diff --git a/.sops.yaml b/.sops.yaml index aed779b..641d84f 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -21,3 +21,8 @@ creation_rules: - age: - *nathan - *levitation + - path_regex: secrets/oracles + key_groups: + - age: + - *nathan + - *oracles diff --git a/flake.nix b/flake.nix index f81d01e..8cf0049 100644 --- a/flake.nix +++ b/flake.nix @@ -127,6 +127,15 @@ ]; }; + oracles = makeNixosSystem { + system = "x86_64-linux"; + hostName = "oracles"; + extraModules = [ + ./hardware/oracles.nix + ./machines/oracles/configuration.nix + ]; + }; + x86vm = makeNixosSystem { system = "x86_64-linux"; hostName = "x86vm"; diff --git a/machines/oracles/configuration.nix b/machines/oracles/configuration.nix new file mode 100644 index 0000000..5ff5e6e --- /dev/null +++ b/machines/oracles/configuration.nix @@ -0,0 +1,186 @@ +{ config, lib, pkgs, inputs, ... }: + +{ + # Sops setup for this machine + sops.secrets = { + "borg-ssh-key" = { + sopsFile = ../../secrets/oracles/borg.yaml; + format = "yaml"; + }; + "borg-password" = { + sopsFile = ../../secrets/oracles/borg.yaml; + format = "yaml"; + }; + "friendpack-backblaze" = { + format = "yaml"; + sopsFile = ../../secrets/oracles/backblaze.yaml; + owner = config.users.users.nathan.name; + group = config.users.users.nathan.group; + }; + }; + # Setup system configuration + nathan = { + programs = { + utils = { + devel = true; + }; + }; + services = { + nginx = { + enable = true; + acme = true; + }; + matrix = { + enable = true; + baseDomain = "mccarty.io"; + }; + borg = { + enable = true; + extraExcludes = [ + "*/.cache" + "*/.tmp" + "/home/nathan/minecraft/server/backup" + "/var/lib/postgresql" + "/var/lib/redis" + "/var/lib/docker" + "/var/log" + "/var/minecraft" + "/var/sharedstore" + ]; + passwordFile = config.sops.secrets."borg-password".path; + sshKey = config.sops.secrets."borg-ssh-key".path; + }; + }; + config = { + setupGrub = true; + nix.autoUpdate = true; + harden = false; + }; + }; + # Configure networking + networking = { + domain = "mccarty.io"; + useDHCP = false; + interfaces.enp1s0f1.ipv4.addresses = [{ + address = "104.238.220.96"; + prefixLength = 24; + }]; + defaultGateway = "104.238.220.1"; + nameservers = [ "1.1.1.1" ]; + # Open ports in firewall + firewall = { + allowedTCPPorts = [ 25565 ]; + allowedUDPPorts = [ 25565 ]; + trustedInterfaces = [ "zt5u4uutwm" ]; + }; + }; + + # Setup home manager + home-manager.users.nathan = import ./home.nix; + + # Setup minecraft container + containers.minecraft = + let + b2AccountID = "00284106ead1ac40000000002"; + b2KeyFile = "${config.sops.secrets."friendpack-backblaze".path}"; + b2Bucket = "ForwardProgressServerBackup"; + in + { + config = { pkgs, lib, ... }@attrs: + let + # OpenJDK 17 + javaPackage = pkgs.jdk; + in + { + imports = [ + inputs.quilt-server.nixosModules.default + ]; + ### + ## Container stuff + ### + # Let nix know this is a container + boot.isContainer = true; + # Set system state version + system.stateVersion = "22.05"; + # Setup networking + networking.useDHCP = false; + # Allow minecraft out + networking.firewall.allowedTCPPorts = [ 25565 ]; + + ### + ## User + ### + users = { + mutableUsers = false; + # Enable us to not use a password, this is a container + allowNoPasswordLogin = true; + }; + + ### + ## Configure module + ### + forward-progress = { + services = { + minecraft = { + enable = true; + minecraft-version = "1.18.2"; + quilt-version = "0.17.1-beta.6"; + ram = 6144; + properties = { + motd = "Nathan's Private Modded Minecraft"; + white-list = true; + enforce-whitelist = true; + }; + packwiz-url = "https://pack.forward-progress.net/0.3/pack.toml"; + acceptEula = true; + }; + backup = { + enable = true; + backblaze = { + enable = true; + accountId = b2AccountID; + keyFile = b2KeyFile; + bucket = b2Bucket; + }; + }; + }; + }; + }; + autoStart = true; + bindMounts = { + "/var/minecraft" = { + hostPath = "/var/minecraft"; + isReadOnly = false; + }; + "/run/secrets/friendpack-backblaze" = { + hostPath = "/run/secrets/friendpack-backblaze"; + }; + }; + forwardPorts = [ + { + containerPort = 25565; + hostPort = 25565; + protocol = "tcp"; + } + { + containerPort = 25565; + hostPort = 25565; + protocol = "udp"; + } + ]; + }; + services.nginx.virtualHosts."pack.forward-progress.net" = { + enableACME = true; + forceSSL = true; + locations."/".root = "/var/www/pack.forward-progress.net"; + root = "/var/www/pack.forward-progress.net"; + }; + # Backup postgres + services.postgresqlBackup = { + #enable = true; + compression = "none"; + backupAll = true; + startAt = "OnCalendar=00/2:00"; + }; + +} diff --git a/machines/oracles/home.nix b/machines/oracles/home.nix new file mode 100644 index 0000000..88d8a3b --- /dev/null +++ b/machines/oracles/home.nix @@ -0,0 +1,3 @@ +{ config, lib, pkgs, ... }: + +{ } diff --git a/modules/default.nix b/modules/default.nix index 51fc125..c5adcc8 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -17,6 +17,8 @@ in ./services/ssh.nix ./services/tailscale.nix ./services/borg.nix + ./services/nginx.nix + ./services/matrix.nix ./linux/base.nix ]; @@ -63,6 +65,22 @@ in default = "hourly"; }; }; + # Nginx + nginx = { + enable = mkEnableOption "nginx"; + acme = mkEnableOption "ACME Integration"; + }; + # Matrix + matrix = { + enable = mkEnableOption "matrix"; + baseDomain = mkOption { + description = "Base domain to use for the matrix services"; + example = "mccarty.io"; + type = lib.types.str; + }; + element = mkDefaultOption "element" config.nathan.services.matrix.enable; + enableRegistration = mkEnableOption "synapse registration"; + }; }; # Control enabling/configuratin of services programs = { @@ -105,6 +123,13 @@ in description = "Username to use for common configuration"; type = lib.types.str; }; + # Name of the user to install + email = mkOption { + default = "nathan@mccarty.io"; + example = "nathan@mccarty.io"; + description = "Email to use for common