feat: flora-6 #48

Merged
b12f merged 7 commits from feat/flora-6 into main 2023-11-15 18:54:39 +00:00
37 changed files with 694 additions and 173 deletions

View file

@ -2,10 +2,19 @@
We use [deploy-rs](https://github.com/serokell/deploy-rs) to deploy changes. Currently this process is not automated, so configuration changes will have to be manually deployed. We use [deploy-rs](https://github.com/serokell/deploy-rs) to deploy changes. Currently this process is not automated, so configuration changes will have to be manually deployed.
To deploy, make sure you have a [working development shell](./development-shell.md). Then, run deploy-rs with the hostname of the server you want to deploy: To deploy, make sure you have a [working development shell](./development-shell.md). Then, run `deploy-rs` with the hostname of the server you want to deploy:
For nachtigall.pub.solar:
``` ```
deploy '.#nachtigall' deploy '.#nachtigall'
``` ```
You'll need to have SSH Access to the box to be able to do this. For flora-6.pub.solar:
```
deploy '.#flora-6'
```
You'll need to have SSH Access to the boxes to be able to do this.
### SSH access
Ensure your SSH public key is in place [here](./public-keys/admins.nix) and was deployed by someone with access.

21
docs/mailman.md Normal file
View file

@ -0,0 +1,21 @@
# Mailman on NixOS docs
- add reverse DNS record for IP
Manual setup done for mailman, adapted from https://nixos.wiki/wiki/Mailman:
```
# Add DNS records in infra repo using terraform:
# https://git.pub.solar/pub-solar/infra-vintage/commit/db234cdb5b55758a3d74387ada0760e06e166b9d
# Generate initial postfix_domains.db and postfix_lmtp.db databases for Postfix
sudo -u mailman mailman aliases
# Create a django superuser account
sudo -u mailman-web mailman-web createsuperuser
# Followed outlined steps in web UI
```

View file

@ -122,6 +122,21 @@
"type": "github" "type": "github"
} }
}, },
"flake-utils_2": {
"locked": {
"lastModified": 1653893745,
"narHash": "sha256-0jntwV3Z8//YwuOjzhV2sgJJPt+HY6KhU7VZUL0fKZQ=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "1ed9fb1935d260de5fe1c2f7ee0ebaae17ed2fa1",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"home-manager": { "home-manager": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -280,6 +295,7 @@
"nixos-flake": "nixos-flake", "nixos-flake": "nixos-flake",
"nixpkgs": "nixpkgs", "nixpkgs": "nixpkgs",
"nixpkgs-2205": "nixpkgs-2205", "nixpkgs-2205": "nixpkgs-2205",
"triton-vmtools": "triton-vmtools",
"unstable": "unstable" "unstable": "unstable"
} }
}, },
@ -313,6 +329,30 @@
"type": "github" "type": "github"
} }
}, },
"triton-vmtools": {
"inputs": {
"flake-utils": "flake-utils_2",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"dir": "vmtools",
"lastModified": 1698443513,
"narHash": "sha256-wX2JIJ3JmJn6MAurdyjwZU+FZjLCwBArMrVSeeCb/ZU=",
"ref": "main",
"rev": "0d039dcf06afb8cbddd7ac54bae4d0d185f3e88e",
"revCount": 85,
"type": "git",
"url": "https://git.pub.solar/pub-solar/infra-vintage?dir=vmtools"
},
"original": {
"dir": "vmtools",
"ref": "main",
"type": "git",
"url": "https://git.pub.solar/pub-solar/infra-vintage?dir=vmtools"
}
},
"unstable": { "unstable": {
"locked": { "locked": {
"lastModified": 1698318101, "lastModified": 1698318101,

View file

@ -26,6 +26,9 @@
keycloak-theme-pub-solar.url = "git+https://git.pub.solar/pub-solar/keycloak-theme?ref=main"; keycloak-theme-pub-solar.url = "git+https://git.pub.solar/pub-solar/keycloak-theme?ref=main";
keycloak-theme-pub-solar.inputs.nixpkgs.follows = "nixpkgs"; keycloak-theme-pub-solar.inputs.nixpkgs.follows = "nixpkgs";
triton-vmtools.url = "git+https://git.pub.solar/pub-solar/infra-vintage?ref=main&dir=vmtools";
triton-vmtools.inputs.nixpkgs.follows = "nixpkgs";
}; };
outputs = inputs@{ self, ... }: outputs = inputs@{ self, ... }:
@ -82,8 +85,15 @@
deploy.nodes = self.lib.deploy.mkDeployNodes self.nixosConfigurations { deploy.nodes = self.lib.deploy.mkDeployNodes self.nixosConfigurations {
nachtigall = { nachtigall = {
# hostname is set in hosts/nachtigall/networking.nix
sshUser = username; sshUser = username;
}; };
flora-6 = {
hostname = "flora-6.pub.solar";
sshUser = username;
# Example
#sshOpts = [ "-p" "19999" ];
};
}; };
}; };
}; };

View file

@ -13,6 +13,16 @@
self.nixosModules.docker self.nixosModules.docker
]; ];
}; };
flora-6 = self.nixos-flake.lib.mkLinuxSystem {
imports = [
self.inputs.agenix.nixosModules.default
self.nixosModules.home-manager
./flora-6
self.nixosModules.overlays
self.nixosModules.core
];
};
}; };
}; };
} }

View file

@ -0,0 +1,41 @@
{
config,
lib,
pkgs,
flake,
...
}:
{
systemd.tmpfiles.rules = [
"d '/data/srv/www/os/download/' 0750 hakkonaut hakkonaut - -"
];
services.caddy = {
enable = lib.mkForce true;
group = "hakkonaut";
email = "admins@pub.solar";
enableReload = true;
globalConfig = lib.mkForce ''
grace_period 60s
'';
virtualHosts = {
"ci.pub.solar" = {
logFormat = lib.mkForce ''
output discard
'';
extraConfig = ''
reverse_proxy :4000
'';
};
"obs-portal.pub.solar" = {
logFormat = lib.mkForce ''
output discard
'';
extraConfig = ''
reverse_proxy obs-portal.svc.e5756d08-36fd-424b-f8bc-acdb92ca7b82.lev-1.int.greenbaum.zone:3000
'';
};
};
};
networking.firewall.allowedTCPPorts = [80 443];
}

View file

@ -0,0 +1,116 @@
{
config,
lib,
pkgs,
flake,
...
}: {
age.secrets.drone-secrets = {
file = "${flake.self}/secrets/drone-secrets.age";
mode = "600";
owner = "drone";
};
age.secrets.drone-db-secrets = {
file = "${flake.self}/secrets/drone-db-secrets.age";
mode = "600";
owner = "drone";
};
users.users.drone = {
description = "Drone Service";
home = "/var/lib/drone";
useDefaultShell = true;
uid = 994;
group = "drone";
isSystemUser = true;
};
users.groups.drone = {};
systemd.tmpfiles.rules = [
"d '/var/lib/drone-db' 0750 drone drone - -"
];
systemd.services."docker-network-drone" = let
docker = config.virtualisation.oci-containers.backend;
dockerBin = "${pkgs.${docker}}/bin/${docker}";
in {
serviceConfig.Type = "oneshot";
before = ["docker-drone-server.service"];
script = ''
${dockerBin} network inspect drone-net >/dev/null 2>&1 || ${dockerBin} network create drone-net --subnet 172.20.0.0/24
'';
};
virtualisation = {
docker = {
enable = true; # sadly podman is not supported rightnow
extraOptions = ''
--data-root /data/docker
'';
};
oci-containers = {
backend = "docker";
containers."drone-db" = {
image = "postgres:14";
autoStart = true;
user = "994";
volumes = [
"/var/lib/drone-db:/var/lib/postgresql/data"
];
extraOptions = [
"--network=drone-net"
];
environmentFiles = [
config.age.secrets.drone-db-secrets.path
];
};
containers."drone-server" = {
image = "drone/drone:2";
autoStart = true;
user = "994";
ports = [
"4000:80"
];
dependsOn = ["drone-db"];
extraOptions = [
"--network=drone-net"
"--pull=always"
];
environment = {
DRONE_GITEA_SERVER = "https://git.pub.solar";
DRONE_SERVER_HOST = "ci.pub.solar";
DRONE_SERVER_PROTO = "https";
DRONE_DATABASE_DRIVER = "postgres";
};
environmentFiles = [
config.age.secrets.drone-secrets.path
];
};
containers."drone-docker-runner" = {
image = "drone/drone-runner-docker:1";
autoStart = true;
# needs to run as root
#user = "994";
volumes = [
"/var/run/docker.sock:/var/run/docker.sock"
];
dependsOn = ["drone-db"];
extraOptions = [
"--network=drone-net"
"--pull=always"
];
environment = {
DRONE_RPC_HOST = "ci.pub.solar";
DRONE_RPC_PROTO = "https";
DRONE_RUNNER_CAPACITY = "2";
DRONE_RUNNER_NAME = "flora-6-docker-runner";
};
environmentFiles = [
config.age.secrets.drone-secrets.path
];
};
};
};
}

