diff --git a/.sops.yaml b/.sops.yaml index 49bd543..2852493 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -147,21 +147,6 @@ creation_rules: - *admin_gpg_c6ristian - *admin_gpg_lilly - *admin_gpg_langoor - - path_regex: resources/chaosknoten/zammad/.* - key_groups: - - pgp: - - *admin_gpg_djerun - - *admin_gpg_stb - - *admin_gpg_jtbx - - *admin_gpg_yuri - - *admin_gpg_june - - *admin_gpg_haegar - - *admin_gpg_dario - - *admin_gpg_echtnurich - - *admin_gpg_max - - *admin_gpg_c6ristian - - *admin_gpg_lilly - - *admin_gpg_langoor - key_groups: - pgp: - *admin_gpg_djerun diff --git a/inventories/chaosknoten/host_vars/eh22-netbox.yaml b/inventories/chaosknoten/host_vars/eh22-netbox.yaml new file mode 100644 index 0000000..56ba344 --- /dev/null +++ b/inventories/chaosknoten/host_vars/eh22-netbox.yaml @@ -0,0 +1,16 @@ +netbox__version: "v4.1.7" +netbox__db_password: "{{ lookup('community.general.passwordstore', 'noc/vm-secrets/chaosknoten/eh22-netbox/DATABASE_PASSWORD', create=false, missing='error') }}" +netbox__config: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/eh22-netbox/netbox/configuration.py.j2') }}" +netbox__custom_pipeline_oidc_group_and_role_mapping: true + +nginx__version_spec: "" +nginx__configurations: + - name: netbox.eh22.easterhegg.eu + content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/eh22-netbox/nginx/netbox.eh22.easterhegg.eu.conf') }}" + +certbot__version_spec: "" +certbot__acme_account_email_address: j+letsencrypt-ccchh@jsts.xyz +certbot__certificate_domains: + - "netbox.eh22.easterhegg.eu" +certbot__new_cert_commands: + - "systemctl reload nginx.service" diff --git a/inventories/chaosknoten/hosts.yaml b/inventories/chaosknoten/hosts.yaml index 2450ca8..ed0d042 100644 --- a/inventories/chaosknoten/hosts.yaml +++ b/inventories/chaosknoten/hosts.yaml @@ -10,6 +10,10 @@ all: ansible_host: cloud-intern.hamburg.ccc.de ansible_user: chaos ansible_ssh_common_args: -J ssh://chaos@public-reverse-proxy.hamburg.ccc.de + eh22-netbox: + ansible_host: eh22-netbox-intern.hamburg.ccc.de + ansible_user: chaos + ansible_ssh_common_args: -J ssh://chaos@public-reverse-proxy.hamburg.ccc.de eh22-wiki: ansible_host: eh22-wiki-intern.hamburg.ccc.de ansible_user: chaos @@ -66,6 +70,7 @@ base_config_hosts: hosts: ccchoir: cloud: + eh22-netbox: eh22-wiki: grafana: keycloak: @@ -96,6 +101,7 @@ nextcloud_hosts: nginx_hosts: hosts: ccchoir: + eh22-netbox: eh22-wiki: grafana: tickets: @@ -115,6 +121,7 @@ public_reverse_proxy_hosts: certbot_hosts: hosts: ccchoir: + eh22-netbox: eh22-wiki: grafana: tickets: @@ -130,6 +137,7 @@ certbot_hosts: prometheus_node_exporter_hosts: hosts: ccchoir: + eh22-netbox: eh22-wiki: tickets: keycloak: @@ -142,6 +150,7 @@ prometheus_node_exporter_hosts: infrastructure_authorized_keys_hosts: hosts: ccchoir: + eh22-netbox: eh22-wiki: grafana: