Compare commits

..

No commits in common. "dad01767b54da9d9935cae94ad2761496512f341" and "9a1278a3fc9002d88da0139a79868033c274245e" have entirely different histories.

13 changed files with 489 additions and 107 deletions

20
.github/workflows/update_flake.yml vendored Normal file
View File

@ -0,0 +1,20 @@
name: update-flake-lock
on:
workflow_dispatch: # allows manual triggering
schedule:
- cron: '0 0 * * 1' # runs weekly on monday at 00:00
jobs:
lockfile:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v2
- name: Install Nix
uses: cachix/install-nix-action@v16
- name: Update flake.lock
uses: DeterminateSystems/update-flake-lock@v9
with:
pr-title: "Update flake.lock" # Title of PR to be created

View File

@ -5,6 +5,7 @@ keys:
- &oracles age12ayrv88xjt4r276fzc9du70x8q0r7xutt85vj627ykf4k8kgms4sc6wywn
- &perception age1rztv2778cf2dcpzcpth888cq7u3rdsl7tfuhv4sddysdnqjxaevqg72t5l
- &shadowchild age10zd0y2zpty2z39sh2qe66yuu9jd6hrcd3ag2wqtjp8tc579nmphsymhdla
- &matrix age1pm647k04hhwm2dmqh07hnzflkurfevefcyf8xlhmc83a07n77e3sltyt0d
- &tounge age15vjvppw2gzjwmtlptefhrhqtjyu0a07v488a9s25a3k2vtpqc9uqvw6vl6
- &fusion age1fe57fel46lk5n9t34lh5nl909gk88trwy9ttgxqk3up9d83wxsnsdmuu3a
- &pendulum age1448z8f03hgnem2qeh2020k5tyma4hv365af8fyk4t2vhefedcscsdjs53k
@ -18,6 +19,7 @@ creation_rules:
- *oracles
- *perception
- *shadowchild
- *matrix
- *tounge
- *fusion
- *pendulum
@ -37,6 +39,11 @@ creation_rules:
- age:
- *nathan
- *oracles
- path_regex: secrets/matrix
key_groups:
- age:
- *nathan
- *matrix
- path_regex: secrets/perception
key_groups:
- age:

View File

@ -0,0 +1,22 @@
-----BEGIN CERTIFICATE-----
MIIDqzCCApOgAwIBAgIRAJ8hYGGIdDyn13K0d/euZzgwDQYJKoZIhvcNAQELBQAw
VzELMAkGA1UEBhMCQ0gxHzAdBgNVBAoTFlByb3RvbiBUZWNobm9sb2dpZXMgQUcx
EzARBgNVBAsTClByb3Rvbk1haWwxEjAQBgNVBAMTCTEyNy4wLjAuMTAeFw0yMjA2
MjgxMjM0MzRaFw00MjA2MjMxMjM0MzRaMFcxCzAJBgNVBAYTAkNIMR8wHQYDVQQK
ExZQcm90b24gVGVjaG5vbG9naWVzIEFHMRMwEQYDVQQLEwpQcm90b25NYWlsMRIw
EAYDVQQDEwkxMjcuMC4wLjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDL1asnn8Z9Uvk8zT9hfdCG2MuHfSYSNi4/RNqzA0kACfCw8/fKQx+FDJOWuZAH
7ZJA8+xk3W+AS2VTb35+TtwWSyIE/9cc4exTSx52Mv/EdhrSCbIBPGmp6MPiLFCf
5xPD7Df6WbfGuTcfc6sBIUPcN9qZmud2tiHCb6CCvyWpTrLjaSCAx5eRB4mKlqiz
bFaTrEal/DSgrtziMRwawCLMH3Q7/6PQNTpXzOGXhrhy3b9Fi7aLLHztQWr23C9K
RI22TgawYh/rG7xd/tjSm7qJkhsqvFoq/41I4c/PMNTpVuCWYQyBr7pm9CxrvIsA
of6vbMScUT+h3pWl/cz1lNrhAgMBAAGjcjBwMA4GA1UdDwEB/wQEAwICpDAdBgNV
HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDwYDVR0TAQH/BAUwAwEB/zAdBgNV
HQ4EFgQUwqc9Wvucag5zHRnlXw6Ti3kt3aAwDwYDVR0RBAgwBocEfwAAATANBgkq
hkiG9w0BAQsFAAOCAQEAp0YD/BlWvjE7PBMnpR4LOJO/RqxtUgaKMb1DiFCtrBai
n3MHJEVaZsFNk7Golm2ZihmfTFou60JFpt7FtspgQp8XzIA0oXnGqB+6EYFfmC8X
aJK1yrOI1R+nYCY99BGZ8BzyhwXh7ofNQt1+SzP7iBA1HwDy19HVQTRedt3rm61Q
WKudhxo8IIhWSTQ2OLYMSU1PrSdPjS+wUBY8rqrXz6xdHT5yxcwMyTURQJmF6GGl
dCVv5Q89hrvG26rv6ycldLMRbBlaAoNr8JCSbHPpU/KQybSsga0Qui7z0w7mYT4z
NJNXADYysmkqbNuj8pAGTzio64EFqQCDbkWOW7DlSQ==
-----END CERTIFICATE-----

View File

@ -129,6 +129,15 @@
];
};
matrix = makeNixosSystem {
system = "x86_64-linux";
hostName = "matrix";
extraModules = [
./machines/matrix/hardware.nix
./machines/matrix/configuration.nix
];
};
tounge = makeNixosSystem {
system = "aarch64-linux";
hostName = "tounge";

View File

@ -44,6 +44,11 @@ with lib; {
user = "nathan";
hostname = "172.23.217.149";
};
"matrix.community.rs" = {
forwardAgent = true;
user = "nathan";
hostname = "100.113.74.107";
};
"fusion" = {
forwardAgent = true;
user = "nathan";

