diff --git a/.gitignore b/.gitignore
index 424bd26..e69de29 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +0,0 @@
-.ansible/
diff --git a/.sops.yaml b/.sops.yaml
deleted file mode 100644
index d19954a..0000000
--- a/.sops.yaml
+++ /dev/null
@@ -1,226 +0,0 @@
-keys:
- - &admin_gpg_djerun EF643F59E008414882232C78FFA8331EEB7D6B70
- - &admin_gpg_stb F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
- - &admin_gpg_jtbx 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
- - &admin_gpg_yuri 87AB00D45D37C9E9167B5A5A333448678B60E505
- - &admin_gpg_june 057870A2C72CD82566A3EC983695F4FCBCAE4912
- - &admin_gpg_haegar F38C9D4228FC6F674E322D9C3326D914EB9B8F55
- - &admin_gpg_dario 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
- - &admin_gpg_echtnurich 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
- - &admin_gpg_max 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
- - &admin_gpg_c6ristian B71138A6A8964A3C3B8899857B4F70C356765BAB
- - &admin_gpg_lilly D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
- - &admin_gpg_langoor 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
-creation_rules:
- - path_regex: inventories/chaosknoten/host_vars/cloud.*
- key_groups:
- - pgp:
- - *admin_gpg_djerun
- - *admin_gpg_stb
- - *admin_gpg_jtbx
- - *admin_gpg_yuri
- - *admin_gpg_june
- - *admin_gpg_haegar
- - *admin_gpg_dario
- - *admin_gpg_echtnurich
- - *admin_gpg_max
- - *admin_gpg_c6ristian
- - *admin_gpg_lilly
- - *admin_gpg_langoor
- - path_regex: inventories/chaosknoten/host_vars/keycloak.*
- key_groups:
- - pgp:
- - *admin_gpg_djerun
- - *admin_gpg_stb
- - *admin_gpg_jtbx
- - *admin_gpg_yuri
- - *admin_gpg_june
- - *admin_gpg_haegar
- - *admin_gpg_dario
- - *admin_gpg_echtnurich
- - *admin_gpg_max
- - *admin_gpg_c6ristian
- - *admin_gpg_lilly
- - *admin_gpg_langoor
- - path_regex: inventories/chaosknoten/host_vars/grafana.*
- key_groups:
- - pgp:
- - *admin_gpg_djerun
- - *admin_gpg_stb
- - *admin_gpg_jtbx
- - *admin_gpg_yuri
- - *admin_gpg_june
- - *admin_gpg_haegar
- - *admin_gpg_dario
- - *admin_gpg_echtnurich
- - *admin_gpg_max
- - *admin_gpg_c6ristian
- - *admin_gpg_lilly
- - *admin_gpg_langoor
- - path_regex: inventories/chaosknoten/host_vars/pad.*
- key_groups:
- - pgp:
- - *admin_gpg_djerun
- - *admin_gpg_stb
- - *admin_gpg_jtbx
- - *admin_gpg_yuri
- - *admin_gpg_june
- - *admin_gpg_haegar
- - *admin_gpg_dario
- - *admin_gpg_echtnurich
- - *admin_gpg_max
- - *admin_gpg_c6ristian
- - *admin_gpg_lilly
- - *admin_gpg_langoor
- - path_regex: inventories/chaosknoten/host_vars/ccchoir.*
- key_groups:
- - pgp:
- - *admin_gpg_djerun
- - *admin_gpg_stb
- - *admin_gpg_jtbx
- - *admin_gpg_yuri
- - *admin_gpg_june
- - *admin_gpg_haegar
- - *admin_gpg_dario
- - *admin_gpg_echtnurich
- - *admin_gpg_max
- - *admin_gpg_c6ristian
- - *admin_gpg_lilly
- - *admin_gpg_langoor
- - path_regex: inventories/chaosknoten/host_vars/pretalx.*
- key_groups:
- - pgp:
- - *admin_gpg_djerun
- - *admin_gpg_stb
- - *admin_gpg_jtbx
- - *admin_gpg_yuri
- - *admin_gpg_june
- - *admin_gpg_haegar
- - *admin_gpg_dario
- - *admin_gpg_echtnurich
- - *admin_gpg_max
- - *admin_gpg_c6ristian
- - *admin_gpg_lilly
- - *admin_gpg_langoor
- - path_regex: inventories/chaosknoten/host_vars/netbox.*
- key_groups:
- - pgp:
- - *admin_gpg_djerun
- - *admin_gpg_stb
- - *admin_gpg_jtbx
- - *admin_gpg_yuri
- - *admin_gpg_june
- - *admin_gpg_haegar
- - *admin_gpg_dario
- - *admin_gpg_echtnurich
- - *admin_gpg_max
- - *admin_gpg_c6ristian
- - *admin_gpg_lilly
- - *admin_gpg_langoor
- - path_regex: inventories/chaosknoten/host_vars/tickets.*
- key_groups:
- - pgp:
- - *admin_gpg_djerun
- - *admin_gpg_stb
- - *admin_gpg_jtbx
- - *admin_gpg_yuri
- - *admin_gpg_june
- - *admin_gpg_haegar
- - *admin_gpg_dario
- - *admin_gpg_echtnurich
- - *admin_gpg_max
- - *admin_gpg_c6ristian
- - *admin_gpg_lilly
- - *admin_gpg_langoor
- - path_regex: inventories/chaosknoten/host_vars/onlyoffice.*
- key_groups:
- - pgp:
- - *admin_gpg_djerun
- - *admin_gpg_stb
- - *admin_gpg_jtbx
- - *admin_gpg_yuri
- - *admin_gpg_june
- - *admin_gpg_haegar
- - *admin_gpg_dario
- - *admin_gpg_echtnurich
- - *admin_gpg_max
- - *admin_gpg_c6ristian
- - *admin_gpg_lilly
- - *admin_gpg_langoor
- - path_regex: inventories/chaosknoten/host_vars/zammad.*
- key_groups:
- - pgp:
- - *admin_gpg_djerun
- - *admin_gpg_stb
- - *admin_gpg_jtbx
- - *admin_gpg_yuri
- - *admin_gpg_june
- - *admin_gpg_haegar
- - *admin_gpg_dario
- - *admin_gpg_echtnurich
- - *admin_gpg_max
- - *admin_gpg_c6ristian
- - *admin_gpg_lilly
- - *admin_gpg_langoor
- - path_regex: inventories/chaosknoten/host_vars/ntfy.*
- key_groups:
- - pgp:
- - *admin_gpg_djerun
- - *admin_gpg_stb
- - *admin_gpg_jtbx
- - *admin_gpg_yuri
- - *admin_gpg_june
- - *admin_gpg_haegar
- - *admin_gpg_dario
- - *admin_gpg_echtnurich
- - *admin_gpg_max
- - *admin_gpg_c6ristian
- - *admin_gpg_lilly
- - *admin_gpg_langoor
- - path_regex: inventories/z9/host_vars/dooris.*
- key_groups:
- - pgp:
- - *admin_gpg_djerun
- - *admin_gpg_stb
- - *admin_gpg_jtbx
- - *admin_gpg_yuri
- - *admin_gpg_june
- - *admin_gpg_haegar
- - *admin_gpg_dario
- - *admin_gpg_echtnurich
- - *admin_gpg_max
- - *admin_gpg_c6ristian
- - *admin_gpg_lilly
- - *admin_gpg_langoor
- - path_regex: inventories/z9/host_vars/yate.*
- key_groups:
- - pgp:
- - *admin_gpg_djerun
- - *admin_gpg_stb
- - *admin_gpg_jtbx
- - *admin_gpg_yuri
- - *admin_gpg_june
- - *admin_gpg_haegar
- - *admin_gpg_dario
- - *admin_gpg_echtnurich
- - *admin_gpg_max
- - *admin_gpg_c6ristian
- - *admin_gpg_lilly
- - *admin_gpg_langoor
- - key_groups:
- - pgp:
- - *admin_gpg_djerun
- - *admin_gpg_stb
- - *admin_gpg_jtbx
- - *admin_gpg_yuri
- - *admin_gpg_june
- - *admin_gpg_haegar
- - *admin_gpg_dario
- - *admin_gpg_echtnurich
- - *admin_gpg_max
- - *admin_gpg_c6ristian
- - *admin_gpg_lilly
- - *admin_gpg_langoor
-stores:
- yaml:
- indent: 2
diff --git a/README.md b/README.md
index 5a3d90c..6906a7f 100644
--- a/README.md
+++ b/README.md
@@ -17,15 +17,10 @@ ansible-galaxy install -r requirements.yml
## Secrets
-Generally try to avoid secrets (e.g. use SSH keys instead of passwords).
+Grundsätzlich sollten Secrets vermieden werden. (Also z.B.: Nutze SSH Keys statt Passwort.)
-Because secrets are nonetheless needed sometimes, we use [SOPS](https://github.com/getsops/sops) to securely store secrets in this repository.
-SOPS encrypts secrets according to "creation rules" which are defined in the `.sops.yaml`.
-Generally all secrets get encrypted for all GPG-keys of all members of the infrastructure team.
-Ansible then has access to the secrets with the help of the [`community.sops.sops` vars plugin](https://docs.ansible.com/ansible/latest/collections/community/sops/docsite/guide.html#working-with-encrypted-variables), which is configured in this repository.
-A local Ansible run then uses the locally available GPG-key to decrypt the secrets.
-
-For a tutorial on how to set up secrets using SOPS for a new host, see [Setting Up Secrets Using SOPS for a New Host](./docs/setting_up_secrets_using_sops_for_a_new_host.md).
+Da Secrets aber durchaus doch gebraucht werden, werden diese dann in diesem Repo direkt aus dem [password-store](https://git.hamburg.ccc.de/CCCHH/password-store) (meist aus einem Sub-Eintrag des `noc/` Ordners) geladen.
+Dies geschieht mit Hilfe des `community.general.passwordstore` lookup Plugins.
## Playbook nur für einzelne Hosts ausführen
diff --git a/ansible.cfg b/ansible.cfg
index 654da28..ca06548 100644
--- a/ansible.cfg
+++ b/ansible.cfg
@@ -1,4 +1,6 @@
[defaults]
inventory = ./inventories/z9/hosts.yaml
pipelining = True
-vars_plugins_enabled = host_group_vars,community.sops.sops
+
+[passwordstore_lookup]
+backend = pass
diff --git a/collections/requirements.yaml b/collections/requirements.yaml
index cec061f..a24c121 100644
--- a/collections/requirements.yaml
+++ b/collections/requirements.yaml
@@ -1,4 +1,3 @@
---
collections:
- community.general
- - grafana.grafana.alloy
diff --git a/docs/setting_up_secrets_using_sops_for_a_new_host.md b/docs/setting_up_secrets_using_sops_for_a_new_host.md
deleted file mode 100644
index c88315f..0000000
--- a/docs/setting_up_secrets_using_sops_for_a_new_host.md
+++ /dev/null
@@ -1,20 +0,0 @@
-# Setting Up Secrets Using SOPS for a New Host
-
-Because we're using the `community.sops.sops` vars plugin, the SOPS-encrypted secrets get stored in the inventory.
-
-1. Add a new creation rule for the hosts `host_vars` file in the sops config at `.sops.yaml`.
- It should probably hold all admin keys.
- You can use existing creation rules as a reference.
-2. Create a SOPS secrets file in the `host_vars` subdirectory of the relevant inventory.
- The name of the file should be in the format `[HOSTNAME].sops.yaml` to get picked up by the vars plugin and to match the previously created creation rule.
- This can be accomplished with a command similar to this:
- ```
- sops inventories/[chaosknoten|z9]/host_vars/[HOSTNAME].secrets.yaml
- ```
-3. With the editor now open, add the secrets you want to store.
- Because we're using the `community.sops.sops` vars plugin, the stored secrets will be exposed as Ansible variables.
- Also note that SOPS only encrypts the values, not the keys.
- When now creating entries, try to adhere to the following variable naming convention:
- - Prefix variable names with `secret__`, if they are intended to be used in a template file or similar. (e.g. `secret__netbox_secret_key: secret_value`)
- - Otherwise, if the variable is directly consumed by a role or similar, directly set the variable. (e.g. `netbox__db_password: secret_value`)
-4. Now that the secrets are stored, they are exposed as variables and can simply be used like any other variable.
diff --git a/inventories/chaosknoten/host_vars/ccchoir.sops.yaml b/inventories/chaosknoten/host_vars/ccchoir.sops.yaml
deleted file mode 100644
index be571a4..0000000
--- a/inventories/chaosknoten/host_vars/ccchoir.sops.yaml
+++ /dev/null
@@ -1,221 +0,0 @@
-secret__mariadb_root_password: ENC[AES256_GCM,data:bevk9PiMUAP0YBYqpVw9PLEz9ITKVRQ44Q==,iv:Qjr3pOWzcDWUpJAakrn31OCcvcaciJLgS1Zp+YZPWPA=,tag:DB1l6lsy+aHa+U+QLAM3tg==,type:str]
-secret__wordpress_db_password: ENC[AES256_GCM,data:QsvJ6NH4ySsfSsP3pWEx04vxjIph1Wk/jA==,iv:AnocV/jXawXPxQ0dLSw05b38ULQuU/RN2G21/1GpTmo=,tag:QlSCnuaQxCmJ3XO5jjX0zA==,type:str]
-sops:
- lastmodified: "2025-05-04T14:15:03Z"
- mac: ENC[AES256_GCM,data:Za+XnpDu+WTMEUgZ3jnG9/4FOd/emfdiaLSGX+hfkuBSurlqFzVHpXqs4kyl96goOASevkiqCSXwk+DGGNTvSRDCoAH2jMfwUHh5mGHFwXKZFjraVnLidxyOkEg+YJ+tzJ9EHJ7MpQLYlHgGi8Xrc27n3+gpjni6+VhVYiLj4eQ=,iv:fQuTnJbsyNyphHZF6T9UF62jtA2wDrOxlPzW6XwsdNk=,tag:T8P100qKnYhNqr7oJaY6yQ==,type:str]
- pgp:
- - created_at: "2025-07-20T18:28:03Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAxK/JaB2/SdtAQ//W+DGA83YWISVMvmWTFLul74Enc5+o9It2JqVRBB0sRyv
- VJAF65zi5AQ6k3SIyZYNf1Dy8eR3C6PBskw7juPrMuLKXA4NVWu9mLl34gB53zoL
- 9WnCoGLiF+1DhnkH2/YD8FoUytJn+7BhD6uthhWbYqeeOo6GDO0bKGuE0PIR4KSw
- pHyP7+9B06IlNdWvU/2AqnaTyakFa0yHuNKVmtJ4qd7FfcXiJejuhedNaXLaPRg8
- Z+dY6nt4F6rG4y9shUcTCR1rGDxgqB7aaZjm0vy5mCsefSisw/ptnASKqaz6ZXyJ
- QQtI42wmzgw5zC6vXt+zixtEdyB/MmBaWbJkLsRIpu1frswI4inHy5GW/wJTyG7Z
- C82Xih2R0kMbNV45lMrvDz+hBt1R7YBe2J30TavXBOEvXO5VfhOtFZDhYA0wdw0+
- ykUWVvT6Wpai17m9CbVgjwK+RIDLAuRDQhX4+SDKPLoLycpswAUteYDovk3x5zjc
- GdbyDo3iKfqpzO+sa8LpHQeL93A3TdYsq111Dbq/itM3EluTcMKE84A2J5zBOJ9p
- nduMtPeS1Yqz/G66TF5BivI09duP2ayf49DsF/zrF0m9bWsvWPfWM2Rvrf5c7D6K
- zldVilFNM8YAJOmbXJjW1kXzqgs7SjrQblp3fhxYgHx5w89K/VcyoC1sBo3XvwXS
- XgFpgPJrG7xHbVwB8bJrG8cPsI74/FxZBtj/P64/Pjj8rT0hXYnzI56W371ihHJ/
- Mnp8hTjGZrbzun/daNr7ejkxdD+1qBRqqT/WNzv/XcTDdUlYdok5qVkeBtE/S9M=
- =aVMO
- -----END PGP MESSAGE-----
- fp: EF643F59E008414882232C78FFA8331EEB7D6B70
- - created_at: "2025-07-20T18:28:03Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA6EyPtWBEI+2ARAAhhWtMl0Qhvctd2RjezkWE7albF7svgAJUoA4QFgPtjqy
- IYhM/GDo1pL9gSydk1axJQPGsn2Z88QgYBuhkZBgLA9SiREgUwPKCsKvZ70bxzRS
- hSLS7rykOmPFIobY3JjKnYCNFx1/6U/R6XdgzuHhr8Um8Cf5WWyYHmB5EuMm8Djv
- AZJqChoE7KAFycuGWJGZxN039/rMzxdjPnaFlOmTpOPiyofICWLjA/6Y15EcxuJJ
- ESsUEs1JXIdTGVZWC8UqGf75b0fQ2jxki1duil2nhr7N2mNYyrns/VGbfCq0113M
- 5X1e2iNq8lyjBfErdq90cG/QqGXe4sxtUwnRDIKaWbr0RhY9mBBjBLvOjDQ3d8Yo
- PqyznHESPESwatIfFSt5qYQQN5MVwmbQ82OSDdkX0b59ouSq1cigWvCoPQ7x5sIa
- UJc6ehFljDoYGx9mXzLv803Li9kToHH3lWXCmaDII+huvWFqrR07pD2gC0cEKSZt
- ttBjJuWyfqHdWPaqEyJ6EZF6Bpf3Zsm+UDDb1S7aA4cjSIPOlqt0RoiMv1QSlnJP
- JMg0QkEEWx9HHzcIPQbtCDyk3NxO1hPGlVLUSLYruTjB826LhxDDCfbfmBAdNsXo
- +Qod3e1StlGGubpWbtP6PIcYKBs/XDvtPsxjiazkUalc8SbBUPipHuwohCuiAFXS
- XgEZrSWbUdOCTQK2UoU57uTDjQKNytVbuxlTGNZ3Tn02Rkdutj4Qh/cK5vJlJ1pc
- ckfsnDLIpRM03i82WMilXeWg/dhVzJgbn+WvUElC5kmWAHGgZhk96LO1ImQyS80=
- =FJKu
- -----END PGP MESSAGE-----
- fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
- - created_at: "2025-07-20T18:28:03Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAz5uSgHG2iMJAQ/+JHFiiwiZeW2wfe+6d7jDKtVyAoJiHB3FN2X8q6S1fsgj
- 17EzxQjyVTojsPSTe5Zap0sqc/h4O38jhpUpW5aS/c38KLscv366y3Au+hWHGodm
- 6OMlQBFKAB0x6uC7RqDnDKrT3p5mk/gKGIMZ2s6R2vayo/rZeHF52kQovkSDe/wE
- 6BtscMXYioarFwGb2dq9x2w6sdfQO8MPaDV+jhBOrLZWGXAB0g9H+f3Eh2fonfg5
- 3sHQRSoeYvVMSOFlLectJwP4iLQmgfEqBO35d/+ixD7M1gVt6PqOa4zt8NQPmEHB
- 5OfSrmeeakoXPyfClcfqpXuJP8jwzEtTmqEOySVwOKa4RboheyNG8ZTAU5gUcCgk
- 0iC4foeLdYXzghtHLsB0dt1XBBtpPMTwRUjmK9zj7J9aE4mPV+2ya70czvjgPQv7
- cGM3oGS4g9jpn/HHBmGrQltAyLITbwnr+Oa2fjjSNxLN5aYoDDHO1nS/AaogFSQz
- 0dV44+qaBLpqPZebTKVe9xi2ifttgUzBMBwVwnj+byctdKTzwHDoO1csLnJvcRvu
- ESbJURybe2vWuLIfydE9fjpv54mpDNbbQPFFsklX5qmlC8u4GELCO2/ckrR43a/R
- b4yxxxZbMCjS+Pgmr5/SVDrgp+8JP4wv6lA74hNuLf+UY4Q7m59sROQyMTNdWuPS
- XgHt1PC5OPzV0DZgJOsFgRUhW+W4On76XR8M9/fxmuV4ixGlcpci0xxrn45cc2br
- DbRloABWVghOplhH1cw4MnlJ6CJOjvNhaHPSsAkyVezBtSjq8PhOeiUA/mzN2Ok=
- =ZLtE
- -----END PGP MESSAGE-----
- fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
- - created_at: "2025-07-20T18:28:03Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAw5vwmoEJHQ1AQ/9FqwSd/IuaNnWlVL0MgM1edU/tXNo6IrvCpeNLCJOaS+7
- RvQIOsKUX7eaTCG6wUxvXPuzCgQ8bu8kpJ5fl2ntiOerj8GiAqfPWMc7zoNP2w3y
- yWJ8yslGjqSw9rNjdsk5b88k16ohLdElS9A/fFrKwtB94gpLHbLXa98Nt+IB0O5L
- Hmad8fbhCdICxEz0KQVIgC1WHBUyJ9BGoKJpwfjlx7aKBHXGkDweutZCuF9ZGYks
- PmS/6EVY/ubXB3Qd5KpFPg9k7RQh8QraZZnASJIRJTZJxoiiB9gf86pXP26RUnhS
- 2vthDrVtABarp/cfS8lEA05SX9nNnKJ/qMU7l+kBaV9oiU4dfSNWG3SwSEyb9CzD
- 2QGUnOS8Os5HMd/RIH9ZFFdoLYYntAtiKiJCx8yrC0c88OnU2A4BsGZ/oeLmwWJI
- KqPdH/6/NHSGvUUHENFEI+cNiEPdDUvH/Ak3/wE6BMe7z5/TXPyYz6QpiBr+npQm
- rfufJBn/hxjAIC5Hd04JViGjp8cV966iGg9AhckYN8pwCHkd4kdqrFCdm3NmKgZ8
- /fmPYyozeLyzp7ZjerExL+BMc+hNAlMhis4v7NH3WWA8t0yvZ1VTGfBObsYHyV/e
- 9QyYbWI4tqOMfhLOyv4KPDdL2X99gsL/OsT8u5cTVK1/20asm9XxuWDzVum+a1bS
- XgEIa9iie/rP1dAILcMQQesATCBdxWTjyCADTIYhliK7WX/aQUuKil8RyLLJnznh
- kfFiCI+FNRlAGGYLztzSsDgpkbe11g/zczDaS3m0+7Jxw1JWZtp/gQW96qO9XnA=
- =yGeq
- -----END PGP MESSAGE-----
- fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
- - created_at: "2025-07-20T18:28:03Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DerEtaFuTeewSAQdAhYuNoHxnDoR3vYcXNS2t0aWAKFatN7yeBNugZ7rfqiYw
- i/XO28FpFbyjlt53vshZwUrdz9qsG6mVdQ57D3aXXtEMP1yxH3FwmKmsQHQGM7VQ
- 0l4BT4uruLjE3clae+RU0cHcukKSuR4hEOqdUPcQDOWSV8tnboxtjsV34tkRbIZc
- VJvLT8fM0tUWtzt0n7Paz9OHelKUtQ7eKlz2sWO+I49qCsZaE7dJ8WNRWonFu1ip
- =w/sh
- -----END PGP MESSAGE-----
- fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912
- - created_at: "2025-07-20T18:28:03Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAxjNhCKPP69fAQ/+NGGeGx82rYFDpMgxOWJpenco6LVzC6gjeHwThOynt6se
- 8AKQ38a4YhjUrAUudMr4kCVYRGqSEmWdHJPRG6pxET3sUNqNMLyvlBifxD/4VAi6
- o8oNEaiVHMLBEK+zuIJ8l57RdFc/CKmBCGX6PC017ndshU9lAsVbZQt9xk4PkR+C
- hBIKmRpZWe8CJBnTzZvG/PCHUU+fXDzUy89f0SOgUdtoNBUSHQcg0FrPvzh0BqNk
- zkenQ4EgvkZ8eF0qXlGTmwZNfwD6KBB4qaHBNAZYUGU1CvtJ7FtrlmtpLmowF4l/
- cE0K6HwbG4CADh9iBblSqMzpE8Iuk9kEn3IH/9E5Uggb1qtjmqtkQpCjl8M5LTHl
- eoz2bvY0bAcQ6GZx3Nak5nosGYL2JHRQdewZd9lcnXoNzOCpV2ZwHiSjG7WVBKtV
- iHcsPLOH7NNkLAtF56WyV9Z8n/mI4rISYRs142uezAz41cJEO73xzjUiAu1tjVZd
- iNvplAqT01PPGLOI6ZqwT0cZQZkjl9qX1cMv1bSjBC01Y8t8iBwTxOFzv0gGLqw4
- NjQjpPjWKSSAejYIdy5jY3XhQVkl3miPcC93MtOLR9GE6gwoAQCrJ0WqEh2pjt85
- nFl8OYfA7UeFfO/C2XIeW7d/wU5Ec24gm4APqzw6rsAMLf91O71uJnrJ3uWkrmjS
- XgGL7lFqTqFDpCASmTzNBspf9a3e/1kk+87DOzQG9YO4TsetYMWqJhsAzKRgg3U0
- nVR3y2D48Y5ypVvbsQbFdz8ZI8H/1aQK62+YBjRGB2EOqHkK3+Uig8T0IyaVAow=
- =4H45
- -----END PGP MESSAGE-----
- fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
- - created_at: "2025-07-20T18:28:03Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA1Hthzn+T1OoAQ//W8i1bv4vXKxoegHrLH/HxHyDm7SJ2QNzcnTyNBMo3Z+u
- sTce3jIwFvi6I4HCnHtGMf7bp7U4ORYN8yxeuLbvjTGD2v1Dmda2A1NPdRnjoy6Y
- tLsjsz/FbT/3zea/OkdwZgeNTN4p+AQD9nd5oyAhN6XXcFmZwJ1IQegQtDADFDwY
- zOSN9nH6cR1MWjy1ptZFYugAA3U/1WtFNq57G34+jMtszT2FUDHhDZz91PrkezlH
- ZL4cPLejiaOS8Vm97D7kDsxo2yDTCtoypcaS330ANq1l03yrjjPjSoW9j+Hvhpzk
- 6I86vU+AVNBLtvPSYybo58En1HvI+7TlAz6Gq+UMup2wWE1kkEDAVwmzd6kyyq/z
- Kr8Pd/iCHs0hoc1kx7xCXQ76qJFoSAHE+eqkmGJLxUolZ1XmsbZeYBcKSwslbMKB
- 8JHEnFjQtGbaXVf0RGjh7z4fzhYvehcN2NHBVt2/VG16xrjeUv/3xifvbnWrAa9L
- xTIn126kWvX6mQjyEVRkZO5Ud/jVMcsW7sko2I74zhEtz27BBE/3Ms5WK7ZTVKiI
- cWMnVn+NOB7sY9xn02fqe0oLXdBW0cnMjCLyWpdclq3odNJw5eKbaCUYm+Z7WG8p
- DQOcPQ6ejXk7EW22VNFhedmUYJWMpDZImkbUOAo8XAN5KAVLy9D+Zu63eY5QjtzS
- XgFBG6m9scVN7SYPyWxGZ8M7qKNqCezXmOSOWJpsYex4nFSIuIDr7LSw3bs0tp64
- q6qvOlISvBPjoAmv4638iG5F3zronJde01ZmcYx2l9kYSRcxdr9fyUNaeWsz1aE=
- =MW8k
- -----END PGP MESSAGE-----
- fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
- - created_at: "2025-07-20T18:28:03Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA46L6MuPqfJqAQ/+M5ftMfxnz01rDri5YMAKBpUAgUHBdnWrjaVWqGIS7aZh
- UXXqlCVRXzNfIt37Z23LiyINJGZ1y/6ES+4n0RYAli2XJWlR5vMzbN2Obh743IoZ
- 9bApYKGXf0pnRdC2kNGFK+PC89aWHWpjVSsahBhVcYbi9G8WYFlYw/ZVrlh636OH
- vahqWefuJStCKL6DA3sAYJzzDck8F06o1pEzmvTkGmAlJfZZ/Otam9BSQFmcegl8
- tIqwi+EVuu35/yo0QqSMCA/QmvEGKi7rsk2OJMllyEHCe8Rtu9JHsUsnzDXCCPeV
- UT7s8jMM0rduuEoIhgDkiEHNgbIbQ6f3/gdf4f7s0aC7NnoUHoVI3pKSbZeQhGzo
- /pOSFsaqxlclxwu8uxIcyF/ReFf7u+sAM0AUVWdBKi0l9zeucJf7TmokY8oh3K1J
- XX7XIuyMwvo/hrA23GTrYVk3ulzedawOlDh3ZvtNfiJH42IsNcsOMRwFDjwH8xSI
- dYEcVrH/jhL1/a9AzY8lu3VCml/Xhs6Hwqr5urYcBNBC3PoufPoi6c79xO9lcxxl
- iIWPEdANLdZO+lCKl0aR/mMZOojInBKplGFvqaedFYDoHr1ng2yYBeeGAbHiGf7/
- qLervOigfGCWjc2sgyrTT1jcvcA0AuuNPiBnZmfEsiOgyiG5CWMK0y7F1Cm2cRTS
- XgGHEBJNMoj7IbxHk3Gc++GDAschbcwsBUNbyUjhQ7THx5OmpyaMl+rUZZNEhURk
- g3YvkqQvpP6Op8D5R1u7OHLR3/Y1T7eg+gSj+jrwAx+uj2P8PXfpuceTjPqTgQU=
- =nBBt
- -----END PGP MESSAGE-----
- fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
- - created_at: "2025-07-20T18:28:03Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA4EEKdYEzV0pARAAqlrh/OWyGSIJmcsjLgeF0mN0EcHYW/Tp/XWu9dtTB35i
- ecGcS7n3UtDrOFTH0a2OufYPCf1gxsZN1XSFnwG6B2P3WCX/FDLyxk54d9ULUb5a
- c2knQSY4mgsr9p7xIMm5q49TqWYZiJG7WnADyjkhWLb2nHiifGZ/eKS58v8Ekhik
- rNWh+Lu6gAHh77SNMxrjKT59rQ7XZPJh47pRBdxwAUnpyvBD5QgcQVuUA6w2ohGA
- hgNU6ep9Q7ZxJuG+EBzmn/5cJCGvdP75vxcLXB8H/qlUHew9339UY1qXFg2cEnXE
- 4M5uQ4bUzJqQ41LrbjD4fk4hgiANVVd8rypprmHBB9ztjH/ap74guHJRnd/qs0CM
- c/Pi7s61JEZrgRzv3zOBjuQ3CSr4w+8wdF/POknoRQWuwf9nC8gyiY6L8ROESHjH
- v79tLHXTfPn7HZZ8Bl6YjTp01gaNGJ19lNj22X3G2G0J8tlzTCPBkgKuxi7E7JaD
- rWFF6k/sclN1+pGPn8dfVeMAXfUdPorXZbn+fUU0o1mw2XkE9zsa9Tv6FHMkNS3j
- +t1naeJ+NHcKF+aiFNkNo1ZfTgeni5iIxvZ7MmlS3ujj4EKZsQtXJBQthPaW9waO
- 0H3aI/GttEA6pwgnuvPucfbabjuMNFJtIjeRwnyWzJHRSScE1/MkNZk/J/VUph3S
- XgFwtKchdOvNI0UzFDrRF0QBaEkJynjtUtZzsAhYjNHjBiqtoFO9ud++OqzIBR96
- lZn+sq9rTxIl3yxazoid+Ls7A/4eP6YyA4ZX72apW4/cJOSDYJ2Z2Qb+YtmWX74=
- =8lTB
- -----END PGP MESSAGE-----
- fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
- - created_at: "2025-07-20T18:28:03Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DQrf1tCqiJxoSAQdAL7jChaBJQI2tZj4oNVqZkqNh/CwrURAsgkodnDRRM0Uw
- YJbD170ufhkPt7g7Fk9kym94HZHxKsMyTIBLhbOWz5rQr2ZXbSmBOuUdOG2mwqhw
- 0l4BZmmNp2oSl2P0/ROLw/vONilGvz/2jMQyCFDXN9IJDya8yZiXTrnEmK2vSM0/
- DYtdYUg1A1wCq/n7bJJCUDWPYSnymP8b5dafTwqWjGwbA+lveg9MDNSRUI9QbG6d
- =pja7
- -----END PGP MESSAGE-----
- fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
- - created_at: "2025-07-20T18:28:03Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DzAGzViGx4qcSAQdAS6WN1p3uJaTwEDUFyHIvXIOhVzrS01NBXZAARIT/URMw
- 9co0e4F2EliREPIOPlrdTkIutWzk4Hthmu0NtDk58oAkpJOFCayTcQJGDuIDLvZs
- 0lgBruPX+8fTD83IUDCmABmrKpQW80TgpWd6HhSRVq595mobaJ4S+TY39zUvr509
- Zrmg6DmlUrEr/FYdff3gj94Rm6wDyBkI0fm/GLXL23Il7uKVrC5WQsNZ
- =vzES
- -----END PGP MESSAGE-----
- fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
- - created_at: "2025-07-20T18:28:03Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA2pVdGTIrZI+AQ//Y4Fc0reFodqz/P5dKD2RsHsKu1kC3Q0KVdGxzAe9AG6M
- c26glnYir256VUOonlP5q9gsIvAc+RDNMoFF0WwKO1HGLPmeiB5gK8DTm2U2Hz9/
- g4xG86+5BCyR0eFkx/sEqlVnhRsnfSkPqq6L+/mJir0DQ15W8SR7fbvn7XsXKQC+
- jKI/spzZ0CvkLtbqvqMBp00ZTQ+yU1f93hTbvipLPLLR1fBSOnJpe+f832xAwH6U
- W0eLvxzdvdSyALDVT+1xPNH0/Ew/j5E/U6s5k44IQXl2EKQXdwBiSWk8m8Ii6Gj3
- 0XqJj8qiJlajl16auYOdXa6jNzZac7+JAgthc4obznNQsrD8j0XSolzYybPd+4EV
- LCW19LF49hqEOsPi3UsigDjcpaiTxx+VdLVwsboquEwwfN+9PFl/iHG5tJRRZjNh
- 4q/im5owY8br5Ef6HtU1dWDB/PNHP4lKzWuyGXS4E4YcdenU6cx3HmwKHTTdNlpx
- TuH3EYVHTCmTOsJ+5wXSiZa9lTsWXX+kAbxFoIFkWaoi+dtg1NNKzmkfwARPVbi2
- pu4s5rJEGHwta43Ao0gUMUEGyqTItZ0V6gyFn5Ey7ivzvtM0RDjzigsPhbFzCQWX
- kUbefqCxu9iQR1LFBxWdM4iPC0xPN2oK4hnRFa3rzyLxybyrhlre/tsMIsS+4lzS
- XgGYpNwV4QTYw+YOcxHszqg5OngM/aB8aZIOELsO2HkzRJh49a3Uv75TClv/a7GC
- DVVqRbIs7ACxDw+SBp97Rbl2J9k6UAdGJOQ9e3cgxr7JxacCfd3KAJAukco8sQc=
- =aWRa
- -----END PGP MESSAGE-----
- fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
- unencrypted_suffix: _unencrypted
- version: 3.9.4
diff --git a/inventories/chaosknoten/host_vars/chaosknoten.yaml b/inventories/chaosknoten/host_vars/chaosknoten.yaml
deleted file mode 100644
index 1c8fa93..0000000
--- a/inventories/chaosknoten/host_vars/chaosknoten.yaml
+++ /dev/null
@@ -1,6 +0,0 @@
-# Used in deploy_hypervisor playbook.
-hypervisor__template_vm_config:
- - name: STORAGE
- value: nvme0
- - name: BRIDGE
- value: vmbr4
diff --git a/inventories/chaosknoten/host_vars/cloud.sops.yaml b/inventories/chaosknoten/host_vars/cloud.sops.yaml
deleted file mode 100644
index 3c53a9b..0000000
--- a/inventories/chaosknoten/host_vars/cloud.sops.yaml
+++ /dev/null
@@ -1,222 +0,0 @@
-nextcloud__admin_password: ENC[AES256_GCM,data:R+6uuaDeQWSgtV1Cp7YWZvF8LYOIhoz1K7WVKerm67NLbLRpD9191DyQH13v7ZQPvIce3JzyrWqoyQigJQIQqA==,iv:chVGvTY1Ge4OwrVbFkU5IMd0aac5HqslddQEdY8F4Es=,tag:slmFXStGVf6eJdPFplqKjg==,type:str]
-nextcloud__postgres_password: ENC[AES256_GCM,data:GIWhmhiDkOC6mQAqNe8aKQ2TpTTYQJ44jn+P1hnpAxstAWLUTJZdxE2DHdjhZ9tV6kyTb/GXANn1UtgFzxczbw==,iv:lhJAZF4mJ09jVa5DxtVTfMe5FqfjpQojrI15kYuXI6o=,tag:LvzpBXbBQtNvEnCDNphUqA==,type:str]
-secret__nextcloud_smtp_password: ENC[AES256_GCM,data:9UI+hMDQqM6Ui02fpdscXj5Q+XfN3t/g1MUX4blqd/egoLBtq8R6YpdK8wf6heqXUck6VVDgDLFnpfQzy0cqzg==,iv:dkTN/pj0YhLqEw6Sp252bKmnA1RaF9wfoDE7naGN8Ao=,tag:1Bg/ZoCITh7S9Ps617DKTg==,type:str]
-sops:
- lastmodified: "2025-05-04T14:15:59Z"
- mac: ENC[AES256_GCM,data:iJcBQZ2Mpa83/bR1BcTPh5PGrsjtyQjtAwr0y/bjOXrpMjoCiE8nHl2vdfZIxGYU+v40nkgYhXS6wCIlBZgO/QgvXwVT3Qm42i4GSx93N+jV8j+iB0a1kPJ/yHAPHD0zvWF6qlNSAeFWPbifLMXHLjijZDud5LxdW2KfJ00JCuA=,iv:BTUVSDYfKJI18GZhiUC/pJ+Gbuzfk3GrJadlOapw5qk=,tag:f15zFqye7O+L1lTp0Z/8jg==,type:str]
- pgp:
- - created_at: "2025-07-20T18:28:05Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAxK/JaB2/SdtAQ//W/vD5coVwidijwr0/l91HBYRjtbUX+D81pJ3pOa56weA
- 0/breqUaSOUtClLfTN1wIrYHDVmLHuTOYqn3z05k0jyGjEbP9tI1Iej7Jfxn+aWh
- 4DgDl84KO6Lpe1kV4y+bxzt9OSi95h1vSEjoV+xbQiDOhV1ZKCCiezdrTTGry1Wf
- fMpNrkQpb7um3FYopMFhHKew3WSugDuSKU7T3JlL8kMDwoeOI9GyfEXjpBY7oyKL
- Zs0qFqaO9PZG/c91O0lUgTfMSgiwhIgUPQEAD5P0FhyRCmm613kayGHM0QuYXjsD
- 2NmU2WapWrrirjzUTzlXFwj1VOA5WjlqVNaHKrFqtvUDvhTP52OwgEKD1P1UkCh3
- BChOr4T/CoXS0AcBlQGYuBlaY55XnFAcC4T3WYkcDWM7AZ/HxPFarCgpYsXGSPsg
- WlPFccAsQ8XA/BvhuAwCvL/aipmM3h0WcBXh82rjkzIPdDcxlrECn3zRABbSuVSc
- ULEFdzOXV9pd5LGySkbF5DcNw00+bX2g2/sgRB/ly0iQIqVta4oNOBRs6REV/e+D
- IeEmP+E6YMc7NKz7mCSbK0p7RBtcePCXZ9uwIql/sMz+K61kxvwDXpqHQ8A5EUQu
- EGNIhgVfSbBIkqR31x0cW4/c8NKiElUx8NRmcn5lYxdy33jl+H5jK0Ttb2pr7cXS
- XAGJ250qZzyDFe7LmSoORJ1zoLUUIwPvWy02mcRhIlHik/FJ8/dawL3HFbdEzMOe
- /Og1ON2961e+m5AD+sFUXV+MDHe9s+eQDzQSIGbJhzGVvo2hfMn5mKFdtUCz
- =t2Ii
- -----END PGP MESSAGE-----
- fp: EF643F59E008414882232C78FFA8331EEB7D6B70
- - created_at: "2025-07-20T18:28:05Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA6EyPtWBEI+2ARAAoJJ7x/CsgQ9AU2sI3pCuKW9wUm4+EDDqiT9CG5WtJA7k
- lj6oqEXmSe7QY7AxniKZLEsePMWSBBDYNcieUQaf0eZpuxwytDgav9LqzkwhZUGc
- qhJV5Wvf+MdFCNmPa3TUuV59N1d1jXZPvWLgknOBM7lZexvqc5Lr+pd0c0qWrh4h
- WDx+oS6yFW3qFvH+98iDxzJ2y+xvjBDvXGSqiZEgcJMyFllmpB45EcUIi7E2gs6r
- vAeNsWEEYfO7Yt/brphNq8Ns2okvD78oZbh9dNagy1oT3huWbaN7LcJPoPJ8qL8w
- tWAymwE7xkOTWW0gY0+MQJC1NNnDmIGOCxNGuFUpku4xLjOXMUEoBHdvGKqM2b5V
- Yj95fnz8bf2FvH44Z+7PYBUOICHZBTC7EzExfSY7fEu7SnxYIjxMW2ufE6xo3upv
- RFSALpv7Cg7G+PBjLyh5l/xHmXhObdbHbFC7EJXrfVYvfj1F96n/+DWbuXvCOm6s
- C3Cf+296tEfO9Jsh244XP7cN4z5CvJ0N5movSXZ7oEZ2YJL/P/ieJ1f32QrmyrbI
- CUuPlcCycE4CWWV7yvsmyf98RQVYXMXL73MBw0EJSWRATlC4/bcGIrVnbuni/oJ1
- 8YNlqOejqzAzMMZ5f1DEstXb7wP3bXCao2r8uWyPLwsnJTeDKgtkw85wueIKp2zS
- XAGl6tLDdlOVzbhKFL+E+1VG6GYOdBNPFYQ4yqaiOzm5zPmnyOd+FLKzq7jvXZ9B
- ke67IgBNK5xNpAOnHauSawozf5VewJSLM9SyV9Geohz9W2ihSiS/vnSjQk65
- =A1pm
- -----END PGP MESSAGE-----
- fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
- - created_at: "2025-07-20T18:28:05Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAz5uSgHG2iMJAQ/+Ptdb4Hx7Uh2mH5h8TlOUjQW6UWxwpuOn4QHIrf5ck7tT
- OrwEjNztauvMuzYJxSxGdVRSsKD4t/tTs0xLcTChGX1X0W+ZTjjpRjUwfyFYMLOp
- SRdnyOBkZsmgvgt7xqvwwssJwOIbHTrJ5kp99gXggQsS4M/HAtpLRuHMOGzazgmB
- 4H8vM1uA/NeOUjL1g6U14GwKofRgUbdLrkA2i6O3Tn6uVrpvC9heVhU2wiSF6qL1
- No6DPheN1PvL+kV0h2DMxrMXcFNl3NjlUCE3vT90OyeykMuq8OQAfpBR+1vBOihP
- jIH3t+kDXIhQnXvXQU8xm34bXO6Eo+c+/9CZXhVvAWRfFlOWrwR2/JzmtMMMaEEd
- T6UjfAVlMJMWyX2kqXzpGVCijA2AqhQAFtC3JWmuovOiLKy589jYx4DOQ3h+VMMB
- ggdZrx/hUGvkg3KpuCQoBYYs97SsOcF6vImPfQ8MApzW1GdT5tay6kFOgDauw+fu
- yoW79sAvRN6IEd1yTBDhmL2Wd+Mr0oE1a1BWcdta3mbrKUCLvDf7LZrZLTvqLJQK
- WzFiCOYYbSZgh+KYXzw/FSURNT5ZQqF2bUeSkR1rEbPPoFcgwFToYxKbWPvCp7ah
- 1MUA9v7GcnmYxHS7yDhe1HOsdTM/Vpdme/2LFha/QawP0Cr6eLa/uc0KTgXxbl7S
- XAFqDjqgejL0O5R5QrY9HHQAMcpAPfzaptRuwt2tv+V3cT0K4vJKYzsdi34qDnfJ
- 2jHbXsjRxRsc4am7rA5xcB7r3lAHv11rkDU6oxiNu634eOoFIar94ef8VBQ9
- =bQFe
- -----END PGP MESSAGE-----
- fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
- - created_at: "2025-07-20T18:28:05Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAw5vwmoEJHQ1AQ/9ESOx/yVKVHFnCpC4nD2r4sYAo/x7ayDJKHie5sIfaf2a
- ebRnIAezWlCEWqJ7FVU3QUZupsry/u+SsFnJg3Kv+TE51O2ITQenLdSBD2dUG2/Y
- M2qqVUzXsEQOXr7QymYX41AThRouj+Da1+gKZ8BWIaPU3khesjLjEu4qmuJeh4jY
- VE1F/2QB+WFY/lw/+WHpiD2xDkrdI81J0pF73pCepwDfBNmtZttURzn4xO6t9Ey/
- Q89laIxHjl4oGUrGJkUonwzwRYaQN979SQWjVl+DdYN17tWnMChhlweorHh4fM5f
- qDEOyGlYFH2kzupzyhwCIHK/4OaJNt8uQbB0I3h8P1qj1Zl23sTGP40KxrvD2nNW
- 4KMPanP1yFRSe0zM/4L6HliAMu0VHUMWmH9qD0fwRXPV5fdIWxctaMQZnrVwAqGz
- s/DJy3VQfFP/bxO50ir1wFj2HUPjFTWs7eqzum4v58Amef35S+YuMWBcum10m2r6
- kGapqwHQPgxCWzAttIB5tDetW6jBBs4hAc1nyliFLJITDiZ0+p/mWUNqc0pQPn7g
- DFPCB27aWlCj8pGObVPZRHo7ks6dX9E5oy4YGFzCmDvZrSK/cqmWAtU6lsWgFYRu
- fJ8G0NY6t9rsluN/Cw1dplIJGnHvzJihPYKuZCkxRF2pzm4ESYzwZc7JrAmAZFjS
- XAEs5H6b1OzbdhaN48NVsB9/tonkzmFmAz6/E7loI0KQL8Vc87eTWdHc9Kc6VBQg
- 7/OGSvCKW5PjdWP68Y1tFB+1lthakH19JyWapGhYCaVj8PlymMB0ffktfjQk
- =2M+z
- -----END PGP MESSAGE-----
- fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
- - created_at: "2025-07-20T18:28:05Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DerEtaFuTeewSAQdAbe6biWCSneXlUMVbeWc4r57SEHDltmlWRXulJZ6wXhQw
- AjEdgA6AxqwJoXBTd8KD5GSchMmpXXRVpTAE2gvjwVObudvZERba9wMuxcsAdmDe
- 0lwBC8GonXrMNb9BpesML66avCPVcjwKOPED6K82ZXn7+XdMruGQsUmQnFNcPnWp
- iAqehB1RrDXtXIF99yGUddKlFgChVJUcOjkSD/RDSkMyjlwtyJuS26qoFF7ZFA==
- =8dgo
- -----END PGP MESSAGE-----
- fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912
- - created_at: "2025-07-20T18:28:05Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAxjNhCKPP69fAQ/8D7YIg9os9dNTzsq6RfEiEQH1XPvMMucaI3g/G3cuO5Qm
- 5MBHNXVjwYtrQrulZMY+7MIUIy9xHYjtNNZi9VIAk0TWdCJ9XL5Zy7v/x1s+pIAI
- 9kqeGI4Uu5yp/2W2mTr3q4qKZU8gJqEnJdlWIYETbqdgAOTcIlrMaMB11AS7rC4b
- KF9vpOcOAK/yHbQATjvbd+vjJm5+wZ67hDNWmPvgh4gqctidPKKaLIuL06wDBZR9
- EbDSXXfKoLCYJGzYoTMNnwAu+flD+9ZZyDsox0/0wN+QJjS6czY0up9TCbWW8fyR
- dhRaX5ZGiihndspveM9v9Pj9b542Dz2QC2oD8YG4ZZ007jy8d/+mf35YtwMjZwup
- N7C3zEOWJa+2CUvHYMkSpxYiQbocbnKJoABO70KoCXaPKanrttRBJ913owhIr07O
- 7qVLrJqNhMbEZCd12HSFltOuGTdZ2H0NHtypFeFQqdR2BkAt8lL+rR/+4xGq3HON
- +AQbHdvnAUFsgs9I/9bEGvzmmdrxUKYCXO+lxG1u3AJ4vPtCnwPevUYoe/BiTtZB
- lGCCY+1eVZT0+7YeGGWPzy24hMBMh+T2POHM8rm6+vdxi+cepoki2QrpQkGP+AQ5
- hVk9IJ+TPTBKVX2wTKMVQe+0G/zGV5FLXlCEN843Ygm/G1j+jS2g46grKIhU9yvS
- XAG3VoGnsNY2KiH6yCbA3U1e7rrh6tdscFmu8OTpfx5/sJ+4GDax6vUYHPURJPBc
- Ta+H2n1Ih9QdIkPNSv0r5fHYEGSnRRQ9X9eCY9FbvWQgVQuEY6+0Sb69yBV7
- =yRWg
- -----END PGP MESSAGE-----
- fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
- - created_at: "2025-07-20T18:28:05Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA1Hthzn+T1OoARAAwDoWy5YkItmh2pkAvzccoc5tAOulhV5N7gA3t4wczXaD
- QMR/o0CZRqX6gZjaWcmjT33AbDlbdzcY/KJXuFvag7kS8QyDAWI86U7Rrun7NoPl
- EwmEjmLyagiXmSa1VJKv6iYKuoF2T1Q2NQO2ZlGi1OQJbPEnpYuDyaldk4Tin26e
- ZG3Z50jbUBUnXE7yl++oIiP30yD0vkoWD33fQBZe8/wTURDStuFkBFSTAV4Mfc0k
- dDFsHZm+eWGBgbtBm2MJR+E15b+OwpsIwmRDF8lirsWo7LBz4MAeGB+bMoXzmAvG
- 9lPlH9t887slDMD9QOFZ+on8pBf0zlpx9+MqBBb3HhdOFGVo/tqdjkp4zhu48Er3
- bvD2UOMNKNpBnxvh+Wh40DU1vBsDdeuaATAfLl3adliBg8FIGY5brzlsyDQ8Ebwv
- PZ8R4kSzkSG1cdbLM8qpb1D7roSPClM3uikPEL8WXFvvwcc3EjqsmXl9D4sw8X3b
- dzrjVZSZgH4jA9KJtKgwyEqlbyYdizHilnXbx5VlaZJIDMvL/nVJF+Ue0qYuAmcb
- ACbsnHkp0B1CNZnBibuHaIy+T6UNQ1QV18xuCznccC3a7VCASWDnLLf8Ag3yUCFK
- eOMjMCRfWLpybjPT+2yI14Xf7rFNchnHG7kIMx6XIaMA3cHN7dgQyoouJxg+3z3S
- XAGogGEGYQm/sJ3ENi/N7D34S5MAHfwBPa9cS8PmE33q9jRdUPwIs+TbnNcklZTK
- JxFZEU+VZWpt/oxYBG60gM7fZsCE/RZhGXeqV21+pAS56kRi0aEyuq0Imsua
- =p6Jh
- -----END PGP MESSAGE-----
- fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
- - created_at: "2025-07-20T18:28:05Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA46L6MuPqfJqAQ//dJdmLs3R0IXVm6HcBvH5Um2VjDfZ+HOgl6je3NxcgMOn
- ognp2CyUYYeR5GpPm1CydaNVlkKGVjUv0BlH9Rdh/pey5QjC85AMQpNumW0nBawS
- XuGXB3pF53k8pQ9NRRBNmS61vC62eBV6DN6CLKUhmC6SHA/54kFrWQNI/6fnQx51
- QyCssR33opVibfi8rz61SYQpAJKrFEM98KQRB1aHntLEhwWcYR3yKv4H83iKhuyU
- 9O2JSn6ps7s5HFld/KnQkoVRKDZ+BvHbQAG95FSzjrwd2Ec0Q4EJlVRJrJFq6pHx
- kMmpQebZRd4hbkEYAU9XR6fnnjXDg+RdIrPjDfxrXsH40IOlZBivgkD5ACIkTYI2
- /bvq8K7F1SfDjgkeuuyr9y3QtXIxwUgDTo1cwu2wwfYsD20euST34Mv7DMTGwlY/
- NUQ+LfDUgXemgWNiBXkn+bu7pFhE7PnyDr4yoTg5ZD2eUobBB6g+2gSaZLKQNe6h
- zzZD584MQ5zz8ivyZXXAkpe73pV6bTTH5F76deXK6czt0rkrb60O9ELosAK40Ogt
- oL0x4LFMgPanQdtzs8bEldZu7JNAf7zxrWNoey7zW6xC6mvyVLPw8+eMNS8UQt1P
- rpEAInl6nX27x7agk5AAUDda6FOJdr6cmTLgPXnw2NxHSjG83moIGpDik4BZczDS
- XAF8KRueOsSUOnN/0OWHwyWwIEjpkPPKCmqZ8itJjap3pDkJ7YhshRVe6nAWnDII
