51K0UKakbANM86Z27f/qsYMXwcJ1wNBaUZEkiy - ng7aqlbapKA1MA3rStEP+xgW3JnKg3i00ll26wABzX/qD6KmANyuyg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkTTNpODR2ME1XUWdmMFpt + REh0MGZXUUFtcWw4czI1aWVSMUg1d3UvM2wwCmRyd1BSWGR0NFEzYVZFL05VckFy + b2tuSFNvaHpLcXhrMHRESVVWcDhDMDQKLS0tIGhCUFZ0ZzVKaVQzcTFDUnpCdWRu + OHhzUDhaVUVSbUlTdlVkSXErUDhjT3MK40vVZElcLenWX6TqH6fljD53NNZYvUJL + /yU3RXOh2F8V4akatH0WzX+fCZGhyanMbbnpIuwHuwjAtNti7Y22Hg== -----END AGE ENCRYPTED FILE----- - recipient: age18quey88vge7xytclg2nuq4ncme86dg04lxwczqxczmdchnjg3p0saehsnh enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQRC93YThoQTdaemY5M1cw - dFR4eGZzeW1TcXBmRysyQXFySkdaeGRNZUJRCi9NRDE0WjIzeUNHcFpqNjF2Y3Nj - Ry83aEZ0RC9BVGtCbzlkcTFpSWRhM3cKLS0tIEtIMWc5TDgyVGI4MkR2amJOU0du - QTlWZlhJNzZ0Z0pIRHh3RXhMdWhJalUKiawxO7zWAjalJHz6UxXFCvhGEFr4RT3u - HsDl71bqZI/iSuAHngcIgIulCWNXuiJaG9hCgq7E9iIqc7ynLluMow== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1ZEl2LzN6VG1HditFbkNH + TkFqVExHejRLMzV1MU9Va0FjMnB3Sk1GWDNjCmpwWnlGSnEwbFl2T2I3TlNTcWc5 + a3dCcTN6TVY4MU43djlONkRXVUorcHMKLS0tIGxrQ0RRblRWTHVybyttSHJYekNw + Z2VUNEhRektGajJLdGd6ck0vMnE4SFEKqsA0RJOt8A14bsM5aMX9v+2dLu514atg + tX+Y0l4Xw0F+N796fQlRHpeuMPPQO9W+2M32aDTHulnMUyL+l17aRg== -----END AGE ENCRYPTED FILE----- - recipient: age1ax5hqk6e2ekgfx5u7pl8ayc3vvhrehyvtvf07llaxhs5azpnny0qpltrns enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTM2NGbjg3dzEvRHAvbFdX - V3M0N0Z0THR0UW5MWFQ2UHhoSjk1YitwZUFjClpuT2VYWXVGZzQ2ZGRhQ2dqZGNM - WUZPRGM0TzFNRUoyMW44dERWdDNaSGMKLS0tIE9tL01EeHdxVEJjdG1NNXBOZUxM - RjBUYU9xdGNnWTR6Y0VCeUxIOCtoNW8KrctxQ5yZFEGukZhgTXGooDNo0VxnOSKs - qTitU6rCMqMp7mERFWizn8GNJau6J7fhkHWEFK/cA7Vn4ur2rphdNw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzTFN5TkpaeExsOVUvWnEr + aW9ra1ZzSWk2UCtEalMxRW4rbGx6UHJJTmp3ClZab1NINGcxc0FLSWtsdnFhdlgx + ZVdLMGMvU1F2V1NHRklRQ1dJZkdxR28KLS0tIHBQUkZ0NDQ0WjRVZ0tybWg5TjFD + Tm84c05NeVp5WEhUdWVTLzRDYzJLcjAKsWF9855iPjJlf2OFPm5TUv2Qd3Y3lhB0 + x9pibEayVzHnT9+JBlsfLMwmw481weJ17BI05N/HhEtfPxD8/nAx1A== -----END AGE ENCRYPTED FILE----- - recipient: age1c2enwel9un28dcs4wg0vcyamx9a4a6g3walkhu8w5lqhmd804paq9d24as enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXSE12VTVMMUI0dElFZ1dJ - eUJ4QjRwcEc5S3BwTk9ZTVNYYStNNHg4NWtFCnlMbWQzb3V1S2dmMEh5MzJ3em1u - b2pjU2hxWHA4cEpNekNWMy9VOWJ4ejgKLS0tIHZKMzdaTExpNzNlY1FVN1lwT2Mr - QUJqVzdRK2lXbUo5SHJ1TjJMdDc4amMKE6ITfECZBGbIAltRTE8emGhsMxCCezAi - av6BqoRotYm+yc0/bHXubRmA7pLqA0z87WmheYDa7C1N81QZGFBV5Q== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSByMGpRRXlneGlHTkM1VnZi + R3RzSkFjakJqMDdjYlRFYWRPbU5neGtJZWd3CnVNbkgxZzVqcGE3MkgrbVBSVGIr + Z0dGVkhYZGErRTZsK0ZtNXNJVmhVNkkKLS0tIEpBQjFKcEM4T25pTS9sTFRwMHFs + cjVWbENSNGhTRjB2QlhYaGdTRXh6dlkKt4ljMjn/IMZXq5fjWn/s9R/A6/FA/BLN + SH9fKgW7CC5iTj6c1c66h/PoZaEHOwzS+pWhP14sRBRN1Rb2mfx1gA== -----END AGE ENCRYPTED FILE----- - recipient: age1nanlervuderw4qskcuessycqy2yfmptl6nym9scgp9ky2265ssmq3u73r0 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBINC93RThSRElqYnY0bGRX - NWlrZFM4cys2dzRFejhhRW55TWY3ZFRMMW5zClV3Y0RjcDhFQk5nZUtpc2U5dU1v - QWZUdXdydlpSMUdUVlJPdXB6T3hGSFEKLS0tIEhEOVRKUVdHenNWV3dmdzJZWW9m - VWs0V1RwUFdqcjlTb1NLUUN1ejRqQkUKMc5kOO6iq/6cNJrr2agaJq/OlVzNyKIn - tJ7JRN6OxpQPApfoZ22jA7fDDX17lpyAQXOd+b7Y805OSLkzvFNcKw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBFcDBHWWZQVTF6MmlDV0Qr + MVQ3c0ExNFl2RENMbWRyWHRMRld6SFBCdFdjCjdQK0dibWlnSzd6WmlZMFNtYWxw + cHVzT2ozNUswbVoveXZnQWJiLzQyRmMKLS0tIDFEcStBSVdWRHZTOHFoYVJUR2V6 + c3I1RHl4L2IrMGVsTmhKYXFpZkl6TU0Kl5j7KKl30a5KYgb0n6n2AbTCoAA/aZSE + aYiTD3ZHLhMedBGOk38hcnRvP+PpEpF3djFwZlBzK+JHdzIbkTjGkQ== + -----END AGE ENCRYPTED FILE----- + - recipient: age1kyue7mfvzuxprjz2g6ulz2mxlr57rgzg6lfpnrqedkelehley5ls3enwsd + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHV25FZEZvUzF4b0QveEdF + SE5RVkZqSjhBQmdQNGFnNzZWcVNZdWNQSVRFCmFKNlM2bkFXT0Z2NzBnRnFDSnRh + alRzUmo2MzNJTmcyMFNsTHdyQ1hGTjgKLS0tIDUzS3B1ZlZWVFV6UXdlbkxxZFk2 + T29PYWhJLzlscm5QTUNCSlF1Vm9udTgKDcBcGNwtZvm9ZqmpW+K1zWCy6Cj5AYu6 + 9s6myBjasLwnAB1IeFBrH8GP2VyjEDdAgjclnIjCJvCUmIC4+Fa6iQ== + -----END AGE ENCRYPTED FILE----- + - recipient: age1qpgj3ell93rzkpjq0ezs6t669ds3nyxx67pj50smx597pspz6fqs4jc6pt + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBadkhtR0w2VXNxMWZHVE1D + VXI1N1gxYlprY0VHZFlvek9xZDhTeDJjZ1NRClhCM3Bkd0lPV0FBc0gzeTlQa3NZ + QlRleW1jV3JYcWw5emlOS1A0SGxhVE0KLS0tIEppd3dTbTBKLzRCWGFLR2dlVy9H + VU1NcHlSamwrTTI2MU5NdVJaeko1QTAKEzkdZ4PB6JWLI7IeF35vbw5oko0FRXyV + +M+UQHvGxfb2PN1O9CevmyGXKtCH3Zi1IKBrWA+WtqMO5X/+/FHyrw== + -----END AGE ENCRYPTED FILE----- + - recipient: age1f63r2klnpfxmntswz5xydpa75ckgjqcs2yzkm0msqwqgz9aqgu0qwzr659 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBZVHJZV1hPaUV6aTl4Rmh0 + OGRnK2tub2NBUlN6d2NoMWlnN2dja2RlTmdFCmdLNVloOEFLMzdEZWRGdGd1K08x + aGlUNXlYekM2UXNxU1VRODRjdmJBVU0KLS0tIG5IL2ZsbzdnTEV1c0kvM205ZXhr + alllblg5LzFoNjRSYmxOeWpNOHRMKzQKN/Yqm84+1I3jBxkb4IClhfn6n96DxAsF + QMYSafaOkxQaCR0C3eRacI0TEhSadY8E0o1pomyoMLCH7Xbc/vIQnQ== + -----END AGE ENCRYPTED FILE----- + - recipient: age17328xwk0z3znalpmma5rvp0lt5ghn5p8xfvnrtdxwsw80dqysacqj9j37q + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3d2Job0FSa1BaUi9Sa1A0 + aDN2U2Fmd01oZW94OGVVcGI1eGo0YW1XcERFClZZTmJXblEvaXpiU0NWTzllK2pJ + WEZDcjZlTml6MzRRbUNIaFVRc1Jka2MKLS0tIEQvajVzZjNsM1V2MHo5cjM1c1l1 + WDhGZFd2TGNTbFB6bVJiQmFWa2dyZm8KqLtLkFlauxtieNB+/r8NOP4ZJFAXsnSp + wb3N7gnZb8U5LW3rWRIJMqWA3KsmEUqegeH8SL902KPxX+UYrdkmZw== + -----END AGE ENCRYPTED FILE----- + - recipient: age1qdzkn6v3xhrfjwe8jxz3945dhyyhevwal0narjtr8whf9y7nh3wsn524u5 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBrVzBwYTFjdCtaMVVkT2lv + MDJPTlhIcFJkUDE3RG8yTkdqUEdmdmxTWkhJCkxCV2NsQzJVUEtUT0poNjJqTHVr + aG93RFNXVUU5LzNZWHVydFMzVlZyNmsKLS0tIGhkakJHSENqbzVQdkF3aksvVU1Y + YUFEWTVnNm5qNVJJOUk3aHpna2k3eXcK0et5D7VtlAVob53HKOjIz3Nk2oZ3hO1S + r3ebZT2/X0k5KWpjH7XOetzke1pTVx+bWyYZz8xWUqgcbNGxTKlAjA== + -----END AGE ENCRYPTED FILE----- + - recipient: age1etgfym5m8hn3hxs6cgg757zcv5zg5n22wq38fuq59n7qk7nef5uqyg6vvs + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBUREFJOXF4UjIwNXA4M0ta + SWFRK2QxQlVtZzFKSEllRmJXM29KQkZOaURBCnB1SUc4VzR4SHp3M3lXSndaMDNP + TzhjZUFMT2RwcG9CNVBrL0lMTXFQYlUKLS0tIFh4R1BCNzJBQUJmbG1mTEhyM1J4 + dmJWUVhYcXFVYS9zL1NiRjdYL2h0QU0KyWn6Qr/22sEjnLzrSqoo3vc6WR5uUnj5 + +ysCMgfHXzF6qPaEF6CeXagNhpMm5/2tmiomuaD/op1ZehAYPhYFuQ== + -----END AGE ENCRYPTED FILE----- + - recipient: age17mugmkdw0y768a3huuf37r45eff9apyknxvwk3agg6xzsjmqp96q57tcty + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRQVdIY3dhS2tERllqdmxQ + STFXSFU3a1BJT2NQSkxVWmJoUlFDaVhpVkU0CnNqU2FpY1pnZDI4UXBHTjVZeExH + ZUhBZDRpVEZBajM1cmsyLzloVkp5cmsKLS0tIEhEUkJXYkVqbUtwME9XZVUreDJp + T0crb04vWHl4U2VGcU5nVFBwUlh6czgKjt2ivpL3mjqJJEnYFfjMh0B9guuaOVpY + 3GvAoDdCUHRmB8iAhmf6+WLRTklL7yHZlrUbYLJMGPY81zs95Z3UNA== + -----END AGE ENCRYPTED FILE----- + - recipient: age16gf76uustmyyksm3t56zcq9g6j8avy0wrngh8laknfq733s5welqedeg4x + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGUjNvWk1VT00vbkZSM0RO + VXkyYUR3ZEUvUXRGUFh5L3EzYnJTcXBGc0ZvClVQMEdzSmVXczJhYTcvRHJ0QmJE + NkNRdG8yMWlnOUhUaGpzNTlJNGFnZzgKLS0tIHhXZ0Z3ODRPVGZTNVk4MXI2dGtS + THBvbVZ2N1h6MWkwZ3lPY2lJekZXQW8KGrpLpzP64z0QVUY/vc/+a2WynzMSh7Uc + sWeX1nU73bu19tHj+DSPy45kXu3ZVm9nbJ24crgVa/G6qoimwHvJ/w== + -----END AGE ENCRYPTED FILE----- + - recipient: age1fnvlmhzju0yq908xtgags0sy85q3tacl2sc3w3vdd3yfp27xv5aq06v948 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmT2pFR2hWVGVoeDBpNXd4 + aG5zVEVCNDRDMkxtQklmT3gyeGNNUk45bDE4Cno0NGFPN25kWGlFV2pFRFBhbVBX + cExiZUlMbFdjOVNFeHdDNEtmQ1RwOTAKLS0tIG5UbjFnbTNLQVlYdjBmamtPeDNT + VU9MK0dQeWRUWnp5d05LTGg3QmxsMmMKazT8tiPAPZvQTn4E2ZoKwajmtNxnaXJK + cPhhieYY2DeNB+nLakultSShg4B9Ke4gC6VxE7JWqO3t49w/+lH0OQ== + -----END AGE ENCRYPTED FILE----- + - recipient: age1s5gcxtatd9frwctzwg54fqycsx2sa73ll36k7qrpm9wwyknkldtst90gn4 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKcVNxS0FrbFdlakxrb3M0 + bHFyWWlmWVpVeGZZN3djeFJ3RmFaZkNNdndBCitXQi81aFpBM3hrS3ZHcUhsR1hE + MzBhVkRPbGtlUDFHeGVvOEtIR3hRZVEKLS0tIExlejhoc3JocVp2eU1CK3FLNkZY + NmtGaGV6TEs2L0U5cU1yYmkzcCtzM1UKOIQ1uw1lsQWjwfwZF49hIwvc7eBDe+NM + 8HMo5IFvi06LJELym37BalzCThZDtGlbpXf/WOhjo8RRqAZoA2DY8Q== + -----END AGE ENCRYPTED FILE----- + - recipient: age1d89878cvt7wsa07ydwtexspku5gppwstrpnpph4ufx5pcd4fadyqgf6lvl + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBMR3MzRUIwanZDdkN1UUpQ + aytHMmhCb0xYWGRyWktXVFlGcmpYNGphQmdnClNBMldNbzlZeW1oTTV1RGM3WGU4 + dkd5Q0FqMitmOVArblpMcklNR2h2bWsKLS0tIHdhS1BuYVNhQlUzR2ttelNwek9p + RW44azJqUWgwbWRwM3ZxN0duaEllTVUKcaij6u7mCxHRYk+KrGy//d4XVjujH64Z + xtjbUM5moNNN7eQo703ozFHAqEm0Lfhv8/GslGT3W+k93td1EqO1Yg== + -----END AGE ENCRYPTED FILE----- + - recipient: age1ayupuxlrkepyvjk7xwgrd0pvcj3tfcha688mcuc8ees2hg3g2ersd0q3nc + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBnOFh3SDRYV2lhdGtpRE1r + dlhORTlFUG94eHZqaHNSa2NKb0JxT0N3b1ZvCjFZbGp0Y0pRNTg4MHJSaTc2M2lv + Y01jTDE0WFNEaVF6NXh6U2IzVnFoU0UKLS0tIFRRWDZkYjR3WlBJSCtub1RmWjF2 + YlU0K0V0NGE2V0JmbU9YRWNjUG8rQ00K0R3OkLbmEsqumG2dnEL4sWRftr9dINYe + lGeHp4gRBL9/z94rnWTNA8w9lMftOeBPuceuFOFTmsj3Nr2q4iG7ng== + -----END AGE ENCRYPTED FILE----- + - recipient: age1cq7wxnugpfvjk6dgqpfmc8vemzhkg75drkgeaqjd9fuylz5qh40slazr4u + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBsZG0zZ3lBWkFWK1FoNDZj + YVZ4d1pmSFdzMXNmWG1scFZXcDhmbG5pTjNZCk42SmN4T3pGeGkvbXhaeEM0K2s0 + ZDB1cUxsUC9OMVRrWnhwRVREYVVoZUkKLS0tIE05eDRQODB5bXEyalM0b080b3B2 + SkRDWStoZHRKT1l0REdhZ2l6S0ZoK2cKqjYPVM+ZBZCashTkyUGxsNuCPYPOqBiW + TM/2efF/xb56dSRZ+ji0TyG4s3bG8nu//7j/fZxAfg3f3KmUjnnplw== + -----END AGE ENCRYPTED FILE----- + - recipient: age1vn6ya0japzpgc256jg57fldsqe4udmq50sj5hmkywn7rxfnskevsx2q96u + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4OVVNRlFOV2dESUVLT0Zk + MlBNaVIxd0RMWnRUcFhKZ01HWmRDaDdmc2k0ClRDT0pMSG5IVW1yalBsZDdCT3VX + VmpDVzlVMGhJcExET3dlTWNYbE1rNGsKLS0tIEw0QmY2YXhic1BTOWw4MWFkVUZJ + WDBLd3Z6QmwxQlFnRUFqNlVqY3loVUkKMyH4boZCefmbiRpk5nOdooHar3IkNce8 + S/dBOVkGya0/khZm2FtiXt3lf79XloztWKe/Ix2gQPFquU+UfBCKIg== + -----END AGE ENCRYPTED FILE----- + - recipient: age1t7zagjfddns4yltupk7nx8xps4gh7mupyz85uuys0wd22cxj5qsq2hw0p7 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtV2Q0bU5zVXN5OTE2V3dK + emdMZnNrUDZ2cU40VitBSWtkdUI5d3hCYlZzCnR4L2RSYkwwWGRheTNlbTAwTldV + a1JLRmprSllaZFA3Wi9kWlJkN1JpckkKLS0tIEl5UFU1OHV0Y3U5R3l4d1ZsRWpG + UnpiOE1lTWJEd3VsdXJiQ1NMVWQzSjgK6YdkLGinSNX/1gI5cnkEeYDvPjsaSNmO + r0dCzf//+OYb+rtHi1UDeeHDcN7lxzftoE3/TA3bqkz92gB6KVa1xQ== + -----END AGE ENCRYPTED FILE----- + - recipient: age1rn0pxluh7m8dyeshek06d7scejqlrcewlk8xmyrwt5e5nev2dc2s3s78vq + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0eGFqMzEwUWE2Rks4YUFX + Y0JQdnFCVXJaQmFhaHhLVE9OYkw2cVRnNXowCjRwZnkrdnNYUGlVenh6OFlQaGZC + VDBMUzFYZmF4dlBZY3Q1ZGk3UGZ2Rm8KLS0tIC9Qd2l0ZFczRlJ2bG9JeGZEY0xI + eXoyUDlOS1JFVGd0aTRFbU05b1JYVTQKiGry5ImDk5BYbCLSPAdkdUCHngUYKOs6 + RRSV8qGhEEG7SvSiMHzu5noduq28wIyFBPfKacwcpvqCWCfd9P0RdA== + -----END AGE ENCRYPTED FILE----- + - recipient: age12jh5836w3cmazec8ql652p9h3a3xn6quztztzqxg4n0kz7r96dnqqlhxxw + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5RDg4NDU2QTIrVm9nQW8w + RlhvQnZwWDFpMEZTK1FtQTdkb05XOGl1MnljCkVOS2E2dk0vdk5FNEZpTHlERE9z + eVlCUEpMSzVMNmE0d2ZVcHUxMTZTdGMKLS0tIExZN2R2QTZGMXBjZXQxZU9VYkdj + Vm9NSEhxWkNXbFlSZll2TkRPZWI1dnMKPG7Wa+eNLCQ9Gxo5ehAvUljX23TLYzFL + XDy/X6X+Qgz2762XfJ7yCz7opd5GhfDK14y+9UKrqXPBdjubbSEC3w== + -----END AGE ENCRYPTED FILE----- + - recipient: age1gxg2peektn8x36kk3nsgmeawl73e54kaadqd649ygwrv43kkvejq2cw64z + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5bTVEU1M0OG83cFJnZW1i + d3VsNzI1VERlazE4YzZXZVZtVlRnMmg5NHk4CkpheVNFL2Voc3JPTWcxZ0REME1D + aTRPdmh5VFpML3J3OEZaYUlDWUY4T2sKLS0tIDk2bU9ub0MxaTJlblduK1lWcS9i + cWg0bE9QQTcrcktEZUtzdHVWRDFKdWcK0ZQ1bR5J+QNA/smbNiGvR/K5qWdBP8XG + u6ObgJiG1+zTI9ji0y7bLsEU+BgWE0GZPg8QLnyQ1CwxVr89i2lSaw== + -----END AGE ENCRYPTED FILE----- + - recipient: age1kn34ny229gm0rg7wlcvxmcyjtz4gka6f2vd958fde6vmuzrxcvcsufra90 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB6clpTR0NSajFEM2VuZ2hW + ak83QnpVZ1Q0TVpXditmeTZVL3Y0MTE2Qlc4CnorbTFkY1BQQ2svK2ZaRExkZHE3 + clpGcE9rYTFKMnpYUXB2NUJCMUd5bm8KLS0tIGFSRkFzY3JyWEhYUVdPbkRnSGJ3 + M1lNUitoN2Z1bFcvQ2oxWjlzVnRlcEkKhg3t/TN0jry4Uagkq+cRkT5AUeM8l8So + 2rRxSA9z1X3r3AoO6AsOZE4R7raNnIGiloeLQ0vBTsYzMo14JtY5Xg== + -----END AGE ENCRYPTED FILE----- + - recipient: age1y69f2elvmq39lc3t3ucq9y7wt675520n7rvug88qg368qsmmk47qvwrtny + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1ZXZqK09LK0ZSekV3MmZB + dmFMYk4vZlNTTFlqQWtldGFKUnlUSUpJdUFjCkxOOHZIUVF0SzlnaXFsN2ZuOC9y + UjkyNDliVDE4djdjZUgvUmppQXZhNnMKLS0tIE1QSkFtMGVNSG95MlBpOWkwR2N0 + czkvN0w2U3Iyemp5ODc4K3ViM3FPS1kKZT3T8sujnOADEFEwqml25wF/frgwSz68 + 878UHjeWqxkbFHa4YYtSz5redsmmblnHcsZIv+medSBKOQkWkb3byg== -----END AGE ENCRYPTED FILE----- lastmodified: "2025-11-19T14:09:27Z" mac: ENC[AES256_GCM,data:tZ6QzVPivueZiC9Qfb3KNZAv02QatgHRNnlM+Y0iV4BZkYoBjxeDojutizvAMwUarnubUdk5I6m2OZK1mvVDZKXyI6zALX4JMeT2xYQWRHYzHpOygLhhGwTFVhV+0C4jN+eJFF2cNf9lu7NuZI9ylZSOY8I3YKUl+l0l3CkXUl4=,iv:JSGOUq+j9T/NXspn70dfu0J4ISV6vVFZUe/Z1CirrJk=,tag:Hm9N55f9qMc056nSTR1piw==,type:str] pgp: - - created_at: "2026-01-10T00:52:52Z" + - created_at: "2026-01-12T22:05:02Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAwDh3VI7VctTAQ//aH39kmsBuiu8hQdukid5k/KNtTX9HKgZNkm6wBp+QRHf - IfFCSz5LFTjhLAsqJokL9+i3FWcSQGi7YA9q/ZGQnnZeM8h2Y09tmCFt7vQBw8tp - eUayDt4Et4J6DVbPAol1PslldpkBaZdqKX4jUIX/1JL+hIqUv+VFfnOCRd85psFj - fD6x8UjQgpBIRjSZ60OWQMLQviQSMKheOIT9/TPVPMB5u2EYpBfxrKtw8/7ZB4iY - mbQsm2onThl5HPqvTV2U+TwM9hiO3hVpgDFk0G8BgFfw6dUl+c+dn80DcgpEpiV6 - yqF8fUrHp4Lmg6lH64i7s15wOP+V9um2DunVIWgSvFzug2P4EUtzhay+bz7s8ddO - pTBicvfN5D4ZLzkCKvSzhFTfG03JNkTq0qM56tc4OmP3rGfcZzfC1IwL+75Y+ZA1 - b59d392RNcQFkLVO3MHNfYB1NEKYz9ociuoKhMyxHrOME+wbacJhN1wbn6LWSAX0 - WGZVmEWix2sGVwNbfYWsxF9Wg5ON4uLST+V1EzAdxN2BXvHjJ2KIKh0QffH47X/Q - vmGA/GtdKSayKDz/BsGaNIxY5iZdvlX/2aupeofrHRM7KB4D/WxfREtdgzb2g2VR - cXfixtpLNX9Qkn1cOd9suM5WmjSB1UB/53mdmfTrJTqu194j91OZLVUOdIueqOiF - AgwDC9FRLmchgYQBD/wNvg130hfn8JpFeH+5mlTNTXY6/lxIIzkwAtgPUZl4usl9 - uhpPc4n3XzgqBY1AhGHixuYg1LE+iShOHknLa75pOCKnIXjMxnzO6ZtnsuMPVlOj - sDteupKZ8ke+DbI3NtsYX/+1h4PpYgWsHc6bnm0KeNBk9jsRobZMmEq9+g+9BYjg - xIVqdg6Rw0SKHbSEb7SFx23rvE/aa+Rm+ffe3o0iSHhs7y+uo9yJxKIzWzwDfXjD - QXk+Riz6AnK6pRIky0En8L9TiuQL8sV+gNvbZLoZoJviyzpsOk5aqg8/8wFrplD9 - mMyT3xOM1mBv+gdF7rzqYKJWdGUtSaRvWOgDEt9r/l8Ik7xFEwEvOLIQefwZ9jrp - /LRWAJqAnhqlzQ5y0IHjBbxwzjDuUdS/ylXZQZFndVkWFNvJ62eJhc8OmzQbNX1O - 611nkjhuGrCsJjzu1IuflYoUfNx09LEHq+tldahgeL4oha/DaODZbrezZ0PqD9GT - SBoJ1kLS5IXXBjA8no+IRsgkehbwj8PRaXekT2eRhYTlDUlyB2ttjPwwl8uEIrcD - v5pEV2ik3JeWKwN8mxyPOnmX8RYC2dVvitBXaxFxrKr2XM4L+Q/F/f7CobHmck0a - NGq3lC+L4oQ4nXoNHBkvYJ9cehbFvbAM9Ya2gJiBH2KC4T4OCm1Gw/WzUd1LbNJe - AZutn1deDF9+SJf8TogbMBSuYSaChLJpLT504xJh7T2kHHH1SbOMK2GealYN2XBA - W3VdIq1g92p0ZmoV6NyURg/QuiwdoKwSeQY5kd8Bvil+dQ/axbf8mwRWNy9Ejw== - =MDqw + hQIMAwDh3VI7VctTARAAoWH0nPleLQSaRLORTZoXEI7lLvj3YBSSVwF26z3gypOC + g+fNlFw4CCL9i4BoWYpnBeIC4CLWapsza33c1evo1Mj3we8zzcQ/8eogaBCwS3Nl + 9Etq3pEntaN1XicnVFyXJ3npDI+7nJFI/SMUrxzteIKNOgujNuXQ9S6YbenwTmD1 + gtffSNb2VU+MWHawqDPgknSZeD1hVVAEQ+kPcr8k5C/rJyfVr9Bu0tp+FD8cILU5 + Xls83KQ0Mw+QjkkbPHTuO0RTm4Chj3aU8mJXBRe/FYfQLvHR3/OFiROXfCCbBLww + PP7Sbj5rfRdHp96OKxZEufZNAWzFXwWy8Q8xHTiBA5v5QG1IEqwjj4LSRBYqgH7t + PMF8o7lgPKMMPCHcUtB3+b4DKjUTMBOOXYJ2FsywgGYNjegi+shWcBmEX/V3vwG/ + GtA9JyiSDwUe/rC8CbUd12Mdej06uW9CmOtgQBscggYU5vSkj1hCkTsKC+NDMnQa + DCEls0CRPkTqbYQxbRL7+avYd/GCyQGLFnGBw/mLc7BHie1TD4IXmQXv3Ehupodx + zNUHJSIG9j4HqG9fVVW3wic4kIHgpPBCIoYyhFGISyHmcubT++3fV+Wz6EtLxn7e + EVg1123Aqz551vfYblQLhTKCEsnIB7T1tSSCiaHu82NIyNuN+vaJqL4jFOwcnN2F + AgwDC9FRLmchgYQBEAC+We+PL1g8jD+Tn5D5zficHDJbtXEPRdZCSuiTN2N/KOlL + vUkARreyIVXRtlHzRqeb3/yGJ6EAeKfYqp1D71rhf9RJnhwLbNdlLPj/GKRuYzcG + fOXUy5NgqVYIrIY5auqhaxnL3ndtzhS1jvMFlmp5A06Lol1SRRLuYQ7TkonR9dZo + e5Zgx2QESK0z8/uqsGmT5SDM2SB9H3QIYykxRaROVAMHn2QM4C4SBPjOR/ThNoET + pjj1UtqPAexIvOTgHU0uVPxrL85Ri1E4+tMD6tlqUETJEMo6W7/mR1X/UloVjlrx + zDYfLIBS5UpOwMIRUaSP/ib+TKX5A/zof3yorg+lMNNF6AePt/MVgsMSuTJtJ0w5 + zQNAyO1WDOlP0XdSUFuFKntCeSKSDmKsFije9inltbykhjSpYtJcIgDV5UX7/K5s + /Q47n5xGmDVowQiuh2/ImLVzRXEmBUUDBcNnbaQ/UTFOP8KUvePAdRk2XwmOqO8z + K3QjvZ9oh4SmthNdg5Z+QanVC5AUXsdBBe8sJ4mkd0UbkHU/gKtxeEGso6AeGEwB + 7xv7KEliVcQ/u3SHX8iACF/YTgWYBQi89Ex9lJzCRwBlB10n9PyCg7FEOBCoxfMf + N58Au+1IIqGUpBkB2jEG2+5LhJBaxnAuH4KgwRk4n96mSgxzt165k5RiOUx3YNJc + Af5PtY2TVugmbAJVNDCGlSA3gGV/99grl1LhHUVLe31C/B3TUV3BrvLpQ+UHkxOr + 6vbujII1GdfO8eY2IMX8Xa9gfNLMdwobOy7Bf5EUYuZFM5X5l7aGSu/2qkM= + =cAkH -----END PGP MESSAGE----- fp: 4BE7925262289B476DBBC17B76FD3810215AE097 unencrypted_suffix: _unencrypted diff --git a/secrets/repo/common.yaml b/secrets/repo/common.yaml index c4aa06b..353b941 100644 --- a/secrets/repo/common.yaml +++ b/secrets/repo/common.yaml @@ -41,170 +41,350 @@ sops: - recipient: age1s0vssf9fey2l456hucppzx2x58xep279nsdcglvkqm30sr9ht37s8rvpza enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXMTBGU0FqWU1ZUXdLdVUr - K1hpbHpxUWFvZ21ZcWthS05iaVJnVzFiQ1RVCjUyZGtPQ1ovTVBrRFdsVEFRdW9u - Y1Z2cUx0Z294dHNrdytNR1dIU01FRVEKLS0tIDdrdERabFJXWHpSankzQlA5WVhM - SU1lcXRvd0hUenIwVWJRUlJJT1NLdkkKZ+bLWPFE2WaBDw3QQeJHt6TuaLZ6iJbN - AmjOG9lxVK3WHXgNMVLY2dTCuvqlcTlY9orfYkZ4NjUFeUGVO1oodg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB0Tmx3elh3aHV5R2R4TU0v + OW0xeUpiNjFMVGJqUUZTa3RzUndkTmcrVmtzCjJoenlwcThYTU9idkEvZUYyTGZy + ekVzcFJBWEoveVdJWGowZEdaS3I0bmMKLS0tIFZjUVJIK0hWaHNZRVFzUkJkaGNy + ek1MQVEwNFljeUxOMHMvdjlpRmdPaEUKBIzaaa/S/4eWFzzLSREfJM7oSwYXdy5B + Lc/ZmLO7UdfiSdK23xHo/5AZCdttv7r6RgfJYq/T0M+Mtbr963SmXQ== -----END AGE ENCRYPTED FILE----- - recipient: age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzT3JxWGlQSlpIb3ZEeXM0 - QUxaQkRTam5XTWw2b21yemlmYmxHVGZaam53CnVDQ0ZWR0hhaGV3Ly8rRnc0VDd6 - dkxoVkVqVFVKUUhyTE53Q3FjamgzZ00KLS0tIHlvRHZHZDJwUWRkYUlzZWVYNmIv - UTNYOEM4ekdVamtqbHUzNlZKRFkvR00KfUBHAC2lEoLD4imP95l10MTxmhD7Cepq - L8DPA9e8rzbmjhhuGRLKg9KzNVbStWGBwpuqkpWUSKfSKZugodZvRQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKWnpkMHlXbGgrSlpUcms1 + dnEwS3hqVVR2ZEt6ME1vWk5oVWdweElGM1dVCm1FTGdkdFYvYzlXOVN1VG01TlJD + QWQ4anRBRlZ1K1lwU29mVXkxc3ZhRm8KLS0tIHhWNmRQQlZNOS8vNHB6TkNIM2NY + OFVBYkhabE8zaklOaXM4Wk9IM241V2MKEqb4SNuH0td53jJiHo875xMEPGfHcEoE + eY2HgUW53qwGZhmowsnpJ/JqPKevIx6EXtIUQlCIT5NQOz/yhSpzPg== -----END AGE ENCRYPTED FILE----- - recipient: