diff --git a/hosts/default.nix b/hosts/default.nix index 69f0700..30bd27d 100644 --- a/hosts/default.nix +++ b/hosts/default.nix @@ -66,6 +66,7 @@ ./droppie self.nixosModules.yule self.nixosModules.acme + self.nixosModules.proxy self.nixosModules.persistence ]; }; @@ -78,6 +79,7 @@ ./pie self.nixosModules.yule self.nixosModules.acme + self.nixosModules.proxy self.nixosModules.docker self.nixosModules.invoiceplane ]; @@ -90,6 +92,7 @@ ./frikandel self.nixosModules.yule self.nixosModules.acme + self.nixosModules.proxy self.nixosModules.docker ]; }; diff --git a/hosts/droppie/nginx.nix b/hosts/droppie/nginx.nix index 5f49321..e1c7bba 100644 --- a/hosts/droppie/nginx.nix +++ b/hosts/droppie/nginx.nix @@ -5,16 +5,7 @@ lib, ... }: { - networking.firewall.allowedTCPPorts = [ 80 443 ]; - services.nginx = { - enable = true; - - recommendedOptimisation = true; - recommendedGzipSettings = true; - recommendedTlsSettings = true; - recommendedProxySettings = true; - defaultListenAddresses = [ "192.168.178.3" "10.13.12.3" diff --git a/hosts/frikandel/nginx.nix b/hosts/frikandel/nginx.nix index 9b9ec42..98035b6 100644 --- a/hosts/frikandel/nginx.nix +++ b/hosts/frikandel/nginx.nix @@ -5,16 +5,7 @@ lib, ... }: { - networking.firewall.allowedTCPPorts = [ 80 443 ]; - services.nginx = { - enable = true; - - recommendedOptimisation = true; - recommendedGzipSettings = true; - recommendedTlsSettings = true; - recommendedProxySettings = true; - defaultListenAddresses = [ "10.13.12.7" "[fd00:b12f:acab:1312:acab:7::]" diff --git a/hosts/frikandel/unbound.nix b/hosts/frikandel/unbound.nix index c19f869..8236341 100644 --- a/hosts/frikandel/unbound.nix +++ b/hosts/frikandel/unbound.nix @@ -78,6 +78,8 @@ "\"paperless.b12f.io. 10800 IN AAAA fd00:b12f:acab:1312:acab:2::\"" "\"invoicing.b12f.io. 10800 IN A 10.13.12.2\"" "\"invoicing.b12f.io. 10800 IN AAAA fd00:b12f:acab:1312:acab:2::\"" + "\"auth.b12f.io. 10800 IN A 10.13.12.2\"" + "\"auth.b12f.io. 10800 IN AAAA fd00:b12f:acab:1312:acab:2::\"" "\"vpn.b12f.io. 10800 IN A 128.140.109.213\"" "\"vpn.b12f.io. 10800 IN AAAA 2a01:4f8:c2c:b60::\"" diff --git a/hosts/pie/authelia.nix b/hosts/pie/authelia.nix index d6e43aa..68ab212 100644 --- a/hosts/pie/authelia.nix +++ b/hosts/pie/authelia.nix @@ -21,18 +21,6 @@ in { owner = "authelia-b12f"; }; - age.secrets."authelia-oidc-issuer-private-key" = { - file = "${flake.self}/secrets/authelia-oidc-issuer-private-key.age"; - mode = "400"; - owner = "authelia-b12f"; - }; - - age.secrets."authelia-oidc-hmac-secret" = { - file = "${flake.self}/secrets/authelia-oidc-hmac-secret.age"; - mode = "400"; - owner = "authelia-b12f"; - }; - age.secrets."authelia-jwt-secret" = { file = "${flake.self}/secrets/authelia-jwt-secret.age"; mode = "400"; @@ -45,6 +33,12 @@ in { owner = "authelia-b12f"; }; + age.secrets."mail@b12f.io-password" = { + file = "${flake.self}/secrets/mail@b12f.io-password.age"; + mode = "400"; + owner = "authelia-b12f"; + }; + security.acme.certs = { "auth.b12f.io" = {}; }; @@ -54,12 +48,9 @@ in { forceSSL = true; useACMEHost = "auth.b12f.io"; locations."/".proxyPass = "http://127.0.0.1:${builtins.toString config.services.authelia.instances.b12f.settings.server.port}"; - listenAdresses = [ - "127.0.0.1" - "::1" - "10.13.12.2" - "fd00:b12f:acab:1312:acab:2::" - ]; + locations."/".extraConfig = "include /etc/nginx/conf-available/proxy.conf;"; + locations."/api/verify".proxyPass = "http://127.0.0.1:${builtins.toString config.services.authelia.instances.b12f.settings.server.port}"; + locations."/api/authz".proxyPass = "http://127.0.0.1:${builtins.toString config.services.authelia.instances.b12f.settings.server.port}"; }; }; @@ -69,16 +60,17 @@ in { secrets = { storageEncryptionKeyFile = config.age.secrets."authelia-storage-encryption-key".path; sessionSecretFile = config.age.secrets."authelia-session-secret".path; - oidcIssuerPrivateKeyFile = config.age.secrets."authelia-oidc-issuer-private-key".path; - oidcHmacSecretFile = config.age.secrets."authelia-oidc-hmac-secret".path; jwtSecretFile = config.age.secrets."authelia-jwt-secret".path; }; settings = { theme = "light"; - default_2fa_method = "totp"; + default_2fa_method = "webauthn"; log.level = "debug"; - server.disable_healthcheck = true; + server = { + port = 9092; + host = "127.0.0.1"; + }; authentication_backend = { refresh_interval = "disable"; password_reset = { disable = true; }; @@ -89,25 +81,30 @@ in { }; duo_api.disable = true; webauthn.user_verification = "required"; - totp.issuer: "auth.b12f.io"; - storage.local.path = "/var/lib/authelia/db.sqlite3"; - identity_providers.oidc = { - authorization_policies.policy_name = { - default_policy = "two_factor"; - rules = [ - { - policy = "deny"; - subject = "group:services"; - } - ]; - }; + totp.issuer = "auth.b12f.io"; + storage.local.path = "/var/lib/authelia-b12f/db.sqlite3"; + access_control.default_policy = "two_factor"; + session = { + domain = "auth.b12f.io"; + # authelia_url = "https://auth.b12f.io"; + }; + notifier.disable_startup_check = true; + notifier.smtp = { + host = "mail.b12f.io"; + port = 587; + username = "mail@b12f.io"; + sender = "auth.b12f.io "; + identifier = "auth@b12f.io"; + subject = "[auth.b12f.io] {title}"; }; }; }; + systemd.services.authelia-b12f.environment.AUTHELIA_NOTIFIER_SMTP_PASSWORD_FILE = config.age.secrets."mail@b12f.io-password".path; + services.restic.backups = { authelia = { - paths = [ "/var/lib/authelia" ]; + paths = [ "/var/lib/authelia-b12f" ]; initialize = true; passwordFile = config.age.secrets."restic-password".path; # See https://www.hosting.de/blog/verschluesselte-backups-mit-rclone-und-restic-in-nextcloud/ diff --git a/hosts/pie/firefly.nix b/hosts/pie/firefly.nix index fa23e88..ee1715d 100644 --- a/hosts/pie/firefly.nix +++ b/hosts/pie/firefly.nix @@ -38,24 +38,22 @@ in { "firefly.b12f.io" = { forceSSL = true; useACMEHost = "firefly.b12f.io"; + extraConfig = "include /etc/nginx/conf-available/authelia-location.conf;"; locations."/".proxyPass = "http://127.0.0.1:8080"; - listenAdresses = [ - "127.0.0.1" - "::1" - "10.13.12.2" - "fd00:b12f:acab:1312:acab:2::" - ]; + locations."/".extraConfig = '' + include /etc/nginx/conf-available/proxy.conf; + include /etc/nginx/conf-available/authelia-authrequest.conf; + ''; }; "firefly-importer.b12f.io" = { forceSSL = true; useACMEHost = "firefly-importer.b12f.io"; + extraConfig = "include /etc/nginx/conf-available/authelia-location.conf;"; locations."/".proxyPass = "http://127.0.0.1:8081"; - listenAdresses = [ - "127.0.0.1" - "::1" - "10.13.12.2" - "fd00:b12f:acab:1312:acab:2::" - ]; + locations."/".extraConfig = '' + include /etc/nginx/conf-available/proxy.conf; + include /etc/nginx/conf-available/authelia-authrequest.conf; + ''; }; }; @@ -70,13 +68,6 @@ in { ''; }; - services.authelia.instances.b12f.settings.clients = [{ - client_id = "firefly"; - client_name = "Firefly"; - client_secret = ""; - consent_mode = "implicit"; - }]; - virtualisation = { oci-containers = { backend = "docker"; diff --git a/hosts/pie/invoiceplane.nix b/hosts/pie/invoiceplane.nix index 6093d9d..3efc6ed 100644 --- a/hosts/pie/invoiceplane.nix +++ b/hosts/pie/invoiceplane.nix @@ -28,6 +28,11 @@ in { "invoicing.b12f.io" = { forceSSL = true; useACMEHost = "invoicing.b12f.io"; + extraConfig = "include /etc/nginx/conf-available/authelia-location.conf;"; + locations."