- Z9bY10K6Dxev2dDYH3/ihxPPbFNSWtqeJvmyVOZXCHST3sG5DXpuTxiQ7JV4
- =pl4Z
- -----END PGP MESSAGE-----
- fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
- - created_at: "2025-07-20T18:28:05Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA4EEKdYEzV0pAQ//dFqd5fLpXxk/0mr9drVZy8Ih682PBGcAFme9bdYz4Ou4
- 1uVP1WTmP7Jq9aV/SFq57JCZIEQCKbdAnMtyST/7OrSnYkYymCKRqEP9dP92K4tm
- 9BJrVDu6FMdstBMBNNNBb04VPPgVLQjzyQw/zJnyniI5VEB9Z1MZy4b/J/zygWxG
- nWPy4XBZeI3IhJNOm5zud/+pXj4o7jgQfHdUSMbD/pylc+2H0/23mbtHLuUT0d5v
- nZIaua1yoCW7MWbB6tXQ8Y0O30F0wNX4ckCED4CSloZa/joApv+tivyQrxNLG5eo
- P+KoQIB6YSG4K48j2J2WHd7yNsN1ZSevYQpdwj1MZAwnAKFvmwc6uX1oX36i9NlE
- uAjDMMPyoEFFGAGHCR86atfeZp1LM6ot2WkaBq7SdpTeJIqO6oNJHGo9ehpn608G
- M+Ebp4HSxMkedJQvpdKxzkuf5Y3e6dQ5YdSiC6eQC2ar0tsCMwmHfSXUE37c8zwz
- W2oxnrANtnUGBxvV3b5QcQkUXcISW4OnoQsnDW+b6vqL7zfy8sWznsHcfdWVYknJ
- 5OTV8oF5vzRrh1TsJvwp0Y5yDJPpV9yFjIkcwlNyCe8JGtRq2xmT2sdJ9oL4aSVO
- yJwcdw8uFhCzyQTZR10knGbhLubDiBbwaNOAktXCMZ3bidERvcvcqbLUAMKKk5XS
- XAE6JMUlnNaa68eQcwlph+ANQiL1WR1NTbBdwZcDdnjjxCwl0eNOliCBUn8X9p2x
- UYVlfQMLBAOy9VthwmMe3MweDAwmeWhCL9v67D8KV2chCbYxhyOFL64ysBoA
- =TSc1
- -----END PGP MESSAGE-----
- fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
- - created_at: "2025-07-20T18:28:05Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DQrf1tCqiJxoSAQdArglWecS38+Bksx2+b6X4mXopM/CyOe9ogHcdSTONUlww
- SPZNAyMDJknUOZNVhsZT8FyjpCQyECYQ27RZy+1JOmNRa0Fzlhi1HzyB2jdvy4J8
- 0lwBOs3Hnmlh144XMitJh/RQmcAfE+gyvBVc4+ZFJgYhxiMdEZB0PlXgRVPtKOcX
- YaO+cT58XRpJAnHAzvlZYMGXzZWTGtErJO+yQVJ1h6cjyi4Q3G1DtBxyx47vgA==
- =qQ/l
- -----END PGP MESSAGE-----
- fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
- - created_at: "2025-07-20T18:28:05Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DzAGzViGx4qcSAQdAeKRRJ7Fng1MXOeaUFcbPRsH45ivTIZmb84ByrvJKOT4w
- G+8aUOX3WJ4YigTlsTc0wsbDWUmqkOBae+lMr+HjAVwzueEsKnvNVnFJ82CWk9pf
- 0lYBAP9tPmC3ngDE48WUHkkPreAwUUqsLzSDoQVz8lPp2y1qXjK9at1g9GR2tQYp
- ykjo7lLRQpmtyTteIyCzil/fRLNtAnBvtgINNKAomK5SpSH8yc8HLw==
- =CZXl
- -----END PGP MESSAGE-----
- fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
- - created_at: "2025-07-20T18:28:05Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA2pVdGTIrZI+AQ//aewr+lACFStf8lUjaodueZqLXSz0ex4UC6lyClmzuLkP
- J0XWjiUKGs2ZWAwhKegEEM+O88RLFP4MvSaoRYIoDBbc/nLrOrPxbJVgOjCkKWMO
- HKIXeKyFcnuDJUEXMjqIbX0NbhoyJec77Ne/u7LvUYiik+j28Vx28nGhUebP9N8n
- gR4UWMaSeLqk84q/kiioV7hsX0hz6p+AFMvH9zGks7+FgF2Uqyfwrya9TnCjojbQ
- OPtDdZc6d3s56TdtfcMaIkvYvam/xoEOfFnviz44wplTqiogGVqbZW08zliY/lap
- XdhWZkYQv8rVxwVLZlZoxLtQpWZ/jRUY8jnu5LfEmCeJwIQMvUUDbvnDZClodMRo
- xSFb/f9kwEkYHNrIZd5qLRw38GkQ2kNnVNDn4LKICBlsEKUi6roZIghEW7bllKKL
- 6MHjc7ddIIYZRZs4S3djs8/jFpGmTvA2xtvCKCz8IvuhFzR0wnjGtIL96yHfYc6d
- qLuJjLYTZPEFcgQc14z4Omvf69Ft2TtWPu/JhTqKNz1E55fu0snrjK43QFf3AMon
- /mSBp6+JC+Y24wuljXjSt1PeCWyEKiHK3gnkkZGixlxRdWtl2fV0eCqgdM/j/VQ3
- 4AB2ugyxj5JxnocWKMIFuUy8SxODnzyVE3A/7QgYjsIgPLg6RWtDOHCo/BLFBn3S
- XAElm5jYXaasE5lt9yat3tPO5tQ9nnnuTOGou09KVta39uMwCBSQfuAlzWtLaHPv
- h2dbbXEB6Sq3UNaxQCfI/ZWF534OIV/MocS1RlYFkuQMWNPKaDmGdyjtVnji
- =N1/u
- -----END PGP MESSAGE-----
- fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
- unencrypted_suffix: _unencrypted
- version: 3.9.4
diff --git a/inventories/chaosknoten/host_vars/cloud.yaml b/inventories/chaosknoten/host_vars/cloud.yaml
index 0aaf92e..7212842 100644
--- a/inventories/chaosknoten/host_vars/cloud.yaml
+++ b/inventories/chaosknoten/host_vars/cloud.yaml
@@ -1,9 +1,11 @@
-nextcloud__version: 31
-nextcloud__postgres_version: 15.13
+nextcloud__version: 30
+nextcloud__postgres_version: 15.9
nextcloud__fqdn: cloud.hamburg.ccc.de
nextcloud__data_dir: /data/nextcloud
+nextcloud__admin_password: "{{ lookup('community.general.passwordstore', 'noc/vm-secrets/chaosknoten/cloud/admin', create=false, missing='error') }}"
nextcloud__extra_configuration: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/cloud/nextcloud/extra_configuration.config.php.j2') }}"
nextcloud__use_custom_new_user_skeleton: true
nextcloud__custom_new_user_skeleton_directory: "resources/chaosknoten/cloud/nextcloud/new_user_skeleton_directory/"
+nextcloud__postgres_password: "{{ lookup('community.general.passwordstore', 'noc/vm-secrets/chaosknoten/cloud/DB_PASSWORD', create=false, missing='error') }}"
nextcloud__proxy_protocol_reverse_proxy_ip: 172.31.17.140
nextcloud__certbot_acme_account_email_address: le-admin@hamburg.ccc.de
diff --git a/inventories/chaosknoten/host_vars/eh22-netbox.yaml b/inventories/chaosknoten/host_vars/eh22-netbox.yaml
new file mode 100644
index 0000000..56ba344
--- /dev/null
+++ b/inventories/chaosknoten/host_vars/eh22-netbox.yaml
@@ -0,0 +1,16 @@
+netbox__version: "v4.1.7"
+netbox__db_password: "{{ lookup('community.general.passwordstore', 'noc/vm-secrets/chaosknoten/eh22-netbox/DATABASE_PASSWORD', create=false, missing='error') }}"
+netbox__config: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/eh22-netbox/netbox/configuration.py.j2') }}"
+netbox__custom_pipeline_oidc_group_and_role_mapping: true
+
+nginx__version_spec: ""
+nginx__configurations:
+ - name: netbox.eh22.easterhegg.eu
+ content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/eh22-netbox/nginx/netbox.eh22.easterhegg.eu.conf') }}"
+
+certbot__version_spec: ""
+certbot__acme_account_email_address: j+letsencrypt-ccchh@jsts.xyz
+certbot__certificate_domains:
+ - "netbox.eh22.easterhegg.eu"
+certbot__new_cert_commands:
+ - "systemctl reload nginx.service"
diff --git a/inventories/chaosknoten/host_vars/grafana.sops.yaml b/inventories/chaosknoten/host_vars/grafana.sops.yaml
deleted file mode 100644
index d9675a2..0000000
--- a/inventories/chaosknoten/host_vars/grafana.sops.yaml
+++ /dev/null
@@ -1,231 +0,0 @@
-secret__grafana_keycloak_secret: ENC[AES256_GCM,data:85OEAwuWnYW4NgObAmYey+2kGRML2iH8FuDlIZsHyOQ=,iv:Akdk7Iopx6nIOAFXqa7ROnH25vhoe4uopzEcHjWKWo8=,tag:Lgm8H9fWA+/PCjp+SHoO7g==,type:str]
-secret__grafana_gf_security_admin_password: ENC[AES256_GCM,data:Ct3YH/5FqUA+a7Z7YlpZ8aMvUM43blRG,iv:ePwTeX+7H9p0isvi6Bu0VG5egIOqTopmIiUhYoGCmR4=,tag:SLy3totIMtbED7XxmblasQ==,type:str]
-secret__prometheus_pve_exporter_pve_password: ENC[AES256_GCM,data:dJanRGfkNwZw7oaxxwpjpbV7m3Zl/MzA91Y54WrLXxHWDRHBX5Fe1soWgysN3uI5s+rtIWWfpCux/rSggFh0gQ==,iv:6gFk3IHxGkWcoeZTpS+iReBR5uMModHp2qLZp7aG4Tk=,tag:V55iwRKmS50E2lNS7lmCoA==,type:str]
-secret__alertmanager_telegram_bot_token: ENC[AES256_GCM,data:DhMeo4UHoYu17aVx2sRtQ2v2MFuwD/vHB0xsOf7QWio35ZAcwzGHab+VOzREbg==,iv:DhrCAfMoUt2Zk8imaVA8xC0UAJhXpyqNNwqP5th5ldA=,tag:BbCDqenw+yT4ADpIgZ5row==,type:str]
-secret__loki_chaos: ENC[AES256_GCM,data:km9l2LYuyvitMQOSinAyUnnF2AePE3fcW1E1k5fF,iv:gu2FB+R3/UIsa8qivpQE6AVaOug7/Q4JO3S7nhubsww=,tag:4JaG9ZHPbyzFIdzCnYN+qQ==,type:str]
-secret__loki_chaos_basic_auth: ENC[AES256_GCM,data:9HS1Jq1LqTmshFKdUDk96Y0apSC3xhSqOAWv3G1E3djDvl3QPA==,iv:oYgoIDqV3lGsHDfivgMRh7HQ0tFZhRO9OZSOuD8Yoxo=,tag:wkFgxC9EFbm/wHIHqELv0w==,type:str]
-secret__metrics_chaos: ENC[AES256_GCM,data:GDLtKMuExpedDFWLew68JMbdaxy1aEep2j4/XkOD,iv:2sbdjEp1GY6rMq0BMw3Sfjyci3Zfm7fFkU8wUFy3IDQ=,tag:yEarnC4wJvFnB8i7tJ30kQ==,type:str]
-secret__metrics_chaos_basic_auth: ENC[AES256_GCM,data:eT39ijCsheJZP3D335EIRdeVR4nSX7APw9e4iQ40NtXz8EEfGg==,iv:+OxDeTOF8PLxSFT5ZKkUwWYZfuBgv5YUJSGWsURL2kk=,tag:0nIroxvAjTG0vB/lwq09LA==,type:str]
-secret__metrics_fux: ENC[AES256_GCM,data:aV6zeZ/XsVlA3QepSfVd/cOr+tqFVhlAxRO9SHx7,iv:fxo0o9amrh5ivPTxRVkvymB3fr5dLFVE7EqIpBlNZBk=,tag:41dm29mrV/jmqj5IkuNAaw==,type:str]
-secret__metrics_fux_basic_auth: ENC[AES256_GCM,data:YL+QLzZyyObzDcz+FcefViMrvdkVSwRhDsBx/AwoDX3RLHCDjg==,iv:GADdMa7FHMM1FnyPp8DUHElpXsJeqD+gN5Slw0R9bgs=,tag:KGCoEud2JLU5s1gurrbywg==,type:str]
-secret__ntfy_token: ENC[AES256_GCM,data:0tuPJVmxHcdDWOMIo0QQXgIEkJo+p9A5emH+kc+U5tw=,iv:NZcfiz3UFw2fMcMf+q1GRp4Fsxpxbptsx9n8wPR54z0=,tag:SJYFtXccCbPrXjECiKUOUA==,type:str]
-secret__alert_manager_email_password: ENC[AES256_GCM,data:AsBzn9KJEoMjcrUWiIhR7I/1jaaFEa+cl3gImOQVKrg=,iv:mtQnZqT0taap3+z/L/nMfUvQF3JlTKIdoljmzVr1R3c=,tag:mZrCB597p8LyB61I7ZvHNA==,type:str]
-sops:
- lastmodified: "2025-06-10T19:17:41Z"
- mac: ENC[AES256_GCM,data:8GGZFGSRXAaLoWUowbxd3RVv7NPMVsbkDttDxC1Aeuwjy6678ddioHTiOWn04noWSPXhVnnpaTHWNW9dT5EcbLHvTl9Vb/ydKq5EnjDi3vAI2hQZ5bJ29rwSIW2YBMwpceqh+2GqDuzebhOKxJ0ZFYsPzbfTGPt8blqOQ1abVR0=,iv:aDbIiH7H72jsBRe0rSDXHMQy6zc1QFrI6ZakJj8zxZ4=,tag:+ARO2ST+1I9gOB/f9V/OjQ==,type:str]
- pgp:
- - created_at: "2025-07-20T18:28:07Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAxK/JaB2/SdtAQ//eid3k6mqnYu0Y/JnAaWyOqx8TJHln2gaUAwSM25+Anj7
- 033qx+X8M2M9aDCKAKo72ej2Y4ELZ5JcDCRtTYt85I92q8CxmKOPq3Iv5WCBPXfP
- ggIMhIs61z0m+ZH9pk488knHHuAhPpCMg7ziyNQJb8HOqjDBJe0gRlQTuZ4BDbIL
- +AoQ4BHplgYESmcSiQsJFcOmh+BzKMrdhHMKlDY92iRKArpYfPmj5YBsAUCb/sVy
- qzmW10PBvpifPDiJhtM4LdZmsfC4F8eOEGR1p8JldgENgRw4zH78B4kPe1W4rXAY
- WCcBllDTtxl9AB8dVp9EHQrFJ0Kw3ch/GkM4a5SdXCddleqNk+PNbakhQwLaoEs6
- jJeEGFMACz7oDD+zMdv4txodO3O1RuClCDx/sgGCxJXZJ6j0SgjQHG8csrdFPPXS
- DN3Bmn7SFMFlCT5hbkSdcc4J+zkxwgT7mlwqLGXS0TqAK/DDY28/PUUW5VeOwa5z
- uLkrNmmLfrjQrXwonlcnYvIvRAO+KHlTR/MHFfekuzp/wOyCE90O91YXDn68mfdh
- 0Jo3PT5kDrRfAPt58wfcYwCnwJ8YewUYAH6Pw8AvDjqUSA6en01j6FS32jVv3k7t
- Ip8M1Q0VtmvkEcJp/WN0ZnRcoLb0ijaxmKyQ3PvymkWRlGAQBut4E0ivyW4ECRXS
- XgF63/ao1eiQ8LJdT923wCgJTIvlE+EyLyxBMAERwe5Kl8J1qDVJ4EdP3bsonrM0
- pr8YZYPGdyEFAgcquXkQEDyynkArRdPVya5Hj9vvNOHGZ+09M948FnlO3euYm0g=
- =U/D/
- -----END PGP MESSAGE-----
- fp: EF643F59E008414882232C78FFA8331EEB7D6B70
- - created_at: "2025-07-20T18:28:07Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA6EyPtWBEI+2AQ//QBDriv4RmHkgw06HwoF2WIbRsVaqPtCQU/rATulq9hfz
- KJGMPjuzMkOx7dI7aNgRMtQS0CbnkjXMJMxRa/YcI4e080FFTeo3rsx43ya5y0kP
- 7X8i5wNWnJHs6yFj+d+mQA29//1z0vZliH2xc9DKOq0xWWdYvBbvInqeEsKkEr/U
- JXY/kfm7DlCSg5OMqJXX3FNH5qKAlHTGupVzI8cvGXvUbIt3hMBppfhQ7c+DIi9B
- jD2eJh7MgAS3em6qIR7rjBzTdwlvIbc4W+wcoEPfjkW8Vg+EYo+AOV9w0gkwDMhp
- zV1+zWLFHOsjk15XFbJCVfSxajraZ2jBNRHfzA/MvupQY/OF7WtLkf2+CCABo1y+
- HEnk8sruDojFFxhPeG8eiR3SgZ92qv0nhSDtJ0u11t0yP5afNiJEJc9OrLEXcESK
- dUIIWir96s8mdqTztC/nag4PviDZgX4U9VWiotxrqJsTwYv79lJcNJVY0bGU1GzN
- 4NBhM24x430I03e4E3aSpfNKodJ/wfH72VZeg5a8EVjUrXM1U/LSn+6FrHbhFoOd
- 9vTIWiJA4G0lb10SEZllB/kerDGLZmUCe7VVhQ7uJzAPjpgLSAr4KhCXMnU9Q4An
- BlGyW8On5c+mOvUI5Bqrzl3w9nB5mkNQ+yfDDw3weh1YC2RigArbnIvrDEqukCrS
- XgHXPOrY8Tx8NM/iDjP/X81JRKCIQ4LVqlQbx3+uMOzMBW7kZiUBtvMBhktMicZM
- LS37Yv7taWohciOU20d1/KqJELp2FeyTDjrGQfI/L/52zBhsed7OkW3LSEkz3kY=
- =A2+M
- -----END PGP MESSAGE-----
- fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
- - created_at: "2025-07-20T18:28:07Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAz5uSgHG2iMJARAA0LeyqUZFETqujsOj5OEWx4qXnBW9jhio/TK2wn1x/E2p
- b8bOT8OH/cxrJv3O3L6LlAbumM5NqpRQYgHcrOlRsslUK2N2UszunHReVgmRqzpE
- 0iqIkeWl+lgaqn/2NLIXArQEnP7vH6Q6GWI9GkNdZgmrRE1qDef3pcc/ZOZMcVtY
- eRGGhBxsEfGamqAGk/UFRZ6VexJil/5ywDkLvw5JeT5Ltq7Ru4H2Mf/K3Wwm5VT3
- 11A/241AVUODhLZ0uS3bRIJN0mO8utW4fiI7GVHtogKFKKxKiEFkZgWXAxkYVF3J
- i2yw4hPqYqbiQndHX8T7whz1TXA3bSADuly+wAcXXSjDcbm+71iN6UgnL3WVUhYZ
- QUxucoyWBmTPtf0z3OSTJNSWwr5wnjcUNNAEbDWUfV6vyI6Q2gdcoQwlFve6AkyO
- j/7PQYjaU3T6LtQINIoppLiMaBSSLjjTB/sPbNROOrhTg0xym4JSTlOru8NkioxE
- T7k1ut48l6PjXwiSBIHZQ2Ry60diXi8xxWUggBOrHdnEMEE/HGrOCgZ6pZnugNVx
- MhpSkEcnwQzxMfUUtOW0HyR9hZWBi0zh2sqU/DbE0UL4K/6mZu85CtS76nWzVEKj
- 8GYubDUqhMYuz815fpXRvfoPD3xk98O9sZ4yRIUisETd0nvvyZc/rXE0teLiQsfS
- XgGuoEcu0cAVTH1aemx45le0ixitfa7blLUxe0AsSi0+N67S20+Uoxa3tlGHf5qr
- lD4aNYvDdbI85qShxEm2m+YGA6OmKIdDBfMLbX4Z4NRgKJybLpd6eUD30WAzoO0=
- =1x2k
- -----END PGP MESSAGE-----
- fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
- - created_at: "2025-07-20T18:28:07Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAw5vwmoEJHQ1AQ//TLM/EyYupC1ttGiaPDdy3bJYvSAfdkx9UvpkFuGF/rBR
- zcvBxLJ5JFxwXiR9blkt8oFX97GmtIIhNogBbaOalh49b1GPCGOawOPkvh6prJMo
- QqFMq/YfzvBnFT0c6wL34eXPzaFSkopd5pUaXT134GvZjaziMR0sL0BjgsajlXEr
- R9+wjZ/6scsU0ZdjxseAlj+pWZhP1g8cAPITwtKl5wuJRu2Z2e6qMXRwDDVDaZwh
- tDLiH0FFYsenPTFEESUszw6seF3pWoHB79PBt9w1YGYFSo80Jye43jZ3SQ9BKAqI
- xnfBXQ1Wzow83/UMtHrSdHOKKlzmHlCSPQTp9Kn4FvMaijgUs3oNiG6AZx38j6XU
- QhPdFcL9ZSL3ZsIJooJ9ili62NC1B904l4NscUQs8Lz1Di7G0ibj1hwX+mPjZ7Jo
- JGZtFoUmFo/jVrYoyrEIu9LWzUQsflYusRLv7nYAweePaFHGNSluY039D2CyAvg6
- vTCIdx3vvnQcpSw0dnD4PQeCMuN9iXNEdmx3t0mcuzgaxMutB+xveLcbHKUEeSjj
- EDDVWPql21pZoPiMYgTZrBLrK0bNwOJKtaHHntRuxlo0wV8SQF8U9L5gZqC9ZDAv
- xXxKM24Dqt7zckNZ75Dlz/a8HQK5lMlwVeSxSiNY/36WSswX0pvK1qFXjer6yAfS
- XgE/QffPmf10emV1bTBLSi9vDKBI0cdzxNuKuPCRlo1kmOuEA/aW80lI7g8s11da
- Dq1Gx51uXqFKrG0vJRzB2BL4S0z1MtEcDFSke11xq5poXGM4PmfQpPBI9Pa5DGk=
- =i+Gk
- -----END PGP MESSAGE-----
- fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
- - created_at: "2025-07-20T18:28:07Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DerEtaFuTeewSAQdAZS15HxhhjITM350cWmBsvc++kA9dP79oqoFTYS0w4Vsw
- 4rMm91OlSZrXzsIHKG+1bPKtgB3hak8vX+RDS0zld98RorHSf9P4WEBUahy/xEli
- 0l4B2seAT8SJfk5uqC+3M8i7KKUnDXi4S83HNyy28btN2kwaDKpOmaVelQeFRHYV
- AUyzLb61JOnXzF77Y1FdDdqbxcZvUmfEjBVYwQ0uVY30x50RobV898hVmH2Gal6j
- =TrnN
- -----END PGP MESSAGE-----
- fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912
- - created_at: "2025-07-20T18:28:07Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAxjNhCKPP69fAQ//QsXWu0Q4LXXUGfPoGghMzJBZYxJkn1bASs7cDX1mGRyX
- ujxpdovJkMSK8lEQ7LqTcEvjmGEttCBLDpYL5hVOI5k5tvpGh8bIV8NtZUJK+eXO
- tHT/A+sbhMtRqGhlXqmL7dkY930NaKAeFsBqbcvG/p1uK8zLX3b7To6n27R+u6HD
- iikUGaljRDknqKEWxdK8L79UW3hmz6qLynLIR9V7bDHbXXRZD3CmkscOcfNUC5jp
- q0t54YzOHN1BQ2+cg230hvd07/Iu/Ko+K9JW/YmwKG7d2oB1Plitm+oYY4GaRgmb
- VvEavkXPBTxVB4H7DyO2ghWFs6bA7trGf6cfcQKML2k2XygsQftDdoKvWWVJVmXi
- R7ceqCFyVzXO4Hd/XcpWmwhv5lNRD2MEbIOKWdQ0JVnzqKJygb5cb3uZriTP9B4M
- eKT/z4nVUEWssjJXQAMeHG5+pSRkT3JlizQHuHg9jU6/68N56kSVMhUyXSwvYbCk
- 40x4p8bCL18YpA1wUbo6VtrydikPKgdx3TF+Ce2+kQs3E5ltSBL1OVykzX/mugFa
- KUf1i2CbEB5bb9GRftagbCbVJp6d5GmF9CiCSF7vPV1hdct2Y7+3ag2IxgQS9zeK
- o9heXRgWeoobYDztiXkLHXiqI9I2VFHtZ69zlA8mXI93xv/pBZUrQjTfmcxNDr3S
- XgGDCDFBG22ZEVdUWOmKG999R+krXS0w00ITpO00Qmi0Ay1ZN2QAPLQS/5niB+L4
- cdFK00jr8VllL+qjmYl3YG87ZWOGDE6lHvIGqHNBZH4FPYNlzgKySj/5BZlN3eU=
- =hLuU
- -----END PGP MESSAGE-----
- fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
- - created_at: "2025-07-20T18:28:07Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA1Hthzn+T1OoAQ/+PdWzTSem7Us/zW2xtPnxdkMPmGmTg1qfSogJzC0B7Ia2
- 4QiTaFeMNS3XCpbuMMrcZbmHasBlVDXWwysz2vE+OPudplrjT9kClW/6cwXTYL4G
- 5K4fCY/XQ89Av+pfURTBbkrPr+2911KiH5D+Lpcl1ra92FlH9S1MEbPEgXLgZLjT
- oRZVHoc98lDPnumvrz6kLxMPiHwCdAy08sgj6fICeZnMWjU+mgZrJOW1KbFDd9KZ
- yOs+6hw5IozLkqvhd3Q0gfgHZ+O0d87zH5IIzwyKMjQVYC6+T8SBikGbk0jStlzt
- qkR/PAJg+OgFuwd4lOWcJ+iBI8EP90nqhryCmwFpmFJWBAx3HiAdqE9+vwvy2Syv
- 9+P2B9AXYM7bUB0Eb8AFhGONhTh5K7qzeq7zExOjr8GKS/QAL/0FAldi8sM32K1f
- 67qRb2VaX0NKZwOvl/I7aCjrTfBB/6ZZLWVplnIkq/qVHNfjIVwa92flJ/7Noa+o
- 7TNeh2ySR92K4K4DGdC4TrcxkcCISM7tb9GL8xH3vVS/Ms67IOu46Uea7EnGJkqL
- 1zkdoiIzVq3oMhhUFIMATYPemuCnfxOiNlyZR5WgR+rD7OhagR5tM+YXAI2MHcbC
- 5jLcRHFZ+xIkTZWccoD9pulySRCgQZ9y5sFIvOl+OuTI0rziArdqL9MOYQ0XYwXS
- XgHewmTVljGvj4P0oa2PqRbcGWft1ms1QjioTQ9MhSk7F2AWuB4HE/hPlN/eY2ou
- m0o2NvaiZaq9BXG8GrVkwP5hn4IrDe3OEo9WeCar760dvBB1Z+q2R4F1FyzgesM=
- =xc3J
- -----END PGP MESSAGE-----
- fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
- - created_at: "2025-07-20T18:28:07Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA46L6MuPqfJqAQ//bgiphdnwjxuJGZJle0CsS7H5hSQBlqJw79+WXrKyfeEM
- NXxKX0tIY0QoIhbh9mXyKEJKr0oOyqO+iLYlLrqgEr2OmLWDbp4+bWl0Ixcw+drF
- uq8orbkvkbbxLLcVIBZfwX4foFCMINr2bNnTFb68yTZXpRp6+JN0wy6zzG7d5l12
- wKKIfh93DVb3jrxaeEZz02EzLt8py9NWfniLABbIHWZSennOmnepiqCFuqG4Wyw4
- QuyRCn7vOnO8fQNxCVyp+OLjg+7d8u67LcrU/lYTrZLYEr1VEl0mmitIuY7M9LHw
- +qEMZePfrk0/8CshXmqKq7HiDM266HWAHq3VaAQr0HOk08DZLgzeb41wWDyQoQtr
- dEOOuyx96SyOVaHxlttqWE9BHoX2CQEM2jUfvhoG1Ov2scXXB516Gzg9H4YYuDMM
- ei7qG/CdO1g+7YSS6gBtz+T0+caolAD1/1LGcvv8/lkAQeoNfcNKupOR4rIiHQEy
- H1wS7CnB/KbQY88ZkVHG02EgjxAGvHinfDa1Tv5CmjRZH2Yy6zBuYsPZQGmrH0M7
- n7ZSPUi/BGKCJbAs+mkdYimDpmuNh29e3i7NHwCX8+odRhghM4S3ab1sPy5pdTi+
- z3MVM/8uUJ1GSu33EXB5Zy973Pn6Ufjr9QOw+JpjetscSz4WHf1vSAe5b9eG7XfS
- XgFmyjzLypsn1bVj0fo8FLq+flHe2h405I3hf8Olz0If5k/UCIlgRCU52Z8kGXqW
- QJAJerSBi1/chXZg5aKqO9ofVu0MPbhiNRXxMHni4Cm80xDBwWOy4xC8WwiKrOs=
- =czBf
- -----END PGP MESSAGE-----
- fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
- - created_at: "2025-07-20T18:28:07Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA4EEKdYEzV0pAQ//eZ4t+Jz7ITuSVmYRGE8jNeP9RCMR2NkML3aEbWNvOjF4
- jVhL4WvOjDHhWIBmSSgkyZFhkV/CPiRjZt8LN9bf4ueRcY/yNr03vz/cidlfNZAS
- PRS8QZ7UvdjrprLSvTmNJTFB74AS9eelnDXc4bQlnytStlfpsXaOzA1WmQ5w0J89
- 8Ri5Ek5BmZaVnoYRgKrV+AwWJNwlzmBrq/lHfoncHULfRwJ1La01zEy0vJArHnJk
- ePW/5G3+84pRkJzDXCIG67EbLFwF7dWqNIlZlUkFCJ0qZsHVo/eVg1NX2iLRPp26
- F0t2ehznDGh77PHWCJCcIYm1pIEVqD9tYsseXrc1Qz2NAjT7EDulYSdBp+kN2WFk
- w1iFvGK9Mzc/aWBpDJYdEhe4UGEKMSMYKeqcTJf7v2cX0LE9z1JTsXctOQnByZN1
- AsdbcR42xniz8B8vvbDzhpmfBX2xR3gC6DyEkmAieOecsJ/6jdwJAZBT/ea/t4QO
- YBTZB5UzgjwbfXJNm4TUWYqeAl0BaSiiZo01a5Dzlo6MyGFjB5VnYRJm0PmTRwDI
- w6UFrc0tXIMPLddWcN7UxH7kbi8e0rPHCbJDk4aN+IagM0D0d0fyAxxYy4aaJ/dD
- 9dpUgYALoVWUNWDooKiPQoUTPujRw0Z//HCpxvmpIdUHrvPePo2vASMZz2D1uwrS
- XgGpKromtn4QrWSgc5PIhe1CVDJSD+LzU2cUD8wKAw1X1ytL5mtqlgvZzTpwh0ph
- 4NtYx85rHmrn5whiGgpxgtwr6o24xeim6ZhRjwbLWvYzLgh3wYNiCXzcUX7Id8E=
- =DOLh
- -----END PGP MESSAGE-----
- fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
- - created_at: "2025-07-20T18:28:07Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DQrf1tCqiJxoSAQdABoDixsNCXVm7j0QyJty/LyG72v0WoIfxCkVQRP2uxUsw
- R80k8Q226rURPAZGs3D/CnRaYSNINUyD4ngthAtOPVoAA1Ri+ftOScfnVremy7QC
- 0l4B9DKnWfvmwJY2mnEBFRHf+SM/LpP67mlSVlPuLMFxXbfrxANfM+9RBNRk9FQN
- WOej+WCdXOiJxlcAG3HVovIIdVpHMmPpT+YbfFzuY5rV93mbNEUI3bxsdiWEJnxS
- =l7zU
- -----END PGP MESSAGE-----
- fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
- - created_at: "2025-07-20T18:28:07Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DzAGzViGx4qcSAQdAhDhJSPNVIKftCaEQI29AU0eiU9Bwmm/F/gVl/Pm+zEAw
- HZKLksOb75mMeWElV4oIqXd1YXOfkSbOwuEBurgztLD9d4YWagjmUpckoWJBBvwu
- 0lgBjlkvxjf1d9xjEWTUw1rzjIlDRL4f2GJl2NuHoHJ4zbnJCUDe/UC5B1UXin+t
- JmpvPy+/RJdXl7Hn2GZXC6XoO/GopbiADfLJ+Bm6j7myt2fPW7JtvIG9
- =qwle
- -----END PGP MESSAGE-----
- fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
- - created_at: "2025-07-20T18:28:07Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA2pVdGTIrZI+AQ/7B5Ya6hX3Zplxrhyhh45QbRLGVYPGZlaTSwVPpGhLrKNR
- KYfpz5gs8ONGO4H11pkmde05T8ClRgHUlIuGH0o9NyGCxAKaCnbOiqcwDijmsMTT
- uoW0SmtV9uNVbJsDgXLiESZPLPYOi2hRX5XqZrMPorUZtaEgZiE1n+kFVqQJA4he
- 67wpCFXvrtE5nVG7oDO/dTyBJ6WOdtTodesfIchlMxwIcfTzJiIJb6UPsJZ2ojfK
- EcIYfy7YsYpfwc4tNmkqM9sGbpiIiJ2YhriHzftdMlW5dd+22ltYXXiFDrjTJg21
- d9ZoBE/IWU9IwJAjWDDOHweHU0AjXef3Z1Kd38TfGrhEDmnUAYApQXjTmCgX6x/c
- Yur9qwB8JY9ixfxc9MYpnyj/hcChKAGfKDKnRt5fOsPa2/6N+JtuSuZ57jVgMLf2
- /DBPha7TMyvctQjFfL/ZUjgghhxt/XzKI1NvIxZtclQv5zlh2Dkxn1J6keAWd9C+
- qiiymf5lqIyz3vo61q0fzs9gwnQU3peQlAQCyufsK3lJ6Zjxi5K7lqo8kQcdL9TV
- P5Bg5lYhXf5heqtLdxN6qB6PHBQ9IcZu+SRadXymugITs4rnMlOiwGSSGicl16RO
- v1jtj06e50DETj8Uwd/7RCtuRTGooDamt6oC6/yKfNAcmpGTqDBWws23CRnNHoXS
- XgFAmqUJYjWHVxyqdsNcEdtNQl8IWUOtzmvh4rCoNssYPZlGt+8X102zOHu5UkHT
- 1+F1WPXFTZKbE6D5S5HKuYnNs9r8SSEWyjUY19DxhHsLtC5xbsehz8oEyBBhJ00=
- =a1U3
- -----END PGP MESSAGE-----
- fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
- unencrypted_suffix: _unencrypted
- version: 3.10.2
diff --git a/inventories/chaosknoten/host_vars/grafana.yaml b/inventories/chaosknoten/host_vars/grafana.yaml
index 1ca6b1b..87cd328 100644
--- a/inventories/chaosknoten/host_vars/grafana.yaml
+++ b/inventories/chaosknoten/host_vars/grafana.yaml
@@ -12,128 +12,15 @@ docker_compose__configuration_files:
content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/grafana/docker_compose/prometheus_alerts.rules.yaml') }}"
- name: alertmanager_alert_templates.tmpl
content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/grafana/docker_compose/alertmanager_alert_templates.tmpl') }}"
- - name: loki.yaml
- content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/grafana/docker_compose/loki.yaml') }}"
- - name: ntfy-alertmanager-ccchh-critical
- content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-ccchh-critical.j2') }}"
- - name: ntfy-alertmanager-ccchh
- content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-ccchh.j2') }}"
- - name: ntfy-alertmanager-fux-critical
- content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-fux-critical.j2') }}"
- - name: ntfy-alertmanager-fux
- content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-fux.j2') }}"
certbot__version_spec: ""
certbot__acme_account_email_address: le-admin@hamburg.ccc.de
certbot__certificate_domains:
- "grafana.hamburg.ccc.de"
- - "loki.hamburg.ccc.de"
- - "metrics.hamburg.ccc.de"
-
certbot__new_cert_commands:
- "systemctl reload nginx.service"
nginx__version_spec: ""
-nginx__deploy_redirect_conf: false
-nginx__deploy_htpasswds: true
-nginx__htpasswds:
- - name: loki
- content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/grafana/nginx/loki.htpasswd.j2') }}"
- - name: metrics
- content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/grafana/nginx/metrics.htpasswd.j2') }}"
nginx__configurations:
- - name: redirectv6
- content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/grafana/nginx/redirect.conf') }}"
- name: grafana.hamburg.ccc.de
content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/grafana/nginx/grafana.hamburg.ccc.de.conf') }}"
- - name: loki.hamburg.ccc.de
- content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/grafana/nginx/loki.hamburg.ccc.de.conf') }}"
- - name: metrics.hamburg.ccc.de
- content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/grafana/nginx/metrics.hamburg.ccc.de.conf') }}"
-
-
-alloy_config: |
- prometheus.remote_write "default" {
- endpoint {
- url = "https://metrics.hamburg.ccc.de/api/v1/write"
- basic_auth {
- username = "chaos"
- password = "{{ secret__metrics_chaos }}"
- }
- }
- }
- loki.write "default" {
- endpoint {
- url = "https://loki.hamburg.ccc.de/loki/api/v1/push"
- basic_auth {
- username = "chaos"
- password = "{{ secret__loki_chaos }}"
- }
- }
- }
-
- loki.relabel "journal" {
- forward_to = []
-
- rule {
- source_labels = ["__journal__systemd_unit"]
- target_label = "systemd_unit"
- }
- rule {
- source_labels = ["__journal__hostname"]
- target_label = "instance"
- }
- rule {
- source_labels = ["__journal__transport"]
- target_label = "systemd_transport"
- }
- rule {
- source_labels = ["__journal_syslog_identifier"]
- target_label = "syslog_identifier"
- }
- rule {
- source_labels = ["__journal_priority_keyword"]
- target_label = "level"
- }
- rule {
- source_labels = ["__journal__hostname"]
- target_label = "host"
- regex = "([^:]+)"
- replacement = "${1}.hamburg.ccc.de"
- action = "replace"
- }
- }
-
- loki.source.journal "read_journal" {
- forward_to = [loki.write.default.receiver]
- relabel_rules = loki.relabel.journal.rules
- format_as_json = true
- labels = {component = "loki.source.journal", org = "ccchh"}
- }
-
- logging {
- level = "info"
- }
- prometheus.exporter.unix "local_system" {
- enable_collectors = ["systemd"]
- }
-
- prometheus.relabel "default" {
- forward_to = [prometheus.remote_write.default.receiver]
- rule {
- target_label = "org"
- replacement = "ccchh"
- }
- rule {
- source_labels = ["instance"]
- target_label = "host"
- regex = "([^:]+)"
- replacement = "${1}.hamburg.ccc.de"
- action = "replace"
- }
- }
-
- prometheus.scrape "scrape_metrics" {
- targets = prometheus.exporter.unix.local_system.targets
- forward_to = [prometheus.relabel.default.receiver]
- }
diff --git a/inventories/chaosknoten/host_vars/keycloak.sops.yaml b/inventories/chaosknoten/host_vars/keycloak.sops.yaml
deleted file mode 100644
index 1436f8a..0000000
--- a/inventories/chaosknoten/host_vars/keycloak.sops.yaml
+++ /dev/null
@@ -1,225 +0,0 @@
-secret__keycloak_admin_password: ENC[AES256_GCM,data:U6vt0UHHgz85sO+X1YucL9CIr00LtTaeyGUFZ4bVFarsg7y6gTtb+fCuYKCgsJmNDP9jek8Ny+A5WPkMkWR/pA==,iv:qq2H9nF6/1pUBhJG8dFmfRdxk9HSaIOoTdu3uu5xJDw=,tag:rpEuf7JSQ0092R1aPOojKw==,type:str]
-secret__keycloak_db_password: ENC[AES256_GCM,data:IDmQUjQh/QB1xdkwPKqv3ZAwdfy/lkSEdAJuF5MSPCNKfuANRmN+4rH570E3/ZApAJpLAkefh3pufiVbNF8Ssw==,iv:W3roegZU2KfeBDBBImQCCa6VqX+nUk2oh6jMhzbGcVM=,tag:0Qzu8gv5ThtAss4xJ4vf4A==,type:str]
-secret__idinvite_token_secret: ENC[AES256_GCM,data:FC9LqUf6wDijaH6JIde9u1Lc4qcqi/XZwQ==,iv:fSgbI4CXMeCKWSyVYyYT+3Af+OdhZ0wsFwNpZf3CA6s=,tag:tGe+xWyBH2VJr3yc3Vh0qw==,type:str]
-secret__idinvite_client_secret: ENC[AES256_GCM,data:ImweU1aPI0G9Lf5+TXvVmZwGhoigSJoHMLCuq6MxxP0=,iv:GSGqpMVHq31U+IYtnHnu9RuMt985y2N1PRvrlWFicg4=,tag:NKuqLcb3xPzna6t2VVuIog==,type:str]
-secret__idinvite_admin_password: ENC[AES256_GCM,data:fVb+vCHzPLvsQ44wWxfAwx5vRpoycJxBLA==,iv:Co53uRh5fG4pEVxnC6uWaXRrCLGH2Celg/XC+idiWSY=,tag:AWUn99jtuJCqXww/2dSS8g==,type:str]
-secret__id_no_reply_smtp: ENC[AES256_GCM,data:Sqc/UkQq/2F78G8LP92YrA==,iv:ObEdXhzHp5aDCWq3r7aUBhOEJ1sJ6lYiYC0pmWmwML8=,tag:1rtneYPlKS+uDzFWev6A4g==,type:str]
-sops:
- lastmodified: "2025-05-04T14:21:10Z"
- mac: ENC[AES256_GCM,data:EgeLza2JhJZmuNase/63KyoVwR33eFRqxHqSSaJDlr8YHQ0Vx6OTGQJTUGzgdQiC5y/AE24Mesbg1iT1+qufeOwv4V9spW3F0Ci3GOBcKrqBZxnnuHNn6tiRe3R0eeu6PLRcat/HSWY4NFz3RvUposC5YaATP78JXgDuJg/wRoM=,iv:FnxDapA+BUfSMVBrTYb9mcSYz5cZ5Qof/PZo44UTXrA=,tag:2FH63YT8Z54G/o/n8s57yA==,type:str]
- pgp:
- - created_at: "2025-07-20T18:28:08Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAxK/JaB2/SdtAQ/+NIlVMdE2ErNYHjxzWeGY51w1d79/fwZYQmTKL5FXEJlT
- 3HoMDrDH6KzhUf5Q+AOcjfdifhXi4SP1ZESqndkz3Z5tb3udo3U1sjAnLerUyHB7
- Hs3v4snzOx5s6UzXS+sMgzWvpBBJaFMcLYD6+i6X90SQ71iBP3vXrnUSfRYxeHBt
- LvY5cBW6S5Z/gOFbkHDnm+DsM5yEqc7rZomD5evqWaj+nD+L0z+kjqtx8E+nRG5h
- 1zVV6ZgKPNXDpodyC0RHDNQZQNsZHulMQgTns6574CuqW5Dd1pceUjVzkAY3YTyX
- fpAwkta4TaytArWkGFWLMcpY6ugwIFSD9hIFQYlkwXVBwnVs9JVVvLWNOqzSQijG
- sW6JhjX6YYuXhTd9HTviCxo6Zy/8D59Mc20YFZZXF+11h2qmAwJ20R1L0F0hYKad
- ObfqBkI1M2OmMoeECj8sj2J1BWI5f+qEIyQJKMzToKyJZnNBCUY5JTClYxJYK+gZ
- PkxrVytHAwVfZ+b82sz7+M8dztPbvxDJWL5LFPO04dgiOjtfAW499vDJRuMXKNSm
- kloByBdZJNhtHVx9r1xshPku9rlT4NptDmHB3ktFobYTzRcgZRGMxuS86ILN09Zv
- MovjsHRHZM/C4tjDkfrxS5Xsu5uKAwsPpg89UIQ/MRhlydvqAf3WEQLU7FIQNV3S
- XgFRay4OHiIMxtLSPRo8DorSgOGv/kqm/Y/7MMTaaMucEwj0bzluPi/JS0UHM+C9
- IMhRnsPtCu6NmLlucyBMaNVd0kEQi77vmIFk7/qmXxyQCGX28IqEKKTLulnWcJs=
- =mBgI
- -----END PGP MESSAGE-----
- fp: EF643F59E008414882232C78FFA8331EEB7D6B70
- - created_at: "2025-07-20T18:28:08Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA6EyPtWBEI+2ARAAh+BrQJmB3omXdWL+G3nacI6ecm+u6A/R41HOUtqcPk6K
- 0i8ImmWR9Q4lwZWvYk4yikTkKv3i5DoZGOj5111xLEKOadlsHSEtV8HDtPnzX99t
- pZwRcRwo1/2mYUczXTx6TqigKE9uWkUUomOkbHt8+r/XHDJjA14l8e/h9GrXqHgt
- B/Ny5hnesZlgPMYIAwr0Stad4NUwZ+w4LoyWvWgPOx3F4UVlSlZGHwD1VHpBxl7F
- o7vYllTiwhx4bKSbKJ/IlPhU/i38trX7VK70JifOxTGqrfYw0mdN5s2W+QHoaQ7T
- 6HTXkEm0g9EGoUxECFdVzes4lf2pMA4ReJe2rRuBZqHYYglS65Exu7MjSSbLkO52
- Gvmk8SFWXSswKF1hZUfmttBZzn/TUfBtuM1LCeEalNQH5MjqYXLBJqhqH7AFMBZ+
- E2RtAVQTTAv/YIDLKTM5/Yk6tOGTPXUK5Etg54IETWDaWjLexUcdsIl2F7oISoNH
- IFcmsfSyxnZnJ7qAnWdmzRinUrtFLzl5Lr/RqVxyYK4ZUaS0QIv7+xEdUR3OBKiY
- Gm9CvRUNY0bD7IO9u6fwc1lov70z4qww0656k+4Yo9YAZBI5EluoI0AVVSKKlCpJ
- yhkbgGyz6gC7DAlYJmjCjv6/AqZS0STm4KWlKR5dvWrY7FSJiSpCVEANrv34mdLS
- XgG+hIT/Iu/QFER71LdizXEBMgZB/E/9UBGLdd5cRBXtp4vYpQIajl2SgUU43pSu
- c+NYQjbg6FUxY97k+QD9tlzgErW1bhW8jcZVDbYYrBa1I8arXYBArr5EmIIFRBU=
- =BTO7
- -----END PGP MESSAGE-----
- fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
- - created_at: "2025-07-20T18:28:08Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAz5uSgHG2iMJAQ/+M0gcfxMf9f/pjwh9uMCQZ4DzuuLgMzC80L8V19tX7wic
- tTXQcRWWhM/4Tpr1eK4UfrSMJuQrT71ezcKk1QFUBxeDkMT/V0+sCkBdwZUiWlne
- ASdy3VrIEHFeAS3Qnv1/PACIcaj66FnuTcwUed7q5Ru9i/vskTaBwEfF0P+8EdvI
- UJeuMr2LmpyYwNRgjVWcl7s8OUlT2WfDZUnSEPrigvcKMEaDNdEKt2Xa13slBfxO
- RIs06bHotCEUwzsYa74xZXW/VJ7jrBwmJ6qB5SnX0/bv4UJuQ5oB7tIiXAYN7nx6
- pIUlvXJB5g43Are8nUv0wp+Idx+ALikFNMZj5MliQRMsgJSezVGwJhkqL0Gp4+L7
- /yJ4Lcyz3JrqXhmDOhea6Le1xczQzGyPt4XboBY/Wn3mLMTMzFkLGiq9hqarBwPs
- Lei7ITY1dsj1mwiUKh/clHO51GBxyo7v0QmMjfODif2GubJb5ip9VrKF3CUZhreg
- aaO92rJECzRSEpE9SYqGHqi35vGIGy6XJssunXCa5wwiQdxPcPTcmZc3tr3fxsN0
- WZMW2hMOr6Ms8UrmCBNsKGSQqr68dZglcq/AouegIzcjoJ7LkLojBHMoWyW0ulA/
- DhX7mJgp8BUR8JzVbpd18XcD3daue9ppD9BgydHJWJYM9uyvRwkiR08rkNdhRCPS
- XgHCobH/fPa2NXqpVgbdAkzs30Sg45jv4F8RQVToGfVt0IMW1fyqRLPIyNNlhHKy
- uqZThseG2c8KPclw9RzxmYNGzzx2evksZjOBhxFjffli5wjW87OSXK/3O4Ne6gY=
- =0foj
- -----END PGP MESSAGE-----
- fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
- - created_at: "2025-07-20T18:28:08Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAw5vwmoEJHQ1ARAAk3LNsug4PeNaLy0/Ym12fIYG1+7vp/5pBzVitEXCKAEH
- 1NtdtfBixigwvRkFIqNpAAWRLNp8pcqVS/Hv8EXoc2PqKm8ChDE0KwUjgZ54hIfV
- X8SCKKMvWRBIoGRYsHYxHYvZbj2ZmqziP7bK7/paHeZ3r8kyvQtvg/p6slYY4RH1
- z0NjYqddvL7Vty1tQNaCX7MpXP83JhoVI5UHSnyGWCLze9IMWJt99/8VH6X3WI+h
- F0xE78ooj7fPo1pZXkJ6bnyk0oelSU22gl18riG3qOpQbET3ru98+8oycTGQKZ7Y
- Tqd7i97yLTO9RZX0V5dQ7pG5ozSWTPwm71X5rJrJ6LCN+03uvvrOPc6zqzzsRQu6
- 7oPMGMrZlPSS5FJl8WyjbyrhNj+Q1/t+7E43q3lPQFiskxpEI4jBO9qqGQZ2GMHp
- Y4Fz2HeOav6SpOtDleS8JPoD225f13PVkUlcTouMG/5bN/coLOK8iPfmFRkbBuGM
- u2VDW8GenH+HE7o5zWzOoSSjZUO6MjfM6ig+6KXfxGGHfLruW9AG+R3oUpra/CZS
- LC5xgzEpQiZW4lw8Y84Ok91ZWeFjjFSZXqHLS+6NW9/0y6w0CSS1NyimliSYMjor
- RZkGW9rzkzA3dkCyy0srH3Q28vLv0eRLgRC/FYolQMN7PoPU2Mnl46aLNTdlyhbS
- XgF6eXZUZFb+rJjtXDJz3qS9GeJWIHAlwZtzf42MC690TO0+c1YeoT92M27P1CsV
- LP9HWlEHWsFGyqN0YNvyp8bm/0xGhhjB3VbTx0yRPB2KbvZ6Bt2uZpfFoRB94UU=
- =EK/K
- -----END PGP MESSAGE-----
- fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
- - created_at: "2025-07-20T18:28:08Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DerEtaFuTeewSAQdAVZpG1ilk17Ksf7kIR7ZVsUc2FuWFd9Q4n2TSO9Ob7Hww
- tK9/DaPvDZkzncOqvqeMrnoy9gPY5EHo1CoGGEfWx6sBj3SdUS8SyqbHinqnW0Ev
- 0l4BJ5y4mteeiKEdu/wymJC7x7PtC9ta4Ox+TJbUaq0iuqVANKClEdQ61KnSdTZH
- JUKN73+qZwgD7sGmHqt9FM2TwyRzLSPhJpr31rqfz7/gWx4rhlcHmw8fShSTt/Nb
- =YHt8
- -----END PGP MESSAGE-----
- fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912
- - created_at: "2025-07-20T18:28:08Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAxjNhCKPP69fAQ/+LmQxbBOBTe6VxBTB1sj5Kt0BW+2FACuYfc5k3QQOQzj6
- dY+/Kyq/tSZwP8lYyAWf+U3dD8fY1miwqCL925DLTYTXtZzka7tpwaricI8emqjE
- z0rSYikRpf9axxnrqKUKReZtyYc1qCIIgbz/yYm/LavfW/R/mP03fkjemEurLCrp
- v89Z7IZy2VrOKPXQyG0isRMUcUY0lSwYHtHLOPxHVxFNw0Yq07tvvmvxZvRBGCh7
- OG0liKNX1Sxn7c/pfi2beXU7ZXTHXoYRCn27JSXA40cDU32iqyzWKFCEDUsnRdSD
- O+daN/PjsQgfkMMpTPHwVli0Fvj7IM7Q2HAJjpzLvHsLXKvd2ZxfwyOS0Z7KRH/K
- 9rgn1Ow+JdiW4KPuaVvvWpQ4K3avIYKBRl/GURk0xvfnUQ2TwyX8lxZ5HKP90ymI
- Bm1XN3Mjo8uaRNt4DDBHKfFfhaA2so4u4xMC3Qf6K3dRPGs10hL9tnm/+E0F62TP
- 1dHzaIhx3uhl6Q3re4CB0R51g1K5s74Qjj69cBZdQfLVmEIMZGtRLpSCBieTxtQ0
- C/kWXwPXwRVdBkWeq4Nq99rwaJFiGwZ4mKVoPoxsIPTWrypJzvun2ey0jIpQc4Ei
- qQcEv9df0mpQ2uiLICIg1q8aIC/j1UxrcAUsyyPiGcXB+knr+/7YYrBlVTOxM93S
- XgHBxdmaKfMkzFDHvPQXTg16FhcCkQ91d67h+3czOghbpaeB9y8kK3LxBfUbz9D0
- pTtNlzzSvp9JKP2XAFTSdYnR9WPU1huxVLAPXuauhOjYashbPh2HYi1agOH7w4Y=
- =KguU
- -----END PGP MESSAGE-----
- fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