View file

@ -0,0 +1,35 @@
{
config,
lib,
pkgs,
flake,
...
}: {
age.secrets.forgejo-actions-runner-token = {
file = "${flake.self}/secrets/forgejo-actions-runner-token.age";
mode = "644";
};
# forgejo actions runner
# https://forgejo.org/docs/latest/admin/actions/
# https://docs.gitea.com/usage/actions/quickstart
services.gitea-actions-runner = {
package = pkgs.forgejo-actions-runner;
instances."flora-6" = {
enable = true;
name = config.networking.hostName;
url = "https://git.pub.solar";
tokenFile = config.age.secrets.forgejo-actions-runner-token.path;
labels = [
# provide a debian 12 bookworm base with Node.js for actions
"debian-latest:docker://node:20-bookworm"
# fake the ubuntu name, commonly used in actions examples
"ubuntu-latest:docker://node:20-bookworm"
# alpine with Node.js
"alpine-latest:docker://node:20-alpine"
# nix flakes enabled image with Node.js
"nix-flakes:docker://git.pub.solar/pub-solar/nix-flakes-node:latest"
];
};
};
}

View file

@ -0,0 +1,71 @@
{
config,
lib,
pkgs,
flake,
...
}: let
psCfg = config.pub-solar;
in {
imports = [
"${flake.inputs.unstable}/nixos/modules/services/continuous-integration/gitea-actions-runner.nix"
"${flake.inputs.unstable}/nixos/modules/services/web-servers/caddy/default.nix"
];
disabledModules = [
"services/continuous-integration/gitea-actions-runner.nix"
"services/web-servers/caddy/default.nix"
];
config = {
# Override nix.conf for more agressive garbage collection
nix.extraOptions = lib.mkForce ''
experimental-features = flakes nix-command
min-free = 536870912
keep-outputs = false
keep-derivations = false
fallback = true
'';
# # #
# # # Triton host specific options
# # # DO NOT ALTER below this line, changes might render system unbootable
# # #
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
# Force getting the hostname from cloud-init
networking.hostName = lib.mkDefault "";
# List services that you want to enable:
services.cloud-init.enable = true;
services.cloud-init.ext4.enable = true;
services.cloud-init.network.enable = true;
# use the default NixOS cloud-init config, but add some SmartOS customization to it
environment.etc."cloud/cloud.cfg.d/90_smartos.cfg".text = ''
datasource_list: [ SmartOS ]
# Do not create the centos/ubuntu/debian user
users: [ ]
# mount second disk with label ephemeral0, gets formated by cloud-init
# this will fail to get added to /etc/fstab as it's read-only, but should
# mount at boot anyway
mounts:
- [ vdb, /data, auto, "defaults,nofail" ]
'';
# We manage the firewall with nix, too
# altough triton can also manage firewall rules via the triton fwrule subcommand
networking.firewall.enable = true;
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "22.05"; # Did you read the comment?
};
}

15
hosts/flora-6/default.nix Normal file
View file

@ -0,0 +1,15 @@
{ ... }:
{
imports =
[ # Include the results of the hardware scan.
./hardware-configuration.nix
./configuration.nix
./triton-vmtools.nix
./apps/caddy.nix
./apps/drone.nix
./apps/forgejo-actions-runner.nix
];
}

View file

@ -0,0 +1,45 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [];
boot.initrd.availableKernelModules = ["ahci" "virtio_pci" "xhci_pci" "sr_mod" "virtio_blk"];
boot.initrd.kernelModules = [];
boot.kernelModules = [];
boot.extraModulePackages = [];
fileSystems."/" = {
device = "/dev/disk/by-label/nixos";
autoResize = true;
fsType = "ext4";
};
fileSystems."/boot" = {
device = "/dev/disk/by-label/boot";
fsType = "vfat";
};
fileSystems."/data" = {
device = "/dev/disk/by-label/ephemeral0";
fsType = "ext4";
options = [
"defaults"
"nofail"
];
};
swapDevices = [];
networking.useDHCP = lib.mkDefault false;
networking.networkmanager.enable = lib.mkForce false;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

View file

@ -0,0 +1,9 @@
{
pkgs,
flake,
...
}: {
environment.systemPackages = with pkgs; [
flake.inputs.triton-vmtools.packages.${pkgs.system}.default
];
}

View file

@ -35,17 +35,17 @@
boot.initrd.availableKernelModules = [ "igb" ]; boot.initrd.availableKernelModules = [ "igb" ];
# Set your time zone.
time.timeZone = "Etc/UTC";
environment = {
# just a couple of packages to make our lives easier
systemPackages = with pkgs; [ vim ];
};
# https://nixos.wiki/wiki/ZFS#declarative_mounting_of_ZFS_datasets # https://nixos.wiki/wiki/ZFS#declarative_mounting_of_ZFS_datasets
systemd.services.zfs-mount.enable = false; systemd.services.zfs-mount.enable = false;
# Declarative SSH private key
age.secrets."nachtigall-root-ssh-key" = {
file = "${flake.self}/secrets/nachtigall-root-ssh-key.age";
path = "/root/.ssh/id_ed25519";
mode = "400";
owner = "root";
};
# This value determines the NixOS release with which your system is to be # This value determines the NixOS release with which your system is to be
# compatible, in order to avoid breaking some software such as database # compatible, in order to avoid breaking some software such as database
# servers. You should change this only after NixOS release notes say you # servers. You should change this only after NixOS release notes say you

View file

@ -9,7 +9,7 @@
terminal-tooling = import ./terminal-tooling.nix; terminal-tooling = import ./terminal-tooling.nix;
users = import ./users.nix; users = import ./users.nix;
core = { core = { pkgs, ... }: {
imports = [ imports = [
nix nix
networking networking
@ -17,6 +17,19 @@
users users
]; ];
environment = {
# Just a couple of global packages to make our lives easier
systemPackages = with pkgs; [ git vim wget ];
};
# Select internationalization properties
console = {
font = "Lat2-Terminus16";
keyMap = "us";
};
time.timeZone = "Etc/UTC";
home-manager.users.${self.username} = { home-manager.users.${self.username} = {
home.stateVersion = "23.05"; home.stateVersion = "23.05";
}; };

