diff --git a/hosts/fw/modules/web/secrets.yaml b/hosts/fw/modules/web/secrets.yaml index cda7f50..65e293c 100644 --- a/hosts/fw/modules/web/secrets.yaml +++ b/hosts/fw/modules/web/secrets.yaml @@ -9,38 +9,38 @@ sops: - recipient: age14grjcxaq4h55yfnjxvnqhtswxhj9sfdcvyas4lwvpa8py27pjy2sv3g6v7 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBiZmRBZm8wL3ZQdUZMSjRG - cnFWTjNhc2gvd3pURkdjdEpZdUE2ZE9nVFdnCnEvRGlScFJVUGZRenV3VXI5cU85 - NkZ6clplbzZnR1ZWY0YvMy84WWRiMUEKLS0tIHliOE9KYTdlUlFEb2NuRE0yYWJm - OEhCZmphWVVjU3k1VHRDMnJWTUpQQVUK1M7fgK+d/KlbTzvt9CKj6cGgzZ+vwsfE - zqUbyJ/5UpmrU/3kQMxBMBmb8HsA8b/1itzOn4F54SF1Xm7CFDLTUQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTcXNwNzFlQmNBQlI3bkwz + aldyUXRRTCsxaGNXNXZVM3k5VjdmWWRjdlVBCnBPN2M2RlZDelNvQ2x1UVVheUlD + U2d1TE5FMExMY2hpdjM5aTdpWjlKTjAKLS0tIEpCVGpRai9ucFRMckFPdUlHVUJu + aGFsQzBnM09uaW9xUmFlWlpJbGg4VUUKDptwc5rYwOzTmT374N1xhKbxt+ujrYRb + IKZTX18OCQY5DcZVqcV/8JiQA0C/zYfAvvPwKSqcvQkwkVj/5iKJRQ== -----END AGE ENCRYPTED FILE----- - - recipient: age16veg3fmvpfm7a89a9fc8dvvsxmsthlm70nfxqspr6t8vnf9wkcwsvdq38d + - recipient: age1exny8unxynaw03yu8ppahu5z28uermghr8ag34e7kdqnaduq9stsyettzz enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwaEpvdkdvSHZQTXZXbXZa - ckZrTW9qNW9SMzN2TkVaZTRlT1NKSm56Q1JzCnIxY1k3Q2VjTy9OSlZPbEZkVDBi - UWVCRHE5bWlDaVEyWERXeUdsL1BFYkUKLS0tIEhoK05uMVpzYXJFZHBRcDlZb296 - YWRTZmljUTJEQW5lUzdMa3N0Y045MlUK0lAs4L5D0DIKuxuHJmGbOu6SX1Y4KNJo - VsgVUd9wU9r/ApoiaicAPNn0jyH3B8sGk1JGtrisL5eldc6Z5phR4g== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzSnhuN3FDQ24vQVpjT1po + Q1hiOTRvMnpsemdKT29yUUxOMXdtVnJUUVQ4CmJlcFVTWEE3SlZCZHYvL2hsRjNh + c3pTMkhhK3pmdFB6WjNLRjhQQ3dQKzQKLS0tIE5GK2ZRdUo2ekFUckpFWWduSVY1 + cmpvNUhCN3prdm9HRFphUDVMQzFhMEEKbCxNme7XZXU9fVxh8Z9ij57nIqoa5ijZ + kbzdPuXH5d9oJIcgV5KFpJr9o9bB4LJnCm87gzlhA9SY/3xszbKHkQ== -----END AGE ENCRYPTED FILE----- - recipient: age1v6p8dan2t3w9h94fz4flldl32082j3s9x6zqq7u5j66keth9aphsd6pvch enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBlVEdRWkR4YzJNU2Z3ZW9t - VGNHM3gxZUM0SDlaMzBleHU3a3lsZ1M0dlNJCnF3R1JtUUZCZE9CV2NUVG9la2I5 - R0hadEw2RldTS3J3cDdDQkp0OG4vZmsKLS0tIHl4UVpBejlFbkRycEZjSTNyditY - S3VRckhkNGRzR0VOOVBaRmZCT1lxM0kKThIJN/jw3tjaqaf1C5s6+K5BMBrMer2z - YNhhar3iomZbWvwJ5OW4dneU9p0drrcl5LR9tSAoTiSxIbfBZf+d0A== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYMlhkemhKc29EQlJLbkFz + VnFYMW5ZNUZKdWVYSG5DUnF4OW54TXhnemtRCjNla3RhOXFLZTQ3ZjQ0eVB1UitQ + MmZLQ3ZnSi9rZzhtamcwU0M2QmlhcDgKLS0tIGNpM21xQjFIZllNc3ZlUGd6eDJo + eUZYWldGci9xUGxxWjNXeFpLSWd6NUkKy0m0I+Kyfaob/Tkuc8/XFgGS+CfhWVRY + nVetG/7W2Z9Nq3isS8mYvNf72VylpMY0FD6Ix1Kf8sIPZKTQgKyYmA== -----END AGE ENCRYPTED FILE----- - recipient: age1gjm4c3swt8u88e36gf2qlg3syxfc0ly94u64c42f2tsf24npw4csa6e4fw enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzOEhSaklkdnJoY0dOU3dt - T1lyVVdVZ1VoRmQ4RURPN1ZjYWhPeU01T2gwCjFmbHZ3SThub2psTjBHOWk3M0hP - WFk2RXFnM3AzSHhraEJmRmxWZzRFVE0KLS0tIDdteWVZKzJVNXdyZDJTbE43Zldr - WDdHb1I5dVFCcHJ0ejVhOXFIb1pKRlUKkCS05OVL7xvkZ1oh16GTCnateuXao9ZK - 6sMZ7/c9tafLH52psnjeUEJK15Bw8DihFjFctyIh242j8TtXXqxBYg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwdU9GbkxhVnhhSUxWamZI + bGlrdXRyL2xsLzJHNXdXMFJkUXdBQ0QxWFdJCkZGZlFNcUEvUE1zNEdweVdLVUR1 + OEFvdjBOZko3bko2emYwZlNvalpCN1EKLS0tIExIdEp5bUxVeHZpMXpJV0RzU0Vz + KzNBUDArL2Z3NmYvMCtzeUI2OHJudXMK5Qp5C2mGOD9T1yfY/DC/qaUOYdh/VdNH + DvkF8anAWvcquMlG6VZrjuH0G6u2GkuPS4Qz1JQqhRB0kbDjCdD2tw== -----END AGE ENCRYPTED FILE----- lastmodified: "2025-07-07T12:53:46Z" mac: ENC[AES256_GCM,data:dPvsaQ1xx+k4onugBVZhm2Pb97cX1f3qf5j68dqBmv585HwnS96eaOxvr/8JFnYejAoP3CPBGlM2sPnzJ5ic3UyGsyDvxX2oCnpioA/WQV/Itrx3U7r0oeT0kpvQ9YjfTYZIa4DNM3W7Qi3Efw3tskNJmLztBpzrajizTwB6oPE=,iv:LaBKX3M0piBpfPVtM4/21UMxi5eLHmMka8NVOvmS84o=,tag:lggS7bHmnK3nhCtsgzF+dw==,type:str] diff --git a/hosts/fw/secrets.yaml b/hosts/fw/secrets.yaml index 70171f0..7aadf5d 100644 --- a/hosts/fw/secrets.yaml +++ b/hosts/fw/secrets.yaml @@ -28,47 +28,38 @@ sops: - recipient: age14grjcxaq4h55yfnjxvnqhtswxhj9sfdcvyas4lwvpa8py27pjy2sv3g6v7 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXWTFjSmFmb2xjM2lsWVN4 - QWVCdzNtdGNSSkVZRm5UL0hKL2RWU1FKSkhBCmJHYTFRUzJ1Ni9FQ2VqS2FSNlJQ - SVhJK2NOMEozOWxOTW81OXJrbFphZ1kKLS0tIDBVbzZHMmcrNXdhM0JuZk1YY0dw - d2NTT2R5TWVUMWpMMmVmSFovOU1CbUkK9Yf3mwBlMd1cGaUk7wVp8Q9u5F3r4njl - VPCGpBvJqiOcWoUsE2W2C1L4XGDUh+XAe48JU+phQbhkLTLshLCbfQ== - -----END AGE ENCRYPTED FILE----- - - recipient: age16veg3fmvpfm7a89a9fc8dvvsxmsthlm70nfxqspr6t8vnf9wkcwsvdq38d - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1WkdZQjZxL00xZDhOdlZY - ZGdub05HRjRqSDNzRTNnUm5veS8zM2JPRkVJCk9lZEpkendNU3lXVE80d3RDTS9C - djJnaU92MjYzd3JvQmxkMGozb3NuaGsKLS0tIHhmcVRDMTJnb3IwdzBDT3dWOUM3 - eFBTaUVQVUpsR0YrM1RwbTJNMi90ZlkK3dKJo/RSF+6tLETYIyd2KQs9GsIy+o4f - yfUxV00Fjk2giP40O5nXPn1kYfNigEfkov/gbPxYYItoBsG/FmlxIQ== - -----END AGE ENCRYPTED FILE----- - - recipient: age1v6p8dan2t3w9h94fz4flldl32082j3s9x6zqq7u5j66keth9aphsd6pvch - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNZ0RMWjFWV0hSTkFFNytn - SzgvMlFSdGpjMDF1Yk9PQ0gxTVgvM25SQ21zCkJjRjRaMWRrZHNCT2Ftd1N3Mnox - YXhuQXlwbThycGNadlJMby9EbFFQbWMKLS0tIFlyRkZNMDhrQnhJbk9jd3dpeEh6 - MXVIa1ZJMVlvYzR3emZTeEJGbE5mSFkKDecPJChaacdkyn9jlmZFrZQu3pKD087n - cesiKi+gKI6kagXphl2w211sC4Pjw7I7t0a6JNntcR9VTDTD392m2Q== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBobWN4L1Y3eWwyY1UrQ1FH + empRcDRqbytyamZSTkphdGRrK0JCUy80RHpBCmFZUXdzRVpvVmRPVU8wL0pvbUo3 + aTlyRW5HTUNxTUo3amJJd2h1QjNaclkKLS0tIFVrWVVzSGlXb2JBQUJ4blJ2bjhO + V3c1ZWc5NTVPYlpHUWsvSEZjOXMzWGMKXUDydWCe2YwD5hQaDDmVk9wNu2eQGS1Y + ncUnaenShOPHoyIAXd0QjqqsxeEhzXWP18o3eZ5pWjPwEe0EDXuSxQ== -----END AGE ENCRYPTED FILE----- - recipient: age1exny8unxynaw03yu8ppahu5z28uermghr8ag34e7kdqnaduq9stsyettzz enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBuSm1FRkVTQW9keTNYMlRh - TVN2U1dXRTV0NWJsbCtoQjhHS3NHb01vWjAwCnFVbStLblM4VHF0dFgyQXFmczJ6 - WkNjbkFEaFZLU1FBd1lpZ2gxQ2xUNDAKLS0tIERndVpJQXFKR3RWc0FGKzVlRzZU - eDAxQ2g0Z3p5VEhWMTRQREc0d3BybEEKtxC6DIOll8E8G/N6jYfJX/nqfawvISKf - G/xiVB2vEe9Q5GmNXQBpzLynfT7olu7v/PBeN9U+0knpTdEHFQZPTg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzamhpTTNRb3VCU0RnZ2Vh + MFhiK0tKTEFDUDNKS2xJeXZZK0Z2UUxMNFdrCmJUK2xMTTMyQlE4RkR2SHBMM29Z + cUlscHU3UTh0L2J2SGtWbGhBSnBocjAKLS0tIFU1M01RbGx6MFlCblJYYXlrVHlj + Q1pPWUJyY21uNENycGVJYzNXS09NYm8KRtwhBSAYp/CVShxt4O4+UZipEVVic1YA + LtpTOcmVADuW0kcPGVudVXEBaZfHhiQDHwCAIn1daM6jNLC98G5KJw== + -----END AGE ENCRYPTED FILE----- + - recipient: age1v6p8dan2t3w9h94fz4flldl32082j3s9x6zqq7u5j66keth9aphsd6pvch + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwcGwyVmhtZ2RQaWdyRldx + Q3hTZ1Z1a3JKbEFOMU5sZmtZdFlBS1hPNkdVCm5uMm4vL2V6eGZsTWlJRHdSekhZ + QnpMZVJ6bXJRUzRPQkoyUHRwMUowY3cKLS0tIDlQd2c2YnRUYS8yb0pUbE04WVcz + REUzMmZ0dzI5ODhQbWRqTitzM2pFSVkK75DQn4f26xWSImI1W8+Hg/wz02KkhE8+ + 3VkCZTwESstiOl8831v9aHL2G2u9tQ9ZRpDuB/g14SGDYE2oL0syhg== -----END AGE ENCRYPTED FILE----- - recipient: age1wq82xjyj80htz33x7agxddjfumr3wkwh3r24tasagepxw7ka893sau68df enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAyMUYrekZaQnpHaGw2Z0kr - ZjRDc2xvc0NwMldlVlNWNDJUeFR6Z2VGT3ljClJSaTBHQ25OUzVydDRTTVVxT2VW - VVVxZUlyeUY0ZFJrc3ZRT2FEdklOT1UKLS0tIEJGZzFLZytEZEJVTXB3QUVqdmd3 - RFFSaTZ1N09aR3YxcjdUQmZaaDdsd00K5DnkUwqOxnaY++MHL9ls0JOovuxyBEJy - XysKbnAWumt7sZxAboJZslmakstoMK2p4BxAQDBz4N3pp/UeoorWuQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvSW1zMWc1akhwUE5JRk9Z + SkFxSTFHU2lsWGxJRU1LV0dCa1NTZTRDemcwCmF6bXQ1aEhNeTFobUxadkZEV2Ja + emlORXNFQmpmYUh0c05KZmxtY1lWaGMKLS0tIFI0K21oMDk2ZUZHRjIveTJ6Zkoy + eVh2QjNpbTdzK2NCYWZPcC9kUDJOVncK0/O0/YX/h/GSy10rE7QjYmx1dnjqQEot + 1uOZoHTyylhjDwNWXMbXwsoa1KHFgcwL2RjOo0kirJbYtUA3aB62FA== -----END AGE ENCRYPTED FILE----- lastmodified: "2025-07-07T11:02:46Z" mac: ENC[AES256_GCM,data:gf6Lw3aiGLVHNNrt/9SwFtK9fnzI4fiNf4/MjlHF+BSGnwSobccbUFObsT5mnce6nMsFM3kZ4Ac1ceckND02CH+P4hf5ylczPibz8B8sGDUulLmCpddBG++eXU4CO4Oi1VBqiCqkxPGPDtgidOMy+KJ1EHvSaiD/duOXrE9/qE8=,iv:RxIohGvtU+GGnpmW/k+fZlQLT8+13P4+5ZMHsDoSY94=,tag:5QNfKhjwCB8Q984WAIXdnA==,type:str] diff --git a/hosts/mail/secrets.yaml b/hosts/mail/secrets.yaml index 1df4db0..a50f7ce 100644 --- a/hosts/mail/secrets.yaml +++ b/hosts/mail/secrets.yaml @@ -8,47 +8,38 @@ sops: - recipient: age14grjcxaq4h55yfnjxvnqhtswxhj9sfdcvyas4lwvpa8py27pjy2sv3g6v7 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkS1BpaHFOSmpWS29qYXR1 - VFNYbDNLTlhyVlFWa2FoNDhCbDVKQkFiTTAwCkxVSUJCTjdCcVJyeGQvd21JSmZ6 - LzVnK0ZMeFoxajdGaERoZ0t6L0c5REEKLS0tIE1HUnY4L3Frb09odEYxRm1QVUZr - bXlyZzBvaWtLa0hZaERSenVFd2gzWlkKNipeWlQnOLI4QxEwJIheAfYqVXCn2C2Z - 3rIJ5lK3DLAvdRjC1stngMzg+BPHMDUo1sXoR1/PhUEWcqPJ22IfMw== - -----END AGE ENCRYPTED FILE----- - - recipient: age16veg3fmvpfm7a89a9fc8dvvsxmsthlm70nfxqspr6t8vnf9wkcwsvdq38d - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3cE11YkI1TFJxKzRCVFF5 - NDR4Nk9PaDFmY3dESWM4dGRYMXI4RzQzUVY0CkVpS1JXWG0zL2Vlalc1N3FHN0FH - VFlqUklBeWZiQ242TUVmWm5sZmw4NkEKLS0tIE5wc2hHVTd1MGVsTFR1eCs1Z05y - cWo5VmpnbUFLTFl5L3R6aCt2am9PMzAKWLV6hqqxYkqlmNCwQeNJbxqq6neX+4Md - Nh9QesLSr/SRWhp61kSby5X8JytciZ9eSRx6B9igRFVwfyojImYcdg== - -----END AGE ENCRYPTED FILE----- - - recipient: age1v6p8dan2t3w9h94fz4flldl32082j3s9x6zqq7u5j66keth9aphsd6pvch - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNSXFSRlRWcE1vUWM0OXJr - eXZmUmZ1VFc0ZVVWWXVIb29aUmYxQkNRbEVZCjY0a1pkV2d1Zk9BbnhNWGtOZFJo - Z3FmWkVsUkRtaXh3WStlSndCVTlnLzAKLS0tIDZmS0VLUjA4NnNrRWsvdm1LRks3 - NTF6dUZQM3RmbHBMc3poMTdsclMzVlkKHVwRRgCgPaA+/tw5Acl9RTg3W91xPZJR - elST65f/fGevyvyZcu9HCVcjymuoa/ghuJqKRQw0S8ELGQjbBSS++Q== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0NWZPWXltTVNXNGxPd0hZ + R0U4VzN5WlI0WWZrRVVFMmpnckpMMkREaTBvCm54eTZtZlZzRVpwRmg4Ulp0VG5w + VnJkc29nN0VBRFR1U1J6L0RQeWlLNlkKLS0tIDJ3eTdiUWJzbURvSk1neEhyakJS + Z2MzZi8ybW1PMngyRGk4NHhIMzZsem8KZuy1TWwvkFGsAVMIEk2+bwDcsmYziUjj + Wd4wMK1XuLnJyFYPt6CwzBAPG+1LQzmYWdC9mNI00YZM6XneU3OisQ== -----END AGE ENCRYPTED FILE----- - recipient: age1exny8unxynaw03yu8ppahu5z28uermghr8ag34e7kdqnaduq9stsyettzz enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNTnd0SUdmRnBBNDRsMTlW - QkplQ2hDMkw1dVZmS1dseUtzU0loR0tQR1hnCm84bWJQdVg5OGQ0NU4xZ3ZoSnBB - NnVnUzZPbGZ2UjFaRVFFejIxTDV4cEEKLS0tIFFwZE42OFljaFB0emJ3WHBFbUk1 - d3F2cEp0QkFHcFcyOUVKWDdxM1hFVUEK+SyLcwXdpX+GQFXB7UFHmxD3BkVplA9V - 45K3fn9/KoZl27ECdvv6M/CweZBnOjcOUFjZCJDovE9Hmv0337c7Zw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBZEhsK0x1QkczeFIvL0JI + UWY5R252WkZvR0s2SStlWVBMQk9ENFpaRHpRClg3VjhpYW5UbzJkODRFYWF2aGpr + ajE3aUFhZStYY0NJYlg1QTZqVHJsODAKLS0tIGsyRHlXSVQyV2RXVCswRVlsbktV + c0Z5ZXhtb0wrT0Q3WU1ONjFiNk1WOVkKHxnDqJkGfiqrlAyzJHYVbJlR1/jluFU+ + hM/wENwqtlZ7RCSdG68AssgP9zukO94sV9mAtbfOdeVwXa1LU66Ncw== + -----END AGE ENCRYPTED FILE----- + - recipient: age1v6p8dan2t3w9h94fz4flldl32082j3s9x6zqq7u5j66keth9aphsd6pvch + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5TG9wT2JHN2pOVjRueUF2 + UGJkM2d5VFpLT0hKVmIwV2Qva25ubk1lK0ZBCkJiNWpuZ3grQ0lkSDlCMDBwYjRR + cDlPVHhtWlpnaVFYMFJqWWY2ZVFGNncKLS0tIFZQVVRSQXVOZnNDOHVwTHBraUx3 + MVRVRlRQMFcyelNvL3FaNjc3U3VYbmsKZ+rJ/EFb3KNyyJ5hqO/wV4AtO1FJCeB/ + oazkDDoFBE+uhiLmdCy41eYkqW8Owt/zrO29nITeJ5EtGAXTbACcgg== -----END AGE ENCRYPTED FILE----- - recipient: age1jyeppc8yl2twnv8fwcewutd5gjewnxl59lmhev6ygds9qel8zf8syt7zz4 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQV251c1IrbFpad0lBN05t - enkreTd5TGI1SHJpV1pRdU1CRFRHL3FZWlJFCmtMeCs4WUlRSFAvcmZsUmdaZnNZ - TDJHak1PN2ZOaDYxTlNDVlRsNnYvNzgKLS0tIHBieEJuY0pKbmlEZ01QblU2blh5 - Z1dUUVpkZXh3d0lRbDlxT0tEMmR0eVkK9tea1FeroVL1KoARpACREz5KaRA2uMCI - O/ieCpzdFniJhX4Ulm4N7R7nc4OqSm9+i3Ruy3aKJ5305tfgGkCqQg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDZlJYSG51NEE3emlTVDM0 + WEE4LzFqazdZQkRZSUlqQ0dzYURkbWc5RWxnCnJobm5LVnkxZkFIeTNWWUJvOUFU + SlZhZDBsdHhDRzFVQjhsN3F1dE9SVDAKLS0tIFBlOEwxallncjBxWDZCSkhZdlJN + b21icTBmeFM1cnVkaXAySHFzam1hYmcKULP2EuMGhspSusYPZs/DTksaZb0Asfel + mVn9Unqe2b9tT5cchGrxLiDJ+2YvfTA0s/JpDtLN+MpiRQQl0vJikg== -----END AGE ENCRYPTED FILE----- lastmodified: "2024-07-08T11:20:50Z" mac: ENC[AES256_GCM,data:GPUwpSAz6fj7mRxX1ebEb2sLAMLkQLuKPXk+B3+zZmA6+D7gAKrrBGUWHqYA9DMMY0r32OZSccGRmeKqdA7sWmzdIJTcBu8EyER1nJqVFJiXcOOdTkCLdOM4xW969YE0lBKpIAQ40E7YXYYwkI1JINneIBTuXkvIBmSQ3Bt2+ak=,iv:VEPNQxDLzxyTxkn8dI6xNDe9ESk2RojSNYYEwT+Ggas=,tag:cfUEKU3arSJl+lEOa+4iRA==,type:str] diff --git a/hosts/nb/secrets.yaml b/hosts/nb/secrets.yaml index 505fb73..1ff11ff 100644 --- a/hosts/nb/secrets.yaml +++ b/hosts/nb/secrets.yaml @@ -16,38 +16,29 @@ sops: - recipient: age14grjcxaq4h55yfnjxvnqhtswxhj9sfdcvyas4lwvpa8py27pjy2sv3g6v7 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBpMnBLcDdsczB5TnczVFdQ - V2NEZFR1bkNvK09HZWV1MDg3RmRHbXNYeGpBCmpmemFjYzZQMXAzTmh1NWhOMkFK - UGNBRDZZa3dhUFVpa29JdWVrdU0vd00KLS0tIGpQeDdFNTFIRjg0SEhrQURVdW1Q - VmdHNkI3eDd2aHo1VTJhZHN4bGxNNzAKcIrRBasCcoNCdYM3lcjzMIME8jn48x39 - 0DJGKX6/hoVaUlpRcCfnEx5Ihu4dSBxd2PMz7DgDZizftFWOJ2TZaQ== - -----END AGE ENCRYPTED FILE----- - - recipient: age16veg3fmvpfm7a89a9fc8dvvsxmsthlm70nfxqspr6t8vnf9wkcwsvdq38d - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTV2hRelFkTVdSOEQxaExp - VGNnb202UVdpK2wwWTl2YUp2VU5WRTViaGpnCllxKzNCWExZZnllQ0lvM1ZPbjlz - TndkRHBvRHBaVVY5M0xZTmFXRTFlZzAKLS0tIHQ3QWcrYklaZ2ExUnRObTg0YnNG - Nk5JOFQ3M1pBdmg5dUpkSFZoQXY3QVUKNL3HpYBWsGdHPG/eUlU5+G4Dcnk6efX1 - e7B2ye+mzMjt0Kpz5QxltOZIiTyvNLKNUijNgmoK5RGJibJCwbl1ng== - -----END AGE ENCRYPTED FILE----- - - recipient: age1v6p8dan2t3w9h94fz4flldl32082j3s9x6zqq7u5j66keth9aphsd6pvch - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBiZ3RBeUM5NE91K0RnQnhU - cE53akR2bnU4MmljY3BWcjlNOXZueWpJNEV3CkFOdWdGaXVrM0hvNTdubFkxdERZ - TjQvMDc1cEM2TnVabVJNTnhkK2hyMmMKLS0tIGhLQ1liSUhnVmw4N0lWR2Y0clV6 - OXhTc2YwWXhZRzlPbDdkZE1QUUVNMFUKHSE1LckK00qdCBl4iK6lzOzlIJ0WnSrk - c9kuwHrZoQIv6JuscjkJ1n9/SeDZoFRnaEHC31txMot/tkpG5iyrbw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYYWRBbk1wckFYbkZxQllS + T09LUEljM0VKbUw2cW5hLys1OUZZdFBBSXlnClRvc3YyRFpaQW9GOTVjR1dpdU1Q + TWVsYmwyZ3Nxb29HZVdTSXhmV3F2MWMKLS0tIGNZM0cyWmRiMUNFUkhVUkJhUjRR + SHpCTVR6VW9pdzFTMDBtWkxxY2VIWmMKrReAwG9+6W/R1AoUr8JFw2QQ9WZ+e+Pn + wuTlcKayDrNHuM1ldW6BEYQAV+8Z4Nhbj1ygo+2tqOsXm2YL6uzlBA== -----END AGE ENCRYPTED FILE----- - recipient: age1exny8unxynaw03yu8ppahu5z28uermghr8ag34e7kdqnaduq9stsyettzz enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBrSEFSaHIyVnZsOG82UDJX - VDhjOGxTakVQZWttTFVxTEUyUnpaRjZmelFjCk52RGYwRUhkMVpSWXV1UFFhelhl - Nk9QazR0V2JaanpHMGVOSWF1aTRRZ00KLS0tIFk4QS9uVGJVYlh2aXRlQi9WWkpn - WmpuN3RGK2pCdzB6TVkrcy9YV0lPRW8KWbTtmqbkHibf6SfueCE+s03Efkr5Oat9 - sBi4uDTmaaqBEcoO1mQ4MQD/On9tZzThjfD8v+m0wUU5xGvE5naA6g== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBCYk9zVTZUUUl3YWJobFNu + bndaSGJyTWdoOWxUZHZYVDNMTjdkQVdyaFY4ClFEUjZuaTJRdVdlcEU5UFIzbmlC + OE44MFhLOGh4ZkJmeFl1QlNCM05kYVkKLS0tIFNCWnJhMFJ3MG1hKzZVRXlpODl5 + R1dpWnZKNHR4RERSdm5OclI1SncvYkUKBDZKeh6xlTn3tRnZOCD6oe2uFP1NeQe9 + b7JuigPRPnhah0rWZ6jPjnk38Jp6z/I1Oqh5UJ94H4KNi/h3HKqMSw== + -----END AGE ENCRYPTED FILE----- + - recipient: age1v6p8dan2t3w9h94fz4flldl32082j3s9x6zqq7u5j66keth9aphsd6pvch + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPTkdSM3hoTWdlcE9McDFt + engvOU5hZUtKaVZjUEFnT0huNWpMWnBjUFZnClZxZ1JrMThrT2kyejFkUnlUVUhU + bVhTNUovM0ZRZVRRemRsNml2RXcrNk0KLS0tIDZWYWJUTHlXWUFMcE82YlZBby9E + clM4RXI2V1pIRVZNeWdaM24xZlFJSjQKY1+Nw3X0FynI6BhhLE5caUpDENqa6S6d + HMRhiL7SIZQrmkdIeCSikjRCkvqBFIgn7sff3S+7neYxgGkFp1nzGg== -----END AGE ENCRYPTED FILE----- lastmodified: "2025-06-05T16:28:03Z" mac: ENC[AES256_GCM,data:NNYwveO78Q4cWOPPt3Pyqh6AtbfRj/ax6D4t2KlVXWSLzKTUZKKaULXGY5PBp/jI2pyhPp5yEMhEyjRPWC8Xhvxjv+NLb6KltgaMfzIBS/jfSNk3dcYx6i8Y2oSG1efLJrRMc2Q/uACeztyivtjV9A7JCrEtb84Wb9HzkI4nZVs=,iv:Q8cTw+/RMJ3WHrkB9lyaAyI2K3O1ZhDnAMUYMJ4JMRk=,tag:JvrLiaKKYXiOmud4oZZZ1w==,type:str] diff --git a/hosts/web-arm/configuration.nix b/hosts/web-arm/configuration.nix index f0c0201..8a6eac0 100644 --- a/hosts/web-arm/configuration.nix +++ b/hosts/web-arm/configuration.nix @@ -9,7 +9,7 @@ ./modules/postfix.nix ./utils/modules/nginx.nix ./modules/bitwarden - ./modules/authelia + ./modules/authelia.nix ./modules/collabora.nix ./modules/nextcloud ./modules/rustdesk.nix @@ -19,6 +19,7 @@ ./modules/victoriametrics.nix ./modules/blackbox-exporter.nix ./modules/updns.nix + ./modules/atticd.nix ./utils/modules/autoupgrade.nix ./utils/modules/promtail diff --git a/hosts/web-arm/modules/atticd.nix b/hosts/web-arm/modules/atticd.nix new file mode 100644 index 0000000..c33c146 --- /dev/null +++ b/hosts/web-arm/modules/atticd.nix @@ -0,0 +1,217 @@ +{ config, lib, pkgs, ... }: + +let + atticHost = "attic.cloonar.com"; + atticPort = 8080; # Internal port for atticd +in { + # Declare required secrets + sops.secrets.atticd = { + # This should contain environment variables for atticd + # Format: KEY=value per line + # Required: + # ATTIC_SERVER_TOKEN_HS256_SECRET= + # Optional: + # ATTIC_SERVER_DATABASE_URL=postgresql://user:pass@localhost/attic + }; + + # Attic server service + services.atticd = { + enable = true; + + # Credentials file from sops + environmentFile = config.sops.secrets.atticd.path; + + settings = { + listen = "127.0.0.1:${toString atticPort}"; + + # API endpoint configuration + api-endpoint = "https://${atticHost}/"; + + # Allow automatic registration (set to false for production if you want to control access) + allow-registration = false; + + # Require tokens for all operations + require-proof-of-possession = true; + + # Chunking settings for large uploads + chunking = { + # Minimum chunk size: 16 MiB + min-size = 16 * 1024 * 