diff --git a/.gitignore b/.gitignore
index e69de29..424bd26 100644
--- a/.gitignore
+++ b/.gitignore
@@ -0,0 +1 @@
+.ansible/
diff --git a/.sops.yaml b/.sops.yaml
index 49bd543..d19954a 100644
--- a/.sops.yaml
+++ b/.sops.yaml
@@ -3,7 +3,7 @@ keys:
- &admin_gpg_stb F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
- &admin_gpg_jtbx 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
- &admin_gpg_yuri 87AB00D45D37C9E9167B5A5A333448678B60E505
- - &admin_gpg_june 91213ABAA73B0B73D3C02B5B4E5F372D17BBE67C
+ - &admin_gpg_june 057870A2C72CD82566A3EC983695F4FCBCAE4912
- &admin_gpg_haegar F38C9D4228FC6F674E322D9C3326D914EB9B8F55
- &admin_gpg_dario 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
- &admin_gpg_echtnurich 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
@@ -12,7 +12,7 @@ keys:
- &admin_gpg_lilly D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
- &admin_gpg_langoor 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
creation_rules:
- - path_regex: resources/chaosknoten/cloud/.*
+ - path_regex: inventories/chaosknoten/host_vars/cloud.*
key_groups:
- pgp:
- *admin_gpg_djerun
@@ -27,7 +27,7 @@ creation_rules:
- *admin_gpg_c6ristian
- *admin_gpg_lilly
- *admin_gpg_langoor
- - path_regex: resources/chaosknoten/keycloak/.*
+ - path_regex: inventories/chaosknoten/host_vars/keycloak.*
key_groups:
- pgp:
- *admin_gpg_djerun
@@ -42,7 +42,7 @@ creation_rules:
- *admin_gpg_c6ristian
- *admin_gpg_lilly
- *admin_gpg_langoor
- - path_regex: resources/chaosknoten/grafana/.*
+ - path_regex: inventories/chaosknoten/host_vars/grafana.*
key_groups:
- pgp:
- *admin_gpg_djerun
@@ -57,7 +57,7 @@ creation_rules:
- *admin_gpg_c6ristian
- *admin_gpg_lilly
- *admin_gpg_langoor
- - path_regex: resources/chaosknoten/pad/.*
+ - path_regex: inventories/chaosknoten/host_vars/pad.*
key_groups:
- pgp:
- *admin_gpg_djerun
@@ -72,7 +72,7 @@ creation_rules:
- *admin_gpg_c6ristian
- *admin_gpg_lilly
- *admin_gpg_langoor
- - path_regex: resources/chaosknoten/ccchoir/.*
+ - path_regex: inventories/chaosknoten/host_vars/ccchoir.*
key_groups:
- pgp:
- *admin_gpg_djerun
@@ -87,7 +87,7 @@ creation_rules:
- *admin_gpg_c6ristian
- *admin_gpg_lilly
- *admin_gpg_langoor
- - path_regex: resources/chaosknoten/pretalx/.*
+ - path_regex: inventories/chaosknoten/host_vars/pretalx.*
key_groups:
- pgp:
- *admin_gpg_djerun
@@ -102,7 +102,7 @@ creation_rules:
- *admin_gpg_c6ristian
- *admin_gpg_lilly
- *admin_gpg_langoor
- - path_regex: resources/chaosknoten/netbox/.*
+ - path_regex: inventories/chaosknoten/host_vars/netbox.*
key_groups:
- pgp:
- *admin_gpg_djerun
@@ -117,7 +117,7 @@ creation_rules:
- *admin_gpg_c6ristian
- *admin_gpg_lilly
- *admin_gpg_langoor
- - path_regex: resources/chaosknoten/tickets/.*
+ - path_regex: inventories/chaosknoten/host_vars/tickets.*
key_groups:
- pgp:
- *admin_gpg_djerun
@@ -132,7 +132,7 @@ creation_rules:
- *admin_gpg_c6ristian
- *admin_gpg_lilly
- *admin_gpg_langoor
- - path_regex: resources/chaosknoten/onlyoffice/.*
+ - path_regex: inventories/chaosknoten/host_vars/onlyoffice.*
key_groups:
- pgp:
- *admin_gpg_djerun
@@ -147,7 +147,52 @@ creation_rules:
- *admin_gpg_c6ristian
- *admin_gpg_lilly
- *admin_gpg_langoor
- - path_regex: resources/chaosknoten/zammad/.*
+ - path_regex: inventories/chaosknoten/host_vars/zammad.*
+ key_groups:
+ - pgp:
+ - *admin_gpg_djerun
+ - *admin_gpg_stb
+ - *admin_gpg_jtbx
+ - *admin_gpg_yuri
+ - *admin_gpg_june
+ - *admin_gpg_haegar
+ - *admin_gpg_dario
+ - *admin_gpg_echtnurich
+ - *admin_gpg_max
+ - *admin_gpg_c6ristian
+ - *admin_gpg_lilly
+ - *admin_gpg_langoor
+ - path_regex: inventories/chaosknoten/host_vars/ntfy.*
+ key_groups:
+ - pgp:
+ - *admin_gpg_djerun
+ - *admin_gpg_stb
+ - *admin_gpg_jtbx
+ - *admin_gpg_yuri
+ - *admin_gpg_june
+ - *admin_gpg_haegar
+ - *admin_gpg_dario
+ - *admin_gpg_echtnurich
+ - *admin_gpg_max
+ - *admin_gpg_c6ristian
+ - *admin_gpg_lilly
+ - *admin_gpg_langoor
+ - path_regex: inventories/z9/host_vars/dooris.*
+ key_groups:
+ - pgp:
+ - *admin_gpg_djerun
+ - *admin_gpg_stb
+ - *admin_gpg_jtbx
+ - *admin_gpg_yuri
+ - *admin_gpg_june
+ - *admin_gpg_haegar
+ - *admin_gpg_dario
+ - *admin_gpg_echtnurich
+ - *admin_gpg_max
+ - *admin_gpg_c6ristian
+ - *admin_gpg_lilly
+ - *admin_gpg_langoor
+ - path_regex: inventories/z9/host_vars/yate.*
key_groups:
- pgp:
- *admin_gpg_djerun
diff --git a/README.md b/README.md
index 2ffd636..5a3d90c 100644
--- a/README.md
+++ b/README.md
@@ -17,12 +17,13 @@ ansible-galaxy install -r requirements.yml
## Secrets
-Grundsätzlich sollten Secrets vermieden werden. (Also z.B.: Nutze SSH Keys statt Passwort.)
+Generally try to avoid secrets (e.g. use SSH keys instead of passwords).
-Da Secrets aber durchaus doch gebraucht werden, verwenden wir [SOPS](https://github.com/getsops/sops), um Secrets verschlüsselt in diesem Repo zu speichern.
-SOPS verschlüsselt hier die Secrets nach den "creation rules", welche in der `sops.yaml` festgelegt sind.
-Grundsätzlich werden hier alle Secrets für alle GPG-Keys aller Mitglieder des Infra-Teams verschlüsselt.
-Das eigentliche Laden der Secrets durch Ansible geschieht mit Hilfe des `community.sops.sops` lookup Plugins, welches entsprechend den lokalen GPG-Key benutzt, um die Secrets zu entschlüsseln.
+Because secrets are nonetheless needed sometimes, we use [SOPS](https://github.com/getsops/sops) to securely store secrets in this repository.
+SOPS encrypts secrets according to "creation rules" which are defined in the `.sops.yaml`.
+Generally all secrets get encrypted for all GPG-keys of all members of the infrastructure team.
+Ansible then has access to the secrets with the help of the [`community.sops.sops` vars plugin](https://docs.ansible.com/ansible/latest/collections/community/sops/docsite/guide.html#working-with-encrypted-variables), which is configured in this repository.
+A local Ansible run then uses the locally available GPG-key to decrypt the secrets.
For a tutorial on how to set up secrets using SOPS for a new host, see [Setting Up Secrets Using SOPS for a New Host](./docs/setting_up_secrets_using_sops_for_a_new_host.md).
diff --git a/ansible.cfg b/ansible.cfg
index fed728f..654da28 100644
--- a/ansible.cfg
+++ b/ansible.cfg
@@ -1,3 +1,4 @@
[defaults]
inventory = ./inventories/z9/hosts.yaml
pipelining = True
+vars_plugins_enabled = host_group_vars,community.sops.sops
diff --git a/docs/setting_up_secrets_using_sops_for_a_new_host.md b/docs/setting_up_secrets_using_sops_for_a_new_host.md
index e612d09..c88315f 100644
--- a/docs/setting_up_secrets_using_sops_for_a_new_host.md
+++ b/docs/setting_up_secrets_using_sops_for_a_new_host.md
@@ -1,15 +1,20 @@
# Setting Up Secrets Using SOPS for a New Host
-1. Add a new creation rule for the hosts resources directory.
+Because we're using the `community.sops.sops` vars plugin, the SOPS-encrypted secrets get stored in the inventory.
+
+1. Add a new creation rule for the hosts `host_vars` file in the sops config at `.sops.yaml`.
It should probably hold all admin keys.
You can use existing creation rules as a reference.
-2. Create a file containing the relevant secrets in the hosts resources directory.
+2. Create a SOPS secrets file in the `host_vars` subdirectory of the relevant inventory.
+ The name of the file should be in the format `[HOSTNAME].sops.yaml` to get picked up by the vars plugin and to match the previously created creation rule.
This can be accomplished with a command similar to this:
```
- sops resources/[chaosknoten|z9]/HOSTNAME/secrets.yaml
- ```
-3. In the following an example on how to then use the `community.sops.sops` lookup plugin to use a secret for a host.
- In this particular instance the lookup plugin gets used to set the `nextcloud__postgres_password` variable in an inventories `host_vars` file to the secret value of the `DB_PASSWORD` YAML key:
- ```yaml
- nextcloud__postgres_password: "{{ lookup('community.sops.sops', 'resources/chaosknoten/cloud/secrets.yaml', extract='[\"DB_PASSWORD\"]') }}"
+ sops inventories/[chaosknoten|z9]/host_vars/[HOSTNAME].secrets.yaml
```
+3. With the editor now open, add the secrets you want to store.
+ Because we're using the `community.sops.sops` vars plugin, the stored secrets will be exposed as Ansible variables.
+ Also note that SOPS only encrypts the values, not the keys.
+ When now creating entries, try to adhere to the following variable naming convention:
+ - Prefix variable names with `secret__`, if they are intended to be used in a template file or similar. (e.g. `secret__netbox_secret_key: secret_value`)
+ - Otherwise, if the variable is directly consumed by a role or similar, directly set the variable. (e.g. `netbox__db_password: secret_value`)
+4. Now that the secrets are stored, they are exposed as variables and can simply be used like any other variable.
diff --git a/inventories/chaosknoten/host_vars/ccchoir.sops.yaml b/inventories/chaosknoten/host_vars/ccchoir.sops.yaml
new file mode 100644
index 0000000..be571a4
--- /dev/null
+++ b/inventories/chaosknoten/host_vars/ccchoir.sops.yaml
@@ -0,0 +1,221 @@
+secret__mariadb_root_password: ENC[AES256_GCM,data:bevk9PiMUAP0YBYqpVw9PLEz9ITKVRQ44Q==,iv:Qjr3pOWzcDWUpJAakrn31OCcvcaciJLgS1Zp+YZPWPA=,tag:DB1l6lsy+aHa+U+QLAM3tg==,type:str]
+secret__wordpress_db_password: ENC[AES256_GCM,data:QsvJ6NH4ySsfSsP3pWEx04vxjIph1Wk/jA==,iv:AnocV/jXawXPxQ0dLSw05b38ULQuU/RN2G21/1GpTmo=,tag:QlSCnuaQxCmJ3XO5jjX0zA==,type:str]
+sops:
+ lastmodified: "2025-05-04T14:15:03Z"
+ mac: ENC[AES256_GCM,data:Za+XnpDu+WTMEUgZ3jnG9/4FOd/emfdiaLSGX+hfkuBSurlqFzVHpXqs4kyl96goOASevkiqCSXwk+DGGNTvSRDCoAH2jMfwUHh5mGHFwXKZFjraVnLidxyOkEg+YJ+tzJ9EHJ7MpQLYlHgGi8Xrc27n3+gpjni6+VhVYiLj4eQ=,iv:fQuTnJbsyNyphHZF6T9UF62jtA2wDrOxlPzW6XwsdNk=,tag:T8P100qKnYhNqr7oJaY6yQ==,type:str]
+ pgp:
+ - created_at: "2025-07-20T18:28:03Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAxK/JaB2/SdtAQ//W+DGA83YWISVMvmWTFLul74Enc5+o9It2JqVRBB0sRyv
+ VJAF65zi5AQ6k3SIyZYNf1Dy8eR3C6PBskw7juPrMuLKXA4NVWu9mLl34gB53zoL
+ 9WnCoGLiF+1DhnkH2/YD8FoUytJn+7BhD6uthhWbYqeeOo6GDO0bKGuE0PIR4KSw
+ pHyP7+9B06IlNdWvU/2AqnaTyakFa0yHuNKVmtJ4qd7FfcXiJejuhedNaXLaPRg8
+ Z+dY6nt4F6rG4y9shUcTCR1rGDxgqB7aaZjm0vy5mCsefSisw/ptnASKqaz6ZXyJ
+ QQtI42wmzgw5zC6vXt+zixtEdyB/MmBaWbJkLsRIpu1frswI4inHy5GW/wJTyG7Z
+ C82Xih2R0kMbNV45lMrvDz+hBt1R7YBe2J30TavXBOEvXO5VfhOtFZDhYA0wdw0+
+ ykUWVvT6Wpai17m9CbVgjwK+RIDLAuRDQhX4+SDKPLoLycpswAUteYDovk3x5zjc
+ GdbyDo3iKfqpzO+sa8LpHQeL93A3TdYsq111Dbq/itM3EluTcMKE84A2J5zBOJ9p
+ nduMtPeS1Yqz/G66TF5BivI09duP2ayf49DsF/zrF0m9bWsvWPfWM2Rvrf5c7D6K
+ zldVilFNM8YAJOmbXJjW1kXzqgs7SjrQblp3fhxYgHx5w89K/VcyoC1sBo3XvwXS
+ XgFpgPJrG7xHbVwB8bJrG8cPsI74/FxZBtj/P64/Pjj8rT0hXYnzI56W371ihHJ/
+ Mnp8hTjGZrbzun/daNr7ejkxdD+1qBRqqT/WNzv/XcTDdUlYdok5qVkeBtE/S9M=
+ =aVMO
+ -----END PGP MESSAGE-----
+ fp: EF643F59E008414882232C78FFA8331EEB7D6B70
+ - created_at: "2025-07-20T18:28:03Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA6EyPtWBEI+2ARAAhhWtMl0Qhvctd2RjezkWE7albF7svgAJUoA4QFgPtjqy
+ IYhM/GDo1pL9gSydk1axJQPGsn2Z88QgYBuhkZBgLA9SiREgUwPKCsKvZ70bxzRS
+ hSLS7rykOmPFIobY3JjKnYCNFx1/6U/R6XdgzuHhr8Um8Cf5WWyYHmB5EuMm8Djv
+ AZJqChoE7KAFycuGWJGZxN039/rMzxdjPnaFlOmTpOPiyofICWLjA/6Y15EcxuJJ
+ ESsUEs1JXIdTGVZWC8UqGf75b0fQ2jxki1duil2nhr7N2mNYyrns/VGbfCq0113M
+ 5X1e2iNq8lyjBfErdq90cG/QqGXe4sxtUwnRDIKaWbr0RhY9mBBjBLvOjDQ3d8Yo
+ PqyznHESPESwatIfFSt5qYQQN5MVwmbQ82OSDdkX0b59ouSq1cigWvCoPQ7x5sIa
+ UJc6ehFljDoYGx9mXzLv803Li9kToHH3lWXCmaDII+huvWFqrR07pD2gC0cEKSZt
+ ttBjJuWyfqHdWPaqEyJ6EZF6Bpf3Zsm+UDDb1S7aA4cjSIPOlqt0RoiMv1QSlnJP
+ JMg0QkEEWx9HHzcIPQbtCDyk3NxO1hPGlVLUSLYruTjB826LhxDDCfbfmBAdNsXo
+ +Qod3e1StlGGubpWbtP6PIcYKBs/XDvtPsxjiazkUalc8SbBUPipHuwohCuiAFXS
+ XgEZrSWbUdOCTQK2UoU57uTDjQKNytVbuxlTGNZ3Tn02Rkdutj4Qh/cK5vJlJ1pc
+ ckfsnDLIpRM03i82WMilXeWg/dhVzJgbn+WvUElC5kmWAHGgZhk96LO1ImQyS80=
+ =FJKu
+ -----END PGP MESSAGE-----
+ fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
+ - created_at: "2025-07-20T18:28:03Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAz5uSgHG2iMJAQ/+JHFiiwiZeW2wfe+6d7jDKtVyAoJiHB3FN2X8q6S1fsgj
+ 17EzxQjyVTojsPSTe5Zap0sqc/h4O38jhpUpW5aS/c38KLscv366y3Au+hWHGodm
+ 6OMlQBFKAB0x6uC7RqDnDKrT3p5mk/gKGIMZ2s6R2vayo/rZeHF52kQovkSDe/wE
+ 6BtscMXYioarFwGb2dq9x2w6sdfQO8MPaDV+jhBOrLZWGXAB0g9H+f3Eh2fonfg5
+ 3sHQRSoeYvVMSOFlLectJwP4iLQmgfEqBO35d/+ixD7M1gVt6PqOa4zt8NQPmEHB
+ 5OfSrmeeakoXPyfClcfqpXuJP8jwzEtTmqEOySVwOKa4RboheyNG8ZTAU5gUcCgk
+ 0iC4foeLdYXzghtHLsB0dt1XBBtpPMTwRUjmK9zj7J9aE4mPV+2ya70czvjgPQv7
+ cGM3oGS4g9jpn/HHBmGrQltAyLITbwnr+Oa2fjjSNxLN5aYoDDHO1nS/AaogFSQz
+ 0dV44+qaBLpqPZebTKVe9xi2ifttgUzBMBwVwnj+byctdKTzwHDoO1csLnJvcRvu
+ ESbJURybe2vWuLIfydE9fjpv54mpDNbbQPFFsklX5qmlC8u4GELCO2/ckrR43a/R
+ b4yxxxZbMCjS+Pgmr5/SVDrgp+8JP4wv6lA74hNuLf+UY4Q7m59sROQyMTNdWuPS
+ XgHt1PC5OPzV0DZgJOsFgRUhW+W4On76XR8M9/fxmuV4ixGlcpci0xxrn45cc2br
+ DbRloABWVghOplhH1cw4MnlJ6CJOjvNhaHPSsAkyVezBtSjq8PhOeiUA/mzN2Ok=
+ =ZLtE
+ -----END PGP MESSAGE-----
+ fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
+ - created_at: "2025-07-20T18:28:03Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAw5vwmoEJHQ1AQ/9FqwSd/IuaNnWlVL0MgM1edU/tXNo6IrvCpeNLCJOaS+7
+ RvQIOsKUX7eaTCG6wUxvXPuzCgQ8bu8kpJ5fl2ntiOerj8GiAqfPWMc7zoNP2w3y
+ yWJ8yslGjqSw9rNjdsk5b88k16ohLdElS9A/fFrKwtB94gpLHbLXa98Nt+IB0O5L
+ Hmad8fbhCdICxEz0KQVIgC1WHBUyJ9BGoKJpwfjlx7aKBHXGkDweutZCuF9ZGYks
+ PmS/6EVY/ubXB3Qd5KpFPg9k7RQh8QraZZnASJIRJTZJxoiiB9gf86pXP26RUnhS
+ 2vthDrVtABarp/cfS8lEA05SX9nNnKJ/qMU7l+kBaV9oiU4dfSNWG3SwSEyb9CzD
+ 2QGUnOS8Os5HMd/RIH9ZFFdoLYYntAtiKiJCx8yrC0c88OnU2A4BsGZ/oeLmwWJI
+ KqPdH/6/NHSGvUUHENFEI+cNiEPdDUvH/Ak3/wE6BMe7z5/TXPyYz6QpiBr+npQm
+ rfufJBn/hxjAIC5Hd04JViGjp8cV966iGg9AhckYN8pwCHkd4kdqrFCdm3NmKgZ8
+ /fmPYyozeLyzp7ZjerExL+BMc+hNAlMhis4v7NH3WWA8t0yvZ1VTGfBObsYHyV/e
+ 9QyYbWI4tqOMfhLOyv4KPDdL2X99gsL/OsT8u5cTVK1/20asm9XxuWDzVum+a1bS
+ XgEIa9iie/rP1dAILcMQQesATCBdxWTjyCADTIYhliK7WX/aQUuKil8RyLLJnznh
+ kfFiCI+FNRlAGGYLztzSsDgpkbe11g/zczDaS3m0+7Jxw1JWZtp/gQW96qO9XnA=
+ =yGeq
+ -----END PGP MESSAGE-----
+ fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
+ - created_at: "2025-07-20T18:28:03Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hF4DerEtaFuTeewSAQdAhYuNoHxnDoR3vYcXNS2t0aWAKFatN7yeBNugZ7rfqiYw
+ i/XO28FpFbyjlt53vshZwUrdz9qsG6mVdQ57D3aXXtEMP1yxH3FwmKmsQHQGM7VQ
+ 0l4BT4uruLjE3clae+RU0cHcukKSuR4hEOqdUPcQDOWSV8tnboxtjsV34tkRbIZc
+ VJvLT8fM0tUWtzt0n7Paz9OHelKUtQ7eKlz2sWO+I49qCsZaE7dJ8WNRWonFu1ip
+ =w/sh
+ -----END PGP MESSAGE-----
+ fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912
+ - created_at: "2025-07-20T18:28:03Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAxjNhCKPP69fAQ/+NGGeGx82rYFDpMgxOWJpenco6LVzC6gjeHwThOynt6se
+ 8AKQ38a4YhjUrAUudMr4kCVYRGqSEmWdHJPRG6pxET3sUNqNMLyvlBifxD/4VAi6
+ o8oNEaiVHMLBEK+zuIJ8l57RdFc/CKmBCGX6PC017ndshU9lAsVbZQt9xk4PkR+C
+ hBIKmRpZWe8CJBnTzZvG/PCHUU+fXDzUy89f0SOgUdtoNBUSHQcg0FrPvzh0BqNk
+ zkenQ4EgvkZ8eF0qXlGTmwZNfwD6KBB4qaHBNAZYUGU1CvtJ7FtrlmtpLmowF4l/
+ cE0K6HwbG4CADh9iBblSqMzpE8Iuk9kEn3IH/9E5Uggb1qtjmqtkQpCjl8M5LTHl
+ eoz2bvY0bAcQ6GZx3Nak5nosGYL2JHRQdewZd9lcnXoNzOCpV2ZwHiSjG7WVBKtV
+ iHcsPLOH7NNkLAtF56WyV9Z8n/mI4rISYRs142uezAz41cJEO73xzjUiAu1tjVZd
+ iNvplAqT01PPGLOI6ZqwT0cZQZkjl9qX1cMv1bSjBC01Y8t8iBwTxOFzv0gGLqw4
+ NjQjpPjWKSSAejYIdy5jY3XhQVkl3miPcC93MtOLR9GE6gwoAQCrJ0WqEh2pjt85
+ nFl8OYfA7UeFfO/C2XIeW7d/wU5Ec24gm4APqzw6rsAMLf91O71uJnrJ3uWkrmjS
+ XgGL7lFqTqFDpCASmTzNBspf9a3e/1kk+87DOzQG9YO4TsetYMWqJhsAzKRgg3U0
+ nVR3y2D48Y5ypVvbsQbFdz8ZI8H/1aQK62+YBjRGB2EOqHkK3+Uig8T0IyaVAow=
+ =4H45
+ -----END PGP MESSAGE-----
+ fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
+ - created_at: "2025-07-20T18:28:03Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA1Hthzn+T1OoAQ//W8i1bv4vXKxoegHrLH/HxHyDm7SJ2QNzcnTyNBMo3Z+u
+ sTce3jIwFvi6I4HCnHtGMf7bp7U4ORYN8yxeuLbvjTGD2v1Dmda2A1NPdRnjoy6Y
+ tLsjsz/FbT/3zea/OkdwZgeNTN4p+AQD9nd5oyAhN6XXcFmZwJ1IQegQtDADFDwY
+ zOSN9nH6cR1MWjy1ptZFYugAA3U/1WtFNq57G34+jMtszT2FUDHhDZz91PrkezlH
+ ZL4cPLejiaOS8Vm97D7kDsxo2yDTCtoypcaS330ANq1l03yrjjPjSoW9j+Hvhpzk
+ 6I86vU+AVNBLtvPSYybo58En1HvI+7TlAz6Gq+UMup2wWE1kkEDAVwmzd6kyyq/z
+ Kr8Pd/iCHs0hoc1kx7xCXQ76qJFoSAHE+eqkmGJLxUolZ1XmsbZeYBcKSwslbMKB
+ 8JHEnFjQtGbaXVf0RGjh7z4fzhYvehcN2NHBVt2/VG16xrjeUv/3xifvbnWrAa9L
+ xTIn126kWvX6mQjyEVRkZO5Ud/jVMcsW7sko2I74zhEtz27BBE/3Ms5WK7ZTVKiI
+ cWMnVn+NOB7sY9xn02fqe0oLXdBW0cnMjCLyWpdclq3odNJw5eKbaCUYm+Z7WG8p
+ DQOcPQ6ejXk7EW22VNFhedmUYJWMpDZImkbUOAo8XAN5KAVLy9D+Zu63eY5QjtzS
+ XgFBG6m9scVN7SYPyWxGZ8M7qKNqCezXmOSOWJpsYex4nFSIuIDr7LSw3bs0tp64
+ q6qvOlISvBPjoAmv4638iG5F3zronJde01ZmcYx2l9kYSRcxdr9fyUNaeWsz1aE=
+ =MW8k
+ -----END PGP MESSAGE-----
+ fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
+ - created_at: "2025-07-20T18:28:03Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA46L6MuPqfJqAQ/+M5ftMfxnz01rDri5YMAKBpUAgUHBdnWrjaVWqGIS7aZh
+ UXXqlCVRXzNfIt37Z23LiyINJGZ1y/6ES+4n0RYAli2XJWlR5vMzbN2Obh743IoZ
+ 9bApYKGXf0pnRdC2kNGFK+PC89aWHWpjVSsahBhVcYbi9G8WYFlYw/ZVrlh636OH
+ vahqWefuJStCKL6DA3sAYJzzDck8F06o1pEzmvTkGmAlJfZZ/Otam9BSQFmcegl8
+ tIqwi+EVuu35/yo0QqSMCA/QmvEGKi7rsk2OJMllyEHCe8Rtu9JHsUsnzDXCCPeV
+ UT7s8jMM0rduuEoIhgDkiEHNgbIbQ6f3/gdf4f7s0aC7NnoUHoVI3pKSbZeQhGzo
+ /pOSFsaqxlclxwu8uxIcyF/ReFf7u+sAM0AUVWdBKi0l9zeucJf7TmokY8oh3K1J
+ XX7XIuyMwvo/hrA23GTrYVk3ulzedawOlDh3ZvtNfiJH42IsNcsOMRwFDjwH8xSI
+ dYEcVrH/jhL1/a9AzY8lu3VCml/Xhs6Hwqr5urYcBNBC3PoufPoi6c79xO9lcxxl
+ iIWPEdANLdZO+lCKl0aR/mMZOojInBKplGFvqaedFYDoHr1ng2yYBeeGAbHiGf7/
+ qLervOigfGCWjc2sgyrTT1jcvcA0AuuNPiBnZmfEsiOgyiG5CWMK0y7F1Cm2cRTS
+ XgGHEBJNMoj7IbxHk3Gc++GDAschbcwsBUNbyUjhQ7THx5OmpyaMl+rUZZNEhURk
+ g3YvkqQvpP6Op8D5R1u7OHLR3/Y1T7eg+gSj+jrwAx+uj2P8PXfpuceTjPqTgQU=
+ =nBBt
+ -----END PGP MESSAGE-----
+ fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
+ - created_at: "2025-07-20T18:28:03Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA4EEKdYEzV0pARAAqlrh/OWyGSIJmcsjLgeF0mN0EcHYW/Tp/XWu9dtTB35i
+ ecGcS7n3UtDrOFTH0a2OufYPCf1gxsZN1XSFnwG6B2P3WCX/FDLyxk54d9ULUb5a
+ c2knQSY4mgsr9p7xIMm5q49TqWYZiJG7WnADyjkhWLb2nHiifGZ/eKS58v8Ekhik
+ rNWh+Lu6gAHh77SNMxrjKT59rQ7XZPJh47pRBdxwAUnpyvBD5QgcQVuUA6w2ohGA
+ hgNU6ep9Q7ZxJuG+EBzmn/5cJCGvdP75vxcLXB8H/qlUHew9339UY1qXFg2cEnXE
+ 4M5uQ4bUzJqQ41LrbjD4fk4hgiANVVd8rypprmHBB9ztjH/ap74guHJRnd/qs0CM
+ c/Pi7s61JEZrgRzv3zOBjuQ3CSr4w+8wdF/POknoRQWuwf9nC8gyiY6L8ROESHjH
+ v79tLHXTfPn7HZZ8Bl6YjTp01gaNGJ19lNj22X3G2G0J8tlzTCPBkgKuxi7E7JaD
+ rWFF6k/sclN1+pGPn8dfVeMAXfUdPorXZbn+fUU0o1mw2XkE9zsa9Tv6FHMkNS3j
+ +t1naeJ+NHcKF+aiFNkNo1ZfTgeni5iIxvZ7MmlS3ujj4EKZsQtXJBQthPaW9waO
+ 0H3aI/GttEA6pwgnuvPucfbabjuMNFJtIjeRwnyWzJHRSScE1/MkNZk/J/VUph3S
+ XgFwtKchdOvNI0UzFDrRF0QBaEkJynjtUtZzsAhYjNHjBiqtoFO9ud++OqzIBR96
+ lZn+sq9rTxIl3yxazoid+Ls7A/4eP6YyA4ZX72apW4/cJOSDYJ2Z2Qb+YtmWX74=
+ =8lTB
+ -----END PGP MESSAGE-----
+ fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
+ - created_at: "2025-07-20T18:28:03Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hF4DQrf1tCqiJxoSAQdAL7jChaBJQI2tZj4oNVqZkqNh/CwrURAsgkodnDRRM0Uw
+ YJbD170ufhkPt7g7Fk9kym94HZHxKsMyTIBLhbOWz5rQr2ZXbSmBOuUdOG2mwqhw
+ 0l4BZmmNp2oSl2P0/ROLw/vONilGvz/2jMQyCFDXN9IJDya8yZiXTrnEmK2vSM0/
+ DYtdYUg1A1wCq/n7bJJCUDWPYSnymP8b5dafTwqWjGwbA+lveg9MDNSRUI9QbG6d
+ =pja7
+ -----END PGP MESSAGE-----
+ fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
+ - created_at: "2025-07-20T18:28:03Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hF4DzAGzViGx4qcSAQdAS6WN1p3uJaTwEDUFyHIvXIOhVzrS01NBXZAARIT/URMw
+ 9co0e4F2EliREPIOPlrdTkIutWzk4Hthmu0NtDk58oAkpJOFCayTcQJGDuIDLvZs
+ 0lgBruPX+8fTD83IUDCmABmrKpQW80TgpWd6HhSRVq595mobaJ4S+TY39zUvr509
+ Zrmg6DmlUrEr/FYdff3gj94Rm6wDyBkI0fm/GLXL23Il7uKVrC5WQsNZ
+ =vzES
+ -----END PGP MESSAGE-----
+ fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
+ - created_at: "2025-07-20T18:28:03Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA2pVdGTIrZI+AQ//Y4Fc0reFodqz/P5dKD2RsHsKu1kC3Q0KVdGxzAe9AG6M
+ c26glnYir256VUOonlP5q9gsIvAc+RDNMoFF0WwKO1HGLPmeiB5gK8DTm2U2Hz9/
+ g4xG86+5BCyR0eFkx/sEqlVnhRsnfSkPqq6L+/mJir0DQ15W8SR7fbvn7XsXKQC+
+ jKI/spzZ0CvkLtbqvqMBp00ZTQ+yU1f93hTbvipLPLLR1fBSOnJpe+f832xAwH6U
+ W0eLvxzdvdSyALDVT+1xPNH0/Ew/j5E/U6s5k44IQXl2EKQXdwBiSWk8m8Ii6Gj3
+ 0XqJj8qiJlajl16auYOdXa6jNzZac7+JAgthc4obznNQsrD8j0XSolzYybPd+4EV
+ LCW19LF49hqEOsPi3UsigDjcpaiTxx+VdLVwsboquEwwfN+9PFl/iHG5tJRRZjNh
+ 4q/im5owY8br5Ef6HtU1dWDB/PNHP4lKzWuyGXS4E4YcdenU6cx3HmwKHTTdNlpx
+ TuH3EYVHTCmTOsJ+5wXSiZa9lTsWXX+kAbxFoIFkWaoi+dtg1NNKzmkfwARPVbi2
+ pu4s5rJEGHwta43Ao0gUMUEGyqTItZ0V6gyFn5Ey7ivzvtM0RDjzigsPhbFzCQWX
+ kUbefqCxu9iQR1LFBxWdM4iPC0xPN2oK4hnRFa3rzyLxybyrhlre/tsMIsS+4lzS
+ XgGYpNwV4QTYw+YOcxHszqg5OngM/aB8aZIOELsO2HkzRJh49a3Uv75TClv/a7GC
+ DVVqRbIs7ACxDw+SBp97Rbl2J9k6UAdGJOQ9e3cgxr7JxacCfd3KAJAukco8sQc=
+ =aWRa
+ -----END PGP MESSAGE-----
+ fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
+ unencrypted_suffix: _unencrypted
+ version: 3.9.4
diff --git a/inventories/chaosknoten/host_vars/cloud.sops.yaml b/inventories/chaosknoten/host_vars/cloud.sops.yaml
new file mode 100644
index 0000000..3c53a9b
--- /dev/null
+++ b/inventories/chaosknoten/host_vars/cloud.sops.yaml
@@ -0,0 +1,222 @@
+nextcloud__admin_password: ENC[AES256_GCM,data:R+6uuaDeQWSgtV1Cp7YWZvF8LYOIhoz1K7WVKerm67NLbLRpD9191DyQH13v7ZQPvIce3JzyrWqoyQigJQIQqA==,iv:chVGvTY1Ge4OwrVbFkU5IMd0aac5HqslddQEdY8F4Es=,tag:slmFXStGVf6eJdPFplqKjg==,type:str]
+nextcloud__postgres_password: ENC[AES256_GCM,data:GIWhmhiDkOC6mQAqNe8aKQ2TpTTYQJ44jn+P1hnpAxstAWLUTJZdxE2DHdjhZ9tV6kyTb/GXANn1UtgFzxczbw==,iv:lhJAZF4mJ09jVa5DxtVTfMe5FqfjpQojrI15kYuXI6o=,tag:LvzpBXbBQtNvEnCDNphUqA==,type:str]
+secret__nextcloud_smtp_password: ENC[AES256_GCM,data:9UI+hMDQqM6Ui02fpdscXj5Q+XfN3t/g1MUX4blqd/egoLBtq8R6YpdK8wf6heqXUck6VVDgDLFnpfQzy0cqzg==,iv:dkTN/pj0YhLqEw6Sp252bKmnA1RaF9wfoDE7naGN8Ao=,tag:1Bg/ZoCITh7S9Ps617DKTg==,type:str]
+sops:
+ lastmodified: "2025-05-04T14:15:59Z"
+ mac: ENC[AES256_GCM,data:iJcBQZ2Mpa83/bR1BcTPh5PGrsjtyQjtAwr0y/bjOXrpMjoCiE8nHl2vdfZIxGYU+v40nkgYhXS6wCIlBZgO/QgvXwVT3Qm42i4GSx93N+jV8j+iB0a1kPJ/yHAPHD0zvWF6qlNSAeFWPbifLMXHLjijZDud5LxdW2KfJ00JCuA=,iv:BTUVSDYfKJI18GZhiUC/pJ+Gbuzfk3GrJadlOapw5qk=,tag:f15zFqye7O+L1lTp0Z/8jg==,type:str]
+ pgp:
+ - created_at: "2025-07-20T18:28:05Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAxK/JaB2/SdtAQ//W/vD5coVwidijwr0/l91HBYRjtbUX+D81pJ3pOa56weA
+ 0/breqUaSOUtClLfTN1wIrYHDVmLHuTOYqn3z05k0jyGjEbP9tI1Iej7Jfxn+aWh
+ 4DgDl84KO6Lpe1kV4y+bxzt9OSi95h1vSEjoV+xbQiDOhV1ZKCCiezdrTTGry1Wf
+ fMpNrkQpb7um3FYopMFhHKew3WSugDuSKU7T3JlL8kMDwoeOI9GyfEXjpBY7oyKL
+ Zs0qFqaO9PZG/c91O0lUgTfMSgiwhIgUPQEAD5P0FhyRCmm613kayGHM0QuYXjsD
+ 2NmU2WapWrrirjzUTzlXFwj1VOA5WjlqVNaHKrFqtvUDvhTP52OwgEKD1P1UkCh3
+ BChOr4T/CoXS0AcBlQGYuBlaY55XnFAcC4T3WYkcDWM7AZ/HxPFarCgpYsXGSPsg
+ WlPFccAsQ8XA/BvhuAwCvL/aipmM3h0WcBXh82rjkzIPdDcxlrECn3zRABbSuVSc
+ ULEFdzOXV9pd5LGySkbF5DcNw00+bX2g2/sgRB/ly0iQIqVta4oNOBRs6REV/e+D
+ IeEmP+E6YMc7NKz7mCSbK0p7RBtcePCXZ9uwIql/sMz+K61kxvwDXpqHQ8A5EUQu
+ EGNIhgVfSbBIkqR31x0cW4/c8NKiElUx8NRmcn5lYxdy33jl+H5jK0Ttb2pr7cXS
+ XAGJ250qZzyDFe7LmSoORJ1zoLUUIwPvWy02mcRhIlHik/FJ8/dawL3HFbdEzMOe
+ /Og1ON2961e+m5AD+sFUXV+MDHe9s+eQDzQSIGbJhzGVvo2hfMn5mKFdtUCz
+ =t2Ii
+ -----END PGP MESSAGE-----
+ fp: EF643F59E008414882232C78FFA8331EEB7D6B70
+ - created_at: "2025-07-20T18:28:05Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA6EyPtWBEI+2ARAAoJJ7x/CsgQ9AU2sI3pCuKW9wUm4+EDDqiT9CG5WtJA7k
+ lj6oqEXmSe7QY7AxniKZLEsePMWSBBDYNcieUQaf0eZpuxwytDgav9LqzkwhZUGc
+ qhJV5Wvf+MdFCNmPa3TUuV59N1d1jXZPvWLgknOBM7lZexvqc5Lr+pd0c0qWrh4h
+ WDx+oS6yFW3qFvH+98iDxzJ2y+xvjBDvXGSqiZEgcJMyFllmpB45EcUIi7E2gs6r
+ vAeNsWEEYfO7Yt/brphNq8Ns2okvD78oZbh9dNagy1oT3huWbaN7LcJPoPJ8qL8w
+ tWAymwE7xkOTWW0gY0+MQJC1NNnDmIGOCxNGuFUpku4xLjOXMUEoBHdvGKqM2b5V
+ Yj95fnz8bf2FvH44Z+7PYBUOICHZBTC7EzExfSY7fEu7SnxYIjxMW2ufE6xo3upv
+ RFSALpv7Cg7G+PBjLyh5l/xHmXhObdbHbFC7EJXrfVYvfj1F96n/+DWbuXvCOm6s
+ C3Cf+296tEfO9Jsh244XP7cN4z5CvJ0N5movSXZ7oEZ2YJL/P/ieJ1f32QrmyrbI
+ CUuPlcCycE4CWWV7yvsmyf98RQVYXMXL73MBw0EJSWRATlC4/bcGIrVnbuni/oJ1
+ 8YNlqOejqzAzMMZ5f1DEstXb7wP3bXCao2r8uWyPLwsnJTeDKgtkw85wueIKp2zS
+ XAGl6tLDdlOVzbhKFL+E+1VG6GYOdBNPFYQ4yqaiOzm5zPmnyOd+FLKzq7jvXZ9B
+ ke67IgBNK5xNpAOnHauSawozf5VewJSLM9SyV9Geohz9W2ihSiS/vnSjQk65
+ =A1pm
+ -----END PGP MESSAGE-----
+ fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
+ - created_at: "2025-07-20T18:28:05Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAz5uSgHG2iMJAQ/+Ptdb4Hx7Uh2mH5h8TlOUjQW6UWxwpuOn4QHIrf5ck7tT
+ OrwEjNztauvMuzYJxSxGdVRSsKD4t/tTs0xLcTChGX1X0W+ZTjjpRjUwfyFYMLOp
+ SRdnyOBkZsmgvgt7xqvwwssJwOIbHTrJ5kp99gXggQsS4M/HAtpLRuHMOGzazgmB
+ 4H8vM1uA/NeOUjL1g6U14GwKofRgUbdLrkA2i6O3Tn6uVrpvC9heVhU2wiSF6qL1
+ No6DPheN1PvL+kV0h2DMxrMXcFNl3NjlUCE3vT90OyeykMuq8OQAfpBR+1vBOihP
+ jIH3t+kDXIhQnXvXQU8xm34bXO6Eo+c+/9CZXhVvAWRfFlOWrwR2/JzmtMMMaEEd
+ T6UjfAVlMJMWyX2kqXzpGVCijA2AqhQAFtC3JWmuovOiLKy589jYx4DOQ3h+VMMB
+ ggdZrx/hUGvkg3KpuCQoBYYs97SsOcF6vImPfQ8MApzW1GdT5tay6kFOgDauw+fu
+ yoW79sAvRN6IEd1yTBDhmL2Wd+Mr0oE1a1BWcdta3mbrKUCLvDf7LZrZLTvqLJQK
+ WzFiCOYYbSZgh+KYXzw/FSURNT5ZQqF2bUeSkR1rEbPPoFcgwFToYxKbWPvCp7ah
+ 1MUA9v7GcnmYxHS7yDhe1HOsdTM/Vpdme/2LFha/QawP0Cr6eLa/uc0KTgXxbl7S
+ XAFqDjqgejL0O5R5QrY9HHQAMcpAPfzaptRuwt2tv+V3cT0K4vJKYzsdi34qDnfJ
+ 2jHbXsjRxRsc4am7rA5xcB7r3lAHv11rkDU6oxiNu634eOoFIar94ef8VBQ9
+ =bQFe
+ -----END PGP MESSAGE-----
+ fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
+ - created_at: "2025-07-20T18:28:05Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAw5vwmoEJHQ1AQ/9ESOx/yVKVHFnCpC4nD2r4sYAo/x7ayDJKHie5sIfaf2a
+ ebRnIAezWlCEWqJ7FVU3QUZupsry/u+SsFnJg3Kv+TE51O2ITQenLdSBD2dUG2/Y
+ M2qqVUzXsEQOXr7QymYX41AThRouj+Da1+gKZ8BWIaPU3khesjLjEu4qmuJeh4jY
+ VE1F/2QB+WFY/lw/+WHpiD2xDkrdI81J0pF73pCepwDfBNmtZttURzn4xO6t9Ey/
+ Q89laIxHjl4oGUrGJkUonwzwRYaQN979SQWjVl+DdYN17tWnMChhlweorHh4fM5f
+ qDEOyGlYFH2kzupzyhwCIHK/4OaJNt8uQbB0I3h8P1qj1Zl23sTGP40KxrvD2nNW
+ 4KMPanP1yFRSe0zM/4L6HliAMu0VHUMWmH9qD0fwRXPV5fdIWxctaMQZnrVwAqGz
+ s/DJy3VQfFP/bxO50ir1wFj2HUPjFTWs7eqzum4v58Amef35S+YuMWBcum10m2r6
+ kGapqwHQPgxCWzAttIB5tDetW6jBBs4hAc1nyliFLJITDiZ0+p/mWUNqc0pQPn7g
+ DFPCB27aWlCj8pGObVPZRHo7ks6dX9E5oy4YGFzCmDvZrSK/cqmWAtU6lsWgFYRu
+ fJ8G0NY6t9rsluN/Cw1dplIJGnHvzJihPYKuZCkxRF2pzm4ESYzwZc7JrAmAZFjS
+ XAEs5H6b1OzbdhaN48NVsB9/tonkzmFmAz6/E7loI0KQL8Vc87eTWdHc9Kc6VBQg
+ 7/OGSvCKW5PjdWP68Y1tFB+1lthakH19JyWapGhYCaVj8PlymMB0ffktfjQk
+ =2M+z
+ -----END PGP MESSAGE-----
+ fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
+ - created_at: "2025-07-20T18:28:05Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hF4DerEtaFuTeewSAQdAbe6biWCSneXlUMVbeWc4r57SEHDltmlWRXulJZ6wXhQw
+ AjEdgA6AxqwJoXBTd8KD5GSchMmpXXRVpTAE2gvjwVObudvZERba9wMuxcsAdmDe
+ 0lwBC8GonXrMNb9BpesML66avCPVcjwKOPED6K82ZXn7+XdMruGQsUmQnFNcPnWp
+ iAqehB1RrDXtXIF99yGUddKlFgChVJUcOjkSD/RDSkMyjlwtyJuS26qoFF7ZFA==
+ =8dgo
+ -----END PGP MESSAGE-----
+ fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912
+ - created_at: "2025-07-20T18:28:05Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAxjNhCKPP69fAQ/8D7YIg9os9dNTzsq6RfEiEQH1XPvMMucaI3g/G3cuO5Qm
+ 5MBHNXVjwYtrQrulZMY+7MIUIy9xHYjtNNZi9VIAk0TWdCJ9XL5Zy7v/x1s+pIAI
+ 9kqeGI4Uu5yp/2W2mTr3q4qKZU8gJqEnJdlWIYETbqdgAOTcIlrMaMB11AS7rC4b
+ KF9vpOcOAK/yHbQATjvbd+vjJm5+wZ67hDNWmPvgh4gqctidPKKaLIuL06wDBZR9
+ EbDSXXfKoLCYJGzYoTMNnwAu+flD+9ZZyDsox0/0wN+QJjS6czY0up9TCbWW8fyR
+ dhRaX5ZGiihndspveM9v9Pj9b542Dz2QC2oD8YG4ZZ007jy8d/+mf35YtwMjZwup
+ N7C3zEOWJa+2CUvHYMkSpxYiQbocbnKJoABO70KoCXaPKanrttRBJ913owhIr07O
+ 7qVLrJqNhMbEZCd12HSFltOuGTdZ2H0NHtypFeFQqdR2BkAt8lL+rR/+4xGq3HON
+ +AQbHdvnAUFsgs9I/9bEGvzmmdrxUKYCXO+lxG1u3AJ4vPtCnwPevUYoe/BiTtZB
+ lGCCY+1eVZT0+7YeGGWPzy24hMBMh+T2POHM8rm6+vdxi+cepoki2QrpQkGP+AQ5
+ hVk9IJ+TPTBKVX2wTKMVQe+0G/zGV5FLXlCEN843Ygm/G1j+jS2g46grKIhU9yvS
+ XAG3VoGnsNY2KiH6yCbA3U1e7rrh6tdscFmu8OTpfx5/sJ+4GDax6vUYHPURJPBc
+ Ta+H2n1Ih9QdIkPNSv0r5fHYEGSnRRQ9X9eCY9FbvWQgVQuEY6+0Sb69yBV7
+ =yRWg
+ -----END PGP MESSAGE-----
+ fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
+ - created_at: "2025-07-20T18:28:05Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA1Hthzn+T1OoARAAwDoWy5YkItmh2pkAvzccoc5tAOulhV5N7gA3t4wczXaD
+ QMR/o0CZRqX6gZjaWcmjT33AbDlbdzcY/KJXuFvag7kS8QyDAWI86U7Rrun7NoPl
+ EwmEjmLyagiXmSa1VJKv6iYKuoF2T1Q2NQO2ZlGi1OQJbPEnpYuDyaldk4Tin26e
+ ZG3Z50jbUBUnXE7yl++oIiP30yD0vkoWD33fQBZe8/wTURDStuFkBFSTAV4Mfc0k
+ dDFsHZm+eWGBgbtBm2MJR+E15b+OwpsIwmRDF8lirsWo7LBz4MAeGB+bMoXzmAvG
+ 9lPlH9t887slDMD9QOFZ+on8pBf0zlpx9+MqBBb3HhdOFGVo/tqdjkp4zhu48Er3
+ bvD2UOMNKNpBnxvh+Wh40DU1vBsDdeuaATAfLl3adliBg8FIGY5brzlsyDQ8Ebwv
+ PZ8R4kSzkSG1cdbLM8qpb1D7roSPClM3uikPEL8WXFvvwcc3EjqsmXl9D4sw8X3b
+ dzrjVZSZgH4jA9KJtKgwyEqlbyYdizHilnXbx5VlaZJIDMvL/nVJF+Ue0qYuAmcb
+ ACbsnHkp0B1CNZnBibuHaIy+T6UNQ1QV18xuCznccC3a7VCASWDnLLf8Ag3yUCFK
+ eOMjMCRfWLpybjPT+2yI14Xf7rFNchnHG7kIMx6XIaMA3cHN7dgQyoouJxg+3z3S
+ XAGogGEGYQm/sJ3ENi/N7D34S5MAHfwBPa9cS8PmE33q9jRdUPwIs+TbnNcklZTK
+ JxFZEU+VZWpt/oxYBG60gM7fZsCE/RZhGXeqV21+pAS56kRi0aEyuq0Imsua
+ =p6Jh
+ -----END PGP MESSAGE-----
+ fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
+ - created_at: "2025-07-20T18:28:05Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA46L6MuPqfJqAQ//dJdmLs3R0IXVm6HcBvH5Um2VjDfZ+HOgl6je3NxcgMOn
+ ognp2CyUYYeR5GpPm1CydaNVlkKGVjUv0BlH9Rdh/pey5QjC85AMQpNumW0nBawS
+ XuGXB3pF53k8pQ9NRRBNmS61vC62eBV6DN6CLKUhmC6SHA/54kFrWQNI/6fnQx51
+ QyCssR33opVibfi8rz61SYQpAJKrFEM98KQRB1aHntLEhwWcYR3yKv4H83iKhuyU
+ 9O2JSn6ps7s5HFld/KnQkoVRKDZ+BvHbQAG95FSzjrwd2Ec0Q4EJlVRJrJFq6pHx
+ kMmpQebZRd4hbkEYAU9XR6fnnjXDg+RdIrPjDfxrXsH40IOlZBivgkD5ACIkTYI2
+ /bvq8K7F1SfDjgkeuuyr9y3QtXIxwUgDTo1cwu2wwfYsD20euST34Mv7DMTGwlY/
+ NUQ+LfDUgXemgWNiBXkn+bu7pFhE7PnyDr4yoTg5ZD2eUobBB6g+2gSaZLKQNe6h
+ zzZD584MQ5zz8ivyZXXAkpe73pV6bTTH5F76deXK6czt0rkrb60O9ELosAK40Ogt
+ oL0x4LFMgPanQdtzs8bEldZu7JNAf7zxrWNoey7zW6xC6mvyVLPw8+eMNS8UQt1P
+ rpEAInl6nX27x7agk5AAUDda6FOJdr6cmTLgPXnw2NxHSjG83moIGpDik4BZczDS
+ XAF8KRueOsSUOnN/0OWHwyWwIEjpkPPKCmqZ8itJjap3pDkJ7YhshRVe6nAWnDII
+ Z9bY10K6Dxev2dDYH3/ihxPPbFNSWtqeJvmyVOZXCHST3sG5DXpuTxiQ7JV4
+ =pl4Z
+ -----END PGP MESSAGE-----
+ fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
+ - created_at: "2025-07-20T18:28:05Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA4EEKdYEzV0pAQ//dFqd5fLpXxk/0mr9drVZy8Ih682PBGcAFme9bdYz4Ou4
+ 1uVP1WTmP7Jq9aV/SFq57JCZIEQCKbdAnMtyST/7OrSnYkYymCKRqEP9dP92K4tm
+ 9BJrVDu6FMdstBMBNNNBb04VPPgVLQjzyQw/zJnyniI5VEB9Z1MZy4b/J/zygWxG
+ nWPy4XBZeI3IhJNOm5zud/+pXj4o7jgQfHdUSMbD/pylc+2H0/23mbtHLuUT0d5v
+ nZIaua1yoCW7MWbB6tXQ8Y0O30F0wNX4ckCED4CSloZa/joApv+tivyQrxNLG5eo
+ P+KoQIB6YSG4K48j2J2WHd7yNsN1ZSevYQpdwj1MZAwnAKFvmwc6uX1oX36i9NlE
+ uAjDMMPyoEFFGAGHCR86atfeZp1LM6ot2WkaBq7SdpTeJIqO6oNJHGo9ehpn608G
+ M+Ebp4HSxMkedJQvpdKxzkuf5Y3e6dQ5YdSiC6eQC2ar0tsCMwmHfSXUE37c8zwz
+ W2oxnrANtnUGBxvV3b5QcQkUXcISW4OnoQsnDW+b6vqL7zfy8sWznsHcfdWVYknJ
+ 5OTV8oF5vzRrh1TsJvwp0Y5yDJPpV9yFjIkcwlNyCe8JGtRq2xmT2sdJ9oL4aSVO
+ yJwcdw8uFhCzyQTZR10knGbhLubDiBbwaNOAktXCMZ3bidERvcvcqbLUAMKKk5XS
+ XAE6JMUlnNaa68eQcwlph+ANQiL1WR1NTbBdwZcDdnjjxCwl0eNOliCBUn8X9p2x
+ UYVlfQMLBAOy9VthwmMe3MweDAwmeWhCL9v67D8KV2chCbYxhyOFL64ysBoA
+ =TSc1
+ -----END PGP MESSAGE-----
+ fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
+ - created_at: "2025-07-20T18:28:05Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hF4DQrf1tCqiJxoSAQdArglWecS38+Bksx2+b6X4mXopM/CyOe9ogHcdSTONUlww
+ SPZNAyMDJknUOZNVhsZT8FyjpCQyECYQ27RZy+1JOmNRa0Fzlhi1HzyB2jdvy4J8
+ 0lwBOs3Hnmlh144XMitJh/RQmcAfE+gyvBVc4+ZFJgYhxiMdEZB0PlXgRVPtKOcX
+ YaO+cT58XRpJAnHAzvlZYMGXzZWTGtErJO+yQVJ1h6cjyi4Q3G1DtBxyx47vgA==
+ =qQ/l
+ -----END PGP MESSAGE-----
+ fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
+ - created_at: "2025-07-20T18:28:05Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hF4DzAGzViGx4qcSAQdAeKRRJ7Fng1MXOeaUFcbPRsH45ivTIZmb84ByrvJKOT4w
+ G+8aUOX3WJ4YigTlsTc0wsbDWUmqkOBae+lMr+HjAVwzueEsKnvNVnFJ82CWk9pf
+ 0lYBAP9tPmC3ngDE48WUHkkPreAwUUqsLzSDoQVz8lPp2y1qXjK9at1g9GR2tQYp
+ ykjo7lLRQpmtyTteIyCzil/fRLNtAnBvtgINNKAomK5SpSH8yc8HLw==
+ =CZXl
+ -----END PGP MESSAGE-----
+ fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
+ - created_at: "2025-07-20T18:28:05Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA2pVdGTIrZI+AQ//aewr+lACFStf8lUjaodueZqLXSz0ex4UC6lyClmzuLkP
+ J0XWjiUKGs2ZWAwhKegEEM+O88RLFP4MvSaoRYIoDBbc/nLrOrPxbJVgOjCkKWMO
+ HKIXeKyFcnuDJUEXMjqIbX0NbhoyJec77Ne/u7LvUYiik+j28Vx28nGhUebP9N8n
+ gR4UWMaSeLqk84q/kiioV7hsX0hz6p+AFMvH9zGks7+FgF2Uqyfwrya9TnCjojbQ
+ OPtDdZc6d3s56TdtfcMaIkvYvam/xoEOfFnviz44wplTqiogGVqbZW08zliY/lap
+ XdhWZkYQv8rVxwVLZlZoxLtQpWZ/jRUY8jnu5LfEmCeJwIQMvUUDbvnDZClodMRo
+ xSFb/f9kwEkYHNrIZd5qLRw38GkQ2kNnVNDn4LKICBlsEKUi6roZIghEW7bllKKL
+ 6MHjc7ddIIYZRZs4S3djs8/jFpGmTvA2xtvCKCz8IvuhFzR0wnjGtIL96yHfYc6d
+ qLuJjLYTZPEFcgQc14z4Omvf69Ft2TtWPu/JhTqKNz1E55fu0snrjK43QFf3AMon
+ /mSBp6+JC+Y24wuljXjSt1PeCWyEKiHK3gnkkZGixlxRdWtl2fV0eCqgdM/j/VQ3
+ 4AB2ugyxj5JxnocWKMIFuUy8SxODnzyVE3A/7QgYjsIgPLg6RWtDOHCo/BLFBn3S
+ XAElm5jYXaasE5lt9yat3tPO5tQ9nnnuTOGou09KVta39uMwCBSQfuAlzWtLaHPv
+ h2dbbXEB6Sq3UNaxQCfI/ZWF534OIV/MocS1RlYFkuQMWNPKaDmGdyjtVnji
+ =N1/u
+ -----END PGP MESSAGE-----
+ fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
+ unencrypted_suffix: _unencrypted
+ version: 3.9.4
diff --git a/inventories/chaosknoten/host_vars/cloud.yaml b/inventories/chaosknoten/host_vars/cloud.yaml
index 8dd46a2..0aaf92e 100644
--- a/inventories/chaosknoten/host_vars/cloud.yaml
+++ b/inventories/chaosknoten/host_vars/cloud.yaml
@@ -1,11 +1,9 @@
-nextcloud__version: 30
-nextcloud__postgres_version: 15.9
+nextcloud__version: 31
+nextcloud__postgres_version: 15.13
nextcloud__fqdn: cloud.hamburg.ccc.de
nextcloud__data_dir: /data/nextcloud
-nextcloud__admin_password: "{{ lookup('community.sops.sops', 'resources/chaosknoten/cloud/secrets.yaml', extract='[\"admin\"]') }}"
nextcloud__extra_configuration: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/cloud/nextcloud/extra_configuration.config.php.j2') }}"
nextcloud__use_custom_new_user_skeleton: true
nextcloud__custom_new_user_skeleton_directory: "resources/chaosknoten/cloud/nextcloud/new_user_skeleton_directory/"
-nextcloud__postgres_password: "{{ lookup('community.sops.sops', 'resources/chaosknoten/cloud/secrets.yaml', extract='[\"DB_PASSWORD\"]') }}"
nextcloud__proxy_protocol_reverse_proxy_ip: 172.31.17.140
nextcloud__certbot_acme_account_email_address: le-admin@hamburg.ccc.de
diff --git a/inventories/chaosknoten/host_vars/grafana.sops.yaml b/inventories/chaosknoten/host_vars/grafana.sops.yaml
new file mode 100644
index 0000000..d9675a2
--- /dev/null
+++ b/inventories/chaosknoten/host_vars/grafana.sops.yaml
@@ -0,0 +1,231 @@
+secret__grafana_keycloak_secret: ENC[AES256_GCM,data:85OEAwuWnYW4NgObAmYey+2kGRML2iH8FuDlIZsHyOQ=,iv:Akdk7Iopx6nIOAFXqa7ROnH25vhoe4uopzEcHjWKWo8=,tag:Lgm8H9fWA+/PCjp+SHoO7g==,type:str]
+secret__grafana_gf_security_admin_password: ENC[AES256_GCM,data:Ct3YH/5FqUA+a7Z7YlpZ8aMvUM43blRG,iv:ePwTeX+7H9p0isvi6Bu0VG5egIOqTopmIiUhYoGCmR4=,tag:SLy3totIMtbED7XxmblasQ==,type:str]
+secret__prometheus_pve_exporter_pve_password: ENC[AES256_GCM,data:dJanRGfkNwZw7oaxxwpjpbV7m3Zl/MzA91Y54WrLXxHWDRHBX5Fe1soWgysN3uI5s+rtIWWfpCux/rSggFh0gQ==,iv:6gFk3IHxGkWcoeZTpS+iReBR5uMModHp2qLZp7aG4Tk=,tag:V55iwRKmS50E2lNS7lmCoA==,type:str]
+secret__alertmanager_telegram_bot_token: ENC[AES256_GCM,data:DhMeo4UHoYu17aVx2sRtQ2v2MFuwD/vHB0xsOf7QWio35ZAcwzGHab+VOzREbg==,iv:DhrCAfMoUt2Zk8imaVA8xC0UAJhXpyqNNwqP5th5ldA=,tag:BbCDqenw+yT4ADpIgZ5row==,type:str]
+secret__loki_chaos: ENC[AES256_GCM,data:km9l2LYuyvitMQOSinAyUnnF2AePE3fcW1E1k5fF,iv:gu2FB+R3/UIsa8qivpQE6AVaOug7/Q4JO3S7nhubsww=,tag:4JaG9ZHPbyzFIdzCnYN+qQ==,type:str]
+secret__loki_chaos_basic_auth: ENC[AES256_GCM,data:9HS1Jq1LqTmshFKdUDk96Y0apSC3xhSqOAWv3G1E3djDvl3QPA==,iv:oYgoIDqV3lGsHDfivgMRh7HQ0tFZhRO9OZSOuD8Yoxo=,tag:wkFgxC9EFbm/wHIHqELv0w==,type:str]
+secret__metrics_chaos: ENC[AES256_GCM,data:GDLtKMuExpedDFWLew68JMbdaxy1aEep2j4/XkOD,iv:2sbdjEp1GY6rMq0BMw3Sfjyci3Zfm7fFkU8wUFy3IDQ=,tag:yEarnC4wJvFnB8i7tJ30kQ==,type:str]
+secret__metrics_chaos_basic_auth: ENC[AES256_GCM,data:eT39ijCsheJZP3D335EIRdeVR4nSX7APw9e4iQ40NtXz8EEfGg==,iv:+OxDeTOF8PLxSFT5ZKkUwWYZfuBgv5YUJSGWsURL2kk=,tag:0nIroxvAjTG0vB/lwq09LA==,type:str]
+secret__metrics_fux: ENC[AES256_GCM,data:aV6zeZ/XsVlA3QepSfVd/cOr+tqFVhlAxRO9SHx7,iv:fxo0o9amrh5ivPTxRVkvymB3fr5dLFVE7EqIpBlNZBk=,tag:41dm29mrV/jmqj5IkuNAaw==,type:str]
+secret__metrics_fux_basic_auth: ENC[AES256_GCM,data:YL+QLzZyyObzDcz+FcefViMrvdkVSwRhDsBx/AwoDX3RLHCDjg==,iv:GADdMa7FHMM1FnyPp8DUHElpXsJeqD+gN5Slw0R9bgs=,tag:KGCoEud2JLU5s1gurrbywg==,type:str]
+secret__ntfy_token: ENC[AES256_GCM,data:0tuPJVmxHcdDWOMIo0QQXgIEkJo+p9A5emH+kc+U5tw=,iv:NZcfiz3UFw2fMcMf+q1GRp4Fsxpxbptsx9n8wPR54z0=,tag:SJYFtXccCbPrXjECiKUOUA==,type:str]
+secret__alert_manager_email_password: ENC[AES256_GCM,data:AsBzn9KJEoMjcrUWiIhR7I/1jaaFEa+cl3gImOQVKrg=,iv:mtQnZqT0taap3+z/L/nMfUvQF3JlTKIdoljmzVr1R3c=,tag:mZrCB597p8LyB61I7ZvHNA==,type:str]
+sops:
+ lastmodified: "2025-06-10T19:17:41Z"
+ mac: ENC[AES256_GCM,data:8GGZFGSRXAaLoWUowbxd3RVv7NPMVsbkDttDxC1Aeuwjy6678ddioHTiOWn04noWSPXhVnnpaTHWNW9dT5EcbLHvTl9Vb/ydKq5EnjDi3vAI2hQZ5bJ29rwSIW2YBMwpceqh+2GqDuzebhOKxJ0ZFYsPzbfTGPt8blqOQ1abVR0=,iv:aDbIiH7H72jsBRe0rSDXHMQy6zc1QFrI6ZakJj8zxZ4=,tag:+ARO2ST+1I9gOB/f9V/OjQ==,type:str]
+ pgp:
+ - created_at: "2025-07-20T18:28:07Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAxK/JaB2/SdtAQ//eid3k6mqnYu0Y/JnAaWyOqx8TJHln2gaUAwSM25+Anj7
+ 033qx+X8M2M9aDCKAKo72ej2Y4ELZ5JcDCRtTYt85I92q8CxmKOPq3Iv5WCBPXfP
+ ggIMhIs61z0m+ZH9pk488knHHuAhPpCMg7ziyNQJb8HOqjDBJe0gRlQTuZ4BDbIL
+ +AoQ4BHplgYESmcSiQsJFcOmh+BzKMrdhHMKlDY92iRKArpYfPmj5YBsAUCb/sVy
+ qzmW10PBvpifPDiJhtM4LdZmsfC4F8eOEGR1p8JldgENgRw4zH78B4kPe1W4rXAY
+ WCcBllDTtxl9AB8dVp9EHQrFJ0Kw3ch/GkM4a5SdXCddleqNk+PNbakhQwLaoEs6
+ jJeEGFMACz7oDD+zMdv4txodO3O1RuClCDx/sgGCxJXZJ6j0SgjQHG8csrdFPPXS
+ DN3Bmn7SFMFlCT5hbkSdcc4J+zkxwgT7mlwqLGXS0TqAK/DDY28/PUUW5VeOwa5z
+ uLkrNmmLfrjQrXwonlcnYvIvRAO+KHlTR/MHFfekuzp/wOyCE90O91YXDn68mfdh
+ 0Jo3PT5kDrRfAPt58wfcYwCnwJ8YewUYAH6Pw8AvDjqUSA6en01j6FS32jVv3k7t
+ Ip8M1Q0VtmvkEcJp/WN0ZnRcoLb0ijaxmKyQ3PvymkWRlGAQBut4E0ivyW4ECRXS
+ XgF63/ao1eiQ8LJdT923wCgJTIvlE+EyLyxBMAERwe5Kl8J1qDVJ4EdP3bsonrM0
+ pr8YZYPGdyEFAgcquXkQEDyynkArRdPVya5Hj9vvNOHGZ+09M948FnlO3euYm0g=
+ =U/D/
+ -----END PGP MESSAGE-----
+ fp: EF643F59E008414882232C78FFA8331EEB7D6B70
+ - created_at: "2025-07-20T18:28:07Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA6EyPtWBEI+2AQ//QBDriv4RmHkgw06HwoF2WIbRsVaqPtCQU/rATulq9hfz
+ KJGMPjuzMkOx7dI7aNgRMtQS0CbnkjXMJMxRa/YcI4e080FFTeo3rsx43ya5y0kP
+ 7X8i5wNWnJHs6yFj+d+mQA29//1z0vZliH2xc9DKOq0xWWdYvBbvInqeEsKkEr/U
+ JXY/kfm7DlCSg5OMqJXX3FNH5qKAlHTGupVzI8cvGXvUbIt3hMBppfhQ7c+DIi9B
+ jD2eJh7MgAS3em6qIR7rjBzTdwlvIbc4W+wcoEPfjkW8Vg+EYo+AOV9w0gkwDMhp
+ zV1+zWLFHOsjk15XFbJCVfSxajraZ2jBNRHfzA/MvupQY/OF7WtLkf2+CCABo1y+
+ HEnk8sruDojFFxhPeG8eiR3SgZ92qv0nhSDtJ0u11t0yP5afNiJEJc9OrLEXcESK
+ dUIIWir96s8mdqTztC/nag4PviDZgX4U9VWiotxrqJsTwYv79lJcNJVY0bGU1GzN
+ 4NBhM24x430I03e4E3aSpfNKodJ/wfH72VZeg5a8EVjUrXM1U/LSn+6FrHbhFoOd
+ 9vTIWiJA4G0lb10SEZllB/kerDGLZmUCe7VVhQ7uJzAPjpgLSAr4KhCXMnU9Q4An
+ BlGyW8On5c+mOvUI5Bqrzl3w9nB5mkNQ+yfDDw3weh1YC2RigArbnIvrDEqukCrS
+ XgHXPOrY8Tx8NM/iDjP/X81JRKCIQ4LVqlQbx3+uMOzMBW7kZiUBtvMBhktMicZM
+ LS37Yv7taWohciOU20d1/KqJELp2FeyTDjrGQfI/L/52zBhsed7OkW3LSEkz3kY=
+ =A2+M
+ -----END PGP MESSAGE-----
+ fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
+ - created_at: "2025-07-20T18:28:07Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAz5uSgHG2iMJARAA0LeyqUZFETqujsOj5OEWx4qXnBW9jhio/TK2wn1x/E2p
+ b8bOT8OH/cxrJv3O3L6LlAbumM5NqpRQYgHcrOlRsslUK2N2UszunHReVgmRqzpE
+ 0iqIkeWl+lgaqn/2NLIXArQEnP7vH6Q6GWI9GkNdZgmrRE1qDef3pcc/ZOZMcVtY
+ eRGGhBxsEfGamqAGk/UFRZ6VexJil/5ywDkLvw5JeT5Ltq7Ru4H2Mf/K3Wwm5VT3
+ 11A/241AVUODhLZ0uS3bRIJN0mO8utW4fiI7GVHtogKFKKxKiEFkZgWXAxkYVF3J
+ i2yw4hPqYqbiQndHX8T7whz1TXA3bSADuly+wAcXXSjDcbm+71iN6UgnL3WVUhYZ
+ QUxucoyWBmTPtf0z3OSTJNSWwr5wnjcUNNAEbDWUfV6vyI6Q2gdcoQwlFve6AkyO
+ j/7PQYjaU3T6LtQINIoppLiMaBSSLjjTB/sPbNROOrhTg0xym4JSTlOru8NkioxE
+ T7k1ut48l6PjXwiSBIHZQ2Ry60diXi8xxWUggBOrHdnEMEE/HGrOCgZ6pZnugNVx
+ MhpSkEcnwQzxMfUUtOW0HyR9hZWBi0zh2sqU/DbE0UL4K/6mZu85CtS76nWzVEKj
+ 8GYubDUqhMYuz815fpXRvfoPD3xk98O9sZ4yRIUisETd0nvvyZc/rXE0teLiQsfS
+ XgGuoEcu0cAVTH1aemx45le0ixitfa7blLUxe0AsSi0+N67S20+Uoxa3tlGHf5qr
+ lD4aNYvDdbI85qShxEm2m+YGA6OmKIdDBfMLbX4Z4NRgKJybLpd6eUD30WAzoO0=
+ =1x2k
+ -----END PGP MESSAGE-----
+ fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
+ - created_at: "2025-07-20T18:28:07Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAw5vwmoEJHQ1AQ//TLM/EyYupC1ttGiaPDdy3bJYvSAfdkx9UvpkFuGF/rBR
+ zcvBxLJ5JFxwXiR9blkt8oFX97GmtIIhNogBbaOalh49b1GPCGOawOPkvh6prJMo
+ QqFMq/YfzvBnFT0c6wL34eXPzaFSkopd5pUaXT134GvZjaziMR0sL0BjgsajlXEr
+ R9+wjZ/6scsU0ZdjxseAlj+pWZhP1g8cAPITwtKl5wuJRu2Z2e6qMXRwDDVDaZwh
+ tDLiH0FFYsenPTFEESUszw6seF3pWoHB79PBt9w1YGYFSo80Jye43jZ3SQ9BKAqI
+ xnfBXQ1Wzow83/UMtHrSdHOKKlzmHlCSPQTp9Kn4FvMaijgUs3oNiG6AZx38j6XU
+ QhPdFcL9ZSL3ZsIJooJ9ili62NC1B904l4NscUQs8Lz1Di7G0ibj1hwX+mPjZ7Jo
+ JGZtFoUmFo/jVrYoyrEIu9LWzUQsflYusRLv7nYAweePaFHGNSluY039D2CyAvg6
+ vTCIdx3vvnQcpSw0dnD4PQeCMuN9iXNEdmx3t0mcuzgaxMutB+xveLcbHKUEeSjj
+ EDDVWPql21pZoPiMYgTZrBLrK0bNwOJKtaHHntRuxlo0wV8SQF8U9L5gZqC9ZDAv
+ xXxKM24Dqt7zckNZ75Dlz/a8HQK5lMlwVeSxSiNY/36WSswX0pvK1qFXjer6yAfS
+ XgE/QffPmf10emV1bTBLSi9vDKBI0cdzxNuKuPCRlo1kmOuEA/aW80lI7g8s11da
+ Dq1Gx51uXqFKrG0vJRzB2BL4S0z1MtEcDFSke11xq5poXGM4PmfQpPBI9Pa5DGk=
+ =i+Gk
+ -----END PGP MESSAGE-----
+ fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
+ - created_at: "2025-07-20T18:28:07Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hF4DerEtaFuTeewSAQdAZS15HxhhjITM350cWmBsvc++kA9dP79oqoFTYS0w4Vsw
+ 4rMm91OlSZrXzsIHKG+1bPKtgB3hak8vX+RDS0zld98RorHSf9P4WEBUahy/xEli
+ 0l4B2seAT8SJfk5uqC+3M8i7KKUnDXi4S83HNyy28btN2kwaDKpOmaVelQeFRHYV
+ AUyzLb61JOnXzF77Y1FdDdqbxcZvUmfEjBVYwQ0uVY30x50RobV898hVmH2Gal6j
+ =TrnN
+ -----END PGP MESSAGE-----
+ fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912
+ - created_at: "2025-07-20T18:28:07Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAxjNhCKPP69fAQ//QsXWu0Q4LXXUGfPoGghMzJBZYxJkn1bASs7cDX1mGRyX
+ ujxpdovJkMSK8lEQ7LqTcEvjmGEttCBLDpYL5hVOI5k5tvpGh8bIV8NtZUJK+eXO
+ tHT/A+sbhMtRqGhlXqmL7dkY930NaKAeFsBqbcvG/p1uK8zLX3b7To6n27R+u6HD
+ iikUGaljRDknqKEWxdK8L79UW3hmz6qLynLIR9V7bDHbXXRZD3CmkscOcfNUC5jp
+ q0t54YzOHN1BQ2+cg230hvd07/Iu/Ko+K9JW/YmwKG7d2oB1Plitm+oYY4GaRgmb
+ VvEavkXPBTxVB4H7DyO2ghWFs6bA7trGf6cfcQKML2k2XygsQftDdoKvWWVJVmXi
+ R7ceqCFyVzXO4Hd/XcpWmwhv5lNRD2MEbIOKWdQ0JVnzqKJygb5cb3uZriTP9B4M
+ eKT/z4nVUEWssjJXQAMeHG5+pSRkT3JlizQHuHg9jU6/68N56kSVMhUyXSwvYbCk
+ 40x4p8bCL18YpA1wUbo6VtrydikPKgdx3TF+Ce2+kQs3E5ltSBL1OVykzX/mugFa
+ KUf1i2CbEB5bb9GRftagbCbVJp6d5GmF9CiCSF7vPV1hdct2Y7+3ag2IxgQS9zeK
+ o9heXRgWeoobYDztiXkLHXiqI9I2VFHtZ69zlA8mXI93xv/pBZUrQjTfmcxNDr3S
+ XgGDCDFBG22ZEVdUWOmKG999R+krXS0w00ITpO00Qmi0Ay1ZN2QAPLQS/5niB+L4
+ cdFK00jr8VllL+qjmYl3YG87ZWOGDE6lHvIGqHNBZH4FPYNlzgKySj/5BZlN3eU=
+ =hLuU
+ -----END PGP MESSAGE-----
+ fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
+ - created_at: "2025-07-20T18:28:07Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA1Hthzn+T1OoAQ/+PdWzTSem7Us/zW2xtPnxdkMPmGmTg1qfSogJzC0B7Ia2
+ 4QiTaFeMNS3XCpbuMMrcZbmHasBlVDXWwysz2vE+OPudplrjT9kClW/6cwXTYL4G
+ 5K4fCY/XQ89Av+pfURTBbkrPr+2911KiH5D+Lpcl1ra92FlH9S1MEbPEgXLgZLjT
+ oRZVHoc98lDPnumvrz6kLxMPiHwCdAy08sgj6fICeZnMWjU+mgZrJOW1KbFDd9KZ
+ yOs+6hw5IozLkqvhd3Q0gfgHZ+O0d87zH5IIzwyKMjQVYC6+T8SBikGbk0jStlzt
+ qkR/PAJg+OgFuwd4lOWcJ+iBI8EP90nqhryCmwFpmFJWBAx3HiAdqE9+vwvy2Syv
+ 9+P2B9AXYM7bUB0Eb8AFhGONhTh5K7qzeq7zExOjr8GKS/QAL/0FAldi8sM32K1f
+ 67qRb2VaX0NKZwOvl/I7aCjrTfBB/6ZZLWVplnIkq/qVHNfjIVwa92flJ/7Noa+o
+ 7TNeh2ySR92K4K4DGdC4TrcxkcCISM7tb9GL8xH3vVS/Ms67IOu46Uea7EnGJkqL
+ 1zkdoiIzVq3oMhhUFIMATYPemuCnfxOiNlyZR5WgR+rD7OhagR5tM+YXAI2MHcbC
+ 5jLcRHFZ+xIkTZWccoD9pulySRCgQZ9y5sFIvOl+OuTI0rziArdqL9MOYQ0XYwXS
+ XgHewmTVljGvj4P0oa2PqRbcGWft1ms1QjioTQ9MhSk7F2AWuB4HE/hPlN/eY2ou
+ m0o2NvaiZaq9BXG8GrVkwP5hn4IrDe3OEo9WeCar760dvBB1Z+q2R4F1FyzgesM=
+ =xc3J
+ -----END PGP MESSAGE-----
+ fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
+ - created_at: "2025-07-20T18:28:07Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA46L6MuPqfJqAQ//bgiphdnwjxuJGZJle0CsS7H5hSQBlqJw79+WXrKyfeEM
+ NXxKX0tIY0QoIhbh9mXyKEJKr0oOyqO+iLYlLrqgEr2OmLWDbp4+bWl0Ixcw+drF
+ uq8orbkvkbbxLLcVIBZfwX4foFCMINr2bNnTFb68yTZXpRp6+JN0wy6zzG7d5l12
+ wKKIfh93DVb3jrxaeEZz02EzLt8py9NWfniLABbIHWZSennOmnepiqCFuqG4Wyw4
+ QuyRCn7vOnO8fQNxCVyp+OLjg+7d8u67LcrU/lYTrZLYEr1VEl0mmitIuY7M9LHw
+ +qEMZePfrk0/8CshXmqKq7HiDM266HWAHq3VaAQr0HOk08DZLgzeb41wWDyQoQtr
+ dEOOuyx96SyOVaHxlttqWE9BHoX2CQEM2jUfvhoG1Ov2scXXB516Gzg9H4YYuDMM
+ ei7qG/CdO1g+7YSS6gBtz+T0+caolAD1/1LGcvv8/lkAQeoNfcNKupOR4rIiHQEy
+ H1wS7CnB/KbQY88ZkVHG02EgjxAGvHinfDa1Tv5CmjRZH2Yy6zBuYsPZQGmrH0M7
+ n7ZSPUi/BGKCJbAs+mkdYimDpmuNh29e3i7NHwCX8+odRhghM4S3ab1sPy5pdTi+
+ z3MVM/8uUJ1GSu33EXB5Zy973Pn6Ufjr9QOw+JpjetscSz4WHf1vSAe5b9eG7XfS
+ XgFmyjzLypsn1bVj0fo8FLq+flHe2h405I3hf8Olz0If5k/UCIlgRCU52Z8kGXqW
+ QJAJerSBi1/chXZg5aKqO9ofVu0MPbhiNRXxMHni4Cm80xDBwWOy4xC8WwiKrOs=
+ =czBf
+ -----END PGP MESSAGE-----
+ fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
+ - created_at: "2025-07-20T18:28:07Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA4EEKdYEzV0pAQ//eZ4t+Jz7ITuSVmYRGE8jNeP9RCMR2NkML3aEbWNvOjF4
+ jVhL4WvOjDHhWIBmSSgkyZFhkV/CPiRjZt8LN9bf4ueRcY/yNr03vz/cidlfNZAS
+ PRS8QZ7UvdjrprLSvTmNJTFB74AS9eelnDXc4bQlnytStlfpsXaOzA1WmQ5w0J89
+ 8Ri5Ek5BmZaVnoYRgKrV+AwWJNwlzmBrq/lHfoncHULfRwJ1La01zEy0vJArHnJk
+ ePW/5G3+84pRkJzDXCIG67EbLFwF7dWqNIlZlUkFCJ0qZsHVo/eVg1NX2iLRPp26
+ F0t2ehznDGh77PHWCJCcIYm1pIEVqD9tYsseXrc1Qz2NAjT7EDulYSdBp+kN2WFk
+ w1iFvGK9Mzc/aWBpDJYdEhe4UGEKMSMYKeqcTJf7v2cX0LE9z1JTsXctOQnByZN1
+ AsdbcR42xniz8B8vvbDzhpmfBX2xR3gC6DyEkmAieOecsJ/6jdwJAZBT/ea/t4QO
+ YBTZB5UzgjwbfXJNm4TUWYqeAl0BaSiiZo01a5Dzlo6MyGFjB5VnYRJm0PmTRwDI
+ w6UFrc0tXIMPLddWcN7UxH7kbi8e0rPHCbJDk4aN+IagM0D0d0fyAxxYy4aaJ/dD
+ 9dpUgYALoVWUNWDooKiPQoUTPujRw0Z//HCpxvmpIdUHrvPePo2vASMZz2D1uwrS
+ XgGpKromtn4QrWSgc5PIhe1CVDJSD+LzU2cUD8wKAw1X1ytL5mtqlgvZzTpwh0ph
+ 4NtYx85rHmrn5whiGgpxgtwr6o24xeim6ZhRjwbLWvYzLgh3wYNiCXzcUX7Id8E=
