CCCHH/ansible-infra
CCCHH/ansible-infra
4
2
Fork 0
Code Issues4 Pull requests1 Wiki Activity Actions

Compare commits

..

1 commit
main ... feature/ad

Author SHA1 Message Date
jtbx
614eebadba WIP router(host): initial config 2025-02-23 18:49:19 +01:00
82 changed files with 316 additions and 4666 deletions
.gitignore.sops.yamlREADME.mdansible.cfg
collections
requirements.yaml
docs
setting_up_secrets_using_sops_for_a_new_host.md
inventories
chaosknoten
host_vars
ccchoir.sops.yamlchaosknoten.yamlcloud.sops.yamlcloud.yamleh22-netbox.yamlgrafana.sops.yamlgrafana.yamlkeycloak.sops.yamlnetbox.sops.yamlnetbox.yamlntfy.sops.yamlntfy.yamlonlyoffice.sops.yamlpad.sops.yamlpretalx.sops.yamltickets.sops.yamlzammad.sops.yaml
hosts.yaml
z9
host_vars
dooris.sops.yamldooris.yamlyate.sops.yamlyate.yaml
hosts.yaml
playbooks
deploy.yamldeploy_hypervisor.yaml
resources
chaosknoten
ccchoir/docker_compose
compose.yaml.j2
cloud/nextcloud
config.php.j2extra_configuration.config.php.j2
eh22-netbox
netbox
configuration.py.j2
nginx
netbox.eh22.easterhegg.eu.conf
grafana
docker_compose
alertmanager.yaml.j2alertmanager_alert_templates.tmplcompose.yaml.j2grafana-datasource.ymlgrafana.ini.j2loki.yamlntfy-alertmanager-ccchh-critical.j2ntfy-alertmanager-ccchh.j2ntfy-alertmanager-fux-critical.j2ntfy-alertmanager-fux.j2prometheus.ymlprometheus_alerts.rules.yaml
nginx
grafana.hamburg.ccc.de.confloki.hamburg.ccc.de.confloki.htpasswd.j2metrics.hamburg.ccc.de.confmetrics.htpasswd.j2redirect.conf
keycloak
docker_compose
compose.yaml.j2
nginx
keycloak-admin.hamburg.ccc.de.conf
netbox/netbox
configuration.py.j2
ntfy/docker_compose
compose.yaml.j2server.yaml.j2
onlyoffice/docker_compose
compose.yaml.j2
pad/docker_compose
compose.yaml.j2
pretalx/docker_compose
compose.yaml.j2
public-reverse-proxy/nginx
acme_challenge.confnginx.conf
tickets/docker_compose
compose.yaml.j2pretix.cfg.j2
zammad/docker_compose
compose.yaml.j2
z9
dooris
docker_compose
compose.yaml.j2
nginx
dooris.ccchh.net.conf
yate/docker_compose
README.mdaccfile.conf.j2compose.yaml.j2regexroute.conf.j2regfile.conf.j2
roles
deploy_ssh_server_config
handlers
main.yaml
tasks
main.yaml
docker_compose
defaults
main.yaml
handlers
main.yaml
tasks
main.yaml
nginx
defaults
main.yaml
meta
argument_specs.yaml
tasks/main
04_config_deploy.yaml

1
.gitignore vendored
View file

@ -1 +0,0 @@
.ansible/

226
.sops.yaml
View file

@ -1,226 +0,0 @@
keys:
- &admin_gpg_djerun EF643F59E008414882232C78FFA8331EEB7D6B70
- &admin_gpg_stb F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
- &admin_gpg_jtbx 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
- &admin_gpg_yuri 87AB00D45D37C9E9167B5A5A333448678B60E505
- &admin_gpg_june 057870A2C72CD82566A3EC983695F4FCBCAE4912
- &admin_gpg_haegar F38C9D4228FC6F674E322D9C3326D914EB9B8F55
- &admin_gpg_dario 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
- &admin_gpg_echtnurich 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
- &admin_gpg_max 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
- &admin_gpg_c6ristian B71138A6A8964A3C3B8899857B4F70C356765BAB
- &admin_gpg_lilly D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
- &admin_gpg_langoor 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
creation_rules:
- path_regex: inventories/chaosknoten/host_vars/cloud.*
key_groups:
- pgp:
- *admin_gpg_djerun
- *admin_gpg_stb
- *admin_gpg_jtbx
- *admin_gpg_yuri
- *admin_gpg_june
- *admin_gpg_haegar
- *admin_gpg_dario
- *admin_gpg_echtnurich
- *admin_gpg_max
- *admin_gpg_c6ristian
- *admin_gpg_lilly
- *admin_gpg_langoor
- path_regex: inventories/chaosknoten/host_vars/keycloak.*
key_groups:
- pgp:
- *admin_gpg_djerun
- *admin_gpg_stb
- *admin_gpg_jtbx
- *admin_gpg_yuri
- *admin_gpg_june
- *admin_gpg_haegar
- *admin_gpg_dario
- *admin_gpg_echtnurich
- *admin_gpg_max
- *admin_gpg_c6ristian
- *admin_gpg_lilly
- *admin_gpg_langoor
- path_regex: inventories/chaosknoten/host_vars/grafana.*
key_groups:
- pgp:
- *admin_gpg_djerun
- *admin_gpg_stb
- *admin_gpg_jtbx
- *admin_gpg_yuri
- *admin_gpg_june
- *admin_gpg_haegar
- *admin_gpg_dario
- *admin_gpg_echtnurich
- *admin_gpg_max
- *admin_gpg_c6ristian
- *admin_gpg_lilly
- *admin_gpg_langoor
- path_regex: inventories/chaosknoten/host_vars/pad.*
key_groups:
- pgp:
- *admin_gpg_djerun
- *admin_gpg_stb
- *admin_gpg_jtbx
- *admin_gpg_yuri
- *admin_gpg_june
- *admin_gpg_haegar
- *admin_gpg_dario
- *admin_gpg_echtnurich
- *admin_gpg_max
- *admin_gpg_c6ristian
- *admin_gpg_lilly
- *admin_gpg_langoor
- path_regex: inventories/chaosknoten/host_vars/ccchoir.*
key_groups:
- pgp:
- *admin_gpg_djerun
- *admin_gpg_stb
- *admin_gpg_jtbx
- *admin_gpg_yuri
- *admin_gpg_june
- *admin_gpg_haegar
- *admin_gpg_dario
- *admin_gpg_echtnurich
- *admin_gpg_max
- *admin_gpg_c6ristian
- *admin_gpg_lilly
- *admin_gpg_langoor
- path_regex: inventories/chaosknoten/host_vars/pretalx.*
key_groups:
- pgp:
- *admin_gpg_djerun
- *admin_gpg_stb
- *admin_gpg_jtbx
- *admin_gpg_yuri
- *admin_gpg_june
- *admin_gpg_haegar
- *admin_gpg_dario
- *admin_gpg_echtnurich
- *admin_gpg_max
- *admin_gpg_c6ristian
- *admin_gpg_lilly
- *admin_gpg_langoor
- path_regex: inventories/chaosknoten/host_vars/netbox.*
key_groups:
- pgp:
- *admin_gpg_djerun
- *admin_gpg_stb
- *admin_gpg_jtbx
- *admin_gpg_yuri
- *admin_gpg_june
- *admin_gpg_haegar
- *admin_gpg_dario
- *admin_gpg_echtnurich
- *admin_gpg_max
- *admin_gpg_c6ristian
- *admin_gpg_lilly
- *admin_gpg_langoor
- path_regex: inventories/chaosknoten/host_vars/tickets.*
key_groups:
- pgp:
- *admin_gpg_djerun
- *admin_gpg_stb
- *admin_gpg_jtbx
- *admin_gpg_yuri
- *admin_gpg_june
- *admin_gpg_haegar
- *admin_gpg_dario
- *admin_gpg_echtnurich
- *admin_gpg_max
- *admin_gpg_c6ristian
- *admin_gpg_lilly
- *admin_gpg_langoor
- path_regex: inventories/chaosknoten/host_vars/onlyoffice.*
key_groups:
- pgp:
- *admin_gpg_djerun
- *admin_gpg_stb
- *admin_gpg_jtbx
- *admin_gpg_yuri
- *admin_gpg_june
- *admin_gpg_haegar
- *admin_gpg_dario
- *admin_gpg_echtnurich
- *admin_gpg_max
- *admin_gpg_c6ristian
- *admin_gpg_lilly
- *admin_gpg_langoor
- path_regex: inventories/chaosknoten/host_vars/zammad.*
key_groups:
- pgp:
- *admin_gpg_djerun
- *admin_gpg_stb
- *admin_gpg_jtbx
- *admin_gpg_yuri
- *admin_gpg_june
- *admin_gpg_haegar
- *admin_gpg_dario
- *admin_gpg_echtnurich
- *admin_gpg_max
- *admin_gpg_c6ristian
- *admin_gpg_lilly
- *admin_gpg_langoor
- path_regex: inventories/chaosknoten/host_vars/ntfy.*
key_groups:
- pgp:
- *admin_gpg_djerun
- *admin_gpg_stb
- *admin_gpg_jtbx
- *admin_gpg_yuri
- *admin_gpg_june
- *admin_gpg_haegar
- *admin_gpg_dario
- *admin_gpg_echtnurich
- *admin_gpg_max
- *admin_gpg_c6ristian
- *admin_gpg_lilly
- *admin_gpg_langoor
- path_regex: inventories/z9/host_vars/dooris.*
key_groups:
- pgp:
- *admin_gpg_djerun
- *admin_gpg_stb
- *admin_gpg_jtbx
- *admin_gpg_yuri
- *admin_gpg_june
- *admin_gpg_haegar
- *admin_gpg_dario
- *admin_gpg_echtnurich
- *admin_gpg_max
- *admin_gpg_c6ristian
- *admin_gpg_lilly
- *admin_gpg_langoor
- path_regex: inventories/z9/host_vars/yate.*
key_groups:
- pgp:
- *admin_gpg_djerun
- *admin_gpg_stb
- *admin_gpg_jtbx
- *admin_gpg_yuri
- *admin_gpg_june
- *admin_gpg_haegar
- *admin_gpg_dario
- *admin_gpg_echtnurich
- *admin_gpg_max
- *admin_gpg_c6ristian
- *admin_gpg_lilly
- *admin_gpg_langoor
- key_groups:
- pgp:
- *admin_gpg_djerun
- *admin_gpg_stb
- *admin_gpg_jtbx
- *admin_gpg_yuri
- *admin_gpg_june
- *admin_gpg_haegar
- *admin_gpg_dario
- *admin_gpg_echtnurich
- *admin_gpg_max
- *admin_gpg_c6ristian
- *admin_gpg_lilly
- *admin_gpg_langoor
stores:
yaml:
indent: 2

11
README.md
View file

@ -17,15 +17,10 @@ ansible-galaxy install -r requirements.yml
## Secrets
Generally try to avoid secrets (e.g. use SSH keys instead of passwords).
Grundsätzlich sollten Secrets vermieden werden. (Also z.B.: Nutze SSH Keys statt Passwort.)
Because secrets are nonetheless needed sometimes, we use [SOPS](https://github.com/getsops/sops) to securely store secrets in this repository.
SOPS encrypts secrets according to "creation rules" which are defined in the `.sops.yaml`.
Generally all secrets get encrypted for all GPG-keys of all members of the infrastructure team.
Ansible then has access to the secrets with the help of the [`community.sops.sops` vars plugin](https://docs.ansible.com/ansible/latest/collections/community/sops/docsite/guide.html#working-with-encrypted-variables), which is configured in this repository.
A local Ansible run then uses the locally available GPG-key to decrypt the secrets.
For a tutorial on how to set up secrets using SOPS for a new host, see [Setting Up Secrets Using SOPS for a New Host](./docs/setting_up_secrets_using_sops_for_a_new_host.md).
Da Secrets aber durchaus doch gebraucht werden, werden diese dann in diesem Repo direkt aus dem [password-store](https://git.hamburg.ccc.de/CCCHH/password-store) (meist aus einem Sub-Eintrag des `noc/` Ordners) geladen.
Dies geschieht mit Hilfe des `community.general.passwordstore` lookup Plugins.
## Playbook nur für einzelne Hosts ausführen

4
ansible.cfg
View file

@ -1,4 +1,6 @@
[defaults]
inventory = ./inventories/z9/hosts.yaml
pipelining = True
vars_plugins_enabled = host_group_vars,community.sops.sops
[passwordstore_lookup]
backend = pass

1
collections/requirements.yaml
View file

@ -1,4 +1,3 @@
---
collections:
- community.general
- grafana.grafana.alloy

20
docs/setting_up_secrets_using_sops_for_a_new_host.md
View file

@ -1,20 +0,0 @@
# Setting Up Secrets Using SOPS for a New Host
Because we're using the `community.sops.sops` vars plugin, the SOPS-encrypted secrets get stored in the inventory.
1. Add a new creation rule for the hosts `host_vars` file in the sops config at `.sops.yaml`.
It should probably hold all admin keys.
You can use existing creation rules as a reference.
2. Create a SOPS secrets file in the `host_vars` subdirectory of the relevant inventory.
The name of the file should be in the format `[HOSTNAME].sops.yaml` to get picked up by the vars plugin and to match the previously created creation rule.
This can be accomplished with a command similar to this:
```
sops inventories/[chaosknoten|z9]/host_vars/[HOSTNAME].secrets.yaml
```
3. With the editor now open, add the secrets you want to store.
Because we're using the `community.sops.sops` vars plugin, the stored secrets will be exposed as Ansible variables.
Also note that SOPS only encrypts the values, not the keys.
When now creating entries, try to adhere to the following variable naming convention:
- Prefix variable names with `secret__`, if they are intended to be used in a template file or similar. (e.g. `secret__netbox_secret_key: secret_value`)
- Otherwise, if the variable is directly consumed by a role or similar, directly set the variable. (e.g. `netbox__db_password: secret_value`)
4. Now that the secrets are stored, they are exposed as variables and can simply be used like any other variable.

221
inventories/chaosknoten/host_vars/ccchoir.sops.yaml
View file

@ -1,221 +0,0 @@
secret__mariadb_root_password: ENC[AES256_GCM,data:bevk9PiMUAP0YBYqpVw9PLEz9ITKVRQ44Q==,iv:Qjr3pOWzcDWUpJAakrn31OCcvcaciJLgS1Zp+YZPWPA=,tag:DB1l6lsy+aHa+U+QLAM3tg==,type:str]
secret__wordpress_db_password: ENC[AES256_GCM,data:QsvJ6NH4ySsfSsP3pWEx04vxjIph1Wk/jA==,iv:AnocV/jXawXPxQ0dLSw05b38ULQuU/RN2G21/1GpTmo=,tag:QlSCnuaQxCmJ3XO5jjX0zA==,type:str]
sops:
lastmodified: "2025-05-04T14:15:03Z"
mac: ENC[AES256_GCM,data:Za+XnpDu+WTMEUgZ3jnG9/4FOd/emfdiaLSGX+hfkuBSurlqFzVHpXqs4kyl96goOASevkiqCSXwk+DGGNTvSRDCoAH2jMfwUHh5mGHFwXKZFjraVnLidxyOkEg+YJ+tzJ9EHJ7MpQLYlHgGi8Xrc27n3+gpjni6+VhVYiLj4eQ=,iv:fQuTnJbsyNyphHZF6T9UF62jtA2wDrOxlPzW6XwsdNk=,tag:T8P100qKnYhNqr7oJaY6yQ==,type:str]
pgp:
- created_at: "2025-07-20T18:28:03Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAxK/JaB2/SdtAQ//W+DGA83YWISVMvmWTFLul74Enc5+o9It2JqVRBB0sRyv
VJAF65zi5AQ6k3SIyZYNf1Dy8eR3C6PBskw7juPrMuLKXA4NVWu9mLl34gB53zoL
9WnCoGLiF+1DhnkH2/YD8FoUytJn+7BhD6uthhWbYqeeOo6GDO0bKGuE0PIR4KSw
pHyP7+9B06IlNdWvU/2AqnaTyakFa0yHuNKVmtJ4qd7FfcXiJejuhedNaXLaPRg8
Z+dY6nt4F6rG4y9shUcTCR1rGDxgqB7aaZjm0vy5mCsefSisw/ptnASKqaz6ZXyJ
QQtI42wmzgw5zC6vXt+zixtEdyB/MmBaWbJkLsRIpu1frswI4inHy5GW/wJTyG7Z
C82Xih2R0kMbNV45lMrvDz+hBt1R7YBe2J30TavXBOEvXO5VfhOtFZDhYA0wdw0+
ykUWVvT6Wpai17m9CbVgjwK+RIDLAuRDQhX4+SDKPLoLycpswAUteYDovk3x5zjc
GdbyDo3iKfqpzO+sa8LpHQeL93A3TdYsq111Dbq/itM3EluTcMKE84A2J5zBOJ9p
nduMtPeS1Yqz/G66TF5BivI09duP2ayf49DsF/zrF0m9bWsvWPfWM2Rvrf5c7D6K
zldVilFNM8YAJOmbXJjW1kXzqgs7SjrQblp3fhxYgHx5w89K/VcyoC1sBo3XvwXS
XgFpgPJrG7xHbVwB8bJrG8cPsI74/FxZBtj/P64/Pjj8rT0hXYnzI56W371ihHJ/
Mnp8hTjGZrbzun/daNr7ejkxdD+1qBRqqT/WNzv/XcTDdUlYdok5qVkeBtE/S9M=
=aVMO
-----END PGP MESSAGE-----
fp: EF643F59E008414882232C78FFA8331EEB7D6B70
- created_at: "2025-07-20T18:28:03Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA6EyPtWBEI+2ARAAhhWtMl0Qhvctd2RjezkWE7albF7svgAJUoA4QFgPtjqy
IYhM/GDo1pL9gSydk1axJQPGsn2Z88QgYBuhkZBgLA9SiREgUwPKCsKvZ70bxzRS
hSLS7rykOmPFIobY3JjKnYCNFx1/6U/R6XdgzuHhr8Um8Cf5WWyYHmB5EuMm8Djv
AZJqChoE7KAFycuGWJGZxN039/rMzxdjPnaFlOmTpOPiyofICWLjA/6Y15EcxuJJ
ESsUEs1JXIdTGVZWC8UqGf75b0fQ2jxki1duil2nhr7N2mNYyrns/VGbfCq0113M
5X1e2iNq8lyjBfErdq90cG/QqGXe4sxtUwnRDIKaWbr0RhY9mBBjBLvOjDQ3d8Yo
PqyznHESPESwatIfFSt5qYQQN5MVwmbQ82OSDdkX0b59ouSq1cigWvCoPQ7x5sIa
UJc6ehFljDoYGx9mXzLv803Li9kToHH3lWXCmaDII+huvWFqrR07pD2gC0cEKSZt
ttBjJuWyfqHdWPaqEyJ6EZF6Bpf3Zsm+UDDb1S7aA4cjSIPOlqt0RoiMv1QSlnJP
JMg0QkEEWx9HHzcIPQbtCDyk3NxO1hPGlVLUSLYruTjB826LhxDDCfbfmBAdNsXo
+Qod3e1StlGGubpWbtP6PIcYKBs/XDvtPsxjiazkUalc8SbBUPipHuwohCuiAFXS
XgEZrSWbUdOCTQK2UoU57uTDjQKNytVbuxlTGNZ3Tn02Rkdutj4Qh/cK5vJlJ1pc
ckfsnDLIpRM03i82WMilXeWg/dhVzJgbn+WvUElC5kmWAHGgZhk96LO1ImQyS80=
=FJKu
-----END PGP MESSAGE-----
fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
- created_at: "2025-07-20T18:28:03Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAz5uSgHG2iMJAQ/+JHFiiwiZeW2wfe+6d7jDKtVyAoJiHB3FN2X8q6S1fsgj
17EzxQjyVTojsPSTe5Zap0sqc/h4O38jhpUpW5aS/c38KLscv366y3Au+hWHGodm
6OMlQBFKAB0x6uC7RqDnDKrT3p5mk/gKGIMZ2s6R2vayo/rZeHF52kQovkSDe/wE
6BtscMXYioarFwGb2dq9x2w6sdfQO8MPaDV+jhBOrLZWGXAB0g9H+f3Eh2fonfg5
3sHQRSoeYvVMSOFlLectJwP4iLQmgfEqBO35d/+ixD7M1gVt6PqOa4zt8NQPmEHB
5OfSrmeeakoXPyfClcfqpXuJP8jwzEtTmqEOySVwOKa4RboheyNG8ZTAU5gUcCgk
0iC4foeLdYXzghtHLsB0dt1XBBtpPMTwRUjmK9zj7J9aE4mPV+2ya70czvjgPQv7
cGM3oGS4g9jpn/HHBmGrQltAyLITbwnr+Oa2fjjSNxLN5aYoDDHO1nS/AaogFSQz
0dV44+qaBLpqPZebTKVe9xi2ifttgUzBMBwVwnj+byctdKTzwHDoO1csLnJvcRvu
ESbJURybe2vWuLIfydE9fjpv54mpDNbbQPFFsklX5qmlC8u4GELCO2/ckrR43a/R
b4yxxxZbMCjS+Pgmr5/SVDrgp+8JP4wv6lA74hNuLf+UY4Q7m59sROQyMTNdWuPS
XgHt1PC5OPzV0DZgJOsFgRUhW+W4On76XR8M9/fxmuV4ixGlcpci0xxrn45cc2br
DbRloABWVghOplhH1cw4MnlJ6CJOjvNhaHPSsAkyVezBtSjq8PhOeiUA/mzN2Ok=
=ZLtE
-----END PGP MESSAGE-----
fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
- created_at: "2025-07-20T18:28:03Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAw5vwmoEJHQ1AQ/9FqwSd/IuaNnWlVL0MgM1edU/tXNo6IrvCpeNLCJOaS+7
RvQIOsKUX7eaTCG6wUxvXPuzCgQ8bu8kpJ5fl2ntiOerj8GiAqfPWMc7zoNP2w3y
yWJ8yslGjqSw9rNjdsk5b88k16ohLdElS9A/fFrKwtB94gpLHbLXa98Nt+IB0O5L
Hmad8fbhCdICxEz0KQVIgC1WHBUyJ9BGoKJpwfjlx7aKBHXGkDweutZCuF9ZGYks
PmS/6EVY/ubXB3Qd5KpFPg9k7RQh8QraZZnASJIRJTZJxoiiB9gf86pXP26RUnhS
2vthDrVtABarp/cfS8lEA05SX9nNnKJ/qMU7l+kBaV9oiU4dfSNWG3SwSEyb9CzD
2QGUnOS8Os5HMd/RIH9ZFFdoLYYntAtiKiJCx8yrC0c88OnU2A4BsGZ/oeLmwWJI
KqPdH/6/NHSGvUUHENFEI+cNiEPdDUvH/Ak3/wE6BMe7z5/TXPyYz6QpiBr+npQm
rfufJBn/hxjAIC5Hd04JViGjp8cV966iGg9AhckYN8pwCHkd4kdqrFCdm3NmKgZ8
/fmPYyozeLyzp7ZjerExL+BMc+hNAlMhis4v7NH3WWA8t0yvZ1VTGfBObsYHyV/e
9QyYbWI4tqOMfhLOyv4KPDdL2X99gsL/OsT8u5cTVK1/20asm9XxuWDzVum+a1bS
XgEIa9iie/rP1dAILcMQQesATCBdxWTjyCADTIYhliK7WX/aQUuKil8RyLLJnznh
kfFiCI+FNRlAGGYLztzSsDgpkbe11g/zczDaS3m0+7Jxw1JWZtp/gQW96qO9XnA=
=yGeq
-----END PGP MESSAGE-----
fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
- created_at: "2025-07-20T18:28:03Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hF4DerEtaFuTeewSAQdAhYuNoHxnDoR3vYcXNS2t0aWAKFatN7yeBNugZ7rfqiYw
i/XO28FpFbyjlt53vshZwUrdz9qsG6mVdQ57D3aXXtEMP1yxH3FwmKmsQHQGM7VQ
0l4BT4uruLjE3clae+RU0cHcukKSuR4hEOqdUPcQDOWSV8tnboxtjsV34tkRbIZc
VJvLT8fM0tUWtzt0n7Paz9OHelKUtQ7eKlz2sWO+I49qCsZaE7dJ8WNRWonFu1ip
=w/sh
-----END PGP MESSAGE-----
fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912
- created_at: "2025-07-20T18:28:03Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAxjNhCKPP69fAQ/+NGGeGx82rYFDpMgxOWJpenco6LVzC6gjeHwThOynt6se
8AKQ38a4YhjUrAUudMr4kCVYRGqSEmWdHJPRG6pxET3sUNqNMLyvlBifxD/4VAi6
o8oNEaiVHMLBEK+zuIJ8l57RdFc/CKmBCGX6PC017ndshU9lAsVbZQt9xk4PkR+C
hBIKmRpZWe8CJBnTzZvG/PCHUU+fXDzUy89f0SOgUdtoNBUSHQcg0FrPvzh0BqNk
zkenQ4EgvkZ8eF0qXlGTmwZNfwD6KBB4qaHBNAZYUGU1CvtJ7FtrlmtpLmowF4l/
cE0K6HwbG4CADh9iBblSqMzpE8Iuk9kEn3IH/9E5Uggb1qtjmqtkQpCjl8M5LTHl
eoz2bvY0bAcQ6GZx3Nak5nosGYL2JHRQdewZd9lcnXoNzOCpV2ZwHiSjG7WVBKtV
iHcsPLOH7NNkLAtF56WyV9Z8n/mI4rISYRs142uezAz41cJEO73xzjUiAu1tjVZd
iNvplAqT01PPGLOI6ZqwT0cZQZkjl9qX1cMv1bSjBC01Y8t8iBwTxOFzv0gGLqw4
NjQjpPjWKSSAejYIdy5jY3XhQVkl3miPcC93MtOLR9GE6gwoAQCrJ0WqEh2pjt85
nFl8OYfA7UeFfO/C2XIeW7d/wU5Ec24gm4APqzw6rsAMLf91O71uJnrJ3uWkrmjS
XgGL7lFqTqFDpCASmTzNBspf9a3e/1kk+87DOzQG9YO4TsetYMWqJhsAzKRgg3U0
nVR3y2D48Y5ypVvbsQbFdz8ZI8H/1aQK62+YBjRGB2EOqHkK3+Uig8T0IyaVAow=
=4H45
-----END PGP MESSAGE-----
fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
- created_at: "2025-07-20T18:28:03Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA1Hthzn+T1OoAQ//W8i1bv4vXKxoegHrLH/HxHyDm7SJ2QNzcnTyNBMo3Z+u
sTce3jIwFvi6I4HCnHtGMf7bp7U4ORYN8yxeuLbvjTGD2v1Dmda2A1NPdRnjoy6Y
tLsjsz/FbT/3zea/OkdwZgeNTN4p+AQD9nd5oyAhN6XXcFmZwJ1IQegQtDADFDwY
zOSN9nH6cR1MWjy1ptZFYugAA3U/1WtFNq57G34+jMtszT2FUDHhDZz91PrkezlH
ZL4cPLejiaOS8Vm97D7kDsxo2yDTCtoypcaS330ANq1l03yrjjPjSoW9j+Hvhpzk
6I86vU+AVNBLtvPSYybo58En1HvI+7TlAz6Gq+UMup2wWE1kkEDAVwmzd6kyyq/z
Kr8Pd/iCHs0hoc1kx7xCXQ76qJFoSAHE+eqkmGJLxUolZ1XmsbZeYBcKSwslbMKB
8JHEnFjQtGbaXVf0RGjh7z4fzhYvehcN2NHBVt2/VG16xrjeUv/3xifvbnWrAa9L
xTIn126kWvX6mQjyEVRkZO5Ud/jVMcsW7sko2I74zhEtz27BBE/3Ms5WK7ZTVKiI
cWMnVn+NOB7sY9xn02fqe0oLXdBW0cnMjCLyWpdclq3odNJw5eKbaCUYm+Z7WG8p
DQOcPQ6ejXk7EW22VNFhedmUYJWMpDZImkbUOAo8XAN5KAVLy9D+Zu63eY5QjtzS
XgFBG6m9scVN7SYPyWxGZ8M7qKNqCezXmOSOWJpsYex4nFSIuIDr7LSw3bs0tp64
q6qvOlISvBPjoAmv4638iG5F3zronJde01ZmcYx2l9kYSRcxdr9fyUNaeWsz1aE=
=MW8k
-----END PGP MESSAGE-----
fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
- created_at: "2025-07-20T18:28:03Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA46L6MuPqfJqAQ/+M5ftMfxnz01rDri5YMAKBpUAgUHBdnWrjaVWqGIS7aZh
UXXqlCVRXzNfIt37Z23LiyINJGZ1y/6ES+4n0RYAli2XJWlR5vMzbN2Obh743IoZ
9bApYKGXf0pnRdC2kNGFK+PC89aWHWpjVSsahBhVcYbi9G8WYFlYw/ZVrlh636OH
vahqWefuJStCKL6DA3sAYJzzDck8F06o1pEzmvTkGmAlJfZZ/Otam9BSQFmcegl8
tIqwi+EVuu35/yo0QqSMCA/QmvEGKi7rsk2OJMllyEHCe8Rtu9JHsUsnzDXCCPeV
UT7s8jMM0rduuEoIhgDkiEHNgbIbQ6f3/gdf4f7s0aC7NnoUHoVI3pKSbZeQhGzo
/pOSFsaqxlclxwu8uxIcyF/ReFf7u+sAM0AUVWdBKi0l9zeucJf7TmokY8oh3K1J
XX7XIuyMwvo/hrA23GTrYVk3ulzedawOlDh3ZvtNfiJH42IsNcsOMRwFDjwH8xSI
dYEcVrH/jhL1/a9AzY8lu3VCml/Xhs6Hwqr5urYcBNBC3PoufPoi6c79xO9lcxxl
iIWPEdANLdZO+lCKl0aR/mMZOojInBKplGFvqaedFYDoHr1ng2yYBeeGAbHiGf7/
qLervOigfGCWjc2sgyrTT1jcvcA0AuuNPiBnZmfEsiOgyiG5CWMK0y7F1Cm2cRTS
XgGHEBJNMoj7IbxHk3Gc++GDAschbcwsBUNbyUjhQ7THx5OmpyaMl+rUZZNEhURk
g3YvkqQvpP6Op8D5R1u7OHLR3/Y1T7eg+gSj+jrwAx+uj2P8PXfpuceTjPqTgQU=
=nBBt
-----END PGP MESSAGE-----
fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
- created_at: "2025-07-20T18:28:03Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA4EEKdYEzV0pARAAqlrh/OWyGSIJmcsjLgeF0mN0EcHYW/Tp/XWu9dtTB35i
ecGcS7n3UtDrOFTH0a2OufYPCf1gxsZN1XSFnwG6B2P3WCX/FDLyxk54d9ULUb5a
c2knQSY4mgsr9p7xIMm5q49TqWYZiJG7WnADyjkhWLb2nHiifGZ/eKS58v8Ekhik
rNWh+Lu6gAHh77SNMxrjKT59rQ7XZPJh47pRBdxwAUnpyvBD5QgcQVuUA6w2ohGA
hgNU6ep9Q7ZxJuG+EBzmn/5cJCGvdP75vxcLXB8H/qlUHew9339UY1qXFg2cEnXE
4M5uQ4bUzJqQ41LrbjD4fk4hgiANVVd8rypprmHBB9ztjH/ap74guHJRnd/qs0CM
c/Pi7s61JEZrgRzv3zOBjuQ3CSr4w+8wdF/POknoRQWuwf9nC8gyiY6L8ROESHjH
v79tLHXTfPn7HZZ8Bl6YjTp01gaNGJ19lNj22X3G2G0J8tlzTCPBkgKuxi7E7JaD
rWFF6k/sclN1+pGPn8dfVeMAXfUdPorXZbn+fUU0o1mw2XkE9zsa9Tv6FHMkNS3j
+t1naeJ+NHcKF+aiFNkNo1ZfTgeni5iIxvZ7MmlS3ujj4EKZsQtXJBQthPaW9waO
0H3aI/GttEA6pwgnuvPucfbabjuMNFJtIjeRwnyWzJHRSScE1/MkNZk/J/VUph3S
XgFwtKchdOvNI0UzFDrRF0QBaEkJynjtUtZzsAhYjNHjBiqtoFO9ud++OqzIBR96
lZn+sq9rTxIl3yxazoid+Ls7A/4eP6YyA4ZX72apW4/cJOSDYJ2Z2Qb+YtmWX74=
=8lTB
-----END PGP MESSAGE-----
fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
- created_at: "2025-07-20T18:28:03Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hF4DQrf1tCqiJxoSAQdAL7jChaBJQI2tZj4oNVqZkqNh/CwrURAsgkodnDRRM0Uw
YJbD170ufhkPt7g7Fk9kym94HZHxKsMyTIBLhbOWz5rQr2ZXbSmBOuUdOG2mwqhw
0l4BZmmNp2oSl2P0/ROLw/vONilGvz/2jMQyCFDXN9IJDya8yZiXTrnEmK2vSM0/
DYtdYUg1A1wCq/n7bJJCUDWPYSnymP8b5dafTwqWjGwbA+lveg9MDNSRUI9QbG6d
=pja7
-----END PGP MESSAGE-----
fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
- created_at: "2025-07-20T18:28:03Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hF4DzAGzViGx4qcSAQdAS6WN1p3uJaTwEDUFyHIvXIOhVzrS01NBXZAARIT/URMw
9co0e4F2EliREPIOPlrdTkIutWzk4Hthmu0NtDk58oAkpJOFCayTcQJGDuIDLvZs
0lgBruPX+8fTD83IUDCmABmrKpQW80TgpWd6HhSRVq595mobaJ4S+TY39zUvr509
Zrmg6DmlUrEr/FYdff3gj94Rm6wDyBkI0fm/GLXL23Il7uKVrC5WQsNZ
=vzES
-----END PGP MESSAGE-----
fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
- created_at: "2025-07-20T18:28:03Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA2pVdGTIrZI+AQ//Y4Fc0reFodqz/P5dKD2RsHsKu1kC3Q0KVdGxzAe9AG6M
c26glnYir256VUOonlP5q9gsIvAc+RDNMoFF0WwKO1HGLPmeiB5gK8DTm2U2Hz9/
g4xG86+5BCyR0eFkx/sEqlVnhRsnfSkPqq6L+/mJir0DQ15W8SR7fbvn7XsXKQC+
jKI/spzZ0CvkLtbqvqMBp00ZTQ+yU1f93hTbvipLPLLR1fBSOnJpe+f832xAwH6U
W0eLvxzdvdSyALDVT+1xPNH0/Ew/j5E/U6s5k44IQXl2EKQXdwBiSWk8m8Ii6Gj3
0XqJj8qiJlajl16auYOdXa6jNzZac7+JAgthc4obznNQsrD8j0XSolzYybPd+4EV
LCW19LF49hqEOsPi3UsigDjcpaiTxx+VdLVwsboquEwwfN+9PFl/iHG5tJRRZjNh
4q/im5owY8br5Ef6HtU1dWDB/PNHP4lKzWuyGXS4E4YcdenU6cx3HmwKHTTdNlpx
TuH3EYVHTCmTOsJ+5wXSiZa9lTsWXX+kAbxFoIFkWaoi+dtg1NNKzmkfwARPVbi2
pu4s5rJEGHwta43Ao0gUMUEGyqTItZ0V6gyFn5Ey7ivzvtM0RDjzigsPhbFzCQWX
kUbefqCxu9iQR1LFBxWdM4iPC0xPN2oK4hnRFa3rzyLxybyrhlre/tsMIsS+4lzS
XgGYpNwV4QTYw+YOcxHszqg5OngM/aB8aZIOELsO2HkzRJh49a3Uv75TClv/a7GC
DVVqRbIs7ACxDw+SBp97Rbl2J9k6UAdGJOQ9e3cgxr7JxacCfd3KAJAukco8sQc=
=aWRa
-----END PGP MESSAGE-----
fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
unencrypted_suffix: _unencrypted
version: 3.9.4

6
inventories/chaosknoten/host_vars/chaosknoten.yaml
View file

@ -1,6 +0,0 @@
# Used in deploy_hypervisor playbook.
hypervisor__template_vm_config:
- name: STORAGE
value: nvme0
- name: BRIDGE
value: vmbr4

222
inventories/chaosknoten/host_vars/cloud.sops.yaml
View file

@ -1,222 +0,0 @@
nextcloud__admin_password: ENC[AES256_GCM,data:R+6uuaDeQWSgtV1Cp7YWZvF8LYOIhoz1K7WVKerm67NLbLRpD9191DyQH13v7ZQPvIce3JzyrWqoyQigJQIQqA==,iv:chVGvTY1Ge4OwrVbFkU5IMd0aac5HqslddQEdY8F4Es=,tag:slmFXStGVf6eJdPFplqKjg==,type:str]
nextcloud__postgres_password: ENC[AES256_GCM,data:GIWhmhiDkOC6mQAqNe8aKQ2TpTTYQJ44jn+P1hnpAxstAWLUTJZdxE2DHdjhZ9tV6kyTb/GXANn1UtgFzxczbw==,iv:lhJAZF4mJ09jVa5DxtVTfMe5FqfjpQojrI15kYuXI6o=,tag:LvzpBXbBQtNvEnCDNphUqA==,type:str]
secret__nextcloud_smtp_password: ENC[AES256_GCM,data:9UI+hMDQqM6Ui02fpdscXj5Q+XfN3t/g1MUX4blqd/egoLBtq8R6YpdK8wf6heqXUck6VVDgDLFnpfQzy0cqzg==,iv:dkTN/pj0YhLqEw6Sp252bKmnA1RaF9wfoDE7naGN8Ao=,tag:1Bg/ZoCITh7S9Ps617DKTg==,type:str]
sops:
lastmodified: "2025-05-04T14:15:59Z"
mac: ENC[AES256_GCM,data:iJcBQZ2Mpa83/bR1BcTPh5PGrsjtyQjtAwr0y/bjOXrpMjoCiE8nHl2vdfZIxGYU+v40nkgYhXS6wCIlBZgO/QgvXwVT3Qm42i4GSx93N+jV8j+iB0a1kPJ/yHAPHD0zvWF6qlNSAeFWPbifLMXHLjijZDud5LxdW2KfJ00JCuA=,iv:BTUVSDYfKJI18GZhiUC/pJ+Gbuzfk3GrJadlOapw5qk=,tag:f15zFqye7O+L1lTp0Z/8jg==,type:str]
pgp:
- created_at: "2025-07-20T18:28:05Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAxK/JaB2/SdtAQ//W/vD5coVwidijwr0/l91HBYRjtbUX+D81pJ3pOa56weA
0/breqUaSOUtClLfTN1wIrYHDVmLHuTOYqn3z05k0jyGjEbP9tI1Iej7Jfxn+aWh
4DgDl84KO6Lpe1kV4y+bxzt9OSi95h1vSEjoV+xbQiDOhV1ZKCCiezdrTTGry1Wf
fMpNrkQpb7um3FYopMFhHKew3WSugDuSKU7T3JlL8kMDwoeOI9GyfEXjpBY7oyKL
Zs0qFqaO9PZG/c91O0lUgTfMSgiwhIgUPQEAD5P0FhyRCmm613kayGHM0QuYXjsD
2NmU2WapWrrirjzUTzlXFwj1VOA5WjlqVNaHKrFqtvUDvhTP52OwgEKD1P1UkCh3
BChOr4T/CoXS0AcBlQGYuBlaY55XnFAcC4T3WYkcDWM7AZ/HxPFarCgpYsXGSPsg
WlPFccAsQ8XA/BvhuAwCvL/aipmM3h0WcBXh82rjkzIPdDcxlrECn3zRABbSuVSc
ULEFdzOXV9pd5LGySkbF5DcNw00+bX2g2/sgRB/ly0iQIqVta4oNOBRs6REV/e+D
IeEmP+E6YMc7NKz7mCSbK0p7RBtcePCXZ9uwIql/sMz+K61kxvwDXpqHQ8A5EUQu
EGNIhgVfSbBIkqR31x0cW4/c8NKiElUx8NRmcn5lYxdy33jl+H5jK0Ttb2pr7cXS
XAGJ250qZzyDFe7LmSoORJ1zoLUUIwPvWy02mcRhIlHik/FJ8/dawL3HFbdEzMOe
/Og1ON2961e+m5AD+sFUXV+MDHe9s+eQDzQSIGbJhzGVvo2hfMn5mKFdtUCz
=t2Ii
-----END PGP MESSAGE-----
fp: EF643F59E008414882232C78FFA8331EEB7D6B70
- created_at: "2025-07-20T18:28:05Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA6EyPtWBEI+2ARAAoJJ7x/CsgQ9AU2sI3pCuKW9wUm4+EDDqiT9CG5WtJA7k
lj6oqEXmSe7QY7AxniKZLEsePMWSBBDYNcieUQaf0eZpuxwytDgav9LqzkwhZUGc
qhJV5Wvf+MdFCNmPa3TUuV59N1d1jXZPvWLgknOBM7lZexvqc5Lr+pd0c0qWrh4h
WDx+oS6yFW3qFvH+98iDxzJ2y+xvjBDvXGSqiZEgcJMyFllmpB45EcUIi7E2gs6r
vAeNsWEEYfO7Yt/brphNq8Ns2okvD78oZbh9dNagy1oT3huWbaN7LcJPoPJ8qL8w
tWAymwE7xkOTWW0gY0+MQJC1NNnDmIGOCxNGuFUpku4xLjOXMUEoBHdvGKqM2b5V
Yj95fnz8bf2FvH44Z+7PYBUOICHZBTC7EzExfSY7fEu7SnxYIjxMW2ufE6xo3upv
RFSALpv7Cg7G+PBjLyh5l/xHmXhObdbHbFC7EJXrfVYvfj1F96n/+DWbuXvCOm6s
C3Cf+296tEfO9Jsh244XP7cN4z5CvJ0N5movSXZ7oEZ2YJL/P/ieJ1f32QrmyrbI
CUuPlcCycE4CWWV7yvsmyf98RQVYXMXL73MBw0EJSWRATlC4/bcGIrVnbuni/oJ1
8YNlqOejqzAzMMZ5f1DEstXb7wP3bXCao2r8uWyPLwsnJTeDKgtkw85wueIKp2zS
XAGl6tLDdlOVzbhKFL+E+1VG6GYOdBNPFYQ4yqaiOzm5zPmnyOd+FLKzq7jvXZ9B
ke67IgBNK5xNpAOnHauSawozf5VewJSLM9SyV9Geohz9W2ihSiS/vnSjQk65
=A1pm
-----END PGP MESSAGE-----
fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
- created_at: "2025-07-20T18:28:05Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAz5uSgHG2iMJAQ/+Ptdb4Hx7Uh2mH5h8TlOUjQW6UWxwpuOn4QHIrf5ck7tT
OrwEjNztauvMuzYJxSxGdVRSsKD4t/tTs0xLcTChGX1X0W+ZTjjpRjUwfyFYMLOp
SRdnyOBkZsmgvgt7xqvwwssJwOIbHTrJ5kp99gXggQsS4M/HAtpLRuHMOGzazgmB
4H8vM1uA/NeOUjL1g6U14GwKofRgUbdLrkA2i6O3Tn6uVrpvC9heVhU2wiSF6qL1
No6DPheN1PvL+kV0h2DMxrMXcFNl3NjlUCE3vT90OyeykMuq8OQAfpBR+1vBOihP
jIH3t+kDXIhQnXvXQU8xm34bXO6Eo+c+/9CZXhVvAWRfFlOWrwR2/JzmtMMMaEEd
T6UjfAVlMJMWyX2kqXzpGVCijA2AqhQAFtC3JWmuovOiLKy589jYx4DOQ3h+VMMB
ggdZrx/hUGvkg3KpuCQoBYYs97SsOcF6vImPfQ8MApzW1GdT5tay6kFOgDauw+fu
yoW79sAvRN6IEd1yTBDhmL2Wd+Mr0oE1a1BWcdta3mbrKUCLvDf7LZrZLTvqLJQK
WzFiCOYYbSZgh+KYXzw/FSURNT5ZQqF2bUeSkR1rEbPPoFcgwFToYxKbWPvCp7ah
1MUA9v7GcnmYxHS7yDhe1HOsdTM/Vpdme/2LFha/QawP0Cr6eLa/uc0KTgXxbl7S
XAFqDjqgejL0O5R5QrY9HHQAMcpAPfzaptRuwt2tv+V3cT0K4vJKYzsdi34qDnfJ
2jHbXsjRxRsc4am7rA5xcB7r3lAHv11rkDU6oxiNu634eOoFIar94ef8VBQ9
=bQFe
-----END PGP MESSAGE-----
fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
- created_at: "2025-07-20T18:28:05Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAw5vwmoEJHQ1AQ/9ESOx/yVKVHFnCpC4nD2r4sYAo/x7ayDJKHie5sIfaf2a
ebRnIAezWlCEWqJ7FVU3QUZupsry/u+SsFnJg3Kv+TE51O2ITQenLdSBD2dUG2/Y
M2qqVUzXsEQOXr7QymYX41AThRouj+Da1+gKZ8BWIaPU3khesjLjEu4qmuJeh4jY
VE1F/2QB+WFY/lw/+WHpiD2xDkrdI81J0pF73pCepwDfBNmtZttURzn4xO6t9Ey/
Q89laIxHjl4oGUrGJkUonwzwRYaQN979SQWjVl+DdYN17tWnMChhlweorHh4fM5f
qDEOyGlYFH2kzupzyhwCIHK/4OaJNt8uQbB0I3h8P1qj1Zl23sTGP40KxrvD2nNW
4KMPanP1yFRSe0zM/4L6HliAMu0VHUMWmH9qD0fwRXPV5fdIWxctaMQZnrVwAqGz
s/DJy3VQfFP/bxO50ir1wFj2HUPjFTWs7eqzum4v58Amef35S+YuMWBcum10m2r6
kGapqwHQPgxCWzAttIB5tDetW6jBBs4hAc1nyliFLJITDiZ0+p/mWUNqc0pQPn7g
DFPCB27aWlCj8pGObVPZRHo7ks6dX9E5oy4YGFzCmDvZrSK/cqmWAtU6lsWgFYRu
fJ8G0NY6t9rsluN/Cw1dplIJGnHvzJihPYKuZCkxRF2pzm4ESYzwZc7JrAmAZFjS
XAEs5H6b1OzbdhaN48NVsB9/tonkzmFmAz6/E7loI0KQL8Vc87eTWdHc9Kc6VBQg
7/OGSvCKW5PjdWP68Y1tFB+1lthakH19JyWapGhYCaVj8PlymMB0ffktfjQk
=2M+z
-----END PGP MESSAGE-----
fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
- created_at: "2025-07-20T18:28:05Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hF4DerEtaFuTeewSAQdAbe6biWCSneXlUMVbeWc4r57SEHDltmlWRXulJZ6wXhQw
AjEdgA6AxqwJoXBTd8KD5GSchMmpXXRVpTAE2gvjwVObudvZERba9wMuxcsAdmDe
0lwBC8GonXrMNb9BpesML66avCPVcjwKOPED6K82ZXn7+XdMruGQsUmQnFNcPnWp
iAqehB1RrDXtXIF99yGUddKlFgChVJUcOjkSD/RDSkMyjlwtyJuS26qoFF7ZFA==
=8dgo
-----END PGP MESSAGE-----
fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912
- created_at: "2025-07-20T18:28:05Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAxjNhCKPP69fAQ/8D7YIg9os9dNTzsq6RfEiEQH1XPvMMucaI3g/G3cuO5Qm
5MBHNXVjwYtrQrulZMY+7MIUIy9xHYjtNNZi9VIAk0TWdCJ9XL5Zy7v/x1s+pIAI
9kqeGI4Uu5yp/2W2mTr3q4qKZU8gJqEnJdlWIYETbqdgAOTcIlrMaMB11AS7rC4b
KF9vpOcOAK/yHbQATjvbd+vjJm5+wZ67hDNWmPvgh4gqctidPKKaLIuL06wDBZR9
EbDSXXfKoLCYJGzYoTMNnwAu+flD+9ZZyDsox0/0wN+QJjS6czY0up9TCbWW8fyR
dhRaX5ZGiihndspveM9v9Pj9b542Dz2QC2oD8YG4ZZ007jy8d/+mf35YtwMjZwup
N7C3zEOWJa+2CUvHYMkSpxYiQbocbnKJoABO70KoCXaPKanrttRBJ913owhIr07O
7qVLrJqNhMbEZCd12HSFltOuGTdZ2H0NHtypFeFQqdR2BkAt8lL+rR/+4xGq3HON
+AQbHdvnAUFsgs9I/9bEGvzmmdrxUKYCXO+lxG1u3AJ4vPtCnwPevUYoe/BiTtZB
lGCCY+1eVZT0+7YeGGWPzy24hMBMh+T2POHM8rm6+vdxi+cepoki2QrpQkGP+AQ5
hVk9IJ+TPTBKVX2wTKMVQe+0G/zGV5FLXlCEN843Ygm/G1j+jS2g46grKIhU9yvS
XAG3VoGnsNY2KiH6yCbA3U1e7rrh6tdscFmu8OTpfx5/sJ+4GDax6vUYHPURJPBc
Ta+H2n1Ih9QdIkPNSv0r5fHYEGSnRRQ9X9eCY9FbvWQgVQuEY6+0Sb69yBV7
=yRWg
-----END PGP MESSAGE-----
fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
- created_at: "2025-07-20T18:28:05Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA1Hthzn+T1OoARAAwDoWy5YkItmh2pkAvzccoc5tAOulhV5N7gA3t4wczXaD
QMR/o0CZRqX6gZjaWcmjT33AbDlbdzcY/KJXuFvag7kS8QyDAWI86U7Rrun7NoPl
EwmEjmLyagiXmSa1VJKv6iYKuoF2T1Q2NQO2ZlGi1OQJbPEnpYuDyaldk4Tin26e
ZG3Z50jbUBUnXE7yl++oIiP30yD0vkoWD33fQBZe8/wTURDStuFkBFSTAV4Mfc0k
dDFsHZm+eWGBgbtBm2MJR+E15b+OwpsIwmRDF8lirsWo7LBz4MAeGB+bMoXzmAvG
9lPlH9t887slDMD9QOFZ+on8pBf0zlpx9+MqBBb3HhdOFGVo/tqdjkp4zhu48Er3
bvD2UOMNKNpBnxvh+Wh40DU1vBsDdeuaATAfLl3adliBg8FIGY5brzlsyDQ8Ebwv
PZ8R4kSzkSG1cdbLM8qpb1D7roSPClM3uikPEL8WXFvvwcc3EjqsmXl9D4sw8X3b
dzrjVZSZgH4jA9KJtKgwyEqlbyYdizHilnXbx5VlaZJIDMvL/nVJF+Ue0qYuAmcb
ACbsnHkp0B1CNZnBibuHaIy+T6UNQ1QV18xuCznccC3a7VCASWDnLLf8Ag3yUCFK
eOMjMCRfWLpybjPT+2yI14Xf7rFNchnHG7kIMx6XIaMA3cHN7dgQyoouJxg+3z3S
XAGogGEGYQm/sJ3ENi/N7D34S5MAHfwBPa9cS8PmE33q9jRdUPwIs+TbnNcklZTK
JxFZEU+VZWpt/oxYBG60gM7fZsCE/RZhGXeqV21+pAS56kRi0aEyuq0Imsua
=p6Jh
-----END PGP MESSAGE-----
fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
- created_at: "2025-07-20T18:28:05Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA46L6MuPqfJqAQ//dJdmLs3R0IXVm6HcBvH5Um2VjDfZ+HOgl6je3NxcgMOn
ognp2CyUYYeR5GpPm1CydaNVlkKGVjUv0BlH9Rdh/pey5QjC85AMQpNumW0nBawS
XuGXB3pF53k8pQ9NRRBNmS61vC62eBV6DN6CLKUhmC6SHA/54kFrWQNI/6fnQx51
QyCssR33opVibfi8rz61SYQpAJKrFEM98KQRB1aHntLEhwWcYR3yKv4H83iKhuyU
9O2JSn6ps7s5HFld/KnQkoVRKDZ+BvHbQAG95FSzjrwd2Ec0Q4EJlVRJrJFq6pHx
kMmpQebZRd4hbkEYAU9XR6fnnjXDg+RdIrPjDfxrXsH40IOlZBivgkD5ACIkTYI2
/bvq8K7F1SfDjgkeuuyr9y3QtXIxwUgDTo1cwu2wwfYsD20euST34Mv7DMTGwlY/
NUQ+LfDUgXemgWNiBXkn+bu7pFhE7PnyDr4yoTg5ZD2eUobBB6g+2gSaZLKQNe6h
zzZD584MQ5zz8ivyZXXAkpe73pV6bTTH5F76deXK6czt0rkrb60O9ELosAK40Ogt
oL0x4LFMgPanQdtzs8bEldZu7JNAf7zxrWNoey7zW6xC6mvyVLPw8+eMNS8UQt1P
rpEAInl6nX27x7agk5AAUDda6FOJdr6cmTLgPXnw2NxHSjG83moIGpDik4BZczDS
XAF8KRueOsSUOnN/0OWHwyWwIEjpkPPKCmqZ8itJjap3pDkJ7YhshRVe6nAWnDII
Z9bY10K6Dxev2dDYH3/ihxPPbFNSWtqeJvmyVOZXCHST3sG5DXpuTxiQ7JV4
=pl4Z
-----END PGP MESSAGE-----
fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
- created_at: "2025-07-20T18:28:05Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA4EEKdYEzV0pAQ//dFqd5fLpXxk/0mr9drVZy8Ih682PBGcAFme9bdYz4Ou4
1uVP1WTmP7Jq9aV/SFq57JCZIEQCKbdAnMtyST/7OrSnYkYymCKRqEP9dP92K4tm
9BJrVDu6FMdstBMBNNNBb04VPPgVLQjzyQw/zJnyniI5VEB9Z1MZy4b/J/zygWxG
nWPy4XBZeI3IhJNOm5zud/+pXj4o7jgQfHdUSMbD/pylc+2H0/23mbtHLuUT0d5v
nZIaua1yoCW7MWbB6tXQ8Y0O30F0wNX4ckCED4CSloZa/joApv+tivyQrxNLG5eo
P+KoQIB6YSG4K48j2J2WHd7yNsN1ZSevYQpdwj1MZAwnAKFvmwc6uX1oX36i9NlE
uAjDMMPyoEFFGAGHCR86atfeZp1LM6ot2WkaBq7SdpTeJIqO6oNJHGo9ehpn608G
M+Ebp4HSxMkedJQvpdKxzkuf5Y3e6dQ5YdSiC6eQC2ar0tsCMwmHfSXUE37c8zwz
W2oxnrANtnUGBxvV3b5QcQkUXcISW4OnoQsnDW+b6vqL7zfy8sWznsHcfdWVYknJ
5OTV8oF5vzRrh1TsJvwp0Y5yDJPpV9yFjIkcwlNyCe8JGtRq2xmT2sdJ9oL4aSVO
yJwcdw8uFhCzyQTZR10knGbhLubDiBbwaNOAktXCMZ3bidERvcvcqbLUAMKKk5XS
XAE6JMUlnNaa68eQcwlph+ANQiL1WR1NTbBdwZcDdnjjxCwl0eNOliCBUn8X9p2x
UYVlfQMLBAOy9VthwmMe3MweDAwmeWhCL9v67D8KV2chCbYxhyOFL64ysBoA
=TSc1
-----END PGP MESSAGE-----
fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
- created_at: "2025-07-20T18:28:05Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hF4DQrf1tCqiJxoSAQdArglWecS38+Bksx2+b6X4mXopM/CyOe9ogHcdSTONUlww
SPZNAyMDJknUOZNVhsZT8FyjpCQyECYQ27RZy+1JOmNRa0Fzlhi1HzyB2jdvy4J8
0lwBOs3Hnmlh144XMitJh/RQmcAfE+gyvBVc4+ZFJgYhxiMdEZB0PlXgRVPtKOcX
YaO+cT58XRpJAnHAzvlZYMGXzZWTGtErJO+yQVJ1h6cjyi4Q3G1DtBxyx47vgA==
=qQ/l
-----END PGP MESSAGE-----
fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
- created_at: "2025-07-20T18:28:05Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hF4DzAGzViGx4qcSAQdAeKRRJ7Fng1MXOeaUFcbPRsH45ivTIZmb84ByrvJKOT4w
G+8aUOX3WJ4YigTlsTc0wsbDWUmqkOBae+lMr+HjAVwzueEsKnvNVnFJ82CWk9pf
0lYBAP9tPmC3ngDE48WUHkkPreAwUUqsLzSDoQVz8lPp2y1qXjK9at1g9GR2tQYp
ykjo7lLRQpmtyTteIyCzil/fRLNtAnBvtgINNKAomK5SpSH8yc8HLw==
=CZXl
-----END PGP MESSAGE-----
fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
- created_at: "2025-07-20T18:28:05Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA2pVdGTIrZI+AQ//aewr+lACFStf8lUjaodueZqLXSz0ex4UC6lyClmzuLkP
J0XWjiUKGs2ZWAwhKegEEM+O88RLFP4MvSaoRYIoDBbc/nLrOrPxbJVgOjCkKWMO
HKIXeKyFcnuDJUEXMjqIbX0NbhoyJec77Ne/u7LvUYiik+j28Vx28nGhUebP9N8n
gR4UWMaSeLqk84q/kiioV7hsX0hz6p+AFMvH9zGks7+FgF2Uqyfwrya9TnCjojbQ
OPtDdZc6d3s56TdtfcMaIkvYvam/xoEOfFnviz44wplTqiogGVqbZW08zliY/lap
XdhWZkYQv8rVxwVLZlZoxLtQpWZ/jRUY8jnu5LfEmCeJwIQMvUUDbvnDZClodMRo
xSFb/f9kwEkYHNrIZd5qLRw38GkQ2kNnVNDn4LKICBlsEKUi6roZIghEW7bllKKL
6MHjc7ddIIYZRZs4S3djs8/jFpGmTvA2xtvCKCz8IvuhFzR0wnjGtIL96yHfYc6d
qLuJjLYTZPEFcgQc14z4Omvf69Ft2TtWPu/JhTqKNz1E55fu0snrjK43QFf3AMon
/mSBp6+JC+Y24wuljXjSt1PeCWyEKiHK3gnkkZGixlxRdWtl2fV0eCqgdM/j/VQ3
4AB2ugyxj5JxnocWKMIFuUy8SxODnzyVE3A/7QgYjsIgPLg6RWtDOHCo/BLFBn3S
XAElm5jYXaasE5lt9yat3tPO5tQ9nnnuTOGou09KVta39uMwCBSQfuAlzWtLaHPv
h2dbbXEB6Sq3UNaxQCfI/ZWF534OIV/MocS1RlYFkuQMWNPKaDmGdyjtVnji
=N1/u
-----END PGP MESSAGE-----
fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
unencrypted_suffix: _unencrypted
version: 3.9.4