View File

@ -0,0 +1,208 @@
{ config, lib, pkgs, inputs, ... }:
{
# Sops setup for this machine
sops.secrets = {
"borg-ssh-key" = {
sopsFile = ../../secrets/matrix/borg.yaml;
format = "yaml";
};
"borg-password" = {
sopsFile = ../../secrets/matrix/borg.yaml;
format = "yaml";
};
# "matrix-secrets.yaml" = {
# owner = "matrix-synapse";
# format = "binary";
# sopsFile = ../../secrets/matrix/recaptcha;
# };
};
# Setup system configuration
nathan = {
services = {
nginx = {
enable = true;
acme = true;
};
matrix = {
enable = false;
baseDomain = "community.rs";
enableRegistration = true;
};
borg = {
enable = true;
extraExcludes = [
"*/.cache"
"*/.tmp"
"/var/lib/redis"
"/var/lib/docker"
"/var/log"
"/var/minecraft"
"/var/sharedstore"
];
passwordFile = config.sops.secrets."borg-password".path;
sshKey = config.sops.secrets."borg-ssh-key".path;
};
# postgresql.backup = true;
# Disabled for now due to lack of space :(, waiting for pendulum to get fixed so I can migrate over to it
postgresql.backup = false;
};
config = {
setupGrub = false;
nix = {
autoUpdate = true;
autoGC = true;
};
harden = false;
virtualization = { docker = true; };
};
};
# Configure bootloader
boot.loader.grub.enable = true;
boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only
boot.loader.grub.forceInstall = true;
boot.loader.timeout = 10;
boot.loader.grub.extraConfig = ''
serial --speed=19200 --unit=0 --word=8 --parity=no --stop=1;
terminal_input serial;
terminal_output serial
'';
boot.kernelParams = [ "console=ttyS0" ];
# Configure networking
networking = {
domain = "community.rs";
useDHCP = false;
interfaces.enp0s5.useDHCP = true;
nameservers = [ "1.1.1.1" ];
# Open ports in firewall
firewall = { };
};
# Set postgresql version
# services.postgresql.package = pkgs.postgresql_15;
# Setup home manager
home-manager.users.nathan = import ./home.nix;
# Create www-html group
users.groups.www-html.gid = 6848;
# Add shaurya
users.users.shaurya = {
isNormalUser = true;
home = "/home/shaurya";
description = "Shaurya";
extraGroups = [ "www-html" ];
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDA8BwFgWGrX5is2rQV+T0dy4MUWhfpE5EzYxjgLuH1V shauryashubham1234567890@gmail.com"
];
shell = pkgs.nushell;
};
# Add www-html for my self
users.users.nathan = { extraGroups = [ "www-html" ]; };
# Configure matrix registration
# services.matrix-synapse = {
# settings = {
# enable_registration_captcha = true;
# allow_guest_access = false;
# allow_public_rooms_over_federation = true;
# experimental_features = { spaces_enabled = true; };
# auto_join_rooms =
# [ "#space:community.rs" "#rules:community.rs" "#info:community.rs" ];
# turn_uris = [
# # "turn:turn.community.rs:3478?transport=udp"
# # "turn:turn.community.rs:3478?transport=tcp"
# ];
# # turn_user_lifetime = "1h";
# };
# extraConfigFiles = [ config.sops.secrets."matrix-secrets.yaml".path ];
# };
# # Install our utilties
# environment.systemPackages = with pkgs; [ matrix-synapse-tools.synadm ];
# # Setup a task to cleanup the database
# systemd.services.synapse-db-cleanup = {
# serviceConfig = {
# Type = "oneshot";
# User = "postgres";
# Group = "postgres";
# };
# path = with pkgs; [ matrix-synapse-tools.rust-synapse-compress-state ];
# script = ''
# synapse_auto_compressor -p "user=matrix-synapse password=synapse dbname=synapse host=localhost" -c 500 -n 100
# '';
# };
# systemd.timers.synapse-db-cleanup = {
# wantedBy = [ "timers.target" ];
# partOf = [ "synapse-db-cleanup.service" ];
# timerConfig = {
# # Weekly on sunday mornings
# OnCalendar = "Sun, 5:00";
# Unit = "synapse-db-cleanup.service";
# };
# };
# Configure the vhost for the domain
services.nginx.virtualHosts = let
fqdn = let
join = hostName: domain:
hostName + lib.optionalString (domain != null) ".${domain}";
in join config.networking.hostName config.networking.domain;
in {
"${config.networking.domain}" = {
enableACME = true;
forceSSL = true;
locations."= /.well-known/matrix/server".extraConfig = let
# use 443 instead of the default 8448 port to unite
# the client-server and server-server port for simplicity
server = { "m.server" = "${fqdn}:443"; };
in ''
add_header Content-Type application/json;
return 200 '${builtins.toJSON server}';
'';
locations."= /.well-known/matrix/client".extraConfig = let
client = {
"m.homeserver" = { "base_url" = "https://${fqdn}"; };
"m.identity_server" = { "base_url" = "https://vector.im"; };
};
# ACAO required to allow element-web on any URL to request this json file
in ''
add_header Content-Type application/json;
add_header Access-Control-Allow-Origin *;
return 200 '${builtins.toJSON client}';
'';
locations."/".extraConfig = ''
rewrite ^(.*)$ http://www.community.rs$1 redirect;
'';
};
# Main domain
"www.community.rs" = {
enableACME = true;
forceSSL = true;
locations."= /.well-known/matrix/server".extraConfig = let
# use 443 instead of the default 8448 port to unite
# the client-server and server-server port for simplicity
server = { "m.server" = "${fqdn}:443"; };
in ''
add_header Content-Type application/json;
return 200 '${builtins.toJSON server}';
'';
locations."= /.well-known/matrix/client".extraConfig = let
client = {
"m.homeserver" = { "base_url" = "https://${fqdn}"; };
"m.identity_server" = { "base_url" = "https://vector.im"; };
};
# ACAO required to allow element-web on any URL to request this json file
in ''
add_header Content-Type application/json;
add_header Access-Control-Allow-Origin *;
return 200 '${builtins.toJSON client}';
'';
root = "/var/www";
};
};
}

View File

@ -0,0 +1,53 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
boot.initrd.availableKernelModules =
[ "virtio_pci" "virtio_scsi" "ahci" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
fileSystems."/" = {
device = "/dev/disk/by-uuid/88f5bc7a-0101-4f10-8863-25def54bab4b";
fsType = "btrfs";
options = [ "subvol=root,compress-force=zstd:1" ];
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/61AB-C10E";
fsType = "vfat";
};
fileSystems."/home" = {
device = "/dev/disk/by-uuid/88f5bc7a-0101-4f10-8863-25def54bab4b";
fsType = "btrfs";
options = [ "subvol=home,compress-force=zstd:1" ];
};
fileSystems."/etc" = {
device = "/dev/disk/by-uuid/88f5bc7a-0101-4f10-8863-25def54bab4b";
fsType = "btrfs";
options = [ "subvol=etc,compress-force=zstd:1" ];
};
fileSystems."/var" = {
device = "/dev/disk/by-uuid/88f5bc7a-0101-4f10-8863-25def54bab4b";
fsType = "btrfs";
options = [ "subvol=var,compress-force=zstd:1" ];
};
fileSystems."/nix" = {
device = "/dev/disk/by-uuid/88f5bc7a-0101-4f10-8863-25def54bab4b";
fsType = "btrfs";
options = [ "subvol=nix,compress-force=zstd:6" ];
};
swapDevices =
[{ device = "/dev/disk/by-uuid/09eb9e97-3105-4b60-88f7-ac3a01a2c130"; }];
}