- - created_at: "2025-07-20T18:28:08Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA1Hthzn+T1OoARAAgQwiIq79yFvDp4fKKizLml7Zk2OcxZIjheUk0Mbc+NjZ
- ikoJAZc9Sk0LjOF+m2N8v5rPC0TiwMoH2KTQV5GD3UIakFj6mjhj2Ap+l8HuusZ5
- oQz57/2JMzBnSwOWAkRVOgOaob7hveq7FC32fQVZuMoQksBFpWOAT2UlGZNAy/TF
- q6GTFl0XDrqno01TYxSUF1GchXuaqDJoMAxR8xwJr1S4fjTe1zDR3BrEofBoeIrL
- PSP6VcuwBuxDhS57zDJWilh2ssNFi+cEuXQ1rBKn9Ogdsn4xUxs4rVkhDwIKvTZa
- nPBdvPxIAzdJc9xGr2NOmFHfFIfwWdZOn2WgAfKe9fJgUUpUy4csbhKnrDFx1Drr
- 1FXDV3kDt3nxWYDvMVUWY6Cb9ofKDPOdhTHDyXbEPygUzwGMeiM4wqql7jAKIzVA
- ovimFFxyLN+ZbCMpWrc3e2wCtJRkKHV4jL/qh0LQbrgrP/whXwiohI8qGGHkQoL7
- oe7i9s7cymfVLOMb3axu//V5aFrWDNjfdFBEaPiiPqijYqUMXou/OTYndPjL99Dl
- au/xYsHaXVC9Fh2ofTAUfUva4Xl4pXLbIcTtKpGG2mO9eXZQ76PGcPhOLsLWbqtt
- 5DbY/iVi/ZSojB5mTaSGR7m2uttRYYsP21dZ4ctm1hBWiw5YwAsasybVRRsIrXHS
- XgFta6JdmtH66TJRMXxEspN3FiFgqH/Xwa4TDAn0LKuNY0BGmOvTMGvrBwkCRnX5
- 8e6/Go2awGo11809rdu9ISrJtcCIXcKSfKpJ0RI0c+gq5tY4pVUkY+PqGUU1TkQ=
- =cHyN
- -----END PGP MESSAGE-----
- fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
- - created_at: "2025-07-20T18:28:08Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA46L6MuPqfJqAQ/9H4OlcOu5yxy3pRuLTi3NOOmlzZyscJ/erkZ/2AisNtRJ
- iseRYUaUis1QUFjUggDXpHrZFoh4u7xeY3GIIKie2lmsXvLQJnvwOlaknImsUat1
- +RrE4qU95nNcDJwCGbozmZSO0T1SGGKNPUsCN0ud22plIaPfgWyi2Ua7mt2l/ysi
- w5JXCYZiO/EFDc1z2GA7sXNDqYCyM/LgiHUlutrxaQ7WfyDkIJQrSkHfRPxm8Uh7
- K2FYFj4uOf/2EF7hpsUcoqtC0AZECOtkn4Qs8bFJkVcowg0RoZn43i4utXenC3l8
- UMVPLx6YLTrueqf1eAC3n7U+nKoGaEYiZaMcsWLKGlyw2hvWJhLsYY9Mp1peNc64
- NRD66js+L3DqnR6y2iCOka8ZExPNJRge2lq0r4ShIpSPdqd62/aQvnjNbr2fMInw
- QJqxmr0ognQ519dmvt2QkstIu6zZueFrHpfuIdd0m3X0ig4XZ5Oi8NMqb2FjeUFY
- q5DQSiv3UOi1YrXwxYKtalIwBZ9BeVYgh013GkEpaGVtxSOwcYu8pzdUoIphHwlK
- o+zsUjcVZSKA2wTgOMIxxVzZnfackI7OTB5W2io9IiaFFRAS6RC3UHxwTKjZGQHu
- WcPc2MQPP9maBBZFGKNNv15m9r+1vitL5uwqhQYvsWEiFstMV0KsIp2ASlNIKU7S
- XgHyFg+Hht+0GucMjMrTjhbwJm9twIvQ7OEIQb9Tmh9yL6g+iMZ80PoOjlOKFBk8
- ZSOclmYTDMzX+Em7J/Ft7BOsppxqqUuyRB3oV55snUn9cRvebjn4hMllVDJ6OCE=
- =Wemz
- -----END PGP MESSAGE-----
- fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
- - created_at: "2025-07-20T18:28:08Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA4EEKdYEzV0pAQ/9FkAVj5cGoRGQ8frGlq0O4Pn+Weooy2vla27lUsArfkqp
- UrIw6C3TGc+nN75atxO37daaQVh+49afu5Qi/tFy5drgeNBMkWU9BmA0gAXCKnTI
- EhZ3O4rUbQOxSo7H3doMgfKqJrFes65InTh5CwdUDGP6lCcczll1ebPFH5qxygg1
- StTSP6MwzNBcX5PfNpTJFHSkVVJX/yXitZv1LdzDQ6LQeu0gInWMGqafrSDX3EvZ
- hamEvBOr7KbuMCNootWp0zkh6uhrgnQY4xGirEulGSUBEfbLf+V/C/cuOFK0jl/b
- zd4R/8Mqx3AfIdDioiOl65Fh4NelNpPMZ5Z2viS+U4pRJdI5+7nnSiPoGwnPeS77
- OdHZiHd71VLJSwW7r5R6FmM9dfKg60EUAvyVZXHnt63vCJybGw90WrRM8jdFZYcG
- 9Zj5U2xywiAN8/DzBUC3EoR7arzp9WtGMCskU8XF4wANClbs0pAOXcVoZ+lXVo1R
- u2skGnob/hVpwLa6VUWwS3/ph9GO0YTTXnWnsXem+TTx2wg8HA0QZ3hdKiSx60Ab
- QZElAJUe22GiMexBkleqHX0kF4OjX4h2xclihzlI9sHse9M/5CcqWckODacNomQZ
- NiJj91eyxkA2TI3PXePWjgMtc3YokMyszviAu+uwuKU//7BEZrQ4IU+httWVzO/S
- XgFzyY+zfWmCDo2fQLxWeL358VgDkJUPY/J7JoqDRzl9qkfkrhruojqjOly9v6ig
- AgQCVoNzaQM+u35aPMaWW4Fplo62ox9lhbeXJ0juAFPFbIII+47GGFFhvOMbprA=
- =KlTG
- -----END PGP MESSAGE-----
- fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
- - created_at: "2025-07-20T18:28:08Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DQrf1tCqiJxoSAQdASInfjzYXG8OBDkWdFhrhM9MbPOqnACkmLX/iYH164nww
- RWN4hXfQD+mQJyVdtvx5oPp1ALrX9/HgWaYEyLCVFGEI4cra3qOuvG7nXDCrZgXn
- 0l4B2jTrhAeQlelek7YdVvmBxD+pZZzlgjwUccQu/jyqwBOuY3uUEHqkOfaTynwa
- 68U9XkkVgUe1rRG6oYlHMWcCgpGi34HnO3oyv87rM8UG9a+U5FpErkbGgcFvkjxH
- =64mQ
- -----END PGP MESSAGE-----
- fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
- - created_at: "2025-07-20T18:28:08Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DzAGzViGx4qcSAQdA4xYlygBA92kiyWrSqky+2gpCEPIRjSwfzwPkK38XRlsw
- Zjr8hIWzDiGd9uYE6mwdUMY/OuGZhq78ii+vRl/ul8bINDq1XQtG31MAV0sUhMaF
- 0lgBSAg93UUf2PK2Mme5QXqHBXwkMN1/pjIZ45h+EVedTrW2nX0VzdOy/yrr9Z8+
- Jr5jQarfxEmvY2TJpUc2FRJHoWOqtYelGqjixRtJ3p4ZkhdPS6pJezfL
- =sUyW
- -----END PGP MESSAGE-----
- fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
- - created_at: "2025-07-20T18:28:08Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA2pVdGTIrZI+AQ//UKGVELZbbBiY1+5xjEUNKbB3EvkeKXfsHrmT91TIE+0H
- A2tOb4+rz6Sg5gjCRZceUIDGaOsy8rEo5PaF4l7gt/ygB97szPmPlVVWCQYsOFkj
- E3XxH7nwofDD2y8p5eHdZ1h/txwoU62h8aSNmUVK/He9l+eF30qqhQpSe+L7IqLe
- lPp9OG4WLLRPZG2xjmC7NxVPYALhA4r1iIdgMXUWBW5FvS3PTEZAdQ+C5OhzyZse
- 3gehKnvEfJsEOcuCaaOGqEMeZqjmaO7CORZDoYEehaG+qOAw3Zkoa/nHFn5CN45Y
- kRqxCJSlbjvmvWwdOZ+dLpx4xhvLKjYljswcK7IiS299KbyVNYln3A1pGEx7B/Du
- YgpHmRNa+HR2KiedfxTrSS9z5SnBFch8s/ilkXJC2I1/T/iML7IIQazG8tqlpoja
- fY8HQy6TKCKshP2wcjZ8mDZPCbxKRgvqDQ9f76CRgiMixFX1YBqarCX+/zPW3Vn6
- hahwPkVyVTuRP+atDiFEGm+6OGOdQTNx+kVjKqi0ycerjbfvsawHAzlH5hTMKe6G
- OA9b8lhJqLpv2Aqejo9JPZj6iSvhm3sPTJfDYocaF1ByHE8W6B4jLvMw8w7t7/kh
- iBZLhaqNt04A/P6HXbR3cwzfi2FedxNO/MWPbUd1fwkninDA+jJikNMshT8NIoTS
- XgHLZrq6ojv9A0qLv0U1mc43YEsc5xqJ/Nbelrq7KUODkBadyy8gE6iCqliRVJd8
- Nux3TMgoXnT9/ycPPXwC0Bj1gnKZLf1lVRXjXelUtbLRiuaZxYB5fRsQVunsk/A=
- =faMy
- -----END PGP MESSAGE-----
- fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
- unencrypted_suffix: _unencrypted
- version: 3.9.4
diff --git a/inventories/chaosknoten/host_vars/netbox.sops.yaml b/inventories/chaosknoten/host_vars/netbox.sops.yaml
deleted file mode 100644
index 3ae3b55..0000000
--- a/inventories/chaosknoten/host_vars/netbox.sops.yaml
+++ /dev/null
@@ -1,222 +0,0 @@
-netbox__db_password: ENC[AES256_GCM,data:4k0wmOe1c5AE298Juw5HMm5dttTKB1WsVxha4MwaIILpyIbJO0CfmzjYflfBTFPPGgVeuYdCobzchzqkP+8eAQ==,iv:25Cj2BLGJK9tMDr42AqV1IzJc5zG2dk1YH5vC0b1T3M=,tag:knyB+nALZwME8y7CAQ4BCg==,type:str]
-secret__netbox_secret_key: ENC[AES256_GCM,data:zPzoFK5Sx7gJ31/Apwex9ffFU/GY+HxIfwrItCW68MM4kVvS33e+LY4cI0vbPYEUF10=,iv:SjpKxyxSAVo+p9vvE/YAQFCzAEudcZ1lwnJ6scxeQD4=,tag:oA+lBep610IfelGwdTohvw==,type:str]
-secret__netbox_social_auth_keycloak_secret: ENC[AES256_GCM,data:HP753hmQ7ssbYSQRH0zcRC0vRN5bKptvMXo9jjzcuk4=,iv:GQUoojXLAJxqdB92kKLhavDaka0Rkkg2uocBLshdvTk=,tag:LVnL/JHMsAd5UmmpnUv7og==,type:str]
-sops:
- lastmodified: "2025-05-04T13:54:30Z"
- mac: ENC[AES256_GCM,data:/+JlBnsQuJrx3+CXlH/0dtst8PdBw7cTnUpBavcQRXFjd5PsZ54kUCosFu7Y2ngL9xh6WOWKSJCKpHFb8TCrBhslJz+8SQiH97py9m59diMwG5m/RF3I3YHBIoonSZvl8ocDTbz5myycS41fad3CMs5XtGt/vEcceSFhgqjZs9A=,iv:yL8aRIn22zmTIQ53/e71t6o2z7q1fyvmgqvpz4va39M=,tag:DH1oCBbdOgK2NdanzMSn9w==,type:str]
- pgp:
- - created_at: "2025-07-20T18:28:09Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAxK/JaB2/SdtARAAgv0wpzF+jFkc/5dlF9m33aXqRacTsTJutFkSv+NcCHwL
- nbOjXr817ujXarA+NNFeu58FQEW9+fxA1T1O2azbgtOz0xXdlDfkSkS8kCm4B335
- cAu8B8UwDwMOpiRgmHrsnFmvDct1sOZ/tgnd6AB1bgSyKijNGtdIfAimbOM0pEo4
- pNWkwh6WdsbjpSFohfuh5c3yc2unCKLV42QDyPbGYmE/MP88DW/bgBNmhept1vGM
- k72Ih1lCaRcqZLEDaL042ttSqk3MCK8tbAzq5682MAyIJGq0H+OU4uysPgsxy7GS
- OGDmyDHOD557msVZ+ftHpQKDsHMdN//DDo66uUR4VCS2IqILVAo4mFAbmbzF+yZ0
- Bt79T2Cgd+c2GdhiZ7pADtuVmLGE24mw5FXxCQxb/fbouXidH+2neVIjPCqzJE7b
- yJoaYMIo3gWIdIM7fhlFnWrh4KGMh8z/eaVW3oG2uPCtO5OBpts1VCmvcmBBE4JT
- kTz/1w/v3kz0rwze9JTKXHyg2wK1chn5V20T+5SwP6MAL25zxZa/tlPHEIH3lte/
- x0LHEU/5WXcQLYpYxNF7yy0mrwRlMs0SLRxC2l1Txk/O7xFffnFL0I5vBluxLU3y
- FMB5EtIUamapM3FuOC+hzf9rCE4I+fQJ/8aBQD2hjzOQNamg7CTXTNWldbzKL/DS
- XAHo8+Rd9b1dvjzZfxfRp/bF5Av2bfTO65lb9G6YiBHLD7+AFbo2Pn7NWh9X6J7I
- qpYAK9Wfs0sFNm/UIhmSkFJIXmlhMbrsp14ebfH305OSoe+dvkHfLD50frdG
- =3PUx
- -----END PGP MESSAGE-----
- fp: EF643F59E008414882232C78FFA8331EEB7D6B70
- - created_at: "2025-07-20T18:28:09Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA6EyPtWBEI+2ARAAkHsW/Uz7zqX2bvbgP1SlNiQGJ979f/wAHA0q154N22r9
- 02H3RB9zlyLQhEYlBKC8X1O7N8l4ZTod5GNGeWeqiEUacTve084u+rkrLz9HaNxt
- Tfdpq0fqGofEvThOUB9I2B7yWahg1g+D5xee1PLhB03dhMwlWgfj2hD2+7oshlTi
- USJsY7mR4GImWYVqcm9/nANpoQzEYJ24K0h6dw8NBDvgLPQAB8h6Td7DjXJw8NX4
- 21gfToS8E62gUV+K66MYwCZWuc/FxS2DZz4pewm2R52ReP7yl/nmpqlYb0iCfiTC
- RmxhFbV6+E73sPzKjK8BJDMB6k4uPHFu5Hkh86o3XjwkpAaX84EzjVKi3VIGTLG3
- biyeWwh6efCjUhXptaGTIFZscdGiEDJGtTn0Z0J8iDXotb6pZms2Cde+oXpg2CBX
- i6uiKiz/KtBaRNYbrb8rcDQ3IHcO8WWSvAp6dYrbOmY/bYu6q2dc4hhTVs4JFVzr
- 5I8m5jRQdzyhaoB88S23VKS1jaOUwYhN1THKPAmcR840kAA217Jq/GwUoBx/G1t5
- DJQmStvo5f+nYBB6N/PVNzUWLU6gblFYiYnDIFy8hFHYmkmmWjU5J6qfITyzTULa
- f079U9SJiqdE/t5UELAPbvIz/Hl0nGemJfit3XhZV3IelaFCxSJUR4DmE+rXTV3S
- XAE1zXyTvV6b9bYkjY6UvUMETH3NbR3yYjn2CMnnHiPykF6rK7jXQ7Z6AP+drna+
- q9B0cmmMmGx1LcwO60wBOdbDyWsw/6aCt7SaMwX7CXw8kzQ7ZNRQDPrXtLPM
- =3SiJ
- -----END PGP MESSAGE-----
- fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
- - created_at: "2025-07-20T18:28:09Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAz5uSgHG2iMJARAAyfykThjQAYOrOMy+nHwMHNXhmQRhHwtLIb+WEekWkRP+
- +t88NlZ0fgtQtKVZbme8V2a0TCFXK7DFmC/6ZYtawfSR6LsJCsybQ5iEXEiLnaMd
- mddYwQocrHC8/P+MPPvG4Wu7WzPc1yl95k/GR/M/o/Jef5nsmlfsO4fEJbB1tVTc
- rGjFZidiFIsJ12Nt0DavJi5iV+wXcrFkAEdDWSCbmp+93IVK2kEeSnSEJ2I0JOHz
- 8EuroP9wGFSaq2pcVhEHs8LBm8fjUizMZGOVTjZPVWLH9Jc55Qwm+APKBMHkoAEW
- KaX63+uj/IgqDKTo556JyYhK4ZzexPwduelsWfOYOY+r2coW0bV5haFEq4pvHMJH
- 7A6m10lM2XcUzEC1j9r0BxPJuLtS5sYhub9gWsgxHsCbgArKcvkEfpC3ZRJyOmvo
- 1EbB1Stvh4vr++ASmHlLl314qpLSt1YEYtBhGKg5XUPnGM86fOYOtH+pX9fOM5dk
- xC4CXKLRmOfRcR+rllGoliyUrrXMTugf5r/UEeYOrSsKd40JsVPVC123Uoo8Y2j9
- FO7xGVQ3WBy4rDrqjRXoV1nakdKOvGD8iS0hSGs8yk569YtKA34RLAcwpji3U+sm
- wIE4X/Z6Vyrsht/PvsbIcptexG2rxq7dze7eZd1T5C/pdcwh+rQG0ujJ/GB7klnS
- XAHpuT2TgiN3oGIKMZh2cqfJ/rEBd61pvWMJQYW6ve2JhxSNL/Zo25GxsDoCzoqO
- ruhYleZuFEYyuVIJQ1ePwt6AeQ4yy2PaNmZAJgW5scbSn0LKMoX3T8oRtgxN
- =tPWV
- -----END PGP MESSAGE-----
- fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
- - created_at: "2025-07-20T18:28:09Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAw5vwmoEJHQ1AQ/+IFSE4p67ld1nl5V8FYCHwDoZBAFKBz89KNv6nMmKZiVE
- sa41YCWky0d8Tv3QXiYyL0jZuyQpN3DSXNrtQLHbjHya/mvHT16Oi51/A5ZvW8Sk
- dABW7DHokET8cmtUpnhpx2hKGG2SbbkkGmZCBKOveVn5wq5VUPDqJjOF0P4wZWh6
- IkEQFfequPcCsM8MAtM3ocC5Lkkjwb91p0e0A35gE92kms7iPE7ecX2DJIiaATIs
- ABRmcgwOJeuYV7nhvpFbq5FSBUXvjuVN9IGfIG3Dl+IcCYg5xF2eJWnK/sOiqNmc
- uFoPkaoueTYEZkgwg9ItAvHN853WPzt7ppsduEvd3kwnsCrtj+veylr1upTjxQJK
- Rx2+a70NJz9+eaVm4hLMBDl9Ov6cEril+vZU/N0x3tSQ/vZgAJ+ofK803k6717Mn
- TkSLjLkP6BNoKI7DLMLfxiCy0IssDsiX1po2wPSn2sDa+4rYt8U9dhfI8wYzUF5Z
- T8IGE7ZdVvGR0FfxbPdFgxeNJSPv7atIWemnqEAMQ5fVFQ3JsBS8xHoqoLcLJHh0
- Q8A+HPU3oSiU2ZjGlAM9yKWdUjz/DWeo0HodqaNBonJqCaxids0P0oHSGbTB6xY2
- pYYXnD9knobCUr/etjv1eMvU3lIi8bz8Xmdn4KKmWr2SQKmxUU+9Mf1BWWq45PjS
- XAFK4pHgiE3+YLK4ygIrjBFls6g3BPQA6rUZAiFzsr2D0g16rejdhosacoJcKcGd
- rpYHLCfu1CfgSlz3Qx3Ass5TD+xwHdsfT9SPpRQZSoxxpcxmDUcYpqdwGeO7
- =Fnjp
- -----END PGP MESSAGE-----
- fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
- - created_at: "2025-07-20T18:28:09Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DerEtaFuTeewSAQdAHaWsbzMdKQlM4f16MMkD06MaR9hPsvalNE1/K4d8Mygw
- j5vWYfwadl8XuI/GRoyZG8hnddb0Vg545yVcHk/+0+W/SfWFzwhhvDUX8H6Qr8n8
- 0lwB89rZt3ztUxEN+C/0UAlhFZVb1OWZ+xpDC2u53j3f/zxAtCUKjJA/cqlL9sLG
- u037d6B3Wn0XZsmC+jK67BFZiMWs4ZD5oM03rXMLqTVMuDzjV0LO5rUFDgiq6Q==
- =CzYe
- -----END PGP MESSAGE-----
- fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912
- - created_at: "2025-07-20T18:28:09Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAxjNhCKPP69fAQ/+PmNa3+9KdW8QK3Qp0xFsA5JCwFJ+ePnZqSy++0o39Cxf
- htNykQUd1aNmHjlBTmfomzoGe4L8mIRULbVRDB39d8bqHI2EIUibFK2MPQrSvF9x
- WLk3BLCKjBf0jja6y9DsgNHMIKOVKJKZ8+MSNiEwPr5yy3t+wRXIE7bTfRCSj2vO
- mQ8MtN6XHH1klcg2MzQ2VBgt0/TgKNYRnF18d0bTzNTPg0XMosd9vT3HIdYNVtRG
- Bs88WxoLQX4ki9B00R1diWneW3TNkD+SG+3QdbQYbkwfKVE7+/ZY1zbmAf9bUfM1
- FAyUeUH2ZfiqDnGTTSQEyLjWXsPx8OmaeWHdvY+Nay1tQxfyvdFldjmkhnhUYhot
- epu4o0vih7y8dPAPvD2v3eflXo4I0R8kANKDkVZmB/ugayeR27Uv6+Rb6XQ27aKc
- qrYMEzWsNJ14Cz/mM2eqyPBaI5mxhttxlFuPRho+wz1XISqsmJz14VojT18dtY5q
- 3gv2dvzap9+xbs2+d8VnNvjWzocJYXy18ZLoZomNIuuKl6s0OdNEQxiC1/riWMIO
- QjkbPt3037rtM5ZczhzgFLm1r45/nFx+T7nm42fEVLYnEP4Ln8bgvsasKHOoAocs
- QWxUFMQ1VAyMs/IftTnxMZQe6eJmqHthH+3q/wYhIqsPy3r8gnkuqjqwoCb/XTrS
- XAEQB91o4HxiecHP6Ks7QGI3+Z1CbEF3GWBrhCVtI0j+s+r0qsSa+6zeyaSK2Z2f
- uRQijSuYw09UTsQHY3dsxZm1KNebkXXzVqrY1Wt9Qtf2Yr2seZiCPygvPVLB
- =aDv7
- -----END PGP MESSAGE-----
- fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
- - created_at: "2025-07-20T18:28:09Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA1Hthzn+T1OoAQ//bEgJM9+WRz3K5KwV9I7fpiAb+BoXfNWh/mnwUGLv8FRP
- aq72bbw1vXqBhI4jkna42eJVUm2AThL/q0QOJvGKDtud0MjJyS1tZj44kfwwC90E
- QrybaasPvZ0WOLmSQO9DW8oyoqDqM8ue8smN9HJTOfHl15QV1oXWYjH0j2l1D/AC
- 2iqLW7KOzo+zFr3s7HxXnCgv9/BwqmafW742aKM8amRb885b4CAzFKvhrYlvQ43T
- Tntgp63veu+IIW1YiqrdLld+hJpPaVHHDuCRANuQ3r8hQlzjOMC0ZeAW0uXnRuIc
- 3fOk+uQxV/POIauSQskUXSHztD8CacVjUyySi0+ZFTtJo39ulykalVy01UCNuWVE
- O1cJW6I5ItpBsUqb6KZyMVVgQa5Iv4JkrTEaOsPXC/O8wb+JxiAz06rb8j0rn+Yx
- z623wZNi+QwvFPc1c62DXFZN9sxFY1xcildSpjh/h491FAUE+QKYEPIMf7ChyqRw
- uVc9A1f+tJFI9M+gzWYI0A0+Wbl5V4wMdJKzzSyZJAK4+AyJjfpwHRU33vvOk/MO
- Cz5VdrCs0WQ/x34KauuM//AranbqjG7QLGVZT0pkknSyG57NF+T9KI8aZ/i3E1La
- 9LEnMf50WLf0kBX7OrGryFs4RrFNWsTfSt37X1EZCmWubGTiINc96JsMQIa00bjS
- XAEOFQq9PM2w/X8RyLnaE0s4m0gau9baCQxonUwq37S+XbjKreupgY1SldcyVMsU
- RUWiwJwVMNI3UGdQ4LBoJYstTEhH2HLQFZecw0dlZfrLtGgWJAPYvRWAx8uw
- =iOrq
- -----END PGP MESSAGE-----
- fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
- - created_at: "2025-07-20T18:28:09Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA46L6MuPqfJqARAAjJP/zQeLJ1qXKrz4ck4x+8z1TJx91XQU1aXLWLZjLcAw
- 4v2G4ikG75WLfJcHaHNS56bhYKhPt4/xzmse16O8xuztz8xLVKsYuChna1J96IiU
- pk0GbfWK5N/BVgPlntFE29gwXc2XhBSucHVwe9XseuIAlu99+OSf18TVXC41tKmQ
- ZuvxgLMy5gLlt8fLLmsrgU7JM6QQXD/zfdziI9acrDw4CYKgE0Yt16+/JGCO4LI+
- 2yeoV/GvFTS431lsVmTxhC59DVNCVXW36o6EKQxXjcLFhuzNxCSI+hUZYJr476XS
- wgdHQWoKrTL8B6l4nJ4/2zR6ltFM3JZi62aNW88DvW/SmJsHXt1b1tATie4kVpLo
- S1ns85v0A4NmXmDyxiORVbGT087AvdtoJw3TbLNNYiWdE1FakNW9KVcjVeqly9XA
- Kjr72wdyRE1vyjsuDtUnM9Apuo9V2PWtfqrsNqYxgK9WJPFEzVlvhD1CkXXXsdfh
- ncVIywwU0CYG9xOAR7DTO/pPKa+faZStU3bRlE89D+9+iUkLXqJnjx4ZPUeIMg4v
- oByjEAX0jOqJLsUR10tSmJ7hrmdWoKSJTVEdx6pc45jyt6CZD5EOl7qMlteCVZAg
- gkkZ71uQLde5CRFrEPIJ3UdF8xDvnjJ8HgoaLCv9AewMlWiMNrGWV31rFqp7CRnS
- XAGsOtTt6y6VT5C1rKamG4IKK998ycirXQPlwC1svxP44sRS/LE9OI820jEiGUxT
- SYeFvLISOje6f8Qf34hP9X5MmyxQd0lqMiOt8lkGj2GDqFzKsrKeu1cpylby
- =Fivv
- -----END PGP MESSAGE-----
- fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
- - created_at: "2025-07-20T18:28:09Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA4EEKdYEzV0pAQ//WS8zjYnuGKpQ63BdGAEU55mAlGu8etvOLlj3JGL/EAjX
- CKadwY1gIPjN/AZzDN8twadasFE/o02Cz1hLAPQIS4IYgh2L5pZZVm6D/5v0rQgJ
- Da74NBoFKXLD7D7P/+abLTFSrTG7u3rRL8AAOsXHiMpyxn1AgvNPS/lHrdTWi/7Y
- RfvjaMqjynZs6tsOZrQjUjz1mdwZ0Pl0g4soJ/4KBN5riz+U5wubKb8g1qxEaWZ+
- CiyGcF6rHfL1/7rugg+Z7QhRlW09wAqkQzpeB9h3rIqczqsPZVuw2gtBhSnjAGa2
- i2q8HWFwegJYMemSxtqyO4kdtMp8J/KOXQ235ge96kMfid0muFeqD4QehSqaSta4
- gJsPiQslhlRyBUraTAzWo+1Pgx6oBpU2Z4GD3xAsKyQ6m+wVg+7OsZJYXuMt3Y6n
- DkMfbjJOvGUlN1XiZM5GT3YqRFFXpmn1NZ4RMBHv61vDuq6z9EWm/+6i/tR/ugxM
- Y+qiBYohMEIwdEpzlVZVQElCt9atKPk4YLnpele/midAKVwtBnQ+IpNEjKEtXSYe
- QYDRVu+OkYSiMxvnJ1ZmL4lKJVHhHtQ6Pi4xkK0eTPUaWvCI6T+t4Dj9r/OJTbLW
- APOXEQ54CnDmGqG83op1wdMuwmw8edEBowogILlUyaP8mB3cK9KJt7B/31ntlc3S
- XAFQHLwHWB3PjCYiegJYQUbXIAfL/cdTwwBfmX8uMDerJ81IQSzu5hVDhIL9pE7l
- UVWxGbGzfUdTE2U45M082DrjTmBkV3RdE0Y3JaBqPJ0oVQh6p1aM4d2aqyhk
- =nWD2
- -----END PGP MESSAGE-----
- fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
- - created_at: "2025-07-20T18:28:09Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DQrf1tCqiJxoSAQdAr+L6oXEIIepvoeDrCt4z9snnaxL/Pmp6dpCAkxaXXmIw
- 5J6eEv5G83So6+XXJXvOaoneKu5qevc0fSbEBAhJfKBUYk/ygb5seBcGycBWQhDL
- 0lwB+3jIywPou71D15VbcMJQuWshrGPkpEf8/7aaL3kiZAQbxtuajECD6/0zk9E5
- /owG/AWfR/W8bHJ2S/CFHb+m+aLHWI0emOg/OMGKjLG4JrarB3tbdsPcdH+8jQ==
- =K0rr
- -----END PGP MESSAGE-----
- fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
- - created_at: "2025-07-20T18:28:09Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DzAGzViGx4qcSAQdAkzDgkAALby9UfWjtDDCJEgMH/tcIAHWeRqOx7CyojjMw
- 0XdXIl6Q6x82GOnYKtJuFkvpGc+fSoREGiAVCOzaXi9J3vKUV410nSQEpyXuiC4c
- 0lYBDC0rwF3mDKX7Pd7LZCH5ImaJiUB26Q6M2k6bfVhSyTygADlqcrvev6buc7sC
- 1cfZdBGkTLJeqADe5p3+wJvHiUvK/VhlwV+hXt8PBkywDpSyLgaGWg==
- =x/XZ
- -----END PGP MESSAGE-----
- fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
- - created_at: "2025-07-20T18:28:09Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA2pVdGTIrZI+ARAAuQj5yvmmxjrUXFquA58u8LqIIn9lS8fW04vvO7s66Kt3
- RhwiM1K+uTpPD0IeYO4t7xUpfQwxLKGybVBvOnjisWyTWZYWRPvpqpR8mrt/od0R
- 3GcB/hval/O2HtL/CwtOwMu4RcfNKVMozLpZjWYZ5N61UgHgnSPxqAbizh2MDPJ9
- UCM3PesL54kwBDxGUgoCOD+EnIlUOIFFrys6GLWHLqQhNsNgOeXtYQAiFhMuCzqC
- PVeKqOJrRD5q/mgRnOnMhXC6E5xgOOHB1war4rDaEF6rx0YujgiMt/c4NTqFPM36
- aMF1Kw/XawEQthhXdCcxYtQefcAs1lFhAhAo93tGcqnwQc6MrfIgKJV8pdE8FBAk
- xGhzQlwjQsilJ/YoXvNDm6Iy0UH1WVVcVRSKE+ogC9dw1JyG3tu4kfp7GioQvhkD
- tGEg/9hNMcWXa7Gbyr3kCpmTHuaJGaC8R4dy0rzL/SXDMfWm3zbFZVZoZieOuzeX
- gl1F6bUnc4gUnlOa2XPYYrIVWfQMdAJYbj6ywvl0lMLxeOtStcYVD1EdRhiGEWrJ
- 9YoEjDAMg99WHfEvNSe+90CnBPY/UNig97lcdGZzmKAYIMh5OutJsS5t+Lx318Yn
- C8dDvk7QbDyG0lgaZHAAeY1SPbVW4eUdRxZIOrGPsiRUpzYxlExLVdy8vtXfFHnS
- XAEc6y4UA3fhOYN7i6MZNVye186v9gZZyGjeZX1nLJN130A1TwMOg/tIeuFBmxpO
- 0C4SX0xckcZQuWCR51Xjeu4hDCeMVQJuMJaypjhVoyQPiw4yaWWbELuSC5/F
- =ERpn
- -----END PGP MESSAGE-----
- fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
- unencrypted_suffix: _unencrypted
- version: 3.9.4
diff --git a/inventories/chaosknoten/host_vars/netbox.yaml b/inventories/chaosknoten/host_vars/netbox.yaml
index 4726885..2304112 100644
--- a/inventories/chaosknoten/host_vars/netbox.yaml
+++ b/inventories/chaosknoten/host_vars/netbox.yaml
@@ -1,4 +1,5 @@
netbox__version: "v4.1.7"
+netbox__db_password: "{{ lookup('community.general.passwordstore', 'noc/vm-secrets/chaosknoten/netbox/DATABASE_PASSWORD', create=false, missing='error') }}"
netbox__config: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/netbox/netbox/configuration.py.j2') }}"
netbox__custom_pipeline_oidc_group_and_role_mapping: true
diff --git a/inventories/chaosknoten/host_vars/ntfy.sops.yaml b/inventories/chaosknoten/host_vars/ntfy.sops.yaml
deleted file mode 100644
index a839591..0000000
--- a/inventories/chaosknoten/host_vars/ntfy.sops.yaml
+++ /dev/null
@@ -1,227 +0,0 @@
-secret__loki_chaos: ENC[AES256_GCM,data:LWFTOyER+m021ogmXYBrcr/2fUe3XuZhs5ho0KbM,iv:808LWnSUAPeclhsIgOyR6SutTvJGOu7mrGaVayo7v8M=,tag:f2WCPyUESfMiGDQ4Km5Dyw==,type:str]
-secret__metrics_chaos: ENC[AES256_GCM,data:lAepzCI4pwkF8KiGYzGnC4dPASdHDn+LfbJTFSvt,iv:EUW+CGeYUqhY4G1kb2bbU16j9iLwABHfRCdn2vac5gY=,tag:IcyscB9lZuZgC04XTxDb5w==,type:str]
-secret__ntfy_web_push_private_key: ENC[AES256_GCM,data:YqNEYa1Ln3NFpNoIuBUN1V/WRzod5HAtYueBJYHOwyM59cCaYhQR1S9aQg==,iv:t8bEs5ZAEe6pqbbOb0mpJdfgruX1P9Jd+sbNurGqkng=,tag:Cdy5HKkvb55V6AeRt+MVHg==,type:str]
-ntfy:
- user:
- admin: ENC[AES256_GCM,data:kwGLrQXBiqKRoHkStGzYiC0fbcGgQHdZrrk9NyZtcZcI4nrKTGx1sxrHOMI=,iv:ACrBFMOP6rkfshOgB+a32TFWH1OKhQaoHcYgwHx+tao=,tag:2QTWmH/vAzIWAjaOHOkrXg==,type:str]
- uwrite: ENC[AES256_GCM,data:Jijz+zCPpzSaIEo0xhicKlMhWSewJNJ9GXJGYuohq1E=,iv:gnjEX3N0txcBIkJm5bOs4JfKVsdi5URgoMAmquCMqKQ=,tag:Fip0hA52NeaMODb9XxjInQ==,type:str]
- uread: ENC[AES256_GCM,data:ZODLyYx15c/rPzKexoLURwA=,iv:WqUrXexY/RBAseUwiLPBVYpA5zqJeYBW8mmcvPvjtyI=,tag:SjB4OaTgIaVKHDe4JjDN3Q==,type:str]
-sops:
- lastmodified: "2025-06-12T17:19:27Z"
- mac: ENC[AES256_GCM,data:mlJuYT16bx9nEFw9IRm/Tf1y0HF1aVzx8BXhf0VKWkrBQCyzx/qbjIBXIXl22wzMrz/KCZ/diNRx0Wdq2J2u3n92NQtziiDZKwK+t/zz68+cCZAgktmO0vYc+BJ5GoJPuSmeMwHkaJqt3zYGQNzOJAYK9DPrK2AIbo+O21FgtvM=,iv:c5AmWi89ZLR00LqG+bKnbW3WfmIYsyz0X9A5r91Rar0=,tag:x3vf2WTu7naRdwQbKfrJCA==,type:str]
- pgp:
- - created_at: "2025-07-20T18:28:10Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAxK/JaB2/SdtARAAqRsY2gr7q2ZVfuiu20XpFK4czrXPpp65Bpe+6GWfxl7G
- hlS7o8Hb6+l7LGyjpz6Av8aA9OALiL+9TdDHUSzrIuZayC+Z6SQ8e/zcQ7TOkDxR
- QO3lGIG9coQwDQmHNHt2VytBZYz0lffKSc1PCAzj40n7GKM+ZGCoTyhwwA3tRDXC
- SOGz6Jq/tH38O4fb5+rFLf3jIT/b06zCP/Zz8Bo68emYhmV/f2fXqay707HtMQQg
- gb1xhyFMzyJzQBrUogruDhXKqVVq4eih5RAEzvXjDpGaFQ69eZTkj04WfGASjoi7
- OaxpwfdpnVzmoaUo8/R5fLfPa1iSZK4FSwzZpzOpfvodRutpB3QhOdnWtiywR7Rj
- FPrKWr+l7yX+MBWpvuaV9qKJcwPxhn+4pGr59V61k78yAs60L1ca05Ua9/l8PO11
- qgCMeVhHX7IXm6RGOTO2i1dz61G9fYI3oMJ4USshDVdsFPV/OV5dBX5Zkcz+i/rH
- 2XT3eOerAtLFiHYmSnsGMEESallPDAF1rgg0HOFE1FnSw64not/eaTCGdhCy7UHX
- 5k89BQ4PArs914XSvdA5b1ydel3dU/LWWT/pra52IcAusRqLMZfiHXF/KuUH7ua/
- XfZ8ljcJ65FpVqAvs6xQeBGVZQoS+WyePcv1/BJkWl4QOtXCiDAMJrKVfxAM8w3S
- XAFUtaSpYoHGooRWU51pvimpFLGvlbc/A+NRAsKkdkgMc3g/eGQkE9uLhTw8gP6c
- vSS5yv1k1DkCE3Sff+nrD5+4o7tBFjRP4XWWLdAxRwviOUIpQdIMqUzC8YvH
- =yE5T
- -----END PGP MESSAGE-----
- fp: EF643F59E008414882232C78FFA8331EEB7D6B70
- - created_at: "2025-07-20T18:28:10Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA6EyPtWBEI+2ARAAifILi6nUR11lUf0Dyv3V26tIKqh0T7T61rcivJAzHxAu
- TphvUwzGx7qxZRtu/B64pyFFMk3D9kd9yEN+7MXasyS0Fz9GIRY4W5OTo0xHnthU
- vjRo6htVg6Xc4+DYlT8Et/eXqYt37dGGMu9JbV9lYDwgUTQph46vqTn8OoOSqWcQ
- gSiw1QjsjXoMuKjUZ7ut+gik/qVG96OZk+MFuez8V7xcClVUYM4RHHD8JTP/pip5
- 7DzZARVacxrybu67FwEtkkhLjkzOwm6gUE1GAfGOOjianIepojyOv/503BfbErqF
- vjEFncQI/3eSDIAQvUcGOCmKwm7arOdWZYvxSQSUz2tDBS9GeK9I/PRsRRkj3mg7
- /ZComfo/DVdp0/LzFYVNYGhKUR+n1XLzumjYzRsNb3CAD8uo4N0OfzN5XUw6OQlo
- G7MRGZJZDJHQAiMrMaT1JRM/9c8TmNh3Q4hPD7xWB0swASnFWfSAnJXJnrPdzNaY
- D1ycyO4eCM6xQEOuTqubW7rVFr9qgdspZMzAMAit/1cX3fqZyQj8m7L0260hdxAJ
- f7WmR2KpcJ6J+FAdYD3HzrRbNXXOGGYzlEeq/6Gd6OYyc929m+gNUjskKWvNv90u
- f69u5aBWyk2OU9iToxqPOfAi3cpSWY3EuoyO77sya8tRKfzjlfYs9PsKHlXXj8zS
- XAH20hg9ndSWiyXLSzuiBoocf4veHrCOkAnS3m9U0heJ28i5RrBj/ILZ1RWqHY97
- 1urwfro8fB9ZzEQB6UmqucSRqCghR1wPVk5/9U0BhIeULHOk/WymAUoksKav
- =0xuz
- -----END PGP MESSAGE-----
- fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
- - created_at: "2025-07-20T18:28:10Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAz5uSgHG2iMJARAA0fyCiD5hpm2Mq8Mgal8yElGmiKl4H607Ik0tHSSGJ2sj
- NSlYv6xSxGHp5y2RrXGBjDkDE93lg0JRyjB8CA+XRq2UxpvBpvIWJQ5TqQFj86fO
- Ni1u726BfcSEh8BV6LiOWjdQFOGu1UVwuy/R7WV660PNwj/Cb7EMWsHhJ4/t35Ec
- EpOjBeL28+daezH5b6JwMHGZCkXLXMu6NUOx5Kd2RBEpqwB5uDBOKqFKlR5Joeel
- pExbPsREZkilQRcYiqg7q8xy6jMqUMAEdUHNnUtY/Y4K4M4dWL6spqFcTc2BTqAO
- NKPjLuizHRcu9byrMjoLPZfusNY4SFPBa4xLZha9/ypsuIUm1/47H0mp5k3fYiX0
- uAbUT72h4q/9MHlX+fd/C46TIE4r3liJI4l81e6KJlPdlMOt66lNL67mWhi7tKBT
- qKCVjJdn2OitZAbwSAQ215h8LazWzd1hASU3h4TVnlpOrRWcVwFxvS9uhe+7HUIV
- DMG9Xw8iU5xUHKp9zvGvgGDX/W6eLBFGJxWcLHYEaiVcZ0KNg50PfQbhV6LHBT1t
- 4oL/4r+gER+M/uHVbKoKqxOk8qzgimdGkSxlZfTFpYen+zjj2v5zW0FAbfz/n4KD
- WcZf60j47rzNEx/NwYSsaP01+G+KgPGe/xYyTFKxGrYyxQRUkyLQQQB1H+OBGBzS
- XAGVnhZOzAjWv0OCNAcYp0ZudqopN+PAgK4+xO2FmyOHO9YNmFPBtiH6Q0K1UIr1
- prbxePJIAAP8AmaoHJWXgVLTwMrGFohYqQtXfT3D9fIbIVx3KRM6SekM/30o
- =ypL4
- -----END PGP MESSAGE-----
- fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
- - created_at: "2025-07-20T18:28:10Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAw5vwmoEJHQ1AQ/+LtvkdJgZEVahtwfnYUbg+K+oleFw7V9nVeZOtpmqABTi
- LsroF2PsatpKxusPDSoqQqj6fvKliCPcm/5UpEExqotKqi0YORhdHrFm9plju8uB
- 1KiUmhnK/XiIZWp+HltZO9emelCmoU1NNjzs4Ayn1zK0SkY2ADYKI91mjmtLnu+Q
- ca5QygiZ/RKAfSkyjCRyR2nhtNov8U3Ii0Erm0pkPh/XXrqBzjcuJKEGHp0Qj0Fj
- MxCRxCCnuRaAbgQNQPCwGf+r9KNfvUIhZAWC4zFj1rd7XVxOUiPqVEUBviZvsC6t
- rQtn3k7WEf/xlKmBS07PyJ04zplYv4AX1qkJU2qZcAR73vKtDnVFX51RYZrPyUhC
- sQX/ZxANG54bmAco4k6/8+c+qbf3+0gyWuAPb/SGanaG0zR/ah0EUqXdlAF6pvJs
- sV6uiamgK/qfMMz5OlPcHcqSL4iiZ7C1fIUkqRm6M+dY/TaELSgqLOPYescv9zvF
- cWqxDcQ62UKTy6+khSVH9HXPmZ9x9uPZpyXNpwUKDYZIzAU3vRN1K1Pyt6ppYrur
- HkNxJvXSxBXZFIOLCuZF3PnlxQQUTi24a9/Y9Fng401fUfQxWZTadKVV7iusBx8p
- pC6KsWvVsL8W7aeFQSBXHNIsXGSMf+jdZXBAihtcg2cs7qXkhXlnjr8Tlovlg27S
- XAHhM1w4Awy5+YxNIorJZDa+Ia4jczlgL1FO40ktLhQC1hz3huFGU/YK6Nla1Mk2
- bQYZZYBjfuKcRqmIFFC6T6VAdA2wbvc6+lQAcLo5yBxz7o+KOcgQtTZ9X7as
- =d42u
- -----END PGP MESSAGE-----
- fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
- - created_at: "2025-07-20T18:28:10Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DerEtaFuTeewSAQdAHtMliHz0MplHDFWRgKJFtfN96CpI+DOnUZ5j/QbY4H8w
- g8NzKK7NUd5UAmPKHpO/yFiVUYltXkgJqIrd0QAZ5jBVHSKLmhdxsqWIRnUSTRqY
- 0lwByOPxnHWqi9I0kpwAHcvCqohuIw0k3cihZiGjFGclNtUU24uc4uT9GyX3qxGu
- jDhRd0qke+wM+NzJ2f5fVLYjCC7bTBV9q46unsnuvAidU0KXm6S35YlpTgcZ9g==
- =lPzg
- -----END PGP MESSAGE-----
- fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912
- - created_at: "2025-07-20T18:28:10Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAxjNhCKPP69fAQ/+OEcxoM4a+dGsTuBV8GZF6Ddy+NXf47SnZ4QLdliYaYGd
- fPpyxM0wpyO/BtDE0uFyPpBPLKKCgzh7zlQDnR1zfYzlCr/Y+IB5BLRD19+Abkwg
- TFFrpFp3l40I7jRXNfGFge7t22gz5owdSzZfI0Pz5mXuFfX2zAwtc0sV0A0paIMp
- fcmLwASp5Bvhgr2DoCah95DkDEwHlS+UwHZoWe+cOrwaBaV8iqomjxYEywivG+Ie
- VV+1xUhMIDdWrdmh+Nt39eOMra5X7M7eQhMmWe++uW4UyQgZo2+Jm3s12GMyc8oe
- mcDqhgdZ/5jBQEhteBB3wZaySfxozI1aYh4GhscIGhMJ2PMTtEBrR1CuGey8RMzo
- 9jA6XrGnQP+X4c9b4GBii3rvrRRRS3Y6CI0HOrk6MkWr9S0SW9ypQKgEDQB3O7xX
- +N19w7jezyGWWG/G4eLnbSlxeX3ZnvDFAQcQJCqu4vEi5Ux0dTpoT69D9/St083z
- Q1BJduBumC49fAnXvdFxgzvcYfjb56SWFByMcYNaEn/ut+WRkFZ2H5vP+HO8+hmu
- qPEIjmh9KhTWgOLL1wYTCsfkD+ZMTAc5FRqPzleL/je+Jc/TVKT1s1UtDf8d7GWs
- cY2C3bTLR3qlrFmAhANzjl3k9qh5kYYGOF0qkdK60Jeg+/1sqwajQRduRZIo5nXS
- XAE9Q4biOlM0fmwOBvw8vuIax6HmOxakP7C7RalIXqGZHF6ijjLBSFW1kZioMftl
- KCsFc010bbgDxLQvtIIFLChn/lQlPY7EzThMkyBoDF8RkA7jcqleeAU9xmXF
- =Wiir
- -----END PGP MESSAGE-----
- fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
- - created_at: "2025-07-20T18:28:10Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA1Hthzn+T1OoAQ/9FOvo7VH/i3M2qtNqiuGS8oDP3VZLXV2zcaB48BURhIFZ
- dszZAozExdwK6yXOvuoVHr94mhgWkYNd6mR96zjFnGWhvta6w78Ecm+2uZfF/QQ5
- tHKD7bRKcAAWC5m8ENAdz+5MLBpNk9egSNqzqjFlcNPV89dQCz6TAyfI1tUQcACv
- pgVYZz364YMym8+HQ8WAX9rQS3K4ek3EosIjWPJf1FH2Zsj+5Bpt0SZmg3zHQ+e1
- uC7JQfabuJ3pV4e3++Rh1W3P0cVX22gPcb+aepnM3Dv+ie6kNo9VguMjmGCEgk5w
- TtRy1pG7e87FUvml7NEFazXHmWGWChfqvvHmuaLJCqCyLpH1TH0AylE+uHutdGQ7
- t5Cl1slC4VpNx9YiAyhaN7phyz+WLoYn+bcEbcOF6m++PQM8FtIAggwXyaBAiG0Y
- WRchBxnONdlic5sFmtVuaTMUqClWFO9r2HupRByU7BDTbG1yJBagiIXUFoPpMFVl
- gfv2jJOtwJ0rGRnQ51ZU7l6MMdTa+rR5Dedo5u9fo6ZhwoAPmDOoEtmiguMZTixb
- nE2BTZgWxJF2aLOUf8MVcewyp2m7CZlyqXaltV/D6885c4sYi+IqEsUw3CSkRqrn
- T5RoQGQXekdut2YdaXfdD5uyBaJmXm7Yn1GNqaWfXLUqklPA5UgvHY/i92xlpJjS
- XAH1Tlt1+DVs6zW2KN3EMvBqOTKLpxmLtClpEXP6pHd+vgaWGYNXOt1eInFfwi+P
- BKuKXihjiFfNMibh5o1y7W+4WyISjYGpka52m1Ias+06mDeUUojqeaKuhQZ5
- =qZvG
- -----END PGP MESSAGE-----
- fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
- - created_at: "2025-07-20T18:28:10Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA46L6MuPqfJqAQ//TtGxqKzGMLDUYKYVyWUcYXMua5LavcZo8+GqUoXHIa55
- V3WJ8zOrcd3qfRlhFCmVi3yViA+WkzuG+VYUuVpGbsXq52v21tDuwOz3MZDrTs+D
- /tO+M/I0g5Kt56h/cN8lq7//x0AONoViFhDxLCJ8ilmhZdx2ywnv3O9eCLboY2yb
- SNsGro9juCcKGbJtcch0CZOULMEMEXXPwbo8MZ+DnXKczwvSqBFu/O3nvkF2jcs8
- rC9A8QioMOjXFRglR+vOfpbaCvCkRsgXlkxBxPtpjdYANjA7TQbB3sj/8PTcuNwA
- CaVf1RjZoEfABxPJnM8+UX+w+Nm7Fcc+7k/S92Fe88dZ+6jvZGMXhFCoZarSyQSA
- +J4hFW4j4xHndlD3wpbx/niPhkVRpLxBqDYJ3KfjN3QgzZ5ufhBPGi819cfKJxwb
- /HDR1AHX0bQJoq6wnof20STZJDploLBmP7A1ae2j119pPEBK8ErhPsrn9TQWnbwe
- 4Tcrvu4yMJX+TMs+yKDDQXwy0oPs5DPqhEnwHzHgNVjIWuQgy92kpDZssREFNZ4D
- cDXGPV9Q1Gcam44Cib2HsDMw9ia5Jqn6iYqfLCDo7BidxfaMRHL9ALhg0o/YLFF3
- 6OyBb4JBFra82QtSFqo719Hzsd475EL7vtVvCk21a8MMH7owhmBuYVxl4ybQh3TS
- XAGZi7Pfzf8oFj782HypsT+m6YvPMXHuv8m8K/0F061Vc/7pOqx+l10URVd+KDFf
- mkS3eQF6XEyrHxTV8oIPWNGqeURAQZSINMHFNfY0TkQRG3TlKtVGWCqgfACR
- =dVoV
- -----END PGP MESSAGE-----
- fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
- - created_at: "2025-07-20T18:28:10Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA4EEKdYEzV0pAQ/9GG7/FHBp3uAZbW6s93J49l3Dcr1Ih9PG1FQyF3wDoakE
- LEQ0uoqM7hb3qjJLlG5Rlpa2VdhrzixDxVUnh0FwttTHsIkA3Tpqx4UN/6rtLKxk
- ii/oTF5ZpN+PtDE59NXJHT83734aSoGyzRUw2UGc1RwkSQUlfXNhblqbn4ok4oah
- EZdBdE3wzcT4e8ybaDH3OS+i5EE9dKpBjt9STbEVnL+3tltst7j2H3Urki5N7/Q5
- 0rG8H8KZ8h/FCEhFS+PAWB6VuhKJ/xVtYYJlJhmN/lwBqwkkSlSihTHTKfY8wUiy
- efG+4rz4d0PIQTaSym+Y+pI1hbUMNFrDtRa1He8u6Lt9ANP9ilCsumP0KM9so6Ei
- Njw3yiSnaFZsbVRIvdZdp+ZphWshE7udq6hLfuX6j2iEjvmmcuxDy1xn+ZjKsEpz
- arETzZCQqSVhChFYsrXzzxQvnBOneVw7bF5IRP25bcMg2hf+610BfxylZaOAXBiv
- ZmlnIY+InlznegpEClqJurzoJMyClzbohW+Gb+HOoe6BwVQ59BPhOVaVh8t1Vef2
- Jq7kbrwBIYjUqFAf47sOL4i3r0HqOB4MLqXc/GPQsZiMsXsFvu0ew5fvTIzvFjJp
- pMJDS2NhwCfNpWprVKTYs6i/6F/9QtZSsJuKldpODUQwaZMEkPNErye2TvmUUBHS
- XAFn9nWQ67hPjuX5nT12si5cZ5HFK+wyZnkB+zdTKeh6dCeO7CmssfuoodqsveNm
- VZXtojOgOPusaSFj4n3GHE9vzqNMrE5odjpG6NLWxv7FFfcg7/t97KV/nkzn
- =cAw+
- -----END PGP MESSAGE-----
- fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
- - created_at: "2025-07-20T18:28:10Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DQrf1tCqiJxoSAQdA5XAZB34y8KVLVqTUdQMIxtx7r8gR1OwwSeNeDIgRpiYw
- lMLrGxCaiG+MnlDcjhv+QQkXRx3z/dvT5Jx35Bv8wFiqUY83xVD8yQG0zAJtA7RB
- 0lwBJ69AsQI3TKDDDCfHwa8wka8vlnx9YoMH+bEfMAjHBOPeMzCmjaRgX7O0ablm
- OoVcoHhPnExGVrR/buzrsorTuj6pRwoTc2XPRMp8cMafQQG5oKrc29roekcCig==
- =Qrj0
- -----END PGP MESSAGE-----
- fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
- - created_at: "2025-07-20T18:28:10Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DzAGzViGx4qcSAQdA8drCpM8XLKp63D1s1owbpjULc3cUNVXE0X5UQZsvLjMw
- EhgiZhQ1kobdKKXkGfCIY4sjtl7/QY/uuro20n4kZxhEgwZcBBLbUjZDOfCXb2S7
- 0lYBSQqptAsnjkv9LwbbysuLd9i8WY1vKexAPA+cpvJgHwhtt4Ia/2EwQ2IMJBpm
- MunAOhG+rvonQoUKxFB9MeCIX2hW9IywKWqBhfxFS8/r9VQ1V/fX4A==
- =TgPw
- -----END PGP MESSAGE-----
- fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
- - created_at: "2025-07-20T18:28:10Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA2pVdGTIrZI+ARAA2u7UVNNDiTC4dJ+tIP65LYov10AN1xKw3rradLfFI1gD
- Twuwm6pZ6esp2lC36JqLR7bx5A6uFmfnJA0qBmQryAn+TyvU6xoWbLaDJMP7MMIH
- uYAnIzCumDWz44xTnZRup6E7f+CUiBQmns1dTGWrfz2GHzusjnF2E8xfX0sIz8bw
- jcQsH3yvIJhOOyWVOampEwm+eZoSzxcBn3AHAwd1XsS5A4syKN0wzA3c0FLAnibF
- nUCRKBa2Ux3yB1Xd7hENrpN7ObrdsNCUvUpRVZg0bgs+Zjr3spq/NI66DKfwRc9/
- 0wQhn/vxoCevGRV/ir8/5JUx5aSLYtLYZ6FGxn8Cqja6rR5rcgAJzjjJP3H2iUrM
- cuhdQKj/WGu6nui3oQ6cDCDKK4YLBGda6m/nNLTAN+ohGmGV9gh0d95OD3EiGm8D
- F14G/ihFFb7YOMPI/3pKPA7iaHS39lZNkSYBsYUL8/FfSoG0aKyFlTMXWgLgwVwx
- bshpe4ixBzTrIU8DtLH1Hz2j3x3j2rh4vt6NOZ6OcHlsIWWEWT9lG2hRUda4kEXG
- X6h4c+fslqu0z0PCDsnr0jjca2PGQz7az7HQdddG24Co+cZqLgA3Myj8YNE/StE/
- zudTl0RpWOeY9aVCaACuz9xRcPpU+nxEpC0jxOC/ZSoqkup6ndpIOy9g/chq5lPS
- XAF4v8Q+I94rlxu/LXCQgnX2mo2iaG8/vWzKogGlixHJX5s70rDaDO0oWjoxXlN6
- YrU4hFwRCaAznA8GODyCHsCEvcGPo0i0HuVz1hwjp0EnfVLwYreFISGOOMU/
- =6oPX
- -----END PGP MESSAGE-----
- fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
- unencrypted_suffix: _unencrypted
- version: 3.10.2
diff --git a/inventories/chaosknoten/host_vars/ntfy.yaml b/inventories/chaosknoten/host_vars/ntfy.yaml
deleted file mode 100644
index cab4e76..0000000
--- a/inventories/chaosknoten/host_vars/ntfy.yaml
+++ /dev/null
@@ -1,104 +0,0 @@
-docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/ntfy/docker_compose/compose.yaml.j2') }}"
-docker_compose__configuration_files:
- - name: server.yml
- content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/ntfy/docker_compose/server.yaml.j2') }}"
-
-certbot__version_spec: ""
-certbot__acme_account_email_address: le-admin@hamburg.ccc.de
-certbot__certificate_domains:
- - "ntfy.hamburg.ccc.de"
-certbot__new_cert_commands:
- - "systemctl reload nginx.service"
-
-nginx__version_spec: ""
-nginx__configurations:
- - name: ntfy.hamburg.ccc.de
- content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/ntfy/nginx/ntfy.hamburg.ccc.de.conf') }}"
-
-alloy_config: |
- prometheus.remote_write "default" {
- endpoint {
- url = "https://metrics.hamburg.ccc.de/api/v1/write"
- basic_auth {
- username = "chaos"
- password = "{{ secret__metrics_chaos }}"
- }
- }
- }
- loki.write "default" {
- endpoint {
- url = "https://loki.hamburg.ccc.de/loki/api/v1/push"
- basic_auth {
- username = "chaos"
- password = "{{ secret__loki_chaos }}"
- }
- }
- }
-
- loki.relabel "journal" {
- forward_to = []
-
- rule {
- source_labels = ["__journal__systemd_unit"]
- target_label = "systemd_unit"
- }
- rule {
- source_labels = ["__journal__hostname"]
- target_label = "instance"
- }
- rule {
- source_labels = ["__journal__transport"]
- target_label = "systemd_transport"
- }
- rule {
- source_labels = ["__journal_syslog_identifier"]
- target_label = "syslog_identifier"
- }
- rule {
- source_labels = ["__journal_priority_keyword"]
- target_label = "level"
- }
- rule {
- source_labels = ["__journal__hostname"]
- target_label = "host"
- regex = "([^:]+)"
- replacement = "${1}.hamburg.ccc.de"
- action = "replace"
- }
- }
-
- loki.source.journal "read_journal" {
- forward_to = [loki.write.default.receiver]
- relabel_rules = loki.relabel.journal.rules
- format_as_json = true
- labels = {component = "loki.source.journal", org = "ccchh"}
- }
-
- prometheus.exporter.unix "local_system" {
- enable_collectors = ["systemd"]
- }
-
- prometheus.relabel "default" {
- forward_to = [prometheus.remote_write.default.receiver]
- rule {
- target_label = "org"
- replacement = "ccchh"
- }
- rule {
- source_labels = ["instance"]
- target_label = "host"
- regex = "([^:]+)"
- replacement = "${1}.hamburg.ccc.de"
- action = "replace"
- }
- }
-
- prometheus.scrape "unix_metrics" {
- targets = prometheus.exporter.unix.local_system.targets
- forward_to = [prometheus.relabel.default.receiver]
- }
-
- prometheus.scrape "ntfy_metrics" {
- targets = [{"__address__" = "localhost:9586", job = "ntfy", instance = "ntfy", __scrape_interval__ = "120s"}]
- forward_to = [prometheus.relabel.default.receiver]
- }
diff --git a/inventories/chaosknoten/host_vars/onlyoffice.sops.yaml b/inventories/chaosknoten/host_vars/onlyoffice.sops.yaml
deleted file mode 100644
index f2a74e6..0000000
--- a/inventories/chaosknoten/host_vars/onlyoffice.sops.yaml
+++ /dev/null
@@ -1,220 +0,0 @@
-secret__onlyoffice_jwt_secret: ENC[AES256_GCM,data:x9eRTm9WrEFGdxDb8JfqLYu97NSBRvhknkEBx/zSEQlSfcah+CVNNM6JcS0Y6d9PARcGv2jGUyakuNN1wYmzYw==,iv:33lWNSnQkljr8S9uj+Eab/fItyKAH4/xAeckdpvzl1k=,tag:Ejxzaz9nkGLT/mqKF35M1w==,type:str]
-sops:
- lastmodified: "2025-05-04T13:57:24Z"
- mac: ENC[AES256_GCM,data:Av9x7PAOBhUoCOCF4al8/4BnpPHmUb1JvCv+PKrBmjPBVxW/sU0w6oYmUNjB4OKxI4615pWpfCsG+kVSEysbXtrRGp2RGqhnSKxS5l21W6Qy+IEkNA/jcA/teUGEOy5Qj1SvgNtWvXEBJgfm9eCQxC+w34JbzoTs2q+6nSxtwmM=,iv:HD3nBwmnOGP6MZdLiYv0hlNcvK5lSxJNaoIkr3Xadkg=,tag:uL01xCeeIbWhsdpyqmUyFg==,type:str]
- pgp:
- - created_at: "2025-07-20T18:28:11Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAxK/JaB2/SdtARAAoJ/2LvlPFTh5vJsyUZfwTVrLg1DZ9E694J3HJ1fH9ZJj
- 9qZJ0EtbHHjDyaoAS57FYt41AKbOeUpHa2XioVIYJfS3CgAA/m+AXmorvchU6Umm
- tnSaEFyFYEFBUiCvGRMCbBvLepPHdK76a1SGkQww0hcwLk/rjfRAul1ffajdyhm+
- Lqa8kMLA80PK5QLvYfAPlNtMiUgq7YsxmhAWoWQ5F/xLnMgClEnsN1QnXszoH8MH
- 622pAp3KfQqUM54xx0wn0odFcuOEd2HCj/CVnMHdJgZ+7C3XhBg9rB5OgHDKTcMb
- F+asweYxFszo6vLcmz1PBnuUv6sPpE15t8MRG6jckLCm7xHl9Kh5fkug8H+H8lGp
- 3YmbV4Amr623p1vqyAsjqfcIRqB3Fdlp8034BJEFUXWZED5ZUp1m7w5aLG1mGyxC
- C4eFPC2mqS94QINfFWYZhMieQz1qUEsZv4bFU1dxQt9H4J/ojkqU4oPVSmIe6swv
- szmRVUdmlU5M2FLGUFPw0ikSheBoxfP3x8GuYPuz8EGc2Cdza+kGBswPT9OkKN7k
- 1flPILolY9D263ldVamsamQL8r07MvLr2Qm+Zw7OTzc14DKyKx2H2m/6C1Koh+zE
- 9qTCQuaNQjhpZlVf/I1nCEpixBC4Mc1gPD+DZqJjdM8dA2IN9YtLMycepM7igvzS
- XgE21f3aoPGgiY6zYQiaUhjhZNWO8by0fxKaPeZ/x7++5stCZz8xSsG7K48mBjKh
- NHKJ0sh2imtzPN8Nx/Sqegr30qHDXC5/x1g3eyYurVdT69T/vy4dt6Om49uFmyg=
- =VHVp
- -----END PGP MESSAGE-----
- fp: EF643F59E008414882232C78FFA8331EEB7D6B70
- - created_at: "2025-07-20T18:28:11Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA6EyPtWBEI+2ARAApCrvjvsNSGYfmA8y3ZBA6FhfXDboXWYEPs8UfhtoWd2J
- wdDtjMXAC7Tav0zYPYIJNag4uax0xgMsKy2YcrSxrKy5IXWpyYsX1VeOj2mJgSY8
- gBmH2UvSXtQkYgkV8avGRYn6X+6kJIGwqZRzPlnvKullAYWrtBOR7Nlsd+4BMdLv
- sd2iN0z4OwYEsiRI03vUUOZnZY0oDEWLc/Pjiv+rqlHx21sZCF+A9TmuP5T3iYFk
- lWVL4ROEu13XCPo86DebfQ1iWyNMk1US82KfT872N28m+OA4/pTkc2PKJTxS+yc5
- UOC36GPZuyu/ve+OESMT+XOE5qMar40bvFGgLPaA144tILFVo5YGy41jMU5KrQun
- Z09FTv4qfO1WDaA13d707nXgC1AQOmo28I6HP6M0YfRq7NXmJlJUsnVN63K7MfjY
- cPFS0r5flY2Sajx3fLgV8t4+a0/c6qwVBqmMnbjddJr3YblH5nsZ0XOoohCAPTOL
- 9HH1z9rmBT6TywzAcKmzboymnitQ5vFifIyL0CyZND6QjjCarVbL6uOZl746eJpV
- /sVpzIemz5FREjp3+liaMmCxUWc3S+vSTcLXwydCWQeXL/X1s/OQJ0XvPFAiW1Ne
- 0d9Uk1qROhb+pBEDmkDA+20jQr1n1ocBqvXeQZXvLAZt/bTyceN30OLFyP/rRr3S
- XgEdW7nQac5MS1nIHuYfVa/06zEuQCiwHQdn/wfYzU/RpWLyDj7r0j3xjwXZfT4y
- jBP3eBtnxAEvtnuy4d61ody9nyqLxLyQHYi6/4cvLn4bZFFSDVGJt7vHZ38NiY8=
- =2Q2D
- -----END PGP MESSAGE-----
- fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
- - created_at: "2025-07-20T18:28:11Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAz5uSgHG2iMJARAA04z1h5ogEphvUqynEQPQiIR82hDjXHbG0u1CVotvOfJ0
- xP2rIXemVsHdZiQXF8m24Iumi+cbWvj+4kqDnAx+AVOBlyL6XMNvCL0NEIrcFRrK
- /Hi16pEPjP/z7BnpS/4OLTzFhyuUuhP0rU2XhyhhzcFHumlKctMhJu6+4go3NDG7
- a8W4NS37C+JObbKpUO2PQteHW3ptCBKlQ3W1+Horgfy9mw8kL4BwZEQE31XMXHgj
- lOBjmKlkKxAcaKzV/HF2oZDGfyF1Pdeic13L6UpOb+zopEgCljwUDDWZPAf4YCGF
- tv8l14LwzVO2UoQqWWwQTwiVuA1SDbtl+mjSyNdvxSvnj7tD+NMrp25lm0SnZtyt
- QOMmIyVJqMN0DNoNvTb+atbZWPV/nmdt0QHcGJ13x7PblCGuP/Dt0fRekwoCwBpc
- U4MYW1VAw/PWyzQ7GWPHIAkUzIqBY9JG/Pa3HNwyisU/psu1eQlMRx0SS5cYMnwh
- RVJvVL+4aA+2+d5bYXgZUeoaWCp1duQKyH7GEdO4io8v61IkpRDf1QPbkTNRRT7T
- LfSwcV3Cz2PKB7aGSdoSaRn34mzJf6jOoRPr9XHOmUx9Ni7SwFNIN4/r1QhhOlXX
- YXC3RIjZhPLMd+cAM12bcgtM+6fJqloLCzU05QxKPeGl/4rmvisb7dIXFAjF2DnS
- XgFt34T/r0XOZGydppw219zqiKL+4AXShDKcwE7oPa8AP5rLm/UY6ZwlC4HLvHvm
- Su/gHrv5/aR/ORGy3UdxpHTxYfV99nrO1D9qWzm185WJpQ22YhbmV1ZRiywqeMU=
- =k56a
- -----END PGP MESSAGE-----
- fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
- - created_at: "2025-07-20T18:28:11Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAw5vwmoEJHQ1AQ//VlaN9C76SJnHeULdvnJ+A3b+idN+PxyPBXSpyOm3DQJs
- /83eVkocwQGDL0Dr92f6OcZuHmb/gPuagwuM5Zak5mTRIYeUHaFSMggGIXBcBqJb
- xMlYTWJ13JXkONJaSYn3AI0HVpUT+KMJwyp7H28P10RgBZJWT0k/wSmGxY10GG5d
- uoA6HOYiK4/KnfzJa4lQiZm3NNlv+eO5yPib99KT+sl2hDPLuKJA/DUhK1mtdygC
- pJrG+ayJUKtBq5veRrK/QpbMoD48sD/yOklPB0KadqjY9nMODh/PePpyQlFI7X6Q
- ho4ECJeZoJMuU4cU8GwN+ICGoHhdk/l12JtqLiznDWE3uunqO/QxpyyVxIYG7vRl
- cBL9PwLhHrsTD7BGzzihAnzz1sCbelYm1KG0bG/4mMVn8cCrwrmoU34+HJuU+5FO
- CDExPnNEfen55KnoCqEvSu1W9tUrIJPoda4WM9Z4jWZRJ1CguF3wXALf9Wrwd5ey
- 1ncpyb27s++lQ90G7rrGBijWBzNZISZcsDpUea58+Oz3BzHzj4Bh5O4GvDxG0TFC
- R9P2/M0dlPOchalM5uSy5vzFM85sPCdbXns5t4yUOTJGF9ro7ZUbnjXjAThsdh+/
- 0NyVXODQGkjs+z+KtjBX3WjnaTSlN+bCcZQRlKa+ZnNVzSffqoKOMWnjm9Ong2nS
- XgFe+yO1c08VmGzmUtpXp0H+wuryk6OLQ4yLuv/NEk/zpdV2vkWGUbgZWBnNYpmE
- DICvpbtmyghTmwtz6X6JHngfnUUIRlfk2oJCmh4oBsIAz/5kgECGzJ4P4qIjXQI=
- =oz53
- -----END PGP MESSAGE-----
- fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
- - created_at: "2025-07-20T18:28:11Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DerEtaFuTeewSAQdAc6c5dDqGPJ7QNl2X9UEg3CqJGfRGNEymq34kyfWwNgsw
- 0Euc9d8VaeVZzZRP0CltaxdiS4L3BiSm0mBJAcguygM3FCISZI3qrt1ZdLfWk4Y7
- 0l4BZ8OFHdUOwHjd5CzKILYG6KVkmQLadzP+DMzavjFnXcLZQfT5QScBHmQVg+kO
- 3jH26Jq/opnuwF5G1hE4cULrfryvMV4pR/rS/QP3Cro87+HTVnZv0cRE6JlWXJyi
- =Uwlf
- -----END PGP MESSAGE-----
- fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912
- - created_at: "2025-07-20T18:28:11Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAxjNhCKPP69fAQ/+JnIeYmS/pnJIs/KFjj6TOv9sYUWYEN/IqOiLtSa7hLvN
- 4ZLERku/oYFshH8k7fAXsdQ+hHbDW3HzIFZR10u2hrTbsDc1PXA6rSQw6LzY+pg3
- e3mT+7YwtXFYiwzeKNWQajCPCKChot+eBXp+eMnGE1XINYcJc513nhxbgjyQjZSp
- ld+UtNxVohuZZSkgihA/vxd1Gr8lOkfrX1R9hc3VUb7nF2qERT1Nhp5NBSV0XlH/
- 4+9W01uW2vOyAbIwH97+izGLkVjYYqzaR8I0qQNGbj6Ra+MJaNNHDf6qkrPhTrHv
- nBUrbRXs2+ioRs9EASA1M1frRfsWqRqliuteBgPrfmXHt+UMiXbHmoNufh4M7FW1
- 6WrsunEEuS/bxMhyhzeq7OiMgC+LGb/BHtpgo+q5F9xwHuApjYfXOZX0ma0Muk1U
- vyNnMXYUO3eoulp19E2N9FWwekwzPzynrnf25W0cdpCd6pfRAUNdnaVrop/F1Q5h
- fQxZTokCnFzF4B/F6e7Dgw+kmJp4AZ6UcsaX7BGh0dO/RcyPxeCey5tbp8tbOOlK
- l8iJJ3wvHff1taXjxoaaEjNkE4/a2oRQ7ILVPpzdVdvF+NUzy2nbeEF3XE1B3V+E
- TCP6OLDBZRP2XJoRyLBym9ShJaoYkRrEdTn8mQ9MDWdR882nEsWz0+LVn3ZHbxfS
- XgH/F7rZY2DJjCo4xbFER4G+3NjfOswanvpDdTdQ0NfP3qUWR9kroKJnGW0cjDTu
- MymLSUZ4vhszBiQEVrvW/HSnItiuX67j4Cd+RKFnroIajkh/CBxu4If84VFg1tk=
- =nwjq
- -----END PGP MESSAGE-----
- fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
- - created_at: "2025-07-20T18:28:11Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA1Hthzn+T1OoAQ//Qj7HVfszo9OAqoZFQtLqk7hKptSSjpD1TpbszeXl2imT
- X7Z7bANyApqUDqaPAgAKYfKDg40dBiiV1ebYjiPqZFEVpOfR9+oRrkuHbwlRZLFw
- rvd3/w5InOiP++eLT23E4HiLXZuSYk7JhWFgqYLirxgS9IypQeAFgVc+1CWBizOk
- 3DLUHfjLScNq9Imxw1NyPoQn1sSv7wzTamnnBckmJqs7KLUlkYrjAzIMkc4iXVaK
- LBaJ05QXFKQzEcN+VACE3fm2zFPumNBoykpYBqn87rV/2CTsK/Q7wluNineiSy9/
- jwDKnEkgm7WQsjCCZcavSpFSGM8VMDQHq7qFvZns4fgFe4z9SAqEiMPJlY8jsyNp
- rKxc7mNu3mIUHbJ8JCsMBgUKtgq0U1kC9xpncAC6G94YsNUwcYznmkbdRHy0q54L
- tE2H/U9YGIOAnAIoabjdW6eFuaFBiLTZOqh8pfCT2T7zhIbVFumjZZ2U2mp/2ImE
- BbUdyV6ENuADabE+lDKDJlh7tr9MuUQxiwgga6Rggpo3F/ZwA0AL75RRAOsadfft
- Qa9zWe+THmGnwD5YG3ZeEcGsI8WGuexaOgMlbNJld7ayqSXISMOXNL/Hv8aiKk6I
- z9I6EZlo3DjUJ/J1Yt1jV39GuRg7PBrNaUXPzs/Adcaorlxps1hrhRDO55kNQO/S
- XgGpOpyqXj3rW8120Ir99chuRZ8+57wrMVm3Iq+IIk2lvgsysvhABmLaJkvIxzMs
- OKAqjSSmh88DmM4wGGhSTSWs+6Hid97rLXxZ/inrdzL45H5NzwZFMXK77CQX708=
- =0gyc
- -----END PGP MESSAGE-----
- fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
- - created_at: "2025-07-20T18:28:11Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA46L6MuPqfJqARAApMNOCAyZjUdI1uFcPrDG0nLRtX1USKClRwdCTrTDY4Xr
- vN2+ndwsIxj9NWjsfOgDqj4mEqh/l8cr4jtH4SR4C51KwCOWBnQByvaS9T9M27hZ
- KwlfkeDuiyfxdEiEbCuYj5Ue/eKuRGl1wePSK3XsYS//jNA+yJ7I5VuqOXLuk3Ky
- kMWqgftAiUfEwtQTUVj+oyZ94ebDtTtRZLtsLYP/NRKaNAoJoJKAtyUzOH1iTA4w
- 5+K9rTH26PcDbkcNuCzxzlq62l/4pfSV3JQBU1ukfYKBjkQOQA57aHxGvkpT1KPs
- 5ieLiikQRFXmPbKmUhZsFTpIBBYEMR96VyTb0GVP+Bq/iCcq0pV+xtB2ht8PMhJ8
- oJJDSQzxtH+TAuHXIGpxh0pu0Qv5RRjGJ3APWIvlNO9f3+66Kq+7/iLrv4amau0o
- fMdx9991xy/9O1wJseRLK7kBCo2Y0451LcxGSKDRYmnYkqYVK08qDtYdJAS7/pR4
- zHKwt7Yx8rZDcY6FKNjaXPPc5UZkoYWKxlJbPOTQ+ZpWh/a6ITu2klFMLjtETTXE
- oskrotoCB6MoYTDLXS6AG9H6zuGVe2YtzdBqoeV7JkD5SbXWbivoue9JqBpiAaay
- TOqtmyqgJnfyCRJ49ll3DwDwI8qHZxF0DV6ny+UkGfu6sdXSApLw+Boqb3CA16DS
- XgFfPBbhrhVjRnW9WU9J0hB0C9AaGsXkvKuxJtlPUyIDiL6umAXyfZwjFLWpCA9h
- LQXsoBo/ac8a13IFUM/Mg0N2LN6Cli4Y368dl7A+rf6yrRCQDJ6furCUa/AnyVk=
- =WYRn
- -----END PGP MESSAGE-----
- fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
- - created_at: "2025-07-20T18:28:11Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA4EEKdYEzV0pAQ/8CyQ33WalgCh6onJN9riCoKfwnmS0Y9ph/fFs4TVoXwfQ
- G0wZpcpEGLqpJvmD2uGWcEWjI+xYy4AI7DOc/9tCnwG7ojbN3gcyo38fCQv4rF3F
- cfvnKhjMZ134GBaoZjAE9DTm7DktvbXfEn21UhsZJ484ga/vLkSM/GGdeGBhN+VD
- O4MRV5+ipyinvhrFlPL+RBNfFxqG5247TakkRTuEyJooUSVSHpo6cvD10HCE5Xmu
- CWPmL0pWZMAb/zF5YV5qAuCjYXmD2IWmvmuUJMl/MJAYFNc5Lkzv9PZ6YYO9dPm/
- YuLHTI74sVWSzEfEWW7TpTjDV+wWtVDEluW0rU/BBi5Pe5mojsSATU/yc9xLnn11
- f0cBfzE2edMI1JVWVGD7z36L7vbA9SmfrPMiAv4HH4XIMsKRm4E+Sagvpmfzp4aQ
- RQaQRROnlPF3OiBEESXF6fJMTx2oUY/rGr0N4vHdbftjrAzSw1055U+sJr9hMowz
- QEXi535RbpNYx6K06jMR5xh0s1TLZ8vQ96g+cBzWAgnL78r6WXnE4wrWQ1PIek54
- ynUN+IckmfUNvJkNOpysgQjhXR4OZ2PJYHZK3NozDfuQ0gOn4RPAwuQLDrdsPsm9
- cX4iJdhWfEdABZ//oWTkcTRbOgeLg3sBMQ3uKOCuIdUNxv8QArvAgzoYL0XVSrTS
- XgFXFTQlV/Q+h+p9gqRlY83aaORunqmbKmqp7b0CXDRGTqzp78PfBpu83rcvfrlt
- vW/Mc6sdQKbp1CLWjwi5rvicad+syff5K1Yj4KM0Va6EN02fR3Y3LX1umSUz9hg=
- =S1o0
- -----END PGP MESSAGE-----
- fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
- - created_at: "2025-07-20T18:28:11Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DQrf1tCqiJxoSAQdAmctmfovaoatnLuqx5thkVhRKPDmu0lO1Cz5DLyEtO0Mw
- f//rqh3/XZJV5+E9Lg3z4JwmvGOBYRzx2ieZXjG97CgXNJABKZEaVIJRYK188qvG
- 0l4BYsSpSvsPpy2sSpaieMxYsZaHSbTVLCXXeWEuscjZf8YIt0Mtz/Xuo+vhYBCt
- AYphX1T7gM32x84bRKY2GaHMWiJf8gliyp4GEuAcT/3Qy/5T5IzuT7ZCFPY0oJtq
- =4oBN
- -----END PGP MESSAGE-----
- fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
- - created_at: "2025-07-20T18:28:11Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DzAGzViGx4qcSAQdAI999uiupFybQLd1PFvc8U3Iubq8C1Ak7MSeInUWtHAow
- /0AFYupRiOj4plWENTnOtSLaJWaUPtxH5IPmqCti5zZa3EiNaDZi+rQ0pgcMIcg+
- 0lgBQ7C+PTBjVdFNSwbfqTNIA9d+Dnx58rAmv9gnJT29ersC7q30kA6XXt0OORP8
- +Qw94iehnPRN4wIFunyBpB/T/rosnCQwl1o4YF8Qg6c6i33Ka40PKfbk
- =0oiT
- -----END PGP MESSAGE-----
- fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
- - created_at: "2025-07-20T18:28:11Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA2pVdGTIrZI+AQ/8CBqRnnTS2cJsQ3cnCw0g8c5YG1mlfiCfo4XwcUCCYRUH
- cCh1AtWdBzjqbL2rQ9HpJrTiudwpHI5NQhTd8M16klvlfoaJcIFkFOJlmqJIZROb
- S1pwpCSVqfPzMH/i4/OhP3hebJ1tAv3DovKo8D6K0mwxPAr0GcWuNxwYgksArHGs
- HwCr0+eZKtHvcIT2u7XRzbmgS7sylRT32IpouOKEj/xO5EgKlug3zDI9OWOjwQO3
- eDB56bOpbD5lolT+mUbeklt8K9xo/AxllePOtj8VnAQiJ89VlIwzE0ULxEU1J48e
- 6ACIZ5E337OfyiUw8CCAGeMpSG+3WJCBRPoQdTPtDXl0INIcTF2IHnFrbPQfM7gk
- zWbU2Rc7+kuvR0eEKiy4Zs+IprG9prpLyI3ZFLrwZK98IYe54wjokDnNay154lyX
- ncJX37e5RIj7xb0nDGQtNxaktX1n9wUXGssCHLecDIXQ8MstRkPh2/liwt3ZaGtL
- gyp49DBLF+9S2EKAdGk3lEyCvYARuGi5FvZ390+ig5H22U0CP4c6/bwPRC9cgAK0
- nXGleEeCCcE503cZf/ThOQQUKULtdTqrZVzL9K9OVFYUjrhjlxdW4dzIOgL+K3lK
- h7mLEvmgRnaSYVWLfn7NjzrvUC20Zem6I02hV4GIYGjzi9epikn6IlBw9N1hwgrS
- XgHHsygIAU6Tekg0DlMw2yb9DH2s86XlLfmp0KxBr7zuu/NSsPbhj3a9OYft38st
- TOEdrZL+CqITCyWhUpWetmlFeDdgDtLFNts+/5y1aLf/v68mV3OsWqyledUhVa4=
- =vAn4
- -----END PGP MESSAGE-----
- fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
- unencrypted_suffix: _unencrypted
- version: 3.9.4
diff --git a/inventories/chaosknoten/host_vars/pad.sops.yaml b/inventories/chaosknoten/host_vars/pad.sops.yaml
deleted file mode 100644
index 5c46042..0000000
--- a/inventories/chaosknoten/host_vars/pad.sops.yaml
+++ /dev/null
@@ -1,222 +0,0 @@
-secret__hedgedoc_db_password: ENC[AES256_GCM,data:5Pw0orOTzb1xCefwx/n9h9m8gmEY6irE,iv:nZvnPSb6sXjS6k4wNUoo2PCJyOcwjm36gs9l0mxwAeo=,tag:0seJlVi9qTfBiol7mP6DQA==,type:str]
-secret__hedgedoc_kc_secret: ENC[AES256_GCM,data:7RyM9jfKnaaP7kJ1JwucPa/IAwaRc7Hhe9VYIKGEmlc=,iv:RvtaWLsf/X/y8s+DLANcyVgagJqGB7EkvQ2nYm2Xo24=,tag:amdgqknDGeZxUBmXsd1ksw==,type:str]
-secret__pad_smtp_password: ENC[AES256_GCM,data:msnYZYl8vP+OeISI5OOglQsCQ8vxMZ0gig==,iv:oqov/myWJNzUoAn4BSX6hN1fWyab5vud8NmT+z4ECqs=,tag:0T3Xm2zw5k5WmC9Ks03XhA==,type:str]
-sops:
- lastmodified: "2025-05-04T14:02:14Z"
- mac: ENC[AES256_GCM,data:h9E+eIum7jyIx78zJh65c/4QMZRq+stNklGuBGo8afYpicLPG/A9LZz1UeBSxyEoMOV/jHAIuoU5u1wmijcsZSBBjI0LZsBTnGLORWEZCoVTEVCUp9CJHZ8zQEVj4Gt+V/moR+pD4s3YLuywamjquvghwtOMYt1JzsePGcCkHUI=,iv:wxhwDM9hmALuX9Ko4izSQ270X1aaLH5Z1iu93/D/Kls=,tag:j0+XqgV43A6ry6hbHhGj2Q==,type:str]
- pgp:
- - created_at: "2025-07-20T18:28:12Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAxK/JaB2/SdtAQ//aNqxoOe92/qN5cGXIHEMQZLzFLwft0nn7vcp+Aumz/Ry
- HpzIMCg9jbFOJyX/AXogcnD/eFdbByEdJoweK/8HT9bRdcMAy/JXSZ6JK4BCrdeC
- zljtb/LMJhwwLcHo7N6te1NJUxHYiN4kCFzNx/bw18BtXxkpGThUolh9d2AKkzFl
- WpfFD6jq1kKntHh7xgZh85XEmcrh7TMTnVbSphggl50SoDMr0QqlE6+3M15/wPJy
- BkU8lZrd9pnAI54kf9hbyARwLXFO2op2Mg01XqPtZqr0lAJWme8tchTzYfBMy6VA
- gdecfdSa/QNbcoT7MQc4XuNnATZ4V9MGYasxIwfAEd+gJdHTjdpGf7R580b0s5/O
- 77fy5p2AVC3TNgjKRerIolCG946p9L5sexExphpnx+QPcfZxqxRFV6wCHAyfFE7D
- 5pHNDwTi5xKhv5Umsx6SWIgxwGCuBdSmfp3fAMtMpZtpmgIG89ZMM+IEyhyNOOId
- wrDIbzW2b4P39Uldg6959VYO7kgX/+geHaunogYu11sVIXl2sh+tQ3745bZUyK+4
- 9TkY36i0pw88X+qtZeJcynIVs1X5kZU/j9NoqR8uXVo+aTUrqz0Lmw5TJmbtHuc8
- zln5ahJ2oEAh91yKIaG4chXWmOlHa2hLseJh2XRmgmAel9LxZxRDVNxEB4MngmXS
- XgFCCgrmDBEeADGdY+Npg3arQPdQUv7N9zOcVx0+8YzqUkwikbLlAprI82cpRYbN
- PZbwZC68VugNQ2lrTVGl/Vszf77Sqw8YgHKHaCNQeGQ1EpLiTDSTlRidxXQeQqg=
- =IO/Y
- -----END PGP MESSAGE-----
- fp: EF643F59E008414882232C78FFA8331EEB7D6B70
- - created_at: "2025-07-20T18:28:12Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA6EyPtWBEI+2ARAAtSL8SXFBov62tJ8A9z8BUJJxlhyB287yDaE7zmZ7SJJr
- mdIXIzd+NZjlT3E3wSbzIs6bXZ+9hpH/FUwoleMnRSinreK/2g1YxK/rDoTGNCoi
- z8I9IT+tcxLDI7jk1UdOml7W6+QB4WKt+e3Yj03AqOVH6puo0np/UoNWxEWgttYF
- tUeC/5nlOeR3Rmo7xR+aE+IkjwTQIVsWdkn1QjUobURm2MLEcss3ccl/6cYmmbtZ
- zlTDWQPbR/7mmqICxJYbHaSDoB8103xBWoyjBoU6Joogt3ITBp8DZMHsrkB7JM8g
- VwRIUGoA89SUnDLONRpY+SKyF5otpHz51oh0Zk4WvgilYsBq79BoA8RRKAdA4wif
- 3VUZgThoDLarh2X0Y7yRHuIvo3Hyyu/Rb/qSGKc2/C36QlbCG18ZDmBJcXWzsMBr
- 6Tgs+EVI6vDXGpsBiZNMlBB9SWa9/QPmZROHSQ7+vEV8HHQIMlQ5gCd/F8HtDSCI
- fvva+JvvkiYGyuW36ttX/KWja8cpzqZ/sUabzsr1rIpN755OnOHwl8ct19eNNC6Y
- FnqjmQvCiCpAafoSHMowp0gqYRAy7KuZM079fPmC81ulXdaJ/+9TwNRKxK1uxsIN
- cRcMBng1RZ7BcaUnZl36v0If7V0FT8JQJEBnsVgb73yj0w998LrcdFkrc+8K5uzS
- XgEmC4sgiEb+2SFqTi+pRZNuMpNI42m8oVohaaGK3daBDJzEnO4MDCyaqh7Vrc8K
- ksOPAqV3Fge7IM171mncjMOyAFWqKLVJNB+EWFmzBOSu9pcDsOJ7bTxfE0183Bc=
- =G4Ui
- -----END PGP MESSAGE-----
- fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
- - created_at: "2025-07-20T18:28:12Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAz5uSgHG2iMJAQ//W7ljbkBHoJ9PAWC27ixI3GqxvBcCVZJbjBOpZCHTMC6L
- NvVjVM4/oHqO/RIKw/txAJ63nK4pu/VX5U2R9oPekpUOr3vTaOS+Y+SlIEWnh0r+
- LihOfkQIMQch8LcT1yy6tcLTcO18OokuuK9PSpngkHQvq9zvcA8nYs+/apCg9RYu
- DwQxPWukL5g5WPk+GmJHwffStp5M6W2juxwtBEjHcwL2SP3DroqXk5UE9jJ0a6QB
- BFl8b2ubeSlbFOrm7LuhF6MREBbxP2b6pPf9Dii5tYZvpsVNcI1Zvk/FGR0j/UaJ
- 4CP6GNjKtPIRSfVNi5InZppYvWXRWBgvYMCjjNWHMjIvf8+VmaI0KAOYcfrjN77L
- jw2xGwY2GKuZLrgL+q0V9ZtCrXzQsw9mov/8DuzjW8cuWLJ2svHuU4pr5HNm9Mdk
- ffcobSgNA01yvhoilil8I9OwvCBnXDSptkCg7wAiewlRW2skwBMzJ+x8tHo1ckPT
- IxbNOZO4Ky/M2qbtMkkcrCOfN8aw/xtc4Fgd7bWpOnxqQDW5h4BMEUIhWoyrZN6m
- BbnrsjMpuBtG2pLpIzbSXdHXYlGLglSA/HKld/HlvnJ6YzmJ5sq0fLddJejmuZP6
- 8HE3M8NnXCqL8Lg2lu+osWCj0Ie04O51tSOL2MZa1Lrucr4k4R2fJ7JI/Wbj8i/S
- XgH5hen0WL2gfvlYH+9L5ouHwIIuG6hzyM9dcKUAstR8bp8BvagBCHB3aoIGvtjv
- hB0qYNOVpXQbTDS2rhX7Iyc9O2v41piZJc1Wgpe9owfQ9MXCOumRxReNXa6U3Ko=
- =7dsm
- -----END PGP MESSAGE-----
- fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
- - created_at: "2025-07-20T18:28:12Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAw5vwmoEJHQ1AQ//UIWoUZiWc0lcwJbx7Xt4TH/A5pAHRs7tLK11kNmc/yYO
- 9LKj0abYLcEk6ZwTFxHyuOaGixt3XWCeUBwluTsf1hVKyYU+pZoZTZZO75RtlrXv
- tncwBjuMjMHPBxrSRtlWM1L7PnSqG2uDNcuoCDIyQPebqbmwLA92+UD61RXEayM8
- kiU2y5LFUICbJAWcE6/wyP2WTsypmlnvy56Hn5NmekwRa3AI9YzDLDUJtvLuhzrj
- z4Mb8UZZCje6cE5wXFuuAOBnqLFbQoqiksuHvQ1qQzoai+0MP6TAcylhTFOAYUvx
- 5VzHLZohd+F5ukqmFpAA9FxYgnvThhmchyt6HtFIOmeQYm+/d8kcKvHT79SfyFK+
- +FYyBx3g9mMluYrXtNeM5nltMlRFxzEKrvj4U4J5bWnqx5NtviYLk1xQgs/5fJFq
- E6Ro+zQFDYjJB0JMgu2neF8SuFOAbhtphDTLibs7XF0N+IQd5c76+zSHmVGaVGs1
- WrOnIDXJDPsrQ4NLA7BMffZ98t4ba8POiJt1ZSH3ZrLakh5E/l6BmDYFOUVXCiPo
- ofsgIGq6m4I1uG1DcuZPXBYeY0FDEp4SvyjNDmsTHQZWksHiZdSFNVQtAeqnC4V0
- Ahs3mpqZyVlNqfR5lYeoGcqbxkYKYbwUt3bC53UmSnIkarUf0po47O41FpLVMn7S
- XgF9fIMX/lkYp9OAWnYkkYpSnJ7Ild2w6nMqclPsg1ewo1jP6mODZ+LuP0YEjqRO
- cHvgv3LTtEmI4q365h8FvQL6KCtktVucFbDrFeldBrwaLVcdZKeOsEIogn9Wdgk=
- =EkrG
- -----END PGP MESSAGE-----
- fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
- - created_at: "2025-07-20T18:28:12Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DerEtaFuTeewSAQdAV8YVHRPgSGYaixgIXdc6id8t56XZoN/E9fpSCa8TZSEw
- 3boOWRPqAKNXtSSlo5edVKc0aKGT8SNSpcj0iZPNIjT7LjN8cX51Agbh8m/7WSwx
- 0l4B9PGTl+6CNGVMqeRAgAmk4j+5lopHFvVOTzhdTKTGHSMSXDTWDzSRIGScTYjh
- A7RSeNn9Plh1BFaOaHCRoe2ZN8/GiACU6YRdaaChCxfTurRqA6Tg0hrW4Hi/FcbP
- =m6s4
- -----END PGP MESSAGE-----
- fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912
- - created_at: "2025-07-20T18:28:12Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAxjNhCKPP69fARAAj4fYd6B+M9fL4TTp0q9vYcLpSaO5HqlhO+aA2xwfi8yV
- KL8Y6dNQvogBwwux0mwhfPSDkU4P8NxaF5+loZS6fSpKrCfB3jOI0OXQjlkL1X4j
- MHfxKQo3P+gHFY92OBo/H2Z0cp+COySGgQGhL/vz+tlt08eygs1MOB/6S6HWWI0a
- fE+2x7Vm/h1QqEG/7EYKJeSnc3Mqt2+vb3Zc0Vo8A4u7ZusjVWFVJX5ka9vtyHla
- D6QVHIZewUyqowVP81kqO9b5GPDqDySAdPMd2TSikeLqi3nrCE/ZMkqA9AlxPYds
- UCk22jF4jqIlx2KOj+5UiBzmyJ8yZuH4KDo7Sb2ypbu4oV2w9uQbNmtpoGRoF2ZT
- UXSvEmObVSB41OVPJPo8P2DOpdH8hTwKd2/k4z3vsAuzzRYypupy2m/rW8SCMoWR
- zsmX8jlL08kVfokldgow7PNzDSiamhD+JyuZG/b6nxBYG8YHyYXoX3BrCr+GGAnl
- Y2iHjiPwEQlwvYqJU3bpHeqkjp+u+S1oMVVMSEY6QPhepxUpGRvHjHvSElOua4Hn
- CtTv5GR5B0JeuQYodDuzgADO/DGP1xAojeixJCdjfcZnwz5GlPzV5dXc3bLlvzju
- uYF5GLLIyiMG3eVFq+mNdtNLS6/toLvptohUZHUIOzeBE7a84vj6YaIBJQuI+D3S
- XgEW2BR7ssAb7n4m94b7v0P5+kNQXJS/mUtpWt2QRjO7ApgETPKJPL94eHq+ZUFV
- zxGCTqmi09a/4JO6cQRAtTddp53r3Rd0Bx+1LMzlbupwJK03P4IGIu4sxUbYTrc=
- =oBXZ
- -----END PGP MESSAGE-----
- fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
- - created_at: "2025-07-20T18:28:12Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA1Hthzn+T1OoARAAtNvLMnRwKO4rkv+XVnhCm9fBqVqsCJtzOm3+oIxuIgcO
- TdulmufWkPG87BqquK1MMsIfBFad26m3QJnot8JigLf4VN9KOHwaxEiOafUc+GIz
- y+UbWpGTfVz8uCuWp+MgwdhFTQbf48rlfan5hribUL7ZG0gs/k6YCuFxMZOgVmpZ
- CbSqGWYQm0lHZwU6dmKsXAXD21yPhU9JY+301e+uoGf/PR4NPp8CpZWSylQ/0Ndn
- lzTn0rJEMbiM30QgS0oiKnvLodLGfq+YY1nou3YxUgXgnIun2fOlQ5lO1Wf5yfL+
- JVegUqSJqLVBWXWjaGgNW10PWxrwmx4r431uct8SBYgG2Z4rx7nTPOK1UpvUkOf7
- kaVpnCNChxV9URelNdDE7wv+QBqvNrATjrgV9XQ/JPmc8vgY0ukqVXh3YiBlRrgp
- 6GRsFE20Rwwwoun060wUB5coeFxo3fvl3ARfg5tm0DW/HXQMRFLmq5oSF+UCa5ni
- lywL7nudomVieHhrGywzFQ0zR8odC7ChY63VFTlptKQ+fbbRyPr+TiVuhKGlCQCn
- 1KUUdqDq9xAyGycxyVF+xRairAyIb/Rpl8tCqyvv5g0PyLpdUvU5uLYLU0mINoiO
- PvmJdBF1I4xIYOYsIDFYtnB1Ip/KQtceQ6wbVZoTkMThdiYI3IaQU69ZCnWoA5/S
- XgFAn6epxYcIA0AKZgwLcuUK0I1UJbBwUAOOSdGs4LVjdH6HhqEtKGtMt6TW1fpb
- iOhHHUnBKf4VJT4zrfP3D2WrlbEtV+7njzVzIxQxSLDW5c/JFWwgSkDwmcZGtXI=
- =C12p
- -----END PGP MESSAGE-----
- fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
- - created_at: "2025-07-20T18:28:12Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA46L6MuPqfJqAQ//c82fjsqdQ21eVipN6br333hV5pz1ADxfdDujj85EXJkN
- by1KP7a4bKdmuBqMZq2jAd/7BBMkiTr5VElCZVx02OkVNSAI4W+2Q9jLkLsEmq8q
- Bx4FNqqbziu9hPjGbiEaWZZp4Nxw4PET7yLuioLsuXuvc5MBkkAv4NPY6fLia8Lh
- J/K/FerErHHe8aDbnb1qbjIdgibGc19jQoy+8O4FjlpWxr7X5r6YIDjH61C+iTed
- h/2b3w8OjsaBi1uk1TyXCkCxpJFHw5LpKJ5V+Xyg2k9YFWtTugGG5WiJZ7l15JE1
- Ak2W085nzYReYBr64KiUSEZRzJzA5c7Jw7wxUwuM3LWitnvjEkJs9bjkmu3wicy8
- z7vTQkPVXPlW3zRaEShk9jIizT17y6AxcR2HmhqznGN1cCe/6mVNCqXbjLylFHG8
- 2ez2SheSlo3hEq8Hr42pwxUafKShOUAcvHyXC99mh5SrE2t87SwNf6pHDP48GD6D
- bBztseGNapINd6/KMjtCKvhC/5wapyYbgW8/mYYmCqrlyvvs9pSIqBR8vanFMdDA
- RGouV2HXLCvvf7C+QJ6I/XMPgK+ie8063+7Mz7i9wtJ44QrIEBBTqBaLgSQ+ojek
- 5eTlB5f+6XgiAIrtvMjNuyTNYKjlGILC5+RAfhoZGH6Y5pA6lDJ4egpjRwW6/jzS
- XgGuUCRdk0qjpfR5K1HQRLMYx7zhz/MZipHAjAXPBua5NIFDS+G4uS1bVozFY3C3
- RuWqBLmQ/zA4mYkZyDBKdRZOKIHvnNvHT+Drpzs7HKMlt4evnU15V5Y94kveI0k=
- =dtNw
- -----END PGP MESSAGE-----
- fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
- - created_at: "2025-07-20T18:28:12Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA4EEKdYEzV0pAQ//e+W8JAZRCKye0xb0urWAqMhyQB9bPoUdq6NvqOhF1Obe
- OIIg7wKMVYagNKnnQ3DT7AlaG02B4lV///cXDbF8z9CqITv0Jy9KDLhWcmCjcK4H
- /YIs4uVEUm0SsZniGtX/XBBsVPOSZjrr1Rv+ZQj4S3QJB1bvouZmXotyiSBAGtxs
- LWvJbHZMPpeYXYHVJwB1h643uB0RAxl5ob7t1KhdWOBczqTw5LJWkIvhiL9twjRM
- SNo/a+R+xXj7+kNhzA6x2p48EEFoCnZLwwwnNxcH/7Ru+VCTkd3+LWRoocYu6Xml
- 6KoyMv5QIrg8ObzzNDqqdHV9AL0yMoNbWhA8wW/pImwzWWIoZZnOB+UqnsgmvEJh
- z0Aznuzfw490R6I7g/fKTTNXIkh2RmPe03E244H/FL3Ude7xSgVRc85JzECk26gh
- PSvYBqgX6gafAHAFYYtu0pI52fIpY26FQ6oFd6lINmBquvu+jVRJJ0tL90x5M9oS
- 7pW/++RX9A77sg5uda6/83H3VGyDB73epW+Zif3EY2I4pP14rHba5W6GSv5pQRRO
- 44rB0VsrfQrFOgITCqjUWS6XJyfUcwsISCbmKz7aLqMApaoqAGdQz0LYPtlGiWvx
- fAbBRmjFhSKt6+U7rvM6oJLjSZE0AQJ6d4BSCjqvU2Tn2jNv5o6VT3XjwqkSpOPS
- XgFVMHLs1tTvyT2pavrsO0OkRY+wSEPkwI23/Lh51lOsdRqTChiCsoixoApEkKy+
- /EehrjKxPsX/g7ulvoNlnAMtEYt4ShCcnXY+BJJAQLyZrGb4APSd2TIK9hRTNMk=
- =6NMh
- -----END PGP MESSAGE-----
- fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
- - created_at: "2025-07-20T18:28:12Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DQrf1tCqiJxoSAQdAqpHTHLJ1nm14QdhNauHESrle15XBGIWMPEVapqcfc0Qw
- KqDeoxAQS+KqklzODzy51Wmzt06gGn7AOgGf7mUTOJJDiNwtQrPJay+JYgjmKwvH
- 0l4BUgRnvwN9iYesLjh9HNsk/yomORDhwdbMoel3Y5KN3+3dVG9wHSA2A7qpre5D
- SWoecyXjnocvu9Iyr1p6d7aPwGcVvN+u/4wD+fsczDVj5megya5avSjD5bXI0tZy
- =EQq2
- -----END PGP MESSAGE-----
- fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
- - created_at: "2025-07-20T18:28:12Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DzAGzViGx4qcSAQdAgim7RmvpCENDIfjVUrEW9y7BKKfZCzDDjAo7DMKibm0w
- fnUxNm6hFRKfZGNw7YRIZxrlkBGrzj3lQaudBzOw+Y28nKK+wjltrX1JjgDA2aQk
- 0lgBWY1AIVKdyzJustVIuOwTu1GfLelPKpzT4lFAnvBrs6rEI0DtVgiUtgIxn2aK
- ynDbN7LSJH/K84CigYCKzKdY7g9eg6uKuS9QWaDV//oMZbdUijhtK2M9
- =/TsU
- -----END PGP MESSAGE-----
- fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
- - created_at: "2025-07-20T18:28:12Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA2pVdGTIrZI+AQ//X+WG/gb9oSpWLPlQ8MC1LTGKbe0U7n1RT9GfkFq6QwaD
- 63K+EUOPmmssmWuqIyH6XL9TXK6xX3hn1wzZ825FcmN69O3v7UoLgNTalVC6A2OY
- +g9rcpSIb/R1Lt694p75ce0KvzepvyNdzsTwzMSMTMXd+Z4vpUyQKPzOnUCUoOK4
- MKm8iNxX1srl5vEiw3wWR6untn+E/4DGmJMA0BZxR9TTz5dvNnW6F/xn7dG/aLvz
- 8MwkisqkGpkb2SIeCexnJFaYtYgIHby+tNVUhBE8A8VOQdRa4OiXNbg+EhO0J7CL
- Lhsn5B3jsUp0HAnUrPI8feuwaplzPML/keVE+eIJt+xcXh4znVbclFI3gxNPhMPp
- lTjRptzLgPSa0k2+shtF16WA9/zCmFMO338VIEn7wtWPsrtJ2ap6jD9VLA97eas6
- 30aDudXRx/Rg2OyT7K3lfRhgkV+727cbBCYKN5YW+TdQp6LheB5PbWbRGpr6wQbW
- phRhgTgSkpjZf2RPCgYLNjI9xlep9lSjBwe4vZW2MdVA1778hvdVb5069n432a8O
- A5mPPsfwNi0X+UnFmid397jIFH3ZFoF2YB/otnuRfFA9TdZbayl/lZgXVJvqnGGl
- +Zaz74UQiQWxLBYTpmOdh8Cs2eEeo3vQGkOpRr0gw9AXrLbiVYfv+CwT0QGAUC3S
- XgGASADjHRKN0sqUwZ6/XI9UeWTMNZq0Y/DPWBGTzT4AehLlJKo9Ju8iZlN9D6Dc
- XoIqjpK3F7swjMED+xnK89dWCymPZDGmA9fWtkFnGkMjDWrW62+UNb9f/Oh1sGI=
- =8MRO
- -----END PGP MESSAGE-----
- fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
- unencrypted_suffix: _unencrypted
- version: 3.9.4
diff --git a/inventories/chaosknoten/host_vars/pretalx.sops.yaml b/inventories/chaosknoten/host_vars/pretalx.sops.yaml
deleted file mode 100644
index 9d5082f..0000000
--- a/inventories/chaosknoten/host_vars/pretalx.sops.yaml
+++ /dev/null
@@ -1,221 +0,0 @@
-secret__pretalx_db_password: ENC[AES256_GCM,data:T9qw46sR88tcj4NG1oK3AfjreU4N1cIN0w==,iv:g2rr7PbFN9bFDg/w7vZBiuMB4p2j2uu0eQAyiweuQ6Q=,tag:0coJNAbT5W9gxy2fVOhuoA==,type:str]
-secret__pretalx_mail_password: ENC[AES256_GCM,data:HJrrmdDKzity4Fzz+JEj/kvddzHpRbw1Yw==,iv:dW15nSyYjzlFdPkQoZmJ5k+poWyJZ7dW5Lo8IFjtfMc=,tag:AZZObQRDMMoQgnPmqo/+Tw==,type:str]
-sops:
- lastmodified: "2025-05-04T14:05:04Z"
- mac: ENC[AES256_GCM,data:sO7OHejtPDQNt3bfXl+W488vCqaIicE/iZgIw6dClwoHZUHDNlv/V4aubJk89vELCs7JeOYocqZhARrrHERUxLtQMf+YguA2fBYZOVZ37chtfIqYoceq9ygzzzI6/PQlO5oRoe6HkASJK5t9oVWdfWUmBfWWWjBGrsKbUGnlPOg=,iv:p9NZw6HA0oj0PWJYDIjUKzj3DAI4ymI2V7o9knsvjnE=,tag:AbMiE6WQSPkuY2AEIcHAYw==,type:str]
- pgp:
- - created_at: "2025-07-20T18:28:13Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAxK/JaB2/SdtAQ/9EffdaNUw7+lCgQpIq+ZLSK08NF6VdkSgrB2qBfvdx6K2
- rHNsBWMhfXKJRu42NBKP6v9xuJsNrpS0cJKhBaZB1sZReJ6iFRR6iFv3WfRPODNw
- owx0dXP2OTgrrJYr9jbg8s2yUZzRYakEqa9KZkLIjz9klyxclDF6aI1DjRuNJ2iP
- almHjD+wjr7KZSPXSCEESfRD+k2wUUk/xMLQ73tdZ+8+Azex5diquEZCXZ4VPeW2
- B8pl3JQlDSSdaxD1YAa10eoIwIVn/ac1phPOwPbegtvhRs05HpaMVD8agP6r2IFe
- sLoqAGRlgPAr+a8KDxwxhRirrutOxhvgaCTHqkWBaUsNdgDgWfEC1ujCM6MpzbnP
- lu/VQsDEN1nZs1UQ3qjCehh99NBdD01bL3TzTXrT9GhoYxAKb+QN9+7csTKq9LH9
- QAFQOQ3oIZGf3rdpYwxrLYAfA/dSu29xXHcR9qHVOSPDg5r7s1ccLCT/DwtiUfrL
- gXzMUMPmcHAKaMhpxGXtnlyZFfSA34EmFFWL180de8fUHW+vD5AQu07RuwbDmX1O
- ocYp2GPwyB5j6XsAGKDesyXB3q36qKyHS1A3XeWd+11cSkcorDYTQqjB/6IeA0ym
- DSBUTVuRCput5skr2t/UMu41PnA/WTGKHmXU4tAWTCOPF2kIlJJpOcUC2m5M/+bS
- XAGh43M0q6QwfXLVpSnbtQhT+FRGj4xgie6A4aL2kKjwbo47hfFtQ2kw3PFk6iXL
- yAnLTG+yW0/FOm6Xmk838mO+xuNNHaOMZgCYXmD71l9u3Za5xjDPRQNm1wi6
- =P45G
- -----END PGP MESSAGE-----
- fp: EF643F59E008414882232C78FFA8331EEB7D6B70
- - created_at: "2025-07-20T18:28:13Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA6EyPtWBEI+2AQ/+PWhuluGgAjqYQpFiTUSUhwWbAwpF8o3pQan4b+cd8a6H
- f1jNeA5XsWQlmtzlW91T3vInqRrWzp8JKR213nFm3lA9SkNQmDs+UwcfQO8at2JQ
- YMhUWf3ea2TWn6bKb/LNYMdcsKNlaueyQgxSJZP0rhPoI8uX4r9iVvfbK8g8iBnw
- 9HErdOHfaf1PNXFQtSh+1/47ocyxiBg0/7+e3C/Y41S53NG/J/d8ldTU0mZs8q9o
- 0DC1WDbMt/t0HwKyXN7zLdBoW0qB2M8FFbAyAqSpgDdB6AP513V6ggoXT8vF7tFA
- m3Sq+8rNl0JWK2qcBmd2tIKJF0xASTnhQOd5z9PwZ5MlNBJNobB//v2UlDy6Iov3
- lXXbXexOtxuBdrWsQ2fj1ROasTlBTBJ9AAKX2hv/x0bWY627m9sr9wQxv1BrhxzJ
- AnPGYEHdpW2gy3dDgq42HsoGAIQlO7fjtPC4LRJ+mVpJNcpAaJgUBzjwyEK2/VZs
- tNYnYwhrxeQLQfGsOKGBm/gMUgQI4UPmyHZqEMOziMQu9DX3PQ4lUE8NbMnzhD4A
- XVM0XGh/rX86YSRhoqNbubmsWtz6L5HfIfNF385OnM+AVXPorpEJNcDYN0HazLYM
- yiUJ2UD9eDTF5Q/lVAQhmi2j9sCbn+cWwBHgAUfBa3sdNhQgt1V3JcoIwvEIru3S
- XAHnHd6LlUDdCn1zTOwvyKCz5V1gUDQmF+ocj6Sh5lca0ks7kxTAU0KCTwemDsbz
- 1WJwR5NR+gz2YMcGeRRqZzpnSDs4+RyaTf0jCpj8plDecBhzJMoIzX/YcDlq
- =W+aT
- -----END PGP MESSAGE-----
- fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
- - created_at: "2025-07-20T18:28:13Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAz5uSgHG2iMJARAArMlCeBgkSZl0QwIU+ahxoq05l5qDc7s3k9iH2i3ZaIsg
- ZQezH84ZKbMao+lQrRQLyDR0WzZ/gk4fytylC6zU/F3kCojVO6zsWl6llOmbdvgY
- ypBkLT0fQVOKqljEocEpc54MI40r8n/yJrnn4J6ERxHR3VXJBc+m4M7Zqudy1hMx
- ugx/wpjenCXRis1S+6WgdJ1XMjkd0yWusI/oLc5leac/PqnVRHufSzAx31bRq/7+
- bjqUUotIbUp6DhOil4or6P51X8BIBlnEQhYjHTQhx3fnUyqeYLW+UTAUYaldOY6q
- bBOE5v4q1o79gI7rGfqkSXQl6fIJWUwWcUA+VLtv9hhMiqYOAezm7f8MwXZUefp1
- 5dCLfSoP71cwEHdfAINsxb6OoIMuvsrL39oMreEq8v+wXhLlvxxBfSB9fPg6Blw4
- tyx72DWKcDUvcXlUCVd9AnPPUN2AqBOnuQ4bmzuIOxZHQUr7oTYUsi02H4psEkNa
- gQ0yxiEnznnU8noykPUukzYgyfRzHsS1q1o4WLjUcJkFFLt1g5HQHTDIvD1Ebf81
- pi++0CFjcNDZe12S4jpApcl24WTowkfJCVYJufX0cOdmL6Za7MVxllq3PWIhSlgO
- vXmkoWhdDlsl0B+xEWeVw4CWQOmbX0J2CUwQRVdwRqhv2ejc+GCFoyjGWsiNmRXS
- XAGwkybWT+vU/8Uy9jwdRHPFOcE+ZIPuHO3cy+9TbkH7w7M86YEUdvW6amvG0HiK
- cnMWvbol7a4PdN1i+Ov6YzuqIkEcV1Y/RgjOa4zwbXHwX4LDLpeIMS68E8Fn
- =mFN7
- -----END PGP MESSAGE-----
- fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
- - created_at: "2025-07-20T18:28:13Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAw5vwmoEJHQ1AQ/7BfThwS2apanA8MrUZOcED+O7zMnYryEUlMwWpBE2sEGd
- GR6letvHkCn6ggqzVmbaFtFY6kzWnUiwHJE56rXab8ouoybf539eot1FH2rtDFWG
- MFDO6GdJq4JHCIksx6kR5N7qDyhSTiqbuF04NsvoHvxgcpNQhkHoiTopTTnMYH3K
- gBy6nMkfFtFZ1QTVUGGtVROUqo91r9Pop8IkBX0o6dP9piUGkQUHkVD0ci09oclA
- xNCIO2Qfz3PJbj2EEyVJwLYTZd32kJOn22e014kI9/xOWCHNOP6zqwR5mzyb1cZl
- ATDnb27F1JUxpuXPTx8Q6ybI5Wg/l4du4D2ZFElkvSh7xQJSeRK/OvEPpOeNV4vn
- UKj4lxg9+AiNCbuVxgZP1uYCDKfcf7YnBhctRpHYK+DWE5DLpCxjYRrMu5/BjW06
- Xi4uYVX9bM82RcnZUeOJA/4GY4epPlF91Kd2ZTdCyu4cV1EPtFi6CQkG4OxuqbQ/
- cURZSmLwJHx7eoqKfpARslqMQF9713GJ3ScrvwwPEPXyEptYn0wwnuvsLSBmLO+y
- mxJFKsTUumL4e5RSb+KT39AXRDfgP6dLW3HEYYa+wLfNBt9ObS7u3NZTvAbIqhDP
- LExNXOxSg6cMwtXB8i1FYRAkSaOoIg/RMUXFXY5Ozd36hPKRQMz09lvxI6Vc6MzS