/".extraConfig = '' + include /etc/nginx/conf-available/proxy.conf; + include /etc/nginx/conf-available/authelia-authrequest.conf; + ''; }; }; diff --git a/hosts/pie/nginx.nix b/hosts/pie/nginx.nix index 00f3ada..774f07e 100644 --- a/hosts/pie/nginx.nix +++ b/hosts/pie/nginx.nix @@ -5,16 +5,7 @@ lib, ... }: { - networking.firewall.allowedTCPPorts = [ 80 443 ]; - services.nginx = { - enable = true; - - recommendedOptimisation = true; - recommendedGzipSettings = true; - recommendedTlsSettings = true; - recommendedProxySettings = true; - defaultListenAddresses = [ "192.168.178.2" # "2a02:908:5b1:e3c0:2::" diff --git a/hosts/pie/paperless.nix b/hosts/pie/paperless.nix index 6f6c2e6..a06e4c6 100644 --- a/hosts/pie/paperless.nix +++ b/hosts/pie/paperless.nix @@ -9,9 +9,9 @@ with lib; let psCfg = config.pub-solar; xdg = config.home-manager.users."${psCfg.user.name}".xdg; - dataDir = "${xdg.dataHome}/Paperless"; - backupDir = "${xdg.dataHome}/PaperlessBackup"; - consumptionDir = "/home/${psCfg.user.name}/.local/share/scandir"; + dataDir = "/var/lib/paperless"; + backupDir = "/var/lib/PaperlessBackup"; + consumptionDir = "/var/lib/scandir"; scan2paperless = with pkgs; writeShellScriptBin "scan2paperless" '' DEVICE=$1 @@ -53,45 +53,25 @@ in { "paperless.b12f.io" = { forceSSL = true; useACMEHost = "paperless.b12f.io"; + extraConfig = "include /etc/nginx/conf-available/authelia-location.conf;"; locations."/".proxyPass = "http://127.0.0.1:${builtins.toString config.services.paperless.port}"; - listenAdresses = [ - "127.0.0.1" - "::1" - "10.13.12.2" - "fd00:b12f:acab:1312:acab:2::" - ]; - }; + locations."/".extraConfig = '' + include /etc/nginx/conf-available/proxy.conf; + include /etc/nginx/conf-available/authelia-authrequest.conf; + ''; + }; }; - services.authelia.instances.b12f.settings.clients = [{ - client_id = "paperless"; - client_name = "Paperless"; - client_secret = ""; - consent_mode = "implicit"; - }]; - services.paperless = { enable = true; - user = psCfg.user.name; consumptionDir = consumptionDir; dataDir = dataDir; address = "127.0.0.1"; extraConfig = { PAPERLESS_OCR_LANGUAGE = "nld+deu"; PAPERLESS_URL = "https://paperless.b12f.io"; - PAPERLESS_SOCIALACCOUNT_PROVIDERS = (builtins.toJSON { - openid_connect = { - APPS = [ - { - provider_id = "keycloak"; - name = "Keycloak"; - client_id = ""; - secret = ""; - settings.server_url = "http://keycloak:8080/realms/master/.well-known/openid-configuration"; - } - ]; - }; - }); + PAPERLESS_DISABLE_REGULAR_LOGIN = "True"; + PAPERLESS_ENABLE_HTTP_REMOTE_USER = "True"; }; }; @@ -125,13 +105,13 @@ in { age.secrets."hosting-de-invoice-sync-api-key" = { file = "${flake.self}/secrets/hosting-de-invoice-sync-api-key.age"; mode = "400"; - owner = psCfg.user.name; + owner = "paperless"; }; services.cron = { enable = true; systemCronJobs = [ - "30 1 * * * ${psCfg.user.name} ${pkgs.fetch-hostingde-invoices}/bin/fetch-hostingde-invoices '${config.age.secrets."hosting-de-invoice-sync-api-key".path}' '${consumptionDir}'" + "30 1 * * * paperless ${pkgs.fetch-hostingde-invoices}/bin/fetch-hostingde-invoices '${config.age.secrets."hosting-de-invoice-sync-api-key".path}' '${consumptionDir}'" ]; }; @@ -140,11 +120,13 @@ in { ################################# systemd.tmpfiles.rules = [ - "d '${backupDir}' 0700 ${psCfg.user.name} users - -" - "d /tmp/paperless 0700 ${psCfg.user.name} users - -" + "d '${dataDir}' 0700 paperless users - -" + "d '${backupDir}' 0700 paperless users - -" + "d '${consumptionDir}' 0700 paperless users - -" + "d /tmp/paperless 0700 paperless users - -" ]; - age.secrets."rclone-pie.conMoK~Ih_gjsd4Yo0U7eYcyZ5WHFy1n_a3BGwy_E5TVb8z2FaFzGnQS08TpTf~4ilPG5r5hytf" = { + age.secrets."rclone-pie.conf" = { file = "${flake.self}/secrets/rclone-pie.conf.age"; path = "/root/.config/rclone/rclone.conf"; mode = "400"; diff --git a/modules/core/hardening.nix b/modules/core/hardening.nix index 81b4903..6ff3a83 100644 --- a/modules/core/hardening.nix +++ b/modules/core/hardening.nix @@ -34,11 +34,6 @@ in { # required to run chromium security.chromiumSuidSandbox.enable = true; - # create system-wide executables firefox and chromium - # that will wrap the real binaries so everything - # work out of the box. - programs.firejail.enable = true; - # enable antivirus clamav and # keep the signatures' database updated services.clamav.daemon.enable = true; diff --git a/modules/default.nix b/modules/default.nix index 69a225d..e34bfc5 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -22,6 +22,7 @@ persistence = import ./persistence; portable = import ./portable; printing = import ./printing; + proxy = import ./proxy; terminal-life = import ./terminal-life; user = import ./user; virtualisation = import ./virtualisation; diff --git a/modules/desktop-extended/default.nix b/modules/desktop-extended/default.nix index 5a8f5da..5b87e6c 100644 --- a/modules/desktop-extended/default.nix +++ b/modules/desktop-extended/default.nix @@ -12,6 +12,7 @@ in { users.users."${psCfg.user.name}".packages = with pkgs; [ wine + chromium gimp present-md @@ -35,25 +36,6 @@ in { nvd ]; - programs.firejail.wrappedBinaries = { - chromium = { - executable = "${pkgs.lib.getBin pkgs.ungoogled-chromium}/bin/chromium"; - profile = "${pkgs.firejail}/etc/firejail/chromium.profile"; - }; - # signal-desktop = { - # executable = "${pkgs.lib.getBin pkgs.signal-desktop}/bin/signal-desktop"; - # profile = "${pkgs.firejail}/etc/firejail/signal-desktop.profile"; - # }; - # telegram-desktop = { - # executable = "${pkgs.lib.getBin pkgs.tdesktop}/bin/telegram-desktop"; - # profile = "${pkgs.firejail}/etc/firejail/telegram-desktop.profile"; - # }; - # element-desktop = { - # executable = "${pkgs.lib.getBin pkgs.element-desktop}/bin/element-desktop"; - # profile = "${pkgs.firejail}/etc/firejail/element-desktop.profile"; - # }; - }; - fonts = { packages = with pkgs; [ dejavu_fonts diff --git a/modules/graphical/default.nix b/modules/graphical/default.nix index 3483608..f06ccab 100644 --- a/modules/graphical/default.nix +++ b/modules/graphical/default.nix @@ -73,6 +73,10 @@ in { # Enable GVfs, a userspace virtual filesystem services.gvfs.enable = true; + # This actually lowers security and is + # required to run electron apps with the hardened kernel + boot.kernel.sysctl."kernel.unprivileged_userns_clone" = 1; + fonts = { packages = with pkgs; [ dejavu_fonts @@ -88,6 +92,7 @@ in { users.users."${psCfg.user.name}".packages = with pkgs; [ alacritty + firefox-wayland flameshot gnome.adwaita-icon-theme gnome.eog @@ -102,13 +107,6 @@ in { wcwd ]; - programs.firejail.wrappedBinaries = { - firefox = { - executable = "${pkgs.lib.getBin pkgs.firefox-wayland}/bin/firefox"; - profile = "${pkgs.firejail}/etc/firejail/firefox.profile"; - }; - }; - home-manager.users."