diff --git a/flake.nix b/flake.nix
index a613234..2b78da6 100644
--- a/flake.nix
+++ b/flake.nix
@@ -63,6 +63,7 @@
           packages = with pkgs; [
             nix
             agenix
+            age-plugin-yubikey
             cachix
 
             nixos-generators
diff --git a/modules/crypto/default.nix b/modules/crypto/default.nix
index e959010..a9d585d 100644
--- a/modules/crypto/default.nix
+++ b/modules/crypto/default.nix
@@ -7,27 +7,30 @@
 with lib; let
   psCfg = config.pub-solar;
 in {
-  services.udev.packages = [pkgs.yubikey-personalization];
   services.dbus.packages = [pkgs.gcr];
   services.pcscd.enable = true;
 
+  services.udev.packages = [pkgs.yubikey-personalization];
+  services.yubikey-agent.enable = true;
+  hardware.gpgSmartcards.enable = true; # for yubikey
+
   services.gnome.gnome-keyring.enable = true;
 
   users.users."${psCfg.user.name}".packages = with pkgs; [
     libsecret
+    gnupg
   ];
 
+  programs.gnupg.agent = {
+    enable = true;
+    enableSSHSupport = true;
+    pinentryFlavor = "gnome3";
+  };
+
   home-manager.users."${psCfg.user.name}" = {
-    systemd.user.services.polkit-gnome-authentication-agent = import ./polkit-gnome-authentication-agent.service.nix pkgs;
-
-    services.gpg-agent = {
-      enable = true;
-      pinentryFlavor = "gnome3";
-      verbose = true;
-    };
-
-    programs.gpg = {
-      enable = true;
-    };
+    home.file.".gnupg/scdaemon.conf".text = ''
+      reader-port Yubico Yubi
+      disable-ccid
+    '';
   };
 }
diff --git a/modules/graphical/default.nix b/modules/graphical/default.nix
index 3ceb75c..ed8544b 100644
--- a/modules/graphical/default.nix
+++ b/modules/graphical/default.nix
@@ -70,7 +70,6 @@ in {
     services.gnome.sushi.enable = true;
     # Enable GVfs, a userspace virtual filesystem
     services.gvfs.enable = true;
-    services.yubikey-agent.enable = true;
 
     fonts = {
       packages = with pkgs; [
diff --git a/secrets/.fwknoprc.age b/secrets/.fwknoprc.age
index 4eaae73..17c4b59 100644
--- a/secrets/.fwknoprc.age
+++ b/secrets/.fwknoprc.age
@@ -1,46 +1,50 @@
 age-encryption.org/v1
--> ssh-ed25519 TnSWKQ vGXjYiwQ5xFq/LcPlk1SI70b+K6BI+GvvD8PSKwnVB0
-IlPyqODJ1qe+zG8JVO9Cq72M1Tpx4GJLMkpO/rCUXVc
+-> ssh-ed25519 TnSWKQ jMSQvQcsj2JHDhwmuy7stCtFInRMigmulaedvsKyiFg
+5E/Q8bzovOxG5t+MkYM65yiHJKe+f5AXngWTYGUDIfE
 -> ssh-rsa 8daibg
-CeF9zU2Jcq2BHdIzLd9xqVgsmRY2MTASk+ouMIziB6CHhyqZpoVg1AD+kC9dUT3n
-cXHkYfM7anG4ggvPKnx7q3IlGfEk3NwaQE6q8IQmAR/OaM2q42/7agoqbazNECq6
-ha7yn+whk8sfd1nxnhkDeJAXofPMmYvn/h05ga2NtWcqH7NtXPWPiCXCeGctGQa+
-nXJ3wtjDsikdrY5X+NwQvrL1i4X5IuxliMsCmPX05UZZneS5FVqRQQq6MEUCw8xN
-oK4/oY2ROHN3qeT2yv0h0+JMr3Wh9jTxuuNZJaDgXffM7cbAHVmYcCuLma35UyUE
-4YQC/p+4gcqzR+FW6p3E3owc5U6KxDbi+S+Wofq+tC1CijkC0ag2oQ27/gZp6zAP
-6aJpibbn7EHmt43ubfp4E1c6qrMaqkMalcerBV9pcwoPhKRfKvFTRWjdF+SmON1c
-WM6gsVWrxD8DuOs8xwbJxJw8rl4R5uwbIdIzfbFFVC2o5pHFOQkhTNAAaikGTv7Y
-2xVQ5vl8JwQgg8h67QkGd2i0MP/XkLLjJqZ3ZRr/FbooREYpATcndshNJn93Jabg
-xx1MXiThytPkZJGpYL2DssQnarj2/NUtUYMRvE4MFoB4E1bAihWO6O5m8h8B78Bs
-aAKGR2nJ3yAjwC9MsV3FVKsY85GpeCT+0mq+4nhe+bs
--> ssh-ed25519 2Ca8Kg 7uB5S8PKR4wuJt+YsxjSULotkRln/GUOrSke1fUQzz8
-3FoFxB38N5ImdOmICLLLeMugnJ7XmW53jHTPbnfOZVs
+H8uTnhIljO/mnAjaJE5SCZR4Q34+LOLMURmx5ZKyMm03mnEeb7gu0OQ1suEElCVs
+L2PmIfcxcvWWAUKddMYtVEY+y2ffFXJPsKEmqGjGaVKMaxqDkNYfRSAoauLLks2w
+IfcBLYnxMfGfRZrn5dMDQM6kAX9aY04NqUYF/Pbz4/YwRmPhE/FtYuwGu3NEXFbb
+10PzUvAHl5ir8KbT6a3bLJDx7mSPoonvZQcLYuuiurrqr/h0UCyoeIhi7MtZpb5Q
+Fwm46Zvfm+ttLTSGpzdbU0CtnnrWwswws1tmmpWqZHhYFqY8Qs0f3DrnWgfu3303
+COcxzhCXL315L1vhnsXOAkP1i2ilA4ubSFWZcvRwBNQw0UxTiwkr6AHvasIIlaOD
+u1LWLvNgFfGBiLtp2kGy3GIuc+kiAbl88aYkGEpduCjzOllSf02Afk174jRQ2JGw
+LPRuqsu5J9xSZbLd4E/C7QTcy0y/l8JqyRJq/iGqkGR3Bu612YhJ/1ObAtqE4BW9
+0OU8YhOLaal4Zj3YTadIpMsBczn5XOVH2uXMwSzAAvO94kjVcnMxGm5b7ciVZH9T
+NWVd0rspNCE5YZrYQY6lh13KjZ7F8OQuPxlLwZOm9Y8/EU3XN7yNYfJZqqKg2Xy5
+FTD5rYYpo0J2MzEbqj2ZDooDDEXia43SUtVYHUQeW9Q
+-> ssh-ed25519 2Ca8Kg GywIelooIZXQoZaoFX0bTtEusyjW0gYTN/LBt37rW1M
+fEpsGDZtLSbooIVg/4xR0ofR+25Nf27mHJtBbC00CjE
 -> ssh-rsa 2ggJWw
-swnFOfkKtusoF3XehvRQW3chHxNnR7cOLwYYoFOjNMHRUaZmt3mv+l2QHm6bZltD
-CYtuONGpuwz9zdT0+A52skxYQuSpM3dDrXEeBUfjgY4hd0gHNER7dHBJhhqG/v37
-Y0KsZpJsyv/TYqURagT/NMFy5zo6yhmgQ5s43pyfwelSNvVSEoYAMiPqJyQoVELU