configuration"; + type = lib.types.str; + }; # Is this system a desktop? # Off by default isDesktop = mkEnableOption "Desktop specific settings"; diff --git a/modules/services/matrix.nix b/modules/services/matrix.nix new file mode 100644 index 0000000..f743a24 --- /dev/null +++ b/modules/services/matrix.nix @@ -0,0 +1,350 @@ +{ config, lib, pkgs, inputs, ... }: +let + nathan = config.nathan; +in +with lib; +{ + config = mkMerge [ + (mkIf nathan.services.matrix.enable + { + # Enable nginx + nathan.services.nginx.enable = true; + services = { + # Setup postgres + postgresql = { + enable = true; + initialScript = pkgs.writeText "synapse-init.sql" '' + CREATE ROLE "matrix-synapse" WITH LOGIN PASSWORD 'matrix-synapse'; + CREATE DATABASE "synapse" WITH OWNER "synapse" + TEMPLATE template0 + LC_COLLATE = "C" + LC_CTYPE = "C"; + ''; + }; + # Setup synapse + matrix-synapse = { + enable = true; + settings = { + enable_registration = false; + server_name = nathan.services.matrix.baseDomain; + + listeners = [ + { + port = 8008; + bind_addresses = [ "::1" ]; + type = "http"; + tls = false; + x_forwarded = true; + resources = [ + { + names = [ "client" "federation" ]; + compress = false; + } + ]; + } + ]; + database.args = { + user = "matrix-synapse"; + database = "synapse"; + }; + }; + }; + # Configure nginx + nginx.virtualHosts = { + "matrix.${nathan.services.matrix.baseDomain}" = { + enableACME = true; + forceSSL = true; + + locations."/".extraConfig = '' + rewrite ^(.*)$ http://${"element." + nathan.services.matrix.baseDomain}$1 redirect; + ''; + + # forward all Matrix API calls to the synapse Matrix homeserver + locations."/_matrix" = { + proxyPass = "http://[::1]:8008"; # without a trailing / + }; + locations."/_synapse" = { + proxyPass = "http://[::1]:8008"; # without a trailing / + }; + }; + }; + }; + } + ) + (mkIf nathan.services.matrix.element { + services.nginx.virtualHosts."element.${nathan.services.matrix.baseDomain}" = { + enableACME = true; + forceSSL = true; + root = inputs.nixpkgs-unstable.legacyPackages.${pkgs.system}.element-web.override { + conf = { + default_server_config."m.homeserver" = { + "base_url" = "https://matrix.${nathan.services.matrix.baseDomain}"; + "server_name" = "matrix.${nathan.services.matrix.baseDomain}"; + }; + showLabsSettings = true; + settingDefaults.custom_themes = [ + { + "name" = "Discord Dark"; + "is_dark" = true; + "colors" = { + "accent-color" = "#747ff4"; + "primary-color" = "#00aff4"; + "warning-color" = "#ed4245d9"; + "sidebar-color" = "#202225"; + "roomlist-background-color" = "#2f3136"; + "roomlist-text-color" = "#dcddde"; + "roomlist-text-secondary-color" = "#8e9297"; + "roomlist-highlights-color" = "#4f545c52"; + "roomlist-separator-color" = "#40444b"; + "timeline-background-color" = "#36393f"; + "timeline-text-color" = "#dcddde"; + "timeline-text-secondary-color" = "#b9bbbe"; + "timeline-highlights-color" = "#04040512"; + "reaction-row-button-selected-bg-color" = "#b9bbbe"; + }; + } + { + "name" = "Dracula