6
inventories/chaosknoten/host_vars/cloud.yaml
View file

@ -1,9 +1,11 @@
nextcloud__version: 31
nextcloud__postgres_version: 15.13
nextcloud__version: 30
nextcloud__postgres_version: 15.9
nextcloud__fqdn: cloud.hamburg.ccc.de
nextcloud__data_dir: /data/nextcloud
nextcloud__admin_password: "{{ lookup('community.general.passwordstore', 'noc/vm-secrets/chaosknoten/cloud/admin', create=false, missing='error') }}"
nextcloud__extra_configuration: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/cloud/nextcloud/extra_configuration.config.php.j2') }}"
nextcloud__use_custom_new_user_skeleton: true
nextcloud__custom_new_user_skeleton_directory: "resources/chaosknoten/cloud/nextcloud/new_user_skeleton_directory/"
nextcloud__postgres_password: "{{ lookup('community.general.passwordstore', 'noc/vm-secrets/chaosknoten/cloud/DB_PASSWORD', create=false, missing='error') }}"
nextcloud__proxy_protocol_reverse_proxy_ip: 172.31.17.140
nextcloud__certbot_acme_account_email_address: le-admin@hamburg.ccc.de

16
inventories/chaosknoten/host_vars/eh22-netbox.yaml Normal file
View file

@ -0,0 +1,16 @@
netbox__version: "v4.1.7"
netbox__db_password: "{{ lookup('community.general.passwordstore', 'noc/vm-secrets/chaosknoten/eh22-netbox/DATABASE_PASSWORD', create=false, missing='error') }}"
netbox__config: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/eh22-netbox/netbox/configuration.py.j2') }}"
netbox__custom_pipeline_oidc_group_and_role_mapping: true
nginx__version_spec: ""
nginx__configurations:
- name: netbox.eh22.easterhegg.eu
content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/eh22-netbox/nginx/netbox.eh22.easterhegg.eu.conf') }}"
certbot__version_spec: ""
certbot__acme_account_email_address: j+letsencrypt-ccchh@jsts.xyz
certbot__certificate_domains:
- "netbox.eh22.easterhegg.eu"
certbot__new_cert_commands:
- "systemctl reload nginx.service"

231
inventories/chaosknoten/host_vars/grafana.sops.yaml
View file

@ -1,231 +0,0 @@
secret__grafana_keycloak_secret: ENC[AES256_GCM,data:85OEAwuWnYW4NgObAmYey+2kGRML2iH8FuDlIZsHyOQ=,iv:Akdk7Iopx6nIOAFXqa7ROnH25vhoe4uopzEcHjWKWo8=,tag:Lgm8H9fWA+/PCjp+SHoO7g==,type:str]
secret__grafana_gf_security_admin_password: ENC[AES256_GCM,data:Ct3YH/5FqUA+a7Z7YlpZ8aMvUM43blRG,iv:ePwTeX+7H9p0isvi6Bu0VG5egIOqTopmIiUhYoGCmR4=,tag:SLy3totIMtbED7XxmblasQ==,type:str]
secret__prometheus_pve_exporter_pve_password: ENC[AES256_GCM,data:dJanRGfkNwZw7oaxxwpjpbV7m3Zl/MzA91Y54WrLXxHWDRHBX5Fe1soWgysN3uI5s+rtIWWfpCux/rSggFh0gQ==,iv:6gFk3IHxGkWcoeZTpS+iReBR5uMModHp2qLZp7aG4Tk=,tag:V55iwRKmS50E2lNS7lmCoA==,type:str]
secret__alertmanager_telegram_bot_token: ENC[AES256_GCM,data:DhMeo4UHoYu17aVx2sRtQ2v2MFuwD/vHB0xsOf7QWio35ZAcwzGHab+VOzREbg==,iv:DhrCAfMoUt2Zk8imaVA8xC0UAJhXpyqNNwqP5th5ldA=,tag:BbCDqenw+yT4ADpIgZ5row==,type:str]
secret__loki_chaos: ENC[AES256_GCM,data:km9l2LYuyvitMQOSinAyUnnF2AePE3fcW1E1k5fF,iv:gu2FB+R3/UIsa8qivpQE6AVaOug7/Q4JO3S7nhubsww=,tag:4JaG9ZHPbyzFIdzCnYN+qQ==,type:str]
secret__loki_chaos_basic_auth: ENC[AES256_GCM,data:9HS1Jq1LqTmshFKdUDk96Y0apSC3xhSqOAWv3G1E3djDvl3QPA==,iv:oYgoIDqV3lGsHDfivgMRh7HQ0tFZhRO9OZSOuD8Yoxo=,tag:wkFgxC9EFbm/wHIHqELv0w==,type:str]
secret__metrics_chaos: ENC[AES256_GCM,data:GDLtKMuExpedDFWLew68JMbdaxy1aEep2j4/XkOD,iv:2sbdjEp1GY6rMq0BMw3Sfjyci3Zfm7fFkU8wUFy3IDQ=,tag:yEarnC4wJvFnB8i7tJ30kQ==,type:str]
secret__metrics_chaos_basic_auth: ENC[AES256_GCM,data:eT39ijCsheJZP3D335EIRdeVR4nSX7APw9e4iQ40NtXz8EEfGg==,iv:+OxDeTOF8PLxSFT5ZKkUwWYZfuBgv5YUJSGWsURL2kk=,tag:0nIroxvAjTG0vB/lwq09LA==,type:str]
secret__metrics_fux: ENC[AES256_GCM,data:aV6zeZ/XsVlA3QepSfVd/cOr+tqFVhlAxRO9SHx7,iv:fxo0o9amrh5ivPTxRVkvymB3fr5dLFVE7EqIpBlNZBk=,tag:41dm29mrV/jmqj5IkuNAaw==,type:str]
secret__metrics_fux_basic_auth: ENC[AES256_GCM,data:YL+QLzZyyObzDcz+FcefViMrvdkVSwRhDsBx/AwoDX3RLHCDjg==,iv:GADdMa7FHMM1FnyPp8DUHElpXsJeqD+gN5Slw0R9bgs=,tag:KGCoEud2JLU5s1gurrbywg==,type:str]
secret__ntfy_token: ENC[AES256_GCM,data:0tuPJVmxHcdDWOMIo0QQXgIEkJo+p9A5emH+kc+U5tw=,iv:NZcfiz3UFw2fMcMf+q1GRp4Fsxpxbptsx9n8wPR54z0=,tag:SJYFtXccCbPrXjECiKUOUA==,type:str]
secret__alert_manager_email_password: ENC[AES256_GCM,data:AsBzn9KJEoMjcrUWiIhR7I/1jaaFEa+cl3gImOQVKrg=,iv:mtQnZqT0taap3+z/L/nMfUvQF3JlTKIdoljmzVr1R3c=,tag:mZrCB597p8LyB61I7ZvHNA==,type:str]
sops:
lastmodified: "2025-06-10T19:17:41Z"
mac: ENC[AES256_GCM,data:8GGZFGSRXAaLoWUowbxd3RVv7NPMVsbkDttDxC1Aeuwjy6678ddioHTiOWn04noWSPXhVnnpaTHWNW9dT5EcbLHvTl9Vb/ydKq5EnjDi3vAI2hQZ5bJ29rwSIW2YBMwpceqh+2GqDuzebhOKxJ0ZFYsPzbfTGPt8blqOQ1abVR0=,iv:aDbIiH7H72jsBRe0rSDXHMQy6zc1QFrI6ZakJj8zxZ4=,tag:+ARO2ST+1I9gOB/f9V/OjQ==,type:str]
pgp:
- created_at: "2025-07-20T18:28:07Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAxK/JaB2/SdtAQ//eid3k6mqnYu0Y/JnAaWyOqx8TJHln2gaUAwSM25+Anj7
033qx+X8M2M9aDCKAKo72ej2Y4ELZ5JcDCRtTYt85I92q8CxmKOPq3Iv5WCBPXfP
ggIMhIs61z0m+ZH9pk488knHHuAhPpCMg7ziyNQJb8HOqjDBJe0gRlQTuZ4BDbIL
+AoQ4BHplgYESmcSiQsJFcOmh+BzKMrdhHMKlDY92iRKArpYfPmj5YBsAUCb/sVy
qzmW10PBvpifPDiJhtM4LdZmsfC4F8eOEGR1p8JldgENgRw4zH78B4kPe1W4rXAY
WCcBllDTtxl9AB8dVp9EHQrFJ0Kw3ch/GkM4a5SdXCddleqNk+PNbakhQwLaoEs6
jJeEGFMACz7oDD+zMdv4txodO3O1RuClCDx/sgGCxJXZJ6j0SgjQHG8csrdFPPXS
DN3Bmn7SFMFlCT5hbkSdcc4J+zkxwgT7mlwqLGXS0TqAK/DDY28/PUUW5VeOwa5z
uLkrNmmLfrjQrXwonlcnYvIvRAO+KHlTR/MHFfekuzp/wOyCE90O91YXDn68mfdh
0Jo3PT5kDrRfAPt58wfcYwCnwJ8YewUYAH6Pw8AvDjqUSA6en01j6FS32jVv3k7t
Ip8M1Q0VtmvkEcJp/WN0ZnRcoLb0ijaxmKyQ3PvymkWRlGAQBut4E0ivyW4ECRXS
XgF63/ao1eiQ8LJdT923wCgJTIvlE+EyLyxBMAERwe5Kl8J1qDVJ4EdP3bsonrM0
pr8YZYPGdyEFAgcquXkQEDyynkArRdPVya5Hj9vvNOHGZ+09M948FnlO3euYm0g=
=U/D/
-----END PGP MESSAGE-----
fp: EF643F59E008414882232C78FFA8331EEB7D6B70
- created_at: "2025-07-20T18:28:07Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA6EyPtWBEI+2AQ//QBDriv4RmHkgw06HwoF2WIbRsVaqPtCQU/rATulq9hfz
KJGMPjuzMkOx7dI7aNgRMtQS0CbnkjXMJMxRa/YcI4e080FFTeo3rsx43ya5y0kP
7X8i5wNWnJHs6yFj+d+mQA29//1z0vZliH2xc9DKOq0xWWdYvBbvInqeEsKkEr/U
JXY/kfm7DlCSg5OMqJXX3FNH5qKAlHTGupVzI8cvGXvUbIt3hMBppfhQ7c+DIi9B
jD2eJh7MgAS3em6qIR7rjBzTdwlvIbc4W+wcoEPfjkW8Vg+EYo+AOV9w0gkwDMhp
zV1+zWLFHOsjk15XFbJCVfSxajraZ2jBNRHfzA/MvupQY/OF7WtLkf2+CCABo1y+
HEnk8sruDojFFxhPeG8eiR3SgZ92qv0nhSDtJ0u11t0yP5afNiJEJc9OrLEXcESK
dUIIWir96s8mdqTztC/nag4PviDZgX4U9VWiotxrqJsTwYv79lJcNJVY0bGU1GzN
4NBhM24x430I03e4E3aSpfNKodJ/wfH72VZeg5a8EVjUrXM1U/LSn+6FrHbhFoOd
9vTIWiJA4G0lb10SEZllB/kerDGLZmUCe7VVhQ7uJzAPjpgLSAr4KhCXMnU9Q4An
BlGyW8On5c+mOvUI5Bqrzl3w9nB5mkNQ+yfDDw3weh1YC2RigArbnIvrDEqukCrS
XgHXPOrY8Tx8NM/iDjP/X81JRKCIQ4LVqlQbx3+uMOzMBW7kZiUBtvMBhktMicZM
LS37Yv7taWohciOU20d1/KqJELp2FeyTDjrGQfI/L/52zBhsed7OkW3LSEkz3kY=
=A2+M
-----END PGP MESSAGE-----
fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
- created_at: "2025-07-20T18:28:07Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAz5uSgHG2iMJARAA0LeyqUZFETqujsOj5OEWx4qXnBW9jhio/TK2wn1x/E2p
b8bOT8OH/cxrJv3O3L6LlAbumM5NqpRQYgHcrOlRsslUK2N2UszunHReVgmRqzpE
0iqIkeWl+lgaqn/2NLIXArQEnP7vH6Q6GWI9GkNdZgmrRE1qDef3pcc/ZOZMcVtY
eRGGhBxsEfGamqAGk/UFRZ6VexJil/5ywDkLvw5JeT5Ltq7Ru4H2Mf/K3Wwm5VT3
11A/241AVUODhLZ0uS3bRIJN0mO8utW4fiI7GVHtogKFKKxKiEFkZgWXAxkYVF3J
i2yw4hPqYqbiQndHX8T7whz1TXA3bSADuly+wAcXXSjDcbm+71iN6UgnL3WVUhYZ
QUxucoyWBmTPtf0z3OSTJNSWwr5wnjcUNNAEbDWUfV6vyI6Q2gdcoQwlFve6AkyO
j/7PQYjaU3T6LtQINIoppLiMaBSSLjjTB/sPbNROOrhTg0xym4JSTlOru8NkioxE
T7k1ut48l6PjXwiSBIHZQ2Ry60diXi8xxWUggBOrHdnEMEE/HGrOCgZ6pZnugNVx
MhpSkEcnwQzxMfUUtOW0HyR9hZWBi0zh2sqU/DbE0UL4K/6mZu85CtS76nWzVEKj
8GYubDUqhMYuz815fpXRvfoPD3xk98O9sZ4yRIUisETd0nvvyZc/rXE0teLiQsfS
XgGuoEcu0cAVTH1aemx45le0ixitfa7blLUxe0AsSi0+N67S20+Uoxa3tlGHf5qr
lD4aNYvDdbI85qShxEm2m+YGA6OmKIdDBfMLbX4Z4NRgKJybLpd6eUD30WAzoO0=
=1x2k
-----END PGP MESSAGE-----
fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
- created_at: "2025-07-20T18:28:07Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAw5vwmoEJHQ1AQ//TLM/EyYupC1ttGiaPDdy3bJYvSAfdkx9UvpkFuGF/rBR
zcvBxLJ5JFxwXiR9blkt8oFX97GmtIIhNogBbaOalh49b1GPCGOawOPkvh6prJMo
QqFMq/YfzvBnFT0c6wL34eXPzaFSkopd5pUaXT134GvZjaziMR0sL0BjgsajlXEr
R9+wjZ/6scsU0ZdjxseAlj+pWZhP1g8cAPITwtKl5wuJRu2Z2e6qMXRwDDVDaZwh
tDLiH0FFYsenPTFEESUszw6seF3pWoHB79PBt9w1YGYFSo80Jye43jZ3SQ9BKAqI
xnfBXQ1Wzow83/UMtHrSdHOKKlzmHlCSPQTp9Kn4FvMaijgUs3oNiG6AZx38j6XU
QhPdFcL9ZSL3ZsIJooJ9ili62NC1B904l4NscUQs8Lz1Di7G0ibj1hwX+mPjZ7Jo
JGZtFoUmFo/jVrYoyrEIu9LWzUQsflYusRLv7nYAweePaFHGNSluY039D2CyAvg6
vTCIdx3vvnQcpSw0dnD4PQeCMuN9iXNEdmx3t0mcuzgaxMutB+xveLcbHKUEeSjj
EDDVWPql21pZoPiMYgTZrBLrK0bNwOJKtaHHntRuxlo0wV8SQF8U9L5gZqC9ZDAv
xXxKM24Dqt7zckNZ75Dlz/a8HQK5lMlwVeSxSiNY/36WSswX0pvK1qFXjer6yAfS
XgE/QffPmf10emV1bTBLSi9vDKBI0cdzxNuKuPCRlo1kmOuEA/aW80lI7g8s11da
Dq1Gx51uXqFKrG0vJRzB2BL4S0z1MtEcDFSke11xq5poXGM4PmfQpPBI9Pa5DGk=
=i+Gk
-----END PGP MESSAGE-----
fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
- created_at: "2025-07-20T18:28:07Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hF4DerEtaFuTeewSAQdAZS15HxhhjITM350cWmBsvc++kA9dP79oqoFTYS0w4Vsw
4rMm91OlSZrXzsIHKG+1bPKtgB3hak8vX+RDS0zld98RorHSf9P4WEBUahy/xEli
0l4B2seAT8SJfk5uqC+3M8i7KKUnDXi4S83HNyy28btN2kwaDKpOmaVelQeFRHYV
AUyzLb61JOnXzF77Y1FdDdqbxcZvUmfEjBVYwQ0uVY30x50RobV898hVmH2Gal6j
=TrnN
-----END PGP MESSAGE-----
fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912
- created_at: "2025-07-20T18:28:07Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAxjNhCKPP69fAQ//QsXWu0Q4LXXUGfPoGghMzJBZYxJkn1bASs7cDX1mGRyX
ujxpdovJkMSK8lEQ7LqTcEvjmGEttCBLDpYL5hVOI5k5tvpGh8bIV8NtZUJK+eXO
tHT/A+sbhMtRqGhlXqmL7dkY930NaKAeFsBqbcvG/p1uK8zLX3b7To6n27R+u6HD
iikUGaljRDknqKEWxdK8L79UW3hmz6qLynLIR9V7bDHbXXRZD3CmkscOcfNUC5jp
q0t54YzOHN1BQ2+cg230hvd07/Iu/Ko+K9JW/YmwKG7d2oB1Plitm+oYY4GaRgmb
VvEavkXPBTxVB4H7DyO2ghWFs6bA7trGf6cfcQKML2k2XygsQftDdoKvWWVJVmXi
R7ceqCFyVzXO4Hd/XcpWmwhv5lNRD2MEbIOKWdQ0JVnzqKJygb5cb3uZriTP9B4M
eKT/z4nVUEWssjJXQAMeHG5+pSRkT3JlizQHuHg9jU6/68N56kSVMhUyXSwvYbCk
40x4p8bCL18YpA1wUbo6VtrydikPKgdx3TF+Ce2+kQs3E5ltSBL1OVykzX/mugFa
KUf1i2CbEB5bb9GRftagbCbVJp6d5GmF9CiCSF7vPV1hdct2Y7+3ag2IxgQS9zeK
o9heXRgWeoobYDztiXkLHXiqI9I2VFHtZ69zlA8mXI93xv/pBZUrQjTfmcxNDr3S
XgGDCDFBG22ZEVdUWOmKG999R+krXS0w00ITpO00Qmi0Ay1ZN2QAPLQS/5niB+L4
cdFK00jr8VllL+qjmYl3YG87ZWOGDE6lHvIGqHNBZH4FPYNlzgKySj/5BZlN3eU=
=hLuU
-----END PGP MESSAGE-----
fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
- created_at: "2025-07-20T18:28:07Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA1Hthzn+T1OoAQ/+PdWzTSem7Us/zW2xtPnxdkMPmGmTg1qfSogJzC0B7Ia2
4QiTaFeMNS3XCpbuMMrcZbmHasBlVDXWwysz2vE+OPudplrjT9kClW/6cwXTYL4G
5K4fCY/XQ89Av+pfURTBbkrPr+2911KiH5D+Lpcl1ra92FlH9S1MEbPEgXLgZLjT
oRZVHoc98lDPnumvrz6kLxMPiHwCdAy08sgj6fICeZnMWjU+mgZrJOW1KbFDd9KZ
yOs+6hw5IozLkqvhd3Q0gfgHZ+O0d87zH5IIzwyKMjQVYC6+T8SBikGbk0jStlzt
qkR/PAJg+OgFuwd4lOWcJ+iBI8EP90nqhryCmwFpmFJWBAx3HiAdqE9+vwvy2Syv
9+P2B9AXYM7bUB0Eb8AFhGONhTh5K7qzeq7zExOjr8GKS/QAL/0FAldi8sM32K1f
67qRb2VaX0NKZwOvl/I7aCjrTfBB/6ZZLWVplnIkq/qVHNfjIVwa92flJ/7Noa+o
7TNeh2ySR92K4K4DGdC4TrcxkcCISM7tb9GL8xH3vVS/Ms67IOu46Uea7EnGJkqL
1zkdoiIzVq3oMhhUFIMATYPemuCnfxOiNlyZR5WgR+rD7OhagR5tM+YXAI2MHcbC
5jLcRHFZ+xIkTZWccoD9pulySRCgQZ9y5sFIvOl+OuTI0rziArdqL9MOYQ0XYwXS
XgHewmTVljGvj4P0oa2PqRbcGWft1ms1QjioTQ9MhSk7F2AWuB4HE/hPlN/eY2ou
m0o2NvaiZaq9BXG8GrVkwP5hn4IrDe3OEo9WeCar760dvBB1Z+q2R4F1FyzgesM=
=xc3J
-----END PGP MESSAGE-----
fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
- created_at: "2025-07-20T18:28:07Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA46L6MuPqfJqAQ//bgiphdnwjxuJGZJle0CsS7H5hSQBlqJw79+WXrKyfeEM
NXxKX0tIY0QoIhbh9mXyKEJKr0oOyqO+iLYlLrqgEr2OmLWDbp4+bWl0Ixcw+drF
uq8orbkvkbbxLLcVIBZfwX4foFCMINr2bNnTFb68yTZXpRp6+JN0wy6zzG7d5l12
wKKIfh93DVb3jrxaeEZz02EzLt8py9NWfniLABbIHWZSennOmnepiqCFuqG4Wyw4
QuyRCn7vOnO8fQNxCVyp+OLjg+7d8u67LcrU/lYTrZLYEr1VEl0mmitIuY7M9LHw
+qEMZePfrk0/8CshXmqKq7HiDM266HWAHq3VaAQr0HOk08DZLgzeb41wWDyQoQtr
dEOOuyx96SyOVaHxlttqWE9BHoX2CQEM2jUfvhoG1Ov2scXXB516Gzg9H4YYuDMM
ei7qG/CdO1g+7YSS6gBtz+T0+caolAD1/1LGcvv8/lkAQeoNfcNKupOR4rIiHQEy
H1wS7CnB/KbQY88ZkVHG02EgjxAGvHinfDa1Tv5CmjRZH2Yy6zBuYsPZQGmrH0M7
n7ZSPUi/BGKCJbAs+mkdYimDpmuNh29e3i7NHwCX8+odRhghM4S3ab1sPy5pdTi+
z3MVM/8uUJ1GSu33EXB5Zy973Pn6Ufjr9QOw+JpjetscSz4WHf1vSAe5b9eG7XfS
XgFmyjzLypsn1bVj0fo8FLq+flHe2h405I3hf8Olz0If5k/UCIlgRCU52Z8kGXqW
QJAJerSBi1/chXZg5aKqO9ofVu0MPbhiNRXxMHni4Cm80xDBwWOy4xC8WwiKrOs=
=czBf
-----END PGP MESSAGE-----
fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
- created_at: "2025-07-20T18:28:07Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA4EEKdYEzV0pAQ//eZ4t+Jz7ITuSVmYRGE8jNeP9RCMR2NkML3aEbWNvOjF4
jVhL4WvOjDHhWIBmSSgkyZFhkV/CPiRjZt8LN9bf4ueRcY/yNr03vz/cidlfNZAS
PRS8QZ7UvdjrprLSvTmNJTFB74AS9eelnDXc4bQlnytStlfpsXaOzA1WmQ5w0J89
8Ri5Ek5BmZaVnoYRgKrV+AwWJNwlzmBrq/lHfoncHULfRwJ1La01zEy0vJArHnJk
ePW/5G3+84pRkJzDXCIG67EbLFwF7dWqNIlZlUkFCJ0qZsHVo/eVg1NX2iLRPp26
F0t2ehznDGh77PHWCJCcIYm1pIEVqD9tYsseXrc1Qz2NAjT7EDulYSdBp+kN2WFk
w1iFvGK9Mzc/aWBpDJYdEhe4UGEKMSMYKeqcTJf7v2cX0LE9z1JTsXctOQnByZN1
AsdbcR42xniz8B8vvbDzhpmfBX2xR3gC6DyEkmAieOecsJ/6jdwJAZBT/ea/t4QO
YBTZB5UzgjwbfXJNm4TUWYqeAl0BaSiiZo01a5Dzlo6MyGFjB5VnYRJm0PmTRwDI
w6UFrc0tXIMPLddWcN7UxH7kbi8e0rPHCbJDk4aN+IagM0D0d0fyAxxYy4aaJ/dD
9dpUgYALoVWUNWDooKiPQoUTPujRw0Z//HCpxvmpIdUHrvPePo2vASMZz2D1uwrS
XgGpKromtn4QrWSgc5PIhe1CVDJSD+LzU2cUD8wKAw1X1ytL5mtqlgvZzTpwh0ph
4NtYx85rHmrn5whiGgpxgtwr6o24xeim6ZhRjwbLWvYzLgh3wYNiCXzcUX7Id8E=
=DOLh
-----END PGP MESSAGE-----
fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
- created_at: "2025-07-20T18:28:07Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hF4DQrf1tCqiJxoSAQdABoDixsNCXVm7j0QyJty/LyG72v0WoIfxCkVQRP2uxUsw
R80k8Q226rURPAZGs3D/CnRaYSNINUyD4ngthAtOPVoAA1Ri+ftOScfnVremy7QC
0l4B9DKnWfvmwJY2mnEBFRHf+SM/LpP67mlSVlPuLMFxXbfrxANfM+9RBNRk9FQN
WOej+WCdXOiJxlcAG3HVovIIdVpHMmPpT+YbfFzuY5rV93mbNEUI3bxsdiWEJnxS
=l7zU
-----END PGP MESSAGE-----
fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
- created_at: "2025-07-20T18:28:07Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hF4DzAGzViGx4qcSAQdAhDhJSPNVIKftCaEQI29AU0eiU9Bwmm/F/gVl/Pm+zEAw
HZKLksOb75mMeWElV4oIqXd1YXOfkSbOwuEBurgztLD9d4YWagjmUpckoWJBBvwu
0lgBjlkvxjf1d9xjEWTUw1rzjIlDRL4f2GJl2NuHoHJ4zbnJCUDe/UC5B1UXin+t
JmpvPy+/RJdXl7Hn2GZXC6XoO/GopbiADfLJ+Bm6j7myt2fPW7JtvIG9
=qwle
-----END PGP MESSAGE-----
fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
- created_at: "2025-07-20T18:28:07Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA2pVdGTIrZI+AQ/7B5Ya6hX3Zplxrhyhh45QbRLGVYPGZlaTSwVPpGhLrKNR
KYfpz5gs8ONGO4H11pkmde05T8ClRgHUlIuGH0o9NyGCxAKaCnbOiqcwDijmsMTT
uoW0SmtV9uNVbJsDgXLiESZPLPYOi2hRX5XqZrMPorUZtaEgZiE1n+kFVqQJA4he
67wpCFXvrtE5nVG7oDO/dTyBJ6WOdtTodesfIchlMxwIcfTzJiIJb6UPsJZ2ojfK
EcIYfy7YsYpfwc4tNmkqM9sGbpiIiJ2YhriHzftdMlW5dd+22ltYXXiFDrjTJg21
d9ZoBE/IWU9IwJAjWDDOHweHU0AjXef3Z1Kd38TfGrhEDmnUAYApQXjTmCgX6x/c
Yur9qwB8JY9ixfxc9MYpnyj/hcChKAGfKDKnRt5fOsPa2/6N+JtuSuZ57jVgMLf2
/DBPha7TMyvctQjFfL/ZUjgghhxt/XzKI1NvIxZtclQv5zlh2Dkxn1J6keAWd9C+
qiiymf5lqIyz3vo61q0fzs9gwnQU3peQlAQCyufsK3lJ6Zjxi5K7lqo8kQcdL9TV
P5Bg5lYhXf5heqtLdxN6qB6PHBQ9IcZu+SRadXymugITs4rnMlOiwGSSGicl16RO
v1jtj06e50DETj8Uwd/7RCtuRTGooDamt6oC6/yKfNAcmpGTqDBWws23CRnNHoXS
XgFAmqUJYjWHVxyqdsNcEdtNQl8IWUOtzmvh4rCoNssYPZlGt+8X102zOHu5UkHT
1+F1WPXFTZKbE6D5S5HKuYnNs9r8SSEWyjUY19DxhHsLtC5xbsehz8oEyBBhJ00=
=a1U3
-----END PGP MESSAGE-----
fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
unencrypted_suffix: _unencrypted
version: 3.10.2

113
inventories/chaosknoten/host_vars/grafana.yaml
View file

@ -12,128 +12,15 @@ docker_compose__configuration_files:
content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/grafana/docker_compose/prometheus_alerts.rules.yaml') }}"
- name: alertmanager_alert_templates.tmpl
content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/grafana/docker_compose/alertmanager_alert_templates.tmpl') }}"
- name: loki.yaml
content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/grafana/docker_compose/loki.yaml') }}"
- name: ntfy-alertmanager-ccchh-critical
content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-ccchh-critical.j2') }}"
- name: ntfy-alertmanager-ccchh
content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-ccchh.j2') }}"
- name: ntfy-alertmanager-fux-critical
content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-fux-critical.j2') }}"
- name: ntfy-alertmanager-fux
content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-fux.j2') }}"
certbot__version_spec: ""
certbot__acme_account_email_address: le-admin@hamburg.ccc.de
certbot__certificate_domains:
- "grafana.hamburg.ccc.de"
- "loki.hamburg.ccc.de"
- "metrics.hamburg.ccc.de"
certbot__new_cert_commands:
- "systemctl reload nginx.service"
nginx__version_spec: ""
nginx__deploy_redirect_conf: false
nginx__deploy_htpasswds: true
nginx__htpasswds:
- name: loki
content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/grafana/nginx/loki.htpasswd.j2') }}"
- name: metrics
content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/grafana/nginx/metrics.htpasswd.j2') }}"
nginx__configurations:
- name: redirectv6
content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/grafana/nginx/redirect.conf') }}"
- name: grafana.hamburg.ccc.de
content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/grafana/nginx/grafana.hamburg.ccc.de.conf') }}"
- name: loki.hamburg.ccc.de
content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/grafana/nginx/loki.hamburg.ccc.de.conf') }}"
- name: metrics.hamburg.ccc.de
content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/grafana/nginx/metrics.hamburg.ccc.de.conf') }}"
alloy_config: |
prometheus.remote_write "default" {
endpoint {
url = "https://metrics.hamburg.ccc.de/api/v1/write"
basic_auth {
username = "chaos"
password = "{{ secret__metrics_chaos }}"
}
}
}
loki.write "default" {
endpoint {
url = "https://loki.hamburg.ccc.de/loki/api/v1/push"
basic_auth {
username = "chaos"
password = "{{ secret__loki_chaos }}"
}
}
}
loki.relabel "journal" {
forward_to = []
rule {
source_labels = ["__journal__systemd_unit"]
target_label = "systemd_unit"
}
rule {
source_labels = ["__journal__hostname"]
target_label = "instance"
}
rule {
source_labels = ["__journal__transport"]
target_label = "systemd_transport"
}
rule {
source_labels = ["__journal_syslog_identifier"]
target_label = "syslog_identifier"
}
rule {
source_labels = ["__journal_priority_keyword"]
target_label = "level"
}
rule {
source_labels = ["__journal__hostname"]
target_label = "host"
regex = "([^:]+)"
replacement = "${1}.hamburg.ccc.de"
action = "replace"
}
}
loki.source.journal "read_journal" {
forward_to = [loki.write.default.receiver]
relabel_rules = loki.relabel.journal.rules
format_as_json = true
labels = {component = "loki.source.journal", org = "ccchh"}
}
logging {
level = "info"
}
prometheus.exporter.unix "local_system" {
enable_collectors = ["systemd"]
}
prometheus.relabel "default" {
forward_to = [prometheus.remote_write.default.receiver]
rule {
target_label = "org"
replacement = "ccchh"
}
rule {
source_labels = ["instance"]
target_label = "host"
regex = "([^:]+)"
replacement = "${1}.hamburg.ccc.de"
action = "replace"
}
}
prometheus.scrape "scrape_metrics" {
targets = prometheus.exporter.unix.local_system.targets
forward_to = [prometheus.relabel.default.receiver]
}