View file

@ -1,15 +1,40 @@
{ pkgs, ... }: { { pkgs, ... }: {
services.openssh.enable = true; services.openssh = {
services.openssh.settings.PermitRootLogin = "prohibit-password"; enable = true;
services.openssh.settings.PasswordAuthentication = false; settings = {
PermitRootLogin = "prohibit-password";
PasswordAuthentication = false;
# Add back openssh MACs that got removed from defaults
# for backwards compatibility
#
# NixOS default openssh MACs have changed to use "encrypt-then-mac" only.
# This breaks compatibilty with clients that do not offer these MACs. For
# compatibility reasons, we add back the old defaults.
# See: https://github.com/NixOS/nixpkgs/pull/231165
#
# https://blog.stribik.technology/2015/01/04/secure-secure-shell.html
# https://infosec.mozilla.org/guidelines/openssh#modern-openssh-67
Macs = [
"hmac-sha2-512-etm@openssh.com"
"hmac-sha2-256-etm@openssh.com"
"umac-128-etm@openssh.com"
"hmac-sha2-512"
"hmac-sha2-256"
"umac-128@openssh.com"
];
};
};
services.resolved = { services.resolved = {
enable = true; enable = true;
# DNSSEC=false because of random SERVFAIL responses with Greenbaum DNS
# when using allow-downgrade, see https://github.com/systemd/systemd/issues/10579
extraConfig = '' extraConfig = ''
DNS=193.110.81.0#dns0.eu 185.253.5.0#dns0.eu 2a0f:fc80::#dns0.eu 2a0f:fc81::#dns0.eu 9.9.9.9#dns.quad9.net 149.112.112.112#dns.quad9.net 2620:fe::fe#dns.quad9.net 2620:fe::9#dns.quad9.net DNS=193.110.81.0#dns0.eu 185.253.5.0#dns0.eu 2a0f:fc80::#dns0.eu 2a0f:fc81::#dns0.eu 9.9.9.9#dns.quad9.net 149.112.112.112#dns.quad9.net 2620:fe::fe#dns.quad9.net 2620:fe::9#dns.quad9.net
FallbackDNS=5.1.66.255#dot.ffmuc.net 185.150.99.255#dot.ffmuc.net 2001:678:e68:f000::#dot.ffmuc.net 2001:678:ed0:f000::#dot.ffmuc.net FallbackDNS=5.1.66.255#dot.ffmuc.net 185.150.99.255#dot.ffmuc.net 2001:678:e68:f000::#dot.ffmuc.net 2001:678:ed0:f000::#dot.ffmuc.net
Domains=~. Domains=~.
DNSOverTLS=yes DNSOverTLS=yes
DNSSEC=false
''; '';
}; };
} }

View file

@ -25,12 +25,6 @@
users.groups.hakkonaut = {}; users.groups.hakkonaut = {};
users.users.root.initialHashedPassword = "$y$j9T$bIN6GjQkmPMllOcQsq52K0$q0Z5B5.KW/uxXK9fItB8H6HO79RYAcI/ZZdB0Djke32"; users.users.root.initialHashedPassword = "$y$j9T$bIN6GjQkmPMllOcQsq52K0$q0Z5B5.KW/uxXK9fItB8H6HO79RYAcI/ZZdB0Djke32";
age.secrets."nachtigall-root-ssh-key" = {
file = "${flake.self}/secrets/nachtigall-root-ssh-key.age";
path = "/root/.ssh/id_ed25519";
mode = "400";
owner = "root";
};
security.sudo.wheelNeedsPassword = false; security.sudo.wheelNeedsPassword = false;
} }

View file

@ -9,6 +9,7 @@
nixpkgs.overlays = [ nixpkgs.overlays = [
(final: prev: { (final: prev: {
mastodon = inputs.mastodon-fork.legacyPackages.${prev.system}.mastodon; mastodon = inputs.mastodon-fork.legacyPackages.${prev.system}.mastodon;
forgejo-actions-runner = inputs.unstable.legacyPackages.${prev.system}.forgejo-actions-runner;
}) })
]; ];
}); });

View file

@ -0,0 +1,28 @@
age-encryption.org/v1
-> ssh-ed25519 Y0ZZaw FLHjNYq0CIlbPUKpJgrw4Dka33LIBW9p2E93v8RGdl8
aw0LoWNfjAx1nXK9+SwFMLRxpd/KZL5Y0XJQqIZG0+E
-> ssh-ed25519 uYcDNw dbVXX0Nj5fq5nr/7yaC3ZQnPIk5MQAQpT5RJmz2IMCM
t9ci+WVCroHprSfoud7LKuaTjk5NeiS/Mp2LqhcOrdI
-> ssh-rsa kFDS0A
RZaFU9rClM9C7SUyYx4e1dZmntzPxoB60gJU2XUXFwkAp54dXL8fxs2cHcRxUQMo
HpzCCMiPo2QowUe9O4VQFlOPraub+aTc/nkMmy/spKM50DeVHlK11aoGkJ2j8uj9
FPAzdI47DFpLWN6ncndtKHvYeV2ip2qv9oOgbl84aQ5DqeACb5BHtGS0edWa8YwM
8B6GX9ZpDGB6oW17Ko4IIjeBRnwmY+66mzl6cqhYsGWK2vOYBDLmx4JmGH2LqHL7
+8kQBaq+hNkRlpgLZC7RIrnaW41yMmRZbyr6hPIXaLnlYp6+7+A8krnZKTJXPgBf
Cpv4SSd+igSSjUGUSrnOM2LqOAOcqBAmnIDAyIsVMPnjOkCFxyEj1ynfiSwM1qb0
QqTi0TZRHZsfpiGcvHVoBCWBFQ8d391MFQAiija0iW6QR/eRiGC4mcSA/6vP6X9G
p7BNJoP+mt0pYpVXCA85Rv5K+0JKR2VqlluHl4V2rnwqCGGelG9oYz2D1pQz7Obs
vVgjJaWxzzLGrCCDwk6LjuXv5UMobwlTw7YEGad7AnKPjtrhLuWm1Xs8STZ5oMJp
BhYLDuTUtLFvYciITEEWK/46IBI4m8iJmKpHOMXjWhSuBGKj9q9ifwxeLOmkZgt/
AojO4dtmmfzVNLGIIoUdFYjbp/Kr92p78y8jBIIkcMs
-> ssh-ed25519 YFSOsg TvpVdCtlBkpCBOPgiy8wKZo/0JxzQFDFRh16SXsdm1Q
SSHyUUNu2S1Sq7c89DZAlx43zoab32mUenqgitqEfXw
-> ssh-ed25519 iHV63A YjDcxJ0Jt1Ifc22kDk5qiPNv333ZVdHizPdc3e0QgGQ
nqXiCnVH9x7xAlEhIlqD2ThvglFLaHyd5yMzun7m7Xk
-> ssh-ed25519 BVsyTA eZZW8nsBoPJEDgH0tJNKMHyQgyOD5gpuf/gAGfaycj8
Ss82nrDGaf/ZB4hq9bVYwmTdh7Z1zl10w8bpr5cN3Dg
-> %o-grease g0_~ |]P[H&% }+
XEDXb/UfDFfY/NGfgrttIHoE0Q/0S2xvBwpy0p1SJb4h1/xOb/E/3uIWT7OlQQgO
8Q
--- 0DdGRYR7j5NAQX63wD6e4LxW3xHTTiBekFtxYFCcK10
“Uç2J¿3fKx¬Õì¢üsñxÿ;1.S û­^dÍùÆÿ3å+«rö{YטµƒÝÅȵ&û' ’ا<0E>Û®)ìÄ_4™/øu¨\TÁ¥<C381>§eFõ¨ tÁRä×ÜsÂÒŸˆs<CB86>Ë%\»s|œ¹°

BIN
secrets/drone-secrets.age Normal file

Binary file not shown.