Flat"; + "is_dark" = true; + "colors" = { + "accent-color" = "#bd93f9"; + "primary-color" = "#bd93f9"; + "warning-color" = "#bd93f9"; + "sidebar-color" = "#1e1f29"; + "roomlist-background-color" = "#1e1f29"; + "roomlist-text-color" = "#eeeeee"; + "roomlist-text-secondary-color" = "#eeeeee"; + "roomlist-highlights-color" = "#00000030"; + "roomlist-separator-color" = "#00000000"; + "timeline-background-color" = "#1e1f29"; + "timeline-text-color" = "#eeeeee"; + "timeline-text-secondary-color" = "#dddddd"; + "timeline-highlights-color" = "#00000030"; + "reaction-row-button-selected-bg-color" = "#b9bbbe"; + }; + } + + { + "name" = "Dracula"; + "is_dark" = true; + "colors" = { + "accent-color" = "#bd93f9"; + "primary-color" = "#bd93f9"; + "warning-color" = "#bd93f9"; + "sidebar-color" = "#1e1f29"; + "roomlist-background-color" = "#1e1f29"; + "roomlist-text-color" = "#eeeeee"; + "roomlist-text-secondary-color" = "#eeeeee"; + "roomlist-highlights-color" = "#00000030"; + "roomlist-separator-color" = "#4d4d4d90"; + "timeline-background-color" = "#282A36"; + "timeline-text-color" = "#eeeeee"; + "timeline-text-secondary-color" = "#dddddd"; + "timeline-highlights-color" = "#00000030"; + "reaction-row-button-selected-bg-color" = "#b9bbbe"; + }; + } + { + "name" = "Geeko dark theme"; + "is_dark" = true; + "colors" = { + "accent-color" = "#73ba25"; + "primary-color" = "#35b9ab"; + "warning-color" = "#bf616a"; + + "sidebar-color" = "#2a2a2a"; + "roomlist-background-color" = "#4a4a4a"; + "roomlist-text-color" = "#fff"; + "roomlist-text-secondary-color" = "#ddd"; + "roomlist-highlights-color" = "#2a2a2a"; + "roomlist-separator-color" = "#3a3a3a"; + + "timeline-background-color" = "#3a3a3a"; + "timeline-text-color" = "#eee"; + "timeline-text-secondary-color" = "#6da741"; + "timeline-highlights-color" = "#bf616a"; + "reaction-row-button-selected-bg-color" = "#bf616a"; + }; + } + { + "name" = "Luxury Dark theme"; + "is_dark" = true; + "colors" = { + "accent-color" = "#D9BC00"; + "primary-color" = "#FFDD00"; + "warning-color" = "#FBC403"; + + "sidebar-color" = "#020F1B"; + "roomlist-background-color" = "#011223"; + "roomlist-highlights-color" = "#1E354A"; + "roomlist-separator-color" = "#05192D"; + "roomlist-text-color" = "#FFEC70"; + "roomlist-text-secondary-color" = "#FFF3A4"; + + "timeline-background-color" = "#05192D"; + "timeline-highlights-color" = "#011223"; + "timeline-text-color" = "#FFF3A4"; + "timeline-text-secondary-color" = "#A79000"; + "reaction-row-button-selected-bg-color" = "#FFEC70"; + }; + } + { + "name" = "Nord dark theme"; + "is_dark" = true; + "colors" = { + "accent-color" = "#a3be8c"; + "primary-color" = "#88c0d0"; + "warning-color" = "#bf616a"; + + "sidebar-color" = "#2e3440"; + "roomlist-background-color" = "#3b4252"; + "roomlist-text-color" = "#ebcb8b"; + "roomlist-text-secondary-color" = "#e5e9f0"; + "roomlist-highlights-color" = "#2e3440"; + "roomlist-separator-color" = "#434c5e"; + + "timeline-background-color" = "#434c5e"; + "timeline-text-color" = "#eceff4"; + "timeline-text-secondary-color" = "#81a1c1"; + "timeline-highlights-color" = "#3b4252"; + "reaction-row-button-selected-bg-color" = "#bf616a"; + }; + } + + { + "name" = "Nord