225
inventories/chaosknoten/host_vars/keycloak.sops.yaml
View file

@ -1,225 +0,0 @@
secret__keycloak_admin_password: ENC[AES256_GCM,data:U6vt0UHHgz85sO+X1YucL9CIr00LtTaeyGUFZ4bVFarsg7y6gTtb+fCuYKCgsJmNDP9jek8Ny+A5WPkMkWR/pA==,iv:qq2H9nF6/1pUBhJG8dFmfRdxk9HSaIOoTdu3uu5xJDw=,tag:rpEuf7JSQ0092R1aPOojKw==,type:str]
secret__keycloak_db_password: ENC[AES256_GCM,data:IDmQUjQh/QB1xdkwPKqv3ZAwdfy/lkSEdAJuF5MSPCNKfuANRmN+4rH570E3/ZApAJpLAkefh3pufiVbNF8Ssw==,iv:W3roegZU2KfeBDBBImQCCa6VqX+nUk2oh6jMhzbGcVM=,tag:0Qzu8gv5ThtAss4xJ4vf4A==,type:str]
secret__idinvite_token_secret: ENC[AES256_GCM,data:FC9LqUf6wDijaH6JIde9u1Lc4qcqi/XZwQ==,iv:fSgbI4CXMeCKWSyVYyYT+3Af+OdhZ0wsFwNpZf3CA6s=,tag:tGe+xWyBH2VJr3yc3Vh0qw==,type:str]
secret__idinvite_client_secret: ENC[AES256_GCM,data:ImweU1aPI0G9Lf5+TXvVmZwGhoigSJoHMLCuq6MxxP0=,iv:GSGqpMVHq31U+IYtnHnu9RuMt985y2N1PRvrlWFicg4=,tag:NKuqLcb3xPzna6t2VVuIog==,type:str]
secret__idinvite_admin_password: ENC[AES256_GCM,data:fVb+vCHzPLvsQ44wWxfAwx5vRpoycJxBLA==,iv:Co53uRh5fG4pEVxnC6uWaXRrCLGH2Celg/XC+idiWSY=,tag:AWUn99jtuJCqXww/2dSS8g==,type:str]
secret__id_no_reply_smtp: ENC[AES256_GCM,data:Sqc/UkQq/2F78G8LP92YrA==,iv:ObEdXhzHp5aDCWq3r7aUBhOEJ1sJ6lYiYC0pmWmwML8=,tag:1rtneYPlKS+uDzFWev6A4g==,type:str]
sops:
lastmodified: "2025-05-04T14:21:10Z"
mac: ENC[AES256_GCM,data:EgeLza2JhJZmuNase/63KyoVwR33eFRqxHqSSaJDlr8YHQ0Vx6OTGQJTUGzgdQiC5y/AE24Mesbg1iT1+qufeOwv4V9spW3F0Ci3GOBcKrqBZxnnuHNn6tiRe3R0eeu6PLRcat/HSWY4NFz3RvUposC5YaATP78JXgDuJg/wRoM=,iv:FnxDapA+BUfSMVBrTYb9mcSYz5cZ5Qof/PZo44UTXrA=,tag:2FH63YT8Z54G/o/n8s57yA==,type:str]
pgp:
- created_at: "2025-07-20T18:28:08Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAxK/JaB2/SdtAQ/+NIlVMdE2ErNYHjxzWeGY51w1d79/fwZYQmTKL5FXEJlT
3HoMDrDH6KzhUf5Q+AOcjfdifhXi4SP1ZESqndkz3Z5tb3udo3U1sjAnLerUyHB7
Hs3v4snzOx5s6UzXS+sMgzWvpBBJaFMcLYD6+i6X90SQ71iBP3vXrnUSfRYxeHBt
LvY5cBW6S5Z/gOFbkHDnm+DsM5yEqc7rZomD5evqWaj+nD+L0z+kjqtx8E+nRG5h
1zVV6ZgKPNXDpodyC0RHDNQZQNsZHulMQgTns6574CuqW5Dd1pceUjVzkAY3YTyX
fpAwkta4TaytArWkGFWLMcpY6ugwIFSD9hIFQYlkwXVBwnVs9JVVvLWNOqzSQijG
sW6JhjX6YYuXhTd9HTviCxo6Zy/8D59Mc20YFZZXF+11h2qmAwJ20R1L0F0hYKad
ObfqBkI1M2OmMoeECj8sj2J1BWI5f+qEIyQJKMzToKyJZnNBCUY5JTClYxJYK+gZ
PkxrVytHAwVfZ+b82sz7+M8dztPbvxDJWL5LFPO04dgiOjtfAW499vDJRuMXKNSm
kloByBdZJNhtHVx9r1xshPku9rlT4NptDmHB3ktFobYTzRcgZRGMxuS86ILN09Zv
MovjsHRHZM/C4tjDkfrxS5Xsu5uKAwsPpg89UIQ/MRhlydvqAf3WEQLU7FIQNV3S
XgFRay4OHiIMxtLSPRo8DorSgOGv/kqm/Y/7MMTaaMucEwj0bzluPi/JS0UHM+C9
IMhRnsPtCu6NmLlucyBMaNVd0kEQi77vmIFk7/qmXxyQCGX28IqEKKTLulnWcJs=
=mBgI
-----END PGP MESSAGE-----
fp: EF643F59E008414882232C78FFA8331EEB7D6B70
- created_at: "2025-07-20T18:28:08Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA6EyPtWBEI+2ARAAh+BrQJmB3omXdWL+G3nacI6ecm+u6A/R41HOUtqcPk6K
0i8ImmWR9Q4lwZWvYk4yikTkKv3i5DoZGOj5111xLEKOadlsHSEtV8HDtPnzX99t
pZwRcRwo1/2mYUczXTx6TqigKE9uWkUUomOkbHt8+r/XHDJjA14l8e/h9GrXqHgt
B/Ny5hnesZlgPMYIAwr0Stad4NUwZ+w4LoyWvWgPOx3F4UVlSlZGHwD1VHpBxl7F
o7vYllTiwhx4bKSbKJ/IlPhU/i38trX7VK70JifOxTGqrfYw0mdN5s2W+QHoaQ7T
6HTXkEm0g9EGoUxECFdVzes4lf2pMA4ReJe2rRuBZqHYYglS65Exu7MjSSbLkO52
Gvmk8SFWXSswKF1hZUfmttBZzn/TUfBtuM1LCeEalNQH5MjqYXLBJqhqH7AFMBZ+
E2RtAVQTTAv/YIDLKTM5/Yk6tOGTPXUK5Etg54IETWDaWjLexUcdsIl2F7oISoNH
IFcmsfSyxnZnJ7qAnWdmzRinUrtFLzl5Lr/RqVxyYK4ZUaS0QIv7+xEdUR3OBKiY
Gm9CvRUNY0bD7IO9u6fwc1lov70z4qww0656k+4Yo9YAZBI5EluoI0AVVSKKlCpJ
yhkbgGyz6gC7DAlYJmjCjv6/AqZS0STm4KWlKR5dvWrY7FSJiSpCVEANrv34mdLS
XgG+hIT/Iu/QFER71LdizXEBMgZB/E/9UBGLdd5cRBXtp4vYpQIajl2SgUU43pSu
c+NYQjbg6FUxY97k+QD9tlzgErW1bhW8jcZVDbYYrBa1I8arXYBArr5EmIIFRBU=
=BTO7
-----END PGP MESSAGE-----
fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
- created_at: "2025-07-20T18:28:08Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAz5uSgHG2iMJAQ/+M0gcfxMf9f/pjwh9uMCQZ4DzuuLgMzC80L8V19tX7wic
tTXQcRWWhM/4Tpr1eK4UfrSMJuQrT71ezcKk1QFUBxeDkMT/V0+sCkBdwZUiWlne
ASdy3VrIEHFeAS3Qnv1/PACIcaj66FnuTcwUed7q5Ru9i/vskTaBwEfF0P+8EdvI
UJeuMr2LmpyYwNRgjVWcl7s8OUlT2WfDZUnSEPrigvcKMEaDNdEKt2Xa13slBfxO
RIs06bHotCEUwzsYa74xZXW/VJ7jrBwmJ6qB5SnX0/bv4UJuQ5oB7tIiXAYN7nx6
pIUlvXJB5g43Are8nUv0wp+Idx+ALikFNMZj5MliQRMsgJSezVGwJhkqL0Gp4+L7
/yJ4Lcyz3JrqXhmDOhea6Le1xczQzGyPt4XboBY/Wn3mLMTMzFkLGiq9hqarBwPs
Lei7ITY1dsj1mwiUKh/clHO51GBxyo7v0QmMjfODif2GubJb5ip9VrKF3CUZhreg
aaO92rJECzRSEpE9SYqGHqi35vGIGy6XJssunXCa5wwiQdxPcPTcmZc3tr3fxsN0
WZMW2hMOr6Ms8UrmCBNsKGSQqr68dZglcq/AouegIzcjoJ7LkLojBHMoWyW0ulA/
DhX7mJgp8BUR8JzVbpd18XcD3daue9ppD9BgydHJWJYM9uyvRwkiR08rkNdhRCPS
XgHCobH/fPa2NXqpVgbdAkzs30Sg45jv4F8RQVToGfVt0IMW1fyqRLPIyNNlhHKy
uqZThseG2c8KPclw9RzxmYNGzzx2evksZjOBhxFjffli5wjW87OSXK/3O4Ne6gY=
=0foj
-----END PGP MESSAGE-----
fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
- created_at: "2025-07-20T18:28:08Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAw5vwmoEJHQ1ARAAk3LNsug4PeNaLy0/Ym12fIYG1+7vp/5pBzVitEXCKAEH
1NtdtfBixigwvRkFIqNpAAWRLNp8pcqVS/Hv8EXoc2PqKm8ChDE0KwUjgZ54hIfV
X8SCKKMvWRBIoGRYsHYxHYvZbj2ZmqziP7bK7/paHeZ3r8kyvQtvg/p6slYY4RH1
z0NjYqddvL7Vty1tQNaCX7MpXP83JhoVI5UHSnyGWCLze9IMWJt99/8VH6X3WI+h
F0xE78ooj7fPo1pZXkJ6bnyk0oelSU22gl18riG3qOpQbET3ru98+8oycTGQKZ7Y
Tqd7i97yLTO9RZX0V5dQ7pG5ozSWTPwm71X5rJrJ6LCN+03uvvrOPc6zqzzsRQu6
7oPMGMrZlPSS5FJl8WyjbyrhNj+Q1/t+7E43q3lPQFiskxpEI4jBO9qqGQZ2GMHp
Y4Fz2HeOav6SpOtDleS8JPoD225f13PVkUlcTouMG/5bN/coLOK8iPfmFRkbBuGM
u2VDW8GenH+HE7o5zWzOoSSjZUO6MjfM6ig+6KXfxGGHfLruW9AG+R3oUpra/CZS
LC5xgzEpQiZW4lw8Y84Ok91ZWeFjjFSZXqHLS+6NW9/0y6w0CSS1NyimliSYMjor
RZkGW9rzkzA3dkCyy0srH3Q28vLv0eRLgRC/FYolQMN7PoPU2Mnl46aLNTdlyhbS
XgF6eXZUZFb+rJjtXDJz3qS9GeJWIHAlwZtzf42MC690TO0+c1YeoT92M27P1CsV
LP9HWlEHWsFGyqN0YNvyp8bm/0xGhhjB3VbTx0yRPB2KbvZ6Bt2uZpfFoRB94UU=
=EK/K
-----END PGP MESSAGE-----
fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
- created_at: "2025-07-20T18:28:08Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hF4DerEtaFuTeewSAQdAVZpG1ilk17Ksf7kIR7ZVsUc2FuWFd9Q4n2TSO9Ob7Hww
tK9/DaPvDZkzncOqvqeMrnoy9gPY5EHo1CoGGEfWx6sBj3SdUS8SyqbHinqnW0Ev
0l4BJ5y4mteeiKEdu/wymJC7x7PtC9ta4Ox+TJbUaq0iuqVANKClEdQ61KnSdTZH
JUKN73+qZwgD7sGmHqt9FM2TwyRzLSPhJpr31rqfz7/gWx4rhlcHmw8fShSTt/Nb
=YHt8
-----END PGP MESSAGE-----
fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912
- created_at: "2025-07-20T18:28:08Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAxjNhCKPP69fAQ/+LmQxbBOBTe6VxBTB1sj5Kt0BW+2FACuYfc5k3QQOQzj6
dY+/Kyq/tSZwP8lYyAWf+U3dD8fY1miwqCL925DLTYTXtZzka7tpwaricI8emqjE
z0rSYikRpf9axxnrqKUKReZtyYc1qCIIgbz/yYm/LavfW/R/mP03fkjemEurLCrp
v89Z7IZy2VrOKPXQyG0isRMUcUY0lSwYHtHLOPxHVxFNw0Yq07tvvmvxZvRBGCh7
OG0liKNX1Sxn7c/pfi2beXU7ZXTHXoYRCn27JSXA40cDU32iqyzWKFCEDUsnRdSD
O+daN/PjsQgfkMMpTPHwVli0Fvj7IM7Q2HAJjpzLvHsLXKvd2ZxfwyOS0Z7KRH/K
9rgn1Ow+JdiW4KPuaVvvWpQ4K3avIYKBRl/GURk0xvfnUQ2TwyX8lxZ5HKP90ymI
Bm1XN3Mjo8uaRNt4DDBHKfFfhaA2so4u4xMC3Qf6K3dRPGs10hL9tnm/+E0F62TP
1dHzaIhx3uhl6Q3re4CB0R51g1K5s74Qjj69cBZdQfLVmEIMZGtRLpSCBieTxtQ0
C/kWXwPXwRVdBkWeq4Nq99rwaJFiGwZ4mKVoPoxsIPTWrypJzvun2ey0jIpQc4Ei
qQcEv9df0mpQ2uiLICIg1q8aIC/j1UxrcAUsyyPiGcXB+knr+/7YYrBlVTOxM93S
XgHBxdmaKfMkzFDHvPQXTg16FhcCkQ91d67h+3czOghbpaeB9y8kK3LxBfUbz9D0
pTtNlzzSvp9JKP2XAFTSdYnR9WPU1huxVLAPXuauhOjYashbPh2HYi1agOH7w4Y=
=KguU
-----END PGP MESSAGE-----
fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
- created_at: "2025-07-20T18:28:08Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA1Hthzn+T1OoARAAgQwiIq79yFvDp4fKKizLml7Zk2OcxZIjheUk0Mbc+NjZ
ikoJAZc9Sk0LjOF+m2N8v5rPC0TiwMoH2KTQV5GD3UIakFj6mjhj2Ap+l8HuusZ5
oQz57/2JMzBnSwOWAkRVOgOaob7hveq7FC32fQVZuMoQksBFpWOAT2UlGZNAy/TF
q6GTFl0XDrqno01TYxSUF1GchXuaqDJoMAxR8xwJr1S4fjTe1zDR3BrEofBoeIrL
PSP6VcuwBuxDhS57zDJWilh2ssNFi+cEuXQ1rBKn9Ogdsn4xUxs4rVkhDwIKvTZa
nPBdvPxIAzdJc9xGr2NOmFHfFIfwWdZOn2WgAfKe9fJgUUpUy4csbhKnrDFx1Drr
1FXDV3kDt3nxWYDvMVUWY6Cb9ofKDPOdhTHDyXbEPygUzwGMeiM4wqql7jAKIzVA
ovimFFxyLN+ZbCMpWrc3e2wCtJRkKHV4jL/qh0LQbrgrP/whXwiohI8qGGHkQoL7
oe7i9s7cymfVLOMb3axu//V5aFrWDNjfdFBEaPiiPqijYqUMXou/OTYndPjL99Dl
au/xYsHaXVC9Fh2ofTAUfUva4Xl4pXLbIcTtKpGG2mO9eXZQ76PGcPhOLsLWbqtt
5DbY/iVi/ZSojB5mTaSGR7m2uttRYYsP21dZ4ctm1hBWiw5YwAsasybVRRsIrXHS
XgFta6JdmtH66TJRMXxEspN3FiFgqH/Xwa4TDAn0LKuNY0BGmOvTMGvrBwkCRnX5
8e6/Go2awGo11809rdu9ISrJtcCIXcKSfKpJ0RI0c+gq5tY4pVUkY+PqGUU1TkQ=
=cHyN
-----END PGP MESSAGE-----
fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
- created_at: "2025-07-20T18:28:08Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA46L6MuPqfJqAQ/9H4OlcOu5yxy3pRuLTi3NOOmlzZyscJ/erkZ/2AisNtRJ
iseRYUaUis1QUFjUggDXpHrZFoh4u7xeY3GIIKie2lmsXvLQJnvwOlaknImsUat1
+RrE4qU95nNcDJwCGbozmZSO0T1SGGKNPUsCN0ud22plIaPfgWyi2Ua7mt2l/ysi
w5JXCYZiO/EFDc1z2GA7sXNDqYCyM/LgiHUlutrxaQ7WfyDkIJQrSkHfRPxm8Uh7
K2FYFj4uOf/2EF7hpsUcoqtC0AZECOtkn4Qs8bFJkVcowg0RoZn43i4utXenC3l8
UMVPLx6YLTrueqf1eAC3n7U+nKoGaEYiZaMcsWLKGlyw2hvWJhLsYY9Mp1peNc64
NRD66js+L3DqnR6y2iCOka8ZExPNJRge2lq0r4ShIpSPdqd62/aQvnjNbr2fMInw
QJqxmr0ognQ519dmvt2QkstIu6zZueFrHpfuIdd0m3X0ig4XZ5Oi8NMqb2FjeUFY
q5DQSiv3UOi1YrXwxYKtalIwBZ9BeVYgh013GkEpaGVtxSOwcYu8pzdUoIphHwlK
o+zsUjcVZSKA2wTgOMIxxVzZnfackI7OTB5W2io9IiaFFRAS6RC3UHxwTKjZGQHu
WcPc2MQPP9maBBZFGKNNv15m9r+1vitL5uwqhQYvsWEiFstMV0KsIp2ASlNIKU7S
XgHyFg+Hht+0GucMjMrTjhbwJm9twIvQ7OEIQb9Tmh9yL6g+iMZ80PoOjlOKFBk8
ZSOclmYTDMzX+Em7J/Ft7BOsppxqqUuyRB3oV55snUn9cRvebjn4hMllVDJ6OCE=
=Wemz
-----END PGP MESSAGE-----
fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
- created_at: "2025-07-20T18:28:08Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA4EEKdYEzV0pAQ/9FkAVj5cGoRGQ8frGlq0O4Pn+Weooy2vla27lUsArfkqp
UrIw6C3TGc+nN75atxO37daaQVh+49afu5Qi/tFy5drgeNBMkWU9BmA0gAXCKnTI
EhZ3O4rUbQOxSo7H3doMgfKqJrFes65InTh5CwdUDGP6lCcczll1ebPFH5qxygg1
StTSP6MwzNBcX5PfNpTJFHSkVVJX/yXitZv1LdzDQ6LQeu0gInWMGqafrSDX3EvZ
hamEvBOr7KbuMCNootWp0zkh6uhrgnQY4xGirEulGSUBEfbLf+V/C/cuOFK0jl/b
zd4R/8Mqx3AfIdDioiOl65Fh4NelNpPMZ5Z2viS+U4pRJdI5+7nnSiPoGwnPeS77
OdHZiHd71VLJSwW7r5R6FmM9dfKg60EUAvyVZXHnt63vCJybGw90WrRM8jdFZYcG
9Zj5U2xywiAN8/DzBUC3EoR7arzp9WtGMCskU8XF4wANClbs0pAOXcVoZ+lXVo1R
u2skGnob/hVpwLa6VUWwS3/ph9GO0YTTXnWnsXem+TTx2wg8HA0QZ3hdKiSx60Ab
QZElAJUe22GiMexBkleqHX0kF4OjX4h2xclihzlI9sHse9M/5CcqWckODacNomQZ
NiJj91eyxkA2TI3PXePWjgMtc3YokMyszviAu+uwuKU//7BEZrQ4IU+httWVzO/S
XgFzyY+zfWmCDo2fQLxWeL358VgDkJUPY/J7JoqDRzl9qkfkrhruojqjOly9v6ig
AgQCVoNzaQM+u35aPMaWW4Fplo62ox9lhbeXJ0juAFPFbIII+47GGFFhvOMbprA=
=KlTG
-----END PGP MESSAGE-----
fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
- created_at: "2025-07-20T18:28:08Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hF4DQrf1tCqiJxoSAQdASInfjzYXG8OBDkWdFhrhM9MbPOqnACkmLX/iYH164nww
RWN4hXfQD+mQJyVdtvx5oPp1ALrX9/HgWaYEyLCVFGEI4cra3qOuvG7nXDCrZgXn
0l4B2jTrhAeQlelek7YdVvmBxD+pZZzlgjwUccQu/jyqwBOuY3uUEHqkOfaTynwa
68U9XkkVgUe1rRG6oYlHMWcCgpGi34HnO3oyv87rM8UG9a+U5FpErkbGgcFvkjxH
=64mQ
-----END PGP MESSAGE-----
fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
- created_at: "2025-07-20T18:28:08Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hF4DzAGzViGx4qcSAQdA4xYlygBA92kiyWrSqky+2gpCEPIRjSwfzwPkK38XRlsw
Zjr8hIWzDiGd9uYE6mwdUMY/OuGZhq78ii+vRl/ul8bINDq1XQtG31MAV0sUhMaF
0lgBSAg93UUf2PK2Mme5QXqHBXwkMN1/pjIZ45h+EVedTrW2nX0VzdOy/yrr9Z8+
Jr5jQarfxEmvY2TJpUc2FRJHoWOqtYelGqjixRtJ3p4ZkhdPS6pJezfL
=sUyW
-----END PGP MESSAGE-----
fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
- created_at: "2025-07-20T18:28:08Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA2pVdGTIrZI+AQ//UKGVELZbbBiY1+5xjEUNKbB3EvkeKXfsHrmT91TIE+0H
A2tOb4+rz6Sg5gjCRZceUIDGaOsy8rEo5PaF4l7gt/ygB97szPmPlVVWCQYsOFkj
E3XxH7nwofDD2y8p5eHdZ1h/txwoU62h8aSNmUVK/He9l+eF30qqhQpSe+L7IqLe
lPp9OG4WLLRPZG2xjmC7NxVPYALhA4r1iIdgMXUWBW5FvS3PTEZAdQ+C5OhzyZse
3gehKnvEfJsEOcuCaaOGqEMeZqjmaO7CORZDoYEehaG+qOAw3Zkoa/nHFn5CN45Y
kRqxCJSlbjvmvWwdOZ+dLpx4xhvLKjYljswcK7IiS299KbyVNYln3A1pGEx7B/Du
YgpHmRNa+HR2KiedfxTrSS9z5SnBFch8s/ilkXJC2I1/T/iML7IIQazG8tqlpoja
fY8HQy6TKCKshP2wcjZ8mDZPCbxKRgvqDQ9f76CRgiMixFX1YBqarCX+/zPW3Vn6
hahwPkVyVTuRP+atDiFEGm+6OGOdQTNx+kVjKqi0ycerjbfvsawHAzlH5hTMKe6G
OA9b8lhJqLpv2Aqejo9JPZj6iSvhm3sPTJfDYocaF1ByHE8W6B4jLvMw8w7t7/kh
iBZLhaqNt04A/P6HXbR3cwzfi2FedxNO/MWPbUd1fwkninDA+jJikNMshT8NIoTS
XgHLZrq6ojv9A0qLv0U1mc43YEsc5xqJ/Nbelrq7KUODkBadyy8gE6iCqliRVJd8
Nux3TMgoXnT9/ycPPXwC0Bj1gnKZLf1lVRXjXelUtbLRiuaZxYB5fRsQVunsk/A=
=faMy
-----END PGP MESSAGE-----
fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
unencrypted_suffix: _unencrypted
version: 3.9.4

222
inventories/chaosknoten/host_vars/netbox.sops.yaml
View file

@ -1,222 +0,0 @@
netbox__db_password: ENC[AES256_GCM,data:4k0wmOe1c5AE298Juw5HMm5dttTKB1WsVxha4MwaIILpyIbJO0CfmzjYflfBTFPPGgVeuYdCobzchzqkP+8eAQ==,iv:25Cj2BLGJK9tMDr42AqV1IzJc5zG2dk1YH5vC0b1T3M=,tag:knyB+nALZwME8y7CAQ4BCg==,type:str]
secret__netbox_secret_key: ENC[AES256_GCM,data:zPzoFK5Sx7gJ31/Apwex9ffFU/GY+HxIfwrItCW68MM4kVvS33e+LY4cI0vbPYEUF10=,iv:SjpKxyxSAVo+p9vvE/YAQFCzAEudcZ1lwnJ6scxeQD4=,tag:oA+lBep610IfelGwdTohvw==,type:str]
secret__netbox_social_auth_keycloak_secret: ENC[AES256_GCM,data:HP753hmQ7ssbYSQRH0zcRC0vRN5bKptvMXo9jjzcuk4=,iv:GQUoojXLAJxqdB92kKLhavDaka0Rkkg2uocBLshdvTk=,tag:LVnL/JHMsAd5UmmpnUv7og==,type:str]
sops:
lastmodified: "2025-05-04T13:54:30Z"
mac: ENC[AES256_GCM,data:/+JlBnsQuJrx3+CXlH/0dtst8PdBw7cTnUpBavcQRXFjd5PsZ54kUCosFu7Y2ngL9xh6WOWKSJCKpHFb8TCrBhslJz+8SQiH97py9m59diMwG5m/RF3I3YHBIoonSZvl8ocDTbz5myycS41fad3CMs5XtGt/vEcceSFhgqjZs9A=,iv:yL8aRIn22zmTIQ53/e71t6o2z7q1fyvmgqvpz4va39M=,tag:DH1oCBbdOgK2NdanzMSn9w==,type:str]
pgp:
- created_at: "2025-07-20T18:28:09Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAxK/JaB2/SdtARAAgv0wpzF+jFkc/5dlF9m33aXqRacTsTJutFkSv+NcCHwL
nbOjXr817ujXarA+NNFeu58FQEW9+fxA1T1O2azbgtOz0xXdlDfkSkS8kCm4B335
cAu8B8UwDwMOpiRgmHrsnFmvDct1sOZ/tgnd6AB1bgSyKijNGtdIfAimbOM0pEo4
pNWkwh6WdsbjpSFohfuh5c3yc2unCKLV42QDyPbGYmE/MP88DW/bgBNmhept1vGM
k72Ih1lCaRcqZLEDaL042ttSqk3MCK8tbAzq5682MAyIJGq0H+OU4uysPgsxy7GS
OGDmyDHOD557msVZ+ftHpQKDsHMdN//DDo66uUR4VCS2IqILVAo4mFAbmbzF+yZ0
Bt79T2Cgd+c2GdhiZ7pADtuVmLGE24mw5FXxCQxb/fbouXidH+2neVIjPCqzJE7b
yJoaYMIo3gWIdIM7fhlFnWrh4KGMh8z/eaVW3oG2uPCtO5OBpts1VCmvcmBBE4JT
kTz/1w/v3kz0rwze9JTKXHyg2wK1chn5V20T+5SwP6MAL25zxZa/tlPHEIH3lte/
x0LHEU/5WXcQLYpYxNF7yy0mrwRlMs0SLRxC2l1Txk/O7xFffnFL0I5vBluxLU3y
FMB5EtIUamapM3FuOC+hzf9rCE4I+fQJ/8aBQD2hjzOQNamg7CTXTNWldbzKL/DS
XAHo8+Rd9b1dvjzZfxfRp/bF5Av2bfTO65lb9G6YiBHLD7+AFbo2Pn7NWh9X6J7I
qpYAK9Wfs0sFNm/UIhmSkFJIXmlhMbrsp14ebfH305OSoe+dvkHfLD50frdG
=3PUx
-----END PGP MESSAGE-----
fp: EF643F59E008414882232C78FFA8331EEB7D6B70
- created_at: "2025-07-20T18:28:09Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA6EyPtWBEI+2ARAAkHsW/Uz7zqX2bvbgP1SlNiQGJ979f/wAHA0q154N22r9
02H3RB9zlyLQhEYlBKC8X1O7N8l4ZTod5GNGeWeqiEUacTve084u+rkrLz9HaNxt
Tfdpq0fqGofEvThOUB9I2B7yWahg1g+D5xee1PLhB03dhMwlWgfj2hD2+7oshlTi
USJsY7mR4GImWYVqcm9/nANpoQzEYJ24K0h6dw8NBDvgLPQAB8h6Td7DjXJw8NX4
21gfToS8E62gUV+K66MYwCZWuc/FxS2DZz4pewm2R52ReP7yl/nmpqlYb0iCfiTC
RmxhFbV6+E73sPzKjK8BJDMB6k4uPHFu5Hkh86o3XjwkpAaX84EzjVKi3VIGTLG3
biyeWwh6efCjUhXptaGTIFZscdGiEDJGtTn0Z0J8iDXotb6pZms2Cde+oXpg2CBX
i6uiKiz/KtBaRNYbrb8rcDQ3IHcO8WWSvAp6dYrbOmY/bYu6q2dc4hhTVs4JFVzr
5I8m5jRQdzyhaoB88S23VKS1jaOUwYhN1THKPAmcR840kAA217Jq/GwUoBx/G1t5
DJQmStvo5f+nYBB6N/PVNzUWLU6gblFYiYnDIFy8hFHYmkmmWjU5J6qfITyzTULa
f079U9SJiqdE/t5UELAPbvIz/Hl0nGemJfit3XhZV3IelaFCxSJUR4DmE+rXTV3S
XAE1zXyTvV6b9bYkjY6UvUMETH3NbR3yYjn2CMnnHiPykF6rK7jXQ7Z6AP+drna+
q9B0cmmMmGx1LcwO60wBOdbDyWsw/6aCt7SaMwX7CXw8kzQ7ZNRQDPrXtLPM
=3SiJ
-----END PGP MESSAGE-----
fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
- created_at: "2025-07-20T18:28:09Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAz5uSgHG2iMJARAAyfykThjQAYOrOMy+nHwMHNXhmQRhHwtLIb+WEekWkRP+
+t88NlZ0fgtQtKVZbme8V2a0TCFXK7DFmC/6ZYtawfSR6LsJCsybQ5iEXEiLnaMd
mddYwQocrHC8/P+MPPvG4Wu7WzPc1yl95k/GR/M/o/Jef5nsmlfsO4fEJbB1tVTc
rGjFZidiFIsJ12Nt0DavJi5iV+wXcrFkAEdDWSCbmp+93IVK2kEeSnSEJ2I0JOHz
8EuroP9wGFSaq2pcVhEHs8LBm8fjUizMZGOVTjZPVWLH9Jc55Qwm+APKBMHkoAEW
KaX63+uj/IgqDKTo556JyYhK4ZzexPwduelsWfOYOY+r2coW0bV5haFEq4pvHMJH
7A6m10lM2XcUzEC1j9r0BxPJuLtS5sYhub9gWsgxHsCbgArKcvkEfpC3ZRJyOmvo
1EbB1Stvh4vr++ASmHlLl314qpLSt1YEYtBhGKg5XUPnGM86fOYOtH+pX9fOM5dk
xC4CXKLRmOfRcR+rllGoliyUrrXMTugf5r/UEeYOrSsKd40JsVPVC123Uoo8Y2j9
FO7xGVQ3WBy4rDrqjRXoV1nakdKOvGD8iS0hSGs8yk569YtKA34RLAcwpji3U+sm
wIE4X/Z6Vyrsht/PvsbIcptexG2rxq7dze7eZd1T5C/pdcwh+rQG0ujJ/GB7klnS
XAHpuT2TgiN3oGIKMZh2cqfJ/rEBd61pvWMJQYW6ve2JhxSNL/Zo25GxsDoCzoqO
ruhYleZuFEYyuVIJQ1ePwt6AeQ4yy2PaNmZAJgW5scbSn0LKMoX3T8oRtgxN
=tPWV
-----END PGP MESSAGE-----
fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
- created_at: "2025-07-20T18:28:09Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAw5vwmoEJHQ1AQ/+IFSE4p67ld1nl5V8FYCHwDoZBAFKBz89KNv6nMmKZiVE
sa41YCWky0d8Tv3QXiYyL0jZuyQpN3DSXNrtQLHbjHya/mvHT16Oi51/A5ZvW8Sk
dABW7DHokET8cmtUpnhpx2hKGG2SbbkkGmZCBKOveVn5wq5VUPDqJjOF0P4wZWh6
IkEQFfequPcCsM8MAtM3ocC5Lkkjwb91p0e0A35gE92kms7iPE7ecX2DJIiaATIs
ABRmcgwOJeuYV7nhvpFbq5FSBUXvjuVN9IGfIG3Dl+IcCYg5xF2eJWnK/sOiqNmc
uFoPkaoueTYEZkgwg9ItAvHN853WPzt7ppsduEvd3kwnsCrtj+veylr1upTjxQJK
Rx2+a70NJz9+eaVm4hLMBDl9Ov6cEril+vZU/N0x3tSQ/vZgAJ+ofK803k6717Mn
TkSLjLkP6BNoKI7DLMLfxiCy0IssDsiX1po2wPSn2sDa+4rYt8U9dhfI8wYzUF5Z
T8IGE7ZdVvGR0FfxbPdFgxeNJSPv7atIWemnqEAMQ5fVFQ3JsBS8xHoqoLcLJHh0
Q8A+HPU3oSiU2ZjGlAM9yKWdUjz/DWeo0HodqaNBonJqCaxids0P0oHSGbTB6xY2
pYYXnD9knobCUr/etjv1eMvU3lIi8bz8Xmdn4KKmWr2SQKmxUU+9Mf1BWWq45PjS
XAFK4pHgiE3+YLK4ygIrjBFls6g3BPQA6rUZAiFzsr2D0g16rejdhosacoJcKcGd
rpYHLCfu1CfgSlz3Qx3Ass5TD+xwHdsfT9SPpRQZSoxxpcxmDUcYpqdwGeO7
=Fnjp
-----END PGP MESSAGE-----
fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
- created_at: "2025-07-20T18:28:09Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hF4DerEtaFuTeewSAQdAHaWsbzMdKQlM4f16MMkD06MaR9hPsvalNE1/K4d8Mygw
j5vWYfwadl8XuI/GRoyZG8hnddb0Vg545yVcHk/+0+W/SfWFzwhhvDUX8H6Qr8n8
0lwB89rZt3ztUxEN+C/0UAlhFZVb1OWZ+xpDC2u53j3f/zxAtCUKjJA/cqlL9sLG
u037d6B3Wn0XZsmC+jK67BFZiMWs4ZD5oM03rXMLqTVMuDzjV0LO5rUFDgiq6Q==
=CzYe
-----END PGP MESSAGE-----
fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912
- created_at: "2025-07-20T18:28:09Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAxjNhCKPP69fAQ/+PmNa3+9KdW8QK3Qp0xFsA5JCwFJ+ePnZqSy++0o39Cxf
htNykQUd1aNmHjlBTmfomzoGe4L8mIRULbVRDB39d8bqHI2EIUibFK2MPQrSvF9x
WLk3BLCKjBf0jja6y9DsgNHMIKOVKJKZ8+MSNiEwPr5yy3t+wRXIE7bTfRCSj2vO
mQ8MtN6XHH1klcg2MzQ2VBgt0/TgKNYRnF18d0bTzNTPg0XMosd9vT3HIdYNVtRG
Bs88WxoLQX4ki9B00R1diWneW3TNkD+SG+3QdbQYbkwfKVE7+/ZY1zbmAf9bUfM1
FAyUeUH2ZfiqDnGTTSQEyLjWXsPx8OmaeWHdvY+Nay1tQxfyvdFldjmkhnhUYhot
epu4o0vih7y8dPAPvD2v3eflXo4I0R8kANKDkVZmB/ugayeR27Uv6+Rb6XQ27aKc
qrYMEzWsNJ14Cz/mM2eqyPBaI5mxhttxlFuPRho+wz1XISqsmJz14VojT18dtY5q
3gv2dvzap9+xbs2+d8VnNvjWzocJYXy18ZLoZomNIuuKl6s0OdNEQxiC1/riWMIO
QjkbPt3037rtM5ZczhzgFLm1r45/nFx+T7nm42fEVLYnEP4Ln8bgvsasKHOoAocs
QWxUFMQ1VAyMs/IftTnxMZQe6eJmqHthH+3q/wYhIqsPy3r8gnkuqjqwoCb/XTrS
XAEQB91o4HxiecHP6Ks7QGI3+Z1CbEF3GWBrhCVtI0j+s+r0qsSa+6zeyaSK2Z2f
uRQijSuYw09UTsQHY3dsxZm1KNebkXXzVqrY1Wt9Qtf2Yr2seZiCPygvPVLB
=aDv7
-----END PGP MESSAGE-----
fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
- created_at: "2025-07-20T18:28:09Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA1Hthzn+T1OoAQ//bEgJM9+WRz3K5KwV9I7fpiAb+BoXfNWh/mnwUGLv8FRP
aq72bbw1vXqBhI4jkna42eJVUm2AThL/q0QOJvGKDtud0MjJyS1tZj44kfwwC90E
QrybaasPvZ0WOLmSQO9DW8oyoqDqM8ue8smN9HJTOfHl15QV1oXWYjH0j2l1D/AC
2iqLW7KOzo+zFr3s7HxXnCgv9/BwqmafW742aKM8amRb885b4CAzFKvhrYlvQ43T
Tntgp63veu+IIW1YiqrdLld+hJpPaVHHDuCRANuQ3r8hQlzjOMC0ZeAW0uXnRuIc
3fOk+uQxV/POIauSQskUXSHztD8CacVjUyySi0+ZFTtJo39ulykalVy01UCNuWVE
O1cJW6I5ItpBsUqb6KZyMVVgQa5Iv4JkrTEaOsPXC/O8wb+JxiAz06rb8j0rn+Yx
z623wZNi+QwvFPc1c62DXFZN9sxFY1xcildSpjh/h491FAUE+QKYEPIMf7ChyqRw
uVc9A1f+tJFI9M+gzWYI0A0+Wbl5V4wMdJKzzSyZJAK4+AyJjfpwHRU33vvOk/MO
Cz5VdrCs0WQ/x34KauuM//AranbqjG7QLGVZT0pkknSyG57NF+T9KI8aZ/i3E1La
9LEnMf50WLf0kBX7OrGryFs4RrFNWsTfSt37X1EZCmWubGTiINc96JsMQIa00bjS
XAEOFQq9PM2w/X8RyLnaE0s4m0gau9baCQxonUwq37S+XbjKreupgY1SldcyVMsU
RUWiwJwVMNI3UGdQ4LBoJYstTEhH2HLQFZecw0dlZfrLtGgWJAPYvRWAx8uw
=iOrq
-----END PGP MESSAGE-----
fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
- created_at: "2025-07-20T18:28:09Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA46L6MuPqfJqARAAjJP/zQeLJ1qXKrz4ck4x+8z1TJx91XQU1aXLWLZjLcAw
4v2G4ikG75WLfJcHaHNS56bhYKhPt4/xzmse16O8xuztz8xLVKsYuChna1J96IiU
pk0GbfWK5N/BVgPlntFE29gwXc2XhBSucHVwe9XseuIAlu99+OSf18TVXC41tKmQ
ZuvxgLMy5gLlt8fLLmsrgU7JM6QQXD/zfdziI9acrDw4CYKgE0Yt16+/JGCO4LI+
2yeoV/GvFTS431lsVmTxhC59DVNCVXW36o6EKQxXjcLFhuzNxCSI+hUZYJr476XS
wgdHQWoKrTL8B6l4nJ4/2zR6ltFM3JZi62aNW88DvW/SmJsHXt1b1tATie4kVpLo
S1ns85v0A4NmXmDyxiORVbGT087AvdtoJw3TbLNNYiWdE1FakNW9KVcjVeqly9XA
Kjr72wdyRE1vyjsuDtUnM9Apuo9V2PWtfqrsNqYxgK9WJPFEzVlvhD1CkXXXsdfh
ncVIywwU0CYG9xOAR7DTO/pPKa+faZStU3bRlE89D+9+iUkLXqJnjx4ZPUeIMg4v
oByjEAX0jOqJLsUR10tSmJ7hrmdWoKSJTVEdx6pc45jyt6CZD5EOl7qMlteCVZAg
gkkZ71uQLde5CRFrEPIJ3UdF8xDvnjJ8HgoaLCv9AewMlWiMNrGWV31rFqp7CRnS
XAGsOtTt6y6VT5C1rKamG4IKK998ycirXQPlwC1svxP44sRS/LE9OI820jEiGUxT
SYeFvLISOje6f8Qf34hP9X5MmyxQd0lqMiOt8lkGj2GDqFzKsrKeu1cpylby
=Fivv
-----END PGP MESSAGE-----
fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
- created_at: "2025-07-20T18:28:09Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA4EEKdYEzV0pAQ//WS8zjYnuGKpQ63BdGAEU55mAlGu8etvOLlj3JGL/EAjX
CKadwY1gIPjN/AZzDN8twadasFE/o02Cz1hLAPQIS4IYgh2L5pZZVm6D/5v0rQgJ
Da74NBoFKXLD7D7P/+abLTFSrTG7u3rRL8AAOsXHiMpyxn1AgvNPS/lHrdTWi/7Y
RfvjaMqjynZs6tsOZrQjUjz1mdwZ0Pl0g4soJ/4KBN5riz+U5wubKb8g1qxEaWZ+
CiyGcF6rHfL1/7rugg+Z7QhRlW09wAqkQzpeB9h3rIqczqsPZVuw2gtBhSnjAGa2
i2q8HWFwegJYMemSxtqyO4kdtMp8J/KOXQ235ge96kMfid0muFeqD4QehSqaSta4
gJsPiQslhlRyBUraTAzWo+1Pgx6oBpU2Z4GD3xAsKyQ6m+wVg+7OsZJYXuMt3Y6n
DkMfbjJOvGUlN1XiZM5GT3YqRFFXpmn1NZ4RMBHv61vDuq6z9EWm/+6i/tR/ugxM
Y+qiBYohMEIwdEpzlVZVQElCt9atKPk4YLnpele/midAKVwtBnQ+IpNEjKEtXSYe
QYDRVu+OkYSiMxvnJ1ZmL4lKJVHhHtQ6Pi4xkK0eTPUaWvCI6T+t4Dj9r/OJTbLW
APOXEQ54CnDmGqG83op1wdMuwmw8edEBowogILlUyaP8mB3cK9KJt7B/31ntlc3S
XAFQHLwHWB3PjCYiegJYQUbXIAfL/cdTwwBfmX8uMDerJ81IQSzu5hVDhIL9pE7l
UVWxGbGzfUdTE2U45M082DrjTmBkV3RdE0Y3JaBqPJ0oVQh6p1aM4d2aqyhk
=nWD2
-----END PGP MESSAGE-----
fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
- created_at: "2025-07-20T18:28:09Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hF4DQrf1tCqiJxoSAQdAr+L6oXEIIepvoeDrCt4z9snnaxL/Pmp6dpCAkxaXXmIw
5J6eEv5G83So6+XXJXvOaoneKu5qevc0fSbEBAhJfKBUYk/ygb5seBcGycBWQhDL
0lwB+3jIywPou71D15VbcMJQuWshrGPkpEf8/7aaL3kiZAQbxtuajECD6/0zk9E5
/owG/AWfR/W8bHJ2S/CFHb+m+aLHWI0emOg/OMGKjLG4JrarB3tbdsPcdH+8jQ==
=K0rr
-----END PGP MESSAGE-----
fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
- created_at: "2025-07-20T18:28:09Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hF4DzAGzViGx4qcSAQdAkzDgkAALby9UfWjtDDCJEgMH/tcIAHWeRqOx7CyojjMw
0XdXIl6Q6x82GOnYKtJuFkvpGc+fSoREGiAVCOzaXi9J3vKUV410nSQEpyXuiC4c
0lYBDC0rwF3mDKX7Pd7LZCH5ImaJiUB26Q6M2k6bfVhSyTygADlqcrvev6buc7sC
1cfZdBGkTLJeqADe5p3+wJvHiUvK/VhlwV+hXt8PBkywDpSyLgaGWg==
=x/XZ
-----END PGP MESSAGE-----
fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
- created_at: "2025-07-20T18:28:09Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA2pVdGTIrZI+ARAAuQj5yvmmxjrUXFquA58u8LqIIn9lS8fW04vvO7s66Kt3
RhwiM1K+uTpPD0IeYO4t7xUpfQwxLKGybVBvOnjisWyTWZYWRPvpqpR8mrt/od0R
3GcB/hval/O2HtL/CwtOwMu4RcfNKVMozLpZjWYZ5N61UgHgnSPxqAbizh2MDPJ9
UCM3PesL54kwBDxGUgoCOD+EnIlUOIFFrys6GLWHLqQhNsNgOeXtYQAiFhMuCzqC
PVeKqOJrRD5q/mgRnOnMhXC6E5xgOOHB1war4rDaEF6rx0YujgiMt/c4NTqFPM36
aMF1Kw/XawEQthhXdCcxYtQefcAs1lFhAhAo93tGcqnwQc6MrfIgKJV8pdE8FBAk
xGhzQlwjQsilJ/YoXvNDm6Iy0UH1WVVcVRSKE+ogC9dw1JyG3tu4kfp7GioQvhkD
tGEg/9hNMcWXa7Gbyr3kCpmTHuaJGaC8R4dy0rzL/SXDMfWm3zbFZVZoZieOuzeX
gl1F6bUnc4gUnlOa2XPYYrIVWfQMdAJYbj6ywvl0lMLxeOtStcYVD1EdRhiGEWrJ
9YoEjDAMg99WHfEvNSe+90CnBPY/UNig97lcdGZzmKAYIMh5OutJsS5t+Lx318Yn
C8dDvk7QbDyG0lgaZHAAeY1SPbVW4eUdRxZIOrGPsiRUpzYxlExLVdy8vtXfFHnS
XAEc6y4UA3fhOYN7i6MZNVye186v9gZZyGjeZX1nLJN130A1TwMOg/tIeuFBmxpO
0C4SX0xckcZQuWCR51Xjeu4hDCeMVQJuMJaypjhVoyQPiw4yaWWbELuSC5/F
=ERpn
-----END PGP MESSAGE-----
fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
unencrypted_suffix: _unencrypted
version: 3.9.4

1
inventories/chaosknoten/host_vars/netbox.yaml
View file

@ -1,4 +1,5 @@
netbox__version: "v4.1.7"
netbox__db_password: "{{ lookup('community.general.passwordstore', 'noc/vm-secrets/chaosknoten/netbox/DATABASE_PASSWORD', create=false, missing='error') }}"
netbox__config: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/netbox/netbox/configuration.py.j2') }}"
netbox__custom_pipeline_oidc_group_and_role_mapping: true

227
inventories/chaosknoten/host_vars/ntfy.sops.yaml
View file

@ -1,227 +0,0 @@
secret__loki_chaos: ENC[AES256_GCM,data:LWFTOyER+m021ogmXYBrcr/2fUe3XuZhs5ho0KbM,iv:808LWnSUAPeclhsIgOyR6SutTvJGOu7mrGaVayo7v8M=,tag:f2WCPyUESfMiGDQ4Km5Dyw==,type:str]
secret__metrics_chaos: ENC[AES256_GCM,data:lAepzCI4pwkF8KiGYzGnC4dPASdHDn+LfbJTFSvt,iv:EUW+CGeYUqhY4G1kb2bbU16j9iLwABHfRCdn2vac5gY=,tag:IcyscB9lZuZgC04XTxDb5w==,type:str]
secret__ntfy_web_push_private_key: ENC[AES256_GCM,data:YqNEYa1Ln3NFpNoIuBUN1V/WRzod5HAtYueBJYHOwyM59cCaYhQR1S9aQg==,iv:t8bEs5ZAEe6pqbbOb0mpJdfgruX1P9Jd+sbNurGqkng=,tag:Cdy5HKkvb55V6AeRt+MVHg==,type:str]
ntfy:
user:
admin: ENC[AES256_GCM,data:kwGLrQXBiqKRoHkStGzYiC0fbcGgQHdZrrk9NyZtcZcI4nrKTGx1sxrHOMI=,iv:ACrBFMOP6rkfshOgB+a32TFWH1OKhQaoHcYgwHx+tao=,tag:2QTWmH/vAzIWAjaOHOkrXg==,type:str]
uwrite: ENC[AES256_GCM,data:Jijz+zCPpzSaIEo0xhicKlMhWSewJNJ9GXJGYuohq1E=,iv:gnjEX3N0txcBIkJm5bOs4JfKVsdi5URgoMAmquCMqKQ=,tag:Fip0hA52NeaMODb9XxjInQ==,type:str]
uread: ENC[AES256_GCM,data:ZODLyYx15c/rPzKexoLURwA=,iv:WqUrXexY/RBAseUwiLPBVYpA5zqJeYBW8mmcvPvjtyI=,tag:SjB4OaTgIaVKHDe4JjDN3Q==,type:str]
sops:
lastmodified: "2025-06-12T17:19:27Z"
mac: ENC[AES256_GCM,data:mlJuYT16bx9nEFw9IRm/Tf1y0HF1aVzx8BXhf0VKWkrBQCyzx/qbjIBXIXl22wzMrz/KCZ/diNRx0Wdq2J2u3n92NQtziiDZKwK+t/zz68+cCZAgktmO0vYc+BJ5GoJPuSmeMwHkaJqt3zYGQNzOJAYK9DPrK2AIbo+O21FgtvM=,iv:c5AmWi89ZLR00LqG+bKnbW3WfmIYsyz0X9A5r91Rar0=,tag:x3vf2WTu7naRdwQbKfrJCA==,type:str]
pgp:
- created_at: "2025-07-20T18:28:10Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAxK/JaB2/SdtARAAqRsY2gr7q2ZVfuiu20XpFK4czrXPpp65Bpe+6GWfxl7G
hlS7o8Hb6+l7LGyjpz6Av8aA9OALiL+9TdDHUSzrIuZayC+Z6SQ8e/zcQ7TOkDxR
QO3lGIG9coQwDQmHNHt2VytBZYz0lffKSc1PCAzj40n7GKM+ZGCoTyhwwA3tRDXC
SOGz6Jq/tH38O4fb5+rFLf3jIT/b06zCP/Zz8Bo68emYhmV/f2fXqay707HtMQQg
gb1xhyFMzyJzQBrUogruDhXKqVVq4eih5RAEzvXjDpGaFQ69eZTkj04WfGASjoi7
OaxpwfdpnVzmoaUo8/R5fLfPa1iSZK4FSwzZpzOpfvodRutpB3QhOdnWtiywR7Rj
FPrKWr+l7yX+MBWpvuaV9qKJcwPxhn+4pGr59V61k78yAs60L1ca05Ua9/l8PO11
qgCMeVhHX7IXm6RGOTO2i1dz61G9fYI3oMJ4USshDVdsFPV/OV5dBX5Zkcz+i/rH
2XT3eOerAtLFiHYmSnsGMEESallPDAF1rgg0HOFE1FnSw64not/eaTCGdhCy7UHX
5k89BQ4PArs914XSvdA5b1ydel3dU/LWWT/pra52IcAusRqLMZfiHXF/KuUH7ua/
XfZ8ljcJ65FpVqAvs6xQeBGVZQoS+WyePcv1/BJkWl4QOtXCiDAMJrKVfxAM8w3S
XAFUtaSpYoHGooRWU51pvimpFLGvlbc/A+NRAsKkdkgMc3g/eGQkE9uLhTw8gP6c
vSS5yv1k1DkCE3Sff+nrD5+4o7tBFjRP4XWWLdAxRwviOUIpQdIMqUzC8YvH
=yE5T
-----END PGP MESSAGE-----
fp: EF643F59E008414882232C78FFA8331EEB7D6B70
- created_at: "2025-07-20T18:28:10Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA6EyPtWBEI+2ARAAifILi6nUR11lUf0Dyv3V26tIKqh0T7T61rcivJAzHxAu
TphvUwzGx7qxZRtu/B64pyFFMk3D9kd9yEN+7MXasyS0Fz9GIRY4W5OTo0xHnthU
vjRo6htVg6Xc4+DYlT8Et/eXqYt37dGGMu9JbV9lYDwgUTQph46vqTn8OoOSqWcQ
gSiw1QjsjXoMuKjUZ7ut+gik/qVG96OZk+MFuez8V7xcClVUYM4RHHD8JTP/pip5
7DzZARVacxrybu67FwEtkkhLjkzOwm6gUE1GAfGOOjianIepojyOv/503BfbErqF
vjEFncQI/3eSDIAQvUcGOCmKwm7arOdWZYvxSQSUz2tDBS9GeK9I/PRsRRkj3mg7
/ZComfo/DVdp0/LzFYVNYGhKUR+n1XLzumjYzRsNb3CAD8uo4N0OfzN5XUw6OQlo
G7MRGZJZDJHQAiMrMaT1JRM/9c8TmNh3Q4hPD7xWB0swASnFWfSAnJXJnrPdzNaY
D1ycyO4eCM6xQEOuTqubW7rVFr9qgdspZMzAMAit/1cX3fqZyQj8m7L0260hdxAJ
f7WmR2KpcJ6J+FAdYD3HzrRbNXXOGGYzlEeq/6Gd6OYyc929m+gNUjskKWvNv90u
f69u5aBWyk2OU9iToxqPOfAi3cpSWY3EuoyO77sya8tRKfzjlfYs9PsKHlXXj8zS
XAH20hg9ndSWiyXLSzuiBoocf4veHrCOkAnS3m9U0heJ28i5RrBj/ILZ1RWqHY97
1urwfro8fB9ZzEQB6UmqucSRqCghR1wPVk5/9U0BhIeULHOk/WymAUoksKav
=0xuz
-----END PGP MESSAGE-----
fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
- created_at: "2025-07-20T18:28:10Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAz5uSgHG2iMJARAA0fyCiD5hpm2Mq8Mgal8yElGmiKl4H607Ik0tHSSGJ2sj
NSlYv6xSxGHp5y2RrXGBjDkDE93lg0JRyjB8CA+XRq2UxpvBpvIWJQ5TqQFj86fO
Ni1u726BfcSEh8BV6LiOWjdQFOGu1UVwuy/R7WV660PNwj/Cb7EMWsHhJ4/t35Ec
EpOjBeL28+daezH5b6JwMHGZCkXLXMu6NUOx5Kd2RBEpqwB5uDBOKqFKlR5Joeel
pExbPsREZkilQRcYiqg7q8xy6jMqUMAEdUHNnUtY/Y4K4M4dWL6spqFcTc2BTqAO
NKPjLuizHRcu9byrMjoLPZfusNY4SFPBa4xLZha9/ypsuIUm1/47H0mp5k3fYiX0
uAbUT72h4q/9MHlX+fd/C46TIE4r3liJI4l81e6KJlPdlMOt66lNL67mWhi7tKBT
qKCVjJdn2OitZAbwSAQ215h8LazWzd1hASU3h4TVnlpOrRWcVwFxvS9uhe+7HUIV
DMG9Xw8iU5xUHKp9zvGvgGDX/W6eLBFGJxWcLHYEaiVcZ0KNg50PfQbhV6LHBT1t
4oL/4r+gER+M/uHVbKoKqxOk8qzgimdGkSxlZfTFpYen+zjj2v5zW0FAbfz/n4KD
WcZf60j47rzNEx/NwYSsaP01+G+KgPGe/xYyTFKxGrYyxQRUkyLQQQB1H+OBGBzS
XAGVnhZOzAjWv0OCNAcYp0ZudqopN+PAgK4+xO2FmyOHO9YNmFPBtiH6Q0K1UIr1
prbxePJIAAP8AmaoHJWXgVLTwMrGFohYqQtXfT3D9fIbIVx3KRM6SekM/30o
=ypL4
-----END PGP MESSAGE-----
fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
- created_at: "2025-07-20T18:28:10Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAw5vwmoEJHQ1AQ/+LtvkdJgZEVahtwfnYUbg+K+oleFw7V9nVeZOtpmqABTi
LsroF2PsatpKxusPDSoqQqj6fvKliCPcm/5UpEExqotKqi0YORhdHrFm9plju8uB
1KiUmhnK/XiIZWp+HltZO9emelCmoU1NNjzs4Ayn1zK0SkY2ADYKI91mjmtLnu+Q
ca5QygiZ/RKAfSkyjCRyR2nhtNov8U3Ii0Erm0pkPh/XXrqBzjcuJKEGHp0Qj0Fj
MxCRxCCnuRaAbgQNQPCwGf+r9KNfvUIhZAWC4zFj1rd7XVxOUiPqVEUBviZvsC6t
rQtn3k7WEf/xlKmBS07PyJ04zplYv4AX1qkJU2qZcAR73vKtDnVFX51RYZrPyUhC
sQX/ZxANG54bmAco4k6/8+c+qbf3+0gyWuAPb/SGanaG0zR/ah0EUqXdlAF6pvJs
sV6uiamgK/qfMMz5OlPcHcqSL4iiZ7C1fIUkqRm6M+dY/TaELSgqLOPYescv9zvF
cWqxDcQ62UKTy6+khSVH9HXPmZ9x9uPZpyXNpwUKDYZIzAU3vRN1K1Pyt6ppYrur
HkNxJvXSxBXZFIOLCuZF3PnlxQQUTi24a9/Y9Fng401fUfQxWZTadKVV7iusBx8p
pC6KsWvVsL8W7aeFQSBXHNIsXGSMf+jdZXBAihtcg2cs7qXkhXlnjr8Tlovlg27S
XAHhM1w4Awy5+YxNIorJZDa+Ia4jczlgL1FO40ktLhQC1hz3huFGU/YK6Nla1Mk2
bQYZZYBjfuKcRqmIFFC6T6VAdA2wbvc6+lQAcLo5yBxz7o+KOcgQtTZ9X7as
=d42u
-----END PGP MESSAGE-----
fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
- created_at: "2025-07-20T18:28:10Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hF4DerEtaFuTeewSAQdAHtMliHz0MplHDFWRgKJFtfN96CpI+DOnUZ5j/QbY4H8w
g8NzKK7NUd5UAmPKHpO/yFiVUYltXkgJqIrd0QAZ5jBVHSKLmhdxsqWIRnUSTRqY
0lwByOPxnHWqi9I0kpwAHcvCqohuIw0k3cihZiGjFGclNtUU24uc4uT9GyX3qxGu
jDhRd0qke+wM+NzJ2f5fVLYjCC7bTBV9q46unsnuvAidU0KXm6S35YlpTgcZ9g==
=lPzg
-----END PGP MESSAGE-----
fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912
- created_at: "2025-07-20T18:28:10Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAxjNhCKPP69fAQ/+OEcxoM4a+dGsTuBV8GZF6Ddy+NXf47SnZ4QLdliYaYGd
fPpyxM0wpyO/BtDE0uFyPpBPLKKCgzh7zlQDnR1zfYzlCr/Y+IB5BLRD19+Abkwg
TFFrpFp3l40I7jRXNfGFge7t22gz5owdSzZfI0Pz5mXuFfX2zAwtc0sV0A0paIMp
fcmLwASp5Bvhgr2DoCah95DkDEwHlS+UwHZoWe+cOrwaBaV8iqomjxYEywivG+Ie
VV+1xUhMIDdWrdmh+Nt39eOMra5X7M7eQhMmWe++uW4UyQgZo2+Jm3s12GMyc8oe
mcDqhgdZ/5jBQEhteBB3wZaySfxozI1aYh4GhscIGhMJ2PMTtEBrR1CuGey8RMzo
9jA6XrGnQP+X4c9b4GBii3rvrRRRS3Y6CI0HOrk6MkWr9S0SW9ypQKgEDQB3O7xX
+N19w7jezyGWWG/G4eLnbSlxeX3ZnvDFAQcQJCqu4vEi5Ux0dTpoT69D9/St083z
Q1BJduBumC49fAnXvdFxgzvcYfjb56SWFByMcYNaEn/ut+WRkFZ2H5vP+HO8+hmu
qPEIjmh9KhTWgOLL1wYTCsfkD+ZMTAc5FRqPzleL/je+Jc/TVKT1s1UtDf8d7GWs
cY2C3bTLR3qlrFmAhANzjl3k9qh5kYYGOF0qkdK60Jeg+/1sqwajQRduRZIo5nXS
XAE9Q4biOlM0fmwOBvw8vuIax6HmOxakP7C7RalIXqGZHF6ijjLBSFW1kZioMftl
KCsFc010bbgDxLQvtIIFLChn/lQlPY7EzThMkyBoDF8RkA7jcqleeAU9xmXF
=Wiir
-----END PGP MESSAGE-----
fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
- created_at: "2025-07-20T18:28:10Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA1Hthzn+T1OoAQ/9FOvo7VH/i3M2qtNqiuGS8oDP3VZLXV2zcaB48BURhIFZ
dszZAozExdwK6yXOvuoVHr94mhgWkYNd6mR96zjFnGWhvta6w78Ecm+2uZfF/QQ5
tHKD7bRKcAAWC5m8ENAdz+5MLBpNk9egSNqzqjFlcNPV89dQCz6TAyfI1tUQcACv
pgVYZz364YMym8+HQ8WAX9rQS3K4ek3EosIjWPJf1FH2Zsj+5Bpt0SZmg3zHQ+e1
uC7JQfabuJ3pV4e3++Rh1W3P0cVX22gPcb+aepnM3Dv+ie6kNo9VguMjmGCEgk5w
TtRy1pG7e87FUvml7NEFazXHmWGWChfqvvHmuaLJCqCyLpH1TH0AylE+uHutdGQ7
t5Cl1slC4VpNx9YiAyhaN7phyz+WLoYn+bcEbcOF6m++PQM8FtIAggwXyaBAiG0Y
WRchBxnONdlic5sFmtVuaTMUqClWFO9r2HupRByU7BDTbG1yJBagiIXUFoPpMFVl
gfv2jJOtwJ0rGRnQ51ZU7l6MMdTa+rR5Dedo5u9fo6ZhwoAPmDOoEtmiguMZTixb
nE2BTZgWxJF2aLOUf8MVcewyp2m7CZlyqXaltV/D6885c4sYi+IqEsUw3CSkRqrn
T5RoQGQXekdut2YdaXfdD5uyBaJmXm7Yn1GNqaWfXLUqklPA5UgvHY/i92xlpJjS
XAH1Tlt1+DVs6zW2KN3EMvBqOTKLpxmLtClpEXP6pHd+vgaWGYNXOt1eInFfwi+P
BKuKXihjiFfNMibh5o1y7W+4WyISjYGpka52m1Ias+06mDeUUojqeaKuhQZ5
=qZvG
-----END PGP MESSAGE-----
fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
- created_at: "2025-07-20T18:28:10Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA46L6MuPqfJqAQ//TtGxqKzGMLDUYKYVyWUcYXMua5LavcZo8+GqUoXHIa55
V3WJ8zOrcd3qfRlhFCmVi3yViA+WkzuG+VYUuVpGbsXq52v21tDuwOz3MZDrTs+D
/tO+M/I0g5Kt56h/cN8lq7//x0AONoViFhDxLCJ8ilmhZdx2ywnv3O9eCLboY2yb
SNsGro9juCcKGbJtcch0CZOULMEMEXXPwbo8MZ+DnXKczwvSqBFu/O3nvkF2jcs8
rC9A8QioMOjXFRglR+vOfpbaCvCkRsgXlkxBxPtpjdYANjA7TQbB3sj/8PTcuNwA
CaVf1RjZoEfABxPJnM8+UX+w+Nm7Fcc+7k/S92Fe88dZ+6jvZGMXhFCoZarSyQSA
+J4hFW4j4xHndlD3wpbx/niPhkVRpLxBqDYJ3KfjN3QgzZ5ufhBPGi819cfKJxwb
/HDR1AHX0bQJoq6wnof20STZJDploLBmP7A1ae2j119pPEBK8ErhPsrn9TQWnbwe
4Tcrvu4yMJX+TMs+yKDDQXwy0oPs5DPqhEnwHzHgNVjIWuQgy92kpDZssREFNZ4D
cDXGPV9Q1Gcam44Cib2HsDMw9ia5Jqn6iYqfLCDo7BidxfaMRHL9ALhg0o/YLFF3
6OyBb4JBFra82QtSFqo719Hzsd475EL7vtVvCk21a8MMH7owhmBuYVxl4ybQh3TS
XAGZi7Pfzf8oFj782HypsT+m6YvPMXHuv8m8K/0F061Vc/7pOqx+l10URVd+KDFf
mkS3eQF6XEyrHxTV8oIPWNGqeURAQZSINMHFNfY0TkQRG3TlKtVGWCqgfACR
=dVoV
-----END PGP MESSAGE-----
fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
- created_at: "2025-07-20T18:28:10Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA4EEKdYEzV0pAQ/9GG7/FHBp3uAZbW6s93J49l3Dcr1Ih9PG1FQyF3wDoakE
LEQ0uoqM7hb3qjJLlG5Rlpa2VdhrzixDxVUnh0FwttTHsIkA3Tpqx4UN/6rtLKxk
ii/oTF5ZpN+PtDE59NXJHT83734aSoGyzRUw2UGc1RwkSQUlfXNhblqbn4ok4oah
EZdBdE3wzcT4e8ybaDH3OS+i5EE9dKpBjt9STbEVnL+3tltst7j2H3Urki5N7/Q5
0rG8H8KZ8h/FCEhFS+PAWB6VuhKJ/xVtYYJlJhmN/lwBqwkkSlSihTHTKfY8wUiy
efG+4rz4d0PIQTaSym+Y+pI1hbUMNFrDtRa1He8u6Lt9ANP9ilCsumP0KM9so6Ei
Njw3yiSnaFZsbVRIvdZdp+ZphWshE7udq6hLfuX6j2iEjvmmcuxDy1xn+ZjKsEpz
arETzZCQqSVhChFYsrXzzxQvnBOneVw7bF5IRP25bcMg2hf+610BfxylZaOAXBiv
ZmlnIY+InlznegpEClqJurzoJMyClzbohW+Gb+HOoe6BwVQ59BPhOVaVh8t1Vef2
Jq7kbrwBIYjUqFAf47sOL4i3r0HqOB4MLqXc/GPQsZiMsXsFvu0ew5fvTIzvFjJp
pMJDS2NhwCfNpWprVKTYs6i/6F/9QtZSsJuKldpODUQwaZMEkPNErye2TvmUUBHS
XAFn9nWQ67hPjuX5nT12si5cZ5HFK+wyZnkB+zdTKeh6dCeO7CmssfuoodqsveNm
VZXtojOgOPusaSFj4n3GHE9vzqNMrE5odjpG6NLWxv7FFfcg7/t97KV/nkzn
=cAw+
-----END PGP MESSAGE-----
fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
- created_at: "2025-07-20T18:28:10Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hF4DQrf1tCqiJxoSAQdA5XAZB34y8KVLVqTUdQMIxtx7r8gR1OwwSeNeDIgRpiYw
lMLrGxCaiG+MnlDcjhv+QQkXRx3z/dvT5Jx35Bv8wFiqUY83xVD8yQG0zAJtA7RB
0lwBJ69AsQI3TKDDDCfHwa8wka8vlnx9YoMH+bEfMAjHBOPeMzCmjaRgX7O0ablm
OoVcoHhPnExGVrR/buzrsorTuj6pRwoTc2XPRMp8cMafQQG5oKrc29roekcCig==
=Qrj0
-----END PGP MESSAGE-----
fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
- created_at: "2025-07-20T18:28:10Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hF4DzAGzViGx4qcSAQdA8drCpM8XLKp63D1s1owbpjULc3cUNVXE0X5UQZsvLjMw
EhgiZhQ1kobdKKXkGfCIY4sjtl7/QY/uuro20n4kZxhEgwZcBBLbUjZDOfCXb2S7
0lYBSQqptAsnjkv9LwbbysuLd9i8WY1vKexAPA+cpvJgHwhtt4Ia/2EwQ2IMJBpm
MunAOhG+rvonQoUKxFB9MeCIX2hW9IywKWqBhfxFS8/r9VQ1V/fX4A==
=TgPw
-----END PGP MESSAGE-----
fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
- created_at: "2025-07-20T18:28:10Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA2pVdGTIrZI+ARAA2u7UVNNDiTC4dJ+tIP65LYov10AN1xKw3rradLfFI1gD
Twuwm6pZ6esp2lC36JqLR7bx5A6uFmfnJA0qBmQryAn+TyvU6xoWbLaDJMP7MMIH
uYAnIzCumDWz44xTnZRup6E7f+CUiBQmns1dTGWrfz2GHzusjnF2E8xfX0sIz8bw
jcQsH3yvIJhOOyWVOampEwm+eZoSzxcBn3AHAwd1XsS5A4syKN0wzA3c0FLAnibF
nUCRKBa2Ux3yB1Xd7hENrpN7ObrdsNCUvUpRVZg0bgs+Zjr3spq/NI66DKfwRc9/
0wQhn/vxoCevGRV/ir8/5JUx5aSLYtLYZ6FGxn8Cqja6rR5rcgAJzjjJP3H2iUrM
cuhdQKj/WGu6nui3oQ6cDCDKK4YLBGda6m/nNLTAN+ohGmGV9gh0d95OD3EiGm8D
F14G/ihFFb7YOMPI/3pKPA7iaHS39lZNkSYBsYUL8/FfSoG0aKyFlTMXWgLgwVwx
bshpe4ixBzTrIU8DtLH1Hz2j3x3j2rh4vt6NOZ6OcHlsIWWEWT9lG2hRUda4kEXG
X6h4c+fslqu0z0PCDsnr0jjca2PGQz7az7HQdddG24Co+cZqLgA3Myj8YNE/StE/
zudTl0RpWOeY9aVCaACuz9xRcPpU+nxEpC0jxOC/ZSoqkup6ndpIOy9g/chq5lPS
XAF4v8Q+I94rlxu/LXCQgnX2mo2iaG8/vWzKogGlixHJX5s70rDaDO0oWjoxXlN6
YrU4hFwRCaAznA8GODyCHsCEvcGPo0i0HuVz1hwjp0EnfVLwYreFISGOOMU/
=6oPX
-----END PGP MESSAGE-----
fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
unencrypted_suffix: _unencrypted
version: 3.10.2

