diff --git a/.sops.yaml b/.sops.yaml index 8958b8f..99fcf13 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -14,7 +14,6 @@ keys: - &fw-new age12msc2c6drsaw0yk2hjlaw0q0lyq0emjx5e8rq7qc7ql689k593kqfmhss2 - &netboot age14uarclad0ty5supc8ep09793xrnwkv8a4h9j0fq8d8lc92n2dadqkf64vw - &gpd-win4 age1ceg548u5ma6rgu3xgvd254y5xefqrdqfqhcjsjp3255q976fgd2qaua53d - - &nb age1exny8unxynaw03yu8ppahu5z28uermghr8ag34e7kdqnaduq9stsyettzz creation_rules: - path_regex: ^[^/]+\.yaml$ @@ -23,14 +22,12 @@ creation_rules: - *bitwarden - *dominik - *dominik2 - - *nb - path_regex: hosts/nb/[^/]+\.yaml$ key_groups: - age: - *bitwarden - *dominik - *dominik2 - - *nb - path_regex: hosts/gpd-win4/[^/]+\.yaml$ key_groups: - age: @@ -38,14 +35,12 @@ creation_rules: - *dominik - *dominik2 - *gpd-win4 - - *nb - path_regex: hosts/fw/[^/]+\.yaml$ key_groups: - age: - *bitwarden - *dominik - *dominik2 - - *nb - *fw - path_regex: hosts/fw-new/[^/]+\.yaml$ key_groups: @@ -53,7 +48,6 @@ creation_rules: - *bitwarden - *dominik - *dominik2 - - *nb - *fw - *fw-new - path_regex: hosts/web-arm/[^/]+\.yaml$ @@ -62,7 +56,6 @@ creation_rules: - *bitwarden - *dominik - *dominik2 - - *nb - *web-arm - path_regex: hosts/mail/[^/]+\.yaml$ key_groups: @@ -70,7 +63,6 @@ creation_rules: - *bitwarden - *dominik - *dominik2 - - *nb - *ldap-server-arm - path_regex: hosts/fw/modules/web/[^/]+\.yaml$ key_groups: @@ -78,7 +70,6 @@ creation_rules: - *bitwarden - *dominik - *dominik2 - - *nb - *web-02 - path_regex: utils/modules/lego/[^/]+\.yaml$ key_groups: @@ -86,7 +77,6 @@ creation_rules: - *bitwarden - *dominik - *dominik2 - - *nb - *git-server - *web-02 - *web-arm @@ -106,7 +96,6 @@ creation_rules: - *bitwarden - *dominik - *dominik2 - - *nb - *web-arm - *ldap-server-arm - *netboot @@ -118,7 +107,6 @@ creation_rules: - *bitwarden - *dominik - *dominik2 - - *nb - *web-arm - *ldap-server-arm - *netboot diff --git a/hosts/fw/secrets.yaml b/hosts/fw/secrets.yaml index 70171f0..a8cc4fa 100644 --- a/hosts/fw/secrets.yaml +++ b/hosts/fw/secrets.yaml @@ -28,47 +28,38 @@ sops: - recipient: age14grjcxaq4h55yfnjxvnqhtswxhj9sfdcvyas4lwvpa8py27pjy2sv3g6v7 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXWTFjSmFmb2xjM2lsWVN4 - QWVCdzNtdGNSSkVZRm5UL0hKL2RWU1FKSkhBCmJHYTFRUzJ1Ni9FQ2VqS2FSNlJQ - SVhJK2NOMEozOWxOTW81OXJrbFphZ1kKLS0tIDBVbzZHMmcrNXdhM0JuZk1YY0dw - d2NTT2R5TWVUMWpMMmVmSFovOU1CbUkK9Yf3mwBlMd1cGaUk7wVp8Q9u5F3r4njl - VPCGpBvJqiOcWoUsE2W2C1L4XGDUh+XAe48JU+phQbhkLTLshLCbfQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBsNzNjZ1o1dXFxalFiRXUx + U3NQK0gvQWVRbnAxam8yZmJTTmRTaVVZdkdrCnQ0R1ZBWEVmcE12NWNuaDFtRGlj + UFRManh2VFgwUFJaNFpVZFNqc01oSkEKLS0tIHA5UDlHY1lDWUtwTk10RHZoQWQ1 + bzZ6MzhQQmYrZ3JKUDZoa1lDZXRHRDAKHtzHnt+zHgMsuyX0vP6xapvJ8796/vkn + u9U56OdFlqthTy870vMMoJWW3wAFfj/QV124bG63lJ02gAHEr/PGJw== -----END AGE ENCRYPTED FILE----- - recipient: age16veg3fmvpfm7a89a9fc8dvvsxmsthlm70nfxqspr6t8vnf9wkcwsvdq38d enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1WkdZQjZxL00xZDhOdlZY - ZGdub05HRjRqSDNzRTNnUm5veS8zM2JPRkVJCk9lZEpkendNU3lXVE80d3RDTS9C - djJnaU92MjYzd3JvQmxkMGozb3NuaGsKLS0tIHhmcVRDMTJnb3IwdzBDT3dWOUM3 - eFBTaUVQVUpsR0YrM1RwbTJNMi90ZlkK3dKJo/RSF+6tLETYIyd2KQs9GsIy+o4f - yfUxV00Fjk2giP40O5nXPn1kYfNigEfkov/gbPxYYItoBsG/FmlxIQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBLc0ZsVlNzQ0d1dGJlSzN6 + bzB0bnhHTzlodWJveFBmdVVCdjJ5c2V0dkM4Cmt1cHhJa2U4NmJZSUFGYzhCQmdH + eVJDUjc0LzdIOHo4TWlCeVEvQUg1b1EKLS0tIGRpTFA4TkgvU2ZLOXM3NktMbjRP + aGM2aVdRSUpsRXRCZE02MXJ3MVpxK00KO2dZUNZ1KQFg4bnNp1PEntL2fY1h+JCK + l7CnGwotydc9NybwYtisv9XVrz3QoiD09OiLvg7VkmfzEaGmqmja/g== -----END AGE ENCRYPTED FILE----- - recipient: age1v6p8dan2t3w9h94fz4flldl32082j3s9x6zqq7u5j66keth9aphsd6pvch enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNZ0RMWjFWV0hSTkFFNytn - SzgvMlFSdGpjMDF1Yk9PQ0gxTVgvM25SQ21zCkJjRjRaMWRrZHNCT2Ftd1N3Mnox - YXhuQXlwbThycGNadlJMby9EbFFQbWMKLS0tIFlyRkZNMDhrQnhJbk9jd3dpeEh6 - MXVIa1ZJMVlvYzR3emZTeEJGbE5mSFkKDecPJChaacdkyn9jlmZFrZQu3pKD087n - cesiKi+gKI6kagXphl2w211sC4Pjw7I7t0a6JNntcR9VTDTD392m2Q== - -----END AGE ENCRYPTED FILE----- - - recipient: age1exny8unxynaw03yu8ppahu5z28uermghr8ag34e7kdqnaduq9stsyettzz - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBuSm1FRkVTQW9keTNYMlRh - TVN2U1dXRTV0NWJsbCtoQjhHS3NHb01vWjAwCnFVbStLblM4VHF0dFgyQXFmczJ6 - WkNjbkFEaFZLU1FBd1lpZ2gxQ2xUNDAKLS0tIERndVpJQXFKR3RWc0FGKzVlRzZU - eDAxQ2g0Z3p5VEhWMTRQREc0d3BybEEKtxC6DIOll8E8G/N6jYfJX/nqfawvISKf - G/xiVB2vEe9Q5GmNXQBpzLynfT7olu7v/PBeN9U+0knpTdEHFQZPTg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBjQTBxNkV2REdrRS9MaUxa + YWxNOFBKQlAwOW5qSk9hM1Q5c0tjZTdWUjBjCkM5TmtwR2RBRER3Uzc4dWtGOVM2 + bjZFZVc3V0t0enhyam1DWVM3b0h5WlEKLS0tIGNPUzFJUGRYZStMRTMwV3pWTW1t + V003cnFtYVNEbERiRDV4bmVXVlBaUTAK7pLGaixTRCg5lKhN8CN95cdr7X8X1oDY + LX2t+SPvb8hqsssLf/mqVxPsgAXl0L9lfsYtRsuMWONmaJsOleVE4A== -----END AGE ENCRYPTED FILE----- - recipient: age1wq82xjyj80htz33x7agxddjfumr3wkwh3r24tasagepxw7ka893sau68df enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAyMUYrekZaQnpHaGw2Z0kr - ZjRDc2xvc0NwMldlVlNWNDJUeFR6Z2VGT3ljClJSaTBHQ25OUzVydDRTTVVxT2VW - VVVxZUlyeUY0ZFJrc3ZRT2FEdklOT1UKLS0tIEJGZzFLZytEZEJVTXB3QUVqdmd3 - RFFSaTZ1N09aR3YxcjdUQmZaaDdsd00K5DnkUwqOxnaY++MHL9ls0JOovuxyBEJy - XysKbnAWumt7sZxAboJZslmakstoMK2p4BxAQDBz4N3pp/UeoorWuQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDbDA5U0xnUDNXYUtRVVN3 + YW5aTFg1T0pOZWc4cXFDRDlrRmxZWWw1MUdRCjdlUVg0S0IxTXM4ZXcydGR0aldu + WnU3ZnUydUh4em02TWFVamx6a0xpQmMKLS0tIEdpWFg1UEVGNHIzY2VZZk40NlBG + WXJpUUxadERyYUExRFMzNzBXaUVET3cKG9ZwWy5YvTr/BAw/i+ZJos5trwRvaW5j + eV/SHiEteZZtCuCVFAp3iolE/mJyu97nA2yFwWaLN86h+/xkOJsdqA== -----END AGE ENCRYPTED FILE----- lastmodified: "2025-07-07T11:02:46Z" mac: ENC[AES256_GCM,data:gf6Lw3aiGLVHNNrt/9SwFtK9fnzI4fiNf4/MjlHF+BSGnwSobccbUFObsT5mnce6nMsFM3kZ4Ac1ceckND02CH+P4hf5ylczPibz8B8sGDUulLmCpddBG++eXU4CO4Oi1VBqiCqkxPGPDtgidOMy+KJ1EHvSaiD/duOXrE9/qE8=,iv:RxIohGvtU+GGnpmW/k+fZlQLT8+13P4+5ZMHsDoSY94=,tag:5QNfKhjwCB8Q984WAIXdnA==,type:str] diff --git a/hosts/mail/secrets.yaml b/hosts/mail/secrets.yaml index 1df4db0..7b63233 100644 --- a/hosts/mail/secrets.yaml +++ b/hosts/mail/secrets.yaml @@ -4,53 +4,58 @@ netdata-claim-token: ENC[AES256_GCM,data:ECx8zLnU/dj08vfA76oVbVzL3JG9MLBoFmxSjtj openldap-rootpw: ENC[AES256_GCM,data:W0em1Dffg+IUoynwwPD4NjFksR38ZO4mhWFI83ALvYcwYIplxw/gDRLGCqbSt6TR5C65CKr1sOUiU+4Xq3UWmw==,iv:BHQhISTIYuwSM3KiSb0mEEo3BMNo6FXEDXoIvI3SZrU=,tag:tX8gfnk1JYnaNionk/jrLg==,type:str] dovecot-ldap-password: ENC[AES256_GCM,data:JYAt8/WggwclNEPO9CaWfQsvQBA8DDJCU2km93HpowoVwIdvQ/0lQHeXndPYe1EmJGJ3vLErie+Zn2kDINIMqQ==,iv:HR0QJ0GgQks3NzhfXwjHupCKcPOekkiTcp5Jxbz7CxI=,tag:19m7F6TjGUPOuHQJuUq2pw==,type:str] sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] age: - recipient: age14grjcxaq4h55yfnjxvnqhtswxhj9sfdcvyas4lwvpa8py27pjy2sv3g6v7 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkS1BpaHFOSmpWS29qYXR1 - VFNYbDNLTlhyVlFWa2FoNDhCbDVKQkFiTTAwCkxVSUJCTjdCcVJyeGQvd21JSmZ6 - LzVnK0ZMeFoxajdGaERoZ0t6L0c5REEKLS0tIE1HUnY4L3Frb09odEYxRm1QVUZr - bXlyZzBvaWtLa0hZaERSenVFd2gzWlkKNipeWlQnOLI4QxEwJIheAfYqVXCn2C2Z - 3rIJ5lK3DLAvdRjC1stngMzg+BPHMDUo1sXoR1/PhUEWcqPJ22IfMw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAraEttTi84cGd2bkd1RENP + bm9zRmlNdWZtSzZJVElVWW5qTXlzS1lreTNBCm9BMnJ6bEJON2Y5aVZvVjFmQlJw + VVVpSEVRNDJaa2FadFh2U1gySHFXQmcKLS0tIEhjeG5Wb0FDMlBxWW9aem45aTdF + N1ZQNlE2aTl5OGhqTUVNa20yelNpcW8KoXud5IID1g/KOvM30wn2cJFWQ5En4M5H + kJ/cLDSIBqgOpjtEeEDtMsKG4yW3H91YbXjwQ0UkoPJorauVPWnTYw== -----END AGE ENCRYPTED FILE----- - recipient: age16veg3fmvpfm7a89a9fc8dvvsxmsthlm70nfxqspr6t8vnf9wkcwsvdq38d enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3cE11YkI1TFJxKzRCVFF5 - NDR4Nk9PaDFmY3dESWM4dGRYMXI4RzQzUVY0CkVpS1JXWG0zL2Vlalc1N3FHN0FH - VFlqUklBeWZiQ242TUVmWm5sZmw4NkEKLS0tIE5wc2hHVTd1MGVsTFR1eCs1Z05y - cWo5VmpnbUFLTFl5L3R6aCt2am9PMzAKWLV6hqqxYkqlmNCwQeNJbxqq6neX+4Md - Nh9QesLSr/SRWhp61kSby5X8JytciZ9eSRx6B9igRFVwfyojImYcdg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBFbVcxeTJZM1dDUFhIZ3VE + ZlBaTU9tQ0Y2V2xlZFUxUXNKcjdadVVMd2w4Ck9TK2UyVFVTVSt1dzNWWUtxYzdw + SVZ3R3VjRUxDMDNRWnpRZVBHWXdzN0UKLS0tIHQ0ZW0xZDd4bFVBV0ZjZE9Jcm9F + cVd0aW1qWHFMMjh3SXhTYjJrN1ZEZHcKi9QhittNcxnz+Zzc/pyFutXg3Z8JJjgc + j3rW5N6eNJw0W50qPw0xdI44KEkWOc4vh+QGcPY57yqjSy4+SjWhWA== -----END AGE ENCRYPTED FILE----- - recipient: age1v6p8dan2t3w9h94fz4flldl32082j3s9x6zqq7u5j66keth9aphsd6pvch enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNSXFSRlRWcE1vUWM0OXJr - eXZmUmZ1VFc0ZVVWWXVIb29aUmYxQkNRbEVZCjY0a1pkV2d1Zk9BbnhNWGtOZFJo - Z3FmWkVsUkRtaXh3WStlSndCVTlnLzAKLS0tIDZmS0VLUjA4NnNrRWsvdm1LRks3 - NTF6dUZQM3RmbHBMc3poMTdsclMzVlkKHVwRRgCgPaA+/tw5Acl9RTg3W91xPZJR - elST65f/fGevyvyZcu9HCVcjymuoa/ghuJqKRQw0S8ELGQjbBSS++Q== - -----END AGE ENCRYPTED FILE----- - - recipient: age1exny8unxynaw03yu8ppahu5z28uermghr8ag34e7kdqnaduq9stsyettzz - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNTnd0SUdmRnBBNDRsMTlW - QkplQ2hDMkw1dVZmS1dseUtzU0loR0tQR1hnCm84bWJQdVg5OGQ0NU4xZ3ZoSnBB - NnVnUzZPbGZ2UjFaRVFFejIxTDV4cEEKLS0tIFFwZE42OFljaFB0emJ3WHBFbUk1 - d3F2cEp0QkFHcFcyOUVKWDdxM1hFVUEK+SyLcwXdpX+GQFXB7UFHmxD3BkVplA9V - 45K3fn9/KoZl27ECdvv6M/CweZBnOjcOUFjZCJDovE9Hmv0337c7Zw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2TnNnOUtsbFBzS0E0bnFK + NGk4ZkRjUWdRdG15aTQwU2cwQXdycjhxa3dvCkUwUGdmQ3FPQnFhZC9NcE9LUG1O + S0lydjZkdCt2V3R4dWlnUlBUSkp2RXcKLS0tIFJ3UkZhSkhTMlZZSjdXbFBObXNQ + RW40cXUrdFAzb1B1VTUzOGY2RTcveUUKFxxBBioTXTZ3INRykgRPoYwwbbuDMiXH + /Oy5yWE74I9KZJr/2idzd34Dq8PUB28lDyiDdxlISyAS33D4H0cl1w== -----END AGE ENCRYPTED FILE----- - recipient: age1jyeppc8yl2twnv8fwcewutd5gjewnxl59lmhev6ygds9qel8zf8syt7zz4 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQV251c1IrbFpad0lBN05t - enkreTd5TGI1SHJpV1pRdU1CRFRHL3FZWlJFCmtMeCs4WUlRSFAvcmZsUmdaZnNZ - TDJHak1PN2ZOaDYxTlNDVlRsNnYvNzgKLS0tIHBieEJuY0pKbmlEZ01QblU2blh5 - Z1dUUVpkZXh3d0lRbDlxT0tEMmR0eVkK9tea1FeroVL1KoARpACREz5KaRA2uMCI - O/ieCpzdFniJhX4Ulm4N7R7nc4OqSm9+i3Ruy3aKJ5305tfgGkCqQg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBiZHFvbFMrZ1dTQzBZUkw4 + dkl2UUlmcEZmZUVKeHVoSytYRzZVQ3p6T2hzCnJXaUJ4SUVaZFR3dEZtQ2ttZWNN + NHo0Znk5TjZzemtmWHdkSGlIZ04zUlkKLS0tIDRvclhTMFlsdERtQUk0azJ4ZVFM + WDMva0RCTnkzT0RWeWY5V281M0hjQkEK9o9cIFOiEwFeo+77QI9lXqdxlMCNGhOY + BtowL/7wo0Tfi7+CkBuKP/Bxp2D0x3b4OHDsoCNG0nc+55F/rDtR5A== + -----END AGE ENCRYPTED FILE----- + - recipient: age1azmxsw5llmp2nnsv3yc2l8paelmq9rfepxd8jvmswgsmax0qyyxqdnsc7t + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkMjIwT3pUcHlkc2N3eWZl + cVdtT3NGcDNyMFZ3V1lhWGdJMExyVXYwUTJFCmMrZ3dwZm1ZcVZVMnB6b1NPUDVR + UFZUaHdRVWFNKzNrdGE0ZWxUNnVOeWsKLS0tIFhnbklUMkd4ZGFrUjhUcVBKRktX + YXlwV28xR2poYnFja0xVdzRPcnZmV2sKDbM77Msos187Du6D7s1wlgEuVxqQ4cw1 + Rwm64kyiQPwh1W9sPhMOZWyEvUTP4QL2Bs6aB1Javf4BDKka0PeP6A== -----END AGE ENCRYPTED FILE----- lastmodified: "2024-07-08T11:20:50Z" mac: ENC[AES256_GCM,data:GPUwpSAz6fj7mRxX1ebEb2sLAMLkQLuKPXk+B3+zZmA6+D7gAKrrBGUWHqYA9DMMY0r32OZSccGRmeKqdA7sWmzdIJTcBu8EyER1nJqVFJiXcOOdTkCLdOM4xW969YE0lBKpIAQ40E7YXYYwkI1JINneIBTuXkvIBmSQ3Bt2+ak=,iv:VEPNQxDLzxyTxkn8dI6xNDe9ESk2RojSNYYEwT+Ggas=,tag:cfUEKU3arSJl+lEOa+4iRA==,type:str] + pgp: [] unencrypted_suffix: _unencrypted version: 3.8.1 diff --git a/hosts/nb/configuration.nix b/hosts/nb/configuration.nix index 2236ff3..baa3b22 100644 --- a/hosts/nb/configuration.nix +++ b/hosts/nb/configuration.nix @@ -179,8 +179,6 @@ in { extraGroups = [ "wheel" "disk" "video" "audio" "mysql" "docker" "vboxusers" "networkmanager" "onepassword" "onepassword-cli" "dialout" ]; # Enable ‘sudo’ for the user. }; - users.groups.dominik = {}; - environment.systemPackages = with pkgs; [ alsa-utils sshpass diff --git a/hosts/nb/hardware-configuration.nix b/hosts/nb/hardware-configuration.nix index abc1edd..2b0553e 100644 --- a/hosts/nb/hardware-configuration.nix +++ b/hosts/nb/hardware-configuration.nix @@ -17,58 +17,32 @@ boot.kernelModules = [ "amdgpu" ]; boot.extraModulePackages = [ ]; - fileSystems."/" = { - device = "none"; - fsType = "tmpfs"; - options = [ "size=16G" "mode=755" ]; - }; + fileSystems."/" = + { + device = "none"; + fsType = "tmpfs"; + options = [ "size=16G" "mode=755" ]; + }; + + fileSystems."/nix" = + { device = "/dev/disk/by-uuid/856e1ebe-832f-422d-8d91-d43a5d852abb"; + fsType = "f2fs"; + }; boot.initrd = { - luks.devices."root" = { + luks.devices."enc" = { crypttabExtraOpts = [ "fido2-device=auto" ]; - device = "/dev/disk/by-label/root"; + device = "/dev/disk/by-uuid/08897ecb-23ce-4352-a1fc-fa442b9e0f72"; }; systemd.enable = true; }; - fileSystems."/nix" = { - device = "/dev/mapper/root"; - fsType = "btrfs"; - neededForBoot = true; - options = [ - "subvol=@" - "ssd" - "compress=zstd:3" - "discard=async" - "noatime" - ]; - }; - fileSystems."/nix/store" = { - device = "/dev/mapper/root"; - fsType = "btrfs"; - neededForBoot = true; - options = [ - "subvol=@nix-store" - "ssd" - "compress=zstd:3" - "discard=async" - "noatime" - ]; - }; - - fileSystems."/nix/persist" = { - device = "/dev/mapper/root"; - fsType = "btrfs"; - neededForBoot = true; - options = [ - "subvol=@nix-persist" - "ssd" - "compress=zstd:3" - "discard=async" - "noatime" - ]; - }; + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/1521-B173"; + fsType = "vfat"; + options = [ "fmask=0022" "dmask=0022" ]; + }; swapDevices = [ ]; diff --git a/hosts/nb/modules/development/default.nix b/hosts/nb/modules/development/default.nix index ba59a92..75afc24 100644 --- a/hosts/nb/modules/development/default.nix +++ b/hosts/nb/modules/development/default.nix @@ -10,9 +10,8 @@ in { imports = [ # ./mcp.nix ./coding.nix - # ./android.nix + ./android.nix ./nvim/default.nix - ./mcp-chromium.nix ]; environment.systemPackages = with pkgs; [ bento diff --git a/hosts/nb/modules/development/mcp-chromium.nix b/hosts/nb/modules/development/mcp-chromium.nix deleted file mode 100644 index d4dd9f4..0000000 --- a/hosts/nb/modules/development/mcp-chromium.nix +++ /dev/null @@ -1,57 +0,0 @@ -{ config, pkgs, lib, ... }: - -let - # Wrapper to launch Chromium on Wayland, scale=1, DevTools debugging on 127.0.0.1:9222 - chromiumWaylandWrapper = pkgs.writeShellScriptBin "chromium-mcp" '' - exec ${pkgs.chromium}/bin/chromium \ - --ozone-platform=wayland \ - --enable-features=UseOzonePlatform \ - --force-device-scale-factor=1 \ - --remote-debugging-address=127.0.0.1 \ - --remote-debugging-port=9222 \ - "$@" - ''; - - # Desktop entry that uses our wrapper. The filename will be chromium.desktop - chromiumDesktopOverride = pkgs.makeDesktopItem { - name = "chromium"; # ← important: must match stock filename to override - desktopName = "Chromium"; - genericName = "Web Browser"; - comment = "Chromium on Wayland (scale=1) with DevTools remote debugging for MCP"; - icon = "chromium"; - exec = "${chromiumWaylandWrapper}/bin/chromium-mcp %U"; - terminal = false; - categories = [ "Network" "WebBrowser" ]; - mimeTypes = [ - "text/html" "text/xml" "application/xhtml+xml" - "x-scheme-handler/http" "x-scheme-handler/https" - "x-scheme-handler/ftp" "x-scheme-handler/chrome" - ]; - # If you want extra desktop keys, you can add them as a raw block: - }; -in -{ - # Tools: Chromium, Node (for MCP server), our wrapper, and the desktop override - environment.systemPackages = [ - pkgs.chromium - pkgs.nodejs_22 # 25.05 ships