-M5w9Q8L28amI/Zz/Yv4KgLpTxSogYeZCCruigaj7j+vqhfEcYa64F5FSf+PZEPjK
-iLGURaegeHOjflty2u1KhyXA6oOTXGE9aLQhla6fl88Q+iuMhw1g0IcUbfvHFzf0
-bHJLLxC0qbTu7LzAIjrIdoTPhiKAd5aont8N8JZraPGjbG0V5DO4S33kqZYJ9zJE
-v6q+WoV1ZodIyg6/TSstyB8Pf6Es6QYXtqdGy6Bn64CrGOsT7/ILXHWm4AYibRke
-qFi+ewi0YsbZp2LiXiGPQ2P6ri8OsjdcTrk10wbasav6Z+yVzn9QfN472BsWaiyl
+nSUyHhTehdTA4vooUL1UTwoN2hNxghZ/WU7TWV1gIm1CnseWw7pA7RdNoUJo0WBx
+WJlGYTU+cwPlo3U8O7Q4LSGqf5cJLaldjlQPbIgPAGcNuSWvg1xis3vStzu/XLMZ
+YwXYAXmII3vDkbRrtP8wSBr8MWjHzlVPh0GUecW+x3J5IGsHTxCyAr1jMofjqhj1
+3yMKxm5aANnJtJzWoLnzVEXM+Rk9krzvkmivtXYyrHiknQz8CMUTvW14QZsvn9d5
+nvQ482TjNnHccD2ySvY+Wr109liouMJNIjigtGfh4eCPuUl18xHCb5S2CYoQSKDn
+46dLu/02taCgGvg29zRp5giF1mR2uEwAfGddtFlCQJ5BXzJwKtdhqEooxCap26xu
+lZ2LokcMtoxJ490sFgdLLm8zNk0mReGZsofQO1hJ7SqXVogLbRDv/B3r7cE2IHoe
+6yRaHphXxJdxJYWpB8KnUy83BL2LGweu/vAdckl/1GE9p5VIfCqE4aP0ZoWRF5mA
 
--> ssh-ed25519 b0WFDg 2iz2O3OTT4EIEN7GnKJam0GlFGND+i/1AzXovdeiyyk
-XGRhpO8Xh/vUSB6LwNYeJtBmpjRU/nY+IvZmb69Uozk
+-> ssh-ed25519 b0WFDg fFwbwzYseBIqhDlmsdKRuau0lXHRa53qbwVi0boiShQ
+FZlEYnOevPN8xjcT/SZbrrlX0Qfhd8RN/zhqYSaEcLc
 -> ssh-rsa kFDS0A
-RPoLffa3APsxM8STxwOquyJJN2SDpq9iBlffACQZu9iJP5hCR2GiWSWyM9Z8i0rM
-d4kRsy01v+r/iWDKmbHH0/YIhfS56c9v9WiQPFxyPeQcq5e3QQtC5HCycmPZ/RBQ
-OAVyh8zQ1QeQdMmGaLyBx9HaxZiHe2BK/vXcrzCEXViRetIb/UE7nHoozmA8Zgnt
-QwSij/4svMIfd4dole16yihTaieA57YW2i/bAWVT+XK6K+u6DuiX54ZRI4V8dPbJ
-D7hYfWr1Fvxit8cheFMXvtHtZozqKHvOG3NyRirIEkG5ZqTa+FYIxxczstC7HdyW
-jxSDetihmGhweK/uMZ6fV+iby/u1caA9FzpbcwCc3oqLg7ym8j7tAce1KRWPC9lj
-P6IG6uK3OANFBwCaTH2/i7kI+GvVFT5V+A6rwsPUEWJsacuA1gZeJjyeHWbHVngv
-oegIBr0TFBBtwAwGQPqEqqhtrQKcmRMET4/QNnooCx4rxVbVNkoeqb6qJ9Z+nIIe
-VoLP7NzsuGVJ0lFYwI8Jyimw9clVTZ3g84nuevc8pgIkgw6DKxPe+m8hBw/BGp9E
-Wg2/J1nd0SoF02IxWdAUOERdDZFMqNrv3me78Ny5zlwE3GZU0IjuMUoiwOgn4OJp
-HhfsAWbbWzV1L0zlcD8XlkcimpGOcdNcGxK4YtdMO6k
--> PX]-grease Fc 6 H .-
-CcC47vZ+wmgeEJqO5kyam7SZBj0zAizQzH056Mq67W+Y3XnBwpmNuSDeM10PhYhB
-RyWN8qHmiZ5r9WOxkPiDN/scf7I
---- trs7yVXN6tuFRtwdQ903QPMfq3TqVWn7mQLHEFMSwbk
-Ýéj#9§cÖüzˆ3/J²@JÔùà1²^ÒœtÆ‘5× ð>f«òÐˆ—jÉ:Ô´<(½WÌ$˜y¶[¶e=$½f
\ No newline at end of file
+W6mX09e3P4/OfXHFBpYfYWqupNP8xmJ/ZcXu++s9KNef4iyEcAwffGjps6HKMsH1
+PX8ZMsAXzNcRnYIF7RclSwbCTJkstoPoUZb9uOGIDVK1hvQqKEi5m0Qvy4NU5SF4
+5X66sd69rFvyENH7DrsTq5FGQqPYCQ75u1Riw7pZfjodYJIZ5w6xlGUqVo280vQ3
+6bibceGhiBaiciofPpjSD6Dzx8oyI0U2wF+C9XWuoN/indOVwWQtmwnRypRSNuJM
+bM4/fyXDqUkKhaz93hzPEyNm0qK4DHtdGYU/5CJkzAtUSNKAYgynF4W1yOu91dad
+zEIRD8Xf/GQWKrtzm8VRkTySQ6+CpevftKpObUWrdkuyqANeLcbItriRlUz3sLhe
+MSGuIBQ06QvUdEwb2jlQhjFON+x9sW5s9cxzZMVFtVYxQfBhcBBbUvtj1onE3q9y
+k+hJ2V8NTNx4/WPGULDSn32pXjQTmRNNYGc3HxK0Ig9Xm20kDpCdzQzerOlEOt0E
+jfrOqv81PGlCKBZqFDdib6q+FD2jmNfUmCmA4hvDXLMuKq5AxU5AwnTds9rwwuA1
+jAy+q+vA9Uo7V1JIsw+H8et/w6uDJIRJfd9A2/gygdlmaDSuE1Fe0hwlHFlfoHKs
+JlxswLeyXx6uFZXmzr1bLaQlJS2+h4tECvljwrpoTws
+-> piv-p256 zqq/iw A1W1mSbdqose3GBjEib5C3Z6i2hg5wp6bgSj70laSXWh
+Y+nJzEuHH0dEqNwYNOWUgDQd33p6oQ0guwrRo2kxt58
+-> piv-p256 vRzPNw AzML8PUhlmnTIB7mTQGmKtexlXzTxc3Ys4wn21//B9QH
+768464Y/sNd+82a61YD/FXd7Pfa8t4O84y33ECuN9m0
+-> C8k-grease [TEQ[+. T~Bz!.=
+mzx4+WdEWKHJBAdTDF4KjehFT+/cMxkDRzArR9kCkgyGA0kbJmbRAeoBzKWtUYrU
+Bm4A1ea2UxDhP9P9mUJL15dCt1x9cbPy9S/euU9Y5Hdv
+--- lbjgp2cxHY7j03lybKJVDRvSY5kytYHV/IARgjVUKlE
+¯´ö`T)ê5yÈÛùš+»ìZ¿äò*“QÉ|$ê¼^ÙîSaÛõþ$	£ÿ ænÛÅÞXSä§„'·D0Ä.wq
\ No newline at end of file
diff --git a/secrets/age-yubikey-464-identity.txt b/secrets/age-yubikey-464-identity.txt
new file mode 100644
index 0000000..f12dc2f
--- /dev/null
+++ b/secrets/age-yubikey-464-identity.txt
@@ -0,0 +1,7 @@
+#       Serial: 25473464, Slot: 1
+#         Name: age identity bd1ccf37
+#      Created: Fri, 02 Feb 2024 19:26:49 +0000
+#   PIN policy: Once   (A PIN is required once per session, if set)
+# Touch policy: Cached (A physical touch is required for decryption, and is cached for 15 seconds)
+#    Recipient: age1yubikey1qd7szmr9ux2znl4x4hzykkwaru60nr4ufu6kdd88sm7657gjz4x5w0jy4y7
+AGE-PLUGIN-YUBIKEY-1HZCCGQVZH5WV7DCL6V837
diff --git a/secrets/age-yubikey-485-identity.txt b/secrets/age-yubikey-485-identity.txt
new file mode 100644
index 0000000..88b82c8
--- /dev/null
+++ b/secrets/age-yubikey-485-identity.txt
@@ -0,0 +1,7 @@
+#       Serial: 25473485, Slot: 1