light theme"; + "is_dark" = false; + "colors" = { + "accent-color" = "#a3be8c"; + "primary-color" = "#5e81ac"; + "warning-color" = "#bf616a"; + + "sidebar-color" = "#d8dee9"; + "roomlist-background-color" = "#e5e9f0"; + "roomlist-text-color" = "#d08770"; + "roomlist-text-secondary-color" = "#3b4252"; + "roomlist-highlights-color" = "#eceff4"; + "roomlist-separator-color" = "#eceff4"; + + "timeline-background-color" = "#eceff4"; + "timeline-text-color" = "#2e3440"; + "timeline-text-secondary-color" = "#3b4252"; + "timeline-highlights-color" = "#e5e9f0"; + "reaction-row-button-selected-bg-color" = "#bf616a"; + }; + } + { + "name" = "Selenized black theme"; + "is_dark" = true; + "colors" = { + "accent-color" = "#70b433"; + "primary-color" = "#4695f7"; + "warning-color" = "#ed4a46"; + + "sidebar-color" = "#181818"; + "roomlist-background-color" = "#252525"; + "roomlist-text-color" = "#ffffff"; + "roomlist-text-secondary-color" = "#b9b9b9"; + "roomlist-highlights-color" = "#3b3b3b"; + "roomlist-separator-color" = "#121212"; + + "timeline-background-color" = "#181818"; + "timeline-text-color" = "#FFFFFF"; + "timeline-text-secondary-color" = "#777777"; + "timeline-highlights-color" = "#252525"; + "reaction-row-button-selected-bg-color" = "#4695f7"; + }; + } + + { + "name" = "Selenized dark theme"; + "is_dark" = true; + "colors" = { + "accent-color" = "#41c7b9"; + "primary-color" = "#4695f7"; + "warning-color" = "#fa5750"; + + "sidebar-color" = "#103c48"; + "roomlist-background-color" = "#184956"; + "roomlist-text-color" = "#dbb32d"; + "roomlist-text-secondary-color" = "#FFFFFF"; + "roomlist-highlights-color" = "#2d5b69"; + "roomlist-separator-color" = "#2d5b69"; + + "timeline-background-color" = "#2d5b69"; + "timeline-text-color" = "#FFFFFF"; + "timeline-text-secondary-color" = "#72898f"; + "timeline-highlights-color" = "#184956"; + "reaction-row-button-selected-bg-color" = "#4695f7"; + }; + } + + + { + "name" = "Selenized light theme"; + "is_dark" = false; + "colors" = { + "accent-color" = "#ad8900"; + "primary-color" = "#009c8f"; + "warning-color" = "#d2212d"; + + "sidebar-color" = "#d5cdb6"; + "roomlist-background-color" = "#ece3cc"; + "roomlist-text-color" = "#c25d1e"; + "roomlist-text-secondary-color" = "#000000"; + "roomlist-highlights-color" = "#fbf3db"; + "roomlist-separator-color" = "#fbf3db"; + + "timeline-background-color" = "#fbf3db"; + "timeline-text-color" = "#000000"; + "timeline-text-secondary-color" = "#777777"; + "timeline-highlights-color" = "#ece3cc"; + "reaction-row-button-selected-bg-color" = "#4695f7"; + }; + } + { + "name" = "Solarized