${psCfg.user.name}" = { home.file."xinitrc".source = ./.xinitrc; xdg.configFile."alacritty/alacritty.yml".source = yamlFormat.generate "alacritty.yml" (import ./alacritty.nix); diff --git a/modules/proxy/authelia-authrequest.conf b/modules/proxy/authelia-authrequest.conf new file mode 100644 index 0000000..bfcc3af --- /dev/null +++ b/modules/proxy/authelia-authrequest.conf @@ -0,0 +1,32 @@ +## Send a subrequest to Authelia to verify if the user is authenticated and has permission to access the resource. +auth_request /internal/authelia/authz; + +## Save the upstream metadata response headers from Authelia to variables. +auth_request_set $user $upstream_http_remote_user; +auth_request_set $groups $upstream_http_remote_groups; +auth_request_set $name $upstream_http_remote_name; +auth_request_set $email $upstream_http_remote_email; + +## Inject the metadata response headers from the variables into the request made to the backend. +proxy_set_header Remote-User $user; +proxy_set_header Remote-Groups $groups; +proxy_set_header Remote-Email $email; +proxy_set_header Remote-Name $name; + +## Configure the redirection when the authz failure occurs. Lines starting with 'Modern Method' and 'Legacy Method' +## should be commented / uncommented as pairs. The modern method uses the session cookies configuration's authelia_url +## value to determine the redirection URL here. It's much simpler and compatible with the mutli-cookie domain easily. + +## Modern Method: Set the $redirection_url to the Location header of the response to the Authz endpoint. +auth_request_set $redirection_url $upstream_http_location; + +## Modern Method: When there is a 401 response code from the authz endpoint redirect to the $redirection_url. +error_page 401 =302 $redirection_url; + +## Legacy Method: Set $target_url to the original requested URL. +## This requires http_set_misc module, replace 'set_escape_uri' with 'set' if you don't have this module. +# set_escape_uri $target_url $scheme://$http_host$request_uri; + +## Legacy Method: When there is a 401 response code from the authz endpoint redirect to the portal with the 'rd' +## URL parameter set to $target_url. This requires users update 'auth.example.com/' with their external authelia URL. +# error_page 401 =302 https://auth.example.com/?rd=$target_url; diff --git a/modules/proxy/authelia-location.conf b/modules/proxy/authelia-location.conf new file mode 100644 index 0000000..c3151b3 --- /dev/null +++ b/modules/proxy/authelia-location.conf @@ -0,0 +1,32 @@ +set $upstream_authelia https://auth.b12f.io/api/authz/auth-request; + +## Virtual endpoint created by nginx to forward auth requests. +location /internal/authelia/authz { + ## Essential Proxy Configuration + internal; + proxy_pass $upstream_authelia; + + ## Headers + ## The headers starting with X-* are required. + proxy_set_header X-Original-Method $request_method; + proxy_set_header X-Original-URL $scheme://$http_host$request_uri; + proxy_set_header X-Forwarded-For $remote_addr; + proxy_set_header Content-Length ""; + proxy_set_header Connection ""; + + ## Basic Proxy Configuration + proxy_pass_request_body off; + proxy_next_upstream error timeout invalid_header http_500 http_502 http_503; # Timeout if the real server is dead + proxy_redirect http:// $scheme://; + proxy_http_version 1.1; + proxy_cache_bypass $cookie_session; + proxy_no_cache $cookie_session; + proxy_buffers 4 32k; + client_body_buffer_size 128k; + + ## Advanced Proxy Configuration + send_timeout 5m; + proxy_read_timeout 240; + proxy_send_timeout 240; + proxy_connect_timeout 240; +} diff --git a/modules/proxy/default.nix b/modules/proxy/default.nix new file mode 100644 index 0000000..6db5ee1 --- /dev/null +++ b/modules/proxy/default.nix @@ -0,0 +1,29 @@ +{ + flake, + config, + pkgs, + lib, + ... +}: { + networking.firewall.allowedTCPPorts = [ 80 443 ]; + + services.nginx = { + enable = true; + + recommendedOptimisation = true; + recommendedGzipSettings = true; + recommendedTlsSettings = true; + recommendedProxySettings = true; + + resolver.addresses = [ + "10.13.12.7" + "[fd00:b12f:acab:1312:acab:7::]" + ]; + }; + + environment.etc = { + "nginx/conf-available/proxy.conf".source = ./proxy.conf; + "nginx/conf-available/authelia-location.conf".source = ./authelia-location.conf; + "nginx/conf-available/authelia-authrequest.conf".source = ./authelia-authrequest.conf; + }; +} diff --git a/modules/proxy/proxy.conf b/modules/proxy/proxy.conf new file mode 100644 index 0000000..5c26297 --- /dev/null +++ b/modules/proxy/proxy.conf @@ -0,0 +1,33 @@ +## Headers +proxy_set_header Host $host; +proxy_set_header X-Original-URL $scheme://$http_host$request_uri; +proxy_set_header X-Forwarded-Proto $scheme; +proxy_set_header X-Forwarded-Host $http_host; +proxy_set_header X-Forwarded-URI $request_uri; +proxy_set_header X-Forwarded-Ssl on; +proxy_set_header X-Forwarded-For $remote_addr; +proxy_set_header X-Real-IP $remote_addr; + +## Basic Proxy Configuration +client_body_buffer_size 128k; +proxy_next_upstream error timeout invalid_header http_500 http_502 http_503; ## Timeout if the real server is dead. +proxy_redirect http:// $scheme://; +proxy_http_version 1.1; +proxy_cache_bypass $cookie_session; +proxy_no_cache $cookie_session; +proxy_buffers 64 256k; + +## Trusted Proxies Configuration +## Please read the following documentation before configuring this: +## https://www.authelia.com/integration/proxies/nginx/#trusted-proxies +set_real_ip_from 10.13.12.0/24; +set_real_ip_from fc00::/7; + +real_ip_header X-Forwarded-For; +real_ip_recursive on; + +## Advanced Proxy Configuration +send_timeout 5m; +proxy_read_timeout 360; +proxy_send_timeout 360; +proxy_connect_timeout 360; diff --git a/secrets/.fwknoprc.age b/secrets/.fwknoprc.age index c407940..33bbe73 100644 Binary files a/secrets/.fwknoprc.age and b/secrets/.fwknoprc.age differ diff --git a/secrets/authelia-jwt-secret.age b/secrets/authelia-jwt-secret.age new file mode 100644 index 0000000..5d6acbe --- /dev/null +++ b/secrets/authelia-jwt-secret.age @@ -0,0 +1,24 @@ +age-encryption.org/v1 +-> ssh-ed25519 8bHz7g zKjSwAkx3AP3kn3E+Yxx3vqvKDPp1RfRqI2DXsGZEUo +px/kpl3Emm85x8jC3FX2GTsOKlbv+yu3M9z3oUipLxE +-> ssh-rsa kFDS0A +ezAH1vla7uUC7jbtsc4s/PoASi4SyD5SlHpdwSFWqF4rKwkamJLgUlfv8D0ogSHl +iGF/XypomK4wQbc+B1fECKZGfbaXtqY8un8Zljh5rC4v4Un7twwA+uoXkUUNF5/q ++UlJnCnJL5kpM89mpYc3YXT/E/xbKT/LcEhn7ngTWcDxgMkbxOgj5N5t/XUWxtMD +qjv1DfXNHl95gI02yMpqmxGly0tIY9nHD1vAz87w25swr4VJFn3yjCVZlKz2+m5w +b5SghK9ZotXlvZDLhe12+//XTbEtr3FW9cwU7Ad6ATTD15CnciCI1+wd3L8Os0In +aV9NiGwXhThggnlDmMu22gw3QSj5f0masSSxSTFyCm/SSPL2mnlzANHuLj2DbTgA +cNNWwIPUAB09cn0F5k1uYy1rsScaLf46gY+HWUYqGHvPaE7j2eY9phTt9qxgOWdP +an9zktCMbJaoQ8EyaYpl7ZHjT9pfQPmmmrBDeFfPso5Oy681TWmwvifOe/lNWits +EgKwR09yI780tELxXAZEO52rix503GtM0RJAJlifThvF5HU/FC4M7X1QoYYJsIMc +ilhAsTlwIxQfXWTrt3hvucA4cwdfLh9USz1Otz9ct9NmfqOBHUD3eDz2DtKTUykW +aushupzdaRQS1JIQqklzKZBc8r8W9ePO/MOTb3l2dAA +-> piv-p256 zqq/iw A6lhtVxLSu9x/WnIzsBQYYcSepbrCh9LKffXdPnY44EP +ZsTeF0qctvTCrAn1rOxtySolyA1ERsX6xoOFWykl1uE +-> piv-p256 vRzPNw A+vnxQlBvTqe9zhXoIXkwqqmvXkmmxk5wOJE5viCqxA9 +2E+mx13FD2A89KAI95KnulBUUF3c9Nni7IGCn0LG6Y4 +-> e-grease WS4 hN A;D ^Q' +89Rq7mgvyF6s9pQe0W7zM9I0wZQmTkLU75xQl7j8d+7kCvp8t5Qm9r1lS9QTqlfL +L1MjgllMv0Mgl10I796UM5T21QoSdY3RfP8 +--- mQbEPEUmeSnOPFXoKIIc6VHOUqJqsddXnGz7ZyMvMGM + MzOά[>SλIunxOZSe)і /lVe?