age1g7atkxdlt4ymeh7v7aa2yzr2hq2qkvzrc4r49ugttm3n582ymv9qrmpk8d enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSByU3J2UlRCWis4ak9BYWt1 - L1FrQXg2QUREOTA0R0FiemUrMmZ6cWNtUDFVClBUZXRXKzRZSGl3Y2hUUHdpL29h - Q3M2cjgyV09uL0xHOFYrcDZuMlFhK1UKLS0tIFhDVGYyYlVnR0NGbmZuQnNNelJm - RlNCWm1qcVVlQ012U3pGdzNPOWg0dk0K4cexHDKWn+ps9qQU3wboJYxnIvFbY37k - FrSUEGU8eDb1S9y95pXEYQHDyCuGhuKXocuvFPy68pMeFV1lQXXfrw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvai82Q2hQVnc2M2NnVmo1 + MjhHSFJ1QWNRR3Y5RnA1THJaUzFDR0lHaGhjCkNTNHJ5cVpVdEdnRWxja1R6blVo + Z0pwckRyRUI1SkovSm5PS2R5VjNpWkUKLS0tIGw4dnRwMStlM3ZYZGVxTnRXbGxQ + WkxsczRmSGxWMkdFRklCV1ZaVHI3Um8KJh1pyWusUrjh0HikeV8o9EyAzozk5LYR + SEa110llM8sy+6VRndN+yUUc9DBejeuEHPDqHXoWCsskXhjiPx8daA== -----END AGE ENCRYPTED FILE----- - recipient: age1ly2endyt0y9xyddj6yuj4nw6fa3ltvzlvew4cr4lzs6dv8dkavpqadmyxx enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOcTlBVUs5b1Rkc0FPSVhD - cTVhazVUdGhwM3NtU0RjbnFEY3FlanBCVlJBCmZyUVdNV21wbmNUaVJGcVR4RVJZ - dTJRQS9NWk11RmxWb3hZa242MHdzdEUKLS0tIGphZElybzlYT1NXYlM5RVQ4VDYr - TTc0c3NsSE9qY2E2UlhBcVo4SzVIN0UKIU9hBFSmEBzEg8dTmXN8pETltwfuZqkU - WOin+YLzyyO4dpI7fl4sRyensTu/XwyIb9l4MtnvqJ5ftUebB/FY0g== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBTVMxWHRXM2xiWlp1ek5J + dS9xMytuc2xWWVdWMjVEbmJZdDltTzJWQkE0Ck0wY3k0Y1dkOEtyZzFBejdlVlhO + T0llbHZVUHdNZiswZUxvcldmTjc2R2cKLS0tIEM3QzdkbHlkR1MxUlhQL2RwSjhL + bGdnb21ROFdhQVM3TUwzcXhLMkdOdXcKWEJduFjYwfhRu0MXkDm6Pb3eFzxO6RxE + haC+ymh5a5ElB0zOCh3IyfxA5q/vSKmzPcuMW1ZYNV+oJ//gX++ngA== -----END AGE ENCRYPTED FILE----- - recipient: age15klj4t7gpfp69472mne4ue62pp6m4e04dmjyw7yf30qtqd3vl3uqjmcyxm enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBIelpweU1vMTN1d1FaaVBp - TGs3T3BUbG4rYUg2WGNpd01zR0JEa3lWTFRRCk5aV1kzemtrQjB4UFRsUmZlVkc0 - YVRiVzlZTXc2WTdQeXRjK0pnNlpKZncKLS0tIGFyTjFkK05UelV6ckl2UGRFeVh4 - RVNibjFyWmhMQWlvNUtuRkFMWFNya3cK76MKBHt0iIPr3T9/8jn1h3vb+f2AZ4e/ - ZUrI5sgD0bxjl92qY1FDzQD++tyX3CbY5lMewY03C6Xlm+8UkResuA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBoNVJuZ0RFT25kU2JTcDRU + dFlhb0F2SGJPeXAwbU9rY1B2WXUvRUFiOGg0Ck5Vdmk0bkhZV3pkZ2V5VUFMdC9U + NnkvMkwxM0dqZkFKcmIveUE0bmIwSE0KLS0tIElBVzJGOGdVVHlZdy9jcWlNZjlC + NmlXRWVmeUw2L0xkR1lkS3JONnZhN3MK8+v64RUKt5JtrVeKp1UuOzmFDadmJC3x + VPmxNxZHPRTUwyt6vfM68P7DdodXd5jj9faDh5jOt2T8PWGkAT4rug== -----END AGE ENCRYPTED FILE----- - recipient: age1k73gy5em3js9zklnnkzp5hme9k04lny32fgahmzddknjw5c295asdyr4x6 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQaHpkWG1lOWgvcmZsVWVL - c05QMHFuWVg0S0ZYNVRhUTNsRjVzMWZvVjE4CldRMFB2bkZ2Z3VUYm5hTzdCUHhD - OUZxM09mbUpvUVNXUWNBTnNmbGNBM2MKLS0tICt6Uy9ZenZHVFZzZzZzaG9oYVo4 - VTBnMEJCc3hCdHJ1WmZJTnMvSzNFNGsKAIg6M/eaPur6IRSU7pVCLGg5yiQsr3Fc - vSX6dvFKNghlYNiJygrBIuB85++WM+yywttDYbavC86ythu3TY4JrA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTNkZackNKS0MxNW5EMTg2 + UEdjNkVBR0FYeDBqUi8xVzdNR0NLNDlnamc4CkR0MHhSWlVWaVd4Sll3akdOT1VC + aWdzQStVZ1BCbkEyT1p5cUlPY0pvR2cKLS0tIGtqODhxVWFUb3ZQanA2NWZOaHk2 + MnlKeWtzVnB4WVZFM2RLL0ZFU290bkUK5S/R53pZDa2kHcN/BMT27G8gpG0bscOx + 8yoH3gcJjDAILT4JMw3lItqIMWAp4OIacFOr9+Mby4xjZbQeYPlqRw== -----END AGE ENCRYPTED FILE----- - recipient: age1cmzh82q8k59yzceuuy2epmqu22g7m84gqvq056mhgehwpmvjadfsc3glc8 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGMnlnVHlRN3RzRlliMzIy - bk80VU5GV3JUckdQMGhjYVpKOXlNMGtGL1hFClBLNmhzTUZ6SzdyN2ppN0ZOdEc3 - b0IrY0p1SkhJa29GMHdvdnNUd0N5TzAKLS0tIDY5Rk9HcDcwSkhPVEVHSVRxbVl1 - KzRwVUo1SnlrckROQTBRVEc1eEZOWTAKrMH5tCxKzmvuGo7FL1TZtpoYlLV1obIa - 5OVekmkvGU0trhxybAgz+hYSofnLaU4r9N601c+fbHQk4ekjpdIDNw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwZWFzWGNPb3NJdGd4STJ4 + NlY0S2VRY0d5ejM4eFg5dTRsZVdlU2h2WlhNCjMzdlFqSFM3bGVTd0dyZmV5dytU + VjFELzl2cEk1eGlibCtnL3hFbnJkTGsKLS0tIFVaMWpYMGNRcnhTeDZrNmtOL2tF + L0VpMHdpTi9OOGIrT1Brc0pRZ3hFN3MK/Lrfqm59epkQOA1cmrw8uqYdVubacDwh + 1hrhxfcVLfnWVYHEbZTiB1w1UTIiod4iF03PBDKdA4vcjhdXy7pr8A== -----END AGE ENCRYPTED FILE----- - recipient: age1wmx8y2hs83j2u5srdnfxljrzxm8jtxl6fr0mq7xf2ldxyglpzf2qq89rpx enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSByTnJPcmwydDRaTGV4MDU4 - b2IzOE9vNFh3bG4ydHhwcmwyQ2Y5SFQ3VDBRCmRXQVdjZ3EyRHFQY3FYdVp4TFhj - emxLZi9KM2U2aGRMOVF4T29mZVpMb1UKLS0tIGtzQ0dFZlhHaFVFTVdCekI2T2pH - UEFwOUd4OGhXOG9MWGNnQlFVbGlSNGMKqw3juHHxNaEnU3eROfw/1WL2zfvyHEOx - r3p/bmz6VZVYEEVUlRmlFkLQ2TBKiFV9aq1fBa9HmbXN4b3j1G/IYw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5Q0JqTUloRWhOQitscW90 + NTR1eDVudGVWZ0FlQzVKbmp4cEk5MFlha0JzCjhnMzBsMCtEY25rdHJTLzlLVmhr + bGd4ZnpYOXJhSXBTTnpDUkticlpJZ3cKLS0tIE5FL1p6S28zUStYUWVlYXJ3bkNP + VXYxcWlpaWNNSVBmOUpRcjRaVTVnWWsK6XQExwxdagJBtQQHIulfUpABpQ0qDccu + 2GDm3GwV4GXWF4eM6/g+UI1D/gzi9jUW9a0KCt04gRrQiOsok49fJA== -----END AGE ENCRYPTED FILE----- - recipient: age1mjgw3nxlnqdj04mgjz3wn7fj2nl2nxla4p2r2fn4nkvayfgp09pqllxzyh enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4U0FQSytJSzVvSzNsMmNC - RDJZUUNyQ0FBSHpyUEhmZzFkV3ZTdDViVnpVCmhZRTFYblFJNStrdjV4djN6SHRT - N0d0YlAxbGFLOFlSRTRNaFUwQ1JpTkEKLS0tIGN5WEpmaHM1d1ZZOUxzVzNuekt2 - ejJYelJKZUZTb3NxWlZZaFA2T0FrL0UKl6f8m0ELOZtHvbcrRzDBbJOnmEbZkWQy - CWuoEuaUz8fIP4Yv8nuwyADczIQ4Tm/KMUzyp71JE7Xw6EcVCvkfag== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5YW5WMlJybzJVSTFTQTJF + Sk11aC81VUd1bC9SVUxUOU1tWFo3b0FaTkJZCkUzeGZBZUR2eVBRYVFZRmFFMVBv + OFJWUS9mUDU2ai9VaWMwOFg0WHRSVzgKLS0tIFliSGU0SkIyMnptWWVTemV0STFk + QmlRODE2MDI1bFRORWpmYVVabnNuMk0KeEhmPV3Q21YbkgRsHdcWcHi6nYSn2dOf + jITmcrBSjJ1wIxc0K8jl5s6YGnr0bFsR05+jZCZWilx/Y8m9ZkDvQQ== -----END AGE ENCRYPTED FILE----- - recipient: age16vzhcvz8tyxj8e0f47fy0z4p3dsg0ak4vl52ut3l07a0tz465cxslmhevl enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBnVE5yUzBrS05kV3dRcDZz - ejBydVVoaThoYStPVzRaU0p0VW5rb3hrcWg4CmhUeENSeXVxOVdrVWNaTE9LZ2hP - SWowMUt3MXgwa21tTHRnRUNla0VQLzgKLS0tIFVFK1E1Y3Fra1RVeDhJNUJlNytj - N1BaZC9hOVdwLzNRcDRtR1Nqam9POHMKwdPVSlwMcg7zzn/hdQw0Y0PHJyqdgui5 - 12QBHA9L8+AB9rFk3h/w4gEiMN/BgvR3a4rdGXuY9CA9ZZpgJUUtEg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBCNm9DREp1Ky9hOWdsc3ov + VFJhakJ0ZkZ3Yi9zVlZOMkY4UzhmYnVPT21zClZwNS9pVUlnWU14cXAvOEEyK3cz + aXNVMWRURTVlMnJuZGpmR0d0MGhkWXcKLS0tIEwzV1NRTVJNY0NoQk9lZmJPcWI4 + V1h2VVhWN1hBdG55VUdjV2dPNklFZG8KLlRxT7oDjsMBDO6ERFejIChHw5IjQK0k + PagBSFPkEiwfdzm9S8/n1ETGO4+NPdeaL7FUnGGdDOIw8nfA8Oh8nA== -----END AGE ENCRYPTED FILE----- - recipient: age15cx90pnp54xp5gxlt02yn9j2pz968wp3l5ukdkx55xuecp34e5pszjku4m enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBaNHo3cjZ4WnpCMWpwdFZr - RFZRUmxtZTZZVjlJZkhpeTBmeDF4VTdRM1VNCkN4U1pNUGVnT25OeVdxM0ttREVv - VzBoblB5QWR5K1g1M1B3M3BaUHpiVk0KLS0tIDhGOFV4RkY2VTFvRldRaTJpZ21P - eTYydUoxWTREY1pZT0hWM3VncFBVUkkKWe9bsP1eKeOnhPReB45dBpDS9zLSBhNh - M5YwCS30yntlPoie7P9G6OhNxUUB73GpC0YzSoLXvzYoQAhuFKpRXQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWdlRKbExtL01LZjlCL1BZ + TXZpS0R1Z0dROTdOckRBNGlBZjhERTNOdmdrCnVKOUlncUwycmp2Q01zOHVCUjZp + aTNzSFNKaGs4dFZINi8vaTIzUVdvcE0KLS0tIDZJRm9MM1dOUWJva2E4MlV2MHpu + dkIzdDg0c2VsRUl5OCs3WVV0V3NXb00KcfSgaOyZvj4bkBwhUfEqle8tyiza2gT4 + 0BOZzIDNjo3KdzB2w0XVuDNXWbAAtGz61N8VNEWpC5+5vuxpEuS9qQ== -----END AGE ENCRYPTED FILE----- - recipient: age18quey88vge7xytclg2nuq4ncme86dg04lxwczqxczmdchnjg3p0saehsnh enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBuY0VNdktWRVMxdVZ2SGdu - UUR1bmVYWXlaR2xQWW8rL0hsUHBUU2sxM2lVCnFRYjJIUzBGRzJEUjh4T0tIdFJp - dTFpR1RkcWduQVhNSlJGZVZXUVVLNTgKLS0tIDhac1RYeG1YZjQxTUtvTU14ZGgz - clVHaHpITXI0TXdTQWF5a3lxb1QzZE0K6s2CaTu846VadMHsYMP3uIOcgzFeDigJ - IWgb+jQpcWY0UZ4pXMzu8nn/yNXd9+GKIy6sY/z9UgTe6bfzaIM5cg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBEbnNrYzBHaUx3b2U1VWpH + TEs4OWJsQmpXMk5FUVVkS202WWYvbDdlbFY4CnpnZEpCODZRTmlXcy9kdTFMb0pW + bWRYMy9tZ25RZ3ZSRjZ0RHAyMzlDcGcKLS0tIGp0M1dId0VjTDJqSzFhdmxMZ2hU + UmpSRHp4alZldFpkZjl3QkZiS0ZPYUEK2SbIzKF2XO7C6a6b2gohULnXXhBRV0xI + eag1ZoM9Ih/fEvmHgCUfriHBxyAKXWT8x/vRm4fNSGTcHW5il/4m6g== -----END AGE ENCRYPTED FILE----- - recipient: age1ax5hqk6e2ekgfx5u7pl8ayc3vvhrehyvtvf07llaxhs5azpnny0qpltrns enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBpbGFLKzh0LzZ1WEh0ejl2 - N1dMSTJkMEJRYkdRRDZ1WkNDb3RLREVPdEhjCldGVGJ0WG9ENmtVMmVZbVNRVE9S - bDViWGRUcktNS2J6NVNNR01zY3phancKLS0tIEUrWXlla3l0MTdFQ3orMU9iYXFV - dUlIQVk4SFNLMnAxczl4Z3ZyTTBscGcKiWJtWO91bThjPYkhP8pzu10q0eeEiff0 - b9VKxUFL1MnSXgOrEAbeluOZdWDEN16BUKLlTCUI9mzel3CZVtyGjQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzODJCbGFoTWxPRFI0QWhx + UWpuNmxOa1dSanc0UXFDYXRBT0pJSWtGTVc4CkdueTB0OE91VFN6QjdKeFpFUHJp + Qk5VYVZUb0VWTmJnS2wvRFhYQlRqM1EKLS0tIDV0Q1dqanlJeHZSY0tWVnFiY0p6 + Z2VPYVRjVDJDMTJrbzdPK1NPRzhiVmsKY8luku16SftuXTjb11dEZAINtwXkvJxO + I7J/4mW7nvuAXeekBcQeGcagsFY3yWHh/H7Eh89F1TZ0fLQ6w+/WCQ== -----END AGE ENCRYPTED FILE----- - recipient: age1c2enwel9un28dcs4wg0vcyamx9a4a6g3walkhu8w5lqhmd804paq9d24as enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBMeG1EN1pzMGdrclFGR2NG - dDE5NXJITU5lclZwVHUvRjJkL3BITkZSWHlBCjZWT2JRdkhQaWY1M0Fwb1ROcmo0 - Q2FWZldSRkFiVFV3SjZ5YmlzSXNiMVEKLS0tIExwWHdsUGNFSGRNQmpiVG9GRVZQ - UlI2VFFteVpEZVNERkFZRzJHdWNQZE0K/hO+xriuQNbutdysroL9KomNW7qdOgZf - zcO3Kq6TqY3B4EP5HttCwhIARonPy4XpjYvWqZVqSKnzEpD8dGoJ3Q== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBESkc3eDFmS2d2bXRhWVlP + ZGVkN1VENnVpY08raXBuSFdVNVl6VUpLeW1zCkN3MXo5Z0Q3cy9oQUxzL2Vmejhj + WlNhVmhpaGVqYU0rNU1qZzI0amdmUTAKLS0tIFdkdWNncEpmTUVYbVoyZzUrYUFR + K1Q3WEVPZ2UvdjhTQWtlOWFSalVTS1kK8jdLGw/94bu4tInTl7YihQt1jL1upKhU + P4aDISIi0FxBhCnazZNgDzbkWHYRfWl4hg+Hpz1P7rcNZ6SpgfAfyg== -----END AGE ENCRYPTED FILE----- - recipient: age1nanlervuderw4qskcuessycqy2yfmptl6nym9scgp9ky2265ssmq3u73r0 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBML25tL1RzZWI2Vm9WMWpa - M2FGckxHVkZpY1d3M2ZRZmxEZ2VHUkJJQkRVCnBreTc4eGRtbVF1ZTFHVDNtMExI - ZHQ1ZUwvWjlPUjNMM2t4dEI1L3JaY1UKLS0tIEpuWFN5c0VRSHhuVmRVRmp3ZjFW - QnlWVCtKMXhZWFZzVEZMdkhXcUxmbzQKqscNABsPeruY1L9qu2QetnP94zFxiQsg - bTrGvv/wBpw1VddO4xeCJSsr9izXE2NSjYKWzBAIGKc41protZ6z9g== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTdDZCRkNtMEhpcjVTZ3Ay + RUdmTEQ0MGdsRE1aYTNEa2FiaEpDSm5LN3lFCnVxKzdnSC9MQjcvdHlsSzMrMzE2 + ekRDSmhRRFJxbzFJREZ4ZGV4aXVtT1UKLS0tIFZJRDQ2eVlqVWc4TkI4TVVoOTEz + aHhSeGdsSWx0V3NUaldTWEZlak1keUkKPvI0Rf3LTU4lLIXo5bRv9PgXf/VY9y/L + gVwnDKzlzyobCfqDAvQlIiYeVAbtgJQ22erJ+PscOBv8AIRbcRAS7w== + -----END AGE ENCRYPTED FILE----- + - recipient: age1kyue7mfvzuxprjz2g6ulz2mxlr57rgzg6lfpnrqedkelehley5ls3enwsd + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmZ21RR1ZNeTJxZUZhRXZT + L1dGbFZIZUxpSW80NjZnS2F0d0RLNlRJTHhjCmpGb3Y3SUxuSkxPMnViamJqRWVn + WStwZW1uYzZWSnF1RkxrbmlaeWlTRmsKLS0tIFhGcVJrNCtHVm9FWHYzRkNnZWts + dEM1MzRjQXdoZ0tWUU54T2crU0haVDAKC17PiuVlQ3aoopJd1+g2Ov53GqmL9wJP + m4Zga9cgdLA4F7RRt5TiTSISt+rfixAYuE4KOq5VCoXk1quGtu6wBQ== + -----END AGE ENCRYPTED FILE----- + - recipient: age1qpgj3ell93rzkpjq0ezs6t669ds3nyxx67pj50smx597pspz6fqs4jc6pt + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVMWM4Z0M5QUpENVA5VGVI + aXpnSFAvQ3hhMEZzV1EwSzQ2VWFGVmwzTWc4ClkxYmpEZnVjdVFKRmd2WHFxcVI3 + MWxTamZhN0JrUlV3RzB0Y1RpR251S2MKLS0tIEFZck01RGdteno1VmlmZEwvTW1U + QlJlRWlqdWJuVVhKVzlUSDlJTjJRVXMKRmQs3AIJqOShnBnxHdpwUByV6CTvDhTD + zUKN7fLt0AiI/yqM9O2uMou4B/4AZSAdGYnetHMUDKz301hDIVg6iQ== + -----END AGE ENCRYPTED FILE----- + - recipient: age1f63r2klnpfxmntswz5xydpa75ckgjqcs2yzkm0msqwqgz9aqgu0qwzr659 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhNzdpUW42RTNFdXJsY2t4 + ODdMM29rMjJUNjNsOW1BZVRkNlR3dW1jcmxzCnA1NnRoUW1lNzJQYzhRcXo1cll5 + amRNUEV6Wk5MWDBxTVNJRVE4bi8ydzgKLS0tIGFwc0doSHc0RE15OXk1V243R0hF + TDZZeHEzd1ZLS2UyMmgrM0t1YVVoaFkK7uV2IebkF556mv1w63LGyGpPe2T9FXaW + 4IAE7FMVwt9zJ68gqb1u5fF8TNqZNY4fewbs0fFurN5gfGeFwmVjmA== + -----END AGE ENCRYPTED FILE----- + - recipient: age17328xwk0z3znalpmma5rvp0lt5ghn5p8xfvnrtdxwsw80dqysacqj9j37q + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTbmRIRmpubGx0d2JSN2xh + c2RpbmloVzBOU1Z2NFhCRS8yZ3hGSVNFTFNvClN5Ky9aL1pvRlJIVUtkQlIzUGFa + elFFakh1UjZEYm5sN0NtbUhqS08wRU0KLS0tIHJXMkNiVmhHUENNT09peXR5S2da + TmNWdE9ZUWRpcHlrQVV2NzBsRGFMa3MKmjqoQua4m6Ry8TlVsgwp6/ACHt5/5E5t + vliGK3bjyZsoDhT+cvyvzDBZzbuLsUod2h05ZWn18bHfeqOQSUdWnw== + -----END AGE ENCRYPTED FILE----- + - recipient: age1qdzkn6v3xhrfjwe8jxz3945dhyyhevwal0narjtr8whf9y7nh3wsn524u5 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkYnYxNmRyNlU2WXNtd1NK + TGE5Q0F4eTlDbll3TkhSRERMelBxdDdqbDFrCm0yZnVVdUowTzFSdm9BdlVKZVVi + WTFWSmJLbjFYZlNzbmg1OEtnZ3hPWEEKLS0tIERCZ1RJcnlsTlBKSlNtM3h3T0E4 + aURhaHk5TGh5R3dycjhCMW0zZzJpdUUKs9Py9QLJcu9xgc4svNRPO8fnHJrHoCWh + 3LXs9EpMHtku2mit3hMb+UjWfpDPnClAyTdT2tXPcfnMkvjwdXJEvw== + -----END AGE ENCRYPTED FILE----- + - recipient: age1etgfym5m8hn3hxs6cgg757zcv5zg5n22wq38fuq59n7qk7nef5uqyg6vvs + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3RmlqUlV1VXhiTDgrU0Nk + cUdIT3ZSdWFyZC9XWjl0MjM4R3hBdHRHUVh3Cnhqc0Zzb3JrY3RQNzN5RkVFNm1x + S1lTT2xyNGtneGYyUVhELy9FaU5zWVUKLS0tIGFOQ3REemYyWE9xNHhad0NMUVAv + Q09xQlJpalc1azB5bUVtYVJiK1dmMDgKuypbRRM82RX0GS2AUEwFZuIqemiBvFWE + sTQXRiISo5ClGOfRu7zExgMxSw21N6DjrKG8jmghGfbe9C34b7ecag== + -----END AGE ENCRYPTED FILE----- + - recipient: age17mugmkdw0y768a3huuf37r45eff9apyknxvwk3agg6xzsjmqp96q57tcty + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBrZ1BVRWRoWmZIQ0ZVaHYx + VlJPOVp5b0txNmFHd1JOc2piMk53Tzk4OVJjCnEyZmw2NGtZRFdnRWJwUThlZEQ2 + STlzOWc5TEhSSWJCa1JSNDdZaTZoYVEKLS0tIEQvTjJncmoySzQzeTljK1ZXUEd6 + MWdDS1FVOHh4RUc1VXB5Y0s2T0lOKzAKX5Syx8R0/Ns22cShJW+xw3ByiY7b+M9R + PsUKdGiUpyQZ7dl/zsC7/x/DRtRZQ7TECfxZNg8Eh6qnB8LavhOILw== + -----END AGE ENCRYPTED FILE----- + - recipient: age16gf76uustmyyksm3t56zcq9g6j8avy0wrngh8laknfq733s5welqedeg4x + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB0d1pBZGEyclJGL3laOG9U + enNYSFkrUnJtQlRLeVpsWFVmQ2NzY3dkYVdvClNHQVlmZlVOeEJVcmg3MFVKOGFn + OXFob0hKYlBQKzVNUHJjUUt1cU1ZblkKLS0tIG1ZWEduTkZabkFWNEEwTWJzZFp4 + Q0Frd2RXUjRvN3c2QnNQNjZIVHNMTlkK2/s6sMjUP/Bmy3OYBLPIKmO8E255N6GE + 0j6mK64ziBsiWZI19GxxvFmuJphi2bO7Euel9b6a5q2rdcWvayc5Sg== + -----END AGE ENCRYPTED FILE----- + - recipient: age1fnvlmhzju0yq908xtgags0sy85q3tacl2sc3w3vdd3yfp27xv5aq06v948 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkMndESVl1R3NydWR3MlI4 + bHdsbFJIbU5uMFhvUUsrdDZ3ODl4UHlJU3lJCnk2Nmp5ZFlGbzdhQndXRTJFYys1 + V1Rjd2xMZmpRS3pSazhpeTR4cUtIaWsKLS0tIGFBM0k2bUhBVXIwalVsbXJqU0dp + WnJ3SlZIT1hPVnNBd0phUUJBUDJSVnMKpKoMKA2Ii5ixpqY2bWHDbtYZVXBECXcn + 7oGFjbnlutFnXgYX5RDsVr9uscGd+GmcVai9S3wPnApXeUrCWNukwg== + -----END AGE ENCRYPTED FILE----- + - recipient: age1s5gcxtatd9frwctzwg54fqycsx2sa73ll36k7qrpm9wwyknkldtst90gn4 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBZMVh4MFJObDFDaTVpVXd4 + RTFOM2VpNUtwZVV6Q0JsWll5MjhtMkVYMlE4CjRqRi95dWdpbk16bUZmNHZIT3FW + bjdlUjM3UHYxRm5FRjVCa205SUhhcjQKLS0tIGpxLzRsd2Q1ZENNVzR2d0NZd3Vo + UUI5UGpuTHZTM1BJcUY4amU2c3VCbk0KTXh7pQJvunFsGp+vhkPTB5V5/+6RAQFe + BM3AWFpf5J2ciaQjk/Wer+yawb+JxyPl0HPNB9955TowoOZs/Kqplg== + -----END AGE ENCRYPTED FILE----- + - recipient: age1d89878cvt7wsa07ydwtexspku5gppwstrpnpph4ufx5pcd4fadyqgf6lvl + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBZQW9DekZmcFFKOTJiV0pu + aDVyMWtYczF6VkRFVTF0eFJ1eThBajFXbmwwCnAzeCtmOENzbHZVbUZNbFJLL0xO + R3FsdXkxWmI0alc5RThSR2NMWEx0cEUKLS0tIEhQcEFXMHdwUVdRaHBNNGdqOFZu + RzNDdEJhekN1NzdMSm0vTk9sYVhRYWMKF6Wx/LS34eXza0ktcrkhWh9oTXBUGUIv + 9jWjRbD7goJDOuOoQsT+UroGfK1yt4ShBauPZvAE8fFTHKiFk2seqQ== + -----END AGE ENCRYPTED FILE----- + - recipient: age1ayupuxlrkepyvjk7xwgrd0pvcj3tfcha688mcuc8ees2hg3g2ersd0q3nc + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB0M2tHcmVTcmkzRWZVQ0pv + RmhMSHhPQkNkS0Y4Q3FEalBMMnp2bjBObEZZClpaRGJSZzJ2TGxMV0xjaHBOdXpv + R1V5Yk5JT2EvWnMyc0FtTndGYUxkSzAKLS0tIEVnOUtKNTJoQ1FtWldQcVB5SjlR + QzRGWGRWcnBUOXJCc1pZaHRaODF1ZHcKh4DpR4FeJ+Wa83xQCgEByHap6XW90g84 + XDFTrsQYtMQMd9tmXeO8Xb/aSqo+Z5tHzoyZ9UuLnXygm6W0jXM15w== + -----END AGE ENCRYPTED FILE----- + - recipient: age1cq7wxnugpfvjk6dgqpfmc8vemzhkg75drkgeaqjd9fuylz5qh40slazr4u + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPeXlyUXV1RWFSY2JaQzVm + Zy9ReFlLU1BPeThna3FpWVpiTTRpbFhrd1RBCmVHejlQMWZiRThSaDl1TTNSRWZ0 + OGEzRjgwZlpxc0VYbndhc00rM0R4VDAKLS0tIHVIVnAzQ0VHQnRlVXU5Z0JvbVVB + UVptanRQd1p4b2NjaVZTOXNzdGxFdmMKowNCM2GOIpeLvE/VHWQ+ygC3uIO//Gr8 + jBIaOSVPDHMCrgxOnmjM2R3O5C7JYe0DdmuvdtYogR6aJIzUsjK6xg== + -----END AGE ENCRYPTED FILE----- + - recipient: age1vn6ya0japzpgc256jg57fldsqe4udmq50sj5hmkywn7rxfnskevsx2q96u + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBFTUY3SmNiaTEvTjYxNTlr + ajdEME91WTcreGNsNnY1VWM3MUtaRmlnUVRFCnRVdzBPVFF6S3kzNjBlSktjMGc0 + ZkFoZGVwSHBLWFYxUkk2VUZKOHNZaEUKLS0tIFRIM2cwTlZFV2FlWmdjNTIwYWFn + czNGTURCbkRLSm9EL3ZjTmdpTlhCcGMKIiyPflqSR0XYltQosek3kJ/K4Mli0S5I + 3P9XsgWPzZEL/9GtzzlT35j7I1DCguCZ0FjwYgaNpJoWvrGmZW89nA== + -----END AGE ENCRYPTED FILE----- + - recipient: age1t7zagjfddns4yltupk7nx8xps4gh7mupyz85uuys0wd22cxj5qsq2hw0p7 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhQVFUUWxJK1o5Z2hGdWxo + ZXF0U2J3MFNOd2x1UkFqemhzVWxSZHZON3dVCi9oc2drWTAxbGtyZlE3ME94R1gv + N1lhMFNNblVRSnF4QmpJcHVxcSt4VzAKLS0tIGxCRW5xc3JBVGd1UEpTcDYyTlQx + OG5rNkpnNHIrUktmM2hSNUdjSkpsSjAKfZEswHDyrgfcS8x/i+BsSvGoo+2eqFXb + go7pTPJ34uDJrJS4wNF9UXH6VYayYEgroaG+zA808HPAgbpTbTPCPw== + -----END AGE ENCRYPTED FILE----- + - recipient: age1rn0pxluh7m8dyeshek06d7scejqlrcewlk8xmyrwt5e5nev2dc2s3s78vq + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGZHdSeDB0bGR1M2dNR1lt + cmZGK29saUI0OHIxRExiYlFqejVsdWk4eVM4Ci9kd002cEVvZFg0bW5wc244cjR1 + UFdQYlBKUTBUR3NqVWg2WHlzYU9LbHMKLS0tIGNRRGVyc0huRGNXemhhODc5MmFS + SE9qVDVvbjN4TjdaRHV6RWUwTHBGejAKIrK03kbNdtQa5drJ7SwIg1L2xSMFf3+G + mknfqNXRucxpaXz/iEOQf6n7bwFyGoqHaLiJJohDFebag6mWx0gCEw== + -----END AGE ENCRYPTED FILE----- + - recipient: age12jh5836w3cmazec8ql652p9h3a3xn6quztztzqxg4n0kz7r96dnqqlhxxw + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAyZjRoU1JLSjFBeXpnMXht + N1o2Zmlrb1NldXpGTTJ1TkNoL29pRHZZMFdBCkpIaHpiYmJaZHZXQ3I3Q3RUWHpD + MUtUNzFpNCs3OFZKSXRxNGpPLzNYbzgKLS0tIDM0RUVEL2dYSjNOZFg5OGVQWUsv + SmFMSGJGVVl3T1ozU3F6QkdoRWhpdzgKi0F8UOAu+tI6rLzLMo3Cjbs6CzX/zgK0 + DcP9H41L28q2NO6estGgywBzv5yCCP6Telr9YRYJJE0M/VQL6czH5g== + -----END AGE ENCRYPTED FILE----- + - recipient: age1gxg2peektn8x36kk3nsgmeawl73e54kaadqd649ygwrv43kkvejq2cw64z + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxN0JqTGtlaTJhNndRbjBk + SUhWLzhYMVlJNlVqM1FlMnhHYkpIQy9NYlJrCjUrc01XSEhhWlU4c1lzK2dlQ2l1 + TUgvdFdFQjZJaTFOeGV3R2tyMVhvZTgKLS0tIHNaeG5FSjc0Z3VQanlER1N0eGYz + RTBLcnArdzB1eUZaczFZdmlaaVFMZVEKiK9LwpdElYVxmnzYQ/Yzu/jbd3rFeSbJ + V4rUahiTL4YG0Q7yI6qVEeMuunaXbN1bbD6WEft3H24uRxNopeWqUw== + -----END AGE ENCRYPTED FILE----- + - recipient: age1kn34ny229gm0rg7wlcvxmcyjtz4gka6f2vd958fde6vmuzrxcvcsufra90 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBacGFBY3IvUTh2TE96aitT + NzlxUms5em9FZnhtRlYzVHNHS3pQSmpJOWk0CnNjZTNwbjZ6RFlwNjNQbWNSMkZu + U2dGL1U4cVZZMFcyeXprdlF4VjkwR1EKLS0tIHpRcTJlWEc5d2ZzaUN5TGtPd2hO + RmJFcDdoUDl3T08wcnZ1eGI1WW8rTUkKI3wTGR2wHkbn1F6OpDiqHNTgIRjrf3IK + vJVMer+X/gQ1+ssJZxlTHNVySQcgr7vstkcot19yd6OwmrPvOowSrQ== + -----END AGE ENCRYPTED FILE----- + - recipient: age1y69f2elvmq39lc3t3ucq9y7wt675520n7rvug88qg368qsmmk47qvwrtny + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkbks4R2UvVHFPTkNJQU1n + bldkWVhaUWpZQWdPcFdTSFcrTVM2a3U4eTA4CjB3L2lZakxxeEZKZmNnMlF6OHox + bVRlc0JlTHNtc3NBQmlncWZSSTA0WFkKLS0tIFNhbkxMM1FNaERpTk8vVWZDbTBX + OVRuazF6YzBRckJQdVlJZWZrbThyZGsKxMDtLfQDPiHN934xE98if3cFHLwFpNdm + /RGFLObFn2saTI86D83xmmjgjeosxPX47JvGHyzCHSVeA8Hd+Qp93A== -----END AGE ENCRYPTED FILE----- lastmodified: "2025-12-23T01:11:36Z" mac: ENC[AES256_GCM,data:e0WoFBQSR5q3GOQ+GMJGBd4lNBAMqlnVjtUq3snxrdvcytb9YvKnoYQH+GjbdGIiqrND8pOVnZt34AjkR8YfpWe+VrkP3Vj/3l+1GjF1XIHbzBNKOQHdYPSVsH2NZwftcAdphbStf3GTlb+b+cpTn4a9Y4pTNGVoOaOA1tBr8bM=,iv:sPXktitTNMkBhHr6E/QRZCVKrgyED9/o9hiivbObACI=,tag:tTNr4UEf92UrtI0Jvi5o3g==,type:str] pgp: - - created_at: "2026-01-10T00:52:54Z" + - created_at: "2026-01-12T22:05:05Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAwDh3VI7VctTARAAwMUZnWmCPACr88oJaBkqzBT5YXBDOxuhKRPdMllXhfji - 7u9nvjbsW5a1+Jp1hc6mB2tFwPeXs9jTKDbYdAsObaDGPgljNm5ONkijyFISGziq - facsQwWGtFykROPxT+Zc4deXY/zx/WLI40jyRz6xyduKpa95tYN0GbfjaxXP8Cow - MVdPqAFxQd3DHXkOvoBqAa08O79k02d+MUOV0Itg/+f5caIkksbAgXIAPsRob7LI - d/bjl+iVfKJLBPRhPtxNNEr/f+wHyfsApZb1EBM6wbGkmPxDRPlTiqHdOIuu2XU7 - aDf/62ayla+1+HnWH/2zKAmf3yZ1BUFJDqLQxOwexpVB6HPkS1YyRJTbw3uo2hrj - ixR2H0uishnZ83+AxYlRfaFCC9zioeMUZL0BV/vlMgIYRWNIJ5fjwNExJqsI0Gdp - 3MqAGdxFiWY6dpOfCXZmvR9MN3Iu52qe7rq1miPP2YY92bBDfhP3QQB38MM0UR4z - Z9Pt6kz7tQS/NNrjvlf2vWJ/qh6UuGiDRX/x9xfY+jaW3EGbO6CxeX5oPpGQMupZ - 6ofeLAxbTiVm7f/rNCIU7lKubGZ1QBVagm4Z6zSNJ0DQzcfa2LrYLhl8eqFPcvqq - 4gH7jd21Yp773jEQLhwRs2lLIgGZoWDyUy3kfNam1QeK4wwBrYtnDs/nvAcCws6F - AgwDC9FRLmchgYQBEACzYSZnIf+GQv0jzTkCX//gOUG4iuRxmIopX3vl8j9WWAFS - vboerj1Oxs6RgqkXddtEBYIevjD+bSzPdhby/hkE3Cct7oLWc3BDK4bp1YksEFWj - v+K9ctkOfyh6ZxNLnOOQG8hFxEbMnmFe1cKuCnn8ARmv0xu4NaUJoG7Qb6DgHYDO - eJZyWhq1LuRx7ILxxyG5lLj7IfPgUofQPxKsy6ifwk+XtvWFLdhacf1ClC+Z4Wlh - TlE0yIdktQXxsSwS5ZSUzRl4coeQjP7xtWUGU7qPGkflFW75TtJAKKt9JlOZQe5g - fsQfXgAGzLdHiNSNpScm27napu12zjsmLe3YbYxTafxVRgccQAL0TppaqDHhhPmn - qspb76rvid1xGwTUl5MLyEcs6E+N24tshWP2lmakk9S+sRhR1nNBjq6CT++JDbMi - N0vTWz4lzAQLYKdB3jp8Hx0/fsuj/ImXjW5Yh02x4vhrwEyTPk4wdoLfIuKm9Sat - SoIhPBo1kkIRHQXpdG9Xd1XsEuqsbR485PclsOn2wFz0Pi/MA1fc6gFYWgw33V4B - nSmbQoZdJAtEDxusQQy7q7uKOQ8cgTSzcVzDrUB3+rIVRrTIqnfTfPXF+mEhu1cK - ZNlPiUXGNEqo1OUog5TZ3glj9fffL+kvNsK74/Zway2WndGO4V6TxgF1KZWcuNJe - AXpNAjTHSu4RMUpmKV7QTw509liC/0ouaX35MNmVxv1uxqS6vLQqXjQXksJdgfmj - xVpXUdwa/oG0B7hcXaG0Ttrakwyt5jmQEkf+v/LzljIDLEhZJQg1SXv+WOhsuw== - =oawp + hQIMAwDh3VI7VctTAQ//UcF/Q2fFKsmf3HFpNrSG1SB/Pm66QKzQ8iYFNuwlgOnx + UwGpoer07OTbUwlVEDd8lxLDTw2V+oycelnNAyqpjrkh9lzIupAsOAMFN0BEBruK + Z1Bw/uhjbEmOSKds86HkUly98Zhvgl8vY95//9kD6/mUZ+mKcRBRin798UBE6/2i + hF41LQ6plw+COt1SnIUcUaicTQYUKnP0WvUCEIxNHLamC3jYCISgUx7/HDDE3/nZ + OMUg9hQKd6779qN+QYiIxxd+f9aQGyeiDYdW8EL2BfclV743n5mWWx+Kn1CDkFcP + T+Bs476BpgH28CGQ7384m86qLuDFpyyA1YlctNPoqN76fZLlcrCIFD7maTtbvATI + 1+mUmi7DEiok+cRb1ns3EXBq5LTaC/UobZAnj2svK2mwPkxdOFPHHRGG2NTObfHi + 4zXzBPvePsK8cYyum/p+hhZZzbNaCJxRQDQrkO3csAdu9iQ3tHhpXINN/+JyGZe0 + gONnt0w4/pHZhacrir7Ok61T42hPmtQn+lWYBSHoLZi4f+9LaqsYUgjudm7W1tLE + OcEDNz/mzsqqvYYIIUEpi20/zr+ABUWlkd3F17DPprt6mVfc7Ma3RJtB6d0CRaTB + IrdccCB+voZRX+TYamgMqRIkALQeMwrujI1f2ytgGU2RcLINfHc82c3iobO3pWWF + AgwDC9FRLmchgYQBD/wKXn0wbow5uxX00RPLUOB1a7n0J3p3on+QDr5mv2amhrVa + 8frHwy7xCeE7DQ4IaUBlo5ttiJqqqgTwfYQiXOmxZ/oOz0Ovpmq3evjjmv/Gkv8W + p8GgTULrHMBAsHzl5tVCgow5QWlehyROQn513K6wWxRAmxVZzDVCF8XK9lkMDyY+ + YoRALwni12i9O+XsOeAr/uaurhu0Dx5GfYfHJjLQc9XdLuyqy/shhZvgnVrJBTZ/ + QY6A+BhVyh5q8LIHxtUFH0PaiHeYeVF8LWeFG2SNUG+rkdyxaR62tYLwkbntszZV + EOjlNo24c7BJJ/h0zFRNIaa+hRoUFn4qqeIZ3KmwAWaO13KoNejLqAe+h7MmqhDo + VVRIhlcIxas45brh7O56oDTSk6znBE98WKGtRNSmS0lQxy7t5bHa7dJaqSqS3jgr + 4ThlUDbvi1L8eUV9Hpzc2iG8Il6yqmh5i+yMkUVmp6leTTJDCgNsMwrb7VKoVEi6 + DqvZkWB3ZqjBgxsm2ud/kRXyWqNQDV9wV8K674ciBY/0mlpwHSvFwJ34biAlUuHA + al1TT0Sn9L9zQbie+br8e7IdxsGSFZqDcxlV6InlBbxEVPnqj1FRspiQUW2QGu0T + 3xyT8t9mXnlefcqEiVm2EjZ908cFr4EgMGymBJvP8+ueSyOZdJ16QApXrDJWQtJe + ARYWMv6h9EWX5Hz5YzLQQ+suPA9Z2fGtq6U65uGOegKRkUUQbUDFx+wN7k/WQtHp + lcu0Nrs94oZLmYPtL7bAlR4OkjIQbC/5/V7NVEwtj91E3eiJCZFmZKSlDFd6Lg== + =fBnf -----END PGP MESSAGE----- fp: 4BE7925262289B476DBBC17B76FD3810215AE097 unencrypted_suffix: _unencrypted diff --git a/secrets/repo/globals.nix.enc b/secrets/repo/globals.nix.enc index b153729..2de962c 100644 --- a/secrets/repo/globals.nix.enc +++ b/secrets/repo/globals.nix.enc @@ -1,74 +1,154 @@ { - "data": "ENC[AES256_GCM,data:H426SsDhgoKaBUGAekwU+DeE00rOuaQvRWT1HukJQksnYU6FoPIC4AhV2oGZall5JwhhqnKM8IZ2QTlW/gKEBLsRwQAU0AqFKRo2ULj73TpW8HwpWyXrCTrrod499+An3NT613Xux+CZLm6nSlPAEm4xz79FwoIJs5vUThF2hhu/fKZvxdV4QWcXqoJ44cPyHRrGEPZiM+JNjPKgIehmbdqXSZrA63K9vlH7oS3lkg4jKDYSLpiLg+jzf5WQe5PTKdCO/De89vq2qwAW3hFoUTYLxFTr/41+6vpO+76MytAbOjiZDF3YG2NruuNoiq2qZyCyRQ3THbiymmL4DqmHpWa2SafxiK7uvKXf2B5XWyveH/8U4vVxFBqsboq1Ot8Tf8hxV+ZO5sRYxL1RczOZ68CjFqfKHH4+fnvfIZRoVIsJ7J4M1r22rzZ5d4YnAFgC4z8dmRMmMXFwXv2xkKBC+Wpew5EEccEDVJ824ZcPTk7gXU1O7ZwKFkca9M9Nj1EwTfGN0x4XVv5zQAPrVUajtyJspzilIS7gDqpOTIxk56psV8EaK7cIAkuGa1XOIgH+wjJkxzXTFazG/NRuTDtwrs8y+aFDSlq1j+6hIK6+x7dQILdNTEgKSg4ItB6FlN3ZhBFZWcvF7aeKogyWLa9+uyQ3o+4V2n65MAytwg8nthAHPOK6xk3mbrIhY0AmRXgtOOKWydUGOR7ggInlGC/aeIjD831LTyjHG/rNepqQjfc4sKtkivNNNy6zp9LH++VPklzAL+T+SHoyS7X1luDyXpKD6Suyef87cfPdVNnHKRo1MKPVGIsD241994CsQ9repMS7XpTCbtiM4TpKDX2fW6W9PnR59vi3v/NjvOsVmRPsPTKqtyjDTJxcHrc2tLg4E+z2mBgdRFxGs8DsrhpNMhhhDrRSw2YrZjfejMZcKEz0W5hxTNrdLnf21ORDXC4Pj35xdWXoSbPnYCnE+2odLHJtNtPbrKsdw9QqUO5BARM7erj4ZbiVVAX3E89/Jh00xct4itofokHgDQwOGusgC7Y4PLbBbP0ZMzFFTCFd85rIagkYNx/SwEX7+wnfSAIDSunlB59Wk+sP6kDYQ+/Y66zSLejqlglskCJE2IbgXIETK24/w20doH2CHj6Bhx/wmixOd2IKBytkOvB392Bu8GLJx3BdSicPCgRrt9II6ifgHy4dbJrLIGeUnpz2/kWPotr9DSfjwNkNsW1tHQ2WOQQhBZ8BDn6E6xVteU8svqTCYKT+/NUmKH838WL4hAk6XkBbZJRpk4C18SBM0k0YaydjCkQ2+5Aryj7K3ohiqcjrDygEmnMWSKQ16Az8MI4S4KPQhUk8zhBKAerekBIsCEEZaNKC6p4JkKIaz0qVejy5DuZzQPL/j6oRXCBhgks3DwfiTvW9qPuyYlAFVMJGoY74sAajSWViJR+1ygiE6ttgOdzqtEsFXuHcO5VIvjsajf8Z0+V2XfDuYvwajHPcu+3JXFqwePK5KgwzhF5JzlcXh9czmPFNbTMGnTfMvG+hDoivDXj0lf/HEoQIy6XTt4zL5jaLo0+o1H1CrsRQrvkge4lwwVGf2rc2FPYbdrpd/PFygTX5VvmspQZfRwGsFILWR7SEz14cHe/aBBv+EZ6qtqPhAiugvwUZiM+m2DRnAXxgKAni1F0pQTC0Qpa9lEseR7nhJbGR1KzogkxPmmPcrjDK3jn05oHiZE8L3mJTG6S4hUTguYjBcP08c4mealYQti8MRuBVtg6j+ebXwlwPjOjwhEjOWpQG5aDhUrbca60tfJlwIjYzAwzzcmsVZmqOdIYcEpXQcKi2daE6rnSR0wO9gkMvon7VcqVHDHnrkAhdCQtieds9vGy6i91WZKLzsvuhpHM0iUMSG0sWP4bVUq/X/M65WuHQqQy+09EM+EijOCBIDglL63DkW8Od0t9WvZ6il7NkslOwsU2r8LbOdWnzTRPxCrICj7rGaF6fTnQoX3tl4EpcspvAYzSHiMuzaKx9ohfSylC48psKjDDBC38ZhhK1UxRYxrmEyIfkwKakFGt+zhAT0u0OwPl7BzLzT/TFrmisOp0xKnsfGKOS1qq3I8mcE+tJ/1dugkfKui3a9FrpTBrNNUYMOHo9XFT3vm0D+5feulhm/f2iByUWXJ2HuqZSLwfRQuSnO9HdyYdcPxMmGPbxUnNf05gwprpdoL1RHpdVCBBsVYpKgxQrWwFuANDVBQn3FAfVRDTIQNVNt5/ezc62N51rxWJbIu0ccsaIdsxrZOKcK58HEEvA9P++k4sbNY2w0zSRuC7gNGnlli5I3Ll6/avIqGfnc21uzWX0ua46n0SbNQ1frODLW7RzoalgaxIG88aeWBKvqEG8n0O/IhEkrnUkx7ZJRpfhgXI+0m7LMiteh8qD3yYR9dvI9PNIm+iYsWa5NvZFRSrigz98ZdVu/6Z8c9E3OdtcLQq4hVlRhM1eXOReAhtZ6076cDEAHEKtoIoNo3kcZlsexLUBHE4XIPkJ6G4bbCW1iLBaXeGgoylY0Lwf7gNNGHZu1g/3RNuK+jzLSly+Uhx/8f45/qcQegMDfvCayfYB37ez/uiUNVuGZOIilJC9eQFVAq9XE2C+cxk8kcESIoBzkwdbUV7N56ZJ9TT2x4ND62qxxuPgh+7MOyBHsRJWlUoYPRU+64fkkRsZdxl10R1EeZpheUyywWSRE5kW62N+P/UUPmK0GeWf8JYPzXyB0bXP+d+h99FsxBXAcUMR2wV5Hbau3h8acgystLTj23AXWZumtzNmR7lmLdyHZ8SwdAoDgO7cylGI3Z6UH/ret2TdI6HUwUtEgOxgk+7bgs3S94gpqGwVr4FtIQSF7vD7LoXF3/Qouad4TqdBF1apcL00dvocSIMFOVZsB83VtcpFwHWIOLLW3FvQXt/M7uXFPwvGIPkDXIIbtQX3QcNWYUYARwDmlHv6lTVc7CC+Gk32k7bYd/kcUIBv5fE+sRk1Ivng6BlduTnXfTftMleHF9hQ+CHqZ+8JaQMP8xl4pJCBjvQ0hi6yTr9t9aWXltseh4HnFKssOWrQZyBbrLMqCde9s3bFjcF2ZZhimsN4NqB8/7zQsZZYyUY5mC5OZaVY0d93h3PmnPIaLqp3+wN8x0bmYoTgsPpqexvaMxaA+NSKb5Cec1f+KOU8DWHNHJYi7zc4h8yEB6Pwp5pfcrcuK4tS6CWzDp0lqwCDAsALdI0cgfqJHKnvgwrt/BdPE+fzYTOgb5RWrs0bfTqPOq9cJAey+YG4cvQITNresOyJtW9ohlUc0z6EJnbUoRO3ycGQhYSAsur5E7/XdbZIHzfWGjdc1ySwA7GFEN066Bwp8yNFXBCqdqz4reif0hwImiZPyJEadCE4KTNDH3OFaT94BQyifHuUiAIwklpuQFT+ryiQgnmIR5rWi/RBFVxbJyFW78KJGdSBeIVUBqXdkSxhaBRgIVfN7k2lghfue/VFAnUAUp+lmbf6SALbIKH+RQyqxgTV1tZky2795E5AotTkGJ1wxJbyrHzSO1fNUcOKQ7Q35wnV3hHDVZ6pG4XZezehacVSLAgSmpyYL/6M1yJGQJZzZ6H0MvTWoMuvcOA+IF+qP5pcVbuxM2IsWHw0/hyel9AiPery56A8GDZfHidYnWfg00ePewJKLmusxoEsAps33iVYHJSApdvqxdrj3Ba04ez45p1DfFO5/ZlqviJ8dg0wKIbRNoIOxLjUNQy8l7rEGfphe9l0VvnNPGVbHXlxkt7yq1zrq4yMfd4oRCcW7PMChcSicjhwXhS2F0U3ybYnKnK9YS/dIhNm4l/K0REF2E+QvgT2ur5dLYsr0O+FVzBS18tldJV9dofyzUsDknBJ4MGnhEOrbmPonbQlfm3adqj7vUK9/J2cbFR5JH0cClxkGqlc9tkBxSOGkNVi6qmMHsoJWfz3VwkdW7RaSc+IKkeJSoP2wMfrJLdrY2WUMxf6NcVKwrFYee6lOSWnhM3Xx78i/wMiHJcVmXjHkj+7NeaM8ZeKz1S2yDsiMMrvSQk7WPYl5SqUihkUTLIOWkbRp9yt872OAWrNCtbon1spWMFG5J8BvS0cpEBVJiPARNwT9keWCddPoTOx/MWMRyJ5G7fwFvJg0KLO7i4XuuO9ZF756npM5lyG5oIuJDl0QRBTtGWk/C55puIsL5xSXuWUHpbgsaeaP7r+HYLWOdlkgcZJ/U5HGRnoKMOpa/mavzQSRU4mQABOGck1wsecTi+1kUdvJS0zGxk8VXlqgFq2thUKKp0i5894+iSuiy6X5/dWgxHRMPQGAigE7AnPeWq80kTREakm1BuSmFyvpHqWHrYAmlGT8dunuqIerpei10REPDhxNzPROFDolrTji6qARBhCUBYffnxg4xGHQwLV7aN/u3cAngg/jay12uLm6AhdkAuhpEdIcQUYNJ3STEon7rzP6vlXNrifuxOPmq9Ru+57pkbU5eZJ+yIGisUyOj9JqXZbrh7niRCZjQhI6B0q/F99q5yeFhI7dYIT+UxXRiw3gOjShuDDsEvb7s3WuOu8cDZ6mFKkpLE7IruTbTPWZnqiq8aDf/2x96PSiCxXFYKhf3T7YmC3SgwST9i+vddetQ7NK4I8Emjn1Nqnbqg13knKlnh/cjJ6q4KGj99eKxKV98MdLqVF6aLtsNzzCRqhuuFR8kmM4kBo32waQGP54ceaHtbMNcML4417UIHyU/yjFOONHfE0zu8D90hxfs4UjuHqxL5MC854PbITweFCtZ85M++JFTRpiihfDtsdi/zyoEU2x83V8G/lCBB/14taHcVcbTBqpYFurPYsU75lNGr5NtWPwxNnJFZlIBde38cBBma5C84CLFaQgN96J+oMRZngCOdqXtxKxaWUb4O+Ek6InmtJIb/pFckq6GGQComCJ1x5YwUsAQgp2AuBo5q8/amIBw+Yke5BEy8PYKc5/RM46CQYz8w0J3rsZzjEmSgUSNY2MWVwfxNWMIYw5UB7JXyE10OBmxfu7OF9Ay40qvwSfKyDycwcQwSzqTaO+iu03gtLCCX3FLd7N8QHRCtP4wftVwLap6Ukbg9le5/W3olrJrBiKk4BSIvZK438L2+ptxdOLM+6SwREv0x1tbf0N7YPjgO9QQvOfNsv4sVs+KsxrrqLi0ao87JTn/mJDMHhPi2ZJW0Oxty8Ym1EOyzT3BhsORkcU72E/tYqLTYd3BToDeYLrk4TlT9QE5Xaaq2vhqI2JS/fH+1z0HWDhjz3tG4DV9aoVPdsPwJsRabicEbpCeqJlBQB/6FFQOHwiSDzlHfb4r7agkyJWfB2wReuzRyxOOOcWhrg4WluoouvJAQHxY7PKiUqBS56ZQ6XKVhZBdDnPfd+NWut7zhZ7F96cQ3fz8cuQ67e3LIACqnXEgc9ox5BjAvi/PXyQvuknlZXParlsdlgOzkv2nWBxocP5uSEE51RkjNGYrgnaxvKxsx9TDg1H7ofO68ioHhqZnbQwzHn8zMauz00dAgXqeQgNMAdCASpkMQ1COvcO8DUQOWHCXiq16/xRo850gV68QdR0PorXhOs8dxsk+oc4JsDAE+JwiaYU7yWecQ+jyJK0HuQIjaA3eE2MQlEOTDs3JfyXOmFRCEh640Uy5AM+4//v8z+r2v+OBPyw3MnIl+ldqpKK7Y/E6deXbx1Lix6Vq25MDoZCejhivokwJtZVyMjpLQVcBasveZ7GjJac7wR3dQyLXWBhxOvL9lARu40/Xo7itgran+YtRSFhQ2D35U4NdW/PmGqETC00qxInkCvVdO5whYxRjN7su7OChaETjzC58tqD8qN/f0uy2XkR1m/zkFD66bQ3/UohooW2YV1D3gway1Kri3cR2ueZY2beeIZPj/ODBEOpn7fva6hbwxsSdrSqFR3bWdxAM419ASa791J7nGlVEkEmGyL2vAhm6/0JBCPq8oAPrcfzw5n91dlvBRTJ+U1hhUn8vZDBL/F3kCb1WHBjGzQuJ4iVUwIcQ8vlF+T28+CV4zRA2U8OlSHDLuHtAoY0LqR8Yaz+snVJDH2wV3jMAryRf9/IS+1BYHpsJVylz4Ms+6FN/Ok5fLhVfTfHIqW7Mic0h/feaeBQ9I/6tvEeYEX4HHN8yRNYmElQUEmHT/Y4Y/Zzu1Uxh5qVvxwEIsH7obr8+awSWjhxDljhLBvcC9rfnj1lYaAv3cwtSWYyyjhGgAcDoJhLXTY2mQ9YucywHdXF/CtSlHGxD3wjTNE15xnRLcKD6MCPRZ4+dUWaOcAqAPDUzTwy9KHvKH0MRjaB+CccsXMJxvL44lqRzQUbK0iEt2Hq0p0O2IdXDdvEea1CFGzA88QHG1x+tVYZMkMhKFIZq9p2dlBUfYwgiCSCqxgeTlp3x0kQ/12hQdVkWVw4xyv+5LCuRqo3dVD31wLRkYg6WKYahaobDzuK0p+3+H2MsFhr/ZNiKtpzS3mGBgybZrQBUy0eEF/sggYXQzsolU71gCMTyBPFBpl0n72MsuEINNlRo6EaLPwWcdZGWcjYFYDVltUBLt68I9V2DRVN1F31VfT3HjqxhNkh7khj28AQlzOsA/PcTaEzK5580HW7kS6TZHy0gGox3b3Vj2lg/uXQeLry2x0+UBUtZVoeNoWH3A3UeyaYw8mUMcc2TopEt0oAUxHO3SAYL+M1/D7MN1axmcdCoKtmD1SEo6SeLmXIvBAzYNEDC1gIBjKEylyHqmbmWYqUODuV64R/MQaXYjcLUg6R4xnrodJCUiLfZf6142WUMGvg5nAehimnVl+O3j+XXCYl7lgmpxkGWuOinZXpq29yBgLVogCJkq404sjpUtIEyXHWmQR449FGg07iU6P1Tl4TUGEnpXw+asKQqoZvLyqPwNjs1cTZkdkAK3e0GBCNA3uohkI7z2f8nIRssgK86b0RM1/XF9GCs+6POqo0VC50115AKEsOj+diOfhvIOEwi1CuI8A1rv5/800UR15ajZS4xnap+pmkz4d3/+HsrK6wWLtx5obBX4j54SpUzurCSUiVdO7ye/x/wWQcME2Oz/4FaaG9OI5QGe5WxUp2VZWhX2nAS8Vb6AiJVFEVgZS47OlcxAFqBLkLVNgh0LjfJzhHX1mk7PW6ose+mzGajlUfT6bDdI5PwDBPHPGphSwuBXOxePwZfaIcHFU4B0PjcoA/1m8CDn/bFE631JeLvigOhNtH63HEZmRxwYpSbmFYZU5IplKjHYMGEN1uY3NSrO7SOu7NrT+UKyqJKPSzw+cEBNs4naUdb5OYujn0JvRz8H49n4R6Aul8NSWLOcbqMHcymI+k1j5MJ2jntg+6IgRAp4EZCSfrat7QyLKadpE3GmZ+mphMLacfSBDYrCe7GWpQwCzMQKKzliG/qcfIZmyfCZv54jlEa7lpeABefx1zyyXkTPuji+KEw3q7brVlaBJ9dSNNCWj0AdhO+JDC8x4HYqW4WLo4BPWZTEpPifLRZ6FrG/uxPxka76atVyCjMbLgmbhTokBctRECYXDrf+mHLnjicfVVt76SdxDUx9FgUuyuHZalIO/hTh7gWF1YY3C1KBk8wEBXdrrJ3I/FFVOdvMVcrhuRtRKEkRaFRBBOOCmBAKqzVvzm5LesseSDwZY0npHuwFtATrfucbxo4ht+uwNUwBstZtawi/F0YbTCXoIPI5iqd03u8r87NOBM7S5T4tix8ifwqLohp7YSQecMsSOWZpHoRxe3YOWYxIHYXbZACmDCMDFgUbgBjgUdEqHovIWYPPgiF600N6ge5l/Ny6ZHllA0+fY6Z0LS+b2+R//RBbZPqZaSfOS+hPyL7ixzCE6/O7XmkwUsgj7qsuJHQsG34fUQmwSZ5pj8VqbMejxTed1z1SWz5m8ddOZ2lQchfGm7gkU1tR+L2tM6C9olrEMVWj94gR2eD1E1CXS7DhD4hKS77WaeuCHQtOAT/gyko5Vb4T3II+K3/1CIh5Rnd+GRBt+fkN7zqYPJyObtMmiE7nz5onurO5rXj4DPSaMT8s4RJ50TrQvwpNJDC0CuMLsjTUfNyUQM6ht44gfmkmxOPLyNdxJBENZPda2dAG6ZfxabGyfyvj42zGJgVERFAOc1q5RTq7Xt21KyJirTs0D0/l3UinTRp4PUIaEtPZIOn9xfV0ccd1u0hT+pYVDJc2wZI0uxMpdiGdBQHuLYGfm9Q7gxqD8kiPQZqFOHSueqEGi1/LoiNNMihncx/tJP9msMhm/oe7EGQF/g06f2s/2bIFmjKhO03iSM8Sj9Zwrir7ZfjuBmK3EnaIJ9OAxXmvG0gL15AbVXv7JY/bXitvxaxSAOK2057i0pl/dFoA8ZIfSbEWJB8+wla03EjwKPHh4ZkAfr/VF0iC4h62uJB/JokDSzlVtb3gkYLeV9LYhwge4D5wmgbjKwhqaz0sa3kCvOsHHln0y/IVaciCxFiaQ1du0eq0aaOQU2oiiD1tTz+gWhGb9qTqgs/jFXOlc6LC1oCHqK3mzG4UMu9qRavLiyyOJGwKLzI5tKfzvZDy2dzXCEujGmpjCrFDsm3VtXmMQ6hMnTrU0fRQftQJz7RlRY9bKuhYhokBG72eKfREI7ipwitqsBdE/sR+4GafI6OmDPDPDjOMVRpLtPQsRaNmoOp6fzCQwH0h19FBnk49NqO10Pi1j+KevGITHTTsBqg3M9tRXR0Tv+8KrNMR4dHt1Jjri1Ut/fC3oWeBoGjI4AxTaRZuAHZWnQ91azKoZJ18OCbA1mKd9sxhHIS+Yxxp4jLiLfgDJvpO0IjCQWmeNwjzqw5Z1HVHBwZlULkPbtSvFdWzNfzQMRKVHntDMQwrvMJuiLXvD3vDngfYA+Ya7qmpvlkqu8+KRaTfw6juKXnyyYJqfHegndYuLPVKq+zF7X6kQzcAyjvMEDml1FLC7GOfD7CEMPf85V/pWk2efSVI4cNvuoe7brZVfuoEtmEollHXewHStEH9U2XDRH37n19+WiYekajjojjBnMa2uIhy7kkyEQb5eF/Ks3+3DEjA8NXeZoosFJYMPf8dziXJflwhI1i2IHUN34RHf42cS1XvnUoHZyMaqZGNo5a4j7HrDw/2DXAeqOwinYOwPG/Pw8je0HrXMmLZUOjyS8hoAp/3w/9Esl1P5dCxdKmu8Eh40gxN4xx82sCl1PRp3S29MyP+QMS8V6gfdQgsEHZY14jHWhCG6PQARJPsZy+14SndYl0qPNGhmEzDuezbWB2R7XP53K7AIsAXarQd7W4fKJo/BpUoe9nF237WmvTTU4kRRpTfux8yvyjmD8VZH0kbjvNkfHYMwbUEXyWzr/Z38+CxpRDzTKA/F4Tfv/OAhh+8ALRyKGc6sfxoIoQdBRTvI4YntKbtvtpUqTR41E+9TIPw/JdI0R8F8DT/otxoXl0vBPx1EYdqxGkjWJ7VIO5fgq7MT3sK2KddVTNmNOW224buqFS0ZIFKEyXu2/EqpyhYxld+WP4i3xdIx5rLbXLcHyO18+DV+/86fKMV2n+4sFNPqVyoORyuEb5R3lm3iEvsebYpn25js8p5QLRidW0Uw3ei1xehN8W97H9MDOPU9eAibNcVgr7qdQwhkrC1Bc+7su2HPLkLvunMASGiaUbafS+YQeorODQ1LFlfQGuXfa7IEBTuhwymj6bREBqjRjl3cC8rzMmgSC65tDl4rEGs870CuE0YQVcC15s6kuHwIphtR54Qemm+WjnV4Xp12Sg28GvhbBsRsGmPqKpMRUKnzRqZHXXdjTpPDhx3CdJTRZXgP2wuTRMIPd4KwlWktaqe+DlSU32u1Ybrjhf3SrWvc6qKDqAYRG0EDOHyMoWcyEXBSc6E7uSzk7zfM1EPr6fVDGx9IsqQhibIOetTqF3TyBaO8sKrTU0BULn6CDbLrOceGewqm1mwMp4oah+ZYwt1B0LT64aAQfahc96fCUxhc76MjYRk8TcwQTsLFL7RFiOe4NimgbOb5/GO8lojWk9GluSSD+S9Lwl16D77hbYxAqhWciePR58SBBeDasd8xI6//CaX1jT+MSfPT+20heNg40mBTq2XVODuHFw5XBRrMKsxJCWTaVZzCJJipQgm7MJNikhlPZH88VzBGzFvLbbz7SkypGxns58tFSQy2CXaOCVQeJv8dZ5yRxOzKSwU1Vyb/tZxZIpinweP8Skfo1k89KviI4gBWmSud1IRYYCWAxNWy6d4m5vmezC1Cw9Y23pu8Puv+5YltWGqkgxRjvK7qeBjzrTcqEQvGHuRemrDeehuO3Np/BKbCu2USWzhr+s3Kghkuby3I5sJRB8kGIIIekc/JS6ynSksQkatoprySrnmIuei1Q6QbzGJg3OjgXNj7/tJvcO5vMJqaSIxCm8ZZhm6LmCnuMWrNqdo+bB/BX2XJNn24Gqy9OapaQHgifcc0QSLyQajHlTBbn5aL1QvDfe8is9nfyqDvibo5lj0+raj7kjaMY7RmthFqd6HeTXW6EpugHPzSuvn+roAa/Zfp0SNEc+MeQtADn3bueuCNGRbPbgzzG5gaFV4UpWdAYzCLGbwXFN1s2aPBy3rVtl4TGKxG1fXlA3I0NZ/KEg/leMnvwy2+WLkZxQFNBW0XXMJsYIlCUEwheSaPD6ST7HkNWQzXClLzKd0UBIUc91wIa526Vfr4hT7ARAIAKaSRGmyBaZHDEuX2GjNm/09YfF49CMOQQzV4MGBvFlqIIhJBGYjy5oz7Gk20xSKlDJd0p7k1cgbyke9gf3u4dQ49zueYUeJv0Iti6VR5/mHnlM85a29mz6tir2ewr+5v2dwZoDnTfRES3HUgzcWlu3pE3wKHg32Q++4cz2IaSyUge21Ikyh5wNyfkmdtp5XmA+HVkXoZvYJzciEj4H8dKTmpCo6LPokpXtzxR0614ap+wuEoq/K+XDq8bm1t1DEwTaRrFnvFFklcJaTlFTVEskEMGndDRPI4/AU0w6hVO6grURyw6G7bPj03adft/ImOwotqeqfeR4SWJBrGFkgrja1zhjYYshrjTcJnNKHxYCPap5e6ZouFfNwbNxP0ABN/tobDsA8Fg4CTfl98lriP/EKnjSpP3M6RRxGCc2daD57b3K+G01ov/Xby0qpQThdCL752nPvA3irCmuyNlXkzNIMMw0ZQhZ+/yM+5SQ0TsLqoQFFVGdmQFlPB4IdB1OoKwlCsaJxSMN2QGn+XfBykWgrt5TuEsyH6+H/yfd5fTB9X/KQQigkwhmb0vXFct24jAtjxM8T8XYbR9kHnmn1vyQZeO3yvOspBNMZei4GPOi7LeGSDzZO/rP749PvnXKXk8CBjIWJGnQHV1m1nZRRA6igxxmkIuKEsSzAspm1cPXuLUYM43soLpY+ummQusqcuzS45lBU7qzbzfzoUMIqEh/CkMsohd+taUdmRQbU7zUAB6UkDKylldOLkJljJ8ierOhCkCPKKxOHB85G5W6ffWFV8GBX96AR/De1lLJGi1vbtXuaC5FpmvadxwZOsjAcsiF5hh3miAI4x/2TGS48YIPGH0O8IdUjanbA01oAI61p//2N2n7m5o3vis8GDZBVhmVdgdxO4ts9T4ra7wz1Po8/qbnknkyInNP2G+Pu2Lc2kxR3IMHnMvZbvG21vP+SfAe0t2fG0lDmvG6/tzEUd0H0EGUYgokEWmGN6xYBfA2Zgzn6oZGIvWrMi/vGQDilhs5uGT3PCQX3iDmpVc6UoyUpcZ8BYTj1JTYBacmpr1j6lSVNBYnluH4CCxoSVIoXjDjoYdJ/tLeYBDeeBrzY60wR5UpKAGSM2s2wBuuMMrVgjTncWi4rP6qPsDrABPDAMusaxuJX1b1PBV+XtDIEqAJXLQOY9mT5/m4Wr04zHmoWQvW3lDS630svp7GPbvr9f/KjglqP26WV927W8vJ1EgB/8g1r7cvzxfVuqr4ewywCyQXa6f7CWjePO5Dcw7l40dsY7dn81RIhEHyt6n/ifc9MpHPgOu5P0G1LTr1Mt8JI0FyhDqEkZkyApUgnFxMSfhVIePlM9qK0oliXSD0YZv6EMQk0nQrSne+lla+wvJJUVAPQR6H7gTDz6vy0hTfsIHNgzHJ5MsQiR4S+0e2ta7p38bbHMHSeSHk0DBDYv9zNh8NTuRPeQS41dLGr/54XpKGX5AmT3bTJnb3D6j+Itiqn5KqsLpCENbypbmFH10QbVAavGo0O2aog5w9CyjxrztxjpI4k3z1rW+C1O6W53MpceLV5Nd30qAcPf2pBstXSjpFnapHXg+wdgtP8I8IJmzE0Sw7JXyel42qXr7Z/esgeLjZXtp9F7Wl7d5H5g7yOExQUegaijT6eR0GBzcbnRDATNnHiyx8u75TabwV6aCPMyD6QGVl8ioDA2NVARMiBPaGpw7BvqCQ9OM+5zOf4VhQ3hODW35usDUqEuV1WTl447i0HW12y6dZwZfdHMU69xtJwFCM3hf7VmFHi+JN+9qwdim0ZX9+DQsPflkoQXUrvlCdIhCxd8Dr9f5b1sQyL//PvzOkawXfNUtOWIUxoLkiU2xc3O4X32CIsJdTVg95G9HOTlRSNDpL2jbkAfObKW3OlcLors8dNVRSPoHhajY4evLMYO2Xq/2lFkaxzXU58I4xCk+IkgtXUJ6mUZTEINdi6yEMbOPQ7KNF4YCHLv4/m142mGkvyOTuOo0G6Bv9wPnEHerhKeC4AKkR7qNU0aJNY9OjNUnQB7lBe3ZHy1jbITl78cPQezuChOQkDb17zkrNjRzFmQ1hG9FzRFLoZ1AX/wp+IBI/98CHNM6knVR6V9WoHfpD5fkTunPOwM+605Gj10RGwq4sZR9rc9On55kBXaiPMCaXNrfhnLo0t1TAMDNldL/b9VL6qfJEQh40vw+J+HbT0dWK4JZClKaHehrvJCXhYm2om23aXAC4P4nG89FPKS4lYYK+9tBX4W5c114l7p8DQbvQhHR2HZCBic291D7b04eOt3sK/bO3PUB32fLhaxzt4dUipxhBCg0/EHKnWNT6UmEAo6W0RW00n84Mh5Abq5P4ZUSOcBJPnwaDWRE4TjD5W1aSuN1j+SSJNHOD9uLLQnH5t30JVYFnm/pz9tsM5vrd+qk40mLkw5nFOB/miDBA1KAHMQWRn7Z8iJyAGvXbXT8izHmEfVl9ubpy58XeM8voCoMc2YvV+9I2JUtYRr7uzuZAHkt6/tGGl72R+X5vP/GdhQHO5oB7rdqLnrocWFOXJ3T1jHecdgJU6sz6SfmkchEhhe7lwzc86LuM51tjt7r0mWY93O6uX+vEVNpuKKstwbIn+hyK8SRZ9nsWonuVqWLeIndE09U5bnaw9kPZxdyFMtoJQ1sTa47zs9tg+9aXN9hxcT8bQb4g494aWpIgZ36WfSkhFoQR0IPJDMKbC7wMALjrsnVqY8esxUNULysS4II98vyXft3VzC/I7nj7KBxbI3eKfBccYo7kdDXDcH9N4WS/0QHU9xMsiRl/XBrN0PiHDuBumulN8+PfELQhdhG4uJ1pE0i6GM1eaK16BugFcho9gnNRlUUP55YuothPEO2gRF1szVSpYhMvGfHmcSBkdt5cRuV0wy6onIqgnYr90vCOUIG8J9nwzxG+w+qG1quDkcyH5a15BQvkl4QGbs4AvcpWbxppniglLUDfhNTNAV97VFP6bxmOGjyWNoaC00jQFlxM0/ipguX6bjoPq8WgeB4yghfkv4gs1EJtwA49cPRDP9j02/HScECOoZ7JQyAZ6Kc/wjJ8cvnHxceQmV48/2K1TxcKl23eBJYIN4hivjcRTVPg5YwZ6eRnhNs/8K2uyxzOvFZpph+hNnwcJiv1LY+U8iv5QHk67a/HIUXRzuje4nMnLVgSGHeeQUSzPV6KEumm9FKmS000Fkb6qBgC6Qq+7q15oiFtctYN8GvtTv5kG4utTr2e/HrSL59E29VHhbZaTJUJSS3GrTMDoOZxpm7cESHop0XgTjb9dpCwPfIl96Fa6wEWYzvI9bwNv+/CCr03IRhFuAmePQ3E/rCQutnxyqJit46anudJ8NMzPHeK+z5/Dj9MN2S4m5LHBD6+YGRV9zkQsmGJLtmFarQiPEGhVFsdFRk1GxUs+Jkfmt3XpUHlSvw378pY3U0WdVXCB156BakXVR2cYDf/DRq5lSrgcTUmzhsNrfJArMHY7077+1+Ka96IKs/j3Tsu6ZumcanmGlyMLG+J+1NIytksQ/ehhHIam5NrwgzpiIQeUji17KuUe8qbmdTnEDRFhp/il+tSgAbO4EV3F4p+HcO1YxbpwxGH9f27xtqYFBvW2xyEJP4VYH8eExSM9pIbem715yN2NNOy5U4HOFkw7/89QESgtwhY2Ndev9Dy0GAGmziA257m3Vk+awubQeJM18YO9kHezA69n/tbKgIv+OqOdGpnycXFbhIyBnevEYxLpyT72VhaUiqf5dXBux3SmY3zvLpFqNYD0FVRdSAYM+teDEWPF8YzwfS+s/TBI4vSQAJrJe5LDF9yLd4bP0HEjPRLLwpdqw41VCCZQmYP2Npcqm9v4e0JUfBfiX7+RCIH87gBW3lrm3lxuNZvtPpMbBJhok6L7mMZaZQR1WIE7gmig/ivnGMr/KzOmrGbMQWdYQ6HIVUE5MZyEXZaB1C2wkx3s24GUenDxIRneZPt0O1dbUu4ikRUOQYQFwCGGMjwvrDG5irL9o9jtaon1fVzjh3Mn+jDVw3dq8KTwc6M06nKuQz0VfdrPqQ+Xv9EbEYx+Y7fs65Yk7xysVVAhMQd3ebKbEbAj7++4iKb3lrsumMGgKqAxBU7Htjqbe7pbmB8FHy4U2nbqptVONHkyPBYWS9+MaZOLPRQ9kcuzG/7fJ7ZydXLcALqPVqzxj,iv:zBTf+IXwjEJa+x64pNqfRoaUHiiEvjwSUUB4q8EkkQU=,tag:L/7ZvprEBuLywT44Nf7geA==,type:str]", + "data": "ENC[AES256_GCM,data:32cZWuO9seRvIz6Rf1qOstMEiS3Qjcnv96wkr9I7S5COnjof13JdNPhgIn+0PHHtO/UBmreolO2E0Dd5QcWtgJgUr2tFvRvWyD+gtQjzpZg9ndqRzCoESYS/OjwhLkoFGGiEmc4rMFYMrxiQivfYkUUmPpb0MlVyVfA7GgjgHFfDU9DnHt4I1x11OVcQmziNJzSrSH+xnvTH+X2rgDZySrN6UzeqZIHphAaKcaAcDlMXWzxDZUrdgEsVpxRMjWBuVZ4gZLeGvi5BQhBiAu6s9s5dhts0okA6m2lqInFui32dyIDDw83ZXnC3KwfyRbksCuBp+7LDWUENGEOxwS/AuEFsVnfM7CEwoHFY3a51dsSVT+m5ogT0pEG6LTG+aYwOlhe8+ToSEy8JJqo7GVDerzmUjeb/jIFVCZNShqbFdswL8e/NsThEHxJgVDOfmElNYpxfReaS1ApwwrFdQj3eIY7lUJC96ivbwb/pXVgYru6LYtnHFj+mRdfv8O13lCOiYyEdF13I0RQ+i1apy/3oO9eHDYcSJryZWPMPO+16PbkMovjmbdvnqygLLJQARqEnJ4rKYM2XdACz899KfExNLP05EclAsZnId2KFZfdVBv+yJUgJ9HtvFccKtYwJqO8Ko7J2dnBSq8cmCk8QCZGlZul1YtMbFOMo6fv2JkEcas1VoKEuTx3GFAsyjxZKLccASxBfxPpE2if3HrsoU86LNPxcTn5MKR3njx9MkSdEah9tA6sO4PujO/wjlCyDef+wDC2j4fVFk0GzB35m2PGK8E6rOXRX8mvX70TaJhka4jXvrxsTYBW+G5c11qbSST3MVi2Iz17xOfla866M5fxbHbrQnjLiO/D810g42SyzddAfdg7iSjP+7OjC0Z/eCwS9Jm5X8XO1vNvpf9IwEgB4H/BbN+7r05FKZFpVzYakt6n2oi7hKK++iAP5GARZFUPW4fG0QEBEDp4rVYgjTpMaUQdrBvVuafz7KW6uYoz0VUNLJIE/vzsZj4ts2HTgzLYnZ3HwDMPqwM2yOrrvjBw/6/dkBoLLorpqoTyJdD/2LzLI4WJHj7ypC5SrUiBDLK4xtl4xYaQpZ+Vn87I2/b9UWet2hUu1W7/uoo4G3tqntJrF1G0Xtfuea7m7d9IpfvJIDUBm94zuX1sYvrLB2pNh5Yq4zf/D1EI1/voaze9LUm3ijz5L5ym+NRzcC3CMZIg5qLgmMnlVx38+4udLt5+R7zBugT/GHoZKLPdjWt5oIUIaG7MiOqaIpxNPudXYaPX3jGI+1YSVdt8pDdwyHG2kHtW7woIjC07EV7hrf9swWdJGyj03mg5VKlezRixrckLsO4CfKcVTULM2g0xQ7rNo2GxETnnfqtqnIk8fd48doN6SYV84qIHMvCSyhZJvmfStRZLOugomAZQkabi0thjep2WWITVnyxiEpDjLHWFKsFKnd/II8GxzljhwZy+bYgZz+mDC7MUuDJxQTwH+TKp2gAbfepfCCSRYE5e1lJ7/KVU8pWx23pagxmJzfOCe1sWVMHrNnf3xpMNojlXzrL9PyEZx5T9Ul9Y/8F/BhqYYFo3bXsMem/n10Ze5oPjOkrpr5QcpfyMcpd2OOEv/yfak3K97qPUZvkIZaA6qwStNfmV/zinTK7f3vMPciP3uPducAJMhTM323//x37+BBkIJbnDwi3Bo2HXtQEb1th76TKC2A1n4qcw7MFbz76IShnJ3S/dV6mrtBJvysQIcsYp1aohb9Z918RIjMH8fLcvAIPbzpkeMlv2neMM3ArKiRvu3athMtjoPfhFNHyEs+nFXT+wjGdzpHFMLyEgvhXvVJL4M3alveO5yzcuR8UWfz/VrvFEO+XlQ1q5cVgTFIX9gxq5WJLX1ZsMyFAyGaFTxEPiDBeQeGW7+ywlOzSRydSjf0bPzp2OVWFryUlR44VueNYN5lqLZ8Rljl5JxW3n1Y/sy4SDq3j0JEpn4vF59+6iEZ9icGUyNonZFLRLbwxGGWDff4VLMQ41Mf1eC/M+gpPpRzO+VRX72KVKQ6eQ3uMJHd3Cwpz9JNkNtAh5b5JIg1JbjPY8Xm1dx5qPlliHW8vsibWupPIZ0sujuFyspBKSh7skyO9IIDuV0X9LAwQyG2QDpYhsGPvWB7z0XmEqvANeQbCDOpbTQEIhn0l5ieigzJ26kTUU1a/wEGv0Qvy07/JLXD9GD/B8sDbcJKoCyH1I/un51An81DTCzRoUfvhNS1YZLh3XzXG5u1ovwrOn68ULpKEx2rurot1RvXhB+imlYRp1Pb1Tjfjo6zB48sP0F7oAjWVAG25OuHsEJ/EGCfFMnvgIppDlIO9XvLXGdr4wrLnbK8xMKE9mug4S2v+ISmMzy4bMysMus/fSo8DbmClh37OumU33mm1nQKZjdyqlA8dVe9avGbNFVegRQUJegl7JfCeTZWXRQsK4amdqEt3/oZru6smaczxIALF8Nqw+k7uQTYHCectsOBbSB54rDW0Zg8obXpkubnCDdykgSsX5c2XYhjAUfuTpu6j3IwJlClB1Nd3IbzqWvcpdl9VTyDZFXcYsEH/eobF8YDi3mve3RvNOd0GnJcEa4O9bYTzmPZBTL1VupnIiJftOTxE2f279y/MF8j//mPXs8r3VhLVo+fZwAX9MhQoJFi8gcW1gfKHmaOT4sx2m29T2HGHt9xHSj6EWvsmi3HBE0OTmLswF+5fIhq4kv85dmCJ6bo+CoOyHFkTCvTV49poZCN3+Er4Bh84/izudIYC9l4PD9cU0ID/e5NNumlM+omyHshR0u0gqJhMsBO5TPyBMmNt+ecF8zhVuXQUXFKOZspF9lXr9ZoCzS9qjW/F3KKILXbcCVYq9UNQV2Cd+XnUQlyr3BEBGWU6LESdayZex1P0m6SpSbF+/alFWiMtC5U+Ub4xaUw3cy2Wo8lcHCZEtFZ1oIn4+Pt1ZYSudu3E16Tsh1nQlwvq3bsR57Q5Kq5UHXWJldWNu2dL96tD9mgBD4ruqTeL8o/osyZkyEajNKiiCw86CVUSlA/gK+t9c5ET2cGTfS7zzh9QCafjLRmySWH8sHgm+S1wJIvZIt4BvsxhwRYxVDBIWGzIZAEwUZoiJsBlhcLiJFiwxexNoZoS3sK81anMA66HJyf3YYS9udkMC+pVpJGBNt2sHSLXAo2F0BDX0MiLth6uNsiKG/1DKIO1Lurgar5rUTRQtGz+25FHTKcZnhU67nbLfJDbTk91Ga6hrwxJV7of8GwrLyUhPXpYl7XhHUziiXwvQS5YrWEoPo2mhOfkpaOHc6tesrbvd1ex/iQUekye9wxGFbSWBJ2JwGv/bxT9onkBE/NwydauGA13ZXIKq0NpUAR1adDW1kssHBjbLW7Ugv0MUrCfrrViZhlIUOxRkFETNM/EGC5me8qacG3f3GbwUY+4G8K8RPhvmNLrDivLEegMYoiW/Ptt6+nxgSFdSwQb/jiHbOliDeHmBwBdunlQBDfzV6oaQa/YktxTGlnQw7hn2sHqJJj8A7jLRu2bayR6DKdjLcDy4W9FK7wn4tFb5n5gVkSwfWpNqe7QPwtmQr2yJyyBYJLlsOdIXd7nMC7FNn01CgsyGN110PmReNPxemlb00kYewtJ7dBgA3RDVHCNk9s1rcNu6locWi3nfyB4JJrvcP4l1vY4zWKbR0VgkSA62iTDOK4y3G0sKRo4+iz68mXpPDqgrKzxDL2h2Hjd0tDFcc2yw/qM1w7tVXhOVLMV923kmMpVXs6sS/oWqoqNWYo4IrmOiv4AsZs5lfZNxykAF9lHOI6V4346Vbv20eyw3oAoXM3F7LnbTKF/PcxQmfuiUZraRcyOTuUAArUEMP57S+0PepQ4o1Z5ck864C99VOudkROQysrY8VnN3ADBNGUagYymk9/kSFYZ2ASMXcM3AioTCrd3JbC7J1ya4RAeLrSFNBBh/X1DSVL6xhxLfVWoLd/UnJ5BS0kqySEHPiy42Z6qw2ppT5QqbCCTsEQVOqonNetjVC82Y6dzKfYkt8W/4mpJaKbVL01BBvm1zA85URcirHnaaejzKJVOMUDZIyBZ4Ezm2OYDARV4qufYslPumki4G5NP6z9W91SY4D0d/KjI+UueTYPzyKFM01Xa1kJ0Qsamp08NQCQ6tHSQ/mJrFNkN9yJEvoAD1f7JpmRcWHGrS/IE3RhAf76byAxUkXkmtsX4dvCbio2kiY1pZh4xeaHrKi7Y/H5QV5dsc/0KSNNdeRzSX979VODikYxkmOCAsPk5CTSnvV3NiRi7DL4bqoPwN8gcBmw9JH248SylOVShj5NZV5skrgAZXZ+9WjHgD1AhYpncL1GK6hO30dzstLFy7bYSBG19Pemovb20T2cS+xHWnQDUpzDYjWs9HzLBgHzqOoHDd89s1qhrVl/IXoeMB2EcYKXIvZoBVaHCqQyWY+lO53qg6Lf5+tdQUiZr+u46TTIKi7pf1afW4N+wu4pXiARjUIPHUL/+hM79YwHdg3oP7jLbcAVmh5lAwoFBWiJHMmCr22t47iRCUJ6hYJfKBIL0CxWDuZlzr5Rm5tN3Vh8ehN8hQMLzqEdkONPRxLBsd4BqDwgWRP/KYT/O8/biJ+B9mDj1rXAE3brF0jHx7HsRPjAaFyJC5gYYX0k7f1QfBPL+PvPSI030+k+MWgdxG0pchN4unFeBhulgMPEo7c335oX7pBq9ajX6Lhg5I26XzvXt5ZOHRiBGpbB3kt4C2IxXgyv9e/stEYz7cNiaLkxyadxPkRXvYuxsYcS9XwnRQtGR4CvOQTVrg+C2BE/WQOPDBajoUaLsbtkjuMMotjzr6gvZx0oJ1BgHNH1Bs4/kcddyjlsZJgRMNPRru3UM7sPnghqQTAx+9hrKj0yUSjaL5WxMppYVRvELY64r+M06M2ZyZvoQpYWWPOYumn1KSyQ2WSB9WO7iPe3V6qdj2c+XRtlyX4UlPz1lGm1DgPwkO3IG3JyhfEvM9tDD/9XYKcvbhduHcMPbCuCiKLarSS3r3g7KPX6VdNkfUx2F9klLWEjPZOP98yXNaKrbgASZ966YOjgB64qXDnT6Hewx48d5PUqcwbZzyYT7Oqk+SNunEqApO03DVZQo4gPXTRN+KzOO5jYyQcGxJrbpIXPC/okx2P0Ee3a1Ess8aQ+sn5Ftq0rEY8f2jb6YcVjsxsvY0TrTwjftbm5gqY99CDf4GS9vRVW9bQPYw+wFSz0ds0wDvw+BKKB2g9uiTMUt2NcKjHyC6s7VVyIvc/lD+cL54ZHiMX22tx8eq5jABiDqEc+mRvnxvxnHTgvQgEhRRyvdnC5vJ7GyXmtlijQQEDtPWtXtMV+Njtkg8q6ZTkitRfQ1ofb2KVqq11EfDEI0MZMWRi+le2PXJguL72cev4N8bKRQdvMj7NqEh1nhoz9Rx5+oY68ZonYwkTMGYJA3bvzHe00aD+wLmcRZFRg0Ipjxj57id1ArI+YDx68GY+jZgsml/XQr1qvv3KCL5Cb+i1yUUMAJOczTkEnxLuaOAj+ntL4Xy0BOVqyFq3MF4gF7xmDauumf+bGt5rUlsKTABWabhrH5ZaG2t0bOp6xFpRu2Jli/9WVNTmj14yVJ9qY7wBNJsvz3n0sSntxHcEUQyPAgrRKch1GWOCAPKg2HkyMmntHCgTwzgM9igPK1/KLS0hmjsQsh3IJYUPR2DCebWYDUdfcxIoMK6Qf2+1paKziX+bwGttyLOPs3OTv9ig6sns3fpvn1C3ZljlEEMpihsZdvJwqQxVc9L7CxUGc2p21kA9Ts1YTkXw/G/rEgubr99UYUjbNrwcwVWqp5Xw/TADlTFcPsEcpzFhKIFOq0t3n3k+3Kfy+rV/5RfE2oEMHhz0FeuIXppCJXfqY73pyaoSoGoK2FWwGLq3g7V9bp6I0n5BJV+C+jPfe/Cn24yDsssyGmn6Vqz/CJCn3ifDEHK7Ohptq6L3HmPmI5Onwz72acPKUeIolpc+x+Id/cliLn1TKiHTQgLGVmR6grCZy6DJLQZUPsPhtf+e0bL+mzqN8FBiYMkfhyP/Wk2yllurKIyUCVIiMB55vGml6QnlG3Of35GjFuSpBfKTdUga/zFO66CP6sxsINbgqZihL8E2Bm9OKak+Z1gV0YLQxBX48hUpO+3N/6qlCUsURvVRJpx344/qWGrdiAwKEnOzWZ7jWSk7NQnLhzq7TBBPkYNOlV8Wd8WgbpAvobR08wKYtJbfMWBXz247nYOkVWKL9lbtzowAyj8JkNaYIuOXjM+yUiKcykTIEOg9m0WfoOp1FE++Qwa59GUytOGKyfwZwOWIJMYD9TxqBAPYCuesXERDxYBOVIYz4dbKs5Y+kbu54UfK/uHMw9mDOQltoWaBDVqckXKUaw3MW4IqZmvwvCvVnkjRXd+GRDvDZBvLkmv92B6dga9EEmMmQkSp6InLn1zvPgELEBgdM4jgcsVB94fBFflDNQ0QMq4SRuzqxTSc9yrLENDrmxqvwOW/vKrPk/9nDnl8P+lPkiuFuE0eVKZx4Vw3p0lxmRyJ8OfgNyNuwcwIwPHhmgDya+k+KRu+Ro74OvJvWRi8jExIWuvmbSjpfAU0/6ohPyVCq6Ct1fSIyB9oQyITrFmWHGr3pEqtHiJ8SpR4aXc/Wgc8c6+bjbBxAUdgIdqdKimr/0RRGtkoCypg2892vpUc9TovvfPpayfVKS79yPJVCqMqB7oAOMMcuOGxpv3plQ99EhtSwqzOI7HI4OXcm5Tn302RhiZIZ+Ew3yd3JUN49yJkIM+FCm3LLVQnMyxaXc2nNfmNmhok0UEdTBfsAk8/8k3asFwuunQY8fWY0oXE8SnfB5tqe2QKrswNqOlkYegGjD6LV29il3Xu0/HKdVtABgLwqiuSFTGd0jWtkMp5Jz3N7/bx0yGU75ZRGMAct4qfoXwU2watLFDtbGiXPEq+LESH1EOQSPdzPlg+mgBWd0dHLNET2i8rOekvyBRmarKbG/H9NTexYtVz2DWKDtJhkFPcJJxG5CF5w+jeKIYKBR+ibe3ayYXY3lyMrayE7jY/rCumMva5YXktCWxdBQj6s+uQkGxMGS0p/l5s02HuXfRbq+b02nuNM3bKd4D0QZ4SWOncmo+TzjQaVugerhWk0a+HLuahzoBFhUU9JC7kDj/6v45Nb42TCxjA8AOpiaTPaMdXXkuyid7XsGKeEQuFN0tpqNKzCWI+Thjhd6OZs94nkWF3rKPYm2gNjt/A/uWVBLUXWMRAyWz3c7LlA2FKkhHtiTeamlO0qWDiUvKeKgC/NTw2Z2veMaVfMDv+JihykPFgG/yAxv453JnnnBYbfJwtwac3vYSK1oVKGPAyKOICSh1/b+JFeDEYMkO2fythbThp6OfGFkPIk91o3UK/+sB5M1CZIppB6Rknf4+wx/sZ4v9KMmtG7JhTpaL/tmEmjxNT2sOtsQA9edqmJGHk2HSfCKRo1vTE9c3E9VUEI2gl9mhOe6W19h0Eav1ePA1yx2kMxBxO4bACZm4Tp4VwR+W6ewzB63yBSDUAV8+woVLKc9UHIrBcPWfTApT/0pWxD0+1b1GZMSa/5c2yIEnIcIhcR3t8WJBpKJcep6QdJXBXwh4rnpwczi2WIGs34r4nt/1ax6x7pRJVCZ/XXBeoj5/jdV8WI36yYQVqBmskOLyRN4OcVcWjgVNk2OiqopYjfcKBVi+FP2hI/psTBQv7urrxv/HnQExioJd/4rr4SQDC1krpOawvml5yzUd69YlXHdR3MS9BuOe3oqz/HQqxD+diDVdmlp6puvlb7petIX+BUNedLk0grpIgvzGkAaBI7ec6idb+EzPIhvOQubsgHp6AOGbqrES4bJP6wHZPAImdEkq/Op78c9f536LI5VXdm8qycWT0unMHWUK9878I3tDxLedwb5nTUpmZhQN0b+JvFEaBXOnenoxmH+/eANJzTGCOKpfjt27iuCAJQujMyQKQLQy9iceAY5LzsLdmpXlGCEA1HFA7ratDDkCXAarz95PEOsFnpU4mpcbyBUlpZCwZO4v/SjYdEa6u5MkkGl+hnos/0rEO/89Pp0Athy4vXvuzpQnPNNRT2KWJDatuDoiUwE20tVVQs2jZ+O2wKasKJZmJMM56g+Gy0pseJugqkjMmokcfJhnAsdZ10YPW5fDaS1gC588tFhCb69O30zRXKs+tTaxB6XF19znWCsMnjwhk+nwO+mC+RoGS9+jvKjW/cobFXl7m39czcWnKeFi5eClu0Z6f8JM1dpUFgHb4fjiAIjQc2CRTlme9dlbIBLu3J9lQzXtIPUfJHWrlBpa8BS0V04U9yg3VQvzA7xDMLlzkjjj6F8nit3QPlLKd5MJ55FJx7Apy3cn2ilXn7Heccq5y/FEmDj3XUxiWdDC+B6LgJqBE+az8xoCXTvWliwDdan5n8ofghNlfxtHJTz8vqPTVBXOsvl1oOzX/JMtn/aXBrc/xwxNObcq9DXc0u1HpcogCnP0ynoE/RBaJX60bFJTuVg4yNhJ5826uPJI4bGQx9+oc2ab4qmHWsiTViGv2ZX4LcrpwsF5u2iRSgQZ7Qgy0cggwykTzj5//vIBTUbYyAxUdenoWTGxYBGeg8rYiQeetoPouBq4P7+U7Ky4yK8xX0ZVYzLs9XchBFa0dJ5kItAAMOnwhdbjiN4EoUBJAUEHzo6ppIsjVqFV+PjqMfs9O2KTcA5yxmTzRbpr/NqLWMxCX/5Fh4ohNsj0sDx88FIZSo2qJwVBnFxX3b/ZeNNNkL/tVoXzmbYdi7A5qnhYfIJl7DILRqrxDC52rvH5j3Yx5o+AQsOGbzVYUpQtDmidfH1SKUaptQYMO2iU8FNaTC81VEvezXPGEJVLU4oSd5ZogKOlmwwnLRaL0lhhPYRTbQcBq7X3KaAm+4mD7MPcExBBLjbAG3uA+2cwIEVIU/NuR70PFdodg94iNQrJTVSHO+waZxScp7eV0xT0Gr5CQ6dcc8sj4obajOmZOOj85w0gmcaD77dH+lkblDrd6TlLdHeFPC/eiKOpNkkJCnahB/PbFhWFTuw/Lc40cs4rs5SPmK1ajnfpjrZ/blFPXPaU5OjxeN/OUSV/XEU8xndn5RSQ8iVXwqpmmpVdD+F6XC6k8lu+b45NPMj+YKfJep68tic/gAKfWiF/1syMnguC6Ium9WCYZSAbbxIDba5X8DZo4m6kwNIVrAkeC3B+LmikV2yRM4S2neyHiktB/ty69/zNPtNd3KA6WM6ww+MRq8gSC+DUYq3qSSI/D9rqHIBuFet0vCSbjqdUbnjS6L17gVUEzSa1RzXnwcCvA76f+f0wzTZH6ogpAEFheLIV4lhUjCThaY2rH0zRJByqbXwQp4zxQQybW/h9PJc/pT4NFaXB9NwEfDNIM8U9/S8COrU00hOyjO2DOx/PWvn38EFPDezHFJ94yiH2NgMUtJcGZPHCKRIJ6Ptx3SQ0gJavBDzwig6ixJWxcteOBrkEOm/RZfdWP0wDEnxxeqvVNUmugRuohWYtv79Mynh7HxTFORKjtA7vNkPfhbLTvcH3fheyqLYsmn8zqm3oF1hH3uw621ItDTTZpLwpD7tLsBt8J/NOGINrgoG1ffEN4iv/6z+7nyVrffvC1LWFoqDx3bdiKxFEsLct5yhoCbtgWFVjcH7OnbQzxX0AjABb/06keEX8Y+31/LBxYS3sGYcAeAzRL8+0+v/vyvy+Uu6bYh6NWbxQ+i+qnXO0TIgb98QPqlByZzATglsA1nFAyWLfrgegu9LaCQoAzDfmJDIUnXvHaVtPS3PYdTOHveAvfxlAdTjNfMJzpFETE+mXTrrol5XwKy4NfzJZAYL/d50H6cfWfHRWBQiO002D1SRwfozCEEqOs2frISdGyEE9U4iEJxBvWKSHUyecOP1KNhUOOb2adhR728f/J1oZ7ZN+YdhFEFmlnezWgVU+xeiA0DYnQK3PnK3t7TntI0loKF/uNAeoipCM7S+vtaSCq65UNq/CPkz4DEDdUiz/Tmwqjf3G7tPyiZGbPoLhxcXfSkeShPNGvk+Ev03nYkdK1lEgmjtbNJMSKWNQtdf0aJgw/FP2MNEVPPu4DS1Yp3t7Is67jUqn3AApUAh7gU0iGBjaF2K7fE6UG4iszecWztp8OlxEQPb95nGnWHayboa3tHTjmkLFsCmN6hDQEgE9IF71+zh6ZOsElqssfXg3l5jWxKmG4B0mzklMu2JJvWvwbH+YEAmtcyry/bezp2mHvt6n4rlLKofUe9OuSgLnHmGpYQV4J4KoCqKI34+mmYl1jD/n/tY5m/pJPwEhxRNt66t2VqzybJ4pj+MOC2GgQS60TTb0wBON4jvBEr5owN7J20d0Nrq/lLHOwy4lt+E2JoC8pB/4LkLjYj7VSFqPNeUq8s427KtbWNwHsPv+NVvSEMRD0HJALjKkwDlTRwGZzUf4rbty39LerllSsr84rQmd+6bH5yd39vRIyJ9k7ptRzm/sUrW56t47eFtkGztycVpjEmGHZZA3aJJ4rCI/3wMmOVFmAYp80VO/fPOLIMbg8SGICrK0Uhlg0jpas+ZVyUdq57VgdSYxRMjVDtkDOOxwK7kLhaIZUFESHcduUQ8adqHqGS58Unw28F+6qOo7pX5o0Hx96oawD1eUf0GwPLc/ZnRcb0WsHCQcrOLNZQ1QNQSa7RzwKYMvrykHxIEv+bLALfqBujm4EGmwbXdp3chVf0qgfrjp4eZ4GDM1kXdbYOmCsjDSEyagt6Df3ATNCVVNzIkA4jixgMGU9gXhJ+0Oi13AIPL1TjyZuIEVslI60r4unQwVFodXqRu7keAocpEMYP1HGo+zjxcpZmWaIK0oz89IbHOvssbdhT36qHA5Mvbr8Vxk2PuQP97i3alm2XGkdzktNLq4rGYFAYEkXtdo3P+uQfWzCekhulTweAc2EEojBNv+4HVjMgNNCpgyHmVekB05GcvSoz+EO6BH+pWO8BBladi8albYSj3Id0+3vqXrxgS1ln9Ocv9ZKl4rTwJFk0av+DDV0o+BbbblHx4eQOBfpdqpNIuvdCE6xZni/WGOhsOLrt38p4rSd+Ij9dqa034aLKg6XLjJ/cRndsWWMhwMuK/W+Di7TDXhaerYY7iKbjVG9BQbcTeeJI7vjhI7aquFchx7MqTB//62tKb7cPiVHPCZ3xDHAClHA/K79/WRYy0q6tB+XJGzLpxg4TrGwrskZi8pfq/lHqWUvjzP683qlTuiT2NlgH8C9U7rCjH8eF577zl/N1ihd30IK8MNaKC2ns+qjwyFgdsTF3LRpw6lXFbbJg/+WoQd5k0SCvOikZf0BETMduAWxP80piHAxrEAIduDuK+fcDPCYRiuqMN3A8hBtrPudkKvWTZ3jPmRdnJ4sVzPmwQH+ZdXYkjOGwYAGvmAJZDidyNGU2kea85jR0znYWJ/qCBgQaHKvgG+Qbxws0aMHbOyyOxpmxJAW5+XDR4Ai8RtYmrXnhMMXoEQ7RqJrHMn1NVUdRjHFDx+S5s0XTWZMYg8H5ho9AftyN4Io8zTpQ1yEuSar5yBVD6dIQ9VvZ8VMvx4B77q2zUfRnA7GT9V7Op5C8ne6yceqRa/RsAaE14v9VHZ0wfq62ynvINZrSGWxscTK2hXahnT3/7xnVGT6zyfnxerl2tTncnhj762rugeGfuuXRSMAZJj+UW4wn8Sk8siLdzfKQoINalzqrzKXYk8JUvqWqDXlPKbD+WAbNwcL+g8TDT2dVfaLCWS2/sZox85sls7Gz3h1BNgyXx64vYPuPFyRM8+cgqAUZeBV0Tx5vzxdq0OHYXdVACLvuhfj1ETWAOOJOMLMDSJTjnIVcKQXh67pv1XqtDD/bbC+KUnTQUkx06fkZA9JF/tw1uUo/STyXblYfhwRH9bXflzitoOSJXDHNF/HOthPELEXyOlQ4eXNi8Ea0Eh9974dTSA/M+nuca4PK7iljYd19ayQBOxve4mHdAJKxZ/HZgAy/aBpcF4beyzUDupQGZI7jerS093NH7148Me9WkbsqJ0nm8ibkmfQiZu1JcHaQppKYtqWtGfhT1lWEnogZSzwsypYxKJ+AKGql/NfOFewkciDfN0ghqcLhg5MOMrIkZ2Hm3Mjdf3OOaP3Zk/gT4+YUtH7btIz6pfXGooFbVdi+UIi3++gu0FNpG6MzTZizbHZKRq2loUR/p3Wr24NectNKgMxoal0mmX8muWrmHK8k29uDkFsTY0+e4y0Q6C6cFHT/M1OYFTYu8R5qYEbNuGLd2SyU/LSpWifzDWaofqb5q/bhDrJTLuhsQdsrVJHtSK2Av/KWJBFZ0gMMet1rpKFPQNfcB0HuA/nJpl5jUt52l0IQcyCuqn7YoHBM9XNLOvybjDxpVxybZ9NBQi8qfywcd5KFxaHCYfTAJJCYGNVCNu00xh82KVv56naxM7XpEQF9z110FfewMUrHbfjvbJUArzGG2e1b0dYYTKk+f0zjynnFqRToi1egtPbYfgGspjCXyHYRmwTnt1qF77YhE2ZLffhwgGzXjgQtPhbB2jZkxHDeSQX1oK3vqAfwYEX2wGp28AwfEvFQwoIeiBoqsYo/wFBfpDH6rIVH99RuVsar8rN2PsSGh/Xi2e/gw8IrsmYLUIkqXByK7hH5ppObLx/CyxqNNoj9BZkemrMU3N6u+OEEPWn5CzcF6S0dr7rr5Tc00xDCG09/hszXKYRTYzvdrfDUKW+zVF7gpiB68v+COxUQtE56CzLie2hzmU+2q/+l0rJ7Ly/cAivCxd8qg6xhmGE/nJobotWdpPndg+LZ5N1NnJZ5Ztts86HtZ5Ju59ruOUmL2FNrNqkN2SN0EzrqnkXYsLn/PjIeYLMncQG8jZx0uHF5PzJ+ncNG1sSAHvVulyNxQjQBLJei5ztK/3zv+/kAUrqof0cjro66JoZWK1dMP0EDAWwtEbeoMgXgE42iVGJSRsT7YGVEHlztuFIv4jjc4HAzod0bhn8Yff2/E+fr2gI5osVoVGnf95qoqhbTnwd+TojnbFzgqAPCHv1a5kTKf/JKjsvAYHia2GCh0TQo1VgEehp28y2qBcT9PaFC3JJlqWawWdkD4eAtYz0N7N+yWoK2W+hPyLcS46eRNlGnOUN0MxcFLPUXtnsDhf9W021yKjZBdDGsnYYq6dJriPepQJ4PTPw9zc00Fxy1bc2sLRSF8BjT53MwygUGRt9J5tSmXj8eI3PcJ+L/xThD2ofrjWQlwiPjrNsvaluAraS1kzxjI22Qxv3HylXqFEgV4YZwR+p0AGMxDQ40SiFOmx8NOCKcNDiY10wrvaXSAkrJ8mpaeT/DnX9POJ8r/CKZIxCw5gjMY1/yOjeEsoi0thvgFcDZzrdBjWd0f7TSlB9sBcmRhGIjGbD2cuYMShj8gV7hADJZ0PgsuZ44LC3FxA76cA7xWK+LedqVnpJnbSIK3EKghrEGFvJ6T/HwrWPm4pnO97beajO+eFJK6S+Y9clRlVNuIrOOqagsTZUXdUt6Z9baO0NjassEfjWmPzLnStbsfMQlmXvEA9Eircw8QRFuLTlD4aUTuYA6zsQKlZu5bar9dJ1kfKA0jsFTHp16G1MyH0If+jplqItxp7EtlalBwl6itSDdRRayJnG/QfA6Zw6PBintgfpGdjTcxkUGOUfyQcT3BeaNyCdjW24/Hs6N3ZKfwAP2nPNBSxhczId9bhNIibrfCvOYVRPdIdJR8QvbEhO/9puF9MnX+GjYUUZP0yL8nmykZzhzDRlTmwwnFR8oURTngqVshnWaiSjpjXwBxCwMSQuU6MUstSV507rFZTtjFfhJ8DzLe0D6vCYmFuOrRhKQO/cC2feMmAo/GF8zELJButq3ktPeU6iLJUyLSrE7bZ3iCardfDB4YvEc6nFpd8rcnAd4xUFJiZ9HH/JfgfjyxLuxHoNxMdcOeoVmR4Ng2K4YlfZPd1WckO2DSbEiwn/glC+IuCiIJKOdNZxyD5KCppqwe53jZ03JwhFLKgChxfkaiUzykMTjCarfQrcbW2POBi5IljxHIif1/T1Gp7ZAeSIATjaqgvpUKRoRnAg2WBa/CaZ/cqlDYtZjha/NWAuvTWiio6IWAVWyXorGXkrG6d93XQ15M6wo/Y/lnFmvs9GCdzdBtKVNeQ8eERNq5OfSct7MZUTwMj7Da9S5+77QpgBURf1JwmwaC4Vgt/O3b8OrtvIsSpVRlylPra293L0u8xRHQ0LidRxI4jrLiECbm2k6iHdeameh7olaSvYxIO5Ln6h2ITG7xT9+efBinHqUBV1QLdW4sMiil4n5axjlJ5J6XaAVbkuvb8ODxVSApX7y1jTfG3eymCO0oYsYeAQbDUQI/1sWWqj2azf9fPqcCOluIl/Mt4Io9cNUkqsgujqDEpOsbTUEjRMqactoBbERmkcTKPhJxv+QRYfV5D5dM8lrUMReLl8jhMStwCR6pZvSpba3uB32uNhDYkRHNRbrsOLg8sVI48fDduH/9HpPFFBk1Sq,iv:tiOrqnqaXb0jd6e7nwCe714Q43iqm9hljyuOfsVsDEs=,tag:nvr2pu/r9O8GwHRqGX0M3g==,type:str]", "sops": { "age": [ { "recipient": "age1s0vssf9fey2l456hucppzx2x58xep279nsdcglvkqm30sr9ht37s8rvpza", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBiYUVBTlowQmtRcWxWNzRp\nU1ZFVTdmSmpzYWZTSnhDVXJ0TTRxbnBDOEYwCnhHazNBaDJkaHJ4VlczN1E0N3Y4\nV25GOE9uUmExL0J2ODVwVGRxRVBuNWMKLS0tIGxjU3lMOVdEQlJKWWxBME9CS1Vk\nQWVuWURFenBxSC9XS0VleGhsMHRoL2MKm6RRdlpMCvJbtlH8kxai1lUic7Hs6fMl\nK3JBXZeiJ1j9NDYxxT+BAnnJ+VY0HWj5B1F5IFav3sdLgxeytkW7ew==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1a0M5Q2s5MVJVRFhCWm15\nMU1YcVZjQXJpTWlmUGZVVFBZQlBZZmFmUEhjCjJuQjRqbkg2U3Y3SnZkNkk4Mk1X\nR3o2L0NveUZPMnVRaUFxSFNDS3BJdGcKLS0tIFBpOGwySjRJMzJZclZyVFlSS1I5\nSUgvTHUyRzk3UUY2VXRvZ3JpeVIzVkEK1PAAlj0Wygum8MnwO56V7vdVWrDc66Dl\nRJn1qoAC9NIzObkvwTrDqEnUPbZ5YMETPMc1gtQNi/eQyxkeWPbWoA==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzL1dzaXIzQ1ByR1lGb2Jj\nS3FqbGFvRUhCdmMvcklNVzBGT09YS3I5cDJnCkMrWEVjSjlxRGptM0wrSDhjT3oz\nUFpQWDl5NUx3SkRLZjFoeWhtUlRNWGMKLS0tIE9xZmZZQmxTUzZMTG9tM2ZvMTRk\nb2RnWVNQVVJkcjlBekQzaTU0TUxuV2MKxKEG40iYs7MMEMj0VEu+0YwanUtMLfgZ\nySCMlZ3efyufh09obcNMm4JSD+ZPZewTRZhZW82bB9f4uAvo1m8OTQ==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBsVFVnaFhqTnN2MFJMN0ZV\naUdSeEFNTGw0ZDhmU0hjUno5MTlJbHc0bTNRCnBjNFl2VGVZU2h5c242M3dBMUU4\nVmJLTDhrRkYwd1YzNGV5OHozS2FWYm8KLS0tIFdkMGdRa3J3L055MVU1VjBPM2Nt\nc1VYU0kvVkxxM1hiaEdrU0llK1BXS2MKhF5LHTiXzSYWRuaTUGWQ6Z3PSWq6NZ8D\nLvYpCkJohe/FPIRH/OInKV2J+C70vc0DTWGjpY5/+thrf94IG/CTZA==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age1g7atkxdlt4ymeh7v7aa2yzr2hq2qkvzrc4r49ugttm3n582ymv9qrmpk8d", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBrallvdi9sUVYvaDAweXg0\nTFZzWm1vWGpZR1psaG5TaEhJWTQrVkhkczJBCnh6RVdqVEdZam40MDkyM1luWnRY\ncW0vbkNqTC9oNWRaNUdBam5xQUkyME0KLS0tIEFTZ1dwTXRVS1dWYW9qSzcvV0wx\nMzJveTRoMUFRL3JHcTVLK1dRamY0MmMKNxiJ3pDoSXKLbn903EmaZpfZ7sIfBNYJ\n5mLJdWXtv9dNHOQnJMsJh8L099Liba2Bt9e4kaL57SjO8JGswZ+TkQ==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzSCtRMmhWZENRZ3EzeEVI\ndlpXM0Z1dHNKNnd1bmd3V0pYcDA0WkFmUDFvCitqQVBRblRUNXp3Z2Q5TndRa3ZP\nTGx3Szk0N3Q2d1E1ZkxPamkvNWJzTkEKLS0tIDVibVF5SmxYMUZPaGk5MXVzdkdi\ncnUrbTNGSnpnTmExZGVpSzdUbnk3K2MKrjuVZwGd5OqcwV1GiScoCiuNWJYcLqrS\nIIXy0t+0txtmzvinjMKmK2QKmpOVt2tqdRFbv/6KufbFRScnsCkh2Q==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age1ly2endyt0y9xyddj6yuj4nw6fa3ltvzlvew4cr4lzs6dv8dkavpqadmyxx", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRam5HRElCdEJMSjl6MlN1\nVFRZRjRCZVI0aG9sdkprN1dJU0kxTzVPRlZFCmVkai9PemZMNUoxMmhUQ3VDZkpX\neUhMVDJRVlgvRUZXMVB6K21qb0I5ZEEKLS0tIC9IZ0Z0MGhGMkpxMUJsMTdHbG5Z\nZWNCWUtHcGVCa1h3enBTNFdXbmVtcnMKXasZ8w4XZgCWSQjNiZ5NbyVpwsv8zXNZ\nruw9WpCkqen23AOr7cVYfz/y9pIaFTzzWIbXbqZF2WeYJmHAOXHpgA==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBoWXRROWhvQW1IcjZSTTQ2\nSE02UnZxaUVPQlpTR2tiZ29LN0hseTdhTmk4CjdTQS9zU0RWUGc4Rks1Umh3OU9h\nd0EzSmVJUTVzOXpzKzZTalp5MUVVMnMKLS0tIGFIcUFjRHMvNFV2YkNrNzFCV3dx\nZ1pXVy91OUZQR0VvRHJ3UTdqSUJmcWsKRkrCHSDtZyW9UBDQXdcPYCBWPp0E27wL\nCfF04uJIHhR+Ets5q/hOjE7gL0+PN6Tne7LRSeiJ//3KgD2iWoZCew==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age15klj4t7gpfp69472mne4ue62pp6m4e04dmjyw7yf30qtqd3vl3uqjmcyxm", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwaklESVdJTE8yUzVjeHEr\nY3pCWUU4OG13NXZFdTh1cUIvQUI5SVdIam1VCllDSDRRdDltM09Id24rNGsxL08w\na2ZRQnNUdTQzR2xKMWVZbmNaMXJ5OXcKLS0tIHVYYUhHNUlvVUdwZlo5bXB1Wkgx\nZ2Q5TDhjZVJKb2NoaWJGVHlEYndFdTAKDJ48QyJPbTbDtdu4rn6sBU1gJOCy0Dpq\nILCEWbJchEnp2LqnVuzuPCPbuB5XqO4WbXzdmCZAxUFwzi6cGj6p0w==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTYW1WS1ZRZXpyME4vZ1Bx\nbkFSUlprTXB2clhjL2JoNGxvZnhzSk01dkRvCisrS3dheTZDeTZkNUVUWlcrclpr\nZ2ppMlVmamY4THQrZXhPR0lyL1B3NFEKLS0tIDFPK3FzYXVzTWY1L1JUNXV5WXU3\nczR0NWsrNlJCSDlZemprTk9MNEN2cGsKQBhwtfVoBY3V49qpBWnLa2Fp43xOKHCg\nvJ7oJIPovvDqz6dsCrANknIHAM1U5GVJZ+e7dgJ5WpVugCjC6tVpPg==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age1k73gy5em3js9zklnnkzp5hme9k04lny32fgahmzddknjw5c295asdyr4x6", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOUkRTaUxLb1VVRldjNFdy\nMG5TYjdWTVdvQTk3aEJhRHRRWWdQVGF5SENvCnlXaWxlY3JFTDVrd3c5ejg0VVhn\nZ09adnBKaW5DWkVKZWYxcDFianhyOEUKLS0tIEFFS2cxWVIvWHZhNC9lVkcxa1kx\naUdpc01lQ1FJNTFBVS9iR2xpaDJVT2MKvovzuejM2JdMY7QG38yT4HWqVjNhSITf\nfw6Ht/NFIJRjJS6QcM/AGGsdHHMGQUNrf/e6ivQlokAnAKqaM5JLDA==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzWDRlTlMvc2hoYU11dk51\naUlIT1Q3SGxCbHcya0tBdXdwODNyWGxXSkN3CkJvV1hsZG14SEQ2VllsUVNrVTJ5\nUFY0NmIxVVZDcFVZOXB6RFdVQ0VsZUkKLS0tIDNDRVVqN0ZzeDdYUys5ZHlEczhH\nS1hwNDFyNTd5SlBUS3kxRFJ0cnprUVkKpcCEmwN19TLtlqrjb+trl/mD/5JFMZqv\nubQZSsQ8eUoZ7GwfKwKECPrbu709vKeVELC8SS22Br3T/Ba+Rd09AQ==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age1cmzh82q8k59yzceuuy2epmqu22g7m84gqvq056mhgehwpmvjadfsc3glc8", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBIOXB6ZVRVY0NaVFdGRXVQ\nVUxTai9KVmhZZ2pSV3lSUW5VSDYwRitnRkVFClR5VUpzdTd4dlJWSlU4ZVVkOW5a\nY1Bncm1Hck80Q2V4ZWpNQ1U1dmdtcGMKLS0tIDFzeFZNTFpzWFZoclJCc3JBQWJB\nSU1HV21ObFBPbFd2aDNrQmRZcjhMMzQKrE/bHN5xtZSs8iSHn/xb79ywc4HuJq7K\nWOijTqpMgvWlFvRvWGJGYk6p2WrByhvh5HlLBGMgXLKiMp8AT6TfkQ==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzWTRYTTJQamZJMUhiczRo\neTVNbDA2dVJzRk9jUVpNUStpK05WNFlDbkdzCkZsbTBOQkg4UGVqSTBkQjRTSGNq\nUTVyQ1ZzZ0xORFBSd0tncXdPQWgwSm8KLS0tIG83cmJRMVlNRkROL3JtS1p1L3Jl\nUHZrYXdlV3A3ZW81b01NSjMydSs4VmsKm6O4RqLB1aHGY5oDJamQbKkpPmUjuXCM\n7bi+ZHOLGRcIVX21man6UcPV0+dp32dpo6C8E/AXSAsktYTk+FSX8Q==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age1wmx8y2hs83j2u5srdnfxljrzxm8jtxl6fr0mq7xf2ldxyglpzf2qq89rpx", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBERzczMTBUZ2xJWmtHVTR2\nSE10NjZoV1dhanlaNHoyV0xyQStKM0J0SlNVCi9PV2M5clJEeGhnZUMwb0lYaVZy\nSEF3amRWZjFQSkxwalhTdkJYcnJpbTAKLS0tIHBTL2g4TnZ4ZFJla0NyWk5LMW1T\nOERubUtKT2dwdytMQUNxZml1SnF3MDgK16wBkfHd1fg7dVt5t8VJ4LH2cs9RKLBE\n7QcZuD/AlI1fintvfeR/0EFAXZz7/CuO+BxCNcvdSJT17YlsMKFmRQ==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKVHFscWpTR3ZxUTVEL1Ex\nUlNOb1NKVFlLTW1rRHZCTWt6ZjR6MzBod3l3ClRSRFpKYnhHYUg4TGkwS2tCZlFG\nL1JXVUdSVktvWFZCVXRpTjRZZzBrZEUKLS0tIG5WangvNEpWSUZWUlh4ZmJKWFNT\nRVYrNzFzZFkrWXZ4RHBkL3FoN243Vk0KElGdVOmAGOeiRorwp5VmhFjnnSy5IGGU\ns7ycNajQjYz6uDjHaArXnB8UC+9CowPtixVL/tQF/ednJPlkBX9d/Q==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age1mjgw3nxlnqdj04mgjz3wn7fj2nl2nxla4p2r2fn4nkvayfgp09pqllxzyh", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSbEV4c3pYZE5KR2tubDJE\nZEJKc00vR1dqOEVzcE5sbTRVY3MzQ2s5ZjFVCkRpekdjTVA0aTJlMlltN3RRTDZZ\nSXdjNHNZdDBYdmFWNGl6UE9mZjczYXMKLS0tIDBUcHdNaUxtbEVYMVdTUVZJUDk3\nb2dmaC9DdDNPcmorNjkyRkhUTHM1OVkKsF50Yg3NCSMqMRYzjJZilvNYlmoba5J7\nCfRB7zY99u5M/QS32XuzgBhbV/vUoXjj3aVwc2XWfdZecXUpSySfTg==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1WHQ0WWw0YnU2SGZjaE9i\nMEZLVmh1Z2VXc1loKzF4amtjbS9qUUR5M3dZCjdrOURUblBGTmJUc3V2cTlrck5I\ncWxycDhUS01Zck9CU0RKbllEdG0yYkkKLS0tIExNbDZxRzh2VzJUbGQ3RERuUzJX\nSWxrNEVZUlB6RElYVDRBaHBraldic2cKCQ9YkDE3fh9ev87ZfQLC+IRwtvlSuJRf\nakG+vvcv+2eMf6XIeEVFsfbFxVEV6M3pZAdW0RlxCLK28qcoiM09bA==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age16vzhcvz8tyxj8e0f47fy0z4p3dsg0ak4vl52ut3l07a0tz465cxslmhevl", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwQ1RzYUYvYU1jeXk4Y3kz\nODFFL2s5TlNUbDlYc1VuZkRJbzI2c3lpbDNJCk5CSlJJOTBJczBuQllJRzZKUy9t\nL0FNeWJtWlU4bTNlVDBZVFF4Nm1Qb3cKLS0tIHpkUmxjZjhsOThGZElQcEZKOTJv\nWVJaVE5wSmZOZWlrTU81VG9qVFhQVVEK5yfB8Cu2/xg0RQiVezFgE3hRF9Bq7c4M\nWstt2Ls5hKCyOaC2icEBA/vHfJSer/aa7x4NP9gzECGwYfLk1fB0jg==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0S1BaVjBCSzZUb04yT3Ux\nL1dpekFMUzQxZkl4U1NIQXNVU2F2VlpWWERvClJNTGdNTDNvam9CMlVRNFA1UGEy\naHhTMVRXS1VmVWp3T1dBRCtHSkFCNTAKLS0tIEdyUTB5RFB5MzhnQ01UaGRPWnlM\nS1ExWGptMEVnRDQxQkdzeTFqbENhL1UKNU+4JPYaqjVsuRhJ00lP9E7HtRMNEGHL\n61tz2VNJBSKBZI+UrlqttiFFeBwvMl+Qyyh1+a3wCOJOeaFaE7BkKA==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age15cx90pnp54xp5gxlt02yn9j2pz968wp3l5ukdkx55xuecp34e5pszjku4m", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBpazZ6R0l6bkdLOUk5aERm\nR3dSWmVYN2p3Nzk1RVlwdE5NUEE1L2Q0Z3dFCk5SYnBWTWtuVDRxTy9yUy92bXl6\nSW9ybis5WTdkYmxMRXNKVlJHa3NIck0KLS0tIDhsNkptcXQrSEtTWVhUKzJTVldz\nS0srTHVrdno5RWdNOTFST2doQ2xpVjAKCwztOXU+Ub3RVsL/0g2U6POAm/NgalDe\nIMNqp5COYSDWVb1WafhT1S2OAZwL+JuCUDfusUzZ9XbVMA5GH3s2Ew==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAyZS8xRnFPR3dkNmd6dCsz\ndmtpL3JlYlNoVFdMcElLMTRpZXBFUmtETUdnCm1LakJhYSszYnBDQUdxSlV6elBi\ndU15MkE1TXBSSXFTQlZtY3YvTUJoMGcKLS0tIFg0WDI3ZVJ1WnM4V04xSFY1cnBu\neXVYNTYwZndQb0cwc1V6WDI1N251L0UKp2tjkiGcsshyO4jZVUSm7eN2ddqQ+JhT\nWi0DbUAKPzHQ6UOARSeNkDJNz7hDy6Lbf6IZH3s4jRbOv0yYMy5JEg==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age18quey88vge7xytclg2nuq4ncme86dg04lxwczqxczmdchnjg3p0saehsnh", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwNmNmd0h2dHc0cGt0YWdv\nTS9xUTc3T3VwSFU3ejRYRXUxZ1BQOVJCU1FjCkdBWnpxSHptaTY0ek9aNWprMEdk\na3NiQ3dIL016c2ozYlE3L0VSeEVmRmcKLS0tIGVTazdoQnIycUt4aG1NVE1KQzN6\nMXRoYkNJY0JRNk5kQTRtdTB2Ri9xSTgKEZcODK+OkPFCgckHHLhvFdFM2U20mjvg\nmTgvTxQbBRGaBFBAWhpdJDssBMwztAEcJVv37uH0X9czZMcuhEBHBQ==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKaDQzVHUxdjlwM01tbEhs\nLy9wWHh5aFB3RGpWNVRGQ2tscGlkMlo0U3gwCnB2SnNBWUpqL1I4blV1WHpCOXZs\nOEp3WnVZK1VUT3NPbjE3NHVBcFdTS0UKLS0tIEMxM3paUjJiSHJsNWo5YklvNHJV\nNjNwbHhxT0gxOUE3SkR4T1I1bnZpQTgKEYyGn2v7E5atNZdsH4EkuzU0lpW7O42R\nGiwTnlqjkAY8qkjIQIPLatv7wJqApCSVO8m176DmDn+NlOT88vgNGQ==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age1ax5hqk6e2ekgfx5u7pl8ayc3vvhrehyvtvf07llaxhs5azpnny0qpltrns", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBteUcvc3Qra1drdyt4dmhI\nanV3QnQ1UU9uVXBCeTZ4RjN1ZmFXZWlHRkFZCjdXME1tOUEyZit5RWhzL3F4ZUVP\nb3VqcGp2NXVGR3Y1a0ZGQThjNVdha2cKLS0tIGNIL2Y4TWZ6Y2dJUmhMSjRReWpQ\nRW5UelB5QWJjWmRiTFlGK1RpcHBhSTQKLeEZxeRDLctJnf1XFgAMh9RVuMNSOI6C\nveMoBrB8IywPvXa3XhBNGckzTKmnAK678UwwDkZK8eMYYUu+Z73eqg==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwT0tKWU83RS94RnVKMGR3\nVWVNR2VSZUNFT0ZTbnN3ZGk2VnlXWWsrQ2hFCkw5Y0NjS0JSWEpvZi90dENFVHZk\nNXg0d3FpVkMwNjI2ZFBPQTF6VWtuWWsKLS0tIFpIUkxkb0V1OVpMNmYzQU9QTVVj\nYzRBWUhsdXRDQUFFZzMwaW5kR3lqSkkKAK0U/m5wnEtkmK1ObSK9x6QDygdgnL2g\nJfEX7uD7QGggZKe88Sxa+Yq4gmliV2hEHSYUSGXlQpvpzRUz/Cm+4g==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age1c2enwel9un28dcs4wg0vcyamx9a4a6g3walkhu8w5lqhmd804paq9d24as", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzT0gxVUhoOXZWb3JOalFZ\nVmlVbEttdDBUTS95akNieS9oNEFRRGxvN1hBCnJka09RdFZubnVncytaWEFPaElH\ncG5sMkt1NW93bmJJdkgrQjdYUlk3QUUKLS0tIHh5U1hLQjh2OVlGcTR2VnAyQlhY\nWTA1dVg5R0tZYjdBajdPK0lCcmZUbDgKq7Ald0LkaSvELNBWmsVFwr7P9ItxI0gG\nG9MgnuskEOEMdva2fYL5Tb1/sDRoNK/Fp88g1e2sSP2xT7y95F4xYQ==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBIai83K3dEOTBnVlI1d1Bz\nWmRqS0svQzlDeVo1d2Z6a2Rqa0hZa1B3ZVNrCmlRekdTTlZEaHZkSXFZU3lDUzFQ\nNWVCUGhBblI3UFNhdjFZQzF5SzFXQ0kKLS0tIG9mVVoyQk4wU1E1SDZkdzg4R0ow\nVlhVVGVZMzJrL2hWWmVIcVVqREEvcEkKHsJLeSSj0H/EVrNmSSMXtIgn/WeLkZxH\n2Jnjq3FmnQl9vqj3ym9RLsCh+wQs0dikvyDC5pGd4441L3TogNNesA==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age1nanlervuderw4qskcuessycqy2yfmptl6nym9scgp9ky2265ssmq3u73r0", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2M21kK1JsdkxoQzVoQ29o\naTAxZ2JHK2w1eWdkL1drMWNZaTVJQ1VmSVJRCkFpQittSmpkcEwrUlVFbTVzVkVo\nR3F0TjBpSTUrTG5lZ2hNeHNQMlY0QzgKLS0tIFM0VVFNV2tmL3VvVTg3RWg1SWxx\naWprdUdzYkVzWm1lNjlsMHJDQkR1aW8KeBRFmDoEvhyETnEVTyGzPv4sfZSjhO3M\nOgdJmjtLy/nV2hE7ZuvT9VR7h4kvJuy6/GzJrLPjEVu9BSrfNyKrKg==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhMFJ1eVlHVVA5R1FUVE0w\ndnYvbmJXUkwyYnFKSmg3YzlxTU04TnJkeEZVCktnN1Z0QTdRU2xXV2ZWRlJyT2VE\nMzdQbEJtLzBXQkdGazFLN1kyYTUrbDQKLS0tIHNESDU5Qlo0UEY3UTA5MUJLaDR1\nWlNUa2doOEhPaTlWa3Y2Nkc4NVdST3cKnITTFoVOnTea2embpVqpcNy3kaaBub9x\nJ12GxBPDJbt0QK6fECGijVnxRmm3WxgBBHRU2e6DPeeCwBd6HFYmKQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1kyue7mfvzuxprjz2g6ulz2mxlr57rgzg6lfpnrqedkelehley5ls3enwsd", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBrVWpqS1YxNUZRR3lKdkVS\nSVY4YXVCME94YWtGdVdZdkhEV0U5SlFYWEJnClRXRyt6bkM1eGRvQyt3djZsWVND\nQnZOYXFFWXBWaTRSRFV0N2pYbE81U1EKLS0tIHhmdmRDcnFWejJ1SFMzV3Qrcjds\nS2ExN0wzUDR5b09adlF4U0FrRGJjMGMK2v+cnv094mSTMx/53+iGTwOlrM0IHeBB\nMVgF812atIlRjNuSGcJxqvvh0G5W2jJ4SUbMUqbW9oFga++Kw0PpXQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1qpgj3ell93rzkpjq0ezs6t669ds3nyxx67pj50smx597pspz6fqs4jc6pt", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPQWplZ0w2dDVOU3VPL2Zz\nenBNbVk2am50OTFFRUxyb29HU1Btd1plZEdRCnRtWkpRWFRKdTZLS2ZyM2hueFJ5\nMXk4TTU3cysvdVY4SGIrYXhDZ3lLU2MKLS0tIHd5cXhoS0JIN3VQeVExMU5IcUV2\nZVJaR0tnczlTa1RLdmRpWjJVYVFMa1UKM+mv8R33XbYw9FZUN2OAvNmYvXOoo7Eo\n+8L+TgOXVjRzFzx6alYzEJiIj/lHYnddFpHid4Vce08eoa+YbUuP1A==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1f63r2klnpfxmntswz5xydpa75ckgjqcs2yzkm0msqwqgz9aqgu0qwzr659", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwRkg0bkFERjFZbHI5S0sx\nOFFzUkg5TjJzaWF6bEYwb3VEcEhoVGxqKzNvClNuMGNPbmtTUnN6ZlFJTi9zVHdI\nTHpEdFZBMVNpZGljUXJVbTFmR09VSk0KLS0tIHFtdnYvNXN1VFZKV05aVnF6MWxD\nZzNXSEhxcVNSeS9iUmZBWFE2bEZaREEKy7hWJqchRVVOBxWPEf5u5d8VBk84aGWy\nZ83mfKO31LKXmoL67DqRgjHyBzUXvLXTm6721Wjc5UxcEI1+1CkDZQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age17328xwk0z3znalpmma5rvp0lt5ghn5p8xfvnrtdxwsw80dqysacqj9j37q", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRcFFlKzdVVE91UFFvbXVp\nWUk1UHRXRFJ5aCtiOGxZTmVPeGJBcDBaTkRRCm1Gc0RrWjVtWEYyR1ZJZVdrMmEz\nMkt0TlBUcFRMWEQvdW5JTnR3NFplVHMKLS0tIFFYOU1sQVVUZmQ1WHdJMnNkNWFH\nNXg1RGlrVjFOUGUxZFRDNDVFUi9ETVUK3T7u3yv+sNq7pEVkdA5T9+hJWEC/IgJs\nox4l052bEL4+JqR5pI1g2Iq0bQwwXaG+RXkBoYwkyjzOxv7r4tJJAw==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1qdzkn6v3xhrfjwe8jxz3945dhyyhevwal0narjtr8whf9y7nh3wsn524u5", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2ZGdLSmh6UElkekptaHhS\nSHBSdlo3WnhrVVN1RGd5Zzh2TGZ4Y25SMzFZCmlhdlBjRy9UVlRTdEU4OWFkdkNl\nMHFIaVJmdndxT2VOV3kzRml4Qm1ZUWMKLS0tIHp3YXJmV2RXU2hqVzd5alFMQkJB\nK3FXK1M2aHBsRnplUk4xOXhEZEhzN2sKmeDUqtwBvRFY8gnan45ytZ3V4Quhf7xm\nLW0nN0+InGfMGSohwqNb7+T8j45k5Bvl6QRkVt3ZfeUvM4PgoVTgjw==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1etgfym5m8hn3hxs6cgg757zcv5zg5n22wq38fuq59n7qk7nef5uqyg6vvs", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBIZTFDa0lkVmRhY3VlYXJK\nY01JVlc5SEhlLzFYNitURzRScEs3RC9WZ3dzClFTdlRKY2dmM2lRWWJoaEVyN0p4\nYWRYVTh2akhFK1BCUldQWTFXZG5SZEEKLS0tIHBoLy9WVHkzRXFnZ05pZ0FsRk9N\nMmJJbk1Da255N3JkYlNnR2tiUzUrS28Kz6peXUjr/9GMDVSaQviN3JBINztJPDDH\n69eB0BPYVb1GhyjF19/8c0NocRkxqVfQ2myu7qhJOckxr+D40ToUdQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age17mugmkdw0y768a3huuf37r45eff9apyknxvwk3agg6xzsjmqp96q57tcty", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQYVVrckEyOUV2aFpNNWkx\nSGg3bWU1ZklQR2orZkJnczRJamdoa1NydWhVCkNBVzNGNHVnNzQ2QitoN1J3MDZp\nMlhwK0ZBRmJwN1lsclpjaW5rTmRHWTgKLS0tIENITnpLUFc3RTBZeFpvelRGaVg2\nbjBWWWxTM1hla1E2WHlzelg3a1dDU2cKlpAi5vL5vtuS00zuGrMV0FdBJmJO4qZg\nZL16TXRLjxnP0zz0NpPs7yjocaeYPJrlxECXyPSfLk/OpwfOonnFOg==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age16gf76uustmyyksm3t56zcq9g6j8avy0wrngh8laknfq733s5welqedeg4x", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBydEtTWVc1YXZBNVhiU3Ra\nSk9nWlppNjRWdUxVYVdTcllkVmJycGxLMFVzCnFLbmV0ajVSWWNTYnEzdWdFUHcx\nOWRTQUE1Wmh0ZkNVcWc5S2h5Sy9RSWMKLS0tIENJMCtDYWVIZlBlRkVOZHFzRW92\nL2ZmWVFYam1PQU9ERlNTMDVBRkF6OTAKygzI+Tn4HAXyGFUznIgq1YT23EzqTQLq\nWi2Z7yMX/EAKfv+TZgXBQdy2cPC1zrHKrCgR3BE91F8aYgJbMkOaEw==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fnvlmhzju0yq908xtgags0sy85q3tacl2sc3w3vdd3yfp27xv5aq06v948", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBS1MwOExpN3ZnRWxCeDBi\nUm1yWG9paDBITCtjWUM0UnNiL1FVSGZtZVNZCjhkU2R1VDYzN2NYQ0ZTWlJrTENF\ndm5QRDMrTHFCUDQ0d0ZaTTJ6SXZQYXMKLS0tIHZXTUd3RW5FM0JDT3JMb1NWdG0v\nOHFTVkNhb2pnZ0NFbzhjcGFsVDNXNUkKao9jDid/C+UlytDCMRo5Znc62H4pclPX\nY6GaBkfWdOSvzlA1CulH8AGF7aHAsTux0miPKSEY/azLS2SZ+kLSYg==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1s5gcxtatd9frwctzwg54fqycsx2sa73ll36k7qrpm9wwyknkldtst90gn4", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBqSkJ0eDRxMXVLcksxc09a\nZVdtTjVVdExneEtxdVVudnpBWHlFNTFZR1FZCm1wUlpYMSthcW5DSGZhL0JGeVdj\nYkZqNDNoVGJ1cUlVUUExS1Vub2diT0EKLS0tIFJNcVdDV3ltZDdDVVlLUE1MaEpE\ndk9pNnVTbk9HRzE2V1BnaWpJSmJObDAKoKseaCkuSZkqAZGRWPefBiacj8sXpLqZ\nwCV995fvEOot8t5ratamMXYBK+QX6J+5HOUGPBrAbyJVs0aobeB/cg==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1d89878cvt7wsa07ydwtexspku5gppwstrpnpph4ufx5pcd4fadyqgf6lvl", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTNmVoVkdMTVAxQUNua2JQ\nU1k2ejErNHdDRWtqTlRwRXdWYkRITDV0Q1hBClVHVHhoeTdONk40bFc5UXJ0c25v\nS21UUEQxOStSMndKbGhLOGpHMHdPR0UKLS0tIG9zZGdVWTBSVm1zQ3Z3NmFoNVNH\nbDcvTGs5YzFHUmpmelA5SDZNYlN6OG8Kt8A5B0pWYNh6bRPPuvHEFGWG0LBktdkp\nfhIbMeH7trojP8LqS19newUUJVj/F9L1IoDMnr45sA1Z3IB8IGZKuQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1ayupuxlrkepyvjk7xwgrd0pvcj3tfcha688mcuc8ees2hg3g2ersd0q3nc", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBUVnNHUXp4QVF4T21uS1Qr\naXY4Skt4ZDQ2Qkk1d0tIRzAwM2pob2FvWWdJCjRMMk9iVE9Hb3VwbjRMcVk5Q0JO\nbzdWOG5XWWhVeFhtRjlhTG1kbDlPRXcKLS0tIDhWUGNVVUJlUmIrcUhVZXg5Y2ky\nTXhVQnl6MGJZUzljRm9lZzJ6azBLY0kKxmcOFP21jUwvmKxIWpyB7MbGw6xedWpQ\nmgV4vgjomfe6yhy1WHO1//FbUMnKYcX/AII5Lh9CehouzQJKU/J3EQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1cq7wxnugpfvjk6dgqpfmc8vemzhkg75drkgeaqjd9fuylz5qh40slazr4u", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRd2RrWFJ6bit2c1dQd3Vp\nRmNFQ3hXZGhCa2JrVElVTTc0WFJJaE1VYnc0CmpJMnBXQmtFYmdzVW4xVXVOSDdZ\nNGp6NzB2SFRYeTFkREl5Ny9WM3Jwb00KLS0tIDh4WjJEZStETXREOGZzTTE1M2R4\nTWNQSm5ORnRMVURjbmo3Nk01Q1poRGcK1Emwn4YeV34ornVmXjsUJ+skC0FmE5jL\n3jIUBaYkdlC59gEmHECvIeiBSZ7rcKWSxw4lwXaB4wfRTTGuEMvA8A==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1vn6ya0japzpgc256jg57fldsqe4udmq50sj5hmkywn7rxfnskevsx2q96u", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBVklpZmlnYUlYS1laRXBp\nMkdWR0xRdWUxZXhKOW1TSGduUEs1d0p6emdJCkQ5bmt4aGl3cVBMQnB1NlR0Ylht\nV1diaEExdkJPV2FWZ3NwMEFTYTJNeVkKLS0tIEV5QlRpSGs4UDBWR0JDSlNBMTdt\nMnhxTzQ0eDNNQTc2UHkxSWd3Mkd5ekkKJWAEZPi/zH1loPekzmMKbQC1EyrcYLRI\nc+gqjgQXunf1gJf50D9pADxawNGQVKLl4G086B3MJJ0qRLJbsYWQrQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1t7zagjfddns4yltupk7nx8xps4gh7mupyz85uuys0wd22cxj5qsq2hw0p7", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDN1V4K29zN3hTdXo2OTBa\nSE03TGRlRlBTNU1SYjRzZVdIVDR4SngvUjF3CmdBRjdkMVV0em52Y1lIaS84N2l0\nUjdtOVVXcEtXTzJWdUNpdGZ3VzhKeTQKLS0tIHVLZU9xcnNGWHpTVE4xMkhDc3Rk\nSitOeEo1N2Rpc2lVZVRaZGtqcUJBTnMKtIMp5jEq3x66/EirMkXTmN/hmfFsRy0+\nXw8UE13H4N3jFxQxYsSNIUU3kptjOmU1/i+5Fzti9pbXSLLc+lICIg==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1rn0pxluh7m8dyeshek06d7scejqlrcewlk8xmyrwt5e5nev2dc2s3s78vq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBIVC8xS3BqWi9icUczMm40\nLzVlaEM4N2tKRjJHNUpld3dSTnMxQmtocGt3CkFDYVpXUTJYd2hCRDB2KzVydWpi\nUlZqK0RSQzdHajJvRG8vaVlwK0dXcm8KLS0tIEd5N2l6QzRXM003blE2RHc2ZzZy\nN2x6YkxnQ1ZPWnpybkRQbWQ3bXFwL1kKsb9bwShqBiEQVwc3jOYAA3+Vf/fP9H/q\nX0qziuuvqnb5AdQiEDjs0VwVJwQ1etj0pQFIJlhaCXM622Q4UJUpig==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age12jh5836w3cmazec8ql652p9h3a3xn6quztztzqxg4n0kz7r96dnqqlhxxw", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBuelcxM0szMldOOFBBOTFG\nWEE2aDRqcFNTS0FTVTNLM1lDOVBYeUVrMnprCnZJcmFBVUVvbnRxcU9FSDhYUk1J\nZkZ2YmRjeDcxdTYzWUhiNDlBY1czMEEKLS0tIFcvMmt2dFlJa0dYM2Qrd3V0Nktq\nVUFMYW0zT3JMdi9GUGF2SHNBc1orbGMKkn4E51oFrcnoaJaWDe02z0Dvv9axKgb7\nX12CXCSHZBRg0zibAGnPAAERmMf7HZVVbPz2TUpB1Zl/07z9qJWrPg==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1gxg2peektn8x36kk3nsgmeawl73e54kaadqd649ygwrv43kkvejq2cw64z", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPdW5nK2VRTmYreDJ2aGs4\nekFZRERjZVkxem5RaTBVWlZ3RUJPWW83c3dBCmszTHN4SjRaa3B4ZmxRMmJZMmFt\nZkppYTUyQUNZYzh5U1ExdWZwMEdhNTgKLS0tIENiaGY3VFdQa2Nkdy9XOXFFYUdm\nbUwvZTVKeEQySll4SmVsQitoVlhUb3cKEK08DZLhCoByyCAhByY+lSMhjisCvw1u\ng2j2JeSXBe6ZZBWPBUsj3ueBgAqbgCW4LEJLZoCWx1M9mBVZu1eIaw==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1kn34ny229gm0rg7wlcvxmcyjtz4gka6f2vd958fde6vmuzrxcvcsufra90", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBZeVhXS0hCTUJvYnp1YjBO\na1lEam0vczFjRC9DZEErRHMybVhXY2dSUjBRCjdvd3ErVHdhVDdBcUluYjRwRTZx\nblhVaXNlZmU1UUl2QWx0VGQ3dGhYbkkKLS0tIE5zKzdYV05HckpvTm9jMU9TaWps\nRkFhSU91VitqRENMR00zRDA5cHhNRVUKqP5hLXQZaDOd8QHQVrJWeHjWqAbspUSw\nkVkw2wSNALCF7mHdldhBr8GRKwGAknGjvXyEkdsVS0kpgFVBHpOcWA==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1y69f2elvmq39lc3t3ucq9y7wt675520n7rvug88qg368qsmmk47qvwrtny", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmZHkzbHVZcmpwdzZHMVkv\nRXJZeXRTNmhUOTZHTGxlVDBqMkg5Z0pPNHlVCmI0TnFobDZuSGx0cDUxQ08yd0tj\na0h0cU13aFZNcFh4VE1xZ3FtcWZSN0kKLS0tIEhwbmdkaDZpSGo2WjdIRU41d3Ra\nczJhWFFyOVF0dG9FenVFcFhIUnVFSmcKjUsUDUe7bSM6k0Sw2Ygh8Ivk6UC1PTFh\nRvLsDcxOS4QK8OiJPZLCFH6iHsVuzvHHcpra4Q5ZD0EVeXXZkjPXzg==\n-----END