View file

@ -0,0 +1,29 @@
age-encryption.org/v1
-> ssh-ed25519 Y0ZZaw DpFuuPR7C+Kge5mFO+yDjHgY/3dTiolNAGcxNGnsGwc
S2NQAjZPFfCNGzniArPAJVLKCmSz7Ii2xO7REsNOnr4
-> ssh-ed25519 uYcDNw 6NlxLCxVu+/tX5FFMLTEoKLx7Ug78TvKufBw/fpLeF4
3GK+lFy+zxF08TW8ZWZ/cDBq5AFTTOLikvy0HNjgNWA
-> ssh-rsa kFDS0A
RLH5jnzacTt4265aOntkuTGMGVpjJhGZhbdPjmiyBMBLOwUZnzY7vSwjyU29XTyS
/7goXuNAMvY00fDMG5FXyeAD7QaVHNa/tAw3Bmtu9rfFUZX4ftJeXQg2QTq4Ulrw
n3IKd62Ew3iMeI1h9H2JdXlse5tlkCkWdZQD+s7rCMeJDEe0m8r7bFPMdXjJMO3f
T3UzjeNFJYsIEPKDCpC6zaA4aRlaVSdoPLIIooB4A//A4aG4ywzvN27JODK2nTB4
ttjbHK5HGzNLmeJP9wS79bOX/Fg2QUl0bGoOdCiWqFtYkdPzxjstuRd+7OT9E5BM
5h4gqZjxs/k4NZawlIfLeUe5biWkThEqaruzkmgfjY7kch0chqNnpDghOBkUL1VF
KnECE98nmy9huoeDtCUL0yag3yi/Kx7MMaZaNCTJFYpjA3sadvg6nco//e6nA6Pm
vcPcUz8xiZI2Wzx0fPVwVMOozKjf4yEqjERRjo7haGF6vYtxV/zSf5tzxiQsEOGv
/G67BnT6Az46eh3K2EYVRRBTb5sni3ObsO5V/K9ms/MM9eI4qEBRqKag8jRoXVmF
BZKjLwGOU8tOZbupj1Z3JKULqP3FiDLXh+NxM4KE5TjE71eAt8teEytvWYdlwKtO
YjWNheyxxqklTYgzkNQfj8Ks6LujyMdpFtm8toFMVgk
-> ssh-ed25519 YFSOsg GE4K+tP7cjKpq+bxf01vCttDnZAzqtIfwzJ+Zw4D4UI
KG5CNA+FsmC+PhjpifvqRiOWUFHaKQe9QLXydlTFjCw
-> ssh-ed25519 iHV63A +WzV34WwVL+tamwELQY9fuHlBLvzOeTiFjK+LK9d1Rw
KAP3JhagG72qUSWzodRhr/jzFiDaN4GkIuLf+9VuJrE
-> ssh-ed25519 BVsyTA BnkoBmSm2zSm8QtCcN0iFzP5iliTDct36iruHE6FbF0
9J13BMVSlLRjfZw9i4nSj0ccsY4P+xEvYl/MYUgYZPw
-> S!:G3-grease 0 *v3U# : mPvcuGUl
L3/27eEyArXmM1arietTmN3cao01kBkBXBZXsN1HtnTC8sMXVhq+WVD3QozgDd2k
ws04Y08VFgbfM2ErCsRfKz8T
--- ekItTZTtoj93NT1Xe7zky72aG+rzhAcD/cqNxGAnPHg
ɽ³løX5),ZÙ•ç+z
÷•õ ¥Êxm\”cç5û9ôe¹—õ¢\"Ûçxm‰\©†… °@K÷<|Ó÷,B1Ö7FJªè•XÃlk

View file

@ -1,27 +1,27 @@
age-encryption.org/v1 age-encryption.org/v1
-> ssh-ed25519 iDKjwg RIy4MC1iLzjOVc1ENd8Hic3b6yVsey1jGKKfpH5QznI -> ssh-ed25519 iDKjwg IFEv1dHKgnrQp6jjxwv6cmEeFRDLEGrnVaJkQ58ZaiU
jCdBc7BcfAa0/BxN40P9neRJcRyz/mbXCHkQZ98MjqI OzmsmKDfl0h5O0gtPeV0B/O6rySog0PVok5H6544mJA
-> ssh-ed25519 uYcDNw bmxhArWdUbbC2zCb1FQmtz5UXBKM9nYdGnmRQNVjsiY -> ssh-ed25519 uYcDNw M6IIbbZ07S6k8Gn1ZdMoQjjRZ2veA5aavAofofH4mWA
IUsRWcBZf2HJpibhqaqBUGTaOTL865Y2ZR2ZM8Ocmr0 Zg3luviCp3PRNajja/DDxWmJm3bUEtNzm2MG6WFMwas
-> ssh-rsa kFDS0A -> ssh-rsa kFDS0A
XuCHi1ekeI+EG3JpNpze/XZWImIFHd4itCzjxApHINBdUqRA7yqVq1k557GcXU3S Qt9Q+RTtl07p6O9RjpGeM/AcK9MregnLFxd2VCOJfE4RtLD/euEA3+u0Ad/SNHtF
dSW4Li2yQaGTDfWYbks5gyOxHjJ75mQ+McnzROdMuMTNYYpTs5CDmGUKDs7Fp86l UdtELgQeWQn1RRSTycmfo2FOu80do408uNjk9HueA+bxuVB/W3hLmCADsfNt4AcA
/YLfoo/hYd7/sKObJLSC/STEk/ObAxDNIe2eEK+esbAlBC0Lym9mi/vtuY8WzWAY h9ioCA7zrCfei5UhbThUgpU79n++IWv+fPZQ1XUndTpRDrLFBCmZIYvupYezPYYL
dsPvGk6497ap5lcZiLiJRChqumYSoTryKAMAvfiTtytcNCFh7hWnw5DFKcA/vlkx /QxpCQVZWmPe5LK7Cs/hsVp8SII0wk6pT+Gh3ZR2lqTanhcVA1pBkhcMjZLCW+m0
cGDrM99itWtEO01oWA6SAVL6JfpWyjpQZqEKt3f3U0xsJbLUXEEiH+kUWpros6Nk gE6P0LOP72DoTH/Wq5krpjUkmTkAaQnedxMbRqUmqQ4E9XWprplzqe11ijItWD9c
PJKVR2mcW3DiBKpR2QJDIkXJ5tUWzDn9Dgw54NniF2D91xs3MzQuvScrfb+/XR6H k3Eqc9Rw3uBhDe6u7Uk0zfD+q5MX2tjCSZVrU8yf3YDIM0ZXgcLYZycwlVF165ob
Xc9BiytdOP/WW3PnvAu2jfMzXJlmlUJTQTWYRZs5tp8daKFN7MP3cIMwx/r+qc+o Si7nk+0q3Y7cfizKTIr04KAxiM0S+z6vv0zAVulQwU8tzt4whovh+A5w0X0NqsfM
JbqFxOewnNO0hEwfwYPCFnMEam8rmRmU8GI1RiBAGpQbBv02ihX4U5eWuLXrpmHK VKySv2EZ7T0HnDHtCN9aB6BRs+8BIipfMcb76obHWa1z5xDYmawebtztvwt4hw0o
0VOgkesWsAOHpV+tRJ3cxA8t/pjIWmN0nccRz+qz/1Ec6O5circBneVBgJow/MKh V7VdC9SoVDwq3nFMLQD3+5jhbqfGtRFhSGLzbh9SbNg8Uyrtdq7vucmcLfXZVIJd
M0f0b+HPr+ld0z4FA7rDESGhgQHEsyU9UUWU8U++Mdh64c/mRMCnYokoemve0w1G qJgtlxSYyhRgc3W4C5VU0imEw6OI9pU+wtKdxy0dkEwwDTtwbLm705ecGEZZncgK
9cJjR0rcknDgo+KQutinh3pTqbvYrtfP4iuzWBd8LV8 FJoN9Ekmeys+XVvRQDg5mB6dLURYfAmpA1m4Z5n6o/U
-> ssh-ed25519 YFSOsg m6r2ew7bjrpbA0QMs7O5MhSm0UpKCWHEJTlwm384MxI -> ssh-ed25519 YFSOsg 3GMmeCYAYaauIAfmYa03QvngaHWoCplNNTQiriiacGo
a/mnaNz14aFuZCtcq46ANVydKRJw0e61N5e+kGGkuYQ PFnOJAATB5pW9uiMnZUG/aEpVowHOzfq8RYmOUkFHGI
-> ssh-ed25519 iHV63A MQu2VYkY/Cs5bhYe95wpdlpLfe/lHwhk60WA9EgN3wc -> ssh-ed25519 iHV63A 1lR+ZHsXw2sJqCHcbdYPR77w0k+LU9PEFT+bR4J+wzc
gbZyVF9l0W8+BO59ddsZ7c+VgzdPkNbq9U9oG0Kjebo 7p0YQW0xNUme7oOLsKPomx86i5mVexoFnsol75hI7Ro
-> ssh-ed25519 BVsyTA XWMWR2qUI1KFhcZxGgxuWOq+DLrTwHvEpI7xee/GD3I -> ssh-ed25519 BVsyTA Y9X469NMDgT/KRWQKxg7+TUXW08jQ1ACXYpvWCPYBlM
jVckHGgjXWlz0kvad6EDZ1vDrXGjBM2dxT5qJswX2Kc hUojIB1Wk2yki2cgWMO+CUF4hAEmIwdgNeiXPjsYdmM
-> W},tK-grease -> _w:{-grease Gg:\L| ~7 op[S^L:
4P6Gr7nsS9raE/XVkCkDawtWkS7a3o7r7tXe9w qL+WeYvxxEUUSX2b1xSa
--- de3b3x+RtRpsIBf3Sh72AydLgEHUcGeRvoDE0rPFZ2o --- HDOAUEyo2WtEf2roCfMkEKNx48ZX08b0Tj1BMUbOJDM
ZË8æö¾€pM£¿Aúʨ$Ë[’ùÙËó¥Ÿ<C2A5><íøýt£ÊIOrÖq™½oÛñ»ácÐeî,œ;MK_¯©¦ž3-Ó<>íߘõÀ§£é\RQ&ÀžGá·®ÅR} ˛mͧ{µp†•Y<E280A2>ďŇWńţ{HüGp—Ż[oL ~ó1ý5÷¨ |čů#Đ%Nď÷WµDĺ5'ws=íˇů·žDlnÁ§doařŰ˝ŐZüC}Ç×Ű|†Ě:Qťŕ

