many changes
This commit is contained in:
@@ -1,21 +1,89 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
{
|
||||
let
|
||||
unstable = import (fetchTarball https://nixos.org/channels/nixos-unstable/nixexprs.tar.xz) {
|
||||
config = { allowUnfree = true; };
|
||||
};
|
||||
|
||||
impermanence = builtins.fetchTarball "https://github.com/nix-community/impermanence/archive/master.tar.gz";
|
||||
in {
|
||||
imports = [
|
||||
"${impermanence}/nixos.nix"
|
||||
./hardware-configuration.nix
|
||||
./sway/sway.nix
|
||||
./nvim/default.nix
|
||||
# (Optional) comment out if you don’t want Sway as default:
|
||||
# ./modules/sway/sway.nix
|
||||
|
||||
./modules/nvim/default.nix
|
||||
./utils/bento.nix
|
||||
./utils/modules/sops.nix
|
||||
./utils/modules/nur.nix
|
||||
./utils/modules/autoupgrade.nix
|
||||
./users
|
||||
|
||||
# Import our new steam-deck-mode module
|
||||
./modules/steam-deck-mode.nix
|
||||
];
|
||||
|
||||
nixpkgs.overlays = [
|
||||
(import ./utils/overlays/packages.nix)
|
||||
];
|
||||
|
||||
services.gvfs.enable = true;
|
||||
|
||||
fonts.packages = with pkgs; [
|
||||
git
|
||||
git-lfs
|
||||
open-sans
|
||||
nix-prefetch
|
||||
jq
|
||||
oh-my-zsh
|
||||
zsh-autosuggestions
|
||||
zsh-completions
|
||||
zsh-syntax-highlighting
|
||||
zsh-history-substring-search
|
||||
creality-print
|
||||
];
|
||||
|
||||
programs.zsh = {
|
||||
enable = true;
|
||||
ohMyZsh = {
|
||||
enable = true; # Enable Oh My Zsh
|
||||
theme = "steeef"; # Set theme
|
||||
plugins = [ "git" ]; # Add plugins
|
||||
};
|
||||
};
|
||||
users.defaultUserShell = pkgs.zsh;
|
||||
|
||||
services.fwupd.enable = true;
|
||||
|
||||
environment.persistence."/nix/persist" = {
|
||||
hideMounts = true;
|
||||
directories = [
|
||||
"/home"
|
||||
];
|
||||
};
|
||||
environment.persistence."/nix/persist/system" = {
|
||||
hideMounts = true;
|
||||
directories = [
|
||||
"/etc/nixos"
|
||||
"/root/.ssh"
|
||||
"/var/bento"
|
||||
"/var/log"
|
||||
"/var/lib/bluetooth"
|
||||
"/var/lib/docker"
|
||||
"/var/lib/nixos"
|
||||
"/etc/NetworkManager/system-connections"
|
||||
];
|
||||
files = [
|
||||
"/etc/machine-id"
|
||||
{ file = "/etc/ssh/ssh_host_ed25519_key"; parentDirectory = { mode = "u=rwx,g=,o="; }; }
|
||||
{ file = "/etc/ssh/ssh_host_ed25519_key.pub"; parentDirectory = { mode = "u=rwx,g=,o="; }; }
|
||||
];
|
||||
};
|
||||
|
||||
sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
|
||||
sops.defaultSopsFile = ./secrets.yaml;
|
||||
|
||||
networking.hostName = "gpd-win4";
|
||||
time.timeZone = "Europe/Vienna";
|
||||
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
nixpkgs.config.allowBroken = true;
|
||||
console.keyMap = "de";
|
||||
@@ -26,19 +94,89 @@
|
||||
|
||||
users.users.dominik = {
|
||||
isNormalUser = true;
|
||||
hashedPassword = ""; # Replace with real hash
|
||||
extraGroups = [ "wheel" "video" "audio" "input" ];
|
||||
hashedPassword = "$y$j9T$btz9xel62NjCyLdQRm5ck1$iCm6R7u4wiMeSVfrB6Y.3UwoQJ/rfkXiYSrXI2RTYm/";
|
||||
extraGroups = [ "wheel" "disk" "video" "audio" "mysql" "docker" "vboxusers" "networkmanager" "onepassword" "onepassword-cli" "dialout" ]; # Enable ‘sudo’ for the user.