AGE ENCRYPTED FILE-----\n" } ], - "lastmodified": "2026-01-10T12:50:53Z", - "mac": "ENC[AES256_GCM,data:/WKrvjiwGbsl1DDzDqZekZFRCVB6u6xyZ4x2P/ZEmQXxRzvXMr85DYeO2xjt+kyPGq5TFsQYgeot1z/WSMbM8xHw8vxNRuP1cocrxxHIw1VEA9yBsA0Oy2+hs89aKsrrT6K6xl4PQAgHCZJh777z3QOpqReSiKnIXg8EZU5jEgk=,iv:oLCxZ9GEFFfaU3C/NqvXZrZtQk5uI4AtGZdSO0SK6K8=,tag:t5XF4iNqC+g7o2FAsffaXg==,type:str]", + "lastmodified": "2026-01-19T13:22:10Z", + "mac": "ENC[AES256_GCM,data:bA+aPggCsNoTx0MCD/bRRbWbchyUL3wcpKF64j2sbtL0ID44IcN8hKO7739Lg1omoxk31id1j3/PsFlFArbLF8tR7yxYpb4nSjgrOYPvhvO6kXGoS74iKndTu5BpNzufrOJIJlXCrKs43m0iFy7KPpM2jTm9tSTWMsloA5xyfb0=,iv:XCPlxgunWqb8bcYbeFmGFtJSlYugqYH7CSB/83hVmgg=,tag:YUKItD5hFQk/lJUdFP9nCg==,type:str]", "pgp": [ { - "created_at": "2026-01-10T00:52:55Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhQIMAwDh3VI7VctTARAA1bnIjTp/jX+Oo1OuConNkZ1gKsWccPJtum+V0IjF06mT\npy88pa73BXeNiVqhwZtYDF9aSn7HtZh6OWN1a8UIqDenBODxak85CvfNZq/7eXqW\nytY74rYeA+yv5tglZuj/JCbK1SlZPPVB4yirL2xADYwsupFhqKChnFS9sV3tLyh0\n7/egP+86ZFt7ejP4D2Ts4/Sbz95jUtKptUQ2hm9dJAK8wMQzHdvWRkd6PR1eUaMi\nhWVUDYPNh0yaBbLDBsODBmbTQkNqF/Accbdg5cqy4l+DLDwR8iBQXy+JMH8+Yb9s\nDMGn4l7N+vrOz979ESbaKmGpHSggs7+mii82Zq6uPkQ1NEvgQB9RRsR+Dfcr2cxH\na3Cg/O/RKx0RPNGJZ67g8ehj9RTyU/uQpEAhyqoPaZqLGO8z3BViRKaFmZ8h6MKo\nT+fFy9HadekBg+zNrvzPtMCLofwksDoCFksd0E4dN6zYSD2WWKNzVqfJpIfwbn00\nQ0NoTTj0kjlt7+qwE6PtKYXBx3kRoYjR4vCXR5l0jDAn8cDshIsnW7q/vEA7Hwhx\nnzgXbsw0c0h6n3u8IvRGKM3IBJTz7XqXKsWjrdZMUVaaXXdekLhp3uzZ6rs2CqlV\nIc3M0dz0cHl9gaRG33f6uUGZxiWoWwbgKqkiJM9effKIC/2jxLkYtps1AGn9C2aF\nAgwDC9FRLmchgYQBD/9eYySQ2qrPvOheTo+kgYgm4Oz4wlutBliHAzcQby4WLHLs\nAacd0VuEBtfuinKMkJZnwK0O+HjPM9BRiFFR+F48ONL/mBrGcI+bHD4iOjnoz11g\nWEyFypXTpOGGJgwLAmK3GYvophaA7a7zBtqbVZ8XE5X2G1uKW3vq1F1rEUNE4yuo\nB8oriPCxqpsTbfUvXuDYS6klBHIqZj/uWUGe/Tc6rtLWg4efjp3XHrhsz7xw4ycn\nOYYZFCb0RR9wM87nChaXiFwea8givy/2+4EIlcFR7ks8Sjl6pYe3Jtwmmo4dSppf\nXb2gVScK6z2Zq4WurUKiiZoCznk4cmpC3WIPDF0q81hOCrw279DqGf/OXpycMcai\n5EtFlZszvfX83ELSlryPKlGMqFtgC5qB3pn0Ncu2i162rp/RsMwuShQyP7mQ5mgi\nG8xU+jaOvkKKCKAv6vUS2KbK9rPADH9jTbDhHItBx5+NZO+dCADOx1qRsS1JzHpu\nfoWJ0ieFsInfmTcmsHgE1C6qhIzuH07CqdAg3DD7yW+vwsobHraY+D/y6g6pOSZP\nlEe29hNlumq9kREa0u4YXyAn90VI1QwuJaawOqZ1KWGreVGIv66kbqfoBJYRnHkU\nDlOcj2/ce4fyuuwGn5G9VI4wOfAeb6jx7vniYTYwuyvRZkGR14mE4WUvgNZ1HdJe\nARhtkqMnaA0qYtWPyTXmkW6x/vPrTqUU7+5MWIrzSKdS6TAMPT1Wen4VSKKnvgbA\nkD5U8ioRwaxmGXWVnQao1YiU72JeOZyOpXLzO17n3m6T5eNSR5+32Sb9RXGdmw==\n=OEsm\n-----END PGP MESSAGE-----", + "created_at": "2026-01-12T22:05:06Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhQIMAwDh3VI7VctTARAApQrc42jadgrKucyfqGHpBvLIWqqZf4jQpIVVVcYzy2oW\nCXnUeTr3wX2vySoCUwVhN7kiJE2ThpTF7blpteHgdTf3ykRd3gAcizccgbY0+WHy\n8qHXH//2sz5hUs0RU/6rfeov15obVxB/puMIgvdCy7H/TTJq1IdZLCH9qBuQTqPV\nVfcY1cHRf0zCVeCqcx4A8A9dJQd/jAr9iN8DOmXMSzWcTbvsqtwI6KxIuA+2FLIZ\nR4p4TBRjghwfVz0zrqNax/hGA1UhfKO7j9OJ+cMLNKaoHMp0AEfJ1ksg0lkhy+07\nqABZ0yuB7AP0JhU8bBe7KKfnR1FGq3Hrk89uLhTxD9ltwPYt/nkDNr4yD5EhA9cF\nm+TOd+7RglGf6FM/EMnLCBCleWrUg4QrDgkjTMRQCdT2d0Fd7r009kWSruVjCyHW\n+YsLrCcsqPkGB0Q0+mIdcD5skoxQur/g5t64ysIsPymVunaYC6IqjfddidqnC7ah\nyoczSf+vedi3vOwtlVGetvzqerrM0/dy72PIec9m6++tzoH7qtee6WcIgGMgJOCs\nSSYqkFjNkaxh2bZpKsm7GbwpFk8MAUBtVEl4Nx/yFa9hHKzl/BlSqSGoAP+ZJHMK\nBPmIViJXSadeADGu1AApXhbX2ZjAzJmK1JKJydL36/5X1ntaM1FTCQKlLYR5142F\nAgwDC9FRLmchgYQBD/40An72RMAFcDMcDrGgnPi4/aqIjwJjsLaMBq+aG3tPUuqM\n2zm/84zVu0lFxruGGFTvBAk+SyAKYdaGsQryDUn1j3YQP4k2ZZWxTuD94u7LrOXw\nbsHnAw+/eZ5z1+KxprC8KCmaCMmBcqi2gGpaA5CT7zD14orb88ozFAaKll3lxPXX\nzQjG+iHva+Yqqq38fTcsufLdQx3zpenplSyRd618ysEXlQM+wcmKeK3j4jiwIgWr\nhYOR3HLDSAmYDX5hg4HJ3JwrwoyeqbwnvS7MvUO4jHPJZeBVHN3T4mKjjYSikNVf\n1rrlaidj1J4HoN76fjvVwDFF1WZ8mr5Q+L+k8OX/ZSv6D6oedl2lPJtieYvXG/as\n77WPPu1SAGb7EqTUntaSXzJGGOkp5JUNgrv5TnUFCiGQA6G4GujkEofFrvT1DkdD\nhyD/Pnvmv5ZywwhfDXp5D/HX8xlAE8H9fn4j4v9rpQ5Eg40thtyvmIk7LnhhO8m9\nEMy/YBxe3MpQ37j0Q229cniDsAAf6M6xmvhs6xoXXwWfv5a4dItog9M//pAvRMV+\nT5o2Zc9Qrx6e7fuJ3ltIXkujXS05bu1fghe5z7m97wgpDK978ge/fhuWWyn+NqxU\nLeXb1WlOd9RObMQ26gXfP63bopRjt6nbjJMCrxXdEIKNKU44t3ax8DBQ7a4II9Je\nAYRmEI2aLCdCawbOGXWX+lZuAWo8hsqQu0qzRUIg9v3uDDHuThIxmh7fuDnFB/o9\n/RAOSoeEhIdG1HnZUZA/bH60arIAPvyyBnJAKJJCSGSnuQxyOLPYDF7AQ9NUwQ==\n=4yHw\n-----END PGP MESSAGE-----", "fp": "4BE7925262289B476DBBC17B76FD3810215AE097" } ], diff --git a/secrets/repo/pii.nix.enc b/secrets/repo/pii.nix.enc index f2d6444..79cc512 100644 --- a/secrets/repo/pii.nix.enc +++ b/secrets/repo/pii.nix.enc @@ -4,71 +4,151 @@ "age": [ { "recipient": "age1s0vssf9fey2l456hucppzx2x58xep279nsdcglvkqm30sr9ht37s8rvpza", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxbURneFM2V3lkWlhNYU8z\naFNYa3BKUkFyTU5pby92KzVHRzRuVnB5ekE4Ck5VdFZKN3JrTlVXZzU3M0ZRRjBX\nMDVpd2YxWHZvcTVMUFQrNmZqZjdrSzgKLS0tIGdFeTV5eHdUbUNPV0JrTEdlY2I2\nanpZTFhDN0hsRHBSb2RvS1kxY0NiS0kK5UHs3xKgl6m4ptvvb1fIQnvczVEYNoTB\nC87CHUanOeorFNRPorTzqZ5iy3kbHILWSuCIzzFbSJzHGF6CXmfBug==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBFTTNBRXJiYk5DYjhxQ20y\nZnJIMmRmUnJjUnRONnU3SzU1Y2VJZUdsR0hZCmxWcG9MeXBiMXNZdENtbUtaSVJo\nY1FWQjNBamxEd1Vxc1NPZXZLV0dTYXcKLS0tIHM3MnI3YVFyd2F6SWFuRzMzc0VY\nejJRYjdBN0hZbnUyMjdRQzI3MmM4ZmsK915UC2WitPfe8kKagnhTQzGa5FB+9EBO\n8nv7EAab+dMxPhr1DAQ4XxWfC/0NxOfce0MfVSukgsgZePKv+t7Fhw==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2RS94TU1YOWFtYWlHUmV2\nWEdDNlJycXN3USt1NXpyU1lmdnk4QjVFNEFFCk1Cd0NML0x2MFhaOEo0V0g3ODJj\neGtZM3lWOWJZY0Y0YUpGcFhaNjdKOFkKLS0tIGNjMXoyZ0tIRWdmUkUvWjlxRnhN\nVjRFbzZjMURrN0wrTXZSdkNjYUlFUFUKf0v4JZcoYiGTpL0pnO6aG9OrnhNRk3FA\nsY7qIHtTUaSRd/KrHXIHfrrBMDoYIW0p9e63ocqvYys0freKghkvsw==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhNjdqU243Uk5lZTBGQVI1\nVDFNWWtoRitBUlNPOHNFaUJlZ1NXYzBGTXhnCnpSMmJ6aVk4Y3hvVjdYZVpIZW8y\naE8ydHZiWTMyaE9WMXFQUnNlZndteGMKLS0tIGtyUTlRYm8xR0ErcUNrK3lYNHp6\nVmRrYkdsYldUU1JEVHZkVCtidnhiazAKzOxBA+ZyW2ws79lIYyXpeBVWL7B5VpyM\nyk/IDcvFX+fmSlRu8zZJ/jr2nPLTliVueYq3KanWQnnb7BcWaqYr/Q==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age1g7atkxdlt4ymeh7v7aa2yzr2hq2qkvzrc4r49ugttm3n582ymv9qrmpk8d", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3djkxMFhIdDJCNXpCVjZr\nSEVCQy9Fd2l5d1g3RndwMDFiVUt6UlpZSjNVClkrbnB3NGpHc0dld0xheDFOWDY0\nRmZjZXRnb3dqYiswaTc0OEN2VmREWjAKLS0tIGo5Z3Q2L0w5akYvendvNjgrdkly\nL3FRMWxKYndaaVB2QmJSWDk0bTVWdXcKyc91a0SmfgLnDLmztGrrsCe5Z70aj4le\ncMnfRqAiuPhzogxATLzaCcYmVVirqnm2UFX88HzjvPxzHcnwkjjxYg==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4N2lkYktsN3JKZzBjWitN\nQlRxVUU0WVAxMXVueGtwSDVVQ014c0RxZDBZCkxOalBocnROK0JQWHlwYWp6Vytt\nQmtGTVltbXNCelpUK0h0ZWlGN3RuYW8KLS0tIG5GVGJ5SXRWY1pkYnRQckxiRmFw\ndzFGYWpMejhnbVJvK3h6a0dXaDVhdlUKrk5x0pJUSWJkc/4D7wgFSidL0GwXTPf8\nGzSxa5+77gUR6aeeCHVJivZ0neqG0wXDwDxWJ32548M8Z3mg2vNlyg==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age1ly2endyt0y9xyddj6yuj4nw6fa3ltvzlvew4cr4lzs6dv8dkavpqadmyxx", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBrSUg5ZXhZKzFuZHYzSWx0\nbGszekV2STB3MWZtRVExYlNtdWRFdkR6MFN3CnN3M3NFTDlia3pyRnJHYm1nU25O\nNEFHQW9od0h2b0JrN0RMdkNpeGwvRU0KLS0tIG1LdlkweUtPbkZkVkpjOFZ1anRs\nTkEvL0grWDNGTXdOamZ2RTJ2TG9EdjgKtGZjEbfQK04UCmIo0MNwB4TGvbbMhY1d\nHSM+6/4KyhEzwo7x/oy9MA7wSKBurE2CdsUwNLxeJ4eMRyC4xjrtGw==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQYnorakNtSGRka0JCMEdr\nLzlkZllxSG53a3JHbFVVSVdFM1g4Z0xyNURNCkZDcGtialNiWSs2SUVVNlVOL0V0\nbXYvVHR1L1ZLYTJKNGtFUGNoNks4c0UKLS0tIFNGTXJhRTZJbWhacFdQVVdOSWsy\nN0VCeUQ4aWtCQXVDb1RTaEJxN0RjTFEKD9O1ApMLZnvg237XRcFEIckAGaYBEnbE\nvXgr7/DCOu3IBny0IVxV7tDj0rUw5u0UgfXuzLUU3txfK1Uyu0Jdqw==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age15klj4t7gpfp69472mne4ue62pp6m4e04dmjyw7yf30qtqd3vl3uqjmcyxm", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNOTgxcE1DV3owZDhpM29R\nd25UVWxZUnliUlEzUmhuaTlxdEZRSHhkNGxZCi8yYWZZQzBvL0hPb29LNVp4TVpG\nZC8wa3hoUDhrTHJBS0dqRzg1VGJucTQKLS0tIG9vckZaOEc3NEtpdDZpdG00UExB\nQi95UU9hajlmOVlBZjFocmRtQm1vNm8KMe740I1/MXjO6bajs6i6wuJqLCfveNq7\n1WXHfRY0mQ8zisy6sT+CaD5NmamT0NU2X7wrkQkQZewvZHhGyG7z4Q==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB6Sm91dkdsSVhsYW93TWZ5\nOTJqSGd3N05tQlQweDd6aWNQY3REb0kwZ3o4CjJMeXdPVXZ1cCtMcjUxZXlHZkxB\nU0I2RXRZL2taTjk4MjFqR0ZpT3BwSzAKLS0tIHdmeEE3WDV3MkRVTWF5U2N4VEQr\nOHFveFJtcmN2TEFwQnBmTU16TklQMzgKfyMR0bGRHBvg/22AaezqqoT5VFJc6ase\nBMU4jTQjjY36999mpWntBvEjjKC2oXTKj+cww6Z0MovnqYG4qvlqXw==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age1k73gy5em3js9zklnnkzp5hme9k04lny32fgahmzddknjw5c295asdyr4x6", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3Y0dEcWQwa2Vodm9QMzNI\ndlMrS0d3dDlSZ1J5RCsvZ1lvSVYrTUY5U3dZCmZWT3JzWjR5dlhQczUyMFVodnA1\nNDlxOWc1bC9hUkxKcEs1SEZWZnpGV28KLS0tIEZFOCtiS2FWcjkrbTBNQ2phOXFy\nc2FMTGhMOVdzS2lEZFlKMWtRUVU3cUkKhUv1yvsOumLAAtl3ss8Ox9V6Boo3PGI1\nnI72ieLQd+agJCzNRGyCKhBsbSCT5XbJ6ByIUBlMR3fTHQtYX8Ztag==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBLV2NRd3dBcjhtZkFaOHZj\nNTVJa3JKQmlDbncrS2taSDVGdjR2R1pCOEg0CjRONDN3Qmdqdy9vYnMweWxMZkpl\nY3NRRExNdnQ2VDBCSTJoSHBRU1ZvajgKLS0tIERvZC9rYmo5RW1iM0dldGlVOVNO\nTlQvRnpqeWJFU3FHdnhxanFSdU5RM3cKEipbKBIdbGyB0YskAOGtNVWRCyiRO2lN\nVrQzXlUAqdq3uQyq5Pk6cKZgaqnEummU98pW4fEghDMk+FKS8zlMAA==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age1cmzh82q8k59yzceuuy2epmqu22g7m84gqvq056mhgehwpmvjadfsc3glc8", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBrNkJjRkdXa1NMa1V4dG9J\nZGg3anVrNGJYSVAyK1lZUWVML25jWWRiZVNRCmNHNmpkY1lGSEF0NWM4eUxkLzY1\nMSt4SllIc2F0NVR2RGtGMGZsNTc1RW8KLS0tIG95czFsejFWUEpzTVV2QktyZzRy\nN0VVNmZwN2NTRHBFRmtzT0RwUk8vdzAKpbQTvTaiCpE6YGtLyuQ9N/MKOCEi3Y8E\n3qO8BT3c05tdoVf75oe7MtP7vYwqNmCrozRUBnIgXXpNcU/W6w8Hig==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwcTZkNDlCdEsvQzN1T2Rh\ncDdUTEtxSUtJM29tUmEyd3NlenBLdW9pOG13Ck9aQklsa1hhS2RUbUFEcFc4SjY2\nUHU2WGhPYTRWUDZHOUNzTEQ2cERUV1kKLS0tIGJEbmhYeThJSnJOWmFhR1dtRWRa\nb3JSb2g5ek94V29ta0h4V0ZRdk9udWsKPRXSniu7m1NQW9TN2Giq5QWdY5ScQCY3\n/BW8VH3Sq94cv3VHY/cYDOaMn8uqlFscBKDpV5mu1eBFRCL9FnnO5w==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age1wmx8y2hs83j2u5srdnfxljrzxm8jtxl6fr0mq7xf2ldxyglpzf2qq89rpx", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYK0lqVk1VeFA3THNsc0o4\neldmN1ZhZ0V6TS82eTM3OXhDWGZ0MlEvSURRCit1WG92bVYyVllyb3V2L3Eva0Mw\nZlc5eXRZcHIzUzJidWh3bUZ5U1hDNjQKLS0tIHgzSUtBOTBuQzZPMWdKaG4yREY5\ncGh6QXYxUndDa1JFbUdnSkZSSFJ1WDgKYDSmU1vl5nom6hkPP4tE7QqtvxGcR6hf\nOCxKNW2UOCmC0G2wDEtykJYCbyvjlz0mLG8UTNFfcp34lIRNzXdsqg==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBFVFV2VG5EczJWNld3eU9m\nMndMSWtRT2MyY2k5d1grYXB4RDg2anVKNlFJCndlQVZWR29Ma09RZWpvZzJ3ckVU\nb3pmLzBpWU40dWJINllUbXZqOE44ZHMKLS0tIEtHcURtYWZoN3Q3NmNSeHV6U1lF\nWkRiZTZucXhQNDJjTGN2azlZZGxNVzgKSkW+X4vZ8RIWb8jr4WGKxufWOaKNduuv\nNk1fAa7gbbfQIH/G2THrHUit4uv+DvA0crFjvIVyKxvCUc56nhmY1w==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age1mjgw3nxlnqdj04mgjz3wn7fj2nl2nxla4p2r2fn4nkvayfgp09pqllxzyh", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB6Vy9qNUgrdlVLTlNmOTVO\nWUxHNFNoTEM0Wk9ZSjIreTJEZzkxOVVYaW5ZCnhCT3ZzR2dLVjdGVVB6UU42aDZQ\nQUtWemh2clg1T1JsNFlGbUhuOE1GNGsKLS0tIGFSVElySmZWbFE4R0kyRnN6VTN6\nb0dtR1ZHMDcvNWFkZDlSaTMyL29GNFEKLKXf4xihjfDM1Lj1LNOt06BoSaWcvIk3\npW+skCovQ88FRxIJeD5i5vXIQivlI/98OF8chmtfPM7GkfhwvBRJMg==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzdFJ4UXFLazZMc2hMb3d5\ndDEyZWJ4Wmp1VjhRMW50a2l2dFBOWmVaVlJZClVUd3VwUDNmZ3ZycVR5eFkzWlJ0\nZXpEWU4vMU1udStSOE0xaFhUNTRBS0kKLS0tIENjejZjZExFajlpN2Y3bTFvN0Jy\neGlkNGNoZnl6ZTdJay8vdmppdThtOXcKbki0almQdiYvtwbNZfyKbvOjgBA/N3E8\n7VtuwkXjYQh0jMitRZqaZWBrC0OSvqp/rXT8AGbdSHSOtTc0xfxfxA==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age16vzhcvz8tyxj8e0f47fy0z4p3dsg0ak4vl52ut3l07a0tz465cxslmhevl", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOZlVJRVJ1aWpOTU9JRWRM\nSVBkYUwrdnA2TlBLdUFmZTVBRFJqQlRaOW00CjVlRXVaVUpYWTJCeXkwbFFOOVRk\nV0FNSFN2WFZuVm1EUFVMUVY1UVM5Y2sKLS0tIFhtWmdoNTVQeE1WeXpVVGlNKzk0\nd2IwdUtVSjdFbjlGQitDYkpNYy8yTG8K+D6ZHo1Yk9Bs9/mCrODylYdIm7mmm9Le\nY2ubH1OAwgX42mfTTMwuvHEgDJ6CJotbrijBnegi7VLTAkTI6Z1zIw==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1RWRaWktUWjk0dVFMa1hY\nam1Tb3AyV0FVMHcyeGFTMFRZNi9Zb1p2NWgwClVodnZ5S1MxZHIwcmlJbjhEUGhJ\nQ3ZGbEZGSW9rUGhGYWVlc2NzQUw0QUkKLS0tIEwybjlSWkxQY1B4UWZRaW9vRmxw\nVzYzWHdjNE1uYzU5eGhsZWJZSFlJU2sKWgiLjOL21VF3R8PBC51ibZtaUSydjjTY\nvWhHItQyVF79oX0Fy3kV418vKkQu9jCc8OuiqSdT2KRqfr+mQ5Yqlg==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age15cx90pnp54xp5gxlt02yn9j2pz968wp3l5ukdkx55xuecp34e5pszjku4m", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBUTU2bm9ld0pGTHI2SytY\nRXhwTTEyTno3YXYvdGxyTXRpY25rWUdoVEMwCkZITE42L1UreENOU3dLQTlBUEdZ\nR2JhbDJaUFdvOSt5V29aQy9vWFV1NjgKLS0tIHhWUXlNQS9GaEpnaFJYOVlvYm1x\nL1A4OGhteUhFK0Z5dERuT2RrV0gva1UKA/8Ry899BrZw/OKMesiyYGSESqrhld5V\nqumrjYNhC4ImcFPI8YP4J8zOghz/5u2xu3xx9Q3D5FLQskPkMVfMvA==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3WCtTK0tGVjUrLzRjYlVR\nd01Yd2dFU2VEUWc3YTU1emY0QVdrTXk5bGpjCnZUUmovMG50U1hhSDZIbXpCMmhl\nTjU3aTUwR3grd24vWEc5YnAzbHZXNTAKLS0tIElxdXhxcEdjRkhVbS8yRGc0ZmRW\nYlVHTXZ5Y1l4UVJkR1pwUTVHODR4Yk0KUxduPOod/S6u7lP40prr76/kK4CtSHrZ\n3527jzNf2pRmOrTkcvWKMhBgJ0W/B91wXMeAE+I0FFIyXbfORBbYww==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age18quey88vge7xytclg2nuq4ncme86dg04lxwczqxczmdchnjg3p0saehsnh", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0dDVQREZaTk9jbTlIUnZw\nWFA0dlBkZU02elNYbXh5T2lQYjJ3K2tqK1NJCmFTMWF5MFZnNU5rWk9raXRkYW1P\nQnRPdkxpR0l0bzZucVV4b2lSSXRna1EKLS0tIGt5SkFqdEdrSkh0WmVYbHE0enNY\nTTI0UWV5M2tDRzlUdExTZ1hFN2lGUVUKB9SjTXlpqZOfxoutzU+rcA8BOQTiRzpl\nZh7ZNrs4M3+Tna+dVC9am1wZIFc4jTGdWs9xIPlpyHQ4HGBKRXo7sg==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB6Z05aOTlvVEhHY0huTzcy\nenh3WlRzTStUWlg3ZHZuRkVHU09pZVZWK2lRCm8wLzNGTkd5ZDA5b2ZiZmhxTENK\nRE1Da3Qrb2xTc3Rsc1FRVVRrSjZJdXMKLS0tIHFzMUJDZnBCVnlRTm5lYno2MlRr\nV3psbVROQThha2RjK1VEYVRvdUNLTVkKiRFYCBw/k8Uz67NUgOkWBCFNoNvSHO5k\nEthPMa9UGPKlq2dRfAG+0KaUtwyWoBTiXhwoZ0Hds6aeJhJRWmXP6A==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age1ax5hqk6e2ekgfx5u7pl8ayc3vvhrehyvtvf07llaxhs5azpnny0qpltrns", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxeFNGTE9OTDJGSXNnRWhH\nd2xqVXNMaDRvOE90eFcxTkMybmZqaERuN0ZzClBCQWFLUmdLVGx4YkZoVWZLRFFO\nTXhkR2sxbnY4bUhHU01yVTgyam9iY2sKLS0tICsyaGpyNGg2TFYwM2xUNGZBUFY3\naVpuOVZyZWp1T0NDMXZpNXk4cDZvNnMKzdAVwpvlcCvbKjrgbja+UA8gNA+z5UOX\nXntvfGydRFkhzk2Pxv9sB9fD/LpmEi1FGql2qfyU+9ufzv8mKKmGiA==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3Tkd3dFhRd1cvV3c4Vytk\nL0paWVVheTVFM2hmTDk2OWZzb0xha3VCVHlJCnJ0Z2NXdmo5V3Rid2h2MG0zb3Vz\nSW5RTmxEbW5jekN4QU1NRHErS29KcG8KLS0tIDNzMHhXZVFSVU9XemlFWmlVUVEw\nWi9DSFplSkxPMkJ5eWZZVjA2WXFSYkUK/ktTyhCoyP+JC0NAAgGI/H2OdmqKCcNC\ntfo1zCzcQvoelM/HlODw/hGMIY/6ogpn6tsL0sZxepYZSWuF4eT2EQ==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age1c2enwel9un28dcs4wg0vcyamx9a4a6g3walkhu8w5lqhmd804paq9d24as", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4bHordlBWbVYweTNITkxW\nOVorendkVVZqMzZ4WlgrQTVwK1hjRVhnOFJJCjV1dFFYK3cwRmxzUXZmUTBPQitz\ndUZzMGFpZGJxbHovRkRPSE5WclQvaWsKLS0tIEYvVTkwdUx0WGR6bFRhVU1pbjRx\nZUp2OVorbDFCTmdtazlkdHpMM1diZGcKppf+Gm5fIckXROPVDoy+BmFNOt7g4v1u\n0vjjakwRyYv9iZK++oF0fmfmxmNuJV8f4LdyuzBWDURmJgGe928Czw==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNOWhva25DcEdrcUk1QWYx\nVk90WHJKUW1OL0hpaUdCSFB6WitJb3ZoWUJNClk2bzU1MFl4eXl2VWxSdWtBWjRq\nZUM2elRYcmw2Wm0wUXRpTGhaQStFNG8KLS0tIHppbWtjTVZ4aEJRc3E0cXdRMkg1\nUGg2RWYrYmlDeCtLN0lISW91M1l2N00Kb7QcLb3JA5Qo/JN15tys2Uc5Gc20OBO5\nF/bjP5jQFU9V5gXhEgmvoNB0hVg6V3Dh/yqH3Cco+Xeb+QLgBKcidg==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age1nanlervuderw4qskcuessycqy2yfmptl6nym9scgp9ky2265ssmq3u73r0", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1RGpibkIreUVYNlA2TXUw\nNmZzdnFtNHNOQ21QTE5ycTZHaFU0U0d3RzFnClFXRGFlZnB1WjRBZW5WN1BSR3dK\nY0Q4R3FGdEQycDEranUzWFJyWWVwOWMKLS0tIHp1Rm0wdi94Tk9kM3crWUtjb2Vo\nSHU4ay9WenpGTTg5T2Y1TzVicHBPZWMKEpeP/SVorT881MiLvR+6O9lcc9Fn0VV9\n5PqcowYMKFFXBQ27qjoFBDSwmD0UxpUgJeMtMAL+QLMILZ+G/0EcGw==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxbCtGQUR0RENmb1Q2dVNE\nUUMwQnpxYjJhbXBLTG42b0Y4N0UwVzlrMkFvCjhTRjR2cmhzcHVqeExwdDFQUUxz\nVXJPYWY0OG83VGVZaFpwbHJHMnBFVTAKLS0tIGg4Z0ZZUWFHRks4bGFSUnlac1Mz\ndTVPYlJzdWFoYUo2K1p3TlMvL2FuVFUKzRnTD461D3GWY9ZMkgqO+bstuyHKCeDm\n7b8pf2ApjltGxGGQVo9oGRQR8ZVql/ke0adw/6f3xSAZTtYxqf3rCQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1kyue7mfvzuxprjz2g6ulz2mxlr57rgzg6lfpnrqedkelehley5ls3enwsd", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvUVA5QTJ1VFA3NXJKT1VP\naW1ZemVSbjlmR3g5aDJyMzhoa25kSUpIbVE4CldvY3Jyb0NaZDdYTzN3OHM1cVBY\nbmx5S0p3TzE1ZXJ4N3VLTTkwcXBPR2MKLS0tIGd2Z3BFazRTNjhOS3R0ZTFnb1py\nNzlxRFdXZWZnUEhIVGIyVVNpdWI2cE0Kfu4NzvEcxQ7olFmALV9Ndp5dj6PmDrYU\nSNOWIGXgZirdESOPPBEVw9bK/kEe6PzWnd4IQYOF6/QAW47OcDAYhA==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1qpgj3ell93rzkpjq0ezs6t669ds3nyxx67pj50smx597pspz6fqs4jc6pt", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0WnhoOXd2YnlUdW9lWS9r\nVlk5UXkvdVpENFNvQ1BqUnk3dnl3aFhLWTJNCjlqdzl2dnkyNUhkUVl1V1ZTSUx6\nNldtNzFMYjRDdWdLeis5OWRxa0t6QkkKLS0tIE1pRnlCRVA3L0VlUW9BQXovNG0z\nazZaZmhoZ0dUWDJWbDJCdnkxcm0xZWcKWQj7yo9Y6nlPnIt6BtdwJHtZQSDvS0s5\nY6SZQDqwP+2EGnSF8m2jLlQU9hRAenG2R8+uaNUAcc+pq2dShhslKw==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1f63r2klnpfxmntswz5xydpa75ckgjqcs2yzkm0msqwqgz9aqgu0qwzr659", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBUSUgyemhNc1h1cFgxZmlw\nVGFKOEt5SENySWdHbWJnR2RWU2VMNGNIRlMwCkVWNTZRTVlCZlhSSTFJOTZXMWVk\nMCt5V1J3TnVXdGFFdjRzTEc5N243eU0KLS0tIFNHOE5NWkdEeFNpV1NCNUo2Y2s0\nQ3phbThsRXZYSi84eGFsS29DM1p2cjAKuinmTvnwkydQH50SdgKgi3U4