From 31ad4654c66bc39596a489eb0bb24425529c4641 Mon Sep 17 00:00:00 2001 From: June Date: Sat, 3 May 2025 22:48:49 +0200 Subject: [PATCH 1/2] ccchoir(host): move secrets to SOPS --- .sops.yaml | 15 ++ .../ccchoir/docker_compose/compose.yaml.j2 | 6 +- resources/chaosknoten/ccchoir/secrets.yaml | 237 ++++++++++++++++++ 3 files changed, 255 insertions(+), 3 deletions(-) create mode 100644 resources/chaosknoten/ccchoir/secrets.yaml diff --git a/.sops.yaml b/.sops.yaml index b553e92..2828aa0 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -72,6 +72,21 @@ creation_rules: - *admin_gpg_c6ristian - *admin_gpg_lilly - *admin_gpg_langoor + - path_regex: resources/chaosknoten/ccchoir/.* + key_groups: + - pgp: + - *admin_gpg_djerun + - *admin_gpg_stb + - *admin_gpg_jtbx + - *admin_gpg_yuri + - *admin_gpg_june + - *admin_gpg_haegar + - *admin_gpg_dario + - *admin_gpg_echtnurich + - *admin_gpg_max + - *admin_gpg_c6ristian + - *admin_gpg_lilly + - *admin_gpg_langoor - key_groups: - pgp: - *admin_gpg_djerun diff --git a/resources/chaosknoten/ccchoir/docker_compose/compose.yaml.j2 b/resources/chaosknoten/ccchoir/docker_compose/compose.yaml.j2 index e4ab5b6..01226e6 100644 --- a/resources/chaosknoten/ccchoir/docker_compose/compose.yaml.j2 +++ b/resources/chaosknoten/ccchoir/docker_compose/compose.yaml.j2 @@ -6,8 +6,8 @@ services: image: docker.io/library/mariadb:11 environment: - "MARIADB_DATABASE=wordpress" - - "MARIADB_ROOT_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/ccchoir/DB_ROOT_PASSWORD", create=false, missing="error") }}" - - "MARIADB_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/ccchoir/DB_PASSWORD", create=false, missing="error") }}" + - "MARIADB_ROOT_PASSWORD={{ lookup("community.sops.sops", "resources/chaosknoten/ccchoir/secrets.yaml", extract="['DB_ROOT_PASSWORD']") }}" + - "MARIADB_PASSWORD={{ lookup("community.sops.sops", "resources/chaosknoten/ccchoir/secrets.yaml", extract="['DB_PASSWORD']") }}" - "MARIADB_USER=wordpress" - "MARIADB_AUTO_UPGRADE=yes" volumes: @@ -23,7 +23,7 @@ services: - "WORDPRESS_DB_NAME=wordpress" - "WORDPRESS_DB_USER=wordpress" - "WORDPRESS_TABLE_PREFIX=wp_" - - "WORDPRESS_DB_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/ccchoir/DB_PASSWORD", create=false, missing="error") }}" + - "WORDPRESS_DB_PASSWORD={{ lookup("community.sops.sops", "resources/chaosknoten/ccchoir/secrets.yaml", extract="['DB_PASSWORD']") }}" volumes: - wordpress:/var/www/html/wp-content ports: diff --git a/resources/chaosknoten/ccchoir/secrets.yaml b/resources/chaosknoten/ccchoir/secrets.yaml new file mode 100644 index 0000000..854f831 --- /dev/null +++ b/resources/chaosknoten/ccchoir/secrets.yaml @@ -0,0 +1,237 @@ +DB_ROOT_PASSWORD: ENC[AES256_GCM,data:zfK7WXggayIeROoPhCWiU9V0dNpKDei3vg==,iv:XChG6XtDfdHDycZZmIgUtUrqr0YtiVIt2BRZdo5E50M=,tag:x7UeKZDQVQu9ybJx8Xz4ZA==,type:str] +DB_PASSWORD: ENC[AES256_GCM,data:7ld13nerRTQXJsI8/0n/3IMmbT2FVhAhRg==,iv:Fs+Vv9fDBYMHaWBvcLAh6dtLt1lTNkR//Xr8E4KFylo=,tag:RyDrZcexek3eO6Justga2w==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: [] + lastmodified: "2025-05-03T20:48:33Z" + mac: ENC[AES256_GCM,data:1R4V8XkoIz+ySSdwj9kBKbi0LhOqZtjuEIgV6heuDDXXJ5gKTQKcgkvtTQCAvSoC4VGdYSwedfm94tOJa6blILJ+WA5i/mIxYkuypnqXct1qeqwl0CIOxRs/7qRqQaQjmBmlp4JBRDW5usy/DSZB6383azgNF/5o+eqbErMm0sM=,iv:bYipcv9OSnFakbfKFzc78x2icJ4ByN4lMRnSwqA73yM=,tag:0TfCZmr482EEey/tkcxg9A==,type:str] + pgp: + - created_at: "2025-05-03T20:45:39Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQIMAxK/JaB2/SdtAQ/+JPuBs9V5yTmx11uwmqRVvtUH1Qxap+cx4X/KTNjUxHtd + BPA9PKUeIu7Cj0bjIHizlJT/R7xaVHar6sPCYvviiQ6koHPrI6NlKtgLXvqkjRFb + kdCgMeJYDUtdKJ4QYnLWdrSb5MoZ/Q3eb4DtZDV+N88i65cEg1fLHduAr+5y+YWG + oxlhPFgFA0YlMntLM55Ug4Hs6zBWYzLcFeUjGH2xJ5KDUyIbo/V00X+DPVSLVoRI + TT/ikxTqXsA5DIBtuKZvmbHjqcxMBvgCyO78WCTWMfE0FUz+/iqZSvORWiGHFJOB + t4Bw3s1TXGM9aruj6iiOy+SQQHAf84SyYUAQ/MziPRYrKQrMrGaJZ0NtyrdnfmVk + rWWVKHgmlGhEYnWYaxEODxLCm3Qo7jS4KWZ+jDNyEMAGDkXSCYzcuJ2Fjs3r1Z2z + 11dqXMb+S+wicBUrVkockagGOm2LpS6QS4jxl0ReDlka07V65I8+X2QnV5j/JeLq + C+q0wchfACJX/t8z2ckUElBXld126k7RiNCY2vMG5EHLMZAeVchJAB2M6+eYNWlo + j0VuBBjJ7ALTog2FRWeLNhhDKowHImEgO5IJYcHrGYXnqrRFDcJ3z8eAUTrWistt + UcVS+2qfWCmuv2A02zOAunt7352/CuZTwWz3OxrrGDgxnnYTbsDQNjN6gk/1HdDU + aAEJAhAkex9LqxYMmNmfJEFtR1pqPeMwTnUb4HEWD1wW3GnLXGLyRZAs5oLzN8i+ + GwcPJnSXBchoTSSqbuSXmxEz7OOA7YqXa1ZlnRku4LZx/4unVYd2SX1QhI7eVh0T + 02j5wqhnf8Nh + =esBT + -----END PGP MESSAGE----- + fp: EF643F59E008414882232C78FFA8331EEB7D6B70 + - created_at: "2025-05-03T20:45:39Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQIMA6EyPtWBEI+2AQ//fQv9HgUvIg/GX9SXAzPsap+rEg4hVQstjVh0bX1RK6lQ + +IDB9KjaeiXdx/MQUwVlql+35WtH4AaMQ223fRSuZ59TGz3b88nk87o0xZ5KxGvw + /MRrWEt8032Hay6Gg39tF/kyNZtJiUHZRw2cjt9Ny0u6d2z/HYDdRewst8Fc4wRz + NKWFLHf+im4AYoa9V42TbR0VJbxwMKJ579zB96aipQsuRf+v3gg/cZuJ3s68KQXv + hhudNRIFh+vlBcwOyZNRRsVxquGn+x0KJlqjsNH6TPXgiiixwspY76n0zI7fzTU3 + ukV0nS3FqpwM4V/ioZTXJr9NJ5hxMXa5ogNeD0WF3kp+ukPsfy0wbC5DbRcdg8E8 + /o+aND1HjXg0SI2jjEJdCyhpR008kzM8J1vYukBMpPaOX+twyfJJrugcyJCU5q5s + KlnMHssl7cVrtRXy2exdK1g0J5xIwRAcfQ9fF7UItOtFaqbuoCrmVTT7X3wiZxYN + ogVHxA2eOdTzo1APCwdlJMKTRc3RdzYxmfyBVcNj7EGq1ekWataIU2w4t+h1AV+K + ikCWl+T60U462I2wGN9W8DnBV3XRvIOxAoU56wiPEP13ejOPLT2jVxcDCz4YbqMB + tbZCTMjvUGm0gWINniobhBSSqql685Yl/4ZIkUnpS24BShshz3LcxSqmO7SGR17S + XgGQMLUfg9lupxR1LdlqLdw3IBIPtapKcF2VSYYuwL+yRMzRKelisQpIFeocr4Yt + 6ep2mu9JoLhWmGsowIhsd1JyKBq2o+V9rO68TD+xWtltpyPA81sbhccowE16EUk= + =5jJA + -----END PGP MESSAGE----- + fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC + - created_at: "2025-05-03T20:45:39Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQIMAz5uSgHG2iMJAQ//TlEKkG6EDgsc2ZI1BVETcVX+Z7fsGanpRu3U46XvAHF1 + Xazjl+KQbZDwnC5Xnppd2gn7WgJV8Bs7aHI6219iXZdOJ4GdO4xkYFz1LKVdnF6W + QAZWrAWJSrTv6dpN8L5Pm/fikxIxO21Hjy/EumKt5jQqxevu8pwaa+vHN2BdDRKf + glOsz+d6pyVvlAgyuewhRXrXwB7A9abMaaNLmWVedV5A9j96oQ2A3nQ2RNsZUIwP + kpNhjOQgsjO4qnb/81EeIMPgnKM4SZCmXlGsj6M4pLp7VdaJbrfJ8+XW/Mxi+8mq + VLcanBfA0fcPpHF9uXZty74Rg0Gc+zzqSo4VV7yqKJ5DBmlJTojYGfBY28DQe9FE + sJxi05paeF+WuSDqxM5uSoVHNya1MyFXk5MgxrUHicny7sjTeUeFQlbonNW1I5PZ + rzgVlon++e7CIvlRJyzw2Zt9HX9OYJh0GkqhEowQ2z3GG69ytQtTBv5W5xsn6iRw + a9PghfQWnHisIXTnEFRfyTQtUQytEvwU7YOy8bUpQ2VojnEe+MYFavUu6OQPJTuE + TMUYl/Q5/8fa1H4m4jObH4SuP2iqb8vzr2cycbytxbfDRzzgDLm9J+cvihSnuKEv + e5FpYJ6qGBuUgAf4eXeBhAf7m7lxOvLvpG7F+UlhBHry1D+ZJQqo7lWDsDIsg2/S + XgElbZ3RWUpulpfETZXBNjDXl6OBEcFFhwv8NQXAj9M97ord9+nO3zNJbv2OUAP2 + AZJh5Siuxoz1tYJfoxN04lNjEKvDNKJOmu8No/Nl3pItl2LsbGv/tzdOaBqz7KA= + =2tvG + -----END PGP MESSAGE----- + fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5 + - created_at: "2025-05-03T20:45:39Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQIMAw5vwmoEJHQ1AQ/+LEFVA/4g2+AH67eMQ35Kbv4N+vwxKn3d7b7wWglSYqG/ + yk8TaoX4axXNojlAKR7u3TPIr5PnNRA/DzzNVZToZ5E3RSFrDyS0ql6LMLOF2kRa + IMZnY6l7zMfIjX5SobiBlwHn1b8B+9drHOiQY08OvnB+RePrbT1sGTC7iGjYFcgR + RSOHCppZMmywfk7OpmyN1pUiOa75hFeyhUdfl2e0dhW9WeEK8SuQdP0qFgTK9WuI + +/udqqAsJtei/gJ1N5QbQtY/bG48AmeS9DdDxQMqNH1p01JLQgdqHNFl4ysADdMb + s+sj2JNT9pwZyCi0+8zCdrUeddyr4c78J7nga/O6I/+3R+E+Pu1zg57YJNa2aWsn + z0AE4Z/qtjJMViHStD9Ddc/1+CHrnBCLwxEN6MflpRpiFSSJtdxnMZ2zd5Ay/YLO + W52nRGlG+szOzPqI8V3M3enXrhsU+zRZKdMuoyI9/uRaJIxyN0HCrQZxJo7P2Rjr + savyiQrLVNeufl4x7cALadqwxSKn85JLnWQcPrlzqtmBPTuWt+LUkUiYJEG1Yguk + WisoYKfP/vM213afonBUfhAwqwAcf7svytBXGmxFv/W1YZ2eqNgUhM5qvftEb7/k + xG51fToNtgBDMJ0s+5AQqBq44wOJmR/WkMcePyzC2wHRgqEw9EMd/gbpjVOkwDTS + XgGNIE2nglqnYrCX7dc5shy4rQM0xsDGaY/91dHlp+WAm48O9Q28+i7rLLHa7wkM + uM1e0p0DLNRFZkVyJfY4HbVSTozphNw4fIlI/jKgHb6g+o8VTYAW8WMqln6Z0Rw= + =wOsy + -----END PGP MESSAGE----- + fp: 87AB00D45D37C9E9167B5A5A333448678B60E505 + - created_at: "2025-05-03T20:45:39Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQIMA4HMJd/cQYrVAQ//afGJ8tZq7sTHTusi1Effj47UFgMqfE4beFPy955qzHYI + 7Be2xMXMIq77ajGxakQAhV7AD6VKLzFlJWkSWcCZZ4hhLT1J/EMSgQlNdplQTunH + mGaj9qAJnUh3JXRMaSSfme9ZYEMBX3Tzm8snywnmbNiMHvyyAe21ZU+sntoIcshB + Wy1ZVSc1Vgagb9Q3MCoURHpaNfYO/sFLSSGs/Hbftd9Pu+/6mZRunqtl4U8YwQjn + TWsceeVLvb3+RcTZA2tsQfMe2TbYm+Tor2lPUvMDEkyApacgOjhTFHCZsRNfdDmE + i4HOMETa9J2s4VSUVj88asiEHyZRruisYj5U+gpNPX6xc3M9Bjk20basXmLTmgS7 + J151/fY5a51vgGvNYlzkKo9J1yn0iGsGNYUBtxidfndjzKbLB+Kqhte51W9TOlhE + 5hg9pyvnT6c83RvnEeiyrb86GXXQXiSermrmjid2zbocSm2N/nl22Z0TVIiW7Kx2 + y6JUdY6r06xawZV84FEi4ZXTQyvPUWCm3J/uQSBi7Q9zkxvEycm9/qLiyyWRH4UJ + 0XBfi3uCzSZ3wRgZvXmhNJL4VFzFZDTAseuGH8bLzhvgzVUIFGRXQnD9Le2lfgGY + mK2dOeqCW1gJ+lrtuc/UwoeVipxSlDgseT92861JM1g2rTgnElWCrEouqrLXParS + XgEUeq2hn25vwGt5tot7P47gXjcUU8w9opLp+pPJHP+L4Q2CTfPq/kMKgVlXAZVw + OzWTuP16fX6akp3jmfk/hYXLcH6otG+Wfffh0dnWdECxOZxNsGhoKpeLQ6/zdWY= + =20lV + -----END PGP MESSAGE----- + fp: 91213ABAA73B0B73D3C02B5B4E5F372D17BBE67C + - created_at: "2025-05-03T20:45:39Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQIMAxjNhCKPP69fARAApaL3AwoqzKVDuP05nEFbz9HtOIflOCWWAxY4PqevkVgf + RyhBjohxF0eun2rWVqMoLFKB+iKiQA/y3ttN5t+VzbZEu716GLR6aQbMkBwcTZ2k + iMztZzsP/7ssjn6zOVaLMamfChAVUkprXruVUf2zDKJXVsS6EemMmZyzdBlgLGfN + 5tcJWShEd2xOorLYCOpcFdtuyzuHj/igh934bmGkRq/5Q9+SX1A/pr60G3Bye4nN + ZptAtLDwvA60Jm6XWqZsWw9X5/QTws3q5wlMZZgI+CNlAfoFMZzQ01kLOVBBZ4D3 + sS2Yicxbc9o4HU4UY7mNqQfxKhKJ+7MWPvSC4ZgsEHPg1HKwJ3zFBpJI9d+Kc4kc + N2E7xLfeAYz9coDA+LBSGJy70kYwM87ywfnBvBlHeLyQwW+X03ZQkGRCut2FWERQ + Yt/ciSugCPtYvsoZdnrzlV3MoLJH/xUkXmAk8SEXgcosBMwKIyX4AqVXrytIWFy5 + a6VKAg482xWcQg5QKtqKXTS3qfWEyI78TG4TZo6O3FyCZn+/L5oU5UNSxJcLYyh8 + xFUVD+9tf8dfprba+HZBB2g9KGBLvoMpEDTpsb6tvrPhV416dyAP0qmAIVLXZ08t + n0VHo7mdpfRkMzzeb6ARnBm0jIUkvjHMUhAOjjb77FG6NnRlgk445FmkvGxkLUjS + XgEhPKCni8oHCY2ZtvLeKvl/XdlGH0OfDEraSyRDRJ17mg2XYy1muKVfVh4wA09x + O67A23mAIXPhQgXWFaml9wv7iEDHPTThJH5mvufd0+AIqfOEa91qboVMZ6ilnUY= + =hRXB + -----END PGP MESSAGE----- + fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55 + - created_at: "2025-05-03T20:45:39Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQIMA1Hthzn+T1OoAQ//Vx3UeZhZhEXV0fyGN4gIguntRwqmqP7sDHwR7Qjd993/ + iwh9ZoFv1I+/q45oKXyM+kv3DZqcDLchYHDj5N7gvL4/M7uOPpmOTo31aYHqfZLk + FPx4ZmwcN+20U18kPUDcBERsn+1NqGdBEW8FqxVMDVbdTYAajsrsfPm3FEU8gNSH + CUgUxVYymU8IPOzZKwd+TDwmIcUkPZmw6srM6tpxwz//s+1l21NAOrSwR0fYrE5z + iyd8GUu2GYjJIdscCybXxMUV/IJHaa422OGmhWvtKoJLX6e7sK/ev8o0ZDWvhPUd + HBtzyCEaygUfax1+QLZAraeJAYbjpAHeuy37UB0jgaUQXFrFkZKOjRMcPcIc9G3z + be6zcrEAdF8gQzeoTpzGAboCo5lLBLgQXPG+XMOjcfmpgJnjvHjaTK6wOZgZwJis + KxkXq0cX95Il+vBrt/k3rI2dsS2Jtb7k0pd33VApluJrS9BSeQCXdonoD1SrY+Wo + eXziX/di18RY0JShc2hjY24e4yXNUs8TsFXuw2c/v+Qk0qNBgF4/qahNZWjMGRZ+ + D0P5B1sv0Uebq+xzkDv0OqCQqJ4NnozJ70wgQTt42xya8ZkjO2DuQDUkSQ1rTnu1 + dqS6q5VAG8vfoITaRfvV19YkUCWEg8iWkdEZ7F8iinE9IkoA/Fa2x5LnW48Z3nfS + XgHxSgKKGO9N1kg8Fjo8fgc7bE4TrNEr7DzdinfTy0LkM7v5EEydxLOMzUyysWqp + gOXUFPXXaFgxfNXRu/0cdHKpDB4Y3vqSPUSTzhnfco9IFt4LAyHTohoRlx7V/1I= + =nL5O + -----END PGP MESSAGE----- + fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD + - created_at: "2025-05-03T20:45:39Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQIMA46L6MuPqfJqAQ//Qa2Mq5vcOMfLgF3lV6f0RK+IQdFoGIetj0dbIESkl9Q3 + 2mYnXqn+OIwRg1V0nz4Wpwj3vahpWhSAWIlmBLTxjEM7pP1MinM/ohuiT8/d6PEy + NEeut07slQuSeaD2WR9CBI17VNOQgvNKx6eB6zLH5+RlvXcSAR+5+0A2YxvMg2Qq + rOMi9eWZPqiRw8j3pFMxl8bBCgQybP355SLIQoL1PTMRBCIeKovaXHICjAvEDfm8 + xzy2hvzrQDYlSV81wdb6nBh9CGGmhOrRleE7icKqAzcwEHxo/FsHAyJsis6AhgO+ + aMF+PaHk3WLYg8T6+M40YMe7lML93mXT7Xmbax+igaf7ZASgyj8ZZnao3hr9ZZq2 + ST3cy+neZkr9vJbp/ZLPunKSxOTa7MzoMvIZFAKWy4nx3d7xagoNd+2BITBJNNlk + BYOP39v6LPh1tsMVrUQcC7Mrawq1xpn5C938rfcCHOsYxn9bU7b+aScFVqITh9uF + 