/YZT9®ہFU ]dRRؙ \ No newline at end of file diff --git a/secrets/authelia-session-secret.age b/secrets/authelia-session-secret.age new file mode 100644 index 0000000..3094c1a Binary files /dev/null and b/secrets/authelia-session-secret.age differ diff --git a/secrets/authelia-storage-encryption-key.age b/secrets/authelia-storage-encryption-key.age new file mode 100644 index 0000000..e2e94e2 Binary files /dev/null and b/secrets/authelia-storage-encryption-key.age differ diff --git a/secrets/authelia-users-file.age b/secrets/authelia-users-file.age index 4214cb5..e7d2cac 100644 Binary files a/secrets/authelia-users-file.age and b/secrets/authelia-users-file.age differ diff --git a/secrets/b12f-env-secrets.age b/secrets/b12f-env-secrets.age index e2fbb0a..0b7172e 100644 Binary files a/secrets/b12f-env-secrets.age and b/secrets/b12f-env-secrets.age differ diff --git a/secrets/b12f.io-dkim-private-rsa.age b/secrets/b12f.io-dkim-private-rsa.age index 0e1be6e..532acd1 100644 Binary files a/secrets/b12f.io-dkim-private-rsa.age and b/secrets/b12f.io-dkim-private-rsa.age differ diff --git a/secrets/cat-test.ovpn.age b/secrets/cat-test.ovpn.age index ddacf05..6dc1369 100644 Binary files a/secrets/cat-test.ovpn.age and b/secrets/cat-test.ovpn.age differ diff --git a/secrets/droppie-ssh-root.key.age b/secrets/droppie-ssh-root.key.age index b64bd73..e9d60e8 100644 Binary files a/secrets/droppie-ssh-root.key.age and b/secrets/droppie-ssh-root.key.age differ diff --git a/secrets/dyndns.key.age b/secrets/dyndns.key.age index 55d7e6a..b177154 100644 --- a/secrets/dyndns.key.age +++ b/secrets/dyndns.key.age @@ -1,25 +1,23 @@ age-encryption.org/v1 --> ssh-ed25519 8bHz7g 2M1zTXuz8F9ccQRXzNNBffl33O/uBo0Fq4lcfEC6KlU -Lod8LXs62N/oGojaiFH3FBl7Tez/FdJIWznzSutsIjE +-> ssh-ed25519 8bHz7g tU9tWTdUGfcYQDPViqDzMB+0cbhx69ttVhtVco2U7kk +A1xkW3krGYL4bWMCOujo3nxg+pnIRlabfr0/rImYU34 -> ssh-rsa kFDS0A -OUWTYz/8wmdJ2WN2NXO4DtxICgVdAPhilFfQhz96HH4mI4ggDYS5RpQzffw+DozR -W13PIUnLIrOzpn7+YPUz9bIIzYpjNnIoRQnMKN66MucdJNXJ1qBhTa0WDwnkC0KM -M62GKjLMhQOesP48acx2OvGxdYIUJm8oD8TpAP1qb9Pg7Vy1F//KIs3BE6RsOM3w -o17t6gYs718vza+5oVsXVayIsyDgISOhRT29EsuIoPDsDFjm1tz/UYeUtppwJruZ -ArGcdz8bpC6INDNlB5Njrg/zECdiIvLZ030DlAuo9Y3IAcE/hFUQhwaYJe4OCMqf -aA0vsPjsKPpXn4Ui8IyXP8JJ+CU3enu43bFH8h8q7LOb6rLxYFVAzT6jg7hLFdES -7aPkBJR0nYMtt9gdL3KxmTtSgdKdRV8yqrHtBM/rj8IYvpjjqVwinrk5n7yaTBas -jDAoi0OZ0wP9ZykaaILfkoar7ZecJgxWZ6dmaGB641Dwu7mZv4Pqh3uYDHjU2VYW -f5TC0pzzuyE4me0fmy5efc0/wbxYH/bSw81tjih9KmRUhvqzxwMFBtnkYElYo2MM -G7G/1GAYlHpewaXTc2k7pG7sicA42Zn0OoGLMpgWyJJWDvVa16XR133rUQmPCLOW -T5FuGeQi+hDX/xJ2JoNiBXQfP84jqfmMSK7mO8O3ofI --> piv-p256 zqq/iw Ay6ViJqFtNzyrZ9EBHHE3mE0h+jg2YkgMz0Y0oxqVAkK -bolGO/OqFNoT6AF/z7bhocW9W2mYiYQUjsvKY8vuL8I --> piv-p256 vRzPNw A0foK8gvOdXspZG0H0yT1gqf7JC1U14ZAuOvfL/j2MrE -McGAqd59RKTg0BKAFl8CErbbfEjcTcHtTJqZFcFZSik --> ez5dw-grease -2GgPMYkIUyZhdPL4WWY0mIJDTjHt7YWZPebSHLe7++Hf1ZUQ8Q0Yv6oufH3YCeI3 -T9yVzdzkyJf51moR ---- G5KQtnyEAno2mVCtciQ1IvoyR98i1zUQMu98OLwTq84 -k TL 'rrLeU#P6#PObڏSUռaƂf0RQޓsrfi[.+J -1O \ No newline at end of file +mZN2a1v/gTk8baMSw9ZoDI4hHIFm6KhOYR7vvAKjK8OVaTQcFaTj7hMsZ2gT2erI +Bgm0iHLrFBqqrrD9Mi2Tv2e/ePW8w5omcedo7bAcgCm2rdcTHePYswHnYTCTadCT +hhH8kuZTMfEm1FU1c/CB898qhYFS6lOYFBnQYoSTsGgx3JCDB1S4Rm2AsyXvzlaZ +TD6H6LcHYJRClcaHU/3bn4dmiEGwYoYOcYiHp6tM4+prVajGMrOYTPucAbf3xxzR +GE7FMl6POvkniiPjamBF4K9cE8KtIzyDJoWLiZQOGOMXh5prSTEOFL8zerWKhJAR +4kvSx2F0UtuKgikwQBpxRC40V12ivJGCrr7DFXxSZThBJzK1PfnAyY2VRrLr6QGM +wqctsudOHtRHt5NTK4QzX8OMqmkdM+KBDHxxbfSg0d5Fy0qM5KOH1aw6+/pLC7rt +gdE6sn3HQMRM2DL8PxJEC3GyJVuwmC2PC0uPqpvrcabM5S9cBvoLRUwp66vwNCPL +CW7LdSAbu4TfPlffRmPoMqjuRo0HLQ76ZchSJyN0NDscejh1hsEbl/M5etjIAVu1 +IuiG4DR2yGJQOaFcKLyxbJcMKtI8+g01cr3K9GQr1IVh8bcouReJfmzIBv0kKZvK +bMBhkPbyjhmgRj212/+QdsXHrEUhXGe04HHwPnjo/Xg +-> piv-p256 zqq/iw Au0LMoXmBQujrAcouzeRYwE9th7w7VacTcPA1eE1xMqw +hEaZcmAQ3ekiF/GuT2XLC0SEoHr9pLI8870g1t0cgr8 +-> piv-p256 vRzPNw A0XNs/XOz2O1eud5aH7Q4DbhR9WXmJGYwby27G5FoyrK +nVibl5qpWLuxqR6DkoGbNrHEpCfxJUl5SdUxygHarrY +-> Q]A>-grease `@,ipv 4]wX +Xd1UCl4E88saY5AqPdzxKM77f0G8rsbqM78tBmg +--- hlcJUXHAuVi75Oi2dr01NSh4RWjruTFyzWdJjk/mQ2U +.ѳDeNc{r-a>ɪ`AHeHDM'tcm_psH;* $JJQ'#㉳ЩT2c \ No newline at end of file diff --git a/secrets/ehex-vpn.creds.age b/secrets/ehex-vpn.creds.age index a27ebe3..8f81ef4 100644 Binary files a/secrets/ehex-vpn.creds.age and b/secrets/ehex-vpn.creds.age differ diff --git a/secrets/ehex.ovpn.age b/secrets/ehex.ovpn.age index 3e008a5..bfea4ad 100644 Binary files a/secrets/ehex.ovpn.age and b/secrets/ehex.ovpn.age differ diff --git a/secrets/firefly-cron-secrets.env.age b/secrets/firefly-cron-secrets.env.age index fe69c77..2dd0452 100644 --- a/secrets/firefly-cron-secrets.env.age +++ b/secrets/firefly-cron-secrets.env.age @@ -1,25 +1,24 @@ age-encryption.org/v1 --> ssh-ed25519 8bHz7g 66swOUsEOMipbpWdvfQDyyhrlQs9SYIKDu7uRKXRgn8 -biYdYn5NgOV5F7Tpi2rXzBLDMufmZ/7Ux1fns/7p6YA +-> ssh-ed25519 8bHz7g ENnUFWaMTl0qIRuWwDwf5LU5SEJacCmNbF4kehtytns +8B01SNu4tpN35J/WPACTfwxm5+vy9Xr3fKWxtTcSxq4 -> ssh-rsa kFDS0A -ITieW8I1T3bdN62xVCipB4iGELGrP2pwY7hgZ61sIk3Oi9T98gXFYKS/t2GznPDl -QczVlUvJ1Ujt2ozHfDGQsCHIsrNrEVCV9UOdaUjim2aWZ0pwvYGWJ0G+wuJCUK/Z -N1miOPdKddOefUf5tTc5w+nPdRQuhxB4nRP+qpAHiPPigdM5RfNZCO1YtucIedBz -3qMYXR4+Ouewv0evbimrbIrrdlvesQlHfA7q8N/uFm5BtAf43iu2fJ5xapHqC4d8 -vfGauwdyoOuM6xllW+wjsBNP4Vq6h6g3mT5FGXGmCHscNx6EZWy2CKPAAXHjukGS -f8wCs7LPnd/1jS4DIXo3qjZ1kAnpqh+nC3J2hRfGrgjf4AoqDmdmUnRVx6vNOiEQ -AhU1V05Utq7I4x8EQmpaR/x5ELehYXtpKUTQWoee9dvV9Ys2tae9qnYJpX5iWJ1D -SjVJqL+a1GRGAzCiJnLFOAT+iPEByHQsqRqvjp9XBfQFtyk613lyBEQDWQznaSD9 -e0WPQpyGYpY/D7CmFKOrcjuRbpdW5f+Tnpu0p8y4uLeRuoXtrVL6FdYUlEEJQUHu -RWFVy1Dg2Ft7wdKTtDjArV/93S6KYcU+lY8jzNQz3OgdVLImlgky92aWhTFehgVC -ou9gs2wLWv9vAiFu0fb/y94Eupw/+fxwVEfvInIpX3I --> piv-p256 zqq/iw A5tJ9Z0fDXK9jW6xG7jGLvH17N5hqoOBoo/MCX8pszjz -XsbaaIOnMEbkvAgb3nDcVUiLCiG7atahzLwSyavzWvw --> piv-p256 vRzPNw A9TeFYNYmlp9zJ2jGPRYjLdlhz0VPOJuhhzjJb44Plox -XHsPQCEP6VuoLCCZZRyDzcH2cMzQj2qAH+xZxL0y5DU --> eN-grease OZ NzlxU -uRyMfsTMRnC1otTrruqhhelq+6ivP7PCF0t6VcDhPuA4qGsXsfxxILgJhI3eRWCT -AeQ8efeEWMPCBVI ---- 1EhV0FID63UugANohR2Zn8Iq1XaEEbgQ38B9vmKONNc -Hz,zj.\4au+V%ٴ@z]J[fX -c >fNJV piv-p256 zqq/iw AqcF/BWtdsliavHR9BQvhvp4fDt+PNtL3Z42Ey/Q7BsG +jAZJPrf8fT7vWG43uTjUCStQO5BdCu9qWM5RcoBiDGA +-> piv-p256 vRzPNw AoK+Ey7lxHQuFDuv0QVvuCQ0SJOT/PaAW8VK6e2zHDg0 +k4fachnuQvB7US1l463OevoiHGEpijp12XgZLOOzDbo +-> uzP2\R0P-grease +BKMYkkT/SqLY2jnMb2pPUtLLH+rKKfTRA8Ci6KM42Z0nQY/fwgudSvxNHFEBagjY +VnZVvYeKOuyw+jofGhWqQJt/Bx/6i84SrA +--- zZIJs/tZNBvXHUHkUGNC6XHq+5Wqb9y12cf2Iob2oBE +tf=ϐ:$ВAa+ 4Dvn\w6W Gr6rZ{X-G-$6 \ No newline at end of file diff --git a/secrets/firefly-db-secrets.env.age b/secrets/firefly-db-secrets.env.age index c9cc65f..c7ff9e9 100644 --- a/secrets/firefly-db-secrets.env.age +++ b/secrets/firefly-db-secrets.env.age @@ -1,24 +1,24 @@ age-encryption.org/v1 --> ssh-ed25519 8bHz7g EOBiyT+XbUTNXlTVZEKSqjTu596M3s0ThhnW5QhaLg8 -TCqqC4xam2BLFtBx7CZ/Wv/LmW24IQ+oB3DosLHHQAM +-> ssh-ed25519 8bHz7g 7fscDY4cD3eU+uV5ydog2IgaDXXEOO/J4jSEo3smrlU +51LfcGo3091EYv6MLqzN4+SmfEAaCG2AqxQygr5m820 -> ssh-rsa kFDS0A -KpDm5RpJtUAXEacIu6wWPg9ZNzSoi8L8rmzKAkKP2r5kQRe8qV0QjwAlM6yBKf/W -od9Cmx33+ZwmXWJ+IMxZFRGhhGQWm8yjegs6oU47UqHrS4D9WCN4Eb1ZLM+VNz5a -/9ZNPjJijde2XQH7GzduTgoPrzQhP32Z4z3PhB00+ij1CN0riF+WRR0+pS7WIK4J -ay8uVqpn78NPUR0WApDDscVIBWZ3Dy2T/IOklqdRMbdprR6WSvfGVqMmb0KT8J5v -lo3Zlb0Nqi4Af06c79/wdssJaEHvPnGXTSW5tKiL77pAz1HXl6GRIKTSiHXaEEZZ -W6YSQ6tG8VRhDjiKD2GIB/dsYfRZAsge595kfZmHvAL9OplUD4FBUhCNah5MtxbV -0/BTUN3N0+tVG31/ssdBi+BtMtcuEu9fb4uMjjrezNdObQXJg3PSVaJkwQ4HsjNT -pZ+Q2alqBFmSIJf+IcNpIgdFoQMCac113BGzhQCEebFEkuem5Fw0whoKP5770R+n -Z8uh8UunwGLNoE7XgP+XWpWh/64H+GKDEBVtP9ZXmtl5dW729n9oSLSb2B1pD+jj -isVhM7RjVoWicAdH9B0fH3T5nq8OJFiTMl8azyvL9mDjsmBjmeDydOc2FMupQ9xS -I7pJDRIWejRUQ++oxIXmlEJ2odN2uHAhXCT8dRw+fqg --> piv-p256 zqq/iw Az25/im2z0pUUiTYx+M3Npk/2oY9UbusYXYeAoSRGNns -+0B+TIdz4kRvWbjlqtOiJ5bj93IiSk3kIp6p54/j94E --> piv-p256 vRzPNw AzoyfEC8b0XZPuOzkpJGtPpdszPxDk750zBED5QBdYj5 -gMMyz/uTTsfOGztsxoOy71wRUx2q8Edn4drR/DMvWFg --> (l-grease ->N%-5VO A HK |w.l0A%Q -QHowYsjCHy+UrjwQqcSKAFh3+PwRK6EykQSmPvuPlWMC2fp/d0UL3ONXvm3/tek ---- +GX80CPQhAQVnpRKBXbEGDYWkXSIhLouyBMlYzg0BYg -*wafք-o"Y_\N}*^)X] XGi- XZ> -y8'}eG{ټOf-|OP '/gMݩEOxHyOW~m+ܿ \ No newline at end of file +f7h6EH4h4JeCrtHWUZwu1QcYMURD/O4yvS1ZwUmoQSZBhDmwnR/OzOOQVB79plGG +M0JaQohWhVldmPg3KX6Aq4uDqgSWsYeO9Q8BYaLBZpiw83qgQAhkqv85xcSSTGuQ +eZMkr2aOvEMf8pOpmzPLvMiFI+Z5LwrvMuMmptGmUY9sJ/kp9ngjblJxtGk32p3S +RuKGBY6iC+swpK2+BQy7vpjGnRXcUSuvVd/Nh72Vncamlm7BKXdYbop6UM1JYjQy +bag6Ud2mEZFcmR+E0CTGWTD0S1rmce/VM/Lab4DSWXQrs6aB2UybOeCUF3eVaPE/ +C8UCeNKSOF+sRiiGz/vS68JS9DL5buhhnYjsjGLLt0hJ1KN/YT5MyVZN/bbGqZz2 +mC2Yd2TCF61v+7Zr763l2hSLztTPorGDiZV1a4WAujRP2uRWxbVz3io86NQNXc3d +0ExybZ4nBEWJKd2yWTdxzUVVgVXZecwfWIXAOQML2TCJAz0cHzzaZjdfW6ACYr0X +DtPN9BBFkrxboCENWjRcy3lniaIi8ef5e7ZmstbvjQxlMjBBZzE0dlrINjfzgQrz +tGLGbzfmvTyssIs4+hu+ldpxF1xdM10VGP0NHk7P9PwjVJDtauPgfWL5SvnvEePP +MTe9J74IS5ZKUpkbYc82pZ9N8ZuzMYmz0v5T0r+bj3U +-> piv-p256 zqq/iw AgJRcywG0jtOF/Jy9TVEFkXQjYny8NtVpl7SZK/QmqGs +ASFjv9Uda5pR7C6GLpVxTWATcdvTHX7+nD2KPx+5Gr0 +-> piv-p256 vRzPNw AloLZJP8lW8iWp9USg9+UQqjyZbvOlrkPyXzk/xVFkyl +V75Xdr62EO3pUUsh6WEJyKEXUfaUfd+igr5qLmhSzKs +-> Qrs?o-grease +PFTlH6gTXESwADsl6c7YM+Ut9AbgJRMS1SDwSn1kFN/NTNNoDtnqzLS5fi3bCxDe +w/D3t6AQws0u2g +--- 6A9h83fQQ9fT+2q2N30OIwJkTMBTK8UzFSyWVjGKXpA +#PR-խPEsdV跏Bۘ0AD0/L;QݰN[*(7vzT RZB$dug^ʨ5Gcu ~BFq*\uUM)g=GRm/ \ No newline at end of file diff --git a/secrets/firefly-importer-secrets.env.age b/secrets/firefly-importer-secrets.env.age index cb732fc..e6e140c 100644 Binary files a/secrets/firefly-importer-secrets.env.age and b/secrets/firefly-importer-secrets.env.age differ diff --git a/secrets/firefly-secrets.env.age b/secrets/firefly-secrets.env.age index 01dc1b4..69f7bac 100644 Binary files a/secrets/firefly-secrets.env.age and b/secrets/firefly-secrets.env.age differ diff --git a/secrets/hosting-de-acme-secrets.age b/secrets/hosting-de-acme-secrets.age index c84ad36..eda2deb 100644 Binary files a/secrets/hosting-de-acme-secrets.age and b/secrets/hosting-de-acme-secrets.age differ diff --git a/secrets/hosting-de-invoice-sync-api-key.age b/secrets/hosting-de-invoice-sync-api-key.age index 0094e51..caf6ccb 100644 --- a/secrets/hosting-de-invoice-sync-api-key.age +++ b/secrets/hosting-de-invoice-sync-api-key.age @@ -1,24 +1,24 @@ age-encryption.org/v1 --> ssh-ed25519 8bHz7g zFQGBUd6WAdzaEzBavUWqm4U4ndIvzP00ntU1mhjSnw -xJjfZz0wwqY3k1oqDwH9VxsM6/N61H/YV43JJZokfUY +-> ssh-ed25519 8bHz7g 8rdlpuz3TCunjDVAO/PoymA89EQIrruHpR6JN5sIkkI +xXN0koSPwM3pCKpH2qDRImvYq7q7azfNy7ppq2rRIFU -> ssh-rsa kFDS0A -anu8DuRW7aev+nKgxZOchK5SVJO1/azxBITmEyy6IGHi78/DhaNEX1FdZoWTI4Sx -dnND3DsCLdDiLgAUXWaQrbm+ZiTW4pip1pLFlEWDjddVtek2hLHYwUDd1g11bSm1 -a4Uk9Up54eZZF0j1y1/g4pwa2H/eQuQObE3uGR9RvFaIGmEftiH4aJN4jplPnXoW -YuNNYRkdG2B9fHVnmHmKZetfqx4wcXMGM2BQCw93sCUYIiMl+ggzq6WiP5lNXrvl -zVd3myPsMEWMWNX72OGmpaCtz2A2jWvO3MJlY+QjhaDzzvxN6/p6wxjGmsoymWIm -r1ZdzDjZHU8e/WLrfoHXosKr0FYtRTFU69OjmShfkpK8eHFc433g9IsV2CNWLsMR -oL9zkAvIH+cmkfzchKN2rgv8RgurDRXAOaX1tx5w/gZIrxfweXNHbUpeGej34e4A -RDPxDgccfl0i6o2xKd6FnTV6RzEgnjhsQViq5B1/yRlHeHuFlXV4XRqEplduhepb -DYY9+rxZM8uMxNTW5a9IcybWZJkocbmCUbkzOoTHpj0wtwlyKrqhtv3g+oAruPlO -yKkq5RERT+i8TRDSJubiueBp8LdG0ffd1vUaXvLh2IXVyceHIul0K+dLxwZnqiIp -+7jBIFjTRgQOiQdCCBkTvWrv3VrWRncElmAdvCKUAkY --> piv-p256 zqq/iw AvONKaUIttkKS3u09BV7Pzhu4D8l2eD4Jeh+ebH07/BG -97r1usenqTgi1QFQQ0DK1hhaTRgXXdSh9yPY6k3vg9A --> piv-p256 vRzPNw A9jD43mHz8IhAx2T/LbUX5aDD0mD7qXyIsq+4qnJAYHp -WHB14YVrqK9kULLkLaixTW5CuXV/F2PB+L6BlyLrBy4 --> E/-grease OT -t5kB0LrtZWT1Wo75cYHgJhQHRgcZ1JOzahc6un1gP1/hmetCoOsCYKKtVszKr278 -dHFM1jMjn7EQH4kMUNXUOhcLrEy94A ---- MA00Lr6/JrZT09+RKzchJ57pvr8rg2y7wbQ6ZJu39Yg -I`M,g-a:&ʍH|Z'U&Miܒq䢼)Zx7yt=Nh>_bPwȬ[Z- \ No newline at end of file +I/iVl03DlSfPxRfmndXCM4VD6NGfmoRsHIFtRQSfB58FrMsadgRc1h+pqKIaKNcE +c5TYcFOY6k4qOjTHLksTrs9kCP8TOVv/nlEQIeArb8qNnHJzNQ788iIqlM7Mbgkh +xwHo3doAuckNOK0IZms+F/RrD3DWAOfagwxLUdmuwda6NqMHLZN9lvlkKadO7Aaj +jO4WhNBF+t1bhEl9xogntgPND3TTWEN/RhlTCQF4PZteUhjjdIcxuELWuT4BDKEb +XACpHsPJYMi/9IAOGTGqTkeIs7m4w8hFtbOLl84DY4ec03P3VGmPNBzpU1A9E0Sd +czJgPMGFIGv76UqvFTXy87Nfkc/QNJ7gtOzmAuu5674kmVisMl67L/jk5pqVRgO+ +UyOf+A56Dt+224q+mgXOeMW/NdUDiVuyO/MC2Yai5H/w+sSF7pciMrJ0a9GFj+OK +d5+qxsLOr3SdskIA6aOiFp2JhvvWDgZ4UIvCioCG7y1GqVpnv7K/7Tjn9y4d8LSZ +nhpQL2wOTJ6sOQAQ5oc5lo3nqCv/QF1XwzoGo+L1UVR5WlsM9mJNoD+yN/6gD0pe +3B45iwM0MpXy5N2qiT1Vhy39+Khh5vp40tPQDIqFuGvLAzRRrKjl7gp6QnegDdqX +XiaKLe6uEkgyU80lXv7qDrp6Js0wGWde3x9ll07rqLk +-> piv-p256 zqq/iw A3ojWGL4IKZCMVPeVXZKeWNDLaZUoVBGqubPRvVKjaJb +PjLiZ6QBcaQlxeAcUqTvlUQ0yEbAp+1/0qlUxewVKDM +-> piv-p256 vRzPNw AnH19MCu/ep73iwnA+T36tZWRNCcVoT4P59KQAKqj89L +ztwGjBpEKOahU7XeP543/WdNzBAo2Lr+XU9QNtDf4zc +-> Z$#a<-grease /+|s (q^%1!;i +uAMcvqH7cObeEscVhea8W+PC4zYrAzOHZW+HHZjWbfhhUo6ydGAnV4JG9x9UEnll +eHTMATaRlI6G1vjxYtA +--- pwCLEHC9XL4kYGqgDiqio8iIKKVLbCdcUrXPAwwZeE0 +g sSʍLZvP.g^AXͲ%+.VAD\tΊK-Mئaj/AZbtbDvo*^ \ No newline at end of file diff --git a/secrets/id_ed25519_sk-464.age b/secrets/id_ed25519_sk-464.age index b0536e0..2d52af5 100644 Binary files a/secrets/id_ed25519_sk-464.age and b/secrets/id_ed25519_sk-464.age differ diff --git a/secrets/id_ed25519_sk-485.age b/secrets/id_ed25519_sk-485.age index 1a26e3e..c779896 100644 Binary files a/secrets/id_ed25519_sk-485.age and b/secrets/id_ed25519_sk-485.age differ diff --git a/secrets/invoiceplane-db-password.age b/secrets/invoiceplane-db-password.age index 6d533bd..d94ce10 100644 --- a/secrets/invoiceplane-db-password.age +++ b/secrets/invoiceplane-db-password.age @@ -1,23 +1,23 @@ age-encryption.org/v1 --> ssh-ed25519 8bHz7g TCA9KQFzsUWdpQJxdBdkUPMvikhRxDI5YQKw/eiXQyo -yJurY58hHJJgkn1wbMzi+oEioC/x7ef2F/87BYWwSk0 +-> ssh-ed25519 8bHz7g 5XO7I95Ar7qL5JzjmfSjDMEB3IIph7CKWJP67u0dg30 +jq9A/szOCQbBk+cUUZv2OCkZZq8UMy7fu+BCQPbYF8Q -> ssh-rsa kFDS0A -WHCED5d5DDUuLZ2+YjuAhVDLUmr4Ap/hmhVpkHeXtgISmtwL/fd7oE3PbY9YOnFT -RXz8bP+WMNYIR02rGdMc0EoiKVrTnsw/4cgMR8e03+yd2arJ2ee0MUefhzVL6lD6 -ZGigT/yU0F5/F/tOfpr9ZZw+JB4ZC632MtAOtiZsuZojQe4NbFL7kO/ROkY8UELk -P3s5VtKw1H1SzYYfzOqza98ViLFqxVjkqjXWcFLBMg6cWHHbsGr57vkVchz39NyV -1EMs4/5NKmYaL8OxNpu6ijv6kOmXMRdBJ5sNsJvG1SLN6UT93Ng1TH+c7kih9g/G -BMaKLMUmMDjPoqDAKXlWZiTsbmKzpIy3xINeLSUcnCWs4cQVwoJuqQXqYr1fo8w3 -3qzKz5bDqy4S7rzg1Rys7fs58dLv4/gfdhDuygKMuknHwIPwNxG1hN7gRYfJ1cl9 -/+NyKDk1yJY2WzDZJbtq2kmd0CI75oTqC0mSXoq19hgwG7muzYYfy07lhX04aJQ7 -G8J14WzU8cthqPHHTveEuZ49xbYoowhrhQ7dj5c2Mn1UozT0iLs4IBOShdvwJTQX -xgtxUYRSJ36m3J1iejcUAEJhICPrdLDeTYrCmltDL5tFKCNsr6unWiinbEI7OYAo -fGM8IIb3Tb7H/d0uIHR6Mi5Rov7FnJdKa9P80XK8vxo --> piv-p256 zqq/iw Av0NW0dKHLamCwcJ6PFYEmGgMtOPRkfDfNIK5J0IVFgp -bNTjApEFndNw0fv5TfgRE7oo8SbnTb219h/RPwtxfiU --> piv-p256 vRzPNw A7Wdd008zYOl4VkCkIwkwoZm5cCRpfuL+7GkR4NW/7rb -vRlPIsznRuO/HDFDIYsdy/rCHPlX8Nq3I8Ow5wC2L5w --> X`EMA XzV^kYZfJ$#! \ No newline at end of file +GIK2g7tPYcFOTbz5TgXAKXutVQb1namPGw2pfzf8jabsgRlQbWXR9xo3TgySlOZC +bpbcNs9LOkyG9su7R0Q3VB/AZYsp0mixfh0aAcFBVjh9NRA989vdqaMzY5e3K0Rv +9opc/YYdwSagHfC94BbwP6T+MA+3ukpm8tTXRudxZGzjRa7a1FWsBjHipqfUqGPT +QoZRcaVW0lBdNA+H0rcwcYP+vGoHYO58fkxIs5tj4//uxasyYFRN6k1BsePh6U2u +MiEaotlCoUKTjJMIh6aBArsFzv/s+5i8VQhL2YXzqCCk0hg1EyH1B3iHEdEwSskz +xNQPq6sgDEaAk4K/qSFKLseen8DWFz2AL/4jhEL8YZLtbIt5nwg0PXley8M0hjV0 +PitQEfJuhyd9HtF0WdXY+DjnukeXDrBqfPZcRLZPvazxSqo4xnBh3t/39GFh8Rrw +qj5sJ+shK7SnsbmDG4bNNrYDh22RfxDClInn89G7NRfVeYlqyswVh3cpNhHLTsGi +ucWorz5NFQ9QrY0FnlwQjsW2HptjhP2ZZtCP1AJi8FQVg61W+MC+XumaFLhEa40c +6Hn03r4cBGS90N7MTtdqcyoVIeggEdufI9vtDY/lrfhy7/e3I2F+XfuzmR3vORqs +qEmiHDzH/SAD/6aSOxtXqTKu1m+LfG4c55WhlInM9HU +-> piv-p256 zqq/iw Akln6P4WFprrCdthyn9HDY1GB9AA4eyBoE33TvAbgE0X +IVENAfkcJCeJo9+Wgt/5kZD0y5bwQsefxN9MyejCbZs +-> piv-p256 vRzPNw A7GkomUc1J3NsSxiS/HcyCwoIxU5rr9yqAGGFWHP1+yc +bXnxRzxyPfa3LWq0uSJONl7NXKR5wo3/xkib9w2K2oc +-> zQ/~=RXm-grease {kc Z +xgcrCpjjb1n9hFM +--- dEfgvftiM5d+B47Lyg+Mgqp6mt+XvBWFP3dIy3p7Nfs +)4fs[J?IDI ̢qS7-UeSm4zS \ No newline at end of file diff --git a/secrets/invoiceplane-db-secrets.env.age b/secrets/invoiceplane-db-secrets.env.age index 0cd4259..290ec37 100644 Binary files a/secrets/invoiceplane-db-secrets.env.age and b/secrets/invoiceplane-db-secrets.env.age differ diff --git a/secrets/mail@b12f.io-password.age b/secrets/mail@b12f.io-password.age index 2335c22..2d44de1 100644 --- a/secrets/mail@b12f.io-password.age +++ b/secrets/mail@b12f.io-password.age @@ -1,24 +1,26 @@ age-encryption.org/v1 --> ssh-ed25519 n71/yQ EyjzTXELrxtUfSmmQhwUZiD0YNxYIYTOMqAyvVbtfA8 -Y5LHi7e8Y74VekBdwiOCrHMhcweNYjEcTNQqgWnqSbE +-> ssh-ed25519 8bHz7g mhrNQ6X4FHzNvLWypw3zx0ckYU0t8cBkjl07y8zhSGE +EZGdtwFYi3+LEZgv/JcV2K4qdypFq15Gguxfs18lWTA +-> ssh-ed25519 n71/yQ bZ1/2BHLKcNhD8EkkojunsFOkag4cTfE0L8maeLxyRk +kctlXpT7nWdlcDlBaHiEyZ8AA9hlMbtAhjYHYrFtSjk -> ssh-rsa kFDS0A -CQal9M6tSnQCNps4ZBr2F/rYE8fP9EYZJiJ7Vto5EvaEgHEIUOc6T7mYfGnqedHW -a1pbwIRGEPS/Q/EIEZ5ozQy9/mcWrCpOqthty6jcsh6E6mScnUkq4p4xd2clrrK+ -fddLORVeMUaRhm6XBDsXwZHebto5MG3BXbGKMBpMGQhng6EtTRILFRsFKpp3xWRi -fVuJFThjwOV4rukaSUdL/vBsIOOlANUSsxM3s6lzwho+kvjHukQI23IKMiotO7Sr -s9WBOypT+jf8IOwccPcfZI2lYHVZFlqCYvskxCQTpiVNasSgSyCJmHP95UtR3hxS -Z6RM/4HxJ0bdQ8mqFNIxsGcrIkQoIyVT9gP4vhl0YpAWXXzxbdV1zqBpSxPWsFH3 -iLfvFGA2iWgLUzedUXMtZhjeeK0TxjG6edsYFSYW+mwzeYCJYCHH2MYjharM/7Js -rD5MqvMfF/bVYXYgVvcAWYcLWQ3dr6JgCrVIZ75uBDfhWAy1/cP8QD6U1jZvZn2d -qr6YgUj4mxIgVYNWsEuT0+2z4m+lHw+AoYjfxk7a7Zh5RP0zfvJF/BbUd2wxJoIu -/e/2LMo11GtLniZZTGEPeZX/ZT4GVhCpsziIHkLDsUY4ouT2KIwPaJeaFIcEMrHN -RhKBpP/M4e2or7qYCd03+82zVyaLEEbdgEAME9Yk3+s --> piv-p256 zqq/iw Ax5JLfx5M3ql8P6HsagnQpNobpuJKQzd8Cv1sQb4RpJ/ -ADhF/v8/sa224OTQw+huQjxVPnE0Xhg7eZmacx8RBlg --> piv-p256 vRzPNw AvRzTmKw7Vd4QNnyeE6EDNRzcD/foqg3Z0KUnLd8pYW8 -fcFUmbUPBveQhDKLzSxeub2Tlmn+qoRfLEOrkJBEcUI --> HxJ1F}Yi-grease ?sS?y7_^ MO -1hmMavlruAyT7Bcoj01ic18WLFDczHdw0cWgXxVz38+/5cHh7dDwuR1qS2kADHzC -HfMAwvYn5RJWY0PTUoqTQArsO+lCeb4/ ---- W31vgvWmpOGbpFdGyboh5mQ3VffIGx/FUQ1uYR61U+4 -o) &âY$Ī@IQCD6ot%6{0D8q/ oO-n֮y{NѬ(uiɿWP, \ No newline at end of file +lgRrxLpW80twjIgj8dYi8WiaZeDW9nbOK1PwIFn830H6K3uD3v/1+UlrOmuOLakV +ANRB2VNJlzXgWeg4+VKLc79qYmX/9LhS46QLrzENx3KKKyXyBqf9F7XCbHu0J+95 +Wt+XA/+OTy288AmFgO8Qa80WNZce712Mr93pIyfczisyGf8IiMCpR2ul+4HDwty9 +c7Q+rfKZixaIJ0ybRc+vepV+qovjgXaPU1nFtb/tcCWmxA0MO/zrltYmor9GeD5H +seld4mYDdJ+HmrQMkIAodA/WRrm0woKXk/RP56OOhp/L/wvGJy5hKb20ki1+u5l6 +MIbcPNuwp9rMs2G6Yjv/Vt+pGpChxoU7kB8TnK9iJkn4RT/gGi9A6/xocC+U4/OJ +Qu6zWs7M7KNtn4m29ZrAgjeNVXMOiKvP89+B0jtY/DR0lBu1fqhE9RjNQ5Ns8CBD +wsoAO0wsi1n0QB/EHYabph6itc+jk2dA0DDqj2H9DClq6YPLRjcJfWgaXPpOtJK1 +5+rOwZHJ/MFXDGXJW7D+ewNIbuM+vNO6GIxYLpEcoyigJ9rREi36yIMo/qASdkWV +KVJ/nMHxf8Tu+BrgtMXZ2YPV9+2Acmdh7kNaHmWSh7qJKHUJA8TyRe3jZpAC5m4v +bDUCcIYTvhdfGMSgkxhyLCrPc52isfEG4YbEHsx4XkA +-> piv-p256 zqq/iw A3VtBWDegSqGY/LyA/C2GEzxd3+NE5MBaFyuJzQGuQwy +KtUPPP2PZ5ZaTYq2XPNR2q2JOlxWCdoZ4VXEeETEFME +-> piv-p256 vRzPNw A2LMV/ZownRHylZjThU4XjrXi/FTbO5EIpcxLiE9/5or +hNa4N9vuMsEI6yCtmT1qYw/ilurNivDqjf2X+Irzo4g +-> c/-grease ##C EpP`;[_k E=V56~SX +oyCtZqWQ +--- E1vLmVyXPABdiO+H22tpBRP2x/tdM3Fj0rzRLrrYTaA +N7"W0LJD'J/50WC mdv(#QN)@U +VR/#tbL<ܚ ۝T \ No newline at end of file diff --git a/secrets/rclone-pie.conf.age b/secrets/rclone-pie.conf.age index 649c1c5..62cf248 100644 --- a/secrets/rclone-pie.conf.age +++ b/secrets/rclone-pie.conf.age @@ -1,23 +1,23 @@ age-encryption.org/v1 --> ssh-ed25519 8bHz7g MmZ7fmLyYJ80ByhsPMjCsFnfYrYzkI/8P2IDTtydFXs -HAfkn5/Za61+fJG1c9babFbnXN6QsnUtbjC4Ctf72qQ +-> ssh-ed25519 8bHz7g 5tX4I9C2sqQ585//XBKPe/5wUGXS0II+VJpgmFD5JzE +TFYb+9V1S70PI8zy6+TbeCE6Z5TxBtvRx/0s0cHNpmc -> ssh-rsa kFDS0A -WgGNwmUZgFtD3qEGX/HkZMvHifYV6Q9cgMYQ3H8OMdc9e5Mil7gcnhimygdoYzIS -zmWoS/GgwiNlvJmTEd/5KhqdrJ7blG8YoU1LKECwnsV/8EhJN6g7qKFgrDuwtlJS -Yu0UktISAyV1CMc/BhiBPe7qcd45CKi0++HDFTUzGpD30ljWHtsjmjc7UJQZ86q+ -WsHG9+v7YELUm7dWuH2XMgzg0OCNw/zgbJzQfat6D1RC6jY9QC3xjYqjHJmkEK// -nEOA0z2bAo3fEQc/ud3ZCVZ0mF5k+nVW8iKNGftUwzSoM3nQND7+Yn8t8tQVGCA7 -dYXlcTZjPToL6+K1V21fidsvMD4FKbM7eALMS23OF9rmG3Dk8hsmL87Ki+13x1Eg -3yVXWMKxZNyNwWpsYREf3v8C/RBcfr9n8NUrwl0+8xbOHY5Bm3r1Jqi2mvlTVeyY -PCJR/eh8VLkYN6Hhn0R+F1/sS0o80xL/OfyjB0tS9wxApyScdyr2PIaAlrymChUj -APrsfd563/W19md86Nag8mdEQ4g2sICK7gO54anJUUpNIj36eEHJaN3SpJ1DX1nI -VG/plVWBYqAR1+vr29OsiME0Zoxda8Pgp3AFVhUNU9UF7ZdOmr4SzMwctATUI2AI -UqbDV+hnoIxvcVYGre1kCy5ASPa25FCLSKnzs0l3tMU --> piv-p256 zqq/iw A0JYniZBQfPoL03FGWLSmErb/kPFlqGpJwleWTrACS65 -4MRrwXl9OsGqboRBbLguoJWEpxJVKThGYhHquCZ/rnI --> piv-p256 vRzPNw AlgfAIkQxA/THKii8h9NLcy1vBhadoQWiVpXXcQEgUDA -wteqtb2terIAUAeAx/7f8j7mNP2fYA5DnR0rQclm+3Y --> z)1b)U".-grease -9w ---- OBHthG1RpP739pjH0sr7z182fmOUhgmHv1c/ZBL2AW0 -;lLO>SS\X piv-p256 zqq/iw Ar8w2iXTqd8Cp9MrNSBcx8F5R/i/LLO3+tbxcEeAaxQj +K0fpNGKdieq5PdsUxkVbWvv4re0tbfJAvA5BLv3NXng +-> piv-p256 vRzPNw A2cvMzMyWqr3x90irJ2UbvUhubHrSrWxOv2ufZxq7Uss +RaBcEhSGlI72W9qkM4d73tLW36I85ezA8qaMuZ4gKeU +-> )*,2-grease EO DnL9;7 3 \ No newline at end of file diff --git a/secrets/restic-password.age b/secrets/restic-password.age index 44c6fb1..93d12da 100644 Binary files a/secrets/restic-password.age and b/secrets/restic-password.age differ diff --git a/secrets/secrets.nix b/secrets/secrets.nix index c604113..be335d9 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -73,8 +73,6 @@ in { "authelia-storage-encryption-key.age".publicKeys = pieKeys ++ baseKeys; "authelia-session-secret.age".publicKeys = pieKeys ++ baseKeys; - "authelia-oidc-issuer-private-key.age".publicKeys = pieKeys ++ baseKeys; - "authelia-oidc-hmac-secret.age".publicKeys = pieKeys ++ baseKeys; "authelia-jwt-secret.age".publicKeys = pieKeys ++ baseKeys; "authelia-users-file.age".publicKeys = pieKeys ++ baseKeys; @@ -96,7 +94,7 @@ in { "invoiceplane-db-password.age".publicKeys = pieKeys ++ baseKeys; "invoiceplane-db-secrets.env.age".publicKeys = pieKeys ++ baseKeys; - "mail@b12f.io-password.age".publicKeys = frikandelKeys ++ baseKeys; + "mail@b12f.io-password.age".publicKeys = pieKeys ++ frikandelKeys ++ baseKeys; "b12f.io-dkim-private-rsa.age".publicKeys = frikandelKeys ++ baseKeys; diff --git a/secrets/u2f_keys.age b/secrets/u2f_keys.age index 51d6a2e..5d2e213 100644 Binary files a/secrets/u2f_keys.age and b/secrets/u2f_keys.age differ diff --git a/secrets/unbound_control.key.age b/secrets/unbound_control.key.age index 7f78ef1..cca9e60 100644 Binary files a/secrets/unbound_control.key.age and b/secrets/unbound_control.key.age differ diff --git a/secrets/unbound_control.pem.age b/secrets/unbound_control.pem.age index 7c17c28..12d7b95 100644 Binary files a/secrets/unbound_control.pem.age and b/secrets/unbound_control.pem.age differ diff --git a/secrets/unbound_server.key.age b/secrets/unbound_server.key.age index 20af75d..2da2097 100644 Binary files