- XAHKI68c+Bdu0z4LfXEWc6n4ZCLkU52fytX2chWx/SQ9K6SGPxoJ6enz28zXZP7E
- GSFYcKW2ZnOagEHRq8ZzPjR6RsaxH9Ge0oR6//55pHQqpPyU5YBe+gq/PXh+
- =Y2np
- -----END PGP MESSAGE-----
- fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
- - created_at: "2025-07-20T18:28:13Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DerEtaFuTeewSAQdAI/McyCJvJ2mjfuNy5cYD8yerRzaI6hr3DQhym9u2Pz4w
- Xmzw8xhS2pLF+9wByaWzPa6wZNhcOw4FuoY/vuX7esfkiy8hOolggOo5N/b5OOtU
- 0lwBy2eZXcWslQn0ywspNjRLSCMTvMtgjP+Mj+Yz1RFVuuzbf8nx6KndgghNJLeM
- yu37XTzfcq+uoTbeAuZVtHS1JFrHbqFvuRNnqF+DA6xI7VY3TMJMhpS5I5J7dg==
- =/a2s
- -----END PGP MESSAGE-----
- fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912
- - created_at: "2025-07-20T18:28:13Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAxjNhCKPP69fAQ/+OMpABLgtPwY/mKXXbt5ZWlPWc279oVuJfr3MKNAZAeYv
- tEwRH8L+/QJ6WVb7eBM0QiYPfykN94lc2ibiH5gU0fYl1s5t8RhfA2+cP3aSKh52
- 8PAuEuvfqV96/rIaZfgdhOkZhyOlB9hGiMxXzrqDSgMiDm86dCokYZSnXMYcS2QQ
- mj4vazChKE9BOCRXT3udtHPTJr1P5oy8X9zzJD9zq9cDRimWVc3d1u5UNdTcUnp0
- Lc4SdHImbyzrIw8dbsda9TUv8D38c5f6MCZSjGgCBQ7vH1EVpSfwPDLhvfOak38A
- j0f7j5VRPNcYnc/SzFLM9gXpx+K/PjEgwBlZBWqQIo8VJu2j3HT/WePKABmCki/F
- 7hvBYF20URGTIwwWvwgEPNYarqkfUsQ4MlQFLeqb/hGZmDJPI45kxA9DeDj17VJU
- GDcyVKaU+YLQqNJzlPl2YsC+CVGwnF68+cQ6uDtFVCWYxZuB+8Uza9RWNilT7YsE
- FWNjZNPEpURUGzXoWjeD8dsr3d6138Br5lVuGt9bT8rKNIr2icv+C0IIhAGPFn5W
- 1mankaftwGtOgQ2kV+vJTHiAoBTWXOsl+ppeYrRYw+dEk17NMOryEmgGARtDOQ+m
- 9ZJv0SfoRhH72gc9AyyEb/3vW+zipobRwlrFx6MZ24YsmrF6ktaefwM9qrC1QrfS
- XAGdPW5zc3TcUNg1RBv+L/tsi2kgqY+ay4ivqeMBeKqOpaLflfzcPvUagDbyP8Dn
- X207VaxYHuPKHkeIPTwYu+dDSUVURxSePZY6dNq4NVAniCA55BcuwpZEtSkY
- =A2kF
- -----END PGP MESSAGE-----
- fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
- - created_at: "2025-07-20T18:28:13Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA1Hthzn+T1OoAQ/+N2PMc0UUZcMCFJ5r1ighIXI6vdPPKfxD9dO8CLG/d/Jg
- 7fnr57VGf9WnDcaDWrInyY3h/dhbVdxwW1Svb+sIvN4h5HNZXT0slMqzF5s3ujQW
- R5IKf0LOPoP961pkZvAxdGGaVs2q0KeXwzaQrRpdG5qZoZFukBMjdPlXvooWL9xj
- 50fJ5FA9tWsplhexBJpO7gZa9ChM63OwkrMJsEPf4IX2CdAuIUUi4ZCSS9flYXwZ
- 0sGKWFIqAdPAlREv4Oj9Yyg/w1JIxOi/FRaGX6w6e8N0ijrde5m03vM+43+oo79J
- F/izl83N5/cHUnLsovLkwojcoYWX+lHRBPxaPti0JVtTHxNk2hgY3VJuLbgute3D
- QJk9shKlsE1fuRFN9kYeiZH47Jb/GQ63W/W38zGEyDI/P2XFSkoLkK1XMUnv/iaU
- BiZ9yyJqC14B5yoeI7fosnpTxbzhEU/Klk4yCjy5m3Btae7oBVrPJs1ksy1vsJVI
- 1e0jr2kitK5vnLXntrPHrci1D48WuK8qYO9xnbPb7Y72a/Zs0K3GFaj0bb1xDp6N
- 7MdbkpkxZfilj/TRdyFCzWAD7YYaikpdqNVNupK2eT0DiUBLEay7CPggUy4JBVwv
- QxjKPIFEuQYKDZyoqaB4aNK7sFi/mnOnhSuiPW/Yj8nWO5cBQN+yV53MZJ+bMT/S
- XAGRgwng3ADPdTTWI7059N1ps47zLu+X69EQXQz/XXE81LB4GpV4klf1ZyXCJxL9
- h6NkMOelbQRzo6GmIVH3ZybulBDUEWaGcey/tjc4Nn8nsWLEEK1sZ8vxhgQS
- =w16+
- -----END PGP MESSAGE-----
- fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
- - created_at: "2025-07-20T18:28:13Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA46L6MuPqfJqAQ//eCpH/tm49iFcT7m5Yy9URQh6iumq+qisjewD4I55vfI8
- 3wm66qbVeGqRWdLhsLZ4xajNNe9WBYnO66RcR5QEyKkwsau8IzN7An7qOwsudkFi
- Fjm1dGh0n1EvsScDE4CccPlWIgmoTEkI1AlY/bk86I84Xz2I+KKGKMDDt9M9wY4o
- kEfqXhTWj0RyYiUWroFDTTUS37qAxj3Gsn0ANrK7fq3KWk5wZY0HxEZqiwohh2IJ
- 1IRoPqiweJGXTAdt3XM1KHNj3goMThyW1nPUS3vegSdG36MW7zYgFgr14gEWjwe7
- uz4au71QdsJo2wqrXcblU2KXhxMxgKsfIO6n5SB6n2beC5YB/WXK/4hqvjze+4k4
- gmJ1OaDF+C3/hdNlAxXVYw5duYeQHaWdBnuqc3bYBR4gplCe8sHXVPldBwdBXT8/
- arpbxaTZGGBufpAWpC2zOC/LqriFB8pgBr/WHs2zgRyy2tNB37g5w7CW/1piTxOm
- txAkFnvlVHAvA7KJUK7ZlcilxTNhTmJbHbsgax5zol+Azr/NaiI5oCFPfEfIHMi3
- KIFasJsHaClUjoPcoE1qqCxWS9rYcp16JA42tJHQLUTf96EMSy0PI1Gz8s29CUsc
- 8sRQyCHg2z8CRYewpgeZPFZ6oB4li/7wk33R8Ygz2rl0v8jGYLLXOS4MKnMzmh3S
- XAERrfs67xQE3bgzbrwobNGeTkx2XglSe5m+xK4D8ncaCjt22igKynJCN2VM4h/9
- w17wcA5ptgHDY9FVbdzlVpG5B7k2qOU7ZpZwXxCtcYKsa2ViF8KOiYVWT8VI
- =EeJS
- -----END PGP MESSAGE-----
- fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
- - created_at: "2025-07-20T18:28:13Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA4EEKdYEzV0pARAAkllD5CHl9ViGIl/9NT0B/w0VXvKdt7Vm2xYAOHTDszhM
- ytcLXB9sn1eioRPBBzVBobllNPJW6Pw0udokQtJ+AxGMbWCEiAmFBz8l3UCx5I5Z
- UTELpSjUEd0NnUXeEeHqXFoeEgfuXpSl/jrhv5jFWKhosrYROlD62oBOn5GzTPjo
- S4f4w/CogJGDCtH29RqknCNGILUkq4REMRkUROVBNNlt1l6u5EJ7WOYGs+8WZjHY
- Y6GHnThJcZQdExVkLU/LqI4behM9rMWIfLuvIq9H/0JRaaUFv1HPIk/txpTAiesK
- /u4qRzVUSXF7C98NS33qN4aOG1twRz0VcETt0KGSTCdQxQlnAnXw0MUaWIr2Xm26
- NVly12Bfnq5iWzIx2oR0RDuD4k1TWK79+Z2Ne1h06VYTIEqxnjMrXna3aKGG2f0c
- 0P6u0Msf8FxUXEl/HtRLZHJ9v8FoSE+qi75dOb5tsjXRCIKLlNetHN1ZIVTPjD2j
- 2jftyIBoLe9FVdMkjhAhfkRG3nc1bpDm3Fz7LNHjr7h2TAgskYRctRCQ0sLUm+U0
- VISkoFe5bQgln9igqaVmLOHPXLkAE0pOH0gdyXY4bYUf3CqOgvgdRRHAstup8yRE
- TMop8obh1JoYPy+gx2jnHbr01lTAnbOqTBrnq85dh9QiZ8RD57rmmQCn334cfT/S
- XAEWF22JjcTJ16SUDzzM/ifU7ZLn0/6S/06mvzzvc5/P1j13HxoQy0tQnYH+hSSx
- vYs/JDWdtDOLyveQGdjEBv9DCajNPciCpvIHP8kiEIgXK+eq4ULwgn7qHUA7
- =5J5Y
- -----END PGP MESSAGE-----
- fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
- - created_at: "2025-07-20T18:28:13Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DQrf1tCqiJxoSAQdAgrc0PgCemUNp2H9DlYhzx6YOTxe25hl9xXUry1/7UDww
- GqWflaDgbQXWAfJ7SRg3/97xvVO2PvRZA0dSfyGZOYdJZI2DQYYmPOP0XBjGmj5e
- 0lwBC405oP9jUhH1vqsZ/gNCQfmBF+K7+AZZLs6PMYPMbYqM/UwXYG/1PQ6Nsgjp
- WaNDQdhsgdBF/3f0G6dMlon5GsHh74UZr25m6UnH/QXsGUsz99YC3HpYqfZ4zg==
- =swyG
- -----END PGP MESSAGE-----
- fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
- - created_at: "2025-07-20T18:28:13Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DzAGzViGx4qcSAQdAojcnJZkpCUbE4s+WspGi5Eu7umXR1CdYzHy2PeO3cxQw
- AlPyrJ2Yz40wMB193w+7rH/mmtDJ+TQR7JdtUyjFh7qmTGHR3C+PkcxcMZ4f7hNo
- 0lYBOsN8HfiXQRUz2OskzM0nohP41Y9+GJd5fZRPHMUDoXuW3vxVYlvHPs+y7b1O
- qW9DN3zJPiDh00qpm8bL8Cj1u2XVvg53Yv6FIPbzqwnAWGIAMPY2YA==
- =Li+p
- -----END PGP MESSAGE-----
- fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
- - created_at: "2025-07-20T18:28:13Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA2pVdGTIrZI+ARAA6LhhmYQ2gafJaLJeieaxVcH7cqanMdP+cWIUHU3vSL1s
- pm45DvU82PdLot8tXVpiFE1h+Tj1NSFK2HQnyxZZCTp3WVBclPXsDM/cV/j2Ti15
- 1y40CEHCmmNyiXWfe1oknhSd0hhsFXA1XukkTqGJNO3lWLmvxSOHcz2pVhLDZdFg
- Sbl4NphVeKSVDthfgxq54MQYSkpQ8ad5Pu6yj+xKog6+vy2kPb4j8OGAxvXufs5b
- zehTw6y3v3R4tEWIOhqijzxYEpXfe+CODvos/ktlBu9JRz2FxBhDKynADalgPOmQ
- RKBy/UJnb3AQKNCqDPMtdAzYgLbjusgtZCUqNgNwXhosB63Wp2G1lwl6sXpmeBvd
- Cwo6Q0XKNMupnYk3bLpveKTJEuGiZGkpvmj0aNEX08JuROYOIcu/8NAxD4ElY28Y
- H58qduuiiXKmCz9LAZFmMCll9z93UzQ7G19yG7CXERwLCp+wtftcKks/K5ZMxO3i
- suX2kydUi5UiaStLOrgaUCwAGLg2JQtOUlf/nvoxu5YHUbKwbXJ/SHqCngxoyE9U
- Y3ZaicfiNyQW5tI6N/PVdeC0cvIp+hiaMvHXRNNehVL2Ac6yNNUF+X5fU1bzNqgQ
- QMVIf/UX2ky9mjmxw582oOCASiBxtCQKpVxgRy+ZKqhgcdF0Rn0hp7O5arvYB7HS
- XAGe2uopSmnOmDt3L/wOKfiEX42nYqhNgMrgJg9NcLHyE4ofyvEZrOtztSK44aUW
- WwsG8izTHGhgUM/0GWRsqy9oZVmDUiNcxzm97n7UGqBZPqj8iHVGHCMqpLST
- =+cIy
- -----END PGP MESSAGE-----
- fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
- unencrypted_suffix: _unencrypted
- version: 3.9.4
diff --git a/inventories/chaosknoten/host_vars/tickets.sops.yaml b/inventories/chaosknoten/host_vars/tickets.sops.yaml
deleted file mode 100644
index 6dfc627..0000000
--- a/inventories/chaosknoten/host_vars/tickets.sops.yaml
+++ /dev/null
@@ -1,220 +0,0 @@
-secret__pretix_db_password: ENC[AES256_GCM,data:kAOUjT7gw0FDqO+xt8m3wAhOGuZTS6zEIQ==,iv:oPAxDzz4ellT5MxUqw8/iBYyiTMf1b/Lddj5E0iIhWE=,tag:r3OTmcSjNUETEmOzxsMhxQ==,type:str]
-sops:
- lastmodified: "2025-05-04T14:08:33Z"
- mac: ENC[AES256_GCM,data:gyf0gBed5K3sEk0bTBPbNa83QtWtoLx+NVp78KrxxfyiUuPu/5ziWPKHDd7o9TQvXZnQ8isVy2BaTTwR6tK4AG5+SO2ffV0a0/uNx3/jUvh56zQFwA6LTviEnR3vKvKPa1GH1khojaCkyMpYkb2KbMnbrGIt8qqqDcwc1dMVv4s=,iv:7oPpmfeAcWttEaCOiL2WocbhoBaIh0Y33OlCAYjq98w=,tag:KTN+7sxOYEfxGwB3OXvUIQ==,type:str]
- pgp:
- - created_at: "2025-07-20T18:28:14Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAxK/JaB2/SdtAQ//ZaLa0jFRdraV+dQbKltTYi3U5RCebaARIe6Zodux1wNF
- nwiBpuTmGsv6zlMhisLCuvq7Xi5sjsPgxECeHTa3iO5vFmAI0FZ3edxxqO8hSzg0
- 72C31NGvXxvXOmiPRSE1ICgi2d9QiEo9M/XIoYuH0KvfgsBtsGJizf16qRoZvV4x
- mZ+eJhVEnrXhDAMW0KkZnuCA1p2+02ZbldEv1xO9gcDjGlJNlOmFkeQSw7YJMSL+
- 8i8IP8bu+P04vhQ417gnTh+J2FHB3dOGyS/xDkWkvm8eoOGHd/A9iIdYS6U9IXRn
- 1cKtuu+1WMy1tZI8NSRrjjCPgA/IKAtRsuvQW8SPD09Ry+PLGmPNDD06xWeruj7i
- zGGBSNLudQerlcgI/jXpfa7cY7J041DIuL4LpjU31qfj3LOf38xoncgKWGp9y1Mf
- qmPgqjVr1AQL7TaFCBs1RULs05NZh/H/aB5LySGJVDklpAmsNI7EELuQY+uLDul8
- z3RarGJQNHHpgh7bVr/2xnX5wxnPDKTxZOX28cx60xAdoQ3YteN3sz746eVIpLy7
- RknPiPxbLADMTDvWViXV30NBxiRIMZMyTzV8dDVybMP0HVsi60oUmt4dTxNTUwc1
- IkJAsf5B3Gvj5QpxB1t8hhp0VGp9y5xpCIxKH02WsYD46Bk5S5GK3yfI+oWHGhTS
- XgEUfid+nmHsdOTwLuIAcg94hpjb/qeNIZTrFu+PLv8jAXM9iZtL80TY3Z47dBDD
- TFL5VWwnN7JvtlFAXZfdDF0Z7Ds36mrLkyP5H0HlYySfXzXRaom1X4Zoe7rdOYc=
- =irhU
- -----END PGP MESSAGE-----
- fp: EF643F59E008414882232C78FFA8331EEB7D6B70
- - created_at: "2025-07-20T18:28:14Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA6EyPtWBEI+2AQ//ewjkGZAOs4fTiGze7L5CheqqNUbpGGC8GGwc7XNWWDTH
- MzHw473nF2m47qxDlOPkuPaSiM42306uzLkfVOK78ZF0yR25ksWmbsUMQmjvmiIz
- RxhN9se36iui57yTZmgklwCZHCGgH+Z14j1IMyxyjwYnVD/keNT9nyHaTXWkJspb
- VH8HDIdUWRTz6i3lQFTU8ihsUYJEDfGq4Z/sfGGdawHCdycq/X77Wks29PkX7dsT
- /ZWQ4wDShytB9PZkzYRuQGxe9uyI2ULGzox6DxCLiorjbWvu9XCk0PyGGd6oCYTh
- bYwERBateIUGy5MYKye4i6bh+d+OO80jOz3MgG5WhNfmqboywi/sQ9h5/OQStNAi
- isY8VKyqgvQMbOf/AMuBeUClecFhDDZnOHspHPMUwnvpJ7cSni+n2fB1Ng/j/sVH
- Sjv8CTmbPOqGGSDO/yFXBtWqZa+DwSJog8XUgc08JUfSawKtWGbQyHsRZ9NPF12z
- xtILWkYOsetA2rIz+C5L/E1linyj3QuEXueONiducFhC742dDJc9RY1+1ZfLwkoy
- kgZuxhItOdBOhjmarK9hlpOErc6d8UiDcknrfHdOs9sZCaM1I7EptJaYMkn1Of0p
- 0fukUpolLGAsOOphwJyaF/7qfWXmGmUXD6B/prYo0MggnGYZ7NkY4ja/MnpoYmTS
- XgGrkpFRNk7XdrOjyV9+vYHOKegNpoKg/SORi810VyNdY5UrgeuZGRFopwY+hyR8
- ivgndYxqvxLDKJ2IU3LTPn510slUAKrnuaSLF/ATTzIVxBtVWzxNB5LJs+QQiio=
- =vF+Y
- -----END PGP MESSAGE-----
- fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
- - created_at: "2025-07-20T18:28:14Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAz5uSgHG2iMJAQ//R8nCAozvpPk0xalyBdT7rmz5veN1JQmJ56MeNe2YjKVR
- h+VlisHyv2s/yblj0bghfK2Q5FsCqaEJu040XVjIh8TnmQSM9Ze3nso9Ey0ai+ba
- 42S/4cXQs7WH44n37qyrP6xQoZpFfahx02FuIudQWe4HYzkKBYsKh2izdiWy8ilK
- 8AKalfHapVilzmvVKIDXTFPfRLwXdvvqHQ4rX1lDXnaACjvvR/Xvc+G9pWTHhJbp
- EP9UOx5au/xXoRoqqLYgoMZmVdWOHHR+tehQIxX1GknC4qjEcBNpsPUCBHPbzP4V
- Lqeyi2w5ySxL7KVV3yJ2ftuZcCYQoiiH0FFrT4xUQ4MYdpCscv7goJ0S3XIw/5SM
- TQLgIO7NamKob8ib23LbukcZRVK1UJdd42oZkfZQ91JZg8mkH7WusEqSLdwrYi58
- 3HpO7danYAiymcZqjDCMqq2QngzIqfnjUGUFjECDDVzXaD4aChy7ariPKbJY2cSM
- q72QkDXPDH5awhRUG/wGVfg34YzM1wBREkjVna1KI71jlCTGJoSFNyJOm/FGxUp8
- KY8Vbd6rPT/bTKa4zr8xaDgMra06sD/19IOFeLYVIA6hRTQFvnid1KHflKmqf6wE
- 4DLxpBZ+htwlRSEQBgN9F+BdZV6AhSrsyPB3RTDvcX3/brsPM3qDzSpvnjA2PnLS
- XgFSRrF58OpmDVIBNJqhZwk3GJrfHMlJCAESbQhB2Vt2rjYEoJFIezl/+Pd3t6U1
- 4RZF9ztdreWLDTwaBd+Y/emSg5y/35bs79WUroFzLPHfKK2TvSv3kXwmD/agU20=
- =zN2U
- -----END PGP MESSAGE-----
- fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
- - created_at: "2025-07-20T18:28:14Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAw5vwmoEJHQ1AQ//YJRu7a84M4Aw4psDj4D1/lgFCP3Iuozn4uIrItau2sfB
- UxVHoUmpis4AETkG8m57JkP9x/uL0Rffg4/6dHeWIWBP5ivhPQYT+VhRuTzhXSm/
- MmkgYwjsjhKyMQQoqAoR3D9o2pP7xLojIk3nf3rCIaLTlI2JRepDpGfGJ6NuHYuY
- 3tL4c9aUth2S5Nyu2gptzIURtjj4zxvz2H6664WwhOFwGdw6DQFncTWSqCGcF23z
- z30yXUhl1/tN28GXKk+94/EFrrOTvmJCkKao7gQuG2kyyY6QmrbHrHB+roxL4B7L
- HAAL6YT+bf0HYhDTM3pQQiVkmgnmjn4TnwOID1pm0SH3uAYWrYUQqgHtvCzm0i4h
- kGPQW752BD9i0LwiENf9LPR3gbnWuYUu+Y2DZ1NcWnbJlrfwin0xzXALYYKW35ua
- 7LtfGcgn1qpvHcEGB6wcCXUwXOf3dxNZD04isnHnXbpIh2lnXhnlWQI81s3IuIMc
- HGnEi4/wiHNEVtAcvQ/pgfZJc9zgfPR/qJCHJKbLgni/GjJpBSPvd36FPGwfGKcC
- Q/Mvx5nycoNondF8wI0cVmkwhPCXGJ/Qbryd9LAZpJRIGcNBtkxFXm6IEaHdeaf6
- sQcrkhANjs4/dEsd61GTnVOMnGOqVHS88yUmgEZIHz9JyK8Zm2WtflSkGlgIXG/S
- XgGN/mFrC0v1oLQwAMrGq2nNrcOZD38uE7UidnN+MRgfz0h8nyS76q07mrlnqh3I
- h8wmb3iYgB4x1iSBR97uw+h9Uvpv0pc2oDv2CzKeG+5IcgVs9RCwt6mrRsgt5Xs=
- =a2xY
- -----END PGP MESSAGE-----
- fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
- - created_at: "2025-07-20T18:28:14Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DerEtaFuTeewSAQdASqL7jPR42Su2gfaIPR7d/yMSKLr7AAiUJMW7jz39A0sw
- 86w0HyFUh/fe5DY2VGhYg9Fw90I+tNnSPFxNjgEClosdUs6FBe43UvSxsNtUpg6O
- 0l4BqTuQX4R+nTQ1f676JRT6xIoyO+N1NMq7BAWOxrkte4nCAwPjzK12Xo4IwNCD
- /hzfJTdYonnihE6AXe9eoURWa71j0ZpVn7G+m44e8j8vXk6Ep0AI9gtYqXo3EQ3A
- =KlAv
- -----END PGP MESSAGE-----
- fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912
- - created_at: "2025-07-20T18:28:14Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAxjNhCKPP69fAQ//YBuWhGfl/V6GvA3J8DvySqzKGDMgnfxh+LTeRBmeEDui
- fPh9MOqg9hOUEYjmJMh1WH5G3OI8e886SKZp0YN+A36C8Z7xwRnxeO9dbtFRt6F/
- bgb6RRvZMYdbu/vgJs4OhbL73BhGPbAs4+DRtrmz+Gbrn3Sm0BaJ63zmIzahImqi
- 4o9abLPBrB2JJPqTHo5F5PnruhLLsaSqQ+uuTrDrwBpwmPQmPD+K8/T4yWgvcAfs
- 8bEtUmRQ7G1GM79nGhdK6IQYCGAn0WE3TAOLJvUxEiv+9hYO0YSYuefR4AivyzQ1
- wmO7qWlqY/hJzylaXEtIyYVfN4F3YtkZwN3wSx6UHg+d5814aUPCLCi7ftdMvwJX
- y5n72Hd1qrIIu38MEG+Z+2Z36KKv8ViK0aKG/6BBBw0BpQDktMHJInpaG3LJUCjt
- 3ayajKQWl4t8g3jnmwhXrLZf8JFbmGyzjRq/GqOhlJLvh8W451xlI/jPJZcY2oVG
- 4jd0x6zkG31fIHJ41qOs+2fJaeh3WUHv2jAgISuqbEoEct+3EzXj7VNSGM1uB8oB
- 9pUP1AcoWViHhhVrbnr+aqhyQDiytID0tf+Fvddpbgm2ECDTWeGuIrzoPcYYC19k
- 5PuNQP5u9W/zHKOLXSxs/wTpoUr55OLBxd4l/gUTq4mCZ/1YFqSDUNrR28hfWKrS
- XgGwy3VspQj1GzFz9zJ44S/tKBI5bRQSslZfOgv226p/XdBLleoagltdHEeFdbJ8
- wuPyOzxqWa3U/iBF+ANHjz4VIzKtObFBf4R4X8hYXSXkbko1k7W8nD/hziP0CTI=
- =lsaG
- -----END PGP MESSAGE-----
- fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
- - created_at: "2025-07-20T18:28:14Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA1Hthzn+T1OoAQ//XZAHFWGJZL5FxHtR+9Q+Mfv+1XYsiEii7TJPFibcNB/X
- YDxbuJ84jmueCqCLX67ISVPBYk4rIA7qk6+qWxAqJqbOFVOq7ZXZOIZqVkViD1Wt
- GBRq44yT9HFxi60YN/2c9smUQoxMus5VXNUzRUxJiocEFjD3r2QWaE89KDj+gac7
- 7xO/zoqV3msfZe31qmVD3sqk+EtfKTxmkHXtSstl3fZJGak4RPUwu0MMYwzbui+H
- q05coDVRgum4kpUSJbK63S58/QkWYGBkNg66r4eXJlg+Hb7SAfS/Sn4X0xJuflmx
- OKgl6Z0ds1XsoZN1S9j2/DT6NhlV+5ZoibEyQYLbOIQz74aRt+IRaAX4oTG1UO0p
- in4OYtsI+wOnSfP60JW5lF9JUHaOaCDzxWaFyeYpw9ymMyfUL6cFDiMvKQPTONXY
- DOKVH7ejCbsX3kq/tWr1glBMeb+5AjQsrkflG5oWbVNmSfGPQXxh8HDDr7zkwdHa
- AeNqN+b4kh1HPBohyrocyjXQcRjD3Y+j+HWQIfXFmoNMRWGATM83s8JQoTab9iO3
- S/68vFvfHYw2ijjTBV4giR8Ch3TPh20O01/UK1FbjQmrwWM7Z0WWN2SY0mN3wBdS
- jTJPuXW2v84dZPUE1lWtvedaT1VLUI/9x51iXYlHH5obQSRA5Fli1zFXwXEagbzS
- XgFMiyXksg42jTdT1UcPrptCeSoiQ5nBXcKfEf6d9PAu75u/MvnVaCDFO/vGwwRd
- MyEx54Lpmsh13tXh4NmVW3Pcy0x/4Budu9SS43mBqDkjOcsXWd9jmlPK74+QuIs=
- =R/9b
- -----END PGP MESSAGE-----
- fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
- - created_at: "2025-07-20T18:28:14Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA46L6MuPqfJqAQ//e089t5UfnD35fbHpRGNboywPjwRxvfAb4qFxZZ2gJ0C/
- lLGgL3R1vDFzJyRJegPBVpYJC4Yx//wN9kyq2sqCWe+ePrtw7f+xNotzmd1UW1tM
- mLBSIt7o9JIGWQ2u23u5khKalL1OYzgb/mezGOsvvz/VqGyJbkm7wpy8FZn3408c
- d+IiZiMzh+wxaS1CspPwusVy3vNL7/OtA8jiwv+wM0QKsF+BgfUAEU+Le16CE0AW
- kbY6Pkymo8mql+gfBOslSM6B3Tn72RjRxez326Us82qKWU/bCcUcCyoL4Ddv5/Nk
- SKc0WKWGcQ39XiBuTssModlTGonihi+BqxKlvKT/QAYYroRMC7vFNYqG7inn3c0N
- cShjYV+zJPNdlXeiz/ZMs5TpECBIcMEBaLMBAJHkLLjb7PVH88BZIcQ5/odpyOGs
- pXqQ6pnIJjg1XlqeEnHRP6WtSZu4U0wtuaxNWNw0CnsGg/meTCKevlzN4OpuoGLK
- 4/2vsUzOk6Lq5CwNtG6rg8XhMhb9S869PJOqKIopSCjklcU08SfxwcUZiBKLyhG3
- oNHT59qbSq3CtIoap+VcpnqmpLiLAhUXoc47ISCd3RP2B7LE7j1Ls3OIESKnl6d4
- mvElwAUQE2qtWRr0I6ypW0M2Nf+axY6HpQqTwE4nRBDA0+ZN/Y9LZHW8OEZ8sGPS
- XgE1SvXOZsJfR1r4ndxQf2SmahezpSqrO1TT2oz5pVBQ/YnmAp9awZ0B2wEmw1vt
- am/9MrBKCXjmMHwa87l6BaqwvnCUPRa9HBwVkGhvCvLAcP8odmhmgjUT0TErkFk=
- =c/aN
- -----END PGP MESSAGE-----
- fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
- - created_at: "2025-07-20T18:28:14Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA4EEKdYEzV0pAQ/+Ojy06RopB8cWxcVn9AXbgX7LA00vUVkbOl7yo0hVXZbo
- jY/vvbtd5ju+ggtn9F0H+vunV1ulJidMy4C81wfofoy68Iqok9u5g7JNxK+5k/5u
- 3xfz1v15Ino5baSbBKsf5fTDtZkBUOPiYTXJNtIf6RexTaLlveqw7JamSZF7YY0q
- pRaxx5XZBY4QBoWliIhuzr0pPSPSM2gBxG4PNOXwEwfVJSJVZKulyDVtUhT0DorG
- JAw9qqS/WcyQ905SY+YZV4jlvf9VNRIWjw3Zql2o9IK+MzX7ot7R+E+03k6Pr6kQ
- m1SagYKaQXwpViAa5w28X7hIX41Umu6aeEgCi0Piw7cReXxLSDrLVPSaIqT2LSfv
- ov09IravRf62rp0axeouUZNTNb/lSWX7T4zv9T9J4m3Pu0sEPB877BPzcJxLCTsg
- 9VOIXbZe459Vay4GbVC2Y+8aSbC4HIrReXIlkfPOy9gCSpN9SMMqRlU5Eidmz9md
- HlUzeJfGQs/9ZLiEMS7Qk1Ns4U5own8qmf5Q0m7E9Ho7LcV/XZhVk9LO9LzufzId
- qoC9r2apZjSLrvAzNU7lVmCbniK0LZ2GhGeSD4mDs2CcSo9Lxwj8Zas+J87vph4T
- js0FW7f5cr6PQLfq2wwTtK6PSYmXMM0M3AQ+EGwzFvc5aD9dp45Jbq4Tey+xVqfS
- XgG/zmZZnCgHYBqN5zMld1/qleWJpJFxF4pT14fKAioBUUILrAgo+X8Ikz6llDSI
- 1byxlPT9q3NgkjrdkegYMIg9rCYNflX54jRfeOgenlMjPzZB2KbdPE7wFmHWl10=
- =bKcs
- -----END PGP MESSAGE-----
- fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
- - created_at: "2025-07-20T18:28:14Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DQrf1tCqiJxoSAQdAXBiU//ksELwICDAN/c+pT/ujVFTVZ02nCKoGcgtMKVMw
- lRcegt+kGVNPIx0h9JstIuLHO44/q6V2yKgsetC/NyCkSJ5tulfpuUnQWUP7rCjK
- 0l4B3+ttuIDbAdJ/IidXZIXBlHh84OQDZCz/La8Q1PZm2LFihKCWtmyp2SA2hruX
- 1KrzJYRrp5pBGPgga0V75FfFcZrbtyypESDoj0cyRtGnh5TJSB0pMi4RAlhow7k3
- =nE2w
- -----END PGP MESSAGE-----
- fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
- - created_at: "2025-07-20T18:28:14Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DzAGzViGx4qcSAQdAuaqVtpUu32jS7+N6XAZgiiO9YZccwXlyVrdtBD0Yhh8w
- ieJT+Cel69Ewax4TsMmBhNLGchI+XIGsbGymSjEpXxj48gkW/z/bRwhJddPb3kFz
- 0lgBSKVyrRVaG3oRmSBVYrK/RovA+GUoatm1z4eD3twxVKFS9DcPjks51MrAuZ5t
- WqV7WAhxXQ/jOAFyNzpV+qWs6hZKotzCc1CUc11ov8Mag0zDnuvMKH3V
- =+xgp
- -----END PGP MESSAGE-----
- fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
- - created_at: "2025-07-20T18:28:14Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA2pVdGTIrZI+AQ//UASU3R7l9DtANEukI5MMmxq/voPtDxTprhGhdtvg3RQZ
- OD3cfxbNbUypBlPh/CAPpwbmWLeW7ooGPKvkohpDMYb42iyL+MQCVq/dIbMrYcJt
- y4Aof+uUJVmeJhPcYj7RDZULjPOvYrk8ONp17BQICy3t2hthcWwF2xvX6x8hzYUR
- lPA3Gle2E1VQM+nbT6pkwPGT5mFWlrdGHbm+PpL/nuMGsuUe+VXsXTfZSzKoXEtK
- uPIxQBk3dzOo0T2FkpjlZOli83cTFbWi870VyR9ZjxEoXK4xXi+5WmutaRb+J4ya
- 3JmWVUTMkVyYozjXBuCVSqpti0tM3c4aGkLhdYDgMl7VCUJQer+K/7pzEhYxRl7m
- KjkTNMESdSr/F/6u0ewRTWdeyj5Vtsz9BOHiNpESxS7bP4kiXd6UrxpxisgiiIpK
- R2wnPviWUti0Iu9FDzT3m3jxlT+Ku9oiVXXvDnjiN3u6129yhlobPJbRn/OHR6QT
- 4czHAJEXEdzG/TVytjRqnPVd8UpfizXte0Ul0awtAFKbC0lgFwQj68b7CN7vc1Er
- EmnS/7IO4aLxGoErdKUDZAZElF/ubQNeh9rDfcAX8lWsCVzQQ43xBkVSBmgjF+qX
- a/i5U5yLwNs9SlPo16cfSMd5AWJjT65Sp4UKFz5yyfwunIBRnZsgEkBw0FgoUorS
- XgH7jq6XOsaVhtljrGFEXgK1i0aeqaj8kEx16U3bM5v4rSmDNSrPSRzvFQ6+fGYs
- Nk5Yqfvz7BhR6DJB6DyGXw+b8lWQLOr/pllC7yQagtH2PKYfebciPT8hXYlUfcI=
- =c/NG
- -----END PGP MESSAGE-----
- fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
- unencrypted_suffix: _unencrypted
- version: 3.9.4
diff --git a/inventories/chaosknoten/host_vars/zammad.sops.yaml b/inventories/chaosknoten/host_vars/zammad.sops.yaml
deleted file mode 100644
index a00ac6d..0000000
--- a/inventories/chaosknoten/host_vars/zammad.sops.yaml
+++ /dev/null
@@ -1,220 +0,0 @@
-secret__zammad_db_password: ENC[AES256_GCM,data:ThtJngNvMc817rvbjMjjbnp1tBlXPdAg,iv:GcQHc7p5jFcyxpTcYsUOA8PvD1Qy5HxVZXHcAuL19Uk=,tag:UjVxYkU26/zkBL1eKDfreQ==,type:str]
-sops:
- lastmodified: "2025-05-04T14:11:05Z"
- mac: ENC[AES256_GCM,data:GNOhRrJkLTjovRO2cZgeiRcqB3TE2sWxD220Z8GynoUV4pWS20vOKvaqwxU9seuD5Msxd05JzLRVTCtP4La6HVSgDekoVYKz3SLmdT2Hev+fscmfr0uojRi/5f+eCqGMBEy8Xs2Y7AzIC60iHqX4VBBn6FgkJuTyS50qn1akoGI=,iv:EIjJbb0adELCNBoRsdjsVvN19v4rKCiVmxcCAcnY7QY=,tag:GzqchqorbDN33+SfspGT4g==,type:str]
- pgp:
- - created_at: "2025-07-20T18:28:15Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAxK/JaB2/SdtAQ//adiHGDXIz24INvZMytpnO1LF74Xfg6Y7g4namdypRQO4
- fWgaF5dFCEMr8WGbjuk0OXDzUnkAgVtjTSkhZn6TBMgLlUzDabRsG9HYdUeB2abG
- q2gwyybBUnbKhetJXdcbEXFlQYWdRhv30GWAI/E/qLUdhhy6v6KON7ZHR+2UB/ob
- IlPI02h/q3MDlaa5QObVgttz5OLYRS0v66DVTNTHL5qydnLNjAOOu5v5WNDHL/wI
- CvPhnZ2bwiIK/A4XQxGCQQUo1uMSX2CkNkmg3rXK+E9n+kgj8yKmKLm2ckYd6f+z
- VOiiKVHJT9M5LDTdzITYu93jrHsYqZDdOBBjk/MVEGHoQ3k1Wmo2ndh92W45eEdR
- wpRGkrggpV/Nanil3rEImWOFee+Yhhhw++l7QCF4vQQ0OeGbPM2Gtt6ggnxnKXtT
- E22C76DF1Ouljjo56r4G/P9njSN/yJyEpiz0IWytGEGhiVgqMnXdxduNegdLQI6t
- FFVIaFz52Q4/oGISbWuvLvlDzNg0XQE+/KNUfDiqj9O0D//UW7+bs337XMfo06Db
- eofYq1+uY0c++CBqlBTUW7RAKf4ik80DLy650pMWryOKWU+e49O2wyPl15ZhR1Cw
- AdVmL4u4rWYQ5bWUKd1KMBzrF6z9Ijz6xWe8I1JXg0Fw21kqk5qAhvm3Ry05O3vS
- XAGk36zIDvIa5oUx5U/hbT4pTiB/rT5PDiFjFrb7V5JVQL02CC7uxqWXk4ioYfGC
- DwmygqUzPTr1x/KexvtNVRmCv5kQWmzf6j8Egt0CtSYi2m7JSaVpheM0H79W
- =csYx
- -----END PGP MESSAGE-----
- fp: EF643F59E008414882232C78FFA8331EEB7D6B70
- - created_at: "2025-07-20T18:28:15Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA6EyPtWBEI+2AQ/+JoUZC+RkuWmPEIPj3PJkyYBVHaX20gY8jHf6BvUCjoRQ
- 8rwhXohbPFbxiJN9bdWdLxuG9tRgg1lQcK4+Q/bq5sQIVCAft0Ulu26BKN+dC8Ka
- qv2+7aHws2fe1v7cCv9e4dNkiWTlfu2RHJw00qalxfwOCCrSQfOzx1jCm4xnqreU
- LHnzhencBzaYirMMv7J8kzUSlxTHjb4OzV1Dd2Rth8YNZNGGibw9wnJAr4ZTOZjr
- PdjN2q8FvX7/xOb0l9hQ++Xx4+iIkyD+WnvlrI7aPZJn1GP1psYIj/n6otIWcsrk
- LOmDhvhq6GFMht0ejDyZlNA7ls/JB6WQ4sx4pWF8MGycuh89HZJp/jfPtgob+9Db
- Kq/uWElypzNoMIxw8F4TKSs0w3vYV95tPtzxcOJew3Gs0FP8MbyWhU8rjHXG8Njj
- Y+KjEVlekl6TZLMdh0lewyQxww83MQLR106iw7kD/iAlgZqnsEcZ1IkCTrD0drKU
- +7AyFT2lYQmT+3h2KaIrWnBq28EIKdf0SQ7Ap1w2XlaNz3BFIDrjvfH0Y+NCEkH9
- CKOaIowUyosMO/liQYWmxkJCUsSFEIjHypVKCwP47NeE6JRRpXLE89OgBRpuz27X
- xKQmRonQlCvRMOCKr0s/HulQ4wAc0vK6H2BNqBevCDQQOUwG6Xg9I1aFV54OGxnS
- XAHy2dhsIXkbvUsnNVynbyw2YaktTKc09Obfu7t1e5AH4DWC0YbRdSHE9LPRq+Pe
- 88q6vRz0Wvl6B0iqvzF+ckV5//Mm2bBAzdfCC0HGyriV45FkFwlCP5gh1sRY
- =uziZ
- -----END PGP MESSAGE-----
- fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
- - created_at: "2025-07-20T18:28:15Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAz5uSgHG2iMJARAAlY46gigcH73HsaXyUCKr50AVUw82V2x/roiGRkEd60Eh
- x/qZzS45jYC8ngpXCusW5UuVcKjfwwoPUSlDU6XYWi6UCQJN3X+AskG8xAx8d/PM
- vsgy31LKqD87k9x2um7MgD4MUuKvUzrXyxNpN/fUveXZapzOLSEOWyA0qyB9SkAf
- BMuI9NY84WtxzV/C2QWBCoZxAwsexBow95gFybDiqubZZnGQ34sU0M+Kfmuxpwdn
- t8AOX+3t61jiU1Vq6ccGhcFHjiSUbb3LAGb/WPzzjyrsk0beMmWDnguLu/xuFFaU
- /J2CcPtF7GfJlnwSalB2VVZa4Dmoo7Jp7j+lTVkOf/KTZQqRS0cNr4bF/qdIo3PL
- BMxyOQwSoU2qpjc4yyczjNJLaYi3bwTlHmO2JQw+fus8bzvC3JO+ZywGcQG+Qc9D
- e/Ajk7r2wnOPy73EvBdlMyL3n4YiCLW0uedtP+dVloa1JZtuI0yYcm+Sitzez/As
- U+5zgjVwIIIrbx6Sd2rOG3ffZiweFPO1oWh6QotGyIwaN7ub4bLbjZ4IPEOBFstF
- 5knYUvI3i/eIV0VYv6+9mzNHmNrICzVHJrdu7k4t/l89APb2RJQYXbyyPXJYXGEJ
- nFtEbPpGaZFdgkbx/51vLRQPr6NATjO0XucfpUlPBmITzm23UNWQZmnwiPQurCbS
- XAECbK3k3oFFF+IFrday4yH+bsEBJmb1fZqgNXUfKYi54/e9vvS+h9ZiYeUat6e2
- eunbb8DpLWvoTXbCIdjd1X6ewiRk8HVCW1//hKqZm+q9pq+1qtp6GXrccigY
- =keIA
- -----END PGP MESSAGE-----
- fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
- - created_at: "2025-07-20T18:28:15Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAw5vwmoEJHQ1AQ/+ILCiAWOp+/M8fEmyj1HMIU7eEh9zZJxlVAJtNCs8vBqq
- N5nyV2oHGf7s5N1NcGyYYaPEj9A+fTBGsQGNH9vuxdsAv1TzOjCfuJoTaJbS5mGr
- w0JwUEi8pFMNrf/IPbFlDTpyOKVFjNJM22hkAU27S2UuL7O29nXkULBRNMChdIJn
- 8+9LSPdbrV/ZzNisRvf9UBHN9TCkrUgTxPC/H0IKMFfniAr+O+Tz8jHPIMHYcQTi
- 8GcYJBXz9q+oKEGGEoAp6mLGR+qS39aQk9nWMekEAFvxdKrNqNplXRnO7b6UrYNo
- ZJuNL8rnb39/tZbTay2+rLWTFrjtaMye0MrMSWF3iYLMMsOiN+AO2e9ij3tRRdrr
- S7bO9Z4UUI1et9qlZ7zAPCIMCjzGeY6lCXaQzdV3MRKLW7gUDD0ZAMwHzugQ2NYM
- VWEGkn+i9FmQJnF9fMQ+rmbKfprgjEw4ihxux7Sk46pu9THBvz1Tk/oXIVNBaMMV
- j8HNbXJSvq8qtBBBpEIvyhkIINYsSxNuQl186CxAkxLKLqXmtmdemYRRCrrhi7C0
- IP2G//QQgmMG+G0TS9xtpbP4v4sb2sl+90ivMaEOFrkBl7EZ14dHt/xVRchbx6fu
- 1S1aNo90fFVBd07WJTbRBlWqLPm/tDXgXwaXCzUzxXsushArhV67wgThhkZKHbDS
- XAEyJxt0Fi8J29aLfcozFGYyoCouFlWCpO98AX7PL4RRogiClWBsKlZs00t4NsLp
- 17Z9+oUR2tMC0GDJJo2KpUShrmhgcVRatxZr+SbtpiTYVLlDludGY2f+tfco
- =6cs2
- -----END PGP MESSAGE-----
- fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
- - created_at: "2025-07-20T18:28:15Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DerEtaFuTeewSAQdAt0jnb3zKN+/BVpWpm3R9XJuyGmu5fMPFfLGrjex3VT0w
- JVs7elFZRTtTI3dRiIgTMnP0FIYu8Kwhr0OjjmnBScfWmu9Tc+wwEbCra9U62Xmf
- 0lwB138WLDEtAjBIkqHgoEnGafwEqIAxFotbOfTffcSQU8xr11qSuDkPDEhY0zws
- XXpGyCTDGFWOH4l/+OZIp4TFAjyMWwfV22/cnEyz7JOlF0syYSnxYmj3Cn45qQ==
- =MFpS
- -----END PGP MESSAGE-----
- fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912
- - created_at: "2025-07-20T18:28:15Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAxjNhCKPP69fAQ/+MdxFZ8vm8EqCdNHGUSSQLAzZqvZNPR7PWErLimJwYQKo
- JeYngZWNEJShYQSyFeVsunnOH57ZCWHIsvW1CRsueO8tVj0StR9RPm4uzPRjW63j
- SYjbd8sCB1jwdOH+bfFP9gbQXB41PxYqFmM7rpnQKUkV+ExToGO+VVGHz4jf3Wio
- XYskX0bsSp9L+2rGCJMOS2N/7NmiFliIN55pK8s5DTkvLVezo1z0kdpeey6zrmHH
- WCQb5CdBlZyRF8xwidEpZyoeJcbvx3OmwkeM78hY12eLoNUUqUoKnB153EHX9A/N
- OCT1vvrbHpUnwhb5qW5JcAJyuV3Vhwo3/cmmInX7smnCfKwwbZdwavuP8cIkv20R
- Z0Z0oUp81Oho+C7cp0KKe4iU4dkCfLFsfM93nXvvKFheiPCVCfWl3aT2BvAmqm++
- UpiUeIjCjsyuFwhZRE8st21/GtYfiFF/RMU30UlrtVTn5T31+16Zalbwbsy+syCv
- 62ZkVCMRc6mGlcUZ+jj3F8v4afy2CKd9KGRWgOa6SzMNTRL4mA//UvpOIJG+FbBU
- QycKvXGFsz28HvIDfDgwPr0ZjowAmmSdNUTqPEZ22PS2r/qHOOsDwkJv4CGuyKuX
- Y7YFAEnnzu6Kak9IcHnVAz/KS6w0FMFWENz6irFNNfcnp0JvYty8AXkLdG1FbdXS
- XAGz3xQ2kKzb5VTsbakd+MTFccn+B+/FOCnEhkZPL6l1K5AmU12kwIRVKYjwNbGW
- Z5K2y1XI5YpaHtWQXk+z56/olkEluKNB9yqEVNCGIZ4X5DzZgf2K/JsEpo+q
- =AiTT
- -----END PGP MESSAGE-----
- fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
- - created_at: "2025-07-20T18:28:15Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA1Hthzn+T1OoARAAsw9RZx4oRDPdBZtoLBpTyUbyT8iILC/z79D7742MvYwg
- X8sqgt0GKVocenn0qcJRa6z4PHRGK0Y9pepmkUthUnzz9NyfLL7hTCzummcTGwsN
- eJKuAX6jkfoMTB1yr4B4Ex164oabT6STelTr0fBASBZtn5+GHxa2euQnAhg7JO5l
- gexBd1mDABCZiwyCtVH7Fex1c2qFu7nK3bn+eiRvgjBEJdLIA1QKEZIIdcrOL5Eo
- JUlvT6g52XvwvHBVjTxPVow83Ewy+Bgg4BY/kJsDZrA/h/hwE+U+kkYwuOzGsKIx
- k9V13hcQjluJZMznaljrVC5K02AUcb4V61zisn8ve/2hV+3PURCODbBnT/fp4Lfa
- 7d+uXe4pVLIVrY+0oJznvD3Bvog+o+lIdBvB0MEN4XFQ+IOTBUPNAzUpgzseHN9J
- vMrJG/xEQY2P2Yk6oIlAuv+PNYCN29b4WzKMAKtSsxcQGKpFuQjXF0j6BQJ9rWeC
- 5iZu5UKUOW92LZJPl7HpS5zSMjimjdd5fMfTp5urI1+rksZ7vRbMT3t+61y5lfNT
- jxR4M2KCC2W69Et/Kr4MUjPMYKLQEDPxSQD0+eSf+iy/3mnGXzw4fqoN6S2cEsAJ
- i1phH7WtQAgWlGYsPTQiYb9jlxOlN8FOZyruuwQ/9iWlJPVBuM8nmZfXH5+LvM7S
- XAGt5mqDbySHlqqFKDGbEasXYZufjE+3+R1VSnt/L9ADrwt6YTK4dC6t4qxPj5Bt
- GM45JUrRfpWgj/c6HlI+CooRxkkWOfrkKQl60hBCn6LB9u5PoIsRukzXyp0P
- =gL5h
- -----END PGP MESSAGE-----
- fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
- - created_at: "2025-07-20T18:28:15Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA46L6MuPqfJqAQ//cbkZwvDFw6IICbo+Yj2UQlakEbLrs5Uy0/4yC7Cwf/v1
- Xai2ETjCIQNtn6iPSIeBN/u/JaRA4KYyA3qxLrNJdamWOy0J0UuUE4Tia1tvy1fo
- VkwH3Hoku0BaLFaU3z3eLXl9rCv02cZHee/8yNSxIoIyH3EpBMpuyelBnpptEW2c
- gX93deWNB28KCNxPRT+b/0VMpnHq/LvxOGKmqqYw2ZSp2a640KaxPo6XFlELnrEU
- 7+1vrf0d2jGqbv/WIDbK4M1sKV4d07fdCreEfhxgRveWV+PutAM6PZTQ4jXB3Oa1
- kaA7BeDAkr6ZBIzykW/Jqh6xxh+Xa/t8C14i0z81F2V0eoBpbhBla+Y8Rt5sqmcB
- g4lHLZaVqqxiK60f4cI2xuNeZPNJImnTYIIsPBBIa0dv1eCQi/wUiZERHOn5F7/m
- YPHeWRbBqGPUYLALgsDU4IxLgF42ouYuGMgCLMhlnHL3P7cOhw+D30tlQW53jLs+
- Y5UsU6lv+Gs34O5R7WXpOeL6PADAs9j8kbTEv4UXpZ2gGYMBCMThcJ0PgR9ypkCk
- hebdpjRJssBTCcjzwncRXEzsd+jvXZrd1WqJgFALhEAIJjM5B6mmsky+3g5wPHSo
- KJ24yCP2OoS8UEce1RpoKHBqHvQRZKfHzZbWVUkOXoiJl3a/MRGoZzVKKvpzzsjS
- XAEgUl6lunwbTZyT0zHRjC5Vse0qc6ENIgSp5PEv/Aw14HOEjXYU+sTLUS85UDBe
- z4hqrRuYqjrKDVhoFsPUP7Wq5SIF/iTtrgOkbrl3hAAyLO9MZWE0hi2fFFS7
- =nBBD
- -----END PGP MESSAGE-----
- fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
- - created_at: "2025-07-20T18:28:15Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA4EEKdYEzV0pAQ/8C4yuL9dSIZ+5xd+tFFdIzYNrj8cDGpchHEFQPyOmWqEr
- DHCIh0zidqBfFBhYA6aRLXdt8/qILMd+sd/YVDx0Xp+t7vr5NixXGU5L07u32DRK
- sk/RD6ftYALp7UNLEVUrQV53zER1hvw/FZerKQaxW4Mf/5s1Ic5OllmTtJgXN+S2
- wFXkKHztpIk325pcyAuWw4L45aLOQsDCXGxtmujPSjuYDN9Cmk6Fzy57J5GL0yUw
- uXtKdo0/gRvc5mkOLOSknED0F/wDjHgLp+0X6ul60Z1y0L1zGQOP4TRpokTH9zF/
- XfL6U/fWG6tleneE6usqEhhh9x/mEv0jl+6yqeDaT+h2idXAyQj1ZGtSEZTnCQQr
- zO8Ww5JwBprhYTMkgEMqUkBzjHt2HvKUC5BHDCZRo4tV6MIwUHNmWpj8OWZIATsA
- qkjaG5dLKIR/y8kiAlFXdaLjZYLwQbvV9o/fV/OjJ1Immr64DWdA4vPxJusFx0+H
- 6GWQOqEW1QU2ua2iGjPuU96TxMpk4L5rUrSlPb7HFbMtSXJ98SUgELpX6cK5X1n9
- m7vORvs+2jH6BT9M7nzwDGqLKV0n8FGG5wssmpZkYWG5mHX3Xffl9rZ1KWiThNtb
- q5UzZgj1lrZXY4tuDh3tSHY6OtOEsvYAM/Co2cMOYltldBvBUjCIcfp5jMgkuivS
- XAGOdaWlLSI8WS0wo20hFMrQ6s6nl5lF7dDA5r15KDyCj7tRDoql34wtGHlcxHVp
- fbnvT+vnS8oYSna8pnwUKtBPgJjIQALi1g8u9iOcJcS/k3IjwtYbvTuZDqi8
- =hy1K
- -----END PGP MESSAGE-----
- fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
- - created_at: "2025-07-20T18:28:15Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DQrf1tCqiJxoSAQdARTwXkzDANboNyz6TgFouJT5Cn6wkJL8KzrMIdznBoSgw
- NuMU4tStbuCfiPYtWDIPCkIb1fN6QsbsFobdoiX3mmjAfZ8zemabizr79CxY9UJM
- 0lwBzJvszQdnz637vwhTPbKTNdn4rUYvthofHkyKhtPeM8+Lh1+a1kl7xCgjQ3QV
- 3vwR3HYI5aSpkVji1CME/OeN6yydrwRSmD4v0mpRVLz8Q4+jckn65YzfxqLrPg==
- =2PZw
- -----END PGP MESSAGE-----
- fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
- - created_at: "2025-07-20T18:28:15Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DzAGzViGx4qcSAQdAVvviZBDa021FiiyOf75HsZOjZeNACkwc4x+G7IqfUzsw
- hpC9jPCWXGLxdJ3ME8kXRnnVuK+mO6fP7j+mt+Qq/gnsOwE/tG9xAfgbeN8HtUF1
- 0lYBLhlYSYhrE1XLqxaOY417iX48SQlkn05otmLeDMnz8FVkrKTHPw5A8+NbJH+S
- /pUzq/YqYkz482UtIvT2NWxjjCFAq6CIoM3GG0QrWUjMXluTcI9+Fw==
- =AIdl
- -----END PGP MESSAGE-----
- fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
- - created_at: "2025-07-20T18:28:15Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA2pVdGTIrZI+ARAAurFFVEyyagsTeCAIJojju6tGOGo9YP/dnNGm2aCdl8+E
- AXlvrKFC2syOn+rHTCeseRxWRI0EdBYfGLH2BKKScBOlMK6VtgPV5h8ixqfRozRS
- HtlLinWxbhwz2+RcwXQ0i53BLWzv0royywkTIXEyhq0AqwF1LQU44CKzWRSCqpeZ
- 2alZWpzTJyqZoT+cus5PlZrvF+GnUbU9JOdZZKjIHKJ9X/Ol9N4H8euDViomKOw6
- UZVqDd1pejzgLwkokVgp+IBw0JwEPAd8Nz+6jFtE3wU+mblm1A1Cb8R0Iwd0DAUE
- L3GsJ9ZnNGvxxYMcC/bsBTfjL3Ywt6htCWBC13iX4w2+bwXtJ1/7s5nejTsASVfe
- LXJ/viuD9jixjCI9WNbpby/F8MUNv0k9tLTh56CzWJOxRqL+lIgrzXQmMUCkiWLR
- u76u4EUMvnbM2hZaNwAYQKTKNC1kOJIcphg4lV4oO6hJdZ+q0Mx69F/qBxYhMvfK
- M4R52beywk+bASQgbtSwysKJkwTXfP6bcJuOhkBwIiTfkx8qa3PmzhwQxwaufb0L
- xeE+zqaKKufz3h7FiHutIVfWXh9Q6SgoTh2XZix9QAnaQYw5aZWXh/eEIniKoeHP
- 97VPR7OUgVw10HpYVkuZlk5Ry/6oLqLPEp2ocIm5wJGP946mZkOd327/kXse0gXS
- XAEJO1jxqfgkPVPrrFRZ1xbR8CrW/BapF3ExOWmrNgZ733LGvyo272vK02HKN4iQ
- zIUMCpzE4vwRwHVcsd+8h6O2HIuVTbN6FdjVQuFA9dC4Jj7LfO7NILpP6TCh
- =TJSr
- -----END PGP MESSAGE-----
- fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
- unencrypted_suffix: _unencrypted
- version: 3.9.4
diff --git a/inventories/chaosknoten/hosts.yaml b/inventories/chaosknoten/hosts.yaml
index 93ea984..c164b0b 100644
--- a/inventories/chaosknoten/hosts.yaml
+++ b/inventories/chaosknoten/hosts.yaml
@@ -10,6 +10,10 @@ all:
ansible_host: cloud-intern.hamburg.ccc.de
ansible_user: chaos
ansible_ssh_common_args: -J ssh://chaos@public-reverse-proxy.hamburg.ccc.de
+ eh22-netbox:
+ ansible_host: eh22-netbox-intern.hamburg.ccc.de
+ ansible_user: chaos
+ ansible_ssh_common_args: -J ssh://chaos@public-reverse-proxy.hamburg.ccc.de
eh22-wiki:
ansible_host: eh22-wiki-intern.hamburg.ccc.de
ansible_user: chaos
@@ -51,6 +55,9 @@ all:
public-reverse-proxy:
ansible_host: public-reverse-proxy.hamburg.ccc.de
ansible_user: chaos
+ router:
+ ansible_host: router.hamburg.ccc.de