+ =DOLh
+ -----END PGP MESSAGE-----
+ fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
+ - created_at: "2025-07-20T18:28:07Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hF4DQrf1tCqiJxoSAQdABoDixsNCXVm7j0QyJty/LyG72v0WoIfxCkVQRP2uxUsw
+ R80k8Q226rURPAZGs3D/CnRaYSNINUyD4ngthAtOPVoAA1Ri+ftOScfnVremy7QC
+ 0l4B9DKnWfvmwJY2mnEBFRHf+SM/LpP67mlSVlPuLMFxXbfrxANfM+9RBNRk9FQN
+ WOej+WCdXOiJxlcAG3HVovIIdVpHMmPpT+YbfFzuY5rV93mbNEUI3bxsdiWEJnxS
+ =l7zU
+ -----END PGP MESSAGE-----
+ fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
+ - created_at: "2025-07-20T18:28:07Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hF4DzAGzViGx4qcSAQdAhDhJSPNVIKftCaEQI29AU0eiU9Bwmm/F/gVl/Pm+zEAw
+ HZKLksOb75mMeWElV4oIqXd1YXOfkSbOwuEBurgztLD9d4YWagjmUpckoWJBBvwu
+ 0lgBjlkvxjf1d9xjEWTUw1rzjIlDRL4f2GJl2NuHoHJ4zbnJCUDe/UC5B1UXin+t
+ JmpvPy+/RJdXl7Hn2GZXC6XoO/GopbiADfLJ+Bm6j7myt2fPW7JtvIG9
+ =qwle
+ -----END PGP MESSAGE-----
+ fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
+ - created_at: "2025-07-20T18:28:07Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA2pVdGTIrZI+AQ/7B5Ya6hX3Zplxrhyhh45QbRLGVYPGZlaTSwVPpGhLrKNR
+ KYfpz5gs8ONGO4H11pkmde05T8ClRgHUlIuGH0o9NyGCxAKaCnbOiqcwDijmsMTT
+ uoW0SmtV9uNVbJsDgXLiESZPLPYOi2hRX5XqZrMPorUZtaEgZiE1n+kFVqQJA4he
+ 67wpCFXvrtE5nVG7oDO/dTyBJ6WOdtTodesfIchlMxwIcfTzJiIJb6UPsJZ2ojfK
+ EcIYfy7YsYpfwc4tNmkqM9sGbpiIiJ2YhriHzftdMlW5dd+22ltYXXiFDrjTJg21
+ d9ZoBE/IWU9IwJAjWDDOHweHU0AjXef3Z1Kd38TfGrhEDmnUAYApQXjTmCgX6x/c
+ Yur9qwB8JY9ixfxc9MYpnyj/hcChKAGfKDKnRt5fOsPa2/6N+JtuSuZ57jVgMLf2
+ /DBPha7TMyvctQjFfL/ZUjgghhxt/XzKI1NvIxZtclQv5zlh2Dkxn1J6keAWd9C+
+ qiiymf5lqIyz3vo61q0fzs9gwnQU3peQlAQCyufsK3lJ6Zjxi5K7lqo8kQcdL9TV
+ P5Bg5lYhXf5heqtLdxN6qB6PHBQ9IcZu+SRadXymugITs4rnMlOiwGSSGicl16RO
+ v1jtj06e50DETj8Uwd/7RCtuRTGooDamt6oC6/yKfNAcmpGTqDBWws23CRnNHoXS
+ XgFAmqUJYjWHVxyqdsNcEdtNQl8IWUOtzmvh4rCoNssYPZlGt+8X102zOHu5UkHT
+ 1+F1WPXFTZKbE6D5S5HKuYnNs9r8SSEWyjUY19DxhHsLtC5xbsehz8oEyBBhJ00=
+ =a1U3
+ -----END PGP MESSAGE-----
+ fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
+ unencrypted_suffix: _unencrypted
+ version: 3.10.2
diff --git a/inventories/chaosknoten/host_vars/grafana.yaml b/inventories/chaosknoten/host_vars/grafana.yaml
index 00b877f..1ca6b1b 100644
--- a/inventories/chaosknoten/host_vars/grafana.yaml
+++ b/inventories/chaosknoten/host_vars/grafana.yaml
@@ -14,6 +14,14 @@ docker_compose__configuration_files:
content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/grafana/docker_compose/alertmanager_alert_templates.tmpl') }}"
- name: loki.yaml
content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/grafana/docker_compose/loki.yaml') }}"
+ - name: ntfy-alertmanager-ccchh-critical
+ content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-ccchh-critical.j2') }}"
+ - name: ntfy-alertmanager-ccchh
+ content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-ccchh.j2') }}"
+ - name: ntfy-alertmanager-fux-critical
+ content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-fux-critical.j2') }}"
+ - name: ntfy-alertmanager-fux
+ content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-fux.j2') }}"
certbot__version_spec: ""
certbot__acme_account_email_address: le-admin@hamburg.ccc.de
@@ -50,7 +58,7 @@ alloy_config: |
url = "https://metrics.hamburg.ccc.de/api/v1/write"
basic_auth {
username = "chaos"
- password = "{{ lookup('community.sops.sops', 'resources/chaosknoten/grafana/secrets.yaml', extract='['metrics_chaos"]') }}"
+ password = "{{ secret__metrics_chaos }}"
}
}
}
@@ -59,7 +67,7 @@ alloy_config: |
url = "https://loki.hamburg.ccc.de/loki/api/v1/push"
basic_auth {
username = "chaos"
- password = "{{ lookup('community.sops.sops', 'resources/chaosknoten/grafana/secrets.yaml', extract='["loki_chaos"]') }}"
+ password = "{{ secret__loki_chaos }}"
}
}
}
@@ -87,19 +95,28 @@ alloy_config: |
source_labels = ["__journal_priority_keyword"]
target_label = "level"
}
+ rule {
+ source_labels = ["__journal__hostname"]
+ target_label = "host"
+ regex = "([^:]+)"
+ replacement = "${1}.hamburg.ccc.de"
+ action = "replace"
+ }
}
loki.source.journal "read_journal" {
forward_to = [loki.write.default.receiver]
relabel_rules = loki.relabel.journal.rules
format_as_json = true
- labels = {component = "loki.source.journal", host = "grafana", org = "ccchh"}
+ labels = {component = "loki.source.journal", org = "ccchh"}
}
logging {
level = "info"
}
- prometheus.exporter.unix "local_system" { }
+ prometheus.exporter.unix "local_system" {
+ enable_collectors = ["systemd"]
+ }
prometheus.relabel "default" {
forward_to = [prometheus.remote_write.default.receiver]
@@ -108,12 +125,15 @@ alloy_config: |
replacement = "ccchh"
}
rule {
+ source_labels = ["instance"]
target_label = "host"
- replacement = "grafana"
+ regex = "([^:]+)"
+ replacement = "${1}.hamburg.ccc.de"
+ action = "replace"
}
}
prometheus.scrape "scrape_metrics" {
- targets = prometheus.exporter.unix.local_system.targets
- forward_to = [prometheus.relabel.default.receiver]
+ targets = prometheus.exporter.unix.local_system.targets
+ forward_to = [prometheus.relabel.default.receiver]
}
diff --git a/inventories/chaosknoten/host_vars/keycloak.sops.yaml b/inventories/chaosknoten/host_vars/keycloak.sops.yaml
new file mode 100644
index 0000000..1436f8a
--- /dev/null
+++ b/inventories/chaosknoten/host_vars/keycloak.sops.yaml
@@ -0,0 +1,225 @@
+secret__keycloak_admin_password: ENC[AES256_GCM,data:U6vt0UHHgz85sO+X1YucL9CIr00LtTaeyGUFZ4bVFarsg7y6gTtb+fCuYKCgsJmNDP9jek8Ny+A5WPkMkWR/pA==,iv:qq2H9nF6/1pUBhJG8dFmfRdxk9HSaIOoTdu3uu5xJDw=,tag:rpEuf7JSQ0092R1aPOojKw==,type:str]
+secret__keycloak_db_password: ENC[AES256_GCM,data:IDmQUjQh/QB1xdkwPKqv3ZAwdfy/lkSEdAJuF5MSPCNKfuANRmN+4rH570E3/ZApAJpLAkefh3pufiVbNF8Ssw==,iv:W3roegZU2KfeBDBBImQCCa6VqX+nUk2oh6jMhzbGcVM=,tag:0Qzu8gv5ThtAss4xJ4vf4A==,type:str]
+secret__idinvite_token_secret: ENC[AES256_GCM,data:FC9LqUf6wDijaH6JIde9u1Lc4qcqi/XZwQ==,iv:fSgbI4CXMeCKWSyVYyYT+3Af+OdhZ0wsFwNpZf3CA6s=,tag:tGe+xWyBH2VJr3yc3Vh0qw==,type:str]
+secret__idinvite_client_secret: ENC[AES256_GCM,data:ImweU1aPI0G9Lf5+TXvVmZwGhoigSJoHMLCuq6MxxP0=,iv:GSGqpMVHq31U+IYtnHnu9RuMt985y2N1PRvrlWFicg4=,tag:NKuqLcb3xPzna6t2VVuIog==,type:str]
+secret__idinvite_admin_password: ENC[AES256_GCM,data:fVb+vCHzPLvsQ44wWxfAwx5vRpoycJxBLA==,iv:Co53uRh5fG4pEVxnC6uWaXRrCLGH2Celg/XC+idiWSY=,tag:AWUn99jtuJCqXww/2dSS8g==,type:str]
+secret__id_no_reply_smtp: ENC[AES256_GCM,data:Sqc/UkQq/2F78G8LP92YrA==,iv:ObEdXhzHp5aDCWq3r7aUBhOEJ1sJ6lYiYC0pmWmwML8=,tag:1rtneYPlKS+uDzFWev6A4g==,type:str]
+sops:
+ lastmodified: "2025-05-04T14:21:10Z"
+ mac: ENC[AES256_GCM,data:EgeLza2JhJZmuNase/63KyoVwR33eFRqxHqSSaJDlr8YHQ0Vx6OTGQJTUGzgdQiC5y/AE24Mesbg1iT1+qufeOwv4V9spW3F0Ci3GOBcKrqBZxnnuHNn6tiRe3R0eeu6PLRcat/HSWY4NFz3RvUposC5YaATP78JXgDuJg/wRoM=,iv:FnxDapA+BUfSMVBrTYb9mcSYz5cZ5Qof/PZo44UTXrA=,tag:2FH63YT8Z54G/o/n8s57yA==,type:str]
+ pgp:
+ - created_at: "2025-07-20T18:28:08Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAxK/JaB2/SdtAQ/+NIlVMdE2ErNYHjxzWeGY51w1d79/fwZYQmTKL5FXEJlT
+ 3HoMDrDH6KzhUf5Q+AOcjfdifhXi4SP1ZESqndkz3Z5tb3udo3U1sjAnLerUyHB7
+ Hs3v4snzOx5s6UzXS+sMgzWvpBBJaFMcLYD6+i6X90SQ71iBP3vXrnUSfRYxeHBt
+ LvY5cBW6S5Z/gOFbkHDnm+DsM5yEqc7rZomD5evqWaj+nD+L0z+kjqtx8E+nRG5h
+ 1zVV6ZgKPNXDpodyC0RHDNQZQNsZHulMQgTns6574CuqW5Dd1pceUjVzkAY3YTyX
+ fpAwkta4TaytArWkGFWLMcpY6ugwIFSD9hIFQYlkwXVBwnVs9JVVvLWNOqzSQijG
+ sW6JhjX6YYuXhTd9HTviCxo6Zy/8D59Mc20YFZZXF+11h2qmAwJ20R1L0F0hYKad
+ ObfqBkI1M2OmMoeECj8sj2J1BWI5f+qEIyQJKMzToKyJZnNBCUY5JTClYxJYK+gZ
+ PkxrVytHAwVfZ+b82sz7+M8dztPbvxDJWL5LFPO04dgiOjtfAW499vDJRuMXKNSm
+ kloByBdZJNhtHVx9r1xshPku9rlT4NptDmHB3ktFobYTzRcgZRGMxuS86ILN09Zv
+ MovjsHRHZM/C4tjDkfrxS5Xsu5uKAwsPpg89UIQ/MRhlydvqAf3WEQLU7FIQNV3S
+ XgFRay4OHiIMxtLSPRo8DorSgOGv/kqm/Y/7MMTaaMucEwj0bzluPi/JS0UHM+C9
+ IMhRnsPtCu6NmLlucyBMaNVd0kEQi77vmIFk7/qmXxyQCGX28IqEKKTLulnWcJs=
+ =mBgI
+ -----END PGP MESSAGE-----
+ fp: EF643F59E008414882232C78FFA8331EEB7D6B70
+ - created_at: "2025-07-20T18:28:08Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA6EyPtWBEI+2ARAAh+BrQJmB3omXdWL+G3nacI6ecm+u6A/R41HOUtqcPk6K
+ 0i8ImmWR9Q4lwZWvYk4yikTkKv3i5DoZGOj5111xLEKOadlsHSEtV8HDtPnzX99t
+ pZwRcRwo1/2mYUczXTx6TqigKE9uWkUUomOkbHt8+r/XHDJjA14l8e/h9GrXqHgt
+ B/Ny5hnesZlgPMYIAwr0Stad4NUwZ+w4LoyWvWgPOx3F4UVlSlZGHwD1VHpBxl7F
+ o7vYllTiwhx4bKSbKJ/IlPhU/i38trX7VK70JifOxTGqrfYw0mdN5s2W+QHoaQ7T
+ 6HTXkEm0g9EGoUxECFdVzes4lf2pMA4ReJe2rRuBZqHYYglS65Exu7MjSSbLkO52
+ Gvmk8SFWXSswKF1hZUfmttBZzn/TUfBtuM1LCeEalNQH5MjqYXLBJqhqH7AFMBZ+
+ E2RtAVQTTAv/YIDLKTM5/Yk6tOGTPXUK5Etg54IETWDaWjLexUcdsIl2F7oISoNH
+ IFcmsfSyxnZnJ7qAnWdmzRinUrtFLzl5Lr/RqVxyYK4ZUaS0QIv7+xEdUR3OBKiY
+ Gm9CvRUNY0bD7IO9u6fwc1lov70z4qww0656k+4Yo9YAZBI5EluoI0AVVSKKlCpJ
+ yhkbgGyz6gC7DAlYJmjCjv6/AqZS0STm4KWlKR5dvWrY7FSJiSpCVEANrv34mdLS
+ XgG+hIT/Iu/QFER71LdizXEBMgZB/E/9UBGLdd5cRBXtp4vYpQIajl2SgUU43pSu
+ c+NYQjbg6FUxY97k+QD9tlzgErW1bhW8jcZVDbYYrBa1I8arXYBArr5EmIIFRBU=
+ =BTO7
+ -----END PGP MESSAGE-----
+ fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
+ - created_at: "2025-07-20T18:28:08Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAz5uSgHG2iMJAQ/+M0gcfxMf9f/pjwh9uMCQZ4DzuuLgMzC80L8V19tX7wic
+ tTXQcRWWhM/4Tpr1eK4UfrSMJuQrT71ezcKk1QFUBxeDkMT/V0+sCkBdwZUiWlne
+ ASdy3VrIEHFeAS3Qnv1/PACIcaj66FnuTcwUed7q5Ru9i/vskTaBwEfF0P+8EdvI
+ UJeuMr2LmpyYwNRgjVWcl7s8OUlT2WfDZUnSEPrigvcKMEaDNdEKt2Xa13slBfxO
+ RIs06bHotCEUwzsYa74xZXW/VJ7jrBwmJ6qB5SnX0/bv4UJuQ5oB7tIiXAYN7nx6
+ pIUlvXJB5g43Are8nUv0wp+Idx+ALikFNMZj5MliQRMsgJSezVGwJhkqL0Gp4+L7
+ /yJ4Lcyz3JrqXhmDOhea6Le1xczQzGyPt4XboBY/Wn3mLMTMzFkLGiq9hqarBwPs
+ Lei7ITY1dsj1mwiUKh/clHO51GBxyo7v0QmMjfODif2GubJb5ip9VrKF3CUZhreg
+ aaO92rJECzRSEpE9SYqGHqi35vGIGy6XJssunXCa5wwiQdxPcPTcmZc3tr3fxsN0
+ WZMW2hMOr6Ms8UrmCBNsKGSQqr68dZglcq/AouegIzcjoJ7LkLojBHMoWyW0ulA/
+ DhX7mJgp8BUR8JzVbpd18XcD3daue9ppD9BgydHJWJYM9uyvRwkiR08rkNdhRCPS
+ XgHCobH/fPa2NXqpVgbdAkzs30Sg45jv4F8RQVToGfVt0IMW1fyqRLPIyNNlhHKy
+ uqZThseG2c8KPclw9RzxmYNGzzx2evksZjOBhxFjffli5wjW87OSXK/3O4Ne6gY=
+ =0foj
+ -----END PGP MESSAGE-----
+ fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
+ - created_at: "2025-07-20T18:28:08Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAw5vwmoEJHQ1ARAAk3LNsug4PeNaLy0/Ym12fIYG1+7vp/5pBzVitEXCKAEH
+ 1NtdtfBixigwvRkFIqNpAAWRLNp8pcqVS/Hv8EXoc2PqKm8ChDE0KwUjgZ54hIfV
+ X8SCKKMvWRBIoGRYsHYxHYvZbj2ZmqziP7bK7/paHeZ3r8kyvQtvg/p6slYY4RH1
+ z0NjYqddvL7Vty1tQNaCX7MpXP83JhoVI5UHSnyGWCLze9IMWJt99/8VH6X3WI+h
+ F0xE78ooj7fPo1pZXkJ6bnyk0oelSU22gl18riG3qOpQbET3ru98+8oycTGQKZ7Y
+ Tqd7i97yLTO9RZX0V5dQ7pG5ozSWTPwm71X5rJrJ6LCN+03uvvrOPc6zqzzsRQu6
+ 7oPMGMrZlPSS5FJl8WyjbyrhNj+Q1/t+7E43q3lPQFiskxpEI4jBO9qqGQZ2GMHp
+ Y4Fz2HeOav6SpOtDleS8JPoD225f13PVkUlcTouMG/5bN/coLOK8iPfmFRkbBuGM
+ u2VDW8GenH+HE7o5zWzOoSSjZUO6MjfM6ig+6KXfxGGHfLruW9AG+R3oUpra/CZS
+ LC5xgzEpQiZW4lw8Y84Ok91ZWeFjjFSZXqHLS+6NW9/0y6w0CSS1NyimliSYMjor
+ RZkGW9rzkzA3dkCyy0srH3Q28vLv0eRLgRC/FYolQMN7PoPU2Mnl46aLNTdlyhbS
+ XgF6eXZUZFb+rJjtXDJz3qS9GeJWIHAlwZtzf42MC690TO0+c1YeoT92M27P1CsV
+ LP9HWlEHWsFGyqN0YNvyp8bm/0xGhhjB3VbTx0yRPB2KbvZ6Bt2uZpfFoRB94UU=
+ =EK/K
+ -----END PGP MESSAGE-----
+ fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
+ - created_at: "2025-07-20T18:28:08Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hF4DerEtaFuTeewSAQdAVZpG1ilk17Ksf7kIR7ZVsUc2FuWFd9Q4n2TSO9Ob7Hww
+ tK9/DaPvDZkzncOqvqeMrnoy9gPY5EHo1CoGGEfWx6sBj3SdUS8SyqbHinqnW0Ev
+ 0l4BJ5y4mteeiKEdu/wymJC7x7PtC9ta4Ox+TJbUaq0iuqVANKClEdQ61KnSdTZH
+ JUKN73+qZwgD7sGmHqt9FM2TwyRzLSPhJpr31rqfz7/gWx4rhlcHmw8fShSTt/Nb
+ =YHt8
+ -----END PGP MESSAGE-----
+ fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912
+ - created_at: "2025-07-20T18:28:08Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAxjNhCKPP69fAQ/+LmQxbBOBTe6VxBTB1sj5Kt0BW+2FACuYfc5k3QQOQzj6
+ dY+/Kyq/tSZwP8lYyAWf+U3dD8fY1miwqCL925DLTYTXtZzka7tpwaricI8emqjE
+ z0rSYikRpf9axxnrqKUKReZtyYc1qCIIgbz/yYm/LavfW/R/mP03fkjemEurLCrp
+ v89Z7IZy2VrOKPXQyG0isRMUcUY0lSwYHtHLOPxHVxFNw0Yq07tvvmvxZvRBGCh7
+ OG0liKNX1Sxn7c/pfi2beXU7ZXTHXoYRCn27JSXA40cDU32iqyzWKFCEDUsnRdSD
+ O+daN/PjsQgfkMMpTPHwVli0Fvj7IM7Q2HAJjpzLvHsLXKvd2ZxfwyOS0Z7KRH/K
+ 9rgn1Ow+JdiW4KPuaVvvWpQ4K3avIYKBRl/GURk0xvfnUQ2TwyX8lxZ5HKP90ymI
+ Bm1XN3Mjo8uaRNt4DDBHKfFfhaA2so4u4xMC3Qf6K3dRPGs10hL9tnm/+E0F62TP
+ 1dHzaIhx3uhl6Q3re4CB0R51g1K5s74Qjj69cBZdQfLVmEIMZGtRLpSCBieTxtQ0
+ C/kWXwPXwRVdBkWeq4Nq99rwaJFiGwZ4mKVoPoxsIPTWrypJzvun2ey0jIpQc4Ei
+ qQcEv9df0mpQ2uiLICIg1q8aIC/j1UxrcAUsyyPiGcXB+knr+/7YYrBlVTOxM93S
+ XgHBxdmaKfMkzFDHvPQXTg16FhcCkQ91d67h+3czOghbpaeB9y8kK3LxBfUbz9D0
+ pTtNlzzSvp9JKP2XAFTSdYnR9WPU1huxVLAPXuauhOjYashbPh2HYi1agOH7w4Y=
+ =KguU
+ -----END PGP MESSAGE-----
+ fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
+ - created_at: "2025-07-20T18:28:08Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA1Hthzn+T1OoARAAgQwiIq79yFvDp4fKKizLml7Zk2OcxZIjheUk0Mbc+NjZ
+ ikoJAZc9Sk0LjOF+m2N8v5rPC0TiwMoH2KTQV5GD3UIakFj6mjhj2Ap+l8HuusZ5
+ oQz57/2JMzBnSwOWAkRVOgOaob7hveq7FC32fQVZuMoQksBFpWOAT2UlGZNAy/TF
+ q6GTFl0XDrqno01TYxSUF1GchXuaqDJoMAxR8xwJr1S4fjTe1zDR3BrEofBoeIrL
+ PSP6VcuwBuxDhS57zDJWilh2ssNFi+cEuXQ1rBKn9Ogdsn4xUxs4rVkhDwIKvTZa
+ nPBdvPxIAzdJc9xGr2NOmFHfFIfwWdZOn2WgAfKe9fJgUUpUy4csbhKnrDFx1Drr
+ 1FXDV3kDt3nxWYDvMVUWY6Cb9ofKDPOdhTHDyXbEPygUzwGMeiM4wqql7jAKIzVA
+ ovimFFxyLN+ZbCMpWrc3e2wCtJRkKHV4jL/qh0LQbrgrP/whXwiohI8qGGHkQoL7
+ oe7i9s7cymfVLOMb3axu//V5aFrWDNjfdFBEaPiiPqijYqUMXou/OTYndPjL99Dl
+ au/xYsHaXVC9Fh2ofTAUfUva4Xl4pXLbIcTtKpGG2mO9eXZQ76PGcPhOLsLWbqtt
+ 5DbY/iVi/ZSojB5mTaSGR7m2uttRYYsP21dZ4ctm1hBWiw5YwAsasybVRRsIrXHS
+ XgFta6JdmtH66TJRMXxEspN3FiFgqH/Xwa4TDAn0LKuNY0BGmOvTMGvrBwkCRnX5
+ 8e6/Go2awGo11809rdu9ISrJtcCIXcKSfKpJ0RI0c+gq5tY4pVUkY+PqGUU1TkQ=
+ =cHyN
+ -----END PGP MESSAGE-----
+ fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
+ - created_at: "2025-07-20T18:28:08Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA46L6MuPqfJqAQ/9H4OlcOu5yxy3pRuLTi3NOOmlzZyscJ/erkZ/2AisNtRJ
+ iseRYUaUis1QUFjUggDXpHrZFoh4u7xeY3GIIKie2lmsXvLQJnvwOlaknImsUat1
+ +RrE4qU95nNcDJwCGbozmZSO0T1SGGKNPUsCN0ud22plIaPfgWyi2Ua7mt2l/ysi
+ w5JXCYZiO/EFDc1z2GA7sXNDqYCyM/LgiHUlutrxaQ7WfyDkIJQrSkHfRPxm8Uh7
+ K2FYFj4uOf/2EF7hpsUcoqtC0AZECOtkn4Qs8bFJkVcowg0RoZn43i4utXenC3l8
+ UMVPLx6YLTrueqf1eAC3n7U+nKoGaEYiZaMcsWLKGlyw2hvWJhLsYY9Mp1peNc64
+ NRD66js+L3DqnR6y2iCOka8ZExPNJRge2lq0r4ShIpSPdqd62/aQvnjNbr2fMInw
+ QJqxmr0ognQ519dmvt2QkstIu6zZueFrHpfuIdd0m3X0ig4XZ5Oi8NMqb2FjeUFY
+ q5DQSiv3UOi1YrXwxYKtalIwBZ9BeVYgh013GkEpaGVtxSOwcYu8pzdUoIphHwlK
+ o+zsUjcVZSKA2wTgOMIxxVzZnfackI7OTB5W2io9IiaFFRAS6RC3UHxwTKjZGQHu
+ WcPc2MQPP9maBBZFGKNNv15m9r+1vitL5uwqhQYvsWEiFstMV0KsIp2ASlNIKU7S
+ XgHyFg+Hht+0GucMjMrTjhbwJm9twIvQ7OEIQb9Tmh9yL6g+iMZ80PoOjlOKFBk8
+ ZSOclmYTDMzX+Em7J/Ft7BOsppxqqUuyRB3oV55snUn9cRvebjn4hMllVDJ6OCE=
+ =Wemz
+ -----END PGP MESSAGE-----
+ fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
+ - created_at: "2025-07-20T18:28:08Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA4EEKdYEzV0pAQ/9FkAVj5cGoRGQ8frGlq0O4Pn+Weooy2vla27lUsArfkqp
+ UrIw6C3TGc+nN75atxO37daaQVh+49afu5Qi/tFy5drgeNBMkWU9BmA0gAXCKnTI
+ EhZ3O4rUbQOxSo7H3doMgfKqJrFes65InTh5CwdUDGP6lCcczll1ebPFH5qxygg1
+ StTSP6MwzNBcX5PfNpTJFHSkVVJX/yXitZv1LdzDQ6LQeu0gInWMGqafrSDX3EvZ
+ hamEvBOr7KbuMCNootWp0zkh6uhrgnQY4xGirEulGSUBEfbLf+V/C/cuOFK0jl/b
+ zd4R/8Mqx3AfIdDioiOl65Fh4NelNpPMZ5Z2viS+U4pRJdI5+7nnSiPoGwnPeS77
+ OdHZiHd71VLJSwW7r5R6FmM9dfKg60EUAvyVZXHnt63vCJybGw90WrRM8jdFZYcG
+ 9Zj5U2xywiAN8/DzBUC3EoR7arzp9WtGMCskU8XF4wANClbs0pAOXcVoZ+lXVo1R
+ u2skGnob/hVpwLa6VUWwS3/ph9GO0YTTXnWnsXem+TTx2wg8HA0QZ3hdKiSx60Ab
+ QZElAJUe22GiMexBkleqHX0kF4OjX4h2xclihzlI9sHse9M/5CcqWckODacNomQZ
+ NiJj91eyxkA2TI3PXePWjgMtc3YokMyszviAu+uwuKU//7BEZrQ4IU+httWVzO/S
+ XgFzyY+zfWmCDo2fQLxWeL358VgDkJUPY/J7JoqDRzl9qkfkrhruojqjOly9v6ig
+ AgQCVoNzaQM+u35aPMaWW4Fplo62ox9lhbeXJ0juAFPFbIII+47GGFFhvOMbprA=
+ =KlTG
+ -----END PGP MESSAGE-----
+ fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
+ - created_at: "2025-07-20T18:28:08Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hF4DQrf1tCqiJxoSAQdASInfjzYXG8OBDkWdFhrhM9MbPOqnACkmLX/iYH164nww
+ RWN4hXfQD+mQJyVdtvx5oPp1ALrX9/HgWaYEyLCVFGEI4cra3qOuvG7nXDCrZgXn
+ 0l4B2jTrhAeQlelek7YdVvmBxD+pZZzlgjwUccQu/jyqwBOuY3uUEHqkOfaTynwa
+ 68U9XkkVgUe1rRG6oYlHMWcCgpGi34HnO3oyv87rM8UG9a+U5FpErkbGgcFvkjxH
+ =64mQ
+ -----END PGP MESSAGE-----
+ fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
+ - created_at: "2025-07-20T18:28:08Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hF4DzAGzViGx4qcSAQdA4xYlygBA92kiyWrSqky+2gpCEPIRjSwfzwPkK38XRlsw
+ Zjr8hIWzDiGd9uYE6mwdUMY/OuGZhq78ii+vRl/ul8bINDq1XQtG31MAV0sUhMaF
+ 0lgBSAg93UUf2PK2Mme5QXqHBXwkMN1/pjIZ45h+EVedTrW2nX0VzdOy/yrr9Z8+
+ Jr5jQarfxEmvY2TJpUc2FRJHoWOqtYelGqjixRtJ3p4ZkhdPS6pJezfL
+ =sUyW
+ -----END PGP MESSAGE-----
+ fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
+ - created_at: "2025-07-20T18:28:08Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA2pVdGTIrZI+AQ//UKGVELZbbBiY1+5xjEUNKbB3EvkeKXfsHrmT91TIE+0H
+ A2tOb4+rz6Sg5gjCRZceUIDGaOsy8rEo5PaF4l7gt/ygB97szPmPlVVWCQYsOFkj
+ E3XxH7nwofDD2y8p5eHdZ1h/txwoU62h8aSNmUVK/He9l+eF30qqhQpSe+L7IqLe
+ lPp9OG4WLLRPZG2xjmC7NxVPYALhA4r1iIdgMXUWBW5FvS3PTEZAdQ+C5OhzyZse
+ 3gehKnvEfJsEOcuCaaOGqEMeZqjmaO7CORZDoYEehaG+qOAw3Zkoa/nHFn5CN45Y
+ kRqxCJSlbjvmvWwdOZ+dLpx4xhvLKjYljswcK7IiS299KbyVNYln3A1pGEx7B/Du
+ YgpHmRNa+HR2KiedfxTrSS9z5SnBFch8s/ilkXJC2I1/T/iML7IIQazG8tqlpoja
+ fY8HQy6TKCKshP2wcjZ8mDZPCbxKRgvqDQ9f76CRgiMixFX1YBqarCX+/zPW3Vn6
+ hahwPkVyVTuRP+atDiFEGm+6OGOdQTNx+kVjKqi0ycerjbfvsawHAzlH5hTMKe6G
+ OA9b8lhJqLpv2Aqejo9JPZj6iSvhm3sPTJfDYocaF1ByHE8W6B4jLvMw8w7t7/kh
+ iBZLhaqNt04A/P6HXbR3cwzfi2FedxNO/MWPbUd1fwkninDA+jJikNMshT8NIoTS
+ XgHLZrq6ojv9A0qLv0U1mc43YEsc5xqJ/Nbelrq7KUODkBadyy8gE6iCqliRVJd8
+ Nux3TMgoXnT9/ycPPXwC0Bj1gnKZLf1lVRXjXelUtbLRiuaZxYB5fRsQVunsk/A=
+ =faMy
+ -----END PGP MESSAGE-----
+ fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
+ unencrypted_suffix: _unencrypted
+ version: 3.9.4
diff --git a/inventories/chaosknoten/host_vars/netbox.sops.yaml b/inventories/chaosknoten/host_vars/netbox.sops.yaml
new file mode 100644
index 0000000..3ae3b55
--- /dev/null
+++ b/inventories/chaosknoten/host_vars/netbox.sops.yaml
@@ -0,0 +1,222 @@
+netbox__db_password: ENC[AES256_GCM,data:4k0wmOe1c5AE298Juw5HMm5dttTKB1WsVxha4MwaIILpyIbJO0CfmzjYflfBTFPPGgVeuYdCobzchzqkP+8eAQ==,iv:25Cj2BLGJK9tMDr42AqV1IzJc5zG2dk1YH5vC0b1T3M=,tag:knyB+nALZwME8y7CAQ4BCg==,type:str]
+secret__netbox_secret_key: ENC[AES256_GCM,data:zPzoFK5Sx7gJ31/Apwex9ffFU/GY+HxIfwrItCW68MM4kVvS33e+LY4cI0vbPYEUF10=,iv:SjpKxyxSAVo+p9vvE/YAQFCzAEudcZ1lwnJ6scxeQD4=,tag:oA+lBep610IfelGwdTohvw==,type:str]
+secret__netbox_social_auth_keycloak_secret: ENC[AES256_GCM,data:HP753hmQ7ssbYSQRH0zcRC0vRN5bKptvMXo9jjzcuk4=,iv:GQUoojXLAJxqdB92kKLhavDaka0Rkkg2uocBLshdvTk=,tag:LVnL/JHMsAd5UmmpnUv7og==,type:str]
+sops:
+ lastmodified: "2025-05-04T13:54:30Z"
+ mac: ENC[AES256_GCM,data:/+JlBnsQuJrx3+CXlH/0dtst8PdBw7cTnUpBavcQRXFjd5PsZ54kUCosFu7Y2ngL9xh6WOWKSJCKpHFb8TCrBhslJz+8SQiH97py9m59diMwG5m/RF3I3YHBIoonSZvl8ocDTbz5myycS41fad3CMs5XtGt/vEcceSFhgqjZs9A=,iv:yL8aRIn22zmTIQ53/e71t6o2z7q1fyvmgqvpz4va39M=,tag:DH1oCBbdOgK2NdanzMSn9w==,type:str]
+ pgp:
+ - created_at: "2025-07-20T18:28:09Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAxK/JaB2/SdtARAAgv0wpzF+jFkc/5dlF9m33aXqRacTsTJutFkSv+NcCHwL
+ nbOjXr817ujXarA+NNFeu58FQEW9+fxA1T1O2azbgtOz0xXdlDfkSkS8kCm4B335
+ cAu8B8UwDwMOpiRgmHrsnFmvDct1sOZ/tgnd6AB1bgSyKijNGtdIfAimbOM0pEo4
+ pNWkwh6WdsbjpSFohfuh5c3yc2unCKLV42QDyPbGYmE/MP88DW/bgBNmhept1vGM
+ k72Ih1lCaRcqZLEDaL042ttSqk3MCK8tbAzq5682MAyIJGq0H+OU4uysPgsxy7GS
+ OGDmyDHOD557msVZ+ftHpQKDsHMdN//DDo66uUR4VCS2IqILVAo4mFAbmbzF+yZ0
+ Bt79T2Cgd+c2GdhiZ7pADtuVmLGE24mw5FXxCQxb/fbouXidH+2neVIjPCqzJE7b
+ yJoaYMIo3gWIdIM7fhlFnWrh4KGMh8z/eaVW3oG2uPCtO5OBpts1VCmvcmBBE4JT
+ kTz/1w/v3kz0rwze9JTKXHyg2wK1chn5V20T+5SwP6MAL25zxZa/tlPHEIH3lte/
+ x0LHEU/5WXcQLYpYxNF7yy0mrwRlMs0SLRxC2l1Txk/O7xFffnFL0I5vBluxLU3y
+ FMB5EtIUamapM3FuOC+hzf9rCE4I+fQJ/8aBQD2hjzOQNamg7CTXTNWldbzKL/DS
+ XAHo8+Rd9b1dvjzZfxfRp/bF5Av2bfTO65lb9G6YiBHLD7+AFbo2Pn7NWh9X6J7I
+ qpYAK9Wfs0sFNm/UIhmSkFJIXmlhMbrsp14ebfH305OSoe+dvkHfLD50frdG
+ =3PUx
+ -----END PGP MESSAGE-----
+ fp: EF643F59E008414882232C78FFA8331EEB7D6B70
+ - created_at: "2025-07-20T18:28:09Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA6EyPtWBEI+2ARAAkHsW/Uz7zqX2bvbgP1SlNiQGJ979f/wAHA0q154N22r9
+ 02H3RB9zlyLQhEYlBKC8X1O7N8l4ZTod5GNGeWeqiEUacTve084u+rkrLz9HaNxt
+ Tfdpq0fqGofEvThOUB9I2B7yWahg1g+D5xee1PLhB03dhMwlWgfj2hD2+7oshlTi
+ USJsY7mR4GImWYVqcm9/nANpoQzEYJ24K0h6dw8NBDvgLPQAB8h6Td7DjXJw8NX4
+ 21gfToS8E62gUV+K66MYwCZWuc/FxS2DZz4pewm2R52ReP7yl/nmpqlYb0iCfiTC
+ RmxhFbV6+E73sPzKjK8BJDMB6k4uPHFu5Hkh86o3XjwkpAaX84EzjVKi3VIGTLG3
+ biyeWwh6efCjUhXptaGTIFZscdGiEDJGtTn0Z0J8iDXotb6pZms2Cde+oXpg2CBX
+ i6uiKiz/KtBaRNYbrb8rcDQ3IHcO8WWSvAp6dYrbOmY/bYu6q2dc4hhTVs4JFVzr
+ 5I8m5jRQdzyhaoB88S23VKS1jaOUwYhN1THKPAmcR840kAA217Jq/GwUoBx/G1t5
+ DJQmStvo5f+nYBB6N/PVNzUWLU6gblFYiYnDIFy8hFHYmkmmWjU5J6qfITyzTULa
+ f079U9SJiqdE/t5UELAPbvIz/Hl0nGemJfit3XhZV3IelaFCxSJUR4DmE+rXTV3S
+ XAE1zXyTvV6b9bYkjY6UvUMETH3NbR3yYjn2CMnnHiPykF6rK7jXQ7Z6AP+drna+
+ q9B0cmmMmGx1LcwO60wBOdbDyWsw/6aCt7SaMwX7CXw8kzQ7ZNRQDPrXtLPM
+ =3SiJ
+ -----END PGP MESSAGE-----
+ fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
+ - created_at: "2025-07-20T18:28:09Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAz5uSgHG2iMJARAAyfykThjQAYOrOMy+nHwMHNXhmQRhHwtLIb+WEekWkRP+
+ +t88NlZ0fgtQtKVZbme8V2a0TCFXK7DFmC/6ZYtawfSR6LsJCsybQ5iEXEiLnaMd
+ mddYwQocrHC8/P+MPPvG4Wu7WzPc1yl95k/GR/M/o/Jef5nsmlfsO4fEJbB1tVTc
+ rGjFZidiFIsJ12Nt0DavJi5iV+wXcrFkAEdDWSCbmp+93IVK2kEeSnSEJ2I0JOHz
+ 8EuroP9wGFSaq2pcVhEHs8LBm8fjUizMZGOVTjZPVWLH9Jc55Qwm+APKBMHkoAEW
+ KaX63+uj/IgqDKTo556JyYhK4ZzexPwduelsWfOYOY+r2coW0bV5haFEq4pvHMJH
+ 7A6m10lM2XcUzEC1j9r0BxPJuLtS5sYhub9gWsgxHsCbgArKcvkEfpC3ZRJyOmvo
+ 1EbB1Stvh4vr++ASmHlLl314qpLSt1YEYtBhGKg5XUPnGM86fOYOtH+pX9fOM5dk
+ xC4CXKLRmOfRcR+rllGoliyUrrXMTugf5r/UEeYOrSsKd40JsVPVC123Uoo8Y2j9
+ FO7xGVQ3WBy4rDrqjRXoV1nakdKOvGD8iS0hSGs8yk569YtKA34RLAcwpji3U+sm
+ wIE4X/Z6Vyrsht/PvsbIcptexG2rxq7dze7eZd1T5C/pdcwh+rQG0ujJ/GB7klnS
+ XAHpuT2TgiN3oGIKMZh2cqfJ/rEBd61pvWMJQYW6ve2JhxSNL/Zo25GxsDoCzoqO
+ ruhYleZuFEYyuVIJQ1ePwt6AeQ4yy2PaNmZAJgW5scbSn0LKMoX3T8oRtgxN
+ =tPWV
+ -----END PGP MESSAGE-----
+ fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
+ - created_at: "2025-07-20T18:28:09Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAw5vwmoEJHQ1AQ/+IFSE4p67ld1nl5V8FYCHwDoZBAFKBz89KNv6nMmKZiVE
+ sa41YCWky0d8Tv3QXiYyL0jZuyQpN3DSXNrtQLHbjHya/mvHT16Oi51/A5ZvW8Sk
+ dABW7DHokET8cmtUpnhpx2hKGG2SbbkkGmZCBKOveVn5wq5VUPDqJjOF0P4wZWh6
+ IkEQFfequPcCsM8MAtM3ocC5Lkkjwb91p0e0A35gE92kms7iPE7ecX2DJIiaATIs
+ ABRmcgwOJeuYV7nhvpFbq5FSBUXvjuVN9IGfIG3Dl+IcCYg5xF2eJWnK/sOiqNmc
+ uFoPkaoueTYEZkgwg9ItAvHN853WPzt7ppsduEvd3kwnsCrtj+veylr1upTjxQJK
+ Rx2+a70NJz9+eaVm4hLMBDl9Ov6cEril+vZU/N0x3tSQ/vZgAJ+ofK803k6717Mn
+ TkSLjLkP6BNoKI7DLMLfxiCy0IssDsiX1po2wPSn2sDa+4rYt8U9dhfI8wYzUF5Z
+ T8IGE7ZdVvGR0FfxbPdFgxeNJSPv7atIWemnqEAMQ5fVFQ3JsBS8xHoqoLcLJHh0
+ Q8A+HPU3oSiU2ZjGlAM9yKWdUjz/DWeo0HodqaNBonJqCaxids0P0oHSGbTB6xY2
+ pYYXnD9knobCUr/etjv1eMvU3lIi8bz8Xmdn4KKmWr2SQKmxUU+9Mf1BWWq45PjS
+ XAFK4pHgiE3+YLK4ygIrjBFls6g3BPQA6rUZAiFzsr2D0g16rejdhosacoJcKcGd
+ rpYHLCfu1CfgSlz3Qx3Ass5TD+xwHdsfT9SPpRQZSoxxpcxmDUcYpqdwGeO7
+ =Fnjp
+ -----END PGP MESSAGE-----
+ fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
+ - created_at: "2025-07-20T18:28:09Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hF4DerEtaFuTeewSAQdAHaWsbzMdKQlM4f16MMkD06MaR9hPsvalNE1/K4d8Mygw
+ j5vWYfwadl8XuI/GRoyZG8hnddb0Vg545yVcHk/+0+W/SfWFzwhhvDUX8H6Qr8n8
+ 0lwB89rZt3ztUxEN+C/0UAlhFZVb1OWZ+xpDC2u53j3f/zxAtCUKjJA/cqlL9sLG
+ u037d6B3Wn0XZsmC+jK67BFZiMWs4ZD5oM03rXMLqTVMuDzjV0LO5rUFDgiq6Q==
+ =CzYe
+ -----END PGP MESSAGE-----
+ fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912
+ - created_at: "2025-07-20T18:28:09Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAxjNhCKPP69fAQ/+PmNa3+9KdW8QK3Qp0xFsA5JCwFJ+ePnZqSy++0o39Cxf
+ htNykQUd1aNmHjlBTmfomzoGe4L8mIRULbVRDB39d8bqHI2EIUibFK2MPQrSvF9x
+ WLk3BLCKjBf0jja6y9DsgNHMIKOVKJKZ8+MSNiEwPr5yy3t+wRXIE7bTfRCSj2vO
+ mQ8MtN6XHH1klcg2MzQ2VBgt0/TgKNYRnF18d0bTzNTPg0XMosd9vT3HIdYNVtRG
+ Bs88WxoLQX4ki9B00R1diWneW3TNkD+SG+3QdbQYbkwfKVE7+/ZY1zbmAf9bUfM1
+ FAyUeUH2ZfiqDnGTTSQEyLjWXsPx8OmaeWHdvY+Nay1tQxfyvdFldjmkhnhUYhot
+ epu4o0vih7y8dPAPvD2v3eflXo4I0R8kANKDkVZmB/ugayeR27Uv6+Rb6XQ27aKc
+ qrYMEzWsNJ14Cz/mM2eqyPBaI5mxhttxlFuPRho+wz1XISqsmJz14VojT18dtY5q
+ 3gv2dvzap9+xbs2+d8VnNvjWzocJYXy18ZLoZomNIuuKl6s0OdNEQxiC1/riWMIO
+ QjkbPt3037rtM5ZczhzgFLm1r45/nFx+T7nm42fEVLYnEP4Ln8bgvsasKHOoAocs
+ QWxUFMQ1VAyMs/IftTnxMZQe6eJmqHthH+3q/wYhIqsPy3r8gnkuqjqwoCb/XTrS
+ XAEQB91o4HxiecHP6Ks7QGI3+Z1CbEF3GWBrhCVtI0j+s+r0qsSa+6zeyaSK2Z2f
+ uRQijSuYw09UTsQHY3dsxZm1KNebkXXzVqrY1Wt9Qtf2Yr2seZiCPygvPVLB
+ =aDv7
+ -----END PGP MESSAGE-----
+ fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
+ - created_at: "2025-07-20T18:28:09Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA1Hthzn+T1OoAQ//bEgJM9+WRz3K5KwV9I7fpiAb+BoXfNWh/mnwUGLv8FRP
+ aq72bbw1vXqBhI4jkna42eJVUm2AThL/q0QOJvGKDtud0MjJyS1tZj44kfwwC90E
+ QrybaasPvZ0WOLmSQO9DW8oyoqDqM8ue8smN9HJTOfHl15QV1oXWYjH0j2l1D/AC
+ 2iqLW7KOzo+zFr3s7HxXnCgv9/BwqmafW742aKM8amRb885b4CAzFKvhrYlvQ43T
+ Tntgp63veu+IIW1YiqrdLld+hJpPaVHHDuCRANuQ3r8hQlzjOMC0ZeAW0uXnRuIc
+ 3fOk+uQxV/POIauSQskUXSHztD8CacVjUyySi0+ZFTtJo39ulykalVy01UCNuWVE
+ O1cJW6I5ItpBsUqb6KZyMVVgQa5Iv4JkrTEaOsPXC/O8wb+JxiAz06rb8j0rn+Yx
+ z623wZNi+QwvFPc1c62DXFZN9sxFY1xcildSpjh/h491FAUE+QKYEPIMf7ChyqRw
+ uVc9A1f+tJFI9M+gzWYI0A0+Wbl5V4wMdJKzzSyZJAK4+AyJjfpwHRU33vvOk/MO
+ Cz5VdrCs0WQ/x34KauuM//AranbqjG7QLGVZT0pkknSyG57NF+T9KI8aZ/i3E1La
+ 9LEnMf50WLf0kBX7OrGryFs4RrFNWsTfSt37X1EZCmWubGTiINc96JsMQIa00bjS
+ XAEOFQq9PM2w/X8RyLnaE0s4m0gau9baCQxonUwq37S+XbjKreupgY1SldcyVMsU
+ RUWiwJwVMNI3UGdQ4LBoJYstTEhH2HLQFZecw0dlZfrLtGgWJAPYvRWAx8uw
+ =iOrq
+ -----END PGP MESSAGE-----
+ fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
+ - created_at: "2025-07-20T18:28:09Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA46L6MuPqfJqARAAjJP/zQeLJ1qXKrz4ck4x+8z1TJx91XQU1aXLWLZjLcAw
+ 4v2G4ikG75WLfJcHaHNS56bhYKhPt4/xzmse16O8xuztz8xLVKsYuChna1J96IiU
+ pk0GbfWK5N/BVgPlntFE29gwXc2XhBSucHVwe9XseuIAlu99+OSf18TVXC41tKmQ
+ ZuvxgLMy5gLlt8fLLmsrgU7JM6QQXD/zfdziI9acrDw4CYKgE0Yt16+/JGCO4LI+
+ 2yeoV/GvFTS431lsVmTxhC59DVNCVXW36o6EKQxXjcLFhuzNxCSI+hUZYJr476XS
+ wgdHQWoKrTL8B6l4nJ4/2zR6ltFM3JZi62aNW88DvW/SmJsHXt1b1tATie4kVpLo
+ S1ns85v0A4NmXmDyxiORVbGT087AvdtoJw3TbLNNYiWdE1FakNW9KVcjVeqly9XA
+ Kjr72wdyRE1vyjsuDtUnM9Apuo9V2PWtfqrsNqYxgK9WJPFEzVlvhD1CkXXXsdfh
+ ncVIywwU0CYG9xOAR7DTO/pPKa+faZStU3bRlE89D+9+iUkLXqJnjx4ZPUeIMg4v
+ oByjEAX0jOqJLsUR10tSmJ7hrmdWoKSJTVEdx6pc45jyt6CZD5EOl7qMlteCVZAg
+ gkkZ71uQLde5CRFrEPIJ3UdF8xDvnjJ8HgoaLCv9AewMlWiMNrGWV31rFqp7CRnS
+ XAGsOtTt6y6VT5C1rKamG4IKK998ycirXQPlwC1svxP44sRS/LE9OI820jEiGUxT
+ SYeFvLISOje6f8Qf34hP9X5MmyxQd0lqMiOt8lkGj2GDqFzKsrKeu1cpylby
+ =Fivv
+ -----END PGP MESSAGE-----
+ fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
+ - created_at: "2025-07-20T18:28:09Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA4EEKdYEzV0pAQ//WS8zjYnuGKpQ63BdGAEU55mAlGu8etvOLlj3JGL/EAjX
+ CKadwY1gIPjN/AZzDN8twadasFE/o02Cz1hLAPQIS4IYgh2L5pZZVm6D/5v0rQgJ
+ Da74NBoFKXLD7D7P/+abLTFSrTG7u3rRL8AAOsXHiMpyxn1AgvNPS/lHrdTWi/7Y
+ RfvjaMqjynZs6tsOZrQjUjz1mdwZ0Pl0g4soJ/4KBN5riz+U5wubKb8g1qxEaWZ+
+ CiyGcF6rHfL1/7rugg+Z7QhRlW09wAqkQzpeB9h3rIqczqsPZVuw2gtBhSnjAGa2
+ i2q8HWFwegJYMemSxtqyO4kdtMp8J/KOXQ235ge96kMfid0muFeqD4QehSqaSta4
+ gJsPiQslhlRyBUraTAzWo+1Pgx6oBpU2Z4GD3xAsKyQ6m+wVg+7OsZJYXuMt3Y6n
+ DkMfbjJOvGUlN1XiZM5GT3YqRFFXpmn1NZ4RMBHv61vDuq6z9EWm/+6i/tR/ugxM
+ Y+qiBYohMEIwdEpzlVZVQElCt9atKPk4YLnpele/midAKVwtBnQ+IpNEjKEtXSYe
+ QYDRVu+OkYSiMxvnJ1ZmL4lKJVHhHtQ6Pi4xkK0eTPUaWvCI6T+t4Dj9r/OJTbLW
+ APOXEQ54CnDmGqG83op1wdMuwmw8edEBowogILlUyaP8mB3cK9KJt7B/31ntlc3S
+ XAFQHLwHWB3PjCYiegJYQUbXIAfL/cdTwwBfmX8uMDerJ81IQSzu5hVDhIL9pE7l
+ UVWxGbGzfUdTE2U45M082DrjTmBkV3RdE0Y3JaBqPJ0oVQh6p1aM4d2aqyhk
+ =nWD2
+ -----END PGP MESSAGE-----
+ fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
+ - created_at: "2025-07-20T18:28:09Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hF4DQrf1tCqiJxoSAQdAr+L6oXEIIepvoeDrCt4z9snnaxL/Pmp6dpCAkxaXXmIw
+ 5J6eEv5G83So6+XXJXvOaoneKu5qevc0fSbEBAhJfKBUYk/ygb5seBcGycBWQhDL
+ 0lwB+3jIywPou71D15VbcMJQuWshrGPkpEf8/7aaL3kiZAQbxtuajECD6/0zk9E5
+ /owG/AWfR/W8bHJ2S/CFHb+m+aLHWI0emOg/OMGKjLG4JrarB3tbdsPcdH+8jQ==
+ =K0rr
+ -----END PGP MESSAGE-----
+ fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
+ - created_at: "2025-07-20T18:28:09Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hF4DzAGzViGx4qcSAQdAkzDgkAALby9UfWjtDDCJEgMH/tcIAHWeRqOx7CyojjMw
+ 0XdXIl6Q6x82GOnYKtJuFkvpGc+fSoREGiAVCOzaXi9J3vKUV410nSQEpyXuiC4c
+ 0lYBDC0rwF3mDKX7Pd7LZCH5ImaJiUB26Q6M2k6bfVhSyTygADlqcrvev6buc7sC
+ 1cfZdBGkTLJeqADe5p3+wJvHiUvK/VhlwV+hXt8PBkywDpSyLgaGWg==
+ =x/XZ
+ -----END PGP MESSAGE-----
+ fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
+ - created_at: "2025-07-20T18:28:09Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA2pVdGTIrZI+ARAAuQj5yvmmxjrUXFquA58u8LqIIn9lS8fW04vvO7s66Kt3
+ RhwiM1K+uTpPD0IeYO4t7xUpfQwxLKGybVBvOnjisWyTWZYWRPvpqpR8mrt/od0R
+ 3GcB/hval/O2HtL/CwtOwMu4RcfNKVMozLpZjWYZ5N61UgHgnSPxqAbizh2MDPJ9
+ UCM3PesL54kwBDxGUgoCOD+EnIlUOIFFrys6GLWHLqQhNsNgOeXtYQAiFhMuCzqC
+ PVeKqOJrRD5q/mgRnOnMhXC6E5xgOOHB1war4rDaEF6rx0YujgiMt/c4NTqFPM36
+ aMF1Kw/XawEQthhXdCcxYtQefcAs1lFhAhAo93tGcqnwQc6MrfIgKJV8pdE8FBAk
+ xGhzQlwjQsilJ/YoXvNDm6Iy0UH1WVVcVRSKE+ogC9dw1JyG3tu4kfp7GioQvhkD
+ tGEg/9hNMcWXa7Gbyr3kCpmTHuaJGaC8R4dy0rzL/SXDMfWm3zbFZVZoZieOuzeX
+ gl1F6bUnc4gUnlOa2XPYYrIVWfQMdAJYbj6ywvl0lMLxeOtStcYVD1EdRhiGEWrJ
+ 9YoEjDAMg99WHfEvNSe+90CnBPY/UNig97lcdGZzmKAYIMh5OutJsS5t+Lx318Yn
+ C8dDvk7QbDyG0lgaZHAAeY1SPbVW4eUdRxZIOrGPsiRUpzYxlExLVdy8vtXfFHnS
+ XAEc6y4UA3fhOYN7i6MZNVye186v9gZZyGjeZX1nLJN130A1TwMOg/tIeuFBmxpO
+ 0C4SX0xckcZQuWCR51Xjeu4hDCeMVQJuMJaypjhVoyQPiw4yaWWbELuSC5/F
+ =ERpn
+ -----END PGP MESSAGE-----
+ fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
+ unencrypted_suffix: _unencrypted
+ version: 3.9.4
diff --git a/inventories/chaosknoten/host_vars/netbox.yaml b/inventories/chaosknoten/host_vars/netbox.yaml
index 7fcadaf..4726885 100644
--- a/inventories/chaosknoten/host_vars/netbox.yaml
+++ b/inventories/chaosknoten/host_vars/netbox.yaml
@@ -1,5 +1,4 @@
netbox__version: "v4.1.7"
-netbox__db_password: "{{ lookup('community.sops.sops', 'resources/chaosknoten/netbox/secrets.yaml', extract='[\"DATABASE_PASSWORD\"]') }}"
netbox__config: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/netbox/netbox/configuration.py.j2') }}"
netbox__custom_pipeline_oidc_group_and_role_mapping: true
diff --git a/inventories/chaosknoten/host_vars/ntfy.sops.yaml b/inventories/chaosknoten/host_vars/ntfy.sops.yaml
new file mode 100644
index 0000000..a839591
--- /dev/null
+++ b/inventories/chaosknoten/host_vars/ntfy.sops.yaml
@@ -0,0 +1,227 @@
+secret__loki_chaos: ENC[AES256_GCM,data:LWFTOyER+m021ogmXYBrcr/2fUe3XuZhs5ho0KbM,iv:808LWnSUAPeclhsIgOyR6SutTvJGOu7mrGaVayo7v8M=,tag:f2WCPyUESfMiGDQ4Km5Dyw==,type:str]
+secret__metrics_chaos: ENC[AES256_GCM,data:lAepzCI4pwkF8KiGYzGnC4dPASdHDn+LfbJTFSvt,iv:EUW+CGeYUqhY4G1kb2bbU16j9iLwABHfRCdn2vac5gY=,tag:IcyscB9lZuZgC04XTxDb5w==,type:str]
+secret__ntfy_web_push_private_key: ENC[AES256_GCM,data:YqNEYa1Ln3NFpNoIuBUN1V/WRzod5HAtYueBJYHOwyM59cCaYhQR1S9aQg==,iv:t8bEs5ZAEe6pqbbOb0mpJdfgruX1P9Jd+sbNurGqkng=,tag:Cdy5HKkvb55V6AeRt+MVHg==,type:str]
+ntfy:
+ user:
+ admin: ENC[AES256_GCM,data:kwGLrQXBiqKRoHkStGzYiC0fbcGgQHdZrrk9NyZtcZcI4nrKTGx1sxrHOMI=,iv:ACrBFMOP6rkfshOgB+a32TFWH1OKhQaoHcYgwHx+tao=,tag:2QTWmH/vAzIWAjaOHOkrXg==,type:str]
+ uwrite: ENC[AES256_GCM,data:Jijz+zCPpzSaIEo0xhicKlMhWSewJNJ9GXJGYuohq1E=,iv:gnjEX3N0txcBIkJm5bOs4JfKVsdi5URgoMAmquCMqKQ=,tag:Fip0hA52NeaMODb9XxjInQ==,type:str]
+ uread: ENC[AES256_GCM,data:ZODLyYx15c/rPzKexoLURwA=,iv:WqUrXexY/RBAseUwiLPBVYpA5zqJeYBW8mmcvPvjtyI=,tag:SjB4OaTgIaVKHDe4JjDN3Q==,type:str]
+sops:
+ lastmodified: "2025-06-12T17:19:27Z"
+ mac: ENC[AES256_GCM,data:mlJuYT16bx9nEFw9IRm/Tf1y0HF1aVzx8BXhf0VKWkrBQCyzx/qbjIBXIXl22wzMrz/KCZ/diNRx0Wdq2J2u3n92NQtziiDZKwK+t/zz68+cCZAgktmO0vYc+BJ5GoJPuSmeMwHkaJqt3zYGQNzOJAYK9DPrK2AIbo+O21FgtvM=,iv:c5AmWi89ZLR00LqG+bKnbW3WfmIYsyz0X9A5r91Rar0=,tag:x3vf2WTu7naRdwQbKfrJCA==,type:str]
+ pgp:
+ - created_at: "2025-07-20T18:28:10Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAxK/JaB2/SdtARAAqRsY2gr7q2ZVfuiu20XpFK4czrXPpp65Bpe+6GWfxl7G
+ hlS7o8Hb6+l7LGyjpz6Av8aA9OALiL+9TdDHUSzrIuZayC+Z6SQ8e/zcQ7TOkDxR
+ QO3lGIG9coQwDQmHNHt2VytBZYz0lffKSc1PCAzj40n7GKM+ZGCoTyhwwA3tRDXC
+ SOGz6Jq/tH38O4fb5+rFLf3jIT/b06zCP/Zz8Bo68emYhmV/f2fXqay707HtMQQg
+ gb1xhyFMzyJzQBrUogruDhXKqVVq4eih5RAEzvXjDpGaFQ69eZTkj04WfGASjoi7
+ OaxpwfdpnVzmoaUo8/R5fLfPa1iSZK4FSwzZpzOpfvodRutpB3QhOdnWtiywR7Rj
+ FPrKWr+l7yX+MBWpvuaV9qKJcwPxhn+4pGr59V61k78yAs60L1ca05Ua9/l8PO11
+ qgCMeVhHX7IXm6RGOTO2i1dz61G9fYI3oMJ4USshDVdsFPV/OV5dBX5Zkcz+i/rH
+ 2XT3eOerAtLFiHYmSnsGMEESallPDAF1rgg0HOFE1FnSw64not/eaTCGdhCy7UHX
+ 5k89BQ4PArs914XSvdA5b1ydel3dU/LWWT/pra52IcAusRqLMZfiHXF/KuUH7ua/
+ XfZ8ljcJ65FpVqAvs6xQeBGVZQoS+WyePcv1/BJkWl4QOtXCiDAMJrKVfxAM8w3S
+ XAFUtaSpYoHGooRWU51pvimpFLGvlbc/A+NRAsKkdkgMc3g/eGQkE9uLhTw8gP6c
+ vSS5yv1k1DkCE3Sff+nrD5+4o7tBFjRP4XWWLdAxRwviOUIpQdIMqUzC8YvH
+ =yE5T
+ -----END PGP MESSAGE-----
+ fp: EF643F59E008414882232C78FFA8331EEB7D6B70
+ - created_at: "2025-07-20T18:28:10Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA6EyPtWBEI+2ARAAifILi6nUR11lUf0Dyv3V26tIKqh0T7T61rcivJAzHxAu
+ TphvUwzGx7qxZRtu/B64pyFFMk3D9kd9yEN+7MXasyS0Fz9GIRY4W5OTo0xHnthU
+ vjRo6htVg6Xc4+DYlT8Et/eXqYt37dGGMu9JbV9lYDwgUTQph46vqTn8OoOSqWcQ
+ gSiw1QjsjXoMuKjUZ7ut+gik/qVG96OZk+MFuez8V7xcClVUYM4RHHD8JTP/pip5
+ 7DzZARVacxrybu67FwEtkkhLjkzOwm6gUE1GAfGOOjianIepojyOv/503BfbErqF
+ vjEFncQI/3eSDIAQvUcGOCmKwm7arOdWZYvxSQSUz2tDBS9GeK9I/PRsRRkj3mg7
+ /ZComfo/DVdp0/LzFYVNYGhKUR+n1XLzumjYzRsNb3CAD8uo4N0OfzN5XUw6OQlo
+ G7MRGZJZDJHQAiMrMaT1JRM/9c8TmNh3Q4hPD7xWB0swASnFWfSAnJXJnrPdzNaY
+ D1ycyO4eCM6xQEOuTqubW7rVFr9qgdspZMzAMAit/1cX3fqZyQj8m7L0260hdxAJ
+ f7WmR2KpcJ6J+FAdYD3HzrRbNXXOGGYzlEeq/6Gd6OYyc929m+gNUjskKWvNv90u
+ f69u5aBWyk2OU9iToxqPOfAi3cpSWY3EuoyO77sya8tRKfzjlfYs9PsKHlXXj8zS
+ XAH20hg9ndSWiyXLSzuiBoocf4veHrCOkAnS3m9U0heJ28i5RrBj/ILZ1RWqHY97
+ 1urwfro8fB9ZzEQB6UmqucSRqCghR1wPVk5/9U0BhIeULHOk/WymAUoksKav
+ =0xuz
+ -----END PGP MESSAGE-----
+ fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
+ - created_at: "2025-07-20T18:28:10Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAz5uSgHG2iMJARAA0fyCiD5hpm2Mq8Mgal8yElGmiKl4H607Ik0tHSSGJ2sj
+ NSlYv6xSxGHp5y2RrXGBjDkDE93lg0JRyjB8CA+XRq2UxpvBpvIWJQ5TqQFj86fO
+ Ni1u726BfcSEh8BV6LiOWjdQFOGu1UVwuy/R7WV660PNwj/Cb7EMWsHhJ4/t35Ec
+ EpOjBeL28+daezH5b6JwMHGZCkXLXMu6NUOx5Kd2RBEpqwB5uDBOKqFKlR5Joeel
+ pExbPsREZkilQRcYiqg7q8xy6jMqUMAEdUHNnUtY/Y4K4M4dWL6spqFcTc2BTqAO
+ NKPjLuizHRcu9byrMjoLPZfusNY4SFPBa4xLZha9/ypsuIUm1/47H0mp5k3fYiX0
+ uAbUT72h4q/9MHlX+fd/C46TIE4r3liJI4l81e6KJlPdlMOt66lNL67mWhi7tKBT
+ qKCVjJdn2OitZAbwSAQ215h8LazWzd1hASU3h4TVnlpOrRWcVwFxvS9uhe+7HUIV
+ DMG9Xw8iU5xUHKp9zvGvgGDX/W6eLBFGJxWcLHYEaiVcZ0KNg50PfQbhV6LHBT1t
+ 4oL/4r+gER+M/uHVbKoKqxOk8qzgimdGkSxlZfTFpYen+zjj2v5zW0FAbfz/n4KD
+ WcZf60j47rzNEx/NwYSsaP01+G+KgPGe/xYyTFKxGrYyxQRUkyLQQQB1H+OBGBzS
+ XAGVnhZOzAjWv0OCNAcYp0ZudqopN+PAgK4+xO2FmyOHO9YNmFPBtiH6Q0K1UIr1
+ prbxePJIAAP8AmaoHJWXgVLTwMrGFohYqQtXfT3D9fIbIVx3KRM6SekM/30o
+ =ypL4
+ -----END PGP MESSAGE-----
+ fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
+ - created_at: "2025-07-20T18:28:10Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAw5vwmoEJHQ1AQ/+LtvkdJgZEVahtwfnYUbg+K+oleFw7V9nVeZOtpmqABTi
+ LsroF2PsatpKxusPDSoqQqj6fvKliCPcm/5UpEExqotKqi0YORhdHrFm9plju8uB
+ 1KiUmhnK/XiIZWp+HltZO9emelCmoU1NNjzs4Ayn1zK0SkY2ADYKI91mjmtLnu+Q
+ ca5QygiZ/RKAfSkyjCRyR2nhtNov8U3Ii0Erm0pkPh/XXrqBzjcuJKEGHp0Qj0Fj
+ MxCRxCCnuRaAbgQNQPCwGf+r9KNfvUIhZAWC4zFj1rd7XVxOUiPqVEUBviZvsC6t
+ rQtn3k7WEf/xlKmBS07PyJ04zplYv4AX1qkJU2qZcAR73vKtDnVFX51RYZrPyUhC
+ sQX/ZxANG54bmAco4k6/8+c+qbf3+0gyWuAPb/SGanaG0zR/ah0EUqXdlAF6pvJs
+ sV6uiamgK/qfMMz5OlPcHcqSL4iiZ7C1fIUkqRm6M+dY/TaELSgqLOPYescv9zvF
+ cWqxDcQ62UKTy6+khSVH9HXPmZ9x9uPZpyXNpwUKDYZIzAU3vRN1K1Pyt6ppYrur
+ HkNxJvXSxBXZFIOLCuZF3PnlxQQUTi24a9/Y9Fng401fUfQxWZTadKVV7iusBx8p
+ pC6KsWvVsL8W7aeFQSBXHNIsXGSMf+jdZXBAihtcg2cs7qXkhXlnjr8Tlovlg27S
+ XAHhM1w4Awy5+YxNIorJZDa+Ia4jczlgL1FO40ktLhQC1hz3huFGU/YK6Nla1Mk2
+ bQYZZYBjfuKcRqmIFFC6T6VAdA2wbvc6+lQAcLo5yBxz7o+KOcgQtTZ9X7as
+ =d42u
+ -----END PGP MESSAGE-----
+ fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
+ - created_at: "2025-07-20T18:28:10Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hF4DerEtaFuTeewSAQdAHtMliHz0MplHDFWRgKJFtfN96CpI+DOnUZ5j/QbY4H8w
+ g8NzKK7NUd5UAmPKHpO/yFiVUYltXkgJqIrd0QAZ5jBVHSKLmhdxsqWIRnUSTRqY
+ 0lwByOPxnHWqi9I0kpwAHcvCqohuIw0k3cihZiGjFGclNtUU24uc4uT9GyX3qxGu
+ jDhRd0qke+wM+NzJ2f5fVLYjCC7bTBV9q46unsnuvAidU0KXm6S35YlpTgcZ9g==
+ =lPzg
+ -----END PGP MESSAGE-----
+ fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912
+ - created_at: "2025-07-20T18:28:10Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAxjNhCKPP69fAQ/+OEcxoM4a+dGsTuBV8GZF6Ddy+NXf47SnZ4QLdliYaYGd
+ fPpyxM0wpyO/BtDE0uFyPpBPLKKCgzh7zlQDnR1zfYzlCr/Y+IB5BLRD19+Abkwg
+ TFFrpFp3l40I7jRXNfGFge7t22gz5owdSzZfI0Pz5mXuFfX2zAwtc0sV0A0paIMp
+ fcmLwASp5Bvhgr2DoCah95DkDEwHlS+UwHZoWe+cOrwaBaV8iqomjxYEywivG+Ie
+ VV+1xUhMIDdWrdmh+Nt39eOMra5X7M7eQhMmWe++uW4UyQgZo2+Jm3s12GMyc8oe
+ mcDqhgdZ/5jBQEhteBB3wZaySfxozI1aYh4GhscIGhMJ2PMTtEBrR1CuGey8RMzo
+ 9jA6XrGnQP+X4c9b4GBii3rvrRRRS3Y6CI0HOrk6MkWr9S0SW9ypQKgEDQB3O7xX
+ +N19w7jezyGWWG/G4eLnbSlxeX3ZnvDFAQcQJCqu4vEi5Ux0dTpoT69D9/St083z
+ Q1BJduBumC49fAnXvdFxgzvcYfjb56SWFByMcYNaEn/ut+WRkFZ2H5vP+HO8+hmu
+ qPEIjmh9KhTWgOLL1wYTCsfkD+ZMTAc5FRqPzleL/je+Jc/TVKT1s1UtDf8d7GWs
+ cY2C3bTLR3qlrFmAhANzjl3k9qh5kYYGOF0qkdK60Jeg+/1sqwajQRduRZIo5nXS
+ XAE9Q4biOlM0fmwOBvw8vuIax6HmOxakP7C7RalIXqGZHF6ijjLBSFW1kZioMftl
+ KCsFc010bbgDxLQvtIIFLChn/lQlPY7EzThMkyBoDF8RkA7jcqleeAU9xmXF
+ =Wiir
+ -----END PGP MESSAGE-----
+ fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
+ - created_at: "2025-07-20T18:28:10Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA1Hthzn+T1OoAQ/9FOvo7VH/i3M2qtNqiuGS8oDP3VZLXV2zcaB48BURhIFZ
+ dszZAozExdwK6yXOvuoVHr94mhgWkYNd6mR96zjFnGWhvta6w78Ecm+2uZfF/QQ5
+ tHKD7bRKcAAWC5m8ENAdz+5MLBpNk9egSNqzqjFlcNPV89dQCz6TAyfI1tUQcACv
+ pgVYZz364YMym8+HQ8WAX9rQS3K4ek3EosIjWPJf1FH2Zsj+5Bpt0SZmg3zHQ+e1
+ uC7JQfabuJ3pV4e3++Rh1W3P0cVX22gPcb+aepnM3Dv+ie6kNo9VguMjmGCEgk5w
+ TtRy1pG7e87FUvml7NEFazXHmWGWChfqvvHmuaLJCqCyLpH1TH0AylE+uHutdGQ7
+ t5Cl1slC4VpNx9YiAyhaN7phyz+WLoYn+bcEbcOF6m++PQM8FtIAggwXyaBAiG0Y
+ WRchBxnONdlic5sFmtVuaTMUqClWFO9r2HupRByU7BDTbG1yJBagiIXUFoPpMFVl
+ gfv2jJOtwJ0rGRnQ51ZU7l6MMdTa+rR5Dedo5u9fo6ZhwoAPmDOoEtmiguMZTixb
+ nE2BTZgWxJF2aLOUf8MVcewyp2m7CZlyqXaltV/D6885c4sYi+IqEsUw3CSkRqrn
+ T5RoQGQXekdut2YdaXfdD5uyBaJmXm7Yn1GNqaWfXLUqklPA5UgvHY/i92xlpJjS
+ XAH1Tlt1+DVs6zW2KN3EMvBqOTKLpxmLtClpEXP6pHd+vgaWGYNXOt1eInFfwi+P
+ BKuKXihjiFfNMibh5o1y7W+4WyISjYGpka52m1Ias+06mDeUUojqeaKuhQZ5
+ =qZvG
+ -----END PGP MESSAGE-----
+ fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
+ - created_at: "2025-07-20T18:28:10Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA46L6MuPqfJqAQ//TtGxqKzGMLDUYKYVyWUcYXMua5LavcZo8+GqUoXHIa55
+ V3WJ8zOrcd3qfRlhFCmVi3yViA+WkzuG+VYUuVpGbsXq52v21tDuwOz3MZDrTs+D
+ /tO+M/I0g5Kt56h/cN8lq7//x0AONoViFhDxLCJ8ilmhZdx2ywnv3O9eCLboY2yb
+ SNsGro9juCcKGbJtcch0CZOULMEMEXXPwbo8MZ+DnXKczwvSqBFu/O3nvkF2jcs8
+ rC9A8QioMOjXFRglR+vOfpbaCvCkRsgXlkxBxPtpjdYANjA7TQbB3sj/8PTcuNwA
+ CaVf1RjZoEfABxPJnM8+UX+w+Nm7Fcc+7k/S92Fe88dZ+6jvZGMXhFCoZarSyQSA
+ +J4hFW4j4xHndlD3wpbx/niPhkVRpLxBqDYJ3KfjN3QgzZ5ufhBPGi819cfKJxwb
+ /HDR1AHX0bQJoq6wnof20STZJDploLBmP7A1ae2j119pPEBK8ErhPsrn9TQWnbwe
+ 4Tcrvu4yMJX+TMs+yKDDQXwy0oPs5DPqhEnwHzHgNVjIWuQgy92kpDZssREFNZ4D
+ cDXGPV9Q1Gcam44Cib2HsDMw9ia5Jqn6iYqfLCDo7BidxfaMRHL9ALhg0o/YLFF3
+ 6OyBb4JBFra82QtSFqo719Hzsd475EL7vtVvCk21a8MMH7owhmBuYVxl4ybQh3TS
+ XAGZi7Pfzf8oFj782HypsT+m6YvPMXHuv8m8K/0F061Vc/7pOqx+l10URVd+KDFf
+ mkS3eQF6XEyrHxTV8oIPWNGqeURAQZSINMHFNfY0TkQRG3TlKtVGWCqgfACR
+ =dVoV
+ -----END PGP MESSAGE-----
+ fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
+ - created_at: "2025-07-20T18:28:10Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA4EEKdYEzV0pAQ/9GG7/FHBp3uAZbW6s93J49l3Dcr1Ih9PG1FQyF3wDoakE
+ LEQ0uoqM7hb3qjJLlG5Rlpa2VdhrzixDxVUnh0FwttTHsIkA3Tpqx4UN/6rtLKxk
+ ii/oTF5ZpN+PtDE59NXJHT83734aSoGyzRUw2UGc1RwkSQUlfXNhblqbn4ok4oah
+ EZdBdE3wzcT4e8ybaDH3OS+i5EE9dKpBjt9STbEVnL+3tltst7j2H3Urki5N7/Q5
+ 0rG8H8KZ8h/FCEhFS+PAWB6VuhKJ/xVtYYJlJhmN/lwBqwkkSlSihTHTKfY8wUiy
+ efG+4rz4d0PIQTaSym+Y+pI1hbUMNFrDtRa1He8u6Lt9ANP9ilCsumP0KM9so6Ei
+ Njw3yiSnaFZsbVRIvdZdp+ZphWshE7udq6hLfuX6j2iEjvmmcuxDy1xn+ZjKsEpz
+ arETzZCQqSVhChFYsrXzzxQvnBOneVw7bF5IRP25bcMg2hf+610BfxylZaOAXBiv
+ ZmlnIY+InlznegpEClqJurzoJMyClzbohW+Gb+HOoe6BwVQ59BPhOVaVh8t1Vef2
+ Jq7kbrwBIYjUqFAf47sOL4i3r0HqOB4MLqXc/GPQsZiMsXsFvu0ew5fvTIzvFjJp
+ pMJDS2NhwCfNpWprVKTYs6i/6F/9QtZSsJuKldpODUQwaZMEkPNErye2TvmUUBHS
+ XAFn9nWQ67hPjuX5nT12si5cZ5HFK+wyZnkB+zdTKeh6dCeO7CmssfuoodqsveNm
+ VZXtojOgOPusaSFj4n3GHE9vzqNMrE5odjpG6NLWxv7FFfcg7/t97KV/nkzn
+ =cAw+
+ -----END PGP MESSAGE-----
+ fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
+ - created_at: "2025-07-20T18:28:10Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hF4DQrf1tCqiJxoSAQdA5XAZB34y8KVLVqTUdQMIxtx7r8gR1OwwSeNeDIgRpiYw
+ lMLrGxCaiG+MnlDcjhv+QQkXRx3z/dvT5Jx35Bv8wFiqUY83xVD8yQG0zAJtA7RB
+ 0lwBJ69AsQI3TKDDDCfHwa8wka8vlnx9YoMH+bEfMAjHBOPeMzCmjaRgX7O0ablm
+ OoVcoHhPnExGVrR/buzrsorTuj6pRwoTc2XPRMp8cMafQQG5oKrc29roekcCig==
+ =Qrj0
+ -----END PGP MESSAGE-----
+ fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
+ - created_at: "2025-07-20T18:28:10Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hF4DzAGzViGx4qcSAQdA8drCpM8XLKp63D1s1owbpjULc3cUNVXE0X5UQZsvLjMw
+ EhgiZhQ1kobdKKXkGfCIY4sjtl7/QY/uuro20n4kZxhEgwZcBBLbUjZDOfCXb2S7
+ 0lYBSQqptAsnjkv9LwbbysuLd9i8WY1vKexAPA+cpvJgHwhtt4Ia/2EwQ2IMJBpm
+ MunAOhG+rvonQoUKxFB9MeCIX2hW9IywKWqBhfxFS8/r9VQ1V/fX4A==
+ =TgPw
+ -----END PGP MESSAGE-----
+ fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
+ - created_at: "2025-07-20T18:28:10Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA2pVdGTIrZI+ARAA2u7UVNNDiTC4dJ+tIP65LYov10AN1xKw3rradLfFI1gD
+ Twuwm6pZ6esp2lC36JqLR7bx5A6uFmfnJA0qBmQryAn+TyvU6xoWbLaDJMP7MMIH
+ uYAnIzCumDWz44xTnZRup6E7f+CUiBQmns1dTGWrfz2GHzusjnF2E8xfX0sIz8bw
+ jcQsH3yvIJhOOyWVOampEwm+eZoSzxcBn3AHAwd1XsS5A4syKN0wzA3c0FLAnibF
+ nUCRKBa2Ux3yB1Xd7hENrpN7ObrdsNCUvUpRVZg0bgs+Zjr3spq/NI66DKfwRc9/
+ 0wQhn/vxoCevGRV/ir8/5JUx5aSLYtLYZ6FGxn8Cqja6rR5rcgAJzjjJP3H2iUrM
+ cuhdQKj/WGu6nui3oQ6cDCDKK4YLBGda6m/nNLTAN+ohGmGV9gh0d95OD3EiGm8D
+ F14G/ihFFb7YOMPI/3pKPA7iaHS39lZNkSYBsYUL8/FfSoG0aKyFlTMXWgLgwVwx
+ bshpe4ixBzTrIU8DtLH1Hz2j3x3j2rh4vt6NOZ6OcHlsIWWEWT9lG2hRUda4kEXG
+ X6h4c+fslqu0z0PCDsnr0jjca2PGQz7az7HQdddG24Co+cZqLgA3Myj8YNE/StE/
+ zudTl0RpWOeY9aVCaACuz9xRcPpU+nxEpC0jxOC/ZSoqkup6ndpIOy9g/chq5lPS
+ XAF4v8Q+I94rlxu/LXCQgnX2mo2iaG8/vWzKogGlixHJX5s70rDaDO0oWjoxXlN6
+ YrU4hFwRCaAznA8GODyCHsCEvcGPo0i0HuVz1hwjp0EnfVLwYreFISGOOMU/
+ =6oPX
+ -----END PGP MESSAGE-----
+ fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
+ unencrypted_suffix: _unencrypted
+ version: 3.10.2
diff --git a/inventories/chaosknoten/host_vars/ntfy.yaml b/inventories/chaosknoten/host_vars/ntfy.yaml
new file mode 100644
index 0000000..cab4e76
--- /dev/null
+++ b/inventories/chaosknoten/host_vars/ntfy.yaml
@@ -0,0 +1,104 @@
+docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/ntfy/docker_compose/compose.yaml.j2') }}"
+docker_compose__configuration_files:
+ - name: server.yml
+ content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/ntfy/docker_compose/server.yaml.j2') }}"
+
+certbot__version_spec: ""
+certbot__acme_account_email_address: le-admin@hamburg.ccc.de
+certbot__certificate_domains:
+ - "ntfy.hamburg.ccc.de"
+certbot__new_cert_commands:
+ - "systemctl reload nginx.service"
+
+nginx__version_spec: ""
+nginx__configurations:
+ - name: ntfy.hamburg.ccc.de
+ content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/ntfy/nginx/ntfy.hamburg.ccc.de.conf') }}"
+
+alloy_config: |
+ prometheus.remote_write "default" {
+ endpoint {
+ url = "https://metrics.hamburg.ccc.de/api/v1/write"
+ basic_auth {
+ username = "chaos"
+ password = "{{ secret__metrics_chaos }}"
+ }
+ }
+ }
+ loki.write "default" {
+ endpoint {
+ url = "https://loki.hamburg.ccc.de/loki/api/v1/push"
+ basic_auth {
+ username = "chaos"
+ password = "{{ secret__loki_chaos }}"
+ }
+ }
+ }
+
+ loki.relabel "journal" {
+ forward_to = []
+
+ rule {
+ source_labels = ["__journal__systemd_unit"]
+ target_label = "systemd_unit"
+ }
+ rule {
+ source_labels = ["__journal__hostname"]
+ target_label = "instance"
+ }
+ rule {
+ source_labels = ["__journal__transport"]
+ target_label = "systemd_transport"
+ }
+ rule {
+ source_labels = ["__journal_syslog_identifier"]
+ target_label = "syslog_identifier"
+ }
+ rule {
+ source_labels = ["__journal_priority_keyword"]
+ target_label = "level"
+ }
+ rule {
+ source_labels = ["__journal__hostname"]
+ target_label = "host"
+ regex = "([^:]+)"
+ replacement = "${1}.hamburg.ccc.de"
+ action = "replace"
+ }
+ }
+
+ loki.source.journal "read_journal" {
+ forward_to = [loki.write.default.receiver]
+ relabel_rules = loki.relabel.journal.rules
+ format_as_json = true
+ labels = {component = "loki.source.journal", org = "ccchh"}
+ }
+
+ prometheus.exporter.unix "local_system" {
+ enable_collectors = ["systemd"]
+ }
+
+ prometheus.relabel "default" {
+ forward_to = [prometheus.remote_write.default.receiver]
+ rule {
+ target_label = "org"
+ replacement = "ccchh"
+ }
+ rule {
+ source_labels = ["instance"]
+ target_label = "host"
+ regex = "([^:]+)"
+ replacement = "${1}.hamburg.ccc.de"
+ action = "replace"
+ }
+ }
+
+ prometheus.scrape "unix_metrics" {
+ targets = prometheus.exporter.unix.local_system.targets
+ forward_to = [prometheus.relabel.default.receiver]
+ }
+