a/secrets/unbound_server.key.age and b/secrets/unbound_server.key.age differ diff --git a/secrets/unbound_server.pem.age b/secrets/unbound_server.pem.age index deddda2..3bc5fb6 100644 Binary files a/secrets/unbound_server.pem.age and b/secrets/unbound_server.pem.age differ diff --git a/secrets/wg-private-biolimo.age b/secrets/wg-private-biolimo.age index 33bd357..0b4ff2b 100644 --- a/secrets/wg-private-biolimo.age +++ b/secrets/wg-private-biolimo.age @@ -1,23 +1,23 @@ age-encryption.org/v1 --> ssh-ed25519 TnSWKQ MvgMl+dFyEfv2YIu6KUXqcCqOHCoRHCzj0xuBBUFIDI -HMe1r4Moc3oMZX7J6fF8SgQUZyT5w7Wref5GZDfJ0YM +-> ssh-ed25519 TnSWKQ ZZCY6VFZ7F/e7Xv3ogmlHuzQW4jP2hsE8ABjj7kwE0w +SxtLCTTNj2MZK6zN84W+5QJIUWBv4/seo+9Egh/p9DY -> ssh-rsa kFDS0A -lISWipj8WIOebuiGowBInUllFi4As3ORTmhWPFOSkPT0Esntfy3Le3L99XLt8opc -II6uaXsyIPEPPJC/GQbWaMo9iShOzQj8u7vMiiR5IJ7Lo0KytFtCoOf+lr/EglUf -IrfcME6ikzROdq574vF1pwqSwi0M6LbuITtmn1yDfP0IFoEMT2qAz9jg8DavrytS -KKmsPFno0G+YNYKZ5w4khQGyS99YuCPPUw/phsbedAwuJZE6gyCp+TZhfbb85sac -vxr3NTz/2/qaq9tsp/pzLmomRiBo9sllEh+aiA05V7b7Tk3yy1Vxhg0nJzvXI4Ra -1iE0CWuFBWxbZoDuQm6IIUYjUltJWKZwcyBh03qlHter6FnqaCKLkGivcGqzQnTU -hBk1uxig8sCm2cka2iSsHOahNNAEQ8/3I7zGe+FD6EDAHtid0mf6PuVsd7AZDFao -jiaSBPg2Z1Ua3g4vQJ/qDexzdqcSlPFuKFsxBDr7pbvdPadFdoaqA8B73/yAwei6 -WQlC1uX4k43xY5jfUxQdy68mOZlXfdVpVZm3057n1zuETU8wzs6D6qviG6iYO49o -yYVEEu65qf9I4j5XJW7DZpAOqxQiFQoDJF/BIx5RUPRPiGDxa4cbWbNqeynMmay/ -aPW6mDSlC88prxVmQCM+e9Gz1cX4q2pCGQifhySRpWw --> piv-p256 zqq/iw Aq5EJVFwPV2JDR6a6ccMAKIqK1cUrqkW/hzyYlfm+3aw -cBbqGAMZAMmMQDupnpWjMP3wdRlHJYuYVB27KQRS/AM --> piv-p256 vRzPNw A/2NuOBEGAfcgz1hpdfczkvzHiEVRhIDf5pgpvmS1cAW -GBhe63VMOE/eJa/noLbdKnNsRx5waCGzyGB5ZnX7xl0 --> X?_ri}-grease sSvM-a H{( -kZ/yGjI ---- Sf8MIIUDfVRIpOezOiiSyeR194CK0wtQfJt8dk+1+YU -O}s&9s (i>_gcw0ԒWQBk\~ǞM羲E@bC }'_2οyf \ No newline at end of file +AkyCC5oL0s+Cab4CLBERbHPc1Yhvpgmt1uErlAGWp0ZRKnksAf6XKlLFw8/6z5oX +QgI9a1WOC3K9X0GvOTuhoh/m5De7kKzV1RFMepVB4SlZVRj0QZUO4fvr0auUAaEl +Cv1DUkpHmLE3ZpIPTxSboMqLsZOgj+Sfas3X/Fc/vTDPCir6iIU8wlYQ8ZNYxUq6 +RDvmbl//nu83J7xsIZCyYCTAJb6VQXk2lNz2UsxE4BRKkaCQbS3g3IHbk6oV1Gwg +zTqiqLY9kgIywA+vIqIkW5El7tCfyy7gN6DZFqu1vTD05M5i7UqHLkpy+rjo9X6D +gjhhmMMwFea9mSGFeF1h9o/IBFmxejM2sue2R6EESRPONhdGauepZQHbYEFVDmJZ +yczaWBiSmsayUHPPv+7Cx+OaCc/xCWyPiQPgSj73sijIw4o4SxOBluPpY+ECpj86 +UCX9xpDApuWjgvo3JIAQlg5MaQ5A6QW/UqqrcpfYWR0pjXnL31R2yQ0hHauO1Kvm +NB1ChPxjhfoDkHi+IHIuSMyfDM18OOAmSKtZRMduy8CpRcp4aSCf+NRzpus9GjZF +2/peROnKg+YO3H+EQ1to/niD5qo8Jj0nKuOME/lOyY47pNuhua3PBOsXERBN/qMP +xJZy9hu3JQdm+erMIycMvD2tdkmrfPdoEIOijylUZcA +-> piv-p256 zqq/iw AoIiwAJbykVEoDfDNxnx3SHgxyTrbVGCbo6kIiHNIO9S +RHyOsqM3z+OE0ZLINcjfioUX6Jjm8qdSHvAnAj8QGAE +-> piv-p256 vRzPNw Ag/8RzRTt3Qsj5CaIGM4GAO0/6acQQaS9ZTKlYLRBAkx +QF2QTPL6k3wpsWV01t0O42uPzyEODOBrExT8VODMrYg +-> R&03"-grease gka3rd@ 0Rt??bj +Jr1XNmLf+agpBDOtsgYrW/doH8/M3oG3Nv8hrngyNAZuoGZyO52HTxwim1Rg +--- q9CQR3Ai0kkidaY5S9jwnmbKY8qjmY9z+CdNvreAGc0 +{KArv\ H:%:{E)}舾!iʧN+5>#AʯA!%j\7r \ No newline at end of file diff --git a/secrets/wg-private-chocolatebar.age b/secrets/wg-private-chocolatebar.age index fdf2961..7d7cba8 100644 Binary files a/secrets/wg-private-chocolatebar.age and b/secrets/wg-private-chocolatebar.age differ diff --git a/secrets/wg-private-droppie.age b/secrets/wg-private-droppie.age index 6e8043b..5d1cd82 100644 Binary files a/secrets/wg-private-droppie.age and b/secrets/wg-private-droppie.age differ diff --git a/secrets/wg-private-frikandel-server.age b/secrets/wg-private-frikandel-server.age index f4694e4..414dc75 100644 --- a/secrets/wg-private-frikandel-server.age +++ b/secrets/wg-private-frikandel-server.age @@ -1,24 +1,24 @@ age-encryption.org/v1 --> ssh-ed25519 n71/yQ GCjoVuL3wJyWCGApQzb4oTmFR4JzTYQz+siq3ez0bwA -QukuwR/ojojKApg93QAy/it1azMikIMUdYQY0O3V0ok +-> ssh-ed25519 n71/yQ 5haGtuX0lE8Y/377A4juZy+6B2EKF29cQv/Vr/YYJRg +SF/Qg5iRR+5eLOa1VA2bDaBeuIpmt8wLxsqGCjlY3hg -> ssh-rsa kFDS0A -Q8i2LTfs9SXNtGjiPJOGtrmmpUf/fDnBDl/UbvS+oy1m6qlsb+DLsaTW0G+4S5E/ -19UsEbcswwLAob76e5Xfik/toF9MmoCiozkbNythX0NOf51JvinNq8IR2QcCxk7n -v3pwGW7TZoNa1H4hqopBaKC8xikXAGfjd/LUmIGoN7mCuSs8Te8GWT8HCmazx2M9 -R0mGZGnvTp4/9L6Bl1tU4+CZzFUfMgBAr66U4zFFjhamVO+FotdGJRzEFpEt17NU -A/rhwBF6bPUHR2WdcQjJy71ruiQFTfUUc+Ws3WvBYV+R5eRVEw7bYZWKRCe/zU+x -A0I3gEC6pSxAuIOgmYnuCMk06tXoy9WtWHyUv5BQyoJGO1BJN88MgZQr0VaRkoFc -n/BZH8rpPtdF3N62kstgqFW8wb9PxTgbX9Tk7vVD9m5oH7n6G7WS7jzcRJmaW5st -RPBIDv9LSjV0bPjkxiJwnKFMRcPxas7XRff1rP9PAPzPMfh7hGtuNBb7F3xnAfi+ -39dcFlopZwO8EJ9KKLfuvfrFeIGXA0BLk6MZQtvaqO3X4wfuKI2lAJXIntEZ232O -0uspNbWclEfYBTtqjNC1Fl/82LMw98pnMc0rZCWMGbdYkbbcTs11YCx9+Rr5fJ1S -7+zgiSpHbqFOPZTSDOyoik9R8xNfxCujuTX5Eytg1+Y --> piv-p256 zqq/iw Ahm7w+8aJI9u7+NBD6b8zyayTLRF7ujkT6b0w+uwXMKb -zJ0hX4caWgn46jP2pKHus8n7TwmbfKrLVPem827z974 --> piv-p256 vRzPNw At03S5XGlmgectJStVi1slliR3NT0NtgrMW/QqyZ2n1r -llyEfJ7s7082OgfltW5VJ5rGWvMdo7IhM2fXjEmBO70 --> ["|3O-grease ZUvxX)_l ]PU+\ 9aKH -7TGRE0yQboWKo4O7pO9mkg/7QiYNmRq48pKZsyn7T2Vyu0AU44hM3YmvUYgleAt1 -d6ODwnaJQIuwfuY5Mpwaeab7Tg ---- ggsgQyrCG+MCWJZerT/9sbV02BwSDn6Hzo3p4ZzFf7Y -#3@VGRqN'W@^qRBc^"x))#__ۀ"p_DU,*]FEhܦn \ No newline at end of file +Gc2/HAQZonZvzQxit8Zc6TubI4gJHo75S4PF/gP2/ILMK9xh6Yf5m2ixjkhFhbKk +eh6VEzoGX5kkPm9SlmRVeAlE5ClSGEG9mqL4wcBtKhUZXXuvhaMoaJOlphZ9Lcgc +HFi/qxyp4WE7v45L8FkmYQzfhypqPC4ef/I2bG3d4EPoR3/ciPD/fdTWnlA5vx/a ++9Whl0RjuKhSpHzl4miA19s/p+gEjn+d6Dqaf1EPgweEswJXAKtHt1tOp6q/pl8g +3T810aUYkbgBopIso+U0HX94VK7gvJfeIyRk64P46IMo8FHJhutxca8pxOWF3bbC +QqhEGSsRk7MPT8iMsGMW5SlA1Xw0pDwKINR8BmUWvz2yf6NzKzoK1B0uAWHadJip +l5MpiTbmMTBc9ghIkIvxFKuufp+5Iue8qCPtg0j/Cq1Owk9BdYXdia9H6mAYtLuA +5w8d4G9vBSmVb5K7F9pJey8lqm4KuRpnDGXBI+HIeDAWHyhq0/isjHDZGeZ3FvWy +2Ea3ZYim0Msf4v0vZCN/T13nGFBOuu+2ExCyV+BrsIkIygbJuiZnCargMaOUpF1v +Ze+fnZJ880l809auvW9h8W8QFgWPojfWgfT32FIl0n2zc71rh1vvGKL0cgMRUbyA +3A9NmNcRMJ0SqRWTyrP6RyIlmzGJqyogysO6JQ80tVU +-> piv-p256 zqq/iw Aux4+LKkxM1KXQKvCDs3QDXV2YtcB3VhGlhZQhzDwhXc +p3bhhl8Qzb/1sl4xN21II2bQZAB7kceycgh/wWWxAkg +-> piv-p256 vRzPNw A3kJ1x2AIhPI8c50iJmRPk0d35xOXjK1h3bgz2cF9fPq +Aoa89fyn0sajhhDEE85p5qsPobNsOQvnszrfig/LZjo +-> I~/\RCb-grease c +YzIE557DLZ8ZoQhpjHyGBFomCTRJ1jEqoVF439fryRfDDKZ4QeyH0dksrtw9dpcr +NAinAHlKafpv +--- C5OQ3a+DqiWJc7455+cMWnZN9pGdVLqW/lgUZT5oKOE +5'7ՀfyWFNJk^!1r7 3_#wN&MyĔ{Kti6flՎ \ No newline at end of file diff --git a/secrets/wg-private-pie.age b/secrets/wg-private-pie.age index 5ab8224..4424dcd 100644 Binary files a/secrets/wg-private-pie.age and b/secrets/wg-private-pie.age differ diff --git a/secrets/wg-private-stroopwafel.age b/secrets/wg-private-stroopwafel.age index ad6bd27..66eb238 100644 --- a/secrets/wg-private-stroopwafel.age +++ b/secrets/wg-private-stroopwafel.age @@ -1,25 +1,25 @@ age-encryption.org/v1 --> ssh-ed25519 b0WFDg 48BhkqoqtL6p2z9C9L26Dah3Ki3lV6+GdH6M/GJHRTA -L9lRDtdNm9Obgl3bdwW7xdqmkHrfE0RpXQ5Aya7Fnf8 +-> ssh-ed25519 b0WFDg i41DRugywwKhguvvzKBwHiy2g8MWhWkv0wifid8hcVo +iVniMGTex3MQFp+lSxxDn/2IMx587tENmXQv2lcH2AM -> ssh-rsa kFDS0A -E0LvaebGY7h/A+KwhFN61rq0Is/X1l3bwilTCdOg8RWw8Amp5fo1OBasRHL8hhOn -LQ9iJii3kS9PK+cMUvg9hJKwPVH7b9J4N0gOVGXt8ggkG3LXwymrjAV7GYkC87Xw -bZ4UfWKK7NXl6jWvHc001EP+sAEvYbLv7MlZZbiugT3lbzYF0HkBIHOKzNDq9Cp/ -wQn3dBj4IOffys60okp2CoMSrz9Ag1wst4NY757lItCY7e4KlM/3Ap+K2cYGyWB3 -reXN1RZr8mh6L2SmQm3oLgvgxQ5H8UviDdMIfCBPMSpPJGEIr4r15aA3o6QpUbOF -UzxcaECCt/HrJMjb7tKjI4NhbF1g0Ac19ri4WSta8ttgertIlmvzOOoaY2UnPo66 -FBTDlVmdeg0XhTZFwzvYrUcnp1SEA9qLx5OrFOGTd+qZlhIqSBQcTQRtEmh4SFjs -2NEfiqzP+8dU/GziVYSL+RCdiZBnwSLeHF8iO/oLCRyZuhB/nFj22Tvt9ynanLcE -nXGO6dIyTBbgTQrYKL3/Gnl1kQZ4MHAdtM6BV9FsMtbc8n4WbvjVzycRV1NYXWHF -zefsHbCIZaQPvT1DhSGrajER5vRfidq9QPPLxPdf5PK2CB5tjWTALNAyO1PXKPGg -1QuaYrVl2qVolYfF9P1P6iCLT58TMIULMXs82TAZ3U0 --> piv-p256 zqq/iw Awl8WkTsqKq7wkHmZIa45/eGBMX40k58Z5finBgWdmRt -uhOLKTrgCSZReNoApKvM+jKP7oMP4N+TMgZNWSeaI+Y --> piv-p256 vRzPNw A91cNaGQBLNZirxPdXFPqiHFIXJzRNEqxsyvmJlQTS/4 -Mn4hCgrtE8s4k3JGNkMJbGS5qt0sPHeMsxueS05QtPE --> =-grease 'Y p1tQHZ F8 'ZDgWD -WkH8xo2vOcIj912KR4aIjHM2R0XE0Q8y40nhhCUf1CKrxsGtzWtDceX3J9PTf5lC -hLXLeE3X3Ufkro6lmSLqTK/LxOi641nQONOuWjOarMmw5BI ---- N4foRnruFO0WBsBDFlRpqzWYR5ZmDfNvJIXj2ceSnns -p$xtV>USM_˙B3c*o⦺eKsGq$o -MړM^c.