+ ansible_user: chaos
wiki:
ansible_host: wiki-intern.hamburg.ccc.de
ansible_user: chaos
@@ -59,10 +66,6 @@ all:
ansible_host: zammad-intern.hamburg.ccc.de
ansible_user: chaos
ansible_ssh_common_args: -J ssh://chaos@public-reverse-proxy.hamburg.ccc.de
- ntfy:
- ansible_host: ntfy-intern.hamburg.ccc.de
- ansible_user: chaos
- ansible_ssh_common_args: -J ssh://chaos@public-reverse-proxy.hamburg.ccc.de
hypervisors:
hosts:
chaosknoten:
@@ -70,6 +73,7 @@ base_config_hosts:
hosts:
ccchoir:
cloud:
+ eh22-netbox:
eh22-wiki:
grafana:
keycloak:
@@ -80,10 +84,10 @@ base_config_hosts:
pad:
pretalx:
public-reverse-proxy:
+ router:
tickets:
wiki:
zammad:
- ntfy:
docker_compose_hosts:
hosts:
ccchoir:
@@ -95,13 +99,13 @@ docker_compose_hosts:
pad:
pretalx:
zammad:
- ntfy:
nextcloud_hosts:
hosts:
cloud:
nginx_hosts:
hosts:
ccchoir:
+ eh22-netbox:
eh22-wiki:
grafana:
tickets:
@@ -115,13 +119,13 @@ nginx_hosts:
public-reverse-proxy:
wiki:
zammad:
- ntfy:
public_reverse_proxy_hosts:
hosts:
public-reverse-proxy:
certbot_hosts:
hosts:
ccchoir:
+ eh22-netbox:
eh22-wiki:
grafana:
tickets:
@@ -134,10 +138,10 @@ certbot_hosts:
pretalx:
wiki:
zammad:
- ntfy:
prometheus_node_exporter_hosts:
hosts:
ccchoir:
+ eh22-netbox:
eh22-wiki:
tickets:
keycloak:
@@ -150,6 +154,7 @@ prometheus_node_exporter_hosts:
infrastructure_authorized_keys_hosts:
hosts:
ccchoir:
+ eh22-netbox:
eh22-wiki:
grafana:
tickets:
@@ -160,23 +165,14 @@ infrastructure_authorized_keys_hosts:
pad:
pretalx:
public-reverse-proxy:
+ router:
wiki:
zammad:
- ntfy:
wiki_hosts:
hosts:
eh22-wiki:
wiki:
netbox_hosts:
hosts:
+ eh22-netbox:
netbox:
-proxmox_vm_template_hosts:
- hosts:
- chaosknoten:
-ansible_pull_hosts:
- hosts:
- netbox:
-alloy_hosts:
- hosts:
- grafana:
- ntfy:
diff --git a/inventories/z9/host_vars/dooris.sops.yaml b/inventories/z9/host_vars/dooris.sops.yaml
deleted file mode 100644
index b3e5c65..0000000
--- a/inventories/z9/host_vars/dooris.sops.yaml
+++ /dev/null
@@ -1,221 +0,0 @@
-secret__dooris_client_secret: ENC[AES256_GCM,data:v85gIBNH4s4j36crJ+Pb2lu2cdZpwz0xndHzBKZNGKg=,iv:Rlt6R7JMcHTAAVPiTtFaxqsWD8G5B9Ab3yqItYdFR+E=,tag:dlMHaxTMx3LgOzCsTLUdzw==,type:str]
-secret__dooris_ccujack_password: ENC[AES256_GCM,data:bHeftSA7eC1cSydBRumksRgw2v0=,iv:X/pfsvQPZREifGjHDGx8mVk2TDrlrRVb6MiAr01wI9o=,tag:ti//x7eDbheMG6Hsn2KBlg==,type:str]
-sops:
- lastmodified: "2025-05-29T13:28:08Z"
- mac: ENC[AES256_GCM,data:SkqMlgJBdM+CMLE/um7m8V0ni04Xi3S9GovNsADrws6VbSWTX+50oc6HtWl+Kj2XugLfp2XpVnlzggCiq3fePsdt1af2+ZfSCue1d+dexjo5Q/gvE/olKlmn6aj5qiosUsLgu7v2bCOIb9m9WiEhlQLKx1wGiqVNQDabiLOJV6E=,iv:NUUOcXtbg+xMHqthipKpRAWLTXda8rup4aCbbP8sVEg=,tag:wyh+hrZreOyT7uQQrghb7w==,type:str]
- pgp:
- - created_at: "2025-07-20T18:28:31Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAxK/JaB2/SdtARAAjD1i0lkwUFRgQuo0STOsM9N23W5LdKCuZJliGfVi/Sfo
- etQhafe+GsYLMmZy3zTC7JU6KIYB+wTPAn4abAMqrxUFFZ80ij/hcmdj1p/yrgO1
- XNZOd0PEX08RBd25GbIGLGYjvioutm3YDYdYlrR0pMhBvJl7apPLUHIFrmjlk+18
- W/ObOqDvUEXIrm9E3GSaMYrk9b4gI8wtA78Z7JOLRFelKxnnhBPkK+46RLGEo6lo
- 4QfN6mA3zp3oVg/dtznQrVtc7mbMvays6M32zRV+TQ/OB8ORqmsEB9lWTpjGgjzL
- nWWt6bQVLIEUdp8RKI4kwqOE9ZxTnNAO00cQ4ZmsccsVXuLGQmNeoBynjJrayWXT
- zQYpXh7mT2ovCh8TzPsnE3kPtQE7ISgtJxRaaX7KqW9iGq031Z6GW/j/zr1YPD/f
- Wve1Z2bkSzHMY2EjbWBMDcIN9JpqOrjRVa4ZJtp4+pcBU/uO0yXaWZLRL+EJIDgk
- 68CFGRYAmvEAfca7chv55gGiJWXPONRkDqix0y7Fk5pkfrll2xxkKPoDEU5pb73S
- qdHQTDRmrrX4C+c7rSi2Cpv7kk0/azO5bxakREv+vFsiHKkz5cBwz7blBss3jsAX
- 6lP+THKJSYDmgK0mU9CUaX6uvU766XS9lBZxp09ZY4lYeexS32ItXzfUTLsx6/bS
- XAE829ofDeJ8nGFxCPTbk6mgIJ5tIAAPVBNNzV4Yyb5Q6EKAETEWmnZi7LgkACKL
- pSAiQA+Khgy5DXGMnftFSA21KOsZKARhopFoajdnlSlUt3MZlEe0SjTIY4QD
- =2QJ5
- -----END PGP MESSAGE-----
- fp: EF643F59E008414882232C78FFA8331EEB7D6B70
- - created_at: "2025-07-20T18:28:31Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA6EyPtWBEI+2AQ//aMkP/gaXVNmbRWECzQUxsyVOfE3frnm6jxErV/re/uyv
- YWfMZVB0pWrOv/Nj2niQ7JQ663uf2w3d+YdyIAvfazAW7ZA7eQ5dfMj9tOPimofa
- 2ciVCdsqDuKxkmR6Ns7MzKk6exdnzt5IEnIJrtekZJ6Q56zkYFhxGjvPKaNRa1N9
- nvVVgp6ovqAA2JZFyT2ay0AxqTWlZF6BsO+uEqub8NSRmuJCmbKvQgfbmI0acqAE
- DanFRY5k2ACxed30OSBslvFUmcMGigB0Wv0SvXtqCUmEU061ZcknZgECujoYysYn
- Z1txLQEWSFjm6rOCxdKwqRf9DOjB5aM85NOs87jQy1+nZj31+dezEJ+701ROVOCN
- hQCQVGqzJYEOwYRDMjtf2fZjc+d/smWv0FijJleWHBB3CEvMZBSHCZaC2n3/jtFK
- mRwi5yZDizxGqq3kvDiU/9l/jMUPL7u716o7Gj6Y6AN7QgYjQjmUiXG8DvqMiNQX
- eFX2PLjvmDprao8unnJ+Gj3NgwQgXkFJm/jmTjVwX41V1W8n+ayTy3MdaXaa/bYJ
- uXXVWDKijRpl1ewqu6A6K9ARbPGmKmUuNIQzhgwav1c3VvQHuO91OoFz5rX/m9cM
- iY36OTPiRsNnrNuoqa6aXSDoMZoOd+KCkIo9Z9HV0NiKVH4oerBE9qXxvdCB3nLS
- XAGnBTYLEVjMXiWtZxRFXpYD5FUUNjsGWsN2nO/eqPv1FVAjECfiacFWUxu3kXxW
- ZCr/WP+vDbexsPPxKNwV4oBO4t4r5miov6mfWnil4mWmvrOvANi29ptQMRKw
- =3Lex
- -----END PGP MESSAGE-----
- fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
- - created_at: "2025-07-20T18:28:31Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAz5uSgHG2iMJAQ//WXDYfzt+mSWfgpKU7MSoU9B+VuO6C4g6FNuAXVFUcblZ
- 7JOlw0Sikvo7cPm/a2keRTGsimFvf0/BFelGdSmJBizdKE66eAc/KvXfV2RCGLVl
- GyBJkSeAOtQvfscyJaDjCxS57E3PtyaRGaWERUJ8mdvs46gfrdrMLjnF+fHSfOOb
- BddoGlHwGgqRmPu6jLbv+U19+SuNhI7W0Burl2JQ/vQYxvoc2H0e/r0wGOAX07sH
- vqnsYwHMAGgaeyKV+Hz29FAqzcT/svc3P6DR3BjDgDHB6fd0jTSVUvwvzZ4MPC3z
- lg4DZjr6V13JFvUZpQ9xi9I38DgEOpqG8jdK7XZ1U7xMfKBW+ZLH8YgB8SvJLHK9
- H7MOLcRpdeXtWgw/S8HQXUaaOUuV/Lxid+W1Q3WDofqwJYCrEY3JdLFBVvgETxvS
- 2wckmlBdEEUiCzt4sX1XfanwJwQuPw6NDYYxYsLe2LoFYaiM27wzgjIn6av4m4nT
- SRD3RIdcLpOJDlh713ZubfvoPn4PFKWQH4rRnIbnwI143GjvxInuwBSoRS3yPfv/
- GwmW1Qp3voVRgN0lwdoA/ruydYBy0MOcSDDCVm6d2ejE+QdnDLakqKcyK7NB/GNO
- Dvg73oNCSFmM7hj3M99X25GeJlte0pEK+/ZuYO0vRa7JCPAWzYluzg1eRpcCVqTS
- XAE0c/M1Orkjx2u9YGbEYNEmMAO4g0xgRVJmJPoYex1ZrAasgiXw/KHpPzfen9Wk
- QSsH1K6Xudf5U/4Etjqnctjh9ZgPEMmFe0iPbD1FEz9Lzy1vo49ai6+U/rnA
- =MyFz
- -----END PGP MESSAGE-----
- fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
- - created_at: "2025-07-20T18:28:31Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAw5vwmoEJHQ1AQ//X8MbQzTrRC2iBk8ioKdLRerWtPXEDZnS0t33MnMb8NSe
- jEUb+nlixr0BFK9U6lpF6xpLwAKP2WAzwQjAF0LZp6v5Tn0KJws6MuU73eOlfiXJ
- 00lDe80/UpGptmgJzXoCxIPpWA8jn411ZYaHYzKjDI5DWxacwLWJ81LoQ554t6Os
- y++haXs7zHKyuVlFOSEJtuDQ7I1BI8kJ3h8Pk0PJZ0pDy5+CgbGJ57OBdOGL+JiM
- x+3qitjVdDgtBql969IjZsrU5wlbNoBySvj/pfJTjCw9xifK+L8X6KOJObUa0Ny7
- 2ykINNFIorbgrdW0PGwieUOaxh6/Kp74pS0swBrV+XcsgwLCuHRiW/3SlFpJkbSq
- mnJgO71rSL1fWO4woGCjJOgkJ07xIlK0GrX9fzngBRUQzrFu3cO0EAtuq0d0WKwI
- SIiwV52YQixiLyKOSOMRmfuwFziuhULGC5wgtc1Q3C7tGNmmFsahGIpKfR1lxxb5
- zsNXkc54EZ+Oj/w6bJn04FoiQh3lr5Osvh8CfFUdXcNogMesY9Q1b5oQ758BQAUd
- RKIwL3Drs+dlZaXJo18NMYuG1WQl3ZHXfXjVDqiJMPPVPqkizQC2QJGGYXuRJj1r
- DMXbew50XUNTKcOYjrxaZzWTmzN9AiJt5utL7YHcg0Loaq9tUiSJxNSYT5hi/nPS
- XAFA3pn89D+Io5Lqznif1FzL9Bp3/3cWfTFtJl+WPE74InDusLNMp7q7ZnQdvRb+
- GLPgrEUR58KeCG7c4j0lI0zMpcCySykWqn+lqzihx7tOzb/A/fbxV+qlYo17
- =/na3
- -----END PGP MESSAGE-----
- fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
- - created_at: "2025-07-20T18:28:31Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DerEtaFuTeewSAQdAu5t9lSFJ9cRNRTTXH4ix+9jZ51eg4iqw355QQ/IlVwgw
- N757g11ymjjHHflK/W/X10BUWHjoAmFYyMCkJaTKL5k6Nn60sNF/3hMd9lRmh34g
- 0lwBl1flz80tjLXkCK2xie5fc76tcLIb+tXj7/hvM1WM3oPHAOS1/nZY9stLw98g
- yHFwV+g84tL2kxYcFcdF0uck2/akvHYarGVmW+ql9yY4elTEHYl3UrZOG+YlMw==
- =QxJA
- -----END PGP MESSAGE-----
- fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912
- - created_at: "2025-07-20T18:28:31Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAxjNhCKPP69fAQ/+IWGcOQ49WwlWlHwkQNmJn2mJItPtyEN7WnifbjDPOKZe
- fQuh2Qr5UfJth3WRymL734QveVdNLhR6exyi8pC6g94S++KrZa08AlDMvZUQriKu
- t4nDlce7wJxlvkAjbOV1rYj1o3ea6iHSNOUcvaA4gHOAG2EdLP7VKnofacoKWYkE
- Q8dic+NHVHJlNKkx+TRYX5GyKhEcJouqmj3s3jX4MOzOKqvSb2vgwT9zZsASAtqL
- 2P6Jz4tuX7YJS7xEoKCpA/R6y3UAtpEe/qokbGa18jDDwiiojDUWGr4SIp6T+zAn
- yCC90P1+9hZLVtCCJVka9MLn9AvGufxqt/d9lJi9u3GdAdgwGA5madXKqmppquI+
- xCbuWUY9EFWAK+F6R9+za722juYCgPCrke37bNF02NfD+fonW++uQmRJiDCmJ/ab
- FEPsb6CMvlIk1h94skTNwJuLm63s6nGSrVChTmz21gn98OELxcDDav/Am4okBlpM
- dUd4nAZbla3xUu8mDWhYVufnXeUaVy0mPh1oN6LqxMAIFgrFrdzNFQiLzXGzjeO5
- hkZnF4OLzNSTx6OIaSaTG9eFNEldkanWK5uaD79iiJ6HpDBOxIKK76d/IlkSWEo5
- IMzYgT3J6LvuCBIp7jqq3xluarYm3jVL74iJeKd7YrmEJmH44whZzFqLFwXPRhzS
- XAH8HQ4Z5Y7UO5V4XYV6LzI8nJzNLMpTH0RrdnDBRHHSjbtWo4coTQA+XkGqaKLC
- Tx1NxeES5PfD+8C//8bkyDkddr17H7augKZpl6+qFZEcsnVoM2v1AyuEEa/H
- =OJbr
- -----END PGP MESSAGE-----
- fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
- - created_at: "2025-07-20T18:28:31Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA1Hthzn+T1OoAQ//b/ndAkI2OlGJBnsvz/U61ApEwEgqqyEmhF5GBk1T9K58
- RIfeQgJgTOOO1HazOqovOh8++tfnNR4BtthKPXaMRPKXjZIcm0uGjDXkubWJta3P
- EPJgJfNKz8KpaFe89dkzb/1TIyk2Nnui8rbEOIgomM0TOcf94N9tfNZru3kXHPuT
- cglZtEwsXww/BE9QXDksZWRSDasvydDuQpQn4DCZNatUUYYOFQ9hkHUvZd0v7gL1
- tyrF6XRJi69MHRx2GcNBBCuOCNO6RgWP0LHjD4JYKJdSyy8a9qTPmCT3Ofe9TQrA
- FbYYOTTXLDTWmad6GnyAy7ZKUvgosoFSw7jmB5xMwzyjVIuyNnAxLvjnppvaR9Xh
- hfgFVWc1QAWO3cLvUKmx2IMTxQP2mX+zWk5MRQqTjuTGARAe+AYKHtAyxszZEr76
- 7uXRB0Eo7WS9uth/62iAtJy0z68pXYzRI7pHiJJueZwhGi5rGdMeDGM9tXFOEdUP
- 7d2y8Cbx0cOfRXy6VgzQBc6sZU3wevzNNLK4M73A1urIrx2eBZC9v9itGyz9o5g7
- d2Bs4t27KjFo31dXIM9YhJr04i3DvPq08ImY3MsNJiGFKtpt2wCkzlPLJXmyewL9
- ybmdUieW94PL2rAfkaMbWMjaja+H7p/ItIe/Hz7WEz3R4NJL2+aaaWRKqUPuo8HS
- XAFRkJPM17ALht9P5M2qBsdeB9Y6zsJuQySooAtubTmO0SBae2CLfLi7r9G4vh8B
- uyaPRJU4VvXftkURyRHXK33Frj+ZJQCyVr16WXF0/klKmb5jED8TC5XwrejZ
- =zjZ5
- -----END PGP MESSAGE-----
- fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
- - created_at: "2025-07-20T18:28:31Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA46L6MuPqfJqAQ//UDZyyywJC2vZuaAqLv8wvF/7lyzKoqPsXp9OhphMwCag
- LZyQ66GkaSx1jsWWAGQjwVOeikr23SO5Sc8tqVtkKDXq26b+S0nPHf+xxnSIqOms
- l0kTla8c7PgJadf4YgKbjZwA4PDb4d0yVM5tnpceGZyzHXtOHdojRHBKgm/ed+p1
- bXjx1SeBZJH0F4pp7Pu5BTZrVp/RmlOCCs5SmzpBX151u1C310bIPrlMzyzKJOL2
- SwiP+/DpwxRn1SRyZXQQ7bRzpS/Ax9g/S/+tKP8vIrYJ/07o8xensY5gjrW9Q0Qa
- RAQLHacCFeklkqFg32NoOSXjknvITKHSKu83EPq6IWgj7SV6KKxPXAiWmWIPnL5W
- TNh40cn2fMPrcs5667h/xTsa0PNOzHEtXf0Vx992JU5bTsOugmdc7e3bYzEiUbdZ
- nKQZW5AUV9T1qZdXBqnB1AXwijNnFkhtJrU5e1GZApzgN9GBuJIdWUbna6SSbEiI
- /x46YTHOfMSsxu5f8NGi8au9ww/8tonFbR+CSeYZmnG5loqf7Enyj8iGhLiEfG+0
- mQPkxAB3mZEfjVr+TCXUz/x2Z99eO6xv1vJ0HxrQdEHd8MaErgBXsobOPi9cQcb/
- QqfzxRB0xSPlSfcaIDi0iPXzJuNhBmpM4bUqM7RRA7CanfP2xwCNnAc9OYsw1bXS
- XAEhWXrz6gMPCMDeqzae3ZWXBvH2aM2jSEcLy6MXz7d+0lgOCCbzBFUIJ6468AR4
- QtDFpOl5r4sC8Lpej1mkZhQk3ngZ0fH+ELs8gliRgBeUz4I5J9prZ0H1YT5S
- =hIWB
- -----END PGP MESSAGE-----
- fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
- - created_at: "2025-07-20T18:28:31Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA4EEKdYEzV0pAQ//b86yL2Kay7YkWuzeGb6g4uUl89S4H1TJOzCthu7EJIUD
- bQG/f58a5J2k1PLq88VTrIo0Ulz0BIGmblguqTAPnr0XzvAbWHpio9tnlB/LRFAk
- hj2OKqY57/FOyFXtBTKS9bhI8hqWr3Qn/FSQQV8dbLSrkAZ28htex6egjknVVLg6
- Rf9f8DGENEOV5Bz219NFpKs0D5dxqsXysIiHw7f6vgz4r1bLJO/RKxaNz1kGCw0w
- 93aVHL8BJuFSTo4GdaJAWhIWuZtRbiZtrDFrSD38GHRz0KxlNjPXrSFo/wqWYey3
- vq8hgPknEqAiQFJHSxhAKo+PHjPTOn5I97UmgJ0jpDopCWmF/mlUhI0CMMPRtzfy
- 9mYTH9isVww7tZq6VClHt9MLtgPQbUtcUYNOTSsqpXuRw5AafH5x45SAaRmgMiZ5
- d7NfhIi6k4kUEmqHgHBiH+MfLMsIu8GAlUJ/biLWEd7VQMgLD6ipLrijoChYvKsz
- 1ej8G1cV3wmwT+JkCseqfiH/ju8T5axZOFzTKY1t8faSx8wr0K2GNKySR5Tq0wDM
- 3e87vrNjs3oVH8RMBiPQzPUHJFSsNFdjjHpE49FkJUpy2Y6Jlft9kW4nHiZR6KFg
- 9D1xK1Yd1kD1wck0Tou/bu6+iaOppRAMYzQkwmbFYCZW6byqwQWz6TZ3b7w5w/TS
- XAExGv+29jQHHCR9uPx57ll6sLxFGFt701li7EX6P+ZBz4FYui/tYNOUqw/csGSc
- 2BYq31FSg/zq9ejhMFgCbJMdD0D0WwlfGA3wgafk/igDYRDixuEZ1yYKqX18
- =aiH3
- -----END PGP MESSAGE-----
- fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
- - created_at: "2025-07-20T18:28:31Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DQrf1tCqiJxoSAQdAzHZXfaqUFHTaI+zp1Cy4dMgqNHVs/aNnojVL5beS4jkw
- Qso98uOePpagNBVnpj6SfuQI5tZHzNETfxHl1k3qRXPS29J+ybEzBQgdbtC3xbnj
- 0lwB+uL9zdyS3WTCCm+PJV4J2bhhd3UPgoVXuszUetlX5pqvpJSCHcfH3i50Q5ov
- fa4/XYHhH09tfJ3nf+iB7xpJL+JlW2bBAN3v3zlD6+jiIhDxpmBmu33tHdXePQ==
- =4m7a
- -----END PGP MESSAGE-----
- fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
- - created_at: "2025-07-20T18:28:31Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DzAGzViGx4qcSAQdA3M0VvuxztWirQFgVHzqzB2Og5DNTlqEjkN4bmZv313sw
- CVDDFafeu4pwh07O1NcbVB6T+O2BkXc3PI2OWCMRWS6v4uMEkygVSZCmxiZ18XGy
- 0lYBWY337KT1q+tb3PYDzNUTwYGulx98NBgYHyTzpDECiJ+WQXTnQO5yQ+iQ3rFC
- 2AGHc++H5rq53D5tDi9cjqKZs0XHDhuu+D4BLB0DQKwIjAWXJIVJYg==
- =pkPL
- -----END PGP MESSAGE-----
- fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
- - created_at: "2025-07-20T18:28:31Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA2pVdGTIrZI+AQ/7B92wxRSXHW2dAcmMp72Ll+4GSbjD0QFPincZ85+2D06m
- P8vUWeCFfZ5soURASKun2RKa5GKXKSNsDlt75afM95ftsodmuyQ1SVmvbE+6SbAb
- IwsqoKJRbBskWeEUm9zGEn7910v0qpzhaI9jwwCi6gT4OB1L6tj3NZKcVQYE801p
- MVDf6bOoJ9DhyBFpzmNtASFRw4Je8PwcfrUZSfY5UZOfHTiBRop3l9mBJBpAw6sn
- sfn+kx/TvRJ0JVqUQbtQzq6cAIJF3607tB2HkoFnwIswwqWQz2yuoTzMdhQpnUBi
- 0lDHThAsu2YKyavbIH7N/sn+hqE2j+aOrQvMZQOiYFk/l4iMLm14It3UY4G48Imv
- GohLw+gss5G/stDzeJjiQ+gDKAC9ugDGS+uisyqy7CZtoow/GuBk66GL4TGOpq1W
- 26sH/yLBy8PBuRj8zrfgvcSYJwzvRprIcwdNmkmh+k2zf8XGMLcu1nUbb7WKZCmx
- n/krDnKbeMyDBRxSHHO27gLmYQnk1T1W2vJc/EVdbEBpmodWlGVuzTKaWfcA0RAL
- ldvrKLamWB0sZO/j4i7pOpeUUh6JOgXgOIiyXlMeuNjmh4QkqCWgiKvm+dk7hzoH
- dIfQhZRQCL2CUaSxqEEQIG7vsVqkpX/4Fbi3McX1uU2LU93/LpjaMpv/Ou4HFaLS
- XAFSkYN08zWc0548MnCXVoeYrX0szPPUmiaRIM6cDL7vI/vVR0uiVCZEY7QiyqlI
- Wn2nOk3T44tA057BmjCkxXlnIiuLilzU0dKT+jIwikAZuNM5jF6qpEmyYEhq
- =JQVx
- -----END PGP MESSAGE-----
- fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
- unencrypted_suffix: _unencrypted
- version: 3.10.2
diff --git a/inventories/z9/host_vars/dooris.yaml b/inventories/z9/host_vars/dooris.yaml
deleted file mode 100644
index 5813e3a..0000000
--- a/inventories/z9/host_vars/dooris.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
-docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'resources/z9/dooris/docker_compose/compose.yaml.j2') }}"
-docker_compose__configuration_files: [ ]
-
-certbot__version_spec: ""
-certbot__acme_account_email_address: le-admin@hamburg.ccc.de
-certbot__certificate_domains:
- - "dooris.ccchh.net"
-certbot__new_cert_commands:
- - "systemctl reload nginx.service"
-certbot__http_01_port: 80
-
-nginx__version_spec: ""
-nginx__configurations:
- - name: dooris.ccchh.net
- content: "{{ lookup('ansible.builtin.file', 'resources/z9/dooris/nginx/dooris.ccchh.net.conf') }}"
diff --git a/inventories/z9/host_vars/yate.sops.yaml b/inventories/z9/host_vars/yate.sops.yaml
deleted file mode 100644
index f5c8f32..0000000
--- a/inventories/z9/host_vars/yate.sops.yaml
+++ /dev/null
@@ -1,230 +0,0 @@
-#ENC[AES256_GCM,data:Oc2DdKVMymwkIHbS84TeTQY=,iv:UMhNafqQrHaF5iqFSev6D1uqHPFpKQTkOpYV6JncjsU=,tag:mAmBMyGdzER3hkSkV2Fjtw==,type:comment]
-secret__yate__sip_trunk_epvpn: ENC[AES256_GCM,data:BkdNaCooUjsDlCXJ,iv:saO4IGsz1HAinvW5ZGAMA4WEtBbo+UNdfBkr0g29uag=,tag:t8RM0GNYhl1w/RMNO8wKbQ==,type:str]
-secret__yate__sip_trunk_fonial: ENC[AES256_GCM,data:N18C3XZHIi1/IA==,iv:vs9dCYNRp+1ptxRajdUO5ODTOmNREJslF99xnFL92XM=,tag:IUmnlPeRI1WTRYELzZRk/w==,type:str]
-secret__yate__sip_trunk_fux: ENC[AES256_GCM,data:zcVxNjyS3BE2dw==,iv:Prmy8nP1yeFrVI5mQaPJPKHGFCzuZp84f6fH04I9zJM=,tag:X15wqvaaifMU2/kcqLqUZQ==,type:str]
-secret__yate__sip_extension_ewerkstatt: ENC[AES256_GCM,data:qbatVvfXZiUcpVnOJUpzYw==,iv:E/fCmKGrwYvQP1gGvwT0UrL0DZ/PcMwKG+NteiukB5M=,tag:PFmU0DX56+IbSQqMtY5NSQ==,type:str]
-secret__yate__sip_extension_fritzbox_analog1: ENC[AES256_GCM,data:+ayQ6P4P34D5hTNOFv3HVA==,iv:UD71G07Z633mDmvnJVei9SKgHyM+JFXJdtOhyBhvKGY=,tag:0ISsYGQCIMMgToLWA09JwQ==,type:str]
-secret__yate__sip_extension_fritzbox_analog2: ENC[AES256_GCM,data:DbFmTcZ8wW2fqstm09yUWw==,iv:jKUqtSXaGF/QpIwPJ6hKQWZvv9xtZeIQBiPHt2xm+3I=,tag:MkWzODFnWZc8o+pVLR3KJw==,type:str]
-secret__yate__sip_extension_fritzbox_dect1: ENC[AES256_GCM,data:87MFTNA0DXmfhesT/M++ug==,iv:qDM8HWZhG9FADLFNPRJXkadN2jXD6/CfroDShNPzA+o=,tag:Ylf56nCczEdDaOGko5GrBw==,type:str]
-secret__yate__sip_extension_fritzbox_dect2: ENC[AES256_GCM,data:KOUKexyzJqZPj1HKJxFl4Q==,iv:OCChQmSF1s8C/VYuw9D3hHA1CAoCnwC4adyTpWO5Iac=,tag:VFFuYi5Nd49ChU1Ki/nHiA==,type:str]
-secret__yate__sip_extension_flausch: ENC[AES256_GCM,data:eIieA4A/ZmU8e7t20xwmCw==,iv:oDMgZIjQBDcwIVPK4/qIT1HyQKc+vImdr1iPZE1LEn4=,tag:RgS+enGC6DP6dwE8u30a6g==,type:str]
-secret__yate__sip_extension_legacy: ENC[AES256_GCM,data:gC43eKUOAYU9dgNV1JQ+nw==,iv:xN7aad2NPaihlMT4Ym2xanpKU4eX04V0FS4m6XRgZFo=,tag:Oq0yBCSf+CB8Xkx4D4TH5w==,type:str]
-sops:
- lastmodified: "2025-08-02T07:43:00Z"
- mac: ENC[AES256_GCM,data:Irv3y4/QbofyM5BvE4h/T6zNF3A6oTjDssMOcqmGxUOGpqL11Am1DMHBivkUgEYe4ir9N0kvPUmed1XOyDwImrl06E1mGAT6hOlfVSYKtZP0Pwvi4VVeeP6IAYN56zu8k4X8oIxv7AEfS3Fq94sJ52Fd3xDPPCG4aVtUXxxDuwQ=,iv:HdqbgUVR0lIysZnnPkOkW9gDp9G/EOrHDkwmQH6LVKQ=,tag:amVPLxjvx1Qtv+v27SGtGA==,type:str]
- pgp:
- - created_at: "2025-07-20T18:28:37Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAxK/JaB2/SdtAQ/9FteCUUAadrhDu5M0uwAT4aSpkhA9+2mHB315uhpNGV8b
- frAvjvo/rtnmDYX3QleuyUu8dvsp8lryfde3SnQu38hqt+a/fio6mf1CDWlwuKDb
- xlNeuPXAP+x7PHFOXj8h0RhbQoaeYDPwFAwPXLxfgDes7cX2JHKGue7tBvCjLPJS
- 3XoSXnbktzu5dFFQM25zuqM+q1QHbn77KyjfTPVJpvLJRiWsJwZNCaYVw+gc0hwk
- qqOGGaLN+T0PvmUiCLzY8+3QK37dtru5h+WcDk6/duiI2P8l47EC3k7oiat8hzc+
- dfDDUhlbCK4OtE88ewA6UwT65m++CZlCzT+/VDus6gi200dMgJaT5fF6ebifitST
- uqLbdc2qQvR/h6OL+j5CulR20aZd9pbIamCaJgoULBRozUu01CsPKYIpRBONqbmD
- bIZkWCBv4KM6jxbW701+x4VosGNa1lVJ72k1++Xg6agEjJnx0rW005csh2jFac+E
- dfiJBOjPTMi+LDUPFokPga4vf82tWa7iPLIzmhMLupAQ2NnapBfW1o2Awo3mmUgy
- J6psOd0po2XSYjLgB5IuRyNNY3KfzZOXx/A9cB2S46Rp+4RrkyfQMWVy4CWZMNoO
- 2911gSnRutgJP3LrE/flR1bXpNsdP1MIx1RMBzTpEqrMB011Ad0ZnmbN42tkVdXS
- XAEEtt/OW5TAnBXnl1NASySaIeP8mosYIuWXVRK3382zn29AVM9+KPstSFL/yXtJ
- Q02jmaCXt2iJbGG9z7LymLzNbE93h0A3i2VgOQ980mhuAWZFtU7w8EKNz9fF
- =ODrF
- -----END PGP MESSAGE-----
- fp: EF643F59E008414882232C78FFA8331EEB7D6B70
- - created_at: "2025-07-20T18:28:37Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA6EyPtWBEI+2ARAAm2tb78/wI/RgRnuYNUbglF7zDKDUyhFc+36AbDKyB5w8
- VFRp6bTShbV3oUvNZVV5v/7A/TUi4X6p1Nmqnl2vQLnFEs4h5xZwUajuLlsWX9AO
- 6Hyr9D7pdBSBRfxypM1WOmzFRiDnFItxYFu5ljoc5OdkyZ7oq4W1UNWnV6dTip3D
- c6jfswzuBSR3HtoVL2YSDFIibVDAb8Ph4kuAXDRcxKHh8FZdVaEyk5KhWDBY87aJ
- vemqIOrh8GjbWWePNo6eDqRVU2nWZea78M7x0z6rDz6Z+VZsLWcl/cHu5pZMgDZW
- nRUUe0JOtncgZ0FJnZu9sAw6BftaVgEk4vVrT9174evkTj1otIXClijTigVRp0Ia
- JngM9FsQ0RLSA0dTGuCdEzoFPlUbtLLV+qL7ZGdysbfPsDiP1tlZWwCyxnYJ7gt3
- TgqJPvZ/tuVX/MvwVCA6p13RXb3XqhbjtA2k4eXdeOcWPUYmYvVJ0385ASwQC1S7
- PfmvQwL1f7YQkUvilkzBD/7EGeqJ8OFC4vJqx12tJNeNuqPiw195yBhNT5rml8bc
- 2haV+wdpzWScw+eo/xj1a17i0a3SJLpwTcWiwTp0LmZEecOFtxNsaUjnZPn6d8Ms
- RPbDVbeZP+kxNbvTuwXtQgC3d/GbcFbcSs//MAYUQLs83mA9XXW9Gzcq6ltexBPS
- XAG2M3c5oa/2XonBoQ3X3dggKPWQoabyUVAAsehotCxcMEcdVEMtJLSB0/+CTTP4
- 4+A7rurD5TwegQb3TmsDQRPYjwOoH0dQNXGNJQGGZpRyiVC/z0r3TXYrahze
- =jtiP
- -----END PGP MESSAGE-----
- fp: F155144FC925A1BEA1F8A2C59A2A4CD59BFDC5EC
- - created_at: "2025-07-20T18:28:37Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAz5uSgHG2iMJAQ/+IZeMdpcuIJgNH+sdovb4+CIwiIJozWprKNHOxFOBoYMC
- ZBStuhdGS42LhJLlV6kCsWGdT5uFlQVUCjRX7YwmFurSW0NqqzFtgnnbxnHF8UWC
- 743JTuh2lApyL5WPeNwj1PXx3xJcJFeCVynWDblvH0MrM8GVy68pZaSsIlmpcnGR
- 2jLCdWAv72T0SVffto7qlpQmCXNJSYspykEx7LhylRglf2uOAAq4n0k9QIFFL+2X
- EgV9rCOUh7qRpZ8zhd7PahS53o6gvqwFj7xM12u+iNbDE3pw+qThv/LiqfuoNd66
- qHUDzz5VyVlhbZ9wcN9oEPIl2kuUL6WeMO6RGZMx2n4kiI7E6X4rF5YgRGJBQ2Mc
- DAWxC3hWiAchyNqk7YoszskwjVR/8ozsvPzSmny1UNNsMsc6zw3BL86FZj12ODCT
- lwIR4Wae7sGC4oBITW6Rc5uDvo4hdA58viwOPHcxCNHrLHkJHhje8CMf5AhjBYcy
- OWFOD9Vi7c9fBeQwsy8G+LrX/wkcO5N+KoDDGJs/gx6HVAD5Rie2UnVCC4pICUXh
- UgIXDvV0WahCv+eOBUlj4gOIpLEO35P0RcX9nNE/5izFlwH0TtG5rCziEHEosqD9
- 9Wl7jqAi3POa7DtCD0DHIn0jxlWyVcBEXqHlgU3d6vRtOXTZMvt/NZxyLi4MUU/S
- XAGWywtpd/gxRgiyg+OB8C9HhOioLL/bCWvOE1n0JLRotxnv571oZi0SYYqiyX6I
- wk9s181nh4Kyfmf+tOiv4GDSkUfg01y1dx+85s8AzgyT6t5isV9AqlcWVGIs
- =c5hi
- -----END PGP MESSAGE-----
- fp: 18DFCE01456DAB52EA38A6584EDC64F35FA1D6A5
- - created_at: "2025-07-20T18:28:37Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAw5vwmoEJHQ1AQ//VRf1w/DVkjth/BZAMx4B3i4O/Sh5vkJE1EQx7XWgpJVY
- wX5vN0JujvIwhQ0aQf1nkFEmFTMFuKVMLzsHQ1ejT6od3XTsuD/WZsG9GJfG82Om
- jT05mwIqcH1brD4PVqzsEdykG3PGtxVaIcFbnhdls15VxQTgiW1MXkjM+hm5ddti
- sopwNLn6q2DbqJ4eGefl2kn88FxwDCv8tU9kQ9v4kR5/qkvtYgf8pyNl5zcQY5nH
- y9muGRxt0eVq1Wpc7bzui/9MtZ9XOBWVPevesO2QWRTnK7PLGH23KoS4GHLKB5Tn
- OkP1QemC75RjZ5AkfzYtTAInSlFmp9/giQ7ZDVSQMKoXxCsuN6jsVK380jWOPlq9
- tOtXSfGCSdMeM2O0vB/Xqv1qhcqPSGGCib7BnivTUnEfgxGhHGxNOOFZ8fJBXDhQ
- F0q7CHRye1EBhT+GpKuraSBpcNMgexj9j+B+17IAW+Riq0l5DiGJ7rgPaRnz+3Az
- 2F4y0r2//2iV+Em6n5crVu13SsAWUzYVKyHSswJQByEK0D8ibE8vlsE+LBLwtpUs
- 5FEVy8bxmNwbYyKGaiFR5m6njWlI3M6Chn1snzfsaKWpPxFHj/CSpUu4MRpGlNfr
- Hc2mJxsi3FpnAUwAUbnLudW9ET72gnfrHHKBYf3DzqQAc9Xrf+dKUuPuBlDm5TPS
- XAGNfxvILdjNFX9LvJLDffbPzHfLjKtBDSAAZV0bK8e669nFReBGfTk4RQXY2Huc
- NW8hke7+pV4vazwcosDgFRu/XmFyc/G+bxbB1zmzs7DgQ0m2sLxiRdv1xwBX
- =C6m1
- -----END PGP MESSAGE-----
- fp: 87AB00D45D37C9E9167B5A5A333448678B60E505
- - created_at: "2025-07-20T18:28:37Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DerEtaFuTeewSAQdA47A8oGWP1vDUTI0iRqcliyuGmgPaM8Cmu4kRL64cmVsw
- xTzCmlWNzdNa7YpdEGrCrzr2Ml5oE8hvLy1fM/H3m/6VM9+3Vmm6EI0Zq4mYYh6b
- 0lwBapQSaiQxUJXIvRHqIbFfd6UvQ2k/l6K9HtnL6wHLNywCl8VqBJyGh+gzrS6p
- Uj81QJspZL/XBbaw3vsM27p4I4644BFHVQMApAWWb0s9YTo179eLVl+XXL9/5A==
- =hDmG
- -----END PGP MESSAGE-----
- fp: 057870A2C72CD82566A3EC983695F4FCBCAE4912
- - created_at: "2025-07-20T18:28:37Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMAxjNhCKPP69fAQ/9ETw/8YtE14vgYnOWSnGhp8ryTFdt5D2IW8B30mmFlY4e
- 0P0ELQ36dn7ZoEe9DxfjYXFEJ9pTElnN8d1mOxOcFvvBA7HXhWYa261PVTUt0Mh5
- sLIcNgLoXJEd35voyqm/PXtGJZmM7iK79FL9L01eVm+zGSdglhvHhLdMnFVea+SC
- vF/sjp+9m6DUehKqD3jUr3T31mXf2wuq7864j3DdC+pRC6In4y7kuj0TUbGpZFH8
- rKBCxDLAifp11acgB5B3r0JyBeeZgIw8uTKrrQpFXXIUEUO0g1C6xlo96M3OD7sG
- pdvdsKo0l2687kA5uN2/hxAMqQIImLXSStod0KveDcys7UtYIZ5zVoi5KyZgxmBq
- wJOatBlH/sKzU2TXOSSTpbQJJBlaxCRk8/3ypfii4xdc3pWBm0Jm0fmZcckYmdWs
- bTOFCkg2Bx8gJkMpKSO5sou13j0Py45IHdeeOkYt6K/9+kEqlUCZfJUUj8PSO6Gz
- 7kdchGWYcGDGsqDeLlAXOdt8eQxBNs8LL9r+d+Acf4KqL1CYoxYhf6UC4z0Hownf
- jWkrs+CUxnF8xSt2WFlxoU7AWkATMkBZrPoZcN8iyTwlQWvTQgXoFJoJ9RBkOwfc
- HCSXDd53nogbkOfCUDosmlb/CJft3vS+hTNiLTVMA0J9ixul0HaRRr/w8bE/DgjS
- XAEdwJucMGVbFM3DNjrDb5iaVsIugBYGuZDK+/xyVwK1IlP9GDwE617SQNM/LbQo
- Fdq9ziI3VwlTFOnwNZ5Lw2IjNzHYMmS7ZTiF1LERWrMjIUtjY9/443ZHGQSE
- =a7K9
- -----END PGP MESSAGE-----
- fp: F38C9D4228FC6F674E322D9C3326D914EB9B8F55
- - created_at: "2025-07-20T18:28:37Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA1Hthzn+T1OoAQ//TycYGKYZdRgLzgcx7G6un+2OP3HMsXGfAO6Pz8qIkd9I
- jhVccyRB02gPRb/8xKyR5LVjeZ+zULmfBNAAwkvSDC2tjn0PlxbQwFW555Mdeg47
- HixFzYVpi12qxqk3Vei9C70VCufyHp2x4YH82LJNKlHybJv5xMFZIFVkPdQQX09M
- un2f5Fo6esMe8xfzfHsTbrX2X9TxluP+xwrjQLlqis9Xo1w3PJ8a/U7oGWm7cbOa
- 2/7HR1eNQe2CIWRNo22CzvrmWcsid/LblgGgVP/W2lG7cQtXrW6dy5UctIXRYGwf
- CjW2KgVova8Ojju7M1gZHjNSjnIEMD4ONNQCe5UiTfHwZbqPQtsfipL6NjY404/g
- lG3ab1qtwgUSP3sdl/+gRvDEENSwjk7H/tIlk64ufABnbjqF7vGgh8EWz0u44sI/
- a7RRYZbSjFSWpUivHiF4Z9CRxz+4OFkDFZ8oMyynwnNtXcq+Y1icqggPFN7PjPX4
- FB0W3fxcDvUaC92TeHrbVA6gJ916WwPPf0nDYVkuKbVgBHiDUmTo68WGD3T2IAPJ
- tj7ePAG/lreZDhDKH2s67I40Q8lPDIxFXV2u3wJ0wSOUeGvMh/mfaQyCbA1hDgIU
- 1PfkoLxXiQ09VfH6AVTJFWEY8NRJug/R5d+6PsXp61jfX8tVT/IFUlmdQD9kRXjS
- XAHubuQ/eNItKH9gRTj0eq9YdbzmrVJx88ImtX93Tq8Jrxc11Grlyf7OeJ5tBgin
- UYYips2Wf+P8SibwyG+ctV/4qRtNzoo4I7B5PNsKqVkm8bBzBsnvjY5WFV5G
- =OwXi
- -----END PGP MESSAGE-----
- fp: 5DA93D5C9D7320E1BD3522C79C78172B3551C9FD
- - created_at: "2025-07-20T18:28:37Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA46L6MuPqfJqAQ//TO7OWNCZyYgKOGFsoBlCT6rMTCF9ZwL4URHCCc4Yt+56
- MJ2jDB7usZTQfEMm7sAPKo82lJh7BnZR3o9ZQfJWnv1fc+B+v4FCYmHPlxD1/Srj
- 8RqCAqcsSRpbAq2B4qdq2kFfh3vuSHewBtCAblwRxuVKhoLUg15Ax+20h+XcXIZm
- nAQTUBauyFNxZjEnTPiAO7rEXR7XAtN3XQLnROBiZXRHL6nUy1Ud1fOLj5dWHHl+
- YGlmyy6F8GjG8Bk3G/F5QNp67h9OogW1EYWOIRqnxfYTx5QqYLig9b9Hehf/guT8
- rzifK62TFCqANSPwvsehHH1ucdO+pnDL0a5dLELMzYJstKqOaq9Pdly3HRIWT/lg
- UhmN5aQ+v8sw/9suwOKb9ED7ITV50gIedRK3MjtzAb6GwmgeO5PWqcnKaIRarbo+
- PGM85vQkkKMY9wJHHYeYvDvM+fYilmX1H0uFg7KPHqwZ2UM+4XxKp7MfQQTLIl+g
- rvEJ2MlVp0xG9biyqB2vFUungS56Y0mDNN4gaRwxGXd21OjI2onquKIDaYXTh2uh
- S8UPheiOYHgpX6Xd6FNhVchjd7NDfw2XwiYbBI6YvRqeG8b2RetbUdpH34y7kTTO
- rSRx5wJecJJYL62M3DDFQ/JVgsQs2YeyROen32UIZqVZjG35NaUY4gWFvBrXk7XS
- XAH2c64NkWvCxrQN+ypAOo1acK7JmVx8KRyJ9SkHBEGXf8u8vrM3mKErSRUdcx87
- O+4RH7EMOnH6/5x6bX2Uwj+WmY8uXtsn1q+zxqMmnt+rQN8y3MlssJ2u3XUO
- =Ft9S
- -----END PGP MESSAGE-----
- fp: 8996B62CBD159DCADD3B6DC08BB33A8ABCF7BC4A
- - created_at: "2025-07-20T18:28:37Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA4EEKdYEzV0pAQ//WMDEOC0jLeKxKCpjMltCQ+jjwtsH/yZOA07o9VHBhNhX
- kfJ+fONQb7roYaMFEM8ZRxhVf0IXjrK4vk7+P4x/vKtW0/1cQm7U/uxzUsOUBA4k
- UZHgcgrB3s6yDOY9TdwnZnaOlRPmG0AudXOYS/FwNE6OzYeCzf+88nw0VZzXpwvJ
- WsPV69lYpwTxcxhO8jCVDPTXjOC0sWOXBe6Ea2X/dbWuwu2KX8AxDp8O3C6Uxa30
- jOrhNtiguMugmKgF7NZlDqgiR3v2KhbVi/ECc3vH1c+GTekT26zAkvvzFqJjkHsb
- XS8DyAp2/ExCubtk4h25ObMhghabGqrl9o8hZ+0RlEaWU7oRi+cinIXgAZcubv0Y
- /LEfDyJTohmoDdqpC4xYdTMQ8s8RaNRGtQG/3hISD0cgssBHDBKnoNMNB/V1qe+z
- EZx/ewgUmlxcO9Q+mPnQG9Eo7sh4WnldbueXtdmp8f4vpt8tJ6zr66x9QLU0IJHW
- UwgwaV6EAUdv+O+MsW40Bx/TWEbbKj8am9dymTP1dV1OcPJOLfUbNog7ybFXl6IT
- kNnUkwHXfkRUbzZJNB5rBTTt8msuFquJEaZANl5eMKdn5fG9k2hxMpZCdYT0kECb
- ErzpV2kUS6Z+QLL2YQzIQ/iBqy82u/pOJ44IvO6JAXYUbc5RTGVOgXNpNiFhOQLS
- XAHfwKoAg6apAAcqJcywJ52eFwi2886lHyTcl6Zl8wlOC6FZbK+zkmhFKEcOdZyo
- YFVoqmHT3Da/Z4rlw0XwJYR7EFyk/mHlBwdNabv68Ba94zkqXpSSDuJz7Oip
- =K261
- -----END PGP MESSAGE-----
- fp: 9DFA033E3DAEBAD7FDD71B056C7AAA54BE05F7BA
- - created_at: "2025-07-20T18:28:37Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DQrf1tCqiJxoSAQdARUYTLeEeQkoOgHc8ReED3vRzHOa3S648JbH8q9p8s1Uw
- 6m+puHJX6nqoLf+TkUfNKfpx1JJpGxgcvsADJTm5Rwi0MxqKvo650DQwHA+UQHd6
- 0lwBQ1aFrpTk+2b5mVgGGLp5dgFSTDSIsBbUBFQOXvuPX/S/n4eCwiq0sWJBNsam
- wKTAC7nLnf9O1MX8NGXHQD01doJ2M19o7BoUsifxb0y2XorWDp23NqrSb2U+9A==
- =xw0V
- -----END PGP MESSAGE-----
- fp: B71138A6A8964A3C3B8899857B4F70C356765BAB
- - created_at: "2025-07-20T18:28:37Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hF4DzAGzViGx4qcSAQdAc7DD+ELFXtPiikXroB//qxDovIM8uUVXiY6/bCGDhyUw
- 0XqwTBBntTkrxjPXSQIPuLosccZCLcqpawjCAeYKPNZmJSfhQ5ESl/iAD7wofT2V
- 0lYBCaD9ciqJhB7nb0vh3Aoa4uphQ3EiS+PYi0Tyuo2r9MsoSv5BLGGHHaQDhvxK
- 8FXpCyUk8oqBiJ4TRouaVvDcPUSaqWk9QQtxx1mgD0iIkPNnMXoPJA==
- =3GJf
- -----END PGP MESSAGE-----
- fp: D2E9C0807BF681F5E164DAFC5EE1B61CD90954CD
- - created_at: "2025-07-20T18:28:37Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- hQIMA2pVdGTIrZI+AQ//QR/3s7FObKxat5+yCwGERpelhkNVkwwaVl6nnyX1P2od
- JrKHwmwgRaOpchQmlkbLwgPs9byiRc29sv8T72qAM0xQohKJq3TXXCGA2Wy4xzmn
- tDK4m+kU/WA8qtBsJn+gfV9CkWXVmr1vnrE+oM32qNpDA5wTrEN2ueTnxkc6oiN8
- O+rlJWkbtPBxt3o9OJfJLoidh+Ot+1aiLeg+9lrp7RdnuHcHiklwT3y+dLf2Dpje
- SevPq5UDX1C9kbwCtQuvH11wO2Pss9IWfNhqgdltsnaEC02lFaiiZxiZL+lxb5+D
- XcVn7o+iZUL5BjNn0Y1D17geXuIwFwOKWsRh59EsMMUU7rzK2WIeGz5eIbGcRHPw
- MIOxhzHXH4DN1TIKLa3BoqMCaEa6FY4U5pWNAGcclOqSY5DmlmSgZxOSLijCpLCf
- VRyWbDUiMVz6CA1dR5PtnGoIlAMk0W84SxWgjrsg5BE3zt1KeluAPkJbgD3wRTMj
- uXq37kbIQvH80ocxjY1DyBkvz5xh21yBlUvQnMLc8gQg2C3Z8gQj9eexqJOt0z/g
- DvW6t4ZfGncsqE5nKv+O4FiFc+xUKFt02pPI/hgqYPpXVYc8mmqD8A75dbi3fhEO
- 5tTnEszoYZJucAF57aWNzpr+o/I3dP7SxrxbQbq9I4GO1omSkKeNFe/dQWKGzR/S
- XAHR6DYe5ej+qdc9lcK/Lx8aA7/4b+O5jSKE0g1sJ2wEZdhNQbLM21YLGt4hFCk5
- a/pJ9m8ShyHgQM5bab9z2MtSD/qL9yVGMfErU/UC9S9GCAvh2COAFx1vVRdv
- =L/EP
- -----END PGP MESSAGE-----
- fp: 878FEA3CB6A6F6E7CD80ECBE28506E3585F9F533
- unencrypted_suffix: _unencrypted
- version: 3.10.2
diff --git a/inventories/z9/host_vars/yate.yaml b/inventories/z9/host_vars/yate.yaml
deleted file mode 100644
index b73cfa6..0000000
--- a/inventories/z9/host_vars/yate.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
-docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'resources/z9/yate/docker_compose/compose.yaml.j2') }}"
-docker_compose__configuration_files:
- - name: accfile.conf
- content: "{{ lookup('ansible.builtin.template', 'resources/z9/yate/docker_compose/accfile.conf.j2') }}"
- - name: regexroute.conf
- content: "{{ lookup('ansible.builtin.template', 'resources/z9/yate/docker_compose/regexroute.conf.j2') }}"
- - name: regfile.conf
- content: "{{ lookup('ansible.builtin.template', 'resources/z9/yate/docker_compose/regfile.conf.j2') }}"
-docker_compose__restart_cmd: "exec yate sh -c 'kill -1 1'"
\ No newline at end of file
diff --git a/inventories/z9/hosts.yaml b/inventories/z9/hosts.yaml
index 4d847bf..0dde922 100644
--- a/inventories/z9/hosts.yaml
+++ b/inventories/z9/hosts.yaml
@@ -1,45 +1,21 @@
all:
hosts:
- authoritative-dns:
- ansible_host: authoritative-dns.z9.ccchh.net
- ansible_user: chaos
- dooris:
- ansible_host: 10.31.208.201
- ansible_user: chaos
light:
ansible_host: light.z9.ccchh.net
ansible_user: chaos
- thinkcccore0:
- ansible_host: thinkcccore0.z9.ccchh.net
- yate:
- ansible_host: yate.ccchh.net
- ansible_user: chaos
-certbot_hosts:
- hosts:
- dooris:
-docker_compose_hosts:
- hosts:
- dooris:
- yate:
-foobazdmx_hosts:
- hosts:
- light:
-hypervisors:
- hosts:
- thinkcccore0:
-infrastructure_authorized_keys_hosts:
- hosts:
- dooris:
- light:
authoritative-dns:
- yate:
+ ansible_host: authoritative-dns.z9.ccchh.net
+ ansible_user: chaos
nginx_hosts:
hosts:
- dooris:
light:
ola_hosts:
hosts:
light:
-proxmox_vm_template_hosts:
+foobazdmx_hosts:
hosts:
- thinkcccore0:
+ light:
+infrastructure_authorized_keys_hosts:
+ hosts:
+ light:
+ authoritative-dns:
diff --git a/playbooks/deploy.yaml b/playbooks/deploy.yaml
index 952aeec..d7dcdac 100644
--- a/playbooks/deploy.yaml
+++ b/playbooks/deploy.yaml
@@ -70,13 +70,5 @@
- "o=Docker,n=${distro_codename}"
- "o=nginx,n=${distro_codename}"
-- name: Ensure Alloy is installed and Setup on alloy_hosts
- hosts: alloy_hosts
- become: true
- tasks:
- - name: Setup Alloy
- ansible.builtin.include_role:
- name: grafana.grafana.alloy
-
- name: Run ensure_eh22_styleguide_dir Playbook
ansible.builtin.import_playbook: ensure_eh22_styleguide_dir.yaml
diff --git a/playbooks/deploy_hypervisor.yaml b/playbooks/deploy_hypervisor.yaml
deleted file mode 100644
index 4d3200f..0000000
--- a/playbooks/deploy_hypervisor.yaml
+++ /dev/null
@@ -1,61 +0,0 @@
-- name: Ensure the VM template generation is set up
- hosts: proxmox_vm_template_hosts
- tasks:
- - name: Ensure dependencies are present
- ansible.builtin.apt:
- name:
- - git
- - libguestfs-tools
- become: true
-
- - name: Ensure /usr/local/{lib,sbin} exist
- ansible.builtin.file:
- path: "{{ item }}"
- state: directory
- owner: root
- group: root
- mode: "0755"
- become: true
- loop:
- - "/usr/local/lib/"
- - "/usr/local/sbin/"
-
- - name: Ensure the pve-template-vm repo is present
- ansible.builtin.git:
- repo: https://git.hamburg.ccc.de/CCCHH/pve-template-vm.git
- dest: /usr/local/lib/pve-template-vm
- version: main
- force: true
- depth: 1
- single_branch: true
- track_submodules: true
- become: true
-
- # /usr/local/sbin as the script uses qm, which is also found in /usr/sbin.