|
||||
};
|
||||
|
||||
powerManagement.cpuFreqGovernor = "powersave";
|
||||
virtualisation.docker.enable = true;
|
||||
|
||||
# In case you want a persistent /home or other directories:
|
||||
# environment.persistence."/nix/persist" = {
|
||||
# hideMounts = true;
|
||||
# directories = [ "/home" ];
|
||||
# };
|
||||
sops.secrets.epicenter_vpn_ca = {};
|
||||
sops.secrets.epicenter_vpn_cert = {};
|
||||
sops.secrets.epicenter_vpn_key = {};
|
||||
sops.secrets.wg-cloonar-key = {};
|
||||
|
||||
# This system tries to unify the "Steam Deck Mode" and "Sway" approach
|
||||
# with toggling via systemd user services.
|
||||
system.stateVersion = "24.05";
|
||||
environment.systemPackages = with pkgs; [
|
||||
bento
|
||||
docker-compose
|
||||
drone-cli
|
||||
git-filter-repo
|
||||
nix-prefetch-git
|
||||
vim
|
||||
wget
|
||||
wireguard-tools
|
||||
# Fingerprint packages for normal system (enrollment, management)
|
||||
fprintd
|
||||
libfprint-2-tod1-goodix
|
||||
];
|
||||
|
||||
environment.variables = {
|
||||
TERMINAL_COMMAND = "alacritty";
|
||||
};
|
||||
|
||||
services.blueman.enable = true;
|
||||
|
||||
networking.wireguard.interfaces = {
|
||||
wg0 = {
|
||||
ips = [ "10.42.98.203/32" ];
|
||||
privateKeyFile = config.sops.secrets.wg-cloonar-key.path;
|
||||
peers = [
|
||||
{
|
||||
publicKey = "TKQVDmBnf9av46kQxLQSBDhAeaK8r1zh8zpU64zuc1Q=";
|
||||
allowedIPs = [
|
||||
"10.42.96.0/20"
|
||||
"10.254.240.0/24"
|
||||
"10.254.235.0/24"
|
||||
"10.14.0.0/16"
|
||||
"10.25.0.0/16"
|
||||
];
|
||||
endpoint = "vpn.cloonar.com:51820";
|
||||
persistentKeepalive = 25;
|
||||
}
|
||||
];
|
||||
postSetup = ''
|
||||
printf "nameserver 10.42.97.1\nsearch cloonar.com" | ${pkgs.openresolv}/bin/resolvconf -a wg0 -m 0 -x
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
nix = {
|
||||
settings.auto-optimise-store = true;
|
||||
settings.experimental-features = [ "nix-command" "flakes" ];
|
||||
gc = {
|
||||
automatic = true;
|
||||
dates = "weekly";
|
||||
options = "--delete-older-than 30d";
|
||||
};
|
||||
extraOptions = ''
|
||||
min-free = 104857600
|
||||
max-free = 1073741824
|
||||
'';
|
||||
};
|
||||
|
||||
services.xserver.enable = true;
|
||||
services.xserver.displayManager.gdm.enable = true;
|
||||
services.xserver.desktopManager.gnome.enable = true;
|
||||
services.displayManager.defaultSession = "gnome";
|
||||
|
||||
# Enable fprintd for fingerprint authentication in the OS
|
||||
services.fprintd.enable = true;
|
||||
|
||||
# In some NixOS releases, GDM forcibly sets fprintAuth = false.
|
||||
# We'll override them with mkForce. Also note that the display manager’s
|
||||
# PAM config might be "gdm-password" rather than just "gdm".
|
||||
security.pam.services."login".fprintAuth = lib.mkForce true;
|
||||
security.pam.services."gdm-password".fprintAuth = lib.mkForce true;
|
||||
|
||||
system.stateVersion = "24.11";
|
||||
}
|
||||
|
||||
@@ -4,39 +4,54 @@
|
||||
(modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
|
||||
boot.loader.systemd-boot.enable = true;
|
||||
boot.loader.systemd-boot = {
|
||||
enable = true;
|
||||
configurationLimit = 5;
|
||||
};
|
||||
boot.loader.efi.canTouchEfiVariables = true;
|
||||
|
||||
boot.initrd.kernelModules = [ "amdgpu" "kvm-amd" ];
|
||||
# Use systemd in the initrd
|
||||
boot.initrd.systemd.enable = true;
|
||||
|
||||
# Include fingerprint packages in the initrd so you can unlock LUKS with fingerprint
|
||||
boot.initrd.systemd.packages = [
|
||||
pkgs.fprintd
|
||||
pkgs.libfprint-2-tod1-goodix
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [
|
||||
"nvme"
|
||||
"xhci_pci"
|
||||
"thunderbolt"
|
||||
"usbhid"
|
||||
"usb_storage"
|
||||
"sd_mod"
|
||||
];
|
||||
boot.initrd.kernelModules = [];
|
||||
boot.kernelModules = [ "amdgpu" "kvm-amd" ];
|
||||
boot.extraModulePackages = [];
|
||||
hardware.cpu.amd.updateMicrocode = lib.mkDefault true;
|
||||
|
||||
fileSystems."/" =
|
||||
{
|
||||
device = "none";
|
||||
fsType = "tmpfs";
|
||||
options = [ "size=16G" "mode=755" ];
|
||||
};
|
||||
fileSystems."/nix" =
|
||||
{
|
||||
device = "/dev/disk/by-uuid/856e1ebe-832f-422d-8d91-d43a5d852abb";
|
||||
fsType = "f2fs";
|
||||
};
|
||||
|
||||
boot.initrd = {
|
||||
luks.devices."enc" = {
|
||||
crypttabExtraOpts = [ "fido2-device=auto" ];
|
||||
device = "/dev/disk/by-uuid/08897ecb-23ce-4352-a1fc-fa442b9e0f72";
|
||||
};
|
||||
systemd.enable = true;
|
||||
# Ephemeral root on tmpfs
|