View file

@ -1,27 +1,28 @@
age-encryption.org/v1 age-encryption.org/v1
-> ssh-ed25519 iDKjwg qOInns0pyNkaFNGoodX1QrRCSRDL5ncmJWSyDxCo7Rc -> ssh-ed25519 iDKjwg YnMyPihQVexMn+Fo3GFLVdDdovAEGSlhcHtJKYsk2T8
8mJO69rBO8IaVRYG94hidY6MU7UEn+ENejdHOkzn7h8 nGU7ENvUew6N4gzZAfSEqM5el6M4abC4fR535KZsjyY
-> ssh-ed25519 uYcDNw FdZ8Z50hcHrRVuBC7HPnVPNdnJgyudepe/smnTkcmzg -> ssh-ed25519 uYcDNw lPE7/R9GhYEinW9LNJ1c8N9oiTmIFesCML6fbom4NQc
ELojSvwv3K6YVLXEAmjoQxt5szvs68oRZ9fZ+QcaVEU cxwc9AdLwqOtBmb7853LQ8uxWovT9FvpqvOYKS1zbVc
-> ssh-rsa kFDS0A -> ssh-rsa kFDS0A
cbDwTYbZf9SZJ4SmjdBD7hSWMZWi87KUbAHTS2snWi1wjf0m5KngbdlWVcTOgwE5 cX8p4DJIRP378pFp9Tk4di4VBTdIQ281PhD8lBF+mOrsdxEphlFJ0dpDdlRNYN2U
Gnn1m9cZKx6z7s/AUsPRRQizoYsUY91osPmc7lNVZ8mjJ6ztLhX1JhAy3PobmxDi C/ku2yYVDdQjpwV2i16J99swGNR7Ui3g7BewySk2VeA2Zp1iVHYrxUcLHTU4FkTy
BI3WsZtMpL+JihSE1DfJ05dkY/tWYZu/yXDmaig/E54YsuyXeATikm/IzxbSXDDT rO654ndMR9nMOF/eMw8q40fdvDR0Dgtz26uqKHqabpHQrmvtRZ+O///4PSLyTpUq
crSOE2YVS0+GjhEfJft6ckw9YdbzqjoXwdutrzQWdivvXU17xH11cM3xC579OUNF C0Rej1q9hsq38t1SwjYyyR4jZKi2eqUzNI8ZPriDJFwbOf+bKmFx2yxjN/DwjtTZ
c+EobYRjCfzsk27vFGxieV+0mAmJSM5V5mBQ9VBaqDiZ43gI5enCIVJIkK36f4P3 P2iajSqXj7bTxarWUOlTEbq8CMEpCTk5GU4G6YVJdFRSyw+KOmCbQccH45gsAsn9
lt9PQ9UmWJ8RPQis+Aaq5Ld5y8aVho16BQjCqDzsRoFTalVNYa5ElrB2nuJPYQIw DDhhDC1nc2WRFEBbSCQdzmdEYLQa/vsmdL9Uk2CENAmqJ4s7YeaOltYxIQuIIlhW
DV9Hj3R2wG4IZSIEq5WnLtk7Gda2x4VlfdlMhGXixPJ0xjYKWg8Sj0qlmCAVqqEc hDRW3MJnjaA3Z5FUyGGEF9G9/puWk+flFqaxdmPImR2MlclMokGFWQrb0LfBTKBN
QyWpVFEu1ogk8Gw2jQK6TvrxUT94UAyEBwqBbumqaB3JfsnDaxbFlLG1wWr10nXh OHyLa78pCrskgK7xvRN92jepoO3iiBx1cHDgBzNIkEKt+xSissSexRlTwmc0QOom
axplDvM7tuU5RvjPGSwUezkryfn8SjEod+04rQRLhe9JMD5C33JBI1p5JNi2ZAB/ x9wEqBoMLy/CczRQisHRfRvVvbiu9S9ptn7jKfUExMmF5kZ3zMGnhwIKFARKyeRU
SyujIVCh+DRzq9IjMYCgCYmYp5P7pJlk+GZCeeMSbvf2d45mX1P2D6PrCm8uSL8m xrJ5xJXOc2jWtK8HyhOObj4JgZYwCgC5yZg0f/0tTwhmD2Rg7l/Z14Qc8z4uSr7a
Fw7mOliDyBGPizpQ2lOJaL1q4A5KGjAaRVuRJSaNlBg ZI44yVR6NrnwvxCZc2VMRpS4BKYWZdor29A2I3Mf6es
-> ssh-ed25519 YFSOsg c3VN03glwExVKBi83ftg6jNZ2Yzx4PGmRiQOpgQl9AI -> ssh-ed25519 YFSOsg y7SH3xV54A8jRPDALbUgkI/kfG+7Dim9bQ3RoE9dElQ
sKrGt7U5XwNkyydwmXBxPvHwKloY6V/mn+5ipq2GYZo upTzhcltID98iwyIvAV43TNkn1JiPPTZKYQDXs5nVrU
-> ssh-ed25519 iHV63A mH5q5q6ZPlddNsil1NjVLcT2gIxh+PlhA6JT9HBD/VE -> ssh-ed25519 iHV63A OvowvvUTzN/ZZMYciY8PL4jNTsFxvdqo0HZGhrKvpQE
O9OxtyCtIhNMFMUPCyPL4ycT75t/g1nvli6XXVifXGo 6+vZnlXisJLgHsT973Mv5TW0CNaH7+95u2OLHcNRMTs
-> ssh-ed25519 BVsyTA iPdUjSRVamrCzUJVhpzMyUhyxHisRofkKswvCb/qUCo -> ssh-ed25519 BVsyTA AXiFtvrUa0SZJIDO128oZ/1EzuQCf/MTXSS8+JXRbBE
Z5UOndKbp5GPIzxB4xsNlGqC30dnMx557n07NkS3aOk L1aePz98wwpswYTwyIi+qlMG5PKaC8YTQ+yBNURV0o0
-> fqFqA!-grease >^roC?oN -> C-grease Xr"nY_F? L*?+,=6 >>*
kKQNtgmcdmj4h1fFB4Fse21BfLrq73SdIZ/cyD1qxBR8VUtIPReLpiYJSm30Eg btUoGPkIUxNHjEV0cngeRklh2GEiS3m1v9wMkX8CH2gDeFF2M6TTroCpsqRG191/
--- mUQvto08o1xaSIbSE+zi9IPCIuZZF5G9xlwKUApylMY oUAA7nf95TEVqPIENOEh2w+U+Q0AMxUvGdps+w
6M€£ú‡ÆçU܈GWR"*#¶BwøK`ÈÀÈŒtèsoga3ržœñ_ÃT9š™ --- q922LPdFDFgQBvP6ZX4Zr8+bc2Rb2z3Ru45K/bPN6yw
シEr寰竪5<ヲGYォtOサメ搨ァチY&d嬶|壤゚<E5A3A4>恆ール.rl暄ツ}