3
machines/matrix/home.nix Normal file
View File

@ -0,0 +1,3 @@
{ config, lib, pkgs, ... }:
{ }

View File

@ -1,4 +1,4 @@
friendpack-backblaze: ENC[AES256_GCM,data:jyLuOC4STpf+CRJhgTr8v3oYtlTbdSU2F4WlBDs3Wg==,iv:VpDfdQ8MqqRje6DlZOJ01b7ZHmrD0g+ADtj/KQY+LR0=,tag:ejljbLuIA1ZdiqMbFF0YyA==,type:str]
friendpack-backblaze: ENC[AES256_GCM,data:yafGzeKPXujuTW8ur57WNTQLiwrMeffz2+Mj3+Iuhw==,iv:VpDfdQ8MqqRje6DlZOJ01b7ZHmrD0g+ADtj/KQY+LR0=,tag:u7wTFO+bIUZSiWUbm4epVg==,type:str]
sops:
kms: []
gcp_kms: []
@ -8,95 +8,95 @@ sops:
- recipient: age1ud80054jwf6ff7xx65ta6g7qxx2flc24r5gyyfjz43kvppjutqyskr2qm2
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzT3dSa2RSVVlsQ1AwVUFx
WTAyOGpHUU9Gb1pCczBrRHlxNWJVc3lUWHp3CkI0NUMyb2hZYWtMYVAzMm13Vmdr
QTdLTlBqV294b1BSd0I4anA2c3lGSUUKLS0tIEhnNCtMOHRSZnFoZFJWMDZla0RK
eEZrNktza3ZVNE9RKzUxa3hyVk0ramcKVTB5f0PHjehDVrWpqY1AxpdOq3mJ5OLs
MeHcan2WbcCjI5xCKgSVh3IhOr6/8uuAnuzWyekXRwWMkXrfhnSZLQ==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3TEZYTlBDYzFUUitzZU4y
V3BxNmFyUTVKZjgwTTU1R1IvNkJqKzMvZUJRCjFWc3JqY3RrNG45QXBWRUNNTVRN
b1ViUHcyb2hjb2FPRHBDVFhqT0o0dWcKLS0tIFRTMFVmbm1icTExOGF3TmEySTRM
aDVjUlJzV1RWcHEwdFNtQTRYWTlKYWsK/fEC8/g52TiGVy8hNcqIX5D1aq39141q
qw69uMchxVV5Ii6C0fPIG/KcEaAqZUOUrJyQSjpvt3fvcbFWMMZnaw==
-----END AGE ENCRYPTED FILE-----
- recipient: age1tsq68swufcjq6qavqpzrtse4474p5gs58v6qp6w7gum49yz45cgsegxhuw
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWbG5EZU5neTZsQ2k3dU80
ckoxVlVsRE5hOGFaTWhxRy9IUGpzMTg5WUJNCk4ybE9iU2hWTUFyVTVHN2ZhQisx
YXVaSE1uaDA1a20xaE5uVlpVQnVzc2cKLS0tIGdUWnNySnEyRjhUVjJvNWs4bUFy
VnNOYTZ0aU0reEY1TjZaRGpuc21CaUEKfMEzuliQavzqTSmoLGUnBqe0KBrJ8FiE
turGifXRgy4CLhF2J56TGL67GMhN09OfEACpxCvSy1m7s7npX02v7w==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBMNG1Ma3c3UXAxd1hNenkr
bTBRYWtwMFpPRmZnbW9xSXU2Um1NOFhra3hnCnhVSVh1ZTNFSjNnSUVJS2s3NDhp
SWhLY2JTc1drNll0MnpiZ2lwc2ZnZHMKLS0tIGY3NXFyMys3aGp4czJaOERWeGgr
STNtYzZVQzBpcTRBZFVtMTBDbmxYNDQKyQP2mirnlsgbRFj+/w1DzHugKpU1OqjU
D7GJ/gB6WHR/7ezhR9RHDnE4FvI78HZqSF6nF0T7dtuGoVUgD5t+cg==
-----END AGE ENCRYPTED FILE-----
- recipient: age12ayrv88xjt4r276fzc9du70x8q0r7xutt85vj627ykf4k8kgms4sc6wywn
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBrV2JPb05QbHlvM1ZCcldW
RHA3WWcxdDZzeXhER3ZmOFYyKzJUODZ0RG1RCnQrWkxzR21lT0h0MW1Sak1xbmVR
NjBldDV6Q1prY0ZCaGIyWTJPeUFBZ2MKLS0tIEQ4L2YwS3RTVTU5SGRHaU0zQ2Vy
QzVMZHA2OG5uV1RQR3RFdDdLOXB1UEkKcodgSDURy4Zx4rksr7OGWufjxZoB1NiD
a3boJwF9Q1IQsb+Xv/uGSXiYp/t65+jwoPtKT45hUDteA+G/ezBn1Q==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGSFBlbDlnV1BoZllBdWFE
dWJ0U05rNktURnRjMHpWMWh0czhJdWQ3L0RzCi9Belgyc2hEbVVpblBXS1hEbElK
bmRlZXBsQkNWdjQ3aXdaTmpyVWdwbE0KLS0tIFVyUStURWV2ZnhxQVc5MlJ6UGJG
TjNNS09oUXdTMENJcVZJdWxscGFSajAKaQF5yzZpVDGxQuG0CbtxSiWGO+qm0eNC
55v6auPyf1D+4kX+67lm9uahqRvPauiZAYNKRo5XE1VB9j9vp4K+OA==
-----END AGE ENCRYPTED FILE-----
- recipient: age1rztv2778cf2dcpzcpth888cq7u3rdsl7tfuhv4sddysdnqjxaevqg72t5l
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkb1VvWGlrL2UrY0llVEE1