1024; + # Average chunk size: 64 MiB + avg-size = 64 * 1024 * 1024; + # Maximum chunk size: 256 MiB + max-size = 256 * 1024 * 1024; + }; + + # Garbage collection + garbage-collection = { + # GC interval in seconds (12 hours) + interval = 12 * 60 * 60; + + # Delete unreferenced chunks after 7 days + default-retention-period = 7 * 24 * 60 * 60; + }; + + # Storage configuration + storage = { + # Use local filesystem storage + type = "local"; + # Store in /var/lib/atticd + path = "/var/lib/atticd/storage"; + }; + + # Optional: S3-compatible storage (commented out) + # storage = { + # type = "s3"; + # region = "eu-central-1"; + # bucket = "attic-cache"; + # endpoint = "https://s3.eu-central-1.amazonaws.com"; + # }; + + # Database configuration + database = { + url = "postgresql://atticd@/atticd?host=/run/postgresql"; + }; + + # Compression + compression = { + # Use zstd compression + type = "zstd"; + level = 3; # Balance between speed and compression + }; + }; + }; + + # Create state directory with proper permissions + systemd.services.atticd = { + serviceConfig = { + StateDirectory = "atticd"; + StateDirectoryMode = "0750"; + # Security hardening + PrivateTmp = true; + ProtectSystem = "strict"; + ProtectHome = true; + NoNewPrivileges = true; + RestrictNamespaces = true; + RestrictRealtime = true; + RestrictSUIDSGID = true; + LockPersonality = true; + ProtectProc = "invisible"; + ProtectClock = true; + ProtectKernelLogs = true; + ProtectControlGroups = true; + ProtectKernelModules = true; + ProtectKernelTunables = true; + ProtectHostname = true; + SystemCallFilter = "@system-service"; + SystemCallErrorNumber = "EPERM"; + # Resource limits + LimitNOFILE = 65536; + }; + }; + + # Nginx reverse proxy configuration + services.nginx.virtualHosts."${atticHost}" = { + enableACME = true; + forceSSL = true; + acmeRoot = null; + + locations."/" = { + proxyPass = "http://127.0.0.1:${toString atticPort}"; + proxyWebsockets = true; + + extraConfig = '' + # Increase timeouts for large uploads + proxy_connect_timeout 300; + proxy_send_timeout 300; + proxy_read_timeout 300; + send_timeout 300; + + # Increase body size limit for large NAR uploads (500MB) + client_max_body_size 500M; + client_body_buffer_size 128k; + + # Proxy headers + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + + # Buffering settings for better performance + proxy_buffering on; + proxy_buffer_size 4k; + proxy_buffers 8 4k; + proxy_busy_buffers_size 8k; + proxy_temp_file_write_size 8k; + + # Cache settings for static content + proxy_cache_valid 200 302 10m; + proxy_cache_valid 404 1m; + ''; + }; + + # Health check endpoint + locations."/health" = { + proxyPass = "http://127.0.0.1:${toString atticPort}/health"; + }; + + # API endpoint with stricter rate limiting + locations."~ ^/api/" = { + proxyPass = "http://127.0.0.1:${toString atticPort}"; + + extraConfig = '' + # Rate limiting for API endpoints + limit_req zone=attic_api burst=10 nodelay; + + # Same proxy settings as above + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + + client_max_body_size 500M; + ''; + }; + }; + + # Configure Nginx rate limiting zones + services.nginx.appendHttpConfig = '' + # Rate limiting zones for Attic + limit_req_zone $binary_remote_addr zone=attic_api:10m rate=10r/s; + limit_req_zone $binary_remote_addr zone=attic_upload:10m rate=5r/s; + + # Connection limiting + limit_conn_zone $binary_remote_addr zone=attic_conn:10m; + ''; + + services.postgresql.ensureUsers = [ + { + name = "atticd"; + ensureDBOwnership = true; + } + ]; + services.postgresql.ensureDatabases = [ "atticd" ]; + services.postgresqlBackup.databases = [ "atticd" ]; + + services.borgbackup.jobs.default.exclude = [ + "/var/lib/atticd" + ]; + + fileSystems."/var/lib/atticd/storage" = { + device = "//u149513.your-backup.de/u149513-sub9/"; + fsType = "cifs"; + options = let + automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s,user,users,file_mode=0770,dir_mode=0770"; + in ["${automount_opts},credentials=${config.sops.secrets.atticd-smb-credentials.path},uid=atticd,gid=atticd"]; + }; + + sops.secrets.atticd-smb-credentials = {}; + + # Monitoring with Prometheus (if you have it set up) + # services.prometheus.scrapeConfigs = [{ + # job_name = "atticd"; + # static_configs = [{ + # targets = [ "127.0.0.1:${toString atticPort}" ]; + # }]; + # }]; +} diff --git a/hosts/web-arm/modules/authelia/default.nix b/hosts/web-arm/modules/authelia.nix similarity index 100% rename from hosts/web-arm/modules/authelia/default.nix rename to hosts/web-arm/modules/authelia.nix diff --git a/hosts/web-arm/modules/authelia/secrets.yaml b/hosts/web-arm/modules/authelia/secrets.yaml deleted file mode 100644 index 8b3893b..0000000 --- a/hosts/web-arm/modules/authelia/secrets.yaml +++ /dev/null @@ -1,45 +0,0 @@ -authelia-jwt-secret: ENC[AES256_GCM,data:+4mCRAbPYeuxZwPxIWdzym9M0soVRJGZOHpBLFp1dsienOes6PcF6DhkzLwx1g/2KYQBrWq5QtNyysLkl32mNg==,iv:3354Ww7D1fQAVZh8xlJo3W9VaLTC6sUxXpNzwFYGZPg=,tag:NjPuHi4R+I3CJ09ZbV1Cbw==,type:str] -authelia-backend-ldap-password: ENC[AES256_GCM,data:AJ5/lQxxQ0PjPpja4Lm7Qbn4rrZ/fapFeTO9nXsXpYC7cSgPDmGL4LG6QTFrgHpJU4FGEyFhWUYf/BZvHFLA2A==,iv:/w3SlYC74vSV/hkOdp2wb50beSTaokQC9C1ogs82nxo=,tag:b5M78WOUgHcydoJTKiAAOQ==,type:str] -authelia-storage-encryption-key: ENC[AES256_GCM,data:I3ek+p0faJUUjS3ULeeLzsrsl03MKlHwrC+R3IqrJ2P9AbJmMBvvXnqLx2H2THkjGiqN3kLgrhnmInn+BnCgYg==,iv:EiZpXbkyC3tbdzcp20hV6ctAJdB9tlgxT3gI7wiqSZc=,tag:qqG02RJAizr2jlGV0JnStA==,type:str] -authelia-session-secret: ENC[AES256_GCM,data:+hljRSv4nABWg+vEOhYM27h9Gu1FCqcWWa51VqlN1r8AE79S78Uq2txWL7bZKql/fxmaguTLwk18xkHIAvIEsA==,iv:RoytV5jWIUDq6olp8rWAc0NRC4f1FLL43EpTzcXZ3eg=,tag:vIvDVRSqlVt/W/52vuDDZA==,type:str] -authelia-identity-providers-oidc-hmac-secret: ENC[AES256_GCM,data:yyqauvp+/8ufhCaZ1o0DWn4Nx1rdTW8C1HRVAtyCRuBaQA/yFVmZkwFVbnIDC3TrmuEMc2MXzVCREbdDsEqkGm6LJAB4Eq31NyhhbAtKufeqKHhMgEF4d41K71V//FJn2/ZBY6CaR1Ke0rX3p/Rpwk0rwddikkUmdJ7i7w9ayP8=,iv:ONBU0uWEUeQxQCGmHtGOySuLmTnJlAx//lQcK32i1Gs=,tag:Tk2BbYZSqbJRc/2cj8yxHQ==,type:str] -authelia-identity-providers-oidc-issuer-certificate-chain: ENC[AES256_GCM,data:oQwBKE0VjTIKYWOGKFtLwkOkjTh16gf5lJvMEEVs3Sy/+gmyGGmnDHm+xv9aT7Mmq9wSM7SVBe39yT5K9bUd0vGXO2Ze5V55B+B+9bAPKUL4rPNQAeSy3QCJPh6EoG3urDD/HUklV8QCprgTlokdgVgY3fv3be2Y1oOdiZDvbacol6OlcRXSi8ZqMro+f15e44j8NGhzsSahhzOLtmiRGLr5zWnzk8b221HZWtjSdG4rLrtcCZ1UjvvUX5pf8J5PI/9X4S6J7pglG+IlI0WGSHvQ9BXGQqWgmWky/3+hnC/B3ZPm3bz5CqMHzsdx/QmiCtQQf08GOoan/3rgp3pAu5J5TPDldnzEQkWPjciOMp4ewlu4nC1AViat7DH8wFtV9IpixEZm3fMidpPBpkTTRZMCy6AstNlPMvvvRDN/6nJypN++gvkBw3OJac2xBdtbdF5uC9nIrZqWENLnOn4623/C8yJJ8a2l1W1FF95hHiZDQKua+kB4CfFJSFxhtcWj3vcCzv7QIGHZPTIVn+aCozb4CdOegLswCuY9g5ncHfOnqIhSCY3Bc2xbd5GO7kVRvqT79abwHsAdArdDJAE4Fq3mNJG9/fy0N31GW4qKMTb3W5EgEt/2OtfsUn8MwHJV9BGPMeZhpn9hdzkXo9vmakVMKNoK4SEgZmFiKCj/uwhwdvJfYMRvl/n1DSpy8mxzKWt1IO9FD5HRUhkKeas6spOSyzbi4FTJJmJb9NQ5gzAcfTXs8C49S/DSocRwUHvQMvRIRZzBejxFKdnwGxwIJiVDY/04FWAjMR4HgxkCBvo9x+CxajnCw/S9g02uY85vxW1ZURi9wUK9Q9nbEyMu1IGWadhVO6fKvqWr9rVZ6tqqJ7FP81LKca80nkY+6Elec6l6u01Lzb4pLA6MFLyJbCE97+Vmoh056N73RNapWP6G3Txs2CvtzqWdup0J4xpwAxoEqVlnkBQ61abucZH9veMoq4gvxM90S+bBX7c6A+FYRha/PXovRL/SZWEfuKlVDeLQyb2IwQ==,iv:jhnNkcLXN3pHx6S8g78+R6X+ckhOF35QK615zcH2gqI=,tag:JSHDo9nbBbhpiQFSrLuDdg==,type:str] -authelia-identity-providers-oidc-issuer-private-key: ENC[AES256_GCM,data:Et0DaniERibvBeRBmJR5zsBXRpB4yAjQpLRlJc/8+sSZ1RymDelD689/7ETe1QwBZzOxJf35dMbjBmUjcpcxl7iLiujVtd4DR8hirAwYv1HTk4WLbrTOuVhX9O/yWcdfnrn4e4MlBme54HLkeKt5F9xQ+/XvRPkuY+E+zlVd9K2rgdKuPRB4GSkW8AH55P10ts4ICN7hayFLfKWRNjs2LR3JtE/cRppe6Gse61/CG7HWlAlcTYddpYUbIGIaB9yrW3QcV11sTuJ9KpuU/jE6i/0dOosYqPLVUfShMjjnnpnk1wYmaL7F5Ibljk9g1Fzqm1Vwl/S98PYYgt98zOAuMo9djogORpI7in5tV+JoT5V/Lk3Uq3MvkalpdHJShVHUuuJPMMaFjlONS0y2ZYTyWasrwGI9KUYoKtWq5oqrHJkjtWNSagJqRMPBNK/RRtiIxBWwsWMpIlUcks/rZF+CiHKnm/Zb6a+dNsdhqz3qVCI33ry5Wmy6YdTaDBPWv3iFXLz0skVMXCN5vV7PQ86c6yRbEo5HzGdJxxdIacTZ7JLzECPS2MuWGoTKH0VwQgx3qvuMyi0r7/1VwCBGjZkO6vxie5yYlMA1AveepE+8zxCSbLuUMzC5DDVYk98SH2qNL5BZXm2mkRXxBXkQ37SOtnONNqYwvRD9wNWpSBkIumgRG3k3NEcwPwLnrCgNAlev4sXG+DUDgHy4SZ518shGkafUNncst9odQaGvx5EeSD3ItjRptFuPSU554ZZy8bV3wau8enzRP2R47sSg7jW+y0NslCwdVam2SpiXrgqeghplQCNP8uS1Py3DFf8pDOIy/9gV3kjPEOs/RNbv/2bIS20lQbEoMOotk8BHeM5/QytrArnkDcfB4d7FPWRT/Sw2imLQ8A7Q7PidhwEuugfWI6HjSW2bsW+zSf/gdG30ragEgkW9WpTAD6rbLdLdYMYa233zs9b/K6qYAoqEVjJWc+OnCTZ6PTr76Gq/kaIrJ3UlWNJadgCSNMkVs7vNYnczwGQJiaqTnAaB2yuXkIAsC6QIf83G6Z9nw5kFoyWZR5Eytfl/uU9lxv4TrvLtfEqJrdaaYXdAfefpZKmFrQJMeyoJj3ven0j61qmIiBDbkoYkNaBWQJl/mOy+lJ8J2ZaQ62cqVQCFkpcrAWdaxEHCrTu1djfCOGVqQ5d5o1E/GQiAAVgRBQtgv94PCIeCurAUtoWumfBF1wi0h1HMdJd8yZ6MgGXpPoOIZcWc1SRGkNVuoiobdfXO4fyNcJAM+XnOfJ4xO17PhnwBbaM5ECX1TRKbEyc5V36QfD5Fo/VaVOFIDt0KfxIHUxydxa83RpEYV4s13C0I+/hoULtNIDl9KNxaaT4Klq/6HL2jIaCwlRNlb1mc1lhkgaJobXygi/8iW2yyPIoSZQJKsYZhlildGTBlxrlhSDZ+3Dy1RAIRO+cvSr5/eM44xgV8DUs+z9nb+j3Kefl7qn4QBNIEWZkTcLokw/qp58O1EK/h4vays37A1628wfuCDOBSBOPZjtuX9jFg64tcZWZ6rwlVRd5RsMq9iW9MoGcfHvN6DAYTifEs7yiwZdng50OHu1k6/UJ1/LI1mVx7r+//S3rd88fQa76uosBuN5XqDrQiK+iPj3E8rThMJkeR7Hh0yUrkGBAJCs140yFTJeSt+vr6CsqSLy2RR7tb1C2wNm40F7N37Vi1rHm5jzSakm4TPd6aY3kqis6nXavnxUQHO3BKnx0ceQVoz8jqIiy1mjzVwafAn6s/ap6Fzv+sNc/zs++Mod59YnGyqKaeOkoAcmVuWgV7l4VHf1Q/K3o5ri14CHpSqkjBlL9zD3Lh1B0cQNCwHJeIKAgm+1rCpuzx45QeV/MAwWJ6/o8PjHVPm9dQG5nXEPFJA0X4lNKGkRb5wwMsXRf6RC41vvhvbD6pFZ5TCrMX/IW2ym0hOm9Trswm6SlnyLsPtAYB4SdVJxuwqy8gqPpogCm+vgsobIcs4cVAeK3ZW4ikWnSNowXJFeqjQY7ZuO42Anzddn+dodVw923KfVKJTBDK4lDQp5QrWjukbYFK33AIE2vaeJ3mqkJxzmJ027L4w0gQeaUuxh9sOKgxG7xCkzkG0HbIMuIA9E6yBCHNSwj0daB3SRrbxIEMF7F0DI3Lw0dlS4SxJ9ucJoySD1pBENuVm7bgWcY+pL5iJlkKAbVJOEk3cGJ+37XgXDkQHsNF/mxNaIxZ2losxv8GQEuldAxjCXM2hGgOF+64ccxSdH4T/OZtAmAprcB377/tJMuOXrsjMknT77FShgtRfyIzX0cJTPvuvhnswcFj9gr/1REkTkz5XL4fQx8ik4MEbEN3jiDdZEwSW5wjKuuHIZhDt+AnTqHIQZq2SdJ9g2P/36UMzWKfweRe8i7yJ/FRyqVDn63mimyxb12ZB1CkNuNe64yEVsRQvZZpYVLVhzcJrG+nNZXnCne2rFLxl3jRG2y2dgcvl1hmxYGSEFSh1scVt+d0gUmfi0u2MxX0swBpzTFlMwx2hz6pFvnl7jMCeZSitQVRw0VSaaqGeH6ZQIyEKkk8myovbV/PWn3gqcMs5L8Grm6myluBbxuaH/F7xMQadleGSft6iE0/EXoNfLWwQqNj20uuPVmF/UIehUYApHoGpYujFPFKGEdjjCGcdRYpGtlmGmaCPfc4oWJ4GjeLI6VePVhRhM+iyb+zPv8V4SltDfqih/Txs6kfsnOQ0KpjnMSobLX70xV1tm/sxAtqAzJ5I4QtX8EQaWR/rb5VIikAxuQ8yJCii/RFcSd0ss4+4vhGlOHAT1t7+lH0bnTaiUWfm169l+B01JJO8Cz3muJVC/f+PIJUNP5VHgNDUeMDB35USCxnU/0bLlxEuYHtTMLqSabU/bv6YchKZFjSlFHGFXdAEDgQ2HYi9FY1F657dvNqrGO2AwHVdeX8RSiorRlNyeb80NqyASsx6MSWPDWYtVjpD7zHXVlWDLcMVkGwvX4RtJZF8wlXR/iEur8iC+v8g2w7iG2hZD1TFmkJsn/ira4UYLzPxYNAzl4BH5sB5BUJ8GCZrHwV8dny/FTQAwtYNq7TwnAi+2dwhWF7DgX0T6fVD/utyLK19+Aash6h4TX8Y1U345l4r+ADfUfQ3d/B0m6wFEgSD60kOv6wnnYbJEbFAZ2BZEwhzeyEacQjxHceyQg256GiCvRDHX4jonyZm3Vu6kCUNWYaRCKQJY5OyL9zRF9pFsCqqkNEfvDqmjPUjXcO/xarkjjdQz4y4gsPqovhtVi0GuExxhfT1KcJk6uzS1NiX0yBi/s22cI4WLmO/QNHXeUoi0Lbw/XUwj6krNMYrvqofUOqM5tK7BpmplxzMFJeB+mhDXLfpyWAS7Yq1RfHLmnA0OBYu7MQ3UB/zZ7zGcpnAT42MlQ20M7bXCpEBaAaPzlXky9bogNEVkwoOMtVHYzQnucTAKRYzb1PnlA+GMBQpxL27IAn2EbwXNLRwSVh0lgRQFb/94J4TV09CeR5hkKMi5WaCFy50utlLL4gHDg11oNGbu0vseB1AmxzbRExW5qJ87a0A0/ECLOoo2vlgnMJECB6MYNe2na1aTOiOUpI8rArj2fUjVjAlNrUpFWIug2C+b2/I43K8Sg4Tc3ZHcrywHQ4xt2IQeeysUP8C9lHEQW2q4sF7iMujSD1Kzu8bYyCzW2AJuTJCj5psbwlag4ezwmgXpJGsC+yLrCuA/BHzrUDadoBuofNQq7tFKTGDWlN+IfkI0PY5sxMVSbm/5NSWBR060QLDq6XdKOYnzR4oI3mm1NXY4+OrVEJBXqD6zAa7ECLKo+sHBt9uL4CfEfLVNhAi2bmfauPzBZ3NiNeqoneoU16AjGNHiADLyrdRQHmWLzm1xnVmCjtpn3hPnF4AwPYKSf2ALkqHR0UpMWCzRztJGLuRG1EUpD39DgbJOQujyNLU/2g+YdZbixeD6oJ5j+l0gG7+CaumkHGsj2uhEpV1Hq8TKHV/O8I3LkF634Zu7NGaX5xP+8cOYfk3Kqm/V/u2AmMKOCU3AXHK43KhIZvEZYhTRfkICFCbdYE5co6zcvQ6Irn+wSlc5J0ozSrm0fQcFdQAMbf0odwe5VoMb66m6EngoL/VAYRJZtrmPBKUZLELRIcOXv/Nvz4oiEw+NV5u5MyKKJA2Tb6FxOPZdAf339oMCMmN/sUA9fBJ6dvzuDkVNCH5qZzlKWVq/DkZZr3TGA3cbU9FKLNKPrBpBaCdCtrjbaw2YB3HWAky/Qcmx97dRRZGcn7HvMtRnZfBbbFxYVGtgoGcaVZYyz/J4zuibpZcxdNLhu4jeJpMkX4,iv:PWdVLhu0BPx7sXMzow9wl+cqDXD2Y5J5lfVSX3tNCMg=,tag:P4vHogedMdAUeIh4XHlmdw==,type:str] -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age16veg3fmvpfm7a89a9fc8dvvsxmsthlm70nfxqspr6t8vnf9wkcwsvdq38d - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHWkRuWXdaQ1RUbkF1d2p0 - elZkbnFVSW9tVjdqSHFvbjFiL202cW1tWjJ3ClpDUEFIMDFteFA1QTdTVmtVWHI0 - OFRuU1Fockh4aTBwa3l3ZjdiMFFYSm8KLS0tIGdCZjZNVXNVZWV3ZlJzY3ZyZXhr - WFp1eVZna1VWUUZuTVY4Q2h2c0Y2ZDAKcglSV3UBoZ65+SsM+zRFJmjIH61jXbT0 - rpeJ8/0i4THmVpbZY+NOIh2zECmzBkAA06jv0jMoftL40h2wsdgncg== - -----END AGE ENCRYPTED FILE----- - - recipient: age1v6p8dan2t3w9h94fz4flldl32082j3s9x6zqq7u5j66keth9aphsd6pvch - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBna282T2hYcDl4UWFISDVL - eE42MjVxZndUVEU5bjJwUzdHU2xHNXVNRW13CmZwUmdCWDFNVmdDbktwOXBIbzNZ - eGgrZHQwMEdRSG11aWpoSllrcjBBY2cKLS0tIFBZRUdYVUhsbFZYV0w5T3RYc0Ez - RDJZcjA4VFNadEZCUmpOVWRBdGNKMzQKhhQCbeRxDvhFVsF3G+OoXo4i+koqqgrV - o/esYoxA1ZNsS9mhFbfMw1C2YO43iPtaWChAO5zUABDALD6dJ1Rf1A== - -----END AGE ENCRYPTED FILE----- - - recipient: age1y6lvl5jkwc47p5ae9yz9j9kuwhy7rtttua5xhygrgmr7ehd49svsszyt42 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5ZUJuMnNwTGpSdVA4UXV5 - bkdGTWJsRjliMGJWcXBKekc3WDZiN0FWV0MwCmZIVld4M0xaWWhmUDVqSGcwbGpz - S0kzQy9scDRObS82WkMzYUw2dVBaWXMKLS0tIGpkeFZqdXIrY0lFdUgwekNJeDN4 - eFhnWGdoTzdyZmtjZDJBc3FveTRaN0EKBj2hSr6qDxwW+k5hox47P5uyoHQAzCjH - +TplhMUd5p8/ud3U4lixLezGu1qftVSKtz/4SAXrSC5DYZJF1w7tDQ== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2023-08-17T01:43:14Z" - mac: ENC[AES256_GCM,data:zcCKk+VAddbb4vZltdC6hKPAnoo4rvcLcmIsKATQekbVo9OUk5Q5JnxglgAxXyj/YMZ7tIY/IXoWdSW4Kw673vthVnWpGLnuHtXJFGslkQ+GEkIt0z/oepr33gXErsEolZ3rIx02CVsIK5tb38ol0DhAe+6dUihsi23HruMJNog=,iv:2RVGRBTgqR9YLrRpoxuN72NOcXvRlZVTaPNiU7l75w0=,tag:lr4/sBBE9F27II289OWUNQ==,type:str] - pgp: [] - unencrypted_suffix: _unencrypted - version: 3.7.3 diff --git a/hosts/web-arm/secrets.yaml b/hosts/web-arm/secrets.yaml index 26465c6..5ad9fc9 100644 --- a/hosts/web-arm/secrets.yaml +++ b/hosts/web-arm/secrets.yaml @@ -21,6 +21,8 @@ victoria-nginx-password: ENC[AES256_GCM,data:+rKDzML5eQX47JF1i/ZU9jwdeLgRXPyzwSC nextcloud-adminpass: ENC[AES256_GCM,data:/vt17v+aaucz8sq/uYUA0hlj1urKNYcmCN0LbgGAMhWoTiTwzYr5FzrygOuZWZBeaAFH1pWItTZRXj74OX8XqutLPlYDg/jZqLszU0/9HgSBoHb5ZnPUpzIjNI9dpMttPphpo5TVrYKoh/vR3OWjJa3ObcpGLdvMQc1r8ABEvvg=,iv:0xW7++80CwZy0O4J3bFElqp0ZMC+RpO5kcczshM1pzg=,tag:PJj5PHfkoHE8jRbS4mpq6Q==,type:str] nextcloud-secrets: ENC[AES256_GCM,data:FwP+z4B03m0VEFEb8c/UwBKMcWXo+2dnlBAuO4SCVXNBLdq3IK+e8gGzKima+sac+WZ3k3ncPAqyIomBLwEmIUB/24xYx4SL6AddwDoyytZbVDv5Zt7Vpvy6aheOvARoqez3pWMaC+rW11JFVw==,iv:BT9eGRUhHMbwkhuQ+cC32zHICRbm2hQQeVfIHrCB+JM=,tag:GNpdz1QYEcfVvmkjFJY1vg==,type:str] nextcloud-smb-credentials: ENC[AES256_GCM,data:Ra1iVCP/Y1G87oDrn01JxorTQy6d80POKIVEbHPttrd6x5QgEvvyWIz6rCiK4mEH,iv:6wXHBSwq9P+tHrkB82ZReFXsUOF0rDi2hpZ8jXLU7OE=,tag:Fu4RB0hPyHFpN6YLTtfGDQ==,type:str] +atticd: ENC[AES256_GCM,data:a7ueVdAc5OH43JQI+hhVGbBBaeKo2SIqB6TlNAGLg1qIP/z7FfZbxrxvGhrtqhuMfkcJurhnQAGmj2e16eqH9uC3GSM4Hltc64IsZQE=,iv:tl08AndTPAoZjYO5dZgwjNrb8gTpMUJtygCqVNNWZTE=,tag:f9yFk+q5Naowvj6nIT7Wag==,type:str] +atticd-smb-credentials: ENC[AES256_GCM,data:QbCHw+Y//9r60zlP3yceWnYME+rNom4NWnuxwV+d5zzPtzkd377hmqMFPHcbUuJti2KQ3ww6RtFbv02SbNBqahrVwBNSmowr0D7suw==,iv:5xIAW3O0EDuKGtbQSSphLJuWjqbpRnD7B2rypC6Qu3w=,tag:op+NMyWSp2bmrGNkQ/glkw==,type:str] pushover-api-token: ENC[AES256_GCM,data:itcWlyaJi+saBmhLabOOgbOej9yxQgCIiwU9uuOg,iv:dnD12MPZsENogsnCMGpZe1F0cC4eFfefSx7sP9Fl9Mw=,tag:lk1+pkvNab6yG0Sv/+TVIQ==,type:str] pushover-user-key: ENC[AES256_GCM,data:swXKXMAeCyYbBQNAEEpDTJXjdNmFFVWnhExAqfnn,iv:AZd6phibpwEX97U/SzeiRoFFL3TviSONwOWkPsXdcKc=,tag:+mzfrxHpTWOzb3bEzN3D5Q==,type:str] sa-core-mailpw: ENC[AES256_GCM,data:U5nM24n5j85J1ZBrzBkmSUsDFjgXqtcIrwK2,iv:Fxq9wkbjZhofcy/WPF6oOWoyajgj2aCserinNyGDfXE=,tag:q1+pGuKLnPGAvFQhQF1b/w==,type:str] @@ -32,49 +34,40 @@ sops: - recipient: age14grjcxaq4h55yfnjxvnqhtswxhj9sfdcvyas4lwvpa8py27pjy2sv3g6v7 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtU2ZiVW4yWkF5bDBnWVkx - QVFkTTZ6SlA1ZEFNMUpYV1ExMEx0Ulh1dWdnCmdrVE5tYnkwZkV3UWZpbEI2TjRu - YkNLT21sbmhDZlFJL0IxakZKamRRV1kKLS0tIG5WdFpOL3lubWZpTjI1bi8raGdh - MWovMVgzMmlDeVdPYU9EVHp5cFpOR2MK2HEG8AmgkABIfyf+TGCgMiG94AJEdRUp - bJ45NqVMHdFBb3pX34I9vbcpAuvWm+0UMJc5tndD19tulcBTOkCsVQ== - -----END AGE ENCRYPTED FILE----- - - recipient: age16veg3fmvpfm7a89a9fc8dvvsxmsthlm70nfxqspr6t8vnf9wkcwsvdq38d - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBpVE1IdDlKWUR2a1dYV2Nj - N0wxaTdnVThiVWR1RjBWWWNIenJOM1gzbVFFCmJVZ1F3YmdWNjJhV2p2LzFCaHkw - TTlWWktxbWpIYXNKaG1NTWxIQlpTNUkKLS0tIHYwdVdQam05dEZPTFFyeEFmQUJk - b3FSSkNxekhRcllUVGExMis3bm1ySEUKHT4Axi4FjAPxjnv4knAxlw5Qk7uOWDie - XU5oc1gqX6/8So/VAfGqATxyrC4ceg1f8D62QEUkYVe3UOSSXrhrPw== - -----END AGE ENCRYPTED FILE----- - - recipient: age1v6p8dan2t3w9h94fz4flldl32082j3s9x6zqq7u5j66keth9aphsd6pvch - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJTXV2TXdaSVZveTBINkdl - QlV0QlNGdGRVMmRWRjNRRHpjcEJDTzdRMlhzCi8vNkV1TFROVlZsMFVLcHNaMkYr - SVp0ZG9BSWl1SUU2cTJkSTBBQVhWQWMKLS0tIDhKV1hQeDh1OXZpTTJWVEQxcXNX - WS9FWG1jdTZqMVhCMkJjQndlcUVjZ3cKeIdiDFlg1ABxACX8TFYJ+hLrpHMBOQKy - YHlLY6tOwiFKZw98CqqfZG33aXdo2buD7jfGiK+v/VESyfOLqBxFkA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKK05sSTg2NCtZdElsMUo3 + WEtxNEIzVWNHSnpQOVV1aTdjMHM5Wmd5VzA0CmpTMVBLNE5saVd3OTl2SENxemF0 + bHVBOTZ5RXROMXNzRzZxYStlTnYrOEkKLS0tIHdlQWpXbVVPR2c0dzhXVlBxS3Fu + MHBNeHpPb3NEOS9MWlpDWkhkNUtXVGcK+nce+kiTdvliu7Lni9tB4XocF6nLcGBO + iR75yc2yjZvvQn4BEulvPdm0tiwTMSt9NRZBgzykc63yy0vBKFVTxA== -----END AGE ENCRYPTED FILE----- - recipient: age1exny8unxynaw03yu8ppahu5z28uermghr8ag34e7kdqnaduq9stsyettzz enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBsQ2pLV0lFdXQ1anczZnp6 - eFE1ZndLcDlFSjkrdjBWUFAvOGMvM3FRUXpFClhFMjNKcFRldE5YdXp3ZHFzSWpm - NzBhM09UVW5GSWNCQjM4MDFObnA0ZFkKLS0tIGVidjY4UUxDeFV4QjZMeVNLdk9v - aG1HN2dMaWg0d3BOWm10NVFoYUgyUVEKdPIbG4IWEWsQDqikAMFfQ4M1iJUC84QU - OEpdVIYPsyF0WA9aQmmYtvOBB2T1R7ilOVurVb1KqtLA4njzIHoeEA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3YUNpM1RpWVhENnk4d2Jp + VzhHYzNsRVprRlJ1UUFQQVpnMnkvc0RpOXpzCkU2c1VqRndLZnlXL2p1V0tJWURk + VDRPSFdxUzY1dE1iRzljT0krV2JuTWMKLS0tIE02RVNsRzc0N0M5dzZNY1Z6Zmpx + TjdNRGxBVmFQNmNVNkRBYTJCNExVcmsKcMvJ8wsdT+W/t3TrNI2LcStI8mi/cVpe + ++mBTa40TjQF7cLEYmwNVTvbV2W6Ikf5pbuPD8RWUQ75HQRqGhCguw== + -----END AGE ENCRYPTED FILE----- + - recipient: age1v6p8dan2t3w9h94fz4flldl32082j3s9x6zqq7u5j66keth9aphsd6pvch + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmb1RoK3V4bGZWeXBmL1NN + NkNaUlJBaDFScmx1c0lrOWk3aHhiWExiNVJNCi9TMS9lOGE3eXozWGJtVy9EUXlp + RUQxaSsvV0xBNjBvOENoOWRKcGdkUHMKLS0tIFZ5TkhzUTV5TFQzOTREK29KdlNw + SmY1Tm1idlY1OU5RQ2xSSGpnNEE1SHcKO9iwjEXJogOatg4LbwNc6q3WBKY7mJmc + tDs4Cg6sEeq187hXVuUCA57QeUAQTLJFpAUl7fz/RzXC6RSw7Kjg8A== -----END AGE ENCRYPTED FILE----- - recipient: age1ylrpaytkm0k5kcecsxvyv5xd9ts4md0uap48g6wsmj9pwm4lf5esffu0gw enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWbTNXS09KNDNid3B4eklB - eGZkNDdkUkJQeEFmMi9TNnViUTZtYWFHbmpzCmlPbUVYMzlyY2FvOFROSHRhVXZa - TzhaUTBhVnpUNk12bVRLUndVUWJpNEEKLS0tIFVQQSsvakhnU3ZRZkZFMkpZVndH - RkttZkZIZVVFNml2dmU3dDFvbkhSekUKxsgf2LemWDiae5a+RO5ttxQDSMkll450 - w0L3e8JWP63sipaN4Fc5d33V54/yLD65PWPRZr3oZn4FdjHCBsLGeA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAyb2paK2VSQ1FHSGRFYkV6 + ZHowUlp6ajFxOVN4b0RqNVpjT2ZWVEdJMjFZCmpRQjdPUUJiTkpNaEdHWTRHS3FU + ak03UWJ6T1RLTUMrZ2N4OUtuSkRIUG8KLS0tIFU0clg4b3h4TVl0czNsTEdzdWpp + QVNnMUNpcjg5YnhvbjIxUVVXNE44d1UK+X4arcItFuQPzFHX/1L8+KiU+MHmqBdK + nqJ+vibancZRxkBEE4fKbbOWS3kdcU+uWhk1nXkVlaz8Bq6qtctSqw== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-09-09T09:52:21Z" - mac: ENC[AES256_GCM,data:FXQ0mXR8CZR7kPNbmpjXTLmhPlJlgPaJMP5Z2PA2ZORBwSAzyms+a/FFwRnIzcKk0MJEhJH6rVwWCwo0AlPtcwzL5Cnm+mkW3EgN9jtIZumvvtZwW0zWM99F7UsBTboJnG7kGbkfqqRVC4svv6G7xMkbxKIFqwJTUJqRE5vrqnQ=,iv:cuhcQtpF5TMBqx9x11zcxa+5S0IqMngC2dGfJGU82/4=,tag:GKtEOxWuDzcKa5RtRacQTA==,type:str] + lastmodified: "2025-10-14T17:59:28Z" + mac: ENC[AES256_GCM,data:5dAFYstFhWXVjY7zjA42G4dH4R7fDzp+5oZrWZ6RXD9GmXhrZiHQE+KBDf2LsBQk1YiF+voNHBTBFT8TZ5FXWxxjsh/XIehWJTDL6XCsRxRuOhUovePxU6ZZj4VrGPTVELXo1zORdPu08VBcrStb2FX8fA5csAXkt6p0yYWctfc=,iv:uo+YpMTognBequ3yFkYM0v2J8Ysf356FtuCi+6GPlPo=,tag:qhJy1I5Dk+Hr8x4KT17coA==,type:str] unencrypted_suffix: _unencrypted - version: 3.10.2 + version: 3.11.0 diff --git a/utils/modules/lego/secrets.yaml b/utils/modules/lego/secrets.yaml index e617a5a..01a6f8d 100644 --- a/utils/modules/lego/secrets.yaml +++ b/utils/modules/lego/secrets.yaml @@ -4,101 +4,92 @@ sops: - recipient: age14grjcxaq4h55yfnjxvnqhtswxhj9sfdcvyas4lwvpa8py27pjy2sv3g6v7 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRYWJlY2J4RTBML3VQdzgv - eHhnbHkxMnJITmpiTkU4RHNCOWlOb0tWVHlRCmhHYmEvSW9ZeGprL0lCZDlnUmNl - b1JwdWw1azQyMFRNSzdZUkMyaTJHbFkKLS0tIEF0Sk93d2ZVV3ZEMVUrRVB6WWNs - RGhld25tYlNVYm4vclY4SnhFdWIxcUEKK9om+AXDMNz99E5Isxe5RsAQFUmJcEdm - QrhVnksGJibKXIhdalqxujjt7u6ZwEMnBvM95AhRazvSYIf6G6gUkQ== - -----END AGE ENCRYPTED FILE----- - - recipient: age16veg3fmvpfm7a89a9fc8dvvsxmsthlm70nfxqspr6t8vnf9wkcwsvdq38d - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzNGFjYUM1djczYURQWHBN - MmhvRnVtSDBqRTJHY0p3NWdNRlFIQmFPMEZVCjUvQi8yMElvQUdPK1ZQeGFmbm9w - bTdhVmMyd0tjNStpTm1NemhydWxnc00KLS0tIGI4cmtHWGExYjhYL3VaYkkvZ2ty - Ri9ZODBSajlqV3lwbTF0WHFBUFBta3cKx9Hls2u8B6ZkRaSKIEHhHsRHp06juwqT - 6TDkA1anxMi4ffQAFijtiEyFYHDnA76bwuNkixICMasmFOdCRWM1jA== - -----END AGE ENCRYPTED FILE----- - - recipient: age1v6p8dan2t3w9h94fz4flldl32082j3s9x6zqq7u5j66keth9aphsd6pvch - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSByTEVielZEUi9rSUxlSEgw - Y0VVd2F4aGt4a253ZitMWTViVFdJeTJacWo0CitGTys1c2ZUeGJSN2grU2hTMmw4 - Uk5FbGljU1huRU5wakJRLzRaSVZOYm8KLS0tIGNMRFB3VUIvaDhiaXZFMy9kVGNx - SXE1NmNuTThXQnBldmttRm5vVmtRd3MK4ixdF0RMQKeOuZt22RskFcUy3GAvhdxf - ooqX/8/5hz48M1Z5LC4XO8VreF0QYY6sM+lN2r9yP/6vOPRxre9RsA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmUENmd0xvRkxFL2ptTzZK + R3BTQUoxbmdiMEg0Ymh4MUtYRElpdXE2N0R3CitWL21LYWlSSG5uSlNkZDNGK2NW + YmYxMWh1Mk1GdHp0c2pxUmlXbHZJcnMKLS0tIHVhWGxrOXJ5Zkkwc0ZITUZ1VlI0 + M0ZYMUpqVzhXN3FIblRYZUF3cFlEeE0KOvZbSEbqTwh7QTH3oaRqeDcRqbYtwo/m + GNntVqCNfBfXHdekRYKD4spQeuhpz4iS7CrhTTwmeVyyEM7WYjzMdg== -----END AGE ENCRYPTED FILE----- - recipient: age1exny8unxynaw03yu8ppahu5z28uermghr8ag34e7kdqnaduq9stsyettzz enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxdXVnTXlQN0sxd0tkc09L - YkFZcG1zcTlObWNuQ2tHb3FKSmFSQmszNFVjCnVvcmNoSExBSWdFRTZkSlhUWFNn - dzhMQWFua3BXVHBxbjRzY2dGRXlsTXMKLS0tIDErQklTRG8vMDZ0OEppS2FRRTRx - Yld4bWhIMzJBY2JtaHh2Y3JvcTcvZ2cKR0Bb6BzJx9r+Ty/TPH/21/b7ygVG1cSi - VUK95j7RScLJte5YjRso5Hm3vKuKKvQDurb9hniyJm78H6lQ2rm8pA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB6RktIYWRhWDJFRzBxenpD + Q1FPL2V3VCtvb0xoVFJsRWdNUzljVjQrQUVvCjlmTnNtemwzL0t6V05uNXNUZ3Za + T3pNM3h1eC9CdXE5bkFIUzFhNm1MWE0KLS0tIEhyWi9WcE1LTkhOWjd6eWtMTjdh + MXlyNllMSlEwTG1ldGlLaXhuNU1SWjgKW9stZEoRxI7eEw8bwErJ0rq7p/QG8Evk + LiO2Di0zX7jjdazGiHG/8OLJJNy9as+wNlhQTYwyZRF8fYzRLobPvg== + -----END AGE ENCRYPTED FILE----- + - recipient: age1v6p8dan2t3w9h94fz4flldl32082j3s9x6zqq7u5j66keth9aphsd6pvch + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBZTVk1ZS91SzVnc1g0bHli + eGR3YVNDMkNQQlNDelFFd0dybTFFODQxQlFjCnN1MDlIRllOUEdGMk9MQ05UN3VJ + T0kzODhtMStReWxtNDFxbTJoWjR1dWsKLS0tIGgrY0dTUFMyaWZGbVRaZHdrVU9r + cXNDVEtuUWNONEIrVkdtZ09OZytmeEUK6NZ1UvcpqThK/PnipyWAkY8xeXcYrrOC + BkSoietuI9K2BFbf02zVjYxeNNj2lG8hIDbDi1a3Xb/dw8g6nnJ+Cw== -----END AGE ENCRYPTED FILE----- - recipient: age106n5n3rrrss45eqqzz8pq90la3kqdtnw63uw0sfa2mahk5xpe30sxs5x58 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDeEF1eTEwcGp2T21iLzVs - VmN6Zm5SNUxCdzg2SjZyRFpkdkRpS2FFV0FzCmpYME8zMGU4a0FrZ0hab2taZ1dh - b2JxZzJKZlhxSXZRNlhCOGk2NnRCcG8KLS0tIHF2RDZtTnZEaCt4M3c1THQ0K1Yz - Yld1dmZMcEtqSVhQdzlXT0dtQ3BOdkkKrslHv+MLSPWAZspNDUYy+TTB5d5maViF - ifRFP60zlXOSFyn/198BxVeFKc0yaf7VaAZOw8n7G44vSTaWr043/Q== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4TkdsNGsyTlJlMTBEaFVa + T2Y0VHBuM1Q5QmhhcXgxYkt2UVM3eHlpYzNNCmFVcnJDQTkvUFhyTlF2dElqSDA1 + MmRsRXBXQUhKd0xGcmpGbXM2MFpFRnMKLS0tIDVvTDBhb3FZemt3bENLRGdPeHM2 + NEpCTDBNVVJ6ZjlNVEtBZjIzYVNjemcKz+YQQ02jpeo0yn3msuTbi76ftvlCet0H + 6PqDxGY1YUoYv9ko/4iEbIFYT7b/x+k95RHTzNFO0wgva6hmSIN7Ww== -----END AGE ENCRYPTED FILE----- - recipient: age1gjm4c3swt8u88e36gf2qlg3syxfc0ly94u64c42f2tsf24npw4csa6e4fw enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSArZlBySnJra0d1Z2ExLzlM - NlRnY2NTL3NWMWV2OFJ5Nis3dHJ0VnJLUTNrClBGQ2h3dTg3VWlyYmN6dGp6dzVF - ejhFUTJ6SEJqL2t6VG1NMWxDQnpVSmcKLS0tIFBRdjgwcjJTSnIxT2pVSGJHT3Vq - Zk55RWcxNXR3U0NXamluZURjTkU3a00KfhY/GmgG501PpFFEk6n5saN+S5v0meuY - JzHwjh+3ylPkvbAw1JStaKM4HXdKM4opTT6tNXCEUNBUTKARneZSDg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwazNITkhVWktlaDNybzc1 + YmRVZ01iYSs0Z05mS2RHK1RsRWhrbWExdTNnClV3cnFvcGkzdyt0d1UwVXZDb1Q4 + M2Y3UGw5ckdvVy92V1dKNW45Vjk4NUEKLS0tIFhOUjVaeFFHdFBqWlZVNG1PbFF0 + bXFHbHBWaUZZaWNiZzVPVi9WQ2hzY1EKdxAy3dTKsKOF22Zm+oTZLLiEP4lu7oBJ + 0pZf5v14MscKiIG8TVBKTCGlF8CQWyS1QhRF+NHNwUXGE5fYX4n15A== -----END AGE ENCRYPTED FILE----- - recipient: age1ylrpaytkm0k5kcecsxvyv5xd9ts4md0uap48g6wsmj9pwm4lf5esffu0gw enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5QjNabmNTWGZma3lydi9s - Zmw2TDNKZUNlVUwyVkFTUHVhOTg1NVFtaW1rCkprN1FFSzZaVjI4R2FqclUzbzV4 - MTF3NllhSkJSRVliMGxMQko5YjMrcTQKLS0tIGtCalY2WGlWa2w0cm45N3VZSS9i - SmRpLzgvZUcvVmFKUUdHYmZGZW9ZNk0KsR8wrnFZ+ZPVBiZTdBarsTjcRLyvzMwA - CD+db7VzA02XAZDpvuadtUAenh2D5teqA91EGrObsm6uNIrodPli6A== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQaHR0NDl4bjQ3TTYyUnpj + dERTYXhwY1JuaDVuZHl3WjhTR3VIRUxpNkNzClJyeU1xaUFsWjlvVm9JTk1SZlQr + amZ3TFcxVGNRdHk3RTB1ZkU1UFlrQzAKLS0tIFZCbnBaQnVJaGhwS0tuUWVVTXpS + WFZOZVdub3ZmelBWZC9zSHRaeStJdnMKaLyyCqVMg/84D4/c2V6Vx/rCG2O1a84K + iBJOuREXiDYyTnqG/aBMmiMoooUV5ESOWr11mOIKaJruWnZvPdNraQ== -----END AGE ENCRYPTED FILE----- - recipient: age1jyeppc8yl2twnv8fwcewutd5gjewnxl59lmhev6ygds9qel8zf8syt7zz4 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBMa3dCZDhvNnN0NGo5OW9M - V1VlTmphd29Va21HVTg2ZGVRelVwcnhSTldFClFENFZDMElFZGZUMEhvbURKY08r - VTkzWDJtV1MrMi9MSERQeEk4SHZSaGcKLS0tIHdaRnVhR3Bvc3hMZTk0dUdkY3Rm - SXFTUHh4MDEyZjQrdlB3ZERJR1I3eG8KdU+cRYeIXGZ7YOlqqLbyCUlCcg6AeXO/ - UTTIFTp1fKvvYHILq72klTjzRBFviVzWyXGeAQoUeeSf0XT+wNqbrw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWRGhydGE0SGRJaENKNUdD + R1NwdmNoeEZET2Rqck1oby9Hck04a001Nmx3CmJpZzdmTUdNUzJ6UlBCK2FjUWta + RlpHMnQ2Rk5oMWRQZTBJQnZJcHBVS0EKLS0tIEdqOFZ0NE1LamM2Z0NrWFlZdXpa + Nm9tUzdZYUJOT1hYYXoyRXdmTGlFTjgK/d18nFYcRquwqpVKfDhLqpG9j0CI8KdK + eLVcBwCzBgpYSbb6+O+ygU1FPSFstxzBoHdGglawA+OfuZKHvRxaeA== -----END AGE ENCRYPTED FILE----- - recipient: age14uarclad0ty5supc8ep09793xrnwkv8a4h9j0fq8d8lc92n2dadqkf64vw enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkNzMwRVVQNHhjUzJKNDds - SHg0bndWNVdYSnlZVCtPY25iVERlUk1KdVdnCnpUcU1rZ1VsMG9TNkppdnUzUFVq - K1NNWXNrdnpFSUhXL3d6MjdwWHZldEkKLS0tIHFvdzJTZkpRZFN5VHZ3YS83RGMr - ZnRrbnlFNGhMdmpvcnFhR3pQT0FYZ0EKwPVTSQV6zFAzUkymO//SCrq1wVMaDwPb - PHvCcVu+IsBDcWT8bBhpdJVas5dQmRbwFArgOutNvfh/kfCGkK8n4Q== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBZYnJIajFlWUNmNUZVVm1H + akgvdFltZ3JXaHVQZEwyU3dJcEtTVGJ5dEVVCkZJRHpyRHlxSlJZSk1VUHhIMExh + dGlJK1h5Q3BKNFU0dngyV1J1RHNSTXcKLS0tIE9NWVk2MlBodEZaN1dqSXZDelJE + VDgwUWNDSldwK2ZEejY4WVI4b1JaOWcKI+qLP1Rm6zoB4KkGTgrkK5/5X4OVObwM + uIMXlMyChS+9eKc0e6eE/t3rY/3hRWUKTouckuVbLBkFSlyB8E1LpQ== -----END AGE ENCRYPTED FILE----- - recipient: age1wq82xjyj80htz33x7agxddjfumr3wkwh3r24tasagepxw7ka893sau68df enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0dmdUOW9JTERXMzFIWnFB - YWg1ZkhmRVBQcDdCZ29VVC9KWVI4STZuN3dJCkFnUHlwU0lVZ1VJQkZjUk5EOHJ6 - cEgvTDBqdjNmK20zQlJsQUdTRUxGVkUKLS0tIEoxQzFWVzEyVmpWTGtNVnhsTEtM - WWFuYVpCYUlqSDhaRmVHOHpHMFkyTVkKY120BQh1AHmax3InwLgvd68qnNFZI2BV - 1EAF9TJLUG/hpuJW+fuQaVIxOR28fn+xKBTZFs5auU6l47Bo0koHGw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3MFFtRk5zVVZCMUxSbktt + K1VWSE1iZ0FsaFlHVHVMY1lZblR1SEJXNHk4CmdiUDQ3bEZHTkdPbUhQTVhvQjR0 + aFE1VHdXdW8wZUJ6NXBWWVl5N1l0aEUKLS0tIDNQZzg2RXhpKzNVSDd6U2pzdmZl + eEhpTGlxaW9sc0FkakVZandIWHZ5ckkKPuBwyZF/RN3M0BTcB9wfxLak6mWWf7X+ + Fm/AfqNep9mgKG9+WmUD0hEYFwTHowDR8gFE/TqaQWhyi9ouEy/1Sg== -----END AGE ENCRYPTED FILE----- - recipient: age12msc2c6drsaw0yk2hjlaw0q0lyq0emjx5e8rq7qc7ql689k593kqfmhss2 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPamxlMmRXQkp3MVE0NXU5 - QUxoUkZZUGFuZG04TXgyTjRvSkpuUENaSTN3ClU4T1dYYkRZQmRUb3BnbFJuV3ow - RlNGWjJpK2E4NWFLSC82ZTdmSTBRSWMKLS0tIHZQcmo1QVIrZTZPN2VXSFd2a01t - SG03eGsxTWY5SnBaVm9WMCsrQzRFT2MKmEQ0TYJ/le9N/ZnisYztwU9K4c+6gBDl - avhMoswPuv3NmmyjlttoifuwvWe6Cic+VXF9lD4gC1A7j7ofslN7ZQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtS1NxVE9tMEpEaHZtazdV + VU1VVlYzY2JPdGxmUEh1MTU0bWFKVkp6b1Z3CkVtbzd3OEFGdE5ZSmhjZGhsbjY5 + bkhKMFQ5TTUxQmYxZVZmWFkrQ2lBQ0kKLS0tIDFRMEprTUdGQzYzN1o0WVJ6cktW + K2dZcktNc2RYbUpLMDZsOGRyYUxyemsK7pwAE2eJwJBkGPMOAfU0McOZAlNBl8jS + ZExGMSTWOin8F7GQ6WlywUtEkw9k/nyMujSUxdAvjF/Q8EfZ+lhnjw== -----END AGE ENCRYPTED FILE----- lastmodified: "2022-11-09T07:12:13Z" mac: ENC[AES256_GCM,data:gqsD5gTtE5ZqWzWKAAIscecvIsGSC9j4Cnbik6Yk7Jf7Z5/NIxbkInzDsLmlU3ObbLZAhGAlOAKIrUVy37rCcEZ+I04ICXK1dmUdsVud6E4SvTdDjh9qlXTbEkcDCY2YqXlTuQl6IZyveaPuF6fRe1FMh8JEpDv/foZTl8+AuQQ=,iv:+nV6YW9m1B0qo7xbB1lw9dgiQ877GQ6OxMqjk7lei10=,tag:NmeSwBWRKpqlwZxYYC7trg==,type:str]