104
inventories/chaosknoten/host_vars/ntfy.yaml
View file

@ -1,104 +0,0 @@
docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/ntfy/docker_compose/compose.yaml.j2') }}"
docker_compose__configuration_files:
- name: server.yml
content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/ntfy/docker_compose/server.yaml.j2') }}"
certbot__version_spec: ""
certbot__acme_account_email_address: le-admin@hamburg.ccc.de
certbot__certificate_domains:
- "ntfy.hamburg.ccc.de"
certbot__new_cert_commands:
- "systemctl reload nginx.service"
nginx__version_spec: ""
nginx__configurations:
- name: ntfy.hamburg.ccc.de
content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/ntfy/nginx/ntfy.hamburg.ccc.de.conf') }}"
alloy_config: |
prometheus.remote_write "default" {
endpoint {
url = "https://metrics.hamburg.ccc.de/api/v1/write"
basic_auth {
username = "chaos"
password = "{{ secret__metrics_chaos }}"
}
}
}
loki.write "default" {
endpoint {
url = "https://loki.hamburg.ccc.de/loki/api/v1/push"
basic_auth {
username = "chaos"
password = "{{ secret__loki_chaos }}"
}
}
}
loki.relabel "journal" {
forward_to = []
rule {
source_labels = ["__journal__systemd_unit"]
target_label = "systemd_unit"
}
rule {
source_labels = ["__journal__hostname"]
target_label = "instance"
}
rule {
source_labels = ["__journal__transport"]
target_label = "systemd_transport"
}
rule {
source_labels = ["__journal_syslog_identifier"]
target_label = "syslog_identifier"
}
rule {
source_labels = ["__journal_priority_keyword"]
target_label = "level"
}
rule {
source_labels = ["__journal__hostname"]
target_label = "host"
regex = "([^:]+)"
replacement = "${1}.hamburg.ccc.de"
action = "replace"
}
}
loki.source.journal "read_journal" {
forward_to = [loki.write.default.receiver]
relabel_rules = loki.relabel.journal.rules
format_as_json = true
labels = {component = "loki.source.journal", org = "ccchh"}
}
prometheus.exporter.unix "local_system" {
enable_collectors = ["systemd"]
}
prometheus.relabel "default" {
forward_to = [prometheus.remote_write.default.receiver]
rule {
target_label = "org"
replacement = "ccchh"
}
rule {
source_labels = ["instance"]
target_label = "host"
regex = "([^:]+)"
replacement = "${1}.hamburg.ccc.de"
action = "replace"
}
}
prometheus.scrape "unix_metrics" {
targets = prometheus.exporter.unix.local_system.targets
forward_to = [prometheus.relabel.default.receiver]
}
prometheus.scrape "ntfy_metrics" {
targets = [{"__address__" = "localhost:9586", job = "ntfy", instance = "ntfy", __scrape_interval__ = "120s"}]
forward_to = [prometheus.relabel.default.receiver]
}

220
inventories/chaosknoten/host_vars/onlyoffice.sops.yaml
View file

@ -1,220 +0,0 @@
secret__onlyoffice_jwt_secret: ENC[AES256_GCM,data:x9eRTm9WrEFGdxDb8JfqLYu97NSBRvhknkEBx/zSEQlSfcah+CVNNM6JcS0Y6d9PARcGv2jGUyakuNN1wYmzYw==,iv:33lWNSnQkljr8S9uj+Eab/fItyKAH4/xAeckdpvzl1k=,tag:Ejxzaz9nkGLT/mqKF35M1w==,type:str]
sops:
lastmodified: "2025-05-04T13:57:24Z"
mac: ENC[AES256_GCM,data:Av9x7PAOBhUoCOCF4al8/4BnpPHmUb1JvCv+PKrBmjPBVxW/sU0w6oYmUNjB4OKxI4615pWpfCsG+kVSEysbXtrRGp2RGqhnSKxS5l21W6Qy+IEkNA/jcA/teUGEOy5Qj1SvgNtWvXEBJgfm9eCQxC+w34JbzoTs2q+6nSxtwmM=,iv:HD3nBwmnOGP6MZdLiYv0hlNcvK5lSxJNaoIkr3Xadkg=,tag:uL01xCeeIbWhsdpyqmUyFg==,type:str]
pgp:
- created_at: "2025-07-20T18:28:11Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAxK/JaB2/SdtARAAoJ/2LvlPFTh5vJsyUZfwTVrLg1DZ9E694J3HJ1fH9ZJj
9qZJ0EtbHHjDyaoAS57FYt41AKbOeUpHa2XioVIYJfS3CgAA/m+AXmorvchU6Umm
tnSaEFyFYEFBUiCvGRMCbBvLepPHdK76a1SGkQww0hcwLk/rjfRAul1ffajdyhm+
Lqa8kMLA80PK5QLvYfAPlNtMiUgq7YsxmhAWoWQ5F/xLnMgClEnsN1QnXszoH8MH
622pAp3KfQqUM54xx0wn0odFcuOEd2HCj/CVnMHdJgZ+7C3XhBg9rB5OgHDKTcMb
F+asweYxFszo6vLcmz1PBnuUv6sPpE15t8MRG6jckLCm7xHl9Kh5fkug8H+H8lGp
3YmbV4Amr623p1vqyAsjqfcIRqB3Fdlp8034BJEFUXWZED5ZUp1m7w5aLG1mGyxC
C4eFPC2mqS94QINfFWYZhMieQz1qUEsZv4bFU1dxQt9H4J/ojkqU4oPVSmIe6swv
szmRVUdmlU5M2FLGUFPw0ikSheBoxfP3x8GuYPuz8EGc2Cdza+kGBswPT9OkKN7k
1flPILolY9D263ldVamsamQL8r07MvLr2Qm+Zw7OTzc14DKyKx2H2m/6C1Koh+zE
9qTCQuaNQjhpZlVf/I1nCEpixBC4Mc1gPD+DZqJjdM8dA2IN9YtLMycepM7igvzS
XgE21f3aoPGgiY6zYQiaUhjhZNWO8by0fxKaPeZ/x7++5stCZz8xSsG7K48mBjKh
NHKJ0sh2imtzPN8Nx/Sqegr30qHDXC5/x1g3eyYurVdT69T/vy4dt6Om49uFmyg=
=VHVp
-----END PGP MESSAGE-----
fp: EF643F59E008414882232C78FFA8331EEB7D6B70
- created_at: "2025-07-20T18:28:11Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA6EyPtWBEI+2ARAApCrvjvsNSGYfmA8y3ZBA6FhfXDboXWYEPs8UfhtoWd2J
wdDtjMXAC7Tav0zYPYIJNag4uax0xgMsKy2YcrSxrKy5IXWpyYsX1VeOj2mJgSY8
gBmH2UvSXtQkYgkV8avGRYn6X+6kJIGwqZRzPlnvKullAYWrtBOR7Nlsd+4BMdLv
sd2iN0z4OwYEsiRI03vUUOZnZY0oDEWLc/Pjiv+rqlHx21sZCF+A9TmuP5T3iYFk
lWVL4ROEu13XCPo86DebfQ1iWyNMk1US82KfT872N28m+OA4/pTkc2PKJTxS+yc5
UOC36GPZuyu/ve+OESMT+XOE5qMar40bvFGgLPaA144tILFVo5YGy41jMU5KrQun
Z09FTv4qfO1WDaA13d707nXgC1AQOmo28I6HP6M0YfRq7NXmJlJUsnVN63K7MfjY
cPFS0r5flY2Sajx3fLgV8t4+a0/c6qwVBqmMnbjddJr3YblH5nsZ0XOoohCAPTOL
9HH1z9rmBT6TywzAcKmzboymnitQ5vFifIyL0CyZND6QjjCarVbL6uOZl746eJpV
/sVpzIemz5FREjp3+liaMmCxUWc3S+vSTcLXwydCWQeXL/X1s/OQJ0XvPFAiW1Ne
0d9Uk1qROhb+pBEDmkDA+20jQr1n1ocBqvXeQZXvLAZt/bTyceN30OLFyP/rRr3S
XgEdW7nQac5MS1nIHuYfVa/06zEuQCiwHQdn/wfYzU/RpWLyDj7r0j3xjwXZfT4y
jBP3eBtnxAEvtnuy4d61ody9nyqLxLyQHYi6/4cvLn4bZFFSDVGJt7vHZ38NiY8=
=2Q2D
-----END PGP MESSAGE-----
fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
- created_at: "2025-07-20T18:28:11Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAz5uSgHG2iMJARAA04z1h5ogEphvUqynEQPQiIR82hDjXHbG0u1CVotvOfJ0
xP2rIXemVsHdZiQXF8m24Iumi+cbWvj+4kqDnAx+AVOBlyL6XMNvCL0NEIrcFRrK
/Hi16pEPjP/z7BnpS/4OLTzFhyuUuhP0rU2XhyhhzcFHumlKctMhJu6+4go3NDG7
a8W4NS37C+JObbKpUO2PQteHW3ptCBKlQ3W1+Horgfy9mw8kL4BwZEQE31XMXHgj
lOBjmKlkKxAcaKzV/HF2oZDGfyF1Pdeic13L6UpOb+zopEgCljwUDDWZPAf4YCGF
tv8l14LwzVO2UoQqWWwQTwiVuA1SDbtl+mjSyNdvxSvnj7tD+NMrp25lm0SnZtyt
QOMmIyVJqMN0DNoNvTb+atbZWPV/nmdt0QHcGJ13x7PblCGuP/Dt0fRekwoCwBpc
U4MYW1VAw/PWyzQ7GWPHIAkUzIqBY9JG/Pa3HNwyisU/psu1eQlMRx0SS5cYMnwh
RVJvVL+4aA+2+d5bYXgZUeoaWCp1duQKyH7GEdO4io8v61IkpRDf1QPbkTNRRT7T
LfSwcV3Cz2PKB7aGSdoSaRn34mzJf6jOoRPr9XHOmUx9Ni7SwFNIN4/r1QhhOlXX
YXC3RIjZhPLMd+cAM12bcgtM+6fJqloLCzU05QxKPeGl/4rmvisb7dIXFAjF2DnS
XgFt34T/r0XOZGydppw219zqiKL+4AXShDKcwE7oPa8AP5rLm/UY6ZwlC4HLvHvm
Su/gHrv5/aR/ORGy3UdxpHTxYfV99nrO1D9qWzm185WJpQ22YhbmV1ZRiywqeMU=
=k56a
-----END PGP MESSAGE-----
fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
- created_at: "2025-07-20T18:28:11Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAw5vwmoEJHQ1AQ//VlaN9C76SJnHeULdvnJ+A3b+idN+PxyPBXSpyOm3DQJs
/83eVkocwQGDL0Dr92f6OcZuHmb/gPuagwuM5Zak5mTRIYeUHaFSMggGIXBcBqJb
xMlYTWJ13JXkONJaSYn3AI0HVpUT+KMJwyp7H28P10RgBZJWT0k/wSmGxY10GG5d
uoA6HOYiK4/KnfzJa4lQiZm3NNlv+eO5yPib99KT+sl2hDPLuKJA/DUhK1mtdygC
pJrG+ayJUKtBq5veRrK/QpbMoD48sD/yOklPB0KadqjY9nMODh/PePpyQlFI7X6Q
ho4ECJeZoJMuU4cU8GwN+ICGoHhdk/l12JtqLiznDWE3uunqO/QxpyyVxIYG7vRl
cBL9PwLhHrsTD7BGzzihAnzz1sCbelYm1KG0bG/4mMVn8cCrwrmoU34+HJuU+5FO
CDExPnNEfen55KnoCqEvSu1W9tUrIJPoda4WM9Z4jWZRJ1CguF3wXALf9Wrwd5ey
1ncpyb27s++lQ90G7rrGBijWBzNZISZcsDpUea58+Oz3BzHzj4Bh5O4GvDxG0TFC
R9P2/M0dlPOchalM5uSy5vzFM85sPCdbXns5t4yUOTJGF9ro7ZUbnjXjAThsdh+/
0NyVXODQGkjs+z+KtjBX3WjnaTSlN+bCcZQRlKa+ZnNVzSffqoKOMWnjm9Ong2nS
XgFe+yO1c08VmGzmUtpXp0H+wuryk6OLQ4yLuv/NEk/zpdV2vkWGUbgZWBnNYpmE
DICvpbtmyghTmwtz6X6JHngfnUUIRlfk2oJCmh4oBsIAz/5kgECGzJ4P4qIjXQI=
=oz53
-----END PGP MESSAGE-----
fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
- created_at: "2025-07-20T18:28:11Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hF4DerEtaFuTeewSAQdAc6c5dDqGPJ7QNl2X9UEg3CqJGfRGNEymq34kyfWwNgsw
0Euc9d8VaeVZzZRP0CltaxdiS4L3BiSm0mBJAcguygM3FCISZI3qrt1ZdLfWk4Y7
0l4BZ8OFHdUOwHjd5CzKILYG6KVkmQLadzP+DMzavjFnXcLZQfT5QScBHmQVg+kO
3jH26Jq/opnuwF5G1hE4cULrfryvMV4pR/rS/QP3Cro87+HTVnZv0cRE6JlWXJyi
=Uwlf
-----END PGP MESSAGE-----
fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912
- created_at: "2025-07-20T18:28:11Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAxjNhCKPP69fAQ/+JnIeYmS/pnJIs/KFjj6TOv9sYUWYEN/IqOiLtSa7hLvN
4ZLERku/oYFshH8k7fAXsdQ+hHbDW3HzIFZR10u2hrTbsDc1PXA6rSQw6LzY+pg3
e3mT+7YwtXFYiwzeKNWQajCPCKChot+eBXp+eMnGE1XINYcJc513nhxbgjyQjZSp
ld+UtNxVohuZZSkgihA/vxd1Gr8lOkfrX1R9hc3VUb7nF2qERT1Nhp5NBSV0XlH/
4+9W01uW2vOyAbIwH97+izGLkVjYYqzaR8I0qQNGbj6Ra+MJaNNHDf6qkrPhTrHv
nBUrbRXs2+ioRs9EASA1M1frRfsWqRqliuteBgPrfmXHt+UMiXbHmoNufh4M7FW1
6WrsunEEuS/bxMhyhzeq7OiMgC+LGb/BHtpgo+q5F9xwHuApjYfXOZX0ma0Muk1U
vyNnMXYUO3eoulp19E2N9FWwekwzPzynrnf25W0cdpCd6pfRAUNdnaVrop/F1Q5h
fQxZTokCnFzF4B/F6e7Dgw+kmJp4AZ6UcsaX7BGh0dO/RcyPxeCey5tbp8tbOOlK
l8iJJ3wvHff1taXjxoaaEjNkE4/a2oRQ7ILVPpzdVdvF+NUzy2nbeEF3XE1B3V+E
TCP6OLDBZRP2XJoRyLBym9ShJaoYkRrEdTn8mQ9MDWdR882nEsWz0+LVn3ZHbxfS
XgH/F7rZY2DJjCo4xbFER4G+3NjfOswanvpDdTdQ0NfP3qUWR9kroKJnGW0cjDTu
MymLSUZ4vhszBiQEVrvW/HSnItiuX67j4Cd+RKFnroIajkh/CBxu4If84VFg1tk=
=nwjq
-----END PGP MESSAGE-----
fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
- created_at: "2025-07-20T18:28:11Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA1Hthzn+T1OoAQ//Qj7HVfszo9OAqoZFQtLqk7hKptSSjpD1TpbszeXl2imT
X7Z7bANyApqUDqaPAgAKYfKDg40dBiiV1ebYjiPqZFEVpOfR9+oRrkuHbwlRZLFw
rvd3/w5InOiP++eLT23E4HiLXZuSYk7JhWFgqYLirxgS9IypQeAFgVc+1CWBizOk
3DLUHfjLScNq9Imxw1NyPoQn1sSv7wzTamnnBckmJqs7KLUlkYrjAzIMkc4iXVaK
LBaJ05QXFKQzEcN+VACE3fm2zFPumNBoykpYBqn87rV/2CTsK/Q7wluNineiSy9/
jwDKnEkgm7WQsjCCZcavSpFSGM8VMDQHq7qFvZns4fgFe4z9SAqEiMPJlY8jsyNp
rKxc7mNu3mIUHbJ8JCsMBgUKtgq0U1kC9xpncAC6G94YsNUwcYznmkbdRHy0q54L
tE2H/U9YGIOAnAIoabjdW6eFuaFBiLTZOqh8pfCT2T7zhIbVFumjZZ2U2mp/2ImE
BbUdyV6ENuADabE+lDKDJlh7tr9MuUQxiwgga6Rggpo3F/ZwA0AL75RRAOsadfft
Qa9zWe+THmGnwD5YG3ZeEcGsI8WGuexaOgMlbNJld7ayqSXISMOXNL/Hv8aiKk6I
z9I6EZlo3DjUJ/J1Yt1jV39GuRg7PBrNaUXPzs/Adcaorlxps1hrhRDO55kNQO/S
XgGpOpyqXj3rW8120Ir99chuRZ8+57wrMVm3Iq+IIk2lvgsysvhABmLaJkvIxzMs
OKAqjSSmh88DmM4wGGhSTSWs+6Hid97rLXxZ/inrdzL45H5NzwZFMXK77CQX708=
=0gyc
-----END PGP MESSAGE-----
fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
- created_at: "2025-07-20T18:28:11Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA46L6MuPqfJqARAApMNOCAyZjUdI1uFcPrDG0nLRtX1USKClRwdCTrTDY4Xr
vN2+ndwsIxj9NWjsfOgDqj4mEqh/l8cr4jtH4SR4C51KwCOWBnQByvaS9T9M27hZ
KwlfkeDuiyfxdEiEbCuYj5Ue/eKuRGl1wePSK3XsYS//jNA+yJ7I5VuqOXLuk3Ky
kMWqgftAiUfEwtQTUVj+oyZ94ebDtTtRZLtsLYP/NRKaNAoJoJKAtyUzOH1iTA4w
5+K9rTH26PcDbkcNuCzxzlq62l/4pfSV3JQBU1ukfYKBjkQOQA57aHxGvkpT1KPs
5ieLiikQRFXmPbKmUhZsFTpIBBYEMR96VyTb0GVP+Bq/iCcq0pV+xtB2ht8PMhJ8
oJJDSQzxtH+TAuHXIGpxh0pu0Qv5RRjGJ3APWIvlNO9f3+66Kq+7/iLrv4amau0o
fMdx9991xy/9O1wJseRLK7kBCo2Y0451LcxGSKDRYmnYkqYVK08qDtYdJAS7/pR4
zHKwt7Yx8rZDcY6FKNjaXPPc5UZkoYWKxlJbPOTQ+ZpWh/a6ITu2klFMLjtETTXE
oskrotoCB6MoYTDLXS6AG9H6zuGVe2YtzdBqoeV7JkD5SbXWbivoue9JqBpiAaay
TOqtmyqgJnfyCRJ49ll3DwDwI8qHZxF0DV6ny+UkGfu6sdXSApLw+Boqb3CA16DS
XgFfPBbhrhVjRnW9WU9J0hB0C9AaGsXkvKuxJtlPUyIDiL6umAXyfZwjFLWpCA9h
LQXsoBo/ac8a13IFUM/Mg0N2LN6Cli4Y368dl7A+rf6yrRCQDJ6furCUa/AnyVk=
=WYRn
-----END PGP MESSAGE-----
fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
- created_at: "2025-07-20T18:28:11Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA4EEKdYEzV0pAQ/8CyQ33WalgCh6onJN9riCoKfwnmS0Y9ph/fFs4TVoXwfQ
G0wZpcpEGLqpJvmD2uGWcEWjI+xYy4AI7DOc/9tCnwG7ojbN3gcyo38fCQv4rF3F
cfvnKhjMZ134GBaoZjAE9DTm7DktvbXfEn21UhsZJ484ga/vLkSM/GGdeGBhN+VD
O4MRV5+ipyinvhrFlPL+RBNfFxqG5247TakkRTuEyJooUSVSHpo6cvD10HCE5Xmu
CWPmL0pWZMAb/zF5YV5qAuCjYXmD2IWmvmuUJMl/MJAYFNc5Lkzv9PZ6YYO9dPm/
YuLHTI74sVWSzEfEWW7TpTjDV+wWtVDEluW0rU/BBi5Pe5mojsSATU/yc9xLnn11
f0cBfzE2edMI1JVWVGD7z36L7vbA9SmfrPMiAv4HH4XIMsKRm4E+Sagvpmfzp4aQ
RQaQRROnlPF3OiBEESXF6fJMTx2oUY/rGr0N4vHdbftjrAzSw1055U+sJr9hMowz
QEXi535RbpNYx6K06jMR5xh0s1TLZ8vQ96g+cBzWAgnL78r6WXnE4wrWQ1PIek54
ynUN+IckmfUNvJkNOpysgQjhXR4OZ2PJYHZK3NozDfuQ0gOn4RPAwuQLDrdsPsm9
cX4iJdhWfEdABZ//oWTkcTRbOgeLg3sBMQ3uKOCuIdUNxv8QArvAgzoYL0XVSrTS
XgFXFTQlV/Q+h+p9gqRlY83aaORunqmbKmqp7b0CXDRGTqzp78PfBpu83rcvfrlt
vW/Mc6sdQKbp1CLWjwi5rvicad+syff5K1Yj4KM0Va6EN02fR3Y3LX1umSUz9hg=
=S1o0
-----END PGP MESSAGE-----
fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
- created_at: "2025-07-20T18:28:11Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hF4DQrf1tCqiJxoSAQdAmctmfovaoatnLuqx5thkVhRKPDmu0lO1Cz5DLyEtO0Mw
f//rqh3/XZJV5+E9Lg3z4JwmvGOBYRzx2ieZXjG97CgXNJABKZEaVIJRYK188qvG
0l4BYsSpSvsPpy2sSpaieMxYsZaHSbTVLCXXeWEuscjZf8YIt0Mtz/Xuo+vhYBCt
AYphX1T7gM32x84bRKY2GaHMWiJf8gliyp4GEuAcT/3Qy/5T5IzuT7ZCFPY0oJtq
=4oBN
-----END PGP MESSAGE-----
fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
- created_at: "2025-07-20T18:28:11Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hF4DzAGzViGx4qcSAQdAI999uiupFybQLd1PFvc8U3Iubq8C1Ak7MSeInUWtHAow
/0AFYupRiOj4plWENTnOtSLaJWaUPtxH5IPmqCti5zZa3EiNaDZi+rQ0pgcMIcg+
0lgBQ7C+PTBjVdFNSwbfqTNIA9d+Dnx58rAmv9gnJT29ersC7q30kA6XXt0OORP8
+Qw94iehnPRN4wIFunyBpB/T/rosnCQwl1o4YF8Qg6c6i33Ka40PKfbk
=0oiT
-----END PGP MESSAGE-----
fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
- created_at: "2025-07-20T18:28:11Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA2pVdGTIrZI+AQ/8CBqRnnTS2cJsQ3cnCw0g8c5YG1mlfiCfo4XwcUCCYRUH
cCh1AtWdBzjqbL2rQ9HpJrTiudwpHI5NQhTd8M16klvlfoaJcIFkFOJlmqJIZROb
S1pwpCSVqfPzMH/i4/OhP3hebJ1tAv3DovKo8D6K0mwxPAr0GcWuNxwYgksArHGs
HwCr0+eZKtHvcIT2u7XRzbmgS7sylRT32IpouOKEj/xO5EgKlug3zDI9OWOjwQO3
eDB56bOpbD5lolT+mUbeklt8K9xo/AxllePOtj8VnAQiJ89VlIwzE0ULxEU1J48e
6ACIZ5E337OfyiUw8CCAGeMpSG+3WJCBRPoQdTPtDXl0INIcTF2IHnFrbPQfM7gk
zWbU2Rc7+kuvR0eEKiy4Zs+IprG9prpLyI3ZFLrwZK98IYe54wjokDnNay154lyX
ncJX37e5RIj7xb0nDGQtNxaktX1n9wUXGssCHLecDIXQ8MstRkPh2/liwt3ZaGtL
gyp49DBLF+9S2EKAdGk3lEyCvYARuGi5FvZ390+ig5H22U0CP4c6/bwPRC9cgAK0
nXGleEeCCcE503cZf/ThOQQUKULtdTqrZVzL9K9OVFYUjrhjlxdW4dzIOgL+K3lK
h7mLEvmgRnaSYVWLfn7NjzrvUC20Zem6I02hV4GIYGjzi9epikn6IlBw9N1hwgrS
XgHHsygIAU6Tekg0DlMw2yb9DH2s86XlLfmp0KxBr7zuu/NSsPbhj3a9OYft38st
TOEdrZL+CqITCyWhUpWetmlFeDdgDtLFNts+/5y1aLf/v68mV3OsWqyledUhVa4=
=vAn4
-----END PGP MESSAGE-----
fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
unencrypted_suffix: _unencrypted
version: 3.9.4

222
inventories/chaosknoten/host_vars/pad.sops.yaml
View file

@ -1,222 +0,0 @@
secret__hedgedoc_db_password: ENC[AES256_GCM,data:5Pw0orOTzb1xCefwx/n9h9m8gmEY6irE,iv:nZvnPSb6sXjS6k4wNUoo2PCJyOcwjm36gs9l0mxwAeo=,tag:0seJlVi9qTfBiol7mP6DQA==,type:str]
secret__hedgedoc_kc_secret: ENC[AES256_GCM,data:7RyM9jfKnaaP7kJ1JwucPa/IAwaRc7Hhe9VYIKGEmlc=,iv:RvtaWLsf/X/y8s+DLANcyVgagJqGB7EkvQ2nYm2Xo24=,tag:amdgqknDGeZxUBmXsd1ksw==,type:str]
secret__pad_smtp_password: ENC[AES256_GCM,data:msnYZYl8vP+OeISI5OOglQsCQ8vxMZ0gig==,iv:oqov/myWJNzUoAn4BSX6hN1fWyab5vud8NmT+z4ECqs=,tag:0T3Xm2zw5k5WmC9Ks03XhA==,type:str]
sops:
lastmodified: "2025-05-04T14:02:14Z"
mac: ENC[AES256_GCM,data:h9E+eIum7jyIx78zJh65c/4QMZRq+stNklGuBGo8afYpicLPG/A9LZz1UeBSxyEoMOV/jHAIuoU5u1wmijcsZSBBjI0LZsBTnGLORWEZCoVTEVCUp9CJHZ8zQEVj4Gt+V/moR+pD4s3YLuywamjquvghwtOMYt1JzsePGcCkHUI=,iv:wxhwDM9hmALuX9Ko4izSQ270X1aaLH5Z1iu93/D/Kls=,tag:j0+XqgV43A6ry6hbHhGj2Q==,type:str]
pgp:
- created_at: "2025-07-20T18:28:12Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAxK/JaB2/SdtAQ//aNqxoOe92/qN5cGXIHEMQZLzFLwft0nn7vcp+Aumz/Ry
HpzIMCg9jbFOJyX/AXogcnD/eFdbByEdJoweK/8HT9bRdcMAy/JXSZ6JK4BCrdeC
zljtb/LMJhwwLcHo7N6te1NJUxHYiN4kCFzNx/bw18BtXxkpGThUolh9d2AKkzFl
WpfFD6jq1kKntHh7xgZh85XEmcrh7TMTnVbSphggl50SoDMr0QqlE6+3M15/wPJy
BkU8lZrd9pnAI54kf9hbyARwLXFO2op2Mg01XqPtZqr0lAJWme8tchTzYfBMy6VA
gdecfdSa/QNbcoT7MQc4XuNnATZ4V9MGYasxIwfAEd+gJdHTjdpGf7R580b0s5/O
77fy5p2AVC3TNgjKRerIolCG946p9L5sexExphpnx+QPcfZxqxRFV6wCHAyfFE7D
5pHNDwTi5xKhv5Umsx6SWIgxwGCuBdSmfp3fAMtMpZtpmgIG89ZMM+IEyhyNOOId
wrDIbzW2b4P39Uldg6959VYO7kgX/+geHaunogYu11sVIXl2sh+tQ3745bZUyK+4
9TkY36i0pw88X+qtZeJcynIVs1X5kZU/j9NoqR8uXVo+aTUrqz0Lmw5TJmbtHuc8
zln5ahJ2oEAh91yKIaG4chXWmOlHa2hLseJh2XRmgmAel9LxZxRDVNxEB4MngmXS
XgFCCgrmDBEeADGdY+Npg3arQPdQUv7N9zOcVx0+8YzqUkwikbLlAprI82cpRYbN
PZbwZC68VugNQ2lrTVGl/Vszf77Sqw8YgHKHaCNQeGQ1EpLiTDSTlRidxXQeQqg=
=IO/Y
-----END PGP MESSAGE-----
fp: EF643F59E008414882232C78FFA8331EEB7D6B70
- created_at: "2025-07-20T18:28:12Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA6EyPtWBEI+2ARAAtSL8SXFBov62tJ8A9z8BUJJxlhyB287yDaE7zmZ7SJJr
mdIXIzd+NZjlT3E3wSbzIs6bXZ+9hpH/FUwoleMnRSinreK/2g1YxK/rDoTGNCoi
z8I9IT+tcxLDI7jk1UdOml7W6+QB4WKt+e3Yj03AqOVH6puo0np/UoNWxEWgttYF
tUeC/5nlOeR3Rmo7xR+aE+IkjwTQIVsWdkn1QjUobURm2MLEcss3ccl/6cYmmbtZ
zlTDWQPbR/7mmqICxJYbHaSDoB8103xBWoyjBoU6Joogt3ITBp8DZMHsrkB7JM8g
VwRIUGoA89SUnDLONRpY+SKyF5otpHz51oh0Zk4WvgilYsBq79BoA8RRKAdA4wif
3VUZgThoDLarh2X0Y7yRHuIvo3Hyyu/Rb/qSGKc2/C36QlbCG18ZDmBJcXWzsMBr
6Tgs+EVI6vDXGpsBiZNMlBB9SWa9/QPmZROHSQ7+vEV8HHQIMlQ5gCd/F8HtDSCI
fvva+JvvkiYGyuW36ttX/KWja8cpzqZ/sUabzsr1rIpN755OnOHwl8ct19eNNC6Y
FnqjmQvCiCpAafoSHMowp0gqYRAy7KuZM079fPmC81ulXdaJ/+9TwNRKxK1uxsIN
cRcMBng1RZ7BcaUnZl36v0If7V0FT8JQJEBnsVgb73yj0w998LrcdFkrc+8K5uzS
XgEmC4sgiEb+2SFqTi+pRZNuMpNI42m8oVohaaGK3daBDJzEnO4MDCyaqh7Vrc8K
ksOPAqV3Fge7IM171mncjMOyAFWqKLVJNB+EWFmzBOSu9pcDsOJ7bTxfE0183Bc=
=G4Ui
-----END PGP MESSAGE-----
fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
- created_at: "2025-07-20T18:28:12Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAz5uSgHG2iMJAQ//W7ljbkBHoJ9PAWC27ixI3GqxvBcCVZJbjBOpZCHTMC6L
NvVjVM4/oHqO/RIKw/txAJ63nK4pu/VX5U2R9oPekpUOr3vTaOS+Y+SlIEWnh0r+
LihOfkQIMQch8LcT1yy6tcLTcO18OokuuK9PSpngkHQvq9zvcA8nYs+/apCg9RYu
DwQxPWukL5g5WPk+GmJHwffStp5M6W2juxwtBEjHcwL2SP3DroqXk5UE9jJ0a6QB
BFl8b2ubeSlbFOrm7LuhF6MREBbxP2b6pPf9Dii5tYZvpsVNcI1Zvk/FGR0j/UaJ
4CP6GNjKtPIRSfVNi5InZppYvWXRWBgvYMCjjNWHMjIvf8+VmaI0KAOYcfrjN77L
jw2xGwY2GKuZLrgL+q0V9ZtCrXzQsw9mov/8DuzjW8cuWLJ2svHuU4pr5HNm9Mdk
ffcobSgNA01yvhoilil8I9OwvCBnXDSptkCg7wAiewlRW2skwBMzJ+x8tHo1ckPT
IxbNOZO4Ky/M2qbtMkkcrCOfN8aw/xtc4Fgd7bWpOnxqQDW5h4BMEUIhWoyrZN6m
BbnrsjMpuBtG2pLpIzbSXdHXYlGLglSA/HKld/HlvnJ6YzmJ5sq0fLddJejmuZP6
8HE3M8NnXCqL8Lg2lu+osWCj0Ie04O51tSOL2MZa1Lrucr4k4R2fJ7JI/Wbj8i/S
XgH5hen0WL2gfvlYH+9L5ouHwIIuG6hzyM9dcKUAstR8bp8BvagBCHB3aoIGvtjv
hB0qYNOVpXQbTDS2rhX7Iyc9O2v41piZJc1Wgpe9owfQ9MXCOumRxReNXa6U3Ko=
=7dsm
-----END PGP MESSAGE-----
fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
- created_at: "2025-07-20T18:28:12Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAw5vwmoEJHQ1AQ//UIWoUZiWc0lcwJbx7Xt4TH/A5pAHRs7tLK11kNmc/yYO
9LKj0abYLcEk6ZwTFxHyuOaGixt3XWCeUBwluTsf1hVKyYU+pZoZTZZO75RtlrXv
tncwBjuMjMHPBxrSRtlWM1L7PnSqG2uDNcuoCDIyQPebqbmwLA92+UD61RXEayM8
kiU2y5LFUICbJAWcE6/wyP2WTsypmlnvy56Hn5NmekwRa3AI9YzDLDUJtvLuhzrj
z4Mb8UZZCje6cE5wXFuuAOBnqLFbQoqiksuHvQ1qQzoai+0MP6TAcylhTFOAYUvx
5VzHLZohd+F5ukqmFpAA9FxYgnvThhmchyt6HtFIOmeQYm+/d8kcKvHT79SfyFK+
+FYyBx3g9mMluYrXtNeM5nltMlRFxzEKrvj4U4J5bWnqx5NtviYLk1xQgs/5fJFq
E6Ro+zQFDYjJB0JMgu2neF8SuFOAbhtphDTLibs7XF0N+IQd5c76+zSHmVGaVGs1
WrOnIDXJDPsrQ4NLA7BMffZ98t4ba8POiJt1ZSH3ZrLakh5E/l6BmDYFOUVXCiPo
ofsgIGq6m4I1uG1DcuZPXBYeY0FDEp4SvyjNDmsTHQZWksHiZdSFNVQtAeqnC4V0
Ahs3mpqZyVlNqfR5lYeoGcqbxkYKYbwUt3bC53UmSnIkarUf0po47O41FpLVMn7S
XgF9fIMX/lkYp9OAWnYkkYpSnJ7Ild2w6nMqclPsg1ewo1jP6mODZ+LuP0YEjqRO
cHvgv3LTtEmI4q365h8FvQL6KCtktVucFbDrFeldBrwaLVcdZKeOsEIogn9Wdgk=
=EkrG
-----END PGP MESSAGE-----
fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
- created_at: "2025-07-20T18:28:12Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hF4DerEtaFuTeewSAQdAV8YVHRPgSGYaixgIXdc6id8t56XZoN/E9fpSCa8TZSEw
3boOWRPqAKNXtSSlo5edVKc0aKGT8SNSpcj0iZPNIjT7LjN8cX51Agbh8m/7WSwx
0l4B9PGTl+6CNGVMqeRAgAmk4j+5lopHFvVOTzhdTKTGHSMSXDTWDzSRIGScTYjh
A7RSeNn9Plh1BFaOaHCRoe2ZN8/GiACU6YRdaaChCxfTurRqA6Tg0hrW4Hi/FcbP
=m6s4
-----END PGP MESSAGE-----
fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912
- created_at: "2025-07-20T18:28:12Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAxjNhCKPP69fARAAj4fYd6B+M9fL4TTp0q9vYcLpSaO5HqlhO+aA2xwfi8yV
KL8Y6dNQvogBwwux0mwhfPSDkU4P8NxaF5+loZS6fSpKrCfB3jOI0OXQjlkL1X4j
MHfxKQo3P+gHFY92OBo/H2Z0cp+COySGgQGhL/vz+tlt08eygs1MOB/6S6HWWI0a
fE+2x7Vm/h1QqEG/7EYKJeSnc3Mqt2+vb3Zc0Vo8A4u7ZusjVWFVJX5ka9vtyHla
D6QVHIZewUyqowVP81kqO9b5GPDqDySAdPMd2TSikeLqi3nrCE/ZMkqA9AlxPYds
UCk22jF4jqIlx2KOj+5UiBzmyJ8yZuH4KDo7Sb2ypbu4oV2w9uQbNmtpoGRoF2ZT
UXSvEmObVSB41OVPJPo8P2DOpdH8hTwKd2/k4z3vsAuzzRYypupy2m/rW8SCMoWR
zsmX8jlL08kVfokldgow7PNzDSiamhD+JyuZG/b6nxBYG8YHyYXoX3BrCr+GGAnl
Y2iHjiPwEQlwvYqJU3bpHeqkjp+u+S1oMVVMSEY6QPhepxUpGRvHjHvSElOua4Hn
CtTv5GR5B0JeuQYodDuzgADO/DGP1xAojeixJCdjfcZnwz5GlPzV5dXc3bLlvzju
uYF5GLLIyiMG3eVFq+mNdtNLS6/toLvptohUZHUIOzeBE7a84vj6YaIBJQuI+D3S
XgEW2BR7ssAb7n4m94b7v0P5+kNQXJS/mUtpWt2QRjO7ApgETPKJPL94eHq+ZUFV
zxGCTqmi09a/4JO6cQRAtTddp53r3Rd0Bx+1LMzlbupwJK03P4IGIu4sxUbYTrc=
=oBXZ
-----END PGP MESSAGE-----
fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
- created_at: "2025-07-20T18:28:12Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA1Hthzn+T1OoARAAtNvLMnRwKO4rkv+XVnhCm9fBqVqsCJtzOm3+oIxuIgcO
TdulmufWkPG87BqquK1MMsIfBFad26m3QJnot8JigLf4VN9KOHwaxEiOafUc+GIz
y+UbWpGTfVz8uCuWp+MgwdhFTQbf48rlfan5hribUL7ZG0gs/k6YCuFxMZOgVmpZ
CbSqGWYQm0lHZwU6dmKsXAXD21yPhU9JY+301e+uoGf/PR4NPp8CpZWSylQ/0Ndn
lzTn0rJEMbiM30QgS0oiKnvLodLGfq+YY1nou3YxUgXgnIun2fOlQ5lO1Wf5yfL+
JVegUqSJqLVBWXWjaGgNW10PWxrwmx4r431uct8SBYgG2Z4rx7nTPOK1UpvUkOf7
kaVpnCNChxV9URelNdDE7wv+QBqvNrATjrgV9XQ/JPmc8vgY0ukqVXh3YiBlRrgp
6GRsFE20Rwwwoun060wUB5coeFxo3fvl3ARfg5tm0DW/HXQMRFLmq5oSF+UCa5ni
lywL7nudomVieHhrGywzFQ0zR8odC7ChY63VFTlptKQ+fbbRyPr+TiVuhKGlCQCn
1KUUdqDq9xAyGycxyVF+xRairAyIb/Rpl8tCqyvv5g0PyLpdUvU5uLYLU0mINoiO
PvmJdBF1I4xIYOYsIDFYtnB1Ip/KQtceQ6wbVZoTkMThdiYI3IaQU69ZCnWoA5/S
XgFAn6epxYcIA0AKZgwLcuUK0I1UJbBwUAOOSdGs4LVjdH6HhqEtKGtMt6TW1fpb
iOhHHUnBKf4VJT4zrfP3D2WrlbEtV+7njzVzIxQxSLDW5c/JFWwgSkDwmcZGtXI=
=C12p
-----END PGP MESSAGE-----
fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
- created_at: "2025-07-20T18:28:12Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA46L6MuPqfJqAQ//c82fjsqdQ21eVipN6br333hV5pz1ADxfdDujj85EXJkN
by1KP7a4bKdmuBqMZq2jAd/7BBMkiTr5VElCZVx02OkVNSAI4W+2Q9jLkLsEmq8q
Bx4FNqqbziu9hPjGbiEaWZZp4Nxw4PET7yLuioLsuXuvc5MBkkAv4NPY6fLia8Lh
J/K/FerErHHe8aDbnb1qbjIdgibGc19jQoy+8O4FjlpWxr7X5r6YIDjH61C+iTed
h/2b3w8OjsaBi1uk1TyXCkCxpJFHw5LpKJ5V+Xyg2k9YFWtTugGG5WiJZ7l15JE1
Ak2W085nzYReYBr64KiUSEZRzJzA5c7Jw7wxUwuM3LWitnvjEkJs9bjkmu3wicy8
z7vTQkPVXPlW3zRaEShk9jIizT17y6AxcR2HmhqznGN1cCe/6mVNCqXbjLylFHG8
2ez2SheSlo3hEq8Hr42pwxUafKShOUAcvHyXC99mh5SrE2t87SwNf6pHDP48GD6D
bBztseGNapINd6/KMjtCKvhC/5wapyYbgW8/mYYmCqrlyvvs9pSIqBR8vanFMdDA
RGouV2HXLCvvf7C+QJ6I/XMPgK+ie8063+7Mz7i9wtJ44QrIEBBTqBaLgSQ+ojek
5eTlB5f+6XgiAIrtvMjNuyTNYKjlGILC5+RAfhoZGH6Y5pA6lDJ4egpjRwW6/jzS
XgGuUCRdk0qjpfR5K1HQRLMYx7zhz/MZipHAjAXPBua5NIFDS+G4uS1bVozFY3C3
RuWqBLmQ/zA4mYkZyDBKdRZOKIHvnNvHT+Drpzs7HKMlt4evnU15V5Y94kveI0k=
=dtNw
-----END PGP MESSAGE-----
fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
- created_at: "2025-07-20T18:28:12Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA4EEKdYEzV0pAQ//e+W8JAZRCKye0xb0urWAqMhyQB9bPoUdq6NvqOhF1Obe
OIIg7wKMVYagNKnnQ3DT7AlaG02B4lV///cXDbF8z9CqITv0Jy9KDLhWcmCjcK4H
/YIs4uVEUm0SsZniGtX/XBBsVPOSZjrr1Rv+ZQj4S3QJB1bvouZmXotyiSBAGtxs
LWvJbHZMPpeYXYHVJwB1h643uB0RAxl5ob7t1KhdWOBczqTw5LJWkIvhiL9twjRM
SNo/a+R+xXj7+kNhzA6x2p48EEFoCnZLwwwnNxcH/7Ru+VCTkd3+LWRoocYu6Xml
6KoyMv5QIrg8ObzzNDqqdHV9AL0yMoNbWhA8wW/pImwzWWIoZZnOB+UqnsgmvEJh
z0Aznuzfw490R6I7g/fKTTNXIkh2RmPe03E244H/FL3Ude7xSgVRc85JzECk26gh
PSvYBqgX6gafAHAFYYtu0pI52fIpY26FQ6oFd6lINmBquvu+jVRJJ0tL90x5M9oS
7pW/++RX9A77sg5uda6/83H3VGyDB73epW+Zif3EY2I4pP14rHba5W6GSv5pQRRO
44rB0VsrfQrFOgITCqjUWS6XJyfUcwsISCbmKz7aLqMApaoqAGdQz0LYPtlGiWvx
fAbBRmjFhSKt6+U7rvM6oJLjSZE0AQJ6d4BSCjqvU2Tn2jNv5o6VT3XjwqkSpOPS
XgFVMHLs1tTvyT2pavrsO0OkRY+wSEPkwI23/Lh51lOsdRqTChiCsoixoApEkKy+
/EehrjKxPsX/g7ulvoNlnAMtEYt4ShCcnXY+BJJAQLyZrGb4APSd2TIK9hRTNMk=
=6NMh
-----END PGP MESSAGE-----
fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
- created_at: "2025-07-20T18:28:12Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hF4DQrf1tCqiJxoSAQdAqpHTHLJ1nm14QdhNauHESrle15XBGIWMPEVapqcfc0Qw
KqDeoxAQS+KqklzODzy51Wmzt06gGn7AOgGf7mUTOJJDiNwtQrPJay+JYgjmKwvH
0l4BUgRnvwN9iYesLjh9HNsk/yomORDhwdbMoel3Y5KN3+3dVG9wHSA2A7qpre5D
SWoecyXjnocvu9Iyr1p6d7aPwGcVvN+u/4wD+fsczDVj5megya5avSjD5bXI0tZy
=EQq2
-----END PGP MESSAGE-----
fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
- created_at: "2025-07-20T18:28:12Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hF4DzAGzViGx4qcSAQdAgim7RmvpCENDIfjVUrEW9y7BKKfZCzDDjAo7DMKibm0w
fnUxNm6hFRKfZGNw7YRIZxrlkBGrzj3lQaudBzOw+Y28nKK+wjltrX1JjgDA2aQk
0lgBWY1AIVKdyzJustVIuOwTu1GfLelPKpzT4lFAnvBrs6rEI0DtVgiUtgIxn2aK
ynDbN7LSJH/K84CigYCKzKdY7g9eg6uKuS9QWaDV//oMZbdUijhtK2M9
=/TsU
-----END PGP MESSAGE-----
fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
- created_at: "2025-07-20T18:28:12Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA2pVdGTIrZI+AQ//X+WG/gb9oSpWLPlQ8MC1LTGKbe0U7n1RT9GfkFq6QwaD
63K+EUOPmmssmWuqIyH6XL9TXK6xX3hn1wzZ825FcmN69O3v7UoLgNTalVC6A2OY
+g9rcpSIb/R1Lt694p75ce0KvzepvyNdzsTwzMSMTMXd+Z4vpUyQKPzOnUCUoOK4
MKm8iNxX1srl5vEiw3wWR6untn+E/4DGmJMA0BZxR9TTz5dvNnW6F/xn7dG/aLvz
8MwkisqkGpkb2SIeCexnJFaYtYgIHby+tNVUhBE8A8VOQdRa4OiXNbg+EhO0J7CL
Lhsn5B3jsUp0HAnUrPI8feuwaplzPML/keVE+eIJt+xcXh4znVbclFI3gxNPhMPp
lTjRptzLgPSa0k2+shtF16WA9/zCmFMO338VIEn7wtWPsrtJ2ap6jD9VLA97eas6
30aDudXRx/Rg2OyT7K3lfRhgkV+727cbBCYKN5YW+TdQp6LheB5PbWbRGpr6wQbW
phRhgTgSkpjZf2RPCgYLNjI9xlep9lSjBwe4vZW2MdVA1778hvdVb5069n432a8O
A5mPPsfwNi0X+UnFmid397jIFH3ZFoF2YB/otnuRfFA9TdZbayl/lZgXVJvqnGGl
+Zaz74UQiQWxLBYTpmOdh8Cs2eEeo3vQGkOpRr0gw9AXrLbiVYfv+CwT0QGAUC3S
XgGASADjHRKN0sqUwZ6/XI9UeWTMNZq0Y/DPWBGTzT4AehLlJKo9Ju8iZlN9D6Dc
XoIqjpK3F7swjMED+xnK89dWCymPZDGmA9fWtkFnGkMjDWrW62+UNb9f/Oh1sGI=
=8MRO
-----END PGP MESSAGE-----
fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
unencrypted_suffix: _unencrypted
version: 3.9.4

