From aaa372bced7104857f7f8c757fb0af12ce0c37e7 Mon Sep 17 00:00:00 2001 From: arcnmx Date: Fri, 19 Jan 2024 11:09:44 -0800 Subject: [PATCH] feat(hakurei): new ct --- .sops.yaml | 8 ++++ ci/flake-cron.nix | 2 +- ci/nodes.nix | 2 +- devShell.nix | 2 +- meta.nix | 6 +++ nixos/secrets/deluge.yaml | 79 +++++++++++++++++-------------- nixos/secrets/home-assistant.yaml | 79 +++++++++++++++++-------------- nixos/secrets/mosquitto.yaml | 79 +++++++++++++++++-------------- nixos/secrets/postgres.yaml | 79 +++++++++++++++++-------------- nixos/secrets/syncplay.yaml | 79 +++++++++++++++++-------------- nixos/secrets/systemd2mqtt.yaml | 79 +++++++++++++++++-------------- nixos/secrets/vouch.yaml | 79 +++++++++++++++++-------------- nixos/secrets/zigbee2mqtt.yaml | 79 +++++++++++++++++-------------- systems/hakurei/nixos.nix | 19 ++++++++ systems/hakurei/secrets.yaml | 57 ++++++++++++++++++++++ tf/cloudflare_records.tf | 14 ++++++ tf/cloudflare_tunnels.tf | 29 ++++++++++++ tf/terraform.tfvars.sops | 6 +-- 18 files changed, 491 insertions(+), 286 deletions(-) create mode 100644 systems/hakurei/nixos.nix create mode 100644 systems/hakurei/secrets.yaml diff --git a/.sops.yaml b/.sops.yaml index 4aa86ec0..309fa89a 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -1,6 +1,7 @@ keys: - &kat CD8CE78CB0B3BDD4 # https://inskip.me/pubkey.asc - &mew 65BD3044771CB6FB +- &hakurei_osh age12ze362pu5mza6ef9akrptr7hfe4auaqul4rkta7kyy2tnrstqensgmujeq - &tewi_gen age17haatqc7gpk9t690affyqcvwmhmz0us95en2r7qpqzw29tpq3ffspld0cf - &tewi_osh age172nhlv3py990k2rgw64hy27hffmnpv6ssxyu9fepww7zxfgg347qna4gzt - &tei_osh age1a2quf2ekkj94ygu7wgvhrvh44fwn32c0l2cwvgvjh23wst90s54szdsvgr @@ -13,8 +14,15 @@ creation_rules: - *kat - *mew age: &reisen_common + - *hakurei_osh - *tei_osh - *mediabox_osh +- path_regex: 'systems/hakurei/secrets\.yaml$' + shamir_threshold: 1 + key_groups: + - pgp: *pgp_common + age: + - *hakurei_osh - path_regex: 'systems/tewi/secrets\.yaml$' shamir_threshold: 1 key_groups: diff --git a/ci/flake-cron.nix b/ci/flake-cron.nix index 28a0e9eb..8c69fe9a 100644 --- a/ci/flake-cron.nix +++ b/ci/flake-cron.nix @@ -95,7 +95,7 @@ in { displayName = "flake update build"; environment = ["CACHIX_SIGNING_KEY" "GITHUB_REF"]; command = let - filteredHosts = [ "tewi" "tei" "mediabox" ]; + filteredHosts = [ "hakurei" "tei" "mediabox" ]; gcBetweenHosts = false; nodeBuildString = concatMapStringsSep " && " (node: "nix build -Lf . network.nodes.${node}.system.build.toplevel -o result-${node}" + optionalString gcBetweenHosts " && nix-collect-garbage -d") filteredHosts; in '' diff --git a/ci/nodes.nix b/ci/nodes.nix index 3daa55d5..47eb27e9 100644 --- a/ci/nodes.nix +++ b/ci/nodes.nix @@ -59,7 +59,7 @@ with lib; { }; jobs = let - enabledHosts = ["tewi" "tei" "mediabox" "reisen-ct"]; + enabledHosts = ["hakurei" "tei" "mediabox" "reisen-ct"]; in mapAttrs' (k: nameValuePair "${k}") (genAttrs enabledHosts (host: { tasks.${host}.inputs = channels.nixfiles.network.nodes.${host}.system.build.toplevel; diff --git a/devShell.nix b/devShell.nix index 01a0270b..8d915c97 100644 --- a/devShell.nix +++ b/devShell.nix @@ -13,7 +13,7 @@ ''; nf-actions-test = pkgs.writeShellScriptBin "nf-actions-test" '' set -eu - for host in tewi tei mediabox reisen-ct; do + for host in hakurei tei mediabox reisen-ct; do nix run --argstr config "$NF_CONFIG_ROOT/ci/nodes.nix" -f '${inputs.ci}' job.$host.test done ''; diff --git a/meta.nix b/meta.nix index 23e06295..fa21b7c4 100644 --- a/meta.nix +++ b/meta.nix @@ -54,6 +54,12 @@ nixfiles.nixos.base ]; }; + hakurei = { + imports = [ + ./systems/hakurei/nixos.nix + nixfiles.nixos.base + ]; + }; }; } ]; diff --git a/nixos/secrets/deluge.yaml b/nixos/secrets/deluge.yaml index 3babbf4f..92fdfb3b 100644 --- a/nixos/secrets/deluge.yaml +++ b/nixos/secrets/deluge.yaml @@ -6,60 +6,69 @@ sops: azure_kv: [] hc_vault: [] age: + - recipient: age12ze362pu5mza6ef9akrptr7hfe4auaqul4rkta7kyy2tnrstqensgmujeq + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhV2VxdThGQkFRaDhOTGFo + emZ2bDAwSThzcXZjbys1K1czdE44U3I1bEQ4ClNZNy82Q245cVpUS2Z0ZEZLRGVL + TFNGTlRCdWZWa05qNGJPakJGQXV1RmcKLS0tIEIyS2xIbndOTEhFSnlkSnZjQXJ1 + WnRqSFN4OVRnV1BlV0V1eTM0UFpvYUEKPzHVz3mbHWpz79w682CC5VJGAV7mZ1Rg + /cPKpQWOGOWdqNt8Cdh7NuboaUQuHVm/mbnEKyfrsqVKvGolG0j24Q== + -----END AGE ENCRYPTED FILE----- - recipient: age1a2quf2ekkj94ygu7wgvhrvh44fwn32c0l2cwvgvjh23wst90s54szdsvgr enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNOUE2SHN4Sm9iSDlNRGoy - Y045S1A2NEMyZWJaNjhibGNldVNEZlhiQkM0ClJzQTBOWVIwcy9iSmZwcjNQSXJX - Umlra2VqSjVvZlY2SDNzcTQvNlcyK28KLS0tIHJxcVM3VWFaYmpOU25sdXdiUG1Z - Y003bzNOZzlHaWRMRU1VZHBIRlZWUncKZC13OceAyBKYWFPsHwZfOeMhYLqOTO3G - Yz8RGQvqHxVskL9B5Zqove9Uf6VKmDnzGUpWb3G3fozNKjGuS/2deA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwdkw1SG5nbVhua3dxWWNO + RmF2QmhpUldRaWRKNVVEN0x3K25ZSFpKL1hFCm9VVDRtN0R0bFIzRytLOTB2ZFdz + Z2NQVmE0N0lXUnlKVkZYU0JmTW1GQWcKLS0tIHdzZjFQcklXNU9XQ1Z4cEFQRFk4 + aExTT291QWJSNGtuczRuZHpBQnBJdlkKqx5IrGpTbTbbe9uKirFRTw45IuducyNK + Kwq5YzBrgi6ZlCE5FOtzfBwvtgzf2QZQaApzk9MOIwC3+2soj6HG0Q== -----END AGE ENCRYPTED FILE----- - recipient: age16klpkaut5759dut8mdm3jn0rnp8w6kxyvs9n6ntqrdsayjtd7upqlvw489 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtTDBhTjNSZ1hUZXRJeHNW - c000SnhDalM4MlhkbmljT0pPcVEvUlBLSWpnCk52eGhYYWNhVVkrOWszWWNwY3Vn - eEs3K2g0MVdCOTA0Uk9Ya0NRaHRoN3MKLS0tIGErTFRPTzBtTzNwdGFaaEU1U00v - elZMdXRHdnhrdURiTU9BV0tsc3g1REEK1yfyWy3iv9hMidASfTxyQE8qyVFUoCH7 - fk2pTNQZCXQR9u8Pd0ZOTptsbrtcyDUc9l8VMfn6QTEuI53Nm8CswA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBUaFJ2K0J5U0hnandYR3JM + b1ZMQ0NMWmtnUHRYZUxhMG5tcEk0QTFjOFVVCjRST2Y3M2k4cm8zU01QYTRwZUVr + TnIwT2pTQ096cCtBYkRvMmlrTElSaGMKLS0tIGI5RHB1OUV4bUljS1Z5QVlNL0Ns + QTRpWHphL0tCYTd6QVN1T3FVUERwZkkK3J6k477Lny2cKRWfqWH2AFA0gY5930IH + 2+KFwIDHZ6Iban73yp0S3fEja99QqRmTQEP+fTdqX0gfYwns2kyvBQ== -----END AGE ENCRYPTED FILE----- lastmodified: "2024-01-16T19:10:43Z" mac: ENC[AES256_GCM,data:Wb4ALWRT83My2hnlxfUgRoedG4M/aIRd4cfcb5wV88Rm8XQFGRUIZbqXBjKjZwy5w24b3nVmreKpPDsutHnBZQC2y0f9Pz4Jq/BTDDUWZXWNYI1xq5WZu/NTR7lhNGwkqdtG93TIEi3DkU27m9YODQYF2QaPmQ+LFWVCe9S83+w=,iv:XAs6aj+6j/QCBEu3aEGdyxgTkVkyhlay6oS2bTxxTCw=,tag:PIBrl3sPyFS6KhDqpEta2A==,type:str] pgp: - - created_at: "2024-01-16T19:10:39Z" + - created_at: "2024-01-19T19:08:33Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMA82M54yws73UAQ/8Cp+G1+mSAS8cijR6PjBq1lWnuU9jkYzfSiH8eDox4ZF8 - 59nVlUElb9qkDYE5FJ2hNyXiOmsG/0IFxn1rOFevHFYbLVH8HyQxniTvznIkKADg - OYNaESmSgk3IOzlwUK7BV8bpKq/ZQF4KI9eoh9EIas9ik4zkEpwPOVCTn1TAwwHK - upL0GwibTJNG2mzi880kJsEsU1BaSPM446YkGXKhVah0K+ltp5G3K7Z3csxX/nsP - ZNxlkyT6EPr7frSzqcp9Ge4LETHjtF8pOm3kVwcVSwMcV7o/mw1OZiN3JIjS2ecV - P+PtjiguoMhS8BHj/aXa3759hXKdzJMT4Y2qYx/W8npq7QAPGZH9FDXSOgqIFWri - 2E7u7/Dp3hjfuUFss/YEsTGJbIsfjtCIXJgfjC+pEHcjfiQj9fCCYgcM8n3AZfT1 - lXGKsRnt4nKzdjme3iP+GtBMdke2MSl5X76sFnEBTa7IbmyCOdtX1ZZL3dWjpvOD - 1PJxldVVCJLgfIsgPe3qZaEVWUggXcsOOvlTsmxkCvlhoFOSDseuLgzKN56w7gHr - 3FXgcSC6C6S+CufdMGQmMBvMx9JfvYhoiBmSLOO6g6hds9nb6D2XaQFGOg6mSggR - lupvvRRBp5BCI1MSBujXF8SPPfCJ4l7ySwMc73yERd/FbBXdsjl6RPFHuh6hb8PS - XgFhIItwbyFnz3hTm9TMSlhQJss9AVtOq7WcQ6Ehg6KVAoq1W8Jk24YZPHz7Jby8 - 2nRtKyHKAPUpPLUZv+TvBabHEDJ6wXUAVvwAevLnBNqlSaXFpmRBJnunHax6Pic= - =0777 + hQIMA82M54yws73UAQ/+LspS+cAGE2tLCnmEqqvtuUCIrpMXvZWQEEmLk+9AG8Mo + BAeLkS6t2h1VkwSymnMYMZFRgwH6wNMUcqO3gdw1x49dZ7BxFzi7snFWNzdFzyOb + a+hXCdGcydY/IiycJphuTdnfKRYrdaA712weD93HwDTfAd7gGJjE/MUl0NVcbiu0 + qkEtLMb8iEfR9mOTEh4rvBrpW5U7BC1hgCu9RwVBT524wVuyCXOcJHUNpiue7i+8 + 8sjVz+uhFg2cqNqxu5ESXTX+8cvTE3nyHZaPatgo/dRLWe4EM9G0AXqCRKSqBfQX + tBXBYe2dNKHU3e9pdY8EY6pT9+l4FtBH3OKc+yMrDs97GHnOq3RMHGC/CDVvCc2E + Dyve/njz5dqGmUYxonhm1fR3dfXl8KXOB1FLZccwSKaCPv5WF1MRSPvdAPou6Sw+ + 5Rv9Fohs5eYUyN9jjz0DK79gyckYIJHw5dDUFJ4iA0vqiv2TiZRMelOzcwKch+oF + nL3syTj12JVN/5zkEEn1Y4IORoDxSXxC0zE2gxP2opQs36nLKr8CQs/bQax+7Kxv + m9Z2b/HR8nk90Z4GzFzgoHxlQVs9bNB7UUdr3HFW7kNxZtX9DAgdpM1sN0ar/1LQ + 9WNGwEdkhQpweU3LdWkP27juZZjWgdDPyyPMIx7RJDDkfAYcY1vJEZQAoMhGnvfS + XgGT7M/L4sA19fgsuTnSg6nO+vZiqPYhdabZUFcVu3NvL2fu2ieN3k3rxczopT85 + 7pyl5wmmApD85NGy5D/y5zQM4UPPXj3Fctx0LfcAOsHuL61CtgcdHzvMofOdC8E= + =0fKj -----END PGP MESSAGE----- fp: CD8CE78CB0B3BDD4 - - created_at: "2024-01-16T19:10:39Z" + - created_at: "2024-01-19T19:08:33Z" enc: |- -----BEGIN PGP MESSAGE----- - hQEMA2W9MER3HLb7AQgAgyq8OlLkOiMuG5v7OVsH/6GgGwtuubDt8qMog+KJn7Pi - lCoYL5sQJnvKaKG9/LxtzyiC9tGsMd4hO0Ja1IJkrA198OkbdOT/a6RKwIdVDhY9 - G6tAGqViavmOTj+FmT2z0i0doVyd8lQF24o1pBcoyEzVVFeIP8hsriQUXoccnO4V - BMFeXW6fZvvXHWRjl7dGs5Tkc5HnRKj9i3PmC+VzgIUCDFN6dh9NUNkgIZxQHxVT - ThRQYMsFBJWm8jR5tN0yjufBzLjtJKECwQg8SED0Jtd/0YcsgmtbfAropobxG02L - GA//wzncOAFcurn18HqB6Rdo+98W3oht0gjkWPcELNJeAQ8j/Gtvc8pTTYxJxV9e - 61RRUdGpzDECrZCtGiI6ui97GhPCMuizrXi/nNNf+y2+8lW/0KieJJASCuSafwE9 - GEs2ZXpBvJta4yx2HvRuv/KnNRZgduU/NIvx456oSQ== - =0Kv2 + hQEMA2W9MER3HLb7AQf/W8mvLWe9xQd2SUMXJjj0LT8PCXr4UE8Cr3PNDeokc7mp + ONAn16uFEZ+2JZt/WopUPAyQrjEy8pfkYRNDsmPjrN+YgfhdHIuMUw1v6r5S4fag + e3xSqStIMU9ORqK4vFqqC1vUBEH1n2ANPZjmVxjEdLz5Uk71XPbnjuDx1lrcFlgm + AxglLvvO+dkqAEqxvVvTO2jT9l496Qs41GdR9QZ5iZ5TNwPDyI7Y9yF0cGTJ/pTU + OLgQBQjbsrgt+EKfHe+KNyB32L46Hh4/08BJfU0p8+tSJZF3AJuAq0yRxfuEEmiE + QsAa2tNhyfJ0PL5tWEsIDlQ18haBdtuQAcnep3nV/dJeAbP+2TUtuxY1f9jdNCxL + 6sPSFugg1XE2I58KpBMtK/UZaJr0HzLvtEM+aOU+WzxNndqF3oXNErjIjroiG5gS + AVKBJI8ApiXyQlElFy6MQFRWch+/WS3qXkCE7JLjCg== + =h9w7 -----END PGP MESSAGE----- fp: 65BD3044771CB6FB unencrypted_suffix: _unencrypted diff --git a/nixos/secrets/home-assistant.yaml b/nixos/secrets/home-assistant.yaml index 8fe3e58f..01de7294 100644 --- a/nixos/secrets/home-assistant.yaml +++ b/nixos/secrets/home-assistant.yaml @@ -7,60 +7,69 @@ sops: azure_kv: [] hc_vault: [] age: + - recipient: age12ze362pu5mza6ef9akrptr7hfe4auaqul4rkta7kyy2tnrstqensgmujeq + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5Z3Y4dkQ2cktEODZFWEpy + SmRIcm5SeE9Pd3VORUtJcEtHUU9pZVp4S1NrCjNTbWh6RjlXVnZtOExSTC9qRHUr + VlIrNzBqWktrZ3VLREdyNmlQZlJkTXMKLS0tIFpwRWkwb2JzSHBtNW4wdE43OUFr + QXV2SzhwYWNsR0pUbFNrbHNHRUpRTUkKRFtAAO8aiQVZnTU21Qcd4cM77p4sgmDG + 1qTe4QsOySDITw9k5Ut7zbvJmHZBOh5UeX7NKG7T9hEULm2SzNmPNg== + -----END AGE ENCRYPTED FILE----- - recipient: age1a2quf2ekkj94ygu7wgvhrvh44fwn32c0l2cwvgvjh23wst90s54szdsvgr enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNL1lQTGZteU9ocCszVTJ4 - QWFGSkxlaXFNVWx5aGlBYlcwWHpNZWVWY2d3CjFVSStocXBJRk9ZblU5UGpuZ1NZ - NUxRcURXaTYvK3VUQ3VVaFRUdWVncU0KLS0tIDNKdFg3R3NBVEgvTUVtVE5rM3Vr - RWdrSGdNNjI5cjVZZjBFV1ZReHhpclEK2sq03ZFKjzZw4ZbaWx2EnSz1PdELXwvw - 5NDJfkpV1PQ1/PbbUTkf7nG0NgTb/FEDoZH4X//wFILAF2MhUcQufg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB6T0ZlY05UTDI4Um4yYyt0 + WEd3cGZJclpOSWErbkFCV1dTSGZ2cnhvQjBZCkgrYnlITkVybGtaZVg0Zk5sVVVk + eW9SRmIxVW9MdTF0SEQzVkRlTFVKTm8KLS0tIEJkSEVlWlFTYWtnOFRDdjRSa2xy + OXZYV1d3SUVBQXJ1dFB6VDNCK2hhNmsKnPSmFLMmliwJR6hN9ipS5c2pARtNHJIj + D8K3McBgUh5xP+ZuofFvDRAzpzK0G0i14dGlQvEtS86pdcNk25rV9w== -----END AGE ENCRYPTED FILE----- - recipient: age16klpkaut5759dut8mdm3jn0rnp8w6kxyvs9n6ntqrdsayjtd7upqlvw489 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRa3RhOElmdmhoaTN5V1dF - WEI3TFY1eDlpcjF6SkQ5a0cvVWlkV1dDS1ZrCkRHS3U0NWEzazY2RXpQOTZUazg1 - S2ZmV1J2M01zakpsSzdaajZJb1p0N0UKLS0tIDREKzUvTzFDalMwV1hYa0pQcXpR - NStydDhtSHExWC9aN2ZqTnlSQ2wweGsKD0wbxkd65AsbBhHG/ooijrFE6XS8AYbV - ozPvg2N1vkiLtSWE4WrY79CeSMkMksxB3kLjr4NoHEKHRs9ADvR3tQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1eDFodlQ4dEMwVzljZmFt + V2dOd1dlRkRxckNlN2Z2ZEhwREhsb2xBYm5BCkpvRzlZTkVYMUxLdXhLQXE5Z1hj + UmNKMVRMR1E1MG9FVnFycHpjRkxYNG8KLS0tIHQvdjlTaHlZZ3dEcjhxZDMvbHFu + SDdYSzBGZUY3azVKUExldVFZY1FJMFkKXbPHYjiMOlG3x4Zgi2IfWPCmf+zajdPD + nrdh39ln8is/2U6U2EjNL5/7pJVYMyO2zMPYlta6rGdBflT5yu/Ubg== -----END AGE ENCRYPTED FILE----- lastmodified: "2024-01-16T19:18:20Z" mac: ENC[AES256_GCM,data:ax4tNBIzzP8PV0JYBdEYP31w0+SmLZiM6mTwImOR6zAzfE9sX6q77CWGR+0QAO2pfC4R/nppjHgTbESdUH1X0HKdjJw2uiF0bUFom2ELaMGylqxV0llAQ1iqKHkLF8hHciRz8IS/zf247+8iZmOlZqWazUwlozAJW7A27d7R66U=,iv:sm0x1u0xz9B9Kk94GCn6sniqJ4rnTnSSDRdsYeAUqL4=,tag:KrTOdc86LAB+x+PfV/9krg==,type:str] pgp: - - created_at: "2024-01-16T19:12:28Z" + - created_at: "2024-01-19T19:08:54Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMA82M54yws73UAQ/+P+n7MZ+EEbg2AeKm6L2MnZnHycfJGBjXk3XH9w9zAy9Q - U7+ak6auxsx7kwS1Yy2f7nvsdn9+vGlmHdPiRZpuMpqaOKU4xvTNGoXQ0tzAjjWu - 35IFKZIKS+BTJGU+oxQQ+BhPyP4HT4Atl33RSz4NtBFqxVEyiFXCjU7oYNLeqTDK - /h+l7vX2qz/KUCLyHjQLSHUZOmdTI7Z6us9NdIK6tWXOWUc4UfdxsxqxQe+ayRwL - HUuRUt5Sg3Y6wKe8oazg/jcMUWl4EDznZsckxGQuGyZ/5cD58FKiVtuSWs6m/oDu - r1mBqupf7gtwr/PleDe14Uo+IzcM9JHY8TZdvI87WI5t/xNgjyO5qTB2kPde572Y - FOxUhclNDpZgJJXP9+wZ1YYQG29VBzSFrlSV0mRZofQRJqorbb92Hst3bbb9xmmp - TjaIAq0FvrXLmNCQZKvBOr3R3lkeJrhqXQhd65emZPvflTxZNOOMTOWbfUk4XWKN - 03g8LHarKY//abfcuVtMTIMEhfP+30tFNe7oSge5AjjeZWq7xh/bpf+CkLPzVDxk - O76N9eprJLqTTAh8cIA7ityUXUvToiL2yCxaIc/YKL2puOwK1itSfb9eYPS1556w - luvY5dRAXEERJaO22A0u21f1DLz3/2Vur+RcMTisXtUvZaV1BU1jYn+L+k7E/2fS - XgHwAajQDrRXPvMETZD+MN8wocJI9HMUKPHFljxXmI4yFuEX6WxNtNprBZMO+6x3 - QxqK1eE5LRfJwwjuEojZ4omwDmbjS5Mz5aLDNi2poOCTbnlxVjDDiY38RPP6EwQ= - =9UTE + hQIMA82M54yws73UAQ//a+05dgy5f/mei9mAeGz/rp6BdrqL3hHQecy+2aglAeoH + W4BCsnk8UMGHLQM91hmTb1lImUCI5fGTwa3J4kJJTw1mEOkHz3cBjXkMwbGBro6z + +iOhgLc65yaGyLmsuL1tVmZuI7rQvmylj/8ymNOeRILcUr+CmVJjJSDlgeA+LXFL + ycZ3saorFEKBmbfg0nj9KTdwLIdIgX8X2rrYWlm0jHc5tDe1rob1l3T1zwiB6QRf + LJ4rHJEh79d8a5emVkD21kiy1zQ4IYPvxSynNAHe5iPF2c5Sh+t/qjtGk0z704W4 + Ja94ddn1oC7Wuq9nS60HYCDi4E+KuNDf0F+LeeFEPiaxV714PAuJEtCz8xY+TTq7 + XXyT0ZwLMaH1FSOGYESiU3d2SS2baQ/jPSrUlWIXhFdlTZaMTZz+d0GV7+MPqNlz + +AH9Bq7CtCNJwcmTmewxukHbPt6fpgBnp2QG9OuAuhrAFnSNv8CquagbCn4JiX+d + wEcpxDnHvxbRJTTrrLckF1qrrQz9wdDnXhTxMjLUHAEY2ecM79Rq9t0Zsy4TlKcw + EVzDiNOlH9LZ1+kYnNy556jL+EaMs9zM84dpXbN1O6UFXhbVa2a/YXZ6M7xwOP+Y + MSM8x0AN2yv8SxuZ91sPHx3MYvdWBp/LfkPK9VpLqJ5fdmJ6pCZgygEKW+jdqCLS + XgGYFISliDVeaPDwjD22tMFLfupHBIAP8JS+FOBCXVhf379mSTZ5aNaZ5h13efOD + HEXjMkd/Feqsy7RegLGqHgbmbKH4PL/Jw+LleeORalAL3xBAEFli1QDOf1W6yWE= + =ygmK -----END PGP MESSAGE----- fp: CD8CE78CB0B3BDD4 - - created_at: "2024-01-16T19:12:28Z" + - created_at: "2024-01-19T19:08:54Z" enc: |- -----BEGIN PGP MESSAGE----- - hQEMA2W9MER3HLb7AQf/b6FqmQ3RQ1SDkB9IMV7tbtgOu3WmokrjHFsSmXOGF4tZ - CeuAhuaCyBeuV2nVdsyo+QxWOrSTKWza1rYQJtF5Uh+y37Uuf7xINHL5X6nEFm1J - s4Oq3XP/n8QR8Xe/u0+L5/Z3r3NQ/x+IkgTEOPyHkcpo0FrhXo2RgnBnm4fFGZKp - I2JSJ4th6pScGVNpnAwRw7dr4YMqoCx1/3TrHJCjT7t/r58mHp5vOw1IA3qvClpB - z9aIIM3hHIozpvDu2qFzdD+aMdb8yqLcGVVEj1qPKuRvlv6jt5i0koQ//9shPHkD - 