5qHlfBn4/5vCc0bTc4Y3QyavxaWiP+SE8O8cO6QlqL+AYtZCfqdup2WH1wTOWrnd + G6UldxQpcpxyPK/4LGu5DcWWGAbbHa76k9LJZN3YrdSft5J26YLsyRUseGSmZ4/Z + fYG9AoqLOH2kKnCoj7kESmiz3lt7DCtvE1nrKUNJZTrcku+nLWjebHDGWjOH5HXS + XgH3vcgt2kbkogmgxt24pSLQeNK6SjI4fBiJutlw8VCyrqxDATR8yQlhAIGPLGbw + X5h4RgJGvSFMrrr8BPW7L/294eqPm2bbq/MRC2O/9ezO3O4453N01fePapEqqGQ= + =FkUA + -----END PGP MESSAGE----- + fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A + - created_at: "2025-05-03T20:45:39Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQIMA4EEKdYEzV0pAQ/+Og4gwY9vzUgLOPWYGVrcSIRSSgK3LngQLTD+aKDBybLQ + 0Q0ln9kpfz09Gq1fkwI8LuoeQ701qlVa+0WMv864tHJR2YmO4S8+IMu7qvX5W3pN + CEzgDfZL+ovOMSB71ZK9YHlliqauy8cnrYk/ucwQO1yukDqzutlPeK1CpE/f0wBm + A8patwmFGCSPYvmIBe48qsvYKP0JNVIFmhG48TaHQqc95YbhTYXHs9qz4WcFbMEr + T31+fv/jBgmIU+nzQcIhNfHJ2sdmMXF6rRt8v3mGQrOUcU5es6E9a3i0dVZFZMc5 + 9akn2ELqbZgu+wIH+sgpuB/Hw3AA9SBhaeRHKjEK6e2l06OCRF14EdB3WJLC9fFI + 0IqEuEK6dM2lkSCsEVTZsz/zj5Gf6kmXLu3mT/PKcui2Op4SIpjtv/CtlxS5kxxx + dDJd5aEKYnTjVIXrgUer7KD2Ld7oxWr0TMxGd9dlWHViiBWCIh2jrbwh/MYcXA3n + nMj3dUjdpTO7AZe3rBAzkfoMtx5a67HX4lo8WUJKzFgQ2jxvhyw+2mPdjfy1KErT + Fa/T/nnfIBAN+i2zLBTQEdCDEdrbSKTZD2/ulKSlEii1wK2ATQHISRzAORUNo60n + Dp9cFjITOoKeGdtrgfs+rptQ5mSuNNjJC5kUo86b/0IjJX8wjHKl7dtlkebhej7S + XgFcJ5WY/8eeXZpXT1ooY6OggJf7Kso2YYR8oZW7Z55zjyVfXKsJS3ytPNB/KAbd + u1G4BybrslSPyXQU9vuX4OSstiqNcqVOhNvMBa4gLnE5k7sumHI8dMbHcW+nBY8= + =AwqY + -----END PGP MESSAGE----- + fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA + - created_at: "2025-05-03T20:45:39Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hF4DQrf1tCqiJxoSAQdAlB/i5V7bWDewYv3RqyZMsZoxmskBKPe9cmvdoKc85zIw + 7NnX/YFhUHerQkrdEkilB6i0Hd7aiUQ8R276cLXh9v5EtzeBZiRrfe+2wPc47Q52 + 0l4ByI0bDgXa+Fw0AgTp/OEGDOXEUaSEafGEBv0YrysD6f/9WnKYTt5QjBF2Spij + f0pqADF8QdDW20fPZDOtt/gUezsA0AiV5HiShS7XsheBIDjL7cY15ST25GhXmmnR + =qZnD + -----END PGP MESSAGE----- + fp: B71138A6A8964A3C3B8899857B4F70C356765BAB + - created_at: "2025-05-03T20:45:39Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hF4DzAGzViGx4qcSAQdAPbYdliNriasz0tjbTIqqg51QWyNtsXN2PvIlxeMiCiIw + GbN1PKHxkcCwJX5K1zn84qRyL4t2ZNYHZo1Eq1XarRN4o9Ss5koJNH6KjnDePlPX + 0lgBBqapYcOipdOqSiXdRSvHe3muvvYPV2kH/OEsTySkPcaNPhg6e2lLkshHhVKQ + 4PleX0qXAwnZnXlY6QtALs1LZODye517DZKLZ+T/jT+u34kB92pcqtAH + =ZsVt + -----END PGP MESSAGE----- + fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD + - created_at: "2025-05-03T20:45:39Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQIMA2pVdGTIrZI+ARAAsW0YJG6AeX1hGHUJ/Nx8XgJ+tmdoyrSeSV2x+hoqsNJH + UNpByaOak57WuGor60zKTILJc2rDfaPF2ZzCEJJVmtfbAvbdAYfyA6RyHZJkOFsu + hacNVLIwYzbaRQhS/7IcmAifJIDJhEcjzkwD6LK7TnEhM13Y4DECk2vykZ1ex7hm + TNy8YKoLH614SthQgv+Zbnuqd3CP0Gj4N69+rGVMbJYIBwm5+kgucva3fYfEM3Sj + 9nDh+0XAWJ+Cid+ID2/IpDTpj262hlo+yISTsQIHfqdZ2y+HHb5NQexKV9G9eQJ5 + tdcw6//ttwLO6Aq+N5+DyaIZyge1xUGy64JBsn7ErWqKwbPYrVApFPXgzR3azzDB + v93BNLkt7O15xgMQryS+ADjgE/XJxrl+4yevMKn7RJp33zfFmoNQVn2OuDzNiw4X + +pxqC8f77sdlsz0sghvdhQVDGEVFx5QOoHihfeGEQ4is47oq2wmZM9uWEH3jFolp + cfZS5wTbAOjJjAn4ZcnSuNccKQfdPGKeitNYcCORBpgU8t5JfWIIVHNDTVM581CY + jPX+3Azr/K8hUWHxvNZIObObsW1l8VOiBsQExWVZ7jgwgayieDpQcm2JSAfnTcE8 + 18uhcR04g4i3BBlD98cyM7hBye+KzRpJ5PRCGvlp4V49PQKlGixCHA/1AVEHTbfU + aAEJAhApJpmpjyUSzNCpOfterz6jbX+WdFpvWiQwvyQ37R7xRb5JZgNlDQ5T/lFf + Pb2b5i0R3ZpGUB7si0PyiTMCqM3Cas734Sy/0Nw0nW7TqjprsTSOhSyTFfKJoFq9 + tuTBFmrwoASt + =MLHr + -----END PGP MESSAGE----- + fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533 + unencrypted_suffix: _unencrypted + version: 3.9.4 From 65b6eff5bdf3adea7ee3ceea0ad179f3b8ca833c Mon Sep 17 00:00:00 2001 From: June Date: Sat, 3 May 2025 22:59:37 +0200 Subject: [PATCH 2/2] pretalx(host): move secrets to SOPS --- .sops.yaml | 15 ++ .../pretalx/docker_compose/compose.yaml.j2 | 8 +- resources/chaosknoten/pretalx/secrets.yaml | 237 ++++++++++++++++++ 3 files changed, 256 insertions(+), 4 deletions(-) create mode 100644 resources/chaosknoten/pretalx/secrets.yaml diff --git a/.sops.yaml b/.sops.yaml index 2828aa0..98c8e21 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -87,6 +87,21 @@ creation_rules: - *admin_gpg_c6ristian - *admin_gpg_lilly - *admin_gpg_langoor + - path_regex: resources/chaosknoten/pretalx/.