+ prometheus.scrape "ntfy_metrics" {
+ targets = [{"__address__" = "localhost:9586", job = "ntfy", instance = "ntfy", __scrape_interval__ = "120s"}]
+ forward_to = [prometheus.relabel.default.receiver]
+ }
diff --git a/inventories/chaosknoten/host_vars/onlyoffice.sops.yaml b/inventories/chaosknoten/host_vars/onlyoffice.sops.yaml
new file mode 100644
index 0000000..f2a74e6
--- /dev/null
+++ b/inventories/chaosknoten/host_vars/onlyoffice.sops.yaml
@@ -0,0 +1,220 @@
+secret__onlyoffice_jwt_secret: ENC[AES256_GCM,data:x9eRTm9WrEFGdxDb8JfqLYu97NSBRvhknkEBx/zSEQlSfcah+CVNNM6JcS0Y6d9PARcGv2jGUyakuNN1wYmzYw==,iv:33lWNSnQkljr8S9uj+Eab/fItyKAH4/xAeckdpvzl1k=,tag:Ejxzaz9nkGLT/mqKF35M1w==,type:str]
+sops:
+ lastmodified: "2025-05-04T13:57:24Z"
+ mac: ENC[AES256_GCM,data:Av9x7PAOBhUoCOCF4al8/4BnpPHmUb1JvCv+PKrBmjPBVxW/sU0w6oYmUNjB4OKxI4615pWpfCsG+kVSEysbXtrRGp2RGqhnSKxS5l21W6Qy+IEkNA/jcA/teUGEOy5Qj1SvgNtWvXEBJgfm9eCQxC+w34JbzoTs2q+6nSxtwmM=,iv:HD3nBwmnOGP6MZdLiYv0hlNcvK5lSxJNaoIkr3Xadkg=,tag:uL01xCeeIbWhsdpyqmUyFg==,type:str]
+ pgp:
+ - created_at: "2025-07-20T18:28:11Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAxK/JaB2/SdtARAAoJ/2LvlPFTh5vJsyUZfwTVrLg1DZ9E694J3HJ1fH9ZJj
+ 9qZJ0EtbHHjDyaoAS57FYt41AKbOeUpHa2XioVIYJfS3CgAA/m+AXmorvchU6Umm
+ tnSaEFyFYEFBUiCvGRMCbBvLepPHdK76a1SGkQww0hcwLk/rjfRAul1ffajdyhm+
+ Lqa8kMLA80PK5QLvYfAPlNtMiUgq7YsxmhAWoWQ5F/xLnMgClEnsN1QnXszoH8MH
+ 622pAp3KfQqUM54xx0wn0odFcuOEd2HCj/CVnMHdJgZ+7C3XhBg9rB5OgHDKTcMb
+ F+asweYxFszo6vLcmz1PBnuUv6sPpE15t8MRG6jckLCm7xHl9Kh5fkug8H+H8lGp
+ 3YmbV4Amr623p1vqyAsjqfcIRqB3Fdlp8034BJEFUXWZED5ZUp1m7w5aLG1mGyxC
+ C4eFPC2mqS94QINfFWYZhMieQz1qUEsZv4bFU1dxQt9H4J/ojkqU4oPVSmIe6swv
+ szmRVUdmlU5M2FLGUFPw0ikSheBoxfP3x8GuYPuz8EGc2Cdza+kGBswPT9OkKN7k
+ 1flPILolY9D263ldVamsamQL8r07MvLr2Qm+Zw7OTzc14DKyKx2H2m/6C1Koh+zE
+ 9qTCQuaNQjhpZlVf/I1nCEpixBC4Mc1gPD+DZqJjdM8dA2IN9YtLMycepM7igvzS
+ XgE21f3aoPGgiY6zYQiaUhjhZNWO8by0fxKaPeZ/x7++5stCZz8xSsG7K48mBjKh
+ NHKJ0sh2imtzPN8Nx/Sqegr30qHDXC5/x1g3eyYurVdT69T/vy4dt6Om49uFmyg=
+ =VHVp
+ -----END PGP MESSAGE-----
+ fp: EF643F59E008414882232C78FFA8331EEB7D6B70
+ - created_at: "2025-07-20T18:28:11Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA6EyPtWBEI+2ARAApCrvjvsNSGYfmA8y3ZBA6FhfXDboXWYEPs8UfhtoWd2J
+ wdDtjMXAC7Tav0zYPYIJNag4uax0xgMsKy2YcrSxrKy5IXWpyYsX1VeOj2mJgSY8
+ gBmH2UvSXtQkYgkV8avGRYn6X+6kJIGwqZRzPlnvKullAYWrtBOR7Nlsd+4BMdLv
+ sd2iN0z4OwYEsiRI03vUUOZnZY0oDEWLc/Pjiv+rqlHx21sZCF+A9TmuP5T3iYFk
+ lWVL4ROEu13XCPo86DebfQ1iWyNMk1US82KfT872N28m+OA4/pTkc2PKJTxS+yc5
+ UOC36GPZuyu/ve+OESMT+XOE5qMar40bvFGgLPaA144tILFVo5YGy41jMU5KrQun
+ Z09FTv4qfO1WDaA13d707nXgC1AQOmo28I6HP6M0YfRq7NXmJlJUsnVN63K7MfjY
+ cPFS0r5flY2Sajx3fLgV8t4+a0/c6qwVBqmMnbjddJr3YblH5nsZ0XOoohCAPTOL
+ 9HH1z9rmBT6TywzAcKmzboymnitQ5vFifIyL0CyZND6QjjCarVbL6uOZl746eJpV
+ /sVpzIemz5FREjp3+liaMmCxUWc3S+vSTcLXwydCWQeXL/X1s/OQJ0XvPFAiW1Ne
+ 0d9Uk1qROhb+pBEDmkDA+20jQr1n1ocBqvXeQZXvLAZt/bTyceN30OLFyP/rRr3S
+ XgEdW7nQac5MS1nIHuYfVa/06zEuQCiwHQdn/wfYzU/RpWLyDj7r0j3xjwXZfT4y
+ jBP3eBtnxAEvtnuy4d61ody9nyqLxLyQHYi6/4cvLn4bZFFSDVGJt7vHZ38NiY8=
+ =2Q2D
+ -----END PGP MESSAGE-----
+ fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
+ - created_at: "2025-07-20T18:28:11Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAz5uSgHG2iMJARAA04z1h5ogEphvUqynEQPQiIR82hDjXHbG0u1CVotvOfJ0
+ xP2rIXemVsHdZiQXF8m24Iumi+cbWvj+4kqDnAx+AVOBlyL6XMNvCL0NEIrcFRrK
+ /Hi16pEPjP/z7BnpS/4OLTzFhyuUuhP0rU2XhyhhzcFHumlKctMhJu6+4go3NDG7
+ a8W4NS37C+JObbKpUO2PQteHW3ptCBKlQ3W1+Horgfy9mw8kL4BwZEQE31XMXHgj
+ lOBjmKlkKxAcaKzV/HF2oZDGfyF1Pdeic13L6UpOb+zopEgCljwUDDWZPAf4YCGF
+ tv8l14LwzVO2UoQqWWwQTwiVuA1SDbtl+mjSyNdvxSvnj7tD+NMrp25lm0SnZtyt
+ QOMmIyVJqMN0DNoNvTb+atbZWPV/nmdt0QHcGJ13x7PblCGuP/Dt0fRekwoCwBpc
+ U4MYW1VAw/PWyzQ7GWPHIAkUzIqBY9JG/Pa3HNwyisU/psu1eQlMRx0SS5cYMnwh
+ RVJvVL+4aA+2+d5bYXgZUeoaWCp1duQKyH7GEdO4io8v61IkpRDf1QPbkTNRRT7T
+ LfSwcV3Cz2PKB7aGSdoSaRn34mzJf6jOoRPr9XHOmUx9Ni7SwFNIN4/r1QhhOlXX
+ YXC3RIjZhPLMd+cAM12bcgtM+6fJqloLCzU05QxKPeGl/4rmvisb7dIXFAjF2DnS
+ XgFt34T/r0XOZGydppw219zqiKL+4AXShDKcwE7oPa8AP5rLm/UY6ZwlC4HLvHvm
+ Su/gHrv5/aR/ORGy3UdxpHTxYfV99nrO1D9qWzm185WJpQ22YhbmV1ZRiywqeMU=
+ =k56a
+ -----END PGP MESSAGE-----
+ fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
+ - created_at: "2025-07-20T18:28:11Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAw5vwmoEJHQ1AQ//VlaN9C76SJnHeULdvnJ+A3b+idN+PxyPBXSpyOm3DQJs
+ /83eVkocwQGDL0Dr92f6OcZuHmb/gPuagwuM5Zak5mTRIYeUHaFSMggGIXBcBqJb
+ xMlYTWJ13JXkONJaSYn3AI0HVpUT+KMJwyp7H28P10RgBZJWT0k/wSmGxY10GG5d
+ uoA6HOYiK4/KnfzJa4lQiZm3NNlv+eO5yPib99KT+sl2hDPLuKJA/DUhK1mtdygC
+ pJrG+ayJUKtBq5veRrK/QpbMoD48sD/yOklPB0KadqjY9nMODh/PePpyQlFI7X6Q
+ ho4ECJeZoJMuU4cU8GwN+ICGoHhdk/l12JtqLiznDWE3uunqO/QxpyyVxIYG7vRl
+ cBL9PwLhHrsTD7BGzzihAnzz1sCbelYm1KG0bG/4mMVn8cCrwrmoU34+HJuU+5FO
+ CDExPnNEfen55KnoCqEvSu1W9tUrIJPoda4WM9Z4jWZRJ1CguF3wXALf9Wrwd5ey
+ 1ncpyb27s++lQ90G7rrGBijWBzNZISZcsDpUea58+Oz3BzHzj4Bh5O4GvDxG0TFC
+ R9P2/M0dlPOchalM5uSy5vzFM85sPCdbXns5t4yUOTJGF9ro7ZUbnjXjAThsdh+/
+ 0NyVXODQGkjs+z+KtjBX3WjnaTSlN+bCcZQRlKa+ZnNVzSffqoKOMWnjm9Ong2nS
+ XgFe+yO1c08VmGzmUtpXp0H+wuryk6OLQ4yLuv/NEk/zpdV2vkWGUbgZWBnNYpmE
+ DICvpbtmyghTmwtz6X6JHngfnUUIRlfk2oJCmh4oBsIAz/5kgECGzJ4P4qIjXQI=
+ =oz53
+ -----END PGP MESSAGE-----
+ fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
+ - created_at: "2025-07-20T18:28:11Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hF4DerEtaFuTeewSAQdAc6c5dDqGPJ7QNl2X9UEg3CqJGfRGNEymq34kyfWwNgsw
+ 0Euc9d8VaeVZzZRP0CltaxdiS4L3BiSm0mBJAcguygM3FCISZI3qrt1ZdLfWk4Y7
+ 0l4BZ8OFHdUOwHjd5CzKILYG6KVkmQLadzP+DMzavjFnXcLZQfT5QScBHmQVg+kO
+ 3jH26Jq/opnuwF5G1hE4cULrfryvMV4pR/rS/QP3Cro87+HTVnZv0cRE6JlWXJyi
+ =Uwlf
+ -----END PGP MESSAGE-----
+ fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912
+ - created_at: "2025-07-20T18:28:11Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAxjNhCKPP69fAQ/+JnIeYmS/pnJIs/KFjj6TOv9sYUWYEN/IqOiLtSa7hLvN
+ 4ZLERku/oYFshH8k7fAXsdQ+hHbDW3HzIFZR10u2hrTbsDc1PXA6rSQw6LzY+pg3
+ e3mT+7YwtXFYiwzeKNWQajCPCKChot+eBXp+eMnGE1XINYcJc513nhxbgjyQjZSp
+ ld+UtNxVohuZZSkgihA/vxd1Gr8lOkfrX1R9hc3VUb7nF2qERT1Nhp5NBSV0XlH/
+ 4+9W01uW2vOyAbIwH97+izGLkVjYYqzaR8I0qQNGbj6Ra+MJaNNHDf6qkrPhTrHv
+ nBUrbRXs2+ioRs9EASA1M1frRfsWqRqliuteBgPrfmXHt+UMiXbHmoNufh4M7FW1
+ 6WrsunEEuS/bxMhyhzeq7OiMgC+LGb/BHtpgo+q5F9xwHuApjYfXOZX0ma0Muk1U
+ vyNnMXYUO3eoulp19E2N9FWwekwzPzynrnf25W0cdpCd6pfRAUNdnaVrop/F1Q5h
+ fQxZTokCnFzF4B/F6e7Dgw+kmJp4AZ6UcsaX7BGh0dO/RcyPxeCey5tbp8tbOOlK
+ l8iJJ3wvHff1taXjxoaaEjNkE4/a2oRQ7ILVPpzdVdvF+NUzy2nbeEF3XE1B3V+E
+ TCP6OLDBZRP2XJoRyLBym9ShJaoYkRrEdTn8mQ9MDWdR882nEsWz0+LVn3ZHbxfS
+ XgH/F7rZY2DJjCo4xbFER4G+3NjfOswanvpDdTdQ0NfP3qUWR9kroKJnGW0cjDTu
+ MymLSUZ4vhszBiQEVrvW/HSnItiuX67j4Cd+RKFnroIajkh/CBxu4If84VFg1tk=
+ =nwjq
+ -----END PGP MESSAGE-----
+ fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
+ - created_at: "2025-07-20T18:28:11Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA1Hthzn+T1OoAQ//Qj7HVfszo9OAqoZFQtLqk7hKptSSjpD1TpbszeXl2imT
+ X7Z7bANyApqUDqaPAgAKYfKDg40dBiiV1ebYjiPqZFEVpOfR9+oRrkuHbwlRZLFw
+ rvd3/w5InOiP++eLT23E4HiLXZuSYk7JhWFgqYLirxgS9IypQeAFgVc+1CWBizOk
+ 3DLUHfjLScNq9Imxw1NyPoQn1sSv7wzTamnnBckmJqs7KLUlkYrjAzIMkc4iXVaK
+ LBaJ05QXFKQzEcN+VACE3fm2zFPumNBoykpYBqn87rV/2CTsK/Q7wluNineiSy9/
+ jwDKnEkgm7WQsjCCZcavSpFSGM8VMDQHq7qFvZns4fgFe4z9SAqEiMPJlY8jsyNp
+ rKxc7mNu3mIUHbJ8JCsMBgUKtgq0U1kC9xpncAC6G94YsNUwcYznmkbdRHy0q54L
+ tE2H/U9YGIOAnAIoabjdW6eFuaFBiLTZOqh8pfCT2T7zhIbVFumjZZ2U2mp/2ImE
+ BbUdyV6ENuADabE+lDKDJlh7tr9MuUQxiwgga6Rggpo3F/ZwA0AL75RRAOsadfft
+ Qa9zWe+THmGnwD5YG3ZeEcGsI8WGuexaOgMlbNJld7ayqSXISMOXNL/Hv8aiKk6I
+ z9I6EZlo3DjUJ/J1Yt1jV39GuRg7PBrNaUXPzs/Adcaorlxps1hrhRDO55kNQO/S
+ XgGpOpyqXj3rW8120Ir99chuRZ8+57wrMVm3Iq+IIk2lvgsysvhABmLaJkvIxzMs
+ OKAqjSSmh88DmM4wGGhSTSWs+6Hid97rLXxZ/inrdzL45H5NzwZFMXK77CQX708=
+ =0gyc
+ -----END PGP MESSAGE-----
+ fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
+ - created_at: "2025-07-20T18:28:11Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA46L6MuPqfJqARAApMNOCAyZjUdI1uFcPrDG0nLRtX1USKClRwdCTrTDY4Xr
+ vN2+ndwsIxj9NWjsfOgDqj4mEqh/l8cr4jtH4SR4C51KwCOWBnQByvaS9T9M27hZ
+ KwlfkeDuiyfxdEiEbCuYj5Ue/eKuRGl1wePSK3XsYS//jNA+yJ7I5VuqOXLuk3Ky
+ kMWqgftAiUfEwtQTUVj+oyZ94ebDtTtRZLtsLYP/NRKaNAoJoJKAtyUzOH1iTA4w
+ 5+K9rTH26PcDbkcNuCzxzlq62l/4pfSV3JQBU1ukfYKBjkQOQA57aHxGvkpT1KPs
+ 5ieLiikQRFXmPbKmUhZsFTpIBBYEMR96VyTb0GVP+Bq/iCcq0pV+xtB2ht8PMhJ8
+ oJJDSQzxtH+TAuHXIGpxh0pu0Qv5RRjGJ3APWIvlNO9f3+66Kq+7/iLrv4amau0o
+ fMdx9991xy/9O1wJseRLK7kBCo2Y0451LcxGSKDRYmnYkqYVK08qDtYdJAS7/pR4
+ zHKwt7Yx8rZDcY6FKNjaXPPc5UZkoYWKxlJbPOTQ+ZpWh/a6ITu2klFMLjtETTXE
+ oskrotoCB6MoYTDLXS6AG9H6zuGVe2YtzdBqoeV7JkD5SbXWbivoue9JqBpiAaay
+ TOqtmyqgJnfyCRJ49ll3DwDwI8qHZxF0DV6ny+UkGfu6sdXSApLw+Boqb3CA16DS
+ XgFfPBbhrhVjRnW9WU9J0hB0C9AaGsXkvKuxJtlPUyIDiL6umAXyfZwjFLWpCA9h
+ LQXsoBo/ac8a13IFUM/Mg0N2LN6Cli4Y368dl7A+rf6yrRCQDJ6furCUa/AnyVk=
+ =WYRn
+ -----END PGP MESSAGE-----
+ fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
+ - created_at: "2025-07-20T18:28:11Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA4EEKdYEzV0pAQ/8CyQ33WalgCh6onJN9riCoKfwnmS0Y9ph/fFs4TVoXwfQ
+ G0wZpcpEGLqpJvmD2uGWcEWjI+xYy4AI7DOc/9tCnwG7ojbN3gcyo38fCQv4rF3F
+ cfvnKhjMZ134GBaoZjAE9DTm7DktvbXfEn21UhsZJ484ga/vLkSM/GGdeGBhN+VD
+ O4MRV5+ipyinvhrFlPL+RBNfFxqG5247TakkRTuEyJooUSVSHpo6cvD10HCE5Xmu
+ CWPmL0pWZMAb/zF5YV5qAuCjYXmD2IWmvmuUJMl/MJAYFNc5Lkzv9PZ6YYO9dPm/
+ YuLHTI74sVWSzEfEWW7TpTjDV+wWtVDEluW0rU/BBi5Pe5mojsSATU/yc9xLnn11
+ f0cBfzE2edMI1JVWVGD7z36L7vbA9SmfrPMiAv4HH4XIMsKRm4E+Sagvpmfzp4aQ
+ RQaQRROnlPF3OiBEESXF6fJMTx2oUY/rGr0N4vHdbftjrAzSw1055U+sJr9hMowz
+ QEXi535RbpNYx6K06jMR5xh0s1TLZ8vQ96g+cBzWAgnL78r6WXnE4wrWQ1PIek54
+ ynUN+IckmfUNvJkNOpysgQjhXR4OZ2PJYHZK3NozDfuQ0gOn4RPAwuQLDrdsPsm9
+ cX4iJdhWfEdABZ//oWTkcTRbOgeLg3sBMQ3uKOCuIdUNxv8QArvAgzoYL0XVSrTS
+ XgFXFTQlV/Q+h+p9gqRlY83aaORunqmbKmqp7b0CXDRGTqzp78PfBpu83rcvfrlt
+ vW/Mc6sdQKbp1CLWjwi5rvicad+syff5K1Yj4KM0Va6EN02fR3Y3LX1umSUz9hg=
+ =S1o0
+ -----END PGP MESSAGE-----
+ fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
+ - created_at: "2025-07-20T18:28:11Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hF4DQrf1tCqiJxoSAQdAmctmfovaoatnLuqx5thkVhRKPDmu0lO1Cz5DLyEtO0Mw
+ f//rqh3/XZJV5+E9Lg3z4JwmvGOBYRzx2ieZXjG97CgXNJABKZEaVIJRYK188qvG
+ 0l4BYsSpSvsPpy2sSpaieMxYsZaHSbTVLCXXeWEuscjZf8YIt0Mtz/Xuo+vhYBCt
+ AYphX1T7gM32x84bRKY2GaHMWiJf8gliyp4GEuAcT/3Qy/5T5IzuT7ZCFPY0oJtq
+ =4oBN
+ -----END PGP MESSAGE-----
+ fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
+ - created_at: "2025-07-20T18:28:11Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hF4DzAGzViGx4qcSAQdAI999uiupFybQLd1PFvc8U3Iubq8C1Ak7MSeInUWtHAow
+ /0AFYupRiOj4plWENTnOtSLaJWaUPtxH5IPmqCti5zZa3EiNaDZi+rQ0pgcMIcg+
+ 0lgBQ7C+PTBjVdFNSwbfqTNIA9d+Dnx58rAmv9gnJT29ersC7q30kA6XXt0OORP8
+ +Qw94iehnPRN4wIFunyBpB/T/rosnCQwl1o4YF8Qg6c6i33Ka40PKfbk
+ =0oiT
+ -----END PGP MESSAGE-----
+ fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
+ - created_at: "2025-07-20T18:28:11Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA2pVdGTIrZI+AQ/8CBqRnnTS2cJsQ3cnCw0g8c5YG1mlfiCfo4XwcUCCYRUH
+ cCh1AtWdBzjqbL2rQ9HpJrTiudwpHI5NQhTd8M16klvlfoaJcIFkFOJlmqJIZROb
+ S1pwpCSVqfPzMH/i4/OhP3hebJ1tAv3DovKo8D6K0mwxPAr0GcWuNxwYgksArHGs
+ HwCr0+eZKtHvcIT2u7XRzbmgS7sylRT32IpouOKEj/xO5EgKlug3zDI9OWOjwQO3
+ eDB56bOpbD5lolT+mUbeklt8K9xo/AxllePOtj8VnAQiJ89VlIwzE0ULxEU1J48e
+ 6ACIZ5E337OfyiUw8CCAGeMpSG+3WJCBRPoQdTPtDXl0INIcTF2IHnFrbPQfM7gk
+ zWbU2Rc7+kuvR0eEKiy4Zs+IprG9prpLyI3ZFLrwZK98IYe54wjokDnNay154lyX
+ ncJX37e5RIj7xb0nDGQtNxaktX1n9wUXGssCHLecDIXQ8MstRkPh2/liwt3ZaGtL
+ gyp49DBLF+9S2EKAdGk3lEyCvYARuGi5FvZ390+ig5H22U0CP4c6/bwPRC9cgAK0
+ nXGleEeCCcE503cZf/ThOQQUKULtdTqrZVzL9K9OVFYUjrhjlxdW4dzIOgL+K3lK
+ h7mLEvmgRnaSYVWLfn7NjzrvUC20Zem6I02hV4GIYGjzi9epikn6IlBw9N1hwgrS
+ XgHHsygIAU6Tekg0DlMw2yb9DH2s86XlLfmp0KxBr7zuu/NSsPbhj3a9OYft38st
+ TOEdrZL+CqITCyWhUpWetmlFeDdgDtLFNts+/5y1aLf/v68mV3OsWqyledUhVa4=
+ =vAn4
+ -----END PGP MESSAGE-----
+ fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
+ unencrypted_suffix: _unencrypted
+ version: 3.9.4
diff --git a/inventories/chaosknoten/host_vars/pad.sops.yaml b/inventories/chaosknoten/host_vars/pad.sops.yaml
new file mode 100644
index 0000000..5c46042
--- /dev/null
+++ b/inventories/chaosknoten/host_vars/pad.sops.yaml
@@ -0,0 +1,222 @@
+secret__hedgedoc_db_password: ENC[AES256_GCM,data:5Pw0orOTzb1xCefwx/n9h9m8gmEY6irE,iv:nZvnPSb6sXjS6k4wNUoo2PCJyOcwjm36gs9l0mxwAeo=,tag:0seJlVi9qTfBiol7mP6DQA==,type:str]
+secret__hedgedoc_kc_secret: ENC[AES256_GCM,data:7RyM9jfKnaaP7kJ1JwucPa/IAwaRc7Hhe9VYIKGEmlc=,iv:RvtaWLsf/X/y8s+DLANcyVgagJqGB7EkvQ2nYm2Xo24=,tag:amdgqknDGeZxUBmXsd1ksw==,type:str]
+secret__pad_smtp_password: ENC[AES256_GCM,data:msnYZYl8vP+OeISI5OOglQsCQ8vxMZ0gig==,iv:oqov/myWJNzUoAn4BSX6hN1fWyab5vud8NmT+z4ECqs=,tag:0T3Xm2zw5k5WmC9Ks03XhA==,type:str]
+sops:
+ lastmodified: "2025-05-04T14:02:14Z"
+ mac: ENC[AES256_GCM,data:h9E+eIum7jyIx78zJh65c/4QMZRq+stNklGuBGo8afYpicLPG/A9LZz1UeBSxyEoMOV/jHAIuoU5u1wmijcsZSBBjI0LZsBTnGLORWEZCoVTEVCUp9CJHZ8zQEVj4Gt+V/moR+pD4s3YLuywamjquvghwtOMYt1JzsePGcCkHUI=,iv:wxhwDM9hmALuX9Ko4izSQ270X1aaLH5Z1iu93/D/Kls=,tag:j0+XqgV43A6ry6hbHhGj2Q==,type:str]
+ pgp:
+ - created_at: "2025-07-20T18:28:12Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAxK/JaB2/SdtAQ//aNqxoOe92/qN5cGXIHEMQZLzFLwft0nn7vcp+Aumz/Ry
+ HpzIMCg9jbFOJyX/AXogcnD/eFdbByEdJoweK/8HT9bRdcMAy/JXSZ6JK4BCrdeC
+ zljtb/LMJhwwLcHo7N6te1NJUxHYiN4kCFzNx/bw18BtXxkpGThUolh9d2AKkzFl
+ WpfFD6jq1kKntHh7xgZh85XEmcrh7TMTnVbSphggl50SoDMr0QqlE6+3M15/wPJy
+ BkU8lZrd9pnAI54kf9hbyARwLXFO2op2Mg01XqPtZqr0lAJWme8tchTzYfBMy6VA
+ gdecfdSa/QNbcoT7MQc4XuNnATZ4V9MGYasxIwfAEd+gJdHTjdpGf7R580b0s5/O
+ 77fy5p2AVC3TNgjKRerIolCG946p9L5sexExphpnx+QPcfZxqxRFV6wCHAyfFE7D
+ 5pHNDwTi5xKhv5Umsx6SWIgxwGCuBdSmfp3fAMtMpZtpmgIG89ZMM+IEyhyNOOId
+ wrDIbzW2b4P39Uldg6959VYO7kgX/+geHaunogYu11sVIXl2sh+tQ3745bZUyK+4
+ 9TkY36i0pw88X+qtZeJcynIVs1X5kZU/j9NoqR8uXVo+aTUrqz0Lmw5TJmbtHuc8
+ zln5ahJ2oEAh91yKIaG4chXWmOlHa2hLseJh2XRmgmAel9LxZxRDVNxEB4MngmXS
+ XgFCCgrmDBEeADGdY+Npg3arQPdQUv7N9zOcVx0+8YzqUkwikbLlAprI82cpRYbN
+ PZbwZC68VugNQ2lrTVGl/Vszf77Sqw8YgHKHaCNQeGQ1EpLiTDSTlRidxXQeQqg=
+ =IO/Y
+ -----END PGP MESSAGE-----
+ fp: EF643F59E008414882232C78FFA8331EEB7D6B70
+ - created_at: "2025-07-20T18:28:12Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA6EyPtWBEI+2ARAAtSL8SXFBov62tJ8A9z8BUJJxlhyB287yDaE7zmZ7SJJr
+ mdIXIzd+NZjlT3E3wSbzIs6bXZ+9hpH/FUwoleMnRSinreK/2g1YxK/rDoTGNCoi
+ z8I9IT+tcxLDI7jk1UdOml7W6+QB4WKt+e3Yj03AqOVH6puo0np/UoNWxEWgttYF
+ tUeC/5nlOeR3Rmo7xR+aE+IkjwTQIVsWdkn1QjUobURm2MLEcss3ccl/6cYmmbtZ
+ zlTDWQPbR/7mmqICxJYbHaSDoB8103xBWoyjBoU6Joogt3ITBp8DZMHsrkB7JM8g
+ VwRIUGoA89SUnDLONRpY+SKyF5otpHz51oh0Zk4WvgilYsBq79BoA8RRKAdA4wif
+ 3VUZgThoDLarh2X0Y7yRHuIvo3Hyyu/Rb/qSGKc2/C36QlbCG18ZDmBJcXWzsMBr
+ 6Tgs+EVI6vDXGpsBiZNMlBB9SWa9/QPmZROHSQ7+vEV8HHQIMlQ5gCd/F8HtDSCI
+ fvva+JvvkiYGyuW36ttX/KWja8cpzqZ/sUabzsr1rIpN755OnOHwl8ct19eNNC6Y
+ FnqjmQvCiCpAafoSHMowp0gqYRAy7KuZM079fPmC81ulXdaJ/+9TwNRKxK1uxsIN
+ cRcMBng1RZ7BcaUnZl36v0If7V0FT8JQJEBnsVgb73yj0w998LrcdFkrc+8K5uzS
+ XgEmC4sgiEb+2SFqTi+pRZNuMpNI42m8oVohaaGK3daBDJzEnO4MDCyaqh7Vrc8K
+ ksOPAqV3Fge7IM171mncjMOyAFWqKLVJNB+EWFmzBOSu9pcDsOJ7bTxfE0183Bc=
+ =G4Ui
+ -----END PGP MESSAGE-----
+ fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
+ - created_at: "2025-07-20T18:28:12Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAz5uSgHG2iMJAQ//W7ljbkBHoJ9PAWC27ixI3GqxvBcCVZJbjBOpZCHTMC6L
+ NvVjVM4/oHqO/RIKw/txAJ63nK4pu/VX5U2R9oPekpUOr3vTaOS+Y+SlIEWnh0r+
+ LihOfkQIMQch8LcT1yy6tcLTcO18OokuuK9PSpngkHQvq9zvcA8nYs+/apCg9RYu
+ DwQxPWukL5g5WPk+GmJHwffStp5M6W2juxwtBEjHcwL2SP3DroqXk5UE9jJ0a6QB
+ BFl8b2ubeSlbFOrm7LuhF6MREBbxP2b6pPf9Dii5tYZvpsVNcI1Zvk/FGR0j/UaJ
+ 4CP6GNjKtPIRSfVNi5InZppYvWXRWBgvYMCjjNWHMjIvf8+VmaI0KAOYcfrjN77L
+ jw2xGwY2GKuZLrgL+q0V9ZtCrXzQsw9mov/8DuzjW8cuWLJ2svHuU4pr5HNm9Mdk
+ ffcobSgNA01yvhoilil8I9OwvCBnXDSptkCg7wAiewlRW2skwBMzJ+x8tHo1ckPT
+ IxbNOZO4Ky/M2qbtMkkcrCOfN8aw/xtc4Fgd7bWpOnxqQDW5h4BMEUIhWoyrZN6m
+ BbnrsjMpuBtG2pLpIzbSXdHXYlGLglSA/HKld/HlvnJ6YzmJ5sq0fLddJejmuZP6
+ 8HE3M8NnXCqL8Lg2lu+osWCj0Ie04O51tSOL2MZa1Lrucr4k4R2fJ7JI/Wbj8i/S
+ XgH5hen0WL2gfvlYH+9L5ouHwIIuG6hzyM9dcKUAstR8bp8BvagBCHB3aoIGvtjv
+ hB0qYNOVpXQbTDS2rhX7Iyc9O2v41piZJc1Wgpe9owfQ9MXCOumRxReNXa6U3Ko=
+ =7dsm
+ -----END PGP MESSAGE-----
+ fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
+ - created_at: "2025-07-20T18:28:12Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAw5vwmoEJHQ1AQ//UIWoUZiWc0lcwJbx7Xt4TH/A5pAHRs7tLK11kNmc/yYO
+ 9LKj0abYLcEk6ZwTFxHyuOaGixt3XWCeUBwluTsf1hVKyYU+pZoZTZZO75RtlrXv
+ tncwBjuMjMHPBxrSRtlWM1L7PnSqG2uDNcuoCDIyQPebqbmwLA92+UD61RXEayM8
+ kiU2y5LFUICbJAWcE6/wyP2WTsypmlnvy56Hn5NmekwRa3AI9YzDLDUJtvLuhzrj
+ z4Mb8UZZCje6cE5wXFuuAOBnqLFbQoqiksuHvQ1qQzoai+0MP6TAcylhTFOAYUvx
+ 5VzHLZohd+F5ukqmFpAA9FxYgnvThhmchyt6HtFIOmeQYm+/d8kcKvHT79SfyFK+
+ +FYyBx3g9mMluYrXtNeM5nltMlRFxzEKrvj4U4J5bWnqx5NtviYLk1xQgs/5fJFq
+ E6Ro+zQFDYjJB0JMgu2neF8SuFOAbhtphDTLibs7XF0N+IQd5c76+zSHmVGaVGs1
+ WrOnIDXJDPsrQ4NLA7BMffZ98t4ba8POiJt1ZSH3ZrLakh5E/l6BmDYFOUVXCiPo
+ ofsgIGq6m4I1uG1DcuZPXBYeY0FDEp4SvyjNDmsTHQZWksHiZdSFNVQtAeqnC4V0
+ Ahs3mpqZyVlNqfR5lYeoGcqbxkYKYbwUt3bC53UmSnIkarUf0po47O41FpLVMn7S
+ XgF9fIMX/lkYp9OAWnYkkYpSnJ7Ild2w6nMqclPsg1ewo1jP6mODZ+LuP0YEjqRO
+ cHvgv3LTtEmI4q365h8FvQL6KCtktVucFbDrFeldBrwaLVcdZKeOsEIogn9Wdgk=
+ =EkrG
+ -----END PGP MESSAGE-----
+ fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
+ - created_at: "2025-07-20T18:28:12Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hF4DerEtaFuTeewSAQdAV8YVHRPgSGYaixgIXdc6id8t56XZoN/E9fpSCa8TZSEw
+ 3boOWRPqAKNXtSSlo5edVKc0aKGT8SNSpcj0iZPNIjT7LjN8cX51Agbh8m/7WSwx
+ 0l4B9PGTl+6CNGVMqeRAgAmk4j+5lopHFvVOTzhdTKTGHSMSXDTWDzSRIGScTYjh
+ A7RSeNn9Plh1BFaOaHCRoe2ZN8/GiACU6YRdaaChCxfTurRqA6Tg0hrW4Hi/FcbP
+ =m6s4
+ -----END PGP MESSAGE-----
+ fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912
+ - created_at: "2025-07-20T18:28:12Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAxjNhCKPP69fARAAj4fYd6B+M9fL4TTp0q9vYcLpSaO5HqlhO+aA2xwfi8yV
+ KL8Y6dNQvogBwwux0mwhfPSDkU4P8NxaF5+loZS6fSpKrCfB3jOI0OXQjlkL1X4j
+ MHfxKQo3P+gHFY92OBo/H2Z0cp+COySGgQGhL/vz+tlt08eygs1MOB/6S6HWWI0a
+ fE+2x7Vm/h1QqEG/7EYKJeSnc3Mqt2+vb3Zc0Vo8A4u7ZusjVWFVJX5ka9vtyHla
+ D6QVHIZewUyqowVP81kqO9b5GPDqDySAdPMd2TSikeLqi3nrCE/ZMkqA9AlxPYds
+ UCk22jF4jqIlx2KOj+5UiBzmyJ8yZuH4KDo7Sb2ypbu4oV2w9uQbNmtpoGRoF2ZT
+ UXSvEmObVSB41OVPJPo8P2DOpdH8hTwKd2/k4z3vsAuzzRYypupy2m/rW8SCMoWR
+ zsmX8jlL08kVfokldgow7PNzDSiamhD+JyuZG/b6nxBYG8YHyYXoX3BrCr+GGAnl
+ Y2iHjiPwEQlwvYqJU3bpHeqkjp+u+S1oMVVMSEY6QPhepxUpGRvHjHvSElOua4Hn
+ CtTv5GR5B0JeuQYodDuzgADO/DGP1xAojeixJCdjfcZnwz5GlPzV5dXc3bLlvzju
+ uYF5GLLIyiMG3eVFq+mNdtNLS6/toLvptohUZHUIOzeBE7a84vj6YaIBJQuI+D3S
+ XgEW2BR7ssAb7n4m94b7v0P5+kNQXJS/mUtpWt2QRjO7ApgETPKJPL94eHq+ZUFV
+ zxGCTqmi09a/4JO6cQRAtTddp53r3Rd0Bx+1LMzlbupwJK03P4IGIu4sxUbYTrc=
+ =oBXZ
+ -----END PGP MESSAGE-----
+ fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
+ - created_at: "2025-07-20T18:28:12Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA1Hthzn+T1OoARAAtNvLMnRwKO4rkv+XVnhCm9fBqVqsCJtzOm3+oIxuIgcO
+ TdulmufWkPG87BqquK1MMsIfBFad26m3QJnot8JigLf4VN9KOHwaxEiOafUc+GIz
+ y+UbWpGTfVz8uCuWp+MgwdhFTQbf48rlfan5hribUL7ZG0gs/k6YCuFxMZOgVmpZ
+ CbSqGWYQm0lHZwU6dmKsXAXD21yPhU9JY+301e+uoGf/PR4NPp8CpZWSylQ/0Ndn
+ lzTn0rJEMbiM30QgS0oiKnvLodLGfq+YY1nou3YxUgXgnIun2fOlQ5lO1Wf5yfL+
+ JVegUqSJqLVBWXWjaGgNW10PWxrwmx4r431uct8SBYgG2Z4rx7nTPOK1UpvUkOf7
+ kaVpnCNChxV9URelNdDE7wv+QBqvNrATjrgV9XQ/JPmc8vgY0ukqVXh3YiBlRrgp
+ 6GRsFE20Rwwwoun060wUB5coeFxo3fvl3ARfg5tm0DW/HXQMRFLmq5oSF+UCa5ni
+ lywL7nudomVieHhrGywzFQ0zR8odC7ChY63VFTlptKQ+fbbRyPr+TiVuhKGlCQCn
+ 1KUUdqDq9xAyGycxyVF+xRairAyIb/Rpl8tCqyvv5g0PyLpdUvU5uLYLU0mINoiO
+ PvmJdBF1I4xIYOYsIDFYtnB1Ip/KQtceQ6wbVZoTkMThdiYI3IaQU69ZCnWoA5/S
+ XgFAn6epxYcIA0AKZgwLcuUK0I1UJbBwUAOOSdGs4LVjdH6HhqEtKGtMt6TW1fpb
+ iOhHHUnBKf4VJT4zrfP3D2WrlbEtV+7njzVzIxQxSLDW5c/JFWwgSkDwmcZGtXI=
+ =C12p
+ -----END PGP MESSAGE-----
+ fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
+ - created_at: "2025-07-20T18:28:12Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA46L6MuPqfJqAQ//c82fjsqdQ21eVipN6br333hV5pz1ADxfdDujj85EXJkN
+ by1KP7a4bKdmuBqMZq2jAd/7BBMkiTr5VElCZVx02OkVNSAI4W+2Q9jLkLsEmq8q
+ Bx4FNqqbziu9hPjGbiEaWZZp4Nxw4PET7yLuioLsuXuvc5MBkkAv4NPY6fLia8Lh
+ J/K/FerErHHe8aDbnb1qbjIdgibGc19jQoy+8O4FjlpWxr7X5r6YIDjH61C+iTed
+ h/2b3w8OjsaBi1uk1TyXCkCxpJFHw5LpKJ5V+Xyg2k9YFWtTugGG5WiJZ7l15JE1
+ Ak2W085nzYReYBr64KiUSEZRzJzA5c7Jw7wxUwuM3LWitnvjEkJs9bjkmu3wicy8
+ z7vTQkPVXPlW3zRaEShk9jIizT17y6AxcR2HmhqznGN1cCe/6mVNCqXbjLylFHG8
+ 2ez2SheSlo3hEq8Hr42pwxUafKShOUAcvHyXC99mh5SrE2t87SwNf6pHDP48GD6D
+ bBztseGNapINd6/KMjtCKvhC/5wapyYbgW8/mYYmCqrlyvvs9pSIqBR8vanFMdDA
+ RGouV2HXLCvvf7C+QJ6I/XMPgK+ie8063+7Mz7i9wtJ44QrIEBBTqBaLgSQ+ojek
+ 5eTlB5f+6XgiAIrtvMjNuyTNYKjlGILC5+RAfhoZGH6Y5pA6lDJ4egpjRwW6/jzS
+ XgGuUCRdk0qjpfR5K1HQRLMYx7zhz/MZipHAjAXPBua5NIFDS+G4uS1bVozFY3C3
+ RuWqBLmQ/zA4mYkZyDBKdRZOKIHvnNvHT+Drpzs7HKMlt4evnU15V5Y94kveI0k=
+ =dtNw
+ -----END PGP MESSAGE-----
+ fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
+ - created_at: "2025-07-20T18:28:12Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA4EEKdYEzV0pAQ//e+W8JAZRCKye0xb0urWAqMhyQB9bPoUdq6NvqOhF1Obe
+ OIIg7wKMVYagNKnnQ3DT7AlaG02B4lV///cXDbF8z9CqITv0Jy9KDLhWcmCjcK4H
+ /YIs4uVEUm0SsZniGtX/XBBsVPOSZjrr1Rv+ZQj4S3QJB1bvouZmXotyiSBAGtxs
+ LWvJbHZMPpeYXYHVJwB1h643uB0RAxl5ob7t1KhdWOBczqTw5LJWkIvhiL9twjRM
+ SNo/a+R+xXj7+kNhzA6x2p48EEFoCnZLwwwnNxcH/7Ru+VCTkd3+LWRoocYu6Xml
+ 6KoyMv5QIrg8ObzzNDqqdHV9AL0yMoNbWhA8wW/pImwzWWIoZZnOB+UqnsgmvEJh
+ z0Aznuzfw490R6I7g/fKTTNXIkh2RmPe03E244H/FL3Ude7xSgVRc85JzECk26gh
+ PSvYBqgX6gafAHAFYYtu0pI52fIpY26FQ6oFd6lINmBquvu+jVRJJ0tL90x5M9oS
+ 7pW/++RX9A77sg5uda6/83H3VGyDB73epW+Zif3EY2I4pP14rHba5W6GSv5pQRRO
+ 44rB0VsrfQrFOgITCqjUWS6XJyfUcwsISCbmKz7aLqMApaoqAGdQz0LYPtlGiWvx
+ fAbBRmjFhSKt6+U7rvM6oJLjSZE0AQJ6d4BSCjqvU2Tn2jNv5o6VT3XjwqkSpOPS
+ XgFVMHLs1tTvyT2pavrsO0OkRY+wSEPkwI23/Lh51lOsdRqTChiCsoixoApEkKy+
+ /EehrjKxPsX/g7ulvoNlnAMtEYt4ShCcnXY+BJJAQLyZrGb4APSd2TIK9hRTNMk=
+ =6NMh
+ -----END PGP MESSAGE-----
+ fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
+ - created_at: "2025-07-20T18:28:12Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hF4DQrf1tCqiJxoSAQdAqpHTHLJ1nm14QdhNauHESrle15XBGIWMPEVapqcfc0Qw
+ KqDeoxAQS+KqklzODzy51Wmzt06gGn7AOgGf7mUTOJJDiNwtQrPJay+JYgjmKwvH
+ 0l4BUgRnvwN9iYesLjh9HNsk/yomORDhwdbMoel3Y5KN3+3dVG9wHSA2A7qpre5D
+ SWoecyXjnocvu9Iyr1p6d7aPwGcVvN+u/4wD+fsczDVj5megya5avSjD5bXI0tZy
+ =EQq2
+ -----END PGP MESSAGE-----
+ fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
+ - created_at: "2025-07-20T18:28:12Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hF4DzAGzViGx4qcSAQdAgim7RmvpCENDIfjVUrEW9y7BKKfZCzDDjAo7DMKibm0w
+ fnUxNm6hFRKfZGNw7YRIZxrlkBGrzj3lQaudBzOw+Y28nKK+wjltrX1JjgDA2aQk
+ 0lgBWY1AIVKdyzJustVIuOwTu1GfLelPKpzT4lFAnvBrs6rEI0DtVgiUtgIxn2aK
+ ynDbN7LSJH/K84CigYCKzKdY7g9eg6uKuS9QWaDV//oMZbdUijhtK2M9
+ =/TsU
+ -----END PGP MESSAGE-----
+ fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
+ - created_at: "2025-07-20T18:28:12Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA2pVdGTIrZI+AQ//X+WG/gb9oSpWLPlQ8MC1LTGKbe0U7n1RT9GfkFq6QwaD
+ 63K+EUOPmmssmWuqIyH6XL9TXK6xX3hn1wzZ825FcmN69O3v7UoLgNTalVC6A2OY
+ +g9rcpSIb/R1Lt694p75ce0KvzepvyNdzsTwzMSMTMXd+Z4vpUyQKPzOnUCUoOK4
+ MKm8iNxX1srl5vEiw3wWR6untn+E/4DGmJMA0BZxR9TTz5dvNnW6F/xn7dG/aLvz
+ 8MwkisqkGpkb2SIeCexnJFaYtYgIHby+tNVUhBE8A8VOQdRa4OiXNbg+EhO0J7CL
+ Lhsn5B3jsUp0HAnUrPI8feuwaplzPML/keVE+eIJt+xcXh4znVbclFI3gxNPhMPp
+ lTjRptzLgPSa0k2+shtF16WA9/zCmFMO338VIEn7wtWPsrtJ2ap6jD9VLA97eas6
+ 30aDudXRx/Rg2OyT7K3lfRhgkV+727cbBCYKN5YW+TdQp6LheB5PbWbRGpr6wQbW
+ phRhgTgSkpjZf2RPCgYLNjI9xlep9lSjBwe4vZW2MdVA1778hvdVb5069n432a8O
+ A5mPPsfwNi0X+UnFmid397jIFH3ZFoF2YB/otnuRfFA9TdZbayl/lZgXVJvqnGGl
+ +Zaz74UQiQWxLBYTpmOdh8Cs2eEeo3vQGkOpRr0gw9AXrLbiVYfv+CwT0QGAUC3S
+ XgGASADjHRKN0sqUwZ6/XI9UeWTMNZq0Y/DPWBGTzT4AehLlJKo9Ju8iZlN9D6Dc
+ XoIqjpK3F7swjMED+xnK89dWCymPZDGmA9fWtkFnGkMjDWrW62+UNb9f/Oh1sGI=
+ =8MRO
+ -----END PGP MESSAGE-----
+ fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
+ unencrypted_suffix: _unencrypted
+ version: 3.9.4
diff --git a/inventories/chaosknoten/host_vars/pretalx.sops.yaml b/inventories/chaosknoten/host_vars/pretalx.sops.yaml
new file mode 100644
index 0000000..9d5082f
--- /dev/null
+++ b/inventories/chaosknoten/host_vars/pretalx.sops.yaml
@@ -0,0 +1,221 @@
+secret__pretalx_db_password: ENC[AES256_GCM,data:T9qw46sR88tcj4NG1oK3AfjreU4N1cIN0w==,iv:g2rr7PbFN9bFDg/w7vZBiuMB4p2j2uu0eQAyiweuQ6Q=,tag:0coJNAbT5W9gxy2fVOhuoA==,type:str]
+secret__pretalx_mail_password: ENC[AES256_GCM,data:HJrrmdDKzity4Fzz+JEj/kvddzHpRbw1Yw==,iv:dW15nSyYjzlFdPkQoZmJ5k+poWyJZ7dW5Lo8IFjtfMc=,tag:AZZObQRDMMoQgnPmqo/+Tw==,type:str]
+sops:
+ lastmodified: "2025-05-04T14:05:04Z"
+ mac: ENC[AES256_GCM,data:sO7OHejtPDQNt3bfXl+W488vCqaIicE/iZgIw6dClwoHZUHDNlv/V4aubJk89vELCs7JeOYocqZhARrrHERUxLtQMf+YguA2fBYZOVZ37chtfIqYoceq9ygzzzI6/PQlO5oRoe6HkASJK5t9oVWdfWUmBfWWWjBGrsKbUGnlPOg=,iv:p9NZw6HA0oj0PWJYDIjUKzj3DAI4ymI2V7o9knsvjnE=,tag:AbMiE6WQSPkuY2AEIcHAYw==,type:str]
+ pgp:
+ - created_at: "2025-07-20T18:28:13Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAxK/JaB2/SdtAQ/9EffdaNUw7+lCgQpIq+ZLSK08NF6VdkSgrB2qBfvdx6K2
+ rHNsBWMhfXKJRu42NBKP6v9xuJsNrpS0cJKhBaZB1sZReJ6iFRR6iFv3WfRPODNw
+ owx0dXP2OTgrrJYr9jbg8s2yUZzRYakEqa9KZkLIjz9klyxclDF6aI1DjRuNJ2iP
+ almHjD+wjr7KZSPXSCEESfRD+k2wUUk/xMLQ73tdZ+8+Azex5diquEZCXZ4VPeW2
+ B8pl3JQlDSSdaxD1YAa10eoIwIVn/ac1phPOwPbegtvhRs05HpaMVD8agP6r2IFe
+ sLoqAGRlgPAr+a8KDxwxhRirrutOxhvgaCTHqkWBaUsNdgDgWfEC1ujCM6MpzbnP
+ lu/VQsDEN1nZs1UQ3qjCehh99NBdD01bL3TzTXrT9GhoYxAKb+QN9+7csTKq9LH9
+ QAFQOQ3oIZGf3rdpYwxrLYAfA/dSu29xXHcR9qHVOSPDg5r7s1ccLCT/DwtiUfrL
+ gXzMUMPmcHAKaMhpxGXtnlyZFfSA34EmFFWL180de8fUHW+vD5AQu07RuwbDmX1O
+ ocYp2GPwyB5j6XsAGKDesyXB3q36qKyHS1A3XeWd+11cSkcorDYTQqjB/6IeA0ym
+ DSBUTVuRCput5skr2t/UMu41PnA/WTGKHmXU4tAWTCOPF2kIlJJpOcUC2m5M/+bS
+ XAGh43M0q6QwfXLVpSnbtQhT+FRGj4xgie6A4aL2kKjwbo47hfFtQ2kw3PFk6iXL
+ yAnLTG+yW0/FOm6Xmk838mO+xuNNHaOMZgCYXmD71l9u3Za5xjDPRQNm1wi6
+ =P45G
+ -----END PGP MESSAGE-----
+ fp: EF643F59E008414882232C78FFA8331EEB7D6B70
+ - created_at: "2025-07-20T18:28:13Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA6EyPtWBEI+2AQ/+PWhuluGgAjqYQpFiTUSUhwWbAwpF8o3pQan4b+cd8a6H
+ f1jNeA5XsWQlmtzlW91T3vInqRrWzp8JKR213nFm3lA9SkNQmDs+UwcfQO8at2JQ
+ YMhUWf3ea2TWn6bKb/LNYMdcsKNlaueyQgxSJZP0rhPoI8uX4r9iVvfbK8g8iBnw
+ 9HErdOHfaf1PNXFQtSh+1/47ocyxiBg0/7+e3C/Y41S53NG/J/d8ldTU0mZs8q9o
+ 0DC1WDbMt/t0HwKyXN7zLdBoW0qB2M8FFbAyAqSpgDdB6AP513V6ggoXT8vF7tFA
+ m3Sq+8rNl0JWK2qcBmd2tIKJF0xASTnhQOd5z9PwZ5MlNBJNobB//v2UlDy6Iov3
+ lXXbXexOtxuBdrWsQ2fj1ROasTlBTBJ9AAKX2hv/x0bWY627m9sr9wQxv1BrhxzJ
+ AnPGYEHdpW2gy3dDgq42HsoGAIQlO7fjtPC4LRJ+mVpJNcpAaJgUBzjwyEK2/VZs
+ tNYnYwhrxeQLQfGsOKGBm/gMUgQI4UPmyHZqEMOziMQu9DX3PQ4lUE8NbMnzhD4A
+ XVM0XGh/rX86YSRhoqNbubmsWtz6L5HfIfNF385OnM+AVXPorpEJNcDYN0HazLYM
+ yiUJ2UD9eDTF5Q/lVAQhmi2j9sCbn+cWwBHgAUfBa3sdNhQgt1V3JcoIwvEIru3S
+ XAHnHd6LlUDdCn1zTOwvyKCz5V1gUDQmF+ocj6Sh5lca0ks7kxTAU0KCTwemDsbz
+ 1WJwR5NR+gz2YMcGeRRqZzpnSDs4+RyaTf0jCpj8plDecBhzJMoIzX/YcDlq
+ =W+aT
+ -----END PGP MESSAGE-----
+ fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
+ - created_at: "2025-07-20T18:28:13Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAz5uSgHG2iMJARAArMlCeBgkSZl0QwIU+ahxoq05l5qDc7s3k9iH2i3ZaIsg
+ ZQezH84ZKbMao+lQrRQLyDR0WzZ/gk4fytylC6zU/F3kCojVO6zsWl6llOmbdvgY
+ ypBkLT0fQVOKqljEocEpc54MI40r8n/yJrnn4J6ERxHR3VXJBc+m4M7Zqudy1hMx
+ ugx/wpjenCXRis1S+6WgdJ1XMjkd0yWusI/oLc5leac/PqnVRHufSzAx31bRq/7+
+ bjqUUotIbUp6DhOil4or6P51X8BIBlnEQhYjHTQhx3fnUyqeYLW+UTAUYaldOY6q
+ bBOE5v4q1o79gI7rGfqkSXQl6fIJWUwWcUA+VLtv9hhMiqYOAezm7f8MwXZUefp1
+ 5dCLfSoP71cwEHdfAINsxb6OoIMuvsrL39oMreEq8v+wXhLlvxxBfSB9fPg6Blw4
+ tyx72DWKcDUvcXlUCVd9AnPPUN2AqBOnuQ4bmzuIOxZHQUr7oTYUsi02H4psEkNa
+ gQ0yxiEnznnU8noykPUukzYgyfRzHsS1q1o4WLjUcJkFFLt1g5HQHTDIvD1Ebf81
+ pi++0CFjcNDZe12S4jpApcl24WTowkfJCVYJufX0cOdmL6Za7MVxllq3PWIhSlgO
+ vXmkoWhdDlsl0B+xEWeVw4CWQOmbX0J2CUwQRVdwRqhv2ejc+GCFoyjGWsiNmRXS
+ XAGwkybWT+vU/8Uy9jwdRHPFOcE+ZIPuHO3cy+9TbkH7w7M86YEUdvW6amvG0HiK
+ cnMWvbol7a4PdN1i+Ov6YzuqIkEcV1Y/RgjOa4zwbXHwX4LDLpeIMS68E8Fn
+ =mFN7
+ -----END PGP MESSAGE-----
+ fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
+ - created_at: "2025-07-20T18:28:13Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAw5vwmoEJHQ1AQ/7BfThwS2apanA8MrUZOcED+O7zMnYryEUlMwWpBE2sEGd
+ GR6letvHkCn6ggqzVmbaFtFY6kzWnUiwHJE56rXab8ouoybf539eot1FH2rtDFWG
+ MFDO6GdJq4JHCIksx6kR5N7qDyhSTiqbuF04NsvoHvxgcpNQhkHoiTopTTnMYH3K
+ gBy6nMkfFtFZ1QTVUGGtVROUqo91r9Pop8IkBX0o6dP9piUGkQUHkVD0ci09oclA
+ xNCIO2Qfz3PJbj2EEyVJwLYTZd32kJOn22e014kI9/xOWCHNOP6zqwR5mzyb1cZl
+ ATDnb27F1JUxpuXPTx8Q6ybI5Wg/l4du4D2ZFElkvSh7xQJSeRK/OvEPpOeNV4vn
+ UKj4lxg9+AiNCbuVxgZP1uYCDKfcf7YnBhctRpHYK+DWE5DLpCxjYRrMu5/BjW06
+ Xi4uYVX9bM82RcnZUeOJA/4GY4epPlF91Kd2ZTdCyu4cV1EPtFi6CQkG4OxuqbQ/
+ cURZSmLwJHx7eoqKfpARslqMQF9713GJ3ScrvwwPEPXyEptYn0wwnuvsLSBmLO+y
+ mxJFKsTUumL4e5RSb+KT39AXRDfgP6dLW3HEYYa+wLfNBt9ObS7u3NZTvAbIqhDP
+ LExNXOxSg6cMwtXB8i1FYRAkSaOoIg/RMUXFXY5Ozd36hPKRQMz09lvxI6Vc6MzS
+ XAHKI68c+Bdu0z4LfXEWc6n4ZCLkU52fytX2chWx/SQ9K6SGPxoJ6enz28zXZP7E
+ GSFYcKW2ZnOagEHRq8ZzPjR6RsaxH9Ge0oR6//55pHQqpPyU5YBe+gq/PXh+
+ =Y2np
+ -----END PGP MESSAGE-----
+ fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
+ - created_at: "2025-07-20T18:28:13Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hF4DerEtaFuTeewSAQdAI/McyCJvJ2mjfuNy5cYD8yerRzaI6hr3DQhym9u2Pz4w
+ Xmzw8xhS2pLF+9wByaWzPa6wZNhcOw4FuoY/vuX7esfkiy8hOolggOo5N/b5OOtU
+ 0lwBy2eZXcWslQn0ywspNjRLSCMTvMtgjP+Mj+Yz1RFVuuzbf8nx6KndgghNJLeM
+ yu37XTzfcq+uoTbeAuZVtHS1JFrHbqFvuRNnqF+DA6xI7VY3TMJMhpS5I5J7dg==
+ =/a2s
+ -----END PGP MESSAGE-----
+ fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912
+ - created_at: "2025-07-20T18:28:13Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAxjNhCKPP69fAQ/+OMpABLgtPwY/mKXXbt5ZWlPWc279oVuJfr3MKNAZAeYv
+ tEwRH8L+/QJ6WVb7eBM0QiYPfykN94lc2ibiH5gU0fYl1s5t8RhfA2+cP3aSKh52
+ 8PAuEuvfqV96/rIaZfgdhOkZhyOlB9hGiMxXzrqDSgMiDm86dCokYZSnXMYcS2QQ
+ mj4vazChKE9BOCRXT3udtHPTJr1P5oy8X9zzJD9zq9cDRimWVc3d1u5UNdTcUnp0
+ Lc4SdHImbyzrIw8dbsda9TUv8D38c5f6MCZSjGgCBQ7vH1EVpSfwPDLhvfOak38A
+ j0f7j5VRPNcYnc/SzFLM9gXpx+K/PjEgwBlZBWqQIo8VJu2j3HT/WePKABmCki/F
+ 7hvBYF20URGTIwwWvwgEPNYarqkfUsQ4MlQFLeqb/hGZmDJPI45kxA9DeDj17VJU
+ GDcyVKaU+YLQqNJzlPl2YsC+CVGwnF68+cQ6uDtFVCWYxZuB+8Uza9RWNilT7YsE
+ FWNjZNPEpURUGzXoWjeD8dsr3d6138Br5lVuGt9bT8rKNIr2icv+C0IIhAGPFn5W
+ 1mankaftwGtOgQ2kV+vJTHiAoBTWXOsl+ppeYrRYw+dEk17NMOryEmgGARtDOQ+m
+ 9ZJv0SfoRhH72gc9AyyEb/3vW+zipobRwlrFx6MZ24YsmrF6ktaefwM9qrC1QrfS
+ XAGdPW5zc3TcUNg1RBv+L/tsi2kgqY+ay4ivqeMBeKqOpaLflfzcPvUagDbyP8Dn
+ X207VaxYHuPKHkeIPTwYu+dDSUVURxSePZY6dNq4NVAniCA55BcuwpZEtSkY
+ =A2kF
+ -----END PGP MESSAGE-----
+ fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
+ - created_at: "2025-07-20T18:28:13Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA1Hthzn+T1OoAQ/+N2PMc0UUZcMCFJ5r1ighIXI6vdPPKfxD9dO8CLG/d/Jg
+ 7fnr57VGf9WnDcaDWrInyY3h/dhbVdxwW1Svb+sIvN4h5HNZXT0slMqzF5s3ujQW
+ R5IKf0LOPoP961pkZvAxdGGaVs2q0KeXwzaQrRpdG5qZoZFukBMjdPlXvooWL9xj
+ 50fJ5FA9tWsplhexBJpO7gZa9ChM63OwkrMJsEPf4IX2CdAuIUUi4ZCSS9flYXwZ
+ 0sGKWFIqAdPAlREv4Oj9Yyg/w1JIxOi/FRaGX6w6e8N0ijrde5m03vM+43+oo79J
+ F/izl83N5/cHUnLsovLkwojcoYWX+lHRBPxaPti0JVtTHxNk2hgY3VJuLbgute3D
+ QJk9shKlsE1fuRFN9kYeiZH47Jb/GQ63W/W38zGEyDI/P2XFSkoLkK1XMUnv/iaU
+ BiZ9yyJqC14B5yoeI7fosnpTxbzhEU/Klk4yCjy5m3Btae7oBVrPJs1ksy1vsJVI
+ 1e0jr2kitK5vnLXntrPHrci1D48WuK8qYO9xnbPb7Y72a/Zs0K3GFaj0bb1xDp6N
+ 7MdbkpkxZfilj/TRdyFCzWAD7YYaikpdqNVNupK2eT0DiUBLEay7CPggUy4JBVwv
+ QxjKPIFEuQYKDZyoqaB4aNK7sFi/mnOnhSuiPW/Yj8nWO5cBQN+yV53MZJ+bMT/S
+ XAGRgwng3ADPdTTWI7059N1ps47zLu+X69EQXQz/XXE81LB4GpV4klf1ZyXCJxL9
+ h6NkMOelbQRzo6GmIVH3ZybulBDUEWaGcey/tjc4Nn8nsWLEEK1sZ8vxhgQS
+ =w16+
+ -----END PGP MESSAGE-----
+ fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
+ - created_at: "2025-07-20T18:28:13Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA46L6MuPqfJqAQ//eCpH/tm49iFcT7m5Yy9URQh6iumq+qisjewD4I55vfI8
+ 3wm66qbVeGqRWdLhsLZ4xajNNe9WBYnO66RcR5QEyKkwsau8IzN7An7qOwsudkFi
+ Fjm1dGh0n1EvsScDE4CccPlWIgmoTEkI1AlY/bk86I84Xz2I+KKGKMDDt9M9wY4o
+ kEfqXhTWj0RyYiUWroFDTTUS37qAxj3Gsn0ANrK7fq3KWk5wZY0HxEZqiwohh2IJ
+ 1IRoPqiweJGXTAdt3XM1KHNj3goMThyW1nPUS3vegSdG36MW7zYgFgr14gEWjwe7
+ uz4au71QdsJo2wqrXcblU2KXhxMxgKsfIO6n5SB6n2beC5YB/WXK/4hqvjze+4k4
+ gmJ1OaDF+C3/hdNlAxXVYw5duYeQHaWdBnuqc3bYBR4gplCe8sHXVPldBwdBXT8/
+ arpbxaTZGGBufpAWpC2zOC/LqriFB8pgBr/WHs2zgRyy2tNB37g5w7CW/1piTxOm
+ txAkFnvlVHAvA7KJUK7ZlcilxTNhTmJbHbsgax5zol+Azr/NaiI5oCFPfEfIHMi3
+ KIFasJsHaClUjoPcoE1qqCxWS9rYcp16JA42tJHQLUTf96EMSy0PI1Gz8s29CUsc
+ 8sRQyCHg2z8CRYewpgeZPFZ6oB4li/7wk33R8Ygz2rl0v8jGYLLXOS4MKnMzmh3S
+ XAERrfs67xQE3bgzbrwobNGeTkx2XglSe5m+xK4D8ncaCjt22igKynJCN2VM4h/9
+ w17wcA5ptgHDY9FVbdzlVpG5B7k2qOU7ZpZwXxCtcYKsa2ViF8KOiYVWT8VI
+ =EeJS
+ -----END PGP MESSAGE-----
+ fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
+ - created_at: "2025-07-20T18:28:13Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA4EEKdYEzV0pARAAkllD5CHl9ViGIl/9NT0B/w0VXvKdt7Vm2xYAOHTDszhM
+ ytcLXB9sn1eioRPBBzVBobllNPJW6Pw0udokQtJ+AxGMbWCEiAmFBz8l3UCx5I5Z
+ UTELpSjUEd0NnUXeEeHqXFoeEgfuXpSl/jrhv5jFWKhosrYROlD62oBOn5GzTPjo
+ S4f4w/CogJGDCtH29RqknCNGILUkq4REMRkUROVBNNlt1l6u5EJ7WOYGs+8WZjHY
+ Y6GHnThJcZQdExVkLU/LqI4behM9rMWIfLuvIq9H/0JRaaUFv1HPIk/txpTAiesK
+ /u4qRzVUSXF7C98NS33qN4aOG1twRz0VcETt0KGSTCdQxQlnAnXw0MUaWIr2Xm26
+ NVly12Bfnq5iWzIx2oR0RDuD4k1TWK79+Z2Ne1h06VYTIEqxnjMrXna3aKGG2f0c
+ 0P6u0Msf8FxUXEl/HtRLZHJ9v8FoSE+qi75dOb5tsjXRCIKLlNetHN1ZIVTPjD2j
+ 2jftyIBoLe9FVdMkjhAhfkRG3nc1bpDm3Fz7LNHjr7h2TAgskYRctRCQ0sLUm+U0
+ VISkoFe5bQgln9igqaVmLOHPXLkAE0pOH0gdyXY4bYUf3CqOgvgdRRHAstup8yRE
+ TMop8obh1JoYPy+gx2jnHbr01lTAnbOqTBrnq85dh9QiZ8RD57rmmQCn334cfT/S
+ XAEWF22JjcTJ16SUDzzM/ifU7ZLn0/6S/06mvzzvc5/P1j13HxoQy0tQnYH+hSSx
+ vYs/JDWdtDOLyveQGdjEBv9DCajNPciCpvIHP8kiEIgXK+eq4ULwgn7qHUA7
+ =5J5Y
+ -----END PGP MESSAGE-----
+ fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
+ - created_at: "2025-07-20T18:28:13Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hF4DQrf1tCqiJxoSAQdAgrc0PgCemUNp2H9DlYhzx6YOTxe25hl9xXUry1/7UDww
+ GqWflaDgbQXWAfJ7SRg3/97xvVO2PvRZA0dSfyGZOYdJZI2DQYYmPOP0XBjGmj5e
+ 0lwBC405oP9jUhH1vqsZ/gNCQfmBF+K7+AZZLs6PMYPMbYqM/UwXYG/1PQ6Nsgjp
+ WaNDQdhsgdBF/3f0G6dMlon5GsHh74UZr25m6UnH/QXsGUsz99YC3HpYqfZ4zg==
+ =swyG
+ -----END PGP MESSAGE-----
+ fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
+ - created_at: "2025-07-20T18:28:13Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hF4DzAGzViGx4qcSAQdAojcnJZkpCUbE4s+WspGi5Eu7umXR1CdYzHy2PeO3cxQw
+ AlPyrJ2Yz40wMB193w+7rH/mmtDJ+TQR7JdtUyjFh7qmTGHR3C+PkcxcMZ4f7hNo
+ 0lYBOsN8HfiXQRUz2OskzM0nohP41Y9+GJd5fZRPHMUDoXuW3vxVYlvHPs+y7b1O
+ qW9DN3zJPiDh00qpm8bL8Cj1u2XVvg53Yv6FIPbzqwnAWGIAMPY2YA==
+ =Li+p
+ -----END PGP MESSAGE-----
+ fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
+ - created_at: "2025-07-20T18:28:13Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA2pVdGTIrZI+ARAA6LhhmYQ2gafJaLJeieaxVcH7cqanMdP+cWIUHU3vSL1s
+ pm45DvU82PdLot8tXVpiFE1h+Tj1NSFK2HQnyxZZCTp3WVBclPXsDM/cV/j2Ti15
+ 1y40CEHCmmNyiXWfe1oknhSd0hhsFXA1XukkTqGJNO3lWLmvxSOHcz2pVhLDZdFg
+ Sbl4NphVeKSVDthfgxq54MQYSkpQ8ad5Pu6yj+xKog6+vy2kPb4j8OGAxvXufs5b
+ zehTw6y3v3R4tEWIOhqijzxYEpXfe+CODvos/ktlBu9JRz2FxBhDKynADalgPOmQ
+ RKBy/UJnb3AQKNCqDPMtdAzYgLbjusgtZCUqNgNwXhosB63Wp2G1lwl6sXpmeBvd
+ Cwo6Q0XKNMupnYk3bLpveKTJEuGiZGkpvmj0aNEX08JuROYOIcu/8NAxD4ElY28Y
+ H58qduuiiXKmCz9LAZFmMCll9z93UzQ7G19yG7CXERwLCp+wtftcKks/K5ZMxO3i
+ suX2kydUi5UiaStLOrgaUCwAGLg2JQtOUlf/nvoxu5YHUbKwbXJ/SHqCngxoyE9U
+ Y3ZaicfiNyQW5tI6N/PVdeC0cvIp+hiaMvHXRNNehVL2Ac6yNNUF+X5fU1bzNqgQ
+ QMVIf/UX2ky9mjmxw582oOCASiBxtCQKpVxgRy+ZKqhgcdF0Rn0hp7O5arvYB7HS
+ XAGe2uopSmnOmDt3L/wOKfiEX42nYqhNgMrgJg9NcLHyE4ofyvEZrOtztSK44aUW
+ WwsG8izTHGhgUM/0GWRsqy9oZVmDUiNcxzm97n7UGqBZPqj8iHVGHCMqpLST
+ =+cIy
+ -----END PGP MESSAGE-----
+ fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
+ unencrypted_suffix: _unencrypted
+ version: 3.9.4
diff --git a/inventories/chaosknoten/host_vars/tickets.sops.yaml b/inventories/chaosknoten/host_vars/tickets.sops.yaml
new file mode 100644
index 0000000..6dfc627
--- /dev/null
+++ b/inventories/chaosknoten/host_vars/tickets.sops.yaml
@@ -0,0 +1,220 @@
+secret__pretix_db_password: ENC[AES256_GCM,data:kAOUjT7gw0FDqO+xt8m3wAhOGuZTS6zEIQ==,iv:oPAxDzz4ellT5MxUqw8/iBYyiTMf1b/Lddj5E0iIhWE=,tag:r3OTmcSjNUETEmOzxsMhxQ==,type:str]
+sops:
+ lastmodified: "2025-05-04T14:08:33Z"
+ mac: ENC[AES256_GCM,data:gyf0gBed5K3sEk0bTBPbNa83QtWtoLx+NVp78KrxxfyiUuPu/5ziWPKHDd7o9TQvXZnQ8isVy2BaTTwR6tK4AG5+SO2ffV0a0/uNx3/jUvh56zQFwA6LTviEnR3vKvKPa1GH1khojaCkyMpYkb2KbMnbrGIt8qqqDcwc1dMVv4s=,iv:7oPpmfeAcWttEaCOiL2WocbhoBaIh0Y33OlCAYjq98w=,tag:KTN+7sxOYEfxGwB3OXvUIQ==,type:str]
+ pgp:
+ - created_at: "2025-07-20T18:28:14Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAxK/JaB2/SdtAQ//ZaLa0jFRdraV+dQbKltTYi3U5RCebaARIe6Zodux1wNF
+ nwiBpuTmGsv6zlMhisLCuvq7Xi5sjsPgxECeHTa3iO5vFmAI0FZ3edxxqO8hSzg0
+ 72C31NGvXxvXOmiPRSE1ICgi2d9QiEo9M/XIoYuH0KvfgsBtsGJizf16qRoZvV4x
+ mZ+eJhVEnrXhDAMW0KkZnuCA1p2+02ZbldEv1xO9gcDjGlJNlOmFkeQSw7YJMSL+
+ 8i8IP8bu+P04vhQ417gnTh+J2FHB3dOGyS/xDkWkvm8eoOGHd/A9iIdYS6U9IXRn
+ 1cKtuu+1WMy1tZI8NSRrjjCPgA/IKAtRsuvQW8SPD09Ry+PLGmPNDD06xWeruj7i
+ zGGBSNLudQerlcgI/jXpfa7cY7J041DIuL4LpjU31qfj3LOf38xoncgKWGp9y1Mf
+ qmPgqjVr1AQL7TaFCBs1RULs05NZh/H/aB5LySGJVDklpAmsNI7EELuQY+uLDul8
+ z3RarGJQNHHpgh7bVr/2xnX5wxnPDKTxZOX28cx60xAdoQ3YteN3sz746eVIpLy7
+ RknPiPxbLADMTDvWViXV30NBxiRIMZMyTzV8dDVybMP0HVsi60oUmt4dTxNTUwc1
+ IkJAsf5B3Gvj5QpxB1t8hhp0VGp9y5xpCIxKH02WsYD46Bk5S5GK3yfI+oWHGhTS
+ XgEUfid+nmHsdOTwLuIAcg94hpjb/qeNIZTrFu+PLv8jAXM9iZtL80TY3Z47dBDD
+ TFL5VWwnN7JvtlFAXZfdDF0Z7Ds36mrLkyP5H0HlYySfXzXRaom1X4Zoe7rdOYc=
+ =irhU
+ -----END PGP MESSAGE-----
+ fp: EF643F59E008414882232C78FFA8331EEB7D6B70
+ - created_at: "2025-07-20T18:28:14Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA6EyPtWBEI+2AQ//ewjkGZAOs4fTiGze7L5CheqqNUbpGGC8GGwc7XNWWDTH
+ MzHw473nF2m47qxDlOPkuPaSiM42306uzLkfVOK78ZF0yR25ksWmbsUMQmjvmiIz
+ RxhN9se36iui57yTZmgklwCZHCGgH+Z14j1IMyxyjwYnVD/keNT9nyHaTXWkJspb
+ VH8HDIdUWRTz6i3lQFTU8ihsUYJEDfGq4Z/sfGGdawHCdycq/X77Wks29PkX7dsT
+ /ZWQ4wDShytB9PZkzYRuQGxe9uyI2ULGzox6DxCLiorjbWvu9XCk0PyGGd6oCYTh
+ bYwERBateIUGy5MYKye4i6bh+d+OO80jOz3MgG5WhNfmqboywi/sQ9h5/OQStNAi
+ isY8VKyqgvQMbOf/AMuBeUClecFhDDZnOHspHPMUwnvpJ7cSni+n2fB1Ng/j/sVH
+ Sjv8CTmbPOqGGSDO/yFXBtWqZa+DwSJog8XUgc08JUfSawKtWGbQyHsRZ9NPF12z
+ xtILWkYOsetA2rIz+C5L/E1linyj3QuEXueONiducFhC742dDJc9RY1+1ZfLwkoy
+ kgZuxhItOdBOhjmarK9hlpOErc6d8UiDcknrfHdOs9sZCaM1I7EptJaYMkn1Of0p
+ 0fukUpolLGAsOOphwJyaF/7qfWXmGmUXD6B/prYo0MggnGYZ7NkY4ja/MnpoYmTS
+ XgGrkpFRNk7XdrOjyV9+vYHOKegNpoKg/SORi810VyNdY5UrgeuZGRFopwY+hyR8
+ ivgndYxqvxLDKJ2IU3LTPn510slUAKrnuaSLF/ATTzIVxBtVWzxNB5LJs+QQiio=
+ =vF+Y
+ -----END PGP MESSAGE-----
+ fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
+ - created_at: "2025-07-20T18:28:14Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAz5uSgHG2iMJAQ//R8nCAozvpPk0xalyBdT7rmz5veN1JQmJ56MeNe2YjKVR
+ h+VlisHyv2s/yblj0bghfK2Q5FsCqaEJu040XVjIh8TnmQSM9Ze3nso9Ey0ai+ba
+ 42S/4cXQs7WH44n37qyrP6xQoZpFfahx02FuIudQWe4HYzkKBYsKh2izdiWy8ilK
+ 8AKalfHapVilzmvVKIDXTFPfRLwXdvvqHQ4rX1lDXnaACjvvR/Xvc+G9pWTHhJbp
+ EP9UOx5au/xXoRoqqLYgoMZmVdWOHHR+tehQIxX1GknC4qjEcBNpsPUCBHPbzP4V
+ Lqeyi2w5ySxL7KVV3yJ2ftuZcCYQoiiH0FFrT4xUQ4MYdpCscv7goJ0S3XIw/5SM
+ TQLgIO7NamKob8ib23LbukcZRVK1UJdd42oZkfZQ91JZg8mkH7WusEqSLdwrYi58
+ 3HpO7danYAiymcZqjDCMqq2QngzIqfnjUGUFjECDDVzXaD4aChy7ariPKbJY2cSM
+ q72QkDXPDH5awhRUG/wGVfg34YzM1wBREkjVna1KI71jlCTGJoSFNyJOm/FGxUp8
+ KY8Vbd6rPT/bTKa4zr8xaDgMra06sD/19IOFeLYVIA6hRTQFvnid1KHflKmqf6wE
+ 4DLxpBZ+htwlRSEQBgN9F+BdZV6AhSrsyPB3RTDvcX3/brsPM3qDzSpvnjA2PnLS
+ XgFSRrF58OpmDVIBNJqhZwk3GJrfHMlJCAESbQhB2Vt2rjYEoJFIezl/+Pd3t6U1
+ 4RZF9ztdreWLDTwaBd+Y/emSg5y/35bs79WUroFzLPHfKK2TvSv3kXwmD/agU20=
+ =zN2U
+ -----END PGP MESSAGE-----
+ fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
+ - created_at: "2025-07-20T18:28:14Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAw5vwmoEJHQ1AQ//YJRu7a84M4Aw4psDj4D1/lgFCP3Iuozn4uIrItau2sfB
+ UxVHoUmpis4AETkG8m57JkP9x/uL0Rffg4/6dHeWIWBP5ivhPQYT+VhRuTzhXSm/
+ MmkgYwjsjhKyMQQoqAoR3D9o2pP7xLojIk3nf3rCIaLTlI2JRepDpGfGJ6NuHYuY
+ 3tL4c9aUth2S5Nyu2gptzIURtjj4zxvz2H6664WwhOFwGdw6DQFncTWSqCGcF23z
+ z30yXUhl1/tN28GXKk+94/EFrrOTvmJCkKao7gQuG2kyyY6QmrbHrHB+roxL4B7L
+ HAAL6YT+bf0HYhDTM3pQQiVkmgnmjn4TnwOID1pm0SH3uAYWrYUQqgHtvCzm0i4h
+ kGPQW752BD9i0LwiENf9LPR3gbnWuYUu+Y2DZ1NcWnbJlrfwin0xzXALYYKW35ua
+ 7LtfGcgn1qpvHcEGB6wcCXUwXOf3dxNZD04isnHnXbpIh2lnXhnlWQI81s3IuIMc
+ HGnEi4/wiHNEVtAcvQ/pgfZJc9zgfPR/qJCHJKbLgni/GjJpBSPvd36FPGwfGKcC
+ Q/Mvx5nycoNondF8wI0cVmkwhPCXGJ/Qbryd9LAZpJRIGcNBtkxFXm6IEaHdeaf6
+ sQcrkhANjs4/dEsd61GTnVOMnGOqVHS88yUmgEZIHz9JyK8Zm2WtflSkGlgIXG/S
+ XgGN/mFrC0v1oLQwAMrGq2nNrcOZD38uE7UidnN+MRgfz0h8nyS76q07mrlnqh3I
+ h8wmb3iYgB4x1iSBR97uw+h9Uvpv0pc2oDv2CzKeG+5IcgVs9RCwt6mrRsgt5Xs=
+ =a2xY
+ -----END PGP MESSAGE-----
+ fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
+ - created_at: "2025-07-20T18:28:14Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hF4DerEtaFuTeewSAQdASqL7jPR42Su2gfaIPR7d/yMSKLr7AAiUJMW7jz39A0sw
+ 86w0HyFUh/fe5DY2VGhYg9Fw90I+tNnSPFxNjgEClosdUs6FBe43UvSxsNtUpg6O
+ 0l4BqTuQX4R+nTQ1f676JRT6xIoyO+N1NMq7BAWOxrkte4nCAwPjzK12Xo4IwNCD
+ /hzfJTdYonnihE6AXe9eoURWa71j0ZpVn7G+m44e8j8vXk6Ep0AI9gtYqXo3EQ3A
+ =KlAv
+ -----END PGP MESSAGE-----
+ fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912
+ - created_at: "2025-07-20T18:28:14Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAxjNhCKPP69fAQ//YBuWhGfl/V6GvA3J8DvySqzKGDMgnfxh+LTeRBmeEDui
+ fPh9MOqg9hOUEYjmJMh1WH5G3OI8e886SKZp0YN+A36C8Z7xwRnxeO9dbtFRt6F/
+ bgb6RRvZMYdbu/vgJs4OhbL73BhGPbAs4+DRtrmz+Gbrn3Sm0BaJ63zmIzahImqi
+ 4o9abLPBrB2JJPqTHo5F5PnruhLLsaSqQ+uuTrDrwBpwmPQmPD+K8/T4yWgvcAfs
+ 8bEtUmRQ7G1GM79nGhdK6IQYCGAn0WE3TAOLJvUxEiv+9hYO0YSYuefR4AivyzQ1
+ wmO7qWlqY/hJzylaXEtIyYVfN4F3YtkZwN3wSx6UHg+d5814aUPCLCi7ftdMvwJX
+ y5n72Hd1qrIIu38MEG+Z+2Z36KKv8ViK0aKG/6BBBw0BpQDktMHJInpaG3LJUCjt
+ 3ayajKQWl4t8g3jnmwhXrLZf8JFbmGyzjRq/GqOhlJLvh8W451xlI/jPJZcY2oVG
+ 4jd0x6zkG31fIHJ41qOs+2fJaeh3WUHv2jAgISuqbEoEct+3EzXj7VNSGM1uB8oB
+ 9pUP1AcoWViHhhVrbnr+aqhyQDiytID0tf+Fvddpbgm2ECDTWeGuIrzoPcYYC19k
+ 5PuNQP5u9W/zHKOLXSxs/wTpoUr55OLBxd4l/gUTq4mCZ/1YFqSDUNrR28hfWKrS
+ XgGwy3VspQj1GzFz9zJ44S/tKBI5bRQSslZfOgv226p/XdBLleoagltdHEeFdbJ8
+ wuPyOzxqWa3U/iBF+ANHjz4VIzKtObFBf4R4X8hYXSXkbko1k7W8nD/hziP0CTI=
+ =lsaG
+ -----END PGP MESSAGE-----
+ fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
+ - created_at: "2025-07-20T18:28:14Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA1Hthzn+T1OoAQ//XZAHFWGJZL5FxHtR+9Q+Mfv+1XYsiEii7TJPFibcNB/X
+ YDxbuJ84jmueCqCLX67ISVPBYk4rIA7qk6+qWxAqJqbOFVOq7ZXZOIZqVkViD1Wt
+ GBRq44yT9HFxi60YN/2c9smUQoxMus5VXNUzRUxJiocEFjD3r2QWaE89KDj+gac7
+ 7xO/zoqV3msfZe31qmVD3sqk+EtfKTxmkHXtSstl3fZJGak4RPUwu0MMYwzbui+H
+ q05coDVRgum4kpUSJbK63S58/QkWYGBkNg66r4eXJlg+Hb7SAfS/Sn4X0xJuflmx
+ OKgl6Z0ds1XsoZN1S9j2/DT6NhlV+5ZoibEyQYLbOIQz74aRt+IRaAX4oTG1UO0p
+ in4OYtsI+wOnSfP60JW5lF9JUHaOaCDzxWaFyeYpw9ymMyfUL6cFDiMvKQPTONXY
+ DOKVH7ejCbsX3kq/tWr1glBMeb+5AjQsrkflG5oWbVNmSfGPQXxh8HDDr7zkwdHa
+ AeNqN+b4kh1HPBohyrocyjXQcRjD3Y+j+HWQIfXFmoNMRWGATM83s8JQoTab9iO3
+ S/68vFvfHYw2ijjTBV4giR8Ch3TPh20O01/UK1FbjQmrwWM7Z0WWN2SY0mN3wBdS
+ jTJPuXW2v84dZPUE1lWtvedaT1VLUI/9x51iXYlHH5obQSRA5Fli1zFXwXEagbzS
+ XgFMiyXksg42jTdT1UcPrptCeSoiQ5nBXcKfEf6d9PAu75u/MvnVaCDFO/vGwwRd
+ MyEx54Lpmsh13tXh4NmVW3Pcy0x/4Budu9SS43mBqDkjOcsXWd9jmlPK74+QuIs=
+ =R/9b
+ -----END PGP MESSAGE-----
+ fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
+ - created_at: "2025-07-20T18:28:14Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA46L6MuPqfJqAQ//e089t5UfnD35fbHpRGNboywPjwRxvfAb4qFxZZ2gJ0C/
+ lLGgL3R1vDFzJyRJegPBVpYJC4Yx//wN9kyq2sqCWe+ePrtw7f+xNotzmd1UW1tM
+ mLBSIt7o9JIGWQ2u23u5khKalL1OYzgb/mezGOsvvz/VqGyJbkm7wpy8FZn3408c
+ d+IiZiMzh+wxaS1CspPwusVy3vNL7/OtA8jiwv+wM0QKsF+BgfUAEU+Le16CE0AW
+ kbY6Pkymo8mql+gfBOslSM6B3Tn72RjRxez326Us82qKWU/bCcUcCyoL4Ddv5/Nk
+ SKc0WKWGcQ39XiBuTssModlTGonihi+BqxKlvKT/QAYYroRMC7vFNYqG7inn3c0N
+ cShjYV+zJPNdlXeiz/ZMs5TpECBIcMEBaLMBAJHkLLjb7PVH88BZIcQ5/odpyOGs
+ pXqQ6pnIJjg1XlqeEnHRP6WtSZu4U0wtuaxNWNw0CnsGg/meTCKevlzN4OpuoGLK
+ 4/2vsUzOk6Lq5CwNtG6rg8XhMhb9S869PJOqKIopSCjklcU08SfxwcUZiBKLyhG3
+ oNHT59qbSq3CtIoap+VcpnqmpLiLAhUXoc47ISCd3RP2B7LE7j1Ls3OIESKnl6d4
+ mvElwAUQE2qtWRr0I6ypW0M2Nf+axY6HpQqTwE4nRBDA0+ZN/Y9LZHW8OEZ8sGPS
+ XgE1SvXOZsJfR1r4ndxQf2SmahezpSqrO1TT2oz5pVBQ/YnmAp9awZ0B2wEmw1vt
+ am/9MrBKCXjmMHwa87l6BaqwvnCUPRa9HBwVkGhvCvLAcP8odmhmgjUT0TErkFk=
+ =c/aN
+ -----END PGP MESSAGE-----
+ fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
+ - created_at: "2025-07-20T18:28:14Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA4EEKdYEzV0pAQ/+Ojy06RopB8cWxcVn9AXbgX7LA00vUVkbOl7yo0hVXZbo
+ jY/vvbtd5ju+ggtn9F0H+vunV1ulJidMy4C81wfofoy68Iqok9u5g7JNxK+5k/5u
+ 3xfz1v15Ino5baSbBKsf5fTDtZkBUOPiYTXJNtIf6RexTaLlveqw7JamSZF7YY0q
+ pRaxx5XZBY4QBoWliIhuzr0pPSPSM2gBxG4PNOXwEwfVJSJVZKulyDVtUhT0DorG
+ JAw9qqS/WcyQ905SY+YZV4jlvf9VNRIWjw3Zql2o9IK+MzX7ot7R+E+03k6Pr6kQ
+ m1SagYKaQXwpViAa5w28X7hIX41Umu6aeEgCi0Piw7cReXxLSDrLVPSaIqT2LSfv
+ ov09IravRf62rp0axeouUZNTNb/lSWX7T4zv9T9J4m3Pu0sEPB877BPzcJxLCTsg
+ 9VOIXbZe459Vay4GbVC2Y+8aSbC4HIrReXIlkfPOy9gCSpN9SMMqRlU5Eidmz9md
+ HlUzeJfGQs/9ZLiEMS7Qk1Ns4U5own8qmf5Q0m7E9Ho7LcV/XZhVk9LO9LzufzId
+ qoC9r2apZjSLrvAzNU7lVmCbniK0LZ2GhGeSD4mDs2CcSo9Lxwj8Zas+J87vph4T
+ js0FW7f5cr6PQLfq2wwTtK6PSYmXMM0M3AQ+EGwzFvc5aD9dp45Jbq4Tey+xVqfS
+ XgG/zmZZnCgHYBqN5zMld1/qleWJpJFxF4pT14fKAioBUUILrAgo+X8Ikz6llDSI
+ 1byxlPT9q3NgkjrdkegYMIg9rCYNflX54jRfeOgenlMjPzZB2KbdPE7wFmHWl10=
+ =bKcs
+ -----END PGP MESSAGE-----
+ fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
+ - created_at: "2025-07-20T18:28:14Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hF4DQrf1tCqiJxoSAQdAXBiU//ksELwICDAN/c+pT/ujVFTVZ02nCKoGcgtMKVMw
+ lRcegt+kGVNPIx0h9JstIuLHO44/q6V2yKgsetC/NyCkSJ5tulfpuUnQWUP7rCjK
+ 0l4B3+ttuIDbAdJ/IidXZIXBlHh84OQDZCz/La8Q1PZm2LFihKCWtmyp2SA2hruX
