diff --git a/.ansible-lint b/.ansible-lint index 6b5f8aa..f68da38 100644 --- a/.ansible-lint +++ b/.ansible-lint @@ -4,4 +4,3 @@ skip_list: exclude_paths: - .forgejo/ - - "**/*.sops.yaml" diff --git a/.forgejo/workflows/lint.yaml b/.forgejo/workflows/lint.yaml index a867c13..1002532 100644 --- a/.forgejo/workflows/lint.yaml +++ b/.forgejo/workflows/lint.yaml @@ -10,7 +10,7 @@ jobs: name: Ansible Lint runs-on: docker steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + - uses: actions/checkout@v4 - name: Install pip run: | apt update @@ -24,7 +24,7 @@ jobs: # work in our environmnet. # Rather manually setup python (pip) before instead. - name: Run ansible-lint - uses: https://github.com/ansible/ansible-lint@d7cd7cfa2469536527aceaef9ef2ec6f2fb331cb # v25.9.2 + uses: https://github.com/ansible/ansible-lint@v24.10.0 with: setup_python: "false" requirements_file: "requirements.yml" diff --git a/.gitignore b/.gitignore index 424bd26..e69de29 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +0,0 @@ -.ansible/ diff --git a/.sops.yaml b/.sops.yaml deleted file mode 100644 index 98aaf3c..0000000 --- a/.sops.yaml +++ /dev/null @@ -1,167 +0,0 @@ -keys: - admins: - gpg: &admin_gpg_keys - - &admin_gpg_djerun EF643F59E008414882232C78FFA8331EEB7D6B70 - - &admin_gpg_stb F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC - - &admin_gpg_jtbx 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5 - - &admin_gpg_yuri 87AB00D45D37C9E9167B5A5A333448678B60E505 - - &admin_gpg_june 057870A2C72CD82566A3EC983695F4FCBCAE4912 - - &admin_gpg_haegar F38C9D4228FC6F674E322D9C3326D914EB9B8F55 - - &admin_gpg_dario 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD - - &admin_gpg_echtnurich 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A - - &admin_gpg_c6ristian B71138A6A8964A3C3B8899857B4F70C356765BAB - - &admin_gpg_lilly D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD - - &admin_gpg_langoor 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533 - hosts: - chaosknoten: - age: &host_chaosknoten_age_keys - - &host_netbox_ansible_pull_age_key age1ss82zwqkj438re78355p886r89csqrrfmkfp8lrrf8v23nza492qza4ey3 - - &host_cloud_ansible_pull_age_key age1gdfhx5hy829uqkw4nwjwlpvl7zqvljguzsnjv0dpwz5q5u7dtf6s90wndt - - &host_eh22_wiki_ansible_pull_age_key age13nm6hfz66ce4wpn89fye05mag3l3h04etvz6wj7szm3vzrdlfupqhrp3fa - - &host_grafana_ansible_pull_age_key age1jtusr294t8mzar2qy857v6s329ret9s353y4kuulxwnlyy4dvpjsvyl67m - - &host_onlyoffice_ansible_pull_age_key age1a27euccw8j23wec76ls8vmzp7mntfcn4v8tkyegmg8alzfhk3suqwm6vgv - - &host_pretalx_ansible_pull_age_key age133wy6sxhgx3kkwxecra6xf9ey2uhnvtjpgwawwfmpvz0jpd0s5dqe385u3 - - &host_sunders_ansible_pull_age_key age1na0nh9ndnr9cxpnlvstrxskr4fxf4spnkw48ufl7m43f98y40y7shhnvgd - - &host_wiki_ansible_pull_age_key age1sqs05anv4acculyap35e6vehdxw3g6ycwnvh6hsuv8u33re984zsnqfvqv - - &host_renovate_ansible_pull_age_key age18qam683rva3ee3wgue7r0ey4ws4jttz4a4dpe3q8kq8lmrp97ezq2cns8d - - &host_ccchoir_ansible_pull_age_key age19rg2cuj9smv8nzxmr03azfqe69edhep53dep6kvh83paf08zv58sntm0fg - - &host_tickets_ansible_pull_age_key age16znyzvquuy8467gg27mdwdt8k6kcu3fjrvfm6gnl4nmqp8tuvqaspqgcet - - &host_keycloak_ansible_pull_age_key age1azkgwrcwqhc6flj7gturptpl2uvay6pd94cam4t6yuk2n4wlnsqsj38hca - - &host_lists_ansible_pull_age_key age17x20h3m6wgfhereusc224u95ac8aj68fzlkkj5ptvs9c5vlz3usqdu7crq - - &host_mumble_ansible_pull_age_key age1wnympe3x8ce8hk87cymmt6wvccs4aes5rhhs44hq0s529v5z4g5sfyphwx - - &host_pad_ansible_pull_age_key age172pk7lyc6p4ewy0f2h6pau5d5sz6z8cq66hm4u4tpzx3an496a2sljx7x5 - - &host_public_reverse_proxy_ansible_pull_age_key age1p7pxgq5kwcpdkhkh3qq4pvnltrdk4gwf60hdhv8ka0mdxmgnjepqyleyen - - &host_zammad_ansible_pull_age_key age1sv7uhpnk9d3u3je9zzvlux0kd83f627aclpamnz2h3ksg599838qjgrvqs - - &host_ntfy_ansible_pull_age_key age1dkecypmfuj0tcm2cz8vnvq5drpu2ddhgnfkzxvscs7m4e79gpseqyhr9pg -creation_rules: - # group vars - - path_regex: inventories/chaosknoten/group_vars/all.* - key_groups: - - pgp: - *admin_gpg_keys - age: - *host_chaosknoten_age_keys - # host vars - - path_regex: inventories/chaosknoten/host_vars/cloud.* - key_groups: - - pgp: - *admin_gpg_keys - age: - - *host_cloud_ansible_pull_age_key - - path_regex: inventories/chaosknoten/host_vars/keycloak.* - key_groups: - - pgp: - *admin_gpg_keys - age: - - *host_keycloak_ansible_pull_age_key - - path_regex: inventories/chaosknoten/host_vars/grafana.* - key_groups: - - pgp: - *admin_gpg_keys - age: - - *host_grafana_ansible_pull_age_key - - path_regex: inventories/chaosknoten/host_vars/pad.* - key_groups: - - pgp: - *admin_gpg_keys - age: - - *host_pad_ansible_pull_age_key - - path_regex: inventories/chaosknoten/host_vars/ccchoir.* - key_groups: - - pgp: - *admin_gpg_keys - age: - - *host_ccchoir_ansible_pull_age_key - - path_regex: inventories/chaosknoten/host_vars/pretalx.* - key_groups: - - pgp: - *admin_gpg_keys - age: - - *host_pretalx_ansible_pull_age_key - - path_regex: inventories/chaosknoten/host_vars/netbox.* - key_groups: - - pgp: - *admin_gpg_keys - age: - - *host_netbox_ansible_pull_age_key - - path_regex: inventories/chaosknoten/host_vars/tickets.* - key_groups: - - pgp: - *admin_gpg_keys - age: - - *host_tickets_ansible_pull_age_key - - path_regex: inventories/chaosknoten/host_vars/onlyoffice.* - key_groups: - - pgp: - *admin_gpg_keys - age: - - *host_onlyoffice_ansible_pull_age_key - - path_regex: inventories/chaosknoten/host_vars/zammad.* - key_groups: - - pgp: - *admin_gpg_keys - age: - - *host_zammad_ansible_pull_age_key - - path_regex: inventories/chaosknoten/host_vars/ntfy.* - key_groups: - - pgp: - *admin_gpg_keys - age: - - *host_ntfy_ansible_pull_age_key - - path_regex: inventories/chaosknoten/host_vars/eh22-wiki.* - key_groups: - - pgp: - *admin_gpg_keys - age: - - *host_eh22_wiki_ansible_pull_age_key - - path_regex: inventories/chaosknoten/host_vars/sunders.* - key_groups: - - pgp: - *admin_gpg_keys - age: - - *host_sunders_ansible_pull_age_key - - path_regex: inventories/chaosknoten/host_vars/wiki.* - key_groups: - - pgp: - *admin_gpg_keys - age: - - *host_wiki_ansible_pull_age_key - - path_regex: inventories/chaosknoten/host_vars/renovate.* - key_groups: - - pgp: - *admin_gpg_keys - age: - - *host_renovate_ansible_pull_age_key - - path_regex: inventories/chaosknoten/host_vars/lists.* - key_groups: - - pgp: - *admin_gpg_keys - age: - - *host_lists_ansible_pull_age_key - - path_regex: inventories/chaosknoten/host_vars/mumble.* - key_groups: - - pgp: - *admin_gpg_keys - age: - - *host_mumble_ansible_pull_age_key - - path_regex: inventories/chaosknoten/host_vars/public-reverse-proxy.* - key_groups: - - pgp: - *admin_gpg_keys - age: - - *host_public_reverse_proxy_ansible_pull_age_key - - path_regex: inventories/z9/host_vars/dooris.* - key_groups: - - pgp: - *admin_gpg_keys - - path_regex: inventories/z9/host_vars/yate.* - key_groups: - - pgp: - *admin_gpg_keys - # general - - key_groups: - - pgp: - *admin_gpg_keys -stores: - yaml: - indent: 2 diff --git a/README.md b/README.md index 5a3d90c..6906a7f 100644 --- a/README.md +++ b/README.md @@ -17,15 +17,10 @@ ansible-galaxy install -r requirements.yml ## Secrets -Generally try to avoid secrets (e.g. use SSH keys instead of passwords). +Grundsätzlich sollten Secrets vermieden werden. (Also z.B.: Nutze SSH Keys statt Passwort.) -Because secrets are nonetheless needed sometimes, we use [SOPS](https://github.com/getsops/sops) to securely store secrets in this repository. -SOPS encrypts secrets according to "creation rules" which are defined in the `.sops.yaml`. -Generally all secrets get encrypted for all GPG-keys of all members of the infrastructure team. -Ansible then has access to the secrets with the help of the [`community.sops.sops` vars plugin](https://docs.ansible.com/ansible/latest/collections/community/sops/docsite/guide.html#working-with-encrypted-variables), which is configured in this repository. -A local Ansible run then uses the locally available GPG-key to decrypt the secrets. - -For a tutorial on how to set up secrets using SOPS for a new host, see [Setting Up Secrets Using SOPS for a New Host](./docs/setting_up_secrets_using_sops_for_a_new_host.md). +Da Secrets aber durchaus doch gebraucht werden, werden diese dann in diesem Repo direkt aus dem [password-store](https://git.hamburg.ccc.de/CCCHH/password-store) (meist aus einem Sub-Eintrag des `noc/` Ordners) geladen. +Dies geschieht mit Hilfe des `community.general.passwordstore` lookup Plugins. ## Playbook nur für einzelne Hosts ausführen diff --git a/ansible.cfg b/ansible.cfg index 654da28..ca06548 100644 --- a/ansible.cfg +++ b/ansible.cfg @@ -1,4 +1,6 @@ [defaults] inventory = ./inventories/z9/hosts.yaml pipelining = True -vars_plugins_enabled = host_group_vars,community.sops.sops + +[passwordstore_lookup] +backend = pass diff --git a/collections/requirements.yaml b/collections/requirements.yaml index cec061f..a24c121 100644 --- a/collections/requirements.yaml +++ b/collections/requirements.yaml @@ -1,4 +1,3 @@ --- collections: - community.general - - grafana.grafana.alloy diff --git a/docs/setting_up_secrets_using_sops_for_a_new_host.md b/docs/setting_up_secrets_using_sops_for_a_new_host.md deleted file mode 100644 index c88315f..0000000 --- a/docs/setting_up_secrets_using_sops_for_a_new_host.md +++ /dev/null @@ -1,20 +0,0 @@ -# Setting Up Secrets Using SOPS for a New Host - -Because we're using the `community.sops.sops` vars plugin, the SOPS-encrypted secrets get stored in the inventory. - -1. Add a new creation rule for the hosts `host_vars` file in the sops config at `.sops.yaml`. - It should probably hold all admin keys. - You can use existing creation rules as a reference. -2. Create a SOPS secrets file in the `host_vars` subdirectory of the relevant inventory. - The name of the file should be in the format `[HOSTNAME].sops.yaml` to get picked up by the vars plugin and to match the previously created creation rule. - This can be accomplished with a command similar to this: - ``` - sops inventories/[chaosknoten|z9]/host_vars/[HOSTNAME].secrets.yaml - ``` -3. With the editor now open, add the secrets you want to store. - Because we're using the `community.sops.sops` vars plugin, the stored secrets will be exposed as Ansible variables. - Also note that SOPS only encrypts the values, not the keys. - When now creating entries, try to adhere to the following variable naming convention: - - Prefix variable names with `secret__`, if they are intended to be used in a template file or similar. (e.g. `secret__netbox_secret_key: secret_value`) - - Otherwise, if the variable is directly consumed by a role or similar, directly set the variable. (e.g. `netbox__db_password: secret_value`) -4. Now that the secrets are stored, they are exposed as variables and can simply be used like any other variable. diff --git a/inventories/chaosknoten/group_vars/all.sops.yaml b/inventories/chaosknoten/group_vars/all.sops.yaml deleted file mode 100644 index ebc53b7..0000000 --- a/inventories/chaosknoten/group_vars/all.sops.yaml +++ /dev/null @@ -1,363 +0,0 @@ -msmtp__smtp_password: ENC[AES256_GCM,data:xcBVBTb6mfr5Ubyfga9ibKWKhrfrEEaDWD98vIbX8fl8lQ4YTovg8Ax1HTK4UQ6AkJGHq2A0D5B67KUTlp9eLw==,iv:TOp1G1LktRPj/KMCRU5CXBUsgKOqGssUvvk5oY0QnPM=,tag:SVBdDQy+fM0xeEToappP+A==,type:str] -sops: - age: - - recipient: age1ss82zwqkj438re78355p886r89csqrrfmkfp8lrrf8v23nza492qza4ey3 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1S0d6cnB5UGJEZlNKcEpD - NGQyYTNwS0E1TjZTbkdaNXlTVHFyendtT3g4Ck0xRkJhZHR2a1RJVDd3bUE5RTl6 - SVZrN0NIR2VKeTl6Qk9oTUd6VDdQYlEKLS0tIE82YXFoVkQ4bk1SRTU2YTZ0eVF4 - akdQTFBoY1B1aVZHSGw4bXJPZTd0MHMKnchC61XZk3cPfe7QjijW5uBlDkf2Sjc3 - /Spp+9cuf9jIJvFg+h3EY7CLAMVyAK59WnODM0HvQNhreXRg8CgK2g== - -----END AGE ENCRYPTED FILE----- - - recipient: age1gdfhx5hy829uqkw4nwjwlpvl7zqvljguzsnjv0dpwz5q5u7dtf6s90wndt - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSWW1ScXNWSEo3S1RpYitK - aEVsWklvS3Ryc2pqakpUc05mejIwWi9GaG1ZCk90UXdKVVZzdXBuTXowTURDekhM - NlJEbU5teThWaCs3R1ltUHBRMWVncGMKLS0tIGszeDJ0ekJIK2FYUW9Xdjcyc0Rl - Rlp0RXNhc1N5UXdmMG1NMkNoYkZZNkEK96GpdskKEXHK/ZQFSN+Y//wygKmnxP2b - ukFolURV7qlQVamWuDoUC/ToQtl3bU0jce/STQjGY67OwG5kecxEKw== - -----END AGE ENCRYPTED FILE----- - - recipient: age13nm6hfz66ce4wpn89fye05mag3l3h04etvz6wj7szm3vzrdlfupqhrp3fa - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVYzlXY0FvUEtIa3BVTjUv - MzI3cE8vbVd6WWF3Q2J5RlRISW5kOU1XZEJjClFsS3VlbXZHVDlWMWZMUGwzdTFC - K0xpV3FjRGJmWThDbklNbFByLy9FTXcKLS0tIGpMYlM5S3dodTBhWDY0TjNkT0p4 - WWpCdVN4cjIwMCtRZXJCR0kvWmV2TDQKeAE9hmGim0wdG7AC9Ypk1/zAOvpWEc9w - B5j3MGmJiDV5vqZ6YDJ158fkB3s3XDIohaTP0XT5Y1zEDnn0ee62zA== - -----END AGE ENCRYPTED FILE----- - - recipient: age1jtusr294t8mzar2qy857v6s329ret9s353y4kuulxwnlyy4dvpjsvyl67m - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1cXdneDFCNUxZR2VYVXpo - RzhwNFZnYnhzOXBrTmQ5NlNhUThsbjA4ZENnCjRWVXpzb1lZcjNQeUVoY0lkZTRj - bVU1S2thNzg4T2UyaGFqdDlvLzRJVFEKLS0tIFBIMEIvaWtPU08vR1crSGxUSklx - Ujh3bDFVdktOOVdvbVNrRGEvM0ZiczgKDAvWbY515jRhcWEkZrNNmtBsSwchclVz - FvnQB3G8ZIxJliJCkOHrFokvRskCHt9KJNZogqPtGF9a5OWcKkWgNQ== - -----END AGE ENCRYPTED FILE----- - - recipient: age1a27euccw8j23wec76ls8vmzp7mntfcn4v8tkyegmg8alzfhk3suqwm6vgv - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvdkpuODFJZ2xPT3NOT3ZP - MmVuSkx1UmdwWVBEZzJQOUNodUpvUlJrSlNnCjJBT1AyNzZmNC9sZytNaGpEOUZT - Tmx3VkdRVGNHOGJkZzgrZmFmRFFFY3cKLS0tIDZONHQ3SUh1bXM0LytmYUVZSmRZ - VmEzUkRqdnUvc0s3SmRNcmpZRndvVUUKHRo25oFVNtzJlTqkQ03znzH+Ce8j2rgO - Bt/HQ2tJC/0PL67zjCr4oyxWs2RfSuswM6pGh3TXmSkUawzzyMAPTA== - -----END AGE ENCRYPTED FILE----- - - recipient: age133wy6sxhgx3kkwxecra6xf9ey2uhnvtjpgwawwfmpvz0jpd0s5dqe385u3 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBMd3dwQ290Q3JCclBPbS9X - S1pnNVU5YlJjZkkzTEtuWWhlcmh6cEtMZmd3Cis2MW5henJ0dWZwNnpTcy9ia3Uz - QThPMlpBN0lkZVI3d1RqQ1pGeDkwTVkKLS0tIElGYWR6QXdkTS91cGRQVUZPZWVE - aXNhWGFQWncybG5ycTF3bGUxUEdRYlEKXMlP+iC1L+lCeFB9rnyDE6tKMNiqFAQQ - lvQKLGvZVRMk7RNR/OWb2IsZNtK3yGAgqjGpb8UwZKjUwYwgBzkklQ== - -----END AGE ENCRYPTED FILE----- - - recipient: age1na0nh9ndnr9cxpnlvstrxskr4fxf4spnkw48ufl7m43f98y40y7shhnvgd - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0enhNVHF0eHZkTlB3bTZN - ZWJaVDc5TUkrSHFFTnJ0UE9hTEg0Tkt0OVNFClFCNTlsTUJlQ1MySkdFa2o0WGRB - VWUzbkxFTkxQMVBqTXJtNEVCb2ZPYW8KLS0tIDR6ZXdoOWNwbjdNcmtxS2FBd1Zx - dWVLVUlZWEh0UWRXTlhYV3ZTT01ZQXcKz/ughevubxHCk315eL6WV0JETo4tblck - t2b4h0kcDpFO6aPCHBSX69QOLJpBCBnKI8ZBlxgTdTDLFlScG/8HRw== - -----END AGE ENCRYPTED FILE----- - - recipient: age1sqs05anv4acculyap35e6vehdxw3g6ycwnvh6hsuv8u33re984zsnqfvqv - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5MGlobGt4MG5YbXhYVWM5 - SDlraHdnR0srZDF2T1FicVFGR3IvNzBhMkVFCm9Nc1JnZ2toOGUzbDZ6cTRTajc3 - SVk0U2JlSStWQXFYY3htOTh2Uy80aDQKLS0tIHRkRkNwb1Q5dTZ5cDVoVXIwcmVi - MXBDdzdWZi84OXRRMUt2Mnh5QStLZWcKR/1GROkmyQWyY2GcZGplX8vYqHoeqvvX - ioWRF+QaK3GpgHOaSFybFt3r8wfeILbQ7zMs9qMARTg0kVMVvE/8pA== - -----END AGE ENCRYPTED FILE----- - - recipient: age18qam683rva3ee3wgue7r0ey4ws4jttz4a4dpe3q8kq8lmrp97ezq2cns8d - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSByeGV1VTA3R0FsMkdKYWo5 - K0VFK3VFR3Z5bmdmS2QzR0hRTWRvOEFEclgwCm9MQUZQSjZqVXJVQ3FoUTMzWjU4 - Q0luVDE0RUhUNmZGSlZXYWEwNHprS2cKLS0tIHBRQnZibGkrUmU3OHNHVjcvelVF - UEtad0g0T1JZRFYxUnpiblNIV0VybE0KVCw68UXleN43Qi/MSFpyGjrbwZS/EtWw - tbfZMPLalJ52pv4cxT4nrPfipoUyX7tHxEEd2f1SDzt5RUk0TO7ojA== - -----END AGE ENCRYPTED FILE----- - - recipient: age19rg2cuj9smv8nzxmr03azfqe69edhep53dep6kvh83paf08zv58sntm0fg - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4QXVVSlZ2QXA5NWN6Zllh - REQ3UE05eWkrUHdyL3FRUHJMTkE3QWtwbENnClBGdnFhT3NzWEJKM0YzT3RpS2FY - cnNaczRIRUEzSDgxejNjbTdoaERiRkEKLS0tIEdOOHdISkF0YnNpcFNKekVLYWVN - allIenQ4OFoyaEdCK1YrM0tpM0FHRjAKwrOJS9RGCHS7lcPX+eufZnEjaIvO3f73 - RWThSP0d2iy/vul18hdLF8PqKE2Hy0j6lvs9qhvwI1EQa53zHAWRDg== - -----END AGE ENCRYPTED FILE----- - - recipient: age16znyzvquuy8467gg27mdwdt8k6kcu3fjrvfm6gnl4nmqp8tuvqaspqgcet - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwYmNHaUcvMitRcklkbkU3 - VDRyQnhhak82d2I4MnRKMk1qdTU3bDRzdlUwCnBzSEJHZmRTazZ3Rktmc2FKaXJC - cnJiMU9oUW03Q3dlbGtTZWNtZXZqZk0KLS0tIHVTNU1QU2dRQ3JMclhqQjN1VjBK - dHgrU2EyT0FHUng2L0R6dFFZSU1kU1UK2x72pMCRGCz/cyekHrTY/vXhxACPGjYn - PxEXKoi70Dq9ox3ggknmE6JLZqMvFoudLoE2GAzvimFomYWb4e3NmQ== - -----END AGE ENCRYPTED FILE----- - - recipient: age1azkgwrcwqhc6flj7gturptpl2uvay6pd94cam4t6yuk2n4wlnsqsj38hca - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSArMVhJOFh6TTg5RFkybnBy - T3ozZ2MvZ2lCVFBvWW1jRElmNFBIUU05MkdjCnZZR0FjUUJlQXR1bnBGU3NPc2t2 - a3hKVzJZbzNWMkd3dENMUzQ3bk14YTQKLS0tIG5kSEdYS3dLcXdlOXBmWTVzNDFt - ekdmK0Zid3A0aUNHUHhmeHp2NHFZMlEKb6116XqAHYMl7P4RFRcz0IlZfx1/buby - V8y9TiECFZfWhuY3XaES99wjPw06nGszn/U29C1XtZZ0pc5Soc3dxw== - -----END AGE ENCRYPTED FILE----- - - recipient: age17x20h3m6wgfhereusc224u95ac8aj68fzlkkj5ptvs9c5vlz3usqdu7crq - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhMVZWQlRZVnY2ZnZweW0x - VmswdHpRUjVrNytaS2lZNHdsYXM3WHVCVGlNCmJ0ME9LYjFWTkVrZ1QwOHdtempG - dEJ4NGpPcHZabGxJdFJNNStxTm9nREEKLS0tIFB5NkZnZTZjL29YRlZVZEJJOHNu - ejRmc0V5RzVwY3BtVGpIY3lqVGt3SGMKvSFU/FZw3CeOrkbVKqz9Nsfmw/DU/obE - 6bIs15L7m9hOzqj8PeQYv09NO83WCfYj4cjh+Jsdtlvtz8Fz7yt2eA== - -----END AGE ENCRYPTED FILE----- - - recipient: age1wnympe3x8ce8hk87cymmt6wvccs4aes5rhhs44hq0s529v5z4g5sfyphwx - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQUVhSY2JnZUFjS1lySGlC - MUdVdTF1S2xLdDlVODk3Qm1FZ0RxQTdkQ3pnCmFPYVg1dDN0amtoOUdKQWFRNVJS - ZkhCM3VFbUc5RHJHS1ZJbit1N05OLzgKLS0tIEhCMmRFN3hLNDFlTkpzUWYvR2R3 - Y0RZSHZrbnJ1SEc3aCszeG5tTkNvNlEK4pUz8bk/tDKYIxu6dCG/DTk8OtTTYJaL - qKNNZ1COhPtVTCHaIbRSPWu8MqFy9+9nf7Hoc9fEE8aM+Yohs4sySw== - -----END AGE ENCRYPTED FILE----- - - recipient: age172pk7lyc6p4ewy0f2h6pau5d5sz6z8cq66hm4u4tpzx3an496a2sljx7x5 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBaUERGWmwvRW5tQzJleExq - VXhmQ0dkMFJuWEwzbHlGMTNudE9UbUwrNEc0CmdMK0hCb0h3NjRuSVZRNEFwYlVl - L3VnTnpad2tJL0dCamVrT082ZmUxWUEKLS0tIGJFbG5ZU0Q2b0xQNFNjT3NBTE9I - Z2MwSm95Vy9XUDkrWDZMZUEvY3VHcDQKJanzV+qzgfuBpNzHLl2DS1GvXLV+UEKa - wD/2s/EkL4RR4F9mV/9+1vwFTNw6Lc8T8ezzxl3/Iu+VpziFgx8ypg== - -----END AGE ENCRYPTED FILE----- - - recipient: age1p7pxgq5kwcpdkhkh3qq4pvnltrdk4gwf60hdhv8ka0mdxmgnjepqyleyen - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHVXdkSHNOSHZmZ3pLWC9B - emc2S0NpenVZSW5GMWZha2ovS1VsbGs5OGhBCmZIWDBDaGVYMDhHRDR0bFgzbDN1 - MlBnOW43Ky9PV0VwZ3VlekJPa2xwMTAKLS0tIGNEVUVkbWIwVmFzaS9vdGhPU2s4 - a09LaU05VnVBa3ZGcUNMdFFZRXdaYkkKp1TYQXMSlZoGWgfSK9s4WXFu9xG7VFXP - 3O+FYTXTRTVVnZCPE5V0P0/v3H/BRgdbM2yuIiXTtmz69J8DNjFaNA== - -----END AGE ENCRYPTED FILE----- - - recipient: age1sv7uhpnk9d3u3je9zzvlux0kd83f627aclpamnz2h3ksg599838qjgrvqs - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtcUJ3cTNUZGp6Q29wTEgx - UjQ1RU1uSHREVEhwZGtmbUV0azJEQmtGbG1jCkQxbGZhSmRXTE1uUURaSUhZTlNF - U2loMmR5ZExXS2Y4eTBybGFsNFp0WGsKLS0tIHJjRDhDelB5N1BvbHFydW84ak1Z - YndpUERJbDJSZlBLQWdnVXpUU3dLdUEKQYddtnDd4U7bkjBeMnCQuYVddCCApnzQ - L/LgjBXfUav5ipWWUjW/loZJiHBsxrG5NkCYEyf72WMyDusd8mCN+A== - -----END AGE ENCRYPTED FILE----- - - recipient: age1dkecypmfuj0tcm2cz8vnvq5drpu2ddhgnfkzxvscs7m4e79gpseqyhr9pg - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOei9SYzNGMjAyUVJGYlJy - QlFBVnV0cDN1TmI4VEt3aGNtbWtvZHJFcXg0CkltM1V4UVp1THFrZEswOEZUUTJy - WVVPUDU2emNabFBDek9jMkhScUh4cjQKLS0tIGgrSytmcTZkbTJuUVE3Snp2RERn - SnUrSUlvMXhnY3JrbER0TkxBcGJucmsKdBDkRY5FUtOo8zQ0QtfPFGJn0O2Fg5xn - mSloxLaFwdXAR9L1QfUdsW+9Vgez4s5bxMJtn8hkwqIfyJc25FEEcA== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-10-13T23:45:06Z" - mac: ENC[AES256_GCM,data:QxH4lnNyCAAEJhzbgCrq7QeLs+OAtYgwQP4oFm93NE4Fbz7/Hz2dvL/2SopOdW7nYVeb1scuG1ra+yvgzuQDhg4lcgt9eBJoBiynM3qiHBs+FtcSJoKs16I/ACAadQwClALb4E0xxwKFJI8ewMZu5BAxi5EhYbgNfnKCIbhvgWo=,iv:LRa2vX0HUBugeEAVeOqXbPsMQrfrCpyzGUGjK6+VaQc=,tag:/sfhJM8V1IYBh94ZS/TDxQ==,type:str] - pgp: - - created_at: "2025-10-20T19:03:07Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAxK/JaB2/SdtAQ//QVwiv+sO4ibaxO8UMPFnMnLuNfaTJ+Nry109XkTwLkvp - +6I2TW9nAhL+M6cWBcWTJIm8Q9/EAKu0jFrmsmlJg1g7am2DcARoyDTXA2W7RM8x - kSshBHJxCjQn15cwWpMcGboKJDnn5uGqfdf1rbFLiJxWlFlIstO8Bia9YF2qSYXe - z/w5PQot7GDKa9AFC77I/I0k6hJduVX3jC88N0GZZO7oz017yit24QyOwTSaQtmO - J0NgoyC6uN50buRJ6cXbONwU1rOGYvMBc+I7mZrEBho8RbQObkNy8ndQpDbpMqSy - /FVECVfhAo1KOGsTSS/i8z+maBcFNnia2+hbOZTpq1gCJ7sgE/pJG9CKWltD8U0G - DkgO086x2xuuXGAksJpeiRelbjM4C3ScvFuQu0p+pbsG+0f2pNnkCm3Fi9zFYpqo - xzlOKxwwcBRpy76jWIQbVRodnaN8thinT/ySIfuIisfn8TgM6O0IA83jJEMy/CBc - QGwWiLFWOED864OOV4kFTBO2rGAi0rLPBoAfWPCpP/z5vpRHICCg35i+Y/Mg9tDJ - ToFbH/Q8ZpWaN3kM2J6wNKY58/AoVutODbJkC3ZydLA+m++fKsD122Sk4er335Ev - MH2txLTAcBXq6CAUTIYvEb1vSurIxh4vbgC1lN/Sg/b1p5IWKYmOx3onq0kUa7PS - XgFmbb6fq6VVS8GOD4bMCDheVGAwYG1z/1utYoiLcuyp3YKAWtwGB3WdawglzRWt - ceLfKBRuHl+CnMyMjdTNcRq9ATpupHPniCaoYMRpNy7GuLGHXgRybqxnqSySj0E= - =68mZ - -----END PGP MESSAGE----- - fp: EF643F59E008414882232C78FFA8331EEB7D6B70 - - created_at: "2025-10-20T19:03:07Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA6EyPtWBEI+2ARAAgWVVIYSzPJeeRYdO7SHudkxO1miNVhEaTa6ArJXhvj9X - f7Onb+kPRJ2H45O06+k4QUBN//Jl2wsAayHGvGKb9NmlO1wT8cd8yAe4AllebcTA - FGBhWpgD1f8RNyhU6s9YQEmUMFFuze3Frkf5pF36KmSO9Kb0yXNgQebURbUKIwt7 - W6KVBdlh9+y/8liH78X+QXFMneb8RA50mFvkSp4NxPyHGLV/S74jKaMv28q70ukC - 3ExtiLu22ACzA3jdn+BGTh/0bp/WRRYEt1TBmt3HFnVcKDkdgxOub2cwYug6YeYt - dvA61xnK0mmkt39WfR3wFtmrnMQywJn0r9cRZZwdjfuuKzWmkDGKoaiX4oXcq8hl - GJsljraNnRdSZsYCWKeQwM9VnQdTumZZpeyzH99AgbPanNEocLNG3s3WB1MOTBMC - SdktojCvHSKg2HBykxApLY1wUOLiYdVGNuTjNyTg8lo8IlNgeEEIa/8MxtPN1U57 - GDPXDvE9oJy3SvP7Tf0j4KVC7B30UYhb/jwqsG2wzjGKw3JMYucDX2JjgoTEXFxj - YqGDr+4/Vfd8bEadcQ8XJnoeCr/cUykflqO7EJnXt7kigQ8P5Jo+Vwu7oRFFlxRW - H9YZV0dOeVi3ux5Tw8ft5BRtYym7k0GP5ypQFzSSTeTTUa6QnZMWPssHMHQ+8xbS - XgEARDjMMwp6cl8adFfGJnuQmTC8pGCzOPLEhPY00t3Paz/WYvEwhioS6Lz2IsrF - QMgw8d2RrOZPJAAv9wq2ztTKk07aFxrQ8WYT9gscYPEgIpPmMUFR4nJ/fzSeiZ0= - =1N3o - -----END PGP MESSAGE----- - fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC - - created_at: "2025-10-20T19:03:07Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAz5uSgHG2iMJARAAl+0vmB2+PBg2aAZHZ1Fa9r/4zByhvLrjZ+5yWWcyf7fS - T/1Q2VbnDFvUwsEdbDs2RJYVejGxs5cyIge2ptn/9rnp1aMTu+FG1uQrY3lhGP6L - vpyDZWa2e1+bapttkrBBe79TZGZ4ABv+FCqHqWiH2HJ3V6ELXaooNhTrtlURCDqT - Cqgs8gH1qdVgISI9kvsxS8uGa58assuM/WW2+jATIoxBzUG9iHTugr75HWJw8xb7 - R4Xbtfpev5exXicbbAvO8b3scnBU3Y1OUERo7xPxxskVSCu8q2gDtyeckOY9SN0i - V4sr+bUBfvPChlfoIq9kifZPo4Pv2yP8EhH6D5pVRqO/aiBYr9l0XtxDaHB+d1Dj - Q2f7azUuM5MDRotUM8mhn09hd61haag4R6dVAOq3mL9rxXLj8sdHS4A4ufkjn+dc - PI/Q93gL+sFy9N0wgCvHZEhY1QoKssSBCu03q2ZVlLFuYfcXWEIQU3XpbzyCmAA6 - VkCvwXEA8xRs2ClrBpMOj7wRKzYoS3ATc3nFx0XL5pL74rUE68yiRlsZLccRB+9/ - nJSY72QzR9FFUhFFv0/DxUFs4OVCUzLwQVVUT+Wi8EZen0aY4zFG1u59F6E03Pre - wC9TIxDCR5MY6/SGgYPep5qheeYVdXw7a0TQWrwXpaTPSj7tm2FFQES5DRkVNN3S - XgEMoELXGpBjzixYKSsQ0/yT5qX9v7vjrZ/a3EuXtkdh7MAfMbRV+YDl2hlN9IJM - vpAo/V/vH1AyWqBL0oQ00xZzNvxi4RiPk0KPZg2zH1C4aokELI7i8D4Dz3L83Tc= - =LofD - -----END PGP MESSAGE----- - fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5 - - created_at: "2025-10-20T19:03:07Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAw5vwmoEJHQ1AQ/+Pr/ATDoZJGDuIOTI2RgXFefWN0/iz3KeI8n/8F9/1vkY - 1G/Bs0X9NkuzT6A/oIjBDa3630DMMvfdbY5Gclqrdwobft9dqhP05naf7BujX2DY - oL2SbTnfB06NUPiSsZ9aE/2yyzvnZjAxRczXZCi9DmhBhaXicILiJpJMUReldGtB - zbGtRzMUojwXqc1Fi52mXvn8XVTgrD//jX1IOUnpXmaFKa7zJCHe7Qfl0P7LMCw/ - vTDAXSazVFqvgyASPPHgVFw9oFdJ9Na02ML4jynRnIIra9WoBe+9+aPoaNG5WePP - Lqxmaj3uz5Uh2S4Lr8Qr+n7swjPUlYkZKSRY0WDfhoi+aCC1ejtysZaAwH32+CQA - sbnh4m+/qnEiNZlgy2vS/6yQKMAQ6HnLkBfkXYTseI4egVw2X7byMFpmAlqo1pwl - kr4cKaYGYDBT7/fDDrB8AAdXUq+guABm+8UO4GHvvSCzWY+8ie2/wrTSB4O9rLnQ - WQABESou4c/w2hKordim25w1UWWPhiX6TdumBjtep/SPNMrVNShn8s+G8uh+eAwQ - blNH7H6EwHW1b7gvSmKrlczW5/TXsi5URl+cuel0C5/ckdWej+jIIbfCPd+D3BbH - pFkQWZR0vFpvUZcUfU5kSTUz8N6jh/nGvOuOKZ07645ZFAKHjxE1JqjhqcJEqDDS - XgFphkUBFPhmz2FJdIQvfkyl6/CCj+MUfNLsB1hZAd4GRxcBPFyLB1rAkB0kV1QY - RdIXX5ahmk6JmtkwJsO+m5aAWu0ft5xpsX3jJKqAyoVWcRO/3kER8b1K9IL57nA= - =I4Bv - -----END PGP MESSAGE----- - fp: 87AB00D45D37C9E9167B5A5A333448678B60E505 - - created_at: "2025-10-20T19:03:07Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DerEtaFuTeewSAQdA3oIk2sfUn8ZzJf8T1xFQ/gSWqIoOXZvpAf8R88A5+2ow - kM6YFiCCShgt2qGZi1k9xNxoRO1aRmSdEqdwMHAwpFRtEr+tOcE1pq0o1HQUzqqR - 0l4BUDcJXeyrY44ufOXKRVd9J9LuwSf0GHfvSzGxCfFGQVKAtRx69TUwyo25Xwdb - mN/mmVecb+atPqdB5uMSvsMC2Tw+F313Y+uvgjK6B54iK9wjTiudD1TvzrTeaOPY - =QmFT - -----END PGP MESSAGE----- - fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912 - - created_at: "2025-10-20T19:03:07Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAxjNhCKPP69fAQ//QqFgN/hbCgpEB/KyJ+5uc8Nmi1FLWFBEPhnstvIlGx34 - rPkmO+mLxa39ikwNg2bAwFxDRdwFREj/5lcdEPaKMgyxNxngS4PSs7TtHroNvyXk - jEsNsyanhaajctcBJNSEcDWNFItTn2gLGmHOuribULXBdixI3sXCjrrDKceNs5YS - XUIw4SIl4NS2nCUQcFlMqVlKOiw5d5aNfPND0UzFI2CFGo1740F/G9wugOIzsLwP - C69o2JZDmsvs7rwgfWYbS5prxD0hHzXrjuHnONyPD9NdtIRVU0jDEPrcmxJfbj4D - nzkTqeEyNmcIGnVhCCM0ysk54e/VxI6Xl3upp8qgz21h0vBu88liJFeQo+uegNsa - ozLyvzsFSdbxbIzcqnXxMurWIoDZW59d0AsitmACez1PFHXmC4KEH28bxFNek0/u - hpxFiPRvr4hxPouCTSx1pP7HnDGUfJtNOu4BLigO9hjU2K628WBkZt95L4wprBIm - kgt/st3Bk96EC6bWLtn4n6Zb6l7+mdv+6qg1XBzbLFDxcu+L62qtd4j7BjI3ckGY - hO5tkGroSyRdOkqw9IJ7KoDyk90IE4Q0xy/XM5dqAXQz59sPhIOPBxje1FursyaV - RY7tZARigq/JEWwwTLlbOYPd3XGdbw6N5LfDZoXe2Lz+isHsxL2cAqJ+wgYgfb3S - XgEIk9UCAztF21PD6IC4E4OkK1ARhpwIGwdluazSGzYeTqKEB2g7N9iowAlp+bcG - aZ2DU/R6XYdU5jch6fiU0zz421Li5gngNwg3FOVdZzhdrSiWdjRUFCJEbituyvs= - =Msjh - -----END PGP MESSAGE----- - fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55 - - created_at: "2025-10-20T19:03:07Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA1Hthzn+T1OoARAAlYlRUFLenIg5rQuMsq6Qd/3V1L+EomZcDTeVWUlvNBhJ - wdh58x2OqaXRbujPT7ekJY1xDg3S541yG+7al5eR3Sv4zcE5ZgNoM/rY/Ik4hnWr - 03+a/jIRQxoFeIVKAhAMcj9hxjBUCaQeNwvfYRrkWRC2fKAe9X26oTRlk0oEobMI - 5EZTi558D8ZVxIlK+LCBk5jGFepGkts0FlPjzH0+S43FLtFOqRVV5UGGahbUZ6aq - mF8ULy6+V0LxIqOaDYRwfUhX+BvPdCiBRf14yhkMIWKDpDa3lVuKWAzSF/CKk2z6 - lO12dlpI3+50zwEuG5hyei0UlMPV9rR7nLL4kG7cjIaJKCeXtbgt6Qf9Ml3uAF+t - xBjsQmnPstsBJZlj3cBlo+U6RKktkfeiU2Fg2OGUxf+iER6rBfGwBiPLME6RPiXc - 26RiEMMyIMqzgaM+2I0GL/cMEcsYj3OR/Q3q34EIFFTQXjz7dsWFjuRIELg3lxB2 - hNJfn8JnDYsP/yw7GMZM9TQCHOcLL2+vzh/GhIy6kBEeI6DSbnMR92REezSUclHi - g1292f8mDidAmb7aVFkMPnVkTFrriKiXDMO7Lh6qkIWmnGfcecsLONGif2olW9e4 - /PZb4d44UrHdG7FIn+iuTqWcwkIY0AuOZg0eDa6qi0pcePPG1IaGnF34R8amkYHS - XgFP1eurU9GajS2HDU5Ghd4KMFncCiibP5xA22inFdGwHK0Rc0JH5LbOwWugU/yC - 5a60wP3Sg7LIxYriI4a4kpmKpqE7+ZhfuqQ10wC3eCXmca5bkqIOFd91X7gfnFc= - =m//a - -----END PGP MESSAGE----- - fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD - - created_at: "2025-10-20T19:03:07Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA46L6MuPqfJqARAAlOnbIDuRQI95foLsmVkTz3iBPoAGWP4T+BmwRXbBzchI - xnb2bVuSp2XS8ndofmqwPVfIA/XzQeS6+R1wE8z7IxBZEr25Oe+l/vnz/iIHfoMy - LpJYqP4dAMf/VLQ0h2X/WfN0QYkxbBEHj4vwR8NIjYxb1iygIcZuBEl28/ZqNAAs - 0CogIZpD057gX+SUdnL4HmpZJu1VcduOxEQq+4TBZELPw7yQ+obCtalncubnXGOh - COyjN4DkMeLNyZ5B8JKnsCCEzssn6/gI3nNzR8gTozvVdiPqmItix/lWgNZlxxnD - yxHtqs+RRxQrZxMBrVo7Z/2hNm15rT2XmpOYvs6eIKn0NILs46erKSFHi5Vbgu0f - rNshtzt8zwPsrGS2gyMauXBq4vB11hXMuOS1zgi9gA/mIzGbLLPl8JYVKjpZdRXj - BelPHOpEVEI+6Rk02+QuEGjN5XJnnLOshEt7Gg+be6APCpDsf9KhoxIPeG1e1MV0 - W5yfykmCC4E059Q7jJp7npNzAk8Xnk6zkScUT1zibXi+DYcaN3sSKqB7UgmjpqJ6 - vBn17pmhJYCa7CwlJif9abliw6mHt5qN8Xrg2064I3cPwJpzOSaTI/G+kl73Wn4Q - x4G2l2XTHAMnvAoL7I4r2F0I1MpmDiubj4BnKp3/C2YhICDOpsCE7e6ceuYI4HHS - XgHNkVi8iHF/02oV2nLDAfPASomsCTDQYRE6/dLbt4d38BaGJ6iIIcNMxGbUByMj - nAEWtH7+8crR42yJp/OxVPLlXLHKoDEd0IydLpFl9dnsaYAqdPYUqCQ8merJlPg= - =5z9a - -----END PGP MESSAGE----- - fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A - - created_at: "2025-10-20T19:03:07Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DQrf1tCqiJxoSAQdATdhehHCg+P5ryd+GcDKRDMHgwv5c88CHXI+L/6meUSEw - EXNK49Y4NeLrDllZuDdS8Xd/U3BJtdw/Ef744lhv/CvSCEIBOVu0n7hsHZ6E+MQd - 0l4BFNDMgxj51IVlf/vNyWKHrcf3iYLLJdDL31sSHiRk/zTElaM2W3s2zujSOgiB - cveF2p4/0TZ1lt+kzSWPdKZ7gixngC1vKtb1uok7sAzStAM3wdvpBjvouti/yduQ - =Nvpr - -----END PGP MESSAGE----- - fp: B71138A6A8964A3C3B8899857B4F70C356765BAB - - created_at: "2025-10-20T19:03:07Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DzAGzViGx4qcSAQdAVM1+fV0H62T2slKovp8/rIF6CBYl28z6hbbAyixUQFYw - 0qeyMu6ujpCHiSx9xps+FHYONtfEcjxpZHPk4C9fP6h3D+l4xnfGtzVXo7t1budp - 0lgBJZCP7JuE7omAuo00L3hjTSaYpa6UWE8cZEbwkOGsm47m1xzMlEzSExBZ61wj - dKkSNVFLd7z/5SlKFgFJgbgwuAl7umjDVQjItyrqRNnhuPBUmZbYBEEJ - =Xu7e - -----END PGP MESSAGE----- - fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD - - created_at: "2025-10-20T19:03:07Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA2pVdGTIrZI+AQ//R6I646qRFql6ouszDIf24Jc1HU49sWK00jfEgfDAMXVX - FcHyARVKbjq+4Luzf0ut/KrHaGC17iEcohvfaWVds/j8fOA40RWXXG5wkiqmrXQ9 - xgPpV418jCpLhrE85W5emNVH8a0sX746sulslm5NhCBbYsKgmvWB0NW/kSmPBAD7 - xnx6ZysaDEt2kgFy+GhCBMjm+WUOEypF1xoH8YlOO8rtJPVwTX3QPkgEYxrEtloJ - T7cScRPJo66y5ne1E4FKFUApH5cDlD4et9/TpJKR76y1hml+geCM9S7oOD1LmHIM - PxQFfNVL8/RWUSxNtkA+4ixlERitMbW3x4rqq864m1MnZEyYGOiUgF4uU8t7VruJ - bE+qbqOdy+HROi5vBgB7NZ3S1k7iBweGll7xcEfRHWd+lIunezzb/V/lJoShuSBL - WEetGEijGGDLPwTWG2ZSGQQsrPZH0VoA2rRS/aZ75Bau3ctIFAEPuNLS2+AnSh1C - hWMCXsGu3JVwq53TS0Lg5scquaXWPcuEQPJ6ZEmQOGfq+zjJKCp0Wq3W1GqkMAR+ - 9WFvAeh8/fLFTuDnqGLqHoeO9YQ3AK8uraMRf+hVco7RjXOAYks1JvbGDCijlUhv - pUrmkELbYnZgnVvAy/uwpYhVdJkQq4Hev+ELFFfTjcX5i3lO9V9iZJ2UUrXj5cnS - XgEBs+srIKZqr9mNQlfc6t3+JfaRtRPs5ozaSgJIJx+K9x2e7Guci+ZSAoEP7kn6 - 163uoxaZiP3W7vW/fVe8IDnPsPAc2FuvI0MbpDlEmUcoHWU/s3aY6foYtwg+w0I= - =/9CT - -----END PGP MESSAGE----- - fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533 - unencrypted_suffix: _unencrypted - version: 3.10.2 diff --git a/inventories/chaosknoten/group_vars/all.yaml b/inventories/chaosknoten/group_vars/all.yaml deleted file mode 100644 index b8f13d0..0000000 --- a/inventories/chaosknoten/group_vars/all.yaml +++ /dev/null @@ -1,16 +0,0 @@ -# ansible_pull -# ansible_pull__age_private_key needs to be defined per host (probably HOST.sops.yaml). -ansible_pull__repo_url: https://git.hamburg.ccc.de/CCCHH/ansible-infra.git -ansible_pull__inventory: inventories/chaosknoten -ansible_pull__playbook: playbooks/maintenance.yaml -ansible_pull__timer_on_calendar: "*-*-* 04:00:00 Europe/Berlin" -ansible_pull__failure_notification_address: noc-notifications@lists.hamburg.ccc.de -ansible_pull__timer_randomized_delay_sec: 30min - -# msmtp -# msmtp__smtp_password is defined in the all.sops.yaml. -msmtp__smtp_host: cow.hamburg.ccc.de -msmtp__smtp_port: 465 -msmtp__smtp_tls_method: smtps -msmtp__smtp_user: any@hosts.hamburg.ccc.de -msmtp__smtp_from: "{{ inventory_hostname }}@hosts.hamburg.ccc.de" diff --git a/inventories/chaosknoten/host_vars/ccchoir.sops.yaml b/inventories/chaosknoten/host_vars/ccchoir.sops.yaml deleted file mode 100644 index b6a907a..0000000 --- a/inventories/chaosknoten/host_vars/ccchoir.sops.yaml +++ /dev/null @@ -1,212 +0,0 @@ -secret__mariadb_root_password: ENC[AES256_GCM,data:bevk9PiMUAP0YBYqpVw9PLEz9ITKVRQ44Q==,iv:Qjr3pOWzcDWUpJAakrn31OCcvcaciJLgS1Zp+YZPWPA=,tag:DB1l6lsy+aHa+U+QLAM3tg==,type:str] -secret__wordpress_db_password: ENC[AES256_GCM,data:QsvJ6NH4ySsfSsP3pWEx04vxjIph1Wk/jA==,iv:AnocV/jXawXPxQ0dLSw05b38ULQuU/RN2G21/1GpTmo=,tag:QlSCnuaQxCmJ3XO5jjX0zA==,type:str] -ansible_pull__age_private_key: ENC[AES256_GCM,data:D/DuvRa02zvwD9+mLzAWBFF0cZOwMcidGvz8hTYP2QtDAMUwPhcG7WuJdHDY52eZpeyoD3zIfd903n1YT+tNYmWe0Y/jFbunyOw=,iv:apgU6HqH5vIfi7dIPDTUrsxirEeQw7GUJSaM2AAbZwc=,tag:RdvtS2F0N588wrmojKZmQA==,type:str] -sops: - age: - - recipient: age19rg2cuj9smv8nzxmr03azfqe69edhep53dep6kvh83paf08zv58sntm0fg - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKVlJYaXNVTE16UEIydGNH - eE9GRGNscnZTMHJ3YkttVVF3aFRSZzdWUmtVCnNhYWh4RnVYUVBZWnhwRjYvR2pG - bi9kRUlzRGtucVhENWFmdVJwUUpiWTQKLS0tIGYvZ0FtSXErdVdFVXp2Y1dKbkVY - amtOS2g2UGNkeERIbmpOVGZRcWFGckUKkwNAAKfzrXq2Hp4bveIGqDJGEcfkec3H - XO73uTKSFAOs1vevdhZqgz+xNbLRo/0ALAARZGq4ULhKfX5eTEo4gw== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-10-20T18:55:05Z" - mac: ENC[AES256_GCM,data:2psRwsVlJLLhxNJq5ilGaQ+q/07eQKQbxzq2xzM+HevwwvhMAeXsHnn8kkkP+YOaWrkv7QLQNnjtpoV+34bF+8OsIFlAp8sZRNGyKdJ9NVAY53EhWlabsLP9rXN2IC9EPTpaWBI5F++LEFNHhc7mpfnC0D9fJZd5AiiNO0ARVJE=,iv:G4eTrwBfrlw8FTrEDm3pSHXIoG+8qrfXxAe4H/UIb7E=,tag:BilFyvyQspxEeqT7FDbw6w==,type:str] - pgp: - - created_at: "2025-10-20T19:02:44Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAxK/JaB2/SdtAQ/+KHJ8ENkANIBaQ9Xh1qXP2d0U3NlLa4pzH4c1/Hscv8fF - yKjJgioDsBh0b3zTnz/kimnmoOyLZ9GM5QYPv7yqyd5CF5uZdMjnkpLjdFxDkmOu - vK3BDDjPPFGBGOVdNzTZQQGQ2B74B7IB5smTFjY9/BZcRdokM/y7kAljxXvgIFMV - +B2+0hsTgYJVy3sK+gNBzaJiDzWGgXW7lP58Ulh3kV8rNgBau9ur/kh2CDW9VSJq - 6eWrXHne2I0PAbkqeOq7VZiOL1BcGUFi6n9XG3tNER74J+ps4yq1/QIPTM/xfWjd - 8wT6MwDczKxgcnCD1Iyl64jB0r/DAim7M8fstR8z0SgUSi76CIE7RejSeTx1y9kS - cCAsnqAwhOuO5WY4J/Mcq+k7CwwzxF/EzBklYE+ndAFbp4cvU1jLqssgXeh80eXx - 4eghrYA2Hm6jXyCA6qiZ1MfTNtLv6BPPyFcC5TbDN07m02mo/AblR2fnkM1nbH6e - T8UTvevCtzNJrfUb/IErOu0dsy4yOKj9WZhrYc7WbZQoKGbtUFG2HP1SXP71SPgd - Obzm+Iya1TaegtiDc7glnhQcJSPpwNIU8VrrS/KPneIle/6R7MAdtwOZ3f3Rz7sO - KZ2I5vTCMh2UWQ9MFHGtDvkXTWd6PvjCiFfySfxpi2dd9JyD7QM5g2ef9jXYUq3S - XgHflGRyTFphfRa5rqxOa1CQnP3+IzVt6v7lkcsrrI28WP4peq6gyjuJmB3x0NOn - Me2tAe0iFJhWyJRp1eSF3fKETbE9VVhrrkLd7pfCa3pWNRXi/P6z1emcPFO3U+Y= - =uqtA - -----END PGP MESSAGE----- - fp: EF643F59E008414882232C78FFA8331EEB7D6B70 - - created_at: "2025-10-20T19:02:44Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA6EyPtWBEI+2ARAAi9TKbDyjuz2CQCK/mAEBst4h0gARRT8nTudG1oH0W6ic - 0T3CK2pWuBS7ZkNNCs3xoHXQZfmtmpbX52V0m3lls7Ev3XmWUPq1ig1O+6fS1QAv - I0+zxRYaRX+uMOBvI5Gw0GZWadTF3Y3IUDiCCGGAJWWXYS0DlTbZvBG1Xjv1Pjem - b1VGXriqt7TC1LMyEwKlQiR9moUjAT6GrtSaC3cvKgWQ2h1zpXIb7o+ffYpLl6qY - 1KiTLHXe9g1K9aO4R2S38CETY/9u3Ftk1CucIbqshQWnDLldKBEHEpF9oX3k8a57 - yvcfgS0pUQVJGKsz2k/NAlUuf0p+oMDIVTEfx9ELc6JOTff4U0feC819KuTe34Wy - BNz2zZ4v4w2reCO/RL4o78wPpd/gHp3yOeLOvBFoDJr0PXzchi/KMcAWclLJNyh4 - L38JdNJL0KDXhRvjFlF139ZoNghP7gvaOhKbztIAtM3BSGjJqX5+mmBCKcYLEItN - Q+Ij3m1cKANajF84Dd5lV6w7FHiTplEDmSO1NS6Norv+4Jc0R9Z1uOMRsjX+W/va - cOUQEn9KYMoFQp1uY+OZBZizOZE3EOnUNbXMNbtWtjOKTwTn5cWyBX3niGqSuHaw - a34D7SX4AO7djrHDkY67t/yE2ZaOBEy31ZUyFmYnDgSApGnnuC3EE7tcZMQsShrS - XgHz9tgI545+6hUHe02hSWemeev/evymzkKZno8jj2NN+lT1fDaGBsytqvOb3i+3 - t3MXPNpZeAj0SE9FoUblJgabrVlVT22mVZUDzzT5IUaTFB3PLJZ20kDxVwZ9DcQ= - =M6QG - -----END PGP MESSAGE----- - fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC - - created_at: "2025-10-20T19:02:44Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAz5uSgHG2iMJARAA0dd4OK7rynEz9Txj8P5oN0e6bMFEMgLr+vGswjmczZy/ - bkE+x3SLLS2K39zWJb2Jg3SM9AV77eZkQlsjG2DEdlhvCLniBdJGlOtVRKKYTq00 - siIymRi0e7ZcDLprGQnEkqv0TXxrhcW+YjtuqitkHmrJYrySspMnjqdoxz2vc5QZ - uUUtrRJYIb5UgO/L+jn4CugoloPXmJiuGAKyzwUgPiHEGm+il+/buOwM2RHEvaZj - I86lxYImSlCLmXvV6emte08eaasP8eSwyZVBFPCvwEsYCXKEiySifd/JRXX6xjh2 - 61YM57SowmKGuuX1iySYyM+wB/Q/v8oTbJAcZ8f62V8PkGi89Yt2HmzKIMJMvlmx - GT7APrldNE31mf7CYccsBw8smZaec5z7maXPwCSMH2ufUYp7Vwjy5dYpcZD1jPUv - gAYfBIcLzgrhTB2k6fh5Suqn8gbF51xOhl7dVaFABH7bqn04epUiFVhIVE8hKdw0 - wDNZataAkVnB+wXM4NIS2i/MGbZ7RUwOaWC0+fwXMRhMPVWnqlY9FV5kBKEFRacn - pFBLwmfcZIeO0kNq7KeF4QoYGV3jm5cVX4Ah8LCAy7GqwpeLapx4VYiuDWtK/QPA - ajqHeM0BPA6IcA9iShRj8tiTRU+VSyU0+PaWKDdkNBNngRx0unRaV+pEq+Q0ZeDS - XgER/b9ENkhrf17XsIUWF6ifNxGTf/KRhZ0HTKoI+t94ZGXSWR0ZHsent29LcwzD - ZiaVGD5vZ+lai39UqCFhuySw39uH2O8MSvb9BpZN51xo+XaRoejSZvZysVo6FKo= - =cdUW - -----END PGP MESSAGE----- - fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5 - - created_at: "2025-10-20T19:02:44Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAw5vwmoEJHQ1AQ//bthRQejszW2v+xe8OsL3doJ3XcAOBVpjhgLDDxq9Lcqt - ewqJT+u4V0FTlQKRca3auyVIKkPX5lXUQf6KnNkmqmHQRpS+APyl4jagGA5+U8d+ - d3cWfYn3b+tB2GCw4RpxRudlDZozE52ZfNbUjaEMrFrpZVBrWevS24Ql0CqWqQ2i - 64HJJnkQwQ6Mi6BFIgxToWH/VV0BZdd70QdRKfNVl5thcoxa4GAhrS2e3ds0KpZL - wIneNj3yOU5hHfSJH8mZrszZKUeKZjDm6hjsZ0HrbS7e+7xD9zEIjppGUq4Tl69p - pVDCZouevY+rSYMWi0yeb4E4kknnJOwJ8tAhkmpriJTRS+K2+7p1jMRQYAqe4gEk - sIXCwMAaDneQyleiM3kiyA1Qsh/pniRh6k1H9qzmvn1ELTUe3tw9A0sOb/GCD4So - ypVGLlJe/J1/oqhF0uwUMYVBt9QvgR1w0ZoPWBwiEG9Y+uJAimGf6trRTeTlpOF1 - V87Ok9XQNyV2vQ3mzVQ9JK1tNQp4x84j41h7sJRfgk52k8ZKbJT9baPUXcheWiuz - nYkdrOo65rHq6Vnf/qd0cZIhMPmmsk8lb++L93X7egEOeOMFASJyunClP1uZVGuo - GlGUycvy6VR6vxC+VPL2ZB4pIyYasIInDGEDx11VOR0l/5Hlx7XEv/yVt0AQ+xDS - XgG5V5kJKqgkl94oW9sF05izRA0gS16HrFDZEXNyw9Uz4AVwPNmsryWiQ2LgLVhS - YO5NLAttl+AiaBrXbcAZp/O/trWW9q4D0752tFTxhPs75Xo7Q7SabaSTrFqzCUM= - =3aWX - -----END PGP MESSAGE----- - fp: 87AB00D45D37C9E9167B5A5A333448678B60E505 - - created_at: "2025-10-20T19:02:44Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DerEtaFuTeewSAQdAP7lfX19jnpSpCRnxmkCi40V9p5bb+kEkaOB9FgDAMDcw - oKaSrWVj5bKUaR5PlCTsEHpUEbrMW+9/tGVxmDnFSVao1yAk4hgfPpoFPekznc1v - 0l4BTiP/B0V4HlRF3Q9WGYUjAZ0zNmldqe2zUVU1sG0DTc5y21jio+vf7Fa+vMiS - hZiAVopN84wz36065XEoiUxuOsR6JkUP5Y17IgpYzJQ//iK9OmN1/jhh/Ccb6p5w - =6L1k - -----END PGP MESSAGE----- - fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912 - - created_at: "2025-10-20T19:02:44Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAxjNhCKPP69fAQ//YX7mBdQg8yO1DknAB0H8DSm3sx3W+cyy+NXe6jYsRitq - Z5rztGA30GecT4E7vZKtQTqBzPe70R/Oy9m8KwrPpCDoqZvb3cBtWa9XV48D2BYN - 0eT9oWI4Yomqix2upXlBqzleJ9Lvc625Ib1lrggHzD6JBJ5GpcU6ovBsUjIRBc1/ - osWOpGe6jQI/8o/rL0zy2713+gmSGI4zHXVPelip3aucC+7AvbdMnjT4/qJrrvnD - QQs9Y2oF/YF3K8kowsXBRM6qQZiP602CVgInmuiCkubSxn9tTVlHEWaAGc9okWMz - kjb0M7s7SYgIJGOfM+Wt7eqODg/q+dr2LRN+9swMVNA5W9XDpEExf1oKyxbohiZQ - R8IgPk0X+HhaO9hAw2PH1K9/sT/NszGDBFH82Vc9+e/VpTKHmWQWwN7xK/31AtWB - VsOjLQq9YIopoFltYYQBtlm/ygLpGFgq6NHamdMXXecVbWualNYYVTIfekzejDgY - RYo59hnI4Lb5ajylvcqnGaCQNG2OkqVOVUX6OMnQ4wTp6/VfSzIXN0os4jpMbb0A - UvdbuRYA60eRoCfzNP0s9orhbJpdFW8fuM6VqLJidR1n/Ebszz0ixH1UHNQm62Nv - X5DShNQ1Q62ZFjKSb9nspM2FhSkBdLHX37gNEUjUvDKLOtQXcs6E+JJDr+n3a8vS - XgEQ7R29Oc5iiOGboyrUsEd19GYrFGuo5OYvV0he9YYXWTTHIDFKkewJksBw4IB3 - uqZMN6SKUTxZp5yeiAcFo5R0PXfUEGJ9Msm1WSrZBamBsga0EOwBLOUxkYPBBqE= - =Wp5w - -----END PGP MESSAGE----- - fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55 - - created_at: "2025-10-20T19:02:44Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA1Hthzn+T1OoAQ//Sq7PqpXna0HA3KyoMZ9BIfQA8wsD/NYVS7bEXem7ORy9 - DSk2DNJclLwL4JTTj1pKjj4cf9tNz8hkku5ZPXKBVHNOzs7ss0HfpwxGHhw5npFx - IrydEPVgbHusbtLBYHIxwWKTHjX43wDEm7oY9wMHe8IszlwvnmozeBEWUaV7uhpG - 8UXqwx9UKzKv958NNNxqXvbwIKGNW8eTyHa/vtUvh5mNrW1zLhg2E5anLX+M928L - +TpwEs0ioWrOlbuZs6T0NmcUC6HdtkRJIjTWaq1pVD2dPZwHJpKbOS0kgzkxZ6/+ - 4Qudfu3Y6F1UgA6B8A45FjwSVIN+Lq6FKQvfS4uG1ida8lV4mWQllC9FYinFEBJg - XG7/uxW/EU+1YvcuS1s9LzrQxoUFO9fvhgSgzTQR8tsO2VW9Gp8FkAPDhihHDfgx - qpSF1Al8bMZCEWOSOHh32b2z2e+uOX6wL7bNdoL+/RFEgG/iNBKxCsQq/PZFl0qe - 5FFP+jbB7Ju5htsJtlzJju+07Aq7KNIjSgWg6T69+S7ovTvMQDud9WxHCc1Z7vaV - QpCMzMjrb+66rozEAUl3tttyd+N8JqWSSA8xI/juTfHU1+0WASP81Yvpe6tIp4A3 - 1CUBFVNl8XLI++WJNV+U7Ld9/+7jrrRMSPGY3zw+JzOEJJu4PDSVLEuLrKiWpCjS - XgE0uQG6Q/knk5rCcqcabEUW5YTH6eNg1eIP/95kbinL0Nt2mK1f5p+1VahI3+Vs - 739/t3RU9fhCEXB9fZj1QDiUiEZ+prHB43J1Y+MraU26/YUW82qvlgytmSg7+Vk= - =h1xt - -----END PGP MESSAGE----- - fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD - - created_at: "2025-10-20T19:02:44Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA46L6MuPqfJqARAAnNfcfYe+6tdLO/3YOkOywk3D8VKIUamqTqu6ECWJAvQP - G8HTKTao/5M9yuue1guceE81se9kmw1sPGgKizOUln8k2Spf2r5wBRKXZJuaUBLj - 09Otl5X8vP+aQ6txmw2mu5AnfHNMIOLf5ynw7sNwsppdhWlJP44uQ/IVM6D6K2v6 - IMUQVXQkJNLkYFjA3vHjpj5B+Hb3f4lZG5jmPilmLHckWyYXXkMiLdkIngzMKXu4 - y+lMTYwcjVWWF1O+DxVM3IEAKoBZjCUL5JWZ15/V79KkJTvtR4WnoRAFbebZ8eKf - infJfNh4IwqmnlWiwR9Ur9HQDt6Gyb7VC/OdyNj0aUX37DHvP5hv+cFYvB764+9a - OwA6vRpJ9QynqMdJo8LIysw0Xu9rTDy4Tc718XkMg9sAYWhne9/h19NHz3cCyz7c - OOLlT/khQSHzKh9RCw+4Ql36EJe/S+v2o+aH67jM4PKgqx06A01e/1wbSfbHT099 - tdGfyy0LFyJjnY6up5OTYZReUsG/6HxkDB8xk8nyrkQIzX3N7+Uzz5gHGdQv0EsW - AYGY4MwyiP4Dd4bY25wcMejct+0StlM7w3bE7Zm5S3rafgMycl4ZqV1WyrF8k2Yi - lR51WdB8b6c004/JHJtELYbwr44ZZ7mv70KWWTX09fTP6AaEi4Fl8fA8RoNzp7LS - XgFEPiGH2J8bWh3B3GxpZlC0B5QQbFtj9QWNNwxKl22gGMQbu46PQPOPqVgXnJpV - jU3MOjGW7JOdFfvtW0HDiPJcAlJEwt0XXN1y+lCKMSAf2Gx5/3+4DP0ZwOJKGSs= - =Gpaq - -----END PGP MESSAGE----- - fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A - - created_at: "2025-10-20T19:02:44Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DQrf1tCqiJxoSAQdAArcUCDD30QwF7maUAmX29Aa+l1T1/6NqE5+0niLV42Yw - sjGl8g7yW8A0vLBWXP5nlVvgwK1PoE6bef77m9FozDw3j2koG/gt80tqgG1pCiUA - 0l4BHZuEAaFjgG2AhZSzYj7OJk09gGEgvGYPDzESYrwaUgTCXO9T2HmhwR0Mr+08 - sMrp57xGYY/J/pw+vYNBNjXxrfKnr96w2UfDPG2U5P3qFugUqzNsIImeoxiWD/dT - =MzMp - -----END PGP MESSAGE----- - fp: B71138A6A8964A3C3B8899857B4F70C356765BAB - - created_at: "2025-10-20T19:02:44Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DzAGzViGx4qcSAQdAa7MoTcb6GvQid9iDS19VWCjRamlLSaCiEqs+OnCvMxsw - vdFUC4txiChg+CzeIKC1wv6AORdRRGKRvav9MZhO1rX3J4PKVkQ0m/E9jmMW/LLe - 0lgBc+vXNMn4nF/vqolz+CxRFpDnCKGyqF7iTqPbW/3yF07/mTe5aawHLrnrL2nL - AOzEYdB3e9Gglyh/beUiC6KTCCeGWjSTPHskXGU7/e5Q2mljcy5q+UFp - =2h8E - -----END PGP MESSAGE----- - fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD - - created_at: "2025-10-20T19:02:44Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA2pVdGTIrZI+ARAAqV1W2mgHAQKKvKL80HB5oHBo5DRoDkRaYlIQtH2HetJf - pHrIVXWskAYP439kQDUDGhOsQszJl1O3jYnuiM/lr99K3oNNwjngjlb5IloGZbG7 - F4doJc3l6HWE8kmvD2frH1NBVB8yLVbUW153+oors2KXX7J8IDSR6FcYlvnL5T8y - 82LC0IJOE05rHyVngXYJUOz1JO5f8Yf8V5fcltOa1IX4dJ4vG3kJEtV8BTWL9+8S - dOhwXKkM3AhN022BXkr74bgQmgWNDcjtNJuSxsNbhF9FNJbjkAGveYrux1lFR5/Z - 8myeZTKfe/OoCG41BvgZfFch4hDO3KUSaRg52sveqzPayDjW82wxHvBL/WQXwy3I - 0CZMAC9t061u+iYX7GPrVqxi34Vs91Ypjd1U1eUZaaAjd4aabCdYz0HlHy+eKW9j - tiQZM8zvi/R1svdn/HdC+uh03uZ8i2Vf0ci2EP+yhcO9fvEEd6NJ5krm6AHORelI - hifReVMZ4HW/y3HcNwPDF2TvxCKMeYuzgsicbU+bv86z+pVY3Kulk7efxcfgrcPP - l6ROfasoLUOAEvGfe/N8qTMexV53ADHhCDcoXrLMLkVX60NmKhg6EcZ2HQEalOwd - bndJuMMu+nW+hVmUt0pp2i1vytbg0ak4qyqtNa3zMgkexZQ5SinnpwcLvoAAfPnS - XgFo+F8mppMuJXm/GarENxvJU90pl02/iJ5ZvYKt9BZqfDqCWtvez+3i+LTd1Piw - om874prhdrpGKucYd9YPkam1fSBmrCaFzsCLI3KwUuvTpnw7YhdemWeGPDidGwk= - =Ttu2 - -----END PGP MESSAGE----- - fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533 - unencrypted_suffix: _unencrypted - version: 3.11.0 diff --git a/inventories/chaosknoten/host_vars/chaosknoten.yaml b/inventories/chaosknoten/host_vars/chaosknoten.yaml deleted file mode 100644 index 1c8fa93..0000000 --- a/inventories/chaosknoten/host_vars/chaosknoten.yaml +++ /dev/null @@ -1,6 +0,0 @@ -# Used in deploy_hypervisor playbook. -hypervisor__template_vm_config: - - name: STORAGE - value: nvme0 - - name: BRIDGE - value: vmbr4 diff --git a/inventories/chaosknoten/host_vars/cloud.sops.yaml b/inventories/chaosknoten/host_vars/cloud.sops.yaml deleted file mode 100644 index a05d7ef..0000000 --- a/inventories/chaosknoten/host_vars/cloud.sops.yaml +++ /dev/null @@ -1,213 +0,0 @@ -nextcloud__admin_password: ENC[AES256_GCM,data:R+6uuaDeQWSgtV1Cp7YWZvF8LYOIhoz1K7WVKerm67NLbLRpD9191DyQH13v7ZQPvIce3JzyrWqoyQigJQIQqA==,iv:chVGvTY1Ge4OwrVbFkU5IMd0aac5HqslddQEdY8F4Es=,tag:slmFXStGVf6eJdPFplqKjg==,type:str] -nextcloud__postgres_password: ENC[AES256_GCM,data:GIWhmhiDkOC6mQAqNe8aKQ2TpTTYQJ44jn+P1hnpAxstAWLUTJZdxE2DHdjhZ9tV6kyTb/GXANn1UtgFzxczbw==,iv:lhJAZF4mJ09jVa5DxtVTfMe5FqfjpQojrI15kYuXI6o=,tag:LvzpBXbBQtNvEnCDNphUqA==,type:str] -secret__nextcloud_smtp_password: ENC[AES256_GCM,data:9UI+hMDQqM6Ui02fpdscXj5Q+XfN3t/g1MUX4blqd/egoLBtq8R6YpdK8wf6heqXUck6VVDgDLFnpfQzy0cqzg==,iv:dkTN/pj0YhLqEw6Sp252bKmnA1RaF9wfoDE7naGN8Ao=,tag:1Bg/ZoCITh7S9Ps617DKTg==,type:str] -ansible_pull__age_private_key: ENC[AES256_GCM,data:vVTf/4AGnFFWK9W3g5RMeTanmvLmz5NJc3fKZmdm+jALM+sINWbWMXqHj8brb1i27WSotn1bC4RdN9HVvDlhXQClbiYa05yESkA=,iv:PtoBDeh4yxOOHnzK6uEWiqx9ZUCPAkxOhNwcfnRxjm0=,tag:8zoMw+HtxyzqSS5/E6uOgg==,type:str] -sops: - age: - - recipient: age1gdfhx5hy829uqkw4nwjwlpvl7zqvljguzsnjv0dpwz5q5u7dtf6s90wndt - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBpL1lWRStKNE96SlFhNXNj - OS9pTnc0TEhMNi9EVi94YXYrOEJMTkZMbTFZClMwc212dUFaTmV2TFMzZzBFWjIy - L2FvUGxnc1JaNUZzT1dtL0ovNXVWNjgKLS0tIEJJNjRDR0JSQ1Z4Y3oxSWNrT0Rm - cVBHL0h1ZTBsNlNJcGV4MUlDM2s2RkUKi/PK5BgQoOhdi7TpXDEdWVpFDxvwrp0t - Xw7FgNhb0tWFWIUIsYbnjw8h6cnAAwpxjpXDNniXkNNFJRJ94Blgxg== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-10-14T23:34:26Z" - mac: ENC[AES256_GCM,data:wPkDg2j5sKQqpgXGzJmXLiNbko18FUWKbNoVIWoyj+rtBUiWkBVRBKwvYgt94PIRPoDKumJlsuer+BpQKjCDjVc60lxFFcd2saiiGQg1B/9VrHh0iPD28uNayo9fDxBIYmcx7EZl/CoOAIQ+eRFJ8opQe7SsQLFnxt7WAKbYWt4=,iv:1LhnLySBQa7dNPR3VIelxLRLHip/rtiMOzlX87kJ/1Q=,tag:BpowDN/ZSaeUOldf+FWaNg==,type:str] - pgp: - - created_at: "2025-10-14T23:47:02Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAxK/JaB2/SdtARAAlT+0pZifDkjCvoIJ1mMxZoNCxn5PuCypg/grqzn0zPXI - KrF2r4y5pQgZTVqqlmZwlZ4IfBgaAlnmjqpD/WZ6qOTcxt1+DS/w0222tdRGJfKH - t0LgKRQqD96E8Gb8z4CfqnSj40HYuQF9xjrKbvjFemDJ9OmB8a2YXUe9tAE2Q2jm - gjD52gR6645KiTF6keUfQbu5/8WbPjlHldfxRBaLtZ3g/y6SsET6tKzKDtUuyzCP - 7B1KlTpCWjEiyyUlBxozVeEJNRIFqjDmVn8kPO1mfLDkJXtxSZJQEz9y2OxeEAb/ - VVTNTGxbNn2OilUgCfPH/hytOqsQWix4Y9+ObdrzKGtrHGxAn7/9B4wW/mWdAjU/ - jOURc22DKSBJ6pmveX/8MrV1AA/bLMBwtBauJlIGoCCDrOXL4ZeOdgteaVwQon24 - 9pS5PYjftIV1/smIg7nndXnmG2eLwMfNqmhp5klBzsrlCLlcEWnvu4d2trSIdCdp - zusU9QT109lab6mhspckZSyneNpansXU5ZMN9uB44z6g4uWC6rkMlo3AtTjlDk+z - SO9TWT5dCEvMPiLy6YyRTE2GbsLEKVb8rtoe5yNDpoxbV1AVno3zc+nIZNkOtR9+ - bHnMGtau1zXVGhPiVQldhRuW0MMvD9GTFIUj8/0sDVsQoc5pAIBaKrWorMn2wPPS - XgHjqMwzlRMEU7RPTDkVrp5IquZJpTkqx1WlkNYi/uCcsPscLHQ2MSH8f2+n5isv - eUTiotRZ93tRaNJXjRauCEwONZA7LDTa2ESuRY3+MBvNr5JrZvcTMV6VfJBredo= - =o6S7 - -----END PGP MESSAGE----- - fp: EF643F59E008414882232C78FFA8331EEB7D6B70 - - created_at: "2025-10-14T23:47:02Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA6EyPtWBEI+2AQ//WOz287F2AbbXuxxvbB63N6BuReZdVAEdWeI6uSLa1zZS - 6+PQuQD8OrzC+IT412w+gNgsz9ZP6pQ/o+cNT7htlsoZgICE3TU6mAaN1UA4Eywn - KuqQj/hyWKVrR4Q6dniFFWWRQORl7OZrkDhG/ybeB8G8Vyi1j1a+jZp41Sen5Y2x - NCLLs5dbxXMEjpcLUogGBLJc/cW6/7O+WPxkoNIKXSKcAiXzB8DocJc9oiUuKywJ - Q2JCR7KdSf+Io+88Tcy8sd98bPZeaAJiIDsDSQ1A7GtpwIAaM5snwb1WBnaG7iuO - Hmt9SthCqaExYZGYbyN/aJoj3KB8hvTyyaUvrL7PQv5P+Jh7MDqfVcBbKuAaGBSa - 0XnrlEDVG9ZcfjQYS1LmHlb+gc0p0vn9nF4mytbewmvJZ+igUEPwMay9VS3esSeR - 9mBtNW1kO46rRJfb1v2Sx+zdl0SNGbFDrR5y+mXPpYAxhdsh9+BUom4zv5nl1kOU - YcEf2XLLt4zUvIyrhzLTbZrJOGzhIFp/KWsSMNK1Ay4acH0Y3wZrK50o5Ni6P+t/ - ENxEcAoqncnGsJ7ZR+BTFcSu9y8vPbDYnG39vDS8JNho8g8goAHwNrV1c3xB78TG - pM0i+1PLmwIzyeh8ftrB8NCyC2NyHpq+xoOsqozfdDQIhHasTQbc8KOAHzk8XoPS - XgH5pBsffUhYoibrMQ6RhweWhUhqQA7B3jLAObGe7hHzHirZdoYlTdslZ8viwzJn - tT9dJmQPdaTJmE/iLXdho79kSNc/CkKkNVLCydLiGYq/w0Apw4CU3yabHKxV3x8= - =OcNV - -----END PGP MESSAGE----- - fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC - - created_at: "2025-10-14T23:47:02Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAz5uSgHG2iMJAQ/+L3iTru+jy7PTC6+OvIxRarKgw8KyD9ankiMmD5eXkVf5 - 32w+NAWNvG0k54Kk7KKYVVHZedyy3jnFh1ENskDpkLFgtKstIkuCOrsVNl35sE6i - ZFyGWqhR/SAlZQBMuwf2oDswOF1KH+rs5Q+qdPa1o7bJYSlSLGymhaRiBbJcSVOq - do9Bb0s8laTWBV9GYwnXlcYYBpIaHahmxnb5ugHnIfCHRGnDoTUquCKoqo5Ws4bm - LU07fe06Db8C/spB1gjtRF8c26lNhx/JY0UABbV4ezW0gTjszgHCq8einY2nbfwh - mLq5cui6qrwZ09LclO2wB8ymAIy/FDNGTqnMaReBDB7ZLns44xeZOFCahcvk+DfR - PBqczaY2Qtzxn71NUOy42U8qgAOfDvz+K0vD+yqGhzQj8uK6eJ/cMYbx52Bc9AsP - 2OxYMF4+rBJ1KZIW1pLPjTSRrYMD8suqRPek6U4SBWY7SD1WUcHvNYA0+jUyJ8dN - 9NPrTxEbV0hs7xU9SbIIwcH511PzsdsyQiM6Y9v4y2AT/NYE0i+OiyOmgNVvaVEy - BbQOXL57rFZgEtWNtxjtZ6fRQ/D1JNHXSk3GfOFo92eFF8eAlpbg/ifLcpmfrRyB - aKJnSkOguUoocfsqcktxHwXt/Uj4XChJJb0eKzpS7CWrvAFrP6G8yqYLF/vaLDPS - XgF2wixNV6KXeBzp1D+JFDB/nUkGun1ISJFfXalqEzmIYUcq5V438vQaTdd95c2J - jlIWsu47i/a53R6a1q440+FdrDj8e18/7zxZakI8h2Gf82QooNjZJT0f6KI5KBw= - =gvTk - -----END PGP MESSAGE----- - fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5 - - created_at: "2025-10-14T23:47:02Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAw5vwmoEJHQ1ARAAvBkstXt9xfubAYuIUf1d1tplhrfcR+dfO/YvUIpjVuFY - l60z72dLLmRoZnpm/uTH4h+XRLATKnDj+pUsEbYazH1B+pxAG8UVamzUFy3ghNdZ - JzRxaYaRzyAytNTnQVHQedpsd0fgpcsOgyLafiQZDI6P3uUdiweMdkGe+s3yKmWS - 5pV3NTxeLl7rLIEf9F3AGXHCb50eqDpMUqFL9eMjQ2z4ETrJD+Nxo+KLi9rllqRy - 2YRq6k/Jfa1QDVagidSNg5U7EHEeUdM+95wIIuH/VPvojLuoAudUtlRAYW7D3Cd7 - ZS2El63g5EaPackd8D0WgTe2nZlf2fysnLEwf6Ay5XniaWO7/9VOs5j8clgja3gK - JHoRSB2itiuLR3kJ2eX2HEDWXFu8IaSAa/u2ccULQ0fumIosFD31PnCgzfxgUUX3 - 06QOsXyoeR0rnotM66SgSf2QiWWkQA7HY2uGLMGi8EBouBLzxKOBsJaFaerG+UGo - 1PLQq6LVofPUwJE9pskRMzprFRvNG4knu2hQo/QHVzNdLomvj5kETCLE5ma2SfQ0 - YWNOEs4m4qzaTH/Hm1ECPLpSDpYzeMQMI/m6CT3kJTtwNjt52Of4CTqYO7k6UtBL - c9vkpn+27ra42PHTyuTWK6ghWmlHfeqwvDpinCtnE8ZyQecPDyWaCCnKce6REa/S - XgE1UXBjvxLZfWJpjZBZ9lZj+AhS8lX1bKW3mv970pOZTfL3liq3rk5Sz6MyNEHQ - B/HrdWYhaSz5kme5aBTZmfCGs9eiF3dafnjHxzRhFyLNL/ZpBdDRGlGD1f7M2hU= - =C1fO - -----END PGP MESSAGE----- - fp: 87AB00D45D37C9E9167B5A5A333448678B60E505 - - created_at: "2025-10-14T23:47:02Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DerEtaFuTeewSAQdAWdOyUxkvucIvDlcvo5jU09n/xyTaox76UpEkqi5+PC4w - PT3sTJK4LhwKTCDSOKz5yVKdS6vOvCBeXRmJTitlhOUWeKMAD1U7dL5XZElQ3xve - 0l4BrczY8LKy2hnGm7O1RYBaRE9gWh0n+octU09oBszuSamarrLUfzc+mdQ6oLIE - Ubz1oIAhjTgS624+693S1KHP7Y4Rr0DmISDy0+jYcnn3ekYBWfSgvw6d3islnPfh - =MSsP - -----END PGP MESSAGE----- - fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912 - - created_at: "2025-10-14T23:47:02Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAxjNhCKPP69fAQ//RSsGf6CBDAm56VpXxAfcBM/Egg40IcIfNqRy7WuaHH3i - u6Zu2uB0/Xo0wJeqjFCQ/LbO6GNWLUSzEoLzpCxLjxUIuiv3TLGu7OiDP/QJ6igL - SXhF2KIDJiNdVug1yt6+zZWiB7VIGybfiYGb4mKz94RuefQFoFRWoT1j9g6W+tV+ - 1t+vW2XYAjaCUWq2mWiddfRohIqIMnUUK/sjfliqVO8hkBIxn4sefYl+OtYCcqsY - 9fCSZF3L8fmn7oC6Mnf/Nax/LFvvRsHYkljbrbuEymjhv/3o9KheNpB3nsbwEjm+ - K2rdM7panGgzuzWG7GxC2M/MO5T/tAZB+1nEdi23u4oJB/Qm7Fi3Oo0oxnqPCrkf - EsE9uHoYDXmCrEKGtuV6PYygKjiAQufYGyiAuqxbBX0AbmyQ8LYtZglXHfNwyUqZ - qQOjarS61PUh/iDOhNIwMp3BDwv6yrxReODB9sJ7AWbBQXqcg22yTxRMJqgWyONu - fFyWvzVhF36gdlQej4bHeafuPbL8idI2z9wdSCFrgjzEGV5GlNMvowmCjbbi4zsc - p4M4RmF4JSKODvziG7YoJr9hpmj2mpi5oQktDXFC5IjkYuHZVcDer6nOO4pKFTeJ - XPT7JwX2hPrFYY4woECXloK1FV4jBT4Gpa+QFh5Cki0KA5rarBDjzGyqT7ela2nS - XgGry9VQLN4gmbWS4nSeYUaJNRagx2VpcGE31XQOyM9sJ2yLM+J8fvXLvJQk7kdT - HSf/nYF0YJIE2H1s9pbYsGWnJnefSsFNrbwwrPU0cer+ZvhQ6todIPR2G5HQtcc= - =H1YM - -----END PGP MESSAGE----- - fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55 - - created_at: "2025-10-14T23:47:02Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA1Hthzn+T1OoAQ//QkbYp/jUkoLETqJmDtSv37Ygj1dtv/RCzXDdSYLoHlgC - LfbRlGBaewM6UIb+UQBV+D90h9/bCh2NBGJLWIEq4OWG7udNhKSCrxujYA3YoiJh - OX15U1rPhuUPKBO+ZO3rg2RcDtATSoLKUtfFRPLJv3HjtDju4FD1pF1D+IbOJv6j - /b/iygSNWBu3mTQhW08SiaRkNNe3BJ5u0wTCtgOiO1QTUgqF1oWuw2wEnSHVbhY6 - kFkSrvyca+PTIOP3cvBMS7ylyRwf+ePtJe1cBM3qAG1FIvFE9APuzz5Y9FER3yx/ - f2InZWsb2z2uU5/J0mEDVg2xy62MJkyw7yvRcQzknUwRRK173yq7ewrNzORBgNI5 - 7E2hbkyI1ILJTQVPltSYH1fL4TMlYKbaO//9kfZbVCCHv1RHjkRk07qEhGIKIUuY - x8RS6BWzJ+WswFDmmyfDu0MysHh21mLkK35cpbEgpHiVz6bOZ3ge+kRf+ckPyIxg - Ymw85apG1GCYfHL+UL3H19UoIWPWyux9ovgySwcPJCxfe5/2PtQc+sJBYiwOFzUF - OGkN/kbArwitnHBar1cDyHBfETSDS+bz09tXgbAhyPFTjWh1YcWAK6B2OWH+h667 - A0QvPZyurODo16P6+oMRef6QMwrWnRL+LOjWfakSCQmQJqNHwcCs016PMyQ+EHvS - XgHd4H9QN7vlRHI0T5jVSTD8c0EjA7/s0PSMNUxghizteSgj1o7RhtzObCRxkJlH - y6wxZ65A32++6cprIeEPkZHu25meM1At7bbZtjLqLQufbOFsgP1M1LxrkkJeoKo= - =b+Eb - -----END PGP MESSAGE----- - fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD - - created_at: "2025-10-14T23:47:02Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA46L6MuPqfJqAQ//Vngztt7hgbeSRSao3OupiUFCn/5VuvPHnj5gcMQ7VYXK - cinYGi6ay1WRhotR4qPhXR2WTpzKUKnzkKgHsIDMtWPW93Iy4/4J4g78AEnzqHux - AVQDFJdA77bm5tt1IjpvNlALazOTDrixd5AgRZ6nWknBUQcIG6z/Lf0h+71vxKmQ - nyEfqCIdQscVSmGQ1Dn/xrcVFvQdSwWV6WtzrPPHhUKs/kPCjyWa8iPnqp0oJfwp - sV53SLEvD8LwXMDW0qbLxUbSCZAJevqox8qINUfIR5+f+Lblc/V2v77JWpmMDwZf - P891B09awQfZGIUQxJ69zOGIfPbaTCBKaNX/CqU4iNa+QfmcGhum4rILtpC5rs3s - a6e1ZtaI7GvDngdU8BpIn8mKwqwwfqQXNgVjqQqEw6Plwx23eEV2iFuCzO3qgYfe - Kn1eckDQx6gsMY3JX0+8CJ0PjYRtZpZc0dBkvnkeTn97cWg2DSi6l+kHuijrkVc+ - fxqE/mKo7g9CRR0B8OqocWcsSY6UIgfSpVqoWmaXbyijw3F4ZzMzinrV3m7WrFVm - xpTVm0uZwZcceGvgfyg2gyxt69kSdWjsQom7HtwT7T5WuoSD/4g9VhGBDEgoolIQ - 1phNz9QhDIygwOfCbhC1N7wmZpzcnAm296BsvK/ciU9M0XuzustH2E5TUiK2/bPS - XgFB9Uu+yELkE50SKCwxjoedGPK1Piduqf/F/10bTIMUM6GgfqvaZ07DLozYAZx/ - rdITAdWbuUGphaW4kOCqSfvqZpWlch05ShzVP4+Th6nN5jLquSK/NBz3zpVqNq8= - =hxLS - -----END PGP MESSAGE----- - fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A - - created_at: "2025-10-14T23:47:02Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DQrf1tCqiJxoSAQdAhHLSFJasBZzugQ1XdVpqklmn/52t38wKFGGlv0e7PSYw - tHejTV4qjCWS9VG08CvdkC6vobDvnznrsxY2vEp8S4jxgUg2T/WFRb+2BOLo04Za - 0l4ByKzgXT6aoUOSyOKwGq8LxwaAg+aypQbhLZ2kkUG5Yh+uiRrc3L8yeEtMCJOi - ZgwCBsfazyjLKjOu7nPXvE8DE6HWUk6N3tWkV30t7npVDWGC5qLMAqCz2iAOOKKN - =vSwS - -----END PGP MESSAGE----- - fp: B71138A6A8964A3C3B8899857B4F70C356765BAB - - created_at: "2025-10-14T23:47:02Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DzAGzViGx4qcSAQdA61+dY2/SgWbNcLmjrIW6etaqlWJMVfXvrwi9ob1uhiQw - lfQajGEA0AM3RM6Fjay6Tv8W+WmtSG6A8UmFzxxUqTot+g4wMHFkBfL5V/iYkLcT - 0lgB8aYR6hUKci5dyPmzHCoNkeISln1L7n1CRY99GxVd/kmVZcoHhsqVIlYXN/kM - L1QVYTsyjlBJEanqEwqo9K/TZsJClVg8dkudVrZeuG51+6x77X/Cx20X - =NK8G - -----END PGP MESSAGE----- - fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD - - created_at: "2025-10-14T23:47:02Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA2pVdGTIrZI+AQ/6AhM6ujRGEaRuvGu+kOCbbY8ODTY81tVCxOlC0KZ+8gAn - CnNYbgptlt/Vv0v5z7fSW2Z2NcG93He2ozonRHm1WesgCLtx5SnMHyH4oL7qd8JA - MryMFfdBXzLlAHLzscju2+nfGCXnALEC26oV+dIEuFKmTinm3o3Mj5oGaIf06aE9 - rqWqLkmDFtTYlJKdELsnzbsJNh2bdKfpuIolDs2EcKCtm4MzGvoN4Di1JwD2Neum - nGfH7p0LKTSjwyC6Vz07V+reWgQhfqv0pEkXzs83zHOpQjfiBpN4cbfTgSfEsoF9 - jVehh/nq1yr43HrlNF+tMZG2/BDOyaFxKf4erWHBNLK8zXoqLvh8ZSd9nsWT5R4P - 3Um1e0m5wjt99Nq1RvfEiUCqOWtrF48zCGjEWe1SfU9K0r2tR/lRX+VHYJj7Sym2 - Kk38jyZNN3oVLBCzYPb5Zsyp5UBkkwago9FswmyGeMMSLff8tIX/flm+g1l6MLK1 - hpwk5hsaA6YBEid9zHSBgpIkgFNOVb+IiQ+83NeQx3yIup//X4orqLSMYCRlwW0X - 6JgZK+j/tyzkNnVTw/gNZeKfJHAy5IEvU9ufZrFe5appmfugDSp5Ks2Wck91fItu - Di+GHnxpDdDQG2rTOic30jGips+hDm/LDLXQMoFhFQONqyFI58OkkMuI2Kg/KPLS - XgGn2cxeCQkcU8tm2Ut4rmq9l1qYfI8TAPKBRToiP8KrtfFLn2444fyNmnl+6VSG - KdeGSoGBFNsMFdsDG2tSvm31D6oK1bUITEq+nU6AEM+xSlMvTjcDz8SXaePed9Y= - =nLiV - -----END PGP MESSAGE----- - fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533 - unencrypted_suffix: _unencrypted - version: 3.10.2 diff --git a/inventories/chaosknoten/host_vars/cloud.yaml b/inventories/chaosknoten/host_vars/cloud.yaml index 35fb162..7212842 100644 --- a/inventories/chaosknoten/host_vars/cloud.yaml +++ b/inventories/chaosknoten/host_vars/cloud.yaml @@ -1,9 +1,11 @@ -nextcloud__version: 32 -nextcloud__postgres_version: 15.14 +nextcloud__version: 30 +nextcloud__postgres_version: 15.9 nextcloud__fqdn: cloud.hamburg.ccc.de nextcloud__data_dir: /data/nextcloud +nextcloud__admin_password: "{{ lookup('community.general.passwordstore', 'noc/vm-secrets/chaosknoten/cloud/admin', create=false, missing='error') }}" nextcloud__extra_configuration: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/cloud/nextcloud/extra_configuration.config.php.j2') }}" nextcloud__use_custom_new_user_skeleton: true nextcloud__custom_new_user_skeleton_directory: "resources/chaosknoten/cloud/nextcloud/new_user_skeleton_directory/" +nextcloud__postgres_password: "{{ lookup('community.general.passwordstore', 'noc/vm-secrets/chaosknoten/cloud/DB_PASSWORD', create=false, missing='error') }}" nextcloud__proxy_protocol_reverse_proxy_ip: 172.31.17.140 nextcloud__certbot_acme_account_email_address: le-admin@hamburg.ccc.de diff --git a/inventories/chaosknoten/host_vars/eh22-netbox.yaml b/inventories/chaosknoten/host_vars/eh22-netbox.yaml new file mode 100644 index 0000000..56ba344 --- /dev/null +++ b/inventories/chaosknoten/host_vars/eh22-netbox.yaml @@ -0,0 +1,16 @@ +netbox__version: "v4.1.7" +netbox__db_password: "{{ lookup('community.general.passwordstore', 'noc/vm-secrets/chaosknoten/eh22-netbox/DATABASE_PASSWORD', create=false, missing='error') }}" +netbox__config: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/eh22-netbox/netbox/configuration.py.j2') }}" +netbox__custom_pipeline_oidc_group_and_role_mapping: true + +nginx__version_spec: "" +nginx__configurations: + - name: netbox.eh22.easterhegg.eu + content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/eh22-netbox/nginx/netbox.eh22.easterhegg.eu.conf') }}" + +certbot__version_spec: "" +certbot__acme_account_email_address: j+letsencrypt-ccchh@jsts.xyz +certbot__certificate_domains: + - "netbox.eh22.easterhegg.eu" +certbot__new_cert_commands: + - "systemctl reload nginx.service" diff --git a/inventories/chaosknoten/host_vars/eh22-wiki.sops.yaml b/inventories/chaosknoten/host_vars/eh22-wiki.sops.yaml deleted file mode 100644 index c22c882..0000000 --- a/inventories/chaosknoten/host_vars/eh22-wiki.sops.yaml +++ /dev/null @@ -1,210 +0,0 @@ -ansible_pull__age_private_key: ENC[AES256_GCM,data:9KqIeO+anvrbbw/3ixb0H/5IRjGYGrmYG44u7AoSNAKDSxPWImrUtbxRjd+mtTbUbj5hybTJ6T560LIhmz7oM7/fKyWKDHgGOFs=,iv:ONryhnxKe1fh6z+2OqPiYnZgCijRUTKtsEi1AuhE3Iw=,tag:lae+JSvB0TK0TYv7+kUPYQ==,type:str] -sops: - age: - - recipient: age13nm6hfz66ce4wpn89fye05mag3l3h04etvz6wj7szm3vzrdlfupqhrp3fa - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAreThzT1hIei9hM2t1a0hQ - aEJ5SzJ6SjIrc1VxVXlraFJrRStEVFhSWnlvCjQ4SkxlcEVrOFo2RHdvcUljMjY5 - cUt6RVR4UWlrZWZCNmhUZWNrK0kycVEKLS0tIFgxR1hlNU1UalhKNjBab2ZTeDdp - alR6aTdXM2I1alRRTmJYbVBtU0tZYWMKKbukpWMjO712b3xQ4KtzZXTBa12ZLQI0 - Hdoo5vso2gUNO2E92kD7sEXinurE/nS34kpVXzRGr6ecj+CA3Y+SLQ== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-10-14T23:36:57Z" - mac: ENC[AES256_GCM,data:0UWzDg9rKldTtvBUTMu4sE7WpEJcCOSrdJtGg44H+3NMnkYdjFpwkUWCX7yB8gxkh0fNGpO6ofj85VJsOPpr43QLjsIQt8TvPRHAGsZh7UfEQLRTOkx9hF0qIOY7ZFnFL1LYMsU1kLb1/OUFcGnjMTCWrZzYhg1XZN2by3/paK4=,iv:cXaBdX81ZunvEKuahrblhJZS97pab0nd4uyD2u2/E+A=,tag:hc4W4PUBQA7yvs80aw8GsA==,type:str] - pgp: - - created_at: "2025-10-15T08:45:22Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAxK/JaB2/SdtAQ//U4q6nD7qTfeix2yKYYH/6teYtUHzIFOlql+pyajnTkkK - to6Em+K96TkJs9uJuLD3L9GE4v8LjSJGGTwO8A+4c6amUFV5vSXD0Xjh0bwupKIu - 9Dqy30/V2bZVcbHuzWpZub1SHq10r2BlWVf+wGvH1SevySpoI+hIbNzJvU858Znq - 0vAwC3VmzkK/cQUko+4iIJRSl81DYwg28mqfXEdRoRPy87Cg3aRrmDTyFp881NIu - fP7SWX9Llna7OvnLdk1drvQam6A3CPNPMV6tWmpZv3tHFavNRriGKgCfpzTy4ICL - iqTRFybSpxiCH/twDGKSXuENPKRSXNu0BGM94JR1rx8l0/fLp6un3Lb+Y1Nh5PcD - XMtDLEEOcFqpqj90w0WgtyTwuPtKOmuoJoC61qj5V+jTqM+RzQVQUazkUjiifaej - MlIqiuLILqKbHrKV/IY1ABt3Ep6ZWB5kMNn09KlcpSAjHYyTjx8Sm4dVjlQ8ORX8 - 2oP/W6g58nEIL4ZIR31M9jpsSDSCRs/XWAJMdCgM7Ori2Ep1pT0XiPF3jfvU8cMv - h5T2nYLLNGk/hlfspb/BEXiPzyvKGCN0JRfHrnje3yN7IXxGmBGp15p6ZXpBRNvj - i2rHxWHZbs79uGDnxB1efmnG1gR5H0UuBP8IUPCGOx8N/DhRf/KbBnwwiwBjLRTS - XgFAk2lR0MEHTh/PxZe0S2ZKvC+ALHnYM3/0LYcSVyYzpju/vdpkBm6MjnMGD3oP - gYsDqd5qJPDK4cBKQDgVsFa0IxcFCTkZiKgkey69nk4kc+gVLXL4J8f8ei9EDik= - =LQxU - -----END PGP MESSAGE----- - fp: EF643F59E008414882232C78FFA8331EEB7D6B70 - - created_at: "2025-10-15T08:45:22Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA6EyPtWBEI+2AQ//R3VOX9Pee/Qhzadq3GCmTuDcgI3UNUTt4Z5lbIN9y1Ee - 1iwcydUCFJh6ArsrxFjhplvaAF/FwKiV4/naDF4dxScDur05LT5LrBLDXMu+yuJy - 2OWuL6m7L0rsgp6CwpWfuO1Oz7qI1qeWDYVTaA+MXfB/nJ9gqZ8j0aW6KsfE8WDo - TD4G4kNekI7Dc51pKeWB3MGW/g04Q1X+IROfmo4sG7G/C+ksNV66QhUsjyWpXE4R - qVIXkmBtxRu8gQ4DCEx69j04ImoFR4laOLzf9/ebUtBUxhxAX7hjiXBc2ml0qh0P - 385eeA0wwSlPE4sPxx6DDKl0/O942b8VfLNAEPv7jepUqQc/ypi7p8/5veJZjLyh - vO5PWfHmFFpZeyTAkoMt0QNFkpHE8UDzOQkoK2mzih6g8/6kR/UrWrACappplpz6 - L7EI3iC6UirspqelpivyYky/22aZnCcmn1rkSEIVMoRtMar0nO3qhdVja33UO9kA - fmStidsrRLjz9Lnt6NV+MG/4kAgp6txJVBEbQ1EJwhkzXaVPXCqwHibcNnesBcrj - XmpNb+SIuRWQiItSJWcgKuQpqtLxDfQ7hPg4Yzs6cZ4+TYXHWhEIjpjxkc1J9goV - DrY8FWc5i2XIYx7caDewbNiM9OBfId6BqT1FM3Ozn5WvbnOKIkc8IzsJgk1JCh7S - XgHExqCwZFRvhM4FpVXAcLb10P5RZ+bB9F4Z6zAym0H7l2+0i9+rjZEem4+6cW8P - PaaNIv7GCcqhR61COTpgnCoFUa7Ko0HBZis5wTWqLG7EN9t8e2NOjP0wq0TcxoM= - =MXEi - -----END PGP MESSAGE----- - fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC - - created_at: "2025-10-15T08:45:22Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAz5uSgHG2iMJAQ/9Ei+pUNJI06nf7MJrlXCio2P+AlAbyT+/N6onk9Z2s7JP - iJ54XbWAAqnG5zLDk3JcJeFH23wMDeRflR1iOaSRIDHwIm18WVOEsPH9KHbeb1wV - xPWdNZW4CkhWA+3uM2YZ27lobLSJ6+r2eYCt/oitWWNpaVX9wpgk9Eob+5dYb1fd - tFF5BEW2KKp9pH6CbGQw7TQsp3q/l3bT80kcBOdehtu6fP+SzX9RI0Es4bTVvdVX - 91Cen5YfsGN/8evAi+JiGwIvCAynb1366Xxt+JKVQBLN2JE1e578SCVV0NojgzZB - DwCo85AxVhadj1v9tb4tSsc/wv+zsXNehZ8J731MwIgZ4yqdPRUF4aFA7L30hdv6 - S3AjkWDK9dKy2MK9tlnnflN41v1MDJde3gRTE36DInYPke1V3rPLaR7n7AT5tgSC - WNeSPqdKRZ7KB80fi6PPTXr6+mKXbBuKgqio4n0G5KRx8yut+9/1GhPEpC8zhLGb - frzkec9CAmBNwQ57DVjfu5QMqK2eS4UMpt1P8dVJK/23V6TRHjyRw61SBiGK7UFj - zoYxjmyK7z5eY6Kh18178KBjk8EiO+9hEd1XZQxy/NSshotNH1+1TFJImAgZhual - wAeFKgeXedXLDOjNhwwwW2nZwJWXE9LmgDaafV1Jia18Gd03tLitwzCb0tHKaiTS - XgF6Sz2qdvIP8F49VqWPC6SqIMaUgA51TPjCjQjGXiYDzxf3eX7ogwJ2ltFjpcM5 - Tk+eto19n8dy9kNS85ZEJF3Nh88J0US4sSRiX5adtbox6mTycMSIHBnaQv+pPB4= - =By60 - -----END PGP MESSAGE----- - fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5 - - created_at: "2025-10-15T08:45:22Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAw5vwmoEJHQ1AQ//WFYbLIogXZ34JicsNxWN62ZN1OvsX/BreeMLHLZOxwgO - 5mBBvl99IgXmp89CHHiOiWvnrNc1Z0E9hLJoNV31KaabFRT3qcYmLWxA/ZLAiHga - oTfM2ZGAYvitQIB9bKiGdAwG+Z3HqGrlaHPfyXMRd5FFKHfGMnBa5HWG7ECqBcp+ - 6jKvfZgC8I8FPjKobTolsVmZ1Tig13st8qkO9gOfWUU5D/ovKT6UCakOY+vNVqeC - j65pY9d+O3w6LbKjsaPNhzwVRrBj7xJWjTVkhzW8jMaWDnQeMiek2x7mRCkCkfVE - IHpf4Dx0H2HWUKjtZizgpgzYgLqEMhm7QkmB8okUAHo/X0N3I559vbDE4f01CSM/ - YUwwC3g2xESBJVKB9qfcWDI3wAfo1UM/2LpNv4NKYm1wM/xEKJ03XBB5DabDdosJ - ZGM5ykA0ChrmB/s2rmYZlx2ezf3k4n622lZmrnUoz9gITr4fpmiRLNAEGjfD4Rdz - 7TjyLTsyBkHLfTR/L9POFv2rY3NOVrAMzebzvlWzNUPzoG0n3Bgn9EnOKHlzf099 - gir/yHoJla2yO4T7OP5C9uxZoGgo2PtgJiNIGayvafP1HhXJ/pbNXZ9lIeuNqNdL - rMcCof4d1uamf90ujEYhCQHyiG7kMD0jjiLasZqR60mMCazNboj/ujZpEwM+GvHS - XgG4WYMAP/cXPbHE7CyIxIra2Mhk4BjC8nRbwJapiFHJLi5jPbQ/2o2R0I1CTlfC - FzxoQE1CtbtJw00mSI1p6stbH8hiDe6laozSwb7euo3oea9n5hSQ5aV3UidbAuE= - =UZmy - -----END PGP MESSAGE----- - fp: 87AB00D45D37C9E9167B5A5A333448678B60E505 - - created_at: "2025-10-15T08:45:22Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DerEtaFuTeewSAQdAY+csMuB0w/u8X7G9jNWercIChlRC20l7Ykv3g7jPmREw - XmAFCB7XQXmn/lz+054r//9pdYtGi0aaHgx9LcK8HkT0tVqDZzouRoAFiloCv8w6 - 0l4Bvdaay3AZUfrELJUe09AoR8IUo/81m2ruz8U3Frfgw+7WVRSOKEDFygbYMh03 - RP4zHcke6z0GnzeyLvDZHzj5DDPJmK6RjvWbU0o2o91JTZhlB2mKkLXDHBmOkzz+ - =vwsN - -----END PGP MESSAGE----- - fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912 - - created_at: "2025-10-15T08:45:22Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAxjNhCKPP69fARAAivNnFmR6CiXdgMM8K3E3+HF2tILIK9u1o1DcvU00Tgc1 - ynwfKG6Vbu7v3XbObQnj00l/aG+3Xdx47XbY3UUQuRAzFQQ2gBPDGli8ZKOr2Ih8 - lWk0d0fwu+Kgp+rSKdipdPb+KNNRamcM0WpJbf1cWEnyXGfYuKDKm63y1CklebjO - Vr0rOHVrf7dii1C6G9z5taVwONfWX8lfJWHsA0wteqSDOQuUJ0fr5HCzMRlkT9No - lxGFlxqOU2zuR5Bg1uUm/Yx18IXIBpYfHusSUOxFXCFUaxny9zl7NQxjGBc1dzSW - XQsbNfjZ1ik0H9PyqKWEqeCyN14cJmDnL19laP/3/TTdamwVIwmYURXwm/tRCH3Q - K/H8vMBs9f+/OKtf66gUMWc3MO2WvYogu1d464ryYfAJ31aVXhCw/YVT+OCdAdag - VSCKA31N1C69Q8kxejcw1ZGaGsslRztd3nB1V4+Xv0Sj+BLopb8f/qXUqqtjOYHI - l6jxBRfshptg0fO2co2UNrRJi/Sr2QYOz69O1SpGLhf6gsl1Cpx5oy+KL3m75cPF - VvMFI1OPoW+B6a+aVILHJ1HJ4vNgjLWzS9rvF1ylJvPMF8nSkUCEIpHLPV7o66mH - nT7KyX+Xpf7UgjroBMY5WytTDoJ2ZUhkdbTrDCmOtxEtZ4mwXwyOBYDD+GZf6o7S - XgGSBxeYvxjgKtlbHtm8r0cbG01dUkS4GN2Db93ocSOCDWWdG8oRjQQb2ecmp9Iz - 8AEgTg2UCW0FsLIUDB3oHUx/lodD26F3Q4/dXO8qw+MHf7sCIpW6NWkvZJmPB6g= - =UJ40 - -----END PGP MESSAGE----- - fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55 - - created_at: "2025-10-15T08:45:22Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA1Hthzn+T1OoAQ//Xq1G201XxrV8zZiKYTRstRMOZViTdVdO2EKi8cTdpkbM - L5crA1cyi18P9ZnSemYak5m+YJY/UWh/Nv4RaALQJWLRx12g9e6Ahm9tk9FPy3li - 5MMIZJtkjFmU7HxJnawW6vrLtBwqN+Xs1Pzdi4kZiwdEJXgeSAnJ/JfVYGgSWuXs - BREBvHCBf5wsGvqpIe81OgZZ5+uVTcBfuoqmpXrfXdAf74ehsz7d0Vc2QMoXvTt9 - eSDWWroOZWXOh/8pz0ZjLs/k9v2HdyCGohZ12QmTPe2B+n3pWZwPM/yNUz8a1fRf - 8B13x026N+4AyrcIA9fnUytMjV6BoIFown4nn3e/MAMvroAX+Jh/W5Vm2EBITIgq - l0eziBXyRGuDloeY6gvsGJmMXWEY/xHL6EZ7oEs9yEpuQmyp+PDeyP77GuboYabq - xZQyYq1wFEp/9/WunYXyTEH/IsTM3ZZy929iZMevjRGIAbykQCzo7BlrDl2REXub - RFmcCr8yUgk5XD7wETrp6DrBwGVdg4AFYRlSUzrTe7sLbFR3tx7WToUSZlTRxeGC - xOPpRZ0TqqqXcTh+LZKAhlioXhY8jWxS2GV+5/eRLdGmMhu1DpshrQRV/HyLCh57 - tUY7CJUC+f91MddNmRMVpYcBC5dAqgI1Xr3tGQAXsn9fH3Zq05HijIBr4rFE2m7S - XgFdzNv5deQCByYK23LVWZNUW7CfyZSGGRTyUikvPsG5paOI+1TxMfKHVjstv4wX - VN/qOm7SrDH5gshI+WBMC2aABnW6exbLwgZOlc8M7D9xHMc4ZdEgo4WutlI6Uik= - =lPG5 - -----END PGP MESSAGE----- - fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD - - created_at: "2025-10-15T08:45:22Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA46L6MuPqfJqARAAvQvFXD+SIaT3uQmGv0+WO4Y0lrqF6VWETVC3yCnUiTAm - nJsvrNOMUJui/WHiJqwjVmDoT7ilkh33WnF3Rnw2Jw2WNX2bCuG5iXddBKUr3Ogz - ZWMae6eY79KDpWix/iiaNe1dqkBPgdUZDPuXudDkq1cpO8VCrT0vWpjLkh2TegzT - DnqoUAf2zS1cG455XUS1L3Os5aoryFLlB6AsgVuLjEHNoYqsygjyYA4opWBmZTlu - FcuIlp+5JczwK0Lmo7fF0IWD+ujbILFzBOYZsVsTRnOERxdLANX0QKBgljnRLiMm - LE5tlpOvgag+MSFrTIDy3BKlJ9dJrwqIzT2joRRE7+MzFZNZGsAqRjx7o7LlKDrf - xmsFP0u1cCTtZ4yDbhi9x9rKjks8vMCNKvNeACWfli0FWXKRbqvL9uegrN5FMpNU - 5JMegL8ag624IcOCNKExBFQ08Tu6Su9Gmv6IL6oBn/GZE5NH5KaEw6Qgp+kcxXjc - D4d7dLPk4NOc+crvPIEdPOS6QqtB5j0iJAgSe1UBL6Chlk2Jo0toCa8hcznjltLn - zQD55B+y6XfCLinHClmlztQBIcyx18b7BKr6i49LXPZ0sTAQXmIE9CUyJjdFdbUT - 2E0ownpn7e5s61h0fKmY64CVOR0ffQYf/cMYnMo5h4pJLx4VzikvwK6Zge2fF17S - XgFGFcB+3P66RKZrXYxnBEQDUy2SH4z2K8NQ+FwfHk5Xn8lR7oVGBMYiL4wi9mi2 - g3H2mKb1DOXwBPmrH0Hvwtd4WQBxrpk4/L0o9N9Ydj/yXrqe7c0yDb0dPwHx9Wo= - =Yi8M - -----END PGP MESSAGE----- - fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A - - created_at: "2025-10-15T08:45:22Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DQrf1tCqiJxoSAQdAchTFsCspaX2IvJhVtq9DBvXPOEQ4wScxdrP2knyXfXow - 32iUuXqsTdx00wdbLmrjqgRPNdkpXDELob3dp6VBXZw3Qdnq7Vy/vdCuJKZpF+le - 0l4B+uKiPm/hX6j3+s3kkUASDE2UDlan7JhRY6E9AAazOLz/DbEqDll78DOajPO4 - 5VExDFgRLohMUmiSbEehhTX0fUe7UC06fI+RFit8FTrXQOBNQ2ZxXgzhTh5BL78Q - =iaOe - -----END PGP MESSAGE----- - fp: B71138A6A8964A3C3B8899857B4F70C356765BAB - - created_at: "2025-10-15T08:45:22Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DzAGzViGx4qcSAQdAEgM+oWVAskw4+VndKfML5KAMOAIuToqUi39n9vPMBBkw - Uhp4bTCdl6CZsves8JTIo/WWv3TOfrjsbpCfS7KTuT4JjcIXM2lCdGOk8XmgAIKe - 0lgBSyhDGYG977wPYdnTcccUPIOvPuTG241N7pvjrkjlf9ahofzja+9lsx6exieh - OXrDRwvKnqUQi48lxMtOjNg1tZYbNe2EMm01zfTVTN+PWVtRn8UYCYzn - =SpnO - -----END PGP MESSAGE----- - fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD - - created_at: "2025-10-15T08:45:22Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA2pVdGTIrZI+AQ//b+te5kA+Unebbevaf2VUcgblzOAQFpTi194VY/HGulLm - 6310SD3x1w1VYuNoVO87icmnImx+NXbyT+LZlLaCBwXYS4IdZBfCsDJ520aedKY1 - rFixaLHxgRIfCcQ46Hhx+EW5E5PoROGAoE5U+EbEoHRviHvHzir+lwU9nEmB2AXp - o4JLiadGpLYipjNOFx/gIQEkAuPxqGzmglp190AC4V/1BQfnPOxsWhFIZOKgFV82 - tGixkMu8hgviQZV2EAnPuI2OQw9O96VrX7xdyACLdE1aPJvBliJJXuemXg7DdlbU - QtziJiTPhAx8NkrlDiN/L505wpNo9nTfePuWqVgFWtcZN+g3/2OQep7TOHgYKV0S - eU+QaI2FnFgScJ0N8mhOXCgZzrX5pEhoPHLyeZNEWxNcEQ2fU0LRbiZiRnkYrpNq - GWPTxpUee4dSeM6wicYEyMCrZGO8UmsACGWumKZdoerWn2ryqMznzCmLCkzuXEkD - 057jS3H5SPQyL+UWJDPtqNQlerjTX1XxYoCvFxGpASvNfLnyK0m0QmBEWXChg8JK - 2RI6tHbdSzWWH54H7VUSCghAUrF2J6r2aF+OzPah17NHkFZdzIkcv3u5NX0hbZ3u - rZQ8NuH2GrVcArH5CTuvb+OnmXKJlfej8KglDMs77170AZmcJPcjh/zMHVcDtrzS - XgFYC5oAARO1XY4XrH0qxRYSBsEutnfgNyDYI32+1lJo186pFpuPocR6lXGMRJSw - RUNHZm/QsQYMithnbrqSGg+tLc8J4zSXzJXM0RvIX0VFOB4YeTPPx3uhRy87BKU= - =mZsg - -----END PGP MESSAGE----- - fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533 - unencrypted_suffix: _unencrypted - version: 3.10.2 diff --git a/inventories/chaosknoten/host_vars/grafana.sops.yaml b/inventories/chaosknoten/host_vars/grafana.sops.yaml deleted file mode 100644 index 3c2372a..0000000 --- a/inventories/chaosknoten/host_vars/grafana.sops.yaml +++ /dev/null @@ -1,222 +0,0 @@ -secret__grafana_keycloak_secret: ENC[AES256_GCM,data:85OEAwuWnYW4NgObAmYey+2kGRML2iH8FuDlIZsHyOQ=,iv:Akdk7Iopx6nIOAFXqa7ROnH25vhoe4uopzEcHjWKWo8=,tag:Lgm8H9fWA+/PCjp+SHoO7g==,type:str] -secret__grafana_gf_security_admin_password: ENC[AES256_GCM,data:Ct3YH/5FqUA+a7Z7YlpZ8aMvUM43blRG,iv:ePwTeX+7H9p0isvi6Bu0VG5egIOqTopmIiUhYoGCmR4=,tag:SLy3totIMtbED7XxmblasQ==,type:str] -secret__prometheus_pve_exporter_pve_password: ENC[AES256_GCM,data:dJanRGfkNwZw7oaxxwpjpbV7m3Zl/MzA91Y54WrLXxHWDRHBX5Fe1soWgysN3uI5s+rtIWWfpCux/rSggFh0gQ==,iv:6gFk3IHxGkWcoeZTpS+iReBR5uMModHp2qLZp7aG4Tk=,tag:V55iwRKmS50E2lNS7lmCoA==,type:str] -secret__alertmanager_telegram_bot_token: ENC[AES256_GCM,data:DhMeo4UHoYu17aVx2sRtQ2v2MFuwD/vHB0xsOf7QWio35ZAcwzGHab+VOzREbg==,iv:DhrCAfMoUt2Zk8imaVA8xC0UAJhXpyqNNwqP5th5ldA=,tag:BbCDqenw+yT4ADpIgZ5row==,type:str] -secret__loki_chaos: ENC[AES256_GCM,data:km9l2LYuyvitMQOSinAyUnnF2AePE3fcW1E1k5fF,iv:gu2FB+R3/UIsa8qivpQE6AVaOug7/Q4JO3S7nhubsww=,tag:4JaG9ZHPbyzFIdzCnYN+qQ==,type:str] -secret__loki_chaos_basic_auth: ENC[AES256_GCM,data:9HS1Jq1LqTmshFKdUDk96Y0apSC3xhSqOAWv3G1E3djDvl3QPA==,iv:oYgoIDqV3lGsHDfivgMRh7HQ0tFZhRO9OZSOuD8Yoxo=,tag:wkFgxC9EFbm/wHIHqELv0w==,type:str] -secret__metrics_chaos: ENC[AES256_GCM,data:GDLtKMuExpedDFWLew68JMbdaxy1aEep2j4/XkOD,iv:2sbdjEp1GY6rMq0BMw3Sfjyci3Zfm7fFkU8wUFy3IDQ=,tag:yEarnC4wJvFnB8i7tJ30kQ==,type:str] -secret__metrics_chaos_basic_auth: ENC[AES256_GCM,data:eT39ijCsheJZP3D335EIRdeVR4nSX7APw9e4iQ40NtXz8EEfGg==,iv:+OxDeTOF8PLxSFT5ZKkUwWYZfuBgv5YUJSGWsURL2kk=,tag:0nIroxvAjTG0vB/lwq09LA==,type:str] -secret__metrics_fux: ENC[AES256_GCM,data:aV6zeZ/XsVlA3QepSfVd/cOr+tqFVhlAxRO9SHx7,iv:fxo0o9amrh5ivPTxRVkvymB3fr5dLFVE7EqIpBlNZBk=,tag:41dm29mrV/jmqj5IkuNAaw==,type:str] -secret__metrics_fux_basic_auth: ENC[AES256_GCM,data:YL+QLzZyyObzDcz+FcefViMrvdkVSwRhDsBx/AwoDX3RLHCDjg==,iv:GADdMa7FHMM1FnyPp8DUHElpXsJeqD+gN5Slw0R9bgs=,tag:KGCoEud2JLU5s1gurrbywg==,type:str] -secret__ntfy_token: ENC[AES256_GCM,data:0tuPJVmxHcdDWOMIo0QQXgIEkJo+p9A5emH+kc+U5tw=,iv:NZcfiz3UFw2fMcMf+q1GRp4Fsxpxbptsx9n8wPR54z0=,tag:SJYFtXccCbPrXjECiKUOUA==,type:str] -secret__alert_manager_email_password: ENC[AES256_GCM,data:AsBzn9KJEoMjcrUWiIhR7I/1jaaFEa+cl3gImOQVKrg=,iv:mtQnZqT0taap3+z/L/nMfUvQF3JlTKIdoljmzVr1R3c=,tag:mZrCB597p8LyB61I7ZvHNA==,type:str] -ansible_pull__age_private_key: ENC[AES256_GCM,data:OITNx5IxnrtyNQKrLoY7WKTLYeqjGXHAZ1bkwSrHzqUxXKMWOAGGHQkK5r+poOgGkiYSulNLA0NMgdBkkv7/YRQiu9Kt2di6pt4=,iv:CWGR9z1/KfCVoOOicqfWBu+XXGs6fTXMbk4De4izjcQ=,tag:Qum6h0k2YfWXPyunqFsQKw==,type:str] -sops: - age: - - recipient: age1jtusr294t8mzar2qy857v6s329ret9s353y4kuulxwnlyy4dvpjsvyl67m - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYSWtZeTlMNmFPcmV4RGN2 - K3pET1lHSmRRRWVlRFJtcjdFMkUzdUZleEFvCkIvM2l2NU1QT3V3SFhjNHlhdUcy - Z0RPL1VTYmhBZzhjNUJNazU3cTIvTnMKLS0tIEYvR0kyeFg3SWgvdGV2N2h4blpD - bFdHelh2dklCMXl5aWo5bnJUYURablUKU46qv7mUT6SX7xlX2Dw6Gy4nJAT+dmHG - Y5lVYXV0r+nLejalbXZy6kH/7mZAPXvu3/rkrbeaO1WASQHPxr5tXw== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-10-14T23:38:52Z" - mac: ENC[AES256_GCM,data:bKdCkiO3OjBfwsNBOFVrFMti9fXtedYWhKuPFDgNQVYFblZji9UQP8XsX6kTSfzU1DxM+OR14RMgV5xssoB4f9q5tP5FgyhCcwWHCt1cg6lIQzIoOx3o68YmNf5X0C59Q/j5QGeGQiCNDV2eymDYcm/dV8eKEHD0EtmUGNFlOfQ=,iv:7jW4IFcebqx/0N0sqygV9SsvS+m+kQSlEGkixtIMy94=,tag:Eg3Z+blFGyG3lAXacwVPqQ==,type:str] - pgp: - - created_at: "2025-10-14T23:47:04Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAxK/JaB2/SdtAQ//U7iuPGV/ORWjqLnzICRMwhtI15YgLOlRehuVc5DXU+Nd - rLEiqs6OCOahGFlskF9VqEFlV09P35r8by5k7QxPKvnWo7kdbY3cmI/VyusaJmPe - hQH53/uUU4pBNqLDFnitr04Q9cRklRUfRW8xGerUM86q0FXOer98WhYTHJ7WqrAS - hx4rUsyuUkPTfeLvGcWZ6RrbTM4bLCPT9lGeta0oYPTah2MkP8bdy8bz0rBDE9Vl - Wpw/q5iB+a4YtrkXDsFl/jfqYJJ/hBBDi71/KcS58new7EWwLONuvYxgR3bEv7k3 - N45kFd9CmrBdyIbrAoIjsgLtt0JvOqzXxT63+OzMLOK+6crhsa9roeuJAXNIruSK - ON/3B7TE10FU1ncO9JNX9IRFaM3GtiXSThDz8J95jN/WyqHWeKG6hvDDbGiKAeK6 - 6amr2e/OFLkonto83xncv4p43RPYU58tjolHOsTrUjycqYXJjxaE//Oyl4I0EoY+ - E3lhFZ+fB3hGKjis9DeOoxZbtjpG/+tqPF9RZhLXbf2bA5caaeju543/jaOcpR+L - p3n+bZFi9cE7B8Uyd/XYTL2X/a7nka81CWp2PZGqikFy7oDNTUxEZkKhud8APa9d - Nb+FZ5sAyafVyiN2po10fUUXrbQgBjsrBePrBDUQoReZr4cFNlvMHrV75Sdw9pzS - XgHwYabeUIoAvazkW5bFucSMVrNJWakK/Kstv9d2+4yz1q6FVNy/ZLLqs6EWLAXC - 6vjStMSDIutyc4pzzJ8Xt2CxOO7shECH2xE3DJd+/z/CD1x+CcGNeQvCQWDJxqU= - =9mvJ - -----END PGP MESSAGE----- - fp: EF643F59E008414882232C78FFA8331EEB7D6B70 - - created_at: "2025-10-14T23:47:04Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA6EyPtWBEI+2AQ/+ITdkdAphlMAL4w0tn+sQGTE3ddOoU7QyMo5S6SBvkBoA - r7cQr1PCXGOB+SdDlnuifD0HJUP4ClrswLZqv0lzpMd0t5OaQraklP9t4zi1DVYD - roW8nK3AoaW4lf1WTOaySxuAQ1/pPvqGMERhnm9U8dVdLJqqNHJaMT/7t3vjlaQJ - L63PDVnov7bG+eDm9U6yMLZnxN+L3X1KsRGC/1XYKJhAkzJ9jwjhdyiRBon7lKQd - yKocR+vvr9uJwMsWuvOZ0Y7J/T9yBgn/pMyK0PU10sSZiTkxVQxIDBOma/kYWIKo - etteamIsi76y4ZW1/G+HYSCMi8YvUxINJIjV4zUq+NkMLqADv8xiZF03QXTnUl43 - dvmefBQUncfFBFo8cnrM0dJ2fDyTy3OfHVkNF8X2RlYfVx0JKf73vsf8Sm2sVx6r - NDlv69RUQULXXoEJZNRyegTkm8YOXasu29ik+SCPP2tAGKIk9qUM6pGtvKMdQRaD - vZ6Y9JAmiWMWUgGeF+NUGQSbN9wXaR4w68gn6SkK1DfGsgRXKBQ4qv2tGGckFAjT - galVfKR13j8wvqmTNSvDSXEDVIf9lCI+NR0RV1pCw9biO95dy/hEf4U6T2SQ3tKk - eieAbpmCwXrJU1Xiil8NPM84nvY4B0LtPnhv3nYVCdAQn9N65EcmvQVidgFvWUbS - XgEoH7GE3urClVq/iTy5hPLyUIr1egx4SmoSS+Vc6DPkEgJ7tuEYbAgnQx/SyJsO - sEeKVK43PbQN+btiYF1j8PiYxFVrX+2xsGlfunqEIrt7ILjQx9QrTcqeuVa5ISk= - =fNv7 - -----END PGP MESSAGE----- - fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC - - created_at: "2025-10-14T23:47:04Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAz5uSgHG2iMJARAA1l+iSgYvzloves68ga73Trmn/YOCUToXpEGYWfx/ZMZu - FhWcbhmLGUE2zocIR2eawpWlSARiwJYPh75kUCRNmY4UxA+qLgQi17txdWuWGH39 - +2R3Aa7YTRfRi8APKVu7zrhquPgqzzeUqIwkOY0ta+er+Fzp56BQACbf10OYDeWm - ux1pQVxDQLIelaXTpSo6gF9yQ8dZVvd+3h2HcTmIrdQ5oAJmU/MiZ6VC/KAJTlvL - Q8KlWtBz+4KxBThwz5JOPppuRvtAWKCvXe6KojPJfUcuTxfSSGeE65kMByBe6o+c - YCyC+6ooNrVIrHyzO4YpwbFio+DErgx8U5zwqX5mTsRihXRedZLJv0AOBXkh01Jb - /J9u90HeWG45++K/qpz7ockrAhEkN9/ZWCxbdLQBcEklcNB+VZVduv9HWWhJfD6D - jFzov5CYv3vVsl/SIA1IeLAhYtY08sVhWRQD8Q4BV36mj6qtfmrVf4y6DnhDaqsH - gyiEMCib00jdt6xCJhCCHvu9xcxyE5gUc5oqoNJ3e5GIK3R7LdoX3LecGKJKyq+J - TofTgYyQF1GsGUWQCshSahHFW+89l+aVpv70LtH7nFeUelG4GGobi5J0uq1F71js - n6AITVGk8/UFbJHTdIBiXWOWaPsw0w7G1vUbEz1dosY9obYV5SO0AuP4wkfn8UbS - XgGjaVPqqBIyYOY/4OramutUOnhuZXCDNKsf/WXFiawiEpK64+sWyqDXB2e7K+32 - iRDWxb/tdeiTEj44p0lnywpsT4+LSewAdhLU31yNi69zU4b87g5FiAtUAox/TMc= - =EGO0 - -----END PGP MESSAGE----- - fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5 - - created_at: "2025-10-14T23:47:04Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAw5vwmoEJHQ1AQ/8C4OH0VGhxX68TMIvcxngiHFFm7ewrRBuyEFUeg7Jx2zZ - xhSefZ1mjzOdv7XthL4RE85B/OOexro0Yhg25obGPfevZgOkNeREOr/bfo2NEGY0 - 4bBzttJFrGZnO8r4AbfKXHhSlb6QRseh399VEbcSDl4bM/7dqKiWW3GE2mdzxIOu - /+mGJrOLVugmjNrNr1TvmRrV/hQwga3dTk0dyEMzjA6GNaZNoYLsJUirRyPEJTuC - bIdE02/qaYuNGmaOMMDVnxDabwFl5XzQge8c/JiKOKoSd0fDBURGi59yY6RhvWFC - v3be5cdf86Pe4ei1wLVPxs5PGJtYPq/dLavyEIPN5VrA3eb/Kapt3WRTJ2RBMsZN - MSnTclW0T3CtsuS7rKMXdWxDj2RJSrP627/kMR9TAK0Rb+yud4r+zmSbTkxV7tO4 - Amq/jWFxIbeJfy/FLPc8ZvSR2Wxs0D8MOnAcg11qh8mX4G+2cZWLowIOPaQAqQaC - 5DPugxMScr0ZtW+cYX4b4MvbCdIQJqS31O5Ih5MwGycp5iFDZvp1IJt9kY/dRVef - n88pSCDX2MdECWZx6QAu6mvT7jbB3bEoMVspETqPKj/4V+JZZZqAyQeRrHXmNGwZ - 35+4txbq5E75ZugZlm72CnQaq5c3a9DJ7d/y8xy+SiOzU5+AY0lo1qaoq9AH7mvS - XgHaAlXJ6ChyA/lVI3KEFWYDTtzN5K7qDfxCPwEMSU1GoT85Jk3m+EMvoQhhJUJy - 4ooY2hWSFd8eZyGRPNg2SuFpLGovFbvP5JMmVhpbZR76z1v5Ex3jdT7ECeweu5g= - =GPL+ - -----END PGP MESSAGE----- - fp: 87AB00D45D37C9E9167B5A5A333448678B60E505 - - created_at: "2025-10-14T23:47:04Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DerEtaFuTeewSAQdADjjTJ70hiKLmxb9BMyvicWlgeO5KNWm7puNb3cPIIWow - ND+b+aFnXNK5pO1Ez/4An+s4czBOMWMXZp18Znll5pisu4ysE/YvUcfwwATv63pM - 0l4BSOkDIMxgKPH7IFEV0b/64uhPfFWQdqFZy1UCsWqUvs3rZLvHlx+mR8OCPNeG - jksysqrY9ctTlKInq3NlobPQlhDcvjX/hkTIs5ePthDPF4fMmIdT0w+Upgi3mvcB - =Ow1f - -----END PGP MESSAGE----- - fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912 - - created_at: "2025-10-14T23:47:04Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAxjNhCKPP69fAQ/8Dv12x2bjxI4lg/v7wRlCqSAhHzLnJ8nnAIlt1Rwqty7M - D9VGEKBoITBvSeX5wHAi7e28gBP9u2MEpTG/aHEoWdRlsNEKYr/YW57gAW4zCSxI - 8DS/MNmyFmQ5JnauPe4mCJFr6uNBpghouH8nenvCiQZlyL4OIiunx63WWViyXehk - x/wC5sYCpaniTgf7WisMK9wlilMKXmZxBAqGtqHZLGKQtl2gqnmkP+svn1Xbg55n - TqkznJixV064rBFTpWLayqrPymrKp9KLzH1Hn70bJ7iZRHWsfMYTuB0TO96ed81+ - 3lH/dY+0yzza4HdlAsnDrZ6NT5pJJwHHbckFtvz2Z6zwKoGu9rVPaS6BxCRaW6Fx - tokrf/6sKH6v2cugvKDdPFbqPnUpUzMhh5U7YtO7qm+w0qtWHJoX9pcZKEmwmqz7 - 9n3zQx9zb60VnzDKGMgTt1Cvm70YcM0tLC05KRaL4vF0IR0LiMJ45fjyH1FKPf5f - xvmLgv58RcdlDeRMyOqYMxwGuj0ATcUGsU5rU5gIuqEiSsZMzukRGkiA3z9vUTDE - yheFsyzlvHHhAZb2FQfJ/p03VUudV6HSriCar5B+6OTzojgdf/fOmTCdKczTBlq9 - 8VxF4UsKWA040ljpLgpuD0oercexN3jhAuotEuXhIZ/yBSzQhsXxovhMY/atkHXS - XgGIic1vUdKVyhCECQfyaKW11dwJedaF3BJXnGQnQfUo54Bj3LcsMdpWYM5TnU7+ - ImyFLICagP3fAH6047JxFykxk6pobxRAMkBcleXILx1u/e6eRLpVR+w4Y8ZZaMQ= - =qlxy - -----END PGP MESSAGE----- - fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55 - - created_at: "2025-10-14T23:47:04Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA1Hthzn+T1OoARAAsOV7fgbHpVf5ct9yFIIems7wm2fDN2pkmRd/XYT4+D5y - uS5/lFBBSeCvlXKvCJt35reXnY2Ru8urgRaeyyZbLmd5Veq8xyjVlGyOc6TaadQE - 4qPlOoYzNg/dkyC4yT/2Rnq7Gsq1u9NXtKzKjKthmpY9PFDLKLuQUgFRpXlrgz9Z - WoWyIFmJxQPPRVFvDC4g2+jOhF7do5qqvTfENpR9HtFzbnVRzPfKIRW9N9VlchB6 - A+fCNlfWIbP6IJR58/rCyY9qjTT/MScYCR4/bzV6yZNpciVPLLP0f2MDVHoDkbxj - 9xscq2J4JaT7g4HX6xwMuBoUztCODSCBApMwqYiSqB3mcB/uG9bbIBq38pZRbjhB - YLKi+rAVbKy+0TLzJuHZ3KJt2TrFUVch2Bk8EcOxl5vE01GF0Xp2KWbK/eaG6+aP - e9b7WY9fTdJZmAoE3xgIN4DsbUNBBEsfNbEcUfMjeafT8go9WB8XJ1riBkUQ2SXC - hwujd7iFzwsDQtyaEhYFXSy/29q11N8sO98sFeulaHOAV5Za0/C6td0v2/Il9U0A - bnqzxCXA/4kuGQVIQb2x7EaGxBk+6aEq005cvr9HowxI3ULGLxxebJeEssx2iE4o - puKLPHqjhORtlppjjlBpC7bnOisRkIPTGUKLV75J1fPWOSSDsU8nBz90wDNs8ArS - XgHWGBWEGuZkDaeUhNomFB//DYQQyMsDul9s/5+9FKuATr2K3bjuLHb8dU/kHpgC - sZ4mqztBL7tNdh2Spqv/P1n0TS7ktc4ch8hMbzlS75l6RwYPLVL4WcQt36p9tpY= - =e89V - -----END PGP MESSAGE----- - fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD - - created_at: "2025-10-14T23:47:04Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA46L6MuPqfJqAQ//UsnfUGvNbHb+Vudh7QjzaGCiWQg1fKfJYyEXOgfJs6Ap - Amagw/sbGE3GSqoMweRnSZNf2jw9Gp7hcnLsU2kI60/i4Gx+LYYwMZ4Xh9gQKdMd - J/SW5WHei2c76Xi83T/BFWgA82DC4k2ncAxLoNGsJPN8yYtiRTXrASriVtwRlOOQ - 6P7FXCJWXt+zAvlN68q7/6GDyesiHfhM7py2kNmmbrX2JU9kLq12jj00ctzpJnGt - x13MNZCB7SeItRFeWa6aUEAwzdeyUizdV9aK7lhS81czN2+SlwRNQhIAKAHAOzWC - 2p/u03LmJvLzi5FZhLy1yY9WTcQIapg9KAjjIIe9zWBIqDZOFXjO+3xqckxUW5GL - btEzysmz0ogpW1iEc2jEFYK5akaq9MixqggrP9cwZapM4EpUvqPboCRm9lu9EDzQ - CPsj/nDm+/fwmw//cXY4UvGG7rqV2j3JnoNBcIj8uU4lI5gUhx9KJsZnkGyfepc8 - LAszENEv9fJW6S2mXW5mla4NOS84ZxuvJDyGamHYUplaUH2vYRzAiqHc6WAz0y3q - Z0eCgGpJUd5hK7VHkkPsFKG0mrX9k21EolRZ38G0KorRG9Y8dN9l5//KYikdZrmx - Jtm6LNAfQ9u1vPZ5WcB0ejVHbXuhiej1l5IQGCgViWxCtJWXwFIpS/2ERxgUwUXS - XgEvwI0PzLSbo4vHeE1trTNW1rSD8sb5DfIc1XVjrGT52WoQXBB72ZsHGWOWyCpr - r3vdTn1RcxzxM4wbtKQ4yTrv0EUT8BNjYGPBcdLN0/PrFmQYvKw2deH6JdGFNGo= - =Bgcy - -----END PGP MESSAGE----- - fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A - - created_at: "2025-10-14T23:47:04Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DQrf1tCqiJxoSAQdAP3YSzvfgRNuXtdYqEMvTDu8jjZAs6PhCDv1k/0RnShgw - BKUuJI06W4oXp3cchwLdc9Uy/ps7U2xbzAEbUGGjRu2/pqN+ETKkxwz8d3ID0Bnv - 0l4B1l/yKulQ1Umt67YFzAxPxdo38qyqkQkV9zP3NbjX7aRTPZOHRnYvDNjodAaL - dcznEAMP+18IvbY2Qohllz84KNREYUYLHWN7WVA8DbMS2KcvJk3YP0xlMXKKuGKm - =9OY4 - -----END PGP MESSAGE----- - fp: B71138A6A8964A3C3B8899857B4F70C356765BAB - - created_at: "2025-10-14T23:47:04Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DzAGzViGx4qcSAQdASfYc3nVVgO+E3WnggKJ8x1bdgMdTlaTXKI+Mpmhs6www - mgZetbtHTEKDQLGWt3cmIezG3+wcwulrFDWXE8nT2h1Onb2bEYvXxkZlPnb4+kuw - 0lgB29OX0Zj1fWH2kcO6nxwvb/ZtJtoqXOLl2gpeGP8J+q/UdRE8+9dgef4KRK1m - oVbiBy2qHVrk68dTyZnt/kCz4vog/mjt/UMtNdqenywyGs0CuuPDKOyG - =XZU1 - -----END PGP MESSAGE----- - fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD - - created_at: "2025-10-14T23:47:04Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA2pVdGTIrZI+AQ//UPYnQ15X6EuiTexyRW1voN4I+Ox3DvhnAZhsCBi17L8Y - MHUwp3BEQksomeiFq/8u7zzNYNUZhrU6VIUmf8oSX+qZYI5RQGAXyMFRXp5Ikls1 - DP31IfVnRO27PNKjGuXrc/jLMjHWI17SMv0DzxdnA/QLARA0UF4CmycIWPiBN5f+ - B5hHqL4JyqdaAxsM/qsUB1SouKJVOo7AqKLW8ueIvVun6SaSGKRu917N7ce7JGy6 - iy128tZZcZTWbXll/SPcINJOOEqaat/rRLVvJ1gV16cqTZHsqfDYn1VjInRhbh77 - 7q4Ci2XN8RtSPXtYUjKtotcZMRYeYxIqeblYa7DFRfyQFluparXH/x4F52S3Uqwu - j8hslqbCU0LoxVHjDF1w0LJHfqaUlgB6BYcl+c9uQeVfSKjdzTqIMy2qD/7ffFpS - vb8/alB9Ga+Yj0TwYC7PjvFuMViVslDgoEtzc0/1aDqTflK7jAFDBBXVfF3KZUo2 - mTAirKNWyA+cwiUrEJBgv3iGbQr5AAovht5LQ3pVbnBUoH3/s+M7yE6M4PbTaUyp - 8bQXhwXNhuEf0g8GwSd9J8tTVcy7YChkjdajH6S/vtWsuvjQJ4Uw2YmqITCqT6Y/ - cOHIZlxIKEsYGAGEql4fxjLl9+lIv2A92lrD/pmHG74WWfAPpGeZB+DTBurKvH3S - XgFP2FY6oBVlFVGRgD84EoEg3bsB3x4OkI5nP0XYCqp4XUi7Ed2xiRmroCDp/2ev - INhl/Wjujd+nijjcpdPYCxXOLHfma9pY5B7lrBOyWZUQO+CErTZ6775ooAJDXKA= - =k1ZB - -----END PGP MESSAGE----- - fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533 - unencrypted_suffix: _unencrypted - version: 3.10.2 diff --git a/inventories/chaosknoten/host_vars/grafana.yaml b/inventories/chaosknoten/host_vars/grafana.yaml index 2e3672e..87cd328 100644 --- a/inventories/chaosknoten/host_vars/grafana.yaml +++ b/inventories/chaosknoten/host_vars/grafana.yaml @@ -10,132 +10,17 @@ docker_compose__configuration_files: content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/grafana/docker_compose/alertmanager.yaml.j2') }}" - name: prometheus_alerts.rules.yaml content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/grafana/docker_compose/prometheus_alerts.rules.yaml') }}" - - name: prometheus_alerts-fux.rules.yaml - content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/grafana/docker_compose/prometheus_alerts-fux.rules.yaml') }}" - name: alertmanager_alert_templates.tmpl content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/grafana/docker_compose/alertmanager_alert_templates.tmpl') }}" - - name: loki.yaml - content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/grafana/docker_compose/loki.yaml') }}" - - name: ntfy-alertmanager-ccchh-critical - content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-ccchh-critical.j2') }}" - - name: ntfy-alertmanager-ccchh - content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-ccchh.j2') }}" - - name: ntfy-alertmanager-fux-critical - content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-fux-critical.j2') }}" - - name: ntfy-alertmanager-fux - content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-fux.j2') }}" certbot__version_spec: "" certbot__acme_account_email_address: le-admin@hamburg.ccc.de certbot__certificate_domains: - "grafana.hamburg.ccc.de" - - "loki.hamburg.ccc.de" - - "metrics.hamburg.ccc.de" - certbot__new_cert_commands: - "systemctl reload nginx.service" nginx__version_spec: "" -nginx__deploy_redirect_conf: false -nginx__deploy_htpasswds: true -nginx__htpasswds: - - name: loki - content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/grafana/nginx/loki.htpasswd.j2') }}" - - name: metrics - content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/grafana/nginx/metrics.htpasswd.j2') }}" nginx__configurations: - - name: redirectv6 - content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/grafana/nginx/redirect.conf') }}" - name: grafana.hamburg.ccc.de content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/grafana/nginx/grafana.hamburg.ccc.de.conf') }}" - - name: loki.hamburg.ccc.de - content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/grafana/nginx/loki.hamburg.ccc.de.conf') }}" - - name: metrics.hamburg.ccc.de - content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/grafana/nginx/metrics.hamburg.ccc.de.conf') }}" - - -alloy_config: | - prometheus.remote_write "default" { - endpoint { - url = "https://metrics.hamburg.ccc.de/api/v1/write" - basic_auth { - username = "chaos" - password = "{{ secret__metrics_chaos }}" - } - } - } - loki.write "default" { - endpoint { - url = "https://loki.hamburg.ccc.de/loki/api/v1/push" - basic_auth { - username = "chaos" - password = "{{ secret__loki_chaos }}" - } - } - } - - loki.relabel "journal" { - forward_to = [] - - rule { - source_labels = ["__journal__systemd_unit"] - target_label = "systemd_unit" - } - rule { - source_labels = ["__journal__hostname"] - target_label = "instance" - } - rule { - source_labels = ["__journal__transport"] - target_label = "systemd_transport" - } - rule { - source_labels = ["__journal_syslog_identifier"] - target_label = "syslog_identifier" - } - rule { - source_labels = ["__journal_priority_keyword"] - target_label = "level" - } - rule { - source_labels = ["__journal__hostname"] - target_label = "host" - regex = "([^:]+)" - replacement = "${1}.hamburg.ccc.de" - action = "replace" - } - } - - loki.source.journal "read_journal" { - forward_to = [loki.write.default.receiver] - relabel_rules = loki.relabel.journal.rules - format_as_json = true - labels = {component = "loki.source.journal", org = "ccchh"} - } - - logging { - level = "info" - } - prometheus.exporter.unix "local_system" { - enable_collectors = ["systemd"] - } - - prometheus.relabel "default" { - forward_to = [prometheus.remote_write.default.receiver] - rule { - target_label = "org" - replacement = "ccchh" - } - rule { - source_labels = ["instance"] - target_label = "host" - regex = "([^:]+)" - replacement = "${1}.hamburg.ccc.de" - action = "replace" - } - } - - prometheus.scrape "scrape_metrics" { - targets = prometheus.exporter.unix.local_system.targets - forward_to = [prometheus.relabel.default.receiver] - } diff --git a/inventories/chaosknoten/host_vars/keycloak.sops.yaml b/inventories/chaosknoten/host_vars/keycloak.sops.yaml deleted file mode 100644 index 73026b3..0000000 --- a/inventories/chaosknoten/host_vars/keycloak.sops.yaml +++ /dev/null @@ -1,216 +0,0 @@ -secret__keycloak_admin_password: ENC[AES256_GCM,data:U6vt0UHHgz85sO+X1YucL9CIr00LtTaeyGUFZ4bVFarsg7y6gTtb+fCuYKCgsJmNDP9jek8Ny+A5WPkMkWR/pA==,iv:qq2H9nF6/1pUBhJG8dFmfRdxk9HSaIOoTdu3uu5xJDw=,tag:rpEuf7JSQ0092R1aPOojKw==,type:str] -secret__keycloak_db_password: ENC[AES256_GCM,data:IDmQUjQh/QB1xdkwPKqv3ZAwdfy/lkSEdAJuF5MSPCNKfuANRmN+4rH570E3/ZApAJpLAkefh3pufiVbNF8Ssw==,iv:W3roegZU2KfeBDBBImQCCa6VqX+nUk2oh6jMhzbGcVM=,tag:0Qzu8gv5ThtAss4xJ4vf4A==,type:str] -secret__idinvite_token_secret: ENC[AES256_GCM,data:FC9LqUf6wDijaH6JIde9u1Lc4qcqi/XZwQ==,iv:fSgbI4CXMeCKWSyVYyYT+3Af+OdhZ0wsFwNpZf3CA6s=,tag:tGe+xWyBH2VJr3yc3Vh0qw==,type:str] -secret__idinvite_client_secret: ENC[AES256_GCM,data:ImweU1aPI0G9Lf5+TXvVmZwGhoigSJoHMLCuq6MxxP0=,iv:GSGqpMVHq31U+IYtnHnu9RuMt985y2N1PRvrlWFicg4=,tag:NKuqLcb3xPzna6t2VVuIog==,type:str] -secret__idinvite_admin_password: ENC[AES256_GCM,data:fVb+vCHzPLvsQ44wWxfAwx5vRpoycJxBLA==,iv:Co53uRh5fG4pEVxnC6uWaXRrCLGH2Celg/XC+idiWSY=,tag:AWUn99jtuJCqXww/2dSS8g==,type:str] -secret__id_no_reply_smtp: ENC[AES256_GCM,data:Sqc/UkQq/2F78G8LP92YrA==,iv:ObEdXhzHp5aDCWq3r7aUBhOEJ1sJ6lYiYC0pmWmwML8=,tag:1rtneYPlKS+uDzFWev6A4g==,type:str] -ansible_pull__age_private_key: ENC[AES256_GCM,data:do68bbNEpLJsuVTYbxsVsP/9AjnqANPIzC0VIC9QRvWPiuQlteCR7OQPX+uTrjVn6dYMpzi/G32AsX6X5gEx5paSh8XNl5rmdlY=,iv:gdCxC6WFxuhMbusFcwCVT1hdxoXbzhtyHW3ASh+N5ww=,tag:WgXzfOAL8r5ge37JwdRvwg==,type:str] -sops: - age: - - recipient: age1azkgwrcwqhc6flj7gturptpl2uvay6pd94cam4t6yuk2n4wlnsqsj38hca - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBLSnpFTUxpS1YrblZsOE5i - VzluS280cnFmYk52c1RGaHN6eG04MlQ1a1NvClFoeWV5cm9pVHVsbTFuNDM4d1Rt - T3ZvSnJCU0hkZEpnS1hFV1F2cmJRVkUKLS0tIGZ3T1BvWW04U1VKTk1YNmdtekZx - ZnI2cjhQTXJMSkZBeDF6OWl1VllkV2MKx1u2B72DW0ylpoa7YFVxmcmWCvejf83P - U6bzAUyqpNoTVfH1MNti0KDXntV3/xfie4V+uBdHlJoM4wWgwfpxsA== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-10-20T18:56:43Z" - mac: ENC[AES256_GCM,data:zuJ5oJfVma8DH2f+Gh9cSBFFiPjSpP4tJcBc1Rvb8jW+rLgxQWLcmScvHzNS6Yj0h3vINnV1oG+pYb0S4rnUxdH5tyYvI0M+DxMuC4zodxGEkvMcg/r1mf+cHUS2evDOJbKzOrNQ6oXTXu7ByBtug4x8SmJ026ul8qUJFJTucAQ=,iv:sJ8oLM1c9Jf3vqKqMbcLUyO8wubhshj/AgfYL3bjn7I=,tag:dwwktlJDiEg9/TSmkcfupw==,type:str] - pgp: - - created_at: "2025-10-20T19:03:02Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAxK/JaB2/SdtAQ//YN2BM0cAL8+W4bKnOgJpws9PmVTLVb45xBjuljQpwMhp - aXIihHyl/594wq8HDfLkTNeiPCLPtwsyUghGxO2K0JtlByVrZqb4ou9I5MiFrNID - 30I1lV+KfUK/l0RxtOwk0u5r2T1eaUsonnW/D19ypBPP9GivW3Mr0tU8eorwwMRp - fVKO6Tx6JsZM6Ta+RjsTD/XsGA3hz7Fhikg9WWJAxFXtSmUFH/cOLzywqUqfoVJZ - 9fiJ0ddr9ZIduUPUJeCr4Rk5Neym2ixNONk4EB/+C8EglEcuq0iFlu5MWcHYPsWF - TFAFRMXPC4iA0iwNLBq7GtT+PlGZ0nGHghDfWfNzN6w0CrAQOKbU+X3rq/A9l107 - YVhH/qqsITN3DWBS/XzqTvLkoF26kFfPsJx+zPOZSwvNFg7AtoA1gKsM03SZu4ws - NARtkVEPUvpuEmZpvNgl5oFh3GcB2upUZy2G7hZGiOveYzzJ8kSm4xi2Dm9aRAZA - IoXUTN7IJbvvmFIzgt8zdxHOq7O+6NNsmuXkIoPe3U+vpXU/MFqO9DrW6VNp1DDA - hMZK46AiaNqYaikoSG5QT6T7deW92eRla182nQMM3vwQXINyttxSQwsO+9aID8H5 - SagAMnmNwyre9zybqqh1te6yxGEN3gytrFpOVVFekenMwr47Us02jsl8gT6nErXS - XgHBrsQdxFal8aqQm4dk4n1cngXcW3/stdEDGiHS16hOFtRA5gk4Wh46lccgrkA+ - yYXz5jrLUN1Day0JslWLLARPHr09Y1Mw0xhuOwTCrrXMigmWl4lN+e8QsxvNA1I= - =Towe - -----END PGP MESSAGE----- - fp: EF643F59E008414882232C78FFA8331EEB7D6B70 - - created_at: "2025-10-20T19:03:02Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA6EyPtWBEI+2ARAAt8fzgHEAREmswy5LbVkYEUcE4gZ6/MGplykbsmqHhVTn - 2RfbM2DtIk23R9SFo3y1YPwoTtr++YM797TttEKfMAf3jEm8xcDosGw/he1bBM9r - wyvYI///usr87O+IiVuk8F0NYk4UCpDzYuyUANiIPPml+D3I2rskg+WohMoeBSAN - pVOkdqayR1BZzENoMRN5SJEamoMQ922b7jVeKedg/gT9GmcOB0zn36ktnhOQaonQ - yLS9D0SU+da+NWQMxu2uY3XNjtrmqc+n189SQixAB5x7SlnnnUFMHBJh0GA5xvD1 - Xtox+8YiRdHhIbUNeXSOTm0YfAmL2YKxalUBAWyiAcKg0UnDU8ZNsQNTYJcMP3bz - 5QPmkGcV3Ge3Qvr63CUA4qQPQXdXIy8dIl8ETiyGi9oStvsSjcpOKyEG8LE+bGli - aOCtdsi5cvnmMt9D3UCyeYqLhQdDZ34z/N35cUohMBmfWV55rdBioZu6Q9a09YVg - 1JyoxF70bZ2aFfYAQoKGD9TzR7Uehyf9moFSjp9gHXIVtoq9w1Du3nzzwk1H42U9 - Qp5Jiof3WIQ/1OjPGuhxyA6f2cXEg/iwVqpcDgzaloW49wtEaVmINummxnCJX9Ud - TqzKidbKUQhuBYdNhLemnmsLflym7ohgUhqt9a4PuBl4WwuAEoFGAZ6z5uEaM5DS - XgG6J9Y52oSne2pIw96Wmdtv/BdujPWoGCeeRMHYwuxE2cZ1wNoFWq8RoB74PoqY - LGfp9U3tI7LVyn/Zs12UNVAs1zZtZmplcqTBvIbZun2ToAMzEfrGeVK0T54M9CE= - =r5XD - -----END PGP MESSAGE----- - fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC - - created_at: "2025-10-20T19:03:02Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAz5uSgHG2iMJAQ//ScnbrArByH6JmtM2gnT4MHxXfjJ1hOSrmv0Bw3oj23ec - jFA7kueGGtDPhEcKHZRPVR9oWRj1Ll8G0Utl5p9dtuTWr3Tmkprnwg53KP/2EAOI - Ih5/oJ9RtJmIfkfJCy0uPRpP0dC8FLcAOB5gBGgUqYsz7DKQXXnfUcpEmW7Bu6SW - DFGBsxNsSqQOiKUlUD2Y+s5KvQYzjYWz0grAao5OZ9cjdrhkmtdfeeTgphrFPBbG - TJBeBjrrjA40fHTiS+QETITaywYXuNe2QsL3Mj2Ww6cl1P/+b+yBsU2kWb34XUzE - 70oEvLM8rOzqV98ihLZM6XQEYpAmo9I4up+sMicXTPn+QU97XhxMxPaJBttC/AeM - aWzLcSKncZoHP/QE4bVBNuVfS5lF+nTDuCAMXDqsmkSEnLSV5P+eTV2hcCdpjT6R - fKJAlkpkjJsGzr+UhgxveUqGvRpuLQdL/o8zo/tV1++hCjS2rqRsSrG9wOBNypcS - fIymigIeuYnC29osYqsnU/oUrBDFFN7/gjdQkuviWsYH3tAAYlN3byNxkqLFB8dM - yq7xXnkmgM3cZDpUsoAk9776ovKGw9Ho7o2nH7/Ztqguvue03aTcAWvMwZV66Met - tmzjHDg7LQ53I5YCWJ16PRu7MonSbhpG1FAhzTd/MC0ycDZvsh6MUTkvlmHG7E/S - XgG7H7QPOhcvxXNrMkwvlpTWz6Hrzb/RrSgnuepzxUJ4ZspxbFcg7u2VdSS15BkO - alZ53MQiF8FOyXoXPTuVOvftxfJlNs7kFejN+m3M0ObIsglLQZrB/nmWdkfmEr4= - =9FFb - -----END PGP MESSAGE----- - fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5 - - created_at: "2025-10-20T19:03:02Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAw5vwmoEJHQ1AQ//aFsuLbi6Ko141qRzvVNa5+d+QVKlOgaDg1DUU7L8eOB8 - qJQr+pLg+5DfQ0JKaYICvG5AJUXYZ3eW2OnIr+1I917G9X/4zk8XjfPRxda6lOBf - lX/NZsFplcxzASamIQtwlKdaA/rNZ23JgVNZn/EnnKxTCTDAd3wpVeKqPAgJUY6m - jSvuYJ9NzWBG2Qd5bdvX18YUZSra6NXalJRpqU3jgRV++AKBUVIPxAU9KthwScuH - yxB2K0Nd9l45Jhg4SyQxi22MN849iYrlOohIi6q9ykYUAEdy4wImxEP86k/pIgbA - 0JdV4+UqbV0+A8PU8yx1ZZGA6YMwrj4zVpvOJokn3rbMOHMuj9TwGpNXe9cMdhJs - di52jGoCEgeWEcm67j6EBq3LZjMjnFfjoUozNT4O6zKg0rYD9Db4cSMmsveIkjpk - d80gv9TEGhDN/8BwKu8fpMGKX9sCEuxmZHh7W8teSTrEerXOt3Elov76pYdk50dW - Fc9hYdAhNS7Brkb0hLl2FWDV9rFB0j7SUUEMMfcTGCJNQsVTIFpKPpRDRyJ3f3ne - KmOG19BL2q01/Kb5hrfsNvRx2/apj5CV3VlFNubVXRqTVR3AK2nAyXImiTh2Pb5r - wEiWhC382Rt5B9ePV7LLte0DsOi67QY7cAzaZ7xq2DljVTu96dO/qauNOjllDzrS - XgEo9UEndszKuuQbHQNP7UWmfoX5Xld1aj7QY7+hbjYw8cdQ0kxDn1iu+ePla8T4 - XO4egiG8ZUWY149hbAvej/eKM+vimPEyHMHJqINjg3o0cgoFmodhWidGXupYZ9E= - =4faq - -----END PGP MESSAGE----- - fp: 87AB00D45D37C9E9167B5A5A333448678B60E505 - - created_at: "2025-10-20T19:03:02Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DerEtaFuTeewSAQdA/k+VqkHz5pYFUppWY3oV9YTayH3jeHOzQhGz4fIqiUow - N9DXVNvXoHyOVmH4EW+AIrDcunUFh3JZL2OLw8zSmwXw2vdw6wfCEP7TuG/xtpmG - 0l4Bo3JAPGe48qDDPxUQke8CAYuMLeAMo7i+yAajGOzB17wv1kyfI6gjOE1YN1Zz - TVpn0QL9dBoU3l1zdxueo3IX3EnVGvmDWx0ZOD6IYBqCI9ywYVfUBSRnU0hTvnmb - =0xE5 - -----END PGP MESSAGE----- - fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912 - - created_at: "2025-10-20T19:03:02Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAxjNhCKPP69fAQ//e0JAmDrwi7CZZTAPeJf/ulgbX0Mjr7T38CKLMjv8ACQX - ZEGV9Uw+JiJkSqVMKR0I5BlqoZjCEyKDsO6YI25Gg8ques45mDdEv/1XJUrm/SUN - nVgk6cQZY+9RlNUb7iRQuA9C9PHQdR2r1vpZaBNNQac8lYXLnAIntKsYk7ahQIdl - zASKaqADkKG46lftwskNixd3y3FLundIQ4pHOnG4w1ibOnCVHeX3CI5DTCptWr9/ - G9D8gblpU47bvRe1o1chfQWulelDcqs6UpCKkWBZ3VlN/ky4kgRby7OfGDeWZ7pB - 5qhpeabgG/OUItj9WwM2EiU5hRjec8G9f3ZoGgMU1iEzy0Fn0iMNUwVq0X+0mTXU - MDFJR7OuU5fttwnV/ZbscZsnr2Bg0TJtJ1LqswXqfTSYoRQjIgq3TZgOojgRfWMB - T3xB6PjmsH4JemZop8/MTWeaNVhU26T3to+B0YitTWZiutUyvxONS6rk3d8mPIun - 1uufVhv/ElmlsKj2JOpISGhJ7HWdkVfwzbLHDXHquroF7rqQnYSLesqmTqet6WEV - ZNv3c1H0R+Le+dMIAyzufxil3xeFfAzZARKw1cdr+h3/WMQ9Ew5Wqc+YMzj7NebL - EtKik2RW5kismM8CaFCPAaeGhT1hQObSFn3+07cAzs25vFdA17p5tjE6830BHqrS - XgHWmEYCnQLmY6VHJLcRNN93Kuh9HzaRVlHru/44xX41j9MOXn5G7gUi64FVwa4h - 2L1N++c9UNmpshELP2tt4c3Bc1r3leGs4SabpqJ6VUpwiHJmO6zNGG9scnFdLKk= - =lKcM - -----END PGP MESSAGE----- - fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55 - - created_at: "2025-10-20T19:03:02Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA1Hthzn+T1OoAQ//XqzOZvpif1cnn2vcwbigLFxqSgQ2f20NGCu1sNuCxqMi - C6b4X3BYTysb2hp2n9fHo6VdLEO/O8qi8e/22nI/A3C+8cLQyXNR03GPN75xoQgC - cXvnOdsACQvtPorrsbJhzKqxDVP7offWNeBxNyQB6UPiFEOXtKBtaiG1OwiBNI5K - PpaW72M2QW/oha1DwIvwA0Am8Ge9xze7KjamKZEl19pplLVGdSkxPY2Q2lB0l6sw - zrn1rZOrH0y6X7d3AYajdxs+3ERscfRFBBck55h7MZXDRNLECZGpRG9/6EOosoMf - zVk+ANxoEiPGnvs3f9LLcNSj8PlwOdfrwghG8J5DKUUy4gzPpvx6QiYuohYt0mRQ - IA2KPi3EaytJvYrB1dwWrEMXk+xV5AJN3XiVtPHaag5fv2lL89ZxPxG1zGIRCX4d - 0VxFk5HDYDu0n4QwtaGkg337l9XLtW48nfnI+5Vu0a6ACDyNGBwlP+iDWpp2KplM - KYwLe9Iw6OjhwUDxZygZYppo6gJ/3zItqc3CNI18WyDNKZbW5HXbJuXwU9CHGyff - qt6pqLdsdZ07hdTKHKheE3QKPYu/3sxHX5H0wjZeLil0FVjQGg+UQ1Z5vDBOxdOW - Up+j0DdRdguThffY10U4UIJulmY0L8YkCgUcNQWlaJSg4Rz1Ebmapg5ETtwQtg7S - XgGq+qimi0YqNYDpDKX23ormKuOUD9RoBaZW5LdSAjXux8hCABh/EOud/J1yvUnQ - 7RXxNvN+jB34Fq6RoZnAmC0ZyZ1baqQsXUEKt7xQ/XVc/ouK3GTIKmeFrdlkKSQ= - =iFsx - -----END PGP MESSAGE----- - fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD - - created_at: "2025-10-20T19:03:02Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA46L6MuPqfJqARAArTCJBi/ajhB5IgD2rphY9CT78lpf3Fhap0Ra0wVjej6q - X1nOa8KenH9GAiVj5VcL5Po1SXVCXf/aMAnkSVZ28k12JrjdBXe4wKr324tUTXFq - VrhaLTxCV0sCB+RMoh1kVowRnyNrGUskw9NdEfKmnFC/o9NixkFrQHDDG0m5QNvi - W4wTFKlyp+GgkZ5Q3VJnpS5c0wEbS+JHv6mXG02be9IvKEOc6T3Os50JrKvxeDX9 - 7DM/sT7JCUepjrXFJrBVCv0H6NnZi2fhM7gKBK3dF+9X5E2X8lqSzl1V4ad46YRt - UNUR2ALZ9f646uxMTEfrpH6eICgdv/k0N5pHPmsC6FdyaG9b20rLyXaCnvNvT57y - Xy2xXjO+QnkkUFoy8q2Z4lIEvAoiINIrxJr19aamG7EBKA1EnTgD+Ug+z4wHgdlV - gfg89nPxIrM0yHikSeKZOU5HI7DKz37vVwAZANjFNqqVUKvCnIu0EAhMOtlmj08C - db3PdorygJD6oP118dzOToYlNgKhtNjPeVL7qmMf9mN3oK+fcLQgpv83gG9AAVxa - 2nmev5eEAVDULrHXJjplMTZG+5NgJy0Zr4gdrc3n1uzYuQjbw7ucYuSoR/fjpxlK - 2qE3xoGzAP3FMmVaYbedJUas/RdKh6xM0ZQAF2MhLgMt7cZF6ay8rbHeJ1uGB7DS - XgGOitJbiD5hNJH1PLTl1vplMi+GGI6VvsdArzoAdPBuXlUseyoLaNQBLQJ9tlYv - 16J6/mCZrUjVRoXe8XAZ6PEQW9Z35DXsFwAtnBQIzpG3Ww7kf+mVBHQ5ElkNDE4= - =yj/J - -----END PGP MESSAGE----- - fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A - - created_at: "2025-10-20T19:03:02Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DQrf1tCqiJxoSAQdA6LlIV/tP2myea1X8BGHbF0OdTkLRPk2M659U+Z4zAigw - g/OspH8USPFrJQf4OdvoOASv4mIUlr6XiZ98WdgSR47TdEmfLInaJMN5BxZ0PRPf - 0l4BJ7gyU1pjxibIMm3cJz33+AfL7st3F0p/aWsbneytlGF+GWRLQpnEjt2pO+Y6 - tjRVCIbZ52zdZKu8p4HCo8YlGujWuyLDoxs5Ra2k8MvZ8wn+2vwQ9rldWqRKxikA - =OHMy - -----END PGP MESSAGE----- - fp: B71138A6A8964A3C3B8899857B4F70C356765BAB - - created_at: "2025-10-20T19:03:02Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DzAGzViGx4qcSAQdAQUT3qNMP0m9l9ZNUzE2QI957/0Cb8ocQLFg7PGsR4Tgw - 60xK6O5zxpTpRMWu2iddr4ducvsEHvZxOykmY0fFrLmmkZDp99ac1wd51YJTAcms - 0lgB73iny5g+GUvM/s9dgbJwnFvoGcHOJapbhVBl0QpT4HylDtdbskNK07lTNqys - cf2Qj+2wvYtVCciHirXNUhOHEtY7IoJDQk7SubPBEZpMoAj6zstqhhLi - =4ph8 - -----END PGP MESSAGE----- - fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD - - created_at: "2025-10-20T19:03:02Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA2pVdGTIrZI+AQ/9FTUO0mkPUFLv5cFLhsNibSoVh4L0Gnd/cIFhjcI6onkT - mS6A6xLmPJn/tpEZUeyxw7HfE9VGzGvkmd6PCxKq9C3Yyd/CCoCPjIsIOpd9nw/B - rOBwmsQLyIOWKkx6PQ1A4aEoRHb9RnPWTJLd4CWTOGauRkrM9tZ0n9uO3L98cRUl - NAwwzH+Ztg9ihj1CUJoX0i0njOvrhg2Qrl5diCE40g91b5Uk5rCmJfy/+Frn6iIw - JuG2FphhvdN9mbhw3afL26YwlYYGbvKI31CpZX9Jl+k04PqTm3S/rxX1LDr9PDUj - Xm016D183mqQHM/Tr3KPTkdOg/pyIvR0w71MSC3VrIv1z8EoojF9QwOxiSlxXX1y - KY2/tT86HKBPtzXKbAXyguuSdrMzjBCubOjRJRZj9QdMArQwL+7Q+nXGLQ2faKaK - f/axEZBXu1A0z179QkBfIn78tznw7E7chmnABQeyOpLCfCuoyjJJDgiWOKSozIWk - 7SrAVjO2WLKJcyVeLdO4KZapSumE2mIBBH6xxZKFAHPGeWTkd7Tlcsk2D25lcdPE - /i+jzSyBSTPDzF0Kg9of0BmfkbvRg8/3Yjapr3gfmZVAyjLPqzAoyqi4d2o626Tn - s577vgIdafAiS+iMTa9QtS5hyHwcD+dqmJWv9J8Oexb8R+9Xi3XlN6exiQaolD3S - XgFoGy4Lvce9j0zJJxWp+jN38brNsrRkTZ0VYtow6wUMPK7J5RPlXpOTI/0hHxDv - ULJ3lIj9paK2rlnSDEGv3jCfM88OXC8GSiIAN4618vyk9QOy9sWfMTq12BzvESs= - =nzfQ - -----END PGP MESSAGE----- - fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533 - unencrypted_suffix: _unencrypted - version: 3.11.0 diff --git a/inventories/chaosknoten/host_vars/lists.sops.yaml b/inventories/chaosknoten/host_vars/lists.sops.yaml deleted file mode 100644 index 0f17dd2..0000000 --- a/inventories/chaosknoten/host_vars/lists.sops.yaml +++ /dev/null @@ -1,210 +0,0 @@ -ansible_pull__age_private_key: ENC[AES256_GCM,data:pUFhg492OUXVIlDZ3Z9A/H0doJCuTX0zh9qLU88nz18jMzWmzXhc2kbQkk4QeSTnZ12juiTbpUFW+1cE1bOontIu5qiQgpe3c8s=,iv:bONSyFUibcszUcxBt749aiVVnqLKBuEJmfege0dGaM8=,tag:cvapTnTN62XTR6tQBSe+IQ==,type:str] -sops: - age: - - recipient: age17x20h3m6wgfhereusc224u95ac8aj68fzlkkj5ptvs9c5vlz3usqdu7crq - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBnZ0xCY2M1aTR1aHI4blZW - RStrN3czUnNaZUIrMGwzR3VyTGFGaUNNN2lvCjVEc1FOUmJKcEgrUisva1lUQ2FU - TjRzbDBoSkZIZHVDMVJtZGNQVU1aYkUKLS0tIDZsMkFva2ZlTS95cTIzRXpHaE8w - UjhNS0lWelJ3WjlTT0s5UlhOMlExN3cKRmzaekpinaXNml8Dq6Doqok+vn2cmBgu - iv5wPriaTHkfrMg+4vbGzTldIjuMhrXdEq7luF37grN9dgyEDn6Z5A== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-10-20T18:57:27Z" - mac: ENC[AES256_GCM,data:IAM6vn4rI1l6qvPWEcDJ5xoD3I8/GWOr+PmRQ0QdkVMD9Pt7cHtMhHPpYvH3e8MfDPhC2g2uwt9FHsPqpcOXpflme0aF4E9PndGi1Pzi+yh40FSBAzLT3MEQ50vZ2rifzqUe5KSrXByF1WAnZxLTMST+xIlvEZOV0gx6y0G/iHQ=,iv:15MZsyClZ+WLBZgcRSq740LgDakuHAXAb3hAQyLKVSU=,tag:7+lRz4XKKVlkSeDVs4Jy9g==,type:str] - pgp: - - created_at: "2025-10-20T18:57:10Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAxK/JaB2/SdtARAAiVpVbDyneSRJEUF2n6Szwfc6aHzYsldZpid297JEPuMm - YtqUcZmb1rCLs8F2reLKq1HUoHKvxgtC8IaiJH5EB1a2JYRr3zlu0Cq2D7DwpePK - cJHcoCzkVIcSonV2ojj+ay+L3T2mwEZEjVO9lJuXQuiupPC5fo0+qyMOeyfmQnWT - FLF8C1WiYIQPw5gy+p1VykYNrcGQa2mRPGTU4JwlZc5IiDJ3DDXduwcsg7bj6aA7 - hVR7UPDjGRmGSr5vV1d8M4EB0JEKES/e9nbUfJuEoYE7jeRbPs0RoSYiNmSi3q3J - YuUMw/rneZ3vBUm2HPP1X94MH+MeECIqL/T1Q0+lXPNEWjw/S6X7q6+N+5rkRj54 - urmNo/x5ruDf3Xap0vSObHwFTzfpYZYoAXwLofkT01Dtkhj9Nr8PxVMNNYkkKNmh - nPvfcDvwfr7wCCqtEigzK0cN0rWQJaDr+Cyu56yoRl1s0vnr+fAuvqNHsT1kq2WY - E+ep1lbyqvTb56ep/d6a+gFH1G4IcsmmVoFzOwBuGB9xFN5zhulQPSbyk6/eTGTZ - v6BGhQbQf/XLkYZLFv4I2v2WSYgiJcmBBqi61dpnPtOtdblth4yj+SsYXiddY7m7 - UitDQ9uOiRpFmABq5jSQN+WaZryrmqKpDDqfK9XJbTB9XTJsWGaeenzPhvzwaoLS - XAGxhAvtQsqH934jMtUZCQrhN4DbZXlyyMo+h2FYa3BGQkb0gYE/eFB7PwuMYCmI - ANVDs7Qzxl7GMfNz8tm7juj/wXGfr2B/I1Gw0j0M5ytWkKf2d7BWabM1aLxX - =jM/Q - -----END PGP MESSAGE----- - fp: EF643F59E008414882232C78FFA8331EEB7D6B70 - - created_at: "2025-10-20T18:57:10Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA6EyPtWBEI+2AQ//c/sAL4NHAWYI4SVDP/F6q9CelDGuBK/oUlH7DY2kgBuD - hyFnjYC5ypLTFm3iV/5Ctpfb5ypFyAdMKkdgvt84VRV9XqLi4Qda+H4xprg3JMFA - oQfsuMYSlXfVYGC5ppL8TaI4jmMS9juz8dUenZGNK6y19VrinbbjU6+pPy9X8U5+ - gMq3rcCuzhigUBoQ55dSbw53FN/lFCGyq2cST1wgfthJIB3mxQmjq2kl6kSrtQdL - +5etkk25wLOWPZGCQzsyzF7IkHEpKcqQdWuEyVV1jZT/CoOiPGbKFmH8TDPX2i8b - rOnCAlCSJqm7w9vIqiZz4h09ZDlUQBq7RKK2YCcLTtfv8LwPr5HvSX4ffBgF6G38 - roZUG/o3FKbhRHn2MriS6YsqdVtNaX4svkiFQ4DBuyCuLLZXaQVGfIYwuna3X1hY - ZrkgtpJHYgenO6TadQj3mbe4PbwJKnU5iFosizSUV9Y1vgoSasqpxkCbqvxYPqF9 - 8nZbUfyoaLpuiZo+j+c+3fj/uQ44OJre8wFSsUPt6uLSQQ9HqSX9o3OPM5IRepg5 - aNmPq9rZkxLQrI6mlwx7nmkA41Cy3hmbP7einbpFVG/tno1ZMgzT4laMZsDuA8hL - OjYGX3e3NJZJ1lQZVMWkAsvMcXsVe5HZrH6DhPeZjuEHmcAWMWuhUUW5/a2Sy+zS - XAHSQtBIXhr+DWVrL24ZNZ9dfTkyOofnQwYUqEPdn95lMFvIhfwB7vnL0UK4kI7D - JWGYM7fPADgMxjG0Avd9m1IJuzMPzvk1SoYoRXoAjLN39nY9sZsabbKrQ0Ct - =rXgv - -----END PGP MESSAGE----- - fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC - - created_at: "2025-10-20T18:57:10Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAz5uSgHG2iMJAQ/+L3+oHRYY2uN95HfPSHk/gZ4WMuqNwPcIMyCm2kAiSLS1 - KC9wKpTSWEkAf43EdG3DbzOtxbfBoMwfufm4wORnixQdpTwSk5GrvxyjBxR5GtCZ - oTGepcT72wUxJ9wMp1kC1txqCJtH/sqxQJ058lRP5EsYQSfbijc3Ardn8FRUcNzY - K/MJ2vkJnq0wsOrg3HrURdrIEvLKI/np///py11NicP//l9Onde5Pqds6Yk7VCtW - 7WADEnGclDtrSwvvXcRD0mMo2tAy1j8Id+EL2vwGMkGIydpPvGF19Ef345IsT/ES - Fn3+xzi/KdOISUktYc+RTRegwtE8v36XtWJnqDsYs6jdwKXM3tyYvqoCm1u3ZySU - GTli+rxDxqkacXT8bTJ+N9+3untZwcSyYgetbT8psSiqR26N11klh42tnjtfF4tx - R0UkNcIj23EhinpvZXrPiOgSrddgX7hZzYNdrx8rkxudIM94neS24c9jKpXxmO1N - GZ63TdZnUfIW4jQ36Zsb7VbGclGEwIxC19x6RUCGUgZHqWKyEG+Jl/8jwP7bbjw2 - NBY7tI57CLqx4UkiadYq+vT68oV+R581gpkC/uzLjqOoVVzWkStoNag5lCbxhvvS - J8gwqyCamNQpq5n6vArqUEHDGE7dC/4kxBdx3knRmJ8UhtOdE1qd8VJmGlSgrkLS - XAGKBGsRUmNZK5QULK43RJFGJnYJABMZEbW0LncsDRpwPELgb5HvqFIgxsVj1J4t - jQDkMgY4jUajqSQvCIzQlzvhxoVYUydimDEhUFW3ElzeqvvDiXhy8wk8jzUk - =1AVp - -----END PGP MESSAGE----- - fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5 - - created_at: "2025-10-20T18:57:10Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAw5vwmoEJHQ1AQ//TwaiFsGmDJ1O7zQZ6OWgfpl6Im9Db4lluy4ztcSFJB// - SpyoTlxSLJrGREVMIcWEWpTcTVoUaqIEBDRsdgMoBrdEv/uL6rU1Ix94YWPmLsDO - U8BZ+SmOGPuHpyTFKPibe/kdpKraWeqi4d/cDOcnnxbtX8mWTONZQLViVhlHS2JN - 9jsXzvNLuhii8AQdVOqB2TtXeD2IUrK3CpeMELrMxQO8Vj/11ycF1SvoM6UxyJD4 - Js5dH5FkysB+nJxeUwMjDUSa5GTGABwTz46Gy6e2gDdi2p7ofFW/z1GL0RPcuD2g - VjAgkxKJLtOVWHbSRkWBEYpD/t45ZYFDqJonbbTjKG9+asmbcKDXqUvn2I1vdo9E - s1B3XvGVtlVkeCpwpzKli+UxB9LyQLa9QQnbGGoxBCuySGdc9t7hokdG+mO0ulpy - hSqMtM0g3EuNLOLL0H0OdlGoaS41BXsCCd/E1W0l+JcVbCEwm/BFjrOFDvDp7BGS - ZAMJQE2zOaxqFkQ6HqkSugmUZdWIqflO8lC3vOlDU69Vv4BSqZjuC593JuHkSGZn - /az8dIKPJI4PSbU13twz4JHSxPk6RJsLCsFeAqZCmgAu0nD8Yw/xMORZCALM6dUz - kZC9eguLywU/cEJyHI1l9RiFqlwfNK2lPtxax0Lo7LKCMEsTtuSFcvLvxl1Xev7S - XAFkHw+9fkzrWf+gLc050EFpY0k4kMBP3at75KWb/Sl4LSE0+ZGKeyWGgyVPDWAj - l2sJbf4GXHjHl/M/Uph2uDmcmNtlECJO07LylHcdOPkiF+Qf3JBBavOtpTLw - =KnHm - -----END PGP MESSAGE----- - fp: 87AB00D45D37C9E9167B5A5A333448678B60E505 - - created_at: "2025-10-20T18:57:10Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DerEtaFuTeewSAQdA/jTg8rl1ZMl9rSubQTyoyNGpowlbqPTwaykbESi9Dxow - mrdhmIK8FJibVGbhL5y+upDQP61JWbQVL7Jn7HvmjQ0UkOMjB+lBZwRxqD56bkMk - 0lwBkOc0ICDT0ieiYEaacNPsK/xgW4W0/M/QE8943nNGxZbzJwCBLD0iT7sFU/FU - E+UWISiGWskH8ND+IJTMLjCkz8efLbppKk8e2qaCogzbfnrwNc++N+0zb6HycQ== - =FlIT - -----END PGP MESSAGE----- - fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912 - - created_at: "2025-10-20T18:57:10Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAxjNhCKPP69fAQ/8Dx/PoYg/fB0SsOF+o0/5ihVXzbs0pUcFnOvR8VdSXHhu - X/+pRu1j1h36BU9tWbDoinU2p5P2GKdirlCPpNxIm4Fke7n4OjtUC+lIfNTg0K4K - pDLLXBhLZd24sD1zs86CVYMH7tJXxJk29q5Cq7YRnhRHc2RmF0bXLIjeyNRI73I3 - Np0NDfrTLiOlpKwjnX2G4lXIm75R+D4E7rJFxs20OSvl4lkk6n6/BLdo8pP7OpCd - kVNqrIF/UQwdkbg0FJFlt21+QstwVHrE22HmLVzVXNcAXt7tPNcMXhIwZU7gGpxZ - 2Z/hWhdozI4bvDPDd67gN5Svz9ERM+sshkdkIKmaCO8NIzOYLbfVTSeXtlPG6xfQ - CdNmwGALncXv1F6QoxcEw0PeuJhUqx+ZnIiRTLT2FGBJXZkT2eG5YwhtaQJeTJKB - zIP83j0lJK2/+I8x8kxDSKHMTQfnskUHbSZ5GFfaG3TXFLM2HRh16msQZFQMDZOX - zXR9uJmXaaO2WVm5Xg6YuJ/yzPdeDN4+FaWoGHKR8TlDpn/FtbkE3yllMFmwg6jF - 0iQRAVWhruDAFlVOsIENnyPd3FmTlk47WiA2juFUP1rBShDal6qPJ9HMPIwe4XVN - 4kjmji736kdoW8TgwwHe4h7gUx7SP8jjOVPvx7Rkh9hOKziQXUVuPjxXjR2Wp53S - XAF9NEzsFAoR45xmjJRqCBWZBx5HKASSp4XmFz0IZWtX8nVghzL8d2X8f+RmEHCf - /tV/dddUdjulNY1ZdSciXYZ5ev7TYJbKQ6vWdYu5s/JyLs8dXgIv/xr/o6IA - =ikuf - -----END PGP MESSAGE----- - fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55 - - created_at: "2025-10-20T18:57:10Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA1Hthzn+T1OoAQ//WTe7k3NYS+8aLr1DS9icHnrHtF6ksULdGnuFbcO6C0R1 - H6EfIDfZgWLUhGc9hNDGMtSEIgj4umQCdTeqDpQS4utvefKdrgcLBv6LzxJ90I2/ - i6jbb95ruJi/MxYCDF9NPCT1M34tN50rPr6octPZ51mfj9zvTCJcJhwLfB0MK+mh - sNMoVNUsBm+EN9u1Mg2plJ9cxIgGxHV3+GyoYNm3s8KRQNJYskvh7OvkK+IRbiT8 - PKtbAdhn81yk9vbjlGx9AFy0VRzvpqIO1twGdPWaCdPsKuWlAEcNYEFFIr7Qiz4n - 0h6UQcjc2VpvXZruPwXByuiSAWv/+UJXbBZ3BZ6KaMOhP0la45DPY+UAqC4nXFmv - Ma3USBkhtIEC2A4TjTLQGdPEfAF640Xi73nTSX82we82hB4Iv8A0R4M6DLBnrPhN - rR7C5AffOTFiunqTG0QpE9jCHfr11ZXcf1qmyi7l2K9Tl9m+R1NubNEUIVIjaHf0 - FKaJsvUdCrE7B3egLUJW+xGCg6Cwng/pM0dZJ0vNp8M/VMQ5pBFOXKQV7pH94sBA - G9+QVPXRNZFhin0cPvI1+FNLHtznzN/Avx3rLQtMFcwZdqFLG0Sh/ai6nsKdjBPG - xE/RygNqHRiB+5wuig/WZcMEkqpElD6zottMdTY9ByZascrKLtuGbjBeh4+A6BrS - XAEiuvXkLOQD8kKhezCS5rWtMyh5o7xcAGcii4g/mABMZ2TMu+Rl1O5mX0Jomv4H - mf5zIu0yBMvVjkxX33Vh8hbgBWN2f1zvX9bEiqs6lLBBNOI2eMort2hqQyVc - =4DjK - -----END PGP MESSAGE----- - fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD - - created_at: "2025-10-20T18:57:10Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA46L6MuPqfJqARAAmqBvEPLdMy19MCzc7u51J9izozkxy19lABUlyRHYJyyo - UiWpY/DXmZMx3MyCLTctUFUb+MQv6eNC97jvTC7i36BUQWoPcck1S9HvEotwH+DF - N+cJrVjFyF01N9fn0FaGRlT2wh72QW0ZJMr9b7QbfO+cKngGXTm79HulBY42CSVa - 2OYFSaXUkmp7t3+1A+4U2V6+v1kfZ5KASb4GVGG8QSvKjIMGHLvWsEOUQb/2k+jw - 9rzyCjfqENvvkxdNOrS15ZBFOR0Mye7ubbRzHFk0rUH4fZrNtp9FY0JrT3sNe4M2 - onRkjsVWcCybkSAuRQQU8CG7I4/lcsUoK3Bj5Hq6zbit0XuZnmgciPF4hjuzbngg - Z1pWHfbCNhz9JqhHvXG9CZAFfQJV0fFEfvn1HfB579uSX9+WD0UYJLAWgEUfkSKP - 0BDH0HEO/wuUkr8WntKDhFMDMowbcCecwe/pYvuUWUYoi7boghHXuKHHsR1uGk9h - d7s1Hbx7Sk+dliVrVrk/gQCLsFcSXlH7z4SLmN7lRn2hO+rh5WlQ5u8ML/xoVV+U - t08566Fo2QoMyDl9R/fL/kgl96/JGl7rajsPpjPGBDcA8I9Roe7QS449Fa2XZIkJ - ZnbmlvpMnZqFapPss5S8sMiXCxLYbbZSazwvZ3HA5dXMiRVSLK5fM3MqOat9dzTS - XAEASS7AMxF+TXACMSMQuGmf00blIT6LDdZrZSPrdcUUc9ECMtaJbV1HuC6G1OEB - yfu+SIjVtSd+6yx6AgCBFpCCDAl17duYEVwskRWbjTih4FJA/1U4iQmB1wY3 - =eH4e - -----END PGP MESSAGE----- - fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A - - created_at: "2025-10-20T18:57:10Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DQrf1tCqiJxoSAQdALkMupeBQcs+Pno/Cf2NdeJ/ka5Y5VQnxiU3JmrPaYXcw - 0IocsrdKZROgxzQKrNZVqZiWiM79IzInI1sClRPNdjfNB36sLVtX1dU/ocRyrgtm - 0lwBOX+kEseLmOHKncalLDG+J16wIOhmJMhBeze4zFrohjfQgtiXqixMjjTHeJ2l - A2TjtKPv9hhceLUKAkN1dI9TuAjFsgIDpxZMdWeGzvPEe7QpVIPjJf3umELgwQ== - =OnVX - -----END PGP MESSAGE----- - fp: B71138A6A8964A3C3B8899857B4F70C356765BAB - - created_at: "2025-10-20T18:57:10Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DzAGzViGx4qcSAQdAqqgpaDHHwoU3lOy7PaPJq2efK9Qac+/MF9T5CLNHznAw - wff1KBo/NkeNN+bX9tP3W5ZpAhXElARDqR4G9R50GgC6/ENHo7RkiUSwKpQp2Wdj - 0lYBPgMWH985eMpwVB8NAHXQAL+Ar/eiXahk4XMviPjRhRViFVjoHWs5ubSHlnL/ - 8nZweTOlqbCrDGeZWkYexXrSV89HP7k2Gt19y+Oz7jisjjLBuN4R3w== - =th0k - -----END PGP MESSAGE----- - fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD - - created_at: "2025-10-20T18:57:10Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA2pVdGTIrZI+ARAAzdC66g9n52nWLcl+baPnLlFLgjjIkUA0D/lZW2ZhDyID - 6XSBQ3eia0F0cesGBusa2TYHifgvz26UfxnGrnIAVX0HSDTF+9rZ3cMSfkZK3Piz - O19XIrYJIHogDbbG91EXI9aw/V4gn+boq+hz4LfJLz+t6jVa67i+7AXMn5FNDgb/ - +S+GHEBqSCbHTujZEoWeW92ZfyBRxCTvwsA00IGQoEswe/HDdfPOjWj3TuGSJrL6 - ffGW5GuFmwxbEhCuXyvC8I4ixUBeOv/0f9UArchLOsNZrnaU+/OQ4JxWOa16WSVE - IEo5exoHdhtPINV9p0CKV1xxbT2cFirVwQPOJH7Puh4aY+a3DtY4DSaZ1aU9AKks - 8dJd2+k/gC9j+qjSQ9DZPEbVlj3Pi134wK3QT/U+2LgWYR+VqkZr8Aef50AYPGXU - n/81ykuJFmHkDywfYddkjeQGYoTppgRKnHZguFzhZeqoELYlZSGmc9fG0aNcKYmm - hXf4zWGv+gUTgtQ/ybZuvLoNIT6ngTS8nJ8XrPaARfLyTty6BvRT+4kFKGer5koJ - B1kQZZV7/nPCRmJmQJdhTMQVI0+E2LX/UaezfngtCZFjdJ9x5tL3sw5vrq0Hxp/x - U//lw/H0YnxjbiGbQyVybWuRxtkRonaIM2bm/VL1ZH1B2nJiE3AZEcxK3vHakF3S - XAEsg/OjB4UT0ZvWfb+Y+qeVb94AM2d6vAeifCaBCinzm9wH2ak7dcgNEa9eES1X - +JrnARO1TnIxch44B06zg2jfAq0AJpmwOKCvqJic0uw4hBYq3kezosfL81K4 - =Nl9Y - -----END PGP MESSAGE----- - fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533 - unencrypted_suffix: _unencrypted - version: 3.11.0 diff --git a/inventories/chaosknoten/host_vars/mumble.sops.yaml b/inventories/chaosknoten/host_vars/mumble.sops.yaml deleted file mode 100644 index e7024f3..0000000 --- a/inventories/chaosknoten/host_vars/mumble.sops.yaml +++ /dev/null @@ -1,210 +0,0 @@ -ansible_pull__age_private_key: ENC[AES256_GCM,data:D5QKEPEMrbVQH8bWqFGASVn14AFt+oe3Texpld/K493gtc6v1gsIMukykXQanGlVN6uacv1g+MWg9KFhbMlINiNahIx6mnJbjIs=,iv:NorEEfNpzrPHWDRFmoY8+AcHDn/KmeXnSMa4Iykfs5c=,tag:IvP0COjaq82ZcgXPr9bA4Q==,type:str] -sops: - age: - - recipient: age1wnympe3x8ce8hk87cymmt6wvccs4aes5rhhs44hq0s529v5z4g5sfyphwx - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzZ1NvVVVsWTZ6L2VibWJN - RmJaL29rdE9JSnBScS9Ra0txMUNPMFFkUjJNCjN3MVNQVk5ObG1NSyt6RFVVd3FJ - ODZlTjFtRWRhajdXYXZUYkZETXRJZU0KLS0tIDJwNHNKVG5lS1ZPWlRIaE1ubFEy - TDhDbHlJTFFkSkh3cVRRblZ5WS9nYm8KSIxaGYZBlX+uAxMHt+pO6rgVb0fO+j9P - zgrFlUZPpxVGx7opsmGcdSLKwFciyzep7TI0FrNS8pXovjLQ5GNNPg== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-10-20T18:58:08Z" - mac: ENC[AES256_GCM,data:8to2Az5MbQ7KjshRpOwQZq/qclSAjmGvIM5n9ANudP/kCRsxu9r+Dq+XB1wczxG1qFdvgEaBpUNp/VKKCpFCo3OtcAfm40IVU6hySNa/NDmcGNz1LbpULgw3nKyX7YxLr5d88yAPDH9yPiXxEjQ9xkSY7iweeiT+dH05cca1aEQ=,iv:rYs+85IVSEMylG8mSfkFKSV4RktUTBWoQkxo3+PRBBw=,tag:tv/RoMVDMdU2DBx/xsQTaQ==,type:str] - pgp: - - created_at: "2025-10-20T18:57:52Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAxK/JaB2/SdtAQ/9FtgphjgMkrekylJTWUEK7v86QkuO8W/gEGTWBNAfyj+b - uT5aSZl8Bzrpkv9SWGZFlxXoXRYuVVLkOEnNE/f+A4NJic27WxlcGzUHQz/Z8bJb - rkrubWFJJuUL2EUlkUBzGj+pQ7mY3GZUjmfW7WCQ6RXp3Vs+Bw76UKCs+cGiXiHL - Gr/zWKf/XIzQDlUoPnHoullEzm8WDqexRVqZNTi/yTMHyP732zeigv6f9OxWzCjp - ODVl4nJQDJSrdVRCT6/H9drEsLfE17RnyCVVSBgukmve9hiEAkttUADTEMp1CGmf - Yb7uA24JSlvrPZg8eZklRhS9Dr8G4A7LIh4p6ilAuxp/Lo1eZB7lMZrTvlhjA7dr - F0mDWpbkV/LIT3wZFtS7Db3fXmDIuKF9VfTqc9tUQVRyiJUVwkboppmcYvqup8Bo - FbKRflsSxeXnotM1/Oo7GN0HrZCL3ma7ZBP1Fopcn/dreXptVUrYzUJrFtoDsf24 - XO6Sg1Gzpw46HIjE6lppQr1DTOuXLjs9VQbbTi+2x2+H+cmo/8qELMw4VDzecC36 - grxfFw9l6r0FKBGKBhopQeR3kQWnQA459+bMIofn0orcfg7fsuX6VOTuNX1hoac2 - AuLxWWfNEsowK0SuYEjEeJt2yjMnZITmNtWann+AhKgJKDmzKfosexbYTR5Jf8/S - UQFBfd7ah5Ga38BLX1ai5TIscccuqnk3zZZVVwrcc/WHuwPF1KpBa6kpxWKy8xrA - iFv/lj8FEzT2gQVvtXtjRIn2ZAi4LR7Kp2qukbXbaCwgCQ== - =Nxy+ - -----END PGP MESSAGE----- - fp: EF643F59E008414882232C78FFA8331EEB7D6B70 - - created_at: "2025-10-20T18:57:52Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA6EyPtWBEI+2AQ/+LzX+QBZ/LPm8TvLxI1ZT/mU24S6s3CwksVV3iYrzx+JK - uuOFO57c1J4mu1q9tehPV/VAHEYA++6svDnZWnztNL61IUq0ixalTCBMtvg+/Z5u - ZdEJkMLZOiVo/JQoroRjhh9LqyDi2pQ4k6mU5DcXJ1hXsoQ/wvlBXOqAlakMky8C - j4gqfK8XPCJ8LyNbXvlmPwUrrC+8P5pXbhKPoGIm6q94Y/wcC3VwdCQn+RgSuIWf - uhuFUV6mCS5yEmBpEeL+KiPq+uZOt5PLWf9MASUTT+RroDDlRwKhcR03fwRt7JTV - 3yW2OiixQtekYepHdMGo2n4nL76Cf92/wlhupAg3NMUoghhg9CkN5hzdUPBjUuVa - tIKBf8n7DCvjf9EH+JtuDBnhqNUUac+2fRXCI5i4xLwIckZVAXpNLoDIhxpjy+D1 - 9t1Fg0oX86H69vcD1xZGGOFFbC22ce3mZri3WtEMTxeYD/7K1McKBiZK3bRx054P - AkhFivKVOf6gKhiyttKAG9fPB2loRlU8b8tQvJ0O8IBaKwrWh9xgO29ykmpF3/dg - hjWK5k/DVIfMpR0ZRwxrMQ4kFAfThjvVDH3Czfs1JTLmwU+tsVJOKVmmO2DcgahI - 83zMFFajGw4LwztqFWlH7JoSpyZBiEBNCx9x7DbdCHnbXST3tef6Ct3GwXgKX83S - UQHSy9LQekeGBdsfa2AnDXNRETBcemV3WKeiPzBWc0IXlSVO58t8q9K8OTivkVkA - AScBR2Ddq1dezLZo/bLVyO0z8uSJGFQUXA19Kvpb0/PpjA== - =V3Bi - -----END PGP MESSAGE----- - fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC - - created_at: "2025-10-20T18:57:52Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAz5uSgHG2iMJAQ/+PJjifaZHBS1/YYjduFPQFQ/iU7BLq3cFmj967g8f2JDg - 3b/8M07JtMrkbMBSUfIXmKfHJRKan6239jESwhF6g3PjXcbQsiZV9mg1qU1TEloV - I1XrtkNUqkwckGt3T4fhEwQSCMYZtaiQQLKyUhNdrmg+hHr98LjNxRgrnsWXLFdQ - OnxDjDwXG4ngb4tDea+IDqEkDDSjWINmvLRhxU5cvDqwaJja9d6eXwh35M+NrU5m - XGCxHMQKMiDftIRW6mIxk6CWAGA4PCOJ533q3pdbA6+zRpbnSy/OW100FlpK1mkj - 3mCJZRTsik/DETu/utOUKP1RIgKTDrNQe9Dngj1bt1EZjnXm395ubrYoIVarDWJu - WvD4kDjonamnWIudk7F9mptkjcvFaWx1b5vSHjY9VjTrUx+muITZzBHhQy4qidXp - rr3Q3cfZ6qHp1sB+EnX8FiMSmsIt16wGCtgigleXkubcoiMcvHiQkgk0NUhg7EBk - UOwlcewRyfo9qgMz5PSuuO0zsIaJf7e4/DNeVwnTKQGwdKSfd2rVxJQ/8fm4zJdD - uoQW822AjN3woJW1EOx8Fo76oZq9uceAsFcOt+2KLi0mXaFlp+G20JnzDVwZwyFE - YovaKD/d022s8Ij3U3an0+JSy6wTYLI71VTwSL8o889FZxW7KMl4FW5Wkbao5VrS - UQEbGa1yCYaMRcAP2eZbkZpmo28SukHB/VdnHDpDZM6Ur/X2FPwCOHvPZbcFw2ma - Dk1Gbn0dTSqoCFwA4K2ss3PPdGi+eyWu2Z9Zy1ErRrHTwg== - =xdLl - -----END PGP MESSAGE----- - fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5 - - created_at: "2025-10-20T18:57:52Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAw5vwmoEJHQ1AQ/+PwWdBJXteHfl1dav4XpVxibvMJP6FlDunCdqnvNm40CL - hYjm94Ll0g70++B7pzhy39xco3vzmgY29Evyl7CWseZdAdoeRf4bYzZai6rUjg3w - ZXlq9x3cXhgiYOEE38mbHL8NJjgTiv12YNNG0FESiAYTyVf5n8/8q/Gl94XuiCkf - 3apMas5ce9N6hXCceD/3EoX+2mVcLB0tPxK6RqNJIxT61fdpQy9izJ8mmTbofjuc - jzhbMQ5L44A8MkRDG4zoUfCXs/IOV3tL432RAPfkkU9Q+GzlXk4ZuPXZMdVBnmJl - PlxLFeUWSML7tt+3cYRTzA5DQUrv5O/sCbOG7SpdFEuqgL50cztnig3aCqFWbsoI - tFuVf/cCIbwC6T4kW+/cDE6xYWFkB2+j1sJFhGlHqBmnHl8XHBcVQVew3KvthpBw - xZu10G8NjqKgQpCXP+aumcboLPWNj1RZ3kuO0De6iIRiWamkkKFE62WrsPKarEcz - jCPJl8XUlU7Td7egU/4JHKdH+GZAauewElTFgrhQGGkhwlcb/QrG8i2zPPMu4ufp - jwKvIdfc31tU2vvZ8qEWjnu6V8k3KjO+Vg2G9Nzn3ggeQhbWeGNphnqiyvs7+6tY - 3LboSbTYOhmKOxGpNFTWKh/OmJizPskhTPhQ7uXWLLig/YXnCdd+U6ArQRAyTsnS - UQFiq9sXtBZdVYDFAI3Q9HGZjgGwdQXB6cL3mKyCicAVkmbxeHpjSR8YcGZ1R2K0 - 2kph8Q1V6llwQnyz2EcqDMaWJNJNAgSlDKAxYaUhZeFvwA== - =GAJT - -----END PGP MESSAGE----- - fp: 87AB00D45D37C9E9167B5A5A333448678B60E505 - - created_at: "2025-10-20T18:57:52Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DerEtaFuTeewSAQdAJT2dnLY3x+H5e8BRQJ9+S326foc6x63bfE/NPXuai2gw - WhKINqOp4v7lEog9qmWjV6LpWB394MnJ7fd506SSJjmcgZmzbLlDYNyN+ZcVLNvc - 0lEB1+BFEjGOV7OwBy5nNrjUqVuSFfh7+6fpzeBke600jRQMjfx6guZf37LUA9gE - +mt/KYVTcWNFqnhGckke0w4a8Z6ep4Rf1QF8zABk6lPDSpg= - =skWm - -----END PGP MESSAGE----- - fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912 - - created_at: "2025-10-20T18:57:52Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAxjNhCKPP69fAQ/+K+uo/N2Wf/H8mAQLtK12w9Wwi8Qm86zTkFBV+w2pn7GJ - ZDkKx7ICrUnTwjfHIH+GWW4SzHF9N9eZWL8nbdd3GqbFd5Cmm7U3okxlNkTlQURc - L1ptCTWCLco2XwV6iw5qGpRW1q41AKlJF5WFkZa77H9kddRYYu0i0+uZJCkprdBQ - ZqtEcFcJ82UxWLhROJRMoDG57INoPtOrrdcFVo1Vzp9Mv1/igKuAifkPHf4GFd10 - VPxw9WKgByENke5s1e821NOjWY/MmL3HwqLzu6ndNDzd4A4XxIyUUb58sygUwl3J - Q/ImYpnNQHN72N9af8bVwdNFJlVUzugRRR5ubF/ccNtdpZOg42n5pd3tbITpe+pr - kkRZ1ipM7/BtkN2BoHPBZBwpyyRdSLbTaX9+6THk3i8ECVgoe5kOQ7JzRQ7OSyuS - paJbbjsr8jd36hPxYq3ggKT6DSdB+CzcLHQo2ncQ9gRS6rC6Lve7OXVYhjhEznvV - j3qDZVGkKFe3juyTsLRARVYDzUwoLTrguEtvCAkUsMy5jfy9P9uBkmin+DiDZM1n - LWYsEy7X+7kLhDUHuYIUr7LuT6hK31XnftvrPzOFKW46mSflF+zBP24oySBKkcw1 - W5PTUE4tHgg1h4f7kXZgR3gwEgWwimA3FZj5I7KsfwuijMO215MZdn6T07M+hLXS - UQGcb1n7QW3iCez+Kiz1zm48/N4ld3NBDBwQ9HUmaHLau/zfmlRH67Whd7clwAGL - Ry9+aVqNy/H8/kSJ8BvSikhdZQeqI1NFQKrm6xeMpadnJg== - =ACfG - -----END PGP MESSAGE----- - fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55 - - created_at: "2025-10-20T18:57:52Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA1Hthzn+T1OoAQ//e0Sn0WEOtOLDhZkWdJBp6Uy7/w4nSt72LCpP+gSzNLkr - 7WxsSa38eMLYpVKMfBsIut/qVSTMqKrKJG5fKs86Lx/ekrZEbK2qtGzhAlXPVLVG - wHO7vKnyZkUC1gSpTZCuPKxsF35hsA4djaxrh8BmyltQEPCBh2fqsP3xOHt+OyEa - TW2itW7hJzj2+oF0+84RWwpbAOhzb0Hyk40adHutEZL8jInx2Z+loXMp2c97R4kL - paxZls/DQIP4J9lnMd39HhQhoTe0jaI8f0x3FzFCkuiI1V4q/I24PUypgzJCsazB - wuXksAmaQuZBHqEhgDk9wgf1dtOQumoxFSFvD3ryfovS8bgfL7HNJ/Opi+S3J7p3 - prZhv+NhXD6i+FpcZzrnHzB9WIZBOBfTtKxeRIUuU5NjizZFQ2T/RuGnrnaCk3Za - JMrLMcxKfMTiPusBwMTzJGf+cSJGNxp39WXqcKCeYx1+L7GGNwfqhWxULevg13jB - voxRsZqat7MNTPLfvaKl8DprkYmGWW4wMIzDhJmgT7OOuzOrLqAmt4U6CJtnG5ae - G5MhtHpvl9pRBbfdQ3qkaDxeBKUY8X8gdxJlkUpmaJ6fxontO2tsV7xo0DvQRFeY - GHi7FOeghvss2zLiWeZxFLG7EmGrfD5foZ1DqQVUkcvx26Vk2gX4E9r9r7uau2jS - UQHxGDiSRhJnUZk9CoCMwwRgT5Yadag5ylYHSMKPBpQXOp63nylR/vjw9hwx/y1P - Ft8SGHrOOKZkWjlWUPAGZAke1jYRVKAdkw9+oy1eDpytRQ== - =KQMV - -----END PGP MESSAGE----- - fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD - - created_at: "2025-10-20T18:57:52Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA46L6MuPqfJqARAAmraxSuqAKqWBVVhssWxKl7F8DmQcm4PY5MYNIuyP8dMI - qUyV7HvBArK6C1H8QDnuYOSdGUp62RR3IL2GxVQ1EDFnJ4BFjy5LbahbJWeuLTQV - UeYFom9dNfZW7j6TP/CMrcydBFtLrtXL4zq8j9vIBHsQGvbTLXqag+am0UiOwmDA - mNApcM2eAetXNykbBmxm1citwmufo0sfvTozMQA5/MYiHL5c5JFgcxD+P7R7ynD0 - U9xWQNdFQO8xo+dSbyu0bKPG1lcGXenvxKKHjs+BjLTjyghOXDpMg0twWAlxvz/y - HhNlbxSa/13mRtGcj3Q5iLCPmikkbcL5ehadlSl32Hirvg8D3TngdHEZNRaWQacO - ppI9s6869EVtC389/q32E0knKI6qHJPrc8Hw543C4q4yQDfMFkBlRNg1+0x4oizl - KUGa/gGgKlA98a45m+fWadEOTjEZAKfdTDXaNCFgeDW5+grcKcsL3PxuCUo9cAmO - 46/tlqL/XaZtAD0YrKgAV6zC8mRb9Xr444ucer4t42cdKCLc9shrD/mpnCKcJkKP - LZcTJAQirQ9uaZSSAY7YhwnmkZSUDq6uLhWRHcTXTWD830E5usn4HqTLnmxGVLIa - 4574E3pD6U1eZ34GSp6aj2abeul+6giw47tpnZ6O1PowfZr7izxT9nus783dyl/S - UQF4SptWIcXtYvqj8uHCInr80bAFx0UcxR2mZMI5Uq4uKBBlGKdtLHfyfxfow3lm - x8fehZVtkB12Y4ipkbqkxYH1sUuDHB9Y3gm2s1/Y3HjPag== - =l8n0 - -----END PGP MESSAGE----- - fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A - - created_at: "2025-10-20T18:57:52Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DQrf1tCqiJxoSAQdAIIVQi9RufgWWixnU6SVnsH97GyNm+cGZsJoSu3tzBSkw - uBErsKxC8Dj+jI5Mac/Q+KQ+B9q1NHFJJsE7PJG2LSCe0SrN93hnfZR4ebkgSKUl - 0lEBWlbiYvvdPapOn4wF1cZyzk6QmXmCLBby78Yg8re0dqWY5NOtOE7sWFcAI1xM - TDAF9ywrxHHDtcMySC9MqumApLUPLCPgcutyZFVCeG0TuuM= - =o7+t - -----END PGP MESSAGE----- - fp: B71138A6A8964A3C3B8899857B4F70C356765BAB - - created_at: "2025-10-20T18:57:52Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DzAGzViGx4qcSAQdAeUS4LlzoSf1HNWkI4NxJTs0xCeUmpMzEhH65jiu6hEEw - /s4sPh/oADqaybe+dcoL4KcJl8mnpHBEDN/DSORV6Nc64IlmFZG7STQ/+ZhPwSwv - 0lEBiqJiBK5wZld3GiheneIPVp4ULEK3SwFfxD6Am9cSCIWc7QTZxpBRS7lm8727 - 99qQ2qmRGOl48w77HqTRtA+7lk99ORnFQZjOA5UGSM+XszA= - =eokJ - -----END PGP MESSAGE----- - fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD - - created_at: "2025-10-20T18:57:52Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA2pVdGTIrZI+AQ//cK9ViXUHIPk0b2fXQtVDYyugjIdBrQUoyBKYxTJbzYFm - CTmnnYIdvNCvD2VZtu1TL2b6ZVXrzSSMJO0lZJfKu9SE5/JTpXFbpr7V9bLSd3Fl - n4eDU/9rF0p9g/6ApSg8IbMsl4JUJmPgG2/A5tkVBr35iS4zeW6t1si6hzJy1blp - rtjrqXLtdmK9zhvLtCHazIiY2TIFqMCH+i4NLJDX/pNQ5eFudS6rnkphLajHXxIH - xDIHTOQVNf+pGyZvmVFiygtUzxviNI/QeEUbv1XdKqahIyYRHBKsuNTeOpeGKplT - Re1s7qhCgUSC29U36niySGHC/deQboniW9/3U1+m95DxMt0R3SdOXrax50jyS5s2 - 2AuG7QruNXHcEfxVXxkvmunnqaFPplwglionB4/pZjy4Z4QmqmxeFN3bNJyL6QI3 - rAs5j5abuYF+Uf/6k1XF3YwqeBbv+wT7rXvp0930BcElNFT3fgd3bXnIqgBgwsXU - u/VoHe53xF9cK6KoNYGf4rfIRntbRMTjWEP9Jti5eyf+58JwSm17GiP4QUF0zzUu - V53lCOFzPzJ/zHZlLElbL5n7i9WndqY/OOsOGaz8eRTRJJMOkoLLaGAPfGvOaKvr - 9pgUMvpcjQqhGSlVlT1smHxksWh4pLnlDRBj60b6EscNLrRD9FIosJn+JuqsbRbS - UQGhlimbbbaMc11g/BBEUHTeFDMg8gd2Ix/HfHc7yrnZaTb2YOgvbOJgXG6i+QUb - FHeaHynxAQCK12itmIqxu6uQjYgTcCCj3Bm19dT1FEWV1g== - =vCLV - -----END PGP MESSAGE----- - fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533 - unencrypted_suffix: _unencrypted - version: 3.11.0 diff --git a/inventories/chaosknoten/host_vars/netbox.sops.yaml b/inventories/chaosknoten/host_vars/netbox.sops.yaml deleted file mode 100644 index a9b5362..0000000 --- a/inventories/chaosknoten/host_vars/netbox.sops.yaml +++ /dev/null @@ -1,213 +0,0 @@ -netbox__db_password: ENC[AES256_GCM,data:4k0wmOe1c5AE298Juw5HMm5dttTKB1WsVxha4MwaIILpyIbJO0CfmzjYflfBTFPPGgVeuYdCobzchzqkP+8eAQ==,iv:25Cj2BLGJK9tMDr42AqV1IzJc5zG2dk1YH5vC0b1T3M=,tag:knyB+nALZwME8y7CAQ4BCg==,type:str] -secret__netbox_secret_key: ENC[AES256_GCM,data:zPzoFK5Sx7gJ31/Apwex9ffFU/GY+HxIfwrItCW68MM4kVvS33e+LY4cI0vbPYEUF10=,iv:SjpKxyxSAVo+p9vvE/YAQFCzAEudcZ1lwnJ6scxeQD4=,tag:oA+lBep610IfelGwdTohvw==,type:str] -secret__netbox_social_auth_keycloak_secret: ENC[AES256_GCM,data:HP753hmQ7ssbYSQRH0zcRC0vRN5bKptvMXo9jjzcuk4=,iv:GQUoojXLAJxqdB92kKLhavDaka0Rkkg2uocBLshdvTk=,tag:LVnL/JHMsAd5UmmpnUv7og==,type:str] -ansible_pull__age_private_key: ENC[AES256_GCM,data:KgD61z3hYRPSoCXmJgOMmHFqXtqoKHRPUT/+ayEImPsbpk+6B1hVscQbmsKJFWNsyQlCAV2MqYlIrP68pP9ckfURIaN8g5n9X+Y=,iv:eTjmF0e4/5NSnORZVtZKTaL4r1RBg1ZbHZueOrnMVlY=,tag:v1ndJchirNLPvg8mWA1otA==,type:str] -sops: - age: - - recipient: age1ss82zwqkj438re78355p886r89csqrrfmkfp8lrrf8v23nza492qza4ey3 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBIZUUrOW9jUXZDUE5oUk1o - ZWxNdkVwZDJVVlEwSGUvaFJxdlFEUFpIODNnCkxtaHhHby9CUGVzMC9LUjZySlUv - RjdveHNHWmFvelcvbmlCQUlyQWZ1QkkKLS0tIC9NbEE0L0lWcDJzR0o3UUgzR0JS - eGthSkl1OWwwTjFiVFlCUnNkTDRYMUUKYfdYzrGyBzlm86EUHyN14cgIPgomgzG2 - Zt8nCvmd7/0wxHJ1WhrDWkQvx2ZXC6BeD9oShCVe5RcHqbFQumn5+g== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-07-21T18:08:40Z" - mac: ENC[AES256_GCM,data:SvTSvRYd7ljYpQb72yRkQ+fDrDWRMQzFwTrI4RuLglBCzKNxu1g2JFAVFUSNRybWASCYhg0FqtHoC31HRHbs24g43fRFrXrvBB3sCwQ503y7A78/UfX55Bz3VBqYVJfh9w/Fm23Tak0ki1CQoAl53lz88eUHjCJjeyKtY81/PnI=,iv:y4C3RMWPsnTTgkscvfqVEzcgAg6L0QaKinzcBFLOfSg=,tag:kIcvmJXSNhpQDUHy+ZpPyQ==,type:str] - pgp: - - created_at: "2025-10-13T20:10:51Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAxK/JaB2/SdtAQ//RZgO+bBNMO0ZfNf4hzPSoZrjGEWaw6eg7/60QSltdMYt - pQuuecBYba1YsCWKOWQd95vFBGfZ04EBaEJuJhBKrwxxGl5Vurr2LJeTpfqpAR36 - rXwELGqVHr0HXyBwPzOPOzM21NlXnNMPrboVJR9+DryT0Jw1BbLXqs8PwO/vWH+G - p8cqRvAnPglQXV70tQHCZSN6rDV0pLZiKnW1PPE8goSVkwInuAsZE5Nw1+fX4HBF - 1j2gFxS9t8vFaz1nFTIZpI7ixvAvUiKtnTwforiNEuF3X7lAkyyHtmbxAYFB1OVB - ieC7X8OCZFYYSjMPxerHGiyiJ7GPO6rTMrcqOixeB5m4x+z63w9Ev3aLuWxcPKFX - tPNZ5t4lBO881KsPIm34cxKzUa11NKD+c4PQyMwXvZ55XeUq7SdO6wKTdGyCdjq8 - s7WegSpieAVtdlLrJIv9FENE4aFuBhQDXKaZtA8+WTC+DhcQZeras+WApcWa/ugU - iUsHE446qlHs+yn5t5ygAGNX7u0j/kZggRnF87BKBsPVTmaClcC/tQM2su5W8Xuh - ohlFAlgwdlPP2A4RBZXOAdAH3HJMHqxL3ZZvop6QAf6mRv5aioMdFttFFJY4V/SP - cgCxsXcsz8JZtNU1GB0MqeMY7NQnWkxVafJMF6Qg750Gdd7TpjLfm+7PMSOpwdDS - XgGxU8tDEkaZWE6IeUEwbXrGwdHQYutZuQpDmuld9kepTNbSdo36SYEgp8QGv1tK - cN7UxJhSNj72pyBvXU8apmjurajdGLCs5TM9qpCPcZJIRku14CCEedM9bNXCkQA= - =KfmX - -----END PGP MESSAGE----- - fp: EF643F59E008414882232C78FFA8331EEB7D6B70 - - created_at: "2025-10-13T20:10:51Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA6EyPtWBEI+2AQ/9F6hLD/F/9/gSWxWqQm7yxPrQBFNkfs8Z5IsUE9YyJy7x - 1Qqn2WjvjdMvzQRoNI9eqX5lXFOArXprIcV5i+DYNo/pkXXKHrEQgHtMamBsyTho - 2jSYC7RKns9P6pT3PJsSn11K/uzhmtAO4zrHJXvo83g5I3KPA7VmTIqAMUywebvB - et8jrRlxSj0eITZzCLGF8GcI2GQozLxsxbnBkMtzaEBAU5id1URlPL0ozJd4bcj0 - bKfKeT9ufcfq+9BEK+Y1n3amUK/ioSWrOzvLBVOba2MXC5VM1/u11DXjX3fymssM - IpEBdsFsQk5YwbyfdTw10LM/LavS7SqwM0/b1UzRgifDs5EZUEVHsK3uUgrNErcv - XGrSQUfq0zwvmGIOHANBwBDZ6tZx1AuOzpWQXTDME683F2HcauqDM1X4Rbp9QBZ8 - sFyJflTxbuJrR1OKE7Ro9SzsVhOj6Jdh5LnPJoUY209/Kspm2+6DKq4Y+y1Ibaq4 - VMviDt4WRF4yykjP3HvzW1hFpjbjjQpoevZHxWlD0VIssq/lX5YlPSrz8NmCeTPQ - UUi3zQrmbyp3bS9yX4rHKMxxfkqFrzLplQbyVmZ+Q2phCTT1UcR/pdaZhAu1QVOR - ueZNMba6YIi5mQhAklL7PfZmBTbmV1lsHbI1ZpHzqLxDRcWCirnOGf2PUj33JXTS - XgGO0fiU6lVXiTXCvwaX2WV0aP6expw3cKQDVK4RSc3ngtrT6j44mxM+odkjY4bx - /YZyNmaQcWIWod/p1sQTZ64ZtN2cOYn+jEwYSUjOgixMBSrAwym+JozjFhrs3WI= - =5XOk - -----END PGP MESSAGE----- - fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC - - created_at: "2025-10-13T20:10:51Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAz5uSgHG2iMJAQ//SucuDD2gHz2PWvMZ8dT2Iid8442i99ZF8Ud3Us4z207z - BpZmo7bLiqqUs9OvMKszSijPpIRavpPcrpy2utuTLl0MiTITBkwRm7a/d1p6GBiz - jDoqMuXpYtWlcELBUNlJncjd9FG2r9q7nOf8cQNkMJnKklkqr8Bb7vpkiHI5OihC - DiOIdA3nz+0wapjoxxyM8Pdr6AUzUEuU9kz4Q3TYlDtbRo7HRViUj4V6bADQJsbn - 71qzQ2C6eqmEHrkj6B1MTjjqf7XXYBx8vbdopoB+tqYc4EqJ2Hzd6fUbyNo1Cnpi - ndXds30JayJkRy3h/qw+so9Zmoqq8vS7X5ZAVD0lHT0UDVTLMwA7JVlzOZ1UOQo2 - hW80AhwJIXkC5EMG/uF9HWlLTxM73CbGrFC5gk1YNKto5/waZ72QbsHAUqagCcPe - Z9BwlCISDz72QANuLGkpcoznBRMw52Xa+R+uoPDv9f+UjOZyQxMkH+uaxutKnfuO - HpYRf0FGSqpDs1Bz+G6obPZ2vQhkjK3C24BivJvVm5fyLv6GYZtQZr2JpgkjU7h5 - lzDXJ1wB7UueY8YjqB04FWSfaWW4S31PpWGdBIEN57sHbhlsxj3DpOZimjyjvJ8Y - uavqVNJpaZWAQQAJkL9SF3rFBGdawuslPc7RsjRQ5sWxm1+HJiuAsAnLCsiFcjbS - XgH6bvd6helroHo/RLMsgtilpkWmJUfMC7uoiHplkwY1GQdV0MwCuGTpiccE+FVt - xwPrZyfeY2LITjRZa0oo6un+42ZNvVeJauEOR8VFv+G4R3gT32KuYbUtU2sUCho= - =X11W - -----END PGP MESSAGE----- - fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5 - - created_at: "2025-10-13T20:10:51Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAw5vwmoEJHQ1AQ//foFjUY/5G1Pxh1JnzfChYC1QsJYNWNWz6kANfXFcxQ8i - nMFfPBePJoxD9g+A5y0Q5r5ypTmhNIzSdJAeRFGl2I9Vv4eDLnzjnCn2NxMZbS7h - CcNx5bZeX679gi88I4xb2jdlAGr0UyirVvgCX6LkmbOuMXfftuPIqxJQFg3CKz/h - Msoeex2XDNyW4pwf3/mbhLyd4f7kVBNYQTMKlTiz9OSUVnmuwXOVidNGB+PI6zvB - IdGjZSZCu6NtTzFsx5lqCkRs9LQtSW3QZYqlMVt+hq8cd3DRKpzGO51ZNr+pgyga - vtLiO5Rj3198FB/qC1+vn/fromqryBU7EJ/Bu8a3n0aJgIRHWg2JkkoUtFwDtg39 - JIN8r0/KOj7VwkgoiBPCMhQGumgOPIkvlQEcRWlpw4lQGxee2rHCy384zWNvOugY - Y9UsoqHAUFBbfxJt8xwSwJ5EtXk8lNNHARMM4I0pCLTHQbmXILRk0VJ4Ycdi0LGH - 8QBywXUIOvloeqKe091stfmfv9BY95Aap3ByG+KMy0sfcOpp6ECXGNfV6T4txl/v - /HyUjdrOH5vN9zOBe0/Y2+Bu8lS95CGx6SuArK4Kn9We48gdVKJlPxJwHzwRwz4E - jMBcepDLmhNyJAlLS3lLEkh2kPjXdXjWzgYNi3RIDZ7wCgqPq34WzrHwjXvR0VPS - XgFiHx3g8CiWQLSXCmcOUgpQq3AzCipXNhGcv843GRvkK2MORk2wVMgKsIVXUpw3 - rVU3we7VrmgSxq+NvbHoNxWCdBCQQ+do/3gtBaeTuT55O2Sq9F8ilwPC+dj5+IU= - =ld+h - -----END PGP MESSAGE----- - fp: 87AB00D45D37C9E9167B5A5A333448678B60E505 - - created_at: "2025-10-13T20:10:51Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DerEtaFuTeewSAQdAMPFQYlbeRj/MpVx7JfDp75l/NOiUN71OspQ7YL9iey0w - CqwiSo+D/xRQamcxSHX6CK3fPTj2sneLztFo0i8RlQ1ElMm9BL4UpWXh3Y8X+6np - 0l4B/NWek19NSsnockklHuZcrwRzbnutW3xtDKuLUUSMCuZ9mKD/RRe2lHyqcGdG - TNRW2buI+jpGQNXDu5KbPicJP5LfSqMofWk5mRkmhpDy+va/0UAGnnaCulAQ8eNy - =0rax - -----END PGP MESSAGE----- - fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912 - - created_at: "2025-10-13T20:10:51Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAxjNhCKPP69fARAAnDRIiGY9lMbRJNEvz1hRl7KdwtWn/FEei8Qh2OK5UAnh - 499nEOYjJI/fmWYhF589nR/YiZjTUaXHcYoJ6NgxHdxi6abwWypyNp2qcrYmL2jn - NnZgZEZdV4nr7TMnNnxF7e9Yz5um4FSjZz5jbXuQm2/wJirEzHmd6ImiN49+fbLE - CrwVxi04IrjAahggVHmcWtnavXvLjmUVd7d4s58TlUms3q9KFj6+xSFOjAOYFZy3 - Pkk/tGPV39aKQNZgx30KID2yGcyQT3r1KahQt6nG8dHaRNihnFlgP95goXG1j4JH - NbrWv0siKdrYZ70xBCMrRBWGStFDIsGAnts7r0dMK21yrNsSpHaZW/blLUmKN/Zm - MwiD4GFQUH7ierhpCt66xWyDeCZ8hzZ02Pu05EXStwi2RFtCXFC50m2zvkP3IKuP - 9B9kJu2zpP8UfOkHMwdf2xsZQdqY73qXuyDewRt7Pe0gwlHjknpQiO64dvuSkX42 - ZQJA5stvYsM0t6lmvO8oRsvztOeOWjET3aHDGDjN6/CwmpBwd4qT8xZsW/QZYPAo - uZl3rHJGi8ury+RSgRKk27safwgaRak8B1YBEJqgDxx5i2Zh1tYKSnMtWdomKmFM - qFXCHqQcqDbFWCpDtpFRxBUKd2evcBVtZ36zPPpJPk10i6KH8OrQlpw9akstylTS - XgFEk3dzaxW+wnvpF+swu//RNNiWxi3oxLFERyHF44nb2MOWN92nfmkh88sLPUVm - 9OVrBfzvxDDECSLvHzAcB/Cyi17VHCP0PHJ1qMuqpSNeMifZNPS0m/21l0HO4d4= - =UBLi - -----END PGP MESSAGE----- - fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55 - - created_at: "2025-10-13T20:10:51Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA1Hthzn+T1OoAQ//d5tVcTB+gGOQ/XoghkTLtrK/jcze4yPGsPlQC3IBbvqc - CXDjIAnMj1vASB6znJXn0M9WmdUA4HmNl13vhJS0JF5X2pjhhsn8UIO36L2uLDAD - o3FgNoDRJYe7ubhMPVZbBbCDwasRgnR0LzD8efYD0anBE3kpReHPVf5yP82mJjKs - SG2c+QRI3ZOwFPHVGzRnqszqpb90uIhQAwy8Ta7MK08Jao9KVQbSe0YMam0s4GGZ - 8F87rn1LV/oLW/uDP0DP4TSdDOP/ZnujM/iQcb0WNmOywrUxlySVGrtzTBwX65Iq - Czz1HbfUPUU58xwmf7TTfEUahdIeSseMrrR/hTIWneP0mlF2YpOtS8OhI4/xqpL7 - D3sCRpCBgSl8dCJLQD3GyP7DTHI1Hm1TZIjwTIKf++IvMFKS2mYmVnVHevW1xO/T - s03VRDIs2qsUqmF8hp60linbKKtZ9+dIYPa8q9SZn36ogoX3kQ0G69TGnpGMCTfC - Xbq6nT2PemYUx4ASvUCR0TeAUApGFJOZkexx8pxd11puXlCOBteq4C9kZioC8ACK - BRZrCJ2Zdw4yqW1tY+2Qbru4RGk1F0MRAyAy1U2v/tM1uLrNnDW7rOSzJOTvM23t - KQSb+TCQ2/WCve8EkHYMW5M/UbAee6aZzUs40KHHwiiFiCdoPOIbk8zv5qBBHFDS - XgHmk0spm/mTYFGyIVAszDgX5m8vfj4eFFtUnil2aJ4qBurQ1e3anp+k+okoDFzf - 9txYitRzrfYV3HA9XRp2MpvxLCi73RoNp3ssyIldnJix/OmFFZLy28o3e1b2XOg= - =K5wp - -----END PGP MESSAGE----- - fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD - - created_at: "2025-10-13T20:10:51Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA46L6MuPqfJqAQ//bgJFcgiF3gfShw4zUmTQoiUQsTnidPchdNkgU2bSeTBr - 8VWX26kJGkYDUoPMwRK5jPQgehDeuJQMXqkkDVC4NbLVBsHzQX+cjHvm8uZAqqq0 - aXNrEqmiVNdpMxiETLCb+Ufu2Vc5oF4YyHWWke+090iMg8zOGhN0720uSYjXrc6w - GUx/FbaHPaHqG9D0FRImkzz7NacsazHWOiu2MaTX/Gcfnx7QRsgZmusZZblmpvcE - VuLi52RTgIJ1n3MHspywMqM3PgHi2zZ55kPAHCbgpzv3YIl6rKBN/Gf/5Df7cvVf - Duh7Sj65SV/1IFXsF2V4fp9nPAfooLIUW4w9oi1F4zQ74vYbZB4r4aQ820pTb9ZO - Dpct3ogTwk7vqrvXJ+hLkoJ/H1CYO6lnZ/T96y743DtXSZg+GbQf0CJ7ptsmsYnF - pHWxG0J0wudThtr2/NPYlEkip39pjWXPwi7Pjhp9BQqfY1G57MUV9AncTOc1QUDB - qFllE4PFS594quaAIlr4hk/+bnDM6peyRc3yDqFUWwY1n/znQSxc7S3VMUEVh5zy - 0+EuvMLNG8RfUCCyXqi7DLe6EpCXJL2nl50e5oAD+KjKXjcAUPRTGT3tSq4xSctB - 1hGrkTMO2+e3OoXToRGzGqPWTrjHIZlppIt+LXWKcvyjmvNGpH9XIWaxdKHBJSPS - XgHTKw1srs4n+gpblT68cedpz7eC7+MsnkEJIAaOf5+4x2d97Ualb2RYmgWmjuCv - 3TAKmmmU9QrdiPUXEM4OfnucbPX8hDZuq45AFP/wAGLVn482TW7kzGXpJoWzJSs= - =qxx3 - -----END PGP MESSAGE----- - fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A - - created_at: "2025-10-13T20:10:51Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DQrf1tCqiJxoSAQdAF6ipxbyfHFiQdfLBZS+MG4OqjwSK7DuaoeajSKAG0V0w - FDR1EWxsLF4XO8yKTjK0J+iQeJTiAaBxACpdB50H1XAsvSSZNSTF0yxa4VT1t4OG - 0l4BgosZR77tSvEyxwA4JCq+PdLraCh6TEHP5jNCTDfjGRSKMQel0mDxxC3+wk6Y - 09UP3kq9OLSzy3TJ68/Dzdalt7DLmUDymdw4Ge8RKMLOHWIkCXqjUr7Pj1aRi4+t - =ItUL - -----END PGP MESSAGE----- - fp: B71138A6A8964A3C3B8899857B4F70C356765BAB - - created_at: "2025-10-13T20:10:51Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DzAGzViGx4qcSAQdAkadkEUquIY01vNygyOa2ScTMkvQ8tNWVrFrWoenNJGMw - fszAyJblP70NGlNEX0zorSMxGbyMhYyHqTO9qM0+1+Tc6yJ5mqMUgt9kdvKJEGX1 - 0lgB0eihxUD8Jl9lxuD7dEX4i2AUppoTzVB68Y1ibeIzmjABoNuZQ9kpAAQS9UsL - WF4T78p/mA75XSJPyp8lQNB5+hjWd5OM8bCZ4fG1ld+dtXhZ0C0WvIvB - =DkSc - -----END PGP MESSAGE----- - fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD - - created_at: "2025-10-13T20:10:51Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA2pVdGTIrZI+AQ//XGse9ZddCZYBfTyrIJ5PUZUv/pA58PiRPDDz4P9zUeC8 - nUqNRCAHUJGKEEzHaC+PNmd+bD6uJshZnVVCBn40iwFRmU9j59evzXmr/AtfmshN - ujzTUVsweyxiCtG+h9fwjshmIXpkyyyF8MmE8b/45FlGjK6Pt33IYjthdl+NL4oF - +sOGQ1e1K7q57tNXxW3Bww9aXnDiysCmLJhEDsAkHExedHX8bZw989mV3IxHnNDz - F4hkdNquZczjvlKiXzO7XJmiGYXjCyw9umpQoL5jIyqklZKIu9XW6DMc4FDKkDMJ - zr5HmYawg2W8NxHJLL81Led0/zSQKC2t6pKcjDcrcAr0qtyzEbrbMhOjkDW0TtbP - SizD6mLpB7Al3+p9dy7UlzqojD9W0luZooXASb6mlo13rpPhyBVK+Z/Cw6bIJdpJ - DuzprJSO6Iesgabbkx4PK/dh/Q0qlTH18FNoyGKzqph72HeQXIRB91bbp8WuRYDf - a2diW/mVSDEfIAG1Of6/zqSJiHqoIk1A7nR7UkrVZhjadDkdqzKIjTiqP/oHnykF - g9RR/7AGVfGS+m1ggOijl6d2jh7P3qyNBKN3GA3mCwwXWUy8+MVT6iOFaBKPmvH7 - ZxC/B9cwYexm45TV4IdqQhtvAH/CbbYUoDOwAmR8hKjvC3o7Dqf7goRlYGLzDGjS - XgGZUdpsfDr6XnbPqUQxD8/NQNTUtHnsyypqm6Lz+6mU5NrmUs8YjO6ZlTNyE4Lm - BGoiEi7tIxEA25rfTmhdTG3R0GZEwhYp/HDjtlXQZK2KjYMOORfkqw7f1vnY2vo= - =Ypup - -----END PGP MESSAGE----- - fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533 - unencrypted_suffix: _unencrypted - version: 3.10.2 diff --git a/inventories/chaosknoten/host_vars/netbox.yaml b/inventories/chaosknoten/host_vars/netbox.yaml index 4726885..2304112 100644 --- a/inventories/chaosknoten/host_vars/netbox.yaml +++ b/inventories/chaosknoten/host_vars/netbox.yaml @@ -1,4 +1,5 @@ netbox__version: "v4.1.7" +netbox__db_password: "{{ lookup('community.general.passwordstore', 'noc/vm-secrets/chaosknoten/netbox/DATABASE_PASSWORD', create=false, missing='error') }}" netbox__config: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/netbox/netbox/configuration.py.j2') }}" netbox__custom_pipeline_oidc_group_and_role_mapping: true diff --git a/inventories/chaosknoten/host_vars/ntfy.sops.yaml b/inventories/chaosknoten/host_vars/ntfy.sops.yaml deleted file mode 100644 index e860cca..0000000 --- a/inventories/chaosknoten/host_vars/ntfy.sops.yaml +++ /dev/null @@ -1,218 +0,0 @@ -secret__loki_chaos: ENC[AES256_GCM,data:LWFTOyER+m021ogmXYBrcr/2fUe3XuZhs5ho0KbM,iv:808LWnSUAPeclhsIgOyR6SutTvJGOu7mrGaVayo7v8M=,tag:f2WCPyUESfMiGDQ4Km5Dyw==,type:str] -secret__metrics_chaos: ENC[AES256_GCM,data:lAepzCI4pwkF8KiGYzGnC4dPASdHDn+LfbJTFSvt,iv:EUW+CGeYUqhY4G1kb2bbU16j9iLwABHfRCdn2vac5gY=,tag:IcyscB9lZuZgC04XTxDb5w==,type:str] -secret__ntfy_web_push_private_key: ENC[AES256_GCM,data:YqNEYa1Ln3NFpNoIuBUN1V/WRzod5HAtYueBJYHOwyM59cCaYhQR1S9aQg==,iv:t8bEs5ZAEe6pqbbOb0mpJdfgruX1P9Jd+sbNurGqkng=,tag:Cdy5HKkvb55V6AeRt+MVHg==,type:str] -ntfy: - user: - admin: ENC[AES256_GCM,data:kwGLrQXBiqKRoHkStGzYiC0fbcGgQHdZrrk9NyZtcZcI4nrKTGx1sxrHOMI=,iv:ACrBFMOP6rkfshOgB+a32TFWH1OKhQaoHcYgwHx+tao=,tag:2QTWmH/vAzIWAjaOHOkrXg==,type:str] - uwrite: ENC[AES256_GCM,data:Jijz+zCPpzSaIEo0xhicKlMhWSewJNJ9GXJGYuohq1E=,iv:gnjEX3N0txcBIkJm5bOs4JfKVsdi5URgoMAmquCMqKQ=,tag:Fip0hA52NeaMODb9XxjInQ==,type:str] - uread: ENC[AES256_GCM,data:ZODLyYx15c/rPzKexoLURwA=,iv:WqUrXexY/RBAseUwiLPBVYpA5zqJeYBW8mmcvPvjtyI=,tag:SjB4OaTgIaVKHDe4JjDN3Q==,type:str] -ansible_pull__age_private_key: ENC[AES256_GCM,data:zdb3BMrvrCBJpzAbIFYfeDY8jFB5UyOHO3LFcW7oP1jQ9lHNcz+KrIBdorEiLmrpup3qCCB4YGhrmsPC0lFxtTzvalHYiNyZbYQ=,iv:OeaB1/fvm+nePi0kooWlYnoELmZgftDJyYaV1e8w//k=,tag:XOqH+lUHroCVDnxO6p7iJg==,type:str] -sops: - age: - - recipient: age1dkecypmfuj0tcm2cz8vnvq5drpu2ddhgnfkzxvscs7m4e79gpseqyhr9pg - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSMjNibWJDNDVGbmFObWQ2 - Sm5zZ3hkdllGVjRHSGk0MU5XbWU2L2ppZ0dZCnNMRHRHUFpPdlhyZmZ1RGZaL3RO - MU9BcW04VHE1T0RCSlpKTm9YTU53VzAKLS0tIHNHYmVPTy9SdTkwZmJ3b2RhcG9a - bUhGdEFwOEVxUzVZdERReVF6cmcxeDgKDlO+jacsYgWXqjoxAIKJiB8mCHZ8U7TM - sGD3oaCi9x6Uvse7hq0BaUe/LaJt2tDaqve9nm3n06V93HNcR9/cdw== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-10-20T19:01:39Z" - mac: ENC[AES256_GCM,data:a87jRAGBIypZfYCILYCOM+H8KCVUBgb2/1sG05wDbPmLe9IfDT6rzlljbRFOUozq9xsqxpFLsPQx1wPVDi1lhaRT+5oE/NDgVH8aQCofA96DQd3SeB8fWn3LhYjOpmo9ZsFSemvGcXYk/SjVvoU9aN8KG4DHYCOOseGIBTa/a2Y=,iv:5Atem3ACdfdCPUp184cAf/EI9BEXQ1i719l+sIlOnUY=,tag:LWQCxrsZ3660UCcOjY4gMQ==,type:str] - pgp: - - created_at: "2025-10-20T19:03:04Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAxK/JaB2/SdtAQ//SwpVlClYGns3aG6XVAtsyLIIOrHAaPgNVy5F/JrFhTAp - sG5acnkNeNKzvenHV8HZNnhYF3SITBnRH+D+PSFArdFuxLJGfhhR74CXKQIwjHLU - qYAyBPVHEGXSlBg3k+5qCgp2GsoLCr8qeB+TFjSB7u3Ujc7JCvlTLtzbMOWz8+M7 - Wu/NxA8NvMjy6pE4F6OzDOIyD9BpE6jPW20kSBfsFsGicUA967W8ZRhy7jvTTYlW - wkcKA5IULqo+DbOBwbXFXWcrwKBQBX+7m08ul+8/2plSavh1gevdX5Gqkhnp10zo - 0O/YfIS9umbHOnXA+TJ3xDKxGg0BKKdL0GrzaIsG5UUNmHwf3HhlFYYcQnaOIt3W - y56IdFkiBuVo01FggUOlx97k6M94xrKbPvocWNcs3BW4oJl9329OHo9AJHlhzzeq - gzl1Ft+vtLDghzt29feljG3zWVD/U7uOStPWFdU5QDs+7CfQ6Ahnsux1D1zb1qNv - nT5FHRv9L8HjRuthI5+Z/rmixiM0xPRWHYwkpHKP9Tml6xj1HaEUf3SSS1LjAfzg - tMCa0H6EqAPrkZtLMCzItbqTIBvzWnAmdanE4h+kLzn9aj1kqPGzzt50bFbxZ9pd - FTaupAGlIkbS0U6jiwTdyfFSnm9Rjmp0L28J16rSk6n/uTruwbkJfF5sCDvJInzS - XgERl0iwzoa53nG5thQ0L8fWT8oIxXl9hmenVpZolweKZSFJw0rgtzXcY7WL7uII - QsuVJeHoacJLnG/g68rIq/AGstdIJjYHqD3We2rZ+9fzu/DTR/JInIxYHeMwfkQ= - =kdsd - -----END PGP MESSAGE----- - fp: EF643F59E008414882232C78FFA8331EEB7D6B70 - - created_at: "2025-10-20T19:03:04Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA6EyPtWBEI+2AQ/+Jwnnh4eeV1u90tsWsb0R80M9arke5wQLqm9y96U5U70w - vI944olkc+6uTctfyfLHgiTbLyIwYSCRvYxfQc6ULl6ZNcQXwVROV3qo3HzsjPE8 - jXIAMECVb9G1TYQOEnUq++Bn1ziABONWcEK6Ysh7td5GjjlS/72CtjUvawY53Xhi - 8XFbAolBUDpiwdwKtTZcloajNz2No7Xze40BFb8A/RJrdBUxmB7et6CMoXKqfnvN - ipksQRwcadezvq+mVHiKwkAwaplUQu9m8xLbntpq2sYy6LTkyud8xnvQ4uf3RfSd - CaDalyyRI9FL0SOGURcHoLvLbFM2ug6nN5jZa3V7aLRzFcj6SP2lh7/AW3U6mdOy - XL2ULG4cYFLPrz11FQb3cabq591XEdi1GLzdXuewRRX/neytGBYgcUXY5+Fh3iRR - yVXp//mMfIM6sZarV/pRjFY3+ks4liWhThak81Ma/PQ6u0lsblGNKPFtDaMdgcsI - i/h4P/VXDwp+kb2Lx7ige12T9wQUeR/mvxqz2xVhPxypI7Q4iac2cz5xLMeFpf/g - 18uTWarTTYZYN5M54ecl1oc7BkZC0LaTymud1BR0oZVu+1/l129PamFlx2dvI/1U - DehrtduYeufopLT6z7l00/N9kS+73DF7Ynuo9lXN+eVZCcjYHxaZDU4SRne839jS - XgHoc4bH4a9z5qExI2TjuzDWvouCmuf1JvhG09baUgpP/DqHQtEHJ2diPulhNB4U - eWSSGAUhNy3/fTX6P6tBOVe6kD+qdWpTaRXEX2E9CFKBwTljFta9CdKYZ6RKS3g= - =itLQ - -----END PGP MESSAGE----- - fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC - - created_at: "2025-10-20T19:03:04Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAz5uSgHG2iMJAQ/+OJ8C7E/T7Y+55zjUCdo8UpPwSbB6MvhRWQQnn9pWkL57 - aVa7uLMsgqkgJhbJxqp3fABKb8eBF23feJYdjKhDbCDKfV82tzIh17XYbPa5A81c - m4s03DBIptmFAbnH5MscTNEW8Yaysx3dYuHaHDuM82q9tS7ruzVMkSQe4ZsP9zhH - p3FkQthrLj+TICI39lhN83ytDt9cDCR/z4mH7cY61AOCZ7WjNXLHuU7ESwnoFiV2 - R7SDmtnjS+NndcsK5PBcAwGvcjIbAF3JiaQYAtrNJAvcmGN55GsgHcUprKn9reIX - fRh6dWlK1EhIKyxuLojRnx2sJ8BQeB8+bg/JfW4iqhhlXbUAv7nWFgJeIvjc6urb - xsjCHleMVy23c34gy713mAFEC/2XuMd+85tWEaWO1S2smbpvrP/OkECsx2PW+Zus - TMSRRyDmRSKZenyMdIJU7mBxaJ9dwsJ0b2qImfiNC5EBlj/CF4R75kmxrDdSPEvP - YJ/1XWYZFlhQ7CtoSn1YA4uJYgtUMXJgHF7HEjDzblFys+NSxwZHgPT32v88zg/N - A9JMyhiY/faLpDZ0KIHKs+hD5umF9Gir6a25L76ACGlBRk6Ib/FjFDUOVfhU8yPF - Q6fmCyUWBQzUMxx5gw3GRvuzHSKloZ4v9iVS7lTtP+rDwsz193ZA/qek+fas0yDS - XgG02CtGuKDCNdtXUJoqLuoBcWURnn77o1gkTdqqK1HOqbgH8MHhLRHXinvTmQC4 - 7NC7rhp5/O0TTcglHhp9uUVv85ANGZXqk2g5joB34pRYTxe6yAUMquycKIJP6FE= - =I1xQ - -----END PGP MESSAGE----- - fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5 - - created_at: "2025-10-20T19:03:04Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAw5vwmoEJHQ1AQ//Q72yKgMp8HTvhXxnVs6/jy/64oeWLamhUbUUFfusvGRv - ZZ0ZlInH9pCn/qoCQOMyxSGbfp/fcj0j8BKOI6f/AOOAxAh6KKiPsasaY1LhqhOy - TfBM81aUis/0TEed7S4JTKsLlkP24lZnLm4uVHPoZgWkfikW7kPjY2wMVdrc9lTL - iqbddmOJhue5HGGAcgWUtXtqLYsYOk78viDn+a9xXcYT7pHnPIrdOhFKI9uOTwoP - CjUapguMzniqsVZjWVshq1hms2XlOaTA557IeE/EF6338h1frA+ZE4mwt/6hZmW3 - z8L8Y9Y0m9qDr8KsnlygYLFQOYyCLVfnn3m5GnUn6p9A7S+S6pkPRi9an4cDHk8O - fWO1w8V4msbveno0YzAguysWQ2kk1PHHbPlwhZdOPM3k8tuIHslvucLWoYEv5jeo - k+M6QuDvcR8P91CW1Uhpfw/OpDMzaF5TNyLEXvIfI6BUwS0C39SY0kHKcPppdvnG - 09AfdJrf895viORcssU+VBrxtX75Toj561ENE1mAns5IOk30vuB+no+MCu8oAwEy - rUzJX/bwl4wcDQ3pXAjz+dweL0aiyaFtvJAcv3FOOVinvn9W+yUaCPSAwysVU/YR - By3qOMqcNBcvBHCElzd1P9EiRQhrv/sxKOXO77u/jW8SvjCYkitkRJIDDxMR7/zS - XgFdGisfXHBHTeF97mUH1m8tFX29RDImF+4fFWoKs2fy+aRccmeTW/8gbcOYd37l - Aum9uCHzFhrn4zAED3Fvg2lM6xuRCzgV3/uwbSUvRhkxihLZNq7RSOFoHtM06kM= - =LIQ7 - -----END PGP MESSAGE----- - fp: 87AB00D45D37C9E9167B5A5A333448678B60E505 - - created_at: "2025-10-20T19:03:04Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DerEtaFuTeewSAQdA3h6kExo61dH6kzd/MEACy9ObjPq7Pd/5uOHAP5iqxV0w - rFjatsAuot3hYdCt0tAXcO1lmS7VEpyw7oPQC26FYigOymsG3TRJR0VNcael6xvi - 0l4BIRwRuSyXhy2A/67MWMK4WvfOHufBZg+8qvlhIFoa969ik0LWkaRNokOaiLr0 - e3SbOipBlJFyzbtMNHVnmNuFLEmYWdXTC7nw9roE/h7H1ngtFKSXFweJRWbX2JvJ - =hYiQ - -----END PGP MESSAGE----- - fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912 - - created_at: "2025-10-20T19:03:04Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAxjNhCKPP69fARAAoX8Q+2hBLXwiOKmAyH4h2//VYwZeXNnsd5pI2Re79gsc - kZEEyiL5MuzcPvT8SdatXbJu+ISjAz6HJpzWp4CgdUajV8rxOBbjRPtX/COcoUdB - UO8cDkx+drOG2Uq1Pi030lz+uFwTEVAM1CUjLTjjBSs1g+Ira6Z32vGWnU2nmPk7 - 7VqNl/AvOlreVpe8LS26HcmwKjoyfabY1AZN7eX8Mz/p/FOg2eotJ02fESNlLkN0 - Fm1oc7RbGTP7kON0ZLPHrh/B25JA/28aV+DO8qB1BC6Q1RQzozU9xIdVBEoZb11d - +vs26uIvG+CwQ42KxMnLDPR6DGRDIBaWl/m3vhWAJ0MUmn3ZJZOOwtzwc+HjrdDE - cwlyrCwVYaMNPkUzk6nJl3tLGtoBFXkvQlqR6wJ6Gpn3W+u5XeWgkFXFBhqdjylb - YTg40kXc97u0KEU2MPref9fJQkfdviIh013+RzXC9Ts4sQ7nsdFeUyPf2ZZiu2jh - qNnf9SRNXLMdeAPmGvR7R0ng7y8TNw2dOAeODFtg9uRYZukFBxDoN49jGmnSR0Ci - 649AjpmltKqWkvw9sPJt9CpBP+OzUakTX9/NWIkKn7nZHiCGNxApW0CuU7UiYrau - qCwmbgFDqidpBbYs9zTTSkJbTCrVAfQjCMXRCJ7MptFTA+PG6dFcL52li7sqTRTS - XgGl4ksdewaA9g4XlRF5pbcmVSquBh9b3HiIhSoZlz7XreFFX8QObEnYdt7EzqaR - +ZO+1vJnkEovMSiqGECDF+gZLaaVwWu9xY67Eot4c0RVCtueIA3ykCOrtukEuq0= - =ANgm - -----END PGP MESSAGE----- - fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55 - - created_at: "2025-10-20T19:03:04Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA1Hthzn+T1OoAQ/9H+qP3QpG5Cb4KoDJk7RLE9OsasPhXxlyASt1OY2wJ5FD - Xkj4yPw71jy9qN7iNDGLpTw3FBYsW6rY4v/7cagJvn2qZWq2KYk8tVcolIPAEtdT - lXKH9IpcQENU+W2BnbD6944hINOOamNSmXOcpZUadMLi98kTyaxbEuxiBdEL/79j - hquJykWQFgatRQezzLFHi8+Dro47uYonLi+9iPzX9tC4vcCal9q/hJ6w6kLR2N4+ - Y6CfUdzxKxa4KIlLZ4NfBOuyFLLv1jGYVc6lwEPcRI3StTFwLkjOKKQ3baRheuHT - SJ6GQ33Bhw59BNJ59/x7gCKUc0yPZJnuHfrrf8j6LC8vVCN2x3eraAKsDUwKDUOP - 2aTZ0PNn8quIeUzOJlic0Gtmhumwt8hu3urHq7TNJ+4mJx23iYLRxCpleLTMWZ/z - NaKKxkSRHjoeOATa3YY2thk6e8mHKpoINUVua3xJ3U8ntfmVIPUf6MDztYzoy3zJ - b2pFvTlDHHyNm6Ky+XC222C/k2yC/b2wCS29PaM/ZMNl2tHT1SywM6LoQiJb8dIG - LWaqBbQxizUgopbhHjT6JfQ55l89xDaCf958pcG5MwmHZ8qj5QgUJ4fVBOCKYv/N - coWjm5NGMlZpSg9Q3b7qZAR1rpyKmEl2IwjDyJiMotklU46xcXfM5HhYFVZinWvS - XgEe9SwQmlz/4TyxFQLzek7cTHN62MKLnYYMCIr4GYntWUsUf+pI9Wy4LjvdO+dV - +2qbMuryBtC5f5WItg1YGdUKNXcw1fR08wOh/Kkp/RcOw/n4EHbHaYe11trbKDE= - =dfVt - -----END PGP MESSAGE----- - fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD - - created_at: "2025-10-20T19:03:04Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA46L6MuPqfJqAQ//XTD4bslFjaymzokJ4KSRLjH411UWqCCEMklwrqrNH2AL - LxhpaGHRWOp6+0UGuwEtX3valFJ00GrS3QPBbh2Gd8c4+fKv3eGChvjIhqCdDhGH - iML2AMKDDAnUEYWfTX/AyaJgFBFaL8KCei042mZgoMIsFSdLGqfFSbYuR+xBGezA - 6SaeieuxFIoQdvFkEb/W9acoCkMybS08xDRbvKbvXx4G8hVhW2aDSUUTWNcZg4QW - bDVlxV4viptyrn7jMxBdSoogW8heNuECI4po43vlpzo1q2f/+sDGRLnY4Sif0eDL - AEOnn4Rnines+onDk79jvMAUqVRBL5dc/LABQmLXw5uhwKIVhY/YqAbvdBHm73p+ - PxiZOyvqq0y37JhFXHoUDkLXaOak7bBAlUpgYQfdqfH2svU3tlYKLMDvx8t88ajr - 6+zFUOMVcV/9d9lUMLGxXrKz+ubonwPNCHswOFgWxBb8ODYK23v8g0V3vA0xI2Rb - BAZzmZ5KxbERhDTcIY/fTgE1Isms1Z/vfRttULHP54fEbLe0Y4DPs4XMOk1z5P2Q - xJzUZQzgCt1RgD/hI+HZvtWuSlhw6o0sU+3DWaM/zM68WvGzQVx1xXbiW44mcIR9 - KLK5Ccrk4fkybKf4RnKHdCNqYi8FH8bi9ys1MBxTq/HmOjfw/B7Sjkh6QnRnw5/S - XgFFxksAOCbeKGFiC5stkgzEYs1vD+70f/8xEe8ZLhto9VdsMS4qzhMTZP2pEGvH - qzBcjQyviALdRj8QUVX/cdpr/fyJyWtOfMh5kPwBa81A5JZy+Kf9pKAPhJvz0zU= - =2nU7 - -----END PGP MESSAGE----- - fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A - - created_at: "2025-10-20T19:03:04Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DQrf1tCqiJxoSAQdAcT6G39wB3Ev2Ygwqr5Grt9vZOzASGQA+ikmZwiXgomUw - 5+EbqDaGbHUu7WQKxcqTn33HADL36GUJkdbJSDrBZZxFlEM10z6MYhEwqKaXKTno - 0l4BVxsRuwpvgBkQbNDUd/lLj9VfWqkAqkaarDeTYp4Ypb4KJrwdq0E3S2dT5RKK - kusbNAZhVfHbnV9p6u7II4mSXykzFd6yiyULU7m3VYh0mzWGp1rD7zoKa1aJanXm - =ej6v - -----END PGP MESSAGE----- - fp: B71138A6A8964A3C3B8899857B4F70C356765BAB - - created_at: "2025-10-20T19:03:04Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DzAGzViGx4qcSAQdA8PCFPQ53k9ff1PZgbIjZjjiQ7NC/Lz99FMBDm6JXd2Uw - mzu84dVlowjWhal2Nhv+Ll5CX1da2hAsn2EfHUms9lVVvjvLgckQrTz8xqtdsMj7 - 0lgBhjbiSrz+4pAzNhkQiQEdLrxPuo3L3z19lc+f/U8HHy/nnDMNgB6Y2ptJaaPP - hk1apratKJXwUl2X70O7O2Muyt/xwbSGRWaTrZS4X7OVK0ONsgn6Ctl6 - =0cNg - -----END PGP MESSAGE----- - fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD - - created_at: "2025-10-20T19:03:04Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA2pVdGTIrZI+AQ//Sh/t17msk1UHJO4Qr2BPa8miw68ZFfx+L8yMO2JaLAjM - I3xjjSnQkNJPnNWstn8xcqVnVSwZuhXhuweqM40OeHV0OYB48VR2qW1Ac3FlzZQn - WAdaX2sHtvcNQQL8zDhzyluJyUF7ZIQZc+pgsFgA5XP1G529aRit5NPNNs8heUeV - hlX+HUwq8pcCW6ec7VHo02hncZk2w56+MNvJSwpztG98vL9lCWeQm2t4Yh9kh5f/ - vDZXnoQtNlcpwgMJlVuhEzCn/D6rXr30YSJZwM6Lx2d+8bj8ExYjYRhalpja6XFt - 0Ra1hrkmtqQHBRP0OGlQ5HbbLCHxR6y23lrS4btkqEKwSFpbxpi9moo/j2Li1p8w - YE/fPHMcxeWo6N+3qKxWo00VTXgMg16XuRIHxZ4J6JG3MuK0uXyk1FDdQAROokTC - Yn+FXskUTYd8wfuYR1VJQaWtSd9NhQVnUzkiarokSOxq1YHvTLtUgZ4/UCJoUyMc - gOTielnWVe09EFelBSkhC6NBOYYdGqKl8sYHIjt2wRhFJKClkakIyDYFzFSdZOI1 - BEBR7Ww0SA5U0FYqa7f3So/K0MIFGld8IvdxtsDEreXdQTdHks/5l9oEk/HpUYeZ - fNETuC10ZdznBeCft7jfw5O+gFUPaixN0hEavx10iaty2SLS9P/ZWXXOgPsoYGnS - XgFuSH4jztLWZGW/G4Se4XRfLuhaiOYW1GvnnggViSFAVrpHPptwodcFaIA9cB8B - dzNCv5qzsu0b+SCrooFwyNoAmDFdiwX0MuEQPnGcZLxWsLnNXiLDelXUAzHdouU= - =t+fx - -----END PGP MESSAGE----- - fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533 - unencrypted_suffix: _unencrypted - version: 3.11.0 diff --git a/inventories/chaosknoten/host_vars/ntfy.yaml b/inventories/chaosknoten/host_vars/ntfy.yaml deleted file mode 100644 index cab4e76..0000000 --- a/inventories/chaosknoten/host_vars/ntfy.yaml +++ /dev/null @@ -1,104 +0,0 @@ -docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/ntfy/docker_compose/compose.yaml.j2') }}" -docker_compose__configuration_files: - - name: server.yml - content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/ntfy/docker_compose/server.yaml.j2') }}" - -certbot__version_spec: "" -certbot__acme_account_email_address: le-admin@hamburg.ccc.de -certbot__certificate_domains: - - "ntfy.hamburg.ccc.de" -certbot__new_cert_commands: - - "systemctl reload nginx.service" - -nginx__version_spec: "" -nginx__configurations: - - name: ntfy.hamburg.ccc.de - content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/ntfy/nginx/ntfy.hamburg.ccc.de.conf') }}" - -alloy_config: | - prometheus.remote_write "default" { - endpoint { - url = "https://metrics.hamburg.ccc.de/api/v1/write" - basic_auth { - username = "chaos" - password = "{{ secret__metrics_chaos }}" - } - } - } - loki.write "default" { - endpoint { - url = "https://loki.hamburg.ccc.de/loki/api/v1/push" - basic_auth { - username = "chaos" - password = "{{ secret__loki_chaos }}" - } - } - } - - loki.relabel "journal" { - forward_to = [] - - rule { - source_labels = ["__journal__systemd_unit"] - target_label = "systemd_unit" - } - rule { - source_labels = ["__journal__hostname"] - target_label = "instance" - } - rule { - source_labels = ["__journal__transport"] - target_label = "systemd_transport" - } - rule { - source_labels = ["__journal_syslog_identifier"] - target_label = "syslog_identifier" - } - rule { - source_labels = ["__journal_priority_keyword"] - target_label = "level" - } - rule { - source_labels = ["__journal__hostname"] - target_label = "host" - regex = "([^:]+)" - replacement = "${1}.hamburg.ccc.de" - action = "replace" - } - } - - loki.source.journal "read_journal" { - forward_to = [loki.write.default.receiver] - relabel_rules = loki.relabel.journal.rules - format_as_json = true - labels = {component = "loki.source.journal", org = "ccchh"} - } - - prometheus.exporter.unix "local_system" { - enable_collectors = ["systemd"] - } - - prometheus.relabel "default" { - forward_to = [prometheus.remote_write.default.receiver] - rule { - target_label = "org" - replacement = "ccchh" - } - rule { - source_labels = ["instance"] - target_label = "host" - regex = "([^:]+)" - replacement = "${1}.hamburg.ccc.de" - action = "replace" - } - } - - prometheus.scrape "unix_metrics" { - targets = prometheus.exporter.unix.local_system.targets - forward_to = [prometheus.relabel.default.receiver] - } - - prometheus.scrape "ntfy_metrics" { - targets = [{"__address__" = "localhost:9586", job = "ntfy", instance = "ntfy", __scrape_interval__ = "120s"}] - forward_to = [prometheus.relabel.default.receiver] - } diff --git a/inventories/chaosknoten/host_vars/onlyoffice.sops.yaml b/inventories/chaosknoten/host_vars/onlyoffice.sops.yaml deleted file mode 100644 index f862adb..0000000 --- a/inventories/chaosknoten/host_vars/onlyoffice.sops.yaml +++ /dev/null @@ -1,211 +0,0 @@ -secret__onlyoffice_jwt_secret: ENC[AES256_GCM,data:x9eRTm9WrEFGdxDb8JfqLYu97NSBRvhknkEBx/zSEQlSfcah+CVNNM6JcS0Y6d9PARcGv2jGUyakuNN1wYmzYw==,iv:33lWNSnQkljr8S9uj+Eab/fItyKAH4/xAeckdpvzl1k=,tag:Ejxzaz9nkGLT/mqKF35M1w==,type:str] -ansible_pull__age_private_key: ENC[AES256_GCM,data:TrdfJFaLUBppAunBatJ25yMy1LuvLZ2rbNVHj04Y1gyFPZXjovvujqnFKjZ3eqWOI31szQrJeliRQSRPhEVuTns3I7pGHRqiUXQ=,iv:U2EWL9lBaz+g2wBnPNmecrKCkMTIXVwdjq0KcvvdhsA=,tag:no/VOkQ7ANf27oFsQdxI2A==,type:str] -sops: - age: - - recipient: age1a27euccw8j23wec76ls8vmzp7mntfcn4v8tkyegmg8alzfhk3suqwm6vgv - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBjWFVFK25CVmFYK0VOQm1h - OXc2TzkxN05CT0thNHJKL2l1RFc2dFg5MTNBCkVuZXlTWEgyVHczN3M5YndaQ2sr - VGxyeEEwREVIQk9STEpjbDMrTmRMcHMKLS0tIExwTkMralA0akJObkVyam40SmhR - WWFjdHptbDBxODhvalBENy9sYkxCYVkKfntDDRBX94zh41MEUKgRjBeMjPXtNWQH - 4KO8Z+f195UmAn1OGC6esThcyvSaAUF6VWw6Tbsweyl8z6mLxzO3GA== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-10-14T23:40:23Z" - mac: ENC[AES256_GCM,data:T9laVSnqqQRfRK2zdkw/5d0+JS19o6wJBTLj9BqH/B7snV56BNOJjaOZnYFVudQWhCIqP7S2Gj0FO2TCEa0H8aedtlE8g7HXpakxyP5/p2rt624+HiFQBvW1+r5srlru4ebVKB/HMTos6yjl4au2j5UWJe6LtnE+ww4JSg6lt44=,iv:5Is9/DV3qLo9MnY3WQcJ/NNk0Y5/qII+zztUXUDQN6Q=,tag:oklBHWxacS4RUrdCKegbIA==,type:str] - pgp: - - created_at: "2025-10-14T23:47:00Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAxK/JaB2/SdtAQ//WCp5YpylzSylnJXYn8P2yi13/AUHwvGBzLVgmv/mx+wE - +2mNozb9N9xvkCqnsmNSJr8xGAyu1hj3KErXa9+cJ0qzbevzEJhQ16KKPucxWoeg - pP5/WVHWcA4blueEq+hTPxShqagtuvPzvc7ehg6ZRTJGtiXe4LoQ3A5xF0SdY0zK - amKLqWRR7N5uCrNPcfzMcnmUpkEEHqeFm4EEWkVlHePJT9zc8zSSLZeZo+XtJ+E3 - 7zhixDYNi2TKxog8xV0CjnsPopMuMArz441nrCRIDz8mrsDJZ3uCI8QoAC39sE99 - FjLCHchoYxBoqM7spUkXtYFvdCnq+mbdHU1stKWxGFLLUtncmN82yjVLUsw2eHm3 - 4b46BbZilEVSGTv4chWrIs+/z1L5nmKaQG28rtRUxthFKaDcptGBpEqRooI7QSV5 - Ly27+6+umobuN/XX1j5WcRp5NGyFQdcmNcR+HdzLslCav+XmcxcBrH8CjtofhQ0O - 4GXknjF8Sd19OjZUeL3KPfz5ObYWLioHgqYEWHTttP0QsDaHLSud9G68mUGlEe9a - InnZrWvdan0Yv9HJlZ3jeqrulf8IplcbAB8iK0KwR/iECedEmljYQr0xa3NOVT7j - 2e74xMIG73W98earu5SBO0jMRXWfCYuZKC4e2xe1YDRcwkjKtNT2wnVPxKhxILDS - XgEkK+9lqo365zOD7nMzYXAb4V9jwx9CmUoNn2XlHIxJBTdxCCh4EPmwlRYtytm8 - yrlz3ESZJZOOs4bpw315Bohz1iMA/fsTCU++IS+/QLEhpkIgvv0S2kQejnlujJk= - =4OsP - -----END PGP MESSAGE----- - fp: EF643F59E008414882232C78FFA8331EEB7D6B70 - - created_at: "2025-10-14T23:47:00Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA6EyPtWBEI+2AQ/+JA5AejEkCmdpMkaQDVb3fQShWh90TpYnPTK5duT7mv1W - jm8RFEe6R+NztQQ02MAUspj/djd7POJrGyQvY5jDG9Tf5xYk0momgKVUWwLrSI5+ - ctRhiJgUCyewtelcLbmCIv7UYCyzFC3LkvNI2IttZ+yUrArESTCdlxy2mnsMRdoZ - lFcXkNFpiOGNn1fc8sPSTaOB5Yvy6NBGPZXUCZMm9tJir7lzGeVNalbU+Pf4zUlR - wZYgzMSJ83H93YFKRHl+MIp16mI2bNdF9BWq4wbjnOGbEVhZq/FV+9NHKPwM6QO6 - sJpRjsWzRbP5peMZLeYpt2hdG3/ejLvR7NQYSPztVvckemA875nNaqFlmP3wzCWQ - 7r+7x5WEk/aBWm8Dv+gHjY52lI+K2wmxDgnPyYGpXXTKsX8kCZzaI4LrN4fUIAw1 - JSRylL55AhCxdpYCkIJgPc+PUeIJ9h89HdaS4pP760iD2y5Mcn8NgYn8X2qSvSWG - zcLSug1yQL+c26zAjCqI7PNhawQm+eEw7OUKxDkexoMDexryBBc/lmk7t2MvNwEj - uEnn5BY3Wvh42tj+Hsk/J8BjZTtrxsRM+guSSCOlyqNfECZ8dmKhBRPNLXLwz/W4 - VunIYQ6e9FWQoBQ92+2ZwFv8UZK/GLprI7tDBjx6Vhr5j0XZxmuce396Aj7CMHjS - XgHb9lm5fm2WkjvJfiXiIbhvnuxPu5UobDRl2qAYC9TTe+rzKKH5Oae5XSbAeQiK - ZJet0m9nh9T5RYK81I6NdYyCStXnkAwIsXtPIVWpoUjOF9w3IAVLa3ow27nqFRo= - =EJTL - -----END PGP MESSAGE----- - fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC - - created_at: "2025-10-14T23:47:00Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAz5uSgHG2iMJAQ//TWaicqbf8pUtIUVFYz5ENUWyT4N3gDyefSB5Yw4dfO4E - ZVFMMolfStfC5OUSEG8hzMlPTivrbCMtn7M6SYA1JN1XNZSu6BM65YhTZb4kJ9zE - yOsWN3cdPQVNV4R/xKvxCXhs5exaeNFgSLs/fWdyk/qyNlXd7+Hn7rJeZ2kmXlMi - L2SDUIRUCDc6eePuMo3DNsfISah/Mno1K5ExbiWK4GcCTCTS1YsrrufEDj0MXmr3 - hzayA5gLhcF1aCKp0c8Vb1+K+RIsy0QJP37+IsFXIR5IemX6VEy0J6wehRyt1MWR - 0W35EIZWPEmO+y3IB4DJ/1QHwJkmSwSkkVX6Vv7ch9C97lYCeKpLFgm19bT+GqwV - CqdOSKGKNLzcaDHSGwpNxflPSG2kYxwoRoFXE/lrU5IRzI6ngDFu0gabgNXfrBbD - znSF0gCVpRKPw3mzpyNO4ozLftj+SOrI1z8mhh8hd12BgsMHIwnftUs4HJLxuVCm - cL3ONPDqLuOX7yb2BB+x7HO7kHNVueRDlGtnaY6CzBBWLbrr5Cq8xVi6I3oU37Mt - Ng7+b1SgpvHkvLSz21aNwEMHXteyldxPOyLPhdSg09sTu0CzGRm8Z/VbOT1qGcHT - U8cf7n3MUluk/QM8Tt3PKhruGdE2u0NdDpSm5LzRjHcIACo3nvlVJRJ1ED6s/CfS - XgFbFZmodF/YCS5pfITJNr5PnnZ9OD6kQkAdwf34g2MNqt89GpMQjFxp82rXZ2oP - DUiJyXYHrVAP1FTwuSmiU22xC+7SWGHWmxeo6PO27QocGtdmfqduC+FYlnWXRKM= - =yHwA - -----END PGP MESSAGE----- - fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5 - - created_at: "2025-10-14T23:47:00Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAw5vwmoEJHQ1AQ/9H63NmlEQroQsh59o0StQvIbe4HIEoi4DuzOPlARGlSts - ELak698PHUOAha214Fm1aD9rwUJNQudUc4NmkhZ24qq5ULImofRp7Pc3ja0/eYqg - jD3vW/8/padrh/kD12WIa8vusL/yZmUSTIr2Dyouxk/myQaX3/bT8HX9SUBMNple - +vHEi9+QSWTK+ituhtGoa6O+UEkt1eAPXMGLa46jbuYvdtzHuyWq5pqvokQkfWPd - nm1tR0eRBryN85kM5OzYEBUOrJ2z366T1ItKSY9DwFqF6XNkQm2yykAyKGNAWhmL - iQ0jQl+XdMWxPurW5wA3BPU3E2kvbbY2obk4VadcBbiJWruPRQckRHRbu6au3xyX - j0sr/gZ1FnnGZlKyCA5DmDcfC3zAlftpHJlPn3RCZTjKuN2xqDeGGOg8Sxbp2qBP - JdRQhnypOr21bfipFDtRFUSTzu9AUtbSdbYGBRh+1tWbV47hrpqPuVuF4oLF7/nN - 15Q9OrhDESaOoYaJCx189mk/UPWySGqb26B50+Rqw2qP1MKrlppWi9bODNtO1u4l - w0WkQgZ7lhyDMYNJ8Jw6dNwTZhQewopUZmRPYBnN3U7huNr/+BQeAiF1GsSduuGa - 1Vy2tjnPphRWDZ1gU4mDVZpw8zpamxZooq/YOOhE9FmIWoxjRw2n288IwHfM97DS - XgGtuKZg/e7c6mrWZHTnuqGQmSbjk+Qj/uEzjFrfKk3fdelD38wbM+lY49lXlHXH - 4IDUZOU3e80YyN8S2rNSYR7DaEb7Xk4iexYSoK8ptotw47ZdDTNbT1OBf9olc4U= - =M1Sp - -----END PGP MESSAGE----- - fp: 87AB00D45D37C9E9167B5A5A333448678B60E505 - - created_at: "2025-10-14T23:47:00Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DerEtaFuTeewSAQdAiDe3AmA1YEWBmE0IQDQPUhmazg4sLkvlhQgQdmRIBUow - E2RIHYKMDjHErEOSLEHSUZuuswuVe7sdvEi/sezQT7DgrTppQIAfVoQaWG60ilPE - 0l4BjDaIQj3xJZWRryClVQ6J5O3tizSYB4fuAmx86bK4X4MarpJvXTRgvDA1Qn3v - PPG/5jCheQ/zx19ufDyZdHs8Zsa3SLvxt/J9tryVfaRuAdp4RqvoKwXPtjej6JT/ - =aT0u - -----END PGP MESSAGE----- - fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912 - - created_at: "2025-10-14T23:47:00Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAxjNhCKPP69fARAAlUg5WdEYGT1UG60GMi22Y+jI6Um+QOn9Av4FBUvjm+/N - cfeiVWsXTuufOZWSENtpVWAmo3Lw7tJyfadMacqs/6f6fWQfP4FKaVTn8hXaffIG - 4eycc+SfyC+GRDt+3OS2fnwM+td+by9fIdIfRC3hdSGw8xcBTCAuSl5PIsC2Gx1n - j2V2xWsccanEEdiGQOmFkoG3qLZG+pSEvJW7N/Ree91snFLxO5qWyuPOUNw2oDSN - KH/HZEbjT1uR7XD77PQb6qpIE53wbQRaCsZY+vLu3/R+dng/EyBo4ytEQfR/hSOi - epkX/PU9b84Y+hfdjwtfdzt3q+NOcrtEw2MkBlYatJUfoMBSvF94bz6jXUJFq/75 - OTKVh4i1bcjoD0KLe+umynOBmL2GMehNARGY8YU1yYe8TxkpIbVKRXWs/84qI3OL - 139Rs4zlLPPTcp9/zp/KAQQ8ek0tPOtrYcaAGDLMWdY3jkB9pc5SVl0jn7nsJ/Po - ZtfaBlzjBbqjOEe7DtsFcqIrt8ruE8fa20qKyP4uB3D2ZEvhtUp2wLBQbT3GHwbS - pEPBou9HPmvFE1VZgtS4ZamHgDar3oJnlckB8DEPCbPQ1ui3CfafpHqs9IFI+CVN - XmfRB1nPtdaNlC4ZmiW4wDnGQqGJbAYkhJTu0pPtLvT1WPqFXC4DZ1PJEsUUlKbS - XgEh0ICVLrI39YwUc5rWTiEDomXxttlRu5hzLvXxR3h07oHaNWm0bXyZ/Sqwectn - hq/H58TBsFVRbouH2aZvi5U7OwGa7UkXeECq6LimkKTS+ca/7Dq1UPeXPbkucW0= - =hfDU - -----END PGP MESSAGE----- - fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55 - - created_at: "2025-10-14T23:47:00Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA1Hthzn+T1OoAQ//egG2BgMMGfN65oNaTJCcQ1AFp+m7J/F5zHHQwK8J5NbE - lTLNPclNCfUXArM64NjHKh1vLVe4yF8TOGh97CmhH27d1eD6dHG0m1EnoOGOawep - +MD7lMqhw3x2qODUB2bbrswmmJbO3C7Y9gh+K2i5UsmdFgv7AwBOBatJsFxv9B0m - eXmekvc/T0rZxRhzPAtlCS6ZGP4JqKELgBDe1NG8upeJW8n4IyYESwnNLoJSta5H - AkVyV5eqv1LnQGyMqyV8YBDguzZe/AABvv51nbVl+HM8iqA+OM6SrPzWfIMorJDj - JJr/xXgJ81d6HWoLisCU7uYMlUyl/B3dCPaWlWtfWb0edf+fiUs/FoZzAlbrzbkf - P03NmYBxvu/dLMrxdqJ/PGnVnW4nr6J3OBRqnxHpz/WMtewZRcli1YXuPgj6uU8m - edejnwz2jkd20Ob8lF5AoPyZ8B21uMsPZndKiNFj2/TjmxzvXUuMbfZUyhYbrRXe - VqvopsuOT/WGjKWiTLQPNN37VMyPIIsxgp3jdSGTom1F9Un//iFjBKOJV6Wo+i9U - 6bawc/44Dzd7FbHlEOe6Y9vSjo95GmE+nM4Us592s6V+nbDDoXUq3+SRzv3R2aeL - 4ks4GVuBl8s1vZzSDO/VIlnoXUmA0S9/AAP+6xsQEhfAB1IrO5qt2fRH8gSd4HrS - XgEHDQayM/vGPnBf5YDYVYS9aQMHzrJm9uEU3zFjoZDK1smV0Kr+TOFT7HvpppLa - 77z5btgan97JOSpq6S5bhZVAkJplbERmXdhfDD1nVDlpXcrdDa8GI+0V92mUYDA= - =Lk9e - -----END PGP MESSAGE----- - fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD - - created_at: "2025-10-14T23:47:00Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA46L6MuPqfJqAQ/9HFIznjs3/Xk2alVzJBNeVNpNaHVa0XzK2voyw0rgaP5h - qwTJ8p+xWpEsc+el+E7Rw9muGdANA1o/TbdHkimRa7XNTbJW9Typ55THVifJLct0 - 6cOjneKCOv9IBnzF8G98dHGekPK+MBhaRdMrjRUtSeVnZqgZ+emw+CiinxGOn+us - 36dJZiSQxqtGfCR+mo6rPsUacHh8J10HNEAM0aP5Rb+8OppVGFJeU5KqlfbiazNL - 98DznZIupx2mfND3MHzfj6v1t90jh+W+RpiIAKFtPebiBCDOhTHkJSLRjv3KVAtH - 2zca5urU2Whs+ploQVud5k2z0+o97kCWdeFDtnXOzwA8yZOIYcFnRMlH3w8BxMk2 - lPymLvL9rowP9r+HHWHi+b89obCUjeXjZEZHlRFJAV2pE/XMd91LUcgcJVilk0n1 - tbZbS1z4cX8/mkfmQyRMd3Xm1mKh0CjX0YjTXaiTbTgdhMFWUZM01l1mbsw93s/x - i7giC/SnX/b/+HarfrlwWc3mHRDsG895PHphf4Au2pCOq2KzcQlmhXFiIUdZE7tA - t2ND6oEnuzI2LsxW8U2ffBcSthGa5UyURCtR7i3mGvEN8UVVGbNazMAs8jrvb6sC - 6WdlT2MqYve/AAGDrjwi8o0Q6uIXoJOiopzCx2kAndUPMJrKAWCyG8TxV3gaBofS - XgFY5YuiKX04DdWgslS1NbTyIZ/BTAdSuYCujDXxKzx2Q10NOgwNnnE4HB0aVOx+ - SwKN1i7ABHvYGrIL55+fz8eFgLkpv1MV/dPUEAKjMWsEq3emmDfJm/MrEL0Dp14= - =5rI5 - -----END PGP MESSAGE----- - fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A - - created_at: "2025-10-14T23:47:00Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DQrf1tCqiJxoSAQdAJmnvghcmfK64sCnqVjjFj7GpQk2gOu9MCxOcMMgcHRsw - Eavo/MAiHqzuT3lSFfDWhvcjSL+jimgw3yqYMoEzTK6RbNNJHroRAOunuQ/fofMf - 0l4BUf62EBKB7XFIO/Pk/zcvLRtvZZSGIr7qczX4IgFxt9VSPljmDOnSnCKPR+rD - ieSVMMq28nlAOwm1pnyH3X+qQvDvQmyrz40UW72I7i+T1mBPLXqdleu3YypbzgOv - =TcFO - -----END PGP MESSAGE----- - fp: B71138A6A8964A3C3B8899857B4F70C356765BAB - - created_at: "2025-10-14T23:47:00Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DzAGzViGx4qcSAQdACOXxpkI7QrdFaQjtSs6pjCjH7BWY7oydAWvXewLkgXcw - Xu4rDdYRln9Qu3C9fPcuKPkWGIGQzHRGgxo811iJ6hSx/TawgIekzgpXiORjB10j - 0lgBlem3eflbCRqCLzB/LTBk70nDb36E4hmzlEW7+YvEc7YVv6eB6+M2+ztsYHC0 - qyaOm0oy7IPZz5Wo5Refu4ISa25YH5bvZcrWdmcPMhP1B5OZ4YOZlVGN - =k/e5 - -----END PGP MESSAGE----- - fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD - - created_at: "2025-10-14T23:47:00Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA2pVdGTIrZI+AQ/+K3BKZ+sNFk8To0r94cCoX/PVjJcmE4GKUyBde0XfuVTK - fzd1lRBBjneuMvkx9RI3F/ZxSniOdA6vuengbFN4nl/Uyi8b/keoMHgnKYt54FtM - YgtWQVd2JqWeJKPWfibaP+DpuU4wRVIKKTrVTIN5pe1YZCDG3Zj2P2an3Aq8xbio - pQorYwf5ilS3YljEkHU3ipKeNXUzbe4zvvHi1MdQT4MCZd68rUECKqQi6KdBVsth - IlIPAIa+Xi1OgZaoV4uFUUh7fBXHggTSYABvUNxcGTilFotTbhxgCO84Km3kw0z5 - I+VfkmmkEuQCQYN0u5k038bs/tkbmWCM5os2FvG2ZWMTni3K434GY2y2cHpol9kI - wiTxJBZhXacKrrT29L0ICHge592rRwFOrEhYA5vANVSrAuyoxURlVtldlFiIB/z/ - dF4NdWCikCNaV6bPe3bqqcB7WBv1K7OVoN213xYGctySu43vyXdVWf/uFuzdh9Jn - 60G5ldk3mIEvz+Obz91kmRr8b0dtxNxlVKbJw4zPxDm8YDm62yuc3N2eE0VMMOYw - loFI03ahj6H2C+aLJIfIffW34BhBxDhkjtaPNE9TZuv5fu67XscEdR1hLgZFC8gQ - JOVrIU/6UMAY1jYkUnyVQbNiYwq7Zc4xIO7LlFGk/yNDyDFyPO6hJMt4QcI/jqvS - XgFcYnU/70kDn+ivmCohGl1TN5odP3DZlUKT3KFvU9U7rtMkVomSrb7dNnrxXPHU - C/R1EDc5cER5nP4tX6VGehEfc6XYGQPaqHDo7dkdWnvGNSWkkpLMrFzMqghW1KE= - =fBgJ - -----END PGP MESSAGE----- - fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533 - unencrypted_suffix: _unencrypted - version: 3.10.2 diff --git a/inventories/chaosknoten/host_vars/pad.sops.yaml b/inventories/chaosknoten/host_vars/pad.sops.yaml deleted file mode 100644 index f1ceb75..0000000 --- a/inventories/chaosknoten/host_vars/pad.sops.yaml +++ /dev/null @@ -1,213 +0,0 @@ -secret__hedgedoc_db_password: ENC[AES256_GCM,data:5Pw0orOTzb1xCefwx/n9h9m8gmEY6irE,iv:nZvnPSb6sXjS6k4wNUoo2PCJyOcwjm36gs9l0mxwAeo=,tag:0seJlVi9qTfBiol7mP6DQA==,type:str] -secret__hedgedoc_kc_secret: ENC[AES256_GCM,data:7RyM9jfKnaaP7kJ1JwucPa/IAwaRc7Hhe9VYIKGEmlc=,iv:RvtaWLsf/X/y8s+DLANcyVgagJqGB7EkvQ2nYm2Xo24=,tag:amdgqknDGeZxUBmXsd1ksw==,type:str] -secret__pad_smtp_password: ENC[AES256_GCM,data:msnYZYl8vP+OeISI5OOglQsCQ8vxMZ0gig==,iv:oqov/myWJNzUoAn4BSX6hN1fWyab5vud8NmT+z4ECqs=,tag:0T3Xm2zw5k5WmC9Ks03XhA==,type:str] -ansible_pull__age_private_key: ENC[AES256_GCM,data:r9j1ikemQXl+Fq3D141P/MVltGLR27UyHxCCWnZphOLyGhyhQgqcuFqwPy1kZhnbg/mj5DclJ8rzqyH65T0XQu9h8d/vh7Apm4c=,iv:xOmxBTVIOTRt3rzWM8wHKVD7UHeuPj2+NSHJnCvU4xo=,tag:CA9dR+/rB/wfcPuU/+zwsA==,type:str] -sops: - age: - - recipient: age172pk7lyc6p4ewy0f2h6pau5d5sz6z8cq66hm4u4tpzx3an496a2sljx7x5 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDeU0vdWM5N29uQlBjMmtr - RGQ0STVzaFJHKzNiOEdTWFVvZkVPbXdCYm5VCjBkcWJPbnBKLzVQdnVKTXFPYmlJ - cHYwenBBN3Zjd1FNRkpScGhxcytoLzgKLS0tIGU2YUN3bGZKaE5WOGZ6dDY5Qkpk - QmYxMFVRRjYxTTVJTjgyWmZUcUp4UDgK0WghiJ7qqE9Scq343SjkZ0zDQI/FFJsd - 6cJ/+X0LRg0pzlCHa7K7amaYUAHSlmjv25LNIJR61Xhn4kGuLBCosg== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-10-20T18:59:09Z" - mac: ENC[AES256_GCM,data:3BwneKrw8YKmfwIoDyNRo+SG6i6VMW5tECQrhMXiq/mB/14xHHrUcrWRanFknm6JB518Ohv5HEjeHsrYdUehwpzsl1vtCji95osa8JdZY5moAt+4f06viRFTYa6GrfnNKToUR9obZFiPAHlMXcTTx6y0m/nPrtFZhuNtFssOdxg=,iv:4fElvIvapfqSqxRLE/NSiWyun5hAA8JLsai/Eoa5K68=,tag:mPKOquAMj43I0WhK6budLQ==,type:str] - pgp: - - created_at: "2025-10-20T19:02:51Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAxK/JaB2/SdtAQ//ULps+cAGPArP6TiSvqD2TpEcvSmMiGpyQM1wgVzoTAvQ - NFOa1Ayrnt4T3xCiYcIubYp0/on6hU1mlNV81VtfpVq1pcAo9MCLQL0ggkXvOb0g - pSSe+7wl2rBz0uH5yqR9cUmiKI6YM80X9Qg7RuF6UkfZespQ51YkdEUwNHVb0avn - ytc2+1c3YXZJsqypxs28gos5YhlvLS/RUENr7tJQQfhQyzmZyRF7gVjgI6+K3l78 - skGXZeCiQX1Hqc73NvRkz8/GW3/eFTGooJXFgervmi9siEwcGhoJjNh0cSGaYAIY - nBXMk0NvU55ix9HOz5quS6GkIBvH4nTQHT3EoLA1N4ePJkpjSYVli7gf8BdJlegb - CHvf2Czzrs7lmKNeyNa0q8B2W2J1VShQw3sF2TRWZpQcsIb/gKdC9pCWsw9fbQO6 - MJLGTPczoDGWuE3hlpZQXzTJOpgg+qLoHzFqhfL7EhUJhYBZcTSvg4HcHtlWbEZ9 - NDcVBdifIhgKgH7icbt9BIonoGOi/Ggv6nC7L8RGaJ3B5IRclTxslbxtdPgBY2CK - e5v4rGUgpBwX1ziaNCXrYufKDRKz2PtUWhY9L9y/SkxEqoi+snNrYQFwDlAqzVsV - 1JAaySGpg0027kgvmUs0VQSgTxcKzCjswQirwUAQ9/FcEYcDgCFg3MJFyERJw8rS - XgHgPPTsb0+kgHD92YY6Ns/Jw5baEKnjuyqp5xt9zU/vXJqmx6TelQ+GkWrSZDuJ - eENiInxjCbtBcHY+p6FeMncnozr5NTMnAj+xpCievtHfK6/1lw23z7qYGFs7+hc= - =33TL - -----END PGP MESSAGE----- - fp: EF643F59E008414882232C78FFA8331EEB7D6B70 - - created_at: "2025-10-20T19:02:51Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA6EyPtWBEI+2AQ//ffDofAam8JzM2BkXLtth9oS5eocIrDe/PVXWdeRrSCcP - pbuBaOGCAAjAam+x1t5bTI4r1sCEnVq3xHDxm9tK/CPzwC/Ha6RRZSLbJISOt2lG - QVFtYptRJGxtbAtl6L7YhsyZs2of1KOnRQ57nLi/q+Ho/eKZShaGr1VB/nkRpHTB - 8qg3qJ+sGL3tjqPLzh37lQzW+3MBRRLoAty3js3KrY63VJgrmy0xZM6BX355F5zQ - ArelBoowccbdjE/Tiw/ymlcPXBd9DLlKDPQA7kRV3MuB4/6xd2hcg//dAi5kavN5 - +zgF1O0xbPfDGDLIpfnAB2EFNHgTXXQ3mxyjLg8ZtoHjv0/rSrcOdgTj3qmOrDZU - ImvP4DTGIPYwxypk6gxkQvCWvyoBELa1oDKxyI3TqAM/IvSxBx5DVIsotNv5p7Hi - lCbXuiuwoO4zg2Q507d3BKvwbpeZVLHdX1eFOGF9PXEcisouxakHE+Eq971bSej/ - WhvZT86S5Tkzrek3ykVpmpdNp9EjkDoJ6eXyuVLVC7egiGlmvgVgw9BashutsYhL - 9uB9oePgHD+TQ+Pe2LjkjTTVM7J6zm0P4HUxkGUw27JYJ75DAix9wXBhPQvwtZDH - og8zJi7nzLmu1ntUEFCLyBlbxgeWt10+WMxwLHkrQZZFEJFMUpfMsLFZIkSXaibS - XgGJPLIcFKc95WPEEX5dG5uIR3zx18WjCZpFgviuWT0h2UWUlhLoUoHJzuKTuhTf - JuF4kbTnw4Gz4aJ8btSTzO9iq7Y0i2qdevWNgZi1/o6jQgxnfJv55UlgIOyDGz0= - =STPQ - -----END PGP MESSAGE----- - fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC - - created_at: "2025-10-20T19:02:51Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAz5uSgHG2iMJARAAyhjh84qJ3nVpKu4Z9hWUlUHpNbYVxpIb4w388qMaONB2 - +lK5EuQ3w9Oxec3rvN4tH658S76ciur2MZK/CLAkA43JY1tsKLXgYSVMwNFm2B18 - PobkuTTI40n9u1iFYlI3bBjq8KeVTHFoQVnMzbl1c2y5VfhNRvJSn6OVMROE/PW3 - Vdhl46DQJkjz0DQYub/L3AMssFwFdOUotP8W0lVXv0IaRiB4Ud6BM9P+A+4t5c07 - ZiUZ58qyT+eJxvDI1SFDoVAOlSAkBSw4+ZgOdbdfSl9AyQ3kmGsSjkfFCz5vcSsH - CsTTpiKuRmbNwpef6ufnjexNUXzFQv7YFMlbkKbbA+tYD++RptWGPv7QhC7wrZXD - Y43HIvk9itwU8dtZA0XKG9fZdNe29yeoDWWKP75HI/7N3rNvXXAZ5Q6eiWtkiAfq - iDDdYMfelcsCBK2W9zTw4wFNhzh2tiTl0rFk6BtkHqcAIKmqViOGfvd6H7/KHusR - C70hYMIm5J9aKXzKhNMO/TwzdRh6tKETD5PDtJI34e3lzQrmDQbc+llxSfyINkGR - l8T2sXRLPUwWZaFrlj0K6IaudzgQ3HORlpJ3rXsmcsdWVWLeWUWhFkXyafvKk/Fl - aPfJ8VVqBt0r4MDvkqq7+8SpowoZAynST3RrXyj3/zIJXUN8yh/+59PWI499nB3S - XgHPl7vKAly8bChR9Le0lQhdiwtMxipRUlaowkh41QMZRsKKNJPETFbwN5TRr+nh - KPwlwfGNAlgsFd0wFgdw3R5I3/9JZxaJ2YRHg6F0CQpoTTDGDLGfSFhDfXPQtoM= - =4yn6 - -----END PGP MESSAGE----- - fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5 - - created_at: "2025-10-20T19:02:51Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAw5vwmoEJHQ1AQ/+IiCAkI8bT/0oPS1nkWYYDivXR7EC0YAPOPW4WvjQbpGP - 9jtMDVbTTAVCOdPRjW/ewhY4Ul7aL+8kt5b9Zg/RzHk9KZO43X8+/O9vBZz3iv73 - SkcRrQVoFff2cb5JstfIz/pIPV/NZvMmNn9twxiZgIMYL+DKo8eCNxj4GREOLvIi - o4aHQJZFFukuaFPZDtZjfPDVhz/WGLy+/e2XxxSw4hXPf380ELEBIls0YMiEcwjn - m9uWn/hxY10wV+aZvIkRKWZMKB1SWWRklF1ZSDlVGJOLAbBGbry3VfcLhAIIzEun - x5kf6elgwnwXonZkz4ualAdu5xEgVXGr0IPhaO+79TwlJr+1c2UhCKbxWun5jswu - ioxvTYw60SDFSvKjPEAB6ANGS3bL6t09LTc1//pQnElW7s7TSwSUdG270XcZGaJd - wYMYCrFRA6rYmQU03AQJLnze/fiRoJs47SPtGF0LFHvcAWS3Dqb/R8AIRmciliJy - SAMwUD7PixhN5YTo+t91utGLV2yi24fFFlxfH6LgWDXsmvjm8mBJ0xuM+RyfmrIe - Iq/zDGgpzXz5qfJz1QiH3MnGiHrQqG7u6j0sutkw5SJIdXn4FBwMq8mEwWu2KB08 - xbUtlIv+6W8BgfHtOwBqxRJdGau2jesY5ALYXf5IbKXQquRNTYaJDBYUDZlgdgPS - XgGlBl08PvNVmh511c0pojHm9PRHdk8eLJJgyOm6L2L4ZoQCU3lZvJtMnhsyBVAu - 99TReQ40oCKEpwwOsrHwmEuaTOi7I1lgUhsMKrop3HdrCxVdBVRf1tjdoQ/vSgA= - =JCRR - -----END PGP MESSAGE----- - fp: 87AB00D45D37C9E9167B5A5A333448678B60E505 - - created_at: "2025-10-20T19:02:51Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DerEtaFuTeewSAQdAc9abZ7m+uvp/RNWkoOIo369V5WsuNtAVs0A1ktTctwkw - xUSaofi3bI6UJcwoITA0eAc6cv7FwQnYp537kZgHrUhoo8TVbVEa2CTSiiJTlf2k - 0l4BRQWRZSsXT8K+7ohukFB5UGzXAcbJHxxVb9oLkgmVJmkTsR9U+Vhce1t+4kvk - x4EXxgBpyCIBx0ZEW0TIG80UvYnX+ny40RMg03oAg965hH14GeQnLYgby6VDlCCf - =8d6o - -----END PGP MESSAGE----- - fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912 - - created_at: "2025-10-20T19:02:51Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAxjNhCKPP69fARAAg/M9aWO8pV66I+x/BoNAbJpmJseKDmDscLLUmOgroSSu - M8YNZdKkEswU+3PQzEM6JoE8OxPdqA7g2HQqLm+pswEk4aYX3uUbcmqiHeJd7Nb2 - BtVNbGsm2p2+8wBe38PSNtbGzIkgD573EPeZgtKwy+Xdg6vl9+q2O1EUsWMafInH - T1y7BGT+gY1HdBiZrbnjg0krw3ZSdHRUIZWfJ+Hpgw4XHJul8mOMPfbUzhnFw1+t - ji0sFYsGZZZSTc2rhOwt+cchc2CR1w3Kjx8TiZdpDlclpjmCOvGu6uIKjcpWRygA - h00Tyih3quSDzCDQGd9JQVSU3TaSCbZPxv6zgX7PeSBOS5E0zcNI6pv+O3i6xDIf - ZvT9/pKLRw2aEIVjAMTMMbTi9fy/oCyXS/JTaY4VbYnkW6UEWxhP3YiXdNHIqoLd - 2nooNOh/3fHfWTuOVahuiip3aJLfoQDQj8UcOY2iOnVRFig+YSG8b+zwtV6NN+KF - DpzoUaEoyFM0DZ7uCY9sE5SuCpv7k57QdH6+TqBxrQsV0WdmSlNKf8QdIPmBXK5p - DIEom+KZ+ALoryvqnv2mbAVpmWGs3X/V+YjyLQJz3TPzhmotz0+eOtSNpy8tShgR - qYKCXOQZHeOK30fUg53I6orQs7GdheUOf0AaP+CuXVIi00CnFT57Oe2tJKaYL4vS - XgHgZL77YDp5C4iWmdx7l3yivkv/4thHdLf+y+u1CZDbYe+Gu3CiN9s/3FwvB9or - v3WSq28wmRUUgP5PCRJJcBZas4FFvZyGl24orL8ZC+AAHIpWOiJW4rynNp5kvrY= - =TP+V - -----END PGP MESSAGE----- - fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55 - - created_at: "2025-10-20T19:02:51Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA1Hthzn+T1OoARAAgR/ac4NfKm1SNgn+OTrAD3uNwAEyAbuOEpWJU9GImpnO - jH7tM/in4MAc5p8s4VextAaOZMUZ9xO/ecV1kjygcOjHtROv163Q5RJjmdkv7YOd - 84M5xg0OtHYVfmlRo6nAxEXtkQlMAbOHKOL45BBzlGs6lCq3hywbyZlolZ24Wbd2 - uojGAH0yuLIYRAXgir68hralvlaUfNt41iWIvFvfO6R/Ja/3Dok2U8wSqdQQcPr3 - lwldHmbrIcz8eLpuGMuBKe6/2aNrkOuBRExRnW+wV/FV7qjFISBiLjekrd42HJ/c - uY/5SllVrA1UwWx7IUGLtb0XUQ/9U9VlhcpFB7dwCb3CCmpNO7+UuQb/U5TZ7uKe - ML1sebXmrV/GRRV2/rb5ZAOq6Dzqo95xrCJAQ8y2Dp0kjkYLfjhVSfuELxhzemZF - 58Xwx7OuSgQw6nXlr7vZ0kdvKaAa5WTQNkGbLnC6UXz4IBgTEGn+Svv60xKgUm2e - n8eUBp1VCxwnhUbF31XpE4SE29ZLmo+D7Vdw86irMWvuBMU2cTxAi13Z0OQCGYWs - kNS37+E6js3LvnwPWhA2zXDE+DXx4LSWdfJVoSTmVW5lVnyc04LXkXNJ87LV9Pv1 - JhrAAmXC3wlLfn/aPrPfdR9XGjnwyNojRYpvJJFpT6j/nK5mb4FGorqtFtQR5m3S - XgHj1QJGtTwSQNvs3kOfB241bxGZV75YAJPi+af6v4pZGtdyqVLlj+EIgFjHFd93 - wjeGKfA9wtrKeTkl9LQ6/uq+x1CnLpejCvz1MiOiYLoU+Hab3/X2jrzIN5mY1+Y= - =uuXv - -----END PGP MESSAGE----- - fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD - - created_at: "2025-10-20T19:02:51Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA46L6MuPqfJqARAAn4LRudcrjLTCjqQnjRTzqMbnzDui823FQpSYFZ4mASuk - NiyX7Fyu5UV7sHkVq198oN4wFOeZXO4941ZTYJGhtOxQlWIuPed/TJQ/L2+tIPcf - gljfyubYvL4IRKMxVMpiMDbsTMvFoDEk3tcjRT5ZWPKjPaR9LMqP/dbQU6AzfEbF - nUaoxIUv0gJ+chDyHccdx2rys4KwV/ez+Y2DfPOfG5Y002pdGF0wOACwUWAY5+tj - 6Wt4n12RENGA8c3CRhIQ8Q4ZKb9uTA6LVUznC6z7+8xSmMPWDWIKAGKiSP9hpcIc - hoM/EMqu6WS51I/do8MuPusuxLKDYoL0uMQPiYnI28twJr1AWneQL24priuEEGin - gaZ1f170GHFbHMbJoKZ/BKuRRg7jx6DTPOmayXSEgtU7GyeoV7Go276A7yj6whb9 - qD7QF0FQ44Pm66IT4NaC2O3xBw8e1gn6RVurHodkPOLP15/5g+i9NDfQsdDQRFHE - LQ+VYF5Sn5vmie8RZvk4fwQATQR59FPMd28chYBPp8r/94ejMdPr6HFKYqGsu7RM - MTcSskZRL6pR7uJbrHS99IpT3demUXJUwE02V2vmd+LELVPyKrC0LKYzFSx+uYCB - Ozk8I+qHTb94tY/D9dvfHabp6W4FQRNnnNQBeWqQzu/LysfaSNBA5VYOKRu1g5jS - XgFzp7nAHdBXH2dnibevh2RgHnc/MKQr3mfDFERkxKphDuj51w7/lSs2r9iQsGp5 - xQMx6P8UGxAeOVvYogYqflLkQD+ybtk3YBsxvRQ0Y4YYtZw303+5C99XB2kaLoE= - =XWp8 - -----END PGP MESSAGE----- - fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A - - created_at: "2025-10-20T19:02:51Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DQrf1tCqiJxoSAQdAtH7dYUPIUbkcD1k/qOkBUW/xrIizSLzwO1z2a8QC0Cww - RVl835uxs+sv761WBO0q/N1ZJSQ7I+K8HwBD5zI+0mq0Qy3hqFKwA1l2lwhLcDfe - 0l4B9WdrtK2c4DSS4AwZ81Xih5+6orMejRWAjRQ3H+IPNo8ox6u6CQ2ewfFQgqxX - 2BdyCvcYdfJAbOj4lHDVLOZrv/926ulTWoPozzQjZcxUuyAXIFFY4sJ0wUSY+4OI - =qnuh - -----END PGP MESSAGE----- - fp: B71138A6A8964A3C3B8899857B4F70C356765BAB - - created_at: "2025-10-20T19:02:51Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DzAGzViGx4qcSAQdASPQhebBJb6SL/p1DOH/lBRcRr48+YRp6gjqEbWwBhHQw - OaYqBiWsSxJ+YS4Wcy6aqJvbqgVoMY0ZcyI3PfzwIaNsjKqaw0U6KXK+lXA0DfJP - 0lgBUcPBBIAKatz5IRX8zFMdhR0HxfAIe+0pwMwW39FnT1HXkPy1s6ccqSgDEnH/ - Arwr0Iz6pAzMdJzDfpRDaXLrI4+x6jmZCAm0rXaeDXohOFs2C2y/lzrW - =9QK9 - -----END PGP MESSAGE----- - fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD - - created_at: "2025-10-20T19:02:51Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA2pVdGTIrZI+ARAAk8AbqfdQPREQV/uyz3awAq1u2tXykXWzjs6DarQoxA6o - DlY2tAr/7DvmPGvk+1ZTxf7D0n3sAbhhRkpRtlr6mguzByKEQtf5rXxrURyTe+mi - dsRtOdSZwJpgdDE805IiC0Q4dYYOLiFzlouYMBqc3nhqEee4q5X3xJjq6qaJ1QcZ - bACvKFfVfr5VraWEGn6+JCsmqDNcc+5MGfDiFzo42I0nnAd09k5+ymyZ+de1NqJ8 - BVq/+z0TsUigCR+vlm7TMno9DCIonaSHFuxE2tdO1SXzQwBvno3q1kkrhvKVA5PI - nZWwRF3s7wv4QXqp0fmsD6KMf+jyMY2N2udY61jOa0b4z8PSRFxzaIg3iOz21Z4r - uJ7lUtgqL1KoLX9Y+Odkmyj+Wg4VqqcfI/qcr8VMK7bW50dO+ueYTrFGh3mxs5zs - 72XGjnuZC9niXbxPenMdvN82eoVXY370yYyoC/Mk0aVTGkoCC02OsDb6+GAM+HEM - GT6IObIp6N7AYrZSHzFAAAFafD0UNqmXV+b2mTlsHLgJenK7SL7Mv5vA0l4cNTgD - F9ykx5oJxHnDoMEum8hHs+RltDLNGKT3x0ELnyeTTqR9gIPy9pKYsTdVNZxtQmRx - WMWV5XAo7sTBTiuOvKZCYgoAglhCcRpF04VtmgcatVgkieZqP3Af0Vuiw24pmBrS - XgHnt/XLzOTwRAIcdLr7CR4kB7FHTk9ae5HlV/kl2R/O5kGS7L4XixEaBvgf8TQY - dqw86sjSzCVpQp1lukxr4jUhZLwkug8+wuTePyUPO/iTmWzxYl4iOgMsC773J5M= - =ihdo - -----END PGP MESSAGE----- - fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533 - unencrypted_suffix: _unencrypted - version: 3.11.0 diff --git a/inventories/chaosknoten/host_vars/pretalx.sops.yaml b/inventories/chaosknoten/host_vars/pretalx.sops.yaml deleted file mode 100644 index f143970..0000000 --- a/inventories/chaosknoten/host_vars/pretalx.sops.yaml +++ /dev/null @@ -1,212 +0,0 @@ -secret__pretalx_db_password: ENC[AES256_GCM,data:T9qw46sR88tcj4NG1oK3AfjreU4N1cIN0w==,iv:g2rr7PbFN9bFDg/w7vZBiuMB4p2j2uu0eQAyiweuQ6Q=,tag:0coJNAbT5W9gxy2fVOhuoA==,type:str] -secret__pretalx_mail_password: ENC[AES256_GCM,data:HJrrmdDKzity4Fzz+JEj/kvddzHpRbw1Yw==,iv:dW15nSyYjzlFdPkQoZmJ5k+poWyJZ7dW5Lo8IFjtfMc=,tag:AZZObQRDMMoQgnPmqo/+Tw==,type:str] -ansible_pull__age_private_key: ENC[AES256_GCM,data:CguBtrNgimXc0dBhIHn6SNYhmHY1z6mHXdb7bmAFUy5FtqAmU/HGTxIsOZdn+GjwHhk3idi4my68qAkyxiuvHno7yQ+HTRgPl4k=,iv:kFLI2ptzZi2UK0MLEyFpYdvJ4o2C0zaQ1K6fowYmG/4=,tag:8hwlDVpu+HBm+hjNAdiVyw==,type:str] -sops: - age: - - recipient: age133wy6sxhgx3kkwxecra6xf9ey2uhnvtjpgwawwfmpvz0jpd0s5dqe385u3 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBFL0g1ZlpWWmgrcUE1bFhU - L0syN0c5WkxCNXNXcnZoa3docUNBN0xOa1Q0CkhsL01IWElmU2tCSnZ1L2dRTy9w - aUdrbUplVyt1eitqMU9RLy9mWXJ4Tm8KLS0tIGNEYUlLMGdXM2h1M1V5SXkrZVll - dDRBZERmNjhnMDJpRDB6dGN3aWJXS00KGWMfPBbO1YcyLacYRZzn7r2ZdY/6O0rJ - VDP2y05evxOvQLG7wWkuk0tXfYkBglmS5h/jmnBUC32toDv43IRejQ== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-10-14T23:41:45Z" - mac: ENC[AES256_GCM,data:tw/zADjnc9mNcT1sEGDeCFr9RuyPsgj6mtcmDwpYdquhdfmjvccUBwly/NFFdHAwUqmL4l5R2xAFaeKxiEO03DT9nx6jujDvgpKaWyiXqgPnzMvft/9SXdjwx1+4COmT15WQ3LfTQbTXAJH3taGDQeRJBPRYFcykscyw3S5/aU8=,iv:kmCUVVT17MPoV4/tGqxKGeXuf1eIzX9qqJt6HL2ygPQ=,tag:+v+TVU4Nr+ZCqLxWvWWjdA==,type:str] - pgp: - - created_at: "2025-10-14T23:46:52Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAxK/JaB2/SdtAQ//f6qoqsPpJs3l7V4u0n7kx/0XwSH6oPgAyqjza3ZY3vPx - aAEqhLe3ZzqwLR5nAJ0XexdwqlXv/m1QOLJqvgGK4ryT2cge4mTXkV4zg/5bTHal - DfHah9L9a2HOOj1AxG4aFRgj67NwO8lNvDwn5cAxfj3swAIqst6NaUQdRA2XWscj - FBRKu37avIvcKeEHI1UsjYfrXJlPTmoaYp84+mJYo3PQG3M7k+k9XhNFiEtu/cRB - P9GJRZrWtFaK88x/nfV2/bPXDfjb1ieqXIm4ah6fI/KG+gNL3hSCtdUbC7ShKrAI - CTzCI6O2Bd6fXeeT8lppSUL8A59WXU1Yw4YMrwOr5vThF5Zr2LTo4i0JMWgZYZhB - gA7qizM457Yrsq6Pn4HvorJJC9uiHTzg7Mxv6Q7IrbtHkHL7CP25lOluFh9YgXMZ - rPfRZoCts1LU+XC4n97KxwEpWeasykeb/tW+/elRql//AF7lZMJ+yaUdXRM5JFny - T1tr/eIN2HljrVq1YbVONGmdKoGtJzI5vFh3qjGj5lNilq3u2+gEShway73yQv02 - uTrQcUMgIgIIe7uwxScuQcdVRajpWnXA6nFYMvPXRzZHWng1Hjo2RuKWT1e8qh6d - 0ImE8Y5Ypc3sMVdU33dQHVEPzkbzj48QfjrAo0pmRDA8xD6kbQ60tZPfv2wChj/S - XgHdXrSL48nqO9MJR90s9nKNMtb6Bru0PBohcnwDThH38GmiUWQ/EzUeZRXXtQYL - ja2MnZ8gY7FdVQY1SYirdwX+dAF0SQhxs21dEPComfGmRP9ZbtycKqKIIyFzDto= - =/33I - -----END PGP MESSAGE----- - fp: EF643F59E008414882232C78FFA8331EEB7D6B70 - - created_at: "2025-10-14T23:46:52Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA6EyPtWBEI+2AQ/+Ky1VwXtE6UpmNBZA5yaC4+SPQjLk1xHyLPWbETGhAOVg - rOnDLErDDmD1ND+wHlnkG8mCztyjOS+w02SrDUXr1cjVzUFr4Gz5Ud2H4FmZQlfV - YVixRJzpCCbcqKplk7MPKMJnWJWK9TqKJrqwVEQ2dppf9eGl5Uo6+DyYLJKBi8Q6 - 1SdCDDJO8Fr+DzuGqcUktiWAqTZV623rIe80Ux6eFWtnFzUTRAXaeZ5UjI5n5Z1I - W8bD33ks+5xNi3i7dI6CdZ1nAvrAJns/U3GzRui+3hTsRyUdmWVKAnJv7+ok3YNV - c4asPzNmbduXi7/YIPQm4lkiyH35cUtcOWpEu3BoUlX+4q4fe9vTYRvD/RbToVoO - hoaAVQ8wq/PXfVO6ZM+kT2wjrHGNPi5w14pGXQpYUcqauArWdqGQIZ0q42BWuUTn - RY1CMmdPyp64s1euTMC40tRXi8XJLYTfGni0hQWG7CVHlvwmZpOTWpMKu179zLCG - wpK22T6lTqcMqB0qaDJoODwvXTVyRcvrkTVziUbEmApyiYWwpSabHltLkUfTMVtq - Sy1Lh5Y0ou58tx/sVj+uKJLKEPhAQL9lsSffB19HUT3E69J2xR1kXqyTKggdbgTI - mWdzoAeOnmOfr+GEJWD5w7rgt1TRBuzovLRVwazOzH/78L2w88oKYB4kbCSF9ALS - XgGNO6J0vV+qtMU1R253gRdX1raRM1weMkwviwKBoy6kU9nbzMcXBRzBovPw/FjT - pQjL5nUT8OHrNi8U2Wz1fir9vx2gORGPAvzevoMocKTFkz/n7XgRB5sSLbXRvzY= - =NP6G - -----END PGP MESSAGE----- - fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC - - created_at: "2025-10-14T23:46:52Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAz5uSgHG2iMJARAAzWniYxjHypfhrEOmfkgkM2f+KEEJUSQbE4T5Jj/tcehH - ZQ0K5d9Lj3bwOk4YwOl98+Et62UYTxwSIoZj9afw+oRbhx/3wpUrwIo4yHI9rBBb - TBHccyYB4nTYIc7s7VzwM2IQtr7c3yfZAj0QiynSBbjo3txgys1tTBvojTzjKk8t - LgFjkvj7O7md3I3Kbqy5efQr7OJFjGJUgIK+fv6OqEVmKovFWYRkKFgBAlOJa9gQ - 9BpK0Pt32JpngV3O7UFsV+IMCCjr6r0RSK8e1NETlbCGOFjQt9Tvr4ElhYIq3NeN - ldm2AR+Lu4yDAa/bk9zN1TkEQsFkyV9WbrlYSw2CAwH80yXGdUBuRXRBbN9kkefr - psQ6aPlbfNR1S7zk6NSflJ3ARubRPzKI+o5Zx6QZwqX/ocNSaf5Mg0hZkEZe0c9x - I6CD7fDqL14/3n3RFhpsld1YirxwKazaAstICiPqDnK8Oaaom4T9o8qP0ArH+s9u - TcgXVv+Gpd4NWZLnRM7bR1TdtY21JrkXwb4lMGcIp3RMdlvM0MvdJt37BcAhJ/g6 - Drc/oSBzbodVC0rB0fcEnEY/Qzh/qQFSV3PNCJiDFAnC7GI8hocT5BMKRFXfLu4D - 5YD47fSGjMRVM+d3AAMYPgvacnN5wQ7yr5gyC0CfQ15ZAf5IzwWYKjrU7CbYvGHS - XgEXKHbpwzPdTABe6mYPJpptp+X3RVyBsJIUl30TytcSNtJG++/crv4+vzI22cfZ - GOg7Yucxhv436UnROxki2OQfAeunJogVg6HiwXWEiMByVjRHy0TxM/cV6Uiflsw= - =y04N - -----END PGP MESSAGE----- - fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5 - - created_at: "2025-10-14T23:46:52Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAw5vwmoEJHQ1ARAAnbCwPtBktZdw4lfQ1OdRhhc6NLEsoOo5/F+cUpld6Hop - c7IZ2Cwwgp1bJAKNKbGg1VCQgZG6VXLi7zrOJ9vimbZL7IWU8bN4Z9OKn6dLk4Ny - 7uYM6CTadLMdjShHSmvTloPdQDNEE/ryTiXu2kDTL8A1/B9mVZe5/S1gMaAgMwNG - 05aowADBHSLKCPH7a7MFcg4Lgv1+Gt+mHU3Jscoy76HIqZAZSSTisMXWbRF2hGt7 - c6fFrLVrh1CLZBXZQotpFEe1CwVP8+4kYAbTAfBFGIKOsFSDlyJgb70QTZEg4qQq - q+TmBZB7fllvrqvZw2rTggggAoN2M9yABBoWbX8Y9THF3E/aSTPTNI01auks1fmN - Pc50sVtlVy8vqJ2Z28whzWDJBkmw7f27bPdKg+iISOCXT+yqt0NTx+YeUAHmZD1Q - mogeSlQ7jrsUFQurlhKdnv5FEm0s1gc2+oZzC9IOADJ8w5R+xV8gWr71feDgHNnY - VnEetmZx4MbBcesO07eUdu7Sy8waY6BJuy6/+9uNRMSM6kTx+RriObd1umwlpCW4 - 0msHtIcJ7vZHVz0RfRtqcKy2rea/BC8A0UjHUn1l2OFmfebExtgZdHQiH9ne41Yz - zonWgQkceZhO2FRW5nqE5yXta+pp/pj0Aeb3/q/kKQ8vZwEU+QZBSmZ9j9qfd0vS - XgF16rfgIgVv3PZIkMeZ4KRhV3zVLCMyMUAsvp6IHIq8vn+z3qbqh3P3mj2bKEx8 - h52BieO56a+Hdb+Sv2J1wTowLD0oOSJhdYtr3EcoCyQWHsfGP2MyyQbUJPh6feQ= - =zrLo - -----END PGP MESSAGE----- - fp: 87AB00D45D37C9E9167B5A5A333448678B60E505 - - created_at: "2025-10-14T23:46:52Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DerEtaFuTeewSAQdA8gTHsk6g1gSvlQUmqaf2mCQIHQWApJaS/fBeX1ZR2lQw - nDLf4R06KPbVLpCWNc/3qE5H5T6InWPVzO/NOvz+XKjGj3+cFYj9gdfXNzPeUVsH - 0l4BCr5BOG5puCZK2KmwDbEvoqXWdxMY98uW4hjWNvuQjVmvJIXLVkP6FriTHyoQ - uIFKN4VFLcyuQwbWKhkKQV4Mx13/ZMqNy+/Ujp6t9NWo9RYoZk6peeq4aneXHONC - =7Ovg - -----END PGP MESSAGE----- - fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912 - - created_at: "2025-10-14T23:46:52Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAxjNhCKPP69fAQ/+IFvHpX7YylbazuQvefBZjcXCJ7un0G5cnhdXNAcXZ/JL - HP7Jpj4reMN/g84BCZigN+NocPCyKNhHpSqIL1oRBK7aZMCysB1iFCky621vhs/M - 6U7WnqX/nVQlkqAkzHiqJ1Fdc4p3V2gI0R+M4Q0OTDz3f/V7tBVauDJTlbkNLgg4 - PxT7jsm0YQOQ6Hz05K51YRG0ClN6UY03vLZOQLThHVxqdgqM213GhfE29PfyRyDv - iCLEvFw1uorE2IyNAfLFuOAM1It6a5BWLQ3fjCctW/BI3+tux+eDYthCKuKGcxAS - ZYHGV02U0721Hr6spPhWITzpj0EMkGzMMUjLcBQC96BIaz9jx6xvl92+4wDNTENN - PYjWb8UY40I9WYFudLe4gg8tbe5djoYYwHGzp+R6Mlgy871IbgXQN2j7Ll6w5Fbp - ztF6sfbMZg5xL9E6CC3V5NC306nejiTUevWmbWaZRfe/MKPnoUfrKw7idBj1ax0I - HtYUNBIu1Dya2j53E6Vn0pZQenO0jvnogMeAQWqdHSZ9gfbdCVWumiLFUjyrVTWP - KU4i2jmUYjkh61dO8PyDYmdbxz5OhI2+NPfz2X6my+TgwfmI4FHaTj6yV6qPb6hN - upPps9cpObKFxtvVOclnzKmurW2mCXymEy/Z52ggQtiV4l4IrT4sDD9qlmslwEbS - XgEdub4ZZMFM6IqboRvTls2Od7bfX93Xb70OrpCFhaPq9zpraT9UzZWg9rs1UrhG - tmO5j90uxIijYHpkTtn4R7LJxn6rWr0vUsfrEnCYuVaNPfZ9uzJx/ml8CB4Dgzg= - =n/JA - -----END PGP MESSAGE----- - fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55 - - created_at: "2025-10-14T23:46:52Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA1Hthzn+T1OoARAAuROL9h6fxHfaAayEWqm6HZnGT+7E1KgKDeLD5+nqjmT+ - I0oekBaMKnwrkGi5S19fgfae6zi7UaelnrKmJkIvpDTrP3R2CEq2o1MEbus5jziC - FxHRqPZ4+ZLwSSM8yLPI1xSgrR0i08N3+7SIwXIkiluXg9Y+Vr/0xo9OX/PK6JCZ - 2xept3K2tJW5+8Xr1Vo/KlXrirEASvu2DLP5Ol8tcAg89MQTW3zrgCK41RWoyD6T - RnU7bLV+d0Y7w1wdbnbwaHswRQwv06nksWf7ESZNt6rdvIEJlGstErqgx5HkRi1c - jFd8r8L1ODvHAAwEal9RXlSyfWaCquNY+0iXAxx5Mf82dUMSw6ghWVxipn8bBTzq - AvdUEBTsbwOkTdInXFPUHNbSbsADnaiCNsFpDy4IJFhTpFXee1FNTl0zy40Y06Ac - 9nzaFWcQ0QcYVzdb3gHDzlXfasRpM/jePbGxRV+GPVvJeA4aTXHf865ssPBnz6zy - ySu/hvSI0Vs7Knf03BwA8AiQKXas0O0xxs2oxo8FhdryQNjOyR8BAlRG51urDp3d - gmTIrX5YT8jcfQh9gWcGFL9TLpxvw5AJWZczjROxzs0Sz6Sf7a7ii7rRQqsZaOM1 - Hgzt2kqoQmF8p8yplheS2nVMsFTctcMlM/wkWn4QlOMS0A7ciI8q54Eh90o4igLS - XgE4kW+C9CPoDeKOgVBpRltKn0kwE9Og/WRsvHJBXqq/zIwAG93uK4icFNEFesqc - sDBck/n7Vik3vsghDBJnH+NYTGyQHu/sRJ0jT7r/1u5VajiytFhx9581Q3qnwMk= - =I2Rt - -----END PGP MESSAGE----- - fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD - - created_at: "2025-10-14T23:46:52Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA46L6MuPqfJqARAAu1re71AE2SZ+3fLIS6GhCojz8vKkrkgGke+s8F25ThOU - XQgvd0oWKzWApaohcbFvpt7ROw+OWeDuQZWclA5js/i1qaAh/9O8stDPlfEKmWOx - uWzLwD5On+pT8qG9DtJezj9v/A/IUmqKp63pO1eQwWhZk4RKzrVdmcZ99OAcwm+P - 5qvYuT8gvJCEnANA4cOcfR7POmBq0Np3NO5YmRGUNcjNjpBiMdUnjJeewU4/YUmI - glvkc7wzXh8lQ81w3L+bIl5DKpu0jAw8UPs7/jcdQeTPrfrVzEXVzJdK0cb7aZ+J - abNxEDm8YP20WeYHq5bS/fGeWEhoOJlK8e3dZoBeEM2MFnN6qDgKMbuAYtsaqYkf - hsSM33KScHVKJHsY5j23fwubxtWoVpiPNWqs3dR5c9I3i1BvzoYKPQeQU9l/SJmg - cs8j0CIIuangw91Y6JmViJtlm+2vgfvTl4xox+ECDgiRZ+LQizzhodfa3fodDmUG - jXA5s7iJpXSonMLnQeydNim2UwyN5YSUyC+XcIkRBZzKZnyo4iiXINs8dReprZka - T/H4lSNdpCobFu0DPJ2BpSa2Z1laasrKD30OMsLf42xL7jS/Y4w4XJKweTjQD6S4 - 61TKOsNqhgs6IbV/sF1Whcy/zzMovLPIv8vhMmI1XWwdc0Pg5i2PjtKzPnZ1LuHS - XgHE169r4eBvBatgPpP+RQEXG+DtQkTjvScFJiOBJKb4gkTPyPb2lOW54PI4DgT8 - v6qT5/vLY2z2/hqp5rryX7uh3AyQkS/OgIEsSRGs8EGqDD5xTPPb7q2jSoechDQ= - =labo - -----END PGP MESSAGE----- - fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A - - created_at: "2025-10-14T23:46:52Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DQrf1tCqiJxoSAQdAlzGw7eJ19tl0mlyKY8RX3nbw3YnD+HTDa/MKvTZR7Vcw - rzippnMP3k43C41VEd4li0YsX+y2N1jhagIuH/i7UmCEJRt7Twcv2E/S6cvPLNAb - 0l4B2ZvLw3dgA07vH91SqgXo19O6QVPpQAisUGy86thEl1fS2yFog6WspaiKe7Tf - r0137/wQSxkgnZOOUB4V+HOxf6IO9VYOo6MX8RTvu6w7CMh9kFYwgR0suydi0bRv - =NrMm - -----END PGP MESSAGE----- - fp: B71138A6A8964A3C3B8899857B4F70C356765BAB - - created_at: "2025-10-14T23:46:52Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DzAGzViGx4qcSAQdAVZ6M0UQYg6ou1mm94d88BZDObl1RdEEw2AUlVkywKHIw - Uk1ZPOs+Sk67/yTMQtC4Kx7DFD3u255JQw/OY6GK9Rceu5/vqZUk31D3w0A1FBmW - 0lgBX3sZvCE50V+qRdAlILF0OfeoagfrA3pnOpAME6qjGHrdrzmyzJSlpYsN7aja - 953m7SMAzX15zLs0AjmOoOIIbnf1ctcLjmBxii67SzW4PJUtHzkc3YLO - =+Ubn - -----END PGP MESSAGE----- - fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD - - created_at: "2025-10-14T23:46:52Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA2pVdGTIrZI+ARAA4sgYlM1jPEatyPSFWcgEnsZ3Eewo9vCJIXtkc/Vwj0ME - Ckf8iuOqhiMEojywmyKwxFMRscr/sDW2iByoJYhsAh/rp3XHG6mZczp2/3NUx/vy - jnZoQnwfjaDBTBKbFztttcgDBc2NB0MnmbmzP3n8Skgay5sTNuimM/f/ePq4oGOF - dZ9eva3saiHNK2HLFgryvqq/CjnhdzeBMJ8ArL8Zg/LYljwFWn5avo0mMsA98f4N - uVUjZ3DLcPKFEEu/Ooh3Sdch7wfIYIZpgo/SOB6GDC544temY9l0i+R3tQQSgd28 - oEBI6z4WWUEjUX6mZ90xUcNs7r8dcPPjGfezOq5wiSNmspc89d5UFyIb84BYkc8H - fG61KMUgTetcxYWbkkoOLPofRapjTuT2hzC8tt84u/UKnDDL/B2RIpbKhzhf4mKq - pWZsTrYaOH5T9xphti7BEceqzvGYGxgybvNV7KtL95+N2bV8NdBaAH97muejDjoJ - fzLUTMf2VWHFOtn6vPNigYBXv+1xOpLfOGwl0SzeuckJuOSutNfxmfylbrRdsJK1 - kAVDQ8cBe9A9idMtKnwCreTt1IbAY/JQFeZ3Qd4A1NLraT0Yw6PlEqdlpOAvOVL5 - wvCTLI/7JIRQLvPrWFGEfvOmAmIRusdycaiMf01if+Z9O9b11YxTKYXEGKtZLejS - XgFShZKa07VBFsaq0+RVjsYQi+izQHvD/uCTr3zZSAqrCt+Iph88gwklNmdAMosd - d+cZXKZK24MaJ2at4IJQK1f5e/I7YdIJKVNvTskMUAEkkG/gK62+ZBLnEy5wXRQ= - =SXzD - -----END PGP MESSAGE----- - fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533 - unencrypted_suffix: _unencrypted - version: 3.10.2 diff --git a/inventories/chaosknoten/host_vars/public-reverse-proxy.sops.yaml b/inventories/chaosknoten/host_vars/public-reverse-proxy.sops.yaml deleted file mode 100644 index c256d90..0000000 --- a/inventories/chaosknoten/host_vars/public-reverse-proxy.sops.yaml +++ /dev/null @@ -1,210 +0,0 @@ -ansible_pull__age_private_key: ENC[AES256_GCM,data:5kj/2+uVwXpGdyqnmH8Aihh0bj7st2KT+huBD3bdPTLN5aztNpLfbz/IvI3O6ABDNPagrgnT/0RamU87RnOnofT5VzjsVIbxYa4=,iv:zQ2z6J5g2onxBfiN56oFu21zvrcuoD3mV5w/HXbzOWI=,tag:HORT10RIqmtRVx+rrUkjcA==,type:str] -sops: - age: - - recipient: age1p7pxgq5kwcpdkhkh3qq4pvnltrdk4gwf60hdhv8ka0mdxmgnjepqyleyen - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBpbG82aWZrdW5VUTZJcThT - dUl2OW9oaU9lR1BYY2lha0dGdWkzQ3ZjK0drCi9MQW5VTmVlQzViVDN6cW12TVFm - ZmZuVjNwVWxqSi9zN0ZNYkoxNHZ5VjAKLS0tIGVkR3g1TFczRGM5My9QbUdRWGlh - RmRzdUdNYUY2SFVmOWtvVUU1TFBHdncKJIdqp6bjfQ4ofzhreMJUXIrEnLAe6Ept - YmKe0G5vTOxzkpdFmKs4Ymr8BmmhTyVIWx5SF7OGIirmcJ0nvPvqsA== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-10-20T18:59:56Z" - mac: ENC[AES256_GCM,data:t+6pVWsdm3aSU7nwXjr9Uf4KRj8ibBEPemfyz+CT1kr+x22TJ97PmHGOag+sQwAl8s4EUCx2O+T1XuhVQ+iB//ZEhbtl+qtqnf/Vxpb4WGGH7gMUrYOqJEWhOxHK/itjttNicG3wAUoBTwbSuGEE9G9YCYVLGAC8UPuKoykwsOg=,iv:U9MrJJwUZ4jrIfonK60JlIToD+00Q1mTtKeFtA7TJew=,tag:bKdtyNrvOk33DbB5r0HcVQ==,type:str] - pgp: - - created_at: "2025-10-20T18:59:43Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAxK/JaB2/SdtARAArnNDRas6J8JZI0z0uJuGm+fLraRGbEVNbMS1UPZXXX/k - eBKTcx2bkKLJFWLcL2pAYeFu2gfjz2RaDLCwCMQ2+l+z/UGpqF5iIu6etkpsn2rd - fD1r+hCjFKpVAVecqUCtGuQjAGIecD9p21m7bRfX0fgmhQYNs2ZNrVn5cu1vDJVd - cRSGT7/j81CSfphXmD9b0dK6QTmTltZtf22KOO6WrE3dDvBbTrI/7Q8Fur6nl3d1 - GgUEm3Xbf8Qgkj9CVBZ5mz/7LkkGxjiYhZXsH3oXxQ08eDMhP9p/qmmwF79jp22a - LMkk9Pg51zvK+8eB0bIzF7WCmNPfgKGMo3dq1qvb1i26AITO/v3MrVVgHBGGTs8/ - emZarwQjYUv+ByQHs/57JbsY8JD0ohiFFJfK5yCG1+H4Si6MtjqFc1d9512Ty64v - 8SzeQX7fu6LetoWCcJ5LURE85vX9zoL7hlLwCgNxi6exKDxqoAk1ASwZyL1tqb2+ - l4gP89T2hAF+cg00+4+zRz4klukNVk+SKsH95+mE0ZWpeFen0kBBEROjAiMtyZS9 - 2P/mIRK0ICYTF6gkq4ucPd62FxxXwWoJ3hXW/CNURikPFTpX6O7WnnDmprCA4oR9 - 3ah34pStwGaN+MZqXpeDHu6LqJPI6jy8ftu9nAdPzuzXZeh1Vv+A+nuehE06JmTS - XgGZRn5yzzRUmp9z7o7mpXmO0DudCUQ/y7A+S3xD69pszLZRvw5sE+obyQZnVva3 - CFCYInGvkA1N06OcgIK/i5pWTUmBtMDBaHLK64zOx3poTAv0sLZMa4LoItiIUZI= - =tGOp - -----END PGP MESSAGE----- - fp: EF643F59E008414882232C78FFA8331EEB7D6B70 - - created_at: "2025-10-20T18:59:43Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA6EyPtWBEI+2AQ//bSprsTehuGajMHCYmt8mhZHR2T1kkCB6sM7tYs+uqx4Q - IfaUG5LhETNSS/2zutenVDxOC4sC+aNyA2l7SKpu5iyZ2l78I8CorE1VcDwkDcNu - S/euhRbLEMYyT1GZaWia6l2f5dKD93QjyKI28t5oQapUrChU4PKSkWxkDX82ZcJM - Gf0TxdJqFBankjUlwVGz7BDxTplBr8E9bwxyjwY85CadcfClRFurs5nmuwA22OWD - /XRz2p4s8uWJtCvyL9RSQZa/jGh8dm8ly+Z7m6sGZfXKx+WFK/7s8bRoD/b9ut35 - geiSVhwyetR2tCDPN/KKEnOx3ln1A6qO8ROF/ZJl7SqwbAgKXkR7sWdmxhUcLnME - 5EDdnQFnTEW/0E4QtNvEw9YuwtPMZ99yjkpP0IeA4veJS3o6ru/pFiLKSYG4fAfS - oJsTy/Wi8NnjauqyEaIdv3Y5DCvZ8KAXzrmfa5h4CA8MU5VomjiZ0X7IkBhBn3Gi - 1hT5JlIfq/Vg6L0yfnguQIRQRNb45LEu6SqJkk0OleAqMObbh3vPf2uQYDRB4ReN - qoUvTeHE3F4NXrrW/4I3Q29cXkVe2KVzNsHlQTmlUsVMimmWWyBsjyzfVWrhaOiR - /rN872VvfbDs1MO9YululhhFxpONEVlDHNLcnpEFQPKwqJ4Yf1fIaEBSQBDx92PS - XgHqIDQnO6Ntj14JtWop0saCd7Q0ztCphLG2RvinxeP2R8ie7VzlMZf4kA99GUuU - xL97kVWMiqh1UV+BTDxpbJOzYgJcSXXetWARML9Mi1jGNPV1bOz/Ij3aZ7yB6aU= - =K1Ro - -----END PGP MESSAGE----- - fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC - - created_at: "2025-10-20T18:59:43Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAz5uSgHG2iMJARAAzpjYvVUka1qd3VLbw9aghIeJvJeA0oQUOtQkTl7kgLIe - c5tDJWHC2qVea+z3jKns+2Yb9hldahNMdka86OAQCnNRHHu7peTTLiVNHeoQYelv - 3aEB5Ww3DZueBeosKuCSzS+8Hp+rzrmYBwUPw+bgbxn+CifDyiaCWh6X7fYL7o1n - Z1Cm2H+fkRhOCfhVxWr7ju6G6H0BKqI+ZcAXwibXnt1AZxP0kepIvm3M5U3jFKsO - fs26yOqYqtfKTV6VRySP+ArcvsNqk8t1BRYiKuWPqo2ogvPLT4QQ/NUJFLlw604I - BEERo1Ope8jZcjkFDEFSEa82Oorg00IZOM5l2TLzCAn7P1klam/MzQjZdD4AxMUu - nxhXf06Sk3fh3LgM4gcLoXdaCpC4JgheY3kS4EqDLH7UBACWcgnHvk8oRuDqzmiT - AnYFevAl/qILMqF0YPG8aYFqGfsQ/pmFS/rFsTkrFwQDlBbjurMuq1n1/HhSiQTu - rhKrJstsj7eknne6qTFxTMXYwoHpEBHGk4odkELjqG5tlngzt6VL6PU21cVy/SwW - 3/26HTXKkD2r96mtzyJ782SfXETUKO081CTE1EfvpK79Qq2PQMY4DUeM/gN2RJdW - DmgezETSvCgVOU/CFEJRCCHoRDJuTladmv57R90N5GsupJbOqxhKqQmVxPxgagrS - XgFiwVmVkUHiX9ajGT3QZXCOCZi/dSR6u82VR+wCa0c2gvdzOAOkCf8u9PgHzHGe - Ixq0TTvgpV8F6lTyXrsbKr2eo4nb4ZVyD73Xya5yifjrtrOXwzZZTCmJya4fYRY= - =4Lug - -----END PGP MESSAGE----- - fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5 - - created_at: "2025-10-20T18:59:43Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAw5vwmoEJHQ1AQ/+KX8kz0jH1IbSUMhMHcWdKFJm0iWkVn9KfJt6tKwHTvPb - v7XLZiNoJBcdQinBlSssYMRIyvp0YkquReID/TmNyQjqelww17ncF3tjxZ6Ta2g0 - Ap2VMR2nK43wuLhDKboSxM9VZYU/UZVex5AiBjyxA8Xb298YSZzL05/wKSJrshkK - EYiHM7gzO0uSH/eHSCB3FGbyplgzre9m9cfdtjS1uFWjGH54VXdLicei7MmBrl61 - 47rCeN4tq0gNb6CQf0oMKO13ZADk43sGs7QQ7WRrU9iO69XYXtsod1/rW1PjaH8P - fQV1f/9X9nrhJfRHDVytmgDmrnkdap06RGnKA5dJ//0M0bYTqpMf1pOM14LbG+H8 - fal0pO+FX7UvhjNBeEdz0jlzpVz8rWV27a6Xz4FHCosqDmspi06EsI74xg+OnhZh - 1G7d2rMP8X24g09rnED7PNyGGoUwytqlvyc4lnDaHCwbRhU6y9Q9tRAFdBE41xVM - AEucVCCj20B/vJySJgW4Tn9YPCZqx4YRUNswr58cqbC4EOks+MI1xhqs2E/VHOIl - Zy3ymkfLdjE7FlQcjbwuCZaaBgM1ailEjAYB8WpeVPjfdp5PzLDKXQUD8eBwjrK6 - sPcFF0F+m1S/Dls0NYJ3crPBiaUn3oxebZKYfqRPz7M3YexjTwjkxOyhdf8waxLS - XgELsgdqhiUZzS5jtPXWRQDTpLUgVTDKyX1hG5vr+7mHfPaRRLJG8P4Qum4DY0lN - aW0HIL6naKBANNKlnke5CnJEPThpY5c+P4f6e+3lu6vSliwO2arjd6pEHh5x5KU= - =ja4z - -----END PGP MESSAGE----- - fp: 87AB00D45D37C9E9167B5A5A333448678B60E505 - - created_at: "2025-10-20T18:59:43Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DerEtaFuTeewSAQdAqzM5vG79MA8EUsKYUYZfjso4zRAlqJaaa0+vdEaFqXsw - jfsd4YA85e3G4ZkRIrMViJVbJM0r6ARvEgTr+t8E1Zs2jKT1TJJtvkLEVw0hFjqh - 0l4BS2+6jAewLKyUbT8nxE5R3wVSYNgU5xW+Kh9wW1xsJJbjKSKAn0QglF81RBXd - 47q2AHPVRtUHoKVUuU9nU7Fw074xbUr8RyNJd6euoPiKnOf9DE/c8SyGP8iPppcK - =zhDO - -----END PGP MESSAGE----- - fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912 - - created_at: "2025-10-20T18:59:43Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAxjNhCKPP69fAQ/8D7V8PkNYAt8m9paXMyqx53m5wNznAIVR8PKUaJ6v4K1I - xq0ZfXzgQROVlSlNJ1IOKLPSyj4X+JkzccO8sAmJX4qp/1zSbjy5y+MUSz54qPpD - zbIw/iP1V2pyeObgt44yPRcsiAabUG0YqoRAJQH5x91h3RklA1JYGgEn9m6pO9bk - YGkR8+zjstAx9Oq2LKQor8nSG+7RHxcRrbsDUSNCb/fC+PhmlDSlbcXXdYh3U3zi - Pu6eItWH7bIGGAYQC6cmXGFxflW7LT1Fr02KwVAYl2ycW6PIq6DwegH0ZsTc4zt5 - /lkeKX7yNorQx+fMdsm4sqdGijeLWv6RiA4tHYQ9WGV/YS0YuEI3aLdybUtnsL7B - V0PYgdmPb+hcgb6WxMrr5unCsqouTOvUj07ucrAKfzLmeUh21edKbGT5+XsqoC/6 - ii7BHgqX1ej5FE1F5PFvA4j+f3vlVjh85ivCJppyzk4wSk+qSVF1nc3Wpe6Rskpf - KjdzaPSNKT34lTZ+SN+HG7Vgo8vRoUbe4G97m3id8iYgy8l4tkvXvrSggPHs7rXF - TJQ4l+FlR5ZVJ0OLJJdNsLym4JARv9VQ4XzmQYJwf4oe9s0UjcUBzmTh0ICVHYQE - z6iVoYvWOnqLJWdEwBMDMqxL68VnBCPIXogaKhUpMfGndzo+WHsxFOiCC9KYWQTS - XgFWoU507I1wfTpBMlYjAZffVvLrI5tGPbHuDm3X2MaHxq1gdkGlls534opWuU3c - I4PnAAJOLBizVlNLq+GpBXGCzsM06ChpekhMiZlNJy+Rs8ozMqfIG15dtx82v3E= - =hFTi - -----END PGP MESSAGE----- - fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55 - - created_at: "2025-10-20T18:59:43Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA1Hthzn+T1OoAQ//WXlEfd1k2QL9LOmOQA+21TMQr81u/GxVRspVoD34TgMA - 7gnwWY5gBUuZHGMqLDwkxno+819Y5sSPKfsS5OWKoYSV21R6cpME6IMcb96qdwNU - 4/2GaN6m+My0zqPs4/WR1c/COkCMqgjbV90GMMRAl485YzVmjCY9eqQigr1/pxPS - uPUfjiSScfKJ6uCA0Z/Hx+Xux801nYAwNxC8zfzHIjutNPCauGKZgP7i3I/nEpnJ - LDwD74CLPm4FsAPNp0WRrITLIV7QuheFpAAdpo6DvH+8iz7cHGp0iHRua8jWMlzY - /0zDYIYBh3BSft37krmvMID98kC00O1WRmzq5Ut0QZe8MONFEFXoxIVN6Hl/35uK - 5RIR33ZD56euf+p+rm3dahEYGZ21SR4XAq+q367AbGY9sK4DszPuATZ2dTisOWpu - 3ICqDdzF+3u2a5FIJzU84ff7pmNJLMNtBrJrqDA3TVwAI56bTF3RS5wwL5wg2pSl - Utnn6BNwG4TP5Uepik3uBzXnEpdxHOOuayzGuNFQ/JVFqHX6BzYCUVh8jYWZg13N - G0WNKfipZgrhVV749yw4n3wT5l2tV5UNsV39nTcgZZgRo4oMwkegCcNQN5tmCUz0 - Xxx3OuD/GOnbat+V8ABFh+O7QXSBMCZKeQZEIOl5UuWKo5hPodu3wAj1gSj9Y0rS - XgGZyQEdbLvo4QQuw9tUExxiLx7CsWmlT41lX/DRou66wOr4DwjW0ya3US4HWQF0 - RWHRPoIwmo7L7UFQG7h8K50xyDKzx9Puhh7IAeXo1xj4tgcOrKV5aKbseb0lNhY= - =25qo - -----END PGP MESSAGE----- - fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD - - created_at: "2025-10-20T18:59:43Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA46L6MuPqfJqARAAt6ChifeYBwZ/9zKinfjOnwKD9CpgyrbOA8MheG0AGyVB - MF4VOl/jm7J9j1w1oY85N1oXHjRETeAIeLDG3ygn29bMSs1qy0hMZFmzrAWt3HTa - KwGjEqz3ml5YN50+6BrJp4gglwrfJeMfvP4bNZhKZA8HDpaoqOJUaPBj/NB/osdq - HAiMLXEYccYcB5HK/lGmg96LT8+0HxLWTqjwWtBUmpRLICcmr580Pzzm7tcKAVUF - 532dvLYzguPXXh2GePT+DU1I3YlFAfvG8LWkJVFE8cUBH2FTdTyAHpxsXQM/6R3b - dJlepztNMR24GsGK5htzVjIs1Cp09NvXwKTI/+KMtc9JNW3k3XJc06mdu0C0gsBU - sBA6j8GWfobxd2jhI3g/20ZNhyu4UWqHglvAOZnKdnqYWvfTXoB+p/guVVkFw8cR - U1eKCX5MuqeNLaZ8KGJfoXAx+G1fYufbC652t59MCHhog9lVGQk79lqCcGe9BptV - 6SMgrVr309L4nsdt3bympdiNQHYBN4iqMqPldq4SAlIffds7bmnWdunWYv8uqMAI - 3CivU86SD52yUFFR1LFZtWFUWFB2PRglBR6I/5yXdq9+VWVjdNsgo+yT5yZaR8x3 - CAhApICzf7acPovWzUYfL0t4lVxoaVivOXkh8PbaLeMNyWnaXIU1/CMd+Lh5DMLS - XgHimRgOmNn4xAutA+CyLW0cR3y3NqJgHftx/r2kbs4+gfCTMrDgKzW6ssIGIKbF - HDm83gheAAVoVW9p1wvti1pG4yuKSasGzMaVB7gmBtmpGmpvCdXNmOYeDQCNA0g= - =bIiS - -----END PGP MESSAGE----- - fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A - - created_at: "2025-10-20T18:59:43Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DQrf1tCqiJxoSAQdAX4Eh1NRx1dVWh00AVlB7w8N9YqCujehKR1ik5g9LNmMw - XBshAVAzq4nIcloVC10ARzpCUULoPJxwGTFgZvmIbMMMzcoY6KqRFfn2EOzh5RdT - 0l4BE75QWcnxA/CBxr/2gZmkYbITQ6RoCw7cnBdR98T1S78EUc+T+lEBanXAK0vp - Td1qBZioxzARmIcDVPGyn0COAqFpRX4S1SZ2+/vaRcwFXhD5LwVH5/i9MLUQqaU3 - =ZfVZ - -----END PGP MESSAGE----- - fp: B71138A6A8964A3C3B8899857B4F70C356765BAB - - created_at: "2025-10-20T18:59:43Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DzAGzViGx4qcSAQdAgGIqC9mjErTwNhDtUn8qKtNsCdQHUJkcSQ1s9uK/7Hkw - UeDzIP3V5i+PQnFMhq9cYNP0GIsWSa1VXWx+NpB5OZ/OavcaD8tgu+f+tFQGQHJ6 - 0lgBNh97It82aI+AGxYO7y/QOOaMBsHB8kBdKtSj8/3U9fZpJBWni34TjcNLf8be - s1SUY9ba3BRg2IbdPDLeVr0wvw0UfAXa2+f7/EsULvDH9GxXJim5RihO - =ITOc - -----END PGP MESSAGE----- - fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD - - created_at: "2025-10-20T18:59:43Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA2pVdGTIrZI+ARAA5M+n9C4Sxq68KAhnNs+GKF2YHZG0l3J+Szd5PV/Ma4Br - GC+rB00mHmNJugp3Mw4Wvrh38pZNbRcr1cDtJwRhuCNqT+odP78WECkCqTPoWML3 - B8EX9aQVOZv9wk/Xeok3NTtU94vF11+JScsMUQAPyYRE8TH3frK/SgnwyQ7ntTfq - T3dZz/HFdiGfrRil7Ev9yofZyUNtMcRxNcDjcKMUUjB7ih4yK4ggZZv5TmVlb4ln - LnCn39wf9gNCPWOHPJW2Ib7Iwfb7VEc02LAD52quRavpKn7onJhwLPSJsSVMscHX - mlYnnHC3gFZsqDR67VSZg2uRG8L+86usXA03IWEHy2AGDYFDw2u6kGVuYyezU4xL - pEWRIYTtyB7IJvOoSXJ56I9XOJwfRE886gESHbJKgwrOR2K2ePBjOVIsn6p9W+jE - 76qVusEjEZw4SIiXmGaSR6z8eNePxcknG1+37YMtTzdMv3zWUeHtdsLNLi7zA5jF - cGvUXhuYvsjgjevD0Kk7N2oO8QrkXVhITx15m9n4GGFxNMJEJKP5VRPFJGXHjPvH - 4skowy5MTC5WLQW24P8hw+fHvXTr7A1l6kS6Wj4alB7jjA1nY9nUYeG8y43zQko5 - DZJ4VypcsJYZUm0mF2dBxrgWetHqHMiWwvELB/Ka248ORvFA8jbjH3tzzqiDDvHS - XgGBDeKq89WmMQMUL6MR9caGQrROtl6LxD2Jea5ocBqrJuSJInIIwjJWZEIRf039 - A/jucUvJrDXAzWW9wm2Q1n/zqRrks/DVDdh4jH6qjBPZTOgLgYyHvuDqFepoXu0= - =qKHE - -----END PGP MESSAGE----- - fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533 - unencrypted_suffix: _unencrypted - version: 3.11.0 diff --git a/inventories/chaosknoten/host_vars/renovate.sops.yaml b/inventories/chaosknoten/host_vars/renovate.sops.yaml deleted file mode 100644 index 3f00cb0..0000000 --- a/inventories/chaosknoten/host_vars/renovate.sops.yaml +++ /dev/null @@ -1,212 +0,0 @@ -ansible_pull__age_private_key: ENC[AES256_GCM,data:bdqHlOytu9POaLwjA2U3soUvwmcZsd/CZrVcG868AT//DP3uA0doe1foJ7S9P2+7vfO/eBtp3hidYoQRDACDD+KhucFPpjY7aKI=,iv:EUi66ScqjCWrGXaokJjKr+4LUgkHsPcOFQMpyuDXq4A=,tag:RSm2ReudORWzGafm94J8UQ==,type:str] -secret__renovate_token: ENC[AES256_GCM,data:NVyWH/FnAhR0gQ16FZ9h+gOxlSYFAGcKG2VgtNuOupx9e1RrJg8RSQ==,iv:v6auLeQ9TGnQakA/6oqG7gyNK/pRgCpx4foUSYZEZ0g=,tag:2lmTCWYI7N6hNa+5ABO8ug==,type:str] -secret__renovate_github_token: ENC[AES256_GCM,data:Dw4MBY9HvDRBdyp/hBsKZYeqZ6nLpuMAJAJ98i7ZODxUclMh6X73+g==,iv:kttRN7fG94Za+BN5tVyp2MYJJOnUYX5GrnzmhhKf4sY=,tag:EwYobl1TjwJ2AlVTD/f8bA==,type:str] -sops: - age: - - recipient: age18qam683rva3ee3wgue7r0ey4ws4jttz4a4dpe3q8kq8lmrp97ezq2cns8d - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBFOFRua2M4UnEybkEzV0lX - Ung3SGFLbkpuUzFYbGllMVMzT0ZwNjIvcEYwCkVWcnJLUVJ3aUxQYWlrNnNzUGwv - MkIrdSs0Ri9uUVJWbU5NSHZTcW9uS2sKLS0tIENlNE9YUkhvNVJKRzVUQmQ5dGpG - aDZsUFBwbkRtd3FjVHJhdnQ5WTFtOFUKIZzFbaXhG/+a+qtKv0p7YJMhKDqsK8Lr - QSWWWzKH6mYcJcQ4AV0ZH8givdvX67wo9DYF4XKGs4H5vbM3COoBIQ== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-10-16T23:16:54Z" - mac: ENC[AES256_GCM,data:62IDMR52Sno73D8KNBHhXLVAm3TaXYKc0A06Uzi2i7Fw6Zr/mQWk8DTrPsiFVR9THUfX+HrJAo0ChD6hjt+Aeb+KF4nn5iZ7NO1hgnMpjBFc7FtpiLMQyKedWv4PDZafzPq9IERQJP7ThAPcg/1B0FhUw7Q2STkOucFQHWJ/UQI=,iv:ABhwB0GAolUcmJjqWhdwL1+2I22WpWZhaEAe6AOs498=,tag:V+RN4Edj8Z2Fk13RpiSwtg==,type:str] - pgp: - - created_at: "2025-10-16T14:03:59Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAxK/JaB2/SdtARAAmntHneUj10baDIMzqLkh9IYnVJv8jDi68HkAVcTNa63V - Uu04D+Hi3E5iUoFvTi4PPOHCa7uqU1fwfTlovCqCGIpXncHYsN6Gs5uZUgFTdWqy - HqwLRNMa3ob3YTYVLkKXKIbu7VtFOYruF7LJK9tiElPAjQVSQoc88BjZEoZnFk0I - EGEJTw1gPern5vAxI7T35TLNajGfQ86oxBOTIIxRxAJNmYynEEt6pX8cOza/IGsY - wdCZo7QHB4yJ7ggOH463sBCJJAvUEypqDstNsYgXbIXkEB0nlgT+ZnabLiW1M+CU - kk0MOL4buorW+7jFguxD6xKDZdKXzx3iPtfzxpZbZsFaCCOYFEkBI4OQF0fZqAoI - ZVNa49seuiW2rbadXYZ3/8pw7h55gJAKMJ24IPm4NZl+ZwzCOTmJS9sRj3Ts42XQ - tqZE0ZGVGqhx8+mjIlVoDuOuMvhUL/VK3YQgUzXev+KlVTZnpSYZJIB7rmPzLq8O - N/+JLKk4QGebEY5bKTG01J1YIXOhJb6Ko3dvC896KIJKnLWQIuEv0vuuSmEtA0KI - lbUNW134gIw0F9M/76z4MqE3chxocutxmTySRs19cZnEXv2ENK3gTG8BKFc/9I3d - NxwyOlbXzzLXSBrknxmCfIXMaXDMyi5WFESn8NEOS2SuS3ASqBJjoBsZn9QywQ/S - XAGDhGo66CnoFBcTdeepROsm5ygJ9GhVMWkMlninZczhpVqOT9s+usmwLA1dO4+a - 5upNB+uqyVfU+xmvu6z5C9GswVACE+7tBVG8PhBA1tUPJk6ImTA+F0OCzOqE - =v1F3 - -----END PGP MESSAGE----- - fp: EF643F59E008414882232C78FFA8331EEB7D6B70 - - created_at: "2025-10-16T14:03:59Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA6EyPtWBEI+2ARAAoo2QhL1qTqvYOgK1OJuVViy0v7Mctc0qudgD5vcZXO1b - Oh32GKl3kPOclfpWPwjAkLLgaf7qeHt/HI/F8uUrpR/Q2NKT+cIlT437J02GRFtW - 1yTDxCXbzUpNBURxbo4HSnAhX79iwSp7MNkZ2ejdGnY7L5hoCxk011dqOZ/6vBW2 - EInQRXL2o+2EuhWFRpXcDY4qXtE50pylYGVK/m/tNEwIK1/PtBOETBAMwrQs64iK - dk0+yg6bD1+F4Cm06IecFbu7p/ZgusGCchd4SQXD2OxKNbSXqC2xeNIUAVwgIQYX - 2k9eU88RnC2U0pPrGzQ3eFVQlAsjx9Rea7NKZkEdkr5EuQE0pyYhTPEaW0JTh2Dm - meqGhqsrCiZkqOwWdoJ+x5T0+k6iKVpdh8GVFtQPki17et6iRglw3Y5T1SB3Lwty - kANuvZerkAjixQt1R+H6iN8U0nTQ1+uJRse1llj4XRN7ccOOQSslbQX0R3DkgS+s - D8BABxR3qLecx1GMgowP8m9h1VEhTtu/IbSDkHmdIg3udc7q95uIsyfBKqSzayIU - rBIugOY2T8nKi6iI9kh7lJzppFTVXUo43hL70WFtzB9/5vCm2dyHkSk3VoBPKm3z - w5WrphNlw+u1VqgJOr59lbRDLktH51OtSkY/hs/ZR6+rz6nb87bsTcPm00wBAmTS - XAFan60iIoJTSlH3jOpPZ2fX+ezSVlvPcC+tC+jKK+xjOeQqSn6y84xuG++jv5+6 - cgorfw2h63wXwP5IhZWftGh2YYI4UdtXtDj3MQWTGgAK+O+r+FMH37RoLLho - =rw7I - -----END PGP MESSAGE----- - fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC - - created_at: "2025-10-16T14:03:59Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAz5uSgHG2iMJAQ//VhpkM7X5pwbH/No3L1tn8XItEm8IzGPCdFHFECUUKcUI - +Xhzzj/AQtKi8o/bC5UKPHEmnvCMdOIn5EyFMwnsmdXOW7HBqbskgET+Pna1GJor - BDAmjZnkjaSRqDObLH/tXhgxLLhGQWD2P0B5l/WmFryElDZK1JlV6/yjVtJJMwDI - lrZ8AKolnlDeVc1HQTcuqwoBJrubL56KGB0ibJBAb0qTCTe+B6WiILlUtS0TUtZH - +aoz6X6MvzHVQjzc59SVv4K+70grSUJ683qR7BD+dfIBCy1pFXfE/k+24cze9Ayf - 1ewPeJLVHhbUZWd3EC6FtvNFoBF7tLY01O/EamAOLFgbS0WM56yF++FMhisdsyk/ - fCTJTZ+cCEABYJvJxpS86O2TZ6euHRYKB0iz5duFBiKmEXNDKPaddxI4kKamtGJr - JlpOdUkaH57L7i8gssoHAPKaXGEOydhEWr9Q67IYTUgj++LHLC8rvX/GjAoN/jPe - tiZSAUvLBkbUP62pX4j9VVvF3hCbv8bwgLF6+itOIJCYsALKNK9aCfOqMgfr7gll - AETp3CtDMqvT8AKxvRZJNYI17YBTj0GEzPgA9WPLvPoiVevfn7Cs0TDwcIm9DkRz - NsGAQ7OeBAlYPlib1qFpwS0jmb63kyX8KOJBGys4yr+p1+t+sfoogckDnB4GCI7S - XAEXxyN56JW1/TbyvR9LwWYPSgYfjASkCmksyYJMxqJqZNGeo9YzoQyvmHiRSV27 - eBTzua70gKwbGlNM/KyIyKgMfDeJVxds+qxoF1PsaZ2Qbg6tW3oGOivgn1SC - =mpsN - -----END PGP MESSAGE----- - fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5 - - created_at: "2025-10-16T14:03:59Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAw5vwmoEJHQ1ARAAveReIRx5pGebuFZoJriJ1kbd52W37367ypCErCQd2nKE - Xls31lMFAyZLL1IiNj42imP4ZmAK4CpUr53NcxUEskdc350ZCnJg6En1Wn3SbYhB - D6JQGzgbVEVCk8JrQH9cunRqZP5O/wkH1p6iTsktAaMZX/n9a0gF7sv1hainaRKj - ZHupkQ94hQ6VZLHRrJo6PKsofT+vm/ue8BZVz8grUWa6FcMJrxUz3C1Beytw2q/o - wW+TL7HEGeo0igDC+JRk1sTXDJHiVzrihtdVf6iyEAStOF4SKXqH+e96tHuPv+xh - Lhr7t+wWJEvfmHHmUGNSJaz7hGFffVIAxG023E20AIusn4TDvKZl3SDJnZWUnKv/ - TYn4Op6hKLNKIl8M8IFKqlaqCyuPvFwRSglbvyTuGiq27AeXOOqi0YPwfNpeo0PR - 8WiX79t6g3qykazQyau7kOVPq6st2KEYjntEDNwQqNJGDh6tllA3iUN3aJjQ9tCM - /Bcb07pSfXeSN6AMKbBCvPoweHyuAJApyIALYaioqbJeWZRkYnLf/pJdO+Sb1uM6 - lXdGMJjDZRaASRQ8Itq4q34AI8RW8oo96K8sG98rsow/YxDgpWnHHv0r9y69JS5B - 1rZUTckPG57sFjfGcs9OBEWzuHtE1C0l8cxu93TDyb2atbRdMTl62l86RLFDX3XS - XAGUrZPztS+QnCH+0vwOoEwHN79gxbylfRuT2J5nyzp6UwwVjFk8GUCKTBB1dRac - tpcdlYRNL5X+ybpR1SQ1xgsMiP+Qcu9EURXWc4oK5eRg4qKsr3U9Pn2JxkTP - =eF0q - -----END PGP MESSAGE----- - fp: 87AB00D45D37C9E9167B5A5A333448678B60E505 - - created_at: "2025-10-16T14:03:59Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DerEtaFuTeewSAQdABv1nkvhryXv+RAGgHf2c1tMq79ZXwr+hDXZRHjjBEXgw - rSpWHH+3XNoR7IPBfk3/n/1hRCz1TOoIbs1/yAKHLLsz8z5+wLzeej+WHScx8LjI - 0lwBF5bFWFk4xcfJoO2Fe09G5Hlj63WrBu5W+kV/D2+pUXI4n3etETx9LVZNobWo - TOE7vrtAVUILHT0iv+zZiqflKLmp/xDBWLKXvCnWGBkjhj+nBH9Fqgx2QayV1Q== - =KTPl - -----END PGP MESSAGE----- - fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912 - - created_at: "2025-10-16T14:03:59Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAxjNhCKPP69fAQ//Zlmb4M1u7i/N5ogBdfdw4iBypChTrv6RBqIMk1sK6r61 - koJsK+3hixZGQH4UAhT/nfC11NdHoAcG4hgPTxfMt2yUOSb+fwZyYXt6ShZ/1GMj - Q95e88df2xS5OvCORcq6pupFh1AfuwsxgP9iaE/BQ6V8uLaN8nsYrL/i4Iq2SI3b - uZsQToB3JYcGqJr+YP7flFcOYNRwBkeweWfXef5ID1Raj+mPjJmpegZLNY6l4zzk - 5avqd9EAMFl3aKzS2nD9+5B525Ze9joGOPAmkToYtDiETXNCeMXylsltVVy9qc9x - X4brC5umiuIDjFVZYupLJ1cGSRfLgVIeiDkGRd6q62gSKQ0x35VnbSDPVBYhSetB - zB0XtIBPg3mCXNypuaSHbo9exiFfpY4juswTuZ/nEK8Xip9v7S6PVLe5EhEojB2N - fEzuQ7MMxdAqJOe4CXmi6dybtSKCEDFK5xYr6VSpEylZQIDgHHWH9zifOUisxtjv - 1uo5aH6bGrMG4UyGjf60Fcnl8G3vOAI+DOqWTtO8brb5NILdyi4+AS5voqr+5pTh - u/wlwhKSKbUzEDFBJk04JDjpdnXEeOdVdKXIor0rGCyU3volUP8cKLHyEW2u02RX - MBhQTOd8s+EuHd7ueJw+EmBZqkQN4WSfUbAilnvTEumaVtJBDr1CMKgzVx0eWC/S - XAExGPmke/j2hG8g+tRjgmQmRvzwOYF46PoUtwFZY4bXaDxAww2YgjRzdqHBXRds - fMpnz+fAtJTj2GIJP2Wk4jOY5fUbaoxOfWcx4Yl2bbGHh/2sg1XN/0rvB0+X - =nm/4 - -----END PGP MESSAGE----- - fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55 - - created_at: "2025-10-16T14:03:59Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA1Hthzn+T1OoAQ/+IqdYTsLvMJ7wMf1AWjmBJ5I4IqcW30VeEt4NErMzLa+f - OT3zJAUkOlIv+JtKKq0DFShOnixaqBGZKK3IUt0+1gTpaRGcUT7D0F4jFOwXZMDw - EuSK/LGFDNIh3Ma7aJV1KGJzjf0/IO+OTahXfnhaufDc5a6bR9yb2fkHeAakPLrq - QDbADoTNhmBNA/H8rg974FniX8dENBDWlgOXNJKKnQ+Y4sHrR5dcyavF5DyRKO4l - qAIpVenGFWcqrK4JsklrU6sfrHe3Ho4GUBspcO8lDfy39ZMdb3Ypu4+u6aDicStx - WUwqcHquu4p2s12u8xiz0twQlvd+zJaqqtjhpjjKggH9jgl1nY8i7VhVKi/P4VfK - 3XuBiY9cTtMeJk0lSE0XvIT1WD8L73Em7LaT3Rskxah72mV3v2WdHn6wMuDILpOb - 29/YnGE0BAOY0thq6veuFAWPuywAtGFrmx9RmswEOWh1D8HJW7/+8uBdseFqRbB0 - SZ8UkPDW9Ko1pNGdGHLlTC9UkJXHibiZqNUbDvOat2rcInk4zqjxWs86F0RhPruI - 3wwdMPsYCi7uR7moiZyiCt1hmrcaHJG36zaZBuUkqd486/YxYGt5rS+2OKZn6VOP - 7k8fZskHF69ciAgSEItyOu5hAK0o9vBb/plQONyor15/wXkxeP0/7Vpt0Qy/Ad7S - XAEoYbLf/EYQeVjV2pPmv0ff1lBq95g0pj+vf/1StniCOTv7fSUfjkxQ1K/yFsC8 - z5COp2XhwhVF0xTGu4pzYcHeuR+/KU1pqL+UFFy7sMBkLbsrxoCuyUbLWwNs - =j9gL - -----END PGP MESSAGE----- - fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD - - created_at: "2025-10-16T14:03:59Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA46L6MuPqfJqAQ//Z/HFWjTVat/Rhli4RQXmeKrP7BpHn/z238w2GX4jt78O - /fXDniLCNZk508IpUQ9bGfbMsaRw7bdnewtW+f0nPO/vRVuQe/ADjw9Z5dogDImp - OvOd1gfIRcX8tm4r1BlSWf7A2qg5qZDOcGSxRNSHhv9NhnJJLHzTYG5TCoUCZ2wK - mYpufnpYfpc/siNOW8a5jNRV5sW3+Bp+pd3AqEO4P9tHhOwxWmNju8PyrBCqRI42 - QyQhdG2eMIiUs6YJ4cR60rMqZZ8lq0gLXM5sO3OrxlQEP5FWePLRwq4oq4/oozxd - 9wqGFanYW56LVL5vsKyJVHBFlZfHYjjh12gSvb9O/QyxTRfT46CnWbHD8sYWQbxU - z6bTIhQ8+kELKT56TnAcIxqWmPRbWOKXY+iruECkXqTyKdm8Ux+Q7qhPvjxp/cnC - SZfVS00CJG9T/mJ4jwe+bD7a4fIeU+nZWJ4Y4S38HZlJ759nbn/MebxQXNEnRjgM - z48c0cGb/QHz1Yh0l5xMKMDNMN4Zcp5rDsdmEnRMCtgXUlEGsHPh76a5lNeE74uW - ErgrRG/EEyXDHaC6HK0izp7dUBYcV3NKJrvG8XF4lYCXQjw+IEXz5mGBKLpPfvlN - 0utfEUDp2We6kFUXiDrQgEga9+ZNDhIoaUGHIUKIH9vWV0DYWY+2Tsi5p1XauMjS - XAHP7lbYvp5GQCZ/listotwc0z8YABKrObVRd3xvURQ0PL8UdelIMSBSruYXXMUX - X3whSggk6G59iBJvXTpXioVfPBaRpGH+b1SWIR8wNcd4+yWo+JExFw+OAF8+ - =H9fX - -----END PGP MESSAGE----- - fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A - - created_at: "2025-10-16T14:03:59Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DQrf1tCqiJxoSAQdA+mj8Zet+EX625kPU8Mca1O9QklMKAsDVyerrcpXpkTAw - c7uDpTKWutUj+B3x4LlffmxtABIQV3WEujFmafaXxYvU20B75m+DGfp32A+k/Av1 - 0lwBocEM8tY5X5gT5OVwZKynFxcB7HxB8dYZNPf5YUIUfKXIk+ZDSMUJgOy15BIk - x3FeKugtRrX29+az8LNlsBNcCeqT10U/mMvqtU6xwU5qbOOwkh7DgZZGk25opw== - =tl7N - -----END PGP MESSAGE----- - fp: B71138A6A8964A3C3B8899857B4F70C356765BAB - - created_at: "2025-10-16T14:03:59Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DzAGzViGx4qcSAQdAvHPZfWwZCO2rlfLJx6B/omZNgE/PnFM0ePmqu2L/cGcw - 07lNHTEjOyDnVtuvbL8MbTfZUONVUia6cPL76ae3f0074yzGMSvus+WZGbwq8g5O - 0lYB4JNvI5zyuolaPUIH6RQQzY5+U4Uxex22rkhdZFXHpqyC6a4LkR56PnIYgS0P - /09c5d+q5obcTxFeE9HZDqeY7NaUT62zN02ME1ZVxg/hVSpXPseJWw== - =8dD2 - -----END PGP MESSAGE----- - fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD - - created_at: "2025-10-16T14:03:59Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA2pVdGTIrZI+ARAAoOnxlDH1+B7TXdh70Kvau1/h6KvrYHV8h+Dh1ECFlO44 - GxUXxjZLy61dJb5s3zA8MAJCwuv1tSUjLUUTh7AR7cugDV8XJjFKgXJYz3AtMoVS - aY1J+ifz+i5i2uhvVOTnjiVEtTGIlD9xYdo7t90TCgC2lMxrXEwE/wswzeg9mkag - cz3wDXsFBlA3v9na7VMcJwywy93SbtIS+wmGHriChv7hi54YwG8lPdhLMN25l2iI - sT1eOYbc/NzJpGoU0at/kB1CtELbvD5OmyZZ36eGTyS4meGY1niev407tvOFLHbr - lsCoG2twdfGeBFqj/lRvae1OfA8WkHUtcje7tXq6PH50AqC9iWLrHx5sqWbiia+0 - pIJ1iZB3OvVCQiha/adtFY3gwHXFue6UxpWam+wfkZf/iu2Tzf/R7rZbZEnl+Yp9 - Vt7tUXTB4enOj5DieeeJbDzllPiwCQj69jBZcbxzzoCN8OJUssKyPdmbUSzaAcC0 - YZRjYRDsENk0duvzX6GJQOSOV7jH8QE5Zkut0P3U6yU8nyBvi9jO0ZC9iHqH+i1d - /Fdl9XQP6GwIWd3VXZXJQnhiNyWOv7BGIV+8Hmx/8564xJUiOnip1uDcxfUqyEut - 3JcxI7BBXxUuZYBRI8JM9SOmqQLwz8t419pt4YohEMzcE6NBaDluVTaOvc3VjlLS - XAFVgBuP4Q6V6Fc0ZbEQKFMo/zcVLCcICHf7CxnefF2bnCUXSt2/2mGq17w2RCk5 - apmuIngabTkZi5brZRbRr6QixmIXJ6oOA5WCxSmjbNI08z5pR2+SKj57Zc/v - =d+GD - -----END PGP MESSAGE----- - fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533 - unencrypted_suffix: _unencrypted - version: 3.10.2 diff --git a/inventories/chaosknoten/host_vars/renovate.yaml b/inventories/chaosknoten/host_vars/renovate.yaml deleted file mode 100644 index 17b9737..0000000 --- a/inventories/chaosknoten/host_vars/renovate.yaml +++ /dev/null @@ -1 +0,0 @@ -renovate__config: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/renovate/renovate/config.js.j2') }}" diff --git a/inventories/chaosknoten/host_vars/sunders.sops.yaml b/inventories/chaosknoten/host_vars/sunders.sops.yaml deleted file mode 100644 index 98b3917..0000000 --- a/inventories/chaosknoten/host_vars/sunders.sops.yaml +++ /dev/null @@ -1,210 +0,0 @@ -ansible_pull__age_private_key: ENC[AES256_GCM,data:tP84jDYh2zeWjf7wqDoefm9zaeg/Q2TWUyIstOcrjYHgrZdGLk64skLuGyH5q4FxQL9QEhe9qBT+AAxxKE6fU630/M1LVOR4Sls=,iv:I9W6KxIoisJFFMtOrN5u8KgnsmuIgF9RvzWanLNGVVM=,tag:w9bhDahR4Ai4/nLLeR58lA==,type:str] -sops: - age: - - recipient: age1na0nh9ndnr9cxpnlvstrxskr4fxf4spnkw48ufl7m43f98y40y7shhnvgd - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGYmdmSjc0U2t6clF0eEVw - eFRjaDNZQ2VrdGdCMTFLd0EzUDN3TG9QVzNJClp5NUZEaCsveitxVmNZd3VkR0JS - NFlWcEd3WlFYUEZaVmVhTE5OMFFLNTQKLS0tIHRFS21OeGJqc2lPTDFuSkRwYll1 - S3NiK3R6UWQ5UU0xUmYwa1hqMUo5c28K4EVQwBcALc6k53CNsemfMy2s6AGO5LJf - 3U1zeFtEcsvEnUfkvFT//M7cB6pUqQF0KIq1VnnFoQF7IpvSN23lxg== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-10-14T23:43:05Z" - mac: ENC[AES256_GCM,data:15TRSKlDhjQy3yMcFhz2Den2YorcrpJmCw0BVl10qlG8u9G7Vw/7aV/hJnZdkCz3w1ZkEbNS6DCKxCLs1Qgf2SEPaG/cRraO2mcl+YH7k4gb5LMzu81fRkbCx66B4LG+DY8fsAJeO4mxui2m0ZAHb2SNFIP4Q4vdLav3jTaiwAc=,iv:71qa6JTc+S5MLynGc27tx1WBGrpvTCSCoEv01SZnPF8=,tag:ju4WP1MK1/sWw7TAitzM0Q==,type:str] - pgp: - - created_at: "2025-10-15T08:45:25Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAxK/JaB2/SdtAQ//fkLWQ/3OVcu4GKLhg4o2uHTWlqvFQyzpagXsDxM5RcIM - JteCVklioa5qRBZzDnwGs9LxDZmpmlURxCA2QVx9/M79KaFr/qfPupecS+3FLOy7 - 4XJTQhFxNzQgLDepAPj9JJI3Sp1QyChaIwH1SvGX/oGnjazXo7NhthyXaLFIRXqJ - +dwBiVcyjVLuVxopLKALil0K/aq0wRhxBQDA/K3X+rbHsKllo/D3+RhNsaVcz87+ - 4kVB2EjcxMezl6vQeXPvDaMGwhYLohTNng4py9pmA2ihyYLwDuSwVkAQKjO2T3gR - nmvtw0jZ0cgGUkeChBHG6MrvrQepFkgFwpj9S0TzNxAAmOSwp2HVIKorBcSjB+tH - 1C3cjjFEWHlE0kfWRrvsbT/57nsOIWSXOx5gMqRsMo19wP7CpCMYL9p+jSphQbFE - ILBtmmcuzlr1ExLi+F/gfEX3yA0kSswV6BJePUXHECiNuVv8PM7/sUOba2fcFyDx - fKBkD+5CEjr8joUgBE42kLP0aSEwwdqmgzVhIlSY6Zn5QVx6tSPBx6Qi0I19ic9u - 4MldM2cKt4IP1LNcLrtuPNRRWZ704LGVTp1XWtKed7q0cae/k4uOvYwYf1QKWY84 - 50wApyybTl7s9JaNAVIK2bXQoK7ALLiOIDTwPu8B5q05zrjyE5XK+qNi7ueXcQjS - XgH7kGxwfpXKGJpXJ9dDaW+2pmoUU6LTOCm9cuqZEGB3jk+jl2M2A7M9wFKbtrkh - PGcloa0AVlc43dEzqG7tox4fMqToNHwKTpR26D2GCOx2BmovIGC3qaStSbA/jgw= - =/HmI - -----END PGP MESSAGE----- - fp: EF643F59E008414882232C78FFA8331EEB7D6B70 - - created_at: "2025-10-15T08:45:25Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA6EyPtWBEI+2AQ//XSwyLenM3YV/KuBSSUy57ungQfU+aujOwfhZLMK4w7dj - iLDNBtSb1rNr3rQ2PSQxX8uqZIKrxW+SQ7YN7dOKhAWXNdRPZIEuPRCfhrgdL57p - VBCHpBSPQqzuDhHXHp+hf5GpAOSeNKgPLYua0hT2jNaHHkaGi1twKDuyJBUtXv+J - oXw1W2DKFLIhhKVLK/p3OqbYplLKRVoCJg0+0A80mAoVwtpIW7CU144jsvM1rMTZ - mLFXBjDXgq1uy034MFBAQod7vcgmfoYwFr9LCHKygAcpFmOhDtNsNTQvjKFmmHdw - m8ykzdEShe4vhzKfH7icKlYcwrrGhT8JoswzzBx6aA8k/e9m8P1Blez5Ief3Et7E - lUiSZBSzgmZDMxaNTLhNmfOmG6BEkM0X0fv6NBtpuO/vl/zn3pcSPUao3LKhXAwy - 91iTRjxpm/pYKZ6RG2Z6eI8mIdNMWcfkOpzYSMjELggvrfkMhdSVSmLPT0Hozx4f - S/2yNb+7QFufrwJw8Fg0Acst7oPU7siMtaJu2MdNJUlDqEHCWFfHM6Lz55jnJNVC - Nmr1lRcTgaaOIMpE5UAJw+ownlCZFMN/pbOJFb9+Hy3GlmciqVYch+0cR/05vNPN - dDnuALTlgsJ3YMv8PhVOAffcxJ3ua61hSCQmHlPxP5MzB96JY9BQ3+3ufLtPA1nS - XgGRXNlyqtW0YwQS/kUctV5n8k5BhnBKgxJHq5+Wztp/o4D2GvxgkmdEdOBK3C5t - an+hSe5PhubEVnd6tWhzmqBQzThTyY0S53RcbAFYRId2VKodlT7yXV0wwewL84U= - =3lT2 - -----END PGP MESSAGE----- - fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC - - created_at: "2025-10-15T08:45:25Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAz5uSgHG2iMJAQ/+OSLzOzAJtSU2JijWvzYhf64CClYDmUXP4nXN6CJs4o1z - iet7JJfruRBLTlQdqbCESg3WHbtjFk639rlCV7d3cPQIHcEQkIv7YAisiM+27v8g - jJ8+gWC75+rtyikVDq5hxf5VktjXmdnhz+xppRU2YyY46tFgp5vRhxsS8wQXcKBD - JgL881OPCz2yZUj2kaqlDf1GipRtwswxuuKj02mTfXiQ50GGYBEd2nSzdtmfdQ83 - TRFLZxhmZFUQ/EVB3wCa+l4y6SThXwpJ6ImTCK4BNxfy8WPm87soTEs3mgvhiBIl - 7q6yCW+6t5oDaxLg/SCZ4lU3HPgUjMF8Ax3SovHqZ210YFZrNpcJ9C+pVrAkZUIm - oHWTbR01G1Yaq7c+e4bGiA34C66gv3UNgA4kDcXt8OcydtCjX38x6Q5kdUB9I/x6 - zwVS/6GXGDvxOodbPpe17LdUDGqswjPZ94UbKPwCbQDosN+5Xnt/XYF/nzP3V0JB - x3fZQbBWI0sTciFRvaMmB+qG/knF42LZOdhVaTASLnNcAfAGesbyH8Z/0zivMa3F - 0Bjw/LCldSS9+wvhJOyyiorV5mR25w9G2IDa9l8f/ZuknHQ4Ht4ptlkddZokgXFv - CF6nKcHBFHMofzs4a953dxJZ/rVTFj8sOY27pKf/+uQZjZLcMI4NtmkTeVhKQX/S - XgFmp1yvDE1KfuqtmZ2UMQtarN9zsaUi9HPcTaJyTuYr2s3f3/i4vtUmAeotfV+O - x9iPs0ttwfi1XxDJgFdxoa1MBFRlUS1sJShxNzC2UYYHKhHlIago0kTMZKHGczQ= - =BtEA - -----END PGP MESSAGE----- - fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5 - - created_at: "2025-10-15T08:45:25Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAw5vwmoEJHQ1ARAAirhhnMsEuxUaDwxgSehvzEeX3WHSYCUPVEoCqnMMMr5T - /6J0cEXitvwmw/l29jpCuJrEfQ6d10syMuSrJvAnwbma4Dt867jQc8Cj7Xn7Z3BC - Tk0s0TPW5hCEBF7Mg4k104yLDK8qIwAMtSuFZ0f9Fw2gEjdHE8+r0y1ZDEUndxQI - jUfTPmcXq8e679VFjhYT6O7ttUgd4asoQeNi2f9c2fqpiOUDlL0hV8yFI+0lhqPA - m99GbCDTnSx4kWNc8HRtffz2v2+/HIvOQo7qPIEf0SS144OebvqYOFEqw+0tNTA5 - 9INouMXBwm5OjyQtjMd8YY5/f7y+e9Gj9KM4EMoNOl3hmLVQAez98ReJEuX2g7pE - 8lPmBmvcUM19UnKiNuofLQyaABUkyrv+gc5NG+8RtyiQIHoe2gBpXrKXa23TuvD9 - PA5AkTTCeFxxnj5eNgPrwTQKfD6pvp//xj4qJTAD/WVkkQRzUmoWdnvzv3OVnFZ3 - iO7Dlco+klnAljzZEmB/sY4W58fo9ltCaCflFHE0iOSp+Hr4yqlDpO9hitq6qf0U - juTQiHJ9T0MjPXzquZftTNy8Icacc4R3myyf/NZ0wLsWg/X/sQcSvr7ldZ1gLSN0 - EpPKEAWMvEwOrc4wPAp74N0BTPsadCaEX08JrvC4Cj7XdmcdZ5i7PLWd+YE1iC3S - XgGIywh3ADFH9wSWOVLcW4KeSLuxl91XFaqc834WaeiQgrRKy68cSj8BPulWn42k - W4A74ndSgyooVfuJPSPrY17QYtnEGiQU9YsqDr4mbuBfExZ0olQYGsBS4bX9uoM= - =i9LM - -----END PGP MESSAGE----- - fp: 87AB00D45D37C9E9167B5A5A333448678B60E505 - - created_at: "2025-10-15T08:45:25Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DerEtaFuTeewSAQdAIoIvHLe5CKp9zHMCCa5+pAa+NSNGuEl0eSC04ZgLHDkw - 1SYTz1t23cM3UjK1lRXkRVaGeM0U5G0v2shY7zb8XomNxPmlXmc05xYLIkM/F/dt - 0l4Bb55iZgJXODO9B89qQXvcPqdd1Du2W+jvWK1uxDzqUQojhfOMLgwtF9UIjV8l - atM1bQTX9413XOMDvSGP3A51iyzYKGBU5Gmm01IM5WsMttJxdY04uzXanHli2ynY - =Xi7e - -----END PGP MESSAGE----- - fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912 - - created_at: "2025-10-15T08:45:25Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAxjNhCKPP69fAQ//WKQgxhiG/KTWv6UTeLNYh7wCFz3SW6LbXCgzwhwesEbv - Pu0gS4Ki+nEW7BjGos3u/Iv6ECwh+4qFZRccGDcU7gbyLt9I3/L4JKh3RA+wiynn - mXW8xtpXLF1FnTBXK0lV/Lnow6oddo3C9UJ0rrr3mM72gNqSFiaObnTMDTA873gh - Gpixud/NQNbhMIkUVbUBYXW1xz6Qm7+g6C1Xlo5F/8CDvIKv7fHRO7ICWKlEKNGF - yC+a+xplDSbgSsfvrafNMFg9RWieHg52bAIu2J3EpTTWcqeTYGbQbBKbpT4aFI5j - fnQxAVFq6AbKX+hEfUfpTqGFju97SggTqR2J5Sfsq6owcuk5snwDY3b9DVJLfxbu - MLYgwDlzHQssL3RkCwwNI2Ov8Og4yMQbNGB+o6/9OaJbfLi6opb31eWB3FLSYM2V - EZdEoXfl43eEpOv/iceSyjbNCRNOXyou8YJ+nTLNRKjwmGvluz8RI6m7C0mreh/D - AFpod9nmFBhBxEO5gwvdYztpY8aJq2Fva0aTvCQ4FCU2Tz8CKJduEFQeSxafBrUu - BSV0VNVCZ1cffWkNbv9VPJ+8kswaMrIkotDHpdouvoGosbICDeEaG5ur+F1qKPxr - nne+sM3+ZjzrqTz7SUrU49ekEGKnhcV6P1nhwv1XSVaRlRin4kF2ApkM1+wXCoXS - XgG696X0SmBm8ifPKWD+HPYsaPThpbdOfSZOPExgPxRIfpqzeqw/YGyoQZ/ZKc4P - xLGoG/NlLBJ7xj37AW90CJEQZ2X4u4WJIwK51MArhHppC888RmuW5DcwMcLd5T4= - =zKAr - -----END PGP MESSAGE----- - fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55 - - created_at: "2025-10-15T08:45:25Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA1Hthzn+T1OoAQ/7B2ah5eKEwBZDS3U/dN6vEzMW/nQnCxHSX8TwvgpnIyCc - gdlX4yrT9jHv4+ER0t9bV0LdSgRPactHc1UbwQb9IJm8znXKmfl6eo9weD45GKjV - hBdWjTHCC3qyNROPQlny9jvSd+JLi5JadClrXBADzcTtMCygko0JPv5U08+vbmAM - iVHhB/Bef6Dl/76rDrV9uM0TMfENeS951mfuUGe5XbihVB39zTAGHuMIqF3gN0oy - lclHWJn2fUbnOlzfYEMM+xdoyM7w0IrO73GzEUKxXj7zU9AAGMMA0nrA2YvO+i7c - RFgJ3hqqep3bM94a5p5w5Dp2Lu+o7no6/kuhITJ/3xa+hu0UZIpRpRmxfsr+KZy7 - qxrhyAAsJa6OMVOalaeq0MnRU9k//UR8AEXPVV+9W1RpvJNxxtNy+9rtD5T64kFY - /uWehI8zWXZ9Afto08OmVFw1102Lby2xFEYmB+K3tU3v89PFZV1CVPBoDndpW5Cv - l81LqdqvwQC0W0YkEAZUcVOYWf+QT9qBO/x/VrFMJbBEmgUbCqaIlWSFTsCTknoI - LctO9kClYDTIZT3oftwmmvulOIDplXDAt+/ye0Uc89TdPW/UWKso5g9TGx45qiem - aiuglzPPC34UBP72XYtYlgTiTsAQWPdEOdczBX8fNDZHOBMW38k8q3w/hSrSG3bS - XgFCnSnxIyNpbNbqiM/6Wp9wuOB5yIsubRhR6EqsNVqn7KGpZHiM0lE7CJ0L23wJ - v2KceoHICRyXEJ6CCp3ZpctRztZNqqKbnLuixN+TH5H+nscmqYf5M2ycBimjP1U= - =K2Aq - -----END PGP MESSAGE----- - fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD - - created_at: "2025-10-15T08:45:25Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA46L6MuPqfJqAQ/+JOmH/Rbqq4C7Oh7CeLem3g27BSzZfjfYX8hDzzGNc6D4 - SLtko7TUmrag3tqlgi78li/mBaimsEswug+/N8GYZt2XSOk/rDfUawNlt8Pk51hD - ErX/cS2AWAZd81BNWYnLLeT6+qE6CcIjPpvVJj9qnR0eR/gFoQR2Puu7jH/999PH - kNH7oMYJ2SPdBmeRWl7UbtFW+tlavzYAQspkpKgWzZTZm/d1SVZorFcH+oYSQ3PZ - 7j0vuzCsvn0PLSJbH6rlc4PquhxgHeeV++Asujw0/qcnDy/CwbCoezy6NZ7ay+0Z - p6EaV3zpGK+BdvNud+HKEnEqZvTSmGd3KaaYWIkAGwTMUDj4gfzUGWs0t+QcpxKg - ujb3bllti3/+YBdN+PsUzGpLeODxb38AlDVO7mQqRnsEonlvdEJQBzX7GMrrNLLu - AXNLtGdJyePLkWTIZM7nvA7+lTQfM18gl5KawPm3q0yMpKaCmSDSktymHCqm8iAi - 1eUYNcCU7XwJfdrNmMCpYotVUZoALYCWXeFCxHfVsnuC98jIMWs8//DhaT1DVGkF - xkk4risEdScs855VNmQRW8Dg9fx5NrCSslFqmxNixEET1IhYBP1+5kIv+5O6Qeci - 5jHvhmz/Cg+6RcOn12w0lZO+eHH/p9MH+nhta8uVnJPYXxk+EWwT3YxZC822kWHS - XgGu94yW1Gsu3TsfyG50AgbvG/BGdGZ39EjU47AZZv+r0DBX4zvnQ4BEuvrrA1OU - 69kbfdIN1RqDLsFQRsgT5X9J+oABdekYKsz67BHH9ISDBhgF2BYngMD7zVln8Mo= - =5bU3 - -----END PGP MESSAGE----- - fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A - - created_at: "2025-10-15T08:45:25Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DQrf1tCqiJxoSAQdAbH64m1QTpsgWwOJpudkwpsaxzoSDEfljEnIiVrzArmww - OMDXywm+1iiRpnbx4IL3LsoHCSe6KJah6ZJdLbohv2AbL8+vcZ7FIUaBbeMXiEGZ - 0l4BpWjzCauPu4IKBbtHN1TVawGljnNHzNbhjdCeiA0YQbeAp55vQufmJcIOEFzV - 42fFXTqa1bGbeOKjCV26mSQX34DOT81gH5dcjHtv8cDTsOsGqmft2faknKqkaHFp - =GvTi - -----END PGP MESSAGE----- - fp: B71138A6A8964A3C3B8899857B4F70C356765BAB - - created_at: "2025-10-15T08:45:25Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DzAGzViGx4qcSAQdApdQiqrrqkcuXl4ZOORj9xDo9rgqDYfufdm+mcOdOrTgw - amysE1TCgugTEEoQn10VMv6IVJM+AwYsUG3LI4HkrnvzidsUm7YTfDvWBlZPgsar - 0lgBH4wfqCR5orVnsJkSazAS4/AKQHLZuRdlb3LKrxbCLas+sDWR18/lKjSRTWqb - YOJtFUsXcBWgmCsgFBvgLWEPExSLrCWeTKVzcycI3uL20BejUHU9//8C - =XVFg - -----END PGP MESSAGE----- - fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD - - created_at: "2025-10-15T08:45:25Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA2pVdGTIrZI+AQ/7BPhkMJhB+qcwqrPBnPKu01R9maR7OHBvcL1gH0QmRPab - YVBjv8gcxjdT+FQquhRg4PAR52A16vijb1rzwC3lMaB85yWNIzBRnKrUZFoDqwAz - 4FdFlw5cV/pLI+QII/eA5HAMPDFDj9UFY+/tyDaSka7LK7J/0nbv8tcTXj2r3m0N - JoSo39Y8x/tRRr5BoiL8TvBJ8GsSsjqKR5ppAQaW0u+csGL5XlcOxP8OjN20yibT - ZosOWMjMLZo29s5eqT7EXuMGspZV4ptf/zRAqBdD22CuQfRwYtVAKwFVi6qneLc9 - VKA09losPSgC9dGMLp0zB5v94SHJJzuq7jXQ6yWp4syco6GtCkx8CONx60p0FAwG - C+IhgxG0zz8c/7Bdg9xeUs0Ml77lFcXM9j+ldSI8+/9pKM3T4gmtydDFHQrLonsv - mZBgO9aGMJVVtx/oJ5aeypu2/lhxsixhxtLCk4var5RNG3Y4HsMYYtWvVbf0Gk2Q - ZFHHMyYg+fnh4Jjjgcw5gC8qtQLJ0lDaYyMNgnDismLTbaPpMbQHeFSNZCM98vjE - TJalalvaYeCZF5kx1J838GoxbdBvz9UDrkVXIjI4inLvv+J+psetC3lpRLpQAHSf - KiCwJAaeRm4jwoaPXPoECpfrdo4OuLGGhmt44JrqmkBJpVCiP5uShRkahwsSZTrS - XgHt+KX/ZL53wC4kd79fs+vhy35cflOTqZcvdQDLyqfUHyuzMlizqxQ3L/tv201C - A8V80upXtVhCiCCDLzMYfMZ4jsBkI27Pbv/YHPcEQgQUd9BuIhKiEOsSbd+8jxk= - =5Eek - -----END PGP MESSAGE----- - fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533 - unencrypted_suffix: _unencrypted - version: 3.10.2 diff --git a/inventories/chaosknoten/host_vars/tickets.sops.yaml b/inventories/chaosknoten/host_vars/tickets.sops.yaml deleted file mode 100644 index 9b44b1e..0000000 --- a/inventories/chaosknoten/host_vars/tickets.sops.yaml +++ /dev/null @@ -1,211 +0,0 @@ -secret__pretix_db_password: ENC[AES256_GCM,data:kAOUjT7gw0FDqO+xt8m3wAhOGuZTS6zEIQ==,iv:oPAxDzz4ellT5MxUqw8/iBYyiTMf1b/Lddj5E0iIhWE=,tag:r3OTmcSjNUETEmOzxsMhxQ==,type:str] -ansible_pull__age_private_key: ENC[AES256_GCM,data:Bhtx7X1ae0pWpxNwHSUJhe2aTO6k27+cEePOs3BBMWdAPFYHtcKUJakq07BTF5tnlvY4Hex0YsO3/l45e+zEfzo5U7FezdYbUPY=,iv:7z8Iy+vdnpfc9TspkH3KMKNGGsHzbxSjERwRP9JQyeM=,tag:AWx4xVf2YmC9giLS/mD1Sw==,type:str] -sops: - age: - - recipient: age16znyzvquuy8467gg27mdwdt8k6kcu3fjrvfm6gnl4nmqp8tuvqaspqgcet - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2OVFaYWpkbzlQZkZKZms0 - SW5KT2lKbkREMnZiRm9EV0ZqalJpK21RcDNrCjcrUGhybSthZVplNFlxaE1TQkRX - SmpRY05Vdk0xU0hXWDZ3SDVCV2xQZzAKLS0tIHBPWS9HejhLaGZVTEVkNHY5aXdC - amM5cE9iTUUwRzlLbzNzdzdGYldDZnMK2KFxt+LlezSECxqOsaGVLjizmngsO62h - pVJK8C/c5EzN5tX5aAhOWStNLHNRt9XjcNAUhi8EFls2Gl+yXGH11A== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-10-20T18:55:55Z" - mac: ENC[AES256_GCM,data:8OYQB3sIlIStuKPIkDRkeOcIPNEsMYENgyQ44DvvQNkR3lU8lHzyR2zL6HiO/zXF4hXeLUZSqcyH2jU61mEKr1kNFpA49BlYsxuPSOADJURhG2P9oUrc9hi2JL6KtwdRtvTcQB16YRVmhXgt0MLAmyAFc8V3CI6O5wfuEKLkmM4=,iv:dpJCVGga5FnTkCQlouUh0de+6wSW9Dif5Ft/aCf2mCk=,tag:/9m3rCWIhd5jyXXpmIb4jA==,type:str] - pgp: - - created_at: "2025-10-20T19:03:05Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAxK/JaB2/SdtAQ//WF711Lgt2ls8W1xD6yS4RSQ/mrdG8ae8ZNPv8GfvGRFW - X456rSDSyI0y2Nx5M0J2JOnmDyNCZhwXZsRJVjYyLsvtZWjPwgHwG2NO0ivkXZcD - mCXWLG4pgb3vET21LO+mYtD+WDrmgRIL4soSIEu9q5AsFO/D1LNjVCC4knmSb/Uo - bwUe5AHKTh52lvWN0Rwn3u7pNyavHfx0RasoQ2dHrwCuYw6twt2p2LfZybPABPxI - X2FoymRqRNwec8CZnPe1MEjFAYS2h/HnriIMRF/m8TYUMalwb/ESn3eWrI1KOUsS - UJ0zw/JdjLdEnEkK+gDzOBUg9pVto3jjWWkp90Zy676fIuFMdRd5WSQLgpBSP/hp - BYVIDb0PcfekDo82ItXKxp8/pniaMYDGrP0Wqy2VgBvQltonAv5P/J9W1luaQFnA - gF6pa8q48h7ptjqkcpSFuH0Tdoafr4Q8q3ubEUrHlyNp5cGXYI+MUv6pn1xPhVq4 - kMcFTISOZwSUYLM1yvz8CwHQd6R9S1iLMSH/EKOWDKGIGzKvqkFWsyWSa4V2vbr+ - X7Yi4/wN4ucXPwI5hnrevwaEpqvnL8eZ3nLhCbFPtZPaay+IxNMySuLY6r2cfPxF - zME++5FdXNseV57i7KkChooF7vLyc7hkN8fxmoc/r81m8EVr/tsFzsZMLyQDSErS - XgHGbVJ789+6IpV1Ph1jQ7SJQm8+ADtDqOy/BF5hlmjN9sI5vhy0k4BeyQk2zgT0 - w7iMZ4hyn0A0uXajtg+RiQRkE+0tJOIj7Yb99y6TfFkYrtBc1Ln2QnLH6a4ETbo= - =enot - -----END PGP MESSAGE----- - fp: EF643F59E008414882232C78FFA8331EEB7D6B70 - - created_at: "2025-10-20T19:03:05Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA6EyPtWBEI+2AQ/6AtwxjLj7/MfCwnbY3YjPXp4Yh56foOt4J6PQm8oYGTAM - YooEOFit0lx9zYhhJuZ5UWE2+3NZxzBguvx6OJWoGBDsY/VuSHjD/55YlgH6Mnhc - 2kjENMi4vdOpcVuCYr7U8+dQVOO0CTmxFevcaH1KQBQr7h1QCkH3v3QRR2BPvdwX - OYiy0+bertHzRYvscAFxr+knf0a92LGC4J0k3gWVVy2EkixJ5LdEg66LRxNo+XTX - kTZE1RGznHXQw37dWAPzQdiNg+4WQcfDXob2VJFSRXm0Yjc91XtwCyEUQtbDvLwD - +wLgLekcxvUceohFA2cj+wMZV1yzp4xzHZ1wm0olGvqsVuPxAO5bLHt7KDUybBue - W3eA8x/U9amKhwOzEACHbEdVNE9thfaqpJr0HnauPCPl5CYSpCv91Teq4702WDGK - 3z1WhK8uWzYcgdmDkRZYTWtqcIHSPoy6U9k3/vpJ6lJ341NslW63thg1MU+JOV24 - z/hBXVq1y8M9EGVgKS9MyzY/KKxrTwIRFh8AJ9H7dN2BHKRKJIzK3TYUwKh8EQTv - prki6BwVvP5NQ5Q9wASJwiGvqfcWsthBZvDjrg+4kGc6fz27OiNK+dA46Spk3mHu - XKEkhhVnZpuWTOv9rt1B3q3XQusqxs7ozGtvyH1TRGEJ11L8MpYJbRlBd8iCsSvS - XgFEwjGXROS5nSYxUBZG9JetWW1tHZy+PB2goqHGiV0vQSgUa+x9m2Ya46k6FtTg - L4+wLEz7DLZythAGFM6CQxhSB2fBdaUTecN1zHaD1UP/+xjQ1SVGmYx0FAsUAVI= - =mQuW - -----END PGP MESSAGE----- - fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC - - created_at: "2025-10-20T19:03:05Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAz5uSgHG2iMJARAApxKnEr+oYp+hdWaUWFS+VLI3j8kIDbBHmwfPMeG8NWFq - acknfjnyXRuXYgLRx+MIrcdg6wMSdjhB5D0lpbjvtOPnTfcaACAGBlJ1jJPmPC3X - pj/dX62EHR7ckJG43Dc2jzCVwPGy+vjketc2gjvpbMtgQY5TD3fMoGKh+L7+EDH7 - C5qUdAm718PIWTh1B4Rj8VH6yiAWC722XJHAHDyJpq3OKLKOYqk7Omrr0PC1A/Wc - aHinfF+4isyxPctBgsbg+KM6zAbdoUMO473pgRh7mtZ5dEersQ9TqI+pvqI1iQQG - jUS+39bZeNeBEi0gKb5d5LkkzGo/ugtZMZw3Uk/xEd1FI1Z3n/9UF574Czl47sCf - feR3f6sCww7SsJYM84PBJjfXekOH6eSsdQVd2nh2sgiL2mkuU7biXjHqxNGuJegs - QjslvYR8vYCaLp7mI1+Q2ICFzqBT4Vd7F6nIIArbkMKeAACg7EcD7RjvIrKnZw8r - fz8rS7+SQ2PrxVW2mYNlZbDlcGOph2kLDNOgmeDckz3KxJYEhaa6noVsRw4HHP+M - 2BFc7p56716QTgeNKL/x6+NynHQlxpY9LENNAnxQTE1i5Tw8PoHXF9yIETxPXFbu - F2AKQTKR6GBUeP5w6szYLVm4WLzOwO1DZAumPhxwodA82Dyfq+Xgynwfl5QYgy/S - XgGgPZ1k4wqoG+keqrmtq6i9/hRjNSfgcngS/D25BU5o0+CdCSNCe96ECrtfb5Ml - TjE/0+B4em+m9vCmcaEcgYicgH9/gYDCIFUl5KhpLQ1UPQRolVSYD2kSM9JYmtU= - =RZDM - -----END PGP MESSAGE----- - fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5 - - created_at: "2025-10-20T19:03:05Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAw5vwmoEJHQ1AQ/+K31CsFsZubkgbe71xE3+KKz56JNihazfz31kc1yFe0MA - OAyURpzCnI3nb1vrfzTt6H5OdeM1nj1jSU0848XQaSVp0FSVnBwz1Hwx2TX4rN/J - W0hNmMZX6DEsyYdOyDX9cdVLm0psmmsLArjjKD2nF4B+or2GaCwkPCyae3Apd/8v - Ho7jRahT7YBNjuk3KpWLjkZ7jbcnvxphmFXP0uQbVyvF0MfiEWVWCaG+dHD//PCD - f+Rh3AfovjYF6XdJccNHyCWCW7aKsBNn5P5Lm1kRqWlWdU3qjdhLDYgtllIIRuFR - H4Nv3wabPSakkVhQNnnO7br+weKXjgBJpRIJQGB34WW90eHYkPqR2agpR4bLYxBo - n+IuGDvnsEflx4hgk5iFvUkx/GMF1npuDnzWvhrCzmsYlodajrWkAfc1hdzmJ7mR - M+0XJ++AlRYkDQmq1lor+2NEICNRO4a47WHwYQVhS1FNuEBtlPxxavqC7d3BLktk - fN1OmhyasZhZ/KOagKBF0UoXsDugWlySwQN7Uk3oWRAlP0B5GMn7vqh6I/+sOEhz - h5tJBZ+Bgj8GFhUNqZbJTjHqVWfz7DR8JYxk/G9E7RFh3vgKuAbSqJ50jcgu9qPA - NDgtm8Ze3aq4ujCwUIgljIV9dYKmZt/KplrQ5HpoQ5Q+nzP2uXdubwtYYr8gA6XS - XgGrLg5b0vMoUvyCU8+FDkKP3AqD9JbglZ1QzRns1y87rzoMqgwRfk2C8Gt/XL95 - j1dRQ+V+8CFCiMZjoXk++0Hb/CzFURp83RkppcMaCPi6tZN2vs9RmpguNPuo0T8= - =JHZL - -----END PGP MESSAGE----- - fp: 87AB00D45D37C9E9167B5A5A333448678B60E505 - - created_at: "2025-10-20T19:03:05Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DerEtaFuTeewSAQdAqL3NkB1/n4A6ndC6r/eOi30F6MYugUg2Hh1T/8cu3R8w - wDBDY07FGgoRWQuZdvWDHIfRcGOsjMCrNS2sUZQd4uc8epP3+G+nZ2haWR6dyNqO - 0l4BcMvfD0E4DSDd3LUTZuOBknUkko3zASDNTSHdULb/bLN1wMcXhwq0i6z9yw/M - Bj/+k3/mQyjwisg1wVdazdtOU1lJiUz7+XSrUYu/f7UgkVjxs/MfglaW0uvEgFoq - =srkq - -----END PGP MESSAGE----- - fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912 - - created_at: "2025-10-20T19:03:05Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAxjNhCKPP69fAQ//dHgHPIH2E/e75AAtrSPhLOcfqp+VJqoVat8VU9bbDZgD - zlsZDuofmCH95ikyLSK2BTJUSv7dtQDaeKMbnVBrCPgRNidVtZICE9tPSxCuAAB9 - Qh++1WivziiX5aW+t/KC8tuZLB8MwkD1V2xdabJNxfAyu4117hRzLxG5ODNj8l10 - l0H2DkulvM9njQorgf20QD9BdTLSVLVgzgwfkEe+R8t62azCE5pNrKo5GBJcHO4k - vuZe+PIsMHSBUceNQILTt4fVCT7Mi0mNJ0NgyMWuZrLhZaLNLE2HspCYyVrc+9r/ - /tl+dXMV620EWq08cSzsxijxM459aIO8H1WktnNaIw9SlCXHmK7V4EHskk+H3KNY - cpebQ8sOx8bkHD3L6osbquad2QlKvt3w7BV5AIhMDIMNY0/dlIbeKhYL+v8QFvyy - jywo/QfAIZ5l20RAHpGTNZmZdaLXG5v4TJK04AI0Iu1VfymltxQrBxCM2ItBzZ0h - KQnB219os3SSM2NNE7bfAgkME1lqHAAwqLwF20Oq2Bh4+GI1TC2K5q6pbM2xmzXB - bCNh5sD6FeEbTxktWZPgs/7JFYyLvNLyWQTYnBP965JISRRta/pqrATGFWEpPzY8 - A0IzqiVVCILS2F5zO+bOB0oLdTLaDqWiNQv2wJjuIMQkjNai8ShIxfHrdpdDxs3S - XgES+zZWhNU0BkClLSqVSDuZWMcnrTSb71oumeKP+WY4elG6DQF7M2Mbxm5tPd/5 - 0QXGU35iUpUV5umvJTp2tXA7fsYjDA1ixu6CbwS6YQ6rjl49FthvGNMHCp7VZuM= - =uy25 - -----END PGP MESSAGE----- - fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55 - - created_at: "2025-10-20T19:03:05Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA1Hthzn+T1OoAQ//WRUBChaoYbkkqv/6bud2NwjpHnmFaCsvlQaDp5o4dwWg - gpMzlTiltGy9/Co+BMZOh1Q+15jDlFEajLcLNhQhAsCry23VYquhqeMo9rR+yqHq - DwuWui+EKHuwD3ZAzW4rBIVNRzPAFz6KgkBYCXJNg3ZbVZaCWnTGriEt7yTuYa6u - 8lD0nCdVWsWYakoImN7mujMwR//coVTa+7a35fbXVmncc8DIsfTgeqAUkursFgLK - pb8k8bPMnt1MbL9JE33RBqVEIDh/du4SjERveI6QhyRg7KXxrU6nncOQOODRB+wO - yCgKi8vUMumlFDDo3tPu6EiYg142qCfXr4+W6uKTjzzxiKDrG2piEElsiAWauLLy - Cpm/G0EURz58EX6hXviuc9vRKmOxla/1uF2pAvmh6KLhovX79pSmIxd8LHJQDwz+ - bmtudvtMcQz50LwE8wkACsy7Lm884q1K21VuytFqwVH+7fzLnpumEUMPtcAwMSh6 - KaoygewS/CzR1HnwvMCmOS8nByk+U865b3c02APxLr/EwX16IdMnxukdh6ZdtjYg - K/ww4nFZ85sIcS/vqLsxIXrhZ5Xam71e9Aky6yJVo2JFBj0Zz6rJtdhh9SnH0xOm - Kq59fVf0iyiIRlTJOl1nBxNtrMU6T5qaH6X1iS3pAWAlXPuI6nqN1skhRdi2dG/S - XgHLODNQ1CfGxflNcrySpAi5eQ2Fv4ls1CrMhyKfgUAhVSeJdFiHssA5z9FMNCZ4 - ujbWAviWw9mmnFDDGwdgUoktWpnJSH65y/UOZCnmlafePW8EsHsBYn8IQQ9a8Rc= - =604Z - -----END PGP MESSAGE----- - fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD - - created_at: "2025-10-20T19:03:05Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA46L6MuPqfJqAQ//Rr/YlJmilbwe19pdUZmKuIdCk4+1BtOpf5xqfx+UqF9x - EM+UFlWmvbvi0g+CB/rsmZccPqu40A3PBcMa0BajLLAtoXB8F6MGiIS9Nk+p6Q5+ - Y5FAn7txhcAMb9VX4YSykav9KGlwICNM89ItG2CgLVgJFJNvWOuWby+vA7MLq7zb - WC+4vRmFo7tik1NyJOoSEUuVdFaR6bgy4PX8LSqgA6HkwJQ28eTrmdAp1xcVo5xF - VzvlmmsXg62gCoVyfu0tGo4x/pTc8d189lxpuK90PTmlQByBrmYUDPv579xupugS - X5wySB7FXSdvDKVkR2PiEXOI4AqooWFLWeiP+khwV0bTebyleYxYHVx1NqNSA3Yi - LCtq/ve82pLWOYndJw/cjUGS9KaVGb0juxEq5gGj2FGdD0J6zNfDCUTfbJbQ5mhk - z21Uo8E9pdHxygy9jQtLhby0HJIOwyt55vhZKaWvho56CYa7K5IsUnamrnOGjCMv - FZyq/9oe1dKY4qvwGABTpGqyxiGmFbo/5bUN8gRZ55Ad8kEUczTOPtFghNH6CHzz - 5nX+hgH9dgJYhWq/Gh30Ncr1mUP+mp7Wu7+ICFX3bBMZ3CMBHohMuBCjqT9mRA6n - sVc//UHJfhwOZtvojXRLg3ml8UB7uR0UadVq0EDH4E2r8xB9bNRw+stcau03RPnS - XgF4See3E+DIK1pDQQiPJhpusG1zJNkmmucv9bx7d1Ml9AB4cEGYKtS46KHfhGmj - bUCH5635aok2OIY5PBOEaGO52HJmjmKISosour5jYkY/Xxu5lDNyKBc10W7quuE= - =33rF - -----END PGP MESSAGE----- - fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A - - created_at: "2025-10-20T19:03:05Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DQrf1tCqiJxoSAQdA009TV7DH++wcvU+3nwA3Romc+DPa2QbF9QAQpLTV7j8w - XCT0y3auPS26f6+1VoyKEVCcbbJj04WfS6LpQgFzh0zcveW9eCPmyfJUQexsslCV - 0l4BxxywC4sThDoU+x/SjsX9Ux5s8Jxt+p+6meXIBN2r5uZ6UOvnbV0GLd9Y/IeG - oZuyB+KFwgWEGkdVskNe0LQ9fv7EMiklGOqeu1KeBP7dJyQp4ch0IctG4lX1bnOP - =qfjj - -----END PGP MESSAGE----- - fp: B71138A6A8964A3C3B8899857B4F70C356765BAB - - created_at: "2025-10-20T19:03:05Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DzAGzViGx4qcSAQdA45UHDodM8FtfD3VgrYVRzfPgDrBqBYGJC8OOgULKbAMw - vyPiROW5sWFc2ghokzeSQqOOfRAwKFCgGHirI00IIdBdeDVGIV0m2MNmnd4uBGfS - 0lgBSUFt3MFTUMqc0yI7Jqae5a9cOXTRoR8Lt+W0KaEkciMBbdDHJktQbQHZ77Uj - 3d/NB9tW56YuP7UzAm3xm6dM6I/qehQo0bL7hOfbyNy+PuxUZglFCsh8 - =N1ud - -----END PGP MESSAGE----- - fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD - - created_at: "2025-10-20T19:03:05Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA2pVdGTIrZI+ARAAxLqs/FhUjRL0Qk966pCx75xHSyhW8W7EAOITdHZaU2RF - Tr1YzMHF/nUD/1YQ3XmnUp/b+EEds2JWV/Obt4lZbeK5EoQHMkBDA7O/ZBWQ95+B - ubbkqDEW08l0jT7B51i5EIaLxs3802xLfnW2ZDoyTy67Y6Sv/nb5JNoTLB3Ts1x8 - x7r56v4fnq2O26SkHrhsNWDajDdjtREYNiyTQ1bxGlWFmSInWTKaYE9gvCNoAele - rFFjCyD826gR2Uk0kgJHD0zQrrIPu3TugUdYVjEtTfAuqTimGuurQX5ZbK04xZ2O - f++XouOWFFnJ3xadFJce5Wg8Lw4VJ7/FaSq5YFN3DXkFR5CnQc5su+cf9AN5GNoL - gMHnlomTg/1kf9MrOzd0geFaKRwx7OLhsieFmTJw2KoZ67xc5W3t4OrehkLHb3UR - nJMrm3qpHD6ypkcD8/ooWak/EGNQ6yrihiqW0Wli3Cp+EWyxrJ9I2UDfJPT4osrY - iIS9wK3/d7mNXJb6SnGeKQcjPtuozNhxyzUkLeQuh6h8ziwsxzpI3v+4/GhrTuM/ - uGojgZqMl9nRQ8VjEZ1BSfGD9TU6aUctZd+pzvtA+29wMwekTopCR+CCPYXCHsq/ - 6QsJg0ge2l+7Ei25WzlIlFYj72MEWecdGLeqaM2o+S/OKNACE+EpO6zJGoiJX8/S - XgEJ41AoYZwHtvGEVWfw/wlw7zTlXlwjU7mjJ/NLDs9TEYM1J20tQT9bbWXC77yV - fPRP/u5MR2uZEPr20YAghHLFPumqpK4laHmYqJDNvNiGibVmksz3jAYS7tgItl4= - =8bqP - -----END PGP MESSAGE----- - fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533 - unencrypted_suffix: _unencrypted - version: 3.11.0 diff --git a/inventories/chaosknoten/host_vars/wiki.sops.yaml b/inventories/chaosknoten/host_vars/wiki.sops.yaml deleted file mode 100644 index ea23e8c..0000000 --- a/inventories/chaosknoten/host_vars/wiki.sops.yaml +++ /dev/null @@ -1,210 +0,0 @@ -ansible_pull__age_private_key: ENC[AES256_GCM,data:NskytXI3EgNvNGqLunJuKIK42jni/TuRdEkcoGa1ZXObELt5Dd1yiCdEIOmJCHyCxSrXGUU/8wbTciLHfNYYoldx1Gia5LovX78=,iv:aoCUz1xzYr+dZSKwtxiHeq+Hf9ObbC979VRiK1M8vCI=,tag:01VwAOByHn4PRfQNS4oFgQ==,type:str] -sops: - age: - - recipient: age1sqs05anv4acculyap35e6vehdxw3g6ycwnvh6hsuv8u33re984zsnqfvqv - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwTjVMQUduQkdsejFlcklu - eGJvZTJsYmtsc1RaMWxBcGZnSndlLzRwTFVJCmFsd2xWZTVCL1lqd1FWR3ArZ3Va - V3NhdTVuUmh0VFJ0VUtyR2wzTnhoYncKLS0tIG5aSnlBZ3ZGZHZJa2NCLzNPcHg2 - OEV0RHlPV0hPSHd5eFlKRlR1SllXcDAKJ99EvscYIOPV6gKePC+Xo2/9Iz+FplXv - 5pa+7WFlHlw6UjXl3l+6qUqBDQxWpVBegZqZFbKTtYSt473vD+6H1Q== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-10-14T23:44:34Z" - mac: ENC[AES256_GCM,data:Q2x63fsUZMuicE70thSVCG/pKAyzTw7FD6f1SVbvBnCv3r2xsNcXczmk0xoke3H3eErf5aiaxzsI50VbEzjLOb3kLfFeHXMCMvT/SZ/DHo1bkMJ1P86Pg6y3VFAflAJRtRvRpNyP4H9rk80Ii25iVZUqwuEcdECTUQuIF9G2Xew=,iv:QMlN4DUcAWQ4I+G0p6R1vEL9lFF9ziRlntEOf8Au6jM=,tag:qUENqPQBJBjul0S9Z7Y0NQ==,type:str] - pgp: - - created_at: "2025-10-15T08:45:26Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAxK/JaB2/SdtAQ//ZxDKUI/QyvpPjVij4av1VxHUmOm1avYBumYremT9O6Lp - r2GeQqTwZNwGqRE+LKKOFjAtoIeOSvw60by+XQQPwpFRBGud+emD1Gku5WZcomxH - vD6YOuRN+Y5PhlQ/Q7asIkh/HTvY4GXK0pyltE9gB+tIPj2RDOaR/BzeCvv9xPro - ZLBWKEnGB/J6Ia93VwGkAzJ0KzdQx75MyAGYaN0l/F5fwZr5UgvwjDrL4+HEGVBK - 1Op8jmJrFdTBgK1YC1MaXQ1/bEI3688InRDqwDigCCfU2x1QB4lfjpw1bbRiBmtU - fAnaOfE74Ym84Lmfpvqyo0V8VaNz93miRHDLj3yTVuDAgoLHBREK5FofkIjBOj9E - NfnMiGaibIQRIWztHSz2/B21lPBT80yyLCPauCqe4N7IUrUnlI+CimMsiTcyniek - Vwrl42DkwPct1N8AbKY9YMTw8RTH3ZUT9JTIqGyGA8kOSgl5VAV4nqb11Wgsd2YR - C1KBAk7xDeQ5ihpVcqBf6tuxI3ES8kQihm6H4y4weTJkmIKDE6webusP6eXL+JX1 - rCsBsBUv0ijD38dWeXPrNKQdSElZ0hLgyttFT0KZuH+4dPgtTMCeYHiQndC81e4J - qdDlYB5f+y0S91qKYMPdm3/n2e0uU2Jzc/vTkTV7wE3/3nOk6zhRIH/0K9IQgGnS - XgGJGambfGpPDxGzmhAxtxI8GAuTsM9az2PD1Y8jMPDRdvbZ3m8shh0QTHad4f5I - qrtoRJLr4EDvQ5wroLFrMizBbVYBobFZewvY2978v5+MzndWF9gmr1RollhqqR4= - =rv7B - -----END PGP MESSAGE----- - fp: EF643F59E008414882232C78FFA8331EEB7D6B70 - - created_at: "2025-10-15T08:45:26Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA6EyPtWBEI+2AQ/+KsTuWMKbHHrW+bM7vG98Un+9MWCUKl0JbNn+rS4d8G4H - 4lwyT6pEGfAJqJuP7kPu6VxKDYX2+oTaRoZDirjVM6Mvc13tjYmeQGin5QJcRquI - Q1JVoG1sLLckZSnwIDnzgXH9J+JK2JTqfEnF7eKiYE2oWDoQaKL3SsTKdfpzIiRf - kEo6ujik/02/fJ+sIf3GFF5a4s6Ji6N/fMmzQ1pyWYC9udTIIhHxUqaMvrVAkzFq - ETgQkR/nW1FMF52BH6AmgYgPZ/Sp10TRPr/VDsKwI6zvp2Ix91wOY32Kd5sw80Ek - p0J0oyZPTMaJ/REyCSHtiXWsxQiwd8S5+WgJ3D7khmKNbF8O6PybQ5e4Gi4VhysO - CDkGiaHDq3qOD1Bnd01nL6Bjjw7ppgpbw1PoDEHO6EDUoPO8A8RZBkSmEVebmNQ0 - Aw4xXLWsq4A4DHqBHdGi+hnM19zjv4+0bzVMCc+7M4q6zFnMwRPSzZIL6ISd9y8C - A0xXzvl7zX4F+kkOi2tYhauYutEz+GT3/O8J465ckkgwyEAjT+iA/LESk+1ofjnH - dmdMQQOP9Qf5kTtUvxwvQq14ParIDUdHcFa5MSrgMVPRR9SoXOYcqgBsF7tmVDft - 0wXCmnUcq41xONYa8Iau+eFwjJc9WJxU4D3JmVr0nBbofHnbgBEsD9BtW4cTUPrS - XgGeyoONP4ZujhZ54Ikg0czs5o5L/MPiCCHTH3d1wrruoeMCV5kQO4pQ+qfTvmRw - oxp54uMreBXoGNX3mqAaE9dymXPc/9axk6j4w7QYVz5G9fGBE4phqFUB3anTIsk= - =Y5hE - -----END PGP MESSAGE----- - fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC - - created_at: "2025-10-15T08:45:26Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAz5uSgHG2iMJAQ/9Exu9vbiDjtU3s/Rtf2gc02l7BGq2/r4qz7xm6MKx9En+ - 4gYmBvTAqCNX9rRW7vyCHlGqM+Unr7zEvpQC29GKqELUAgsmNM78m0Sv0w/PGSB+ - 2m5pOjQ9JxEYpibPebTZ7ulkrZNmGCGtC/JTfPql4QOLHLbor0UdRC8CnC5JUZr7 - z1kKWUFk3Oo/t6U82EcdofdneZU7AH14rRmsyIvUUYSDpHZrz7S9PO+NgkUKbMlT - 1pOzO/zDRzbix3APqaaeq8zo0n0ExraSxxscuFu+5nNzAsO3TsHfX9U+vi66d2xC - 8ksuXONKPy/BMnURouwEVA6iYleGl9fq/mGSNHTJv3WgglmG8W6+nmPuHxuCagd7 - NrimK7ch8Te1VaidLfN+8Rkbs8hElHDUGF/fAU0/ovU1Suzzcu9PX5dLyoDhJxQ8 - v7gmRk1UBxC8xhuNCHn5ZyMMwvpWVCDmCgd5o3STts+1AU0HVN4d/+8d7atkBkoQ - YDUTreUvgxP4+dddBjsn8X0D/pe9OXPfnoyKkSwHD2WhYMPcJvB52Afp1rX3jk8w - AEsiNC7AakEdZO4IOSa2tatOi8z4KvpzEWeEV0VsAjuS01pib72LOKOKJzFClSv1 - dnKGagci8jLYggoT2oJnRnPDav6ZEQeE6G5KNVWYVZTEPkyTRpnKrxYlzkItcGHS - XgHHYsC8OerJFk73RY6uyKx+Gcaaz5NxsS7n+hsA9QU4alXK2UbpErSXhgnnqjUz - u08x+QaBvKpAuwU4q78HqqeE6Brs9ywDMHPZZ3lxffNq9z8y98iP/bHfCfIC/jU= - =w9Zd - -----END PGP MESSAGE----- - fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5 - - created_at: "2025-10-15T08:45:26Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAw5vwmoEJHQ1ARAAhg4Br/cOdrHdvPsvim4YK188M8tll+bHC1LTkbjSmZQM - 6MRXe4z3Y9s+R9Qi6OFrkedtgb6Jw/p0JssBeAU6Z8GuxEKSJ1tBsi7oplge22Ie - myqAFR1GoTdshj2UXKyWzKXwem5Q9jd6bajg/863m1ItS69DQcSg22Kv6kOyi760 - bje2woAZb0J3G5jzB/jra4Tw0kw20KqkyKqnYXfhLTMcsWB95D69MtkxmmBO0mz5 - 0kPYq4ryyb2hgZi8mYxzKxeEYbW4LhWnmqyt0/BsyaNwIOgnjcsWJHNWQivbQ/04 - dZdBSQEft3dDRE5WbHq3Yu8EtXyk28cOkfpFQNkBqVTfQ9XHQdiPNSxe7RpqjAxG - 6N93EQ/NehN1jD8UW5mVe5OFdOULmyUoX2MhluVHiZsnlD5yNR09FKcZ6FUHOdm6 - 2kKam+vjo6AOkVI3s2gP7dAepRkdxo4fb46Au+DWA4pUCWPor2wYrqxK5h3XXFJ+ - 7tw4oV3o25ZyUrMkU0oGP2amp41MMLMofD3Cr76uoSV7GvVIfyXpiyWUDBI/WbuA - sHKAYpSRO84Ry7AK0Xv7Yu1LfAB8FDJlcw8uifaK9FMSAHRPgRDriaR1QQrVveHu - HypZn2lIqMKKk9MGGruoBLRYDQwL89cSHQwvUcwYmEfgkVjBJ85OQAbB+3UhHnHS - XgFFg3y5qFdyCwqI3vNdl3TSprbqE5Gn99q9tBAlXFAryhHDxDhk2vMSY8e4dkmR - c1vuO4qoQCGxP0hJPTbI0U0qCVRviA3r3z9HzCGoDFIWDk5AR5KVsp2rZTfIaps= - =3m6U - -----END PGP MESSAGE----- - fp: 87AB00D45D37C9E9167B5A5A333448678B60E505 - - created_at: "2025-10-15T08:45:26Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DerEtaFuTeewSAQdAMC8JipxJ+7R7EF4Zg+b4B6kRYQ7vQc8GRnlPkMDCcT0w - XzaRfm4FrfiExhb+Cew/vH9l5uGR7OaTyAsplOqduD1sXwrXnr4LmRpbIaH48nuF - 0l4Bx8XjzP4dmCbZF8PyTNn5kqUPo77Hl/B2zHXYU6BXbhHbF79TQAnvkv/RbIyz - EgNs7zMf7HVU5whwU0zwp0e/SZHBpidFtk2lfgfYGaENSRSj74KEAk3SY5oLCeaB - =LeLR - -----END PGP MESSAGE----- - fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912 - - created_at: "2025-10-15T08:45:26Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAxjNhCKPP69fAQ/+KW0CDAFEw6L0gollSiBcywcRuecTE83wlAhleIquum6o - 7XJ4Dpy9tsuadP/sCjLP/CtxUdj9sfnHvj4upMYITe/mnPZXrTMaCp6XsL0RHS5K - QrSGrvuv4zW5/H/2s9cNineQ5PFVBOoYkAos28d6iAmvoQY9X0a9JH3bsFPcyW5i - kz29b0wwEOvHkV+sj4A7h/YuZX8qMrzxbpawdJmjIlgd4gEdkaP8LRhSwgcdx5X6 - ifA9QXgx9C5/3O2KzpDpwGzvy2G1KMglNBrtEKzrxfHdphE6NTJrlly2Hx4XdAx/ - i8SsyFGkjXQv6rZXUs1fGSt/ioNLFxzk8Lqycen4/zPPP7vb0kCM8Zj0qjXapbAs - Xm/LcHolbvj2hU86gMexg+dJ9fxkwrxArh6tJGC0unLoad5HpD9iN5xj7CA4ZxfS - UrgL/ODOs8OO3+pc/zVDl2jWTyc6ybwM1tZ546Zp/7DpzZI3mFbQI/CczT21YH2w - epnmrYwvG096E93Q7/IDNHHTZkBG73ZzRPfProZXRfpJR7b+8llpj4GEHb4EAW0S - adsbNgzaHxl2y64iTlHlis21Nx1CtiLPI5evUckI0yhFX05bwe1iUooIpzWyRvbB - z1lPtx6JpPauNz2Kb6cTRBBQuZOqzSBRU4mk/kc1ANhPlUNcCw2njNyAE4a3DHPS - XgEgviJ1TXZW3P7gJefRTr7RyPL8puf9iw+DkiM4esKMp367eYxvSqhPhNhPRJ6Y - AEZ2FtC5unZ2IwWWgDPH1KpOpTNR5DkvC+8xI3zLACUy0x7GXTHBTEuBq325OWA= - =N5mE - -----END PGP MESSAGE----- - fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55 - - created_at: "2025-10-15T08:45:26Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA1Hthzn+T1OoAQ/9Flk7XZdzIUdn96HmMeibsZy+zpwmxxFItI/7vRJfu0ro - jh74Mdxf7ycfCxPOpPQlCMj1PfCsyutxu+mPZDfSKu+YnlxaK9uoBlxoqZx/JDZf - tnjyTHqcykEzadDEeJasmz+1kA0Udlyz9/276LVJ+dbHzyHU3FcsGpwYgv1ul/tx - +VRLO2ZK1uVxtIn10KXAKbEKMV87BfjgKcfbdHF66jPAuiZKANj8ZwhpbjJEpozV - fuOzPkVO6SgpUKWVCIZPMgji9ZP2+jD/dllK5PTXPmlaTOtr46ufYkfxkzzyw5sU - q6Us/N0h5EYXBYYvzdgBAGOq7NlW93DW89I0saridv8NC3Q1VSYGCd21aGC8xwrf - +yaU6Fcjggzvt2iH9nUrGpqxB4AwrVvh0MPmS6XPZ5hqsFCNOMLAPqvTVmrh5qAM - cWzfzVLP6LqSZ58Na0MNb3hxTq5py5hZolmfjDbtBashQ4qv7/5o/i9Ntoemcq8i - sQHYYNDHC586EY4GfoU9Igo425VigLzIuvEbcA+PSUnZCX8FTMxCLJ+wo8y6GaU6 - BbJi3QX7pw7XyPmkoQLcGDcmmGkWjHTS0VCj13MWtlk3mce37HH1Y2piftxo36cP - 0cR8c/vP4yr80IRPfZLgrGfJZaeBV+I+gfnSKbKO8+HKzVFtF9NAa2RnSXFqscrS - XgFCqFYfaJ/05gdrA+/My+n4/9Cm44tK2o195uta/xEm69M1KVWOkNYcbW8F+n9D - qHVGdGGH9EEdfEls2QQ5H5UL59Fv93rn9dWlfyGtJOonMvzlNH+Kvw4m6LzO3PE= - =NVhE - -----END PGP MESSAGE----- - fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD - - created_at: "2025-10-15T08:45:26Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA46L6MuPqfJqAQ/8DvbHIyGLCH2mznpiipcVfmKrZcTRvnWRkJcljjwZl5q8 - qcI7d47cOV3E8Prmx2Q/0PB6RU5Y3qXcDV3/VMiZCjCC++Hyvk5l8FsCJRPDqe0r - h6YKyIe3sWfW/Pk2Jtqlitws5/biOyCmc54ERSiVmVyqOnJKwjKsibn1S/46uDVS - kemJ3VWzvwNWeL0sJay8kL4fL3uabQg7t9aaNKb8qp9ZEI0jad4dFj+0JbmHckYo - d6d9jCIkkZc1YB9O7qrE/qkb8f/d0mU9rqcZ87nGuINYUYedUnt6f1Ui4pHhUmjY - IDsTry7XvC7JaiEwivmPbaZ9ffe8QyMmtBq5WLvBPJQGRKNl6iCbbnZsp96UzPrE - taHIGF9b9qUocrD5STbQDfRGGjXSamr+V1x2OPwCUkfGB/Ts4EmmPTPsB4K/iAIL - Coi5GWHTl164N5tZ3o1e4ga2sHodka6sDVLbsVTtutlbqr0VvW06bm6aFoC9wOk8 - BLB6pO+R8RjT7RfS0V0/R4YfX8LoaQR0M/B+kC65D2+kn0aou0RYzG50VenH4QQm - FkNKiWJ5vn0kZ0kE4iC1THuiRRNSBkC2TmlRVlshLSLOX05zKX9NU30y+ehWaCNL - XC49stTV0kGYYr8TnB0q0DvxHzgJE4e7YseqhS5irrBVcm/Ltsw/gajT5zJx813S - XgGUstn2BMiSrYYce6WQp573/HZGG8ULlt3acVeRFCs5/QbpJUCMnf8N7CQuw01O - KX8EFWHY7w9A48qFDl6Yw5t1o4mFb0y6rEWIewnIkwnl/FTX6AKi+FObW7WXHHw= - =QGIZ - -----END PGP MESSAGE----- - fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A - - created_at: "2025-10-15T08:45:26Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DQrf1tCqiJxoSAQdAbAPphVEzj6P83i+VBCWW0mvtTNC+BtZF1oSi1qqpOlAw - gKtI+PFAQs1VmcP7LqPlFRe8fXMGCC0gGd6ls6vB+dKeB6mOYRZZf+5/NTErljIc - 0l4BuJxN062P8rKWoxidpkkug9qGzAGss5yehxI7ErmQzAlagnnQ+fg1xCVuOEf3 - NQfplRgI9wN/CMK2X0f0gBLwxcQ4exnC9x+ww/5/cYZ7Nmwq0/z7DYS9HCtD/RZz - =DYD+ - -----END PGP MESSAGE----- - fp: B71138A6A8964A3C3B8899857B4F70C356765BAB - - created_at: "2025-10-15T08:45:26Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DzAGzViGx4qcSAQdAXgHEVvWms2IrfU6GEYx5K+OR/YwThlRSlDbna7SkIxUw - n8imZ5Q5X990XNdjj/L2AlXdVvj8wRulS4mdWEuyEv//DSY5nqVKD4BHE93xoqf7 - 0lgBAeIpAei4A5V1kdiuZkkh23tIkjDc+9bsJIGpa9uOilo/f1b/g7we2X5dsslp - 8Q7vwpLD53KbHlEi6ByaGX1unt5Ws4FmARmzV9SF4adzkN5eoGYQknLI - =R94Y - -----END PGP MESSAGE----- - fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD - - created_at: "2025-10-15T08:45:26Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA2pVdGTIrZI+ARAAxLENJeplBhemssg4MdCeeVP7SM3xnx2yFgh1GR8FWPgF - lpkMmZF/POF9lVg1drAxb1GTa7kLxoZKdN+LvrJmp1pfYudasubfCG6xRatNpflZ - SbP0Qvcsxl44PqK1vv6o/KEVc1JNSF6iFmuc3iF2wWepnWejiUpvtd56R7NjXAB/ - RcYSzEoncJdMD9PqLFce8sldHhLAZnHW1rFVHZprV+wJVEycWnXX6LyL6NlIEvC9 - jRQwA+CfG27zoe1eQmrd2bRypZw9eZzqj4g6j7bGdKPfYza/YhWUm0bp0pMM72vP - PqfvMBPNwC+Oe9n4xYq9e9bj1MTabVUMsO7eyh5PhSf0iWWS0nNYoM1iCwRUHm2g - EweEyZlUXhZyCSrVqBKJ5MP5rOkgyPA1RYINkYWESF80FS4qu+QZ9+djRLF+3C+x - t+/3lH5kMnw3jFo1XGdodDyR8z4AQyMgdfBNP0bCNhyN6jROMRzE5SG/uaGzyCAy - 4n185bH90RAau/0s0d/wLtG5OmH9EajOWN69mclWXKeF1hBvrnDPMBYmSmbUeocU - 2MfYTXo3Cq6hlQHI5HjzbH50Ei9PtTA6k12BsZNCQfjKef8FFpWhribFRFo3h0wq - aGf0v4+DvpLAPqIP/44yz38p3vT6bo6bVvREebhPRo2NbEcSpiKuINMvv/iymlvS - XgFdB+W5sN7UOFtINqYyHQQNhTf5ltsfHoaSNqgigEAWhLHSMEnOClVdcFpM43r1 - i4sePHswqH0/4XLf660mglYgmayUiTv9iqEjCfFjwPb2/8JZVagh7tdaFpcLviU= - =fCZM - -----END PGP MESSAGE----- - fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533 - unencrypted_suffix: _unencrypted - version: 3.10.2 diff --git a/inventories/chaosknoten/host_vars/zammad.sops.yaml b/inventories/chaosknoten/host_vars/zammad.sops.yaml deleted file mode 100644 index 91906fa..0000000 --- a/inventories/chaosknoten/host_vars/zammad.sops.yaml +++ /dev/null @@ -1,211 +0,0 @@ -secret__zammad_db_password: ENC[AES256_GCM,data:ThtJngNvMc817rvbjMjjbnp1tBlXPdAg,iv:GcQHc7p5jFcyxpTcYsUOA8PvD1Qy5HxVZXHcAuL19Uk=,tag:UjVxYkU26/zkBL1eKDfreQ==,type:str] -ansible_pull__age_private_key: ENC[AES256_GCM,data:1GDuO2fe4n0qDxBHbMZleLr5EeEtBs5Vlh6PZsJJ4HWA+yTc6q0QtLuuMkBywKhCBPThGrBaUTPSOzVAQzLu2WdNhGmdQ4KoWE4=,iv:UWr2LMoLfLPGOZA0Pne38NDUql/Mh7dHslYr/1SicIU=,tag:npddFnsbRQIDhotK80EtlQ==,type:str] -sops: - age: - - recipient: age1sv7uhpnk9d3u3je9zzvlux0kd83f627aclpamnz2h3ksg599838qjgrvqs - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB0RUtTamQ0ZHVubnc2VjZt - YzZyeCs2b1NuY01DZm91amZvVitiVmpDNjBVCkdPTVFUUE01TFJWOUlDTENIcDlI - T1ZlV2JuZDJCQWJkcjhkS29nM3UvYWcKLS0tIDV6bkU5U3dZR0d6QVp1bG9mamov - c3ZRRDVWTDYrclJERVZEdXZYSGxBRGcKJGGOHHqqHAZxxhLY5X5nW8jvzRlIewwD - luVs0Edqf06uxdntEbDlDWnXthpnx0nypokxgPWEMaQp1vhSqTmVqA== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-10-20T19:00:44Z" - mac: ENC[AES256_GCM,data:Wb4wcEmSj1n5dINoeNR3wyXk+7Ukmw0EivRk7dOJ2jpg80LShB26nemoH/KR38f+9lCRG95vfX2LHbK92/yzJnrVi8cbdmR3Nbc7EvJtwaRM/tzuSR4KQXtt7Xh1rwbJaofdlEtF6yPvjjKLHsioijOSDwlI6+aZy2//Xxt21+g=,iv:k+daocz9naGwdIH585zR2ilN9PJaSQ3p7hsQWHkh8Nk=,tag:8ljEybJqu2dFdIOvbO1JOw==,type:str] - pgp: - - created_at: "2025-10-20T19:03:06Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAxK/JaB2/SdtAQ/7B7FKN/EC9k1+me9liDPJ5dRGH5jy6Bwovr+SoAN3xOWu - xASqd8sp+amXQOP0MH3aQM58JFEfMNVo7qLYjfaAHg4I4OqA3KLM9NpnmdU/j4gb - DsOeHkA/WbSHUCH/j3pKv3uFE/s52OhKTrIZz4N9n507uWa3giYGupkCKqgHO7ZO - hw3HmCfmySaY/gowuGlApLaF9f0HmEKP6/horx1GD1ulEL8YyHEuMEqXyj8zwUYH - 0dKJvUsSPzeUdAy+uMs+seEEBkWOgVHZGqvVOINaf5Bj4cKQXF5CEPiB7gOWy1K1 - 4omLwmmQj8B0nNg2Xw5U35pri6ciLpbhRfSqYKV91sLty/svZ7Gk2eZV4gOCw2bK - HTJitD5G9sa7TFdSO8OnvYNPKAv8p0lQ1iVfKL+7dxp910kPXdaHpiMuHuAZbDnJ - 7PlZ/+DlrZ6aajzHJGV9XuGQQ9iWsgWFmSWIi3P0qMk9DYHuwhNoWcsQnfWDpQc0 - IibL8wZcRHi6OjU1RrUoYYGu+YW9ljyJosdousbp+nOnGlQFghUJZqcgySHhfvnt - sVGGSsYk5W2w3UQ9LwGdDvUl2KwJ33Peac+QWsgyYEIeFWx9oYREOW0h6tqBsgC4 - xHjBQwLU4A1iExwlBWup6xvL4to11GN7MLLwhBdS5XoNP/SSrEniY2/qP3bMBXjS - XAGTa53J/PhRwYjnNBsBDIAUE9rp8AP7mDsyzTZ/5mbm/ajx3Gk96/vu2UL0iXK0 - HwjQsgIBCX9UP6hqXigGr0UFRBkD49ITJymBRqusuisnL+nJrOzwhOds87Ec - =vSC/ - -----END PGP MESSAGE----- - fp: EF643F59E008414882232C78FFA8331EEB7D6B70 - - created_at: "2025-10-20T19:03:06Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA6EyPtWBEI+2AQ//cTscdt7T2Xuc0y1fKqRbSEuPfFzFCuWSdYeY4lm4SpC3 - r0/U6+vHpXxVdtRQXc7NIW+GT+8OGd0uNz6rNFdQa7sOs05bo8PUWGXgLKEnn5XR - wp6Abz+SDuGCDyA3HKbkhDozubgq3EBpvziMU5Pgszp3PJeonofw2ZyIWVv5cH7W - /oemH8556PBwC5rMOw0hLPT0heT3TrV7X9IUkYhs63VjsnUkFeAw4v07VkapPVWK - wmDov8kS08USm4xa5Kzj64BVTuX8GK7OoLfbc1VJTzsxpS8seN6aBz+0dxExCx9G - GPX37iqdwdPjol6HcrmLs2lg5Gp0bQtE9uf2OZgIAu8LTFriTT+szSSLStuQyuVn - CmgGmFL1V14u7be6HGJdlHOxZ8lcEZzyu4hFDS+EvcEsVsVIkEr8exMF6AcCVUmu - 0dz3Ybe0BR4LyFB0pYpA8Y/ZrPf8nhrSp6Mz+uA5EJBuetfpyVpSGQzlVHI/AmWk - 0dbhoKITKvh3cesIOg8xvj+HK8t7LI2ENRLvQthWrDsxQqVnk/IE1KpVqH+B+i+c - lr2QQYDQRBARnHCFQXNfoTwLBpBIc9I9dy+b7bfXO2ELZ9aovRpoglwKWIRvwJTB - Wns6wjhiBGS//6gcY97Tc/XFIVBIbBLE7KovzTmSIhwoXd2jWdTyTvnbGrBoqSrS - XAGDU9Zvp4+BShpMNPAG3kHcO2cGEbAuYjyZ4fM1slbqOJgGcPZZ7BgQUIS588fk - jwUpSs4IGtfI/h4IOSy+KeIrLfWRNhTevyi8SSPOUuMLkrZ31/5goq4uridk - =mc+s - -----END PGP MESSAGE----- - fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC - - created_at: "2025-10-20T19:03:06Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAz5uSgHG2iMJARAA2ImP7YdTd5nJ0EPCmirI6m3XoWNHje/UtVJgzy1H6AP6 - aFK6fXPFTXAzSYsl3IeHhcVrhANolbJGQWBuUq9LsJ0gwGAkF09haOkYi4Y/ljr3 - JqygviUjwk/Uz69/U5hCxMT+l/9YmkeHFN3QSY9OYaMcoaKorWSObT3z0ADAVwLt - P3Pm3S6KYss7B/3NH7z9qJUp/+95RR0fNm5HLZipqlTLVBdXNY9LrOylEPjuLPEf - fMAuOLj3xaUzawr0RgatQWB66aoPeFvMzTMSqLx+isnYFpzFUfcikYuDZeN+bRw8 - zT0JVP3xyFRKr9pNQDa/lXXOfQOW8gbSRYJE8zAai8D4tmFVbqQKlOWCxst1BNv0 - TVos0yQJrW8+snSNp9Irt+VCwBtOxLzoI8cjakAuG85Mx3xJ5lYT/Itt40L+M1UM - KkGzxXOZmm57b86jrKu+0lnAm9hvwIP95qxJupBzTJT4BfPLIeBMQ8AOV79CLaoI - vAjpTRatN1mpNWHYWFWYWNVkyNG/fZXqSB/oAAmHUvPD78tPdKlibpI57R1qa6f3 - ArL8Se8tnTHeF6od0VMk64cLKMnHBCJsu4dagMRpoSLPHXz61+846FHUb+AcJOaX - uPlie6GI2rSsMNCaAXP7cpz3IRQq4IK5Mpgst66MOyDexX3RLhf3dObQTZ4MmL/S - XAF1MlW1r/8h9rvVWOkFmz0BSz+qPWbGDssku1eJTs7BrZKCl9kx3MkHfPuUtLYt - lE+vE2nL7Qy/Miruf6voF6BYlvsBwx5h0BrZqgGo5Yv/d6smJ+U8tTJtcR/m - =V91f - -----END PGP MESSAGE----- - fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5 - - created_at: "2025-10-20T19:03:06Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAw5vwmoEJHQ1AQ/9GPe2+qZxMOc+znXm5uV9tQMORKfVHLZQG2L6xP7I+bkn - z7TMKMfz4RFzwONn80dxzbvYSXWy1EnzZ3dAkxXR+Kzm+LoPU7TXLPNv66h13MHs - SVFh0beeQbtdAZ9+8KDB+8K+ee4gwlO8jzZcsd2kL9fxL74mEcTbhg8U82+PL4v4 - 1+W48sIhvETv5vknW+1elouCwTxWw5lUGqjiMpdb7xif4BNTrILLqjfmdjOhTM2K - 5tkNdlAh07mMXU/yMPaD8C3Z4AoeoXET2Z0z0lIpyNn1nN8blBU0IDNjq1Kt+ROn - 8IHvB8hwmkj4Nh5hDhOP3rBiAE/2SPUT2+vKmoEDxmjuvKNqIPRc/Cs0FYETpJNT - YfykD7w/PXg7tXISg6iXfgu15FrlBKnimHcihjjstl/GARqKdgcuY79gztOySj9e - uv9Ur0fkpajee72azIrW8mGz1J1U0iCPq5MbiT3mddzxzMWl9olYWm/Y5WB1oX4j - //U5CwOTeoXWkk+JvL9IyWP3llUO+N4qOIcfA8j9aaxyQkfCg8kcnyfJy3+iYzbY - 2DuIjW6Cz4oYVIUclfM2NqTQKDOcZbssDFQn0L1O8RISQ2sDw5Yd41BVy6DFe4E4 - Ozl5cWHPhvbgFLy4f4meQY5r8EerRfeW1Eof3lp/1UOPwTI5vRQgdy7NAewNUFXS - XAFJA1bB5Gz12EcUwAa2DrUWNMqs4HmQwnFPhY2EpC3sZH12L1oVmMIa1AQzm/Mj - vuhm4yD/SYwpbAlimxDPnMyaeNG1NCLNUHcHR/hgjbzpzXNiRA3plot73+82 - =WFVE - -----END PGP MESSAGE----- - fp: 87AB00D45D37C9E9167B5A5A333448678B60E505 - - created_at: "2025-10-20T19:03:06Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DerEtaFuTeewSAQdALpcxVqWAeHmiCiRbICOxovMiwCzNGTTs4qbala850yow - r1ZKkG8HIJOybZtEs9DA3PVMMU2hMCrmsrbYbisZSn8TeCzchNc04kfLU4TdOSHl - 0lwBs3ScY2EgYHIe3WOcBvy6r96da8XLfDMfxYlP4QGkbp1spurrcQe7H7V99guB - TxoubvEgtJ8eMlfXkWjxdOWEq9aUd0dr6x0nwAvivW0ApuNx01WCTYuscgsKxQ== - =QcOA - -----END PGP MESSAGE----- - fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912 - - created_at: "2025-10-20T19:03:06Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAxjNhCKPP69fAQ/9F1xkOwiQoCYwXsSxpwVMlbN2svqSey0i3KV38fboNs5X - XB62Ry7rB5X7LTw2+5MOuPMAMsHk5KNFah25mipuMYD4UiXqh77emNfeB52MF70r - t8hnmj6CtaaVSnWnHeMOlF11br2d8ZGdwnHhn5En78Cz+W69+u75goPR0YqXJaar - 7hfm/oouSQk+ankVJYEvreO6WKr46+XGd2FWcxYZQw8PVW9iDE5+JhOZM//NVlzv - vylrYmLK9nhswXeEfq2EP7yWUeUClLEIQY2SuMA/VWK8wf48oQTd7eiXWb7pd/Ls - U82Viqn3+/Y7QMt31JnPhrMLaLCDwuPphxMuOzrncGjNig3mVcyE388gWSpkVHRT - 4nm/lHsVbFyvJdj9pDgxXNTsSe3fViMvs8kd6ZIn5WyU2W8NymcFbptySt9iy02R - hJaC+7Wbmjfw1Nq52HljcPNqRml93Z2nJaQZCeJEaLo9I4mz/MrGLBrQ+5lQ2Dwp - PPSYDQpJUmZRa6QkGFceQ4sC+SQp8hQBwyQ/sVNDWF3ocaxIU/erS8eDZrP2Zve0 - z7ZZDrjIfx+ArGDLOxlaADr8PyNRCnEX40HgZXGyyjbK3jnwoRkdkp6dx56IJTWr - smIWH82eQQ6JSRsfeERcCWQF605pNVrnGMYx5kj8VVgNPpimRdvUrPsdwYz5WnHS - XAEt/U8izWISfq+DFbwaZhnLAQRZ3VJ3QIjqSoBRGU/UfRqmTLpOspnndK2hL/6k - 260An3SyQea917a+WmEIlI8RtPh0Mfpq0+ao5Q6okGECdjwXhJm0LPQ32pUk - =rZNp - -----END PGP MESSAGE----- - fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55 - - created_at: "2025-10-20T19:03:06Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA1Hthzn+T1OoARAAmiRGmQDxdiJV66w2dm5wTUtfjTEzy+GI16b2C+kkjF/r - iW7VridRtVo+3wmhAXIVokFB7JMaDcCWSesg68jf/pKfrB8uSdeXRisKthD/gO5O - CeqUNWXV+rD9LUbuHpNBJfwen/6CaGZiw4Ww01miUBPODjtr7ljaYbgRdN9Wi8s7 - 8cRAoQSh6J/bfWx1zA1sMA9l/EO2bLmFlt+Q5YTEY1yAISuih5fXO45QW4Fxn69k - MSZUywyp9+n/wssCnGb7JUvXh+t2fa/1fTYgl6OI75Hb5BfAJfG2JnF7dUyt4RRn - 8il4qsrAvxG60HC84NYxR2j4h62wK6v1806bgMLEF1enXnwUWjrLOmgQPqhdEHFq - rNjPtv85P2vgFVEYPovaZ7Cv2Gfbqw48wI6L5uBoqcRtkMzJgUQOHpSZSpjF71HM - 2Qtnj3SOYeufGnipIQL+XQarQK9Q7FgcKhqlTFveSuBG1uNyhQRiAVpPiBWZsaQk - 98QrazESu1NAB3Q4Hp3oAa26adUrPz5wEF8mGY+EpZkBO+GeD9fAxFzxQxkaHGkh - rCFJ6fbGIdrhZil/03T85EbUSR+SoDeo7UB6Lyug2xq3XR5FPAYWAxyx3V//XoSO - zerEQpN/COVCMXs10GBxPLfZgPHkj7hXKJQxhIP7WaxWmV5M+5VjUHYge7obfW/S - XAERv41J599iu7hqiisdGmWOoPhPLD2rjztKoF8XizYbTFIRH2/5g/4OJU9+vYPq - 1Dh90GVvugJ025BFhb13HUuy+9yNP2c3A2uzi20ELjqfrzlFZ/yo6a+fQH8y - =tprY - -----END PGP MESSAGE----- - fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD - - created_at: "2025-10-20T19:03:06Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA46L6MuPqfJqARAAkqzpoQx7t/2mz+3IdpMQ2bpR6RMtR66e5Qw6x50iyx5I - viDVixTbe79ksRGQg/qBE2L4lNZ5m72+QcMwrv0SOylDEi0ne5U4OCwAsjM7vZl0 - gJzCFkIZkGwOWBkszdBHOE0uQfgRh38VMnXBcq7Ju+wJZYHoq63QPp81965dYHBB - P4GNGOI/XMMYs1KUGhk7MPQsY8fAbH34VaJ/E7k3ahMYYHQ0c/J+2OSKb15W61T5 - MQ/ry7iZPNiLR9dCMzKAYf+ImR9PBDyVMtANrcgFJzpFn1RSgKThMTBjmgGYAjJg - ESyjrhrbhWbvte1WeK6bgu/bebDXYm7DH/bt+N7oB2OUbsg5fQ94a0xXJeR0/3jH - fMhKWThdGga6+Bp2exoBduXVy/GFtlZ2BKYVUWOdSimbpK8EMjqWgja8dpzmdamc - VVQxNHhjPz4UV/SsedMBrK3E6Vx2F+jf0LYui7+ShLR2KuKievtHXbnNASCgZFfI - 1pSQXpWVDRRkhIHT0eL3nNaw8un23E40q+e+KJ42u8Os/TKHii/BsBotsfbMGo0X - d5lL494HAOjK9U/3JV9x+Vmvf2D9VNP37j66OqUqqmTre+XE4WtQcjMNonO4y7pS - e8D6D+7ILZFQRf87JKQmObLDBHCvHLGibjgiNxmF7fZIBeuWNo0YVY/j8CHGQjvS - XAHoTbOoqSgPvOS5751EHpj0eLtk39izLil1eNkH6hdj3I5j95pttH9daDslwDuB - Fyack3iGns7TDEqcmbxHOf9yklqsMkKtUMVA4mdhDQMnxe7KwmBeD764QP5D - =eTmd - -----END PGP MESSAGE----- - fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A - - created_at: "2025-10-20T19:03:06Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DQrf1tCqiJxoSAQdA5BohdesewCWjbpIcOC262ZgqLAdYtqQcyJUND3GcKmUw - TqK7WKIfk8yGVuTF9cSQMqc8fURCt6Zfd+P1ITOh7Hs+QlbycxfLJZTS0Y+PE+sv - 0lwBdeZImzCIG8Z0y9fMRdcrEcZnjXykCP67o5QusyF1/xllkGdDPIUh1YHWq1ST - Jadqvwo6Z0toJLHbk2DY5Dz/eDi3BP1Oq0p9YxlB39rvRkaSIvA2Y3lba3bGPw== - =4c4A - -----END PGP MESSAGE----- - fp: B71138A6A8964A3C3B8899857B4F70C356765BAB - - created_at: "2025-10-20T19:03:06Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DzAGzViGx4qcSAQdAl9xzEuj3J+553qb7AYJMh/gl6cg7kCOOmuslG8lf9QMw - FWSFlSIUIVrerNf8eYnORu+ERTjGN7a52sVM695bR0EQCHVMkLH7HoNiVPZIgxvs - 0lYB3ENG1NtUCaAf1LRbTJdz/rfmciczPWF+FCGWy+H8/d9dy0VMEyS0HFWYdb8h - wTP38dybO5KEPLQo7nibGaqx7uYQtRcR/i8PLe4NF3THEnCAf4kOaQ== - =cRSb - -----END PGP MESSAGE----- - fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD - - created_at: "2025-10-20T19:03:06Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA2pVdGTIrZI+ARAA11KAP7tpUgq1qXT3+H8L3tcYt7vUlbN13UGYpIgcGDKs - 9TBBWB5sSult2CygmankqX9IKatm0jRhXYbGwI1kvBmyjF8dtBfvjFNAKUQ8oEUm - C4IanxjTceyT1KKnSsiVomCs7LCoc7ZM4wFQSCNthl6g969mJHQNVRtgTJf4ezKY - 6ZaPXrECxbnzf0TvPBVHZuDbjAVcIyzRkbkknuysAWMDEh2TChoiz1Rv8g/r6EV9 - 0z6Oyk2DLqc9mCj8hyWjezIi/nUFwRcokh2fWrW/GZ9weCEit9EULJ2nBZEsvuV9 - evDfFFAjmMFm255VB4T0brzp6XMbwW3sGNYJ1xcw1sFQmnZrp0l73XQD5gU/60MG - JvEQ8KmJrMSuqxN20g4S+Gl3iaRE5UvMxiPOdCpL7KDDs/cW1++iOdtklAt+8WAX - hBut0O3tgstddlsRpU/U4fY6IHWpOChSisWx/PlK6yJ8XMMl1D0Ho97gC+niktWa - Zwp0mzSk/dYIvzxPMdscjCaed3Cf6zQ1KNKnZIR8rw8OSd7JkEdDymk7Ihkbx1Oj - YO+7shxgj99mkVxwbA1GdgmXKnlz5PURTMW7T28562SqqcOSXY371k0BKXfObm6P - x2eD0StUa/m0jpi13KnNrO2wYx2MLCeMYrCsu396Td8Bk1m1iEam9QBU5ssInQPS - XAFWSMzR1Efn6iXwXbnPmnHzRgfevYWCDqwzqwoy6j1D4/1QLwB314wEk4jf/jvW - r5J4LwPDJRiupClobgruW7qMaz5Rkn8853F78oafkmaQ+D5GATEDddlusBNX - =XooS - -----END PGP MESSAGE----- - fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533 - unencrypted_suffix: _unencrypted - version: 3.11.0 diff --git a/inventories/chaosknoten/host_vars/zammad.yaml b/inventories/chaosknoten/host_vars/zammad.yaml index 65ea352..88ad99c 100644 --- a/inventories/chaosknoten/host_vars/zammad.yaml +++ b/inventories/chaosknoten/host_vars/zammad.yaml @@ -1,5 +1,4 @@ -docker_compose__compose_file_content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/zammad/docker_compose/compose.yaml') }}" -docker_compose__env_file_content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/zammad/docker_compose/.env.j2') }}" +docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/zammad/docker_compose/compose.yaml.j2') }}" docker_compose__configuration_files: [ ] certbot__version_spec: "" diff --git a/inventories/chaosknoten/hosts.yaml b/inventories/chaosknoten/hosts.yaml index 1f1445c..c164b0b 100644 --- a/inventories/chaosknoten/hosts.yaml +++ b/inventories/chaosknoten/hosts.yaml @@ -10,6 +10,10 @@ all: ansible_host: cloud-intern.hamburg.ccc.de ansible_user: chaos ansible_ssh_common_args: -J ssh://chaos@public-reverse-proxy.hamburg.ccc.de + eh22-netbox: + ansible_host: eh22-netbox-intern.hamburg.ccc.de + ansible_user: chaos + ansible_ssh_common_args: -J ssh://chaos@public-reverse-proxy.hamburg.ccc.de eh22-wiki: ansible_host: eh22-wiki-intern.hamburg.ccc.de ansible_user: chaos @@ -51,6 +55,9 @@ all: public-reverse-proxy: ansible_host: public-reverse-proxy.hamburg.ccc.de ansible_user: chaos + router: + ansible_host: router.hamburg.ccc.de + ansible_user: chaos wiki: ansible_host: wiki-intern.hamburg.ccc.de ansible_user: chaos @@ -59,18 +66,6 @@ all: ansible_host: zammad-intern.hamburg.ccc.de ansible_user: chaos ansible_ssh_common_args: -J ssh://chaos@public-reverse-proxy.hamburg.ccc.de - ntfy: - ansible_host: ntfy-intern.hamburg.ccc.de - ansible_user: chaos - ansible_ssh_common_args: -J ssh://chaos@public-reverse-proxy.hamburg.ccc.de - sunders: - ansible_host: sunders-intern.hamburg.ccc.de - ansible_user: chaos - ansible_ssh_common_args: -J ssh://chaos@public-reverse-proxy.hamburg.ccc.de - renovate: - ansible_host: renovate-intern.hamburg.ccc.de - ansible_user: chaos - ansible_ssh_common_args: -J ssh://chaos@public-reverse-proxy.hamburg.ccc.de hypervisors: hosts: chaosknoten: @@ -78,6 +73,7 @@ base_config_hosts: hosts: ccchoir: cloud: + eh22-netbox: eh22-wiki: grafana: keycloak: @@ -88,12 +84,10 @@ base_config_hosts: pad: pretalx: public-reverse-proxy: + router: tickets: wiki: zammad: - ntfy: - sunders: - renovate: docker_compose_hosts: hosts: ccchoir: @@ -105,13 +99,13 @@ docker_compose_hosts: pad: pretalx: zammad: - ntfy: nextcloud_hosts: hosts: cloud: nginx_hosts: hosts: ccchoir: + eh22-netbox: eh22-wiki: grafana: tickets: @@ -125,13 +119,13 @@ nginx_hosts: public-reverse-proxy: wiki: zammad: - ntfy: public_reverse_proxy_hosts: hosts: public-reverse-proxy: certbot_hosts: hosts: ccchoir: + eh22-netbox: eh22-wiki: grafana: tickets: @@ -144,10 +138,10 @@ certbot_hosts: pretalx: wiki: zammad: - ntfy: prometheus_node_exporter_hosts: hosts: ccchoir: + eh22-netbox: eh22-wiki: tickets: keycloak: @@ -160,6 +154,7 @@ prometheus_node_exporter_hosts: infrastructure_authorized_keys_hosts: hosts: ccchoir: + eh22-netbox: eh22-wiki: grafana: tickets: @@ -170,47 +165,14 @@ infrastructure_authorized_keys_hosts: pad: pretalx: public-reverse-proxy: + router: wiki: zammad: - ntfy: - sunders: - renovate: wiki_hosts: hosts: eh22-wiki: wiki: netbox_hosts: hosts: + eh22-netbox: netbox: -proxmox_vm_template_hosts: - hosts: - chaosknoten: -alloy_hosts: - hosts: - grafana: - ntfy: -ansible_pull_hosts: - hosts: - netbox: - cloud: - eh22-wiki: - grafana: - onlyoffice: - pretalx: - sunders: - renovate: - wiki: - ccchoir: - tickets: - keycloak: - lists: - mumble: - pad: - public-reverse-proxy: - zammad: - ntfy: -msmtp_hosts: - hosts: -renovate_hosts: - hosts: - renovate: diff --git a/inventories/z9/host_vars/dooris.sops.yaml b/inventories/z9/host_vars/dooris.sops.yaml deleted file mode 100644 index a83a288..0000000 --- a/inventories/z9/host_vars/dooris.sops.yaml +++ /dev/null @@ -1,201 +0,0 @@ -secret__dooris_client_secret: ENC[AES256_GCM,data:v85gIBNH4s4j36crJ+Pb2lu2cdZpwz0xndHzBKZNGKg=,iv:Rlt6R7JMcHTAAVPiTtFaxqsWD8G5B9Ab3yqItYdFR+E=,tag:dlMHaxTMx3LgOzCsTLUdzw==,type:str] -secret__dooris_ccujack_password: ENC[AES256_GCM,data:bHeftSA7eC1cSydBRumksRgw2v0=,iv:X/pfsvQPZREifGjHDGx8mVk2TDrlrRVb6MiAr01wI9o=,tag:ti//x7eDbheMG6Hsn2KBlg==,type:str] -sops: - lastmodified: "2025-05-29T13:28:08Z" - mac: ENC[AES256_GCM,data:SkqMlgJBdM+CMLE/um7m8V0ni04Xi3S9GovNsADrws6VbSWTX+50oc6HtWl+Kj2XugLfp2XpVnlzggCiq3fePsdt1af2+ZfSCue1d+dexjo5Q/gvE/olKlmn6aj5qiosUsLgu7v2bCOIb9m9WiEhlQLKx1wGiqVNQDabiLOJV6E=,iv:NUUOcXtbg+xMHqthipKpRAWLTXda8rup4aCbbP8sVEg=,tag:wyh+hrZreOyT7uQQrghb7w==,type:str] - pgp: - - created_at: "2025-10-13T20:10:58Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAxK/JaB2/SdtAQ/+P4Y/6oXngawMZSyE8nrizlGEOL+SD1Uc8A0+pqmB5RF8 - RLbDvAMmicGGK3dAj6WaoCEl3F8oP4VvWc6pQC9xaRsaJRH1hstajavI46xv3GCF - ILhitEd6HbDMrVB7QlzRRUwdpJN9/+PSORRK8PejiH22+vIWnMqiYVM5fjoJD8KO - rPZjYnu3b+uV0I1gCQmp11+dBk4sizxr0w0bDNGJ3hMzg/DMOqmJUK1atXg9ooBJ - XwYlVFHj60TS/3so20EG56mYEYyNyds7yY9N1mA1S0SyWoIXtJbEYYriW0y7FOPd - f8kuLp670IJotOglJThq3BP0ch6LxL1DpV4E4dhsxwq4zbujR4H4e4Fl15kNj3Ca - vtCo29yd8at4Hmct+sNyFuX/zGYLZXrl0mKnQq1K22Ot6x0tdQI0kSijg0moUpPp - d/hx6jeSw2TFIhwm2KhnNWOsFSbmREJ0L/rJ2yhunV4UTHfjqq3eKFI30wnC4On7 - qM1u61sEJcULx8Df9yqnRa+PUnltlNuswFBJw5jZ94H2k0CWXAjtfDGO/aVjD7QW - bGngJdxu8+zNhCEyO1QxQQqjY/dFSxwzRlv/jRpD4ragM6AgWgRehqrVwut9yMjx - zf/hq4XeQueVntCZ5UqgusT9zcwZU7cGr4Hl+EeMftNyZ7VzIUfRZ7pv/pBSnwrS - XgHjRqAMR/c+BGmsRUqE7xmwL3YlPCVTXvHg4C2JSruiuYOzeSnKGy2JB4Yq/+wM - auoFgVhOuuwZCerXiTNc/Rj6KF8MmHtpqu3c/NCY2rYsaN3tl6jvm65YDy6ji+4= - =4+eJ - -----END PGP MESSAGE----- - fp: EF643F59E008414882232C78FFA8331EEB7D6B70 - - created_at: "2025-10-13T20:10:58Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA6EyPtWBEI+2AQ//UYavx7nbBECdEhDefYN1Pk1ydInIBa6MWCA7GGNoVX8P - N/KDvuBwJGSONY9x0/tpoBRYuLdefDIkfnHXAMHCKPDjyTuFHM7WiqJRNUaChnMH - j73ecjWB8kImCNA+OsDwSYzs06t3BOuYPauH0Vaba1jYN5sKx0SeFdQJRZBTPZkO - HVR1DVGvSK1jd8d9synPJ8ltvxo6S+JYM7dOHoVI8i0Shzrn+HFg32s7ZDLbIbau - F7D4BjzTzdDX8FvT0NJO+Yqhk6pdc8586o9bO5wzfTTqsEEwTaXRrImMa3K1pQu6 - 6G/6F946bW70ie0HmNrzt6gUnyCWWM8Oc8gtyNG2+wVyz2Zh5ttCgFkvHF0sIyiS - AV4JNGVs++RZUmEfxkr4ZfMCQjYToG8RFTQQQ8WUDm/t1OJIEo7lnupLuvWadvwO - XBatyEfUNqncY3pFUtEcjWYTafZi+FQteBNUv4c4JNRtG3efFhzvxJNXBfqVXIKe - 7Uke0KkhG+HOIBQvWc/7JGSA8vtmIuGCOD1aDaHfwFxVEYyBnu/m3H4yt4rOaUsd - 61/XY48drYrEVXyv+4xxV7BG+HaX5boKgI2i+iqZdhdf2Bbbp/PA4woUVQMp4pLP - 5c8vidwGtZwS1dhOPoUXuYElkMgFUV+kPfQxTwT9RMsB1uYcsL+2e0TcOUQNbM7S - XgFbt3ySJ32ovWkpu2OqctN1xBtQ3J3FeQhT71Z2mPmnauYUGQwtTPUQVidpJDI5 - KhOwgDYO/ZXxQ6P3faG79gz5cGiKUcbargOISgQrm+gSurxYdg3YCZase8+CwwI= - =cBUH - -----END PGP MESSAGE----- - fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC - - created_at: "2025-10-13T20:10:58Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAz5uSgHG2iMJARAAqo/EQcO7Bxq5ahIqJJKfUWl1fUYqbXDJKUsr7peoHGQd - dHex1kkerSC1HTi1Ua9uLdz61nZkC0gLG9jl5Jfa8hBIHpsygMWdFM8TkbR/rZQQ - 4f+HuiN6ZGmKankMnuSs8nCdqkQFTiMVItBGxGQ3P6cfkZvaxQ0M7U7OVZ1H/rGt - qkvu6IdcMLfuXnfEyI02bH6nhA5cqcuVdXiA7H+av/AgZxHy6RJCbrAhihNiw5zh - HWzYD0vt9o4U/5iOpdpE+0gMdj9N41bWsXcDvmhd74HmXdI4mKwb94MB+CTIddaj - UXTfHeJABVtUSEuq9jnRW5kUKcJl9kZlFbcy0as5tizzQ+g3M9ukglziQU7hm6zJ - EIPOke5GOu74r5V2wg6Dip55Qe2AQaY7fkQz2m1dDmb2dvakaDzdZ1/KYuIQ1Bd1 - PM70wPsliUsO/UAxvmgtGvEDdZvHBX6C5Ib70DkHB8A0zm43/ZIvB7l3mVPoX6TW - ZZyH6hTHvF8NcX0XA2sOaP054GGpBzVBqG3I6NndbOeHVq59rN17c6aSNGE58wq5 - G2M4F2nX1fGILxXeGUJVahaib7ZI6DIr8u6BwFGMLr+Td/fUxMD2qdar892NzeCm - 8gC2v8kwjk0cQp1hv8bn2Vf4TjwR7V5++/qYeXzOd8cQHE55oYZa9GrJ1SLKGAbS - XgE83PddEBkjuaJLjOloXr1M+rykoPlQ1+UtK5XVW+Kp6EC8JcXRJ35XiZ15ScIj - nLZpmjD7FbSr4BthLf370LaClX+iQIfPSaDd0DhPx0cbOzsK4vIsNX8BeoIPa24= - =dRX2 - -----END PGP MESSAGE----- - fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5 - - created_at: "2025-10-13T20:10:58Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAw5vwmoEJHQ1AQ/9HwAW1OlLo2jy47Z+KdRPMMx4EhcYGJKgwxnL0/pzDRod - TDwSgfas+MsDhx0fx+drC8O+mzw79xGmHQWAEHhZ6EpZlHQRsE3Sn/8nCam0jQ7l - LeKCyh5MK3n3K0MPzgis2DxR/Y1LOaBnIyL693MCHy5xdB+kIO4kFipWtGlzbUYQ - /SUUhLXBJv+GzZuEtErgvhViW5cy3xoKoPRzeu6+3tj8rqye2h+GuMl2c171uh5G - jkGZ8RzYK6R50gwPT7J0yVAEvUbilSNi0W4k+cBg14WRFC8CnMtGngV0PsZxbD3+ - nk0FgTeUq/MAPos6blXzny5xKfQ88/eqX9UVB3VW2X2Gqrrd2WA1zGYwJqxcCqS7 - on+VBjsc+uObCJXTyYH5hyJUtoD0Ed+GxvSoGDiwcmhs+6mvVb3sANTLYCXo4J75 - xN03s4UMlgrzyXNhqL12zlshth6EKD5q4SjQI28fOWgsgOlpcDY+QI8dBMDOPm3H - mbd09lbvquSdGTEGkCLOGOAg72Ph/jWf65+yYnC7hPCaRxI9K/bfbVU8HQ+rJgsC - D7ckDKMcTu7uYhFnzEsUqTe0aNS6puuKK+r3XDi+JM3bG7R4AjsYUstj8AD0tOY1 - aEaxnroF18Cr4BrguFjgd8h8waK6DfxAiG53a72v/mNkcXtKOrm7zImpSPEzQG/S - XgEzCBftKE23Xjg9mzl59muw6+L8JMDUAFWmB7npL5DTqGpz31cpVc6gihlrSiMO - HXVCUm/pQAJVCdXTqxsjkQmv9hQQhX0wIK7WVxzqAM5R/YzBP/sGgUeGhuSfJkg= - =AR6z - -----END PGP MESSAGE----- - fp: 87AB00D45D37C9E9167B5A5A333448678B60E505 - - created_at: "2025-10-13T20:10:58Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DerEtaFuTeewSAQdAG+nf0X9XiYVa6T7YWuwocUM2FKyC5ZzkBepUimI3G3Aw - LJ0I40vOoEfRoa/q1lEDuizyA4l9RG8EVwi+c6yAT1OuyqI8QcRCwjrzvQoCKTDc - 0l4BwS5IX4l0/BvSP9F6A98s7HjWwNRInLQNhgOTHgMppnjJIDls9QnKjlnwKReN - 1DwniCgRWCB4UQrP9O4kla74RItxaqJMAjo5Bjwpyi9UsyHppp+hOMLWamMhqT/J - =BL/2 - -----END PGP MESSAGE----- - fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912 - - created_at: "2025-10-13T20:10:58Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAxjNhCKPP69fARAAodfqlZG5jgwmQrY55giGV+U+UX7xHSzXhBqZXcj+mMwY - mF656+UizvKgyDQu1IkFJA1Xdqmq59qPwOSDWUpPCxNXUvnWnoQ2klZVLUFcPKd3 - N9851Kd3q7BBcTDqIJvDZaHNnThyc8/x2Z4X6gG0+F6xs2CGsvtgw2CUmlf9y9da - QYVcEZVl86Th6d0GXXM7VtzVxv7NFb9HhGU7XlvP1sF59d7BqST9pl0CMHfevkAa - LmTGlr0wLZtOAvbFIHXdI8j5nPSzEJorBlme0q+8fGFOED3tUstvJ2XPgdqKcsGq - PFZ9hALTTraatZchDhBKusOaEeb/YQ26W/OmU04JVG6CEFjqdsuwee5SubTswYV0 - FNYdivJdVyLiJiRkcWyjOZdbJ845EApPUYap46RHxHDv4p4MionH/v4FsXRrX7KX - Gcp2LEuv5uhJfYsJ0XmiNXyU55YGsRsNbqM7mIR+gmBOA6Cv6/+HiiYaDAPmvv/3 - ZG/AsHfBgxpVSJ3oTB+sNeiC570kdZRDTtNcwcDeozpQiZGKktcrYQzzltvYhE0o - /KdtXScTs/wDOIsfFm2SPj02gFFvpn44SEOu++EAFGEapv0cl7y1vprhMXewW7Fw - H9YW+P/BvjbhI1p8GHY86nBP6UG76uTlb4Dn3GGkTwhTS0ax3iKFJleHGAiskOTS - XgEhbRzzb33cM1LbxMaOM5ap4YowPuymr5EPqF3ZZ+3FrX8gj0OabzpjBGF+aV8o - 6o/fFbMSOTUb+++jmejtnvpl7BsyIDHuAjEmPEswLjYr1P4pI3Cdg70MEZCb2H8= - =FKsS - -----END PGP MESSAGE----- - fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55 - - created_at: "2025-10-13T20:10:58Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA1Hthzn+T1OoARAAsGw0iqjlsDVLy20bFGiyXP4urrmxEys6x4+1/d0zEpuj - mnjkM7MCht4O0i15Qc2OZNFOExwNzAYq1KDeO05MaNW0A8UCi0GmoVTK9RsTy5OA - poUWQAr1pGJ5mCrrGJRCOBdXqxmEskW5HW/43r7TL9X6EnSRyjJNPWjn0/6IGG9Y - OWHBnMWevhWr4Vdj/LSQhgm/3TuSSd+cBN94QjtRsNcscTsGgZ6I9FZIBwSu8QMg - 2R6LZlLpck/Kq6a4k3Yqm3yqh/bCxkHyy4pp0JHmZJs7BMhkmyM+h5riclHN5bjh - cafMw4HmOm2gNprYmWHBkftd+9iDDfjkL0azNs5EZ5A4QFwsFayqGmr+c2bazifb - KmNO7XoABubnlhe8LuI6d//hiMJB7iKeKh3NiAeRv3PeCVo3F0DMXkphtF/POMfY - LiEenCgpuV+S8Yld0hFxxh84abMKyZqasSE7IoU6I++Ti0OsK5ZfEUAdlE2Mx33e - KC6QPA5/eo3i3gvOb3nh5XBys6lInN5Cm/J0RhuahZH2L5R0UEj09at9XmdNck3u - TnW8vSf66p3FYDuEyjNOq5WMwA1rVnuHHIx6cjBl0T2COhRFHk130qfAv5Flzyoo - HkSeUfoM6Rt1Gh7+fLP/BvDG4Jc3PbLVTulAlO7+k300oHrBjXOSkpqO8IM0CATS - XgEAomlCqti55GbMR+lKgxVDJ4kXeFEUg7CCptesHkux3eDFcxmL7XbgIrlJvh1a - DYMDeIK/okQhe/W3mMcF68+xm/Yit6I24KODBxagTCe7ArBy9N67Tg2Wzz//Q/k= - =uZ8i - -----END PGP MESSAGE----- - fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD - - created_at: "2025-10-13T20:10:58Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA46L6MuPqfJqARAAvL/LzRFhGCXA6G+5aW6fSnR0dPynX5eM5BigDBa8VYAM - x5hbt4GOblXrRVS80YRC+rppuzc+UemzlX6aZVbgWtgARpAJNAh029ZdSJNwhFfB - LGyUxvErTkyJZPTHC7hd1B0kdegPr+ZZOvf/oZVYJ8NRlKAIBk+ahmrz+xpjDI/W - Cy27gShHmNBiuSF0nS50RzE1KBW743ERYmW3qVetWgyQuqHh4h7W1y+YkxgzSDFE - qgQr4t9g7+saq2zTZVq/TmDRH266mGtjOWFxw/R17gR6WRykU8qqPl42NqsvH/mV - 0kDZKZ9YTkDJB5C+vr8AbpexHxYzxYcBudgVTnlrB60QCV0x+bWl8xpgtCZ/Gpxm - 7A52rnA1ZFZi5uj3UQQUA/UyRRLTMdu0w+KkVCxj95OdgG9Ul4D8ex368E1N2JnO - eu2yF1a5atswxKq08RSFiL9ft82PQuh7ZdjA57byOjknb+21gcjoIGp2VYFqxSko - bLQ9uw3oMJu+AWYHZUiA71zeigrEz/pW49BRL4KGTq7Ik6nzduiD06/Td0B+4XEo - xUhsPLnYLlQ5F1IvFPq2FRl3+ZPPR+qdaBR2CCbLoAjSusvAg3z6pQ1D+FkYz2aw - 64W9lYBDrn9hd9sXbVpoNMV8rqEv/lrREueYdZ6doiQn8WVDcfwbq7t9+Y3lawbS - XgEmGkxkpyiVRtjDCSFJpRCA8jRdOQH3+DTzb+LPCrKOs+ibKztXXO2wz8nMENMw - yBBednsNcPNcE/fDXXnRRJSEnsbnROmjnVPWa1VTsaVilGW0dVLCPwtMDpqIQEM= - =68Sf - -----END PGP MESSAGE----- - fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A - - created_at: "2025-10-13T20:10:58Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DQrf1tCqiJxoSAQdAyB6EqNKBRibDLjoNJQa0j+H+b3o9kHcqsSyuFIp9ClUw - Wq6E+kPd17DtWt2PstpcmYGfnMl3LnnKvpReObUNQeFHgCG/jMLVCQtqdWcu5YG2 - 0l4BYZMZ0h70SKMX8GD5TcqPmiO9nM19beb3EuGHvAnUHoLryQd82DhTPLQPhJ9Z - o9s7V6B+QH2wlKURcINADZv27EpU1BGQX8hXqdT9vF+JKBuNMv4Y0+svkCB1zJsD - =UPAZ - -----END PGP MESSAGE----- - fp: B71138A6A8964A3C3B8899857B4F70C356765BAB - - created_at: "2025-10-13T20:10:58Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DzAGzViGx4qcSAQdAyghr3s7Dt4ZC3zZ5J6JQQb/39WeKOiigIMItG0XMwREw - oTRbAgrSD/CWSGTgoMJySH2b7yeJ+bD2nvXHgNwvPS0QaJ199pjUZhxzzOIccwok - 0lgB1/nSHdDSfiO+VzbNdhK+dHgnC77dVbkmjYwfCsDgh0j4I0IiExX6cLixA7n4 - FOvQJmdM5NYOTouAwa0CAIpDC1WkDTZ92jz7HUVuz/OJxQm5RgfDSqdI - =vhg2 - -----END PGP MESSAGE----- - fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD - - created_at: "2025-10-13T20:10:58Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA2pVdGTIrZI+AQ/+Pw+aOaC4FzDEBKFnInfbRJDkJZZcmdmtTYB4L6u71XyO - bQwqjyneXCKK6/qtFSY3P8dTNbXZ6q5H+pB4LDrk2czW25EOYWSlkxP93BR6lB3e - gqsTelVjpH8Qs1B6IG6P/5Yf++7hOu1qKo/fxnqjsCYpmqetwyrxImAR0kp4w/pC - kXtCi9BIpwE++HxvZIYB1oB1+fOWy0Byo8ugjCP+h/LKTjFNDrY8khPRt9uOY6L9 - LAyOFHagyMVxMs+cW2ihObO1ko4f6dIXZvmD99WbkCtK+vBsKX8DWQB7aChbKXFw - L0QnWn1G1Rvlj7uSCu1LVogdZuB6t0hbLFburPAURCRgHiZroDqdJWYQLiB16MK3 - kV8/oD1/PN2H+kZOmy38Wj0UiaFLTn7Q3ejOlahN+7OOhFxGHFw2QDikrh5+xmZv - CvHeThQeCDdDy1pErqTZ9nP68y7+LKpQ/gjyxrfPMJdW4n3kIqihk4yfxnQDHM+w - DwJeRc0tIwV/hdCobWf/hetGw1iguPWQLCc3R4J9INaonj3rXb5yG5HCK+KgqoQa - RUKUjx6hbCR/bMpgGveG8O2xTPezRlXipXrF8wZSp84+3EydO2018z6EZ5A2fKLI - F+34M07zg0sVRQhKJ1qryIsmG89NabH68r2JEEayMrHpisBKnBe3Q/n9hvX6ZDLS - XgFYAgB+TJkdhCZeiwcQ5SSlYpfVlg/a5DJ6MVc+OUfsoRNczCYwqRwpR9mlAJqo - QS0E4qhIIhM9kAtBECPqy0eUay07PauC0O1Abujq8DQeRdFwnYh04j6GSzeSnbE= - =f3En - -----END PGP MESSAGE----- - fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533 - unencrypted_suffix: _unencrypted - version: 3.10.2 diff --git a/inventories/z9/host_vars/dooris.yaml b/inventories/z9/host_vars/dooris.yaml deleted file mode 100644 index 5813e3a..0000000 --- a/inventories/z9/host_vars/dooris.yaml +++ /dev/null @@ -1,15 +0,0 @@ -docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'resources/z9/dooris/docker_compose/compose.yaml.j2') }}" -docker_compose__configuration_files: [ ] - -certbot__version_spec: "" -certbot__acme_account_email_address: le-admin@hamburg.ccc.de -certbot__certificate_domains: - - "dooris.ccchh.net" -certbot__new_cert_commands: - - "systemctl reload nginx.service" -certbot__http_01_port: 80 - -nginx__version_spec: "" -nginx__configurations: - - name: dooris.ccchh.net - content: "{{ lookup('ansible.builtin.file', 'resources/z9/dooris/nginx/dooris.ccchh.net.conf') }}" diff --git a/inventories/z9/host_vars/waybackproxy.yaml b/inventories/z9/host_vars/waybackproxy.yaml deleted file mode 100644 index 18540ee..0000000 --- a/inventories/z9/host_vars/waybackproxy.yaml +++ /dev/null @@ -1,7 +0,0 @@ -docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'resources/z9/waybackproxy/docker_compose/compose.yaml.j2') }}" -docker_compose__configuration_files: [ ] - -nginx__version_spec: "" -nginx__configurations: - - name: waybackproxy.ccchh.net - content: "{{ lookup('ansible.builtin.file', 'resources/z9/waybackproxy/nginx/waybackproxy.ccchh.net.conf') }}" diff --git a/inventories/z9/host_vars/yate.sops.yaml b/inventories/z9/host_vars/yate.sops.yaml deleted file mode 100644 index 19853bd..0000000 --- a/inventories/z9/host_vars/yate.sops.yaml +++ /dev/null @@ -1,210 +0,0 @@ -#ENC[AES256_GCM,data:Oc2DdKVMymwkIHbS84TeTQY=,iv:UMhNafqQrHaF5iqFSev6D1uqHPFpKQTkOpYV6JncjsU=,tag:mAmBMyGdzER3hkSkV2Fjtw==,type:comment] -secret__yate__sip_trunk_epvpn: ENC[AES256_GCM,data:BkdNaCooUjsDlCXJ,iv:saO4IGsz1HAinvW5ZGAMA4WEtBbo+UNdfBkr0g29uag=,tag:t8RM0GNYhl1w/RMNO8wKbQ==,type:str] -secret__yate__sip_trunk_fonial: ENC[AES256_GCM,data:N18C3XZHIi1/IA==,iv:vs9dCYNRp+1ptxRajdUO5ODTOmNREJslF99xnFL92XM=,tag:IUmnlPeRI1WTRYELzZRk/w==,type:str] -secret__yate__sip_trunk_fux: ENC[AES256_GCM,data:zcVxNjyS3BE2dw==,iv:Prmy8nP1yeFrVI5mQaPJPKHGFCzuZp84f6fH04I9zJM=,tag:X15wqvaaifMU2/kcqLqUZQ==,type:str] -secret__yate__sip_extension_ewerkstatt: ENC[AES256_GCM,data:qbatVvfXZiUcpVnOJUpzYw==,iv:E/fCmKGrwYvQP1gGvwT0UrL0DZ/PcMwKG+NteiukB5M=,tag:PFmU0DX56+IbSQqMtY5NSQ==,type:str] -secret__yate__sip_extension_fritzbox_analog1: ENC[AES256_GCM,data:+ayQ6P4P34D5hTNOFv3HVA==,iv:UD71G07Z633mDmvnJVei9SKgHyM+JFXJdtOhyBhvKGY=,tag:0ISsYGQCIMMgToLWA09JwQ==,type:str] -secret__yate__sip_extension_fritzbox_analog2: ENC[AES256_GCM,data:DbFmTcZ8wW2fqstm09yUWw==,iv:jKUqtSXaGF/QpIwPJ6hKQWZvv9xtZeIQBiPHt2xm+3I=,tag:MkWzODFnWZc8o+pVLR3KJw==,type:str] -secret__yate__sip_extension_fritzbox_dect1: ENC[AES256_GCM,data:87MFTNA0DXmfhesT/M++ug==,iv:qDM8HWZhG9FADLFNPRJXkadN2jXD6/CfroDShNPzA+o=,tag:Ylf56nCczEdDaOGko5GrBw==,type:str] -secret__yate__sip_extension_fritzbox_dect2: ENC[AES256_GCM,data:KOUKexyzJqZPj1HKJxFl4Q==,iv:OCChQmSF1s8C/VYuw9D3hHA1CAoCnwC4adyTpWO5Iac=,tag:VFFuYi5Nd49ChU1Ki/nHiA==,type:str] -secret__yate__sip_extension_flausch: ENC[AES256_GCM,data:eIieA4A/ZmU8e7t20xwmCw==,iv:oDMgZIjQBDcwIVPK4/qIT1HyQKc+vImdr1iPZE1LEn4=,tag:RgS+enGC6DP6dwE8u30a6g==,type:str] -secret__yate__sip_extension_legacy: ENC[AES256_GCM,data:gC43eKUOAYU9dgNV1JQ+nw==,iv:xN7aad2NPaihlMT4Ym2xanpKU4eX04V0FS4m6XRgZFo=,tag:Oq0yBCSf+CB8Xkx4D4TH5w==,type:str] -sops: - lastmodified: "2025-08-02T07:43:00Z" - mac: ENC[AES256_GCM,data:Irv3y4/QbofyM5BvE4h/T6zNF3A6oTjDssMOcqmGxUOGpqL11Am1DMHBivkUgEYe4ir9N0kvPUmed1XOyDwImrl06E1mGAT6hOlfVSYKtZP0Pwvi4VVeeP6IAYN56zu8k4X8oIxv7AEfS3Fq94sJ52Fd3xDPPCG4aVtUXxxDuwQ=,iv:HdqbgUVR0lIysZnnPkOkW9gDp9G/EOrHDkwmQH6LVKQ=,tag:amVPLxjvx1Qtv+v27SGtGA==,type:str] - pgp: - - created_at: "2025-10-13T20:10:57Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAxK/JaB2/SdtAQ/8DrVTO2xvkFg6N4Klvaii4KqEgm5h9Vdqb5RZWXIKXBsA - JyW3EANye3lI3/HKkEztbOTDZ/NuL+4pJR54+KUFq+C768cB+JEZmY9IFOXGN0mX - 0qPYzAbls1v0yDSwBHDXj5Yc59CT7XK8rYudJOVTZQbsf/xM3wfGh4oXmFBmyCkF - zcPyA/L28jmAeKrXIIi52V63/3ipCjAzh2RpfrGxISi5F14mANToHAp6KWsin1E7 - rj2wcq3F+UIf0b1iRlkTAwTA4C9Q8TpzZDEjKuO+Kw62m8wa+mgPDLkxbsUmJs5z - gM1HADpQrb6NtaPgXBTUL38+MPq0Uz6B18YJbSVydJbJ1HXFMpaPJCLE/5V+2+zA - 92XxhYu+fV7NaL9Lw652r4H8ZErZLvVDfdRkipeIh7+sQvBQUb6AmCSKZUo08CtK - HBEeuF6CG2h2jlisj4eRDjbB5ognoCT/kAxOYXN4Vwf+ycAKX7sK0odQ81FgOpsT - psjAkAJLE1l9d95bMSaO5uyMD/uKHbvlHJ/wk8X5AHabSI5Hy5zK3AKkJlgKO/hK - q50BkVaHHZFThAPRSzzBjRsjAJhuMi5sdNaG0Uu7S95+Y+hoX/2y7ZHmdMYcRY9O - XaeQcO+EDxF69GKfiK94yjJL2iGjoIX4b6LlCB1pMrgWulSGey2Z9xbZF6CYTVjS - XAH7OHW6r/Ru3Hat4XTFwDi5Gox7MrAsv3JZTL5r/CD7bRBZ84P7PRHWDFfDxgbJ - 6tAQRD2whP/3GG4XvVs35SJ5vkk0qEdXlvp14ghPfmphbDMN8JJK/efzyyn+ - =5kn6 - -----END PGP MESSAGE----- - fp: EF643F59E008414882232C78FFA8331EEB7D6B70 - - created_at: "2025-10-13T20:10:57Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA6EyPtWBEI+2AQ//U1w+VzucTyOBNrttljmFoiF81Oh2180qVNwH+PIJZRsf - p9SKR5y/l/EOrQHC1KR1ld+M7fMnXxrDKhKhyvfC9I6w+XNWqHqqVNA7RYTWuSCI - c2AuEyWKWXpchQE2RK7hA5fdd47TmFfXmohSdw0/TJF4LfSG42Lz+Du1b3nyKXqL - leWXC/IP7gsGBmQwSFrecdoQ7HK60w06xiEJSD6XAY+RhuzGK3mOjw62eiBqb4MI - Tiptkmw/wCvsayJqIqAssVOJPprPzBl1i4hfr6SNFPS1GiPpaiCjkbQmqY2bu9pD - Jau8AyRn09UV5VJLmb3lOiWKlyO8VG91Q1R2xqGNp9jQtbrRBr3hVQwsdJC4WGV6 - n3VUKhhJ6AYaZHhcfmf+aYVSD/SfOxTWixAfv5UAVLtNqsVRS0qeCWC+lsd1W+U/ - hXORfrv/tipnnY65leWrePxhdpFoub78pMTpNbipwufZgMPifm54XzEfMTrF/oq3 - rzP8RdHs8+u0gEyn2ovIp1yKOI+b15DTVyt6C5YRLw+JeykcbtMRDDnAKxN2F8j5 - 5iY6Ord2Z2Eg+jBvrG212IroI7yGrXKfRLfCFYM2Lpd82PUx2sV9+xZH4lYJ8flc - oeA48lUGcoVhEEmWrwl7a5mrdST7HGOdZVBFJIr78Qo1FNMn7V53yGbAbLGv4KjS - XAEsOsXNdHVCaBWkm+rFJ/HrQ/6FS2l9jN7eO7SyMUZmceDCjgoI8LUSuZJ4qRI+ - DeD34OHX/nlaN+2iUNq2VSJgTNJVWBIlJndusXuzSKI9TTVVzSYYn8Y8sDpb - =zTis - -----END PGP MESSAGE----- - fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC - - created_at: "2025-10-13T20:10:57Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAz5uSgHG2iMJAQ/9FYNXETmqENgmxKuHXohSN+WU0/wblJLwQss+d7AJnu1I - JpcglLu3K8w/ghd9I3BfrUDHrYyRaGZ8bsTbPM8/lxV51dWbQd17yYGYtxwamgV2 - EY5b32l4w6Kr+QclO5Z/lmNA5Co2WVLkE3tATO24cfuNcH9JS1paVijaAkNXb/8E - ii56vUYZessPXus8Hbgsy4bF2ot4Y+h4dNHJ0u2l8a0CwZ7pa1TvXqtm8xnt/stJ - lOtpXFyCXZEGvpNGJkJxEJHVo6WibdEhee+GQhGRsh98eZLPE2G8gmMKXpWJx4n4 - 83mEApQGrL4e+Bnxh9XDLs7FXyMtDEcsw4tps2VEQkPQ2PEOEOZXxJc8OxsV1aGA - CWqczWK90/tI+ZNu0y5fEs5jkWnc66Zvu/TkoUpgmZ3cWOewfLNYbbZ2k2/kLUX0 - JVnrNQ41KD1FDVuVHin7AfVjsdC4Pk3QOZQuxumtmhbAi2hpaBB+KJOYcpovs9Sc - 4A6l6ZXVbdgyy6PYqhgEI4A3RnsKoI7Id2t8Urm2kOMAqpqnOa3K+KfsglLyssbW - jNN9rbtDA3Nj0etGGtChE3sybt/G3kDhm8IGDPGlExS0lXuiN9WNBtzxzwgMchVH - PqpvYaHYwFZ34rTe7wy5681Ss04cFsKJs3NiUFAbmZn0gaFWqPEIewbo+PMVMDPS - XAFapF7QhyZwom2515O5m4QqxU63ZIoMRQKBjvsRwyTnJqXXVab81vAhX6iq7cqR - 2QKxuhNIKAvrLbllJi1a1pmKQxtpRBTzLJjplB+QBGgTQZQMpxQ+sbPL9GCc - =nbQL - -----END PGP MESSAGE----- - fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5 - - created_at: "2025-10-13T20:10:57Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAw5vwmoEJHQ1ARAAxHv4uWEGtDZRrwsX9aiNS8NsQC/1ITIoY9walqGsvhpU - +s4yOo3yGDbjJIrkWDdg7+LAY2Os9acQTxy3589pyDSMUEo/0wKonYfrebBteXiw - wHyu7hXBTdorb3OMHqQxm2/aettqLDHk7H73Hnd/nrFggxpVlYzpShq3vYXCDEH+ - OhrwNzTtKWv5hrvO5L+RLBcKbJKbtGgLnu1ybrWsDGAf5np0NU0ogMQmHjMADjzq - jqvaChv/Pa++57NorJILIUAkb4DWI4m6WvtiAbGBxAad7m36s9kzNyLxjU36B04N - mQNrxF8+F81wuVpGXIEPDX1XxHAiDeQR6a8IOMvy5OhADqoobAFDh+cejzxPt7ml - lqzugaxMqFGWzesgeExwTCTaORr28jXOcLWo7gzZSBzgYkfe/7HASviWgDL3Y+jH - j0NL4hIZ87dCjY5A63qa56gWqWrUjn7CmjcROX57+Y8MNHYoSrGKnuVhetkZriRm - SPvjFox7HGLst7aALxbEyqXj6yQaWXi4moGHImXUA5yWKxTl3ZCC++wq88mBVglm - U3fX81XaZJXNnG7dtaZPk/om7MHA67zuy/FIXSSxVf7wyK+6cvtWoN2HPzleVXie - mK7OcFKmzax1ojgRNLmcbHQcdJoA4nK58AnQbZvRJDw7FQ3b9ainTBe2nmrc9FTS - XAG24SqSunZHTfNPha58wB9Tz8eQ/CmCfodNsClet5Nirj4ZAzm85YC8z4iLw9PN - DEXqWw/GUs6EYGE0QYuqIUiNMEnowcATsXXrTuSVlX/FudZ7nJBuLG5FqwJ2 - =dCvy - -----END PGP MESSAGE----- - fp: 87AB00D45D37C9E9167B5A5A333448678B60E505 - - created_at: "2025-10-13T20:10:57Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DerEtaFuTeewSAQdA/J3hvNw2zIKpSydLiXh7RKFHOCKcacZw0xTohfwHPCEw - INXjpmaKQTX1rE6qAEPpy7AAXuwrAID73QZFoOkj6j8fUexq6UIF9ov58MKy2bgo - 0lwBsNGWUkhHBUXXCOs6JfUR4KbVQwLYxWTteFgqDUF7TGvK4sFqjUyhN0MA7LSs - YNxuobepZ0RFxG+yMO4wZ468A6Re/DlM0hsUIDeC1uoLyhJZy+WipS+YQW6jAg== - =1evm - -----END PGP MESSAGE----- - fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912 - - created_at: "2025-10-13T20:10:57Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAxjNhCKPP69fAQ//Ts4opuQ2hl82CNDoi0i53p6nXFLJQ2OuozZ0C/8MvqAD - rR8GeLKBBhCcFgMzvzKeQXr5kbPFOMtTFo5+zAMj7m5Dr/WIlCouVRX0xGVBcRgP - 5XtWaLJ66+5X4y5ynI9EfcDD6vgOoTOmu0vp9QYrzMuOzMWzLWdjWuClx4Zz7NCa - dXm3FXJPMl9BIwKlOxDeM7w7LYCbGhj8XivSfMdZFh/855rN9T+PeBPpsalVgw5v - 3PQiFPXLvAq+Dj+NW8UqVKE5GPfZQj5eFiwMgA4gnuYFxKW8haJebXiOP3dqT9EV - 2wRYQQXLhRKBt4Pdl6esZGDz1cw/FDW0G5+aEg295tV3VIYptyeVk+PF3ZZx1ymw - gC46HKXj3MZOhSXBXeHeFGbHoHRFEETHYXgki5zdJvrDh9DUvaXWmx62Luf8u/eV - ao7wXO8zzXFWNQM1C2/bFRlAj41pqMKESeSPrK+BTFTeaNTt/XNQYxBqllcVICA3 - jgvhrPgZaN0DzRs7+5RrDAe0yAc1Zrs8QC1Y81CikxG03PvBIyFXRAXz2BASN+Af - yzfwz1BwEd0sQxYKSKToK86JGD51edvYi7z5nETGBrQheJSU3MnqOO/yFdsZrvtb - HYk77eqHuif6ZzfHylUVHEoS+nyUjgsLeIfMDoQUdLcLAjn44wp0CXRHya5ZsZPS - XAHD2X1aq0vs7qHG3czvG7tRyFK6+aQ6PCWWCF7IiX4fagPMW2eD1li+uqdu1UPM - fanXEfibFnnpPMQG4j+W+r9plwUv1fTP295trXNzKcBldNqp1IJX75gz2MzC - =wsfS - -----END PGP MESSAGE----- - fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55 - - created_at: "2025-10-13T20:10:57Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA1Hthzn+T1OoARAAtM6V34YykAdgHBatDCQOqclPueg6glMsUXqsWacnl1Ui - fOYdy5QWC4Slhr+W+x41svrKDAVncxaYrwpBddi+KYjqh5eWY9S6dxhc/8ni8+Sy - 1TwOB4jPt8U9txPxrRlvenHITXMHfbekjkYT6efK6ougO/Au9hXJOc56dGAoJZOP - KLUGUxES3r69e1FoE7JlFJ0NDVEzF5Ald8l1DqTQEBSvVTPGWTgig0K2BnFg77ip - AK/P42eQktooFH6YEeFmgQ4O0ti15xyEkbMJ/5hg46FI5K/GwjpsYgVsVo3gvrpe - Uw/z0f5Fkm6JJ1YHpycSu6OyK7OmFR3Bft8+57DL0NNadPBlt33oGq4P+r6xSkgZ - 5NSRW98hY8xhnduEPoe09DazeZXxeOY3kpMpSvsYYifAVLwMIAe3oA0USxn7mA3i - igHeyWwkdRDU290h31jkGgyULCXeCoQ8uajF+oknGYTDra4Qn0/pF7igdLEZQvlo - 7Dz+OTiZeECyeIQRuwAv2lQYonCbcTilZEI26RCXOnfIjB4a+nm/6IauovqeEv+4 - LtZQeVTEPhWDBAsTApPZz02WOiok/cYqa20gpBPb4UWLNTFzBRUZHbDsyVuEH3rT - Vgj/QkuVmB/yCje9cNnYZtMkA3L4iNDcLGAqyLzPtuZwleqP24Minu7tzZgipr3S - XAEMuzk/qLMCSCs6sSjP/vKK50y77x873GAfM75cZpSSkXXZPcTFgvmno2YbFDzh - 0/gxocKFefLkXhm4pbrnntAJnnLlnTh7W/tETA22VxbuxUxv2371n6qSwatw - =twII - -----END PGP MESSAGE----- - fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD - - created_at: "2025-10-13T20:10:57Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA46L6MuPqfJqAQ/+IURRSEmFhMSIu8rWrVCjkLH5C62eU+B+p0ve3QMJ8/RV - 3e85LT7q+VW+qr1EOUL+WSL6//jlhc0s6Un/yKOgxLbMmZayXbUS70+HjZq1pIFL - uxmVoBYw8vT8dPE4/u6quMTZQZpn2sncrhHaEek/ED+nAE37V6EHI3ubwiQPv0dB - hPFxm2h7qOJ0/QAyZh3M/kGZYRoZDvBWnMnV0cYKZkj4hWQyq27PjqG8grN7Nbc5 - H8tsF3XoWw0wymKKMKTI2g7/MLI5V3yRKHZNR6kiKc0srSLBSuoGoyElUeFW+MG8 - H1l5Rj7LEmTHXYLGj/zA65Fpw4tWwxM567YkQirdEnh2z/uxdX03aJLkU8qHYiGp - ekMxaR9/dqIt5TO1oT0zclue6IMd0jrZGJ70dovpUglfIk9/OHxTDJD1Qzf/qCoW - VefKWhBWhcWzlEHwfwiygilvaCgOVyYwFNeSoF+Y1teVl/qXx48VG3V2y6Z1VOfL - fncuHkbetyQ2BY2QWSJZNIG4mI+oZbp+YWWXJ4z31l3ng9ujt3eUqZB3KSy3hx+O - a/3l+4lKzNTYFvSNmVdubr37x5ygy+2nfk3g2ww0UOOwS6yiJqU2ZqA3OuTYwYu+ - iHApavjPMg9WBE4Td8BYFxi4VyaZ91GrrnL7I1ytZIhUpMGPh8m5PYdVtUug17XS - XAEZ/KriGSAbovs+3DtH22113/oJhqpp25MJl+tTu2HbL00nu10DoLbZXTQixLo8 - XrSN3EwXcJGpn5mgo7qYwVPL151VPdOoFp1g/pfmL5WeLY+avJb4WumMA80v - =0DR6 - -----END PGP MESSAGE----- - fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A - - created_at: "2025-10-13T20:10:57Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DQrf1tCqiJxoSAQdA73jpbxIMcc3GEvix/5TNwqMO2CiLgN4BLuaxU8sFPSIw - /ssO0s5uEpT2V0U5whKQf+CXZRvLZKXJsjcQRXYDi47yAopdg4LNcgv6rPftp/mD - 0lwB9j89HaTDQ0wIPOiAqG9Pv8CHsKxC1XYvNz2hzIxhreoMh5W2Sr3f/5OHQWGl - 2Mi+CmcoIihoV6rp/RgePZIf+7i/zeYqGbdP36rTJr+X7y+beWxNKot6xCfHOg== - =et3H - -----END PGP MESSAGE----- - fp: B71138A6A8964A3C3B8899857B4F70C356765BAB - - created_at: "2025-10-13T20:10:57Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DzAGzViGx4qcSAQdAcwtuk+qh7Bo86gmUU1P96RHBt3TgdhVfZV4aPUO1TGsw - oIZS+b/Tjynr+npZ392TFoS/JrT/j9A/FK4w8eZ+ICdVwplxGlhfTPlooSdywa6M - 0lYBY+QLBsmuRD5bb+p4zH/uX4qTO5MYNpGUvZBnLP3CHYMW8WBwFbBeqFJb3sKA - DOqjQhA0L8G1sI/tGrmyvziNifP8LkpxaBNUKnPScbMjE5F/7KX2Dw== - =8lLB - -----END PGP MESSAGE----- - fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD - - created_at: "2025-10-13T20:10:57Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA2pVdGTIrZI+AQ//QJytSLyuRPBrBrtirYU2ZTPR22S6FgqI8JUhP6dCdkUA - 8PrZzI2UNJ7mhvXXEq8/nMI2UkZHkr7IwBQuHj0CIqxkxTv3hOK9djGdpD3wtHX6 - 3C7jAEy4LKVUxeDIPv+CFREKNPtxxqbbqtRZHXrxh5+O7+iMS+tQyUb49883DSXc - spxOq25E3X37gAepqKQHSH0A1txpZtMcd87fE3hMJuKblMU/5hW/IiihqDbUyhEz - tYZpSMxUu4QgR5fhf7pIq12yLMM9F3Z4WMtFtU3uh27q//dpLiPfrgBJldTU5e34 - FprGNNyKaLgO2XpQl89x4UXdQ7vTtuH6fMbKJV0TzHdwQXEZyL+XJ4OKG784011e - w0xzuexHpMKrgFekbZ+WwK7otC9QZ5WvPSE6kpIYbh1a6SPESNAEG9BsDNAAYdrd - FWAj7YeO0PtAZkO05oQfq7k0PlAc9kaeJ89K0MtB94QGBdrRcowERJG1cDiND7HY - tlAEHZhizSw45cunI8ICDwNfiO0CPeShVcKh4qzbfKvOaDYZj9bzBCMPF+XgI6w8 - THk3ZwvEIaf7gIEQFUnc3C1JGHwYDBrcCl/cUJ18DxvxjyjWDDR2iXT/86A7foVt - hwmpxuQOSTKujGJtTyIu8n+/lbVbpDo2OLJ28h2TGcXnxD83OigH4cHtpL+7WfbS - XAHuYliyndjEFBvrpEEBkPyIYo8dH3ip6205hAN/wp7cQ7MNjqppGEYN9nrwHxtH - o+leEHXmIDdmvbC5iDbplKISDr0EHtCfxFt1N0IpYQhlwygAv7JWEUpBLGNV - =/LEP - -----END PGP MESSAGE----- - fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533 - unencrypted_suffix: _unencrypted - version: 3.10.2 diff --git a/inventories/z9/host_vars/yate.yaml b/inventories/z9/host_vars/yate.yaml deleted file mode 100644 index d2dc518..0000000 --- a/inventories/z9/host_vars/yate.yaml +++ /dev/null @@ -1,9 +0,0 @@ -docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'resources/z9/yate/docker_compose/compose.yaml.j2') }}" -docker_compose__configuration_files: - - name: accfile.conf - content: "{{ lookup('ansible.builtin.template', 'resources/z9/yate/docker_compose/accfile.conf.j2') }}" - - name: regexroute.conf - content: "{{ lookup('ansible.builtin.template', 'resources/z9/yate/docker_compose/regexroute.conf.j2') }}" - - name: regfile.conf - content: "{{ lookup('ansible.builtin.template', 'resources/z9/yate/docker_compose/regfile.conf.j2') }}" -docker_compose__restart_cmd: "exec yate sh -c 'kill -1 1'" diff --git a/inventories/z9/hosts.yaml b/inventories/z9/hosts.yaml index 9d5bb09..0dde922 100644 --- a/inventories/z9/hosts.yaml +++ b/inventories/z9/hosts.yaml @@ -1,53 +1,21 @@ all: hosts: - authoritative-dns: - ansible_host: authoritative-dns.z9.ccchh.net - ansible_user: chaos - dooris: - ansible_host: 10.31.208.201 - ansible_user: chaos light: ansible_host: light.z9.ccchh.net ansible_user: chaos - thinkcccore0: - ansible_host: thinkcccore0.z9.ccchh.net - waybackproxy: - ansible_host: waybackproxy.ccchh.net - ansible_user: chaos - yate: - ansible_host: yate.ccchh.net - ansible_user: chaos -certbot_hosts: - hosts: - dooris: -docker_compose_hosts: - hosts: - dooris: - waybackproxy: - yate: -foobazdmx_hosts: - hosts: - light: -hypervisors: - hosts: - thinkcccore0: -infrastructure_authorized_keys_hosts: - hosts: - dooris: - light: authoritative-dns: - waybackproxy: - yate: + ansible_host: authoritative-dns.z9.ccchh.net + ansible_user: chaos nginx_hosts: hosts: - dooris: light: - waybackproxy: ola_hosts: hosts: light: -proxmox_vm_template_hosts: +foobazdmx_hosts: hosts: - thinkcccore0: -ansible_pull_hosts: + light: +infrastructure_authorized_keys_hosts: hosts: + light: + authoritative-dns: diff --git a/playbooks/deploy.yaml b/playbooks/deploy.yaml index d7bacac..d7dcdac 100644 --- a/playbooks/deploy.yaml +++ b/playbooks/deploy.yaml @@ -70,28 +70,5 @@ - "o=Docker,n=${distro_codename}" - "o=nginx,n=${distro_codename}" -- name: Ensure Alloy is installed and Setup on alloy_hosts - hosts: alloy_hosts - become: true - tasks: - - name: Setup Alloy - ansible.builtin.include_role: - name: grafana.grafana.alloy - -- name: Ensure ansible_pull deployment on ansible_pull_hosts - hosts: ansible_pull_hosts - roles: - - ansible_pull - -- name: Ensure msmtp is setup on msmtp_hosts - hosts: msmtp_hosts - roles: - - msmtp - -- name: Ensure Renovate is setup on renovate_hosts - hosts: renovate_hosts - roles: - - renovate - - name: Run ensure_eh22_styleguide_dir Playbook ansible.builtin.import_playbook: ensure_eh22_styleguide_dir.yaml diff --git a/playbooks/deploy_hypervisor.yaml b/playbooks/deploy_hypervisor.yaml deleted file mode 100644 index 4d3200f..0000000 --- a/playbooks/deploy_hypervisor.yaml +++ /dev/null @@ -1,61 +0,0 @@ -- name: Ensure the VM template generation is set up - hosts: proxmox_vm_template_hosts - tasks: - - name: Ensure dependencies are present - ansible.builtin.apt: - name: - - git - - libguestfs-tools - become: true - - - name: Ensure /usr/local/{lib,sbin} exist - ansible.builtin.file: - path: "{{ item }}" - state: directory - owner: root - group: root - mode: "0755" - become: true - loop: - - "/usr/local/lib/" - - "/usr/local/sbin/" - - - name: Ensure the pve-template-vm repo is present - ansible.builtin.git: - repo: https://git.hamburg.ccc.de/CCCHH/pve-template-vm.git - dest: /usr/local/lib/pve-template-vm - version: main - force: true - depth: 1 - single_branch: true - track_submodules: true - become: true - - # /usr/local/sbin as the script uses qm, which is also found in /usr/sbin. - - name: Ensure symlink to build-proxmox-template exists in /usr/local/sbin - ansible.builtin.file: - src: /usr/local/lib/pve-template-vm/build-proxmox-template - dest: /usr/local/sbin/build-proxmox-template - state: link - owner: root - group: root - mode: '0755' - become: true - - # This sets up a cron job running /usr/local/sbin/build-proxmox-template using the env vars defined in hypervisor__template_vm_config. - - name: Ensure cron job is present for building a fresh VM template every week on Friday 04:00 - ansible.builtin.cron: - name: "ansible build proxmox template" - cron_file: ansible_build_proxmox_template - minute: 0 - hour: 4 - weekday: 5 - user: root - job: "{% if hypervisor__template_vm_config is defined and hypervisor__template_vm_config | length > 0 %}\ - /usr/bin/env \ - {% for item in hypervisor__template_vm_config | default([]) %}\ - {{ item.name }}=\"{{ item.value }}\" \ - {% endfor %}\ - {% endif %}\ - /usr/local/sbin/build-proxmox-template" - become: true diff --git a/renovate.json b/renovate.json deleted file mode 100644 index f72babb..0000000 --- a/renovate.json +++ /dev/null @@ -1,38 +0,0 @@ -{ - "$schema": "https://docs.renovatebot.com/renovate-schema.json", - "extends": [ - "config:recommended", // Included in config:best-practices anyway, but added for clarity. - "config:best-practices", - ":ignoreUnstable", - ":disableRateLimiting", - ":rebaseStalePrs", - ":label(renovate)", - "group:allDigest" - ], - "semanticCommits": "disabled", - "packageRules": [ - // Create a package rule for grouping all stable non-major dependency updates together. - // A combination of/inspired by: - // https://docs.renovatebot.com/presets-group/#groupallnonmajor - // https://docs.renovatebot.com/presets-default/#automergestablenonmajor - { - "groupName": "all stable non-major dependencies", - "groupSlug": "all-stable-minor-patch", - "matchCurrentVersion": "!/^0/", - "matchUpdateTypes": [ - "minor", - "patch" - ] - }, - { - "matchDatasources": ["docker"], - "matchPackageNames": ["docker.io/pretix/standalone"], - "versioning": "regex:^(?\\d+\\.\\d+)(?:\\.(?\\d+))$" - } - ], - "docker-compose": { - "managerFilePatterns": [ - "/(^|/)(?:docker-)?compose[^/]*\\.ya?ml.j2$/" - ] - } -} diff --git a/requirements.yml b/requirements.yml index e5538cc..d5ebdfc 100644 --- a/requirements.yml +++ b/requirements.yml @@ -3,6 +3,3 @@ collections: - name: debops.debops version: ">=3.1.0" source: https://galaxy.ansible.com - - name: community.sops - version: ">=2.2.4" - source: https://galaxy.ansible.com diff --git a/resources/chaosknoten/ccchoir/docker_compose/compose.yaml.j2 b/resources/chaosknoten/ccchoir/docker_compose/compose.yaml.j2 index 4c9d491..e4ab5b6 100644 --- a/resources/chaosknoten/ccchoir/docker_compose/compose.yaml.j2 +++ b/resources/chaosknoten/ccchoir/docker_compose/compose.yaml.j2 @@ -3,11 +3,11 @@ services: database: - image: docker.io/library/mariadb:11@sha256:ae6119716edac6998ae85508431b3d2e666530ddf4e94c61a10710caec9b0f71 + image: docker.io/library/mariadb:11 environment: - "MARIADB_DATABASE=wordpress" - - "MARIADB_ROOT_PASSWORD={{ secret__mariadb_root_password }}" - - "MARIADB_PASSWORD={{ secret__wordpress_db_password }}" + - "MARIADB_ROOT_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/ccchoir/DB_ROOT_PASSWORD", create=false, missing="error") }}" + - "MARIADB_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/ccchoir/DB_PASSWORD", create=false, missing="error") }}" - "MARIADB_USER=wordpress" - "MARIADB_AUTO_UPGRADE=yes" volumes: @@ -17,13 +17,13 @@ services: restart: unless-stopped app: - image: docker.io/library/wordpress:6-php8.1@sha256:d93a391bc1ba9d2db3e53c8c8421a88d6beadb7b654235ba83ccf9ea93ecdcd5 + image: docker.io/library/wordpress:6-php8.1 environment: - "WORDPRESS_DB_HOST=database" - "WORDPRESS_DB_NAME=wordpress" - "WORDPRESS_DB_USER=wordpress" - "WORDPRESS_TABLE_PREFIX=wp_" - - "WORDPRESS_DB_PASSWORD={{ secret__wordpress_db_password }}" + - "WORDPRESS_DB_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/ccchoir/DB_PASSWORD", create=false, missing="error") }}" volumes: - wordpress:/var/www/html/wp-content ports: diff --git a/resources/chaosknoten/cloud/nextcloud/config.php.j2 b/resources/chaosknoten/cloud/nextcloud/config.php.j2 new file mode 100644 index 0000000..718bcb8 --- /dev/null +++ b/resources/chaosknoten/cloud/nextcloud/config.php.j2 @@ -0,0 +1,98 @@ + '\\OC\\Memcache\\APCu', + 'apps_paths' => + array ( + 0 => + array ( + 'path' => '/var/www/html/apps', + 'url' => '/apps', + 'writable' => false, + ), + 1 => + array ( + 'path' => '/var/www/html/custom_apps', + 'url' => '/custom_apps', + 'writable' => true, + ), + ), + 'instanceid' => 'oc9uqhr7buka', + 'passwordsalt' => 'SK2vmQeTEHrkkwx9K+hC1WX33lPJDs', + 'secret' => '3dBt5THD2ehg0yWdVDAvMmsY8yLtrfk/gE560lkMqYqgh6lu', + 'trusted_domains' => + array ( + 0 => 'cloud.hamburg.ccc.de', + ), + 'datadirectory' => '/var/www/html/data', + 'dbtype' => 'mysql', + 'version' => '25.0.9.2', + 'overwrite.cli.url' => 'https://cloud.hamburg.ccc.de', + 'dbname' => 'nextcloud', + 'dbhost' => 'database', + 'dbport' => '', + 'dbtableprefix' => 'oc_', + 'mysql.utf8mb4' => true, + 'dbuser' => 'nextcloud', + 'dbpassword' => 'TdBLMQQeKbz1zab3sySUsGxo3', + 'installed' => true, + // Some Nextcloud options that might make sense here + 'allow_user_to_change_display_name' => false, + 'lost_password_link' => 'disabled', + // URL of provider. All other URLs are auto-discovered from .well-known + 'oidc_login_provider_url' => 'https://id.ccchh.net/realms/ccchh', + // Client ID and secret registered with the provider + 'oidc_login_client_id' => 'cloud', + 'oidc_login_client_secret' => '{{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/cloud/kc-client-secret", create=false, missing="error") }}', + // Automatically redirect the login page to the provider + 'oidc_login_auto_redirect' => true, + // Redirect to this page after logging out the user + //'oidc_login_logout_url' => 'https://openid.example.com/thankyou', + // If set to true the user will be redirected to the + // logout endpoint of the OIDC provider after logout + // in Nextcloud. After successfull logout the OIDC + // provider will redirect back to 'oidc_login_logout_url' (MUST be set). + 'oidc_login_end_session_redirect' => true, + // Quota to assign if no quota is specified in the OIDC response (bytes) + // + // NOTE: If you want to allow NextCloud to manage quotas, omit this option. Do not set it to + // zero or -1 or ''. + 'oidc_login_default_quota' => '1000000000', + // Login button text + 'oidc_login_button_text' => 'Log in via id.ccchh.net', + // Hide the NextCloud password change form. + 'oidc_login_hide_password_form' => false, + // Use ID Token instead of UserInfo + 'oidc_login_use_id_token' => false, + 'oidc_login_attributes' => array ( + 'id' => 'preferred_username', + 'name' => 'name', + 'mail' => 'email', + 'quota' => 'ownCloudQuota', + 'home' => 'homeDirectory', + 'ldap_uid' => 'uid', + 'groups' => 'ownCloudGroups', + 'login_filter' => 'realm_access_roles', + 'photoURL' => 'picture', + 'is_admin' => 'ownCloudAdmin', + ), + // Default group to add users to (optional, defaults to nothing) + //'oidc_login_default_group' => 'oidc', + 'oidc_login_filter_allowed_values' => null, + // Set OpenID Connect scope + 'oidc_login_scope' => 'openid profile', + // The `id` attribute in `oidc_login_attributes` must return the + // "Internal Username" (see expert settings in LDAP integration) + 'oidc_login_proxy_ldap' => false, + // Fallback to direct login if login from OIDC fails + // Note that no error message will be displayed if enabled + 'oidc_login_disable_registration' => false, + //'oidc_login_redir_fallback' => false, + // If you get your groups from the oidc_login_attributes, you might want + // to create them if they are not already existing, Default is `false`. + 'oidc_create_groups' => true, + // Enable use of WebDAV via OIDC bearer token. + 'oidc_login_webdav_enabled' => true, + // Enable authentication with user/password for DAV clients that do not + // support token authentication (e.g. DAVx⁵) + 'oidc_login_password_authentication' => false, +); \ No newline at end of file diff --git a/resources/chaosknoten/cloud/nextcloud/extra_configuration.config.php.j2 b/resources/chaosknoten/cloud/nextcloud/extra_configuration.config.php.j2 index 8832381..7e6ad56 100644 --- a/resources/chaosknoten/cloud/nextcloud/extra_configuration.config.php.j2 +++ b/resources/chaosknoten/cloud/nextcloud/extra_configuration.config.php.j2 @@ -11,7 +11,7 @@ $CONFIG = array ( 'mail_smtpname' => 'no-reply@cloud.hamburg.ccc.de', 'mail_from_address' => 'no-reply', 'mail_domain' => 'cloud.hamburg.ccc.de', - 'mail_smtppassword' => '{{ secret__nextcloud_smtp_password }}', + 'mail_smtppassword' => '{{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/cloud/smtp_password", create=false, missing="error") }}', 'mail_smtpdebug' => true, 'maintenance_window_start' => 1, ); diff --git a/resources/chaosknoten/eh22-netbox/netbox/configuration.py.j2 b/resources/chaosknoten/eh22-netbox/netbox/configuration.py.j2 new file mode 100644 index 0000000..56995ca --- /dev/null +++ b/resources/chaosknoten/eh22-netbox/netbox/configuration.py.j2 @@ -0,0 +1,60 @@ +ALLOWED_HOSTS = [ "netbox.eh22.easterhegg.eu" ] +DATABASE = { + "HOST": "localhost", + "NAME": "netbox", + "USER": "netbox", + "PASSWORD": "{{ lookup('community.general.passwordstore', 'noc/vm-secrets/chaosknoten/eh22-netbox/DATABASE_PASSWORD', create=false, missing='error') }}", +} +REDIS = { + "tasks": { + "HOST": "localhost", + "PORT": 6379, + "USERNAME": "", + "PASSWORD": "", + "DATABASE": 0, + "SSL": False, + }, + "caching": { + "HOST": "localhost", + "PORT": 6379, + "USERNAME": "", + "PASSWORD": "", + "DATABASE": 1, + "SSL": False, + }, +} +SECRET_KEY = "{{ lookup('community.general.passwordstore', 'noc/vm-secrets/chaosknoten/eh22-netbox/SECRET_KEY', create=false, missing='error') }}" +SESSION_COOKIE_SECURE = True + +# CCCHH ID (Keycloak) integration. +# https://github.com/python-social-auth/social-core/blob/0925304a9e437f8b729862687d3a808c7fb88a95/social_core/backends/keycloak.py#L7 +# https://python-social-auth.readthedocs.io/en/latest/backends/keycloak.html +REMOTE_AUTH_BACKEND = "social_core.backends.keycloak.KeycloakOAuth2" +SOCIAL_AUTH_KEYCLOAK_ACCESS_TOKEN_URL = ( + "https://id.hamburg.ccc.de/realms/ccchh/protocol/openid-connect/token" +) +SOCIAL_AUTH_KEYCLOAK_AUTHORIZATION_URL = ( + "https://id.hamburg.ccc.de/realms/ccchh/protocol/openid-connect/auth" +) +SOCIAL_AUTH_KEYCLOAK_KEY = "eh22-netbox" +SOCIAL_AUTH_KEYCLOAK_PUBLIC_KEY = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/Shi+b2OyYNGVFPsa6qf9SesEpRl5U5rpwgmt8H7NawMvwpPUYVW9o46QW0ulYcDmysT3BzpP3tagO/SFNoOjZdYe0D9nJ7vEp8KHbzR09KCfkyQIi0wLssKnDotVHL5JeUY+iKk+gjiwF9FSFSHPBqsST7hXVAut9LkOvs2aDod9AzbTH/uYbt4wfUm5l/1Ii8D+K7YcsFGUIqxv4XS/ylKqObqN4M2dac69iIwapoh6reaBQEm66vrOzJ+3yi4DZuPrkShJqi2hddtoyZihyCkF+eJJKEI5LrBf1KZB3Ec2YUrqk93ZGUGs/XY6R87QSfR3hJ82B1wnF+c2pw+QIDAQAB" +SOCIAL_AUTH_KEYCLOAK_SECRET = "{{ lookup('community.general.passwordstore', 'noc/vm-secrets/chaosknoten/eh22-netbox/SOCIAL_AUTH_KEYCLOAK_SECRET', create=false, missing='error') }}" +# Use custom OIDC group and role mapping pipeline functions added in via +# netbox__custom_pipeline_oidc_group_and_role_mapping. +# The default pipeline this is based on can be found here: +# https://github.com/netbox-community/netbox/blob/main/netbox/netbox/settings.py +SOCIAL_AUTH_PIPELINE = [ + "social_core.pipeline.social_auth.social_details", + "social_core.pipeline.social_auth.social_uid", + "social_core.pipeline.social_auth.social_user", + "social_core.pipeline.user.get_username", + "social_core.pipeline.user.create_user", + "social_core.pipeline.social_auth.associate_user", + "netbox.authentication.user_default_groups_handler", + "social_core.pipeline.social_auth.load_extra_data", + "social_core.pipeline.user.user_details", + # Custom OIDC group and role mapping functions. + "netbox.custom_pipeline_oidc_mapping.add_groups", + "netbox.custom_pipeline_oidc_mapping.remove_groups", + "netbox.custom_pipeline_oidc_mapping.set_roles", +] diff --git a/resources/chaosknoten/ntfy/nginx/ntfy.hamburg.ccc.de.conf b/resources/chaosknoten/eh22-netbox/nginx/netbox.eh22.easterhegg.eu.conf similarity index 60% rename from resources/chaosknoten/ntfy/nginx/ntfy.hamburg.ccc.de.conf rename to resources/chaosknoten/eh22-netbox/nginx/netbox.eh22.easterhegg.eu.conf index e7d404d..6c9d458 100644 --- a/resources/chaosknoten/ntfy/nginx/ntfy.hamburg.ccc.de.conf +++ b/resources/chaosknoten/eh22-netbox/nginx/netbox.eh22.easterhegg.eu.conf @@ -2,8 +2,7 @@ # https://ssl-config.mozilla.org/#server=nginx&version=1.17.7&config=intermediate&openssl=1.1.1k&guideline=5.6 server { # Listen on a custom port for the proxy protocol. - listen 8443 ssl proxy_protocol; - http2 on; + listen 8443 ssl http2 proxy_protocol; # Make use of the ngx_http_realip_module to set the $remote_addr and # $remote_port to the client address and client port, when using proxy # protocol. @@ -13,12 +12,12 @@ server { # header. real_ip_header proxy_protocol; - server_name ntfy.hamburg.ccc.de; + server_name netbox.eh22.easterhegg.eu; - ssl_certificate /etc/letsencrypt/live/ntfy.hamburg.ccc.de/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/ntfy.hamburg.ccc.de/privkey.pem; + ssl_certificate /etc/letsencrypt/live/netbox.eh22.easterhegg.eu/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/netbox.eh22.easterhegg.eu/privkey.pem; # verify chain of trust of OCSP response using Root CA and Intermediate certs - ssl_trusted_certificate /etc/letsencrypt/live/ntfy.hamburg.ccc.de/chain.pem; + ssl_trusted_certificate /etc/letsencrypt/live/netbox.eh22.easterhegg.eu/chain.pem; # HSTS (ngx_http_headers_module is required) (63072000 seconds) add_header Strict-Transport-Security "max-age=63072000" always; @@ -30,18 +29,20 @@ server { proxy_set_header X-Forwarded-Port 443; # This is https in any case. proxy_set_header X-Forwarded-Proto https; + # Hide the X-Forwarded header. + proxy_hide_header X-Forwarded; + # Assume we are the only Reverse Proxy (well using Proxy Protocol, but that + # is transparent). + # Also provide "_hidden" for by, since it's not relevant. + proxy_set_header Forwarded "for=$remote_addr;proto=https;host=$host;by=_hidden"; + + client_max_body_size 25m; + + location /static/ { + alias /opt/netbox/netbox/static/; + } location / { - proxy_pass http://127.0.0.1:2586; - proxy_http_version 1.1; - - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - - proxy_connect_timeout 3m; - proxy_send_timeout 3m; - proxy_read_timeout 3m; - - client_max_body_size 0; # Stream request body to backend + proxy_pass http://127.0.0.1:8001; } } diff --git a/resources/chaosknoten/grafana/docker_compose/alertmanager.yaml.j2 b/resources/chaosknoten/grafana/docker_compose/alertmanager.yaml.j2 index 51aeb63..83aeaad 100644 --- a/resources/chaosknoten/grafana/docker_compose/alertmanager.yaml.j2 +++ b/resources/chaosknoten/grafana/docker_compose/alertmanager.yaml.j2 @@ -3,84 +3,38 @@ # - https://github.com/prometheus/alertmanager/blob/48a99764a1fc9279fc828de83e7a03ae2219abc7/doc/examples/simple.yml route: - receiver: 'ccchh-infrastructure-alerts' - group_by: [ "alertname", "site", "type", "hypervisor" ] + group_by: ["alertname", "site", "type", "hypervisor"] + group_wait: 30s group_interval: 5m - repeat_interval: 6h - routes: - - receiver: "null" - matchers: - - sendAlert = "false" - - receiver: ntfy-ccchh-critical - matchers: - - org = "ccchh" - - severity = "critical", - repeat_interval: 18h - continue: true - - receiver: ntfy-ccchh - matchers: - - org = "ccchh" - - severity =~ "info|warning", - repeat_interval: 36h - continue: true - - receiver: ntfy-fux-critical - matchers: - - org = "fux" - - severity = "critical", - repeat_interval: 18h - continue: true - - receiver: email-fux-critical - matchers: - - org = "fux" - - severity = "critical", - repeat_interval: 36h - continue: true - - receiver: ntfy-fux - matchers: - - org = "fux" - - severity =~ "info|warning", - repeat_interval: 36h - continue: true - - receiver: ccchh-infrastructure-alerts - matchers: - - org = "ccchh" - - severity =~ "info|warning|critical" + repeat_interval: 3h + + receiver: ccchh-infrastructure-alerts + + +{# Disable these for now, but might be interesting in the future. +# Inhibition rules allow to mute a set of alerts given that another alert is +# firing. +# We use this to mute any warning-level notifications if the same alert is +# already critical. +inhibit_rules: + - source_matchers: [severity="critical"] + target_matchers: [severity="warning"] + # Apply inhibition if the alertname is the same. + # CAUTION: + # If all label names listed in `equal` are missing + # from both the source and target alerts, + # the inhibition rule will apply! + equal: [alertname, cluster, service] #} templates: - "/etc/alertmanager/templates/*.tmpl" receivers: - - name: "null" - name: "ccchh-infrastructure-alerts" telegram_configs: - send_resolved: true - bot_token: {{ secret__alertmanager_telegram_bot_token }} + bot_token: {{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/grafana/alertmanager_telegram_bot_token", create=false, missing="error") }} chat_id: -1002434372415 parse_mode: HTML message: {{ "'{{ template \"alert-message.telegram.ccchh\" . }}'" }} - - - name: "ntfy-ccchh-critical" - webhook_configs: - - url: "http://ntfy-alertmanager-ccchh-critical:8000" - - - name: "ntfy-fux-critical" - webhook_configs: - - url: "http://ntfy-alertmanager-fux-critical:8001" - - - name: "ntfy-ccchh" - webhook_configs: - - url: "http://ntfy-alertmanager-ccchh:8010" - - - name: "ntfy-fux" - webhook_configs: - - url: "http://ntfy-alertmanager-fux:8011" - - - name: "email-fux-critical" - email_configs: - - send_resolved: true - to: "stb@lassitu.de,fux@zimdahl.org" - from: "alert-manager@hamburg.ccc.de" - smarthost: "cow.hamburg.ccc.de:587" - auth_username: "alert-manager@hamburg.ccc.de" - auth_password: {{ secret__alert_manager_email_password }} diff --git a/resources/chaosknoten/grafana/docker_compose/alertmanager_alert_templates.tmpl b/resources/chaosknoten/grafana/docker_compose/alertmanager_alert_templates.tmpl index 3e97e6e..5318fb0 100644 --- a/resources/chaosknoten/grafana/docker_compose/alertmanager_alert_templates.tmpl +++ b/resources/chaosknoten/grafana/docker_compose/alertmanager_alert_templates.tmpl @@ -20,25 +20,16 @@ Links & Resources {{ define "alert-message.telegram.ccchh" }} - {{- if .Alerts.Firing }} - 🔥{{ len .Alerts.Firing }} Alert(/s) Firing 🔥 - {{- if le (len .Alerts.Firing) 5 }} - {{- range .Alerts.Firing }} - {{ template "alert-item.telegram.ccchh.internal" . }} - {{- end }} - {{- else }} - There are too many alerts firing at once - {{- end }} - {{- end }} - - {{- if .Alerts.Resolved }} - ✅{{ len .Alerts.Resolved }} Alert(/s) Resolved ✅ - {{- if le (len .Alerts.Resolved) 5 }} - {{- range .Alerts.Resolved }} - {{ template "alert-item.telegram.ccchh.internal" . }} - {{- end }} - {{- else }} - There are too many resolved alerts to list - {{- end }} - {{- end }} +{{- if .Alerts.Firing }} +🔥{{ len .Alerts.Firing }} Alert(/s) Firing 🔥 +{{ range .Alerts.Firing -}} +{{ template "alert-item.telegram.ccchh.internal" . }} +{{- end }} +{{- end }} +{{- if .Alerts.Resolved }} +✅{{ len .Alerts.Resolved }} Alert(/s) Resolved ✅ +{{ range .Alerts.Resolved -}} +{{ template "alert-item.telegram.ccchh.internal" . }} +{{- end }} +{{- end }} {{- end }} diff --git a/resources/chaosknoten/grafana/docker_compose/compose.yaml.j2 b/resources/chaosknoten/grafana/docker_compose/compose.yaml.j2 index 436669a..3e994dc 100644 --- a/resources/chaosknoten/grafana/docker_compose/compose.yaml.j2 +++ b/resources/chaosknoten/grafana/docker_compose/compose.yaml.j2 @@ -2,23 +2,20 @@ services: prometheus: - image: docker.io/prom/prometheus:v3.7.1@sha256:ff7e389acbe064a4823212a500393d40a28a8f362e4b05cbf6742a9a3ef736b2 + image: prom/prometheus container_name: prometheus command: - '--config.file=/etc/prometheus/prometheus.yml' - - '--web.enable-remote-write-receiver' - - '--enable-feature=promql-experimental-functions' ports: - 9090:9090 restart: unless-stopped volumes: - ./configs/prometheus.yml:/etc/prometheus/prometheus.yml - ./configs/prometheus_alerts.rules.yaml:/etc/prometheus/rules/alerts.rules.yaml - - ./configs/prometheus_alerts-fux.rules.yaml:/etc/prometheus/rules/alerts-fux.rules.yaml - prom_data:/prometheus - + alertmanager: - image: docker.io/prom/alertmanager:v0.28.1@sha256:27c475db5fb156cab31d5c18a4251ac7ed567746a2483ff264516437a39b15ba + image: prom/alertmanager container_name: alertmanager command: - '--config.file=/etc/alertmanager/alertmanager.yaml' @@ -31,82 +28,34 @@ services: - alertmanager_data:/alertmanager grafana: - image: docker.io/grafana/grafana:12.2.1@sha256:35c41e0fd0295f5d0ee5db7e780cf33506abfaf47686196f825364889dee878b + image: grafana/grafana container_name: grafana ports: - 3000:3000 restart: unless-stopped environment: - GF_SECURITY_ADMIN_USER=admin - - "GF_SECURITY_ADMIN_PASSWORD={{ secret__grafana_gf_security_admin_password }}" + - "GF_SECURITY_ADMIN_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/grafana/GF_SECURITY_ADMIN_PASSWORD", create=false, missing="error") }}" volumes: - ./configs/grafana.ini:/etc/grafana/grafana.ini - ./configs/grafana-datasource.yml:/etc/grafana/provisioning/datasources/datasource.yml - graf_data:/var/lib/grafana pve-exporter: - image: docker.io/prompve/prometheus-pve-exporter:3.5.5@sha256:79a5598906697b1a5a006d09f0200528a77c6ff1568faf018539ac65824454df + image: prompve/prometheus-pve-exporter container_name: pve-exporter ports: - 9221:9221 restart: unless-stopped environment: - PVE_USER=grafana@pve - - "PVE_PASSWORD={{ secret__prometheus_pve_exporter_pve_password }}" + - "PVE_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/grafana/prometheus-exporter", create=false, missing="error") }}" - PVE_VERIFY_SSL=false volumes: - /dev/null:/etc/prometheus/pve.yml - loki: - image: docker.io/grafana/loki:3.5.7@sha256:0eaee7bf39cc83aaef46914fb58f287d4f4c4be6ec96b86c2ed55719a75e49c8 - container_name: loki - ports: - - 13100:3100 - - 19099:9099 - restart: unless-stopped - volumes: - - ./configs/loki.yaml:/etc/loki/local-config.yaml - - loki_data:/var/loki - - ntfy-alertmanager-ccchh-critical: - image: docker.io/xenrox/ntfy-alertmanager:0.5.0@sha256:5fea88db3bf0257d98c007ab0c4ef064c6d67d7b7ceead7d6956dfa0a5cb333b - container_name: ntfy-alertmanager-ccchh-critical - volumes: - - ./configs/ntfy-alertmanager-ccchh-critical:/etc/ntfy-alertmanager/config - ports: - - 8000:8000 - restart: unless-stopped - - ntfy-alertmanager-fux-critical: - image: docker.io/xenrox/ntfy-alertmanager:0.5.0@sha256:5fea88db3bf0257d98c007ab0c4ef064c6d67d7b7ceead7d6956dfa0a5cb333b - container_name: ntfy-alertmanager-fux-critical - volumes: - - ./configs/ntfy-alertmanager-fux-critical:/etc/ntfy-alertmanager/config - ports: - - 8001:8001 - restart: unless-stopped - - ntfy-alertmanager-ccchh: - image: docker.io/xenrox/ntfy-alertmanager:0.5.0@sha256:5fea88db3bf0257d98c007ab0c4ef064c6d67d7b7ceead7d6956dfa0a5cb333b - container_name: ntfy-alertmanager-ccchh - volumes: - - ./configs/ntfy-alertmanager-ccchh:/etc/ntfy-alertmanager/config - ports: - - 8010:8010 - restart: unless-stopped - - ntfy-alertmanager-fux: - image: docker.io/xenrox/ntfy-alertmanager:0.5.0@sha256:5fea88db3bf0257d98c007ab0c4ef064c6d67d7b7ceead7d6956dfa0a5cb333b - container_name: ntfy-alertmanager-fux - volumes: - - ./configs/ntfy-alertmanager-fux:/etc/ntfy-alertmanager/config - ports: - - 8011:8011 - restart: unless-stopped volumes: graf_data: {} prom_data: {} alertmanager_data: {} - loki_data: {} - mimir_data: {} diff --git a/resources/chaosknoten/grafana/docker_compose/grafana-datasource.yml b/resources/chaosknoten/grafana/docker_compose/grafana-datasource.yml index 3cb6995..44999d4 100644 --- a/resources/chaosknoten/grafana/docker_compose/grafana-datasource.yml +++ b/resources/chaosknoten/grafana/docker_compose/grafana-datasource.yml @@ -7,14 +7,3 @@ datasources: isDefault: true access: proxy editable: true - - name: Loki - type: loki - url: http://loki:3100 - access: proxy - editable: true - jsonData: - timeout: 60 - maxLines: 3000 - httpHeaderName1: "X-Scope-OrgID" - secureJsonData: - httpHeaderValue1: "chaos" diff --git a/resources/chaosknoten/grafana/docker_compose/grafana.ini.j2 b/resources/chaosknoten/grafana/docker_compose/grafana.ini.j2 index af5b848..65f7bed 100644 --- a/resources/chaosknoten/grafana/docker_compose/grafana.ini.j2 +++ b/resources/chaosknoten/grafana/docker_compose/grafana.ini.j2 @@ -11,7 +11,7 @@ auto_login = true name = id.hamburg.ccc.de allow_sign_up = true client_id = grafana -client_secret = {{ secret__grafana_keycloak_secret }} +client_secret = {{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/grafana/KEYCLOAK_SECRET", create=false, missing="error") }} scopes = openid email profile offline_access roles email_attribute_path = email login_attribute_path = username diff --git a/resources/chaosknoten/grafana/docker_compose/loki.yaml b/resources/chaosknoten/grafana/docker_compose/loki.yaml deleted file mode 100644 index daf214f..0000000 --- a/resources/chaosknoten/grafana/docker_compose/loki.yaml +++ /dev/null @@ -1,52 +0,0 @@ -auth_enabled: true - -server: - http_listen_port: 3100 - grpc_listen_port: 9099 - log_level: warn - -limits_config: - retention_period: 14d - -common: - instance_addr: 127.0.0.1 - path_prefix: /var/loki - storage: - filesystem: - chunks_directory: /var/loki/chunks - rules_directory: /var/loki/rules - replication_factor: 1 - ring: - kvstore: - store: inmemory - -storage_config: - filesystem: - directory: /var/loki/chunks - index_queries_cache_config: - embedded_cache: - enabled: true - max_size_mb: 80 - ttl: 30m - -schema_config: - configs: - - from: 2025-04-28 - store: tsdb - object_store: filesystem - schema: v13 - index: - prefix: index_ - period: 24h - -chunk_store_config: - chunk_cache_config: - embedded_cache: - enabled: true - max_size_mb: 80 - ttl: 30m - write_dedupe_cache_config: - embedded_cache: - enabled: true - max_size_mb: 80 - ttl: 30m diff --git a/resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-ccchh-critical.j2 b/resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-ccchh-critical.j2 deleted file mode 100644 index b4afc90..0000000 --- a/resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-ccchh-critical.j2 +++ /dev/null @@ -1,48 +0,0 @@ -base-url https://grafana.hamburg.ccc.de/ntfy-alertmanager-ccchh-critical -http-address :8000 -log-level info -log-format text -# When multiple alerts are grouped together by Alertmanager, they can either be sent -# each on their own (single mode) or be kept together (multi mode) -# Options: single, multi -# Default: multi -alert-mode single - -labels { - order "severity" - - severity "critical" { - priority 4 - tags "rotating_light" - } - - severity "warning" { - priority 3 - tags "warning" - } - - severity "info" { - priority 1 - } -} - -resolved { - tags "white_check_mark,resolved" - priority 2 -} - -ntfy { - server https://ntfy.hamburg.ccc.de - topic ccchh-alertmanager-critical - access-token {{ secret__ntfy_token }} -} - -alertmanager { - silence-duration 3h -} - -cache { - type memory - duration 12h - cleanup-interval 1h -} diff --git a/resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-ccchh.j2 b/resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-ccchh.j2 deleted file mode 100644 index 66fd9ab..0000000 --- a/resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-ccchh.j2 +++ /dev/null @@ -1,48 +0,0 @@ -base-url https://grafana.hamburg.ccc.de/ntfy-alertmanager-ccchh -http-address :8010 -log-level info -log-format text -# When multiple alerts are grouped together by Alertmanager, they can either be sent -# each on their own (single mode) or be kept together (multi mode) -# Options: single, multi -# Default: multi -alert-mode single - -labels { - order "severity" - - severity "critical" { - priority 4 - tags "rotating_light" - } - - severity "warning" { - priority 3 - tags "warning" - } - - severity "info" { - priority 1 - } -} - -resolved { - tags "white_check_mark,resolved" - priority 2 -} - -ntfy { - server https://ntfy.hamburg.ccc.de - topic ccchh-alertmanager - access-token {{ secret__ntfy_token }} -} - -alertmanager { - silence-duration 3h -} - -cache { - type memory - duration 12h - cleanup-interval 1h -} diff --git a/resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-fux-critical.j2 b/resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-fux-critical.j2 deleted file mode 100644 index afb6cc8..0000000 --- a/resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-fux-critical.j2 +++ /dev/null @@ -1,48 +0,0 @@ -base-url https://grafana.hamburg.ccc.de/ntfy-alertmanager-fux-critical -http-address :8001 -log-level info -log-format text -# When multiple alerts are grouped together by Alertmanager, they can either be sent -# each on their own (single mode) or be kept together (multi mode) -# Options: single, multi -# Default: multi -alert-mode single - -labels { - order "severity" - - severity "critical" { - priority 4 - tags "rotating_light" - } - - severity "warning" { - priority 3 - tags "warning" - } - - severity "info" { - priority 1 - } -} - -resolved { - tags "white_check_mark,resolved" - priority 2 -} - -ntfy { - server https://ntfy.hamburg.ccc.de - topic fux-alertmanager-critical - access-token {{ secret__ntfy_token }} -} - -alertmanager { - silence-duration 3h -} - -cache { - type memory - duration 12h - cleanup-interval 1h -} diff --git a/resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-fux.j2 b/resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-fux.j2 deleted file mode 100644 index 1e506a3..0000000 --- a/resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-fux.j2 +++ /dev/null @@ -1,48 +0,0 @@ -base-url https://grafana.hamburg.ccc.de/ntfy-alertmanager-fux -http-address :8011 -log-level info -log-format text -# When multiple alerts are grouped together by Alertmanager, they can either be sent -# each on their own (single mode) or be kept together (multi mode) -# Options: single, multi -# Default: multi -alert-mode single - -labels { - order "severity" - - severity "critical" { - priority 4 - tags "rotating_light" - } - - severity "warning" { - priority 3 - tags "warning" - } - - severity "info" { - priority 1 - } -} - -resolved { - tags "white_check_mark,resolved" - priority 2 -} - -ntfy { - server https://ntfy.hamburg.ccc.de - topic fux-alertmanager - access-token {{ secret__ntfy_token }} -} - -alertmanager { - silence-duration 3h -} - -cache { - type memory - duration 12h - cleanup-interval 1h -} diff --git a/resources/chaosknoten/grafana/docker_compose/prometheus.yml b/resources/chaosknoten/grafana/docker_compose/prometheus.yml index fd59034..5f6232f 100644 --- a/resources/chaosknoten/grafana/docker_compose/prometheus.yml +++ b/resources/chaosknoten/grafana/docker_compose/prometheus.yml @@ -1,12 +1,12 @@ global: - scrape_interval: 60s - scrape_timeout: 15s - evaluation_interval: 30s + scrape_interval: 15s + scrape_timeout: 10s + evaluation_interval: 15s alerting: alertmanagers: - scheme: http - timeout: 15s + timeout: 10s static_configs: - targets: - "alertmanager:9093" @@ -22,8 +22,6 @@ scrape_configs: static_configs: - targets: - localhost:9090 - labels: - org: ccchh - job_name: alertmanager honor_timestamps: true metrics_path: /metrics @@ -31,8 +29,6 @@ scrape_configs: static_configs: - targets: - alertmanager:9093 - labels: - org: ccchh - job_name: mumble honor_timestamps: true scrape_interval: 5s @@ -42,8 +38,6 @@ scrape_configs: static_configs: - targets: - mumble.hamburg.ccc.de:443 - labels: - org: ccchh - job_name: opnsense-ccchh honor_timestamps: true metrics_path: /metrics @@ -51,8 +45,6 @@ scrape_configs: static_configs: - targets: - 185.161.129.132:9100 - labels: - org: ccchh - job_name: jitsi honor_timestamps: true scrape_interval: 5s @@ -62,14 +54,10 @@ scrape_configs: static_configs: - targets: - jitsi.hamburg.ccc.de:9888 # Jitsi Video Bridge - labels: - org: ccchh - job_name: 'pve' static_configs: - targets: - 212.12.48.126 # chaosknoten - labels: - org: ccchh metrics_path: /pve params: module: [ default ] @@ -86,7 +74,6 @@ scrape_configs: static_configs: # Wieske Chaosknoten VMs - labels: - org: ccchh site: wieske type: virtual_machine hypervisor: chaosknoten @@ -96,6 +83,7 @@ scrape_configs: - public-web-static-intern.hamburg.ccc.de:9100 - git-intern.hamburg.ccc.de:9100 - forgejo-actions-runner-intern.hamburg.ccc.de:9100 + - eh22-netbox-intern.hamburg.ccc.de:9100 - eh22-wiki-intern.hamburg.ccc.de:9100 - mjolnir-intern.hamburg.ccc.de:9100 - woodpecker-intern.hamburg.ccc.de:9100 @@ -111,13 +99,7 @@ scrape_configs: - zammad-intern.hamburg.ccc.de:9100 - pretalx-intern.hamburg.ccc.de:9100 - labels: - org: ccchh site: wieske type: physical_machine targets: - chaosknoten.hamburg.ccc.de:9100 - - -storage: - tsdb: - out_of_order_time_window: 90m diff --git a/resources/chaosknoten/grafana/docker_compose/prometheus_alerts-fux.rules.yaml b/resources/chaosknoten/grafana/docker_compose/prometheus_alerts-fux.rules.yaml deleted file mode 100644 index b1836a3..0000000 --- a/resources/chaosknoten/grafana/docker_compose/prometheus_alerts-fux.rules.yaml +++ /dev/null @@ -1,41 +0,0 @@ -groups: - - name: Fux-Generic - rules: - - alert: HostJobFlaky - expr: group by(instance, job) (changes(up{org="fux"}[24h]) > 7) - for: 0m - labels: - severity: info - org: fux - annotations: - summary: Job {{ $labels.job }} flaky on (instance {{ $labels.instance }}) - description: "The job {{ $labels.job }} on target: {{ $labels.instance }} has been flaky over the last 24 hours." - - name: Fux-SNMP - rules: - - alert: SnmpTargetMissing - expr: up{job=~".*snmp.*", org="fux"} == 0 - for: 15m - labels: - severity: critical - org: fux - annotations: - summary: SNMP target missing (instance {{ $labels.instance }}) - description: "SNMP target: {{ $labels.instance }} has disappeared for more the 15 min." - - name: Fux-DHCP - rules: - - alert: DhcpFuxSharedFailed - expr: script_success{script="check_dhcp_fux_shared"} == 0 - for: 2m - labels: - severity: critical - annotations: - summary: DHCP for Fux Shared stoped working - description: "No DHCP lease for the Fux Shared range was received \n V" - - alert: DhcpFuxAdminFailed - expr: script_success{script_success="check_dhcp_fux_admin"} == 0 - for: 2m - labels: - severity: critical - annotations: - summary: DHCP for Fux Admin stoped working - description: "No DHCP lease for the Fux Admin range was received" diff --git a/resources/chaosknoten/grafana/docker_compose/prometheus_alerts.rules.yaml b/resources/chaosknoten/grafana/docker_compose/prometheus_alerts.rules.yaml index 4a2bc6f..5ec53b8 100644 --- a/resources/chaosknoten/grafana/docker_compose/prometheus_alerts.rules.yaml +++ b/resources/chaosknoten/grafana/docker_compose/prometheus_alerts.rules.yaml @@ -196,9 +196,9 @@ groups: # Same rule using "node_filesystem_free_bytes" will fire when disk fills for non-root users. - alert: HostDiskWillFillIn24Hours expr: ((node_filesystem_avail_bytes * 100) / node_filesystem_size_bytes < 10 and ON (instance, device, mountpoint) predict_linear(node_filesystem_avail_bytes{fstype!~"tmpfs"}[1h], 24 * 3600) < 0 and ON (instance, device, mountpoint) node_filesystem_readonly == 0) * on(instance) group_left (nodename) node_uname_info{nodename=~".+"} - for: 5m + for: 2m labels: - severity: critical + severity: warning annotations: summary: Host disk will fill in 24 hours (instance {{ $labels.instance }}) description: "Filesystem is predicted to run out of space within the next 24 hours at current write rate\n VALUE = {{ $value }}" @@ -212,9 +212,9 @@ groups: description: "Disk is almost running out of available inodes (< 10% left)\n VALUE = {{ $value }}" - alert: HostInodesWillFillIn24Hours expr: (node_filesystem_files_free{fstype!="msdosfs"} / node_filesystem_files{fstype!="msdosfs"} * 100 < 10 and predict_linear(node_filesystem_files_free{fstype!="msdosfs"}[1h], 24 * 3600) < 0 and ON (instance, device, mountpoint) node_filesystem_readonly{fstype!="msdosfs"} == 0) * on(instance) group_left (nodename) node_uname_info{nodename=~".+"} - for: 5m + for: 2m labels: - severity: critical + severity: warning annotations: summary: Host inodes will fill in 24 hours (instance {{ $labels.instance }}) description: "Filesystem is predicted to run out of inodes within the next 24 hours at current write rate\n VALUE = {{ $value }}" @@ -362,7 +362,7 @@ groups: expr: (node_systemd_unit_state{state="failed"} == 1) * on(instance) group_left (nodename) node_uname_info{nodename=~".+"} for: 0m labels: - severity: critical + severity: warning annotations: summary: Host systemd service crashed (instance {{ $labels.instance }}) description: "systemd service crashed\n VALUE = {{ $value }}" @@ -410,7 +410,7 @@ groups: summary: Prometheus job missing (instance {{ $labels.instance }}) description: "A Prometheus job has disappeared\n VALUE = {{ $value }}" - alert: PrometheusTargetMissing - expr: up{job!~"snmp|noc_room_temp"} == 0 + expr: up == 0 for: 0m labels: severity: critical @@ -418,7 +418,7 @@ groups: summary: Prometheus target missing (instance {{ $labels.instance }}) description: "A Prometheus target has disappeared. An exporter might be crashed.\n VALUE = {{ $value }}" - alert: PrometheusAllTargetsMissing - expr: sum by (job) (up{job!~"snmp|noc_room_temp"}) == 0 + expr: sum by (job) (up) == 0 for: 0m labels: severity: critical @@ -438,7 +438,6 @@ groups: for: 0m labels: severity: warning - org: ccchh annotations: summary: Prometheus too many restarts (instance {{ $labels.instance }}) description: "Prometheus has restarted more than twice in the last 15 minutes. It might be crashlooping.\n VALUE = {{ $value }}" @@ -447,7 +446,6 @@ groups: for: 0m labels: severity: warning - org: ccchh annotations: summary: Prometheus AlertManager job missing (instance {{ $labels.instance }}) description: "A Prometheus AlertManager job has disappeared\n VALUE = {{ $value }}" @@ -456,7 +454,6 @@ groups: for: 0m labels: severity: warning - org: ccchh annotations: summary: Prometheus AlertManager configuration reload failure (instance {{ $labels.instance }}) description: "AlertManager configuration reload error\n VALUE = {{ $value }}" @@ -465,7 +462,6 @@ groups: for: 0m labels: severity: warning - org: ccchh annotations: summary: Prometheus AlertManager config not synced (instance {{ $labels.instance }}) description: "Configurations of AlertManager cluster instances are out of sync\n VALUE = {{ $value }}" @@ -483,7 +479,6 @@ groups: for: 0m labels: severity: critical - org: ccchh annotations: summary: Prometheus not connected to alertmanager (instance {{ $labels.instance }}) description: "Prometheus cannot connect the alertmanager\n VALUE = {{ $value }}" @@ -492,7 +487,6 @@ groups: for: 0m labels: severity: critical - org: ccchh annotations: summary: Prometheus rule evaluation failures (instance {{ $labels.instance }}) description: "Prometheus encountered {{ $value }} rule evaluation failures, leading to potentially ignored alerts.\n VALUE = {{ $value }}" @@ -501,7 +495,6 @@ groups: for: 0m labels: severity: critical - org: ccchh annotations: summary: Prometheus template text expansion failures (instance {{ $labels.instance }}) description: "Prometheus encountered {{ $value }} template text expansion failures\n VALUE = {{ $value }}" @@ -510,7 +503,6 @@ groups: for: 5m labels: severity: warning - org: ccchh annotations: summary: Prometheus rule evaluation slow (instance {{ $labels.instance }}) description: "Prometheus rule evaluation took more time than the scheduled interval. It indicates a slower storage backend access or too complex query.\n VALUE = {{ $value }}" @@ -527,7 +519,6 @@ groups: for: 0m labels: severity: critical - org: ccchh annotations: summary: Prometheus AlertManager notification failing (instance {{ $labels.instance }}) description: "Alertmanager is failing sending notifications\n VALUE = {{ $value }}" @@ -536,7 +527,6 @@ groups: for: 0m labels: severity: critical - org: ccchh annotations: summary: Prometheus target empty (instance {{ $labels.instance }}) description: "Prometheus has no target in service discovery\n VALUE = {{ $value }}" @@ -545,7 +535,6 @@ groups: for: 5m labels: severity: warning - org: ccchh annotations: summary: Prometheus target scraping slow (instance {{ $labels.instance }}) description: "Prometheus is scraping exporters slowly since it exceeded the requested interval time. Your Prometheus server is under-provisioned.\n VALUE = {{ $value }}" @@ -586,7 +575,6 @@ groups: for: 0m labels: severity: critical - org: ccchh annotations: summary: Prometheus TSDB compactions failed (instance {{ $labels.instance }}) description: "Prometheus encountered {{ $value }} TSDB compactions failures\n VALUE = {{ $value }}" @@ -595,7 +583,6 @@ groups: for: 0m labels: severity: critical - org: ccchh annotations: summary: Prometheus TSDB head truncations failed (instance {{ $labels.instance }}) description: "Prometheus encountered {{ $value }} TSDB head truncation failures\n VALUE = {{ $value }}" @@ -604,7 +591,6 @@ groups: for: 0m labels: severity: critical - org: ccchh annotations: summary: Prometheus TSDB reload failures (instance {{ $labels.instance }}) description: "Prometheus encountered {{ $value }} TSDB reload failures\n VALUE = {{ $value }}" @@ -613,7 +599,6 @@ groups: for: 0m labels: severity: critical - org: ccchh annotations: summary: Prometheus TSDB WAL corruptions (instance {{ $labels.instance }}) description: "Prometheus encountered {{ $value }} TSDB WAL corruptions\n VALUE = {{ $value }}" @@ -622,16 +607,14 @@ groups: for: 0m labels: severity: critical - org: ccchh annotations: summary: Prometheus TSDB WAL truncations failed (instance {{ $labels.instance }}) description: "Prometheus encountered {{ $value }} TSDB WAL truncation failures\n VALUE = {{ $value }}" - alert: PrometheusTimeseriesCardinality - expr: label_replace(count by(__name__) ({__name__=~".+"}), "name", "$1", "__name__", "(.+)") > 20000 + expr: label_replace(count by(__name__) ({__name__=~".+"}), "name", "$1", "__name__", "(.+)") > 10000 for: 0m labels: severity: warning - org: ccchh annotations: summary: Prometheus timeseries cardinality (instance {{ $labels.instance }}) description: "The \"{{ $labels.name }}\" timeseries cardinality is getting very high: {{ $value }}\n VALUE = {{ $value }}" diff --git a/resources/chaosknoten/grafana/nginx/grafana.hamburg.ccc.de.conf b/resources/chaosknoten/grafana/nginx/grafana.hamburg.ccc.de.conf index c5b68e1..a3218d1 100644 --- a/resources/chaosknoten/grafana/nginx/grafana.hamburg.ccc.de.conf +++ b/resources/chaosknoten/grafana/nginx/grafana.hamburg.ccc.de.conf @@ -2,8 +2,7 @@ # https://ssl-config.mozilla.org/#server=nginx&version=1.17.7&config=intermediate&openssl=1.1.1k&guideline=5.6 server { # Listen on a custom port for the proxy protocol. - listen 8443 ssl proxy_protocol; - http2 on; + listen 8443 ssl http2 proxy_protocol; # Make use of the ngx_http_realip_module to set the $remote_addr and # $remote_port to the client address and client port, when using proxy # protocol. @@ -41,71 +40,4 @@ server { proxy_pass http://127.0.0.1:3000/; } - location /ntfy-alertmanager-ccchh-critical/ { - deny all; - allow ::1/128; - allow 127.0.0.1/32; - # Wieske - allow 172.31.17.128/25; - allow 212.12.51.128/28; - allow 2a00:14b0:42:100::/56; #Neues v6 gerouted via neuem Router - allow 2a00:14b0:4200:3000::/64; #Bei Wieske - allow 2a00:14b0:4200:3380::/64; - allow 2a00:14b0:f000:23::/64; #CCCHH v6 bei Wieske, geroutet über turing - # Z9 - allow 2a07:c480:0:100::/56; - allow 2a07:c481:1::/48; - proxy_pass http://127.0.0.1:8000/; - } - - location /ntfy-alertmanager-ccchh/ { - deny all; - allow ::1/128; - allow 127.0.0.1/32; - # Wieske - allow 172.31.17.128/25; - allow 212.12.51.128/28; - allow 2a00:14b0:42:100::/56; #Neues v6 gerouted via neuem Router - allow 2a00:14b0:4200:3000::/64; #Bei Wieske - allow 2a00:14b0:4200:3380::/64; - allow 2a00:14b0:f000:23::/64; #CCCHH v6 bei Wieske, geroutet über turing - # Z9 - allow 2a07:c480:0:100::/56; - allow 2a07:c481:1::/48; - proxy_pass http://127.0.0.1:8010/; - } - - location /ntfy-alertmanager-fux-critical/ { - deny all; - allow ::1/128; - allow 127.0.0.1/32; - # Wieske - allow 172.31.17.128/25; - allow 212.12.51.128/28; - allow 2a00:14b0:42:100::/56; #Neues v6 gerouted via neuem Router - allow 2a00:14b0:4200:3000::/64; #Bei Wieske - allow 2a00:14b0:4200:3380::/64; - allow 2a00:14b0:f000:23::/64; #CCCHH v6 bei Wieske, geroutet über turing - # Z9 - allow 2a07:c480:0:100::/56; - allow 2a07:c481:1::/48; - proxy_pass http://127.0.0.1:8001/; - } - - location /ntfy-alertmanager-fux/ { - deny all; - allow ::1/128; - allow 127.0.0.1/32; - # Wieske - allow 172.31.17.128/25; - allow 212.12.51.128/28; - allow 2a00:14b0:42:100::/56; #Neues v6 gerouted via neuem Router - allow 2a00:14b0:4200:3000::/64; #Bei Wieske - allow 2a00:14b0:4200:3380::/64; - allow 2a00:14b0:f000:23::/64; #CCCHH v6 bei Wieske, geroutet über turing - # Z9 - allow 2a07:c480:0:100::/56; - allow 2a07:c481:1::/48; - proxy_pass http://127.0.0.1:8011/; - } } diff --git a/resources/chaosknoten/grafana/nginx/loki.hamburg.ccc.de.conf b/resources/chaosknoten/grafana/nginx/loki.hamburg.ccc.de.conf deleted file mode 100644 index e2bf4a7..0000000 --- a/resources/chaosknoten/grafana/nginx/loki.hamburg.ccc.de.conf +++ /dev/null @@ -1,89 +0,0 @@ -server { - allow ::1/128; - allow 127.0.0.1/32; - # Wieske - allow 172.31.17.128/25; - allow 212.12.51.128/28; - allow 2a00:14b0:42:100::/56; #Neues v6 gerouted via neuem Router - allow 2a00:14b0:4200:3000::/64; #Bei Wieske - allow 2a00:14b0:4200:3380::/64; - allow 2a00:14b0:f000:23::/64; #CCCHH v6 bei Wieske, geroutet über turing - # Z9 - allow 2a07:c480:0:100::/56; - allow 2a07:c481:1::/48; - - deny all; - - server_name loki.hamburg.ccc.de; - - listen [::]:50051 ssl; - listen 172.31.17.145:50051 ssl; - - http2 on; - - client_body_buffer_size 512k; - - ssl_certificate /etc/letsencrypt/live/loki.hamburg.ccc.de/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/loki.hamburg.ccc.de/privkey.pem; - - auth_basic "loki"; - auth_basic_user_file loki.htpasswd; - location / { - proxy_set_header Host $host; - proxy_set_header X-Forwarded-Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Port 9099; - # This is https in any case. - proxy_set_header X-Forwarded-Proto https; - proxy_set_header X-Scope-OrgID $remote_user; - grpc_pass grpc://localhost:19099; - } -} - -server { - allow ::1/128; - allow 127.0.0.1/32; - # Wieske - allow 172.31.17.128/25; - allow 212.12.51.128/28; - allow 2a00:14b0:42:100::/56; #Neues v6 gerouted via neuem Router - allow 2a00:14b0:4200:3000::/64; #Bei Wieske - allow 2a00:14b0:4200:3380::/64; - allow 2a00:14b0:f000:23::/64; #CCCHH v6 bei Wieske, geroutet über turing - # Z9 - allow 2a07:c480:0:100::/56; - allow 2a07:c481:1::/48; - deny all; - - server_name loki.hamburg.ccc.de; - - listen [::]:443 ssl; - listen 172.31.17.145:443 ssl; - - http2 on; - - client_body_buffer_size 512k; - - ssl_certificate /etc/letsencrypt/live/loki.hamburg.ccc.de/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/loki.hamburg.ccc.de/privkey.pem; - # verify chain of trust of OCSP response using Root CA and Intermediate certs - ssl_trusted_certificate /etc/letsencrypt/live/loki.hamburg.ccc.de/chain.pem; - - # HSTS (ngx_http_headers_module is required) (63072000 seconds) - add_header Strict-Transport-Security "max-age=63072000" always; - - auth_basic "loki"; - auth_basic_user_file loki.htpasswd; - - location / { - proxy_set_header Host $host; - proxy_set_header X-Forwarded-Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - # This is https in any case. - proxy_set_header X-Forwarded-Proto https; - proxy_set_header X-Scope-OrgID $remote_user; - proxy_pass http://127.0.0.1:13100; - } -} diff --git a/resources/chaosknoten/grafana/nginx/loki.htpasswd.j2 b/resources/chaosknoten/grafana/nginx/loki.htpasswd.j2 deleted file mode 100644 index ed270c2..0000000 --- a/resources/chaosknoten/grafana/nginx/loki.htpasswd.j2 +++ /dev/null @@ -1 +0,0 @@ -chaos:{{ secret__loki_chaos_basic_auth }} diff --git a/resources/chaosknoten/grafana/nginx/metrics.hamburg.ccc.de.conf b/resources/chaosknoten/grafana/nginx/metrics.hamburg.ccc.de.conf deleted file mode 100644 index 2c52523..0000000 --- a/resources/chaosknoten/grafana/nginx/metrics.hamburg.ccc.de.conf +++ /dev/null @@ -1,61 +0,0 @@ -server { - allow ::1/128; - allow 127.0.0.1/32; - # Wieske - allow 172.31.17.128/25; - allow 212.12.51.128/28; - allow 2a00:14b0:42:100::/56; #Neues v6 gerouted via neuem Router - allow 2a00:14b0:4200:3000::/64; #Bei Wieske - allow 2a00:14b0:4200:3380::/64; - allow 2a00:14b0:f000:23::/64; #CCCHH v6 bei Wieske, geroutet über turing - # Z9 - allow 2a07:c480:0:100::/56; - allow 2a07:c481:1::/48; - # fuxnoc - allow 2a07:c481:0:1::/64; - deny all; - - server_name metrics.hamburg.ccc.de; - - listen [::]:443 ssl; - listen 172.31.17.145:443 ssl; - http2 on; - - client_body_buffer_size 512k; - - ssl_certificate /etc/letsencrypt/live/metrics.hamburg.ccc.de/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/metrics.hamburg.ccc.de/privkey.pem; - # verify chain of trust of OCSP response using Root CA and Intermediate certs - ssl_trusted_certificate /etc/letsencrypt/live/metrics.hamburg.ccc.de/chain.pem; - - # HSTS (ngx_http_headers_module is required) (63072000 seconds) - add_header Strict-Transport-Security "max-age=63072000" always; - - auth_basic "metrics"; - auth_basic_user_file metrics.htpasswd; - - location /api/v1/write { - proxy_set_header Host $host; - proxy_set_header X-Forwarded-Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Port 3100; - # This is https in any case. - proxy_set_header X-Forwarded-Proto https; - - proxy_pass http://127.0.0.1:9090; - } - - location /ready { - rewrite ^ /-/ready break; - - proxy_set_header Host $host; - proxy_set_header X-Forwarded-Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - # This is https in any case. - proxy_set_header X-Forwarded-Proto https; - - proxy_pass http://127.0.0.1:9090; - } -} diff --git a/resources/chaosknoten/grafana/nginx/metrics.htpasswd.j2 b/resources/chaosknoten/grafana/nginx/metrics.htpasswd.j2 deleted file mode 100644 index f680572..0000000 --- a/resources/chaosknoten/grafana/nginx/metrics.htpasswd.j2 +++ /dev/null @@ -1,2 +0,0 @@ -chaos:{{ secret__metrics_chaos_basic_auth }} -fux:{{ secret__metrics_fux_basic_auth }} diff --git a/resources/chaosknoten/grafana/nginx/redirect.conf b/resources/chaosknoten/grafana/nginx/redirect.conf deleted file mode 100644 index 28b265a..0000000 --- a/resources/chaosknoten/grafana/nginx/redirect.conf +++ /dev/null @@ -1,14 +0,0 @@ -# partly generated 2022-01-08, Mozilla Guideline v5.6, nginx 1.17.7, OpenSSL 1.1.1k, intermediate configuration -# https://ssl-config.mozilla.org/#server=nginx&version=1.17.7&config=intermediate&openssl=1.1.1k&guideline=5.6 -server { - listen 80 default_server; - listen [::]:80 default_server; - - location / { - return 301 https://$host$request_uri; - } - - location /.well-known/acme-challenge/ { - proxy_pass http://127.0.0.1:31820/.well-known/acme-challenge/; - } -} diff --git a/resources/chaosknoten/keycloak/docker_compose/compose.yaml.j2 b/resources/chaosknoten/keycloak/docker_compose/compose.yaml.j2 index 398d814..9509654 100644 --- a/resources/chaosknoten/keycloak/docker_compose/compose.yaml.j2 +++ b/resources/chaosknoten/keycloak/docker_compose/compose.yaml.j2 @@ -22,7 +22,7 @@ services: keycloak: - image: git.hamburg.ccc.de/ccchh/oci-images/keycloak:26.4@sha256:65d65fa0e858a608fd3e7d16ecfd7a5ced2fba4ab22a8fd3b86f3742ecec0a83 + image: git.hamburg.ccc.de/ccchh/oci-images/keycloak:26.0 pull_policy: always restart: unless-stopped command: start --optimized @@ -32,11 +32,11 @@ services: - keycloak environment: KEYCLOAK_ADMIN: admin - KEYCLOAK_ADMIN_PASSWORD: {{ secret__keycloak_admin_password }} + KEYCLOAK_ADMIN_PASSWORD: {{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/keycloak/KEYCLOAK_ADMIN_PASSWORD", create=false, missing="error") }} KC_DB: postgres KC_DB_URL_HOST: db KC_DB_USERNAME: keycloak - KC_DB_PASSWORD: {{ secret__keycloak_db_password }} + KC_DB_PASSWORD: {{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/keycloak/KC_DB_PASSWORD", create=false, missing="error") }} KC_HOSTNAME: https://id.hamburg.ccc.de KC_HOSTNAME_BACKCHANNEL_DYNAMIC: false KC_HOSTNAME_ADMIN: https://keycloak-admin.hamburg.ccc.de @@ -46,7 +46,7 @@ services: - "8080:8080" db: - image: docker.io/library/postgres:15.14@sha256:9541969afa16d1ac724e16d1cf3c26ddd0c5bae5dd1c230118a7f5b9c14cde1f + image: postgres:15.2 restart: unless-stopped networks: - keycloak @@ -54,11 +54,11 @@ services: - "./database:/var/lib/postgresql/data" environment: POSTGRES_USER: keycloak - POSTGRES_PASSWORD: {{ secret__keycloak_db_password }} + POSTGRES_PASSWORD: {{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/keycloak/POSTGRES_PASSWORD", create=false, missing="error") }} POSTGRES_DB: keycloak id-invite-web: - image: git.hamburg.ccc.de/ccchh/id-invite/id-invite:latest@sha256:ba011f410bc1d2e112135857c236412f65b727f15197dbea1fffd955e0487a6a + image: git.hamburg.ccc.de/ccchh/id-invite/id-invite:latest command: web restart: unless-stopped networks: @@ -76,15 +76,15 @@ services: - "IDINVITE_URL=https://invite.hamburg.ccc.de" - "IDINVITE_KEYCLOAK_NAME=CCCHH ID" - "IDINVITE_VALID_HOURS=50" - - "IDINVITE_SECRET={{ secret__idinvite_token_secret }}" + - "IDINVITE_SECRET={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/keycloak/IDINVITE_TOKEN_SECRET", create=false, missing="error") }}" - "IDINVITE_DISCOVERY_URL=https://id.hamburg.ccc.de/realms/ccchh/.well-known/openid-configuration" - "IDINVITE_CLIENT_ID=id-invite" - - "IDINVITE_CLIENT_SECRET={{ secret__idinvite_client_secret }}" + - "IDINVITE_CLIENT_SECRET={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/keycloak/IDINVITE_CLIENT_SECRET", create=false, missing="error") }}" - "MAIL_FROM=no-reply@hamburg.ccc.de" - "BOTTLE_HOST=0.0.0.0" id-invite-email: - image: git.hamburg.ccc.de/ccchh/id-invite/id-invite:latest@sha256:ba011f410bc1d2e112135857c236412f65b727f15197dbea1fffd955e0487a6a + image: git.hamburg.ccc.de/ccchh/id-invite/id-invite:latest command: email restart: unless-stopped networks: @@ -96,10 +96,10 @@ services: - "MAIL_FROM=no-reply@id.hamburg.ccc.de" - "SMTP_HOSTNAME=cow.hamburg.ccc.de" - "SMTP_USERNAME=no-reply@id.hamburg.ccc.de" - - "SMTP_PASSWORD={{ secret__id_no_reply_smtp }}" + - "SMTP_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/keycloak/NO_REPLY_SMTP", create=false, missing="error") }}" id-invite-keycloak: - image: git.hamburg.ccc.de/ccchh/id-invite/id-invite:latest@sha256:ba011f410bc1d2e112135857c236412f65b727f15197dbea1fffd955e0487a6a + image: git.hamburg.ccc.de/ccchh/id-invite/id-invite:latest command: keycloak restart: unless-stopped networks: @@ -107,10 +107,10 @@ services: environment: - "BOTTLE_HOST=0.0.0.0" - "IDINVITE_CLIENT_ID=id-invite" - - "IDINVITE_CLIENT_SECRET={{ secret__idinvite_client_secret }}" + - "IDINVITE_CLIENT_SECRET={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/keycloak/IDINVITE_CLIENT_SECRET", create=false, missing="error") }}" - "KEYCLOAK_API_URL=http://keycloak:8080" - "KEYCLOAK_API_USERNAME=id-invite" - - "KEYCLOAK_API_PASSWORD={{ secret__idinvite_admin_password }}" + - "KEYCLOAK_API_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/keycloak/IDINVITE_ADMIN_PASSWORD", create=false, missing="error") }}" - "KEYCLOAK_API_REALM=ccchh" - 'KEYCLOAK_GROUPS=["user"]' diff --git a/resources/chaosknoten/keycloak/nginx/keycloak-admin.hamburg.ccc.de.conf b/resources/chaosknoten/keycloak/nginx/keycloak-admin.hamburg.ccc.de.conf index 2b0d919..372715d 100644 --- a/resources/chaosknoten/keycloak/nginx/keycloak-admin.hamburg.ccc.de.conf +++ b/resources/chaosknoten/keycloak/nginx/keycloak-admin.hamburg.ccc.de.conf @@ -43,7 +43,6 @@ server { allow 185.161.129.132/32; # z9 allow 2a07:c480:0:100::/56; # z9 - allow 2a07:c481:1::/48; # z9 new ipv6 allow 213.240.180.39/32; # stbe home allow 2a01:170:118b::1/64; # stbe home deny all; diff --git a/resources/chaosknoten/lists/docker_compose/compose.yaml b/resources/chaosknoten/lists/docker_compose/compose.yaml index 8537ead..232627a 100644 --- a/resources/chaosknoten/lists/docker_compose/compose.yaml +++ b/resources/chaosknoten/lists/docker_compose/compose.yaml @@ -1,7 +1,7 @@ services: mailman-core: restart: unless-stopped - image: docker.io/maxking/mailman-core:0.5@sha256:cb8e412bb18d74480f996da68f46e92473b6103995e71bc5aeba139b255cc3d2 # Use a specific version tag (tag latest is not published) + image: maxking/mailman-core:0.5 # Use a specific version tag (tag latest is not published) container_name: mailman-core hostname: mailman-core volumes: @@ -25,7 +25,7 @@ services: mailman-web: restart: unless-stopped - image: docker.io/maxking/mailman-web:0.5@sha256:014726db85586fb53541f66f6ce964bf07e939791cfd5ffc796cd6d243696a18 # Use a specific version tag (tag latest is not published) + image: maxking/mailman-web:0.5 # Use a specific version tag (tag latest is not published) container_name: mailman-web hostname: mailman-web depends_on: @@ -56,7 +56,7 @@ services: - POSTGRES_DB=mailmandb - POSTGRES_USER=mailman - POSTGRES_PASSWORD=wvQjbMRnwFuxGEPz - image: docker.io/library/postgres:12-alpine@sha256:7c8f4870583184ebadf7f17a6513620aac5f365a7938dc6a6911c1d5df2f481a + image: postgres:12-alpine volumes: - /opt/mailman/database:/var/lib/postgresql/data networks: diff --git a/resources/chaosknoten/netbox/netbox/configuration.py.j2 b/resources/chaosknoten/netbox/netbox/configuration.py.j2 index 7648e7e..789a539 100644 --- a/resources/chaosknoten/netbox/netbox/configuration.py.j2 +++ b/resources/chaosknoten/netbox/netbox/configuration.py.j2 @@ -3,7 +3,7 @@ DATABASE = { "HOST": "localhost", "NAME": "netbox", "USER": "netbox", - "PASSWORD": "{{ netbox__db_password }}", + "PASSWORD": "{{ lookup('community.general.passwordstore', 'noc/vm-secrets/chaosknoten/netbox/DATABASE_PASSWORD', create=false, missing='error') }}", } REDIS = { "tasks": { @@ -23,7 +23,7 @@ REDIS = { "SSL": False, }, } -SECRET_KEY = "{{ secret__netbox_secret_key }}" +SECRET_KEY = "{{ lookup('community.general.passwordstore', 'noc/vm-secrets/chaosknoten/netbox/SECRET_KEY', create=false, missing='error') }}" SESSION_COOKIE_SECURE = True # CCCHH ID (Keycloak) integration. @@ -38,7 +38,7 @@ SOCIAL_AUTH_KEYCLOAK_AUTHORIZATION_URL = ( ) SOCIAL_AUTH_KEYCLOAK_KEY = "netbox" SOCIAL_AUTH_KEYCLOAK_PUBLIC_KEY = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/Shi+b2OyYNGVFPsa6qf9SesEpRl5U5rpwgmt8H7NawMvwpPUYVW9o46QW0ulYcDmysT3BzpP3tagO/SFNoOjZdYe0D9nJ7vEp8KHbzR09KCfkyQIi0wLssKnDotVHL5JeUY+iKk+gjiwF9FSFSHPBqsST7hXVAut9LkOvs2aDod9AzbTH/uYbt4wfUm5l/1Ii8D+K7YcsFGUIqxv4XS/ylKqObqN4M2dac69iIwapoh6reaBQEm66vrOzJ+3yi4DZuPrkShJqi2hddtoyZihyCkF+eJJKEI5LrBf1KZB3Ec2YUrqk93ZGUGs/XY6R87QSfR3hJ82B1wnF+c2pw+QIDAQAB" -SOCIAL_AUTH_KEYCLOAK_SECRET = "{{ secret__netbox_social_auth_keycloak_secret }}" +SOCIAL_AUTH_KEYCLOAK_SECRET = "{{ lookup('community.general.passwordstore', 'noc/vm-secrets/chaosknoten/netbox/SOCIAL_AUTH_KEYCLOAK_SECRET', create=false, missing='error') }}" # Use custom OIDC group and role mapping pipeline functions added in via # netbox__custom_pipeline_oidc_group_and_role_mapping. # The default pipeline this is based on can be found here: diff --git a/resources/chaosknoten/ntfy/docker_compose/compose.yaml.j2 b/resources/chaosknoten/ntfy/docker_compose/compose.yaml.j2 deleted file mode 100644 index 07e8d9e..0000000 --- a/resources/chaosknoten/ntfy/docker_compose/compose.yaml.j2 +++ /dev/null @@ -1,24 +0,0 @@ ---- -services: - ntfy: - image: docker.io/binwiederhier/ntfy:v2.14.0@sha256:5a051798d14138c3ecb12c038652558ab6a077e1aceeb867c151cbf5fa8451ef - container_name: ntfy - command: - - serve - volumes: - - ntfy_cache:/var/cache/ntfy - - ntfy_var:/var/lib/ntfy - - ./configs/server.yml:/etc/ntfy/server.yml - ports: - - 2586:2586 - - 9586:9586 - healthcheck: # optional: remember to adapt the host:port to your environment - test: ["CMD-SHELL", "wget -q --tries=1 http://localhost:2586/v1/health -O - | grep -Eo '\"healthy\"\\s*:\\s*true' || exit 1"] - interval: 60s - timeout: 10s - retries: 3 - start_period: 40s - restart: unless-stopped -volumes: - ntfy_cache: {} - ntfy_var: {} diff --git a/resources/chaosknoten/ntfy/docker_compose/server.yaml.j2 b/resources/chaosknoten/ntfy/docker_compose/server.yaml.j2 deleted file mode 100644 index 0a28f4f..0000000 --- a/resources/chaosknoten/ntfy/docker_compose/server.yaml.j2 +++ /dev/null @@ -1,21 +0,0 @@ -base-url: "https://ntfy.hamburg.ccc.de" -default-host: "https://ntfy.hamburg.ccc.de" -listen-http: ":2586" -behind-proxy: true -cache-file: "/var/cache/ntfy/cache.db" -log-format: json - -enable-metrics: true -metrics-listen-http: ":9586" - -auth-default-access: "deny-all" -auth-file: "/var/lib/ntfy/user.db" - -attachment-cache-dir: "/var/cache/ntfy/attachments" - -web-push-public-key: "BCx7PqDiVNlOiAHHfSxjbTle_LN4hetwHYi58GJhQxiY33AQ663IaJVro7B28j-1KOqwdzKco3dMMwzBJl9OQ90" -web-push-private-key: {{ secret__ntfy_web_push_private_key }} -web-push-file: "/var/cache/ntfy/webpush.db" -web-push-email-address: "mailto:noc@lists.hamburg.ccc.de" - -upstream-base-url: "https://ntfy.sh" diff --git a/resources/chaosknoten/onlyoffice/docker_compose/compose.yaml.j2 b/resources/chaosknoten/onlyoffice/docker_compose/compose.yaml.j2 index 5c9a42a..91c26a3 100644 --- a/resources/chaosknoten/onlyoffice/docker_compose/compose.yaml.j2 +++ b/resources/chaosknoten/onlyoffice/docker_compose/compose.yaml.j2 @@ -4,7 +4,7 @@ services: onlyoffice: - image: docker.io/onlyoffice/documentserver:9.1.0@sha256:34b92f4a67bfd939bd6b75893e8217556e3b977f81e49472f7e28737b741ba1d + image: onlyoffice/documentserver:latest restart: unless-stopped volumes: - "./onlyoffice/DocumentServer/logs:/var/log/onlyoffice" @@ -14,4 +14,4 @@ services: ports: - "8080:80" environment: - JWT_SECRET: {{ secret__onlyoffice_jwt_secret }} + JWT_SECRET: {{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/onlyoffice/JWT_SECRET", create=false, missing="error") }} diff --git a/resources/chaosknoten/pad/docker_compose/compose.yaml.j2 b/resources/chaosknoten/pad/docker_compose/compose.yaml.j2 index 014b8af..537cda0 100644 --- a/resources/chaosknoten/pad/docker_compose/compose.yaml.j2 +++ b/resources/chaosknoten/pad/docker_compose/compose.yaml.j2 @@ -3,19 +3,20 @@ services: database: - image: docker.io/library/postgres:15-alpine@sha256:2e50ad404aead120409575d21758230cc295aec52dfa05ece9b4d0429bc38636 + image: docker.io/library/postgres:15-alpine environment: - "POSTGRES_USER=hedgedoc" - - "POSTGRES_PASSWORD={{ secret__hedgedoc_db_password }}" + - "POSTGRES_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/pad/DB_PASSWORD", create=false, missing="error") }}" - "POSTGRES_DB=hedgedoc" volumes: - database:/var/lib/postgresql/data restart: unless-stopped app: - image: quay.io/hedgedoc/hedgedoc:1.10.3@sha256:ca58fd73ecf05c89559b384fb7a1519c18c8cbba5c21a0018674ed820b9bdb73 + #image: quay.io/hedgedoc/hedgedoc:1.9.9 + image: quay.io/hedgedoc/hedgedoc:latest environment: - - "CMD_DB_URL=postgres://hedgedoc:{{ secret__hedgedoc_db_password }}@database:5432/hedgedoc" + - "CMD_DB_URL=postgres://hedgedoc:{{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/pad/DB_PASSWORD", create=false, missing="error") }}@database:5432/hedgedoc" - "CMD_DOMAIN=pad.hamburg.ccc.de" - "CMD_PROTOCOL_USESSL=true" - "CMD_HSTS_ENABLE=false" @@ -34,7 +35,7 @@ services: - "CMD_OAUTH2_TOKEN_URL=https://id.hamburg.ccc.de/realms/ccchh/protocol/openid-connect/token" - "CMD_OAUTH2_AUTHORIZATION_URL=https://id.hamburg.ccc.de/realms/ccchh/protocol/openid-connect/auth" - "CMD_OAUTH2_CLIENT_ID=pad" - - "CMD_OAUTH2_CLIENT_SECRET={{ secret__hedgedoc_kc_secret }}" + - "CMD_OAUTH2_CLIENT_SECRET={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/pad/KC_SECRET", create=false, missing="error") }}" - "CMD_OAUTH2_PROVIDERNAME=Keycloak" - "CMD_OAUTH2_SCOPE=openid email profile" volumes: @@ -46,17 +47,17 @@ services: - database hedgedoc-expire: - image: git.hamburg.ccc.de/ccchh/hedgedoc-expire/hedgedoc-expire:latest@sha256:9be261712a8ee57ff89068c3926a8c5d7c96ff80aa629f98eec239786c6158b1 + image: git.hamburg.ccc.de/ccchh/hedgedoc-expire/hedgedoc-expire:latest # command: "emailcheck" command: "cron" environment: - "POSTGRES_HOSTNAME=database" - "POSTGRES_USERNAME=hedgedoc" - - "POSTGRES_PASSWORD={{ secret__hedgedoc_db_password }}" + - "POSTGRES_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/pad/DB_PASSWORD", create=false, missing="error") }}" - "SMTP_FROM=pad@hamburg.ccc.de" - "SMTP_HOSTNAME=cow.hamburg.ccc.de" - "SMTP_USERNAME=pad@hamburg.ccc.de" - - "SMTP_PASSWORD={{ secret__pad_smtp_password }}" + - "SMTP_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/pad/smtp_password", create=false, missing="error") }}" - "URL=https://pad.hamburg.ccc.de" depends_on: - database diff --git a/resources/chaosknoten/pretalx/docker_compose/compose.yaml.j2 b/resources/chaosknoten/pretalx/docker_compose/compose.yaml.j2 index 66f6172..b210098 100644 --- a/resources/chaosknoten/pretalx/docker_compose/compose.yaml.j2 +++ b/resources/chaosknoten/pretalx/docker_compose/compose.yaml.j2 @@ -3,10 +3,10 @@ services: database: - image: docker.io/library/postgres:15-alpine@sha256:2e50ad404aead120409575d21758230cc295aec52dfa05ece9b4d0429bc38636 + image: docker.io/library/postgres:15-alpine environment: - "POSTGRES_USER=pretalx" - - "POSTGRES_PASSWORD={{ secret__pretalx_db_password }}" + - "POSTGRES_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/pretalx/DB_PASSWORD", create=false, missing="error") }}" - "POSTGRES_DB=pretalx" volumes: - database:/var/lib/postgresql/data @@ -15,7 +15,7 @@ services: - pretalx_net redis: - image: docker.io/library/redis:8.2.2@sha256:4521b581dbddea6e7d81f8fe95ede93f5648aaa66a9dacd581611bf6fe7527bd + image: redis:latest restart: unless-stopped volumes: - redis:/data @@ -23,7 +23,7 @@ services: - pretalx_net static: - image: docker.io/library/nginx:1.29.2@sha256:029d4461bd98f124e531380505ceea2072418fdf28752aa73b7b273ba3048903 + image: docker.io/library/nginx restart: unless-stopped volumes: - public:/usr/share/nginx/html @@ -33,7 +33,7 @@ services: - pretalx_net pretalx: - image: docker.io/pretalx/standalone:v2025.1.0@sha256:fb2d15f11bcae8bb15430084ed81a150cfdf7c79705450583b51e352ba486e8e + image: pretalx/standalone:latest entrypoint: gunicorn command: - "pretalx.wsgi" @@ -53,14 +53,13 @@ services: restart: unless-stopped environment: PRETALX_DATA_DIR: /data - PRETALX_FILE_UPLOAD_LIMIT: 1000 # MB PRETALX_FILESYSTEM_MEDIA: /public/media PRETALX_FILESYSTEM_STATIC: /public/static PRETALX_SITE_URL: https://pretalx.hamburg.ccc.de PRETALX_DB_TYPE: postgresql PRETALX_DB_NAME: pretalx PRETALX_DB_USER: pretalx - PRETALX_DB_PASS: "{{ secret__pretalx_db_password }}" + PRETALX_DB_PASS: "{{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/pretalx/DB_PASSWORD", create=false, missing="error") }}" PRETALX_DB_HOST: database PRETALX_MAIL_FROM: "pretalx@hamburg.ccc.de" PRETALX_MAIL_HOST: "cow-intern.hamburg.ccc.de" @@ -78,7 +77,7 @@ services: - pretalx_net celery: - image: docker.io/pretalx/standalone:v2025.1.0@sha256:fb2d15f11bcae8bb15430084ed81a150cfdf7c79705450583b51e352ba486e8e + image: pretalx/standalone:latest command: - taskworker restart: unless-stopped @@ -90,13 +89,13 @@ services: PRETALX_DB_TYPE: postgresql PRETALX_DB_NAME: pretalx PRETALX_DB_USER: pretalx - PRETALX_DB_PASS: "{{ secret__pretalx_db_password }}" + PRETALX_DB_PASS: "{{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/pretalx/DB_PASSWORD", create=false, missing="error") }}" PRETALX_DB_HOST: database PRETALX_MAIL_FROM: "pretalx@hamburg.ccc.de" PRETALX_MAIL_HOST: "cow.hamburg.ccc.de" PRETALX_MAIL_PORT: 587 PRETALX_MAIL_USER: pretalx@hamburg.ccc.de - PRETALX_MAIL_PASSWORD: "{{ secret__pretalx_mail_password }}" + PRETALX_MAIL_PASSWORD: "{{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/pretalx/PRETALX_MAIL_PASSWORD", create=false, missing="error") }}" PRETALX_MAIL_TLS: "true" PRETALX_CELERY_BACKEND: redis://redis/1 PRETALX_CELERY_BROKER: redis://redis/2 diff --git a/resources/chaosknoten/public-reverse-proxy/nginx/acme_challenge.conf b/resources/chaosknoten/public-reverse-proxy/nginx/acme_challenge.conf index 790ca77..4e0e8e3 100644 --- a/resources/chaosknoten/public-reverse-proxy/nginx/acme_challenge.conf +++ b/resources/chaosknoten/public-reverse-proxy/nginx/acme_challenge.conf @@ -17,8 +17,6 @@ map $host $upstream_acme_challenge_host { invite.hamburg.ccc.de 172.31.17.144:31820; keycloak-admin.hamburg.ccc.de 172.31.17.144:31820; matrix.hamburg.ccc.de 172.31.17.150:31820; - mas.hamburg.ccc.de 172.31.17.150:31820; - element-admin.hamburg.ccc.de 172.31.17.151:31820; netbox.hamburg.ccc.de 172.31.17.167:31820; onlyoffice.hamburg.ccc.de 172.31.17.147:31820; pad.hamburg.ccc.de 172.31.17.141:31820; @@ -72,11 +70,8 @@ map $host $upstream_acme_challenge_host { design.hamburg.ccc.de 172.31.17.162:31820; hydra.hamburg.ccc.de 172.31.17.163:31820; cfp.eh22.easterhegg.eu 172.31.17.157:31820; - ntfy.hamburg.ccc.de 172.31.17.149:31820; - cryptoparty-hamburg.de 172.31.17.151:31820; - cryptoparty.hamburg.ccc.de 172.31.17.151:31820; - staging.cryptoparty-hamburg.de 172.31.17.151:31820; - staging.cryptoparty.hamburg.ccc.de 172.31.17.151:31820; + hub.eh22.easterhegg.eu eh22hub-intern.hamburg.ccc.de:31820; + netbox.eh22.easterhegg.eu eh22-netbox-intern.hamburg.ccc.de:31820; default ""; } diff --git a/resources/chaosknoten/public-reverse-proxy/nginx/nginx.conf b/resources/chaosknoten/public-reverse-proxy/nginx/nginx.conf index 87b5408..4a7f84c 100644 --- a/resources/chaosknoten/public-reverse-proxy/nginx/nginx.conf +++ b/resources/chaosknoten/public-reverse-proxy/nginx/nginx.conf @@ -34,8 +34,6 @@ stream { staging.hackertours.hamburg.ccc.de 172.31.17.151:8443; netbox.hamburg.ccc.de 172.31.17.167:8443; matrix.hamburg.ccc.de 172.31.17.150:8443; - mas.hamburg.ccc.de 172.31.17.150:8443; - element-admin.hamburg.ccc.de 172.31.17.151:8443; element.hamburg.ccc.de 172.31.17.151:8443; branding-resources.hamburg.ccc.de 172.31.17.151:8443; www.hamburg.ccc.de 172.31.17.151:8443; @@ -90,11 +88,8 @@ stream { design.hamburg.ccc.de 172.31.17.162:8443; hydra.hamburg.ccc.de 172.31.17.163:8443; cfp.eh22.easterhegg.eu pretalx-intern.hamburg.ccc.de:8443; - ntfy.hamburg.ccc.de 172.31.17.149:8443; - cryptoparty-hamburg.de 172.31.17.151:8443; - cryptoparty.hamburg.ccc.de 172.31.17.151:8443; - staging.cryptoparty-hamburg.de 172.31.17.151:8443; - staging.cryptoparty.hamburg.ccc.de 172.31.17.151:8443; + hub.eh22.easterhegg.eu eh22hub-intern.hamburg.ccc.de:8443; + netbox.eh22.easterhegg.eu eh22-netbox-intern.hamburg.ccc.de:8443; } server { diff --git a/resources/chaosknoten/renovate/renovate/config.js.j2 b/resources/chaosknoten/renovate/renovate/config.js.j2 deleted file mode 100644 index 5d53a07..0000000 --- a/resources/chaosknoten/renovate/renovate/config.js.j2 +++ /dev/null @@ -1,21 +0,0 @@ -module.exports = { - username: "renovate", - token: "{{ secret__renovate_token }}", - endpoint: "https://git.hamburg.ccc.de/", - platform: "forgejo", - persistRepoData: true, - onboardingConfig: { - "extends": ["config:recommended"], - }, - autodiscover: true, - autodiscoverNamespaces: [ - "CCCHH" - ], - detectHostRulesFromEnv: false, - hostRules: [ - { - matchHost: "api.github.com", - token: "{{ secret__renovate_github_token }}" - } - ] -}; diff --git a/resources/chaosknoten/tickets/docker_compose/compose.yaml.j2 b/resources/chaosknoten/tickets/docker_compose/compose.yaml.j2 index 057da55..1f9d99d 100644 --- a/resources/chaosknoten/tickets/docker_compose/compose.yaml.j2 +++ b/resources/chaosknoten/tickets/docker_compose/compose.yaml.j2 @@ -1,19 +1,19 @@ --- services: database: - image: docker.io/library/postgres:15-alpine@sha256:2e50ad404aead120409575d21758230cc295aec52dfa05ece9b4d0429bc38636 + image: docker.io/library/postgres:15-alpine environment: - "POSTGRES_USER=pretix" - - "POSTGRES_PASSWORD={{ secret__pretix_db_password }}" + - "POSTGRES_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/tickets/DB_PASSWORD", create=false, missing="error") }}" - "POSTGRES_DB=pretix" volumes: - database:/var/lib/postgresql/data networks: backend: restart: unless-stopped - + redis: - image: docker.io/library/redis:7.4.6@sha256:a9cc41d6d01da2aa26c219e4f99ecbeead955a7b656c1c499cce8922311b2514 + image: docker.io/library/redis:7 ports: - "6379:6379" volumes: @@ -25,7 +25,7 @@ services: backend: pretix: - image: docker.io/pretix/standalone:2024.8@sha256:110bac37efa5f736227f158f38e421ed738d03dccc274dfb415b258ab0f75cfe + image: docker.io/pretix/standalone:2024.8 command: ["all"] ports: - "8345:80" diff --git a/resources/chaosknoten/tickets/docker_compose/pretix.cfg.j2 b/resources/chaosknoten/tickets/docker_compose/pretix.cfg.j2 index f1c119f..3f4af83 100644 --- a/resources/chaosknoten/tickets/docker_compose/pretix.cfg.j2 +++ b/resources/chaosknoten/tickets/docker_compose/pretix.cfg.j2 @@ -10,7 +10,7 @@ trust_x_forwarded_proto=on backend=postgresql name=pretix user=pretix -password={{ secret__pretix_db_password }} +password={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/tickets/DB_PASSWORD", create=false, missing="error") }} host=database [mail] diff --git a/resources/chaosknoten/zammad/docker_compose/.env.j2 b/resources/chaosknoten/zammad/docker_compose/.env.j2 deleted file mode 100644 index adeeb48..0000000 --- a/resources/chaosknoten/zammad/docker_compose/.env.j2 +++ /dev/null @@ -1,4 +0,0 @@ -POSTGRES_PASS={{ secret__zammad_db_password }} -POSTGRES_VERSION=15-alpine -REDIS_VERSION=7-alpine -NGINX_SERVER_SCHEME=https diff --git a/resources/chaosknoten/zammad/docker_compose/compose.yaml b/resources/chaosknoten/zammad/docker_compose/compose.yaml deleted file mode 100644 index 66192da..0000000 --- a/resources/chaosknoten/zammad/docker_compose/compose.yaml +++ /dev/null @@ -1,149 +0,0 @@ ---- -version: "3.8" - -# Taken from: https://github.com/zammad/zammad-docker-compose/blob/master/docker-compose.yml -# Version: v14.1.1 -# Update from new tag by replacing all content. -# Configuration should be done in the .env.j2. - -x-shared: - zammad-service: &zammad-service - environment: &zammad-environment - MEMCACHE_SERVERS: ${MEMCACHE_SERVERS:-zammad-memcached:11211} - POSTGRESQL_DB: ${POSTGRES_DB:-zammad_production} - POSTGRESQL_HOST: ${POSTGRES_HOST:-zammad-postgresql} - POSTGRESQL_USER: ${POSTGRES_USER:-zammad} - POSTGRESQL_PASS: ${POSTGRES_PASS:-zammad} - POSTGRESQL_PORT: ${POSTGRES_PORT:-5432} - POSTGRESQL_OPTIONS: ${POSTGRESQL_OPTIONS:-?pool=50} - POSTGRESQL_DB_CREATE: - REDIS_URL: ${REDIS_URL:-redis://zammad-redis:6379} - S3_URL: - # Backup settings - BACKUP_DIR: "${BACKUP_DIR:-/var/tmp/zammad}" - BACKUP_TIME: "${BACKUP_TIME:-03:00}" - HOLD_DAYS: "${HOLD_DAYS:-10}" - TZ: "${TZ:-Europe/Berlin}" - # Allow passing in these variables via .env: - AUTOWIZARD_JSON: - AUTOWIZARD_RELATIVE_PATH: - ELASTICSEARCH_ENABLED: - ELASTICSEARCH_SCHEMA: - ELASTICSEARCH_HOST: - ELASTICSEARCH_PORT: - ELASTICSEARCH_USER: - ELASTICSEARCH_PASS: - ELASTICSEARCH_NAMESPACE: - ELASTICSEARCH_REINDEX: - NGINX_PORT: - NGINX_CLIENT_MAX_BODY_SIZE: - NGINX_SERVER_NAME: - NGINX_SERVER_SCHEME: - RAILS_TRUSTED_PROXIES: - ZAMMAD_HTTP_TYPE: - ZAMMAD_FQDN: - ZAMMAD_WEB_CONCURRENCY: - ZAMMAD_PROCESS_SESSIONS_JOBS_WORKERS: - ZAMMAD_PROCESS_SCHEDULED_JOBS_WORKERS: - ZAMMAD_PROCESS_DELAYED_JOBS_WORKERS: - # ZAMMAD_SESSION_JOBS_CONCURRENT is deprecated, please use ZAMMAD_PROCESS_SESSIONS_JOBS_WORKERS instead. - ZAMMAD_SESSION_JOBS_CONCURRENT: - # Variables used by ngingx-proxy container for reverse proxy creations - # for docs refer to https://github.com/nginx-proxy/nginx-proxy - VIRTUAL_HOST: - VIRTUAL_PORT: - # Variables used by acme-companion for retrieval of LetsEncrypt certificate - # for docs refer to https://github.com/nginx-proxy/acme-companion - LETSENCRYPT_HOST: - LETSENCRYPT_EMAIL: - - image: ${IMAGE_REPO:-ghcr.io/zammad/zammad}:${VERSION:-6.5.2} - restart: ${RESTART:-always} - volumes: - - zammad-storage:/opt/zammad/storage - depends_on: - - zammad-memcached - - zammad-postgresql - - zammad-redis - -services: - zammad-backup: - <<: *zammad-service - command: ["zammad-backup"] - volumes: - - zammad-backup:/var/tmp/zammad - - zammad-storage:/opt/zammad/storage:ro - user: 0:0 - - zammad-elasticsearch: - image: elasticsearch:${ELASTICSEARCH_VERSION:-8.19.4} - restart: ${RESTART:-always} - volumes: - - elasticsearch-data:/usr/share/elasticsearch/data - environment: - discovery.type: single-node - xpack.security.enabled: 'false' - ES_JAVA_OPTS: ${ELASTICSEARCH_JAVA_OPTS:--Xms1g -Xmx1g} - - zammad-init: - <<: *zammad-service - command: ["zammad-init"] - depends_on: - - zammad-postgresql - restart: on-failure - user: 0:0 - - zammad-memcached: - command: memcached -m 256M - image: memcached:${MEMCACHE_VERSION:-1.6.39-alpine} - restart: ${RESTART:-always} - - zammad-nginx: - <<: *zammad-service - command: ["zammad-nginx"] - expose: - - "${NGINX_PORT:-8080}" - ports: - - "${NGINX_EXPOSE_PORT:-8080}:${NGINX_PORT:-8080}" - depends_on: - - zammad-railsserver - - zammad-postgresql: - environment: - POSTGRES_DB: ${POSTGRES_DB:-zammad_production} - POSTGRES_USER: ${POSTGRES_USER:-zammad} - POSTGRES_PASSWORD: ${POSTGRES_PASS:-zammad} - image: postgres:${POSTGRES_VERSION:-17.6-alpine} - restart: ${RESTART:-always} - volumes: - - postgresql-data:/var/lib/postgresql/data - - zammad-railsserver: - <<: *zammad-service - command: ["zammad-railsserver"] - - zammad-redis: - image: redis:${REDIS_VERSION:-7.4.5-alpine} - restart: ${RESTART:-always} - volumes: - - redis-data:/data - - zammad-scheduler: - <<: *zammad-service - command: ["zammad-scheduler"] - - zammad-websocket: - <<: *zammad-service - command: ["zammad-websocket"] - -volumes: - elasticsearch-data: - driver: local - postgresql-data: - driver: local - redis-data: - driver: local - zammad-backup: - driver: local - zammad-storage: - driver: local diff --git a/resources/chaosknoten/zammad/docker_compose/compose.yaml.j2 b/resources/chaosknoten/zammad/docker_compose/compose.yaml.j2 new file mode 100644 index 0000000..8d345de --- /dev/null +++ b/resources/chaosknoten/zammad/docker_compose/compose.yaml.j2 @@ -0,0 +1,158 @@ +--- +{# +https://github.com/zammad/zammad-docker-compose +Docker Compose does not allow defining variables in the compose file (only in .env files), so we use Jinja variables instead +see https://github.com/zammad/zammad-docker-compose/blob/master/.env +#} +{%- set ELASTICSEARCH_VERSION = "8" | quote -%} +{%- set IMAGE_REPO = "ghcr.io/zammad/zammad" | quote -%} +{%- set MEMCACHE_SERVERS = "zammad-memcached:11211" | quote -%} +{%- set MEMCACHE_VERSION = "1.6-alpine" | quote -%} +{%- set POSTGRES_DB = "zammad_production" | quote -%} +{%- set POSTGRES_HOST = "zammad-postgresql" | quote -%} +{%- set POSTGRES_USER = "zammad" | quote -%} +{%- set POSTGRES_PASS = lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/zammad/DB_PASSWORD", create=false, missing="error") | quote -%} +{%- set POSTGRES_PORT = "5432" | quote -%} +{%- set POSTGRES_VERSION = "15-alpine" | quote -%} +{%- set REDIS_URL = "redis://zammad-redis:6379" | quote -%} +{%- set REDIS_VERSION = "7-alpine" | quote -%} +{%- set RESTART = "always" | quote -%} +{%- set VERSION = "6" | quote -%} +x-shared: + zammad-service: &zammad-service + environment: &zammad-environment + MEMCACHE_SERVERS: {{ MEMCACHE_SERVERS }} + POSTGRESQL_DB: {{ POSTGRES_DB }} + POSTGRESQL_HOST: {{ POSTGRES_HOST }} + POSTGRESQL_USER: {{ POSTGRES_USER }} + POSTGRESQL_PASS: {{ POSTGRES_PASS }} + POSTGRESQL_PORT: {{ POSTGRES_PORT }} + REDIS_URL: {{ REDIS_URL }} + # Allow passing in these variables via .env: + AUTOWIZARD_JSON: + AUTOWIZARD_RELATIVE_PATH: + ELASTICSEARCH_ENABLED: + ELASTICSEARCH_HOST: + ELASTICSEARCH_PORT: + ELASTICSEARCH_SCHEMA: + ELASTICSEARCH_NAMESPACE: + ELASTICSEARCH_REINDEX: + ELASTICSEARCH_SSL_VERIFY: + NGINX_PORT: + NGINX_SERVER_NAME: + NGINX_SERVER_SCHEME: https + POSTGRESQL_DB_CREATE: + POSTGRESQL_OPTIONS: + RAILS_TRUSTED_PROXIES: + ZAMMAD_WEB_CONCURRENCY: + ZAMMAD_SESSION_JOBS: + ZAMMAD_PROCESS_SCHEDULED: + ZAMMAD_PROCESS_DELAYED_JOBS_WORKERS: + image: {{ IMAGE_REPO }}:{{ VERSION }} + restart: {{ RESTART }} + volumes: + - zammad-storage:/opt/zammad/storage + - zammad-var:/opt/zammad/var + depends_on: + - zammad-memcached + - zammad-postgresql + - zammad-redis + +services: + + zammad-backup: + command: ["zammad-backup"] + depends_on: + - zammad-railsserver + - zammad-postgresql + entrypoint: /usr/local/bin/backup.sh + environment: + <<: *zammad-environment + BACKUP_TIME: "03:00" + HOLD_DAYS: "10" + TZ: Europe/Berlin + image: postgres:{{ POSTGRES_VERSION }} + restart: {{ RESTART }} + volumes: + - zammad-backup:/var/tmp/zammad + - zammad-storage:/opt/zammad/storage:ro + - zammad-var:/opt/zammad/var:ro + - ./scripts/backup.sh:/usr/local/bin/backup.sh:ro + + zammad-elasticsearch: + image: bitnami/elasticsearch:{{ ELASTICSEARCH_VERSION }} + restart: {{ RESTART }} + volumes: + - elasticsearch-data:/bitnami/elasticsearch/data + + zammad-init: + <<: *zammad-service + command: ["zammad-init"] + depends_on: + - zammad-postgresql + restart: on-failure + user: 0:0 + volumes: + - zammad-storage:/opt/zammad/storage + - zammad-var:/opt/zammad/var + + zammad-memcached: + command: memcached -m 256M + image: memcached:{{ MEMCACHE_VERSION }} + restart: {{ RESTART }} + + zammad-nginx: + <<: *zammad-service + command: ["zammad-nginx"] + expose: + - "8080" + ports: + - "8080:8080" + depends_on: + - zammad-railsserver + volumes: + - zammad-var:/opt/zammad/var:ro # required for the zammad-ready check file + + zammad-postgresql: + environment: + POSTGRES_DB: {{ POSTGRES_DB }} + POSTGRES_USER: {{ POSTGRES_USER }} + POSTGRES_PASSWORD: {{ POSTGRES_PASS }} + image: postgres:{{ POSTGRES_VERSION }} + restart: {{ RESTART }} + volumes: + - postgresql-data:/var/lib/postgresql/data + + zammad-railsserver: + <<: *zammad-service + command: ["zammad-railsserver"] + + zammad-redis: + image: redis:{{ REDIS_VERSION }} + restart: {{ RESTART }} + volumes: + - redis-data:/data + + zammad-scheduler: + <<: *zammad-service + command: ["zammad-scheduler"] + volumes: + - /ansible_docker_compose/zammad-scheduler-database.yml:/opt/zammad/config/database.yml # workaround for connection pool issue + + zammad-websocket: + <<: *zammad-service + command: ["zammad-websocket"] + +volumes: + elasticsearch-data: + driver: local + postgresql-data: + driver: local + redis-data: + driver: local + zammad-backup: + driver: local + zammad-storage: + driver: local + zammad-var: + driver: local diff --git a/resources/z9/dooris/docker_compose/compose.yaml.j2 b/resources/z9/dooris/docker_compose/compose.yaml.j2 deleted file mode 100644 index b722aa7..0000000 --- a/resources/z9/dooris/docker_compose/compose.yaml.j2 +++ /dev/null @@ -1,22 +0,0 @@ ---- - -services: - dooris: - image: git.hamburg.ccc.de/ccchh/hmdooris/hmdooris:latest@sha256:a895989b0955936cbe0641de0309bcb343a9da9c2c8d6184d906a66bf1151303 - environment: - HMDOORIS_ALLOWED_IPS: "2a07:c481:1:c8::/64 2a01:170:118b::/56 172.31.200.0/23 172.31.202.0/27" - HMDOORIS_CCUJACK_CERTIFICATE_PATH: false - HMDOORIS_CCUJACK_PASSWORD: "{{ secret__dooris_ccujack_password }}" - HMDOORIS_CCUJACK_URL: https://hmdooris-ccu.ccchh.net:2122 - HMDOORIS_CCUJACK_USERNAME: dooris - HMDOORIS_CLIENT_ID: dooris - HMDOORIS_CLIENT_SECRET: "{{ secret__dooris_client_secret }}" - HMDOORIS_DISCOVERY_URL: https://id.hamburg.ccc.de/realms/ccchh/.well-known/openid-configuration - HMDOORIS_LISTEN: '0.0.0.0:3000' - HMDOORIS_REQUIRES_GROUP: /intern - HMDOORIS_URL: https://dooris.ccchh.net - PYTHONWARNINGS: "ignore:Unverified HTTPS request" - #DEBUG: true - ports: - - "127.0.0.1:3000:3000" - restart: unless-stopped diff --git a/resources/z9/dooris/nginx/dooris.ccchh.net.conf b/resources/z9/dooris/nginx/dooris.ccchh.net.conf deleted file mode 100644 index c1ca082..0000000 --- a/resources/z9/dooris/nginx/dooris.ccchh.net.conf +++ /dev/null @@ -1,37 +0,0 @@ -# partly generated 2022-01-08, Mozilla Guideline v5.6, nginx 1.17.7, OpenSSL 1.1.1k, intermediate configuration -# https://ssl-config.mozilla.org/#server=nginx&version=1.17.7&config=intermediate&openssl=1.1.1k&guideline=5.6 -server { - listen [::]:443 ssl http2; - listen 443 ssl http2; - - server_name dooris.ccchh.net; - - ssl_certificate /etc/letsencrypt/live/dooris.ccchh.net/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/dooris.ccchh.net/privkey.pem; - # verify chain of trust of OCSP response using Root CA and Intermediate certs - ssl_trusted_certificate /etc/letsencrypt/live/dooris.ccchh.net/chain.pem; - - # HSTS (ngx_http_headers_module is required) (63072000 seconds) - add_header Strict-Transport-Security "max-age=63072000" always; - - proxy_set_header Host $host; - proxy_set_header X-Forwarded-Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Port 443; - # This is https in any case. - proxy_set_header X-Forwarded-Proto https; - # Hide the X-Forwarded header. - proxy_hide_header X-Forwarded; - # Assume we are the only Reverse Proxy (well using Proxy Protocol, but that - # is transparent). - # Also provide "_hidden" for by, since it's not relevant. - proxy_set_header Forwarded "for=$remote_addr;proto=https;host=$host;by=_hidden"; - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - - location / { - proxy_pass http://127.0.0.1:3000/; - } -} diff --git a/resources/z9/waybackproxy/docker_compose/compose.yaml.j2 b/resources/z9/waybackproxy/docker_compose/compose.yaml.j2 deleted file mode 100644 index 52d57df..0000000 --- a/resources/z9/waybackproxy/docker_compose/compose.yaml.j2 +++ /dev/null @@ -1,10 +0,0 @@ -services: - # https://github.com/richardg867/WaybackProxy - waybackproxy: - image: cttynul/waybackproxy:latest@sha256:e001d5b1d746522cd1ab2728092173c0d96f08086cbd3e49cdf1e298b8add22e - environment: - DATE: 19990101 - DATE_TOLERANCE: 730 - ports: - - "1999:8888" - restart: unless-stopped diff --git a/resources/z9/waybackproxy/nginx/waybackproxy.ccchh.net.conf b/resources/z9/waybackproxy/nginx/waybackproxy.ccchh.net.conf deleted file mode 100644 index 7c616c7..0000000 --- a/resources/z9/waybackproxy/nginx/waybackproxy.ccchh.net.conf +++ /dev/null @@ -1,5 +0,0 @@ -# TODO: set up caching proxy - -# server { -# listen 1999 -# } diff --git a/resources/z9/yate/docker_compose/README.md b/resources/z9/yate/docker_compose/README.md deleted file mode 100644 index 1977f4f..0000000 --- a/resources/z9/yate/docker_compose/README.md +++ /dev/null @@ -1,12 +0,0 @@ -# Yate Configuration - -Yate has a [beginners guide](https://docs.yate.ro/wiki/Beginners_in_Yate). Otherwise, you need to refer to the [sample config files](https://github.com/eventphone/yate/tree/master/conf.d). - -For our limited setup, we only need three files: -* accfile.conf for defining SIP registrars that we want to register with (EPVPN, Fonial, and the Fux door intercom system) -* regexroute.conf for the call routing rules -* regfile.conf for the phones that connect to yate.ccchh.net - -## Docker Compose Setup - -yate runs as a container wiht host networking. The image is build through https://git.hamburg.ccc.de/CCCHH/yate-image, it is using the Eventphone fork of yate. \ No newline at end of file diff --git a/resources/z9/yate/docker_compose/accfile.conf.j2 b/resources/z9/yate/docker_compose/accfile.conf.j2 deleted file mode 100644 index 4ce65e3..0000000 --- a/resources/z9/yate/docker_compose/accfile.conf.j2 +++ /dev/null @@ -1,35 +0,0 @@ -; Yate will register to these SIP services -; see https://github.com/eventphone/yate/blob/master/conf.d/accfile.conf.sample - -[epvpn_ccchh] -enabled=yes -protocol=sip -description=Eventphone EPVPN CCCHH -username=1008 -authname=1008 -password={{ secret__yate__sip_trunk_epvpn }} -interval=120 -registrar=hg.eventphone.de -keepalive=1 - -[fonial_ccchh] -enabled=yes -protocol=sip -description=Fonial CCCHH -username=fo370381tr317349_00 -authname=fo370381tr317349_00 -password={{ secret__yate__sip_trunk_fonial }} -interval=120 -registrar=sip.plusnet.de -keepalive=1 - -[fux_intercom] -enabled=yes -protocol=sip -description=Fux Intercom CCCHH doorbell -username=1337 -authname=1337 -password={{ secret__yate__sip_trunk_fux }} -interval=120 -registrar=172.16.210.2 -keepalive=1 diff --git a/resources/z9/yate/docker_compose/compose.yaml.j2 b/resources/z9/yate/docker_compose/compose.yaml.j2 deleted file mode 100644 index c39afa4..0000000 --- a/resources/z9/yate/docker_compose/compose.yaml.j2 +++ /dev/null @@ -1,20 +0,0 @@ ---- - -services: - yate: - image: git.hamburg.ccc.de/ccchh/yate-image/yate-image:latest@sha256:66f77d63dc52c9aeb09481e48b9d62f5f95439f86eab3766fce94daea7b2e26a - # command: - # - sh - # - "-c" - # - "while :; do sleep 10; done" - environment: - DEBUG: true - network_mode: host - # ports: - # - "127.0.0.1:3000:3000" - restart: unless-stopped - volumes: - - ./configs/accfile.conf:/opt/yate/etc/yate/accfile.conf - - ./configs/regexroute.conf:/opt/yate/etc/yate/regexroute.conf - - ./configs/regfile.conf:/opt/yate/etc/yate/regfile.conf - - ./lib-yate:/var/lib/yate \ No newline at end of file diff --git a/resources/z9/yate/docker_compose/regexroute.conf.j2 b/resources/z9/yate/docker_compose/regexroute.conf.j2 deleted file mode 100644 index aeecf6b..0000000 --- a/resources/z9/yate/docker_compose/regexroute.conf.j2 +++ /dev/null @@ -1,100 +0,0 @@ -; Call routing -; see https://github.com/eventphone/yate/blob/master/conf.d/regexroute.conf.sample - -[priorities] -; route: int: Priority of the routing message handler -route=90 - -[contexts] - ; INBOUND CALLS: -${called}^1337$=inbound_fux -${called}^1008$=inbound_epvpn -${called}^04023830150$=inbound_fonial -${called}^fo370381tr317349_00$=inbound_fonial -;${called}.*=inbound - -;^[0-9]\{4\}$=inbound ; Calls from 4 digit numbers: EPVPN -;^+\?[0-9]\{5,\}$=inbound ; Calls from longer numbers, optionally starting with + -;^*\{1,2\}[0-9]\{1,3\}$=inbound ; Internal fritzbox calls - - ; OUTBOUND CALLS: -^[0-9]\{3\}=outbound -^[a-z0-9]\{4,\}=outbound ; calls from internal users - -^.*$=fallback ; Whatever calls managed to not be handled yet - -[default] ; unused -^.*$=echo [default]"\0" - -[test] ; unused -^.*$=echo [test] "\0" -^99991001$=tone/dial -^99991002$=tone/busy -^99991003$=tone/ring -^99991004$=tone/specdial -^99991005$=tone/congestion -^99991006$=tone/outoforder -^99991007$=tone/milliwatt -^99991008$=tone/info - -; DEBUG HELPER -; ^.*$=echo match \0 adr ${address} src ${callsource} form ${formats} id ${id} peer ${peerid} type ${type} user ${username} caller ${caller} called ${called} - -^[0-9]\{1,2\}$=return;called=\0 - - -[outbound] ; Calls from internal users -^.*$=echo [outbound] "\0" ${caller}->${called} ; log for debug -^[0-9]\{3\}$=jump internal -^[0-9]\{1,2\}$=jump z9 ; To internal -> z9 -^.*$=echo [outbound] "\0" ${caller}->${called} ; log for debug -^.*$=line/\0;line=epvpn_ccchh ; Route everything (.*) to the specified accfile line - -[inbound_epvpn] -^.*$=echo [inbound_epvpn] ${caller}->${called} -^.*$=return;callername=EPVPN ${caller};called=0 ; TODO which extension do we want to route to? - -[inbound_fux] -^.*$=echo [inbound_fux] ${caller}->${called} -^.*$=return;callername=Door ${caller};called=0 ; TODO which extension do we want to route to? - -[inbound_fonial] -^.*$=echo [inbound_fonial] ${caller}->${called} -^.*$=return;callername=Fonial ${caller};called=0 ; TODO which extension do we want to route to? - -[inbound] ; Calls from EPVPN or outside world -^.*$=echo [inbound] "\0" ${caller}->${called} user:${user} callername:${callername} callsource:${callsource} ; log -^.*$=return;callername=EXTERN ${caller};called=0 ; set call recipient to 0 (shared alias between - ; all clients in regfile.conf - -[internal] -^.*$=echo [internal] "\0" ${caller}->${called} -^110$=line/110;line=fonial_ccchh -^112$=line/112;line=fonial_ccchh -^115$=line/040115;line=fonial_ccchh -^911$=line/112;line=fonial_ccchh -^999$=line/112;line=fonial_ccchh -; ^119$=line/01753288861;line=fonial_ccchh ; testing only stb cell number -^.*$=return;called=\0 - -[z9] ; Internal calls -^.*$=echo [z9] "\0" ${caller}->${called} ; log - - ; test service numbers -^91$=sip/sip:ha@10.31.208.10:5060; called=ha;format=opus ; Homeassistant -^98$=external/playrec/echo.sh ; Echotest -^99$=external/play/tts.sh;mode=text;text=Hallo Hallo Hallo ; TTS test - -^.*$=return;called=\0 ; Any remaining internal calls to all - ; Context: Calls to regfile.conf aliases are always - ; handled directly and should never get here - - -[special] -^.*$=echo [special] "\0" -^.*$=tone/info - -[fallback] -^.*$=echo [fallback] \0 adr ${address} src ${callsource} form ${formats} id ${id} peer ${peerid} type ${type} user ${username} caller ${caller} called ${called} -^*\{1,2\}[0-9]\{1,3\}$=jump outbound -^.*$=tone/busy diff --git a/resources/z9/yate/docker_compose/regfile.conf.j2 b/resources/z9/yate/docker_compose/regfile.conf.j2 deleted file mode 100644 index 95cf70d..0000000 --- a/resources/z9/yate/docker_compose/regfile.conf.j2 +++ /dev/null @@ -1,37 +0,0 @@ -; YATE offers registration to these SIP devices (ie. phones) -; see https://github.com/eventphone/yate/blob/master/conf.d/regfile.conf.sample - -route=100 -file=/var/lib/yate/regfile.swap - -[501] -password={{ secret__yate__sip_extension_legacy }} -alternatives=0,1008,1337 -callername=Legacy -# Yealink im großen Raum am Fenster - -[502] -password={{ secret__yate__sip_extension_flausch}} -alternatives=0,1008,1337 -callername=Flausch -# Yealink im großen Raum am Sofa - -[503] -password={{ secret__yate__sip_extension_ewerkstatt }} -alternatives=0,1008,1337 -callername=E-Werkstatt -# Yealink in der E-Werkstatt - -[610] -password={{ secret__yate__sip_extension_fritzbox_dect1 }} -alternatives=0,1008,1337 -callername=DECT-1 - -[611] -password={{ secret__yate__sip_extension_fritzbox_dect2 }} -alternatives=0,1008,1337 -callername=DECT-2 - -[100] -password=test100 -callername=stb 100 diff --git a/roles/ansible_pull/README.md b/roles/ansible_pull/README.md deleted file mode 100644 index cf90e60..0000000 --- a/roles/ansible_pull/README.md +++ /dev/null @@ -1,22 +0,0 @@ -# `ansible_pull` role - -A role for setting up automatic `ansible_pull` runs. - -## Supported Distributions - -Should work on Debian-based distributions. - -## Required Arguments - -- `ansible_pull__age_private_key`: The age private key to use to decrypt SOPS secrets with. -- `ansible_pull__repo_url`: The URL of the repo to run the playbook from. -- `ansible_pull__inventory`: The inventory to use. -- `ansible_pull__playbook`: The playbook to run. -- `ansible_pull__timer_on_calendar`: When to run the playbook. This is the argument to a systemd timers OnCalendar. See the systemd.time man page for reference. -- `ansible_pull__failure_notification_address`: The address to send the failure notification to. - -## Optional Arguments - -- `ansible_pull__user`: The user to run `ansible_pull` as. Defaults to `ansible_user`. -- `ansible_pull__checkout`: The branch/tag/commit to check out to run the playbook from. Defaults to `main`. -- `ansible_pull__timer_randomized_delay_sec`: The timer will be randomly delayed by a value between 0 and this. Useful to not have all timers fire at the same time, even if `ansible_pull__timer_on_calendar` is the same. Time value in seconds. Defaults to 0. diff --git a/roles/ansible_pull/defaults/main.yaml b/roles/ansible_pull/defaults/main.yaml deleted file mode 100644 index 3b9acb2..0000000 --- a/roles/ansible_pull/defaults/main.yaml +++ /dev/null @@ -1,3 +0,0 @@ -ansible_pull__user: "{{ ansible_user }}" -ansible_pull__checkout: "main" -ansible_pull__timer_randomized_delay_sec: "0" diff --git a/roles/ansible_pull/handlers/main.yaml b/roles/ansible_pull/handlers/main.yaml deleted file mode 100644 index ada2426..0000000 --- a/roles/ansible_pull/handlers/main.yaml +++ /dev/null @@ -1,4 +0,0 @@ -- name: systemd daemon reload - ansible.builtin.systemd_service: - daemon_reload: true - become: true diff --git a/roles/ansible_pull/meta/argument_specs.yaml b/roles/ansible_pull/meta/argument_specs.yaml deleted file mode 100644 index 682fdcd..0000000 --- a/roles/ansible_pull/meta/argument_specs.yaml +++ /dev/null @@ -1,30 +0,0 @@ -argument_specs: - main: - options: - ansible_pull__age_private_key: - type: str - required: true - ansible_pull__repo_url: - type: str - required: true - ansible_pull__inventory: - type: str - required: true - ansible_pull__playbook: - type: str - required: true - ansible_pull__timer_on_calendar: - type: str - required: true - ansible_pull__failure_notification_address: - type: str - required: true - ansible_pull__user: - type: str - required: false - ansible_pull__checkout: - type: str - required: false - ansible_pull__timer_randomized_delay_sec: - type: str - required: false diff --git a/roles/ansible_pull/meta/main.yaml b/roles/ansible_pull/meta/main.yaml deleted file mode 100644 index 25aaf90..0000000 --- a/roles/ansible_pull/meta/main.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -dependencies: - - role: msmtp diff --git a/roles/ansible_pull/tasks/main.yaml b/roles/ansible_pull/tasks/main.yaml deleted file mode 100644 index 5abcd10..0000000 --- a/roles/ansible_pull/tasks/main.yaml +++ /dev/null @@ -1,83 +0,0 @@ -- name: ensure dependencies are installed - block: - - name: ensure apt dependencies are installed - ansible.builtin.apt: - name: - - virtualenv - - git - state: present - become: true - - - name: ensure SOPS is installed - ansible.builtin.include_role: - name: community.sops.install - -# https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html#installing-and-upgrading-ansible-with-pip -# https://www.redhat.com/en/blog/python-venv-ansible -- name: ensure Ansible installation exists - ansible.builtin.pip: - name: - - ansible - - jmespath - state: present - virtualenv: /usr/local/lib/ansible_pull_venv - become: true - -- name: ensure ansible-pull-failure-notify script installation exists - ansible.builtin.template: - src: ansible-pull-failure-notify.sh.j2 - dest: /usr/local/sbin/ansible-pull-failure-notify.sh - owner: root - group: root - mode: "0755" - become: true - -- name: ensure secrets directory exists - ansible.builtin.file: - path: /etc/ansible_pull_secrets - state: directory - mode: "0750" - owner: root - group: "{{ ansible_pull__user }}" - become: true - -- name: ensure age private key is deployed - ansible.builtin.copy: - content: "{{ ansible_pull__age_private_key }}" - dest: /etc/ansible_pull_secrets/age_private_key - mode: "0640" - owner: root - group: "{{ ansible_pull__user }}" - become: true - -- name: ensure systemd services exists - ansible.builtin.template: - src: "{{ item }}.j2" - dest: "/etc/systemd/system/{{ item }}" - owner: root - group: root - mode: "0644" - become: true - loop: - - ansible-pull.service - - ansible-pull-failure-notify.service - notify: - - systemd daemon reload - -- name: ensure systemd timer exists - ansible.builtin.template: - src: ansible-pull.timer.j2 - dest: /etc/systemd/system/ansible-pull.timer - owner: root - group: root - mode: "0644" - become: true - notify: - - systemd daemon reload - -- name: ensure systemd timer is started and enabled - ansible.builtin.systemd_service: - name: ansible-pull.timer - state: started - enabled: true - become: true diff --git a/roles/ansible_pull/templates/ansible-pull-failure-notify.service.j2 b/roles/ansible_pull/templates/ansible-pull-failure-notify.service.j2 deleted file mode 100644 index fa5d471..0000000 --- a/roles/ansible_pull/templates/ansible-pull-failure-notify.service.j2 +++ /dev/null @@ -1,7 +0,0 @@ -[Unit] -Description=ansible-pull failure notifier - -[Service] -Type=oneshot -ExecStart=/usr/local/sbin/ansible-pull-failure-notify.sh -User=root diff --git a/roles/ansible_pull/templates/ansible-pull-failure-notify.sh.j2 b/roles/ansible_pull/templates/ansible-pull-failure-notify.sh.j2 deleted file mode 100644 index fe7dbc8..0000000 --- a/roles/ansible_pull/templates/ansible-pull-failure-notify.sh.j2 +++ /dev/null @@ -1,17 +0,0 @@ -#!/usr/bin/env bash - -# Ideally we would use --invocation instead of --since, but this isn't supported in the systemd version Debian 12 ships. -ANSIBLE_PULL_LOG=$(journalctl --unit=ansible-pull --identifier=ansible-pull --since=-6h --output=cat) - -MESSAGE="Subject: [{{ inventory_hostname }}] ansible-pull: execution failure - -An error occured during the ansible-pull execution. - -Logs: -""$ANSIBLE_PULL_LOG"" - -To view the logs yourself run: -journalctl --unit=ansible-pull --identifier=ansible-pull -e -" - -printf "$MESSAGE" | msmtp '{{ ansible_pull__failure_notification_address }}' diff --git a/roles/ansible_pull/templates/ansible-pull.service.j2 b/roles/ansible_pull/templates/ansible-pull.service.j2 deleted file mode 100644 index b344505..0000000 --- a/roles/ansible_pull/templates/ansible-pull.service.j2 +++ /dev/null @@ -1,22 +0,0 @@ -[Unit] -Description=ansible-pull for configuration and maintenance -After=network-online.target -Wants=network-online.target -OnFailure=ansible-pull-failure-notify.service - -[Service] -Type=oneshot -Environment="SOPS_AGE_KEY_FILE=/etc/ansible_pull_secrets/age_private_key" -ExecStartPre=/usr/bin/bash -c 'if [ ! -e /home/chaos/ansible_pull_checkout ]; then git clone --depth 1 "{{ ansible_pull__repo_url }}" /home/chaos/ansible_pull_checkout ; fi' -ExecStartPre=/usr/local/lib/ansible_pull_venv/bin/ansible-galaxy role install -r /home/chaos/ansible_pull_checkout/requirements.yml -ExecStartPre=/usr/local/lib/ansible_pull_venv/bin/ansible-galaxy collection install -r /home/chaos/ansible_pull_checkout/requirements.yml -ExecStart=/usr/local/lib/ansible_pull_venv/bin/ansible-pull \ - --directory /home/chaos/ansible_pull_checkout \ - --clean \ - --url "{{ ansible_pull__repo_url }}" \ - --checkout "{{ ansible_pull__checkout }}" \ - --inventory "{{ ansible_pull__inventory }}" \ - "{{ ansible_pull__playbook }}" -User={{ ansible_pull__user }} -# Reboot, if /var/run/reboot-required or /var/run/ansible-reboot-required exist. -ExecStartPost=/usr/bin/bash -c 'if [ -e /var/run/reboot-required ] || [ -e /var/run/ansible-reboot-required ]; then sudo systemctl reboot; fi' diff --git a/roles/ansible_pull/templates/ansible-pull.timer.j2 b/roles/ansible_pull/templates/ansible-pull.timer.j2 deleted file mode 100644 index 24bc8ba..0000000 --- a/roles/ansible_pull/templates/ansible-pull.timer.j2 +++ /dev/null @@ -1,9 +0,0 @@ -[Unit] -Description=ansible-pull for configuration and maintenance on a timer - -[Timer] -OnCalendar={{ ansible_pull__timer_on_calendar }} -RandomizedDelaySec={{ ansible_pull__timer_randomized_delay_sec }} - -[Install] -WantedBy=timers.target diff --git a/roles/apt_update_and_upgrade/handlers/main.yaml b/roles/apt_update_and_upgrade/handlers/main.yaml index 4af18be..001bbe4 100644 --- a/roles/apt_update_and_upgrade/handlers/main.yaml +++ b/roles/apt_update_and_upgrade/handlers/main.yaml @@ -1,5 +1,3 @@ - name: reboot the system - ansible.builtin.include_tasks: "../../reboot/tasks/main.yaml" - vars: - # Simply don't reboot on local connections and rely on proper handling of /var/run/reboot-required. - reboot__local_handling: ignore + become: true + ansible.builtin.reboot: diff --git a/roles/deploy_ssh_server_config/docs/Debian_13_cloud_2025-10-17_default_etc_ssh_sshd_config b/roles/deploy_ssh_server_config/docs/Debian_13_cloud_2025-10-17_default_etc_ssh_sshd_config deleted file mode 100644 index 4ab41aa..0000000 --- a/roles/deploy_ssh_server_config/docs/Debian_13_cloud_2025-10-17_default_etc_ssh_sshd_config +++ /dev/null @@ -1,125 +0,0 @@ - -# This is the sshd server system-wide configuration file. See -# sshd_config(5) for more information. - -# This sshd was compiled with PATH=/usr/local/bin:/usr/bin:/bin:/usr/games - -# The strategy used for options in the default sshd_config shipped with -# OpenSSH is to specify options with their default value where -# possible, but leave them commented. Uncommented options override the -# default value. - -Include /etc/ssh/sshd_config.d/*.conf - -#Port 22 -#AddressFamily any -#ListenAddress 0.0.0.0 -#ListenAddress :: - -#HostKey /etc/ssh/ssh_host_rsa_key -#HostKey /etc/ssh/ssh_host_ecdsa_key -#HostKey /etc/ssh/ssh_host_ed25519_key - -# Ciphers and keying -#RekeyLimit default none - -# Logging -#SyslogFacility AUTH -#LogLevel INFO - -# Authentication: - -#LoginGraceTime 2m -#PermitRootLogin prohibit-password -#StrictModes yes -#MaxAuthTries 6 -#MaxSessions 10 - -#PubkeyAuthentication yes - -# Expect .ssh/authorized_keys2 to be disregarded by default in future. -#AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2 - -#AuthorizedPrincipalsFile none - -#AuthorizedKeysCommand none -#AuthorizedKeysCommandUser nobody - -# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts -#HostbasedAuthentication no -# Change to yes if you don't trust ~/.ssh/known_hosts for -# HostbasedAuthentication -#IgnoreUserKnownHosts no -# Don't read the user's ~/.rhosts and ~/.shosts files -#IgnoreRhosts yes - -# To disable tunneled clear text passwords, change to "no" here! -PasswordAuthentication no -#PermitEmptyPasswords no - -# Change to "yes" to enable keyboard-interactive authentication. Depending on -# the system's configuration, this may involve passwords, challenge-response, -# one-time passwords or some combination of these and other methods. -# Beware issues with some PAM modules and threads. -KbdInteractiveAuthentication no - -# Kerberos options -#KerberosAuthentication no -#KerberosOrLocalPasswd yes -#KerberosTicketCleanup yes -#KerberosGetAFSToken no - -# GSSAPI options -#GSSAPIAuthentication no -#GSSAPICleanupCredentials yes -#GSSAPIStrictAcceptorCheck yes -#GSSAPIKeyExchange no - -# Set this to 'yes' to enable PAM authentication, account processing, -# and session processing. If this is enabled, PAM authentication will -# be allowed through the KbdInteractiveAuthentication and -# PasswordAuthentication. Depending on your PAM configuration, -# PAM authentication via KbdInteractiveAuthentication may bypass -# the setting of "PermitRootLogin prohibit-password". -# If you just want the PAM account and session checks to run without -# PAM authentication, then enable this but set PasswordAuthentication -# and KbdInteractiveAuthentication to 'no'. -UsePAM yes - -#AllowAgentForwarding yes -#AllowTcpForwarding yes -#GatewayPorts no -X11Forwarding yes -#X11DisplayOffset 10 -#X11UseLocalhost yes -#PermitTTY yes -PrintMotd no -#PrintLastLog yes -#TCPKeepAlive yes -#PermitUserEnvironment no -#Compression delayed -#ClientAliveInterval 0 -#ClientAliveCountMax 3 -#UseDNS no -#PidFile /run/sshd.pid -#MaxStartups 10:30:100 -#PermitTunnel no -#ChrootDirectory none -#VersionAddendum none - -# no default banner path -#Banner none - -# Allow client to pass locale and color environment variables -AcceptEnv LANG LC_* COLORTERM NO_COLOR - -# override default of no subsystems -Subsystem sftp /usr/lib/openssh/sftp-server - -# Example of overriding settings on a per-user basis -#Match User anoncvs -# X11Forwarding no -# AllowTcpForwarding no -# PermitTTY no -# ForceCommand cvs server -ClientAliveInterval 120 diff --git a/roles/deploy_ssh_server_config/handlers/main.yaml b/roles/deploy_ssh_server_config/handlers/main.yaml index 721a348..001bbe4 100644 --- a/roles/deploy_ssh_server_config/handlers/main.yaml +++ b/roles/deploy_ssh_server_config/handlers/main.yaml @@ -1,5 +1,3 @@ -- name: restart the ssh service - ansible.builtin.systemd: - name: ssh.service - state: restarted +- name: reboot the system become: true + ansible.builtin.reboot: diff --git a/roles/deploy_ssh_server_config/tasks/main.yaml b/roles/deploy_ssh_server_config/tasks/main.yaml index dbbf76e..f5d00f5 100644 --- a/roles/deploy_ssh_server_config/tasks/main.yaml +++ b/roles/deploy_ssh_server_config/tasks/main.yaml @@ -12,7 +12,8 @@ group: root src: sshd_config.j2 notify: - - restart the ssh service + # Reboot instead of just restarting the ssh service, since I don't know how Ansible reacts, when it restarts the service it probably needs for the connection. + - reboot the system - name: deactivate short moduli ansible.builtin.shell: @@ -27,8 +28,9 @@ mv /etc/ssh/moduli.tmp /etc/ssh/moduli echo "ansible-changed: changed /etc/ssh/moduli" fi - register: deploy_ssh_server_config__result + register: result changed_when: - - '"ansible-changed" in deploy_ssh_server_config__result.stdout' + - '"ansible-changed" in result.stdout' notify: - - restart the ssh service + # Reboot instead of just restarting the ssh service, since I don't know how Ansible reacts, when it restarts the service it probably needs for the connection. + - reboot the system diff --git a/roles/docker_compose/README.md b/roles/docker_compose/README.md index d3204ec..d407a62 100644 --- a/roles/docker_compose/README.md +++ b/roles/docker_compose/README.md @@ -1,8 +1,8 @@ # Role `docker_compose` A role for deploying a Docker-Compose-based application. -It deploys the given Compose file, an optional `.env` file, as well as configuration files to the specified hosts and makes sure all services are up-to-date and running. -The Compose file gets deployed to `/ansible_docker_compose/compose.yaml`, the `.env` file to `/ansible_docker_compose/.env` and the configuration files get deployed into the `/ansible_docker_compose/configs/` directory. +It deploys the given Compose file as well as configuration files to the specified hosts and makes sure all services are up-to-date and running. +The Compose file gets deployed to `/ansible_docker_compose/compose.yaml` and the configuration files get deployed into the `/ansible_docker_compose/configs/` directory. A use case for the deployment of the additional configuration files is Composes top-level element `configs` in conjunction with the `configs` option for services. ## Supported Distributions diff --git a/roles/docker_compose/defaults/main.yaml b/roles/docker_compose/defaults/main.yaml index 1312972..76831d6 100644 --- a/roles/docker_compose/defaults/main.yaml +++ b/roles/docker_compose/defaults/main.yaml @@ -1,2 +1 @@ docker_compose__configuration_files: [ ] -docker_compose__restart_cmd: "" diff --git a/roles/docker_compose/handlers/main.yaml b/roles/docker_compose/handlers/main.yaml index 49e064c..96c5ab3 100644 --- a/roles/docker_compose/handlers/main.yaml +++ b/roles/docker_compose/handlers/main.yaml @@ -4,10 +4,3 @@ chdir: /ansible_docker_compose become: true changed_when: true # This is always changed. -- name: docker compose reload script - ansible.builtin.command: - cmd: /usr/bin/docker compose {{ docker_compose__restart_cmd }} - chdir: /ansible_docker_compose - become: true - changed_when: true # Mark this as always changed (for now?). - when: docker_compose__restart_cmd != "" diff --git a/roles/docker_compose/meta/argument_specs.yaml b/roles/docker_compose/meta/argument_specs.yaml index c588ba0..81ce504 100644 --- a/roles/docker_compose/meta/argument_specs.yaml +++ b/roles/docker_compose/meta/argument_specs.yaml @@ -7,12 +7,6 @@ argument_specs: `/ansible_docker_compose/compose.yaml`. type: str required: true - docker_compose__env_file_content: - description: >- - The content of the .env file at - `/ansible_docker_compose/.env`. - type: str - required: false docker_compose__configuration_files: description: >- A list of configuration files to be deployed in the diff --git a/roles/docker_compose/tasks/main.yaml b/roles/docker_compose/tasks/main.yaml index 7b01304..d11d826 100644 --- a/roles/docker_compose/tasks/main.yaml +++ b/roles/docker_compose/tasks/main.yaml @@ -17,17 +17,6 @@ become: true notify: docker compose down -- name: deploy the .env file - ansible.builtin.copy: - content: "{{ docker_compose__env_file_content }}" - dest: /ansible_docker_compose/.env - mode: "0644" - owner: root - group: root - become: true - when: docker_compose__env_file_content is defined - notify: docker compose down - - name: make sure the `/ansible_docker_compose/configs` directory exists ansible.builtin.file: path: /ansible_docker_compose/configs @@ -71,7 +60,6 @@ become: true loop: "{{ docker_compose__configuration_files }}" # notify: docker compose down - notify: docker compose reload script - name: Flush handlers to make "docker compose down" handler run now ansible.builtin.meta: flush_handlers diff --git a/roles/msmtp/README.md b/roles/msmtp/README.md deleted file mode 100644 index e333527..0000000 --- a/roles/msmtp/README.md +++ /dev/null @@ -1,21 +0,0 @@ -# Role `msmtp` - -A role for setting up msmtp for mail sending. - -The role only supports mail servers supporting either STARTTLS or SMTPS. - -## Supported Distributions - -Should work on Debian-based distributions. - -## Required Arguments - -- `msmtp__smtp_host`: The SMTP host to use. -- `msmtp__smtp_port`: The SMTP port to use. -- `msmtp__smtp_tls_method`: The SMTP TLS method to use. - Possible choices: - - `starttls`: Use STARTTLS to connect to the server. - - `smtps`: Use SMTPS to connect to the server. -- `msmtp__smtp_user`: The SMTP user to use for authentication. -- `msmtp__smtp_password`: The SMTP password to use for authentication. -- `msmtp__smtp_from`: The SMTP from address to use when sending mails. diff --git a/roles/msmtp/meta/argument_specs.yaml b/roles/msmtp/meta/argument_specs.yaml deleted file mode 100644 index 84f940f..0000000 --- a/roles/msmtp/meta/argument_specs.yaml +++ /dev/null @@ -1,24 +0,0 @@ -argument_specs: - main: - options: - msmtp__smtp_host: - type: str - required: true - msmtp__smtp_port: - type: int - required: true - msmtp__smtp_tls_method: - type: str - required: true - choices: - - "starttls" - - "smtps" - msmtp__smtp_user: - type: str - required: true - msmtp__smtp_password: - type: str - required: true - msmtp__smtp_from: - type: str - required: true diff --git a/roles/msmtp/tasks/main.yaml b/roles/msmtp/tasks/main.yaml deleted file mode 100644 index 7689ddc..0000000 --- a/roles/msmtp/tasks/main.yaml +++ /dev/null @@ -1,14 +0,0 @@ -- name: ensure msmtp is installed - ansible.builtin.apt: - name: msmtp - state: present - become: true - -- name: ensure msmtp config for root user - ansible.builtin.template: - src: msmtprc.j2 - dest: /root/.msmtprc - owner: root - group: root - mode: "0600" - become: true diff --git a/roles/msmtp/templates/msmtprc.j2 b/roles/msmtp/templates/msmtprc.j2 deleted file mode 100644 index 3c4faa7..0000000 --- a/roles/msmtp/templates/msmtprc.j2 +++ /dev/null @@ -1,17 +0,0 @@ -# ansible-managed - -# defaults -defaults -auth on -tls on - -# ansible-managed-account -account ansible-managed-account -host {{ msmtp__smtp_host }} -port {{ msmtp__smtp_port }} -tls_starttls {% if msmtp__smtp_tls_method == "starttls" %}on{% else %}off{% endif +%} -user {{ msmtp__smtp_user }} -password {{ msmtp__smtp_password }} -from {{ msmtp__smtp_from }} - -account default: ansible-managed-account diff --git a/roles/nginx/defaults/main.yaml b/roles/nginx/defaults/main.yaml index 2e56dac..e4d4fb0 100644 --- a/roles/nginx/defaults/main.yaml +++ b/roles/nginx/defaults/main.yaml @@ -4,5 +4,3 @@ nginx__deploy_logging_conf: true nginx__configurations: [ ] nginx__use_custom_nginx_conf: false nginx__custom_nginx_conf: "" -nginx__deploy_htpasswds: false -nginx__htpasswds: [ ] diff --git a/roles/nginx/meta/argument_specs.yaml b/roles/nginx/meta/argument_specs.yaml index f2cb1d7..866cb81 100644 --- a/roles/nginx/meta/argument_specs.yaml +++ b/roles/nginx/meta/argument_specs.yaml @@ -34,19 +34,3 @@ argument_specs: type: str required: false default: "" - nginx__deploy_htpasswds: - type: bool - required: false - default: false - nginx__htpasswds: - type: list - elements: dict - required: false - default: [ ] - options: - name: - type: str - required: true - content: - type: str - required: true diff --git a/roles/nginx/tasks/main/04_config_deploy.yaml b/roles/nginx/tasks/main/04_config_deploy.yaml index 7dba579..38dbfc1 100644 --- a/roles/nginx/tasks/main/04_config_deploy.yaml +++ b/roles/nginx/tasks/main/04_config_deploy.yaml @@ -131,20 +131,6 @@ label: "{{ item.name }}" notify: Restart nginx -- name: Ensure all given htpasswd files are deployed - when: nginx__deploy_htpasswds - ansible.builtin.copy: - content: "{{ item.content }}" - dest: "/etc/nginx/{{ item.name }}.htpasswd" - mode: "0644" - owner: root - group: root - become: true - loop: "{{ nginx__htpasswds }}" - loop_control: - label: "{{ item.name }}" - notify: Restart nginx - - name: Add names with suffixes from `nginx__configurations` to `nginx__config_files_to_exist` fact ansible.builtin.set_fact: nginx__config_files_to_exist: "{{ nginx__config_files_to_exist + [ item.name + '.conf' ] }}" # noqa: jinja[spacing] diff --git a/roles/reboot/README.md b/roles/reboot/README.md deleted file mode 100644 index 1aaa6a6..0000000 --- a/roles/reboot/README.md +++ /dev/null @@ -1,26 +0,0 @@ -# Role `reboot` - -A role for rebooting a host, which also handles local connections gracefully. - -## Optional Arguments - -- `reboot__local_handling`: How to handle reboot on local connections. The default mode is `none`. - Possible choices: - - `none`: Just runs `ansible.builtin.reboot`, which would fail on local connections. - - `ignore`: Just doesn't reboot on local connections. - - `file`: Doesn't reboot on local connections and instead touches the file defined by `reboot__local_handling_file`. -- `reboot__local_handling_file`: The file to touch, if `reboot__local_handling` is `file`. Defaults to `/var/run/ansible-reboot-required`. - -## Usage in a Handler - -Since a reboot should often be triggered from a handler and since handlers can't include or import roles, this roles logic can also be run by including the `main.yaml` task using `ansible.builtin.include_tasks` as a workaround. -When doing so, arguments should be specified explicitly as necessary (so at least `reboot__local_handling`) as the default role inclusion mechanisms like setting default values don't work. - -An example handler would look like this: - -```yaml -- name: reboot the system - ansible.builtin.include_tasks: "../../reboot/tasks/main.yaml" - vars: - reboot__local_handling: ignore -``` diff --git a/roles/reboot/defaults/main.yaml b/roles/reboot/defaults/main.yaml deleted file mode 100644 index dbcdd1b..0000000 --- a/roles/reboot/defaults/main.yaml +++ /dev/null @@ -1,2 +0,0 @@ -reboot__local_handling: none -reboot__local_handling_file: /var/run/ansible-reboot-required diff --git a/roles/reboot/meta/argument_specs.yaml b/roles/reboot/meta/argument_specs.yaml deleted file mode 100644 index 7bad88f..0000000 --- a/roles/reboot/meta/argument_specs.yaml +++ /dev/null @@ -1,13 +0,0 @@ -argument_specs: - main: - options: - reboot__local_handling: - type: str - required: false - choices: - - "none" - - "ignore" - - "file" - reboot__local_handling_file: - type: path - required: false diff --git a/roles/reboot/tasks/main.yaml b/roles/reboot/tasks/main.yaml deleted file mode 100644 index 791bf73..0000000 --- a/roles/reboot/tasks/main.yaml +++ /dev/null @@ -1,14 +0,0 @@ -- name: Reboot - ansible.builtin.reboot: - become: true - when: ansible_connection != "local" or reboot__local_handling == "none" - -- name: Touch a reboot required file - ansible.builtin.file: - path: "{{ reboot__local_handling_file }}" - state: touch - owner: root - group: root - mode: "0644" - become: true - when: ansible_connection == "local" and reboot__local_handling == "file" diff --git a/roles/renovate/README.md b/roles/renovate/README.md deleted file mode 100644 index f19a458..0000000 --- a/roles/renovate/README.md +++ /dev/null @@ -1,11 +0,0 @@ -# Role `renovate` - -A role for setting up [Renovate](https://docs.renovatebot.com/). - -## Supported Distributions - -Should work on Debian-based distributions. - -## Required Arguments - -- `renovate__config`: The Renovate config to deploy. diff --git a/roles/renovate/files/renovate.service b/roles/renovate/files/renovate.service deleted file mode 100644 index 6cb8f16..0000000 --- a/roles/renovate/files/renovate.service +++ /dev/null @@ -1,12 +0,0 @@ -[Unit] -Description=renovate -After=network-online.target -Wants=network-online.target - -[Service] -Type=oneshot -ExecStart=/usr/bin/docker run --rm \ - -v "/etc/renovate/config.js:/usr/src/app/config.js" \ - --mount "type=volume,src=renovate,dst=/tmp/renovate" \ - --env "RENOVATE_BASE_DIR=/tmp/renovate" \ - renovate/renovate diff --git a/roles/renovate/files/renovate.timer b/roles/renovate/files/renovate.timer deleted file mode 100644 index f7a3a63..0000000 --- a/roles/renovate/files/renovate.timer +++ /dev/null @@ -1,8 +0,0 @@ -[Unit] -Description=renovate running every 15 minutes - -[Timer] -OnCalendar=*-*-* *:00,15,30,45:00 - -[Install] -WantedBy=timers.target diff --git a/roles/renovate/handlers/main.yaml b/roles/renovate/handlers/main.yaml deleted file mode 100644 index ada2426..0000000 --- a/roles/renovate/handlers/main.yaml +++ /dev/null @@ -1,4 +0,0 @@ -- name: systemd daemon reload - ansible.builtin.systemd_service: - daemon_reload: true - become: true diff --git a/roles/renovate/meta/argument_specs.yaml b/roles/renovate/meta/argument_specs.yaml deleted file mode 100644 index 8be0fb1..0000000 --- a/roles/renovate/meta/argument_specs.yaml +++ /dev/null @@ -1,6 +0,0 @@ -argument_specs: - main: - options: - renovate__config: - type: str - required: true diff --git a/roles/renovate/meta/main.yaml b/roles/renovate/meta/main.yaml deleted file mode 100644 index cb7d8e0..0000000 --- a/roles/renovate/meta/main.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -dependencies: - - role: docker diff --git a/roles/renovate/tasks/main.yaml b/roles/renovate/tasks/main.yaml deleted file mode 100644 index f6988ab..0000000 --- a/roles/renovate/tasks/main.yaml +++ /dev/null @@ -1,46 +0,0 @@ -- name: ensure renovate config directory exists - ansible.builtin.file: - path: /etc/renovate - state: directory - owner: root - group: root - mode: "0755" - become: true - -- name: ensure renovate config - ansible.builtin.copy: - content: "{{ renovate__config }}" - dest: /etc/renovate/config.js - owner: root - group: root - mode: "0640" - become: true - -- name: ensure systemd service exists - ansible.builtin.copy: - src: renovate.service - dest: /etc/systemd/system/renovate.service - owner: root - group: root - mode: "0644" - become: true - notify: - - systemd daemon reload - -- name: ensure systemd timer exists - ansible.builtin.copy: - src: renovate.timer - dest: /etc/systemd/system/renovate.timer - owner: root - group: root - mode: "0644" - become: true - notify: - - systemd daemon reload - -- name: ensure systemd timer is started and enabled - ansible.builtin.systemd_service: - name: renovate.timer - state: started - enabled: true - become: true