+#         Name: age identity ceaabf8b
+#      Created: Fri, 02 Feb 2024 19:28:33 +0000
+#   PIN policy: Once   (A PIN is required once per session, if set)
+# Touch policy: Cached (A physical touch is required for decryption, and is cached for 15 seconds)
+#    Recipient: age1yubikey1qgxuu2x3uzw7k5pg5sp2dv43edhwdz3xuhj7kjqrnw0p8t0l67c5yz9nm6q
+AGE-PLUGIN-YUBIKEY-1EKCCGQVZE64TLZCKYUCW7
diff --git a/secrets/b12f-env-secrets.age b/secrets/b12f-env-secrets.age
index f314cab..408500e 100644
Binary files a/secrets/b12f-env-secrets.age and b/secrets/b12f-env-secrets.age differ
diff --git a/secrets/b12f.io-dkim-private-rsa.age b/secrets/b12f.io-dkim-private-rsa.age
index 9fc3e99..7d6bf41 100644
Binary files a/secrets/b12f.io-dkim-private-rsa.age and b/secrets/b12f.io-dkim-private-rsa.age differ
diff --git a/secrets/cat-test.ovpn.age b/secrets/cat-test.ovpn.age
index ad5eb68..fda5c3d 100644
Binary files a/secrets/cat-test.ovpn.age and b/secrets/cat-test.ovpn.age differ
diff --git a/secrets/droppie-ssh-root.key.age b/secrets/droppie-ssh-root.key.age
index 44453dd..bccd832 100644
Binary files a/secrets/droppie-ssh-root.key.age and b/secrets/droppie-ssh-root.key.age differ
diff --git a/secrets/dyndns.key.age b/secrets/dyndns.key.age
index 8200fa6..3ab6d2a 100644
--- a/secrets/dyndns.key.age
+++ b/secrets/dyndns.key.age
@@ -1,19 +1,23 @@
 age-encryption.org/v1
--> ssh-ed25519 8bHz7g MweHQMC0ehiLt7DVKeYsnlbkrgHP2HBfoCpcmZaGOSI
-WvYHj9srfidYtF7MxRvWfLmzDZ+y5c8VmRRzLybps8M
+-> ssh-ed25519 8bHz7g GRU2aHDf9SY+5r6IqxJ+vY4melTSQMW7MLkcueOfQmQ
+YspvNo7/BJ9R1Ml2KYWbZI2deNETrVfx+P285vfJBdU
 -> ssh-rsa kFDS0A
-bZfxmlJ8tdfDBNnNwPd5QZetNG9uNgausKdqutwWTxquLsAjqXnKazf5WrJJaR2s
-KnnsBWUP/alCySsglruMqNkiQfvx1ZOWlYyYS+6cZnVlaaFAv0uKyzvrICyuEpKN
-6TKkXbx9EOqzWSbW9F/cLOTHiIInhvGgVM8oYw/bzftOirYexdWY8C676wXsYrtO
-SmLqglWB8W6RX8gKlvpiAAo3qFQ9J1bZoo9gT1Lbpt17BUtS6T1LhRetf+Gkmffe
-xnz2GDxIZeQcJbJUn+iYRjn3FUsHDVkYElNc2wF88QDcopp044EhXRip1a8jIYKv
-NTNKkCgfa5+gnavMa9ZBNYhNyCaef/2zkrRP/mQARfLMP9EWJLxWJh3yo6Z85WEa
-tbJNTxPeiMfAxcOExi67bA0MBQ/gnYeC8MuPRbuhGUlVEVec6kcYu9LFuvxef3k7
-KIevUZr9gI0+nJ5Q4ZEHCi42HLWak68TKvUQKclbWefZLWuuufuDyL0QjlN2T8fN
-HGeLu9r2b1UDvsqMq0jtWieGLIZ/Gn08WxNnYBUY4DIQ4s0w3yhCsPAHETd6P2Nc
-xcgiksQ7MUhmbBoRnAHwjhxTGMQGTC9pgqXQC5bZ3wEIzNhrGAAQwi0T1IvF3Lxc
-hZEX0EmsD0QGa4lLsFSSutQYtGSGvXGzvaaei/Qo0H0
--> kL)]S-grease h*#aaI*
-dhzgWv5B/AygqPDKQTxgUs5anBjRyqkvOyvA+KfVNzry
---- 0pKTdxf0nbuw/vYcyxQEjhEZTdGpb0FEDRrdRrKczGc
-Ð¹¸¹ÿÏ?ÈAþ=i¹š2Ž¼{î%kS+-,¿DsÍ‰:-¨AÑdOvÎÞÈåÿuE{æ«n“`­ÞZ[L;øurNuˆr>×J•’àYãÍâ-†µ7'£¾7ŠF
\ No newline at end of file
+K5Jzi3HtOGql4962QMDWTMpASKegKRRASZkHt+HaQ38MQ4IJAs7IYtaXSkTemtfO
+ja3EUJ4003GwrYTEaCS2gJYrUwOgnN+ss+9H+XK0Z8Q8YtTQsZCLvu33SqGJQ1Tk
+TmliAnT1QYyJJ8BnvEPqpwTzQ18ZjokUdTdutb9UA9CjSAYGEu6w/y3oNfpj/ll2
+eTaZrk+651OwCX/wd1B2B5BcotF2WlyTESD0rttG/pKld/jbhRSRTQiVtQUQr+vy
+KKATDKwOyVm4/2Nu987HQoRvpsVUVMLK4cxXaEDxEqRPvHYxRxxQpJ+i3AD7vjL9
+JJFesHCrzZt//NGqHFPL+msaxBOfhBChtghHBJJA4J9LsBKVaEBUaK7rZ2i/j1Rz
+zxh1PSveNIyZz8tMtdX42FA8PERLFAMWAtk0EyXgMiKpxWO4ye+4G/ETf0QE16GQ
+9jXoKiNIrmCuyZb8a1AcQN1VQdP2+90grmxRrLKm42V0jefN4pDmbSf5dC8xQAOV
+cBTOb3clQ5ZAhVH3ij2vJwyv60R11MwJMllwZmY5bb0snTmy7xTt4IXf65LPNVGJ
+PW7oC6jEwqvJs5cLPNzjhffe34Ff508V5NWRqyHhovvVLfFpJCBKaIwnxLt+sGyz
+lU54bagMjF0G4y1qB1D7m6yafvOf5CnysBVtjlyhTXA
+-> piv-p256 zqq/iw AnTrwxsQ29aGJjubx0q29hQXGj+WdrYyf160sqyBf0Zt
+cVNF/XwCiiYYGttpFC5WPrFwoIbonp0OPFezWF2K1k8
+-> piv-p256 vRzPNw Aizx2hub17YJgY9FUJ9dW8DbT+GLavOG+DHXvGof1x/T
+WpNM7Q/5KIEC6iVhuWxS9VVVuHpz+G4ilZXqL1/Ifo8
+-> ^-grease
+7+moX2MOT9fjQyHtVL4
+--- DLZanUOEHyzg4BAops4/IvRw9Rn7IZ9ELV/Tt1etjRU
+~Š>þö]Ó$JþmÌ$„€q%ÃÎI™‘…+ ¥Ðn‰.8rbø~»”êe‡-pfL®øTBûØšH‘ï$žÕae6Eƒ(´½84˜¸-êº{2£ÄÕý£Sé¥$M
\ No newline at end of file
diff --git a/secrets/ehex-vpn.creds.age b/secrets/ehex-vpn.creds.age
index e16fc03..be3f2cf 100644
--- a/secrets/ehex-vpn.creds.age
+++ b/secrets/ehex-vpn.creds.age
@@ -1,47 +1,50 @@
 age-encryption.org/v1
--> ssh-ed25519 TnSWKQ VI5d8qLb8LZkFbY1f0HS9a17Ak+GCu+Vr0umS8Q9wzk
-hHpduw2SW26B0RaXi+BCZudAbkZFAm6+pDDUF8Piax8
+-> ssh-ed25519 TnSWKQ 8Zo2yv8xyNgy7dF+uqKc+yc62miH9aBTQ+VVPAMixTk
+YcRzUaHDcYzS0cJIHIalX9U2QpTs/fjhQtYXKVJUhSw
 -> ssh-rsa 8daibg
-hytEyqwdX6NxcpwsJf5eMzps24lE8QNsPzDpyUVtmDljgRS3qGpMxWfohxXCfbUQ
