From 6a4960066d550781b8494205312c4795588bb420 Mon Sep 17 00:00:00 2001 From: jopejoe1 Date: Sat, 6 Dec 2025 21:15:41 +0100 Subject: [PATCH 01/33] shairport-sync: use settings module instead of custom text string --- modules/services/audio/shairport-sync.nix | 60 +++++++++-------------- 1 file changed, 23 insertions(+), 37 deletions(-) diff --git a/modules/services/audio/shairport-sync.nix b/modules/services/audio/shairport-sync.nix index 43d1285..f02485f 100644 --- a/modules/services/audio/shairport-sync.nix +++ b/modules/services/audio/shairport-sync.nix @@ -18,47 +18,33 @@ in services.shairport-sync = { enable = true; package = pkgs.shairport-sync-airplay2; - arguments = "-o pw -v"; + settings = { + diagnostics = { + log_verbosity = 1; + }; + general = { + name = cfg.name; + output_backend = "pw"; + }; + metadata = { + enabled = "yes"; + include_cover_art = "yes"; + cover_art_cache_directory = "/tmp/shairport-sync/.cache/coverart"; + pipe_name = "/tmp/shairport-sync-metadata"; + pipe_timeout = 5000; + }; + mqtt = { + enabled = "yes"; + hostname = "mqtt.ccchh.net"; + port = 1883; + publish_parsed = "yes"; + publish_cover = "yes"; + }; + }; }; users.users.shairport.extraGroups = [ "pipewire" "audio" ]; - environment.etc.shairport-sync-config = { - enable = true; - text = '' - // Config for MQTT and metadata. - // For reference see: - // https://github.com/mikebrady/shairport-sync/blob/8c607e2d61ea5fde8ed0b48b2471a543840c31e6/scripts/shairport-sync.conf - // https://github.com/mikebrady/shairport-sync/blob/0f0f65b67649d4a25d06f13b56a6077a90b0f6cc/MQTT.md - general = - { - name = "${cfg.name}"; - } - - metadata = - { - enabled = "yes"; // set this to yes to get Shairport Sync to solicit metadata from the source and to pass it on via a pipe - include_cover_art = "yes"; // set to "yes" to get Shairport Sync to solicit cover art from the source and pass it via the pipe. You must also set "enabled" to "yes". - cover_art_cache_directory = "/tmp/shairport-sync/.cache/coverart"; // artwork will be stored in this directory if the dbus or MPRIS interfaces are enabled or if the MQTT client is in use. Set it to "" to prevent caching, which may be useful on some systems - pipe_name = "/tmp/shairport-sync-metadata"; - pipe_timeout = 5000; // wait for this number of milliseconds for a blocked pipe to unblock before giving up - }; - - - mqtt = - { - enabled = "yes"; // set this to yes to enable the mqtt-metadata-service - hostname = "mqtt.ccchh.net"; // Hostname of the MQTT Broker - port = 1883; // Port on the MQTT Broker to connect to - // publish_raw = "no"; //whether to publish all available metadata under the codes given in the 'metadata' docs. - publish_parsed = "yes"; //whether to publish a small (but useful) subset of metadata under human-understandable topics - publish_cover = "yes"; //whether to publish the cover over mqtt in binary form. This may lead to a bit of load on the broker - // enable_remote = "yes"; //whether to remote control via MQTT. RC is available under `topic`/remote. - }; - ''; - target = "shairport-sync.conf"; - }; - systemd.services.shairport-sync = { serviceConfig = { Restart = "on-failure"; From b16f0190e0e33c41a7c0dd761bc416242048c6a8 Mon Sep 17 00:00:00 2001 From: June Date: Sat, 27 Dec 2025 23:21:35 +0100 Subject: [PATCH 02/33] disable nixos-generators input as its broken a. makes infra-rebuild fail --- flake.lock | 65 ++++++------------------------------------------------ flake.nix | 60 ++++++++++++++++++++++++------------------------- 2 files changed, 37 insertions(+), 88 deletions(-) diff --git a/flake.lock b/flake.lock index 3d624db..76a3fc3 100644 --- a/flake.lock +++ b/flake.lock @@ -17,52 +17,18 @@ "url": "https://git.hamburg.ccc.de/CCCHH/infrastructure-authorized-keys" } }, - "nixlib": { - "locked": { - "lastModified": 1736643958, - "narHash": "sha256-tmpqTSWVRJVhpvfSN9KXBvKEXplrwKnSZNAoNPf/S/s=", - "owner": "nix-community", - "repo": "nixpkgs.lib", - "rev": "1418bc28a52126761c02dd3d89b2d8ca0f521181", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "nixpkgs.lib", - "type": "github" - } - }, - "nixos-generators": { - "inputs": { - "nixlib": "nixlib", - "nixpkgs": "nixpkgs" - }, - "locked": { - "lastModified": 1751903740, - "narHash": "sha256-PeSkNMvkpEvts+9DjFiop1iT2JuBpyknmBUs0Un0a4I=", - "owner": "nix-community", - "repo": "nixos-generators", - "rev": "032decf9db65efed428afd2fa39d80f7089085eb", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "nixos-generators", - "type": "github" - } - }, "nixpkgs": { "locked": { - "lastModified": 1736657626, - "narHash": "sha256-FWlPMUzp0lkQBdhKlPqtQdqmp+/C+1MBiEytaYfrCTY=", - "owner": "NixOS", + "lastModified": 1761173472, + "narHash": "sha256-m9W0dYXflzeGgKNravKJvTMR4Qqa2MVD11AwlGMufeE=", + "owner": "nixos", "repo": "nixpkgs", - "rev": "2f9e2f85cb14a46410a1399aa9ea7ecf433e422e", + "rev": "c8aa8cc00a5cb57fada0851a038d35c08a36a2bb", "type": "github" }, "original": { - "owner": "NixOS", - "ref": "nixpkgs-unstable", + "owner": "nixos", + "ref": "nixos-25.05", "repo": "nixpkgs", "type": "github" } @@ -83,27 +49,10 @@ "type": "github" } }, - "nixpkgs_2": { - "locked": { - "lastModified": 1761173472, - "narHash": "sha256-m9W0dYXflzeGgKNravKJvTMR4Qqa2MVD11AwlGMufeE=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "c8aa8cc00a5cb57fada0851a038d35c08a36a2bb", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-25.05", - "repo": "nixpkgs", - "type": "github" - } - }, "root": { "inputs": { "authorizedKeysRepo": "authorizedKeysRepo", - "nixos-generators": "nixos-generators", - "nixpkgs": "nixpkgs_2", + "nixpkgs": "nixpkgs", "nixpkgs-unstable": "nixpkgs-unstable", "sops-nix": "sops-nix" } diff --git a/flake.nix b/flake.nix index 3901c78..be9e8fb 100644 --- a/flake.nix +++ b/flake.nix @@ -8,12 +8,12 @@ nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05"; nixpkgs-unstable.url = "github:nixos/nixpkgs/nixpkgs-unstable"; - # Add nixos-generators as an input. - # See here: https://github.com/nix-community/nixos-generators#using-in-a-flake - nixos-generators = { - url = "github:nix-community/nixos-generators"; - #inputs.nixpkgs.follows = "nixpkgs"; - }; + # # Add nixos-generators as an input. + # # See here: https://github.com/nix-community/nixos-generators#using-in-a-flake + # nixos-generators = { + # url = "github:nix-community/nixos-generators"; + # #inputs.nixpkgs.follows = "nixpkgs"; + # }; # Add sops-nix as an input for secret management. # See here: https://github.com/Mic92/sops-nix?tab=readme-ov-file#flakes-current-recommendation @@ -28,7 +28,7 @@ }; }; - outputs = { self, nixpkgs, nixos-generators, nixpkgs-unstable, sops-nix, authorizedKeysRepo, ... }: + outputs = { self, nixpkgs, nixpkgs-unstable, sops-nix, authorizedKeysRepo, ... }: let specialArgs = { inherit authorizedKeysRepo; @@ -233,30 +233,30 @@ }; }; - packages.x86_64-linux = { - proxmox-nixos-template = nixos-generators.nixosGenerate { - inherit specialArgs; - system = "x86_64-linux"; - modules = [ - ./config/nixos-generators/proxmox.nix - self.nixosModules.common - self.nixosModules.proxmox-vm - ]; - format = "proxmox"; - }; + # packages.x86_64-linux = { + # proxmox-nixos-template = nixos-generators.nixosGenerate { + # inherit specialArgs; + # system = "x86_64-linux"; + # modules = [ + # ./config/nixos-generators/proxmox.nix + # self.nixosModules.common + # self.nixosModules.proxmox-vm + # ]; + # format = "proxmox"; + # }; - proxmox-chaosknoten-nixos-template = nixos-generators.nixosGenerate { - inherit specialArgs; - system = "x86_64-linux"; - modules = [ - ./config/nixos-generators/proxmox-chaosknoten.nix - ./config/proxmox-chaosknoten-additional-initial-config.nix - self.nixosModules.common - self.nixosModules.proxmox-vm - ]; - format = "proxmox"; - }; - }; + # proxmox-chaosknoten-nixos-template = nixos-generators.nixosGenerate { + # inherit specialArgs; + # system = "x86_64-linux"; + # modules = [ + # ./config/nixos-generators/proxmox-chaosknoten.nix + # ./config/proxmox-chaosknoten-additional-initial-config.nix + # self.nixosModules.common + # self.nixosModules.proxmox-vm + # ]; + # format = "proxmox"; + # }; + # }; formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.nixpkgs-fmt; From 971274b473e6384c88d2262e71d1dbf65dde67f7 Mon Sep 17 00:00:00 2001 From: ViMaSter Date: Fri, 26 Dec 2025 19:54:29 +0100 Subject: [PATCH 03/33] feat: Adds a shortcode to the shop --- config/hosts/public-web-static/virtualHosts/hacker.tours.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/config/hosts/public-web-static/virtualHosts/hacker.tours.nix b/config/hosts/public-web-static/virtualHosts/hacker.tours.nix index 1ee6180..20bb644 100644 --- a/config/hosts/public-web-static/virtualHosts/hacker.tours.nix +++ b/config/hosts/public-web-static/virtualHosts/hacker.tours.nix @@ -22,6 +22,10 @@ in "${domain}" = { forceSSL = true; useACMEHost = "${domain}"; + + locations."/shop" = { + return = "302 https://tickets.hamburg.ccc.de"; + }; listen = [ { From c9e27a5bb6ad80362a2cb573a36045532200d806 Mon Sep 17 00:00:00 2001 From: June Date: Wed, 7 Jan 2026 19:20:50 +0100 Subject: [PATCH 04/33] mjolnir: use cloud-init for network configuration and move to new net. Switch to cloud-init to align with the Ansible infra. Also move to new network and hostname. --- config/hosts/mjolnir/networking.nix | 28 +++++++++++++++++----------- deployment_configuration.json | 2 +- 2 files changed, 18 insertions(+), 12 deletions(-) diff --git a/config/hosts/mjolnir/networking.nix b/config/hosts/mjolnir/networking.nix index a441814..4d4693d 100644 --- a/config/hosts/mjolnir/networking.nix +++ b/config/hosts/mjolnir/networking.nix @@ -1,18 +1,24 @@ { ... }: { - networking = { - interfaces.net0 = { - ipv4.addresses = [ - { - address = "172.31.17.161"; - prefixLength = 25; - } + networking.useDHCP = false; + + services.cloud-init = { + enable = true; + network.enable = true; + + # Version without ssh of: + # https://github.com/NixOS/nixpkgs/blob/3c9db02515ef1d9b6b709fc60ba9a540957f661c/nixos/modules/services/system/cloud-init.nix#L145 + # So we don't get ssh hostkey regenerations. + settings.cloud_config_modules = [ + "disk_setup" + "mounts" + "ssh-import-id" + "set-passwords" + "timezone" + "disable-ec2-metadata" + "runcmd" ]; - }; - defaultGateway = "172.31.17.129"; - nameservers = [ "212.12.50.158" "192.76.134.90" ]; - search = [ "hamburg.ccc.de" ]; }; systemd.network.links."10-net0" = { diff --git a/deployment_configuration.json b/deployment_configuration.json index 9c2f99a..929f2be 100644 --- a/deployment_configuration.json +++ b/deployment_configuration.json @@ -16,7 +16,7 @@ "targetHostname": "forgejo-actions-runner-intern.hamburg.ccc.de" }, "mjolnir": { - "targetHostname": "mjolnir-intern.hamburg.ccc.de" + "targetHostname": "mjolnir.hosts.hamburg.ccc.de" }, "woodpecker": { "targetHostname": "woodpecker-intern.hamburg.ccc.de" From 79952f8c63bd91d4edfc8baf1f140d91252e3cf1 Mon Sep 17 00:00:00 2001 From: June Date: Sat, 17 Jan 2026 22:06:24 +0100 Subject: [PATCH 05/33] hydra: remove hydra as its being decommissioned nix-infra is built back in general, so remove hydra as well. --- config/hosts/hydra/configuration.nix | 9 ----- config/hosts/hydra/default.nix | 11 ------ config/hosts/hydra/hydra.nix | 15 ------- config/hosts/hydra/networking.nix | 22 ----------- config/hosts/hydra/nginx.nix | 58 ---------------------------- config/hosts/hydra/nix.nix | 10 ----- 6 files changed, 125 deletions(-) delete mode 100644 config/hosts/hydra/configuration.nix delete mode 100644 config/hosts/hydra/default.nix delete mode 100644 config/hosts/hydra/hydra.nix delete mode 100644 config/hosts/hydra/networking.nix delete mode 100644 config/hosts/hydra/nginx.nix delete mode 100644 config/hosts/hydra/nix.nix diff --git a/config/hosts/hydra/configuration.nix b/config/hosts/hydra/configuration.nix deleted file mode 100644 index a4c612e..0000000 --- a/config/hosts/hydra/configuration.nix +++ /dev/null @@ -1,9 +0,0 @@ -{ ... }: - -{ - networking = { - hostName = "hydra"; - }; - - system.stateVersion = "24.05"; -} diff --git a/config/hosts/hydra/default.nix b/config/hosts/hydra/default.nix deleted file mode 100644 index f621711..0000000 --- a/config/hosts/hydra/default.nix +++ /dev/null @@ -1,11 +0,0 @@ -{ ... }: - -{ - imports = [ - ./configuration.nix - ./hydra.nix - ./networking.nix - ./nginx.nix - ./nix.nix - ]; -} diff --git a/config/hosts/hydra/hydra.nix b/config/hosts/hydra/hydra.nix deleted file mode 100644 index f315710..0000000 --- a/config/hosts/hydra/hydra.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ ... }: - -{ - services.hydra = { - enable = true; - listenHost = "localhost"; - port = 3000; - hydraURL = "https://hydra.hamburg.ccc.de/"; - # E-Mail configuration requires some work/investigation still. - notificationSender = "no-reply@hydra.hamburg.ccc.de"; - useSubstitutes = true; - minimumDiskFree = 8; - minimumDiskFreeEvaluator = 2; - }; -} diff --git a/config/hosts/hydra/networking.nix b/config/hosts/hydra/networking.nix deleted file mode 100644 index 82cec55..0000000 --- a/config/hosts/hydra/networking.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ ... }: - -{ - networking = { - interfaces.net0 = { - ipv4.addresses = [ - { - address = "172.31.17.163"; - prefixLength = 25; - } - ]; - }; - defaultGateway = "172.31.17.129"; - nameservers = [ "212.12.50.158" "192.76.134.90" ]; - search = [ "hamburg.ccc.de" ]; - }; - - systemd.network.links."10-net0" = { - matchConfig.MACAddress = "BC:24:11:45:7C:D6"; - linkConfig.Name = "net0"; - }; -} diff --git a/config/hosts/hydra/nginx.nix b/config/hosts/hydra/nginx.nix deleted file mode 100644 index 49ca2e1..0000000 --- a/config/hosts/hydra/nginx.nix +++ /dev/null @@ -1,58 +0,0 @@ -{ config, pkgs, ... }: - -let - domain = "hydra.hamburg.ccc.de"; -in -{ - services.nginx = { - enable = true; - - virtualHosts = { - "acme-${domain}" = { - default = true; - enableACME = true; - serverName = "${domain}"; - - listen = [ - { - addr = "0.0.0.0"; - port = 31820; - } - ]; - }; - - "${domain}" = { - default = true; - forceSSL = true; - useACMEHost = "${domain}"; - - listen = [ - { - addr = "0.0.0.0"; - port = 8443; - ssl = true; - proxyProtocol = true; - } - ]; - - locations."/" = { - proxyPass = "http://${config.services.hydra.listenHost}:${builtins.toString config.services.hydra.port}"; - }; - - extraConfig = '' - # Make use of the ngx_http_realip_module to set the $remote_addr and - # $remote_port to the client address and client port, when using proxy - # protocol. - # First set our proxy protocol proxy as trusted. - set_real_ip_from 172.31.17.140; - # Then tell the realip_module to get the addreses from the proxy protocol - # header. - real_ip_header proxy_protocol; - ''; - }; - }; - }; - - networking.firewall.allowedTCPPorts = [ 8443 31820 ]; - networking.firewall.allowedUDPPorts = [ 8443 ]; -} diff --git a/config/hosts/hydra/nix.nix b/config/hosts/hydra/nix.nix deleted file mode 100644 index b95e469..0000000 --- a/config/hosts/hydra/nix.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ ... }: - -{ - # Allow Hydra to fetch flake inputs. - nix.settings.allowed-uris = [ - "github:" - "https://github.com/" - "https://git.hamburg.ccc.de/" - ]; -} From 28d82f149d296155dfaf04c9aab8ecd2ab89a871 Mon Sep 17 00:00:00 2001 From: June Date: Sun, 18 Jan 2026 21:09:15 +0100 Subject: [PATCH 06/33] status: remove status as it got replaced by a ansible-managed Gatus --- config/hosts/public-reverse-proxy/nginx.nix | 17 --- config/hosts/status/configuration.nix | 10 -- config/hosts/status/default.nix | 10 -- config/hosts/status/networking.nix | 29 ---- config/hosts/status/nginx.nix | 149 -------------------- config/hosts/status/uptime-kuma.nix | 7 - flake.nix | 10 -- 7 files changed, 232 deletions(-) delete mode 100644 config/hosts/status/configuration.nix delete mode 100644 config/hosts/status/default.nix delete mode 100644 config/hosts/status/networking.nix delete mode 100644 config/hosts/status/nginx.nix delete mode 100644 config/hosts/status/uptime-kuma.nix diff --git a/config/hosts/public-reverse-proxy/nginx.nix b/config/hosts/public-reverse-proxy/nginx.nix index 507b71a..68c30c2 100644 --- a/config/hosts/public-reverse-proxy/nginx.nix +++ b/config/hosts/public-reverse-proxy/nginx.nix @@ -6,22 +6,6 @@ { config, pkgs, ... }: { - services.nginx.streamConfig = '' - map $ssl_preread_server_name $address { - status.ccchh.net 10.31.206.15:8443; - status.hamburg.ccc.de 10.31.206.15:8443; - } - - # Listen on port 443 as a reverse proxy and use PROXY Protocol for the - # upstreams. - server { - listen 0.0.0.0:443; - proxy_pass $address; - ssl_preread on; - proxy_protocol on; - } - ''; - services.nginx.appendHttpConfig = '' map $host $upstream_acme_challenge_host { club-assistant.ccchh.net 10.31.208.10; @@ -35,7 +19,6 @@ zigbee2mqtt.ccchh.net 10.31.208.25:31820; esphome.ccchh.net 10.31.208.24:31820; proxmox-backup-server.ccchh.net 10.31.208.28; - status.ccchh.net 10.31.206.15:31820; default ""; } ''; diff --git a/config/hosts/status/configuration.nix b/config/hosts/status/configuration.nix deleted file mode 100644 index c36dc63..0000000 --- a/config/hosts/status/configuration.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ ... }: - -{ - networking = { - hostName = "status"; - domain = "z9.ccchh.net"; - }; - - system.stateVersion = "24.05"; -} diff --git a/config/hosts/status/default.nix b/config/hosts/status/default.nix deleted file mode 100644 index d8644c5..0000000 --- a/config/hosts/status/default.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ ... }: - -{ - imports = [ - ./configuration.nix - ./networking.nix - ./nginx.nix - ./uptime-kuma.nix - ]; -} diff --git a/config/hosts/status/networking.nix b/config/hosts/status/networking.nix deleted file mode 100644 index 0bff4b5..0000000 --- a/config/hosts/status/networking.nix +++ /dev/null @@ -1,29 +0,0 @@ -{ ... }: - -{ - networking = { - interfaces.net0 = { - ipv4.addresses = [ - { - address = "10.31.206.15"; - prefixLength = 23; - } - ]; - ipv6.addresses = [ - { - address = "2a07:c481:1:ce::a"; - prefixLength = 64; - } - ]; - }; - defaultGateway = "10.31.206.1"; - defaultGateway6 = "2a07:c481:1:ce::1"; - nameservers = [ "10.31.206.1" "2a07:c481:1:ce::1" ]; - search = [ "z9.ccchh.net" ]; - }; - - systemd.network.links."10-net0" = { - matchConfig.MACAddress = "BC:24:11:79:D3:E1"; - linkConfig.Name = "net0"; - }; -} diff --git a/config/hosts/status/nginx.nix b/config/hosts/status/nginx.nix deleted file mode 100644 index 8eff61c..0000000 --- a/config/hosts/status/nginx.nix +++ /dev/null @@ -1,149 +0,0 @@ -# Sources for this configuration: -# - https://github.com/louislam/uptime-kuma/wiki/Reverse-Proxy - -{ config, ... }: - -{ - services.nginx = { - enable = true; - - virtualHosts = { - "status.hamburg.ccc.de" = { - forceSSL = true; - enableACME = true; - serverName = "status.hamburg.ccc.de"; - - listen = [ - { - addr = "[::]"; - port = 80; - } - { - addr = "[::]"; - port = 443; - ssl = true; - } - ]; - - locations."/" = { - proxyPass = "http://localhost:3001"; - proxyWebsockets = true; - }; - }; - "status-proxyprotocol.hamburg.ccc.de" = { - forceSSL = true; - useACMEHost = "status.hamburg.ccc.de"; - serverName = "status.hamburg.ccc.de"; - - listen = [ - { - addr = "0.0.0.0"; - port = 8443; - ssl = true; - proxyProtocol = true; - } - ]; - - locations."/" = { - proxyPass = "http://localhost:3001"; - proxyWebsockets = true; - }; - - extraConfig = '' - # Make use of the ngx_http_realip_module to set the $remote_addr and - # $remote_port to the client address and client port, when using proxy - # protocol. - # First set our proxy protocol proxy as trusted. - set_real_ip_from 10.31.206.11; - # Then tell the realip_module to get the addreses from the proxy protocol - # header. - real_ip_header proxy_protocol; - ''; - }; - "status.ccchh.net" = { - forceSSL = true; - useACMEHost = "status.hamburg.ccc.de"; - serverName = "status.ccchh.net"; - - listen = [ - { - addr = "[::]"; - port = 80; - } - { - addr = "[::]"; - port = 443; - ssl = true; - } - ]; - - globalRedirect = "status.hamburg.ccc.de"; - redirectCode = 307; - }; - "status-proxyprotocol.ccchh.net" = { - forceSSL = true; - useACMEHost = "status.hamburg.ccc.de"; - serverName = "status.ccchh.net"; - - listen = [ - { - addr = "0.0.0.0"; - port = 8443; - ssl = true; - proxyProtocol = true; - } - ]; - - globalRedirect = "status.hamburg.ccc.de"; - redirectCode = 307; - - extraConfig = '' - # Make use of the ngx_http_realip_module to set the $remote_addr and - # $remote_port to the client address and client port, when using proxy - # protocol. - # First set our proxy protocol proxy as trusted. - set_real_ip_from 10.31.206.11; - # Then tell the realip_module to get the addreses from the proxy protocol - # header. - real_ip_header proxy_protocol; - ''; - }; - "status.z9.ccchh.net" = { - forceSSL = true; - useACMEHost = "status.hamburg.ccc.de"; - serverName = "status.z9.ccchh.net"; - - listen = [ - { - addr = "0.0.0.0"; - port = 80; - } - { - addr = "[::]"; - port = 80; - } - { - addr = "0.0.0.0"; - port = 443; - ssl = true; - } - { - addr = "[::]"; - port = 443; - ssl = true; - } - ]; - - globalRedirect = "status.hamburg.ccc.de"; - redirectCode = 307; - }; - }; - }; - - security.acme.certs."status.hamburg.ccc.de".extraDomainNames = [ - "status.ccchh.net" - "status.z9.ccchh.net" - ]; - - networking.firewall.allowedTCPPorts = [ 80 443 8443 ]; -} diff --git a/config/hosts/status/uptime-kuma.nix b/config/hosts/status/uptime-kuma.nix deleted file mode 100644 index 02411f2..0000000 --- a/config/hosts/status/uptime-kuma.nix +++ /dev/null @@ -1,7 +0,0 @@ -{ ... }: - -{ - services.uptime-kuma = { - enable = true; - }; -} diff --git a/flake.nix b/flake.nix index be9e8fb..ccd35db 100644 --- a/flake.nix +++ b/flake.nix @@ -201,16 +201,6 @@ ]; }; - status = nixpkgs.lib.nixosSystem { - inherit system specialArgs; - modules = [ - self.nixosModules.common - self.nixosModules.proxmox-vm - sops-nix.nixosModules.sops - ./config/hosts/status - ]; - }; - penpot = nixpkgs.lib.nixosSystem { inherit system specialArgs; modules = [ From e51e6319187b4507747755db57b91f86040a85f9 Mon Sep 17 00:00:00 2001 From: June Date: Sun, 18 Jan 2026 21:45:50 +0100 Subject: [PATCH 07/33] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixpkgs': 'github:nixos/nixpkgs/c8aa8cc00a5cb57fada0851a038d35c08a36a2bb' (2025-10-22) → 'github:nixos/nixpkgs/ac62194c3917d5f474c1a844b6fd6da2db95077d' (2026-01-02) • Updated input 'nixpkgs-unstable': 'github:nixos/nixpkgs/02f2cb8e0feb4596d20cc52fda73ccee960e3538' (2025-10-24) → 'github:nixos/nixpkgs/3327b113f2ef698d380df83fbccefad7e83d7769' (2026-01-17) • Updated input 'sops-nix': 'github:Mic92/sops-nix/5a7d18b5c55642df5c432aadb757140edfeb70b3' (2025-10-20) → 'github:Mic92/sops-nix/5e8fae80726b66e9fec023d21cd3b3e638597aa9' (2026-01-18) --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 76a3fc3..fce4089 100644 --- a/flake.lock +++ b/flake.lock @@ -19,11 +19,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1761173472, - "narHash": "sha256-m9W0dYXflzeGgKNravKJvTMR4Qqa2MVD11AwlGMufeE=", + "lastModified": 1767313136, + "narHash": "sha256-16KkgfdYqjaeRGBaYsNrhPRRENs0qzkQVUooNHtoy2w=", "owner": "nixos", "repo": "nixpkgs", - "rev": "c8aa8cc00a5cb57fada0851a038d35c08a36a2bb", + "rev": "ac62194c3917d5f474c1a844b6fd6da2db95077d", "type": "github" }, "original": { @@ -35,11 +35,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1761349956, - "narHash": "sha256-tH3wHnOJms+U4k/rK2Nn1RfBrhffX92jLP/2VndSn0w=", + "lastModified": 1768661221, + "narHash": "sha256-MJwOjrIISfOpdI9x4C+5WFQXvHtOuj5mqLZ4TMEtk1M=", "owner": "nixos", "repo": "nixpkgs", - "rev": "02f2cb8e0feb4596d20cc52fda73ccee960e3538", + "rev": "3327b113f2ef698d380df83fbccefad7e83d7769", "type": "github" }, "original": { @@ -64,11 +64,11 @@ ] }, "locked": { - "lastModified": 1760998189, - "narHash": "sha256-ee2e1/AeGL5X8oy/HXsZQvZnae6XfEVdstGopKucYLY=", + "lastModified": 1768709255, + "narHash": "sha256-aigyBfxI20FRtqajVMYXHtj5gHXENY2gLAXEhfJ8/WM=", "owner": "Mic92", "repo": "sops-nix", - "rev": "5a7d18b5c55642df5c432aadb757140edfeb70b3", + "rev": "5e8fae80726b66e9fec023d21cd3b3e638597aa9", "type": "github" }, "original": { From 0ea41b3141f373bbe9388110c245500a21963f70 Mon Sep 17 00:00:00 2001 From: June Date: Sun, 18 Jan 2026 21:58:56 +0100 Subject: [PATCH 08/33] remove more hydra-related config --- deployment_configuration.json | 3 --- flake.nix | 15 --------------- 2 files changed, 18 deletions(-) diff --git a/deployment_configuration.json b/deployment_configuration.json index 929f2be..1bb46e7 100644 --- a/deployment_configuration.json +++ b/deployment_configuration.json @@ -23,9 +23,6 @@ }, "penpot": { "targetHostname": "penpot-intern.hamburg.ccc.de" - }, - "hydra": { - "targetHostname": "hydra-intern.hamburg.ccc.de" } } } diff --git a/flake.nix b/flake.nix index ccd35db..bee5868 100644 --- a/flake.nix +++ b/flake.nix @@ -211,16 +211,6 @@ ./config/hosts/penpot ]; }; - - hydra = nixpkgs.lib.nixosSystem { - inherit system specialArgs; - modules = [ - self.nixosModules.common - self.nixosModules.proxmox-vm - self.nixosModules.prometheus-exporter - ./config/hosts/hydra - ]; - }; }; # packages.x86_64-linux = { @@ -249,10 +239,5 @@ # }; formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.nixpkgs-fmt; - - hydraJobs = { - inherit (self) packages; - nixosConfigurations = builtins.mapAttrs (name: value: value.config.system.build.toplevel) self.nixosConfigurations; - }; }; } From 30b6d54f953501331ebf9cc5cffb2c8b464a5fc5 Mon Sep 17 00:00:00 2001 From: June Date: Sun, 18 Jan 2026 22:48:13 +0100 Subject: [PATCH 09/33] Upgrade to NixOS 25.11 mjolnir seems to be broken. --- flake.lock | 8 ++++---- flake.nix | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/flake.lock b/flake.lock index fce4089..3230d75 100644 --- a/flake.lock +++ b/flake.lock @@ -19,16 +19,16 @@ }, "nixpkgs": { "locked": { - "lastModified": 1767313136, - "narHash": "sha256-16KkgfdYqjaeRGBaYsNrhPRRENs0qzkQVUooNHtoy2w=", + "lastModified": 1768621446, + "narHash": "sha256-6YwHV1cjv6arXdF/PQc365h1j+Qje3Pydk501Rm4Q+4=", "owner": "nixos", "repo": "nixpkgs", - "rev": "ac62194c3917d5f474c1a844b6fd6da2db95077d", + "rev": "72ac591e737060deab2b86d6952babd1f896d7c5", "type": "github" }, "original": { "owner": "nixos", - "ref": "nixos-25.05", + "ref": "nixos-25.11", "repo": "nixpkgs", "type": "github" } diff --git a/flake.nix b/flake.nix index bee5868..fb48d3f 100644 --- a/flake.nix +++ b/flake.nix @@ -5,7 +5,7 @@ # Use the NixOS small channels for nixpkgs. # https://nixos.org/manual/nixos/stable/#sec-upgrading # https://github.com/NixOS/nixpkgs - nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05"; + nixpkgs.url = "github:nixos/nixpkgs/nixos-25.11"; nixpkgs-unstable.url = "github:nixos/nixpkgs/nixpkgs-unstable"; # # Add nixos-generators as an input. From 827c46941515c3e3a83400bbe68f412d6ed39662 Mon Sep 17 00:00:00 2001 From: June Date: Sun, 18 Jan 2026 22:49:43 +0100 Subject: [PATCH 10/33] forgejo-actions-runner: forgejo-actions-runner is forgejo-runner now Also use package from stable instead of unstable. --- .../hosts/forgejo-actions-runner/forgejo-actions-runner.nix | 4 ++-- flake.nix | 1 - 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/config/hosts/forgejo-actions-runner/forgejo-actions-runner.nix b/config/hosts/forgejo-actions-runner/forgejo-actions-runner.nix index 24e1472..376fde6 100644 --- a/config/hosts/forgejo-actions-runner/forgejo-actions-runner.nix +++ b/config/hosts/forgejo-actions-runner/forgejo-actions-runner.nix @@ -3,11 +3,11 @@ # - https://forgejo.org/docs/latest/user/actions/ # - https://docs.gitea.com/next/usage/actions/act-runner -{ config, pkgs-unstable, ... }: +{ config, pkgs, ... }: { services.gitea-actions-runner = { - package = pkgs-unstable.forgejo-actions-runner; + package = pkgs.forgejo-runner; instances.ccchh-forgejo-global-docker = { enable = true; name = "Global Docker Forgejo Actions Runner"; diff --git a/flake.nix b/flake.nix index fb48d3f..e976c25 100644 --- a/flake.nix +++ b/flake.nix @@ -147,7 +147,6 @@ ]; specialArgs = { inherit authorizedKeysRepo; - inherit pkgs-unstable; }; }; From 709afd0a1dfc14bbf213542bb4445d8cdb153892 Mon Sep 17 00:00:00 2001 From: June Date: Sun, 25 Jan 2026 20:44:07 +0100 Subject: [PATCH 11/33] Add cpu.ccc.de to static web host (under cpuccc.hamburg.ccc.de for now) --- .../virtualHosts/cpu.ccc.de.nix | 87 +++++++++++++++++++ .../virtualHosts/default.nix | 1 + 2 files changed, 88 insertions(+) create mode 100644 config/hosts/public-web-static/virtualHosts/cpu.ccc.de.nix diff --git a/config/hosts/public-web-static/virtualHosts/cpu.ccc.de.nix b/config/hosts/public-web-static/virtualHosts/cpu.ccc.de.nix new file mode 100644 index 0000000..d0d01f3 --- /dev/null +++ b/config/hosts/public-web-static/virtualHosts/cpu.ccc.de.nix @@ -0,0 +1,87 @@ +{ ... }: + +let + # For now under cpuccc.hamburg.ccc.de. + domain = "cpuccc.hamburg.ccc.de"; + # dataDir = "/var/www/${domain}"; + dataDir = "/var/www/cpu.ccc.de"; + deployUser = "cpuccc-website-deploy"; +in +{ + services.nginx.virtualHosts = { + "acme-${domain}" = { + enableACME = true; + serverName = "${domain}"; + + listen = [ + { + addr = "0.0.0.0"; + port = 31820; + } + ]; + }; + + # https://git.hamburg.ccc.de/CCCHH/cpu.ccc.de/src/branch/main/nginx.conf + "${domain}" = { + forceSSL = true; + useACMEHost = "${domain}"; + + listen = [ + { + addr = "0.0.0.0"; + port = 8443; + ssl = true; + proxyProtocol = true; + } + ]; + + root = "${dataDir}"; + + extraConfig = '' + index index.html; + default_type text/plain; + + # Make use of the ngx_http_realip_module to set the $remote_addr and + # $remote_port to the client address and client port, when using proxy + # protocol. + # First set our proxy protocol proxy as trusted. + set_real_ip_from 172.31.17.140; + # Then tell the realip_module to get the addreses from the proxy protocol + # header. + real_ip_header proxy_protocol; + + port_in_redirect off; + ''; + + locations."/" = { + tryFiles = "$uri $uri/ =404"; + + extraConfig = '' + location /feed/ { + default_type application/rss+xml; + types { + text/xml application/rss+xml; + } + } + + location /rss { + default_type application/rss+xml; + } + ''; + }; + }; + }; + + systemd.tmpfiles.rules = [ + "d ${dataDir} 0755 ${deployUser} ${deployUser}" + ]; + + users.users."${deployUser}" = { + isNormalUser = true; + group = "${deployUser}"; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOnO7g/7mVVKnvkszto8m3nPljO/6qQc/34aEbrhKOvn deploy key for cpu.ccc.de" + ]; + }; + users.groups."${deployUser}" = { }; +} diff --git a/config/hosts/public-web-static/virtualHosts/default.nix b/config/hosts/public-web-static/virtualHosts/default.nix index 793829a..3532c25 100644 --- a/config/hosts/public-web-static/virtualHosts/default.nix +++ b/config/hosts/public-web-static/virtualHosts/default.nix @@ -4,6 +4,7 @@ imports = [ ./branding-resources.hamburg.ccc.de.nix ./c3cat.de.nix + ./cpu.ccc.de.nix ./cryptoparty-hamburg.de.nix ./element-admin.hamburg.ccc.de.nix ./element.hamburg.ccc.de.nix From 193ccedbee7ab0bd2d67f120cc6a41407548f9b0 Mon Sep 17 00:00:00 2001 From: June Date: Tue, 27 Jan 2026 15:36:23 +0100 Subject: [PATCH 12/33] public-web-static: setup cpu.ccc.de with redirects from aliases --- .../virtualHosts/cpu.ccc.de.nix | 41 +++++++++++++++++-- 1 file changed, 37 insertions(+), 4 deletions(-) diff --git a/config/hosts/public-web-static/virtualHosts/cpu.ccc.de.nix b/config/hosts/public-web-static/virtualHosts/cpu.ccc.de.nix index d0d01f3..a6c67f8 100644 --- a/config/hosts/public-web-static/virtualHosts/cpu.ccc.de.nix +++ b/config/hosts/public-web-static/virtualHosts/cpu.ccc.de.nix @@ -1,13 +1,17 @@ { ... }: let - # For now under cpuccc.hamburg.ccc.de. - domain = "cpuccc.hamburg.ccc.de"; - # dataDir = "/var/www/${domain}"; - dataDir = "/var/www/cpu.ccc.de"; + domain = "cpu.ccc.de"; + dataDir = "/var/www/${domain}"; deployUser = "cpuccc-website-deploy"; in { + security.acme.certs."cpu.ccc.de".extraDomainNames = [ + "cpuccc.hamburg.ccc.de" + "lokal.ccc.de" + "local.ccc.de" + ]; + services.nginx.virtualHosts = { "acme-${domain}" = { enableACME = true; @@ -70,6 +74,35 @@ in ''; }; }; + + "cpuccc.hamburg.ccc.de" = { + forceSSL = true; + useACMEHost = "cpu.ccc.de"; + serverAliases = [ + "lokal.ccc.de" + "local.ccc.de" + ]; + + listen = [{ + addr = "0.0.0.0"; + port = 8443; + ssl = true; + proxyProtocol = true; + }]; + + locations."