View file

@ -1,27 +1,27 @@
age-encryption.org/v1 age-encryption.org/v1
-> ssh-ed25519 iDKjwg MIpZgS2K0KZ6NXSvHKaUs5IOwMK8C+THuH+OXGKgpk4 -> ssh-ed25519 iDKjwg AEmgV4RMWvoL7IS0h33S86bBpCy1jxuo4Ey8SUakEzs
rwBSIPZ6pHczmeEuNsPgTJIdzE7yHBglYHGbOSd772I N3eK1K1BE2hLGF5qwQH4XVZN7y0s4pikYoxeltP1w4s
-> ssh-ed25519 uYcDNw EY2Zk/jYWxYBPY/g6IH7aSIFvMuOwSplkmaeRC1aNSU -> ssh-ed25519 uYcDNw eZrJo1AE7zcNjOn3YceDtRkumV0rwPOR5bk5s5SF+m0
YCSThBBXbmozEZmUDgjA8xuFG9D2lGENZcWvCnRQk+c n9+J1xLDD6carZMRg05BDmaQG/78O8P8QVscKRHy6+I
-> ssh-rsa kFDS0A -> ssh-rsa kFDS0A
Z8Xs3hFGUElQdNlxlcnJIA8814TZJYqga/SUXjxG/uvdzv9uExEiNp8FJ5emnT0u b3klbHjUczTIudayv7wKpiK0IVPUjphuV451U5pEyRXKElJxcAKLae3h4eY30v0N
zAaFv5aYiBa1b7aYEVdk30wjmWPT7leOPTFF5qAUdiPHxII+jHtx+eCnum72po42 sCEu32zw7aBdlQRsJrubOdn2RY7ogDsUirM31xEHx/UcDsFFgm806usYAoZ2dpT9
SR03IjznH9fKaKiT0VNXDIVZnkP2SaAKhIj57XSUeE/weiU5apBmTMPzMQAkz7KR XELWPs/ZbPuoHf7aJnDXLTtL0KziichCJx5RwpqmKWTDliIcoGLyNVauOU4jq8rK
sm7uFYYv8zY7LFC0ByPnFkYi6O+mc9LzunlGQVMAQe/fmoEfzI2dmrGhcG2iUbM5 QuwKadE09U+HvxcTuyVog6lFRGqx+Ak2qRLyPnxDSAkiazj3gqop+G2IWD5Q9nQX
6Oegjh5B4iKc/fktouHhh3Wc/K63DM9C0A9mkqtqrQJPfV+FseQoQbFwvInXY4u6 0GFAsoWVdBG/ghEl4A5ruSC/dVgXM7wGkgD8Fim7LgNm0HowmEyLPLYI8PAVp5Vq
HMT4oymagXt5ifcc1WzyTde+Dz6OIOowpIXXJ0PjQ+KOn0PTG7+OfU/h1Hh/ozg4 z1/uScM/a/2zeZaY7C9JmRHCDb5weiOliSBHLQSKPiF55bgBQKRBsN2WsxYMArr6
G+finffzeffxdXSjITi+lmoWUFaZAwiico2IjH8cqDWnl8XGNfukZbsNsI6CukY2 1YhpfIhs3eDiiTRALtyLOQrUS4xm5634ijEJ2gTzpr6XzmGJM9PPOdgbgyj2QtqG
aqffAZiu7MR1+kcMUjjG4OF1S4bRNYkqQej7GUdDmHn+dkJEuiN3ggXt+TW/mYPb 3AaSjknieubNWcfa2/nA0dRnvjjvvG8xfMJOOkX545jkyK7BVAC3/EE88XXuRMZL
xPvPGOqDxwdOiyViZFBvZ+0ZAij8rnMdToNsY7x68B7C+Ew+cVomiIIkT1ghzmTu u2AkObphlClkW8zzF/2dTFofcjh7Ydvv3ggQBEnsuZO6LWsciuvWR3GA6uUvEAaQ
T/ymvlqFlXIS3PFdUPQYd/+Ttw22n72yVxHH+61Ze/aQlt0nKdViEn4D03k3uNVg EbTFsLdIVxzUo4BtQ3Yk6789MPF6CZ+k3UAvFWHq+842lzPp/SzBWctkXTzixsVW
K8VYuDwXIFdFIga5Hsw/ozp6tKZdxSzJsQJvAm0JFVk RNqqSHo9a/PEJ5FsdeUoCpov2DzQXRNtK+ia88+IDqc
-> ssh-ed25519 YFSOsg M0H0AhDNYpa8nD2nrDyFJOsm/SpfJ7YJXYyKZMIyxl4 -> ssh-ed25519 YFSOsg +eCKRumOVPPd3GEt1IoGq2We7jMXxfKgD2KM4iyMMj0
YiocldCbP7HwuRi3AWfnFkqpWhuIuAwjjTzV2utwmn8 5QOorpolodGux3vMT1XoCqK/0S22kpBUztPmtOF0fzo
-> ssh-ed25519 iHV63A xhkCLcpQhqQxWacnI1M1652hNc/MaeCXL3e5fPGhXHo -> ssh-ed25519 iHV63A /iWGqn9ON5KWrOiiWw1r693J90gFmkW1mdgq2aF2HUI
0G5lFUE/gGHIz5giRjQPVWAIrHQ8LvxPpfVSBM3GEBM iFzt9DBS5KsmtIjDdiIcS30ysUM2X12NdHuTbD5zvok
-> ssh-ed25519 BVsyTA aAdMnpKatd4CTcFhtqSj+fiA0ofy+zhbnuN5nk5/umA -> ssh-ed25519 BVsyTA xcKWN2iiYPQ2pCRML9DYYyyeXgoJ90cupU8gVyRtGxw
LuidYMCiM7IvA/M7k7pMqo5HJmNNmHrzl6kcud+ZS74 gfLMdWnj42h3iv+zGP7uFRxZFqRmO4npNNMk6WGaQc0
-> 0d%YFa-grease |F -> #6ut)P5-grease qB$ $ t5c
fhLc8y67dmyhWtiOEKrZThfm4sTsNP8 JEVAGQ7XDVC6hig+
--- /qZszkP7mR5whTTbCQ6JKKh2Ce+aySjeDX3HdDZag1g --- 0yiMTzXw2ijpPVSdSyqxIpu3wM85mYT8cVxDBhn1egw
÷~an“£ŒÀ@Ü©>ëáºx$•sk)º[J”H<E2809D>ãÀFˆ†Eh¤dŸ^3¢A±ïËá5ô_Q<>p†ûâôLùN¦ƒR*[]žG˜õXY“ž\®¯aƒÜtÏÔU”+ÝÎ\9ób‡«N6BÖÃ\ãýWĉ.?N'µHf´œï Ójc TAÖWAOM üûXîÝ…Ï"©¼v »>éS効DFÂÞ"UÝ—C!ˆÑáÈ-4XOÇ« Ù$U¸“ïK wyì<79>|øŠð Jk¶-tYz<59>ÎF<í†X&ÀSÅŒOCé`_Tý'NA/À5×<>„gÈ$y¶,Æü«‘EÎYã[.Èa¨”þ"Ä,ìkw<>_Ñ÷˸ïµõŸÏë<C38F>p£Ó²FwpÙjÞõVW{Ïhx‰