VjNic0pKdFlsaXlRUDVJUktJdFRMU09zOVR3CnBkUy81K3BKQUUyTVV2VitRSUdi
QXhhK2h3dytrL2RIY3EzUmxTNDQ4ME0KLS0tIDlhMm5mN1VvdU45SWcxVHE2bGNX
VkVBM2lycHdyMU5Gb01HVllWdVZvdVEK14BEJ9d1555Ry7m/7Mo8K5dwL79Wm82D
tTpSjTH3JIPx30HOE05boZavbmgDZu7In+ROnPZ6ZDNo+7pqNkwUwQ==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBySW1hbHkrK3FkZ3ZsdlA1
Y3k5b3pXWE5WOERDcXozMFB6dmZtVUhqSmlNCndFUU9hQ3JUSmtvRXNpNnpNQTh4
ZHZ0R0p0M29idk5kdHUvOWM4UFNybkEKLS0tIDY1T09DZ1UxcHJWQXRIQmt6OXBi
M2tZTEU0cnd3YWNKY1ZXK0cxdk5MSDAKxCenZzmFz0idBct3GmYZDVs1Y/4GWsA+
6kaPHwXAyXPwSL3jnzJvFnYPXazV7A3dafQAcrMnhHBISJfxlizf+Q==
-----END AGE ENCRYPTED FILE-----
- recipient: age10zd0y2zpty2z39sh2qe66yuu9jd6hrcd3ag2wqtjp8tc579nmphsymhdla
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1endBbVJXM2tjL1lkNkwr
N2h4S0Z3YkJoNUlwVTRMWjV2Rzg5eWU1cWtJClFYQ09hL2RnZTFkdzN1RHhzWFVz
ajlsMldSbnR6N3FWNk5sSmNZZm0xZzgKLS0tIFJGZWFLUmlkWDZjLzBjSFlzRnBL
ZmtOWWFhUnUrS2VnWFpMT0FjbmZXU00KuJxbxf2C8ItS6TiyVN//ZU9fzFNJVl12
aXcg3M23t0zt95fCTzpOhjYJYcl78eHi7hMaZf91TZ/BctSXEt8K/w==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAyVW9hZ3RucGtIV01sRVhP
bldxL3YwTkNwZUVnUVppWmFuYkVXa1NUT3owCkxnVjBpWDRWN0g3emJhbkd0MGxG
d3FjZVNMNHV6cEhpQ0RTZVhnNW01Y1EKLS0tIFNTRU81NGJvUGVydlNwSU9qdlIx
ckN1K29naUsxa01UV1BocFFuOUZsS2MKHXE/fRTx/pDB+w9XSUcKTz7v2Ph3s3lE
BvllpBFb3Uni+w9e8az0udstX6Qm6Xod6j8cvvKw/rdNk6uVHMyNHg==
-----END AGE ENCRYPTED FILE-----
- recipient: age1pm647k04hhwm2dmqh07hnzflkurfevefcyf8xlhmc83a07n77e3sltyt0d
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBucG12ZjM2eXkrYUU2ZnRa
YWlQWHdXejBNbjlMOVpWWXlEa01sa0pCSjJvCmJ6YjdnNGVVaUVFTWt3dGk0Z2hM
ZC9wSGxuQXRPdkRzM0REWlVQSEZkT28KLS0tIEFoTXBOd0F0UG0yR2Y5VXhKcXlB
VHdpUGhrdXllRjBMOStwbWhtTjVMeFEKeBCGthxWLojR9LePe9r5bXyYcGHD3RWv
c6yGiQrRHvdVGuCUkzfIX3H6zLiF0mHFSWICbD+KQt236mtBoLewWQ==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvTFd0a1RzTUhlNWpHMCtC
cXJRTzRIQUZhWjhvbGphc25jbUswa050cjAwCk1ZSTZud3hjaGpPOWVicEEwSFJM
M3Y3bUw4aDNNOHZpVEt5VURqNUlJaEEKLS0tIEhaS01LVDRwbkIzbW8xRStJaXNZ
MWRTOGxyMW1lZ0RZNFJXRGtoRS9pMGMKtxPfgj2ovYJ9epPudKJvHXsi7ep7TshW
LlDIumsir/ydJ6Sb2RX5FYC6WijUgRSoRezeHC6hlxbX0AfHPLoKMA==
-----END AGE ENCRYPTED FILE-----
- recipient: age15vjvppw2gzjwmtlptefhrhqtjyu0a07v488a9s25a3k2vtpqc9uqvw6vl6
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQQVB4VmhiY0x2RDcxVWVr
VmNJbjBpSytzZDUrejhJTzhXYjJST0ZkM1FZClZkUmZGbE0xQjlWcVQwLzUyMjJO
eWY1aXZ0VnFSMmVzMDNwdUJkd0JlZjgKLS0tIDhjK0hicXdvZUwzSXlZSlg1UkFo
dDR2aWh0SkFyM0w1M29qZVRIVFhQQW8K2y2QUI3FFFov7KO3fsaBNV1ldzNu2Lld
RkP83ZBe82FrcYbEiR1XCZsQ/i42i3fignjSwxFL0VgZvRG+hSDbdw==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPc3NodkllaGt2VkptN1cv
aFY2bmtKeDdjei9hRmdGUlFPZWhjMnFTZENJClpzd21VZDBXVDc4V2h1STBUb2Jk
VHZadHorVFFISHpCR1dXd1ZHLzQzQm8KLS0tIHlKcFhUYmo2bEVCeVIzVVVDR0xL
ZFRTTzd1MDhXWFM5NE9Sb0g5N0dnUDQKUlv6cQ0BYJEJ8Q/3Z5Wq9ZJl3mZRNV2y
Yjvp42Oei9YFmjhduSfJrveKB9sAHyOWYXPeYSgTLC1S/CgV5b7FPQ==
-----END AGE ENCRYPTED FILE-----