/".return = "302 https://cpu.ccc.de"; + + extraConfig = '' + # Make use of the ngx_http_realip_module to set the $remote_addr and + # $remote_port to the client address and client port, when using proxy + # protocol. + # First set our proxy protocol proxy as trusted. + set_real_ip_from 172.31.17.140; + # Then tell the realip_module to get the addreses from the proxy protocol + # header. + real_ip_header proxy_protocol; + ''; + }; }; systemd.tmpfiles.rules = [ From 62885a0095e9b2b0c61180c683ca25eaa30985d3 Mon Sep 17 00:00:00 2001 From: June Date: Tue, 27 Jan 2026 15:44:25 +0100 Subject: [PATCH 13/33] public-web-static: to not log ip addresses just disable the access_log --- config/hosts/public-web-static/nginx.nix | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/config/hosts/public-web-static/nginx.nix b/config/hosts/public-web-static/nginx.nix index 9d0e173..b69e60b 100644 --- a/config/hosts/public-web-static/nginx.nix +++ b/config/hosts/public-web-static/nginx.nix @@ -1,7 +1,12 @@ { ... }: { - services.nginx.enable = true; + services.nginx = { + enable = true; + appendHttpConfig = '' + access_log off; + ''; + }; networking.firewall.allowedTCPPorts = [ 8443 31820 ]; networking.firewall.allowedUDPPorts = [ 8443 ]; From 175df869287e0673cac44d98cf8fbf6aa7e3438d Mon Sep 17 00:00:00 2001 From: June Date: Tue, 27 Jan 2026 15:47:14 +0100 Subject: [PATCH 14/33] public-web-static: make hamburg.ccc.de the default server --- config/hosts/public-web-static/virtualHosts/hamburg.ccc.de.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/config/hosts/public-web-static/virtualHosts/hamburg.ccc.de.nix b/config/hosts/public-web-static/virtualHosts/hamburg.ccc.de.nix index 8277b5f..1c967c9 100644 --- a/config/hosts/public-web-static/virtualHosts/hamburg.ccc.de.nix +++ b/config/hosts/public-web-static/virtualHosts/hamburg.ccc.de.nix @@ -17,6 +17,7 @@ "hamburg.ccc.de" = { forceSSL = true; useACMEHost = "hamburg.ccc.de"; + default = true; listen = [ { From 213707b31080287d0dc5517897b777dcc062a701 Mon Sep 17 00:00:00 2001 From: June Date: Wed, 28 Jan 2026 15:31:31 +0100 Subject: [PATCH 15/33] public-web-static: remove cpuccc.hamburg.ccc.de alias --- config/hosts/public-web-static/virtualHosts/cpu.ccc.de.nix | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/config/hosts/public-web-static/virtualHosts/cpu.ccc.de.nix b/config/hosts/public-web-static/virtualHosts/cpu.ccc.de.nix index a6c67f8..d2e779a 100644 --- a/config/hosts/public-web-static/virtualHosts/cpu.ccc.de.nix +++ b/config/hosts/public-web-static/virtualHosts/cpu.ccc.de.nix @@ -7,7 +7,6 @@ let in { security.acme.certs."cpu.ccc.de".extraDomainNames = [ - "cpuccc.hamburg.ccc.de" "lokal.ccc.de" "local.ccc.de" ]; @@ -75,11 +74,10 @@ in }; }; - "cpuccc.hamburg.ccc.de" = { + "lokal.ccc.de" = { forceSSL = true; useACMEHost = "cpu.ccc.de"; serverAliases = [ - "lokal.ccc.de" "local.ccc.de" ]; From ebb0cea592d7def9833c9a6c979033ca4132c8cf Mon Sep 17 00:00:00 2001 From: June Date: Sun, 1 Feb 2026 21:06:33 +0100 Subject: [PATCH 16/33] public-web-static: make www.c3cat.de actually work --- config/hosts/public-web-static/virtualHosts/c3cat.de.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config/hosts/public-web-static/virtualHosts/c3cat.de.nix b/config/hosts/public-web-static/virtualHosts/c3cat.de.nix index ff59fab..95f9b59 100644 --- a/config/hosts/public-web-static/virtualHosts/c3cat.de.nix +++ b/config/hosts/public-web-static/virtualHosts/c3cat.de.nix @@ -23,7 +23,7 @@ in { ]; }; - "$www.${domain}" = { + "www.${domain}" = { forceSSL = true; useACMEHost = "${domain}"; From a884b7db7f32621f3505c765faa0fab75098317d Mon Sep 17 00:00:00 2001 From: June Date: Wed, 11 Feb 2026 01:33:38 +0100 Subject: [PATCH 17/33] public-web-static: upgrade element-admin to v0.1.10 --- .../virtualHosts/element-admin.hamburg.ccc.de.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/config/hosts/public-web-static/virtualHosts/element-admin.hamburg.ccc.de.nix b/config/hosts/public-web-static/virtualHosts/element-admin.hamburg.ccc.de.nix index 2bf56de..670b191 100644 --- a/config/hosts/public-web-static/virtualHosts/element-admin.hamburg.ccc.de.nix +++ b/config/hosts/public-web-static/virtualHosts/element-admin.hamburg.ccc.de.nix @@ -1,14 +1,14 @@ { config, pkgs, ... }: let - elementAdminVersion = "0.1.4"; + elementAdminVersion = "0.1.10"; elementAdmin = pkgs.stdenv.mkDerivation (finalAttrs: { pname = "element-admin"; version = elementAdminVersion; src = pkgs.fetchzip { url = "https://github.com/element-hq/element-admin/archive/refs/tags/v${elementAdminVersion}.zip"; - sha256 = "sha256-dTHE0rg7W0k4e12s3v8yD/rBOYpIEqNN1VV4P3KtpQs="; + sha256 = "sha256-dh7tmzAaTfKB9FuOVhLHpOIsTZK1qMvNq16HeObHOqI="; }; nativeBuildInputs = [ @@ -19,7 +19,7 @@ let pnpmDeps = pkgs.pnpm.fetchDeps { inherit (finalAttrs) pname version src; fetcherVersion = 2; - hash = "sha256-YBSZIHNffS3Um0imYNmX9c1q193rphr+8lQ4tp7AcXw="; + hash = "sha256-S/MdfUv6q+PaAKWYHxVY80BcpL81dOfpPVhNxEPQVE4="; }; buildPhase = '' From a085f7c2e5c9da729f0e16475bac81ee8a4f30da Mon Sep 17 00:00:00 2001 From: June Date: Wed, 11 Feb 2026 03:15:51 +0100 Subject: [PATCH 18/33] mjolnir: remove mjolnir as it got moved to ansible-infra See: https://git.hamburg.ccc.de/CCCHH/ansible-infra/commit/fe647da3bf3af449e3be64855b79fe267376886f --- .sops.yaml | 16 -- config/hosts/mjolnir/configuration.nix | 9 - config/hosts/mjolnir/default.nix | 10 -- config/hosts/mjolnir/mjolnir.nix | 36 ---- config/hosts/mjolnir/networking.nix | 28 --- config/hosts/mjolnir/secrets.yaml | 233 ------------------------- config/hosts/mjolnir/sops.nix | 7 - deployment_configuration.json | 3 - flake.nix | 11 -- 9 files changed, 353 deletions(-) delete mode 100644 config/hosts/mjolnir/configuration.nix delete mode 100644 config/hosts/mjolnir/default.nix delete mode 100644 config/hosts/mjolnir/mjolnir.nix delete mode 100644 config/hosts/mjolnir/networking.nix delete mode 100644 config/hosts/mjolnir/secrets.yaml delete mode 100644 config/hosts/mjolnir/sops.nix diff --git a/.sops.yaml b/.sops.yaml index cc9178f..47be449 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -15,7 +15,6 @@ keys: - &host_age_matrix age1f7ams0n2zy994pzt0u30h8tex6xdcernj59t4d70z4kjsyzrr3wsy87xzk - &host_age_public_web_static age19s7r8sf7j6zk24x9vumawgxpd2q8epyv7p9qsjntw7v9s3v045mqhmsfp0 - &host_age_yate age1kxzl00cfa5v926cvtcp0l3fncwh6fgmk8jvpf4swkl4vh3hv9e5qyqsrnt - - &host_age_mjolnir age1ej52kwuj8xraxdq685eejj4dmxpfmpgt4d8jka98rtpal6xcueqq9a6wae - &host_age_woodpecker age1klxtcr23hers0lh4f5zdd53tyrtg0jud35rhydstyjq9fjymf9hsn2a8ch - &host_age_penpot age10ku5rphtsf2lcxg78za7f2dad5cx5x9urgkce0d7tyqwq2enva9sqf7g8r creation_rules: @@ -79,21 +78,6 @@ creation_rules: - *admin_gpg_c6ristian age: - *host_age_public_web_static - - path_regex: config/hosts/mjolnir/.* - key_groups: - - pgp: - - *admin_gpg_djerun - - *admin_gpg_stb - - *admin_gpg_jtbx - - *admin_gpg_yuri - - *admin_gpg_june - - *admin_gpg_haegar - - *admin_gpg_dario - - *admin_gpg_echtnurich - - *admin_gpg_max - - *admin_gpg_c6ristian - age: - - *host_age_mjolnir - path_regex: config/hosts/woodpecker/.* key_groups: - pgp: diff --git a/config/hosts/mjolnir/configuration.nix b/config/hosts/mjolnir/configuration.nix deleted file mode 100644 index 869c3de..0000000 --- a/config/hosts/mjolnir/configuration.nix +++ /dev/null @@ -1,9 +0,0 @@ -{ ... }: - -{ - networking = { - hostName = "mjolnir"; - }; - - system.stateVersion = "24.05"; -} diff --git a/config/hosts/mjolnir/default.nix b/config/hosts/mjolnir/default.nix deleted file mode 100644 index 7dca51b..0000000 --- a/config/hosts/mjolnir/default.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ ... }: - -{ - imports = [ - ./configuration.nix - ./mjolnir.nix - ./networking.nix - ./sops.nix - ]; -} diff --git a/config/hosts/mjolnir/mjolnir.nix b/config/hosts/mjolnir/mjolnir.nix deleted file mode 100644 index 91b184f..0000000 --- a/config/hosts/mjolnir/mjolnir.nix +++ /dev/null @@ -1,36 +0,0 @@ -# Sources for this configuration: -# - https://github.com/matrix-org/mjolnir/blob/main/docs/setup.md -# - https://github.com/matrix-org/mjolnir/blob/main/config/default.yaml - -{ ... }: - -{ - # Allow deprecated, apparently somewhat insecure libolm to be able to update - # the moderation bot. - # The security issues aren't real world exploitable apparently: - # https://matrix.org/blog/2024/08/libolm-deprecation/ - nixpkgs.config.permittedInsecurePackages = [ "olm-3.2.16" ]; - services.mjolnir = { - enable = true; - homeserverUrl = "https://matrix.hamburg.ccc.de"; - managementRoom = "#moderation-management:hamburg.ccc.de"; - settings = { - verboseLogging = false; - }; - pantalaimon = { - enable = true; - username = "moderation"; - passwordFile = "/run/secrets/matrix_moderation_user_password"; - options = { - ssl = true; - }; - }; - }; - - sops.secrets."matrix_moderation_user_password" = { - mode = "0440"; - owner = "mjolnir"; - group = "mjolnir"; - restartUnits = [ "mjolnir.service" ]; - }; -} diff --git a/config/hosts/mjolnir/networking.nix b/config/hosts/mjolnir/networking.nix deleted file mode 100644 index 4d4693d..0000000 --- a/config/hosts/mjolnir/networking.nix +++ /dev/null @@ -1,28 +0,0 @@ -{ ... }: - -{ - networking.useDHCP = false; - - services.cloud-init = { - enable = true; - network.enable = true; - - # Version without ssh of: - # https://github.com/NixOS/nixpkgs/blob/3c9db02515ef1d9b6b709fc60ba9a540957f661c/nixos/modules/services/system/cloud-init.nix#L145 - # So we don't get ssh hostkey regenerations. - settings.cloud_config_modules = [ - "disk_setup" - "mounts" - "ssh-import-id" - "set-passwords" - "timezone" - "disable-ec2-metadata" - "runcmd" - ]; - }; - - systemd.network.links."10-net0" = { - matchConfig.MACAddress = "BC:24:11:C9:F8:C5"; - linkConfig.Name = "net0"; - }; -} diff --git a/config/hosts/mjolnir/secrets.yaml b/config/hosts/mjolnir/secrets.yaml deleted file mode 100644 index 0aaa2f7..0000000 --- a/config/hosts/mjolnir/secrets.yaml +++ /dev/null @@ -1,233 +0,0 @@ -matrix_moderation_user_password: ENC[AES256_GCM,data:NXJrbRh0A+NQh6Jy9iVAfYhsGR1BSOSuk1LjmArSiVF6jnuJAP9f750cRP7bu7Ai8xgxTlhjAtv9ck6SqlJ6Vw==,iv:IN/siIPCFKE+Nfl/aogYRYAHVgEGhMtTbmEZKZWQYgM=,tag:xxlnl5GU+uusSeh1OvoU1g==,type:str] -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age1ej52kwuj8xraxdq685eejj4dmxpfmpgt4d8jka98rtpal6xcueqq9a6wae - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBZTEhUMThoY3Nuc253NnBX - ZkplNmRzOGZFNWlQNDVpL08yRk5VTHZDUkZNCnIxMUJoUHJBYlJpbUViMW9GUmhR - V1F6SWh2NjRGWk9RWjMycGZYZXFZbkkKLS0tIE5MNk0xekwxY0NYYm9mc1ZGZFlH - NDN2dUpuQWFFMTZQRzFIS0ZieTRzQm8KUDRpPJwcWwePKMp6KQMnQLhqqyvuhgQh - rXpKW5fjxyT0Sh2u3FM2ET/9U0TUfpBVYBJojAJBFs1ntI8kFmqSYg== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-06-20T20:02:16Z" - mac: ENC[AES256_GCM,data:5BhSo3YpF3QNqgGnx6YnymaEQB6pchMhokaJqk4rHg22xhbUAzOhWg4BQepT7vrCQlfOZIq4o//dGO+NQxqliiyyywrSYm3CBWD4xfZ9cdfinHC7Pc9lj6Dd4uPNxRjgTRNFuMyC+ATIABI2mHKpg+T2bxSalroIlvNr4vXWZo4=,iv:yPHJZ5PvI5zJlQIMRdbJ6eKGe1xN+teKF5GluD2pyK8=,tag:s4hO9RCdkHDsQ1W+KfXq7A==,type:str] - pgp: - - created_at: "2024-06-20T20:01:32Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAxK/JaB2/SdtAQ//Y/GVthqtuK7bY8Ne5CNfn/CD1RUTdX1+KwX1zy3YsgUC - CGxhoFFy1UoXR3QB4Hxnk8R/vaFVHezCWKWY45MAuPtwM1VGwjVsuknrJnSs8k7/ - jrzVO9xXgTd26H6DLmPVfH1hKB0/lh84hwVgF5rlPS/P7l92LL0hDIIwZz3dB0kU - d6jLa1Fajqd4MSdLWbZRBPcioC5v1Ip/SXYAJp7IGLDgXm5MN+MnAdybAFsl1K5p - dCUmGqK5IjyPVP564TqL0ZEIXMxSSwex47in3cTYPaOO0L8P3kbKDNWxZQLaqZkn - 4RZC4/aBqlfD2STxMez/ksi6kCcPuC7UPRzuq4oH3kOcJHxwIN8Df+DZYA4PJKsl - T9QDL1EylHBhsPIZCoxpmnGl3j+hVmONj2V1awlCaOagbgDlClEUEMyw7QCVVbtK - CW4DOgVnnTxcUaLHep8BgHxKkYjIDIbDMmg315h2ekT86gGgZavL8IiFTWSLzSrK - XChIjUdjpKZhanmSWpj4w8ZpdGOOjernL2EBWtSC23AibBZmQe9OB/QzMpLTdCvV - 9t9mMoSayP61oJylBtOKhDnEW0Xib0U7tqzwpaow2V+CU2dr27qie1jh5GqMaoJR - qpu1KT3Z9eqpF3Dl8aI3dEovbmvDMVXErU3pmFu2zRJtm6TOXp4NNOYWCetUfxPU - aAEJAhCFerTI/ow/LWkCQ78cCMFjgKrYabA3lHu11Mr/PiHirwJ/vCmsUMiOhdRw - 49lsyqJlO3IA79yW4exG5tYXvPgeJMTdz36fseUEKsewfrPEqMUa2T4onet2+GN6 - GALPdepytjg+ - =v+qv - -----END PGP MESSAGE----- - fp: EF643F59E008414882232C78FFA8331EEB7D6B70 - - created_at: "2024-06-20T20:01:32Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQILA6EyPtWBEI+2AQ/2L7fbbhBH3BfgD7IbgtVn+nEhNJw5tWR2+0z1k72TIr9j - rPAvV6NQY8oVV2+uNLa4fMl+ueqYTFd3/E4IsRXkmexjx+vos27LjDNSu6w0OPJU - BSq5TFqZWYIPiWaivQz4+rt+vbxvpv4Lh3FAXlV9YubprJ4GRrlwyheve/l3F0BN - 3vCDLsfXijZjxaptb9nf7WiT9vvWrY0sD4g71ARZdWi7Lb+TgCxzbQMue+4VC0Zu - y/AWIymVo13BD+apoYltVYYvkn7yz3REzsx3NN4bkJyoCAevr6UeO2fGvlT7b7eG - F7CN/TusFlOqWV9M0VbiOGLfL7Q9tGAG3xDAyFh+yMQNadp0M3m9UiYUlHps5DRT - CVsIPnPUr3V/oycRm3s+UeVyBg3rpdzWyNtETOjNY/AqVmRQ0toqZOm//ZOg609U - 6+EX1Oc/GosfNoHWJuFmfKJRhPpy2gXZX2rQuLWaVJUXzzKM5sbLnycCV03S24PU - Fi7Z5lIu334QTLG8PV6agO5UprZb946qPmW+b/QnUol23XXcgh1GIgMV+lEK8+83 - UPT0aUkdtOTaKbWUg5xokx+0Ni9syJ4Nl7naQq57qOGiecMnBbeE3TYxaNOcjTBh - CY0/hdcrZYH6VPeDye4yghSDF9WCaNUvzZNePGzdqKK3F9O/NmBSiYd/cToyDdJe - AZMZCKxSw0/HyBqTRd3wC/VhC9uO2I4HWE3LuqBPUXYFWc4W1buJs+P8pFjqT5rZ - puHPH8IxIeIiVNO5SFhdL8ecSu/nawakvih65aMGSa102e6B2HfP6tD4SmarmA== - =tr5G - -----END PGP MESSAGE----- - fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC - - created_at: "2024-06-20T20:01:32Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAz5uSgHG2iMJARAA02rGmKxyQkvxoXM1i2dLOiH6Gw/pUcdDxYSwKfdkNU3X - zc0He4FNG8CAURVq5jARD066VecamkBmlr+rwFJlaeqDPEiITfkz7DEGO8pPxKG0 - GBnFVA9r/+OU351yLjHYB+72jvw1ey0PPHvKg6/sKjovssYvQLipUcktH33kPqVQ - yJzuQWFMWA7Jn/wTa/TP/53o0e//Kw9df69J3BSmnw9F6rKHGsIXLBmyR9HpQsLR - KAuClMzjPqHszCICND7vUDEzUvCcOVyizZAcRzWfDi/llwKGUanvEGUVXvyDXw/E - Q/FyR+VJXCzRlhsFTTuavjy6nhDsRf/N8N0Vsd9euDXOPQ4wuPAgpvdi58CPBmzP - 8jU3xpFSXStYBIMt5u7t+UJT4IwdbjnClyIrSuyaV/7N5UQdYTv0fBy1mRrYLBAj - VhlRDa1y79n22Kg8mvDqJ16rC3VypkkQ6DaPvyDwlrG8iRLG/xi3Zz8HHnXxAGAm - SzliIolwEDHJZHI9ZE3YzpFJkB6UyOpXS1zMsDycupFvQ4jd2fQ0C7w5OaJHCkeQ - 3zTKgtufjJGo7R2Nf0bTWTfi85GU3jpMsOHCEcChgBVXcO32ZZ/zzmqtXa/u3m5v - sjUstyBXEmG9eyIaiEtRAMAblwRsJPMszLaCUuBpzQw+mm9uTCsIaf5Xdud7GFzS - XgH+whlmbv/UeUC7bo65uxrG8SgTVAaPZpcQ2dP3rXYs45zYmYGKJaZuW+Hrl+nZ - pd6zT6rb6R8TMmXkNA1TjhvZ/A+ONlza1fH0dmsh7U9oqINXNFJU7Qm2r7imFvg= - =ZIDr - -----END PGP MESSAGE----- - fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5 - - created_at: "2024-06-20T20:01:32Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAw5vwmoEJHQ1AQ//f51KkC9oViW/0EA0TLdWgXa76ZXMeu4b3UhWaQvYDT9+ - 8wuWE+slGEWsRnFZ+pgWZoV3HIv2p+xisX2lmBvepOufaRh6cyNpQaZNl0kFtpBo - ShQ66SmkorunYyM+OIh3ceI4PC7ca4KsRKB8nWkA935NWssFN9zMlkVW6GjqzTft - 2JVJFL8GRlhIRMhJwSzp8zZ3XiYD0sB/2y+ffCMAOSCnDVcDjANyiSds6MPxfPy0 - /kaNTXuUI7H50tHQP6vzJ3q1mRpAhUTIxubnmBTdvAQz/kaD0qPt55z+Q0xSXsLa - yfb+Zd2g/2o+IFiCrwqcki5yX49Ol89l69JRyIWe1T2VtqBSUVIiiYreX5OnmWPQ - OjJ1mAn9tpIlVSHzlaONtmJEmAJ+n55rP0itBMs1CrIBiQleLaCbSWqp6q3RfaJr - gpXnfHQpsU7cKEDQeyvxmH8qgrSR9AVh/knyGOJy8LnJQ93aQpr3xr/2MiFPYiKz - dcSrxHesrfx2Zl7bNB5OZ7VZTWFSunZQUnOn3F3+7yaaT9ePsvWsyTKBOSGUiA7s - VMxT5+P8QM6UOC8KxJj/q1eAVrWvN7vYbCA25+SzbdTtr1RweOVHzNgqZH5/Q2ZY - fguwHlCGg5Q7UKYKBk4QJFg6oClDgzBYCFL76K4aymtR7rxKl4sJxWoug84oP6DS - XgEZvNS3xsY8Pxm0bAmor93Q08Mii1svnNZ74Eqmbo9GxBjHReIGKDDZ08SaPhbc - NJxAP2C2sRUda2R4GvsNYmXHzGYfFTrfe+AXqEV42ZSD9vHDJMCiX9JrY/r4uSM= - =+F4l - -----END PGP MESSAGE----- - fp: 87AB00D45D37C9E9167B5A5A333448678B60E505 - - created_at: "2024-06-20T20:01:32Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA4HMJd/cQYrVARAAq/cP9y/7kxSXDFOD/xhI/3RjGzIN5dyHlfrmEQWJ8J7z - ov0VfBCJp6gFht37dGWuLtWi1qqWRgN+9hiBnkj2zONoph0SRGP9uNfadBSzYSD4 - wvlOFrWeM9cswnk4i0q8Go+qdCC6U0g1szjirdifF7I9KdqKpOFwXzjnzsPTF42o - 9oFCP32esOYv++DfTBgrSv8/STublJYABcs+lzjvURqBsFvdz7PBphH66++yxt7v - bTTmu8O9WHC8/5QTfUzOBAfgyu4CwF3YLRZd81ERtzO/udNYgGO3bifofCfpv+nY - MMyCbGxoiAfBWcAHhka+8nMnBj0as+ln220O99N6zH1rTmqqDxRQkEiYek1MqEU1 - f319u3KqB6STWmZvjlwQ5AhwSLCLT2VpIJX4CpMClWlLb3E2rpZ+B1uBRMQQ3fMe - jSynatL2vXn3rKWzxIEIxA/BkVKQ8zXgOT9JyqyCZdHTvjEmWuQitILi7wKWJb7/ - qhTGEBoQbjIKP2Bpso286RKhS3erE0wqLeXXFb7e6bkEEHXa/jVHCZk8/qDcAAIB - 3eIb5SNnLxQwo07JlWdDPzCvqeC4fx5AWxXmHsKWI+91PA0jdNjcEPt2sxwAEQYq - LWBW6BL22Hqo/VOBXhM1T5mFKomqySLSrxTYeWXtJLZwh0aHbm6RyGGMjHpCiU3S - XgE8EQeKefLHoTixb1Rl/amIvtOUUcTtdqlyat9hhIdMl/7ZMesmNuD1ZsEzdCJd - 20/DgHzFE7WvZKrjt73GDETUjwLHZSl5fydQMgcNFgzU2mdV6nYNhF18gE/af74= - =UA8K - -----END PGP MESSAGE----- - fp: 91213ABAA73B0B73D3C02B5B4E5F372D17BBE67C - - created_at: "2024-06-20T20:01:32Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAxjNhCKPP69fAQ//RVzQX4Ua5XZHTIe7ffYiqMxy/KoJdbCxpgjbdD0sx2ou - zCB13t13UkLjLo5GkTE7kRGtyKOdhQ/7NUA7tOZ+rwWOq3NehOTLfU0wMkgT7tOh - byWwNHrY9VHz3ndFnya5nNcnrqILA1rEn32PnioNyWcU6832jyUWvtRqwF+JRrKr - yRJMvz4T8vmLwrxqarB1uqU0OVHXy8bq8d9/pVrAmk6+C/H5FINFlApD0dKYftd2 - phoTSA5WG8j1e0v5p4+r9cRHlYXFMinMMkpzD/JMyNB1WVZ9aGQxU7WiuYzuv1bh - PKN/LEgfh3ypI8W960NHv/OMRjVs/VxA+G3ml3Lw6acRnaLr++MhF2G7ZBTx8rgi - fjyF6m4XtacwIKYZ7SNt9eQewGI8VU30o8np33qb9KeOt7v8PrMH1G3X+bTLnJGw - VjxjvaBaePmPplYYS7xaPuUnzFNabDXTE8XCQpdJMy26ef77gaWr6TQwXbRlZXrx - S60EecMLwUj+daR0PkVBkCDxXkW8+0uPkt6EEn5rmPdMXoh4DUw+4A14t7yyUU50 - j3M9tv6DuYs/KhgZYfLe+6hVD7fY4lAs5Ge6QGLA/TljAatE3zpSZQK+b7C4HKJS - 3eRpcAt6CJFhXaCBwl4+gigrg3voX1ykh62oqY/4ecKbAiiVXLIrcflv9kx2Ht7S - XgEDhoIRIvXoOUy6j/qjp/OFxwu5y6MpBX4vHxlpL36daL2yShMkCYyY3ajea4eX - 9k7B9fpRu3sjbDTNr1heffI+5n/HKc8j9a52hzu5eF0e+v+vKY32uk1jlUhZdj4= - =R/pX - -----END PGP MESSAGE----- - fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55 - - created_at: "2024-06-20T20:01:32Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA1Hthzn+T1OoAQ/+OHZshi2zBfbVQ91WKLqei7bT4CZGiPxQsl7aogv8JkyL - D8p+VgIReMvq4F5QFaIsA8yqMSnjxfIi5bFd9SKjuhOKvuQjyh1rSsFb0t8ESuYi - fHBnVw4tDNfTEGQa9YhNJPTq60TwR4P2xYFEgc//AQqfs9XH0cTbvkFS9dkug092 - u4yJfB2aZEJa0Eh0AenUYzP13bFH0sJwL1hQop1v9gF44JeKHpRNd0Yixlp0Yucs - Ccww+WaNFVQ4+zvyW7MnI8/D27/SQGRXXqQE6sOQlsg5SUzF2vIpYbIeuu1NR5WK - v1ZB0DlWVuOshIB7M9WUCZcAS5cMAWKc1vvZ/K0l+6tNskZvGE4p/lv1bmZ5zfc3 - gT/2L6ENuoKW7RoF071SsG9Xn7VJync+iNTtg0m7Je7HRAZAGGc8vfIkrTXAmoIE - QkGuog0R+EZxq9L1WMbppV/bnbBxiutFxwWOGTxzsn+DksVrVLvyI/EbHJvcEwzN - hISPFmAiCEKzGAGfaO24F5Xcs+U6AgumS5V5kwY6zA/kZpJEdQm38rcC12ZpXR9C - oHGs9ACtgf+g8H3/Ks5DL48FTbYuZADamVA5+pV97B7xCS8TxYChuFNPLwU2s52G - liiZV9NevlFlbsXFZS/EWgR8b0aH9Nhjl5TAPOajBOu0Nm/83XEP9nbbbjJjGRHS - XgHop/OMkJRuZZ35JQjUS6dIBzSivqplpr51wHbyilxbvOHdvuu6w9kqGY9VhuVt - nCszg+IQ0SM8YFuu1M5UPO4txYQTHx8zO5SD/d8kh5HEu9fmTNyJXblRcyAzYZc= - =TxDz - -----END PGP MESSAGE----- - fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD - - created_at: "2024-06-20T20:01:32Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA46L6MuPqfJqAQ//co7jg6v5QUB7eHXJPMLxsgtbC/VYp7C7QqXQda5qhohW - t0F9lysBybhIGoYuvfZGzNMYqqkVpFxzlOO2vFlcYFsQhjCpJrHBWYT4XOmIBR64 - 6Az/iKqNLS+cG+rFIIuc8BqRk3r4lrM32dCqz0a+3qRkdmbff4yKuzg8FTPlv1RI - O9SzRqfptcKDXItnQF+8CAziqcGyy4jL2wnl1Q2I2Pksr+Zw1eZVbFfHmCpG7A5C - TVihozz51jeXlggDp9/NPJOQDsmV+KdpvNx2Eqj6PQ6aGWtyYv5YZG3X/eRKW90+ - qUOJxwpW5KGcROnuvQt1AggcXquOTLHFyJ85M8tpJcl+JYVZsIeNDo+LO8sbrCTA - cjp/YSLOms+GullbGAwrJh4TYtwJE9sEKr9OAFUvd+AxVFWj08BqMe1eN5YBbwwB - vNurVdvjE8jaTCmZgPPOIP5KXSrsG8bA02YlZ4MnzodYidIhTudJ8VB4NYCtNgOL - G/x7h/KA5KYgDWEtr21z2oy0QkGijtrcNa02GpslirjufZ6TPGCbJjAeEsPbYBm7 - mDXm5+PzZpb1pbcSVNlVG5Ry73JrZxBpYCPGnxLs5yAmWOlNa/xcgDHBU+iXyVg0 - Wm8pHRAVNfbvL7NB8yeaxSDoTSE7/BsisL6tUHoV+bdlpVsTF26bQZBc/zhxiZrS - XgGJ8ChRZbpi2qUzP4nA2jPkYtQ4cquA+ftDx4i+ZqVNtAhVSnTiBZoYu/21+BUB - oxDa5m2vD0s0t0fGfmmIvpLZKZIF7NcwnCdNVQve/D3qNNa4T3YnXb8JTGH0PYc= - =mu1s - -----END PGP MESSAGE----- - fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A - - created_at: "2024-06-20T20:01:32Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA4EEKdYEzV0pAQ/8D4mAcC6vsHLkSryz1yIYoBqqtJnG62pITFEbafhVLR6V - nWAw/zP9DqNj15MsrM67xaQxlMVgkVM7QTchgp0CjXsyZ/gWPgDl0NaC92Uj93Ov - Gi2OpkfHQFaAW6JsAFl5NrF0ZBw/flx8X0l2klIxBV+ztpkLADEtXWsoGsmz5L4m - n41icEp9+nb9nwy7p+Je0s4jZCBB0sVlbkX9i4IpMOgEhA0HcWemc940VJp3UyRg - LkOs5C0J4Y4qjS12248y16gV/IhNaJ4PCPgVwSj1Xzz6VXauQosmWhnUbnqJbi3F - KWEV0IJJO+dlj5VShzFDnkN2bM1GeyQx1S+FkNp+Mmm6JNrUK+CZL8fUYka06O0V - DD/sg1Pyq8VawNG5RxwAWA5F1F1SIrJzF0T4HyIN1UFRCjWC466sdrBTQLtx472k - NdBCvabHS/bx5miPKF5iglJYzz4biUdevc3EU7q4hwgMYM2oep3m2EsaTbKWzjnY - PLB4d0bCsRlya0YfHaFX5f3xSNb/FzBcUlTHzX2asyB2DolMug1VqS3jCEkWGbk/ - vfNfR5yRuwkwNlJRqHbGIfH7fYEgwSTW+VW2iUdY7Dra7xjgTzqZgLi5W8QwKJqq - 1V5H4KlRQNYwloVJzQZCwoPcY+tBfTZ4LsDKtjyJzFY9vdTGGGqb9lAG7YBUdubS - XgE72UuZvbPQZuI7uVKMEORGVssQjwZFhs4InR/Ixe03a7hb8fdRHfu/ueS/3KQx - mRXVino/iVQ6M936mtibfeH9TpBpjqH8sBKNHv2hgnoap9QpkrVn1yWqrOcpht8= - =+sXL - -----END PGP MESSAGE----- - fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA - - created_at: "2024-06-20T20:01:32Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DQrf1tCqiJxoSAQdA/tIZCvQv0E4dHN5jBHsAGclKEeLFhyf4lIQx+xa+uwQw - /VGCdNT8U13EawRC66KLXRrRgsNPpwUg15wAoTzQ8gW/tLpgvL5nsEYPfaowYwBD - 0l4BmNV4o4J+NHF7Tk1af2kx0pp6kF9eJynn6irr336tGzY004lZfZlqwgeOk+qN - 93XcSfdAOlIktfex1q1oTPrSpGIv32zsLPoRNVa50dO+IKu1tmYAxi9N9sQgbWa4 - =rnF9 - -----END PGP MESSAGE----- - fp: B71138A6A8964A3C3B8899857B4F70C356765BAB - - created_at: "2024-06-20T20:01:32Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAzdAjw8ldn6CAQ/9HNG41mTgq8VavF9DBX7+upnsmoDtwblck18l3rurJ1mo - k2ki7tWwIxRyLLHtsUxJ9S55cmXuhhPJK8Kzc32SnY5irDkqK/4JZnDvofg+z68B - 8pQOunN1BQp50k8vd4Mha43re8s24iqrM+fj59uHM2YYsQYt9TCR/NvUopOdi6l2 - 8OnKI2KdRvYhtzzCY3wmQKhG7p0hc8y8pP/0DmPW5IGQ6OP4zO+Qnc4EbVnA9Uhr - tZ4sTNn0o80kfvILKANkAm81v86KdSRXdd3+1IpH1c7rTqm9o+DEm8nKnwWOF63O - P0klsYLlfqiZyQ0AyS67RHPTw/y57mAyWVFbABDLtXQQHWcIkADMLKTJLpnhKkRn - Cp94EXBBBwViAUBUzzskE4lgKXncl1h5ogLum8btU+cLky0qa8Hzie5QqszlErf8 - fci0AEHV8u+Kf5EARf1FiY6K2aVnFOJchdeL98qllwRu6f8zz7+bfLq1UXcGBlQS - JnbAlXiL4vEBxQyW5awYYzpaMUTW1ejjujZUitdaUeIQJdv/IJvHe9y6/F0uukdt - AMrDI7E+JKa6hLPe4g6H1hUzh6GcaHuNU9z2NSDfzxcOHkqALsCDLVDxsjPhahCc - UZkSn8ebyqv7/jpTgWnsls0Fx8XqvKKJNoqXfK81oIvWlJsEwqSaBczkq9HQbO7S - XgH2N8XPOJWmqDc+xS26eERNJ8ZlhYaODWwatgqt2si6EdBpVRZL4PXsOrOlI8Xi - Uaag1/Uljqbk5mN18+CtSfSt0ded79d44B9zAbc70hgvkRrpcotDBnO8YQ9MxB0= - =O0Sg - -----END PGP MESSAGE----- - fp: 3D70F61E07F64EC4E4EF417BEFCD9D20F58784EF - unencrypted_suffix: _unencrypted - version: 3.8.1 diff --git a/config/hosts/mjolnir/sops.nix b/config/hosts/mjolnir/sops.nix deleted file mode 100644 index b4548ed..0000000 --- a/config/hosts/mjolnir/sops.nix +++ /dev/null @@ -1,7 +0,0 @@ -{ ... }: - -{ - sops = { - defaultSopsFile = ./secrets.yaml; - }; -} diff --git a/deployment_configuration.json b/deployment_configuration.json index 1bb46e7..3ae44cc 100644 --- a/deployment_configuration.json +++ b/deployment_configuration.json @@ -15,9 +15,6 @@ "forgejo-actions-runner": { "targetHostname": "forgejo-actions-runner-intern.hamburg.ccc.de" }, - "mjolnir": { - "targetHostname": "mjolnir.hosts.hamburg.ccc.de" - }, "woodpecker": { "targetHostname": "woodpecker-intern.hamburg.ccc.de" }, diff --git a/flake.nix b/flake.nix index e976c25..ecc9db5 100644 --- a/flake.nix +++ b/flake.nix @@ -178,17 +178,6 @@ ]; }; - mjolnir = nixpkgs.lib.nixosSystem { - inherit system specialArgs; - modules = [ - self.nixosModules.common - self.nixosModules.proxmox-vm - sops-nix.nixosModules.sops - self.nixosModules.prometheus-exporter - ./config/hosts/mjolnir - ]; - }; - woodpecker = nixpkgs.lib.nixosSystem { inherit system specialArgs; modules = [ From f29f4622b5901fd552ee73b8fcd9f3f899908be0 Mon Sep 17 00:00:00 2001 From: lilly Date: Tue, 17 Feb 2026 22:56:53 +0100 Subject: [PATCH 19/33] add lilly to sops config --- .sops.yaml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/.sops.yaml b/.sops.yaml index 47be449..df164ec 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -10,6 +10,7 @@ keys: - &admin_gpg_max 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA - &admin_gpg_c6ristian B71138A6A8964A3C3B8899857B4F70C356765BAB - &admin_gpg_dante 3D70F61E07F64EC4E4EF417BEFCD9D20F58784EF + - &admin_age_lilly age19h7xtfmt3py3ydgl8d8fgh8uakxqxjr74flrxev3pgmvvx94kvtq5d932d - &host_age_git age18zaq9xg9nhqyl8g7mvrqhsx4qstay5l9cekq2g80vx4920pswdfqpeafd7 - &host_age_forgejo_actions_runner age10xz2l7ghul7023awcydf4q3wurmszy2tafnadlarj0tvm7kl033sjw5f8t - &host_age_matrix age1f7ams0n2zy994pzt0u30h8tex6xdcernj59t4d70z4kjsyzrr3wsy87xzk @@ -32,6 +33,7 @@ creation_rules: - *admin_gpg_max - *admin_gpg_c6ristian age: + - *admin_age_lilly - *host_age_git - path_regex: config/hosts/forgejo-actions-runner/.* key_groups: @@ -47,6 +49,7 @@ creation_rules: - *admin_gpg_max - *admin_gpg_c6ristian age: + - *admin_age_lilly - *host_age_forgejo_actions_runner - path_regex: config/hosts/matrix/.* key_groups: @@ -62,6 +65,7 @@ creation_rules: - *admin_gpg_max - *admin_gpg_c6ristian age: + - *admin_age_lilly - *host_age_matrix - path_regex: config/hosts/public-web-static/.* key_groups: @@ -77,6 +81,7 @@ creation_rules: - *admin_gpg_max - *admin_gpg_c6ristian age: + - *admin_age_lilly - *host_age_public_web_static - path_regex: config/hosts/woodpecker/.* key_groups: @@ -92,6 +97,7 @@ creation_rules: - *admin_gpg_max - *admin_gpg_c6ristian age: + - *admin_age_lilly - *host_age_woodpecker - path_regex: config/hosts/penpot/.* key_groups: @@ -107,6 +113,7 @@ creation_rules: - *admin_gpg_max - *admin_gpg_c6ristian age: + - *admin_age_lilly - *host_age_penpot - path_regex: config/hosts/yate/.* key_groups: @@ -122,6 +129,7 @@ creation_rules: - *admin_gpg_max - *admin_gpg_c6ristian age: + - *admin_age_lilly - *host_age_yate - key_groups: - pgp: @@ -135,6 +143,8 @@ creation_rules: - *admin_gpg_echtnurich - *admin_gpg_max - *admin_gpg_c6ristian + - age: + - *admin_age_lilly stores: yaml: indent: 2 From f27d3ba1139aec51f10481bafb63f4ff2d902e90 Mon Sep 17 00:00:00 2001 From: chris Date: Tue, 17 Feb 2026 23:22:16 +0100 Subject: [PATCH 20/33] sops update keys --- .sops.yaml | 27 -- .../hosts/forgejo-actions-runner/secrets.yaml | 363 +++++++----------- config/hosts/git/secrets.yaml | 363 +++++++----------- config/hosts/matrix/secrets.yaml | 285 +++++--------- config/hosts/penpot/secrets.yaml | 363 +++++++----------- config/hosts/public-web-static/secrets.yaml | 363 +++++++----------- config/hosts/woodpecker/secrets.yaml | 363 +++++++----------- config/hosts/yate/secrets.yaml | 289 +++++--------- 8 files changed, 899 insertions(+), 1517 deletions(-) diff --git a/.sops.yaml b/.sops.yaml index df164ec..9bb3323 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -1,13 +1,10 @@ keys: - - &admin_gpg_djerun EF643F59E008414882232C78FFA8331EEB7D6B70 - - &admin_gpg_stb F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC - &admin_gpg_jtbx 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5 - &admin_gpg_yuri 87AB00D45D37C9E9167B5A5A333448678B60E505 - &admin_gpg_june 057870A2C72CD82566A3EC983695F4FCBCAE4912 - &admin_gpg_haegar F38C9D4228FC6F674E322D9C3326D914EB9B8F55 - &admin_gpg_dario 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD - &admin_gpg_echtnurich 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A - - &admin_gpg_max 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA - &admin_gpg_c6ristian B71138A6A8964A3C3B8899857B4F70C356765BAB - &admin_gpg_dante 3D70F61E07F64EC4E4EF417BEFCD9D20F58784EF - &admin_age_lilly age19h7xtfmt3py3ydgl8d8fgh8uakxqxjr74flrxev3pgmvvx94kvtq5d932d @@ -22,15 +19,12 @@ creation_rules: - path_regex: config/hosts/git/.* key_groups: - pgp: - - *admin_gpg_djerun - - *admin_gpg_stb - *admin_gpg_jtbx - *admin_gpg_yuri - *admin_gpg_june - *admin_gpg_haegar - *admin_gpg_dario - *admin_gpg_echtnurich - - *admin_gpg_max - *admin_gpg_c6ristian age: - *admin_age_lilly @@ -38,15 +32,12 @@ creation_rules: - path_regex: config/hosts/forgejo-actions-runner/.* key_groups: - pgp: - - *admin_gpg_djerun - - *admin_gpg_stb - *admin_gpg_jtbx - *admin_gpg_yuri - *admin_gpg_june - *admin_gpg_haegar - *admin_gpg_dario - *admin_gpg_echtnurich - - *admin_gpg_max - *admin_gpg_c6ristian age: - *admin_age_lilly @@ -54,15 +45,12 @@ creation_rules: - path_regex: config/hosts/matrix/.* key_groups: - pgp: - - *admin_gpg_djerun - - *admin_gpg_stb - *admin_gpg_jtbx - *admin_gpg_yuri - *admin_gpg_june - *admin_gpg_haegar - *admin_gpg_dario - *admin_gpg_echtnurich - - *admin_gpg_max - *admin_gpg_c6ristian age: - *admin_age_lilly @@ -70,15 +58,12 @@ creation_rules: - path_regex: config/hosts/public-web-static/.* key_groups: - pgp: - - *admin_gpg_djerun - - *admin_gpg_stb - *admin_gpg_jtbx - *admin_gpg_yuri - *admin_gpg_june - *admin_gpg_haegar - *admin_gpg_dario - *admin_gpg_echtnurich - - *admin_gpg_max - *admin_gpg_c6ristian age: - *admin_age_lilly @@ -86,15 +71,12 @@ creation_rules: - path_regex: config/hosts/woodpecker/.* key_groups: - pgp: - - *admin_gpg_djerun - - *admin_gpg_stb - *admin_gpg_jtbx - *admin_gpg_yuri - *admin_gpg_june - *admin_gpg_haegar - *admin_gpg_dario - *admin_gpg_echtnurich - - *admin_gpg_max - *admin_gpg_c6ristian age: - *admin_age_lilly @@ -102,15 +84,12 @@ creation_rules: - path_regex: config/hosts/penpot/.* key_groups: - pgp: - - *admin_gpg_djerun - - *admin_gpg_stb - *admin_gpg_jtbx - *admin_gpg_yuri - *admin_gpg_june - *admin_gpg_haegar - *admin_gpg_dario - *admin_gpg_echtnurich - - *admin_gpg_max - *admin_gpg_c6ristian age: - *admin_age_lilly @@ -118,30 +97,24 @@ creation_rules: - path_regex: config/hosts/yate/.