View file

@ -1,29 +1,28 @@
age-encryption.org/v1 age-encryption.org/v1
-> ssh-ed25519 iDKjwg hUHxNz0ZfR/cgTXIfrOobhUPxcFo8zyxD3idF/bpP3E -> ssh-ed25519 iDKjwg ycwObMB/N2ylOd0U58mHULNc7FBfI6D6+DjafoQG9BQ
H6aIW7YO27ONIIcnmViIWaXiByJMmPFo6E8jsH1Xq2Q DXYakb6Bevbr+ZO2uNWFOJYcXe4QohqyrNhW6oS7GLI
-> ssh-ed25519 uYcDNw +D81Yz9zAmCEeIUIxLirpd/OVnWmHQnALp3GWyxUshc -> ssh-ed25519 uYcDNw PH5y1lhGq6Wh0+bKIyJhWLDKfQQEtQX56k10CzZW5UY
reldI2bJQ2Jq3JxHZ7wWnm6I1pTISQ9G+jjupCrhQ0Q sOvcq5Va4kOBLHTNJ8mQxaxgQWxSWM7VZ8PLTLD+2jA
-> ssh-rsa kFDS0A -> ssh-rsa kFDS0A
BYla6U3WqibQOXQFIQrs0d37pmGNvVulP0p18jjTXfA61vth/icCTu3V5VAHz5ST fI5w3V5O4EHlG7bZGuiNyUPZ4nbl3ZqZjPttUkOMYGjw84Rcxu2Rqg2i53OEG9wC
A8o2gHhQfGXpFm9GMPMVe+OKHnD4Ws4cWowW8/GLMg2XgqPBdvownVwl6hspjmwr mrxUdu744kMSxbP5iwLbnPGIhMbtY/HmggdaFI5JzPUrEE37GkUAFtaXCBjYoBFv
Mxrw1PQL63fiYmCiB49UFaQV0OIxyo3mo7kmF9KKRfdTQ1kF/vjiZuw3Tiz8ubDk 7UyhgYgwfvsZXL0TiEOA6k0FikfkfPKLheXZcvIRRRXz7QDufzit5M+XieLwYbxS
DoaK0g062iI1/GPeGH3blaZj6cFstT9UjoPbdOU9WLkDMUc0d73ih1u6a3VmIY/B uiJYgc7ibuHQolTO6EFJf4+irdlXIWjWXg5M8mnEzDAY11PLYe+2CxguetrJyEmV
tToYCJuwcjAUvX9Y3Xolx9vKpg8dVD48T1GlPADZCyajY2fEPbJdS29jP7NwQsZ2 5MQNYNEfGkAa8/IfYe0LtnOiUNr8WcHDHQGoRqrKiN7yxjJZaMR6KCMC4khkhGL9
8sgmFkNzUq3Okjbz4lem/g4nlXQN++wdRIYgTLUfJWKOx5+bxSneRvvP6p4HyKZJ e8Q9WphxHxA7Rg4TidyzQNd6dOkIWhcDUYd05rm7CldUr+E81dhB3ojYUUfuQN6O
O0OzJTg2ZUTqcpHvxj6DBTbg0e2KW44AkjMLIBwGxdfz3ogrfM2au0bA4SizXCsA 26+wraYVb8SWS4l45gJhtNhIDRJ+gBufdQafPFtxZTjlq36y9qqhJ4LKA2/mD/Yj
XL03eRmVbzgrBKNUUi6UbQ7iKp+OjWbM6jyZuNEwfepbedLqwDeTXHfm2gZBxUyM tVrjAKJHbwQiulAmBiQPloDU3jGsbFlh70zWvUeFRmKEHQUU46GK1RdvuT29QkaD
JTk7iTERU5908VhlbNZY5rjXShkPzB9L5jgV23I9CwFlzYSC3mvPS7HMtWcgo8e4 WleEEp5BK8nuc+Zauf7xEqLRK4uoZncYGiw4tZxzhneYEBPbkK99b31c680NVB9R
EBBH5QptHOvaZtDtDqYia8tzKG1KUg75fP4PzKB7+DjGv1phvTyzJDd51qAVrdJH gNYlIutc1ApzOlt9eIUnF/K5CudoDsfk90gIcZjpAZ9rCZ6O2z083PJ1YzpFejdc
PheURbBliQOQaqNnTdYfpBC4tdHAMYEp85Y8uMMihYc hH/u3v21m5zCqGygFUkWs8w8DmhZbmOCjKbIzM8hZ8s
-> ssh-ed25519 YFSOsg SJDEy0M+3X5SmXsr9C3CDbpWfyhnmu8IUIzNOshE830 -> ssh-ed25519 YFSOsg LWTJhISwOh1w8Ll3MzCTiQcP+sUbcrwyCIbvTYPoIGE
g7jSKtpI+jUO5OC7vd6TJWOTWsIk/x9yL4RKL1lAv5g gcxCieyITgqnCvRAomzKq+um5lTusjxEt8CPNxkXcDI
-> ssh-ed25519 iHV63A tSREgTvnNiKMGWldq/Pp2EVWBmcs18j3zFDwtoBrQiM -> ssh-ed25519 iHV63A yHjOEwLCaPQu/abuyy8mH9W5wmuNrtoSps4yddnljHc
kT4SzAuXqbdQSgmxbAy3BogMbh5tOPI3fuGWWQMK7fk Xazda+HQS2mIk3BTP9ZhgpaQQe9BhcLX7VQpCMATjwo
-> ssh-ed25519 BVsyTA k4rwyukpUYOGvtG9bm2dpw51P2udNnFSSldm8eCJP0E -> ssh-ed25519 BVsyTA lOR29G60mxkWt2tvKaRBUTohXr0byt7WOnEHQajBwy4
C4Cm0eFg0KeXNf/BGX+vXIeAbsdYmN/97gj5snvRSzs bq0RS0rjmOp/3jm/vJ7/pln+XU5RrpD7wPIRg0pJtME
-> `rk-grease -> 29Tg,l-grease d{) e6z s
Y6ohmk9v8XByEpy/oqM1aXpmeFS2ynIRyGiHfMMez4ONC54ZGOCmr1xUwEGxv7BG CqQnPxWIn/038/5/a0duF854yEgjZwNDuKrJwW/V7AkJJ5boEAUZJvwRkQ8giKHT
SOltfLTf/rk/0ibNlvMoTqbUUhT1A/CBzSUH1tBy1w db/YoP41cx8Vpqib/pv6Aa4fb+ovwoamkAhFp/NnD1KNJwtl8wTR9WRTFI0A
--- DB1jba9WqtcKIEXV24rL0XmFmv1U23dEYaOYd1w9B4E --- US3xOlecmIleG6Ye/LjcV8CSvsVK4oh8+SXoeK1qUZk
{.hP;v' ÔÖ<C394>ŸüÖmFŠfótÊ¡²¸þ ˜K¿ ×­©Wj_iã<69>ª¦Û(œº€áø?ÿJýóóË@e{‰c§Å¾o-SÜ¥™×qÈy0D”3 ñGú÷)>Ë6€ ¤9¯ª2nÌå/9øryĤYK2ó<>ìÌuoªNçg-:¼<>gïKy !ÁxÏ]ÏûfU—M!}R¦ÅzÕûE$MvÑÑ § Ÿx´å(¯ÍûÅ
4Z Ûñ!E+B Lõ„âr"÷ëÈ¿³CÀT'ð'¹wýãɶ—j®b‡f÷ïÌ;Ë•íTË©Œárë§u;j&Žb1ÉÈ4;¯&Ò£81_§"o¢8]µ<>å£_ Î kÕbV»¥AGÁyõ¸8<C2B8>ŸÕY|g

Binary file not shown.

Binary file not shown.