- recipient: age1fe57fel46lk5n9t34lh5nl909gk88trwy9ttgxqk3up9d83wxsnsdmuu3a
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhZG82NndPdTBLaG0vRDNO
VkVtWU9UM01PVmM2ZlZDS1BFNFA5NVFveUE0ClN1WXVONHYyZEEzVXBobVBFUy90
YS91emxOZ1VSU2xjaXNrSU41enJKTXcKLS0tIDdydVJiS1daemJpWFhneHpYak9P
cC83cXp4b2ZDOHA3dS9UWFIwOFdRZ2MKYqq5YbEbONQtVOYgl0MdijbUPrtLahFj
ukJZSyZ6M6Si3edNyQqCax1IaLmi5tsuHWFxY0+YpuZFPbfas6qEqw==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBCZktuZlBxemxYRjZwVEFR
UTNhMEluVHZxMGp0eThMbVR6enQxU0tpTlVrCk0vY2RVT3JjTHk4dURPVXRxNysr
cnltby9uK2EvV0F1TmxBZTFRUVViSDAKLS0tIFpKZThyRHNqMEFKR2xXTFhwYm91
a0l0L05IbWkvc2Q2NGNGYzMwVHh0Y1kKtVmy4lZqdplhyg5c2izoTPrg6tCpY4Cu
f9Ay7zhbSWKYjI0/MExOPjVHuIpnpZw3nN4uLqqs6/ZD0h2CTHg3sQ==
-----END AGE ENCRYPTED FILE-----
- recipient: age1448z8f03hgnem2qeh2020k5tyma4hv365af8fyk4t2vhefedcscsdjs53k
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvdXlDMmRKNCtHNjlwMmRp
a2J3bXl4Vno4QVpSUDZ0c2V3RVl2VmJCUVVVCkpzNUdNZWtCbE9ZL3hmcW9sVGFy
TVlzU0g3UUJYK294UGYzbmQyRWdBY1kKLS0tIEFlMmxaeUZrNm5hQVRObXZKVnp3
KzY3bzN4cFo5N1V6d1ZvK0NlZXVQTEkKwGXRATtM/LOumyZnn04iVD41AWOvtOv4
shp+awk9HwbYmdwjkYjgVkBc1f9Lj8y928POJKb/82sLiduwnqoZZA==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBEcjkwODRBaDU5VUt2THZD
MVpPNVJoVG9WZmYyMllRQUpCbEJ4N1pSaXpVCmhGN0p6UmlpR2pCak5LcklML1FH
ZWg0MktST2YxNk1IYkkxK2dJSThEQmMKLS0tIEtvVTBva0VKeVFVV0l4NE9tS1Yy
ZjBGdmpuVU5uNkwvVnU4UXN1ZlVQdTAKWXM0Mk4gEOG+mTOtQttrOgtTcAjSr3Me
VW3g97AZRk5Sk+/hEAN1m8IOANfg8AuyGqOrWAek9tVK7hdfj5a0ig==
-----END AGE ENCRYPTED FILE-----
- recipient: age1n5g03x8p54kzx9nktqgasjugqjydz8u0rw9zcdx5l9c486h3me6qtnh57s
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYUnJ6UXl0eWgwcW9PZ21F
cW1uZmRNZmdHQTJqM04xVVFqNmYzTFJSNXhJClN2bExNRnJ1SlVQNFNRRUhrM1JS
UkZlTVhVbkJzT0RPbU9sZEhwUTY2M0EKLS0tIDRuVlNYTVB3YnpOMVNzSWhKRjAy
UFBlZzh4RmlqeDJObHBjVE15OWxTSFkKiA2tAYCtczw9s24peB2UP2K3rRNknMrs
vsG5QFdBj6zVEh4RgApbdJtgywJR2948Rl0AiK3Rn9TalILDQ/dNKQ==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBpSk9ISk5xOExuUy9VVFpT
MnJDRndZSHRCUElvaVdqOEV0emJQRzJyVjNVCjlhSGZ5MVlObVVKb1c0QjJCOHdS
NE1xekI2UkEwV0lhNll6N2w0eFZvMGcKLS0tIFZhT1VHdE9DWXVKalNWSjVvUFpa
QUFPMlVzK1dweXRpWWIyai91SmxLWlkKFB6DAkSj1YDrd00coLzDEMo2BnPyWWXh
mgvc1ecvfOUz1JU5Nb+UOkpL/f27YwFKeo6RO6PdE4AYWK2Au9+5jg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-06-10T03:19:45Z"
mac: ENC[AES256_GCM,data:+yckQg21ohxCZxXdMjPZQ2F/5P/W49VSf4Qb6ogEhsb2iWidgaPHNP6CvpbwZmK7zDwzqbvVvkNQ9qQDOSRcgbHit9prK3SbRMznhxQzjM2kc8J5gGGrKZ6fsBdk5WgDkyS4QRcgBEQPtxzhlIYBIG792h1rpptB8fWnFpD+W5A=,iv:dSvDhfDOIb84+HucTwYEQIOyB+rXv6/HQOpB+Vt6g34=,tag:TiMg638AJpQvKhwGgKqV2w==,type:str]
lastmodified: "2023-04-09T03:07:03Z"
mac: ENC[AES256_GCM,data:nnGvDO7znv2oxWYZqwct8WmGIibsYWAAJlAI6vkLqcodqv+ifsPjTOEj5uZPNP5/uI/DpBxj6en/OwQT/hONEy1qIqza9bXJzz8uE2LY+Gp76pWY9RG4RD7/XYlHPrCRlnlXQ4OuCtr9mUkxCjr2iM6475abe3dZ3XnciZwJ7IM=,iv:m/L2QE9/B+lWvzDvBOJwAt67Tg/OkT2kKoSifAdXM6A=,tag:neDhfjzomskfxmRhEhiDGQ==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.7.3