z9gnlEhC\n/gMueer1HholV8Af6Vh8WkOZVb3UB7u5OAv4x+NWR0Q5S85CWYuzpQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age17328xwk0z3znalpmma5rvp0lt5ghn5p8xfvnrtdxwsw80dqysacqj9j37q", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTVTV4SzZUejJSQjNhdmhC\nZW1ZNkY3Z2VBaU1uRkJBOS9PMFJrVnA2VGdZCmhNUVBkQXdzTFhRVzdmN3VqN0tx\nUkJrWlRVOTdRY25RSkJvd0NwRlJZQjgKLS0tIEdTcmlqWm9TdlR3WEtYcFZCOFcx\nKzZWNHRUMGppMHdUODcyQkUzUmZEQlkKM2Ni7YGqfLpnTTLoFLXEjHSljRKfoCYh\nAuAKWSo5G0LEdU93yJePlQ1c1KxlV/hbHhHUK/NVU4DI39/HLZ4i2w==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1qdzkn6v3xhrfjwe8jxz3945dhyyhevwal0narjtr8whf9y7nh3wsn524u5", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBL3NaOGx1NytXeU5xbUFC\ncDFXRjV3QTNPNmZidzBHeWwyMG9zcFpUazJNCjBrb2FERUZJb3VXUVNZc0JFRGtY\nNGt2dXQ3cGVqL1l3UTdjQ1BPYytJOHcKLS0tIDkzczQ0TWZPbEl3NWhGaFRUQ21G\nR0tqTW44RGdZM05Cc3NsaU1jV1N6TkEKql1+2BkDpmjzm1cKtXk3idavZrsRaWn+\nTtEFtvRnY6TIkhIN7I1hv+cqvFVza3BT0SqME5pPcvt5o/wlZqRSiQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1etgfym5m8hn3hxs6cgg757zcv5zg5n22wq38fuq59n7qk7nef5uqyg6vvs", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYRSsya2toZ21KdldJVnli\nSDgreW41Y3ZUOXorWjdMWkFFNXJ3S1l2MEVRCjZFUUpGZDQyenF5OWRKa0NId0JG\nRVMxRTB3Z0tSUlF5ZW8vbHlHZjlJU3MKLS0tIFFOeUR0UFNzbWNQUGJIZjl6TXFy\nNW44cHdtM2E1TWU4MXFNM0ozRG5TWXcKZS1lgNP2fm6LjT1TDYEzKY5krZ9vEP+z\n2GkHKKVO/u2jInX/YeryjDgVO1OnzWf0oHSqOGsmGkJIepRI/xpIqg==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age17mugmkdw0y768a3huuf37r45eff9apyknxvwk3agg6xzsjmqp96q57tcty", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPYjdoNWVMczVCK3ZCbkgy\nclVUM2dyRUErWmZXbFNsOFVJeFZUdk5tWURrCmJHa2JBUy8zQnRSUzBlaTkwdlNs\ncmROOGhsZnZ2Q0V1TlZ6N1FDQ0NMVVUKLS0tIGxXT1NwaXJsMnpnOENqNGo2c2kx\nRXY0TFBjbmxpemZMTFlFWDFURnM5R28KImG7n52CpTubdV0mVnt/avvQ70c255BC\nETn/I2+OYhGt6SDkivgMlpcZNmqIjbHY4pFDIEiWQgJtw6cZhRgY3g==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age16gf76uustmyyksm3t56zcq9g6j8avy0wrngh8laknfq733s5welqedeg4x", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1cnJaSW0wMTVKZ3BhajZE\nUll5RXliSVVsMThIQXBTTVpzNUtKSDBoMDFBCmY2Um50MndXUjJWa0w4dVNwODVB\nZnlWRU5yS0hrVnlnN3VUK0pURkFRMFUKLS0tIDY3L1lvR3hoK0UyQ2hqMDljWnVk\ncFR3VmMrR1ZVNWsyYlRvMWdEVExma2cKrNBMXgrdIL/9TDhT+1kZNyFfOdfQ3kjP\n0YdKbZ1It7UvTVMy/amSWzs7YJ+AptSq9vRuJNqEPbmx0tPLgx8Udg==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fnvlmhzju0yq908xtgags0sy85q3tacl2sc3w3vdd3yfp27xv5aq06v948", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvUnZLS3JSQzhwRjBjMzlP\nKzFCNEtocmxGUkVBcGwyQmZvQ3Qwa3VWaFNzCnRrYm9mSGtUV1VlRldTR3BoSDVZ\ncGtNR0R2d0JYdlU3VTdsV0k5eTBHcjQKLS0tIHJJanBCTkE4cTh4MTFLUEYyaWxX\nNVU1dXh1bnJCRHpsRmNHUTBTcGFUSDAKRzdFl9XzeavDg9dQ27GPi/Cz6AuRCERd\nnjVR4G0Cal9oU9WpNFxCfloBt3y9dkACdzgqklDkVhnTCVpfLwSyIQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1s5gcxtatd9frwctzwg54fqycsx2sa73ll36k7qrpm9wwyknkldtst90gn4", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4WCtYcmFwVVNCbnhQL2Y3\nbTZJdHQvRFcxbVRDQUhrN0J5TjBONU4xTFRNCmgzT1ZrcmpQaHZyRW9jNm9ISUpk\nYU1Ua1I0eXhvbzJvL1FRRGhROGM3dXcKLS0tICtjNGl3UTJJZVgvZjVPODVHRGQx\nRWtRSmx0TzlSVUV2UU5TcEx3ZTY5WUkKzWx1zZlgk2d5VyT++rXRKgzShaVIsjCZ\nPrGvnT+RnnRUK4cZhQEhAkNM/ZqZCjEZ9PSPS4PGBGUletXT1FBkLg==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1d89878cvt7wsa07ydwtexspku5gppwstrpnpph4ufx5pcd4fadyqgf6lvl", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwc29LeC9rRFZVc3V4ZFJv\nTGo1L0VwN3Z2NlYvdk9uRWhGMnRwa09zOEZrCkYveHQ5UFBJOHZISUROUUJzYllx\naGlTZ1RIcTFEcUlTMUZocTlMSTZxV2cKLS0tIGpsOTJHNDQxOGMrVEwzbVJRYkFt\nT29nQUxqRjhoT2hKOTdMRUpqMFBYVWsKaDC/Qhtsxquz4/E1IJnIqzv1UsReWK1U\nE/0NVOdsYpKLc4fYUU6mpF3waLJeSlFiAz6M/hHb/KltaxRuwoUCzw==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1ayupuxlrkepyvjk7xwgrd0pvcj3tfcha688mcuc8ees2hg3g2ersd0q3nc", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBIV0ZQbkhFTDdHNkpxUFFI\nV0VNSzR1RkZYRG0wV1dvSjV3TU42TlNjc1ZjClZDQUJvalBzQVJ5eEdRMTdoSER5\nVEVDS3daa3F3RmorNXd1NDBKb2FNeVUKLS0tIGdVN3BOWEtjSGZsNjFzRTVLSnVC\ncHpxdDYxSXRQTUdMUThFSkRmeVBkckUKJrdXoaRqF/z2JqVQmZBLute+W3OA093/\ndgtFZgVgheBQ45mya7ZLidTRBheCTGfWpCfH9Nob+L6McYV6XK1awQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1cq7wxnugpfvjk6dgqpfmc8vemzhkg75drkgeaqjd9fuylz5qh40slazr4u", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBESnB1d3hGcllPUmdEK1kr\nZjB2MTd6MGlBT3lObURKaTI2VWlzdFBHUjFrCjFPQm5oaGF1ZHppaW9FNlNOOXNP\nZkIrRzNTZTVxaVd6dzU2em93SG9iR2cKLS0tIDBtbGNLZWhDeldZbTUzc05mR1Jt\nc3pRNHJ1aWpNSGpLdkx3eGo4eUxMeEEKSCkS3zqr0LegRm+FBWeGxyCZUd2jg11L\noqZW+CXapLUywTh/TcJ7Z1xBXk5/mCivEfjqpwri5GZQBE8S5PRMhA==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1vn6ya0japzpgc256jg57fldsqe4udmq50sj5hmkywn7rxfnskevsx2q96u", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4UzlxVmhUNVUxdnVCK21m\ncERFY2pxU0xYSnl2RlJIQUtCWExjNjlMV3pJCnpZUVF1aWVHRG5SSGpuV0tUNU1j\nMzhGNzQvZW5kY1JkdjB2ZUdRQ3JBTGcKLS0tIHh5R0JOSFpFT1dKcmF0a0dDZGFG\nbkViVFBzV2VNUVFxcUxFUEdyamlNb2sKpbWlKEBKt4D1AzVIvHx1A9eAjpwkJkEy\nQ9occIVMkIb/+9nM0NmXU6wKGFeRNsJkYAQ7BEo6zrh0GXZVbkG18Q==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1t7zagjfddns4yltupk7nx8xps4gh7mupyz85uuys0wd22cxj5qsq2hw0p7", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSbWJtK0tDNk1VbENDUm1P\nMkVNeXJ5NWVSMG5zK0IzSkV3VjJCN0NtcnhjCnlSWnVQZTJpNXlPSG8vRmcrS0pE\nN2MvVWFoVmNja2xvUFdWNnZkb3RZSU0KLS0tIFFPeTZCenBlVTZOamg0MWJOdnFU\nY2hkY0ZrZHduOTdkZS9NSmNtZ2QzZjAKu+XwOO43thMiQ14hmJJGu5U0/oQw8B1W\nIqJAaz6F258qatwMQB2j+BVHut0NwDyBz8skpcAM4CfX9ugWv2+Hbg==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1rn0pxluh7m8dyeshek06d7scejqlrcewlk8xmyrwt5e5nev2dc2s3s78vq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYaFlhNGZMSm1KdHRmSjBR\nWURUNitWZkVwNGJ6dW5DNDgyTTBjTm9hODJZCmFZNEFWYTdrYkVNbWVTRmtmZ3Vl\nZ0RKVDk5NlBHanlZR3R5SGZ0MlVNWFkKLS0tIFhHVnlmSmdJdHIwR1EyTDJiNXRH\nanp6VFJlZnV1UHcwRFR1RTZCWXllRFkKU9UhM8Tl8b6OFbV8FUQWU2UTWNBx6lxh\n1IqeUz/n9qd1z6oIphUIHz4akjz094nVixYQG6oemjTsHr7Cn8wfgg==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age12jh5836w3cmazec8ql652p9h3a3xn6quztztzqxg4n0kz7r96dnqqlhxxw", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmNWZnWGVUZGN2VlpxOWRn\nWGI3VjFMRytCRExXUERuVzhIZndVVlRwbWo0Cm43ZC92b2NMaXkzeDg0ZmxSdXJE\na1E1YnVERjNBR09XQmpUUEpBMmgwOVkKLS0tIHRCZERmUHVvVnJXWmUrTmJFSUV2\nU2NzZklJbXhFVVBQYkdrWU45ZkNYZ00KcJ66eCXQLZ8yOeF/LJC55UxAebWIDRHl\n+Lhf9a9z1CDKcCvZAdh0ln7q9qBTp7LWrIkvpbbY572r4dsbhB+A2Q==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1gxg2peektn8x36kk3nsgmeawl73e54kaadqd649ygwrv43kkvejq2cw64z", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvQkFVYXVOZmYxOTMxWUdV\ncTZscnJsK0NyMFowcXVicitGSmZGYUE0Qlg4CmlnZFk0L25ZekZrQ0MxQVV3NE1S\nTzVaVWtERGtQUlc1NndqZXlvWklxajAKLS0tIE96Q0h2Q1hSY2dKLzV4RS9nL0xu\nbitibzBsdDh2SkRGVFgzUWlrUDBxbEUKHLp4h8pc41RTfBA7S0Oj7II/7vaOjhi6\n6dvxfTqi2WGtRvZy+mZMXEjksps6Dngz7ekxuRuvu0SraGt0kXQBHA==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1kn34ny229gm0rg7wlcvxmcyjtz4gka6f2vd958fde6vmuzrxcvcsufra90", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRN1phZFFZa1d5Z3I2djQ2\nZGsyNzV0akRuZW52UElVSVdZc3NhVGh1aFU0ClpVV0FjUTFSNFZwcHdCbW1jQ0hW\nSWFFQWZCOUtET25mMEo3QjZySnlRN0kKLS0tIHVMOCtOYXV2VUh5cXBVS01QRTNM\nTTdiQlJSTFBhTTN0dlZVa0tRT3MzVTgKoapXW+VLK8Huwh9ZVq0Y/CoDFNma7tsJ\nQv2GQy6fVUM7Y8qcx0/WedcitMcsr/0ZemJd0zesNCaXg6TGb2E6Qg==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1y69f2elvmq39lc3t3ucq9y7wt675520n7rvug88qg368qsmmk47qvwrtny", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBpYWx1Yy9aNEpnbTdnMmR4\nK1hNTXkrSUVMaE9wR2xTbFVwYzJVVnpQZ1dJCnlKQ2FMa20wUy9nVlFTVmI3WEdu\nMDdIUjVjRCtBVXJzOEVLWHNFTWNkNjgKLS0tIDZiNkVzSzFRa2J6bTFIcFRMemRQ\nOFdPb0xEV2pVVUdsdmFNNGQ5d3hOc2sKeR3NUDYRGDCywMfylXpbo+FOPdtNKkKA\nVffrmB7VKnL+jhKOCjgYeLpSzAQFa3L8QZ9R1xYHa/AmlnEk3IMEBw==\n-----END AGE ENCRYPTED FILE-----\n" } ], "lastmodified": "2026-01-12T20:26:18Z", "mac": "ENC[AES256_GCM,data:jIB7rrK4yYjLlqUdl10JfYg3qaAYbuePPjZoGCBCCaohFdTWJPDoJMg5EFMFrZIDVOeWDjYVh6bB+PvXiIvU39NrEymS/Gu50ehCG7Lls7a90K+NSZQhuHS1y91+93t8vOq3kPisN0fh0J9tJwphB/NbmgDrE5e/NQsA4FjOsWU=,iv:VITEc80bKA5ZXuy9iUz7NjobYvVDKXDWhnXFyFwy84c=,tag:POCbrUFiKcc0418v9njPNw==,type:str]", "pgp": [ { - "created_at": "2026-01-10T00:52:57Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhQIMAwDh3VI7VctTARAAzqg5EyqoyPPB++MUMwBsAy/Yo+MgvXZ1QSt/gInq8ii5\nzcRl7vOmGtWw0T9gRSLT+gJXp4bjGuYOhtC3NWL3y2pDiL0tSGC+fKd0vJDwNyca\nYnwUG7pDHxKOw/UrcFJar9dhf0b1R6aHh6AvL4YzFA+iH0ZY9gRWozPBMkJKxZ6Y\nHAL53dclITW+zif00yVaBMjiIFMr8tcVMefU5BMwDpLLXMXZL7Po9h0EEh+4Jq7L\nctxJQvfk0UF2flkHju3VHV7qdZFJwbskF4z1QVQTKUgVYqPiwFqsBQ//D+sDY7Wa\nkhleX/LTaz91fIxdOAhSo37l5U1uh8tkAtrQ+ls2nYl3gn/Tm9hz/nEhqN9SSiMi\nmEhDRM/rLJflCzuzsVNgqGG2MSGzErsii8DrOwIZPAISjflnoZCUoDKuvro2Z1cC\nNSP2FMOY3P1dpubYMUik+k7PZHf3jydUMQxfOzZ6VAyzdd1AF4SQ27CaWnOkIwGp\nsdvsQlJa5Pyu2iw89vDavYGPoW2hO/MuURdHgh7DRwAnjFmq9Z5miOsIFkJOBMsE\noFomVuqaaX1P8u0bXfhSqsMOZDs61BYut7/1tMawm6tBsYs3xVhqNkMDUi+wJzZs\n9UOQ8VuOUBJ3oAQ0ZDinnJ2EFIKICod1G/fOJFA5FIlL2Ng1xeJ9ZEcsg1K6qLOF\nAgwDC9FRLmchgYQBD/9MQD5tfWOn/bdCAJ3LT/lT6y9SNtk2t/75kfAdXDFLCS1n\nH7Ri9ngDHVnFHDg3W3APF1+zbRFC/UeP6pODqFE08ln3+vvsXblRexnjRCc3NQak\n26H8cnbH1kd0hkn1D4k7+YnF3gvsMd3tk1ipZQUZkkk/7v0yKAjKphkdXgAF2M1C\n88IfcIlQwCghDFhlV/4IRP2+2KVCseJb5ZE1K8eLtKYVpW3t/tAMHSfwhBO0OqZA\nSeN4iLMyY7/qAOdqo+tMo1aMC0nzYLfGKD4bw1fZ5oFE1sESewCv0s2lxWeGj++k\nIabWcg8BQKbRXxxvvWfsuPRIU/S+K6JWP2emrbAw2jVZYzPjoKr4nM71VZOd98hY\nLUKecR72hOeH3k0hVgGqY44kvlVB/nOTMaMn5ZmwtuhIlA3iLYBctq+MkIbkr4ft\nPKQxJbwBnIgzupkGJfDn4wVUSQ5kV/6d08Tkw3z4ldVfMlkcYAvC1m8K1N8KlQNr\n+Zivq+iaKoyVFYTT+qcw1cnHU+JV784vJUc8Rbvu/aGJn2fjGXThp0Yknum38rTv\nvG+kO+W65rpAOvROeSbCYAD+tF4szAYtbbiN1rtpddQMHXTGVkyBJ1TXJ17RqxMD\nNP7wmbL8kTS/rB3SP7hgrJV35pihC6V0dPA1XW0g3ZhKCA37GaoVVt9jSTNQx9Jc\nAd0uZTvhFNgzaCIVcE7h/Q7cnNWGpRP0IugyrdzokXufbqGNSnzRaROpIZodVBgd\nrqW+lJOxfhAEUQaoKi5Z04oalPWzto5oaHl5iTP/+y0ABbpZ0cXTIw7abhg=\n=ie2N\n-----END PGP MESSAGE-----", + "created_at": "2026-01-12T22:05:07Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhQIMAwDh3VI7VctTARAAgK+dArwicM/S3UrgZr8rIxmMxpM9veTegURe38QEw3MO\nvzobPAbeD4A7H7hqHcbrDuDO7vhjD3GJnktI/sPelf9h8VRyA9XES5A70xKTY+zD\n3emqS7g+QexluqgL9UnUlkpCxv7NFnIbZGJO/x93nMindXro9zeDqeg9s90Lx8D4\nckdgN3N4b3CUcguf/YlZSz5O1zDK5uSSYbnmZ00t/LAAwwF/W0WZRjLw6UGjBHS9\nbRoLB85qtEnTk9GwE2WPkOxKnHZGHitVa0+6PQRGl7ddVTnWTZF9FoD9iO0aocPw\nueuRxHIHIAHX/tZ+N9+kxlH1oPe7wnP+HXLIwI1RiPPeJ8cYAbjfShGQAujqzy15\nYWF2ZO5p60ObBdOJMgslUuvyL7434XZvz425yCjFaAZHvluNaw7wRm2ZOUpxJcxW\nBuB1HJs5Bqvq7hYQulOyBWRoux7sRzR7Cu8FGXegVUEaen9Y8F2L7Hboe5NUFwLD\n8Ab0RCfgkM0U1MrPrBo2T3Vc2B6rGXD7naTgw8NVKPJ31X48f6bbb4D7q1bm1CXh\nQanVFxtjUehY+NQVkgdRmUi4OfFkbqbNeb1YIFOqUmblaDwv8/7dwvKzExmSg8Mh\nvKzh/d0G9BC49URDVUGlALAlYIuf786lj7kQRq6B992lakbOFL1itJ0zB4sK+WSF\nAgwDC9FRLmchgYQBD/9DAUyU96ITnQRg0tpQ4RbQ+GHTVNNLzdUm7jJKmTWj51Gd\nUNXfIYfnVIsSC/B1wqvzhjJZCrCKz1UxaIaof3NCHntwfy65WlhbQ/JDJOZOqcXW\nE+7X667Qbswlaxnm+q9M7jQ4xOuH9AYYY72ywIbKaBU2OYBu4wp3MiMbprHNtFbO\negSRLiZEhqrW4jlqk+it2jgyj3LOrRtCDawyxsL/1IOiOn1VtCFlYt37Uc04G5jA\nfvmSULaV8+lYpPh5EggqgEvyvtZulhps/P/anjj984tFvFcwx2eAoa1S1dh4MEVM\nps8Vw9zfwk3MUHIuzwuUtkQ6WxrvjDy3lJ1h/tv7NUu/aR4iFxBXkB94jyDepesC\nBRfyl+86O5ts11T6/1JrvsEqvFNJw5cE9BI0Og49tXdVjIxk7xgZr/JuIzdCQHvh\n48olCs9C9fxZLONeO2gRlWfIrpuO8JbImZzUNlfUpAGRCa36CAdN+FzqWrYwQNh+\nnQH1w+syD1SUN0CoDJDT5amCJopZXDXWhXOM+ZpRJT9mCYYIIekGgangbihpd7Cu\nWgP5kUynUYO3o59+wSmd4AKPMcXha1vPncK0C9ti1s+DkNn3jGf4lLO6eTLCUaq2\nrMDIwZdqSnX4fgFEBxIq2iFr566Mg0l9ROBBR+Z8vy3jt1JokNuJMihAT2EXadJc\nAb/duqW/n7WBS+6CrzjSufpekxgrCWoXxPKqgBUsiBI8bRfZlmhUX7IcnW3A8Eph\nnigzikigdcKsBxSAGwij1/ja71PoWhWkNxnRKVFnzxMvWzlHbkP48r+dvs0=\n=Vl69\n-----END PGP MESSAGE-----", "fp": "4BE7925262289B476DBBC17B76FD3810215AE097" } ], diff --git a/secrets/repo/wg.yaml b/secrets/repo/wg.yaml index 8380fa3..e23879d 100644 --- a/secrets/repo/wg.yaml +++ b/secrets/repo/wg.yaml @@ -54,170 +54,350 @@ sops: - recipient: age1s0vssf9fey2l456hucppzx2x58xep279nsdcglvkqm30sr9ht37s8rvpza enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXTGdxaHBJN1IxclRmNzRS - amQxMnQydnNsRnh4MU9Kb1lPbDdRKy9MdVZBCm55ay9aM3piRWQrbGhpalB5OFU1 - b001ZEh2dGwxY0dDSExwbmpFRUJvSWsKLS0tIHdZUGVnTUh0Ulo0eFZRZEVxNGNP - OTkxeHN0cGZvanZ3QzR3SzhkcklSQ1EKdgzK5MU0e+UeJ/5tgYV9AqYHLn/V93t1 - PCOwSQ9nheycRpENbi6LpRduc0fiPWjvVJfzMCIU2vLLFW92MjLpeA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmMStvY0tyMkZMeUhCaWdx + Ujd4K2JVRWhoRFFGT1B5TzliQjg0WTB3U3prCmNOd1NaRlc5SERpNERNWS9ZR2xY + MTZteUtaTjJKYUxmUGs1ZVZkc1IzT0kKLS0tIE1KbEZvcC9WQktTNDU0eEtDT25Y + cWYvMHEyeldQeXlLNFRCMTFOTWNsUWcKpjtPMgxtE5ngPU5qUavCtow3qI6k+2Kn + xp+eIdBNoIjS15me6Cyy27nmywCZvyGES+gwMsZ3SrEzHj3UzMLInw== -----END AGE ENCRYPTED FILE----- - recipient: age14sjyqch8tzqexk2gv0qgrrg09f0s6hvwhsgjac3vs6sc5rzgpcxsyqda6u enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxa25YZXVvMkxpV0VOQ05L - SWVLcHh3emZoOFMrVlI2NzlPaVRONHlEUFZzCm9US2VKSWI4YS80NmZoSVFNaHhw - NkJhVEpsU1hOVHViS2tuV1RhdWRTcmsKLS0tIGw0d0t4ajZTWHRWTmpOODQzMFQ1 - M092dHo4UWoyUysxcXM3REN0R05yMVUK88l1YrWP1fAqDK5cewmKnGleGZM94cLC - X5ebNMFFg4TjYFWkfuPvxPVDXe6c1d0kG5OD/4znuHgy4Cm7th4ZAw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1a0xkOFk0VTB3Q0NBZHhn + TGNBME9NS1ZWTVdIZkxjSXNvNHBmTHdtMm5VCjR2UHV2MWtjcS8yNGErZ25qK3lr + Z0RpcmFaNkZ0ZVRoUzdDQTJGMy8vdUEKLS0tIFMzbFNNY2RWUjlyWmxYQWF2TnRN + ZlNKUWtTS3ZCczdLSWpzajhYQW1iOWMK1rMh6p/y49G4+iOmv9XPKGQQVoLhRTAn + Mb4uyarFo7NYM6adwYE+mZGII9oo1FzBGXjV2eQtsBcdV9flpCS05w== -----END AGE ENCRYPTED FILE----- - recipient: age1g7atkxdlt4ymeh7v7aa2yzr2hq2qkvzrc4r49ugttm3n582ymv9qrmpk8d enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWYjNxUFNLSVhoY3NrcWJS - Tzd2R3l6UDZEOGZiSzlZenBQTlp2bmZsQkVnCjllRGovMkVDOEcydjdNdTNTZDdF - S29GbSsxd1JKc1JWdG4xSmgzUDZicWsKLS0tIEtpMkJiMnkyNGRwSWxjRHNUdFBB - UUFpUUNRdU9GcnNBSlRmUzN6UFAvaWMKjHC6TlaAGWF6YLC8B4hNaRWmfi5+4syx - jz8TE03yR+Y/ZSigodw6rTz5FD70qV2h2YTmTVgiXIxm9x9xc1rx9w== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0a1dodkJ3RjhvMGVlNDVY + TUt1S1cwRXBKNExRWUg0c1A1VzNzNm9IVGgwCndLV1NTOU05N2gwRnJwTFlSWTZV + R3VsaGVHdHQzeVo5V0oyMmJKV3hQTkEKLS0tIEhnT29nTVV3WWcwbEJhT24xcjNo + NTVEUStVZkI4R004ZExMbW9jd3BRWWcKC2MtzQ8KpOQO+P/oaNAEx3zkpbJQ/Mlc + rtUv0vavicH9rO+Wi3DPBSGSA0GHcQeZ+rCPsU9TZQCvvcEO+RtXiw== -----END AGE ENCRYPTED FILE----- - recipient: age1ly2endyt0y9xyddj6yuj4nw6fa3ltvzlvew4cr4lzs6dv8dkavpqadmyxx enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3TG9JT0dDbnlVVlNqamhW - dklMeFY4U1RkNFpPQTB2RHFHcFkzMnhBamdRClJlQkJPMS8xdnFYcWlYK2h2NU12 - Vlh3ZFg3cEtSQWdoQjJhOGRFNUNCWU0KLS0tIDEzRk5zOW1xN0RtWkg1Q2I1azBy - N1JpcFJjTU8rNlNSRGQyOGMySUJvaUUKNuH2uqQqpwQx84puS1qFXKf3n7wE3Bpc - Y+knCdSmOx6111qYqcwcOPQOiU6t37UKCrspW2eeQf0grjhx+DCH+Q== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBraHpyd1IxdWg3MTF3ZU4y + NC8rK0E0RU1HYTF5MFc1azU5TFU2dzFTV0E4CjVJbVJIcC8wUllEVmhUNEc1WEtS + Q0FvSlp3K1V5N1h5SytiYlVLaXlZYXcKLS0tIDBKWUdTZFpkcVdvSHJXL3ZYV1VS + aExZMWhXWGJ0V1hOVlRsT1FLcjBhU3MKm5ffniILsaJ0+zxAgLtkxGPdXwI/TTea + Cg77nJovnJCxpukCBZ0CXNi8DzPZipm9476qbCI4TrIPvomO7wXmow== -----END AGE ENCRYPTED FILE----- - recipient: age15klj4t7gpfp69472mne4ue62pp6m4e04dmjyw7yf30qtqd3vl3uqjmcyxm enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKaFdxOVNwV042TmozL3N4 - QzJsZTN6LzVQckg2YzdsbjFZMVZUS1Yzemk0CiszNkdURXlWZjZGL1lJaGwxa2tu - Wng1LzlVejluRTJ6VjErejc0eStoR1EKLS0tIDh2MVJZOWNOVitVTHJaYlRVaFh3 - eXYzS1J3dWljbFdlbHFvc0JKQmtSNXMK1lO1PaQZVwyxH7sfpkn8SjGiXUh5Q9v/ - LHlqqsM6P9wSQ4BNK14r7NsGO49R/FXfL1flKxvL6Cz35hnlqbstKA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWYWhDN1I5SUk5L2F6QWNp + d05uL0JIYTN1WGJtS21OS096dmx1ZWd6UWlJCkNVM0h1UkRQL0dkU1NPdGUwMmNI + eStiaDhQNVd1MTl5N1NOSkIxd3lMM0UKLS0tIFZtSXlhdk54aGNPVzBoWEk4U0Uw + K1dJNmdwRGxEeGVtNDgwQUREc3lLc3MKtDsnekEVfk5yxaXyDkNf/2j2mcOwgXTG + rEiC5jBNMTGnbpuw+l7LSFrb2LTM7UI43AJd8rv04ZDg2S1qdMaJLw== -----END AGE ENCRYPTED FILE----- - recipient: age1k73gy5em3js9zklnnkzp5hme9k04lny32fgahmzddknjw5c295asdyr4x6 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBsczc2R1BLenlLK2N5eW5H - Z2c2UlM2aVRZSlNGNkQxdmhqRjBLV2dLM1hzCklhdzNqL0FzRkNwejYyekxjU1pK - eXk5ZFRHditVQnh2dWhHZHhnR3FmOFkKLS0tIDZ3WXFGcWJIVmptQWJ4V1hSUnpO - VE8vMEM2d3hkVGlXY3VCTzBrNlFjY28KGKzigFQQTbBqI55NbEk/WTxZAp4/XDxE - U0/aTYjgH5KkwA91sCcJSuxi9bSfdEhtWj5t+7Rby5N99r0nBiYPCA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQZ1gySFNZTnp4U3hWSmlS + cFA1MEFhckRYQW82c1dQUHZITVIwV2NGSUM0CmJpbFFGQi9pMkZ4eW5BSFE0a3Jh + OEZjNHo1UUcvZGhXOG12c2xvVkExVkEKLS0tIHM2b1lDYkhoK1ZhRkwrcjY2V2Jy + NWo1bTk1SlVQVlNNbmN5ZmhjYUVES2MKd8hQL/DpwRd1ZDY2IiYt0eiR7iZn+dKY + 8fzdJgZQxVsgjJ/ABzPYh251p5DyWUOQutVrfAjAKtXPZ0EB/sSLNA== -----END AGE ENCRYPTED FILE----- - recipient: age1cmzh82q8k59yzceuuy2epmqu22g7m84gqvq056mhgehwpmvjadfsc3glc8 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1UU9FeEFkUjI2NFF2blFW - aVRSM3hnL09qNDhVMHl0eFRtYjZUYTkycTFFCmFsK0VNR0U1dEVaUEJNVGMxSDUz - YUFKbFBEZjhENmZYcHhSeXdGd1dxalEKLS0tIFl2Vll1K3UxTi9tcHErTFlTUVd6 - dmIwd3RNcW9ISlFHMm5PMnNKUDlrQmsKkQErB4yMrq1apJgGB/q6Q7fN3BQKNUtA - 12+YULNihaSfOLZsjE6TbNx4twMgcTzDy5zQDDMthrEKpmPUvhFsdg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBONktDMnU2ajBDRE0veGM2 + cjJTVlRMRHArc3docDdzdVBLRythNzV5eGk4Ck5SeVJ1Q3VYQm1zOHdFYWlrQW1U + YXpJdjdlSGJsaXNGdWRTUjZnOXFkdlUKLS0tIDJZZ0tOdTVQUVZLYUI5SUpKUGVi + dDZ1dVgyWU1BU0cyQmgwNXlHWTEzNUEKmniqWiQd4KiwpV1P9fC9Iwd5ml/uO41k + GuEl8wrjYbjHN65lLpP3LW1g1nIQlgFy3KN9IyUoSqhZBxRmUTBrKA== -----END AGE ENCRYPTED FILE----- - recipient: age1wmx8y2hs83j2u5srdnfxljrzxm8jtxl6fr0mq7xf2ldxyglpzf2qq89rpx enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNcFVtbmFRVVJoTlQzU2FB - NDRDZEVMWXRkUUhkMDJFWE9HcUVES3NsRVV3Ck8vN2JhWDMrMEkxRlBEdk85NTZF - eDRSaVA2bUwxdGcrNkpWazlQaTlGYWsKLS0tIHRtSHI4UjFWTmpMRUlsV2J0QmF1 - bmoxOW5EUkJnbFZ6TnY3SVoyUVdtVUUK1ru3L0W8XRggXBdiCEE/qII+eyL6Qqgh - NQPpd6sEb/4nGDI8gLyvBB3DGLsrXAxUtauVfmMctJiSndZ1Je5y9w== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRUThtdGkzbnFjWHlGYmRu + cmo3MWltSDZBSmV6SEZGSUZpc2NleVhTR3hRClZCQmpSM04vSERWV0lpRGNCV3RJ + elNNVnlRb2xRWGpiTWFEQlFKMmsvVzAKLS0tIEpSdE9XQUJpblRXWDFmcGFCMG5W + RTNKUnJxVC9ScklsaGYyaFVwQjF6eXMK5bQCG7YD0VzoGrgRTOlxqZXk1DSOVKG8 + tWVz6PPrY8/hI5UijDPl2Pa9Wqhf21DdfHxDqv5uEdbaKOZND1uT0w== -----END AGE ENCRYPTED FILE----- - recipient: age1mjgw3nxlnqdj04mgjz3wn7fj2nl2nxla4p2r2fn4nkvayfgp09pqllxzyh enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNVS9xamRPK0IyelBMbG55 - Rjlmb3VZRHBYcEZFK1I5ZnJWZ1JFV3NMMWkwCkNWV29XS3Mrb2xVdHdWUU9aVTdO - TWlNMTBZRUpOSzltUHlYZ2tXS1JsQVUKLS0tIE1nTW9ZdEQrMUFCd0YrWVRzVEtI - NlpJR2xjTFRWSGRxU3QxN29kbVR3cE0KgMHIfv8cf9oa9wsusihkSkb/PUCJCzyv - zK54JkBBUq1nVcDkaElPmJGa2P2+w63a7bvGnMWeHtzTEqQL+WvL8w== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVR3dVN1ZvaDZIdmZJa2RC + QTdqa2RqVWIxcUFGd01hSmJrNmE1c2ZPQ1hRCnB6QzJuSFh3aGhac2FTV2d3aDhx + MUxPL1dVMml1YmFQUkgwbmd5T2I0bkEKLS0tIG9CS24zc3ZpQnpqb0FFY3kwYkZQ + bWlJelN0WGFVOGN3SnlZU0dOMWRGa1UKMUCWpiEM94lUi4Ne/qgIbzZijZa35yTF + /JLO3AGYqHq8gLT/u6PrvwgUadAjcw+zuehPJhMA/DLMtcCXr3tQ9g== -----END AGE ENCRYPTED FILE----- - recipient: age16vzhcvz8tyxj8e0f47fy0z4p3dsg0ak4vl52ut3l07a0tz465cxslmhevl enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3bXZYTllvbzZ4Yk9XMThv - ZzFxUG9LODliQlc2WU96MFRsYmdBMCs2SW1NCmdVamN1V0Ryak9rTEp6NVllcjBF - NVhsKzFCNjFwL1BidzJwSVhzZTFva2sKLS0tIEs5OU5aODRId3FhYWd1ZGpuRGIz - UWRMaGNHTTRhcEtoaWRRMmY1UmFXYU0KkEOYHQJ5RXlmmfm9NEccfL6Y84TuvVGm - dt2WprGx5vRKA1Vf/xqjF8o52FHOIhbUQ2fAoT5ICPLBn/UHPTGggQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2L2ZFZDdlYitsNkcwQ3ov + ZWE5NjNOS2pyT2tEWmJUMytWRUpDdkJCMmdzCjZpSVcwcUUxR2pWTEFqV2dlRitF + enNmQlYzMm5tdGhKNVZJRCsxa0x6WFUKLS0tIDdCZmJaN29wL1FYYnRHaStnQmE0 + aVl5WTcxcUduMHk4OWxPdHNQekxnL1EKQL71hnTBQu2c8N0uz9Joa4IeIFazyZZg + v9+zsNd0UJ9KpI4uaztJYeSZcaCpncC7kLFhewiPVUdZHRBC2JiGtg== -----END AGE ENCRYPTED FILE----- - recipient: age15cx90pnp54xp5gxlt02yn9j2pz968wp3l5ukdkx55xuecp34e5pszjku4m enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxSnpMNE55NVhjbnkzRENQ - SHJSQTE1TGtOeEo2RnZrOTgwek5XM2RTUTNNCk9wczlrN3M0U0lwZEgzVHdJSmVZ - elpUaUpXczZmbVgxUG9EbU9pMVFJY0UKLS0tIEVsb1RBOEo4elVyU1N2ZEtpazBC - Q3dHZlZDYUU5dzF5OFVZdmhIM01jNjgKRH6qY1LB0B/njR+5CHREGuJHhzNgWoOV - 0dbBOvEzBsaoPDwddn99gttM7A9IZwF/YGSP4paFZvI0Rg4uP7WT1A== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4UHR3bVZFd2tNQ05WQmc2 + K3ZxVzlIdDBpN0tPWXNRZkk0Vk9qME1rVFFFCjd3TUtxWFRqSFpCSC9YcjlmOUJl + WE9NMTBlU3dhZkVrcE5ma3RjZ1F4RWcKLS0tIHdVcE1mZXNNcHBqZG5yaTU0V1hH + V0tNdXArZUh3YjNmNDh5VW1UcFV3N1EKsIYXK7Lp8Apen8q//00mIbqJqpiPB7Bo + GzHr42K5i0vthtAIabMSCpm+p5WDnjrGWVsb8SAPArufljmIx1Sy0Q== -----END AGE ENCRYPTED FILE----- - recipient: age18quey88vge7xytclg2nuq4ncme86dg04lxwczqxczmdchnjg3p0saehsnh enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBrTVNOMG9WT0c2RnRqYnk1 - aldzcnU1Z01yNU1MK3lpWnh3TXo3d0h5TWdJCjBVc0NPU3FVTjdwWXlCNzlCVDVp - bXVCSHJhNnpaQzFrU3d2R1hsbm5yN3MKLS0tIDVVZDgxZGxlWGUwZk1ZQTNXcDZB - c3U4WktWOHdDY3oreUttdEdRd2R3bGsKHKqX70YgYDmXTjA3hvgrp3v6WFrhkruq - hEmOwXvTHvyBxbHJ1iP28fZ4sv/IK3KHm++0PNdg07zai84hVTnrCA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBidE5tRTY4Vis0TzBoQ0hm + Y0JSdTR5NkJrSm5MTXNuWFVSMmN3VXkxaTEwCnlqV1dlcDhvNkNzOERmQ21MeW5L + WjZGSG1nWmNXTnpQWkF2d1VoaFFHNncKLS0tIFVST0hsYVkvWUtGemttYS9QNENC + Z2VwU0MySUNHS01MckFaQTNSbzh0emMK+Bz6Sj0d25ss9e0KzknViUMU3NTyAno4 + 3usUsco42NKMtJhwbq94oY0g+W400EjwRhOBmCHB0symaXb47V2RtQ== -----END AGE ENCRYPTED FILE----- - recipient: age1ax5hqk6e2ekgfx5u7pl8ayc3vvhrehyvtvf07llaxhs5azpnny0qpltrns enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWMGc5amJ3M1ZrQ2c1VHNM - QVZ1b0RRNnRiaEJBcHMzVmJpZmtCeE43OHdvCjV4RStQWndEVi96Y1dkS2EwcklV - MHlpQ0doaTN4NFR2MTlYai8welFob0kKLS0tIE41NDI4K1U4SXowRUM2RmZCWk10 - RCt1R1BsSWVhNjMvNmxPWDl3R2prdzAKpC9xwpWrTtFxLkGm5EjZgM1e6r/yeo41 - saskc5tFRTtnr3X4VlegLEqcW3dtOr4nd3kFuEDewBhNziHLPH30EQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxRGpmWm56a0VoRVdLSEd0 + eXhHdzNVOTlqRzdnQWJJekRMejlFNmR5MDA0CklKSHJ6Rnp2SlFraVVKK3d3OGN6 + bUFZREhHVFVFODlmMEVjLy92YXhFU28KLS0tIHAzcWo2TGpCaHBaMGpsUm5WeXd6 + Yi9GSEV6TWtvaHBzTWRnY1VOOFVkYTAK/Mi+A9obMlnOPk1ye0XVtvTS/Rvtff5y + /chhPVz5GbQWifIJPQt46mJHBVEPrk8QXduFLa7RT8qhD77piecj7g== -----END AGE ENCRYPTED FILE----- - recipient: age1c2enwel9un28dcs4wg0vcyamx9a4a6g3walkhu8w5lqhmd804paq9d24as enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1dFN6UHhtaVpHUkwvKytI - Rk0xNkJiMm9TRjlHdWRBYVNRdUpCc2pSbUVrCk14Y1FmM2FQZ1M0QU1lWUxPdlBw - ZGFsb0luNmsrWTQrRzcvZllqRVBXOUEKLS0tIDRVaFZ2Y2tWNW9WcGRZMjZKM0Jh - K3FpUU5qamoxRitwRkVoWEQ3SjNLNFkKE4IqY685vdr+UADGr+t6G9G8M2uTpBH4 - Md1SIAXcXqbNNZbRDNNdHIJ3BuzDhRx1riR+chSkeL7n9ebUHg19ZA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYWERheVg5OEh2Q3g5eHph + REQ4cVREWmx4TkVvemtwWldQR20xTHRJUERJClhwd0ZVMEkxcWI0WmNDZEM5RWtp + aUR2Rytic1lhQ1pkUVMvdnluUUpiaXMKLS0tIC9vRi82V0pMeGR4Z3loMWt5U1Qw + U1ZvTjRvdzBMdUpzVkw4aW1uM1RGTmsKKoXRH5xUvYrU6rjGFjFvebbjvg5cKHR/ + vAls1XYnJkqDWeznK3Yelz/zB3zM1V3QWR4GIwvrykKoeyFtqG/hlw== -----END AGE ENCRYPTED FILE----- - recipient: age1nanlervuderw4qskcuessycqy2yfmptl6nym9scgp9ky2265ssmq3u73r0 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmODBwY3VIZEpZaEM2YXdk - NHNXVmxUbG1oSGtya0ZpUHdDbWc3MFhuVFhNCnpHdmIvZWFJNjhZV2JxTWlQeWZl - S0lPRHVYS3JUUXVlNloybGk5N1RFWTgKLS0tIGhibE5SR01UaGlibE9laW9ZVUtH - UGdac2FHOVNIL0dKZVMzcC9USEVDT00KC0h8U+SZhHoTUoMBpQ1CwGJXYRa10SNu - JmgwuX9KPWlrxJUre7NtSnsFNQOmSr3uThYLs6HpclBB7/NEDJpywg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2MjhtaUJQQjdmdGpiSmJS + b3NTcHgyOU5SaUJqYWkwRnd5L282UjhtZG13ClJSM2xHeUY5RVB3VWxpb3NLN0Zv + NnVNNXJ6WWRSSjFBVVljcHhIS2dRU0UKLS0tIERJQ240QWpzYmtDdDlzN01RQzVa + Tmw1b2FUTXRTRzcrZ0F1dlREMENRSWMKpGeNTOWF9DWMzWoiaEE3o2OnxdF7QfID + 1hLIbV9Q7qojICZYEcWiogNbwJ8tfToTJMDf0X3ihKbDbw9pXRhtpw== + -----END AGE ENCRYPTED FILE----- + - recipient: age1kyue7mfvzuxprjz2g6ulz2mxlr57rgzg6lfpnrqedkelehley5ls3enwsd + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAyQm53QW9RaWN0dFk2TnZn + YTJUaHJOeUhnNWFsZDU5MnB5SE1nUGR4a3pJCmZyVUlxWEpkd3d2eDhRZUhrNlVG + dTlxZCt5azBlWEpmUjc0bHFibU5zeDAKLS0tIG5XZ0FYSitlTkorOTFIQTc0YmR4 + WFRaZHptV25oak9ySDJENUxUSGNTY1UKniLC2bVFNiHlWeOgFDmiUJSIp+a9nQp/ + gOZrbsca3TGmWH6JeQUuwksAlu5Sd7ka1Z1KG6kluXLwWqt0m0N+hg== + -----END AGE ENCRYPTED FILE----- + - recipient: age1qpgj3ell93rzkpjq0ezs6t669ds3nyxx67pj50smx597pspz6fqs4jc6pt + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBjZk1STVlRaXBjcUdzK2Jt + b2JwVk5Hejh3MFovM1RHWlhMTitkd082WTBrCnI0MGtrK0JhT3BtTkVIdGozbjlj + OVF4bnBSNjFSeXQ3ekxMdERvRC9GcGcKLS0tIFkyNkZoc2JNcmpUa0JpdkZleU4r + WnRvcWZnQXVTUjd1d05mektIUEVPaGMKI8fau7+U9voSaSJ0lepWK20Hv2sXPJrN + eUiXSQo4rzDnXjf0GA37oIr0Sn4bNa7MSRuG5Zya7bjvuRaOMjbHLw== + -----END AGE ENCRYPTED FILE----- + - recipient: age1f63r2klnpfxmntswz5xydpa75ckgjqcs2yzkm0msqwqgz9aqgu0qwzr659 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxT3BzQS9YSEN2WEZqZlNL + dTVuWGdNS0p0eHJQWDM1VVhSR3VMNkJ2cGxFCmRxWlRtSE1ZWTlOcDVueDJ3WUtM + YVVkb3RreFU2MEYwczd5bHphNk1YOVkKLS0tIE5QbWFodEViYU03dG5uMkpSSno0 + amlXVnRPZDBXa3kwVFByS2tsOFlxZ0UKdhnvEbLutZxslCuJMA1MPyjTZTBAYq6F + l6q27sIWPi+1BCh2ge+spk1H4H1jzNjFXhebYyy/IX0La9lKwU8wAA== + -----END AGE ENCRYPTED FILE----- + - recipient: age17328xwk0z3znalpmma5rvp0lt5ghn5p8xfvnrtdxwsw80dqysacqj9j37q + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2NERCMnlFVjd2OVl0allB + b29UWlYvRjNGWjJhMmFMNzljUkNKNDcwd2lNCjZDVmQ2ODRPNWFWcFIrK2FQYlJq + VHEzN2MyeWFCOVc5K0M2cGZlbytSOTQKLS0tIDhTb3NtcUJoa25yL2tiWHZxTU84 + RUNQemFWcXdZNVRqTnErNG9hZXNlYlUKbwIszuH6/gy7sk2nen2A/JzpmxuGH719 + h/OBRVcRK5TnjsCylyK5hhRUDsl1P2A8HIGBvoIRstVAJrDFw0eCZg== + -----END AGE ENCRYPTED FILE----- + - recipient: age1qdzkn6v3xhrfjwe8jxz3945dhyyhevwal0narjtr8whf9y7nh3wsn524u5 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhSmdQR2JXbnVFSzRwb2t1 + Y2poYnhQMUwyRkVzK3RqN05sZHFhanpKcEZVClJhY3BFTHcwbFJ0WC9rZ3ZWcmVu + emNPTmFFNlFOcXBYaEVMRDJYTTRLZ1kKLS0tIHpSQjVaZy9CSmd0TUgrZnVnRzlS + Rmo5UGlFam5rNVN4Ym5ZR3VNdkdlb2cKk44TcU4qNtrSbC29ipK93RF38Tn+Qbzi + ctjQsuhipYc/2FLvsVLUdg605MDWjs7SX5owjMBRVxeKJJH50fIglA== + -----END AGE ENCRYPTED FILE----- + - recipient: age1etgfym5m8hn3hxs6cgg757zcv5zg5n22wq38fuq59n7qk7nef5uqyg6vvs + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhTVJSZXVUNFhhaWpFR0U1 + d25Jd0tLQmlYTDNna1U5MzRLQ2pFL0FKWGlvCnNQeGhaYldmeEpkY2tRVVgrYU1G + bm50QzhOaml3Uk9yai8yekNDcmE0Zm8KLS0tIExUM2dVQUxKWjV1Vm5CZUlSMDQ0 + aXlaWTRTQUllK2c1N2I5bUhVcE92Qm8KkVGWocNrywzxwuUVFsNKn7FiqU2FiY/5 + zb0KxYOWOORu+B1jQMI5Hocb67kIx4CEkbCL9bxsCq1qZS+RBRkeUw== + -----END AGE ENCRYPTED FILE----- + - recipient: age17mugmkdw0y768a3huuf37r45eff9apyknxvwk3agg6xzsjmqp96q57tcty + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzbXJwU01pTm8zZStpb1F2 + b3BhZW95UER1T3hYeHlLekZ1NExuSWx4cWw0CjlpYWVFR1QzVU8ra1hJeFNXRlhK + ZXhnMzk5RHlaT1JHQkUzZEVQMko4aHcKLS0tIHNTYlowRWUyWHF1MzJud0FpN1Fi + Q2s3dzhVSGplVmlRRE5YcGM5SmdZR1kKn7tLO1863OUl/ZK1x7saGZshMoCq0YxI + AA96lgZ6/rfA65O+bNbk6VxeYY6WAH2pDEIlS5ePK7o17ishrw2dlg== + -----END AGE ENCRYPTED FILE----- + - recipient: age16gf76uustmyyksm3t56zcq9g6j8avy0wrngh8laknfq733s5welqedeg4x + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBsazY3aTZjSkxtYXN1bzBE + cHdOOFdlZzhlVHJ2WW5WV1ZESEVxZWFuM21jCmwyTjlRRFRkNWtOV2tUMjhuZmJE + UHMzckhCOWg5N0ZSRmViOHFzN3FmTWcKLS0tIFVJa0FnWGd6NU5haVJ6VHpRSjVn + OWM0SmhHYjV4UGQ3TlBGcmMrWUxTYUUKiiNBrlTee7QixXS5UtyMd7cQY9fJKO37 + ficDdGDwajdbkk/Lul8ynmeDykwS9ZijCCRnGW8PBM5Eck+oaRNDeg== + -----END AGE ENCRYPTED FILE----- + - recipient: age1fnvlmhzju0yq908xtgags0sy85q3tacl2sc3w3vdd3yfp27xv5aq06v948 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSByaTBSS0d1ekFlZXM0Y0Fu + NXNXQlI3QnprTVo2b2pnWVlkSFlidGRPbGlRCk1mSHJXZEwzVzRIOHN0VVp4cUhN + SS9lWnN3bklJWHNMTytWTlBUVy92b1UKLS0tIDRDWUpjeU1sTnVKTlg5Vi9YY3NI + YkZKYWpYdG55WW1rUTUrVzd1alczd1UKgJ+DtAEhqD3VusfyW4VdQ1TILEku5nGo + FGVoAD+lpiDX2ADtg7SqDzPyVdJYSowZJrVOXDuG9rK+RpDB0QPc4g== + -----END AGE ENCRYPTED FILE----- + - recipient: age1s5gcxtatd9frwctzwg54fqycsx2sa73ll36k7qrpm9wwyknkldtst90gn4 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4Q2RCWTV4MFFKUnR3VUsy + VFo2Vnh3bXd5MFJzWVp3dVlmdVhnT3NKeFZ3CllSQi9wNGI4QnBybC9acjIzM0hp + dkpuS3FCYWhxNWEyR096VDdMTzVCTG8KLS0tIGJaYjUvQWNlRzdra1F4cTkwdXBl + OVFnajZpS08rc3ZEOW5ndlV6bGRnUmsKm6TDNN5ieagZmOX4nUAKWNICa4m07ZNo + +JygTSszWE0ziEl3pCQChpPhhHUHy6QoW+gLCjn7PQB+TX6HAB4zYA== + -----END AGE ENCRYPTED FILE----- + - recipient: age1d89878cvt7wsa07ydwtexspku5gppwstrpnpph4ufx5pcd4fadyqgf6lvl + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1bER2ZzhzZ0xvbklDaHpC + N3ljUnl6VTh2MlB4d3lrb0lPcmZIcTZ4WkdjCktFcHJmd00rK1c1eUwxYmdGWWZC + OTFldlFKYU1Pcng5cXpCZ0hmVlJHcnMKLS0tIDMrT2V1ZkRFbXVYekQzQmZ3TWFY + WGMraFpYelFIdmNlanVJWUVINW9McmcKawxuuc7q8u7CmBpWlLph9SX8ZwKju7PZ + zlGQYsJensouHafNrZY+seDRdQhmRSJrq2ubsfs/x+7iyChdu3t/Lg== + -----END AGE ENCRYPTED FILE----- + - recipient: age1ayupuxlrkepyvjk7xwgrd0pvcj3tfcha688mcuc8ees2hg3g2ersd0q3nc + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPTnNoZDRldzhUNzJxUHhD + QkowRGxxRGZ1dUhYbUp0Nkc3TzN1WkU3NzFVClM4Y1g1NmhpcnIvd1pJWHJoVnk0 + ZkdySHlXUXRPUjBKYWVRWXFNTjVHR2sKLS0tIFA5a2FuNUZ3emtxeGpXcS8ydlUx + WEl4TGNOWXBVZ3JRamVpT2ZvMmZiTW8KlS31pRTd728VrLYgqTI6876jzCinyTyO + K5n0EjAYSMIDLAzznA3F9MvW5Bs0peUQ1uWKglp1UH0dBggG0dd3ag== + -----END AGE ENCRYPTED FILE----- + - recipient: age1cq7wxnugpfvjk6dgqpfmc8vemzhkg75drkgeaqjd9fuylz5qh40slazr4u + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXdDdEYXVWK2FPeEh3MUJR + WDUrMGNGR2lNcThLWU1uejVCNWlHNU81UkdnClJBRzgwU0FROUZmUkdOUUFFQjl1 + a2ZNQ1c5RmduVjNCRVM0ZE1TV1lFNFEKLS0tIGlyTHF6Zm5hY1BuVlVSVE1ucnV4 + bFVaT1BmQnM4WG9ER084TmVQbEJ2NTgKTW1m08X9hSgQ1F6lKiRE3sSZtKMdk6ps + OTBSMmnjTD82H02MnGLpcYzADERzI3cjZnJ1jObq2OmK0GlJx9TCoQ== + -----END AGE ENCRYPTED FILE----- + - recipient: age1vn6ya0japzpgc256jg57fldsqe4udmq50sj5hmkywn7rxfnskevsx2q96u + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBpU1U4VWJqVXhNbGU0SXJh + dzRRRjBUeHM2cGtURzlML3dLRkVreC9OVXowCjMxR0QzL0dPbS8yUVprMFNFYWFk + YXBaTlVRUUg0emVwK3pnamlRRkdxN0EKLS0tIG9MTEl1RktkdWRFSkVPY2UralQv + SlVsUGtobGpCcXkycWRhK3MrTm82NncKKfEymPS56iNlRyQRuDIfYt0uQmCDZ3tZ + 3A8It3gPcWVCP0xm9Jq1Fc759EzmiCkuJwgenI7iDepAwB35zU62CA== + -----END AGE ENCRYPTED FILE----- + - recipient: age1t7zagjfddns4yltupk7nx8xps4gh7mupyz85uuys0wd22cxj5qsq2hw0p7 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBqazhoWVY4MWI2TTBKdGhW + dnF3T0JNMzlrZnd0SHdDQzdjN0RQNEIyWUNNCnRaamJyOHd4VnlGTWhsTHdJTGlx + R0NUZ3RsU0tic0ZRNjB1WVMxL3lvTlkKLS0tIEtwbTlZSDVGWkp0V2Naa2I2ZVB0 + WW1xTVlHczR1NkpyN3VvNUF6cjAxdlkKXN85aBzWwm90CgwcaK8KWbYxTKc0ZhQt + adZY00ohE740VN00wrt1GGoVNxSk6fTcFZzHUR61rJHuRqu9CKDv3A== + -----END AGE ENCRYPTED FILE----- + - recipient: age1rn0pxluh7m8dyeshek06d7scejqlrcewlk8xmyrwt5e5nev2dc2s3s78vq + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzbWFDY3U1K1VIcjlOYitW + cmUwVkVmcitTYmE4S3g0MHNxWmUxZmIwRjBZCnhOdWdqbmtSV2lORmJrMzBCZmZ6 + S1Fja2tUMHA5bzB3Ky9sZW1wcFZJbjgKLS0tIDFvazR1R3pCQkY1a2xWK0JWak5B + TU5FWFJSYnBzdUdrOWhKekgxQ0tPZDAKAaAlXcQW3g5/AQ+LzuYxOml4BmfbMKrx + tJIeajT86J5YvpDl6fiy2Nu6WYGXmcTidUAZd/RQO7fjXgEOZgktMw== + -----END AGE ENCRYPTED FILE----- + - recipient: age12jh5836w3cmazec8ql652p9h3a3xn6quztztzqxg4n0kz7r96dnqqlhxxw + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAyblkvTUVweFJaM2hZMHBp + R3FUOFRkWTQyWFJmNW5nMU5YZXJzeXl2b0VvCjdLTE0xZFgxTW9tb0hBY2lxWkVM + U1hPMXFCQTlvRElFN0V5ellSdlFBNXcKLS0tIHd4WmNtM0NnZUNHZVJteURxWm91 + QnltSFFrdzh3U3pWdFpib0ZXWkFYUWMKFcWBVrkonmjB3xumCO4epUIUudPwuiCM + pJHdBeENCH4U5p11g8kLPNPWrjcegnhDK/KlCO/pAhw/SK7z9e87tw== + -----END AGE ENCRYPTED FILE----- + - recipient: age1gxg2peektn8x36kk3nsgmeawl73e54kaadqd649ygwrv43kkvejq2cw64z + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBiWjRTd2wxVE9DaEE0dWdF + Y0RXVkxxbVp5Vi8vdi9DNTJQbEpJalRDUGdZClg2QjJTT0p3MXJjWmJ2SzhJRDZz + UnVxSkpZelNFZ0xOS0R1bDN6cEs5RG8KLS0tIGt0RXFDQTh6TmhQNXJOQk1YNURq + Q3VscHpPSlNXVnVnNjVZazdEejJDWGMK4bU76DcN4QbI+KgvKCUNzrDjTQTm+PhP + WHvkRfFIup0RnZuORwi07qYnLsF+DK4sQxRcN0XMunq1RWpPLFMKFg== + -----END AGE ENCRYPTED FILE----- + - recipient: age1kn34ny229gm0rg7wlcvxmcyjtz4gka6f2vd958fde6vmuzrxcvcsufra90 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5UmMvVjdQL25ib25rTW92 + ajU0RnF6UzY0UTNnQ29HS2VtQUJ2OXc3UkJBClNmbTFOYUdmUEYwZUhwYkVpb3po + bnVGZEk3ckpHVjJIR1VZN0tzK0hoUjAKLS0tIGtzOUFSZVhyaFNZYjJwL0Q2VXJa + YlRBRGhUcU1oRENMcldlWDMwZkRXQWcK6r5ezG1hXO5PkW6ymoTGtIVq2b7ZswuD + M8KAJNMrj414TfTVcOWxj8JZ6kcPx/W+wflBT44ueshpwUS1yfOoOA== + -----END AGE ENCRYPTED FILE----- + - recipient: age1y69f2elvmq39lc3t3ucq9y7wt675520n7rvug88qg368qsmmk47qvwrtny + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBnZnFETU9OSEdwd0FmWEF3 + b1VtT3lMbld5WFM2TU9VOFM0V2ZoN0l6aHlRCkNhN2x0RitMUFRXZXEzUjkyeEZE + STladUViVWhkclRmclYxOGY3UitDaWMKLS0tIFRxbkdSNWdXbldSaWJyTEtkWkxR + akVFZjBGY1U3Tjlac2RXWVBpdENQZUkK5duYbs6aaVmAl2lCOuBlkd5MKnSTCTux + IBexcfLJXBw22GHE7GiDoFcMY1yAblXZlCOHOk8WMYDRUI5KVFgm0Q== -----END AGE ENCRYPTED FILE----- lastmodified: "2026-01-10T01:51:28Z" mac: ENC[AES256_GCM,data:iC+mSzhxPTvG/ZUNkgtp26EGTU/GJoUZH9ZOD27rKsu+uKuORb1dmys6jEdw2UYgziQ+mF49Vkrw/82rgw5npaaCXsZbDOpiHRoNMtVCG+734FKK0a1NqJbEZe4iChX8icXlQqlayMdsYnP1IFTiu/xouL58PKLqNTm7wexL91A=,iv:gXkmuc0bYRS2blLkzoHMdGXA/1GFh7LmLi3L+Vr9/rY=,tag:n4kNdcMaZM/BCT1ajvdCLA==,type:str] pgp: - - created_at: "2026-01-10T00:52:59Z" + - created_at: "2026-01-12T22:05:09Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAwDh3VI7VctTARAA3QJGg6Y0j0Q0/UiejpfoqWZMCmiRk8CHP6IHJhQDm5Kt - VVg8Z1wZC6+B6lDqW6rUWgCktJRYp5CLFKFIJNjcOpWU8UnyV9XKzRiGs6L8tfpI - MeQEPrjJ32CsU3+Lj2ciKJcMzaaRwBsQLofPu+c3Rl42uRIjVnDD8rKcFmZeSfk5 - mrms8XMeJW8yPlEfFcfgfHn+a2U6jDMVhlBJaMkolc4FYwbNhHxJwSgAn/SDjQAi - fdkL2zbd2fcWk49C8o6Fo6WBWDj+9Zs3iXp7ee53POXwdqG/KdTR7a1p9nFpfZ6o - hb7c8yW0eEafFP66ZMapLfE4K/0WSbWyutHyQ6Av+aZ1YxDwqts6kw17g5XCLAr6 - MfT7RI4ZYJKGDSM+d3sBekHYLEQi/OpdzK5Zo8Eukkfjd2eHqO+dCSAbc1vp/ZV/ - rhRCDhRwzxSoTxhJa46TekR1X7tMDL4edRHfdn3grauTtFlTygn3ooRBS2GKPWpV - kvbfWrZKHpPQkBnx7UYwZMFesuS+V9nGGMy26wf39N2m8ZWeLbroUHxPeXNRBgJm - 5c9rBZRNDzovh/80f4iFiuyJ0s47nhW7Eq7VNrgb5JFgGO8t3iVaQPtLEqLuzHk5 - uUEFmv7bfsuuUFDhimZElBbYDekdwqNmYa7dbbk4CkOM+ooUs3EREXmjJll5OQqF - AgwDC9FRLmchgYQBD/wOMPPiRB+lsBcIbuKaRsSZlNYLjY9WTFYph4jq5wJtaQyZ - gsmHp8D3I8rMfLJmKtwHSjylOFnjeUaX8BwAXJPn1KYU3PYQKQrvHWPrb2TAdKUZ - h0jP1nG9d9YAi38hXrtYa+KKWvjS0yHIoIbAjOa+LIHU7Ro+RusY+mL4F49q4lxD - 5jdBQBVNBk15QsYklmUi87n/HNoP6+q7rqXlcL7qbRC7ZYnGMmcbnbIqzg8DhIUO - EGLwjY6fw7n0gaHOgSSi6ZKl8ZrU/zbVr0PP+o/Nm3ySaaJ/IZQm5p10V9UDfZW2 - mNi8hf9lkX6nx/+f8Upvi8B7I0pqgm41vQaffZHbBPdDSqeFnwmb57KJQ+QA/vTZ - WRfUF22uXOaRk00UM0mcJUf/HGW+qIVzS0iMm5Xh9+5rPK8x5QYLwUT+QLL7NWSx - g6hgtf0m6w8uF/ah6CZlfpghv15MqEschpg6Lv0hSfwX70l639QAfeAzptaFrItq - Dv9qci0G7yhx1AQp7YkkvOsCaprJe/2WwNqi85iCAhr7zqd9ZGTh8x3snsV0wj4V - 9V+91RCDcaPRyKBV2Al+oKcyFVhnyWm6GVijgqj0wh7tpgHKVx1XmvoAG5mZRR72 - P5l+8913eYllVg+wX756+b824zRtJF9KB0m+mlUvZxRrdq48qSoCZDfTYunyG9Je - AQ4SPPXKjJWnT4BuRP9DoE0Rnn93G7pg0kHutoto6da7k8NcmKyvrxPSNo+DdbPD - hdle6NfeAsZ6lyvf0Mbi5bUI72ykkKq15GeuUcs1g/5e2OCPpM6jFz9Fwf2CRw== - =kWQ8 + hQIMAwDh3VI7VctTAQ//UiWR3ycyze5KjCHhc438L7llQvficbLLy3FZmZF2YWeI + Xb7L01J5pZU4un1qKfdeXBB/L+AQgjhCYwQ/pbHiDxD8CxW+xbjuS2rVlVDEb5SU + XM8GZSmwe4ROcpeILp9w0hj7xlE8w4odrV9gi3LLubfAc4DhPm248d8fTcf2lbBu + goN9rPodN131uBUg4evwYCvtPXthGXfVYCk507WBKI2hG5S7nCc386p4XOLBLlsC + 0OLIOGDCuzRVz1ZA2JH8PVL4hsA/CrzDIxMWoRraXsardj6potjdx0B8hYG1p+Td + l3cqiERHyCz2yn7Z5CRP0+okFYojeWrImmiM7AxM0XhHV/1MCXe8EJyFiUlkIvJv + oYqZSn8I9kbdT97zPBCDvoe+OxH3v9m5dbihQjlhy5Q8ePrzQczkiaGjsJ859VZS + sfe+siKU+QMgpw1dw7Y0I3kRXz5iMJxpqP40Yn9rgb0wUfNPuMY9Of/Z7vry0Igu + /ZvDUwuqaYdJiSF2sYXyU58vv5TkjGL5/tCuFFJ7upEcj7DMG8a3VWZ9vzUMxI9B + ZYmMgmiavy/xgIzG65mfQ/ujCei7PVgdQvb/Q8sSG7OSaz6Zkuhv31uB53F4Eveq + exKzH3QGwPraQWs9E3z+W1n4mx/bCfRHSd1Qjmqz9NPi/ZuQFXM8OvEMUvpQlZKF + AgwDC9FRLmchgYQBD/9Ui2QDbI8aKSgOutalaPUxZpGDJFgfHeHNZAT0/ptZyZ1K + Q/ik7PcxvZTgsaXd0rm8tC39MJqfmKz/tZ6pEXCerqBeTDB69QRNw9Ov1ov2ygdl + pKSq7lQoCM/lFyc1YLZRKDm66JuxUTMddBhJM5bkprzUKwxjvEZbriUfdwYSmAMU + pshiaiG4MuKXJob8XuhHWorU+tQ7iImZpt0PhZdYmSj0krqsugbBgKr+H10tsuyX + G7zrU0lO/JzapXjll5a+GKJs+8p+0TV5M8WvIoZhNsjEI2WVqTzl+6ufVmDFJL2E + DSs0okk9Iw99B7KD8J94lmODgri0dpqWA4gfEwt2p5VQdEwFLn3JDqp7tH7EpTI5 + bVfqSMRJJI/hJ5dtPd31BUi2DJywKRUIsxsowdWQOxgPqFF4rQ5wK1cI3Fr7eRi1 + 0HRYhrm4LUcAFAS8Jvx8v3Nkr2eB7vJ21ZfOx4EKeenvI5pc7NUxK/hnI0/DmZAj + +4xxiKyJQD6JcE7s8rubz/YCzI5Q4cWJlbXvIdHJNBddoJU6ButylawoQGP5ld6a + wST6Xo9QNuCboMHEgP4KbjYs3JTp8RpT9lN2HBT/lRyQzRA2QbV6JSTHfKwAVGXI + +tkN4xdZT40gkPHc2l/ljbqQT96QvQwdBLZyUdhW80Oz+IlA3tLoXGDtux1pDtJe + AW1yKpjt2yjNM+ONyxN0f61CrJVNn1AcDI6MBVOdh3ErK+nSvV9ii2lA66GZuyDW + FKlt3OyY+FPKXPZYsZp65lmZfkoUu9AcX160aBK/cr/NRiZQUoXGAiSzsKcxeg== + =KAG6 -----END PGP MESSAGE----- fp: 4BE7925262289B476DBBC17B76FD3810215AE097 unencrypted_suffix: _unencrypted