-UNZoVIpacUiM5crW3uswgZG2Qs4vxXFlMY91y7UEBrmpkrH1M0i5+qnTDeryWRJV
-nPf+V9UZ4WIUPN0fAgqbuUj1sBePKIPKajLsfuIN9yHEwYfW1zQLF3Z7UziEKjzP
-LAJoG81+Q8XDuxb1Thcf4RoSjVcdv4h1OfxAYxq7I4KZHocWvxEdI+7H36oZf0/+
-DrgKEijDGhrBHHqdh/9TBt4P4CH0f74zJzdB2wNlMkZCZr5CacGhzjrCBdjQYxmy
-EihWs4Jn3/T9vFFrl+uk0yp1AILfOfup8PF37EkjrK+zhblabSFPUUxPXqvMNeGU
-dcyzZIsxM+lnvmQrcZjFa1ybo9Vw0Yx/cTxzQe2dIOmI4e5/Mi9+2bFjXKrLL5NE
-zJ412dLUynKq/p8tOGOog5qmIUaWRp4cvfAjvbxH68GdppZYsv9UbiMoWU8xGG/e
-1Bj2qmcAO5unDFCiNHaraU2o0cWuYruoJ85Ty2pK1+t9PIPU8t92LNw81CjffZkM
-mxWKHaKh+0fcjFAZtwra8I8n1LRstaYFSCSDGq+Wmt0I5VSOVQiOzyhwXPJj6XBq
-CYfv13IHHrBerZX/6ZZyWgzY4bMxHuqzCVkWK9mqcY8
--> ssh-ed25519 2Ca8Kg kzESEZ5hA0nyCtPGoMdgIQbT1YrNvloeOcKkhuPHU0E
-gsCxsWQAEhRzOYK7XxinN1mJf0Tbjvf3fzNIpXWAWVw
+wH5UfmndeoCHCLFwFB3UyWCLoVWx1nfLDCH80rClDP8tI+9XtsI+HwRrM4Czg9fv
+5/ZLb1IkWVb9nlOZC+tUYzhnKvs/VsHSzy+A9Zt80VxASEEfUxcHdHsIGxiOBZ/4
+DI9c7xeloJFjcmP8RVMwnZjyNZDjAuIFdrSaRh/DpFx97bMjAdRVyZhkeV52uBCZ
+yrMEiJN9jAU95coHCane67/HsBzTZAnfB5wDtatoNmHw5c25T87dNfOj2VLx1I5Q
+NbYPpl8aemmMq9NfwkQdwM+nUR4Z4+83A4UYCiBvY8aPcemTmdBohwmuVEAQeXII
+8tJxs/u10xIvqAJzZzfFSOtEtbYz8M6OjJtE/lG2x1Mp+fhZhmjw87H0i3f+RMNW
+dDuiamWce9e7aQtc+1iaMSNyYMmaKi69E8PTriCeoSZsYMntjF35cuCBqAZk5UpI
+K258pU1LCjH8AuEBHtIsin8NqywkDVmpEqxGpnIP9MO8M/cPsx5ZGvTV1GqgTD+q
+h816fx0hSTB1pCeh6k0LVMEqPkO4e/fLvzt4ahLhhWtnXjf8G+xliQEqxvJEgD43
+e+osM+kIF/wEUodIZbF9ZbKPJWv2/kXN7jeh7yP9wVJIcGwcCl/gv/TjxVSmngIE
+1IWffUjZi8Z9T2QHdx85arHVy4U5PcioVPfR2Jmtz1M
+-> ssh-ed25519 2Ca8Kg +EAft3bHY39A+KPA+B61LyW+w/o7kxl3NIBqM0nLkAA
+ZfFacmBeeTgq1b2gJ7M0uI6hQOUTEkF8OLrXfBF6WZE
 -> ssh-rsa 2ggJWw
-hKD5oTtfOUktJd88I9g/3deTvnsiZEBBBNXVDZpaZfuNEtb13nc5OAKFt9+0SYd2
-f1vcwD3GcP/3nlxRHDSnhMnTsxXmLixl6YLaC024aKkxWfn9EatFJLA2NKxjmkaI
-mDqHUb9yOdRaVo1lrxR9u6auI4l9cA2ko9q9DlJ2wKJJQwtkvdLHk/hvjbnAta8v
-O83WeVXmXiBzqJSCeo4lJm5hbS3vmHgD29wceC0HNnBiW5rfy5LSpPG9TzF0Va0J
-gAyECbssD8fOXEPXqH7AmQ5Za+xzvI7dUUf1pWd6Sz1ijQ+UszIZC6NkfF+2fucD
-f3fICcMfHjyZWW2DXpZpdqYKcnvmzc31cyIL5UyVURxB4hpEw5EOerRVXoOV3VeY
-Gi70+ic5cjoOxqqPDcTsnGisZy/gAd0y2BbN1cyR5FILbaRFH7boENNouyscOoNO
-o2Mc7uOalPllTn85dGYIymjD1zS3QTEknl6alPAQzE4O5L0Ywxr4RjDjzh1nq8Ny
+X4qLkkpaNFImPq3uEH+2jqUo3oj/uJ/C0JEe9fL96L1vR3iEmPJR4F8irSkYgQK/
+dqIqOjHWFG77/7rbAsuPncwvvwkmOnREhN42ifD3JyfRIBWjXSHgisKP0uDASLqH
+A/xw2SiFI0TcTPXr5IdXJygUVUBc4UsTQY+TbeOMYGwuRw24SzUq6q7Ho37i5VAq
+YrU/iOb/WQjWPzsS315HB5ZOXypzPQc4xwLIrayEAj2vqGUZSacVTdhjMr90pR/K
+lz3M8KGZJ20DlbNPW0I1kFVTL73+YysLiLTGOStc4Bk6IGkNR83G46l70mDKiGGd
+hT+KcVQtCEOxQJLgwQCHQWpaCOKMmmjKTqNu6Prnet4ta0BBge5ZmwQM4DnG5oRV
+NUbrGeXtKMsi5gGemuyBJsyS1+vqGUI3k5l7WYTw+49+u8k0Xf6eoOSvBUjIes/d
+Mt9ZDOa5T+0guyHx+ZuEQquKdLODzPXYX8Q0TtRA6MpHjpSngkc4sPUOKHFlH8XN
 
--> ssh-ed25519 b0WFDg uzIiXcNnFFAEzGPVAPbLOAgpQ5e40TdZAKmP5i1oplo
-vqVBPxD6Tq6eDNMnc6ljUMIQyjTQCwjk92f76mSCCgE
+-> ssh-ed25519 b0WFDg aN9xXVuzgKJ82Oi/fu4ltGyY12ptrj+u2mPHjD/fmn0
+hrVSs5iLMa2T2TcHrT2ldreDxIrarDzS6DLzgEytnqQ
 -> ssh-rsa kFDS0A
-Z1E5lijugWJf/Tacd6f7VGxw6WWlNFAjHP65Dvx8bBfezXV7fMJU4hOBfKp1ewqZ
-zy8OfTGqX5K551ZGx33CBPm8hgR7UTZ3HJreQzKSuzsYgO58hWhf+Bdkt33co1M7
-51O7qFJhU7U3Xg9HASuxdOXJOsbL3BHqpPLTFoIZhaYK5YJ7GKLg5+nCWfu+GovN
-RJNI7wd6x7oGmZi6Le/xjUANEOUff9Ri7kXFXH10JX2g0wcae+6LNKNjW1ZB7Mt2
-Q6JtObK31ulIiwSUHJIhO2TrfOfO7hWc7lxC89KCMkdNQsXkpmREBhuBNAwYQEzq
-13ts5ImkAGPpY5nZ2DVUo0w/RXlx0RdgMzhq7dj1ooZi/ZIzmfm73XKTvCI+I19K
-/YEXBS8t52cRQrOA4FFSe3wNBk4DpQ5eSfMo2fLcVxOKF5Sru207lp99FempEqJI
-uk45eIPk0M6aUEoEL1Ec2jKUeubc4DBYHfpri/BX5tOaMupFPWyQamYKW0UMZ9T6
-3Z/GY5g5pagnKqK74qOYSlSKSZWmHTGgfuUyrH3/7SDtD/eeIflTyxGlGHNNFqZJ
-BRmTkcCx2BuREDo5JyQBS/bB/goz1a2qoCUrNzT42uuhTxe9uRK2fy7SmEXg5KPT
-MlWfXBVG8Xi/z7k6pXXTqPPDlwAzFmpcBVPF347tdMM
--> JA8,ydj-grease cTA8mZ86 hyjd2s3
-s7BsYRbIibKDjo6S6RHL0/4MmR4YAtbhSxiBU2w/yuhQke7cEoQ76Stbe6E6bnS7
-1u1mOCL8VoZ89YRUK8tLDMKoF/v0tG1+asj/g+xH72B1Gw
---- iSDRKk/z8lcIOjkSSz0V4XM1xN39g7SFOD8TRwCDM3E
-3Ã,ì|`q	×Î
-ºÇÝúuV'IãVb\_ŠqÉQK¬˜~—ÇÊ³B¥xO¡šãâ9ëôn•êõå
\ No newline at end of file
+D+WylTvxqk4KtaIGvF/pJvARoRHKysLJj7JHqOPFclT51/2tSq1Nkltwf9TZAJAi
+Nybnd+garIOMIBydCq2ufjK/qHg1RWv6OoYq92TimMlIofO/9BvqEWpchuOYpVut
+saRzGDHFZdyxP1JonMnNo11MbujLinQewfqfunU+zUwtWgUiqroqMlKr1RVWePT1
+5tc9JVDP7f/X4G5XefezBm+oMeZB2zEfIrizRkbJ+nPxfBoxyIrThH6a5EOacqHz
+EkNIYAUbH2NyZp307VUhJqyLc4toz0JD1ZS5eYf7XIDLpCDlFZVe00X1jKxJFZRQ