View File

@ -1,4 +1,4 @@
tailscale-auth: ENC[AES256_GCM,data:rq4akkvFppBtRCrTjUCG0WV8tmLd7mjHOz9H1sk8PVYTnVi32uHGys4c7kmP0Ps53NdAivRuIrRr,iv:gQNKvAugadsW65XsD0dLpCyT4CI1Is9QTrwC6hk1pLo=,tag:JrrAVuoHLTsRFukH0zmW7A==,type:str]
tailscale-auth: ENC[AES256_GCM,data:GfDUqO13lQeOKcKYnLuxo4596KO9wA9DTjxNYppX7xkFUEwR5ZeahLfwYN8RvjNFc12PjPo6/759,iv:gQNKvAugadsW65XsD0dLpCyT4CI1Is9QTrwC6hk1pLo=,tag:t4t6GOqSofOgESW6VQ4Buw==,type:str]
sops:
kms: []
gcp_kms: []
@ -8,95 +8,95 @@ sops:
- recipient: age1ud80054jwf6ff7xx65ta6g7qxx2flc24r5gyyfjz43kvppjutqyskr2qm2
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTK2srOE9sRnd6QnNOaGVC
NTFVNmVCTjVBTitMQ1lWNVo1d1FBSkpMUWx3Cmd6S3ZFOEs2ME5uWGJIejJiMm5X
a3J4bWdUdzAvN2FhcXF5b2RLNzBrQUkKLS0tIEpVY1c0alR1K3lnU01zd1pWNXdX
VmRFT1RKaVFhRGhSbXFSKzR0TzNZckUKqtVlhS73QqkKI4GCeyqEk93hMammybuw
sltc9q3BH1d1JofUZoch5ampqRy/H1NonYaagqoE6FJ5ry/dKw9pOQ==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvTGkvMVRaUW4wUEc0cUVm
S2lYRlU5akFaSUxUMisrY012RGJJWDc5R0RrCjJmek1BeFUzSnk2RDVvZGZBRGNH
MjA3S2ZobW1pWTFYZGloMnlVVG9DNkEKLS0tIFZjYW1NaG9GckxITVkzQ0xIWW5l
SExVN1hTdjBVcXhSK3hPUVpZM2l4K3cKZJ4rrT+YRV1DOi6HxCcuiGMZB/rM2YDR
tsdOJYjLhMtifKXYvZZdTLrVnMGj5u/PGalU/WjxT6P2ZbeKNI3lZw==
-----END AGE ENCRYPTED FILE-----
- recipient: age1tsq68swufcjq6qavqpzrtse4474p5gs58v6qp6w7gum49yz45cgsegxhuw
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBqRjdoL1ZPVk1TYmpmc1Nn
M2hMamlZUVBvYTFrZW45Ri9Cck5rTWR5Rm5ZCitmVVdCekFRSDA0dTZad2JVWDFT
RG9kV3FJNko2cWhuZ0NwenRXRUV3UmMKLS0tIHJ2WFhPOUZqaitRYVJYaU13bndL
YlNOZHNDaTBTQzg2UEpHZHdON1BjR0EKFOiT2+DIruOezmuZAdVTFIHtZ4dv61BN
6SYMQYysEpF6yuekAgiwwVo9RE+cVAnUNeL7HZhDz/NojuqghjXHmQ==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBObTFiUEttVzFPKytGcXlu
eURsbTV0QnlpcDA3MlBFaDVBQ284VUV2Y1RJClRmTkhKcEE0V1gxY3ZjbktzdmJi
TEcyU2RINHBuRU51MnVDNTQvMjlOazAKLS0tIEpSTjlzV0dXejdzbjBjanVQcWE4
aFRiRUNIUGNORFB5V2xPeGtQcHU3Qk0K6q1ijt1EYQb8+Ik/t4U5bMDtrgrV0iqR
QcMFbTNvUkCIwgpECjhZRIryRMeSdz+5gt5R4gpIQDiwKQ1cVeGklw==
-----END AGE ENCRYPTED FILE-----
- recipient: age12ayrv88xjt4r276fzc9du70x8q0r7xutt85vj627ykf4k8kgms4sc6wywn
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0M05JSElEUmg1L21Oc25Z
OVduZ0tVSVZnYjZ6OWJRTHRDVTRycmlBVWo0ClhMWTZVaU80Y0g1a0FkVTJRRE52
TGN1RTVjL0EzK0syR2lPWUt3L2JXa2MKLS0tIEpCYmw1NEdXb0lsZ3VDKy9Yejlo
SHh2OEluazlxWkt6T2p0MUIzUzVsd1kKS7dTQsxrgjnqikdpVY3G25kDURQ46Rmt
NlRBcsyICNchzDdzeuEllUA5tBB2gdkuIjWshkz/qzf+qvWVHW+TKw==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJc3AzRDVhUythbG1kb0o0
dENwWUtJY1R5ZjU4UWpNaE1jMDIxbXYrOFRzCmhPRDd0SkxMZm1FQU90YUVuTmwx
ZVN3Z2MrUlZzZUZyZDdGT0l5MzY2MTAKLS0tIGVBZjh0dk5McEF2MnpMcTlHZWNE
OTA1OFV3M1VWaXl2b3g4VHFEVWowWjQK6jMQ3IOrgKv1Mc+2K9aFS0TlRWrIUGjj
fIROoGPFX6tbhUspulPHLc/4k/a2eDSQq4Svu/1/Ey+NtaM7w5Sxgg==
-----END AGE ENCRYPTED FILE-----
- recipient: age1rztv2778cf2dcpzcpth888cq7u3rdsl7tfuhv4sddysdnqjxaevqg72t5l
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkZXRaSGlsOWFIZWdPM0dD
ckQ4S0VMcVBldXgveDVQQ3QrWExyNVJMYkE4CnBITEZZNitHZmZEMVpSZkRDa1hw
b081VlpZYkk1S1g0Rzl6YWl2K3dPZ1UKLS0tIGtPUUdRYzVxWEpPWUR2c0FCYmtr
RmtaUmVxZ1NMZWx0dUR6Sm44VENCVnMK7rakmzbCSSyB6X6JNkyPGaIPwxr5VqjI
0znFs7UX2LZKK4cidhHwuz8HGr4b3XW4ID2YR7yD+B9oRBBaokvcow==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBsRGpvaXNRWDh4b3NqN0NZ
eWhTZEtSZU42UXVOQWg0THdNWWJ1bnBvYlVrCkVhRzdUTytkRVdaYW9KWko1UmZR
elB2WisrcEZYcWdQaFhMdlU2TFBtU1kKLS0tIFlkTkoyU29FQzBEZXhlNUpicDY0
cjJCRkVsVlRITlZzai9OSGFoMHVaUGcKDDOIPSECos83z9xr5ExfmlF8kqcp9om8
vSeNoDt2YHFixDkaTIppf58MAP2GwDJglSSSFhh5U2yP1wftpPBB3Q==
-----END AGE ENCRYPTED FILE-----
- recipient: age10zd0y2zpty2z39sh2qe66yuu9jd6hrcd3ag2wqtjp8tc579nmphsymhdla
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBlWkgyaHg1WEVOb3NUbWIr
R25CYXJxQmdjMHgvMnMwKzZyWEppY2tULzNVCjlHTzBrNXUzV3p1dTZhclh3eG5q
OTltQlkwWXQwTDBHaTBERFVRNDNFV1kKLS0tIGRFWG5kaTBDVnYyS096WHA1S3A2
bkJyTzRtdDNTZTBvckZFbnJxT1FlODQKTNq34PD112FCWBPEiUQZQ6i7tG5FeKtE
0JUnLJfBLwJuZh7rl72qeptfwDgXXdVmDc4bv0W9OItBB8PMA091tg==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBucDVJTzEvcXR6czBlYi96
NGl1OVc1OElkcWtjRmVlNXYwOGhKbEZzSGowCkY5aGxkNVhMR253dHYzVUtiU29q
WU9TQ2oxSHNLTEY4b0JhU3Qwam9UWFEKLS0tIFBBdmY1YVdPSlYrVnZxVDhXWksy
WXd2ZFpST0Rwd2hreHp1RlRlRks3emcKEXDmdzC5wXD9XUWUAaIx21gmiyL/e46P
i1Vqfmgd8aYHPH0bGEtbzTuZOb0diJGf2uxshZ2uoEdySwJNm+LDCA==
-----END AGE ENCRYPTED FILE-----
- recipient: age1pm647k04hhwm2dmqh07hnzflkurfevefcyf8xlhmc83a07n77e3sltyt0d