221
inventories/chaosknoten/host_vars/pretalx.sops.yaml
View file

@ -1,221 +0,0 @@
secret__pretalx_db_password: ENC[AES256_GCM,data:T9qw46sR88tcj4NG1oK3AfjreU4N1cIN0w==,iv:g2rr7PbFN9bFDg/w7vZBiuMB4p2j2uu0eQAyiweuQ6Q=,tag:0coJNAbT5W9gxy2fVOhuoA==,type:str]
secret__pretalx_mail_password: ENC[AES256_GCM,data:HJrrmdDKzity4Fzz+JEj/kvddzHpRbw1Yw==,iv:dW15nSyYjzlFdPkQoZmJ5k+poWyJZ7dW5Lo8IFjtfMc=,tag:AZZObQRDMMoQgnPmqo/+Tw==,type:str]
sops:
lastmodified: "2025-05-04T14:05:04Z"
mac: ENC[AES256_GCM,data:sO7OHejtPDQNt3bfXl+W488vCqaIicE/iZgIw6dClwoHZUHDNlv/V4aubJk89vELCs7JeOYocqZhARrrHERUxLtQMf+YguA2fBYZOVZ37chtfIqYoceq9ygzzzI6/PQlO5oRoe6HkASJK5t9oVWdfWUmBfWWWjBGrsKbUGnlPOg=,iv:p9NZw6HA0oj0PWJYDIjUKzj3DAI4ymI2V7o9knsvjnE=,tag:AbMiE6WQSPkuY2AEIcHAYw==,type:str]
pgp:
- created_at: "2025-07-20T18:28:13Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAxK/JaB2/SdtAQ/9EffdaNUw7+lCgQpIq+ZLSK08NF6VdkSgrB2qBfvdx6K2
rHNsBWMhfXKJRu42NBKP6v9xuJsNrpS0cJKhBaZB1sZReJ6iFRR6iFv3WfRPODNw
owx0dXP2OTgrrJYr9jbg8s2yUZzRYakEqa9KZkLIjz9klyxclDF6aI1DjRuNJ2iP
almHjD+wjr7KZSPXSCEESfRD+k2wUUk/xMLQ73tdZ+8+Azex5diquEZCXZ4VPeW2
B8pl3JQlDSSdaxD1YAa10eoIwIVn/ac1phPOwPbegtvhRs05HpaMVD8agP6r2IFe
sLoqAGRlgPAr+a8KDxwxhRirrutOxhvgaCTHqkWBaUsNdgDgWfEC1ujCM6MpzbnP
lu/VQsDEN1nZs1UQ3qjCehh99NBdD01bL3TzTXrT9GhoYxAKb+QN9+7csTKq9LH9
QAFQOQ3oIZGf3rdpYwxrLYAfA/dSu29xXHcR9qHVOSPDg5r7s1ccLCT/DwtiUfrL
gXzMUMPmcHAKaMhpxGXtnlyZFfSA34EmFFWL180de8fUHW+vD5AQu07RuwbDmX1O
ocYp2GPwyB5j6XsAGKDesyXB3q36qKyHS1A3XeWd+11cSkcorDYTQqjB/6IeA0ym
DSBUTVuRCput5skr2t/UMu41PnA/WTGKHmXU4tAWTCOPF2kIlJJpOcUC2m5M/+bS
XAGh43M0q6QwfXLVpSnbtQhT+FRGj4xgie6A4aL2kKjwbo47hfFtQ2kw3PFk6iXL
yAnLTG+yW0/FOm6Xmk838mO+xuNNHaOMZgCYXmD71l9u3Za5xjDPRQNm1wi6
=P45G
-----END PGP MESSAGE-----
fp: EF643F59E008414882232C78FFA8331EEB7D6B70
- created_at: "2025-07-20T18:28:13Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA6EyPtWBEI+2AQ/+PWhuluGgAjqYQpFiTUSUhwWbAwpF8o3pQan4b+cd8a6H
f1jNeA5XsWQlmtzlW91T3vInqRrWzp8JKR213nFm3lA9SkNQmDs+UwcfQO8at2JQ
YMhUWf3ea2TWn6bKb/LNYMdcsKNlaueyQgxSJZP0rhPoI8uX4r9iVvfbK8g8iBnw
9HErdOHfaf1PNXFQtSh+1/47ocyxiBg0/7+e3C/Y41S53NG/J/d8ldTU0mZs8q9o
0DC1WDbMt/t0HwKyXN7zLdBoW0qB2M8FFbAyAqSpgDdB6AP513V6ggoXT8vF7tFA
m3Sq+8rNl0JWK2qcBmd2tIKJF0xASTnhQOd5z9PwZ5MlNBJNobB//v2UlDy6Iov3
lXXbXexOtxuBdrWsQ2fj1ROasTlBTBJ9AAKX2hv/x0bWY627m9sr9wQxv1BrhxzJ
AnPGYEHdpW2gy3dDgq42HsoGAIQlO7fjtPC4LRJ+mVpJNcpAaJgUBzjwyEK2/VZs
tNYnYwhrxeQLQfGsOKGBm/gMUgQI4UPmyHZqEMOziMQu9DX3PQ4lUE8NbMnzhD4A
XVM0XGh/rX86YSRhoqNbubmsWtz6L5HfIfNF385OnM+AVXPorpEJNcDYN0HazLYM
yiUJ2UD9eDTF5Q/lVAQhmi2j9sCbn+cWwBHgAUfBa3sdNhQgt1V3JcoIwvEIru3S
XAHnHd6LlUDdCn1zTOwvyKCz5V1gUDQmF+ocj6Sh5lca0ks7kxTAU0KCTwemDsbz
1WJwR5NR+gz2YMcGeRRqZzpnSDs4+RyaTf0jCpj8plDecBhzJMoIzX/YcDlq
=W+aT
-----END PGP MESSAGE-----
fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
- created_at: "2025-07-20T18:28:13Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAz5uSgHG2iMJARAArMlCeBgkSZl0QwIU+ahxoq05l5qDc7s3k9iH2i3ZaIsg
ZQezH84ZKbMao+lQrRQLyDR0WzZ/gk4fytylC6zU/F3kCojVO6zsWl6llOmbdvgY
ypBkLT0fQVOKqljEocEpc54MI40r8n/yJrnn4J6ERxHR3VXJBc+m4M7Zqudy1hMx
ugx/wpjenCXRis1S+6WgdJ1XMjkd0yWusI/oLc5leac/PqnVRHufSzAx31bRq/7+
bjqUUotIbUp6DhOil4or6P51X8BIBlnEQhYjHTQhx3fnUyqeYLW+UTAUYaldOY6q
bBOE5v4q1o79gI7rGfqkSXQl6fIJWUwWcUA+VLtv9hhMiqYOAezm7f8MwXZUefp1
5dCLfSoP71cwEHdfAINsxb6OoIMuvsrL39oMreEq8v+wXhLlvxxBfSB9fPg6Blw4
tyx72DWKcDUvcXlUCVd9AnPPUN2AqBOnuQ4bmzuIOxZHQUr7oTYUsi02H4psEkNa
gQ0yxiEnznnU8noykPUukzYgyfRzHsS1q1o4WLjUcJkFFLt1g5HQHTDIvD1Ebf81
pi++0CFjcNDZe12S4jpApcl24WTowkfJCVYJufX0cOdmL6Za7MVxllq3PWIhSlgO
vXmkoWhdDlsl0B+xEWeVw4CWQOmbX0J2CUwQRVdwRqhv2ejc+GCFoyjGWsiNmRXS
XAGwkybWT+vU/8Uy9jwdRHPFOcE+ZIPuHO3cy+9TbkH7w7M86YEUdvW6amvG0HiK
cnMWvbol7a4PdN1i+Ov6YzuqIkEcV1Y/RgjOa4zwbXHwX4LDLpeIMS68E8Fn
=mFN7
-----END PGP MESSAGE-----
fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
- created_at: "2025-07-20T18:28:13Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAw5vwmoEJHQ1AQ/7BfThwS2apanA8MrUZOcED+O7zMnYryEUlMwWpBE2sEGd
GR6letvHkCn6ggqzVmbaFtFY6kzWnUiwHJE56rXab8ouoybf539eot1FH2rtDFWG
MFDO6GdJq4JHCIksx6kR5N7qDyhSTiqbuF04NsvoHvxgcpNQhkHoiTopTTnMYH3K
gBy6nMkfFtFZ1QTVUGGtVROUqo91r9Pop8IkBX0o6dP9piUGkQUHkVD0ci09oclA
xNCIO2Qfz3PJbj2EEyVJwLYTZd32kJOn22e014kI9/xOWCHNOP6zqwR5mzyb1cZl
ATDnb27F1JUxpuXPTx8Q6ybI5Wg/l4du4D2ZFElkvSh7xQJSeRK/OvEPpOeNV4vn
UKj4lxg9+AiNCbuVxgZP1uYCDKfcf7YnBhctRpHYK+DWE5DLpCxjYRrMu5/BjW06
Xi4uYVX9bM82RcnZUeOJA/4GY4epPlF91Kd2ZTdCyu4cV1EPtFi6CQkG4OxuqbQ/
cURZSmLwJHx7eoqKfpARslqMQF9713GJ3ScrvwwPEPXyEptYn0wwnuvsLSBmLO+y
mxJFKsTUumL4e5RSb+KT39AXRDfgP6dLW3HEYYa+wLfNBt9ObS7u3NZTvAbIqhDP
LExNXOxSg6cMwtXB8i1FYRAkSaOoIg/RMUXFXY5Ozd36hPKRQMz09lvxI6Vc6MzS
XAHKI68c+Bdu0z4LfXEWc6n4ZCLkU52fytX2chWx/SQ9K6SGPxoJ6enz28zXZP7E
GSFYcKW2ZnOagEHRq8ZzPjR6RsaxH9Ge0oR6//55pHQqpPyU5YBe+gq/PXh+
=Y2np
-----END PGP MESSAGE-----
fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
- created_at: "2025-07-20T18:28:13Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hF4DerEtaFuTeewSAQdAI/McyCJvJ2mjfuNy5cYD8yerRzaI6hr3DQhym9u2Pz4w
Xmzw8xhS2pLF+9wByaWzPa6wZNhcOw4FuoY/vuX7esfkiy8hOolggOo5N/b5OOtU
0lwBy2eZXcWslQn0ywspNjRLSCMTvMtgjP+Mj+Yz1RFVuuzbf8nx6KndgghNJLeM
yu37XTzfcq+uoTbeAuZVtHS1JFrHbqFvuRNnqF+DA6xI7VY3TMJMhpS5I5J7dg==
=/a2s
-----END PGP MESSAGE-----
fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912
- created_at: "2025-07-20T18:28:13Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAxjNhCKPP69fAQ/+OMpABLgtPwY/mKXXbt5ZWlPWc279oVuJfr3MKNAZAeYv
tEwRH8L+/QJ6WVb7eBM0QiYPfykN94lc2ibiH5gU0fYl1s5t8RhfA2+cP3aSKh52
8PAuEuvfqV96/rIaZfgdhOkZhyOlB9hGiMxXzrqDSgMiDm86dCokYZSnXMYcS2QQ
mj4vazChKE9BOCRXT3udtHPTJr1P5oy8X9zzJD9zq9cDRimWVc3d1u5UNdTcUnp0
Lc4SdHImbyzrIw8dbsda9TUv8D38c5f6MCZSjGgCBQ7vH1EVpSfwPDLhvfOak38A
j0f7j5VRPNcYnc/SzFLM9gXpx+K/PjEgwBlZBWqQIo8VJu2j3HT/WePKABmCki/F
7hvBYF20URGTIwwWvwgEPNYarqkfUsQ4MlQFLeqb/hGZmDJPI45kxA9DeDj17VJU
GDcyVKaU+YLQqNJzlPl2YsC+CVGwnF68+cQ6uDtFVCWYxZuB+8Uza9RWNilT7YsE
FWNjZNPEpURUGzXoWjeD8dsr3d6138Br5lVuGt9bT8rKNIr2icv+C0IIhAGPFn5W
1mankaftwGtOgQ2kV+vJTHiAoBTWXOsl+ppeYrRYw+dEk17NMOryEmgGARtDOQ+m
9ZJv0SfoRhH72gc9AyyEb/3vW+zipobRwlrFx6MZ24YsmrF6ktaefwM9qrC1QrfS
XAGdPW5zc3TcUNg1RBv+L/tsi2kgqY+ay4ivqeMBeKqOpaLflfzcPvUagDbyP8Dn
X207VaxYHuPKHkeIPTwYu+dDSUVURxSePZY6dNq4NVAniCA55BcuwpZEtSkY
=A2kF
-----END PGP MESSAGE-----
fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
- created_at: "2025-07-20T18:28:13Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA1Hthzn+T1OoAQ/+N2PMc0UUZcMCFJ5r1ighIXI6vdPPKfxD9dO8CLG/d/Jg
7fnr57VGf9WnDcaDWrInyY3h/dhbVdxwW1Svb+sIvN4h5HNZXT0slMqzF5s3ujQW
R5IKf0LOPoP961pkZvAxdGGaVs2q0KeXwzaQrRpdG5qZoZFukBMjdPlXvooWL9xj
50fJ5FA9tWsplhexBJpO7gZa9ChM63OwkrMJsEPf4IX2CdAuIUUi4ZCSS9flYXwZ
0sGKWFIqAdPAlREv4Oj9Yyg/w1JIxOi/FRaGX6w6e8N0ijrde5m03vM+43+oo79J
F/izl83N5/cHUnLsovLkwojcoYWX+lHRBPxaPti0JVtTHxNk2hgY3VJuLbgute3D
QJk9shKlsE1fuRFN9kYeiZH47Jb/GQ63W/W38zGEyDI/P2XFSkoLkK1XMUnv/iaU
BiZ9yyJqC14B5yoeI7fosnpTxbzhEU/Klk4yCjy5m3Btae7oBVrPJs1ksy1vsJVI
1e0jr2kitK5vnLXntrPHrci1D48WuK8qYO9xnbPb7Y72a/Zs0K3GFaj0bb1xDp6N
7MdbkpkxZfilj/TRdyFCzWAD7YYaikpdqNVNupK2eT0DiUBLEay7CPggUy4JBVwv
QxjKPIFEuQYKDZyoqaB4aNK7sFi/mnOnhSuiPW/Yj8nWO5cBQN+yV53MZJ+bMT/S
XAGRgwng3ADPdTTWI7059N1ps47zLu+X69EQXQz/XXE81LB4GpV4klf1ZyXCJxL9
h6NkMOelbQRzo6GmIVH3ZybulBDUEWaGcey/tjc4Nn8nsWLEEK1sZ8vxhgQS
=w16+
-----END PGP MESSAGE-----
fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
- created_at: "2025-07-20T18:28:13Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA46L6MuPqfJqAQ//eCpH/tm49iFcT7m5Yy9URQh6iumq+qisjewD4I55vfI8
3wm66qbVeGqRWdLhsLZ4xajNNe9WBYnO66RcR5QEyKkwsau8IzN7An7qOwsudkFi
Fjm1dGh0n1EvsScDE4CccPlWIgmoTEkI1AlY/bk86I84Xz2I+KKGKMDDt9M9wY4o
kEfqXhTWj0RyYiUWroFDTTUS37qAxj3Gsn0ANrK7fq3KWk5wZY0HxEZqiwohh2IJ
1IRoPqiweJGXTAdt3XM1KHNj3goMThyW1nPUS3vegSdG36MW7zYgFgr14gEWjwe7
uz4au71QdsJo2wqrXcblU2KXhxMxgKsfIO6n5SB6n2beC5YB/WXK/4hqvjze+4k4
gmJ1OaDF+C3/hdNlAxXVYw5duYeQHaWdBnuqc3bYBR4gplCe8sHXVPldBwdBXT8/
arpbxaTZGGBufpAWpC2zOC/LqriFB8pgBr/WHs2zgRyy2tNB37g5w7CW/1piTxOm
txAkFnvlVHAvA7KJUK7ZlcilxTNhTmJbHbsgax5zol+Azr/NaiI5oCFPfEfIHMi3
KIFasJsHaClUjoPcoE1qqCxWS9rYcp16JA42tJHQLUTf96EMSy0PI1Gz8s29CUsc
8sRQyCHg2z8CRYewpgeZPFZ6oB4li/7wk33R8Ygz2rl0v8jGYLLXOS4MKnMzmh3S
XAERrfs67xQE3bgzbrwobNGeTkx2XglSe5m+xK4D8ncaCjt22igKynJCN2VM4h/9
w17wcA5ptgHDY9FVbdzlVpG5B7k2qOU7ZpZwXxCtcYKsa2ViF8KOiYVWT8VI
=EeJS
-----END PGP MESSAGE-----
fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
- created_at: "2025-07-20T18:28:13Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA4EEKdYEzV0pARAAkllD5CHl9ViGIl/9NT0B/w0VXvKdt7Vm2xYAOHTDszhM
ytcLXB9sn1eioRPBBzVBobllNPJW6Pw0udokQtJ+AxGMbWCEiAmFBz8l3UCx5I5Z
UTELpSjUEd0NnUXeEeHqXFoeEgfuXpSl/jrhv5jFWKhosrYROlD62oBOn5GzTPjo
S4f4w/CogJGDCtH29RqknCNGILUkq4REMRkUROVBNNlt1l6u5EJ7WOYGs+8WZjHY
Y6GHnThJcZQdExVkLU/LqI4behM9rMWIfLuvIq9H/0JRaaUFv1HPIk/txpTAiesK
/u4qRzVUSXF7C98NS33qN4aOG1twRz0VcETt0KGSTCdQxQlnAnXw0MUaWIr2Xm26
NVly12Bfnq5iWzIx2oR0RDuD4k1TWK79+Z2Ne1h06VYTIEqxnjMrXna3aKGG2f0c
0P6u0Msf8FxUXEl/HtRLZHJ9v8FoSE+qi75dOb5tsjXRCIKLlNetHN1ZIVTPjD2j
2jftyIBoLe9FVdMkjhAhfkRG3nc1bpDm3Fz7LNHjr7h2TAgskYRctRCQ0sLUm+U0
VISkoFe5bQgln9igqaVmLOHPXLkAE0pOH0gdyXY4bYUf3CqOgvgdRRHAstup8yRE
TMop8obh1JoYPy+gx2jnHbr01lTAnbOqTBrnq85dh9QiZ8RD57rmmQCn334cfT/S
XAEWF22JjcTJ16SUDzzM/ifU7ZLn0/6S/06mvzzvc5/P1j13HxoQy0tQnYH+hSSx
vYs/JDWdtDOLyveQGdjEBv9DCajNPciCpvIHP8kiEIgXK+eq4ULwgn7qHUA7
=5J5Y
-----END PGP MESSAGE-----
fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
- created_at: "2025-07-20T18:28:13Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hF4DQrf1tCqiJxoSAQdAgrc0PgCemUNp2H9DlYhzx6YOTxe25hl9xXUry1/7UDww
GqWflaDgbQXWAfJ7SRg3/97xvVO2PvRZA0dSfyGZOYdJZI2DQYYmPOP0XBjGmj5e
0lwBC405oP9jUhH1vqsZ/gNCQfmBF+K7+AZZLs6PMYPMbYqM/UwXYG/1PQ6Nsgjp
WaNDQdhsgdBF/3f0G6dMlon5GsHh74UZr25m6UnH/QXsGUsz99YC3HpYqfZ4zg==
=swyG
-----END PGP MESSAGE-----
fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
- created_at: "2025-07-20T18:28:13Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hF4DzAGzViGx4qcSAQdAojcnJZkpCUbE4s+WspGi5Eu7umXR1CdYzHy2PeO3cxQw
AlPyrJ2Yz40wMB193w+7rH/mmtDJ+TQR7JdtUyjFh7qmTGHR3C+PkcxcMZ4f7hNo
0lYBOsN8HfiXQRUz2OskzM0nohP41Y9+GJd5fZRPHMUDoXuW3vxVYlvHPs+y7b1O
qW9DN3zJPiDh00qpm8bL8Cj1u2XVvg53Yv6FIPbzqwnAWGIAMPY2YA==
=Li+p
-----END PGP MESSAGE-----
fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
- created_at: "2025-07-20T18:28:13Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA2pVdGTIrZI+ARAA6LhhmYQ2gafJaLJeieaxVcH7cqanMdP+cWIUHU3vSL1s
pm45DvU82PdLot8tXVpiFE1h+Tj1NSFK2HQnyxZZCTp3WVBclPXsDM/cV/j2Ti15
1y40CEHCmmNyiXWfe1oknhSd0hhsFXA1XukkTqGJNO3lWLmvxSOHcz2pVhLDZdFg
Sbl4NphVeKSVDthfgxq54MQYSkpQ8ad5Pu6yj+xKog6+vy2kPb4j8OGAxvXufs5b
zehTw6y3v3R4tEWIOhqijzxYEpXfe+CODvos/ktlBu9JRz2FxBhDKynADalgPOmQ
RKBy/UJnb3AQKNCqDPMtdAzYgLbjusgtZCUqNgNwXhosB63Wp2G1lwl6sXpmeBvd
Cwo6Q0XKNMupnYk3bLpveKTJEuGiZGkpvmj0aNEX08JuROYOIcu/8NAxD4ElY28Y
H58qduuiiXKmCz9LAZFmMCll9z93UzQ7G19yG7CXERwLCp+wtftcKks/K5ZMxO3i
suX2kydUi5UiaStLOrgaUCwAGLg2JQtOUlf/nvoxu5YHUbKwbXJ/SHqCngxoyE9U
Y3ZaicfiNyQW5tI6N/PVdeC0cvIp+hiaMvHXRNNehVL2Ac6yNNUF+X5fU1bzNqgQ
QMVIf/UX2ky9mjmxw582oOCASiBxtCQKpVxgRy+ZKqhgcdF0Rn0hp7O5arvYB7HS
XAGe2uopSmnOmDt3L/wOKfiEX42nYqhNgMrgJg9NcLHyE4ofyvEZrOtztSK44aUW
WwsG8izTHGhgUM/0GWRsqy9oZVmDUiNcxzm97n7UGqBZPqj8iHVGHCMqpLST
=+cIy
-----END PGP MESSAGE-----
fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
unencrypted_suffix: _unencrypted
version: 3.9.4

220
inventories/chaosknoten/host_vars/tickets.sops.yaml
View file

@ -1,220 +0,0 @@
secret__pretix_db_password: ENC[AES256_GCM,data:kAOUjT7gw0FDqO+xt8m3wAhOGuZTS6zEIQ==,iv:oPAxDzz4ellT5MxUqw8/iBYyiTMf1b/Lddj5E0iIhWE=,tag:r3OTmcSjNUETEmOzxsMhxQ==,type:str]
sops:
lastmodified: "2025-05-04T14:08:33Z"
mac: ENC[AES256_GCM,data:gyf0gBed5K3sEk0bTBPbNa83QtWtoLx+NVp78KrxxfyiUuPu/5ziWPKHDd7o9TQvXZnQ8isVy2BaTTwR6tK4AG5+SO2ffV0a0/uNx3/jUvh56zQFwA6LTviEnR3vKvKPa1GH1khojaCkyMpYkb2KbMnbrGIt8qqqDcwc1dMVv4s=,iv:7oPpmfeAcWttEaCOiL2WocbhoBaIh0Y33OlCAYjq98w=,tag:KTN+7sxOYEfxGwB3OXvUIQ==,type:str]
pgp:
- created_at: "2025-07-20T18:28:14Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAxK/JaB2/SdtAQ//ZaLa0jFRdraV+dQbKltTYi3U5RCebaARIe6Zodux1wNF
nwiBpuTmGsv6zlMhisLCuvq7Xi5sjsPgxECeHTa3iO5vFmAI0FZ3edxxqO8hSzg0
72C31NGvXxvXOmiPRSE1ICgi2d9QiEo9M/XIoYuH0KvfgsBtsGJizf16qRoZvV4x
mZ+eJhVEnrXhDAMW0KkZnuCA1p2+02ZbldEv1xO9gcDjGlJNlOmFkeQSw7YJMSL+
8i8IP8bu+P04vhQ417gnTh+J2FHB3dOGyS/xDkWkvm8eoOGHd/A9iIdYS6U9IXRn
1cKtuu+1WMy1tZI8NSRrjjCPgA/IKAtRsuvQW8SPD09Ry+PLGmPNDD06xWeruj7i
zGGBSNLudQerlcgI/jXpfa7cY7J041DIuL4LpjU31qfj3LOf38xoncgKWGp9y1Mf
qmPgqjVr1AQL7TaFCBs1RULs05NZh/H/aB5LySGJVDklpAmsNI7EELuQY+uLDul8
z3RarGJQNHHpgh7bVr/2xnX5wxnPDKTxZOX28cx60xAdoQ3YteN3sz746eVIpLy7
RknPiPxbLADMTDvWViXV30NBxiRIMZMyTzV8dDVybMP0HVsi60oUmt4dTxNTUwc1
IkJAsf5B3Gvj5QpxB1t8hhp0VGp9y5xpCIxKH02WsYD46Bk5S5GK3yfI+oWHGhTS
XgEUfid+nmHsdOTwLuIAcg94hpjb/qeNIZTrFu+PLv8jAXM9iZtL80TY3Z47dBDD
TFL5VWwnN7JvtlFAXZfdDF0Z7Ds36mrLkyP5H0HlYySfXzXRaom1X4Zoe7rdOYc=
=irhU
-----END PGP MESSAGE-----
fp: EF643F59E008414882232C78FFA8331EEB7D6B70
- created_at: "2025-07-20T18:28:14Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA6EyPtWBEI+2AQ//ewjkGZAOs4fTiGze7L5CheqqNUbpGGC8GGwc7XNWWDTH
MzHw473nF2m47qxDlOPkuPaSiM42306uzLkfVOK78ZF0yR25ksWmbsUMQmjvmiIz
RxhN9se36iui57yTZmgklwCZHCGgH+Z14j1IMyxyjwYnVD/keNT9nyHaTXWkJspb
VH8HDIdUWRTz6i3lQFTU8ihsUYJEDfGq4Z/sfGGdawHCdycq/X77Wks29PkX7dsT
/ZWQ4wDShytB9PZkzYRuQGxe9uyI2ULGzox6DxCLiorjbWvu9XCk0PyGGd6oCYTh
bYwERBateIUGy5MYKye4i6bh+d+OO80jOz3MgG5WhNfmqboywi/sQ9h5/OQStNAi
isY8VKyqgvQMbOf/AMuBeUClecFhDDZnOHspHPMUwnvpJ7cSni+n2fB1Ng/j/sVH
Sjv8CTmbPOqGGSDO/yFXBtWqZa+DwSJog8XUgc08JUfSawKtWGbQyHsRZ9NPF12z
xtILWkYOsetA2rIz+C5L/E1linyj3QuEXueONiducFhC742dDJc9RY1+1ZfLwkoy
kgZuxhItOdBOhjmarK9hlpOErc6d8UiDcknrfHdOs9sZCaM1I7EptJaYMkn1Of0p
0fukUpolLGAsOOphwJyaF/7qfWXmGmUXD6B/prYo0MggnGYZ7NkY4ja/MnpoYmTS
XgGrkpFRNk7XdrOjyV9+vYHOKegNpoKg/SORi810VyNdY5UrgeuZGRFopwY+hyR8
ivgndYxqvxLDKJ2IU3LTPn510slUAKrnuaSLF/ATTzIVxBtVWzxNB5LJs+QQiio=
=vF+Y
-----END PGP MESSAGE-----
fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
- created_at: "2025-07-20T18:28:14Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAz5uSgHG2iMJAQ//R8nCAozvpPk0xalyBdT7rmz5veN1JQmJ56MeNe2YjKVR
h+VlisHyv2s/yblj0bghfK2Q5FsCqaEJu040XVjIh8TnmQSM9Ze3nso9Ey0ai+ba
42S/4cXQs7WH44n37qyrP6xQoZpFfahx02FuIudQWe4HYzkKBYsKh2izdiWy8ilK
8AKalfHapVilzmvVKIDXTFPfRLwXdvvqHQ4rX1lDXnaACjvvR/Xvc+G9pWTHhJbp
EP9UOx5au/xXoRoqqLYgoMZmVdWOHHR+tehQIxX1GknC4qjEcBNpsPUCBHPbzP4V
Lqeyi2w5ySxL7KVV3yJ2ftuZcCYQoiiH0FFrT4xUQ4MYdpCscv7goJ0S3XIw/5SM
TQLgIO7NamKob8ib23LbukcZRVK1UJdd42oZkfZQ91JZg8mkH7WusEqSLdwrYi58
3HpO7danYAiymcZqjDCMqq2QngzIqfnjUGUFjECDDVzXaD4aChy7ariPKbJY2cSM
q72QkDXPDH5awhRUG/wGVfg34YzM1wBREkjVna1KI71jlCTGJoSFNyJOm/FGxUp8
KY8Vbd6rPT/bTKa4zr8xaDgMra06sD/19IOFeLYVIA6hRTQFvnid1KHflKmqf6wE
4DLxpBZ+htwlRSEQBgN9F+BdZV6AhSrsyPB3RTDvcX3/brsPM3qDzSpvnjA2PnLS
XgFSRrF58OpmDVIBNJqhZwk3GJrfHMlJCAESbQhB2Vt2rjYEoJFIezl/+Pd3t6U1
4RZF9ztdreWLDTwaBd+Y/emSg5y/35bs79WUroFzLPHfKK2TvSv3kXwmD/agU20=
=zN2U
-----END PGP MESSAGE-----
fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
- created_at: "2025-07-20T18:28:14Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAw5vwmoEJHQ1AQ//YJRu7a84M4Aw4psDj4D1/lgFCP3Iuozn4uIrItau2sfB
UxVHoUmpis4AETkG8m57JkP9x/uL0Rffg4/6dHeWIWBP5ivhPQYT+VhRuTzhXSm/
MmkgYwjsjhKyMQQoqAoR3D9o2pP7xLojIk3nf3rCIaLTlI2JRepDpGfGJ6NuHYuY
3tL4c9aUth2S5Nyu2gptzIURtjj4zxvz2H6664WwhOFwGdw6DQFncTWSqCGcF23z
z30yXUhl1/tN28GXKk+94/EFrrOTvmJCkKao7gQuG2kyyY6QmrbHrHB+roxL4B7L
HAAL6YT+bf0HYhDTM3pQQiVkmgnmjn4TnwOID1pm0SH3uAYWrYUQqgHtvCzm0i4h
kGPQW752BD9i0LwiENf9LPR3gbnWuYUu+Y2DZ1NcWnbJlrfwin0xzXALYYKW35ua
7LtfGcgn1qpvHcEGB6wcCXUwXOf3dxNZD04isnHnXbpIh2lnXhnlWQI81s3IuIMc
HGnEi4/wiHNEVtAcvQ/pgfZJc9zgfPR/qJCHJKbLgni/GjJpBSPvd36FPGwfGKcC
Q/Mvx5nycoNondF8wI0cVmkwhPCXGJ/Qbryd9LAZpJRIGcNBtkxFXm6IEaHdeaf6
sQcrkhANjs4/dEsd61GTnVOMnGOqVHS88yUmgEZIHz9JyK8Zm2WtflSkGlgIXG/S
XgGN/mFrC0v1oLQwAMrGq2nNrcOZD38uE7UidnN+MRgfz0h8nyS76q07mrlnqh3I
h8wmb3iYgB4x1iSBR97uw+h9Uvpv0pc2oDv2CzKeG+5IcgVs9RCwt6mrRsgt5Xs=
=a2xY
-----END PGP MESSAGE-----
fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
- created_at: "2025-07-20T18:28:14Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hF4DerEtaFuTeewSAQdASqL7jPR42Su2gfaIPR7d/yMSKLr7AAiUJMW7jz39A0sw
86w0HyFUh/fe5DY2VGhYg9Fw90I+tNnSPFxNjgEClosdUs6FBe43UvSxsNtUpg6O
0l4BqTuQX4R+nTQ1f676JRT6xIoyO+N1NMq7BAWOxrkte4nCAwPjzK12Xo4IwNCD
/hzfJTdYonnihE6AXe9eoURWa71j0ZpVn7G+m44e8j8vXk6Ep0AI9gtYqXo3EQ3A
=KlAv
-----END PGP MESSAGE-----
fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912
- created_at: "2025-07-20T18:28:14Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAxjNhCKPP69fAQ//YBuWhGfl/V6GvA3J8DvySqzKGDMgnfxh+LTeRBmeEDui
fPh9MOqg9hOUEYjmJMh1WH5G3OI8e886SKZp0YN+A36C8Z7xwRnxeO9dbtFRt6F/
bgb6RRvZMYdbu/vgJs4OhbL73BhGPbAs4+DRtrmz+Gbrn3Sm0BaJ63zmIzahImqi
4o9abLPBrB2JJPqTHo5F5PnruhLLsaSqQ+uuTrDrwBpwmPQmPD+K8/T4yWgvcAfs
8bEtUmRQ7G1GM79nGhdK6IQYCGAn0WE3TAOLJvUxEiv+9hYO0YSYuefR4AivyzQ1
wmO7qWlqY/hJzylaXEtIyYVfN4F3YtkZwN3wSx6UHg+d5814aUPCLCi7ftdMvwJX
y5n72Hd1qrIIu38MEG+Z+2Z36KKv8ViK0aKG/6BBBw0BpQDktMHJInpaG3LJUCjt
3ayajKQWl4t8g3jnmwhXrLZf8JFbmGyzjRq/GqOhlJLvh8W451xlI/jPJZcY2oVG
4jd0x6zkG31fIHJ41qOs+2fJaeh3WUHv2jAgISuqbEoEct+3EzXj7VNSGM1uB8oB
9pUP1AcoWViHhhVrbnr+aqhyQDiytID0tf+Fvddpbgm2ECDTWeGuIrzoPcYYC19k
5PuNQP5u9W/zHKOLXSxs/wTpoUr55OLBxd4l/gUTq4mCZ/1YFqSDUNrR28hfWKrS
XgGwy3VspQj1GzFz9zJ44S/tKBI5bRQSslZfOgv226p/XdBLleoagltdHEeFdbJ8
wuPyOzxqWa3U/iBF+ANHjz4VIzKtObFBf4R4X8hYXSXkbko1k7W8nD/hziP0CTI=
=lsaG
-----END PGP MESSAGE-----
fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
- created_at: "2025-07-20T18:28:14Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA1Hthzn+T1OoAQ//XZAHFWGJZL5FxHtR+9Q+Mfv+1XYsiEii7TJPFibcNB/X
YDxbuJ84jmueCqCLX67ISVPBYk4rIA7qk6+qWxAqJqbOFVOq7ZXZOIZqVkViD1Wt
GBRq44yT9HFxi60YN/2c9smUQoxMus5VXNUzRUxJiocEFjD3r2QWaE89KDj+gac7
7xO/zoqV3msfZe31qmVD3sqk+EtfKTxmkHXtSstl3fZJGak4RPUwu0MMYwzbui+H
q05coDVRgum4kpUSJbK63S58/QkWYGBkNg66r4eXJlg+Hb7SAfS/Sn4X0xJuflmx
OKgl6Z0ds1XsoZN1S9j2/DT6NhlV+5ZoibEyQYLbOIQz74aRt+IRaAX4oTG1UO0p
in4OYtsI+wOnSfP60JW5lF9JUHaOaCDzxWaFyeYpw9ymMyfUL6cFDiMvKQPTONXY
DOKVH7ejCbsX3kq/tWr1glBMeb+5AjQsrkflG5oWbVNmSfGPQXxh8HDDr7zkwdHa
AeNqN+b4kh1HPBohyrocyjXQcRjD3Y+j+HWQIfXFmoNMRWGATM83s8JQoTab9iO3
S/68vFvfHYw2ijjTBV4giR8Ch3TPh20O01/UK1FbjQmrwWM7Z0WWN2SY0mN3wBdS
jTJPuXW2v84dZPUE1lWtvedaT1VLUI/9x51iXYlHH5obQSRA5Fli1zFXwXEagbzS
XgFMiyXksg42jTdT1UcPrptCeSoiQ5nBXcKfEf6d9PAu75u/MvnVaCDFO/vGwwRd
MyEx54Lpmsh13tXh4NmVW3Pcy0x/4Budu9SS43mBqDkjOcsXWd9jmlPK74+QuIs=
=R/9b
-----END PGP MESSAGE-----
fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
- created_at: "2025-07-20T18:28:14Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA46L6MuPqfJqAQ//e089t5UfnD35fbHpRGNboywPjwRxvfAb4qFxZZ2gJ0C/
lLGgL3R1vDFzJyRJegPBVpYJC4Yx//wN9kyq2sqCWe+ePrtw7f+xNotzmd1UW1tM
mLBSIt7o9JIGWQ2u23u5khKalL1OYzgb/mezGOsvvz/VqGyJbkm7wpy8FZn3408c
d+IiZiMzh+wxaS1CspPwusVy3vNL7/OtA8jiwv+wM0QKsF+BgfUAEU+Le16CE0AW
kbY6Pkymo8mql+gfBOslSM6B3Tn72RjRxez326Us82qKWU/bCcUcCyoL4Ddv5/Nk
SKc0WKWGcQ39XiBuTssModlTGonihi+BqxKlvKT/QAYYroRMC7vFNYqG7inn3c0N
cShjYV+zJPNdlXeiz/ZMs5TpECBIcMEBaLMBAJHkLLjb7PVH88BZIcQ5/odpyOGs
pXqQ6pnIJjg1XlqeEnHRP6WtSZu4U0wtuaxNWNw0CnsGg/meTCKevlzN4OpuoGLK
4/2vsUzOk6Lq5CwNtG6rg8XhMhb9S869PJOqKIopSCjklcU08SfxwcUZiBKLyhG3
oNHT59qbSq3CtIoap+VcpnqmpLiLAhUXoc47ISCd3RP2B7LE7j1Ls3OIESKnl6d4
mvElwAUQE2qtWRr0I6ypW0M2Nf+axY6HpQqTwE4nRBDA0+ZN/Y9LZHW8OEZ8sGPS
XgE1SvXOZsJfR1r4ndxQf2SmahezpSqrO1TT2oz5pVBQ/YnmAp9awZ0B2wEmw1vt
am/9MrBKCXjmMHwa87l6BaqwvnCUPRa9HBwVkGhvCvLAcP8odmhmgjUT0TErkFk=
=c/aN
-----END PGP MESSAGE-----
fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
- created_at: "2025-07-20T18:28:14Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA4EEKdYEzV0pAQ/+Ojy06RopB8cWxcVn9AXbgX7LA00vUVkbOl7yo0hVXZbo
jY/vvbtd5ju+ggtn9F0H+vunV1ulJidMy4C81wfofoy68Iqok9u5g7JNxK+5k/5u
3xfz1v15Ino5baSbBKsf5fTDtZkBUOPiYTXJNtIf6RexTaLlveqw7JamSZF7YY0q
pRaxx5XZBY4QBoWliIhuzr0pPSPSM2gBxG4PNOXwEwfVJSJVZKulyDVtUhT0DorG
JAw9qqS/WcyQ905SY+YZV4jlvf9VNRIWjw3Zql2o9IK+MzX7ot7R+E+03k6Pr6kQ
m1SagYKaQXwpViAa5w28X7hIX41Umu6aeEgCi0Piw7cReXxLSDrLVPSaIqT2LSfv
ov09IravRf62rp0axeouUZNTNb/lSWX7T4zv9T9J4m3Pu0sEPB877BPzcJxLCTsg
9VOIXbZe459Vay4GbVC2Y+8aSbC4HIrReXIlkfPOy9gCSpN9SMMqRlU5Eidmz9md
HlUzeJfGQs/9ZLiEMS7Qk1Ns4U5own8qmf5Q0m7E9Ho7LcV/XZhVk9LO9LzufzId
qoC9r2apZjSLrvAzNU7lVmCbniK0LZ2GhGeSD4mDs2CcSo9Lxwj8Zas+J87vph4T
js0FW7f5cr6PQLfq2wwTtK6PSYmXMM0M3AQ+EGwzFvc5aD9dp45Jbq4Tey+xVqfS
XgG/zmZZnCgHYBqN5zMld1/qleWJpJFxF4pT14fKAioBUUILrAgo+X8Ikz6llDSI
1byxlPT9q3NgkjrdkegYMIg9rCYNflX54jRfeOgenlMjPzZB2KbdPE7wFmHWl10=
=bKcs
-----END PGP MESSAGE-----
fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
- created_at: "2025-07-20T18:28:14Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hF4DQrf1tCqiJxoSAQdAXBiU//ksELwICDAN/c+pT/ujVFTVZ02nCKoGcgtMKVMw
lRcegt+kGVNPIx0h9JstIuLHO44/q6V2yKgsetC/NyCkSJ5tulfpuUnQWUP7rCjK
0l4B3+ttuIDbAdJ/IidXZIXBlHh84OQDZCz/La8Q1PZm2LFihKCWtmyp2SA2hruX
1KrzJYRrp5pBGPgga0V75FfFcZrbtyypESDoj0cyRtGnh5TJSB0pMi4RAlhow7k3
=nE2w
-----END PGP MESSAGE-----
fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
- created_at: "2025-07-20T18:28:14Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hF4DzAGzViGx4qcSAQdAuaqVtpUu32jS7+N6XAZgiiO9YZccwXlyVrdtBD0Yhh8w
ieJT+Cel69Ewax4TsMmBhNLGchI+XIGsbGymSjEpXxj48gkW/z/bRwhJddPb3kFz
0lgBSKVyrRVaG3oRmSBVYrK/RovA+GUoatm1z4eD3twxVKFS9DcPjks51MrAuZ5t
WqV7WAhxXQ/jOAFyNzpV+qWs6hZKotzCc1CUc11ov8Mag0zDnuvMKH3V
=+xgp
-----END PGP MESSAGE-----
fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
- created_at: "2025-07-20T18:28:14Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA2pVdGTIrZI+AQ//UASU3R7l9DtANEukI5MMmxq/voPtDxTprhGhdtvg3RQZ
OD3cfxbNbUypBlPh/CAPpwbmWLeW7ooGPKvkohpDMYb42iyL+MQCVq/dIbMrYcJt
y4Aof+uUJVmeJhPcYj7RDZULjPOvYrk8ONp17BQICy3t2hthcWwF2xvX6x8hzYUR
lPA3Gle2E1VQM+nbT6pkwPGT5mFWlrdGHbm+PpL/nuMGsuUe+VXsXTfZSzKoXEtK
uPIxQBk3dzOo0T2FkpjlZOli83cTFbWi870VyR9ZjxEoXK4xXi+5WmutaRb+J4ya
3JmWVUTMkVyYozjXBuCVSqpti0tM3c4aGkLhdYDgMl7VCUJQer+K/7pzEhYxRl7m
KjkTNMESdSr/F/6u0ewRTWdeyj5Vtsz9BOHiNpESxS7bP4kiXd6UrxpxisgiiIpK
R2wnPviWUti0Iu9FDzT3m3jxlT+Ku9oiVXXvDnjiN3u6129yhlobPJbRn/OHR6QT
4czHAJEXEdzG/TVytjRqnPVd8UpfizXte0Ul0awtAFKbC0lgFwQj68b7CN7vc1Er
EmnS/7IO4aLxGoErdKUDZAZElF/ubQNeh9rDfcAX8lWsCVzQQ43xBkVSBmgjF+qX
a/i5U5yLwNs9SlPo16cfSMd5AWJjT65Sp4UKFz5yyfwunIBRnZsgEkBw0FgoUorS
XgH7jq6XOsaVhtljrGFEXgK1i0aeqaj8kEx16U3bM5v4rSmDNSrPSRzvFQ6+fGYs
Nk5Yqfvz7BhR6DJB6DyGXw+b8lWQLOr/pllC7yQagtH2PKYfebciPT8hXYlUfcI=
=c/NG
-----END PGP MESSAGE-----
fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
unencrypted_suffix: _unencrypted
version: 3.9.4