* + key_groups: + - pgp: + - *admin_gpg_djerun + - *admin_gpg_stb + - *admin_gpg_jtbx + - *admin_gpg_yuri + - *admin_gpg_june + - *admin_gpg_haegar + - *admin_gpg_dario + - *admin_gpg_echtnurich + - *admin_gpg_max + - *admin_gpg_c6ristian + - *admin_gpg_lilly + - *admin_gpg_langoor - key_groups: - pgp: - *admin_gpg_djerun diff --git a/resources/chaosknoten/pretalx/docker_compose/compose.yaml.j2 b/resources/chaosknoten/pretalx/docker_compose/compose.yaml.j2 index 20dbd9c..3707225 100644 --- a/resources/chaosknoten/pretalx/docker_compose/compose.yaml.j2 +++ b/resources/chaosknoten/pretalx/docker_compose/compose.yaml.j2 @@ -6,7 +6,7 @@ services: image: docker.io/library/postgres:15-alpine environment: - "POSTGRES_USER=pretalx" - - "POSTGRES_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/pretalx/DB_PASSWORD", create=false, missing="error") }}" + - "POSTGRES_PASSWORD={{ lookup("community.sops.sops", "resources/chaosknoten/pretalx/secrets.yaml", extract="['DB_PASSWORD']") }}" - "POSTGRES_DB=pretalx" volumes: - database:/var/lib/postgresql/data @@ -60,7 +60,7 @@ services: PRETALX_DB_TYPE: postgresql PRETALX_DB_NAME: pretalx PRETALX_DB_USER: pretalx - PRETALX_DB_PASS: "{{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/pretalx/DB_PASSWORD", create=false, missing="error") }}" + PRETALX_DB_PASS: "{{ lookup("community.sops.sops", "resources/chaosknoten/pretalx/secrets.yaml", extract="['DB_PASSWORD']") }}" PRETALX_DB_HOST: database PRETALX_MAIL_FROM: "pretalx@hamburg.ccc.de" PRETALX_MAIL_HOST: "cow-intern.hamburg.ccc.de" @@ -90,13 +90,13 @@ services: PRETALX_DB_TYPE: postgresql PRETALX_DB_NAME: pretalx PRETALX_DB_USER: pretalx - PRETALX_DB_PASS: "{{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/pretalx/DB_PASSWORD", create=false, missing="error") }}" + PRETALX_DB_PASS: "{{ lookup("community.sops.sops", "resources/chaosknoten/pretalx/secrets.yaml", extract="['DB_PASSWORD']") }}" PRETALX_DB_HOST: database PRETALX_MAIL_FROM: "pretalx@hamburg.ccc.de" PRETALX_MAIL_HOST: "cow.hamburg.ccc.de" PRETALX_MAIL_PORT: 587 PRETALX_MAIL_USER: pretalx@hamburg.ccc.de - PRETALX_MAIL_PASSWORD: "{{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/pretalx/PRETALX_MAIL_PASSWORD", create=false, missing="error") }}" + PRETALX_MAIL_PASSWORD: "{{ lookup("community.sops.sops", "resources/chaosknoten/pretalx/secrets.yaml", extract="['PRETALX_MAIL_PASSWORD']") }}" PRETALX_MAIL_TLS: "true" PRETALX_CELERY_BACKEND: redis://redis/1 PRETALX_CELERY_BROKER: redis://redis/2 diff --git a/resources/chaosknoten/pretalx/secrets.yaml b/resources/chaosknoten/pretalx/secrets.yaml new file mode 100644 index 0000000..8a9996b --- /dev/null +++ b/resources/chaosknoten/pretalx/secrets.yaml @@ -0,0 +1,237 @@ +DB_PASSWORD: ENC[AES256_GCM,data:JsoMNWdNAMTbiJWuaD3Voz7gJEUK4f7hrA==,iv:HRDsw/mIcCAMzpr02GUAFKby5w4r6zOPYqUYD8wDi2c=,tag:c6f4YjZxTORcDCkvztahRg==,type:str] +PRETALX_MAIL_PASSWORD: ENC[AES256_GCM,data:DTwMQu4VRWkr0o+7Tw9PFwpDXTnOj2k7Mg==,iv:c2iwnymiSKm079edPJw/TvUHV2mDWQFbRGBmibBBQtw=,tag:7VpRWhU1E3+m32KG+EDR7A==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: [] + lastmodified: "2025-05-03T20:58:14Z" + mac: ENC[AES256_GCM,data:67W/Ho+P2g04EmcVF78thDkibgeelSRI3WTyJu3mhhpl5EwXFiPcNjLe0ND3XQxWjn4F5+TLP2px8aY36upmXHIPys1ZLYL0jipF6FQI+0C2bFupOKll3/sFWWCp+51f59LDI1fiI4Q8nIMTASkieeL1yZmMHgrAV4JQyXjlCgU=,iv:cA30UqfF6rX1fxXiAx++kZwh8+EEPjB9+BGerCPdTx4=,tag:r5Yw3OFq3Z6KZJb76PwVcw==,type:str] + pgp: + - created_at: "2025-05-03T20:57:32Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQIMAxK/JaB2/SdtAQ//dOAMC1Doyk+FD0WTNYwmViJO53QQy69n6oYJ51+qE+zc + 6IHGmh8wAWKnmy5s0v5LJoewMf3XhGg5sIoXuBj5OBICKSRRGozzYNJ1No3py3PE + 2ml6FI5SAja8QBQzNoD+D1zP9ba6xYbwfkx2DA1lpBmXpVQsUot4A6P5WQHbH3uy + 6wpwTlvYNNm4SWuH7yH5f2NfYVhJqaKaI08N34mYQ/f1OuwjWZGpz8jjt0AH+aGV + AcMPEXQjHgq+Kd4EHXSj7YAR41tiPJhYzdpYOQ1XX04JaEVMCG0iYfrfbcFtbiWn + YZ3Ro0hpGpND2HJEB+M8NaOf41k9z75KTtGsoJJUIIWoCkdFxeMh7/UbxauVEV7M + ussl7Jq3jbwC4zvKzj8T/es5w4nPZ0AGzz6Wd2pmYuy0sdaOczEbVGlLtACTaHB6 + B/LXVdlRxCQxZ13ZQwMTDvdvz30sl1wFCh1MtVXQGNS4xEn8gufGgcgiN2H/OHRe + i5jK7ibeRU2aMPD75RXhSGNtN53FINAxkSa715inHFQVt6fXH39eJNLoyX7dZb+W + XsiBwjIhW5qd9rXEqy1W7QIZKA6GYuyPaBgpCaaqsTK+6kXinV4xYqkSghrodSkE + oMc394wMmL6CYiPDRr4IhjSjFTxj+5AKkJwnYY+rKFcPD8qyWYI18E9zvgYNsK7U + ZgEJAhCf1ciUAngZMQtVrIk2NqkzJlwPdw3OyisZxsWsZcSf9zmIHA6uETAkwHWB + IGh6dAB4TcQUjj7eTDVI8kYd3oaKwrQMGhQeBDfOA8Kl5d03+WwjMTozwMnk43oP + 915KaE3I7w== + =lM8/ + -----END PGP MESSAGE----- + fp: EF643F59E008414882232C78FFA8331EEB7D6B70 + - created_at: "2025-05-03T20:57:32Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQIMA6EyPtWBEI+2AQ/9E/r31WwmWMkqOIvNHsCPZKYn9WaL0L7a4fbXQ4CdxKj9 + 0/0aIHz8B0G1BLXavdQnkFSu5BvLeaP858BXtP7R+IghzMuXz77i3tyszXU1MZYT + qQ1JQxj0e8LUw0E0FhrsopWWALZ51TruW63JQVyJNVhyRUFrJ3ejGuP3jCJUmNRS + NfdWoyHHOGtdXHk9j7Afwg2xn0ZABObCD5Epwlns71xPe/sTDzELRbY2S66yhd1N + fmOgw7FrwjrRrtiFarhFY0gUYEaMIZDndOQrjhBbR+G3OFMg4ia+t2xH7A2y7Pj0 + E1TcWoeZH2Pz3A6C596lmfXO19AsKy1flfMvugl1o33UsOYqSxu45JaFX7BEJBDW + wUh9lCkGwB7JM6XjWPcgrtLutOELZFxVrnzrNtJVSq2j6uhEB+Eh3C7c/iaJRn96 + 0x7yl0Va6X6/5NAtGpXpsJaQtz+TFe7X4hVcOEJX2l1qpPkjRcE1IczJFjyYV8TL + beq4qV81AL/RdR+HDQ1nGsmunBV/94UMG07GhTYjNm0QFWM2IhQkgs4oHeBeSqm+ + uXVpY+SFFoQto9+YHX7NnBkg4kiFy6A9tsYQrqffMPQZBn8V81KQkRnduNTspF/1 + 6E0ne/E8PXqmSGedCEyPLzLXIxrWC389cjcmF350wF7l9F620IBINIMtqgQMQz/S + XAHXATKrETDrw2YDgwLbB9oIptUKob6B/BB5P1uFhdaCarbq43RqYnWcLZxdO5WJ + 5d0lbZ82ykBAo9BUswnaY3XvwYPRk+bF79pQ15xljjksiFF0Gg+NzbilNkbS + =QV7i + -----END PGP MESSAGE----- + fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC + - created_at: "2025-05-03T20:57:32Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQIMAz5uSgHG2iMJAQ/9EF9rxFPcZShqJZn5hyUQ/Y7RO/htHo6jdqFu/DfpBcCZ + +pFuyR5Lq2etOvxbB9/HEqAKxbpeRzReu7c7D+WZz6CaS/PWj5TDxt03x6jNQQE2 + kCiZzTEB+VchmDnC4ifgX6rphvqd7GLjwXjXCUcGjMne9ANJJrEQstdZ7Q/GR6ra + Fp8I8hfrB0IpghL0gfVFw1HvKAaprKUOMBXfLqzPbZbYxdKMPC59ShrzgstHgF+x + q4uZgu+EOcpncTGvnReFbQjA0DgKyRGhATvAzASvqU3sBRAwm2hugVrcmWEpQRZP + QoLUchCLelcIf0eeolq5E2kxWxLTiyiGN7F8CoVfkwWmqyNlGweqUI0+eTPW9XsI + hEnpeNmFtZPTiTPxTYAb346m9lcslsJYccbFMZEIBwk3xB0ijDF//4Q+5CIgGHNq + Pxw+z/NTvH5zWhotA8/yiP8iAfa2MikUmhDr+stCmUSjnyWsgS6ncWwIP/H4MCEI + Lk4rA8mQ/gkS9UDh6g3ftuAYJIgPz7jVpQn5oA21VdwdeFO7YyJCXlhTL/oMeW7r + xuV+BTEobFv1wrGVtVEt2cjjbodoINFXhXiwonnXquhoxk/ONrQoB9I43j0+C65U + w5LRhMMR0ao3FKHxwI4ih9JZa+3yocbd/7E741WBqvB/DPzd1XRQzP+x+HIEccfS + XAF0UX8YPVCbuJs1nVVfyJSHuRQSplhuBvVfsIwJCDFroXYaB1JtkDhVVHCofnJ1 + MVhWIptfVbmY/C957CLNGHXZgE64cGvAXn1whzzGch/KlB7//DEW1iS1fbUO + =fypM + -----END PGP MESSAGE----- + fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5 + - created_at: "2025-05-03T20:57:32Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQIMAw5vwmoEJHQ1ARAApFA1MoRir94aqTlZF1cZOOdu8za6fOPxvcSICMV5RxFw + Mq/9xFVtfGJ9VfYxW/im7HG1r7EjIpmOwXlm4fLGEIpafBrcJrQi0bxlbCB3p6z9 + xuzCcmF5Tphuuh/LEBBhHnt3crJyGrWTZ2Dy7+wPSPEnN91bl3dGsHr2Kbis8rBa + QGiv5l0sqMJUWcZUmHTnvhb+KZU4dQUl+qTLM36X3ChSMFpuAO4w3YwWJ74F1Akz + b/6eIt3u87WD2r+ny6DXTNsDVIymGnsxIQLA+YSGhf4mwtl6HOZlBBxFKkxFp4HU + 3QA7zPwXY7g50pvlc3KJMNuZRTy0W9mpCnYKjHQzYkaD2JfVIrGmmQ47DEMnz0bs + 1pgLCbFE9TO1ur82QNntggSWQtOHr2ZFbF3BuFjIQ+V9rPHdCtGFFarZhwC2t9fu + KSE7vyYKO3o7g3BtOmqb6mqJswX1qTSyVOj4aqGSjG88lZq9WJPULe0w9rqhKwjP + OTrXm0xLSUk8QWx6V7d6kKiBH+QRJkr6gEdqovzFH1XNwtUnMIkCBudQgJAw432W + nOPfgXSifTT2hs/cWHo5ttoRiWOsvuqrCBmCETeE6L7uQoi6bhVVz2TBRVcc0rIR + 9AkuLc4mcQ3aby01+cK1ZVRybzTTVSmwGmssr2UwwxlhQUA+r5OjPugg1ynoIk7S + XAENR9L83Exjk8DsMKufYwRMMcZSyHzsH5p3ucewe+euYwCf3tB0iZPkHCdSKTST + o8lGtavDKNn564tKDeH1miuvas+e6FVLcdljTqZZoS9I1IX0LRnLLQbpFVzS + =kJu+ + -----END PGP MESSAGE----- + fp: 87AB00D45D37C9E9167B5A5A333448678B60E505 + - created_at: "2025-05-03T20:57:32Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQIMA4HMJd/cQYrVAQ/+PKl8d6yCqlY2t4TS3MHHvxcPWrXM1+O2MKf78tH2OeiT + fBwxUChpNIvVX3aWSPheyFb/1PMJ/U828wPDMbBZrII2J0UXvCqnmuL08m5fT8VC + JjlkfnULNrDai/mPyxtpGJXnOm9JEmnUETl4xme8DbaWWg0QF73N4h+dB45olL2D + xYyeEZlnk9OX7fy68ADKxc9n7E17MjL6X4PV0BGx/15QhuPnwTFxCpe4F2dZqgAn + HtFunsjHwy9vptoGlh0KatCJLdaZaDEhmo5bQtxlpph2QJpstk4pGdLn5SJAUCYQ + bvfEeRFJl1yx0fLzYr6vQnqr79aFXVdV51ZDtAv0m2I83b34y4FDBvdoLrSUMGbv + ksmk7qxpknGoJqhMdORy+lBMGffG6EdcUaIdHqmLe7GmKrPh6CdNHzaKSPBIlZiA + 3YEVSEcDiVNuoQBAgJXUh29MqXIOPJoFw2hO2kwfYebYA/Z7ESisD6oCOiOIUspY + Gyn2T7TFHVqFfa30xA9eWYe4GkSVTGsg5/dCVpJxJI1L6dx0kQAIZVZ5vZzwticX + 2I+/2hVl2koCMqZJ8Ggx2VDLDUV1UMuolBeHXD4ci+3PcBtjHCVyXGGBls52jjO8 + ooUEkVWwg9PhQUy0royZ7E6GEfmQHtdvI3tONlcXa9J8OUY8sBT2G1uek5jQFN3S + XAEfIAmGnoJPreDGSqVu44YCjImBEwVrDYI+R+WvDbfr9OCaokQAtxTYg4C21OV/ + xaa6RmNG7Gjp8v60hj14k8Q8whvfBRvYLss5P4VhQAKquuEucblMwf9QYghk + =MMok + -----END PGP MESSAGE----- + fp: 91213ABAA73B0B73D3C02B5B4E5F372D17BBE67C + - created_at: "2025-05-03T20:57:32Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQIMAxjNhCKPP69fARAAiGtaAJAK6xOYlOoTMt0G9IrTGN7syKHld9x5sfFJxkdE + vDMWTmAbUEfteFfyB4YiZVvC+2PPEaXKAy73t5mZDzq53PKIdBUmiGseNZYlKm4P + 3KKIX+WdYBXjdqzG4TiQu/TibXoDNEJRxDw7LE0dzfPWtasbLREVRrrW1vaAq6Tx + hcs0eAmxpJ0Hmyz9R+sWTAAYaTxHTkbkCyCyqmAZF25lOlsbPFLsXXD/BT00CRB5 + RM5XwjrG+3AjbY5x3vVrxI6Ni2395C1cFnSew7ZITscC9//d7nTi4Tim3ll/de4j + 5IIKykMdzsAchQuYyr+fljoOs0qOAUW18eyOE6Quvh+Hg3gnvEma4HPo5LkM7RBA + Uf2ki4FY3OHWJb6KcQL5VKKMzlfp66zEAJoQTWkvMfas5c9injn4ZrEj//BljXmf + Es1DtC46ZMpflZ10qj03ND1zYMdJvATk+lRGD8KdRr5aO50orLsyO3irtfc/zMok + mhg++vw4cj/5AtlwqntXGpw4gE0/2QKdHS5LPC1ijx0aK6SFXv6jC8B1qNT0fF/m + wL6gz2Ty7aqSQzKrxVDFXzhfgYVRz48LzptHpFjTJjQGYxWxoCFMlYoejMTuA7ja + FNjvBayX2ZSMgVaqgk+wOeh8uSYfszu6VkH3kFCMqN7WvRbaxkIZUAbEF76Kj6zS + XAF2aE/v/i2VD21EhGX9koMJXv4tmCwcvUlbdukF/yJBstunXzTGO+X2ePJ8AkS2 + x0ZAlzof3Xdm2SbRGlCkFOMWr8u/K1je+MRN2igmZO2NglAwp9bGbSf+sHjA + =aXJg + -----END PGP MESSAGE----- + fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55 + - created_at: "2025-05-03T20:57:32Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQIMA1Hthzn+T1OoARAAjz4TsJjNIvhb0+Jket7pqZTp68OGNaFuN8dc67HoqGLV + LBstxz0qkj8kr+UTi+QIagbKVTu/P5qFEJ0V4d12+QMbwR4yRBH4KYJNYzVgjXsb + oxkeHxo25/FmHDNz8z0D+CdCAOS4P24qSOKcYnk4vhZ9xI/3BmEH2pZKE6HUgulr + ZzqKkJuQyVwpzYgsA12ps7SycPLkAfF4TEBcE8luZlNDq/V8yxwEctpsmNlvvBoX + My9SycdGBTOTwbW33hx9lMyZL1b5Z/hlxduBKBmSHtf+o9KAWZpo8Hn7FtC6eFoW + j72T6OhkHIwme9p8CMUbg07w4jqtAU4qk0YHBZMJv4LmERnrOmG+24OYEFWX3bfU + n08HRy5sp64jH5FYUtcuEkex+jeA2yLxskXVhzhQk9Qrnw3MJtd7wnXK+fz2Dpki + 93KINel3Uw8DJJGui/lx1lerCyEU/fqVYtC5xYy0rzl0ZlBK7f9oSl9bxOo5vuHl + NT2Wb4r4v1xSewvPIxNeF4cLIC1wa9GkshmA50uOgVPptF/L1xMIwz/e86mBsLlG + byQNqbbezfK72cBERgw2tVlLrGXlPAQiGGocKNzIrythRrdzjOgw2Bmb2sfXw4J1 + vCF5nwN/joRngd0iepxYYKlx+zq8G0wRwd2RXFscDXxkH+ouRxVWFdX89GqcjOPS + XAFimzl4DsVpB+abVl/pGaNrQDrYnwbPvbh+qNwKeMO4B+3VDzP0GN6LdNxje5/1 + kJrmR2KqT6eDWq4R8El90RkZmr3Z6fc/SffCQoUGxGkEapWitJdkK0jV0Df0 + =nluu + -----END PGP MESSAGE----- + fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD + - created_at: "2025-05-03T20:57:32Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQIMA46L6MuPqfJqAQ/9EGmj5h30qhRClaFwStf3b63Couzf8h+7Dk2GUuCJoBq1 + +WDHDJW8zBSCBHhHlOmB2j4gUfrVHOHgbdEBQoMFatCpBWWVNOO/NwBCZwwL6Dp5 + dmBA94bW+jOk4is4ecQ10zPBg06GVzpDuefYKH4BS/JJ8ecQ0q8cWO/smzUcpsNd + dnN3J1Py5VZOz8CO0SO/WMOoV5NA/yPmc7LL/BiSRtDEfi05r4r4aDLK4mJ/s7Fe + /7vllPhC1ZxntQ//1z0cfX33nKEtyTkOh4L+BPnrqGCM83zruAfSV870Ws+iPbHK + +S1uCll2ArflkzF0YiaqZd93IH0KTDHUxOPwHjL4J+apBOCmKoyd1nYEl3mVNQhp + NArOEwK2ws6xA3eLGjI3pKtsyWKXfgblyyQcSJAZ1YHK3I3YPVcPBFE+zp5puEMS + L0g/d/uzUvAG8GyYItAj/xEgaCaslWZrLAroZ4X5XRrZNcNCsO54m0t3xxPKikZm + ZUFV79+iG+Wb/Ib2DkPOKmOV6WLa5PGtK4PUUGKcTp0FbWhtVeOZUOmP/LkmrxBr + mSfnmKdiOYlyVNpaagI+XlGNSWU+9Im7r3FO/IEv5wmt+k3dpM6dGzaty1Q6ffVB + 6OqTZ3KrKgOMj6WIC9K7INvfbGijBeONjvapvg7SjzoXeyGqwS99IJrvdxnnc+DS + XAEUUYcXKmS0saM0DumdcOlfTZnzcB+JOiBI6+wbh2xiRy77DCDy+xW4m3tKCCvg + vJdEJNsSA4fpzZbjd1a2NhEthJxDuuiKfMmnGOCX9DX+SprzWzjJJiew47s7 + =Zu7P + -----END PGP MESSAGE----- + fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A + - created_at: "2025-05-03T20:57:32Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQIMA4EEKdYEzV0pAQ/9GIgxeDdrdDRTroHNgkVYoHLS+jkPXIygUcO5OGsmz/JO + kYxdW11QH2xnOz45e6wM2W/6Vf1VPZCeqSKxEUXHQkXnqPnqD3zw+ukO4285gDb8 + 3reybhsXXR9L161H+7+sUyu0y3n5+wPTK0K5Y1UDxZ9r67cUfwvQu7EY4Fs2s4yG + g9d/thE6rR3lUIc7w2XC6veeVAjJrdvx6v04KaT+YQONfEu6GVNnA2vircH7JK6C + cqx4J4TGFS+XuSPm/07rtJLT/qD6Qao7JeOJFXhEwdTNu1p2ynmqUA0Pbh/Hdtgk + dv4kW6Zx1yoUuqPf5ehQIcFD3IHxlFAC/ZYOyxwfTgYbdfZC5iQSytapFDwjMgYG + Z3Mto5fwlhblagGQKZJ0TZZOZDOcJA5vS0IBQPYslZEVhRkAffJ7YHiNdnylCt0S + kLNIkq/wGZ6NTffonJRz60ADUw94jtS6pAjceIv3hlnn6MrkdoYAkilv+dS7qSj6 + fGlIQl0BnHUe5zaDAkQrXeasbTzOhOZTTb1LuKw/8c6CKt8qA/I+1ragD5VtOW90 + fc+o3Nu33MRirTyvtlltBnlu8u47wYU2dRPZz7rmpX2uBwKBi+qoNcWt806HgynB + HWqwrSNYv1y5pCaDQEsVX7vFQY17MN/4h2B9k0/KSlLWntpjo8wJ2yAVLUbOwgbS + XAHW8GLQha0t/NaDykltIdEWJijiX6faokYrd/hMf7MYKAU9M1t8C6LVJzM2k9D9 + eMdKf2b12CPZZfvbA4cVEvU6XoDWTo2RoDhzMQU7QugZ1vUt+lYTx6t7F0Us + =Y9rf + -----END PGP MESSAGE----- + fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA + - created_at: "2025-05-03T20:57:32Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hF4DQrf1tCqiJxoSAQdApm/pMPZEGvqpq62PDegCOFtAHb9gu2NbHanCGEaf7DIw + 0u75A6818/eKyi8ALEuydUDBNi2vwGSncUuZEacTlLZkLAW/XDi/wlXSkBv3OGbF + 0lwBWvKAZmPmQmU+aHQPH9RLNk0SAl0WdQtCveFzy/UfSkNX/QS93dbhczo6dyQX + ZK3lEsekBVR2FQhe7+bC8Ry+Dh04bsjnD4hCPI0lDM4loQoBg3xsw+41GIwOSw== + =yugu + -----END PGP MESSAGE----- + fp: B71138A6A8964A3C3B8899857B4F70C356765BAB + - created_at: "2025-05-03T20:57:32Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hF4DzAGzViGx4qcSAQdAaiybhXQcYfg5/0e5Zd5ctB1ncs4PIIdzDVzm3wJceF8w + 3rliNGXbcZB8THk5g49nvCHdkDNX98TF05DkaKTYjZmC4er8AqbRwamt/xkInuCR + 0lYBQsS9bNcZBar8dVL1OC2cu7F8KyT6rmz67Oxg/ACjo3o6Trq1/KVF38Zmqhov + YlaYXB476wDXA6aysvxcae2TKO4GhwNHQokyUJYsjT/0mOXG2hd2RQ== + =KJs0 + -----END PGP MESSAGE----- + fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD + - created_at: "2025-05-03T20:57:32Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQIMA2pVdGTIrZI+ARAAj+B42CzfPhIqhSKoLePF+uJBPZl9HCmETvznhutyfDPs + +jZT9QNTCMub3FdWU1joP9T/V0A+o0Q7BYa2O+q5/19F/w/+Yk2XSJNu3RfYSpq/ + KgLWGSj5Q6zVp0FfVCxoyEtCNy+458mNxn4HvHlPsJwnP+u8MZDd4Weswqx1L9qq + KWIiQ/V33P/miFD6pMHyoi5P0ue7mmuIDtH8D0pLhAVHAhM4s+YBF6OTpobYRTjr + rm1rNp5Rxu8hjOTpmylCtQJZeud/zLb61fUsAO9svq/Rf1RTGiGwOUv1l0v4mVto + Ib60J1dSdr6TBCmUthPlE7NskIS3B2wRL/GfsqZXazlLBsJf6GEWEFcMGi6bS/Sn + XSX5PvSp6SI/9UXPBVXlpDfwyvBulilSqRR3HC45XYj7Zqb2HWkEZF1w6+jYCuLw + z9uNFR7BX4AzrhEPZ2xYfzMIT4Cd0kQ6oFLfpvFKbLXBNLisqvGhzVBjHQHmK4ou + 5NgoTAVvhpuO/LZf88YZ7/u6jwo0r/pPCyyW6I+raJinUGfBmm0KP2Q6xTXRAMkv + OMCLEP+Hjm7xG8g+oJ/RsvQkvpQ4MHhx7cDQpqQFSV/5DhEMtANth1Lb4mSYlmPE + 2TseTrARXbq256F2clDnldlWnnkakzwyGlAPvJfweJ4o67Sr+e6vX0I7HxKjQ+HU + ZgEJAhDJfWWDsTZ2nsH+w4vS+JHZmdoelzKOE1wTioAEb3RZm2wEvw3gI6N/eOfG + u6n7GTEbjHZRcvysbtnXS2PRiW8iNMK8pxW7t/Pc0MfOnzaF2bQRoOels2ITqo7I + gQS/Rpv9Ag== + =6U7r + -----END PGP MESSAGE----- + fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533 + unencrypted_suffix: _unencrypted + version: 3.9.4