ѹ)5/~v8 \ No newline at end of file +WcaL8c1+HAU8Fjd0QPdcWvGbAVTUgkxH+++5SHkrGYVOW7tsdaX7e0nVTKuIWa5s +hPPEqz+xg7XwVJtbmqV7CZ1r/gRXshC1epTER9slKiU+o9XdMl7mVOpWzROQbI9M +6ZpSbWUHenmZ4v5RZFswho3EkqwFJJQVAaD/3BQVOY0BYSaC5mhaTpsD5/s/V+1y +/C6sSrJ5STGc1ZQ5rnvUId2qAZCrginNWmh0B9QpW0hJugKL6xOkCdJGiFLvQvFW +vU5IO+GDl/B+bsIPDmzRqs3UUuErs4rXWLasV/9zHXdUpoeFXTKCoLPXlhK3qVQb +25xmedaS+9s9tTd4Lb4bI5kHvnINAZa67u5VL0o0azHLy80pCJeOSLzYaj4E83BW +tQMcPuCG7ViWn1+BEnB+1c5GLBFAV2s+krJz2LaayZa4g6o5PlSmC0wU4r8Nw7oG +9MWay2CPbbfM8eu+JKQ0x1GbZHUmWU0xlRWuaQzc0yYybGVBDaaaosJztQnIOzuH +M+EzzM6PPb6S1dpYIOhnYg8Bpx4TNmJ7NJk0d93SYd+bcYgmFqU/8P23fn2QCwow ++XcGarJiDRbqqs/Yo8rSb31ZY3MknJjaGUJl4YaHqqTszpGBtg93vkTecXHbPpZL +D0nim5SwvwIPLSKQLb99AJrmRlZpS9APxLv2esODO7c +-> piv-p256 zqq/iw Aq7821c9GsIVELFO0/Yi9IT5Bp1prVGZYxZRrVEc5Tri +uA9BhJIwHOJIDH0DuVpz2sY0i2k67puvoC4bApO0uGI +-> piv-p256 vRzPNw AtnEI2530dZZBQMrfTiCWzhwsGrl5JMEX0eqbXnHBQ06 +T16WNIdFO3T3V6HLHFuNdgWDwvtc5Y8CB/LubVg8oTY +-> 5dkO-grease 9.lBvvN 4<)myIo v\)S +Nw8ymlLA2sTovBJdp9P56UguFS/TNjqJBNfJpkLQI190joCiTCLVbWuM5km0ZbJ5 +0W4ATKVgRHVx1dLVjgQW +--- GEJeyoaq6XJ9/HBcAstcHTuhj6JiyB7QAV9IwJqfRCo +Ә8{HVQB?3Apq6 t7o!9S +7C)@ tatc_pjo:aƇse \ No newline at end of file diff --git a/secrets/wg-tunnel-droppie.age b/secrets/wg-tunnel-droppie.age index e518140..04e1d78 100644 --- a/secrets/wg-tunnel-droppie.age +++ b/secrets/wg-tunnel-droppie.age @@ -1,24 +1,23 @@ age-encryption.org/v1 --> ssh-ed25519 LVlqCg /mVa20mT7mKpzTShgWcbtKa+R0iRT0SzG9wKK633olc -81110gKfZafs+MftCX7ZlbO1do6whhMdFMJ9zF67Zso +-> ssh-ed25519 LVlqCg tSCSsthEuH5GG6udigkD6u0/ufY1IKckWO1z4wL1aQk +JUXWHZOw1CWBbs0nnldsuS2CCwNRsECz1qTSc1159Jg -> ssh-rsa kFDS0A -P+oCjv2+AJPzxu8DNAsuwl7ZPLJig/flzCUxrE/pNzSQTwQr9dS/hOy6421sbY2a -22Ve8oEzUtGDO2omzXTy4a2cYywlvy6AjG60JSMpPWVTlCuvvTv1s7TrPcGZ21J0 -gARKRZBD0QtA/gUp3awbABhfDVCgHSDVTeV56Z2aD92i9N8QaYcDZizcIiWrybhC -mI3jOsliYUOj2uzp7h04q3bNJe6IizfbRP0b6jrausJCr9L6BCPvkhvcERRytA3E -zNRH5lVaRKQLDZsTZdXNCHRZ4Hg5fnR8xdkHTsaZTowohmjYkb0AdBp4fRBy2Dmz -w0H833mEXEdPkjl8PM7NT4aYDmJyKT7DKGHep1iEz2czXVaCUFUaMN5S4JgEnOSr -kQH/qkwPA0bEvmiUaxe+zMrYYaHhumh+m28NhlIQWH7HyyiilRvcbRW+dXy4XcYJ -JkVCR0uWfU2/fjJF1fGTibD48BBOnXpbZY1gkma/pWLmIjkRIlxdWPChCxDUelct -jama/Zqv5RYbiiR9z66K1OoNgrn7sJ7q+cx+FAWihZof4qg7Foeh6nfaeVZPhVws -TkoHtsitjOJB64/7ykAPdfVLNwxTsg3k7FK64tR9t/SMFRnPjI0J63WC82TjQjrC -oPa4GJPMo5yaOWmO/Gau3HZ2kgnwt3brdWaifHfI5nc --> piv-p256 zqq/iw A4KxHHmwWuQv9paadyg20RlQKXFNjKs4mvduZHXtYqLV -jBP9JrY1/bZkDPK2fnQDwrMxfdJD5nCP5o/l/4BEf/s --> piv-p256 vRzPNw AuidNlvPMpCl4iq6CJllzJvAoo2h9lIrcNuERGc3d6o3 -tpLM4Vulr0pS6I+zWynV/wxSnRdQxgEpB7Y4W0RqhdE --> Tc':~)<-grease EW=TL -AL2dCoXGFdWfFMuNy5ugLZifSi3hnQbsw2nMaKKs1hbKBBInpcnzxG+KSsWFc1Rv -0dE3XcUEHZVhCaodt5w4bZSXag9pA8BQfZdMj9lLl9wjMYjn1kLP ---- bQUmuzsnM0ZUZCvpmH0r9dkFLbIwn5rgOFZr4JLxXO0 -zY9l x6V ^(r7Ko5'< \ No newline at end of file +pBKPCXHoYJQbyATYYu29b841RYNuEhy1huVANlta2HsJhEuO0Q76gJ0jgMyddIni +CfpKJiLeSjy8c2n4FWd3/amYwojhR7AO7OWYURNLJJWnsJq1h5FebM6H/G8ZdvIb +UGFM+sCsM/+Xt8XdNzVIbrxDteWYoUM43IUQN/MuScYsE74w9TWLOr0k26QauSph +PqjluGW/3/qT3Y6GDsLi55IfisifvzOZ7kFzlzbovCEoRD4AyoLNJyDqUBdGivji +z2LaD2MMPUAubGB8o/uCB1/WFc66WarY3f/VnzwI0FlfcjNPDgIv3qtf+R3SwNUV +2D1e533QvSGmnhc7M/5bSyWYQCWVViv5THXHejjF/1xM//9vj2XGS7e8ELezBFP3 +0TbX2kx198QZM94AOkIoZkIhLLJmOAU0aTjIQoOWjTJrHR9cjUg+PnUu4NR6YLwI +uJFYXqVF2r6Gotm8pB/PHh8gGKY+UPYJlnzAV32UmfeW3ia+PGo7bbdpb6QKHDs1 +EPvWRu8ghwACAsXpSPnH6GeN8JEKfrLBub+j8/q8kaZsEZFKAwXDFF43c4JoQyzK +egRzEyUtBVOHGMF4z2rnhIpiMdjSFaOu6gBAXMwYGQyjlgZrNBMU2aRj25006O1Y +yTNkVQGlQ5wFUcytrlkNAp+1iF2vkSubdhAfWzQkyVI +-> piv-p256 zqq/iw AgzIwxlqP4A7/njEUpCXXxsdaQJvddq3+cTv/rCWRfmy +yKJpr2gOMnkcJ2UfOlbrd6JOTsnP6aQvWIAF0ceanDs +-> piv-p256 vRzPNw A2dCbUkkG26gUzfw7+ePsARIOd3a4sgNk9PX3D0JHhJo +/zTSbFyFwErm65HATah0CYkEixnTSvkv/mUVBgJhYS0 +-> ^U6Ex[fv-grease +UROHZseDwsP+Wvg+a7keVj92WVlrukLtW63tJg +--- GmeA8/sI5PtrR5dZRPzb0th0MPn/OhxI5PAKyolhj+Y +k1t#,l:"O*:,>:+l~ygПJ>r3 0__nG{ \ No newline at end of file diff --git a/secrets/wg-tunnel-stroopwafel.age b/secrets/wg-tunnel-stroopwafel.age index 2e6bfdb..77b78b5 100644 --- a/secrets/wg-tunnel-stroopwafel.age +++ b/secrets/wg-tunnel-stroopwafel.age @@ -1,23 +1,23 @@ age-encryption.org/v1 --> ssh-ed25519 b0WFDg NsuSXeVDNaiVmbj9lPv1YhA0TDyjqXm6i0a3wwHaAj4 -Nm0RztSI2ErmObckxT7fG5sJ1Ce+Yy2hyVxYYFSEv9w +-> ssh-ed25519 b0WFDg 3j1UJJrQANyh66Ec72sYbOCFvoD+3qq77GAFBAcHiw4 ++azblW4BVLURS8f22v18C+gUTgwgUTexTM9MlmL8UZs -> ssh-rsa kFDS0A -gEqURzUz1V/WPavUH9rKtvP0gzVtiY1iYh9kNe4yrV1AKQkBKCPVtO0rI5UJ5mtT -OkEbDm7EYaw/VXW2KJO8OE6v7+bNKrhgvUDKKTg5qcV1u62Q1KNBHu3yV9iRBR2L -esj8amIv6W6jj5S1RO52UGxggnSWZXihfsFu7evvZ0tS6o14qCpTUhfsiSu3UdGc -SjbKSSf+XrvqTNQoF7IW0XdRpoY5CRwzQhO6pSXKMZJW4n3W16su01+nq8uU/vVD -9ZM3m21IofjrUeiBpM2qu2pthU/3kC9LZ5LKG2HMeWWQ/dPvCvhopXZWWRL7+q8q -B3MSdEza5URRqifKKoW04MfOpWw1YzrA6Md0lIKiyViCrep6zoWC+QlBohzlpGce -ew0rjsSeNpY0SBJk7+Svm3Ws6qUXpE5F+ZeDOMguJnbzH51ERGlipK5mu7kKSXi4 -cXwCcaOZ4HlO8HQtb7sm87kVPsX03n+/es4WOXx6TzHIHto46kGc/8fnuDc0I9oV -9mNqjJGjPOEdnGKwH/7qBCyKxEr1akaz7P0XxzclVIw1ZbCFo15km+4KFx0TPO96 -5lCZQjxywa2tRrg04IIH6Ix0HK37GTh6RPNFLC+fBGfCDVPwxEImqlspxIYP7EwW -3jiKznAkQQf6NDfoxAJLqkQAhS1M5uswcfmMHGps91g --> piv-p256 zqq/iw Ay/OZWoqN1T94ev5AIRa+dgIz6+793KiHN60olbLPlYq -q0VjnvzttleF8IE4Y68AH+Mu8MmUZLfFWmKsYGqqTeQ --> piv-p256 vRzPNw A8KNTT64X05ac5+sLbcpzbHj/kH+501w/c4HgXz6vg+z -gw3hnxpNvEJoxVJxkzOtzk8pUhxA+lcQXLKxzsNMA4Y --> SLXduAh<-grease ;Os ?h<#sQ- -zjtD7bxdUXKO19VLoqKGaTa9rRgCtyBX2ERtdxk ---- 9T5CjtTCQsIi5arc8p4EmbwUqUe/Chuoaljd9ysZoWU -ϔTC T*̧Eւ%8B7"oN Gy4 i !ҩ m\!qiDg"J,Z8>TG5w \ No newline at end of file +jyP4y27LZ6SngtBDL48/BwnEtDfvRLIDCrvw/Iih2Cd1kqoyzEFLlqSUiCoriX8J +sWB4uspH3zrlSFGsvUGsSvYn6CBLsgDP9UhAVK1JX8syAefovP6dsXkwYkB7e/qR +tb1oFeet7+wNU7+64m+JO5mbdNH6U2I3wpLfnCGL7kwnSFQTkgWARJOMvd+dB9XA +0uHAGviRVpBwXPSa7i444VQUUS4qsGvNNjbsPNOI4zH7lAEK16fiKHl3yMC00+fR +8vh0DRgpjZ5ZiNnk4YnbQ8FQjS3JYVPQpltuS/K3NPbbjfNlWhfPgwg+PDw/AT6O +Iv/fsDdaU+kpx/Lu//s1zVP//zTl3XtUt0Zhin/PfvWiktR5U0L0pO30desNOmt7 +7ZP7Kup4VD4C4tJ+OPkXAdMBM+zY3d6lo/D4d6ftUSIGGF9p5y272s3GXMy4/7hI +4eVqDrBrcsNpBQlN/8pYc3cM0Rmg+hncBenRor9ITaQW5TAjEgv4NEIWobzWHLX3 +cqutJK9d8N5xOrDajOJBgsWZoK+N6BXdD+LrmxAgXpwAWVvcPAxDfDKJRTmsQmB8 +XdShltzcIax7Rr4upZy2Zl5E7W2z6WBLmsGr1DYCSUHL/JS0ZQqV6l/VLmwag2kV +JAI1YcC8Vr2AIQHhGEngmC5EO+KoPEfrx2ILigjxIY4 +-> piv-p256 zqq/iw AmONfNtOZgLS7c6riIxXzZwwcNDjP6TXRf308Grl2wPC +cHwQkRbQEpf5bF4eUEgfHT0peChXbTLLEiuUKxb7Ptc +-> piv-p256 vRzPNw A+PkCRleNTtKvyJGYBOKmWfPTTdqK2cjjEb9YLKYkKIe +YQ+79xWO3NAh2EH5tVtCf3vKiPXktXCWk1RtfD7Mus8 +-> )UypngR7-grease !'e$a <= +0ynjPVURj7uBD/OZPkVuzUplxCI +--- WHuDdh43ZEgSTWpnJEpEAkxUtGiNq1hlQBPzF8ITjLQ +j c`Gu^(pqW&7m-5]2Ԭ\mWlƮpxh>4 \ No newline at end of file