diff --git a/modules/nixos/services/nebula-lighthouse/default.nix b/modules/nixos/services/nebula-lighthouse/default.nix index 5f6ec7a..5a6bbba 100644 --- a/modules/nixos/services/nebula-lighthouse/default.nix +++ b/modules/nixos/services/nebula-lighthouse/default.nix @@ -10,9 +10,9 @@ let name = "nebula-lighthouse"; cfg = config.${namespace}.services.${name}; rootUrl = "https://lighthouse.${namespace}.dev/"; - ca = config.sops.secrets."pi4/nebula/ca-cert".path; - cert = config.sops.secrets."pi4/nebula/lighthouse-cert".path; - key = config.sops.secrets."pi4/nebula/lighthouse-key".path; + ca = config.sops.secrets."pi5/nebula/ca-cert".path; + cert = config.sops.secrets."pi5/nebula/lighthouse-cert".path; + key = config.sops.secrets."pi5/nebula/lighthouse-key".path; nebulaConfig = lib.${namespace}.mkModule { inherit config name; diff --git a/modules/nixos/services/nebula-lighthouse/sops.nix b/modules/nixos/services/nebula-lighthouse/sops.nix index 27e2200..7cd8ea5 100644 --- a/modules/nixos/services/nebula-lighthouse/sops.nix +++ b/modules/nixos/services/nebula-lighthouse/sops.nix @@ -13,28 +13,28 @@ in config = mkIf cfg.enable { sops = { secrets = { - "pi4/nebula/ca-cert" = { - sopsFile = (lib.snowfall.fs.get-file "secrets/pi4-secrets.yaml"); + "pi5/nebula/ca-cert" = { + sopsFile = (lib.snowfall.fs.get-file "secrets/pi5-secrets.yaml"); owner = "nebula-jallen-nebula"; group = "nebula-jallen-nebula"; restartUnits = [ "nebula@jallen-nebula.service" ]; }; - "pi4/nebula/ca-key" = { - sopsFile = (lib.snowfall.fs.get-file "secrets/pi4-secrets.yaml"); + "pi5/nebula/ca-key" = { + sopsFile = (lib.snowfall.fs.get-file "secrets/pi5-secrets.yaml"); owner = "nebula-jallen-nebula"; group = "nebula-jallen-nebula"; restartUnits = [ "nebula@jallen-nebula.service" ]; }; - "pi4/nebula/lighthouse-cert" = { - sopsFile = (lib.snowfall.fs.get-file "secrets/pi4-secrets.yaml"); + "pi5/nebula/lighthouse-cert" = { + sopsFile = (lib.snowfall.fs.get-file "secrets/pi5-secrets.yaml"); owner = "nebula-jallen-nebula"; group = "nebula-jallen-nebula"; restartUnits = [ "nebula@jallen-nebula.service" ]; }; - "pi4/nebula/lighthouse-key" = { - sopsFile = (lib.snowfall.fs.get-file "secrets/pi4-secrets.yaml"); + "pi5/nebula/lighthouse-key" = { + sopsFile = (lib.snowfall.fs.get-file "secrets/pi5-secrets.yaml"); owner = "nebula-jallen-nebula"; group = "nebula-jallen-nebula"; restartUnits = [ "nebula@v-nebula.service" ]; diff --git a/secrets/pi5-secrets.yaml b/secrets/pi5-secrets.yaml index 349bab2..8fd8330 100644 --- a/secrets/pi5-secrets.yaml +++ b/secrets/pi5-secrets.yaml @@ -1,176 +1,181 @@ pi5: - matt-password: ENC[AES256_GCM,data:Cvy8kBR5U/LsiIzSe2elpY8O85hZ2FlQaSI+bp2usuUZjO6hyPsd92DF+YwUICBSRe20jTUZtYHER55CmPraoB4e9vLfeHhltg==,iv:jl2kzly0+ocf8hQInQAXdie4bxfvTR5cJvEUGlw9vUY=,tag:18918GNxaX2D1dXGqKszMw==,type:str] - sys-public-key: ENC[AES256_GCM,data:1e40s/H1W28bNhIIi1Dxl1MILSY/nzre2FTPtFsrMzFXBQBNVFLgfrOhkU7HobM5xkc2p2UC0VmlbhV4zWMmfGHO42dMpqs7QrGh43pDcfxQ8cV8LYoBJ+4=,iv:EkyZNizuMT0KGdqIucCmDTtHNYXQhj1fYsVR/Y3K5wU=,tag:z80I/jRUxKveiy6sRUqkqg==,type:str] - sys-priv-key: ENC[AES256_GCM,data:S9eApbzw7NxBZJZWB0DVvx+/OPK9YS8Zz3V5QtqbbcrDWq+YvcZt7tvZCwfHy3/Kk96G51DYusNLiliTGH5lL84Y7sVM9iyjY1P5KtrSw6wUnaqI7ajhD3Q9TsnFAVfnGrwFtkU7Blua7XX5YPvFo8C1rAYLspidq5CVi1WEg7oOzU+VKqLf4YXJEic9mJER8e9atLoV7Yl6gOgP/vG82VN94f/KPY8Sv1O3STgpjYWo/UoGM9UHwmG5soHdtKuhQntUDjobSiNH+qWsc8DXHddD07S0YHpf27sQD841jyF+jOXqZyNhaciBDUvxLdMcWmL6Z65vr9rtRrUwtpS7EIUammzrk74wGNO1bsRvL5JNixIIoXrFP/zYqnI6hyw1LLvWilmDs+0d+sq3bxrF/zEs9bLEpmHXVtQCPy6Q9vAA18dhz+PYNl03Yn2pVNU+P2O0xYel0J9jhOvhX7vmmphqub60c5bk1UQBHqSRozVLb8k+fr2MR3iCR/xAQw6TUpEDiaWg90O4cQ/Nrto=,iv:IlRpeEcJf0zueXknbWVi56TbVYCAhnZqvMekNfUe5eo=,tag:MST88zgTgvj36FQk9NX1eQ==,type:str] + matt-password: ENC[AES256_GCM,data:Cvy8kBR5U/LsiIzSe2elpY8O85hZ2FlQaSI+bp2usuUZjO6hyPsd92DF+YwUICBSRe20jTUZtYHER55CmPraoB4e9vLfeHhltg==,iv:jl2kzly0+ocf8hQInQAXdie4bxfvTR5cJvEUGlw9vUY=,tag:18918GNxaX2D1dXGqKszMw==,type:str] + sys-public-key: ENC[AES256_GCM,data:1e40s/H1W28bNhIIi1Dxl1MILSY/nzre2FTPtFsrMzFXBQBNVFLgfrOhkU7HobM5xkc2p2UC0VmlbhV4zWMmfGHO42dMpqs7QrGh43pDcfxQ8cV8LYoBJ+4=,iv:EkyZNizuMT0KGdqIucCmDTtHNYXQhj1fYsVR/Y3K5wU=,tag:z80I/jRUxKveiy6sRUqkqg==,type:str] + sys-priv-key: ENC[AES256_GCM,data:S9eApbzw7NxBZJZWB0DVvx+/OPK9YS8Zz3V5QtqbbcrDWq+YvcZt7tvZCwfHy3/Kk96G51DYusNLiliTGH5lL84Y7sVM9iyjY1P5KtrSw6wUnaqI7ajhD3Q9TsnFAVfnGrwFtkU7Blua7XX5YPvFo8C1rAYLspidq5CVi1WEg7oOzU+VKqLf4YXJEic9mJER8e9atLoV7Yl6gOgP/vG82VN94f/KPY8Sv1O3STgpjYWo/UoGM9UHwmG5soHdtKuhQntUDjobSiNH+qWsc8DXHddD07S0YHpf27sQD841jyF+jOXqZyNhaciBDUvxLdMcWmL6Z65vr9rtRrUwtpS7EIUammzrk74wGNO1bsRvL5JNixIIoXrFP/zYqnI6hyw1LLvWilmDs+0d+sq3bxrF/zEs9bLEpmHXVtQCPy6Q9vAA18dhz+PYNl03Yn2pVNU+P2O0xYel0J9jhOvhX7vmmphqub60c5bk1UQBHqSRozVLb8k+fr2MR3iCR/xAQw6TUpEDiaWg90O4cQ/Nrto=,iv:IlRpeEcJf0zueXknbWVi56TbVYCAhnZqvMekNfUe5eo=,tag:MST88zgTgvj36FQk9NX1eQ==,type:str] + nebula: + ca-cert: ENC[AES256_GCM,data:cm5MaIeBh4U3OLSCTE1U3pR2isRXDFR2MLdPOOsBvD9S7lUWPGenbm7KIHBfgfepZo2lh7VzB16eqxjr2HtA+tNDbHenruOJU0XyG5Nalvt919Z1jU4YEGhymUWTmovThisNYQOLQpoqDTrJkfM09r1bKwVteRlap+bOblSbHT9+QAUvbRPamCYP+8GGvfjy4TQQYsnbSv37slccIjuzWVqyLoyC8qIjpRkHviH/GF3JPRu2iNg000CKAqQiYczXp3e8yOyrYahhAPBO7Y77Z6q7vTrLC51TNm7AmNpmF0/jpHTWg5ULbScv4/MbwEzEZNZiYDomHrNqEu231g==,iv:OMWLUOQpv2XyFZleD1pL4h9RxUY1jvDNyTZ4MaHm790=,tag:TzPRZo8q1eEEmPfOT73J7A==,type:str] + ca-key: ENC[AES256_GCM,data:emaObWSaApcNPuRzVRkHMRIz+6zcQ6BZ4hJI4tPCtZzqgNQtg8HNJAT8owdGm44FFDmzlLHuStXZbsY+T/24PViNnvRPOaxJpm/OI1TQEkSYn6JeDGvzbexVifYhzGBOzevEcAe9qTd10AyboY06G7BmvU49OKrXbJdPTk028IL9BKP7g294ujOuq8VEuWQyFKWrtd7rlQbmmPk+OC2Rkb9Kx/MjZqdNRFYcvQic,iv:LN58z6+s+qoJrRFC8v09M1NLrJQYWOlDb7aBlolBcpY=,tag:elzDFxE3NwcbBeXEHXw+sA==,type:str] + lighthouse-cert: ENC[AES256_GCM,data:iFfQzcVNMVStXKPXP9xNeQYM0GCNZMKueLOsJTSO8GdQaxMUtnRqzTgnxxSBfYjRwtlkLm4C2356X+gGMXQ5Oo6TdkshEvJPsvqmMFMwfGwrNnn2eTWnByQZzmppiJwjCQrl8cFjJKtqP2k1YE/s93rKvTTG47yH6vgo9T56R6CLmpCxG8+YY6dDK5X4U6jyQibD9v1uPo9cn53ITbYzgd08KcbKuTG07cv+cNTxRoHvCyAcrDbD3KcEewspM+wKMYTwIVIfZFJC/kcNiNSi3HjBRctMnlGnHx5PxNOsbGKS+wLYWs2TAAXATnpzt7kTvj5fZ3+00qAVlpP8A9MThRRlX1UU7zU73qpzxb+CMFUp/BGWKSOHt/3XiquQ7jq1zvnFzgr088fetHtUg59A+K4tGGuhU/N8ojQ=,iv:sVJIxo7EKIhCAwqtb+jk908H0G9Tra0i9lv04FASI8c=,tag:szr1mCf3eRUfrpVgz73xDQ==,type:str] + lighthouse-key: ENC[AES256_GCM,data:A8ithNl+S4jm94yDeq7ZMsi0+gygWR5wcE7tQWQaxqSgLSGxzH7yVHP/BKlpzOxvIdrCG2orsWLBOqwOAjc8nYX2NqWHJBYod27FZ3eWBcw3jsRigZDzMjLScYosmw3qXLVUBQISSDf2/dhIttelFdOot4z6KANV2ybG4KOiEg==,iv:+TrvHMgF3Q/pPAGlDMLzsiFOG3PzJ4W4J1QQJ7vcYFk=,tag:zP//ogSoNB9gjv57f+hwug==,type:str] sops: - shamir_threshold: 1 - age: - - recipient: age157jemphjzg6zmk373vpccuguyw6e75qnkqmz8pcnn2yue85p939swqqhy0 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBoeFlBZUxzZ3puanBNOGds - S0JZd3lqUWs1NW8wRnZEc1BmYko4S2FkRlhnClMvUUtza0c4RGJRV1RvSnVPRkI2 - WFF0OVRCd1llQjFiaFJOZzU3ZjNBYm8KLS0tIHdtSHZqR1Vob3pYWDhqZWY2ajBR - QWxpUVdNa2ZSaXRBNkplWjRGMzlnSXMKLGA1TA2A7BIwWblG9oscnweA1i+2227r - 4eAJS+vgQCfKG9wv3bG3pWJ+V5FWAw3/+8lKMg5HBP7DnMWuPJFnaQ== - -----END AGE ENCRYPTED FILE----- - - recipient: age13g9a4d4jrvckfddpgn8sm4kjtzajr67le56pfdg78ktr5pd09phq32j89u - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4eTRHWGc0VVhIQjBOTTNZ - NCs1cWNTVnRSK3d5L28zOGg3MDRDVGhKcVc4CnAyZGV0MEkrcjBNVzZROFg5ZDZ4 - NUs1L3ZrUkdkNXVsWmlpTnlzdXB6OUEKLS0tIDhoQlRaSjM5cHdGQzZjWnVqMWVE - NGg1TytBM0pLY2FTUVJyS0RhMXpTUjQKkj0qkNY6jZRda5J14p+metKLQW+NjEsL - hL4j0WJLISlEV2Za8MNI+KYAbSQTS9astgb7R+jnBdV2pUXVYYGI/g== - -----END AGE ENCRYPTED FILE----- - - recipient: age1wpvfpv5n32lruk7c0da4uaeapsmhjxdvg8z4ljehn06l6g2y0e0sum404l - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2a0VaVkVRWDYyeG9sSlor - Y2sxL2lqUTlka1czM3l1MGo5V2NlT0FJS0c4CjRocGhRRzc4RXN0c3VXUUdUV2NG - YVlyYklYQldmcnFHbnFFUHdMN05ITUkKLS0tIHZBZ1l1S0ZVV0ltUWsvUnlqRHVR - aThOMk5RSEdhN2t2UkdyMXZJRllpWHMKwe0OQCq/29SccCH2s/zuAT8UlL2XQbnU - 5Oko5JhP2u4BhqnVlsLbp8GP3D/DsoOfOM2VEn6tSH0dIl/+nyCVCQ== - -----END AGE ENCRYPTED FILE----- - - recipient: age1jv8ap5zwa49ftv0gg7wqf5ps0e68uuwxe2fekjsn0zkyql964unqyc58rf - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBrRnphYlVyNzZNTTZqcStJ - VjJyVFJrTEJjcjArbXVyQzZ3bVVweGxPSFQ0Cks2YVM1V21aZ3NOM202V0s1cThq - YSs0UXA3ZEl4a215NXlMdGNYV1o4dlEKLS0tIHRaUWNvVHVpMXEvS2NxeXBKZkI1 - eTN6a2R0eDd2ZDRMN1dhMmMzRFBTQkEK8IsBpBSGdq4rdye9f36USZhRy6tHTfga - xVVJ2v6AEvE3HXNgeqjsXB3pPdABFSbKhYO8Wr0L898CmH+NwZEbnQ== - -----END AGE ENCRYPTED FILE----- - - recipient: age1pm3fehmmk0vmnrscz9vm96rakn46aaldr5ydpscmde3v9x0k3faswwdzxs - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRTkhCTXVKMnZJbExLMnhW - TFkyU2lPVTZMVWVOYzdjS2hlNGxPTTR2eURrCjJqbXc4Z0kwei8rSktYVkRVT0sz - ejBtYTd4ZnJVQUlraDIyWE84NnV1T2cKLS0tIDV1UWRiYTFCUEJnUVcybU1jcTI2 - N1N6WGRjL0FJUVllMGdNV0M3aDEvUWsKxzSadgpG+jgai9U82I/9zyhyeHTpzgAB - JNlT+5oiS9OhZevNTT/W8AV5ciGvJ4tKYSbx7lei+gLa4aRBlwLx+Q== - -----END AGE ENCRYPTED FILE----- - - recipient: age1mn2afyp9my7y7hcyzum0wdwt49zufnkt8swnyy8pj30cwzs4zvgsthj0lt - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4VXFnazlCYzFvWVNTYUhp - RGtueFIycHljM0JlYzRXRUdZU1FDMVp3b2h3CkVDOEN1UkdBeXkzTVhrSGRBeit0 - VXlvOXhJamV3L1NCWFhXOUZKZ2JrcGcKLS0tIEVHTHpnbmNGcktrN3dOQk9YOHBi - aVhJcTlPN252V29PUys2UThqQnFWK3cK6+Pv0gG/NX7nBs6lf6FcIJtSFWdEM24h - Xk1vbc/FfhTRuIOBnGG7cvDM+2qhZ6S+vzCeq0qO/v8WOKSM8Ar2hQ== - -----END AGE ENCRYPTED FILE----- - - recipient: age1ykkjw57t3z3deup3gtp7dujyaslskn74e0d9hsmqaha2pj3rvazqgndw5a - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4WHpUbk1HNEV0dmhwR1VY - WjVFMkNwRXpxbWFHd0pMK1dvRTNlRDNtRkNvCmxadGhlbHdBT0NOVmpOZW9icklX - UHU4dFRHRDlNZ2pVbDV4NFkrbVU4S2cKLS0tIEZpY3FHakFZUTVTZTdmdldNbG1H - YXppZXJWUm1OVVJybHFoSHhwQnBWNW8KGeK23rfML/CoTVEQSxLVgrnpYki5HOfl - iJzoaqK9uQGUA3Yfo5+CgV2qKD/Ljb4AioVXuWlY++OYif/XpA2W5g== - -----END AGE ENCRYPTED