+D3/pVitLYNW7TM9JHKbXzC/LYI3D/9VgOoA7qt+P9meES+DfL4n46kY1AvWfxwKR
+geGvDJms75cn/hJClQbewIwmpc/cSyRI+LSefij+auqlGE9HhsnjbPhac1ti/TfS
+YYfz5VEGpjw2Z54zwI/C5BtOoJNP1DiKqWEi6DEAj5SM97wdP5yySLZNZS1mV0le
+yJIvRtqRUoDKu65sIBIgFUg3J1Ou4oDE2yvF4vrpIg6S0MpMBCkXEuLKtiJcZaSM
+79lDC/yMJqGurwhjF9aXNT8TGQ3HCc4S4GklLY1i7T+GwRXidvpNosd8TK909Z7b
+BFbr5y8mwXH7YC9hZXLb3RU8o4DELMqaISWsDXJeJVU
+-> piv-p256 zqq/iw AofQU6OaeKfY7Mzbv9j8Kc4Qr3h0INWnbYk2z+dZ/dkK
+M1A0k1QUCDX7QQfZ0MoWzTNBZtvMtdowFtHBjFn/OLo
+-> piv-p256 vRzPNw As52g4DjPwpKjO4iniWLDi9Zbu24hQedxNwK1KfbPejJ
+M0/RKxbi7ZvngVBzj06wCvWaqi524PG1XjAYW+f5Rtw
+-> v-grease =/*
+AUMmBVWX8Xc/DOZGydnvIeIX+Ku53NB6ZO47+6+5iP30PF5BgRzVFRrr2qWakilr
+JT7fvoWyS7zMABqhMTSEbcKxgFiUF1lCESFScmSIroK57EU
+--- QJca48MYVqEbwKAZsHvBi/XU1isHADgt8BAXDIcE7YM
+WÕúá]nŠ¦·oi[2sh×mMð?àuá+„W\ÜÏÃ@Š¤plØÀ½ãäé‚0¢Dèë©àfE(
\ No newline at end of file
diff --git a/secrets/ehex.ovpn.age b/secrets/ehex.ovpn.age
index 0b6d857..e979a74 100644
Binary files a/secrets/ehex.ovpn.age and b/secrets/ehex.ovpn.age differ
diff --git a/secrets/firefly-cron-secrets.env.age b/secrets/firefly-cron-secrets.env.age
index bd4f978..5fcc3f9 100644
--- a/secrets/firefly-cron-secrets.env.age
+++ b/secrets/firefly-cron-secrets.env.age
@@ -1,19 +1,24 @@
 age-encryption.org/v1
--> ssh-ed25519 8bHz7g G7bBIuMkflOH4oiP5j3DSLZ0PQm9HCo6i5zEZERahlo
-Kww8RvqaaK/04BRUKiQKpTuZENra0IAJahUDAOft9cY
+-> ssh-ed25519 8bHz7g eMZOZep5/ycjSsD7kg9WmB6JgZKRfAygL+YCh289QAg
+r+vecGYzzGgGrhCyHpnlTH/EYYJxWqJt/kTJy3+wgoE
 -> ssh-rsa kFDS0A
-ENahsL9ZVLJ5vPomkTp2muSCri1ufOXKa1mwc4RCgwrhv9XN1dOIF3WTHJCSDog0
-umZPPSmfvDCkSyLMPuzVulJL3+z2qzmirmjY+F9dBfbGHxCjn51foezqPN8yXlne
-6664RDl3VG6DIgl3QDh2PdVjzEponAEPmpSGFbUz618IgQEEqaV8jUTWBKPVOVvt
-w7XdCZZF89Hqe46gHx4Mz/OPkAyNpd7EIsnj2SB51U8sc3nrjZa5Omd6QQnJheVq
-f6co0MihOtJhwHHNsd64ur2fsQstosbMinyJ1J26TAXyuxjyLmHGgk33YxomvYn2
-pZx+qB3TIijI/cQ0Wy3he3i/rDuJZuWZsQHv7Ge8qj1Hm6k32HDXWEVcEfOjieQ+
-W2ftMVJbJ6co5038ABSlomIoIJJlfvVlgLpXB8NWGO/PzzoH0s0mwMXD/OoDBIfw
-4n0/4wNpdYwxfbES0nE2PqQXAEbXuaCFmdKsieKPX8N/W6daWkLLGSc8DN4QTDyO
-CAc1zeLiwvVMYfpeQM6kXziet9pb8uBmzxG4POWgsXno4J6RL8aNWCRnfZOfzTOD
-dC/meGV3lAMB+2hi5nHogyTGiGneVxxZeFZfq3BOLVPkaAsKKYKfwdXm3vOmNCTs
-kTOap+vwbKfWzJWEwt7oL7BOIyzpSWJwiLraTOZ6bF4
--> Xi7abZlE-grease T'.]_N bOUC*SH JL/e
-TTHw0oA5nuwq3SC31/5Ck80LdZ+9eKfc45A
---- 2+Z6qd3rXxoZ9Lkv08lwaTbZC6/2o7JVUew8bvjSt2k
-è%bÀ’+J|ën£ªet¬Ôî!5zf©‡cšúŒÆU–‡éjè{5iã;??ŠJØÌ¼+³DJè×û"ƒ.¤ogÆÏò?læGˆÅ
\ No newline at end of file
+NEvVjnGe2bNV+311uMWpRAtDwBt4JH6gioo/Lo6ZLdJeeZYxq4FhwtoAdPkqL0c2
+2fFONte1EtDDH4wXR5Mm12AalScDss8vcbiyuMfqvrT88XaffPvylMHGxMyksUDo
+0TTgcTm1uFW0wvKDadulxmPvLYLyPN4p/dW6VDXXq9ilDr1/me+ibwnRmHDH+SoH
+BbeOFO4tarPz3AkXoyI/WMq9nBDl4fIrEog2+uMjb/WihanR988++iig1mieDSRu
+7QAKoQB3vUwPezlfMs2XctIaKFYdjZu6gfvDtTZui6W0xqeFkg1kLAsaehBusXxg
+fvyOejadvGwoMawGiU5FZ5uj/v1YR8VOGvomOJzC06fWnIUKgqn4a6D2X/MfPR9f
+pQKv5apydoIFG6mFBDKEBIkijF2HckQu0CLHeht310p2cNUgowOS7zOJuVnevSWe
+kD2BULubAJImA2z0MQ8Pugh2ncoLUtNZCmgE+jLrRU4Zddz7eDyEl7DVd+H2dxBu
+RBHG+sBGPiKiQdTYYV0RgD9x5cti9uWlmZdE/6O/XQvv/RRxtKmEOBhkt8CYxmI9
+YOUGfdn5vuDL3Y0DeDtbLiRy7vsEYGOEdZA/bokhfd0rgBLhuE2IbYOrqSUGcCgf
+My9fhOq38y2JobtfYjwqd/5n4rAr+SZiLbmybQTxOtE
+-> piv-p256 zqq/iw A8GFsoqirC0RJ4eixlKpXyBHX4k2DOqg5TwrCs1CfO/G
+JFLrH88VXM7PTFhNBd0W2nu8R84H6lzKzmtrzImIlEw
+-> piv-p256 vRzPNw AkMCyw7yHn86oEibYHYVdabZ1CByOPuh5Nvp30MnRLuF
+RmJ3IbeYwLs56j88lvWPO+QqFoy3XaJATE8c7smZnQ4
+-> G-grease [ }t%(yT 7xk=}_<l
+yY30fZgtgr/xxrsGJ0DpFMgkzgwQ7vit4rOmtxjK607p
+--- wWPbDsNvqAf9jk3VDNBRy16AQxaYWX9nNvymCReN1vw
+ý3ÒD0q
+èZ2›Ý>ÿ/iÎüçn†_ ùóî‘ù\;È!Þ{3î.¬¸8¡Ûžý]æ…™MWs’fåQm|T“ß¿TêH›P‘Äç_¶
\ No newline at end of file
diff --git a/secrets/firefly-db-secrets.env.age b/secrets/firefly-db-secrets.env.age
index 72b3f67..0bc5b47 100644
Binary files a/secrets/firefly-db-secrets.env.age and b/secrets/firefly-db-secrets.env.age differ
diff --git a/secrets/firefly-importer-secrets.env.age b/secrets/firefly-importer-secrets.env.age
index 3d1b07b..fc951c7 100644
Binary files a/secrets/firefly-importer-secrets.env.age and b/secrets/firefly-importer-secrets.env.age differ
diff --git a/secrets/firefly-secrets.env.age b/secrets/firefly-secrets.env.age
index 81f72f9..845cfbd 100644