tickets: @@ -160,6 +169,7 @@ wiki_hosts: wiki: netbox_hosts: hosts: + eh22-netbox: netbox: proxmox_vm_template_hosts: hosts: diff --git a/resources/chaosknoten/eh22-netbox/netbox/configuration.py.j2 b/resources/chaosknoten/eh22-netbox/netbox/configuration.py.j2 new file mode 100644 index 0000000..56995ca --- /dev/null +++ b/resources/chaosknoten/eh22-netbox/netbox/configuration.py.j2 @@ -0,0 +1,60 @@ +ALLOWED_HOSTS = [ "netbox.eh22.easterhegg.eu" ] +DATABASE = { + "HOST": "localhost", + "NAME": "netbox", + "USER": "netbox", + "PASSWORD": "{{ lookup('community.general.passwordstore', 'noc/vm-secrets/chaosknoten/eh22-netbox/DATABASE_PASSWORD', create=false, missing='error') }}", +} +REDIS = { + "tasks": { + "HOST": "localhost", + "PORT": 6379, + "USERNAME": "", + "PASSWORD": "", + "DATABASE": 0, + "SSL": False, + }, + "caching": { + "HOST": "localhost", + "PORT": 6379, + "USERNAME": "", + "PASSWORD": "", + "DATABASE": 1, + "SSL": False, + }, +} +SECRET_KEY = "{{ lookup('community.general.passwordstore', 'noc/vm-secrets/chaosknoten/eh22-netbox/SECRET_KEY', create=false, missing='error') }}" +SESSION_COOKIE_SECURE = True + +# CCCHH ID (Keycloak) integration. +# https://github.com/python-social-auth/social-core/blob/0925304a9e437f8b729862687d3a808c7fb88a95/social_core/backends/keycloak.py#L7 +# https://python-social-auth.readthedocs.io/en/latest/backends/keycloak.html +REMOTE_AUTH_BACKEND = "social_core.backends.keycloak.KeycloakOAuth2" +SOCIAL_AUTH_KEYCLOAK_ACCESS_TOKEN_URL = ( + "https://id.hamburg.ccc.de/realms/ccchh/protocol/openid-connect/token" +) +SOCIAL_AUTH_KEYCLOAK_AUTHORIZATION_URL = ( + "https://id.hamburg.ccc.de/realms/ccchh/protocol/openid-connect/auth" +) +SOCIAL_AUTH_KEYCLOAK_KEY = "eh22-netbox" +SOCIAL_AUTH_KEYCLOAK_PUBLIC_KEY = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/Shi+b2OyYNGVFPsa6qf9SesEpRl5U5rpwgmt8H7NawMvwpPUYVW9o46QW0ulYcDmysT3BzpP3tagO/SFNoOjZdYe0D9nJ7vEp8KHbzR09KCfkyQIi0wLssKnDotVHL5JeUY+iKk+gjiwF9FSFSHPBqsST7hXVAut9LkOvs2aDod9AzbTH/uYbt4wfUm5l/1Ii8D+K7YcsFGUIqxv4XS/ylKqObqN4M2dac69iIwapoh6reaBQEm66vrOzJ+3yi4DZuPrkShJqi2hddtoyZihyCkF+eJJKEI5LrBf1KZB3Ec2YUrqk93ZGUGs/XY6R87QSfR3hJ82B1wnF+c2pw+QIDAQAB" +SOCIAL_AUTH_KEYCLOAK_SECRET = "{{ lookup('community.general.passwordstore', 'noc/vm-secrets/chaosknoten/eh22-netbox/SOCIAL_AUTH_KEYCLOAK_SECRET', create=false, missing='error') }}" +# Use custom OIDC group and role mapping pipeline functions added in via +# netbox__custom_pipeline_oidc_group_and_role_mapping. +# The default pipeline this is based on can be found here: +# https://github.com/netbox-community/netbox/blob/main/netbox/netbox/settings.py +SOCIAL_AUTH_PIPELINE = [ + "social_core.pipeline.social_auth.social_details", + "social_core.pipeline.social_auth.social_uid", + "social_core.pipeline.social_auth.social_user", + "social_core.pipeline.user.get_username", + "social_core.pipeline.user.create_user", + "social_core.pipeline.social_auth.associate_user", + "netbox.authentication.user_default_groups_handler", + "social_core.pipeline.social_auth.load_extra_data", + "social_core.pipeline.user.user_details", + # Custom OIDC group and role mapping functions. + "netbox.custom_pipeline_oidc_mapping.add_groups", + "netbox.custom_pipeline_oidc_mapping.remove_groups", + "netbox.custom_pipeline_oidc_mapping.set_roles", +] diff --git a/resources/chaosknoten/eh22-netbox/nginx/netbox.eh22.easterhegg.eu.conf b/resources/chaosknoten/eh22-netbox/nginx/netbox.eh22.easterhegg.eu.conf new file mode 100644 index 0000000..6c9d458 --- /dev/null +++ b/resources/chaosknoten/eh22-netbox/nginx/netbox.eh22.easterhegg.eu.conf @@ -0,0 +1,48 @@ +# partly generated 2022-01-08, Mozilla Guideline v5.6, nginx 1.17.7, OpenSSL 1.1.1k, intermediate configuration +# https://ssl-config.mozilla.org/#server=nginx&version=1.17.7&config=intermediate&openssl=1.1.1k&guideline=5.6 +server { + # Listen on a custom port for the proxy protocol. + listen 8443 ssl http2 proxy_protocol; + # Make use of the ngx_http_realip_module to set the $remote_addr and + # $remote_port to the client address and client port, when using proxy + # protocol. + # First set our proxy protocol proxy as trusted. + set_real_ip_from 172.31.17.140; + # Then tell the realip_module to get the addreses from the proxy protocol + # header. + real_ip_header proxy_protocol; + + server_name netbox.eh22.easterhegg.eu; + + ssl_certificate /etc/letsencrypt/live/netbox.eh22.easterhegg.eu/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/netbox.eh22.easterhegg.eu/privkey.pem; + # verify chain of trust of OCSP response using Root CA and Intermediate certs + ssl_trusted_certificate /etc/letsencrypt/live/netbox.eh22.easterhegg.eu/chain.pem; + + # HSTS (ngx_http_headers_module is required) (63072000 seconds) + add_header Strict-Transport-Security "max-age=63072000" always; + + proxy_set_header Host $host; + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Port 443; + # This is https in any case. + proxy_set_header X-Forwarded-Proto https; + # Hide the X-Forwarded header. + proxy_hide_header X-Forwarded; + # Assume we are the only Reverse Proxy (well using Proxy Protocol, but that + # is transparent). + # Also provide "_hidden" for by, since it's not relevant. + proxy_set_header Forwarded "for=$remote_addr;proto=https;host=$host;by=_hidden"; + + client_max_body_size 25m; + + location /static/ { + alias /opt/netbox/netbox/static/; + } + + location / { + proxy_pass http://127.0.0.1:8001; + } +} diff --git a/resources/chaosknoten/public-reverse-proxy/nginx/acme_challenge.conf b/resources/chaosknoten/public-reverse-proxy/nginx/acme_challenge.conf index 319347b..e2b89d9 100644 --- a/resources/chaosknoten/public-reverse-proxy/nginx/acme_challenge.conf +++ b/resources/chaosknoten/public-reverse-proxy/nginx/acme_challenge.conf @@ -72,6 +72,7 @@ map $host $upstream_acme_challenge_host { cfp.eh22.easterhegg.eu 172.31.17.157:31820; hub.eh22.easterhegg.eu eh22hub-intern.hamburg.ccc.de:31820; hub-usercontent.eh22.easterhegg.eu eh22hub-intern.hamburg.ccc.de:31820; + netbox.eh22.easterhegg.eu eh22-netbox-intern.hamburg.ccc.de:31820; default ""; } diff --git a/resources/chaosknoten/public-reverse-proxy/nginx/nginx.conf b/resources/chaosknoten/public-reverse-proxy/nginx/nginx.conf index e732052..6560b75 100644 --- a/resources/chaosknoten/public-reverse-proxy/nginx/nginx.conf +++ b/resources/chaosknoten/public-reverse-proxy/nginx/nginx.conf @@ -90,6 +90,7 @@ stream { cfp.eh22.easterhegg.eu pretalx-intern.hamburg.ccc.de:8443; hub.eh22.easterhegg.eu eh22hub-intern.hamburg.ccc.de:8443; hub-usercontent.eh22.easterhegg.eu eh22hub-intern.hamburg.ccc.de:8443; + netbox.eh22.easterhegg.eu eh22-netbox-intern.hamburg.ccc.de:8443; } server { diff --git a/resources/chaosknoten/zammad/docker_compose/compose.yaml.j2 b/resources/chaosknoten/zammad/docker_compose/compose.yaml.j2 index 8ea5265..8d345de 100644 --- a/resources/chaosknoten/zammad/docker_compose/compose.yaml.j2 +++ b/resources/chaosknoten/zammad/docker_compose/compose.yaml.j2 @@ -11,7 +11,7 @@ see https://github.com/zammad/zammad-docker-compose/blob/master/.env {%- set POSTGRES_DB = "zammad_production" | quote -%} {%- set POSTGRES_HOST = "zammad-postgresql" | quote -%} {%- set POSTGRES_USER = "zammad" | quote -%} -{%- set POSTGRES_PASS = lookup("community.sops.sops", "resources/chaosknoten/zammad/secrets.yaml", extract="['DB_PASSWORD']") | quote -%} +{%- set POSTGRES_PASS = lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/zammad/DB_PASSWORD", create=false, missing="error") | quote -%} {%- set POSTGRES_PORT = "5432" | quote -%} {%- set POSTGRES_VERSION = "15-alpine" | quote -%} {%- set REDIS_URL = "redis://zammad-redis:6379" | quote -%} diff --git a/resources/chaosknoten/zammad/secrets.yaml b/resources/chaosknoten/zammad/secrets.yaml deleted file mode 100644 index 79b9dc7..0000000 --- a/resources/chaosknoten/zammad/secrets.yaml +++ /dev/null @@ -1,236 +0,0 @@ -DB_PASSWORD: ENC[AES256_GCM,data:ytb/AQ8UP47KTdUHI5RVZejZBW1vVI7v,iv:AIYEngDj4BHgXnz+pF45Z40EwJSsibVdCeF2IdVvmZE=,tag:dlBva94ytOeuzW71flhTaA==,type:str] -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: [] - lastmodified: "2025-05-03T21:25:46Z" - mac: ENC[AES256_GCM,data:SO6TcvQJNQ3cAAy3yr2S4/PkQm33jLie/MEiLVhWRajfVD0BTyEMG5RJT6eMN/2AW8HxMBs9Dgz2aOWosL3tXWsxp5PY9ZaCg1rlz7UPPp1lsoQLB03LYAl6Ez674WqTmUrb+SjNvbxi66diYBXZj0b1zawMD0J0EMifKqOzJiE=,iv:WTr2qtfazMonEG4hxcE1KNCdq/GtQinMVHXwT5A7yxQ=,tag:c1wBDOXeHwmHF+J5GXIlmA==,type:str] - pgp: - - created_at: "2025-05-03T21:25:04Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAxK/JaB2/SdtAQ//SahMO2M35vCWkHxIHLDO0hiap+RBvab+H35B+6rHsBBA - q3hyXieM1uW1OFKNegRPifazytyUVYi7DP+t0vUqXo/CY8BqmjM19ChOvaAPlif2 - DApPJvV3sYLbUdkYBx0sdpTiWHXmRP0JXtcvQxRMgOuRt+EhWoEnSsf1joMVhR4x - aGRmOiZhw4ZMI0GhxlVmonb/B0Bo6/3GIScVY9AzJIcmDqDd8DP7SEsYUxFzBfST - KAW2cJBn6rT1OtB97odr5Ir2TkS4H36euSNew/8caHGlKgcnewgF+zpIvjeWUimk - cUybZ2UssmBtfWHsypAMg7pKFO/OmV57OWqi8zKYNeLwXeFQvHB1265oJN4szyFJ - raCAB02Y1r4E5S3wSeqhjE7lvj37/JTjr5VXmz0tASPpgdcLKyik/qTSMQVLs2gY - nUjVnPbpakQ/9cFCElWEhFDwALZjsAef/+mqmA8h9Z84X9gi+EAwee/9uT4Mu/0H - 1xKdlAjo0ubkhTbxDf/Zp4RGEQ3ERffj5mtL/DxuBp2jvQ/feljJtO3Lo93Skbti - 7s+kOblHH0bBS+/YNP8yQUFZ0V0Jpvn52RMOKiMlrnlbmI2u9x478uF7cT6iQ8xf - HlIIGZHJ+dGU10sxmflp3TiSRAOyy5YJOFiBYl08QHREqPoEfn20hWIaf8avJHLU - aAEJAhA3M6o9TmOuAV9+n8lrZr+WcRQDovlZmyGb8/mjqupcW7QTsmdjIGFi8ttT - VgwJVseKZsTC0dyYNRroBUMyxEhtvsMkoAf6i5t9hr0XcaWQkacd4oYpkFIS+cDk - GGZyXPivuky7 - =Tw63 - -----END PGP MESSAGE----- - fp: EF643F59E008414882232C78FFA8331EEB7D6B70 - - created_at: "2025-05-03T21:25:04Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA6EyPtWBEI+2AQ//QEj1kGg89Sim6kcAyZR6qi7yU9NIsQUUgNxTD4Dn+AS7 - w5rKd3ympVFVO3oQTJNLmxssJGyC1mgB9dqBulAPjKepnyHa/EolpGq69mPlO8pH - CFxSSz/rxj5h5vojyWE8VhDQtMeKKGMYwwqREkHkOMIvgoXPvcwwiLVDkRMkf7ss - xewqL5dlBkmHCHYE3gIE6BrGNoQEZ6vO19P+13KDgHxZN7RfXrQDLYEb8Rse/X24 - lsQxlaJr1fNsHzEPHkfZzWx0IFLJIPCwLJa7iY96Ku2qZOo+WkGhUiDHo/m9Ru04 - iwEVzucWHCYt3kKKq3kEyR57jOwzONUAuWl4otO0U3a3+dbHAkEqzU7WcnS2UOy2 - ajYmAq/j6kn74zCw+FV9tT1S+6WDHW95jXIPr3zKqRSL8V4UK0jc87Nb06w3yRCz - f8C2lrzH7iQFajDDuJ/vUI5g2NR10FafOdI83XlWkpd8i33nF7eoMZTagAFLw0C8 - OPr32i0Ppdz/fAedkYqqRys1tryQGiq3PeumxQTQQj9OKlkYlPIWLsQkSgRNQrc7 - EuIkm0YT4zpGzcoiQT586GDVsOiEb5yMmOjLqB8BHrSEUQwHL1cZvbGUooFqWX7K - iljdQ9RneaZH7REdJcN9+y15vd17pz8y1e8rd3mh2PGGkoVHyspklYvykzCDoNrS - XgHjMWrj/QCDI+GB02fql1ZFHodIbFPseWNlf3XVW8/lu2m3FDNYEsJCsBeK5OLW - Oti/DyVz2cNdescNEfH0W8OJ2f3C+R07l9FU1x8hjifjd+xURu9z+xrGdHwCYVQ= - =v+tQ - -----END PGP MESSAGE----- - fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC - - created_at: "2025-05-03T21:25:04Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAz5uSgHG2iMJAQ//SwMT8P0+0S2zrf3/ActFB3m3BRUn93t2MdnAYQZRjil4 - nhcw7JpMjxD7Qe3klNHdeBK8DxXlr9ou9KvdnVWr4vdnzTdAiSiM9n5AHOCoRnT0 - rz4A4tTide2kGjmU4nWICAivr1YQqt9c/2D3BL4NAHTy0d4DK88jUe9wcoo8MnPW - nKk2LUr6DCR3+/3d9OJrWNlWrCmmSRfgpbmsGOV+TlKO7EaDTjc3Iz+T9zOaFXVj - /8VLyksQ6OtYnpOsniOsAb0GxiAGoeXayDvIijqesQ6AUf5HDGMcWCQcqMzITYWe - RNKceYd1MU5iSmqbCQ23WVCHMvgwqQJ1hRj9Rj3E4j5QVFzwniwmEK5XIOhvkL8Z - McrJ47zYi+QRx9xyhqczv0W2oX4aLZFW3dJtbpNzUMUmgDYZ+d16Iu3AxsMuOx4D - HovgP8+fy41+VgQvlGJE1pez/xo6muP6TMR8zD/s/eFnZop18bBK2OYW8yd/kp/B - AY9mpq6dDs4IuUBlo5c0YPIfWMWhh4GlaEsbggB/AUsrbJfYMX1MlLiHALAN0+xo - swRp0pPm+7mZmv7LnQCzNUM4rjGhJfzljjFmi+RwSS2h6bXbNqiedRbJbfrYWsCh - P9Ww4PhI9+kKb2PcNa7Ibzd5Ac3RpN1tMVsVzHOa0WhDCR+TkI9wnsGtHPi3CJbS - XgENsQcISscNzddDkTkI5fGogQohsQAQY4UfZDA5QuyFaNLihaWCr9OpUqFMXu+A - tSkVmHBVdYT8jIxO5YHYRieSxE0SEmYJf6+Ckxf2TWMJxWxsvwHgekI+kPR1Byc= - =VkXh - -----END PGP MESSAGE----- - fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5 - - created_at: "2025-05-03T21:25:04Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAw5vwmoEJHQ1AQ//Uxtqgh64BFkNnCxUvaU0dvhrwuhAfrI2QAgX7Gghky7M - QwY5/HGBs34wCHlIJqV6E8AdXN0VyzhBiKiryaqTSECDXZbFsb+q0VhxWTs4T/G5 - oCvlvOC6rM7XT6puTsIiqjb4YO/8aVbkQCcE3QlwWxQP9DAk6I/Xxc+hTKStiYeC - uqON51LEtE1/pqfmf/K4j5kPLBuRYf5IUaBp5WVs9MMbf/vyN235odT8Z29Nz5kq - DidBkSq7A9Y64rncvvZ4+U3L0HTFcfyiTNOYPL1W45OgPFN4hRU047u/JjP1/vU+ - dLwWNwyYqq7KmEsRu8vi1p636KDios6MDo4n0Ma74APpM/3c8GEVeuz+rY6RoHbK - FzZ9Eswe5otqmfhfLqBGNYW9+RNu3nUD6U45ES5YqNOH9yk4OqrObVMrUh97IpF8 - 876cL+RDqI+KhnW1sgpJ5x+v7XrS12/LnjArBUJtHEsTxDWoAFHuVKJdr895M8+U - 1rMKOzhREbklNNgF33T4ysk6IE7PhGAJn8Wta2B7GfpBGBnzGdi6fvbuf+RtlZi4 - 86LkFNI7iOvVV4uiG02yqxlLsCYt6ww6MZuGLREsNeHLuQkrVfF9aVw/+++3PJan - tIYl/WSLQ2sAjj6uxoXkBciidqFhtlD+4hvRky3enrYW09EeBOZY+4sE16ALCnHS - XgEz/69zcjJK5d3yEdcYeoHRMFVH6haEc48kg3WKlOKQ2HrPS9rKRGSwG8CC4a75 - iw1OBZGFeaacydhq5XzU7QFlRXx7n8oi9zBHKPb0ND8zm13LQF4oTHogkZInmm0= - =Ks/U - -----END PGP MESSAGE----- - fp: 87AB00D45D37C9E9167B5A5A333448678B60E505 - - created_at: "2025-05-03T21:25:04Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA4HMJd/cQYrVAQ/+MJYZ6RlUXXfn3JFBUMOFMOCR3QYKYyYxFi++34qdw6FP - 56KibbYsAs2yLksHy3XdgFgw9ki3AOFK7zb2Urs36/S/lofK592u+bKK+EYqVwIK - YdDynzaxA46WlRx8zMufEjyUBimAppOwePeaNPeI5+ElsYT+IBYB59xNEDHx0Gql - SzQVj326qkp3J3vYnoV8Srt7MvU+21ysT7eXSFrYP6d7imG4Mc9CuO9Rf4ZzovY3 - ZcIHGGg5B5/34eeVGfAFw+LfSTAcicidXDjSs9baG9jmoZYiJjF/qw4+mYRJ7Cox - CFQmeitar/tAAS8Q/wU9//a4dSupreAIRkA6V6/OsoWli2wY+1fL3TnHeTjskeh+ - BYCTuWqjAXqk/VEHkzgxqEbmJr9wHrUl5BWnaF+Ic1i3Udmm9UdFx6jgja3IbJpy - TlofZx7EhEd2VR29AF4HQV7vjeno+wp8mKJMtaG1gCpxAlaBvpJX8lsH/oDpuYMK - HhFNiI/ytFd5rGsthIImzUqe5eqAnl2+JNS5vxY26JU06uN1kPcPifeV9DqJ86OC - EfwFs3mHAIdiyn2LfA9ESCiqMEBv7NsyIFEve02y+hJZ+G/6x0Ob//AfrhgTOmSt - 2QRA0WMhavJpn3gcnO3OHoHqYzckI315ZLglgPYqP+8Uc8fx6RpA6vXaj7l9aaLS - XgGrtCK2C5MJQX8pMYhOhNWCDcXspLlAJMNFLnBh7ngujttyLCbufx3h37evh8DY - 4PZ70A4TjPbyiHvQWYhVGmYTdS3TmoE5eY0vlmIHABYvKflkdYp9JPLeqqPLxQE= - =Aw8A - -----END PGP MESSAGE----- - fp: 91213ABAA73B0B73D3C02B5B4E5F372D17BBE67C - - created_at: "2025-05-03T21:25:04Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAxjNhCKPP69fAQ/8DmSZ5hZ04QC8G4G2P2xsTg+hb6Cu+v2leOwhRNhYQtPa - 9fa8e5Hd7lhLfdDSfABmWZTW34lyzj2MEi4ZFMaNU7zk/iBTfFFWZkOuaSTLHD0J - D28PROIEOVZIjUSqQ1iGT/jRP2fCEsSWexkGJyOrXKUsVi5kSdK8XygG/Hx9uiS5 - JoyjKMgPRNCqjvZdF12Qr+0QrM57CPE8fTy9MauN6M7CTiktQw9bdVc5hjNf4AZt - 8OCwNJLrAiB85iPVrUYO3nxmRETH092N1aw2HPv7/cOCst9jyUAQq3AEFpiaK+PD - 4uM+A+bkX3fOaCpNe1ePAnG/hV/456ZkNW3cR1tkRXXcXROFg4hOdZ2b3Rn4X35Z - xAHahfyOor15vAbmeAUo0ebdaAICmSoYT+JuLEdaE9hRBOfQkehRMvp2qHhYSe7X - 8j/cQP6M9lSPKYy1wATj3ALmLMvab3CCv9Amu3F4JtJLH3bgyWtMhiPWwxgnFRTm - OQgf6mXzRgJnnBJwtwdauSIxD758NyvqJgRq87dsrnUi8rp3fRq34jMVAWnrKVBz - kL4DMfr06mCMFLEG8B4Im4jfy0W3oVCrRrFgfB3HoiTbrnKOdYJ5e+XvlFxgXQ52 - h0WaRnPDQK1kx75nJlF72vr0ZgTWogm0OQUadxU+LiaQkQrcBkTmpjyz16l46O/S - XgGXzsbwjXq3hMptCN2tD65Ryzra1BGLBPyF39UOj6xNaUcfB0Aht/huvTaWUE1x - up3gAnVub2M7PpamJMqAe4vucIuS11+VflWV/zlUFkaqhhlghTEeR7mEt3/1cCU= - =6lrH - -----END PGP MESSAGE----- - fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55 - - created_at: "2025-05-03T21:25:04Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA1Hthzn+T1OoAQ/+PbfW/BhAzQ88YgicYVYeqw784T1C2EPbUeBRLJWbKyCL - LXm/coGFBpzebUk26spFK151jWOgUfyFeMqYTAKPntV2w+L/sBsuN+hJ12egIKGi - 5vdwosq+dgo4jPg86kohepmfh4obv3QQ1P9ESmu3UswTCsn7WnRKLscVcPAFd2Wl - m0EaonTQbpW6zPLUJXd+/UnTsj1PrYijazDjUEcfoj5UwQ7vXfzoeNqvkpMzQxFT - mCm4hL4iV0E5av/8eP3jYFxz7S13MPvyN9M5I0lCDAYENrQDvDbaKWCYGNRsG07E - TULw0TXwvP5KtEORR7OAPGlon+1JQ7AM4RpTvsql+dEYq8t6pFrMw12TAKsCR3e/ - vmx12aX6eiBxZfcV/l9ykl+ypNE/YcKMjJxrDo/jeypXrHhEieuT+Otxe5OMh6+o - D1tydz4GKNJVsL97hlAKizs+h7Kg1KLucXVpWWUyowldzHOWA8ffh7uoM5pDk4wO - cYY4ROhy92n9njAzuAJfotTT2Jo/3J9vizlwFEr7F/sHEACIMgU8yJ+yqBiZK+G+ - Dx735M17sWTbPaV7s+fKwGD213c9lNCqLCqMd0udB2cpItKH6leIQ3wkMOCs384a - qs5/zxVorCvMul2iB74mEw3KcbwEuQDS9sJ3G6zXTV05hgx19/qM4IJX0WxkhjPS - XgHiuGDuve1w8W3sfT51/I4YsGonYwQe4lfRgQie7efzySidP85lwcfYcjhhaeqy - /Ly0kISbmO/AkJ/94TRIw39TePjP34tcYJ7B51ZyIyyJqE9LD7U5Cg/zK5KVqSw= - =Pqms - -----END PGP MESSAGE----- - fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD - - created_at: "2025-05-03T21:25:04Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA46L6MuPqfJqARAAmHTz9QCo5nl2Mv5vK+yDYrbVgfgWXqD8s0sinylq4f4K - r4U1b8cxGfmsbm+Y3MgvOLja4mHrzAaHdGo4rZWrnGKuhgQ0DNzi3ScDZ3mkTSyS - Nn62K65zjG/JaqS9M2tXyjuSq648jy3o/PnZnMY24H4hpw73EvxLudYyz1DaXQoJ - lhi/k4Nv+cGyVxCXzBklMJ0KW+VPIKQqf6TxqBRrQzPG1BNIWul9S0YJ5hZKvxqj - eEHPetDiQNjAJ9tPsVqXMe+TH3otz0shks5j9PzRGklwcHQjIwZrSwd6Ajs4Y24N - DTqAWH6ZosGERCe7Qp9YInTQ67J3VubYqtzpqDPKsu59+c5CYrhZooPHFOSt4WmD - bfGVdyogsXAfRVq8eAa3ShRVTYN21eUH+qQfwmo8Vw6GKSeeXiBclP20gJvmasKS - ifCLzEV9rhnE4YB2z7wUwOfJL3CFcnd96UqpGvQH6cAJmrKPN9U9pEWRVueMYhnp - ZE2NGu3spAFdEcCtd2Yh+nrAMklLMClvqtyp/HA6jg5pVDNcckBUXs2a/9uc0MNJ - 3RfrWaTuBRa9iEFJ6LHrjdWkRCMg6b2VrjVdrC6OwaV4vUQhc+VFNJGvkZ684K8l - olNX1efLZuVLVCEt9s8CQWktZDkm8hXEc+JLgZa+y7/o+Q2L+ILz2uuFp8nET9LS - XgFJ6Ktg3HSq8d8OYDmmKViYvqc8sazpt9RZybbQWxofCPP9Jum2AtxXsV8EvpIJ - uGMaJTCrwcIzlGXi+kic5EJJ9mR0woJNTMFLJgmm7CnfCQP9OsPb8IYNzvWK9zg= - =jmjo - -----END PGP MESSAGE----- - fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A - - created_at: "2025-05-03T21:25:04Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA4EEKdYEzV0pAQ/8D9QO1hysKECDBPWs+vuWeaYp6nJL3WyoehsD+5NcUgu5 - n7k6gWdb6qdnX22pG2Y1sXVUbLHpBwGPFmV8yYEz/Wvilu6XbagWOaidIJg4n//t - nIEUXun7592rod636coaLdHF2xrFsh3e1RaTmFI4loOhDKZiiQtnGkFKcaukBJrM - cZwmuJNCT34RAodzWQI1zYbMKz0RSgALVBTcr1uVcdNfU/QCaqt7zYw75NnaTV/i - n5EsKAFcva5H//9lYHSzh38zOpz7eika4q9pBR6AwQ+4qmQEJE2x6cqqKVBAxpJO - aKBvWxxD6xZ5euoKYVdNnESaSrDXbBwJjcaWELhf9zGjJ9lh02rrdNyeRYkoBIGm - Fgc35S7TG0jK0KnNO/Cx0lOSwKZVdS/wAn4G7UFBAi9wvN5dgW/4+5YJ3FvIP+JQ - +WtlhbVuRnytjBoMPXdmhtlMifPqcCCe9tfWzeDshRFkYZYj7fCYahb1RMayckSE - mzL09qD/1NWpvCxahd8klOom3i8UZUsF7/f+MvL/qDDrOQNYUkZZlyXMxK6PtHxD - 8EllsS7LSKEjyOVKUZARaAVa+4xNRPoekgPGb87c33KcaDTHpAdnR4+OAsdrZqdH - m7uDUmFwBl9oUuOSDH5/SzYDwCmzji4fF+RB3y2rN++iMHaoW0cdfrMFJLNh0p/S - XgHytHnTUNQHpcO9DvDOJ/k6CMKEy8pqHsJtA6w4qjDBvxp2+MZvLtaiu0+cdIdn - Pv4/vMcPQ487w1Bai/RSPpFT/mvul2cx+rvGAvSBOJdJ36IqS77XS7q98oqsLXg= - =iE5q - -----END PGP MESSAGE----- - fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA - - created_at: "2025-05-03T21:25:04Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DQrf1tCqiJxoSAQdAplgn1U9MWtBhmrJn4nWktxeHY59U0ksE1XliNX8mr0Mw - 3xD0QuwfaohrhdgX3La+4/OY582zxkSwEP8Jw/JoBOSuEx+HBUreKKPuxO9uHzig - 0l4BPz6xZxRAI202Qajo1H9z32HbS95b05bBUapW50sUAAmNUhXW79guW7PjPeE4 - 1baTqk/BaJEreZshjwlJ92GXqrdbWmsYPRKKMSa1NoZu/uVQYvGXPvtmtE387OAs - =gwSv - -----END PGP MESSAGE----- - fp: B71138A6A8964A3C3B8899857B4F70C356765BAB - - created_at: "2025-05-03T21:25:04Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DzAGzViGx4qcSAQdApLDqh0CvSd674B/iVxpxBih7clT+mIDyINRGECvxBBgw - Afw8LvDzNDt1SX/xWNqZTYiJOQMq4V5HfSkSMt9mPPbSP9sT0OAHNN2dW/wZh2ZQ - 0lgBl47uynaVtrGVFU6ztl1YspN5OirXNIV/QqQIui/iaeeEdY8M/O7Blw2riktx - swLDw0o3UQTa76cCcBY0bLv0Vv8zdjKTSP5nBhMDS0pNxkKCuTqXCYkr - =VCUK - -----END PGP MESSAGE----- - fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD - - created_at: "2025-05-03T21:25:04Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA2pVdGTIrZI+ARAAiYsQ5CFabAY1WYopL7Q14NoAdQmo41mCMK7VwObHTwRP - 7fIc2ug1UvunZsHSnC+IX6L9FXR8SUqFg4P9sWRPnnId/lI23zkBDCYuwCy2F/qa - e/GEh4Eha3OSd/ljZADddAIn+mjb6nc2YU/DvLg60h3A317RZassGavSFxYdPmKi - mfGVdnM8d4fnBIVaaUBjMVgiiTZnp1JGsaSewGkAie5qbhsqM4DT/se2RoNHmRjk - hZw8UNi2gPm27er9q3iBvEe/TKr6diA/ELWzNBXZS9uhOqKAlUKsHMNx9t/aLGXV - zSuyM0KuIMX61isHPXvKv1majyjGJ52UIfoUJ29FL9XmRbW2AUjmJnJ0AF8tpUrC - 6mqrzKTouOdmAdLmlPnZKlzt32AzkAlg97u1tllWUJstYndl2IwJ69BMaDhQVVgp - 6LkxUw5gmgCyj6hjDNjX98IhacGMYBhjjJ39Z+3AGlhuAegN91MGaE3TIrPjmx/H - KAXEC5Wv/yp5ezz2FtY41e5selMKcMgn8OuOvdyQZ0wWfqebLd3LMRis3hV04a8u - FzfkGo1jG5FWJQj0Nlc9mdgh6mLO43LKdq3Y6P/2pJ/Xdh3/tm1vzY3VOxtuelBO - NcB3lYB8ukouKH8yx3LvnB0oD3EsQC0/Uq8HUx4B75Mi7xnG2uo0sR05ALTLMePU - aAEJAhCqABkvXA7TWGsj9ohR+1d+6A47/6drox/KI/axPWoSFb/9SfPoSQR8U1Rp - NNrUA9GRUEFAsAzU7PaUYL5ZjF7uHN0MbZL7XI1X7qWz8I6qVYtuJAjBTdaKen3N - pRg6v53Ytj/L - =yFV4 - -----END PGP MESSAGE----- - fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533 - unencrypted_suffix: _unencrypted - version: 3.9.4