FILE----- - - recipient: age1t2d5scrukk0guva5sr97a8tge5j8kd865adezrcru7p269pzwvpsamkgje - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBlc2tFL1dCV1hQOGkwbWND - Snc5ODNVc21YY3BGbEJ6NFlZc2ZjUVZwdDFrCmxHNFVzWFY4eVJHbGpPOUF3ck1T - NTNZakRjSHhZWjRlZXRnZVp1dnUwZ3cKLS0tIHp2aFlrb3NhWS9qWGE5eXUrMFkw - eWp0NFpWL2Y5MXdYbmJYQ1hMVFJCbEkKiIxwJmRqZ0HyI2REGY9DKjnsl3UZeH39 - T0QX0uw7jo8SKKXbjo4TC1711qK8l1rTFtebFUYhLW/2IN80maYiEg== - -----END AGE ENCRYPTED FILE----- - - recipient: age1c8qw59ffcq9l77gfmtyc3djtvt3md0u6dwhrjcgsm98ntyf72ufqugj7cg - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxM3J1ZnhrKzBzaEZiZlB1 - ZFZJWkR5OTBiN0thTlJ5ekVuRDRpdXF4TUV3Cm9FMlQvWVVBTElwMGRkdi9XaWVV - T053a1I3WHpLVEhEd1VjZmhIWUdSWmcKLS0tIDNzOEk4Q0djWlhZWTR0Q1M3OEh0 - aDNVR0gvM2Z0ckdkSDM0NUNWNjUrS2MK0mfzpqmaLYXy8FKidaxLZ5LKDoYkUIda - YACMo0jdCumR8IET1M9mF9EWowBxQL4K7ilUXfBjr+btiLyKMNzKuQ== - -----END AGE ENCRYPTED FILE----- - - recipient: age1er5qucsc2mugrzrr7n3xhzv7kemkrqrw4m84r544fkk7nkg5g5eswxkqj0 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBbVFWUXphSzhLcFFoc1gx - dW9TRHFYa2dZWmpVeWFZRUhnSUtqUXRUTlZZCkorb290Nk02eFYrc0lyT3pIMGRE - NzNYUFZ6b0VueFd4VlRzK2hwMzF2dlUKLS0tIEUvbzJUQjdxLzZCUTBQK25aU2w3 - OGZDS3dRZTdFT05STjB5eGRMU1U2MmcKfJRdg4iYFBuYLJpJ/rA/55rI/jykZWvH - tir7XwGSvqmhQhiOgcP/OLvYLiP6swEka7beSgc6aWCW+Hmexio5qA== - -----END AGE ENCRYPTED FILE----- - - recipient: age12gu9hqhd56yl5x3t5yenkn9yg57du08h77vzjqsmnu5hdppne38qcur5a0 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVTS9HTmF3WGFqSEhTdlJj - WU9ZMllReHJ6aDhDVUVWRmx4eFc4cElwU3hjCmErOENWOU5FMmY2Slk2aEJxVG5Z - c0tkdXNHaTIzVnpQYlJKZmJqR29FZDAKLS0tIFJRald2b0t2T2JyMFZSSXhxVzVr - QUpDM0NQMDcvNUpvK3g3Q3F3em5sdk0KPG4bdSZ88OWCVGYVfMjKM6X+uiw0CB58 - 6y9ZWPizDr3XKhGL9G60YAQ7rtQ2SJ2Vbn8ES8GkpmABHh1WBprmJQ== - -----END AGE ENCRYPTED FILE----- - - recipient: age1t7378n8kmd3f32fkye2gw3jj6qswv3exjdx0dq8kl0xra3tmcdnsvddq3u - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxWVpoUW1HVHVJWnBpbWFv - M1dTUEFrWlRFUmxxTzltS0piMnMxNDMzbFVRCksyaE5oNExaeDA4SmNlYzhaRkM4 - RDNPeE50VnBoQTBQZTBoMG5jRjE4QXMKLS0tIFBQVTFaME12N1U2M0pvN05yaFJF - V0oyTHZ3R3FkWkN1azh1K0YxU0Q0MUEKXpcgFNSp8qlC6OXhXGCiJDvUoXtqFdK3 - cwl1CQzjKjiFqvT8A1aqFeNvGyvvDTf7gYkdx5rGKJWBRpCOAqTCZw== - -----END AGE ENCRYPTED FILE----- - - recipient: age1yn82e39pxt0d0pgny34ux4lkge4ff7wxvsye8ragvwngehemt4ps27phyw - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSByM1dZNjVVQ2tHeU1CSUNl - YnFnV1VEOGJzaTBLeTFIZFN1VDIrMVFyVEM4CjRJaUhtdUl0bmFkVHZQSm1NMjc4 - Yjh0TzFBUnBLZ3Y3bmtSS2lRbTdXVkEKLS0tIEU0N2k2MmsvU1FIcHAyVHVqcWt6 - WFZRU1lvNEQxTUVvdjRnMEU3VHV4SjAKD49deX8Co7evD+KvuqLrLJ9KIe+QTg2q - tfK14KpjsQv/pV6lBfWeqWDH+FeXajKasxRPEZdP1TwLYjNRJayqoA== - -----END AGE ENCRYPTED FILE----- - - recipient: age102el4snus37dj807rwvsmlvwu2sg2d8rw3vfmtntgczfkz04l9nshetcq0 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBjVS9HUGhMZVhrQTNrbGhQ - OCtlTnQ4OWxvbFl6Vlpwc0NxT014NVVMbGxFCjVhNCt3eDJYd05mVE5xRDEzS25j - eW9EM0JNRkJVc0R4akR2M1ppMUhUT2MKLS0tIDBFSGNlUFNySDc1ZEF5aysxS0Vx - bFhiWllkaE1URkZkejdDS0J0YWdQb3MKb68S32S5ABEaeL/5FZBCrY3a7ysfc+r3 - +SaJCNBzpTuZ6EaDrjCsUUI/NcsqQ2QpUD/J1o77oFSFwn9nGe1mew== - -----END AGE ENCRYPTED FILE----- - - recipient: age1n5frpwgvps7c2348ynu9g7g47kqar4srdplw5kkcyn4x80eqzetqw3ej2m - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBaZ21wTlVxWGdqNVZlZFRw - S0FNc1NhTU1FVU1NZ2hya2FnbmJUU0JJR1U0CjRvbnBvZ25sUjlJZ21DV29jbGVm - OHk0S0FLM2dTQTd5SUk0WUFOcDMxOEUKLS0tIEZ5R0l5WG5LM3hodTlhdkpZNHdU - NTVQZjFnT3lxckYyTDBGNS9WM1ZpYkEK7S+pqlzVVbvTWM5wYh9nNwQXgyREcfno - HUC8kxyRiTnR5DAYt8jeBvYxJ2Ex2HvLmBAwyrEeqvUxMgADmXKMyg== - -----END AGE ENCRYPTED FILE----- - - recipient: age1lvks0rdf743cn9rvvx90mzu3mjldydlzslpmv9608wn4j0m8u3xsmu7yew - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBUNmZwR1MzN0xRWjdXbVlD - THE0LytxWDFCZ0svUXRIYllRT0V0em1PZzNZCmFtaVljNnJFR05qR2tiN2l4NFRt - S1JyRnlRTHZNdUlFWjFTUEpIWUhFZkEKLS0tIGoxSytIaGJWL2U5alNiWDl0SlMy - NVBTU05NOWg3SERoTnIrWXAxRWphVHMKKDbI2ijKIZq2wSXkOFILxWzeWCHgm84d - UjKMORr0FZRSNNrj3l+jsvIG3SWeAaHq2ds3Mov9MvI/u5eV2rzRRA== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-05-29T02:27:06Z" - mac: ENC[AES256_GCM,data:BBDriz26Gg0UqBq7yKpwJr8CswSDeNNLtVgnRHN4delwG8Yzf3T3Vd/fpeHHAFyvJHf2iX/sS0zMSzbPjVjWSPVdkR0hrnBK7Z1DsLDJhB/E0np5Pt42MaIxXHTqXzoi6M+8S/owQ3c3fJH9hQPbf1AP2UMjx0Udm/dnVwX6Bpk=,iv:7ib65GkpgI4FwLrK6hThsbWjRxePPEPOylQsqObGXsA=,tag:YAVITy8WwHgrSVOg8Yn0zg==,type:str] - pgp: - - created_at: "2026-02-06T15:34:32Z" - enc: |- - -----BEGIN PGP MESSAGE----- + shamir_threshold: 1 + age: + - recipient: age157jemphjzg6zmk373vpccuguyw6e75qnkqmz8pcnn2yue85p939swqqhy0 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBoeFlBZUxzZ3puanBNOGds + S0JZd3lqUWs1NW8wRnZEc1BmYko4S2FkRlhnClMvUUtza0c4RGJRV1RvSnVPRkI2 + WFF0OVRCd1llQjFiaFJOZzU3ZjNBYm8KLS0tIHdtSHZqR1Vob3pYWDhqZWY2ajBR + QWxpUVdNa2ZSaXRBNkplWjRGMzlnSXMKLGA1TA2A7BIwWblG9oscnweA1i+2227r + 4eAJS+vgQCfKG9wv3bG3pWJ+V5FWAw3/+8lKMg5HBP7DnMWuPJFnaQ== + -----END AGE ENCRYPTED FILE----- + - recipient: age13g9a4d4jrvckfddpgn8sm4kjtzajr67le56pfdg78ktr5pd09phq32j89u + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4eTRHWGc0VVhIQjBOTTNZ + NCs1cWNTVnRSK3d5L28zOGg3MDRDVGhKcVc4CnAyZGV0MEkrcjBNVzZROFg5ZDZ4 + NUs1L3ZrUkdkNXVsWmlpTnlzdXB6OUEKLS0tIDhoQlRaSjM5cHdGQzZjWnVqMWVE + NGg1TytBM0pLY2FTUVJyS0RhMXpTUjQKkj0qkNY6jZRda5J14p+metKLQW+NjEsL + hL4j0WJLISlEV2Za8MNI+KYAbSQTS9astgb7R+jnBdV2pUXVYYGI/g== + -----END AGE ENCRYPTED FILE----- + - recipient: age1wpvfpv5n32lruk7c0da4uaeapsmhjxdvg8z4ljehn06l6g2y0e0sum404l + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2a0VaVkVRWDYyeG9sSlor + Y2sxL2lqUTlka1czM3l1MGo5V2NlT0FJS0c4CjRocGhRRzc4RXN0c3VXUUdUV2NG + YVlyYklYQldmcnFHbnFFUHdMN05ITUkKLS0tIHZBZ1l1S0ZVV0ltUWsvUnlqRHVR + aThOMk5RSEdhN2t2UkdyMXZJRllpWHMKwe0OQCq/29SccCH2s/zuAT8UlL2XQbnU + 5Oko5JhP2u4BhqnVlsLbp8GP3D/DsoOfOM2VEn6tSH0dIl/+nyCVCQ== + -----END AGE ENCRYPTED FILE----- + - recipient: age1jv8ap5zwa49ftv0gg7wqf5ps0e68uuwxe2fekjsn0zkyql964unqyc58rf + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBrRnphYlVyNzZNTTZqcStJ + VjJyVFJrTEJjcjArbXVyQzZ3bVVweGxPSFQ0Cks2YVM1V21aZ3NOM202V0s1cThq + YSs0UXA3ZEl4a215NXlMdGNYV1o4dlEKLS0tIHRaUWNvVHVpMXEvS2NxeXBKZkI1 + eTN6a2R0eDd2ZDRMN1dhMmMzRFBTQkEK8IsBpBSGdq4rdye9f36USZhRy6tHTfga + xVVJ2v6AEvE3HXNgeqjsXB3pPdABFSbKhYO8Wr0L898CmH+NwZEbnQ== + -----END AGE ENCRYPTED FILE----- + - recipient: age1pm3fehmmk0vmnrscz9vm96rakn46aaldr5ydpscmde3v9x0k3faswwdzxs + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRTkhCTXVKMnZJbExLMnhW + TFkyU2lPVTZMVWVOYzdjS2hlNGxPTTR2eURrCjJqbXc4Z0kwei8rSktYVkRVT0sz + ejBtYTd4ZnJVQUlraDIyWE84NnV1T2cKLS0tIDV1UWRiYTFCUEJnUVcybU1jcTI2 + N1N6WGRjL0FJUVllMGdNV0M3aDEvUWsKxzSadgpG+jgai9U82I/9zyhyeHTpzgAB + JNlT+5oiS9OhZevNTT/W8AV5ciGvJ4tKYSbx7lei+gLa4aRBlwLx+Q== + -----END AGE ENCRYPTED FILE----- + - recipient: age1mn2afyp9my7y7hcyzum0wdwt49zufnkt8swnyy8pj30cwzs4zvgsthj0lt + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4VXFnazlCYzFvWVNTYUhp + RGtueFIycHljM0JlYzRXRUdZU1FDMVp3b2h3CkVDOEN1UkdBeXkzTVhrSGRBeit0 + VXlvOXhJamV3L1NCWFhXOUZKZ2JrcGcKLS0tIEVHTHpnbmNGcktrN3dOQk9YOHBi + aVhJcTlPN252V29PUys2UThqQnFWK3cK6+Pv0gG/NX7nBs6lf6FcIJtSFWdEM24h + Xk1vbc/FfhTRuIOBnGG7cvDM+2qhZ6S+vzCeq0qO/v8WOKSM8Ar2hQ== + -----END AGE ENCRYPTED FILE----- + - recipient: age1ykkjw57t3z3deup3gtp7dujyaslskn74e0d9hsmqaha2pj3rvazqgndw5a + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4WHpUbk1HNEV0dmhwR1VY + WjVFMkNwRXpxbWFHd0pMK1dvRTNlRDNtRkNvCmxadGhlbHdBT0NOVmpOZW9icklX + UHU4dFRHRDlNZ2pVbDV4NFkrbVU4S2cKLS0tIEZpY3FHakFZUTVTZTdmdldNbG1H + YXppZXJWUm1OVVJybHFoSHhwQnBWNW8KGeK23rfML/CoTVEQSxLVgrnpYki5HOfl + iJzoaqK9uQGUA3Yfo5+CgV2qKD/Ljb4AioVXuWlY++OYif/XpA2W5g== + -----END AGE ENCRYPTED FILE----- + - recipient: age1t2d5scrukk0guva5sr97a8tge5j8kd865adezrcru7p269pzwvpsamkgje + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBlc2tFL1dCV1hQOGkwbWND + Snc5ODNVc21YY3BGbEJ6NFlZc2ZjUVZwdDFrCmxHNFVzWFY4eVJHbGpPOUF3ck1T + NTNZakRjSHhZWjRlZXRnZVp1dnUwZ3cKLS0tIHp2aFlrb3NhWS9qWGE5eXUrMFkw + eWp0NFpWL2Y5MXdYbmJYQ1hMVFJCbEkKiIxwJmRqZ0HyI2REGY9DKjnsl3UZeH39 + T0QX0uw7jo8SKKXbjo4TC1711qK8l1rTFtebFUYhLW/2IN80maYiEg== + -----END AGE ENCRYPTED FILE----- + - recipient: age1c8qw59ffcq9l77gfmtyc3djtvt3md0u6dwhrjcgsm98ntyf72ufqugj7cg + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxM3J1ZnhrKzBzaEZiZlB1 + ZFZJWkR5OTBiN0thTlJ5ekVuRDRpdXF4TUV3Cm9FMlQvWVVBTElwMGRkdi9XaWVV + T053a1I3WHpLVEhEd1VjZmhIWUdSWmcKLS0tIDNzOEk4Q0djWlhZWTR0Q1M3OEh0 + aDNVR0gvM2Z0ckdkSDM0NUNWNjUrS2MK0mfzpqmaLYXy8FKidaxLZ5LKDoYkUIda + YACMo0jdCumR8IET1M9mF9EWowBxQL4K7ilUXfBjr+btiLyKMNzKuQ== + -----END AGE ENCRYPTED FILE----- + - recipient: age1er5qucsc2mugrzrr7n3xhzv7kemkrqrw4m84r544fkk7nkg5g5eswxkqj0 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBbVFWUXphSzhLcFFoc1gx + dW9TRHFYa2dZWmpVeWFZRUhnSUtqUXRUTlZZCkorb290Nk02eFYrc0lyT3pIMGRE + NzNYUFZ6b0VueFd4VlRzK2hwMzF2dlUKLS0tIEUvbzJUQjdxLzZCUTBQK25aU2w3 + OGZDS3dRZTdFT05STjB5eGRMU1U2MmcKfJRdg4iYFBuYLJpJ/rA/55rI/jykZWvH + tir7XwGSvqmhQhiOgcP/OLvYLiP6swEka7beSgc6aWCW+Hmexio5qA== + -----END AGE ENCRYPTED FILE----- + - recipient: age12gu9hqhd56yl5x3t5yenkn9yg57du08h77vzjqsmnu5hdppne38qcur5a0 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVTS9HTmF3WGFqSEhTdlJj + WU9ZMllReHJ6aDhDVUVWRmx4eFc4cElwU3hjCmErOENWOU5FMmY2Slk2aEJxVG5Z + c0tkdXNHaTIzVnpQYlJKZmJqR29FZDAKLS0tIFJRald2b0t2T2JyMFZSSXhxVzVr + QUpDM0NQMDcvNUpvK3g3Q3F3em5sdk0KPG4bdSZ88OWCVGYVfMjKM6X+uiw0CB58 + 6y9ZWPizDr3XKhGL9G60YAQ7rtQ2SJ2Vbn8ES8GkpmABHh1WBprmJQ== + -----END AGE ENCRYPTED FILE----- + - recipient: age1t7378n8kmd3f32fkye2gw3jj6qswv3exjdx0dq8kl0xra3tmcdnsvddq3u + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxWVpoUW1HVHVJWnBpbWFv + M1dTUEFrWlRFUmxxTzltS0piMnMxNDMzbFVRCksyaE5oNExaeDA4SmNlYzhaRkM4 + RDNPeE50VnBoQTBQZTBoMG5jRjE4QXMKLS0tIFBQVTFaME12N1U2M0pvN05yaFJF + V0oyTHZ3R3FkWkN1azh1K0YxU0Q0MUEKXpcgFNSp8qlC6OXhXGCiJDvUoXtqFdK3 + cwl1CQzjKjiFqvT8A1aqFeNvGyvvDTf7gYkdx5rGKJWBRpCOAqTCZw== + -----END AGE ENCRYPTED FILE----- + - recipient: age1yn82e39pxt0d0pgny34ux4lkge4ff7wxvsye8ragvwngehemt4ps27phyw + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSByM1dZNjVVQ2tHeU1CSUNl + YnFnV1VEOGJzaTBLeTFIZFN1VDIrMVFyVEM4CjRJaUhtdUl0bmFkVHZQSm1NMjc4 + Yjh0TzFBUnBLZ3Y3bmtSS2lRbTdXVkEKLS0tIEU0N2k2MmsvU1FIcHAyVHVqcWt6 + WFZRU1lvNEQxTUVvdjRnMEU3VHV4SjAKD49deX8Co7evD+KvuqLrLJ9KIe+QTg2q + tfK14KpjsQv/pV6lBfWeqWDH+FeXajKasxRPEZdP1TwLYjNRJayqoA== + -----END AGE ENCRYPTED FILE----- + - recipient: age102el4snus37dj807rwvsmlvwu2sg2d8rw3vfmtntgczfkz04l9nshetcq0 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBjVS9HUGhMZVhrQTNrbGhQ + OCtlTnQ4OWxvbFl6Vlpwc0NxT014NVVMbGxFCjVhNCt3eDJYd05mVE5xRDEzS25j + eW9EM0JNRkJVc0R4akR2M1ppMUhUT2MKLS0tIDBFSGNlUFNySDc1ZEF5aysxS0Vx + bFhiWllkaE1URkZkejdDS0J0YWdQb3MKb68S32S5ABEaeL/5FZBCrY3a7ysfc+r3 + +SaJCNBzpTuZ6EaDrjCsUUI/NcsqQ2QpUD/J1o77oFSFwn9nGe1mew== + -----END AGE ENCRYPTED FILE----- + - recipient: age1n5frpwgvps7c2348ynu9g7g47kqar4srdplw5kkcyn4x80eqzetqw3ej2m + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBaZ21wTlVxWGdqNVZlZFRw + S0FNc1NhTU1FVU1NZ2hya2FnbmJUU0JJR1U0CjRvbnBvZ25sUjlJZ21DV29jbGVm + OHk0S0FLM2dTQTd5SUk0WUFOcDMxOEUKLS0tIEZ5R0l5WG5LM3hodTlhdkpZNHdU + NTVQZjFnT3lxckYyTDBGNS9WM1ZpYkEK7S+pqlzVVbvTWM5wYh9nNwQXgyREcfno + HUC8kxyRiTnR5DAYt8jeBvYxJ2Ex2HvLmBAwyrEeqvUxMgADmXKMyg== + -----END AGE ENCRYPTED FILE----- + - recipient: age1lvks0rdf743cn9rvvx90mzu3mjldydlzslpmv9608wn4j0m8u3xsmu7yew + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBUNmZwR1MzN0xRWjdXbVlD + THE0LytxWDFCZ0svUXRIYllRT0V0em1PZzNZCmFtaVljNnJFR05qR2tiN2l4NFRt + S1JyRnlRTHZNdUlFWjFTUEpIWUhFZkEKLS0tIGoxSytIaGJWL2U5alNiWDl0SlMy + NVBTU05NOWg3SERoTnIrWXAxRWphVHMKKDbI2ijKIZq2wSXkOFILxWzeWCHgm84d + UjKMORr0FZRSNNrj3l+jsvIG3SWeAaHq2ds3Mov9MvI/u5eV2rzRRA== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2026-02-13T21:11:50Z" + mac: ENC[AES256_GCM,data:ww1TS4WkOQc7nPOJkqCvJAOo4z4dTXF7UeIxiXILbgwOxuAH3p40m2Uuut9zRpmqgFEL1WslHr4N7eRg+ITe/A1WmaGM3xOr4oaVUQzjbC+O5rcK3R1EeIMCIIKp1Af/FciqaMDelcdKPZitlKUHTTxJMf4Oz21ffFkQ2iZeXW0=,iv:69m9NqE3CjBC/l/ntQwV8hJao4krsaqQbDYRS+Cdp9U=,tag:mY7p+NHVbI3JcXaXair+pA==,type:str] + pgp: + - created_at: "2026-02-06T15:34:32Z" + enc: |- + -----BEGIN PGP MESSAGE----- - hQIMA0B7mmjbybiOAQ//dU5JibNkS8D2wW2J1h5rxkuo9SVvfXUsIT1E9WvzGutM - dm1hBSYA9Ss02i+J7L/pX63KBT8bN8mDfW+t6/9M49RsxlPX0D2hIRCQCMDClsdj - 3vaNw4D7393XZ+w868IdB6Q1XIvtw6lLzldvycUUayOUo15IzgOvmzGYPVe+zoQR - EfK8pNMuf4zgnXFQLZBTKBKhgMdwXLLakfJfIY3whFeKRwiB/YY+g2JTEY394lMz - S3N0kzE4p+124QE2lxka8gC0mx6tYcfwNfZeyXgz0VHnalMISaj4SJUlH3w7czsJ - aKc9CHb83msEf2FJic4Hlx09KEUxa9xu6hbZb6wxWim0WzfTtJeSskA9Lc5C/CwP - 130eyersR2pMiP+vEC9XLmrAAOAm2o63nEwwjamILSHiTYF9oB6rTd2cKkDCMrdu - C44SB9ltYeCXdHJedikEGKvkOfAvU1bhBPdmg7/lOEh+WvddFt3vWkrlt/we+bFk - +1r8L1xS3BvwZx5RK3E+1rHn0K3SZi7fPGHfb4jztkGCjnDXYczQMSB/E6J7GyUv - 61FlF1TKP0RPfszoXmoe65XwxazMnB3aDLlw0uoTW0jj7xXIlNO/eIYw77jo/GH7 - 0zRxwHGPX9Elfvva+bnC5pXDgY1BSWietI1IfO2HMMA5C5yNa5LUoqXE49Cgu5zS - XgH4oOJTmQmKg6WaivhZDEIoTkxp+h1A9qUpcNxxvtE04Ggfh2JKNTy3pasANG1B - zV3fa5UXHdCLdlCE42xc5rnm3os6+QQxk421Ew6HF5Y7Kjuekmih8lRfgk7JK7I= - =lm9B - -----END PGP MESSAGE----- - fp: CBCB9B18A6B8930B0B6ABFD1CCB8CBEB30633684 - unencrypted_suffix: _unencrypted - version: 3.10.2 + hQIMA0B7mmjbybiOAQ//dU5JibNkS8D2wW2J1h5rxkuo9SVvfXUsIT1E9WvzGutM + dm1hBSYA9Ss02i+J7L/pX63KBT8bN8mDfW+t6/9M49RsxlPX0D2hIRCQCMDClsdj + 3vaNw4D7393XZ+w868IdB6Q1XIvtw6lLzldvycUUayOUo15IzgOvmzGYPVe+zoQR + EfK8pNMuf4zgnXFQLZBTKBKhgMdwXLLakfJfIY3whFeKRwiB/YY+g2JTEY394lMz + S3N0kzE4p+124QE2lxka8gC0mx6tYcfwNfZeyXgz0VHnalMISaj4SJUlH3w7czsJ + aKc9CHb83msEf2FJic4Hlx09KEUxa9xu6hbZb6wxWim0WzfTtJeSskA9Lc5C/CwP + 130eyersR2pMiP+vEC9XLmrAAOAm2o63nEwwjamILSHiTYF9oB6rTd2cKkDCMrdu + C44SB9ltYeCXdHJedikEGKvkOfAvU1bhBPdmg7/lOEh+WvddFt3vWkrlt/we+bFk + +1r8L1xS3BvwZx5RK3E+1rHn0K3SZi7fPGHfb4jztkGCjnDXYczQMSB/E6J7GyUv + 61FlF1TKP0RPfszoXmoe65XwxazMnB3aDLlw0uoTW0jj7xXIlNO/eIYw77jo/GH7 + 0zRxwHGPX9Elfvva+bnC5pXDgY1BSWietI1IfO2HMMA5C5yNa5LUoqXE49Cgu5zS + XgH4oOJTmQmKg6WaivhZDEIoTkxp+h1A9qUpcNxxvtE04Ggfh2JKNTy3pasANG1B + zV3fa5UXHdCLdlCE42xc5rnm3os6+QQxk421Ew6HF5Y7Kjuekmih8lRfgk7JK7I= + =lm9B + -----END PGP MESSAGE----- + fp: CBCB9B18A6B8930B0B6ABFD1CCB8CBEB30633684 + unencrypted_suffix: _unencrypted + version: 3.11.0 diff --git a/systems/aarch64-linux/pi5/adguard.nix b/systems/aarch64-linux/pi5/adguard.nix new file mode 100644 index 0000000..c731b4f --- /dev/null +++ b/systems/aarch64-linux/pi5/adguard.nix @@ -0,0 +1,58 @@ +{ lib, ... }: +{ + services.resolved.enable = lib.mkForce false; + services.adguardhome = { + enable = true; + openFirewall = true; + allowDHCP = true; + mutableSettings = true; + settings = { + http.address = "0.0.0.0:0"; + users = [ + { + name = "mjallen"; + password = "$2a$10$G07P7V1EnBQxWtMNGyfgTOTpAgr4d.uqYoG.cGSFCv9jQdiYWCsfq"; + } + ]; + dns = { + upstream_dns = [ + "https://dns10.quad9.net/dns-query" + "1.1.1.1" + "8.8.8.8" + ]; + bootstrap_dns = [ + "9.9.9.10" + "149.112.112.10" + "2620:fe::10" + "2620:fe::fe:10" + ]; + upstream_mode = "load_balance"; + trusted_proxies = [ + "127.0.0.0/8" + "::1/128" + "10.0.1.3" + ]; + cache_optimistic = true; + }; + dhcp = { + enabled = false; + interface_name = "end0"; + local_domain_name = "lan"; + dhcpv4 = { + gateway_ip = "10.0.1.1"; + subnet_mask = "255.255.255.0"; + range_start = "10.0.1.100"; + range_end = "10.0.1.254"; + lease_duration = 86400; + icmp_timeout_msec = 1000; + }; + dhcpv6 = { + range_start = "2001::1"; + lease_duration = 86400; + ra_slaac_only = false; + ra_allow_slaac = false; + }; + }; + }; + }; +} diff --git a/systems/aarch64-linux/pi5/default.nix b/systems/aarch64-linux/pi5/default.nix index 755fadd..6c1ff86 100644 --- a/systems/aarch64-linux/pi5/default.nix +++ b/systems/aarch64-linux/pi5/default.nix @@ -8,6 +8,7 @@ }: { imports = [ + ./adguard.nix ./boot.nix ./sops.nix ]; @@ -99,7 +100,12 @@ # # Services # # # ################################################### - services.home-assistant.enable = false; + services = { + nebula-lighthouse = { + enable = true; + port = 4242; + }; + }; # ################################################### # # Network # # @@ -109,7 +115,7 @@ hostName = "pi5"; ipv4 = { method = "manual"; - address = "10.0.1.5/24"; + address = "10.0.1.2/24"; gateway = "10.0.1.1"; dns = "1.1.1.1"; interface = "end0";