||||
fileSystems."/" = {
|
||||
device = "none";
|
||||
fsType = "tmpfs";
|
||||
options = [ "size=16G" "mode=755" ];
|
||||
};
|
||||
|
||||
fileSystems."/boot" = {
|
||||
device = "/dev/disk/by-uuid/8BC1-69F5";
|
||||
fsType = "vfat";
|
||||
options = [ "fmask=0022" "dmask=0022" ];
|
||||
};
|
||||
|
||||
fileSystems."/boot" =
|
||||
{
|
||||
device = "/dev/disk/by-uuid/1521-B173";
|
||||
fsType = "vfat";
|
||||
options = [ "fmask=0022" "dmask=0022" ];
|
||||
};
|
||||
fileSystems."/nix" = {
|
||||
device = "/dev/disk/by-uuid/7530231d-afe3-4571-934b-826d7b1702b2";
|
||||
fsType = "f2fs";
|
||||
};
|
||||
|
||||
boot.initrd.luks.devices."luks-1506e138-e941-43e1-a133-06ae3299b62b".device =
|
||||
"/dev/disk/by-uuid/1506e138-e941-43e1-a133-06ae3299b62b";
|
||||
|
||||
hardware.graphics = {
|
||||
enable = true;
|
||||
|
||||
@@ -2,77 +2,59 @@
|
||||
let
|
||||
cfgUser = "dominik"; # Adjust to your username
|
||||
in {
|
||||
#### 1) Provide two scripts:
|
||||
#### - `steam-deck-mode.sh`: Runs Steam Big Picture with Gamescope (Wayland).
|
||||
#### - `sway-session.sh`: Starts Sway.
|
||||
environment.etc."steam-deck-mode.sh".text = ''
|
||||
#!/usr/bin/env bash
|
||||
|
||||
# This script launches Steam in Big Picture mode under Gamescope (Wayland).
|
||||
# Once Steam (or Gamescope) exits, the systemd user service stops.
|
||||
# The ExecStopPost hook in the user service will then start Sway automatically.
|
||||
|
||||
# For safety, kill any existing Steam instance
|
||||
# Launches Steam in Big Picture with Gamescope.
|
||||
# On exit, user service stops, triggering ExecStopPost to start GNOME.
|
||||
pgrep steam && steam -shutdown || true
|
||||
sleep 1
|
||||
|
||||
# Use Gamescope in fullscreen mode, exit on Steam exit, run Steam in Gamepad UI
|
||||
exec gamescope -W 1280 -H 800 -f -e -- steam -gamepadui
|
||||
'';
|
||||
|
||||
environment.etc."sway-session.sh".text = ''
|
||||
environment.etc."gnome-session.sh".text = ''
|
||||
#!/usr/bin/env bash
|
||||
|
||||
# This script starts a Sway session. When Sway exits, the user service stops,
|
||||
# which triggers ExecStopPost to start Steam Big Picture again.
|
||||
|
||||
exec sway
|
||||
# Start a GNOME session
|
||||
exec gnome-session
|
||||
'';
|
||||
|
||||
#### Make these scripts executable via a simple systemd service:
|
||||
systemd.services."make-scripts-executable" = {
|
||||
description = "Make steam-deck-mode.sh and sway-session.sh executable";
|
||||
description = "Make steam-deck-mode and gnome-session scripts executable";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig.ExecStart = [
|
||||
"${pkgs.coreutils}/bin/chmod +x /etc/steam-deck-mode.sh"
|
||||
"${pkgs.coreutils}/bin/chmod +x /etc/sway-session.sh"
|
||||
"${pkgs.coreutils}/bin/chmod +x /etc/gnome-session.sh"
|
||||
];
|
||||
};
|
||||
|
||||
#### 2) Create two systemd *user* services:
|
||||
#### - steam-deck-mode: On stop, automatically start sway
|
||||
#### - sway: On stop, automatically start steam-deck-mode
|
||||
# Steam Deck Mode service
|
||||
systemd.user.services."steam-deck-mode" = {
|
||||
description = "Steam Deck Mode (Wayland Gamescope + Steam Big Picture)";
|
||||
wantedBy = [ "default.target" ]; # So we can enable it for the user
|
||||
description = "Steam Deck Mode (Gamescope + Steam Big Picture)";
|
||||
wantedBy = [ "default.target" ];
|
||||
serviceConfig = {
|
||||
Type = "simple";
|
||||
ExecStart = "/etc/steam-deck-mode.sh";
|
||||
# On exit, automatically trigger Sway
|
||||
ExecStopPost = "${pkgs.systemd}/bin/systemctl --user start sway";
|
||||
Restart = "no"; # If Steam crashes, you can change to 'on-failure' if desired
|
||||
ExecStopPost = "${pkgs.systemd}/bin/systemctl --user start gnome-session";
|
||||
Restart = "no";
|
||||
};
|
||||
};
|
||||
|
||||
systemd.user.services."sway" = {
|
||||
description = "Sway WM Session";
|
||||
wantedBy = [ ]; # We won't start this on login by default, but from steam or a script
|
||||
# GNOME Session (Wayland) service
|
||||
systemd.user.services."gnome-session" = {
|
||||
description = "GNOME Session (Wayland)";
|
||||
wantedBy = [ ];
|
||||
serviceConfig = {
|
||||
Type = "simple";
|
||||
ExecStart = "/etc/sway-session.sh";
|
||||
# On exit, automatically trigger Steam Deck Mode
|
||||
ExecStart = "/etc/gnome-session.sh";
|
||||
ExecStopPost = "${pkgs.systemd}/bin/systemctl --user start steam-deck-mode";
|
||||
Restart = "no";
|
||||
};
|
||||
};
