From f8560764527494a31bd61233e8003483aa909be7 Mon Sep 17 00:00:00 2001 From: mjallen18 Date: Mon, 2 Feb 2026 18:14:57 -0600 Subject: [PATCH] stuffs --- lib/module/default.nix | 12 +- modules/nixos/services/arrs/default.nix | 65 +++- secrets/secrets.yaml | 8 +- systems/x86_64-linux/jallen-nas/apps.nix | 5 +- systems/x86_64-linux/jallen-nas/default.nix | 1 + systems/x86_64-linux/jallen-nas/services.nix | 9 +- systems/x86_64-linux/jallen-nas/vpn.nix | 293 +++++++++++++++++++ 7 files changed, 378 insertions(+), 15 deletions(-) create mode 100644 systems/x86_64-linux/jallen-nas/vpn.nix diff --git a/lib/module/default.nix b/lib/module/default.nix index 3dfb596..757bcd3 100644 --- a/lib/module/default.nix +++ b/lib/module/default.nix @@ -69,10 +69,18 @@ rec { }; systemd.services.${serviceName} = { - requires = [ "media-nas-main.mount" ]; + requires = [ + "media-nas-main.mount" + # "openvpn-us.protonvpn.udp.service" + ]; after = lib.mkForce [ "media-nas-main.mount" + # "openvpn-us.protonvpn.udp.service" ]; + # serviceConfig = { + # NetworkNamespacePath = lib.mkIf cfg.enableVpn "/run/netns/vpn"; + # # Consider also setting DNS *inside* the netns (see note below). + # }; }; services = { @@ -129,6 +137,8 @@ rec { openFirewall = mkBoolOpt true "Open the firewall"; + enableVpn = mkBoolOpt true "Enable routing through VPN"; + redis = { enable = lib.mkEnableOption "enable redis"; diff --git a/modules/nixos/services/arrs/default.nix b/modules/nixos/services/arrs/default.nix index 31d836c..8c4d8ed 100644 --- a/modules/nixos/services/arrs/default.nix +++ b/modules/nixos/services/arrs/default.nix @@ -41,15 +41,14 @@ let group = "jallen-nas"; restartUnits = [ "sabnzbd.service" ]; content = '' - misc.password=${config.sops.placeholder."jallen-nas/sabnzbd/password"} - misc.api_key=${config.sops.placeholder."jallen-nas/sabnzbd/api-key"} - misc.nzb_key=${config.sops.placeholder."jallen-nas/sabnzbd/nzb-key"} - servers."news.newsgroupdirect.com".username=${ - config.sops.placeholder."jallen-nas/sabnzbd/server/username" - } - servers."news.newsgroupdirect.com".password=${ - config.sops.placeholder."jallen-nas/sabnzbd/server/password" - } + [misc] + password = ${config.sops.placeholder."jallen-nas/sabnzbd/password"} + api_key = ${config.sops.placeholder."jallen-nas/sabnzbd/api-key"} + nzb_key = ${config.sops.placeholder."jallen-nas/sabnzbd/nzb-key"} + [servers] + [[news.newsgroupdirect.com]] + username = ${config.sops.placeholder."jallen-nas/sabnzbd/server/username"} + password = ${config.sops.placeholder."jallen-nas/sabnzbd/server/password"} ''; }; }; @@ -89,6 +88,7 @@ let cache_limit = "10G"; download_dir = "${cfg.configDir}/downloads"; complete_dir = "${cfg.configDir}/incomplete"; + username = "admin"; }; servers = { "news.newsgroupdirect.com" = { @@ -112,6 +112,53 @@ let notes = ""; }; }; + categories = { + "*" = { + name = "*"; + order = 0; + pp = 3; + script = "None"; + dir = ""; + newzbin = ""; + priority = 0; + }; + audio = { + name = "audio"; + order = 3; + pp = ""; + script = "Default"; + dir = ""; + newzbin = ""; + priority = -100; + }; + software = { + name = "software"; + order = 4; + pp = ""; + script = "Default"; + dir = ""; + newzbin = ""; + priority = -100; + }; + "movies" = { + name = "movies"; + order = 5; + pp = ""; + script = "Default"; + dir = ""; + newzbin = ""; + priority = -100; + }; + "tv" = { + name = "tv"; + order = 6; + pp = ""; + script = "Default"; + dir = ""; + newzbin = ""; + priority = -100; + }; + }; }; }; diff --git a/secrets/secrets.yaml b/secrets/secrets.yaml index c55f9ab..0dc64f4 100755 --- a/secrets/secrets.yaml +++ b/secrets/secrets.yaml @@ -4,6 +4,9 @@ matt_password: ENC[AES256_GCM,data:/8utn5xMoWIxXitfg2kFZCQwbqqn6rH7Pt5KYeTyGintj admin_password: ENC[AES256_GCM,data:aGyn1Tm+2ld3BqXN3U1RQkew13Ln0Y3+xYiIUjErmq8Y/AkR65bhEHpVKx6lT2AZNG7bTPM0QTGd5vloD4QdrtAMv5eye6GFHg==,iv:EYLqDoqK/4tzdg+YTywpeCg0kullQEyD6mKTJMTXYB4=,tag:GJnZqZj2Lnx4YoQ+ApUBBw==,type:str] github-token: ENC[AES256_GCM,data:FAuwS/j5kd/NvOVdwa+ROWgMZCjyOjDbIMoU11KkaUOVhnztZyLGCA==,iv:+EvAvf7cUpljLHaxVkBRloZsAYcKjceJHinUU47PCRI=,tag:p0irO6vnt5nr4sZIq9B8gA==,type:str] disk-key: ENC[AES256_GCM,data:cJdjG1gWYT4V0idae0nZl0j9FoEQuMW5PhQer2s8t4piv2mE8XM64W92MJyhi2aNtZ3cJ9h5PSW49zLeUWXIPGJNAvwRyWVc0O+T96jlZqtFlYBYLVh4tXdpXmxvq7IhB+sR2rY7qpcJEtCyUR8Mc7uzPZLQhuicwOjYuThhMdq73v3Re4taiL358U4DsLGhaQaGVoZ/RVRqT40F0ByxZto+JbwFGJBjQJlBhxE0b5pge93hQJcyY0LiI0Ctkv43gR5pnkHpXlM5TqZvzJLQVkG+N9IaRg0fPBnTyR8IaTi6ZAqBTY9byMPbfRsMgwY/FdGCkBguLNBt8a8P4TzzKo8CwcBcSOcCMKh+tzBwIAOxFb3H6lgLiKutA5wxgOrJ1tADvPxjEOjPx3zXVZA1jzsqtH4p6s5XDKJVhSoT08gI6DN7ILhBG9v8+NDeBj8ENFkMxDnbFrEyBt2j1fwq5s2/SmioN407KVi8Jd7SqQBEcp2WHFkrc95nJTyDer0J34jVUPVtVaqmLAPlzKWr9VZyrDJbl4stwz/pjstxtDfx4urxNYn6fhs3vigU6JFrE3sVN4MMosgvDxyqiMM44Qc6V6XO1GDJxKUo9kP8CGNvLpsMZSY9ZSjQaxMUNqXfySCry3AsOZolo6XUtbEk3YGGVAiJoiUE9aogdh++zRVYi+s2pzwf8BYGK2OB+C8ojSTRtcjsTCacWlV4cCnkpC5hpQ7KBycg8hYEm3bTjMuKcqsSTl8TUgwk4gq2cq2ZqvTWE7AHcgLGiFcT4/vm05rdS8j+nq5XprBUAwcvhR+wHtgU/HcJr939hp/45ZVI5a2DtcbhFOnrX+W/TZsUHdw+pxzau4JUfMI5COc3ntD0IOwP8c/dH+DOYeI6KToV8judUnIyMKnJrXBRpGoLa9kmbslUpw2oZSnQo1jBB1rQqLiQmbjA3nybAunmgrnaMtZcZZBX,iv:Y2rQMzIP4iA4YTRReMhIaG6aKTnlQjBl/eVdxg9gipM=,tag:m9KlqWLIxQ5065DBB8u0rw==,type:str] +protonvpn: + username: ENC[AES256_GCM,data:8jTLeHnmKzWIk7G2Q9m1kQ==,iv:FYuHAN3s/0DL/N3uQMeMCOW+SRmN9Mhx7ygMcWqBjMc=,tag:NXPYwxuSJxMm5rAE0mAgJg==,type:str] + password: ENC[AES256_GCM,data:doniXa2cguAyhhCS+VX/w2BgIUYAaNgbj1mNP2HlvHU=,iv:ds9jHnzvwXTWdCZbkRMrNpVN7kdIvNDtuyRUyf59sgw=,tag:tlGG4ixZkPofq0CjExOuTQ==,type:str] age-keys-private: matt-desktop-nix: ENC[AES256_GCM,data:7/UO2Oq096iJHSpwA2cflRoiPWrKFJA2RhcuH0bJKM/MO15GbW1VktPZieEVrj+3KTYnhrWr5mEHx+uekhyL2W98SO0JkIJ/c24=,iv:w9lt2rQzkys2HSR8ls4RKJlkNsAb61a+6eB/joKDEtQ=,tag:OYkFVP9HGHumE/3PUP64PA==,type:str] admin-jallen-nas: ENC[AES256_GCM,data:lKXCpyB0+wViUYsJgxxe7a4dD24a80xe1XEfvVLoazEb/qmoUClhXU4FI1o8ATvpND4XG/vlq8IsZ3V3Yr2FQSOQTrUxs+Yz1po=,iv:Po0jpfoHNMu4s6EePwD20Kc0HQhnY+YKnwovkqCzviI=,tag:0YHI6cNWV21OH2gMOX/Gmw==,type:str] @@ -184,13 +187,12 @@ sops: ZjkrUTNlbE1xTmkxVU5MbGdrYkNaNzgKrwOW1hTCSDU8Lp/zwbWBH8GoMnvCgOiQ 9nf/MXoKp+CYUHcocBQ2+0R7MF8DABSEss+QG1QH4a7NlNzPjQmg7g== -----END AGE ENCRYPTED FILE----- - lastmodified: "2026-02-02T15:37:01Z" - mac: ENC[AES256_GCM,data:GL0s9MHOEBV7a/l6XlaSKU5g/urU4NrqC4SGZ9anClF0SsKTUS18swrJWSu9tnPVQCiBLOD9wiHHV6MLwrlVZIVKz52T2HcvNSK4dgJ+l3yXL8mnrkditJqWC6AHMm0+93rcjqV0SMda+5mTDDivYmgxQcYdSbWyA0DPi9FvYY0=,iv:GLb5E6Cq01O74sJSOTKZuNxRlHFKwqN47zBkh6bD8Fs=,tag:g3oyWOSdo2RwMo+JtND/vQ==,type:str] + lastmodified: "2026-02-02T18:27:08Z" + mac: ENC[AES256_GCM,data:sCkDAMOcvAUP2R18NELt461JnQASi4hajncoN9GWG88zk3pfmOfq53YP7B7QOv1ZqsBWSwiywjfIZX6TBXkUqJI8fQMnO5HHFhSvrjJMKXQ2pQaMy/o+f05kq6Wim77CGziq9A3uRsLw0dzwwZRrCvd9W2sp6Zg/vR71KksOI8c=,iv:mIx/I19TwPsmP8XMMe+pyQTMmDsxLBW0lVTFAjQT56E=,tag:aOaDOQRrvaEa2vzjitZpRg==,type:str] pgp: - created_at: "2026-01-27T18:43:55Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMA0B7mmjbybiOAQ/9GWu9gw7H/3aIR/jGNqW/HMkc+J2a5V49jllrePxbnYUh 8XazYSoiaWxhrnBBvKq44/h5r7lMKaJ4U+FnU2LBwFZLqcGUuQ5J2XxMV5I/1VcC bR8Oj4+RGahtWH0dd4rkT2PAsCdPoxI49BdGj9pJ+u+JcvZSWptrmzMdB/wkF/MX diff --git a/systems/x86_64-linux/jallen-nas/apps.nix b/systems/x86_64-linux/jallen-nas/apps.nix index d3c9dad..0bc82f5 100755 --- a/systems/x86_64-linux/jallen-nas/apps.nix +++ b/systems/x86_64-linux/jallen-nas/apps.nix @@ -24,7 +24,10 @@ in }; }; ai = enabled; - arrs = enabled; + arrs = { + enable = true; + enableVpn = true; + }; attic = { enable = true; port = 9012; diff --git a/systems/x86_64-linux/jallen-nas/default.nix b/systems/x86_64-linux/jallen-nas/default.nix index 3d65ef9..c3b640b 100755 --- a/systems/x86_64-linux/jallen-nas/default.nix +++ b/systems/x86_64-linux/jallen-nas/default.nix @@ -17,6 +17,7 @@ in ./users.nix ./services.nix ./sops.nix + ./vpn.nix ]; services.kmscon = disabled; diff --git a/systems/x86_64-linux/jallen-nas/services.nix b/systems/x86_64-linux/jallen-nas/services.nix index 7669761..b886c0a 100755 --- a/systems/x86_64-linux/jallen-nas/services.nix +++ b/systems/x86_64-linux/jallen-nas/services.nix @@ -1,4 +1,9 @@ -{ pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: { systemd.network.wait-online.enable = false; # Force tailscaled to use nftables (Critical for clean nftables-only systems) @@ -8,8 +13,10 @@ ]; networking.nftables.enable = true; boot.initrd.systemd.network.wait-online.enable = false; + # Services configs services = { + tailscale = { enable = true; openFirewall = true; diff --git a/systems/x86_64-linux/jallen-nas/vpn.nix b/systems/x86_64-linux/jallen-nas/vpn.nix new file mode 100644 index 0000000..d591020 --- /dev/null +++ b/systems/x86_64-linux/jallen-nas/vpn.nix @@ -0,0 +1,293 @@ +{ + config, + lib, + pkgs, + ... +}: +# let +# configFile = pkgs.writeText "openvpn-config-us.protonvpn.udp" '' +# errors-to-stderr +# ${config.services.openvpn.servers."us.protonvpn.udp".config} +# auth-user-pass ${config.services.openvpn.servers."us.protonvpn.udp".authUserPass} +# ''; +# in +{ + boot.kernel.sysctl."net.ipv4.ip_forward" = true; + sops = { + secrets = { + "protonvpn/username" = { }; + "protonvpn/password" = { }; + }; + templates = { + "protonvpn" = { + mode = "660"; + owner = "nix-apps"; + group = "jallen-nas"; + restartUnits = [ "openvpn-us.protonvpn.udp.service" ]; + content = '' + ${config.sops.placeholder."protonvpn/username"} + ${config.sops.placeholder."protonvpn/password"} + ''; + }; + }; + }; + + # networking.nftables = { + # enable = true; + # ruleset = '' + # table ip nat { + # chain postrouting { + # type nat hook postrouting priority 100; + # oifname "enp197s0" ip saddr 10.200.0.0/30 masquerade + # } + # } + # ''; + # }; + + # systemd.services = { + # vpn-netns = + # let + # ip = "${pkgs.iproute2}/bin/ip"; + # in { + # description = "Create VPN network namespace"; + # wantedBy = [ "multi-user.target" ]; + # before = [ "openvpn-us.protonvpn.udp.service" ]; + + # serviceConfig = { + # Type = "oneshot"; + # RemainAfterExit = true; + + # ExecStart = pkgs.writeShellScript "vpn-netns-up" '' + # set -euxo pipefail + + # # Ensure namespace exists + # ${ip} netns add vpn 2>/dev/null || true + + # # Clean up any previous veth (deleting one end deletes the peer too) + # ${ip} link del veth-host 2>/dev/null || true + + # # Create veth pair + # ${ip} link add veth-host type veth peer name veth-vpn + + # # Move peer into namespace + # ${ip} link set veth-vpn netns vpn + + # # Host side + # ${ip} addr add 10.200.0.1/30 dev veth-host 2>/dev/null || true + # ${ip} link set veth-host up + + # # Namespace side + # ${ip} -n vpn addr add 10.200.0.2/30 dev veth-vpn 2>/dev/null || true + # ${ip} -n vpn link set veth-vpn up + # ${ip} -n vpn link set lo up + + # # Default route in namespace via host + # ${ip} -n vpn route replace default via 10.200.0.1 + + # ${ip} -n vpn route replace 10.0.1.0/24 via 10.200.0.1 dev veth-vpn + # ''; + # ExecStop = pkgs.writeShellScript "vpn-netns-down" '' + # set -eux + # ${ip} link del veth-host 2>/dev/null || true + # ''; + # }; + # }; + + # "openvpn-us.protonvpn.udp" = { + # after = [ "network-online.target" "vpn-netns.service" ]; + # wants = [ "network-online.target" ]; + # serviceConfig = { + # ExecStart = lib.mkOverride 90 '' + # ${pkgs.iproute2}/bin/ip netns exec vpn \ + # ${pkgs.openvpn}/sbin/openvpn --config ${configFile} + # ''; + # }; + # }; + # }; + + # Services configs + services = { + openvpn = { + servers = { + "us.protonvpn.udp" = lib.mkForce { + authUserPass = config.sops.templates."protonvpn".path; + updateResolvConf = lib.mkForce true; + config = '' + # ============================================================================== + # Copyright (c) 2023 Proton AG (Switzerland) + # Email: contact@protonvpn.com + # + # The MIT License (MIT) + # + # Permission is hereby granted, free of charge, to any person obtaining a copy + # of this software and associated documentation files (the "Software"), to deal + # in the Software without restriction, including without limitation the rights + # to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + # copies of the Software, and to permit persons to whom the Software is + # furnished to do so, subject to the following conditions: + # + # The above copyright notice and this permission notice shall be included in all + # copies or substantial portions of the Software. + # + # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + # FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + # AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + # LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR # OTHERWISE, ARISING + # FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS + # IN THE SOFTWARE. + # ============================================================================== + + # If you are a paying user you can also enable the