+ 1KrzJYRrp5pBGPgga0V75FfFcZrbtyypESDoj0cyRtGnh5TJSB0pMi4RAlhow7k3
+ =nE2w
+ -----END PGP MESSAGE-----
+ fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
+ - created_at: "2025-07-20T18:28:14Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hF4DzAGzViGx4qcSAQdAuaqVtpUu32jS7+N6XAZgiiO9YZccwXlyVrdtBD0Yhh8w
+ ieJT+Cel69Ewax4TsMmBhNLGchI+XIGsbGymSjEpXxj48gkW/z/bRwhJddPb3kFz
+ 0lgBSKVyrRVaG3oRmSBVYrK/RovA+GUoatm1z4eD3twxVKFS9DcPjks51MrAuZ5t
+ WqV7WAhxXQ/jOAFyNzpV+qWs6hZKotzCc1CUc11ov8Mag0zDnuvMKH3V
+ =+xgp
+ -----END PGP MESSAGE-----
+ fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
+ - created_at: "2025-07-20T18:28:14Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA2pVdGTIrZI+AQ//UASU3R7l9DtANEukI5MMmxq/voPtDxTprhGhdtvg3RQZ
+ OD3cfxbNbUypBlPh/CAPpwbmWLeW7ooGPKvkohpDMYb42iyL+MQCVq/dIbMrYcJt
+ y4Aof+uUJVmeJhPcYj7RDZULjPOvYrk8ONp17BQICy3t2hthcWwF2xvX6x8hzYUR
+ lPA3Gle2E1VQM+nbT6pkwPGT5mFWlrdGHbm+PpL/nuMGsuUe+VXsXTfZSzKoXEtK
+ uPIxQBk3dzOo0T2FkpjlZOli83cTFbWi870VyR9ZjxEoXK4xXi+5WmutaRb+J4ya
+ 3JmWVUTMkVyYozjXBuCVSqpti0tM3c4aGkLhdYDgMl7VCUJQer+K/7pzEhYxRl7m
+ KjkTNMESdSr/F/6u0ewRTWdeyj5Vtsz9BOHiNpESxS7bP4kiXd6UrxpxisgiiIpK
+ R2wnPviWUti0Iu9FDzT3m3jxlT+Ku9oiVXXvDnjiN3u6129yhlobPJbRn/OHR6QT
+ 4czHAJEXEdzG/TVytjRqnPVd8UpfizXte0Ul0awtAFKbC0lgFwQj68b7CN7vc1Er
+ EmnS/7IO4aLxGoErdKUDZAZElF/ubQNeh9rDfcAX8lWsCVzQQ43xBkVSBmgjF+qX
+ a/i5U5yLwNs9SlPo16cfSMd5AWJjT65Sp4UKFz5yyfwunIBRnZsgEkBw0FgoUorS
+ XgH7jq6XOsaVhtljrGFEXgK1i0aeqaj8kEx16U3bM5v4rSmDNSrPSRzvFQ6+fGYs
+ Nk5Yqfvz7BhR6DJB6DyGXw+b8lWQLOr/pllC7yQagtH2PKYfebciPT8hXYlUfcI=
+ =c/NG
+ -----END PGP MESSAGE-----
+ fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
+ unencrypted_suffix: _unencrypted
+ version: 3.9.4
diff --git a/inventories/chaosknoten/host_vars/zammad.sops.yaml b/inventories/chaosknoten/host_vars/zammad.sops.yaml
new file mode 100644
index 0000000..a00ac6d
--- /dev/null
+++ b/inventories/chaosknoten/host_vars/zammad.sops.yaml
@@ -0,0 +1,220 @@
+secret__zammad_db_password: ENC[AES256_GCM,data:ThtJngNvMc817rvbjMjjbnp1tBlXPdAg,iv:GcQHc7p5jFcyxpTcYsUOA8PvD1Qy5HxVZXHcAuL19Uk=,tag:UjVxYkU26/zkBL1eKDfreQ==,type:str]
+sops:
+ lastmodified: "2025-05-04T14:11:05Z"
+ mac: ENC[AES256_GCM,data:GNOhRrJkLTjovRO2cZgeiRcqB3TE2sWxD220Z8GynoUV4pWS20vOKvaqwxU9seuD5Msxd05JzLRVTCtP4La6HVSgDekoVYKz3SLmdT2Hev+fscmfr0uojRi/5f+eCqGMBEy8Xs2Y7AzIC60iHqX4VBBn6FgkJuTyS50qn1akoGI=,iv:EIjJbb0adELCNBoRsdjsVvN19v4rKCiVmxcCAcnY7QY=,tag:GzqchqorbDN33+SfspGT4g==,type:str]
+ pgp:
+ - created_at: "2025-07-20T18:28:15Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAxK/JaB2/SdtAQ//adiHGDXIz24INvZMytpnO1LF74Xfg6Y7g4namdypRQO4
+ fWgaF5dFCEMr8WGbjuk0OXDzUnkAgVtjTSkhZn6TBMgLlUzDabRsG9HYdUeB2abG
+ q2gwyybBUnbKhetJXdcbEXFlQYWdRhv30GWAI/E/qLUdhhy6v6KON7ZHR+2UB/ob
+ IlPI02h/q3MDlaa5QObVgttz5OLYRS0v66DVTNTHL5qydnLNjAOOu5v5WNDHL/wI
+ CvPhnZ2bwiIK/A4XQxGCQQUo1uMSX2CkNkmg3rXK+E9n+kgj8yKmKLm2ckYd6f+z
+ VOiiKVHJT9M5LDTdzITYu93jrHsYqZDdOBBjk/MVEGHoQ3k1Wmo2ndh92W45eEdR
+ wpRGkrggpV/Nanil3rEImWOFee+Yhhhw++l7QCF4vQQ0OeGbPM2Gtt6ggnxnKXtT
+ E22C76DF1Ouljjo56r4G/P9njSN/yJyEpiz0IWytGEGhiVgqMnXdxduNegdLQI6t
+ FFVIaFz52Q4/oGISbWuvLvlDzNg0XQE+/KNUfDiqj9O0D//UW7+bs337XMfo06Db
+ eofYq1+uY0c++CBqlBTUW7RAKf4ik80DLy650pMWryOKWU+e49O2wyPl15ZhR1Cw
+ AdVmL4u4rWYQ5bWUKd1KMBzrF6z9Ijz6xWe8I1JXg0Fw21kqk5qAhvm3Ry05O3vS
+ XAGk36zIDvIa5oUx5U/hbT4pTiB/rT5PDiFjFrb7V5JVQL02CC7uxqWXk4ioYfGC
+ DwmygqUzPTr1x/KexvtNVRmCv5kQWmzf6j8Egt0CtSYi2m7JSaVpheM0H79W
+ =csYx
+ -----END PGP MESSAGE-----
+ fp: EF643F59E008414882232C78FFA8331EEB7D6B70
+ - created_at: "2025-07-20T18:28:15Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA6EyPtWBEI+2AQ/+JoUZC+RkuWmPEIPj3PJkyYBVHaX20gY8jHf6BvUCjoRQ
+ 8rwhXohbPFbxiJN9bdWdLxuG9tRgg1lQcK4+Q/bq5sQIVCAft0Ulu26BKN+dC8Ka
+ qv2+7aHws2fe1v7cCv9e4dNkiWTlfu2RHJw00qalxfwOCCrSQfOzx1jCm4xnqreU
+ LHnzhencBzaYirMMv7J8kzUSlxTHjb4OzV1Dd2Rth8YNZNGGibw9wnJAr4ZTOZjr
+ PdjN2q8FvX7/xOb0l9hQ++Xx4+iIkyD+WnvlrI7aPZJn1GP1psYIj/n6otIWcsrk
+ LOmDhvhq6GFMht0ejDyZlNA7ls/JB6WQ4sx4pWF8MGycuh89HZJp/jfPtgob+9Db
+ Kq/uWElypzNoMIxw8F4TKSs0w3vYV95tPtzxcOJew3Gs0FP8MbyWhU8rjHXG8Njj
+ Y+KjEVlekl6TZLMdh0lewyQxww83MQLR106iw7kD/iAlgZqnsEcZ1IkCTrD0drKU
+ +7AyFT2lYQmT+3h2KaIrWnBq28EIKdf0SQ7Ap1w2XlaNz3BFIDrjvfH0Y+NCEkH9
+ CKOaIowUyosMO/liQYWmxkJCUsSFEIjHypVKCwP47NeE6JRRpXLE89OgBRpuz27X
+ xKQmRonQlCvRMOCKr0s/HulQ4wAc0vK6H2BNqBevCDQQOUwG6Xg9I1aFV54OGxnS
+ XAHy2dhsIXkbvUsnNVynbyw2YaktTKc09Obfu7t1e5AH4DWC0YbRdSHE9LPRq+Pe
+ 88q6vRz0Wvl6B0iqvzF+ckV5//Mm2bBAzdfCC0HGyriV45FkFwlCP5gh1sRY
+ =uziZ
+ -----END PGP MESSAGE-----
+ fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
+ - created_at: "2025-07-20T18:28:15Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAz5uSgHG2iMJARAAlY46gigcH73HsaXyUCKr50AVUw82V2x/roiGRkEd60Eh
+ x/qZzS45jYC8ngpXCusW5UuVcKjfwwoPUSlDU6XYWi6UCQJN3X+AskG8xAx8d/PM
+ vsgy31LKqD87k9x2um7MgD4MUuKvUzrXyxNpN/fUveXZapzOLSEOWyA0qyB9SkAf
+ BMuI9NY84WtxzV/C2QWBCoZxAwsexBow95gFybDiqubZZnGQ34sU0M+Kfmuxpwdn
+ t8AOX+3t61jiU1Vq6ccGhcFHjiSUbb3LAGb/WPzzjyrsk0beMmWDnguLu/xuFFaU
+ /J2CcPtF7GfJlnwSalB2VVZa4Dmoo7Jp7j+lTVkOf/KTZQqRS0cNr4bF/qdIo3PL
+ BMxyOQwSoU2qpjc4yyczjNJLaYi3bwTlHmO2JQw+fus8bzvC3JO+ZywGcQG+Qc9D
+ e/Ajk7r2wnOPy73EvBdlMyL3n4YiCLW0uedtP+dVloa1JZtuI0yYcm+Sitzez/As
+ U+5zgjVwIIIrbx6Sd2rOG3ffZiweFPO1oWh6QotGyIwaN7ub4bLbjZ4IPEOBFstF
+ 5knYUvI3i/eIV0VYv6+9mzNHmNrICzVHJrdu7k4t/l89APb2RJQYXbyyPXJYXGEJ
+ nFtEbPpGaZFdgkbx/51vLRQPr6NATjO0XucfpUlPBmITzm23UNWQZmnwiPQurCbS
+ XAECbK3k3oFFF+IFrday4yH+bsEBJmb1fZqgNXUfKYi54/e9vvS+h9ZiYeUat6e2
+ eunbb8DpLWvoTXbCIdjd1X6ewiRk8HVCW1//hKqZm+q9pq+1qtp6GXrccigY
+ =keIA
+ -----END PGP MESSAGE-----
+ fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
+ - created_at: "2025-07-20T18:28:15Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAw5vwmoEJHQ1AQ/+ILCiAWOp+/M8fEmyj1HMIU7eEh9zZJxlVAJtNCs8vBqq
+ N5nyV2oHGf7s5N1NcGyYYaPEj9A+fTBGsQGNH9vuxdsAv1TzOjCfuJoTaJbS5mGr
+ w0JwUEi8pFMNrf/IPbFlDTpyOKVFjNJM22hkAU27S2UuL7O29nXkULBRNMChdIJn
+ 8+9LSPdbrV/ZzNisRvf9UBHN9TCkrUgTxPC/H0IKMFfniAr+O+Tz8jHPIMHYcQTi
+ 8GcYJBXz9q+oKEGGEoAp6mLGR+qS39aQk9nWMekEAFvxdKrNqNplXRnO7b6UrYNo
+ ZJuNL8rnb39/tZbTay2+rLWTFrjtaMye0MrMSWF3iYLMMsOiN+AO2e9ij3tRRdrr
+ S7bO9Z4UUI1et9qlZ7zAPCIMCjzGeY6lCXaQzdV3MRKLW7gUDD0ZAMwHzugQ2NYM
+ VWEGkn+i9FmQJnF9fMQ+rmbKfprgjEw4ihxux7Sk46pu9THBvz1Tk/oXIVNBaMMV
+ j8HNbXJSvq8qtBBBpEIvyhkIINYsSxNuQl186CxAkxLKLqXmtmdemYRRCrrhi7C0
+ IP2G//QQgmMG+G0TS9xtpbP4v4sb2sl+90ivMaEOFrkBl7EZ14dHt/xVRchbx6fu
+ 1S1aNo90fFVBd07WJTbRBlWqLPm/tDXgXwaXCzUzxXsushArhV67wgThhkZKHbDS
+ XAEyJxt0Fi8J29aLfcozFGYyoCouFlWCpO98AX7PL4RRogiClWBsKlZs00t4NsLp
+ 17Z9+oUR2tMC0GDJJo2KpUShrmhgcVRatxZr+SbtpiTYVLlDludGY2f+tfco
+ =6cs2
+ -----END PGP MESSAGE-----
+ fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
+ - created_at: "2025-07-20T18:28:15Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hF4DerEtaFuTeewSAQdAt0jnb3zKN+/BVpWpm3R9XJuyGmu5fMPFfLGrjex3VT0w
+ JVs7elFZRTtTI3dRiIgTMnP0FIYu8Kwhr0OjjmnBScfWmu9Tc+wwEbCra9U62Xmf
+ 0lwB138WLDEtAjBIkqHgoEnGafwEqIAxFotbOfTffcSQU8xr11qSuDkPDEhY0zws
+ XXpGyCTDGFWOH4l/+OZIp4TFAjyMWwfV22/cnEyz7JOlF0syYSnxYmj3Cn45qQ==
+ =MFpS
+ -----END PGP MESSAGE-----
+ fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912
+ - created_at: "2025-07-20T18:28:15Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAxjNhCKPP69fAQ/+MdxFZ8vm8EqCdNHGUSSQLAzZqvZNPR7PWErLimJwYQKo
+ JeYngZWNEJShYQSyFeVsunnOH57ZCWHIsvW1CRsueO8tVj0StR9RPm4uzPRjW63j
+ SYjbd8sCB1jwdOH+bfFP9gbQXB41PxYqFmM7rpnQKUkV+ExToGO+VVGHz4jf3Wio
+ XYskX0bsSp9L+2rGCJMOS2N/7NmiFliIN55pK8s5DTkvLVezo1z0kdpeey6zrmHH
+ WCQb5CdBlZyRF8xwidEpZyoeJcbvx3OmwkeM78hY12eLoNUUqUoKnB153EHX9A/N
+ OCT1vvrbHpUnwhb5qW5JcAJyuV3Vhwo3/cmmInX7smnCfKwwbZdwavuP8cIkv20R
+ Z0Z0oUp81Oho+C7cp0KKe4iU4dkCfLFsfM93nXvvKFheiPCVCfWl3aT2BvAmqm++
+ UpiUeIjCjsyuFwhZRE8st21/GtYfiFF/RMU30UlrtVTn5T31+16Zalbwbsy+syCv
+ 62ZkVCMRc6mGlcUZ+jj3F8v4afy2CKd9KGRWgOa6SzMNTRL4mA//UvpOIJG+FbBU
+ QycKvXGFsz28HvIDfDgwPr0ZjowAmmSdNUTqPEZ22PS2r/qHOOsDwkJv4CGuyKuX
+ Y7YFAEnnzu6Kak9IcHnVAz/KS6w0FMFWENz6irFNNfcnp0JvYty8AXkLdG1FbdXS
+ XAGz3xQ2kKzb5VTsbakd+MTFccn+B+/FOCnEhkZPL6l1K5AmU12kwIRVKYjwNbGW
+ Z5K2y1XI5YpaHtWQXk+z56/olkEluKNB9yqEVNCGIZ4X5DzZgf2K/JsEpo+q
+ =AiTT
+ -----END PGP MESSAGE-----
+ fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
+ - created_at: "2025-07-20T18:28:15Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA1Hthzn+T1OoARAAsw9RZx4oRDPdBZtoLBpTyUbyT8iILC/z79D7742MvYwg
+ X8sqgt0GKVocenn0qcJRa6z4PHRGK0Y9pepmkUthUnzz9NyfLL7hTCzummcTGwsN
+ eJKuAX6jkfoMTB1yr4B4Ex164oabT6STelTr0fBASBZtn5+GHxa2euQnAhg7JO5l
+ gexBd1mDABCZiwyCtVH7Fex1c2qFu7nK3bn+eiRvgjBEJdLIA1QKEZIIdcrOL5Eo
+ JUlvT6g52XvwvHBVjTxPVow83Ewy+Bgg4BY/kJsDZrA/h/hwE+U+kkYwuOzGsKIx
+ k9V13hcQjluJZMznaljrVC5K02AUcb4V61zisn8ve/2hV+3PURCODbBnT/fp4Lfa
+ 7d+uXe4pVLIVrY+0oJznvD3Bvog+o+lIdBvB0MEN4XFQ+IOTBUPNAzUpgzseHN9J
+ vMrJG/xEQY2P2Yk6oIlAuv+PNYCN29b4WzKMAKtSsxcQGKpFuQjXF0j6BQJ9rWeC
+ 5iZu5UKUOW92LZJPl7HpS5zSMjimjdd5fMfTp5urI1+rksZ7vRbMT3t+61y5lfNT
+ jxR4M2KCC2W69Et/Kr4MUjPMYKLQEDPxSQD0+eSf+iy/3mnGXzw4fqoN6S2cEsAJ
+ i1phH7WtQAgWlGYsPTQiYb9jlxOlN8FOZyruuwQ/9iWlJPVBuM8nmZfXH5+LvM7S
+ XAGt5mqDbySHlqqFKDGbEasXYZufjE+3+R1VSnt/L9ADrwt6YTK4dC6t4qxPj5Bt
+ GM45JUrRfpWgj/c6HlI+CooRxkkWOfrkKQl60hBCn6LB9u5PoIsRukzXyp0P
+ =gL5h
+ -----END PGP MESSAGE-----
+ fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
+ - created_at: "2025-07-20T18:28:15Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA46L6MuPqfJqAQ//cbkZwvDFw6IICbo+Yj2UQlakEbLrs5Uy0/4yC7Cwf/v1
+ Xai2ETjCIQNtn6iPSIeBN/u/JaRA4KYyA3qxLrNJdamWOy0J0UuUE4Tia1tvy1fo
+ VkwH3Hoku0BaLFaU3z3eLXl9rCv02cZHee/8yNSxIoIyH3EpBMpuyelBnpptEW2c
+ gX93deWNB28KCNxPRT+b/0VMpnHq/LvxOGKmqqYw2ZSp2a640KaxPo6XFlELnrEU
+ 7+1vrf0d2jGqbv/WIDbK4M1sKV4d07fdCreEfhxgRveWV+PutAM6PZTQ4jXB3Oa1
+ kaA7BeDAkr6ZBIzykW/Jqh6xxh+Xa/t8C14i0z81F2V0eoBpbhBla+Y8Rt5sqmcB
+ g4lHLZaVqqxiK60f4cI2xuNeZPNJImnTYIIsPBBIa0dv1eCQi/wUiZERHOn5F7/m
+ YPHeWRbBqGPUYLALgsDU4IxLgF42ouYuGMgCLMhlnHL3P7cOhw+D30tlQW53jLs+
+ Y5UsU6lv+Gs34O5R7WXpOeL6PADAs9j8kbTEv4UXpZ2gGYMBCMThcJ0PgR9ypkCk
+ hebdpjRJssBTCcjzwncRXEzsd+jvXZrd1WqJgFALhEAIJjM5B6mmsky+3g5wPHSo
+ KJ24yCP2OoS8UEce1RpoKHBqHvQRZKfHzZbWVUkOXoiJl3a/MRGoZzVKKvpzzsjS
+ XAEgUl6lunwbTZyT0zHRjC5Vse0qc6ENIgSp5PEv/Aw14HOEjXYU+sTLUS85UDBe
+ z4hqrRuYqjrKDVhoFsPUP7Wq5SIF/iTtrgOkbrl3hAAyLO9MZWE0hi2fFFS7
+ =nBBD
+ -----END PGP MESSAGE-----
+ fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
+ - created_at: "2025-07-20T18:28:15Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA4EEKdYEzV0pAQ/8C4yuL9dSIZ+5xd+tFFdIzYNrj8cDGpchHEFQPyOmWqEr
+ DHCIh0zidqBfFBhYA6aRLXdt8/qILMd+sd/YVDx0Xp+t7vr5NixXGU5L07u32DRK
+ sk/RD6ftYALp7UNLEVUrQV53zER1hvw/FZerKQaxW4Mf/5s1Ic5OllmTtJgXN+S2
+ wFXkKHztpIk325pcyAuWw4L45aLOQsDCXGxtmujPSjuYDN9Cmk6Fzy57J5GL0yUw
+ uXtKdo0/gRvc5mkOLOSknED0F/wDjHgLp+0X6ul60Z1y0L1zGQOP4TRpokTH9zF/
+ XfL6U/fWG6tleneE6usqEhhh9x/mEv0jl+6yqeDaT+h2idXAyQj1ZGtSEZTnCQQr
+ zO8Ww5JwBprhYTMkgEMqUkBzjHt2HvKUC5BHDCZRo4tV6MIwUHNmWpj8OWZIATsA
+ qkjaG5dLKIR/y8kiAlFXdaLjZYLwQbvV9o/fV/OjJ1Immr64DWdA4vPxJusFx0+H
+ 6GWQOqEW1QU2ua2iGjPuU96TxMpk4L5rUrSlPb7HFbMtSXJ98SUgELpX6cK5X1n9
+ m7vORvs+2jH6BT9M7nzwDGqLKV0n8FGG5wssmpZkYWG5mHX3Xffl9rZ1KWiThNtb
+ q5UzZgj1lrZXY4tuDh3tSHY6OtOEsvYAM/Co2cMOYltldBvBUjCIcfp5jMgkuivS
+ XAGOdaWlLSI8WS0wo20hFMrQ6s6nl5lF7dDA5r15KDyCj7tRDoql34wtGHlcxHVp
+ fbnvT+vnS8oYSna8pnwUKtBPgJjIQALi1g8u9iOcJcS/k3IjwtYbvTuZDqi8
+ =hy1K
+ -----END PGP MESSAGE-----
+ fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
+ - created_at: "2025-07-20T18:28:15Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hF4DQrf1tCqiJxoSAQdARTwXkzDANboNyz6TgFouJT5Cn6wkJL8KzrMIdznBoSgw
+ NuMU4tStbuCfiPYtWDIPCkIb1fN6QsbsFobdoiX3mmjAfZ8zemabizr79CxY9UJM
+ 0lwBzJvszQdnz637vwhTPbKTNdn4rUYvthofHkyKhtPeM8+Lh1+a1kl7xCgjQ3QV
+ 3vwR3HYI5aSpkVji1CME/OeN6yydrwRSmD4v0mpRVLz8Q4+jckn65YzfxqLrPg==
+ =2PZw
+ -----END PGP MESSAGE-----
+ fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
+ - created_at: "2025-07-20T18:28:15Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hF4DzAGzViGx4qcSAQdAVvviZBDa021FiiyOf75HsZOjZeNACkwc4x+G7IqfUzsw
+ hpC9jPCWXGLxdJ3ME8kXRnnVuK+mO6fP7j+mt+Qq/gnsOwE/tG9xAfgbeN8HtUF1
+ 0lYBLhlYSYhrE1XLqxaOY417iX48SQlkn05otmLeDMnz8FVkrKTHPw5A8+NbJH+S
+ /pUzq/YqYkz482UtIvT2NWxjjCFAq6CIoM3GG0QrWUjMXluTcI9+Fw==
+ =AIdl
+ -----END PGP MESSAGE-----
+ fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
+ - created_at: "2025-07-20T18:28:15Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA2pVdGTIrZI+ARAAurFFVEyyagsTeCAIJojju6tGOGo9YP/dnNGm2aCdl8+E
+ AXlvrKFC2syOn+rHTCeseRxWRI0EdBYfGLH2BKKScBOlMK6VtgPV5h8ixqfRozRS
+ HtlLinWxbhwz2+RcwXQ0i53BLWzv0royywkTIXEyhq0AqwF1LQU44CKzWRSCqpeZ
+ 2alZWpzTJyqZoT+cus5PlZrvF+GnUbU9JOdZZKjIHKJ9X/Ol9N4H8euDViomKOw6
+ UZVqDd1pejzgLwkokVgp+IBw0JwEPAd8Nz+6jFtE3wU+mblm1A1Cb8R0Iwd0DAUE
+ L3GsJ9ZnNGvxxYMcC/bsBTfjL3Ywt6htCWBC13iX4w2+bwXtJ1/7s5nejTsASVfe
+ LXJ/viuD9jixjCI9WNbpby/F8MUNv0k9tLTh56CzWJOxRqL+lIgrzXQmMUCkiWLR
+ u76u4EUMvnbM2hZaNwAYQKTKNC1kOJIcphg4lV4oO6hJdZ+q0Mx69F/qBxYhMvfK
+ M4R52beywk+bASQgbtSwysKJkwTXfP6bcJuOhkBwIiTfkx8qa3PmzhwQxwaufb0L
+ xeE+zqaKKufz3h7FiHutIVfWXh9Q6SgoTh2XZix9QAnaQYw5aZWXh/eEIniKoeHP
+ 97VPR7OUgVw10HpYVkuZlk5Ry/6oLqLPEp2ocIm5wJGP946mZkOd327/kXse0gXS
+ XAEJO1jxqfgkPVPrrFRZ1xbR8CrW/BapF3ExOWmrNgZ733LGvyo272vK02HKN4iQ
+ zIUMCpzE4vwRwHVcsd+8h6O2HIuVTbN6FdjVQuFA9dC4Jj7LfO7NILpP6TCh
+ =TJSr
+ -----END PGP MESSAGE-----
+ fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
+ unencrypted_suffix: _unencrypted
+ version: 3.9.4
diff --git a/inventories/chaosknoten/hosts.yaml b/inventories/chaosknoten/hosts.yaml
index 2450ca8..93ea984 100644
--- a/inventories/chaosknoten/hosts.yaml
+++ b/inventories/chaosknoten/hosts.yaml
@@ -59,6 +59,10 @@ all:
ansible_host: zammad-intern.hamburg.ccc.de
ansible_user: chaos
ansible_ssh_common_args: -J ssh://chaos@public-reverse-proxy.hamburg.ccc.de
+ ntfy:
+ ansible_host: ntfy-intern.hamburg.ccc.de
+ ansible_user: chaos
+ ansible_ssh_common_args: -J ssh://chaos@public-reverse-proxy.hamburg.ccc.de
hypervisors:
hosts:
chaosknoten:
@@ -79,6 +83,7 @@ base_config_hosts:
tickets:
wiki:
zammad:
+ ntfy:
docker_compose_hosts:
hosts:
ccchoir:
@@ -90,6 +95,7 @@ docker_compose_hosts:
pad:
pretalx:
zammad:
+ ntfy:
nextcloud_hosts:
hosts:
cloud:
@@ -109,6 +115,7 @@ nginx_hosts:
public-reverse-proxy:
wiki:
zammad:
+ ntfy:
public_reverse_proxy_hosts:
hosts:
public-reverse-proxy:
@@ -127,6 +134,7 @@ certbot_hosts:
pretalx:
wiki:
zammad:
+ ntfy:
prometheus_node_exporter_hosts:
hosts:
ccchoir:
@@ -154,6 +162,7 @@ infrastructure_authorized_keys_hosts:
public-reverse-proxy:
wiki:
zammad:
+ ntfy:
wiki_hosts:
hosts:
eh22-wiki:
@@ -170,3 +179,4 @@ ansible_pull_hosts:
alloy_hosts:
hosts:
grafana:
+ ntfy:
diff --git a/inventories/z9/host_vars/dooris.sops.yaml b/inventories/z9/host_vars/dooris.sops.yaml
new file mode 100644
index 0000000..b3e5c65
--- /dev/null
+++ b/inventories/z9/host_vars/dooris.sops.yaml
@@ -0,0 +1,221 @@
+secret__dooris_client_secret: ENC[AES256_GCM,data:v85gIBNH4s4j36crJ+Pb2lu2cdZpwz0xndHzBKZNGKg=,iv:Rlt6R7JMcHTAAVPiTtFaxqsWD8G5B9Ab3yqItYdFR+E=,tag:dlMHaxTMx3LgOzCsTLUdzw==,type:str]
+secret__dooris_ccujack_password: ENC[AES256_GCM,data:bHeftSA7eC1cSydBRumksRgw2v0=,iv:X/pfsvQPZREifGjHDGx8mVk2TDrlrRVb6MiAr01wI9o=,tag:ti//x7eDbheMG6Hsn2KBlg==,type:str]
+sops:
+ lastmodified: "2025-05-29T13:28:08Z"
+ mac: ENC[AES256_GCM,data:SkqMlgJBdM+CMLE/um7m8V0ni04Xi3S9GovNsADrws6VbSWTX+50oc6HtWl+Kj2XugLfp2XpVnlzggCiq3fePsdt1af2+ZfSCue1d+dexjo5Q/gvE/olKlmn6aj5qiosUsLgu7v2bCOIb9m9WiEhlQLKx1wGiqVNQDabiLOJV6E=,iv:NUUOcXtbg+xMHqthipKpRAWLTXda8rup4aCbbP8sVEg=,tag:wyh+hrZreOyT7uQQrghb7w==,type:str]
+ pgp:
+ - created_at: "2025-07-20T18:28:31Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAxK/JaB2/SdtARAAjD1i0lkwUFRgQuo0STOsM9N23W5LdKCuZJliGfVi/Sfo
+ etQhafe+GsYLMmZy3zTC7JU6KIYB+wTPAn4abAMqrxUFFZ80ij/hcmdj1p/yrgO1
+ XNZOd0PEX08RBd25GbIGLGYjvioutm3YDYdYlrR0pMhBvJl7apPLUHIFrmjlk+18
+ W/ObOqDvUEXIrm9E3GSaMYrk9b4gI8wtA78Z7JOLRFelKxnnhBPkK+46RLGEo6lo
+ 4QfN6mA3zp3oVg/dtznQrVtc7mbMvays6M32zRV+TQ/OB8ORqmsEB9lWTpjGgjzL
+ nWWt6bQVLIEUdp8RKI4kwqOE9ZxTnNAO00cQ4ZmsccsVXuLGQmNeoBynjJrayWXT
+ zQYpXh7mT2ovCh8TzPsnE3kPtQE7ISgtJxRaaX7KqW9iGq031Z6GW/j/zr1YPD/f
+ Wve1Z2bkSzHMY2EjbWBMDcIN9JpqOrjRVa4ZJtp4+pcBU/uO0yXaWZLRL+EJIDgk
+ 68CFGRYAmvEAfca7chv55gGiJWXPONRkDqix0y7Fk5pkfrll2xxkKPoDEU5pb73S
+ qdHQTDRmrrX4C+c7rSi2Cpv7kk0/azO5bxakREv+vFsiHKkz5cBwz7blBss3jsAX
+ 6lP+THKJSYDmgK0mU9CUaX6uvU766XS9lBZxp09ZY4lYeexS32ItXzfUTLsx6/bS
+ XAE829ofDeJ8nGFxCPTbk6mgIJ5tIAAPVBNNzV4Yyb5Q6EKAETEWmnZi7LgkACKL
+ pSAiQA+Khgy5DXGMnftFSA21KOsZKARhopFoajdnlSlUt3MZlEe0SjTIY4QD
+ =2QJ5
+ -----END PGP MESSAGE-----
+ fp: EF643F59E008414882232C78FFA8331EEB7D6B70
+ - created_at: "2025-07-20T18:28:31Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA6EyPtWBEI+2AQ//aMkP/gaXVNmbRWECzQUxsyVOfE3frnm6jxErV/re/uyv
+ YWfMZVB0pWrOv/Nj2niQ7JQ663uf2w3d+YdyIAvfazAW7ZA7eQ5dfMj9tOPimofa
+ 2ciVCdsqDuKxkmR6Ns7MzKk6exdnzt5IEnIJrtekZJ6Q56zkYFhxGjvPKaNRa1N9
+ nvVVgp6ovqAA2JZFyT2ay0AxqTWlZF6BsO+uEqub8NSRmuJCmbKvQgfbmI0acqAE
+ DanFRY5k2ACxed30OSBslvFUmcMGigB0Wv0SvXtqCUmEU061ZcknZgECujoYysYn
+ Z1txLQEWSFjm6rOCxdKwqRf9DOjB5aM85NOs87jQy1+nZj31+dezEJ+701ROVOCN
+ hQCQVGqzJYEOwYRDMjtf2fZjc+d/smWv0FijJleWHBB3CEvMZBSHCZaC2n3/jtFK
+ mRwi5yZDizxGqq3kvDiU/9l/jMUPL7u716o7Gj6Y6AN7QgYjQjmUiXG8DvqMiNQX
+ eFX2PLjvmDprao8unnJ+Gj3NgwQgXkFJm/jmTjVwX41V1W8n+ayTy3MdaXaa/bYJ
+ uXXVWDKijRpl1ewqu6A6K9ARbPGmKmUuNIQzhgwav1c3VvQHuO91OoFz5rX/m9cM
+ iY36OTPiRsNnrNuoqa6aXSDoMZoOd+KCkIo9Z9HV0NiKVH4oerBE9qXxvdCB3nLS
+ XAGnBTYLEVjMXiWtZxRFXpYD5FUUNjsGWsN2nO/eqPv1FVAjECfiacFWUxu3kXxW
+ ZCr/WP+vDbexsPPxKNwV4oBO4t4r5miov6mfWnil4mWmvrOvANi29ptQMRKw
+ =3Lex
+ -----END PGP MESSAGE-----
+ fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
+ - created_at: "2025-07-20T18:28:31Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAz5uSgHG2iMJAQ//WXDYfzt+mSWfgpKU7MSoU9B+VuO6C4g6FNuAXVFUcblZ
+ 7JOlw0Sikvo7cPm/a2keRTGsimFvf0/BFelGdSmJBizdKE66eAc/KvXfV2RCGLVl
+ GyBJkSeAOtQvfscyJaDjCxS57E3PtyaRGaWERUJ8mdvs46gfrdrMLjnF+fHSfOOb
+ BddoGlHwGgqRmPu6jLbv+U19+SuNhI7W0Burl2JQ/vQYxvoc2H0e/r0wGOAX07sH
+ vqnsYwHMAGgaeyKV+Hz29FAqzcT/svc3P6DR3BjDgDHB6fd0jTSVUvwvzZ4MPC3z
+ lg4DZjr6V13JFvUZpQ9xi9I38DgEOpqG8jdK7XZ1U7xMfKBW+ZLH8YgB8SvJLHK9
+ H7MOLcRpdeXtWgw/S8HQXUaaOUuV/Lxid+W1Q3WDofqwJYCrEY3JdLFBVvgETxvS
+ 2wckmlBdEEUiCzt4sX1XfanwJwQuPw6NDYYxYsLe2LoFYaiM27wzgjIn6av4m4nT
+ SRD3RIdcLpOJDlh713ZubfvoPn4PFKWQH4rRnIbnwI143GjvxInuwBSoRS3yPfv/
+ GwmW1Qp3voVRgN0lwdoA/ruydYBy0MOcSDDCVm6d2ejE+QdnDLakqKcyK7NB/GNO
+ Dvg73oNCSFmM7hj3M99X25GeJlte0pEK+/ZuYO0vRa7JCPAWzYluzg1eRpcCVqTS
+ XAE0c/M1Orkjx2u9YGbEYNEmMAO4g0xgRVJmJPoYex1ZrAasgiXw/KHpPzfen9Wk
+ QSsH1K6Xudf5U/4Etjqnctjh9ZgPEMmFe0iPbD1FEz9Lzy1vo49ai6+U/rnA
+ =MyFz
+ -----END PGP MESSAGE-----
+ fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
+ - created_at: "2025-07-20T18:28:31Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAw5vwmoEJHQ1AQ//X8MbQzTrRC2iBk8ioKdLRerWtPXEDZnS0t33MnMb8NSe
+ jEUb+nlixr0BFK9U6lpF6xpLwAKP2WAzwQjAF0LZp6v5Tn0KJws6MuU73eOlfiXJ
+ 00lDe80/UpGptmgJzXoCxIPpWA8jn411ZYaHYzKjDI5DWxacwLWJ81LoQ554t6Os
+ y++haXs7zHKyuVlFOSEJtuDQ7I1BI8kJ3h8Pk0PJZ0pDy5+CgbGJ57OBdOGL+JiM
+ x+3qitjVdDgtBql969IjZsrU5wlbNoBySvj/pfJTjCw9xifK+L8X6KOJObUa0Ny7
+ 2ykINNFIorbgrdW0PGwieUOaxh6/Kp74pS0swBrV+XcsgwLCuHRiW/3SlFpJkbSq
+ mnJgO71rSL1fWO4woGCjJOgkJ07xIlK0GrX9fzngBRUQzrFu3cO0EAtuq0d0WKwI
+ SIiwV52YQixiLyKOSOMRmfuwFziuhULGC5wgtc1Q3C7tGNmmFsahGIpKfR1lxxb5
+ zsNXkc54EZ+Oj/w6bJn04FoiQh3lr5Osvh8CfFUdXcNogMesY9Q1b5oQ758BQAUd
+ RKIwL3Drs+dlZaXJo18NMYuG1WQl3ZHXfXjVDqiJMPPVPqkizQC2QJGGYXuRJj1r
+ DMXbew50XUNTKcOYjrxaZzWTmzN9AiJt5utL7YHcg0Loaq9tUiSJxNSYT5hi/nPS
+ XAFA3pn89D+Io5Lqznif1FzL9Bp3/3cWfTFtJl+WPE74InDusLNMp7q7ZnQdvRb+
+ GLPgrEUR58KeCG7c4j0lI0zMpcCySykWqn+lqzihx7tOzb/A/fbxV+qlYo17
+ =/na3
+ -----END PGP MESSAGE-----
+ fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
+ - created_at: "2025-07-20T18:28:31Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hF4DerEtaFuTeewSAQdAu5t9lSFJ9cRNRTTXH4ix+9jZ51eg4iqw355QQ/IlVwgw
+ N757g11ymjjHHflK/W/X10BUWHjoAmFYyMCkJaTKL5k6Nn60sNF/3hMd9lRmh34g
+ 0lwBl1flz80tjLXkCK2xie5fc76tcLIb+tXj7/hvM1WM3oPHAOS1/nZY9stLw98g
+ yHFwV+g84tL2kxYcFcdF0uck2/akvHYarGVmW+ql9yY4elTEHYl3UrZOG+YlMw==
+ =QxJA
+ -----END PGP MESSAGE-----
+ fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912
+ - created_at: "2025-07-20T18:28:31Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAxjNhCKPP69fAQ/+IWGcOQ49WwlWlHwkQNmJn2mJItPtyEN7WnifbjDPOKZe
+ fQuh2Qr5UfJth3WRymL734QveVdNLhR6exyi8pC6g94S++KrZa08AlDMvZUQriKu
+ t4nDlce7wJxlvkAjbOV1rYj1o3ea6iHSNOUcvaA4gHOAG2EdLP7VKnofacoKWYkE
+ Q8dic+NHVHJlNKkx+TRYX5GyKhEcJouqmj3s3jX4MOzOKqvSb2vgwT9zZsASAtqL
+ 2P6Jz4tuX7YJS7xEoKCpA/R6y3UAtpEe/qokbGa18jDDwiiojDUWGr4SIp6T+zAn
+ yCC90P1+9hZLVtCCJVka9MLn9AvGufxqt/d9lJi9u3GdAdgwGA5madXKqmppquI+
+ xCbuWUY9EFWAK+F6R9+za722juYCgPCrke37bNF02NfD+fonW++uQmRJiDCmJ/ab
+ FEPsb6CMvlIk1h94skTNwJuLm63s6nGSrVChTmz21gn98OELxcDDav/Am4okBlpM
+ dUd4nAZbla3xUu8mDWhYVufnXeUaVy0mPh1oN6LqxMAIFgrFrdzNFQiLzXGzjeO5
+ hkZnF4OLzNSTx6OIaSaTG9eFNEldkanWK5uaD79iiJ6HpDBOxIKK76d/IlkSWEo5
+ IMzYgT3J6LvuCBIp7jqq3xluarYm3jVL74iJeKd7YrmEJmH44whZzFqLFwXPRhzS
+ XAH8HQ4Z5Y7UO5V4XYV6LzI8nJzNLMpTH0RrdnDBRHHSjbtWo4coTQA+XkGqaKLC
+ Tx1NxeES5PfD+8C//8bkyDkddr17H7augKZpl6+qFZEcsnVoM2v1AyuEEa/H
+ =OJbr
+ -----END PGP MESSAGE-----
+ fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
+ - created_at: "2025-07-20T18:28:31Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA1Hthzn+T1OoAQ//b/ndAkI2OlGJBnsvz/U61ApEwEgqqyEmhF5GBk1T9K58
+ RIfeQgJgTOOO1HazOqovOh8++tfnNR4BtthKPXaMRPKXjZIcm0uGjDXkubWJta3P
+ EPJgJfNKz8KpaFe89dkzb/1TIyk2Nnui8rbEOIgomM0TOcf94N9tfNZru3kXHPuT
+ cglZtEwsXww/BE9QXDksZWRSDasvydDuQpQn4DCZNatUUYYOFQ9hkHUvZd0v7gL1
+ tyrF6XRJi69MHRx2GcNBBCuOCNO6RgWP0LHjD4JYKJdSyy8a9qTPmCT3Ofe9TQrA
+ FbYYOTTXLDTWmad6GnyAy7ZKUvgosoFSw7jmB5xMwzyjVIuyNnAxLvjnppvaR9Xh
+ hfgFVWc1QAWO3cLvUKmx2IMTxQP2mX+zWk5MRQqTjuTGARAe+AYKHtAyxszZEr76
+ 7uXRB0Eo7WS9uth/62iAtJy0z68pXYzRI7pHiJJueZwhGi5rGdMeDGM9tXFOEdUP
+ 7d2y8Cbx0cOfRXy6VgzQBc6sZU3wevzNNLK4M73A1urIrx2eBZC9v9itGyz9o5g7
+ d2Bs4t27KjFo31dXIM9YhJr04i3DvPq08ImY3MsNJiGFKtpt2wCkzlPLJXmyewL9
+ ybmdUieW94PL2rAfkaMbWMjaja+H7p/ItIe/Hz7WEz3R4NJL2+aaaWRKqUPuo8HS
+ XAFRkJPM17ALht9P5M2qBsdeB9Y6zsJuQySooAtubTmO0SBae2CLfLi7r9G4vh8B
+ uyaPRJU4VvXftkURyRHXK33Frj+ZJQCyVr16WXF0/klKmb5jED8TC5XwrejZ
+ =zjZ5
+ -----END PGP MESSAGE-----
+ fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
+ - created_at: "2025-07-20T18:28:31Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA46L6MuPqfJqAQ//UDZyyywJC2vZuaAqLv8wvF/7lyzKoqPsXp9OhphMwCag
+ LZyQ66GkaSx1jsWWAGQjwVOeikr23SO5Sc8tqVtkKDXq26b+S0nPHf+xxnSIqOms
+ l0kTla8c7PgJadf4YgKbjZwA4PDb4d0yVM5tnpceGZyzHXtOHdojRHBKgm/ed+p1
+ bXjx1SeBZJH0F4pp7Pu5BTZrVp/RmlOCCs5SmzpBX151u1C310bIPrlMzyzKJOL2
+ SwiP+/DpwxRn1SRyZXQQ7bRzpS/Ax9g/S/+tKP8vIrYJ/07o8xensY5gjrW9Q0Qa
+ RAQLHacCFeklkqFg32NoOSXjknvITKHSKu83EPq6IWgj7SV6KKxPXAiWmWIPnL5W
+ TNh40cn2fMPrcs5667h/xTsa0PNOzHEtXf0Vx992JU5bTsOugmdc7e3bYzEiUbdZ
+ nKQZW5AUV9T1qZdXBqnB1AXwijNnFkhtJrU5e1GZApzgN9GBuJIdWUbna6SSbEiI
+ /x46YTHOfMSsxu5f8NGi8au9ww/8tonFbR+CSeYZmnG5loqf7Enyj8iGhLiEfG+0
+ mQPkxAB3mZEfjVr+TCXUz/x2Z99eO6xv1vJ0HxrQdEHd8MaErgBXsobOPi9cQcb/
+ QqfzxRB0xSPlSfcaIDi0iPXzJuNhBmpM4bUqM7RRA7CanfP2xwCNnAc9OYsw1bXS
+ XAEhWXrz6gMPCMDeqzae3ZWXBvH2aM2jSEcLy6MXz7d+0lgOCCbzBFUIJ6468AR4
+ QtDFpOl5r4sC8Lpej1mkZhQk3ngZ0fH+ELs8gliRgBeUz4I5J9prZ0H1YT5S
+ =hIWB
+ -----END PGP MESSAGE-----
+ fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
+ - created_at: "2025-07-20T18:28:31Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA4EEKdYEzV0pAQ//b86yL2Kay7YkWuzeGb6g4uUl89S4H1TJOzCthu7EJIUD
+ bQG/f58a5J2k1PLq88VTrIo0Ulz0BIGmblguqTAPnr0XzvAbWHpio9tnlB/LRFAk
+ hj2OKqY57/FOyFXtBTKS9bhI8hqWr3Qn/FSQQV8dbLSrkAZ28htex6egjknVVLg6
+ Rf9f8DGENEOV5Bz219NFpKs0D5dxqsXysIiHw7f6vgz4r1bLJO/RKxaNz1kGCw0w
+ 93aVHL8BJuFSTo4GdaJAWhIWuZtRbiZtrDFrSD38GHRz0KxlNjPXrSFo/wqWYey3
+ vq8hgPknEqAiQFJHSxhAKo+PHjPTOn5I97UmgJ0jpDopCWmF/mlUhI0CMMPRtzfy
+ 9mYTH9isVww7tZq6VClHt9MLtgPQbUtcUYNOTSsqpXuRw5AafH5x45SAaRmgMiZ5
+ d7NfhIi6k4kUEmqHgHBiH+MfLMsIu8GAlUJ/biLWEd7VQMgLD6ipLrijoChYvKsz
+ 1ej8G1cV3wmwT+JkCseqfiH/ju8T5axZOFzTKY1t8faSx8wr0K2GNKySR5Tq0wDM
+ 3e87vrNjs3oVH8RMBiPQzPUHJFSsNFdjjHpE49FkJUpy2Y6Jlft9kW4nHiZR6KFg
+ 9D1xK1Yd1kD1wck0Tou/bu6+iaOppRAMYzQkwmbFYCZW6byqwQWz6TZ3b7w5w/TS
+ XAExGv+29jQHHCR9uPx57ll6sLxFGFt701li7EX6P+ZBz4FYui/tYNOUqw/csGSc
+ 2BYq31FSg/zq9ejhMFgCbJMdD0D0WwlfGA3wgafk/igDYRDixuEZ1yYKqX18
+ =aiH3
+ -----END PGP MESSAGE-----
+ fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
+ - created_at: "2025-07-20T18:28:31Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hF4DQrf1tCqiJxoSAQdAzHZXfaqUFHTaI+zp1Cy4dMgqNHVs/aNnojVL5beS4jkw
+ Qso98uOePpagNBVnpj6SfuQI5tZHzNETfxHl1k3qRXPS29J+ybEzBQgdbtC3xbnj
+ 0lwB+uL9zdyS3WTCCm+PJV4J2bhhd3UPgoVXuszUetlX5pqvpJSCHcfH3i50Q5ov
+ fa4/XYHhH09tfJ3nf+iB7xpJL+JlW2bBAN3v3zlD6+jiIhDxpmBmu33tHdXePQ==
+ =4m7a
+ -----END PGP MESSAGE-----
+ fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
+ - created_at: "2025-07-20T18:28:31Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hF4DzAGzViGx4qcSAQdA3M0VvuxztWirQFgVHzqzB2Og5DNTlqEjkN4bmZv313sw
+ CVDDFafeu4pwh07O1NcbVB6T+O2BkXc3PI2OWCMRWS6v4uMEkygVSZCmxiZ18XGy
+ 0lYBWY337KT1q+tb3PYDzNUTwYGulx98NBgYHyTzpDECiJ+WQXTnQO5yQ+iQ3rFC
+ 2AGHc++H5rq53D5tDi9cjqKZs0XHDhuu+D4BLB0DQKwIjAWXJIVJYg==
+ =pkPL
+ -----END PGP MESSAGE-----
+ fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
+ - created_at: "2025-07-20T18:28:31Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA2pVdGTIrZI+AQ/7B92wxRSXHW2dAcmMp72Ll+4GSbjD0QFPincZ85+2D06m
+ P8vUWeCFfZ5soURASKun2RKa5GKXKSNsDlt75afM95ftsodmuyQ1SVmvbE+6SbAb
+ IwsqoKJRbBskWeEUm9zGEn7910v0qpzhaI9jwwCi6gT4OB1L6tj3NZKcVQYE801p
+ MVDf6bOoJ9DhyBFpzmNtASFRw4Je8PwcfrUZSfY5UZOfHTiBRop3l9mBJBpAw6sn
+ sfn+kx/TvRJ0JVqUQbtQzq6cAIJF3607tB2HkoFnwIswwqWQz2yuoTzMdhQpnUBi
+ 0lDHThAsu2YKyavbIH7N/sn+hqE2j+aOrQvMZQOiYFk/l4iMLm14It3UY4G48Imv
+ GohLw+gss5G/stDzeJjiQ+gDKAC9ugDGS+uisyqy7CZtoow/GuBk66GL4TGOpq1W
+ 26sH/yLBy8PBuRj8zrfgvcSYJwzvRprIcwdNmkmh+k2zf8XGMLcu1nUbb7WKZCmx
+ n/krDnKbeMyDBRxSHHO27gLmYQnk1T1W2vJc/EVdbEBpmodWlGVuzTKaWfcA0RAL
+ ldvrKLamWB0sZO/j4i7pOpeUUh6JOgXgOIiyXlMeuNjmh4QkqCWgiKvm+dk7hzoH
+ dIfQhZRQCL2CUaSxqEEQIG7vsVqkpX/4Fbi3McX1uU2LU93/LpjaMpv/Ou4HFaLS
+ XAFSkYN08zWc0548MnCXVoeYrX0szPPUmiaRIM6cDL7vI/vVR0uiVCZEY7QiyqlI
+ Wn2nOk3T44tA057BmjCkxXlnIiuLilzU0dKT+jIwikAZuNM5jF6qpEmyYEhq
+ =JQVx
+ -----END PGP MESSAGE-----
+ fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
+ unencrypted_suffix: _unencrypted
+ version: 3.10.2
diff --git a/inventories/z9/host_vars/dooris.yaml b/inventories/z9/host_vars/dooris.yaml
new file mode 100644
index 0000000..5813e3a
--- /dev/null
+++ b/inventories/z9/host_vars/dooris.yaml
@@ -0,0 +1,15 @@
+docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'resources/z9/dooris/docker_compose/compose.yaml.j2') }}"
+docker_compose__configuration_files: [ ]
+
+certbot__version_spec: ""
+certbot__acme_account_email_address: le-admin@hamburg.ccc.de
+certbot__certificate_domains:
+ - "dooris.ccchh.net"
+certbot__new_cert_commands:
+ - "systemctl reload nginx.service"
+certbot__http_01_port: 80
+
+nginx__version_spec: ""
+nginx__configurations:
+ - name: dooris.ccchh.net
+ content: "{{ lookup('ansible.builtin.file', 'resources/z9/dooris/nginx/dooris.ccchh.net.conf') }}"
diff --git a/inventories/z9/host_vars/yate.sops.yaml b/inventories/z9/host_vars/yate.sops.yaml
new file mode 100644
index 0000000..f5c8f32
--- /dev/null
+++ b/inventories/z9/host_vars/yate.sops.yaml
@@ -0,0 +1,230 @@
+#ENC[AES256_GCM,data:Oc2DdKVMymwkIHbS84TeTQY=,iv:UMhNafqQrHaF5iqFSev6D1uqHPFpKQTkOpYV6JncjsU=,tag:mAmBMyGdzER3hkSkV2Fjtw==,type:comment]
+secret__yate__sip_trunk_epvpn: ENC[AES256_GCM,data:BkdNaCooUjsDlCXJ,iv:saO4IGsz1HAinvW5ZGAMA4WEtBbo+UNdfBkr0g29uag=,tag:t8RM0GNYhl1w/RMNO8wKbQ==,type:str]
+secret__yate__sip_trunk_fonial: ENC[AES256_GCM,data:N18C3XZHIi1/IA==,iv:vs9dCYNRp+1ptxRajdUO5ODTOmNREJslF99xnFL92XM=,tag:IUmnlPeRI1WTRYELzZRk/w==,type:str]
+secret__yate__sip_trunk_fux: ENC[AES256_GCM,data:zcVxNjyS3BE2dw==,iv:Prmy8nP1yeFrVI5mQaPJPKHGFCzuZp84f6fH04I9zJM=,tag:X15wqvaaifMU2/kcqLqUZQ==,type:str]
+secret__yate__sip_extension_ewerkstatt: ENC[AES256_GCM,data:qbatVvfXZiUcpVnOJUpzYw==,iv:E/fCmKGrwYvQP1gGvwT0UrL0DZ/PcMwKG+NteiukB5M=,tag:PFmU0DX56+IbSQqMtY5NSQ==,type:str]
+secret__yate__sip_extension_fritzbox_analog1: ENC[AES256_GCM,data:+ayQ6P4P34D5hTNOFv3HVA==,iv:UD71G07Z633mDmvnJVei9SKgHyM+JFXJdtOhyBhvKGY=,tag:0ISsYGQCIMMgToLWA09JwQ==,type:str]
+secret__yate__sip_extension_fritzbox_analog2: ENC[AES256_GCM,data:DbFmTcZ8wW2fqstm09yUWw==,iv:jKUqtSXaGF/QpIwPJ6hKQWZvv9xtZeIQBiPHt2xm+3I=,tag:MkWzODFnWZc8o+pVLR3KJw==,type:str]
+secret__yate__sip_extension_fritzbox_dect1: ENC[AES256_GCM,data:87MFTNA0DXmfhesT/M++ug==,iv:qDM8HWZhG9FADLFNPRJXkadN2jXD6/CfroDShNPzA+o=,tag:Ylf56nCczEdDaOGko5GrBw==,type:str]
+secret__yate__sip_extension_fritzbox_dect2: ENC[AES256_GCM,data:KOUKexyzJqZPj1HKJxFl4Q==,iv:OCChQmSF1s8C/VYuw9D3hHA1CAoCnwC4adyTpWO5Iac=,tag:VFFuYi5Nd49ChU1Ki/nHiA==,type:str]
+secret__yate__sip_extension_flausch: ENC[AES256_GCM,data:eIieA4A/ZmU8e7t20xwmCw==,iv:oDMgZIjQBDcwIVPK4/qIT1HyQKc+vImdr1iPZE1LEn4=,tag:RgS+enGC6DP6dwE8u30a6g==,type:str]
+secret__yate__sip_extension_legacy: ENC[AES256_GCM,data:gC43eKUOAYU9dgNV1JQ+nw==,iv:xN7aad2NPaihlMT4Ym2xanpKU4eX04V0FS4m6XRgZFo=,tag:Oq0yBCSf+CB8Xkx4D4TH5w==,type:str]
+sops:
+ lastmodified: "2025-08-02T07:43:00Z"
+ mac: ENC[AES256_GCM,data:Irv3y4/QbofyM5BvE4h/T6zNF3A6oTjDssMOcqmGxUOGpqL11Am1DMHBivkUgEYe4ir9N0kvPUmed1XOyDwImrl06E1mGAT6hOlfVSYKtZP0Pwvi4VVeeP6IAYN56zu8k4X8oIxv7AEfS3Fq94sJ52Fd3xDPPCG4aVtUXxxDuwQ=,iv:HdqbgUVR0lIysZnnPkOkW9gDp9G/EOrHDkwmQH6LVKQ=,tag:amVPLxjvx1Qtv+v27SGtGA==,type:str]
+ pgp:
+ - created_at: "2025-07-20T18:28:37Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAxK/JaB2/SdtAQ/9FteCUUAadrhDu5M0uwAT4aSpkhA9+2mHB315uhpNGV8b
+ frAvjvo/rtnmDYX3QleuyUu8dvsp8lryfde3SnQu38hqt+a/fio6mf1CDWlwuKDb
+ xlNeuPXAP+x7PHFOXj8h0RhbQoaeYDPwFAwPXLxfgDes7cX2JHKGue7tBvCjLPJS
+ 3XoSXnbktzu5dFFQM25zuqM+q1QHbn77KyjfTPVJpvLJRiWsJwZNCaYVw+gc0hwk
+ qqOGGaLN+T0PvmUiCLzY8+3QK37dtru5h+WcDk6/duiI2P8l47EC3k7oiat8hzc+
+ dfDDUhlbCK4OtE88ewA6UwT65m++CZlCzT+/VDus6gi200dMgJaT5fF6ebifitST
+ uqLbdc2qQvR/h6OL+j5CulR20aZd9pbIamCaJgoULBRozUu01CsPKYIpRBONqbmD
+ bIZkWCBv4KM6jxbW701+x4VosGNa1lVJ72k1++Xg6agEjJnx0rW005csh2jFac+E
+ dfiJBOjPTMi+LDUPFokPga4vf82tWa7iPLIzmhMLupAQ2NnapBfW1o2Awo3mmUgy
+ J6psOd0po2XSYjLgB5IuRyNNY3KfzZOXx/A9cB2S46Rp+4RrkyfQMWVy4CWZMNoO
+ 2911gSnRutgJP3LrE/flR1bXpNsdP1MIx1RMBzTpEqrMB011Ad0ZnmbN42tkVdXS
+ XAEEtt/OW5TAnBXnl1NASySaIeP8mosYIuWXVRK3382zn29AVM9+KPstSFL/yXtJ
+ Q02jmaCXt2iJbGG9z7LymLzNbE93h0A3i2VgOQ980mhuAWZFtU7w8EKNz9fF
+ =ODrF
+ -----END PGP MESSAGE-----
+ fp: EF643F59E008414882232C78FFA8331EEB7D6B70
+ - created_at: "2025-07-20T18:28:37Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA6EyPtWBEI+2ARAAm2tb78/wI/RgRnuYNUbglF7zDKDUyhFc+36AbDKyB5w8
+ VFRp6bTShbV3oUvNZVV5v/7A/TUi4X6p1Nmqnl2vQLnFEs4h5xZwUajuLlsWX9AO
+ 6Hyr9D7pdBSBRfxypM1WOmzFRiDnFItxYFu5ljoc5OdkyZ7oq4W1UNWnV6dTip3D
+ c6jfswzuBSR3HtoVL2YSDFIibVDAb8Ph4kuAXDRcxKHh8FZdVaEyk5KhWDBY87aJ
+ vemqIOrh8GjbWWePNo6eDqRVU2nWZea78M7x0z6rDz6Z+VZsLWcl/cHu5pZMgDZW
+ nRUUe0JOtncgZ0FJnZu9sAw6BftaVgEk4vVrT9174evkTj1otIXClijTigVRp0Ia
+ JngM9FsQ0RLSA0dTGuCdEzoFPlUbtLLV+qL7ZGdysbfPsDiP1tlZWwCyxnYJ7gt3
+ TgqJPvZ/tuVX/MvwVCA6p13RXb3XqhbjtA2k4eXdeOcWPUYmYvVJ0385ASwQC1S7
+ PfmvQwL1f7YQkUvilkzBD/7EGeqJ8OFC4vJqx12tJNeNuqPiw195yBhNT5rml8bc
+ 2haV+wdpzWScw+eo/xj1a17i0a3SJLpwTcWiwTp0LmZEecOFtxNsaUjnZPn6d8Ms
+ RPbDVbeZP+kxNbvTuwXtQgC3d/GbcFbcSs//MAYUQLs83mA9XXW9Gzcq6ltexBPS
+ XAG2M3c5oa/2XonBoQ3X3dggKPWQoabyUVAAsehotCxcMEcdVEMtJLSB0/+CTTP4
+ 4+A7rurD5TwegQb3TmsDQRPYjwOoH0dQNXGNJQGGZpRyiVC/z0r3TXYrahze
+ =jtiP
+ -----END PGP MESSAGE-----
+ fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
+ - created_at: "2025-07-20T18:28:37Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAz5uSgHG2iMJAQ/+IZeMdpcuIJgNH+sdovb4+CIwiIJozWprKNHOxFOBoYMC
+ ZBStuhdGS42LhJLlV6kCsWGdT5uFlQVUCjRX7YwmFurSW0NqqzFtgnnbxnHF8UWC
+ 743JTuh2lApyL5WPeNwj1PXx3xJcJFeCVynWDblvH0MrM8GVy68pZaSsIlmpcnGR
+ 2jLCdWAv72T0SVffto7qlpQmCXNJSYspykEx7LhylRglf2uOAAq4n0k9QIFFL+2X
+ EgV9rCOUh7qRpZ8zhd7PahS53o6gvqwFj7xM12u+iNbDE3pw+qThv/LiqfuoNd66
+ qHUDzz5VyVlhbZ9wcN9oEPIl2kuUL6WeMO6RGZMx2n4kiI7E6X4rF5YgRGJBQ2Mc
+ DAWxC3hWiAchyNqk7YoszskwjVR/8ozsvPzSmny1UNNsMsc6zw3BL86FZj12ODCT
+ lwIR4Wae7sGC4oBITW6Rc5uDvo4hdA58viwOPHcxCNHrLHkJHhje8CMf5AhjBYcy
+ OWFOD9Vi7c9fBeQwsy8G+LrX/wkcO5N+KoDDGJs/gx6HVAD5Rie2UnVCC4pICUXh
+ UgIXDvV0WahCv+eOBUlj4gOIpLEO35P0RcX9nNE/5izFlwH0TtG5rCziEHEosqD9
+ 9Wl7jqAi3POa7DtCD0DHIn0jxlWyVcBEXqHlgU3d6vRtOXTZMvt/NZxyLi4MUU/S
+ XAGWywtpd/gxRgiyg+OB8C9HhOioLL/bCWvOE1n0JLRotxnv571oZi0SYYqiyX6I
+ wk9s181nh4Kyfmf+tOiv4GDSkUfg01y1dx+85s8AzgyT6t5isV9AqlcWVGIs
+ =c5hi
+ -----END PGP MESSAGE-----
+ fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
+ - created_at: "2025-07-20T18:28:37Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAw5vwmoEJHQ1AQ//VRf1w/DVkjth/BZAMx4B3i4O/Sh5vkJE1EQx7XWgpJVY
+ wX5vN0JujvIwhQ0aQf1nkFEmFTMFuKVMLzsHQ1ejT6od3XTsuD/WZsG9GJfG82Om
+ jT05mwIqcH1brD4PVqzsEdykG3PGtxVaIcFbnhdls15VxQTgiW1MXkjM+hm5ddti
+ sopwNLn6q2DbqJ4eGefl2kn88FxwDCv8tU9kQ9v4kR5/qkvtYgf8pyNl5zcQY5nH
+ y9muGRxt0eVq1Wpc7bzui/9MtZ9XOBWVPevesO2QWRTnK7PLGH23KoS4GHLKB5Tn
+ OkP1QemC75RjZ5AkfzYtTAInSlFmp9/giQ7ZDVSQMKoXxCsuN6jsVK380jWOPlq9
+ tOtXSfGCSdMeM2O0vB/Xqv1qhcqPSGGCib7BnivTUnEfgxGhHGxNOOFZ8fJBXDhQ
+ F0q7CHRye1EBhT+GpKuraSBpcNMgexj9j+B+17IAW+Riq0l5DiGJ7rgPaRnz+3Az
+ 2F4y0r2//2iV+Em6n5crVu13SsAWUzYVKyHSswJQByEK0D8ibE8vlsE+LBLwtpUs
+ 5FEVy8bxmNwbYyKGaiFR5m6njWlI3M6Chn1snzfsaKWpPxFHj/CSpUu4MRpGlNfr
+ Hc2mJxsi3FpnAUwAUbnLudW9ET72gnfrHHKBYf3DzqQAc9Xrf+dKUuPuBlDm5TPS
+ XAGNfxvILdjNFX9LvJLDffbPzHfLjKtBDSAAZV0bK8e669nFReBGfTk4RQXY2Huc
+ NW8hke7+pV4vazwcosDgFRu/XmFyc/G+bxbB1zmzs7DgQ0m2sLxiRdv1xwBX
+ =C6m1
+ -----END PGP MESSAGE-----
+ fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
+ - created_at: "2025-07-20T18:28:37Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hF4DerEtaFuTeewSAQdA47A8oGWP1vDUTI0iRqcliyuGmgPaM8Cmu4kRL64cmVsw
+ xTzCmlWNzdNa7YpdEGrCrzr2Ml5oE8hvLy1fM/H3m/6VM9+3Vmm6EI0Zq4mYYh6b
+ 0lwBapQSaiQxUJXIvRHqIbFfd6UvQ2k/l6K9HtnL6wHLNywCl8VqBJyGh+gzrS6p
+ Uj81QJspZL/XBbaw3vsM27p4I4644BFHVQMApAWWb0s9YTo179eLVl+XXL9/5A==
+ =hDmG
+ -----END PGP MESSAGE-----
+ fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912
+ - created_at: "2025-07-20T18:28:37Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAxjNhCKPP69fAQ/9ETw/8YtE14vgYnOWSnGhp8ryTFdt5D2IW8B30mmFlY4e
+ 0P0ELQ36dn7ZoEe9DxfjYXFEJ9pTElnN8d1mOxOcFvvBA7HXhWYa261PVTUt0Mh5
+ sLIcNgLoXJEd35voyqm/PXtGJZmM7iK79FL9L01eVm+zGSdglhvHhLdMnFVea+SC
+ vF/sjp+9m6DUehKqD3jUr3T31mXf2wuq7864j3DdC+pRC6In4y7kuj0TUbGpZFH8
+ rKBCxDLAifp11acgB5B3r0JyBeeZgIw8uTKrrQpFXXIUEUO0g1C6xlo96M3OD7sG
+ pdvdsKo0l2687kA5uN2/hxAMqQIImLXSStod0KveDcys7UtYIZ5zVoi5KyZgxmBq
+ wJOatBlH/sKzU2TXOSSTpbQJJBlaxCRk8/3ypfii4xdc3pWBm0Jm0fmZcckYmdWs
+ bTOFCkg2Bx8gJkMpKSO5sou13j0Py45IHdeeOkYt6K/9+kEqlUCZfJUUj8PSO6Gz
+ 7kdchGWYcGDGsqDeLlAXOdt8eQxBNs8LL9r+d+Acf4KqL1CYoxYhf6UC4z0Hownf
+ jWkrs+CUxnF8xSt2WFlxoU7AWkATMkBZrPoZcN8iyTwlQWvTQgXoFJoJ9RBkOwfc
+ HCSXDd53nogbkOfCUDosmlb/CJft3vS+hTNiLTVMA0J9ixul0HaRRr/w8bE/DgjS
+ XAEdwJucMGVbFM3DNjrDb5iaVsIugBYGuZDK+/xyVwK1IlP9GDwE617SQNM/LbQo
+ Fdq9ziI3VwlTFOnwNZ5Lw2IjNzHYMmS7ZTiF1LERWrMjIUtjY9/443ZHGQSE
+ =a7K9
+ -----END PGP MESSAGE-----
+ fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
+ - created_at: "2025-07-20T18:28:37Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA1Hthzn+T1OoAQ//TycYGKYZdRgLzgcx7G6un+2OP3HMsXGfAO6Pz8qIkd9I
+ jhVccyRB02gPRb/8xKyR5LVjeZ+zULmfBNAAwkvSDC2tjn0PlxbQwFW555Mdeg47
+ HixFzYVpi12qxqk3Vei9C70VCufyHp2x4YH82LJNKlHybJv5xMFZIFVkPdQQX09M
+ un2f5Fo6esMe8xfzfHsTbrX2X9TxluP+xwrjQLlqis9Xo1w3PJ8a/U7oGWm7cbOa
+ 2/7HR1eNQe2CIWRNo22CzvrmWcsid/LblgGgVP/W2lG7cQtXrW6dy5UctIXRYGwf
+ CjW2KgVova8Ojju7M1gZHjNSjnIEMD4ONNQCe5UiTfHwZbqPQtsfipL6NjY404/g
+ lG3ab1qtwgUSP3sdl/+gRvDEENSwjk7H/tIlk64ufABnbjqF7vGgh8EWz0u44sI/
+ a7RRYZbSjFSWpUivHiF4Z9CRxz+4OFkDFZ8oMyynwnNtXcq+Y1icqggPFN7PjPX4
+ FB0W3fxcDvUaC92TeHrbVA6gJ916WwPPf0nDYVkuKbVgBHiDUmTo68WGD3T2IAPJ
+ tj7ePAG/lreZDhDKH2s67I40Q8lPDIxFXV2u3wJ0wSOUeGvMh/mfaQyCbA1hDgIU
+ 1PfkoLxXiQ09VfH6AVTJFWEY8NRJug/R5d+6PsXp61jfX8tVT/IFUlmdQD9kRXjS
+ XAHubuQ/eNItKH9gRTj0eq9YdbzmrVJx88ImtX93Tq8Jrxc11Grlyf7OeJ5tBgin
+ UYYips2Wf+P8SibwyG+ctV/4qRtNzoo4I7B5PNsKqVkm8bBzBsnvjY5WFV5G
+ =OwXi
+ -----END PGP MESSAGE-----
+ fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
+ - created_at: "2025-07-20T18:28:37Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA46L6MuPqfJqAQ//TO7OWNCZyYgKOGFsoBlCT6rMTCF9ZwL4URHCCc4Yt+56
+ MJ2jDB7usZTQfEMm7sAPKo82lJh7BnZR3o9ZQfJWnv1fc+B+v4FCYmHPlxD1/Srj
+ 8RqCAqcsSRpbAq2B4qdq2kFfh3vuSHewBtCAblwRxuVKhoLUg15Ax+20h+XcXIZm
+ nAQTUBauyFNxZjEnTPiAO7rEXR7XAtN3XQLnROBiZXRHL6nUy1Ud1fOLj5dWHHl+
+ YGlmyy6F8GjG8Bk3G/F5QNp67h9OogW1EYWOIRqnxfYTx5QqYLig9b9Hehf/guT8
+ rzifK62TFCqANSPwvsehHH1ucdO+pnDL0a5dLELMzYJstKqOaq9Pdly3HRIWT/lg
+ UhmN5aQ+v8sw/9suwOKb9ED7ITV50gIedRK3MjtzAb6GwmgeO5PWqcnKaIRarbo+
+ PGM85vQkkKMY9wJHHYeYvDvM+fYilmX1H0uFg7KPHqwZ2UM+4XxKp7MfQQTLIl+g
+ rvEJ2MlVp0xG9biyqB2vFUungS56Y0mDNN4gaRwxGXd21OjI2onquKIDaYXTh2uh
+ S8UPheiOYHgpX6Xd6FNhVchjd7NDfw2XwiYbBI6YvRqeG8b2RetbUdpH34y7kTTO
+ rSRx5wJecJJYL62M3DDFQ/JVgsQs2YeyROen32UIZqVZjG35NaUY4gWFvBrXk7XS
+ XAH2c64NkWvCxrQN+ypAOo1acK7JmVx8KRyJ9SkHBEGXf8u8vrM3mKErSRUdcx87
+ O+4RH7EMOnH6/5x6bX2Uwj+WmY8uXtsn1q+zxqMmnt+rQN8y3MlssJ2u3XUO
+ =Ft9S
+ -----END PGP MESSAGE-----
+ fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
+ - created_at: "2025-07-20T18:28:37Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA4EEKdYEzV0pAQ//WMDEOC0jLeKxKCpjMltCQ+jjwtsH/yZOA07o9VHBhNhX
+ kfJ+fONQb7roYaMFEM8ZRxhVf0IXjrK4vk7+P4x/vKtW0/1cQm7U/uxzUsOUBA4k
+ UZHgcgrB3s6yDOY9TdwnZnaOlRPmG0AudXOYS/FwNE6OzYeCzf+88nw0VZzXpwvJ
+ WsPV69lYpwTxcxhO8jCVDPTXjOC0sWOXBe6Ea2X/dbWuwu2KX8AxDp8O3C6Uxa30
+ jOrhNtiguMugmKgF7NZlDqgiR3v2KhbVi/ECc3vH1c+GTekT26zAkvvzFqJjkHsb
+ XS8DyAp2/ExCubtk4h25ObMhghabGqrl9o8hZ+0RlEaWU7oRi+cinIXgAZcubv0Y
+ /LEfDyJTohmoDdqpC4xYdTMQ8s8RaNRGtQG/3hISD0cgssBHDBKnoNMNB/V1qe+z
+ EZx/ewgUmlxcO9Q+mPnQG9Eo7sh4WnldbueXtdmp8f4vpt8tJ6zr66x9QLU0IJHW
+ UwgwaV6EAUdv+O+MsW40Bx/TWEbbKj8am9dymTP1dV1OcPJOLfUbNog7ybFXl6IT
+ kNnUkwHXfkRUbzZJNB5rBTTt8msuFquJEaZANl5eMKdn5fG9k2hxMpZCdYT0kECb
+ ErzpV2kUS6Z+QLL2YQzIQ/iBqy82u/pOJ44IvO6JAXYUbc5RTGVOgXNpNiFhOQLS
+ XAHfwKoAg6apAAcqJcywJ52eFwi2886lHyTcl6Zl8wlOC6FZbK+zkmhFKEcOdZyo
+ YFVoqmHT3Da/Z4rlw0XwJYR7EFyk/mHlBwdNabv68Ba94zkqXpSSDuJz7Oip
+ =K261
+ -----END PGP MESSAGE-----
+ fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
+ - created_at: "2025-07-20T18:28:37Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hF4DQrf1tCqiJxoSAQdARUYTLeEeQkoOgHc8ReED3vRzHOa3S648JbH8q9p8s1Uw
+ 6m+puHJX6nqoLf+TkUfNKfpx1JJpGxgcvsADJTm5Rwi0MxqKvo650DQwHA+UQHd6
+ 0lwBQ1aFrpTk+2b5mVgGGLp5dgFSTDSIsBbUBFQOXvuPX/S/n4eCwiq0sWJBNsam
+ wKTAC7nLnf9O1MX8NGXHQD01doJ2M19o7BoUsifxb0y2XorWDp23NqrSb2U+9A==
+ =xw0V
+ -----END PGP MESSAGE-----
+ fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
+ - created_at: "2025-07-20T18:28:37Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hF4DzAGzViGx4qcSAQdAc7DD+ELFXtPiikXroB//qxDovIM8uUVXiY6/bCGDhyUw
+ 0XqwTBBntTkrxjPXSQIPuLosccZCLcqpawjCAeYKPNZmJSfhQ5ESl/iAD7wofT2V
+ 0lYBCaD9ciqJhB7nb0vh3Aoa4uphQ3EiS+PYi0Tyuo2r9MsoSv5BLGGHHaQDhvxK
+ 8FXpCyUk8oqBiJ4TRouaVvDcPUSaqWk9QQtxx1mgD0iIkPNnMXoPJA==
+ =3GJf
+ -----END PGP MESSAGE-----
+ fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
+ - created_at: "2025-07-20T18:28:37Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMA2pVdGTIrZI+AQ//QR/3s7FObKxat5+yCwGERpelhkNVkwwaVl6nnyX1P2od
+ JrKHwmwgRaOpchQmlkbLwgPs9byiRc29sv8T72qAM0xQohKJq3TXXCGA2Wy4xzmn
+ tDK4m+kU/WA8qtBsJn+gfV9CkWXVmr1vnrE+oM32qNpDA5wTrEN2ueTnxkc6oiN8
+ O+rlJWkbtPBxt3o9OJfJLoidh+Ot+1aiLeg+9lrp7RdnuHcHiklwT3y+dLf2Dpje
+ SevPq5UDX1C9kbwCtQuvH11wO2Pss9IWfNhqgdltsnaEC02lFaiiZxiZL+lxb5+D
+ XcVn7o+iZUL5BjNn0Y1D17geXuIwFwOKWsRh59EsMMUU7rzK2WIeGz5eIbGcRHPw
+ MIOxhzHXH4DN1TIKLa3BoqMCaEa6FY4U5pWNAGcclOqSY5DmlmSgZxOSLijCpLCf
+ VRyWbDUiMVz6CA1dR5PtnGoIlAMk0W84SxWgjrsg5BE3zt1KeluAPkJbgD3wRTMj
+ uXq37kbIQvH80ocxjY1DyBkvz5xh21yBlUvQnMLc8gQg2C3Z8gQj9eexqJOt0z/g
+ DvW6t4ZfGncsqE5nKv+O4FiFc+xUKFt02pPI/hgqYPpXVYc8mmqD8A75dbi3fhEO
+ 5tTnEszoYZJucAF57aWNzpr+o/I3dP7SxrxbQbq9I4GO1omSkKeNFe/dQWKGzR/S
+ XAHR6DYe5ej+qdc9lcK/Lx8aA7/4b+O5jSKE0g1sJ2wEZdhNQbLM21YLGt4hFCk5
+ a/pJ9m8ShyHgQM5bab9z2MtSD/qL9yVGMfErU/UC9S9GCAvh2COAFx1vVRdv
+ =L/EP
+ -----END PGP MESSAGE-----
+ fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
+ unencrypted_suffix: _unencrypted
+ version: 3.10.2
diff --git a/inventories/z9/host_vars/yate.yaml b/inventories/z9/host_vars/yate.yaml
new file mode 100644
index 0000000..b73cfa6
--- /dev/null
+++ b/inventories/z9/host_vars/yate.yaml
@@ -0,0 +1,9 @@
+docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'resources/z9/yate/docker_compose/compose.yaml.j2') }}"
+docker_compose__configuration_files:
+ - name: accfile.conf
+ content: "{{ lookup('ansible.builtin.template', 'resources/z9/yate/docker_compose/accfile.conf.j2') }}"
+ - name: regexroute.conf
+ content: "{{ lookup('ansible.builtin.template', 'resources/z9/yate/docker_compose/regexroute.conf.j2') }}"
+ - name: regfile.conf
+ content: "{{ lookup('ansible.builtin.template', 'resources/z9/yate/docker_compose/regfile.conf.j2') }}"
+docker_compose__restart_cmd: "exec yate sh -c 'kill -1 1'"
\ No newline at end of file
diff --git a/inventories/z9/hosts.yaml b/inventories/z9/hosts.yaml
index 13e2cc9..4d847bf 100644
--- a/inventories/z9/hosts.yaml
+++ b/inventories/z9/hosts.yaml
@@ -1,29 +1,45 @@
all:
hosts:
- light:
- ansible_host: light.z9.ccchh.net
- ansible_user: chaos
authoritative-dns:
ansible_host: authoritative-dns.z9.ccchh.net
ansible_user: chaos
+ dooris:
+ ansible_host: 10.31.208.201
+ ansible_user: chaos
+ light:
+ ansible_host: light.z9.ccchh.net
+ ansible_user: chaos
thinkcccore0:
ansible_host: thinkcccore0.z9.ccchh.net
+ yate:
+ ansible_host: yate.ccchh.net
+ ansible_user: chaos
+certbot_hosts:
+ hosts:
+ dooris:
+docker_compose_hosts:
+ hosts:
+ dooris:
+ yate:
+foobazdmx_hosts:
+ hosts:
+ light:
hypervisors:
hosts:
thinkcccore0:
+infrastructure_authorized_keys_hosts:
+ hosts:
+ dooris:
+ light:
+ authoritative-dns:
+ yate:
nginx_hosts:
hosts:
+ dooris:
light:
ola_hosts:
hosts:
light:
-foobazdmx_hosts:
- hosts:
- light:
-infrastructure_authorized_keys_hosts:
- hosts:
- light:
- authoritative-dns:
proxmox_vm_template_hosts:
hosts:
thinkcccore0:
diff --git a/resources/chaosknoten/ccchoir/docker_compose/compose.yaml.j2 b/resources/chaosknoten/ccchoir/docker_compose/compose.yaml.j2
index 01226e6..c2108d8 100644
--- a/resources/chaosknoten/ccchoir/docker_compose/compose.yaml.j2
+++ b/resources/chaosknoten/ccchoir/docker_compose/compose.yaml.j2
@@ -6,8 +6,8 @@ services:
image: docker.io/library/mariadb:11
environment:
- "MARIADB_DATABASE=wordpress"
- - "MARIADB_ROOT_PASSWORD={{ lookup("community.sops.sops", "resources/chaosknoten/ccchoir/secrets.yaml", extract="['DB_ROOT_PASSWORD']") }}"
- - "MARIADB_PASSWORD={{ lookup("community.sops.sops", "resources/chaosknoten/ccchoir/secrets.yaml", extract="['DB_PASSWORD']") }}"
+ - "MARIADB_ROOT_PASSWORD={{ secret__mariadb_root_password }}"
+ - "MARIADB_PASSWORD={{ secret__wordpress_db_password }}"
- "MARIADB_USER=wordpress"
- "MARIADB_AUTO_UPGRADE=yes"
volumes:
@@ -23,7 +23,7 @@ services:
- "WORDPRESS_DB_NAME=wordpress"
- "WORDPRESS_DB_USER=wordpress"
- "WORDPRESS_TABLE_PREFIX=wp_"
- - "WORDPRESS_DB_PASSWORD={{ lookup("community.sops.sops", "resources/chaosknoten/ccchoir/secrets.yaml", extract="['DB_PASSWORD']") }}"
+ - "WORDPRESS_DB_PASSWORD={{ secret__wordpress_db_password }}"
volumes:
- wordpress:/var/www/html/wp-content
ports:
diff --git a/resources/chaosknoten/ccchoir/secrets.yaml b/resources/chaosknoten/ccchoir/secrets.yaml
deleted file mode 100644
index 854f831..0000000
--- a/resources/chaosknoten/ccchoir/secrets.yaml
+++ /dev/null
@@ -1,237 +0,0 @@
-DB_ROOT_PASSWORD: ENC[AES256_GCM,data:zfK7WXggayIeROoPhCWiU9V0dNpKDei3vg==,iv:XChG6XtDfdHDycZZmIgUtUrqr0YtiVIt2BRZdo5E50M=,tag:x7UeKZDQVQu9ybJx8Xz4ZA==,type:str]
-DB_PASSWORD: ENC[AES256_GCM,data:7ld13nerRTQXJsI8/0n/3IMmbT2FVhAhRg==,iv:Fs+Vv9fDBYMHaWBvcLAh6dtLt1lTNkR//Xr8E4KFylo=,tag:RyDrZcexek3eO6Justga2w==,type:str]
-sops:
- kms: []
- gcp_kms: []
- azure_kv: []
- hc_vault: []
- age: []
- lastmodified: "2025-05-03T20:48:33Z"
- mac: ENC[AES256_GCM,data:1R4V8XkoIz+ySSdwj9kBKbi0LhOqZtjuEIgV6heuDDXXJ5gKTQKcgkvtTQCAvSoC4VGdYSwedfm94tOJa6blILJ+WA5i/mIxYkuypnqXct1qeqwl0CIOxRs/7qRqQaQjmBmlp4JBRDW5usy/DSZB6383azgNF/5o+eqbErMm0sM=,iv:bYipcv9OSnFakbfKFzc78x2icJ4ByN4lMRnSwqA73yM=,tag:0TfCZmr482EEey/tkcxg9A==,type:str]
- pgp:
- - created_at: "2025-05-03T20:45:39Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAxK/JaB2/SdtAQ/+JPuBs9V5yTmx11uwmqRVvtUH1Qxap+cx4X/KTNjUxHtd
- BPA9PKUeIu7Cj0bjIHizlJT/R7xaVHar6sPCYvviiQ6koHPrI6NlKtgLXvqkjRFb
- kdCgMeJYDUtdKJ4QYnLWdrSb5MoZ/Q3eb4DtZDV+N88i65cEg1fLHduAr+5y+YWG
- oxlhPFgFA0YlMntLM55Ug4Hs6zBWYzLcFeUjGH2xJ5KDUyIbo/V00X+DPVSLVoRI
- TT/ikxTqXsA5DIBtuKZvmbHjqcxMBvgCyO78WCTWMfE0FUz+/iqZSvORWiGHFJOB
- t4Bw3s1TXGM9aruj6iiOy+SQQHAf84SyYUAQ/MziPRYrKQrMrGaJZ0NtyrdnfmVk
- rWWVKHgmlGhEYnWYaxEODxLCm3Qo7jS4KWZ+jDNyEMAGDkXSCYzcuJ2Fjs3r1Z2z
- 11dqXMb+S+wicBUrVkockagGOm2LpS6QS4jxl0ReDlka07V65I8+X2QnV5j/JeLq
- C+q0wchfACJX/t8z2ckUElBXld126k7RiNCY2vMG5EHLMZAeVchJAB2M6+eYNWlo
- j0VuBBjJ7ALTog2FRWeLNhhDKowHImEgO5IJYcHrGYXnqrRFDcJ3z8eAUTrWistt
- UcVS+2qfWCmuv2A02zOAunt7352/CuZTwWz3OxrrGDgxnnYTbsDQNjN6gk/1HdDU
- aAEJAhAkex9LqxYMmNmfJEFtR1pqPeMwTnUb4HEWD1wW3GnLXGLyRZAs5oLzN8i+
- GwcPJnSXBchoTSSqbuSXmxEz7OOA7YqXa1ZlnRku4LZx/4unVYd2SX1QhI7eVh0T
- 02j5wqhnf8Nh
- =esBT
- -----END PGP MESSAGE-----
- fp: EF643F59E008414882232C78FFA8331EEB7D6B70
- - created_at: "2025-05-03T20:45:39Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA6EyPtWBEI+2AQ//fQv9HgUvIg/GX9SXAzPsap+rEg4hVQstjVh0bX1RK6lQ