- - name: Ensure symlink to build-proxmox-template exists in /usr/local/sbin
- ansible.builtin.file:
- src: /usr/local/lib/pve-template-vm/build-proxmox-template
- dest: /usr/local/sbin/build-proxmox-template
- state: link
- owner: root
- group: root
- mode: '0755'
- become: true
-
- # This sets up a cron job running /usr/local/sbin/build-proxmox-template using the env vars defined in hypervisor__template_vm_config.
- - name: Ensure cron job is present for building a fresh VM template every week on Friday 04:00
- ansible.builtin.cron:
- name: "ansible build proxmox template"
- cron_file: ansible_build_proxmox_template
- minute: 0
- hour: 4
- weekday: 5
- user: root
- job: "{% if hypervisor__template_vm_config is defined and hypervisor__template_vm_config | length > 0 %}\
- /usr/bin/env \
- {% for item in hypervisor__template_vm_config | default([]) %}\
- {{ item.name }}=\"{{ item.value }}\" \
- {% endfor %}\
- {% endif %}\
- /usr/local/sbin/build-proxmox-template"
- become: true
diff --git a/resources/chaosknoten/ccchoir/docker_compose/compose.yaml.j2 b/resources/chaosknoten/ccchoir/docker_compose/compose.yaml.j2
index c2108d8..e4ab5b6 100644
--- a/resources/chaosknoten/ccchoir/docker_compose/compose.yaml.j2
+++ b/resources/chaosknoten/ccchoir/docker_compose/compose.yaml.j2
@@ -6,8 +6,8 @@ services:
image: docker.io/library/mariadb:11
environment:
- "MARIADB_DATABASE=wordpress"
- - "MARIADB_ROOT_PASSWORD={{ secret__mariadb_root_password }}"
- - "MARIADB_PASSWORD={{ secret__wordpress_db_password }}"
+ - "MARIADB_ROOT_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/ccchoir/DB_ROOT_PASSWORD", create=false, missing="error") }}"
+ - "MARIADB_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/ccchoir/DB_PASSWORD", create=false, missing="error") }}"
- "MARIADB_USER=wordpress"
- "MARIADB_AUTO_UPGRADE=yes"
volumes:
@@ -23,7 +23,7 @@ services:
- "WORDPRESS_DB_NAME=wordpress"
- "WORDPRESS_DB_USER=wordpress"
- "WORDPRESS_TABLE_PREFIX=wp_"
- - "WORDPRESS_DB_PASSWORD={{ secret__wordpress_db_password }}"
+ - "WORDPRESS_DB_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/ccchoir/DB_PASSWORD", create=false, missing="error") }}"
volumes:
- wordpress:/var/www/html/wp-content
ports:
diff --git a/resources/chaosknoten/cloud/nextcloud/config.php.j2 b/resources/chaosknoten/cloud/nextcloud/config.php.j2
new file mode 100644
index 0000000..718bcb8
--- /dev/null
+++ b/resources/chaosknoten/cloud/nextcloud/config.php.j2
@@ -0,0 +1,98 @@
+ '\\OC\\Memcache\\APCu',
+ 'apps_paths' =>
+ array (
+ 0 =>
+ array (
+ 'path' => '/var/www/html/apps',
+ 'url' => '/apps',
+ 'writable' => false,
+ ),
+ 1 =>
+ array (
+ 'path' => '/var/www/html/custom_apps',
+ 'url' => '/custom_apps',
+ 'writable' => true,
+ ),
+ ),
+ 'instanceid' => 'oc9uqhr7buka',
+ 'passwordsalt' => 'SK2vmQeTEHrkkwx9K+hC1WX33lPJDs',
+ 'secret' => '3dBt5THD2ehg0yWdVDAvMmsY8yLtrfk/gE560lkMqYqgh6lu',
+ 'trusted_domains' =>
+ array (
+ 0 => 'cloud.hamburg.ccc.de',
+ ),
+ 'datadirectory' => '/var/www/html/data',
+ 'dbtype' => 'mysql',
+ 'version' => '25.0.9.2',
+ 'overwrite.cli.url' => 'https://cloud.hamburg.ccc.de',
+ 'dbname' => 'nextcloud',
+ 'dbhost' => 'database',
+ 'dbport' => '',
+ 'dbtableprefix' => 'oc_',
+ 'mysql.utf8mb4' => true,
+ 'dbuser' => 'nextcloud',
+ 'dbpassword' => 'TdBLMQQeKbz1zab3sySUsGxo3',
+ 'installed' => true,
+ // Some Nextcloud options that might make sense here
+ 'allow_user_to_change_display_name' => false,
+ 'lost_password_link' => 'disabled',
+ // URL of provider. All other URLs are auto-discovered from .well-known
+ 'oidc_login_provider_url' => 'https://id.ccchh.net/realms/ccchh',
+ // Client ID and secret registered with the provider
+ 'oidc_login_client_id' => 'cloud',
+ 'oidc_login_client_secret' => '{{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/cloud/kc-client-secret", create=false, missing="error") }}',
+ // Automatically redirect the login page to the provider
+ 'oidc_login_auto_redirect' => true,
+ // Redirect to this page after logging out the user
+ //'oidc_login_logout_url' => 'https://openid.example.com/thankyou',
+ // If set to true the user will be redirected to the
+ // logout endpoint of the OIDC provider after logout
+ // in Nextcloud. After successfull logout the OIDC
+ // provider will redirect back to 'oidc_login_logout_url' (MUST be set).
+ 'oidc_login_end_session_redirect' => true,
+ // Quota to assign if no quota is specified in the OIDC response (bytes)
+ //
+ // NOTE: If you want to allow NextCloud to manage quotas, omit this option. Do not set it to
+ // zero or -1 or ''.
+ 'oidc_login_default_quota' => '1000000000',
+ // Login button text
+ 'oidc_login_button_text' => 'Log in via id.ccchh.net',
+ // Hide the NextCloud password change form.
+ 'oidc_login_hide_password_form' => false,
+ // Use ID Token instead of UserInfo
+ 'oidc_login_use_id_token' => false,
+ 'oidc_login_attributes' => array (
+ 'id' => 'preferred_username',
+ 'name' => 'name',
+ 'mail' => 'email',
+ 'quota' => 'ownCloudQuota',
+ 'home' => 'homeDirectory',
+ 'ldap_uid' => 'uid',
+ 'groups' => 'ownCloudGroups',
+ 'login_filter' => 'realm_access_roles',
+ 'photoURL' => 'picture',
+ 'is_admin' => 'ownCloudAdmin',
+ ),
+ // Default group to add users to (optional, defaults to nothing)
+ //'oidc_login_default_group' => 'oidc',
+ 'oidc_login_filter_allowed_values' => null,
+ // Set OpenID Connect scope
+ 'oidc_login_scope' => 'openid profile',
+ // The `id` attribute in `oidc_login_attributes` must return the
+ // "Internal Username" (see expert settings in LDAP integration)
+ 'oidc_login_proxy_ldap' => false,
+ // Fallback to direct login if login from OIDC fails
+ // Note that no error message will be displayed if enabled
+ 'oidc_login_disable_registration' => false,
+ //'oidc_login_redir_fallback' => false,
+ // If you get your groups from the oidc_login_attributes, you might want
+ // to create them if they are not already existing, Default is `false`.
+ 'oidc_create_groups' => true,
+ // Enable use of WebDAV via OIDC bearer token.
+ 'oidc_login_webdav_enabled' => true,
+ // Enable authentication with user/password for DAV clients that do not
+ // support token authentication (e.g. DAVx⁵)
+ 'oidc_login_password_authentication' => false,
+);
\ No newline at end of file
diff --git a/resources/chaosknoten/cloud/nextcloud/extra_configuration.config.php.j2 b/resources/chaosknoten/cloud/nextcloud/extra_configuration.config.php.j2
index 8832381..7e6ad56 100644
--- a/resources/chaosknoten/cloud/nextcloud/extra_configuration.config.php.j2
+++ b/resources/chaosknoten/cloud/nextcloud/extra_configuration.config.php.j2
@@ -11,7 +11,7 @@ $CONFIG = array (
'mail_smtpname' => 'no-reply@cloud.hamburg.ccc.de',
'mail_from_address' => 'no-reply',
'mail_domain' => 'cloud.hamburg.ccc.de',
- 'mail_smtppassword' => '{{ secret__nextcloud_smtp_password }}',
+ 'mail_smtppassword' => '{{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/cloud/smtp_password", create=false, missing="error") }}',
'mail_smtpdebug' => true,
'maintenance_window_start' => 1,
);
diff --git a/resources/chaosknoten/eh22-netbox/netbox/configuration.py.j2 b/resources/chaosknoten/eh22-netbox/netbox/configuration.py.j2
new file mode 100644
index 0000000..56995ca
--- /dev/null
+++ b/resources/chaosknoten/eh22-netbox/netbox/configuration.py.j2
@@ -0,0 +1,60 @@
+ALLOWED_HOSTS = [ "netbox.eh22.easterhegg.eu" ]
+DATABASE = {
+ "HOST": "localhost",
+ "NAME": "netbox",
+ "USER": "netbox",
+ "PASSWORD": "{{ lookup('community.general.passwordstore', 'noc/vm-secrets/chaosknoten/eh22-netbox/DATABASE_PASSWORD', create=false, missing='error') }}",
+}
+REDIS = {
+ "tasks": {
+ "HOST": "localhost",
+ "PORT": 6379,
+ "USERNAME": "",
+ "PASSWORD": "",
+ "DATABASE": 0,
+ "SSL": False,
+ },
+ "caching": {
+ "HOST": "localhost",
+ "PORT": 6379,
+ "USERNAME": "",
+ "PASSWORD": "",
+ "DATABASE": 1,
+ "SSL": False,
+ },
+}
+SECRET_KEY = "{{ lookup('community.general.passwordstore', 'noc/vm-secrets/chaosknoten/eh22-netbox/SECRET_KEY', create=false, missing='error') }}"
+SESSION_COOKIE_SECURE = True
+
+# CCCHH ID (Keycloak) integration.
+# https://github.com/python-social-auth/social-core/blob/0925304a9e437f8b729862687d3a808c7fb88a95/social_core/backends/keycloak.py#L7
+# https://python-social-auth.readthedocs.io/en/latest/backends/keycloak.html
+REMOTE_AUTH_BACKEND = "social_core.backends.keycloak.KeycloakOAuth2"
+SOCIAL_AUTH_KEYCLOAK_ACCESS_TOKEN_URL = (
+ "https://id.hamburg.ccc.de/realms/ccchh/protocol/openid-connect/token"
+)
+SOCIAL_AUTH_KEYCLOAK_AUTHORIZATION_URL = (
+ "https://id.hamburg.ccc.de/realms/ccchh/protocol/openid-connect/auth"
+)
+SOCIAL_AUTH_KEYCLOAK_KEY = "eh22-netbox"
+SOCIAL_AUTH_KEYCLOAK_PUBLIC_KEY = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/Shi+b2OyYNGVFPsa6qf9SesEpRl5U5rpwgmt8H7NawMvwpPUYVW9o46QW0ulYcDmysT3BzpP3tagO/SFNoOjZdYe0D9nJ7vEp8KHbzR09KCfkyQIi0wLssKnDotVHL5JeUY+iKk+gjiwF9FSFSHPBqsST7hXVAut9LkOvs2aDod9AzbTH/uYbt4wfUm5l/1Ii8D+K7YcsFGUIqxv4XS/ylKqObqN4M2dac69iIwapoh6reaBQEm66vrOzJ+3yi4DZuPrkShJqi2hddtoyZihyCkF+eJJKEI5LrBf1KZB3Ec2YUrqk93ZGUGs/XY6R87QSfR3hJ82B1wnF+c2pw+QIDAQAB"
+SOCIAL_AUTH_KEYCLOAK_SECRET = "{{ lookup('community.general.passwordstore', 'noc/vm-secrets/chaosknoten/eh22-netbox/SOCIAL_AUTH_KEYCLOAK_SECRET', create=false, missing='error') }}"
+# Use custom OIDC group and role mapping pipeline functions added in via
+# netbox__custom_pipeline_oidc_group_and_role_mapping.
+# The default pipeline this is based on can be found here:
+# https://github.com/netbox-community/netbox/blob/main/netbox/netbox/settings.py
+SOCIAL_AUTH_PIPELINE = [
+ "social_core.pipeline.social_auth.social_details",
+ "social_core.pipeline.social_auth.social_uid",
+ "social_core.pipeline.social_auth.social_user",
+ "social_core.pipeline.user.get_username",
+ "social_core.pipeline.user.create_user",
+ "social_core.pipeline.social_auth.associate_user",
+ "netbox.authentication.user_default_groups_handler",
+ "social_core.pipeline.social_auth.load_extra_data",
+ "social_core.pipeline.user.user_details",
+ # Custom OIDC group and role mapping functions.
+ "netbox.custom_pipeline_oidc_mapping.add_groups",
+ "netbox.custom_pipeline_oidc_mapping.remove_groups",
+ "netbox.custom_pipeline_oidc_mapping.set_roles",
+]
diff --git a/resources/chaosknoten/ntfy/nginx/ntfy.hamburg.ccc.de.conf b/resources/chaosknoten/eh22-netbox/nginx/netbox.eh22.easterhegg.eu.conf
similarity index 60%
rename from resources/chaosknoten/ntfy/nginx/ntfy.hamburg.ccc.de.conf
rename to resources/chaosknoten/eh22-netbox/nginx/netbox.eh22.easterhegg.eu.conf
index e7d404d..6c9d458 100644
--- a/resources/chaosknoten/ntfy/nginx/ntfy.hamburg.ccc.de.conf
+++ b/resources/chaosknoten/eh22-netbox/nginx/netbox.eh22.easterhegg.eu.conf
@@ -2,8 +2,7 @@
# https://ssl-config.mozilla.org/#server=nginx&version=1.17.7&config=intermediate&openssl=1.1.1k&guideline=5.6
server {
# Listen on a custom port for the proxy protocol.
- listen 8443 ssl proxy_protocol;
- http2 on;
+ listen 8443 ssl http2 proxy_protocol;
# Make use of the ngx_http_realip_module to set the $remote_addr and
# $remote_port to the client address and client port, when using proxy
# protocol.
@@ -13,12 +12,12 @@ server {
# header.
real_ip_header proxy_protocol;
- server_name ntfy.hamburg.ccc.de;
+ server_name netbox.eh22.easterhegg.eu;
- ssl_certificate /etc/letsencrypt/live/ntfy.hamburg.ccc.de/fullchain.pem;
- ssl_certificate_key /etc/letsencrypt/live/ntfy.hamburg.ccc.de/privkey.pem;
+ ssl_certificate /etc/letsencrypt/live/netbox.eh22.easterhegg.eu/fullchain.pem;
+ ssl_certificate_key /etc/letsencrypt/live/netbox.eh22.easterhegg.eu/privkey.pem;
# verify chain of trust of OCSP response using Root CA and Intermediate certs
- ssl_trusted_certificate /etc/letsencrypt/live/ntfy.hamburg.ccc.de/chain.pem;
+ ssl_trusted_certificate /etc/letsencrypt/live/netbox.eh22.easterhegg.eu/chain.pem;
# HSTS (ngx_http_headers_module is required) (63072000 seconds)
add_header Strict-Transport-Security "max-age=63072000" always;
@@ -30,18 +29,20 @@ server {
proxy_set_header X-Forwarded-Port 443;
# This is https in any case.
proxy_set_header X-Forwarded-Proto https;
+ # Hide the X-Forwarded header.
+ proxy_hide_header X-Forwarded;
+ # Assume we are the only Reverse Proxy (well using Proxy Protocol, but that
+ # is transparent).
+ # Also provide "_hidden" for by, since it's not relevant.
+ proxy_set_header Forwarded "for=$remote_addr;proto=https;host=$host;by=_hidden";
+
+ client_max_body_size 25m;
+
+ location /static/ {
+ alias /opt/netbox/netbox/static/;
+ }
location / {
- proxy_pass http://127.0.0.1:2586;
- proxy_http_version 1.1;
-
- proxy_set_header Upgrade $http_upgrade;
- proxy_set_header Connection "upgrade";
-
- proxy_connect_timeout 3m;
- proxy_send_timeout 3m;
- proxy_read_timeout 3m;
-
- client_max_body_size 0; # Stream request body to backend
+ proxy_pass http://127.0.0.1:8001;
}
}
diff --git a/resources/chaosknoten/grafana/docker_compose/alertmanager.yaml.j2 b/resources/chaosknoten/grafana/docker_compose/alertmanager.yaml.j2
index 3e51e55..83aeaad 100644
--- a/resources/chaosknoten/grafana/docker_compose/alertmanager.yaml.j2
+++ b/resources/chaosknoten/grafana/docker_compose/alertmanager.yaml.j2
@@ -3,84 +3,38 @@
# - https://github.com/prometheus/alertmanager/blob/48a99764a1fc9279fc828de83e7a03ae2219abc7/doc/examples/simple.yml
route:
- receiver: 'ccchh-infrastructure-alerts'
- group_by: [ "alertname", "site", "type", "hypervisor" ]
+ group_by: ["alertname", "site", "type", "hypervisor"]
+
group_wait: 30s
group_interval: 5m
- repeat_interval: 6h
- routes:
- - receiver: "null"
- matchers:
- - sendAlert = "false"
- - receiver: ntfy-ccchh-critical
- matchers:
- - org = "ccchh"
- - severity = "critical",
- repeat_interval: 18h
- continue: true
- - receiver: ntfy-ccchh
- matchers:
- - org = "ccchh"
- - severity =~ "info|warning",
- repeat_interval: 36h
- continue: true
- - receiver: ntfy-fux-critical
- matchers:
- - org = "fux"
- - severity = "critical",
- repeat_interval: 18h
- continue: true
- - receiver: email-fux-critical
- matchers:
- - org = "fux"
- - severity = "critical",
- repeat_interval: 36h
- continue: true
- - receiver: ntfy-fux
- matchers:
- - org = "fux"
- - severity =~ "info|warning",
- repeat_interval: 36h
- continue: true
- - receiver: ccchh-infrastructure-alerts
- matchers:
- - org = "ccchh"
- - severity =~ "info|warning|critical"
+ repeat_interval: 3h
+
+ receiver: ccchh-infrastructure-alerts
+
+
+{# Disable these for now, but might be interesting in the future.
+# Inhibition rules allow to mute a set of alerts given that another alert is
+# firing.
+# We use this to mute any warning-level notifications if the same alert is
+# already critical.
+inhibit_rules:
+ - source_matchers: [severity="critical"]
+ target_matchers: [severity="warning"]
+ # Apply inhibition if the alertname is the same.
+ # CAUTION:
+ # If all label names listed in `equal` are missing
+ # from both the source and target alerts,
+ # the inhibition rule will apply!
+ equal: [alertname, cluster, service] #}
templates:
- "/etc/alertmanager/templates/*.tmpl"
receivers:
- - name: "null"
- name: "ccchh-infrastructure-alerts"
telegram_configs:
- send_resolved: true
- bot_token: {{ secret__alertmanager_telegram_bot_token }}
+ bot_token: {{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/grafana/alertmanager_telegram_bot_token", create=false, missing="error") }}
chat_id: -1002434372415
parse_mode: HTML
message: {{ "'{{ template \"alert-message.telegram.ccchh\" . }}'" }}
-
- - name: "ntfy-ccchh-critical"
- webhook_configs:
- - url: "http://ntfy-alertmanager-ccchh-critical:8000"
-
- - name: "ntfy-fux-critical"
- webhook_configs:
- - url: "http://ntfy-alertmanager-fux-critical:8001"
-
- - name: "ntfy-ccchh"
- webhook_configs:
- - url: "http://ntfy-alertmanager-ccchh:8010"
-
- - name: "ntfy-fux"
- webhook_configs:
- - url: "http://ntfy-alertmanager-fux:8011"
-
- - name: "email-fux-critical"
- email_configs:
- - send_resolved: true
- to: "stb@lassitu.de"
- from: "alert-manager@hamburg.ccc.de"
- smarthost: "cow.hamburg.ccc.de:587"
- auth_username: "alert-manager@hamburg.ccc.de"
- auth_password: {{ secret__alert_manager_email_password }}
diff --git a/resources/chaosknoten/grafana/docker_compose/alertmanager_alert_templates.tmpl b/resources/chaosknoten/grafana/docker_compose/alertmanager_alert_templates.tmpl
index 3e97e6e..5318fb0 100644
--- a/resources/chaosknoten/grafana/docker_compose/alertmanager_alert_templates.tmpl
+++ b/resources/chaosknoten/grafana/docker_compose/alertmanager_alert_templates.tmpl
@@ -20,25 +20,16 @@ Links & Resources
{{ define "alert-message.telegram.ccchh" }}
- {{- if .Alerts.Firing }}
- 🔥{{ len .Alerts.Firing }} Alert(/s) Firing 🔥
- {{- if le (len .Alerts.Firing) 5 }}
- {{- range .Alerts.Firing }}
- {{ template "alert-item.telegram.ccchh.internal" . }}
- {{- end }}
- {{- else }}
- There are too many alerts firing at once
- {{- end }}
- {{- end }}
-
- {{- if .Alerts.Resolved }}
- ✅{{ len .Alerts.Resolved }} Alert(/s) Resolved ✅
- {{- if le (len .Alerts.Resolved) 5 }}
- {{- range .Alerts.Resolved }}
- {{ template "alert-item.telegram.ccchh.internal" . }}
- {{- end }}
- {{- else }}
- There are too many resolved alerts to list
- {{- end }}
- {{- end }}
+{{- if .Alerts.Firing }}
+🔥{{ len .Alerts.Firing }} Alert(/s) Firing 🔥
+{{ range .Alerts.Firing -}}
+{{ template "alert-item.telegram.ccchh.internal" . }}
+{{- end }}
+{{- end }}
+{{- if .Alerts.Resolved }}
+✅{{ len .Alerts.Resolved }} Alert(/s) Resolved ✅
+{{ range .Alerts.Resolved -}}
+{{ template "alert-item.telegram.ccchh.internal" . }}
+{{- end }}
+{{- end }}
{{- end }}
diff --git a/resources/chaosknoten/grafana/docker_compose/compose.yaml.j2 b/resources/chaosknoten/grafana/docker_compose/compose.yaml.j2
index c9c4cca..3e994dc 100644
--- a/resources/chaosknoten/grafana/docker_compose/compose.yaml.j2
+++ b/resources/chaosknoten/grafana/docker_compose/compose.yaml.j2
@@ -6,8 +6,6 @@ services:
container_name: prometheus
command:
- '--config.file=/etc/prometheus/prometheus.yml'
- - '--web.enable-remote-write-receiver'
- - '--enable-feature=promql-experimental-functions'
ports:
- 9090:9090
restart: unless-stopped
@@ -15,7 +13,7 @@ services:
- ./configs/prometheus.yml:/etc/prometheus/prometheus.yml
- ./configs/prometheus_alerts.rules.yaml:/etc/prometheus/rules/alerts.rules.yaml
- prom_data:/prometheus
-
+
alertmanager:
image: prom/alertmanager
container_name: alertmanager
@@ -37,7 +35,7 @@ services:
restart: unless-stopped
environment:
- GF_SECURITY_ADMIN_USER=admin
- - "GF_SECURITY_ADMIN_PASSWORD={{ secret__grafana_gf_security_admin_password }}"
+ - "GF_SECURITY_ADMIN_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/grafana/GF_SECURITY_ADMIN_PASSWORD", create=false, missing="error") }}"
volumes:
- ./configs/grafana.ini:/etc/grafana/grafana.ini
- ./configs/grafana-datasource.yml:/etc/grafana/provisioning/datasources/datasource.yml
@@ -51,61 +49,13 @@ services:
restart: unless-stopped
environment:
- PVE_USER=grafana@pve
- - "PVE_PASSWORD={{ secret__prometheus_pve_exporter_pve_password }}"
+ - "PVE_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/grafana/prometheus-exporter", create=false, missing="error") }}"
- PVE_VERIFY_SSL=false
volumes:
- /dev/null:/etc/prometheus/pve.yml
- loki:
- image: grafana/loki:3
- container_name: loki
- ports:
- - 13100:3100
- - 19099:9099
- restart: unless-stopped
- volumes:
- - ./configs/loki.yaml:/etc/loki/local-config.yaml
- - loki_data:/var/loki
-
- ntfy-alertmanager-ccchh-critical:
- image: xenrox/ntfy-alertmanager:latest
- container_name: ntfy-alertmanager-ccchh-critical
- volumes:
- - ./configs/ntfy-alertmanager-ccchh-critical:/etc/ntfy-alertmanager/config
- ports:
- - 8000:8000
- restart: unless-stopped
-
- ntfy-alertmanager-fux-critical:
- image: xenrox/ntfy-alertmanager:latest
- container_name: ntfy-alertmanager-fux-critical
- volumes:
- - ./configs/ntfy-alertmanager-fux-critical:/etc/ntfy-alertmanager/config
- ports:
- - 8001:8001
- restart: unless-stopped
-
- ntfy-alertmanager-ccchh:
- image: xenrox/ntfy-alertmanager:latest
- container_name: ntfy-alertmanager-ccchh
- volumes:
- - ./configs/ntfy-alertmanager-ccchh:/etc/ntfy-alertmanager/config
- ports:
- - 8010:8010
- restart: unless-stopped
-
- ntfy-alertmanager-fux:
- image: xenrox/ntfy-alertmanager:latest
- container_name: ntfy-alertmanager-fux
- volumes:
- - ./configs/ntfy-alertmanager-fux:/etc/ntfy-alertmanager/config
- ports:
- - 8011:8011
- restart: unless-stopped
volumes:
graf_data: {}
prom_data: {}
alertmanager_data: {}
- loki_data: {}
- mimir_data: {}
diff --git a/resources/chaosknoten/grafana/docker_compose/grafana-datasource.yml b/resources/chaosknoten/grafana/docker_compose/grafana-datasource.yml
index 632ad1c..44999d4 100644
--- a/resources/chaosknoten/grafana/docker_compose/grafana-datasource.yml
+++ b/resources/chaosknoten/grafana/docker_compose/grafana-datasource.yml
@@ -7,15 +7,3 @@ datasources:
isDefault: true
access: proxy
editable: true
- - name: Loki
- type: loki
- url: http://loki:3100
- access: proxy
- editable: true
- jsonData:
- timeout: 60
- maxLines: 3000
- httpHeaderName1: "X-Scope-OrgID"
- secureJsonData:
- httpHeaderValue1: "chaos"
-
diff --git a/resources/chaosknoten/grafana/docker_compose/grafana.ini.j2 b/resources/chaosknoten/grafana/docker_compose/grafana.ini.j2
index af5b848..65f7bed 100644
--- a/resources/chaosknoten/grafana/docker_compose/grafana.ini.j2
+++ b/resources/chaosknoten/grafana/docker_compose/grafana.ini.j2
@@ -11,7 +11,7 @@ auto_login = true
name = id.hamburg.ccc.de
allow_sign_up = true
client_id = grafana
-client_secret = {{ secret__grafana_keycloak_secret }}
+client_secret = {{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/grafana/KEYCLOAK_SECRET", create=false, missing="error") }}
scopes = openid email profile offline_access roles
email_attribute_path = email
login_attribute_path = username
diff --git a/resources/chaosknoten/grafana/docker_compose/loki.yaml b/resources/chaosknoten/grafana/docker_compose/loki.yaml
deleted file mode 100644
index daf214f..0000000
--- a/resources/chaosknoten/grafana/docker_compose/loki.yaml
+++ /dev/null
@@ -1,52 +0,0 @@
-auth_enabled: true
-
-server:
- http_listen_port: 3100
- grpc_listen_port: 9099
- log_level: warn
-
-limits_config:
- retention_period: 14d
-
-common:
- instance_addr: 127.0.0.1
- path_prefix: /var/loki
- storage:
- filesystem:
- chunks_directory: /var/loki/chunks
- rules_directory: /var/loki/rules
- replication_factor: 1
- ring:
- kvstore:
- store: inmemory
-
-storage_config:
- filesystem:
- directory: /var/loki/chunks
- index_queries_cache_config:
- embedded_cache:
- enabled: true
- max_size_mb: 80
- ttl: 30m
-
-schema_config:
- configs:
- - from: 2025-04-28
- store: tsdb
- object_store: filesystem
- schema: v13
- index:
- prefix: index_
- period: 24h
-
-chunk_store_config:
- chunk_cache_config:
- embedded_cache:
- enabled: true
- max_size_mb: 80
- ttl: 30m
- write_dedupe_cache_config:
- embedded_cache:
- enabled: true
- max_size_mb: 80
- ttl: 30m
diff --git a/resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-ccchh-critical.j2 b/resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-ccchh-critical.j2
deleted file mode 100644
index b4afc90..0000000
--- a/resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-ccchh-critical.j2
+++ /dev/null
@@ -1,48 +0,0 @@
-base-url https://grafana.hamburg.ccc.de/ntfy-alertmanager-ccchh-critical
-http-address :8000
-log-level info
-log-format text
-# When multiple alerts are grouped together by Alertmanager, they can either be sent
-# each on their own (single mode) or be kept together (multi mode)
-# Options: single, multi
-# Default: multi
-alert-mode single
-
-labels {
- order "severity"
-
- severity "critical" {
- priority 4
- tags "rotating_light"
- }
-
- severity "warning" {
- priority 3
- tags "warning"
- }
-
- severity "info" {
- priority 1
- }
-}
-
-resolved {
- tags "white_check_mark,resolved"
- priority 2
-}
-
-ntfy {
- server https://ntfy.hamburg.ccc.de
- topic ccchh-alertmanager-critical
- access-token {{ secret__ntfy_token }}
-}
-
-alertmanager {
- silence-duration 3h
-}
-
-cache {
- type memory
- duration 12h
- cleanup-interval 1h
-}
diff --git a/resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-ccchh.j2 b/resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-ccchh.j2
deleted file mode 100644
index 66fd9ab..0000000
--- a/resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-ccchh.j2
+++ /dev/null
@@ -1,48 +0,0 @@
-base-url https://grafana.hamburg.ccc.de/ntfy-alertmanager-ccchh
-http-address :8010
-log-level info
-log-format text
-# When multiple alerts are grouped together by Alertmanager, they can either be sent
-# each on their own (single mode) or be kept together (multi mode)
-# Options: single, multi
-# Default: multi
-alert-mode single
-
-labels {
- order "severity"
-
- severity "critical" {
- priority 4
- tags "rotating_light"
- }
-
- severity "warning" {
- priority 3
- tags "warning"
- }
-
- severity "info" {
- priority 1
- }
-}
-
-resolved {
- tags "white_check_mark,resolved"
- priority 2
-}
-
-ntfy {
- server https://ntfy.hamburg.ccc.de
- topic ccchh-alertmanager
- access-token {{ secret__ntfy_token }}
-}
-
-alertmanager {
- silence-duration 3h
-}
-
-cache {
- type memory
- duration 12h
- cleanup-interval 1h
-}
diff --git a/resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-fux-critical.j2 b/resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-fux-critical.j2
deleted file mode 100644
index afb6cc8..0000000
--- a/resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-fux-critical.j2
+++ /dev/null
@@ -1,48 +0,0 @@
-base-url https://grafana.hamburg.ccc.de/ntfy-alertmanager-fux-critical
-http-address :8001
-log-level info
-log-format text
-# When multiple alerts are grouped together by Alertmanager, they can either be sent
-# each on their own (single mode) or be kept together (multi mode)
-# Options: single, multi
-# Default: multi
-alert-mode single
-
-labels {
- order "severity"
-
- severity "critical" {
- priority 4
- tags "rotating_light"
- }
-
- severity "warning" {
- priority 3
- tags "warning"
- }
-
- severity "info" {
- priority 1
- }
-}
-
-resolved {
- tags "white_check_mark,resolved"
- priority 2
-}
-
-ntfy {
- server https://ntfy.hamburg.ccc.de
- topic fux-alertmanager-critical
- access-token {{ secret__ntfy_token }}
-}
-
-alertmanager {
- silence-duration 3h
-}
-
-cache {
- type memory
- duration 12h
- cleanup-interval 1h
-}
diff --git a/resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-fux.j2 b/resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-fux.j2
deleted file mode 100644
index 1e506a3..0000000
--- a/resources/chaosknoten/grafana/docker_compose/ntfy-alertmanager-fux.j2
+++ /dev/null
@@ -1,48 +0,0 @@
-base-url https://grafana.hamburg.ccc.de/ntfy-alertmanager-fux
-http-address :8011
-log-level info
-log-format text
-# When multiple alerts are grouped together by Alertmanager, they can either be sent
-# each on their own (single mode) or be kept together (multi mode)
-# Options: single, multi
-# Default: multi
-alert-mode single
-
-labels {
- order "severity"
-
- severity "critical" {
- priority 4
- tags "rotating_light"
- }
-
- severity "warning" {
- priority 3
- tags "warning"
- }
-
- severity "info" {
- priority 1
- }
-}
-
-resolved {
- tags "white_check_mark,resolved"
- priority 2
-}
-
-ntfy {
- server https://ntfy.hamburg.ccc.de
- topic fux-alertmanager
- access-token {{ secret__ntfy_token }}
-}
-
-alertmanager {
- silence-duration 3h
-}
-
-cache {
- type memory
- duration 12h
- cleanup-interval 1h
-}
diff --git a/resources/chaosknoten/grafana/docker_compose/prometheus.yml b/resources/chaosknoten/grafana/docker_compose/prometheus.yml
index fd59034..5f6232f 100644
--- a/resources/chaosknoten/grafana/docker_compose/prometheus.yml
+++ b/resources/chaosknoten/grafana/docker_compose/prometheus.yml
@@ -1,12 +1,12 @@
global:
- scrape_interval: 60s
- scrape_timeout: 15s
- evaluation_interval: 30s
+ scrape_interval: 15s
+ scrape_timeout: 10s
+ evaluation_interval: 15s
alerting:
alertmanagers:
- scheme: http
- timeout: 15s
+ timeout: 10s
static_configs:
- targets:
- "alertmanager:9093"
@@ -22,8 +22,6 @@ scrape_configs:
static_configs:
- targets:
- localhost:9090
- labels:
- org: ccchh
- job_name: alertmanager
honor_timestamps: true
metrics_path: /metrics
@@ -31,8 +29,6 @@ scrape_configs:
static_configs:
- targets:
- alertmanager:9093
- labels:
- org: ccchh
- job_name: mumble
honor_timestamps: true
scrape_interval: 5s
@@ -42,8 +38,6 @@ scrape_configs:
static_configs:
- targets:
- mumble.hamburg.ccc.de:443
- labels:
- org: ccchh
- job_name: opnsense-ccchh
honor_timestamps: true
metrics_path: /metrics
@@ -51,8 +45,6 @@ scrape_configs:
static_configs:
- targets:
- 185.161.129.132:9100
- labels:
- org: ccchh
- job_name: jitsi
honor_timestamps: true
scrape_interval: 5s
@@ -62,14 +54,10 @@ scrape_configs:
static_configs:
- targets:
- jitsi.hamburg.ccc.de:9888 # Jitsi Video Bridge
- labels:
- org: ccchh
- job_name: 'pve'
static_configs:
- targets:
- 212.12.48.126 # chaosknoten
- labels:
- org: ccchh
metrics_path: /pve
params:
module: [ default ]
@@ -86,7 +74,6 @@ scrape_configs:
static_configs:
# Wieske Chaosknoten VMs
- labels:
- org: ccchh
site: wieske
type: virtual_machine
hypervisor: chaosknoten
@@ -96,6 +83,7 @@ scrape_configs:
- public-web-static-intern.hamburg.ccc.de:9100
- git-intern.hamburg.ccc.de:9100
- forgejo-actions-runner-intern.hamburg.ccc.de:9100
+ - eh22-netbox-intern.hamburg.ccc.de:9100
- eh22-wiki-intern.hamburg.ccc.de:9100
- mjolnir-intern.hamburg.ccc.de:9100
- woodpecker-intern.hamburg.ccc.de:9100
@@ -111,13 +99,7 @@ scrape_configs:
- zammad-intern.hamburg.ccc.de:9100
- pretalx-intern.hamburg.ccc.de:9100
- labels:
- org: ccchh
site: wieske
type: physical_machine
targets:
- chaosknoten.hamburg.ccc.de:9100
-
-
-storage:
- tsdb:
- out_of_order_time_window: 90m
diff --git a/resources/chaosknoten/grafana/docker_compose/prometheus_alerts.rules.yaml b/resources/chaosknoten/grafana/docker_compose/prometheus_alerts.rules.yaml
index aa20a42..5ec53b8 100644
--- a/resources/chaosknoten/grafana/docker_compose/prometheus_alerts.rules.yaml
+++ b/resources/chaosknoten/grafana/docker_compose/prometheus_alerts.rules.yaml
@@ -196,9 +196,9 @@ groups:
# Same rule using "node_filesystem_free_bytes" will fire when disk fills for non-root users.
- alert: HostDiskWillFillIn24Hours
expr: ((node_filesystem_avail_bytes * 100) / node_filesystem_size_bytes < 10 and ON (instance, device, mountpoint) predict_linear(node_filesystem_avail_bytes{fstype!~"tmpfs"}[1h], 24 * 3600) < 0 and ON (instance, device, mountpoint) node_filesystem_readonly == 0) * on(instance) group_left (nodename) node_uname_info{nodename=~".+"}
- for: 5m
+ for: 2m
labels:
- severity: critical
+ severity: warning
annotations:
summary: Host disk will fill in 24 hours (instance {{ $labels.instance }})
description: "Filesystem is predicted to run out of space within the next 24 hours at current write rate\n VALUE = {{ $value }}"
@@ -212,9 +212,9 @@ groups:
description: "Disk is almost running out of available inodes (< 10% left)\n VALUE = {{ $value }}"
- alert: HostInodesWillFillIn24Hours
expr: (node_filesystem_files_free{fstype!="msdosfs"} / node_filesystem_files{fstype!="msdosfs"} * 100 < 10 and predict_linear(node_filesystem_files_free{fstype!="msdosfs"}[1h], 24 * 3600) < 0 and ON (instance, device, mountpoint) node_filesystem_readonly{fstype!="msdosfs"} == 0) * on(instance) group_left (nodename) node_uname_info{nodename=~".+"}
- for: 5m
+ for: 2m
labels:
- severity: critical
+ severity: warning
annotations:
summary: Host inodes will fill in 24 hours (instance {{ $labels.instance }})
description: "Filesystem is predicted to run out of inodes within the next 24 hours at current write rate\n VALUE = {{ $value }}"
@@ -362,7 +362,7 @@ groups:
expr: (node_systemd_unit_state{state="failed"} == 1) * on(instance) group_left (nodename) node_uname_info{nodename=~".+"}
for: 0m
labels:
- severity: critical
+ severity: warning
annotations:
summary: Host systemd service crashed (instance {{ $labels.instance }})
description: "systemd service crashed\n VALUE = {{ $value }}"
@@ -438,7 +438,6 @@ groups:
for: 0m
labels:
severity: warning
- org: ccchh
annotations:
summary: Prometheus too many restarts (instance {{ $labels.instance }})
description: "Prometheus has restarted more than twice in the last 15 minutes. It might be crashlooping.\n VALUE = {{ $value }}"
@@ -447,7 +446,6 @@ groups:
for: 0m
labels:
severity: warning
- org: ccchh
annotations:
summary: Prometheus AlertManager job missing (instance {{ $labels.instance }})
description: "A Prometheus AlertManager job has disappeared\n VALUE = {{ $value }}"
@@ -456,7 +454,6 @@ groups:
for: 0m
labels:
severity: warning
- org: ccchh
annotations:
summary: Prometheus AlertManager configuration reload failure (instance {{ $labels.instance }})
description: "AlertManager configuration reload error\n VALUE = {{ $value }}"
@@ -465,7 +462,6 @@ groups:
for: 0m
labels:
severity: warning
- org: ccchh
annotations:
summary: Prometheus AlertManager config not synced (instance {{ $labels.instance }})
description: "Configurations of AlertManager cluster instances are out of sync\n VALUE = {{ $value }}"
@@ -483,7 +479,6 @@ groups:
for: 0m
labels:
severity: critical
- org: ccchh
annotations:
summary: Prometheus not connected to alertmanager (instance {{ $labels.instance }})
description: "Prometheus cannot connect the alertmanager\n VALUE = {{ $value }}"
@@ -492,7 +487,6 @@ groups:
for: 0m
labels:
severity: critical
- org: ccchh
annotations:
summary: Prometheus rule evaluation failures (instance {{ $labels.instance }})
description: "Prometheus encountered {{ $value }} rule evaluation failures, leading to potentially ignored alerts.\n VALUE = {{ $value }}"
@@ -501,7 +495,6 @@ groups:
for: 0m
labels:
severity: critical
- org: ccchh
annotations:
summary: Prometheus template text expansion failures (instance {{ $labels.instance }})
description: "Prometheus encountered {{ $value }} template text expansion failures\n VALUE = {{ $value }}"
@@ -510,7 +503,6 @@ groups:
for: 5m
labels:
severity: warning
- org: ccchh
annotations:
summary: Prometheus rule evaluation slow (instance {{ $labels.instance }})
description: "Prometheus rule evaluation took more time than the scheduled interval. It indicates a slower storage backend access or too complex query.\n VALUE = {{ $value }}"
@@ -527,7 +519,6 @@ groups:
for: 0m
labels:
severity: critical
- org: ccchh
annotations:
summary: Prometheus AlertManager notification failing (instance {{ $labels.instance }})
description: "Alertmanager is failing sending notifications\n VALUE = {{ $value }}"
@@ -536,7 +527,6 @@ groups:
for: 0m
labels:
severity: critical
- org: ccchh
annotations:
summary: Prometheus target empty (instance {{ $labels.instance }})
description: "Prometheus has no target in service discovery\n VALUE = {{ $value }}"
@@ -545,7 +535,6 @@ groups:
for: 5m
labels:
severity: warning
- org: ccchh
annotations:
summary: Prometheus target scraping slow (instance {{ $labels.instance }})
description: "Prometheus is scraping exporters slowly since it exceeded the requested interval time. Your Prometheus server is under-provisioned.\n VALUE = {{ $value }}"
@@ -586,7 +575,6 @@ groups:
for: 0m
labels:
severity: critical
- org: ccchh
annotations:
summary: Prometheus TSDB compactions failed (instance {{ $labels.instance }})
description: "Prometheus encountered {{ $value }} TSDB compactions failures\n VALUE = {{ $value }}"
@@ -595,7 +583,6 @@ groups:
for: 0m
labels:
severity: critical
- org: ccchh
annotations:
summary: Prometheus TSDB head truncations failed (instance {{ $labels.instance }})
description: "Prometheus encountered {{ $value }} TSDB head truncation failures\n VALUE = {{ $value }}"
@@ -604,7 +591,6 @@ groups:
for: 0m
labels:
severity: critical
- org: ccchh
annotations:
summary: Prometheus TSDB reload failures (instance {{ $labels.instance }})
description: "Prometheus encountered {{ $value }} TSDB reload failures\n VALUE = {{ $value }}"
@@ -613,7 +599,6 @@ groups:
for: 0m
labels:
severity: critical
- org: ccchh
annotations:
summary: Prometheus TSDB WAL corruptions (instance {{ $labels.instance }})
description: "Prometheus encountered {{ $value }} TSDB WAL corruptions\n VALUE = {{ $value }}"
@@ -622,16 +607,14 @@ groups:
for: 0m
labels:
severity: critical
- org: ccchh
annotations:
summary: Prometheus TSDB WAL truncations failed (instance {{ $labels.instance }})
description: "Prometheus encountered {{ $value }} TSDB WAL truncation failures\n VALUE = {{ $value }}"
- alert: PrometheusTimeseriesCardinality
- expr: label_replace(count by(__name__) ({__name__=~".+"}), "name", "$1", "__name__", "(.+)") > 20000
+ expr: label_replace(count by(__name__) ({__name__=~".+"}), "name", "$1", "__name__", "(.+)") > 10000
for: 0m
labels:
severity: warning
- org: ccchh
annotations:
summary: Prometheus timeseries cardinality (instance {{ $labels.instance }})
description: "The \"{{ $labels.name }}\" timeseries cardinality is getting very high: {{ $value }}\n VALUE = {{ $value }}"
diff --git a/resources/chaosknoten/grafana/nginx/grafana.hamburg.ccc.de.conf b/resources/chaosknoten/grafana/nginx/grafana.hamburg.ccc.de.conf
index c5b68e1..a3218d1 100644
--- a/resources/chaosknoten/grafana/nginx/grafana.hamburg.ccc.de.conf
+++ b/resources/chaosknoten/grafana/nginx/grafana.hamburg.ccc.de.conf
@@ -2,8 +2,7 @@
# https://ssl-config.mozilla.org/#server=nginx&version=1.17.7&config=intermediate&openssl=1.1.1k&guideline=5.6
server {
# Listen on a custom port for the proxy protocol.
- listen 8443 ssl proxy_protocol;
- http2 on;
+ listen 8443 ssl http2 proxy_protocol;
# Make use of the ngx_http_realip_module to set the $remote_addr and
# $remote_port to the client address and client port, when using proxy
# protocol.
@@ -41,71 +40,4 @@ server {
proxy_pass http://127.0.0.1:3000/;
}
- location /ntfy-alertmanager-ccchh-critical/ {
- deny all;
- allow ::1/128;
- allow 127.0.0.1/32;
- # Wieske
- allow 172.31.17.128/25;
- allow 212.12.51.128/28;
- allow 2a00:14b0:42:100::/56; #Neues v6 gerouted via neuem Router
- allow 2a00:14b0:4200:3000::/64; #Bei Wieske
- allow 2a00:14b0:4200:3380::/64;
- allow 2a00:14b0:f000:23::/64; #CCCHH v6 bei Wieske, geroutet über turing
- # Z9
- allow 2a07:c480:0:100::/56;
- allow 2a07:c481:1::/48;
- proxy_pass http://127.0.0.1:8000/;
- }
-
- location /ntfy-alertmanager-ccchh/ {
- deny all;
- allow ::1/128;
- allow 127.0.0.1/32;
- # Wieske
- allow 172.31.17.128/25;
- allow 212.12.51.128/28;
- allow 2a00:14b0:42:100::/56; #Neues v6 gerouted via neuem Router
- allow 2a00:14b0:4200:3000::/64; #Bei Wieske
- allow 2a00:14b0:4200:3380::/64;
- allow 2a00:14b0:f000:23::/64; #CCCHH v6 bei Wieske, geroutet über turing
- # Z9
- allow 2a07:c480:0:100::/56;
- allow 2a07:c481:1::/48;
- proxy_pass http://127.0.0.1:8010/;
- }
-
- location /ntfy-alertmanager-fux-critical/ {
- deny all;
- allow ::1/128;
- allow 127.0.0.1/32;
- # Wieske
- allow 172.31.17.128/25;
- allow 212.12.51.128/28;
- allow 2a00:14b0:42:100::/56; #Neues v6 gerouted via neuem Router
- allow 2a00:14b0:4200:3000::/64; #Bei Wieske
- allow 2a00:14b0:4200:3380::/64;
- allow 2a00:14b0:f000:23::/64; #CCCHH v6 bei Wieske, geroutet über turing
- # Z9
- allow 2a07:c480:0:100::/56;
- allow 2a07:c481:1::/48;
- proxy_pass http://127.0.0.1:8001/;
- }
-
- location /ntfy-alertmanager-fux/ {
- deny all;
- allow ::1/128;
- allow 127.0.0.1/32;
- # Wieske
- allow 172.31.17.128/25;
- allow 212.12.51.128/28;
- allow 2a00:14b0:42:100::/56; #Neues v6 gerouted via neuem Router
- allow 2a00:14b0:4200:3000::/64; #Bei Wieske
- allow 2a00:14b0:4200:3380::/64;
- allow 2a00:14b0:f000:23::/64; #CCCHH v6 bei Wieske, geroutet über turing
- # Z9
- allow 2a07:c480:0:100::/56;
- allow 2a07:c481:1::/48;
- proxy_pass http://127.0.0.1:8011/;
- }
}
diff --git a/resources/chaosknoten/grafana/nginx/loki.hamburg.ccc.de.conf b/resources/chaosknoten/grafana/nginx/loki.hamburg.ccc.de.conf
deleted file mode 100644
index e2bf4a7..0000000
--- a/resources/chaosknoten/grafana/nginx/loki.hamburg.ccc.de.conf
+++ /dev/null
@@ -1,89 +0,0 @@
-server {
- allow ::1/128;
- allow 127.0.0.1/32;
- # Wieske
- allow 172.31.17.128/25;
- allow 212.12.51.128/28;
- allow 2a00:14b0:42:100::/56; #Neues v6 gerouted via neuem Router
- allow 2a00:14b0:4200:3000::/64; #Bei Wieske
- allow 2a00:14b0:4200:3380::/64;
- allow 2a00:14b0:f000:23::/64; #CCCHH v6 bei Wieske, geroutet über turing
- # Z9
- allow 2a07:c480:0:100::/56;
- allow 2a07:c481:1::/48;
-
- deny all;
-
- server_name loki.hamburg.ccc.de;
-
- listen [::]:50051 ssl;
- listen 172.31.17.145:50051 ssl;
-
- http2 on;
-
- client_body_buffer_size 512k;
-
- ssl_certificate /etc/letsencrypt/live/loki.hamburg.ccc.de/fullchain.pem;
- ssl_certificate_key /etc/letsencrypt/live/loki.hamburg.ccc.de/privkey.pem;
-
- auth_basic "loki";
- auth_basic_user_file loki.htpasswd;
- location / {
- proxy_set_header Host $host;
- proxy_set_header X-Forwarded-Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header X-Forwarded-Port 9099;
- # This is https in any case.
