From 1e79f4f23cd9b02b8680b0bb14a47bf58bf144d4 Mon Sep 17 00:00:00 2001 From: Kat Inskip Date: Sat, 8 Jun 2024 17:25:08 -0700 Subject: [PATCH] feat(oci): add --- .sops.yaml | 4 +- home/profiles/graphical/chromium.nix | 6 ++ home/profiles/graphical/firefox.nix | 1 + home/profiles/graphical/packages.nix | 1 + nixos/servers/monica/monica.nix | 2 + nixos/servers/weechat/secrets.yaml | 6 +- systems/koishi.nix | 2 + systems/yukari.nix | 4 +- tf/.gitignore | 2 +- tf/gmail.tf | 6 +- .../cloudflare_provider.tf} | 0 tf/{gmail-dns => gmail_dns}/main.tf | 0 tf/{gmail-dns => gmail_dns}/variables.tf | 0 tf/oci_common_private_network.tf | 15 +++++ tf/oci_common_private_network/oci_provider.tf | 28 ++++++++++ tf/oci_common_private_network/providers.tf | 14 +++++ tf/oci_common_private_network/vcn.tf | 27 +++++++++ tf/oci_compartment_bootstrap.tf | 56 +++++++++++++++++++ tf/oci_compartment_bootstrap/api_key.tf | 24 ++++++++ tf/oci_compartment_bootstrap/compartment.tf | 15 +++++ tf/oci_compartment_bootstrap/oci_provider.tf | 28 ++++++++++ tf/oci_compartment_bootstrap/providers.tf | 14 +++++ tf/oci_compartment_bootstrap/tls.tf | 11 ++++ tf/oci_compartment_bootstrap/user.tf | 13 +++++ tf/oci_servers.tf | 3 + tf/terraform.tf | 16 +++++- tf/terraform.tfvars.sops | 22 ++++++++ tf/tf.tfvars.sops | 22 -------- tf/yukari-cf.tf | 0 29 files changed, 308 insertions(+), 34 deletions(-) create mode 100644 home/profiles/graphical/chromium.nix rename tf/{gmail-dns/cf-provider.tf => gmail_dns/cloudflare_provider.tf} (100%) rename tf/{gmail-dns => gmail_dns}/main.tf (100%) rename tf/{gmail-dns => gmail_dns}/variables.tf (100%) create mode 100644 tf/oci_common_private_network.tf create mode 100644 tf/oci_common_private_network/oci_provider.tf create mode 100644 tf/oci_common_private_network/providers.tf create mode 100644 tf/oci_common_private_network/vcn.tf create mode 100644 tf/oci_compartment_bootstrap.tf create mode 100644 tf/oci_compartment_bootstrap/api_key.tf create mode 100644 tf/oci_compartment_bootstrap/compartment.tf create mode 100644 tf/oci_compartment_bootstrap/oci_provider.tf create mode 100644 tf/oci_compartment_bootstrap/providers.tf create mode 100644 tf/oci_compartment_bootstrap/tls.tf create mode 100644 tf/oci_compartment_bootstrap/user.tf create mode 100644 tf/oci_servers.tf create mode 100644 tf/terraform.tfvars.sops delete mode 100644 tf/tf.tfvars.sops delete mode 100644 tf/yukari-cf.tf diff --git a/.sops.yaml b/.sops.yaml index dc999dfb..bce85082 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -6,7 +6,7 @@ keys: - &koishi age1nr0qds8w3gldmdvhwu0p6w2ys8f4sd0h3xy94h9dsafjzttaypxquzmswc - &koishi_kat age18hpxz0ghvswv9k30cle73prvnzrsuczqh87jjdk9fl50j3ddndmq9xae0n creation_rules: -- path_regex: terraform_secrets.yaml$ +- path_regex: tf/terraform.tfvars.sops$ shamir_threshold: 1 key_groups: - pgp: @@ -42,4 +42,4 @@ creation_rules: shamir_threshold: 1 key_groups: - pgp: - - *kat \ No newline at end of file + - *kat diff --git a/home/profiles/graphical/chromium.nix b/home/profiles/graphical/chromium.nix new file mode 100644 index 00000000..1eba940e --- /dev/null +++ b/home/profiles/graphical/chromium.nix @@ -0,0 +1,6 @@ +{ pkgs, ... }: { + # Backup browser! For aliexpress and things. + home.packages = [ + pkgs.ungoogled-chromium + ]; +} \ No newline at end of file diff --git a/home/profiles/graphical/firefox.nix b/home/profiles/graphical/firefox.nix index 785eebc4..ba42e7ba 100644 --- a/home/profiles/graphical/firefox.nix +++ b/home/profiles/graphical/firefox.nix @@ -27,6 +27,7 @@ darkreader decentraleyes clearurls + sidebery df-youtube old-reddit-redirect privacy-badger diff --git a/home/profiles/graphical/packages.nix b/home/profiles/graphical/packages.nix index 6bb6deac..3d8eac39 100644 --- a/home/profiles/graphical/packages.nix +++ b/home/profiles/graphical/packages.nix @@ -18,6 +18,7 @@ tdesktop # Telegram dino # XMPP signal-desktop + mumble # Archivery unzip diff --git a/nixos/servers/monica/monica.nix b/nixos/servers/monica/monica.nix index 68ec36ae..32a1a05d 100644 --- a/nixos/servers/monica/monica.nix +++ b/nixos/servers/monica/monica.nix @@ -6,9 +6,11 @@ }; services.monica = { enable = true; + hostname = "monica.kittywit.ch"; appURL = "https://monica.kittywit.ch"; appKeyFile = config.sops.secrets.monica_appkey.path; nginx = { + serverName = "monica.kittywit.ch"; serverAliases = [ "monica.kittywit.ch" ]; diff --git a/nixos/servers/weechat/secrets.yaml b/nixos/servers/weechat/secrets.yaml index 00fbae07..faed4a1a 100644 --- a/nixos/servers/weechat/secrets.yaml +++ b/nixos/servers/weechat/secrets.yaml @@ -1,7 +1,7 @@ weechat-secret: ENC[AES256_GCM,data:nioUJ1t/qHdDpAy3vM2q1MMHPzbbGT/wPDRsUrEG2aqjX8Xpo3bQzW6k49oiiOpW8O+GX7jSbGp7qL1GSvnVnfIomZvgbXfdXbZEsB9tdmGKc9nWJ9irpyV/HpSyLaewf9PTmlVSdwD8maLrkzR52ZuNsu8TdKWFybbZy6qCh4mMB0GWlThlQ6lpXE9KXzhMuRgWQYtsWLa4x7v95GxZ5WvM/hhx85qoo+gRWjUuEIGlGwaK6ju7fHkuhhBJIYQn5ctkQMlegcw0TdVWeSuS1vC8Tv/+6oLSbPFE+5K83kv85LTlLE433esIHD0LZW55u2MqSukSu2drdlSgtfrIXk3KkS6dM5MWur1Off+Ii+w4mG62sKjqL2sg/Y1QFX4rOeDZY38SRpSP3mTK/xuwSbaz1r19nqyd7N6/+UZg9eVH1EeLph2scT3m223mTDVIPZ6efCn3HSx6Ej8e+UAM/Grnt/m5wzvadlocjIrVQ+FqIZnV0BZOKyHWFutYnpPMKfHEUWPrDAEdhlSPjD3GzsbjXCv+iW+EZ9d6CjqCLHW/bFAWs3N8TNYVBqy5Wd//NRZuu3XYrvtV7CCCaucXb3NVyvLKvA73Wt/rUg/ydcV//4iuL695q7o9g5sVKU/S8HxXCLoiZhDvFrrIXIWCFk3lWQ1/CkQHUJZpVf8+ybIa1T54lvbe25nfdbECs/niLaekeP+blLynAageJl8sRz1Yz7lqBEMsF2NmZMM+xkstbE+M6jbtBYbKf2LeOtR8IEjpvgCWncuW0BMesgvTCHGKHGC5cArdy91nFuCXThsqNs9n58LHxR7czbfesbqx40bTc4rg56W7GsatN6bTdk/bqjVQx7Pm9OK3+UczFlCIOe5MrZFm8JrUPZRtIbbbCz2PGfLfyvFdQVTvPQvg/ofJIFD8P92EKajZ4Aw7l5ERkgcuGLx4mWtDOozzKATtdJWzTa6kmU4k0+G12Ih9djXTwTDQGoL33Jr5Z9Z2oQflasXZ342EiCjVsjQQbhHrEzYt5CPtxOeNtIWesJbdP55SGgze5lE001E5NRc4lfuEAPzsRqbFcKhA0ad4iR9vqYNpNEgZIeIyen42bki/FIHPfSp9NipdCz4epKQWU8MIjXzlh2spQQXSk/uTNGafYGzdrRXsPnefQ1Qy0TvtxhOMKfsbGfUOabjeWUxgWueLcVPkT+S70TXxbaPbq7MDr5aLjwf+VVPt/ixqgENGrF5O11toGXDN0AN3+yyJHzz8KMm1dCnMtysW4qU71DK19lBeDdeke3obX/qpaZeh37+UE/AljdWWUOLBReh7vu2OWCUvjbcuAJJUEGSFA/2NrChxB51/XTGIbbQw+gx13F4LYjhxewTU1VBAHrnVSCaQfoj6hK42Qv2kSzLu,iv:Kd7Kt1ikOmUGqTHFOHQ0mWk7kXEFvy3Gzna7YbqRenY=,tag:OOzgjyRPgS+tsg2/KeMQbA==,type:str] liberachat-cert: ENC[AES256_GCM,data:o/9UJHC20mmjdPf2Ip2RX7V09/LezOsm/D71BHXVOYxwxt0ij5x/vXyzOgw1cELYfh/572lH8PwAW/je2m3FEYKEyL7Dzmc3HDFfYdIxvnpMltW/tlGb/1VDAvVGByUxD5QZa5LHArkcL0NYq4Cb37MlPsBQxAgWj4KyYBcFF3vzggdgEmk2U5Ph7Zx1OaT/fganI8LlzCnQZ/5LH8ruUVv+eqTv9xIIJvkwmO7zzztLQyxfKVU74AuiYVgTQz4u0v+/ZMNeldfdne1tlY4OaQWK1eluL2C1UVRx8UDSTPnBEI8XR6RW8LctDX3rizM9BEXqu3b3yUZdHvR28mmHKvMZDm93WzH7/YOtv7KJut9QK91tG3viPBVe+l0v/n4rsYna5OUQHhbbuSMh0ruXRMthiBFEm3R00eiX0kzjVV81k+9/LOZYWmafNXwlAZ1+fW6r7fFNWsNgXe41JzpHoQEw1n+Br6MODhrxS/GwaZ/gmBh8dReU3mfevzD2RN7w8ESmGFlYeOppD7okprF8BKaEGNYr12Hcwl0EFPiosY3i8x3ZCP28ysFs6mBBpPCLw5icmrXcVuM4QaeYFoosoTIXlIQKcowl+MNw3toKlnV9AlncWn05XngXkOuS28/b/ts1mHSErD02YEFEc4M1VYN+Tc/I+l0WfOeIdmhL4GSwZfHNdPVz2wsnoYZdfmB9hpApxtNjAvKrjJcYhtoM6HbY+DVIZQ5nYyhnLwgBnYHMqP0m7Xb3/bPhEnZXJf7DIMV5c5XL0aOxPqi/jPQRKzc88zoaAA8izz2k69SrSr6DaUGie1W/qGyz/i1yT2SQZfYUfI00R5mcmCcC8ubfJ53ShkmH1x4n2Tyjt9ZwU/QymvZaDwN9C2yqnWV1VTGsN1JmXL5tAC4j1TOmRhdMnHOzEyNPcNVKXL3W39dlXnQKIRi+dgPewsu5/kFW5e9obP2+JkT8mfF2Sliev2dg0XnT/F/YoykmpKOwPQ57FQA9ubyMcbcAfSyc4vpWKGuLp0jJ5qZeQ6zOfXZf1o3Os2uNE/UK+PbY1/1SlvCtoGhNCGyQl4auSEoTqm7XNwo9kKoxODiEPM7dQfI+w2m1jxpm1K7JpaW38bOOwSZLrUW5s7G2kNDeAUUkCdGU3YZHvFyuMBobdGCQa2R2p0fT7BiwpdD1gq5QQYXHcumHH46hCpABfas3S8ZqxkCne0ZCmyZvbBoQvYt7liIxeWCnVVXaZyPWW4dMsvipEGyx5FNV3zda/Bj92Cq4jAfUjqWZmnpLc3lUtDR/hCD1KWGsaP+UFuYRdLWFzmypC2s1SjaHa5lq9mP8XG9uQUAsmk/YB0WIyhXOm+x31dIhcup0COxx3nddEeW++tG6fiPhcGRWkfYofYPGEn70U//j+vNrsII31HWXSbVEHUiT1f6FyHm1NQqZDP5M7sIL2CeMuo2FtG/fZGWfznUppCqkUbkpPTAGJ8oJrhQJwYoejQC10o4qp2QZHS8/SqtLyqboSIGUvVBXj40xIBp8U7WfwIZj71S27gGGbZEG6S+xJbosCYNvz7CdvZagunkP9aUZ9kzBbGkBw7WVqaUG4w1czkSztU5lEaJdXGxncC6qQ2lBlv+1boWQO9iekL7CAlhC0plGj3QNvVlfTxbodWEZ29hw/FCR1ddbvthpnDQi3hFGD+i5cx+drsu3fyXg0Kxi6ZVFuANfkN49+HC8qCe+vxQtMBgd0I51iBn3/2WF2Gl6QxDETtGkdONkIdyn+wpizmt1HQMMH0LHrPqaGAyKf0iz84X+5y9L8owgTRehRSon9jVGjgbH+s+DtSx8f2N+gHlpOIvEjDuIHW7Bvv42OAz/s2zBPytbMe9I9wFDbXpT87vUJlq5k0q83T580w9MlT2p7shDIR3GfKoNEOYR1YXvwgoR3vrAV/1c8qmHo/Qv1rqxzEDI2+5EkXIPrIy4I3gGwdu177ZPJELeKWAPUYCg+TZOxsp4+YAkoAyj7nLJdyHg1TZ21+hgH2/OyhjFjF45dkTykAW9vOofT2MrzG2ih7LXbsDb58MHfD6TBkpSH8gn+Xom8sfHIHVQPtbiMdkshEEeX/6HsL06dHF0QUHDmgBNaNVh9KBD09QE/YdtJOABCyyO4dMRZIRs10TPHH260wTpV9lHfIy7T0/iNQAZMkWsifE8oOyRJZMjRIJlDeQJKNC4Wtv9ruEZVN0QO58O6Y69AGQAnyIqHZAVthcoUunKkhuFBVc1AFz/zxS14FMnbF83cYU/piOtOayK6kk4uaclgEgPzOstPVpijh2tMfx243HxIFzwWvEr15PT1NU0KgV0/kOFMWu0vYu7QSmGXSEZNza/a6z8jPhn4IjYbDF08gbwQgFQs2TmYogee2xGFNnYWX8sFhnglgJoyB0a4mogM3foeNmHzx7iuCV2jKdqSWXY5pnAlaNtpIkVsycKrh5dFqtuO+BZBXmfu9eEaM5anzQGBz/XoO/z+0qY+yBurhaQeXDfYa+WiTdSZHFQiIVrE0sPyQlJ8dp3Qh99hHApKiZ9WN2Ab93V6PEMzVp4k5dmjmPd5GgpsjcWSh6uT60OcUMFs37XXSKjXT9+tHVX1CKy/TaXLGJ9hpOad5h+etvwWX1y0mr7tyqNTDxOTpcbk0aIl7wTnBqOT66tiMn04NcbY0t6bIcH983iEex8I4ES4pbjEHVox36dr924hs/P8wr/Gn3a0TnUzI8+KOZcBA4dIjS6uA7krWg+5ko4ya8qkTkiKJqAk4fZk7O4Jqqrf+dI4UiWGR/mDcapdCIjWkgEKK8Br8kpVFWq7I2dD3o4JMQ8JtsB5DgWrGiwewT0cJITG2qAB8hYCyPF6ZumT6iSk7dTCLfZxID66m+zSRW0LF6FV/kbnrfaWeZvijkHeH7/SN5y1OI1Oim/aXPGS/oQmJMjmV2xzMBmaHpCY6nF0Lx1LbavW0WJdFPbIj50Hufan/cyvG5c2ZB0Vg3gNg0Ruz+RtsH4iJtjonuDbQ37pwBSe3Opi36bq44rszHNLPwLgNAQiQwkxygys8ZS995ZdXEEAt/prh5Zh6eF+d3/rI0EWe9P80G0x4TkgLMM4A29ipT0ylidS0+AtFQr8eNk1rcRP+/aw3p1BIP4AgPHB2eA7AFCwMs/Cce/n1OGK++pS0H7kXIERMO40YIQXKhijExqyarS6D/Ob+DobrUq2AZIobO6M5iZgjy/Y76aPu5UTR6pF34Tu5di2HFLBMfCcQRsleN+gJUwqVDmRRuszXwBk4F6eVph6SKZVVkUVLferLIO83dboh8R56IKLasmg4WrXbcwBHZmOIoFWUvRwwxqC5wHgeG5dKK25XBFAmC8m9a1vbfZ00YA9pXyHEmpwYT3ePIfx8DvAgrmIED5E53qs5Gs0d9JUh6ja4TkN7/H9SRiLMN9slTmxPoQ1xhqzRUrQh+SD42qG7dpe2qlEsUfBuY1p4Pxvpn5kzZlmbRzlD0qPjL4YSuPQEEoCvPkYysOFwDtV82/FafPqBG2gQLF//3G7qNCT1UHPObboWCkTim2/IMA3rmLochbUoBM0KLrP7BQQubR8rv57lfjw15P1Z7ApppKnhZsMw1J/RvgH5OgK5X57rBe6SJl31RqX62FkO9GWQLG0rPgEsa93sd3zI4tiTTX/snU69uiW017xQ==,iv:DHnR0ZMEuZtY2Gx2xgomnEWH6F/qzkErJ9KwInGLlIM=,tag:Wx84gTr29eO/BvyRjnXC/A==,type:str] espernet-cert: ENC[AES256_GCM,data:3N91QUBnRUDlK1ndxw0434TzEEkb0Y3qte5UpjH96RyyRN6oeImC8Z0rjGGWGSNTF8Xrd+TPMWj4WpYQQwuZVAANwd5u/Itbs84alQI8ltaM4uvTz9KxNRvwY6FTi7lWrjzVWi4Sc7/wax8gh1ra6B7Q0BhDqWa2Lvucgo0NPU0XMO26W3O+sVzKcveNb/wCuDIgbgH9bJcJkkJ7st/zeEkQhj3cI7FYBXqTixKcN3JVI/1FX72VA9rhMIYlUV4CcJb/sNxZOIMP0XzjH+IcPZJdFz6Kob/dA6BYIwW8e0uVWEeE8RRSrKq/8FhbuN03oSo0z9TgOcldH0qgXF82eC/tmfkI6G6bkyu9sMzOtrQbb9Nl19IhUXYq/BYKosWer/Dnc2q/tR1qsFBirZiA6Gi+9GZxUZrWAlyBYuWTKCWU6hiUk2tGBcKg1VbxGY2H4Md2i6SRedGOS6VA/HJLyEjh8YDej3XR9EYFP02OwLs6+4MNBcrdOEEWmkxW0EEuS5KF2SZ142hhsHZ8NIDnolKsSOwFqRuKhgnAMsB9+IQSzkSSak5MbVcnAsJsmkqhTKvf0idco2tFGaJeJjjXVi1Knr0NXJX0yku/mA1BWvb119KP9vHNxxc2QKaa2MJeqpXR92cB2XBrtR9pSAm8RVTLRyFWCQxtuvKumO+3cPJPfocfuIocK9FRE8SfwnFvHL0frwK9FI9MaJRcMJqOgUv20p/OTGBoEpoKUhHUPmPqaSWVyi+3jEE+Va3idB4HeOgKA9P/FeVhnZf7SP28fEEI3A0805gDVlhcbx7Y1ZPrrNJv8VXAfwG2//H1Z9/TV9oruRjSR2S0tNLqV2vQGpHBPt1ZPF14lZwybAM0pRldZk3DasWEdZuSv9n8bHHv6cGhHsmrZdVb55oGW5uGEksdUGyXB0aRlXVFDkAiM5nTuNqZN8+EWyu+P6xH/em6wSWpeQE5t1tlqLqpaDU5O2tkVuqHcsllSou9k5p8PmY/bf5K1eGSPUVFAt+9v7+gQoofIQ12TpYCadOSYY7uCiukoiEFMYFyAvzY5QIiSWw07MF+jsBmeb3gWPqRH3tCHUBakkpVCV5ICRhItQcnb2Ins7jmthz7tvhD3pvrXDk7/sj5MwqByzfAyn6RqWJVp5D+GymQqYDhigPPInRqln0XBpywpaXMsWRx0UsnmCOGGJn0tFKq/k4SpwVlqf2VhQB73KtyP/K01AXmiVlfd1mbiAMw2N5qu1OpAt7SrfgXgXBTnd9eztamBMwKpMuXsfWdmycjnbzNYvhkCiy76AvQ8vgAT5udQWiliXrxsXubA0uhRAfZ/UGgRjiGPcw5fuBFnh7aB0FCYFhjBaoMwptHx92uTOis2gPEhn4K8Ex2xFMGlWC68RqvKXR/e3PNgVThTeXFN0xo8OObL2/2rtsvt476Aj+hENrAEZwW4Btc4vDJELw9KddnCIH5xeMdiDW+sjIh4Adj+H5C5Nt2U252DQExrprNksNqSTvZ8Coe4qQLB/cjyh5kOjIfNbaeaMXpikfgAV51pfbAGUUHrz5J7Tf36u5GLGHbETt3bTmyeyO0fZfKvw2UqAZaWaLn7C95n3dgkpoq2Gn2dA2LasgqQ+5EBcn93Oa923FKBdxE65UB/MXJPQkCDXBOCBai4I56wXC0QHDXaRlshvl+PQy76fSacyXlcTwcgoRFn7AVUTtlm/jo/4yGCfBzMWvITh6ppEzg5ls8txnm02CWP7ihoJaY317TJdOkon0qvkG2EXSOmdcX5nAJkPDg4Z4s2wVyEBqtRUzPVAQaCaqZRPseUHsfJzBYjcZV85dV0iw+McFQm7uEqjS+yCDXul5fRzx2g4IdslDf11glwb5pA1AVsA57jT41ByiFOXgJszURjvV0ZxP0vLfsQixa4uhYiZsQu+XGkdgDiS+/ENaUhRw9t0YfO+o8kxFKWm5wUgMpv3w8+9BOjlehg5iWR1J65qpk3QwGZ0PNDboNA79VPDYzbDGTR1uELe4hhxBs9xMTPWpXsRPVg19KVJowNIz4IOSxG7qM2H4J/Q7lxxl/f8tJ4IlIvCNp2SdI8eNABSqJDBcl0N4z5h9OweFTZwmkSzoTtHRnJwu0MpSMQQeEcrjqQgdCPhuY06TI8g+F9b35OvCEzUjP04W5VQVdl/TmJiIePsFZEaKlMUbwV47PyTp9Yq+GmPwVco5oIYWlDBId3r6vNuY5TkAtvfblcIqy2D0PCXVd0AWfO4baBZzBxZKu8x/ma2zY0cUon8HsXDkekfhlY5h4UgVwvTXZoprOfBzgEui7a8Hyilb0eUv6H0Lr5K+lLpcF4sKWa2BzyGbKP1gmjjr5tR+Mz11xKIta+mj+sVTuK3DY9xEBxvZpGiBRFrh4A7g4oW3ED+E5+o1uVOCL1zAp6dba9fINHfrvtpjHL5zy6x0snaBy+Bqn18EJg33/Y4slFe1IYJXQGTQ9rLkq1lDB3rHT0UjYrDepDpm/PH1JGa9QV5jvHxSDJhSakOC2/PojrJWk0jUHgXxONqscg1N2USU37iVE595iU6M+YoPStLds/AxZK02Hl+zsypHcF6Yc4h60wmxmRLnOPxMychb/jVJ+DjnKlGgavIg1alOl7nsCPhJfr3DfbZd/RAz9crR5sXkUpJN7uoI6b/MB5BMLIZ7dNKt64tLP6bXfpfT/v4NcfG/yzVXVy0cldKG9CRPGm70vFYqzP2P2IQTXPw0gBxn2SwJ1h2JeVdBkvqcUmcNS67jQsfZIJu+gN1VFinY15JNBxeEbd65+BQFbKGfCcQ2kLo9Q28TRERmc3yJkE8C4Vrzgvm+TDyFU23Zenm+ys5nhT3AlOQ6umEw07xp9cGMoSE0H4K9yPRppa0+UvNeM8suo1MlfTdmAKRmz9NGYGXskhcjwav74XJyvGp9AoA/l0pgQoD+snp+pahjFFlq7Y6rzqjvWattVo/U4OoeItvl69ueys7jdl4egSyRjL1NAsr2k9m8ZEKDDNY8WGQ/8+UXQI89wMQEeQBFUOnEPfsX9u+Djjz78/AfIMxI2ny7aS+idDoPyIomdRQqkL+88ZMSdgfyyUuvR5qfa2ge0bAgp1HskHDBBjjG3bTpL7gZKALpeinIn0+mBmCMlp/XL8akGxqWTpwFckYWB4A0FJ7DHTunjgQpwr+ajgaI52Y1OiPay9YwzUZ1jUFymMX+hNOSfdbqiG9hUAxC6iwck1bqZLkEy/M31KrQFFKfgnQ2ks7LrRgrmgTpiP4RpTzCpKBniYcD/Xz5ERVMbMndzHMzAqYddcSZyI1NplH9lct7q8yU2fcQu+jRdkqTBe8XOPugrwA9a4UP9aGmDWZE4Kxp8NtSgYY3ZDEEsg7O9whSMr0i2fqceNKwt4cwbyo+lnCqF4/lB5yJ82vx7Vcl7YukOEiS168g1prB9RdpnD0dItRM7VHXhc63SLt8j53cqXpDql10z6Q55R6aVej6gGHyPrIVZiFmCSovz5r+/YAoqAKLqxBYGs3ipfW/ZIf6iLkpaHCeyOZ8s/2T/iuFRPQRIr7+DtGeSeBnt3uAjJrEQ/AKn9M3HxVcajTGQBWBG5AKfiiYG6lPHRRz2/KoRM24lSHlS6ASXOuBp3cyKbcDWtdRZ0k7b72Y+c8cuGyiIaMee4Pr5GQed0mWjWm7vj8kN3ng=,iv:QpBIeLDM16NRjI4Atq6PaDrlDm35B2r6kOl/gk1lc0U=,tag:PW1I7HL1QWW0jK8jSZ3sIg==,type:str] -softnet-cert: ENC[AES256_GCM,data:lwjtqw8WlR8WwFkV/ButRbXnUFirfhWeoG4utaob/XBOiyKfExz2GW+PKHM/h7kjD7oyeucav7+xVrc/7ycJveA2FLG2v9wRyTn62R2Dy9E5Mrl+R/Iq9H0Q5/X0HnnU+rzmRfBbIPDLfC196YeQNbb8kpQVY1qYW9DLAgba5gb0EwM1FOocEmpgraxBvYNww5xq3PomGHVaRBg3B0kqSULvBkxu1vd/Kti/gF4A7VmN4iWK5bsz6v9AAIOLnChXre2gja6WHzMT2VCc1B/no9MdzdXhC7PB2Z3jZgt8ADskdBogid0fDAKzh7CZGjI5T9Wtyn+tPlEtopv+WDqo2uNJHrMjwarbQQR4/Q4vpc1o7DASFZvhu10QxmnBC8Pr4Vvy2ZkI5xxEXpEDGt8HL9GnQKtTSI1RclmsRFxBIoWUuOMXAQGDtA6nG5WEwIRiSk73Xfxbgx0DDvyX8N9DSjoGLS877ltb9L17+Ywdy6xcVBOHxKKNTrSxftSVm7RLEhy47WfXo4FqK5KQkWV8d7E3/s47TT16kvfRdaqKHbAXHR1qrTBNTMchOqo3SuOV/RHucMw9t82/OUn/bBCR0lZ7hOQGSCWjW9CuQj5O/t7+1ZBiR80QPKY1ItdBmhdhSe44KAu6myae24hbMaclZyIJ4br8/wrMCrAFOM4MqQjEBrCHCbmv/q40XwuNTrNvAWx54bb8p2nrNfyzILwOcmyJJMbWJX9D74dEIBADsrfTlG8FC9WgcTjlzgiA3rhHI6RikKIMlOFjvzrPn8x+TEtdXTpvt1ULOJc1YIuTrqqojTgF9yL/JbHzZ5cqEI2sLSUhi86Smn21ESQs79eiaEC+LmQbjHTBNP4wv/3H1981z6D4H4Cqg6auLBrmBEKTuchbfHSZiJPoSxRpc7Wp1DkQ9i2kJ/EIZYd9k7PBYiVNMzalZv0WHx493hpKGMsD1lHYVvoZsnCFgpZP6MbcfBxD2oDMekLelFGVro4aUcjlo2GTuUBnNRqJ8QqeUmgY3BpehjqJiNF8sy9Dbf1kN5tFELxGbp8/BFZYs7KnX/O77KOxiaEBRwNgUzdBfw==,iv:s6Bu2OvqZ0EUFJ4H2q7nJrHdn9JkLWD1x5IiegyDqvU=,tag:U1TAvoq0/w52BZEfCPVNxA==,type:str] +softnet-cert: ENC[AES256_GCM,data:0acY4OVWvOCc/+rh8aOyoA71Si8nLy+4DY0IMa+sTz8+WKQMqXyAs0XviPcVetMJuCVngwl63dWzDIgkuGZiNDachm39cfBllJBZbiK/rlSpGFDvJ/ulKYWA31vjr/SR2drdUpaTVzYfwVSagV6trVihqMOlkbraCliYg5oN6hllcKXTr8wdNOrfJA/Yl2JkPnH89dH6lVC014FQ/XPh31kLNu2YpflrddQBUNzahRYfLkh693LKgYArOl2UexuEyt4Rt/m2vJEWScPUDLn46cH1NI93/zEG0WGjDP7zcRE7lV0NtfmwXWW95cmn/B+Zjnw27XPPi+ME2NvRbZ5URTohxA8rMh1jrajoRQ19ZFwSrK9LZjtp+/UQqci5lLHKp/hGZ+q9bauoooA17iSNrdbbCqMUdNgSCULfFcIKLJemuvF5DsjfjI8UvipuMlwhZ1xWeJhwAChB3dvelJe6zBFdtQLRdj1kzL7Te1V382dLfQZ4qpMKP0fM3hMSzEJpd8oEYsPAN3yjj9TI0aFcejog+E+Lt5N7g+MLz/jnCB5d+2GxAVZZWj6w2/nKY2pmwUfuPuIos4l/iR/IISC8ruhbjm1E50hHrNo2fvWkAafHvW8lHfVxE1lfiXl395ypkGJOTjRFfMzRYCJ/+jDg6urbBEFBlPnDwraHBGQJs49E4xM6oPD2fDQ7KqWSPl/XBjQWgdZ4SZnLNvrOXv1pi2lGj+T6JZj8OuT9+OuS/bXR1+jvxr3PYKUFnymMwy54NGq2107uCKw64obxeLHa+3brtUGuSZ1S0KzBMju3rQIHGnFw9dM7prx6peI1exJMJboIGAkKZmLmcmrACgFchGR2EbS9iyI+WagfSox1J4vk2lH5kWFuxnrZ9bNvP6n8PxrLZKxh9Z+rOQ3HvpAgErx5XfhiRzH4KWFv2Cv4gqTRa+2Eg/5n+KHSQpj0XOa77/AzATOuO0/9YDObKFgYICogkSH9OIl3Jia8onHc47pnfoHoEOyv12XqWJhxKB5t0IdTNBmaconSWWXg7iFYmEZvdSQ7V5PKuMZp7JlnBI9kehAFMRYASXItkYRWHMBarCw=,iv:Lo8RT166ArCg9FhHyrpLHvBf0DPrSoWCb4NnFxnm6DY=,tag:sVbXgO1//JHXvvidyvgUuw==,type:str] sops: shamir_threshold: 1 kms: [] @@ -45,8 +45,8 @@ sops: cDE0NlhaTTJjRHRwWFNVYTZlZVhWWVkKKLSGcTpffyMD6f/Kn/MhdB89GipwKJBS HTQhBc9IE7AiFrHxgP5tIg4vEWNLJDumbpXVD+jXCtdyB72PGP9iKA== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-05-14T21:02:59Z" - mac: ENC[AES256_GCM,data:wF1PLDaXQlhDN4C9CDj5hhLMEpw8jN3hjqbA1cY5pSQZ5487t8CBplz4+SpcnQg8vT1tEJPYzXOufeiKYtgMDUGT4j5PjrgAdTbfZZ/QEZZyko7C3xBNQ01OwR7ySMgoIgWM9UnbveKweQiXrVBNLC93zysfoKDdClFSnXDqUW0=,iv:+2WIMPIEwGjWtwaBBuzSSrxR1uOQk8FbcLD1oVQYfIk=,tag:B8wuSZTLpksgfhDUiox5Hw==,type:str] + lastmodified: "2024-06-01T16:03:40Z" + mac: ENC[AES256_GCM,data:PSDqu33GEDKxydb6sYKN4/uZhJntO7OthN5DKkzHGUNTxLsAy9VoYDhjz3PuQLbPuxMcGZfit95HDM5pxbrAnDqPV9m+NL+Gpa6hBIl0gD+O6cYcjGhy/ABSnSGu1HebCtdhneZik0Oe/3HCSIf+SF+m54cqwJ+plVLDEAZD2FM=,iv:2nIUj37lafjVNQ7ubDaO06jx3Hdmz5RcZQy/Aexf1HE=,tag:wL0kmVTbFXhyrzu14C2eZg==,type:str] pgp: - created_at: "2024-05-13T17:25:37Z" enc: |- diff --git a/systems/koishi.nix b/systems/koishi.nix index a4e92381..48e09bce 100644 --- a/systems/koishi.nix +++ b/systems/koishi.nix @@ -47,6 +47,8 @@ _: let services.printing.enable = true; + services.hardware.bolt.enable = true; + swapDevices = [ {device = "/dev/disk/by-uuid/04bd322e-dca0-43b8-b588-cc0ef1b1488e";} ]; diff --git a/systems/yukari.nix b/systems/yukari.nix index 8f930b2c..ef67ba13 100644 --- a/systems/yukari.nix +++ b/systems/yukari.nix @@ -22,8 +22,8 @@ _: let grafana-stack public-directory weechat - #tt-rss - #monica + tt-rss + monica ]); boot = { diff --git a/tf/.gitignore b/tf/.gitignore index dc541e68..3f5ca68a 100644 --- a/tf/.gitignore +++ b/tf/.gitignore @@ -1 +1 @@ -tf.tfvars \ No newline at end of file +terraform.tfvars diff --git a/tf/gmail.tf b/tf/gmail.tf index 60a951fc..4f1e9110 100644 --- a/tf/gmail.tf +++ b/tf/gmail.tf @@ -7,21 +7,21 @@ locals { } module "inskip-gmail" { - source = "./gmail-dns" + source = "./gmail_dns" cloudflare_api_key = var.cloudflare_api_key zone_id = local.zone_ids.inskip zone_name = local.zones.inskip dkim = local.dkims.inskip } module "dork-gmail" { - source = "./gmail-dns" + source = "./gmail_dns" cloudflare_api_key = var.cloudflare_api_key zone_id = local.zone_ids.dork zone_name = local.zones.dork dkim = local.dkims.dork } module "kittywitch-gmail" { - source = "./gmail-dns" + source = "./gmail_dns" cloudflare_api_key = var.cloudflare_api_key zone_id = local.zone_ids.kittywitch zone_name = local.zones.kittywitch diff --git a/tf/gmail-dns/cf-provider.tf b/tf/gmail_dns/cloudflare_provider.tf similarity index 100% rename from tf/gmail-dns/cf-provider.tf rename to tf/gmail_dns/cloudflare_provider.tf diff --git a/tf/gmail-dns/main.tf b/tf/gmail_dns/main.tf similarity index 100% rename from tf/gmail-dns/main.tf rename to tf/gmail_dns/main.tf diff --git a/tf/gmail-dns/variables.tf b/tf/gmail_dns/variables.tf similarity index 100% rename from tf/gmail-dns/variables.tf rename to tf/gmail_dns/variables.tf diff --git