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBucDh3QlowSFRRc2lBREsz
M3Fqc3BJdEhPbGRQanVvbElPRTNXb241WEcwCkJLM0N5SW9ZbEkwdTdINDErQ2tx
TXhKOGJoZ0pycWZGMnloRFFXbHhySlEKLS0tIEowOXFuNGNFZlhBMmNxbXUzNkkx
U3R2SmR6OXRIRnpob3RaOG9ZbCtTY00KBXQ+V6ugE8BaV6X/Z5OW8lQdSmA8n1Ng
LaXIKD3wAuBeYh9SHzF23/V1q2c5YwFZG8ohIz6CuMo2HYb0wyt1iA==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4aE5CSENFNDNDSHJzWU1B
aXozdUpZcW9yRFZLaS9CRUM4ckppak5lSEQ4CmJiQXZlL2Z6VG9GOFNXWGd1Z2M5
OG8xNW5kYkI3RXpTSzRDTDYzdTlneHMKLS0tIFZPOUZjYTF5NTl1Z0hhd2tLTDBz
OWROVy9mdThmWHkrTHk0K2gwOE9RRmsKjhovNhSSSc7FIbLWIk12PKX83gNlpTkI
FoFvCa3viqsgyb7tM06kfsTKoH+eyQOB27TxmjGDAjUKnUhaieMslg==
-----END AGE ENCRYPTED FILE-----
- recipient: age15vjvppw2gzjwmtlptefhrhqtjyu0a07v488a9s25a3k2vtpqc9uqvw6vl6
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5RlVodE1mNjU2WVRNRHpz
UENoOWZYR2ovbXVBaEZqQkVaK1I1MG5vcHdJCldGRDNJQ1RLYlpRdms3MWFiNHg1
cjRGTkFONzUyNHpabHBsV0x4dHNPNHcKLS0tIDNZb3gzRy9pbmdsdUhPeVYrc3Nk
Z2RIcHZOSkR6eEpjamROQzFPeWhMcEEKA5GXvw+J5wNmQvICodQNtN0LMxDJaKkj
mqJ7DZd1scpxo/GlYPUx4KXRVcnwdG8YLYirCi7XTHIh7v5LmhUzow==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBIazNRODVyS3NwUkxVRmlp
bnhRSzB6T2k3M2NIY3NHQVNKUklCclgrc0RjCjh4cnMxdVBMVmtNNlpHdjdRb0s4
elM1ZHcvdTMvWktrSFloUGU3VituaVEKLS0tIFhNdzFtQmdjZjZMa1hzWWRPWnNw
RlFMY0dWSm9BUGR6bkthUzhGbm9QWW8Kv/JNrYFlL7oeIRQdtxrXXOKmC4eUiSCo
vqmBkL3NzJ+M9OuUG2w5lnokQRfgDLXI9roG2zlR4/B6PlPDpGVQrQ==
-----END AGE ENCRYPTED FILE-----
- recipient: age1fe57fel46lk5n9t34lh5nl909gk88trwy9ttgxqk3up9d83wxsnsdmuu3a
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmRDE1K3BIR2NVRThuaUh3
aFhwcWhaS080QThwOHR6VXhpNWNCdm1IQUNjCmxDSDhZSkRQNUdiRTlKNlAyMXlx
aldVSktMdTFXU0RDYkEvOTB0dDh1TUEKLS0tIGZkWHVCeWEwZ0FLbTFnWHRqQnVj
dGU1TmF3VURud3FERnVGM3Q5WHVQdzQKdC0GsVJ6nqbfQz+6CleHM2jSXLhjFqWY
RV8/4XfvkS7ylav9BvPD2QvP37Woavg/Cje/LYwkAOzddbTTrMPWaw==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1N2xycHNqTzhDUEZIMWF0
SW4yVHk3SFEyNWlWV056R3Z0QjhWNlpGQWtrCjN2N0Zrdkg1K2xBODkxeGhUYThQ
UE0xd2pSNjBTTGRaRDExTUtnanl0N1kKLS0tIFkyekZkL2E5R2p1K2R1Ly9na3pB
WDNQdDFmU3FHQjl1UVkvemxhN0NocVUK+759BUEV9piVipNBeyh/eIYYg7ZA2oaK
VkbjRRBnQ1mrXZG2rs2tflXfnpNpohi4fL+vcT6woFTD+xNIqjnTcg==
-----END AGE ENCRYPTED FILE-----
- recipient: age1448z8f03hgnem2qeh2020k5tyma4hv365af8fyk4t2vhefedcscsdjs53k
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBZY0hvcFpMVkx0UzlKSis5
dy9tTEE4ek1nQTliazQ3Q2pHcUMxeXZLSkY4Cis5UkxZOEJtRTBDRXZhNXljZDZN
WmtSd3M4S1htRmRIZ1pJYzZjSTBKK3MKLS0tIGozYTVWZE0xQWgxaDlDQXFWT2pT
UHRmanRPL0hUYzBnT1RrT2lEZTVpaFUKsGH3W1raIxlr/XbTnW+nvDD+YSuQOF22
vWKrwkDuMrmTvktIkXVbqzLECksmnHbtZqEuFvwleuVfIIueWjLlTA==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxZjFLUm5od2QvL3VWSktp
UmxodlBNMnVhRXNuY1paMFg0UHh5cXkvd1RFCmJXaGRaeTAzN1RhTENFT3gwZy9C
aUEwZEdaVGFObkdVdCtIdkdKVjRBQ3MKLS0tIHdwTG1KNW52WVBORW1uREdobUpU
ay92MldtZnpqVldSb2xYQzgwZnVVcU0KfgkqqMF9mQqJ4hveIFjQnI2JNdHCUAah
N38d4h9qPj+KZk7xS4baL6UBvk71ngMTJl4oPes1Bvx2FaGsjbrMZA==
-----END AGE ENCRYPTED FILE-----
- recipient: age1n5g03x8p54kzx9nktqgasjugqjydz8u0rw9zcdx5l9c486h3me6qtnh57s
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3dzJUNEV2MHl1Y2NuVHBw
T2ZYNUZEMm9GZVpJQjJuTlNsZFNwWXB4azJ3Ck1ROHhXWk5vdGEycUxHZHdVT0Jj
TXJLV04wTW9uZm51ME1MZVBTNGh4d2cKLS0tIGZnNWhFZUZDRFdzNjgveFhyYkcz
Q3BzRld3RmxueVNmaFpCdGxYNFNTQ3MKpVECz8Y++bSSCUrvB0LTBKfFCnSZLZE6
8y4Tzpht2Okqeyh7E67fwOo4FaKBOvIqRmvpBw78BjfyDOJ3LnWt9Q==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxM0xaVnB4MjhGVnlCSmlJ
d0hzeFRnNElXNC9oOUIxS01EVW5lbU5pSUdVCkpSSXo2ajRsb1EvQkFyYmVqNHhv
a3Q1Y0d3SWwrNDFPaTFWSVRsUUc1Q2cKLS0tIFBReGl0cmRwYkVlRUZNRkJjRHpk
bThkdUdFU0UvY2p4OFNWQklHY2ovVW8KESs1/tCkOWCubXuBIk48ejPAbOSebtnY
POy3l1sLeCPoBAnvGrPukYAgoUGZhBUbtmhByf7cbhtcKCZm8boyQQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-06-10T03:19:50Z"
mac: ENC[AES256_GCM,data:GmnElraNz5OjrnWQOWmtU9I7BQZ0fH05JRMcoHQNz1UuxeVl+PMHSZ4CbcxqOOYvB8i422QE9BTkn4pWOpVc8iDzpsg225AmV5gUeyIkxucX21FJH9DZkJTOHrYG7R2HAlzzPgMXq6MLDcUUjXd6Kyn8s/PeSFyLPpxm17VI+gA=,iv:Nip9nPpJY8POx5e6r99tkyEz+PsVU8mxUX0Ux847pwE=,tag:wl8Z2BwaKq6WzH8ae/G20g==,type:str]
lastmodified: "2023-04-09T03:43:15Z"
mac: ENC[AES256_GCM,data:TUmzYlpsA+n30HEzMLlGyFoeDVHhWGq2nQSVt237wsMO+pGILH+KqEan4rdo/+UBpOZ1lk7SV/sVeS0JZpx6z/4aPe+PXNEkaeUMHef7ZsX+bbxEm+ufu+ij6w88tDHaNhLbF925ormFfnycLnURKBaogbV4f7twvo9fKs9/a0E=,iv:SuI2lBv0xIOWQ3XsZw6AJ56kiPci0AACQy5r5N9zMHk=,tag:ffPcuB4s/ybDYFXIZpVpdw==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.7.3