220
inventories/chaosknoten/host_vars/zammad.sops.yaml
View file

@ -1,220 +0,0 @@
secret__zammad_db_password: ENC[AES256_GCM,data:ThtJngNvMc817rvbjMjjbnp1tBlXPdAg,iv:GcQHc7p5jFcyxpTcYsUOA8PvD1Qy5HxVZXHcAuL19Uk=,tag:UjVxYkU26/zkBL1eKDfreQ==,type:str]
sops:
lastmodified: "2025-05-04T14:11:05Z"
mac: ENC[AES256_GCM,data:GNOhRrJkLTjovRO2cZgeiRcqB3TE2sWxD220Z8GynoUV4pWS20vOKvaqwxU9seuD5Msxd05JzLRVTCtP4La6HVSgDekoVYKz3SLmdT2Hev+fscmfr0uojRi/5f+eCqGMBEy8Xs2Y7AzIC60iHqX4VBBn6FgkJuTyS50qn1akoGI=,iv:EIjJbb0adELCNBoRsdjsVvN19v4rKCiVmxcCAcnY7QY=,tag:GzqchqorbDN33+SfspGT4g==,type:str]
pgp:
- created_at: "2025-07-20T18:28:15Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAxK/JaB2/SdtAQ//adiHGDXIz24INvZMytpnO1LF74Xfg6Y7g4namdypRQO4
fWgaF5dFCEMr8WGbjuk0OXDzUnkAgVtjTSkhZn6TBMgLlUzDabRsG9HYdUeB2abG
q2gwyybBUnbKhetJXdcbEXFlQYWdRhv30GWAI/E/qLUdhhy6v6KON7ZHR+2UB/ob
IlPI02h/q3MDlaa5QObVgttz5OLYRS0v66DVTNTHL5qydnLNjAOOu5v5WNDHL/wI
CvPhnZ2bwiIK/A4XQxGCQQUo1uMSX2CkNkmg3rXK+E9n+kgj8yKmKLm2ckYd6f+z
VOiiKVHJT9M5LDTdzITYu93jrHsYqZDdOBBjk/MVEGHoQ3k1Wmo2ndh92W45eEdR
wpRGkrggpV/Nanil3rEImWOFee+Yhhhw++l7QCF4vQQ0OeGbPM2Gtt6ggnxnKXtT
E22C76DF1Ouljjo56r4G/P9njSN/yJyEpiz0IWytGEGhiVgqMnXdxduNegdLQI6t
FFVIaFz52Q4/oGISbWuvLvlDzNg0XQE+/KNUfDiqj9O0D//UW7+bs337XMfo06Db
eofYq1+uY0c++CBqlBTUW7RAKf4ik80DLy650pMWryOKWU+e49O2wyPl15ZhR1Cw
AdVmL4u4rWYQ5bWUKd1KMBzrF6z9Ijz6xWe8I1JXg0Fw21kqk5qAhvm3Ry05O3vS
XAGk36zIDvIa5oUx5U/hbT4pTiB/rT5PDiFjFrb7V5JVQL02CC7uxqWXk4ioYfGC
DwmygqUzPTr1x/KexvtNVRmCv5kQWmzf6j8Egt0CtSYi2m7JSaVpheM0H79W
=csYx
-----END PGP MESSAGE-----
fp: EF643F59E008414882232C78FFA8331EEB7D6B70
- created_at: "2025-07-20T18:28:15Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA6EyPtWBEI+2AQ/+JoUZC+RkuWmPEIPj3PJkyYBVHaX20gY8jHf6BvUCjoRQ
8rwhXohbPFbxiJN9bdWdLxuG9tRgg1lQcK4+Q/bq5sQIVCAft0Ulu26BKN+dC8Ka
qv2+7aHws2fe1v7cCv9e4dNkiWTlfu2RHJw00qalxfwOCCrSQfOzx1jCm4xnqreU
LHnzhencBzaYirMMv7J8kzUSlxTHjb4OzV1Dd2Rth8YNZNGGibw9wnJAr4ZTOZjr
PdjN2q8FvX7/xOb0l9hQ++Xx4+iIkyD+WnvlrI7aPZJn1GP1psYIj/n6otIWcsrk
LOmDhvhq6GFMht0ejDyZlNA7ls/JB6WQ4sx4pWF8MGycuh89HZJp/jfPtgob+9Db
Kq/uWElypzNoMIxw8F4TKSs0w3vYV95tPtzxcOJew3Gs0FP8MbyWhU8rjHXG8Njj
Y+KjEVlekl6TZLMdh0lewyQxww83MQLR106iw7kD/iAlgZqnsEcZ1IkCTrD0drKU
+7AyFT2lYQmT+3h2KaIrWnBq28EIKdf0SQ7Ap1w2XlaNz3BFIDrjvfH0Y+NCEkH9
CKOaIowUyosMO/liQYWmxkJCUsSFEIjHypVKCwP47NeE6JRRpXLE89OgBRpuz27X
xKQmRonQlCvRMOCKr0s/HulQ4wAc0vK6H2BNqBevCDQQOUwG6Xg9I1aFV54OGxnS
XAHy2dhsIXkbvUsnNVynbyw2YaktTKc09Obfu7t1e5AH4DWC0YbRdSHE9LPRq+Pe
88q6vRz0Wvl6B0iqvzF+ckV5//Mm2bBAzdfCC0HGyriV45FkFwlCP5gh1sRY
=uziZ
-----END PGP MESSAGE-----
fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
- created_at: "2025-07-20T18:28:15Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAz5uSgHG2iMJARAAlY46gigcH73HsaXyUCKr50AVUw82V2x/roiGRkEd60Eh
x/qZzS45jYC8ngpXCusW5UuVcKjfwwoPUSlDU6XYWi6UCQJN3X+AskG8xAx8d/PM
vsgy31LKqD87k9x2um7MgD4MUuKvUzrXyxNpN/fUveXZapzOLSEOWyA0qyB9SkAf
BMuI9NY84WtxzV/C2QWBCoZxAwsexBow95gFybDiqubZZnGQ34sU0M+Kfmuxpwdn
t8AOX+3t61jiU1Vq6ccGhcFHjiSUbb3LAGb/WPzzjyrsk0beMmWDnguLu/xuFFaU
/J2CcPtF7GfJlnwSalB2VVZa4Dmoo7Jp7j+lTVkOf/KTZQqRS0cNr4bF/qdIo3PL
BMxyOQwSoU2qpjc4yyczjNJLaYi3bwTlHmO2JQw+fus8bzvC3JO+ZywGcQG+Qc9D
e/Ajk7r2wnOPy73EvBdlMyL3n4YiCLW0uedtP+dVloa1JZtuI0yYcm+Sitzez/As
U+5zgjVwIIIrbx6Sd2rOG3ffZiweFPO1oWh6QotGyIwaN7ub4bLbjZ4IPEOBFstF
5knYUvI3i/eIV0VYv6+9mzNHmNrICzVHJrdu7k4t/l89APb2RJQYXbyyPXJYXGEJ
nFtEbPpGaZFdgkbx/51vLRQPr6NATjO0XucfpUlPBmITzm23UNWQZmnwiPQurCbS
XAECbK3k3oFFF+IFrday4yH+bsEBJmb1fZqgNXUfKYi54/e9vvS+h9ZiYeUat6e2
eunbb8DpLWvoTXbCIdjd1X6ewiRk8HVCW1//hKqZm+q9pq+1qtp6GXrccigY
=keIA
-----END PGP MESSAGE-----
fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
- created_at: "2025-07-20T18:28:15Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAw5vwmoEJHQ1AQ/+ILCiAWOp+/M8fEmyj1HMIU7eEh9zZJxlVAJtNCs8vBqq
N5nyV2oHGf7s5N1NcGyYYaPEj9A+fTBGsQGNH9vuxdsAv1TzOjCfuJoTaJbS5mGr
w0JwUEi8pFMNrf/IPbFlDTpyOKVFjNJM22hkAU27S2UuL7O29nXkULBRNMChdIJn
8+9LSPdbrV/ZzNisRvf9UBHN9TCkrUgTxPC/H0IKMFfniAr+O+Tz8jHPIMHYcQTi
8GcYJBXz9q+oKEGGEoAp6mLGR+qS39aQk9nWMekEAFvxdKrNqNplXRnO7b6UrYNo
ZJuNL8rnb39/tZbTay2+rLWTFrjtaMye0MrMSWF3iYLMMsOiN+AO2e9ij3tRRdrr
S7bO9Z4UUI1et9qlZ7zAPCIMCjzGeY6lCXaQzdV3MRKLW7gUDD0ZAMwHzugQ2NYM
VWEGkn+i9FmQJnF9fMQ+rmbKfprgjEw4ihxux7Sk46pu9THBvz1Tk/oXIVNBaMMV
j8HNbXJSvq8qtBBBpEIvyhkIINYsSxNuQl186CxAkxLKLqXmtmdemYRRCrrhi7C0
IP2G//QQgmMG+G0TS9xtpbP4v4sb2sl+90ivMaEOFrkBl7EZ14dHt/xVRchbx6fu
1S1aNo90fFVBd07WJTbRBlWqLPm/tDXgXwaXCzUzxXsushArhV67wgThhkZKHbDS
XAEyJxt0Fi8J29aLfcozFGYyoCouFlWCpO98AX7PL4RRogiClWBsKlZs00t4NsLp
17Z9+oUR2tMC0GDJJo2KpUShrmhgcVRatxZr+SbtpiTYVLlDludGY2f+tfco
=6cs2
-----END PGP MESSAGE-----
fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
- created_at: "2025-07-20T18:28:15Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hF4DerEtaFuTeewSAQdAt0jnb3zKN+/BVpWpm3R9XJuyGmu5fMPFfLGrjex3VT0w
JVs7elFZRTtTI3dRiIgTMnP0FIYu8Kwhr0OjjmnBScfWmu9Tc+wwEbCra9U62Xmf
0lwB138WLDEtAjBIkqHgoEnGafwEqIAxFotbOfTffcSQU8xr11qSuDkPDEhY0zws
XXpGyCTDGFWOH4l/+OZIp4TFAjyMWwfV22/cnEyz7JOlF0syYSnxYmj3Cn45qQ==
=MFpS
-----END PGP MESSAGE-----
fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912
- created_at: "2025-07-20T18:28:15Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAxjNhCKPP69fAQ/+MdxFZ8vm8EqCdNHGUSSQLAzZqvZNPR7PWErLimJwYQKo
JeYngZWNEJShYQSyFeVsunnOH57ZCWHIsvW1CRsueO8tVj0StR9RPm4uzPRjW63j
SYjbd8sCB1jwdOH+bfFP9gbQXB41PxYqFmM7rpnQKUkV+ExToGO+VVGHz4jf3Wio
XYskX0bsSp9L+2rGCJMOS2N/7NmiFliIN55pK8s5DTkvLVezo1z0kdpeey6zrmHH
WCQb5CdBlZyRF8xwidEpZyoeJcbvx3OmwkeM78hY12eLoNUUqUoKnB153EHX9A/N
OCT1vvrbHpUnwhb5qW5JcAJyuV3Vhwo3/cmmInX7smnCfKwwbZdwavuP8cIkv20R
Z0Z0oUp81Oho+C7cp0KKe4iU4dkCfLFsfM93nXvvKFheiPCVCfWl3aT2BvAmqm++
UpiUeIjCjsyuFwhZRE8st21/GtYfiFF/RMU30UlrtVTn5T31+16Zalbwbsy+syCv
62ZkVCMRc6mGlcUZ+jj3F8v4afy2CKd9KGRWgOa6SzMNTRL4mA//UvpOIJG+FbBU
QycKvXGFsz28HvIDfDgwPr0ZjowAmmSdNUTqPEZ22PS2r/qHOOsDwkJv4CGuyKuX
Y7YFAEnnzu6Kak9IcHnVAz/KS6w0FMFWENz6irFNNfcnp0JvYty8AXkLdG1FbdXS
XAGz3xQ2kKzb5VTsbakd+MTFccn+B+/FOCnEhkZPL6l1K5AmU12kwIRVKYjwNbGW
Z5K2y1XI5YpaHtWQXk+z56/olkEluKNB9yqEVNCGIZ4X5DzZgf2K/JsEpo+q
=AiTT
-----END PGP MESSAGE-----
fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
- created_at: "2025-07-20T18:28:15Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA1Hthzn+T1OoARAAsw9RZx4oRDPdBZtoLBpTyUbyT8iILC/z79D7742MvYwg
X8sqgt0GKVocenn0qcJRa6z4PHRGK0Y9pepmkUthUnzz9NyfLL7hTCzummcTGwsN
eJKuAX6jkfoMTB1yr4B4Ex164oabT6STelTr0fBASBZtn5+GHxa2euQnAhg7JO5l
gexBd1mDABCZiwyCtVH7Fex1c2qFu7nK3bn+eiRvgjBEJdLIA1QKEZIIdcrOL5Eo
JUlvT6g52XvwvHBVjTxPVow83Ewy+Bgg4BY/kJsDZrA/h/hwE+U+kkYwuOzGsKIx
k9V13hcQjluJZMznaljrVC5K02AUcb4V61zisn8ve/2hV+3PURCODbBnT/fp4Lfa
7d+uXe4pVLIVrY+0oJznvD3Bvog+o+lIdBvB0MEN4XFQ+IOTBUPNAzUpgzseHN9J
vMrJG/xEQY2P2Yk6oIlAuv+PNYCN29b4WzKMAKtSsxcQGKpFuQjXF0j6BQJ9rWeC
5iZu5UKUOW92LZJPl7HpS5zSMjimjdd5fMfTp5urI1+rksZ7vRbMT3t+61y5lfNT
jxR4M2KCC2W69Et/Kr4MUjPMYKLQEDPxSQD0+eSf+iy/3mnGXzw4fqoN6S2cEsAJ
i1phH7WtQAgWlGYsPTQiYb9jlxOlN8FOZyruuwQ/9iWlJPVBuM8nmZfXH5+LvM7S
XAGt5mqDbySHlqqFKDGbEasXYZufjE+3+R1VSnt/L9ADrwt6YTK4dC6t4qxPj5Bt
GM45JUrRfpWgj/c6HlI+CooRxkkWOfrkKQl60hBCn6LB9u5PoIsRukzXyp0P
=gL5h
-----END PGP MESSAGE-----
fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
- created_at: "2025-07-20T18:28:15Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA46L6MuPqfJqAQ//cbkZwvDFw6IICbo+Yj2UQlakEbLrs5Uy0/4yC7Cwf/v1
Xai2ETjCIQNtn6iPSIeBN/u/JaRA4KYyA3qxLrNJdamWOy0J0UuUE4Tia1tvy1fo
VkwH3Hoku0BaLFaU3z3eLXl9rCv02cZHee/8yNSxIoIyH3EpBMpuyelBnpptEW2c
gX93deWNB28KCNxPRT+b/0VMpnHq/LvxOGKmqqYw2ZSp2a640KaxPo6XFlELnrEU
7+1vrf0d2jGqbv/WIDbK4M1sKV4d07fdCreEfhxgRveWV+PutAM6PZTQ4jXB3Oa1
kaA7BeDAkr6ZBIzykW/Jqh6xxh+Xa/t8C14i0z81F2V0eoBpbhBla+Y8Rt5sqmcB
g4lHLZaVqqxiK60f4cI2xuNeZPNJImnTYIIsPBBIa0dv1eCQi/wUiZERHOn5F7/m
YPHeWRbBqGPUYLALgsDU4IxLgF42ouYuGMgCLMhlnHL3P7cOhw+D30tlQW53jLs+
Y5UsU6lv+Gs34O5R7WXpOeL6PADAs9j8kbTEv4UXpZ2gGYMBCMThcJ0PgR9ypkCk
hebdpjRJssBTCcjzwncRXEzsd+jvXZrd1WqJgFALhEAIJjM5B6mmsky+3g5wPHSo
KJ24yCP2OoS8UEce1RpoKHBqHvQRZKfHzZbWVUkOXoiJl3a/MRGoZzVKKvpzzsjS
XAEgUl6lunwbTZyT0zHRjC5Vse0qc6ENIgSp5PEv/Aw14HOEjXYU+sTLUS85UDBe
z4hqrRuYqjrKDVhoFsPUP7Wq5SIF/iTtrgOkbrl3hAAyLO9MZWE0hi2fFFS7
=nBBD
-----END PGP MESSAGE-----
fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
- created_at: "2025-07-20T18:28:15Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA4EEKdYEzV0pAQ/8C4yuL9dSIZ+5xd+tFFdIzYNrj8cDGpchHEFQPyOmWqEr
DHCIh0zidqBfFBhYA6aRLXdt8/qILMd+sd/YVDx0Xp+t7vr5NixXGU5L07u32DRK
sk/RD6ftYALp7UNLEVUrQV53zER1hvw/FZerKQaxW4Mf/5s1Ic5OllmTtJgXN+S2
wFXkKHztpIk325pcyAuWw4L45aLOQsDCXGxtmujPSjuYDN9Cmk6Fzy57J5GL0yUw
uXtKdo0/gRvc5mkOLOSknED0F/wDjHgLp+0X6ul60Z1y0L1zGQOP4TRpokTH9zF/
XfL6U/fWG6tleneE6usqEhhh9x/mEv0jl+6yqeDaT+h2idXAyQj1ZGtSEZTnCQQr
zO8Ww5JwBprhYTMkgEMqUkBzjHt2HvKUC5BHDCZRo4tV6MIwUHNmWpj8OWZIATsA
qkjaG5dLKIR/y8kiAlFXdaLjZYLwQbvV9o/fV/OjJ1Immr64DWdA4vPxJusFx0+H
6GWQOqEW1QU2ua2iGjPuU96TxMpk4L5rUrSlPb7HFbMtSXJ98SUgELpX6cK5X1n9
m7vORvs+2jH6BT9M7nzwDGqLKV0n8FGG5wssmpZkYWG5mHX3Xffl9rZ1KWiThNtb
q5UzZgj1lrZXY4tuDh3tSHY6OtOEsvYAM/Co2cMOYltldBvBUjCIcfp5jMgkuivS
XAGOdaWlLSI8WS0wo20hFMrQ6s6nl5lF7dDA5r15KDyCj7tRDoql34wtGHlcxHVp
fbnvT+vnS8oYSna8pnwUKtBPgJjIQALi1g8u9iOcJcS/k3IjwtYbvTuZDqi8
=hy1K
-----END PGP MESSAGE-----
fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
- created_at: "2025-07-20T18:28:15Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hF4DQrf1tCqiJxoSAQdARTwXkzDANboNyz6TgFouJT5Cn6wkJL8KzrMIdznBoSgw
NuMU4tStbuCfiPYtWDIPCkIb1fN6QsbsFobdoiX3mmjAfZ8zemabizr79CxY9UJM
0lwBzJvszQdnz637vwhTPbKTNdn4rUYvthofHkyKhtPeM8+Lh1+a1kl7xCgjQ3QV
3vwR3HYI5aSpkVji1CME/OeN6yydrwRSmD4v0mpRVLz8Q4+jckn65YzfxqLrPg==
=2PZw
-----END PGP MESSAGE-----
fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
- created_at: "2025-07-20T18:28:15Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hF4DzAGzViGx4qcSAQdAVvviZBDa021FiiyOf75HsZOjZeNACkwc4x+G7IqfUzsw
hpC9jPCWXGLxdJ3ME8kXRnnVuK+mO6fP7j+mt+Qq/gnsOwE/tG9xAfgbeN8HtUF1
0lYBLhlYSYhrE1XLqxaOY417iX48SQlkn05otmLeDMnz8FVkrKTHPw5A8+NbJH+S
/pUzq/YqYkz482UtIvT2NWxjjCFAq6CIoM3GG0QrWUjMXluTcI9+Fw==
=AIdl
-----END PGP MESSAGE-----
fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
- created_at: "2025-07-20T18:28:15Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA2pVdGTIrZI+ARAAurFFVEyyagsTeCAIJojju6tGOGo9YP/dnNGm2aCdl8+E
AXlvrKFC2syOn+rHTCeseRxWRI0EdBYfGLH2BKKScBOlMK6VtgPV5h8ixqfRozRS
HtlLinWxbhwz2+RcwXQ0i53BLWzv0royywkTIXEyhq0AqwF1LQU44CKzWRSCqpeZ
2alZWpzTJyqZoT+cus5PlZrvF+GnUbU9JOdZZKjIHKJ9X/Ol9N4H8euDViomKOw6
UZVqDd1pejzgLwkokVgp+IBw0JwEPAd8Nz+6jFtE3wU+mblm1A1Cb8R0Iwd0DAUE
L3GsJ9ZnNGvxxYMcC/bsBTfjL3Ywt6htCWBC13iX4w2+bwXtJ1/7s5nejTsASVfe
LXJ/viuD9jixjCI9WNbpby/F8MUNv0k9tLTh56CzWJOxRqL+lIgrzXQmMUCkiWLR
u76u4EUMvnbM2hZaNwAYQKTKNC1kOJIcphg4lV4oO6hJdZ+q0Mx69F/qBxYhMvfK
M4R52beywk+bASQgbtSwysKJkwTXfP6bcJuOhkBwIiTfkx8qa3PmzhwQxwaufb0L
xeE+zqaKKufz3h7FiHutIVfWXh9Q6SgoTh2XZix9QAnaQYw5aZWXh/eEIniKoeHP
97VPR7OUgVw10HpYVkuZlk5Ry/6oLqLPEp2ocIm5wJGP946mZkOd327/kXse0gXS
XAEJO1jxqfgkPVPrrFRZ1xbR8CrW/BapF3ExOWmrNgZ733LGvyo272vK02HKN4iQ
zIUMCpzE4vwRwHVcsd+8h6O2HIuVTbN6FdjVQuFA9dC4Jj7LfO7NILpP6TCh
=TJSr
-----END PGP MESSAGE-----
fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
unencrypted_suffix: _unencrypted
version: 3.9.4

34
inventories/chaosknoten/hosts.yaml
View file

@ -10,6 +10,10 @@ all:
ansible_host: cloud-intern.hamburg.ccc.de
ansible_user: chaos
ansible_ssh_common_args: -J ssh://chaos@public-reverse-proxy.hamburg.ccc.de
eh22-netbox:
ansible_host: eh22-netbox-intern.hamburg.ccc.de
ansible_user: chaos
ansible_ssh_common_args: -J ssh://chaos@public-reverse-proxy.hamburg.ccc.de
eh22-wiki:
ansible_host: eh22-wiki-intern.hamburg.ccc.de
ansible_user: chaos
@ -51,6 +55,9 @@ all:
public-reverse-proxy:
ansible_host: public-reverse-proxy.hamburg.ccc.de
ansible_user: chaos
router:
ansible_host: router.hamburg.ccc.de
ansible_user: chaos
wiki:
ansible_host: wiki-intern.hamburg.ccc.de
ansible_user: chaos
@ -59,10 +66,6 @@ all:
ansible_host: zammad-intern.hamburg.ccc.de
ansible_user: chaos
ansible_ssh_common_args: -J ssh://chaos@public-reverse-proxy.hamburg.ccc.de
ntfy:
ansible_host: ntfy-intern.hamburg.ccc.de
ansible_user: chaos
ansible_ssh_common_args: -J ssh://chaos@public-reverse-proxy.hamburg.ccc.de
hypervisors:
hosts:
chaosknoten:
@ -70,6 +73,7 @@ base_config_hosts:
hosts:
ccchoir:
cloud:
eh22-netbox:
eh22-wiki:
grafana:
keycloak:
@ -80,10 +84,10 @@ base_config_hosts:
pad:
pretalx:
public-reverse-proxy:
router:
tickets:
wiki:
zammad:
ntfy:
docker_compose_hosts:
hosts:
ccchoir:
@ -95,13 +99,13 @@ docker_compose_hosts:
pad:
pretalx:
zammad:
ntfy:
nextcloud_hosts:
hosts:
cloud:
nginx_hosts:
hosts:
ccchoir:
eh22-netbox:
eh22-wiki:
grafana:
tickets:
@ -115,13 +119,13 @@ nginx_hosts:
public-reverse-proxy:
wiki:
zammad:
ntfy:
public_reverse_proxy_hosts:
hosts:
public-reverse-proxy:
certbot_hosts:
hosts:
ccchoir:
eh22-netbox:
eh22-wiki:
grafana:
tickets:
@ -134,10 +138,10 @@ certbot_hosts:
pretalx:
wiki:
zammad:
ntfy:
prometheus_node_exporter_hosts:
hosts:
ccchoir:
eh22-netbox:
eh22-wiki:
tickets:
keycloak:
@ -150,6 +154,7 @@ prometheus_node_exporter_hosts:
infrastructure_authorized_keys_hosts:
hosts:
ccchoir:
eh22-netbox:
eh22-wiki:
grafana:
tickets:
@ -160,23 +165,14 @@ infrastructure_authorized_keys_hosts:
pad:
pretalx:
public-reverse-proxy:
router:
wiki:
zammad:
ntfy:
wiki_hosts:
hosts:
eh22-wiki:
wiki:
netbox_hosts:
hosts:
eh22-netbox:
netbox:
proxmox_vm_template_hosts:
hosts:
chaosknoten:
ansible_pull_hosts:
hosts:
netbox:
alloy_hosts:
hosts:
grafana:
ntfy:

221
inventories/z9/host_vars/dooris.sops.yaml
View file

@ -1,221 +0,0 @@
secret__dooris_client_secret: ENC[AES256_GCM,data:v85gIBNH4s4j36crJ+Pb2lu2cdZpwz0xndHzBKZNGKg=,iv:Rlt6R7JMcHTAAVPiTtFaxqsWD8G5B9Ab3yqItYdFR+E=,tag:dlMHaxTMx3LgOzCsTLUdzw==,type:str]
secret__dooris_ccujack_password: ENC[AES256_GCM,data:bHeftSA7eC1cSydBRumksRgw2v0=,iv:X/pfsvQPZREifGjHDGx8mVk2TDrlrRVb6MiAr01wI9o=,tag:ti//x7eDbheMG6Hsn2KBlg==,type:str]
sops:
lastmodified: "2025-05-29T13:28:08Z"
mac: ENC[AES256_GCM,data:SkqMlgJBdM+CMLE/um7m8V0ni04Xi3S9GovNsADrws6VbSWTX+50oc6HtWl+Kj2XugLfp2XpVnlzggCiq3fePsdt1af2+ZfSCue1d+dexjo5Q/gvE/olKlmn6aj5qiosUsLgu7v2bCOIb9m9WiEhlQLKx1wGiqVNQDabiLOJV6E=,iv:NUUOcXtbg+xMHqthipKpRAWLTXda8rup4aCbbP8sVEg=,tag:wyh+hrZreOyT7uQQrghb7w==,type:str]
pgp:
- created_at: "2025-07-20T18:28:31Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAxK/JaB2/SdtARAAjD1i0lkwUFRgQuo0STOsM9N23W5LdKCuZJliGfVi/Sfo
etQhafe+GsYLMmZy3zTC7JU6KIYB+wTPAn4abAMqrxUFFZ80ij/hcmdj1p/yrgO1
XNZOd0PEX08RBd25GbIGLGYjvioutm3YDYdYlrR0pMhBvJl7apPLUHIFrmjlk+18
W/ObOqDvUEXIrm9E3GSaMYrk9b4gI8wtA78Z7JOLRFelKxnnhBPkK+46RLGEo6lo
4QfN6mA3zp3oVg/dtznQrVtc7mbMvays6M32zRV+TQ/OB8ORqmsEB9lWTpjGgjzL
nWWt6bQVLIEUdp8RKI4kwqOE9ZxTnNAO00cQ4ZmsccsVXuLGQmNeoBynjJrayWXT
zQYpXh7mT2ovCh8TzPsnE3kPtQE7ISgtJxRaaX7KqW9iGq031Z6GW/j/zr1YPD/f
Wve1Z2bkSzHMY2EjbWBMDcIN9JpqOrjRVa4ZJtp4+pcBU/uO0yXaWZLRL+EJIDgk
68CFGRYAmvEAfca7chv55gGiJWXPONRkDqix0y7Fk5pkfrll2xxkKPoDEU5pb73S
qdHQTDRmrrX4C+c7rSi2Cpv7kk0/azO5bxakREv+vFsiHKkz5cBwz7blBss3jsAX
6lP+THKJSYDmgK0mU9CUaX6uvU766XS9lBZxp09ZY4lYeexS32ItXzfUTLsx6/bS
XAE829ofDeJ8nGFxCPTbk6mgIJ5tIAAPVBNNzV4Yyb5Q6EKAETEWmnZi7LgkACKL
pSAiQA+Khgy5DXGMnftFSA21KOsZKARhopFoajdnlSlUt3MZlEe0SjTIY4QD
=2QJ5
-----END PGP MESSAGE-----
fp: EF643F59E008414882232C78FFA8331EEB7D6B70
- created_at: "2025-07-20T18:28:31Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA6EyPtWBEI+2AQ//aMkP/gaXVNmbRWECzQUxsyVOfE3frnm6jxErV/re/uyv
YWfMZVB0pWrOv/Nj2niQ7JQ663uf2w3d+YdyIAvfazAW7ZA7eQ5dfMj9tOPimofa
2ciVCdsqDuKxkmR6Ns7MzKk6exdnzt5IEnIJrtekZJ6Q56zkYFhxGjvPKaNRa1N9
nvVVgp6ovqAA2JZFyT2ay0AxqTWlZF6BsO+uEqub8NSRmuJCmbKvQgfbmI0acqAE
DanFRY5k2ACxed30OSBslvFUmcMGigB0Wv0SvXtqCUmEU061ZcknZgECujoYysYn
Z1txLQEWSFjm6rOCxdKwqRf9DOjB5aM85NOs87jQy1+nZj31+dezEJ+701ROVOCN
hQCQVGqzJYEOwYRDMjtf2fZjc+d/smWv0FijJleWHBB3CEvMZBSHCZaC2n3/jtFK
mRwi5yZDizxGqq3kvDiU/9l/jMUPL7u716o7Gj6Y6AN7QgYjQjmUiXG8DvqMiNQX
eFX2PLjvmDprao8unnJ+Gj3NgwQgXkFJm/jmTjVwX41V1W8n+ayTy3MdaXaa/bYJ
uXXVWDKijRpl1ewqu6A6K9ARbPGmKmUuNIQzhgwav1c3VvQHuO91OoFz5rX/m9cM
iY36OTPiRsNnrNuoqa6aXSDoMZoOd+KCkIo9Z9HV0NiKVH4oerBE9qXxvdCB3nLS
XAGnBTYLEVjMXiWtZxRFXpYD5FUUNjsGWsN2nO/eqPv1FVAjECfiacFWUxu3kXxW
ZCr/WP+vDbexsPPxKNwV4oBO4t4r5miov6mfWnil4mWmvrOvANi29ptQMRKw
=3Lex
-----END PGP MESSAGE-----
fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
- created_at: "2025-07-20T18:28:31Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAz5uSgHG2iMJAQ//WXDYfzt+mSWfgpKU7MSoU9B+VuO6C4g6FNuAXVFUcblZ
7JOlw0Sikvo7cPm/a2keRTGsimFvf0/BFelGdSmJBizdKE66eAc/KvXfV2RCGLVl
GyBJkSeAOtQvfscyJaDjCxS57E3PtyaRGaWERUJ8mdvs46gfrdrMLjnF+fHSfOOb
BddoGlHwGgqRmPu6jLbv+U19+SuNhI7W0Burl2JQ/vQYxvoc2H0e/r0wGOAX07sH
vqnsYwHMAGgaeyKV+Hz29FAqzcT/svc3P6DR3BjDgDHB6fd0jTSVUvwvzZ4MPC3z
lg4DZjr6V13JFvUZpQ9xi9I38DgEOpqG8jdK7XZ1U7xMfKBW+ZLH8YgB8SvJLHK9
H7MOLcRpdeXtWgw/S8HQXUaaOUuV/Lxid+W1Q3WDofqwJYCrEY3JdLFBVvgETxvS
2wckmlBdEEUiCzt4sX1XfanwJwQuPw6NDYYxYsLe2LoFYaiM27wzgjIn6av4m4nT
SRD3RIdcLpOJDlh713ZubfvoPn4PFKWQH4rRnIbnwI143GjvxInuwBSoRS3yPfv/
GwmW1Qp3voVRgN0lwdoA/ruydYBy0MOcSDDCVm6d2ejE+QdnDLakqKcyK7NB/GNO
Dvg73oNCSFmM7hj3M99X25GeJlte0pEK+/ZuYO0vRa7JCPAWzYluzg1eRpcCVqTS
XAE0c/M1Orkjx2u9YGbEYNEmMAO4g0xgRVJmJPoYex1ZrAasgiXw/KHpPzfen9Wk
QSsH1K6Xudf5U/4Etjqnctjh9ZgPEMmFe0iPbD1FEz9Lzy1vo49ai6+U/rnA
=MyFz
-----END PGP MESSAGE-----
fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
- created_at: "2025-07-20T18:28:31Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAw5vwmoEJHQ1AQ//X8MbQzTrRC2iBk8ioKdLRerWtPXEDZnS0t33MnMb8NSe
jEUb+nlixr0BFK9U6lpF6xpLwAKP2WAzwQjAF0LZp6v5Tn0KJws6MuU73eOlfiXJ
00lDe80/UpGptmgJzXoCxIPpWA8jn411ZYaHYzKjDI5DWxacwLWJ81LoQ554t6Os
y++haXs7zHKyuVlFOSEJtuDQ7I1BI8kJ3h8Pk0PJZ0pDy5+CgbGJ57OBdOGL+JiM
x+3qitjVdDgtBql969IjZsrU5wlbNoBySvj/pfJTjCw9xifK+L8X6KOJObUa0Ny7
2ykINNFIorbgrdW0PGwieUOaxh6/Kp74pS0swBrV+XcsgwLCuHRiW/3SlFpJkbSq
mnJgO71rSL1fWO4woGCjJOgkJ07xIlK0GrX9fzngBRUQzrFu3cO0EAtuq0d0WKwI
SIiwV52YQixiLyKOSOMRmfuwFziuhULGC5wgtc1Q3C7tGNmmFsahGIpKfR1lxxb5
zsNXkc54EZ+Oj/w6bJn04FoiQh3lr5Osvh8CfFUdXcNogMesY9Q1b5oQ758BQAUd
RKIwL3Drs+dlZaXJo18NMYuG1WQl3ZHXfXjVDqiJMPPVPqkizQC2QJGGYXuRJj1r
DMXbew50XUNTKcOYjrxaZzWTmzN9AiJt5utL7YHcg0Loaq9tUiSJxNSYT5hi/nPS
XAFA3pn89D+Io5Lqznif1FzL9Bp3/3cWfTFtJl+WPE74InDusLNMp7q7ZnQdvRb+
GLPgrEUR58KeCG7c4j0lI0zMpcCySykWqn+lqzihx7tOzb/A/fbxV+qlYo17
=/na3
-----END PGP MESSAGE-----
fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
- created_at: "2025-07-20T18:28:31Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hF4DerEtaFuTeewSAQdAu5t9lSFJ9cRNRTTXH4ix+9jZ51eg4iqw355QQ/IlVwgw
N757g11ymjjHHflK/W/X10BUWHjoAmFYyMCkJaTKL5k6Nn60sNF/3hMd9lRmh34g
0lwBl1flz80tjLXkCK2xie5fc76tcLIb+tXj7/hvM1WM3oPHAOS1/nZY9stLw98g
yHFwV+g84tL2kxYcFcdF0uck2/akvHYarGVmW+ql9yY4elTEHYl3UrZOG+YlMw==
=QxJA
-----END PGP MESSAGE-----
fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912
- created_at: "2025-07-20T18:28:31Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAxjNhCKPP69fAQ/+IWGcOQ49WwlWlHwkQNmJn2mJItPtyEN7WnifbjDPOKZe
fQuh2Qr5UfJth3WRymL734QveVdNLhR6exyi8pC6g94S++KrZa08AlDMvZUQriKu
t4nDlce7wJxlvkAjbOV1rYj1o3ea6iHSNOUcvaA4gHOAG2EdLP7VKnofacoKWYkE
Q8dic+NHVHJlNKkx+TRYX5GyKhEcJouqmj3s3jX4MOzOKqvSb2vgwT9zZsASAtqL
2P6Jz4tuX7YJS7xEoKCpA/R6y3UAtpEe/qokbGa18jDDwiiojDUWGr4SIp6T+zAn
yCC90P1+9hZLVtCCJVka9MLn9AvGufxqt/d9lJi9u3GdAdgwGA5madXKqmppquI+
xCbuWUY9EFWAK+F6R9+za722juYCgPCrke37bNF02NfD+fonW++uQmRJiDCmJ/ab
FEPsb6CMvlIk1h94skTNwJuLm63s6nGSrVChTmz21gn98OELxcDDav/Am4okBlpM
dUd4nAZbla3xUu8mDWhYVufnXeUaVy0mPh1oN6LqxMAIFgrFrdzNFQiLzXGzjeO5
hkZnF4OLzNSTx6OIaSaTG9eFNEldkanWK5uaD79iiJ6HpDBOxIKK76d/IlkSWEo5
IMzYgT3J6LvuCBIp7jqq3xluarYm3jVL74iJeKd7YrmEJmH44whZzFqLFwXPRhzS
XAH8HQ4Z5Y7UO5V4XYV6LzI8nJzNLMpTH0RrdnDBRHHSjbtWo4coTQA+XkGqaKLC
Tx1NxeES5PfD+8C//8bkyDkddr17H7augKZpl6+qFZEcsnVoM2v1AyuEEa/H
=OJbr
-----END PGP MESSAGE-----
fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
- created_at: "2025-07-20T18:28:31Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA1Hthzn+T1OoAQ//b/ndAkI2OlGJBnsvz/U61ApEwEgqqyEmhF5GBk1T9K58
RIfeQgJgTOOO1HazOqovOh8++tfnNR4BtthKPXaMRPKXjZIcm0uGjDXkubWJta3P
EPJgJfNKz8KpaFe89dkzb/1TIyk2Nnui8rbEOIgomM0TOcf94N9tfNZru3kXHPuT
cglZtEwsXww/BE9QXDksZWRSDasvydDuQpQn4DCZNatUUYYOFQ9hkHUvZd0v7gL1
tyrF6XRJi69MHRx2GcNBBCuOCNO6RgWP0LHjD4JYKJdSyy8a9qTPmCT3Ofe9TQrA
FbYYOTTXLDTWmad6GnyAy7ZKUvgosoFSw7jmB5xMwzyjVIuyNnAxLvjnppvaR9Xh
hfgFVWc1QAWO3cLvUKmx2IMTxQP2mX+zWk5MRQqTjuTGARAe+AYKHtAyxszZEr76
7uXRB0Eo7WS9uth/62iAtJy0z68pXYzRI7pHiJJueZwhGi5rGdMeDGM9tXFOEdUP
7d2y8Cbx0cOfRXy6VgzQBc6sZU3wevzNNLK4M73A1urIrx2eBZC9v9itGyz9o5g7
d2Bs4t27KjFo31dXIM9YhJr04i3DvPq08ImY3MsNJiGFKtpt2wCkzlPLJXmyewL9
ybmdUieW94PL2rAfkaMbWMjaja+H7p/ItIe/Hz7WEz3R4NJL2+aaaWRKqUPuo8HS
XAFRkJPM17ALht9P5M2qBsdeB9Y6zsJuQySooAtubTmO0SBae2CLfLi7r9G4vh8B
uyaPRJU4VvXftkURyRHXK33Frj+ZJQCyVr16WXF0/klKmb5jED8TC5XwrejZ
=zjZ5
-----END PGP MESSAGE-----
fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
- created_at: "2025-07-20T18:28:31Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA46L6MuPqfJqAQ//UDZyyywJC2vZuaAqLv8wvF/7lyzKoqPsXp9OhphMwCag
LZyQ66GkaSx1jsWWAGQjwVOeikr23SO5Sc8tqVtkKDXq26b+S0nPHf+xxnSIqOms
l0kTla8c7PgJadf4YgKbjZwA4PDb4d0yVM5tnpceGZyzHXtOHdojRHBKgm/ed+p1
bXjx1SeBZJH0F4pp7Pu5BTZrVp/RmlOCCs5SmzpBX151u1C310bIPrlMzyzKJOL2
SwiP+/DpwxRn1SRyZXQQ7bRzpS/Ax9g/S/+tKP8vIrYJ/07o8xensY5gjrW9Q0Qa
RAQLHacCFeklkqFg32NoOSXjknvITKHSKu83EPq6IWgj7SV6KKxPXAiWmWIPnL5W
TNh40cn2fMPrcs5667h/xTsa0PNOzHEtXf0Vx992JU5bTsOugmdc7e3bYzEiUbdZ
nKQZW5AUV9T1qZdXBqnB1AXwijNnFkhtJrU5e1GZApzgN9GBuJIdWUbna6SSbEiI
/x46YTHOfMSsxu5f8NGi8au9ww/8tonFbR+CSeYZmnG5loqf7Enyj8iGhLiEfG+0
mQPkxAB3mZEfjVr+TCXUz/x2Z99eO6xv1vJ0HxrQdEHd8MaErgBXsobOPi9cQcb/
QqfzxRB0xSPlSfcaIDi0iPXzJuNhBmpM4bUqM7RRA7CanfP2xwCNnAc9OYsw1bXS
XAEhWXrz6gMPCMDeqzae3ZWXBvH2aM2jSEcLy6MXz7d+0lgOCCbzBFUIJ6468AR4
QtDFpOl5r4sC8Lpej1mkZhQk3ngZ0fH+ELs8gliRgBeUz4I5J9prZ0H1YT5S
=hIWB
-----END PGP MESSAGE-----
fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
- created_at: "2025-07-20T18:28:31Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA4EEKdYEzV0pAQ//b86yL2Kay7YkWuzeGb6g4uUl89S4H1TJOzCthu7EJIUD
bQG/f58a5J2k1PLq88VTrIo0Ulz0BIGmblguqTAPnr0XzvAbWHpio9tnlB/LRFAk
hj2OKqY57/FOyFXtBTKS9bhI8hqWr3Qn/FSQQV8dbLSrkAZ28htex6egjknVVLg6
Rf9f8DGENEOV5Bz219NFpKs0D5dxqsXysIiHw7f6vgz4r1bLJO/RKxaNz1kGCw0w
93aVHL8BJuFSTo4GdaJAWhIWuZtRbiZtrDFrSD38GHRz0KxlNjPXrSFo/wqWYey3
vq8hgPknEqAiQFJHSxhAKo+PHjPTOn5I97UmgJ0jpDopCWmF/mlUhI0CMMPRtzfy
9mYTH9isVww7tZq6VClHt9MLtgPQbUtcUYNOTSsqpXuRw5AafH5x45SAaRmgMiZ5
d7NfhIi6k4kUEmqHgHBiH+MfLMsIu8GAlUJ/biLWEd7VQMgLD6ipLrijoChYvKsz
1ej8G1cV3wmwT+JkCseqfiH/ju8T5axZOFzTKY1t8faSx8wr0K2GNKySR5Tq0wDM
3e87vrNjs3oVH8RMBiPQzPUHJFSsNFdjjHpE49FkJUpy2Y6Jlft9kW4nHiZR6KFg
9D1xK1Yd1kD1wck0Tou/bu6+iaOppRAMYzQkwmbFYCZW6byqwQWz6TZ3b7w5w/TS
XAExGv+29jQHHCR9uPx57ll6sLxFGFt701li7EX6P+ZBz4FYui/tYNOUqw/csGSc
2BYq31FSg/zq9ejhMFgCbJMdD0D0WwlfGA3wgafk/igDYRDixuEZ1yYKqX18
=aiH3
-----END PGP MESSAGE-----
fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
- created_at: "2025-07-20T18:28:31Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hF4DQrf1tCqiJxoSAQdAzHZXfaqUFHTaI+zp1Cy4dMgqNHVs/aNnojVL5beS4jkw
Qso98uOePpagNBVnpj6SfuQI5tZHzNETfxHl1k3qRXPS29J+ybEzBQgdbtC3xbnj
0lwB+uL9zdyS3WTCCm+PJV4J2bhhd3UPgoVXuszUetlX5pqvpJSCHcfH3i50Q5ov
fa4/XYHhH09tfJ3nf+iB7xpJL+JlW2bBAN3v3zlD6+jiIhDxpmBmu33tHdXePQ==
=4m7a
-----END PGP MESSAGE-----
fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
- created_at: "2025-07-20T18:28:31Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hF4DzAGzViGx4qcSAQdA3M0VvuxztWirQFgVHzqzB2Og5DNTlqEjkN4bmZv313sw
CVDDFafeu4pwh07O1NcbVB6T+O2BkXc3PI2OWCMRWS6v4uMEkygVSZCmxiZ18XGy
0lYBWY337KT1q+tb3PYDzNUTwYGulx98NBgYHyTzpDECiJ+WQXTnQO5yQ+iQ3rFC
2AGHc++H5rq53D5tDi9cjqKZs0XHDhuu+D4BLB0DQKwIjAWXJIVJYg==
=pkPL
-----END PGP MESSAGE-----
fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
- created_at: "2025-07-20T18:28:31Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA2pVdGTIrZI+AQ/7B92wxRSXHW2dAcmMp72Ll+4GSbjD0QFPincZ85+2D06m
P8vUWeCFfZ5soURASKun2RKa5GKXKSNsDlt75afM95ftsodmuyQ1SVmvbE+6SbAb
IwsqoKJRbBskWeEUm9zGEn7910v0qpzhaI9jwwCi6gT4OB1L6tj3NZKcVQYE801p
MVDf6bOoJ9DhyBFpzmNtASFRw4Je8PwcfrUZSfY5UZOfHTiBRop3l9mBJBpAw6sn
sfn+kx/TvRJ0JVqUQbtQzq6cAIJF3607tB2HkoFnwIswwqWQz2yuoTzMdhQpnUBi
0lDHThAsu2YKyavbIH7N/sn+hqE2j+aOrQvMZQOiYFk/l4iMLm14It3UY4G48Imv
GohLw+gss5G/stDzeJjiQ+gDKAC9ugDGS+uisyqy7CZtoow/GuBk66GL4TGOpq1W
26sH/yLBy8PBuRj8zrfgvcSYJwzvRprIcwdNmkmh+k2zf8XGMLcu1nUbb7WKZCmx
n/krDnKbeMyDBRxSHHO27gLmYQnk1T1W2vJc/EVdbEBpmodWlGVuzTKaWfcA0RAL
ldvrKLamWB0sZO/j4i7pOpeUUh6JOgXgOIiyXlMeuNjmh4QkqCWgiKvm+dk7hzoH
dIfQhZRQCL2CUaSxqEEQIG7vsVqkpX/4Fbi3McX1uU2LU93/LpjaMpv/Ou4HFaLS
XAFSkYN08zWc0548MnCXVoeYrX0szPPUmiaRIM6cDL7vI/vVR0uiVCZEY7QiyqlI
Wn2nOk3T44tA057BmjCkxXlnIiuLilzU0dKT+jIwikAZuNM5jF6qpEmyYEhq
=JQVx
-----END PGP MESSAGE-----
fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
unencrypted_suffix: _unencrypted
version: 3.10.2

15
inventories/z9/host_vars/dooris.yaml
View file

@ -1,15 +0,0 @@
docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'resources/z9/dooris/docker_compose/compose.yaml.j2') }}"
docker_compose__configuration_files: [ ]
certbot__version_spec: ""
certbot__acme_account_email_address: le-admin@hamburg.ccc.de
certbot__certificate_domains:
- "dooris.ccchh.net"
certbot__new_cert_commands:
- "systemctl reload nginx.service"
certbot__http_01_port: 80
nginx__version_spec: ""
nginx__configurations:
- name: dooris.ccchh.net
content: "{{ lookup('ansible.builtin.file', 'resources/z9/dooris/nginx/dooris.ccchh.net.conf') }}"