* key_groups: - pgp: - - *admin_gpg_djerun - - *admin_gpg_stb - *admin_gpg_jtbx - *admin_gpg_yuri - *admin_gpg_june - *admin_gpg_haegar - *admin_gpg_dario - *admin_gpg_echtnurich - - *admin_gpg_max - *admin_gpg_c6ristian age: - *admin_age_lilly - *host_age_yate - key_groups: - pgp: - - *admin_gpg_djerun - - *admin_gpg_stb - *admin_gpg_jtbx - *admin_gpg_yuri - *admin_gpg_june - *admin_gpg_haegar - *admin_gpg_dario - *admin_gpg_echtnurich - - *admin_gpg_max - *admin_gpg_c6ristian - age: - *admin_age_lilly diff --git a/config/hosts/forgejo-actions-runner/secrets.yaml b/config/hosts/forgejo-actions-runner/secrets.yaml index 456230a..5debd4d 100644 --- a/config/hosts/forgejo-actions-runner/secrets.yaml +++ b/config/hosts/forgejo-actions-runner/secrets.yaml @@ -1,233 +1,148 @@ forgejo_actions_runner_registration_token: ENC[AES256_GCM,data:gAR2ffrffeuuaOwO6mWcif2e6csKIVoLqrux19iBlrTkFHgo/IlHVL0eSUGqnw==,iv:i12yx/quwT9kj6fPECszo/iG9cVhKX+7dAA6/N09URc=,tag:eO+mWhumgvWzQxYqiRUXbA==,type:str] sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age10xz2l7ghul7023awcydf4q3wurmszy2tafnadlarj0tvm7kl033sjw5f8t - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKZEFkeThaUkhoVlVXV1V0 - eXBja2hueWJzZm5RNVdaNTdKNGp6OC9mVmt3Cit6S2tBQjNGb0N0RkdDdWtpR1Vv - REd5WjJrTnJYR0lGRkFGU2RXTjZkdncKLS0tIHJoV3I0YTNkcHdZQWZySVNyVm4y - TGR6Sm9uZ0ZQeEFNK1lJRE82eUluclUKL4mGDJkQ3mQu+7Xc2KflVqLUjbr/5a16 - VlYUplTqUCYXtkzq/3RKZV/pM4RVYBDHvuSzVr4hXBSxW5j93dhezA== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-05-26T00:29:52Z" - mac: ENC[AES256_GCM,data:c0261ungapxYViyviTpNsSJZs6OMQ8fyHNqBpvTBp9jEEbbvJBSbqJtwJvVDg8Kv3xrZjC0jZSQOWkvYJlb2PFuW2/GXy5YpLCo7k3ZhXhUbotsDFPe30bvfVxZWhMpaS2rEXlxCqHeVmqoslL34jpLuFx04FmoBh91yjDMoiTw=,iv:njo4Bu4FzAbU6t7CSbqw7hcJ960oqsIKuV/qUGF8c1I=,tag:dzFxW8vyZsDFkd/ARkt5jw==,type:str] - pgp: - - created_at: "2024-05-26T00:28:49Z" - enc: |- - -----BEGIN PGP MESSAGE----- + age: + - recipient: age19h7xtfmt3py3ydgl8d8fgh8uakxqxjr74flrxev3pgmvvx94kvtq5d932d + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBjZEpMZkt6OU5nMEtYcHc0 + OGdsVDZBcE5nK2ZLbDhaWEVMM2lJcllLVnlzCmNUTXpaVHBLMjlILzJwdDFLMVky + ZXdEVmE3aTFMZDJnQ2tqWGRMb1NnZUkKLS0tIDhGWGpoYWNtL24wRnVRejQ5ZkVN + YjZFMTh3OTNkOUE0SmZTQXpKSmdGWlEK+Xb6blAdiWoKvffLEQagu5tFpWALJaXm + F65M+RNNkJ/YsSJGAWFJepw3ncCMFbmQgGXw5XnyqTlYFhrQ8x5qJg== + -----END AGE ENCRYPTED FILE----- + - recipient: age10xz2l7ghul7023awcydf4q3wurmszy2tafnadlarj0tvm7kl033sjw5f8t + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQblJIdFAwOFRqbWEvQzVF + ODVpQ04xTVpxTERGU3BOMjV4KytBU21neEYwCmoraHhlNjhDelAzR0VxcVNlekhT + QkI5ckd1dVFjMHBoTVFTQjlzbTdnTzgKLS0tIGlTY1p0bWxrQWoyM0RwSmx1aDhy + TklLZWM0cDBKaGJJM2tQQWRLZXhFYU0Ko7cyvzMvwlGCCP3UAX1+5uTI4srhZ5l9 + DPaHySiC+rLy+8R9UqEuTKbP4/Aw4NZ/UcfjNnVkqqqNJIODmLoOhg== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-05-26T00:29:52Z" + mac: ENC[AES256_GCM,data:c0261ungapxYViyviTpNsSJZs6OMQ8fyHNqBpvTBp9jEEbbvJBSbqJtwJvVDg8Kv3xrZjC0jZSQOWkvYJlb2PFuW2/GXy5YpLCo7k3ZhXhUbotsDFPe30bvfVxZWhMpaS2rEXlxCqHeVmqoslL34jpLuFx04FmoBh91yjDMoiTw=,iv:njo4Bu4FzAbU6t7CSbqw7hcJ960oqsIKuV/qUGF8c1I=,tag:dzFxW8vyZsDFkd/ARkt5jw==,type:str] + pgp: + - created_at: "2026-02-17T22:21:57Z" + enc: |- + -----BEGIN PGP MESSAGE----- - hQIMAxK/JaB2/SdtARAAoDySYGJ2Xf27El8y/UTYOUaM51stw95ZfnU7JtKfPNyM - Ct+xymnyxAwR2OJ7oDluxwEItdPufp/Mr96zkw+TfrqI5lowTiH4YGtDsbioiScN - qxiZgHN4qVZcRHwzgmLcDa6GSIg6rEcDcBygakprmoI4Qeqp3Bioii0/OMuLeleN - igauRUzroFLIlS0QCgI5PaUSIPtSMxgKiEc5yM91EBh6w93RaoQmG0k9TWpfLmgo - ZVB164SYCCW45vts6T7WQ8cE7Pxkkti+rrOrjaDfB4ape1u4gS6xKc4dFJ+nWcE8 - 5l6MXoDLRd69VWRN6P+G5YGQzB5QRicNnuwk6H2q7CwIqZyi7ZqaCIZfcpvuUzCJ - OGJQInCFFVSdLj/3WFyXk+wemmZPna5xFxFb6WVwfSU1ikM/umrZ5yBly+mvDGzs - l+8YGcsZ9D//qjVIsWbiRwhGgeA3eU6f7SwdZdX/zOFy8bP85xwDcbwdOSkhifAA - l3Ud3rswmAnzSYAw5wK9tcSxS+G4JeCPU1iKABifugLohgME09Z31ljvyqWPBRe/ - Rct5zvcQV2yjMbToudXafvRUb9nU+uJuWUEUe8xFSrAC1ijA3mBYfIrGNvD2eVCY - MTYK1ugKA9X7Sgls3vQ0A7fLHeR6C3+zhl7SzGHUZC3bh5+oXTq6cuXD8DjCwV/U - ZgEJAhAkZc7MICSMkACItUHxyyEMbBYNpIJ6P7GQA6ErhLcV1VpKWo6abJVVES36 - j97RpaD1tL3OyGPfiivMkk650MkPrgpMKR0hasl770B8jkjVPyDV9mSn+sc7N+tK - D7IbDW18mA== - =EhAw - -----END PGP MESSAGE----- - fp: EF643F59E008414882232C78FFA8331EEB7D6B70 - - created_at: "2024-05-26T00:28:49Z" - enc: |- - -----BEGIN PGP MESSAGE----- + hQIMAz5uSgHG2iMJAQ/7BFboCbCEG1DY5Twf+1cRSAmXs8CSrnoJcmyxrF9daqTB + GAqItZcym6I7YbtYMb33jTZDAMFcexvJ+V7+WVBK/v/TISzinJ3m5BafE0DrgsB5 + HQT8tsFzxIdu/KsUp0C5VQg6gsb2u2T7aFG0wTS4vas2FjcsoJRKNWTv7a1sNWYZ + dFRxeyklWEX14kCHeKIxO7+Qe3NVV+6MuwYR8X3YJaAyLtVMIdBp/poE+7Gcsa58 + rOewheWW/FROTxLZIk3sren6z7M0ZrOz5res2evRDMI9noN3pYMnkNCL/XIvRf9U + GqFSruzDoC0a2JcEvSmthSmEHA6wXeOY/EuzXKLoW4luZDsSXshFgBxK0qqGvzbd + jIXXYvBWPCMYWRMSqQenLkjfhOQXuSXcywGfKpuQblUL8RiflIqia2o68Vbd9Hq4 + x9Od+qkauMHZUzsKQoym9pkbrEWpjckg6FevZ1W4o5Qhe9i+JMmE2KIvoYH8tK9F + 5KQ87jktx4i9df9TJy3n/xbbrWXpo76y5Aoa2LaiD9Nc6lo7sFs3Pegq4wKmYSIh + 6uaZxa5sto/5kywHrJQGqEyh/fDdNmsh5FlDW7gfFEm9Ti2KSE3m9IvIwppFD4j0 + xFkHiwHvNn/WMLciVh9qG8auGyxjoXnRRx61QHF31RIYprxWgDoyH/rVz95IuxzS + XgEIJk7MnHv9tYCy/lOjbgqLAUGO0+xuO+IfmsvtiD4nfrnaEJAh0+SW3wuCKzaF + tx1ZHCYH9j3s50Q624pUgtzDad5QV5IIEgCRyr0NvEvrXvG6U0aXkOEbOcFSZsk= + =v3FY + -----END PGP MESSAGE----- + fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5 + - created_at: "2026-02-17T22:21:57Z" + enc: |- + -----BEGIN PGP MESSAGE----- - hQIMA6EyPtWBEI+2ARAArCPbAnHJrNpP4B755wKuDEzwVMsqCR+gumSX/XcuQJMI - O3/34FJOI+++S/+z94y4O+A7XPsG4xr+UpDIGdGFAsOQBrbxyqD7c0BIToJgq6iG - 22j7y6N6OZFo0g8hGkUVSMeAZXCkg/t70e2POeHeEwnlsNX3cRuFWC54KxfVwr4w - UjlQmjV26+r1uZd3DKj/+eMi5E63XTsgUhAlJqixpHt3PEKZ5UNtnCAbYXqF2FOF - qqNyB5X1M2ncee+RGzLqnXaQTSEdKmlEwteVlXWtsqBs4gICOz+6ehfA+gk6r+si - Hv5dW5W7OjHsZfRfLxaF05vBUqQ+M5FdYl0hBFZzco3zuNQ+c9om+c/3Fd+B0tZC - 0pUs4JiNa/chjuSCiJ0ZJE8kh7xCmmjIrFqsvWi4ZiTk2GWPEeuPq91TC/azfQea - ZV/Ozh09wAMGnGYUY0OqH7BIGsV6mEFKy/oEpwvoPuI1sNLiMig3ZAMHcIdqYzta - S16/JVmVirTnOTCL7p0CZLtiQuQH158gn9F2T7WCfX/XA8ifVSAyjWnYL3+rJUr1 - zuhndbJTXD+5K9RKVM+FXC+G5VRzmWKNN9riijtLFhPKuOqDwPDst81XGsO23gGn - QIFGGEfQ8vuC9lmF8jDPHZfgUWy3kMVaLW+ti7y5IWhWEJASYVXF2JknKeOw2zjS - XAE4hG6ck97ZiT9V5bKC/fk/Ep/GWPnQTMdISinbak9hZigPPQ3KCyf4WZoJ1+sE - r+rk9v7NO1N5rnVQokL+kO/sBCV/t9XrHuFDx16cZrSHpHubQUi9daxc6EQ1 - =7d/s - -----END PGP MESSAGE----- - fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC - - created_at: "2024-05-26T00:28:49Z" - enc: |- - -----BEGIN PGP MESSAGE----- + hQIMAw5vwmoEJHQ1AQ/9H+Kn4rF7yUsIdTp5rYhG6EkYkJ/jCeUBJvaOuA95b8HM + 6csTXj+ttVcFvbU1hQVbOsd7J8Wpmuj/TqMrpFvu/0EYUW5n04y1YI8kpNXDMrFF + X/0gk+I+w2eF2X3gJQasVY39DNx56KSRJ0BwGYw287rdeKh8cbiFw64r0rs6zX5j + 2nqrWgSqxXtWcjhC7Y4Rq8ysWv7dEF2E9Tt2cHYVjn5cs9Vb52PWUA0TxzBzUUqa + M1YWat3fwLah6qEs6/9c89LB66SbgH088lEzQHtRIXdOZ9tPOu7/E3iNqYExuIKB + eMV0bdW0/tZlnWxAwXrL4rptxjGDqB+Ynv36IeLKZ86ljqSPqaQA7ihCVXnMo2TW + IfdlbOtAJiE3IliQf8C1Ajyn32epePBAUyw8o0k2D6UyNyvk8fe0z9++H6Uz+Z7G + oLRrxzOHjh6oWK9WBwJQhZ9dnb1n1UYZfvCDwFZBTmUkhIs6UQllIiF5ZjMy4/cc + E3FEouu/6VPPjq9d8pGEFcjOvXkLtUErhXP+A8Xvl/fHmtfM0/o1e6gPnMmxGn4k + 0yXvU+pNO/ID6fc6qMs0nBZRAKGraaeH+wTjpm1exUhhNB2yJviySnElJFyq9vtr + AfacrbuW//JQ+19rSKViV9xStRG//xfW7EpknOh3juB7WfnyOXqdfZqT2zQwrvjS + XgEoHXmbR7aiDvBCc4CGTmBhWD4An+p3m3m7iSOp27kBqJ3+YSKdVA7mdIo0tpTn + 9p5Pgz6GHBA5eMwZCb/z3Y7+20PuuEb4/tEBAniw9/Rp0sDJ+9C+V1SdHtbYq8k= + =kkQW + -----END PGP MESSAGE----- + fp: 87AB00D45D37C9E9167B5A5A333448678B60E505 + - created_at: "2026-02-17T22:21:57Z" + enc: |- + -----BEGIN PGP MESSAGE----- - hQIMAz5uSgHG2iMJAQ//QF80EGvpode+J0kDjrrFKdSXREPhfCtFU+EpmE+f+aGO - mMPZ0SEuBX4g+5K8u0IdeWR2weqYqY0O9Ar2m18YlpniSWFBZqzmW+/yk7vmDzqr - l9pV/SdRomGrKyXk9JehkLm5vwUrj/xlPAU0DQEKIPLZ/MMRh7bIfL5Fdujc9cLD - nybCqSXccYy59SDqVku5Q6A9FTTzLL8uFf5D3mthp/FgWpxIEQIau8G16PZm0aSJ - cBu2eZ3XDjmgIQLG+TMrW77lp/2AhFe23RtK4y5aZjzGhzO+Ax3Cn7pZI9zTGW6X - iF/ePoR+AQeXMWfwIujGR5Zy4NvdNKSfniFrjgXpsWSMjCp8pKTOlhkknL3gE+HU - etQDmPPCYvaVUwITpmrEAswTNPw0xekXGUe1HgETfhWAGw8zAEYRlOqw3Jt9mMX2 - QczfXc2sA5Z4TcylESIUcpTAFQVMVMB9bZM762tZu3bM9qg6qybNVJBk9UPpi0RW - ZFbXA6lkOnJLG5/m/Ie4UDoxXxtOOqkFzjV57GEBy/HtYuC15LeyOuAgDp0Ta57L - 0f/ufET/T3z5qBE8GN2zSTO7gGnFAEQ+028ZB0vGVR9C0JdCwVBMlGglC6NiaKqP - xPDLPdBqrCczUQyIJ4f7JJaFCfndLszuchb7IzCy95I7nMmATREpP06uRbnuRU3S - XAHno1TtKtfy/+T536cmGhke9gNLZXBjSg+W9ndHPo7r115Ytap5nlQqhM84qOyE - bhKZlipM9hkhfeT/6X2NzYL48/hsxJ7nh2sbmJQ0d/2DtmXT2gRGkbYq/f9+ - =tuO+ - -----END PGP MESSAGE----- - fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5 - - created_at: "2024-05-26T00:28:49Z" - enc: |- - -----BEGIN PGP MESSAGE----- + hF4DerEtaFuTeewSAQdAdgME/v0CVfcRZ1zr9SRZksN7vDHDk63g+5k5a/FOvmow + 0l/6kH1l7p4aOKaAGFbMHzDzljuACB1a4IOJypRA2DokYWRUgqBKwvcHplgXr4l0 + 0l4B2vxPl9W1kcbAg4m+V4PlvXTBGhPUglljtjWy80TisUL1zCXpl3PEvmrypZs7 + NM47K09RsDiicwTKjxd0Oii2Evz8riLFIth8IWOKXPHoKhiYwN891g1qLSvsrDzE + =6B/b + -----END PGP MESSAGE----- + fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912 + - created_at: "2026-02-17T22:21:57Z" + enc: |- + -----BEGIN PGP MESSAGE----- - hQIMAw5vwmoEJHQ1AQ/+IK+UPsLOltPFjdvN21ICHY4De1c6qqMrrDAskqeDWZet - 9eoal403d0fY6E03o1Acq3XlTzR4srWLp9qo+soAhruZ3+W5M/6zBaq/f2XF4fu2 - U+bjVplM5U/pHTtGb05nHJ+UN7dgq2OJkURAe7aLSwLLScxTH9cggHAo6wpsaUTQ - Uujbo508P5/Vt0efbnyNbk54M/UMH0s93YmWSuxu4XvyUPaVFcjXkh61Tfc8vY+v - l5P1qDEjQrRjSE11/xzqAmZ5x58cMK1Q9yB+cy5Lw6K+rFT+5r1jdJem5NBsIRFP - eJjmTj/rzehujAciA1EOCF16ZsVIG6HFb3SLcNoRRL3DDgQIHgjHT38qbKrobjGr - Ww2Trekg17t2C48+qa/fGZO8dSz+/97gfAMMA2DdWHPlZxVCraucZMG0p9CkNxcO - kEtpD5hYJE456MqJQJoF2x2m+/SylJntfeKstKDhD5MZevTkNhD3MRE/8XPW/abE - byO8hxz7g76l2OKSjJdOUkYTDsjr23qKAuYq3/tENOMC+Z0eTKjQbzyLdSitQkM4 - eOxRMm1qJZM7Y27kYLZcLadkewuBgmXqpDePcH6lHuLZp6S9o9LmrzvAsG79RjGs - wWiITzj4oG7ROT1Np9h9iCrfKiQ3fM/5/4zJvFvGm62DaeqNSwVT9NSLodrpj/XS - XAF3ozQWD5ib0d/yUKcwZZcbbJyn7HyaCn/95zxOMu+C4K0qhJLZeMyOYQOj2pfb - T7EnwyXB5vdL3JJlhVmnFCTMFv/RjhNOJX4qbDnV1sqTj5fFMgcbA067BLEQ - =TU7Q - -----END PGP MESSAGE----- - fp: 87AB00D45D37C9E9167B5A5A333448678B60E505 - - created_at: "2024-05-26T00:28:49Z" - enc: |- - -----BEGIN PGP MESSAGE----- + hQIMAxjNhCKPP69fARAAjz8RObyKYVAmNwiBsNVNGt0qSIexSYpsMR5SyuBMKShJ + NSD4yA6B7Tj+h/ik4VyggOT+9Qfr7zFvFyEHYFXI7k/r+Noyw4uscqr9gNnz0t9N + rx4/ZNowsW/3dL+Gab3hjDKObHF41Y1lzojNwcieU8qZmssHZMjIIzyAUePL210f + 2i87hix9PkK6kKuisORDShnFifEOEPOcijXFL4kH9DilVoZ0Ut5fJoiA+QkQQpaa + uHd+Q7F6u9jZrzRLN1SJkb76ElxQAvJYcgTN2s3+c4002DkKVdwCW0qyPlF9wOxT + xTngl46NyZ1MH3ByW2xeOgaDYUcBt8qUF4gTMmIaDTIZ+K5XWGu3hmCzNZHD5Nxi + bhVKJ8jGENUhM/IfT8CjppRIg5wwU0K/EQE/QQHhIykpz9NaIjikDCxcraBa9DkA + rgjp74W9vgR3pBwXJIAsylOZZHy+35rca/JvWWxm2tdeao2WxTA9jdsNdsUOhNyz + 3xQGGM63ZSUcV0ZgCyhEYeKBzCyRWpFX+GQHboZDp7IaYK68qYZgxnQtoSwl3lJR + Qc1IaADnncIDyGEIDTciLbjbDx7TId4wrpRWUPxVY2FVY+hV+oRNaoYMuT2jiDVw + PimQ5iVUhl/ThHWPLqok6d3ypROZtVS6EUFzd4ASUrYRYB5Twvoujr7Yg7jSZV/S + XgFcxQ31/i/Vi9owjwX7u0/eclU/3XE2/MqUCcoMntnq2dCN/IpF3rROit5Tzs+W + BT7i57cpGh9ZXf1dbNSyRwydp/C8tjnwDqf3RJ5hj4fmlK6zLJqtPFPdusOO4SU= + =z1tc + -----END PGP MESSAGE----- + fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55 + - created_at: "2026-02-17T22:21:57Z" + enc: |- + -----BEGIN PGP MESSAGE----- - hQIMA4HMJd/cQYrVAQ/8C0go1iw89B1ibjbrJTxnmYD6iep01wAwZjHNm9/cC3BV - yFRj/D7d84gO2YX2hZxnjlnFQYRsNez7HpsjZvUmp6FN9LpJNDp2NvukebtS5v86 - hrcqODTdHNa+/ffHIhUoXVSjw5kwpQNT0JI6PR3EyV7kjCGkFAFMzHbaNRbdup5O - vC5cD6Ty+aihB/E0st7/KUw2PH7bMiJ+lAlx53Z4v7xZYSxS0vFXRDAJRYd6Bt2t - LvHO68aRMF7czDB0JoV8BOSohSvv+ZXBqe2zCZwl8kUZoW3n9eym8iF7yZ+itT2M - OdLTOg6SIhhtxcm7qFRHsOsBMjmT+MuzQVNGKDQ6Gga6NiiboyuURso64L7F0SbA - 3MnHeYoTm39hUs50xqWXdFfi8G3d/SfYcxYghJJx+SwlTd1ZhdSDxQ1uJtUi7ccK - 8pHwIVCdkOF1hvko3w0/B9kHmnlWKBUF1wN8QHTmlViCOo4vIpepowzN4fLlpTug - VtyW08lbdMWqq17OcTUK3O7Z6hDDUaIKV8vGvjxrJ7wJp3kok5cI7jXOYEPjxfSr - ZjJpcdrAuJTZjSIsFFopGXFbUkI8bqRpo75lDuK2fA6x38WQqedwNo6YTXvtMn0V - bhYLeEt5VeRSohGWNsdGvpjB6BtPhKoD6hK+aQAeOhhxyuF2cH4o0/lFZSkDo0/S - XAFiYzGNuu1nJulLjaAGGeoiom42N+MEmQvlIfG7AR/XgMSXs5d0JH/COJkL3V6W - zyhAGxTzEmDYmddbhelxXn38obOnsAJU92GXwLg+PXT7ZkFHrCfg9jEvgwmT - =98Lv - -----END PGP MESSAGE----- - fp: 91213ABAA73B0B73D3C02B5B4E5F372D17BBE67C - - created_at: "2024-05-26T00:28:49Z" - enc: |- - -----BEGIN PGP MESSAGE----- + hQIMA1Hthzn+T1OoAQ/+K1+QTZ8N3Ha0nErrRWClBu5Cxec5/eb2Q/n4dfNGkrxx + xBk0thoGAyoYpifSqhXbVi/MA8+tzHdtPlKJFCn5NETrnEdu84+sJQE4zfDljLiX + fXZZ/+YQ0P3VosR2NI3W1r/hJWs4oJ9oPz4FfMlfPK+/UOOdQEtGkx9rjYaus9Ax + VI6s5qvYM6XD5rkLxTqZZhEa+CjLtSjD5WqNbCT/8fX5ErnU06jW6jXvRNQSq1Mt + hpqMIBygUE39K2apEuphE9RRD3bS1M2VjCB882yVSM2QZyepilRBjS5ryyQhKK/9 + Q0mdIw9mxhdgaCzoglN2k1c6WjddZ409osdnYcMtsH4+NlHDtNfSFLIk6JrxAXIQ + bNR8gtr4D85LoQki/RvEweUd4M40DneIO1dTK4/WG71Lcle3B6p0ynDMjmXq1coY + Qn0c4KAh1RIX/eEJGS23Wle/XZbp89yaFFEF667+HmwL0CY6I5pcVEn/iuXLoNHI + 93y/9h7mhB8ZGICPbF7nXBfQQTrxjfc9vZq0PVdjlXPIMRjZcbZOzlKByYLsQIW0 + UtzLScfFyKsogcUGJIlGrcQyAmLb3dr7i1elVWlanggCXdKnecBRbSkEfK7SmwiN + t8hRaaM06P3kRbTHWxt+4sjTQWofo+C76qsMZYHFpI0TTOP/jwnn/h3E9dQxdaHS + XgHzVEsJkQiQ51w7pPP1LcKkCxQv1KA9QC+LAFGhmWXnQ1m8E3whao2S07UjlTVw + XMAtuOVT2r09dYGgpcEaMiK2Hb9UNg/ma9o29fSm+2rLuxw3qSldgNNx/s8hyzc= + =0kev + -----END PGP MESSAGE----- + fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD + - created_at: "2026-02-17T22:21:57Z" + enc: |- + -----BEGIN PGP MESSAGE----- - hQIMAxjNhCKPP69fAQ/+M0Y24jgYhl4VEAT8ymoiCiNIsqGuk4yIXO6LrTIsNGlc - 6YwkJu9Gj52AH8XKdvLuBGtWstjVoVrBOFyTtS2vzW01Eh+sFKfm3tF8CywjSMZ+ - Xg/v+rtbj7s0EZ2JeE0DOk2X1zg26HsNd4X0HkIqTAm89gNVSTMWGGhDbTBSxtFx - ain5e14rUMM5qeIZg4IEMlY0mEbpGC7AqV1LKclN8pp2e0/6AS4fxamoMtPOhwld - /feF4/9AwZ04HIwF0ucbrDDkoZrW7YaYZPapxBTCMU0alkX4c+WTBMKTWICC1DkZ - lVF1zmLm2rhxebM0AaIw+eT2MymaecTcVrEHdhbtCGbfIL0sram2Qw0ZfeYDxIas - 5W2z0a+qSQtlaCZfq/kc3UBQpRgv0Vrc0CBoZJhFmhfsH0F7uPE5rThqeT1w6TMd - bc6Y09Yorfyio+ZhbB8BJ5fzlolEo8opSZLm1K3YAik5Tw7toIvZqeXZoS6DfZhk - o7K/uUJTDKHuscxRLAfFKqBoZOBuf7d+ski5arMcjMqOYvmGKCn2pzs0TuO0ZaDG - gKbvSz2a6KyUSU822W0l2HSfM36HxxH7bDdJ12iqbBtWPcob+KcKrLowpbzzHpMT - o23ct/g5qpKpEvH+AkXQ9nOO9VKXx7voQyFM0gS0LXZGJcXeeeVbttcD28Td7WvS - XAFWumenh3Yc2VUSF4PUICL4g7o/4sLPjHhctlNHQ4+iaF6beZljWD/lwFkKxbqt - oHFjNx+ajtTxQpzpBQgqO6twKwLjND4lQ1yRlXp3mGm3U0BI7QUCRp+D+RcK - =N//k - -----END PGP MESSAGE----- - fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55 - - created_at: "2024-05-26T00:28:49Z" - enc: |- - -----BEGIN PGP MESSAGE----- + hQIMA46L6MuPqfJqAQ//ZYw2qRn+YhiEoBpbUsW95NJpZJFizwssh1dC/Lda5qFs + 55G1Jls9FHHQ+LmRnE6wyx26bbpQ257FNzCsxsfwAuiznx31j1yHc6LZbuJ3+DsJ + slRaad13RdLyGgo2psaXbBMEgr22FAFDm+S98aYnyv8yvtOZvutEljGm9yhHLGKy + XnFf8LwvvqdT4RolfxiPncGsd9hbFYZh7/zcJTSzfYSnHI30Ly5Na74vSaamuIwR + oPnSxlf8jIX5RUzssjyOHGLQLd327fKuveVxX9CUK/PGWLgQYuTL5PWZwQGhzgSY + E+2EerpGLVJzSQB0TUU5xGwOQkDlPveSSUg0IoDlivMnrphWUFd+bcIMbipVXolf + qpiJeO1t0YW1WAQBzkQ3J+uXgX0dJqWfzfMsbn3j4/WZq5ZlEX6x+ovHv6Z7ZXTz + 6lcF6Gn0dH/omhkqduK3bLwBWAkmh7gWNssEXdPQWGWA8j3WM+IPZKIegpecflKN + pv7jOyD95othMUul/iiH/E3aSbCggN5maoZHG2Cp1TGXkGOLFCNs143LGTVligOU + yD8n0uAQ8e50J7YwytSi2g0pzFkZyriLmrZqKFt9UUOfANivrO9p8J0Bo9wEHjY0 + OdKKu8ASgjYk0t4VHGeZF3GPSaGE/k7LaUb9+5t02sxypxeVqQXpvjU/D8c/0wPS + XgGQs2bjszJIyRwcTmUHD8YAvuxf0MkyKCKpJSsnbJ4XmgkI+gGQpg0GLQROXjZ4 + 8GqLzKb+3d3QDUPQmh+z5Ur1nFcVS214wycICWSTsIUyam59+4rVxV1i33DcAs4= + =BJfi + -----END PGP MESSAGE----- + fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A + - created_at: "2026-02-17T22:21:57Z" + enc: |- + -----BEGIN PGP MESSAGE----- - hQIMA1Hthzn+T1OoARAAtsPz8vCvZ84eAoI3bZwP69V1coDW0SgSVqAi0XDfsRbo - LJIU//nkp4pKjUMoBgc++TdLa94/mqeFVhXozAW2T7nFhYOOK2HoVl+JqvgvTGVy - ZhGEWTud++inzjSAKAEll6x89dYE07DLtbLNaLs8w3X/cSDF9fZekmTvyaks9AwQ - oI+RXPK1ao3Nvgw0pkvRzFze7HJansA25+Ojcr3wnhP3qtKqfHjbXRs5Qu46fB3b - mz3SPNcN/JihodKBhZ0suCk+HZx69EXbBV8i9EDBOX+2Azxn3aCGh0jlDAyCMMNp - CWiDuYduzYFV0mF5vAGQC8ifrQZDOjvJR1qqJ2115c2bB9cP0asTS7ZoJEEqfkz1 - mGLHsOhhuP/DkHhX2B61nDl0LQ+eoc1ZdZEcDV0hrKptiFlxmPySlOXD1LpOU+uk - JFBot/Sc9GEZzaInyNSmSvd2Y6SiNOl9t7QAwIPwmGYGY3iNDPD6RRl/CQb7raLG - rfNH04BYltboG7HQeEqiEEijn7xctTSNp1O3EKrcdEpg/sAlQzarCOmEUvLXWeBj - YhPRH6Z3+PMyn7m2Jb8VFO3hAX4zfb7eJcXhsKHBhfYIXViyuuzJNBoXYnorqSRK - n5OobCGQAhxeLHOrG2J059HbfUgGtfD/4MJNiGxuCGmXJc5oSJVRhy3d11ttGIzS - XAGuD/Vw5GUqWVZKNp/k2Kfuxauqu6jDPI534dLf35qaROkvbWz2bbfwPx4hxtkE - dZCVWILFq/BbXXiCVEMeJf6FrXcB2rJETBgknQWtxRP18Q7Rb4a2jybv5TDk - =ATJq - -----END PGP MESSAGE----- - fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD - - created_at: "2024-05-26T00:28:49Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA46L6MuPqfJqAQ//WVgNIjTv+F0kaoyM5stNqV7lDHPNF3jKVLOZBV1d8wbL - NhHnNRiadls8SwazCHgds/ahoaUTv+4IF9hvmyLvksN6iEN5/YnyHa1nFDBC8kow - pzA97WD6/bo5SjCk5oqLHjbR7ApKAYHOnI/XDum3QyWUV3KzO5wQQBAVki736l6q - ccUVeYLgjcnlTSlz42TcNnPw5DbudAizU4DRu4KyqQX1hBJEYA9lLDvFxvjrSidb - TzGWzyY0ERkrgrW73K9il9xqGsnyDZLvHPZ3f+nwEuNjM+ITxliZrsfxmqbWZ29f - sid5Z8Z9lZ88jIC2VR4+XW1q3LAe4WPhp3MjvhELfKLUWTRp3zRN6kabxuBtJcuC - 0s212dm2ctKbkTaDbn7Q0NyJ2CLX+5IMjWs/i1NoLAyjre6hFmie2Ldx0RGwxrJp - wCA7EiZ02UJcLQw4QT3o/2Pxg8Spi+eGmqxSmMV/PDJ1gSdUv85gPobdDcotky6n - ng3I3G1o2XRUKnfDwv//4mFbDHXsCPXs7fMLwsSYZi5Cp49NhfbCbQHeusCdchLY - dA0Eik9ckUDH6ihyEN8DyVcZyspxoIFONFqly21rNECcKy1i2HxTsq5SbkZmmUS5 - XiNQTGoLsx0CKI78oAXNfgY3wdpi02Xykkctjga4U2L/u8Wg7dVRgUFmq64rJfDS - XAGHB1X4194RVvPcpYP6tScEDnmQCs55wsiEuWPUyvclwb/aO8y5K1o6Uz5IW7/o - 8lfAj6gHs775Z5xZE3FD8O1NkXVOyLmzkH2bJbkZAQ+JVfQS2UKshMtnQgz7 - =dG/+ - -----END PGP MESSAGE----- - fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A - - created_at: "2024-05-26T00:28:49Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA4EEKdYEzV0pAQ/9He59UueuO4GXg4uBxLASQiaGKS/F1pPfTU9W4E1f+C4k - Dw8hwiLIZWRDsj0huYd+klyg2VJnjmPf0tB8qj5nrHo0bTKH0oJpiDpX8Bi/8j7d - WBNyS8LmUrSub3TdM3Ob1muUt/nHvgGQmWKt3dH+Jkc/um0B/+Og3Yka/JcKRF0Q - IAYkzVFlPdh95IhPEJ0Lo7zyN1FU0UwlyMasjB8Xae7VoyDhtgwur60gTktNIuyU - tAvLPKSSyu//Uz9olGW8RKw5//5A/EYNlP8WrVV0crDNBGegTlX68EsZlZQp1uXc - GK0ZB0OtphMUJiF9dUXNfzbGz02l3voLs5DUIpE+EAyEDu7hZEDgU8e9oTJRv05f - TumOjDlgSrhALyewO1ig92fU407JxxwW9aNl8gFv2Ph9lEbSaQWpo/VAHA178x/p - j5caXUUh5qUFGYhtOoHB9KtxL9X+F7Z5FjHmHxFQBtLrxP/olmQ/5jjbiz5sgf8A - iW7bRu2tBmiT5TrMcDxFSf3d+v5o0kOngwPl+8e9NC681uXuddI9g4s76f7KrpuE - bb483XW0CZUdpt8eFXAvk6CJ97gi9H9iZBrqhMKjGnWbE6e0683PE8WNTwCafoYz - mCelVHHjX1Qsk8Zg/vI0EBEHkeigCiev9O85dUVbCxHVniBkvIF4ZNo9n7NRnAbS - XAHQ23ARYRtF676DYWSH50sHJ5v98BTKn+Ca1QWMRCb2kyqUSfn+XzgyP9Sv2nqx - dT8DO2oTOraOaFS2+j9N3wRjbocVRuTV2EPwdgPVPg9IakNaO3qBUwEnNM+b - =EzwG - -----END PGP MESSAGE----- - fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA - - created_at: "2024-05-26T00:28:49Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DQrf1tCqiJxoSAQdAy+TLSybMtug+TfJVBd4WJP4q5V6Qf0yPtgj4YUF4YCsw - rUctAxIueheQq5uqoPm3bTeLUYeticEVf090hr0613uh+l5DZcD/vqoHUK5dx7Zs - 0lwBTi6sRElMIJiXplIvCMyYAOne/QZG3WaLx+LqqaNlNKPz8OVPhbokC++VNpwz - l5GE8Cv1ZoEDxbjLWurS772NiIumo+lAnjQMAxhHo4lVPXTxZZCqx3/98agyKQ== - =oiZp - -----END PGP MESSAGE----- - fp: B71138A6A8964A3C3B8899857B4F70C356765BAB - - created_at: "2024-05-26T00:28:49Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAzdAjw8ldn6CARAAvnyyMeBLfWLFU6dBK2lNAzJy/gHb674YQbCe4W/w9Cjl - 2pbiw1Hhpe0P7d7MGy2mB3Hi7cLygklFZADkHnrOoRIaJ8KqJELsNSHjapIE4+jW - 8NWIcRSyZzOQFeKGFPNCJgyYd68clNmiLNlIAI/Xuxf4xSb3BLkBDRx1cIoug5gZ - pn7RrWYDPgrUyn9YfAJDr5OJsBcJD70sdi1TmCK6X6UCGZpNUI22yqS40LX6aCvj - WzZ6gd+nyjLlHXBBSG8R2lywPdoEVo4Y0pWvd5oK85Xl80gtlXSpFBfEg+EWbLCa - EkiAXthSAWwgBfjV0UCM+Qd5aiwNb8Q9j90AqPhIAawnsGWRrSL40finvJOdf4lW - f8R8Xk38RovBlHii1u0iw9O3Efur0UJ+aEntIEjaoND6K+32oJI56CWev0ARgR9N - ECROL+57Z1121S4QfDGp3LuClgAJDPB/LTL9ly39jOVaPZ7Ym+8qe45C0nkO3SDI - nyIkv+GA/gz9EuClfShc4N3T+XPjSe+wz7gt9hACpSai+Muea+2ruUpa9Kn8hasi - 1zq7qR+3+ueJc5+8P6xIyCKxBTneBM2VNlh2e0GZlCxqCrx5Vt0spr4fijM/JvEo - +/2oIRv75NtF9zAwk7foSbyw8WQCReW61hLr9rVnYMoCkhYhlEIEGBZiq/94SHzS - XAEUZMZIyLdgzXVIoP8GVEqCErVYT5qCpo8Ett/v8efm27ucV797SrRibqiFEwIo - SsEKMoULNyHXQfnuKviNnuG1ril/azjsAtiucJvTdol7pY2nRWeYXIVecX0G - =Dlro - -----END PGP MESSAGE----- - fp: 3D70F61E07F64EC4E4EF417BEFCD9D20F58784EF - unencrypted_suffix: _unencrypted - version: 3.8.1 + hF4DQrf1tCqiJxoSAQdA7rerN+IVKpzyAdXVuAN19+CIjQ6DnHatGr92/YhAEiQw + J913tdR+Yb/FdPWQrn0NR2eTUuKm/Es0NRvJY/YEnhQble+3qYvxFP6dI+vm1cmz + 0l4BNxMhGqyOmsDFf58yrJmrHdnapBOmiqCkJBTc9gAQH534di0Ps+grV04jzkXW + DUO/sIPANPpvqqCJNt1uekKNH2J57OMaagnBTivMBTq0HAuRN1RhcrjGof9ttCj1 + =desh + -----END PGP MESSAGE----- + fp: B71138A6A8964A3C3B8899857B4F70C356765BAB + unencrypted_suffix: _unencrypted + version: 3.8.1 diff --git a/config/hosts/git/secrets.yaml b/config/hosts/git/secrets.yaml index 85e2ccd..12b484b 100644 --- a/config/hosts/git/secrets.yaml +++ b/config/hosts/git/secrets.yaml @@ -1,233 +1,148 @@ forgejo_git_smtp_password: ENC[AES256_GCM,data:ZRj5GpQKRlTxdu5CfbJirRGAKPCLAIG1F0V5USz5m5D49V3lu5uLomxHapmEwb0yYoE7e7ZLYK4VQUoQgpUnSw==,iv:K7+9E2gi8cdYu0lX/HgWitLxnxARywIwh5glEL0uOsM=,tag:s9UC8e+E5E3vM6cTKW7Vqw==,type:str] sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age18zaq9xg9nhqyl8g7mvrqhsx4qstay5l9cekq2g80vx4920pswdfqpeafd7 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2ZFhrMlF1YnV6bHlJZFp1 - SExjNXk0aTE3U2pBd0lHODlkZW9La1M2cHhjCjd1VTdKWkE2ZWxoMWFjREsvLzdS - K3lSSkRMZ3lLZ0tSaDZMRkt4MXBMeXcKLS0tIDFlVjNXcktpbHdJc2hraGNrNGJh - UHlJWFN4NW1tNWFCU2EyNjkveXZML3cKrKk1w3IBAgdmicuFyGOaU26fwpULAcy9 - eZPlcbRPUPHoRhy9GhNTAcXXDQzimKL39XZGAd0U29Kt9AvWAf8Qpg== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-05-25T14:17:29Z" - mac: ENC[AES256_GCM,data:JeqYsVtogbB4oMWNEpLsF6zxsgUoAt7UzRUL2JzxDUtXDUndW/AxJxVxQaipYvblA3q2MzRyQN+j9khavlL02DR/ANtZFLQmH3OREV7M9eHmeeCa4Lm5D7gFYmqWkULJ7yEJsKz5AaiJTWlWgCcBITB901H3Z12dsz2a1+4WrUc=,iv:5Xm5Rjw8PS7hkTcRD1kj5XS5uiOgsPwXYeaMqUReB7E=,tag:2Y5R1/Why1TQd+ZYTF0qDA==,type:str] - pgp: - - created_at: "2024-05-25T14:42:41Z" - enc: |- - -----BEGIN PGP MESSAGE----- + age: + - recipient: age19h7xtfmt3py3ydgl8d8fgh8uakxqxjr74flrxev3pgmvvx94kvtq5d932d + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBpeGkrV2d0clRqTnNVa25P + VUJTQ1I0YUtSYmRwVWIzaEUycjFkbUQ4NXpZCmNnbTVTdGp3R1VET0k1Z05ySHg3 + M2NWaVNiMnB5RllFb1FzOVRRNkk1c0EKLS0tIHBQL01BMjZNMkFBZU43SE5Yc2RV + SEtGVldxa0l5c2t0d0Z1ME5SNlFPYlEK75G9DZxOUGIAEVtUo6BDFZ3NGB6/cfm7 + 0leD7YW7g4mJ+raI/9wVb41BmGdFrYzr0xSjj/1vjJ2aTJEB7pBiTA== + -----END AGE ENCRYPTED FILE----- + - recipient: age18zaq9xg9nhqyl8g7mvrqhsx4qstay5l9cekq2g80vx4920pswdfqpeafd7 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTR21UUEdiZHVKOVBXZlVn + bW8xMGlSbElYQmxQN2IrTzlIeU11WSthSlRVCitIU3ozV0ZDUnhTTk9TRjR3V2Jh + ZDVvcjMzMjhkUmlKSjI5Z09nV3VzSTAKLS0tIDZNQldPcFFWeTJZVWhUMDNKWTVp + VmJxSU1Wa3orQ2tTNEFWdUdKM0RhQmsKfQm3qBSSY/7Pt98HNgXp+THAkOSRRrDF + 8QE6EboB4EJql1hcu2ZHgCGqLNpW/YO5lD3IHt0ujNI0Pd4uYIL1tw== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-05-25T14:17:29Z" + mac: ENC[AES256_GCM,data:JeqYsVtogbB4oMWNEpLsF6zxsgUoAt7UzRUL2JzxDUtXDUndW/AxJxVxQaipYvblA3q2MzRyQN+j9khavlL02DR/ANtZFLQmH3OREV7M9eHmeeCa4Lm5D7gFYmqWkULJ7yEJsKz5AaiJTWlWgCcBITB901H3Z12dsz2a1+4WrUc=,iv:5Xm5Rjw8PS7hkTcRD1kj5XS5uiOgsPwXYeaMqUReB7E=,tag:2Y5R1/Why1TQd+ZYTF0qDA==,type:str] + pgp: + - created_at: "2026-02-17T22:21:58Z" + enc: |- + -----BEGIN PGP MESSAGE----- - hQIMAxK/JaB2/SdtAQ/+Pw0v8i3ZGw4QNjAu9NX6ZJ5hvBHJgtcOWch3ZHlIAuxs - rNoPYhuKaYZL6QJcPTjP8AHVkFIEp+mVbXnsS3PCNUxPnwBS3DfAk+b9OmIJ5U8i - H0VYv4FpdAblyq59GPYx5cBaKUxAagATqlYmMh8b530DYBGcoAHPtzhCaZj+aJI9 - ybakmmNfSqtdhJoWwRaRekqhbZ++wmS7axeefawuicXpdlNxhypEMKBUpGA847cH - lI4hw1/+KvyN/BT1q66vQanYpM8NNFLyyamT6HeBxQ1lP6gfb/T0a805qnaCXaZY - z2Ui6XJL/lbUWzG/0xnSJIFiQc7hIqMGIz+EHyYep5NBu/hiIUK1RpIFL4ClEOh3 - kfVlWC16ys3fGHlFOTTBc3yJPGtyPjd5lGGfFmawwnegPH2wdNIt5tjrA7+vwKRE - f+RFNzvfc11o8rhGnbGd4ZGNgexuhxVaRGDSNqO0aixprSurcOa21Z1U76tvnJGq - IoeFtZf5KutqqLIyLoK0JM0YkSb92S/BHkIKpUO9fsKLRdQdnvm++8NRLJ/jXLVz - lZZnLxMC7QvKMyxE7J8GKye7nQa6S6CkEcqUsgXSMaxB3GMe9MiGWS9nqh16tHDX - p9YR9FVj8BUKWsTbIPKkomIaoxhRJvW6cakVcM7RG0rySVjGxrc2oAvYgjpVmmDU - aAEJAhAxPM/qlV+JghqnmnjP9Kn6KTIvGV2NGvX5YbY4k/NgL/sZ7VLsGZldemiu - 1ogKtLzjRnvtruPhXBXPv3Ivw+a4ie7YBPsyyyh4RFfnZq7abAwBVDZDVXPA2GUS - 9JOUdkYe2Q1T - =1km6 - -----END PGP MESSAGE----- - fp: EF643F59E008414882232C78FFA8331EEB7D6B70 - - created_at: "2024-05-25T14:42:41Z" - enc: |- - -----BEGIN PGP MESSAGE----- + hQIMAz5uSgHG2iMJAQ//aGNw4mAzDqvpfu1FOQwoU6q3C7RlL77VIy6xw93BsahP + c8yIEoTOiDa1wtsLKHMaqxNADsxuQBmx4lQYQZ786SUFMVndfJzU6tf59SnOF+5U + /FztmZQsDEzKzKWESIEQMMavEAanr8DEGpACOITZAe61mTJAn8vcc92jMYhmnsHh + zlhS+ryg+j6VRp5i/s1Yocec/iYR9GlUKn3FVHrVDA0TBxOHJ8KjneN7CG0XFuBg + YmRpokZJrLxLntSyMZVSfksuOK8ORlYYpsGvKZNyzA726WjrYg8bJNN10iZHIbwR + PBmDvvP7SWDcJ1/YuzHE2vwJwbRupE3RLQoFRtmANi5QE0mzyMZPz7IF7d/TrXSV + fW3Hb/73SI+QjgdMtHJCtsxBh7rbGTJMP14TJzmETP7eCwLF+92goz/ruhG+HWFf + vc2g/SLAzUjoiX3MjuPjaLZTfgqhC2b/OnZ+MbFMbpgBtXlNhOkDSb75g/gOaB14 + 9CHmQoJt2JeeCCVkH+YQeq6oK9S5lD2WUhigFxdFaHjE6fmKkwxIBMwPwZ7QY7Ep + ljxJuSfMvl3XkZxpxD1+Ep9C1ZIvDXmvdhXx7H/3SaUtefCHO6Ab46ibtKa8wh2w + 4gzPinJJdDYJfzylNDVMZxJ/P9y8XcYSSDGasG7QOGVNm4T2MrLjFaFhrU7lN9TS + XgHr8/8XgnlBIupmjeJTpLpcF0u5zeKIOiKkJBRQR1aUmzmi76lJVStuEJzfymXl + baOviVQywJOe3bVilDmUuVc71FVICnKgwdAvvgG15nOfOUBagLhM0IrgRrGmGSM= + =+Oww + -----END PGP MESSAGE----- + fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5 + - created_at: "2026-02-17T22:21:58Z" + enc: |- + -----BEGIN PGP MESSAGE----- - hQIMA6EyPtWBEI+2ARAAiyKB1LVhFUxkC/bKs7TmtXGbA+2xWwrtt9gUACD+GNlT - P0jQJ4N7x0xpvgo+ELNx4Owq4EXFYH8bI27zUxW9FmJu672uFVIpud4nZX+2AfFs - +Iy7VBp95kfS77Mc9VClJTJEaLMZOvciqlY58p1FB6C4pNwOuEhMvZ7athLVLlEz - hOrKkJAAtnjWXOFLBkq7BKCBVsxSLOUXMBgmK1Fr4dTJPifiXIIbO2BdNXanzMpv - 8ANtENZ4JpqBHDW/DGoACkAh/hqu8p4B4TBC3L7szvFktsxy93w3i59CDXUroKXO - cG//41R5OH/EguctfO84qUWCe+eqA2D2ZuWIqSD6Aa4izQE+aTl+WDx/oxKuQcJB - UgKiLm/HXI7w1Zp7v2oRUt4BFr2EXHicsEkV+ztCGDMMPw0zBA3EE4fMFDmM9BXh - Y6bOT1cV/TQ1IgWvH6gMe4qdJscqYEfNMJNl6kZzylUSLBxK0YAfqxSnvV6lZ2D7 - 82KLl0TRZOiCWO0EMcRuN2L8AasrO4PaBGI/kbU2dCr8q4ku3qTjW7b77d6pVW29 - Gh2eV+goXcdnk9tJt4hPcmz3vYIFJL8Pbmy5mSO0BetFdFVFnIhBuQzrXwe+Iq7z - nQ2L1eeDT0WI4PMEIz+YM0QVCMM52d0fK+JeiVz8H/bO7NcPCYTylcK68BA6QaLS - XgEP7Vp6aB2qQPbLYI1CfNrjiHLyCHXBJwyWGR3sSFB6LmvHsfx3tsHWdKxyrz3E - 9AM9WvP+taIpK0F7OjDBcadaMo3Bzl74WVEtznaEmu9Vex7HxNXIMXXBHMj5RAU= - =CbYz - -----END PGP MESSAGE----- - fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC - - created_at: "2024-05-25T14:42:41Z" - enc: |- - -----BEGIN PGP MESSAGE----- + hQIMAw5vwmoEJHQ1AQ//VsCz5H85LzK29rlmzv1BZaZb6tj86PsO0TydE6+re29Y + i7uu7i54BbjhyC9C2m2J2dzfDsIZyt80n7/1/QooWw4+/h+CD1aFYFb/fiwV6/oq + IAwdnoEio96r6LZcA1t4MSuAcRlrVMrG+OPh0QdCE0uFNiaDcmD6m0XiKL17m6Mk + F9xoYe5e+QMQdq/IcRLVfnlOWMn9qkqixbe4s6YfwttPV9Zx9fDRNz7qf9JiOdbT + sDbnbCDUVyHaRwQ5KMiJOsv0+vVKmDLqlHuFp+21k8/CSAOHzqD+4x9+JMNG5tja + g7Oh2n62UAsCHAr1BPiiWdRpBpIpEbF2/aKjdnlTKaR+niIg4EllkL4XYiFfz3+j + E+IT439U4eqj6AZyblrNgjL2BKUOvR2sQ/PvKA/JHuHCO8C7md0ID1BGlusuN8qX + AZh73AXe5vrrK16k/BX6Pbq0XOAPv8IKa115ZTmfKNH1Iy/LKiwRZT7/QYvYF+Dx + 4RZJkRZgR5gQ4iDytyKUOeMLZyhEQCmHYL4jGvFVa95eNHM87PqI7Eh97tGyO9V6 + FchBk5MTWXnqyXbaC+NEhFduNOh7lNDGNkjjv9PnYdOAgyFY0x4dkKK7bA0Bnzvj + cSiQyCsnF2epK1t5vmbu74vOIfJrXsvp/JwilqEaIiYLywOuVstKFmDyBWnqblnS + XgEhibKGUk2lqS9CmIAzcTsK0GSRkQaI88NljE2zQfORQcEKQ8HziKFf4NrDRYf+ + heln/SYu+bas1gZQBtQRippUbje9xe8uCUez9tgTwbpxYywcq90LvAUZ9F8lVQM= + =cFEl + -----END PGP MESSAGE----- + fp: 87AB00D45D37C9E9167B5A5A333448678B60E505 + - created_at: "2026-02-17T22:21:58Z" + enc: |- + -----BEGIN PGP MESSAGE----- - hQIMAz5uSgHG2iMJAQ//RSjkwW/PxItmHjB0luZ8pP6sMP5iTrgvwie04F3y1gu6 - mIdAvh8QgCn/5Q/IqKZo7zdUzTQhyuq03DNUzuKyB/Sel6klohnW0QXes8Jt3vUe - W9bFFmIaFTk4mDc/tD5Vleph0ruNMXHlQRO4ia5wcYpVw0LtT3pKM5XApNl/9UKT - UFZ9/Fvad2a/p277Ai/N5dPUwM535s8H3Kkz473BvoS4Az7cjVnyxKHhguNQH9pw - n6hgXEjvyzDrzWvJwrX1T84KvCsPh0idAA9W5YfMU/4loL4RJUqvjkUvn2ErsPrl - gNoPTRY+BiivW2HV2uWRkiOyKTwVLdgs/oawZX7LB4aIaI9b5y8rcmHV4fKP8OEh - 3q7LB5HU1peGmd6agwu1/ejbIc3+4WytVfoqHDI7MJ7jPE3iyfAxaZm1x5PFbVhA - 7zmYs6tXs891l3ZJps84I/S1uSHjxJbMuGh954RHMmPHCrnLosS8yeNLEO2AHpQi - m2FFxbXCRFx7Xd8SvW2lAaKfeU+x36yUYCf7APaQeb59QLTnustIle6i4XQl070m - 7GK/Hj2uanq6TEhAKWJlyVAucw4gruCfrjC7extPyY4pC4yXVUpM0jqJO37yCw+F - k64syU8yhR6whTmOPA/c2JsYoGKbV22NYRj6WIK9cIyiL34ellZVO9Ccsz6QGgHS - XgHve1EpLmsR1h1OKCKyUJNnNjvOnehZwyjCFwqT/DrIS1NUgoOaFr7As50YMfhU - ymMhQyDGYjjMHdmGoqmgPMOrJf/MJIECdzx/K/0e+eKM1RsC5XpwZnwKme+cVJc= - =5GW+ - -----END PGP MESSAGE----- - fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5 - - created_at: "2024-05-25T14:42:41Z" - enc: |- - -----BEGIN PGP MESSAGE----- + hF4DerEtaFuTeewSAQdAo/PITsPBAKUdwzsLGOegBkKgjkMyuBM9ghjsu+rSl3Yw + AmuZrtFRAB1ue+eAkEHRUbw4VzxlTVib717P9JEnKED+MXhoQaJiHT9q6qH1SFMk + 0l4B8FmPdQMGgXuLVGmJuGqcSLiLlFnBR+GXSbMT5mv3JxfTJhdslAss3eaWIeg+ + 3hfMVA27mVcxxmenCpi0tSFMXQqh3mSGtb/p93fFz2bi5uFga+CfmyuJTPClJIyb + =tRXn + -----END PGP MESSAGE----- + fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912 + - created_at: "2026-02-17T22:21:58Z" + enc: |- + -----BEGIN PGP MESSAGE----- - hQIMAw5vwmoEJHQ1AQ//djObFBa/PnDRF/Q9ngtQy6VmuyUfErLqj9x1OOojB0g6 - yMCvqH9zrN4JT82rb2xqvjbqEtZGq/35B2GccMXBifJy5JQj3SHOyTEPuoVr+yVK - 4fzZ9k6vEUYl7FicEZABud8uasfoIGC/jn7EpYgP4v49RtXsESF0aTCnrcwqg03E - /cVJW4ovtIQM6UiE/BQPIdbUNPgVrwbDSxilNQrShvJvu3jVfCkdXuyOqlhF/lnH - weR/P1dNRhtNzZKLFYHNJRiJA3RuS+h2BFxG1pKhBfMfI/s46g74GkP/R+SEX3o1 - l83P18t0br2pqqEE/qGHeLQ8PvEsTVHzxAzX8Qgx6qJQQfCDm2jDb6FlsxX6HT0y - TC3leI5q0u1A7Oj6nEl7p70/NjW2+W+cXWw4hmwMMnV0xNXsOBBDqk3sA9rJ8Mwx - oO6CuLqsWMsO0jGWptLebIzGnwMvaSWMGTMRgweW4gKNzcmiOXUrv5OT4ImJxgwt - 7rFFPGcrVWUzBdGtTquLryAN1Gf1Co59ndG2SS0LKxVnY1sYspwd1FINpJA6x+99 - kX4zJlK5qA8wcqkgj5WhTTXIQGLKD+R58pGjizEJzDt4aMB536uZa86ntP4bd1/5 - Q4zjzwF0aIMWX9FdaCilFMjWjT+iMOl6m2dI3EBcUuTzqL8JTKbBxQ9z+Hc+yELS - XgHe79QN5IUbyoH/Fi7jNA7XEUwI6WIrhZ8TWF4nS3HgZkVfsZ/oK1DFBdVcZ5Zd - /rJaKqgeQLCxoRFroI1vZYsBRKInRs+7yziK8YtbFhmX0azW5G0NiUtsYXBOguU= - =YSsr - -----END PGP MESSAGE----- - fp: 87AB00D45D37C9E9167B5A5A333448678B60E505 - - created_at: "2024-05-25T14:42:41Z" - enc: |- - -----BEGIN PGP MESSAGE----- + hQIMAxjNhCKPP69fAQ/8D7Ili77aorhPn6Eg3+9wpxkhd1KU0a0fZh5O8aV0qQk/ + oAvq3+NZYULpMzPb2utLvFKFmKS2d4odbdTV8BhE6rWukRR7Kv5YZYksVjOobCTj + +uhpSA3BSccC5PNNYODRgUF+2sQkzis8raF/El7f+/Ec/owB5qnrWd7Tja4uW5Qt + 5r5q4nH9tb1HtIalrpI8tRcpZ+0JOzdHm2w65eCEirF+12gTSX1QP71KtjkjlKGy + +20ofHdjXpkUT4E9SsVVHpRK70IrPCqi7iv6dwKzUGhfckHDfGCoPEwk6/0WZsjX + r8EU50QxJIJxXkSBIcNVjvw3NviliJiwtPHR35noyYkXJXWlS/FVauxF44sSVvO4 + T2uTCdMhmKp1on518/bUcYWtINAy5w74hOZ+qojo2g5bAAu4mQ7bFwCK8bs08bL8 + beASn5XYkTr/a/oE5kdj1+EB2/VdZZED7w57NiiOEYXoHXNuHAd1DTCeoPz4VvqM + TrY+Cjal7YBg9GAGm4L8ZtqpfqmU5NQnmEYHhzXZhOjhrMtu8QyvlM2KichKnSfW + /AcADQSYwR6O+pLui9tXwUPNGEYQGHx8Wlmjvq6hvfcD+IlyzK5iM9Jg03nerQCf + 1IlEmyNLVt5kQqdtNh8V7kskgPrDsKuQ1kQta5Vq5btbCbIOlIEuzuv9RWXgNerS + XgGH29dML0Fta1z0/LKkWSA/U4V+jUviQDNpbQ2t/WaGQAAK2Mhj34WT55BFcVCe + CvqsHQ28CjAKKaLZ77Wyy03zFHEZ5HwdmJhpXAJFzUdM8jNBQDqc99iNlerFHxA= + =BLfs + -----END PGP MESSAGE----- + fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55 + - created_at: "2026-02-17T22:21:58Z" + enc: |- + -----BEGIN PGP MESSAGE----- - hQIMA4HMJd/cQYrVAQ//byQSYLjXciKE2ryqYXiz3/OgDd0pIVr9HZLlxwUFJFMR - DLuxWPK+SxUj6F81mi4A9xq9CmTa3jMEVkGgblvjGoWjtEKKgJrdllMCvo5Q/Gcu - CLbMPXGfs/eDEjqEbX1rAdzR31TcFl9FI6bGUIXxGE21DeLIDCgInl5gNzVL+Ser - M5OAxpQCqe23wUMPya16XTzpaxug+mertfyOxC3XUk2A23y/8gey0pjAnaDTPIhD - q35ni2gA1eigiitJv2IWxIfbZ7rFuwmb9qi+vpBeqMTNLBBbhKgbSg4PUl6usFeC - 65uRvNJOeMeXfwpPgMlphtz7pABg4ihW7tusVe//Utrph7QJs8bsiokXA/RYtTQO - uMK8oYdre9c4FboINGL4hznzUi02ZRiMh2Hf+V4cf4VK+YoBKsRYfO79lHytFHPF - 6XCv9hh6qLuzTCHlUrAfOYbXbduS5mMLcfX6OYay4lYTEpx3dKBZz34wtg3TtMpP - eDuafUXNOfpx/E+4ZtB5X8Y99ax+3resPv9IQMTNOHQJ/vPa4JT8Avkrv/q4wIsJ - yMOixzR2bIPjetZbY4ykOwJxL2b0F/Bm5yu0rVHQp9+lYqrypjAzt5vhbdAMkDZD - CPxhEU/Kq7DC4fSE6ysTGEBBW+s4i7lwqvfds6RqHbQXL/0jginU4zSxZuZ26xvS - XgFinTWqnia1WkhfAZsH+UobDK92lKDiQRtM/xhWkNCB/WZQB4Q4EpJJeXIidTse - xQpG0tREIIuS75dJ6nD+Kh2CkOnalSVVvb3VVN8Ft9PEPLf76mE+x9Zk4Mu0vOc= - =BDOC - -----END PGP MESSAGE----- - fp: 91213ABAA73B0B73D3C02B5B4E5F372D17BBE67C - - created_at: "2024-05-25T14:42:41Z" - enc: |- - -----BEGIN PGP MESSAGE----- + hQIMA1Hthzn+T1OoAQ/9GiQ8HBWqxVKFiWt1Rpltpjqp2wJG+TSP/6RZNcJxn/Z0 + n6+SYdeeIIBr/cavORPlaY19bMD3NQMgqhNFiLo2q/ZXTm9QF1YJPRFpzEVovia8 + bF6K022kdEQYFirKNXPtyYsqbZ0hHiJG5cTlacfd2k2Nbx6QTWq0f3Ksm49zzdJh + or1hCoPHTqnuRwiBQtkwx+4jo0SAAe0xO2Cs5jCcNt8j7KYwmRKmH1Qgtclsb3cq + vqhh2WQLXD3HoVJxnjcyIElkCPCDpWtLYT+ZEqiWbiSkLwzsBHjtavgSAs3b8ZV1 + v7zq76ofB0YKN2LRbcpdygvFseqNBpU6uukcScpwhIsfj0DrHZQ9sufl/JIFF97S + 27pf/9hyJLmjTclaUfTREtPb8icyhwOE+d/Atw0sZxOKY4+hV4WF9pbDGiUOgZqi + a7E3qY+Iywk7jDgmU1eQGkY+G3PPXHbdhYr8v+Ig2lbp4uU1H+ab+d6r4C83pJzD + PrDXcletKkA4APwq/duyzox6CoxCpoBcFUtz7rHcYi78EfdFi4oMWVYimAlQCdng + JqeDXAArdoz1rj/yDwlFYybnHtXb65T01wF53brPtOkAVq6tE11hxe9dCiD6klk4 + SI5j9VE8wUEV0lf73AFW+gectZzkr5+7/QKe0IG2G5DkftK/J1nHA4ERFw7w0R7S + XgHrnYShza9Jovn/qGjZrvZFf6Pcs/KK92CpSBi1oMl7Lhll4R0tH+uG4b8pWuXF + uLSpKPsnhnxkfVczNRIFeDZ51ZuyjmYSrpt+YZnDGf7H853ROAC83gej00E4Mcg= + =SVTV + -----END PGP MESSAGE----- + fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD + - created_at: "2026-02-17T22:21:58Z" + enc: |- + -----BEGIN PGP MESSAGE----- - hQIMAxjNhCKPP69fAQ/+P1WAWxpVnCVQpoHmEFNnK8x1ZeDN9IyYvFFpFRbRJ4f5 - naL0ROxP/E19LGtD/bGbdBfVU4nNXdiXbGYtAlvAybAky9/8a8AJ97n2KVULR3xX - JnsXIjavi57MB3ty+Nop4Fgmv4p4AAsPOzDQtc07Uj5xzxrK9ARtv7w7UyJooOiG - Sp692SFChyskAjTVHWU9WKomqsqZY7XvbHJPQT6Y+wUbAjx9iAhpv0CEJcxX/irF - D3SkUD1tCJ0NHlzCZ0ORLdhDos+FNCASbhYZiCyUJn1mBfW6PcHmNevzaqSQQaoM - hd3vOxx5MFO81K3GtE/r1RA0waY/7knBHk0cBuscBOLhs6MC6i6mMfY711WoiOTj - Y9xCjAIYdOeK22fceg0Wk/FMtivFbgddpk+jOrAR6Wh6n2qJZDJFdxFpcaSF2fHj - dBZuJ/q5vRedjdLYFnL2uTejAKkQLthqL3F4m2Fzyr5wk80eGRYqQHDtSlwagVLD - ZoTLCtGp8qnSLF6Z+nnS9lmsf+X0286wAmRtxHsrTTGm2CDhBmvQjNeq086Bdhp4 - z6S3WlgX5oMbTS3hD0BIr4euKIUT3CZcbyXzicuS4iwYOq1iaQEMGvXJ2TKkaOsI - 9W2CPSySkIzp/z5Cpet4Z2JFBcO4QwgCvScm3yK53ZXkRoSwkUWBiWUO8GihgWzS - XgEGOQGCaBNxYr/B1ePYUTxZG7gz3qe3QzzrYebHUmYlEFcC1BkyD0CfWZy59oM6 - mHL30p7LuuoQbO0VocvsnxR8ObQhXsncc+EyZx03zyeDSIbOFqs1sSQ/w+K1708= - =dnme - -----END PGP MESSAGE----- - fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55 - - created_at: "2024-05-25T14:42:41Z" - enc: |- - -----BEGIN PGP MESSAGE----- + hQIMA46L6MuPqfJqAQ//czgS1KbONIAv+/0g6iwcMPmBld0BDwJw3G0jlJCuSW6g + nSa1bq87WQzXUL/iM5XzURGzuMY5picYy/QTu/fi/XNG04lZpN7ZzATEkSwwyNzC + JsAei0QKAWPRRFTKSnsoL8QEhKD7asJmgfBDFhj0iYxClBQIXOSjQlAAfeK9o+Xw + oM7EfRSY9zUtJAziZs9LpkQKu7eJlq+n6IGGH9Jy1h0hKcxRuSujgz7MepNvLFc9 + wJO9LGieAgynZgOsvVLHN8N0v/PKew5LXnbDo6I35z4ASG76n+zlFDwYp3RDkU4q + Is9LqLJUAxPtIa2NLGRuFOO7fOg9IhhdRHdhylah1boM7+ElACDDbbt+v9d5qu/L + /GBZIn1pgSe0hlxfa2eAKZCS1cYlpBIKen768hJncKuTzV5LGDguJcQMKaBmbFOH + tCfvNFzWmWZBc/h8xkBpm0Hp9c2XFwcvzTL9BmaOgGzjUbZM8DSwFE+vlg/O7Ggv + lyoi78OEWktVLYUXxSBq3XhVxncOgNifL9w9bIb4lTJLjMVYmughFntHwSZH/8eq + nLw6sPQrINcjIMJEw/LUCnO4kmzrvCgqY5GtDvyV62c8k5nWXhpkl938EX7DZOCe + q5ZKMUfu0cUvyIQWIZly8ZsPDkPz6XQJGu3pifXs3vIiARUJY4qv0iAKRD2u85rS + XgFf4gDAoga+9rJD9Gj4Vhyjps7YmU94588/CeHesl1/Zy9+neRTrHMoo+KqUpC+ + O+CTgW85eVnRT9mgDlLDsFqZElZZWkdn1yJfD9NlhMvswsn/NkbB2yT06HbeKAI= + =Uh/J + -----END PGP MESSAGE----- + fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A + - created_at: "2026-02-17T22:21:58Z" + enc: |- + -----BEGIN PGP