|
||||
|
||||
#### 3) Provide a script & desktop entry to let you switch from Sway to Game Mode easily
|
||||
#### (i.e., stop the 'sway' service, which triggers Steam).
|
||||
# Quick script to switch from GNOME to Steam Big Picture
|
||||
environment.etc."switch-to-game-mode.sh".text = ''
|
||||
#!/usr/bin/env bash
|
||||
# This script stops Sway, causing the user service to exit
|
||||
# The ExecStopPost of that service will start steam-deck-mode automatically.
|
||||
${pkgs.systemd}/bin/systemctl --user stop sway
|
||||
# Stop GNOME => triggers Steam in ExecStopPost
|
||||
${pkgs.systemd}/bin/systemctl --user stop gnome-session
|
||||
'';
|
||||
|
||||
systemd.services."make-switch-to-game-mode-executable" = {
|
||||
@@ -86,21 +68,24 @@ in {
|
||||
environment.etc."xdg/applications/switch-to-game-mode.desktop".text = ''
|
||||
[Desktop Entry]
|
||||
Name=Switch to Game Mode
|
||||
Comment=Stop Sway and start Steam Big Picture (Gamescope)
|
||||
Comment=Stop GNOME and start Steam (Gamescope)
|
||||
Exec=/etc/switch-to-game-mode.sh
|
||||
Terminal=false
|
||||
Type=Application
|
||||
Categories=Game;
|
||||
'';
|
||||
|
||||
#### 4) If you want to start directly in Steam Deck Mode on boot (no display manager),
|
||||
#### enable auto-login on TTY and run the user service for "dominik".
|
||||
#### For example (uncomment if you want an immediate console login):
|
||||
# services.getty.autologinUser = cfgUser;
|
||||
# systemd.user.services."steam-deck-mode".wantedBy = [ "default.target" ]; # already set
|
||||
# You'd do 'systemctl --user enable steam-deck-mode' as that user to start it on login.
|
||||
# Update to new hardware.graphics.* options
|
||||
hardware.graphics.enable = true;
|
||||
hardware.graphics.enable32Bit = true;
|
||||
|
||||
#### 5) Additional recommended gaming packages if not set elsewhere:
|
||||
# Include AMD Vulkan for 64bit & 32bit
|
||||
hardware.graphics.extraPackages = [
|
||||
pkgs.amdvlk
|
||||
pkgs.driversi686Linux.amdvlk
|
||||
];