Binary files a/secrets/firefly-secrets.env.age and b/secrets/firefly-secrets.env.age differ
diff --git a/secrets/hosting-de-acme-secrets.age b/secrets/hosting-de-acme-secrets.age
index e6b05d0..b38f48f 100644
Binary files a/secrets/hosting-de-acme-secrets.age and b/secrets/hosting-de-acme-secrets.age differ
diff --git a/secrets/id_ed25519_sk-464.age b/secrets/id_ed25519_sk-464.age
new file mode 100644
index 0000000..69ee78e
Binary files /dev/null and b/secrets/id_ed25519_sk-464.age differ
diff --git a/secrets/id_ed25519_sk-485.age b/secrets/id_ed25519_sk-485.age
new file mode 100644
index 0000000..e391fee
Binary files /dev/null and b/secrets/id_ed25519_sk-485.age differ
diff --git a/secrets/invoiceplane-db-password.age b/secrets/invoiceplane-db-password.age
index 2701c1b..d580caf 100644
Binary files a/secrets/invoiceplane-db-password.age and b/secrets/invoiceplane-db-password.age differ
diff --git a/secrets/invoiceplane-db-secrets.env.age b/secrets/invoiceplane-db-secrets.env.age
index 19a68e7..8df4f9d 100644
--- a/secrets/invoiceplane-db-secrets.env.age
+++ b/secrets/invoiceplane-db-secrets.env.age
@@ -1,20 +1,23 @@
 age-encryption.org/v1
--> ssh-ed25519 8bHz7g 9SmcFZlNj2xIs4NyHwfgoLi8luhWi6C8uHFlN61Eq38
-vrgBd+ZV7B+6E0zx+3w8gLWu1uS+4fhpBD8Jj3w8gck
+-> ssh-ed25519 8bHz7g JCN3vsUfzuyeYp9VeoH2/hMMAE4KcQc16LHX1hWzdT4
+Ee18O7YdXuHIso9NB7OwdzI3acINX1w42M18d0JNS/U
 -> ssh-rsa kFDS0A
-h/4d7cXZ/OAzbrZJN/4LFUBZ43n4zf3yS0kY2Y1IFvgiCUii31RNj1xOOy4QhWxr
-rzXs2GyIDnZrCR09TUyLZ+o3OvsrsMo1WMcgrDfO2KG72GhAAEdwg9WpPm8nacH4
-6cknu2ihMbDYqCPLDaGzd/Wm2ea4oWMaQ64YfJJRyXScTqOrF0Qk0iQ6FbmsOg/W
-WRxGOf2elqoKZB6ycbqvPiLMiI+CBf8aAydokG7WrWWGASWiZ8xMpF5gNV9+OAqD
-y7+OlG8jFBA1w8pjK3pt+S9/Cy5/sMPIBqMy+gUQy1lYSNNcTLhuS6o+HnPNM6mj
-pkr8LRf/gdrfRnlq0MIgZXPRWqeFS1mOb6AgWRwgMcMCIcZmr8SxHfVtCenMZdhm
-KCq/zVoO8ngxyTxwne8rmSVAkrSOELfBIiymqmMq2HxhvjDHCSuA0RUbsVw8TIOo
-fjNiwoM24+8ga5pneMi1Mohq/wqYDBva8WL2Bk3VPOrMDrTzMkTxkxSit4g+k3Sl
-pkgmCAqoj+imXDzdYl8jYZk5XqthV/PN2aSieKEMeSEGqgrknf4wpRmzHlslxa9j
-Cga6N8pkQNoWu05H1xNN1bc/7+HC+wC+3K4T6aLOQ/fNr7Ft05BnP7C+E1dujSyV
-ZOUKSvVcj3R/RJceTo1cZQAbPXTP901yyQkMijh8kls
--> f0KU\-grease zc4QG3J
-m0xA/ZvQyo+sUv7+4tt7uvKf3AJdx8rmPXANYUihsfCVHjOFHbxyrPAvNFkWXUtJ
-e9c
---- Vo56/nRkitzkJ7cn/o/3Dw/S9EdGTsHUvvvCohSdjME
-ÚnÅ^	*=ßè“è—c…Ç™­ru¬pÝ¡Kç1f¹—jë®·^‰tk)¿õµÆJ¨öp€Óg°‚p¦éDê_WU¶_ÚP'‚&Ÿ.»T|A®þUü{å¦0ÄpfÇ?µS	*Ò‰K›we}{È"ŽuÇ½®|­‹ËyFKWÔß7¤1nGÅøÙ?ÈºJ!Úôãyªmót;€ŠWÚ<JëjWE²2!kÚ”tnM3J¥¼<QïÛO-4„
\ No newline at end of file
+ig2U9Wp9SOPAMfCOvW62USYtApU+AK7LIYZ5PlvThNXt9eqxrwz0kI2/SYWG5Mvt
+35+/g1cfgSx8rjFaF6jho251D7QHwRZkfXTO3u6grqRZ0vQLt6hH1FBigEOMRtjx
+cY2L4iHZDhsAs9dSInua+6oZCCc52PZOtnv7R3NpIW9GBrOCzFZRusSqyJYugDv/
+X+flZEXDhCHAl/BYPizV1cyUU9dSLX0dZmCn+h21YuXfaKMVfPonwVN2fsaQ+rwM
+w1Ip0vmEkfebkuWugaWi8zyxrFIMjequ8MvXYsDSMqgrg+HKC5LVokstR4iDvQ/9
+M8dj3v80AG1RK8dtFJCl6DhW5kvtaSScO8dFbS5K+nGHt833cr+qcGx48+NejNUh
+CQVa6CuEZ+3kTbfl3NH8qTcWqv1Hzq/SaLi04GQtomphgNGOY/nevE6eIyxAkGKS
+3PFJ52iv2tWtBD127cYy8cQg04sHSKfBpUyVT/9dnVt/I/g2Jm0TQu0d10w0xrsz
+BcH/eTpuCs1LM2O54ZzyM/ldsNA/WSO07ACs64L0rRITj89lGlfp0NWrAksbK53b
+MBvdpKEk9ktEOA5p332ZW5VfYBzGZVck45fqfNjp4oCqbP0monUPOhlIAqptcQUh
+SKwlsERis0xMftKEFuSfxhVwDzLM/mVVFv4k76jqKaI
+-> piv-p256 zqq/iw A4mMXUlxJFKQ474EZME+P8FQzo3R5LvqxCcLzmPGDcwW
+/riLTAVcExxtlqrTRio3cD/kyvuccYssFc0/Akl+qJE
+-> piv-p256 vRzPNw AuszepoU+FxnegMXQcQ4CbCyMnIYQHo6+VQYSR5y2HYA
+R2jUJ0RusOF4RNlLVfczHaM8uKjW8fcS/Xa6lF7ORjc
+-> 7H3-grease XLN lv eDPu-6CO
+g1+CqKIuuNV0IKmg8stp+MV1g0czH3CKgQ
+--- wtIXDN9dWf3ZizSwrfPzBamFmIu9Da6muF52QHsiWfU
+¸&:ÅŽ«aMÔ{›ÑvúêÄÑïŸñ›æùBA4yŸ]S´F(H-ŸÊ¥=G¢â¦GˆB@l¬^b¡/ä:6àÖOÌŽÕªó.‡‚*]!°=¦Ú“ÁÙa©½ÖÛíi"¸Ái[¨ª®4Ha£^¼Øˆäû¸æ“Æú¸bÎÃ?fÝu"…5Õ'kêxÐí÷´ð¶XYRä}åM@@å>yƒ°º­bêièö!´%x«šQT/÷å’¦Û
\ No newline at end of file
diff --git a/secrets/mail@b12f.io-password.age b/secrets/mail@b12f.io-password.age
index e83bd5c..d5e277e 100644
Binary files a/secrets/mail@b12f.io-password.age and b/secrets/mail@b12f.io-password.age differ
diff --git a/secrets/rclone-pie.conf.age b/secrets/rclone-pie.conf.age
index f1725c4..e2f0d9b 100644
Binary files a/secrets/rclone-pie.conf.age and b/secrets/rclone-pie.conf.age differ
diff --git a/secrets/restic-password.age b/secrets/restic-password.age
index eeac385..e80ecb5 100644