MESSAGE----- - hQIMA1Hthzn+T1OoAQ/+IDsMHXF8Xpm7Mz8EuZ6OjINDfe1aVJqkq6dislIuniSn - z62K3gIlYKVCkPC4uQ5KAQBC6mCv/IYmy82OFmexeaHO1uYhLiM5z+5efxkbChK6 - jxKYudsVe0l0vd7JpJVCO+GSw/jelALUhwtrr/A5URNQ+fQZrTAd5SE9bFEFf0P7 - exTBlw6Cus5671R+s7G7OGbKgx47Kf4CDzMizYruRBvjwDPkKOAPAGnoNApjl598 - m2uR4PmlqUJ0z/aFcBtcs1au05vGmVvckSMz8BiqpGsmlbZEVIQRiXqsZ5A7X88B - D6Nx0nb0t4WM1EV1UUbSLPFwwcVkOSHHfs8SGk3gaStCNWunkrPGQStUFBmU1TpL - 2exHEKopll2gQ+XKfvE+mPF0cqd8dq2SfZpLZgp80pKieuHXN/DJhEHoBSELixDe - zRXB5/s6Gr2Hlgd3lfp910UndiycP5ROJZbEwJ6O0x8QRxeIqbpk4eXiIK/4lxiK - ENepdeFSk8/DS/yEMc4M1kWxxm0rkQO/dxn3SvYV49eNFvkRMWkWimMrSbaIUKNM - k8KSLYr6JuoKP0v3NZHGcBZUGd8KuDi8R0A9KZtqz0pHyRIh/Ox+to+Gmlw7EP0r - ARPQOBQBUjcxqW6BRJ31onE24AxZN0b3pAAPMt7Z7KXmveHGGqolU1peZfeATKrS - XgHJDBQkCm1SOX89yw0O0DVZ43z0b9UqyP157R4JgdyEleNsMbPl+KDPCPx6vAnm - iGrsjpWeKMwA3s2biSYUb8T00KD48vH1nidc+XEjfQ/fBDJIsR8Ku7YMZtzKmNY= - =xEYv - -----END PGP MESSAGE----- - fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD - - created_at: "2024-05-25T14:42:41Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA46L6MuPqfJqARAAkAuIMiq8rw37IFlLlVv1tzQbGMmWjNhQndBAlwA/dAaf - zk8dNuKA8wlmAFv6uwbmfOzvdiwunoYq8cgIRdaP7ieNPRppHIm+pbojWKOvXoZZ - 6b2+ILacE6JBHpk5o+KbrILrnn1ciyfhGq6CX9gCi9+vvQkZk3+WexgaHEOfFL6x - zCp5jVEIbVeDMZIxVbDDVHMiXBy2qmpYrSDMnky05/szu9BBJodcsqZFAqgumVf2 - kBFFvnzdhJgKWBfJ2H2CfVOWx3CUhLXidqJyFgzs338aGhSNO4jGKvOn1Yx/PLlg - LSRphptnmzM83BS4ev9/ejvYiWbxorKSBTPZBqehpKFtPdNNUqbWMpq/lmAn3yLu - S+yAVAklCHSDtKEdS9YHAFqycgxvj1VNxLx1DI2mNPyUBoOgzfdD1NiUDQp2s3j4 - EX8EsH1+b1eKk93751yLKMaSfLjU6lnd2d/h++WIt5tDx71XvIJ91yV3NJVr2wIo - MVIUJFh16+zQOWvc6rKCQh8U5cu3AVcB8EfoRrn5fCNh6tu7Aw/fHxz/l/U0vzId - cWFZCYFrg4i3T5w3U+ZV5kgoMQaRDh6T8yVXZQTzKSi5qAQW/qeGn6h2zHWARznC - J3IJ6M9pX6zibz1ao9oc0ePhU3Vy2vNFdFcpGgLe3gl10BM7GbU7rrmAlHFgG4nS - XgHhWFZtUAcYwEuhuOVDfmN4J/QNWlzl20RML92pf0UNCx1VHrStAbA64MqyvE4V - Dgallu5Dr+u5SHLgAaNj9HfgAGuDLPCXGrCoYK8KLUR8fIYwkuO13FN2A0YnHOY= - =IKCU - -----END PGP MESSAGE----- - fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A - - created_at: "2024-05-25T14:42:41Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA4EEKdYEzV0pARAAomxJSaPmNrFFIiqfWzwdemWBUK4oujqRSvfRmnK3fg7s - p+Q/eV8/jYqxPk1q/P9thQSu9gq3OXLkgT2TlMwcsFBG1+xnksu3Xcqr47ON7N9H - J5K6a0KPX07O9fuP6VZtn4cDatLq6ag7RYLp2D7v68eRMi1Kyc3W3mZyz2AlbrUO - 7T/tOqQzD1Zb/vwIy0Vfn8w2KMCPBi3TxlfSdohPsZWehrIAAKZHDRp2931iKPXQ - 0gDwjTd0sEdXwi+sfXxq00988R4uXIjJhBd+ZFOxIHg9yEcXSW02eUauVwETuLzv - 2ohAB/LOKQx59mVyE9gFxtMM7oo3vb5zWcnX9pHG+N0UE/RU2C+aR8a3KCOtysk9 - cHwBLT6Iv3zijeJCeKG7IvSgsp/WW71rqDZCMphs5cFZdzEola+lRXNPIpz6YJ/t - qyTFbu4BG76LZyRRTg+i35NhS/GiQCUMyZoUxW0mLgjDsbYS55FQdFP3xaH5BaPg - 81UrfF3hV1Vrwe6DHbSEYe3qutk3p4NMruHvIIJJLwimIe3i6+MP3/N+ACLV1wBl - caNH/e7H4KStDwuNFb3BjXEXHBLPgnnbdkTSTHZFtmEA0o2avrM/EzVDvvVxTCT2 - e9pbfNCAoXCNo6nstaWRPKjwP8u5HN7RCxjufpZnySt0H/5Ux4qy2v/01i7OARrS - XgE58F0/szyLPmsigEpWhFPIunfIF6esq+4u9OVyqBicYFZHfUddyqTLl64swDHk - r7vxwxH/A8QMGj2GSmQez25MDU/NBTBTotEzRSyxvqZFTxn7IOxKDblSYPhEfCY= - =Tf91 - -----END PGP MESSAGE----- - fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA - - created_at: "2024-05-25T14:42:41Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DQrf1tCqiJxoSAQdAhuqKLIrt0ortv8L+5ex4c8h3ZbiIDTLSGhML7jbMAUww - ntvI7quM3pEBFfdBT4BuPCrgka9gA9KRKGRwxYX3uSe5jPtgnH8GI1+gImeyWIu5 - 0l4BEMzlg3LOwADrDONa9xStlwAIlxgH53bqmCVQ2t6zHkxAcSGeHLn2y+aCh6wI - 9oicvnC69DuQLkMwBFMEMUNiQwwGH8EMfQRacoFAEtH5YqiwBT1qxsnOC8ALfZ+9 - =1uoR - -----END PGP MESSAGE----- - fp: B71138A6A8964A3C3B8899857B4F70C356765BAB - - created_at: "2024-05-25T14:42:41Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAzdAjw8ldn6CAQ/7BfqXXAGvvQVGeGJDi3+XhvZ0wKQvfS4UmjP7FFa4gm26 - 4W1eS5hM007yxpjOH7NAsVbWpej8jYA6dDfeuo7P34owws61F7LQLa0X61mC1qOZ - IXx4n4kdYSV/CyqJa8HrDe56B0dpou01vjbVZ383Pbf8+VzxaKeJ2X2y3ioRijZJ - +T+rCkDHx4neOrrUkutOTJhiezQaeOnFWPEAbNRVfdLAM9jFuuG0uKtnd7hkXf0W - 8sv7z1xEYN8VF3bE70IGuyZtiTeXwhbTD0gq5kze8LldMLwBIxsrTd/xrH/Oc5Od - nY8vvdiLMlAwBrI4z+JI12Hi+b1nglldk3Hu34KaV7jG8DjgBGBy8yolqvKo0cT/ - 9T4aAe9eLANvyHpYfA1CkcFW4CHWOBRS79rC2HcHM1tQ8+coq+jxrzlYEBRwQcpE - 2jBcP7mnIGPm1csIhB6u/UUKVMqlnZ57MdKHwwXja1vzxfnRNBqFdzq5uZEyU+OQ - dDJmURqxK4zCdhk+De7Nm/wR8J7xtIJLUszu2lDJ6SWQEsut2cNUVUvmd5XV1BWV - kZaIFKADZI9qcbivci6fpCEH1/qoU5jIZJ+zvOEOZLsIJXBw1M1/fgfSZ8Aosl2t - RpikITTF0S1HL2QLbWoogdgBp6X+6xjpoWIhHVi5lqm5CX8HTRwqrJL+hPi0GW3S - XgGQv0OqaxGfD6lwyVjokWvCSEoEfK0e7se+ZyJifwAlarGaLvG0PU/iW5cVUolV - QT3TwrxD94ZB412nL2+4/QPCT/ZtOXcO+9dhLiSLneHrNrSReByIAOE1s1ZU8MM= - =XvKN - -----END PGP MESSAGE----- - fp: 3D70F61E07F64EC4E4EF417BEFCD9D20F58784EF - unencrypted_suffix: _unencrypted - version: 3.8.1 + hF4DQrf1tCqiJxoSAQdAYl5yJyayyLJfKcs7YoVj5SorGPw8k+39iR3k3bCbSwww + PKSvjI7m1dLxzGqsYIfavX4sYqP1az/ljDxKKgMI5fX2FUGcWT6/MXF0HTLxDPLR + 0l4BbD2ZIYnL39K7vGc0OY4qi/BkPh1xKY5XMBe1tBsTqTHNboIpW5vKYO/lS7bu + PXyFZTolOiZfefybYoD1DEoPgNUCCnnqq+TM6g1eOtTQ4IsoUH3IjZS/QjPy/jsE + =uSMN + -----END PGP MESSAGE----- + fp: B71138A6A8964A3C3B8899857B4F70C356765BAB + unencrypted_suffix: _unencrypted + version: 3.8.1 diff --git a/config/hosts/matrix/secrets.yaml b/config/hosts/matrix/secrets.yaml index 77e68fd..dd8daef 100644 --- a/config/hosts/matrix/secrets.yaml +++ b/config/hosts/matrix/secrets.yaml @@ -4,229 +4,148 @@ mas_secrets_config: ENC[AES256_GCM,data:lgfGW/zkJ3sdmXehzEMGiBUjIvcjnSma+BjBshxA mas_matrix_config: ENC[AES256_GCM,data:W7tyChbHM+LWYJYuuWSXL1wg8hKFA6UWHjVFOBQMSnFgguwcE7cg5LSnt1Sr/6TaPQP7+2y0sma0fyKlJ+zcUc1k2OPbJLjsrdjNjz7eMSlzmDESRLo3TBSyNjAKjlgWkEftMZRrrwFmA/cR0PdPchTLfBJnvP2vcLpDPEdoitrQFKk=,iv:FvkXV9emW7l1q1KRk2CP2Ec2pIZfBJ6JlpcIx37mVcg=,tag:p/NaElAD08dSPAWOA/Htvg==,type:str] sops: age: + - recipient: age19h7xtfmt3py3ydgl8d8fgh8uakxqxjr74flrxev3pgmvvx94kvtq5d932d + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwTHIvZ0ZPRTdrc2VmY3F4 + T1NqMWU3NzdKSEdqQy9OOWwyaUErWG56MEdJCmpFUmphd2lhUEluT2NrSjE3YWJO + OVRHVk1YTWQzdmgyM3dmMWtCeUgrT0kKLS0tIEZSWlZGVWpUWHQ0aUY2VkdWb005 + Um1hd2FCUzliUjlvY3JGVTJtV2NxWkUKYShPlhmFB3f/8fSdJKue61LR7NqSW3bq + JsmPKkofk3bzMbkUGm9fWey273nOLG3SNcx+ANDCxJUhOQ8KutaOVA== + -----END AGE ENCRYPTED FILE----- - recipient: age1f7ams0n2zy994pzt0u30h8tex6xdcernj59t4d70z4kjsyzrr3wsy87xzk enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvZzNVUm1keldaNExycVNM - OEV5SUZQNC9uSW8zMVNZOHQrMUQrNm01Tmg0ClF4Wm9uSzRTL055ZnlHUlplUHFO - QmhXQU5yMFJDMytyMjFiaWFXa1RuR3cKLS0tIDM2d014TTRySXVtOEJieVRxdlVp - NG95TjFjUjZFMXh2STIyakxqbUJnRlUKQ64ahDiNJ4nPUQ5pLH4Jb5yidNrK11dT - YSg9QNr++FTdYaQ/TXmYTg0d4kF3yb/xyG1vZMcpZP6+omwN73DSfg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwcFdrdlhNYlVmYmhoMU9Y + aWZxVVVmOTRHNkJWSVpGSytQOGNSOWZ2NmwwCkdENlRPdnk3WDFRMFM5Z0xEMFVT + NVBJWXo3L1lRNTc5eko5dHdyMjEwajAKLS0tIHQvZkticURkNFp3MlkvazlzN1N1 + R282OFVBVXZPcGNWQllXRS9HTXhobUkKpyfxx4gEcWFX//ntF/pWc7HNmeRIlF4K + DxjEnRn+PJol8kpBqttXPSYr5EydboA2O2Fv4EmQc7l3VQKdncrlOQ== -----END AGE ENCRYPTED FILE----- lastmodified: "2025-10-12T02:48:54Z" mac: ENC[AES256_GCM,data:xmxSQJ75JwsMPzPIGUgmtijRre7HnU3wpCvaPJo+XVXsC3wRnSwhRGc38DWxKIljx9HAKGMXV+n0iT3+bnTkeUNYGaUMROs82cyfqxfCd9pn6Qi9ytUb/Oec+oignDlojg8sMKZJGyUguN9sdSRootgSe3/Z4Di/IxhXhW3cDZ4=,iv:cLtqVhLcFxrlzFim+jgVpFlmJaRzmm4zdPkRCKOd6CE=,tag:MnZrm5lwYH/7YEjG+vCIKA==,type:str] pgp: - - created_at: "2024-05-26T00:53:53Z" + - created_at: "2026-02-17T22:22:00Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAxK/JaB2/SdtAQ//Zi8QfQ8Ahr8WyEeaJIvXBRGUzmyg84aboRweI9D/MeJ2 - CnVm91xr74HylD6sAXbGcTnwTtWChrrgSJ7vGBj5t2UOuW9zpKFl/pgs7o4jzwoc - C2Kmgug7S/chaQJsfKTkAs0t/MTHO+DZru+O/pT90zgdQEig/19i1smnrseBuAiU - zow7lc9mwBTIEsTlkYoIr1+Ihoiizv/q9oeMvfaZr8hKV4wYTp1Cx9xCgXxVcv+X - SpzIqqTT/lm87znJcSWCQY9fTRrhAQu4RdhXzEIxTODljmFhQcx/Nug82EAc1Xjh - B7qMIsblbabJyrBUk5BypvDHJiso8qLd/6/i/rRztzK1q3vtT37XPKk8KIJz84cy - ZDqAGDWj8jWDctwac0xTAFKVr/5oF4TGIf1Ydwv7+GMOeXvn2ZInmiMGUKxdGhwW - vg2azqqatmRQxI+kHUHz+FBiQSTgKIkVplg8daCIhQVK4r4CkOU5dPvDjw7FLahV - LN7XVNVCZw7p9yACd5KkjWX2E7bfpHr/EADOr5epc/EZwOmblFmGPzFPNR/IfF+E - QJrw2bTDuMGZRzvn+6CozZOnOFpSrYtzbUHTvdt+iskHS1jD237NOvPe4j2Od401 - c2LjekRPo9BpkrufIlDQrgjflH6RGHOLdgqPE9j2zIOfmKjdIYiQlIIjNlh/xeDU - aAEJAhCoQ0WS+mj/YL0Y7lu2/GEf5FxjkOwa0o6SOd7iR17zrTwRkBdSfsSUAiu1 - pw4vkDFzgvwR+80vYfZcnYyCGOQKMYcn0PLtmnQfy/LUUGW+B1/kxqSHZDDhCuWr - o287s9GBxBoQ - =BImL - -----END PGP MESSAGE----- - fp: EF643F59E008414882232C78FFA8331EEB7D6B70 - - created_at: "2024-05-26T00:53:53Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA6EyPtWBEI+2AQ//VYKib9HvGAxzknrRfI15qFSHdvRxWDiR0M8Jo7JWTOCJ - e0BGytT/dkYAKXeZvLX4W/65jQ4GhBMi20NSnyfqsWt/ENoLc3v9mXX3JleBRceX - 8Gyz7tlqjg+pVW7lUtotz4vM6TeKBJUT6tHm5K0OiQBeAtjitphIkmakw4wrS0+Y - +3Y7dOpktefQDSWVDPtbDOImcMFS6EYn5JCPG9xOhsX7XoK7/wCmZuSF3p/q6/CV - 3NgTK0W2L68CiUye+ajrtn4545f3jnQXiu+JkZGcHdKsHaexW6dzpTsSgsSc1S+t - NlhEty6Q7kXXylG3OAtoEhsA3PP2Av2o0oaIpn1Syd5czHvmV7M+QT1M9HU6U96l - Nwio5cSX7faMrlGfaBNY681kVtOiOSFDMvDes8oPEqrqKEDkIiIQwMnh68iCTXzX - jRj+dpCLLfrHdo1+oB1JI151eB3ofUPbvTSdz/pASJ9gkFJBgGCl89atxZ7BDNQZ - oCbk0NxorDG4RBA2mliITnctqAe8ZcpBrOJoGO8oJ6u4fH2SNNuoc5A+7tMEHCqb - 2E06TYmUASROR87g0yZdtffK6+ZlLZzzNI4riTUGaGUu3wXDh1ZbXB1CwF5LJ67d - 4P3gJApHJ+ZDrJGnWr/4Tx0NlvPJgJ9bKNT6F45ZZcQzq6bt+RUh6RC1Axvdns7S - XgE7EN6IttIGME/AAeNdGh6O/1XnE2CEiqwqTePb9kgwIufoJWLarnz19qcbnMp6 - mfHNrJlF5FSVuipVtgCYgfWDos7ft1qDqvgRSD1awmdFIk/2ct3wjXKxyB52Vxg= - =5zOY - -----END PGP MESSAGE----- - fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC - - created_at: "2024-05-26T00:53:53Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAz5uSgHG2iMJAQ//cBAsMfpoC02vbVtRPf02VS4NIVu2lM1JdB/IcPo0BHSF - PHNaVh3bl2a3cqbfMvNG9nquFVpDgtAXcSaIvozlsWgMuBIukfYKgeoFNh4fhyy1 - Wgcl26wZj15Tpu4rYHK27CmXBHVusQUyTZVx2CUZwoSdtI2zveWqs7+Qvfhdjb6r - Yt1bDr+Zkrd+AxUuU5Njlp2eGOcuxINGLln2lh8jrdSytOzKll+G/nI8yBdk1Vql - P7iTQ4hHlCzs6HBsgeA7mpkJMP/h0Ts18DQ9sOYCi1SB8JR1eOqZWUu/1nSAk/hV - ntHk3+FnOta4wx7VqYNjRi2JROpvi935JBu0UqwGkVVMdqQNB33/qnJdzcdcfoa1 - 3o5UtsQNuFZW/SgJ3uiPYshIZZGujH3j05aKZV2yULyBRfP7j4KrIq+3dQLlW4J6 - TihPL1Y3aqVvlU0rGOjjKeBL/nTEbEQtbkyCcIrW6WjdWvUYtTeIGnBJt+ExkyH2 - cmuoch5XjiwMrXDnIFzOqeKbLsIZIAatFOzP0jsy66w2VAeNY9AyXCJI4cTqE6py - RVc1QK6+ynhrQ/zJ5XKJD4ATequVJidshC8ci900KBW/1R3XLm7zGQtw3gj5QQ6M - lMfA3bPS3H/DzFHq9NWbQ7Lfkm8N5W8ZSQwBKum9o1uWJC/79lFkyfgf4JqDjDzS - XgFfOjk/KKVSrS7P/3V6YHfQscFuq+Tiepr3LCNt8o+0IbNJbsr1Zg+sutuMFhrq - 2lblr+MKkvUpYBhUYYen/PULpr8c6QZYiVX14xJQqFzYk4U/4WoFZm/8dXuAQ8s= - =z9Gs + hQIMAz5uSgHG2iMJARAAsLBqwVkmgFjAHkgg1Js4o1G0wxf4wSmWfBqGGlQYzuZo + Wn/RojGmly81Vx3GYc9qC9+H+1UKdOGOHeAeBftaverwJdpAay/DdAKaZ5FJxI0b + OgiACiQxaaSTVLAPIZYw8xCKkVItoR6i1M4d0GGwr26hFNUgj4fSdVR2348KFNmZ + tKZIDipjS7WMbAW1etMdY0oPRAxQfhxRVp7lW/Z2bJYbmnug8FGaj5EwzRrSqGrI + li907EswOElX7YijnjrJ2I2B3Et3sHkwxq9jSEZX89EBHJbwy+fFWD81oKugDkwv + HP6a6qMhYBmp9D+hGcHAyyHYXmdQa6HXSv7PJvicHTAQ0iLodPEFz+Z9gblHV1Y9 + xq0ciM0N8NbTmGl6JOfeg4dB1CzH9N9TH6q/+Yp+ZZnMJfzjx+dV89VCPvt8KAH2 + +fj5Ru3gwGD6NpvNP0aDIAIygzlJE0Q1b8AtMXzHNKfA8jlGqGalkNM5/Q0+rJAA + IleUVMXJz07o8QvrDZKTq+FYq6qbcPFGjvV7c9mBcW6/I6rT59OLiX/eJHbfvUAE + SrLpGDi7kOOiWlFmALLG7+pj7XNxxNlmeG+UBWa0ZEMW6onc5HufjpS6FkPeSfAQ + dXSHq2wamtt1o6B3TsBmZAliZ7b/DbFKTl8ErE/XnWGLNAMqJD6pCDtJSwvDpC7S + XgE11hisql+hIYGrjXrHe9DeNtgZlKd6sYQKGhaMtA/GeH933XVXjA3NsN3GyXDG + MzJjKPkRAGCfRu2VfLv6hnqjzREgsiBpS+XLitZezW2/MtkEVvYN9BwWbe+MUsA= + =v4J/ -----END PGP MESSAGE----- fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5 - - created_at: "2024-05-26T00:53:53Z" + - created_at: "2026-02-17T22:22:00Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAw5vwmoEJHQ1AQ/+JcEj7POTdpKoqBO0W8sxpvNafGlxWBmGF9nVMKsCe6r0 - +z2iyj0TF2ffRe822djXoG0Kod4Gf1Ihg+u/EKGgoL41CRt3DhszervSesm/pHJU - 9+IMJYj7Wz64GekkIVkYgcLkJr7AeIYM47W9kr5XGWCI4ogQLHJEVgrwFMWVsynV - meIBjn8ntS1aI9xZQC0EePlBekD6zvwQHOyEkar1MD4NaMqLKf+9x7IAErY0msXz - czBfBVZY74q0Aq27YqfUcl2QkksxfLsti3WrB4Nb2YIqzGJ6bED9TsqRhy9CQRBf - TSN+jh9Snit8NgLMAD2eyBgGUcQbwvyW2OHEYWpDXqsMbGmXQ21wygBAN0vfSCyx - v9m2+DSJ0jG9icBj31JqZcztI5fRsaForxIRmuT6EwGHc0YfuJwk8LWW1YOTRhYq - KbOMzGZnB1aNI9i7jVYHgraU1vB6u6R3hU2hOJq0zzqP7w/XuSitzb4+EzwuFkw8 - zVRNJ406ZYJvMhZp8NQ878WkJRqsV3C++LevnLkHLNfMOfDcD+nltmctVXf99Fc6 - ebc7FQj6jOsUlbNQMxnqOZ/6fV9WesjPgCsUMJFxC7/5/5th8CU5VJHYOwwMUEMS - +zbwM41MxUeknII7dc22MHUXxMocVkhlmGPYNc+jRv85nuDwbYqMa9Ht4JychK7S - XgEZyWSvHupNW3XMwspeyYZMS3pSDO+2YExopgpP6c9Uq1TgvkHo2L66SXj/E4EA - RaUR/bY7EoEdNTrqWlHpuLyRihgqHLHzlRsdJZYBinaIfwmKzvINRiQbGjqhKLs= - =mbJg + hQIMAw5vwmoEJHQ1ARAAuY3IZqvQw2evpOBN/A+15eqpxK7uS8YCzxxQC9Bjn4LB + kwO1b7eh/Q3mTYAG4Xl5tix0Q9uOFM5epftk165xCUu9p388V4Hgx/pGvn4ODhwH + AqIRdXiv4rOp3uN22ZLQPQE9hdLIg8AUK2s87R/vUaB79vZttY76N5ucBDRB5KGC + tPQvggsMi6vCXs59o75nlUbMtVTRZMvERwf+0bv809vGLX81QaZUItcGZyOvpM2t + qhRjYZCI4g7ZDLact0nJA79msJqrjSBsMifmvcfUFoaWps7P1S3DuvBzd6tt2dzU + LKwS/e0BLluawwla9FdoPXy8Dd57zPFVnO0FmsDYtC8qZGQl4BiUtQqvmDxrVmV8 + VvcBMdyyLWyYbCvWLqpxpAN40whis2zGkfN3llK5G6SAhIqhX/KnlOLmIj3HN0pm + HuAls9/y5pebxgBFrPdhYRvsxehQRGmffjr3WW2Co5o6y7Mazss4KLO8FiRvfbRa + OIBEkx+V2CokjRnNnCaOFgBbpzinabfW64eP/6F4pTcYerRVp/EEgioa6iYA5kJE + vPjc6QRh15hdjLKpdGXOFS8JLMlk9mrTECmuQZNb0Uo2BJtbxbOqCMSdX0woF6/M + zRNZJfTvRtaiUFCCXOyU3RhMtqMK+Qwbw57DMDklh2qHsAR1UpS6k9RtYN3j3PDS + XgEgaPSPrGE0E68ydgguomvtl/kVS/P5GGSo9DQ0YhXMPyBV/MIkMD3mIpNmbEbn + nDNtvDvOjCdmfEotALsWs5VeRTqO9J/GcpPxC/+b0gTIvAjnWj3ptTsz11Jnf1E= + =Wkdq -----END PGP MESSAGE----- fp: 87AB00D45D37C9E9167B5A5A333448678B60E505 - - created_at: "2024-05-26T00:53:53Z" + - created_at: "2026-02-17T22:22:00Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMA4HMJd/cQYrVAQ//Vo1ZEeqpfN2gJUEKHZs6L3dXmRSd5RedwTxivQSDUZaw - CS5CQgBHd6H8ly5Phc2+QrXSjn6sJubDPaCAVmWKOf4WTMOATgdbp7eNEKlX06iT - igr5UuptY04tM6AauuXNLatD9F/2p545VkLUYVNQriVMgXjrSd2MWo7/J3P7G7lA - xupGHMQ/L3gwU2A50sJUtAc1/SW6h9RMNwHjx6FVRvQtdWUdAoRYCT+r2fICKs1m - MKYOUzOA4CW3uURM2NZEFrVdmES0izv0vNAQqx0lVxAL/qhqwsGqTAZkXryef39J - WkIpqwQWWutvwmpVu07yBllfWU5XzoxaH+ye64p7+3SyrRwdrZc7IVW8NM9NSAru - +2lio54b/dp1Sh7GGV2Y3hNMmGuPOym/PEOLVG99mkfZaPDG+Ui6enV1Ol+dFRaJ - 9VqSa1zIo5N1QdW4iy/Rke7oMlTINcJDCA/KgYeLXK5IRz/iv6q1QyzhR+dNH/pu - JzxDSru/ZSTP+oMXZ1AgGf9UDUy258A7oDRt/ECN2c3oggj+Oh/HfnPXfD+9Mlzq - c/FGIRDQE7lLQoHqBaEgp9pejepAAocCci3UMgAO3ZTgIlXwJyE7fWZKrbATIqEX - GYr/tLNIyb1df4Cg2Pp+kS0i5+KnPqcbPkN+IhJq1BA3qG0rzFJiQtIR5Yn7BxXS - XgEVc+mwjUlUnQuVxFzfyZSlVh8tipwLZck6aG3IrLn/9WSHMY22GDOprsy3bMta - OOy9KLyPgZIdPr1v4BmX77x+2Z5EeijAEswFgfPvSPEuWKSiqkXvaVDy9w+U8kM= - =0phM + hF4DerEtaFuTeewSAQdAWCQaHsUsVRZ81mhzxREzdj0xMReLH38JmXu515OSFSUw + 76iHcTSqMeclrg1Uio4xhGTctSMhAv2t4yic/ocP6EYNsM4yQUsBLtM+xm7Bu2Qu + 0l4BXcl9T+kQ+xICQySM1g6g+sHxrKCgtzNB22vG/jqeQatdh19OOWlibCXhicTl + Bv4qKPSBGBdk9KYwAN9fstUfmbGX21E5DXJlFGhfdnvWIh8biw/0aJ4floOk1st+ + =dh/i -----END PGP MESSAGE----- - fp: 91213ABAA73B0B73D3C02B5B4E5F372D17BBE67C - - created_at: "2024-05-26T00:53:53Z" + fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912 + - created_at: "2026-02-17T22:22:00Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAxjNhCKPP69fARAAleXLoRXh1RP5u4Hk4zsVpSbbhKKW8dypXDBVMa4trCi/ - Xq5Z7XM/Nip1iBCUHoLRaJdi2MlM2aDfVFo+PEx4JagpjxFjzqW21WUa5vqct9Fy - UVgdsssSVq8hNrMvlxDJwYVYfyQIOUqKyzDMbXOGh6AaOHaZsNsWtOBDJRqHMSXy - ULXMH9xxHmheDDV/ZnlOl4fOBJT+qC/F02Yo92Q7rMHWMcNs5NITGN3DDYrQqs6i - uHopbwuTpRMggnHldaMM2l2n4eCBiKxxz0dGit7FlpFL0kgsZROGBkQUyAZdkkwQ - LKnaqgodCv9t/6VZNATp8+iJP7ji5IvXeW6WQOztb8+h8JV3j8pHdadNzgXxH4av - LVnqAABQMhay9jEGlPzgQFT7zDbaAiUd3bSLz1i02Dyi/FYCIylHFEmBErr5RBsn - lqbG/vAxJPKOkiDL31nkjugd09UeFYNp2WqO1DpeoYQoMltFD26TvUnbOAQo+v/y - xxl7hhCTzbd6kF1VxSCNtv0LhDdirq0+eiFN89E+5ijLjhmpg23S2E90etuRgjuF - b050aoEJyXosRqgXVl0qkOEnXgQDbAXrEobbbRixrIQRHmNN1NjRCudzJjxs+p39 - tucfUPZJO5np8ITgE7XCt82IYxW7b3HO2kejJAluIfUxOkdBgORKuc79vEaP+rrS - XgGAqi7CdzN/lfoLononCBOhce9XgdgpbpQRohO+jLp+abqmbnEzI1ZnzxpWXo8Z - taWKvUIySWbN8bWhmiIky9TyUXEfRVKe9I0MUC3Q94NAnlnj+dNXXr3mS/AxNcQ= - =ZYXj + hQIMAxjNhCKPP69fAQ//VnKyJB+ogP2eCVpjvzkXs8ip5xe1aYj06M/cIw8I8Awf + aVVBo3DTYGrX1ke+E0WbTvwbd37T/M2RyYHlFQclIfnZCfa12gSrg+5ggInZGRl2 + D/d3Zxdz8HjML5DpXGQ3dLGi1SbWn048gmdx2V34JLWvxu5XpOMv1RBBLcDIoqVS + HWGa+/tXAbyT9xwZJAOEVErlrTWXKyCYPLsTL89x8E5jqPijJoDTFle2G8+uv70J + /Gn2Cs957jFocPrZEqIDVwkf0jgQllkTELTNq08dm4wqCHbScxLgUxUyCSobeCk8 + yedGAJ6tFrXywUb3fEoKcnGF/5TG+3XatJC1aefsnsBxAkDT8PX0nTlBxhHwu3RO + IEBtlU5icVKenRPM3mFEkmEIR3B3+zONLGJ+8PqbZ6OCZuImxHgVat8FI+vXE509 + 1Dd/l54an5jskXpqreDJEDfeZpeUYkMMxjHdg8x+ilZlxMHoi+NeF9ocEfTrLA2y + U0bUguEmqW7thA+J6bcoJNHlXsd077+97mN1l8paBctsllVwzZYoQp64ICAx7PPY + N9GvWBuupnbrWxMS0nnMpF0oPKnN4tknflrC3ZacPtscRo7BISy0RHhvJG3SZ212 + eRCM/maYnV8omAaIMuFfbuv45yPKkLq1MPE9NID3wGHkJqmIpm2ggwA0A6g/h+fS + XgHmJuXEV6v9lxtaRD4iFsbLL3+hqfVfQ9W2IPbARNbOKIYplgJu0tWw96y6fnIf + R1h+z00a84R27N3NmuV96Vyg4TvWKTAmWZzmZYIM/QfzQtMszwQ9PWOUZeHGVXs= + =TcqO -----END PGP MESSAGE----- fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55 - - created_at: "2024-05-26T00:53:53Z" + - created_at: "2026-02-17T22:22:00Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMA1Hthzn+T1OoARAAsBC/uAbTVpBWv3dmzvVglih0Zlnumbz6wcDbeDTVP3r+ - XiUyiDFE/Hdnm5J0be2jSj7s5RIXj8Gb5BkXPoytAkGF6NMtHjZJLmeo7NciQ6Bo - wDf5IXCmv/PbyuydqkHJEztsSMWoCQbGQo+dMeWoAY+WKt+dQGyGmoB8BbeUjuH+ - lgKlUk3W1INTV74Qz6avuEQpwc+6hvb1w3Vb5kdzgRjplLUB4w45wP+79HE8Ub3V - 7PhhEQMza/CIyYqHEGQ8fKzd+tuX/naYXnbfTCu64eyKCz2fQZOMdqKNA49aMWGC - vo8K38Nd8haQ+tcJvT9Vuis3n5X0Qdzpk/8u+M2XM4UQLHSaKSQRnJLpslumLJGK - fI2ErQJoD/TR+vvwrKXmCOEeiFjs0GC8zQEVP6Qa1JE7Fr8iKIEtYYXmGK0Q5Sku - 5eUkrzJC9Lh4rBvGXLX1PZefBVxnnlBMNk0Cae7vGnKKKuARE4aYgRkIhzIp0GuG - pdwSir1iTVMKtfrkpJ7BqPANKxApbLzYHBi9rFWJboA7HAXe/E73HD4Ov0tIs1La - 9rwRiJ0LYUixsngf6YvtGuj0ZiuTe0t+VhYzg9sYOcBWW8z/AAuZ3FQoBWLdOFPA - GBVI2KV+vr5h4dy7+yCqPxpqhkKe5ObCdwksBrl9tiaPVoQuN6Zv63kLlCtkP7jS - XgFYwBL4tKcCPfG+9J61T3LqItNLmzrT56LMN6LIz3pvRtASRbSRRnqKuuPgAL9g - IeFHe8lblLErRwKz+iNre6wwQCEfwbVf5NPF+rLh3nfEIZzCf/CF3qrxBpdYzwQ= - =P+bx + hQIMA1Hthzn+T1OoARAAmnSREMlYFwDLJ/9LoUAO2NqrylMZhIPvwU7HQleKe7u2 + cdhGZKXbPCMLlWgCM6Z7wpVFeUT2OPI0vkDIL6NNlJ/l09j6CunNfWY/4qKc9YzS + J4I0tfY/cvnDRQrpPcg7rIgM+ukxpOcxmfc02NGqK8EMyZurFNmrmJLdob8nsoIl + ZlyPHMEw2KuSzDsX688OzO9HozcHAJVlG5Aw1lD4TCq4Fq9HTPRnmq+oem0gteDT + VZ2Np+Q5zc1NYXU36lmkBSHPAc7KDIplkc7eC1g8w56xk8mMrrEwz/qUhgIYNQ1L + wicf9nVHxaIiPdUpjznL0yGJS2BEbFfQPV9p1dkKX+X+3rBJiVXvGWzlIT1v5AhA + ixXNMYjwpQ6hgytw372q2FltXAcwSggBcmIIgq9DNHP9YtCmI0v3jfu2ZY7HVJNJ + MIJlozlrUrzKjmjhNUXjAjct/N8rKkBtjwruKWWaPERFs0OT7oHPjVphTHo1UDd3 + OhYBZ72cjYCDZyNYk1z79OiGey83o9JAFZv3yWx+LDVJ9l94dGkO43ONXOE50aSE + VSvZlDL12IRg47b6gm+a3DtP7+8mFMaHhvCxNiOpkoFZJQVtZdoFXtwdf1ZAOUXa + sx9tdnWLLGEAR6d9MFXEYyJx4ykfp+Ew8+/eo213ZL4ns3ASGw0wGw78SQebUn/S + XgHeLtKQqx5qhIRcFz78GMZZUkMyljFVddUz3rMy4npPRQoGkyJYiY/pQI55rcHV + 8ShFKDpZurafdf1kEk045SqFzwWvubet+k3VpkxPAlFBlLwstpvz1CQpRqhwZCk= + =HQM8 -----END PGP MESSAGE----- fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD - - created_at: "2024-05-26T00:53:53Z" + - created_at: "2026-02-17T22:22:00Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMA46L6MuPqfJqARAAtl2tC6rlB5O8+4t+b7ZEo4GU578OHN06nJKxxFQHG5zn - mkcANcm5gVDSRAOecM2FyZe4ns18rH4OCvp+uegEQyMVN/XNUEj4/+bGzgXX0NZf - AazE5s2+0i2NETv9bhPjJB0RR+U47PEgx9vKf4EnvL9MAfWyPbGwzR6HdXXDEE/I - c3GNaIOY7YWBgXEuX5LnZbON5hQhbFADY/BRhP1S0d7Wzff6sYgtJhbtaTQFSX2p - j2+pTA3D+tI2h9VvKnZw3n1t8Jc9apP81KNFCURpNpdR8Jh8KQ0aSEcYWTusjah9 - QOX8RmsnFnvWKTN+gU6tffcSbu/r76gmXyUCF47mWvn89ETVA8azp/66zfLTTTvO - CmFVx8+2X1TK04SIKa+MQcpAuS5cTHH6bw7N8u1YfX6O8mbHX/ZH7NJi/Bhxmube - Cau4DtdZ8mX4yz0EjUF62skJoaYYUl3UBrkGXl5A4NXK75ZHlBHT9Cn4YQYIPP1b - 5MAnTsy6UtsGVBZPf6O/kvkA2gAQNjtOjQ2nB1FF6fjqEFFopzmLnAgGvW7lWkeo - lTbrylmv6SrrvX/0wN5Dsayni2iRb7pisEAFs7JAythm463PDrzaRmLoPBNBmJz9 - l88QlYWDQaet4QbJ1AnEaOu5K03coEy6CTzJYqgkTWdLuFC4tUyKsD3P/1EANonS - XgG1y8ifC6F27sgwQribg28RPRvwoiRSGszAXCAeIwo834NQLIvswid5C4VCvPje - XG4X8m9pipP+BoXF8UuX7naRFnIGfXBOVH9N+1+SoTeZtXRX4GIWUGcRtk4nrJQ= - =FQZ1 + hQIMA46L6MuPqfJqARAAq1tt3Yc0tQ3alerxjWUNSBzpa3Nq5W1bhZ8d+qMDWm8f + SsIBYUMNbPHvWOA6tLIzeMBIoBFneQwWW7fw5vpGzaATURTaMiu+Ws8Q2h7JhYaH + cTO/0QLTNtrwCMJOWkofgauf/3eQCwz+QNBByULSMESyyxYqaY/Sp5Vkfp9ddNUc + dy6YOKWGwxpUU3OrKvSeO08aIXL1dpw2bVaroOW34xf1MPBX/hEV4ix1bfkPUrDj + Oc+kXlCLrJSf5TqQhiYYOijRWCNmy31b6ww03mb5OKOHbs4zGAs6Wa1KFxy3b5C6 + AV/v+JWHMOBvbU4jhhrIsPXUzp3AyZfTmFbOFn8LHQmlB4wS/poEU5qczJbzVsyU + OlZE8OVsdLDn7KvjoUDk4PClxLMk8LjQWDdoB9XxxmCV6jtou1GB8BPecoa2zknT + BSzC9JDGmoKnXk53YiPe59YNTs9Gxk9OeuCovmygaQbKXeKNe4eg+3UH6Kd6Illz + osSutJjTJC6dkq8oV/7YkMgDodNyrVE6QqrY/F/FOMfqzftMfRg5S+B3NFg8r5JA + sgxxzGYTEpWv0PlK2nuWo8M4tWoso06loMBfRR2ViNmOtCvu+TDHJLAFim+yJOk0 + vzGifrUzvCRysvfXLj09gWPCoG8mNWLWD0xV/XiKLzE2cONRXMbuFeqqBdxkDZ7S + XgGdbwGy/jDBXe3422JPimFUhUKxTuFlcinjL5BhBUnaU9nKtvKj58eKoyfjPPfy + NpbR/flIJrQyoHpe+DSbkB1x88mOINYy8STh88MPAdvnEMqiYMH7RBL8hEfN/JE= + =zAn4 -----END PGP MESSAGE----- fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A - - created_at: "2024-05-26T00:53:53Z" + - created_at: "2026-02-17T22:22:00Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMA4EEKdYEzV0pAQ/+MLPIERHeZTiyNPEUc6YnWYcfW3Zgnsnc7EzfFn7NJla7 - HpD82Y14w1gpQrUiPu7wdjzh7xeOQ3fnk2819g4wEXU32M5rCUay9XUWqWFnzpMZ - /Gy0tdwE9TgwrSQ6GDNd6JO93hLNByq1QqhsIkKEL640Wv6doLVfQW07O59hDrPd - AQ3UxWnohbNbD333yXa3kjfYcNugjtERM2wZ6qqZoXp58SG2RE0A2wMV77H0jOQj - Rx0arENCNBS5XZlIJW6v+I1Ak1wYnW5vAlVRMcUXo8vJNu93WaZ906EnmVCQ0cYn - LeNVH2ajcuOud/uiVntwdYKMr85rMBl9eOlsPP3dHqbhsrXn/+Oqagh7YUwEvJ8g - LK1krKc4Jlj9a5J6dPl0lCsEAv6vGaVCICJkNnd0JikTViu7DhajImfGrSLrA6y+ - 81hx/TTKqisAL1xBwOOu+LbwlhFZrkrTQaKnueswKzwrS3utxSX7OIepui7Ib7JK - h5R5VDq1bTCbRvo/rRpCaOt1KI6g4ZX+o5TI/60TUcGvzLRRAv7jZZ05PKhcfRuJ - 4ZrKoRu2qKVxA6+kcOfy4Gi5MgkI4Keue4tgJsYJ+LCP8tV7+Jntxf4XXVMLoFCH - jQDe3vIHOxNKqlPUEnLlVmv+g3K9Y7N5uBLuk3xkVYrxWRhBmY6e0WtTVEF/lWjS - XgFWqfLHx/JAJgIU2tiO9oLkJWcdHuXAHNYDvTKP+a8WLcJDZdS8X1feqOpWYbaH - zVbYkg4MGJqO7K9f3jlCtyszh3Kpu5CFbfXA0MZ3M2eRoJTv91iWViIWY7UP3VI= - =vsm4 - -----END PGP MESSAGE----- - fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA - - created_at: "2024-05-26T00:53:53Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DQrf1tCqiJxoSAQdANu3CeUuv/SDkBQG+aROPeiWBauWaQBDUm6UdXAhEBXUw - Tuj49QiBBCQ440R3SBkHOzOOUUTMPkWo/wESnJm+EPla800tb9B8rOvUj7PnkbiY - 0l4Boe0q5XPHSysz9eIQ7zRwSKoClgd+zi/GOtcsvxkLWlISoBzAVOVEvk55OeKb - 7J70fuIMl5rZPPFBzbF9gjnCHxAtfSyze5774nPfFI/zoQo3WaDfL/9viRhP7Eqb - =i8o+ + hF4DQrf1tCqiJxoSAQdAE/M7osrxnQX/N0eV4PzXqrzXLtblLY+Gr0znYJSpPiMw + Pw6O4Nw6u8JkVgZCo7/lG+Y86bsI412vnZxiq3pERlxQVHgNea3ArfbM7y0fH/pb + 0l4BQkt6yleg738hV8XY1hbJG2xruiw1p+Ts71v2qaFpSazOyz0RPrIIcWelJjkP + P5IV9g83IZMv3AWEGnUByACe8VpWJlFJ578tYtJIfnhsrDryCBubQ0gPsXGqTPPI + =mE/U -----END PGP MESSAGE----- fp: B71138A6A8964A3C3B8899857B4F70C356765BAB - - created_at: "2024-05-26T00:53:53Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAzdAjw8ldn6CAQ/+N5yVnEm3ejyw10aDPkLjJoUIoxZl0Nof6pGZxdWYgiF5 - VrEsLv9vYQD8Wp7/nXuI2HW7OoA+vTG9KBZt2Tw9R0iPIMXpEf0fewPSBZ2n10lk - KJPvkMP4w2OV1AfGT+PrRPLaX8/2E4p6dE8BPviWEh9HptYKodhs9lRlcq2C3Kjh - sE88eJOSA+fQpASVZLNHKYn1UrXXENRTHE4tw3+OIpE2KSxHvIv7sI8LuXZb8Jxy - OpmUP+v9fmhsPJYIlP7SAvITMgZdMHceH7SDgOZn0kVU0inr7MJ+FCcNQkQOl7aP - jMp2B7qSXOdC2NHUmdYvzeUx6B8O9Bn19VM5LGte9n1RBnknw6TQfQO+fkQTjUyl - 3FhVqQAxrutOBjud5xn7H0Grj+7oqRI51LLUjLQdOzpEi4hul9Of3FfGnKxjOxUf - yVBHqZzFco5rcN2fzMgWytjuSED0AE8UPS/tcd01oXXEsTj4YBSKWox0gZuyn9B1 - mspU7vr9I39igceGVE6LJQ4EBnpR8xC7v5CDFpEbCr1qt4VlaH4nUgfN2tEGtOGW - 2mmrX2nGC1r1VRm0K+ACRW4htDsOsBzSxQttVJ/5IWkP5fqegcwIajjo18VXz8IH - BtZdJKzXuhQLG0B+sXndOAgACWkVQw4F2hD5CYRpiFtungAqUbtSDbeb43x7ICjS - XgFrmwLxkGfZYKOPehbp8L9glbHpfHYE4CopRHPtUkhLTNWTqzEyE7YQYYVu9Cui - E9Q3v2/+2swn6nKOQtB1Adu8ItCqu8Om+d3IJQvKVS24k4+fKPWa7/ccmkXz7OU= - =w7hs - -----END PGP MESSAGE----- - fp: 3D70F61E07F64EC4E4EF417BEFCD9D20F58784EF unencrypted_suffix: _unencrypted version: 3.10.2 diff --git a/config/hosts/penpot/secrets.yaml b/config/hosts/penpot/secrets.yaml index 855590c..e3d6894 100644 --- a/config/hosts/penpot/secrets.yaml +++ b/config/hosts/penpot/secrets.yaml @@ -1,234 +1,149 @@ penpot_backend_environment_file: ENC[AES256_GCM,data:+MJbbAjzslBIYlQ9xe0VzM8ON2U5dktJGGHmoUu0HW0mvU4pRYrQXlWdW85RXAyYU9yOiL6TNAHOWUQyqOdo23whuer2jL/Qe17DEhapE4b9W9JqBX7H0VZZKHS70AgGZdWmbj/bWAROg/qGPVKjZLhgKxoVTVbvAIJEXUDAbGfvHlY3BP67yUTXvbmtd/Rdhn6i1HafY7YHFNAW8SkikglW6wR5igEZMFAefMOMgq7aYmNXOr1bImjCPEko0DvumJZM4YMjmb3Wc97wL7OMP9G/V0k9fRclhOj9+lNpeeCKL+VL3Bgo8vqgrB+WIi4a0EwerT8srx351txrU+ITxoHciRQtOpeXVHWL1snW9o7xCoOcil0NS93D9GhW+Hd75Is/xHN08UHmahF1r71nbDK4CmSiUzZzFLl1oWkSTU/31zBUnllHOt5nDMKT42xiniAJcQ==,iv:vtIlNGIh9+e9W+OebTac+UUQp9glBIolC6KQwQMzDn4=,tag:kBBTu7LVp+3xJ/MstLyomw==,type:str] penpot_postgres_environment_file: ENC[AES256_GCM,data:VT36kHkRH8ghnU1oyPpAQZW2LR8GNmG1cQXVjU4f+rGy9hViTivd7qxzMusisy7IcWfVaQuXFvUCT+pCMD/fhSAQZOY/1Rs8LBXJtsuPButOG9Q=,iv:pUjAkvvHjsnzn0xRRmdZXatOgLm9dx8Ggt7lEfiQllQ=,tag:FZRqlcxQWu/FgnJfoukIcA==,type:str] sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age10ku5rphtsf2lcxg78za7f2dad5cx5x9urgkce0d7tyqwq2enva9sqf7g8r - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBiZVA5WE9JcDBOQVdPbGkz - SnNkWEJvaUtGaWVOajd6SzJ6aGNxSXZQaVhnCmgwT01kNFRZa09Gd1o2ZURyZUJQ - N0dwK21vUmk1N1duOVNtV2wrVmlyNDQKLS0tIEJtUENHdXhGcXhRRjM5VkhpdEVG - Z3UzOGFFUDhwUndoQWtCdHlMenZETW8KI0FjoFG4E1fhOxYiCIxY2BnLOmGcpoyK - EbDdNFQEMngwppEm9r1KzG/1cGMoIij2qpmK4Jz1Hzgk/6dZwvGxzw== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-08-10T15:40:27Z" - mac: ENC[AES256_GCM,data:hxVxH/BBwYcvbtOH4aOUnI9NnbCfAGnnwE3VQBJBJliOWo9WHm/hx4Eol4vaS+AA2t6AUU7UmzjofX2wSTbqQliDCFCSgbpMofDXP7tmlat+M9Du91fQmfOibzCd84tkqS+TRTFCFX83LmQ7/Bb2mHl77uGVAFYyHX9+IPPEUMw=,iv:w2Rdl2+o7bZRQsOogU6U5DK1UuHn+bL4Ouh3XbByYHA=,tag:6sqJal6+kzk0stP6vK6oOw==,type:str] - pgp: - - created_at: "2024-08-09T01:28:41Z" - enc: |- - -----BEGIN PGP MESSAGE----- + age: + - recipient: age19h7xtfmt3py3ydgl8d8fgh8uakxqxjr74flrxev3pgmvvx94kvtq5d932d + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBicGt5U2pkOVoyeEVrWUxP + RG42SVYxMmhjM1lvaXp2a2Zwd3FNL3l2bUZjClpibFhCT1JtNWp6akpIQ1V6YW5L + SzBHd1lPais3eDQ4OEtiYi8yeGVZK1EKLS0tIE5TeTB1MjFmVVh1TUYwZ05YZWor + aUNxU0xKVTNScEl3YXEvZmlVcHh5cjgKTwC4QsYGq/6Z90oxfYakHM0Uiym1KaTP + UcigMqnMlz3z94/cIHZKF+jFFRITq44SiOg8/yAMmR+MPtbTZ5ZnSA== + -----END AGE ENCRYPTED FILE----- + - recipient: age10ku5rphtsf2lcxg78za7f2dad5cx5x9urgkce0d7tyqwq2enva9sqf7g8r + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1bVFvQ0xKMzdKY0MrekRp + NDJ1TGpFb0RJQWJZSys1ZUE1N2JYUDhRUzNJCmw4N3FKRVZ2M3FtdFlBZGZscVBj + NGdWUDlPZHI5ZFErY000VlFsVUtLYjQKLS0tIGo4YmZWRHF5RVpuZzBKQXhrdDN2 + UllmcTIrNXJjcnNSS29BMWlSNkhOL2cKaPzeAO5y8SiU/Oupf3hVbhm5qlz08Z16 + vaGXmMv/NjhSM2Xevk8BYuU9CH9rIVqNDiQXBKeIVD6VhdtoJV2pgA== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-08-10T15:40:27Z" + mac: ENC[AES256_GCM,data:hxVxH/BBwYcvbtOH4aOUnI9NnbCfAGnnwE3VQBJBJliOWo9WHm/hx4Eol4vaS+AA2t6AUU7UmzjofX2wSTbqQliDCFCSgbpMofDXP7tmlat+M9Du91fQmfOibzCd84tkqS+TRTFCFX83LmQ7/Bb2mHl77uGVAFYyHX9+IPPEUMw=,iv:w2Rdl2+o7bZRQsOogU6U5DK1UuHn+bL4Ouh3XbByYHA=,tag:6sqJal6+kzk0stP6vK6oOw==,type:str] + pgp: + - created_at: "2026-02-17T22:22:01Z" + enc: |- + -----BEGIN PGP MESSAGE----- - hQIMAxK/JaB2/SdtAQ/+JKe4fsuAKMJr6kuDt5vjv+hrXamWEwRLBfYPHHZHEUeK - AQBs9fG9Ni7Qpelv8RIbxWyophgt2TCEqP2d+7EcGTgDZkdLxx5s2LJuCh+tEZwT - bm0sPt+8eYY077MxA1ZtlBgkslMugvdnJaDckGc8xRPldUa7gRp0j3yaLULRxjA6 - T0nyALAqAaDa2uHgB7mTB3pXJYk4GxZpYbVc+wxAWXEDRLR/bpT18ywAcA6iSerd - KGDzWKjgOr1TTJqUxsguqDjnVp1c+xRPirC9uENGqW8mxI7h1+4B//dJvuXV/cYh - LKi0aDUTnma78mo2v9faUSJl23LkIehWZwbVG/+Mpkk3yxscLV124Vbwj56IFCzI - AiJ7m2QVxY5eXoVLodw6Po2S62gkwg7H5Aw3J4pppNuIAIr/8mJBpJoBy6poTsG3 - QhbQdEdsF5ikoLu/OV/H7mp86zJt42Q+74xGjKYx/qvLq6SDmDA03kqk9N71URyu - FRTEDysEkeAzreFFkxn3Q+K/cXvtv/2Knte1lmDTfpmhg4cFwsLPLPH37A2veaxJ - JTyWDLHgrJ8NFgii3gLrwj+XLOZOwmCY0puJKtdAnPaaQiLfyqYfeLVlt7Se4MMJ - 8XaFWcaQHBxL9nRZnx7WkE9LfHIG0e+414hT0F/aER+8iKboIbt6rdEHpEMGDWnU - aAEJAhD/TpW7E+yYjFVi/xSQ3kCAruHcm6x4BDTE7by0VeTLiRFW+culxiInOYiD - kdp+dATm5f7IrQp/qemL02/Me5yqURZlZrDHra7AiCI+MVBJiCRIY/x6xZSew7PX - HC+p9sB+PBFL - =1qbt - -----END PGP MESSAGE----- - fp: EF643F59E008414882232C78FFA8331EEB7D6B70 - - created_at: "2024-08-09T01:28:41Z" - enc: |- - -----BEGIN PGP MESSAGE----- + hQIMAz5uSgHG2iMJARAAynwvOJFE4hlU6Cr/HwoXK5TqrsdZbJjsK0dBhMJjZCXo + mQiGbeCmq6ut9LpSL399eXSuZ7MGzk39JBQ54PXUeB/3K02E43tIAzPIrJGXVW9n + Z9QvdAk5B772WgjjTMN82GeQ7xGTp/KJ8MjNvob4umpqYVvkX7CN8glvldHoeqbH + oBwviYU2YEnNgqWYCby0OvwT2Ouky8QEXiKwlI0fUfGd3EHtnLCwegouAUUBKCqb + 2SMPLpSFeJuZiGxTsS889CJWMQxXdfqVDS3aedt7SJP8TyqdDlIIJ+fJ5Vt429vN + Af/drBfpViLVHXHh3MQNF5kQXgLt+LSecuj9ubZHXLNm34nw0ldtjf1nqAcsMDRY + gM3FQSuBZUU3vpbisFHzF63tiotwdjQf2BR5r9McnSKyHNHvd0m6DN9l9W5xNlKC + Sdf+cuQOdtsYFxeGrkl7j3uvxsjEyfPJ7lokfRm3vC43GY6MoBBjVqUIe1i4ynUj + nLwtps6AkiTyhkDUXomCqKNiZNAGwW0VI2lMgnva/atWNI15VuD3gOU8TrAfBRcU + vpD82HhBGvyYgcqvn8WWwkd508OQsAHlQlZbp+ZFjbPgzqriSBCv1Z6C74Yhw1Gg + vmfcCCRw70Vmz0zXC4iWJxxFH4SUla7YVOCdwrKhF/6thJSfgQ85bsFkSzUcvV7S + XgHhXgm71Ah6fFzrkOTo58+8RJBwXYGhcOvotq0owzuski4RtdLKWTtC4cT0oMlR + hbziNLYPYo7aogsZ+FxYlkQ4YTleKJUkrUuwBPYqYKZsbCG0un0R5yQrf4/hlfo= + =ekfn + -----END PGP MESSAGE----- + fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5 + - created_at: "2026-02-17T22:22:01Z" + enc: |- + -----BEGIN PGP MESSAGE----- - hQIMA6EyPtWBEI+2AQ/+Ijn18W+K2je/hpolpY6HmQMTTRpQJZ8YtJ5G35o5WoVP - hH+znQMrBBAtnTWeFBeIuIzk4CHjPS0yfnsE4/rP7/lSa177A2xaeiCb74F6k/Es - MtDE/TApSlNdPFruN5nkd2I8jAWh1k37nS+/NUhszReR39NNmgA+aCSc2OK04aAz - dpPXmaJ+d3zMr7eFoL2NyhNI3A/ZdVP3UmZCp12juckDRl8oeei4PBlw2T6ODJP4 - tY08I9EyK/5K4auhYJyvayl1RWwRuShFV732ZjztkawLw152W0Rrg75Qoukhs9mr - TdyF0zcnVxAcOV4e5wRe13dDV6Ue7zeWFc9bb577thGzUm2Oue0u+oisty16qt9K - 0vw0tVSDtT/suodG8HpvSwGQ+/xcV7w8XCH8Yx28N9iO49VZCB1ZYXQBxTHVDl2b - J/8AivaK4OOFvPWNr4u6oLaO9nz1aaX6Qsap5zn0Qa2Ls2SSBwWk2Fp/f1dq3KOy - /jGR89ocuEuImVacr2G6zxPnbukfa4S8q/FUUDbswQUqmWMcDDq3dOQ1fFPRd7vy - 5a9u3P8LFW+ZPPHop3kgozgZ9pBGDOlw3nkjGjFl39lE33E+049gLE6I6+1+umG0 - EWkNI9y8X+HmHMthVuYapq23Ix09H6Wa452hZmEUxNgp33M8Zx+l3s6D7o7jfrjS - XgElPJuUWyGKPoUY9mFaINyVqjOJGEtEOYRP7jvCpFWDq/xQ8jbJvvv7qBy8+i0b - cpqRrMJrvMB2PSLeD6cNWymrNhKilLLFOcG9yaIEudDhiuv3L4/ub08QMroDmo8= - =80AM - -----END PGP MESSAGE----- - fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC - - created_at: "2024-08-09T01:28:41Z" - enc: |- - -----BEGIN PGP MESSAGE----- + hQIMAw5vwmoEJHQ1AQ//Rl2w61XcbW6YhwDThbwbcpaKzZegAzKnKa2Q25U2UfNP + jhqwqay/PUbJyt/G/9ukVNZ1ujTu4ffbzlV6wD4TJ6baLn1NL1Xkjz8rqoIlXy9/ + ZqpyEZxyQAsaP0hBgE3x4UZdD6jh/NRUUlrnPRFVqXxHSCL5XHmHdjCaY58OgB6H + /5LFGjYdxFomGEozR5fpgBuA50B4ylh1Crw+xiT6VPB50/mWRw7GSO4f6iwB/2eR + VeGrK7nqHf6dFS/mTDUxw2jrSoyjDMTgAPHwl1qJ+Pug8fmp0cIdLf3ZGBlulsL2 + 9DHCvXNeNGmk72Ag6DWh1vxLBOGYAzar4hXSxu216ppJh9ym+3SZRmEYhP33VBRp + JbufVtrRwK3wU3+o88DXZ0Z58Pt+IlH652qxHqJlC7H2F/gX7B5zjH+Uz+1IeEK8 + YudPIH3Vo+saCSpKg0RLqHiNXE9ia/wvnWNzw4U5GGikle8LNnzy2TMnwq8I92GP + RUVzWH3vFOWMSt+ilrA4nhjeVlzMBMGBvmQiJypAUAj+fm/xEJTkasa0a+GVpZtH + zHMwTFV/A/7rtXFrtcjTjDLBdlVMqSNM3FYHnKKlZLYUQbqhQNaINdxjrx2C/19w + +WLI08wqrPMZSa5iA1q60LLC3WkiTka1K5N+8fT6HxH/OuuiBJJyxMWsoIcSpYTS + XgG3jf+BR/9y8kDxqiGCwwU7fzRGXGvCH5i7CJzwrWtc3FmTNb7ct3k+tMbEcrNc + frd6gvm0u8+I5CFmHsdZFrDy55afTOoT4DErO7vmUGRKh4JfgKxsn8lzzfLcYjc= + =hjjX + -----END PGP MESSAGE----- + fp: 87AB00D45D37C9E9167B5A5A333448678B60E505 + - created_at: "2026-02-17T22:22:01Z" + enc: |- + -----BEGIN PGP MESSAGE----- - hQIMAz5uSgHG2iMJAQ//Vv7IVqc9ReeFgo8RWbYpl1W5atAHerZuUh0oYc4otGpb - UseJ2JInyykcUeQWlOGvTK+eauBVNET0E/6jylCoWb8lzffhSMJ4FFpvpsoYjPG9 - Q8s3r8soOCYB0xscfhinZwJg5to+I2MSd8mppWIp4UCQhxv7MqQpbqEzNTfVP7YO - QEUZ/lesVovLvxMzKc2YVWyZFSW2G6HK3LTaJIg8gy5ym/crlUB+awd2ZDePGk6F - Y7DcKwL1EpCL+hoPWGF9PclYKrOBIZVznYQuwHAqG+Bxr9Ln/NmS/OoCrJDMN6gG - 2YMZ3Q7GQ82zZESxYA7g+ef9/lGCm7DIkt80or72x7eS6/OP7c1bjGFgKLQNyHFU - Th6cOy/TzK8Sq2g1mWB2zyV3xk6mb9C0ETAFD5vvPGVC3Sb4549Y+epe1T3ZLFTA - t09nUIpTC05PEdGsWs5Z5MDp8ZCsPZpipbVrWENesNOfaFYG+p7aM0LjgTqZcadD - B/Foejayc3XYI0T/NoP43mAZ2nEOw2Bz9lBpwz0PeTfzyrhz9XlJ7Dw462XTFA3i - voTHA5+DzGNPf6zC1fH9GcESmpC2nqXit8ZV+Y7Zb9/cAsx3E05S8ayxdBZUrOtJ - JSWGOAfPuzGXgL6Ht3iKcmCxQ/pSi1aH0h+bYqlrxTvP9IMyNCrxmP6+YsXCv8XS - XgE0NjzRMClq4/HhQ5X0ANGHWxbZJLAbm8yfgK5rnnmvi53RNJhRUHDnNca93brF - n27gnVLKM+2FdwRjwNIznkbZV/iNM6zIfRWwmJs9gHRuX/J/XWzD1KjDsn2rmiQ= - =bAYZ - -----END PGP MESSAGE----- - fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5 - - created_at: "2024-08-09T01:28:41Z" - enc: |- - -----BEGIN PGP MESSAGE----- + hF4DerEtaFuTeewSAQdAhOSneDEqtquUzQxEuKsOmmBWObvr4JDzmoijutbNFS8w + dixZ92+6rfNthVHhzDQghzyU8dYNqQiwfcrXNWpJ4fJRE1g8nTuQApvxTF4lC4Vm + 0l4B/YhYp2JGWdw1dllA9cD/HMAzKJ4zHSL7dCcfP6k0b6CUYm1GuO/VT6Bx7ygC + gfLuQKGFRPomTHNan4S1rhW0q2zvQNGIFMTDo3eR6Uyb2UVDTIdbaICsuaEKssEc + =JN/I + -----END PGP MESSAGE----- + fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912 + - created_at: "2026-02-17T22:22:01Z" + enc: |- + -----BEGIN PGP MESSAGE----- - hQIMAw5vwmoEJHQ1ARAAkdXjf9h4iyYtKPwR9V8hgIfpt3s3zMduuJN3u76ZHdfE - 87t5K8eL2yIVN2DeOqtXRG28Broy3LLwMlLOJhxVxS5LAOEjT4ScZyb9H7MLnDsp - boW210SLkeQ5vTW9hgjAU9V6wbemxoiNPYTcBUsuirI8a+jpnALLY0jeOILBEmHQ - c+wbeo+VnlTQkTKCFI7TwlG1JnRnv3DMATVkOjC2PXmXPNkhr04Ivvf0+yBELY/1 - hLirTfk/W6vFodPaoaRaeWjGJOo+FbqKLxr2xYzVu6SkF+i4CvDPb1x0t/laTpPA - qC6KJ1wyVwG4k7ZBLgRcf5Scn1zgGFzZexUAhdIYp0tKPycphUQxEMOI8/OeBP1V - 68gBcilvv42zs+ed2RUK4j1e9YklxazZgaUhPfdrBrw/HiDJ8ILaq6LQQZSNrxZx - koAV/qw8ylU7vkciyA8bGLOiWc/Ub9vkRSuEi5TMOhmT7bVZ+W/26bWgDcAMmCpa - 13H1uLXLuHnfDavdesh+RAxRgEavPTMz+HFbqhvkv8sy0RPCodyJv69J7dsS7a2C - 71Ub7jyZIQyRtTGGZH5EjMQVStBMccE2KrJRzZCKbCmQDofKb4M67caaHBnVrs7D - vyx8V7JQGkNOWIgWFb23dtCtRiMzFaRk31mihFmFF2tSgg6XMqNmTp0pc3zQBarS - XgFZKRlYE7H1tMUCDwyKB7G3r1jsxBlUSbH1J6XjUBWKkTD4iMHI/4YStvghLjm2 - 0qqgKH/Njd9xBXc3x4Ut7kh8tFMMa07xF7/V0Pgwq+7J7EgckEfKHKA5vcQt17Q= - =23io - -----END PGP MESSAGE----- - fp: 87AB00D45D37C9E9167B5A5A333448678B60E505 - - created_at: "2024-08-09T01:28:41Z" - enc: |- - -----BEGIN PGP MESSAGE----- + hQIMAxjNhCKPP69fAQ/9GhlagbbuK9o7QroUgY9gcimdxp1PTK4HOsjRgnf56PNm + vTpP3We62o3+ohIX7yGKbpNKbnf3n5Ecx3ItJbBRniUDr3G2AnnxpynJJWmZGsn3 + HOsgQqqYtUeSgf6KIhaeebP9drM2p2qPYmGfa+9DBb+Li6FESOlzOmZeiUoaZUlF + lHys0cTsBE2iYepR34NYwv7qrkt8tkCz1nrKraAmhiNWFoUFWVN617p2NQICpsFD + Wk5m9gJtWlgQHvSHvqEgu6PBArOFclBcY+bb/XC0srWlAVixwr60iDy1IRRuKz6r + 9OukM9Ng1V0bZhkGyjB4ti+RmQKiP9SPAupxmCe5n+ZkweJ7gb/nE9lodNJv8IkK + 3o9h653H1hCbWKeKlaAggCfopAyEn1mU+7l37AWUGh3sh5jz7aFrdXYcAIuum88/ + Zpa0ALYIABoevjJwV6NyFtAsQpt7YQ3/0wJe/BC/6XQ7QI44DlUYraIaA+CLT9gp + C4h2olOPtCXHfNRM4VK4pOJ0gwQVTI40snlCNzq9TfZPjC63MxzinRLs8PUVvM3r + CXYTwxkOI3IFdvoTIefdVjoOxvGR0tUyYTagtJ0nihh4ymKlxPS2F2FNAm/oDQvm + kx1AjAci8YuYZbS+DSFpi5djN2nxoQRfiFhm08ruBRnX0SI1EYLMShO/AO5fJrTS + XgF86MBuDd9XX2E1OLWamMpgobsAHLgUd/kny8Nz1+VFRmME+FKicrOOvm3RVPWW + D5NGxvlHPMfeE/xqPv4Oog1qkvUdDQoNSc1D6h8uh07XW77mJr0kwnmhk/zDsmA= + =Tlzo + -----END PGP MESSAGE----- + fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55 + - created_at: "2026-02-17T22:22:01Z" + enc: |- + -----BEGIN PGP MESSAGE----- - hQIMA4HMJd/cQYrVAQ//RH/jOrYE9MD9IjkUfsQZ79rjEwDdtmsXs+gS/XUr0MpI - f/aDyw/vfvD7ZgY86yqp68x0OQLIyRIx9O05FNB3giVN4YFvZpFblLotpMzCFa2d - 5xKLIQ1oviDSnE0kKpNM+QKITKjCxyke7MgW/laXvF0zMaVdPj0qo3Zn07MUKULs - btxZgPhzwWLjveZGn+72QiBGTF0ce49TWoh6y/l7PDsXhojau2KP556hI3rp/nC0 - PunbLVRntpz+bOoyOk+xvKen+8b/Vwp+GYA2NBDbZSEY9H3YF5ugZBR/jUc8da7D - 9EBA35udmQVKtD2XZrIyfhETC1eqLXORo0JKld5oC03JPkqvV+QpMF+8JBjXe1Cy - qI4pBmdhTJYFoJHpvMH7eC4CWgZZRMD5mB2nk1hYd9oIiYUPABfdeGxKiFnC8zHH - cEY3jgGzetZTxnpk2mxZvFMMwFqyOJA2PnwMTv3IraARkFrLxGzUIG4uOjo+l2fp - igOKsw9p46RR1gkuKF4u3yB3/1RloDyqGCU1/n4BCWy5/UkjSQpWKShZt3qMd2G2 - A6si2zgSHIQ+ubR7MPB3Q3U/Rnw7pSbTbdDc73pZ2SPZfUuJplPSDUvXICGlj8cO - jO8s926qp4X9C4mi5um6EX5nLG+pfuKowIBdB2HWmxu2idwyrmNdlIgAcWcteazS - XgF9W6THXau4lEmrBqWEiC0K/9NA0cDJqRdvj6wqZ/OIAo86q3yRlm8yY8U7D00j - wNS8WSHq+EX0K9LpwQiHAJoxNXABEx/DbRqVeuLn2FaCocZigbvu3k/pePuOsK0= - =ZLl2 - -----END PGP MESSAGE----- - fp: 91213ABAA73B0B73D3C02B5B4E5F372D17BBE67C - - created_at: "2024-08-09T01:28:41Z" - enc: |- - -----BEGIN PGP MESSAGE----- + hQIMA1Hthzn+T1OoARAAlUaspaXyF0VUY+9YYAZNTO9FcqybRLNMCNfYqxjOc9EY + CtHqfMOaA2fYO3Jz5cY3u85ilKovHNpUTQN2AL5B/DnMthQy8ooGrvabeZ4qYeuq + EgKDgzsFw5BS2eS1t6A5cl7OS/tSMnN83Mmy5zYT0eBApkW0uwucv5paNvi4v0XS + nxkfpjLx6Bh4lZ1S4elhkkoC3NQp9oi/xQD3xQue6i0hAw1fKjHXHcluN7gBYfQ3 + dgCuPC9NGdNJ3O6k8zn5b01wyLKISt0noYy6XQfZkac/7YKJmfYjaDjwr3G5GPJN + 5qDvb/NER/wcPMPiH2avFFPxy8MetG44OS7F2sqUumwxPAKCgrLuGvX5zNf2FdSO + hYPaOveWxGfoAP4IkoGlnp7+DdcWplWE/zyA8vk49JH/cac74+tUkI0AOflJVU2y + EGJ2egD2ThL64+V3Ezml5QQnVFwgWWM46w1X6fhx1wWD+o9mZovj2RF2WkGa2dp6 + vP5PXDvTioFt40v5sYjN/19sfeuT+QVExdRZ8yBLgPj430CtF2TvCNNP56h1GB4+ + oId9LNlhjSLl23dcA80C3OKLJhFMFC3EhJDXqyrUFXf4rUF/rN/Bd/ig0oq/d2+7 + LE7xJE0TYQw83ReW4Amcy4rkLOub64JiNEpEBqZk246MkZoH2IT6gh8sKJ/DHdPS + XgGcprhx/8L/jM4qS0nGaFvkMnOWqZfv0By/CHCl1KPx9p+6m+a5oyA6NUUbYZsZ + 6BF0Yk2CEdlM8WjUilQWIYBJtpXqGRu+z4KkaosyNmAem0gImPxQQA2bBdVTQwQ= + =PMud + -----END PGP MESSAGE----- + fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD + - created_at: "2026-02-17T22:22:01Z" + enc: |- + -----BEGIN PGP MESSAGE----- - hQIMAxjNhCKPP69fAQ//dCKpiens8kqp+I9HtwP2CQOVMLLAle1VYB7pJ5pfcyzI - /3tAmwcxBmg+jhkFiqheBQYV2yNmBMHc5ulx+MxSDKd9mzCTavlGlE+intPjON8k - sis68RnU5OFsnGVXSmJji1vN37cCY4jHkf2vYzz6HJ6FLPrda/W3ZfXI+ZnOCao5 - wGYrqPcYUj+7gnN1S42HM492oqeCNLcENDvegf8AxtBEgfp7UQ0V3ZC0wZEYhz0V - p9bdivFoEZ3Zo0sJTWKj3Df3IA5T6c4dbSPj8r7IZ5iNDguKAjvegXujco7pow51 - fNNJB02hnYHLMRAbeRqaWyJ7qUQSWbQEgb8NuonspnXnajKc/OddgoTN91gTRgMb - op2T3HOFv3lKZPA/xIeDZpIm6GqOW6eJLjqiLP39VGvvNRYg+zxhNg/ZBVkFuSAf - U5uDPUyIAr10zdm7NqJKL8wKRbQzBg5OYovrXqSl96+KNenJqbMNv1N7kfSF6FuF - x8joEDXIaBSwINE4oXD5SN7Z5L2SuuMJ2nvuXFmmXKerRlrBiGsBzUVMt1bGqKEU - KoAAwbInZ9SprSxqJ1EkSVXpNGnFFNlbBB1j2u9BoGygOkVM4ZxIS19DBDLG0Tls - Fq6GI5d3axcf7t024UmwcU9yaP1BzrV0bDvDg3X+Azuo5JqpT3pSUvqv+Sy1C3nS - XgHK1C7XTOfcvmcxJ1f++xELwRkgNo1OqSG3cIZ8i1tKZFKTyYCiNHa/ajSr+wER - 4phM7Tdr6ubjLkqvDkMeXvtiGyUoAvbtLC0wqSaE8sEZ28eFGEAaECV/uOW81X0= - =0jv9 - -----END PGP MESSAGE----- - fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55 - - created_at: "2024-08-09T01:28:41Z" - enc: |- - -----BEGIN PGP MESSAGE----- + hQIMA46L6MuPqfJqAQ/+NWPka8B/F/sZkJ2cVtVLywIPhHNIroBiyA5n/8TOjWjF + Q9zII52FLTjOrNozJb6Vf09iNTBqPGnde5vW/98aa4v6XaGL/rpHG0TS7uR7Y26Q + DQbYlxZIMwdlhkrb6OHgTeocl1q/XDruLqUaEpqxDjRrtwvFqtEPIMkIvJQp5g9U + qBUqL0gZz71hx7M4V/cxCitMY2bmINueF5TIF44THHGu8QbZaoAt7vXzkxvn9/Jj + jkQYCw128bBWWOTgZ8Nen+s5QuV0jRsczZGkwg7KNSkYi+XszxgcamXIPkKeGhcA + kTyKDNotOeKyui5Mh/MVGSQDi/njWua8ZiPUarORef53ndRY5hkd2dQVjZm1kZvY + Hfi7Nxd8Uxl7ru2m4W8+MXGPRCnm7jFFaVtcwKdGyIASyTtJBHG/wbXDVfsfQVSc + /YLuS10B37gd3innwndPTockCHsuOMHIbNeM8RD41OJSV3opEQlf+DCxTQTxQMZg + n+J61eflGMfkMHSU8yj/7b9NX2IFka2w3GO/hicZ2l2GrM7fNUqT+ynaO1lC1xNX + ALReI0DQUdRd2VHn3cBoduT2j/DM6RaVH89nf7Euj+mzHGSR0DFNxHFXyoHAJJmF + 8J08ATp68JkbahHs7swa9Kh3Z4//LILHYcdDiiJNP5NJRG65OlIcTro08NzPg5HS + XgHKbiW3ZXCowpDempWr7UawruY3O1SSvgC3YsHlslrm6RD0uINCKxJL7YjBjIqD + u4M70/rHNiGJefJ2xACNQgdTzPl6s1LpG3c8ANEBLVE4irqFTE6mgfErOMb2Qzo= + =JZf1 + -----END PGP MESSAGE----- + fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A + - created_at: "2026-02-17T22:22:01Z" + enc: |- + -----BEGIN PGP MESSAGE----- - hQIMA1Hthzn+T1OoAQ/9GTEI65w8icqppqTuvQD50vaR+lCY1NjWT0HekgvNuCLV - 4gL1cYv7tJ5UU6jOnREoScamWnUTYf/sLINIfa+FgvH+apswQeQCFrdCb8/61/Xc - 3hsJ8gwmguP1zJabKFI6/Yo3vPPa+kpj0Am6M7dUUxEKw4Lqy6Hc32O6ULNJOvdo - 56oqr6KoemrpU0TzqkKTpgAZaQjFfVzPWfC8moUL1pvxrHm7rqDPiYcl7fZP3JFD - gQMZokH205u1elxiFxuQGtW8jbeBqCZUm1UorEgD2EJYEPfyphIaHaQnCpW8zXkI - gt9QT3cqJpGJAobCPbh6vKPtbGPEqZOzOaCMFl07pkOSGPAVGMVfV+FdsfszPYY6 - Rqsk7zlCFv/iNFWKpkdfI66JLvhmgNwXRv+rkYzH3QrQikjLmAeTzyL69SPujgDK - qXBRZiAPwEDScr2Qcum36jDVrT3jRfC1opzwpRxM2ompJ0F6caBPNVjY10BScl7Y - RWVmkFrPL9MdEelFLscG17K+y5S/50sLcU+sGbMkmPsmizA0boK5XBXJz3cTadYy - Asr2b4aWTqBS5iW1vbWIGJVrUUk3U1S4fFaSvsL3I6O0E+sOB3eEEpQZqpF9Genr - hCE8GVE5yQWb3YYK0ZA7j4u+dwA+QfRIuQuMWFoRKp8oqEitjjix3je2R3u8/ILS - XgFcAp8Jh+VbnQg/pq92u3dX6afGv6nENpMVPn73yob+sfE5xUFEfEzE1E1WCWdR - HiLZVOgpVOYmo2s8/UW60hLNBULpqyf6ZTQsr7IqaGw4g+Ew116cwDawywRSJMg= - =T0nI - -----END PGP MESSAGE----- - fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD - - created_at: "2024-08-09T01:28:41Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA46L6MuPqfJqARAApsnPRzTCIkbKT6jaVHixgP6wyCjfVmvgb0NnMrN2Ygup - pafb6GNWoFq9WdiSqwFIJPZlZxJFiIgSxplDI63Wj1MgfvQBEnKUQvnvR+UtnB22 - bGr9mIrq/wKgslhPLFB0qT81RK/GqJKvRNpI3trGmB1pBnDdb5jiFeDHStv41XrP - hezAvmDGBKlM74fehu0pKOanIspyvFAjs31NULSHGJGzBxyM6OGcg/XLt9ea6bI5 - jHwu3+M/7nixjtaIdCtEFPv/Mdimq9p64+c6AvbEVikUH/omRebRFIRrJCotYENT - ak6/2F+Fze2cof6pJPaq1KTF7LQHi1ZaQ/N+YNDsMJIYYuX3lVg/ClEjeo5k1HJ4 - Jc+ul2KF/dAh8UsJPIdhJDlxIPdnof7xBLax1xmOQTHpqsfhZe5BP/0KMeeXzG6s - TlozMaCY0ok4JiQmiJcs+TjHX+uiiih6Wi756v7qwpCk5u3/BM+veHB/slD5Xezn - KmuHzwcbaP1n5JlOtv1PLAPfqX9EDsAVr2xhYTBISZiIKXyfagUWzPNX6toYtBfV - cQ/m9nfc5/STna7XGucnKkYFG5U2a+olIqCcbbNkN4NcW5ly0M5g1VW3oh02NO8r - A/4aU8ECj+79XXx0XCuVojnkGdTT3SQex7bkV2stBpuc5xfESbuOMWXgK0qZrYrS - XgEfX0ySVVrCxhtJgsQvZl0zrOwIttomV6hlQgo+n23HNPwjEf4nf1p2sje0uPvb - bPC7u5y1eDdy5E0XyWkAg4hxPLg7yOj7ET84Bg9S3NE8cE0nM50qL0N6aCAb4II= - =Is94 - -----END PGP MESSAGE----- - fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A - - created_at: "2024-08-09T01:28:41Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA4EEKdYEzV0pAQ/7Bx/s7WlB9TE30vyqVWw6H4DoZS8s03Z21tDAtrUEK+k5 - QtMPvAIE0SG4lXersM3L6VMmhvPQlwZf+zSzBnO0J5vacvMG8dch4/ZH7YTM0VX6 - T0Ix9ScamEI8J5Fr1LAeBoqtTa8n1/3N2ILBVPRTTX5Wu4lSUw/voeePXAYxSSMv - 9vzrxJNcRgzbd/8Fbo3i2vzn4GvrP1JzsprLrUMVFaek5khD0hRDJMM0IhBWFRRh - L241zX/IBZDQVz0x1QVUBFmkoUjyNn94CTezTmGvqCXfkLRmcKzTZXd0dhORBPFa - LygVSLdor0v5ru70rMds6YN5WvqbmG7KUY8M3gcVXutvID58vw6ZE83T8ZAYj9S5 - r9hXegeb2e03tCvSrHmQFf37+298/E8/kBrBQgoevnHmm3p0yN3ZbrWLIRhbx2iF - NzL5s17PnGzmuSigoZERsN2Flx2fzUbtwVDP3AyLVpQ7NoqTZkJTcGQuvkYawnEa - 3RxUQySR+a7bED38wJ6zEpVg10ye7c8mVkzQnda1Qp3lnPZxz+1qg1n25I9hjNO6 - X1E8gtXx2EcwaoWcPO0W/sNBwE09SCM68KWSykwOLvZb5tq/HnhrwSisps5sAg9V - Z1c0OCwgJvYoTY46rqk7scN9YkE16LDCtAzgppZerli179E/f/7O3d59CA1mCEXS - XgHbdM2nxaBPCPgXXNRVq13R8JXiOokuxUZofwl6FaG8A6yc9z5F4Ygr/KKDeT0i - YMBezxQtQ5uKY0jIx5g2r6aSdly3QPNKiFS/rxDCrmtaBqw+OvhvLrnCn6IaRVY= - =XAoN - -----END PGP MESSAGE----- - fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA - - created_at: "2024-08-09T01:28:41Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DQrf1tCqiJxoSAQdAFvRDMKG3Vjs98kRqcs4ep+bYoUcBHbMA7WgzI7CcaGQw - FjdmSwvWaHJZQGEbGk4uDHKPHqXRD3HnD9d75Azu2HXnCA29aU2c0zn0PziIi7Aa - 0l4BbcavPKNBkZpJNgW0uII7xMYJWJ/9vStTxXG/WzNia6nk/Cv7PMJW7EwIeUga - +PWB4yGfPXgqJGnJj0H1EdCVPrM/+f19GcFxNKKzkGaKTyVTW9NxntlsFl1vbmRx - =YRc6 - -----END PGP MESSAGE----- - fp: B71138A6A8964A3C3B8899857B4F70C356765BAB - - created_at: "2024-08-09T01:28:41Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAzdAjw8ldn6CAQ/5ARLA8sAZHMwNhHJycVof+ZergR58hXCBjbIy5zgyAwYU - IJ5OwhTpWqniZjt0b9pvlzU4JO1k73B1WrF7mAYEOKET32GPVatrQ64yInQbORSZ - zNQgX3aQ8tEtyBsKAWqwqRjOaP6Plee6G0RCksJBAkjIZik0diTOBwi+ZhgYSRLE - G1NAETqMKkLleYQbUWCFNveJOd/7pfhE4xhAEaSxL3dgXNPV2TOngvjCqMXvz0K2 - hEz6OYC8idpmAJv+S+HOaZbKV+giCopsPyFnbeu8jf1UpbsBRbHPnLOO6lLby2gf - 2P9MhwSeMjjCZFX/ys8vHQ2jUwXK8jfW3xfVie4hVJgh6vO+uHcomjnk2b+34SRk - 7ttoozLbMFxwrcP9trV0TgT2uzjFCe4fHccpY1VLTCX/O0eYtlhDhur0Wojp1z9v - h5mcqySEtJfHXJbTXkgMA2+QSyUaTTfvZ6oJqX3yAoq5eIzC0CcF+IMa6NS1XkY0 - TNd3FEhwe7TvKGCy/3bJx6jMUnhT71r6KW/w7RVIHgdp1hfUS9JBhxVB+agQVyRv - +HBmvWHqUdwnFzotGRzLU1g6soWa+fRVQQ80qAi1U8e+u9IX3EG0KoIXLjpkvXxK - y520NcOdN4wR0xILPP/+47QDN+kM6lunm/EMgrff4YDE8J83qMhH2IP5s/tV023S - XgH1hiB0U4SYt0Rp6OGDV+CjBCFaCkPPlync/SVuXddfLC1owGlY9L3jwu7j2PR7 - jy2jPPTWrOvT0wZKEh4k501LRb0n6LGqW6gDTgOnZKNg2iQ6jybv2HeyyExYllg= - =1o5H - -----END PGP MESSAGE----- - fp: 3D70F61E07F64EC4E4EF417BEFCD9D20F58784EF - unencrypted_suffix: _unencrypted - version: 3.8.1 + hF4DQrf1tCqiJxoSAQdApX/THvWws8d2Tijx5RrGIh+CYcqDI0T30rttyxT8Mw0w + /7TkFc4D2eSqXQW57YWEACwd47NGyMlW96JEeMDCqwNdGQQLaSseoYrS1hxI9oVB + 0l4B0/igsdF1GICTtToMkS8aWwVHXQLu2AO0wNyKjXAyLtsDposdx+UtLM0y0v6X + HfXqQmyHEK0QNr17oqyTKiHQ6rnuX00W42vwxDCGs9RuLvI2qCWeNzC6C6j62vkI + =8osW + -----END PGP MESSAGE----- + fp: B71138A6A8964A3C3B8899857B4F70C356765BAB + unencrypted_suffix: _unencrypted + version: 3.8.1 diff --git a/config/hosts/public-web-static/secrets.yaml b/config/hosts/public-web-static/secrets.yaml index 5802514..4840158 100644 --- a/config/hosts/public-web-static/secrets.yaml +++ b/config/hosts/public-web-static/secrets.yaml @@ -1,233 +1,148 @@ spaceapid_config_ccchh_credentials: ENC[AES256_GCM,data:5IClrKKMO/AztQuGabrnoRFItYNeEmVWGeafomVO94pL1RKzL1sCxBxnmzvJFPb/8Y+6FXMh+Mim4DP8B2RaJMLpmqCv+76N/5+527SZ6gn9i2Klg6q0kD9RzJv40qHq/NYLCa24tpcZDt7eB0EOgqLsKUmtX2LrQjjnN3NzjAevJGKQ5ypnb7xygjft2KrpvlR1hMnZ0XpSLDTNR1AmImxE24JtDaJKzwXbptr2IZvm1UFkNslxdqHPjN+N8+MSSLhqHy/FdcY2ADvsTX1jtjnjkb+9E30QOeCiFPKSmWtSGiQ9sPcQna1yr717Vk0EiNSAWDQ2fMZyJUgBXG6w3wiZbxfJmxvshLPs5KguF9NHER+Seps1QiE0p16c0IS/0Y24UYrK2GyUIcSReGufjxUFGTJHFSsNANac34H/RTs7BkoZ,iv:8WzTRaXVeH5GKmigMVTLVBnhy6nXZnTZHLAYHcqDs2s=,tag:jTdgz0gmruMWWDBQ3h70vw==,type:str] sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age19s7r8sf7j6zk24x9vumawgxpd2q8epyv7p9qsjntw7v9s3v045mqhmsfp0 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSByclhsVmM1TTVCY1ljcmxz - TkNMQnhUMGsvWlQyTkZtQ1RDTjhoYVBhOWlFCk9ERUdvaTNBQ1QwamtleTJPbUo4 - dkpYYjVSR1J0UkJML3RtUlRXNEsvTFUKLS0tIHNTdEFGL01vYStRaVVmWFZySWZM - MzEvb2IvZUZwSTgrL282VU9WUVpGNEUKFg1INcr/YbkmV6/F/4hWbTXj3PCscAMY - dlr4Pii9Tbhn39yOXyzt3DF+XivkdMsG7fQTHSYdvzMAnvEJ1CLOtA== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-05-26T01:21:16Z" - mac: ENC[AES256_GCM,data:ENLJIlcUXLEt+vXp/F2YATUZrc9ZjaE4AWwvG280etdsufEw/vGAWBhG2KT+CkcZLaJ4ctVvNlJEqU/pRzae+m/43SV3GNAG+jjT2VmNm0NyNYN27bpsj4tq11D27LPn7CkfBUB0gnmGJXVKalxhFkHBf+eq3ted8dPIv9YNRt8=,iv:Yfz7scjN3qDY9lV1SYOqrejiEwf4dVSPJhiFRJyFPio=,tag:SOw4Nhx6wwYIisRJl0SSRA==,type:str] - pgp: - - created_at: "2024-05-26T01:20:22Z" - enc: |- - -----BEGIN PGP MESSAGE----- + age: + - recipient: age19h7xtfmt3py3ydgl8d8fgh8uakxqxjr74flrxev3pgmvvx94kvtq5d932d + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOaEZqOHRMMko4S1loUXdm + aTlsS1RDNHdjdkZWSG1aR0d4Vmh4dVVZQWo0CmJUbm9hZzJqaDBOMTVObG9HWFF1 + RDlCcmdvR1RGbzBKQytZK1lSem82SWcKLS0tIEZUdFpldVJpT2RlVThjREVqcUV6 + OUJkei9zWmhyazc5T2FVbElFRG9RaFkKu4lZrg8UWVVk75eY8HBdLIT4BNw2UcyV + +7X2L7ltv2z31T4cKnnZrsyeG6fBGCLvuI5EQBd09OCZEUZ4u7qPOA== + -----END AGE ENCRYPTED FILE----- + - recipient: age19s7r8sf7j6zk24x9vumawgxpd2q8epyv7p9qsjntw7v9s3v045mqhmsfp0 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzMkdGQ0tpSUlWQ25ERTMy + QXhNdUYzdlBPUXR0V0NyOHpZbDY5RVd1ZXg0Cm40TjQvMXVGamM1akMzRUFuc3NO + K3lJYnpVQ1I3QjlRZUJkUm9QK0NuRFEKLS0tIFNuY2NXU002bnlvVHZKRCtoc1NS + ZE9rN3R4aHRXR0dBc2oxcEYrL1lxZncKuVocF84+ge1gyzfNjIxhwNgd8+kJIpxh + yREbS2mrQ2zvSMtw9OoA0KJSpoHZfIiCwn2uYkQDPiGB/721JmA12Q== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-05-26T01:21:16Z" + mac: ENC[AES256_GCM,data:ENLJIlcUXLEt+vXp/F2YATUZrc9ZjaE4AWwvG280etdsufEw/vGAWBhG2KT+CkcZLaJ4ctVvNlJEqU/pRzae+m/43SV3GNAG+jjT2VmNm0NyNYN27bpsj4tq11D27LPn7CkfBUB0gnmGJXVKalxhFkHBf+eq3ted8dPIv9YNRt8=,iv:Yfz7scjN3qDY9lV1SYOqrejiEwf4dVSPJhiFRJyFPio=,tag:SOw4Nhx6wwYIisRJl0SSRA==,type:str] + pgp: + - created_at: "2026-02-17T22:22:02Z" + enc: |- + -----BEGIN PGP MESSAGE----- - hQIMAxK/JaB2/SdtARAAkz8cMmtau9sLQQFafUnjIkuq8UWKn9TFcAfjAWDjnLTx - WAP4RQE56FXzVCo3DXWvucOjOlVNR9Y86x99eXaMLgYLtJfOTZOCbn2nSIDxQI1S - XNHAPEXEH/UXEoQ2lffIjR+VfSOpJlwD6acfVEu13NZMvxlO9/51EOvAAo+qKa0L - EwMczgDh8QsYohBV13UIxC3Et1Hsj0Guawrx4M6pzL4OvXGUKkpDfw4NCx9to0XK - 3L4k+DHur3KhpZJg4QhrM1O1XJeb8RdlkCBMCrcteXkzKMQotVeee6Avr7kfti9s - R0hYuVswmiRJP+dxkQx1n84nnFkakY85LOxXIv7Mo3CT5xV/n/teUgZhyU+97aK0 - Soq68sBMBqo8v3Izrfi1wp5iF7nnjbkMBzkDVFsRkA7bqYlEpTqZenzTzdEhm/Kt - e+A1mY+hcWI5Gr3kkz8+LGOXgBHHjXjVslK5+KmOxzcpm77IBIQCXaTViUwTJPbW - kmrDT9MSiS+bpTHS6NPLgRz21FltbCL4d0QD7bCiMnLjdeYwfRzT+if/yR6YIGMb - 1I2odrB2Qf42CXHZooB/fV5OO5ziUXBpos3HZLxIvCUjOHyCYnoL1s4M3A6Zjf3v - 0rZvSOy0UNwYwSbxRe5G9Z2xfFddFCTE5dp0cPV2RUEVMVlNU/kgpsMtxCFwIN/U - ZgEJAhDOqBVfz4bsqSMs4t2I4Vys7oeOfYJveNT88qc/PNPqjXgEoWSWp2DZdSvV - dNHaoVQHHRyZbRxfIwe0q+xoNjv6H5NafDIMnRk0gWl0gCSJQpCIQ9j1IQrXUoPq - cArG8aqHSA== - =rUJB - -----END PGP MESSAGE----- - fp: EF643F59E008414882232C78FFA8331EEB7D6B70 - - created_at: "2024-05-26T01:20:22Z" - enc: |- - -----BEGIN PGP MESSAGE----- + hQIMAz5uSgHG2iMJAQ//QUk96h2C0nYHnswgF7hInFG+w+HC0v6sCTzwacAOCwMG + a4otLktg51S/iBqP0VYNCQSfBc0iX2YhHrrROHTRGrxMecVWi8hw3q6MMkBjw49x + wHpSdao/2fSzwB7j6llJNAkpR1RTZkmOimyaWAkH8Er+MNF6xClPuxN3IrPvU/C8 + Ru1uZCXvG0jh48NzvXk7rK/KRhPWlcYkgPWAEWQdeNMyxW9Ha0lQhSOhC/lNOLMJ + Q2pZ0zQxeQqNApe4nSs7AE9OGd1U/DNXAAriEtmXRHstPodHLqSjSfO749KLZuQA + ruSMz3tf+FFJspyY7DSleIiiJvu5A5SnU4aaFcrqfhDKNAsFfziG6ze2aq0YHf38 + 1KxvKvtQP+qT+8pKMFPe7Wz4oFEcHBjxFLyJZ7DwRDkzdMvdAQLLL/kcP4fKxFPx + tNDfJX45CM91soY9N6zHYk3MZ8WXCdcGjP+/XFit3GGeJCV3qNjy1mTalPZbVUE1 + uqNgqwG7IZaPup+3TEtIuGb3r0YNy4kWlJcaQ2bz5pPtDpbzcf9Fr+jxTod2LIky + X25qzKmAwus6aWheEyPQ5AHZVT5l2Sgdf/uBBJjh7yt/Y1OY/EtbS05fE6VVdiUq + oFq3DQ8L+MGyUTfQqIxpremwdq7pNp+XxdF8v1O6H5t0ByqcQt0UjsDWpv0T+k3S + XgEMQqbP81OTPCSwL2ePrbj92C97zkScyAyur1lrducU0UPGulQ9k51gIm/1nV4C + 04NrhKIlCqNHqx3DY8oHk/rnFrV/Ulrxqq5Hc1FRZCEJIbyV4e+uQQggWSxuqVM= + =uorx + -----END PGP MESSAGE----- + fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5 + - created_at: "2026-02-17T22:22:02Z" + enc: |- + -----BEGIN PGP MESSAGE----- - hQIMA6EyPtWBEI+2AQ/+PCUJ7JMkGZ37gSURfBI/fM9Ow1oRp1MH8mHiflICRsio - RJhrcuThlqWHYYSFE1OlQhha8Uu+s6oaps153LKS7ZH1dzomqr5H8LfuKsaO6GDg - QyuiSGGAfudtyQ5ILN1CHjO8ifh/4469J7P/SyKkQ2AhZGQePbGkrR4kqGhj5axn - fY3Ar8HreWssm30k797x6zSs0z3BDS5vUd8JZjpt2E1nmbVTX5dLcDud06UwE3ae - B6lC+T/lxwp4LptskgsaBiikPTYspPAL8M1yG5XxKvvQlU8a9Lta7jOoXWnJ0kYE - mLoSRFBxsQsrpir4msR3oEXS7H30gkCT5j8bLdON+vbbK3d6nE5v3SXkOZhJKm8P - Zhk70lkj1HWe1uh5XRRAjn5YDelnipuml6dQMUJdxw8YrUmnVXjL+AGT0p0gcf3S - kMU6FZfELOmdR1zqCt1HicVQDmQJA2wct2+2hXRRQ91M/FAxCILOA/mqq6jZNrw1 - uz1Sa43IlI5lz/ts9bIhR8rZj/Iuq18tRgmKdLhxtuJyZKcN1v1CDiIgNOvlc67x - ydVbVHygWVs95WZyya/PjF1+K5Tuq+VkfHMIJz3cW5xDy4PwYS8GsTqG6r8gEYbx - Qn2NC3h2gtrJ76/Qo8xs+8KCbQAUgST/uSJRK8peyhvqJXSrbhFBvq7ewvJbroHS - XAHl1yNdyWNwC9t2G9twEd9c2FjLuyXGhrincAcQ0gdH1jhKHY7/LoBiVIRMBJDe - kDD+RjcCB9jXRGln/l4teKs5TeCKzpaJiONEcecl2tSqjSaOzNE8rJh0kihH - =Edso - -----END PGP MESSAGE----- - fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC - - created_at: "2024-05-26T01:20:22Z" - enc: |- - -----BEGIN PGP MESSAGE----- + hQIMAw5vwmoEJHQ1ARAApCd7a+rHgICU4yfYOorWORysVsifvZpAGVTJJGWfeRdR + CQiqubBzEMN2Y9q2WnjYqmk5j909VCxSXO8zWpFjJZwLtA9eaAMftja2/1pLtGQd + AUPUIuTWxKjrP/aoL8tC+I7W2TVsU6Q2GSYqm6OZ0WLDP5kR8YQRSOKzVSDsDkOt + jphtni6zQpE8XLlJRhyPiLX+96Y5geDYj8KD19DBl6vSMFudMhI2WK5imak5PERk + y07w3lJ0/FXGLAdR/I2l8aaynkQ53Ft4IEXNoDtf89nO/8L13AImOZtpoIv1nfVr + QMS1jKys9bfo5lIcJ9bIJQ7hMQwV8AZQziBDDZQjDclZxcxC353zx8sjWjUWzUeY + 229b0bn6yutQ6hu9eIU0gxepyvNz9lAN6EHKb2cgp/UJb4IXnn3/ktmPq/wOlVIz + 5xOH0ue/BaIWmp1xjC3oKLbJeTw8zvRyzk8jGFDhmhDRUwMoLiPvR9XkQ7cpGGYy + wkb/URVBXLGT2u7wWVPZL0zUJ7zO1wCZ27lBwLgSAvVNSE87Ldsj3roxtr9nOQif + /qmCxHkDbhfhWMFl3PbCYY3hkS/ANQPhGyiBaU26x8o/0Vgajq43OLU0KO1+Wxbr + xvfKVN4m58iPHsMXbgvyEipFu+eoiNvEA68+pCRXrS0om2oE913XNEalVJ6F5f/S + XgGxibFQj6MyvJChwsuFx9YmdH8/nnb0eb9hmZuXctFNZCdlVrv3fhEwBoA6FnrA + RoCdOB5Djl0jHSk66Jto1uwfDYdcPZR+1tgRT9xVeK4PtM+c0Q1Y8dv3wjAnqr8= + =lzNQ + -----END PGP MESSAGE----- + fp: 87AB00D45D37C9E9167B5A5A333448678B60E505 + - created_at: "2026-02-17T22:22:02Z" + enc: |- + -----BEGIN PGP MESSAGE----- - hQIMAz5uSgHG2iMJARAAzGzj3TJVDsnArDe7GziE2avL5WHkHFUJNoQcEBqNhfTU - PNu8RKSpKelWeOFEFzgr3Q1imapoR1+UXzTC1dP0QL+6sEWiqImxrbHygpm9tPSp - HvLMIvAvS0zPjX9q7HFgsw2fm489To0tuEK0oTFcayatAAijpWBl63KyslFbk5f+ - tHSnaYTeRZq9QkRZlNGI3uJgMXyrHnmoyUUIb5wdKKQ2tpt1nR5okh307kU6fwqb - vT5ylRSTEZ0eWDyQbb0hThJkQS2j8QnsBN/xabDN8QGTFORrPDDobW3iro22SKJv - iVyh1yAm7QiA9yTdqcB8J1QuYvnP4RzSoCSNCAK0gZ+DklPUGC9DIEK4VTdmUaWs - cJM/dZw861D8Jnavf2RToEa4binehYHvi/+TNv7vBE+2xe9cp2Y3UZq891gHKbmr - OdlaIUv5yvU6dJfV/aib33PoGxcim1jGmRnDDu+aYv215WqoUxfNniib/HcNFb9M - JT70R4Ixo6Hnp9DyvSh+wGKPGg2WRuwrspbAjFucwMdBuY4a3XoBE4QE8QhFjLWc - 2JTegdfx4yKovY9raJ1U5LxYWkErpfdvPgYOpn2xIvhHBy9Y9F8RgnI5CIyQ2haO - KL82cNunEeljvluG+vH5bhbWNOjWKcRXfy474+KOBGSu8UJsZJr3s8n6RSAjmN7S - XAE8nvvN86y/RxvwxG0qUX3tEjVZwvipqrzxeAcY2lEX1zFpW8HyHzqWlnpN2LlG - pfqdqn6A6wocTpuaKhCWNc34Ws4uJ+XJd59nrNP6j/4Wl6SenxcJef7bgqru - =X/V9 - -----END PGP MESSAGE----- - fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5 - - created_at: "2024-05-26T01:20:22Z" - enc: |- - -----BEGIN PGP MESSAGE----- + hF4DerEtaFuTeewSAQdAMGn63OSW8nVLoTMXbLnQdYJuP0cD0exmbpSakMw9PlAw + MTJF0o46wKf+3F84IOf35LwWwMuMGEyz3pvcRXVa1OfPAFk53PMo1P9TyWRoHrgW + 0l4BNK3KuE4zB7YNpu8sYtJ4a94qKzTOgUTPdBNOQyZR60BOVyGFDRLo3hHk0opV + eP1e3BxevL3rj1b2WoCewT8lNO+y8+x8bu8JY0WMBVrwjSqYlWENbtuG4eFhNGrN + =3yKD + -----END PGP MESSAGE----- + fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912 + - created_at: "2026-02-17T22:22:02Z" + enc: |- + -----BEGIN PGP MESSAGE----- - hQIMAw5vwmoEJHQ1ARAApyVhDae44C6aOlE8j+oAmoPWBiTc0j6VGAwo7y6OzRVx - p6W/l/ALDRd2eVfttzTtS/J3EZ85gQEt1RTOVTR/vTTL1j+XzNF6adPuC2+uJBAb - FFhiReuD9YGyT7aW84qmfI797kKFfdkjIUiUr62iGr+kJ/urC9JK2mNSnhKJVTct - lP0HA0vrUlEHzU1LACUWw2FylyOpO+248Nxx+SXgP8ol3kQk0hAGtEq3+p7ViQdl - K9fYMM5bxlNGmMav6WVaR8ipyjf7Q6jrwOrtNymVlxKoWfzuQy8o0ACsn2PADeG9 - QZsKAmbp33S1hVYdTeXajTlPwtHhNewkxIQdahP2Ni1netzV6I8kp3HHoGO1XN0i - TtHlqZnd9/aJb5Uvuqsz4Ei+nHL0WGS7UJYKphWfw58MaYGkJ9xwEZVxoEWY9+ZQ - prQrXbIwbt6XJnuDnlgO/XZQs76/h/SAK9JQoXV13mC00SwcNqB9iav7S9+d5U3H - QOerfUDzEOjE9AehSmeruaNIdqr/V54dY9eQFGQ5hrM30JTycWdhxl0TZkAYsT+d - qd79FKXceBSodL00kg4OUS1pGwI7w6pe7RsQZ0hl9O8X8JXsRebe8Ardyh5oGe+W - yiKKGj0xi63MdzVm8r6FH4HoWPnmfTq5gcI8urUB/157aU8jlJen3TM4i4bwydzS - XAEldvNa4/1McnNpPAWGDNPGObSg71kAIR/opGGkS8atywKgkNSCUJ6wAJhyksqd - FVdrCl5Mt3GSgk5uVWeYfDuuIxM/aZ8WMjxjtxQMyOnkXQYmQD+D6dgkqiTb - =q5Tx - -----END PGP MESSAGE----- - fp: 87AB00D45D37C9E9167B5A5A333448678B60E505 - - created_at: "2024-05-26T01:20:22Z" - enc: |- - -----BEGIN PGP MESSAGE----- + hQIMAxjNhCKPP69fARAAhwsKIIhLW9DXZlOfg7a+6crdjzTv3EH+8dCcSk5JiRGG + QnFQX+14DCLTX9kmEilDXWwawKbIdabqkF/+LbGyRjd7IrcNe5a+ggzkry9cDPb0 + VKts7T3Ti3BFcgNis8ku/W9l17Fm4ngdHA1F47ttByjDcfuAZURtnf1Ta2Lx8XwV + w3Cc09xtsKo98Bfrhel4iI0WZjj9+U3pHE4WeKm7bieLEpwtoxfdmPkGLGaGP8I4 + 4lIKJG78DTbrbsEP8FpWTTy6gp9N3Q7ZAjpZnuolZp7uZp1I4t+Z2SuHPrsLNwS+ + fxjOJnigl8hwPHGm030xq2/tcsxyfNGD13Z8ZG85KBa4+ziN900WZe6AELtMFCsY + HTCEe6b1oe+rBIWsxNNswkakb0w12hZlkZP59/4iahHYaTIPKfmkZTtNKFxeGW8U + 3/81nLtEUVn9EOjIL5uHO1zSeAxBBDZb5P6aajdVpKMa4HFFk18nbE8UnPYOoAHm + IJ+xwBs3FBN6nEfjMoq0P6RaszocK4lcTJ9a/8WqWHouG5s2Zvz3sgxBcWd0VQSJ + Eu2HUVPYn/R+87X5ExZ7n4Pv8z4obz+c9oPtjsJJd2sy8laKK1u1gEF94SLovNcJ + Xe/CaW0lpbJtglF4DwqI02WyjUJ4w1p7fgnVO1gzLRPRIbQc4Q/LtEv/rxMRUsbS + XgH6WzB8yoRztIy+0ZFPlcyvGwU+ZniK18rGPnj9FBMC5IWG/zn7Hqro1K0wxMB2 + HPwiJkwy+ckIgskVYOdT6b3K9qDSZ6sXe4gMmTNLu95enc4HcaINHt4pUvePX54= + =n02T + -----END PGP MESSAGE----- + fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55 + - created_at: "2026-02-17T22:22:02Z" + enc: |- + -----BEGIN PGP MESSAGE----- - hQIMA4HMJd/cQYrVAQ/8Dc0JtpbZLDLway7kk2YWhLvjTmBRzIZCAaa9WSEuDVWg - u1koIDIaeAi1Y7xNUbDeEACMo1gT23mRG7Dy6QSqi+6DUY4f4v7/UCwqyJdwAb0V - ig6ENedYzYoCKZ3t/kqeeZmKnQehj2hzmIci1avzQjUmsI+u1YGJOZGDCPK9W1CA - nkZ69BlsI7ZWwkaO7J9KKd8wLp1/XVcSnRjYxvowOHmUyDd1Mlm/I+umcqWZU9De - hXc9/4cPkUk+h5c4M9XeFFqxorOozMK0dyEBjFw7Dd7BMyPfyh5OnxPazp/aqgz3 - T6SxedaTv0kH8U8dNkPkGc5NYv+D8gfZb7kLdzDglGvcHwL3HTwq7JUCFVvzCD9y - PN5XvFYIzwd1cxAbozhzX54almMFgvd8d1v+03ioEjxOJbAqMXRTgd8C5xUbFvH8 - SJ8v4YsN5XksT6AME3MyZAZgWgbDqdQDAtUvP2cWlBFFJz4+43+71sec4AK9bqph - mG/aTXDHAQ+JjLUGH+hul87F+mIa5WspbSYJ0hky1Sz7JBr1153X1xutFMiIqafL - GwfUzkDqIY2AKZPocqyRthLUkSaf2axLdWMi3VfErzD8fu9XhpM7xY/sI1S7sCBs - HGfjBTF2zTvyNo4cS5SPW1QXGrGoAy6cpxJDkuOQMq/YvW2kIeO4Wv+as3TUtLzS - XAFxzoYXYbes+SGlxaRYY62CONNdFpvF66q8IgDN1/QNC0j8g0gE0bNc14KOamxr - Qg43kRmxOVlB+zbpY5lYI4YL7XbFusFGM9dKJVg9g390nRgDnD4yBZXfqkq/ - =rthq - -----END PGP MESSAGE----- - fp: 91213ABAA73B0B73D3C02B5B4E5F372D17BBE67C - - created_at: "2024-05-26T01:20:22Z" - enc: |- - -----BEGIN PGP MESSAGE----- + hQIMA1Hthzn+T1OoARAAvH00112Z82i6jX1U2jeHDSBkyNT8L2tgCO3pwKpbvP/i + qiq1FWod53sA4l9OlrrshJttmBLjra53fOjhEo/qITb/YQ0gB4/EOHgc/AVkF4Cz + kj0bvUaCwR9vhqla7exG+O10i+OpWXPIeGT0BZUo37XUZ/wPFztR4/GP5qhiC6ZF + q7aZVwCaMKE9YQiAJHGqKPUmsAaEbxQIzZKEkyn9/GMy1YAgMtmfVoZgp8FmiG0k + L6OwMv9BU7gS/4DY82KuF/rtJMGjjio8tLa9Bu/VsHhdREvvXDBjyl78g4wtTUSc + S2JRIdM061scpIoy8sn1VFVbaMP0zgrsU7JvBO9/hLmS6M4Dp5a43OP+hNdWg3X2 + VxtzhGKLlOn6ycO96lMZflz0YA07SM3pw/EFhWszv/GTQCciGUojv1Gi2u94OQQl + YwbePXWF10IUWK4KqMBHUd6H/oyk4wahS3FDBlB5xdUiO61fH1o72ejQvy/d03mB + e4X3ThvpSg6lWJdXvRi3t4Nnk1deGU6NM1CRvZGsASkLulhsVYDsH3vW4NAatUyk + 6g3I5HzJilgLj0CLEyO9dA8m/15Uq8jC2WmBMxqp667QFUuPkKnm1ZUl/vX7Vra+ + yazYNtesU1eAP42IMA78irER+kOpi6AbQL7L8SXTcm+rQvhccNZz2/SO5eDDrHzS + XgErn65EfHWhgyLmkUPt6JPiGSoRgsEyEDn2EF3sxJVkCuwp4eVenSrzhtKTR5To + TIY/KGISC2AXccYlDMOicVE8j2K8NrvM6k/lNYhkaiUfhxqiOrFLK8Ku8YU9oPQ= + =JgVW + -----END PGP MESSAGE----- + fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD + - created_at: "2026-02-17T22:22:02Z" + enc: |- + -----BEGIN PGP MESSAGE----- - hQIMAxjNhCKPP69fAQ/5AXvpR4o2fsfev/U/qdJ5Zz8jKwGpZ+xAhEEL8E64+f/P - Y542Oqig04emeGgvZat+jnc3ihKa+Z6k1ysSd4cod/yDUAy4NVtYzTsTziDekmaF - A1nEkbZoBrwXHQVGnO0PtFttqa0JEr5LcFlYgF8NIQRTQSQQgKp8p3llUFZYx+Pb - vuhOtWbZMFtl+yq0p03nDP3mrj32nPyyLIngvj82jMRQmw0em+Zw1JAwIIg3svWq - bp6F9a++PP2Pboc/piEGT3BIq/41gjKoIwz9m+p0NoSIcDRgmIIxflS9vzG/APC9 - E4lVM/U/px0OmLcrmlBTjQ7HwHhVEVEYjZiByeHCm5UjSYWF6yHcmyLp9etD3GsR - pPwFsmc2PWFiEWrM0aV+3EPGkSV1Kwkvd7v34sRqAsGkb8HO5KxtfIQMccMqwMRG - kwBUgLcVuft9H6k2N+MHY6yidr4LLopGfd2FZ8BkQGNy9kIVNdZw9v+6R5HkVpoD - cY0NpzwvX21M9CPuMoXzjwXLnoKHHt9sWoxL7L0XIjyTkvKmETFqvKIY7cPFU837 - 4uxnsPhVESL3UfXrIk3maCgIZfFFL60eglVHdSLUy9XvAIXkLrLzqZLTW0LVYsuY - ZAlqUkkqZ4jjrF9OlmHsjgn5znOiMlW35bcKppC+MonrNXCJHjCdGmpj1v0cc4nS - XAE0EBSF6XDG2rxXETyWzKJurkfveD1njjcRwYeBiBRZEXKKqWuICLIgR5h/WBQI - KPv2k2RhxjH6Zk6FWgc6EWhIWUM/6+zN24m5VnAgMg+DRp8d1mO6t4ZaS+WU - =p4B8 - -----END PGP MESSAGE----- - fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55 - - created_at: "2024-05-26T01:20:22Z" - enc: |- - -----BEGIN PGP MESSAGE----- + hQIMA46L6MuPqfJqARAAuPJGCikiP9NTaQJ60FgpC1MHVwBet0RdK86Q3TLHtrfN + ib6ZDZCczv1L/nijEA9sznTHuATnUtd75TrHH1DCKVzFs9fqZx6y7hvnfeJZz85M + iIVybAJwk2Q8xoEf+6IVzFVXwic1RnPCNN1ZYsrfFIWpyRIj6VgP3D9lX10Np/y1 + x4QyxO7+gDG/vcNRkFXgnG+i4bekQwC/4vJ9jX3XEpXbTTPBqhW2OnMPX/T/mMmo + ll9NdBq+dw8OZ9zRCOtht5/HOI0uyP2pa/ooX/nfYiGZHzkIfENl1GID3LD3wHGl + qic1aSx0YkW19fZMQ9cTkoHXzrQDyv3QaSPFljgP3ibSh64k1Tp/lcc5Gn13qIMq + ORh2AeLlBwVSzlvr9FjulLzOJhoo04ZxHbi3OG6Exq9AOk61zGHe6xSa6sA0FoAS + SXAouLls4lqrF1RJhUMOJbX6Iwr+52z3JYgUmYqW1FP2iNnwU8Kfs/lW/3zn7IIH + oYimV6F7+5pqW85r7XMukEZB3LSFVviH7l/4pcxXbGCnfStACENngmd0Rkim6Bog + JYEF17naHgnXHJYsZkVGSnlxDfmaJYjK2YKQA1sFtQw0YenUDaewyPDeoCjAsf+O + QwzfLwJhPCZKRvsCAaP6Xj3DaisofI9fJWGKf8GwfbSFkISBY/RYLh4nTTauwlfS + XgFNQ+YXPmD5bCIO7KD9W+6MOVgyAu8Hyr7eMabydbzkMQ+OfeZCOQ535r6/lpzN + 3s/9QYu0lYN104ZbZTfu9ZrLnp9ULxw75H019o40YyXE5rx1Qhf9K/Ml1LZgdZg= + =Y9gd + -----END PGP MESSAGE----- + fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A + - created_at: "2026-02-17T22:22:02Z" + enc: |- + -----BEGIN PGP MESSAGE----- - hQIMA1Hthzn+T1OoAQ//Z0+gyWwynvznK8WbrU9aP583JpI53BilDDl+dJ34P28f - Kd2wr/l/Aw6QZ43kp0JGA3ZMB9SbWKy56L6MXPcDXHM42ojRCN1Z3am6NZEx4M+K - cstyV9qHZp/bUQjlUna3eZBlehHgRM0tRCKn/83Gi08nNK15wRlfZR5tg0aNbdXT - 4ymxyUfA3+n8k4K/rZlBxJ59UESUcuUJCb/oPiUCrS7lXJwA8f85F5/M9t7D1xwO - 2AfkoYl5b2NU48JrICY7SQp+xYg0jwEB2nAC/Gpmk9FGxCMIeFIT4MfpGmMah0t6 - +2qDWQFQ86TEoAHVTqcW77Qmw7WLjNm8oLh0FWYb8VxaRo2B2jnbTtC0cosLWyl2 - TrOwSYfzOOclQQchbmoK1JQb5+dUV+qUN4BO4MuI0mSXk85QFys3CY9a9X2pRXSh - SW7uMCj3SQ784uoYDBNprIYv4qsfzTEgCxrG9Ev/h35JyuNUr/oKGVsVfsLETJC/ - Leepo2FjQIzr9qe52AVcUe9JH++jrPOgUM6JQEHHz+jp+N9arsuTGakxu/5saNjT - +E7WtWdBM5mtr82DDoTKsKLEUJKsMKFpQovFjvz5tgCAsoMhFP5oem2gbfOVi2+A - uQjQH+xJow4OMjb58Qx7fILcky6XYDTNWn9hlf2zrXmtEnhkSwf6U/Gyo71qCtDS - XAHIEr8bpFS9ndb1tchTO8mcDANnKLWttuqs/UdN/W0nl895hIP7C6esi7vLF1gM - OfYLVy+X8FyS5hpjd9rcEd5jj7XBMJ4kHaW7QLMGWHYS2zLjGOhYHS4rt7nk - =hag6 - -----END PGP MESSAGE----- - fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD - - created_at: "2024-05-26T01:20:22Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA46L6MuPqfJqARAAi01+TuUHgBT2UH75pacaptBmEYedNUkzqhUn98AA1yr5 - PtYV1NGNP/rq7LDXP367yXhCslrwr+1BO7qnfAsEsEFr6InAyhOyZmAs18u5ilwc - RxW5EXrANm8SQLODBPH3/gxltpW7vzfayxdTOTNyCUH0x22eKfYknawOfpaMevAm - 95nhILE05Unqd4FSoQId+Zw6djuMdSdQ6iAANKmvRpgs1Y8RNb9P/JG1TmbVvqQm - dbx5hfoLuNnLR4q0r64tGej0iVeBljSjUDrxusjMkhwgiinFTTz8oNoLoOuPjPMm - MymkjV1m6HzdwB9JMU7kMcHDEsqhXiKcxZ5mPDQJIXSG7TTuIZndRsln2ske9ibm - uZusIC7y1868R409UWhjGXjxsoFzqOKpOCo8tFoZSdE250E6o7U8PKOgSUxRAQlb - va7LUhP10ODZof5jM9xUDorrcamT1kbnmz4SlYDIOSliR0ofsmX0ObyxZmL3CZhN - /iC5BVv9D14U7iU0PsKZl0XUOP+urJwSZSCid0zq8rjUXdqy0YH81eBG9Y360ZHB - AlfhfeaYindnJYkPpZe1XWyI0yaKOjrKgdz8/vuDTZWyNseKAcofA7cgjUHtIUvu - uMPhFk+RHd0xZnk3yrlTnEOht8MiAZxVFPk3NK/P7W3D3r0li5D5f7+2ph8RsI/S - XAFXDSRXTIDsHCWPjvTAftTKbS8dq4A28yFHJg8+Ber+RxBbOWH7NpBIgmO2SNAJ - 9CkU9neCROJuNBY9h0Xl4Yp7g6XNOeFeWdgxqJgZWhoKYSR0W8ILzQD45PXj - =ALYc - -----END PGP MESSAGE----- - fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A - - created_at: "2024-05-26T01:20:22Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA4EEKdYEzV0pAQ/+L9uVnDe2jK1unhCFjKv0YhHobPNSQAhXaYoIiw2qTJ/q - ntduHgPFvLjQdeGT6EsfS+vxGcsLtS2FlG8woiLzX0iyc9sB0AmcwwKdG2FwyemY - +ZPE8BfjVKrGq0oiYASIceYxTfdp1kNX2aTIpuBzm36ccHQb/RSzUhEeZjyN4xtO - c6j8HJ6TANoh4eBG+X4LDVGFQPMToozqw/2hX5HPn+EDqP6Egprf/6hAetX4VcCk - csbP2AB2wl75U8Q8xSmlNUj/CTz4wpOpNj5tjsADP/ZlkH6EUcGIPk3+BC6ovy54 - zoydEnTi6uy+gMAZDLP2bRdSgjW887TIh3qPsZiyG0SEygC3B+Fb1EY/NIL7Yh5R - mJDdMbrAb9rBSXYS1ptLvq2QSjbyIpVK2n+PLtycySsaktsAEopotlwxlbf/QSBv - FCRgws0djwZ4+qtXJ/D1pMNSHD4sdRxGANPdqNJem7S4fHmegtlVWNphDP8V2bUa - krGYBc0pn/cTusEJgkccp898ghJQ7bjKxD41qtIkfceB8FnaKgdxBrNfIrucaMjb - xv0NLk5NLTCbv/ES5R6Pb4MDKEBpInUp6gygcbaDybyn5lu/jT+6pYFp8Sq0F81B - +Vk7+iz9MsV8Yz9dHJnqIiypZREF1KRPWpenNAK9XGdy5SxezfBS7Zz1VShYgoPS - XAGKmeK4A1VarYym4wSb/AXhT6HXLBM6VWB6OFvz3sXR02sAUI7GXuZOjY2raezt - Usn+dhqFnRUHgUqgtLYGXlgyXiSjUTGQnh4c18n/mkbApUKcTdX2VigoivLo - =Xjqf - -----END PGP MESSAGE----- - fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA - - created_at: "2024-05-26T01:20:22Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DQrf1tCqiJxoSAQdAEZMgepQuERqKK4S8uiXmIYIRdeN5swy6S4hmzdL3yj8w - E45ScSNMVsvKD3pQq8EqxTFPb5pQ+2LfpP8gbbhYoDomGDm4tcbr8pyH3AXXoFwl - 0lwBFFDJa1GSmHSgnJqrIaqmOZJgBE5t3IEIiDQksVjV7KTwPMwoU+wx42AAU/dS - hjxQwPAfpwO9mH6FN4JC8OTVSU1VfWLCO4e8HroG44c2gOxFfnflaMjaXuIsDA== - =kkiD - -----END PGP MESSAGE----- - fp: B71138A6A8964A3C3B8899857B4F70C356765BAB - - created_at: "2024-05-26T01:20:22Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAzdAjw8ldn6CAQ//Z5yRTQUt73bYUIrnaBPwQCLB4lmlutSICdQvdlQFcqDZ - Tw0kBNBS+4dEhxlYuEmCJgM6H+2KEH+6/M5IdFErlTz8Ly0R73adlSMu0R+os/6i - clLQQAwWIyFVuRaaNxSDdJ06sl4+hZyGZlbpo9kYBjslTUpJC4urvc+6xlRnlIuf - gae9+Zmh1K9+BpUH5svExyTERwWQI1HzvcqSc+tsEYugNvJitBHTyfpFN8xjtbns - h1aDXgKo4riFHzlZHftWfaLdot8++0jgluc7fCNXfnNVYf+nREIP49A/bkDFH4Re - Lwhq1iQte48KE0JKiaXDsAwLSanNYOfEZo5LSAFYAaEGJ6gUwnyoRgH+2T9FiWoJ - Z3myWbrm0SUr8Za2k1AA1FGz8tmGppxGZp3llyqaY/hbP84myfnfpvis6IUAzyfl - xMZOGs0Q3VlOJRAYXOWS64oM6cvCg9rJiOsPMr75P+9nWhz+Ur/X8hPTPr4ku/D1 - ewUhDd406/a7aAGe7m6RyRnVCK2mybuKKYt3BGu0usYvKcPIMUYq+g2zqt6/fQ5r - gS2c+uuvMqM6o9dxkRxZWt99o8E29cGH51yl9IdrXsr7F/EyymjBENQxbDApp9mG - DHokBg9QdRvwRyyC2YBttgob8QrkZTI4xE7oRFaq9wuZqhjv6VGZXO0jauIRYV7S - XAFidvRJ2EMZlPeVpDkosbXLsux2q4v0ECXy1ciRRYJn50vLN8Fqk2fKg4aKkqeV - riCQgu8aliCMtTRTa+/NQoTpXbqD9XaPz8hf9betygs+6y3zVyBn7k7WQqmj - =yfan - -----END PGP MESSAGE----- - fp: 3D70F61E07F64EC4E4EF417BEFCD9D20F58784EF - unencrypted_suffix: _unencrypted - version: 3.8.1 + hF4DQrf1tCqiJxoSAQdACJe1cOwJNh+yCqthzmRCGIO0eKIAdYjrJHDxsuhVB1ow + 5wFPVzDJ1ERhKaur4wEPRwIe1FLznKHF4bR7F6+yIqgWiUhtMpGsrrezq0vS48C8 + 0l4BwPMgJVgLgfGRH8hZUcM3MYpSQcVKay13eOeTD8kH2rHOY5bq+79l69Z25qXf + 46O7DP5sQ51DLGu6t6UBiifyFWZD+WEbkoa5knvyzziYBoQM5hEeUWj9KSHKBaBD + =zi1G + -----END PGP MESSAGE----- + fp: B71138A6A8964A3C3B8899857B4F70C356765BAB + unencrypted_suffix: _unencrypted + version: 3.8.1 diff --git a/config/hosts/woodpecker/secrets.yaml b/config/hosts/woodpecker/secrets.yaml index 091ca2e..5fae897 100644 --- a/config/hosts/woodpecker/secrets.yaml +++ b/config/hosts/woodpecker/secrets.yaml @@ -1,234 +1,149 @@ woodpecker_server_environment_file: ENC[AES256_GCM,data:68Wu0UOHBAGZHSJ0x4wbeDLm626jpumv9w6A65FNKsmzYp6P4/c4g1MF1agQd7l9nKMTRrgyJyfoEZYFQRX6lYSmcsQLfn++uh1JpFoClT5p/5hBkiDq4owUFU+NGUiyl6yjYlEiaxLwC4ZdyISHeEYpbrvGyIXLsFgdrQ0rVX3cCRwIMxFcyCG6d3MZVoqAw1A=,iv:y/+X02aRPBOoR57P9s7y/SijvXVLuiBBfFYqeJLvQEU=,tag:DNwK+M6s3moglkMkrWccyA==,type:str] woodpecker_agent_environment_file: ENC[AES256_GCM,data:rwp6TYYFJ/IZH+3pGhPxjdZMLoyPMr/W1RXm4IkUGn+SmIjHZcdFZ8nEhvOfnkfrXNPc2MR+X6NXUmVOcBjSCbcBjh9sC653UpKimt9I3/Ec,iv:X9JH7dmTayw8BaEsXYil3PrykCdd+/ANGHVfEyRvc7A=,tag:/ErkX1WnruanNgTTBUT6LA==,type:str] sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age1klxtcr23hers0lh4f5zdd53tyrtg0jud35rhydstyjq9fjymf9hsn2a8ch - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRQlN5NmlaUjR5dGJ3Y3BP - bW4rWm1KaVFsbytwZDQ1QjV1d1VEOEZlSTJ3Cmgxc1BmMnBmWjRyNmNDWmpWcnJt - Q3lBZUFOY3FtREFUYmhJNCtKcTUxY0kKLS0tIHhKbVVBYjN4WHRzdERNbkRQeHlS - UExiNFNCdkQ4YTNMdEdoWTdxOFZOZVEKZZbNpbyH31z5tyXeINqoNyqy8zvS3mp0 - YFq6P8kO8CaqUG7KH6yWV0Vq4DryQ9vMcQBnboZOfPf9pZUvhacE/Q== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-06-22T15:55:25Z" - mac: ENC[AES256_GCM,data:UmDbmxSRj8YfCkKEelQNMJ8mzbu5aQdB9yOr9JfUh5TB9r5Z5ttZ1wgJDJqHNtsII3JGXUvbgHbsmbPikkrj4Ege1rrgr4UttN1rtgeaAKlZIlqb9pOnV4//GJL8jbxCgFp2h2O80G05nAXG54DaY//4Y5hfTyPzgyDlGQ6jlhg=,iv:5e8lpFfGAJh8lTFcY4MlZG7PgnzM0UycsU0tB2KN+zQ=,tag:4xUEHg04wjDbhc9MOItzuQ==,type:str] - pgp: - - created_at: "2024-06-21T22:42:59Z" - enc: |- - -----BEGIN PGP MESSAGE----- + age: + - recipient: age19h7xtfmt3py3ydgl8d8fgh8uakxqxjr74flrxev3pgmvvx94kvtq5d932d + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWdUhjQUJIS2QvWk1Yc3pR + M1daYlRubnlsQk9tcytBNWdYMUU4bG1DVHhZCnVKK00ySDdBZFhzRXlaQ2xVaTBh + bVVVNzRraUpHSFFuRStzWFprUGRoMGcKLS0tIEVBUWh4STBIaGdTelFKcnB0TkNR + SEd1VTZQZWlkYXVKcVRPbVA1U3VWbFUKnuaPGc29kKE86nh+xEto0Jb6BQ0uH3pr + Q1QPgfiOCYGkuUewy3LlGnLTuMxHBBWAjg4zgaYPHU2F/HCS5DB5nw== + -----END AGE ENCRYPTED FILE----- + - recipient: age1klxtcr23hers0lh4f5zdd53tyrtg0jud35rhydstyjq9fjymf9hsn2a8ch + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSArdVJNK1ljNWwrTy9qc1p1 + N1MweERxdkNXZVZITWRRdGFQRHRQeTNFTTI4CjFkSVJQMFBKY2tRWE1DeXdMOUZY + Qm5oYTU1azFzVEpYZUptcTVhRCsxL28KLS0tIEI0czljekgvQlc1SlVGSUpGb1N3 + NytOaE5nQ3E4bFhCQ1ZDU3MyM3p5cmcK3LGva0vDjitqOBqBo6jHqRBaH8T8cOim + IF8ygc0i/dbaec59ZcCMhS0n8yv0lVHO2WiUwPaKTh5hkti9LhKlaA== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-06-22T15:55:25Z" + mac: ENC[AES256_GCM,data:UmDbmxSRj8YfCkKEelQNMJ8mzbu5aQdB9yOr9JfUh5TB9r5Z5ttZ1wgJDJqHNtsII3JGXUvbgHbsmbPikkrj4Ege1rrgr4UttN1rtgeaAKlZIlqb9pOnV4//GJL8jbxCgFp2h2O80G05nAXG54DaY//4Y5hfTyPzgyDlGQ6jlhg=,iv:5e8lpFfGAJh8lTFcY4MlZG7PgnzM0UycsU0tB2KN+zQ=,tag:4xUEHg04wjDbhc9MOItzuQ==,type:str] + pgp: + - created_at: "2026-02-17T22:22:03Z" + enc: |- + -----BEGIN PGP MESSAGE----- - hQIMAxK/JaB2/SdtAQ//QR84p3zGjW2CtPcPxlmdYui5nx8FV3MHog4R24s4RKNK - y4n9993z8m3y2at4yIWDi4LBKrhm/6mSLBHfoxnuiptoaSXSWXfaXebXkYiinkyP - GMvwegN6KkRZh4stJMD7W0g7w/trkNEAvPDoInqCnvT4NomrKIV+ZrZuCBLd1tXn - JRd2tsH8yYzoZr/PJBBDTZtke/nbosb6drjgG6ow/eHyF++HxKNTWfjCiWn4AWSb - c/E1VWsigYdBs8XSTbBkfSLr/b5FcXYb8tyy4gpGe9zOrxc7cW5diK5+x4bM8FHz - 85ShPA5S3PXXEnuifuk/ZK8+CEYWUS3MXUhuEFUo7F3Pt/Eb+5CtfTX6kvMe1xe9 - iqFAsRce/qm9Evns4ygZ4+LoI2ro2HFwgQ2fu1gi7PyZsDyW5eRL5P+vfxPUOxYY - z9cXXo+U1NEzWMDEBWt4mgoW9URye6O3k+WLQmYbQIhDkftUYmvRrPYQvP282m4k - NMucRIRUMkx7rpRQQP8yU6AlgZ1LsOmruV4XJYVxsTpSZq7YgTQP4kd3wMgBhwOV - j3hGc9gI9Sq06SdyU0C8PuUHt+mZGkVnYIOTw6BXHgY1tK8X5XnWK4NJXL9bR0pY - kfzDWLjD0hiiM3QYqieTbnDUiVTDGyf7Cop+EifYvy7um+CPjlYLLkDkEsWcy/HU - aAEJAhDEzP5eiU1e01GSNbWL49ghD7DqZiYdo0F/BGMk6jQloM1HUDnkhgBhVSZo - TjNPV3UFBxeRnT5DvouD6uJ8SDs42ARdb4F80vJVHknt0yBvGWfCQsXqKwuRDd1j - zkj4zG7btJRv - =sgSP - -----END PGP MESSAGE----- - fp: EF643F59E008414882232C78FFA8331EEB7D6B70 - - created_at: "2024-06-21T22:42:59Z" - enc: |- - -----BEGIN PGP MESSAGE----- + hQIMAz5uSgHG2iMJAQ/+NzRul1VZa2BLnjCsdUP7YErHvLsJqc/KwEFgGX8yN1Bg + VOHgm0MBYC14KtMu0Zb+Cm6ypqyaa4j+MXNVWLDTOLt1aLibashBmyPbwHNr0XwO + 6tr9qYAPixaoWFeiCtATKLUzWzQ68eDv9JHNNQvKGNjet9E1yOIxWHj6RxyV/EeZ + 50nf+7AO7cFkqRGFxrGKAYchzetajNPLtbS2htFCc3Vt9m38jusafvYdjeG+HQHe + 6INzdNqvM7vhfWJlIiTPCXGKvx0NhLg6sVvcXpq5mKbMAhja80KyUdl772L8Kr6P + ZYvmj+Ey8+GM+opGGxcaSBmgw3ZLRIZ1tks3LlRf/UiAZD5MqJoRL1DEJMtHzYnp + IqxOEiuMLAL1/TxG4KhJfT5Gs9Kf3Cnr6djhhsYg3GYXSQdhiyaBDaLpu68nEIRN + JSdA/7pCjxhvlgFl9XvPaMzQD5GZNlVapJPn1c9Ambi9cs4kB8nds+Xx4KgIN3li + 85flJnEtQWRI2DL8qJgoYJ1cXevkPVzKLFnQEHfLuozIzfPl1Wq1Sb3EQk9YZer9 + yfVHRngBBhmfNMtFy9gq8FLod0Odas3KQDAa7ndPMMx6oL5DoNeI3DpuYW4eQIZK + EbT5iHLMrTXHb2XKTHfXdjl6ttED+12GAby69jdGXjt6UVAM6b0UorWfSLLoqabS + XgG1w128eegSl4tqdYO/KDL30c9J1K8LqaJmg+9eFAi9Da/zmPAck+DlS7XUkeiX + OqZiOXLul0N2Qe/tWkpJD8F3HV+K6Xt0MSx8VsmeliicG4Rpme1Xysau+7kht3U= + =KUjN + -----END PGP MESSAGE----- + fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5 + - created_at: "2026-02-17T22:22:03Z" + enc: |- + -----BEGIN PGP MESSAGE----- - hQIMA6EyPtWBEI+2AQ//V6IIW3Hr3xuQWOWitDGn1bo+x95jePPpXNayKGJuaSMf - 00gaOyMpqP5hRd3lEQRyqHgPtmszlGrxq2y77CxnnZMbE6n+axwQQLoMzROBGyGF - iqe6hNbNFZPjWv5BTAl3iOHWrw3x/TpgcNmSBDfctU+CZlMWzCMuXJw1bK57wQd4 - B6xcoBxidK55Ubc7GQ8mlAEuZ89fYorTRBfv2rBgUh8ZAAsUmn1jEz7HsQMMd2a8 - 5V4TzicdzXO2cZ+0DqU8Xqt5U9C0IjGgZRPzDYkh7slkbyYomAIfCq+zN5ieecz9 - Mp8vvuMYfT66P+heNRZ7w/sgmGlarcmNKlOcXlakVYm5qVddPMx6M5Ovl4O5sABz - V4O4NRehYx0XFbjzXr59LCzpusS9xQoh49288dLTFudOInHUYq6ss0TbGfFJMDYU - mjHokzdG3ds8C9/lMR82X9rbyZDchUytHUwX4eGxUDMmhydFpgJko0bbozPbE2ll - NTlWegCc1yrkSGn6U9EYKtibitJnIMdas5HapcErMH2vYILsJOl9ifG1GIsuWe1+ - ipPyZy7jqP7p18WCcDnUhgaGdQ67UjSLqX2zz0SZDcfI46SUeyeSelFVpTlmKriS - 4bW6hC1FSe+bLkPZ0y5aRLgL5ipK6jdlZepAj/DNXdKAtchLHcddF3rKdBdzsxrS - XgFvvZPgj1JleYr+q/+ju4k1d4cE0HnQZIBnkAfKXZHwSPCw1d9vbeLipuRTJrEH - 2CpOjtiXl3S2ZcCS1ama9lgAqPBOOoH7jgHvoCzqfkBsi3/QlIpQs+C8ro4hXE8= - =KZWk - -----END PGP MESSAGE----- - fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC - - created_at: "2024-06-21T22:42:59Z" - enc: |- - -----BEGIN PGP MESSAGE----- + hQIMAw5vwmoEJHQ1ARAAxH+TtzvFlUZfD3U7BNRr9SyWVxnkR3U2zvvDG5A3I28K + fI1U1am6Z+gSvYdId38hiMPxDmDIMl2wCYCXd17q+PSycsJ1Bbzy1zaht6KcpSJb + s9jmNmf+5mazSRZ/COBy4mMq+2mam4/vu+xS85IsgxyxK9ygnCurmzMqn3lxatm0 + ICxvoLMAamA+tAfxtw+a5lEMok7pHdKndZmrKvxO7nLXM0292sJ3VHp5Uy9k487W + PznpjM1st/f/0gTu1mgb8rnUkSszw1odBeQ+xw2JvcDHE6Ow7PpCk83oTWXil6c4 + bEsrtvaFLWXN9/gssnayoMWHb/TCHKVe4AGrMevFkRdEFDRV5FRZGqzuGDP++X10 + KYyMN0/Wo/XU7Rn3+7HmKvz0qeaAI/IRTrhdXUDtQQ13/waxGrJEquwS5Xuwea6l + LlA6hwnAERSVrVkMQ60ITOD6n7lvAPA7jD/HhI3P2Xy4mDFW9ZnfnWi0xI9pRCsk + w+ZnQ1Ckacv0gJUirvsVSdUYHwvEvpFEVSsZsv5QbNsaWi5jn5XDH0eqlXQE80aO + o3vPFTNCHNixspiaIO4V8etyv6nSh7BxwDvIH4nZVxr8HmxILs0Occw9anvA81md + roF3pyb+ZFRIwcBh72VSdAm1D/n4h14lnmMj+19HEA3zvbPnZQejtGFMY1Oe2VTS + XgHMI0aRJANXczMA7LSg9vxDYvWXE2KR526oBsC1E7otCNGkxj3hhmng25K3tmIU + E2AAaAIk/RukMnydb93XGciPquCZsWlmpwlTGXCqoqiNBilvIE1lXH6rhym78ko= + =nRW4 + -----END PGP MESSAGE----- + fp: 87AB00D45D37C9E9167B5A5A333448678B60E505 + - created_at: "2026-02-17T22:22:03Z" + enc: |- + -----BEGIN PGP MESSAGE----- - hQIMAz5uSgHG2iMJARAA5+vcORn/YX2bHcAno9KCUGTzeiCP/DOoSePMdsCAmABj - P8XoYJOyZoZgW3qgvtKZ4pLGB26FuJXC2y6Z3yyQ4Xj2PeBj1og9xM8p7GnF6T6n - 7wqALwJOamyer3A+OXx2Gc8kZ0ObqgBbbn5QTPnHzsRljC3Irgk+ZZE8ZRshoPmu - 6TEuMW0NT5INmijtPAxer/eaAor3KKxMTf+sqqr/VGNopAyFUCGZynlnjcei6X+T - tVKh6zqr/eaTlnhoP2kr4u+wKcHvLV8an8sfsyIGL90O11LNcX8Sf4EyPDYSXOe7 - AXTFcvfw9+ALu3cbTVPN0aI2e8fCir2S00F8x28Ffc2xDSrXjWEDCXLuRNVXz5KA - Mjq4afyQN6mtVZ6ZmtvaLQoG8D2f2sGzvrsBjaXwxPLHKPpUFZVBiiP0C08yokUR - 7FrYaOjnvQVALLxGJMAhMf02g2dYDFxMw18cY2a+bLrYUVd9EMbuFwCJNzmU0of7 - EpSvXrA0wTKddk+vL3JoJgIrOxz2IQbaC24NiCUzbyakhT+qDX/oXXILxL2x0GfR - RaTL1inkTQO//ooAjlPeMA3OIDQo5CdoV4VlvSUgagYfDvMfDCAO04Xxvezh1uvz - //4Jz13+LFoUgbtVUYiT4oqWyfTKOV0D8ILYWKZJtjJt4TeYpEfbQFEzIYyF3OHS - XgE7aGyB0ArPBovSr55eQGmW+FaeG1VtH7TRLU367FyQmGep5O2SUxQXqFFiWyDy - bseIYdRqNsmlgdXBnADdkVCFJtF4C/VA2DOk+wOO8XtQoMQ8zrIl+0Viq1s66OY= - =xc00 - -----END PGP MESSAGE----- - fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5 - - created_at: "2024-06-21T22:42:59Z" - enc: |- - -----BEGIN PGP MESSAGE----- + hF4DerEtaFuTeewSAQdAPWizx2khKtlshnLwE5PRszAdTvTlsEEiWVV5xJx3PnAw + 9Gj2lZZX4F0AXoKInElg2N02FXpIo24ZZUPXGqpswfSv93NFNNK+FWwqUCRZhuCM + 0l4Blkyy4PthGwIAtXqZ8GGxjoDGBLIAE/zrY9tdNB5XAnkiy7J82kora0dphpkq + Llb1Jgh0+ZK8RQzaf5wcgWf867MhJLhv0N+qLsFVutGpqFy1W/1vaLQ5au5Ty2Tw + =460I + -----END PGP MESSAGE----- + fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912 + - created_at: "2026-02-17T22:22:03Z" + enc: |- + -----BEGIN PGP MESSAGE----- - hQIMAw5vwmoEJHQ1AQ//abtgoFEWd+zbeSbiwey8nCNQUSklHV9kbLuBK8+ipX/Q - qjweWnnPVN6ODhgfXm93k1tSqeJjYqjqfxVsAEUiXC61UhvS6JBZuVUt4nRUWHk2 - cdu3eKlBx7Nhm6th1gZ+Wf7PcryT5fmJQP5a8VEM/nUuRjnAmG7RuSiWbNzBbTDx - 4jh4GTvlFkupxZvLsXYf2T+7qn0eHymdQI8+5WSHQH6kApBvINYoq1m55it5ilEp - M0tYNFMzi10OjKVbNRQXuKhROzzYGtW8qWGtc33WBB5rvkRVelSDmleTbRywWjE0 - rNo7vj97SbmGdCHydzcEwPIBOd11ZgFWpamX/36ALeKCxgHgc3HsnjIkDsEffpoN - SFHAhyYqXTDRqq5/HuBQBDBJLVVcIbqlJo3us47gI3rhojjSayzTBd5TnGOZt5N0 - rFOqoZ1i3vf3C5sjKivTzCJ/P3yFgD271hQjv49jSqXgSF8ZIvzaDr0xLiy+XnZ+ - EsUyqxZBKWy246BtyZ4qBvRjVKbezpxQFh6MzxccY+toUaG2v2I5muvFJRHe7qEA - fT6XDl7W6aQ/RBL/Ij9OWYvCMWS27mzkLQi0uBH5gyA1t6Bg9O6+CjGpK6Mmd8fx - 1Q2Ml5ClzLnEq94FX3f2hpqLdSlwREPoBYULeJNr+WhayDvfRjuh5+MvN+wjbs/S - XgGYwgGCrFmzXN1mWElNGc3+3sMEpiuvJp6Z1nRfr17YvIPUrtCU7zVHWR1lWFKU - gjJacBX/Qw9Kly+5jADM0UorWkZxaby+q+j8rN43nPatjDlDRI+BrNta0l0ulOA= - =2cbn - -----END PGP MESSAGE----- - fp: 87AB00D45D37C9E9167B5A5A333448678B60E505 - - created_at: "2024-06-21T22:42:59Z" - enc: |- - -----BEGIN PGP MESSAGE----- + hQIMAxjNhCKPP69fAQ//Rzcsq0Yay/3g/MzqHI1izkSWsdycz3LE6qM4qhX4f7wZ + 4Ymzu2jbSq43IavCjGPOLIKVJ4nlnPd7rcprYNV5DOcGAkXG5x7PbnVta3SPI300 + CXnSGQB1KHUCCYZN1BkL9ZSQyTx0ex19mnsSEtZh8NB97cCZx9zMowdHKd5ySu/O + +CMFkQ6Uoh2FxBtqM1y1YbDiuDJnAlAQSKlDIVdCdMssutWRs9Nf6eiLtcmb4U5l + sNyKQnPrr3vjkaTbVdBKQjjMSa8Z/1Tf95GxNhzrUGm2APLKVYdHkMVlQwcr/ZfH + jGiZqxgBmrtNe3EypdKCDnlPvlxs8mnO5whxzDZW2NFV3piMmOmvLI/Po1ASi/t1 + PW9h05Foh2764Jfp74BkRTvhBfi465wKkON0VOckwWBkl/n7w7POfHCXdK1/AnGj + 9ywj6P4zg50vKiTMkZStq6YKXAEkVcN6YzhVVDFwDwAE1VKFCMKlmwuYT1FuKXBp + 7maF578qVyb0lXP9jaX10Y9dhC4vU2rJB3vtRhxjqeMEe/WOyhEyalrC9phPfBKS + wVKzdd3vvaNGfQSAwseFAn1upvELFwccPw1aRIqqLhzWTY2m48yyW2aEN6+7SqkR + dOBJpZDE4NxOhbQl0rllZdeLUznIgeOKM2iNg/3kM7cWcsLZRm3+l1ZuiCEy5XPS + XgHbwfJlyZYoQyKCntbdA/5VRS/5s0oPJIjuofoBZb35fIqtYPIpUeNccpklXYsO + atiSRwJeiluCFUag0uV3nq0zltOlqdS6piEVqU6xiGLAZe04jkaMBxL6VQQHYU0= + =811X + -----END PGP MESSAGE----- + fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55 + - created_at: "2026-02-17T22:22:03Z" + enc: |- + -----BEGIN PGP MESSAGE----- - hQIMA4HMJd/cQYrVARAAu8l79uJlVLz++foLhk83zrPSZsX+1TQduJl06Kx2VrJ+ - dZX/0okzpHmHeZGhGH+e1Gv7MpyM4UxAGwE03NIk32p43LF/biad0zc4TB8yr9r6 - N3Sr/ZbaB0oYC/K4r1Sj8W1XWmuYZB8lc1dyfwhf96KIXGutvG22O5XI0pOA9yHL - x4AWt8OHYsaWCt941M6pbFtBsJEl/TaKgYF7YNITvsfj/oG7cPESKLOkcJdmhN1r - ADpJRcs6rVvMLWxUBjZICqZvDlwnXK5gCu30MmLs/oQbFmHjBRB01Ird+Mb5e6l4 - vrYC+zO3RG3dZ+VXJD0rBn+56nDMtiKISJCy4I4Vz/ekwx94cIci+BlD9/3YYix7 - HVgR6flBgInZEvaBxyj2e0G5i2gKvYTfea5+6bwPpszLUaYba/YLQQ2mSXcwWPsV - ipuNSjJ8swK2OpOFTfzs7Ua1OZChCOhhduxiKCwASYrbncfexObsQfeobj3wrwXH - N4M+h5ghm+y7UFKDW+gfN79WGfltWiMdy9vZNwwEYF0NE8jkwPfIt2dLvyU73MFU - NivYWp6kUj+gbLkb3gLClAi4CyYqNQyBjbKEbt+470UIMZ44WWMEJy7bMwAVzLBk - VxBHphqSuP04pgb5a+PHPApCZC6KEntnW1zX+DKrCn3/+NhoD6COhCvetWxq4f7S - XgFop4XZPWYJb6ypqkFLbkHIg7tCbr/xae4HABncVj0BaS1Z7TBdMiGi8SQvHti5 - 70rNGZIpQe/59DmBrLT06VdQRY5rt20bDoN+DaUrE2tc0k5h+uwI71TG4//Db2A= - =m4ec - -----END PGP MESSAGE----- - fp: 91213ABAA73B0B73D3C02B5B4E5F372D17BBE67C - - created_at: "2024-06-21T22:42:59Z" - enc: |- - -----BEGIN PGP MESSAGE----- + hQIMA1Hthzn+T1OoAQ/9EvULxQSjfO/V600iqRhsQsuuHWY5IfVN+XBCmzmeUX2a + 8qFN8L5gk3pYEoIu4khSCSeIpVyOdX1XeWMMNB15C/pAvgi7emH0y8UxAvCLfW5L + CzP3qLQsbpKUGntPlHaye/G16M/+m4QPc6Y7qwEtUThOei9haPhIU06Tb61IpfLk + AKticUro4ap3Xt/fjDH0NHZsGG33V6LprTt+8LaEcpcwZK/yOWdG4wTV4j6X8LbA + ueCmKunAr1skJrd+hVuwP2e8UkasYgo33pcupsS5jcyXJT9Kf3p/nqOJ3QGlwOtP + lf0DUifdd/QrEXWcMBu+zc9HgtUzpyU3KAoVrxo4JQLaoRlq3kwk3mOOFA0Fzd16 + neuJL2wp/RPuL47StHwA9HxQP+3znXkNxmt9yXGzeyeOBpK4O9qoQ9y7Rbd/FR2u + wEl5uAjhhH2xmAUnIKp5Y1UAFSLqZEaiJjjCHMHycaTpCucjEcChpaBGDAXYS1h+ + x/r6R46UgIzMvjpd2vy+C1aQg0p1Z6P65ifOkdAYIghpSkp+F6SUHHkL3w/kRRjE + dBF8YWFm/yl9P9qenakC5NsAA+bR4ZpNWpv32sYuVjIuoV20GdS7UIVQnvos8bBK + NfqoFmz4n8Eo1jLRcCJ376ow7bSEhRIJlJxdq7bFjZ/3Wtk9vt9dG6XV7wLdJwXS + XgGRxjv94TYLFowYA8/uu9fWxvf2i2lLqctjrvbZkW0Rdn2Ym5GXjg6St3Diug6r + y87PJPSN7CYE4jzCDPaSnGcBvwDHrQsLHLAmenfrAi2Jnweg/THpm9UAftoC7AY= + =Fxot + -----END PGP MESSAGE----- + fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD + - created_at: "2026-02-17T22:22:03Z" + enc: |- + -----BEGIN PGP MESSAGE----- - hQIMAxjNhCKPP69fAQ//Tz2g90bOkkY942MaLO5/k8MFMf4QEDMZAiw9tVZ39Rqf - udMTcGyOX6zLzr+xxNX3gwn8X+bl0yw4Tg/FiyOzl9RjMZDxvzUaj1gYZI9kKPne - aEmAYcP2mv+ITUDnApZonDZE5hUnLGAyfEZMU6ExF9XkU94dXFdU4nd+gF5XHzou - STiNryBYaxWP1WMkW4SlZqdJiCfrkI0Z7iTF86QtXN5S8qLSIyjP3hIv5QxJg5Xo - NwK5IXQhV/0ZHp1Wl8Xys2iUw3iuwPga7sBrMHdJ0PHVBg3Wg/bG7YtrfEAfUbcr - UHt9rNGFZluuqNctvcvkSUjv5DISCgl8lSSbzC8DK/vT9o0DQYWvySNpVwXO3tqs - 9aCxKc8trCXrd9qePnO259Ni0ALRjyh/GHZipzhZo/mgyUWc5nAdTLM49MsmAKHc - PnBBSntXnVHfFoFvgyBAmyISVuH/L5j8mezQ/37AevcTfuWemjDRGWIiIJZ73CyF - tG6ida5En9QouMO18gKBBzfR/2s6tt60bEp4bE3j2rRgEhwblBfl1NtGSw2WGVVZ - bU8KormLDT8aurMIp/Rd1pzAxDpEhDa13TV1IfRECOQvY35aBC59upt+XLwJ83ch - Zgi5cRGtSoj1G9OziQGCtJjGqkZoFy7Htou6AyFUEln+2Px0EKGJC3yCUcOF0orS - XgEtK2wEJNnJ84LctjrRM4ZSeb/8nycfWiR9riJi1lq6J+WSeiGME3cvhgObDTtG - EwuAjG6vhwUdr3aovsENQhvHnQWID844CeBtB9jMHbFJy41vbt0rC0JJG/6RoRg= - =5Ijl - -----END PGP MESSAGE----- - fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55 - - created_at: "2024-06-21T22:42:59Z" - enc: |- - -----BEGIN PGP MESSAGE----- + hQIMA46L6MuPqfJqARAAnZq75P7GPcuBCBLUOVPK8w1IBxd4XzoEWW3+T80bFTZE + ZjPAvfiGcOqIfc8CPzpS1drviWiRkuEV4EKCuDmX9GReI0SUlvaoiddUA9V62f4b + akBrzqR0nNnWWvjph4/5PRAQO+xO4wQy2r9thCw4oej3QgvKtLRRRY35TkGqlS0t + ej4d80KaqGGsfIPQ5L9f+lqarrKvYx3DMK6CujN13Kot44Uom4L5TeIdPSAW14jS + 13fa/I1Irq56ME9kNctsuAkRkhrW+KchFJqkYXSS82SbXUDDNcVA7knXSzxVR+iU + NJXb8bQO4Ymi8sWPWKHW/GXUkReiTLl8MkLi+mCwL7qo5fMQcBg/KWo0hReQYCj3 + G9DZPs3xWYFcwcmrSV86LSqjMt5g8ZKjPm6ODQcZVA/ZsGlmdTkjsWNn6WRZI55m + 8kkg7BoRMq7p6b15tW4e/w2rr/bTmGQ9dV03KIpmBG6+OUzwgfB2/w2dGmB7Vor6 + JMzvt+1I/PSHsCC/7GurTurAP63x8NO/9HYX2Qg0qzsOusnTKrCoo4lX/tA5YfIt + OKr6zqy8s5Dv/lGUhofkJrhHr/QTRHFVrFtPNn4yfSzo+8uhomHGsmxBGOOiY83L + 3zwYm+9BlzO/ve7PIvs54hIHQaKsP9Ktsgq/+dM7PVlIb5qfwGNvgoS2QXFqCF/S + XgHWy41J0zTGoyEpooGkheVKvgEPvv6YIlm9oTucYP03AkKWxBr9MTNq/+JcLRvw + Zey10uVJnYPUuH2b9f8N8lNBZlkQCBq/AEu0MsygsK8bcVfQL1Qs58xh1uA7gL8= + =wduB + -----END PGP MESSAGE----- + fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A + - created_at: "2026-02-17T22:22:03Z" + enc: |- + -----BEGIN PGP MESSAGE----- - hQIMA1Hthzn+T1OoAQ//dwisvTFgYUCFICbaNZ+8jttF4lTQ2fjdP6UHb0evav84 - PUYpqUfmMF1BUvxDx0rwzzP1OaSKuesxAG46i1Nha1Tq/LOURtzZtXPW4+xSHWge - ifbcbGTBkACviKkRuVUqaQBAbzDnFIHtcQy7nbILmzM0aRwm1IC1WzKpPRBgzAy0 - o/UE4geZjPuNqkix4mcLz8sXvKMz11FE3QpZ44JqiRhmAITTDVo2ymhbvA6R2C1w - AL0tjJwKRb0qfoBegyPbuUW399l3CCtEE7voW8AxZ3Y6EGO8DQ1i/MkR81zymFep - PUDVYDmhqmh38Z79v5iKqnruzS+rOaitzMRqsUfOJfa4UoFkjO6tYdi5cOY8T4cD - w0rgCpvWriaGKGHDuRIdu031GFyf26+SvOWEbiOhMv+h18Hj5P7uT+Is+VuEhHEo - i7EYTqzsRwyIfybNkb0mBVluvXb4CpZRdRq5AzC49qu4IezvKoAT99KG1yf7XJvI - Ijc/ZITFqCBxE7REA4JBDuivPHfML4CgxG+5PiBJ3JDdaP+xRuoVQQv5E55Y4YwF - NM+NTNcvsTv2vKXJ8mmWLBn9xMxN32gmDyy7jW0elW46AQidIL6C+W2Zhxn6GNvc - 2faDhNQ3yV0A9mIsgQjdWeQemqhsiVU6Sg4Mmattm/b6plGCM1DIcJgMV2RRAobS - XgGt7zD15Ju4S+fQqL7MVGGD3y5v0C5eLx78MScygpNQKS0vfTfTE2+wRCzCjZAG - /6HU85E6ru1VeXc0TwQBrpX3Wi2ga/momalsCGoh3oHBd+jRqzwpRxojKLy65qU= - =g4RA - -----END PGP MESSAGE----- - fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD - - created_at: "2024-06-21T22:42:59Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA46L6MuPqfJqARAAmTOXbn+qa0wgjSvK3juGqVemxKvaD2zFG57ivYdC1Jdn - PIVi5aBCvZ8KY/0W9k83LVcGUY1f8eRkCU8ohJU+rmRbiTvT0qo1hfLzxrqaNbke - gN+YsYW8bgXioF6nHVWI158GvqNfmvRl4WyJzBQ41cAyMpdGXiIzUoCba3Y6f+1N - muljMhgvEtWUddf4zheZX89xV+aLa9Mga6aQbwRcL451UcKxmE2nk4+00rMn7R7R - vmsC677/RrKkI7RxubzCVFFlzaH+ZZ1Ott6ozKUWs2vCcB6vTzwwvmrJwmr760lC - pozfNp/+WzLZOkA3rO2qAvIUc1DxYA6CgukrAAObCbvmcgMeLtVR29wwWs01qxI+ - cTxmH+btbiM0PL8+/sW2KlC19hfMmeryiJXxbUN30a3fMDJz1wVor54DsaqG9kIJ - zIxGsQ6t8fzfaVfeQwoxODnTWqUClWCY4is251O4Gxw3C0oPWZvzoPvxljaPrYYY - SE3dcktWmGoOxLj56lLfceKq0qAtYmJD4Q5k2GDYYU+8dwp95UTf0lbRwauMBROT - OMe4r/emH4Z1LiG2/HLoM4QuV5VVQGSAqoE3c42YjjS9uh/aOtmeNNLehwS93F5E - J/bXNY6VnHcALRGMZF60g5OxM3QUioNkGqcCWGjSaRPcKhwaXvvIaTCdz8apnBHS - XgHeuszpU9/O1nCsNPF2vQUjcNxz+KsL39RwHCVJBVJskxd4HcJQUM7uArV1Fjbk - fl4nQuueBrZ4tXzimRK2QOjgy8F2n/Kxpjlr4rXn+Pi9jyhx0Jq4Blu3wrR4LAg= - =4Xvm - -----END PGP MESSAGE----- - fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A - - created_at: "2024-06-21T22:42:59Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA4EEKdYEzV0pAQ//fo1yfBspyD2O84d8UCHWoUJTNYql2p26H/vC2BsVzAmL - 6nylQACeslISLlXbrW+ILPOFZ5x21THOFcJdvCGAQAkY+jC7Ry3D2gwsZi/RLFpP - wbEgbzk9hcimmvuHW/NJtrqvXiTJy7GH7el5Zwqe6rtUkTW5IUtaOmZjn2fQBVoq - 9mMT86vOYlqgIISG1o5x4pciRd+fb3JPiPeJiLcyUBEXYqg2THlyYwwp2paFomYf - a6Ls/pVT9ICSblFlnfILOexDpqhxcPH+V2nwlbSlOETq3ACcVIgufIRndTkGhDzi - HS3GlD5nIb/ep12Gj+qOgKZBsbUdNIAVojNY2qlK2yQJpE5B1aDjmkAZUkk/LqF3 - 76ZRBDzigU0jfYKh2iGDY3F8cWDsRqjqcTjVB9KF32+1SeUAO4NqDnDpMZgBh2i5 - rvDOJCJfTgo7DfPqWPyeFM58sow9EEglygASA/XTaDV+CmLzRlqxwlJwpbRrz3OV - Mp1gewfGASLPS4xh6gtROac9DAuokmN5VgNg2g+emN8lUNJ/7V7u30TvCEfGP0j0 - 1Sd6RrNn/ZDMJtOoE8gDua6njbOi9Zk/RN4Y4NKWcmiNZxz/Xi/8XU7F0yk0yEL1 - DUxYsCEHImib+lAESQ0fF4VMXx3DSXq2/Yt5z782ZvgNrGoGw3B9qVA5FyG5Bt3S - XgGgfz/6fGZ0DEtTv3B8Rhqbm6TvwPFgIg+3WuQRXxf3rjjoX1AN0jcuz8OIIfGk - o1GuRG0/sYg7P32ysgQMvS1F+rX2PR/myHsz4YMM10soG7OduHgXmiJ0eUq8EtM= - =WLCQ - -----END PGP MESSAGE----- - fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA - - created_at: "2024-06-21T22:42:59Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DQrf1tCqiJxoSAQdAUMjy8rV2Zy5nmeMOBsANIUVyhAvVBUF1yunc+EgVeVQw - yd4hPHMnQSkasXmcMDS0y2gwixgTOeQbG5PaOr0FA7eGEItLlqwSxz3+GnuD/gEw - 0l4BFrUbimEX+/tfI8aymapMVYXFXWe4dUZw9foKN5HqkpPKhusozd9bqPPNKggZ - 09tvIJViKP/QufK0WyLYZGWrG+leogDX39GBtAU1SOllFqtq2G0X1qH+s88GVpaO - =hxWV - -----END PGP MESSAGE----- - fp: B71138A6A8964A3C3B8899857B4F70C356765BAB - - created_at: "2024-06-21T22:42:59Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAzdAjw8ldn6CAQ//SK6MVXhRsRxYV8jL9HrVTovc84kNFr24nbHHi5z6fuCA - 6ZjPr5Btx5Xxi716mEmdDBUSGfeJOOSt6hw4fCqj5ehnCeMLr9GvmJdZx9s2n88m - h4Fzd1XF67NMbSAYMPrXpk5dlxBNsgmsAWTaEet9gqGWWYsrZHWPvae7z+GaJJzz - h3dix5oVV3tM2OVP9hFhRtu9tv9a0sj5Eu6mz8UsDFwEPynlSDPKUQA0jFTXJnYo - yT8UTPSZAUlwnU88JPIhHKCmU8nqUIgDURVNgK4BsuoKSAZ27ueSHr/4IzBiavVD - 6V1b1Ttt8usKFp21OCqfNuoiIeEipUdLMFSTjSXqOp38QTaqoDaCsAPc6j3HCvlV - vMm1lbSKK+Llpk9WOmqvHQriL50lQGYpa2X/jS8FtlotKFm0uGJoJXZ5Ujc4Wmy9 - J79/cXLULGFCxdPsoxmd8wJFqz0eiVPHIBFB2Y8Tan+Mg44WeBuY8sAWGzYPp+kB - sEOIQ5I9N1Gt+58i1hDTRlqO4I8ihusqKeRemJa954rlzz8YTmZL+JAD5gsMtzuH - gMjnfBnNJKw3UmnHMMQm348CRB6SuF6rmjc7Xk1qsnie87HtYbM3dJYh7ixddr/a - kTHy66zDX4j3e/y2JdEPQw8/WhhdGnyj6eDioQLNFfvApI7doi5C+XDCR08YxJnS - XgG0kP/bfDBkwzzHkr3khuvdtmUEmsxGbR/3abyjLfvM+g3HM6Eqq0uDwuGgYinR - DYfWUZTas5uWrgxAWYbBCbhPcevu7CsyJFsBtG4ExTXPSsP2c79+LwtmJjbLQqo= - =9C2P - -----END PGP MESSAGE----- - fp: 3D70F61E07F64EC4E4EF417BEFCD9D20F58784EF - unencrypted_suffix: _unencrypted - version: 3.8.1 + hF4DQrf1tCqiJxoSAQdA4Y8j9A4ECAds0oJlP50Td1HpYIhywjXKi+pT7CTPXQ8w + 95+hUucTE8WQO/9u4HV2Y2nuyQPwmaYK0iGbNV3YxgI3Zdtf1T680hQxT4y55E1/ + 0l4B+70h9ojiHZkpVKVmFFZdY+tS/jQIFIRxqTW1AAfDf+chO3sUxbRe2qZhOXoY + b/QKU11wFpmOZmzznurOoxkqdNgGNcFm9+Ntb4ZSLSYzx7wrjzmWsaTdFd+coO1j + =V+rP + -----END PGP MESSAGE----- + fp: B71138A6A8964A3C3B8899857B4F70C356765BAB + unencrypted_suffix: _unencrypted + version: 3.8.1 diff --git a/config/hosts/yate/secrets.yaml b/config/hosts/yate/secrets.yaml index 6235c17..d3cb216 100644 --- a/config/hosts/yate/secrets.yaml +++ b/config/hosts/yate/secrets.yaml @@ -1,233 +1,148 @@ git_clone_key: ENC[AES256_GCM,data:Wss8NtyYXOmQ8fYbqKfbGQ+5l+ifNznis9OJ4p2HRPsExOFvgHH60t+D/gsOPTiwL0fEQKQn008Zo7VpIEhKIQM0fW3cd3ED3Tk8QX4hDRxyLl/lql5MlhTm4UMY58rNMBXgA88oR1lozgAa39KMH0MRUoSzrhvecwnAHO+RjZGXBN5zYIorqBVEk5h+1wUGSlV1TroZX9u0cWt11eH59AgKY/oP5mOrgA++E623Oc/DnTxlLbR//lFHW1JPiBSUFMP1ck6fg4PwnADYITgr1B1zdJz1J6jNC+n6S9bKDPnH5bvqmpvJIRmimxR4/R182RkIC+TBhD850cD1y9KSZa0Lh3DZ3LPrqGtZ6MHvpCgY/wPiTUANv6CJPcOAoskaaW57EiFl0ev3Jc3A+XFM6yqQOmmvNXx0hYz6ltlvtsltOcmz5TWooijwTaPS5UEwltYalrT9RNmC/ODkBRkSvuLEBWYwnu8aeo2f/+IxciG0PldDJED2ud6HSkDEXHcPCwodScpnk032Jrc+0qtI,iv:tCo4f5u/y/ZrAfT1N+eUNLy5pKAg/U0xa3cNQmzUgFs=,tag:03HK65hWjYnVzz+7C+HmsA==,type:str] sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] age: + - recipient: age19h7xtfmt3py3ydgl8d8fgh8uakxqxjr74flrxev3pgmvvx94kvtq5d932d + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTeklHTk8wRXZUWDE2bHdV + LzJSVkJMMStpMmlud1VZWjVLUVdLejNXWDFNClM2UjhMaWl5cmxjRHdpakowV2hZ + aVVxMUtoSmdJU2p0MzZORC9XV2U4QTgKLS0tIEM0RUhRTTFBcjNsOVR2Q1A3bEFE + cWNJR1kyQkVMbElBdTkvQlkwWk8yTDgKK8XqGA2Gy7b7dIS4Zas/t8aK8d2qCx5p + cDHyRqqAfMIn9fRmiRGL0VRXCTZcPZ8FcaDx5/CuOgxe4hvNXp9U3Q== + -----END AGE ENCRYPTED FILE----- - recipient: age1kxzl00cfa5v926cvtcp0l3fncwh6fgmk8jvpf4swkl4vh3hv9e5qyqsrnt enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4Rmg0UXBXcWcyRTV6ZGlP - TDY1RFBVaTlVQnJVV3NnU1ZTeEJzb2xsZXdJCnVFSGF0UjQ1OUpxcVNVb2F4K3Uw - KzZRYWtTaTJFd29zcmJENTRLMmZsUVkKLS0tIEdGaHRaOWFyeTMzSit4WFh1UGVS - bkRxanFoekdaQzZnSkFjNmhwNE1EdkUK5scD+5qe0QJvsgPHTrGQ4KrQLC8EHex1 - xpImRJ0Y0R3e6p/WLwYbF236Ju2Z4f2Zg2Zw9/ErdM1McBJ8ll6yrw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtd1ZQNytmcTQ0bC8xMlAz + QXlibmhQZGNQQnV3QktoVGtxOHA1eEtnaHdzCnRiMVl0Nll1V2ZibWdkTnBoYnFq + ZXNqUHI3eXMwYkZvZkVEVm1Ld3RFdkkKLS0tIEx5RVc5WGEvdlhUcHVQMXdXcUhS + Y2t3K3Vhckp4VnBwOHQwVjVpYjkxU1kKuvtNN9eHFvBBjZmh/L5yxeU6rRtz7KMy + q/5pLyRVAg/LjXKnFH9SZLbvWyffpfG7U8CUQdBmVIzYhrj/WEKwcQ== -----END AGE ENCRYPTED FILE----- lastmodified: "2024-09-08T18:35:07Z" mac: ENC[AES256_GCM,data:tyrfhBaTKnp1lqSPfkErk1UFoI7v/1az+zl9g3XoZ5Apo3CRixdLUldM9sYXqQT5WNrgO2NyZHqvyQOnFZiJuNhlYFSQbgwFFm3gz45BV8Do7QAhAG7+Q6q/Gz9VAqePQJlmzbfeL5iqJC2jhrcGIutO2cI22QULLkBzVVDg1/w=,iv:ayLonGC1F3vp6bh4pcAps6BvMzrG/yT2rPGAcUQ1Geg=,tag:1fIaRIFrzDTSP+oIUHABgQ==,type:str] pgp: - - created_at: "2024-08-05T20:33:02Z" + - created_at: "2026-02-17T22:22:04Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAxK/JaB2/SdtAQ/8Dx0hTc0zZkd9+RXuKOXU8ZkKF54lcxfDTMH0rD2bKPhg - do/+I4VOSJxfyTvzFNjVXywSCEsws2+RyS73jF4048o4DrNQNG4P70GqXAqjDbQL - r+WCKT0if85JYPo/ho8nSRumo44BlbN2+Ftc5Z90UshW63VPU4Xm1Woqm8TOvs/0 - cyhsigShwJGymnIEY4PwdT6fd/gkVVaoC9nCrkkSbaQZa1rXHud8+jLK+4TXebKl - Qk2G2cVivWBioT4wGjhZvQ6lLK4mlaqxiZF3aRYcUs1Hwgq1ZolbgiGPWG4xisFa - JgsqYRnmGnTM/33l57Cy8CpVHfprrapUXh2X2Ly/pBRQn+ns2zk1wkpTUHbwmyQi - ETLvw68PXbayoDNunMqZl2RWPjPnotNVeG5i2s+pwaEoDKAWcud2NPUWFb+gyftk - YNxMdp1CpXXOHpU4Ty+HHXAU/uLVVzLT91RLJAn+Y6rRyevg4UBSB/Y+lc5IMTfa - QPPLRPV6/P4LIWDlOdg/S3Q7ZwryNAogU/Hyuuz2xyS8LK7S7M0+BgVBrOkowazy - aGemt/BmQkyPQDpJTPxtdzsK1vvplol7uJnNou1h0krrgHlAzb++3i8+V4Z18dBg - GSeWIdSm+OD1HPDyD1054wEUAgPfRh0TZma+vDirH4RDH0tMubRGOLl17nV+/v7U - ZgEJAhCYgHEjsPDIpUoHopF1vkhxmhv6YqILLzDftbbmDQUqncs/mgnFCJPNnKVJ - ldwNj2kuAd2L5VRI0E9k0ZVzg/Aqb8B2wSTiJmQGWI3b0tNfGuC65fe7p8ceJ5vZ - et8Y1DEjVg== - =u7aP - -----END PGP MESSAGE----- - fp: EF643F59E008414882232C78FFA8331EEB7D6B70 - - created_at: "2024-08-05T20:33:02Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA6EyPtWBEI+2ARAAsrHbA58mnccH/oWDgoEqwJx+ZkeSWo6Arc0nMhU/Qh+9 - Nl/pKdKm3LsIwkKTRVGDxI4vFRo42LFZE47nyfa70G7GiM1uJnEOx6vLTN0HpL6S - YQi8Dbb/+WA7QnGDfaEiozGQzsPMAgSVAE3A0rlcLBqQwiGsfhHr1RwEggfXqMG4 - twxWIbKI/8T088b1IFs7fOKxzEB6na7+HoNaG22jlvRY0irMfgti8xeflWmZIKf2 - uY6gM2rCOtCSi8vZEhJiXb5SG1NbyMmVHsz0ZXHwwGsiDACFqISqfR921B0Cuftx - Nj2pIwKbGyOOsFjlbC3ZGUMplLzYpRMx8LetLMrksWSpzypWdeI166gjF4MncUlQ - gl5hM7gL/+6k86yxIqTeexVoU24NRcsYCnQKZAK5T2fxQxX0BXppWxju6Jq1erRU - JZsggrbxELMJfcyrDC1cH/zgAM1kqOi32ZaGiO3U1WA5fxhJPUy5kxoQXSISL7Ng - mrnnMKIWK7eClQb47a/lYWEIqw1UjJhCPmKVHlcSmiH8FATfr5KjHeFlK8Zou5Ji - yMbVS7s2P9MeEzdnNC8PSFwjM9K7qXuWJYvDQtUracfxgO3X0r7Z+5g62WmLVDcp - E26DzDyTrU6Vf6WANOg/V7C7paOasnpcaU62/C65BBtGH23mgEfkJSkBYJWCea7S - XAHLeksa73OaeO28kTspM4G/Nlh65lr2p92gmcpbqkARvw8dIOUrAqPMRjJHabZq - vLbFx/uqXDPfALVXNWKGZp3vObGPLImQ1EfjVCYzOlkXXnfVdE+ih9+HIYhX - =advR - -----END PGP MESSAGE----- - fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC - - created_at: "2024-08-05T20:33:02Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAz5uSgHG2iMJAQ//c9NMv/m/qGaJR+2jeu5VAbPwqIfBbrAEiV2s6TlzJRLz - 7yEo9l/wh2WV+1Ew9dM5Pe8cgezjNaXgCeV8EEMu6dzOb1N++3TQJ7ET10DaOVec - ofEwDUYj8UHmV0VmhOPWLpceAod5wk4Xm4rlJTFjQ6TKN8U0dBoGS1cxHWwWw8oa - RebdNmpfSgkj0ohbeD9owxQ7JhqGlOPo1JCz7YI6c6bwQ1wuOC/XqnJt4F5ny8ty - y/qj1m9KrL5nRRc06qxNtmYODMuS+OeScfcI4grX7wMTUrqaFkCVHcboi5ZD6DzE - L49PT51/KK/lOlgKjSDfGgRRj9a9UO+7IXnMG0/5kDzRRBJDBzZH/5rujP8ffz+8 - glxGBiBhsLroHbwn3a4BlDHpnuqCKa/7CmSyfGCNPp0TuMPvCVWf6muXA86wo5fQ - B/qKjvJV15qWJXdKDYyWJAg2B78/dROYbX142R9wPitP8zyj8b3jrzIcoIViAvkl - L3ZnnhqZxzkKcfc2rBsdadBEquz9+oGj6rKARyhFkT92in6zZO19fBZqTH5y/QYl - o0bDAbdQKJf36Eqh8G102z2x/Keo7gK/PWwwOi5YrFlgDVk4oBqAHWRgBiEvjSaO - Z7Ork1eeBUuZLAofzMoNNDaZS0KBfEgE3gczGpcRjjIwTDSIXM8NVtz7aXwZjUTS - XAG89qkxjGjlnJcRrE6izhiNbepWaOYYWb57VB5jL0TciQJHR7nbOGQh0T+tNKcb - fKyxZOL8IdGpoqxsRCuaPE5cEwc17XKuu53CfZo9t6hjh8SwRKWGnk7dkYhy - =vqhH + hQIMAz5uSgHG2iMJARAAg1t+aqAh+rbcjhyNZha1ovJbcM6FoNr55nmdFZQnqwi5 + sCIct2zE/lQzz770bbkplJaEAM2mQnPEGYJ6hQApF4M8x4HKVWaA68qM/dP2ZQQs + oXysCouuUvypfU+EeZhN6Lke8PapFls+iLidcb8fFh+FHAEe3qOKHfwFamjkxz0T + N7/hCInKHFNeOOq9QpH+2dtpo3+wL0ImwSO/hfnhLc8f9eCgXYQZEArT9mhm4eFp + AWkkN34dZJcRa/n0NcZhMWhEDgepXO86h3vuXSfGRzuj3QEChSgm1paVOv5IWtCP + e9H66PcpBC0v8lnf6sk3uwTORH09rAuSDgEFcFHzdfZAL6c2O0oleMTVXDEQ23Ci + 8/X6N/qZjIJNBQogcRSCQijaYgSeUuMStvizzOK6hRKS/DSMK6Zbw2eM5SHXen0h + GVf8XvenfZF0U4MvzTDYzYnDh/1HA7NvfhRcvHo4TjkCyzuekGaE8WC1JtWA3DQD + IQf2q/7p6Qka+duMeirJcM+c71c7so6EDrlbFPI6A15F/vqtD4VyfmwLJm2YZZ4S + DfKKJHIQDzXh0bqiyNtAQyyo1H9UhJehXOod70Nz6EZkYz3F67Xo2fO/5mCrkRJH + tJEbSz43IHaT1AkB80mEy59+WCrT02mpuwsdsoLvhLokiCNFPHUR/YaWqjwJ5Y7S + XAGF4ku196vpnW9Ce+9rYE1UZ/Uh9xHBqPdc3tnufhKIwAE0UyF+fqFY89iwcMrb + WLcN+Pt7KhWIe2lJ3R8jKbzceTLIpxoHUtXGLutu8XM7tWN/obE61a9iWSTK + =s5xj -----END PGP MESSAGE----- fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5 - - created_at: "2024-08-05T20:33:02Z" + - created_at: "2026-02-17T22:22:04Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAw5vwmoEJHQ1ARAArape3cqNbLeWh0YdcG9fBcuzyrTGntyD6ccl9Wwc4aTd - +uNMhCl7758tETPPK4qneAYNSnbnFQcgKj0ATkVMhMuT58g15GMEyXvhUsIukpQ7 - Ca5t+aVh1fmb1pvcWPd4MUUQzt8KKN99+0KfyWzvdsb2jUBKICG3TQvTWXT93+g4 - LjG6TCW+wv06nTquaCEaR4IdEPJRfZEspUXDhi2Wr/AjXIlvfN/yhs2AyTjde5un - kha2iy85o2NikCYoIaqFvFaEDOGjdcT4g/jaErxXn8sSxOQo9aV/r5Ksm/mXyEI2 - cSrbMfBXwrlrHNZ5VCbYZLbNjIbwFdBV04buZldDT4GYmBW/PG71NeKDrXrgnTOn - 3fBkXmhFb3gLppMv2v2TY96lGk3Obbfnry1lsgLLW+SvustNe1en3mXSVciCbuEh - 7bsb4AkJyJXSUFh8jQ1LWxcE9jsI6eIj9eb/tw0QmC0y8Q2fqOV927B8d7Pl2dyU - K0aryOwn+80ce7sBd/9JRL6SOHB2nK8BpmRO2blAmhrGEjX8kif9hFrXHLU2+7sb - QC0ccFjoleqhTgsnOXCHwfm0ggejvZhS3GLjABgXBp2LVVYuWZXVhCQuRLsUV2v3 - Wf4fPWaGWw8tTTaW198H0NWfd/FSogzWQcsgknVWM9YS/zzqcQNYsSObwh2q2V/S - XAFWrPxSexFSi0XiXK7ahhnp7OTIMtw9dy3e0HQ/7F8guhvhwoTcK6bLY2967wyj - IPh1r+J6g090fN2QXm0oHTSJbhl+fy4bOkXVt/ATyPh6b0yRaxMgSGXWeh3C - =hGXq + hQIMAw5vwmoEJHQ1ARAApGc0RVQyE+NzUrw0yVctMi53dHT0fSC48WhVFuX77r97 + oLcw2/gzVhOGXHfuyPgkis16QBcMaHX4BNfrTonk6sXC/WOPBsRCAZ/h2YazK3Nt + fv/Ve8oNC2kDmCOIn4RwmXVS+QXPp9pgZA2b9wuAlU0SLbYq+t0lgCTZZb3lfL8m + DM5Y1xbXrwGNEqjkxEdU1Secd0oUgTWVwZlmjhnH+1e5tZe5sDLkUP28XBQB0b1j + BgV6dEERl0lxgTPYlcC0LHI+gD7gG3rmzMudJJBZzVomQK/VfKWqV7UuaT4x+ejQ + tVbkGZcjOAmb8A4xXQwkRgCBBS8CmiRGhx/BwJlabEMHW1QBOJB9+PYWD78rgiyY + CdjX4xFE80Wpdh8PDZXAe93m/4DlGKntLR5GVtZrk9VHuDL1CAc40tJkCuvl3Nig + bwapAGdGQnRRLMg0mPLI/isc7PmmBs2M+3m38mhdqjttbFpBrvD6wFPmhWmOw0YR + fiI7QOMOcihoX937S6jVTrUGVLFtR9Esl5LadYQp93le3GjZw6uiANepIwkeaX81 + ZanuDJGJXhvtgLfBByxWiuJxKRkZ1jyOVcbq9BEv/FjgFbxPEKq8vevuEAcSoM0K + PyRrav59UciQ6BUGy8jM7caIu9hZhon9BZA3bWFekXAjWWyfL/2SkIkjyo+B0hvS + XAGvaOrp3aF7mF6XyyxxNC7IjVifnlElFzv594o2fPQdRKGfcLIETADMUaMskrD5 + RSEe4ldP8KQOlmKn2yG/fhQw04D+RdhatWIfszGjQwo84g4SIBOzI8Ut8fsd + =W/jm -----END PGP MESSAGE----- fp: 87AB00D45D37C9E9167B5A5A333448678B60E505 - - created_at: "2024-08-05T20:33:02Z" + - created_at: "2026-02-17T22:22:04Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMA4HMJd/cQYrVARAAwAzM+dgsD/WBFbCFIXhDdsLmmWZMeVLD1AlLTmu/GfGg - YvHhW4giEaqEzUsQOuxmyND7eQd3fBKf1GcwFLXE9xrR6YD5yh7s898mnCpBi2Xi - LBPMz7nN/j7mfetPklsTazbbaoSB9hVx8AK7jzS7zvzgEGIm8Yeilx/v8OqbT1xQ - +07soWjVvqM526a24KSdRBTgvXPJvqIPt0IEZzFWtAppectcRBiZJHX4huU5wOuG - SEk0vgwCwrt3cades+dbh59cSqUc65qGhDti0tnygnSKgepOkQsFOqoZ/WvgE+io - 5fNEI4g2/D+gmSelCCcQE0MFe+Uzc1FpsWwZiHnbGfnA55GO0dvoOUAsJQtwCLSq - 1Lw8bpywgfIfU4QMYmZAaYsHDly4VTwluFe1WnExzf/nMxRQQmqIlg2pTmNZ6tJ1 - 1A9Rc6mg83//2fNWRw+JBtOJUCePw5nyJ0jTOQZd7Dl0ZzwlsgH8g/Y/Flg1kFll - CXGcJ1TMjTjzD4+Fl3UE+BqpzBjwQodzHqX3LEJ9uJ2guw0zbWzuMs10aTEoW/1U - pVGexkrcaduykd5TQmMO8yG6rW2KEKJlh68lxZslUAiG0ASTuSpY5A8leS5OZZgF - EQjs903r1epwJgBwnQGhijpTrmqiThvdE0BJ9r1jmxUy75KzWh/SZDmpCwDfsELS - XAEceOrsLsaYRqisM5D1zvNneEoGKv3GoS4cs4iuqHPyy2ZueHWK24HmAmrghRQ7 - uLCmS0SmU5CY5gmVRkrKhY/0wtKWqJ10cK17Z/dQtRz6g3qmFM4JBfMy4BL9 - =vZLC + hF4DerEtaFuTeewSAQdAUr63BpqUMMezyhp+cq1nWfUixaQPB2XZm2ZM6/OfHi4w + 583JukURVqiCDGyMmuMvx1c+7txy3BImR+ZcX54CyLi41pAJYM+t0GCYUX+N1iUh + 0lwBGLwkDC83Go28mRIVf2VJex6MaW9F6scWat/FDn8QLzsL/MpWpTTbOvCM9eF3 + p1MMmqV2s4NkdGaXKhMWoc84CQZgEfvNyzmObPSj558ZIcvdmuu+gxBbm2jJUg== + =pwG7 -----END PGP MESSAGE----- - fp: 91213ABAA73B0B73D3C02B5B4E5F372D17BBE67C - - created_at: "2024-08-05T20:33:02Z" + fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912 + - created_at: "2026-02-17T22:22:04Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAxjNhCKPP69fARAApzEcBIVknhmysQc02ufbjFzKweB4jsCvGoPXSooMzs4x - p4keH/xaVXF1/nn+bzMHJt1/LV1/5LlyHtQNcZ30hUrziOy4LCnyfNgb5WP3VMP3 - XW6ZcBiEIcUHZ1Ikl/cUNCpKazVRD6o6oKmFCwXKgE9a/l5XX/j3vizQ22vwfgfa - oziQPhMadfne8hXAJIB7fOn45ZLFNgLqYWW4Jh4L1DJflziNR8kx3NQJLWDmSqqB - SpuFBkm7DaLCkj/TpvAQs5xSI69kLlDfcaEPI4noAdhJh+jwGVLNmKyekKsYfrDS - 5cQUVD3Hmn4WnpR2jLJAlwcFaEZt0muiLIxZmAxfSzJhld8G4GOcoAllfG9ze+QG - oJ3G6jWtJeoCZR5zbdk+lNcQ+iHD6bzrkN+54menxu2XGHkFKQ1es/g+cU0AI3yZ - XXgnlwNtC75TzZHwSA0kjmqcgr5XVcoLOr5XJWasQOyIXpjcHbfonnMV4NE5A/Jo - IEMLUdjLBWmjW1xeWo1CJ8hELbpfNaQf8YBzEuo5Yqvs7s0fKl8ea18jwtwYP9qc - 2CbD+7GpxuK/06gMTt7LExcqt39PVGmeFAtZHNtNBMnZ6Ek5cbWqhjPOCy2MFVaa - XTH3UxD1YISZC+NZtSYLDWrTwzY3EYCttAxHzg1iFC8STaM/OR6beD0OPcPj+QLS - XAH6NdHQcUSsFJ0KR4dfOrOnuLDzX2xLsgXJvDhRVbpYwSdeG40j5oGiNpam+z8/ - fDboI4SNzB7Mb4j196kSHWK90sKFsxGkoDGZM/QZh4QA2v0yke1sqkUwkK4I - =SLD4 + hQIMAxjNhCKPP69fAQ//UrQNdx+LIIf+GLfmG5wCjpa2CSBPRta1AT6JUFSaImwm + d0qDFyTSf96SqnyPFh2GlHuR/s2OZjF92a6EJidq8FDGJWCwlhJIDOD5B5veCPsF + kGB8CqXod7ZD1z19p1h5WiWdSLxYoseDEsnb2SDeONaZjOklNgpWT3dhTjVD2ca0 + 92pp3xHfMHNOMyTzC9f2cLPdfUr7/2sHk5h84wH+4IOoXyACQmbCDQjrDg0FoxUh + KR3Tc4oxrAEhSkipuFjqZceihLx9tb2peZmBUMzLh/N71hAQ6aNav3EIBEKcyy3k + W7M9BS3yX6pBD1FWDdp0l7YlJTNXPDRF/c9Q5CgR7S7Td6/zL/Mm0k6Va6kvjBN8 + slRTiqsjT/W6h6scnihFEcPTKUdmZKx2f/Hj5EE+cM6WfULeIAawJxoWBOoSi6cq + RdlJzpkCqridarADKMy226Isj9QH1qmspL5HIJQ/lBHO7lRx17MvB2JkojYsHxix + LiEEQUdAkmVmV0APLNV4Uh9fkyi9FfDgtzhKBmF/4Hue2ZUCQcsuTzzy2TyF2YZi + pYLJ8dlsSUFIr1ZmzDzf/x/v87GLJuuHjOGVPiA26ipIeR8w3u0yFjf2EFQd7KXm + 3viDYhGBdVfntgfJL5o5VVGeIv95x0ZXlyi2/6r1NL+KZJhiZ4drE5DfrQ9Z6BrS + XAEhAjt4mAGphYPQnygGYxrcGDW18akLE2BXjqnQZlxyt5I3cqubSciz85mlcvXJ + KLaxFI/A8jl+eDlNqhrNvR5E8vPOBi1253IDHLMzsYtAgZ51A3UPN6BBCmSL + =+sro -----END PGP MESSAGE----- fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55 - - created_at: "2024-08-05T20:33:02Z" + - created_at: "2026-02-17T22:22:04Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMA1Hthzn+T1OoAQ/+LSHRuYFtIKdxABivqoxvbirPS9Vyo+lYNXMRt9eK5oYp - 8ei+fyJgsyxXIIlsW2Dg/ZrM8O4aTxkuX1Eg0BhvuWWGBx71S7IGYX+6eSqrZWb+ - 0zLSwKHmk3avGae/IkpKyEdFnGpHKhnILfpKEXVRWHQo5hjxFzUwzNr5N+wJcq19 - sVuCsu4WSt75Ab5bTjl/AYrfYegkK5zXo2I+njIcSYqleQ6vlQ10LUiPg8QhPXqB - NvC8DVglMHN+dFDrnn5huTsd23nIJn6HRbLkqgPCezT8JUgjvEsO0tOdnM8jwRnI - K79HH53p3fbxSut+/P+u1X0gMTOT7KeLfY8URho5HQnnmymXbRxuWoQea9/Z3qIX - 4tfYkcMQA3+rxXANgsfT1yHEs8NjomUxi0SmSCeqtH333iMJJwEwWgLiIKFAA6t9 - SffF9liWeG88VEeAF5dM+7uQ7XrTsAlcdHdNoQCpprx3Hx331rFt1DOj3Md2moF0 - TUqdNsZ7wCA9zlVPwtjkILMGEdz8ZN62an0R/h2ZM9Y/wuZcl1M6wWI9eyjx2Qva - 7/Xk6LMklmNICifOZZ5Tmw1xSyxOIW8VNp7IiKXZBAjb8NiUveNUos0gjMxNQ3PR - oWv8LY3vfYiKE7AJhzrEim1PX36OcRYpB+0BAou//9PGI59tHp/Fupi2lWx7Qv3S - XAEJRUzfnCPB56PdLkNFbJAj2v11zD8zBIZqpuGh/f3fE7V0klGy/Dx9yHyAhw0t - LeXMrYUYO3zjLc4yh7qdrGPBdWUQg8BzWwIJERdHS90zQwmcTkkaX5en3GII - =MQ9C + hQIMA1Hthzn+T1OoAQ//V5CtyaEMACLYe8t4AWFkPOfKnZ6nLDSzYc+AgDdzk0Nn + 8EK6KOT+m0d65Sbqg1D2U+n1/8dyqFB0cnUmSUZzL5iYfQF/Zry2sqncmX5dO4ne + k8ZSc+s1QL7ed5fq0MykOPhopxwF8UWHRMTggPXm1JZ1+QrNXrGveaZq4IS0hjbj + k2TgvFd1svf/xqlWN31wdIuNVtpMaI01gTW0XX4ECVOc7gJz9xTJtzB6imBb3yHN + cRB60rhtbeIx24wJ9yro9HWEaOLaqXyMWFCrH0J4pXFvtKa3iPxZCJpE3YNUnX48 + pGE6ZUleHhAagsDZMabwqsfLZdmJCc+C8fJEIhC+uBS9vtmALGUeKxnkvWbfPAVP + sj6QbVmiyVnK/X4wNguMK+AdTGElvu5yB2ejypD/kCKI1RbVPXqTYS/gY0Vm+OKL + kYKuz7gC72O72pC577usHYeUkptqjYIKD66+N0OkqymkLmdTFsISqmVodmp4WD1I + r1gDGFt2BkHziG2FbnUbYv187q87yvHf61f+P0NWcPV3XnGvd2eHURPhhrhQtOzl + DaPwoTZ4EY042mIC4PoScxs39eSBSFYeO5lXyh+5Vvtcb0lt6aLmXWNkVbq+JEft + tLt9WnBGcdF/gbMWMG+OnFPnzt9YH9ydOXFoP//TbmubNV6rUCd99aKLcPdg7LrS + XAHR9cSMAaq74ZebTw/gt3oBD4Yewwpnna0X8i9xy6VGJz2ja/hWI+gYdlsvyNT4 + bwbmdFbgJtV9NtMP7c5CxlOBbwjmqpy9/syjgieNfMVI7BMbkVm4Tp9P/X87 + =+JD1 -----END PGP MESSAGE----- fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD - - created_at: "2024-08-05T20:33:02Z" + - created_at: "2026-02-17T22:22:04Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMA46L6MuPqfJqARAApQx98KdexUMI0KY65hv0IRvBRFouPwpTsd4VpzTsbkYF - XDBhxWVXkI9iLS8O6siQygVDDMfIDs5SadVoOicWyOpHR5sjOaW9qHA4w399w8Fe - 5XoPyfUuQvVywfHMhQiznHNPj5+SgcehwUL1i1+qD3h8RZxbgGkvYKinlkkbxzh/ - Tk4lYjcoNvb/10XRWDEy5KxMB2qc2BFEWZk6DrXe9ZUd0IzYh+tA07rUZVu8TRAc - abx6/0lvgIK45frzYJb17yL/9mCbAUVzSlR/+5LZ+qm73Ax4nsGcGA8nfDVGw/di - +BbbpBHdCs7/1XEHfrKzuUXOAd0V1HjeQSS6zzcwsfFLMevYMyTLmiTwo6SEoWSk - nN599ZqPutG94MVtvaKqDY47ABSOr0BZIUn4jdus34GTgDjX3TVTx8KPzemIbUv7 - BQcd654NKQN0poyZegrksnJVfs6OeSULLylufj6vyFNlKbjNR+D1sHhiyKcmyrQf - T0jDnPgZIzeVbNSdrDywrme+CykRSoFs60GgGYt6p/Omuh7Vp6we05jzY8lUJL76 - VsGqqyCn3JLZb6iWFe+P7JT1VXsl8xsrmn5BKoSMeXqaXctYKuJ2E20gc90a8UXm - jhnHYeG2QHW1LBgv1yeqCpUIfHxNRr+gJ3cHQLNUuchC3vubf3sBXhHzYXyzyXrS - XAFwRah/o35ETWbRhFsw+SzJGTgsyUqKAtWGmfTRPsbVvbam63IEsbTSLOdMahmY - 6uSgIbsZTobna90eVPFM8w3JIx7+Mq0YtdaLgRqpHJtPC7oVgN+RnKbgEEqQ - =uyf4 + hQIMA46L6MuPqfJqAQ//Y35T5AgDswhpSVOMPoAToapHzH9rZan5nzqDhfJrVe/A + xxCHoJY1YTRKjG9cAtmYm22oJqWZqmoXUS43KW0jzwNcfKBE06u+3VjVgnkkn+Q9 + ceDUycbqbYsiwBdiYC/2mKjgg4xvbz55ZmOLvjLljlcNXQOHb9XO0ggqX2t50GEh + 4RaieL7d8/MwgC9RLz2i+K6Bqf+W4kjGtBiQF7D4cI+mZbguCZ5AptMKXCFBHQrV + Lu+WKzPTVFmpRnnK0nIrlHa9WV7h5gYnu+qK4O7Jgs8HYiNOtLQJMhuUnos+psDG + y9GzHU7VoGAqYth9Nn8IQE2bdQOde+bTTaPxvLA3coCqTNjw12FyPQ7cppWwn+iK + NuTxdDPj2GIRd32nBONbpFpjdFv0FINOXKJB2HnbjiHz1vBT2sL530TuTuDl4G6n + 3vz0rRb1lOZHiSPNsinz/hkSEQMfwV6AhC/AW/Y6Zsoh89WJMCBSlyc6VmHBHq+y + r0ZWfbGjBciPXbDA2SXgrGN01txTkps4NP6rxaLIgJZpPtmYNhe1JCMvMJcLvVNe + wtChGFj2Hyn6eDkh/JKkvw0RZ9ktWUY448+DYuOpO+KtkO9kQZw0853opVivcmHT + CF/GWzcoSP18HIaCvYmdNyvsQDPgs5g9m5nXp+3AK6oUwmPAbUp4lR81CpxWFh/S + XAErwhIXCJFhsS2C47V4kjy/5wGi6LrcquNGTtYxbVIRzZv+LyCSXNeRHbxlbniD + fUD0Rjr6EDxEe9Apsz01Ko92GRxs3ihRtUBwyNHqJxX6nqX2icpDsEsY8U5o + =t63I -----END PGP MESSAGE----- fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A - - created_at: "2024-08-05T20:33:02Z" + - created_at: "2026-02-17T22:22:04Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMA4EEKdYEzV0pAQ//QZwerhHFVjR/LahlgmnO/HyiR+wbvNzHEya/rVwuu+st - V8hNgBFp9N1Y9uh/GFIzZd5ETz7yq0FawRptlt5k0CqVYfsDBIB3ewxukJeyjdj2 - 8E84l9SSdmV5uqWK+MV+uY57C8BBcgWtUpjOTNrGkAqtEd5YrSZwcgtKGVLI2Dd/ - i2I1RYdYP/VTusBtpqPk+IrpJf8jEYcEhl+S0wnG+kh/rhyCCrtda49SgRbuJE2d - V9JJlASkC6H6DRn6dVcO2BUZss3ZQB+OF9vfo7tnnuU8Mw1C2JWPy9oPiNat5UGE - zVJZf//m0xBfQVFWFDs95lvqzsBcAAg02tTsclPTtgz9buW5Pph3/OUiq4o/ZWOz - TMSXGD+Fi/mbP7jJZndtiadMtfOQC1dGC86A5H01aQliWruIMb0Wp55+Zr2Rw39p - FlhFSfCzyQHgA+uMa45XFaHCaS9pllWoT3QO3csP5ZyeUM8pLvnxwnLB2BTgg+yF - aV3BP0nzbHAUuaDeb/WtRINKRcKHCqrPPAEvb6X0OU51NvzmaWJphpdrvi3/4sEO - 5+zDlqSZetaBa9WB1iCeD/u8wNNunCXageLxBucesv1uH5PvF51A/aJvXf1jRCym - NjSUQw2aSX35nWc9MIcUnO5mB8H4N5BF2FBx8Nq2XnrVgVPqqe1Sc2Ph4tE54QzS - XAG1bzAX3lHh77xsUuy/Nk3VE3kzJhaxpyz0rPIn6NQ9lVcy4hiyecKL3Jk3Ffcn - kxeKnjym5E4e3f8cMxWQlc+xtwga5QAD2dU2X9fPj6UxGEbh+gDqLv8wtzMr - =7R+0 - -----END PGP MESSAGE----- - fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA - - created_at: "2024-08-05T20:33:02Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DQrf1tCqiJxoSAQdA4XhPBK5WnPVo84ZrCUe92HZSEKtH88GLktniZCmAczcw - cO5WYiy9D4z/aieGuMTBGg5xRk7eAMZVTbMDV+KXKLVlDwoxKybKSbT+fvhNGJ13 - 0lwBd0RFKYGq4YO+/nUxHZo3hG6qmv3/K06fta/D4p/C5wYefNZVcAj5VqatP3Zi - I/ktqdDszkc98/bf4fHoQmSxP25Wp65jJBEYeMZgX75M/wguGeIBfEgZB5bgww== - =0G+m + hF4DQrf1tCqiJxoSAQdAU9KcQp4hcBjhmB52+zjDjkNyrzF+vj4B+yWYAwj6dnIw + xp2nTCQJHck8AJgvQbnm79kMvDjWmZ+BKga5Djudq9y0h8pedsWA7F3SC/Pd2bsA + 0lwBmJgvzUo9+lkCVVByyfPOPYgvd3SYFFTvLrYLiuHsoYLsLBKMtURqeDwSGCRJ + eqbE5Ebio0ag+tKKKLtfnvfTZKuyB7kDOu0hdbhQ6+bNHL+Q76c++z1zZl5MTA== + =5Gin -----END PGP MESSAGE----- fp: B71138A6A8964A3C3B8899857B4F70C356765BAB - - created_at: "2024-08-05T20:33:02Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAzdAjw8ldn6CAQ//Vu9YJvMsevJAd4RJwJ5HMdB3xy3dbDG98qZb8Zoj0+qX - KT/VsR9YoOLeszmzI6BtB2PQhLeavMR2/SFJTGunxaSCvHcd/q7dnC+WAmUVun8l - MVRkIRh1I+tX1KQBqFt1IzsUm5kwJD4iThn4OWyDlS3WCDFlOLUC1iZVtdqxptzy - p4mzM4NmR/Z8r8aA+dYdTlzDHyUhVnvYCDaRTIyr2qzd6kUHmo9PMRvqUNQkNA3k - YOwLt8VR0nZIAx7YOGwSp4E32tk09o7Z+dUIYqXO71c5TxXsOoeEbVn7gj+7KQVs - yDNMF7he54zjModPJkSa4MjwTC2NKzLClux0aE9dW5Zv2eSiTEIlaAwhJjH0wt8O - oMJ5A8Y39GmNoAkadQ5NLP6WwTaUFYLacT56/AdAvsodQf7zlF399wXZlQufAgLv - 3WAvL+LQKpg8TwH74pJe4te4BjnqWvYx+jkRYbRxSXD2iwqrWXk57XysizgjAAre - FJe42BeL2uyP/cMTcNFcd+W2DztUkNR54FHSYY8mqev81BYX92ExsfEugsBzUaDF - 3QBnZIZZInCQKnXIIaj5+rV8XXbMKnyTNBQCxfUk92OOrUhikvYhwfPev2ejUzQm - k8RgIG9ZBWDENGX9ojmTH+ec2gWmLvKGyhrKjWvNMzzblHfuxjdSizoQ1FflYEPS - XAE9Cu/L0lwQEU8vRRPPF9kRHLoJygxdOYoD4+SggCkPJxtyiCTNWJeOBwbSnGyh - B8GnNJwNn7H8vh40se/uo2311O8NcuvdLLiBw9DxCTCcPHqS4e5hF98oiSnI - =ZgbM - -----END PGP MESSAGE----- - fp: 3D70F61E07F64EC4E4EF417BEFCD9D20F58784EF unencrypted_suffix: _unencrypted version: 3.9.0 From be8581c2d0c806900316380db72ed14df418b0fc Mon Sep 17 00:00:00 2001 From: lilly Date: Tue, 17 Feb 2026 22:56:53 +0100 Subject: [PATCH 21/33] configure diday website dpeloyment --- .../forgejo-actions-runner.nix | 29 ++++++++ .../forgejo-actions-runner/networking.nix | 11 ++- .../hosts/forgejo-actions-runner/secrets.yaml | 7 +- .../virtualHosts/default.nix | 2 + .../virtualHosts/did.hamburg.ccc.de.nix | 68 +++++++++++++++++++ .../staging.did.hamburg.ccc.de.nix | 59 ++++++++++++++++ 6 files changed, 170 insertions(+), 6 deletions(-) create mode 100644 config/hosts/public-web-static/virtualHosts/did.hamburg.ccc.de.nix create mode 100644 config/hosts/public-web-static/virtualHosts/staging.did.hamburg.ccc.de.nix diff --git a/config/hosts/forgejo-actions-runner/forgejo-actions-runner.nix b/config/hosts/forgejo-actions-runner/forgejo-actions-runner.nix index 376fde6..d5a93c1 100644 --- a/config/hosts/forgejo-actions-runner/forgejo-actions-runner.nix +++ b/config/hosts/forgejo-actions-runner/forgejo-actions-runner.nix @@ -15,6 +15,29 @@ tokenFile = "/run/secrets/forgejo_actions_runner_registration_token"; labels = [ "docker:docker://node:current-bookworm" ]; settings = { + cache = { + proxy_port = 45540; + }; + runner = { + capacity = 4; + }; + }; + }; + + instances.ccchh-codeberg-org-diday = { + enable = true; + name = "ccchh runner for codeberg.org/di-day"; + url = "https://codeberg.org/"; + tokenFile = "/run/secrets/codeberg_org_diday_runner_registration_token"; + labels = [ + "docker:docker://node:current-bookworm" + "debian-latest:docker://node:current-bookworm" + "alpine-latest:docker://node:current-alpine" + ]; + settings = { + cache = { + proxy_port = 45541; + }; runner = { capacity = 4; }; @@ -28,4 +51,10 @@ group = "root"; restartUnits = [ "gitea-runner-ccchh\\x2dforgejo\\x2dglobal\\x2ddocker.service" ]; }; + sops.secrets."codeberg_org_diday_runner_registration_token" = { + mode = "0440"; + owner = "root"; + group = "root"; + restartUnits = [ "gitea-runner-ccchh\\x2dcodeberg\\x2dorg\\x2ddiday.service" ]; + }; } diff --git a/config/hosts/forgejo-actions-runner/networking.nix b/config/hosts/forgejo-actions-runner/networking.nix index 8990224..71aa47a 100644 --- a/config/hosts/forgejo-actions-runner/networking.nix +++ b/config/hosts/forgejo-actions-runner/networking.nix @@ -1,6 +1,8 @@ -{ ... }: - -{ +{ lib, config, ... }: +let + runnerInstances = lib.attrValues config.services.gitea-actions-runner.instances; + runnerCachePorts = lib.map (i: i.settings.cache.proxy_port) runnerInstances; +in { networking = { interfaces.net0 = { ipv4.addresses = [ @@ -19,4 +21,7 @@ matchConfig.MACAddress = "1E:E0:4E:D0:DA:BE"; linkConfig.Name = "net0"; }; + + # open ports for runner cache proxy so that we can use the cache action + networking.firewall.allowedTCPPorts = runnerCachePorts; } diff --git a/config/hosts/forgejo-actions-runner/secrets.yaml b/config/hosts/forgejo-actions-runner/secrets.yaml index 5debd4d..79df4d5 100644 --- a/config/hosts/forgejo-actions-runner/secrets.yaml +++ b/config/hosts/forgejo-actions-runner/secrets.yaml @@ -1,4 +1,5 @@ forgejo_actions_runner_registration_token: ENC[AES256_GCM,data:gAR2ffrffeuuaOwO6mWcif2e6csKIVoLqrux19iBlrTkFHgo/IlHVL0eSUGqnw==,iv:i12yx/quwT9kj6fPECszo/iG9cVhKX+7dAA6/N09URc=,tag:eO+mWhumgvWzQxYqiRUXbA==,type:str] +codeberg_org_diday_runner_registration_token: ENC[AES256_GCM,data:thTsLo/eXVPbXt4b8ldae+kGnOR4GbYKOqr1hVJgaL7wZ5GgqWSPcOuhow96Jw==,iv:Fzi+DsKj+4PrwQGEosUntm9l7s78NwzhkmF6e/sfF+s=,tag:oa7mnbGR0J5xi9ruCgRJtQ==,type:str] sops: age: - recipient: age19h7xtfmt3py3ydgl8d8fgh8uakxqxjr74flrxev3pgmvvx94kvtq5d932d @@ -19,8 +20,8 @@ sops: TklLZWM0cDBKaGJJM2tQQWRLZXhFYU0Ko7cyvzMvwlGCCP3UAX1+5uTI4srhZ5l9 DPaHySiC+rLy+8R9UqEuTKbP4/Aw4NZ/UcfjNnVkqqqNJIODmLoOhg== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-05-26T00:29:52Z" - mac: ENC[AES256_GCM,data:c0261ungapxYViyviTpNsSJZs6OMQ8fyHNqBpvTBp9jEEbbvJBSbqJtwJvVDg8Kv3xrZjC0jZSQOWkvYJlb2PFuW2/GXy5YpLCo7k3ZhXhUbotsDFPe30bvfVxZWhMpaS2rEXlxCqHeVmqoslL34jpLuFx04FmoBh91yjDMoiTw=,iv:njo4Bu4FzAbU6t7CSbqw7hcJ960oqsIKuV/qUGF8c1I=,tag:dzFxW8vyZsDFkd/ARkt5jw==,type:str] + lastmodified: "2026-02-18T09:51:37Z" + mac: ENC[AES256_GCM,data:4fWsE3U6WxRqlKHKC4ipE+RQ7MPjiZZcTFMSblxty7JjJHAdKUHbthFB+R8gIWxZEjX5WG+IPgUP+AcCLSI9fdcXMqIFMuDun2hiktwqxzLPGYAoCXdTBAd1uCUagvB/rFty6y8umD4J5ITgEGba9pvGdUcng9WVRV+LGDftS1g=,iv:tD9tlcylQWapNCARxPXrKofZXf2BHTt2c4PQqFNj6X8=,tag:pQ8lOqJEFCcCcJot3BYTmQ==,type:str] pgp: - created_at: "2026-02-17T22:21:57Z" enc: |- @@ -145,4 +146,4 @@ sops: -----END PGP MESSAGE----- fp: B71138A6A8964A3C3B8899857B4F70C356765BAB unencrypted_suffix: _unencrypted - version: 3.8.1 + version: 3.11.0 diff --git a/config/hosts/public-web-static/virtualHosts/default.nix b/config/hosts/public-web-static/virtualHosts/default.nix index 3532c25..35da7f5 100644 --- a/config/hosts/public-web-static/virtualHosts/default.nix +++ b/config/hosts/public-web-static/virtualHosts/default.nix @@ -18,6 +18,8 @@ ./staging.hackertours.hamburg.ccc.de.nix ./staging.hamburg.ccc.de.nix ./www.hamburg.ccc.de.nix + ./staging.did.hamburg.ccc.de.nix + ./did.hamburg.ccc.de.nix ./historic-easterhegg ]; } diff --git a/config/hosts/public-web-static/virtualHosts/did.hamburg.ccc.de.nix b/config/hosts/public-web-static/virtualHosts/did.hamburg.ccc.de.nix new file mode 100644 index 0000000..923053e --- /dev/null +++ b/config/hosts/public-web-static/virtualHosts/did.hamburg.ccc.de.nix @@ -0,0 +1,68 @@ +{ ... }: + +let + domain = "did.hamburg.ccc.de"; + dataDir = "/var/www/${domain}"; + deployUser = "diday-website-deploy"; +in +{ + # security.acme.certs."${domain}".extraDomainNames = []; + + services.nginx.virtualHosts = { + "acme-${domain}" = { + enableACME = true; + serverName = "${domain}"; + + listen = [ + { + addr = "0.0.0.0"; + port = 31820; + } + ]; + }; + + "${domain}" = { + forceSSL = true; + useACMEHost = "${domain}"; + + listen = [ + { + addr = "0.0.0.0"; + port = 8443; + ssl = true; + proxyProtocol = true; + } + ]; + + root = "${dataDir}"; + + extraConfig = '' + # Make use of the ngx_http_realip_module to set the $remote_addr and + # $remote_port to the client address and client port, when using proxy + # protocol. + # First set our proxy protocol proxy as trusted. + set_real_ip_from 172.31.17.140; + # Then tell the realip_module to get the addreses from the proxy protocol + # header. + real_ip_header proxy_protocol; + + error_page 404 /404.html; + + port_in_redirect off; + ''; + }; + }; + + systemd.tmpfiles.rules = [ + "d ${dataDir} 0755 ${deployUser} ${deployUser}" + ]; + + users.users."${deployUser}" = { + isNormalUser = true; + group = "${deployUser}"; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBitESG5AvHnHLPo+kdsV5l+wzSTqCltkk0IFAWGqBcl codeberg-actions-runner" + ]; + }; + users.groups."${deployUser}" = { }; +} diff --git a/config/hosts/public-web-static/virtualHosts/staging.did.hamburg.ccc.de.nix b/config/hosts/public-web-static/virtualHosts/staging.did.hamburg.ccc.de.nix new file mode 100644 index 0000000..ad2b246 --- /dev/null +++ b/config/hosts/public-web-static/virtualHosts/staging.did.hamburg.ccc.de.nix @@ -0,0 +1,59 @@ +{ ... }: + +let + domain = "staging.did.hamburg.ccc.de"; + dataDir = "/var/www/${domain}"; + deployUser = "diday-website-deploy"; +in +{ + # security.acme.certs."${domain}".extraDomainNames = []; + + services.nginx.virtualHosts = { + "acme-${domain}" = { + enableACME = true; + serverName = "${domain}"; + + listen = [ + { + addr = "0.0.0.0"; + port = 31820; + } + ]; + }; + + "${domain}" = { + forceSSL = true; + useACMEHost = "${domain}"; + + listen = [ + { + addr = "0.0.0.0"; + port = 8443; + ssl = true; + proxyProtocol = true; + } + ]; + + root = "${dataDir}"; + + extraConfig = '' + # Make use of the ngx_http_realip_module to set the $remote_addr and + # $remote_port to the client address and client port, when using proxy + # protocol. + # First set our proxy protocol proxy as trusted. + set_real_ip_from 172.31.17.140; + # Then tell the realip_module to get the addreses from the proxy protocol + # header. + real_ip_header proxy_protocol; + + error_page 404 /404.html; + + port_in_redirect off; + ''; + }; + }; + + systemd.tmpfiles.rules = [ + "d ${dataDir} 0755 ${deployUser} ${deployUser}" + ]; +} From 9e5bad593e07542c55114d52935d2089464fcf1a Mon Sep 17 00:00:00 2001 From: lilly Date: Wed, 18 Feb 2026 12:12:18 +0100 Subject: [PATCH 22/33] remove public-reverse-proxy (it is now on ansible-infra) --- .../public-reverse-proxy/configuration.nix | 10 ---- config/hosts/public-reverse-proxy/default.nix | 8 --- config/hosts/public-reverse-proxy/nginx.nix | 51 ------------------- flake.nix | 9 ---- 4 files changed, 78 deletions(-) delete mode 100644 config/hosts/public-reverse-proxy/configuration.nix delete mode 100644 config/hosts/public-reverse-proxy/default.nix delete mode 100644 config/hosts/public-reverse-proxy/nginx.nix diff --git a/config/hosts/public-reverse-proxy/configuration.nix b/config/hosts/public-reverse-proxy/configuration.nix deleted file mode 100644 index a80f516..0000000 --- a/config/hosts/public-reverse-proxy/configuration.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ config, pkgs, ... }: - -{ - networking = { - hostName = "public-reverse-proxy"; - domain = "z9.ccchh.net"; - }; - - system.stateVersion = "23.05"; -} diff --git a/config/hosts/public-reverse-proxy/default.nix b/config/hosts/public-reverse-proxy/default.nix deleted file mode 100644 index 20dd895..0000000 --- a/config/hosts/public-reverse-proxy/default.nix +++ /dev/null @@ -1,8 +0,0 @@ -{ config, pkgs, ... }: - -{ - imports = [ - ./configuration.nix - ./nginx.nix - ]; -} diff --git a/config/hosts/public-reverse-proxy/nginx.nix b/config/hosts/public-reverse-proxy/nginx.nix deleted file mode 100644 index 68c30c2..0000000 --- a/config/hosts/public-reverse-proxy/nginx.nix +++ /dev/null @@ -1,51 +0,0 @@ -# Sources for this configuration: -# - https://nixos.wiki/wiki/Nginx -# - https://nixos.org/manual/nixos/stable/#sec-firewall -# - https://git.grzb.de/yuri/nix-infra/-/tree/3896d34f4f7f3b5dd5cbd270a14b56b102ef3a2a/hosts/web-public-2 - -{ config, pkgs, ... }: - -{ - services.nginx.appendHttpConfig = '' - map $host $upstream_acme_challenge_host { - club-assistant.ccchh.net 10.31.208.10; - netbox.ccchh.net 10.31.208.29:31820; - light.ccchh.net 10.31.208.23; - light-werkstatt.ccchh.net 10.31.208.23; - thinkcccore0.ccchh.net 10.31.242.3; - thinkcccore1.ccchh.net 10.31.242.4; - thinkcccore2.ccchh.net 10.31.242.5; - thinkcccore3.ccchh.net 10.31.242.6; - zigbee2mqtt.ccchh.net 10.31.208.25:31820; - esphome.ccchh.net 10.31.208.24:31820; - proxmox-backup-server.ccchh.net 10.31.208.28; - default ""; - } - ''; - - services.nginx = { - enable = true; - - virtualHosts."well-known_acme-challenge" = { - default = true; - - listen = [{ - addr = "0.0.0.0"; - port = 80; - }]; - - locations."/.well-known/acme-challenge/" = { - proxyPass = "http://$upstream_acme_challenge_host"; - }; - - # Better safe than sorry. - # Don't do a permanent redirect to avoid acme challenge pain. - locations."/" = { - return = "307 https://$host$request_uri"; - }; - }; - }; - - networking.firewall.allowedTCPPorts = [ 80 443 ]; - networking.firewall.allowedUDPPorts = [ 443 ]; -} diff --git a/flake.nix b/flake.nix index ecc9db5..fe0cbdc 100644 --- a/flake.nix +++ b/flake.nix @@ -94,15 +94,6 @@ ]; }; - public-reverse-proxy = nixpkgs.lib.nixosSystem { - inherit system specialArgs; - modules = [ - self.nixosModules.common - self.nixosModules.proxmox-vm - ./config/hosts/public-reverse-proxy - ]; - }; - matrix = nixpkgs.lib.nixosSystem { inherit system specialArgs; modules = [ From a8229bfd0dff789ead94036c49f3338683e74f2e Mon Sep 17 00:00:00 2001 From: lilly Date: Wed, 18 Feb 2026 14:11:30 +0100 Subject: [PATCH 23/33] configure specific diday website requirements --- config/hosts/public-web-static/nginx.nix | 5 ++ .../virtualHosts/did.hamburg.ccc.de.nix | 55 +++++++++++++++++++ 2 files changed, 60 insertions(+) diff --git a/config/hosts/public-web-static/nginx.nix b/config/hosts/public-web-static/nginx.nix index b69e60b..7568ce4 100644 --- a/config/hosts/public-web-static/nginx.nix +++ b/config/hosts/public-web-static/nginx.nix @@ -5,6 +5,11 @@ enable = true; appendHttpConfig = '' access_log off; + + # load the DI-Day redirect map from the webroot + map $request_uri $did_redirect_target { + include /var/www/did.hamburg.ccc.de/nginx-redirects.conf; + } ''; }; diff --git a/config/hosts/public-web-static/virtualHosts/did.hamburg.ccc.de.nix b/config/hosts/public-web-static/virtualHosts/did.hamburg.ccc.de.nix index 923053e..6a89a22 100644 --- a/config/hosts/public-web-static/virtualHosts/did.hamburg.ccc.de.nix +++ b/config/hosts/public-web-static/virtualHosts/did.hamburg.ccc.de.nix @@ -49,6 +49,61 @@ in error_page 404 /404.html; port_in_redirect off; + + index index.html; + + add_header Referrer-Policy "strict-origin-when-cross-origin" always; + + # return a redirect based on the map loaded from the webroot + if ($did_redirect_target ~ ^301:(.*)$) { + return 301 $1; + } + if ($did_redirect_target ~ ^302:(.*)$) { + return 302 $1; + } + + # deny access to the redirects config file + location = /nginx-redirects.conf { + deny all; + return 404; + } + + # dynamically redirect the user to the language they prefer + location = / { + set $lang "de"; + if ($http_accept_language ~* "^en") { + set $lang "en"; + } + return 302 /$lang/; + } + + # configure decap-cms content-type and caching rules + location = /admin/cms.js { + expires -1; + add_header Cache-Control "no-store"; + } + location = /admin/config.yml { + expires -1; + add_header Cache-Control "no-store"; + types { } + default_type text/yaml; + } + + # configure asset caching + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff2?)$ { + expires 1y; + add_header Cache-Control "public, immutable"; + } + + # we are using the Astro Image Pipeline, therefore DecapCMS can't access image previews + location /admin/src/ { + log_not_found off; + return 404; + } + + location / { + try_files $uri $uri/ =404; + } ''; }; }; From 99efc60fcee02906038457106446cfcdae8e8bd3 Mon Sep 17 00:00:00 2001 From: lilly Date: Thu, 26 Feb 2026 18:01:34 +0100 Subject: [PATCH 24/33] configure diday.org on public-static-web --- .../virtualHosts/default.nix | 2 +- .../{did.hamburg.ccc.de.nix => diday.org.nix} | 24 +++++++++++++++++-- 2 files changed, 23 insertions(+), 3 deletions(-) rename config/hosts/public-web-static/virtualHosts/{did.hamburg.ccc.de.nix => diday.org.nix} (87%) diff --git a/config/hosts/public-web-static/virtualHosts/default.nix b/config/hosts/public-web-static/virtualHosts/default.nix index 35da7f5..1ac82c3 100644 --- a/config/hosts/public-web-static/virtualHosts/default.nix +++ b/config/hosts/public-web-static/virtualHosts/default.nix @@ -19,7 +19,7 @@ ./staging.hamburg.ccc.de.nix ./www.hamburg.ccc.de.nix ./staging.did.hamburg.ccc.de.nix - ./did.hamburg.ccc.de.nix + ./diday.org.nix ./historic-easterhegg ]; } diff --git a/config/hosts/public-web-static/virtualHosts/did.hamburg.ccc.de.nix b/config/hosts/public-web-static/virtualHosts/diday.org.nix similarity index 87% rename from config/hosts/public-web-static/virtualHosts/did.hamburg.ccc.de.nix rename to config/hosts/public-web-static/virtualHosts/diday.org.nix index 6a89a22..9c908ac 100644 --- a/config/hosts/public-web-static/virtualHosts/did.hamburg.ccc.de.nix +++ b/config/hosts/public-web-static/virtualHosts/diday.org.nix @@ -1,12 +1,14 @@ { ... }: let - domain = "did.hamburg.ccc.de"; + domain = "diday.org"; dataDir = "/var/www/${domain}"; deployUser = "diday-website-deploy"; in { - # security.acme.certs."${domain}".extraDomainNames = []; + security.acme.certs."${domain}".extraDomainNames = [ + "did.hamburg.ccc.de" + ]; services.nginx.virtualHosts = { "acme-${domain}" = { @@ -21,6 +23,24 @@ in ]; }; + "did.hamburg.ccc.de" = { + forceSSL = true; + useACMEHost = "${domain}"; + + listen = [ + { + addr = "0.0.0.0"; + port = 8443; + ssl = true; + proxyProtocol = true; + } + ]; + + extraConfig = '' + return 301 https://diday.org; + ''; + }; + "${domain}" = { forceSSL = true; useACMEHost = "${domain}"; From bbfe9eba6f0d15ab75b7ee673043117e7620946b Mon Sep 17 00:00:00 2001 From: lilly Date: Fri, 27 Feb 2026 21:04:40 +0100 Subject: [PATCH 25/33] deploy diday.org site --- config/hosts/public-web-static/nginx.nix | 2 +- config/hosts/public-web-static/secrets.yaml | 8 +++-- .../virtualHosts/default.nix | 2 +- .../virtualHosts/diday.org.nix | 8 +++++ ...mburg.ccc.de.nix => staging.diday.org.nix} | 32 +++++++++---------- 5 files changed, 30 insertions(+), 22 deletions(-) rename config/hosts/public-web-static/virtualHosts/{staging.did.hamburg.ccc.de.nix => staging.diday.org.nix} (69%) diff --git a/config/hosts/public-web-static/nginx.nix b/config/hosts/public-web-static/nginx.nix index 7568ce4..2e94ebf 100644 --- a/config/hosts/public-web-static/nginx.nix +++ b/config/hosts/public-web-static/nginx.nix @@ -8,7 +8,7 @@ # load the DI-Day redirect map from the webroot map $request_uri $did_redirect_target { - include /var/www/did.hamburg.ccc.de/nginx-redirects.conf; + include /var/www/diday.org/nginx-redirects.conf; } ''; }; diff --git a/config/hosts/public-web-static/secrets.yaml b/config/hosts/public-web-static/secrets.yaml index 4840158..e8080d8 100644 --- a/config/hosts/public-web-static/secrets.yaml +++ b/config/hosts/public-web-static/secrets.yaml @@ -1,4 +1,6 @@ spaceapid_config_ccchh_credentials: ENC[AES256_GCM,data:5IClrKKMO/AztQuGabrnoRFItYNeEmVWGeafomVO94pL1RKzL1sCxBxnmzvJFPb/8Y+6FXMh+Mim4DP8B2RaJMLpmqCv+76N/5+527SZ6gn9i2Klg6q0kD9RzJv40qHq/NYLCa24tpcZDt7eB0EOgqLsKUmtX2LrQjjnN3NzjAevJGKQ5ypnb7xygjft2KrpvlR1hMnZ0XpSLDTNR1AmImxE24JtDaJKzwXbptr2IZvm1UFkNslxdqHPjN+N8+MSSLhqHy/FdcY2ADvsTX1jtjnjkb+9E30QOeCiFPKSmWtSGiQ9sPcQna1yr717Vk0EiNSAWDQ2fMZyJUgBXG6w3wiZbxfJmxvshLPs5KguF9NHER+Seps1QiE0p16c0IS/0Y24UYrK2GyUIcSReGufjxUFGTJHFSsNANac34H/RTs7BkoZ,iv:8WzTRaXVeH5GKmigMVTLVBnhy6nXZnTZHLAYHcqDs2s=,tag:jTdgz0gmruMWWDBQ3h70vw==,type:str] +staging.diday.org: + lego.env: ENC[AES256_GCM,data:PCah9T6gKMADx47bhT5fTcylnKjC8ZDjZl4E4FJRa1zUmihLe8hj65w=,iv:IrIgBPHvaQx2bjrUapzmcsMoQ+Md4edsJQmL+ykJddE=,tag:SV8igeQ2/o7V3oJUdYMc2Q==,type:str] sops: age: - recipient: age19h7xtfmt3py3ydgl8d8fgh8uakxqxjr74flrxev3pgmvvx94kvtq5d932d @@ -19,8 +21,8 @@ sops: ZE9rN3R4aHRXR0dBc2oxcEYrL1lxZncKuVocF84+ge1gyzfNjIxhwNgd8+kJIpxh yREbS2mrQ2zvSMtw9OoA0KJSpoHZfIiCwn2uYkQDPiGB/721JmA12Q== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-05-26T01:21:16Z" - mac: ENC[AES256_GCM,data:ENLJIlcUXLEt+vXp/F2YATUZrc9ZjaE4AWwvG280etdsufEw/vGAWBhG2KT+CkcZLaJ4ctVvNlJEqU/pRzae+m/43SV3GNAG+jjT2VmNm0NyNYN27bpsj4tq11D27LPn7CkfBUB0gnmGJXVKalxhFkHBf+eq3ted8dPIv9YNRt8=,iv:Yfz7scjN3qDY9lV1SYOqrejiEwf4dVSPJhiFRJyFPio=,tag:SOw4Nhx6wwYIisRJl0SSRA==,type:str] + lastmodified: "2026-02-27T19:45:05Z" + mac: ENC[AES256_GCM,data:7tjKwRlcOHEg+CU5BP20gzjLK2YFTDtoHmQlsQsiy4JjRNIeVDWtzTnwsMwQ9KuDaGaJqL8Tgmu7nUZyDPS44G58by19oLIRRFj1emaNUigJQGCqNM5zKA9wF7OZKpnK0y3adu7ydNrtoBvw//9vWPZ0WMUwJXHNsyKMOHs36Yo=,iv:kIaDPhrbDMogNAgOVYvyDeAgc/FmzwHANoB+O9WGuV0=,tag:J3jejVDNGLquiiBkNiHbtQ==,type:str] pgp: - created_at: "2026-02-17T22:22:02Z" enc: |- @@ -145,4 +147,4 @@ sops: -----END PGP MESSAGE----- fp: B71138A6A8964A3C3B8899857B4F70C356765BAB unencrypted_suffix: _unencrypted - version: 3.8.1 + version: 3.11.0 diff --git a/config/hosts/public-web-static/virtualHosts/default.nix b/config/hosts/public-web-static/virtualHosts/default.nix index 1ac82c3..11e9ea1 100644 --- a/config/hosts/public-web-static/virtualHosts/default.nix +++ b/config/hosts/public-web-static/virtualHosts/default.nix @@ -18,8 +18,8 @@ ./staging.hackertours.hamburg.ccc.de.nix ./staging.hamburg.ccc.de.nix ./www.hamburg.ccc.de.nix - ./staging.did.hamburg.ccc.de.nix ./diday.org.nix + ./staging.diday.org.nix ./historic-easterhegg ]; } diff --git a/config/hosts/public-web-static/virtualHosts/diday.org.nix b/config/hosts/public-web-static/virtualHosts/diday.org.nix index 9c908ac..547c797 100644 --- a/config/hosts/public-web-static/virtualHosts/diday.org.nix +++ b/config/hosts/public-web-static/virtualHosts/diday.org.nix @@ -36,6 +36,10 @@ in } ]; + basicAuth = { + "preview" = "liebe"; + }; + extraConfig = '' return 301 https://diday.org; ''; @@ -54,6 +58,10 @@ in } ]; + basicAuth = { + "preview" = "liebe"; + }; + root = "${dataDir}"; extraConfig = '' diff --git a/config/hosts/public-web-static/virtualHosts/staging.did.hamburg.ccc.de.nix b/config/hosts/public-web-static/virtualHosts/staging.diday.org.nix similarity index 69% rename from config/hosts/public-web-static/virtualHosts/staging.did.hamburg.ccc.de.nix rename to config/hosts/public-web-static/virtualHosts/staging.diday.org.nix index ad2b246..35a301d 100644 --- a/config/hosts/public-web-static/virtualHosts/staging.did.hamburg.ccc.de.nix +++ b/config/hosts/public-web-static/virtualHosts/staging.diday.org.nix @@ -1,29 +1,23 @@ -{ ... }: +{ config, ... }: let - domain = "staging.did.hamburg.ccc.de"; + domain = "staging.diday.org"; dataDir = "/var/www/${domain}"; deployUser = "diday-website-deploy"; in { - # security.acme.certs."${domain}".extraDomainNames = []; + security.acme.certs."${domain}" = { + domain = "*.diday.org"; + group = "nginx"; + server = "https://acme-staging-v02.api.letsencrypt.org/directory"; + dnsProvider = "desec"; + environmentFile = config.sops.secrets."staging.diday.org/lego.env".path; + }; services.nginx.virtualHosts = { - "acme-${domain}" = { - enableACME = true; - serverName = "${domain}"; - - listen = [ - { - addr = "0.0.0.0"; - port = 31820; - } - ]; - }; - "${domain}" = { - forceSSL = true; useACMEHost = "${domain}"; + forceSSL = true; listen = [ { @@ -34,7 +28,9 @@ in } ]; - root = "${dataDir}"; + basicAuth = { + "preview" = "liebe"; + }; extraConfig = '' # Make use of the ngx_http_realip_module to set the $remote_addr and @@ -56,4 +52,6 @@ in systemd.tmpfiles.rules = [ "d ${dataDir} 0755 ${deployUser} ${deployUser}" ]; + + sops.secrets."staging.diday.org/lego.env" = {}; } From 7ae5d8dd80280b055aae07fbba683a962ca8595d Mon Sep 17 00:00:00 2001 From: lilly Date: Fri, 27 Feb 2026 21:21:39 +0100 Subject: [PATCH 26/33] configure staging.diday.org --- config/hosts/public-web-static/nginx.nix | 2 +- config/hosts/public-web-static/secrets.yaml | 6 ++-- .../virtualHosts/staging.diday.org.nix | 32 ++++++++++++++++--- 3 files changed, 32 insertions(+), 8 deletions(-) diff --git a/config/hosts/public-web-static/nginx.nix b/config/hosts/public-web-static/nginx.nix index 2e94ebf..898df39 100644 --- a/config/hosts/public-web-static/nginx.nix +++ b/config/hosts/public-web-static/nginx.nix @@ -6,7 +6,7 @@ appendHttpConfig = '' access_log off; - # load the DI-Day redirect map from the webroot + # load the DID redirect map from the webroot map $request_uri $did_redirect_target { include /var/www/diday.org/nginx-redirects.conf; } diff --git a/config/hosts/public-web-static/secrets.yaml b/config/hosts/public-web-static/secrets.yaml index e8080d8..e1f1a5b 100644 --- a/config/hosts/public-web-static/secrets.yaml +++ b/config/hosts/public-web-static/secrets.yaml @@ -1,6 +1,6 @@ spaceapid_config_ccchh_credentials: ENC[AES256_GCM,data:5IClrKKMO/AztQuGabrnoRFItYNeEmVWGeafomVO94pL1RKzL1sCxBxnmzvJFPb/8Y+6FXMh+Mim4DP8B2RaJMLpmqCv+76N/5+527SZ6gn9i2Klg6q0kD9RzJv40qHq/NYLCa24tpcZDt7eB0EOgqLsKUmtX2LrQjjnN3NzjAevJGKQ5ypnb7xygjft2KrpvlR1hMnZ0XpSLDTNR1AmImxE24JtDaJKzwXbptr2IZvm1UFkNslxdqHPjN+N8+MSSLhqHy/FdcY2ADvsTX1jtjnjkb+9E30QOeCiFPKSmWtSGiQ9sPcQna1yr717Vk0EiNSAWDQ2fMZyJUgBXG6w3wiZbxfJmxvshLPs5KguF9NHER+Seps1QiE0p16c0IS/0Y24UYrK2GyUIcSReGufjxUFGTJHFSsNANac34H/RTs7BkoZ,iv:8WzTRaXVeH5GKmigMVTLVBnhy6nXZnTZHLAYHcqDs2s=,tag:jTdgz0gmruMWWDBQ3h70vw==,type:str] staging.diday.org: - lego.env: ENC[AES256_GCM,data:PCah9T6gKMADx47bhT5fTcylnKjC8ZDjZl4E4FJRa1zUmihLe8hj65w=,iv:IrIgBPHvaQx2bjrUapzmcsMoQ+Md4edsJQmL+ykJddE=,tag:SV8igeQ2/o7V3oJUdYMc2Q==,type:str] + lego.env: ENC[AES256_GCM,data:FHCHBrjapNGSAtUnDTMZfeAZJqZV65d8COBJF8lzZmNBiw0jXyrmJ6rnUbYmnPN54T+1e8V0dzkdqmYX708tpFWagOPPQ9Ko+D+lV5yJ4hj/lhunuPSetWC/5dGBfN6CbA==,iv:WZ8CWu40ToF2mbpSUR6pDdUa6jcWPIUsWhVaGGBwx1E=,tag:8CohD3CwcUm2LzAJ8Lfimg==,type:str] sops: age: - recipient: age19h7xtfmt3py3ydgl8d8fgh8uakxqxjr74flrxev3pgmvvx94kvtq5d932d @@ -21,8 +21,8 @@ sops: ZE9rN3R4aHRXR0dBc2oxcEYrL1lxZncKuVocF84+ge1gyzfNjIxhwNgd8+kJIpxh yREbS2mrQ2zvSMtw9OoA0KJSpoHZfIiCwn2uYkQDPiGB/721JmA12Q== -----END AGE ENCRYPTED FILE----- - lastmodified: "2026-02-27T19:45:05Z" - mac: ENC[AES256_GCM,data:7tjKwRlcOHEg+CU5BP20gzjLK2YFTDtoHmQlsQsiy4JjRNIeVDWtzTnwsMwQ9KuDaGaJqL8Tgmu7nUZyDPS44G58by19oLIRRFj1emaNUigJQGCqNM5zKA9wF7OZKpnK0y3adu7ydNrtoBvw//9vWPZ0WMUwJXHNsyKMOHs36Yo=,iv:kIaDPhrbDMogNAgOVYvyDeAgc/FmzwHANoB+O9WGuV0=,tag:J3jejVDNGLquiiBkNiHbtQ==,type:str] + lastmodified: "2026-02-27T20:40:06Z" + mac: ENC[AES256_GCM,data:Nsburro0nSV8CLZsxLaFrwsE5EIz8qQOlclNynbRT03XkfaPN2Pup8UWg9QL34KGcGUweqtytxZvLWjwfJYEsIkLqi4ZfrpXpEfBowq5aNbWHzDJDW5QqZKaUPmMQxiPVm1EhXmyvfVdFEueOhfFLbuNUSvNWaFk/7l2utTeLrs=,iv:dSJDVYGdaunvRqj+EkPGy3qxR9suV0s2Mm26silX24M=,tag:hqA+4FpP2PwatRMnZUcUqw==,type:str] pgp: - created_at: "2026-02-17T22:22:02Z" enc: |- diff --git a/config/hosts/public-web-static/virtualHosts/staging.diday.org.nix b/config/hosts/public-web-static/virtualHosts/staging.diday.org.nix index 35a301d..b165348 100644 --- a/config/hosts/public-web-static/virtualHosts/staging.diday.org.nix +++ b/config/hosts/public-web-static/virtualHosts/staging.diday.org.nix @@ -7,15 +7,16 @@ let in { security.acme.certs."${domain}" = { - domain = "*.diday.org"; + domain = "staging.diday.org"; + extraDomainNames = [ "*.staging.diday.org" ]; group = "nginx"; - server = "https://acme-staging-v02.api.letsencrypt.org/directory"; + dnsResolver = "45.54.76.1:53"; dnsProvider = "desec"; environmentFile = config.sops.secrets."staging.diday.org/lego.env".path; }; services.nginx.virtualHosts = { - "${domain}" = { + "*.