227
inventories/z9/host_vars/yate.sops.yaml
View file

@ -1,227 +0,0 @@
#ENC[AES256_GCM,data:Oc2DdKVMymwkIHbS84TeTQY=,iv:UMhNafqQrHaF5iqFSev6D1uqHPFpKQTkOpYV6JncjsU=,tag:mAmBMyGdzER3hkSkV2Fjtw==,type:comment]
secret__yate__sip_trunk_epvpn: ENC[AES256_GCM,data:BkdNaCooUjsDlCXJ,iv:saO4IGsz1HAinvW5ZGAMA4WEtBbo+UNdfBkr0g29uag=,tag:t8RM0GNYhl1w/RMNO8wKbQ==,type:str]
secret__yate__sip_trunk_fonial: ENC[AES256_GCM,data:N18C3XZHIi1/IA==,iv:vs9dCYNRp+1ptxRajdUO5ODTOmNREJslF99xnFL92XM=,tag:IUmnlPeRI1WTRYELzZRk/w==,type:str]
secret__yate__sip_trunk_fux: ENC[AES256_GCM,data:zcVxNjyS3BE2dw==,iv:Prmy8nP1yeFrVI5mQaPJPKHGFCzuZp84f6fH04I9zJM=,tag:X15wqvaaifMU2/kcqLqUZQ==,type:str]
secret__yate__sip_extension_fritzbox_analog1: ENC[AES256_GCM,data:+ayQ6P4P34D5hTNOFv3HVA==,iv:UD71G07Z633mDmvnJVei9SKgHyM+JFXJdtOhyBhvKGY=,tag:0ISsYGQCIMMgToLWA09JwQ==,type:str]
secret__yate__sip_extension_fritzbox_analog2: ENC[AES256_GCM,data:DbFmTcZ8wW2fqstm09yUWw==,iv:jKUqtSXaGF/QpIwPJ6hKQWZvv9xtZeIQBiPHt2xm+3I=,tag:MkWzODFnWZc8o+pVLR3KJw==,type:str]
secret__yate__sip_extension_fritzbox_dect1: ENC[AES256_GCM,data:87MFTNA0DXmfhesT/M++ug==,iv:qDM8HWZhG9FADLFNPRJXkadN2jXD6/CfroDShNPzA+o=,tag:Ylf56nCczEdDaOGko5GrBw==,type:str]
secret__yate__sip_extension_legacy: ENC[AES256_GCM,data:gC43eKUOAYU9dgNV1JQ+nw==,iv:xN7aad2NPaihlMT4Ym2xanpKU4eX04V0FS4m6XRgZFo=,tag:Oq0yBCSf+CB8Xkx4D4TH5w==,type:str]
sops:
lastmodified: "2025-07-11T17:10:24Z"
mac: ENC[AES256_GCM,data:aO2kEoKvWccDkF9lnaNeoBWfgUetZ3W4ImappoPU4emLpWMtRGWFiKUbTwQCbLGBdQ/C+Dk0bZYV1wJjotmSIiEyPzijINX+d5obH7Gm2XSkqFHGlz+XnVg11PY91enBbHSQTiOyCzS1Ez/xWAVdztTHWA5r8lhaojmAHSe3UHo=,iv:VAEnZscqlPmVuEypiNRdhfGoooGa1qet9FBht/NNUK0=,tag:o2Q5GsHRS5GaZuQm3chZDA==,type:str]
pgp:
- created_at: "2025-07-20T18:28:37Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAxK/JaB2/SdtAQ/9FteCUUAadrhDu5M0uwAT4aSpkhA9+2mHB315uhpNGV8b
frAvjvo/rtnmDYX3QleuyUu8dvsp8lryfde3SnQu38hqt+a/fio6mf1CDWlwuKDb
xlNeuPXAP+x7PHFOXj8h0RhbQoaeYDPwFAwPXLxfgDes7cX2JHKGue7tBvCjLPJS
3XoSXnbktzu5dFFQM25zuqM+q1QHbn77KyjfTPVJpvLJRiWsJwZNCaYVw+gc0hwk
qqOGGaLN+T0PvmUiCLzY8+3QK37dtru5h+WcDk6/duiI2P8l47EC3k7oiat8hzc+
dfDDUhlbCK4OtE88ewA6UwT65m++CZlCzT+/VDus6gi200dMgJaT5fF6ebifitST
uqLbdc2qQvR/h6OL+j5CulR20aZd9pbIamCaJgoULBRozUu01CsPKYIpRBONqbmD
bIZkWCBv4KM6jxbW701+x4VosGNa1lVJ72k1++Xg6agEjJnx0rW005csh2jFac+E
dfiJBOjPTMi+LDUPFokPga4vf82tWa7iPLIzmhMLupAQ2NnapBfW1o2Awo3mmUgy
J6psOd0po2XSYjLgB5IuRyNNY3KfzZOXx/A9cB2S46Rp+4RrkyfQMWVy4CWZMNoO
2911gSnRutgJP3LrE/flR1bXpNsdP1MIx1RMBzTpEqrMB011Ad0ZnmbN42tkVdXS
XAEEtt/OW5TAnBXnl1NASySaIeP8mosYIuWXVRK3382zn29AVM9+KPstSFL/yXtJ
Q02jmaCXt2iJbGG9z7LymLzNbE93h0A3i2VgOQ980mhuAWZFtU7w8EKNz9fF
=ODrF
-----END PGP MESSAGE-----
fp: EF643F59E008414882232C78FFA8331EEB7D6B70
- created_at: "2025-07-20T18:28:37Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA6EyPtWBEI+2ARAAm2tb78/wI/RgRnuYNUbglF7zDKDUyhFc+36AbDKyB5w8
VFRp6bTShbV3oUvNZVV5v/7A/TUi4X6p1Nmqnl2vQLnFEs4h5xZwUajuLlsWX9AO
6Hyr9D7pdBSBRfxypM1WOmzFRiDnFItxYFu5ljoc5OdkyZ7oq4W1UNWnV6dTip3D
c6jfswzuBSR3HtoVL2YSDFIibVDAb8Ph4kuAXDRcxKHh8FZdVaEyk5KhWDBY87aJ
vemqIOrh8GjbWWePNo6eDqRVU2nWZea78M7x0z6rDz6Z+VZsLWcl/cHu5pZMgDZW
nRUUe0JOtncgZ0FJnZu9sAw6BftaVgEk4vVrT9174evkTj1otIXClijTigVRp0Ia
JngM9FsQ0RLSA0dTGuCdEzoFPlUbtLLV+qL7ZGdysbfPsDiP1tlZWwCyxnYJ7gt3
TgqJPvZ/tuVX/MvwVCA6p13RXb3XqhbjtA2k4eXdeOcWPUYmYvVJ0385ASwQC1S7
PfmvQwL1f7YQkUvilkzBD/7EGeqJ8OFC4vJqx12tJNeNuqPiw195yBhNT5rml8bc
2haV+wdpzWScw+eo/xj1a17i0a3SJLpwTcWiwTp0LmZEecOFtxNsaUjnZPn6d8Ms
RPbDVbeZP+kxNbvTuwXtQgC3d/GbcFbcSs//MAYUQLs83mA9XXW9Gzcq6ltexBPS
XAG2M3c5oa/2XonBoQ3X3dggKPWQoabyUVAAsehotCxcMEcdVEMtJLSB0/+CTTP4
4+A7rurD5TwegQb3TmsDQRPYjwOoH0dQNXGNJQGGZpRyiVC/z0r3TXYrahze
=jtiP
-----END PGP MESSAGE-----
fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
- created_at: "2025-07-20T18:28:37Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAz5uSgHG2iMJAQ/+IZeMdpcuIJgNH+sdovb4+CIwiIJozWprKNHOxFOBoYMC
ZBStuhdGS42LhJLlV6kCsWGdT5uFlQVUCjRX7YwmFurSW0NqqzFtgnnbxnHF8UWC
743JTuh2lApyL5WPeNwj1PXx3xJcJFeCVynWDblvH0MrM8GVy68pZaSsIlmpcnGR
2jLCdWAv72T0SVffto7qlpQmCXNJSYspykEx7LhylRglf2uOAAq4n0k9QIFFL+2X
EgV9rCOUh7qRpZ8zhd7PahS53o6gvqwFj7xM12u+iNbDE3pw+qThv/LiqfuoNd66
qHUDzz5VyVlhbZ9wcN9oEPIl2kuUL6WeMO6RGZMx2n4kiI7E6X4rF5YgRGJBQ2Mc
DAWxC3hWiAchyNqk7YoszskwjVR/8ozsvPzSmny1UNNsMsc6zw3BL86FZj12ODCT
lwIR4Wae7sGC4oBITW6Rc5uDvo4hdA58viwOPHcxCNHrLHkJHhje8CMf5AhjBYcy
OWFOD9Vi7c9fBeQwsy8G+LrX/wkcO5N+KoDDGJs/gx6HVAD5Rie2UnVCC4pICUXh
UgIXDvV0WahCv+eOBUlj4gOIpLEO35P0RcX9nNE/5izFlwH0TtG5rCziEHEosqD9
9Wl7jqAi3POa7DtCD0DHIn0jxlWyVcBEXqHlgU3d6vRtOXTZMvt/NZxyLi4MUU/S
XAGWywtpd/gxRgiyg+OB8C9HhOioLL/bCWvOE1n0JLRotxnv571oZi0SYYqiyX6I
wk9s181nh4Kyfmf+tOiv4GDSkUfg01y1dx+85s8AzgyT6t5isV9AqlcWVGIs
=c5hi
-----END PGP MESSAGE-----
fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
- created_at: "2025-07-20T18:28:37Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAw5vwmoEJHQ1AQ//VRf1w/DVkjth/BZAMx4B3i4O/Sh5vkJE1EQx7XWgpJVY
wX5vN0JujvIwhQ0aQf1nkFEmFTMFuKVMLzsHQ1ejT6od3XTsuD/WZsG9GJfG82Om
jT05mwIqcH1brD4PVqzsEdykG3PGtxVaIcFbnhdls15VxQTgiW1MXkjM+hm5ddti
sopwNLn6q2DbqJ4eGefl2kn88FxwDCv8tU9kQ9v4kR5/qkvtYgf8pyNl5zcQY5nH
y9muGRxt0eVq1Wpc7bzui/9MtZ9XOBWVPevesO2QWRTnK7PLGH23KoS4GHLKB5Tn
OkP1QemC75RjZ5AkfzYtTAInSlFmp9/giQ7ZDVSQMKoXxCsuN6jsVK380jWOPlq9
tOtXSfGCSdMeM2O0vB/Xqv1qhcqPSGGCib7BnivTUnEfgxGhHGxNOOFZ8fJBXDhQ
F0q7CHRye1EBhT+GpKuraSBpcNMgexj9j+B+17IAW+Riq0l5DiGJ7rgPaRnz+3Az
2F4y0r2//2iV+Em6n5crVu13SsAWUzYVKyHSswJQByEK0D8ibE8vlsE+LBLwtpUs
5FEVy8bxmNwbYyKGaiFR5m6njWlI3M6Chn1snzfsaKWpPxFHj/CSpUu4MRpGlNfr
Hc2mJxsi3FpnAUwAUbnLudW9ET72gnfrHHKBYf3DzqQAc9Xrf+dKUuPuBlDm5TPS
XAGNfxvILdjNFX9LvJLDffbPzHfLjKtBDSAAZV0bK8e669nFReBGfTk4RQXY2Huc
NW8hke7+pV4vazwcosDgFRu/XmFyc/G+bxbB1zmzs7DgQ0m2sLxiRdv1xwBX
=C6m1
-----END PGP MESSAGE-----
fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
- created_at: "2025-07-20T18:28:37Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hF4DerEtaFuTeewSAQdA47A8oGWP1vDUTI0iRqcliyuGmgPaM8Cmu4kRL64cmVsw
xTzCmlWNzdNa7YpdEGrCrzr2Ml5oE8hvLy1fM/H3m/6VM9+3Vmm6EI0Zq4mYYh6b
0lwBapQSaiQxUJXIvRHqIbFfd6UvQ2k/l6K9HtnL6wHLNywCl8VqBJyGh+gzrS6p
Uj81QJspZL/XBbaw3vsM27p4I4644BFHVQMApAWWb0s9YTo179eLVl+XXL9/5A==
=hDmG
-----END PGP MESSAGE-----
fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912
- created_at: "2025-07-20T18:28:37Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAxjNhCKPP69fAQ/9ETw/8YtE14vgYnOWSnGhp8ryTFdt5D2IW8B30mmFlY4e
0P0ELQ36dn7ZoEe9DxfjYXFEJ9pTElnN8d1mOxOcFvvBA7HXhWYa261PVTUt0Mh5
sLIcNgLoXJEd35voyqm/PXtGJZmM7iK79FL9L01eVm+zGSdglhvHhLdMnFVea+SC
vF/sjp+9m6DUehKqD3jUr3T31mXf2wuq7864j3DdC+pRC6In4y7kuj0TUbGpZFH8
rKBCxDLAifp11acgB5B3r0JyBeeZgIw8uTKrrQpFXXIUEUO0g1C6xlo96M3OD7sG
pdvdsKo0l2687kA5uN2/hxAMqQIImLXSStod0KveDcys7UtYIZ5zVoi5KyZgxmBq
wJOatBlH/sKzU2TXOSSTpbQJJBlaxCRk8/3ypfii4xdc3pWBm0Jm0fmZcckYmdWs
bTOFCkg2Bx8gJkMpKSO5sou13j0Py45IHdeeOkYt6K/9+kEqlUCZfJUUj8PSO6Gz
7kdchGWYcGDGsqDeLlAXOdt8eQxBNs8LL9r+d+Acf4KqL1CYoxYhf6UC4z0Hownf
jWkrs+CUxnF8xSt2WFlxoU7AWkATMkBZrPoZcN8iyTwlQWvTQgXoFJoJ9RBkOwfc
HCSXDd53nogbkOfCUDosmlb/CJft3vS+hTNiLTVMA0J9ixul0HaRRr/w8bE/DgjS
XAEdwJucMGVbFM3DNjrDb5iaVsIugBYGuZDK+/xyVwK1IlP9GDwE617SQNM/LbQo
Fdq9ziI3VwlTFOnwNZ5Lw2IjNzHYMmS7ZTiF1LERWrMjIUtjY9/443ZHGQSE
=a7K9
-----END PGP MESSAGE-----
fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
- created_at: "2025-07-20T18:28:37Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA1Hthzn+T1OoAQ//TycYGKYZdRgLzgcx7G6un+2OP3HMsXGfAO6Pz8qIkd9I
jhVccyRB02gPRb/8xKyR5LVjeZ+zULmfBNAAwkvSDC2tjn0PlxbQwFW555Mdeg47
HixFzYVpi12qxqk3Vei9C70VCufyHp2x4YH82LJNKlHybJv5xMFZIFVkPdQQX09M
un2f5Fo6esMe8xfzfHsTbrX2X9TxluP+xwrjQLlqis9Xo1w3PJ8a/U7oGWm7cbOa
2/7HR1eNQe2CIWRNo22CzvrmWcsid/LblgGgVP/W2lG7cQtXrW6dy5UctIXRYGwf
CjW2KgVova8Ojju7M1gZHjNSjnIEMD4ONNQCe5UiTfHwZbqPQtsfipL6NjY404/g
lG3ab1qtwgUSP3sdl/+gRvDEENSwjk7H/tIlk64ufABnbjqF7vGgh8EWz0u44sI/
a7RRYZbSjFSWpUivHiF4Z9CRxz+4OFkDFZ8oMyynwnNtXcq+Y1icqggPFN7PjPX4
FB0W3fxcDvUaC92TeHrbVA6gJ916WwPPf0nDYVkuKbVgBHiDUmTo68WGD3T2IAPJ
tj7ePAG/lreZDhDKH2s67I40Q8lPDIxFXV2u3wJ0wSOUeGvMh/mfaQyCbA1hDgIU
1PfkoLxXiQ09VfH6AVTJFWEY8NRJug/R5d+6PsXp61jfX8tVT/IFUlmdQD9kRXjS
XAHubuQ/eNItKH9gRTj0eq9YdbzmrVJx88ImtX93Tq8Jrxc11Grlyf7OeJ5tBgin
UYYips2Wf+P8SibwyG+ctV/4qRtNzoo4I7B5PNsKqVkm8bBzBsnvjY5WFV5G
=OwXi
-----END PGP MESSAGE-----
fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
- created_at: "2025-07-20T18:28:37Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA46L6MuPqfJqAQ//TO7OWNCZyYgKOGFsoBlCT6rMTCF9ZwL4URHCCc4Yt+56
MJ2jDB7usZTQfEMm7sAPKo82lJh7BnZR3o9ZQfJWnv1fc+B+v4FCYmHPlxD1/Srj
8RqCAqcsSRpbAq2B4qdq2kFfh3vuSHewBtCAblwRxuVKhoLUg15Ax+20h+XcXIZm
nAQTUBauyFNxZjEnTPiAO7rEXR7XAtN3XQLnROBiZXRHL6nUy1Ud1fOLj5dWHHl+
YGlmyy6F8GjG8Bk3G/F5QNp67h9OogW1EYWOIRqnxfYTx5QqYLig9b9Hehf/guT8
rzifK62TFCqANSPwvsehHH1ucdO+pnDL0a5dLELMzYJstKqOaq9Pdly3HRIWT/lg
UhmN5aQ+v8sw/9suwOKb9ED7ITV50gIedRK3MjtzAb6GwmgeO5PWqcnKaIRarbo+
PGM85vQkkKMY9wJHHYeYvDvM+fYilmX1H0uFg7KPHqwZ2UM+4XxKp7MfQQTLIl+g
rvEJ2MlVp0xG9biyqB2vFUungS56Y0mDNN4gaRwxGXd21OjI2onquKIDaYXTh2uh
S8UPheiOYHgpX6Xd6FNhVchjd7NDfw2XwiYbBI6YvRqeG8b2RetbUdpH34y7kTTO
rSRx5wJecJJYL62M3DDFQ/JVgsQs2YeyROen32UIZqVZjG35NaUY4gWFvBrXk7XS
XAH2c64NkWvCxrQN+ypAOo1acK7JmVx8KRyJ9SkHBEGXf8u8vrM3mKErSRUdcx87
O+4RH7EMOnH6/5x6bX2Uwj+WmY8uXtsn1q+zxqMmnt+rQN8y3MlssJ2u3XUO
=Ft9S
-----END PGP MESSAGE-----
fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
- created_at: "2025-07-20T18:28:37Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA4EEKdYEzV0pAQ//WMDEOC0jLeKxKCpjMltCQ+jjwtsH/yZOA07o9VHBhNhX
kfJ+fONQb7roYaMFEM8ZRxhVf0IXjrK4vk7+P4x/vKtW0/1cQm7U/uxzUsOUBA4k
UZHgcgrB3s6yDOY9TdwnZnaOlRPmG0AudXOYS/FwNE6OzYeCzf+88nw0VZzXpwvJ
WsPV69lYpwTxcxhO8jCVDPTXjOC0sWOXBe6Ea2X/dbWuwu2KX8AxDp8O3C6Uxa30
jOrhNtiguMugmKgF7NZlDqgiR3v2KhbVi/ECc3vH1c+GTekT26zAkvvzFqJjkHsb
XS8DyAp2/ExCubtk4h25ObMhghabGqrl9o8hZ+0RlEaWU7oRi+cinIXgAZcubv0Y
/LEfDyJTohmoDdqpC4xYdTMQ8s8RaNRGtQG/3hISD0cgssBHDBKnoNMNB/V1qe+z
EZx/ewgUmlxcO9Q+mPnQG9Eo7sh4WnldbueXtdmp8f4vpt8tJ6zr66x9QLU0IJHW
UwgwaV6EAUdv+O+MsW40Bx/TWEbbKj8am9dymTP1dV1OcPJOLfUbNog7ybFXl6IT
kNnUkwHXfkRUbzZJNB5rBTTt8msuFquJEaZANl5eMKdn5fG9k2hxMpZCdYT0kECb
ErzpV2kUS6Z+QLL2YQzIQ/iBqy82u/pOJ44IvO6JAXYUbc5RTGVOgXNpNiFhOQLS
XAHfwKoAg6apAAcqJcywJ52eFwi2886lHyTcl6Zl8wlOC6FZbK+zkmhFKEcOdZyo
YFVoqmHT3Da/Z4rlw0XwJYR7EFyk/mHlBwdNabv68Ba94zkqXpSSDuJz7Oip
=K261
-----END PGP MESSAGE-----
fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
- created_at: "2025-07-20T18:28:37Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hF4DQrf1tCqiJxoSAQdARUYTLeEeQkoOgHc8ReED3vRzHOa3S648JbH8q9p8s1Uw
6m+puHJX6nqoLf+TkUfNKfpx1JJpGxgcvsADJTm5Rwi0MxqKvo650DQwHA+UQHd6
0lwBQ1aFrpTk+2b5mVgGGLp5dgFSTDSIsBbUBFQOXvuPX/S/n4eCwiq0sWJBNsam
wKTAC7nLnf9O1MX8NGXHQD01doJ2M19o7BoUsifxb0y2XorWDp23NqrSb2U+9A==
=xw0V
-----END PGP MESSAGE-----
fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
- created_at: "2025-07-20T18:28:37Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hF4DzAGzViGx4qcSAQdAc7DD+ELFXtPiikXroB//qxDovIM8uUVXiY6/bCGDhyUw
0XqwTBBntTkrxjPXSQIPuLosccZCLcqpawjCAeYKPNZmJSfhQ5ESl/iAD7wofT2V
0lYBCaD9ciqJhB7nb0vh3Aoa4uphQ3EiS+PYi0Tyuo2r9MsoSv5BLGGHHaQDhvxK
8FXpCyUk8oqBiJ4TRouaVvDcPUSaqWk9QQtxx1mgD0iIkPNnMXoPJA==
=3GJf
-----END PGP MESSAGE-----
fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
- created_at: "2025-07-20T18:28:37Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA2pVdGTIrZI+AQ//QR/3s7FObKxat5+yCwGERpelhkNVkwwaVl6nnyX1P2od
JrKHwmwgRaOpchQmlkbLwgPs9byiRc29sv8T72qAM0xQohKJq3TXXCGA2Wy4xzmn
tDK4m+kU/WA8qtBsJn+gfV9CkWXVmr1vnrE+oM32qNpDA5wTrEN2ueTnxkc6oiN8
O+rlJWkbtPBxt3o9OJfJLoidh+Ot+1aiLeg+9lrp7RdnuHcHiklwT3y+dLf2Dpje
SevPq5UDX1C9kbwCtQuvH11wO2Pss9IWfNhqgdltsnaEC02lFaiiZxiZL+lxb5+D
XcVn7o+iZUL5BjNn0Y1D17geXuIwFwOKWsRh59EsMMUU7rzK2WIeGz5eIbGcRHPw
MIOxhzHXH4DN1TIKLa3BoqMCaEa6FY4U5pWNAGcclOqSY5DmlmSgZxOSLijCpLCf
VRyWbDUiMVz6CA1dR5PtnGoIlAMk0W84SxWgjrsg5BE3zt1KeluAPkJbgD3wRTMj
uXq37kbIQvH80ocxjY1DyBkvz5xh21yBlUvQnMLc8gQg2C3Z8gQj9eexqJOt0z/g
DvW6t4ZfGncsqE5nKv+O4FiFc+xUKFt02pPI/hgqYPpXVYc8mmqD8A75dbi3fhEO
5tTnEszoYZJucAF57aWNzpr+o/I3dP7SxrxbQbq9I4GO1omSkKeNFe/dQWKGzR/S
XAHR6DYe5ej+qdc9lcK/Lx8aA7/4b+O5jSKE0g1sJ2wEZdhNQbLM21YLGt4hFCk5
a/pJ9m8ShyHgQM5bab9z2MtSD/qL9yVGMfErU/UC9S9GCAvh2COAFx1vVRdv
=L/EP
-----END PGP MESSAGE-----
fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
unencrypted_suffix: _unencrypted
version: 3.10.2

9
inventories/z9/host_vars/yate.yaml
View file

@ -1,9 +0,0 @@
docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'resources/z9/yate/docker_compose/compose.yaml.j2') }}"
docker_compose__configuration_files:
- name: accfile.conf
content: "{{ lookup('ansible.builtin.template', 'resources/z9/yate/docker_compose/accfile.conf.j2') }}"
- name: regexroute.conf
content: "{{ lookup('ansible.builtin.template', 'resources/z9/yate/docker_compose/regexroute.conf.j2') }}"
- name: regfile.conf
content: "{{ lookup('ansible.builtin.template', 'resources/z9/yate/docker_compose/regfile.conf.j2') }}"
docker_compose__restart_cmd: "exec yate sh -c 'kill -1 1'"

40
inventories/z9/hosts.yaml
View file

@ -1,45 +1,21 @@
all:
hosts:
authoritative-dns:
ansible_host: authoritative-dns.z9.ccchh.net
ansible_user: chaos
dooris:
ansible_host: 10.31.208.201
ansible_user: chaos
light:
ansible_host: light.z9.ccchh.net
ansible_user: chaos
thinkcccore0:
ansible_host: thinkcccore0.z9.ccchh.net
yate:
ansible_host: yate.ccchh.net
ansible_user: chaos
certbot_hosts:
hosts:
dooris:
docker_compose_hosts:
hosts:
dooris:
yate:
foobazdmx_hosts:
hosts:
light:
hypervisors:
hosts:
thinkcccore0:
infrastructure_authorized_keys_hosts:
hosts:
dooris:
light:
authoritative-dns:
yate:
ansible_host: authoritative-dns.z9.ccchh.net
ansible_user: chaos
nginx_hosts:
hosts:
dooris:
light:
ola_hosts:
hosts:
light:
proxmox_vm_template_hosts:
foobazdmx_hosts:
hosts:
thinkcccore0:
light:
infrastructure_authorized_keys_hosts:
hosts:
light:
authoritative-dns:

8
playbooks/deploy.yaml
View file

@ -70,13 +70,5 @@
- "o=Docker,n=${distro_codename}"
- "o=nginx,n=${distro_codename}"
- name: Ensure Alloy is installed and Setup on alloy_hosts
hosts: alloy_hosts
become: true
tasks:
- name: Setup Alloy
ansible.builtin.include_role:
name: grafana.grafana.alloy
- name: Run ensure_eh22_styleguide_dir Playbook
ansible.builtin.import_playbook: ensure_eh22_styleguide_dir.yaml

61
playbooks/deploy_hypervisor.yaml
View file

@ -1,61 +0,0 @@
- name: Ensure the VM template generation is set up
hosts: proxmox_vm_template_hosts
tasks:
- name: Ensure dependencies are present
ansible.builtin.apt:
name:
- git
- libguestfs-tools
become: true
- name: Ensure /usr/local/{lib,sbin} exist
ansible.builtin.file:
path: "{{ item }}"
state: directory
owner: root
group: root
mode: "0755"
become: true
loop:
- "/usr/local/lib/"
- "/usr/local/sbin/"
- name: Ensure the pve-template-vm repo is present
ansible.builtin.git:
repo: https://git.hamburg.ccc.de/CCCHH/pve-template-vm.git
dest: /usr/local/lib/pve-template-vm
version: main
force: true
depth: 1
single_branch: true
track_submodules: true
become: true
# /usr/local/sbin as the script uses qm, which is also found in /usr/sbin.
- name: Ensure symlink to build-proxmox-template exists in /usr/local/sbin
ansible.builtin.file:
src: /usr/local/lib/pve-template-vm/build-proxmox-template
dest: /usr/local/sbin/build-proxmox-template
state: link
owner: root
group: root
mode: '0755'
become: true
# This sets up a cron job running /usr/local/sbin/build-proxmox-template using the env vars defined in hypervisor__template_vm_config.
- name: Ensure cron job is present for building a fresh VM template every week on Friday 04:00
ansible.builtin.cron:
name: "ansible build proxmox template"
cron_file: ansible_build_proxmox_template
minute: 0
hour: 4
weekday: 5
user: root
job: "{% if hypervisor__template_vm_config is defined and hypervisor__template_vm_config | length > 0 %}\
/usr/bin/env \
{% for item in hypervisor__template_vm_config | default([]) %}\
{{ item.name }}=\"{{ item.value }}\" \
{% endfor %}\
{% endif %}\
/usr/local/sbin/build-proxmox-template"
become: true

6
resources/chaosknoten/ccchoir/docker_compose/compose.yaml.j2
View file

@ -6,8 +6,8 @@ services:
image: docker.io/library/mariadb:11
environment:
- "MARIADB_DATABASE=wordpress"
- "MARIADB_ROOT_PASSWORD={{ secret__mariadb_root_password }}"
- "MARIADB_PASSWORD={{ secret__wordpress_db_password }}"
- "MARIADB_ROOT_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/ccchoir/DB_ROOT_PASSWORD", create=false, missing="error") }}"
- "MARIADB_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/ccchoir/DB_PASSWORD", create=false, missing="error") }}"
- "MARIADB_USER=wordpress"
- "MARIADB_AUTO_UPGRADE=yes"
volumes:
@ -23,7 +23,7 @@ services:
- "WORDPRESS_DB_NAME=wordpress"
- "WORDPRESS_DB_USER=wordpress"
- "WORDPRESS_TABLE_PREFIX=wp_"
- "WORDPRESS_DB_PASSWORD={{ secret__wordpress_db_password }}"
- "WORDPRESS_DB_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/ccchoir/DB_PASSWORD", create=false, missing="error") }}"
volumes:
- wordpress:/var/www/html/wp-content
ports:

98
resources/chaosknoten/cloud/nextcloud/config.php.j2 Normal file
View file

@ -0,0 +1,98 @@
<?php
$CONFIG = array (
'memcache.local' => '\\OC\\Memcache\\APCu',
'apps_paths' =>
array (
0 =>
array (
'path' => '/var/www/html/apps',
'url' => '/apps',
'writable' => false,
),
1 =>
array (
'path' => '/var/www/html/custom_apps',
'url' => '/custom_apps',
'writable' => true,
),
),
'instanceid' => 'oc9uqhr7buka',
'passwordsalt' => 'SK2vmQeTEHrkkwx9K+hC1WX33lPJDs',
'secret' => '3dBt5THD2ehg0yWdVDAvMmsY8yLtrfk/gE560lkMqYqgh6lu',
'trusted_domains' =>
array (
0 => 'cloud.hamburg.ccc.de',
),
'datadirectory' => '/var/www/html/data',
'dbtype' => 'mysql',
'version' => '25.0.9.2',
'overwrite.cli.url' => 'https://cloud.hamburg.ccc.de',
'dbname' => 'nextcloud',
'dbhost' => 'database',
'dbport' => '',
'dbtableprefix' => 'oc_',
'mysql.utf8mb4' => true,
'dbuser' => 'nextcloud',
'dbpassword' => 'TdBLMQQeKbz1zab3sySUsGxo3',
'installed' => true,
// Some Nextcloud options that might make sense here
'allow_user_to_change_display_name' => false,
'lost_password_link' => 'disabled',
// URL of provider. All other URLs are auto-discovered from .well-known
'oidc_login_provider_url' => 'https://id.ccchh.net/realms/ccchh',
// Client ID and secret registered with the provider
'oidc_login_client_id' => 'cloud',
'oidc_login_client_secret' => '{{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/cloud/kc-client-secret", create=false, missing="error") }}',
// Automatically redirect the login page to the provider
'oidc_login_auto_redirect' => true,
// Redirect to this page after logging out the user
//'oidc_login_logout_url' => 'https://openid.example.com/thankyou',
// If set to true the user will be redirected to the
// logout endpoint of the OIDC provider after logout
// in Nextcloud. After successfull logout the OIDC
// provider will redirect back to 'oidc_login_logout_url' (MUST be set).
'oidc_login_end_session_redirect' => true,
// Quota to assign if no quota is specified in the OIDC response (bytes)
//
// NOTE: If you want to allow NextCloud to manage quotas, omit this option. Do not set it to
// zero or -1 or ''.
'oidc_login_default_quota' => '1000000000',
// Login button text
'oidc_login_button_text' => 'Log in via id.ccchh.net',
// Hide the NextCloud password change form.
'oidc_login_hide_password_form' => false,
// Use ID Token instead of UserInfo
'oidc_login_use_id_token' => false,
'oidc_login_attributes' => array (
'id' => 'preferred_username',
'name' => 'name',
'mail' => 'email',
'quota' => 'ownCloudQuota',
'home' => 'homeDirectory',
'ldap_uid' => 'uid',
'groups' => 'ownCloudGroups',
'login_filter' => 'realm_access_roles',
'photoURL' => 'picture',
'is_admin' => 'ownCloudAdmin',
),
// Default group to add users to (optional, defaults to nothing)
//'oidc_login_default_group' => 'oidc',
'oidc_login_filter_allowed_values' => null,
// Set OpenID Connect scope
'oidc_login_scope' => 'openid profile',
// The `id` attribute in `oidc_login_attributes` must return the
// "Internal Username" (see expert settings in LDAP integration)
'oidc_login_proxy_ldap' => false,
// Fallback to direct login if login from OIDC fails
// Note that no error message will be displayed if enabled
'oidc_login_disable_registration' => false,
//'oidc_login_redir_fallback' => false,
// If you get your groups from the oidc_login_attributes, you might want
// to create them if they are not already existing, Default is `false`.
'oidc_create_groups' => true,
// Enable use of WebDAV via OIDC bearer token.
'oidc_login_webdav_enabled' => true,
// Enable authentication with user/password for DAV clients that do not
// support token authentication (e.g. DAVx⁵)
'oidc_login_password_authentication' => false,
);

2
resources/chaosknoten/cloud/nextcloud/extra_configuration.config.php.j2
View file

@ -11,7 +11,7 @@ $CONFIG = array (
'mail_smtpname' => 'no-reply@cloud.hamburg.ccc.de',
'mail_from_address' => 'no-reply',
'mail_domain' => 'cloud.hamburg.ccc.de',
'mail_smtppassword' => '{{ secret__nextcloud_smtp_password }}',
'mail_smtppassword' => '{{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/cloud/smtp_password", create=false, missing="error") }}',
'mail_smtpdebug' => true,
'maintenance_window_start' => 1,
);

60
resources/chaosknoten/eh22-netbox/netbox/configuration.py.j2 Normal file
View file

@ -0,0 +1,60 @@
ALLOWED_HOSTS = [ "netbox.eh22.easterhegg.eu" ]
DATABASE = {
"HOST": "localhost",
"NAME": "netbox",
"USER": "netbox",
"PASSWORD": "{{ lookup('community.general.passwordstore', 'noc/vm-secrets/chaosknoten/eh22-netbox/DATABASE_PASSWORD', create=false, missing='error') }}",
}
REDIS = {
"tasks": {
"HOST": "localhost",
"PORT": 6379,
"USERNAME": "",
"PASSWORD": "",
"DATABASE": 0,
"SSL": False,
},
"caching": {
"HOST": "localhost",
"PORT": 6379,
"USERNAME": "",
"PASSWORD": "",
"DATABASE": 1,
"SSL": False,
},
}
SECRET_KEY = "{{ lookup('community.general.passwordstore', 'noc/vm-secrets/chaosknoten/eh22-netbox/SECRET_KEY', create=false, missing='error') }}"
SESSION_COOKIE_SECURE = True
# CCCHH ID (Keycloak) integration.
# https://github.com/python-social-auth/social-core/blob/0925304a9e437f8b729862687d3a808c7fb88a95/social_core/backends/keycloak.py#L7
# https://python-social-auth.readthedocs.io/en/latest/backends/keycloak.html
REMOTE_AUTH_BACKEND = "social_core.backends.keycloak.KeycloakOAuth2"
SOCIAL_AUTH_KEYCLOAK_ACCESS_TOKEN_URL = (
"https://id.hamburg.ccc.de/realms/ccchh/protocol/openid-connect/token"
)
SOCIAL_AUTH_KEYCLOAK_AUTHORIZATION_URL = (
"https://id.hamburg.ccc.de/realms/ccchh/protocol/openid-connect/auth"
)
SOCIAL_AUTH_KEYCLOAK_KEY = "eh22-netbox"
SOCIAL_AUTH_KEYCLOAK_PUBLIC_KEY = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/Shi+b2OyYNGVFPsa6qf9SesEpRl5U5rpwgmt8H7NawMvwpPUYVW9o46QW0ulYcDmysT3BzpP3tagO/SFNoOjZdYe0D9nJ7vEp8KHbzR09KCfkyQIi0wLssKnDotVHL5JeUY+iKk+gjiwF9FSFSHPBqsST7hXVAut9LkOvs2aDod9AzbTH/uYbt4wfUm5l/1Ii8D+K7YcsFGUIqxv4XS/ylKqObqN4M2dac69iIwapoh6reaBQEm66vrOzJ+3yi4DZuPrkShJqi2hddtoyZihyCkF+eJJKEI5LrBf1KZB3Ec2YUrqk93ZGUGs/XY6R87QSfR3hJ82B1wnF+c2pw+QIDAQAB"
SOCIAL_AUTH_KEYCLOAK_SECRET = "{{ lookup('community.general.passwordstore', 'noc/vm-secrets/chaosknoten/eh22-netbox/SOCIAL_AUTH_KEYCLOAK_SECRET', create=false, missing='error') }}"
# Use custom OIDC group and role mapping pipeline functions added in via
# netbox__custom_pipeline_oidc_group_and_role_mapping.
# The default pipeline this is based on can be found here:
# https://github.com/netbox-community/netbox/blob/main/netbox/netbox/settings.py
SOCIAL_AUTH_PIPELINE = [
"social_core.pipeline.social_auth.social_details",
"social_core.pipeline.social_auth.social_uid",
"social_core.pipeline.social_auth.social_user",
"social_core.pipeline.user.get_username",
"social_core.pipeline.user.create_user",
"social_core.pipeline.social_auth.associate_user",
"netbox.authentication.user_default_groups_handler",
"social_core.pipeline.social_auth.load_extra_data",
"social_core.pipeline.user.user_details",
# Custom OIDC group and role mapping functions.
"netbox.custom_pipeline_oidc_mapping.add_groups",
"netbox.custom_pipeline_oidc_mapping.remove_groups",
"netbox.custom_pipeline_oidc_mapping.set_roles",
]

35
resources/chaosknoten/ntfy/nginx/ntfy.hamburg.ccc.de.conf → resources/chaosknoten/eh22-netbox/nginx/netbox.eh22.easterhegg.eu.conf
View file

@ -2,8 +2,7 @@
# https://ssl-config.mozilla.org/#server=nginx&version=1.17.7&config=intermediate&openssl=1.1.1k&guideline=5.6
server {
# Listen on a custom port for the proxy protocol.
listen 8443 ssl proxy_protocol;
http2 on;
listen 8443 ssl http2 proxy_protocol;
# Make use of the ngx_http_realip_module to set the $remote_addr and
# $remote_port to the client address and client port, when using proxy
# protocol.
@ -13,12 +12,12 @@ server {
# header.
real_ip_header proxy_protocol;
server_name ntfy.hamburg.ccc.de;
server_name netbox.eh22.easterhegg.eu;
ssl_certificate /etc/letsencrypt/live/ntfy.hamburg.ccc.de/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/ntfy.hamburg.ccc.de/privkey.pem;
ssl_certificate /etc/letsencrypt/live/netbox.eh22.easterhegg.eu/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/netbox.eh22.easterhegg.eu/privkey.pem;
# verify chain of trust of OCSP response using Root CA and Intermediate certs
ssl_trusted_certificate /etc/letsencrypt/live/ntfy.hamburg.ccc.de/chain.pem;
ssl_trusted_certificate /etc/letsencrypt/live/netbox.eh22.easterhegg.eu/chain.pem;
# HSTS (ngx_http_headers_module is required) (63072000 seconds)
add_header Strict-Transport-Security "max-age=63072000" always;
@ -30,18 +29,20 @@ server {
proxy_set_header X-Forwarded-Port 443;
# This is https in any case.
proxy_set_header X-Forwarded-Proto https;
# Hide the X-Forwarded header.
proxy_hide_header X-Forwarded;
# Assume we are the only Reverse Proxy (well using Proxy Protocol, but that
# is transparent).
# Also provide "_hidden" for by, since it's not relevant.
proxy_set_header Forwarded "for=$remote_addr;proto=https;host=$host;by=_hidden";
client_max_body_size 25m;
location /static/ {
alias /opt/netbox/netbox/static/;
}
location / {
proxy_pass http://127.0.0.1:2586;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_connect_timeout 3m;
proxy_send_timeout 3m;
proxy_read_timeout 3m;
client_max_body_size 0; # Stream request body to backend
proxy_pass http://127.0.0.1:8001;
}
}

90
resources/chaosknoten/grafana/docker_compose/alertmanager.yaml.j2
View file

@ -3,84 +3,38 @@
# - https://github.com/prometheus/alertmanager/blob/48a99764a1fc9279fc828de83e7a03ae2219abc7/doc/examples/simple.yml
route:
receiver: 'ccchh-infrastructure-alerts'
group_by: [ "alertname", "site", "type", "hypervisor" ]
group_by: ["alertname", "site", "type", "hypervisor"]
group_wait: 30s
group_interval: 5m
repeat_interval: 6h
routes:
- receiver: "null"
matchers:
- sendAlert = "false"
- receiver: ntfy-ccchh-critical
matchers:
- org = "ccchh"
- severity = "critical",
repeat_interval: 18h
continue: true
- receiver: ntfy-ccchh
matchers:
- org = "ccchh"
- severity =~ "info|warning",
repeat_interval: 36h
continue: true
- receiver: ntfy-fux-critical
matchers:
- org = "fux"
- severity = "critical",
repeat_interval: 18h
continue: true
- receiver: email-fux-critical
matchers:
- org = "fux"
- severity = "critical",
repeat_interval: 36h
continue: true
- receiver: ntfy-fux
matchers:
- org = "fux"
- severity =~ "info|warning",
repeat_interval: 36h
continue: true
- receiver: ccchh-infrastructure-alerts
matchers:
- org = "ccchh"
- severity =~ "info|warning|critical"
repeat_interval: 3h
receiver: ccchh-infrastructure-alerts
{# Disable these for now, but might be interesting in the future.
# Inhibition rules allow to mute a set of alerts given that another alert is
# firing.
# We use this to mute any warning-level notifications if the same alert is
# already critical.
inhibit_rules:
- source_matchers: [severity="critical"]
target_matchers: [severity="warning"]
# Apply inhibition if the alertname is the same.
# CAUTION:
# If all label names listed in `equal` are missing
# from both the source and target alerts,
# the inhibition rule will apply!
equal: [alertname, cluster, service] #}
templates:
- "/etc/alertmanager/templates/*.tmpl"
receivers:
- name: "null"
- name: "ccchh-infrastructure-alerts"
telegram_configs:
- send_resolved: true
bot_token: {{ secret__alertmanager_telegram_bot_token }}
bot_token: {{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/grafana/alertmanager_telegram_bot_token", create=false, missing="error") }}
chat_id: -1002434372415
parse_mode: HTML
message: {{ "'{{ template \"alert-message.telegram.ccchh\" . }}'" }}
- name: "ntfy-ccchh-critical"
webhook_configs:
- url: "http://ntfy-alertmanager-ccchh-critical:8000"
- name: "ntfy-fux-critical"
webhook_configs:
- url: "http://ntfy-alertmanager-fux-critical:8001"
- name: "ntfy-ccchh"
webhook_configs:
- url: "http://ntfy-alertmanager-ccchh:8010"
- name: "ntfy-fux"
webhook_configs:
- url: "http://ntfy-alertmanager-fux:8011"
- name: "email-fux-critical"
email_configs:
- send_resolved: true
to: "stb@lassitu.de"
from: "alert-manager@hamburg.ccc.de"
smarthost: "cow.hamburg.ccc.de:587"
auth_username: "alert-manager@hamburg.ccc.de"
auth_password: {{ secret__alert_manager_email_password }}

33
resources/chaosknoten/grafana/docker_compose/alertmanager_alert_templates.tmpl
View file

@ -20,25 +20,16 @@ Links & Resources
{{ define "alert-message.telegram.ccchh" }}
{{- if .Alerts.Firing }}
<u>🔥{{ len .Alerts.Firing }} Alert(/s) Firing 🔥</u>
{{- if le (len .Alerts.Firing) 5 }}
{{- range .Alerts.Firing }}
{{ template "alert-item.telegram.ccchh.internal" . }}
{{- end }}
{{- else }}
There are too many alerts firing at once
{{- end }}
{{- end }}
{{- if .Alerts.Resolved }}
<u>✅{{ len .Alerts.Resolved }} Alert(/s) Resolved ✅</u>
{{- if le (len .Alerts.Resolved) 5 }}
{{- range .Alerts.Resolved }}
{{ template "alert-item.telegram.ccchh.internal" . }}
{{- end }}
{{- else }}
There are too many resolved alerts to list
{{- end }}
{{- end }}
{{- if .Alerts.Firing }}
<u>🔥{{ len .Alerts.Firing }} Alert(/s) Firing 🔥</u>
{{ range .Alerts.Firing -}}
{{ template "alert-item.telegram.ccchh.internal" . }}
{{- end }}
{{- end }}
{{- if .Alerts.Resolved }}
<u>✅{{ len .Alerts.Resolved }} Alert(/s) Resolved ✅</u>
{{ range .Alerts.Resolved -}}
{{ template "alert-item.telegram.ccchh.internal" . }}
{{- end }}
{{- end }}
{{- end }}

54
resources/chaosknoten/grafana/docker_compose/compose.yaml.j2
View file

@ -6,8 +6,6 @@ services:
container_name: prometheus
command:
- '--config.file=/etc/prometheus/prometheus.yml'
- '--web.enable-remote-write-receiver'
- '--enable-feature=promql-experimental-functions'
ports:
- 9090:9090
restart: unless-stopped
@ -37,7 +35,7 @@ services:
restart: unless-stopped
environment:
- GF_SECURITY_ADMIN_USER=admin
- "GF_SECURITY_ADMIN_PASSWORD={{ secret__grafana_gf_security_admin_password }}"
- "GF_SECURITY_ADMIN_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/grafana/GF_SECURITY_ADMIN_PASSWORD", create=false, missing="error") }}"
volumes:
- ./configs/grafana.ini:/etc/grafana/grafana.ini
- ./configs/grafana-datasource.yml:/etc/grafana/provisioning/datasources/datasource.yml
@ -51,61 +49,13 @@ services:
restart: unless-stopped
environment:
- PVE_USER=grafana@pve
- "PVE_PASSWORD={{ secret__prometheus_pve_exporter_pve_password }}"
- "PVE_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/grafana/prometheus-exporter", create=false, missing="error") }}"
- PVE_VERIFY_SSL=false
volumes:
- /dev/null:/etc/prometheus/pve.yml
loki:
image: grafana/loki:3
container_name: loki
ports:
- 13100:3100
- 19099:9099
restart: unless-stopped
volumes:
- ./configs/loki.yaml:/etc/loki/local-config.yaml
- loki_data:/var/loki
ntfy-alertmanager-ccchh-critical:
image: xenrox/ntfy-alertmanager:latest
container_name: ntfy-alertmanager-ccchh-critical
volumes:
- ./configs/ntfy-alertmanager-ccchh-critical:/etc/ntfy-alertmanager/config
ports:
- 8000:8000
restart: unless-stopped
ntfy-alertmanager-fux-critical:
image: xenrox/ntfy-alertmanager:latest
container_name: ntfy-alertmanager-fux-critical
volumes:
- ./configs/ntfy-alertmanager-fux-critical:/etc/ntfy-alertmanager/config
ports:
- 8001:8001
restart: unless-stopped
ntfy-alertmanager-ccchh:
image: xenrox/ntfy-alertmanager:latest
container_name: ntfy-alertmanager-ccchh
volumes:
- ./configs/ntfy-alertmanager-ccchh:/etc/ntfy-alertmanager/config
ports:
- 8010:8010
restart: unless-stopped
ntfy-alertmanager-fux:
image: xenrox/ntfy-alertmanager:latest
container_name: ntfy-alertmanager-fux
volumes:
- ./configs/ntfy-alertmanager-fux:/etc/ntfy-alertmanager/config
ports:
- 8011:8011
restart: unless-stopped
volumes:
graf_data: {}
prom_data: {}
alertmanager_data: {}
loki_data: {}
mimir_data: {}

12
resources/chaosknoten/grafana/docker_compose/grafana-datasource.yml
View file

@ -7,15 +7,3 @@ datasources:
isDefault: true
access: proxy
editable: true
- name: Loki
type: loki
url: http://loki:3100
access: proxy
editable: true
jsonData:
timeout: 60
maxLines: 3000
httpHeaderName1: "X-Scope-OrgID"
secureJsonData:
httpHeaderValue1: "chaos"

2
resources/chaosknoten/grafana/docker_compose/grafana.ini.j2
View file

@ -11,7 +11,7 @@ auto_login = true
name = id.hamburg.ccc.de
allow_sign_up = true
client_id = grafana
client_secret = {{ secret__grafana_keycloak_secret }}
client_secret = {{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/grafana/KEYCLOAK_SECRET", create=false, missing="error") }}
scopes = openid email profile offline_access roles
email_attribute_path = email
login_attribute_path = username

52
resources/chaosknoten/grafana/docker_compose/loki.yaml
View file

@ -1,52 +0,0 @@
auth_enabled: true
server:
http_listen_port: 3100
grpc_listen_port: 9099
log_level: warn
limits_config:
retention_period: 14d
common:
instance_addr: 127.0.0.1
path_prefix: /var/loki
storage:
filesystem:
chunks_directory: /var/loki/chunks
rules_directory: /var/loki/rules
replication_factor: 1
ring:
kvstore:
store: inmemory
storage_config:
filesystem:
directory: /var/loki/chunks
index_queries_cache_config:
embedded_cache:
enabled: true
max_size_mb: 80
ttl: 30m
schema_config:
configs:
- from: 2025-04-28
store: tsdb
object_store: filesystem
schema: v13
index:
prefix: index_
period: 24h
chunk_store_config:
chunk_cache_config:
embedded_cache:
enabled: true
max_size_mb: 80
ttl: 30m
write_dedupe_cache_config:
embedded_cache:
enabled: true
max_size_mb: 80
ttl: 30m

48
resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-ccchh-critical.j2
View file

@ -1,48 +0,0 @@
base-url https://grafana.hamburg.ccc.de/ntfy-alertmanager-ccchh-critical
http-address :8000
log-level info
log-format text
# When multiple alerts are grouped together by Alertmanager, they can either be sent
# each on their own (single mode) or be kept together (multi mode)
# Options: single, multi
# Default: multi
alert-mode single
labels {
order "severity"
severity "critical" {
priority 4
tags "rotating_light"
}
severity "warning" {
priority 3
tags "warning"
}
severity "info" {
priority 1
}
}
resolved {
tags "white_check_mark,resolved"
priority 2
}
ntfy {
server https://ntfy.hamburg.ccc.de
topic ccchh-alertmanager-critical
access-token {{ secret__ntfy_token }}
}
alertmanager {
silence-duration 3h
}
cache {
type memory
duration 12h
cleanup-interval 1h
}

48
resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-ccchh.j2
View file

@ -1,48 +0,0 @@
base-url https://grafana.hamburg.ccc.de/ntfy-alertmanager-ccchh
http-address :8010
log-level info
log-format text
# When multiple alerts are grouped together by Alertmanager, they can either be sent
# each on their own (single mode) or be kept together (multi mode)
# Options: single, multi
# Default: multi
alert-mode single
labels {
order "severity"
severity "critical" {
priority 4
tags "rotating_light"
}
severity "warning" {
priority 3
tags "warning"
}
severity "info" {
priority 1
}
}
resolved {
tags "white_check_mark,resolved"
priority 2
}
ntfy {
server https://ntfy.hamburg.ccc.de
topic ccchh-alertmanager
access-token {{ secret__ntfy_token }}
}
alertmanager {
silence-duration 3h
}
cache {
type memory
duration 12h
cleanup-interval 1h
}

48
resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-fux-critical.j2
View file

@ -1,48 +0,0 @@
base-url https://grafana.hamburg.ccc.de/ntfy-alertmanager-fux-critical
http-address :8001
log-level info
log-format text
# When multiple alerts are grouped together by Alertmanager, they can either be sent
# each on their own (single mode) or be kept together (multi mode)
# Options: single, multi
# Default: multi
alert-mode single
labels {
order "severity"
severity "critical" {
priority 4
tags "rotating_light"
}
severity "warning" {
priority 3
tags "warning"
}
severity "info" {
priority 1
}
}
resolved {
tags "white_check_mark,resolved"
priority 2
}
ntfy {
server https://ntfy.hamburg.ccc.de
topic fux-alertmanager-critical
access-token {{ secret__ntfy_token }}
}
alertmanager {
silence-duration 3h
}
cache {
type memory
duration 12h
cleanup-interval 1h
}

48
resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-fux.j2
View file

@ -1,48 +0,0 @@
base-url https://grafana.hamburg.ccc.de/ntfy-alertmanager-fux
http-address :8011
log-level info
log-format text
# When multiple alerts are grouped together by Alertmanager, they can either be sent
# each on their own (single mode) or be kept together (multi mode)
# Options: single, multi
# Default: multi
alert-mode single
labels {
order "severity"
severity "critical" {
priority 4
tags "rotating_light"
}
severity "warning" {
priority 3
tags "warning"
}
severity "info" {
priority 1
}
}
resolved {
tags "white_check_mark,resolved"
priority 2
}
ntfy {
server https://ntfy.hamburg.ccc.de
topic fux-alertmanager
access-token {{ secret__ntfy_token }}
}
alertmanager {
silence-duration 3h
}
cache {
type memory
duration 12h
cleanup-interval 1h
}