Dark"; + "is_dark" = true; + "colors" = { + "accent-color" = "#b58900"; + "primary-color" = "#268bd2"; + "warning-color" = "#dc322f"; + "sidebar-color" = "#002b36"; + "roomlist-background-color" = "#073642"; + "roomlist-text-color" = "#839496"; + "roomlist-text-secondary-color" = "#93a1a1"; + "roomlist-highlights-color" = "#586e75"; + "timeline-background-color" = "#002b36"; + "timeline-text-color" = "#839496"; + "timeline-text-secondary-color" = "#586e75"; + "timeline-highlights-color" = "#073642"; + "reaction-row-button-selected-bg-color" = "#268bd2"; + }; + } + { + "name" = "ThomCat black theme"; + "is_dark" = true; + "colors" = { + "accent-color" = "#cc7b19"; + "primary-color" = "#9F8652"; + "warning-color" = "#f9c003"; + "sidebar-color" = "#000000"; + "roomlist-background-color" = "#191919"; + "roomlist-text-color" = "#cc7b19"; + "roomlist-text-secondary-color" = "#e5e5e5"; + "roomlist-highlights-color" = "#323232"; + "roomlist-separator-color" = "#4c4c4c"; + "timeline-background-color" = "#000000"; + "timeline-text-color" = "#e5e5e5"; + "timeline-text-secondary-color" = "#b2b2b2"; + "timeline-highlights-color" = "#212121"; + "reaction-row-button-selected-bg-color" = "#cc7b19"; + }; + } + ]; + }; + }; + }; + }) + ]; +} diff --git a/modules/services/nginx.nix b/modules/services/nginx.nix new file mode 100644 index 0000000..f3c423d --- /dev/null +++ b/modules/services/nginx.nix @@ -0,0 +1,28 @@ +{ config, lib, pkgs, ... }: +let + nathan = config.nathan; +in +with lib; +{ + config = mkMerge [ + (mkIf nathan.services.nginx.enable { + networking.firewall = { + allowedTCPPorts = [ 80 443 ]; + allowedUDPPorts = [ 80 443 ]; + }; + services.nginx = { + enable = true; + recommendedTlsSettings = true; + recommendedOptimisation = true; + recommendedGzipSettings = true; + recommendedProxySettings = true; + }; + }) + (mkIf nathan.services.nginx.acme { + security.acme = { + defaults.email = nathan.config.email; + acceptTerms = true; + }; + }) + ]; +} diff --git a/secrets/oracles/backblaze.yaml b/secrets/oracles/backblaze.yaml new file mode 100644 index 0000000..8f183fb --- /dev/null +++ b/secrets/oracles/backblaze.yaml @@ -0,0 +1,30 @@ +friendpack-backblaze: ENC[AES256_GCM,data:TcxDtV1LZFh0tvTC2DkSsQ+FyK06s8X4dSmDInHNvQ==,iv:470Z+fHKQpmMNg4NlIduLFflnOCZ+3wa2pS2Tnw7/t4=,tag:1bY/+pnbUwK2pzbbwRG30Q==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1ud80054jwf6ff7xx65ta6g7qxx2flc24r5gyyfjz43kvppjutqyskr2qm2 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDei8zQld4YTQvS0VJV1R3 + TE1oOTZsU2kvWnVBS05WWTdibUkyOXJRbVhNCm8yY0tQSFFpMXBQSytTVEJGYXZn + eFlhNmJ4TTZPazFZd2lDN0pPMWtoT3MKLS0tIEllNzJGYjBZUFl1aU9RR2NaTXBV + b0IxaEZFMVRtUUpoSDRuQWJpd1JHY2sK6NAJ2va2i3/jy3VRcEz1iqSrOsXTUY3q + GQQKTWoWhQWTkQ9XK5EW5+WQJjQXFVghOpIk01VBLePUtT0EozZe0w== + -----END AGE ENCRYPTED FILE----- + - recipient: age12ayrv88xjt4r276fzc9du70x8q0r7xutt85vj627ykf4k8kgms4sc6wywn + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4eElpaG9idkQ4Z1F5alU3 + Z09YdDFxZ3BuZTlRY0VtR2FuZ25zNzVzb3lrClNGUHViYkE4eWJiSzIydjlVR0lJ + YnhCYjV0MUF4aVd0YWZReHlvSkp6WUEKLS0tIGJUelNIWVA3TGsvTWdUdDd1NXpv + RTVPZ2tMZ1RCOXBSMVJHelpGd2l6VVkKRgFUa32eIG77lJ4nQhLLM+BI4+M983aO + Oli0jk1bhAdbySslnkCdnmu7V8ps/1xERstJrXzijR5/8sy+bpOt6w== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2022-08-29T23:18:03Z" + mac: ENC[AES256_GCM,data:+4BPXOyd2ZN+w1C5WwM6zNXSuYWMw/SwYW/kjaNGrLVzC44wpKsvdZgzcRgLu3o6AKNNXJTNtfZgwOVSu5prq7ZUefDS6xSxgct9rQoDJ94hSR9YnVVBdAKxbshhkfAA3wBwh0eIfBB0axV2QdO7T58lgQ+BPKNxVxHTQP6EVuM=,iv:9bTZ2xZCBNDqt9VeICZwG8v4QIP45566c4fbSt/jyNA=,tag:ozvyQcS+DvpcQNzW/OSvHg==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.7.3 diff --git a/secrets/oracles/borg.yaml b/secrets/oracles/borg.yaml new file mode 100644 index 0000000..1d98328 --- /dev/null +++ b/secrets/oracles/borg.yaml @@ -0,0 +1,31 @@ +borg-ssh-key: ENC[AES256_GCM,data:1ELyipwSOVLZf9mK8sfBmbMmGWlWpzhlam9eRCOJbnQEdEvtjAApjJAM0aqNLP91lP2J+39a/HZa6MWYcv4HkD10qJpBacXZJcm9aWIjlV8oJnaepeaI40raZxzbMyfTP2Kj5Yzm0mlnGNHldKZOE5zzV7zHC8Zlz1PSpS0Tl3azqJT6s574308f1rX3W0BYIa6yCTKD94k1Fgbv956QYrbx1h8MOpo4EdRWsekwYd5dtXn7JdRnDU+KnXl5DZkfmQlmOnVypeP5XlDVo5JCQ+aA2H6elN1rIAT4eCXvddhK0vt9PLB09l90Q0t+9u/2c53Y5SJqx1Ae5Odd7TfMq2x60KvZDEUyHDOxCAIoIsWaArLg+3iyr23TcRifMeZthaLuWYlycdL/wrn5J/R/mmNv2E7A97ICS55zc06MJqFq8Vf9B1zCHIZSS1GbEU9t8TtzU03ynO3PuLPGq8IB1klcJ0Yul0pPemEhWHeISME5paZR8NjcPytJmhG/9pg7EWWLXVMeH0jb8cbVPnTjtkgxWrsqTI4er1Aw,iv:X9VtEBp7g0Tdkc23gW+3xRrrjIXcpo1fvbjo9vA+Uxg=,tag:G8yGWa1aU0mWU/qgUFRQTw==,type:str] +borg-password: ENC[AES256_GCM,data:PQxjLaJmS26bXzHO4DsTLN/+8DdgkaO9/1KeEpPIXOFnQ5XkphI3jSQWamsCQcylL+4YJA==,iv:nVSFLMC6z+cAgS584V2UEb1utUOw+LJoZjtqeyTZvGA=,tag:xVx9/2O3jH2SV9N+33gqbQ==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1ud80054jwf6ff7xx65ta6g7qxx2flc24r5gyyfjz43kvppjutqyskr2qm2 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvaWZELzZGWlVmcmRiM01q + UWZXbEJFZzQ2VFVJWlRtK2Rld2FsalY1VHlJCnl1OERkUlNDNjBTaUl3cXNUTkQ0 + aklxUlNEZ2FYamRYcVVwRFdKWUY1SmMKLS0tIC9LeUdFakl1VUNMaVFhQm1LUVZl + MndDcVRFMGFzczJsMFNkUFBkdUx3TGsKJirbvAOkXRIJzBN/lm0rwaC62j5/AdE5 + ADmeAgnM3xxv67VvGUM8SvaUDPmckBig5gIX2GREVAxQzuldTCC86Q== + -----END AGE ENCRYPTED FILE----- + - recipient: age12ayrv88xjt4r276fzc9du70x8q0r7xutt85vj627ykf4k8kgms4sc6wywn + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBaclgzckxYR3NtdzYrU2Mw + eWw1T3haMTJNWkhTOXdCS0pvUTM1Zm5QSkdvCjN1dUoxck1uNDlFRjVLMEJOSG5L + Y2E4Qkg3RktXdWxTYUxxRUJMM1hYOVkKLS0tIFg0SUN4ZGozRXQvQ082eUZreEla + WWNZMVIwMTU2THR2WVAwc2orTTRNQjQK0XZ6ASJmcRYCrvLsaNFzO6jdz32Leo7g + O5g8rQPQpc2C4IV47fYV7GQCDQoTrwNqi1fLscPzhWThYPvDTSPiqA== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2022-08-29T23:34:24Z" + mac: ENC[AES256_GCM,data:0cvTPHwmYbUhPojKG9qtULFQapKjaLBlwfTTllgUVJ/o79VODSu66xPszZfy9uxnIVodTtU5x0ooGDn41iyIml7apoKH0gTipZ2iEPYy+l/trnshFw9BuMtxcvsvAWrXpcYy4ygKYLagm040cfCpGfahXAFmenPhzOv1Wy/B+Jk=,iv:vjMUECHJKNaFGb2DgK0wbiYOJ3/1gpLG5ChsgsMWzok=,tag:cmbYR0iKN8k1sKOC9GeTHg==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.7.3