a/tf/oci_common_private_network.tf b/tf/oci_common_private_network.tf new file mode 100644 index 00000000..1151af14 --- /dev/null +++ b/tf/oci_common_private_network.tf @@ -0,0 +1,15 @@ +module "oci_common_private_network" { + source = "./oci_common_private_network" + + cidr_blocks = [ + "10.25.0.0/16" + ] + + display_name = "CoreNetwork" + dns_label = "core" + private_key = module.oci_compartment_bootstrap.child_compartment_key_value + region = var.oci_compartment_bootstrap_region + tenancy_ocid = module.oci_compartment_bootstrap.child_compartment_id + user_ocid = module.oci_compartment_bootstrap.child_user_id + fingerprint = module.oci_compartment_bootstrap.child_compartment_key_fingerprint +} \ No newline at end of file diff --git a/tf/oci_common_private_network/oci_provider.tf b/tf/oci_common_private_network/oci_provider.tf new file mode 100644 index 00000000..c33a34b9 --- /dev/null +++ b/tf/oci_common_private_network/oci_provider.tf @@ -0,0 +1,28 @@ +variable "tenancy_ocid" { + type = string +} + +variable "user_ocid" { + type = string +} + +variable "private_key" { + type = string +} + +variable "region" { + type = string +} + +variable "fingerprint" { + type = string +} + +# https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/terraformgettingstarted.htm +provider "oci" { + tenancy_ocid = var.tenancy_ocid + user_ocid = var.user_ocid + private_key = var.private_key + region = var.region + fingerprint = var.fingerprint +} \ No newline at end of file diff --git a/tf/oci_common_private_network/providers.tf b/tf/oci_common_private_network/providers.tf new file mode 100644 index 00000000..6c35c789 --- /dev/null +++ b/tf/oci_common_private_network/providers.tf @@ -0,0 +1,14 @@ +terraform { + required_providers { + # Vendor: Hashicorp + tls = { + source = "hashicorp/tls" + version = "4.0.5" + } + # Vendor: Oracle + oci = { + source = "oracle/oci" + version = "5.45.0" + } + } +} diff --git a/tf/oci_common_private_network/vcn.tf b/tf/oci_common_private_network/vcn.tf new file mode 100644 index 00000000..4f977e84 --- /dev/null +++ b/tf/oci_common_private_network/vcn.tf @@ -0,0 +1,27 @@ +variable "cidr_blocks" { + type = list(string) +} + +variable "display_name" { + type = string +} + +variable "dns_label" { + type = string +} + +resource "oci_core_vcn" "this" { + compartment_id = var.tenancy_ocid + + cidr_blocks = var.cidr_blocks + display_name = var.display_name + dns_label = var.dns_label +} + +locals { + vcn = oci_core_vcn.this +} + +output "vcn_id" { + value = local.vcn.id +} \ No newline at end of file diff --git a/tf/oci_compartment_bootstrap.tf b/tf/oci_compartment_bootstrap.tf new file mode 100644 index 00000000..da137318 --- /dev/null +++ b/tf/oci_compartment_bootstrap.tf @@ -0,0 +1,56 @@ +# Populate in via variables to avoid secret leakage + +variable "oci_compartment_bootstrap_private_key" { + type = string +} + +variable "oci_compartment_bootstrap_region" { + type = string +} + +variable "oci_compartment_bootstrap_tenancy_ocid" { + type = string +} + +variable "oci_compartment_bootstrap_user_ocid" { + type = string +} + +variable "oci_compartment_bootstrap_fingerprint" { + type = string +} + +# OCI Compartment Bootstrap +module "oci_compartment_bootstrap" { + source = "./oci_compartment_bootstrap" + + private_key = var.oci_compartment_bootstrap_private_key + region = var.oci_compartment_bootstrap_region + tenancy_ocid = var.oci_compartment_bootstrap_tenancy_ocid + user_ocid = var.oci_compartment_bootstrap_user_ocid + fingerprint = var.oci_compartment_bootstrap_fingerprint +} + +output "oci_compartment_bootstrap_child_user_id" { + value = module.oci_compartment_bootstrap.child_user_id +} + +output "oci_compartment_bootstrap_child_compartment_id" { + value = module.oci_compartment_bootstrap.child_compartment_id +} + +output "oci_compartment_bootstrap_child_compartment_key_id" { + value = module.oci_compartment_bootstrap.child_compartment_key_id +} + +output "oci_compartment_bootstrap_child_compartment_key_fingerprint" { + value = module.oci_compartment_bootstrap.child_compartment_key_fingerprint +} + +output "oci_compartment_bootstrap_child_compartment_key_value" { + value = module.oci_compartment_bootstrap.child_compartment_key_value +} + +output "oci_compartment_bootstrap_child_compartment_key_state" { + value = module.oci_compartment_bootstrap.child_compartment_key_state +} \ No newline at end of file diff --git a/tf/oci_compartment_bootstrap/api_key.tf b/tf/oci_compartment_bootstrap/api_key.tf new file mode 100644 index 00000000..c6152da8 --- /dev/null +++ b/tf/oci_compartment_bootstrap/api_key.tf @@ -0,0 +1,24 @@ +resource "oci_identity_api_key" "this" { + key_value = local.child_compartment_public_key + user_id = local.child_compartment_user +} + +locals { + child_compartment_api_key = oci_identity_api_key.this +} + +output "child_compartment_key_fingerprint" { + value = local.child_compartment_api_key.fingerprint +} + +output "child_compartment_key_id" { + value = local.child_compartment_api_key.id +} + +output "child_compartment_key_value" { + value = local.child_compartment_api_key.key_value +} + +output "child_compartment_key_state" { + value = local.child_compartment_api_key.state +} \ No newline at end of file diff --git a/tf/oci_compartment_bootstrap/compartment.tf b/tf/oci_compartment_bootstrap/compartment.tf new file mode 100644 index 00000000..196f29f1 --- /dev/null +++ b/tf/oci_compartment_bootstrap/compartment.tf @@ -0,0 +1,15 @@ +resource "oci_identity_compartment" "this" { + # Compartment ID is Tenancy ID for this case + compartment_id = var.tenancy_ocid + description = "Compartment for Terraform usage" + name = "kittywitch-tf" + +} + +locals { + child_compartment_id = oci_identity_compartment.this.compartment_id +} + +output "child_compartment_id" { + value = local.child_compartment_id +} \ No newline at end of file diff --git a/tf/oci_compartment_bootstrap/oci_provider.tf b/tf/oci_compartment_bootstrap/oci_provider.tf new file mode 100644 index 00000000..c33a34b9 --- /dev/null +++ b/tf/oci_compartment_bootstrap/oci_provider.tf @@ -0,0 +1,28 @@ +variable "tenancy_ocid" { + type = string +} + +variable "user_ocid" { + type = string +} + +variable "private_key" { + type = string +} + +variable "region" { + type = string +} + +variable "fingerprint" { + type = string +} + +# https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/terraformgettingstarted.htm +provider "oci" { + tenancy_ocid = var.tenancy_ocid + user_ocid = var.user_ocid + private_key = var.private_key + region = var.region + fingerprint = var.fingerprint +} \ No newline at end of file diff --git a/tf/oci_compartment_bootstrap/providers.tf b/tf/oci_compartment_bootstrap/providers.tf new file mode 100644 index 00000000..6c35c789 --- /dev/null +++ b/tf/oci_compartment_bootstrap/providers.tf @@ -0,0 +1,14 @@ +terraform { + required_providers { + # Vendor: Hashicorp + tls = { + source = "hashicorp/tls" + version = "4.0.5" + } + # Vendor: Oracle + oci = { + source = "oracle/oci" + version = "5.45.0" + } + } +} diff --git a/tf/oci_compartment_bootstrap/tls.tf b/tf/oci_compartment_bootstrap/tls.tf new file mode 100644 index 00000000..0e96add4 --- /dev/null +++ b/tf/oci_compartment_bootstrap/tls.tf @@ -0,0 +1,11 @@ +resource "tls_private_key" "this" { + # https://registry.terraform.io/providers/oracle/oci/latest/docs/resources/identity_api_key#key_value + # "The public key. Must be an RSA key in PEM format." + algorithm = "RSA" + rsa_bits = 4096 +} + +locals { + child_compartment_private_key = tls_private_key.this.private_key_pem + child_compartment_public_key = tls_private_key.this.public_key_pem +} \ No newline at end of file diff --git a/tf/oci_compartment_bootstrap/user.tf b/tf/oci_compartment_bootstrap/user.tf new file mode 100644 index 00000000..2d336ece --- /dev/null +++ b/tf/oci_compartment_bootstrap/user.tf @@ -0,0 +1,13 @@ +resource "oci_identity_user" "this" { + compartment_id = local.child_compartment_id + description = "The user for Terraform to use" + name = "terraform" +} + +locals { + child_compartment_user = oci_identity_user.this.id +} + +output "child_user_id" { + value = local.child_compartment_user +} \ No newline at end of file diff --git a/tf/oci_servers.tf b/tf/oci_servers.tf new file mode 100644 index 00000000..8f154547 --- /dev/null +++ b/tf/oci_servers.tf @@ -0,0 +1,3 @@ +variable "kat_pgp_ssh_public_key" { + type = string +} \ No newline at end of file diff --git a/tf/terraform.tf b/tf/terraform.tf index 1e01d2d7..a608d712 100644 --- a/tf/terraform.tf +++ b/tf/terraform.tf @@ -14,13 +14,27 @@ terraform { } } + #/* + # Settings for local applies + backend "remote" { + hostname = "app.terraform.io" + organization = "kittywitch" + workspaces { + name = "nixfiles-tf" + } + } + #*/ + + /* + # Settings for remote applies cloud { organization = "kittywitch" ## Required for Terraform Enterprise; Defaults to app.terraform.io for Terraform Cloud hostname = "app.terraform.io" workspaces { - name = "kittywitch" + name = "nixfiles-tf" } } + */ } \ No newline at end of file diff --git a/tf/terraform.tfvars.sops b/tf/terraform.tfvars.sops new file mode 100644 index 00000000..d696694d --- /dev/null +++ b/tf/terraform.tfvars.sops @@ -0,0 +1,22 @@ +{ + "data": "ENC[AES256_GCM,data:AZVifi2VZytwI9ohXMruYkMhRaGQd+dbP+JtlQwgEZahCkWXeiprJ0QmFtWAXBGs4oTwactOILd71OS6CLRKiOlOUA2fC6mkqNh9vuPauwZn4Y9r9Dc1XT2s5H0/gluWi23Qt78FYlszElgaxU+CEfvz/AdmmarMIylQ7VmJd/qw93PCZNKPCvXGyDfJf2osGX7D7JBZM4kSFY9TZ25dFAvE8/JieiwNpGEy9ZalSAO30DbKxZBlCNw5bAp8ViYrWrP97J0WIX4ajGm6XaWDh2gI65WG+X91igKxl87k/DUCASqynle64FDctKcLab69Luu077WFz8kyojDA8ZnYtamRpyoHoEAJ5Fc/h8WV4liptM4pyiOHRllWjE3Io6IZgvKdH3wvCYfIIwKZApjOrzxP24M33x0mGobkSr74fNha71ccd8r2dtgpGZ8QC7CAuCVU6Xx61D61ZDm+dnLlcCuKi0o8zDZv3QULiE6+yJMF4zTzJQQyoFHwZF1Qh+S/hCmAJa00ofJGT47lpWc/uUntgJN2OIYva3Einj/AGrDMBXfh+jJoPigdU3Z+u5bRqsrw/YBOFnsgPKg+dmST2ZHMU+bifiL4BV5GLDsHwf7TpiwmERdbsWqUJORwghb2bldBxMVU85b3zV+h7W9mrx2wgCDcjSiFGUWXKujuLhdfd3ydL73z0tT6k+0du/BXRA2NluotfNPEsmGpx/+ek3BdMazVn+5rCak7ucrBH2D0ThSEf5gttK3KPSARnLIPv01OwMq7ORiSu/LH+1kiT9CL6HtJZ6R1DY0/abKcDNjMR3EFfRAD/+B45dfvAP1YSvhNkWp7ii8q0nVHuSlsKWA5f9l0whBR+vQQCJJM7eSlhqQsjZUyvILl7Wad6ptt05U5tRhXFL13bnUCEMLdEdsFMwbD6o1fvMAHgiKbBAt3Lq9iCmd+zgT4vLsEMZ+WNFCB5hGr47MuWpcoNmsZgM49/6bHX4joiGg5cGQOzY8YiLmRykpXkGngOFJG/8gJJzYprpQX/66ybsi00Zqx1lSx+FC79N+hI/1xCmnF0TpGhYvY6fYOVSRLEgidDfvAd63eyixtW8S3YwvLsZMOGvTdhf+C82vWojItA7wjOCAcAMP/rvD0cj1xHrud+ax/2Z9mXoQGLKanwlEH+J+TOTkZeNMGhV9Ie8LTInrEIDH6Pd96wPBW/x/nU5oD5gsZYAFz++/nLUObdAnYpduI8qtaTGIiYd6usY7RsIpl0VwuA2MRZ+LJ5iFlhw+hu5MkUyF42UQHePVi+tuhqcH0hgD9+zuVrM1vCXif2f+KsbVDRASaojDWdP4VrwjLaxuaK16JEjTJ4fZDU/mNnPxrXrfaC6MV4gTKgAc82zDbZkrkvQ4vbrel3ziDAqxYajJ/a0Qa0tTFN5pCMH0YWMkSutUqvPbXke/vKHGpMBdqJdRx8GZFPCCNSfXZgKU77zOL4TFA90jOGXGug9WxHAe+IwE/QqfErEGYvHos0AtkbL1TxGWMEPeL+VeE2y6tTz2wfFZp5EDSJAhsuSU8bra0haCSf0VBZS/uW2N7ndE3+PyhvhdmEdOLOtD73Ex6xUs7ZkUsntgchd/hDRK1PwuRmgmU5z3/3CE91ODBxyAOwFtA8DFXrUbX+kVkqIeavIZhtpQphQFq9Ph5UzjUFFcA7VDq/dEsujf8lyGPj65wZM2smvBM/pTHvZl8ktIBhDvPoA29+5/BtSZzEpPOj5vKw/cWKQXUW9osWkDdi0htaGzZt9C0QKOY1NyBREneiJ3NG/rf3+csUmIX7cfPFm5JaDYBhQmFiFLLjj12e1TcnVqGvSiPVyc7qASymfViW60fkmJYoPE4aq1i2vKudT+nTEgl4sOiMDrxH9CMp+8scnRLz8nQwx7lwkakwm8flBB3Z3qZTAY91zQIpCR0+BsnLC01Ay6g1G6/vtaXhQGlU6UlSlJd5viyevtyoRpP5VkjXYtQCiYpU9VRSc4XutzsK765k2g+K3m8H/m8ybXVI3heCm3GPa9mPm+eQisxO+1owCbczPUIfOPv3SN4LeIHcgXDugr1Iq8fYgHs32jMpd+/QVABZiIG9YnWsovrQo0OXqNnv93XXeLRljxooN3mRNO0PzxXYbufiOIKbCKYbq+HZk/3tQ/tKqUKTBkaE1wjUqzOYlFFTtYuMe5tNAvqxFyxU0S4TQOd0d+5qeWjkM9rCdhOQF96U/4zZW38ZT2keIOiI9nrSbKfeCphQ5xdwGYXNCo96ZaKzYod1haadh0iIX+Z3BOAsnr/ajqUGywcWxQlFZCrn3dU7OSeO5FbZwGBBmZHPkdxM1kqoTAseVqljVmM9ALDVQg8+aweKfyFD3xRcHWbiIQMR73ErDFYp0p09WWA81iBiYxgKPL3lR4zERBZ6wWAEjTMCtuNileXdKcCWcYF+uxMgzvP15FaZoscDKgSnB0dQQY3GEW6stmiUIcekqDl1wSwaPL6N1wnJXEZg+wOEkzPKHB4Smij7Ri/Wu4Drm33mQgxw3U/c4f0DjyKBGIx+DU0g3kkPULUBbAk4INvok0X5PacEV1I/YmWYhvFLL391sljQGJcVTWUb3UFZVdFj4T8p4g1J8YAaot9oFhfe0PfwjfLnhP3kSz0DuhQtuZEzrEQ3/JMHZXzNlYdQ2PeRXwZL1cI0ADTaPC8Mr5V/SkVyOk0OtTQ+B1cyWPerNiI7rsYteajq+a4Yd390fyM6akXdDZwfiT0iy/XPK5WEqOvmKjqJMD66l8KQON+fBRoov/JjQVM+Gbnln0OPfrMrjeE1t9NSdBsVs695SCh9xolG8zsPl3/EWjcj5P8Iwki9Ie/DKmM+V+Vq6OE6oGOib55zjvxlcL2vV101MIvpndhgQ9LGHu4L8VIPQZ19RcD4f1Eq3T5XHdLQfBFggIcxKoHh6zUMSnXSJ8TSAuua5kzppl+kgivjAKYgAdtEvnapt2JrDQFmCP5zCHCt+yAFhlreIj1qoktpMZd7O1OivAUazPIScx4O5oQkDfrVNbnRz+st33uccSXbi1KX67CjWFe/hF4UYAQfBtxWAX8T8B63a23GYOGbY6aUHcPtBY6JR4+biqiEwf1As0MH567TN1TRuGrZ3KZVRRkgC5C7XgSWYHOxny3A2Jm5HLgYpdYQVYJQjlA6dcr5HveDoOvbFM7ZTczZueUgNJshBh14ly3BaheDCTeq+14RCrkURG3dR+7QyWHS6Wm7VTpdMTbjCA06gqIMyrQE0ptlc8fJ1cBpqLfFMeAz9opjdPHj9sNnJLuhOkKAkqrk9Jac9gDSzX5/L96VdY0It4Mu4oHHnwOzA0Bbti5RfGBDS9/Orio4N8bbboqj9KEZ7KMoEZ3grcFXHSwREk88chsA18McMDVo39z49In/6ZHR1zbyM/STjDNB8D1i9T588YqkpH83FLQLAXs2hbF4aRnZ7ZLIXBQ5ZONT41ZVOZOBRoyDNUw0eJP+whkyhQ5HFLDewt0gOLzwgRxlP2g5O1eUU/KUrOspz6N0Qw9au5MYR2t+A51oFMvdGDc+WPHs8tOPUtEImERfm1eGV8onlONN8nN4jv9vI52m1FJIDVYWSuj9Ot6cka1V3F8BH/yUIoSWNIX46DzVuh+CfeWUVHUKSdxagCUiMxdeK1JM8rUXd/3sWd+4AW1V2Y697uKoptkuva/q/7ybwvkuHWEJMQ5GoGwxmkB1fmczHefcRNocCmrcfiVaaiufsyemGFwX4brfSeJDERiwUBX5/W6Gr60wFZWgRSm9hV3uSOhT2Y/1abls3Wv3W8r5Rrelkok7oGUNpyfsuVakyiSZA9/QauzaU3F8eTmLD/1p4ELGh1lBDPEcWATvrtCIU6/X+5pVFi+ThtSZ4c+j8BytFiEIqzDmin6wVrls4yA11MT790rYEzkW3zFNk1l5py34wp3kBu1TsjuZJtD9xYulTzGbumalbOvgGvTKMBDhIXlItuMEmnoUOhoTEGXK00KpFf7rfo5rhQrCTAxmtnLYAeXNJ4E1/bReXihxmztwPRN3PK0yRkihCVD3XMifu+LKej6qcSdTRzH8dTet8CbHTKg/GxFtElAP/tscGOWHgKPAZLsraRGRHUdCMKzJA0WIRTRFx0oNtJ4sNR0JGR75cUL5+r6zLeKJNqmLwDJBpKYHFeCHTEF3wv8RSLa9EQY1oLM/EtBQujjxgoGWeJTFBQB5FKgkoa6EgGOySDB/2UZ+tOpNsT9xrtFHYMBkRVKi7o82tcPlW3QQvzAUFahDTblAf1nTXAa5JbFZ/+9zOiq0T9OlrZ2js2etC2shfiN8gov7ggcy9RDixOxROH5qxylilgzYeh8JcCNS3Oh28wiklV750G7RI/GJAmqgcGyw595jcP962wZ1sbhUnEIT2AZQ9qF5Culbfmr4blil6mt/vRr+9Tv/QrEwnmANG6S66ORE3VmgjzwsuT3G6O8kVoObnbSzdEA3LjmeEEW+tTHHL5ziVrgdpkKtCNb+SejcPZvOrtQH5i9cWi31ZGMwNqrNRtLL06HaNM49ZN6X2YRRmaRHQ6b13GeR5g8PZjze5WtgF5kreO0WD3RJ3ZkoS5HxOVUmBNkXKvipaH/TbI//bfF8IKb0nt2rEiAv+9bUN+n+V5AIjdSxs3x15VRlvQxfeKEWtdR2llpD+NkIpdkO2uhCJohJlF9CN6z6fNpPurr+RIPvaf3AOuoZ8aavd410X2uFTkRMcfLf0+vTMiS0Yb6CYyZFPD6WDnEhyD9OXRj5al7xcYBYMWue5A2ymfvC+izBMOVo5OkGGCbek4w9gpd5KF/q//n5ZK5uUFBHD85HJYH3HGbZUi2HGL2GNDmytLfxfykmmBpjKmCJFfPr0wm214qma2senhaBwM/Akb/u6pejMuxi7u5rhPrYP84bRmnG04zcpT3jhRF4uFEu+a1Jm7VchVH3bWcq5b597T/MeeiCTqWzEV9a0hE5ZZhJIDekn/vpem/yKMgh1UOS0bgzfKXuTOxxms7VPofhxTQLoDdVwXxYmC7tXOHSWl4w9x0K5Zj/0v7EdBrIcKwkoAHW+oEQv0o3ieOt0b9wsgjfrA9JseBJqrnsqHpdpofU6xRTx82efliJz6sd+XxVbU5aIetJq+JejZ8+wJDlXJzT28MkNfsY6p9aQs2zRTCC5VCl0poc0hk/awmK4HPMPfds0VR8Kn0zDf7KTSCSlR6B+1LjIKsACXTaaLNlCahoBZO0WdsU9lXa3Eq8glYp3MPr0O2YWGg60qViTZ3Z/MXNky5o5CJCqnfE+AmEEYL2ryFTNQZkCYnWJbNOIjEem4TSze9aGlbTAcVygtc5Xiz3o2V1m6cKy6mSRVAvO5KvXyAb6KL6er5GJ6tHUdg,iv:V5Yy/PndVSP4nPJhvUg9aDPjppakmmEycL+Roa5cRUQ=,tag:RXIsMQr59Pfff5fCQk/qaQ==,type:str]", + "sops": { + "shamir_threshold": 1, + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": null, + "lastmodified": "2024-06-08T23:55:08Z", + "mac": "ENC[AES256_GCM,data:RAMXm5Tt8O5sgTm2CRvdWNimWStpnySVSUwV2qc7MUQfYA1D8TCVcv8iICFm24CR9Cg0gipaQQGPNC7dRedu4iCeilqsx7cwbj3uVLjNxWlQwrBueFnSPmrcIrD66B1sMuKhpRZFQMnLi048XiGlXWQhXD8yB5mp+ILBCsOGCG4=,iv:+SiBXYiVCYXKep0XhigYMcJ+Z5ZwpaRVSl93S98V6TI=,tag:saOZGPZIA6OcRyg4T7QMRg==,type:str]", + "pgp": [ + { + "created_at": "2023-05-10T15:43:03Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nhQIMA82M54yws73UARAApQ2ZwB0usOsmNHzhVKbp0usviukLvU8FXl3HjaH49d0o\nzlY/h/A5isen9oVmTe8fr2h/Et/k7QtOyEQg3a+BDxbSmeHWPENdxxmJzgFdAMx0\n91b/puuIL3RpDRzZD0MxbqGk5A3pZZuoHm1PMYgRW7M+xfHzMlOAREqxC3J+2NGX\nBk9Q6iYGem/h4l660ObWdFkkkdyfGba7vz5hUl1het/DlOA73Hdy/VN5mrc+H+KN\nOtOzBYcBsNkhjWHfoK7G666yLNsADcViKZiLHvmAvAlgQly+dUq9kO4kiQwyFI+V\nLfR+/TY73yOjk+St3MS78K4rm2ywsAPNOKUnQGcSM+Vw7/n+0z22dKmZqJmu749K\noHvhE2pIlCC/6Xt3Ft8bjlKlo+4tQo1Jtb89YQ6G8nnoFr/HvAwk01qziIvD3TTJ\nM4nhQt5pArW5i/V/7oJ7iUqKPgda2O0tl0Tmen6u/sPWU3F9CuN0I+bZae8d53Zs\nPIfSGFTsfP1ChX2mxeGJ3BR6fVskvWr88lJmILtgFEo+BjvfWT6D25rIuId5ZqKQ\ngU4MnC7JK+PH/jykT+6s21v5JXnQ4M6WvSZK1J4bs0wR0yN3JbB7pki0zlh/2a8J\nFnWBB/gCaBgyGK7CHwncM/cn6NyFUAn3r2SFjElpInGHd7dqvl9dXHJ5YzyHWEbS\nXgHDOWzI8EpfVrhIKak6ZrKEJIvhodyP7qIgBexAU4zA4CdvmuuyiqIzlRawN4J8\nRwwFHRibkIe5q3xFa/QrOuBj5pfUqdBLDkJhLHkYH756m/25Fg9kqB2tou14qDU=\n=Mfyl\n-----END PGP MESSAGE-----\n", + "fp": "CD8CE78CB0B3BDD4" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.8.1" + } +} \ No newline at end of file diff --git a/tf/tf.tfvars.sops b/tf/tf.tfvars.sops deleted file mode 100644 index 7cb4450a..00000000 --- a/tf/tf.tfvars.sops +++ /dev/null @@ -1,22 +0,0 @@ -{ - "data": "ENC[AES256_GCM,data:ghuU/jYCme3LoCisKUQYWKfLrljg74xggAuZSp5DR67dw4Qj6OxNRNBg7cd+rTDr7zfU/CMI1HUayiN1eUKDow9V5Ozjah/mfYKDZpCbPGTfHIBtLVI0sMAUroK6d7Vq+qUJGfvQX8vlh6Zg6NzloOq/+2LUI7WAm6NW0FisVbDen7EDgU2hPsGOUgNkaK4HsVdHeecho+p8IRz4y46PPlju2ndVM/VE2rDr1SpB8a7DGprOG7IeNJlq6QwGBjaaoH00WY1u6YlhDbmNTnI4Rw/i6LQVZo/E2unaOoj4p5mTLsAcndBCSQVAhBomvzW0IZJi7rnDGhJadkSHZr+OYz4HfC34SV1HMslIqoecsxpkRWvtEsamlrhOaPjQ1tHT62xSj50BSPNOCP/O6N2jr2GdEosCp31tV49gPn6ZHoUC0hk8RjtYDexPjD3O/f7evqDF8r1fRO3dWgJDtOij+SXiqccXriqj5jL71cdUQSNQPbcK60dK8ob3XcNm86TGnYFHcRtKw9mqQ3fDXvewQYjXS+fTpp2hSqLsfUy03urpVwegVJHXaND0ETp7VVPbmhglvGsBQMmxyCY/s0tY5UetNLeXgUDHpvm6x2kuATRH2+uB+gnCvsludpGBi/5gwJXyH/S0AX0vSqTdByJwifqnLz6Vl/RNUiKI1du88xEuXNbh5rQB/4XsE3w5foCU0qzPpxbbCt1mFT/J+NF6AsG2BYi6W5n0uvkfab1VbN6aHB9/4kZ1F5molsvk1jA/kvyU1q5WiRUMuXbaM1uWH00h8Il8jx2kSWHscRWwDYcJGuUxMdF4C5EdKLygg96nFLUqNw/z,iv:S4THG9ETRR9UGBiuqSmNy/1qWdPZMBhA3TSWJPVWPI0=,tag:8PCy6/jmyhAYLbmJRY+urw==,type:str]", - "sops": { - "shamir_threshold": 1, - "kms": null, - "gcp_kms": null, - "azure_kv": null, - "hc_vault": null, - "age": null, - "lastmodified": "2024-01-12T00:13:51Z", - "mac": "ENC[AES256_GCM,data:1bwWzZ2sm8Qm88ovvyVRyBXSfdPuHKlQMmkIt5WdGegXOxybukMwtLOhKMYQBaWMG0IlXUtYdHAvy9yEAd6Dt5iEExmCvpgHTqqc1gjCt/y0K1iJnc1tBxbf0lIKBwfdRPWyWbf9zrXGEIC9+eeLMN0ZfHoDYX1fYTcl0WWILUE=,iv:xpZcfy6fZMRRsK1Ca4T5bH+VxKh0wg6xI8jlT6DEsPY=,tag:8ztk2Z6TI4qQ2fG0jjqcRg==,type:str]", - "pgp": [ - { - "created_at": "2023-05-10T15:43:03Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhQIMA82M54yws73UARAApQ2ZwB0usOsmNHzhVKbp0usviukLvU8FXl3HjaH49d0o\nzlY/h/A5isen9oVmTe8fr2h/Et/k7QtOyEQg3a+BDxbSmeHWPENdxxmJzgFdAMx0\n91b/puuIL3RpDRzZD0MxbqGk5A3pZZuoHm1PMYgRW7M+xfHzMlOAREqxC3J+2NGX\nBk9Q6iYGem/h4l660ObWdFkkkdyfGba7vz5hUl1het/DlOA73Hdy/VN5mrc+H+KN\nOtOzBYcBsNkhjWHfoK7G666yLNsADcViKZiLHvmAvAlgQly+dUq9kO4kiQwyFI+V\nLfR+/TY73yOjk+St3MS78K4rm2ywsAPNOKUnQGcSM+Vw7/n+0z22dKmZqJmu749K\noHvhE2pIlCC/6Xt3Ft8bjlKlo+4tQo1Jtb89YQ6G8nnoFr/HvAwk01qziIvD3TTJ\nM4nhQt5pArW5i/V/7oJ7iUqKPgda2O0tl0Tmen6u/sPWU3F9CuN0I+bZae8d53Zs\nPIfSGFTsfP1ChX2mxeGJ3BR6fVskvWr88lJmILtgFEo+BjvfWT6D25rIuId5ZqKQ\ngU4MnC7JK+PH/jykT+6s21v5JXnQ4M6WvSZK1J4bs0wR0yN3JbB7pki0zlh/2a8J\nFnWBB/gCaBgyGK7CHwncM/cn6NyFUAn3r2SFjElpInGHd7dqvl9dXHJ5YzyHWEbS\nXgHDOWzI8EpfVrhIKak6ZrKEJIvhodyP7qIgBexAU4zA4CdvmuuyiqIzlRawN4J8\nRwwFHRibkIe5q3xFa/QrOuBj5pfUqdBLDkJhLHkYH756m/25Fg9kqB2tou14qDU=\n=Mfyl\n-----END PGP MESSAGE-----\n", - "fp": "CD8CE78CB0B3BDD4" - } - ], - "unencrypted_suffix": "_unencrypted", - "version": "3.8.1" - } -} \ No newline at end of file diff --git a/tf/yukari-cf.tf b/tf/yukari-cf.tf deleted file mode 100644 index e69de29b..00000000