28
resources/chaosknoten/grafana/docker_compose/prometheus.yml
View file

@ -1,12 +1,12 @@
global:
scrape_interval: 60s
scrape_timeout: 15s
evaluation_interval: 30s
scrape_interval: 15s
scrape_timeout: 10s
evaluation_interval: 15s
alerting:
alertmanagers:
- scheme: http
timeout: 15s
timeout: 10s
static_configs:
- targets:
- "alertmanager:9093"
@ -22,8 +22,6 @@ scrape_configs:
static_configs:
- targets:
- localhost:9090
labels:
org: ccchh
- job_name: alertmanager
honor_timestamps: true
metrics_path: /metrics
@ -31,8 +29,6 @@ scrape_configs:
static_configs:
- targets:
- alertmanager:9093
labels:
org: ccchh
- job_name: mumble
honor_timestamps: true
scrape_interval: 5s
@ -42,8 +38,6 @@ scrape_configs:
static_configs:
- targets:
- mumble.hamburg.ccc.de:443
labels:
org: ccchh
- job_name: opnsense-ccchh
honor_timestamps: true
metrics_path: /metrics
@ -51,8 +45,6 @@ scrape_configs:
static_configs:
- targets:
- 185.161.129.132:9100
labels:
org: ccchh
- job_name: jitsi
honor_timestamps: true
scrape_interval: 5s
@ -62,14 +54,10 @@ scrape_configs:
static_configs:
- targets:
- jitsi.hamburg.ccc.de:9888 # Jitsi Video Bridge
labels:
org: ccchh
- job_name: 'pve'
static_configs:
- targets:
- 212.12.48.126 # chaosknoten
labels:
org: ccchh
metrics_path: /pve
params:
module: [ default ]
@ -86,7 +74,6 @@ scrape_configs:
static_configs:
# Wieske Chaosknoten VMs
- labels:
org: ccchh
site: wieske
type: virtual_machine
hypervisor: chaosknoten
@ -96,6 +83,7 @@ scrape_configs:
- public-web-static-intern.hamburg.ccc.de:9100
- git-intern.hamburg.ccc.de:9100
- forgejo-actions-runner-intern.hamburg.ccc.de:9100
- eh22-netbox-intern.hamburg.ccc.de:9100
- eh22-wiki-intern.hamburg.ccc.de:9100
- mjolnir-intern.hamburg.ccc.de:9100
- woodpecker-intern.hamburg.ccc.de:9100
@ -111,13 +99,7 @@ scrape_configs:
- zammad-intern.hamburg.ccc.de:9100
- pretalx-intern.hamburg.ccc.de:9100
- labels:
org: ccchh
site: wieske
type: physical_machine
targets:
- chaosknoten.hamburg.ccc.de:9100
storage:
tsdb:
out_of_order_time_window: 90m

29
resources/chaosknoten/grafana/docker_compose/prometheus_alerts.rules.yaml
View file

@ -196,9 +196,9 @@ groups:
# Same rule using "node_filesystem_free_bytes" will fire when disk fills for non-root users.
- alert: HostDiskWillFillIn24Hours
expr: ((node_filesystem_avail_bytes * 100) / node_filesystem_size_bytes < 10 and ON (instance, device, mountpoint) predict_linear(node_filesystem_avail_bytes{fstype!~"tmpfs"}[1h], 24 * 3600) < 0 and ON (instance, device, mountpoint) node_filesystem_readonly == 0) * on(instance) group_left (nodename) node_uname_info{nodename=~".+"}
for: 5m
for: 2m
labels:
severity: critical
severity: warning
annotations:
summary: Host disk will fill in 24 hours (instance {{ $labels.instance }})
description: "Filesystem is predicted to run out of space within the next 24 hours at current write rate\n VALUE = {{ $value }}"
@ -212,9 +212,9 @@ groups:
description: "Disk is almost running out of available inodes (< 10% left)\n VALUE = {{ $value }}"
- alert: HostInodesWillFillIn24Hours
expr: (node_filesystem_files_free{fstype!="msdosfs"} / node_filesystem_files{fstype!="msdosfs"} * 100 < 10 and predict_linear(node_filesystem_files_free{fstype!="msdosfs"}[1h], 24 * 3600) < 0 and ON (instance, device, mountpoint) node_filesystem_readonly{fstype!="msdosfs"} == 0) * on(instance) group_left (nodename) node_uname_info{nodename=~".+"}
for: 5m
for: 2m
labels:
severity: critical
severity: warning
annotations:
summary: Host inodes will fill in 24 hours (instance {{ $labels.instance }})
description: "Filesystem is predicted to run out of inodes within the next 24 hours at current write rate\n VALUE = {{ $value }}"
@ -362,7 +362,7 @@ groups:
expr: (node_systemd_unit_state{state="failed"} == 1) * on(instance) group_left (nodename) node_uname_info{nodename=~".+"}
for: 0m
labels:
severity: critical
severity: warning
annotations:
summary: Host systemd service crashed (instance {{ $labels.instance }})
description: "systemd service crashed\n VALUE = {{ $value }}"
@ -438,7 +438,6 @@ groups:
for: 0m
labels:
severity: warning
org: ccchh
annotations:
summary: Prometheus too many restarts (instance {{ $labels.instance }})
description: "Prometheus has restarted more than twice in the last 15 minutes. It might be crashlooping.\n VALUE = {{ $value }}"
@ -447,7 +446,6 @@ groups:
for: 0m
labels:
severity: warning
org: ccchh
annotations:
summary: Prometheus AlertManager job missing (instance {{ $labels.instance }})
description: "A Prometheus AlertManager job has disappeared\n VALUE = {{ $value }}"
@ -456,7 +454,6 @@ groups:
for: 0m
labels:
severity: warning
org: ccchh
annotations:
summary: Prometheus AlertManager configuration reload failure (instance {{ $labels.instance }})
description: "AlertManager configuration reload error\n VALUE = {{ $value }}"
@ -465,7 +462,6 @@ groups:
for: 0m
labels:
severity: warning
org: ccchh
annotations:
summary: Prometheus AlertManager config not synced (instance {{ $labels.instance }})
description: "Configurations of AlertManager cluster instances are out of sync\n VALUE = {{ $value }}"
@ -483,7 +479,6 @@ groups:
for: 0m
labels:
severity: critical
org: ccchh
annotations:
summary: Prometheus not connected to alertmanager (instance {{ $labels.instance }})
description: "Prometheus cannot connect the alertmanager\n VALUE = {{ $value }}"
@ -492,7 +487,6 @@ groups:
for: 0m
labels:
severity: critical
org: ccchh
annotations:
summary: Prometheus rule evaluation failures (instance {{ $labels.instance }})
description: "Prometheus encountered {{ $value }} rule evaluation failures, leading to potentially ignored alerts.\n VALUE = {{ $value }}"
@ -501,7 +495,6 @@ groups:
for: 0m
labels:
severity: critical
org: ccchh
annotations:
summary: Prometheus template text expansion failures (instance {{ $labels.instance }})
description: "Prometheus encountered {{ $value }} template text expansion failures\n VALUE = {{ $value }}"
@ -510,7 +503,6 @@ groups:
for: 5m
labels:
severity: warning
org: ccchh
annotations:
summary: Prometheus rule evaluation slow (instance {{ $labels.instance }})
description: "Prometheus rule evaluation took more time than the scheduled interval. It indicates a slower storage backend access or too complex query.\n VALUE = {{ $value }}"
@ -527,7 +519,6 @@ groups:
for: 0m
labels:
severity: critical
org: ccchh
annotations:
summary: Prometheus AlertManager notification failing (instance {{ $labels.instance }})
description: "Alertmanager is failing sending notifications\n VALUE = {{ $value }}"
@ -536,7 +527,6 @@ groups:
for: 0m
labels:
severity: critical
org: ccchh
annotations:
summary: Prometheus target empty (instance {{ $labels.instance }})
description: "Prometheus has no target in service discovery\n VALUE = {{ $value }}"
@ -545,7 +535,6 @@ groups:
for: 5m
labels:
severity: warning
org: ccchh
annotations:
summary: Prometheus target scraping slow (instance {{ $labels.instance }})
description: "Prometheus is scraping exporters slowly since it exceeded the requested interval time. Your Prometheus server is under-provisioned.\n VALUE = {{ $value }}"
@ -586,7 +575,6 @@ groups:
for: 0m
labels:
severity: critical
org: ccchh
annotations:
summary: Prometheus TSDB compactions failed (instance {{ $labels.instance }})
description: "Prometheus encountered {{ $value }} TSDB compactions failures\n VALUE = {{ $value }}"
@ -595,7 +583,6 @@ groups:
for: 0m
labels:
severity: critical
org: ccchh
annotations:
summary: Prometheus TSDB head truncations failed (instance {{ $labels.instance }})
description: "Prometheus encountered {{ $value }} TSDB head truncation failures\n VALUE = {{ $value }}"
@ -604,7 +591,6 @@ groups:
for: 0m
labels:
severity: critical
org: ccchh
annotations:
summary: Prometheus TSDB reload failures (instance {{ $labels.instance }})
description: "Prometheus encountered {{ $value }} TSDB reload failures\n VALUE = {{ $value }}"
@ -613,7 +599,6 @@ groups:
for: 0m
labels:
severity: critical
org: ccchh
annotations:
summary: Prometheus TSDB WAL corruptions (instance {{ $labels.instance }})
description: "Prometheus encountered {{ $value }} TSDB WAL corruptions\n VALUE = {{ $value }}"
@ -622,16 +607,14 @@ groups:
for: 0m
labels:
severity: critical
org: ccchh
annotations:
summary: Prometheus TSDB WAL truncations failed (instance {{ $labels.instance }})
description: "Prometheus encountered {{ $value }} TSDB WAL truncation failures\n VALUE = {{ $value }}"
- alert: PrometheusTimeseriesCardinality
expr: label_replace(count by(__name__) ({__name__=~".+"}), "name", "$1", "__name__", "(.+)") > 20000
expr: label_replace(count by(__name__) ({__name__=~".+"}), "name", "$1", "__name__", "(.+)") > 10000
for: 0m
labels:
severity: warning
org: ccchh
annotations:
summary: Prometheus timeseries cardinality (instance {{ $labels.instance }})
description: "The \"{{ $labels.name }}\" timeseries cardinality is getting very high: {{ $value }}\n VALUE = {{ $value }}"

70
resources/chaosknoten/grafana/nginx/grafana.hamburg.ccc.de.conf
View file

@ -2,8 +2,7 @@
# https://ssl-config.mozilla.org/#server=nginx&version=1.17.7&config=intermediate&openssl=1.1.1k&guideline=5.6
server {
# Listen on a custom port for the proxy protocol.
listen 8443 ssl proxy_protocol;
http2 on;
listen 8443 ssl http2 proxy_protocol;
# Make use of the ngx_http_realip_module to set the $remote_addr and
# $remote_port to the client address and client port, when using proxy
# protocol.
@ -41,71 +40,4 @@ server {
proxy_pass http://127.0.0.1:3000/;
}
location /ntfy-alertmanager-ccchh-critical/ {
deny all;
allow ::1/128;
allow 127.0.0.1/32;
# Wieske
allow 172.31.17.128/25;
allow 212.12.51.128/28;
allow 2a00:14b0:42:100::/56; #Neues v6 gerouted via neuem Router
allow 2a00:14b0:4200:3000::/64; #Bei Wieske
allow 2a00:14b0:4200:3380::/64;
allow 2a00:14b0:f000:23::/64; #CCCHH v6 bei Wieske, geroutet über turing
# Z9
allow 2a07:c480:0:100::/56;
allow 2a07:c481:1::/48;
proxy_pass http://127.0.0.1:8000/;
}
location /ntfy-alertmanager-ccchh/ {
deny all;
allow ::1/128;
allow 127.0.0.1/32;
# Wieske
allow 172.31.17.128/25;
allow 212.12.51.128/28;
allow 2a00:14b0:42:100::/56; #Neues v6 gerouted via neuem Router
allow 2a00:14b0:4200:3000::/64; #Bei Wieske
allow 2a00:14b0:4200:3380::/64;
allow 2a00:14b0:f000:23::/64; #CCCHH v6 bei Wieske, geroutet über turing
# Z9
allow 2a07:c480:0:100::/56;
allow 2a07:c481:1::/48;
proxy_pass http://127.0.0.1:8010/;
}
location /ntfy-alertmanager-fux-critical/ {
deny all;
allow ::1/128;
allow 127.0.0.1/32;
# Wieske
allow 172.31.17.128/25;
allow 212.12.51.128/28;
allow 2a00:14b0:42:100::/56; #Neues v6 gerouted via neuem Router
allow 2a00:14b0:4200:3000::/64; #Bei Wieske
allow 2a00:14b0:4200:3380::/64;
allow 2a00:14b0:f000:23::/64; #CCCHH v6 bei Wieske, geroutet über turing
# Z9
allow 2a07:c480:0:100::/56;
allow 2a07:c481:1::/48;
proxy_pass http://127.0.0.1:8001/;
}
location /ntfy-alertmanager-fux/ {
deny all;
allow ::1/128;
allow 127.0.0.1/32;
# Wieske
allow 172.31.17.128/25;
allow 212.12.51.128/28;
allow 2a00:14b0:42:100::/56; #Neues v6 gerouted via neuem Router
allow 2a00:14b0:4200:3000::/64; #Bei Wieske
allow 2a00:14b0:4200:3380::/64;
allow 2a00:14b0:f000:23::/64; #CCCHH v6 bei Wieske, geroutet über turing
# Z9
allow 2a07:c480:0:100::/56;
allow 2a07:c481:1::/48;
proxy_pass http://127.0.0.1:8011/;
}
}

89
resources/chaosknoten/grafana/nginx/loki.hamburg.ccc.de.conf
View file

@ -1,89 +0,0 @@
server {
allow ::1/128;
allow 127.0.0.1/32;
# Wieske
allow 172.31.17.128/25;
allow 212.12.51.128/28;
allow 2a00:14b0:42:100::/56; #Neues v6 gerouted via neuem Router
allow 2a00:14b0:4200:3000::/64; #Bei Wieske
allow 2a00:14b0:4200:3380::/64;
allow 2a00:14b0:f000:23::/64; #CCCHH v6 bei Wieske, geroutet über turing
# Z9
allow 2a07:c480:0:100::/56;
allow 2a07:c481:1::/48;
deny all;
server_name loki.hamburg.ccc.de;
listen [::]:50051 ssl;
listen 172.31.17.145:50051 ssl;
http2 on;
client_body_buffer_size 512k;
ssl_certificate /etc/letsencrypt/live/loki.hamburg.ccc.de/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/loki.hamburg.ccc.de/privkey.pem;
auth_basic "loki";
auth_basic_user_file loki.htpasswd;
location / {
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Port 9099;
# This is https in any case.
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Scope-OrgID $remote_user;
grpc_pass grpc://localhost:19099;
}
}
server {
allow ::1/128;
allow 127.0.0.1/32;
# Wieske
allow 172.31.17.128/25;
allow 212.12.51.128/28;
allow 2a00:14b0:42:100::/56; #Neues v6 gerouted via neuem Router
allow 2a00:14b0:4200:3000::/64; #Bei Wieske
allow 2a00:14b0:4200:3380::/64;
allow 2a00:14b0:f000:23::/64; #CCCHH v6 bei Wieske, geroutet über turing
# Z9
allow 2a07:c480:0:100::/56;
allow 2a07:c481:1::/48;
deny all;
server_name loki.hamburg.ccc.de;
listen [::]:443 ssl;
listen 172.31.17.145:443 ssl;
http2 on;
client_body_buffer_size 512k;
ssl_certificate /etc/letsencrypt/live/loki.hamburg.ccc.de/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/loki.hamburg.ccc.de/privkey.pem;
# verify chain of trust of OCSP response using Root CA and Intermediate certs
ssl_trusted_certificate /etc/letsencrypt/live/loki.hamburg.ccc.de/chain.pem;
# HSTS (ngx_http_headers_module is required) (63072000 seconds)
add_header Strict-Transport-Security "max-age=63072000" always;
auth_basic "loki";
auth_basic_user_file loki.htpasswd;
location / {
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# This is https in any case.
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Scope-OrgID $remote_user;
proxy_pass http://127.0.0.1:13100;
}
}

1
resources/chaosknoten/grafana/nginx/loki.htpasswd.j2
View file

@ -1 +0,0 @@
chaos:{{ secret__loki_chaos_basic_auth }}

61
resources/chaosknoten/grafana/nginx/metrics.hamburg.ccc.de.conf
View file

@ -1,61 +0,0 @@
server {
allow ::1/128;
allow 127.0.0.1/32;
# Wieske
allow 172.31.17.128/25;
allow 212.12.51.128/28;
allow 2a00:14b0:42:100::/56; #Neues v6 gerouted via neuem Router
allow 2a00:14b0:4200:3000::/64; #Bei Wieske
allow 2a00:14b0:4200:3380::/64;
allow 2a00:14b0:f000:23::/64; #CCCHH v6 bei Wieske, geroutet über turing
# Z9
allow 2a07:c480:0:100::/56;
allow 2a07:c481:1::/48;
# fuxnoc
allow 2a07:c481:0:1::/64;
deny all;
server_name metrics.hamburg.ccc.de;
listen [::]:443 ssl;
listen 172.31.17.145:443 ssl;
http2 on;
client_body_buffer_size 512k;
ssl_certificate /etc/letsencrypt/live/metrics.hamburg.ccc.de/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/metrics.hamburg.ccc.de/privkey.pem;
# verify chain of trust of OCSP response using Root CA and Intermediate certs
ssl_trusted_certificate /etc/letsencrypt/live/metrics.hamburg.ccc.de/chain.pem;
# HSTS (ngx_http_headers_module is required) (63072000 seconds)
add_header Strict-Transport-Security "max-age=63072000" always;
auth_basic "metrics";
auth_basic_user_file metrics.htpasswd;
location /api/v1/write {
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Port 3100;
# This is https in any case.
proxy_set_header X-Forwarded-Proto https;
proxy_pass http://127.0.0.1:9090;
}
location /ready {
rewrite ^ /-/ready break;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# This is https in any case.
proxy_set_header X-Forwarded-Proto https;
proxy_pass http://127.0.0.1:9090;
}
}

2
resources/chaosknoten/grafana/nginx/metrics.htpasswd.j2
View file

@ -1,2 +0,0 @@
chaos:{{ secret__metrics_chaos_basic_auth }}
fux:{{ secret__metrics_fux_basic_auth }}

14
resources/chaosknoten/grafana/nginx/redirect.conf
View file

@ -1,14 +0,0 @@
# partly generated 2022-01-08, Mozilla Guideline v5.6, nginx 1.17.7, OpenSSL 1.1.1k, intermediate configuration
# https://ssl-config.mozilla.org/#server=nginx&version=1.17.7&config=intermediate&openssl=1.1.1k&guideline=5.6
server {
listen 80 default_server;
listen [::]:80 default_server;
location / {
return 301 https://$host$request_uri;
}
location /.well-known/acme-challenge/ {
proxy_pass http://127.0.0.1:31820/.well-known/acme-challenge/;
}
}

20
resources/chaosknoten/keycloak/docker_compose/compose.yaml.j2
View file

@ -22,7 +22,7 @@
services:
keycloak:
image: git.hamburg.ccc.de/ccchh/oci-images/keycloak:26.2
image: git.hamburg.ccc.de/ccchh/oci-images/keycloak:26.0
pull_policy: always
restart: unless-stopped
command: start --optimized
@ -32,11 +32,11 @@ services:
- keycloak
environment:
KEYCLOAK_ADMIN: admin
KEYCLOAK_ADMIN_PASSWORD: {{ secret__keycloak_admin_password }}
KEYCLOAK_ADMIN_PASSWORD: {{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/keycloak/KEYCLOAK_ADMIN_PASSWORD", create=false, missing="error") }}
KC_DB: postgres
KC_DB_URL_HOST: db
KC_DB_USERNAME: keycloak
KC_DB_PASSWORD: {{ secret__keycloak_db_password }}
KC_DB_PASSWORD: {{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/keycloak/KC_DB_PASSWORD", create=false, missing="error") }}
KC_HOSTNAME: https://id.hamburg.ccc.de
KC_HOSTNAME_BACKCHANNEL_DYNAMIC: false
KC_HOSTNAME_ADMIN: https://keycloak-admin.hamburg.ccc.de
@ -46,7 +46,7 @@ services:
- "8080:8080"
db:
image: postgres:15.13
image: postgres:15.2
restart: unless-stopped
networks:
- keycloak
@ -54,7 +54,7 @@ services:
- "./database:/var/lib/postgresql/data"
environment:
POSTGRES_USER: keycloak
POSTGRES_PASSWORD: {{ secret__keycloak_db_password }}
POSTGRES_PASSWORD: {{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/keycloak/POSTGRES_PASSWORD", create=false, missing="error") }}
POSTGRES_DB: keycloak
id-invite-web:
@ -76,10 +76,10 @@ services:
- "IDINVITE_URL=https://invite.hamburg.ccc.de"
- "IDINVITE_KEYCLOAK_NAME=CCCHH ID"
- "IDINVITE_VALID_HOURS=50"
- "IDINVITE_SECRET={{ secret__idinvite_token_secret }}"
- "IDINVITE_SECRET={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/keycloak/IDINVITE_TOKEN_SECRET", create=false, missing="error") }}"
- "IDINVITE_DISCOVERY_URL=https://id.hamburg.ccc.de/realms/ccchh/.well-known/openid-configuration"
- "IDINVITE_CLIENT_ID=id-invite"
- "IDINVITE_CLIENT_SECRET={{ secret__idinvite_client_secret }}"
- "IDINVITE_CLIENT_SECRET={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/keycloak/IDINVITE_CLIENT_SECRET", create=false, missing="error") }}"
- "MAIL_FROM=no-reply@hamburg.ccc.de"
- "BOTTLE_HOST=0.0.0.0"
@ -96,7 +96,7 @@ services:
- "MAIL_FROM=no-reply@id.hamburg.ccc.de"
- "SMTP_HOSTNAME=cow.hamburg.ccc.de"
- "SMTP_USERNAME=no-reply@id.hamburg.ccc.de"
- "SMTP_PASSWORD={{ secret__id_no_reply_smtp }}"
- "SMTP_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/keycloak/NO_REPLY_SMTP", create=false, missing="error") }}"
id-invite-keycloak:
image: git.hamburg.ccc.de/ccchh/id-invite/id-invite:latest
@ -107,10 +107,10 @@ services:
environment:
- "BOTTLE_HOST=0.0.0.0"
- "IDINVITE_CLIENT_ID=id-invite"
- "IDINVITE_CLIENT_SECRET={{ secret__idinvite_client_secret }}"
- "IDINVITE_CLIENT_SECRET={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/keycloak/IDINVITE_CLIENT_SECRET", create=false, missing="error") }}"
- "KEYCLOAK_API_URL=http://keycloak:8080"
- "KEYCLOAK_API_USERNAME=id-invite"
- "KEYCLOAK_API_PASSWORD={{ secret__idinvite_admin_password }}"
- "KEYCLOAK_API_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/keycloak/IDINVITE_ADMIN_PASSWORD", create=false, missing="error") }}"
- "KEYCLOAK_API_REALM=ccchh"
- 'KEYCLOAK_GROUPS=["user"]'

1
resources/chaosknoten/keycloak/nginx/keycloak-admin.hamburg.ccc.de.conf
View file

@ -43,7 +43,6 @@ server {
allow 185.161.129.132/32; # z9
allow 2a07:c480:0:100::/56; # z9
allow 2a07:c481:1::/48; # z9 new ipv6
allow 213.240.180.39/32; # stbe home
allow 2a01:170:118b::1/64; # stbe home
deny all;

6
resources/chaosknoten/netbox/netbox/configuration.py.j2
View file

@ -3,7 +3,7 @@ DATABASE = {
"HOST": "localhost",
"NAME": "netbox",
"USER": "netbox",
"PASSWORD": "{{ netbox__db_password }}",
"PASSWORD": "{{ lookup('community.general.passwordstore', 'noc/vm-secrets/chaosknoten/netbox/DATABASE_PASSWORD', create=false, missing='error') }}",
}
REDIS = {
"tasks": {
@ -23,7 +23,7 @@ REDIS = {
"SSL": False,
},
}
SECRET_KEY = "{{ secret__netbox_secret_key }}"
SECRET_KEY = "{{ lookup('community.general.passwordstore', 'noc/vm-secrets/chaosknoten/netbox/SECRET_KEY', create=false, missing='error') }}"
SESSION_COOKIE_SECURE = True
# CCCHH ID (Keycloak) integration.
@ -38,7 +38,7 @@ SOCIAL_AUTH_KEYCLOAK_AUTHORIZATION_URL = (
)
SOCIAL_AUTH_KEYCLOAK_KEY = "netbox"
SOCIAL_AUTH_KEYCLOAK_PUBLIC_KEY = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/Shi+b2OyYNGVFPsa6qf9SesEpRl5U5rpwgmt8H7NawMvwpPUYVW9o46QW0ulYcDmysT3BzpP3tagO/SFNoOjZdYe0D9nJ7vEp8KHbzR09KCfkyQIi0wLssKnDotVHL5JeUY+iKk+gjiwF9FSFSHPBqsST7hXVAut9LkOvs2aDod9AzbTH/uYbt4wfUm5l/1Ii8D+K7YcsFGUIqxv4XS/ylKqObqN4M2dac69iIwapoh6reaBQEm66vrOzJ+3yi4DZuPrkShJqi2hddtoyZihyCkF+eJJKEI5LrBf1KZB3Ec2YUrqk93ZGUGs/XY6R87QSfR3hJ82B1wnF+c2pw+QIDAQAB"
SOCIAL_AUTH_KEYCLOAK_SECRET = "{{ secret__netbox_social_auth_keycloak_secret }}"
SOCIAL_AUTH_KEYCLOAK_SECRET = "{{ lookup('community.general.passwordstore', 'noc/vm-secrets/chaosknoten/netbox/SOCIAL_AUTH_KEYCLOAK_SECRET', create=false, missing='error') }}"
# Use custom OIDC group and role mapping pipeline functions added in via
# netbox__custom_pipeline_oidc_group_and_role_mapping.
# The default pipeline this is based on can be found here:

24
resources/chaosknoten/ntfy/docker_compose/compose.yaml.j2
View file

@ -1,24 +0,0 @@
---
services:
ntfy:
image: binwiederhier/ntfy
container_name: ntfy
command:
- serve
volumes:
- ntfy_cache:/var/cache/ntfy
- ntfy_var:/var/lib/ntfy
- ./configs/server.yml:/etc/ntfy/server.yml
ports:
- 2586:2586
- 9586:9586
healthcheck: # optional: remember to adapt the host:port to your environment
test: ["CMD-SHELL", "wget -q --tries=1 http://localhost:2586/v1/health -O - | grep -Eo '\"healthy\"\\s*:\\s*true' || exit 1"]
interval: 60s
timeout: 10s
retries: 3
start_period: 40s
restart: unless-stopped
volumes:
ntfy_cache: {}
ntfy_var: {}

21
resources/chaosknoten/ntfy/docker_compose/server.yaml.j2
View file

@ -1,21 +0,0 @@
base-url: "https://ntfy.hamburg.ccc.de"
default-host: "https://ntfy.hamburg.ccc.de"
listen-http: ":2586"
behind-proxy: true
cache-file: "/var/cache/ntfy/cache.db"
log-format: json
enable-metrics: true
metrics-listen-http: ":9586"
auth-default-access: "deny-all"
auth-file: "/var/lib/ntfy/user.db"
attachment-cache-dir: "/var/cache/ntfy/attachments"
web-push-public-key: "BCx7PqDiVNlOiAHHfSxjbTle_LN4hetwHYi58GJhQxiY33AQ663IaJVro7B28j-1KOqwdzKco3dMMwzBJl9OQ90"
web-push-private-key: {{ secret__ntfy_web_push_private_key }}
web-push-file: "/var/cache/ntfy/webpush.db"
web-push-email-address: "mailto:noc@lists.hamburg.ccc.de"
upstream-base-url: "https://ntfy.sh"

2
resources/chaosknoten/onlyoffice/docker_compose/compose.yaml.j2
View file

@ -14,4 +14,4 @@ services:
ports:
- "8080:80"
environment:
JWT_SECRET: {{ secret__onlyoffice_jwt_secret }}
JWT_SECRET: {{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/onlyoffice/JWT_SECRET", create=false, missing="error") }}

10
resources/chaosknoten/pad/docker_compose/compose.yaml.j2
View file

@ -6,7 +6,7 @@ services:
image: docker.io/library/postgres:15-alpine
environment:
- "POSTGRES_USER=hedgedoc"
- "POSTGRES_PASSWORD={{ secret__hedgedoc_db_password }}"
- "POSTGRES_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/pad/DB_PASSWORD", create=false, missing="error") }}"
- "POSTGRES_DB=hedgedoc"
volumes:
- database:/var/lib/postgresql/data
@ -16,7 +16,7 @@ services:
#image: quay.io/hedgedoc/hedgedoc:1.9.9
image: quay.io/hedgedoc/hedgedoc:latest
environment:
- "CMD_DB_URL=postgres://hedgedoc:{{ secret__hedgedoc_db_password }}@database:5432/hedgedoc"
- "CMD_DB_URL=postgres://hedgedoc:{{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/pad/DB_PASSWORD", create=false, missing="error") }}@database:5432/hedgedoc"
- "CMD_DOMAIN=pad.hamburg.ccc.de"
- "CMD_PROTOCOL_USESSL=true"
- "CMD_HSTS_ENABLE=false"
@ -35,7 +35,7 @@ services:
- "CMD_OAUTH2_TOKEN_URL=https://id.hamburg.ccc.de/realms/ccchh/protocol/openid-connect/token"
- "CMD_OAUTH2_AUTHORIZATION_URL=https://id.hamburg.ccc.de/realms/ccchh/protocol/openid-connect/auth"
- "CMD_OAUTH2_CLIENT_ID=pad"
- "CMD_OAUTH2_CLIENT_SECRET={{ secret__hedgedoc_kc_secret }}"
- "CMD_OAUTH2_CLIENT_SECRET={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/pad/KC_SECRET", create=false, missing="error") }}"
- "CMD_OAUTH2_PROVIDERNAME=Keycloak"
- "CMD_OAUTH2_SCOPE=openid email profile"
volumes:
@ -53,11 +53,11 @@ services:
environment:
- "POSTGRES_HOSTNAME=database"
- "POSTGRES_USERNAME=hedgedoc"
- "POSTGRES_PASSWORD={{ secret__hedgedoc_db_password }}"
- "POSTGRES_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/pad/DB_PASSWORD", create=false, missing="error") }}"
- "SMTP_FROM=pad@hamburg.ccc.de"
- "SMTP_HOSTNAME=cow.hamburg.ccc.de"
- "SMTP_USERNAME=pad@hamburg.ccc.de"
- "SMTP_PASSWORD={{ secret__pad_smtp_password }}"
- "SMTP_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/pad/smtp_password", create=false, missing="error") }}"
- "URL=https://pad.hamburg.ccc.de"
depends_on:
- database

9
resources/chaosknoten/pretalx/docker_compose/compose.yaml.j2
View file

@ -6,7 +6,7 @@ services:
image: docker.io/library/postgres:15-alpine
environment:
- "POSTGRES_USER=pretalx"
- "POSTGRES_PASSWORD={{ secret__pretalx_db_password }}"
- "POSTGRES_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/pretalx/DB_PASSWORD", create=false, missing="error") }}"
- "POSTGRES_DB=pretalx"
volumes:
- database:/var/lib/postgresql/data
@ -53,14 +53,13 @@ services:
restart: unless-stopped
environment:
PRETALX_DATA_DIR: /data
PRETALX_FILE_UPLOAD_LIMIT: 1000 # MB
PRETALX_FILESYSTEM_MEDIA: /public/media
PRETALX_FILESYSTEM_STATIC: /public/static
PRETALX_SITE_URL: https://pretalx.hamburg.ccc.de
PRETALX_DB_TYPE: postgresql
PRETALX_DB_NAME: pretalx
PRETALX_DB_USER: pretalx
PRETALX_DB_PASS: "{{ secret__pretalx_db_password }}"
PRETALX_DB_PASS: "{{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/pretalx/DB_PASSWORD", create=false, missing="error") }}"
PRETALX_DB_HOST: database
PRETALX_MAIL_FROM: "pretalx@hamburg.ccc.de"
PRETALX_MAIL_HOST: "cow-intern.hamburg.ccc.de"
@ -90,13 +89,13 @@ services:
PRETALX_DB_TYPE: postgresql
PRETALX_DB_NAME: pretalx
PRETALX_DB_USER: pretalx
PRETALX_DB_PASS: "{{ secret__pretalx_db_password }}"
PRETALX_DB_PASS: "{{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/pretalx/DB_PASSWORD", create=false, missing="error") }}"
PRETALX_DB_HOST: database
PRETALX_MAIL_FROM: "pretalx@hamburg.ccc.de"
PRETALX_MAIL_HOST: "cow.hamburg.ccc.de"
PRETALX_MAIL_PORT: 587
PRETALX_MAIL_USER: pretalx@hamburg.ccc.de
PRETALX_MAIL_PASSWORD: "{{ secret__pretalx_mail_password }}"
PRETALX_MAIL_PASSWORD: "{{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/pretalx/PRETALX_MAIL_PASSWORD", create=false, missing="error") }}"
PRETALX_MAIL_TLS: "true"
PRETALX_CELERY_BACKEND: redis://redis/1
PRETALX_CELERY_BROKER: redis://redis/2

7
resources/chaosknoten/public-reverse-proxy/nginx/acme_challenge.conf
View file

@ -70,11 +70,8 @@ map $host $upstream_acme_challenge_host {
design.hamburg.ccc.de 172.31.17.162:31820;
hydra.hamburg.ccc.de 172.31.17.163:31820;
cfp.eh22.easterhegg.eu 172.31.17.157:31820;
ntfy.hamburg.ccc.de 172.31.17.149:31820;
cryptoparty-hamburg.de 172.31.17.151:31820;
cryptoparty.hamburg.ccc.de 172.31.17.151:31820;
staging.cryptoparty-hamburg.de 172.31.17.151:31820;
staging.cryptoparty.hamburg.ccc.de 172.31.17.151:31820;
hub.eh22.easterhegg.eu eh22hub-intern.hamburg.ccc.de:31820;
netbox.eh22.easterhegg.eu eh22-netbox-intern.hamburg.ccc.de:31820;
default "";
}

7
resources/chaosknoten/public-reverse-proxy/nginx/nginx.conf
View file

@ -88,11 +88,8 @@ stream {
design.hamburg.ccc.de 172.31.17.162:8443;
hydra.hamburg.ccc.de 172.31.17.163:8443;
cfp.eh22.easterhegg.eu pretalx-intern.hamburg.ccc.de:8443;
ntfy.hamburg.ccc.de 172.31.17.149:8443;
cryptoparty-hamburg.de 172.31.17.151:8443;
cryptoparty.hamburg.ccc.de 172.31.17.151:8443;
staging.cryptoparty-hamburg.de 172.31.17.151:8443;
staging.cryptoparty.hamburg.ccc.de 172.31.17.151:8443;
hub.eh22.easterhegg.eu eh22hub-intern.hamburg.ccc.de:8443;
netbox.eh22.easterhegg.eu eh22-netbox-intern.hamburg.ccc.de:8443;
}
server {

2
resources/chaosknoten/tickets/docker_compose/compose.yaml.j2
View file

@ -4,7 +4,7 @@ services:
image: docker.io/library/postgres:15-alpine
environment:
- "POSTGRES_USER=pretix"
- "POSTGRES_PASSWORD={{ secret__pretix_db_password }}"
- "POSTGRES_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/tickets/DB_PASSWORD", create=false, missing="error") }}"
- "POSTGRES_DB=pretix"
volumes:
- database:/var/lib/postgresql/data

2
resources/chaosknoten/tickets/docker_compose/pretix.cfg.j2
View file

@ -10,7 +10,7 @@ trust_x_forwarded_proto=on
backend=postgresql
name=pretix
user=pretix
password={{ secret__pretix_db_password }}
password={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/tickets/DB_PASSWORD", create=false, missing="error") }}
host=database
[mail]

2
resources/chaosknoten/zammad/docker_compose/compose.yaml.j2
View file

@ -11,7 +11,7 @@ see https://github.com/zammad/zammad-docker-compose/blob/master/.env
{%- set POSTGRES_DB = "zammad_production" | quote -%}
{%- set POSTGRES_HOST = "zammad-postgresql" | quote -%}
{%- set POSTGRES_USER = "zammad" | quote -%}
{%- set POSTGRES_PASS = secret__zammad_db_password | quote -%}
{%- set POSTGRES_PASS = lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/zammad/DB_PASSWORD", create=false, missing="error") | quote -%}
{%- set POSTGRES_PORT = "5432" | quote -%}
{%- set POSTGRES_VERSION = "15-alpine" | quote -%}
{%- set REDIS_URL = "redis://zammad-redis:6379" | quote -%}

22
resources/z9/dooris/docker_compose/compose.yaml.j2
View file

@ -1,22 +0,0 @@
---
services:
dooris:
image: git.hamburg.ccc.de/ccchh/hmdooris/hmdooris:latest
environment:
HMDOORIS_ALLOWED_IPS: "2a07:c481:1:c8::/64 2a01:170:118b::/56 172.31.200.0/23 172.31.202.0/27"
HMDOORIS_CCUJACK_CERTIFICATE_PATH: false
HMDOORIS_CCUJACK_PASSWORD: "{{ secret__dooris_ccujack_password }}"
HMDOORIS_CCUJACK_URL: https://hmdooris-ccu.ccchh.net:2122
HMDOORIS_CCUJACK_USERNAME: dooris
HMDOORIS_CLIENT_ID: dooris
HMDOORIS_CLIENT_SECRET: "{{ secret__dooris_client_secret }}"
HMDOORIS_DISCOVERY_URL: https://id.hamburg.ccc.de/realms/ccchh/.well-known/openid-configuration
HMDOORIS_LISTEN: '0.0.0.0:3000'
HMDOORIS_REQUIRES_GROUP: /intern
HMDOORIS_URL: https://dooris.ccchh.net
PYTHONWARNINGS: "ignore:Unverified HTTPS request"
#DEBUG: true
ports:
- "127.0.0.1:3000:3000"
restart: unless-stopped

37
resources/z9/dooris/nginx/dooris.ccchh.net.conf
View file

@ -1,37 +0,0 @@
# partly generated 2022-01-08, Mozilla Guideline v5.6, nginx 1.17.7, OpenSSL 1.1.1k, intermediate configuration
# https://ssl-config.mozilla.org/#server=nginx&version=1.17.7&config=intermediate&openssl=1.1.1k&guideline=5.6
server {
listen [::]:443 ssl http2;
listen 443 ssl http2;
server_name dooris.ccchh.net;
ssl_certificate /etc/letsencrypt/live/dooris.ccchh.net/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/dooris.ccchh.net/privkey.pem;
# verify chain of trust of OCSP response using Root CA and Intermediate certs
ssl_trusted_certificate /etc/letsencrypt/live/dooris.ccchh.net/chain.pem;
# HSTS (ngx_http_headers_module is required) (63072000 seconds)
add_header Strict-Transport-Security "max-age=63072000" always;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Port 443;
# This is https in any case.
proxy_set_header X-Forwarded-Proto https;
# Hide the X-Forwarded header.
proxy_hide_header X-Forwarded;
# Assume we are the only Reverse Proxy (well using Proxy Protocol, but that
# is transparent).
# Also provide "_hidden" for by, since it's not relevant.
proxy_set_header Forwarded "for=$remote_addr;proto=https;host=$host;by=_hidden";
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
location / {
proxy_pass http://127.0.0.1:3000/;
}
}

12
resources/z9/yate/docker_compose/README.md
View file

@ -1,12 +0,0 @@
# Yate Configuration
Yate has a [beginners guide](https://docs.yate.ro/wiki/Beginners_in_Yate). Otherwise, you need to refer to the [sample config files](https://github.com/eventphone/yate/tree/master/conf.d).
For our limited setup, we only need three files:
* accfile.conf for defining SIP registrars that we want to register with (EPVPN, Fonial, and the Fux door intercom system)
* regexroute.conf for the call routing rules
* regfile.conf for the phones that connect to yate.ccchh.net
## Docker Compose Setup
yate runs as a container wiht host networking. The image is build through https://git.hamburg.ccc.de/CCCHH/yate-image, it is using the Eventphone fork of yate.

35
resources/z9/yate/docker_compose/accfile.conf.j2
View file

@ -1,35 +0,0 @@
; Yate will register to these SIP services
; see https://github.com/eventphone/yate/blob/master/conf.d/accfile.conf.sample
[epvpn_ccchh]
enabled=yes
protocol=sip
description=Eventphone EPVPN CCCHH
username=1008
authname=1008
password={{ secret__yate__sip_trunk_epvpn }}
interval=120
registrar=hg.eventphone.de
keepalive=1
[fonial_ccchh]
enabled=yes
protocol=sip
description=Fonial CCCHH
username=fo370381tr317349_00
authname=fo370381tr317349_00
password={{ secret__yate__sip_trunk_fonial }}
interval=120
registrar=sip.plusnet.de
keepalive=1
[fux_intercom]
enabled=yes
protocol=sip
description=Fux Intercom CCCHH doorbell
username=1337
authname=1337
password={{ secret__yate__sip_trunk_fux }}
interval=120
registrar=172.16.210.2
keepalive=1

20
resources/z9/yate/docker_compose/compose.yaml.j2
View file

@ -1,20 +0,0 @@
---
services:
yate:
image: git.hamburg.ccc.de/ccchh/yate-image/yate-image:latest
# command:
# - sh
# - "-c"
# - "while :; do sleep 10; done"
environment:
DEBUG: true
network_mode: host
# ports:
# - "127.0.0.1:3000:3000"
restart: unless-stopped
volumes:
- ./configs/accfile.conf:/opt/yate/etc/yate/accfile.conf
- ./configs/regexroute.conf:/opt/yate/etc/yate/regexroute.conf
- ./configs/regfile.conf:/opt/yate/etc/yate/regfile.conf
- ./lib-yate:/var/lib/yate

100
resources/z9/yate/docker_compose/regexroute.conf.j2
View file

@ -1,100 +0,0 @@
; Call routing
; see https://github.com/eventphone/yate/blob/master/conf.d/regexroute.conf.sample
[priorities]
; route: int: Priority of the routing message handler
route=90
[contexts]
; INBOUND CALLS:
${called}^1337$=inbound_fux
${called}^1008$=inbound_epvpn
${called}^04023830150$=inbound_fonial
${called}^fo370381tr317349_00$=inbound_fonial
;${called}.*=inbound
;^[0-9]\{4\}$=inbound ; Calls from 4 digit numbers: EPVPN
;^+\?[0-9]\{5,\}$=inbound ; Calls from longer numbers, optionally starting with +
;^*\{1,2\}[0-9]\{1,3\}$=inbound ; Internal fritzbox calls
; OUTBOUND CALLS:
^[0-9]\{3\}=outbound
^[a-z0-9]\{4,\}=outbound ; calls from internal users
^.*$=fallback ; Whatever calls managed to not be handled yet
[default] ; unused
^.*$=echo [default]"\0"
[test] ; unused
^.*$=echo [test] "\0"
^99991001$=tone/dial
^99991002$=tone/busy
^99991003$=tone/ring
^99991004$=tone/specdial
^99991005$=tone/congestion
^99991006$=tone/outoforder
^99991007$=tone/milliwatt
^99991008$=tone/info
; DEBUG HELPER
; ^.*$=echo match \0 adr ${address} src ${callsource} form ${formats} id ${id} peer ${peerid} type ${type} user ${username} caller ${caller} called ${called}
^[0-9]\{1,2\}$=return;called=\0
[outbound] ; Calls from internal users
^.*$=echo [outbound] "\0" ${caller}->${called} ; log for debug
^[0-9]\{3\}$=jump internal
^[0-9]\{1,2\}$=jump z9 ; To internal -> z9
^.*$=echo [outbound] "\0" ${caller}->${called} ; log for debug
^.*$=line/\0;line=epvpn_ccchh ; Route everything (.*) to the specified accfile line
[inbound_epvpn]
^.*$=echo [inbound_epvpn] ${caller}->${called}
^.*$=return;callername=EPVPN ${caller};called=0 ; TODO which extension do we want to route to?
[inbound_fux]
^.*$=echo [inbound_fux] ${caller}->${called}
^.*$=return;callername=Door ${caller};called=0 ; TODO which extension do we want to route to?
[inbound_fonial]
^.*$=echo [inbound_fonial] ${caller}->${called}
^.*$=return;callername=Fonial ${caller};called=0 ; TODO which extension do we want to route to?
[inbound] ; Calls from EPVPN or outside world
^.*$=echo [inbound] "\0" ${caller}->${called} user:${user} callername:${callername} callsource:${callsource} ; log
^.*$=return;callername=EXTERN ${caller};called=0 ; set call recipient to 0 (shared alias between
; all clients in regfile.conf
[internal]
^.*$=echo [internal] "\0" ${caller}->${called}
^110$=line/110;line=fonial_ccchh
^112$=line/112;line=fonial_ccchh
^115$=line/040115;line=fonial_ccchh
^911$=line/112;line=fonial_ccchh
^999$=line/112;line=fonial_ccchh
; ^119$=line/01753288861;line=fonial_ccchh ; testing only stb cell number
^.*$=return;called=\0
[z9] ; Internal calls
^.*$=echo [z9] "\0" ${caller}->${called} ; log
; test service numbers
^91$=sip/sip:ha@10.31.208.10:5060; called=ha;format=opus ; Homeassistant
^98$=external/playrec/echo.sh ; Echotest
^99$=external/play/tts.sh;mode=text;text=Hallo Hallo Hallo ; TTS test
^.*$=return;called=\0 ; Any remaining internal calls to all
; Context: Calls to regfile.conf aliases are always
; handled directly and should never get here
[special]
^.*$=echo [special] "\0"
^.*$=tone/info
[fallback]
^.*$=echo [fallback] \0 adr ${address} src ${callsource} form ${formats} id ${id} peer ${peerid} type ${type} user ${username} caller ${caller} called ${called}
^*\{1,2\}[0-9]\{1,3\}$=jump outbound
^.*$=tone/busy

84
resources/z9/yate/docker_compose/regfile.conf.j2
View file

@ -1,84 +0,0 @@
; YATE offers registration to these SIP devices (ie. phones)
; see https://github.com/eventphone/yate/blob/master/conf.d/regfile.conf.sample
route=100
file=/var/lib/yate/regfile.swap
[501]
password={{ secret__yate__sip_extension_legacy }}
alternatives=0,1008,1337
callername=Legacy
# Yealink im großen Raum am Fenster
[610]
password={{ secret__yate__sip_extension_fritzbox_dect1 }}
alternatives=0,1008,1337
callername=DECT-1
[100]
password=test100
callername=stb 100
;;;;; old stuff, please clean up stb 2025-07-11
[echt]
password=test
alternatives=0,9,91,3248,1337
[test]
password=test
alternatives=0,9,92,3248,1337
[unittest1]
password=test
alternatives=93,3248,1337
[unittest2]
password=test
alternatives=94,3248,1337
[door]
password=test
alternatives=0,1,11,3248,1337
callername=Main Door
[kitchen]
password=test
alternatives=0,1,12,3248,1337
callername=Kitchen
[desk]
password=test
alternatives=0,1,13,3248,1337
callername=Desk
[workshop]
password=test
alternatives=0,2,21,3248,1337
callername=Workshop Lobby
[clean]
password=test
alternatives=0,2,22,3248,1337
callername=Clean Workshop
[dirty]
password=test
alternatives=0,2,23,3248,1337
callername=Dirty Workshop
[dect1]
password=test
alternatives=0,3,31,3248,1337
callername=DECT-1
[analog1]
password=test
alternatives=0,4,41,3248,1337
callername=Analog-1
[analog2]
password=test
alternatives=0,4,42,3248,1337
callername=Analog-2

6
roles/deploy_ssh_server_config/handlers/main.yaml
View file

@ -1,5 +1,3 @@
- name: restart the ssh service
ansible.builtin.systemd:
name: ssh.service
state: restarted
- name: reboot the system
become: true
ansible.builtin.reboot:

6
roles/deploy_ssh_server_config/tasks/main.yaml
View file

@ -12,7 +12,8 @@
group: root
src: sshd_config.j2
notify:
- restart the ssh service
# Reboot instead of just restarting the ssh service, since I don't know how Ansible reacts, when it restarts the service it probably needs for the connection.
- reboot the system
- name: deactivate short moduli
ansible.builtin.shell:
@ -31,4 +32,5 @@
changed_when:
- '"ansible-changed" in result.stdout'
notify:
- restart the ssh service
# Reboot instead of just restarting the ssh service, since I don't know how Ansible reacts, when it restarts the service it probably needs for the connection.
- reboot the system

1
roles/docker_compose/defaults/main.yaml
View file

@ -1,2 +1 @@
docker_compose__configuration_files: [ ]
docker_compose__restart_cmd: ""

6
roles/docker_compose/handlers/main.yaml
View file

@ -4,9 +4,3 @@
chdir: /ansible_docker_compose
become: true
changed_when: true # This is always changed.
- name: docker compose reload script
ansible.builtin.command:
cmd: /usr/bin/docker compose {{ docker_compose__restart_cmd }}
chdir: /ansible_docker_compose
become: true
when: docker_compose__restart_cmd != ""

1
roles/docker_compose/tasks/main.yaml
View file

@ -60,7 +60,6 @@
become: true
loop: "{{ docker_compose__configuration_files }}"
# notify: docker compose down
notify: docker compose reload script
- name: Flush handlers to make "docker compose down" handler run now
ansible.builtin.meta: flush_handlers

2
roles/nginx/defaults/main.yaml
View file

@ -4,5 +4,3 @@ nginx__deploy_logging_conf: true
nginx__configurations: [ ]
nginx__use_custom_nginx_conf: false
nginx__custom_nginx_conf: ""
nginx__deploy_htpasswds: false
nginx__htpasswds: [ ]

16
roles/nginx/meta/argument_specs.yaml
View file

@ -34,19 +34,3 @@ argument_specs:
type: str
required: false
default: ""
nginx__deploy_htpasswds:
type: bool
required: false
default: false
nginx__htpasswds:
type: list
elements: dict
required: false
default: [ ]
options:
name:
type: str
required: true
content:
type: str
required: true

14
roles/nginx/tasks/main/04_config_deploy.yaml
View file

@ -131,20 +131,6 @@
label: "{{ item.name }}"
notify: Restart nginx
- name: Ensure all given htpasswd files are deployed
when: nginx__deploy_htpasswds
ansible.builtin.copy:
content: "{{ item.content }}"
dest: "/etc/nginx/{{ item.name }}.htpasswd"
mode: "0644"
owner: root
group: root
become: true
loop: "{{ nginx__htpasswds }}"
loop_control:
label: "{{ item.name }}"
notify: Restart nginx
- name: Add names with suffixes from `nginx__configurations` to `nginx__config_files_to_exist` fact
ansible.builtin.set_fact:
nginx__config_files_to_exist: "{{ nginx__config_files_to_exist + [ item.name + '.conf' ] }}" # noqa: jinja[spacing]