Binary files a/secrets/restic-password.age and b/secrets/restic-password.age differ
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index 1fbf728..d4eee6b 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -1,6 +1,9 @@
 let
   bbcom = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCmXpOU6vzQiVSSYCoxHYv7wDxC63Qg3dxlAMR6AOzwIABCU5PFFNcO0NWYms/YR7MOViorl+19LCLRABar9JgHU1n+uqxKV6eGph3OPeMp5sN8LAh7C9N+TZj8iJzBxQ3ch+Z/LdmLRwYNJ7KSUI+gwGK6xRS3+z1022Y4P0G0sx7IeCBl4lealQEIIF10ZOfjUdBcLQar7XTc5AxyGKnHCerXHRtccCoadLQujk0AvPXbv3Ma4JwX9X++AnCWRWakqS5UInu2tGuZ/6Hrjd2a9AKWjTaBVDcbYqCvY4XVuMj2/A2bCceFBaoi41apybSk26FSFTU4qiEUNQ6lxeOwG4+1NCXyHe2bGI4VyoxinDYa8vLLzXIRfTRA0qoGfCweXNeWPf0jMqASkUKaSOH5Ot7O5ps34r0j9pWzavDid8QeKJPyhxKuF1a5G4iBEZ0O9vuti60dPSjJPci9oTxbune2/jb7Sa0yO06DtLFJ2ncr5f70s/BDxKk4XIwQLy+KsvzlQEGdY8yA6xv28bOGxL3sQ0HE2pDTsvIbAisVOKzdJeolStL9MM5W8Hg0r/KkGj2bg0TfoRp1xHV9hjKkvJrsQ6okaPvNFeZq0HXzPhWMOVQ+/46z80uaQ1ByRLr3FTwuWJ7F/73ndfxiq6bDE4z2Ji0vOjeWJm6HCxTdGw== hello@benjaminbaedorf.com";
 
+  yubi485 = "age1yubikey1qgxuu2x3uzw7k5pg5sp2dv43edhwdz3xuhj7kjqrnw0p8t0l67c5yz9nm6q";
+  yubi464 = "age1yubikey1qd7szmr9ux2znl4x4hzykkwaru60nr4ufu6kdd88sm7657gjz4x5w0jy4y7";
+
   biolimo-host = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBZzg8pfVtFonx/IvO2MKG5uVF/sMJAOt1Ifm9Vds2eA root@biolimo";
   biolimo-user = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDDoYNvXWunQYFORRjcYH1F98+zr20U79ROh+gmaC7AY/x3yf4y8uyMayF56VgQLVNwgEchT5t4dNb9qo2+1oUnjiKrKAVfQMN6WMMMEr4F4WT784uvBx5Uo6vmhgAa+xoo62c4TV2Uf49ZiPd+zAApBHW1F/whPtunPF28Wfr9g+ozSidhnAr+3nkfJh331tz9s+wgQ39AFzFWftQ60Guulpfj8SaVyxyv/yZZAuFpXNzN0Cz4fWBIWFOsib6Z8y+SlUCzSzOguZ7FygHjwlvOxoISsASAuf0OfUKHxVshiL5F5AX1ddmUgXbUKUTp/3Iunr74pfOQC8TXzZHqhrlFzYDmK5J9E6eADSpgx++bCCaHycl73BWeertCBZSHBXeb3Db9HX+mxwpfP3alVAt4ZqQb3YD/VB7XGDvHbmLn+wSfecO2qA9PxiA0yX7e2BZLN9r3G3bRNSk0GpnYM0i84FE9IipiKKnWVjj7J0UPQmz7rzAn2Lki1CnX9PDdxZneqTxgpBomHJt4H+vXMw13scA4xxEDBvfS5KkjbEJqWLbfklCoER6nV3NPLZ6CBl0Xe/VQBSkqEuUEIXih/oa8emDOGUODNF75ck5NJmKiGg6AFZoeiDa7PZMIxhhOq4vsR2Ty43rztUJ0CMX7iSIk3Eql7kqNdvrJaJ7z0GBsiw== b12f@biolimo";
 
@@ -18,6 +21,8 @@ let
 
   baseKeys = [
     bbcom
+    yubi485
+    yubi464
   ];
 
   stroopwafelKeys = [
@@ -61,6 +66,9 @@ in {
   "ehex.ovpn.age".publicKeys = biolimoKeys ++ chocolatebarKeys ++ stroopwafelKeys ++ baseKeys;
   "ehex-vpn.creds.age".publicKeys = biolimoKeys ++ chocolatebarKeys ++ stroopwafelKeys ++ baseKeys;
 
+  "id_ed25519_sk-485.age".publicKeys = biolimoKeys ++ chocolatebarKeys ++ stroopwafelKeys ++ baseKeys;
+  "id_ed25519_sk-464.age".publicKeys = biolimoKeys ++ chocolatebarKeys ++ stroopwafelKeys ++ baseKeys;
+
   "firefly-secrets.env.age".publicKeys = pieKeys ++ baseKeys;
   "firefly-db-secrets.env.age".publicKeys = pieKeys ++ baseKeys;
   "firefly-importer-secrets.env.age".publicKeys = pieKeys ++ baseKeys;
diff --git a/secrets/unbound_control.key.age b/secrets/unbound_control.key.age
index 1668238..b6f70ef 100644
Binary files a/secrets/unbound_control.key.age and b/secrets/unbound_control.key.age differ
diff --git a/secrets/unbound_control.pem.age b/secrets/unbound_control.pem.age
index b1886b0..a3e1a5a 100644
Binary files a/secrets/unbound_control.pem.age and b/secrets/unbound_control.pem.age differ
diff --git a/secrets/unbound_server.key.age b/secrets/unbound_server.key.age
index 5dcfa84..5111f7e 100644
Binary files a/secrets/unbound_server.key.age and b/secrets/unbound_server.key.age differ
diff --git a/secrets/unbound_server.pem.age b/secrets/unbound_server.pem.age
index 03d3e6d..f124b42 100644
Binary files a/secrets/unbound_server.pem.age and b/secrets/unbound_server.pem.age differ
diff --git a/secrets/wg-private-biolimo.age b/secrets/wg-private-biolimo.age
index f452a21..ffd3412 100644
Binary files a/secrets/wg-private-biolimo.age and b/secrets/wg-private-biolimo.age differ
diff --git a/secrets/wg-private-chocolatebar.age b/secrets/wg-private-chocolatebar.age
index 4386385..4b6e7a7 100644
--- a/secrets/wg-private-chocolatebar.age
+++ b/secrets/wg-private-chocolatebar.age
@@ -1,31 +1,33 @@
 age-encryption.org/v1
--> ssh-ed25519 2Ca8Kg 7h9DfPmlj1Y/zkj9rHqB0Ach3dJN/fePpx59EZWC5xA
-Z0kwHjtlYf0EU7eDFBBOfqdYe+Z4Ssq70uFj0TzPB0E