ProtonVPN ad blocker (NetShield) or Moderate NAT: + # Use: "ErqosBHsDoqr8Hcq+f1" as username to enable anti-malware filtering + # Use: "ErqosBHsDoqr8Hcq+f2" as username to additionally enable ad-blocking filtering + # Use: "ErqosBHsDoqr8Hcq+nr" as username to enable Moderate NAT + # Note that you can combine the "+nr" suffix with other suffixes. + + client + dev tun + proto udp + + remote 37.221.112.194 51820 + remote 37.221.112.194 80 + remote 146.70.217.66 51820 + remote 217.138.198.246 51820 + remote 149.22.84.89 51820 + remote 146.70.217.66 4569 + remote 149.22.94.86 80 + remote 95.173.221.92 1194 + remote 79.127.160.158 5060 + remote 217.138.198.246 80 + remote 149.40.62.62 4569 + remote 79.127.160.158 4569 + remote 149.22.84.89 5060 + remote 95.173.221.33 51820 + remote 149.22.84.89 1194 + remote 146.70.183.146 80 + remote 149.22.94.86 5060 + remote 62.93.176.129 5060 + remote 95.173.221.33 80 + remote 146.70.183.146 1194 + remote 79.127.160.158 1194 + remote 217.138.198.246 4569 + remote 217.138.198.246 80 + remote 95.173.221.33 5060 + remote 95.173.221.33 1194 + remote 149.22.94.86 1194 + remote 149.40.62.62 1194 + remote 62.93.176.129 51820 + remote 95.173.221.92 4569 + remote 37.221.112.194 1194 + remote 95.173.221.92 5060 + remote 149.40.62.62 5060 + remote 217.138.198.246 5060 + remote 79.127.160.158 51820 + remote 62.93.176.129 1194 + remote 95.173.221.33 4569 + remote 146.70.217.66 1194 + remote 95.173.221.92 51820 + remote 62.93.176.129 4569 + remote 149.22.94.86 51820 + remote 37.221.112.194 4569 + remote 149.40.62.62 51820 + remote 146.70.183.146 5060 + remote 217.138.198.246 4569 + remote 146.70.217.66 5060 + remote 146.70.217.66 80 + remote 149.22.94.86 4569 + remote 217.138.198.246 51820 + remote 146.70.183.146 51820 + remote 217.138.198.246 5060 + remote 95.173.221.92 80 + remote 217.138.198.246 1194 + remote 37.221.112.194 5060 + remote 79.127.160.158 80 + remote 217.138.198.246 1194 + remote 149.40.62.62 80 + remote 62.93.176.129 80 + remote 149.22.84.89 80 + remote 149.22.84.89 4569 + remote 146.70.183.146 4569 + server-poll-timeout 20 + + remote-random + resolv-retry infinite + nobind + + cipher AES-256-GCM + + setenv CLIENT_CERT 0 + tun-mtu 1500 + mssfix 0 + persist-key + persist-tun + + reneg-sec 0 + + remote-cert-tls server + auth-user-pass + + script-security 2 + + + -----BEGIN CERTIFICATE----- + MIIFnTCCA4WgAwIBAgIUCI574SM3Lyh47GyNl0WAOYrqb5QwDQYJKoZIhvcNAQEL + BQAwXjELMAkGA1UEBhMCQ0gxHzAdBgNVBAoMFlByb3RvbiBUZWNobm9sb2dpZXMg + QUcxEjAQBgNVBAsMCVByb3RvblZQTjEaMBgGA1UEAwwRUHJvdG9uVlBOIFJvb3Qg + Q0EwHhcNMTkxMDE3MDgwNjQxWhcNMzkxMDEyMDgwNjQxWjBeMQswCQYDVQQGEwJD + SDEfMB0GA1UECgwWUHJvdG9uIFRlY2hub2xvZ2llcyBBRzESMBAGA1UECwwJUHJv + dG9uVlBOMRowGAYDVQQDDBFQcm90b25WUE4gUm9vdCBDQTCCAiIwDQYJKoZIhvcN + AQEBBQADggIPADCCAgoCggIBAMkUT7zMUS5C+NjQ7YoGpVFlfbN9HFgG4JiKfHB8 + QxnPPRgyTi0zVOAj1ImsRilauY8Ddm5dQtd8qcApoz6oCx5cFiiSQG2uyhS/59Zl + 5wqIkw1o+CgwZgeWkq04lcrxhhfPgJZRFjrYVezy/Z2Ssd18s3/FFNQ+2iV1KC2K + z8eSPr50u+l9vEKsKiNGkJTdlWjoDKZM2C15i/h8Smi+PdJlx7WMTtYoVC1Fzq0r + aCPDQl18kspu11b6d8ECPWghKcDIIKuA0r0nGqF1GvH1AmbC/xUaNrKgz9AfioZL + MP/l22tVG3KKM1ku0eYHX7NzNHgkM2JKnBBannImQQBGTAcvvUlnfF3AHx4vzx7H + ahpBz8ebThx2uv+vzu8lCVEcKjQObGwLbAONJN2enug8hwSSZQv7tz7onDQWlYh0 + El5fnkrEQGbukNnSyOqTwfobvBllIPzBqdO38eZFA0YTlH9plYjIjPjGl931lFAA + 3G9t0x7nxAauLXN5QVp1yoF1tzXc5kN0SFAasM9VtVEOSMaGHLKhF+IMyVX8h5Iu + IRC8u5O672r7cHS+Dtx87LjxypqNhmbf1TWyLJSoh0qYhMr+BbO7+N6zKRIZPI5b + MXc8Be2pQwbSA4ZrDvSjFC9yDXmSuZTyVo6Bqi/KCUZeaXKof68oNxVYeGowNeQd + g/znAgMBAAGjUzBRMB0GA1UdDgQWBBR44WtTuEKCaPPUltYEHZoyhJo+4TAfBgNV + HSMEGDAWgBR44WtTuEKCaPPUltYEHZoyhJo+4TAPBgNVHRMBAf8EBTADAQH/MA0G + CSqGSIb3DQEBCwUAA4ICAQBBmzCQlHxOJ6izys3TVpaze+rUkA9GejgsB2DZXIcm + 4Lj/SNzQsPlZRu4S0IZV253dbE1DoWlHanw5lnXwx8iU82X7jdm/5uZOwj2NqSqT + bTn0WLAC6khEKKe5bPTf18UOcwN82Le3AnkwcNAaBO5/TzFQVgnVedXr2g6rmpp9 + gdedeEl9acB7xqfYfkrmijqYMm+xeG2rXaanch3HjweMDuZdT/Ub5G6oir0Kowft + lA1ytjXRg+X+yWymTpF/zGLYfSodWWjMKhpzZtRJZ+9B0pWXUyY7SuCj5T5SMIAu + x3NQQ46wSbHRolIlwh7zD7kBgkyLe7ByLvGFKa2Vw4PuWjqYwrRbFjb2+EKAwPu6 + VTWz/QQTU8oJewGFipw94Bi61zuaPvF1qZCHgYhVojRy6KcqncX2Hx9hjfVxspBZ + DrVH6uofCmd99GmVu+qizybWQTrPaubfc/a2jJIbXc2bRQjYj/qmjE3hTlmO3k7V + EP6i8CLhEl+dX75aZw9StkqjdpIApYwX6XNDqVuGzfeTXXclk4N4aDPwPFM/Yo/e + KnvlNlKbljWdMYkfx8r37aOHpchH34cv0Jb5Im+1H07ywnshXNfUhRazOpubJRHn + bjDuBwWS1/Vwp5AJ+QHsPXhJdl3qHc1szJZVJb3VyAWvG/bWApKfFuZX18tiI4N0 + EA== + -----END CERTIFICATE----- + + + + -----BEGIN OpenVPN Static key V1----- + 6acef03f62675b4b1bbd03e53b187727 + 423cea742242106cb2916a8a4c829756 + 3d22c7e5cef430b1103c6f66eb1fc5b3 + 75a672f158e2e2e936c3faa48b035a6d + e17beaac23b5f03b10b868d53d03521d + 8ba115059da777a60cbfd7b2c9c57472 + 78a15b8f6e68a3ef7fd583ec9f398c8b + d4735dab40cbd1e3c62a822e97489186 + c30a0b48c7c38ea32ceb056d3fa5a710 + e10ccc7a0ddb363b08c3d2777a3395e1 + 0c0b6080f56309192ab5aacd4b45f55d + a61fc77af39bd81a19218a79762c3386 + 2df55785075f37d8c71dc8a42097ee43 + 344739a0dd48d03025b0450cf1fb5e8c + aeb893d9a96d1f15519bb3c4dcb40ee3 + 16672ea16c012664f8a9f11255518deb + -----END OpenVPN Static key V1----- + + ''; + }; + }; + }; + }; +} \ No newline at end of file