4Is0OO+XzKuA+yrYJebPZPaRv5rEKtTWpyvj3SHPd9JeATgkgX64DDOIQlnBSc8S - lAXMWQOsduvcpB1aVHQQsZQnlyNDgBUYSJdhKhntQuXaVXQ+NBD++JRWAW2sgYy7 - ANp9zAzNo1CUNjNUSBC5Zf2iXwBwEms9P8uKqlbdjA== - =uDvW + hQEMA2W9MER3HLb7AQgAkKM/fCU5shKs4/thEm1yT9Z2y+qx75i+WrA4VgP7slI8 + V/mvSmk+MxKtJNzGSdbSKLXmLW8glRqgYIdKVUpwtWIYMCz82APYJu7lptlXyEMF + yeYgbpDfULRZ7Kk0otIccO3gRbiy39RdSvkKnhNPBzSM9JEeM0IcWs+38T2zHsgP + dPBem6aHEMsuXzQTOsv6KPCCA2dvfOYaVdrXVrsvQnZMu61KYkkom8yvK0a9XsW/ + tQXEs+mLube9gjLpe4TpBW6XoFB482RRgPAcYrTZl+xDsDToCwJllYDOC1c9V3DK + EH5jGpKkXWNTdBXk6Ej4JQXK3GQVy/QL17tH06lGZNJeAWVqTR5vfnBBeJ80uFIh + E8YJHg4g+hDCoDpHQiQKPjgVTNwAerhDwNb0BsQfLRBxuMWgaPtlW4L9xXu3dLhl + CE2ufWyFCrpHm3y7UdGxfzYeECZCDUOHnUILcvV+jA== + =OR1o -----END PGP MESSAGE----- fp: 65BD3044771CB6FB unencrypted_suffix: _unencrypted diff --git a/nixos/secrets/mosquitto.yaml b/nixos/secrets/mosquitto.yaml index 2e5f412e..e89eed15 100644 --- a/nixos/secrets/mosquitto.yaml +++ b/nixos/secrets/mosquitto.yaml @@ -9,60 +9,69 @@ sops: azure_kv: [] hc_vault: [] age: + - recipient: age12ze362pu5mza6ef9akrptr7hfe4auaqul4rkta7kyy2tnrstqensgmujeq + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzSlhaOWxDY0E4RzExaGR4 + U3o3bFFMejNxMlYyZ1VnUjk0ZERSK2hTOWhRCkVxd0lJL2YvZXY5ZjRaL0xUUVNE + dFMzRU52Tm9LY0swbnpoaE5OUjJJeDAKLS0tIHlUVWZtTE5acXRONURiaHFPaWpV + Qzh5SUVWcmx1ejNqVGMyTVc3UGovVnMK5tfxFOpzlAbhiYpcwWI26MJ6a+esucPE + KfYUQ9fVv96Crzl7vNPWXcI3TpmrIsRl2Jf1HA3bwfJzknQzucZfTw== + -----END AGE ENCRYPTED FILE----- - recipient: age1a2quf2ekkj94ygu7wgvhrvh44fwn32c0l2cwvgvjh23wst90s54szdsvgr enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3WkdEcUUxMTQzdkI5YjdX - T1AyczFwaVBwUnFBVmxKeHZIWTJyVDhqalQ0CllsU0RaZ0ZNTUVoYU05a0xIY1ho - cmNLbzZtRFZFWlhjOGlwSUhyUG9ZQUEKLS0tIHhCOHBFZG9xeFZEYXU5WmdhVHpT - YVAzMlNFY1dyUzREUHl6eHhSUE5VL28KyWyBAzMx/aDa9b9/n2KkUJCvYgZblVFj - /gDBHjCs177fge8b0AIKqcJ3akUyQZS3WzhJZLZPR+dA1t8QpaZbZw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwaTRCc1BidjlYRURrbFR3 + WDF1c2puK1pLZ0JVQkNKNUlVTUFtWnZkZUF3CndEcEg3UlgycDlXdWliVXM2dmJQ + SkFPRTJCWTFpVlNRTWZRVzFMYmJzTzgKLS0tIGJJcmFEZklRYkJUN25McnAyWVNm + L0VoSDZzTjVIWFN6aFVhQXE1bXlMdDQK2hAlcgBcb4jvVTRwXk0AQPI0P5Gt0Ooy + SO90HyKwpck32jr6X6faA+bAyBVSh/Vf/9zSgIIsv7M4Pw9qPrBBDA== -----END AGE ENCRYPTED FILE----- - recipient: age16klpkaut5759dut8mdm3jn0rnp8w6kxyvs9n6ntqrdsayjtd7upqlvw489 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1cURDeTkwUFdENEdYaFh3 - R2RZZjhYTmZ6a05wTlAydGZwNW1USWR4cnpBCktUdVRUd0daa3FBVmVMSjlpbXdi - OFp5dGpsVG5YUkdWNEt5RGtOQWNFWDAKLS0tIHVpVG5mZzZoa2k1QjEyV0pQQ3Jy - b2JFTk5GSXRocmw2czlNYkN2NWhtYTQKdss++r+z2AvjBd1JbMmEc2Am64hxwRDz - OD6kad9s02ZzGpryLfrBqyxvuQbfwfbTPHMwANS4WuiqvSSnJ40BTQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBZUGtrK0Z2M0hyTVdGdVNZ + KzdzaEhpTDYvRFR5WTFmOWZFNVZMWmQ2Z0hFCjkwTlhrM2hIdEt5dXFnNldXWHp0 + eEMwL3Y2a1B2RDQ3dTBndmpxSGR5QTgKLS0tIDlpdFNRNEtQN0FGTFlzQkFxb0I3 + VE0vNVZzZHk4WFhmV2gzMjJ0UkR6MDAKQk2nlRz9+vQpmZX+qG/IUOeHkRJ0ogAP + UQ5+lcUQ6XVIx2/qoFb4GJ5Rb2CLnaeY9Xltb/PoXuluS39Kwx5/YQ== -----END AGE ENCRYPTED FILE----- lastmodified: "2024-01-16T19:11:37Z" mac: ENC[AES256_GCM,data:aZl7545lk6KMNGanuyw4tcn5KsJNt2hrsEVn3VHTJdhtoLo6324Mnei2WCcJm6TfqYN5wKowzg9dnivtRvTD8r/ZM8J3dtTwl9091d9TKcEhVf30a3EwKrSYsDpQUL4vagg7rgFUjbZMUSKZTEgA6o46VbR4glnOiVZMpMMtGWw=,iv:OsbhloYhHRzgUKoUjwiRspHrZFxAf2XL0+JIwwEpmeg=,tag:v4pE9dfnySmrRwlZK7Fyyw==,type:str] pgp: - - created_at: "2024-01-16T19:11:34Z" + - created_at: "2024-01-19T19:08:55Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMA82M54yws73UAQ//aFxbDCVemOYrhkOpXZp2qhBlCrRzeykheQzpgnZHd9nl - ip7J6E1n9CNa9nPPKMRCbyQ2vYE/VEEbMtmU6kPkcHcRb3T8Q8O993EPBglFu6Es - hThXBc7DnQRt75Mc002KWoG3Fk4GkCNnkfxLA629i1z0M509STpK3cBliW4ehPy/ - UlAAQu/z4+UMmclydLIIQEmpERBLz98B+o5G5kiTFr2UY0ZmtXYfK0F/DxgFNIn5 - IrsDYaG9RELGG79rqJNBhDqmkFzXKLrr0OOnzW1NTeUCUMGsnz+BcYX3Z9g/XME+ - OS3mCWxyXF9rnIagvKsXVx/8BCm8ltYvDMEzhaHoCApcSVz70crbRdmU9CrRNAOL - 4BxO398dLEUX/2+DzMkhGL15G7fPoChGeHAcWq/m2G7iFSjcRNGpp4WnKPPy0eOa - 59zKpl9zM49c85qJjtRH7kEuFti1LaxKrMir79EQISeR+BltbLolGGZ2pxAfnKxU - 6Y045TwM0E05LUG2uAqcusiaBcmKeZA1BfcJ3a7n7+gQCZqwUZwVtDSqspfmfTwg - 2z7Zthv200qgW941xhxkI05wNCqJvIPZUPoHXMbUs4qHYdkh6EGlz/gsNlM58GGy - XgxtQEx55CfkvfFR0aye83tVDjI+MpkhPoy7e4vGj2n3gZpy9RLDy/KYcXGDrWzS - XgE+pcqCi4kNhs9bO3qKvH/baEKWWlMr5myB4mVE/fZsOsrmINxHsB9lWbRtOUvV - C38jDgz1ZAJ2jWBpLWkwqk9tMn5r6xtXYfSirmluDnnO52qOma9IyiHh95xt25A= - =D8DR + hQIMA82M54yws73UARAAwEU07Rt8Ab+2nopNDiDHSBgU6e22i7N3W0yuXslqVkX/ + P/gQDG7aNe6KWFGgjMFB38VLhR/Y7KpunL1JGJZuss7qbYmruhbKIzR3q0OJqJ0Y + 81rp4goDnRqtoD6Tmh0X59zDYZr8e6hSMNEdBiGjzyeMAH6nctBt0B0eO6QLkcYa + N+mNcKQ+r40paI6Eg4iLFRXYiKTkYnt6mb2Yik9EyWZGI3dOYOe4S6w+90BH5i6B + ZvK0WGj+mkvGTvbse5C8E0ruyiDTU/opscjIn5I7JUIM2KTkQxskt3Cxl7VzSqz7 + mlUcaJ0DhwfoFj7PBUEUwQyoAkKh64UEnkpH74U2dYe0Z72aQCFpq5kbIbbQDbkI + hnfo4YpsC2GClg4u0KjXTXW5Xgi1UxxIb95HhhPwfO1OF9uEJSRlHmkPJGfkHzM8 + YZU9ZOZjklBAquh+zBnxPnZAsHlCRJwn/vNFryX9fec174rdiMqlcSJ+4hAO8l0M + XnctDPB033lHL1+nbXsKUQbq1iAi/ijY8hPaYDgdHTXZS1OdS74CE+xGsnVp2J1k + niqI2rBTDJ4DPeZm51QATmeoyOtbDVzieX5x6KK9tKdviHcm98p9KqY3dXFC5qi1 + L26G3jPTkoYaPlEzra8RKyU/XulLhf5q7JfyTGys8jczmgbld1/sPf2hHxoFKcfS + XgGfFziQ+uwiLMs4U/949dVJ3HsQdvMGilbbbLkK/HCM+sxHaHw7axBu4TH1Q6N5 + CWP6x2+Z9YS59cXwHiuav60TzzQ/wwGyJDdN3+cBjeOjNCw5WF74xoLR1JJcb6o= + =KB2c -----END PGP MESSAGE----- fp: CD8CE78CB0B3BDD4 - - created_at: "2024-01-16T19:11:34Z" + - created_at: "2024-01-19T19:08:55Z" enc: |- -----BEGIN PGP MESSAGE----- - hQEMA2W9MER3HLb7AQgAo+QhhMhj1xlxowRwjUYfacuKJJisPWCOMlVEdBBLs752 - AcCzJdV94GB9tnn+DNADZ/8A3HPUfVqMJdHVQKokvMZwxUN+pJU8HxuygLtBFJgJ - IfP1GaHWivHoVQJ0SUFbwvvZdlaoPBy/jt1tYI0tfIQVkqG892qeDEtyR7QWsg5B - xvmedepz7L/3k0fOFbqbk2jAhrNh9fhWfcSArzdeVNFALqFfCFrzxWQkbOSccV9C - UmeiD9kO1wJvkRagXOWAWEEnmC4Kp8SrrytaNZgEvk90gVERGEqYBJdCzmGV8IRA - t8tMwPWKwHJmrdREPE6xOxg/NLlITI0sGVArgPHoUdJeAavRjJuPWGL4vfIt9Pav - mxSSmF9LOUlu02S7bc82meN4V4idNo5T1FtFO+wZQbFr92mlJi3hg9hU8ZEuEtUm - H1CG8DDKHcEowqcfV+zviReJOXLKUf9m/arSKMYbOw== - =ukAy + hQEMA2W9MER3HLb7AQgAxTKY2cLyZI2Geztn09LIWYelHoc3H1YpWnpchQ9zclBP + 5xFFYIfuWby1chHAoOHlAz+0FEr7oIQFHrBRtX5FWHdfTU5M3t49L7mX2FiX79/q + z9J90fQSHl2m1rvCI6SoYkh1m9PdGT5pHEM+ebCYggQnDNxbhW545yDDzsd4rNEY + jkIFNwHGIJ+BY+NaBCHwGhXli68+OcAJJDBjmIew+xggg/SWQZvvAj2EGqpCFyHx + c5NRqhg3MTUa2D+BuvLRNzN+KDsGFNn6Rj+W/6Ud+5Ohw+Xbj0l33Zj/i+9Ferap + 4pKrkqf943CSIAkINvxXCZpqnxhUe8Xh0tWSMm2XldJeAWXo5BUf0mpymT+VdACe + Swks8aSFxl4a9fHirTqovD9CwkCzLHfgEDnpxUjRJR8TF21lGoXD3OelMqxqGqVI + xHeyIKZBO3VETzDF3VWPgacKvRb+xV3JM4eW2LPqrw== + =razo -----END PGP MESSAGE----- fp: 65BD3044771CB6FB unencrypted_suffix: _unencrypted diff --git a/nixos/secrets/postgres.yaml b/nixos/secrets/postgres.yaml index 03e1c116..5f106844 100644 --- a/nixos/secrets/postgres.yaml +++ b/nixos/secrets/postgres.yaml @@ -6,60 +6,69 @@ sops: azure_kv: [] hc_vault: [] age: + - recipient: age12ze362pu5mza6ef9akrptr7hfe4auaqul4rkta7kyy2tnrstqensgmujeq + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBMc0FYcS9QN2dIdERqSTVF + SmdlREJHcisyUTkzelZHdFJvMmVCeEY5eDB3CkVTQkdaMjE1dHlzSkwva1RUVmNp + a1JLeDJ5YnJoTEQ0YXkwbzgyY2pHaGMKLS0tICtXcEwrUzB6SkdwVnNUOWFqaFZr + WHQwekF0WXJVT0NJQmw4aUJCelRId00KxUZ94aCHnWyyQovSqDV29E07Z8UcTt3b + Lc7cjDyi5K2c2p3izgok9bUei2My/BcZVmBHXGj1QV/9o6r78pGdmA== + -----END AGE ENCRYPTED