- +IDB9KjaeiXdx/MQUwVlql+35WtH4AaMQ223fRSuZ59TGz3b88nk87o0xZ5KxGvw
- /MRrWEt8032Hay6Gg39tF/kyNZtJiUHZRw2cjt9Ny0u6d2z/HYDdRewst8Fc4wRz
- NKWFLHf+im4AYoa9V42TbR0VJbxwMKJ579zB96aipQsuRf+v3gg/cZuJ3s68KQXv
- hhudNRIFh+vlBcwOyZNRRsVxquGn+x0KJlqjsNH6TPXgiiixwspY76n0zI7fzTU3
- ukV0nS3FqpwM4V/ioZTXJr9NJ5hxMXa5ogNeD0WF3kp+ukPsfy0wbC5DbRcdg8E8
- /o+aND1HjXg0SI2jjEJdCyhpR008kzM8J1vYukBMpPaOX+twyfJJrugcyJCU5q5s
- KlnMHssl7cVrtRXy2exdK1g0J5xIwRAcfQ9fF7UItOtFaqbuoCrmVTT7X3wiZxYN
- ogVHxA2eOdTzo1APCwdlJMKTRc3RdzYxmfyBVcNj7EGq1ekWataIU2w4t+h1AV+K
- ikCWl+T60U462I2wGN9W8DnBV3XRvIOxAoU56wiPEP13ejOPLT2jVxcDCz4YbqMB
- tbZCTMjvUGm0gWINniobhBSSqql685Yl/4ZIkUnpS24BShshz3LcxSqmO7SGR17S
- XgGQMLUfg9lupxR1LdlqLdw3IBIPtapKcF2VSYYuwL+yRMzRKelisQpIFeocr4Yt
- 6ep2mu9JoLhWmGsowIhsd1JyKBq2o+V9rO68TD+xWtltpyPA81sbhccowE16EUk=
- =5jJA
- -----END PGP MESSAGE-----
- fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
- - created_at: "2025-05-03T20:45:39Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAz5uSgHG2iMJAQ//TlEKkG6EDgsc2ZI1BVETcVX+Z7fsGanpRu3U46XvAHF1
- Xazjl+KQbZDwnC5Xnppd2gn7WgJV8Bs7aHI6219iXZdOJ4GdO4xkYFz1LKVdnF6W
- QAZWrAWJSrTv6dpN8L5Pm/fikxIxO21Hjy/EumKt5jQqxevu8pwaa+vHN2BdDRKf
- glOsz+d6pyVvlAgyuewhRXrXwB7A9abMaaNLmWVedV5A9j96oQ2A3nQ2RNsZUIwP
- kpNhjOQgsjO4qnb/81EeIMPgnKM4SZCmXlGsj6M4pLp7VdaJbrfJ8+XW/Mxi+8mq
- VLcanBfA0fcPpHF9uXZty74Rg0Gc+zzqSo4VV7yqKJ5DBmlJTojYGfBY28DQe9FE
- sJxi05paeF+WuSDqxM5uSoVHNya1MyFXk5MgxrUHicny7sjTeUeFQlbonNW1I5PZ
- rzgVlon++e7CIvlRJyzw2Zt9HX9OYJh0GkqhEowQ2z3GG69ytQtTBv5W5xsn6iRw
- a9PghfQWnHisIXTnEFRfyTQtUQytEvwU7YOy8bUpQ2VojnEe+MYFavUu6OQPJTuE
- TMUYl/Q5/8fa1H4m4jObH4SuP2iqb8vzr2cycbytxbfDRzzgDLm9J+cvihSnuKEv
- e5FpYJ6qGBuUgAf4eXeBhAf7m7lxOvLvpG7F+UlhBHry1D+ZJQqo7lWDsDIsg2/S
- XgElbZ3RWUpulpfETZXBNjDXl6OBEcFFhwv8NQXAj9M97ord9+nO3zNJbv2OUAP2
- AZJh5Siuxoz1tYJfoxN04lNjEKvDNKJOmu8No/Nl3pItl2LsbGv/tzdOaBqz7KA=
- =2tvG
- -----END PGP MESSAGE-----
- fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
- - created_at: "2025-05-03T20:45:39Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAw5vwmoEJHQ1AQ/+LEFVA/4g2+AH67eMQ35Kbv4N+vwxKn3d7b7wWglSYqG/
- yk8TaoX4axXNojlAKR7u3TPIr5PnNRA/DzzNVZToZ5E3RSFrDyS0ql6LMLOF2kRa
- IMZnY6l7zMfIjX5SobiBlwHn1b8B+9drHOiQY08OvnB+RePrbT1sGTC7iGjYFcgR
- RSOHCppZMmywfk7OpmyN1pUiOa75hFeyhUdfl2e0dhW9WeEK8SuQdP0qFgTK9WuI
- +/udqqAsJtei/gJ1N5QbQtY/bG48AmeS9DdDxQMqNH1p01JLQgdqHNFl4ysADdMb
- s+sj2JNT9pwZyCi0+8zCdrUeddyr4c78J7nga/O6I/+3R+E+Pu1zg57YJNa2aWsn
- z0AE4Z/qtjJMViHStD9Ddc/1+CHrnBCLwxEN6MflpRpiFSSJtdxnMZ2zd5Ay/YLO
- W52nRGlG+szOzPqI8V3M3enXrhsU+zRZKdMuoyI9/uRaJIxyN0HCrQZxJo7P2Rjr
- savyiQrLVNeufl4x7cALadqwxSKn85JLnWQcPrlzqtmBPTuWt+LUkUiYJEG1Yguk
- WisoYKfP/vM213afonBUfhAwqwAcf7svytBXGmxFv/W1YZ2eqNgUhM5qvftEb7/k
- xG51fToNtgBDMJ0s+5AQqBq44wOJmR/WkMcePyzC2wHRgqEw9EMd/gbpjVOkwDTS
- XgGNIE2nglqnYrCX7dc5shy4rQM0xsDGaY/91dHlp+WAm48O9Q28+i7rLLHa7wkM
- uM1e0p0DLNRFZkVyJfY4HbVSTozphNw4fIlI/jKgHb6g+o8VTYAW8WMqln6Z0Rw=
- =wOsy
- -----END PGP MESSAGE-----
- fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
- - created_at: "2025-05-03T20:45:39Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA4HMJd/cQYrVAQ//afGJ8tZq7sTHTusi1Effj47UFgMqfE4beFPy955qzHYI
- 7Be2xMXMIq77ajGxakQAhV7AD6VKLzFlJWkSWcCZZ4hhLT1J/EMSgQlNdplQTunH
- mGaj9qAJnUh3JXRMaSSfme9ZYEMBX3Tzm8snywnmbNiMHvyyAe21ZU+sntoIcshB
- Wy1ZVSc1Vgagb9Q3MCoURHpaNfYO/sFLSSGs/Hbftd9Pu+/6mZRunqtl4U8YwQjn
- TWsceeVLvb3+RcTZA2tsQfMe2TbYm+Tor2lPUvMDEkyApacgOjhTFHCZsRNfdDmE
- i4HOMETa9J2s4VSUVj88asiEHyZRruisYj5U+gpNPX6xc3M9Bjk20basXmLTmgS7
- J151/fY5a51vgGvNYlzkKo9J1yn0iGsGNYUBtxidfndjzKbLB+Kqhte51W9TOlhE
- 5hg9pyvnT6c83RvnEeiyrb86GXXQXiSermrmjid2zbocSm2N/nl22Z0TVIiW7Kx2
- y6JUdY6r06xawZV84FEi4ZXTQyvPUWCm3J/uQSBi7Q9zkxvEycm9/qLiyyWRH4UJ
- 0XBfi3uCzSZ3wRgZvXmhNJL4VFzFZDTAseuGH8bLzhvgzVUIFGRXQnD9Le2lfgGY
- mK2dOeqCW1gJ+lrtuc/UwoeVipxSlDgseT92861JM1g2rTgnElWCrEouqrLXParS
- XgEUeq2hn25vwGt5tot7P47gXjcUU8w9opLp+pPJHP+L4Q2CTfPq/kMKgVlXAZVw
- OzWTuP16fX6akp3jmfk/hYXLcH6otG+Wfffh0dnWdECxOZxNsGhoKpeLQ6/zdWY=
- =20lV
- -----END PGP MESSAGE-----
- fp: 91213ABAA73B0B73D3C02B5B4E5F372D17BBE67C
- - created_at: "2025-05-03T20:45:39Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAxjNhCKPP69fARAApaL3AwoqzKVDuP05nEFbz9HtOIflOCWWAxY4PqevkVgf
- RyhBjohxF0eun2rWVqMoLFKB+iKiQA/y3ttN5t+VzbZEu716GLR6aQbMkBwcTZ2k
- iMztZzsP/7ssjn6zOVaLMamfChAVUkprXruVUf2zDKJXVsS6EemMmZyzdBlgLGfN
- 5tcJWShEd2xOorLYCOpcFdtuyzuHj/igh934bmGkRq/5Q9+SX1A/pr60G3Bye4nN
- ZptAtLDwvA60Jm6XWqZsWw9X5/QTws3q5wlMZZgI+CNlAfoFMZzQ01kLOVBBZ4D3
- sS2Yicxbc9o4HU4UY7mNqQfxKhKJ+7MWPvSC4ZgsEHPg1HKwJ3zFBpJI9d+Kc4kc
- N2E7xLfeAYz9coDA+LBSGJy70kYwM87ywfnBvBlHeLyQwW+X03ZQkGRCut2FWERQ
- Yt/ciSugCPtYvsoZdnrzlV3MoLJH/xUkXmAk8SEXgcosBMwKIyX4AqVXrytIWFy5
- a6VKAg482xWcQg5QKtqKXTS3qfWEyI78TG4TZo6O3FyCZn+/L5oU5UNSxJcLYyh8
- xFUVD+9tf8dfprba+HZBB2g9KGBLvoMpEDTpsb6tvrPhV416dyAP0qmAIVLXZ08t
- n0VHo7mdpfRkMzzeb6ARnBm0jIUkvjHMUhAOjjb77FG6NnRlgk445FmkvGxkLUjS
- XgEhPKCni8oHCY2ZtvLeKvl/XdlGH0OfDEraSyRDRJ17mg2XYy1muKVfVh4wA09x
- O67A23mAIXPhQgXWFaml9wv7iEDHPTThJH5mvufd0+AIqfOEa91qboVMZ6ilnUY=
- =hRXB
- -----END PGP MESSAGE-----
- fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
- - created_at: "2025-05-03T20:45:39Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA1Hthzn+T1OoAQ//Vx3UeZhZhEXV0fyGN4gIguntRwqmqP7sDHwR7Qjd993/
- iwh9ZoFv1I+/q45oKXyM+kv3DZqcDLchYHDj5N7gvL4/M7uOPpmOTo31aYHqfZLk
- FPx4ZmwcN+20U18kPUDcBERsn+1NqGdBEW8FqxVMDVbdTYAajsrsfPm3FEU8gNSH
- CUgUxVYymU8IPOzZKwd+TDwmIcUkPZmw6srM6tpxwz//s+1l21NAOrSwR0fYrE5z
- iyd8GUu2GYjJIdscCybXxMUV/IJHaa422OGmhWvtKoJLX6e7sK/ev8o0ZDWvhPUd
- HBtzyCEaygUfax1+QLZAraeJAYbjpAHeuy37UB0jgaUQXFrFkZKOjRMcPcIc9G3z
- be6zcrEAdF8gQzeoTpzGAboCo5lLBLgQXPG+XMOjcfmpgJnjvHjaTK6wOZgZwJis
- KxkXq0cX95Il+vBrt/k3rI2dsS2Jtb7k0pd33VApluJrS9BSeQCXdonoD1SrY+Wo
- eXziX/di18RY0JShc2hjY24e4yXNUs8TsFXuw2c/v+Qk0qNBgF4/qahNZWjMGRZ+
- D0P5B1sv0Uebq+xzkDv0OqCQqJ4NnozJ70wgQTt42xya8ZkjO2DuQDUkSQ1rTnu1
- dqS6q5VAG8vfoITaRfvV19YkUCWEg8iWkdEZ7F8iinE9IkoA/Fa2x5LnW48Z3nfS
- XgHxSgKKGO9N1kg8Fjo8fgc7bE4TrNEr7DzdinfTy0LkM7v5EEydxLOMzUyysWqp
- gOXUFPXXaFgxfNXRu/0cdHKpDB4Y3vqSPUSTzhnfco9IFt4LAyHTohoRlx7V/1I=
- =nL5O
- -----END PGP MESSAGE-----
- fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
- - created_at: "2025-05-03T20:45:39Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA46L6MuPqfJqAQ//Qa2Mq5vcOMfLgF3lV6f0RK+IQdFoGIetj0dbIESkl9Q3
- 2mYnXqn+OIwRg1V0nz4Wpwj3vahpWhSAWIlmBLTxjEM7pP1MinM/ohuiT8/d6PEy
- NEeut07slQuSeaD2WR9CBI17VNOQgvNKx6eB6zLH5+RlvXcSAR+5+0A2YxvMg2Qq
- rOMi9eWZPqiRw8j3pFMxl8bBCgQybP355SLIQoL1PTMRBCIeKovaXHICjAvEDfm8
- xzy2hvzrQDYlSV81wdb6nBh9CGGmhOrRleE7icKqAzcwEHxo/FsHAyJsis6AhgO+
- aMF+PaHk3WLYg8T6+M40YMe7lML93mXT7Xmbax+igaf7ZASgyj8ZZnao3hr9ZZq2
- ST3cy+neZkr9vJbp/ZLPunKSxOTa7MzoMvIZFAKWy4nx3d7xagoNd+2BITBJNNlk
- BYOP39v6LPh1tsMVrUQcC7Mrawq1xpn5C938rfcCHOsYxn9bU7b+aScFVqITh9uF
- 5qHlfBn4/5vCc0bTc4Y3QyavxaWiP+SE8O8cO6QlqL+AYtZCfqdup2WH1wTOWrnd
- G6UldxQpcpxyPK/4LGu5DcWWGAbbHa76k9LJZN3YrdSft5J26YLsyRUseGSmZ4/Z
- fYG9AoqLOH2kKnCoj7kESmiz3lt7DCtvE1nrKUNJZTrcku+nLWjebHDGWjOH5HXS
- XgH3vcgt2kbkogmgxt24pSLQeNK6SjI4fBiJutlw8VCyrqxDATR8yQlhAIGPLGbw
- X5h4RgJGvSFMrrr8BPW7L/294eqPm2bbq/MRC2O/9ezO3O4453N01fePapEqqGQ=
- =FkUA
- -----END PGP MESSAGE-----
- fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
- - created_at: "2025-05-03T20:45:39Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA4EEKdYEzV0pAQ/+Og4gwY9vzUgLOPWYGVrcSIRSSgK3LngQLTD+aKDBybLQ
- 0Q0ln9kpfz09Gq1fkwI8LuoeQ701qlVa+0WMv864tHJR2YmO4S8+IMu7qvX5W3pN
- CEzgDfZL+ovOMSB71ZK9YHlliqauy8cnrYk/ucwQO1yukDqzutlPeK1CpE/f0wBm
- A8patwmFGCSPYvmIBe48qsvYKP0JNVIFmhG48TaHQqc95YbhTYXHs9qz4WcFbMEr
- T31+fv/jBgmIU+nzQcIhNfHJ2sdmMXF6rRt8v3mGQrOUcU5es6E9a3i0dVZFZMc5
- 9akn2ELqbZgu+wIH+sgpuB/Hw3AA9SBhaeRHKjEK6e2l06OCRF14EdB3WJLC9fFI
- 0IqEuEK6dM2lkSCsEVTZsz/zj5Gf6kmXLu3mT/PKcui2Op4SIpjtv/CtlxS5kxxx
- dDJd5aEKYnTjVIXrgUer7KD2Ld7oxWr0TMxGd9dlWHViiBWCIh2jrbwh/MYcXA3n
- nMj3dUjdpTO7AZe3rBAzkfoMtx5a67HX4lo8WUJKzFgQ2jxvhyw+2mPdjfy1KErT
- Fa/T/nnfIBAN+i2zLBTQEdCDEdrbSKTZD2/ulKSlEii1wK2ATQHISRzAORUNo60n
- Dp9cFjITOoKeGdtrgfs+rptQ5mSuNNjJC5kUo86b/0IjJX8wjHKl7dtlkebhej7S
- XgFcJ5WY/8eeXZpXT1ooY6OggJf7Kso2YYR8oZW7Z55zjyVfXKsJS3ytPNB/KAbd
- u1G4BybrslSPyXQU9vuX4OSstiqNcqVOhNvMBa4gLnE5k7sumHI8dMbHcW+nBY8=
- =AwqY
- -----END PGP MESSAGE-----
- fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
- - created_at: "2025-05-03T20:45:39Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DQrf1tCqiJxoSAQdAlB/i5V7bWDewYv3RqyZMsZoxmskBKPe9cmvdoKc85zIw
- 7NnX/YFhUHerQkrdEkilB6i0Hd7aiUQ8R276cLXh9v5EtzeBZiRrfe+2wPc47Q52
- 0l4ByI0bDgXa+Fw0AgTp/OEGDOXEUaSEafGEBv0YrysD6f/9WnKYTt5QjBF2Spij
- f0pqADF8QdDW20fPZDOtt/gUezsA0AiV5HiShS7XsheBIDjL7cY15ST25GhXmmnR
- =qZnD
- -----END PGP MESSAGE-----
- fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
- - created_at: "2025-05-03T20:45:39Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DzAGzViGx4qcSAQdAPbYdliNriasz0tjbTIqqg51QWyNtsXN2PvIlxeMiCiIw
- GbN1PKHxkcCwJX5K1zn84qRyL4t2ZNYHZo1Eq1XarRN4o9Ss5koJNH6KjnDePlPX
- 0lgBBqapYcOipdOqSiXdRSvHe3muvvYPV2kH/OEsTySkPcaNPhg6e2lLkshHhVKQ
- 4PleX0qXAwnZnXlY6QtALs1LZODye517DZKLZ+T/jT+u34kB92pcqtAH
- =ZsVt
- -----END PGP MESSAGE-----
- fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
- - created_at: "2025-05-03T20:45:39Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA2pVdGTIrZI+ARAAsW0YJG6AeX1hGHUJ/Nx8XgJ+tmdoyrSeSV2x+hoqsNJH
- UNpByaOak57WuGor60zKTILJc2rDfaPF2ZzCEJJVmtfbAvbdAYfyA6RyHZJkOFsu
- hacNVLIwYzbaRQhS/7IcmAifJIDJhEcjzkwD6LK7TnEhM13Y4DECk2vykZ1ex7hm
- TNy8YKoLH614SthQgv+Zbnuqd3CP0Gj4N69+rGVMbJYIBwm5+kgucva3fYfEM3Sj
- 9nDh+0XAWJ+Cid+ID2/IpDTpj262hlo+yISTsQIHfqdZ2y+HHb5NQexKV9G9eQJ5
- tdcw6//ttwLO6Aq+N5+DyaIZyge1xUGy64JBsn7ErWqKwbPYrVApFPXgzR3azzDB
- v93BNLkt7O15xgMQryS+ADjgE/XJxrl+4yevMKn7RJp33zfFmoNQVn2OuDzNiw4X
- +pxqC8f77sdlsz0sghvdhQVDGEVFx5QOoHihfeGEQ4is47oq2wmZM9uWEH3jFolp
- cfZS5wTbAOjJjAn4ZcnSuNccKQfdPGKeitNYcCORBpgU8t5JfWIIVHNDTVM581CY
- jPX+3Azr/K8hUWHxvNZIObObsW1l8VOiBsQExWVZ7jgwgayieDpQcm2JSAfnTcE8
- 18uhcR04g4i3BBlD98cyM7hBye+KzRpJ5PRCGvlp4V49PQKlGixCHA/1AVEHTbfU
- aAEJAhApJpmpjyUSzNCpOfterz6jbX+WdFpvWiQwvyQ37R7xRb5JZgNlDQ5T/lFf
- Pb2b5i0R3ZpGUB7si0PyiTMCqM3Cas734Sy/0Nw0nW7TqjprsTSOhSyTFfKJoFq9
- tuTBFmrwoASt
- =MLHr
- -----END PGP MESSAGE-----
- fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
- unencrypted_suffix: _unencrypted
- version: 3.9.4
diff --git a/resources/chaosknoten/cloud/nextcloud/extra_configuration.config.php.j2 b/resources/chaosknoten/cloud/nextcloud/extra_configuration.config.php.j2
index 6ed0beb..8832381 100644
--- a/resources/chaosknoten/cloud/nextcloud/extra_configuration.config.php.j2
+++ b/resources/chaosknoten/cloud/nextcloud/extra_configuration.config.php.j2
@@ -11,7 +11,7 @@ $CONFIG = array (
'mail_smtpname' => 'no-reply@cloud.hamburg.ccc.de',
'mail_from_address' => 'no-reply',
'mail_domain' => 'cloud.hamburg.ccc.de',
- 'mail_smtppassword' => '{{ lookup("community.sops.sops", "resources/chaosknoten/cloud/secrets.yaml", extract="[\'smtp_password\']") }}',
+ 'mail_smtppassword' => '{{ secret__nextcloud_smtp_password }}',
'mail_smtpdebug' => true,
'maintenance_window_start' => 1,
);
diff --git a/resources/chaosknoten/cloud/secrets.yaml b/resources/chaosknoten/cloud/secrets.yaml
deleted file mode 100644
index 53b7522..0000000
--- a/resources/chaosknoten/cloud/secrets.yaml
+++ /dev/null
@@ -1,238 +0,0 @@
-admin: ENC[AES256_GCM,data:zIcGTqSicvQXJE6FAk/HLQbIMzAHWdTfLDb0AGEu9bN2+V3Rb8ujjGpiDhIbPtsc/z1Z9i6Mk7I4tQUl7ErF+w==,iv:tRKbXdpLKfT6N+8QNY4N3nennRBtVjUTtC+BCoPOXxE=,tag:vCZZaISD7hFmQnn9FJ8LXQ==,type:str]
-DB_PASSWORD: ENC[AES256_GCM,data:j07CqdB9vEPY/7mSIIxfRLKA1YOSoqgbt3pw2EgwyO1oua3r40NvRLY6VI0CXmcOXOedm7/lX5mwA3cZ15pBhw==,iv:+llV+OR4leYx6KyIRIadhbcypibfYKFFEmlftAl4MlM=,tag:6cd+8/IR16ypE09UDvI9/w==,type:str]
-smtp_password: ENC[AES256_GCM,data:VFhGRV5Jg19UTgm5mzzF1gcw2yyeS28BPuIQZaH2nYbyQGbxcOJ/YIaYbCXufoLOFLgUGJP+lHjZEs4fWuj2SA==,iv:SiUpLXthEF0UlJGCK+Q9cVH1BXnDtN9l8ZY7SeGU9KE=,tag:OmO7BcMH/eGrCOx0z4lQzA==,type:str]
-sops:
- kms: []
- gcp_kms: []
- azure_kv: []
- hc_vault: []
- age: []
- lastmodified: "2025-05-03T19:16:51Z"
- mac: ENC[AES256_GCM,data:j1QfgIDBR4seyC988SkCODR21AhqtBQaLLD9RV10hnqclgaByeoVJ7zdDUR4G41lhL9tbOKUy4FpOIQQp+kYBztu158cO1DtEU5WNUSV5GlRjuFRgVTCYZwJLq2uDpINMhfiC62MqxEjk4i8MI4szNK1P5rCqBvnz8f5gaUrTtY=,iv:EDtJbXOsXE/Z6DYi6dQXzZSflQUJN+TaqKiAXFXz6Qo=,tag:2Uu57dsB6+vVSZBZwB2lIA==,type:str]
- pgp:
- - created_at: "2025-05-03T19:03:55Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAxK/JaB2/SdtAQ//TYjfG4qAhFwZwvWrQiIiNc+Qk7WqZ6I9fsvzhnRPMsqd
- CO2y99ht1mXF0fGs5MuBtcml0OHr9kbfKWmf+1JwNEkzFdYeK6YvppI5fpIVgah6
- DxUAGQ+cquTtUM3E8XKIsXIVRMkrkJdzVYB5hxwV8qjBUAh5tuXg6Fwizpj4UGuX
- hF9TMYobvt4EanLDiAvMpo3oe2vjGBpkns3BpXX9oSq5hExlqLivifRHpJvp1j5U
- fTwrYqYPXY6mM1RBP0nBSyJb8sQlg/7qrOPQb8Y5/ryWs75JA6zVTpd3fe+t8pmV
- Uncwewh8fujrhPkLdvjSRc0/9uWf8YcohL6Oy4lgGffwPIMyhlAaXi4ym/dtM9td
- 8Z/sI7LQ3iIIPOAY++MOQvhmtD4AQkNJM9WUcA0n3fHvVVnNhVWHFO6J8FzH6q/u
- pDWhCK/WH5pTyreI0ngyeSXC3Mwq8yAMbjlhvZktZwmYCKrp3CWgqanZVPKHx4aK
- wO+JPMkcr86mj6/sWbRq3pqJCMZw5NBPxrdym3n1suthmMUOvnZulQt4RgWLoOrx
- 6wDVdH3Wv0j1yjuY3QdMZqOKECFhHDRuI162PV+kzGYwrcbzQlmNQgqK2ZhR1B7k
- wJziWgwynZ36AoPi6Fi+rA5CIPtVSlK6yr/1We4yciFic/RfmAVwWpMkORwOCBPU
- ZgEJAhBpgdpYmO2MdE3vLc7S1Ft9YhAOCzgGHYcjULa0lrA7K1xpDNkxEzotkiu1
- +/uFrHU7bS22bcOFD/l6dO1TzA1ViPLo1BZ2xmKToTq8cIzLjDrqo2sYHOqYtaSC
- Gees+Y4xng==
- =VeG9
- -----END PGP MESSAGE-----
- fp: EF643F59E008414882232C78FFA8331EEB7D6B70
- - created_at: "2025-05-03T19:03:55Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA6EyPtWBEI+2AQ//e05aLr6OZAOyi1MM/lGZ19QCBztJiaMWVL/BY7r3/d9f
- m1BTAgUZNgSROHDgkH8uuXqWHIadfIao6gUFKIzLsrwPfuUC+DyNxyE/NQYvv0R2
- k/IgXAuop1P2+thm13rVmI7G3yjGD2NOkQzp6LlMECfImts0QZqrfEUXd/P+WyCE
- 2ooCyeDstd+SgjBTHd+o0sGtc084XtpnfX4Qw7KGwuaT+cUkKXbdPqzxug+JpJcc
- BFK5F0MbrEa/wA1vAfyIDuZw0Zy3fGGO9wASJoc2ChFb/BphOIVsqbM2zNB63XDS
- ImnwyCpDmyxcBon8lDTlkd941V+YXzSf2cnyV//o7oLjFVQltrvu7pGhUrQ99lAU
- 0Ayn8jiAtyUenHOH2gsXdfGgg45lGf4Eusn4XaCxwSKoG1BCQZwR/tVnFBeSKkbJ
- 75tOl7UIs+bkLx5LWB1ozbTrhuOymR4h1BUbx3VL7Th5K+ChHs1w90xJWDP1dmEr
- +euiIaNY7OPfzNFZpNHJb4SQdtXzeK9fSV8N1c5G+BxBIpAqsVUWkXqVXiVwKjS2
- BJ99QhpmDFoCy2d3O57mYM09HgWXbekFR0VckL/8RVVpHfdnQcauXEMrpl3AHCfe
- DK3fDucO/+MUQ+lnyDaoRjJfjsM7PQc16JnzolEeOLMbKit+KAjMC9EfvM8GobHS
- XAGQHdTiHz1ppYhBZM/RlFG25W09yKA3m2pcYkbjcB4d1fu4lR8s/PhFT+5HVZa+
- UcnKDr3Kx517Pgg6Snq/7zdMqnIe3q0l/0Fs0oLjL57JoxSTELp6jqORXs7M
- =vOAi
- -----END PGP MESSAGE-----
- fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
- - created_at: "2025-05-03T19:03:55Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAz5uSgHG2iMJAQ/9GWEYkbX/xjrCqZfmxA+V0LjdDevDXKaII0j9vga28WIU
- Qg9AeLpvvgQRwJvZXZuCFI9ujmvpFePP4OgLkmh+6hx3dHY3COzT4i4iEH1GbxEy
- grGXSJaynPB2ONvaZbIt+FwNig0alCiMPQhzLnIS+hmnSYbHFPqKGdqfqryj1xjI
- JhirzLV/SYIAo4Tqgr/uyq7Ef4JAtydh7TWrqbdNQKeoB5Zu1uU+gVHagsF9mGCV
- 49x8K8EiyMcgXtYk0UTN4Q0iWArDtnM2x2/b2PJ6H3yw7pmdE+MPzGdtRr4t2zAI
- dF+h6PdprcHKrQa8moy0KSCm+zcSkL0vxUP8+X3WUTS1VUCsn6l/kk+4rM49izqP
- dvmQldGSHOdPG+P2dAS68p/Sq9PhsYZEGKub+nREyQI0AW3yVpWVCbWIiwEWnQOP
- NGKIRGBdY192oNvb/3ul3uNi/qcKFgrP4+ue5KAmJgkObFTss8OGYfEMQ0dncGV4
- UW9Iw7Xo8e10NPm8PpLySY68pGMpgFrWM/Ns+ifCfEaTVSezXYRLHy5XfBBoQFN8
- RJ/S0+8P3/HRyH6q/vbFkWrHhb95KwxRLXz5qb2yoy2/5z6+dgSKY51972Zujxjb
- GklVDqPrcgCLqlApfw2yJwSe60pMbE2CxEFzAmWLfGpuvyOhpWOT5jcG8F2HipnS
- XAFUK/+WAcOdJhmSRZt5aX33jJ1uJXQoxcbAvxdR+4TZxmbPjSLMnZGs9qfMhtvF
- EU9WjE3elMQ60mKBEoBFPudSNsfGblS3YT6K8b4Wij/CTb0ROGXH51ZCTa4k
- =PW2U
- -----END PGP MESSAGE-----
- fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
- - created_at: "2025-05-03T19:03:55Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAw5vwmoEJHQ1AQ//e6SuBK20zjqoSGLhf5JzocXFYD2TxIDyCAOmoK8kM/SR
- MPaDWdITHXWZS6o32KExCBYUeOIzUZDcgW/BqNZLsyDfFzgtdYY7j5Yy2+/ezakW
- 1PCY5MoqjZq0x4MMKD3TqQqHHsLLS3lPYeRWgFbFTZVMriixO9GqlM7D0MAmSEL5
- WbDdR4wzQNhsVuMZlF/1Rq/fQH0UCjJZ43VnlOi/2MSA+RE5pqSA4BE5IPUBgVx8
- n9b5asY5bG9N9RmpaOveF9AXh6x8QiPC2br14b642Ccj6GVGBgBtIyx60KdSALfH
- 8twZlau8Z+vAFnGQ09K3fL9AapE1RVRSzu2ndZ8fskAWxzP+N3+oj97JYbaXYvb3
- IAHfQkB/N2EV1b2bGv3j8O6gMKjJG24QCJgmd8/AIVbWzBOzfF6SK3KC0hI31VmS
- RrmZBZlYX/cnLGYK40myYAMU93/9R0DyhWSC2N9SVS7Jy6GW1u/aHyd4OdRXtaqi
- ORhgiQ05gTS1oF3zLB8/7Y/bo1mpTOUPpGQ7mQPaToV/aAI6UYJGhR4EFZBHqz4v
- dHO6Sq/yDvYSYasmP3a/TysEohkwnKe3/TSnGrMYVdWNX/tAGWqZSUrsWaTDtTT9
- 2QiTZftGTkRFH7SF5DkrbRMmSz8rQHrR8mtoEMtUbMAX9yRDSCHw9CRcfh49dL/S
- XAFK9g7uSY/HllvPHu9V6uvQfbKNqoYmpbdw4egKsYXKVsSecL5V2mvvgNABbbA+
- 7Ma79aZ5KRPtmUONfpkeIjyzhnZXNpSn+nnpZBIMXGbwiaiq5Z8WFBBaaF4i
- =ZmSP
- -----END PGP MESSAGE-----
- fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
- - created_at: "2025-05-03T19:03:55Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA4HMJd/cQYrVARAAr/V8Ox5vGayrWZmtSIpz0yzv8BudAQDZscQGUr/PD6d+
- TFA5aNPyPgCbVepLLWNkE+4YmmkBlxfAKS1b9wIhI3MvtFIKysTHxjqJde2QAntZ
- LdC2Nv2O1xVqQ1x22iQkNVoipLwc6OSbwLs1EC7Od6yCX4Mxk9wDjhixXnjeFkb2
- BTqUsT0toRu6ZtIpjELHMtPCj73pHa2ILIRuWM3H3V3KkUr/InYx3ewCihv4AqC4
- CmkH9CO1abdskPF298f6dlTG6DCnV9jVO+AuuiiT1yXE9zCrVlX+ACTugL+vpG/k
- utFq2gSbgIj/vnw1T5yE8RDRrDJGwWGr5lfoXJfhr1owEt7ddRV1mS9EQBzCpvcs
- YTM9an9nxIv5ffktu7qW8st+qVoqWKANxJZeXkidZxhLGchSgeMtRmnz5tFfVwws
- Og47L48Z+26aBVOLWy2AIzZHakdbyBY4JoXNAtUQrtRPicx0uUJbSGEXCqjcOFUr
- kW4f1iYQAuJwazxrEhKhviO2vV8uGDxzyBzFrij0nd+WAJTjQrpvjWaxzs/IToeA
- nQvMerKx3L9QyQ0FQQFqJuWgcYpjeCFsqija5WxVUlgDk1iDDZudZUbJ0PbeemsV
- TJ4adxzdhQb6YVRRWVdTDld7ZPyPMULYmjyR8oeaswE1X8JtyuNssO1WlYvz2r3S
- XAGhFT8CeuR5FJHYmHwptfKFmRahkLQRKzl8HCly0onUIO5dSXtO1sqUy/KCq629
- b58PjTcdwv9Nc/VyoTbH17NEicwkH+r6j+lztBDPvbJsKnxG2G+en57xZPWQ
- =iLLW
- -----END PGP MESSAGE-----
- fp: 91213ABAA73B0B73D3C02B5B4E5F372D17BBE67C
- - created_at: "2025-05-03T19:03:55Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAxjNhCKPP69fAQ//TiP3FUYVgg4Z2gQ90Oq+lXTvfAytKlPioLCqTJNmj0FS
- SxQ4WIl1xgOTy5DdorbwnFYlZRwFedcfeQGIJ6c/lz8Od7ab5goH4NP18OZi1tkP
- 9VdqlZL/7rnAT/OBeygiO95WlrWs7KCvmdIMrB3eQQY9EJP3ZXTbkJyM2vQSuJFC
- y7noAb7BxApAjcmWW98ua8l5oyKh1O/DBnbsQ2lQwWtvxVW507gp8oqJgnD9xrCR
- jV5Uc7ZYxaXKNk4WEDvESVb9n5FTwL+yhW4yGLeEracONI0SSI2lcsdSbWkM7GGr
- 6S51YkObJX7GH4BTPGpy9+A7VOeeKi83XZFgaaiiUA4NcDOg4270znHaF40C8cP4
- GIMu+WbNjl2ABbudGw7BlYb9dposlEkVY0Ce2ZDAQd3w5toGnkVGi5jIG2xNoFf+
- yNG4fNo2H6giDLuw3ucauB+qNgS2CWbUeTXIbt6g9PmILY2s6OuBq9m2o6GmAPPQ
- PRLtiMnFCdivzQCkqRdNDSRAsNR5QI95NFC+258hTEmk2sUk89TqXgFccobX9IYp
- BMaIVnVtI+iCa3RQgKM0OUUDwnA1W9XVEaQ5zFjjfg0RY8JT1xSgTnTc4OiFODC5
- rz3C6CKyh6B4SxNjVod6Nb3jNPDT68lfkf9ua+mB+TknuK3Ov16FWmCCsTGNiXHS
- XAFAZjJvHeHoZ5yjhBVpQJ5bdOOj1kuqtZzKzVWMnLQiXB+XKfxVG+d2kmmCCyeT
- clK0T7IL5NgJ0b/d0+1w7G++k4xSyy9Cg8jev60HJtny1LDB7AqU78+6mWAo
- =1sdi
- -----END PGP MESSAGE-----
- fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
- - created_at: "2025-05-03T19:03:55Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA1Hthzn+T1OoAQ//XkFf/JdcWreU54lrAcgJIpA/DPuflYX0bzPTgGish6aE
- cOdKTppl1o0yOgsxZ/0C7tjWMevM8F8gHqqfDD1YrLerrkDtvCKw+s/UgpqGIS7D
- SzalYJ3l2Sppmbum2VDqIZvhxF2U6DKB475ZMsNqangCjzcjOf4PBrxSIw51s4uE
- nFDYWfaAh1VYyRB681+VUHSdCITCIfXXq+8jdJAagrA707Eix+9WM60oqv6jI+d/
- TCCHufafonXnR728LxdSwBELZF9jb9NGgeG/7DlWxmV1gcqy9o1Rzv9cICtcDxKv
- t1fORQ6tztNVrSUGRXAiGa3AexJYeNnIaK8q3kzUaNqY68TOu6wyNdOEEpeyynJU
- dNytPUzZ4e5vhP4SxBsenMhekLcLt98eDGQP/iLRbfDhiBjF4PawqOIeCQbJ6OgF
- KXJle5gVuhakTaIuTp9QZb8rlWiffv/cOKlqGydUjeM6fq8Zgm6e1vjcbwQNj1mX
- 8T+KhgyUtaUUQPC1qm3LRom4SIM4mjgzH4SQCI9M0At7X12OjId/o6GsE62DU7C3
- ZWywYXH3JIGDCmgG0CQEZrh2Mv+1M8Mp1rZkDahj39ls9gp3reXI2W1+bxdgBTqy
- 4qxZGZNW0XgyaSwTbPR+z85ac/RE+oYKSmbpi8jstdLndIXtL2ipr4G8w9kzGjvS
- XAEE5Ml/lMJDHAJhMTtZgGoh10j/gS8EexwQobzZqiMeboNpt0r+B4OJSbs0WXJV
- oq5c/B2PMghcN4cnFIlesJl2AGry7mI8lq6bnhzRZjIN5KH54e2xBCVdhAs4
- =2EQ3
- -----END PGP MESSAGE-----
- fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
- - created_at: "2025-05-03T19:03:55Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA46L6MuPqfJqAQ//RTa3TiqaH6qkdZDuplbP8l7OsNSmvuk3R/vgiGq0Jp2y
- V3GT+1DuwpauG2IXDL9b36DiZLKX7+ugHnQ1DuSYsq78m4XCVBeIJkaN+2A9K+gi
- LwjRAxidQ5wONKqG6L4ZLConW8fnvuyAi2KDK76B7TcH/Ir+QTX9xg2Tm+vJT9Vv
- o0ZDrNnaY5LMvFFIzN+9wqiBnekw2EHFOYBJTpeqT8zkkvLb3Daoplpr4Uz/fdbR
- hlPP9JyI8TFB3PpMEF84+2lys2ob4halzGW41A9+9zFiPcz1mzL+ftRKFqU8Sd3x
- EBbiu/6xVycWnySAMiX0p/A+p+3pzMJ40/OJHC9P/HxdbFFTvpGzL95qHHu1aDTW
- vlQza3qQTk7konQiPAqZpv2fAteXCZeqhKgm8aowevbzCeGZwNYaN0yQqyROEE7V
- z702pOsize5aRsGWlxhtzrfpHVlJ/yxbg3J4vv2WAycGYmvH3Z0AJxClML/KmuO3
- W4umyrMQrmMMOhSByp3EkrPH2SXs6EObRoUwCaA82oJCcvNnEayRBf5KkX+FWqMY
- ssVECN1VX6sZFYH05ZGZ+RSpzNJrIFZPx+DrbmcUQBgvOBqIsWiaM4dNpCwRVuKo
- GhwuxdEKipcyPlsp274qwXCoKPGyjZxfcTg37naq0LlU+4VCYNGzuEijegH0e+HS
- XAFxXl4qoEaPAHYqMADJXOOkYGcnNUET8CwmIzuqLWrE5uHgKoX9cBrCN91jEFxb
- KH5dT4ysfagFkEWf5sNjBYcuxiYIP3e8BbKk2lG8DvZJgWox7qyvKIo5oKcD
- =gXdn
- -----END PGP MESSAGE-----
- fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
- - created_at: "2025-05-03T19:03:55Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA4EEKdYEzV0pAQ/+LiEI5eSEGrABofjDaIKiROJrC7XKLzVWPJ33mxxVwGsC
- 5mtjnZNQDHa2RiN775zLKOZmLvrKGCNHnfCHtcax0uaYTNeUVn0Mnq+UxYwTPXUb
- 1VIX6ivCI5HNd2voqM965riflOBOZbRsDK2dGodl4tMdO4zKwxJ3wDMhVJ3Po0rg
- UseEnsgXKP1CA+lGoYfNqoL2rstr6CNLcb6dZ9kekX1jm5ZegH7Xsevf3ZbVDDMS
- C+l4UijpngfsgyZ04cj8DEQuCZy90GQxkJAl5NWqcJ+recZkYlL+B5eLA4eIPt6u
- cPSdjPnzylT81b/cUsV1NUX8vNU5W/i2Nk4eTy1U5ErsDEmp1q1c3XioHO5h0fbZ
- k1F10gRjtljnlDyUv4U/5JdLz4h9/B2SvbWZT977RUpNDcLtuL1ePTs0jrOcTJsq
- tVlbAYJ4iUtMdUhVyftCQUo70Lx5VNufg/TbKTC/TWSSRl0DIdDa9adfedlv7+7o
- r5nXitAIMcT+2nkPeW9060G9Vr0ht/7tHcMNBrLuXLNzIaQSwl3+cmC9CsTtthdB
- 0+tcuZJ/w2WZJWX9U6ubJ1vWYdlS8PAEGt0XuiBnYO/CnyT8PrGMtJfDqzt7A1yt
- jADGGXq9QF96xki2jPo35TommATNAJsFi7d6NjGOKcFhwPiDxiZ7G0V0BiD0WILS
- XAF0B0GQDPebknXCpeqs3aDSBtg2bvCLiK7l28xs1hWZddt5hCTpzEP3zL4lDrGE
- 9+SSHG8sJ03iG/zGuo1OsDOPeLwHbdKoY7PJKgVOg+R3+OaWhIzx2cbW2qeV
- =v5rS
- -----END PGP MESSAGE-----
- fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
- - created_at: "2025-05-03T19:03:55Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DQrf1tCqiJxoSAQdAAAWAZzuozJo/9XnH+sEbE8ebyKgBi5ohKDVZOlMtCTQw
- oeNOyUBour0BEfJTd1MdrUOBOP8aEL/RpNxNXLJnuo/ZW9Cm/sYr5EtxH1OEuZeA
- 0lwBeaaV1bGtTACOlttrysmmNGWu05AEigvWSjW4X0oerU/3C8B1f/6HNcCeE4FV
- Xn4MKaTZfqGrS+r3PrtyY5i0odIpMQ9BrlUhld4zZQteiCb0FYIU9p9T3trrtw==
- =37ry
- -----END PGP MESSAGE-----
- fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
- - created_at: "2025-05-03T19:03:55Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DzAGzViGx4qcSAQdAwqo3P8q8n8cVeO8pN3QiqJCHK0R2cR7F6g4CBoXL+HIw
- pat6LL4iuoKRlKzGNFhhfcJ8ZGu7b2kXLNzMcN8YU/8Bbw3uym14x6o4M3MOUnpz
- 0lYBGEn/qi8JfNT9anDVH2NoJGD4sVgThagLjOM/lgXAGupXQeL8N2VH7q7aXBVB
- amtNYqrr4FKYSTOTOF46BXVwNVQkNxeL6I7FuaRu5/B3MG3xZmHb3Q==
- =KxpX
- -----END PGP MESSAGE-----
- fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
- - created_at: "2025-05-03T19:03:55Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA2pVdGTIrZI+AQ/+OW6ZL2OKIFgYinYC8LFwR1S01FTlssJSNAmbA1AWS97a
- eZnf6H7JQMvz1YfLeX4bS57Gip21OCdX+sTVsj9+8bKyBEXI8lqDS+W0QtWhZy7F
- xHLiEcMuv17w0Yg30UszMNaO3MCtfYrJpOiPQ5jYnfraigr7TmCja7i3ySUak8jh
- 16RVF4mcDJKaDb4elCqQgAU3BLaQbIBAV9l0NcdkIN5HgwZCCfAVFXI6KfkIQ2/4
- kow5wg8TO+5OMb3gVE6YO1ntFoV13qkAUvldH2pR8yjnOgZUgMkOpX3JdG95S5y/
- +ItZQ4B2skUPu8dp4xLHoy5eiFgOiI4lKoFNknB0Mh4f1Wuhn+KHnWnnWuEdYBWe
- OQxyvGbZTz2axeuN7zonS6GADzd+/jNFiaWYdaQ7htMiaD2cE1zH8MJMJRHTzZmU
- 0ifH0Y+9+lKsqVwvoRDrd2pQnsjnA+saRAfXqluos2fGCMOVwIXju6rsu4lkUlsD
- RuFQ6fEq1SyuyeoKMeMtahAJO0NW0DSpxMm2DCrX/HaO4adIegosVznvpqFKUbBX
- e9jAp9B8xeWbTt8c6TT9U5XW+GXcPx0RG/lxRKjXQRhwd2UrvUW731scODnFLSqu
- BFgqUByk2iSEoonZAoAS6gjvC9NAMEuLwWvdUejFbAx1ddknNI2YuoRcHrHnWjvU
- ZgEJAhCkTMPYO7Q0V9nRMne6vajbSvXDfR/GwRLez3qRPoTnMpgZO0hpclqerJ5T
- Qel10f8aMLupwPp4n+0khXyIZ+XYxTRdeR/zhvklYe0f2XljXndMFlEFA05vJ8ce
- 2theaH7hmA==
- =IwH6
- -----END PGP MESSAGE-----
- fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
- unencrypted_suffix: _unencrypted
- version: 3.9.4
diff --git a/resources/chaosknoten/grafana/docker_compose/alertmanager.yaml.j2 b/resources/chaosknoten/grafana/docker_compose/alertmanager.yaml.j2
index ad10a96..3e51e55 100644
--- a/resources/chaosknoten/grafana/docker_compose/alertmanager.yaml.j2
+++ b/resources/chaosknoten/grafana/docker_compose/alertmanager.yaml.j2
@@ -3,38 +3,84 @@
# - https://github.com/prometheus/alertmanager/blob/48a99764a1fc9279fc828de83e7a03ae2219abc7/doc/examples/simple.yml
route:
- group_by: ["alertname", "site", "type", "hypervisor"]
-
+ receiver: 'ccchh-infrastructure-alerts'
+ group_by: [ "alertname", "site", "type", "hypervisor" ]
group_wait: 30s
group_interval: 5m
- repeat_interval: 3h
-
- receiver: ccchh-infrastructure-alerts
-
-
-{# Disable these for now, but might be interesting in the future.
-# Inhibition rules allow to mute a set of alerts given that another alert is
-# firing.
-# We use this to mute any warning-level notifications if the same alert is
-# already critical.
-inhibit_rules:
- - source_matchers: [severity="critical"]
- target_matchers: [severity="warning"]
- # Apply inhibition if the alertname is the same.
- # CAUTION:
- # If all label names listed in `equal` are missing
- # from both the source and target alerts,
- # the inhibition rule will apply!
- equal: [alertname, cluster, service] #}
+ repeat_interval: 6h
+ routes:
+ - receiver: "null"
+ matchers:
+ - sendAlert = "false"
+ - receiver: ntfy-ccchh-critical
+ matchers:
+ - org = "ccchh"
+ - severity = "critical",
+ repeat_interval: 18h
+ continue: true
+ - receiver: ntfy-ccchh
+ matchers:
+ - org = "ccchh"
+ - severity =~ "info|warning",
+ repeat_interval: 36h
+ continue: true
+ - receiver: ntfy-fux-critical
+ matchers:
+ - org = "fux"
+ - severity = "critical",
+ repeat_interval: 18h
+ continue: true
+ - receiver: email-fux-critical
+ matchers:
+ - org = "fux"
+ - severity = "critical",
+ repeat_interval: 36h
+ continue: true
+ - receiver: ntfy-fux
+ matchers:
+ - org = "fux"
+ - severity =~ "info|warning",
+ repeat_interval: 36h
+ continue: true
+ - receiver: ccchh-infrastructure-alerts
+ matchers:
+ - org = "ccchh"
+ - severity =~ "info|warning|critical"
templates:
- "/etc/alertmanager/templates/*.tmpl"
receivers:
+ - name: "null"
- name: "ccchh-infrastructure-alerts"
telegram_configs:
- send_resolved: true
- bot_token: {{ lookup("community.sops.sops", "resources/chaosknoten/grafana/secrets.yaml", extract="['alertmanager_telegram_bot_token']") }}
+ bot_token: {{ secret__alertmanager_telegram_bot_token }}
chat_id: -1002434372415
parse_mode: HTML
message: {{ "'{{ template \"alert-message.telegram.ccchh\" . }}'" }}
+
+ - name: "ntfy-ccchh-critical"
+ webhook_configs:
+ - url: "http://ntfy-alertmanager-ccchh-critical:8000"
+
+ - name: "ntfy-fux-critical"
+ webhook_configs:
+ - url: "http://ntfy-alertmanager-fux-critical:8001"
+
+ - name: "ntfy-ccchh"
+ webhook_configs:
+ - url: "http://ntfy-alertmanager-ccchh:8010"
+
+ - name: "ntfy-fux"
+ webhook_configs:
+ - url: "http://ntfy-alertmanager-fux:8011"
+
+ - name: "email-fux-critical"
+ email_configs:
+ - send_resolved: true
+ to: "stb@lassitu.de"
+ from: "alert-manager@hamburg.ccc.de"
+ smarthost: "cow.hamburg.ccc.de:587"
+ auth_username: "alert-manager@hamburg.ccc.de"
+ auth_password: {{ secret__alert_manager_email_password }}
diff --git a/resources/chaosknoten/grafana/docker_compose/alertmanager_alert_templates.tmpl b/resources/chaosknoten/grafana/docker_compose/alertmanager_alert_templates.tmpl
index 4651496..3e97e6e 100644
--- a/resources/chaosknoten/grafana/docker_compose/alertmanager_alert_templates.tmpl
+++ b/resources/chaosknoten/grafana/docker_compose/alertmanager_alert_templates.tmpl
@@ -22,7 +22,7 @@ Links & Resources
{{ define "alert-message.telegram.ccchh" }}
{{- if .Alerts.Firing }}
🔥{{ len .Alerts.Firing }} Alert(/s) Firing 🔥
- {{- if le (len .Alerts.Firing) 6 }}
+ {{- if le (len .Alerts.Firing) 5 }}
{{- range .Alerts.Firing }}
{{ template "alert-item.telegram.ccchh.internal" . }}
{{- end }}
@@ -33,7 +33,7 @@ Links & Resources
{{- if .Alerts.Resolved }}
✅{{ len .Alerts.Resolved }} Alert(/s) Resolved ✅
- {{- if le (len .Alerts.Resolved) 6 }}
+ {{- if le (len .Alerts.Resolved) 5 }}
{{- range .Alerts.Resolved }}
{{ template "alert-item.telegram.ccchh.internal" . }}
{{- end }}
diff --git a/resources/chaosknoten/grafana/docker_compose/compose.yaml.j2 b/resources/chaosknoten/grafana/docker_compose/compose.yaml.j2
index f5af854..c9c4cca 100644
--- a/resources/chaosknoten/grafana/docker_compose/compose.yaml.j2
+++ b/resources/chaosknoten/grafana/docker_compose/compose.yaml.j2
@@ -7,6 +7,7 @@ services:
command:
- '--config.file=/etc/prometheus/prometheus.yml'
- '--web.enable-remote-write-receiver'
+ - '--enable-feature=promql-experimental-functions'
ports:
- 9090:9090
restart: unless-stopped
@@ -14,7 +15,7 @@ services:
- ./configs/prometheus.yml:/etc/prometheus/prometheus.yml
- ./configs/prometheus_alerts.rules.yaml:/etc/prometheus/rules/alerts.rules.yaml
- prom_data:/prometheus
-
+
alertmanager:
image: prom/alertmanager
container_name: alertmanager
@@ -36,7 +37,7 @@ services:
restart: unless-stopped
environment:
- GF_SECURITY_ADMIN_USER=admin
- - "GF_SECURITY_ADMIN_PASSWORD={{ lookup("community.sops.sops", "resources/chaosknoten/grafana/secrets.yaml", extract="['GF_SECURITY_ADMIN_PASSWORD']") }}"
+ - "GF_SECURITY_ADMIN_PASSWORD={{ secret__grafana_gf_security_admin_password }}"
volumes:
- ./configs/grafana.ini:/etc/grafana/grafana.ini
- ./configs/grafana-datasource.yml:/etc/grafana/provisioning/datasources/datasource.yml
@@ -50,7 +51,7 @@ services:
restart: unless-stopped
environment:
- PVE_USER=grafana@pve
- - "PVE_PASSWORD={{ lookup("community.sops.sops", "resources/chaosknoten/grafana/secrets.yaml", extract="['prometheus-exporter']") }}"
+ - "PVE_PASSWORD={{ secret__prometheus_pve_exporter_pve_password }}"
- PVE_VERIFY_SSL=false
volumes:
- /dev/null:/etc/prometheus/pve.yml
@@ -66,6 +67,42 @@ services:
- ./configs/loki.yaml:/etc/loki/local-config.yaml
- loki_data:/var/loki
+ ntfy-alertmanager-ccchh-critical:
+ image: xenrox/ntfy-alertmanager:latest
+ container_name: ntfy-alertmanager-ccchh-critical
+ volumes:
+ - ./configs/ntfy-alertmanager-ccchh-critical:/etc/ntfy-alertmanager/config
+ ports:
+ - 8000:8000
+ restart: unless-stopped
+
+ ntfy-alertmanager-fux-critical:
+ image: xenrox/ntfy-alertmanager:latest
+ container_name: ntfy-alertmanager-fux-critical
+ volumes:
+ - ./configs/ntfy-alertmanager-fux-critical:/etc/ntfy-alertmanager/config
+ ports:
+ - 8001:8001
+ restart: unless-stopped
+
+ ntfy-alertmanager-ccchh:
+ image: xenrox/ntfy-alertmanager:latest
+ container_name: ntfy-alertmanager-ccchh
+ volumes:
+ - ./configs/ntfy-alertmanager-ccchh:/etc/ntfy-alertmanager/config
+ ports:
+ - 8010:8010
+ restart: unless-stopped
+
+ ntfy-alertmanager-fux:
+ image: xenrox/ntfy-alertmanager:latest
+ container_name: ntfy-alertmanager-fux
+ volumes:
+ - ./configs/ntfy-alertmanager-fux:/etc/ntfy-alertmanager/config
+ ports:
+ - 8011:8011
+ restart: unless-stopped
+
volumes:
graf_data: {}
prom_data: {}
diff --git a/resources/chaosknoten/grafana/docker_compose/grafana.ini.j2 b/resources/chaosknoten/grafana/docker_compose/grafana.ini.j2
index 96c445d..af5b848 100644
--- a/resources/chaosknoten/grafana/docker_compose/grafana.ini.j2
+++ b/resources/chaosknoten/grafana/docker_compose/grafana.ini.j2
@@ -11,7 +11,7 @@ auto_login = true
name = id.hamburg.ccc.de
allow_sign_up = true
client_id = grafana
-client_secret = {{ lookup("community.sops.sops", "resources/chaosknoten/grafana/secrets.yaml", extract="['KEYCLOAK_SECRET']") }}
+client_secret = {{ secret__grafana_keycloak_secret }}
scopes = openid email profile offline_access roles
email_attribute_path = email
login_attribute_path = username
diff --git a/resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-ccchh-critical.j2 b/resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-ccchh-critical.j2
new file mode 100644
index 0000000..b4afc90
--- /dev/null
+++ b/resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-ccchh-critical.j2
@@ -0,0 +1,48 @@
+base-url https://grafana.hamburg.ccc.de/ntfy-alertmanager-ccchh-critical
+http-address :8000
+log-level info
+log-format text
+# When multiple alerts are grouped together by Alertmanager, they can either be sent
+# each on their own (single mode) or be kept together (multi mode)
+# Options: single, multi
+# Default: multi
+alert-mode single
+
+labels {
+ order "severity"
+
+ severity "critical" {
+ priority 4
+ tags "rotating_light"
+ }
+
+ severity "warning" {
+ priority 3
+ tags "warning"
+ }
+
+ severity "info" {
+ priority 1
+ }
+}
+
+resolved {
+ tags "white_check_mark,resolved"
+ priority 2
+}
+
+ntfy {
+ server https://ntfy.hamburg.ccc.de
+ topic ccchh-alertmanager-critical
+ access-token {{ secret__ntfy_token }}
+}
+
+alertmanager {
+ silence-duration 3h
+}
+
+cache {
+ type memory
+ duration 12h
+ cleanup-interval 1h
+}
diff --git a/resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-ccchh.j2 b/resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-ccchh.j2
new file mode 100644
index 0000000..66fd9ab
--- /dev/null
+++ b/resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-ccchh.j2
@@ -0,0 +1,48 @@
+base-url https://grafana.hamburg.ccc.de/ntfy-alertmanager-ccchh
+http-address :8010
+log-level info
+log-format text
+# When multiple alerts are grouped together by Alertmanager, they can either be sent
+# each on their own (single mode) or be kept together (multi mode)
+# Options: single, multi
+# Default: multi
+alert-mode single
+
+labels {
+ order "severity"
+
+ severity "critical" {
+ priority 4
+ tags "rotating_light"
+ }
+
+ severity "warning" {
+ priority 3
+ tags "warning"
+ }
+
+ severity "info" {
+ priority 1
+ }
+}
+
+resolved {
+ tags "white_check_mark,resolved"
+ priority 2
+}
+
+ntfy {
+ server https://ntfy.hamburg.ccc.de
+ topic ccchh-alertmanager
+ access-token {{ secret__ntfy_token }}
+}
+
+alertmanager {
+ silence-duration 3h
+}
+
+cache {
+ type memory
+ duration 12h
+ cleanup-interval 1h
+}
diff --git a/resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-fux-critical.j2 b/resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-fux-critical.j2
new file mode 100644
index 0000000..afb6cc8
--- /dev/null
+++ b/resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-fux-critical.j2
@@ -0,0 +1,48 @@
+base-url https://grafana.hamburg.ccc.de/ntfy-alertmanager-fux-critical
+http-address :8001
+log-level info
+log-format text
+# When multiple alerts are grouped together by Alertmanager, they can either be sent
+# each on their own (single mode) or be kept together (multi mode)
+# Options: single, multi
+# Default: multi
+alert-mode single
+
+labels {
+ order "severity"
+
+ severity "critical" {
+ priority 4
+ tags "rotating_light"
+ }
+
+ severity "warning" {
+ priority 3
+ tags "warning"
+ }
+
+ severity "info" {
+ priority 1
+ }
+}
+
+resolved {
+ tags "white_check_mark,resolved"
+ priority 2
+}
+
+ntfy {
+ server https://ntfy.hamburg.ccc.de
+ topic fux-alertmanager-critical
+ access-token {{ secret__ntfy_token }}
+}
+
+alertmanager {
+ silence-duration 3h
+}
+
+cache {
+ type memory
+ duration 12h
+ cleanup-interval 1h
+}
diff --git a/resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-fux.j2 b/resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-fux.j2
new file mode 100644
index 0000000..1e506a3
--- /dev/null
+++ b/resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-fux.j2
@@ -0,0 +1,48 @@
+base-url https://grafana.hamburg.ccc.de/ntfy-alertmanager-fux
+http-address :8011
+log-level info
+log-format text
+# When multiple alerts are grouped together by Alertmanager, they can either be sent
+# each on their own (single mode) or be kept together (multi mode)
+# Options: single, multi
+# Default: multi
+alert-mode single
+
+labels {
+ order "severity"
+
+ severity "critical" {
+ priority 4
+ tags "rotating_light"
+ }
+
+ severity "warning" {
+ priority 3
+ tags "warning"
+ }
+
+ severity "info" {
+ priority 1
+ }
+}
+
+resolved {
+ tags "white_check_mark,resolved"
+ priority 2
+}
+
+ntfy {
+ server https://ntfy.hamburg.ccc.de
+ topic fux-alertmanager
+ access-token {{ secret__ntfy_token }}
+}
+
+alertmanager {
+ silence-duration 3h
+}
+
+cache {
+ type memory
+ duration 12h
+ cleanup-interval 1h
+}
diff --git a/resources/chaosknoten/grafana/docker_compose/prometheus.yml b/resources/chaosknoten/grafana/docker_compose/prometheus.yml
index cf7f594..fd59034 100644
--- a/resources/chaosknoten/grafana/docker_compose/prometheus.yml
+++ b/resources/chaosknoten/grafana/docker_compose/prometheus.yml
@@ -1,12 +1,12 @@
global:
- scrape_interval: 15s
- scrape_timeout: 10s
- evaluation_interval: 15s
+ scrape_interval: 60s
+ scrape_timeout: 15s
+ evaluation_interval: 30s
alerting:
alertmanagers:
- scheme: http
- timeout: 10s
+ timeout: 15s
static_configs:
- targets:
- "alertmanager:9093"
@@ -22,6 +22,8 @@ scrape_configs:
static_configs:
- targets:
- localhost:9090
+ labels:
+ org: ccchh
- job_name: alertmanager
honor_timestamps: true
metrics_path: /metrics
@@ -29,6 +31,8 @@ scrape_configs:
static_configs:
- targets:
- alertmanager:9093
+ labels:
+ org: ccchh
- job_name: mumble
honor_timestamps: true
scrape_interval: 5s
@@ -38,6 +42,8 @@ scrape_configs:
static_configs:
- targets:
- mumble.hamburg.ccc.de:443
+ labels:
+ org: ccchh
- job_name: opnsense-ccchh
honor_timestamps: true
metrics_path: /metrics
@@ -45,6 +51,8 @@ scrape_configs:
static_configs:
- targets:
- 185.161.129.132:9100
+ labels:
+ org: ccchh
- job_name: jitsi
honor_timestamps: true
scrape_interval: 5s
@@ -54,10 +62,14 @@ scrape_configs:
static_configs:
- targets:
- jitsi.hamburg.ccc.de:9888 # Jitsi Video Bridge
+ labels:
+ org: ccchh
- job_name: 'pve'
static_configs:
- targets:
- 212.12.48.126 # chaosknoten
+ labels:
+ org: ccchh
metrics_path: /pve
params:
module: [ default ]
@@ -74,6 +86,7 @@ scrape_configs:
static_configs:
# Wieske Chaosknoten VMs
- labels:
+ org: ccchh
site: wieske
type: virtual_machine
hypervisor: chaosknoten
@@ -98,7 +111,13 @@ scrape_configs:
- zammad-intern.hamburg.ccc.de:9100
- pretalx-intern.hamburg.ccc.de:9100
- labels:
+ org: ccchh
site: wieske
type: physical_machine
targets:
- chaosknoten.hamburg.ccc.de:9100
+
+
+storage:
+ tsdb:
+ out_of_order_time_window: 90m
diff --git a/resources/chaosknoten/grafana/docker_compose/prometheus_alerts.rules.yaml b/resources/chaosknoten/grafana/docker_compose/prometheus_alerts.rules.yaml
index 5ec53b8..aa20a42 100644
--- a/resources/chaosknoten/grafana/docker_compose/prometheus_alerts.rules.yaml
+++ b/resources/chaosknoten/grafana/docker_compose/prometheus_alerts.rules.yaml
@@ -196,9 +196,9 @@ groups:
# Same rule using "node_filesystem_free_bytes" will fire when disk fills for non-root users.
- alert: HostDiskWillFillIn24Hours
expr: ((node_filesystem_avail_bytes * 100) / node_filesystem_size_bytes < 10 and ON (instance, device, mountpoint) predict_linear(node_filesystem_avail_bytes{fstype!~"tmpfs"}[1h], 24 * 3600) < 0 and ON (instance, device, mountpoint) node_filesystem_readonly == 0) * on(instance) group_left (nodename) node_uname_info{nodename=~".+"}
- for: 2m
+ for: 5m
labels:
- severity: warning
+ severity: critical
annotations:
summary: Host disk will fill in 24 hours (instance {{ $labels.instance }})
description: "Filesystem is predicted to run out of space within the next 24 hours at current write rate\n VALUE = {{ $value }}"
@@ -212,9 +212,9 @@ groups:
description: "Disk is almost running out of available inodes (< 10% left)\n VALUE = {{ $value }}"
- alert: HostInodesWillFillIn24Hours
expr: (node_filesystem_files_free{fstype!="msdosfs"} / node_filesystem_files{fstype!="msdosfs"} * 100 < 10 and predict_linear(node_filesystem_files_free{fstype!="msdosfs"}[1h], 24 * 3600) < 0 and ON (instance, device, mountpoint) node_filesystem_readonly{fstype!="msdosfs"} == 0) * on(instance) group_left (nodename) node_uname_info{nodename=~".+"}
- for: 2m
+ for: 5m
labels:
- severity: warning
+ severity: critical
annotations:
summary: Host inodes will fill in 24 hours (instance {{ $labels.instance }})
description: "Filesystem is predicted to run out of inodes within the next 24 hours at current write rate\n VALUE = {{ $value }}"
@@ -362,7 +362,7 @@ groups:
expr: (node_systemd_unit_state{state="failed"} == 1) * on(instance) group_left (nodename) node_uname_info{nodename=~".+"}
for: 0m
labels:
- severity: warning
+ severity: critical
annotations:
summary: Host systemd service crashed (instance {{ $labels.instance }})
description: "systemd service crashed\n VALUE = {{ $value }}"
@@ -438,6 +438,7 @@ groups:
for: 0m
labels:
severity: warning
+ org: ccchh
annotations:
summary: Prometheus too many restarts (instance {{ $labels.instance }})
description: "Prometheus has restarted more than twice in the last 15 minutes. It might be crashlooping.\n VALUE = {{ $value }}"
@@ -446,6 +447,7 @@ groups:
for: 0m
labels:
severity: warning
+ org: ccchh
annotations:
summary: Prometheus AlertManager job missing (instance {{ $labels.instance }})
description: "A Prometheus AlertManager job has disappeared\n VALUE = {{ $value }}"
@@ -454,6 +456,7 @@ groups:
for: 0m
labels:
severity: warning
+ org: ccchh
annotations:
summary: Prometheus AlertManager configuration reload failure (instance {{ $labels.instance }})
description: "AlertManager configuration reload error\n VALUE = {{ $value }}"
@@ -462,6 +465,7 @@ groups:
for: 0m
labels:
severity: warning
+ org: ccchh
annotations:
summary: Prometheus AlertManager config not synced (instance {{ $labels.instance }})
description: "Configurations of AlertManager cluster instances are out of sync\n VALUE = {{ $value }}"
@@ -479,6 +483,7 @@ groups:
for: 0m
labels:
severity: critical
+ org: ccchh
annotations:
summary: Prometheus not connected to alertmanager (instance {{ $labels.instance }})
description: "Prometheus cannot connect the alertmanager\n VALUE = {{ $value }}"
@@ -487,6 +492,7 @@ groups:
for: 0m
labels:
severity: critical
+ org: ccchh
annotations:
summary: Prometheus rule evaluation failures (instance {{ $labels.instance }})
description: "Prometheus encountered {{ $value }} rule evaluation failures, leading to potentially ignored alerts.\n VALUE = {{ $value }}"
@@ -495,6 +501,7 @@ groups:
for: 0m
labels:
severity: critical
+ org: ccchh
annotations:
summary: Prometheus template text expansion failures (instance {{ $labels.instance }})
description: "Prometheus encountered {{ $value }} template text expansion failures\n VALUE = {{ $value }}"
@@ -503,6 +510,7 @@ groups:
for: 5m
labels:
severity: warning
+ org: ccchh
annotations:
summary: Prometheus rule evaluation slow (instance {{ $labels.instance }})
description: "Prometheus rule evaluation took more time than the scheduled interval. It indicates a slower storage backend access or too complex query.\n VALUE = {{ $value }}"
@@ -519,6 +527,7 @@ groups:
for: 0m
labels:
severity: critical
+ org: ccchh
annotations:
summary: Prometheus AlertManager notification failing (instance {{ $labels.instance }})
description: "Alertmanager is failing sending notifications\n VALUE = {{ $value }}"
@@ -527,6 +536,7 @@ groups:
for: 0m
labels:
severity: critical
+ org: ccchh
annotations:
summary: Prometheus target empty (instance {{ $labels.instance }})
description: "Prometheus has no target in service discovery\n VALUE = {{ $value }}"
@@ -535,6 +545,7 @@ groups:
for: 5m
labels:
severity: warning
+ org: ccchh
annotations:
summary: Prometheus target scraping slow (instance {{ $labels.instance }})
description: "Prometheus is scraping exporters slowly since it exceeded the requested interval time. Your Prometheus server is under-provisioned.\n VALUE = {{ $value }}"
@@ -575,6 +586,7 @@ groups:
for: 0m
labels:
severity: critical
+ org: ccchh
annotations:
summary: Prometheus TSDB compactions failed (instance {{ $labels.instance }})
description: "Prometheus encountered {{ $value }} TSDB compactions failures\n VALUE = {{ $value }}"
@@ -583,6 +595,7 @@ groups:
for: 0m
labels:
severity: critical
+ org: ccchh
annotations:
summary: Prometheus TSDB head truncations failed (instance {{ $labels.instance }})
description: "Prometheus encountered {{ $value }} TSDB head truncation failures\n VALUE = {{ $value }}"
@@ -591,6 +604,7 @@ groups:
for: 0m
labels:
severity: critical
+ org: ccchh
annotations:
summary: Prometheus TSDB reload failures (instance {{ $labels.instance }})
description: "Prometheus encountered {{ $value }} TSDB reload failures\n VALUE = {{ $value }}"
@@ -599,6 +613,7 @@ groups:
for: 0m
labels:
severity: critical
+ org: ccchh
annotations:
summary: Prometheus TSDB WAL corruptions (instance {{ $labels.instance }})
description: "Prometheus encountered {{ $value }} TSDB WAL corruptions\n VALUE = {{ $value }}"
@@ -607,14 +622,16 @@ groups:
for: 0m
labels:
severity: critical
+ org: ccchh
annotations:
summary: Prometheus TSDB WAL truncations failed (instance {{ $labels.instance }})
description: "Prometheus encountered {{ $value }} TSDB WAL truncation failures\n VALUE = {{ $value }}"
- alert: PrometheusTimeseriesCardinality
- expr: label_replace(count by(__name__) ({__name__=~".+"}), "name", "$1", "__name__", "(.+)") > 10000
+ expr: label_replace(count by(__name__) ({__name__=~".+"}), "name", "$1", "__name__", "(.+)") > 20000
for: 0m
labels:
severity: warning
+ org: ccchh
annotations:
summary: Prometheus timeseries cardinality (instance {{ $labels.instance }})
description: "The \"{{ $labels.name }}\" timeseries cardinality is getting very high: {{ $value }}\n VALUE = {{ $value }}"
diff --git a/resources/chaosknoten/grafana/nginx/grafana.hamburg.ccc.de.conf b/resources/chaosknoten/grafana/nginx/grafana.hamburg.ccc.de.conf