31
secrets/matrix/borg.yaml Normal file
View File

@ -0,0 +1,31 @@
borg-ssh-key: ENC[AES256_GCM,data:XYQmGWK9jDwcyh+AY4IuUKiI3sGer+BkQklOYb+FGfKo8BXckGKkimerVYgQWYrnM7wG9beOqslm54DRx58IXc7vn8jAGQgnti6Y0h1TriZUami/ideuzioC+rlr2UrDs3kVYF4tplSnGNEn79eEAGA+yFa3+CNX0JcSyg5bzABUU1OlHmjzl6HcWFehnBGsp3uRckRHiZtoNkYbDEEqgyZPJeax7QuFtAykleRfCLaa/wYcwkVqjyL9nXIz4l4ixPrit+oWpQqNImGms9QWNF/Xgt18InnZc9uwLl3GwDA52I5OvK089xC+SvmSvROOYOn4Vf05knAi+f/zfQgEgmHnK9BIW4mgpyNkQaahxqlSZAsmCAbMTwzsChC7x4l2WiVyTc+SZtPDc+/fh6IlSYM24IjB2pBOQinBhsWv5JynAohmjwjL6aTRrqOKi6QJmRhw5L3c3PHz1o0gCXangftWIF1ucKo/UOAAKtNa338lTiHrYSc3L2zRPVtcEv7yFMxgWFIILym2vlCpqAPzvBJE3bK7Zkaib8dr,iv:HR6qT0eO9FI6BKTEPFoDYw1FCaIpYUxlR2Ipshj4MzM=,tag:yixPw+yuV++XHJBRBiPFeA==,type:str]
borg-password: ENC[AES256_GCM,data:Csi14MRZoKlC89/0clz9ogGVd0lJo+8235L/LQWVTbeth8D11SPD+FoXtg==,iv:2+ONcrulPUuW9oA7ZTEVY7l2x72BZtEU1529O5jDE5k=,tag:HFGDJ4QBk9PhMIvgXjh7Kg==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1ud80054jwf6ff7xx65ta6g7qxx2flc24r5gyyfjz43kvppjutqyskr2qm2
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVdFN4bDVVWVdYMjRmYjl3
YVdvL1Y5M0h5TTZmUFF6NWp3bk9vS21SOTFvClJOZEhKKzFVV0cyZE1ZMlVwU0tG
ZjN0Y0xQM2NTT29HeEd3azNQeUFaUTQKLS0tIE5yZDhhNkhsYjZwWWIvakpQdmhP
c24yVlJjOWdhSlVkblQ0SlUrNHpEeEkKnOs5sHASEB9S5fqoApj6ryBDprXSm0++
jTdYdMva20hn9WZjm8e9A34Vhw5LTIgL8PeaTWO/qVCwBnhPAwrVig==
-----END AGE ENCRYPTED FILE-----
- recipient: age1pm647k04hhwm2dmqh07hnzflkurfevefcyf8xlhmc83a07n77e3sltyt0d
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRT1ZmM1FwRTNUVEMrYlRF
MlAzYlBnbHdtL1dtTDU3RTB1WHZSMzNML2lJCnNNK1B6dExHQlpaRE1yRFcwVytY
dDJ5bGxYdElHazlpanI0TVdPQnpvdVUKLS0tIFVzc1UraHh3TnNSYjZGbUhZSjlI
MlJ5OS9wMUMyRDNRMStjTkZtUEFrRHcKGDKLR5dOfwZi8cNciUCs6S8+Fza0qZ8f
hTU18SlABzsxpvV1Zpt4qpTkPjr4AN69TokoE9lJ9Re8fbgjZ1EahA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2022-09-27T03:11:22Z"
mac: ENC[AES256_GCM,data:ex9jF7XAYS6nYVQimuDq4SDOlfb8pJ/IdCml5KaFesb/GML9QS15+RXRcXpmyroudjRdDDmgvTuEOgCw1fhElCNd1GIdmeJW1zr7kKJOir8F4UCdDpXekUD9jYrrGHb6FH096RmWOqfxZAQBDZV+pg83rhMW+ZTKOZtOaujF5/w=,iv:t462VupFqQ6gOw1a+ySWA4tAiB6aYRzVzjBw8svPi1M=,tag:hvmULEFRyWprN6g038GREQ==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.7.3

24
secrets/matrix/recaptcha Normal file
View File

@ -0,0 +1,24 @@
{
"data": "ENC[AES256_GCM,data:n1TVra/4kQ7hSyVIGo7NMCWkIu/9NFCVxLMpYaygsY4MUZ6+7wt2Y46SYL+2f4USkfZzjuo046s9gB8BKEgUJRxA9cI+9H2+F22ebcCri+zMVCyU0CxkdtHcRx2/ctsqokxoRh4O+Motqqil1lbtaEiIP7GIJVqGq8BL2qVCfjjhYtwN41gaVnKfId6O4lialxIE8D7wrFT0vPAWH9maY3B9Ae6uRXy4,iv:/w3jVJzjbGuriqeIZALXVXBchdxRHNZgmEx2kzrpqDs=,tag:kieGBHYljPMyzN3/V5HH+g==,type:str]",
"sops": {
"kms": null,
"gcp_kms": null,
"azure_kv": null,
"hc_vault": null,
"age": [
{
"recipient": "age1ud80054jwf6ff7xx65ta6g7qxx2flc24r5gyyfjz43kvppjutqyskr2qm2",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvd2JDVFZyQUdTamZPTHY5\nbVNzTlpyemtUQXdETEpzb3VPM0ZZdmJ6Um1jCmJiNlRkU3M1c1N2QnJ0ZnlzWitF\nMjh1dzU1M3RkL1JVcVVSK2YzMVRhaWsKLS0tIG1zY29NcGw5cnI1RC8rdm5KUlZM\nMU1LR2JFeHJ5WExKVll3UW1RN3RDd3cKhC0SnpobGHl7pMc81liVghcwCKJcXBgu\nlB9m0YBfDUJdCUisLJZEpkuobz3Px4AidBhJq1gdkWK/IKS42hdZYw==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1pm647k04hhwm2dmqh07hnzflkurfevefcyf8xlhmc83a07n77e3sltyt0d",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2b0FPV2pUY0o3L1FHV01M\nWkVIR21xby9SajZPVC83S2MzcnpyeVN1OFNFCm01bnRsSSs5UzFrVUhqUGR3Y3pL\nYWlNRlRPNnBObysvRi9VNEYzSG9SQncKLS0tIHdPT1hpamN6UlJyZ1VJT2drVWNi\neGR3a1o5ZXF1dXFHNTYzQjJ5QStrbTQKK3FmNpBatc697zTruvYB+zrxLFKbEKj8\nWNKyWztMqRxZuR8UtnlY+1qa/G90NijMaNO9Az3G82uR1TFas9e6kw==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2022-09-27T03:29:56Z",
"mac": "ENC[AES256_GCM,data:o8RoMii4CvlCLPmXy0bqcxU66ui/RTmda4/ON2tv9Y/eiU9Cy9+9N7/oa6m079XWxwKiClAq1q+vw2nFYs4LIYzgfqUiNd8E625TF6J/BKRjCPHC+PtPPyHq+znS+EMjKNHfDTYPR8lCIZyvVVghgCqPqZSR83BkvE8c6C5PrmU=,iv:larsQNmaARyMAAF16lNYnGvn/rIE9wRPrbZAjiIvQNc=,tag:AUX9Z7RRrlHQYLU5XGoJ2Q==,type:str]",
"pgp": null,
"unencrypted_suffix": "_unencrypted",
"version": "3.7.3"
}
}

View File

@ -13,7 +13,7 @@ nix flake update
# Make sure we still build our systems
# aarch64 systems are excluded for now due to slowness
nix build .#nixosConfigurations.oracles.config.system.build.toplevel
nix build .#nixosConfigurations.pendulum.config.system.build.toplevel
nix build .#nixosConfigurations.matrix.config.system.build.toplevel
# nix build .#nixosConfigurations.tounge.config.system.build.toplevel
nix build .#nixosConfigurations.perception.config.system.build.toplevel
# nix build .#nixosConfigurations.fusion.config.system.build.toplevel