FILE----- - recipient: age1a2quf2ekkj94ygu7wgvhrvh44fwn32c0l2cwvgvjh23wst90s54szdsvgr enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzemtXcWlQMFBqVHdVdGM4 - RFJVeklvUVZzeTNUbzdHUVVVUnRJNGs1UkhnCnptSWtOcHBCWCtqS3F4NGZ2ZTEz - STBOQXlzNXU3QUpnUEtpalplNWR0ZWsKLS0tIDd2ZXk1ZlRuTnNyWERkdmRraFpi - WWZKQVdLbTYyRWlQK2llZFN4cXRaUW8K6tIwHU95aI1D9SWIU0sb0ZK0RJ9FhoCJ - +qdR87gWSEl27W5kFsDlkMQHe5a+68S/MbHmy3CY5dMmsETj73/veg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQODhwWGpHL1ZSZ2c2YzFU + alpleFpyVzROeXFSY2F6dUpTS3Bod0FhbVRvClhMWXA2eittM0NlbVhsS3ZxWkgw + L3Y2V0p0MHorTFN5NTZKKzBiRmdMNkkKLS0tIEZDZVp5QU1kQ2NQcmlVczBTbEdC + eXoxcUFKajE4Y0dheFFheWpmOFhsb3cKnnkCqy9YlL5wJBnFD7+Tghh6TYwGJlFM + 4Q+tSl6Ou7j8+pltr60A65RH/8/1dXihOIOFSlgqGNBIGYT3Y/E+Gw== -----END AGE ENCRYPTED FILE----- - recipient: age16klpkaut5759dut8mdm3jn0rnp8w6kxyvs9n6ntqrdsayjtd7upqlvw489 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkbjl5aXBwZzBNRkZyUTBu - VDVtSk10YXdaY2tpcVl6T2QvZXIzc2NrZENvCkNndm9JU3p0bnRWUml0bFMrQ0lQ - VlprVWN6NlM1YmdkaUN6alk2U2UyT28KLS0tIDVDVFcxYTAzbkQrNlVPSXdSR3hN - K3IzMTJ1YUt3dDcyaEFMODh4SDNpdG8KMf2OKhUsO2kJk/v95ztfPNRh+hP1LuM9 - 2eHsbKZ7lEwQDJqKcRduAtr1jGXIioPR9+EaTLRH6NDTg8ZORYLpLQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSaTJ6M1lIT3pvRWQ4dG9I + VFk1OENraENRMW12Zk54dng2YU9ZZEhtNlJnClJGWW8xUDVOb0pLMTI3aFhEU2Rm + TXNXREhDT2V4Y3pxYkFCQzgycG9hMXcKLS0tIDlCd2dpV240MUVTOHFHcHhLM0dp + a3l3bUx5NzdqUGd1TEpGY3UvQWt4TU0KB4MAjvI43FaOiGhWTkwPpeMMiAnX4v3L + rLZDdc/vegF10FKTNJdxdq1E7ccMaV1KwjQkJoOJnWe6teKLjGOFkA== -----END AGE ENCRYPTED FILE----- lastmodified: "2024-01-16T19:12:12Z" mac: ENC[AES256_GCM,data:xT5guyOuwPe4BH24aIUfpG95Gu6o9Df3oGeA8HFJ6dtHuWXrf2xba9rn4tXDHkIxDm/18Z8v6nX4OFoiEgkwWGsg/RXqG1Rs1/+fhWHe4UOUU675bn8zJiFgBKEtr1e0Q1THSPlgfM8L/qgJhEJSYoPcNArbxkfOgXlKJFyH8ro=,iv:kw+IR4Xh77kkHixfWKlX0+mqS3Sq2E+h8NSryrwYchI=,tag:N7yiMKagn4y5j9iOrh93fA==,type:str] pgp: - - created_at: "2024-01-16T19:12:09Z" + - created_at: "2024-01-19T19:08:55Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMA82M54yws73UARAAsLhIJPLcHxsBP3ERy8OCJxqnwOPA86Bi491pbyg315N+ - yZSRsVRHGHmJew3d3GNcqzgWAi4GtCDNukcmorrqPe53c5gdMXiEfUvBA3BN9QoG - HfFXkX02+Rpi2n44IuMTpVy/vGCqIsgREA85VU3oVmWWuVI5zLgEUlyKqq/GuBta - PZuI6mq/GLeFBWykEu2JD0KBVEF3U9HPXQ32S6Y1RdKrLI3CfCuQV8JGDE60N2Au - R9DKto/nsXfFNivBMKyV8fhl3nxAgXYpLuoYoP4WuHmwkOYfcTofJOaMu0VqE38C - jWdnkU1NkeovTNzpC79bp4mLAnEsswAisDFyuoG39Pnk1xOG/ctZYzrk3gtEOPKW - e6IlFOlA9z6dZYVvhWhPHKisF4w/zz1cBZNAzf2Ehu3M+QLJUm0HC+1/SYDXnKzl - XuMYERrPZBk/2h9EAhR4iJlP7trBjZy3HFlLrs766z7PrIILssqIPLzzQBSl3/fr - Owzf6XopMl9QxF1EbkK1yJ7LZGpyQk/phLJ7JEZL97KatFjIkxiGxC5Cp9oXYREL - vwH6yJB6p1A1tb/jA8oIVHg3JV8JYON0qZxjZd7GPkTQdKRxfo/hZ0m6VCNEswN4 - 3WBP/aGGmnqmw4eccgZPUlP7ZNxLJhEQuwXXsCCdHh29NnMFv/fjC8KIjuMTIDXS - XgH8Xg13xw6ttrJ4NxNGDbpZYAuUM1YbW7SIPLV1gKwuF5OH5lbSVl2DLsDwMKri - 0LpUTxA8IvV39Fsj5tSrhsMaOgWQ/wUrl6B/+Lf2fT70/pY9NjiNtVFMrjIYfnk= - =ze4K + hQIMA82M54yws73UAQ/8CB9fEBmQNuvN4kAxgBHU/4uOrEAvxFFYjsBXiOglaIYS + UxVdHwR5inoh8xQBNcl+v1/34jQe627ppSedYXF9ZzRoWShJTDhw0ArBsRbJwN3Y + Bk8YZd8F32zFh/+npCMee5PuWtkfBVwqQaccDpi9fCpBIedEAqgY0VPD40ydGseq + ZLx54MufKXOjnYR7BjVI9inzfUsGNWhI12haTOkcE4mFb4Ni5bQmt9qG3Oie3Q6a + TL06Dejfy5JPWemYoi3rD04MQ9HW+LmvLVxe8VfJrtDbvjhDwERzrO1GwLc+39kX + ArEcFAfbb8EQQ2serpfSGtZN/6UMVbIkT5VHA7iDzqXgBS2GKyOAitIMiXGGTN21 + /zv5cXQen3W1nezSD1jdEFL5oXhEpCwZsTi3L8RKCs53/u5hGVq98Bch1/+qAn7Q + jrGPEey5lwnocic5BMR2S0qbVX0xOByqx0BsJpJUOLDVZHSZjwHvZ7V11+D9gaJf + DLd5MrapLcYB9F3OYxX8toTaavJTKC1FTAcIkh9+7yD3OXw2iS/DLZzgiEdPeWRo + 3pxJB+MHRIb92+YN+tPb4OfCm2dTVwlI8E5CD+aqmp8axOjFYJ30BtybKqxyDK/1 + lqnKd8uwH94LUErwkv8h+P32m3W6FfhEzPp166RKEp7yBK2P5wh8VcPr0iIYRJzS + XgExy3cR7RC/E+WVfJY+RJL0jjS9mpRfkdyfjXCfHtAu+KSG5/SOLW3gLdQN6x8k + gQNKD699kZv5UbmFyW3UjcvqCfWixOLGqprjxvYZvlYcNBlqpZ4nVENRCPSfRgE= + =c/9s -----END PGP MESSAGE----- fp: CD8CE78CB0B3BDD4 - - created_at: "2024-01-16T19:12:09Z" + - created_at: "2024-01-19T19:08:55Z" enc: |- -----BEGIN PGP MESSAGE----- - hQEMA2W9MER3HLb7AQf+LIfrBcHtGu8WCAsjrNzxBmvJM8I+11wIG4X1erkfe/mY - yeQJNLElkLPa04uvJ+p68xGvGnBueKZX1TTE2a0y7bVqNYIAhTDYlP3pR3tG0vxH - KgKqYNWwUy7qLZ9V1HPxDtng4/yh4rQUYcf5sXCcW9tSzKwenYiiK10fEBJk6yLO - +uSLPAPsyxjMbKlS71jhDDtzn9z5815VnzgNxRWd4XhZPVxXX0/JikS6YQSPOKgb - MVJhgSi353/OPsBOnoqiCcor2HNvGUGxyJa/4LC9lG3yVyEHxctCm+afJ2kMBq2X - wRQrYQRkst/Xc+7RjCbgN+c0XSDcvOu4idJRFYgaFtJeAQ/ZlsYEZIFFqRsPW0mn - Z1bVcANbYc0WlLUSDvv4tgh5CToR6rwPNwD+4vLlAaRb0pyFFmExpWSew/Pt2M5z - hrGjjTSvSZ8fIUGrKrjxCEmjsHY4mvxsBIdGqFP8VA== - =GcJw + hQEMA2W9MER3HLb7AQgAuwdTlGN9e6nlYW1tU4H52joJMjzUovWbZ+bl/8+Xlr3d + C8U3lLRHgwmZ9M1tGnpB1tn1L8bloScyqmuNF/J5kbKkMrauEl61UEPLCahvBeas + HSzHNrkzK5yqc0k4KW+av8HChe9LvqjFXu4DHEz8cmOiCOhMGlnBl/8Dp0fS/n9c + OqgGVY/D3O7y5+vWnI6ZmRdMFT7ZZ88OwMMTvuH4DH5bBvAVVQVrisefVlNRYsSX + n3cOPweYbkEFlVykZ0aBpgwJGZlpottGAmWia1wAHyGw26qZrY9cwixBWTuCX+dn + G1dhb6uwi+t9cB0J0c5HSsbQmie8Er7dy11MFzNdCtJeAd552I2cJZsEdMojpYjQ + 0EZXu7UJ3j8cOIjktD6zQQmJ5zVrGTF5DWW8UT5aBFz+G6ZPisnjUbuPnJRXDJbt + yLiQ7t08bXNamLt9AKBp9l2mGvVvbUlyyJf3fraAUA== + =QI8Y -----END PGP MESSAGE----- fp: 65BD3044771CB6FB unencrypted_suffix: _unencrypted diff --git a/nixos/secrets/syncplay.yaml b/nixos/secrets/syncplay.yaml index c529e76b..1d4d8c57 100644 --- a/nixos/secrets/syncplay.yaml +++ b/nixos/secrets/syncplay.yaml @@ -6,60 +6,69 @@ sops: azure_kv: [] hc_vault: [] age: + - recipient: age12ze362pu5mza6ef9akrptr7hfe4auaqul4rkta7kyy2tnrstqensgmujeq + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvRU1ZREF5WlpNclJvNTNn + RFd0TXR1Rk1ydFFnb0I5RkRaM0wwWTV1cjFvCkhYNDZtWW5DTUo4bkNlbXdTZWxU + N2d5S2txSmFPV2hlMCtocS9TM3AvcWcKLS0tIHExQmJFMi91T1J3TWUydWRZcjdm + VlhYVGovM0thSlkySldBVlc4TFV1bnMKkZ0cmNQcg7TlZD1dkTGT61n2C92S1kUx + 2RQPkt6JS30ebd2zrcfqopb7AzmiOXheF33yTTUlUdfKk7afN4YfTw== + -----END AGE ENCRYPTED FILE----- - recipient: age1a2quf2ekkj94ygu7wgvhrvh44fwn32c0l2cwvgvjh23wst90s54szdsvgr enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4MXMvS2g1bmpGYS9tS2pV - eWFNSnpLWVBGMGo2TjB4Q005VlM5UEVFdVYwCm9tamVvZzM5ZC90TUdiUHNnRjNr - MGxoNFl1Qi9mc3VCTGZOSVJPYjBWZXcKLS0tIGJGSkxYbzZtVG5ESXp2KzYrdE5I - ZFE3YjIxTWE2anRoSVhKZ2VnYXlSSm8KqTdIqF5zT1J+/pcdgvqJnuCTDT2uFfXI - ogkwT/uetjoDywBUBifEcDAQL//OjmEiP5yVWiz058Vrat2OX+cgtA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJNDdCc0IyUlFWL0NDcVB4 + aE9zaTRmaHlVaXFac0luVzR5azFDU1ZmWHlVCkNUVXdTYjlmeGxPd3lHcGFhb0VO + aFJhd2dNU1kwRE9JVWU2Q1l6K1RpZDAKLS0tIDFBbFhIbm5HaVNidms0RXRrMXkz + UFQrZmM0MDFYekdrekZsRU1jeFBaSDQKCLwWvYOi1mvLlIm86JLSrD5wgn0RYYoG + daYIw0WA7VQm+2AGFs7yF6aXYJa1AULAr3H88JQaHE4eQFCUnnvdVA== -----END AGE ENCRYPTED FILE----- - recipient: age16klpkaut5759dut8mdm3jn0rnp8w6kxyvs9n6ntqrdsayjtd7upqlvw489 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBadUJXNlFIR2s0OEc2ajlH - eFdKZ1BpUlZWcDk5UXcvUzUzQmpuRm1ienlvClEvQTR2WTFqSjRxWGFOOU5OS3NI - ZUxpUWsvcXBURTRQV1lrWGNVbFdlaWMKLS0tIHlubWpsb3RId21JMXVDU1FENGdm - QzZtMURvayt5MFpvQ1M3QS9nTEtYVGMKlPlw7er1PUOvEFZaOIC2l0BBgFVc69QQ - B3CmxZ6x6e218zoOFNy7knwlbCmn+/TH2bhOD7iCFnc5JUMZmUxlSA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzcWk0Qk51aUVFY0QxSG50 + NWw1djlDY0dvQk9UOU1jbDN4ZGhGcXZ3MVFrCkVvU2NFcnVoOWI3WEpqOHdXczdS + S2tsS3FBUG04TS9HVFpwa2liZGdVOTAKLS0tIE1OajVWNUlXei9leGNsSlhBbmNU + QXlqSjU2N3ZvUmlYTXgwNWlJSHhPaVUKmSWxiM269wNw5VBh/OcHa6y21navnYIG + 1hLHyeJFNXmCX/4+gTxjphcUaWc0zYx8duH63L66CTtCK/RT+Kdchg== -----END AGE ENCRYPTED FILE----- lastmodified: "2024-01-16T19:11:23Z" mac: ENC[AES256_GCM,data:mev1gtAUq0ujMdYVz4ipkGeyPn/rtLJZx993CVQRxTLVNOIdFkvJlbUwuSKWdZ29r1EdQgqDc7OoPekYfdO/7aMa/AyFoL1e/ohzD1mklGZLTP4YLB3/jB8fkqZUZXCdWtA2Ej1sRlBY2bUZx9rL/FpG9OyWA8zOlItReAEhDPM=,iv:rLXIGy4kY+tMHX6OHFE2DGtFU6niFUFCk/+CadXFP2w=,tag:j0GR5K4yxMQwVUyXCEyJrA==,type:str] pgp: - - created_at: "2024-01-16T19:11:21Z" + - created_at: "2024-01-19T19:08:56Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMA82M54yws73UAQ//WtCBv8uciyNo+5ZVd6yl1TaLHTdV8WVOL+42TWeCiHmF - 8Zo8pi4RXprwxqcF2pBUVmerVur/Xhh0XYQN7bMX7othdxEI/wMT8oidbr2SH1UV - 5nL7GB0A8ZjB81A4Sigin1IKRDgNMijDRBMNvYiHFdA1oRv1SHecBf069rGT4Mtu - tR0ULEAEKgSG0Nk7WgHtejqsBSaGl5CmLjGRmaH+B1vHcDpdwQxkMvxDeq8uSL/K - b9ClfqvkGtfuZBIe/IjGyC5e1l/A2+Lk1B6PVZrl5j4kht9OGJAWodqdNu82yvuC - jZLYQWhT/k2enVCGGt8QI31Ix8SDIQ6yvAxtE9jlzb+jxJfrMOVKgYuXYwkasdms - lYwyJM+vvF1HwpTPKlxCjCvtOqx/CSjJZrKLIeodkoC00VHtlPzbYtjAz/JgZGBd - SmQdvZ1nk5lTVLRpgkN068qj5X2mHfjOHEeuhNY7vuzLStraJrb4sA+yZOMBAYTC - s8UgRzZpN36V/Kbn68mQVT0fVX5JTdKCeOM51gm8xxwtL19saw8qByzvUIUhvwBO - xgZZCKQJoIGd8AaD+OYc0/f60UmjobVIudJII66ZxHKssGxHEQwj2p7Ru5iZbzy/ - sjB7T2HuPQJHI7Kcd3QNsC4BviJ4zeAQEC0v3ed+pJcJRBSDRcURwhZdQBEyekLS - XgEv338ih8/39Mmv3lvVZk1MMSp31wOUopsIsU9Iv1hqYtrK4FCsimDCCALXA0FV - ZTVljmxA4lSr5C0EUg4C1FFPC/CxWuMfrSLTxvsoH4+RULDV5O7tqNfEfAZMiDk= - =IEMc + hQIMA82M54yws73UAQ//ZcXSQRjJofOX2M7Yw7S7MFkR0+4vlKKutRNTFv9MVQ/R + lY54fiieZByInd8umflBMos45uNV83ROfOiI1sTckwemSWcZ0skmQE79RnsdeH12 + r3hRq62S7uTKATSLQXaTPjmFRRfkSagaNieRbZXVFiAGDcozUbnHGu+u06MKv/oq + l3x5aVrtDHwBWQa6+XC/E8CZT0ixVCnLxGOUl6/hIjOQjbdLNWLV/fi9di0bRWvl + 1bzEhp2UqwmXYdDmSfot5ZvE0yoNywXB0z95aqYS29a4klAJ27agUwOspAYImrHN + YWQ1nU3U9j5W/lT/K2w19wruDteZYBAXe1InBeebrkzp1xl1ONHMsj/2gID6tLQR + 9Te0dVsXf/jXE529TEkxhuN/+gUHmAOS4ont2i6wpRUnVW44lB9EMmb4igzfDB8e + /MsvbE/PiAHnutRND77Eio6VKdczW/tC7mLuBQyyaMGvs6tbnufH806hiOnsE//f + KkSXHm0IBrCoO8FN22vBNjkA+Ktnd5SS64cvcqwdTtU3un9KacjFtVOsUTD9BI4l + CECVNKEQPCnElEx/s40WC5Ke8ykVHg3PlgXPgs64AoArApqs/sNaKbQl6LMQhrgU + 2wSPX28s2I9h59W1RIUcCiAdTR2/L0/BmwmX6s1yGrJQfnswwjb5kO9Sa0BMdsHS + XgFT+2fXfsnQnCWSQHA5EIjGamuYYDXF9XpOJ3MyedzvNvalDR/34ABjKJoHgQrU + HwVy76wNhqYfzWTQl0hWK3zhoG5yeGd0WsvNZ+r1/vMRPUYbq12wc7MpCXYnYuQ= + =IP4T -----END PGP MESSAGE----- fp: CD8CE78CB0B3BDD4 - - created_at: "2024-01-16T19:11:21Z" + - created_at: "2024-01-19T19:08:56Z" enc: |- -----BEGIN PGP MESSAGE----- - hQEMA2W9MER3HLb7AQf/Q+PBFdmtztV+d3fWDqdi4D8nAPcevbMNvQLwq+oPSByt - db3HXcQV4HbrrGyUtULAjcap19R/t0jpNMNmx7jddsKpSk1cYSmrFmD35YQ76sE/ - FeVyqbAkB8ofQCeoDTotlPGVzxluAs/cQR7YGpZrB4WJ/zTkG3Njhi+MVoOkk0f7 - 3iUIXcFA6qvvWoodI0oWpD2hwx3V060Yv9X/sSG/ymIXKo+MM7cEAe/AasxXIWG/ - 3InpE3/fJMssSb4+4uq0rCHpXrwhKENKjYyRlYqRc3KurNEIYZHyEGCcMSAnexcZ - PkNZZrZJ3c1fUCtyI+1hsntHJQQOwcu+6/JERI7SodJeAaeSZIgMVx7jEKtL36cM - u73VkMqTxK/ebGaMkoT5fbT0fCTMFvOhp9cRB1Viy+cNo6x68kC4VQZLeLHKRPpf - fGhxFogt59q55ZzVYh+xUlhs4zu2aekFKcpMzjfu/Q== - =y7Sd + hQEMA2W9MER3HLb7AQf9E/rIfsMbsn2JNkT0ht16OgybBeQHywIL+mOfMNNUa37P + /ovELc7BSGxdWkgGRpMfcmGnnyiecKyoC2kDtTodmagFKyTsMGYCR5SqTgm0RZxP + 5xVVo/DDZ03CYAKB7wRgCRBMyL7/J2lN8mXnMZRcw/P4+NI/+LkML1FDcma6kQNU + zt6sMpnefcrzjISPnEkCkAZgLd5pj1idP2O5+xnJqa7BTHgjcG+NrTe1p1SdacS9 + AT6Osysv4TBfJXXiFmop2XTXwCp949Cej/SlkR4MQi0z6PJwllE2kW8yjSAPp/GZ + Y40FbjSTL7mjZ5pNVEu99pJ50Zhg0Oq8kExG019r4tJeAa95a4jlfTcKLANwhKAe + tUJ3omQXr+37sVsqCYZHDDChK1UQgiRB26epPzyJkA9K5D1nTmMzSTypQP1RTtP0 + QvNNE/uw7ORHx+T1LopfjBaq6zPBr/EST+VGapnMQA== + =3gXo -----END PGP MESSAGE----- fp: 65BD3044771CB6FB unencrypted_suffix: _unencrypted diff --git a/nixos/secrets/systemd2mqtt.yaml b/nixos/secrets/systemd2mqtt.yaml index d22e2613..1b4c04fe 100644 --- a/nixos/secrets/systemd2mqtt.yaml +++ b/nixos/secrets/systemd2mqtt.yaml @@ -6,60 +6,69 @@ sops: azure_kv: [] hc_vault: [] age: + - recipient: age12ze362pu5mza6ef9akrptr7hfe4auaqul4rkta7kyy2tnrstqensgmujeq + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBoT1N0aEUySEl3WldQWSt1 + N0NHQlZIS1lzSCtKditGS0thenE3ZmhkeTBnCmhObjJ3OXhmZkdVd0FSczluaEU5 + US9iMWNHVlBVTGg3VHVPTklrSUNmTk0KLS0tIElYM2pCSVNLclNpeTRtK1p0dXFn + OTNNajN5eVY3bUcrWUdVVU4yWXZlSlUKouP/M7RBNbDwbQJj4PG8aeEdqJrEY3dl + ZLRONkJ5Z8E0gIwqxOR7Co7H8M9tHSchAg+1mQI0m5MbZz1jCZQ0oA== + -----END AGE ENCRYPTED FILE----- - recipient: age1a2quf2ekkj94ygu7wgvhrvh44fwn32c0l2cwvgvjh23wst90s54szdsvgr enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBoQkdweWxadkM0RnNpNXBn - MWdDdGpQZ3hjSFZORkxVVUJ0cmVIVlZCTUU4CmMyNHVGUFRLbXo0Y2RlbVJualJW - U0FrNFlSTnE3b3g2bU1RVGZjc3dBY3cKLS0tIE1YTkVNYVhjNHpaTGFBRzdZN2ZM - c2VGeVJnRDAzb2VCNTl5b2xzR3VZNGcKBK/Ms73IPWONt39WLgcmFVxWR7Hs8KfR - 6V+obwwvUCNeZgt9K2wOKZjvL9L9p8CqfR+0RT0sJSmwmKPNbDwFhQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3NnNSVEdIN2ZoS3FmaDRP + TEU4UjNlclhpRzRwdUhwMUx0ZUJkOVZyZUcwClBSeDNSemJyUlNZYnNydzYxazBC + eHE5bGZxUVZMK0NkTHN0YzVSWVRJUTgKLS0tIE1FZDgvY0o5Y2xkQW93dmIrdFhK + dGJBTG9QVXZzOWx1aEo5cHdxWE5NRkEKe7lreiA6fdg3YSk+0rClHmagNuV82QlD + ZWtplwLzCDEA9QgfZF1e7CkpI/eJoOg6P/JUk3L/26+xVrUiglDJdA== -----END AGE ENCRYPTED FILE----- - recipient: age16klpkaut5759dut8mdm3jn0rnp8w6kxyvs9n6ntqrdsayjtd7upqlvw489 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5eWsxWk1menluL2FxSkF3 - bGwvTFczM1QyZU5JaXJzYWVHcmZTbG15ZmhZClJhdGRLOXVDVjdvVDI5SG1Qa2tP - ei9KZXhlRDBsaWY1THdqVUZpandEdlUKLS0tIFFUTExjSWJNa2RtaHdrMDdveURU - cmFMeEZhODFjVXhkeFFvUFNWaDFoZVkKhvOyuDsvvYuM0dTLXbmsM+fTM/MN32Jx - JW0yZgNZl+nbrmB1ECd9Tw+m3OlYmuCDj+n/uh7uQEw0bpiVFWvmtg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAyTHpneHN3TlJlQW8rY1Rx + QXNtMEJYcGNOTzRZN3FMaVdUUFVNdWkwSG40CldaZnRQLzJPT0JCc2hvVVVlT0Fv + MWNSS1FlY0JNcGpzdmYrRXFmVUpqdmMKLS0tIGZGNHQ0NWtHVkdXS2NhQU9NYnA1 + dVdBN0xPV2dIRE9zMHZmaDdTeFpuYmMKaZR1VVaRe0gBmLcinwZTserNHbaFqJf/ + GpBbDPgC0TraxwMXUUzusR9VkUjyJBoAfM1/5IlR91AuHwaFTxseZw== -----END AGE ENCRYPTED FILE----- lastmodified: "2024-01-16T19:23:39Z" mac: ENC[AES256_GCM,data:cx4yChbZ8wvNh8z29i1Ck8DYyJqPQCZBk4UApx8HoubGxtDVocvdtFl+98nkv7fKQkynmEmAKVd9FlFpmIbLze8m30pj3AkPy1NBvhIY+6VJExKpsPQT/n+cuxiSfEDovD+cptEyscpizy8Olrqeko3xcdn5DeRcRI7Y2lFQBGI=,iv:iHiEn0fjgRTaffSeSFzIsDnnEggBnwX1e8hJfGZ0YeQ=,tag:9Ax9ASlEXD62BKH6JQzl4A==,type:str] pgp: - - created_at: "2024-01-16T19:23:35Z" + - created_at: "2024-01-19T19:08:56Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMA82M54yws73UARAAqRJPALcI72IoazZIw2k1GApTNGL0VSl7h2G4OIOUN8lG - I3wMrp2EHSU0XKogL2mB00Yz8fm8p5r+7/gq7rwwS/jMO1dr2Mx7OYoO3Q81YkdY - u0qfCmWrYAktAGrsn4Ax9BWSxx+rJZ+Bz4MdMPdNA+eeGAfdqXwXajmd9KqMtEdi - xmfbL3Hza5KpRoJlKX5eiKBPeown84fXlqnPGhi2YgTZ83vgBrnySJTvOhoaFsHf - 1njY+WHOHoDi7i/Evgh6mjHyWGtvcicOGEBIpMD/RfQrJiIaDdRCajHVB9Aizwy2 - 5AsguSOMh6qi0KXoh/3jEPuNl99idQy4ej5sY+H9pmOmial5qZGEL4GgPCsbHM2W - DyDkk1MXsU/gHz+AvF+lwqpyyrJwg8LyEjaPwcbCZtITu2lSPze2Pu+w9ITvUwK9 - ekftMXSY5KmfhiICdWQOqbbeOIoCez6CSHpakQ2zuhr5kA/NCAqueRKTY33MpBd+ - IEQtGoG8JMt9ey/LinwVYGLWCEo3/fGqkoKvVPUZa+3mLsC7NFv4Sw3rl9GUP7Vo - W4KpYSKx8W5vvHr6D8PTaJMVv60xuZheRGFKHXCvv57YrJ/ZqF6oYf6jh5GC7sjn - qn+h6aAN4txUQPL8GgpP+nw/sVMqKbF9CCSydDC9plWMrNNXGImlQDmN69aIZxfS - XgEVWjMtqv9wDYcVy0b5ane0YAEB5ncB0Op2g+wcEraggynVgLYhS3ZludbpAy+Q - zu7K8UgYW0+pBGc9vTOe1qcsTzqwmFxzxTKLlGIQcoDybNEeYgflWlYGttzSyWs= - =cCBb + hQIMA82M54yws73UAQ//XWlLYdygTFXkll1SXy5SlI5ImKa1oXqq2SdPvK+5zIu8 + SJG/PBh3BwC6TUHcOio32ddjaMwe+LEwhw5B4YwIN7Zg+dqxUhz8iJ+rjqtJDbj9 + FJxrEpSaPSQzgDMF5hHZePQwyLmnGrvLnSGp0wvbm7P3xeV5qM+OLT7BU+Z0SB1K + FlDa8GSpEfKtMlKrNZMuW6RHYhm2KHltv4qhsEFRO2fiET/pfXXeCHDWiNIIMQIA + ui1Cr0phx9c1LlDXRKjoofgzrHx+v88vfMFjN9x2GvLfPwTLOdNKEH5U56zQSoiA + NrCCK8V39BbSCxQL82kKq6kLvrMbGl0iXXi+HJ47OM5umwfOlRnqIeuj3EGtYykb + jEQH5MOiuMtKbvmeK/9Y4944Ve9+gLkuinT5+N1WyduxM2hOQXSqyBSm4nJFM7AU + nrYNAKOA83VXuMstBkaanGhwhV2tJn3mGkvBrtEt2scLE7qb+VNcnF2D+hrwo0YU + s4HaaF3T9g61QuLqlEjq7GtV73BHNiGyNJ9w+I1lMFddkz4rkRSvVGYE1u/p783j + pJyixCfAak/zU8pR1rhbA9nojL13MOCRAH2ZTXh1xjT+ZehgmZqGLQUpotCXMtRj + MxpeTLzQZjxuFffQVbsPi9qZkVSpP2uYeNbGLzUkCMcf24AZxO5KdbovGThxM+rS + XgFGqTxN8g+k7Ki3pFCVNYGOTLgrintQ5FkRIKAHn4uABwWyEH9fPCpx3XdplpSD + EMsvOxpOd6GpERWPvOvB4Ddo7fGaFqTCXOusM7UpDKhz1zg2VnC0ZMQksAsSHfg= + =r8Vo -----END PGP MESSAGE----- fp: CD8CE78CB0B3BDD4 - - created_at: "2024-01-16T19:23:35Z" + - created_at: "2024-01-19T19:08:56Z" enc: |- -----BEGIN PGP MESSAGE----- - hQEMA2W9MER3HLb7AQgAvx91WDQu/kx57aMTe1OVormfyWXEZeMl11GTPwebhO2c - Aifly4zsyn0qPsgj95Gm9y19kWmBSmEOn+X3yVdN06M1vkH5oN7pJX+NqGn2Al7W - Q8P0pjb7LdyZuGkc8u749BMUZ3lVtZMjCbwtGPABXdDni6fXwu+9pdojm4/h1F3D - ziLAgFwYFRrSXnX2kC8hT2cLKXW5HG8U2Qp2iAZGtHqbTFA95KcAtcCg4DB9YrES - NUVttGiUelDMC0IrOzxMFj7OF3lOeiL2cpfS22+kbJsWJw03D39tzeldMVm7++jl - GpmEn3onje0yxfU7+8OWAE7mv3rRlxGgF3aGj1CbPdJeAaLlY1TcWv2/QqsFRy8f - uxe9IOppZ8klQsQ8AjVWFv60QFrn/iKO0XGxtZ8wPUMXgJpPnBLFk+0cgYJ51+ou - fuwvmpkBdd18Rjmana6AlxY9L9TmQxORneugp9EL/A== - =nkDV + hQEMA2W9MER3HLb7AQgAzZ4aRlCV38e9RgwPCrVrYZLwJAlNHngnmDeqsObYdaFt + o5nTB22W6892psK1+knQ2hJYd0kRi8tYhitzb726R48inosivj4OTqUr1VGa2hST + yuZ3q3uAG2OTEc0GfrZtIkD/EhpZ6jt/cordzhYAJnb0/Q6uvdUeVb9DU66MzDKG + atdzl+A9lotXqejmtMt5/0t1dzeftefuD8OhiclD/P0siYGVF4ib50ocN9vuBnPh + I6duHf9d4/PC7LQUPptMp7TAJb08H7S6Sv0P/w/jiBsgJBbasjZWKZhKR7kL8D1B + xtOhyN1Ex/H0Wvpv/ASgXih26SIHnr/aY1jfOgT0cdJeAX9lQ7rWkIaAk8cUwXbb + uWjBzrZlkx3x8u7LTklKWAHKu2rQBnHdUq0skV1U4a+FT8P6CZ1rsPS/2aHn+b0e + tGI6xkX63T7D12u/b5Tqp+VHUlxouH4Wgwc6hCy4lA== + =sLF5 -----END PGP MESSAGE----- fp: 65BD3044771CB6FB unencrypted_suffix: _unencrypted diff --git a/nixos/secrets/vouch.yaml b/nixos/secrets/vouch.yaml index 1f624d63..49c70a7e 100644 --- a/nixos/secrets/vouch.yaml +++ b/nixos/secrets/vouch.yaml @@ -7,60 +7,69 @@ sops: azure_kv: [] hc_vault: [] age: + - recipient: age12ze362pu5mza6ef9akrptr7hfe4auaqul4rkta7kyy2tnrstqensgmujeq + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkRlA5L2JnSkpNVzZEOVNS + L3FLTlczZlhrZUxtbEpJcHVJdjFtYmJLeEdVCnA3WG5XSHpGaVlPT08ya3dCVnpa + aXorSHVndUUxRDFDdEttWURuNllxMWcKLS0tIFEycEtvK3REb1dyZDZxcHJheXU1 + U1pYY2ZTaDdheUZSc0V3bWNsNzNtMGcKi6F+m36wc4Sgn5lfa2GC6LQdGUqCPJ7g + jZVo/iNLE2gg2lIBFkFY1xBZJB0uPSeNnqWWc0eXm6kZL5u9WOvTXA== + -----END AGE ENCRYPTED FILE----- - recipient: age1a2quf2ekkj94ygu7wgvhrvh44fwn32c0l2cwvgvjh23wst90s54szdsvgr enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzL0tTSjhVYllWalFXUnNT - UCtKd1NFVzVmVUY5aGM5cksySVBIMm8rOHlJCjNRVGdSaGR1STNXV1o4Rm5jTFYv - eTRsYVNIZ2ZhdEttbXlwZjU3ZU9CSkUKLS0tIGFvUVN5Wjk3MFA2VkpmdUZXbFJI - N2FoUWZDMTVRZTk5MGdFeG5OR1JYMDAKBm/mP8HBEh9KeUAPSBNxgfAm3vTLDfRU - J4X9kPj6a+9dDkE0qT1R1ZplGeME7iekRN4xKNicXM/m/5pH+b3avg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxVU0zclMvSXdsYTRoUm9n + NTFhN05QOVgrM3B1UHR6ME1wUWF2cWRqUFdvCi8xY2JLK1lYUklRbngxWXBXcUF2 + RUE3eVJxdklKeXQvSDdDNDVNakRsTWcKLS0tIDJFUGFRU2pYeUdYVlVydm9QRzJp + TFNvOERxTkUyQnhJZVZqR1pKa3I0TE0Kh4OqiSCyZm5cMyVjHabP6I0FN2hhME0l + k2k0ssHtExdtewGvnuWIv+uYQMj86VGlCW3FDVTFRtWTFQ7n5eom/w== -----END AGE ENCRYPTED FILE----- - recipient: age16klpkaut5759dut8mdm3jn0rnp8w6kxyvs9n6ntqrdsayjtd7upqlvw489 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtZ3NYYVovMUpFYXVHYWZK - ZGY5VElDeTZLSDI4cGIxbFhJS2E2RThtblRZClp3OUNlMjh2WFYxVXFNVDVSakpB - NXNzM3Jrb3gvelc3NkNQaUJMTzBXNUUKLS0tIEZSUGdMckIrQ0RRRHU3WGdnNElM - WVBNeWU5amtqMHNRalRPdzZGckhKalkKO6mgs/uRb8AzDHbYi+1XWCIhpbkg4xD9 - UlR26e11EdUxs9VE1ja6RftkRr691Lv3HPwyF3DZZ0ZRdYsvQwQKTw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4cmRRa3RlSG9UWnRqakgw + K2twVHhwRENIbDhPblp1R1lxV1BqTk1pSG5jCkpqT2Z1VXVWc3Z4YlFZRWJybWV4 + MTh6Tmw5dHFGQkZ3aHZVa3Y0UFlZTWsKLS0tIDloRmFGbjNhUHBYRjg5OTZ3QWZJ + V2xpcDFjcVY0MTBPcFU1ZnNiSDlac0EKQGBx++pF7S8L/wC29sE+J/JZYTgZykZJ + iRW6PMAxGci7WZx0GRqmDq2VL5GekHhmjlUDp9fSNAc3LIl3r9i8og== -----END AGE ENCRYPTED FILE----- lastmodified: "2024-01-16T19:11:11Z" mac: ENC[AES256_GCM,data:1J3dCx5ptr2ah2LbvoP/rcUzPlzm3wZvpWLffIvh7PriNJ6vx2xj5fFK9s2AhIunxAaef0KJLzwzcfNwxEkJO3M6QSf0UUw3wopah1W3ZKLE2H/Z8bNncaNzSuh6QODbYShSG2yK4HmQApd8R9NfKlAHsDno+aRhuh7OYM7CaLI=,iv:KzMfJDJOqYm2epLM6Epd44aRoU7uJcusCl6m6/+cDtQ=,tag:tQ8MQ1NWey4E1dFu2YnOQw==,type:str] pgp: - - created_at: "2024-01-16T19:11:06Z" + - created_at: "2024-01-19T19:08:57Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMA82M54yws73UAQ/+OrL7IfM8S58MlFwx21plZ2Bl7lPBZ2n1rpM9F5sRiSO3 - mlWC1YvOeeRLRgM2uZCusnZxDeKZ3wooNVmGWzdU+rdnGmo1hSoFQ8kU8qmB7GOI - IXG7lU/LJIP8fv2lubb996H8+x7Y/AiuOYjrb9r84T/HxFvgORjwyZsmqeAQPdVm - IRukbo6MuWgxl3BC9rDGzByofIQ928V7hqI7msRPawl5fGHTxw8Jt+6EIqMrHdtU - bx33qfI/GjWmV05/7KWP6H2pQENANXvQDRFxbLw58VqdDZD+DPl1opPoSO3i9a+a - 5cxpojZlC9/jlTuk2CVPLP5N8Oj7XzDPzqxaM5uq/BtpjJ64RlJQ0yAZx8S1am4D - IK7DN4E64s/EdeUExMQl3fmFj+P5yjzU5mJ1p/G9ltyjj6tqu4iskHXqRbY4q4oG - 1o67lISX8Kq32o3HJpy0POtIbOQqeXP0JbEMNA9pCkvId77KY1NuBX4Vv0rZELUC - QQXQ/sNjEzLK2fr/EJn3aud5RE0tVWEvVrV+6hSOQB98vhR7K3UtZb+6l8fb/dQk - J/lzWhOB8eDnsAbiaKsH8u9hfjXsds6RKYfXoyom92lCPh5/q/Pu5VRNHbvgcqwt - PUzGEgoZ0nLkzd8DBO61umxt6LGageo6MZupC/zw8rvbArmPHZMBoCREMNrYzKrS - XgHI+Dn5rYqfLoLfs73TddytnAgfe9Me7h58vEU+qJnIN5BUG4CxtVcLXifAAe0P - FbzN8X8rJSSHqHRYhUZHVFlQ0f9xJLgG/2zI/JWY59GW+/UZcarneKtWn0LGUPU= - =asyX + hQIMA82M54yws73UAQ//e7dXTAfUuvYIil1Z1xewbxo3Hu73cvlKMFyezV3Q/+Sg + NMDmw8sY1LDjrSdmiQIeJrl4If3ekU3ClR/3ZbjuZf/vuHx/Ys58P/wRc4PkKYgL + XUmU8PVRmbMsGwP/eDCdPetX8Er8ja2+O+4pM3JGDRhrNJIq4hZba8kghFCzZAHX + xaSf+rjUjuEr95VbiTLQf3ss978qCKwnCwYHET78sdOocAhuwrrRJ9ejCj7bb8RZ + +Z3ehpTRniHtogJkwu3E/tAP9eI01Q4fM492flbMJ28Xs1XljJnpVsjvrc5P5jEx + gP2p6O7Vduu5AXoBpjtNNxa2hlclTcfyqkTfeItsC5rrw2NQi+/8f9WP2nyne+6o + TSIu92WaP2Bz5bBu8i4gZUcnIX3YaF5rXIyN2PAD66qkyWhWVjKKCmgj4+xftPKR + 9/6BfpRDggrQx5kyMyJrT5jKTNctf5hU1Z+D+IpKnTeAxoJzAox1+hkumMXOkxLF + 5dTOQ2o3Ldkm5G58f3K/MqwFhh7wf1ilCWtJrCZ8UnppmH2iSlyBGhm1x62ac8YP + O0luHEDmjQ440VpJHszWEaC9j77J3weJORWaLOCAA7zsUvhggpuA7UXKlPZWkvzz + /+FYLs+u7CVKzlATenDMdhkZN+hYbb3bplPn/FKsfYG/DyTxh1z+nEcReEyPW2DS + XgER8BSgT7bQjXW3PCy165Y0iJjG+LIsNsfLwt4DTZipXE4yssZXiIG0trYiQtY5 + ssSL3WJ0FX0O2iVBtDnMqAt4rNHBtzMmkNn+B7p57N5cejMQWCJy4zAm3t/0e7M= + =c1Gq -----END PGP MESSAGE----- fp: CD8CE78CB0B3BDD4 - - created_at: "2024-01-16T19:11:06Z" + - created_at: "2024-01-19T19:08:57Z" enc: |- -----BEGIN PGP MESSAGE----- - hQEMA2W9MER3HLb7AQgAnS9gUv3czD3mojOfrTQvWa7nXw3Tc51fFdRylKxp7ryR - fDixF1qtnLe3kzsjM5eB8VobMq3cZoQUW6UrR94zyPobR2SDvne02lLC/YMiGqn+ - xCLYHORCRKA0WrgzECJHBpFqwLo/yhvxdXpBcd5uV4CNvq/k5wLZt+rCxRvU2YfA - UsbR6V+iSwP2IaowY1J8bPO+Bv9fSRAHBDDa3VVPP7ZXXLwmBWsZU2PIh6sd3GOg - gz+YLOeWtkTW47Od1aM0qeHXEGBKeDfw2oMbhXi5fhMGRVN8z+dVL3KER8Gs9/Jc - sDcLg2p7bmcy90Ns3q4p+Ncu8K7p/dJL9X4eC2GU5dJeAY4IeCh5+J7ij75nWlY2 - 