index a3218d1..c5b68e1 100644
--- a/resources/chaosknoten/grafana/nginx/grafana.hamburg.ccc.de.conf
+++ b/resources/chaosknoten/grafana/nginx/grafana.hamburg.ccc.de.conf
@@ -2,7 +2,8 @@
# https://ssl-config.mozilla.org/#server=nginx&version=1.17.7&config=intermediate&openssl=1.1.1k&guideline=5.6
server {
# Listen on a custom port for the proxy protocol.
- listen 8443 ssl http2 proxy_protocol;
+ listen 8443 ssl proxy_protocol;
+ http2 on;
# Make use of the ngx_http_realip_module to set the $remote_addr and
# $remote_port to the client address and client port, when using proxy
# protocol.
@@ -40,4 +41,71 @@ server {
proxy_pass http://127.0.0.1:3000/;
}
+ location /ntfy-alertmanager-ccchh-critical/ {
+ deny all;
+ allow ::1/128;
+ allow 127.0.0.1/32;
+ # Wieske
+ allow 172.31.17.128/25;
+ allow 212.12.51.128/28;
+ allow 2a00:14b0:42:100::/56; #Neues v6 gerouted via neuem Router
+ allow 2a00:14b0:4200:3000::/64; #Bei Wieske
+ allow 2a00:14b0:4200:3380::/64;
+ allow 2a00:14b0:f000:23::/64; #CCCHH v6 bei Wieske, geroutet über turing
+ # Z9
+ allow 2a07:c480:0:100::/56;
+ allow 2a07:c481:1::/48;
+ proxy_pass http://127.0.0.1:8000/;
+ }
+
+ location /ntfy-alertmanager-ccchh/ {
+ deny all;
+ allow ::1/128;
+ allow 127.0.0.1/32;
+ # Wieske
+ allow 172.31.17.128/25;
+ allow 212.12.51.128/28;
+ allow 2a00:14b0:42:100::/56; #Neues v6 gerouted via neuem Router
+ allow 2a00:14b0:4200:3000::/64; #Bei Wieske
+ allow 2a00:14b0:4200:3380::/64;
+ allow 2a00:14b0:f000:23::/64; #CCCHH v6 bei Wieske, geroutet über turing
+ # Z9
+ allow 2a07:c480:0:100::/56;
+ allow 2a07:c481:1::/48;
+ proxy_pass http://127.0.0.1:8010/;
+ }
+
+ location /ntfy-alertmanager-fux-critical/ {
+ deny all;
+ allow ::1/128;
+ allow 127.0.0.1/32;
+ # Wieske
+ allow 172.31.17.128/25;
+ allow 212.12.51.128/28;
+ allow 2a00:14b0:42:100::/56; #Neues v6 gerouted via neuem Router
+ allow 2a00:14b0:4200:3000::/64; #Bei Wieske
+ allow 2a00:14b0:4200:3380::/64;
+ allow 2a00:14b0:f000:23::/64; #CCCHH v6 bei Wieske, geroutet über turing
+ # Z9
+ allow 2a07:c480:0:100::/56;
+ allow 2a07:c481:1::/48;
+ proxy_pass http://127.0.0.1:8001/;
+ }
+
+ location /ntfy-alertmanager-fux/ {
+ deny all;
+ allow ::1/128;
+ allow 127.0.0.1/32;
+ # Wieske
+ allow 172.31.17.128/25;
+ allow 212.12.51.128/28;
+ allow 2a00:14b0:42:100::/56; #Neues v6 gerouted via neuem Router
+ allow 2a00:14b0:4200:3000::/64; #Bei Wieske
+ allow 2a00:14b0:4200:3380::/64;
+ allow 2a00:14b0:f000:23::/64; #CCCHH v6 bei Wieske, geroutet über turing
+ # Z9
+ allow 2a07:c480:0:100::/56;
+ allow 2a07:c481:1::/48;
+ proxy_pass http://127.0.0.1:8011/;
+ }
}
diff --git a/resources/chaosknoten/grafana/nginx/loki.hamburg.ccc.de.conf b/resources/chaosknoten/grafana/nginx/loki.hamburg.ccc.de.conf
index 31fb2a8..e2bf4a7 100644
--- a/resources/chaosknoten/grafana/nginx/loki.hamburg.ccc.de.conf
+++ b/resources/chaosknoten/grafana/nginx/loki.hamburg.ccc.de.conf
@@ -6,18 +6,22 @@ server {
allow 212.12.51.128/28;
allow 2a00:14b0:42:100::/56; #Neues v6 gerouted via neuem Router
allow 2a00:14b0:4200:3000::/64; #Bei Wieske
+ allow 2a00:14b0:4200:3380::/64;
allow 2a00:14b0:f000:23::/64; #CCCHH v6 bei Wieske, geroutet über turing
# Z9
allow 2a07:c480:0:100::/56;
allow 2a07:c481:1::/48;
-
+
deny all;
+ server_name loki.hamburg.ccc.de;
+
listen [::]:50051 ssl;
listen 172.31.17.145:50051 ssl;
+
http2 on;
- server_name loki.hamburg.ccc.de;
+ client_body_buffer_size 512k;
ssl_certificate /etc/letsencrypt/live/loki.hamburg.ccc.de/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/loki.hamburg.ccc.de/privkey.pem;
@@ -45,17 +49,21 @@ server {
allow 212.12.51.128/28;
allow 2a00:14b0:42:100::/56; #Neues v6 gerouted via neuem Router
allow 2a00:14b0:4200:3000::/64; #Bei Wieske
+ allow 2a00:14b0:4200:3380::/64;
allow 2a00:14b0:f000:23::/64; #CCCHH v6 bei Wieske, geroutet über turing
# Z9
allow 2a07:c480:0:100::/56;
allow 2a07:c481:1::/48;
deny all;
+ server_name loki.hamburg.ccc.de;
+
listen [::]:443 ssl;
listen 172.31.17.145:443 ssl;
+
http2 on;
- server_name loki.hamburg.ccc.de;
+ client_body_buffer_size 512k;
ssl_certificate /etc/letsencrypt/live/loki.hamburg.ccc.de/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/loki.hamburg.ccc.de/privkey.pem;
diff --git a/resources/chaosknoten/grafana/nginx/loki.htpasswd.j2 b/resources/chaosknoten/grafana/nginx/loki.htpasswd.j2
index 0b887fa..ed270c2 100644
--- a/resources/chaosknoten/grafana/nginx/loki.htpasswd.j2
+++ b/resources/chaosknoten/grafana/nginx/loki.htpasswd.j2
@@ -1 +1 @@
-chaos:{{ lookup("community.sops.sops", "resources/chaosknoten/grafana/secrets.yaml", extract="['loki_chaos_basic_auth']") }}
+chaos:{{ secret__loki_chaos_basic_auth }}
diff --git a/resources/chaosknoten/grafana/nginx/metrics.hamburg.ccc.de.conf b/resources/chaosknoten/grafana/nginx/metrics.hamburg.ccc.de.conf
index 17843c4..2c52523 100644
--- a/resources/chaosknoten/grafana/nginx/metrics.hamburg.ccc.de.conf
+++ b/resources/chaosknoten/grafana/nginx/metrics.hamburg.ccc.de.conf
@@ -6,6 +6,7 @@ server {
allow 212.12.51.128/28;
allow 2a00:14b0:42:100::/56; #Neues v6 gerouted via neuem Router
allow 2a00:14b0:4200:3000::/64; #Bei Wieske
+ allow 2a00:14b0:4200:3380::/64;
allow 2a00:14b0:f000:23::/64; #CCCHH v6 bei Wieske, geroutet über turing
# Z9
allow 2a07:c480:0:100::/56;
@@ -14,13 +15,13 @@ server {
allow 2a07:c481:0:1::/64;
deny all;
+ server_name metrics.hamburg.ccc.de;
+
listen [::]:443 ssl;
listen 172.31.17.145:443 ssl;
http2 on;
- server_name metrics.hamburg.ccc.de;
-
- client_body_buffer_size 32k;
+ client_body_buffer_size 512k;
ssl_certificate /etc/letsencrypt/live/metrics.hamburg.ccc.de/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/metrics.hamburg.ccc.de/privkey.pem;
diff --git a/resources/chaosknoten/grafana/nginx/metrics.htpasswd.j2 b/resources/chaosknoten/grafana/nginx/metrics.htpasswd.j2
index 4a1f150..f680572 100644
--- a/resources/chaosknoten/grafana/nginx/metrics.htpasswd.j2
+++ b/resources/chaosknoten/grafana/nginx/metrics.htpasswd.j2
@@ -1,2 +1,2 @@
-chaos:{{ lookup("community.sops.sops", "resources/chaosknoten/grafana/secrets.yaml", extract="['metrics_chaos_basic_auth']") }}
-fux:{{ lookup("community.sops.sops", "resources/chaosknoten/grafana/secrets.yaml", extract="['metrics_fux_basic_auth']") }}
+chaos:{{ secret__metrics_chaos_basic_auth }}
+fux:{{ secret__metrics_fux_basic_auth }}
diff --git a/resources/chaosknoten/grafana/secrets.yaml b/resources/chaosknoten/grafana/secrets.yaml
deleted file mode 100644
index 4c8b251..0000000
--- a/resources/chaosknoten/grafana/secrets.yaml
+++ /dev/null
@@ -1,245 +0,0 @@
-KEYCLOAK_SECRET: ENC[AES256_GCM,data:NIj8QlKUAQRR2/d261B/Dw0kUBRhK02Yu+exEK6Wa2Q=,iv:yku1vV7OMZM+Nu+p0ARLhBJaONmar/bMLPJ4B5M0ZyE=,tag:J86R36s3oNjPJmDSAU5i0A==,type:str]
-GF_SECURITY_ADMIN_PASSWORD: ENC[AES256_GCM,data:xua/P7Bf/KWaZA8WPz/nZra+L5nGdlnS,iv:QLvhdFqCirvilYk3MLJWThZ1R29HBoMirjxJGQj2UU8=,tag:vOFCPn25/4cAT2p1GLnJ+A==,type:str]
-prometheus-exporter: ENC[AES256_GCM,data:zQfc9NwHSLnJCDjnS+gGTjxXkEUaim2Pusv48QydYe6sErjRrw35bEfZyNlP+SyffPNY1gD90riuuM/QjIUIsw==,iv:TG41lDK0evzMU66A/rhXLCjSysbTpP4NrzEvKGznQzE=,tag:pIGNSG/ZbTFgdgb5YATwqw==,type:str]
-alertmanager_telegram_bot_token: ENC[AES256_GCM,data:MzTEoeTyd6lCw9oFgje6CWnSk9G9LNJ5CE81VxvflAVQgqsDAGT6VFJxDKa2Ew==,iv:VbP3xie4MF80Hq1C3RadRAmmamtHewhKUwT7uHTPtKk=,tag:usAfPWVU/OCz+eEUOezWyg==,type:str]
-loki_chaos: ENC[AES256_GCM,data:kZP2qoY6u1VpVgXejCOksxJwbcCl71Ou7LzRR//n,iv:TPHrRnUemVWkuijsKzI68hnV9j9YuoalBZ0s+2g4LW8=,tag:7XvjRfpWiBptx5ZIOEblEg==,type:str]
-loki_chaos_basic_auth: ENC[AES256_GCM,data:O81XiVhZUFw5MelQYeU2DGmYW5h4kK05ZzqM1l8OVQhMSuX3Xw==,iv:blfCQcFNl70SxdgR7QWKp2kGls2tZlrq1BPmwu81cXM=,tag:ytQVh3yicsPlEHgmCKwqvA==,type:str]
-metrics_chaos: ENC[AES256_GCM,data:B+T5cql7i4vrXzn0pWzExTZcXTGewGDGap17c6so,iv:0QVxT82KKBZ6rV7PbiH+umAA7fWSHfWlN7aMCGbljOg=,tag:joJagfmPa4rePrtm7DWwTw==,type:str]
-metrics_chaos_basic_auth: ENC[AES256_GCM,data:p7B1UsHexLQwI3QDNOHXthhkioahtbtHbhb22yz9zo4aCTp1BQ==,iv:uwvHdzZGifVj/WHFNAvR2uEvYpX1T6joIMVMqzW0Vzk=,tag:6PB0n/Lu529hkOuJtfms4g==,type:str]
-metrics_fux: ENC[AES256_GCM,data:/bpIyeW1zCMOXHSbS7cFllrZbHh+3+QSp/oU79kn,iv:ylcXL3Rq+oATWlspfj25qhRA1HHmjXGYwBaQAcBMeR4=,tag:og8Yqp5ylgvoEpvACLOF7w==,type:str]
-metrics_fux_basic_auth: ENC[AES256_GCM,data:YqIxyr1TPWiwV7R5q/9o4hJliePmU/+OZpKD47SzjpOltdTC7Q==,iv:BVjXxEAfkJHM1JvP78rN/PUeLRUyDMR6zVmsqDhmi2A=,tag:4+LGGeJ3oDuUhA9lNFZ3yQ==,type:str]
-sops:
- kms: []
- gcp_kms: []
- azure_kv: []
- hc_vault: []
- age: []
- lastmodified: "2025-05-03T20:17:48Z"
- mac: ENC[AES256_GCM,data:h2+Y5NjBoscFdp4rcSSkm0s2UMsDnjr5P9kPXcLgaGa8BG+7uEILZuCl3Tb60CnqmWeXXT6OxJsouMIN6JkoOUieZRkqXe5+6PHZ0HthO99JZtz1cyb5ERhB2Sco5gv7ik+Q8i9qRX+YWh2zIpMq68lmKxJUuc0p++n6DAAHRps=,iv:SQS8szYbDwMTxltfhS9zkHnA0rXOtgcsst1sPEMFxGA=,tag:fLRLTOvkBFbmTlR7o0wBAw==,type:str]
- pgp:
- - created_at: "2025-05-03T20:00:01Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAxK/JaB2/SdtAQ/+NUs4UDPZQjMo1H936WFcQnvwwvzL6+DHzkh/K2p880VT
- 7Crk0krfa6raPhWqLAwLxzscnTOd5U5TR50aCK9weRdHwkr8eNcfnFx5GvnRXzun
- i/IL+/7QErhSRDJTIuZ/dR2/vRqvaxysybDOI7TQkQCuJjOtti6X0oY7wyT2k67z
- opmt5CKkL7f0GRDWrv6Ej8LOB66EG2L4IvzwCegg2ASHSYVkZUSDKa81DXptdOGT
- 9c5ekOMBRYK/YSq3N1XLW8bqMg6/4de0es75oqtlTItVzd1muni6DmGnBxL94kM4
- KnCLrlWE5/zA3MAG6Lgrcypf/7/5VB3fcs+0cEj9/0Is+hlr7gUIoNM7BHy42D8Q
- Z+Cg4LJIyD5p+no+wPI0EO5ROEJh7FkhxrDrwqvyJy2R6MB9qy7DtR1zze9fuy2N
- FvWL/nk2gjyLYNc0Q9qt/FBPOJY53e2CwsL6zS42TZScBPC6klQlaQ0BbcrID/Ng
- YxG+LquoWdOerMTZdm6Npkhw9hh8HMhIb8MRq0k5TrRlm6MXexfZaaMA3WAvbJJP
- E5T6N+1cvEqaGOpjDG0+OXqaZbGXqLFYTHQnyl7Roq1CITr1yuZzU6vo35cTepeI
- saBIkHb64QhzBjYNYV8+aUZMEjc4HD2ey4xQRFoJoW7diT4ZamlgbV145CYTBJHU
- ZgEJAhCWWrfjM8xeLQQu+6h3UYAlDmMwMky7Ri1twkhenm/Ck/M9Jpcp79Jjb1MW
- TYnVVV9yoN7C/WFuXfYHMd6QwOvH1xX/98vRn+77XxlGfson4dzLC8ydqzKqoqzZ
- PvIYE0B48g==
- =s8Mq
- -----END PGP MESSAGE-----
- fp: EF643F59E008414882232C78FFA8331EEB7D6B70
- - created_at: "2025-05-03T20:00:01Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA6EyPtWBEI+2AQ/8ChGGTFU4krb99SLaEVmQ5cFb0GA+YzDuN/+c0vsobq+g
- LfyU/XiUHpJFdc/bBVzipjLQPPlEw42kd0kswOMb9zTbG6ytJzPGMMqEzIy1ID6y
- lC/q3DHgjWQtYFndjs13rQxRkbN3xKPP+07VzZGXt2896j/xL3XSm5TXujpqIIJy
- erS0BsbYFlAT/qdJdFkoqJa7c6j4/kGMMgl6rUpHovIOzBLWE+exnef+eOdzJdS1
- Kk/3wdzx7mItjQ/eGgs7HnyD/hfPCRzyRnoOEvKLS2MTLL5hhtVEWI6E47HxsdKF
- z/IHE9JAYtfXB9WlAU1+v6qVRTY2YbKqhJvoMEWUQyjWlPV5zQC4H4fyeYCpEL7/
- 98UEY2lkCXfkxQNFRy6gTnuVZXfiu9V3ba4rdN13F2RZ2f/051jzo4HASWIHGQGU
- zxp0T2x/7g9bradsnAiZSAa2iS7T9F5qtKHwxgfQLnhZ7/w33tZxmnGhG3M4O21A
- wQgm1DZprEK92jMxMkjmY+cPad8Kp9ptuFp9sX5sGwwTaYcCWAkycphKwHuT7HYY
- K2HvzAKEc1Ga/vLpb5HGVNuB7yntVFWAoN41A+zIhn9z6/qiPZms8oXw948CD8xT
- RIb8Mkwtx3tQdNozkmT5NMM1NwsnndF5GmbKWgcc0pchQ/CGHqPLaiigWf+4qnTS
- XAF9EMkanZWyLb3+NyQAZed04fi8GOqpaPRdPCHwxNG+LGdLqtfMYpk9rdkqMtVP
- Z9oSJ5txuFXFRPhqpQBgQLC/DPOXT3Lz87FWoGjqL4OZEPqsHsFGfBt01PCy
- =FnWf
- -----END PGP MESSAGE-----
- fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
- - created_at: "2025-05-03T20:00:01Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAz5uSgHG2iMJAQ/+PPlENzEAwKPC+u7UaUgRDnPRoOK21hcS/LVEsO7MqWus
- b0d7qVT1hoCmsHRI3kQu9B5p9obZ3Ci/gsaocZXNIoXNadTmKlTlEWjXdK84e2SE
- /kLTfpJMdb7H+h0TjsE/trnzZhUCyBt5mRYNCYmhxRfoLtjyw58YA5aRXsGkaJJ/
- FbZPiSxIYlCdC/Ptih50ONYtmt5YXkILGF2Zc1bAPVkToB3XvLP110eeTYqDahLk
- 1iAGCYJ938O53PACbU8wkocxHvYgkPkY7wN5WM6LgUTqHTgmCTrnTm6tnfLi7dMB
- UxZPrVW84t8afdipC1xsHlZXr+XeUG2ogHs5OLDscZCNE2YLTtacuW7Xain54A5r
- E8F5FVqmv8o5huyqiff6SFxqqXCPdQSI3aDwBtRJh8MwGzNBKTd/KQQVThNT3PDX
- km2V9Fq2MoIoKYqJkX/Qy3e8weqY+mBNXFEDlDr3lyRSFT+R5WSXH5WPr3hYcGHW
- OtRgJTTrlrFfRA8RVlkk5oPg7ZjtQg+Xw4zGC9kxTXk2uEvMxEZke+wtHWUYIHlT
- mxtWLGjQIh4OPOwqlz9eM+4DiSrru26OUiXZu/KzMXpGyfYqhqPqRKrpfQyVzc2N
- AYv0deluEZY5FiqaCd+Xn5ywC16SNxDG0uIjsWJlUNzuYVMlVW2F+bQJR2I7tZ/S
- XAG9XxQXz5+sy089kn9m15woYfvSCvf+GAJl5df5FTnenjZyS/cuC9L71eTtPRpQ
- EWdwJWVk24uZ7ZXhimnexkTQ+p1HNLCNJ45orLd0kHYYi3aCmQKOINOIFqga
- =mRPc
- -----END PGP MESSAGE-----
- fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
- - created_at: "2025-05-03T20:00:01Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAw5vwmoEJHQ1AQ/+KFwDbiXnhzYszP8By69MKyfWqmLbLW5V2yNxY1Lb7wVp
- kzRXZmrRmQ5cTmo8UcPn7+V0EWTv10RvrBc1wEsSNDRhszAvPBdhiGH9QeqI+R1M
- t7ohFuTKtNEgg1fEJv0mHF2Dl7pg/nDEs2xYhGFLa6gHQH+rNKDEAX2Wr/JlFPIf
- Zn+uOx2GtkfZHQs3vQ088mhfvMaIrSMozEDnFHKSuc4ZDh7Uo8+tfeSyG6HFa/oT
- t4k6xt/0MpHEvyEStdlR8lcF69o82DHEBI1IFSR1tu+80X10LT6cptI37H7Jo3vp
- eLU7I+BDHKX1T/LEF702wabm0H7A3eaE3RLn8LIM3TF7KAW/286TQ6aSA4KHRMpO
- Y4cGLkLuQsg/HQaeAYLepJS9qOS68xLyHFSUxKK9oLgr77WvTWt8kJC2TwRKTSeA
- hrBDuPeymU/0ljub96YXBvA27QgeGQxyAII2rBDxlrlvoiLgbEdF9LzzN3/l2oXS
- +GTOv/odiMshSXZtjZLC1bSjRlhepmXOX/rc6sIBfbFU+4s+sQvQiIrugqo/bZZS
- cmHT5SbRLlknTLTMibu3iJYVLgyK1148PeFimheS/xYIiMJ8a0zXMAVVJa7Iw7je
- sj8Jglvj4Jyerx0EHXIBbXaZ0tmIM0colGDt3WyMhZ786Wsaf8Tm2vg4+vXofdzS
- XAHAUO60LHQdnyFNMMICfhSZBCewnzGsaf4XDtbhoC4MH4KMboRfr3Lj6yPHSxAL
- htSlOKwHJ1mtKV/j3aXFr2ckSIjBk0O7qe+NhjgWyn/ei2auMzUAYh/gpMKg
- =cR1r
- -----END PGP MESSAGE-----
- fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
- - created_at: "2025-05-03T20:00:01Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA4HMJd/cQYrVAQ/8DJhCD5zkRdM4yyl5uIZV2k7WdA+aTCtGR4+lR6aKKib1
- jNnzIT4C1tBevolfv1Qm9h0/dTvre9DmhuQzKv0/T83h4NzWVQj+U/0xDuGuydJ2
- NGKwWP2svKf0pF6LcCfsmCIjfENgjpMvp65wDfQlHYCP1VcyRcKINRTVYHSX8bGH
- LUkMiW7zy5gnV1PWl9oRsIG/lVGvVB5uKxv6LAPj4wFAEN+fIr2x8uBH1DY2UFyI
- A3gfuSvKFmcV3c6nfmhQh5ywxIU0oguuwZOs8zK9nx81RmmiJvf8VXusGtZH4Hfq
- Gx0GbpzoMZBmKxgiOQ+0HwV0UT2upEIYPnKb5sZyaLwmxnKW7FPxTwo6vN8QzJjy
- Ep61YFv3Sy09RccmGHJsr/FcDdfP4W7S1gIJqO9RgFcC3pJh1CZvoc3+NigsoyeB
- MjRBQLA8eoO9AEvH5RMtiGyJPl/vPrc2WlVBy3TaRznJIdUo+WuoUvaW+QvWdulW
- F4XXosgoaeyw+AYSA0nEV0qR3YZXNkJY/+r/mZGfi0SIEccztlq/BPtpMDgzxYjG
- mj5GvT6Xg4q0F8RRfZLCqQ7yRhFBIsR6+BIJulZj35FELF5oFAvB7fxdZ2gHChWs
- fg6kTRI4QcTBLLkoWHUCgrpEw2+O2UXQRSZZaiYmhCb3eynShBPGbWPpbXAPKmXS
- XAGFafpworKosNggfs3piWGs2b7MV83tz5uf7e9QPGs+c43JXICuQS00I8Hgnwzj
- ybdbM1m9bHvKucH2eWU9Ks9yPreeIbCsQ8MlSX4RyIDcECW9eFl8rtfqC6LF
- =h99J
- -----END PGP MESSAGE-----
- fp: 91213ABAA73B0B73D3C02B5B4E5F372D17BBE67C
- - created_at: "2025-05-03T20:00:01Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAxjNhCKPP69fAQ/9EkRT4O3pmCq11RH/doz7eqabPGWwSY9mpwNZJVjdP4Op
- +3zzTeNAu7+Yr62g5LhkC/uTu5y4BCFHHuuRdevLtwFJ7H7avACQF3hK/bM5rjN1
- MsdnkhtNpyvBKV+RaE78Ji3/AuguEBenwLhwadwFWuUItSfmAuaLKTQsotDZFzh/
- VroiTqtoLV5AxYTluNoWK3+N0TG/z5nMg1Ui5DiWlwJ3Tgg36SxqogF3LKXAqZVJ
- 5X7TLSivxptgmugZjua93iqyBCyNlktj/dNrqd0/YIg6xsznNcKsN23jQgQw2Ku0
- BcdO/WgV42hntzEo99iPn67B3S0O82H2MKno7AsQ9fZ9UjznQ712S547656PHYAq
- gSCSolaI5piDDPLPrp78jm4MTIsnfngaslyPK4WzOIkq0d0kPA8LGwhtuIM4mEgs
- Wu33Ir9N2yeDAE2MnJ7ySv9fSs1SJenw9jijRywCgy/vDvQaMa2czp/kqflhW43u
- HcVrW0Tc3FHz8nIkDya0QXrSt1fj3eLREhNinbr+G63uBl5UCLcvh9e3sxtAgSZu
- XtHi/krLkAS0r0rv29y6ap6adtY0VloBgOxZhTYPu66Pha5werFAeOGdXX/ONdTC
- ql5KDMMEa218/ORRDLeexmR2PrrLgsDp4NTtiUw3GnYDN2iDO5e9xEBtRiWAgiHS
- XAFuGmfCQyTR5qXCFT+ZCa6eKL9XoOlSa4cbef4HrHCyLV86BSS2eLQ3/kr09RGw
- 6AwV0PJAKhtCSk1F4OywOnJJXyrk3uM3hcFKs/+ciwuK4qVi1YdKocuzwbXN
- =cvH2
- -----END PGP MESSAGE-----
- fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
- - created_at: "2025-05-03T20:00:01Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA1Hthzn+T1OoAQ/+KXpJutmLY2Kkf2DhxAaq+/vuIhlT/pNAb4xbzzhcOvqF
- Kv6r/y4qj/I7Q3QTbSX9cnvYoRDnnBA6WTAKCs0Q2SWOK//zT3IZ7cl+hHaVcIK1
- SFcog5hwPOyOe1RJaP4tQzj3Ja8G/UxA0DbtSIAkZ0srDcv1nm8+JXMiw5iJkQ+0
- AZvmTIwDsGqmWWAN5Q3sl5eJE5qwFqRUrRVc4xCNwYLUYG+8iinFvBI+0Bn2+yNs
- JnMeFDJaatmSZUv5qVUpYZ8dX3OhPhSYzRbmiDKr3vGsKtl3l2BGE1CUoXQvctDr
- YKWvl2aI9gP1u6T04yAuZBnaX2UwWq/pMvlVghQOfBvJv2R7ScN8fAn8RM6PYaGz
- HSAP5Iit+45/i7GtPpBAB0Oqd+6gtfF67ujMWDB73AFRt0uKpLnwQnYbs5m9YJQT
- Pgq1YWeH3hA0amlseuf8AZjkZJr/IqBhGvYD6zm90nWTbZHMrcKDSlL2D0QwOuas
- u4SEwpDPzanXyGF2wRAm134ClYljFwLAjoVuk2v8BEtlXNCz7bcRuFVkHLHsFGGF
- kczStk9y5BUn3Gwl9IvypO0dfsRYBYWdiu/GnZptiFyJ+m64mFb2cUdu+FoiQcyj
- fgz4eWg6FxPWdwc737IisbFCfo5qdR1tfiusPuiMMFgpuV0rlAkIme9QqtYhZSfS
- XAGLUKC0wQ3nwlXoV5P4ixjH5wFwkUnUJjnYMA3y+CxWks83LkXW0SqDPTTIuUcs
- GYaC2uxr60JFJqeGz0PG6Ul4AJX0iXCrzRaA5tLRFH++esQr1SUYuExSOuvl
- =jQg1
- -----END PGP MESSAGE-----
- fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
- - created_at: "2025-05-03T20:00:01Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA46L6MuPqfJqAQ//fVJ+MdZXrxj9XTS0zIjnms1IjdrvQSe1KDQPAM+4v8Ef
- d+8oE9uKBOiPvkfLK9X/soM2LVi5knOcjFIVe60/Gy+/RBLGeemga9lJ8YP3O2h5
- bKlErkYTufXW4V8ieXciAcbK9D4Eh1UOt/MnAMy3YgQwh5x6uNTvHjhNPk5JJt+R
- gsL8pZ86bbSfyXLnR/j3eO5m/vUfE9j21rHrsB0Krj1McWjCzuvNg5zsmyzs807j
- ysqyj2XLBiK2T3+86OV0fCjcZ/padeNE8y4nVgpIqTu+nPk+qwsUYRwBdPtNgxmx
- ApRPiw+6VdOIWasd/OVG8aPnQPgFfOyqfzof1RsTiYmixR6hnGZj0skCCkrcl85k
- vPZECREW/X70Q4jCJd65Ca2vfHwukVgsqRjkwfIatvE+qOv408NJFIFArwwdWPa8
- SQmia0U+/ESbQOGY5jvGOLWrYaGwPm/t/LPDaJbEp23DmYtAiK9hGG7IQIpG9+cO
- l3Edtxki1mE/wAnhQcZC6aSYHPrT2v52kACiV5V4CB3kZR/anqho1Diaj874N/IT
- g5w/CiFysOAb9RKydWTSPCSPjDJRGtvhjeZAyee7ejl7ArJbsoZ1t4+gDaijIOGF
- v59+SJ96DccwjWjAHL1M6jxwn69+clcfRNnBTdTJIHqllppa63YYiVxjCp8yflPS
- XAEbxPZ7/dxDXMmq0StTPn1hxeZgLcipx1NoPLzRSniZp8/WzeG13lOb7RzRZOyo
- sWU4rT7OZuhvT4dxDsOcnMdfZLp552ipWUXjXfBYQrW/0ct3fGoQfixuepiR
- =kUQT
- -----END PGP MESSAGE-----
- fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
- - created_at: "2025-05-03T20:00:01Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA4EEKdYEzV0pAQ//Rods7PGeRCDf4YLwRBNPQFfz67K8es53RmWZ9oCKiLyA
- gt9cHF4JeMgKMX20LtF6VUFtJjT1SjkVpw9z6ZDkVMj0BjZ3OPH43mQDkeWxHuwD
- /CIkvStntx3Yn7vruz/PT8H7Jhfj9oOnaS5pgHCbqmadq/k6qE886DXOXAeq3R7e
- MO7/3VjsSbdldfJHXVvmsfeJUdwGkXjJUCiKjnpY7ZmQeSqmDjKHOKYlhseowCNl
- AOK7Nfq6MhyQBlN9FQh0JAkG0cBYW4sR3zvoZCbxMY7siHH8UkLPzltSTFYUW90P
- YWdyjr1hPJkxUTWvq62EwM8vDuUFKwaJaGAEk91IgqIu0d1d30cR5UxJB0DOoQVb
- sHUD84+zTrQuEwDixgK3XZYBW78WFM1vUCHNcA942E/hEQkjTz4zaLB8sPh5wAV9
- RME8CNcqXAecjCtQu1SHWUY0V2jYfeDkxvvfjuscvFpyobwiKb6cFKDshygHYa83
- 5lwJNmwaLfkZbyN0yOh+sHl/RotpVgP9UcP2/+zLW1wGb+EP91VUe+cxo+nrtNaA
- xjS8u7yjx5jTdxb5k1vPfaWLAGQwjowhN2z2ht741pYJHp8yGGaQNblyTOm0YAi3
- 6Qznaog128dupKKfl33aPttfCATcS6EZGSwFogS70GFWXTPKu+I2EleUjgi9AQfS
- XAF+kDjRMiR1IiKQkcVichkKo09P+2rBD0puo17nE4v1DPeu67f0UgElY/dcmHuD
- anxTlCt1Lspqf0G1EjypDIlHtVgUjPpsudFOSSd8QqUjHGUMwEW4CXaD2d2B
- =EZSN
- -----END PGP MESSAGE-----
- fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
- - created_at: "2025-05-03T20:00:01Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DQrf1tCqiJxoSAQdAzl/SXf4vnc/vpZMYZVjV9EkRUIs4G+11iAUGFgTMoG8w
- Xnq/dLi59VpKcXwBp6+NQy+OchDRNfVwxcRDUBpetOwidt1D4K9CDrEt9vFDyCJx
- 0lwB/fJHu88keeS7s9jD2nNwGeCuZvdlnIvgag82BnGkd5zYPYnjA0lbeUXywuaa
- R17Y5caW+N4lslwxnp6UDLzQWJGl9HcRwK5kbxRH6HaYkU6CyFL5EOKs7w88dw==
- =HvK0
- -----END PGP MESSAGE-----
- fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
- - created_at: "2025-05-03T20:00:01Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DzAGzViGx4qcSAQdA4zyupzL6dLotZwQQC/AZ2vklAGwbpaVu9XgH9H4WH3gw
- SG74mn/Ze5YJYR1dOfEKmk2/mFZD354v38nf1N9NdeTpRT+3NVXy8EYHu7pGNHy+
- 0lYBT0Bm2ZFxURsAbGtduD7SUR/Z7cbq4ZouG3Q3ZOvOLoIHDcsAohfr45vvqa+l
- Yf2JvBgpgietM7OP6KBJIrAmfZnMlHKKcMDvvGO87BcOQl6qgjiqkQ==
- =tZvL
- -----END PGP MESSAGE-----
- fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
- - created_at: "2025-05-03T20:00:01Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA2pVdGTIrZI+AQ//eNA2kWh8DCMa4Eed7zagOMM1MSmCbX11NYtqOWEaN1mL
- dDSNwONujGgLDJWJIWOvD38iJ13ZOr/R469n+Q0yFlSj5M9ARfXtaXgSB4vNkOWK
- OpPZZJUo0rC0LA6qLke9ZV9McbaGGgfUrAtDd9CwO95h9LGD/i4GoHiwSbOz9PZr
- V6jZU0AWr0vVL8jjdRWoZ4U/C0NqngxBPqaZPcmwdRQoP2P2gP+yt5cbULYrk64+
- R9WL+m0zZaIp+fhZjZBDzgBb0//FxdMA5KyhX5sMn8gkxwjV5+at2roqwFkawnjV
- lRgVrKWr/wo6L2rnqp2X2VuuU84EnxSw+jOWpc8Q1HNIlwKte1dfp7QigtEjqEI6
- z120khHBydlyqel5kOwFqr/Mrem87IUjzqAJdxn/UHolEMoLpVXQofqNYIwXUAWd
- iEuAcGIXXVwtK9GMBhDbM1RbGc1ELvwjllg3Cs2cFzKHhAcFV8wuNufwZqBd8eo7
- B5kY0DkdJseV81BauaqecRnTPQok8ELXZLQ0+YkDfrTWUu26oPz7kSNXOeYby6m9
- qkczZg/qiyxi0BnO/QLasUPfG9N83zessGfwPw+t5AsIhHbHSM4JdfzQObHDgSBf
- QGiso8QjBmcLVnToBIIZriYqM7svtoykY3Zrh58MAl4/Yb/fNNHvB8TyBmP5PCbU
- ZgEJAhD0xdSQDsPzXxaIeFEiHOey3p9eP78OwwgQxo/RzAHw+4FsT0w8ncQc34M0
- xaJTV3Fl6rfqCjEghRPT93AhLR8EU8gsPGf24qFImOBtYJoDmixMkjaR+jC+pE1C
- Icw7BRUf2g==
- =v352
- -----END PGP MESSAGE-----
- fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
- unencrypted_suffix: _unencrypted
- version: 3.9.4
diff --git a/resources/chaosknoten/keycloak/docker_compose/compose.yaml.j2 b/resources/chaosknoten/keycloak/docker_compose/compose.yaml.j2
index 366e94e..227db64 100644
--- a/resources/chaosknoten/keycloak/docker_compose/compose.yaml.j2
+++ b/resources/chaosknoten/keycloak/docker_compose/compose.yaml.j2
@@ -22,7 +22,7 @@
services:
keycloak:
- image: git.hamburg.ccc.de/ccchh/oci-images/keycloak:26.1
+ image: git.hamburg.ccc.de/ccchh/oci-images/keycloak:26.2
pull_policy: always
restart: unless-stopped
command: start --optimized
@@ -32,11 +32,11 @@ services:
- keycloak
environment:
KEYCLOAK_ADMIN: admin
- KEYCLOAK_ADMIN_PASSWORD: {{ lookup("community.sops.sops", "resources/chaosknoten/keycloak/secrets.yaml", extract="['KEYCLOAK_ADMIN_PASSWORD']") }}
+ KEYCLOAK_ADMIN_PASSWORD: {{ secret__keycloak_admin_password }}
KC_DB: postgres
KC_DB_URL_HOST: db
KC_DB_USERNAME: keycloak
- KC_DB_PASSWORD: {{ lookup("community.sops.sops", "resources/chaosknoten/keycloak/secrets.yaml", extract="['KC_DB_PASSWORD']") }}
+ KC_DB_PASSWORD: {{ secret__keycloak_db_password }}
KC_HOSTNAME: https://id.hamburg.ccc.de
KC_HOSTNAME_BACKCHANNEL_DYNAMIC: false
KC_HOSTNAME_ADMIN: https://keycloak-admin.hamburg.ccc.de
@@ -46,7 +46,7 @@ services:
- "8080:8080"
db:
- image: postgres:15.12
+ image: postgres:15.13
restart: unless-stopped
networks:
- keycloak
@@ -54,7 +54,7 @@ services:
- "./database:/var/lib/postgresql/data"
environment:
POSTGRES_USER: keycloak
- POSTGRES_PASSWORD: {{ lookup("community.sops.sops", "resources/chaosknoten/keycloak/secrets.yaml", extract="['POSTGRES_PASSWORD']") }}
+ POSTGRES_PASSWORD: {{ secret__keycloak_db_password }}
POSTGRES_DB: keycloak
id-invite-web:
@@ -76,10 +76,10 @@ services:
- "IDINVITE_URL=https://invite.hamburg.ccc.de"
- "IDINVITE_KEYCLOAK_NAME=CCCHH ID"
- "IDINVITE_VALID_HOURS=50"
- - "IDINVITE_SECRET={{ lookup("community.sops.sops", "resources/chaosknoten/keycloak/secrets.yaml", extract="['IDINVITE_TOKEN_SECRET']") }}"
+ - "IDINVITE_SECRET={{ secret__idinvite_token_secret }}"
- "IDINVITE_DISCOVERY_URL=https://id.hamburg.ccc.de/realms/ccchh/.well-known/openid-configuration"
- "IDINVITE_CLIENT_ID=id-invite"
- - "IDINVITE_CLIENT_SECRET={{ lookup("community.sops.sops", "resources/chaosknoten/keycloak/secrets.yaml", extract="['IDINVITE_CLIENT_SECRET']") }}"
+ - "IDINVITE_CLIENT_SECRET={{ secret__idinvite_client_secret }}"
- "MAIL_FROM=no-reply@hamburg.ccc.de"
- "BOTTLE_HOST=0.0.0.0"
@@ -96,7 +96,7 @@ services:
- "MAIL_FROM=no-reply@id.hamburg.ccc.de"
- "SMTP_HOSTNAME=cow.hamburg.ccc.de"
- "SMTP_USERNAME=no-reply@id.hamburg.ccc.de"
- - "SMTP_PASSWORD={{ lookup("community.sops.sops", "resources/chaosknoten/keycloak/secrets.yaml", extract="['NO_REPLY_SMTP']") }}"
+ - "SMTP_PASSWORD={{ secret__id_no_reply_smtp }}"
id-invite-keycloak:
image: git.hamburg.ccc.de/ccchh/id-invite/id-invite:latest
@@ -107,10 +107,10 @@ services:
environment:
- "BOTTLE_HOST=0.0.0.0"
- "IDINVITE_CLIENT_ID=id-invite"
- - "IDINVITE_CLIENT_SECRET={{ lookup("community.sops.sops", "resources/chaosknoten/keycloak/secrets.yaml", extract="['IDINVITE_CLIENT_SECRET']") }}"
+ - "IDINVITE_CLIENT_SECRET={{ secret__idinvite_client_secret }}"
- "KEYCLOAK_API_URL=http://keycloak:8080"
- "KEYCLOAK_API_USERNAME=id-invite"
- - "KEYCLOAK_API_PASSWORD={{ lookup("community.sops.sops", "resources/chaosknoten/keycloak/secrets.yaml", extract="['IDINVITE_ADMIN_PASSWORD']") }}"
+ - "KEYCLOAK_API_PASSWORD={{ secret__idinvite_admin_password }}"
- "KEYCLOAK_API_REALM=ccchh"
- 'KEYCLOAK_GROUPS=["user"]'
diff --git a/resources/chaosknoten/keycloak/secrets.yaml b/resources/chaosknoten/keycloak/secrets.yaml
deleted file mode 100644
index 8125ef1..0000000
--- a/resources/chaosknoten/keycloak/secrets.yaml
+++ /dev/null
@@ -1,242 +0,0 @@
-KEYCLOAK_ADMIN_PASSWORD: ENC[AES256_GCM,data:ifiyV0ywHLiYIZfgo3LBsDu//d5B2ZKyysnUtXCXR6hGWJxQwM4ly/XglERsRNRwZtzWkndpLfXWxlMheZJoMA==,iv:YEjrBPoeqQayEd4rNSNpD6Yw0jgQsOQyRpDkv8RKiEk=,tag:KHf6eaeGZSuBipAPKBkB8Q==,type:str]
-KC_DB_PASSWORD: ENC[AES256_GCM,data:h4v+6xLolQN2xWEKTZvrucvqFCUtqnDoSaoNfsXnktyXR5/vjjvqshpsyu6xGA9V2V3RX7BGk1nX9eooo4362A==,iv:Gvvz+r/gNEMAD0xJdXzNQpkhmwOY/70NQXYtJX8CkJA=,tag:0cj4qsTlYsZn7bz4NZDp4w==,type:str]
-POSTGRES_PASSWORD: ENC[AES256_GCM,data:ihYTt9hd6RJNtWEtav5Cbzz8m/qUIw8WGTwMcU98f5wkYrMTd5HUjRjiWqcx8OaamiCnL6p8u9BBEerCeqeq2g==,iv:4F/sKKzaRiIN47M1a+gGhGMiexNp5x5l7UtPasbWmCg=,tag:3QsaYllKdkPyjiX37yICUQ==,type:str]
-IDINVITE_TOKEN_SECRET: ENC[AES256_GCM,data:ZtUiwOAUST+QmR6I6ZSJ4GoV5qWvcIwZ7w==,iv:1XMYhMInEA5pn6PajQ1GToS4kCUAH6PGZOAA0AZAQEo=,tag:xBbGgvJZzSaNjJI/QKhUig==,type:str]
-IDINVITE_CLIENT_SECRET: ENC[AES256_GCM,data:/3U7brcOL162xh9vXPW45Me7+yun9oHVCI3LLbbq8cw=,iv:+SyhYlGiFro75N9LuoGff5QLDG84GeczeYWQYJ07Li8=,tag:9QlbjBJgyt/+VbzLLWWJWg==,type:str]
-IDINVITE_ADMIN_PASSWORD: ENC[AES256_GCM,data:xIxVMTN5rNZ9LuxqLMF9veLbpjqdSAHDRg==,iv:FctE+EIvL0c0RjANRDYk+6gZ/igxkEmLJ+Y371gMXOU=,tag:txlgkIVVFeJ6pXFG/+Z2TQ==,type:str]
-NO_REPLY_SMTP: ENC[AES256_GCM,data:2XVjIt0tYZnjMSKP7rj+Gg==,iv:d/OFKnCwElUD05cv1XeQyrCQuhtf1JD2rRe5QI7T1P4=,tag:LQAhTYwIdoR+sCNfVh+08w==,type:str]
-sops:
- kms: []
- gcp_kms: []
- azure_kv: []
- hc_vault: []
- age: []
- lastmodified: "2025-05-03T19:52:12Z"
- mac: ENC[AES256_GCM,data:t7Tp8G+2lEIyqy9SYo1cWFpXNJO0ekNsYRtlhizHAJ8VUTjJgQbVoArQygc2XQJWgbploJCTDxOOFh9aphV333OUj376ZQZjwg2msIhNSF/wp8gKw6GFIrqNZWLYR3zcvFdiARKJo3T5vIYmPRLVl0GwqVlIvBRuHOSjHmOeFDM=,iv:IXoOVkjWiHTzWTrWy8QH6WfO9bT6aIIrd5KU8pIeZW8=,tag:me7pC6Zu1TNqVlgyEwrhwg==,type:str]
- pgp:
- - created_at: "2025-05-03T19:48:44Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAxK/JaB2/SdtARAAlsCecsUz8CnpckiAsOZUe9MAFRZiSLeErMmZ6Bh4OzYa
- PGeYuz4lSVq3RBkd3n7s8At0c96KE5Q9hgqXlBhaZVO5OXZm/pdSo/jykxDOqGgp
- IGyEwJ9cvH5M7XfZidLMbj54+1BzA9/AW3iFSeQK5bbAi9KYmIzBE5VoVWXXixpG
- czWV35x/6/rOhCWYZfr5JUM8PSSW8lhwlcA5ytoHAo0sKnbmOracK2apSJ/w4SBu
- VtkpwzJ33TUdMqgFXkXIoGqHYE2ovH6GUktQzTY2AchVcwkOqoksD+mHnvy3GlY6
- 7Kw5ymKnOuOSiJXWt7dG9fVLKT+32m5NeiVf8FEx9vvz3hfTsTwXD2uet1BFYHC2
- rXVDf2reKojL4EulBN/2r/sL54tPn/YfkdQPaQVIo4giq6NZ7wR52I4bLys5jOc1
- l5wmKQqZcTVcIML0V6qTJcP6DyhspSpysoGOdr4j4rlzSctJPs5HGu5WGywL+fDj
- 9+KKSYEotGMrOzknwFXCbAER1GFKOVmxyLEgPYxWJa0z0sgsyBU0FtU2j6l057S0
- VdVYEtzsamVUztxaJmKu4ei2hUBXO+PGYCdQH7ZX+uuBkHWWAVzUSspoe/3ncvt3
- 2HAX/+dZzGw4HE6pGChPABSI+txjwbeuyi3iPsBrby3GKv4yafSWxKg1RskDxRHU
- aAEJAhDOhd391/ZDtMkT1Cwhf8H+U/aJDoeezvmHL8BMSIKDKOLhngr79bt0iY1p
- 5uCIIMKO28SZUAgRPkGZVwTlLEuEgXPOeG+AFzkGUOuBMkPAIAJucXTS1Q1VyUaO
- YP2rUyEAMxCo
- =G/5o
- -----END PGP MESSAGE-----
- fp: EF643F59E008414882232C78FFA8331EEB7D6B70
- - created_at: "2025-05-03T19:48:44Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA6EyPtWBEI+2AQ//bMTtv14q8MsLrIkyOW9XQroCFQUAnokoi6sv3d/rgWzF
- ViQ4WHIsFYZ2HrFd2yPLweE4I4gbuyEEJAw7DvQiNSkME7zO2V2tovX1IXbzu7ua
- 9sfykiT3vImd4LozPWDHR8FRdF/3HfuTQgYd5Qi7LrAj4UX0zUaMOE0tW4WJw6+J
- kvgqErRgU5LYHD+l3b+CkR5tGJqsNESRGxbcRfMg/AFdeR3J2dwUV8wNI83WSGRI
- xRU2SL46HLtx/RZ1Zq1/Q9Aufc+4UqtE+6PK4N2BuerzzXumqjO2vEda5Dc9yfww
- 7e8l680TQLXtWwZozbIn37XOvDlYaQBO9GeDyZknNNPiIy3jqqZHvfomSRka2QOq
- 7xitPGCgW54XxZRO39aKFCOryqzHfTPbHRTQvPfM8OYo4JaAmOn4hIWqIKy0pD9d
- gsZLJ/YyPx4ZONgwcz2Cz2dLB6wC3pEagNKBrvgREmjaxTDEB8IStbL1AasEdJ7j
- nSxJamZU0MK55IjdU+loPsHIK4U9dGr3MFHxpiLV73APcYprgwRwjmBU7MJ467Zf
- kZFwmHDCFpZ7u2mWzxL4eE568a9hb1yiI2nNrsy7aGC50TTPPa9ErXOFd6Kbutlu
- kUzFCZb6xd+SakuL6joTo4Et7DJNZ4nrJZwN/OSuE8ZTiGdH7onUM0UOlMNoBgLS
- XgEytV1eo08+agpBece03q82iGIZ4fN5t3eYEVqbnr9+i5I45txR5B6lHyz3frfN
- IpImr3kIDC0NQslUO0P1aBYeTeRc/9TWhPhtZS1wtIlURdFyLjUQIbnqNkRzDME=
- =RY3P
- -----END PGP MESSAGE-----
- fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
- - created_at: "2025-05-03T19:48:44Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAz5uSgHG2iMJARAAsfjYIn5vhU5mjI/IkfYl5sdVquNI/f3boIA3hMKZdwqu
- UrzVysIfqZLBACms27s9LPQNpeccQHNWQFdWzmNWtx8bwGQRFWjPgERJ0Uin/M5/
- 6ICE+a149oe61pE/5ixQ9AvZcMIUF7iXYqUT6yODxgKKnvprbSNNr5kC8RwACHq/
- KRqpZ3eZR9Trz8teOBCxwh7tJx5PzTPT5QbGeuLKlSd38RHgo8fe21ffVTYtDL7o
- t+uglJV33H4diQRvciH5hO/mpVRw2EBnmITn5dWSunSx1mfMVrOr/lHsfiyoEEBs
- 8xmmNd0oaN0M4XYx7PNh7YMGaR0SgDcEVI5KmU9hNwDG70o2RIT7OrI5W2ccJLGS
- TyYiPWAWgfVfniXA1Ydjkwkd8x6AspBZQMJTsNiaBs5dk47e4txKQshSOpReZHNz
- Xv7fHBocsSlFZRl0ydB279L3Z4q8aOFKYMIw1N6T+jwhns0zBnMRj705A/z/lXqI
- 22x5gOY4uFcFUm8/GtWrh7bmN1X5R3fIehP3qposIpeBvrCi4MFoIpcltbiiPkHF
- ToYUFtO5/QAdhn/RosJRljTA/DFzOnlzuGuvov9XbeuJewtR+ZJmpEeBe+Z6tN5C
- dCIMrjFYNndHbYHF4ztAu6PT8Hzq1nw4sTFM0Fyur3LIQHd7F9aXI7+oQugczfLS
- XgE0L0AnLJRABd2Pz1IibBO9Y+la2xaCpqhxw4C2ohdusIGSfcz8aqvC6PYviovA
- jZ185Bxs2TyPwqPxXve2h0zvqbpaOTmc/0PVoRQEVXkrkL8FfxLxPsJss18hdos=
- =mqr8
- -----END PGP MESSAGE-----
- fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
- - created_at: "2025-05-03T19:48:44Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAw5vwmoEJHQ1AQ//erl8qaY9wijgSKKu2xGikhQQz7DkYq0lCZ8KrKyakgLA
- 2vyuFg0+b73/jUd81Xy7j168SRW6GS6Ms/9v6lgGjSt+e51b1nv6G4ob1+KEqu19
- EbTRNeMmTcFoXVMuXL3C2PWVUAE5Gs4POZai18eegQtm3dgOax5/25FvNZXmsoYh
- NYr6+vdZw3Au8KZdFov7iMK0/GX/6GR6XJj5Vlv3SMF8GTCxOyeZwmkk0ud6/5Gp
- amnz327woNAs0oPnoJ6cWO/zlAYb7EkmMfbKG0/9EFErXYkC6Y8N8LrGtOpZXHJG
- doFot4TOPIJGiDbTL6D4+QnIqVchym7JiGmYUGxdzmEXiwe8AO6sKJOR8kZKU+1G
- aSHjpq96IvPewBOJA9NghAI9JoCsWXtqYlpTjeiTXciHqB5NZSgU133R/dqZ01r0
- k4iP1I84hbx6XSdxejySFX9Vscf38WhEfV+KgM7xOJhDTJ8HozQQGj4OpD1WOL0Y
- rP3y58uLF1I3qy9V1csoJtq/+no+cXx3mohc+iiwXQyhYAJML9pLBbnmWJo+O1Gx
- hHYbRDmBM2Qn5TYq3fPOPKNFuKr4pLqz4jy4JC338hTamGQNjbNP/BCCQQJOGdRr
- P2klOkSiZepkLSUSbLVlpZWT/wAqgz2JSxsCENoMUuwPvbK6m2cMs/9A/7JMWZbS
- XgHCqYLJ30G9mtGc/+dpFk6xzpKg9SHHaos2JV/TuqU3O1KetAB4TUEAwLOj1c0Z
- Kf0HlK6l1J4ya2RQqiK6Inek9/D2+KKcvmcMD7ZYQlyeNkLIzKkQIztHS73AuUs=
- =14aT
- -----END PGP MESSAGE-----
- fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
- - created_at: "2025-05-03T19:48:44Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA4HMJd/cQYrVARAAnMF45HC4rYs6NFlsOestm2UrYTMRTkaQh3Sg55c3E1wL
- gaBBuzfgZt8Kwv27d3Prbu8joawbHuFVEtT8n9qW7EYRlkmwX+HptrvBLWHvCGfR
- L/rqCN+6HUJlA+L2RVpcl3dWcI7g1n2/P0+h+3V8z0AlDIWXO71vzX40EsNt5oKW
- FHxEw+0bPEHhrFPJzf0HQgp6XBh60T98JZKi5zq/MgbLreLkEswL23XdiR1diFN4
- 0TCPivcJ78bBpONRvd6mlD2gFc0YDACHCsFPZRL1pq0gxvE1ZNydGkTkjgiKY6B3
- 3VMjWz2wTgiXqArJR84O6qfjZYX1eP8Qd/+jjvxuUGhax8LRu4J/Ccfqp3uZD3oR
- N5ITo7kjWGmdrXCATGLhAD9aneWuBlyHNJfwHZxsf7NeL98d2tuYGF/kpBTy/5zu
- F9MlJyTS3OWkSInWrB7XaRB5slSOCi1JM5GvlEooklVl64t6+yIxQf1UA8LBaMOV
- vZ4Zngcr1FF3CJ4m3yU/WhL8GSuySSlGlWvgfZNYsmJ20Q2AqGyVID9IKXlFNvWf
- 04nnxuQUOmdwQ4OifgCMfvzcyt1eo7yXJ7pgMVT2Xmy6bTLZIrPHw33fP/C8cKCd
- oiUjn962vNI2E96MDlTZxOrQhOOmSQbu4xbqiSSqEZ70xEckmjE0xxR1JwI3rSDS
- XgGuitcNHdV1u00dPzY49PIQWk8wNjqKdHeZ8a5tAjdmps8ACHhL2dTd4j2pTgff
- XfvVU4iwMajbU3p3HjiB7chmYQ+U7iC+CiFuAQbjklPwNorqAIcN5zP0pOJ6O+0=
- =xD2W
- -----END PGP MESSAGE-----
- fp: 91213ABAA73B0B73D3C02B5B4E5F372D17BBE67C
- - created_at: "2025-05-03T19:48:44Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAxjNhCKPP69fARAAgaSoB6hSUrpjgo/QOMIQmgjPtF/KtHASST7+/liqcIem
- iQeT5xwACl898ez2a1elKtgFYUVTOopuc108HyCGmFut2/T9u6uGipOfE8WGROu9
- 72mx4hq5IGB6mVz3YIucH6NGCpH8lGnQvkeGydpYUUJPzbv9AWewn0IySJVnC1uw
- UZy4h+mTSFH5Z4XW4JDnPXamfEwKTSHsbM6KHPvql+CLnJgwTOqln3vZeF0YumSk
- iH1xO7OslluJ77jiZlcCfk1uJ2vMCDJGmp7DziMeyf+wTFckvjDnXG79AtQzQ+HB
- 3fcymp+DMIJbMocGiwtXgpEv/4TGTrbhpZWE260ddmOlrzCakahjA6AjGubu6oeO
- m6G8ZTnm0RCNvjmldykW4MZCIbsChZwKAQEOUymiX5JFa0ayZQq1CR1GCGwsU20a
- odNI3z3hpJCwI2Vo21nlNc9hiUp+zA1fJteBDnCS8j8QuinFi9G6x0dT9P6i2+ED
- yV7ULKsAemCzwQhhudYondo78E5lABgGxVKI/+2gkwZTIc4VU9/aRNftZLszlc+8
- nRIs77btYflj9NiK2JCoxr57UpNq19JLs6Otc0vTOjtieG5uDl6RmYOvD9+A731i
- rAAMbgtGzM/1dNnls4VpVko7b8elm+kywijXwSXUzGYXfFojIYcfrCOxmLgGBKrS
- XgEyMad9QOGTFJZDtcBghfodvs6xfLSYwwT2tDWgSzW4GRmJfvb6b+AR3+4JZ+OL
- QQhUFVWM+rVHmAfbnLSfPbLVJFrOPjsTiCOk2onJjiRv8MHWL0QoobZvG/1/zhQ=
- =87lW
- -----END PGP MESSAGE-----
- fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
- - created_at: "2025-05-03T19:48:44Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA1Hthzn+T1OoAQ/7BqkS+RsQa7o8pEN3v1OHEMgSJvwmoP/yoOuXycv8tAQz
- VWxrmh4oYlrOc0xHKTotGT5IY9uJi062sVLbnqVwa9EQ96bNM/r0LleBOkO2LsqF
- t4aXYKV2njzCb63QpjkeguHQtGi0szKWX+cny+AK2CuY3fpG4i/Pbn14fTE1kDlj
- EZD5eXgPSeAG8lQkQazG9yzXOOGJ72mWn3819T3VAFYs7/cXBPYIwB5BD7EYAbg+
- dG7ihiMbcz5b94EdkOTqauJKCTjGE3hsjjE7cKRt+BR2fHXkflrRW/ALBJSA2m4u
- aDvjAPyvg5MIuJljQ0imXsUUY+aga9oWqfRFR9RsBZqXJD193HXzzZg+WrfCvI8L
- fmnRDzEjJ7LYiFJ0Qs7SEuFmlTAa0bk5FWMtVmCjcTrc2Si8o7+yuhysPTIUKogE
- QG65iUk7UozuGJapZYI4J46E1586R+LNi3MmKiYwvD06wprRKdJ3vUqTHzaqwqTp
- S+RbUi55WciSaWs7EQrO042U1mgsyphG5cGpmXT6AvDwNYDrTBbBM1E8QKkZVp9Y
- lKF5ywatwrpWyaxb7OMB8cWaK1RXjB3eDOSYNTUggCx0l/IMAKSoKuK5Qr3Tlcyb
- zBENWNuO6WawhJMac7ZlB6s4SpiZxFMKVVBx1BdsNb/OY3L0BZmnZgWDwvggqTnS
- XgFcVQFmgq+K2CcXsyiMD303sQmW5MHLrLzjUfvH4QRQ7mhDxLqeKQ3HTTB1IeKY
- u0RE/XKAN68fVSeIBcgaXTNITI8TIyGCpXO+BWv9x3k/f8jwMuZjUUD7ikJbzi4=
- =EwRO
- -----END PGP MESSAGE-----
- fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
- - created_at: "2025-05-03T19:48:44Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA46L6MuPqfJqAQ//eJiqttBEkbKmuK4eov9Lo5ZyO2gOfnwJMXm/uFjaMzrq
- VNsjy2PuYZ8TncBTqwDYhTJ4PsMpu7xm9fTBx+JjIhnZHTznQ6lkE/hEfFdeVPtj
- Pg3cTO9SuK+DDYqxPcDux3ZBAt/VheApCLFQbj9wXQZTRo3rWUzgdeElTRzJUSKr
- Z7yDahdie3roxRTn/yM20d5DuPmAP/ae9XxY9KnBC+utaBsWX0lv7kZDPaJQ5XBc
- lZxk/cGn2AAXaWWzDbx5hYvoDQRq1ifaoCE2TMitXwnVtiTvZAxZS7LHtm5rx+gF
- zVP/ZcoRMEFBS2CPunE3uEnYF0vux9PkvsOmE9Z3BbjpY5juOOlf+R0pcn1Yw6oH
- Sge6DzcJScZ4p1LCr5/pv8WlE6roIpA/YswYKY96+GSmfHbLi4YvlBxrVYJv7hNP
- Y2Ce8hcmbiPkiJ83h2RAW9kyX406NipiWy2WJA6hEKNAkS67lhw8gn30/UpkyHNB
- QBPQSiO+EvHlOE02UhYiRSyYa7sGypkNicEvX18U1VXLei7CN7Wq/Y0sm33Ebnx6
- jh48vOdwKjc5dVTwBAmX6GtNkpXY/xuNipwtcwJKerP2Neh4nk25tKTjmTXP1e7c
- 3Ka1Uur8st7UYHspeHSHJjnGgaSMqY7V2WsRzjOV8d32WxzH9NTCm0XgaxXkj5rS
- XgFzvL4Oi6AwE7pU0OwHCYHCYhgI55jX/gBCp8eOWl/vzbAllXFZkTE+1K7zCghu
- bmvxhcdGIHO1Hhossy3KD92njLvhGjcjtcCdaZJnDTKmYBzVZZ2ZiHX6vXYl7gs=
- =inE/
- -----END PGP MESSAGE-----
- fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
- - created_at: "2025-05-03T19:48:44Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA4EEKdYEzV0pAQ/+MF6PrPLjAS+QnXkKQMVTSxo95MCPkQmXCPfGpxiEUFP7
- cFCsynGmqpYvhPLJqxlF2FwC34T/1MGv9ejYECfsFHhTiUqr4u+OGEG+Y3HnOG6E
- OUHa533f8uUFqhoinC2l6v7Ka0XZUN8U91NRqDlclzAa8bCVSYBr2xtqkpe/idIz
- lVsnhnTtG0O05voztB2qd2Nhq/Kyavb8w4dunweXVpp5wTuVsvdppPfdK0/2kLp6
- CO+2MeBgLHeb3cRcqgsVFs1j/iJyCSPDgvZK5hPm7K+gxL/KoBV3SQUM6JibFWt/
- CxGVHCAdavBmvQUQpcJ/GcXO2z4LfRcsZlGbZY5hfQ8omb7QF5EYCtwtfEOGpPVc
- ne187Mlq5PgqK7D6rG2EHke5TraIGtkzJxyM50v2EGNrANh787YOfPDWgwgw/OWM
- 6SpfIS/wIGwvHMAZKPP0Bky5tmSePvk7xVVEq4TY7UBB/ndOCzz/GEyWjs2oifE1
- o56dqsUgBiX++SrXxHldU8WqN7LHwBi+8HSFa5hi27gIMcGsXp8FSdnZb0u5CA3W
- hvCswjwv8SHt6g/tpAkEUYair4ZELhJooPy6SemV1DLLyJmJmdObHeiE7pvqkh83
- GMH7G5iwcHWcOWn08iFsubz6nf8XsJ43M5X0NO4XRF8W3HhIAqDGNmZU3C8RbMLS
- XgG1DJ71CT8bACyUGxuDBsW9P0JJn3wPlcVzi4i3aSxY9mcPc6io8TzedOf/bElm
- g9iFKEXxWGk5GgUmVWNGaQIwqNwG/OM3t19Tba+VOdWbVdBN84r7DcXGY52K5Kc=
- =xcRA
- -----END PGP MESSAGE-----
- fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
- - created_at: "2025-05-03T19:48:44Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DQrf1tCqiJxoSAQdAcZM9nigmcaFdRVOWjgBMqN3VF0atnfy5Zw9cowdtnUUw
- dROW3r6ukUzpSu6AU9H0jYVB0i2p0DSlToK3fR6JcESjoq4AnPFSZ9UwaSTzfnkq
- 0l4BFK57V9AgtPnYWw2GdwyDCwkWGrraqV9LHFCgvkaY1qkioY12KgpnMjmvBOxn
- HBWYuiOzE/P5iGgyZA10TKN5NVFY8V/99djYSMA2PgqdJ1VFS/CXVbeuUGWqt0pe
- =Fdf0
- -----END PGP MESSAGE-----
- fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
- - created_at: "2025-05-03T19:48:44Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DzAGzViGx4qcSAQdA9NXYBmSAcUPEkOo9bl3uya15K/V1euv2kb7hI0nAt3Yw
- pJ2VN3shYfG6InaiGuE0fSZJ3kgxrjC6lRmoRzmw/Y6T4ijBpUT0YGnBw4Avbxdf
- 0lgBEeBV6SFy6kQPJAfZ+6jJTc69bMku1RtJcBbM67tubn4IcFlgWd4heijxIW2Z
- dWwIxaNxUlQ2I4EU3ElZ2Y8j7wUgl6DEdhHcD8Ts20w0VMmjrEgQviLH
- =M4OW
- -----END PGP MESSAGE-----
- fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
- - created_at: "2025-05-03T19:48:44Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA2pVdGTIrZI+ARAAxyj8/2Ogapa8QAUjDkdnexURS9wnP3JGa4JKvdi07BaF
- uJOzOdboBhrMwZug4uZsbgBou02jbNIyP2QpxarVcmhtC1eij4JqVsa81OE+hKES
- fwl752MiQD0QblKwEng+816iazBA1oUdYyqW0OsZXK3xydjfyRSiY1skbmz9iZfM
- d3pp19xlf/fisDeCCZX/ylLOUn9Rbn7QCdIvVuv6yjwC0tutjDaU8BwFYqgaRXds
- 6Q4TEQCPBJBEycmXZrXtBQ2mKtLnxUlcXd+G1x7J9UBPrBPe8cn8vi2U4hzBaPf5
- N/mz/3r1S5WDG48eDShgMkrtyn1nG+mCLvPxgIHbCVNiufmEKeQKAFQkqZEmeFre
- jb6Rh0F72lABJ0pnpWo+1rRuDJPgTe6IfpWtCmar/YAPHKrjGw5JcXuobYRadQXS
- FHyTuXXW/20bWoDrGEnFX4nA0eHVTwoBpxiFrRUnjwlTOnJ6ntYKPDVzU59MPY5d
- i388xEwdtOzv//e6kRhI517RVMoavRQ0ldBlxwRbTM17zetilb0c4CITyyTJ3pBr
- sUv+XwtLhy7xiq7LlliCUc9QUcXRRFttAJfNyKMDqZ9JbwB5f37GmZIMqiJnd9Tv
- ur8zPGp3gGLJ20S4/Bj69te95pBP4myweugr7mj+A1lgrrtsReHcJ2D04hwT+aXU
- aAEJAhDXuvIXoDHr6c1CwUBiRNQfISQmOohiEWG/Arq/ISt6a8NI3pQbKN3f0k3q
- xygtB3ZTfvS821h8VrqvCcI/tGTWJ3TymaXAR+mGLeW5QPtQP7M13buYh9aoLsa0
- DK5E8OARtCaR
- =FH+h
- -----END PGP MESSAGE-----
- fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
- unencrypted_suffix: _unencrypted
- version: 3.9.4
diff --git a/resources/chaosknoten/netbox/netbox/configuration.py.j2 b/resources/chaosknoten/netbox/netbox/configuration.py.j2
index 287786c..7648e7e 100644
--- a/resources/chaosknoten/netbox/netbox/configuration.py.j2
+++ b/resources/chaosknoten/netbox/netbox/configuration.py.j2
@@ -3,7 +3,7 @@ DATABASE = {
"HOST": "localhost",
"NAME": "netbox",
"USER": "netbox",
- "PASSWORD": "{{ lookup('community.sops.sops', 'resources/chaosknoten/netbox/secrets.yaml', extract='[\"DATABASE_PASSWORD\"]') }}",
+ "PASSWORD": "{{ netbox__db_password }}",
}
REDIS = {
"tasks": {
@@ -23,7 +23,7 @@ REDIS = {
"SSL": False,
},
}
-SECRET_KEY = "{{ lookup('community.sops.sops', 'resources/chaosknoten/netbox/secrets.yaml', extract='[\"SECRET_KEY\"]') }}"
+SECRET_KEY = "{{ secret__netbox_secret_key }}"
SESSION_COOKIE_SECURE = True
# CCCHH ID (Keycloak) integration.
@@ -38,7 +38,7 @@ SOCIAL_AUTH_KEYCLOAK_AUTHORIZATION_URL = (
)
SOCIAL_AUTH_KEYCLOAK_KEY = "netbox"
SOCIAL_AUTH_KEYCLOAK_PUBLIC_KEY = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/Shi+b2OyYNGVFPsa6qf9SesEpRl5U5rpwgmt8H7NawMvwpPUYVW9o46QW0ulYcDmysT3BzpP3tagO/SFNoOjZdYe0D9nJ7vEp8KHbzR09KCfkyQIi0wLssKnDotVHL5JeUY+iKk+gjiwF9FSFSHPBqsST7hXVAut9LkOvs2aDod9AzbTH/uYbt4wfUm5l/1Ii8D+K7YcsFGUIqxv4XS/ylKqObqN4M2dac69iIwapoh6reaBQEm66vrOzJ+3yi4DZuPrkShJqi2hddtoyZihyCkF+eJJKEI5LrBf1KZB3Ec2YUrqk93ZGUGs/XY6R87QSfR3hJ82B1wnF+c2pw+QIDAQAB"
-SOCIAL_AUTH_KEYCLOAK_SECRET = "{{ lookup('community.sops.sops', 'resources/chaosknoten/netbox/secrets.yaml', extract='[\"SOCIAL_AUTH_KEYCLOAK_SECRET\"]') }}"
+SOCIAL_AUTH_KEYCLOAK_SECRET = "{{ secret__netbox_social_auth_keycloak_secret }}"