Node 22 LTS; works great for MCP servers - chromiumWaylandWrapper - chromiumDesktopOverride # ← keep AFTER pkgs.chromium so our .desktop wins - ]; - - # Where Codex CLI reads config; we make it system-wide - environment.variables.CODEX_HOME = "/etc/codex"; - - # Codex CLI MCP config: wires Chrome DevTools MCP to the local DevTools port - environment.etc."codex/config.toml".text = '' - [mcp_servers.chrome-devtools] - command = "npx" - args = ["-y", "chrome-devtools-mcp@latest", "--browserUrl=http://127.0.0.1:9222"] - startup_timeout_sec = 30 - tool_timeout_sec = 120 - ''; - - # No firewall opening: binding to 127.0.0.1 only - # networking.firewall.allowedTCPPorts = [ 9222 ]; -} - diff --git a/hosts/nb/secrets.yaml b/hosts/nb/secrets.yaml index 505fb73..84caaa3 100644 --- a/hosts/nb/secrets.yaml +++ b/hosts/nb/secrets.yaml @@ -16,38 +16,29 @@ sops: - recipient: age14grjcxaq4h55yfnjxvnqhtswxhj9sfdcvyas4lwvpa8py27pjy2sv3g6v7 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBpMnBLcDdsczB5TnczVFdQ - V2NEZFR1bkNvK09HZWV1MDg3RmRHbXNYeGpBCmpmemFjYzZQMXAzTmh1NWhOMkFK - UGNBRDZZa3dhUFVpa29JdWVrdU0vd00KLS0tIGpQeDdFNTFIRjg0SEhrQURVdW1Q - VmdHNkI3eDd2aHo1VTJhZHN4bGxNNzAKcIrRBasCcoNCdYM3lcjzMIME8jn48x39 - 0DJGKX6/hoVaUlpRcCfnEx5Ihu4dSBxd2PMz7DgDZizftFWOJ2TZaQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGUG5oZ1BPL1hiRm5zQ3FO + Zks2RWg1ODZGYm4rY05wT2dWTHFCN1FhcEY4ClB5N29SclVxWUpGaHF1V0o1cHVK + TWtoTGFsRHVERWgxczlqdysrRmVDM3cKLS0tIFNISWhUbmV5dERHSXV3ZW5Gd0l3 + bHZHdy9jUHhLSTFUWHBxUTcrT3FoaHcKpKjzC3KDD6TXpbPm/ObztJQzkNnnTnvH + uWzRhQg7lHAKiiz4szzT64WCuisxFAOJP1KrSK9qP5DLBm8aKIDcPA== -----END AGE ENCRYPTED FILE----- - recipient: age16veg3fmvpfm7a89a9fc8dvvsxmsthlm70nfxqspr6t8vnf9wkcwsvdq38d enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTV2hRelFkTVdSOEQxaExp - VGNnb202UVdpK2wwWTl2YUp2VU5WRTViaGpnCllxKzNCWExZZnllQ0lvM1ZPbjlz - TndkRHBvRHBaVVY5M0xZTmFXRTFlZzAKLS0tIHQ3QWcrYklaZ2ExUnRObTg0YnNG - Nk5JOFQ3M1pBdmg5dUpkSFZoQXY3QVUKNL3HpYBWsGdHPG/eUlU5+G4Dcnk6efX1 - e7B2ye+mzMjt0Kpz5QxltOZIiTyvNLKNUijNgmoK5RGJibJCwbl1ng== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4VU1JZ3FkQ2lPVE9KeGMw + c1lRWGlPU1BKbXlJc0lnVURNNjN4bDRNWFZ3CnQyRUE0MXllajgySHRkSTNRZ2U4 + K2w3bWEzNmxrZHRybXdFdnZCTmYySW8KLS0tIFduVUdYdDdVOS83QUxveG5lMDRi + M3E3bDhrM1FvMERESmI2RTdBTVNUMlkKoKhTGUYULeQvqMjwMCanDxD4yflGURgE + ROZe6d8R5Sya+RsS4uzNMs5KkjGeC/xjbNO22uSRennIwCqBaHNmgg== -----END AGE ENCRYPTED FILE----- - recipient: age1v6p8dan2t3w9h94fz4flldl32082j3s9x6zqq7u5j66keth9aphsd6pvch enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBiZ3RBeUM5NE91K0RnQnhU - cE53akR2bnU4MmljY3BWcjlNOXZueWpJNEV3CkFOdWdGaXVrM0hvNTdubFkxdERZ - TjQvMDc1cEM2TnVabVJNTnhkK2hyMmMKLS0tIGhLQ1liSUhnVmw4N0lWR2Y0clV6 - OXhTc2YwWXhZRzlPbDdkZE1QUUVNMFUKHSE1LckK00qdCBl4iK6lzOzlIJ0WnSrk - c9kuwHrZoQIv6JuscjkJ1n9/SeDZoFRnaEHC31txMot/tkpG5iyrbw== - -----END AGE ENCRYPTED FILE----- - - recipient: age1exny8unxynaw03yu8ppahu5z28uermghr8ag34e7kdqnaduq9stsyettzz - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBrSEFSaHIyVnZsOG82UDJX - VDhjOGxTakVQZWttTFVxTEUyUnpaRjZmelFjCk52RGYwRUhkMVpSWXV1UFFhelhl - Nk9QazR0V2JaanpHMGVOSWF1aTRRZ00KLS0tIFk4QS9uVGJVYlh2aXRlQi9WWkpn - WmpuN3RGK2pCdzB6TVkrcy9YV0lPRW8KWbTtmqbkHibf6SfueCE+s03Efkr5Oat9 - sBi4uDTmaaqBEcoO1mQ4MQD/On9tZzThjfD8v+m0wUU5xGvE5naA6g== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBMW1zeU5ubDloazBKNFR5 + M0xnbXQySWptOHFEQmQ0VHdvTWVieitYK1drCmI0VW5PVUFaTFo3STF2MUxSOXhC + T1YxY2lFMitKM29rS1FKQWRweStxUlUKLS0tIEFnQTlHcFJEcTAxem5QK2xrTm8r + L21ncjlQdGVDUjI2eXFIb3U2dW13bWsKuEwATNEUWtjuLsH7DQAt6J2l4blTId1W + A1kQ+0dfUKrZ0dsbvUA5L9+haUiK8f5RvapaKW+L2JEn7gW5wJSJEw== -----END AGE ENCRYPTED FILE----- lastmodified: "2025-06-05T16:28:03Z" mac: ENC[AES256_GCM,data:NNYwveO78Q4cWOPPt3Pyqh6AtbfRj/ax6D4t2KlVXWSLzKTUZKKaULXGY5PBp/jI2pyhPp5yEMhEyjRPWC8Xhvxjv+NLb6KltgaMfzIBS/jfSNk3dcYx6i8Y2oSG1efLJrRMc2Q/uACeztyivtjV9A7JCrEtb84Wb9HzkI4nZVs=,iv:Q8cTw+/RMJ3WHrkB9lyaAyI2K3O1ZhDnAMUYMJ4JMRk=,tag:JvrLiaKKYXiOmud4oZZZ1w==,type:str] diff --git a/hosts/nb/users/codex-cli.nix b/hosts/nb/users/codex-cli.nix index 0168196..c093110 100644 --- a/hosts/nb/users/codex-cli.nix +++ b/hosts/nb/users/codex-cli.nix @@ -5,7 +5,7 @@ let npmPrefix = "${home}/.npm-global"; node = pkgs.nodejs; # or pkgs.nodejs_20 in { - home-manager.users.dominik = { config, lib, pkgs, ... }: { + home-manager.users.dominik = { lib, pkgs, ... }: { home.packages = with pkgs; [ node gnutar # provides `tar` @@ -13,32 +13,6 @@ in { unzip python314 # useful for codex model use jq # useful for JSON processing - (pkgs.writeShellScriptBin "codex" '' - #!