3OWb1pZZYd2FKgOX2zvJryq14wi3EW+9PZFGZuiEgKsis65gRsMUZiwdZZEQDnOm - 5VDe9va5rNTMRpuG3Fid4VtMqxR29SfjKp/jOHAwsw== - =Ylpk + hQEMA2W9MER3HLb7AQf/bNiEr/4QggEnmB7uRoLatYt9HqZiL3CaFuT9zzEndwZy + wAAiBj+Wvc+nCZfdBpntPvzeexFABJUhVbxC9x/DYLaThmXds1TrODL/7zC7l/Ta + aL/C8JFj0U2zolmQ17mL6AyITJFbEnoLuHwcqRA6GHLHUf4wWp8m9bIbw2qem32d + 40QSmt6+zYjMjvVCJ3+nXHz4hv4Djld6FYKAQvLqzDi5l5xDTHmPtT2R58ZOwzs5 + uuknL/B6WCSfBdKEJElcKY32yc2sy24qPlISfYlRgHK+YM3tHD9iNUlaQU1YZCrR + la4p70YfFxw8zsPMtmkbrnx+LuhCJJx/VQrbnG32DNJeAYm6LZSdqszbz73GyCRL + gtxd/Ka1AzGBnxVpqKMjghujomSf2AvaAhY+0xSr8ImY/CgSmfEprd+b+1naok4f + ARVCCSZEQW1j3MLE2W5An4z2hdIaB0YNp2RUGAL9Jg== + =EXaM -----END PGP MESSAGE----- fp: 65BD3044771CB6FB unencrypted_suffix: _unencrypted diff --git a/nixos/secrets/zigbee2mqtt.yaml b/nixos/secrets/zigbee2mqtt.yaml index 54e37808..56377c6e 100644 --- a/nixos/secrets/zigbee2mqtt.yaml +++ b/nixos/secrets/zigbee2mqtt.yaml @@ -7,60 +7,69 @@ sops: azure_kv: [] hc_vault: [] age: + - recipient: age12ze362pu5mza6ef9akrptr7hfe4auaqul4rkta7kyy2tnrstqensgmujeq + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQbmU3eW1ERVhRbTNIdFZV + bVZ0Vm1kdjJaLytZSnBYdEY0Y2dqbGxQZTNBCjQ2VFNMczV1ZWV4ZjlmM0hBVlRS + N0t6alVOY1hFVEtzNUxvWCt0UVM4L3cKLS0tIGV4VGNXRlRIRXFwSHV2clYzTEJ0 + dDJpdTIwZituY1JlZ1UwWW82ek12aFEKKpAFmJEetjD4cmcjGrLt4v2nRJc5tzmh + i4wVQD45TvI7hgKC9vZYNQot+97DNHWB+T1rC5k5E6Hn6r9SSAAC9Q== + -----END AGE ENCRYPTED FILE----- - recipient: age1a2quf2ekkj94ygu7wgvhrvh44fwn32c0l2cwvgvjh23wst90s54szdsvgr enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAyYVd0bHpPcWx1cXNSQVFP - dUt3MHBvSDlET0xER251MHZNSFF0US95ZWw0CnFCM3c4LzVqWTA4OGN2QVVzVThU - S2ZZb1VpT2ExUWV1Nk0rUTJnbm8yOVEKLS0tIElKdDVRWFJvR3VXOHY1UkJFMXUz - VmttaWI3T20wMnRNVEQ2WFl6aktWMkEKjpKMwUJR0+Zg0+jMJuWudI1F/8pG3tr8 - sDtfwcbtGxekfeiKhYywjXFykl3ACJqi9wEHvYElhIhIf+4du9YHuw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkbTNXMXJQTWRvOVFmQTNn + eGR6S0xIZzU4TmRIR2pHdG5SWituQ0hZeW1vCjBMU2sxOU9FY0FZaWJCU2N0WVgx + U202QjBBZUZscndISGNldUdVcHBmV0kKLS0tIFA1N1IwWndySDArQXg0cXJxUU9K + SGVNVHVRaE9NcHlSbTVEK0hvV1lQQUEKF+XK//y9kRt6orJai9HqebDN+2U9UCi/ + 3XNo6qreXU/jFFpEa/RK+1ru6cObLruQpeMUdCrK4I+1YY7AT21Fdg== -----END AGE ENCRYPTED FILE----- - recipient: age16klpkaut5759dut8mdm3jn0rnp8w6kxyvs9n6ntqrdsayjtd7upqlvw489 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBFR3cwUjQrcHp2Ulh1aUx0 - aWJqcUdhbjd1Sms1RWFiQklqRUJhNGE3LzJFCkx6TkkxNjJEL1dRY3luWFQ4cFdV - L25EekFHd3BMU1V6a0tnSm1BbUxEdWMKLS0tIG02OFoxclVnczlJUk9pUzRURVMr - SncwMyt1REtCRjE2bzRTNEQzdm1lREkKuwjkWpzchiu+kxD0yhhPKLSUt3Ik58ab - UQ6TP42q68nt/iu4ZFA41ie3jTM93bQZESbKdnCm5uQBmrIPAiwH7Q== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2RTFjcm5UWlJZRGNxbkFD + T1RjN3RibTFTVlQvWjJXZitpQ2ptS1hveWprClBFckcxcStLVTBHWDRpMGR6aEl5 + dkgrdXJkeXA5RjlmNTF5RU5aMGJjN1EKLS0tIEhMZVhXb09BWWlERGowWWdiLzdU + aTVMby80b2JPTStrQTFtMnBoQlNBWmcKHLCBrOKBZVxPhEKLqNPlanIzJLGu84Xa + HPEiCxlZneHjxAfR2CFTbgJpex2QJQdkagUg3utB2GvRYc4MQ9LDiw== -----END AGE ENCRYPTED FILE----- lastmodified: "2024-01-16T19:11:49Z" mac: ENC[AES256_GCM,data:l1IxjLwcgzPL4zgYqs9lJvE6+/VkqKJZ6SHc7uz01fJFIP3TIyI0CsjCTev8hpMXCImFyZIa6XwdDd4bxXMO8UVGvdIjZF//Do4JhpTPYvem7qHf1Q754tgr7vPVOH9HcP/szL6QTGC7++9S5exOp8U1M1Vlzh+DFe/wLz12wAQ=,iv:TyaV/2/RoD5FwWufWi8N+xeWW4qmmgrzcETSdXfMGUs=,tag:KvL3wsDPbd5yY74x/oJL+Q==,type:str] pgp: - - created_at: "2024-01-16T19:11:46Z" + - created_at: "2024-01-19T19:08:57Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMA82M54yws73UAQ/+JnAXyGmqdZP8RvA1QebRDq0i8dRjOEfDSEGppZxVxbBJ - 10HCWPWe36NneGs4mv77JZQDjYt+bPI8oXIp87EhhMVfZFfBDoI58jc39F86pmAR - sTupKwbuwGuEycnLteSAGRJIprJH9XkPJjHchLbGRTJQaDecahdhoH7PVMXiFICS - VzOtq22KDiCrgj055dtQFPQVG8cUD9epI5U1VZUk2UwkOuJ8lIlwrghO4rHmFAHg - oCtmvI/m9DdVKG+qo2iRd74CXwFa1eESgcdQ4RZl0+rZQJPLz4n6oWPjb/9JDaWq - DPytFYf9cDUZYHhv39L5Q0WOmwladMYTApVN+6IBQ0Gm9RqCkquODlngev4p7Pra - IhQiQCNb39LBQ6Tt7TuLMPp9KfJ0NUdEDkUDnCqHU4/qzIF6QaRfeyE9UxsNXjHu - QYLhVMX7iYxRNgr4CqAaiKbU03rRTzprJfZLDWI/udcFJa4QTtcoT5jn/SULghwS - shI43k0cT04LPB7TPC8VrhpWVoZGhqPuuoyrQ+SVvK9bC38CC5Ax8s6l6jPJrfu2 - 9S9+jldbstRkTQ2k/Nbo4QJEwSIRZeXIqmhDfFOe/DB0kcjAeI47ehjjHoQh7mlO - F+pdQcHkyFtSYAc08F5xoLEc0o22t9Pb3WiiHxKmzWFd36heeotAdIix6i4jF+fS - XgHSp4f31WxNu4SnYIBwV2CklLSdiOQn/uMC8jB11ZJ94OY9CJs6XXT55sAV+nKH - N8fsjrTP0BWlFhxQzATHgk+6TL9znPOygdlbgCCwPDFqzB7GNdhZ0ZBrOFZkZSg= - =WAK1 + hQIMA82M54yws73UAQ//ey0qDWiKwdG8AKAiOMZzDOmB0sBgxdij/e2LUpqANKrq + 71wTlyuMO1Iv+xiDdFK0vlSOtDMiGJs8BtgThzwF0E8m3w1fNrwE4YaAS9sBkIkM + K/qUftsH7jaRycBn5IcTFfgdFECAonH/st0trv4eWavV1Dhg85J7qlf0zv+Rpvgv + LrllStuXaYosNyIyHdVb1s+6G9NaMA65khcxHDYrK6IhzN1stHKMGRLAtpduPnsv + r6COhLSFF8KoUFbgOa/WteDxWVJWVnxH1F8+qWwD38qkoxfdoefHSZq42JAknVpU + lmsdFQ8QSUIfANId22Z+xfSkSkAv5CbjeWYL4fuN4rWJcOumouJlv9ZL5GgO80EQ + 1k0dsoq40T9zQqEl8QXlqQLg4M5+7wcOpBUXdXlHMXndLaH5OggcrYhtYel4TKLz + sDbML275O1/M9Ujo7FUTrtqtLNPztiilVbD7alwJsLeTq8RXzeRNIFwUvoKuc82x + o4/arvgO/c2Pne3yRQAeNNLeRyMfmAv/Nx/rPW8ysm/715u1QBpB78jX5ICKiIZL + 113trGL99aDkIzT4TzSuNDfRgcs0ui1XNEaP8k6SYr9dbMQoyTq2/tyfaoLJ7Lt5 + rYVQLSQQIIn2QvZOBtke60K/ZnSlaiirPJyUcLf3A/0jojgFMFCvDm8fhgUGslnS + XgGPWBG/7r9a7ajRMGDOBQqldZTijRzmCRCjRrtcPUbaWp1iDTvpyBDIAJActIRC + gjMfn7cvplZatnClG8t7ycOVKZOFLWcCfXCm6SI2mzFL4iKzxp8oW5I2xRkGNeM= + =Sdvf -----END PGP MESSAGE----- fp: CD8CE78CB0B3BDD4 - - created_at: "2024-01-16T19:11:46Z" + - created_at: "2024-01-19T19:08:57Z" enc: |- -----BEGIN PGP MESSAGE----- - hQEMA2W9MER3HLb7AQf/VSnitRF1sNE4x8R9YdOaVtbJo1EXnlazo6uVN3zf8imC - sB4wo/fjdE3DvQTG97KQVzuh/lAIWCSlvRSNGMlw0MFwo6awAZqHYTEW1AU/0k0r - tw0TjpYnqWEzXid1HW+M1SIAGpwmVOxlQGRfoLHtMzgdoRp6BRUPFJHKd+hAA1oR - ix1IC/YJleGQ2HePuvJ+XbeKUA42adKO3EhOAM+8dGCzGtraiFJhcGsrffcFhtB0 - MQEGj7RT0IaiECp8t8zChZvPg0vkPFuwhFgIWFLmHjt24DY3JdBj6BeFaMfiYPPG - hKOqGK+ek6gmkmOivBiZGRPUls9ejXz1gN1yHMhwuNJeAcJ3iHdLuh/FC4blnjml - Ta9IFbuf6UDPF10XAN6L8SeBubFdolCc9rUwQu8oogw9mxu9rP+jt4f4Y3yVtl0m - eXpH0NYJMKBEkiGDsM8jpyCHJ8WPD3FX4KUxxjsLqA== - =Y61H + hQEMA2W9MER3HLb7AQf/fNznNctQmkAvb1Un1vNeF7z9UXp9h/phZ/kPs2FiI4oW + f+f02/C4ErSb96ddfjOkm66aM6zUooH3uvYTMrA3DPKpBabzoWhxIApoGra7OBqU + 9vpWcgCKiWAnKU3Fc8K58K/IJpPri0zG5VHhcbqH+IIoTBfYpNbKIU3kGhfoMVXo + +oDLZ+DrvRDc48sh0beRemggznmTOGiDPI9md3lDbwOlEJl/wLlfpjpun6MU9IpQ + xdP5tgvXePtqhYeEJzYvgXrvpyOE3bIvK3+NJhqyio4yAqtzpDf8+DgkOpDrBH4x + f2AXFfnoZPVSuK9LC7gAZWBmxU9JMEYs/uf4itb/O9JeATzh4wgS/FTmqKHOACNy + pCHT5E4MtLrLRs1qQhAF4c4iq9SvBiARGcQ0Cyc+naicXup8tZxnZM0zEQ/02g7e + 1TjwWrVSOE+m/+rlCv1r1DxDDrHmkl/66yMELwzwPg== + =6Hm/ -----END PGP MESSAGE----- fp: 65BD3044771CB6FB unencrypted_suffix: _unencrypted diff --git a/systems/hakurei/nixos.nix b/systems/hakurei/nixos.nix new file mode 100644 index 00000000..9d8c1d6b --- /dev/null +++ b/systems/hakurei/nixos.nix @@ -0,0 +1,19 @@ +{ + config, + meta, + ... +}: { + imports = let + inherit (meta) nixos; + in [ + nixos.sops + nixos.base + nixos.reisen-ct + nixos.tailscale + nixos.nginx + ]; + + sops.defaultSopsFile = ./secrets.yaml; + + system.stateVersion = "23.11"; +} diff --git a/systems/hakurei/secrets.yaml b/systems/hakurei/secrets.yaml new file mode 100644 index 00000000..aad6dfca --- /dev/null +++ b/systems/hakurei/secrets.yaml @@ -0,0 +1,57 @@ +tailscale-key: ENC[AES256_GCM,data:HmowloL0TsKM/XFI5GDd6Nl+9uSZcYevB6CObq1Eg5cvyhtb4pJgMA2GRxE6mJQXva5cet56Udlj,iv:4gSDgWIAAZLokvJzEW+JF0xoNzHr4zW1Zc9qJdpgcc0=,tag:hWMRNc6Odfi19HnjwQSGgQ==,type:str] +sops: + shamir_threshold: 1 + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age12ze362pu5mza6ef9akrptr7hfe4auaqul4rkta7kyy2tnrstqensgmujeq + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5RWZXeVY5dEkxaEJGRUMr + b2s5ODlvaHN3MTBrWTJUU3o2ekphWnMzaER3CnFBZFM5ZXlVcnJMM25aUU5EMW5X + UzJmVGxtZDlHQ2UxQWhFTnFFeUhVZW8KLS0tIDdEdlhwT3MwM3IyMFF6NGtvcU5w + ZEpzdWJZWGdEaElLZUc1YW5ON0YrM2MKk/dZvaFVzfkMD3poreaDGfJwG5j5fL3L + kuV/3fEHBf5HszR/VTy/bZ2+abN6x3UG5h0l+QaS9ux+mtwFCyYYjg== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-01-19T18:41:54Z" + mac: ENC[AES256_GCM,data:ZBHhH10PYH6TTzezIRORy67C8n1ItvLLlhHs+n7gB09JK+IsdKh4MDWtCNdo/2lLBFEKknn46HkOqFeaGrltkb/DryzPdRKBQSV6aj2Tfk52t8RrvgcG14iFqoifZ30STFkipA4jMuSuRnlk4VQfrZMyKJj2RpcpqNn5pYLdXJM=,iv:rvzixIXKC+E1LS0yYHhIwh0Z2aQ1vgd3laMPV6GCKD0=,tag:Oc1xnIuq8C5IzZAfpoargA==,type:str] + pgp: + - created_at: "2024-01-19T18:57:37Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQIMA82M54yws73UARAAsgP7VIg7ScHm0ak5pam0y3lIJrirZPLaiGL//eFABMGV + 13FiY4eRbZkhrMj0GhgJAygq7jayBk/u6YR1+SIYhVQywfAGFpoZOofmu0x+wCJS + z6VQzKONLc3V8oIAJk1xnb+wO6foz6RJdgb0h+L1OhpjrMhm3VoNgBfD9P2uNLE4 + NZVIOUHO/kGs3rwnKX6dA44qfRBEB1ZkjjDcIiLVOCAZJXyoLf11CPP1TnUPdlIP + CWcY9V63B1k2VtUZN/ohdQVuDb9Kxlp3cRHvTZozWcHjtGmyuUA8wKpM4cN28eS6 + lohxzRuwzWQ2iGpXCA5Ezni1C9+DVjAFwr7diqPm0+R0UCNSuJhKnb8ToijScRAI + OgN60BUsl2+ZDrmBOdRmqeg/7VlsWBera/a4awfoXjcZrkW4GY8W7CiRs6ESZOm9 + Lgj9c90yjm4pimdQpTECpcmzV8baeoOKlJDf8UerXEYWaRiO5cpvC8Zg1v8+pw9E + ulq7K8LTOdnGP9DlxpI/CpArq9AlgSq59Z7gtizwfD3B61Ws9iAQ9v20pcgcucxe + Zce+HkrAlI4Y1r3nsf7WWXnTBzuLGeNq9vRmgEHI/i+FccuuitMadNQrAEKZbMdM + RYpve/5QOv7p9OVncZyKtRjh27E87rVZTCNTRWLbK7QFWahV8L9q1mTV05HQwKLS + XgHkiwskvurbzoZ+/TTGJrwnV6GMeiGZQzXb3DtfuNs3SUKpDl1a6oOCmStmJEuf + 2+5F6VPSveZPa6dBOwB7kz5ceMdXRjjDaEkPaqcABbki5OzN2uSOVoVA/xmuWT8= + =R5yS + -----END PGP MESSAGE----- + fp: CD8CE78CB0B3BDD4 + - created_at: "2024-01-19T18:57:37Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQEMA2W9MER3HLb7AQf+MnNQniN4JGQyzaHxCn8nmE7xsBtSAhc5ryxJfBBkFsog + 1pKjSwYFNA7kCYD3TY38FG9vfWyjOoDiMgnbTICZUYdDhn8Li3OL8x2YD+e91jt6 + NrVXoBJUwWTnBDCpa560QVUzDEwv+pJWZHDB2VrS7nfL+LqY6jOFCAgGYZjVC5Wu + WidT5xslLMlgMfcR21KnShQVV1a++G6119aIia/BeDTF1srqXssW+LyWfNRkQ16v + 1EaXKpIst+qJReX2bEDZYIWC3ce9nshLDsU3gaFb5XsJPJcVcd5uuZ82qbEvgjEB + NVk03qRhjV/ATRJR64jz6iXXVj2yKN+s1mpTHCS8tNJeARDwG1pULFEdtblqeMON + bGG8AZpYhcJ4Bh3TLCzIVa0Ijqy90VYRI2gZdAIl9ECwM1VV95RHEKeSs1M6WDTF + xUX3fnEq4mQCKcTtPQoU8z6aiglVRmbRMApw9tAAcg== + =jMl8 + -----END PGP MESSAGE----- + fp: 65BD3044771CB6FB + unencrypted_suffix: _unencrypted + version: 3.8.1 diff --git a/tf/cloudflare_records.tf b/tf/cloudflare_records.tf index 7286c26d..89314174 100644 --- a/tf/cloudflare_records.tf +++ b/tf/cloudflare_records.tf @@ -6,6 +6,20 @@ module "reisen_system_records" { local_v4 = "10.1.1.40" } +module "hakurei_system_records" { + source = "./system/records" + name = "hakurei" + zone_id = cloudflare_zone.gensokyo-zone_zone.id + zone_zone = cloudflare_zone.gensokyo-zone_zone.zone + tailscale_v4 = "100.71.65.59" + tailscale_v6 = "fd7a:115c:a1e0::9187:413b" + local_v4 = "10.1.1.41" + local_v6 = "fd0a::be24:11ff:fec4:66a7" + local_subdomains = [ + "prox", + ] +} + module "tewi_system_records" { source = "./system/records" name = "tei" diff --git a/tf/cloudflare_tunnels.tf b/tf/cloudflare_tunnels.tf index 39aac066..421c0b05 100644 --- a/tf/cloudflare_tunnels.tf +++ b/tf/cloudflare_tunnels.tf @@ -1,3 +1,32 @@ +variable "cloudflare_tunnel_secret_hakurei" { + type = string + sensitive = true +} + +module "hakurei" { + source = "./tunnel" + name = "hakurei" + secret = var.cloudflare_tunnel_secret_hakurei + account_id = var.cloudflare_account_id + zone_id = cloudflare_zone.gensokyo-zone_zone.id + subdomains = [ + "prox", + ] +} + +output "cloudflare_tunnel_id_hakurei" { + value = module.hakurei.id +} + +output "cloudflare_tunnel_token_hakurei" { + value = module.hakurei.token + sensitive = true +} + +output "cloudflare_tunnel_cname_hakurei" { + value = module.hakurei.cname +} + variable "cloudflare_tunnel_secret_tewi" { type = string sensitive = true diff --git a/tf/terraform.tfvars.sops b/tf/terraform.tfvars.sops index 39a15201..8c8de3e4 100644 --- a/tf/terraform.tfvars.sops +++ b/tf/terraform.tfvars.sops @@ -1,5 +1,5 @@ { - "data": "ENC[AES256_GCM,data:W8uLdpRkQ4Co9FI1tLO/J+rnsBGoCOZfqJbTpaGCqBt/lhto4fZq+mUIS6zCtRuHQBjKKefLszXmeXlnrN65IjcanhYQ+r26YzfG2mEcLhkC5NC1S4PQfzUDewHImXuOSt9FAvB9IkWMfsc3ApZ0RQZADzmFVicem/aTvc0bBrlj5h2xIX/KoEROKrUF/4lw8U9Qi54Av8WUW/VJTnndBCTsCVwoR0OlZAcj+5FSG1zXTJJNmwJML5K724x+nuI3TXwMIh9s1Kct1ICfNIdYyA+Mv6FT2VY20ph+Th3s4+u68Iqrzh7Z3rXoz6V74Q7TYHNSbO/4Hf+kvyPfW1zOCIsFATRiG4JD0qfJlzlGK1Du9/TzWKMEEVWS/uQCSkSTkBdkowhkWTMWicPglx2v/uB6wyPCIV+mciIXirAz1X9hP5pT27rUlHszlYOOf5RCn15C7hh8oa3lqkNRORSs9YByUjssXj4PgC3i/TMm8ZHWbecpx2nJYslrGT+xEWkfiRxJadRmoBHJUIvlBM0r+nstjZG+8bkzxsoAtc0sVRK0mfnU1I7sCUDyLcbbMpMLpF9bt77eUoPAAXzge0iz+Vv/V9OCM9Y9HkDxJostv0A6XdHFGBAWLjHnp5Je5dkYNAymLQHqeMeYDPoSXCsb1tqlHSKpuMTTcZFysN0VzBJC5219z9wvPNut3/9tdPJnBPgy4iyhjiWQZGEFlUWCHJTBAW5HXVfhjdH0MqOnCpX3pMarp63AfCRhQgBnbUxZqv21cn/x0er/q17dOQm8h4a7hXq5imJyz1Wzsicd,iv:LigoYWev/6IxhqB/iyvD9z9+e31S8tBeRvZiK/LqsvU=,tag:yD99Jxl5k9GKNfZH9PqlEQ==,type:str]", + "data": "ENC[AES256_GCM,data:3XMRMEbW5GOBBe8qDnDIpRebRY9fd7qpgG3zyQAYfYfWaCFof1QMP6nkT98Hv4Z8YbKOEU4sAJT5rXHESwu4dWJQ8P4S1SrbcPimXAmZKi9mhfe8Igh+vG57KgZvLs6FwQLSZ9QMtNjy9j5IglqvviL1tPtUPCSQe6zN72/Tj9c7QCCXmHrh1K3bX8SKZCJtRhJdFrV5lOl+PmFtOc6+IKT7nOQGz3Iqs3zCkNv7PVpz1Y8V4YfxG4uZD6KKsoJbnufOHEgf4HJXshHcR4BtU7aLsN7miIrvTYJAOpZ/jmjz5iST5biTQl+pTrYmhWrQXX+w2s7Q5WUatdqBzqwoB8BEDKLDPCzOpCGP+bhFptIz6l6SOsFOcOzjNnqEKJo3I5Am6DVoumMysy/CKcjqi1OFzVKzsEYziwtQ0/e4vRJ/4PI0b5prt7ZqwlSG0DZIcCaQkVxkAhAkJfcl6JSScwfQXoSa1v00SUg7VrxZCodwc+nPx+6VGhH3vT3DrlH0AFHgu7DiXSKnyIXXyQxjcSY7y3Kdz1DgpvMxMPymq8pDXK3D36dM/D15r/a88qgabEVSndWlf/Iq5JP5xAFF/NXAa8uqHPR5ZfsiT2t8sZ6HXTI420kupC4rA+aoBWB189e2S2+yjwUBqxvu8cpqCzXh/vxsNdpriKIH44QZzi4Nrv1mdeCtalnB/B7vy62e9C/xpsobSTw2F8OhA8IqZMYsktBI9861fUAg9K7aat15JzZxiMTbXT5oBu8Ckz9S6QbFnJmIla16Cac+mX9A0eWk1KXUMBKjmhVnAcfG1uITWeRknDawRzuVN1apHAbGpaJhe5c59whDaJU0F9lc/QEeV2NerYa7in8ahBwFiLVwmZU5wyLfuyu432uLA9y3ZV2dfow0rPY04rI5V622QvbB+YzhEzrjMl+WPNtbwq/3dIG3,iv:G/x99mJUSak8EqvwNRJcEatBLJrheobSDl6TIfEPuhg=,tag:gePsgq/ycuOUobf5SHUGYA==,type:str]", "sops": { "shamir_threshold": 1, "kms": null, @@ -7,8 +7,8 @@ "azure_kv": null, "hc_vault": null, "age": null, - "lastmodified": "2024-01-18T17:32:53Z", - "mac": "ENC[AES256_GCM,data:CneSJmziCAEpQxkg7sATX4rML1wwhIQOceUtIc4PcUw2DXRUnABF7puDGckg7QQFZ3ol4leSVLmjnOmhmYTNxP8OLaMKp3T0vgifvVl81c5tS1RxieUZfX7lH1ZurzXS4GooFG6XibLtA8nDZ2yuACwc8RaO1tAUqyYdL5kKmFg=,iv:uGZ7WlP+Mq/nsyuT1SWTp5mnv7f34ANNfjW92z7ct7A=,tag:CBOQ1YM849h5xrkI7iFjpQ==,type:str]", + "lastmodified": "2024-01-19T18:36:07Z", + "mac": "ENC[AES256_GCM,data:ErSy+IxhckdRdTnwMZhKfk85/urFP0Ukg2Wd7OYovsOtyFFdpZHKKI+EmwdcWfQHsm/BIuYpk5SZWzglAQC27QN5NlOHyA0Kv4Qwh1CiC0ucro7h7Zxp9DyPwEw9H6S6trFnNKiQ6NspIovQVnie1uAB8yDcfb6LrK2LJsYUudY=,iv:kGoWodrusKAn9i8P6OwvpzvV+7puFufF8zQOKZaLyrc=,tag:infvlgnI7lCdSMU7NJljug==,type:str]", "pgp": [ { "created_at": "2024-01-14T19:49:29Z",