# Use custom OIDC group and role mapping pipeline functions added in via
# netbox__custom_pipeline_oidc_group_and_role_mapping.
# The default pipeline this is based on can be found here:
diff --git a/resources/chaosknoten/netbox/secrets.yaml b/resources/chaosknoten/netbox/secrets.yaml
deleted file mode 100644
index 7673b44..0000000
--- a/resources/chaosknoten/netbox/secrets.yaml
+++ /dev/null
@@ -1,238 +0,0 @@
-DATABASE_PASSWORD: ENC[AES256_GCM,data:PL+VW8UlAdZbL5CxneydeW7FiDWv0s76rRkdjRT6RfSjN6bHyL7wJfv20cc8QtE/7ACdVFoYe6uXnfygRRUCgQ==,iv:wQP9VzAH0eTDyDPQpYmsKeVThQCzdaHDvcX6eFgjUho=,tag:4jc7Wx4gY5r2XpEHhHSZ6Q==,type:str]
-SECRET_KEY: ENC[AES256_GCM,data:5jtW/ymn/k20bTvdx+fUMJZZBwxclqyZwpRF3+DRJiABZehUYByjwuLe+GXiCaKNjI8=,iv:fz85tWdSaEnmx67NUqoekcVB8meZnMahmeqw5bNRp/4=,tag:veo3Qc3dwGeSj4YTDDL/vg==,type:str]
-SOCIAL_AUTH_KEYCLOAK_SECRET: ENC[AES256_GCM,data:sUEvuYWlx4B/vjYdm8hZym/R3D4BIKVMTZuLZTsnL88=,iv:bbXbHY010ASasJE7oz1q585yg8KRTDcE1rFVk1lzfRs=,tag:7e7PWvwVtng1Azy5C9C3Gg==,type:str]
-sops:
- kms: []
- gcp_kms: []
- azure_kv: []
- hc_vault: []
- age: []
- lastmodified: "2025-05-03T21:07:10Z"
- mac: ENC[AES256_GCM,data:PKLClihEdwtcTb20/b6ChsiqKDUesOevL5+5IEKi7D+KfCOVP7tNnjwxtsMrAUO8+ng2Vh560640pZLVMeLsO5CS2+5b6NkIJeFYyBQeOxCJ0ykuTI9d+pJ+X2EXVUAXLCpiEAywiJeWHunh3JsLAryObxn/eljDqvE5tPX0Yd4=,iv:X4FMyelmNAf37eozHjx1sO/hi6aqrcWjqGpM7kIoKL8=,tag:pMkCNAsMq0F3RPdOaZDjJw==,type:str]
- pgp:
- - created_at: "2025-05-03T21:06:24Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAxK/JaB2/SdtAQ//e1l1vASGqewH6svL6zyKdVbar9z/r8lpSSVyWifmYD8P
- zNTBR/sYUt3OyaoUry9oFl9XyfCKTlypLi+zTWlurMDgjres0gcCmHCTKermU1sU
- U+dRFyZcRH5+4+GCKEM1Yr5SY5OZEwRwgJBI4vd8m4b3POa9ivsykCiIJVtPvNFf
- Nd4ngfgIAkL6j4QXypFfDqbsKSrE4luPL7MVuw/FEdvO20PubKTLGyAo2TxLcq0e
- A9n9S4rY0Ke4meLUrZsb3lq3SnBN9rOvIN3XbcmtmvO6jCmenLArzQaL8cjx2EKy
- DmqhPqTrkbJgy0utMGvosyaRTGsjvvxk0fU1Olpl7MzhagX2U6nKP5s+Qk7PaBsK
- TEH5CSrr8YbptDUIbJqao1A0z1hkv6kODITdlxxdK+iXsi6VKcvEzFs2PTDTqPIT
- lnhlzlZLypdQhx/0/DMKsIOHrvT3BgQgMDj9Vt8cA/UXjnGK6rmX1VyXRC5MyBqE
- NsytdKl2JUAFUJ1+PVcDefQYgo2ceQK86ZQ0Ol1yf9sOY/GW8fCIRw1TPy30U5sr
- SOVGtBIj8Hj/Xwx2Sw0DzeBwyPNa2bth26+Sc5nWWXbMnBLaa79dOOVWs9A4kSEw
- qT84xg5fLH+lgQkuKHZ6YJcXA5V0a8A9fI+9xnLK2totJxtMI34VdHEozTYmrL/U
- aAEJAhDnZD6rDx2Wm3S2agGmCYVQBRYluLZCGVGPFIWRgooUZh8T+PJmDWKGfVN1
- nSwyhGJptFrGP0d3nbnJ/ayK1f3HcqGuqG2WbQZAg0dR8oEFUwgHX/72sKK3mGq1
- Gzq1z7TMgU90
- =ZDXX
- -----END PGP MESSAGE-----
- fp: EF643F59E008414882232C78FFA8331EEB7D6B70
- - created_at: "2025-05-03T21:06:24Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA6EyPtWBEI+2AQ/+Lv5wak+JKDhr5XCCnc04KBPNFw0sb0NFfdLzwHXayHGY
- chMo56UeX5UsmOCtlFqcEC+2QpXnvqNKhI+kjMa7ARcvs3ecDL0Z1cvhSn9nMKJK
- Xi/IxJaGAEEDii/AL00G8M9LBXEg2eRXeuWvoxU1Lt8Id6oSmSgL1BbBPLWPLlQf
- ddCCAzBajvnZ8tYDIHV3eY1iWKH2MbCqV9eH3hP48l+maR27DaT+z10s2AvtOucE
- P1n3Q0QsfUrfM9XLldak4fhWq1ykmj1NyHrcLmV3ySdufkJ7amThlPiYl/2g2QNY
- 0TSs2/R/VvzpveTFGXxcVveS/1KuLNzOTEwSoRnkoAqxbXb2aFV/7H5SWUDQADvB
- qAHTLlN9lH0fd4adN8Liq7SgWd29pGnHaGCmZBEPExrRnKLv3mjsb4Me9B6xzHiA
- f6/4cI97mCHiin2T9gxcDBvOnO3rcjWalTlsA24aO+Z0nXorBcJzoWITH4ZsluNj
- Zau73K3qe2GBPtYsRyHR7nUgxpTAOXeXeO64+DepYCC4czZ2iEmtlf+xWJ3Gy8FU
- nlU5ysoVVvkAtX6LZCbelecyX853f8F1B5kjkycqERgIKEFAxSo3OJTCzDe/PbCc
- Pk/Zs+5enAtN8+dD+jTrHLHX9gSOZPdT32/WlOua38ELsfoSCNqsj0HTLuM/ORjS
- XgEEitd3eb9U1YcGYJ258/x2v+ELhTiEVY1hYqD0j1dabZiNEpd2+BJ8tJY44A1a
- 0ZOrevMWFLiu6aE5Th+xw1DgXpmrMuxtxSHBJPzs3kZaxWQ0hiTJEGs/RKjzZ8A=
- =vc52
- -----END PGP MESSAGE-----
- fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
- - created_at: "2025-05-03T21:06:24Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAz5uSgHG2iMJAQ//TPfUT/jQX6rf3QiAyQPq4tHghd4QUx6o3giRAANW4/Qw
- EKB7/kTwPjfwXbsoLLcFf38kf6Nr7a+NkkgU6BUbRouTW+SFFKTQSVfslQfF2hyu
- YlN7sQHL51e6s/geuKU9/4X9+wGECLXJ+bEBD8z2O57vvI3nHHx607EnTW7ZU6G4
- H9QR8CfQvXdOreuxJHuSxReWgivbH+4JIZSQROUqeHbAsbdrtQkpFM2njPvknO8g
- a8uklHLVyFlbJuCHVeGDSgqKIRg/wGHOBsPUR8BCow16TwfgEzFDE2EkqPkb9h03
- DfpbMgYycgAp8MVCQfC1vvxG5ysQTbQ5fGTCJ48bMB78j8VxtvkfyczBmG7gw22t
- gwg+t7eBhOuuVHkBBjuAd2Vzt7x3n+FrPIst3NO7UiGG3Ctf2tnSa69ZqTy3dVhh
- j4USGTNetXzIdAb5ExiqLir1M1hFq/vSE+yg7q+ktt9afXrFLVgZ98zemDsVqhsj
- vwsPTGBk+8gavChulmxnUCQgunpaQ8nokHVC/dbhtLM7ZIyV1QLMj40Fsg6J6X93
- q5DWPX2DPi4zqCWvZCJF18YSWR45XcsOtqkzCJbAdJKs029Y6oP92Nq8k/gRf18g
- j1EeYHm5nJLySsdTB+aQ2cKmA7eIQ6gadfGs4o/Ge4Sd2RwcX0ch+dzHvB6YK2HS
- XgFpVWTm/z/XCK0nxo9eMPltPL0jEM0qMpk8flVcqQMVzba0hVq5MCzkQycFsfg/
- xCzi40J2e/Feh02TPA2picple/C20CcB81Ib3m7CyKCnUf+evEmKr5scwdsdB0s=
- =laDO
- -----END PGP MESSAGE-----
- fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
- - created_at: "2025-05-03T21:06:24Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAw5vwmoEJHQ1AQ/+N9agBO50stdifyK81Gs/u9haLtSJvt+qVv6uMaP7i/yT
- /p2KmJ40SdpmN890Wvqgz5SigWeyEnhzoJuymuTwRLzYcZiEl4pQpKF/FFBokO8i
- 6gDxMgXM75UkDQ0C1xv3US7zw4ePSshSaKC6t0q8gF16WIbVLGM8a9zWutTbbuYD
- fMVfCLx/n+z1xGw40qGLI0NKvV/jMNRhcXc8bOmyi2A4CkTnBLwyrfOzkMQSC7Fn
- yS3n4XCe/S1LAHNkN8us9iPlFzwjG3nwBeyS/vnPnF7Cy/1DvysZCmoCMAm+DN9g
- jYdjO2kd8MxnYpueYzJ8+Hwka5q3yZjBAYXeaY1VIiI4AaQSo9W3qc9BPda/lunW
- bW5hvVAGZ3NmjkrMSDoyUVjBJFan042jQhZjB0vU52TMv+MWpUbwqEHu+caO7N6e
- 5M9nyZ39Sauvk3mD/f3OtSgRZRWwQ1dgER34kMmvVCDBDECfwNBfk44jLzzUvkpp
- oFjz5PaBzdmUW9qKhCGu+2v90C+EHje5yf9N71kgVj3x/MHPooeNzhfy8X9cZ0hf
- TB/wa6AGwHGGQYZcO4qLWtFJV0XkSJ2tim6qR3q21mBkqtJqnjATiOEcYgDXXN8u
- pv2B+DxK5fZIZH8X457HFmVzjLqsrLJtuLvVh07Qum2fLhqWbUb3oZM0I/S5333S
- XgF+YaV/cViGp3a2lGd9Khh0yJmKaDgPX83sEpBmS32kXegvBaHeLSm4CcTwmrFZ
- q82qJdZzGh9w+/Ah1C7dUp8tv4oiQmtnHQ4a86Ir30BFQdgVmcvDXTWN28k28Ss=
- =D/lR
- -----END PGP MESSAGE-----
- fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
- - created_at: "2025-05-03T21:06:24Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA4HMJd/cQYrVAQ/+JMHWk7uwJBuVpOTjD4YtwRAV/tKYBzBGJ+UqCcG/r9XK
- VprIs0mXljcjdvbc9udV9tXSXI4JsrBEDpUs2yW3OVVpH6d1lPo05Rj4c8b/PIlU
- 8KoSvZldR679g9qocUHpCBRRNQEZJ2iZm5ISVJVCti2G8C2zrE1jin+GWlmJ2vjK
- Nk0CHKb/c0GSBraAyh2JzInd6C4UJFW/ZaAhrbwYUhTo6wpJiEGTIIiV3hwEQ7Ao
- Y1JVxlqIGdL9kJ0l7haLKqHLFgXQ4iItCsw5hRqeBLLzAN/NwAMQu0lqFe44v13G
- RfcoO89XMn08QVAHkTT25TzT8viiKtaOS7fZhO3eAJkxWligHhpTosy0dBofqUqY
- HGJh5dG7Hlm+MWUAWVQBJz8/UhkJ+CQcYWShVXFx8RqCTtxiFpLw/kTt45s7DPv6
- kzkIFsRHXK302HlaEv8f/UvRuYNFRmrGrFpXOdF9ODCaeaxm5E6A/FeJXW4KonOn
- /butppRe94MaFf/aYfZL+g3VeHo9eT9HXLcRcekm+oIeWEv5t15oZ+w54aqjYOno
- 8rIxC4a8eWjWdU9c6LjaHWRa5tEvGP+vlfsV4yH6wGiOK6xPlME+ikYrka5PDSOG
- xEvcCIG+KrugQZYgfvH/6fUKsPRitDQHQjG6HNTSVfIHnHoqntlbtuvA3ptSnKzS
- XgH5E6gSyOaJH4asmXKT98HX87iBTa4SmEYuwZqjRKipUPHu7ZBO8rHrCv3VEaM6
- btDgJG9rePCSwg+WP5TaAhFvw/5QAekmydSz9SKgS3PenzeFa0tei9ylwGAaib4=
- =Mbmt
- -----END PGP MESSAGE-----
- fp: 91213ABAA73B0B73D3C02B5B4E5F372D17BBE67C
- - created_at: "2025-05-03T21:06:24Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAxjNhCKPP69fAQ/8DCABJ4gv/PzVBW51rq41776U4UxAkt0u+VEZNlRsuQRk
- Zl3osLjxVagOiTL0hjpsqUq+2DPwLmpSGK4Xm+u0lvXViZR5TNe9u7YHZ8oPCmUJ
- 6hCvMyeX9UwprQBAHh9TqeNu/ZxWaVJjYhDOWQOeRCNbQpav6JmUAw30BsFDpg5z
- /HhSEPxOxfPsjwFmNJ0/eHFj5PtKuRP4Fq5459EaeqUokHiTNR6+1sWjOYjXydEq
- /m9XKugXxrjDJ6LrockjFXldZqfgzIUfN5Y+mEo7z0aqg6IupDg4y23p1BSxF4zN
- 1wb7y2vAhAu3QZXRjF/QIjJXSgTwAsZ0d446sHGdXY+/RppQDU5eH+fmVlh4LZAf
- BZnV/oFpaXuU7bxyUpyjvZuZpkq8pjtAj4sWfMGSte81KdJ2fIQwjUXJL0/2B+z9
- phl8ZZ5ceVDgfzSf8RdJC0HFf/2oy6fEMRWG0B/8BONKBZIGtSoEJFrXChadZNlq
- u9yTNm+HjXPjrq6jKTgxkYd0XLv3KWuzk0RIPKsnHaX2bVpJ7zu6KMna8tAJ5UZ+
- Y04AJyCrILpGFWUrNYLNDqTxgY0wo3iPq3UJIiL3x2chKVr1kE//HtsqGq2Ebi8h
- 4O5GyaH+/CO+KI1PX11HrJYBDWcKblbu50/DgJ0ADNtJYvIpv/66MKRfvAhUf43S
- XgGewkjx2jTiy9u77ywc9mzZNGgvvbAlHH+HjePNm1pNklHqY6AEeufadwuc9A4Q
- lfj15OcLdrsno1Kx+JXY12X2UHeyY6fpLFaJDqmOCkDULhN5EmQT66eKw+Xuqh0=
- =YHP1
- -----END PGP MESSAGE-----
- fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
- - created_at: "2025-05-03T21:06:24Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA1Hthzn+T1OoARAAjQyI/TkO4z3Jrbcwl2YBm4OqeM8dVaBrhIwfkkKBodiz
- uN98KGinIMs78a7SL1/7G5G2/xs9zG6kRJnhEdnsjbtQrg4Z3aifojiOvXItgf7L
- JeBSh9D63UPiY7PcM1nL/7KDeq0CsA/DDQQKckpG9f55SsXhrwWjyprPlQDE8oqS
- 4QOJ4I5obLDfN/3MZtjde8t4ReLQ70QQDaHG7jPTiAwJJMkFosulFMrGCnW6sF7p
- uj+505uFLmsW28lK+qqf8D1qh2RlbO0tTyjNdEl63eUqQ9a6MymVeEY+SpvgEXkg
- bJyqqCC4iZfO8nATxWlx8lXhcPHFL/B3uuENM7+79z2draaCgvzGE/zIY4ebp+2S
- fHt9g6t+kxY+W32+tj00nTE+L3k2OOp/lEEXiJXfdf7rrJb7Mc3u80Evlw1d49aX
- MXWw0nk/yUpwnAD0Tq6zXBO+lst+CIqLGlrxPbWXb+iAovSHrSj2WbmCTH2P4KsA
- lC1V0rwUddP9rmdIJjbjEChCQcYOAAIGJcPGVuMeTGm5B8fXl0SwnCeSZ36RWl58
- QybH9ZUobIl0n1OnuiUncB0/bQG5wGLFj7Ett5dWBNW0er5x2eBTlQ+lEEPNVzxc
- 491jO+YNqWHwL8/wqZzoid5PVRfR9f+bEjIbcFfdd5Oq8Ocq4o/heemMNu9oNzTS
- XgFicp6aTdkEbaHhi+Jw01DWEIltO2o5mlZcvXRTaZjwKRL4BMmwKxfGJAYUkF4K
- /OlYm+rWtv/q4qHXsejLx4Wn+pzcZJxQcIlo1c/iup+m/tOmvWhWdWuI1G9+oa0=
- =J/ki
- -----END PGP MESSAGE-----
- fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
- - created_at: "2025-05-03T21:06:24Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA46L6MuPqfJqAQ//WVexFLcpNsUwSQAq7lN0M3aBVi2+V7kUcPF565ltzjNL
- Q9QnEM9a8HtUkkxca6IlTFPsigCxeBxEFAvXcUydubo9xplbmDoKXas+6rjF8shF
- rlvMfqsvrmb2slPdnf+/PsehWld7rHq9YjeHb9Boz1pBK+MrsIUblzEd3dDvXRWZ
- 7Qn658/pd1s7G8z4o13HhzhEHQlNSRhU7RJqjVLkJvnzLt/l1I135lw40upVQV/+
- h8UUbkLr8pkhRoEeyGfWuI3Ut0d3/xFgYV//3NyYWewvp7CvKl7ITnKJI0dO0RsQ
- Ci+Dp540CD292hxHTmeEE6oscOF2/RspDnu8xvQl8JXCrBIYXSJXYAjIpmFTnOXd
- FddG2PuecH6lQD/U2QZjQwkfhGD86rBw6G9vtVxQY2vKs5/+0liSwMOpueCRwlxE
- 0uODApzFOHiK25jK0K7in2fYGDWjWK1YgPJX6zgXeIHIgbqjIju5d9XwPcjqOCqO
- Yqr9JunLWRKjal2FJy0pOkQoJ/uu5czBic7k/fB1De3Rp84Lcf9iR3KNlTnXsHqP
- XoPbGmtZycvXeovh4Gh8YVPMZir9vRwuAGmZJ6Ot85dqdgHxNhW3n2enrkrlX3c4
- m+Z2xQn8fFVNWHepuFuZ5w1BoVa3I6G6p7K0AyaaBDXcxGnOrif4WYz0MQ5f8onS
- XgG1DJaoidGPwCNhPsctxazcjulTONAGoLCquEidMtDSrRxLqxXL/cWjhnYphaXL
- Khnio5A5Cpm+Jq+Hp4pBdMmRmy5upD3I+Gav13uT5lBf/9P+FHoWT4lzRvSIDZM=
- =u9KE
- -----END PGP MESSAGE-----
- fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
- - created_at: "2025-05-03T21:06:24Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA4EEKdYEzV0pAQ/+NP27FFnjzBNDhobG9wRZ/LxqhtNicRuamag/+Vq50l/X
- KqRHJgf6B4mpgK26m3OmehBat/HNYi/A0ZReV1GlB2eTen7Fm8YmA0QeNuwSW5TC
- fjlccV5uAwlwcCrjXFm3fngYA2gR6B1s4qesMmIycXto3KAGytWSSv2Fosj1ciEW
- xPV/iY0X1A3dBmocBig+WMiLKl/3/J2+0DoibbnJd2BsxgWSVynHwHvVeud9zb7s
- NpImqGOjIPEbCb/g0JqHoLcY5Wud9GkpBnMPzKDT0hGyAD/uLzsPQYKnxocLV3GS
- 8gIl2Mczz3DJ7/QpupEm/auP788q9802tvaeZL3J/zVYeUCI9AVjcirmO62lsWMa
- dPCurVdSrGQtDjiMb0LEEXUJStMR4jg54iNjX3ZibiWwZCmcWSVb3rTdNQ3/ulf8
- /tl3zcmz231BpuSFEL/FMqmQRyTWnhcxKdjbFQkhn1wj/zDpoWWQrJOEZPznfDaw
- qmGUJtqH79aW9B/UjBT3o2F+hYTJT0C4M3o/FzWoL5c9N+BV3pkChwcu5Hpzp7w4
- af6TA32+wOGN+clDCw1GdoY7nwnIuOXdr/RsJwaCEClfxxmv4jtaoeN/jw80ZkhG
- EbEt6tmK52E5acaJ5+DkdQaCJgEqfuXEbDD3Ff18ogoCRPme97fA9bT6w4EsJL7S
- XgGoza9GZ/6cY1qxbsDGLfSAsO1MZtF2Tdi6VYCQrmbPpu7xIoLkSpstUErefLPS
- rlhIzHBJMuevAYE3nj64ZRZn0LJntYqUA6J9wqxjFKcRooeNG/ZzHWdrKoCdqfo=
- =evpb
- -----END PGP MESSAGE-----
- fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
- - created_at: "2025-05-03T21:06:24Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DQrf1tCqiJxoSAQdAEnokPN5Twc4NuFqnxUUsz41bFJAvb6Yo35z0QSONZmUw
- LrdW9IYb/VzENu2kyBZjus2WzVIPkZuPNTogekkvZEEbYEtgX8zhOzw8KJREWcru
- 0l4BVwK2WHhmfeLSuFg3C6bB+b25bPzagvpW2sQjkrJUStDneKwOEywgz4J6SGLj
- F6Lyi085evOtfmt/Bwb4HT4geUKN2iRevWHSXTmnXYbI9eKR3peWzDmt3v1pFccD
- =1hh1
- -----END PGP MESSAGE-----
- fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
- - created_at: "2025-05-03T21:06:24Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DzAGzViGx4qcSAQdATvO0hpZrB9DlwhBc9i7ewDgHxO7UZnerrmIMAtTcVwIw
- VNtd22roiR/VPliu2owkEAirTkZ2SQdsWDm0+wfASiY7D9+ZT5D5etBOwqKriIHu
- 0lgBsoDwILXs93TKTIqjd0klQCoKm3XYSZpSkfg80p0gJqIT02gH+ME1bcXaOdEv
- wnZyOI8apbwiRj5tx+OfrPenTwn9zBcrN7wm43RHnZNwVRIeeXvJUlj2
- =eGBC
- -----END PGP MESSAGE-----
- fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
- - created_at: "2025-05-03T21:06:24Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA2pVdGTIrZI+AQ/7BS2IddYDV/BRy+uMqpKDYNVfygxrjNmbQkmhcmXa5s4I
- b04niRWP4JD0J+bu/B2gxQqPQYJym/fTKnw3PYiPsk6RmCbs0vp4KOL9aMFrtP3V
- lAWxSOkt63e1MgDtyqmmmbkb9ZJBBsiCbkrSCDn4UQsjhwiTIEqqJyk9maY19+cl
- XgMfY4IrLHy4LpmvGnYBrhNqEL5btCxYyBXhihf1DVePYEnCJoAxY+U4ToshUzUu
- 2HttOhoE8GrgN1wqsO0CEZwtS+PeBsI4Byk7TxFDRyNj9R2uUs/2312fVe2PD27Y
- OrxpuvwbxkBH+RGYPpEHt9LvZOicaVOD9NJ/31kQO/I2MkRXrDan6mWMyl9vpdNF
- zoVgm4kuqqe818GYKpQoU07fduOKmPK3LsKCPKvfUwHXDPyDJoTtiMhIna5ekTju
- ceFi744cfQ1v7KJdXqUVEaNX5xfwFkFWonoyQ6Q/7qZjT5LAIIvAtEtDopdTVNdA
- PIEh+XMxwLeXrBU0b/9dZL/s1Jz6RhAtjM2EsJX5ufpZ00SGwixv4sbVJgXvx2SU
- oosDHcfVQ0gXwpPIekxQakAqfDJrrASasxA7DrHeU7ORGMBhTCDdVTmDXBOCGok9
- pWABWZLtn3P2ituPXagrvOJ2LT+BP8t1W7yI3ifoXintcnWJxrAmH4g0DnYsoJbU
- aAEJAhAw121YavqAps9R2CMrWi6DxP6kFuWfdioUS/wEyEg7oXR5OeF4FcTFqPge
- 4fT4um0hM4sXT24aNmRpjOmG4PFuXMegTC5YThjM6Qgd2MDzhqe3tXgaChKvMZQg
- zOWvdN3wjYPb
- =re5L
- -----END PGP MESSAGE-----
- fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
- unencrypted_suffix: _unencrypted
- version: 3.9.4
diff --git a/resources/chaosknoten/ntfy/docker_compose/compose.yaml.j2 b/resources/chaosknoten/ntfy/docker_compose/compose.yaml.j2
new file mode 100644
index 0000000..625e02f
--- /dev/null
+++ b/resources/chaosknoten/ntfy/docker_compose/compose.yaml.j2
@@ -0,0 +1,24 @@
+---
+services:
+ ntfy:
+ image: binwiederhier/ntfy
+ container_name: ntfy
+ command:
+ - serve
+ volumes:
+ - ntfy_cache:/var/cache/ntfy
+ - ntfy_var:/var/lib/ntfy
+ - ./configs/server.yml:/etc/ntfy/server.yml
+ ports:
+ - 2586:2586
+ - 9586:9586
+ healthcheck: # optional: remember to adapt the host:port to your environment
+ test: ["CMD-SHELL", "wget -q --tries=1 http://localhost:2586/v1/health -O - | grep -Eo '\"healthy\"\\s*:\\s*true' || exit 1"]
+ interval: 60s
+ timeout: 10s
+ retries: 3
+ start_period: 40s
+ restart: unless-stopped
+volumes:
+ ntfy_cache: {}
+ ntfy_var: {}
diff --git a/resources/chaosknoten/ntfy/docker_compose/server.yaml.j2 b/resources/chaosknoten/ntfy/docker_compose/server.yaml.j2
new file mode 100644
index 0000000..0a28f4f
--- /dev/null
+++ b/resources/chaosknoten/ntfy/docker_compose/server.yaml.j2
@@ -0,0 +1,21 @@
+base-url: "https://ntfy.hamburg.ccc.de"
+default-host: "https://ntfy.hamburg.ccc.de"
+listen-http: ":2586"
+behind-proxy: true
+cache-file: "/var/cache/ntfy/cache.db"
+log-format: json
+
+enable-metrics: true
+metrics-listen-http: ":9586"
+
+auth-default-access: "deny-all"
+auth-file: "/var/lib/ntfy/user.db"
+
+attachment-cache-dir: "/var/cache/ntfy/attachments"
+
+web-push-public-key: "BCx7PqDiVNlOiAHHfSxjbTle_LN4hetwHYi58GJhQxiY33AQ663IaJVro7B28j-1KOqwdzKco3dMMwzBJl9OQ90"
+web-push-private-key: {{ secret__ntfy_web_push_private_key }}
+web-push-file: "/var/cache/ntfy/webpush.db"
+web-push-email-address: "mailto:noc@lists.hamburg.ccc.de"
+
+upstream-base-url: "https://ntfy.sh"
diff --git a/resources/chaosknoten/ntfy/nginx/ntfy.hamburg.ccc.de.conf b/resources/chaosknoten/ntfy/nginx/ntfy.hamburg.ccc.de.conf
new file mode 100644
index 0000000..e7d404d
--- /dev/null
+++ b/resources/chaosknoten/ntfy/nginx/ntfy.hamburg.ccc.de.conf
@@ -0,0 +1,47 @@
+# partly generated 2022-01-08, Mozilla Guideline v5.6, nginx 1.17.7, OpenSSL 1.1.1k, intermediate configuration
+# https://ssl-config.mozilla.org/#server=nginx&version=1.17.7&config=intermediate&openssl=1.1.1k&guideline=5.6
+server {
+ # Listen on a custom port for the proxy protocol.
+ listen 8443 ssl proxy_protocol;
+ http2 on;
+ # Make use of the ngx_http_realip_module to set the $remote_addr and
+ # $remote_port to the client address and client port, when using proxy
+ # protocol.
+ # First set our proxy protocol proxy as trusted.
+ set_real_ip_from 172.31.17.140;
+ # Then tell the realip_module to get the addreses from the proxy protocol
+ # header.
+ real_ip_header proxy_protocol;
+
+ server_name ntfy.hamburg.ccc.de;
+
+ ssl_certificate /etc/letsencrypt/live/ntfy.hamburg.ccc.de/fullchain.pem;
+ ssl_certificate_key /etc/letsencrypt/live/ntfy.hamburg.ccc.de/privkey.pem;
+ # verify chain of trust of OCSP response using Root CA and Intermediate certs
+ ssl_trusted_certificate /etc/letsencrypt/live/ntfy.hamburg.ccc.de/chain.pem;
+
+ # HSTS (ngx_http_headers_module is required) (63072000 seconds)
+ add_header Strict-Transport-Security "max-age=63072000" always;
+
+ proxy_set_header Host $host;
+ proxy_set_header X-Forwarded-Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-Port 443;
+ # This is https in any case.
+ proxy_set_header X-Forwarded-Proto https;
+
+ location / {
+ proxy_pass http://127.0.0.1:2586;
+ proxy_http_version 1.1;
+
+ proxy_set_header Upgrade $http_upgrade;
+ proxy_set_header Connection "upgrade";
+
+ proxy_connect_timeout 3m;
+ proxy_send_timeout 3m;
+ proxy_read_timeout 3m;
+
+ client_max_body_size 0; # Stream request body to backend
+ }
+}
diff --git a/resources/chaosknoten/onlyoffice/docker_compose/compose.yaml.j2 b/resources/chaosknoten/onlyoffice/docker_compose/compose.yaml.j2
index 1228cf9..85ce7d2 100644
--- a/resources/chaosknoten/onlyoffice/docker_compose/compose.yaml.j2
+++ b/resources/chaosknoten/onlyoffice/docker_compose/compose.yaml.j2
@@ -14,4 +14,4 @@ services:
ports:
- "8080:80"
environment:
- JWT_SECRET: {{ lookup("community.sops.sops", "resources/chaosknoten/onlyoffice/secrets.yaml", extract="['JWT_SECRET']") }}
+ JWT_SECRET: {{ secret__onlyoffice_jwt_secret }}
diff --git a/resources/chaosknoten/onlyoffice/secrets.yaml b/resources/chaosknoten/onlyoffice/secrets.yaml
deleted file mode 100644
index 62ac647..0000000
--- a/resources/chaosknoten/onlyoffice/secrets.yaml
+++ /dev/null
@@ -1,236 +0,0 @@
-JWT_SECRET: ENC[AES256_GCM,data:lRoljPoqlfIBbOTn5cBBvQ+g+w9xdwS2lEglfhZxhw/xwNaIBmAvXky3crhAhuLawv4HIC04qQZzMvCRhNzGSQ==,iv:FfcLBPp60u4Wc186EM1mbLMqErVB2ZGjXzBl+mcYQAc=,tag:Mgnt8DdG6sH+aaoBEzwbvg==,type:str]
-sops:
- kms: []
- gcp_kms: []
- azure_kv: []
- hc_vault: []
- age: []
- lastmodified: "2025-05-03T21:20:20Z"
- mac: ENC[AES256_GCM,data:Pka+RO+h27XQfnSw97nBrKc7qQp4p7oCZuBqtfNxpWqBh2XHIWVSWBgVpBt0bz/7mlKlu6+tGKifIgEoCFf8AQbCrYgYYaDjHTXIkfRf8zB3M+IREYkRBCxDm6cChf3tsPMFhiQMIZJnq9LAudBWSwlZgQrn0Y50DYM7wsph9/c=,iv:jauLcEDlD6hcSfO6jeiXmtbeH5eIyGhlstshyEFZeZs=,tag:8lRYKjJ6F5vtBjjleRCOyA==,type:str]
- pgp:
- - created_at: "2025-05-03T21:19:31Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAxK/JaB2/SdtAQ//aSuvMP1nG0fReLpbB+LQbzw3vtIaLazb7CQDsx9W0Ko3
- yltmiGhUM0GvIMNG1NJypvKFP5prl0/HyZvv+pQq3JuVozoe7KTSKWrCJhUnKkw5
- GSljS+kBEbq2q945FgXPVAv8QTti1CSjRwtTYjGZn269OHKKsEzNoMpoBFvXCbaz
- IjXy19L/CmhwIHtcmp1WPKhWseWhK5tHKDP/jRqPyFGctcM9lCt6hjRCSzKuCYAV
- qo1N5TqO3S4CEj1ZM7/ZUgHvg7/nikQrvJKN+/Em6M1cIy7JdNVx/jU7C8A/mFC5
- 3rFAVqrxRW7YmTizzj3NW5lsxB1DBrth/ajuSuQ9BuCA4XCDEV1b2UnCVPwZxP7y
- +qMx5Gf26zKkOw4MQdgdhthSoXxbV3r5vA7zmS7N2HjBRsyt4khLy5pj0RXOJQ0d
- TxEKUB11B6BskHXTy8+Z4q59PQamjsRZwYcxDNo2SoPvgE6nkY/1suT6FH+knYPG
- QBPHRY34tKT+19w6nD1HSxTZt1Q/HCzugNT10Al5jrhy1VWX3/0tPMHeaW3Ov25S
- h4/nH2QNEAB/vrAN3rVJjch1UdYrOhJ5dQqWdPqd/+2neDE+NJDvJ1yTciwFcEei
- VBg0ra3wpVBc4n1vVo+kpKUvqUlbqPLMGMBURjyaOSVQL1GCub3bhMiAH7fjA8rU
- ZgEJAhB2IaX8XJ5sOcX+KTqux6PK2ZnDezv7BbslDNVVrXjk+dNng7HC4tLf9cdX
- ykA8nrjQgeDhiWhEGkcqz+3xGq/Y2ys+nqlxGWqG3q8ADD+07qzIztWQbcGxk8Ln
- 17+XF9a69Q==
- =GZUf
- -----END PGP MESSAGE-----
- fp: EF643F59E008414882232C78FFA8331EEB7D6B70
- - created_at: "2025-05-03T21:19:31Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA6EyPtWBEI+2ARAAm8ohSKiHBbmHDzMys+E55+q9Jc8+zLmfXQw9QXG4xdFj
- xKlQQVfW/O+UMNtzx8YNvRzDTiLa5P7e6c9yuJs739Ayt3RDwgs1dekPp3aEeg1j
- jFF6klWl8wx+Nit3a3t+DkszyDqQP0utmGXPOAtYaePh393Iw/5QSQDFslACUaxk
- Y7ALtL+0OZPohYAJPUp2NAvB1JWavW9Pik62eSVDIeVClerSp6RVhEtnnxbuQ4qi
- +lPCwQEeI9Tg//d1gkydenmGn4Eya2C4/GL5vGC5Mp+d6TwVLFMIF+6NV3TbK/Fn
- B+kxIG9VCkg3VUdL3J7UjDaw4VTLQh1vBxVosuxT5fBFImOOYm9RThd9ontB0gIt
- djem8l4paubD1Kpk5yJ3wmur9Ze9mbEM89DpIuweHROcFDzEwyeV9cxJqtWQTsfz
- VCgtbAuRRotXZrOi+N0Hlu5gevrGsXCyahj1gsMeWu4ur3D7L9uDAOyyNfAb+VYM
- h+yxUjxz5N5CWAAGKWMWWt0fAYlzwZF8EaI0bC5j10m8yHL2U2kN1f53O+OlC4pO
- ZUIceB+F/mQS+rmynL5KWtwnzo3dVEvxPL182TJoRccZNU3MaZ0H8U9qxKAG65MZ
- SVusj/b8yqGZD0dWQ/8+kcp3MLIZj+CD3UKG92iGse9GbeC2bOUMiNYUtVby0APS
- XAErckFw5+VHiVvQIareeIboHFC0Kc7UfsCSvRSYgakSyNGwoHKtKN3I1qjHw0yB
- e+VaS27d15fnAKg8P2d5PoRsi/+iTlCkQP8CXbKXKhBCBNLpHi7EwWZ48hQ+
- =kxBp
- -----END PGP MESSAGE-----
- fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
- - created_at: "2025-05-03T21:19:31Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAz5uSgHG2iMJAQ/+IfB2GS0U1XbH7yWFeMWV+wqBmAfT+8qbg7sacLGfoktm
- co3tQ1Se8djV7QeIRjjtLGMkxmdleiNB2x4fkphcr8gbEPewxuop7sWhf6WbFJPY
- tbAXucBpIC7nw2jX98XRMzJN5Gz+GsQBvv++EkBmUMCbu8UIRfvmLOGBHOplgGj3
- sEfujPsbeY1I7sgVmdaeRBCFnqLxPy/FsZ5X7cntTkQKfT5FpXX+GebGiH99Jf4Q
- z91A0Iy/jHAROeBMm5U/pGdJS6HV4aLEf+TQkXuNmTvCoMJYZcAmE53dP6XohPl/
- KDN60EUolwHycUtzVzt56yz/fJLXJEJSUQxuP1HyabNb60f+2zT5wWz6duYwig/2
- Wx/kdSSBajcc4vLrAl6CTiKv/UYJ1/Fs0E/gNck5Cu779m26MVdoDT4DWaAHGdA1
- riYE6xvlCJc71YAFo0cztn6XHkKiSYCfJVWWVIIrXugBG+LhQivgvTK8muNrQEtv
- bFpBLQH98iUDm10GMMHcLFh+shwAocpn//u0eFZJ3AMj7UysfYnkgCs1M5lqmJAc
- GEPRzVZOX7JXw0/CHy13RkkIsShhD/gdhpLnZz9zSzkra65dfzTRPyjCJ3haKsiz
- ja539RTkULk8LG43V6KT2tgnTJABTcE9mazW4BACrMm1+K+R4rtXNi8HhK4GUTzS
- XAF3/Q+8a42TE6UV0p9MZzZ6e/zx1XwK7PrQjupcVA1enCvtRPpynYOtf9sd0ybM
- kLBSKDz1Mlvc+03ICD5fi5BwvvUNS5uJFK9tixJtj4Pbe2OWTqBCW8F7MZt2
- =4m5L
- -----END PGP MESSAGE-----
- fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
- - created_at: "2025-05-03T21:19:31Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAw5vwmoEJHQ1ARAAlhO6HicbMqEht30n7UZTlwlhV1pGE7M74C9oLCSU+Sph
- YsJXMqkMPVzbBvZU3txCh8XJqqrkp+Ub3V9Wjz4fvAYhGU9IRck55fsRBpcVFsOs
- 8vZuS0fzbQREZbGCIJd7CRzmFs4G0/VtTL2b/7lOOxI+sLAReQhHRhzKtzeOwDK1
- rjxPnhwyKeZxZBRdG6PYagXa6vfrIqw9RfJadVtjaF03z/aIv9d91XcjftjnU36e
- 0ByzDx9yPNcy5efLCKucgj3QTPmPS/xIEHopJ1OR+wPueBaJvzbcAJEEn3N0yF8y
- foJkX+ipaZgwIOhj6WTLtYuJiwXUxcLFevBXcdVOCN0YTFwg8CXsuXiC6Si8ngDU
- WGLzONnsH71V7ecPntRblxIOdHIuAjHXwGNFWXKLSo2TNPssNlcL/T7/oiauXCzk
- SrsdhO15G4EZF6oXyN3FmyqgoObuZwwVK8O5UgDoeE4Z8YIU/7lTQNAd2V7nPI8L
- WHuop4gjfZvvql2N8mtVv08chu/dNg0kpzA7iQiV02EG44IuyfGJ1/wR6AXEglnx
- earG+KWFnXcuuVDhIrFxMvEIK9QieVOUc2tmwx4r+wK/FI7/7oYDOFAs/ijgCKyd
- IkC89eewIrv70jrrd1cCcHdR//x3f5nLqX5+Mql8rB0WLGhICE4E4AbkJzjlcbXS
- XAGVOaiXynxCDzk9Tx7dC8FwIayLy9mrmSIP9KK6vKsYjvKGMuxZJUQ/uW3LaTpx
- 1BE3QLU1HY24Jdztto6e2ff93stjFIVU9ONDHwXW4YJ+Uw4oGCn7w1NDJQgV
- =2cC7
- -----END PGP MESSAGE-----
- fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
- - created_at: "2025-05-03T21:19:31Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA4HMJd/cQYrVAQ/+IQ1yvts/ZJnw4GAn0AkDBNc9YfoJ2hBW9/iyKl+uJTJ8
- BOgu4tbbITKB1yLff/xeGRR66uMyU6XJ/KlyGXzQIJll8tlonUEjmX6i0Krtk4XS
- HOKupWmRzdh1PTscB07ARuW+6B29dOdUVgo86uauOz50mnWHCCdC+YRPw1Sygxtk
- 9jqgx3Go7z8Y+zkgGgOb8MFdh3gnXw2aEaiPgeCcb/c2VTY4SeJf/tBwk98pKtFG
- 2TU7o5QJCbWp78VRJbKGlc2eKFsWd7HNJcRuW+YvPIwTwnHvcM0mdb5wWVd8g3vk
- cN3yyFOnOXe7iMS0S/Ab0TVYtB2MsSWewMUfcEavMLG/+mAx18J2GnVq4PQKA2hW
- ORLMHGqPlsZZfxiwhBXBrWvOvUgHYFxhDmfC0UOQXIybd9AJuNMHFNI6qNnjvf+b
- zXVrqwrOI+A0y0MbRnIyD/rIC+ADiJfU4HfdOp7CC1+mxo/4Kyr5N6mEBFr+6yUE
- dZr9J8EV6vzFQ01rg0GTloPF28RCjglEISvaO0kZ1R8bCQ8xfeA9I4LHwr0MOBhH
- rCpmmpkfNZelC1ecyrI20D1E0fm0+JswfTFETaQCphFeap/ySBy1Yqe0ofMSrmOr
- 3h8ldEFqQeC5UJWapwo+Gf5WYK3e5EGnL7IiEdObKH+pu3nRAO/8sP88Ic2pSGTS
- XAFsn3ckkvwaUpY38KOqglKB8ex4Y7MOplkiqIPnN1IpmHfWoQAMUl2kVqZftzAc
- GrUy0d82MP0b/xAOStVkrh1NClb3ghfWsjL2ZjTLGB7O2floAfpJaNSQzFh9
- =hVtc
- -----END PGP MESSAGE-----
- fp: 91213ABAA73B0B73D3C02B5B4E5F372D17BBE67C
- - created_at: "2025-05-03T21:19:31Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAxjNhCKPP69fAQ//YiQTFaNjAtC4+49X4xx5wTmhasIL1who6Da82i1Y17Hy
- MhKj8h9ND9fLp2tFM5UscPZCSMfQj6Vl+7Zz02kbcu+CAOcl7BowHBKrTrfahtu5
- O2lUJiURZZXmjeQNm51yCUNl9Ohh5LkiEto50kAz4P7/TWEY102z2+SaScBYJHb6
- m8EnmWWCnmwomEFd/Te3F9uLCqcwyWMspDQyZ3jZh8bcI57K7P/QBv9kjKVU9ZbK
- rHMfKxcbMmDhauxQnrxe+CAY0E+iN7+smRAqa8aDk6Qe8e00agE/PGHyTm25jAWE
- Mdm50Ybbj8jC6r7udoTk2K+0Jv1N/xcSnwnJ36MWwJztZD8tjEjn/bugsgG8zuj8
- R8o33AadfYh7yYRAII5m+24pCWU5EVl77vYaD8OvXAxUBjx1tNZSRuOtCH6x0ssL
- 1TDtscxOX4WPBnyVQ4p7tAkV3AIyj02gA7Ya5MKjJu73KQjn4qI0G0LD149m+9tB
- kakRXMnqwM9cCQ8VVg3LSk5VYCD0LuZKlBd0OdwuhuSvnd2OMSGTPlSClaCEAQha
- qPrfHYwOPh0p+HwZLq7gLGNH8X4IrMtv3vthO0ff2OR3ditChama4NWHSYZ30QSf
- /3jRSzmH8fvtx/EzvK54Bl+7AChlsaPqTiNyAaC6LZ87gGtHqZan74DxJuHb19PS
- XAHjYPTSestwXzNi+gFBajJEjT/vHekm8RrFrm+hJ/T1XRHZ64Qi1ZNOGs6wPe5U
- GifWHk/sBFD14C2YDsIOGUtbZzhQgYes7pvTN4ONmCgwutjUC9xKNJo6wI44
- =/xJ8
- -----END PGP MESSAGE-----
- fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
- - created_at: "2025-05-03T21:19:31Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA1Hthzn+T1OoAQ//Sb401ad18muH2qvpoa8HFMv0hm7YPPISmgiNs7ESb6KD
- qjLTtKxTa5SwtCbFh4kNVinqP0MCUgWh5spCzf2QO0+GUpjw0kbsUgMqcXrTBS5l
- 9cj93bGDEOS1unzNtGNSv6RwukLtlTM+W3Q3azi7UAzs147ThVhkKL8b/NdzF0FB
- GgV7p/8qCqRrBNrPocA7/YS4DVuVxNWZfSgR5kvbDPEJKCraY4gqTb2Fj3D+vvEb
- aIOJ9uGvtaqWcSt15INamkrQJx1TAarVUV6/2FO5qmgz1StZoTecOXmS5bfTTJce
- LCwqCw9aKjlHK0hIdLvIWG5JoqGTH2uhLZsznn3L5ywnLB9i/1IVYYKMzk+ENnRJ
- jlfRNjqDdXKLmoe1Ob3q1fVpxwqrlbvHkhc2nrQ+4Or9lcFOoschZPQ+UiEA3GUD
- mw5FZQPvmLWhe928MgNJN9PW+upYGILVlryg4Oatzi8bYeji70UpQRJm4kch66dE
- IvXBoZ7fQSdAlEkcWcqPq/QHZ6BSbpYONaRjVYWtgpRMwh1JH9JdoO6joXqXW5gd
- BroeA1h/oIP5RX1zQpWieRP1wGR899WCydhYOIq9HyuGFKbz+fwcVJ92om4kBqll
- kq8aSt0oSzXmZxt+tiA90GREzc9dcrtwTzkqRHpjck+4GMNyl3cHt3Ce8ofu4JvS
- XAHtcZ0B4SA0QHch0Fyo7vC7MGjZ7aQ+s0hMwL1LhSlChBrISLRkQrqlh8foZyNk
- tZAcIqnpJbpR4qQGKdGIE4eDmk+AOxgRFiUO/nFS6ZfTEZqDmw3Q+a8TxihW
- =wRRY
- -----END PGP MESSAGE-----
- fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
- - created_at: "2025-05-03T21:19:31Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA46L6MuPqfJqAQ/8DyYywkYZgeDm8C7Q4Ee3bmYSOd0c/xx95um3o0yndQCs
- 6KuQsWnx/sX0AeYeMBhed5P7X0IKigF7vxgHhLd+2o/jmG2gBw9qV8LKqWgTahJY
- +jPsYqQHOLV5o5NBfhv8MyOeBEhOHRRWzZ2VaqO9C8+G8+SqkOogIyKzHYou5KV6
- sI2cZs+JIFFgwiPZ1S4zgbYSley+XfjgmwV1z85KYuuIw2GrxQWaPIp3ptalAQch
- N/BrD1MPk2a1QfJnJpAAEXUVhNfDQoMWSxlAT0HliV5idYlQ32uQMYMyJCotNGHA
- egB+bUp3qEQI+Y+jLB26uszMpKddL598gImTp6UT77Hrt5MxL/8jbhR15XsnMChE
- CbVovpOHiujAkHEPQt94q6ch8tGvfrCdaGPuAamIQPRVEkorxolXJXv1MYpI+ycp
- szK/W3Rt91iJS1fSez6j/MhAKCAExhgBcILT7fypog4IbstACLArhYzlB5mry2R4
- 9JNeCSFExAMW5IVkV3fUdWWKBdqZjZFW/MdfOhYs//AfnVDweJ1V4ZAUcIfkVewd
- ORmUOfbH6UwvWpywx1fT7s7BZGcJHX4R/5ARZQj6GIadIevBKljlQhR6+WDlIDQH
- i0W/dFOy2f2mRvamrUBdcbRY/HGqJRbZGEml2AAlZ1IgDIhVWxUy9w+A6c+EHbzS
- XAFVoUrdKIhmHC7NEQFyD2A+iFDx1EXkpDNL6mpXUaxNDrwCNO47un5pUvnVVK/z
- W7wBQtDD54iOJIMlgnNl7st+Jp00y88/IWD+KzSVpArU1Cp5ja7nU2MY1wji
- =/Oy4
- -----END PGP MESSAGE-----
- fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
- - created_at: "2025-05-03T21:19:31Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA4EEKdYEzV0pARAAjzsQ0wk8ja7zsgYYZLhidtGRjxkiXTo+Wlb9ZDytFuAZ
- 3VxBNRZn0IHLFTmY647p3MHcnu8XSbRAWI0n0cuJ0jAkp5k7Fjw+0ZfBy/Kia5wj
- TbdHA8gdmTL6kIGVmTVZW8TiZJW+5/aPSadrBatZ6Kff4DZSncskqufVZIo4jjCl
- 3BkgVthj1gmXyJS0EguCnBoGWGJ4xuY8cksq1qugjbmTOxxLbtNUcc1xVUluvwgI
- AjSIYDO6/CBnkjk9Y74hrCyO4VtmCVpcDHhqf0GFFGzhUIJN6v1iM3f1PmmXbU1q
- mpw/M4Nidog+aQ9jWCYsonjc4UMMUDf1gOIWyZ5tMdJFo/92KSyY0iUlzyOcE0sx
- HloKyWss+Fw1A/7YcHFBCkR8VOWbshir46P9Rb+0fKFzsuIRiENmzQ80Nr5NCVFq
- YeoVxqXmggd0XPZOvqIsD3Y7u3tp+tYgxjhwbYVWX9i3x/dviHsPmc1ZFFHaeXlC
- 1R+Y3454akuAEucj/Ju+fZgWCipzPN0/5OY0GueJGOmozZEOKgcjx3bJZwipltm1
- caUyLuruFV8RXXrqY4AJ9Ovx4Qb5irsud+gN5tsDi6F0Anj0N9GaC4q8SwX/xl6c
- w0DWOyLAn+5gRVKVVg2jX/Z/wUkBjJ5YHTyeVEqPvwtIUzc4vaXYHmgyrejHe2XS
- XAEoKuA08Zmu592SqUEpcwfn4UkUC+HU+DWtcDwBhMraNFn2bQQmwzMT3GE/dkiT
- 4FP5Xhm0UTbUbALPPqMEu41uGeUF79LG9EIJssU3r1oSzLRH86PdMYBE4MEl
- =7gGA
- -----END PGP MESSAGE-----
- fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
- - created_at: "2025-05-03T21:19:31Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DQrf1tCqiJxoSAQdAhWNV26+MQYLWmFFUi8AZtNk8bw2CXuNoaRARTjekGB4w
- FbNvRb4cxWgVTWvhb8A2O5WJdFiOyumxwY7hGgxwiKyU02D8xR93jbQPHKl1hPWz
- 0lwBRjANXKsKrh0uIeynm8hKEtlfn1sfCgucb2qd+oTab1mgoUd9N1o9Q9T/vHJF
- iMhkCXnn+uugN8aaiM6jW86qY2Y5elDPICwuF/pvm6bcByfmI6pF3yoY0MRtGw==
- =bZKM
- -----END PGP MESSAGE-----
- fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
- - created_at: "2025-05-03T21:19:31Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DzAGzViGx4qcSAQdA9aXqXY3Szsy1SRsll8c1df4hXRugtfdvmNwr/j89W0Qw
- WcvP13rPtg8mFCePBp9yuUo8tT4K9dSplJKOl5l1xZpT1KyhxNO/1OtHhWdK6UsY
- 0lYB+Njc2aP4nRm0WVAjDkAI2C/fb2vIoC4IHC0SHcvrIKJhkUMaYH4j8fzr77Oi
- deA9DLhIAAJcSOEdj+duuPeq4j/lPf2amOvjeePnwzM+ZsByWsf5vw==
- =KKcE
- -----END PGP MESSAGE-----
- fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
- - created_at: "2025-05-03T21:19:31Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA2pVdGTIrZI+ARAAzEzZZIM22D++beNd+noXbsm0dVWPUPZsolGraxxVZK8+
- 8qXCNMfxsids1yra5iFeHm07U+6SmtL9H/v+qkv2dcKOmjZSB+Af1iskoUv9mT9o
- ln1lgdzhSyGhGl7yl/jsT0KWS6sIVqREfcZecYz6k8id4YhR8rttKnSX9Ltn1RTT
- 0ujoATzD60JTtgV5jpVJvQxZG6tm1p+OY9lv/d5PjYD99iQXDMzp/tmaGkZhAQuS
- sArD7IrHdf8cj5M52IFG+f7cIyYWUFp1xKGQKjPDKqlL2s1B6foT0UQWFFKHAqP0
- Yliuy2Pedb6JsIWwhoElY/nv7JUjyNgNUZtO80brOxTEhyRjUQJ+7ub/R4vO6Pml
- mKSivjfAe7mU8jg5y3v3B6AoTu4mPkEYTKqKfR6ruwmA4rSRkuOkJsiOPFojTeEL
- 856ZljSkq5PigeALCREu6LOtq2+IYNCeDi231nHe+YafseP7GaJkc0XMe96Q3Ndk
- dB/kJWyuQbZoc/vjjlWPrGifemwwLGHwX57nsfiYVZmeGRtggKioSHYrqjTY55zF
- c0wjeOy3cgf/lX9IRQx9Ev3nRZD/Dvb0fp43t2PXCZgukVgmsNMe+lF+G0Yxa+uv
- dS/4CghcDQ7BolVOt6Fh8m4mgNU/ghM6L85An3Qo4FmXwMw0KMxw4BfhiYPgO4jU
- ZgEJAhCPSY3mTIkX5b/Z9gMAx0pNO4UKkX7GUGq3xOnMWxjoxRDA0hhEddDLdHkY
- SBAf/3XqrRF9o0gCU2MQon21v/LvHfn+r+3GZJY6vYOcJDnZxNxKytJXY3O6A8ac
- wgVobOtSYQ==
- =Q5Ft
- -----END PGP MESSAGE-----
- fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
- unencrypted_suffix: _unencrypted
- version: 3.9.4
diff --git a/resources/chaosknoten/pad/docker_compose/compose.yaml.j2 b/resources/chaosknoten/pad/docker_compose/compose.yaml.j2
index 9484c29..ca29f1b 100644
--- a/resources/chaosknoten/pad/docker_compose/compose.yaml.j2
+++ b/resources/chaosknoten/pad/docker_compose/compose.yaml.j2
@@ -6,7 +6,7 @@ services:
image: docker.io/library/postgres:15-alpine
environment:
- "POSTGRES_USER=hedgedoc"
- - "POSTGRES_PASSWORD={{ lookup("community.sops.sops", "resources/chaosknoten/pad/secrets.yaml", extract="['DB_PASSWORD']") }}"
+ - "POSTGRES_PASSWORD={{ secret__hedgedoc_db_password }}"
- "POSTGRES_DB=hedgedoc"
volumes:
- database:/var/lib/postgresql/data
@@ -16,7 +16,7 @@ services:
#image: quay.io/hedgedoc/hedgedoc:1.9.9
image: quay.io/hedgedoc/hedgedoc:latest
environment:
- - "CMD_DB_URL=postgres://hedgedoc:{{ lookup("community.sops.sops", "resources/chaosknoten/pad/secrets.yaml", extract="['DB_PASSWORD']") }}@database:5432/hedgedoc"
+ - "CMD_DB_URL=postgres://hedgedoc:{{ secret__hedgedoc_db_password }}@database:5432/hedgedoc"
- "CMD_DOMAIN=pad.hamburg.ccc.de"
- "CMD_PROTOCOL_USESSL=true"
- "CMD_HSTS_ENABLE=false"
@@ -35,7 +35,7 @@ services:
- "CMD_OAUTH2_TOKEN_URL=https://id.hamburg.ccc.de/realms/ccchh/protocol/openid-connect/token"
- "CMD_OAUTH2_AUTHORIZATION_URL=https://id.hamburg.ccc.de/realms/ccchh/protocol/openid-connect/auth"
- "CMD_OAUTH2_CLIENT_ID=pad"
- - "CMD_OAUTH2_CLIENT_SECRET={{ lookup("community.sops.sops", "resources/chaosknoten/pad/secrets.yaml", extract="['KC_SECRET']") }}"
+ - "CMD_OAUTH2_CLIENT_SECRET={{ secret__hedgedoc_kc_secret }}"
- "CMD_OAUTH2_PROVIDERNAME=Keycloak"
- "CMD_OAUTH2_SCOPE=openid email profile"
volumes:
@@ -53,11 +53,11 @@ services:
environment:
- "POSTGRES_HOSTNAME=database"
- "POSTGRES_USERNAME=hedgedoc"
- - "POSTGRES_PASSWORD={{ lookup("community.sops.sops", "resources/chaosknoten/pad/secrets.yaml", extract="['DB_PASSWORD']") }}"
+ - "POSTGRES_PASSWORD={{ secret__hedgedoc_db_password }}"
- "SMTP_FROM=pad@hamburg.ccc.de"
- "SMTP_HOSTNAME=cow.hamburg.ccc.de"
- "SMTP_USERNAME=pad@hamburg.ccc.de"
- - "SMTP_PASSWORD={{ lookup("community.sops.sops", "resources/chaosknoten/pad/secrets.yaml", extract="['smtp_password']") }}"
+ - "SMTP_PASSWORD={{ secret__pad_smtp_password }}"
- "URL=https://pad.hamburg.ccc.de"
depends_on:
- database
diff --git a/resources/chaosknoten/pad/secrets.yaml b/resources/chaosknoten/pad/secrets.yaml
deleted file mode 100644
index c04f9b4..0000000
--- a/resources/chaosknoten/pad/secrets.yaml
+++ /dev/null
@@ -1,238 +0,0 @@
-DB_PASSWORD: ENC[AES256_GCM,data:jV84d/y0sBF1SeaNB6zj4EvRHiKLks1T,iv:mPv5cuy/D1961ZAoAkp9445x5nov7mMfNJiikiwsNcg=,tag:vxW9JYm6FdCgKc4lTqTZXA==,type:str]
-KC_SECRET: ENC[AES256_GCM,data:S0/V0RYvg0BsnZCZ0itZYirG9dHJTpTzYLzmw03bZzI=,iv:3bDIUZZy65hOnScIVO3opXz/V/0p0UFavu8XfFtNqjM=,tag:0aYfiIOBzUu2eQOb4tjA2A==,type:str]
-smtp_password: ENC[AES256_GCM,data:IfDrD9C/64fya4iOZfzW4V1WFxgtNvW2Ww==,iv:hegTsoGewWm693G7Nt6dVsTEDEUwEWAd9zpiDa8mZJQ=,tag:3Jurd4DmpvIGL3g1VjXZTw==,type:str]
-sops:
- kms: []
- gcp_kms: []
- azure_kv: []
- hc_vault: []
- age: []
- lastmodified: "2025-05-03T20:39:05Z"
- mac: ENC[AES256_GCM,data:JYRoxtmv+WidExD2CvR/6NGHcjTHHUMMslzZo3dB2tNiM9RiWJt+SW28erGt7rbqNYGfKc4jgQTVBtpqWksS0oF9hARAoBm3P1ggufTo6YhTGOi9j2bzcNlE66R3ak43Z9m9HkUzDsBdBU8cb6n5PTGTge4FUDAmJ4Ab6729JGk=,iv:uNuSWbXHBHYPdDsc4uSP46HS+hgUZReK7f1pLx/bBrM=,tag:IiYUq86/eShw+/E799gBcw==,type:str]
- pgp:
- - created_at: "2025-05-03T20:36:54Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAxK/JaB2/SdtAQ//eXkOeME8b6j88gPFg9TKzqBlmf94xy5iArfAoul5ytNY
- nqX81BIbYAvpI+WrHdDVswNivx1zl6tLmowUAzGbO7p3ANveGbF8TKVwTzTrol/8
- rXuzwzGnBV70UldTgXQIyHpEakonhun5RUenM9siU+W0SVSqUMZ1IIvEcK1aZoxy
- rmHxRP/5iC1nW/yy6WLUBFvziDE0zpYSJgyZGcIUsUireLmHTOu7xyNm+aIXEJwE
- 5+RxRDGuBAaKNjJ+hO0BCitGvlbgyGfjjaWOAc8PxrI5/qG51TwghJpzNixb6V/J
- GWW9jR8K2yAWktVYQ/IDkZcTJST2/n/X6JRRvgGZinYFdIEuutoRtrugPeM6JHF4
- aFa2uPkL4YCTiteWWn5HeliqWZQEOgKi93AvKrihtcOjIKtpgGlugyhDZnWW5nP6
- KVkPJRHEdalpvGP4ULX9qeTl/u4D4LBTnkEkAaj6xfqo9KP6cqztaunCDeDW7Czf
- cWquEFxuMAoZIWLKwvpC/n1VbPUgIuPt5qibdUoTvQONay4aXJJbXdndX5HzvDhP
- TcJ02DgLdvD9JYQ2NPQyFZNib+MJzrZKoyqvnkPzrFAzBbVy0nDesfanUYjW8Ixj
- yLHQgoanASwqUmEvY3x0QWSc4KpcV+6AuQCz7eoNbYvVA2oaKS6l+5dQ1pT/WAbU
- ZgEJAhCX1ElhAmESO6+2UNYB0LXhrxH0W+xOikEuz1/yuDVImtAGN/gOnkTjtm4k
- LoXvPoCYoRzqAzYoefzHpAuto+pSt1vD3mYJvCEW7hlHblJEYLzVp9UhyNHbYiz3
- SMnUcl9tRg==
- =y51+
- -----END PGP MESSAGE-----
- fp: EF643F59E008414882232C78FFA8331EEB7D6B70
- - created_at: "2025-05-03T20:36:54Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA6EyPtWBEI+2AQ/+MkzGc0xUFV4nVEQLCY+/lsW/UOJE2i7gHPVbq00XUBgJ
- l9kgE56aGuCvz98HiG3E8R5J3BP3cbdXbr1PrWF5wjKsek1pzmTwTWpa5wZ89osN
- CDn2dhZRW4ksqYvgUrKdx/tVfDR63aYdbvTU0w5pjjCRev5DG5FvfzvrkEZV7TYQ
- 7nVO3nk2p6x7cCWhimKEDc77YNg6xs41APQQANzPdGByJYY971lGYCgbi13ZZhXe
- o5NLBHCIWZb1n33wdX8UsafGlht35n8CJeedYa0fQtH7+extw8kPDq4LXB2LGT23
- x39u8+ZLqaGmQD9c5AhGmZvRxHCkm1SmgrP1jNKpp4qB2wOw0CMJ6fswz5uZYOBd
- EwptUW7z+RMcwicNnZN7LCI1rMvqRfzoABfg6tCQBr6mcPTKjnhsGh4rKeMXXpz1
- e05v0VPuk1Y/+T9reZy2ydEmxWU4T6OGYFYCvTCpM1SV4ovicW8Tdn/qrLU9ZEGD
- jaU1XouAIuzI4v+MFvu6qHCoE4Jg8uiSItoDPpNXaY7MehM+bJmItpViujQIvPRh
- 4thDnYI+o39NNAzI/RpPGhBvsp4n87GPNbzBu3uk9iZiC++xq5w5ed/bId2+yCEq
- 5snMq6gwZxnBBFC15enKy7Y74Wy84nywrsCWBwZuFiLNscubBetMggftwJ1Y3+3S
- XAHq/rWA9IUNaFhOabMUezljD0f0eVuirA0kyIUdg6WBYzQXuN6Zexevi+CwtsCW
- KQbAlcFilZnXBj+PNpUfkRKlpKeUmfs3qpaiPtPBBHvFfkOXk10QqnrbMmjG
- =bKDT
- -----END PGP MESSAGE-----
- fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
- - created_at: "2025-05-03T20:36:54Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAz5uSgHG2iMJARAAnZyTwARrT1U4Bi+EmQ9ILbL0auboxjkYTr5btaueFJEv
- jBK4URpaUHlcnhT83Q6+ap04lqL+8oEJWWis83sQ0vu9PgdyNdLkFHKHnbTweSbK
- V4rqqXld1xfj8vovluJZYdflADa981Bzenf6BNUUWv25p5Pek6M68j8UN3XVXIHx
- 2GO6dCj7jRMh7+VMpsyXaXnwtt0JnPy29sKWDRQGjZTRG83DXXJNPWLLD70KS8Ib
- uBTCbjOEhF5tkXxLo+3YR5LWit8NNqXtCQl7L6AgmQUz6zNzNnoTDph0T+F5FGDe
- ek6qamKeK5f+GnZoXZqdnfFKEsleToo4r7RcYSif91ohdoQF6Wbal+mrxb6Xh5OQ
- qsLgXcFiT4l6Y9AYtkjYj7jrl1W9FABpSBxzimkhuMOqR36Ah5SN8tgSUQF3cXoT
- 9zi5F5kkvjotaGNEDfMiX4pZhM2jgT838JXJKvIyFuyGsPBNLt/ULX2r8zWD+Z0f
- OL06XRKi6aH8zOKRNXGZPIFO5xbxDuShwWWxiymb0jDLPhH6GWLFvw6VYx00/pT+
- JDVbeiQR+sn8h4j8TChqlimheqgezcLp/DSEr05nnfmqwlKrPkSwPy8nffMnq456
- YtQQOyCnnCXRh3syI/kTVrRWlPIspHc2cJSfA2gOtsDFWRLhH40S0ut/3Y++YeDS
- XAHEDLQk0U5pRJM7SEpcTNOzzgfFaDL9WwE042BGDgxCqwuwTeqRxhs1BmcP+SEI
- QOT87j9bKOQEFt4cIUnQPjVVJnuJRBqx6g4Q3D2Vcs3SZ2vdCrj3mirIqGeZ
- =p15o
- -----END PGP MESSAGE-----
- fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
- - created_at: "2025-05-03T20:36:54Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAw5vwmoEJHQ1AQ//Z3mdByBfD+vcDC5F5a4IaxbwQwgBEez8OOMg09SgU/Da
- yWKdhdFGwxYP3seW2wRTa2Z0f+isbEeK3KQby2uOOcaMUWVJuxteEXqC3BAz8WPx
- ygrcdgGrgQLxWeR9gOsxmal+TCzMAgMxwBS1G3wN22KQZ8nZ3qHKwVe2W8bNjSgk
- kw4tHRoeJ3PNArqQZcdyP8QIjfzmLK5Q3KQr1Qdh6lu+Ild7GlX2444BmZL/Ccz5
- WG0eS9TwqoOX4YrUgrY6ZNHhWe7lWW+0CZlNhiOG4UdjstFkmHOrb+kbsjMPKXac
- qHOmIN+YnGQ2RYP80n4t27SOot+BuOUmfM3w3raqokqftwZri31RLEWm0aflX5DC
- X76f6QIgcjk/0PmaevqO2rv5BdsLcoQzqcsGxglIO2owkypdQkzbM4kHZs5mHP3U
- dzGpzX+nJGswgT4mDB01E0UPretR7ERRBLr+mJxJ4v/tjbNj8pcogTKKGQ90lxd5
- zDIAYMZtFPcsV4QkSqiodrE3nO4efnWCL9PVfmES+DmHbNalNHaN5Ir/cpC1t8qz
- XpWMLoObralSAN4lgpT/vR2c0Rkl3LTNqZY3OHuOsMs8R7Lii6GkuiXAGX8jM29D
- T7ANrajh5wMTYW+fkqgKUPO8m4PuJDoBxQfPLiBsnwYzw9GFeZepzcOX/5i423nS
- XAEf6cMx5rkkwnkJXzD3KsbbCxFlyNzAiCbv85xrgwHk0qI6bHEq/zBmUKsUMYUZ
- QnCgIuBHPQWG2HfdTJZU2Npm6R6DQYsDc8S7f7CgFgUOCk6Du8iG10kqiLin
- =bbHQ
- -----END PGP MESSAGE-----
- fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
- - created_at: "2025-05-03T20:36:54Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA4HMJd/cQYrVAQ//Ugz7BgmKUpXYDIgOdebqgR/UIuWY7k1ZtizYh6mZwPxX
- BhSKDuriMftJ+P1+nKdyD4GryzA8jbHuRl321JHjo0R1VztybJmso5Hd9/TRJilo
- TPENeH8q2NYH7ULpLNuLDXBDAsiCJ/b53fKnngen2rYJxnMaSxHHYuZ12L2vkZvx
- W6aH7s9HxGFxo3k3iO13ve/oymoI4oMkheQ41bmmQTv1zZXcuxbFHzSIeaEeZWG8
- cCEeq0asvoLWdXdXLI9ISfGpuI6a0aBd6zLxfmS0tkQm6ziNC2ZCW96RdMGWgqLD
- M6mnLp3C+bq1RL1q3RYJRGfTMZ6KvxSAhtegoe7Kd+ZfAvqkRejqV0RwpcLkm3oP
- eLT0rFToDdlipoyND4pLzzjTgpBKfVdTjSStNqVjx4M0jq/X5bPAvjp8qpBqhPTo
- DJbKjVJ6QnSMDQiwt+uKuG1nn/4ltYz8aTbDMYedFblzjmxldY5YqqqIVag0iWR+
- sRLpcWJRh9HRcSyF7hC4XiSWEo5ykjnHsiae7PIzfs7JlGqYzx1+mMjaFIrto333
- llS1u8rBktBuMpnj89cBKxr+GeHbdm6RCgZ1QFO8ldqDTNA3JfvqaJL1hZhU0Fkr
- wDqhhzxR0DyrLxMu8CI+pnZkor+xoMi4aS0AsD3RVpvK6Xh/ontefmwDTGqTyevS
- XAF/Lx9HuXWD4sWWmn0xdR/my8pD26qJZF/Q9Tn6cMTJGT4SzMeUMhV/hFxTMaOD
- M6qUI+VZRntmO6COwUDzaIIe9Om/c0Zi7ciEiqLRtVYk8P2AVR0RQvMLl1pP
- =VH8H
- -----END PGP MESSAGE-----
- fp: 91213ABAA73B0B73D3C02B5B4E5F372D17BBE67C
- - created_at: "2025-05-03T20:36:54Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAxjNhCKPP69fAQ//UxOCThA92qCY/zZUmiRlPIyKSWb5EgNzil30oaXFtVs0
- 15ALJPrB0vZj896/pHGF8m92ubmdbikaFYVeZRewLjR3PXzwYfuErbirWJt5v9c5
- tbedfTCQYv/nYUxCLuU1Cqd+7TzYsNm6ekBHeAsE5p3cVQtVWtJCp0OMIj5KBDx/
- MuP9+SdjQi0r3rtklqY1gV744uLBMWCHlqlCy/aKlF3+HhEDCrx0Ir8GMh/KxZIU
- iwsD/gxKBQ9K9H2QVf7XltbBVuaYIv5af0VwFnnmmfE290ba3EKsMcrY5cPQvfWX
- /oMF0Ox/34EGcAORJ54+IHer7nc4nXKt8IP+jvgrM7aTxxsh/KSCWPqWdE6KAbty
- 97/L4ziVJoq8lKGW1pl/S1M6/GGfyC1T732kEF0Q3ewcTIpvAZGII4+2ae8cwrG4
- H9bHbfsMn+gOuXDfNmsaLYNnupLC3h1LGzmvQCDcWMmTvX6uJo0UsPD2TzPkGTVm
- T+ipF5OTXn9lcRkfBID+psKynLOFAU5aZFnWeD+xMt4KF2uJzO9wREzkIjj0/H/M
- GljnjX2ZrzyYu/W/xO/p9clefAFPlvxx2JM9FkbqcvlZQus6Av59h7lYCz7B9eeY
- myDLlajpxcfzYW0Fc7PPION9LAwN7uQqgTOt/z+2CirMVNpH1DKu2EfdPbH3dQHS
- XAFuIZ3myamt+tfhN8hqzf+ICQGQvMxRuCNH0Hxg16104VnJMX3DvaGo/3m+X2yj
- T3h/6BlLkxtQ7qOYULHTYh0p7ZOvNu/H+I6lGsthWsHr2AnjP0ZiYrpK0gLi
- =Zujj
- -----END PGP MESSAGE-----
- fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
- - created_at: "2025-05-03T20:36:54Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA1Hthzn+T1OoAQ//aa4FwDb6leO7mNh9sOLIxtCrhaveW8LFu5deG8vD/2jl
- iVaGjT7g81UlkMQoTNDUoIWrRYK62h3BTocmhCoVwRqQtG1gM+iL8x9PeAwXMwwg
- YQcJrudy466elBqo8+iBAqhoVUu+40aW/f7sp9ZtNJciH5NFDZsMrViXtfIMSAeq
- VC5+WgyfKLRho0kJQ27qtsohUb7DmxosmtDQz/Tl/TjSD7nOGsuFqti7Qu0f7ZVQ
- KATNif4B5cDyNJEb3DCDlgBgZb7aPsFIeE63vZVywdaRum1+Uva+PvvNS9YhHxb+
- lIFmCbMm0V5cJ7Ug11J3ObbtkoNf937LViJkF+KeqMuoap7jB9UBMSdc+8GUlHUR
- hdipoKVpjwDmeMpTOA7xTUsdO+9XCgkY4La9F4ToJE/n5X4xSSpdIZxSsH23VxW0
- BKuwWqDrTNGFzSWiAM5NLWco7fsCO8nHWTJG6jJIO/A9ZcUCjHaPadvaT0DwhPZT
- Yj7dd8OBs6zBHO8b8x8a8nfplqcG55tVwHOeGrZe2PUlxruIOwIbT3cJOUE7ZUqT
- A6InmeYRiL/ZPCpTwld4/8Dc+l+rHxgQI0L6X+uY7K0ioN2TaZkt5VsVhEHoNT5e
- uEj6I6b3zEvpQ2JiNZI83nUaQXeZZB+RQ4Nu2hmomHzcxEziHxg6Rw5LNMw8x+fS
- XAE8OHA5iDOYlIKO1aCuO9me1yQjZGK9HoVXbYX6rVcFqavePgczxDNHAtTJmK6e
- cJGf9OX1sZ1xvJlRxYGsNdTfkQQk/agzSpy6DJn6rhD74beG/QMTB1yfiMYI
- =dHLm
- -----END PGP MESSAGE-----
- fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
- - created_at: "2025-05-03T20:36:54Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA46L6MuPqfJqAQ//eqfwau6y/7BUV8jJWBc7a+2qqXFRD2EFTYEi6Aaxo0Yg
- XLV9NLQKOK0jakV0dGnnkM25aSdsuvQcM3Mbj3hHA+9vqJipYVbWTxtn3JR2sOcl
- FiTtbie6Q0axkcT4aVXdUvsNA03Mm5SSDE176ZXYdoB/EdbTAL5AlhCohkKRArW0
- V5CNzYj9c7WyNfpMgoyiKSGRcKqdKfYXRjN8a+6VX5tsclnE99NO2YTG9HQ7+9jY
- 7OJ9+zCnPX0viR6F7bb0M1+wsP0S+5zwIsz8OGw3hfXvxvwoRNNR+Sf47Oy68Uq2
- aePW5H0eNBlEQ59ec2Z8PEEGHOD6L2qGlmZGQPNlHPgcsPLz0/f1W7+t4xrX7LbL
- twsXulcdkGQKmi3Vayhsz5xLOAU/kZ1lVOBlHSq/XCbLFcrz8BjSTt/1uNF4Ltu4
- kXGkxme9Gig7Xp2VeaLcZxnHlfZAVQMOb+orI5obptVZKzMBAMDkh0v0YOt7GHdz
- pqr6TB458Y598ES5PKrvhLvsrk6hy4ZbJE1txu3Dd5aEwa3ROoWBvdkhtUghfibS
- byXZ2YeGeeH4OGzt9g/CS7zbrcIQhi2j44Sq5LB2jpgLqf4wvpBnCJjyM9kB2OyW
- qIxK1J1wNdBkTjAl4okZxByyK4k6KfnVGnsK5OuhxRilm3/8mBolenzmvWxZGujS
- XAFRolCuiN8U/UToZEgyMGyrSyEDuNwoVAp5G3slBe4SJhC23A6o8wZpziBGs+ot
- mwoCgUgMeabC8DNMRGFpaUA/5k4zBIjHG61yj8rM57zRKa/F72Ma0UQquH/l
- =ENwY
- -----END PGP MESSAGE-----
- fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
- - created_at: "2025-05-03T20:36:54Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA4EEKdYEzV0pAQ//UVt7q8e23s3x1Sv+84yZtHPgWIupImeKABHkxI51ry9O
- 80tL7+aC83MEr54BIou5ktHyBqqtoH7lRGD+z7eWX5F/YtECyAn8VFpZR6cVntrx
- x1BYdRhggCOFD8otG8kWvAiL3Kd/sEISoF+rGIojUGO/qEk4RPfFQdAeSYR5xMBX
- ne5zq6/SzqRM0KMWKm4fgj+0MiFBs0v5jLGNYflCTOhB4c+Cxeil9IjAiPFv0vhk
- xZnTdQwc/jkDZgwduM8M8tGglA7iXUGQa/vee6YELRJzpOIHqcIHhg+0lZkrcDPR
- tmPa+obM+FwTqEXs8TB3VXVzMobgmKHKQ8E/rebzfQXnBZH+I2DX6X7m0aRMJ6SF
- fclMVbBx5+80dA5PDNSr3ADmo/i0qjrqwftIdf4YjWLrPDt4/sww896j2dOxnDaJ
- aX0Y/xOR7s56+eWiy2EpPZSLm/GICQa9IS3AA7xEKc0bJXEVopY/7JTmeqXSyavH
- WetWwyrpIeDLriaCJY87YzVYxv2T4K1kpNb12Cz7GZ0lA89nEU/TIVgoWeiTiefF
- dReBGhVIG0nJ4EvzsH2MbANJx1ddwn4vU2jpyha/4UmysjA374RFkUtYzFE+E5IV
- P8g0HAUNOgjmmB2u75buDMJ5A3LXzQHwnQKhSI6b81Pdf0zIbeSvQUZ/Qljwg/rS
- XAGWI7LoPEKgXze5em41kkGxzZye/pOCpweTShWEUhARq5KOhNJmk58qzAyq3iXz
- PyUhW3C0aBgheZcgTrSX0i7JdcKp+ucDb2iCXI6HD/4GvUr928FYaGVhl29O
- =1k09
- -----END PGP MESSAGE-----
- fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
- - created_at: "2025-05-03T20:36:54Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DQrf1tCqiJxoSAQdAZw0B9Iy2Rq5eCe0WJsOkTdH0tuHMoAs71F5ChQm/KQMw
- YIEEXAmMI5Ma+m41DL7glPJ2wPn+jmhSf2B27ZT8tW/EJjeOsrx1wjKre9lSZxRK
- 0lwBeOY1Btxg51qGU4ZBJFd5yxb6ql2THEmn6fzxk5zah6KI/0Z1bixhTzw5wp7e
- uHu4gU46OlX6cC9RPXZ1QxwqS5tLHhdWhM0gySP6DI6m3us1mWXxDnUCBBEAdA==
- =eyF4
- -----END PGP MESSAGE-----
- fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
- - created_at: "2025-05-03T20:36:54Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DzAGzViGx4qcSAQdA1rqOtvRBSNHEq6Rp0hMGnsI00gFg6ybh/Ub2q+XpjF0w
- zSCooBTjoJnYzeFia8iHGfRcMmJ82GoqKkwCwb9SBQkF1Kh4M6cWjboWhLQMJIEg
- 0lYB8kp3sNzHdrbV4XVb8payG7mPljnRs6O8LKlOM11ibXSyy4upOY6/p9/Aqkmi
- u70kq8RHtuBe6HKJTYMtWB4yNkm11+f9jq4qNYBi3vESvyKHKvI3ow==
- =wIVr
- -----END PGP MESSAGE-----
- fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
- - created_at: "2025-05-03T20:36:54Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA2pVdGTIrZI+ARAAtYkYbe3GejwxxFd/YxX/ioiQyBwNN1IMB998iEponrlY
- AbX/gYiKl+7NHYfnmU19tUStxa9di2CIjBIhr7adU66Fi6pfcrab1lIUtvqnhZ+m
- jqz6xxMmlMoot5ml+jJXyNL2IvlHrumgWg/FL08It5mGePuMJ3RcO1W9J7zPqgMi
- w3YGTbtCBSM2xF3Tmvb8BxqCHsZW5RPZGhB1iwx5UHl8oGsJQII54qsPAqIjFkhJ
- 8IoAGecePDtihHKZdtqGWspvvM4OkcVTtrfaWp2cQX3SvDY9Szsr8AjSpQxOFWmX
- T7t+GKFf0Pr/IY4oF/9pXOqxvU97G9xhCpNVj9nGYFSGFmqsfpysnzlnVH8Kaf8Q
- lhhMcX75VvHgDjqeWtBtZMKSIBf3upw8EnBnOKAh/YCqrcBfU3rQlzWVrl68iOof
- BhEwER7vYt9WlHjAelAJ5F62jkUiEL7Vs7G2B83djujxQvfaBNN/LU9Ei4hmMY9O
- iusAcLlt89ieM9l5kRIhqi06eB0+FH4mH9sbZAJH7nxBX4KUk9yQbBZlYPMINJRh
- C0R2kcTUJf78YxrIg8SvfCVmCu+VWpswWixy9502QnJ5tQfriB9PnTjSlIgQS8Ap
- Ewtx+tX9/bme0uGsNhxebdtD7YwW/8T4JtpAbNa+DfNpueHZ5zEKIzuPr9YG2r/U
- ZgEJAhBtkp4BuFmu90jI1XlpWdnDzSjSqi324g9b+WCHQQ3iMSm4ExdpEePJO+zH
- KGDm2seQqMLfNNgPbkPxZiqKg9CbAOeU5tc7nBoQPyy32gFXFYncR5TVlG/1/mcz
- GFhe/lc3mA==
- =SLez
- -----END PGP MESSAGE-----
- fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
- unencrypted_suffix: _unencrypted
- version: 3.9.4
diff --git a/resources/chaosknoten/pretalx/docker_compose/compose.yaml.j2 b/resources/chaosknoten/pretalx/docker_compose/compose.yaml.j2
index 3707225..1eca33b 100644
--- a/resources/chaosknoten/pretalx/docker_compose/compose.yaml.j2
+++ b/resources/chaosknoten/pretalx/docker_compose/compose.yaml.j2
@@ -6,7 +6,7 @@ services:
image: docker.io/library/postgres:15-alpine
environment:
- "POSTGRES_USER=pretalx"
- - "POSTGRES_PASSWORD={{ lookup("community.sops.sops", "resources/chaosknoten/pretalx/secrets.yaml", extract="['DB_PASSWORD']") }}"
+ - "POSTGRES_PASSWORD={{ secret__pretalx_db_password }}"
- "POSTGRES_DB=pretalx"
volumes:
- database:/var/lib/postgresql/data
@@ -60,7 +60,7 @@ services:
PRETALX_DB_TYPE: postgresql
PRETALX_DB_NAME: pretalx
PRETALX_DB_USER: pretalx
- PRETALX_DB_PASS: "{{ lookup("community.sops.sops", "resources/chaosknoten/pretalx/secrets.yaml", extract="['DB_PASSWORD']") }}"
+ PRETALX_DB_PASS: "{{ secret__pretalx_db_password }}"
PRETALX_DB_HOST: database
PRETALX_MAIL_FROM: "pretalx@hamburg.ccc.de"
PRETALX_MAIL_HOST: "cow-intern.hamburg.ccc.de"
@@ -90,13 +90,13 @@ services:
PRETALX_DB_TYPE: postgresql
PRETALX_DB_NAME: pretalx
PRETALX_DB_USER: pretalx
- PRETALX_DB_PASS: "{{ lookup("community.sops.sops", "resources/chaosknoten/pretalx/secrets.yaml", extract="['DB_PASSWORD']") }}"
+ PRETALX_DB_PASS: "{{ secret__pretalx_db_password }}"
PRETALX_DB_HOST: database
PRETALX_MAIL_FROM: "pretalx@hamburg.ccc.de"
PRETALX_MAIL_HOST: "cow.hamburg.ccc.de"
PRETALX_MAIL_PORT: 587
PRETALX_MAIL_USER: pretalx@hamburg.ccc.de
- PRETALX_MAIL_PASSWORD: "{{ lookup("community.sops.sops", "resources/chaosknoten/pretalx/secrets.yaml", extract="['PRETALX_MAIL_PASSWORD']") }}"
+ PRETALX_MAIL_PASSWORD: "{{ secret__pretalx_mail_password }}"
PRETALX_MAIL_TLS: "true"
PRETALX_CELERY_BACKEND: redis://redis/1
PRETALX_CELERY_BROKER: redis://redis/2
diff --git a/resources/chaosknoten/pretalx/secrets.yaml b/resources/chaosknoten/pretalx/secrets.yaml
deleted file mode 100644
index 8a9996b..0000000
--- a/resources/chaosknoten/pretalx/secrets.yaml
+++ /dev/null
@@ -1,237 +0,0 @@
-DB_PASSWORD: ENC[AES256_GCM,data:JsoMNWdNAMTbiJWuaD3Voz7gJEUK4f7hrA==,iv:HRDsw/mIcCAMzpr02GUAFKby5w4r6zOPYqUYD8wDi2c=,tag:c6f4YjZxTORcDCkvztahRg==,type:str]
-PRETALX_MAIL_PASSWORD: ENC[AES256_GCM,data:DTwMQu4VRWkr0o+7Tw9PFwpDXTnOj2k7Mg==,iv:c2iwnymiSKm079edPJw/TvUHV2mDWQFbRGBmibBBQtw=,tag:7VpRWhU1E3+m32KG+EDR7A==,type:str]
-sops:
- kms: []
- gcp_kms: []
- azure_kv: []
- hc_vault: []
- age: []
- lastmodified: "2025-05-03T20:58:14Z"
- mac: ENC[AES256_GCM,data:67W/Ho+P2g04EmcVF78thDkibgeelSRI3WTyJu3mhhpl5EwXFiPcNjLe0ND3XQxWjn4F5+TLP2px8aY36upmXHIPys1ZLYL0jipF6FQI+0C2bFupOKll3/sFWWCp+51f59LDI1fiI4Q8nIMTASkieeL1yZmMHgrAV4JQyXjlCgU=,iv:cA30UqfF6rX1fxXiAx++kZwh8+EEPjB9+BGerCPdTx4=,tag:r5Yw3OFq3Z6KZJb76PwVcw==,type:str]
- pgp:
- - created_at: "2025-05-03T20:57:32Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAxK/JaB2/SdtAQ//dOAMC1Doyk+FD0WTNYwmViJO53QQy69n6oYJ51+qE+zc
- 6IHGmh8wAWKnmy5s0v5LJoewMf3XhGg5sIoXuBj5OBICKSRRGozzYNJ1No3py3PE
- 2ml6FI5SAja8QBQzNoD+D1zP9ba6xYbwfkx2DA1lpBmXpVQsUot4A6P5WQHbH3uy
- 6wpwTlvYNNm4SWuH7yH5f2NfYVhJqaKaI08N34mYQ/f1OuwjWZGpz8jjt0AH+aGV
- AcMPEXQjHgq+Kd4EHXSj7YAR41tiPJhYzdpYOQ1XX04JaEVMCG0iYfrfbcFtbiWn
- YZ3Ro0hpGpND2HJEB+M8NaOf41k9z75KTtGsoJJUIIWoCkdFxeMh7/UbxauVEV7M
- ussl7Jq3jbwC4zvKzj8T/es5w4nPZ0AGzz6Wd2pmYuy0sdaOczEbVGlLtACTaHB6
- B/LXVdlRxCQxZ13ZQwMTDvdvz30sl1wFCh1MtVXQGNS4xEn8gufGgcgiN2H/OHRe
- i5jK7ibeRU2aMPD75RXhSGNtN53FINAxkSa715inHFQVt6fXH39eJNLoyX7dZb+W
- XsiBwjIhW5qd9rXEqy1W7QIZKA6GYuyPaBgpCaaqsTK+6kXinV4xYqkSghrodSkE
- oMc394wMmL6CYiPDRr4IhjSjFTxj+5AKkJwnYY+rKFcPD8qyWYI18E9zvgYNsK7U
- ZgEJAhCf1ciUAngZMQtVrIk2NqkzJlwPdw3OyisZxsWsZcSf9zmIHA6uETAkwHWB
- IGh6dAB4TcQUjj7eTDVI8kYd3oaKwrQMGhQeBDfOA8Kl5d03+WwjMTozwMnk43oP
- 915KaE3I7w==
- =lM8/
- -----END PGP MESSAGE-----
- fp: EF643F59E008414882232C78FFA8331EEB7D6B70
- - created_at: "2025-05-03T20:57:32Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA6EyPtWBEI+2AQ/9E/r31WwmWMkqOIvNHsCPZKYn9WaL0L7a4fbXQ4CdxKj9
- 0/0aIHz8B0G1BLXavdQnkFSu5BvLeaP858BXtP7R+IghzMuXz77i3tyszXU1MZYT
- qQ1JQxj0e8LUw0E0FhrsopWWALZ51TruW63JQVyJNVhyRUFrJ3ejGuP3jCJUmNRS
- NfdWoyHHOGtdXHk9j7Afwg2xn0ZABObCD5Epwlns71xPe/sTDzELRbY2S66yhd1N
- fmOgw7FrwjrRrtiFarhFY0gUYEaMIZDndOQrjhBbR+G3OFMg4ia+t2xH7A2y7Pj0
- E1TcWoeZH2Pz3A6C596lmfXO19AsKy1flfMvugl1o33UsOYqSxu45JaFX7BEJBDW
- wUh9lCkGwB7JM6XjWPcgrtLutOELZFxVrnzrNtJVSq2j6uhEB+Eh3C7c/iaJRn96
- 0x7yl0Va6X6/5NAtGpXpsJaQtz+TFe7X4hVcOEJX2l1qpPkjRcE1IczJFjyYV8TL
- beq4qV81AL/RdR+HDQ1nGsmunBV/94UMG07GhTYjNm0QFWM2IhQkgs4oHeBeSqm+
- uXVpY+SFFoQto9+YHX7NnBkg4kiFy6A9tsYQrqffMPQZBn8V81KQkRnduNTspF/1
- 6E0ne/E8PXqmSGedCEyPLzLXIxrWC389cjcmF350wF7l9F620IBINIMtqgQMQz/S
- XAHXATKrETDrw2YDgwLbB9oIptUKob6B/BB5P1uFhdaCarbq43RqYnWcLZxdO5WJ
- 5d0lbZ82ykBAo9BUswnaY3XvwYPRk+bF79pQ15xljjksiFF0Gg+NzbilNkbS
- =QV7i
- -----END PGP MESSAGE-----
- fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
- - created_at: "2025-05-03T20:57:32Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAz5uSgHG2iMJAQ/9EF9rxFPcZShqJZn5hyUQ/Y7RO/htHo6jdqFu/DfpBcCZ