${domain}" = { useACMEHost = "${domain}"; forceSSL = true; @@ -41,10 +42,33 @@ in # Then tell the realip_module to get the addreses from the proxy protocol # header. real_ip_header proxy_protocol; + port_in_redirect off; error_page 404 /404.html; - port_in_redirect off; + location / { + if ($host ~* "^(pr\d+)\.staging\.diday\.org$") { + root /var/www/staging.diday.org/$1/; + } + + index index.html; + try_files $uri $uri/ =404; + + # deny access to the redirects config file + location = /nginx-redirects.conf { + deny all; + return 404; + } + + # dynamically redirect the user to the language they prefer + location = / { + set $lang "de"; + if ($http_accept_language ~* "^en") { + set $lang "en"; + } + return 302 /$lang/; + } + } ''; }; }; From 3f6e5a30c52a200cca3e99e948dee3e6482e70d0 Mon Sep 17 00:00:00 2001 From: June Date: Mon, 9 Mar 2026 21:31:18 +0100 Subject: [PATCH 27/33] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'authorizedKeysRepo': 'git+https://git.hamburg.ccc.de/CCCHH/infrastructure-authorized-keys?ref=trunk&rev=7d9c3a683a50d109ed8fd3f75d090d5403967f7f' (2025-10-21) → 'git+https://git.hamburg.ccc.de/CCCHH/infrastructure-authorized-keys?ref=trunk&rev=8b7662703635ff7e80b2ee72ce052201fa86010a' (2026-03-06) • Updated input 'nixpkgs': 'github:nixos/nixpkgs/72ac591e737060deab2b86d6952babd1f896d7c5' (2026-01-17) → 'github:nixos/nixpkgs/71caefce12ba78d84fe618cf61644dce01cf3a96' (2026-03-06) • Updated input 'nixpkgs-unstable': 'github:nixos/nixpkgs/3327b113f2ef698d380df83fbccefad7e83d7769' (2026-01-17) → 'github:nixos/nixpkgs/608d0cadfed240589a7eea422407a547ad626a14' (2026-03-08) • Updated input 'sops-nix': 'github:Mic92/sops-nix/5e8fae80726b66e9fec023d21cd3b3e638597aa9' (2026-01-18) → 'github:Mic92/sops-nix/c8e69670b316d6788e435a3aa0bda74eb1b82cc0' (2026-03-08) --- flake.lock | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/flake.lock b/flake.lock index 3230d75..5492a5c 100644 --- a/flake.lock +++ b/flake.lock @@ -3,11 +3,11 @@ "authorizedKeysRepo": { "flake": false, "locked": { - "lastModified": 1761076425, - "narHash": "sha256-EMUF17MVENJoX8bmxvWLB0TUPhFqlq0szXT0M7mkwWU=", + "lastModified": 1772825482, + "narHash": "sha256-GrmWFDo+lMxzrw85qHAUGQeQl9F/NBWILRWbxJfAtDE=", "ref": "trunk", - "rev": "7d9c3a683a50d109ed8fd3f75d090d5403967f7f", - "revCount": 20, + "rev": "8b7662703635ff7e80b2ee72ce052201fa86010a", + "revCount": 21, "type": "git", "url": "https://git.hamburg.ccc.de/CCCHH/infrastructure-authorized-keys" }, @@ -19,11 +19,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1768621446, - "narHash": "sha256-6YwHV1cjv6arXdF/PQc365h1j+Qje3Pydk501Rm4Q+4=", + "lastModified": 1772822230, + "narHash": "sha256-yf3iYLGbGVlIthlQIk5/4/EQDZNNEmuqKZkQssMljuw=", "owner": "nixos", "repo": "nixpkgs", - "rev": "72ac591e737060deab2b86d6952babd1f896d7c5", + "rev": "71caefce12ba78d84fe618cf61644dce01cf3a96", "type": "github" }, "original": { @@ -35,11 +35,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1768661221, - "narHash": "sha256-MJwOjrIISfOpdI9x4C+5WFQXvHtOuj5mqLZ4TMEtk1M=", + "lastModified": 1772956932, + "narHash": "sha256-M0yS4AafhKxPPmOHGqIV0iKxgNO8bHDWdl1kOwGBwRY=", "owner": "nixos", "repo": "nixpkgs", - "rev": "3327b113f2ef698d380df83fbccefad7e83d7769", + "rev": "608d0cadfed240589a7eea422407a547ad626a14", "type": "github" }, "original": { @@ -64,11 +64,11 @@ ] }, "locked": { - "lastModified": 1768709255, - "narHash": "sha256-aigyBfxI20FRtqajVMYXHtj5gHXENY2gLAXEhfJ8/WM=", + "lastModified": 1772944399, + "narHash": "sha256-xTzsSd3r5HBeufSZ3fszAn0ldfKctvsYG7tT2YJg5gY=", "owner": "Mic92", "repo": "sops-nix", - "rev": "5e8fae80726b66e9fec023d21cd3b3e638597aa9", + "rev": "c8e69670b316d6788e435a3aa0bda74eb1b82cc0", "type": "github" }, "original": { From 27390a6e10b045b5f8a75153fc93d3a8173c91e9 Mon Sep 17 00:00:00 2001 From: June Date: Mon, 9 Mar 2026 22:08:33 +0100 Subject: [PATCH 28/33] remove yate (it is now on ansible-infra) --- .sops.yaml | 14 --- config/hosts/yate/configuration.nix | 10 -- config/hosts/yate/default.nix | 10 -- config/hosts/yate/networking.nix | 23 ----- config/hosts/yate/secrets.yaml | 148 ---------------------------- config/hosts/yate/sops.nix | 7 -- config/hosts/yate/yate.nix | 78 --------------- flake.nix | 10 -- 8 files changed, 300 deletions(-) delete mode 100644 config/hosts/yate/configuration.nix delete mode 100644 config/hosts/yate/default.nix delete mode 100644 config/hosts/yate/networking.nix delete mode 100644 config/hosts/yate/secrets.yaml delete mode 100644 config/hosts/yate/sops.nix delete mode 100644 config/hosts/yate/yate.nix diff --git a/.sops.yaml b/.sops.yaml index 9bb3323..e1991ef 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -12,7 +12,6 @@ keys: - &host_age_forgejo_actions_runner age10xz2l7ghul7023awcydf4q3wurmszy2tafnadlarj0tvm7kl033sjw5f8t - &host_age_matrix age1f7ams0n2zy994pzt0u30h8tex6xdcernj59t4d70z4kjsyzrr3wsy87xzk - &host_age_public_web_static age19s7r8sf7j6zk24x9vumawgxpd2q8epyv7p9qsjntw7v9s3v045mqhmsfp0 - - &host_age_yate age1kxzl00cfa5v926cvtcp0l3fncwh6fgmk8jvpf4swkl4vh3hv9e5qyqsrnt - &host_age_woodpecker age1klxtcr23hers0lh4f5zdd53tyrtg0jud35rhydstyjq9fjymf9hsn2a8ch - &host_age_penpot age10ku5rphtsf2lcxg78za7f2dad5cx5x9urgkce0d7tyqwq2enva9sqf7g8r creation_rules: @@ -94,19 +93,6 @@ creation_rules: age: - *admin_age_lilly - *host_age_penpot - - path_regex: config/hosts/yate/.* - key_groups: - - pgp: - - *admin_gpg_jtbx - - *admin_gpg_yuri - - *admin_gpg_june - - *admin_gpg_haegar - - *admin_gpg_dario - - *admin_gpg_echtnurich - - *admin_gpg_c6ristian - age: - - *admin_age_lilly - - *host_age_yate - key_groups: - pgp: - *admin_gpg_jtbx diff --git a/config/hosts/yate/configuration.nix b/config/hosts/yate/configuration.nix deleted file mode 100644 index 6b1fa99..0000000 --- a/config/hosts/yate/configuration.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ ... }: - -{ - networking = { - hostName = "yate"; - domain = "z9.ccchh.net"; - }; - - system.stateVersion = "23.11"; -} diff --git a/config/hosts/yate/default.nix b/config/hosts/yate/default.nix deleted file mode 100644 index 66738e8..0000000 --- a/config/hosts/yate/default.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ ... }: - -{ - imports = [ - ./configuration.nix - ./networking.nix - ./yate.nix - ./sops.nix - ]; -} diff --git a/config/hosts/yate/networking.nix b/config/hosts/yate/networking.nix deleted file mode 100644 index a06a019..0000000 --- a/config/hosts/yate/networking.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ ... }: - -{ - networking = { - interfaces.net0 = { - ipv4.addresses = [ - { - address = "10.31.208.12"; - prefixLength = 23; - } - ]; - }; - defaultGateway = "10.31.208.1"; - nameservers = [ - "10.31.210.1" - ]; - }; - - systemd.network.links."10-net0" = { - matchConfig.MACAddress = "BC:24:11:73:3E:F7"; - linkConfig.Name = "net0"; - }; -} diff --git a/config/hosts/yate/secrets.yaml b/config/hosts/yate/secrets.yaml deleted file mode 100644 index d3cb216..0000000 --- a/config/hosts/yate/secrets.yaml +++ /dev/null @@ -1,148 +0,0 @@ -git_clone_key: ENC[AES256_GCM,data:Wss8NtyYXOmQ8fYbqKfbGQ+5l+ifNznis9OJ4p2HRPsExOFvgHH60t+D/gsOPTiwL0fEQKQn008Zo7VpIEhKIQM0fW3cd3ED3Tk8QX4hDRxyLl/lql5MlhTm4UMY58rNMBXgA88oR1lozgAa39KMH0MRUoSzrhvecwnAHO+RjZGXBN5zYIorqBVEk5h+1wUGSlV1TroZX9u0cWt11eH59AgKY/oP5mOrgA++E623Oc/DnTxlLbR//lFHW1JPiBSUFMP1ck6fg4PwnADYITgr1B1zdJz1J6jNC+n6S9bKDPnH5bvqmpvJIRmimxR4/R182RkIC+TBhD850cD1y9KSZa0Lh3DZ3LPrqGtZ6MHvpCgY/wPiTUANv6CJPcOAoskaaW57EiFl0ev3Jc3A+XFM6yqQOmmvNXx0hYz6ltlvtsltOcmz5TWooijwTaPS5UEwltYalrT9RNmC/ODkBRkSvuLEBWYwnu8aeo2f/+IxciG0PldDJED2ud6HSkDEXHcPCwodScpnk032Jrc+0qtI,iv:tCo4f5u/y/ZrAfT1N+eUNLy5pKAg/U0xa3cNQmzUgFs=,tag:03HK65hWjYnVzz+7C+HmsA==,type:str] -sops: - age: - - recipient: age19h7xtfmt3py3ydgl8d8fgh8uakxqxjr74flrxev3pgmvvx94kvtq5d932d - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTeklHTk8wRXZUWDE2bHdV - LzJSVkJMMStpMmlud1VZWjVLUVdLejNXWDFNClM2UjhMaWl5cmxjRHdpakowV2hZ - aVVxMUtoSmdJU2p0MzZORC9XV2U4QTgKLS0tIEM0RUhRTTFBcjNsOVR2Q1A3bEFE - cWNJR1kyQkVMbElBdTkvQlkwWk8yTDgKK8XqGA2Gy7b7dIS4Zas/t8aK8d2qCx5p - cDHyRqqAfMIn9fRmiRGL0VRXCTZcPZ8FcaDx5/CuOgxe4hvNXp9U3Q== - -----END AGE ENCRYPTED FILE----- - - recipient: age1kxzl00cfa5v926cvtcp0l3fncwh6fgmk8jvpf4swkl4vh3hv9e5qyqsrnt - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtd1ZQNytmcTQ0bC8xMlAz - QXlibmhQZGNQQnV3QktoVGtxOHA1eEtnaHdzCnRiMVl0Nll1V2ZibWdkTnBoYnFq - ZXNqUHI3eXMwYkZvZkVEVm1Ld3RFdkkKLS0tIEx5RVc5WGEvdlhUcHVQMXdXcUhS - Y2t3K3Vhckp4VnBwOHQwVjVpYjkxU1kKuvtNN9eHFvBBjZmh/L5yxeU6rRtz7KMy - q/5pLyRVAg/LjXKnFH9SZLbvWyffpfG7U8CUQdBmVIzYhrj/WEKwcQ== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-09-08T18:35:07Z" - mac: ENC[AES256_GCM,data:tyrfhBaTKnp1lqSPfkErk1UFoI7v/1az+zl9g3XoZ5Apo3CRixdLUldM9sYXqQT5WNrgO2NyZHqvyQOnFZiJuNhlYFSQbgwFFm3gz45BV8Do7QAhAG7+Q6q/Gz9VAqePQJlmzbfeL5iqJC2jhrcGIutO2cI22QULLkBzVVDg1/w=,iv:ayLonGC1F3vp6bh4pcAps6BvMzrG/yT2rPGAcUQ1Geg=,tag:1fIaRIFrzDTSP+oIUHABgQ==,type:str] - pgp: - - created_at: "2026-02-17T22:22:04Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAz5uSgHG2iMJARAAg1t+aqAh+rbcjhyNZha1ovJbcM6FoNr55nmdFZQnqwi5 - sCIct2zE/lQzz770bbkplJaEAM2mQnPEGYJ6hQApF4M8x4HKVWaA68qM/dP2ZQQs - oXysCouuUvypfU+EeZhN6Lke8PapFls+iLidcb8fFh+FHAEe3qOKHfwFamjkxz0T - N7/hCInKHFNeOOq9QpH+2dtpo3+wL0ImwSO/hfnhLc8f9eCgXYQZEArT9mhm4eFp - AWkkN34dZJcRa/n0NcZhMWhEDgepXO86h3vuXSfGRzuj3QEChSgm1paVOv5IWtCP - e9H66PcpBC0v8lnf6sk3uwTORH09rAuSDgEFcFHzdfZAL6c2O0oleMTVXDEQ23Ci - 8/X6N/qZjIJNBQogcRSCQijaYgSeUuMStvizzOK6hRKS/DSMK6Zbw2eM5SHXen0h - GVf8XvenfZF0U4MvzTDYzYnDh/1HA7NvfhRcvHo4TjkCyzuekGaE8WC1JtWA3DQD - IQf2q/7p6Qka+duMeirJcM+c71c7so6EDrlbFPI6A15F/vqtD4VyfmwLJm2YZZ4S - DfKKJHIQDzXh0bqiyNtAQyyo1H9UhJehXOod70Nz6EZkYz3F67Xo2fO/5mCrkRJH - tJEbSz43IHaT1AkB80mEy59+WCrT02mpuwsdsoLvhLokiCNFPHUR/YaWqjwJ5Y7S - XAGF4ku196vpnW9Ce+9rYE1UZ/Uh9xHBqPdc3tnufhKIwAE0UyF+fqFY89iwcMrb - WLcN+Pt7KhWIe2lJ3R8jKbzceTLIpxoHUtXGLutu8XM7tWN/obE61a9iWSTK - =s5xj - -----END PGP MESSAGE----- - fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5 - - created_at: "2026-02-17T22:22:04Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAw5vwmoEJHQ1ARAApGc0RVQyE+NzUrw0yVctMi53dHT0fSC48WhVFuX77r97 - oLcw2/gzVhOGXHfuyPgkis16QBcMaHX4BNfrTonk6sXC/WOPBsRCAZ/h2YazK3Nt - fv/Ve8oNC2kDmCOIn4RwmXVS+QXPp9pgZA2b9wuAlU0SLbYq+t0lgCTZZb3lfL8m - DM5Y1xbXrwGNEqjkxEdU1Secd0oUgTWVwZlmjhnH+1e5tZe5sDLkUP28XBQB0b1j - BgV6dEERl0lxgTPYlcC0LHI+gD7gG3rmzMudJJBZzVomQK/VfKWqV7UuaT4x+ejQ - tVbkGZcjOAmb8A4xXQwkRgCBBS8CmiRGhx/BwJlabEMHW1QBOJB9+PYWD78rgiyY - CdjX4xFE80Wpdh8PDZXAe93m/4DlGKntLR5GVtZrk9VHuDL1CAc40tJkCuvl3Nig - bwapAGdGQnRRLMg0mPLI/isc7PmmBs2M+3m38mhdqjttbFpBrvD6wFPmhWmOw0YR - fiI7QOMOcihoX937S6jVTrUGVLFtR9Esl5LadYQp93le3GjZw6uiANepIwkeaX81 - ZanuDJGJXhvtgLfBByxWiuJxKRkZ1jyOVcbq9BEv/FjgFbxPEKq8vevuEAcSoM0K - PyRrav59UciQ6BUGy8jM7caIu9hZhon9BZA3bWFekXAjWWyfL/2SkIkjyo+B0hvS - XAGvaOrp3aF7mF6XyyxxNC7IjVifnlElFzv594o2fPQdRKGfcLIETADMUaMskrD5 - RSEe4ldP8KQOlmKn2yG/fhQw04D+RdhatWIfszGjQwo84g4SIBOzI8Ut8fsd - =W/jm - -----END PGP MESSAGE----- - fp: 87AB00D45D37C9E9167B5A5A333448678B60E505 - - created_at: "2026-02-17T22:22:04Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DerEtaFuTeewSAQdAUr63BpqUMMezyhp+cq1nWfUixaQPB2XZm2ZM6/OfHi4w - 583JukURVqiCDGyMmuMvx1c+7txy3BImR+ZcX54CyLi41pAJYM+t0GCYUX+N1iUh - 0lwBGLwkDC83Go28mRIVf2VJex6MaW9F6scWat/FDn8QLzsL/MpWpTTbOvCM9eF3 - p1MMmqV2s4NkdGaXKhMWoc84CQZgEfvNyzmObPSj558ZIcvdmuu+gxBbm2jJUg== - =pwG7 - -----END PGP MESSAGE----- - fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912 - - created_at: "2026-02-17T22:22:04Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMAxjNhCKPP69fAQ//UrQNdx+LIIf+GLfmG5wCjpa2CSBPRta1AT6JUFSaImwm - d0qDFyTSf96SqnyPFh2GlHuR/s2OZjF92a6EJidq8FDGJWCwlhJIDOD5B5veCPsF - kGB8CqXod7ZD1z19p1h5WiWdSLxYoseDEsnb2SDeONaZjOklNgpWT3dhTjVD2ca0 - 92pp3xHfMHNOMyTzC9f2cLPdfUr7/2sHk5h84wH+4IOoXyACQmbCDQjrDg0FoxUh - KR3Tc4oxrAEhSkipuFjqZceihLx9tb2peZmBUMzLh/N71hAQ6aNav3EIBEKcyy3k - W7M9BS3yX6pBD1FWDdp0l7YlJTNXPDRF/c9Q5CgR7S7Td6/zL/Mm0k6Va6kvjBN8 - slRTiqsjT/W6h6scnihFEcPTKUdmZKx2f/Hj5EE+cM6WfULeIAawJxoWBOoSi6cq - RdlJzpkCqridarADKMy226Isj9QH1qmspL5HIJQ/lBHO7lRx17MvB2JkojYsHxix - LiEEQUdAkmVmV0APLNV4Uh9fkyi9FfDgtzhKBmF/4Hue2ZUCQcsuTzzy2TyF2YZi - pYLJ8dlsSUFIr1ZmzDzf/x/v87GLJuuHjOGVPiA26ipIeR8w3u0yFjf2EFQd7KXm - 3viDYhGBdVfntgfJL5o5VVGeIv95x0ZXlyi2/6r1NL+KZJhiZ4drE5DfrQ9Z6BrS - XAEhAjt4mAGphYPQnygGYxrcGDW18akLE2BXjqnQZlxyt5I3cqubSciz85mlcvXJ - KLaxFI/A8jl+eDlNqhrNvR5E8vPOBi1253IDHLMzsYtAgZ51A3UPN6BBCmSL - =+sro - -----END PGP MESSAGE----- - fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55 - - created_at: "2026-02-17T22:22:04Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA1Hthzn+T1OoAQ//V5CtyaEMACLYe8t4AWFkPOfKnZ6nLDSzYc+AgDdzk0Nn - 8EK6KOT+m0d65Sbqg1D2U+n1/8dyqFB0cnUmSUZzL5iYfQF/Zry2sqncmX5dO4ne - k8ZSc+s1QL7ed5fq0MykOPhopxwF8UWHRMTggPXm1JZ1+QrNXrGveaZq4IS0hjbj - k2TgvFd1svf/xqlWN31wdIuNVtpMaI01gTW0XX4ECVOc7gJz9xTJtzB6imBb3yHN - cRB60rhtbeIx24wJ9yro9HWEaOLaqXyMWFCrH0J4pXFvtKa3iPxZCJpE3YNUnX48 - pGE6ZUleHhAagsDZMabwqsfLZdmJCc+C8fJEIhC+uBS9vtmALGUeKxnkvWbfPAVP - sj6QbVmiyVnK/X4wNguMK+AdTGElvu5yB2ejypD/kCKI1RbVPXqTYS/gY0Vm+OKL - kYKuz7gC72O72pC577usHYeUkptqjYIKD66+N0OkqymkLmdTFsISqmVodmp4WD1I - r1gDGFt2BkHziG2FbnUbYv187q87yvHf61f+P0NWcPV3XnGvd2eHURPhhrhQtOzl - DaPwoTZ4EY042mIC4PoScxs39eSBSFYeO5lXyh+5Vvtcb0lt6aLmXWNkVbq+JEft - tLt9WnBGcdF/gbMWMG+OnFPnzt9YH9ydOXFoP//TbmubNV6rUCd99aKLcPdg7LrS - XAHR9cSMAaq74ZebTw/gt3oBD4Yewwpnna0X8i9xy6VGJz2ja/hWI+gYdlsvyNT4 - bwbmdFbgJtV9NtMP7c5CxlOBbwjmqpy9/syjgieNfMVI7BMbkVm4Tp9P/X87 - =+JD1 - -----END PGP MESSAGE----- - fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD - - created_at: "2026-02-17T22:22:04Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hQIMA46L6MuPqfJqAQ//Y35T5AgDswhpSVOMPoAToapHzH9rZan5nzqDhfJrVe/A - xxCHoJY1YTRKjG9cAtmYm22oJqWZqmoXUS43KW0jzwNcfKBE06u+3VjVgnkkn+Q9 - ceDUycbqbYsiwBdiYC/2mKjgg4xvbz55ZmOLvjLljlcNXQOHb9XO0ggqX2t50GEh - 4RaieL7d8/MwgC9RLz2i+K6Bqf+W4kjGtBiQF7D4cI+mZbguCZ5AptMKXCFBHQrV - Lu+WKzPTVFmpRnnK0nIrlHa9WV7h5gYnu+qK4O7Jgs8HYiNOtLQJMhuUnos+psDG - y9GzHU7VoGAqYth9Nn8IQE2bdQOde+bTTaPxvLA3coCqTNjw12FyPQ7cppWwn+iK - NuTxdDPj2GIRd32nBONbpFpjdFv0FINOXKJB2HnbjiHz1vBT2sL530TuTuDl4G6n - 3vz0rRb1lOZHiSPNsinz/hkSEQMfwV6AhC/AW/Y6Zsoh89WJMCBSlyc6VmHBHq+y - r0ZWfbGjBciPXbDA2SXgrGN01txTkps4NP6rxaLIgJZpPtmYNhe1JCMvMJcLvVNe - wtChGFj2Hyn6eDkh/JKkvw0RZ9ktWUY448+DYuOpO+KtkO9kQZw0853opVivcmHT - CF/GWzcoSP18HIaCvYmdNyvsQDPgs5g9m5nXp+3AK6oUwmPAbUp4lR81CpxWFh/S - XAErwhIXCJFhsS2C47V4kjy/5wGi6LrcquNGTtYxbVIRzZv+LyCSXNeRHbxlbniD - fUD0Rjr6EDxEe9Apsz01Ko92GRxs3ihRtUBwyNHqJxX6nqX2icpDsEsY8U5o - =t63I - -----END PGP MESSAGE----- - fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A - - created_at: "2026-02-17T22:22:04Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DQrf1tCqiJxoSAQdAU9KcQp4hcBjhmB52+zjDjkNyrzF+vj4B+yWYAwj6dnIw - xp2nTCQJHck8AJgvQbnm79kMvDjWmZ+BKga5Djudq9y0h8pedsWA7F3SC/Pd2bsA - 0lwBmJgvzUo9+lkCVVByyfPOPYgvd3SYFFTvLrYLiuHsoYLsLBKMtURqeDwSGCRJ - eqbE5Ebio0ag+tKKKLtfnvfTZKuyB7kDOu0hdbhQ6+bNHL+Q76c++z1zZl5MTA== - =5Gin - -----END PGP MESSAGE----- - fp: B71138A6A8964A3C3B8899857B4F70C356765BAB - unencrypted_suffix: _unencrypted - version: 3.9.0 diff --git a/config/hosts/yate/sops.nix b/config/hosts/yate/sops.nix deleted file mode 100644 index 38b06f9..0000000 --- a/config/hosts/yate/sops.nix +++ /dev/null @@ -1,7 +0,0 @@ -{ ... }: - -{ - sops = { - defaultSopsFile = ./secrets.yaml; - }; -} \ No newline at end of file diff --git a/config/hosts/yate/yate.nix b/config/hosts/yate/yate.nix deleted file mode 100644 index 236e1f0..0000000 --- a/config/hosts/yate/yate.nix +++ /dev/null @@ -1,78 +0,0 @@ -{ pkgs, ... }: - -{ - environment.systemPackages = [ - pkgs.yate - pkgs.git - pkgs.tcpdump - pkgs.tmux - ]; - - # Just disable it for now. - networking.firewall.enable = false; - - users = { - users.yate = { - description = "yate service user"; - group = "yate-config"; - isNormalUser = true; - }; - - groups.yate-config = { - members = [ "colmema-deploy" "chaos" "root" "yate"]; - }; - }; - - environment.etc.yate = { - user = "yate"; - group = "yate-config"; - mode = "symlink"; - source = "/var/lib/yate"; - }; - - sops.secrets."git_clone_key" = { - mode = "0600"; - owner = "yate"; - group = "yate-config"; - restartUnits = [ "yate.service" ]; - }; - - systemd.services.yate = { - enable = true; - description = "Yate telehony engine"; - unitConfig = { - After= "network-online.target"; - }; - serviceConfig = { - ExecStart = "${pkgs.yate}/bin/yate -c /etc/yate -e /etc/yate/share"; - Type="simple"; - Restart="always"; - User="yate"; - Group="yate-config"; - StateDirectory = "yate"; - StateDirectoryMode = "0775"; - }; - wantedBy = [ "default.target" ]; - requires = [ "network-online.target" ]; - preStart = '' - echo "\n" >> /run/secrets/git_clone_key - sleep 5 - id - echo "$(stat -c '%U' /var/lib/yate/.git) owns /var/lib/yate/.git" - SSH_SUCCESS=1 - ${pkgs.openssh}/bin/ssh -q -i /run/secrets/git_clone_key forgejo@git.hamburg.ccc.de 2> /var/lib/yate/SSH_CHECK_LOG || SSH_SUCCESS=0 - if [[ $SSH_SUCCESS = 1 && $(stat -c '%U' /var/lib/yate/.git) == *yate* ]]; then - rm -rf /var/lib/yate/* - rm -rf /var/lib/yate/.* - env GIT_SSH_COMMAND="${pkgs.openssh}/bin/ssh -i /run/secrets/git_clone_key" ${pkgs.git}/bin/git clone forgejo@git.hamburg.ccc.de:CCCHH/yate-config.git /var/lib/yate - ${pkgs.git}/bin/git -C /var/lib/yate config --add safe.directory "/var/lib/yate" - fi - ''; - reload= '' - id - ${pkgs.git}/bin/git config --global --add safe.directory /var/lib/yate - /usr/bin/env GIT_SSH_COMMAND="${pkgs.openssh}/bin/ssh -i /run/secrets/git_clone_key" ${pkgs.git}/bin/git -C /var/lib/yate fetch --all - /usr/bin/env GIT_SSH_COMMAND="${pkgs.openssh}/bin/ssh -i /run/secrets/git_clone_key" ${pkgs.git}/bin/git -C /var/lib/yate reset --hard origin/master - ''; - }; -} diff --git a/flake.nix b/flake.nix index fe0cbdc..3b28ef2 100644 --- a/flake.nix +++ b/flake.nix @@ -150,16 +150,6 @@ ]; }; - yate = nixpkgs.lib.nixosSystem { - inherit system specialArgs; - modules = [ - self.nixosModules.common - self.nixosModules.proxmox-vm - sops-nix.nixosModules.sops - ./config/hosts/yate - ]; - }; - mqtt = nixpkgs.lib.nixosSystem { inherit system specialArgs; modules = [ From 3a74fd5693d6e5e41b4f76fa1d12747bac9ec488 Mon Sep 17 00:00:00 2001 From: June Date: Fri, 3 Apr 2026 15:07:34 +0200 Subject: [PATCH 29/33] add c3dog.de to public-web-static --- .../virtualHosts/c3dog.de.nix | 86 +++++++++++++++++++ .../virtualHosts/default.nix | 1 + 2 files changed, 87 insertions(+) create mode 100644 config/hosts/public-web-static/virtualHosts/c3dog.de.nix diff --git a/config/hosts/public-web-static/virtualHosts/c3dog.de.nix b/config/hosts/public-web-static/virtualHosts/c3dog.de.nix new file mode 100644 index 0000000..3589418 --- /dev/null +++ b/config/hosts/public-web-static/virtualHosts/c3dog.de.nix @@ -0,0 +1,86 @@ +{ pkgs, ... }: + +let + domain = "c3dog.de"; + dataDir = "/var/www/${domain}"; + deployUser = "c3cat-website-deploy"; +in { + security.acme.certs."${domain}".extraDomainNames = [ "www.${domain}" ]; + + services.nginx.virtualHosts = { + "acme-${domain}" = { + enableACME = true; + serverName = "${domain}"; + serverAliases = [ + "www.${domain}" + ]; + + listen = [ + { + addr = "0.0.0.0"; + port = 31820; + } + ]; + }; + + "www.${domain}" = { + forceSSL = true; + useACMEHost = "${domain}"; + + listen = [ + { + addr = "0.0.0.0"; + port = 8443; + ssl = true; + proxyProtocol = true; + } + ]; + + locations."/" = { + return = "302 https://c3dog.de$request_uri"; + }; + + extraConfig = '' + # Make use of the ngx_http_realip_module to set the $remote_addr and + # $remote_port to the client address and client port, when using proxy + # protocol. + # First set our proxy protocol proxy as trusted. + set_real_ip_from 172.31.17.140; + # Then tell the realip_module to get the addreses from the proxy protocol + # header. + real_ip_header proxy_protocol; + ''; + }; + + "${domain}" = { + forceSSL = true; + useACMEHost = "${domain}"; + + listen = [ + { + addr = "0.0.0.0"; + port = 8443; + ssl = true; + proxyProtocol = true; + } + ]; + + root = "${dataDir}"; + + extraConfig = '' + # Make use of the ngx_http_realip_module to set the $remote_addr and + # $remote_port to the client address and client port, when using proxy + # protocol. + # First set our proxy protocol proxy as trusted. + set_real_ip_from 172.31.17.140; + # Then tell the realip_module to get the addreses from the proxy protocol + # header. + real_ip_header proxy_protocol; + ''; + }; + }; + + systemd.tmpfiles.rules = [ + "d ${dataDir} 0755 ${deployUser} ${deployUser}" + ]; +} diff --git a/config/hosts/public-web-static/virtualHosts/default.nix b/config/hosts/public-web-static/virtualHosts/default.nix index 11e9ea1..5b01a71 100644 --- a/config/hosts/public-web-static/virtualHosts/default.nix +++ b/config/hosts/public-web-static/virtualHosts/default.nix @@ -4,6 +4,7 @@ imports = [ ./branding-resources.hamburg.ccc.de.nix ./c3cat.de.nix + ./c3dog.de.nix ./cpu.ccc.de.nix ./cryptoparty-hamburg.de.nix ./element-admin.hamburg.ccc.de.nix From 900f6107379fbaf83ced31e7525f54387c420b89 Mon Sep 17 00:00:00 2001 From: June Date: Fri, 3 Apr 2026 18:19:40 +0200 Subject: [PATCH 30/33] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixpkgs': 'github:nixos/nixpkgs/71caefce12ba78d84fe618cf61644dce01cf3a96' (2026-03-06) → 'github:nixos/nixpkgs/bcd464ccd2a1a7cd09aa2f8d4ffba83b761b1d0e' (2026-04-01) • Updated input 'nixpkgs-unstable': 'github:nixos/nixpkgs/608d0cadfed240589a7eea422407a547ad626a14' (2026-03-08) → 'github:nixos/nixpkgs/8d8c1fa5b412c223ffa47410867813290cdedfef' (2026-04-02) • Updated input 'sops-nix': 'github:Mic92/sops-nix/c8e69670b316d6788e435a3aa0bda74eb1b82cc0' (2026-03-08) → 'github:Mic92/sops-nix/8f093d0d2f08f37317778bd94db5951d6cce6c46' (2026-04-03) --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 5492a5c..8f672b0 100644 --- a/flake.lock +++ b/flake.lock @@ -19,11 +19,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1772822230, - "narHash": "sha256-yf3iYLGbGVlIthlQIk5/4/EQDZNNEmuqKZkQssMljuw=", + "lastModified": 1775002709, + "narHash": "sha256-d3Yx83vSrN+2z/loBh4mJpyRqr9aAJqlke4TkpFmRJA=", "owner": "nixos", "repo": "nixpkgs", - "rev": "71caefce12ba78d84fe618cf61644dce01cf3a96", + "rev": "bcd464ccd2a1a7cd09aa2f8d4ffba83b761b1d0e", "type": "github" }, "original": { @@ -35,11 +35,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1772956932, - "narHash": "sha256-M0yS4AafhKxPPmOHGqIV0iKxgNO8bHDWdl1kOwGBwRY=", + "lastModified": 1775126147, + "narHash": "sha256-J0dZU4atgcfo4QvM9D92uQ0Oe1eLTxBVXjJzdEMQpD0=", "owner": "nixos", "repo": "nixpkgs", - "rev": "608d0cadfed240589a7eea422407a547ad626a14", + "rev": "8d8c1fa5b412c223ffa47410867813290cdedfef", "type": "github" }, "original": { @@ -64,11 +64,11 @@ ] }, "locked": { - "lastModified": 1772944399, - "narHash": "sha256-xTzsSd3r5HBeufSZ3fszAn0ldfKctvsYG7tT2YJg5gY=", + "lastModified": 1775188331, + "narHash": "sha256-/0BoSi0Dg0ON7IW0oscM12WSPBaMSCn36XTt0lHZoy8=", "owner": "Mic92", "repo": "sops-nix", - "rev": "c8e69670b316d6788e435a3aa0bda74eb1b82cc0", + "rev": "8f093d0d2f08f37317778bd94db5951d6cce6c46", "type": "github" }, "original": { From 3b17599533a6b572f24f20beff6ebaeaf7979e5b Mon Sep 17 00:00:00 2001 From: Jannik Beyerstedt Date: Sat, 4 Apr 2026 15:36:08 +0200 Subject: [PATCH 31/33] deploy docs.c3voc.de on public-static-web Co-authored-by: June --- .../virtualHosts/default.nix | 2 + .../virtualHosts/docs.c3voc.de.nix | 61 +++++++++++++++++++ .../virtualHosts/staging.docs.c3voc.de.nix | 60 ++++++++++++++++++ 3 files changed, 123 insertions(+) create mode 100644 config/hosts/public-web-static/virtualHosts/docs.c3voc.de.nix create mode 100644 config/hosts/public-web-static/virtualHosts/staging.docs.c3voc.de.nix diff --git a/config/hosts/public-web-static/virtualHosts/default.nix b/config/hosts/public-web-static/virtualHosts/default.nix index 5b01a71..dfac565 100644 --- a/config/hosts/public-web-static/virtualHosts/default.nix +++ b/config/hosts/public-web-static/virtualHosts/default.nix @@ -7,6 +7,7 @@ ./c3dog.de.nix ./cpu.ccc.de.nix ./cryptoparty-hamburg.de.nix + ./docs.c3voc.de.nix ./element-admin.hamburg.ccc.de.nix ./element.hamburg.ccc.de.nix ./hacker.tours.nix @@ -15,6 +16,7 @@ ./spaceapi.hamburg.ccc.de.nix ./staging.c3cat.de.nix ./staging.cryptoparty-hamburg.de.nix + ./staging.docs.c3voc.de.nix ./staging.hacker.tours.nix ./staging.hackertours.hamburg.ccc.de.nix ./staging.hamburg.ccc.de.nix diff --git a/config/hosts/public-web-static/virtualHosts/docs.c3voc.de.nix b/config/hosts/public-web-static/virtualHosts/docs.c3voc.de.nix new file mode 100644 index 0000000..a91edc1 --- /dev/null +++ b/config/hosts/public-web-static/virtualHosts/docs.c3voc.de.nix @@ -0,0 +1,61 @@ +{ pkgs, ... }: + +let + domain = "docs.c3voc.de"; + dataDir = "/var/www/${domain}"; + deployUser = "c3vocdocs-website-deploy"; +in { + services.nginx.virtualHosts = { + "acme-${domain}" = { + enableACME = true; + serverName = "${domain}"; + + listen = [ + { + addr = "0.0.0.0"; + port = 31820; + } + ]; + }; + + "${domain}" = { + forceSSL = true; + useACMEHost = "${domain}"; + + listen = [ + { + addr = "0.0.0.0"; + port = 8443; + ssl = true; + proxyProtocol = true; + } + ]; + + root = "${dataDir}"; + + extraConfig = '' + # Make use of the ngx_http_realip_module to set the $remote_addr and + # $remote_port to the client address and client port, when using proxy + # protocol. + # First set our proxy protocol proxy as trusted. + set_real_ip_from 172.31.17.140; + # Then tell the realip_module to get the addreses from the proxy protocol + # header. + real_ip_header proxy_protocol; + ''; + }; + }; + + systemd.tmpfiles.rules = [ + "d ${dataDir} 0755 ${deployUser} ${deployUser}" + ]; + + users.users."${deployUser}" = { + isNormalUser = true; + group = "${deployUser}"; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMQbTkwHeNiq73XMbahRsyIWCzVLuN1Cu+f7XZMUh/6S deploy key for docs.c3voc.de" + ]; + }; + users.groups."${deployUser}" = { }; +} diff --git a/config/hosts/public-web-static/virtualHosts/staging.docs.c3voc.de.nix b/config/hosts/public-web-static/virtualHosts/staging.docs.c3voc.de.nix new file mode 100644 index 0000000..5b3d387 --- /dev/null +++ b/config/hosts/public-web-static/virtualHosts/staging.docs.c3voc.de.nix @@ -0,0 +1,60 @@ +{ pkgs, ... }: + +let + domain = "staging.docs.c3voc.de"; + dataDir = "/var/www/${domain}"; + deployUser = "c3vocdocs-website-deploy"; +in { + services.nginx.virtualHosts = { + "acme-${domain}" = { + enableACME = true; + serverName = "${domain}"; + + listen = [ + { + addr = "0.0.0.0"; + port = 31820; + } + ]; + }; + + "${domain}" = { + forceSSL = true; + useACMEHost = "${domain}"; + + listen = [ + { + addr = "0.0.0.0"; + port = 8443; + ssl = true; + proxyProtocol = true; + } + ]; + + root = "${dataDir}"; + + # Disallow *, since this is staging and doesn't need to be in any search + # results. + locations."/robots.txt" = { + return = "200 \"User-agent: *\\nDisallow: *\\n\""; + }; + + extraConfig = '' + # Make use of the ngx_http_realip_module to set the $remote_addr and + # $remote_port to the client address and client port, when using proxy + # protocol. + # First set our proxy protocol proxy as trusted. + set_real_ip_from 172.31.17.140; + # Then tell the realip_module to get the addreses from the proxy protocol + # header. + real_ip_header proxy_protocol; + ''; + }; + }; + + systemd.tmpfiles.rules = [ + "d ${dataDir} 0755 ${deployUser} ${deployUser}" + ]; + + # docs.c3voc deploy user already defined in docs.c3voc.de.nix. +} From 6ac55fe4a2f1454ffc70f372997b727904838738 Mon Sep 17 00:00:00 2001 From: June Date: Sat, 4 Apr 2026 17:21:39 +0200 Subject: [PATCH 32/33] fix ports in redirects --- config/hosts/public-web-static/virtualHosts/docs.c3voc.de.nix | 2 ++ .../public-web-static/virtualHosts/staging.docs.c3voc.de.nix | 2 ++ 2 files changed, 4 insertions(+) diff --git a/config/hosts/public-web-static/virtualHosts/docs.c3voc.de.nix b/config/hosts/public-web-static/virtualHosts/docs.c3voc.de.nix index a91edc1..5c257da 100644 --- a/config/hosts/public-web-static/virtualHosts/docs.c3voc.de.nix +++ b/config/hosts/public-web-static/virtualHosts/docs.c3voc.de.nix @@ -42,6 +42,8 @@ in { # Then tell the realip_module to get the addreses from the proxy protocol # header. real_ip_header proxy_protocol; + + port_in_redirect off; ''; }; }; diff --git a/config/hosts/public-web-static/virtualHosts/staging.docs.c3voc.de.nix b/config/hosts/public-web-static/virtualHosts/staging.docs.c3voc.de.nix index 5b3d387..2170f8c 100644 --- a/config/hosts/public-web-static/virtualHosts/staging.docs.c3voc.de.nix +++ b/config/hosts/public-web-static/virtualHosts/staging.docs.c3voc.de.nix @@ -48,6 +48,8 @@ in { # Then tell the realip_module to get the addreses from the proxy protocol # header. real_ip_header proxy_protocol; + + port_in_redirect off; ''; }; }; From d1ef492f93f18809a80266ab9e9a33af465caf5d Mon Sep 17 00:00:00 2001 From: June Date: Sat, 11 Apr 2026 20:44:22 +0200 Subject: [PATCH 33/33] establish c3dog.de and staging as their own websites --- .../virtualHosts/c3dog.de.nix | 11 +++- .../virtualHosts/default.nix | 1 + .../virtualHosts/staging.c3dog.de.nix | 60 +++++++++++++++++++ 3 files changed, 71 insertions(+), 1 deletion(-) create mode 100644 config/hosts/public-web-static/virtualHosts/staging.c3dog.de.nix diff --git a/config/hosts/public-web-static/virtualHosts/c3dog.de.nix b/config/hosts/public-web-static/virtualHosts/c3dog.de.nix index 3589418..16fedd5 100644 --- a/config/hosts/public-web-static/virtualHosts/c3dog.de.nix +++ b/config/hosts/public-web-static/virtualHosts/c3dog.de.nix @@ -3,7 +3,7 @@ let domain = "c3dog.de"; dataDir = "/var/www/${domain}"; - deployUser = "c3cat-website-deploy"; + deployUser = "c3dog-website-deploy"; in { security.acme.certs."${domain}".extraDomainNames = [ "www.${domain}" ]; @@ -83,4 +83,13 @@ in { systemd.tmpfiles.rules = [ "d ${dataDir} 0755 ${deployUser} ${deployUser}" ]; + + users.users."${deployUser}" = { + isNormalUser = true; + group = "${deployUser}"; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB7iXsVArl4SbDczb4U3zGkZCiVO/lfn12gkOEOnKmEX deploy key for c3dog.de" + ]; + }; + users.groups."${deployUser}" = { }; } diff --git a/config/hosts/public-web-static/virtualHosts/default.nix b/config/hosts/public-web-static/virtualHosts/default.nix index dfac565..404ca35 100644 --- a/config/hosts/public-web-static/virtualHosts/default.nix +++ b/config/hosts/public-web-static/virtualHosts/default.nix @@ -15,6 +15,7 @@ ./hamburg.ccc.de.nix ./spaceapi.hamburg.ccc.de.nix ./staging.c3cat.de.nix + ./staging.c3dog.de.nix ./staging.cryptoparty-hamburg.de.nix ./staging.docs.c3voc.de.nix ./staging.hacker.tours.nix diff --git a/config/hosts/public-web-static/virtualHosts/staging.c3dog.de.nix b/config/hosts/public-web-static/virtualHosts/staging.c3dog.de.nix new file mode 100644 index 0000000..d69ad2b --- /dev/null +++ b/config/hosts/public-web-static/virtualHosts/staging.c3dog.de.nix @@ -0,0 +1,60 @@ +{ pkgs, ... }: + +let + domain = "staging.c3dog.de"; + dataDir = "/var/www/${domain}"; + deployUser = "c3dog-website-deploy"; +in { + services.nginx.virtualHosts = { + "acme-${domain}" = { + enableACME = true; + serverName = "${domain}"; + + listen = [ + { + addr = "0.0.0.0"; + port = 31820; + } + ]; + }; + + "${domain}" = { + forceSSL = true; + useACMEHost = "${domain}"; + + listen = [ + { + addr = "0.0.0.0"; + port = 8443; + ssl = true; + proxyProtocol = true; + } + ]; + + root = "${dataDir}"; + + # Disallow *, since this is staging and doesn't need to be in any search + # results. + locations."/robots.txt" = { + return = "200 \"User-agent: *\\nDisallow: *\\n\""; + }; + + extraConfig = '' + # Make use of the ngx_http_realip_module to set the $remote_addr and + # $remote_port to the client address and client port, when using proxy + # protocol. + # First set our proxy protocol proxy as trusted. + set_real_ip_from 172.31.17.140; + # Then tell the realip_module to get the addreses from the proxy protocol + # header. + real_ip_header proxy_protocol; + ''; + }; + }; + + systemd.tmpfiles.rules = [ + "d ${dataDir} 0755 ${deployUser} ${deployUser}" + ]; + + # c3dog deploy user already defined in c3dog.de.nix. +}