+-> ssh-ed25519 2Ca8Kg W64kOa+eS/QGXHU1JeyiKsJnb/t8i+ffVt1Y6S/tOXQ
+U0XAS7npRZGHeIouTZXqrNO7Ck0ewITC2cQ1cYgZM8g
 -> ssh-rsa 2ggJWw
-T65UVCKNeQhefE8HJtXeGB8SNGSoI67aZ/Zvc6awD6SZOMzZQAhWxvZ/WAAi8c9q
-QViU6FPUZCC140lpc+I5sa1HM2oo5RoVm46OJff9oUc0zZazRTakQ4AIQpszEWoo
-vKAWKqWk7Su77CWamB59gjJJ3SQZ0q7r5XAQKIVy2aErfB51RVZaE7cTxg2MoM7C
-AjitxlkD1Y1++/e2RsKsZVcRXBPnCuWmlzAHaKbWEaSi2qtIVaw3do6P8iSgQZrF
-9TBsdgymVikBI/qtBoewU8mVmgUk7bA//8iCrOgR1O74OcWQcCTRI/AwCDglHLGj
-IHtFK4BDCrTrgLyHoJ2ARXsKrZMnSQYQOxi8bbKXqjgqvDwW3egHCz8UQh4GOMG8
-CS2+ehXm63l0dJaEilcgW2c5v3on6SErLSbu1PsFyhm1fEa49mbA4Uj6LzF09kqc
-GQJYKqhGfkfiZhGUIkz0lLj1eWP5xqLBFUqNKUCGeqW3+nwu13/SiVUul5HkdbkO
+3cyrTTq2M8j9k2mSi9OAyfe0gSSAtETZRPiwpVS7kUvtBgdcis2kbfmgMUb5kvZA
+26U4cSx+lkueOWwyPOBz45ZtVzwLvdFWKtCdTO6+bGNVkTlBB/n78mQ1VUUK98XU
+WhJmQFoLtcf1Npegzpq2HPYT4i32cQ+ko7f/3fQiMrBWSRBCyaX2n95m+DEKZn6b
+kh0EEL3zORbDKs21SDtvsxfBiQ9nHd+XyJAfbPZCcJ9UowmL9eyhLqKR/YEDapfi
+QCxKasXxmDIwPaxcE8rmOD7l/TPbvhMPBTATmaeh3Si94VnwIN6bBhc3tKGAaQ/D
+v1ErsJILh0vBoxWArdZwBP2eRQ2HxrZTPC+HkA9LzpoccAvkWh33D5I7nkp+yh+6
+zAuExjxre1t7jSG31BzTnCzerSC+G00Mv21t84Hc1eeSiJrY7sHlsQXrOCOCqAEf
+0bS9rzG5WpVy9A8oHLKFWh4XgGGq7oSZu+miocJ45eiAEgcb75byIgzqqLNPU6RH
 
 -> ssh-rsa kFDS0A
-hqERd6xZsg+oQAo+C8HIWZXMEYbabw+NURSolN4hfgi58EGOUn6yJ7Y+g82oKcRY
-TMkmtkzPIaPE2/QepQIlck+VBZL203cgP8jLn3uSX4iYJ1bwKNxhOUpBd+be/N8j
-BtqqhvG95aipPGOR8W70JCOvOz4URl3wL3QAdvMWGDhHrY3UDDpPvznpZvMSbiE1
-gUdcl7FAqrFbF3y1Zucwt5WJmfz8A3ASSwOHtLex44mE5Wmww+yGF1EGUoil53Rc
-FBpHO2foXuua5sIvly8zhGCTFfyuDawNC4mf5jkuZQ3p9o0ElCkAHeDoVFSMJWtA
-qADAG0No9uuVPgOXAwxDhleEpyqT6O3mVqFmFWJoh6tTjluYSg8uFL/PRc0gXcd4
-pWSm472eNhFbkz+SOr0DXQd2uqQNIWbCj6B0Yl8+V6jiMCRH5A7IkcclCrf16mlA
-sj7qQtEYmhK8NpjGt7CdKHnJYvh7fOPS00VesUyr5vqz5DudG9RuJE786i4VQZw2
-TbrgViZdisK7RuxLHEkp4KB0Bytva+iRs62e71umLsRAhSGhnsBc8yngEZxRfYqK
-RYjI5go5rOrFTjq3e7Yg4d0uhC6Pd85MQWkZXjKL+KEDfYe5T+cH4Tc4mERV/W9Y
-NZmn5jjwbyQ9rNUCpxoszovA2ppXmcyfGCvqN76bLvY
--> JzyYP~-grease \{]xv
-kJPY2/far70B4UwaCv8mwsgQq59f5sLff2R3+fO+rCBlWiDS26kv9wv9+Nw1DVTo
-vpW/PNv36BC/QIwD9689DT2mW9w15rJAkSaBTgBwM7sxyfWmFh6jbAPVVQ
---- fa14cVMaqBBl9fqyVGj2tHPjhO96M3GjaHc0wXgqOvM
-»…iŽC=…¸™Ðy5Ç¯Fi\tQ;ÍRwù2ñÊ’ú>mÒŠ@KÝ“JÂq}ŒDr)¤¤ú)ºYÝ(CÉv4L;ZNÒ
-'oÆQ3+êåÉ
\ No newline at end of file
+FRNrt/A7rb0TFuLgMffqaynjyY0jnilI5FhGOnEl6PWXM1D3EZCuzRkBc6D8AICv
+UEckNyhlJ1e8o4F7OQb+GTkhwPEI62j3rJMTJkh1qJlOhuZvPeW5a4ezF/gWbO50
+P+y2JFysSTEClvVcwx1ZMrSmysTAM6xdOB0qBlBRscQ/AL7MPrSu3q7s8QuDoND1
+96qGYa0td/JZxUEG8Xtjglf79w1O/iFOEc40fimf+PV0xXnj3reQBEnNTKkSZJ08
++ZBhX/EVNoTWSx/M8vTyrelt3qjMy0koetizXX4zIfUJCujZ5wMs9xwhxj7f7nXk
+NQaSWOjlwsKuyb94lbEPqnMqFc39dxqaTZou8BViBjVDhmPF9b91GwpiGW5du1fJ
+QZ6WaQOXgBifSmOqSB6yGKV3sf2ZLOjYnRkkbrgDbdxyHXQQUExTTZrdG1Zt1J3I
+OBd1xjLk4bg2yxjTAvRGpW3PDq6oolmV71uE2jCA/5s04Xi39U34jNhKNgUTh07g
+e00Ji5DhxrD1y6jvAHP7S8wMHS15VGC2IgWiLCgencwInXlz1Ns9ZwvJZgPMN7vn
+WqHBKZeIWhPFctHd1yBCId10fmNtc2Yj4QJoH79jwWkaf0nn1IhVc5sJX9lh3C2Q
+dZ5daJgYfscrzhLcVcZfsnLRpI89U3X6SFUsgGLYGt0
+-> piv-p256 zqq/iw AxtkIEp5fIzpWMfWT3i9HjZ2SVTWo6esA83avH6POQ+7
+Dm6EHleZOdNmwMwQCq7p/+nqSSjYyKXGwXBjel3aD1U
+-> piv-p256 vRzPNw A0JlcV4dbrTqW2pHjbm5wTkpvNeytTeCps3jqpaLuVyC
+M3/zZ+oR4IgjH3X+IIZstL7RO1EvXPahYCo9FjR3Oqk
+-> vG}-grease ,,*T~ J7t o^V90d
+ZccEWsIt3YtWexwhf9Q9tgVsGPbI6D/+2MIQm33eqyI
+--- PLAX8jHH+Yg+HFWm4JULmDKCj4rKzkuhQknJGDO4Ht0
+;?¡Á(c	ëÚ‡×Œ[0uÜsÀ%|>Ô9ùã^{otI]0ˆžJ]*ÈÁÕTŽÿTt½N³´“_ãÓ§R¬vØ¨|1Çlo]-ï½~Ú
\ No newline at end of file
diff --git a/secrets/wg-private-droppie.age b/secrets/wg-private-droppie.age
index eb49a2a..a41021a 100644
Binary files a/secrets/wg-private-droppie.age and b/secrets/wg-private-droppie.age differ
diff --git a/secrets/wg-private-frikandel-server.age b/secrets/wg-private-frikandel-server.age
index 4010079..920599d 100644
Binary files a/secrets/wg-private-frikandel-server.age and b/secrets/wg-private-frikandel-server.age differ
diff --git a/secrets/wg-private-pie.age b/secrets/wg-private-pie.age
index 49ea06d..fa0a267 100644
Binary files a/secrets/wg-private-pie.age and b/secrets/wg-private-pie.age differ
diff --git a/secrets/wg-private-stroopwafel.age b/secrets/wg-private-stroopwafel.age
index 505a91f..12415d7 100644
Binary files a/secrets/wg-private-stroopwafel.age and b/secrets/wg-private-stroopwafel.age differ