|
||||
|
||||
# A recommended set of gaming packages
|
||||
environment.systemPackages = with pkgs; [
|
||||
steam
|
||||
gamemode
|
||||
@@ -108,22 +93,11 @@ in {
|
||||
vulkan-tools
|
||||
vulkan-loader
|
||||
vulkan-headers
|
||||
# ...
|
||||
];
|
||||
|
||||
#### 6) Enable 32-bit support for Steam
|
||||
hardware.opengl.enable = true;
|
||||
hardware.opengl.driSupport32Bit = true;
|
||||
hardware.graphics.enable = true;
|
||||
hardware.graphics.enable32Bit = true;
|
||||
hardware.graphics.extraPackages = [
|
||||
pkgs.amdvlk
|
||||
pkgs.driversi686Linux.amdvlk
|
||||
];
|
||||
|
||||
#### 7) Optionally handle udev rules for Steam/Controllers if needed
|
||||
environment.etc."udev/rules.d/99-steamdeck-controller.rules".text = ''
|
||||
SUBSYSTEM=="usb", ATTRS{idVendor}=="28de", MODE="0666"
|
||||
KERNEL=="uinput", MODE="0660", GROUP="input", OPTIONS+="static_node=uinput"
|
||||
'';
|
||||
# Move the Steam Deck controller rules to services.udev.extraRules
|
||||
# services.udev.extraRules = ''
|
||||
# SUBSYSTEM=="usb", ATTRS{idVendor}=="28de", MODE="0666"
|
||||
# KERNEL=="uinput", MODE="0660", GROUP="input", OPTIONS+="static_node=uinput"
|
||||
# '';
|
||||
}
|
||||
|
||||
42
hosts/gpd-win4/secrets.yaml
Normal file
42
hosts/gpd-win4/secrets.yaml
Normal file
@@ -0,0 +1,42 @@
|
||||
epicenter_vpn_ca: ENC[AES256_GCM,data:DUvpuL92zpQkK0auXGdHDw+f5gzjMARMroBknmgR+eq1LV5aISdA0XOCw7d3VFpMtHY+tPM4pDEWlnGJDoHDJBSFAUdmbLkDq2DvoDR1RBbsidmlXpvu7UnL4OyCgrN9G3I65HQmCh64/453T0Y5MZKUiFZXn9SZJgOU3h0qOnAiIKTQADXmUo6imhLuUdPxjwiLkNp8zHNystbfUuZkF15J+TXV9yndy/E8E4sFs4uysK9E+VM84v0q75zTf48cheE+cBGI9xOP5QMvSND6MloyGYUTPZOiQyz8M9AmJObvQFryysKf5Q1W1GBiTz9FVuSsr1IM7meljdBYwfxQaA5MurdsXVFYfdRgL6NyL5x7WOd367pgtBBwuVyT+cygg5ITIBc6YTuT8thp/q0BsJkq1OdVQrLa4PK12Tg2IOUg2Za/tLJxxiNWqs1gAmTWEIGAeJWmNgCZAjJIISwTGcdbpdWqhjAEgaaLf9ZD0hUXQ5MmSO+KXzP7lIGgqCXoMEc7W7rn3R2VkIrvaVgCBK3psTg6+CxoPQwnYbUKgPLG7ys54eECJyRfc8YPH1957Q67pYkVD166ZP/sDJfplOGH19QyFnaaSLRLoXCAfWuO72NwO/fSljN4+pmB6Ev1cRCe4mXicz7TTqGG740VOam/JW4OJCrnHVs67cs9/MsVSNZOsI+x44TKJjaFph4onaodDh5P7e52IkfRnHnjK6FjEvYPasUr9YDqUR3ucHxhD9UqvINDwhp3L/zyFb2HRuO1KzEQLzmG96xiJpJxBVl8GOTeNrK2owOf6cCuh6o3iPaAFjFok26gI1ujX/mPbBigOxB6S0cLOLoA7oA+E6L22nsoYdIwjU4b6Y/DQvndgsZFnycLsSA4TRYHUH1Q51fGU3S/zAlB66rYchsw3JqODD51axxEdo5uu/2a6K9c8BSDo+stHBPmGvty6IorhM+17IGwSVrnxBFbSICja/Mi9eHmkUuUQWaXe5iWiNGYOIe0Xsbu4PQANhDE0f4U1LboVdI46uVhBV36zLSRJ5hUYARdmaz+aUSfNSE20xwCQiqd4U1cb2W6ZRER5WOfNFa8LCjk1YyhDY1yKCbo5tZrYZtmo4T47EuH/2uyW9vPtDlAhpZWmJJ0LEbZMhl9hIEAgGYmhnxPIVItJWHgq4O+YavYWvu1qgbdBC/FZJ8xx0uSy48oKCbuTUbIBUHQ37/6wp+IC+FAoYc2CDgCKzYvYjGrjMr+l/bhWE6KqI2DE/8yG4sOZIyrKNOYRq/aqDRkaeu96bLSYZECoLpohEKRNLTFQ+J8btjGX+xak0HRNEX9bxx8Zs3ml8mDKfh11uy05zPMVU4jaLrc5VtvmNdCg1EffbtEIRhi88aP5K2flRLxvSsYODd8iisqJ3CEqa8/C/FoHhWqgs7vk9UeRs46CJjGQ2Nx7UeQhAK8ey8FwqqSPQ6hp6jFnAv5ha583GZm3G8CsapajioHOpNcyYRhUW/ekdQ1E7DafOLRRO0hdWws8fsP/96uuWJ1Ir1ec2pepmh8s9zCZl/CKSU6+PUjX03Y9buZDnAYao5nDFsF5hgi2nLCTRbHnCh/S5C4NL/Lss2gi/9HdQUWr3KNONgoGbdRNS4MHtK/t9MtxQT8FOS54fM76XLygYZhQEQuDHUr3vaihOPKXncPNx+M4IGd+tsOoGADfpZk7W4OLd5jl8OiCulKvmRXzGCrmyofifh6XBE/EDa97j4eXt/fZPhUh+kv7i39mLKiccPUqpq9WYA/pqlMc84PAsewRerk3Z7jygFb2oX8LwYX2vDer565q+74n/y+oqz/CQ7jypoGBC8f9a16h2e2ZuvjQZ2sUdBB0xKwmLHC5mXLRkJYZ8Myt0Bzp0iVnC8P,iv:0GfL3sG36nsg/4BPw32kKMB78TmbN+mLq/mqEFp0yas=,tag:x+kxJsS+Fn7VO3MlOmqgwQ==,type:str]
|
||||
epicenter_vpn_cert: ENC[AES256_GCM,data:y94SNCZISKCGbG3dtMZKPntzHvmvAK9fr0+TASNUPp+RG0o7sWRZHrAk+zs4x6tTJpRMCN3VJUzH0bkSHrsKHsYLwVOT5Sb3l7y0CUjjT463NWj1ZipaMU94NRbtDC6Q4sMkFQPaLEefaOhjQu2a2qMx0FkQ9OA3T4f4u5GVN72/PTftHw3SybhptlF5L1e3Q69J3H0uVGRuXmmrws6HcLb2th9sAYPAi82yEimdzPa154DKIRcBY78QVkRz4X7VVyLFY3X34TMvGTmKP7MsW5lApVd/qoML0MkqvrWdEClMWG7i4jMRjSUSRIVr33DE8ds4aBx565tKQ9rVZT7KPZU7IbFqgKP6TQN8w7g5mY3aImPlRMB/xb7V8a+qBScOgBiwCgdAnz+PKGaCwcaBba80q0m/gONkxgVy+QKLLdALjb3iUpKiGvWFLwsKr/hQ1O0h7MBFDTGqWniiXZbyb39HABZNVtKAC/4qouG/G+hP6fpk/+TMtjRNSh6wWtyiYvTeFOtCWfi6YEC7IZFautr3vcu24soA+Q4vFwYr6lIEPnQYlpBCr/TLVzEvxWEjsR8G2RaBSWGm2E0tre8qVSFkJwz+niL8FQgaQTjnsYmJGHFS8sxseGuAakuSH+gzopc75H6y2pEnZrpQMOMyDq0GMkIW8xGk7x5Ewq1DZ8ji13Y8xtnbLqiJkhPc19JDoXdpls/40K4Ymrz6dOO8zxzvW8SHF47gOYvp+a5d3vqwXFZH2qDUvdScV5eATmK8ltfGod9PbZWgFzhp336dkba5aAspXlyzAlRRqrVhvpff+V8cyHTIz9qA8fhXv+v2pN0E/Es1NTJhtQo09OGnZn82lfVyR93hLtr6AgbDggwhvAOlJr/pAt0YZ5FhehhhnH0+ekUJC0YemUMj0QVbpxIWc4rt5n7nqewSHC8feo6Zfc4NHfE8sWemGGm2sUOdf6C2F9k0h+Snwfyu95XIWccMAC/Ii14ciu/nj0L67bbj8XAECjWCIlhhCJcMXlpxfU3lZX7zEy4WH+IqV1399KmtvUssuObBb9uAMwHjZl0l2GVQPo3clDea2ZP5HDO9B3kWRqpvIrjawh4IM73O43jbIDgjNXMijnH0GJu8FH8igS+7JOhRHrOBQiNc0unx6EgAfXHo3v6o8ktzbtRcUwU8k+wldU1cu9ugpVpG9j8O+zvPYkaH+0xfdAdxDKXz+4e8462O5zr3IVRp63CBBNtnTn6fcwnxgD9ouhgyyLBylzrwCmRAODHyukJovkNARWmhcYCAnYhrYf9KqaCoeRLmFq8sLMeiYGDTJ/+PTyheZMHboaoZbUbnRtrvuXQiCHqDKxSan0OACW+oXgCBgZSshj8lb58A+zjpMVy4Wis8s6K9HFpiPSP4tmHxXvOod2+qL/eZBV4LhLoahO0gg3+DUPTeJVO+4I7YZYLVXBhf0OC7z8jMGf8Q4SjO8p6Vufx2KXIEpcITto0IJFsIAv9UVfsKVyvVeuGaGGi8VQWhexdQxjDtoURRts91EFNpJ86o9HPbQCAWXBx9hlnBH2zZntqPd5eVA57s67i1dWpuudD/oBzGn3fBv3Fck9tpArMNSrOtbtl3sBc6Calo/5+HWSY4tz1Hnrlv0/IxD2EcgzH5dFu6klTn3gaMdgd288/kRPDzfdcVGqlvV8rQJjTD1XN48FK/Zp2ydCede+SKLidqrqz1ISXOwsya0ivfc4Vdk3hhnnkTnqZT3qR88Z69X+9QkYCVNaoojTiBoRCekqNDI3Ev8MKp1eX0E3rXT3AG3E7xEFGulhe2C9RdMwQg0QG/Ws7n/CtTeVwpv+JG73TlDnBzoVHN6fqKBVchbGPtcObM90N2itJ/wf3jXefhrrsQudLch+Mwp72YcvCKqOMsrO3egvNxIiLKrrVOI8buo0NJrPoQE3/+rZQFzx2r0AHkrwEUHGUvr2oHDJyXwSY2/7zCYbewN44Zjo7n5ofOhSUsaGJNySHgC6V74gyU0UCUEBnF8fZK/Y6QgdtT9gApHVtJwXRvLig2P11bIlyWZjISRaAVAUAMKdS8ir8l+P3NL8kBZstfpH2eeYFHIWeZ7VrVTs4CaHDzkyMizui0EBfvf5irWeJvIekCWnetfo047QKJvrKr+6239QxH5ni7wlzWxiZNcewaOfCK2SqOvYz6NIRp+/blZuxL2pXhTInB/XxbP2zHH64dC8AVvViU8bI2DR/HhzbbpEylzD4ttvil7hLt6AMpugFrmAgWd6JU5yM9lXoTSprmXZ7awYTLcQlCQu9cUNXF0JdtELA/oQipEEUz+2lRt3B+0abYGVWb,iv:MVId1jgmyhY/iUxnjca5IpYwlzUAsa6Nwchg52AKgRc=,tag:1RASj3dFAYVNphJ4zjXxtA==,type:str]
|
||||
epicenter_vpn_key: ENC[AES256_GCM,data:Kt33OLiauTrkzSwib2px/rZoQO6tlCzsy2exxIrZb91ukUDo716+JaZ2dB6FEjx/z0jaUEiU8u3lZbq4gkhwXe/hwUnr7pIW+V1InJhuGOAENfnusDkSu6P5pVpE5FNBKYF6u77/h5pdWwI/bHo7Hfi7f1xVtPkAeSqDScprUOVIoEYeJ0AXo0L9xCQVPSIAsdrh2jZQPe1S4iCLqQTTYK5CvP4/1wjwA2C4PheXEK5Z74Xkxd3pRI0cogpt711+ujMbh01siQNs9tk5+pk8vbXV6M5duzQlJar6iF47GsaomFkLNsk4QvTVZ7kKIMWEfOzwgwniI8YGtDgjxCvd13H1agaeDjsboFxR3i5aI0ZKC4sP7aTASDQbWwTQxoFdMlHjbkMvVWAT1CxUw/phUfwA8L5xLBxzauvHgE0B/R2rW5FU+qaDZfyUts9RyIJzaF+bESz6YKV27i1ZQNp00YPH9jy05uYDjPldLo2PLzgLQHMsSwZ60KKlHU68gGtVI7qtH9fpy34h0/6IsCRAJF1mRHEHHzC8Ny4Q7dtN3GenMPVT07dwgEYczONjbtrpyKoLDHnAf5JguUydLIKvcxDwNmfXlaAcOzX9seEO0L+Wy2sjG5SCKjPA0wTwIvpWuthTpTaptde0KDBauzJZZvkx3FnABF5Ho2VHCY9MkQxnc61488rQXv15FNM2WaTKcI97b/kc+PXK0XbvKD1OKJ/fyNloaLPAJKB7Q+Nu9sSK91nyM5WOALhkp/5PiKQhSO75X1qsd2S35mWY6upES887He2rdmNjt0YPVzETVXhDk48OHwNNcqKTG0qs354/bF00lQJ7asQaHZ9vnomZTy3F+vWdadmUntu3r0lz/74ZEA1rWe+CIyINkuGcT0q48FMwlzms6XXYe4qnVjG1Yu/PknI6XfIpEAHN3aR/dVkpvwSDKzJD9mUr18IoXf7mcbRmhc0yAz7dmoT+Z5x+/z4G5u5xmMa9lvtHOnaXn0RhbMQP/Gziy9hB7GySGyztnBxOLghO6pnY17Etxcd+RDGkHb+PAZY2tJi3ObTry10dT3Zcx4aHNp69EcOjTQ1+629jFatFB2dhgIt2JdWbpgwppE2QB0g5cFY3e8s3rdriHfXsZNFt1xF7aaBYBUb/Z29EeC3EGUyV1fjhG0ZMDuZAw/7UEOObWS1Mx+z707OWWwGXy+5BYdSC/sYzUF9aMfGXjfttsqr36Cza9aSia6Qin5vMmJtpLYl1WGA3TjcgnglVhgKmg9DvEijm/pa1gy5hMX9SQgV0SuHtWfGIo+uleBr3n38CGJ8BOVJbZ4pHR4JQWrAjxE5MHIzZRF1UmbxWUoqL73IyTGZQovPrLO+z6rl+Djd7bGcQgpsBd8nJaOG5qoSH3Y40+onrlAz4WmKWPaSAclSgSPdHE4OEHIPzzrzLOaJWrI9B04LG9qMfhtpMNse/O4XT76QBfgaeDtKHO4Pv7T9PjIHYC4dPljkvrthEPQeJwo1zywDw2uu+I+WyxWuEGuR9JByJ8s7vaSLcDSP1BRkAq+i+YDDB4/a9iWmF4db/mKjVn6c+NRJjmugoCPeVbzyAfkxBm0nXVjQpOAsYGvGneAN53xHJmZ4kO91wrx+i+lXfRsnU3pgYYfHOePEhCUZoFXSVCFy0ksZKSHQSZb+v4x6CsvtpomUP6u0LIukZgZEgNsrpHXn4oQ0uzrts9LwKECAjGpgRINdJ6XCD8uxcIE+uuS5wyOWg/m1TmC5MThTwe4UfpxD0erMiqgGSSJ+xWuwmnjSS62XmLHnfe+VWEiLOk/7vWQxLy3bdHSfSXCee76isRcFpRKY