${pkgs.bash}/bin/bash - set -euo pipefail - - # Required dirs - mkdir -p "$HOME/.cache/codex-tmp" "$HOME/.cache/xdg-runtime" "$HOME/.config" "$HOME/.cache" "$HOME/.local/share" - chmod 700 "$HOME/.cache/codex-tmp" "$HOME/.cache/xdg-runtime" "$HOME/.config" "$HOME/.local/share" - - # Pass through cert vars if present (avoids TLS issues) - EXTRA_ENV=() - [ -n "''${SSL_CERT_FILE-}" ] && EXTRA_ENV+=(SSL_CERT_FILE="$SSL_CERT_FILE") - [ -n "''${NIX_SSL_CERT_FILE-}" ] && EXTRA_ENV+=(NIX_SSL_CERT_FILE="$NIX_SSL_CERT_FILE") - - exec env -i \ - HOME="$HOME" \ - USER="''${USER:-$LOGNAME}" \ - SHELL="''${SHELL:-${pkgs.bash}/bin/bash}" \ - PATH="/run/current-system/sw/bin:/usr/bin:/bin" \ - XDG_RUNTIME_DIR="$HOME/.cache/xdg-runtime" \ - TMPDIR="$HOME/.cache/codex-tmp" \ - XDG_CONFIG_HOME="$HOME/.config" \ - XDG_CACHE_HOME="$HOME/.cache" \ - XDG_DATA_HOME="$HOME/.local/share" \ - "''${EXTRA_ENV[@]}" \ - ${npmPrefix}/bin/codex "$@" - '') ]; # Ensure ~/.npmrc with a user prefix (no sudo needed) @@ -65,7 +39,7 @@ in { home.activation.installCodexCli = lib.hm.dag.entryAfter [ "writeBoundary" ] '' export PATH=${node}/bin:${pkgs.gnutar}/bin:${pkgs.gzip}/bin:${pkgs.unzip}/bin:${pkgs.curl}/bin:$PATH mkdir -p ${npmPrefix} - if [ ! -x "${npmPrefix}/bin/codex" ]; then + if ! command -v codex >/dev/null 2>&1; then echo "Installing @openai/codex globally..." # --global uses prefix from ~/.npmrc; PATH has node for postinstall ${node}/bin/npm install -g @openai/codex diff --git a/hosts/nb/users/dominik.nix b/hosts/nb/users/dominik.nix index 12200d5..803e33c 100644 --- a/hosts/nb/users/dominik.nix +++ b/hosts/nb/users/dominik.nix @@ -258,25 +258,25 @@ in (createChromiumExtension { # ublock origin id = "cjpalhdlnbpafiamejdnhcphjbkeiagm"; - sha256 = "sha256:054kqrai2kd89bzc5c3x17rjfdil2zzxrxrg65vaywmvm77y7kmn"; + sha256 = "sha256:0ycnkna72n969crgxfy2lc1qbndjqrj46b9gr5l9b7pgfxi5q0ll"; version = "1.61.0"; }) (createChromiumExtension { # dark reader id = "eimadpbcbfnmbkopoojfekhnkhdbieeh"; - sha256 = "sha256:1i8rs6bcblx4d85rh41pmky3hhlpzn5977lpz5zmhwri7sb77yzk"; + sha256 = "sha256:1lih8zbil1jwbzg7m1lnbx41d9smaqbs472lya7dgh36iwgsnpsr"; version = "4.9.96"; }) (createChromiumExtension { # privacy badger id = "pkehgijcmpdhfbdbbnkijodmdjhbjlgp"; - sha256 = "sha256:19vpk8h8q0xgi40hgv1bd24n3napbgbzg12najc3mkapqcvfcmhc"; + sha256 = "sha256:1nnr5l7lpci76vixdfgkhagbycypvww7rg5pm6vjjdn45iw082w9"; version = "2024.7.17"; }) (createChromiumExtension { # Bitwarden id = "nngceckbapebfimnlniiiahkandclblb"; - sha256 = "sha256:02cscadjqbfx3a5bky1zc38pxymzgndb9h3wing3pb0fwm30yrzd"; + sha256 = "sha256:1fsgv42nw2rwwh69ipkkq4fs52l6sz5pq3qlv5psa8r1fiidm8zd"; version = "2024.10.1"; }) (createChromiumExtension { @@ -288,13 +288,13 @@ in (createChromiumExtension { # Vimium id = "dbepggeogbaibhgnhhndojpepiihcmeb"; - sha256 = "sha256:0z6c04kjp13g4ix5kpv2m8q27i8pwz2c0rdi78wcnxqmqnik4ifx"; + sha256 = "sha256:0m8xski05w2r8igj675sxrlkzxlrl59j3a7m0r6c8pwcvka0r88d"; version = "2.1.2"; }) (createChromiumExtension { # BrainTool id = "fialfmcgpibjgdoeodaondepigiiddio"; - sha256 = "sha256:0i8aga8h7jgjgsy1xx453gryzvf6y6wm9fd2i6cnzafjpf2fk51b"; + sha256 = "sha256:1ny8kxb0cag121wavcjzc6vid1lqgblwvb50rfwb7rdh6gbxfni5"; version = "1.0.3"; }) ]; @@ -646,10 +646,10 @@ in ssh-keygen -R gitlab.epicenter.works ssh-keyscan gitlab.epicenter.works >> ~/.ssh/known_hosts - git clone git@github.com:AKVorrat/nixos.git ${persistHome}/projects/epicenter.works/epicenter-nixos 2>/dev/null git clone git@github.com:AKVorrat/ewcampaign.git ${persistHome}/projects/epicenter.works/ewcampaign 2>/dev/null git clone git@gitlab.epicenter.works:epicenter.works/website.git ${persistHome}/projects/epicenter.works/epicenter.works 2>/dev/null git clone git@github.com:AKVorrat/epicenter.works-website.git ${persistHome}/projects/epicenter.works/epicenter.works-website 2>/dev/null + git clone git@gitlab.epicenter.works:epicenter.works/nixos.git ${persistHome}/projects/epicenter.works/epicenter-nixos 2>/dev/null git clone git@github.com:AKVorrat/spenden.akvorrat.at.git ${persistHome}/projects/epicenter.works/spenden.akvorrat.at 2>/dev/null git clone git@github.com:AKVorrat/dearmep-website.git ${persistHome}/projects/epicenter.works/dearmep-website 2>/dev/null git clone gitea@git.cloonar.com:Cloonar/eidas.monitor.git ${persistHome}/projects/epicenter.works/eidas.monitor 2>/dev/null @@ -658,10 +658,7 @@ in home.file.".wallpaper.jpg".source = ./configs/wallpaper.jpg; home.file.".wallpaper.png".source = ./configs/wallpaper.png; - home.file.".local/share/nvim/project_nvim/project_history" = { - source = ./configs/project_history; - force = true; - }; + home.file.".local/share/nvim/project_nvim/project_history".source = ./configs/project_history; home.file.".config/Cryptomator/settings.json" = { source = ./configs/cryptomator.json; force = true; diff --git a/hosts/web-arm/secrets.yaml b/hosts/web-arm/secrets.yaml index 26465c6..6473060 100644 --- a/hosts/web-arm/secrets.yaml +++ b/hosts/web-arm/secrets.yaml @@ -32,47 +32,38 @@ sops: - recipient: age14grjcxaq4h55yfnjxvnqhtswxhj9sfdcvyas4lwvpa8py27pjy2sv3g6v7 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtU2ZiVW4yWkF5bDBnWVkx - QVFkTTZ6SlA1ZEFNMUpYV1ExMEx0Ulh1dWdnCmdrVE5tYnkwZkV3UWZpbEI2TjRu - YkNLT21sbmhDZlFJL0IxakZKamRRV1kKLS0tIG5WdFpOL3lubWZpTjI1bi8raGdh - MWovMVgzMmlDeVdPYU9EVHp5cFpOR2MK2HEG8AmgkABIfyf+TGCgMiG94AJEdRUp - bJ45NqVMHdFBb3pX34I9vbcpAuvWm+0UMJc5tndD19tulcBTOkCsVQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBZa3JUVk9UQ2xvdE82MFNZ + QU1HSktJa2RpbTNVajlES29qdnZMZjR5dlZFCmdhaHEwOXdpdFJaOWpzcHZmUWUw + czFUUjJ1aThrQzloQUs4STVJNkJqdUkKLS0tIFUybFpweWhuQ3RhWVhEZllIKy83 + WUhmU0Q5L2M5MGJBb2RXRUNUanJ2UDQKxDH3kQ7PxBgHbkv7HPhSmyHIT6N8qmCf + vgRYuZWFgMas1BsS2/F9jmWxUtcqj6/LClmKvIlAmr7OiEZ8fLBTDQ== -----END AGE ENCRYPTED FILE----- - recipient: age16veg3fmvpfm7a89a9fc8dvvsxmsthlm70nfxqspr6t8vnf9wkcwsvdq38d enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBpVE1IdDlKWUR2a1dYV2Nj - N0wxaTdnVThiVWR1RjBWWWNIenJOM1gzbVFFCmJVZ1F3YmdWNjJhV2p2LzFCaHkw - TTlWWktxbWpIYXNKaG1NTWxIQlpTNUkKLS0tIHYwdVdQam05dEZPTFFyeEFmQUJk - b3FSSkNxekhRcllUVGExMis3bm1ySEUKHT4Axi4FjAPxjnv4knAxlw5Qk7uOWDie - XU5oc1gqX6/8So/VAfGqATxyrC4ceg1f8D62QEUkYVe3UOSSXrhrPw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXVDI5dFlSajl1bXkxb09C + NlRFM3dpTk5KbkZ2RGZwUUVVdGpHVzdac3dBCnVJTWVMN0t5Q1MzTzVSSjRDQnRN + NGVKa0h4K3FpZUhmcnVkajVOaEd5bjgKLS0tIHpVWTJIa2NOQXNQRXhUaHhKc3JV + TEhxV2g3N0w0K0E4cjBhK3h4R2VONk0Kqmgr6vvwyP5GUNGEJT4lGk/q+6D1/vEc + iAx10xVmtDvIuWTPwNHM5Rlx1SesloGiTSgT/MwzaUYm8lkpK6BNPQ== -----END AGE ENCRYPTED FILE----- - recipient: age1v6p8dan2t3w9h94fz4flldl32082j3s9x6zqq7u5j66keth9aphsd6pvch enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJTXV2TXdaSVZveTBINkdl - QlV0QlNGdGRVMmRWRjNRRHpjcEJDTzdRMlhzCi8vNkV1TFROVlZsMFVLcHNaMkYr - SVp0ZG9BSWl1SUU2cTJkSTBBQVhWQWMKLS0tIDhKV1hQeDh1OXZpTTJWVEQxcXNX - WS9FWG1jdTZqMVhCMkJjQndlcUVjZ3cKeIdiDFlg1ABxACX8TFYJ+hLrpHMBOQKy - YHlLY6tOwiFKZw98CqqfZG33aXdo2buD7jfGiK+v/VESyfOLqBxFkA== - -----END AGE ENCRYPTED FILE----- - - recipient: age1exny8unxynaw03yu8ppahu5z28uermghr8ag34e7kdqnaduq9stsyettzz - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBsQ2pLV0lFdXQ1anczZnp6 - eFE1ZndLcDlFSjkrdjBWUFAvOGMvM3FRUXpFClhFMjNKcFRldE5YdXp3ZHFzSWpm - NzBhM09UVW5GSWNCQjM4MDFObnA0ZFkKLS0tIGVidjY4UUxDeFV4QjZMeVNLdk9v - aG1HN2dMaWg0d3BOWm10NVFoYUgyUVEKdPIbG4IWEWsQDqikAMFfQ4M1iJUC84QU - OEpdVIYPsyF0WA9aQmmYtvOBB2T1R7ilOVurVb1KqtLA4njzIHoeEA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBjc3p2TGRYRFV1aUg4Z1JF + MXBYUXVRTTYza3UvOTNiYVV6TWVBZDNMSkVVCjkwWkNMQzk5RVFBYkNqNmpKOGwr + SGlhYm1sVUs2S3VoNzZ4T2pvRkVkeVEKLS0tIGEyQlhQcmtKcUh2NnJLZ3BFeWdB + Q3lVNlFxbWhzeVBaMVd0ekxEVTJBc28KyCK90KW2wb9bXup9OW6J1Gnrlb9X5e8l + c+kztOq76I8NtSAnrwfkpp7iJYH4F4TEU6meFGO4Ev//duKoBT74TA== -----END AGE ENCRYPTED FILE----- - recipient: age1ylrpaytkm0k5kcecsxvyv5xd9ts4md0uap48g6wsmj9pwm4lf5esffu0gw enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWbTNXS09KNDNid3B4eklB - eGZkNDdkUkJQeEFmMi9TNnViUTZtYWFHbmpzCmlPbUVYMzlyY2FvOFROSHRhVXZa - TzhaUTBhVnpUNk12bVRLUndVUWJpNEEKLS0tIFVQQSsvakhnU3ZRZkZFMkpZVndH - RkttZkZIZVVFNml2dmU3dDFvbkhSekUKxsgf2LemWDiae5a+RO5ttxQDSMkll450 - w0L3e8JWP63sipaN4Fc5d33V54/yLD65PWPRZr3oZn4FdjHCBsLGeA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBZREdyNFNQRkI4L3BTY2FW + K3lFcmpsQ2tIMWYyVnVDbllPcktBMmVoMlFRCmlwa3RubzFzMmRTRDJYZUgvU1hN + SmFJWXR3UjhEaUJtR3hSeGN6UnJ6WE0KLS0tIGFXQmIxYVl6Y1djQ2lrcjRUNDdt + elpYSDg2Y09Ia1VEaE9yUWRYMlk4V0UKcsiKxtTdtAT7odCCua7wV/3879QEp2YJ + iIVgZIrTg34tEGj8VbACcGINZfid3SSkUM4hnydP72ZOOfijIN21Ew== -----END AGE ENCRYPTED FILE----- lastmodified: "2025-09-09T09:52:21Z" mac: ENC[AES256_GCM,data:FXQ0mXR8CZR7kPNbmpjXTLmhPlJlgPaJMP5Z2PA2ZORBwSAzyms+a/FFwRnIzcKk0MJEhJH6rVwWCwo0AlPtcwzL5Cnm+mkW3EgN9jtIZumvvtZwW0zWM99F7UsBTboJnG7kGbkfqqRVC4svv6G7xMkbxKIFqwJTUJqRE5vrqnQ=,iv:cuhcQtpF5TMBqx9x11zcxa+5S0IqMngC2dGfJGU82/4=,tag:GKtEOxWuDzcKa5RtRacQTA==,type:str] diff --git a/utils/modules/lego/secrets.yaml b/utils/modules/lego/secrets.yaml index e617a5a..722f2ff 100644 --- a/utils/modules/lego/secrets.yaml +++ b/utils/modules/lego/secrets.yaml @@ -1,106 +1,156 @@ lego-credentials: ENC[AES256_GCM,data:cn7n1jOammEdvzYzBKJ086c1bHc77GN74uncg35ClaTBvb5w3F0lQazJqBJoIf365Q==,iv:FLrr7WwGgzjuENOEi/Sf8Ti6wcQLPnBkJ+/DxyCUM54=,tag:yQnDsDz+btx3MQu/4w2ixg==,type:str] sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] age: - recipient: age14grjcxaq4h55yfnjxvnqhtswxhj9sfdcvyas4lwvpa8py27pjy2sv3g6v7 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRYWJlY2J4RTBML3VQdzgv - eHhnbHkxMnJITmpiTkU4RHNCOWlOb0tWVHlRCmhHYmEvSW9ZeGprL0lCZDlnUmNl - b1JwdWw1azQyMFRNSzdZUkMyaTJHbFkKLS0tIEF0Sk93d2ZVV3ZEMVUrRVB6WWNs - RGhld25tYlNVYm4vclY4SnhFdWIxcUEKK9om+AXDMNz99E5Isxe5RsAQFUmJcEdm - QrhVnksGJibKXIhdalqxujjt7u6ZwEMnBvM95AhRazvSYIf6G6gUkQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3Y1VTUWNXMWdDRERPcUxU + ZTNadjlodGptbDhpRHJ2Z0gvY2JNQmFkdVdzClVGeWRIOGxqUHlkUEU1L0NTMUc5 + YmozYmR1TTdOTDNXOTNpbll0bGhqUGMKLS0tIDhTclB1NUtQZXFLR3phcEVkRzl2 + blVocE9wZjRydTMxa1E4ZUNOV0dPN3MKlP/9qMY3JgUb0fV+oIAVYVooX8I9lhIH + oRCALbQJQETlczXf4zSx1htXVctP0/fifSozFvo197pCjAxIl6d4qw== -----END AGE ENCRYPTED FILE----- - recipient: age16veg3fmvpfm7a89a9fc8dvvsxmsthlm70nfxqspr6t8vnf9wkcwsvdq38d enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzNGFjYUM1djczYURQWHBN - MmhvRnVtSDBqRTJHY0p3NWdNRlFIQmFPMEZVCjUvQi8yMElvQUdPK1ZQeGFmbm9w - bTdhVmMyd0tjNStpTm1NemhydWxnc00KLS0tIGI4cmtHWGExYjhYL3VaYkkvZ2ty - Ri9ZODBSajlqV3lwbTF0WHFBUFBta3cKx9Hls2u8B6ZkRaSKIEHhHsRHp06juwqT - 6TDkA1anxMi4ffQAFijtiEyFYHDnA76bwuNkixICMasmFOdCRWM1jA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBuTGF2bEwreFA2dzNnbjdR + UktlTm84UTcxNDdyaXE3akZzWkdaVXJPbWhFCkJWandOZDFXZWpFdXQ2Wm9CR3kz + eVZQdEdDMTN1SWlOVlJMSGNCQ0JMZU0KLS0tIGZvYTJ6bnJqYXdiVkhqMjBsbGRF + WS94bVpvWklpTTlDeVZET2pWRWJNOXMKlzLWxsxCqIf3h2+ObCoyR8KuDQdPM86R + DA7XCvfBOMkr1bnZLVi0mLM3mwnYmLDyfGIjULaR9KK/S5CCzF7JDw== -----END AGE ENCRYPTED FILE----- - recipient: age1v6p8dan2t3w9h94fz4flldl32082j3s9x6zqq7u5j66keth9aphsd6pvch enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSByTEVielZEUi9rSUxlSEgw - Y0VVd2F4aGt4a253ZitMWTViVFdJeTJacWo0CitGTys1c2ZUeGJSN2grU2hTMmw4 - Uk5FbGljU1huRU5wakJRLzRaSVZOYm8KLS0tIGNMRFB3VUIvaDhiaXZFMy9kVGNx - SXE1NmNuTThXQnBldmttRm5vVmtRd3MK4ixdF0RMQKeOuZt22RskFcUy3GAvhdxf - ooqX/8/5hz48M1Z5LC4XO8VreF0QYY6sM+lN2r9yP/6vOPRxre9RsA== - -----END AGE ENCRYPTED FILE----- - - recipient: age1exny8unxynaw03yu8ppahu5z28uermghr8ag34e7kdqnaduq9stsyettzz - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxdXVnTXlQN0sxd0tkc09L - YkFZcG1zcTlObWNuQ2tHb3FKSmFSQmszNFVjCnVvcmNoSExBSWdFRTZkSlhUWFNn - dzhMQWFua3BXVHBxbjRzY2dGRXlsTXMKLS0tIDErQklTRG8vMDZ0OEppS2FRRTRx - Yld4bWhIMzJBY2JtaHh2Y3JvcTcvZ2cKR0Bb6BzJx9r+Ty/TPH/21/b7ygVG1cSi - VUK95j7RScLJte5YjRso5Hm3vKuKKvQDurb9hniyJm78H6lQ2rm8pA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTZWVhenNQUVJRc0NjZWNR + M3RBVVByUHV5L0FqZEZmUklkLytGUlNGVERJCmZDWXRjSk0yM0lLMDVlVUI1bG9C + RTNlUHZ5WHp5NTVURDVnQnZ3OFRnUnMKLS0tIHh4c3psanl5cWs1NVMwNHlEcE9l + aHBzdktDZGdrc0UrMng3R2xwWHpFclEKuum93/+TrG0Bz/FyPT7N6U1fpYjD63bj + KDOaNxsfo7oagMJyNRkUSv4q1zZ8uwMKUXBSiWdiQCKt2m66Dm8ctg== -----END AGE ENCRYPTED FILE----- - recipient: age106n5n3rrrss45eqqzz8pq90la3kqdtnw63uw0sfa2mahk5xpe30sxs5x58 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDeEF1eTEwcGp2T21iLzVs - VmN6Zm5SNUxCdzg2SjZyRFpkdkRpS2FFV0FzCmpYME8zMGU4a0FrZ0hab2taZ1dh - b2JxZzJKZlhxSXZRNlhCOGk2NnRCcG8KLS0tIHF2RDZtTnZEaCt4M3c1THQ0K1Yz - Yld1dmZMcEtqSVhQdzlXT0dtQ3BOdkkKrslHv+MLSPWAZspNDUYy+TTB5d5maViF - ifRFP60zlXOSFyn/198BxVeFKc0yaf7VaAZOw8n7G44vSTaWr043/Q== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBrOEl4RkRXMFU1ek1sWmdG + UEZaS0h4aXNybUIzalVNbm5sMzNtL1dqc0ZjCjI5d1N1bGNCRTdzTWZEeEdzYlQw + d0xGMS9TakVCZVpVVHcyYXZWQ0NubE0KLS0tIG52VU1kT0JYMkRVc0F1NjFjZi9K + MlJRODVhRUN6czNUV3RROWpsZTRTWnMKEBMyebasef2bz6zmO89xaaU2SfNZOWau + tl0p+FoK3KcX3QxGJnnOTvyMMoUEGSu7JPuy3+p2rzOwFYYeMOJYIg== + -----END AGE ENCRYPTED FILE----- + - recipient: age1y6lvl5jkwc47p5ae9yz9j9kuwhy7rtttua5xhygrgmr7ehd49svsszyt42 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3TFZhL0NCdnFLeWw4b3pU + RDFXM3hUU29GMXVIcFhUT1lGeGlBRVd0OHlzCjR1YStsMHNGcmdnMm0xUFpOd0RU + QjFQMGlBMHQ1bktZRFZvZ1Q0OHhmajQKLS0tIHA4TGlVRCt4TEN0dGp3NUcvVjZq + ekc2R0VadzdwVzFpN09CRENjN1F6RTQKmGMPWX2k8OP8YYSYgfn9fRqsmvhyyvg5 + CqcLwAFo8NjMMLybTLUy3PEZbymwwV4uCUOGk8hxayPnBY3VICDw7w== -----END AGE ENCRYPTED FILE----- - recipient: age1gjm4c3swt8u88e36gf2qlg3syxfc0ly94u64c42f2tsf24npw4csa6e4fw enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSArZlBySnJra0d1Z2ExLzlM - NlRnY2NTL3NWMWV2OFJ5Nis3dHJ0VnJLUTNrClBGQ2h3dTg3VWlyYmN6dGp6dzVF - ejhFUTJ6SEJqL2t6VG1NMWxDQnpVSmcKLS0tIFBRdjgwcjJTSnIxT2pVSGJHT3Vq - Zk55RWcxNXR3U0NXamluZURjTkU3a00KfhY/GmgG501PpFFEk6n5saN+S5v0meuY - JzHwjh+3ylPkvbAw1JStaKM4HXdKM4opTT6tNXCEUNBUTKARneZSDg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBFamxVcDZhRDJSRWoyYmp3 + NklibFVBR3MyZXJLa2xXcFdPaHJETmo3bm1RCnVsVkU2M1pINTdSdEtJbElBQ1hJ + OWdJc1RnYVhCVmc4UmNDRU5iZ2JaYnMKLS0tIC9GZjNFM3NybkhlbWlrZVNDNldz + ZVF2SjU1bDA3R2RJd3NzdStqQzV3ajQKDc/9sVNcYLir3+xVSRb5yPiMtx9dYm/s + Nk4CgnxY24GN8kivUk8a2bILXpg5LuR/8SvXchMHH61TNgKwnd++fg== -----END AGE ENCRYPTED FILE----- - recipient: age1ylrpaytkm0k5kcecsxvyv5xd9ts4md0uap48g6wsmj9pwm4lf5esffu0gw enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5QjNabmNTWGZma3lydi9s - Zmw2TDNKZUNlVUwyVkFTUHVhOTg1NVFtaW1rCkprN1FFSzZaVjI4R2FqclUzbzV4 - MTF3NllhSkJSRVliMGxMQko5YjMrcTQKLS0tIGtCalY2WGlWa2w0cm45N3VZSS9i - SmRpLzgvZUcvVmFKUUdHYmZGZW9ZNk0KsR8wrnFZ+ZPVBiZTdBarsTjcRLyvzMwA - CD+db7VzA02XAZDpvuadtUAenh2D5teqA91EGrObsm6uNIrodPli6A== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBaUVNUbFIwd3hZaTFudExB + cnluSm5pcXVTeUdXTzFsWkU0OHJCamw5dmswCmhJeVB0eHRIRkxoVjVPaVdqR1A1 + Tk11UjVYTzFQbEx0RWxvWElSd09SdTgKLS0tIHJ0OEl4U3J3TkdIZHA5Q2dGRmVL + QzJpQXBycDUrQjh5OUxuY0taRVdtMDAKXb3h1tpdXaIotKIAfSFLP0StVKyiM4O7 + TB4D1T/+sBhP3k2120ZvgVL+G8k8O4ABBduuYkAuN9HxlQfSnLQk0w== + -----END AGE ENCRYPTED FILE----- + - recipient: age1ezq2j34qngky22enhnslx6hzh4ekwk8dtmn6c9us0uqxqpn7hgpsspjz58 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSRDNKaWgzZFdrVTVQYmw1 + R0hhQkZNcFc3Q2pLWEdGcnU4MWJvL0xaMEVZCjVJRytPSXFHNm8xYXJSak5zbTZ4 + dkp6eHZDOU1ucjg4SFZMb2RoMTA0WEkKLS0tIFJMZlF5dHRsWmV4eStxbXBPdDg2 + cmZ4c002SlFreVU3QTQxQURLSmxHblUKGG+BN/ROTFiIbTjIAOioLt8/Rv45OC3e + Rg6AHYGyaLWTDIqn8JC0X06Vg5GFxuwWKZp3OFbrUEGzXsx1zpS56w== -----END AGE ENCRYPTED FILE----- - recipient: age1jyeppc8yl2twnv8fwcewutd5gjewnxl59lmhev6ygds9qel8zf8syt7zz4 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBMa3dCZDhvNnN0NGo5OW9M - V1VlTmphd29Va21HVTg2ZGVRelVwcnhSTldFClFENFZDMElFZGZUMEhvbURKY08r - VTkzWDJtV1MrMi9MSERQeEk4SHZSaGcKLS0tIHdaRnVhR3Bvc3hMZTk0dUdkY3Rm - SXFTUHh4MDEyZjQrdlB3ZERJR1I3eG8KdU+cRYeIXGZ7YOlqqLbyCUlCcg6AeXO/ - UTTIFTp1fKvvYHILq72klTjzRBFviVzWyXGeAQoUeeSf0XT+wNqbrw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPVTV0a0xna3MrZkcrZzQz + Q3ZQcGdlWDZKczdBaElTSlFFT1YzaEZDOUNVCjR0MFpBVytkWFJoWVJRdkhFekIz + N29pVHNMdHVMZ1U3SklEaytzc0tzcVkKLS0tIDhQeE12MlhKemF4eUJVSS9jeUk2 + MWl5bDc2VzNzelk4WUZ1L0tZZ2gwNmcKkJKw07+WOl7lb5dlsPz3Hk6B3OJMbIoH + vWRDRo/GHBncs0W8QC8kRA9YytxaKkeaRAbfQl0cKebaSklTpMDbkw== + -----END AGE ENCRYPTED FILE----- + - recipient: age1azmxsw5llmp2nnsv3yc2l8paelmq9rfepxd8jvmswgsmax0qyyxqdnsc7t + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOSFJPTGhaT3NBKzRTNVMx + bGhXeThGUDd5WUhJblZQRnRPWnJ1OXcxcW5zCis0SmN3TksraUp6SXc2VFJiRm42 + USs2VlRmdkRJakRFS3FFblRzQjVOcFkKLS0tIGZCc0U3YUdvWk5QZDVqUnZlNkVo + Nlh5NWJQUWZEV05Fa1gwNm1jRXZmbDQKO5XUjgp9N0ZmPbGAMjgP9MUoVOQwh+lG + 4mNktIWLlzbnzeBdRcpT+TdceOXM180osgs/SbXHr7FvsGKDqCnY9g== + -----END AGE ENCRYPTED FILE----- + - recipient: age1zkzpnfeakyvg3fqtyay32sushjx2hqe28y6hs6ss7plemzqjqa5s6s5yu3 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBUWDdvWHdSRkNqS3FPbkRn + OVVvZlhwcUhZbk80UmQ3cGxyMFVLQzBJUUZnCnRwcHk1c1cvUTRTblNZUkVxSGNX + dGVaZUxYSkdaVWlNalY5TC9hd2x0YncKLS0tIC9YdTR5Y014WG91NEg3aFRFeS9B + TDZsYkdNQUQxeG55TERvdXJkaCt1RUEKlXO1HKPQSizBSjB18c107Zp9KT6JaJ5z + 783E/kejunfbUiFDFpLcSw4jyi7XZn3chhxHYjt6Ce+9BMObRBfGaw== -----END AGE ENCRYPTED FILE----- - recipient: age14uarclad0ty5supc8ep09793xrnwkv8a4h9j0fq8d8lc92n2dadqkf64vw enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkNzMwRVVQNHhjUzJKNDds - SHg0bndWNVdYSnlZVCtPY25iVERlUk1KdVdnCnpUcU1rZ1VsMG9TNkppdnUzUFVq - K1NNWXNrdnpFSUhXL3d6MjdwWHZldEkKLS0tIHFvdzJTZkpRZFN5VHZ3YS83RGMr - ZnRrbnlFNGhMdmpvcnFhR3pQT0FYZ0EKwPVTSQV6zFAzUkymO//SCrq1wVMaDwPb - PHvCcVu+IsBDcWT8bBhpdJVas5dQmRbwFArgOutNvfh/kfCGkK8n4Q== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBuVkplQk00Nm4wVGVnUk1l + dXVwbGVIVTlqcHh3ZDZaWThoYzVtU3hiV2xFCm1TZGJvUUxPbUMrY0VYUXAzbW9i + bHFFTHRNMzJXM1RqazFzbFh2RWthUlUKLS0tIFZlaExtUzBOb2pmL01JL2h3U1Jr + a0NpNks1L3NpemJwbUJnMzhjYTlReXcKx9T/Dhu5q9hmMCCG9GvmrS+3DLdtAfFN + IOM0eP/M4M/WUfu/mrYnX/nfArfOEz7us0SnRJLri5nijliwe+Pdrg== -----END AGE ENCRYPTED FILE----- - recipient: age1wq82xjyj80htz33x7agxddjfumr3wkwh3r24tasagepxw7ka893sau68df enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0dmdUOW9JTERXMzFIWnFB - YWg1ZkhmRVBQcDdCZ29VVC9KWVI4STZuN3dJCkFnUHlwU0lVZ1VJQkZjUk5EOHJ6 - cEgvTDBqdjNmK20zQlJsQUdTRUxGVkUKLS0tIEoxQzFWVzEyVmpWTGtNVnhsTEtM - WWFuYVpCYUlqSDhaRmVHOHpHMFkyTVkKY120BQh1AHmax3InwLgvd68qnNFZI2BV - 1EAF9TJLUG/hpuJW+fuQaVIxOR28fn+xKBTZFs5auU6l47Bo0koHGw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBIU3dQNU42MVNyYU84cnBu + TmYzdDJuU0dtREU2NFNDYU5qOUY4d2UwOVVRCjh6QVBldWlvVEp3ZHU5MGl6MGRT + dUtPY3prbW04Z0tOTjZOTThJTllNb3MKLS0tIHQ4Rm9lMVNDa1h2a09BVnZ6N1Bt + MG5IN04rbGRLNWtPT2ZQb3NjV0R2OFkKNZ/2/bupwTgxRQR6lXOa6TuYwk8VP0q3 + 4MJMv0aIsCEt7sb8ZgaiZ7NLzHn6459iT4RTtdmu+ex7bj5kxGwNBw== -----END AGE ENCRYPTED FILE----- - recipient: age12msc2c6drsaw0yk2hjlaw0q0lyq0emjx5e8rq7qc7ql689k593kqfmhss2 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPamxlMmRXQkp3MVE0NXU5 - QUxoUkZZUGFuZG04TXgyTjRvSkpuUENaSTN3ClU4T1dYYkRZQmRUb3BnbFJuV3ow - RlNGWjJpK2E4NWFLSC82ZTdmSTBRSWMKLS0tIHZQcmo1QVIrZTZPN2VXSFd2a01t - SG03eGsxTWY5SnBaVm9WMCsrQzRFT2MKmEQ0TYJ/le9N/ZnisYztwU9K4c+6gBDl - avhMoswPuv3NmmyjlttoifuwvWe6Cic+VXF9lD4gC1A7j7ofslN7ZQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPMGszNmJxc1Y4bUJTMjFK + SFpwL29YMElZc1BBTnl4Z1FaS2dnNVFUYTM0CmVFSFFxMVp2d1RkMENRcHlHWHJu + MG5YNXBZOTdPTm1oR0I1eU9XcXp6TncKLS0tIFFUZG1wS0wxVnJ2NnpNNG5DYlht + a3U1QkJMM2NQOU9uR25zcUxuNjNsajQKgi4Qls/XcEsoMewy1SNYIZhIjSDZmepp + 0Rw+c+8iODkAZQVYgXQ/1VOj6Aju+8n/MrsO1p3vWu/6h/lOr7pZqg== + -----END AGE ENCRYPTED FILE----- + - recipient: age1gtulvdj4aclpfhk3mmzvpz9xysccxhvu99x6ayaqlj8m44ehffgq6zuc5u + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4YjhMVFBnRmlTQitDb005 + MGpJa1M1ci95QnJpL1BzZ2N1bHJRM3ZiNkNJCnFMSnNNS1dUd3gvSUhhZzRJNW02 + YS9oNFYzdnByaWFIWU8rQjJvWGNWYkEKLS0tIGh3dzZWL2Q2emtib1JiOWUwaU5s + S3RqWE5HT1hzQ0dRWlVQYzFlK1lEdW8Kdz1k/0XXhj+NXQeKYhrq2YTeNjDretuh + 0bAqgpleFs8len7plrP98VsGClZ4nQn/DF7PpOL6F4lrtaeWfnyEOg== + -----END AGE ENCRYPTED FILE----- + - recipient: age1md4kkdf08zmagqv0yzza8h75f80c9j8np2p6eqea6fpa94szd5lsltz9va + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDbFZsQlUrNTROcjhsVEE5 + TUQvb3JKN1pNVDhKd2dhVExBMWZOdk9vOUR3CmU4bmU5VHhVRitlZ01wVlVzbUFj + Y0tnRDFINXJkbnFORjN0RS9lMTFkMkEKLS0tIEVNWkJDKzFka0ltcFlsUlZZQVh0 + VU95d2o3aVo4S0tLV01ydjc3TWdZeUkKOHat3eaGtvxXIaQO9OMH/9+MB+HPKMXB + YkH7sn3JTvy0nyAlYm2d7nb3wP2wWYH+5APdFSR6+sESWOotNMZpyA== -----END AGE ENCRYPTED FILE----- lastmodified: "2022-11-09T07:12:13Z" mac: ENC[AES256_GCM,data:gqsD5gTtE5ZqWzWKAAIscecvIsGSC9j4Cnbik6Yk7Jf7Z5/NIxbkInzDsLmlU3ObbLZAhGAlOAKIrUVy37rCcEZ+I04ICXK1dmUdsVud6E4SvTdDjh9qlXTbEkcDCY2YqXlTuQl6IZyveaPuF6fRe1FMh8JEpDv/foZTl8+AuQQ=,iv:+nV6YW9m1B0qo7xbB1lw9dgiQ877GQ6OxMqjk7lei10=,tag:NmeSwBWRKpqlwZxYYC7trg==,type:str] + pgp: [] unencrypted_suffix: _unencrypted version: 3.7.3