- proxy_set_header X-Forwarded-Proto https;
- proxy_set_header X-Scope-OrgID $remote_user;
- grpc_pass grpc://localhost:19099;
- }
-}
-
-server {
- allow ::1/128;
- allow 127.0.0.1/32;
- # Wieske
- allow 172.31.17.128/25;
- allow 212.12.51.128/28;
- allow 2a00:14b0:42:100::/56; #Neues v6 gerouted via neuem Router
- allow 2a00:14b0:4200:3000::/64; #Bei Wieske
- allow 2a00:14b0:4200:3380::/64;
- allow 2a00:14b0:f000:23::/64; #CCCHH v6 bei Wieske, geroutet über turing
- # Z9
- allow 2a07:c480:0:100::/56;
- allow 2a07:c481:1::/48;
- deny all;
-
- server_name loki.hamburg.ccc.de;
-
- listen [::]:443 ssl;
- listen 172.31.17.145:443 ssl;
-
- http2 on;
-
- client_body_buffer_size 512k;
-
- ssl_certificate /etc/letsencrypt/live/loki.hamburg.ccc.de/fullchain.pem;
- ssl_certificate_key /etc/letsencrypt/live/loki.hamburg.ccc.de/privkey.pem;
- # verify chain of trust of OCSP response using Root CA and Intermediate certs
- ssl_trusted_certificate /etc/letsencrypt/live/loki.hamburg.ccc.de/chain.pem;
-
- # HSTS (ngx_http_headers_module is required) (63072000 seconds)
- add_header Strict-Transport-Security "max-age=63072000" always;
-
- auth_basic "loki";
- auth_basic_user_file loki.htpasswd;
-
- location / {
- proxy_set_header Host $host;
- proxy_set_header X-Forwarded-Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- # This is https in any case.
- proxy_set_header X-Forwarded-Proto https;
- proxy_set_header X-Scope-OrgID $remote_user;
- proxy_pass http://127.0.0.1:13100;
- }
-}
diff --git a/resources/chaosknoten/grafana/nginx/loki.htpasswd.j2 b/resources/chaosknoten/grafana/nginx/loki.htpasswd.j2
deleted file mode 100644
index ed270c2..0000000
--- a/resources/chaosknoten/grafana/nginx/loki.htpasswd.j2
+++ /dev/null
@@ -1 +0,0 @@
-chaos:{{ secret__loki_chaos_basic_auth }}
diff --git a/resources/chaosknoten/grafana/nginx/metrics.hamburg.ccc.de.conf b/resources/chaosknoten/grafana/nginx/metrics.hamburg.ccc.de.conf
deleted file mode 100644
index 2c52523..0000000
--- a/resources/chaosknoten/grafana/nginx/metrics.hamburg.ccc.de.conf
+++ /dev/null
@@ -1,61 +0,0 @@
-server {
- allow ::1/128;
- allow 127.0.0.1/32;
- # Wieske
- allow 172.31.17.128/25;
- allow 212.12.51.128/28;
- allow 2a00:14b0:42:100::/56; #Neues v6 gerouted via neuem Router
- allow 2a00:14b0:4200:3000::/64; #Bei Wieske
- allow 2a00:14b0:4200:3380::/64;
- allow 2a00:14b0:f000:23::/64; #CCCHH v6 bei Wieske, geroutet über turing
- # Z9
- allow 2a07:c480:0:100::/56;
- allow 2a07:c481:1::/48;
- # fuxnoc
- allow 2a07:c481:0:1::/64;
- deny all;
-
- server_name metrics.hamburg.ccc.de;
-
- listen [::]:443 ssl;
- listen 172.31.17.145:443 ssl;
- http2 on;
-
- client_body_buffer_size 512k;
-
- ssl_certificate /etc/letsencrypt/live/metrics.hamburg.ccc.de/fullchain.pem;
- ssl_certificate_key /etc/letsencrypt/live/metrics.hamburg.ccc.de/privkey.pem;
- # verify chain of trust of OCSP response using Root CA and Intermediate certs
- ssl_trusted_certificate /etc/letsencrypt/live/metrics.hamburg.ccc.de/chain.pem;
-
- # HSTS (ngx_http_headers_module is required) (63072000 seconds)
- add_header Strict-Transport-Security "max-age=63072000" always;
-
- auth_basic "metrics";
- auth_basic_user_file metrics.htpasswd;
-
- location /api/v1/write {
- proxy_set_header Host $host;
- proxy_set_header X-Forwarded-Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header X-Forwarded-Port 3100;
- # This is https in any case.
- proxy_set_header X-Forwarded-Proto https;
-
- proxy_pass http://127.0.0.1:9090;
- }
-
- location /ready {
- rewrite ^ /-/ready break;
-
- proxy_set_header Host $host;
- proxy_set_header X-Forwarded-Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- # This is https in any case.
- proxy_set_header X-Forwarded-Proto https;
-
- proxy_pass http://127.0.0.1:9090;
- }
-}
diff --git a/resources/chaosknoten/grafana/nginx/metrics.htpasswd.j2 b/resources/chaosknoten/grafana/nginx/metrics.htpasswd.j2
deleted file mode 100644
index f680572..0000000
--- a/resources/chaosknoten/grafana/nginx/metrics.htpasswd.j2
+++ /dev/null
@@ -1,2 +0,0 @@
-chaos:{{ secret__metrics_chaos_basic_auth }}
-fux:{{ secret__metrics_fux_basic_auth }}
diff --git a/resources/chaosknoten/grafana/nginx/redirect.conf b/resources/chaosknoten/grafana/nginx/redirect.conf
deleted file mode 100644
index 28b265a..0000000
--- a/resources/chaosknoten/grafana/nginx/redirect.conf
+++ /dev/null
@@ -1,14 +0,0 @@
-# partly generated 2022-01-08, Mozilla Guideline v5.6, nginx 1.17.7, OpenSSL 1.1.1k, intermediate configuration
-# https://ssl-config.mozilla.org/#server=nginx&version=1.17.7&config=intermediate&openssl=1.1.1k&guideline=5.6
-server {
- listen 80 default_server;
- listen [::]:80 default_server;
-
- location / {
- return 301 https://$host$request_uri;
- }
-
- location /.well-known/acme-challenge/ {
- proxy_pass http://127.0.0.1:31820/.well-known/acme-challenge/;
- }
-}
diff --git a/resources/chaosknoten/keycloak/docker_compose/compose.yaml.j2 b/resources/chaosknoten/keycloak/docker_compose/compose.yaml.j2
index 227db64..9509654 100644
--- a/resources/chaosknoten/keycloak/docker_compose/compose.yaml.j2
+++ b/resources/chaosknoten/keycloak/docker_compose/compose.yaml.j2
@@ -22,7 +22,7 @@
services:
keycloak:
- image: git.hamburg.ccc.de/ccchh/oci-images/keycloak:26.2
+ image: git.hamburg.ccc.de/ccchh/oci-images/keycloak:26.0
pull_policy: always
restart: unless-stopped
command: start --optimized
@@ -32,11 +32,11 @@ services:
- keycloak
environment:
KEYCLOAK_ADMIN: admin
- KEYCLOAK_ADMIN_PASSWORD: {{ secret__keycloak_admin_password }}
+ KEYCLOAK_ADMIN_PASSWORD: {{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/keycloak/KEYCLOAK_ADMIN_PASSWORD", create=false, missing="error") }}
KC_DB: postgres
KC_DB_URL_HOST: db
KC_DB_USERNAME: keycloak
- KC_DB_PASSWORD: {{ secret__keycloak_db_password }}
+ KC_DB_PASSWORD: {{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/keycloak/KC_DB_PASSWORD", create=false, missing="error") }}
KC_HOSTNAME: https://id.hamburg.ccc.de
KC_HOSTNAME_BACKCHANNEL_DYNAMIC: false
KC_HOSTNAME_ADMIN: https://keycloak-admin.hamburg.ccc.de
@@ -46,7 +46,7 @@ services:
- "8080:8080"
db:
- image: postgres:15.13
+ image: postgres:15.2
restart: unless-stopped
networks:
- keycloak
@@ -54,7 +54,7 @@ services:
- "./database:/var/lib/postgresql/data"
environment:
POSTGRES_USER: keycloak
- POSTGRES_PASSWORD: {{ secret__keycloak_db_password }}
+ POSTGRES_PASSWORD: {{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/keycloak/POSTGRES_PASSWORD", create=false, missing="error") }}
POSTGRES_DB: keycloak
id-invite-web:
@@ -76,10 +76,10 @@ services:
- "IDINVITE_URL=https://invite.hamburg.ccc.de"
- "IDINVITE_KEYCLOAK_NAME=CCCHH ID"
- "IDINVITE_VALID_HOURS=50"
- - "IDINVITE_SECRET={{ secret__idinvite_token_secret }}"
+ - "IDINVITE_SECRET={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/keycloak/IDINVITE_TOKEN_SECRET", create=false, missing="error") }}"
- "IDINVITE_DISCOVERY_URL=https://id.hamburg.ccc.de/realms/ccchh/.well-known/openid-configuration"
- "IDINVITE_CLIENT_ID=id-invite"
- - "IDINVITE_CLIENT_SECRET={{ secret__idinvite_client_secret }}"
+ - "IDINVITE_CLIENT_SECRET={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/keycloak/IDINVITE_CLIENT_SECRET", create=false, missing="error") }}"
- "MAIL_FROM=no-reply@hamburg.ccc.de"
- "BOTTLE_HOST=0.0.0.0"
@@ -96,7 +96,7 @@ services:
- "MAIL_FROM=no-reply@id.hamburg.ccc.de"
- "SMTP_HOSTNAME=cow.hamburg.ccc.de"
- "SMTP_USERNAME=no-reply@id.hamburg.ccc.de"
- - "SMTP_PASSWORD={{ secret__id_no_reply_smtp }}"
+ - "SMTP_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/keycloak/NO_REPLY_SMTP", create=false, missing="error") }}"
id-invite-keycloak:
image: git.hamburg.ccc.de/ccchh/id-invite/id-invite:latest
@@ -107,10 +107,10 @@ services:
environment:
- "BOTTLE_HOST=0.0.0.0"
- "IDINVITE_CLIENT_ID=id-invite"
- - "IDINVITE_CLIENT_SECRET={{ secret__idinvite_client_secret }}"
+ - "IDINVITE_CLIENT_SECRET={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/keycloak/IDINVITE_CLIENT_SECRET", create=false, missing="error") }}"
- "KEYCLOAK_API_URL=http://keycloak:8080"
- "KEYCLOAK_API_USERNAME=id-invite"
- - "KEYCLOAK_API_PASSWORD={{ secret__idinvite_admin_password }}"
+ - "KEYCLOAK_API_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/keycloak/IDINVITE_ADMIN_PASSWORD", create=false, missing="error") }}"
- "KEYCLOAK_API_REALM=ccchh"
- 'KEYCLOAK_GROUPS=["user"]'
diff --git a/resources/chaosknoten/keycloak/nginx/keycloak-admin.hamburg.ccc.de.conf b/resources/chaosknoten/keycloak/nginx/keycloak-admin.hamburg.ccc.de.conf
index 2b0d919..372715d 100644
--- a/resources/chaosknoten/keycloak/nginx/keycloak-admin.hamburg.ccc.de.conf
+++ b/resources/chaosknoten/keycloak/nginx/keycloak-admin.hamburg.ccc.de.conf
@@ -43,7 +43,6 @@ server {
allow 185.161.129.132/32; # z9
allow 2a07:c480:0:100::/56; # z9
- allow 2a07:c481:1::/48; # z9 new ipv6
allow 213.240.180.39/32; # stbe home
allow 2a01:170:118b::1/64; # stbe home
deny all;
diff --git a/resources/chaosknoten/netbox/netbox/configuration.py.j2 b/resources/chaosknoten/netbox/netbox/configuration.py.j2
index 7648e7e..789a539 100644
--- a/resources/chaosknoten/netbox/netbox/configuration.py.j2
+++ b/resources/chaosknoten/netbox/netbox/configuration.py.j2
@@ -3,7 +3,7 @@ DATABASE = {
"HOST": "localhost",
"NAME": "netbox",
"USER": "netbox",
- "PASSWORD": "{{ netbox__db_password }}",
+ "PASSWORD": "{{ lookup('community.general.passwordstore', 'noc/vm-secrets/chaosknoten/netbox/DATABASE_PASSWORD', create=false, missing='error') }}",
}
REDIS = {
"tasks": {
@@ -23,7 +23,7 @@ REDIS = {
"SSL": False,
},
}
-SECRET_KEY = "{{ secret__netbox_secret_key }}"
+SECRET_KEY = "{{ lookup('community.general.passwordstore', 'noc/vm-secrets/chaosknoten/netbox/SECRET_KEY', create=false, missing='error') }}"
SESSION_COOKIE_SECURE = True
# CCCHH ID (Keycloak) integration.
@@ -38,7 +38,7 @@ SOCIAL_AUTH_KEYCLOAK_AUTHORIZATION_URL = (
)
SOCIAL_AUTH_KEYCLOAK_KEY = "netbox"
SOCIAL_AUTH_KEYCLOAK_PUBLIC_KEY = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/Shi+b2OyYNGVFPsa6qf9SesEpRl5U5rpwgmt8H7NawMvwpPUYVW9o46QW0ulYcDmysT3BzpP3tagO/SFNoOjZdYe0D9nJ7vEp8KHbzR09KCfkyQIi0wLssKnDotVHL5JeUY+iKk+gjiwF9FSFSHPBqsST7hXVAut9LkOvs2aDod9AzbTH/uYbt4wfUm5l/1Ii8D+K7YcsFGUIqxv4XS/ylKqObqN4M2dac69iIwapoh6reaBQEm66vrOzJ+3yi4DZuPrkShJqi2hddtoyZihyCkF+eJJKEI5LrBf1KZB3Ec2YUrqk93ZGUGs/XY6R87QSfR3hJ82B1wnF+c2pw+QIDAQAB"
-SOCIAL_AUTH_KEYCLOAK_SECRET = "{{ secret__netbox_social_auth_keycloak_secret }}"
+SOCIAL_AUTH_KEYCLOAK_SECRET = "{{ lookup('community.general.passwordstore', 'noc/vm-secrets/chaosknoten/netbox/SOCIAL_AUTH_KEYCLOAK_SECRET', create=false, missing='error') }}"
# Use custom OIDC group and role mapping pipeline functions added in via
# netbox__custom_pipeline_oidc_group_and_role_mapping.
# The default pipeline this is based on can be found here:
diff --git a/resources/chaosknoten/ntfy/docker_compose/compose.yaml.j2 b/resources/chaosknoten/ntfy/docker_compose/compose.yaml.j2
deleted file mode 100644
index 625e02f..0000000
--- a/resources/chaosknoten/ntfy/docker_compose/compose.yaml.j2
+++ /dev/null
@@ -1,24 +0,0 @@
----
-services:
- ntfy:
- image: binwiederhier/ntfy
- container_name: ntfy
- command:
- - serve
- volumes:
- - ntfy_cache:/var/cache/ntfy
- - ntfy_var:/var/lib/ntfy
- - ./configs/server.yml:/etc/ntfy/server.yml
- ports:
- - 2586:2586
- - 9586:9586
- healthcheck: # optional: remember to adapt the host:port to your environment
- test: ["CMD-SHELL", "wget -q --tries=1 http://localhost:2586/v1/health -O - | grep -Eo '\"healthy\"\\s*:\\s*true' || exit 1"]
- interval: 60s
- timeout: 10s
- retries: 3
- start_period: 40s
- restart: unless-stopped
-volumes:
- ntfy_cache: {}
- ntfy_var: {}
diff --git a/resources/chaosknoten/ntfy/docker_compose/server.yaml.j2 b/resources/chaosknoten/ntfy/docker_compose/server.yaml.j2
deleted file mode 100644
index 0a28f4f..0000000
--- a/resources/chaosknoten/ntfy/docker_compose/server.yaml.j2
+++ /dev/null
@@ -1,21 +0,0 @@
-base-url: "https://ntfy.hamburg.ccc.de"
-default-host: "https://ntfy.hamburg.ccc.de"
-listen-http: ":2586"
-behind-proxy: true
-cache-file: "/var/cache/ntfy/cache.db"
-log-format: json
-
-enable-metrics: true
-metrics-listen-http: ":9586"
-
-auth-default-access: "deny-all"
-auth-file: "/var/lib/ntfy/user.db"
-
-attachment-cache-dir: "/var/cache/ntfy/attachments"
-
-web-push-public-key: "BCx7PqDiVNlOiAHHfSxjbTle_LN4hetwHYi58GJhQxiY33AQ663IaJVro7B28j-1KOqwdzKco3dMMwzBJl9OQ90"
-web-push-private-key: {{ secret__ntfy_web_push_private_key }}
-web-push-file: "/var/cache/ntfy/webpush.db"
-web-push-email-address: "mailto:noc@lists.hamburg.ccc.de"
-
-upstream-base-url: "https://ntfy.sh"
diff --git a/resources/chaosknoten/onlyoffice/docker_compose/compose.yaml.j2 b/resources/chaosknoten/onlyoffice/docker_compose/compose.yaml.j2
index 85ce7d2..91c26a3 100644
--- a/resources/chaosknoten/onlyoffice/docker_compose/compose.yaml.j2
+++ b/resources/chaosknoten/onlyoffice/docker_compose/compose.yaml.j2
@@ -14,4 +14,4 @@ services:
ports:
- "8080:80"
environment:
- JWT_SECRET: {{ secret__onlyoffice_jwt_secret }}
+ JWT_SECRET: {{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/onlyoffice/JWT_SECRET", create=false, missing="error") }}
diff --git a/resources/chaosknoten/pad/docker_compose/compose.yaml.j2 b/resources/chaosknoten/pad/docker_compose/compose.yaml.j2
index ca29f1b..537cda0 100644
--- a/resources/chaosknoten/pad/docker_compose/compose.yaml.j2
+++ b/resources/chaosknoten/pad/docker_compose/compose.yaml.j2
@@ -6,7 +6,7 @@ services:
image: docker.io/library/postgres:15-alpine
environment:
- "POSTGRES_USER=hedgedoc"
- - "POSTGRES_PASSWORD={{ secret__hedgedoc_db_password }}"
+ - "POSTGRES_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/pad/DB_PASSWORD", create=false, missing="error") }}"
- "POSTGRES_DB=hedgedoc"
volumes:
- database:/var/lib/postgresql/data
@@ -16,7 +16,7 @@ services:
#image: quay.io/hedgedoc/hedgedoc:1.9.9
image: quay.io/hedgedoc/hedgedoc:latest
environment:
- - "CMD_DB_URL=postgres://hedgedoc:{{ secret__hedgedoc_db_password }}@database:5432/hedgedoc"
+ - "CMD_DB_URL=postgres://hedgedoc:{{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/pad/DB_PASSWORD", create=false, missing="error") }}@database:5432/hedgedoc"
- "CMD_DOMAIN=pad.hamburg.ccc.de"
- "CMD_PROTOCOL_USESSL=true"
- "CMD_HSTS_ENABLE=false"
@@ -35,7 +35,7 @@ services:
- "CMD_OAUTH2_TOKEN_URL=https://id.hamburg.ccc.de/realms/ccchh/protocol/openid-connect/token"
- "CMD_OAUTH2_AUTHORIZATION_URL=https://id.hamburg.ccc.de/realms/ccchh/protocol/openid-connect/auth"
- "CMD_OAUTH2_CLIENT_ID=pad"
- - "CMD_OAUTH2_CLIENT_SECRET={{ secret__hedgedoc_kc_secret }}"
+ - "CMD_OAUTH2_CLIENT_SECRET={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/pad/KC_SECRET", create=false, missing="error") }}"
- "CMD_OAUTH2_PROVIDERNAME=Keycloak"
- "CMD_OAUTH2_SCOPE=openid email profile"
volumes:
@@ -53,11 +53,11 @@ services:
environment:
- "POSTGRES_HOSTNAME=database"
- "POSTGRES_USERNAME=hedgedoc"
- - "POSTGRES_PASSWORD={{ secret__hedgedoc_db_password }}"
+ - "POSTGRES_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/pad/DB_PASSWORD", create=false, missing="error") }}"
- "SMTP_FROM=pad@hamburg.ccc.de"
- "SMTP_HOSTNAME=cow.hamburg.ccc.de"
- "SMTP_USERNAME=pad@hamburg.ccc.de"
- - "SMTP_PASSWORD={{ secret__pad_smtp_password }}"
+ - "SMTP_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/pad/smtp_password", create=false, missing="error") }}"
- "URL=https://pad.hamburg.ccc.de"
depends_on:
- database
diff --git a/resources/chaosknoten/pretalx/docker_compose/compose.yaml.j2 b/resources/chaosknoten/pretalx/docker_compose/compose.yaml.j2
index 1eca33b..b210098 100644
--- a/resources/chaosknoten/pretalx/docker_compose/compose.yaml.j2
+++ b/resources/chaosknoten/pretalx/docker_compose/compose.yaml.j2
@@ -6,7 +6,7 @@ services:
image: docker.io/library/postgres:15-alpine
environment:
- "POSTGRES_USER=pretalx"
- - "POSTGRES_PASSWORD={{ secret__pretalx_db_password }}"
+ - "POSTGRES_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/pretalx/DB_PASSWORD", create=false, missing="error") }}"
- "POSTGRES_DB=pretalx"
volumes:
- database:/var/lib/postgresql/data
@@ -53,14 +53,13 @@ services:
restart: unless-stopped
environment:
PRETALX_DATA_DIR: /data
- PRETALX_FILE_UPLOAD_LIMIT: 1000 # MB
PRETALX_FILESYSTEM_MEDIA: /public/media
PRETALX_FILESYSTEM_STATIC: /public/static
PRETALX_SITE_URL: https://pretalx.hamburg.ccc.de
PRETALX_DB_TYPE: postgresql
PRETALX_DB_NAME: pretalx
PRETALX_DB_USER: pretalx
- PRETALX_DB_PASS: "{{ secret__pretalx_db_password }}"
+ PRETALX_DB_PASS: "{{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/pretalx/DB_PASSWORD", create=false, missing="error") }}"
PRETALX_DB_HOST: database
PRETALX_MAIL_FROM: "pretalx@hamburg.ccc.de"
PRETALX_MAIL_HOST: "cow-intern.hamburg.ccc.de"
@@ -90,13 +89,13 @@ services:
PRETALX_DB_TYPE: postgresql
PRETALX_DB_NAME: pretalx
PRETALX_DB_USER: pretalx
- PRETALX_DB_PASS: "{{ secret__pretalx_db_password }}"
+ PRETALX_DB_PASS: "{{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/pretalx/DB_PASSWORD", create=false, missing="error") }}"
PRETALX_DB_HOST: database
PRETALX_MAIL_FROM: "pretalx@hamburg.ccc.de"
PRETALX_MAIL_HOST: "cow.hamburg.ccc.de"
PRETALX_MAIL_PORT: 587
PRETALX_MAIL_USER: pretalx@hamburg.ccc.de
- PRETALX_MAIL_PASSWORD: "{{ secret__pretalx_mail_password }}"
+ PRETALX_MAIL_PASSWORD: "{{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/pretalx/PRETALX_MAIL_PASSWORD", create=false, missing="error") }}"
PRETALX_MAIL_TLS: "true"
PRETALX_CELERY_BACKEND: redis://redis/1
PRETALX_CELERY_BROKER: redis://redis/2
diff --git a/resources/chaosknoten/public-reverse-proxy/nginx/acme_challenge.conf b/resources/chaosknoten/public-reverse-proxy/nginx/acme_challenge.conf
index e37ae7a..4e0e8e3 100644
--- a/resources/chaosknoten/public-reverse-proxy/nginx/acme_challenge.conf
+++ b/resources/chaosknoten/public-reverse-proxy/nginx/acme_challenge.conf
@@ -70,11 +70,8 @@ map $host $upstream_acme_challenge_host {
design.hamburg.ccc.de 172.31.17.162:31820;
hydra.hamburg.ccc.de 172.31.17.163:31820;
cfp.eh22.easterhegg.eu 172.31.17.157:31820;
- ntfy.hamburg.ccc.de 172.31.17.149:31820;
- cryptoparty-hamburg.de 172.31.17.151:31820;
- cryptoparty.hamburg.ccc.de 172.31.17.151:31820;
- staging.cryptoparty-hamburg.de 172.31.17.151:31820;
- staging.cryptoparty.hamburg.ccc.de 172.31.17.151:31820;
+ hub.eh22.easterhegg.eu eh22hub-intern.hamburg.ccc.de:31820;
+ netbox.eh22.easterhegg.eu eh22-netbox-intern.hamburg.ccc.de:31820;
default "";
}
diff --git a/resources/chaosknoten/public-reverse-proxy/nginx/nginx.conf b/resources/chaosknoten/public-reverse-proxy/nginx/nginx.conf
index 4fcc86b..4a7f84c 100644
--- a/resources/chaosknoten/public-reverse-proxy/nginx/nginx.conf
+++ b/resources/chaosknoten/public-reverse-proxy/nginx/nginx.conf
@@ -88,11 +88,8 @@ stream {
design.hamburg.ccc.de 172.31.17.162:8443;
hydra.hamburg.ccc.de 172.31.17.163:8443;
cfp.eh22.easterhegg.eu pretalx-intern.hamburg.ccc.de:8443;
- ntfy.hamburg.ccc.de 172.31.17.149:8443;
- cryptoparty-hamburg.de 172.31.17.151:8443;
- cryptoparty.hamburg.ccc.de 172.31.17.151:8443;
- staging.cryptoparty-hamburg.de 172.31.17.151:8443;
- staging.cryptoparty.hamburg.ccc.de 172.31.17.151:8443;
+ hub.eh22.easterhegg.eu eh22hub-intern.hamburg.ccc.de:8443;
+ netbox.eh22.easterhegg.eu eh22-netbox-intern.hamburg.ccc.de:8443;
}
server {
diff --git a/resources/chaosknoten/tickets/docker_compose/compose.yaml.j2 b/resources/chaosknoten/tickets/docker_compose/compose.yaml.j2
index d00a454..1f9d99d 100644
--- a/resources/chaosknoten/tickets/docker_compose/compose.yaml.j2
+++ b/resources/chaosknoten/tickets/docker_compose/compose.yaml.j2
@@ -4,7 +4,7 @@ services:
image: docker.io/library/postgres:15-alpine
environment:
- "POSTGRES_USER=pretix"
- - "POSTGRES_PASSWORD={{ secret__pretix_db_password }}"
+ - "POSTGRES_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/tickets/DB_PASSWORD", create=false, missing="error") }}"
- "POSTGRES_DB=pretix"
volumes:
- database:/var/lib/postgresql/data
diff --git a/resources/chaosknoten/tickets/docker_compose/pretix.cfg.j2 b/resources/chaosknoten/tickets/docker_compose/pretix.cfg.j2
index f1c119f..3f4af83 100644
--- a/resources/chaosknoten/tickets/docker_compose/pretix.cfg.j2
+++ b/resources/chaosknoten/tickets/docker_compose/pretix.cfg.j2
@@ -10,7 +10,7 @@ trust_x_forwarded_proto=on
backend=postgresql
name=pretix
user=pretix
-password={{ secret__pretix_db_password }}
+password={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/tickets/DB_PASSWORD", create=false, missing="error") }}
host=database
[mail]
diff --git a/resources/chaosknoten/zammad/docker_compose/compose.yaml.j2 b/resources/chaosknoten/zammad/docker_compose/compose.yaml.j2
index b2e8f4d..8d345de 100644
--- a/resources/chaosknoten/zammad/docker_compose/compose.yaml.j2
+++ b/resources/chaosknoten/zammad/docker_compose/compose.yaml.j2
@@ -11,7 +11,7 @@ see https://github.com/zammad/zammad-docker-compose/blob/master/.env
{%- set POSTGRES_DB = "zammad_production" | quote -%}
{%- set POSTGRES_HOST = "zammad-postgresql" | quote -%}
{%- set POSTGRES_USER = "zammad" | quote -%}
-{%- set POSTGRES_PASS = secret__zammad_db_password | quote -%}
+{%- set POSTGRES_PASS = lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/zammad/DB_PASSWORD", create=false, missing="error") | quote -%}
{%- set POSTGRES_PORT = "5432" | quote -%}
{%- set POSTGRES_VERSION = "15-alpine" | quote -%}
{%- set REDIS_URL = "redis://zammad-redis:6379" | quote -%}
diff --git a/resources/z9/dooris/docker_compose/compose.yaml.j2 b/resources/z9/dooris/docker_compose/compose.yaml.j2
deleted file mode 100644
index 38db85a..0000000
--- a/resources/z9/dooris/docker_compose/compose.yaml.j2
+++ /dev/null
@@ -1,22 +0,0 @@
----
-
-services:
- dooris:
- image: git.hamburg.ccc.de/ccchh/hmdooris/hmdooris:latest
- environment:
- HMDOORIS_ALLOWED_IPS: "2a07:c481:1:c8::/64 2a01:170:118b::/56 172.31.200.0/23 172.31.202.0/27"
- HMDOORIS_CCUJACK_CERTIFICATE_PATH: false
- HMDOORIS_CCUJACK_PASSWORD: "{{ secret__dooris_ccujack_password }}"
- HMDOORIS_CCUJACK_URL: https://hmdooris-ccu.ccchh.net:2122
- HMDOORIS_CCUJACK_USERNAME: dooris
- HMDOORIS_CLIENT_ID: dooris
- HMDOORIS_CLIENT_SECRET: "{{ secret__dooris_client_secret }}"
- HMDOORIS_DISCOVERY_URL: https://id.hamburg.ccc.de/realms/ccchh/.well-known/openid-configuration
- HMDOORIS_LISTEN: '0.0.0.0:3000'
- HMDOORIS_REQUIRES_GROUP: /intern
- HMDOORIS_URL: https://dooris.ccchh.net
- PYTHONWARNINGS: "ignore:Unverified HTTPS request"
- #DEBUG: true
- ports:
- - "127.0.0.1:3000:3000"
- restart: unless-stopped
diff --git a/resources/z9/dooris/nginx/dooris.ccchh.net.conf b/resources/z9/dooris/nginx/dooris.ccchh.net.conf
deleted file mode 100644
index c1ca082..0000000
--- a/resources/z9/dooris/nginx/dooris.ccchh.net.conf
+++ /dev/null
@@ -1,37 +0,0 @@
-# partly generated 2022-01-08, Mozilla Guideline v5.6, nginx 1.17.7, OpenSSL 1.1.1k, intermediate configuration
-# https://ssl-config.mozilla.org/#server=nginx&version=1.17.7&config=intermediate&openssl=1.1.1k&guideline=5.6
-server {
- listen [::]:443 ssl http2;
- listen 443 ssl http2;
-
- server_name dooris.ccchh.net;
-
- ssl_certificate /etc/letsencrypt/live/dooris.ccchh.net/fullchain.pem;
- ssl_certificate_key /etc/letsencrypt/live/dooris.ccchh.net/privkey.pem;
- # verify chain of trust of OCSP response using Root CA and Intermediate certs
- ssl_trusted_certificate /etc/letsencrypt/live/dooris.ccchh.net/chain.pem;
-
- # HSTS (ngx_http_headers_module is required) (63072000 seconds)
- add_header Strict-Transport-Security "max-age=63072000" always;
-
- proxy_set_header Host $host;
- proxy_set_header X-Forwarded-Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header X-Forwarded-Port 443;
- # This is https in any case.
- proxy_set_header X-Forwarded-Proto https;
- # Hide the X-Forwarded header.
- proxy_hide_header X-Forwarded;
- # Assume we are the only Reverse Proxy (well using Proxy Protocol, but that
- # is transparent).
- # Also provide "_hidden" for by, since it's not relevant.
- proxy_set_header Forwarded "for=$remote_addr;proto=https;host=$host;by=_hidden";
- proxy_http_version 1.1;
- proxy_set_header Upgrade $http_upgrade;
- proxy_set_header Connection "upgrade";
-
- location / {
- proxy_pass http://127.0.0.1:3000/;
- }
-}
diff --git a/resources/z9/yate/docker_compose/README.md b/resources/z9/yate/docker_compose/README.md
deleted file mode 100644
index 1977f4f..0000000
--- a/resources/z9/yate/docker_compose/README.md
+++ /dev/null
@@ -1,12 +0,0 @@
-# Yate Configuration
-
-Yate has a [beginners guide](https://docs.yate.ro/wiki/Beginners_in_Yate). Otherwise, you need to refer to the [sample config files](https://github.com/eventphone/yate/tree/master/conf.d).
-
-For our limited setup, we only need three files:
-* accfile.conf for defining SIP registrars that we want to register with (EPVPN, Fonial, and the Fux door intercom system)
-* regexroute.conf for the call routing rules
-* regfile.conf for the phones that connect to yate.ccchh.net
-
-## Docker Compose Setup
-
-yate runs as a container wiht host networking. The image is build through https://git.hamburg.ccc.de/CCCHH/yate-image, it is using the Eventphone fork of yate.
\ No newline at end of file
diff --git a/resources/z9/yate/docker_compose/accfile.conf.j2 b/resources/z9/yate/docker_compose/accfile.conf.j2
deleted file mode 100644
index 4ce65e3..0000000
--- a/resources/z9/yate/docker_compose/accfile.conf.j2
+++ /dev/null
@@ -1,35 +0,0 @@
-; Yate will register to these SIP services
-; see https://github.com/eventphone/yate/blob/master/conf.d/accfile.conf.sample
-
-[epvpn_ccchh]
-enabled=yes
-protocol=sip
-description=Eventphone EPVPN CCCHH
-username=1008
-authname=1008
-password={{ secret__yate__sip_trunk_epvpn }}
-interval=120
-registrar=hg.eventphone.de
-keepalive=1
-
-[fonial_ccchh]
-enabled=yes
-protocol=sip
-description=Fonial CCCHH
-username=fo370381tr317349_00
-authname=fo370381tr317349_00
-password={{ secret__yate__sip_trunk_fonial }}
-interval=120
-registrar=sip.plusnet.de
-keepalive=1
-
-[fux_intercom]
-enabled=yes
-protocol=sip
-description=Fux Intercom CCCHH doorbell
-username=1337
-authname=1337
-password={{ secret__yate__sip_trunk_fux }}
-interval=120
-registrar=172.16.210.2
-keepalive=1
diff --git a/resources/z9/yate/docker_compose/compose.yaml.j2 b/resources/z9/yate/docker_compose/compose.yaml.j2
deleted file mode 100644
index e3d6614..0000000
--- a/resources/z9/yate/docker_compose/compose.yaml.j2
+++ /dev/null
@@ -1,20 +0,0 @@
----
-
-services:
- yate:
- image: git.hamburg.ccc.de/ccchh/yate-image/yate-image:latest
- # command:
- # - sh
- # - "-c"
- # - "while :; do sleep 10; done"
- environment:
- DEBUG: true
- network_mode: host
- # ports:
- # - "127.0.0.1:3000:3000"
- restart: unless-stopped
- volumes:
- - ./configs/accfile.conf:/opt/yate/etc/yate/accfile.conf
- - ./configs/regexroute.conf:/opt/yate/etc/yate/regexroute.conf
- - ./configs/regfile.conf:/opt/yate/etc/yate/regfile.conf
- - ./lib-yate:/var/lib/yate
\ No newline at end of file
diff --git a/resources/z9/yate/docker_compose/regexroute.conf.j2 b/resources/z9/yate/docker_compose/regexroute.conf.j2
deleted file mode 100644
index aeecf6b..0000000
--- a/resources/z9/yate/docker_compose/regexroute.conf.j2
+++ /dev/null
@@ -1,100 +0,0 @@
-; Call routing
-; see https://github.com/eventphone/yate/blob/master/conf.d/regexroute.conf.sample
-
-[priorities]
-; route: int: Priority of the routing message handler
-route=90
-
-[contexts]
- ; INBOUND CALLS:
-${called}^1337$=inbound_fux
-${called}^1008$=inbound_epvpn
-${called}^04023830150$=inbound_fonial
-${called}^fo370381tr317349_00$=inbound_fonial
-;${called}.*=inbound
-
-;^[0-9]\{4\}$=inbound ; Calls from 4 digit numbers: EPVPN
-;^+\?[0-9]\{5,\}$=inbound ; Calls from longer numbers, optionally starting with +
-;^*\{1,2\}[0-9]\{1,3\}$=inbound ; Internal fritzbox calls
-
- ; OUTBOUND CALLS:
-^[0-9]\{3\}=outbound
-^[a-z0-9]\{4,\}=outbound ; calls from internal users
-
-^.*$=fallback ; Whatever calls managed to not be handled yet
-
-[default] ; unused
-^.*$=echo [default]"\0"
-
-[test] ; unused
-^.*$=echo [test] "\0"
-^99991001$=tone/dial
-^99991002$=tone/busy
-^99991003$=tone/ring
-^99991004$=tone/specdial
-^99991005$=tone/congestion
-^99991006$=tone/outoforder
-^99991007$=tone/milliwatt
-^99991008$=tone/info
-
-; DEBUG HELPER
-; ^.*$=echo match \0 adr ${address} src ${callsource} form ${formats} id ${id} peer ${peerid} type ${type} user ${username} caller ${caller} called ${called}
-
-^[0-9]\{1,2\}$=return;called=\0
-
-
-[outbound] ; Calls from internal users
-^.*$=echo [outbound] "\0" ${caller}->${called} ; log for debug
-^[0-9]\{3\}$=jump internal
-^[0-9]\{1,2\}$=jump z9 ; To internal -> z9
-^.*$=echo [outbound] "\0" ${caller}->${called} ; log for debug
-^.*$=line/\0;line=epvpn_ccchh ; Route everything (.*) to the specified accfile line
-
-[inbound_epvpn]
-^.*$=echo [inbound_epvpn] ${caller}->${called}
-^.*$=return;callername=EPVPN ${caller};called=0 ; TODO which extension do we want to route to?
-
-[inbound_fux]
-^.*$=echo [inbound_fux] ${caller}->${called}
-^.*$=return;callername=Door ${caller};called=0 ; TODO which extension do we want to route to?
-
-[inbound_fonial]
-^.*$=echo [inbound_fonial] ${caller}->${called}
-^.*$=return;callername=Fonial ${caller};called=0 ; TODO which extension do we want to route to?
-
-[inbound] ; Calls from EPVPN or outside world
-^.*$=echo [inbound] "\0" ${caller}->${called} user:${user} callername:${callername} callsource:${callsource} ; log
-^.*$=return;callername=EXTERN ${caller};called=0 ; set call recipient to 0 (shared alias between
- ; all clients in regfile.conf
-
-[internal]
-^.*$=echo [internal] "\0" ${caller}->${called}
-^110$=line/110;line=fonial_ccchh
-^112$=line/112;line=fonial_ccchh
-^115$=line/040115;line=fonial_ccchh
-^911$=line/112;line=fonial_ccchh
-^999$=line/112;line=fonial_ccchh
-; ^119$=line/01753288861;line=fonial_ccchh ; testing only stb cell number
-^.*$=return;called=\0
-
-[z9] ; Internal calls
-^.*$=echo [z9] "\0" ${caller}->${called} ; log
-
- ; test service numbers
-^91$=sip/sip:ha@10.31.208.10:5060; called=ha;format=opus ; Homeassistant
-^98$=external/playrec/echo.sh ; Echotest
-^99$=external/play/tts.sh;mode=text;text=Hallo Hallo Hallo ; TTS test
-
-^.*$=return;called=\0 ; Any remaining internal calls to all
- ; Context: Calls to regfile.conf aliases are always
- ; handled directly and should never get here
-
-
-[special]
-^.*$=echo [special] "\0"
-^.*$=tone/info
-
-[fallback]
-^.*$=echo [fallback] \0 adr ${address} src ${callsource} form ${formats} id ${id} peer ${peerid} type ${type} user ${username} caller ${caller} called ${called}
-^*\{1,2\}[0-9]\{1,3\}$=jump outbound
-^.*$=tone/busy
diff --git a/resources/z9/yate/docker_compose/regfile.conf.j2 b/resources/z9/yate/docker_compose/regfile.conf.j2
deleted file mode 100644
index 95cf70d..0000000
--- a/resources/z9/yate/docker_compose/regfile.conf.j2
+++ /dev/null
@@ -1,37 +0,0 @@
-; YATE offers registration to these SIP devices (ie. phones)
-; see https://github.com/eventphone/yate/blob/master/conf.d/regfile.conf.sample
-
-route=100
-file=/var/lib/yate/regfile.swap
-
-[501]
-password={{ secret__yate__sip_extension_legacy }}
-alternatives=0,1008,1337
-callername=Legacy
-# Yealink im großen Raum am Fenster
-
-[502]
-password={{ secret__yate__sip_extension_flausch}}
-alternatives=0,1008,1337
-callername=Flausch
-# Yealink im großen Raum am Sofa
-
-[503]
-password={{ secret__yate__sip_extension_ewerkstatt }}
-alternatives=0,1008,1337
-callername=E-Werkstatt
-# Yealink in der E-Werkstatt
-
-[610]
-password={{ secret__yate__sip_extension_fritzbox_dect1 }}
-alternatives=0,1008,1337
-callername=DECT-1
-
-[611]
-password={{ secret__yate__sip_extension_fritzbox_dect2 }}
-alternatives=0,1008,1337
-callername=DECT-2
-
-[100]
-password=test100
-callername=stb 100
diff --git a/roles/deploy_ssh_server_config/handlers/main.yaml b/roles/deploy_ssh_server_config/handlers/main.yaml
index 721a348..001bbe4 100644
--- a/roles/deploy_ssh_server_config/handlers/main.yaml
+++ b/roles/deploy_ssh_server_config/handlers/main.yaml
@@ -1,5 +1,3 @@
-- name: restart the ssh service
- ansible.builtin.systemd:
- name: ssh.service
- state: restarted
+- name: reboot the system
become: true
+ ansible.builtin.reboot:
diff --git a/roles/deploy_ssh_server_config/tasks/main.yaml b/roles/deploy_ssh_server_config/tasks/main.yaml
index 4350790..f5d00f5 100644
--- a/roles/deploy_ssh_server_config/tasks/main.yaml
+++ b/roles/deploy_ssh_server_config/tasks/main.yaml
@@ -12,7 +12,8 @@
group: root
src: sshd_config.j2
notify:
- - restart the ssh service
+ # Reboot instead of just restarting the ssh service, since I don't know how Ansible reacts, when it restarts the service it probably needs for the connection.
+ - reboot the system
- name: deactivate short moduli
ansible.builtin.shell:
@@ -31,4 +32,5 @@
changed_when:
- '"ansible-changed" in result.stdout'
notify:
- - restart the ssh service
+ # Reboot instead of just restarting the ssh service, since I don't know how Ansible reacts, when it restarts the service it probably needs for the connection.
+ - reboot the system
diff --git a/roles/docker_compose/defaults/main.yaml b/roles/docker_compose/defaults/main.yaml
index 7c083ba..76831d6 100644
--- a/roles/docker_compose/defaults/main.yaml
+++ b/roles/docker_compose/defaults/main.yaml
@@ -1,2 +1 @@
docker_compose__configuration_files: [ ]
-docker_compose__restart_cmd: ""
\ No newline at end of file
diff --git a/roles/docker_compose/handlers/main.yaml b/roles/docker_compose/handlers/main.yaml
index f974335..96c5ab3 100644
--- a/roles/docker_compose/handlers/main.yaml
+++ b/roles/docker_compose/handlers/main.yaml
@@ -4,9 +4,3 @@
chdir: /ansible_docker_compose
become: true
changed_when: true # This is always changed.
-- name: docker compose reload script
- ansible.builtin.command:
- cmd: /usr/bin/docker compose {{ docker_compose__restart_cmd }}
- chdir: /ansible_docker_compose
- become: true
- when: docker_compose__restart_cmd != ""
diff --git a/roles/docker_compose/tasks/main.yaml b/roles/docker_compose/tasks/main.yaml
index af7f717..d11d826 100644
--- a/roles/docker_compose/tasks/main.yaml
+++ b/roles/docker_compose/tasks/main.yaml
@@ -60,7 +60,6 @@
become: true
loop: "{{ docker_compose__configuration_files }}"
# notify: docker compose down
- notify: docker compose reload script
- name: Flush handlers to make "docker compose down" handler run now
ansible.builtin.meta: flush_handlers
diff --git a/roles/kitchenowl/README.md b/roles/kitchenowl/README.md
deleted file mode 100644
index 2edaf16..0000000
--- a/roles/kitchenowl/README.md
+++ /dev/null
@@ -1,39 +0,0 @@
-# Ansible Kitchenowl deployment with docker
-
-## Introduction
-
-KitchenOwl is a smart self-hosted grocery list and recipe manager. Easily add items to your shopping list before you go shopping. You can also create recipes and get suggestions on what you want to cook. Track your expenses so you know how much you've spent.
-
-- Native Mobile/Web/Desktop apps with a great design
-- Add items to your shopping list and sync them in real-time with multiple users
-- Partial offline support, so you don't lose track of what to buy even when there is no signal
-- Manage recipes and add them to your shopping list
-- Share recipes with friends and family
-- Create a meal plan to always know what you'll be eating
-- Manage balances and track expenses of your household
-
-Checkout more: https://github.com/tombursch/kitchenowl
-
-## Why docker
-
-Whilst I try to refrain from using docker, especially together with ansible, it is the recommended way of installation: https://docs.kitchenowl.org/latest/self-hosting/ .
-
-One could also decide to build from source, but I fear that the chance of brakage is higher than just using docker.
-
-### Notice
-
-This role does not care about creating a rootless docker installation and should primarily used inside a vm.
-
-Checkout https://docs.docker.com/engine/security/rootless/ or https://wiki.archlinux.org/title/Docker#Rootless_Docker_daemon for more information on rootless docker.
-
-## Variables
-
-See [defaults](./defaults/main.yml) for needed variables.
-
-### OIDC
-
-OIDC can be used as decribed in https://docs.kitchenowl.org/latest/self-hosting/oidc/ by enabling `kitchenowl_oidc` and using the respected variables.
-
-### Secrets
-
-Please use secrets as described in [README#Secrets](../../README.md#secrets)
\ No newline at end of file
diff --git a/roles/kitchenowl/defaults/main.yml b/roles/kitchenowl/defaults/main.yml
deleted file mode 100644
index ad69fcc..0000000
--- a/roles/kitchenowl/defaults/main.yml
+++ /dev/null
@@ -1,10 +0,0 @@
-kitchenowl_dockertag: "latest"
-kitchenowl_port: "80"
-kitchenowl_path: "/opt/kitchenowl"
-kitchenowl_jwt: USESECRET
-kitchenowl_oidc:
- enabled: false
- front_url:
- oidc_issuer:
- oidc_client_id:
- oidc_client_secret:
diff --git a/roles/kitchenowl/handlers/main.yml b/roles/kitchenowl/handlers/main.yml
deleted file mode 100644
index 63eda54..0000000
--- a/roles/kitchenowl/handlers/main.yml
+++ /dev/null
@@ -1,18 +0,0 @@
-- name: docker compose down
- community.docker.docker_compose_v2:
- project_src: "{{ kitchenowl_path }}"
- state: absent
-
-- name: docker compose up
- community.docker.docker_compose_v2:
- project_src: "{{ kitchenowl_path }}"
-
-- name: docker compose stop
- community.docker.docker_compose_v2:
- project_src: "{{ kitchenowl_path }}"
- state: stopped
-
-- name: docker compose restart
- community.docker.docker_compose_v2:
- project_src: "{{ kitchenowl_path }}"
- state: restarted
diff --git a/roles/kitchenowl/tasks/main.yml b/roles/kitchenowl/tasks/main.yml
deleted file mode 100644
index 530d468..0000000
--- a/roles/kitchenowl/tasks/main.yml
+++ /dev/null
@@ -1,41 +0,0 @@
-- name: Install latest docker & docker-compose package
- ansible.builtin.package:
- name:
- - docker
- - docker-compose
- state: present
-
-- name: Start and enable docker service
- ansible.builtin.service:
- name: docker
- state: started
- enabled: true
-
-- name: Ensure kitchenowl directory exists
- ansible.builtin.file:
- path: "{{ kitchenowl_path }}"
- state: directory
- owner: root
- group: root
- mode: '0755'
-
-- name: Ensure kitchenowl docker-compose.yaml
- ansible.builtin.template:
- src: docker-compose.j2
- dest: "{{ kitchenowl_path }}/docker-compose.yml"
- owner: root
- group: root
- mode: '0644'
- notify: docker compose up
- register: output
-
-- name: Ensure latest kitchenowl image pulled
- community.docker.docker_compose_v2_pull:
- project_src: "{{ kitchenowl_path }}"
- notify:
- - docker compose down
- - docker compose up
-
-- name: Show results
- ansible.builtin.debug:
- var: output
diff --git a/roles/kitchenowl/templates/docker-compose.j2 b/roles/kitchenowl/templates/docker-compose.j2
deleted file mode 100644
index 10ad91f..0000000
--- a/roles/kitchenowl/templates/docker-compose.j2
+++ /dev/null
@@ -1,24 +0,0 @@
-services:
- front:
- image: tombursch/kitchenowl-web:{{ kitchenowl_dockertag }}
- restart: unless-stopped
- ports:
- - "{{ kitchenowl_port }}:80"
- depends_on:
- - back
- back:
- image: tombursch/kitchenowl-backend:{{ kitchenowl_dockertag }}
- restart: unless-stopped
- environment:
- - JWT_SECRET_KEY={{ kitchenowl_jwt }}
-{% if kitchenowl_oidc['enabled'] %}
- - FRONT_URL={{ kitchenowl_oidc['front_url'] }}
- - OIDC_ISSUER={{ kitchenowl_oidc['oidc_issuer'] }}
- - OIDC_CLIENT_ID={{ kitchenowl_oidc['oidc_client_id'] }}
- - OIDC_CLIENT_SECRET: {{ kitchenowl_oidc['oidc_client_secret'] }}
-{% endif %}
- volumes:
- - kitchenowl_data:/data
-
-volumes:
- kitchenowl_data:
\ No newline at end of file
diff --git a/roles/nginx/defaults/main.yaml b/roles/nginx/defaults/main.yaml
index 2e56dac..e4d4fb0 100644
--- a/roles/nginx/defaults/main.yaml
+++ b/roles/nginx/defaults/main.yaml
@@ -4,5 +4,3 @@ nginx__deploy_logging_conf: true
nginx__configurations: [ ]
nginx__use_custom_nginx_conf: false
nginx__custom_nginx_conf: ""
-nginx__deploy_htpasswds: false
-nginx__htpasswds: [ ]
diff --git a/roles/nginx/meta/argument_specs.yaml b/roles/nginx/meta/argument_specs.yaml
index f2cb1d7..866cb81 100644
--- a/roles/nginx/meta/argument_specs.yaml
+++ b/roles/nginx/meta/argument_specs.yaml
@@ -34,19 +34,3 @@ argument_specs:
type: str
required: false
default: ""
- nginx__deploy_htpasswds:
- type: bool
- required: false
- default: false
- nginx__htpasswds:
- type: list
- elements: dict
- required: false
- default: [ ]
- options:
- name:
- type: str
- required: true
- content:
- type: str
- required: true
diff --git a/roles/nginx/tasks/main/04_config_deploy.yaml b/roles/nginx/tasks/main/04_config_deploy.yaml
index 7dba579..38dbfc1 100644
--- a/roles/nginx/tasks/main/04_config_deploy.yaml
+++ b/roles/nginx/tasks/main/04_config_deploy.yaml
@@ -131,20 +131,6 @@
label: "{{ item.name }}"
notify: Restart nginx
-- name: Ensure all given htpasswd files are deployed
- when: nginx__deploy_htpasswds
- ansible.builtin.copy:
- content: "{{ item.content }}"
- dest: "/etc/nginx/{{ item.name }}.htpasswd"
- mode: "0644"
- owner: root
- group: root
- become: true
- loop: "{{ nginx__htpasswds }}"
- loop_control:
- label: "{{ item.name }}"
- notify: Restart nginx
-
- name: Add names with suffixes from `nginx__configurations` to `nginx__config_files_to_exist` fact
ansible.builtin.set_fact:
nginx__config_files_to_exist: "{{ nginx__config_files_to_exist + [ item.name + '.conf' ] }}" # noqa: jinja[spacing]