+x59/Tj02I3F5onVuqAehtLkL4zUgdavmLmKI/81uKRTcMtXdFnYuCR+4xBZYauVtL3t7yhozhZwSZe/02mBahe61dwhZIIbAbAqivbrw210H5cKi9R9i+dR85ISJTrGFlXwT1EX/kD8BWdWPZrg9s5JD2jzrl56dKu+oeNPCZNuD6qlCaFBytJOixj/WkggyMGtOcy2do7MZZfuswbLLdD8ClzUx2D+nrRfae7Mze0s7KhyArmtjRyAfh8xqD+vTR7/yh8mgp2k5XOBw2bdCqH79ctq50drdBnpLuILKuruO/A1isS6YkjD0vxXQZh3yt5D3iqlAAOHdIzaWf8q0zUQsHp0aOgZG0WSlVPg44oHEG40O+laDu62fgcI4JisL6KwdJIPidw==,iv:pB/cNgmHi14ugi6kd+J6poWXX79LMHiiakNa03ibZ0Q=,tag:nLfjOesXDm5/QtwHznJROw==,type:str]
|
||||
wg-cloonar-key: ENC[AES256_GCM,data:raK+FXMb2EBzLEYQzDQ9TZSz5v1X+CGV9ghZuA/NoVwn4OnTWWhY9x/wTZA=,iv:kq2qdYAgoHogRoOzUaOc64uJF0ji/XuaLaO0HEp0l4A=,tag:1fKSyzv/FqxLl6Uv3DQv7Q==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age14grjcxaq4h55yfnjxvnqhtswxhj9sfdcvyas4lwvpa8py27pjy2sv3g6v7
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGUG5oZ1BPL1hiRm5zQ3FO
|
||||
Zks2RWg1ODZGYm4rY05wT2dWTHFCN1FhcEY4ClB5N29SclVxWUpGaHF1V0o1cHVK
|
||||
TWtoTGFsRHVERWgxczlqdysrRmVDM3cKLS0tIFNISWhUbmV5dERHSXV3ZW5Gd0l3
|
||||
bHZHdy9jUHhLSTFUWHBxUTcrT3FoaHcKpKjzC3KDD6TXpbPm/ObztJQzkNnnTnvH
|
||||
uWzRhQg7lHAKiiz4szzT64WCuisxFAOJP1KrSK9qP5DLBm8aKIDcPA==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
- recipient: age16veg3fmvpfm7a89a9fc8dvvsxmsthlm70nfxqspr6t8vnf9wkcwsvdq38d
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4VU1JZ3FkQ2lPVE9KeGMw
|
||||
c1lRWGlPU1BKbXlJc0lnVURNNjN4bDRNWFZ3CnQyRUE0MXllajgySHRkSTNRZ2U4
|
||||
K2w3bWEzNmxrZHRybXdFdnZCTmYySW8KLS0tIFduVUdYdDdVOS83QUxveG5lMDRi
|
||||
M3E3bDhrM1FvMERESmI2RTdBTVNUMlkKoKhTGUYULeQvqMjwMCanDxD4yflGURgE
|
||||
ROZe6d8R5Sya+RsS4uzNMs5KkjGeC/xjbNO22uSRennIwCqBaHNmgg==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
- recipient: age1v6p8dan2t3w9h94fz4flldl32082j3s9x6zqq7u5j66keth9aphsd6pvch
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBMW1zeU5ubDloazBKNFR5
|
||||
M0xnbXQySWptOHFEQmQ0VHdvTWVieitYK1drCmI0VW5PVUFaTFo3STF2MUxSOXhC
|
||||
T1YxY2lFMitKM29rS1FKQWRweStxUlUKLS0tIEFnQTlHcFJEcTAxem5QK2xrTm8r
|
||||
L21ncjlQdGVDUjI2eXFIb3U2dW13bWsKuEwATNEUWtjuLsH7DQAt6J2l4blTId1W
|
||||
A1kQ+0dfUKrZ0dsbvUA5L9+haUiK8f5RvapaKW+L2JEn7gW5wJSJEw==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2025-01-26T17:32:33Z"
|
||||
mac: ENC[AES256_GCM,data:tYmCofgoeDlb1FI8dWNh9hy9tS/H3X4r2HzboKTRnTQqSz6M+nc4g/Gt7eb2OHcRzLqbg9WxanFeDrlOz5jIxKIDV+7PfNlPSPqXIQg/79u3g/qDiwbnSRa3s+2mVIK5GEN+5M5f11KfwHbtHn+bEUALGHPP1gpW6deKBUIITg4=,iv:xQBmQjsNuaTzUGXFrsqiXcKL79nN8nvaLDrnGYwR7rI=,tag:vmA465d7M19c1lc5X1qTqg==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.9.2
|
||||
Reference in New Issue
Block a user