- +pFuyR5Lq2etOvxbB9/HEqAKxbpeRzReu7c7D+WZz6CaS/PWj5TDxt03x6jNQQE2
- kCiZzTEB+VchmDnC4ifgX6rphvqd7GLjwXjXCUcGjMne9ANJJrEQstdZ7Q/GR6ra
- Fp8I8hfrB0IpghL0gfVFw1HvKAaprKUOMBXfLqzPbZbYxdKMPC59ShrzgstHgF+x
- q4uZgu+EOcpncTGvnReFbQjA0DgKyRGhATvAzASvqU3sBRAwm2hugVrcmWEpQRZP
- QoLUchCLelcIf0eeolq5E2kxWxLTiyiGN7F8CoVfkwWmqyNlGweqUI0+eTPW9XsI
- hEnpeNmFtZPTiTPxTYAb346m9lcslsJYccbFMZEIBwk3xB0ijDF//4Q+5CIgGHNq
- Pxw+z/NTvH5zWhotA8/yiP8iAfa2MikUmhDr+stCmUSjnyWsgS6ncWwIP/H4MCEI
- Lk4rA8mQ/gkS9UDh6g3ftuAYJIgPz7jVpQn5oA21VdwdeFO7YyJCXlhTL/oMeW7r
- xuV+BTEobFv1wrGVtVEt2cjjbodoINFXhXiwonnXquhoxk/ONrQoB9I43j0+C65U
- w5LRhMMR0ao3FKHxwI4ih9JZa+3yocbd/7E741WBqvB/DPzd1XRQzP+x+HIEccfS
- XAF0UX8YPVCbuJs1nVVfyJSHuRQSplhuBvVfsIwJCDFroXYaB1JtkDhVVHCofnJ1
- MVhWIptfVbmY/C957CLNGHXZgE64cGvAXn1whzzGch/KlB7//DEW1iS1fbUO
- =fypM
- -----END PGP MESSAGE-----
- fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
- - created_at: "2025-05-03T20:57:32Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAw5vwmoEJHQ1ARAApFA1MoRir94aqTlZF1cZOOdu8za6fOPxvcSICMV5RxFw
- Mq/9xFVtfGJ9VfYxW/im7HG1r7EjIpmOwXlm4fLGEIpafBrcJrQi0bxlbCB3p6z9
- xuzCcmF5Tphuuh/LEBBhHnt3crJyGrWTZ2Dy7+wPSPEnN91bl3dGsHr2Kbis8rBa
- QGiv5l0sqMJUWcZUmHTnvhb+KZU4dQUl+qTLM36X3ChSMFpuAO4w3YwWJ74F1Akz
- b/6eIt3u87WD2r+ny6DXTNsDVIymGnsxIQLA+YSGhf4mwtl6HOZlBBxFKkxFp4HU
- 3QA7zPwXY7g50pvlc3KJMNuZRTy0W9mpCnYKjHQzYkaD2JfVIrGmmQ47DEMnz0bs
- 1pgLCbFE9TO1ur82QNntggSWQtOHr2ZFbF3BuFjIQ+V9rPHdCtGFFarZhwC2t9fu
- KSE7vyYKO3o7g3BtOmqb6mqJswX1qTSyVOj4aqGSjG88lZq9WJPULe0w9rqhKwjP
- OTrXm0xLSUk8QWx6V7d6kKiBH+QRJkr6gEdqovzFH1XNwtUnMIkCBudQgJAw432W
- nOPfgXSifTT2hs/cWHo5ttoRiWOsvuqrCBmCETeE6L7uQoi6bhVVz2TBRVcc0rIR
- 9AkuLc4mcQ3aby01+cK1ZVRybzTTVSmwGmssr2UwwxlhQUA+r5OjPugg1ynoIk7S
- XAENR9L83Exjk8DsMKufYwRMMcZSyHzsH5p3ucewe+euYwCf3tB0iZPkHCdSKTST
- o8lGtavDKNn564tKDeH1miuvas+e6FVLcdljTqZZoS9I1IX0LRnLLQbpFVzS
- =kJu+
- -----END PGP MESSAGE-----
- fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
- - created_at: "2025-05-03T20:57:32Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA4HMJd/cQYrVAQ/+PKl8d6yCqlY2t4TS3MHHvxcPWrXM1+O2MKf78tH2OeiT
- fBwxUChpNIvVX3aWSPheyFb/1PMJ/U828wPDMbBZrII2J0UXvCqnmuL08m5fT8VC
- JjlkfnULNrDai/mPyxtpGJXnOm9JEmnUETl4xme8DbaWWg0QF73N4h+dB45olL2D
- xYyeEZlnk9OX7fy68ADKxc9n7E17MjL6X4PV0BGx/15QhuPnwTFxCpe4F2dZqgAn
- HtFunsjHwy9vptoGlh0KatCJLdaZaDEhmo5bQtxlpph2QJpstk4pGdLn5SJAUCYQ
- bvfEeRFJl1yx0fLzYr6vQnqr79aFXVdV51ZDtAv0m2I83b34y4FDBvdoLrSUMGbv
- ksmk7qxpknGoJqhMdORy+lBMGffG6EdcUaIdHqmLe7GmKrPh6CdNHzaKSPBIlZiA
- 3YEVSEcDiVNuoQBAgJXUh29MqXIOPJoFw2hO2kwfYebYA/Z7ESisD6oCOiOIUspY
- Gyn2T7TFHVqFfa30xA9eWYe4GkSVTGsg5/dCVpJxJI1L6dx0kQAIZVZ5vZzwticX
- 2I+/2hVl2koCMqZJ8Ggx2VDLDUV1UMuolBeHXD4ci+3PcBtjHCVyXGGBls52jjO8
- ooUEkVWwg9PhQUy0royZ7E6GEfmQHtdvI3tONlcXa9J8OUY8sBT2G1uek5jQFN3S
- XAEfIAmGnoJPreDGSqVu44YCjImBEwVrDYI+R+WvDbfr9OCaokQAtxTYg4C21OV/
- xaa6RmNG7Gjp8v60hj14k8Q8whvfBRvYLss5P4VhQAKquuEucblMwf9QYghk
- =MMok
- -----END PGP MESSAGE-----
- fp: 91213ABAA73B0B73D3C02B5B4E5F372D17BBE67C
- - created_at: "2025-05-03T20:57:32Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAxjNhCKPP69fARAAiGtaAJAK6xOYlOoTMt0G9IrTGN7syKHld9x5sfFJxkdE
- vDMWTmAbUEfteFfyB4YiZVvC+2PPEaXKAy73t5mZDzq53PKIdBUmiGseNZYlKm4P
- 3KKIX+WdYBXjdqzG4TiQu/TibXoDNEJRxDw7LE0dzfPWtasbLREVRrrW1vaAq6Tx
- hcs0eAmxpJ0Hmyz9R+sWTAAYaTxHTkbkCyCyqmAZF25lOlsbPFLsXXD/BT00CRB5
- RM5XwjrG+3AjbY5x3vVrxI6Ni2395C1cFnSew7ZITscC9//d7nTi4Tim3ll/de4j
- 5IIKykMdzsAchQuYyr+fljoOs0qOAUW18eyOE6Quvh+Hg3gnvEma4HPo5LkM7RBA
- Uf2ki4FY3OHWJb6KcQL5VKKMzlfp66zEAJoQTWkvMfas5c9injn4ZrEj//BljXmf
- Es1DtC46ZMpflZ10qj03ND1zYMdJvATk+lRGD8KdRr5aO50orLsyO3irtfc/zMok
- mhg++vw4cj/5AtlwqntXGpw4gE0/2QKdHS5LPC1ijx0aK6SFXv6jC8B1qNT0fF/m
- wL6gz2Ty7aqSQzKrxVDFXzhfgYVRz48LzptHpFjTJjQGYxWxoCFMlYoejMTuA7ja
- FNjvBayX2ZSMgVaqgk+wOeh8uSYfszu6VkH3kFCMqN7WvRbaxkIZUAbEF76Kj6zS
- XAF2aE/v/i2VD21EhGX9koMJXv4tmCwcvUlbdukF/yJBstunXzTGO+X2ePJ8AkS2
- x0ZAlzof3Xdm2SbRGlCkFOMWr8u/K1je+MRN2igmZO2NglAwp9bGbSf+sHjA
- =aXJg
- -----END PGP MESSAGE-----
- fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
- - created_at: "2025-05-03T20:57:32Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA1Hthzn+T1OoARAAjz4TsJjNIvhb0+Jket7pqZTp68OGNaFuN8dc67HoqGLV
- LBstxz0qkj8kr+UTi+QIagbKVTu/P5qFEJ0V4d12+QMbwR4yRBH4KYJNYzVgjXsb
- oxkeHxo25/FmHDNz8z0D+CdCAOS4P24qSOKcYnk4vhZ9xI/3BmEH2pZKE6HUgulr
- ZzqKkJuQyVwpzYgsA12ps7SycPLkAfF4TEBcE8luZlNDq/V8yxwEctpsmNlvvBoX
- My9SycdGBTOTwbW33hx9lMyZL1b5Z/hlxduBKBmSHtf+o9KAWZpo8Hn7FtC6eFoW
- j72T6OhkHIwme9p8CMUbg07w4jqtAU4qk0YHBZMJv4LmERnrOmG+24OYEFWX3bfU
- n08HRy5sp64jH5FYUtcuEkex+jeA2yLxskXVhzhQk9Qrnw3MJtd7wnXK+fz2Dpki
- 93KINel3Uw8DJJGui/lx1lerCyEU/fqVYtC5xYy0rzl0ZlBK7f9oSl9bxOo5vuHl
- NT2Wb4r4v1xSewvPIxNeF4cLIC1wa9GkshmA50uOgVPptF/L1xMIwz/e86mBsLlG
- byQNqbbezfK72cBERgw2tVlLrGXlPAQiGGocKNzIrythRrdzjOgw2Bmb2sfXw4J1
- vCF5nwN/joRngd0iepxYYKlx+zq8G0wRwd2RXFscDXxkH+ouRxVWFdX89GqcjOPS
- XAFimzl4DsVpB+abVl/pGaNrQDrYnwbPvbh+qNwKeMO4B+3VDzP0GN6LdNxje5/1
- kJrmR2KqT6eDWq4R8El90RkZmr3Z6fc/SffCQoUGxGkEapWitJdkK0jV0Df0
- =nluu
- -----END PGP MESSAGE-----
- fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
- - created_at: "2025-05-03T20:57:32Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA46L6MuPqfJqAQ/9EGmj5h30qhRClaFwStf3b63Couzf8h+7Dk2GUuCJoBq1
- +WDHDJW8zBSCBHhHlOmB2j4gUfrVHOHgbdEBQoMFatCpBWWVNOO/NwBCZwwL6Dp5
- dmBA94bW+jOk4is4ecQ10zPBg06GVzpDuefYKH4BS/JJ8ecQ0q8cWO/smzUcpsNd
- dnN3J1Py5VZOz8CO0SO/WMOoV5NA/yPmc7LL/BiSRtDEfi05r4r4aDLK4mJ/s7Fe
- /7vllPhC1ZxntQ//1z0cfX33nKEtyTkOh4L+BPnrqGCM83zruAfSV870Ws+iPbHK
- +S1uCll2ArflkzF0YiaqZd93IH0KTDHUxOPwHjL4J+apBOCmKoyd1nYEl3mVNQhp
- NArOEwK2ws6xA3eLGjI3pKtsyWKXfgblyyQcSJAZ1YHK3I3YPVcPBFE+zp5puEMS
- L0g/d/uzUvAG8GyYItAj/xEgaCaslWZrLAroZ4X5XRrZNcNCsO54m0t3xxPKikZm
- ZUFV79+iG+Wb/Ib2DkPOKmOV6WLa5PGtK4PUUGKcTp0FbWhtVeOZUOmP/LkmrxBr
- mSfnmKdiOYlyVNpaagI+XlGNSWU+9Im7r3FO/IEv5wmt+k3dpM6dGzaty1Q6ffVB
- 6OqTZ3KrKgOMj6WIC9K7INvfbGijBeONjvapvg7SjzoXeyGqwS99IJrvdxnnc+DS
- XAEUUYcXKmS0saM0DumdcOlfTZnzcB+JOiBI6+wbh2xiRy77DCDy+xW4m3tKCCvg
- vJdEJNsSA4fpzZbjd1a2NhEthJxDuuiKfMmnGOCX9DX+SprzWzjJJiew47s7
- =Zu7P
- -----END PGP MESSAGE-----
- fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
- - created_at: "2025-05-03T20:57:32Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA4EEKdYEzV0pAQ/9GIgxeDdrdDRTroHNgkVYoHLS+jkPXIygUcO5OGsmz/JO
- kYxdW11QH2xnOz45e6wM2W/6Vf1VPZCeqSKxEUXHQkXnqPnqD3zw+ukO4285gDb8
- 3reybhsXXR9L161H+7+sUyu0y3n5+wPTK0K5Y1UDxZ9r67cUfwvQu7EY4Fs2s4yG
- g9d/thE6rR3lUIc7w2XC6veeVAjJrdvx6v04KaT+YQONfEu6GVNnA2vircH7JK6C
- cqx4J4TGFS+XuSPm/07rtJLT/qD6Qao7JeOJFXhEwdTNu1p2ynmqUA0Pbh/Hdtgk
- dv4kW6Zx1yoUuqPf5ehQIcFD3IHxlFAC/ZYOyxwfTgYbdfZC5iQSytapFDwjMgYG
- Z3Mto5fwlhblagGQKZJ0TZZOZDOcJA5vS0IBQPYslZEVhRkAffJ7YHiNdnylCt0S
- kLNIkq/wGZ6NTffonJRz60ADUw94jtS6pAjceIv3hlnn6MrkdoYAkilv+dS7qSj6
- fGlIQl0BnHUe5zaDAkQrXeasbTzOhOZTTb1LuKw/8c6CKt8qA/I+1ragD5VtOW90
- fc+o3Nu33MRirTyvtlltBnlu8u47wYU2dRPZz7rmpX2uBwKBi+qoNcWt806HgynB
- HWqwrSNYv1y5pCaDQEsVX7vFQY17MN/4h2B9k0/KSlLWntpjo8wJ2yAVLUbOwgbS
- XAHW8GLQha0t/NaDykltIdEWJijiX6faokYrd/hMf7MYKAU9M1t8C6LVJzM2k9D9
- eMdKf2b12CPZZfvbA4cVEvU6XoDWTo2RoDhzMQU7QugZ1vUt+lYTx6t7F0Us
- =Y9rf
- -----END PGP MESSAGE-----
- fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
- - created_at: "2025-05-03T20:57:32Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DQrf1tCqiJxoSAQdApm/pMPZEGvqpq62PDegCOFtAHb9gu2NbHanCGEaf7DIw
- 0u75A6818/eKyi8ALEuydUDBNi2vwGSncUuZEacTlLZkLAW/XDi/wlXSkBv3OGbF
- 0lwBWvKAZmPmQmU+aHQPH9RLNk0SAl0WdQtCveFzy/UfSkNX/QS93dbhczo6dyQX
- ZK3lEsekBVR2FQhe7+bC8Ry+Dh04bsjnD4hCPI0lDM4loQoBg3xsw+41GIwOSw==
- =yugu
- -----END PGP MESSAGE-----
- fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
- - created_at: "2025-05-03T20:57:32Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DzAGzViGx4qcSAQdAaiybhXQcYfg5/0e5Zd5ctB1ncs4PIIdzDVzm3wJceF8w
- 3rliNGXbcZB8THk5g49nvCHdkDNX98TF05DkaKTYjZmC4er8AqbRwamt/xkInuCR
- 0lYBQsS9bNcZBar8dVL1OC2cu7F8KyT6rmz67Oxg/ACjo3o6Trq1/KVF38Zmqhov
- YlaYXB476wDXA6aysvxcae2TKO4GhwNHQokyUJYsjT/0mOXG2hd2RQ==
- =KJs0
- -----END PGP MESSAGE-----
- fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
- - created_at: "2025-05-03T20:57:32Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA2pVdGTIrZI+ARAAj+B42CzfPhIqhSKoLePF+uJBPZl9HCmETvznhutyfDPs
- +jZT9QNTCMub3FdWU1joP9T/V0A+o0Q7BYa2O+q5/19F/w/+Yk2XSJNu3RfYSpq/
- KgLWGSj5Q6zVp0FfVCxoyEtCNy+458mNxn4HvHlPsJwnP+u8MZDd4Weswqx1L9qq
- KWIiQ/V33P/miFD6pMHyoi5P0ue7mmuIDtH8D0pLhAVHAhM4s+YBF6OTpobYRTjr
- rm1rNp5Rxu8hjOTpmylCtQJZeud/zLb61fUsAO9svq/Rf1RTGiGwOUv1l0v4mVto
- Ib60J1dSdr6TBCmUthPlE7NskIS3B2wRL/GfsqZXazlLBsJf6GEWEFcMGi6bS/Sn
- XSX5PvSp6SI/9UXPBVXlpDfwyvBulilSqRR3HC45XYj7Zqb2HWkEZF1w6+jYCuLw
- z9uNFR7BX4AzrhEPZ2xYfzMIT4Cd0kQ6oFLfpvFKbLXBNLisqvGhzVBjHQHmK4ou
- 5NgoTAVvhpuO/LZf88YZ7/u6jwo0r/pPCyyW6I+raJinUGfBmm0KP2Q6xTXRAMkv
- OMCLEP+Hjm7xG8g+oJ/RsvQkvpQ4MHhx7cDQpqQFSV/5DhEMtANth1Lb4mSYlmPE
- 2TseTrARXbq256F2clDnldlWnnkakzwyGlAPvJfweJ4o67Sr+e6vX0I7HxKjQ+HU
- ZgEJAhDJfWWDsTZ2nsH+w4vS+JHZmdoelzKOE1wTioAEb3RZm2wEvw3gI6N/eOfG
- u6n7GTEbjHZRcvysbtnXS2PRiW8iNMK8pxW7t/Pc0MfOnzaF2bQRoOels2ITqo7I
- gQS/Rpv9Ag==
- =6U7r
- -----END PGP MESSAGE-----
- fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
- unencrypted_suffix: _unencrypted
- version: 3.9.4
diff --git a/resources/chaosknoten/public-reverse-proxy/nginx/acme_challenge.conf b/resources/chaosknoten/public-reverse-proxy/nginx/acme_challenge.conf
index 319347b..e37ae7a 100644
--- a/resources/chaosknoten/public-reverse-proxy/nginx/acme_challenge.conf
+++ b/resources/chaosknoten/public-reverse-proxy/nginx/acme_challenge.conf
@@ -70,8 +70,11 @@ map $host $upstream_acme_challenge_host {
design.hamburg.ccc.de 172.31.17.162:31820;
hydra.hamburg.ccc.de 172.31.17.163:31820;
cfp.eh22.easterhegg.eu 172.31.17.157:31820;
- hub.eh22.easterhegg.eu eh22hub-intern.hamburg.ccc.de:31820;
- hub-usercontent.eh22.easterhegg.eu eh22hub-intern.hamburg.ccc.de:31820;
+ ntfy.hamburg.ccc.de 172.31.17.149:31820;
+ cryptoparty-hamburg.de 172.31.17.151:31820;
+ cryptoparty.hamburg.ccc.de 172.31.17.151:31820;
+ staging.cryptoparty-hamburg.de 172.31.17.151:31820;
+ staging.cryptoparty.hamburg.ccc.de 172.31.17.151:31820;
default "";
}
diff --git a/resources/chaosknoten/public-reverse-proxy/nginx/nginx.conf b/resources/chaosknoten/public-reverse-proxy/nginx/nginx.conf
index e732052..4fcc86b 100644
--- a/resources/chaosknoten/public-reverse-proxy/nginx/nginx.conf
+++ b/resources/chaosknoten/public-reverse-proxy/nginx/nginx.conf
@@ -88,8 +88,11 @@ stream {
design.hamburg.ccc.de 172.31.17.162:8443;
hydra.hamburg.ccc.de 172.31.17.163:8443;
cfp.eh22.easterhegg.eu pretalx-intern.hamburg.ccc.de:8443;
- hub.eh22.easterhegg.eu eh22hub-intern.hamburg.ccc.de:8443;
- hub-usercontent.eh22.easterhegg.eu eh22hub-intern.hamburg.ccc.de:8443;
+ ntfy.hamburg.ccc.de 172.31.17.149:8443;
+ cryptoparty-hamburg.de 172.31.17.151:8443;
+ cryptoparty.hamburg.ccc.de 172.31.17.151:8443;
+ staging.cryptoparty-hamburg.de 172.31.17.151:8443;
+ staging.cryptoparty.hamburg.ccc.de 172.31.17.151:8443;
}
server {
diff --git a/resources/chaosknoten/tickets/docker_compose/compose.yaml.j2 b/resources/chaosknoten/tickets/docker_compose/compose.yaml.j2
index 690526f..d00a454 100644
--- a/resources/chaosknoten/tickets/docker_compose/compose.yaml.j2
+++ b/resources/chaosknoten/tickets/docker_compose/compose.yaml.j2
@@ -4,7 +4,7 @@ services:
image: docker.io/library/postgres:15-alpine
environment:
- "POSTGRES_USER=pretix"
- - "POSTGRES_PASSWORD={{ lookup("community.sops.sops", "resources/chaosknoten/tickets/secrets.yaml", extract="['DB_PASSWORD']") }}"
+ - "POSTGRES_PASSWORD={{ secret__pretix_db_password }}"
- "POSTGRES_DB=pretix"
volumes:
- database:/var/lib/postgresql/data
diff --git a/resources/chaosknoten/tickets/docker_compose/pretix.cfg.j2 b/resources/chaosknoten/tickets/docker_compose/pretix.cfg.j2
index 83cf327..f1c119f 100644
--- a/resources/chaosknoten/tickets/docker_compose/pretix.cfg.j2
+++ b/resources/chaosknoten/tickets/docker_compose/pretix.cfg.j2
@@ -10,7 +10,7 @@ trust_x_forwarded_proto=on
backend=postgresql
name=pretix
user=pretix
-password={{ lookup("community.sops.sops", "resources/chaosknoten/tickets/secrets.yaml", extract="['DB_PASSWORD']") }}
+password={{ secret__pretix_db_password }}
host=database
[mail]
diff --git a/resources/chaosknoten/tickets/secrets.yaml b/resources/chaosknoten/tickets/secrets.yaml
deleted file mode 100644
index cf2c4ce..0000000
--- a/resources/chaosknoten/tickets/secrets.yaml
+++ /dev/null
@@ -1,236 +0,0 @@
-DB_PASSWORD: ENC[AES256_GCM,data:2z91TJt2qWl+mZV2fGXgXT5YHwYbhwGH7g==,iv:6SHNeCtGqvsCWRJwA3lzrEbQYLk3W9IYBLfx4l/jkNA=,tag:z+xWip4xGFt6vMSoE9GPug==,type:str]
-sops:
- kms: []
- gcp_kms: []
- azure_kv: []
- hc_vault: []
- age: []
- lastmodified: "2025-05-03T21:13:16Z"
- mac: ENC[AES256_GCM,data:yIOTN939JOjV0aM+BUHRCnnGAuZIUGFvei5SknC/u8Kgoil+Z+5Mdb5R/VMgtriBSeD9z774W1ioH4D9ZaOgKwkLOFvDx5+Q1+bxj1mMMKV0mWZKttNOd+8GJ8t/Zmiu0hu0BvDMz9maNZVMsDlOPUuOMQ4RbSrkrJByHxyL9FA=,iv:/4hePEMzzTxwRyKVlUOYDgIHb2lDyg6Y0j9StR9qtZU=,tag:Ou7Q/dOmkzA2uuZ+tLsCbQ==,type:str]
- pgp:
- - created_at: "2025-05-03T21:12:57Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAxK/JaB2/SdtARAAloGIx3GHxBD0iSxnM8/v3kl8HvW1r5WVL9Z5Xtu05m2M
- 10oGBnZoRMhin+I6FoLPXlC/NoEgqL46lrX/D69H4tDiHE2xtN9vSOrpVE4SB8tc
- MIPl9q1XjypCfMW7+HZpZg+hA8FEG8potL/3i/gESvIFvXz8MmAw9xZjscuXqZuC
- oFHqCEIEPqUIt/cU5aIRRSmBgjA3Sw64Xi/PVpJ68HiWdzFHb4PkEL6ji11Ju8rw
- RUyxlcJZZ1/R+RY9Z3chzC2g+ya3QZNFXuLP/FkORKIErt+R7s2IEl5vmvYsBmbD
- LAv9RuP21KXzkp34ddZD7qN6+hS7oeC/H37+XYte6UWYs5oP3SyW6aP8EgRukyGj
- Wj2cnoWfftSGVV6rJWJkM3Z+2EnLJcVeQp7w//eHrzVjpOFQuZjgdz3JLR7hHH/P
- JQVmqBNHebpBwPrcsUXOdAOQ9jhaaUIDbThzD+WpCUNxX1R0H+6X/y8C+QH4+7NE
- I3EtdCnXXm1i7S/YsvkJ79o0TcyPWln0zZiVH/9KSu4IDhtqFfzHH33eJY1hQV64
- SXMtSlOaGvqZjEpHApNlbLzO9gX+yynd8m/fACYUZw1H7WpQjBPX8ZK1MJGupC0V
- QPz3ZjQv0Za25QCIV1JhnG8sw22NlA31T44qvpTgHQYYrLyiWPSc6GaaP4zRyDPU
- aAEJAhDjdZQvLBUmStXYPv+iiBsbpBYJ1gSugO30hG29iAsT7ybx6Gz/Kuh3M3f8
- GqsVD32plCiMv6CYuohykIkIedGrniRj+xoJ6vR9zRU2MJrIaYwLcsk6Pr0sPrff
- SDsJqxfz54ft
- =gzr3
- -----END PGP MESSAGE-----
- fp: EF643F59E008414882232C78FFA8331EEB7D6B70
- - created_at: "2025-05-03T21:12:57Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA6EyPtWBEI+2AQ//ZQ0YAZGm2B3rWCtGUjuwpiaJ9oIXJLq8piH67b1Fyzm4
- pNw6g4F4RWKgI5Alwat2d1XKJA2zuCww3L76oBYtY2qXSdJoz0cYQzuM3KL2goyb
- cnt2XtRoOfS+akYOxabz3CyigVQM+OfOT8SFN5XK4A/xavgKc6pso2WS/10CvfLs
- cRH4cOzbOoaB0ZwJ+HKkayK0Y9XtMaDBdbmO8SHa8vzwsI2dTSV1SmR1+vRAUTag
- xBhp5xoOfP8FP8M/bHre/ArwXku0EqwENEfNyS661iVrD0WQZDc7/Dg2NvwA1erq
- Jnje1/5DCYhPO7Y8W+jP5OzxK0pZLaDxThEK0zIrCr3QbUJSoA8RkDEe35paWNC5
- 8F1eTDTunqrEqT02I4GEFN7XhwExWUIMTT6hQ1Gp3uXfwCAlXMCC5uoPE+tucTiH
- LcKn185KIrH+Q7wssEUu1T/QTWh+Ff2cF5vPP+BLIkn707J/+UVIeipRreBISzLn
- pGOpuhM+pxFokX5b4oMUHBJ4dOhQ1MclrxL9YZzbQtpEnCmOo6OIrCab3wHBO2Sr
- Odo1qX137xV8gnPdGkrCTsV5XM/oErj9Dz0yA9pjEXxLlAhHdb4EO+XnnhZgpkbJ
- tH0VwlD+bczMX9L0pq+wN/aLi1kEBDDl9lAHq1QHddjHc2jNWMAQGrcVgJQRw57S
- XgHrTCfRh/WhKXpxqiluJLz+ukF5BvJnGTpQXGbJm5SsJgR8jEY5UBmIBuJxRcpc
- 0j+UsSbKgPwhmEqbGkmOb25PX6nvdO1SCmGp7KUrLgD7kJafjApvUn8exdKzquY=
- =ygn9
- -----END PGP MESSAGE-----
- fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
- - created_at: "2025-05-03T21:12:57Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAz5uSgHG2iMJARAAiFrzmBlFJ4gNJxIwCAbOY6lg+UccVJT2T7DkeVnA/7KV
- NRqQTxtiYgMj0HY/5kPq6I8yC0FKUxGx5QsoP4lvUvmiv/kCXl3M3hYq2QrIN0Xz
- xqxzLTyOENAwwfgvRS3RDNKWX37CM/eoVaozs1+f4+I4dGUhvWfoPIJcgCkORFc7
- BG0OwEKvyE82vBxer8Z7d5pm34BXL8Ptc89evI75iLw0wDq/JoGOQKYG2G8ko2Oh
- p7c6VnoDFQ1PJFLm6wvVBjJwDznn8DvSYR1PepDkyOu+eT1oGmzGnQB5Gbnnajxa
- +2Uw5S33kYDeSfHmgFfg0BA6dUVujVTHn9ZZIGXzIJDWg5wIMgOpHK3XGRgW3cKF
- pC4qBndlaWYK36AZmOFsok7840N7LYR6jz0Az1wp4F1bxKHBjy4ou3cJjhNVU8yu
- 13/YoKn0SZ0iYAQrlceybaVwdIUxnH85/qzQ8tnD6DG+9HiC98XjbEgs0pR7HJRP
- Fp/zuYpNbMnYRbB9EQqfbzIU0msTyaUTWcQwX6fswGRYYq0tRd17n9LcfNREmpAi
- ydb5x92STgSLE7sGAbsmPSMmOdl3BpUi9dPlx3ka3Y27uWI3VIWTTns5zmIBz+Ht
- 79a7nYb544eDNax62Gf7nLPnLmZOOfELFcuuuB3QaQIge7NptFmJJE4eXhr6V8vS
- XgGzxdvXBgu7kaZOgqTFoZndVLzuXaPoy43unU4aEY/ewW5U49ugodZLoW/GSfHQ
- 14BNCVO3Z8A6XqWfjUsKruROLdx4b5XaJy2PRNz3vLfgTmVo2pZQszMuKjaWzXk=
- =dvgO
- -----END PGP MESSAGE-----
- fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
- - created_at: "2025-05-03T21:12:57Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAw5vwmoEJHQ1ARAAvAE4F6dTkXICJ3AEgvjbwm9WY4zBH46CxTlxRw/ASC5u
- SOEWZoVaWQTAVMmdiI34+bzs0m8dtK8zv2OseIVTepVJBN8EfPkd6V+fDZPX37MN
- gMGjr2AkXAGby9oHL1s5Wo2YtzMi0sna0qqQstZkNTrq+LtEpGKOupEAmKdV6M5u
- VtPv82YZqAxLk1h1/kpRUMQyd0Hf5YQunOnUXAvCQHue4GLBSPiz+JIplNXFn3Lo
- g87T06pJDZDtxIKSruSbb9wuJJbz/L4qT8QGJj6CNDoWAKnZhYlVKnKQkRZevBxb
- EsD6tupcvUokWW21iywlIxTgOWGklNpCnu/4IVa4jnQsvlV2saGM1EaTgsELPy4M
- atQ6E11V2ZTs1Xqiww1fnXe6KIWKn/xQ3i0VPgif941DsBFtirnutqedU/S7iJWi
- XsSZrDDsoqG0oX27WphK3MrXoVAkEOWG848mutPaLW4Us+BMnuRUbAi+sVPETvbN
- hsvywnasgR68bCWispRomGXjUnphNQ8Ry2FXvFhYKXde8xdBroh7iBrn8mZXDn0r
- DIuJh3yEgItGachvp0t+bElihTihUiNdCyuAv2de7nQn5F0wqG18hfxyy6yYlzUS
- gMJZ7qzmTpUWGv8cPoSAIOp/ltDVS1g/muFwd6djEetFRQKm8IuhyGFYJB3f7XLS
- XgGk51EjM2OGUX62galbP3Nrs2s7hPQBlo1cVZbQlB/eBLACQTtrKDyIC7+N9yNd
- Erw51W1OG1nISvj4azF87U27M2HCOUoH5ecVxtxNo2Mg8dOysZn0HBis58hAViw=
- =BgbL
- -----END PGP MESSAGE-----
- fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
- - created_at: "2025-05-03T21:12:57Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA4HMJd/cQYrVAQ//Tha3qHvAchEyctVDmTc3WPLXy35hi/VBQIw4Ell10q5y
- Jii6h5fTGBdk/u8uXJmkLqAYfZ8ytCMMWPXvP9tMxX1K8Xm97SFVcZJgdL6+lKKA
- GPttR0kGo60OowCIWy1s8xl9qW6625L8W+NhIB4JSOHG5h2cpSx0WbrAEPCNTiOe
- MGSU5l8jIzgFj5cAcSdwojuKQbtiO0TKSoVFqjLQq0l8U6qD3hTcFcT3ktOv4DoA
- bqKyu17kzonS6tpCnIuuN9AEbOl3k9RPxpbO4c10l1zaNHEEDbXRYRp+MwcgwOK7
- qlmqf/QLVXWt9WeWvBSPRAbDDrfCaBaPAy7VIkgWdp/CAsdygQkvgh4uSzzZrjnU
- xZiYVVInwJWSrDmrLXtFRhlxPeVXo/QDBOeb5egsjNQIs9Wys7Y+L5Rgz9g/W/Xh
- D10LAAQqYcu3DlOhzsT6uuzb+sGVrwfQAQtg/ujaQOlIUC2/V3cmOMACWmoGigb8
- qlIXx4Ytd1GI2EX2LVEvMTKmIQHeEijmXSu/iu0D+S2mRp/hgSzwH6GbGb8MaRzJ
- MKAzt3yGh1hck01HSmif3t6rhUS12mW+M4Xdck9d3MjiXrZVznOkMT9bhrvLiej1
- 85KRMC6x6qiMpp4BfqQ4WXSDUjhynzcoobZf6VWGeSHnaAeZYlnedOlb1fMoSRHS
- XgGZ5a9J4ZQonAkIRcDn0xr3EYT8F61vVeVwqTQ3PDd/IoRztq32RkHng6dMBZKn
- lRpC6PKHo08yUGH4R/ppfCpG9ApdvyoiDgGcSotXSk/AQfuOHlTVCA0fQrq1j5Q=
- =8tP8
- -----END PGP MESSAGE-----
- fp: 91213ABAA73B0B73D3C02B5B4E5F372D17BBE67C
- - created_at: "2025-05-03T21:12:57Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAxjNhCKPP69fAQ//YdAXWGS1//BK3tQne5qmvdI1uOY2HPYSd8vEc7+UBi0V
- bBHsxlVMVdZSJQVX7WLxAqBvCyFbJP8lsoXlVPK6pq8tqBzagBXSemha7Z9SdeZ5
- 3QamddaiwoeBrli7hV+AXnLwmOn6f+5/KmAdzU2J7QET87Kd/rcNbGP1qtIaIet4
- dkxdDu1xDI5mrX286gg29lRfjuxsiQfzmU4+PlM4RnXVpl9QpBtvzuWQYDmMdoCG
- xqmYVv5xZip9MLPv0iT/T4IMAdhI5TvTT1zBrRQW7tNRgRLyoSRQC6qb1C24sHcS
- VBkALQI5vF6ghPQIC254LUquiTEazzr1TtvLKkdyK877E2E6o7k9dsdSPT+TemgJ
- nO/lBhk2ZAHZRLb5jfguhzQ1G0WjfbYX1QAwCW3Li8EBmhHTIkStVp4TlDvPhgb3
- uLfGaasoYHO+oirpmORXd3Y6pJ1FvAk2uFLcqQa4A0lkblxzVAI+ZwVmw/RT+yb0
- DZlBKshUUYT4gHJOD/UrLlviX+qtVT57OFqhrLEZkt8L2realtpQd0efotK3q+cc
- M9auKQ0dAy0ZYmBQD1DpDz8pg7pSXN3DpNbXKaWuz6B/84WU2aw64RV/ZaXEfBiw
- TyrlsFMTAd7haoRYtYW4RxctrnLoBldGezxVIn01m51G7dRHL8/aDiZW2ffKOqPS
- XgFV+BnacumDlBtMqS5yrLv44tDRXXuusVku3X0XQZquMc/zb1XwyK/DReDi5756
- 9pDVQQn0SxkZNo/z8ln4C8Q7IZUQWhJtWNwyl49HYlSZWEnJ5KK5uEs09GEhnbk=
- =nz/W
- -----END PGP MESSAGE-----
- fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
- - created_at: "2025-05-03T21:12:57Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA1Hthzn+T1OoAQ/9EhTITrYK72Zpzr2/obOsRJkJcCxwEtHmUxme8oIw3mJA
- 0CqrVxibxhQsDVY7Nl3K5MkNe25wQb+5s4UVO0ji2thXZaRDc9ut23qUIiILMv+c
- KMu+KIvZaOBUIFaTnrbyE3XMoopk9cJsMC5MP9u8ilLMgc3Vu3R992O8lgwqQLG5
- xwSKMYy/9PjATR28fpz0iPfunvaJsnaeoJl+okSfVny0tvf40ECZF+ui76XJLL3D
- M0p3LehaFc7+Laqb9nNwzbl8q6RL5PjzjTYk9VvPTJoqORUA9mYbbEcxrEPdBV8U
- MVUTfTsvlcOPgB7nqxJXR8Xt5m4p/xS7pZX8ix6XkOLIzSCz3O0z9YRh9MXacE7B
- Fn42DHjfi45qsIRpgUHmxI2kiT5xYJVmE3MYCxrlBdNwPPkWlvN/b8fgU5DnSPXd
- SJdqMCL/M0lQhQbfWYWE9HWKuXqrHX+lkw+oEnSzj1fqcgKU6f1BapFY71N5zkFM
- sgtD8Ff/obT2FhVeYdMIbGg2Jq7oSzfZiy9IqDTd28Nb1soX1sH0lFfFMfZQ10lD
- d03YJtBJzJ4LFlWtSZoMgaw87K089tmOZ99q30TW/oR38GehZ66H9mdLWS0XqCyo
- NPvyA2lesuO3IaKuqB+XdaLSwFq9TpmvhM0iJD1qLyHHZR69bdD9NhBF5jfaLCXS
- XgHRsY8JboPGLAKH/fzo/o+gq8yTlCkjjXI5PEEy8MjBQKg9uDxxmcTtjhJcuy4E
- JBcwtwi7h2CqaoXw8nYGc96YMvVrItARTJeXoQc9EWb9bktzLFH1mMYn6dWN9HI=
- =LgrR
- -----END PGP MESSAGE-----
- fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
- - created_at: "2025-05-03T21:12:57Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA46L6MuPqfJqAQ//cRs0tUZD57N+1PeLV0IcvJVp2k1MZwTvuBLoUru+kbvT
- dKG/9z/1OBI/q38s1zLVobXNM87JOX5d2kKU6SusjgZIfQfyBRf+ZUyLWY/7l7+x
- T8+WCuB6jaRBhtp4TUG6AVWDC6kPmVZBcck2XWXx9J6PNR4rGSO2zeR9dPAUYH/o
- Lfu8AvCWBGcsgPG2OOgWRYog9B3RLuFaSVEpmHZoponxhCuWnjqdimRZKQPkPEkx
- 6ZI6q2jp5XzK3erEDtqdxzCwoaU125J7pmizsR6p4Q2Bp7Vew6M6SeOqTH386+8p
- oS6oBsturH166CVGjSz2ksUsOPaIPRP6ZbdGf6W9Ht1wAV9+VG9AzvO9Oboi4A8+
- SAGoaO3MGCPNWHRzVpCMsXjJTmqNIl25LFVchGiUtxD/EsVXET/4Z0CHcV2Ulljd
- lrvhEDvCkozUI9opndZ1qeTJG+JcGnXMCcKEF2iL2tqf6o1YdbYKaHH2SWt7f+t/
- FmZpwLFLcvO/yr7t9Nc8xOjRvuu0Klq+XHa89usD9D5ODeOuzQHgrLPbV1VFiiKy
- 8+kvJHabnBpwyIcvziNDtgWwLI4dYQWmpmSWvJrhFJewI4yjTQvl/Hcq9Fcnxf4c
- TRJvwa6rQWKrjyrhhslUM3Sh9jH30p0dc0nr6UEAeTiRRHIq51JaNZMMM8bu/uPS
- XgGjA8XM8EMp0c6/YYVwwc5YOR8QZfH8+lW6pfXkWXReGG4dzdeGvR0W46facY1j
- yQ4nFOCnSB0eEYnucAVxaOHUmEceVg83EECwbBZ/NgMhgojf+xjSpoNcidj0m4g=
- =LQ1A
- -----END PGP MESSAGE-----
- fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
- - created_at: "2025-05-03T21:12:57Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA4EEKdYEzV0pARAAjfwkWbKL9yD3Pc0nIw2PUbI7yZ+rHlYgbQf0fl5EuVcv
- KNLnRk7Zvl3bLt9+Afq6iTXD3g+0YWDFS1Tqj/SLi3Vu37GxgbgemAuQ7ZS+wsNI
- KXfPgBS1o/4XVFlZQ1mvZFpwVdnre34xwNbCLbm4u8xBjx13w4vq0TKWTsNP4+ug
- XB+l9UA46xCJr7LPxUafKqWKEMkRjh033UXSB3e7Y02O6FOrj6p7kGnUdh+Ia4Bj
- RjZbrVac9W98CkNyDGlH+Hyq0SHtPYvjvriqyOLnY29xm+rISa2UAc2tlb7UPXDo
- g6vJYNEEOIAzJyYytOoxnq0dqtN3aB+BvxNRKorNHqpUo+AaDT7LuzGJ8LYacSkj
- Sq3Q27dGrVnBDjTTansQK3vgIcS2Zfrj5apY0q9CgomJMN6b696FMVQOlWuiRMv+
- UfCS5zQGtB2a+10PasiHmGnGT+TJEZWhD3WVj59cUhlQvY1KDODv6FmsP8t+eU62
- 7R4Mo656+hB0IooE+kmJU//dijeXF/tczIgCNASwylofzi4qXbmk1zUII5zYgnUL
- LFEyIENZ8WBIxUWwwDXtcpbxjbgqOws2aXhOtEXFvjd/L3qDx61AGBnquWPFcekU
- uAx9yNkw7qbyp5gTbP0sRi5bqqOIYbL3RXM/pkArM6uQQxgfApCWjYLU2LBHwojS
- XgFM9twt0Gi0tDL3W39LzXNPisBDkvp/E4HZIAeSZPMPo6iTJ2tOiVDB4GlTRNaF
- oLVK1NWwCI46YnC++a5FpPvh3RHntXDpdaBcbj2dko9OZtRum6WbkrX0zZgZ0zc=
- =zSCl
- -----END PGP MESSAGE-----
- fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
- - created_at: "2025-05-03T21:12:57Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DQrf1tCqiJxoSAQdAiMBI38DVqKUchVg9KNRFQ7i5y8PZB/tm7I9JT1gzExYw
- PhV7QT1EqPuEkAI1OseqboFj0bCo1T72M8TqwMdHz9hYiOAh89Hqhc5nluetbCTK
- 0l4ButC0VXzo+UjnmjDS2EhEqnIfzK+y/9pv8r+3FuhIpiWdSfEFCrbp3B3WX9+2
- hv8iJpCdAnInpBDB0uRTt635MBlf96LBowvMWxI43uIjPXXDCg50DQOrHw4Yruub
- =Fc/i
- -----END PGP MESSAGE-----
- fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
- - created_at: "2025-05-03T21:12:57Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DzAGzViGx4qcSAQdAfvbuQYZWYQVY0ut1Q7nIwx3eYajDZxkITih3R4Lhx3Mw
- 5LToASYRMdv5fTxxDibNvEyEWFZHPB2ppB1ZOOFKRUA7+cam0YFV1+QtBQDDQnNu
- 0lgBUR3uvS5IaOeEpg0E04byWimwsQP5roGCZDW4Sx9818HQSr/4HUx8GfQplT+/
- /DWZK77QB2rTtStWhOPrFkMzRWP+sqwtewnqyPRkl5lcO8+c1jyEhy4Z
- =8Ilp
- -----END PGP MESSAGE-----
- fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
- - created_at: "2025-05-03T21:12:57Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA2pVdGTIrZI+AQ/+Mt3jDYdw9mWU6Wrsb5B7pf4IcsFCMilrobnDctSaGru0
- sem2dCrqwjHr/c9FEcfV1aTMx48XekDze/YMH2vXMaPK84hm12KxR+eZvsQWMx+i
- MlN+4ANt/ZqItqtdJPgB2LtRgoVYI8/yB8q4wtwpt7o9uSSgF6w1hF1KMwL2dwyl
- bacuXrEHpGh/z9XClnJ4nVGgzaeBvmPLKLcCQAmxu7f4lgjNM+cxQM5e6sYblM6Y
- IVFMa4p7KmhWaGI4ppLXyFuvY9qzRQwXPk4vOqgCiIjrkr2LcTyDDt0FaL49pEsV
- WMKTED85cOxL0R1jJ9a9HOzOYDu2AbDCGoKK6rFD/ZX1elJ4dB4rXLKqdkb+d3gP
- ii15T3I4nrS5BWLrCVDhYh7KYhNAzgib3yRb9gRcuAODWj0JfNpmZJxNEO7enWaH
- VCNxhp9IeW6AuQdid48m1QeFeIjVseGZKWLih14XJTJJK1oZ7uT827NpForHIMxF
- ydwyswILsA5RLRpZ01MBf5LL2TjJRoZasIgEWEAKYJe/1/HSD8oZeFzK9THJLVUt
- TrIRdZ+yaqcSbPBRrFWI6PknWzm3CxdqDeiVdZMOPaknXiQ2EoKeJ6zP54x6XTde
- TD0g8XuRuIDe/TeSUPfuPT1n9oWXjsyxXSz5JYcsyaRSjkxqpG0uhL3pPyN/pY7U
- aAEJAhC5mrp1jDSywgh9aTZTzwac/AV3IUE5LDhB9525b5OvSOJdoLNnJ0afch+2
- +SKfLGahelWSjO44hyDhvYA0dMKZZf1SIlGivNx8nTbK9OpVhadyMCZ96qwzWXTT
- HrekrFf1PR4v
- =zm8X
- -----END PGP MESSAGE-----
- fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
- unencrypted_suffix: _unencrypted
- version: 3.9.4
diff --git a/resources/chaosknoten/zammad/docker_compose/compose.yaml.j2 b/resources/chaosknoten/zammad/docker_compose/compose.yaml.j2
index 8ea5265..b2e8f4d 100644
--- a/resources/chaosknoten/zammad/docker_compose/compose.yaml.j2
+++ b/resources/chaosknoten/zammad/docker_compose/compose.yaml.j2
@@ -11,7 +11,7 @@ see https://github.com/zammad/zammad-docker-compose/blob/master/.env
{%- set POSTGRES_DB = "zammad_production" | quote -%}
{%- set POSTGRES_HOST = "zammad-postgresql" | quote -%}
{%- set POSTGRES_USER = "zammad" | quote -%}
-{%- set POSTGRES_PASS = lookup("community.sops.sops", "resources/chaosknoten/zammad/secrets.yaml", extract="['DB_PASSWORD']") | quote -%}
+{%- set POSTGRES_PASS = secret__zammad_db_password | quote -%}
{%- set POSTGRES_PORT = "5432" | quote -%}
{%- set POSTGRES_VERSION = "15-alpine" | quote -%}
{%- set REDIS_URL = "redis://zammad-redis:6379" | quote -%}
diff --git a/resources/chaosknoten/zammad/secrets.yaml b/resources/chaosknoten/zammad/secrets.yaml
deleted file mode 100644
index 79b9dc7..0000000
--- a/resources/chaosknoten/zammad/secrets.yaml
+++ /dev/null
@@ -1,236 +0,0 @@
-DB_PASSWORD: ENC[AES256_GCM,data:ytb/AQ8UP47KTdUHI5RVZejZBW1vVI7v,iv:AIYEngDj4BHgXnz+pF45Z40EwJSsibVdCeF2IdVvmZE=,tag:dlBva94ytOeuzW71flhTaA==,type:str]
-sops:
- kms: []
- gcp_kms: []
- azure_kv: []
- hc_vault: []
- age: []
- lastmodified: "2025-05-03T21:25:46Z"
- mac: ENC[AES256_GCM,data:SO6TcvQJNQ3cAAy3yr2S4/PkQm33jLie/MEiLVhWRajfVD0BTyEMG5RJT6eMN/2AW8HxMBs9Dgz2aOWosL3tXWsxp5PY9ZaCg1rlz7UPPp1lsoQLB03LYAl6Ez674WqTmUrb+SjNvbxi66diYBXZj0b1zawMD0J0EMifKqOzJiE=,iv:WTr2qtfazMonEG4hxcE1KNCdq/GtQinMVHXwT5A7yxQ=,tag:c1wBDOXeHwmHF+J5GXIlmA==,type:str]
- pgp:
- - created_at: "2025-05-03T21:25:04Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAxK/JaB2/SdtAQ//SahMO2M35vCWkHxIHLDO0hiap+RBvab+H35B+6rHsBBA
- q3hyXieM1uW1OFKNegRPifazytyUVYi7DP+t0vUqXo/CY8BqmjM19ChOvaAPlif2
- DApPJvV3sYLbUdkYBx0sdpTiWHXmRP0JXtcvQxRMgOuRt+EhWoEnSsf1joMVhR4x
- aGRmOiZhw4ZMI0GhxlVmonb/B0Bo6/3GIScVY9AzJIcmDqDd8DP7SEsYUxFzBfST
- KAW2cJBn6rT1OtB97odr5Ir2TkS4H36euSNew/8caHGlKgcnewgF+zpIvjeWUimk
- cUybZ2UssmBtfWHsypAMg7pKFO/OmV57OWqi8zKYNeLwXeFQvHB1265oJN4szyFJ
- raCAB02Y1r4E5S3wSeqhjE7lvj37/JTjr5VXmz0tASPpgdcLKyik/qTSMQVLs2gY
- nUjVnPbpakQ/9cFCElWEhFDwALZjsAef/+mqmA8h9Z84X9gi+EAwee/9uT4Mu/0H
- 1xKdlAjo0ubkhTbxDf/Zp4RGEQ3ERffj5mtL/DxuBp2jvQ/feljJtO3Lo93Skbti
- 7s+kOblHH0bBS+/YNP8yQUFZ0V0Jpvn52RMOKiMlrnlbmI2u9x478uF7cT6iQ8xf
- HlIIGZHJ+dGU10sxmflp3TiSRAOyy5YJOFiBYl08QHREqPoEfn20hWIaf8avJHLU
- aAEJAhA3M6o9TmOuAV9+n8lrZr+WcRQDovlZmyGb8/mjqupcW7QTsmdjIGFi8ttT
- VgwJVseKZsTC0dyYNRroBUMyxEhtvsMkoAf6i5t9hr0XcaWQkacd4oYpkFIS+cDk
- GGZyXPivuky7
- =Tw63
- -----END PGP MESSAGE-----
- fp: EF643F59E008414882232C78FFA8331EEB7D6B70
- - created_at: "2025-05-03T21:25:04Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA6EyPtWBEI+2AQ//QEj1kGg89Sim6kcAyZR6qi7yU9NIsQUUgNxTD4Dn+AS7
- w5rKd3ympVFVO3oQTJNLmxssJGyC1mgB9dqBulAPjKepnyHa/EolpGq69mPlO8pH
- CFxSSz/rxj5h5vojyWE8VhDQtMeKKGMYwwqREkHkOMIvgoXPvcwwiLVDkRMkf7ss
- xewqL5dlBkmHCHYE3gIE6BrGNoQEZ6vO19P+13KDgHxZN7RfXrQDLYEb8Rse/X24
- lsQxlaJr1fNsHzEPHkfZzWx0IFLJIPCwLJa7iY96Ku2qZOo+WkGhUiDHo/m9Ru04
- iwEVzucWHCYt3kKKq3kEyR57jOwzONUAuWl4otO0U3a3+dbHAkEqzU7WcnS2UOy2
- ajYmAq/j6kn74zCw+FV9tT1S+6WDHW95jXIPr3zKqRSL8V4UK0jc87Nb06w3yRCz
- f8C2lrzH7iQFajDDuJ/vUI5g2NR10FafOdI83XlWkpd8i33nF7eoMZTagAFLw0C8
- OPr32i0Ppdz/fAedkYqqRys1tryQGiq3PeumxQTQQj9OKlkYlPIWLsQkSgRNQrc7
- EuIkm0YT4zpGzcoiQT586GDVsOiEb5yMmOjLqB8BHrSEUQwHL1cZvbGUooFqWX7K
- iljdQ9RneaZH7REdJcN9+y15vd17pz8y1e8rd3mh2PGGkoVHyspklYvykzCDoNrS
- XgHjMWrj/QCDI+GB02fql1ZFHodIbFPseWNlf3XVW8/lu2m3FDNYEsJCsBeK5OLW
- Oti/DyVz2cNdescNEfH0W8OJ2f3C+R07l9FU1x8hjifjd+xURu9z+xrGdHwCYVQ=
- =v+tQ
- -----END PGP MESSAGE-----
- fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
- - created_at: "2025-05-03T21:25:04Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAz5uSgHG2iMJAQ//SwMT8P0+0S2zrf3/ActFB3m3BRUn93t2MdnAYQZRjil4
- nhcw7JpMjxD7Qe3klNHdeBK8DxXlr9ou9KvdnVWr4vdnzTdAiSiM9n5AHOCoRnT0
- rz4A4tTide2kGjmU4nWICAivr1YQqt9c/2D3BL4NAHTy0d4DK88jUe9wcoo8MnPW
- nKk2LUr6DCR3+/3d9OJrWNlWrCmmSRfgpbmsGOV+TlKO7EaDTjc3Iz+T9zOaFXVj
- /8VLyksQ6OtYnpOsniOsAb0GxiAGoeXayDvIijqesQ6AUf5HDGMcWCQcqMzITYWe
- RNKceYd1MU5iSmqbCQ23WVCHMvgwqQJ1hRj9Rj3E4j5QVFzwniwmEK5XIOhvkL8Z
- McrJ47zYi+QRx9xyhqczv0W2oX4aLZFW3dJtbpNzUMUmgDYZ+d16Iu3AxsMuOx4D
- HovgP8+fy41+VgQvlGJE1pez/xo6muP6TMR8zD/s/eFnZop18bBK2OYW8yd/kp/B
- AY9mpq6dDs4IuUBlo5c0YPIfWMWhh4GlaEsbggB/AUsrbJfYMX1MlLiHALAN0+xo
- swRp0pPm+7mZmv7LnQCzNUM4rjGhJfzljjFmi+RwSS2h6bXbNqiedRbJbfrYWsCh
- P9Ww4PhI9+kKb2PcNa7Ibzd5Ac3RpN1tMVsVzHOa0WhDCR+TkI9wnsGtHPi3CJbS
- XgENsQcISscNzddDkTkI5fGogQohsQAQY4UfZDA5QuyFaNLihaWCr9OpUqFMXu+A
- tSkVmHBVdYT8jIxO5YHYRieSxE0SEmYJf6+Ckxf2TWMJxWxsvwHgekI+kPR1Byc=
- =VkXh
- -----END PGP MESSAGE-----
- fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
- - created_at: "2025-05-03T21:25:04Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAw5vwmoEJHQ1AQ//Uxtqgh64BFkNnCxUvaU0dvhrwuhAfrI2QAgX7Gghky7M
- QwY5/HGBs34wCHlIJqV6E8AdXN0VyzhBiKiryaqTSECDXZbFsb+q0VhxWTs4T/G5
- oCvlvOC6rM7XT6puTsIiqjb4YO/8aVbkQCcE3QlwWxQP9DAk6I/Xxc+hTKStiYeC
- uqON51LEtE1/pqfmf/K4j5kPLBuRYf5IUaBp5WVs9MMbf/vyN235odT8Z29Nz5kq
- DidBkSq7A9Y64rncvvZ4+U3L0HTFcfyiTNOYPL1W45OgPFN4hRU047u/JjP1/vU+
- dLwWNwyYqq7KmEsRu8vi1p636KDios6MDo4n0Ma74APpM/3c8GEVeuz+rY6RoHbK
- FzZ9Eswe5otqmfhfLqBGNYW9+RNu3nUD6U45ES5YqNOH9yk4OqrObVMrUh97IpF8
- 876cL+RDqI+KhnW1sgpJ5x+v7XrS12/LnjArBUJtHEsTxDWoAFHuVKJdr895M8+U
- 1rMKOzhREbklNNgF33T4ysk6IE7PhGAJn8Wta2B7GfpBGBnzGdi6fvbuf+RtlZi4
- 86LkFNI7iOvVV4uiG02yqxlLsCYt6ww6MZuGLREsNeHLuQkrVfF9aVw/+++3PJan
- tIYl/WSLQ2sAjj6uxoXkBciidqFhtlD+4hvRky3enrYW09EeBOZY+4sE16ALCnHS
- XgEz/69zcjJK5d3yEdcYeoHRMFVH6haEc48kg3WKlOKQ2HrPS9rKRGSwG8CC4a75
- iw1OBZGFeaacydhq5XzU7QFlRXx7n8oi9zBHKPb0ND8zm13LQF4oTHogkZInmm0=
- =Ks/U
- -----END PGP MESSAGE-----
- fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
- - created_at: "2025-05-03T21:25:04Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA4HMJd/cQYrVAQ/+MJYZ6RlUXXfn3JFBUMOFMOCR3QYKYyYxFi++34qdw6FP
- 56KibbYsAs2yLksHy3XdgFgw9ki3AOFK7zb2Urs36/S/lofK592u+bKK+EYqVwIK
- YdDynzaxA46WlRx8zMufEjyUBimAppOwePeaNPeI5+ElsYT+IBYB59xNEDHx0Gql
- SzQVj326qkp3J3vYnoV8Srt7MvU+21ysT7eXSFrYP6d7imG4Mc9CuO9Rf4ZzovY3
- ZcIHGGg5B5/34eeVGfAFw+LfSTAcicidXDjSs9baG9jmoZYiJjF/qw4+mYRJ7Cox
- CFQmeitar/tAAS8Q/wU9//a4dSupreAIRkA6V6/OsoWli2wY+1fL3TnHeTjskeh+
- BYCTuWqjAXqk/VEHkzgxqEbmJr9wHrUl5BWnaF+Ic1i3Udmm9UdFx6jgja3IbJpy
- TlofZx7EhEd2VR29AF4HQV7vjeno+wp8mKJMtaG1gCpxAlaBvpJX8lsH/oDpuYMK
- HhFNiI/ytFd5rGsthIImzUqe5eqAnl2+JNS5vxY26JU06uN1kPcPifeV9DqJ86OC
- EfwFs3mHAIdiyn2LfA9ESCiqMEBv7NsyIFEve02y+hJZ+G/6x0Ob//AfrhgTOmSt
- 2QRA0WMhavJpn3gcnO3OHoHqYzckI315ZLglgPYqP+8Uc8fx6RpA6vXaj7l9aaLS
- XgGrtCK2C5MJQX8pMYhOhNWCDcXspLlAJMNFLnBh7ngujttyLCbufx3h37evh8DY
- 4PZ70A4TjPbyiHvQWYhVGmYTdS3TmoE5eY0vlmIHABYvKflkdYp9JPLeqqPLxQE=
- =Aw8A
- -----END PGP MESSAGE-----
- fp: 91213ABAA73B0B73D3C02B5B4E5F372D17BBE67C
- - created_at: "2025-05-03T21:25:04Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAxjNhCKPP69fAQ/8DmSZ5hZ04QC8G4G2P2xsTg+hb6Cu+v2leOwhRNhYQtPa
- 9fa8e5Hd7lhLfdDSfABmWZTW34lyzj2MEi4ZFMaNU7zk/iBTfFFWZkOuaSTLHD0J
- D28PROIEOVZIjUSqQ1iGT/jRP2fCEsSWexkGJyOrXKUsVi5kSdK8XygG/Hx9uiS5
- JoyjKMgPRNCqjvZdF12Qr+0QrM57CPE8fTy9MauN6M7CTiktQw9bdVc5hjNf4AZt
- 8OCwNJLrAiB85iPVrUYO3nxmRETH092N1aw2HPv7/cOCst9jyUAQq3AEFpiaK+PD
- 4uM+A+bkX3fOaCpNe1ePAnG/hV/456ZkNW3cR1tkRXXcXROFg4hOdZ2b3Rn4X35Z
- xAHahfyOor15vAbmeAUo0ebdaAICmSoYT+JuLEdaE9hRBOfQkehRMvp2qHhYSe7X
- 8j/cQP6M9lSPKYy1wATj3ALmLMvab3CCv9Amu3F4JtJLH3bgyWtMhiPWwxgnFRTm
- OQgf6mXzRgJnnBJwtwdauSIxD758NyvqJgRq87dsrnUi8rp3fRq34jMVAWnrKVBz
- kL4DMfr06mCMFLEG8B4Im4jfy0W3oVCrRrFgfB3HoiTbrnKOdYJ5e+XvlFxgXQ52
- h0WaRnPDQK1kx75nJlF72vr0ZgTWogm0OQUadxU+LiaQkQrcBkTmpjyz16l46O/S
- XgGXzsbwjXq3hMptCN2tD65Ryzra1BGLBPyF39UOj6xNaUcfB0Aht/huvTaWUE1x
- up3gAnVub2M7PpamJMqAe4vucIuS11+VflWV/zlUFkaqhhlghTEeR7mEt3/1cCU=
- =6lrH
- -----END PGP MESSAGE-----
- fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
- - created_at: "2025-05-03T21:25:04Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA1Hthzn+T1OoAQ/+PbfW/BhAzQ88YgicYVYeqw784T1C2EPbUeBRLJWbKyCL
- LXm/coGFBpzebUk26spFK151jWOgUfyFeMqYTAKPntV2w+L/sBsuN+hJ12egIKGi
- 5vdwosq+dgo4jPg86kohepmfh4obv3QQ1P9ESmu3UswTCsn7WnRKLscVcPAFd2Wl
- m0EaonTQbpW6zPLUJXd+/UnTsj1PrYijazDjUEcfoj5UwQ7vXfzoeNqvkpMzQxFT
- mCm4hL4iV0E5av/8eP3jYFxz7S13MPvyN9M5I0lCDAYENrQDvDbaKWCYGNRsG07E
- TULw0TXwvP5KtEORR7OAPGlon+1JQ7AM4RpTvsql+dEYq8t6pFrMw12TAKsCR3e/
- vmx12aX6eiBxZfcV/l9ykl+ypNE/YcKMjJxrDo/jeypXrHhEieuT+Otxe5OMh6+o
- D1tydz4GKNJVsL97hlAKizs+h7Kg1KLucXVpWWUyowldzHOWA8ffh7uoM5pDk4wO
- cYY4ROhy92n9njAzuAJfotTT2Jo/3J9vizlwFEr7F/sHEACIMgU8yJ+yqBiZK+G+
- Dx735M17sWTbPaV7s+fKwGD213c9lNCqLCqMd0udB2cpItKH6leIQ3wkMOCs384a
- qs5/zxVorCvMul2iB74mEw3KcbwEuQDS9sJ3G6zXTV05hgx19/qM4IJX0WxkhjPS
- XgHiuGDuve1w8W3sfT51/I4YsGonYwQe4lfRgQie7efzySidP85lwcfYcjhhaeqy
- /Ly0kISbmO/AkJ/94TRIw39TePjP34tcYJ7B51ZyIyyJqE9LD7U5Cg/zK5KVqSw=
- =Pqms
- -----END PGP MESSAGE-----
- fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
- - created_at: "2025-05-03T21:25:04Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA46L6MuPqfJqARAAmHTz9QCo5nl2Mv5vK+yDYrbVgfgWXqD8s0sinylq4f4K
- r4U1b8cxGfmsbm+Y3MgvOLja4mHrzAaHdGo4rZWrnGKuhgQ0DNzi3ScDZ3mkTSyS
- Nn62K65zjG/JaqS9M2tXyjuSq648jy3o/PnZnMY24H4hpw73EvxLudYyz1DaXQoJ
- lhi/k4Nv+cGyVxCXzBklMJ0KW+VPIKQqf6TxqBRrQzPG1BNIWul9S0YJ5hZKvxqj
- eEHPetDiQNjAJ9tPsVqXMe+TH3otz0shks5j9PzRGklwcHQjIwZrSwd6Ajs4Y24N
- DTqAWH6ZosGERCe7Qp9YInTQ67J3VubYqtzpqDPKsu59+c5CYrhZooPHFOSt4WmD
- bfGVdyogsXAfRVq8eAa3ShRVTYN21eUH+qQfwmo8Vw6GKSeeXiBclP20gJvmasKS
- ifCLzEV9rhnE4YB2z7wUwOfJL3CFcnd96UqpGvQH6cAJmrKPN9U9pEWRVueMYhnp
- ZE2NGu3spAFdEcCtd2Yh+nrAMklLMClvqtyp/HA6jg5pVDNcckBUXs2a/9uc0MNJ
- 3RfrWaTuBRa9iEFJ6LHrjdWkRCMg6b2VrjVdrC6OwaV4vUQhc+VFNJGvkZ684K8l
- olNX1efLZuVLVCEt9s8CQWktZDkm8hXEc+JLgZa+y7/o+Q2L+ILz2uuFp8nET9LS
- XgFJ6Ktg3HSq8d8OYDmmKViYvqc8sazpt9RZybbQWxofCPP9Jum2AtxXsV8EvpIJ
- uGMaJTCrwcIzlGXi+kic5EJJ9mR0woJNTMFLJgmm7CnfCQP9OsPb8IYNzvWK9zg=
- =jmjo
- -----END PGP MESSAGE-----
- fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
- - created_at: "2025-05-03T21:25:04Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA4EEKdYEzV0pAQ/8D9QO1hysKECDBPWs+vuWeaYp6nJL3WyoehsD+5NcUgu5
- n7k6gWdb6qdnX22pG2Y1sXVUbLHpBwGPFmV8yYEz/Wvilu6XbagWOaidIJg4n//t
- nIEUXun7592rod636coaLdHF2xrFsh3e1RaTmFI4loOhDKZiiQtnGkFKcaukBJrM
- cZwmuJNCT34RAodzWQI1zYbMKz0RSgALVBTcr1uVcdNfU/QCaqt7zYw75NnaTV/i
- n5EsKAFcva5H//9lYHSzh38zOpz7eika4q9pBR6AwQ+4qmQEJE2x6cqqKVBAxpJO
- aKBvWxxD6xZ5euoKYVdNnESaSrDXbBwJjcaWELhf9zGjJ9lh02rrdNyeRYkoBIGm
- Fgc35S7TG0jK0KnNO/Cx0lOSwKZVdS/wAn4G7UFBAi9wvN5dgW/4+5YJ3FvIP+JQ
- +WtlhbVuRnytjBoMPXdmhtlMifPqcCCe9tfWzeDshRFkYZYj7fCYahb1RMayckSE
- mzL09qD/1NWpvCxahd8klOom3i8UZUsF7/f+MvL/qDDrOQNYUkZZlyXMxK6PtHxD
- 8EllsS7LSKEjyOVKUZARaAVa+4xNRPoekgPGb87c33KcaDTHpAdnR4+OAsdrZqdH
- m7uDUmFwBl9oUuOSDH5/SzYDwCmzji4fF+RB3y2rN++iMHaoW0cdfrMFJLNh0p/S
- XgHytHnTUNQHpcO9DvDOJ/k6CMKEy8pqHsJtA6w4qjDBvxp2+MZvLtaiu0+cdIdn
- Pv4/vMcPQ487w1Bai/RSPpFT/mvul2cx+rvGAvSBOJdJ36IqS77XS7q98oqsLXg=
- =iE5q
- -----END PGP MESSAGE-----
- fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
- - created_at: "2025-05-03T21:25:04Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DQrf1tCqiJxoSAQdAplgn1U9MWtBhmrJn4nWktxeHY59U0ksE1XliNX8mr0Mw
- 3xD0QuwfaohrhdgX3La+4/OY582zxkSwEP8Jw/JoBOSuEx+HBUreKKPuxO9uHzig
- 0l4BPz6xZxRAI202Qajo1H9z32HbS95b05bBUapW50sUAAmNUhXW79guW7PjPeE4
- 1baTqk/BaJEreZshjwlJ92GXqrdbWmsYPRKKMSa1NoZu/uVQYvGXPvtmtE387OAs
- =gwSv
- -----END PGP MESSAGE-----
- fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
- - created_at: "2025-05-03T21:25:04Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DzAGzViGx4qcSAQdApLDqh0CvSd674B/iVxpxBih7clT+mIDyINRGECvxBBgw
- Afw8LvDzNDt1SX/xWNqZTYiJOQMq4V5HfSkSMt9mPPbSP9sT0OAHNN2dW/wZh2ZQ
- 0lgBl47uynaVtrGVFU6ztl1YspN5OirXNIV/QqQIui/iaeeEdY8M/O7Blw2riktx
- swLDw0o3UQTa76cCcBY0bLv0Vv8zdjKTSP5nBhMDS0pNxkKCuTqXCYkr
- =VCUK
- -----END PGP MESSAGE-----
- fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
- - created_at: "2025-05-03T21:25:04Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA2pVdGTIrZI+ARAAiYsQ5CFabAY1WYopL7Q14NoAdQmo41mCMK7VwObHTwRP
- 7fIc2ug1UvunZsHSnC+IX6L9FXR8SUqFg4P9sWRPnnId/lI23zkBDCYuwCy2F/qa
- e/GEh4Eha3OSd/ljZADddAIn+mjb6nc2YU/DvLg60h3A317RZassGavSFxYdPmKi
- mfGVdnM8d4fnBIVaaUBjMVgiiTZnp1JGsaSewGkAie5qbhsqM4DT/se2RoNHmRjk
- hZw8UNi2gPm27er9q3iBvEe/TKr6diA/ELWzNBXZS9uhOqKAlUKsHMNx9t/aLGXV
- zSuyM0KuIMX61isHPXvKv1majyjGJ52UIfoUJ29FL9XmRbW2AUjmJnJ0AF8tpUrC
- 6mqrzKTouOdmAdLmlPnZKlzt32AzkAlg97u1tllWUJstYndl2IwJ69BMaDhQVVgp
- 6LkxUw5gmgCyj6hjDNjX98IhacGMYBhjjJ39Z+3AGlhuAegN91MGaE3TIrPjmx/H
- KAXEC5Wv/yp5ezz2FtY41e5selMKcMgn8OuOvdyQZ0wWfqebLd3LMRis3hV04a8u
- FzfkGo1jG5FWJQj0Nlc9mdgh6mLO43LKdq3Y6P/2pJ/Xdh3/tm1vzY3VOxtuelBO
- NcB3lYB8ukouKH8yx3LvnB0oD3EsQC0/Uq8HUx4B75Mi7xnG2uo0sR05ALTLMePU
- aAEJAhCqABkvXA7TWGsj9ohR+1d+6A47/6drox/KI/axPWoSFb/9SfPoSQR8U1Rp
- NNrUA9GRUEFAsAzU7PaUYL5ZjF7uHN0MbZL7XI1X7qWz8I6qVYtuJAjBTdaKen3N
- pRg6v53Ytj/L
- =yFV4
- -----END PGP MESSAGE-----
- fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
- unencrypted_suffix: _unencrypted
- version: 3.9.4
diff --git a/resources/z9/dooris/docker_compose/compose.yaml.j2 b/resources/z9/dooris/docker_compose/compose.yaml.j2
new file mode 100644
index 0000000..38db85a
--- /dev/null
+++ b/resources/z9/dooris/docker_compose/compose.yaml.j2
@@ -0,0 +1,22 @@
+---
+
+services:
+ dooris:
+ image: git.hamburg.ccc.de/ccchh/hmdooris/hmdooris:latest
+ environment:
+ HMDOORIS_ALLOWED_IPS: "2a07:c481:1:c8::/64 2a01:170:118b::/56 172.31.200.0/23 172.31.202.0/27"
+ HMDOORIS_CCUJACK_CERTIFICATE_PATH: false
+ HMDOORIS_CCUJACK_PASSWORD: "{{ secret__dooris_ccujack_password }}"
+ HMDOORIS_CCUJACK_URL: https://hmdooris-ccu.ccchh.net:2122
+ HMDOORIS_CCUJACK_USERNAME: dooris
+ HMDOORIS_CLIENT_ID: dooris
+ HMDOORIS_CLIENT_SECRET: "{{ secret__dooris_client_secret }}"
+ HMDOORIS_DISCOVERY_URL: https://id.hamburg.ccc.de/realms/ccchh/.well-known/openid-configuration
+ HMDOORIS_LISTEN: '0.0.0.0:3000'
+ HMDOORIS_REQUIRES_GROUP: /intern
+ HMDOORIS_URL: https://dooris.ccchh.net
+ PYTHONWARNINGS: "ignore:Unverified HTTPS request"
+ #DEBUG: true
+ ports:
+ - "127.0.0.1:3000:3000"
+ restart: unless-stopped
diff --git a/resources/z9/dooris/nginx/dooris.ccchh.net.conf b/resources/z9/dooris/nginx/dooris.ccchh.net.conf
new file mode 100644
index 0000000..c1ca082
--- /dev/null
+++ b/resources/z9/dooris/nginx/dooris.ccchh.net.conf
@@ -0,0 +1,37 @@
+# partly generated 2022-01-08, Mozilla Guideline v5.6, nginx 1.17.7, OpenSSL 1.1.1k, intermediate configuration
+# https://ssl-config.mozilla.org/#server=nginx&version=1.17.7&config=intermediate&openssl=1.1.1k&guideline=5.6
+server {
+ listen [::]:443 ssl http2;
+ listen 443 ssl http2;
+
+ server_name dooris.ccchh.net;
+
+ ssl_certificate /etc/letsencrypt/live/dooris.ccchh.net/fullchain.pem;
+ ssl_certificate_key /etc/letsencrypt/live/dooris.ccchh.net/privkey.pem;
+ # verify chain of trust of OCSP response using Root CA and Intermediate certs
+ ssl_trusted_certificate /etc/letsencrypt/live/dooris.ccchh.net/chain.pem;
+
+ # HSTS (ngx_http_headers_module is required) (63072000 seconds)
+ add_header Strict-Transport-Security "max-age=63072000" always;
+
+ proxy_set_header Host $host;
+ proxy_set_header X-Forwarded-Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-Port 443;
+ # This is https in any case.
+ proxy_set_header X-Forwarded-Proto https;
+ # Hide the X-Forwarded header.
+ proxy_hide_header X-Forwarded;
+ # Assume we are the only Reverse Proxy (well using Proxy Protocol, but that
+ # is transparent).
+ # Also provide "_hidden" for by, since it's not relevant.
+ proxy_set_header Forwarded "for=$remote_addr;proto=https;host=$host;by=_hidden";
+ proxy_http_version 1.1;
+ proxy_set_header Upgrade $http_upgrade;
+ proxy_set_header Connection "upgrade";
+
+ location / {
+ proxy_pass http://127.0.0.1:3000/;
+ }
+}
diff --git a/resources/z9/yate/docker_compose/README.md b/resources/z9/yate/docker_compose/README.md
new file mode 100644
index 0000000..1977f4f
--- /dev/null
+++ b/resources/z9/yate/docker_compose/README.md
@@ -0,0 +1,12 @@
+# Yate Configuration
+
+Yate has a [beginners guide](https://docs.yate.ro/wiki/Beginners_in_Yate). Otherwise, you need to refer to the [sample config files](https://github.com/eventphone/yate/tree/master/conf.d).
+
+For our limited setup, we only need three files:
+* accfile.conf for defining SIP registrars that we want to register with (EPVPN, Fonial, and the Fux door intercom system)
+* regexroute.conf for the call routing rules
+* regfile.conf for the phones that connect to yate.ccchh.net
+
+## Docker Compose Setup
+
+yate runs as a container wiht host networking. The image is build through https://git.hamburg.ccc.de/CCCHH/yate-image, it is using the Eventphone fork of yate.
\ No newline at end of file
diff --git a/resources/z9/yate/docker_compose/accfile.conf.j2 b/resources/z9/yate/docker_compose/accfile.conf.j2
new file mode 100644
index 0000000..4ce65e3
--- /dev/null
+++ b/resources/z9/yate/docker_compose/accfile.conf.j2
@@ -0,0 +1,35 @@
+; Yate will register to these SIP services
+; see https://github.com/eventphone/yate/blob/master/conf.d/accfile.conf.sample
+
+[epvpn_ccchh]
+enabled=yes
+protocol=sip
+description=Eventphone EPVPN CCCHH
+username=1008
+authname=1008
+password={{ secret__yate__sip_trunk_epvpn }}
+interval=120
+registrar=hg.eventphone.de
+keepalive=1
+
+[fonial_ccchh]
+enabled=yes
+protocol=sip
+description=Fonial CCCHH
+username=fo370381tr317349_00
+authname=fo370381tr317349_00
+password={{ secret__yate__sip_trunk_fonial }}
+interval=120
+registrar=sip.plusnet.de
+keepalive=1
+
+[fux_intercom]
+enabled=yes
+protocol=sip
+description=Fux Intercom CCCHH doorbell
+username=1337
+authname=1337
+password={{ secret__yate__sip_trunk_fux }}
+interval=120
+registrar=172.16.210.2
+keepalive=1
diff --git a/resources/z9/yate/docker_compose/compose.yaml.j2 b/resources/z9/yate/docker_compose/compose.yaml.j2
new file mode 100644
index 0000000..e3d6614
--- /dev/null
+++ b/resources/z9/yate/docker_compose/compose.yaml.j2
@@ -0,0 +1,20 @@
+---
+
+services:
+ yate:
+ image: git.hamburg.ccc.de/ccchh/yate-image/yate-image:latest
+ # command:
+ # - sh
+ # - "-c"
+ # - "while :; do sleep 10; done"
+ environment:
+ DEBUG: true
+ network_mode: host
+ # ports:
+ # - "127.0.0.1:3000:3000"
+ restart: unless-stopped
+ volumes:
+ - ./configs/accfile.conf:/opt/yate/etc/yate/accfile.conf
+ - ./configs/regexroute.conf:/opt/yate/etc/yate/regexroute.conf
+ - ./configs/regfile.conf:/opt/yate/etc/yate/regfile.conf
+ - ./lib-yate:/var/lib/yate
\ No newline at end of file
diff --git a/resources/z9/yate/docker_compose/regexroute.conf.j2 b/resources/z9/yate/docker_compose/regexroute.conf.j2
new file mode 100644
index 0000000..aeecf6b
--- /dev/null
+++ b/resources/z9/yate/docker_compose/regexroute.conf.j2
@@ -0,0 +1,100 @@
+; Call routing
+; see https://github.com/eventphone/yate/blob/master/conf.d/regexroute.conf.sample
+
+[priorities]
+; route: int: Priority of the routing message handler
+route=90
+
+[contexts]
+ ; INBOUND CALLS:
+${called}^1337$=inbound_fux
+${called}^1008$=inbound_epvpn
+${called}^04023830150$=inbound_fonial
+${called}^fo370381tr317349_00$=inbound_fonial
+;${called}.*=inbound
+
+;^[0-9]\{4\}$=inbound ; Calls from 4 digit numbers: EPVPN
+;^+\?[0-9]\{5,\}$=inbound ; Calls from longer numbers, optionally starting with +
+;^*\{1,2\}[0-9]\{1,3\}$=inbound ; Internal fritzbox calls
+
+ ; OUTBOUND CALLS:
+^[0-9]\{3\}=outbound
+^[a-z0-9]\{4,\}=outbound ; calls from internal users
+
+^.*$=fallback ; Whatever calls managed to not be handled yet
+
+[default] ; unused
+^.*$=echo [default]"\0"
+
+[test] ; unused
+^.*$=echo [test] "\0"
+^99991001$=tone/dial
+^99991002$=tone/busy
+^99991003$=tone/ring
+^99991004$=tone/specdial
+^99991005$=tone/congestion
+^99991006$=tone/outoforder
+^99991007$=tone/milliwatt
+^99991008$=tone/info
+
+; DEBUG HELPER
+; ^.*$=echo match \0 adr ${address} src ${callsource} form ${formats} id ${id} peer ${peerid} type ${type} user ${username} caller ${caller} called ${called}
+
+^[0-9]\{1,2\}$=return;called=\0
+
+
+[outbound] ; Calls from internal users
+^.*$=echo [outbound] "\0" ${caller}->${called} ; log for debug
+^[0-9]\{3\}$=jump internal
+^[0-9]\{1,2\}$=jump z9 ; To internal -> z9
+^.*$=echo [outbound] "\0" ${caller}->${called} ; log for debug
+^.*$=line/\0;line=epvpn_ccchh ; Route everything (.*) to the specified accfile line
+
+[inbound_epvpn]
+^.*$=echo [inbound_epvpn] ${caller}->${called}
+^.*$=return;callername=EPVPN ${caller};called=0 ; TODO which extension do we want to route to?
+
+[inbound_fux]
+^.*$=echo [inbound_fux] ${caller}->${called}
+^.*$=return;callername=Door ${caller};called=0 ; TODO which extension do we want to route to?
+
+[inbound_fonial]
+^.*$=echo [inbound_fonial] ${caller}->${called}
+^.*$=return;callername=Fonial ${caller};called=0 ; TODO which extension do we want to route to?
+
+[inbound] ; Calls from EPVPN or outside world
+^.*$=echo [inbound] "\0" ${caller}->${called} user:${user} callername:${callername} callsource:${callsource} ; log
+^.*$=return;callername=EXTERN ${caller};called=0 ; set call recipient to 0 (shared alias between
+ ; all clients in regfile.conf
+
+[internal]
+^.*$=echo [internal] "\0" ${caller}->${called}
+^110$=line/110;line=fonial_ccchh
+^112$=line/112;line=fonial_ccchh
+^115$=line/040115;line=fonial_ccchh
+^911$=line/112;line=fonial_ccchh
+^999$=line/112;line=fonial_ccchh
+; ^119$=line/01753288861;line=fonial_ccchh ; testing only stb cell number
+^.*$=return;called=\0
+
+[z9] ; Internal calls
+^.*$=echo [z9] "\0" ${caller}->${called} ; log
+
+ ; test service numbers
+^91$=sip/sip:ha@10.31.208.10:5060; called=ha;format=opus ; Homeassistant
+^98$=external/playrec/echo.sh ; Echotest
+^99$=external/play/tts.sh;mode=text;text=Hallo Hallo Hallo ; TTS test
+
+^.*$=return;called=\0 ; Any remaining internal calls to all
+ ; Context: Calls to regfile.conf aliases are always
+ ; handled directly and should never get here
+
+
+[special]
+^.*$=echo [special] "\0"
+^.*$=tone/info
+
+[fallback]
+^.*$=echo [fallback] \0 adr ${address} src ${callsource} form ${formats} id ${id} peer ${peerid} type ${type} user ${username} caller ${caller} called ${called}
+^*\{1,2\}[0-9]\{1,3\}$=jump outbound
+^.*$=tone/busy
diff --git a/resources/z9/yate/docker_compose/regfile.conf.j2 b/resources/z9/yate/docker_compose/regfile.conf.j2
new file mode 100644
index 0000000..95cf70d
--- /dev/null
+++ b/resources/z9/yate/docker_compose/regfile.conf.j2
@@ -0,0 +1,37 @@
+; YATE offers registration to these SIP devices (ie. phones)
+; see https://github.com/eventphone/yate/blob/master/conf.d/regfile.conf.sample
+
+route=100
+file=/var/lib/yate/regfile.swap
+
+[501]
+password={{ secret__yate__sip_extension_legacy }}
+alternatives=0,1008,1337
+callername=Legacy
+# Yealink im großen Raum am Fenster
+
+[502]
+password={{ secret__yate__sip_extension_flausch}}
+alternatives=0,1008,1337
+callername=Flausch
+# Yealink im großen Raum am Sofa
+
+[503]
+password={{ secret__yate__sip_extension_ewerkstatt }}
+alternatives=0,1008,1337
+callername=E-Werkstatt
+# Yealink in der E-Werkstatt
+
+[610]
+password={{ secret__yate__sip_extension_fritzbox_dect1 }}
+alternatives=0,1008,1337
+callername=DECT-1
+
+[611]
+password={{ secret__yate__sip_extension_fritzbox_dect2 }}
+alternatives=0,1008,1337
+callername=DECT-2
+
+[100]
+password=test100
+callername=stb 100
diff --git a/roles/docker_compose/defaults/main.yaml b/roles/docker_compose/defaults/main.yaml
index 76831d6..7c083ba 100644
--- a/roles/docker_compose/defaults/main.yaml
+++ b/roles/docker_compose/defaults/main.yaml
@@ -1 +1,2 @@
docker_compose__configuration_files: [ ]
+docker_compose__restart_cmd: ""
\ No newline at end of file
diff --git a/roles/docker_compose/handlers/main.yaml b/roles/docker_compose/handlers/main.yaml
index 96c5ab3..f974335 100644
--- a/roles/docker_compose/handlers/main.yaml
+++ b/roles/docker_compose/handlers/main.yaml
@@ -4,3 +4,9 @@
chdir: /ansible_docker_compose
become: true
changed_when: true # This is always changed.
+- name: docker compose reload script
+ ansible.builtin.command:
+ cmd: /usr/bin/docker compose {{ docker_compose__restart_cmd }}
+ chdir: /ansible_docker_compose
+ become: true
+ when: docker_compose__restart_cmd != ""
diff --git a/roles/docker_compose/tasks/main.yaml b/roles/docker_compose/tasks/main.yaml
index d11d826..af7f717 100644
--- a/roles/docker_compose/tasks/main.yaml
+++ b/roles/docker_compose/tasks/main.yaml
@@ -60,6 +60,7 @@
become: true
loop: "{{ docker_compose__configuration_files }}"
# notify: docker compose down
+ notify: docker compose reload script
- name: Flush handlers to make "docker compose down" handler run now
ansible.builtin.meta: flush_handlers