View file

@ -1,27 +1,27 @@
age-encryption.org/v1 age-encryption.org/v1
-> ssh-ed25519 iDKjwg 1a8hvqTn2un3yxJkdltenSSfEhKMHxXAKlfSnD9vCWo -> ssh-ed25519 iDKjwg bydjKoMlcmku7EeLcXflr3Jtjttr3DHhxGz3EwFS810
xOzDWr87QMnE9UgnNimz/C+5aKhspG38RQDhhRqg/EE RULNHIfG1ueMpePeFe88QKElCRI4Co0ZuoqvViFxecs
-> ssh-ed25519 uYcDNw Grc5lFL8+r+Evi3bDl5sCidZMZzLU1K8qiZ+Mhqc8gc -> ssh-ed25519 uYcDNw vOSLnWbhNa9jo/95PrtI+XrS0Pj7CdhIZ3TWJSbQEGk
mu0L16Ar7H6ZGsSMGw9W9AwS+JusygM8fM6LMtMsCo4 AmIGuPhrQVDJcAx9T6mg/RwRu/DIeeGjmzlnnXAa1mk
-> ssh-rsa kFDS0A -> ssh-rsa kFDS0A
nJnBVo6ArUYVRYUDRAPfBdxPPjCaOqM8fi+7LNLtThnyDzRm31Fgq/07Xy7ual2O fDuHqn9LdtgpO3AYo07P2i9rewpURoco22wY1SnDhEHls7MkFBqPUTO2EAXMc+OY
0k10QbXZv3nnhjW+qimfOK9qDpnub0bULBAMKxAGrapb8KdTqpMgMhK7tuySHH+P tZSSs1rREZyECH9DG8ngZ3E06t/Z0Uk9azr4RDaFmhzh9rb1KFCJkpLscuDDO7kJ
L8VTLt5woBz+hkla6P0o1s7pcPCmmQ6vITpGDUEGwFS/orYZdGbAe7+sPanagBx7 OiHT7MwNuRPWZxwT1srxX2T3jc8jKFlNUXsOpQrtzRqKWmeKbOJzpNHjmUlrvw3V
3xh8JRh1VszNa7pRhkRLM9wwLtDCGETT1+5iwdxR18IijvJRbVKkONX6UYkCzy0t fBnVN0ai7vlvo1L9mbTgQpu+3/08CKvE7N7rFteNe+jYQRLC13iI3j3rHeOj+UVE
8UmVlfO7m7FN7sdvX+59+70nxhxeECuwZh52TZHaio2NyNvIioFquFZ3SfiLzdd8 09rTqwijRtJbkTBxt9hrFDUSA592akYHuKAt+bklbQQlFHZ9bZScE+P+mAC1+ySB
hpUGH1/fPTHvlCTtvI95lXbB370Ta6vpR4uOvAiHz1Oc6aAhbl6QPcZuUr6pFHK0 Q/XQhTr2FOO3G+2ieEOb0RGekozOGwJB3XK0sm+rVMsfMhtU/+nfbQGydFIkTgbq
5zxlOgc0+3nN9Iv41KbNfoyJYrEVVuMCizdbeyFGTJe+kKjdKbBblJSla0hUGINB BKnAk+l94h6F3W3WmpOQTBbYVlfou3hmv2aodOYfFYpUHi8kQR0y6dFkARU//zz/
ZsKhzLG5jmCXDo/WC3vVImBN2R+0AWvqoL2jME+jrOmbAcqYToJrv886cEkxdaxs cS8gs7w23JwGinBVSfsISkCMaM1/lnR5ZRnYtHIaU8aG5RAZhx39+vjBYHsJPKDp
O3DeXLO2hIGpVMVsrsMyHrF7cBPQ0lahM1tlIzdlzbMeDjM6HO/WYa2fz8XGwXu8 DoaATj1bskIcSTzqPIu7s4B8gI9MuEid8eUAjgBeuxAJCa59k5OxbtVAVx17DGn2
puBTtRyg0DL/06s9Hr9WqzE1WiEPVl2jhze8jsIzshcN1yCoV/dKnmOVBPj6rBxd QkLd/kn0xrJOPyY81fjqS7fapq9+gvxLqdyyznPQA6WKkUJ4DumAxL5lLq70a9I/
dl5XfpO1d6AOtHx1RquWa2BQWp3nkWvYMgTRaPbpK44 dzk/AC5Jtf6SxqRzX1eUJR5SGI5aSJxo3Hih3m6nuLs
-> ssh-ed25519 YFSOsg eqXDfDhoOgy4g7nb1X1mfT20kfPkixWs9QqpaaDwCyg -> ssh-ed25519 YFSOsg +N6SyzhtCailgt6y4C4/0mlGjuxWS0bWHakRX/Bbliw
+4aFNWh+b1BeKUqPGU79R9EkbFDp/YMSBYMMunV2YrI bkQi60J0nfB/ujoYu8SiIxXp0Ff48MuNzoW0/CDd7AM
-> ssh-ed25519 iHV63A F0kH/Uq+wX9F+RDZwTQW4MF8hSo+nwOSTH4vOQF53nA -> ssh-ed25519 iHV63A nrHBLzAxmvsxKvEKH6oqS0XIQ1K2kFmPZdOVmzKT00A
d20TVZfePKn9y5PWZ0XWV2Xr7N2Ma6V3eSroOiZcgXM R8t/WCmvSO9SBR4gDxfNArdo55NuolHCKYRNtF5oPTs
-> ssh-ed25519 BVsyTA VvabFmOpUc+TCAFKQYFmlPokmFyqYiD0W9hELvOXv24 -> ssh-ed25519 BVsyTA H0lSXGJX+7TplHCmePj3AKeHLf+6GnE4pPKc81fANG8
QJ3LX0bqOgujAB/2T//oCctA/fv1Jc8WugVu6iM9gxE ESTz1sB2HWity5dnao69KuFBa5JGeTEgkqYg8lFQICE
-> x\:P|P,}-grease @YO [b'lw5 *.WKU -> ^D4?-grease R ,*WNbA@u l$*s}U|
hfTYY2Pu 9LAkmaox13NiExiel18LqRT8hUryLKA
--- vCfB3aNBGwwBSvtdjzAUKCzCt/z7YvufcAf/VhaZfcg --- VuPVAYEmjv4FCkPmiFUCqdtznMOSAGslqarqFZnibuM
•Àâa9™r†ûÏ_GMSs˜˜Œ#ˆ(¾»;´a±·(Ãy<C383>ƒ&¤ï|<7C>!wá„iGÈÁ!¾e4¥Ùxc<78> N>Ë_mØ<6D>(º‡$¾°½j6PDBNµa óiüÕ…röaÑ„¡$£ç§íÎ|tº;ÖñCLx£¬

View file

@ -1,28 +1,28 @@
age-encryption.org/v1 age-encryption.org/v1
-> ssh-ed25519 iDKjwg GHVh1GUADEN6UVTUYntCaYfEqH+LX+gvaICkBHJ5OUY -> ssh-ed25519 iDKjwg Qpq2SP58ytg9NXD8eYvlgvVhaJMOQVnTxhDrydMNHjA
rfoD++gVdnZ5HSlXbCOy8Pn7if6QM2WRaShpk0dCJ48 V6ES5O5wFL52G4Oc4dGFWkqdFMkb3DniEex3a/fljj8
-> ssh-ed25519 uYcDNw kKeYQIaKjVDKMDBkluuxarRfv2wR9W5TKHzbu1DR2hQ -> ssh-ed25519 uYcDNw Ll11H3DdUax5iCn6QNz4zZO7+R6ied79GEu4HEfXujs
bfFYcbcQ7De5hwkCng/CIZXWLHgr/cum0+OfRs5ESvI G4TE/qDl1deBy4g50lNcKKVNvFxxj+9HpgYKVHt2km4
-> ssh-rsa kFDS0A -> ssh-rsa kFDS0A
pAZ0JEVyYZk3U1vFH/STAuHucNECpbhDdnJR7asfMt2bgTs1dvI9ZA5XBpJs3U4a gtXlJkXWTs2pvW6sm+FzDo+WaEh2S2ttIflw7x4Jswqaa7b/2VbnHn89NyYNG7J8
PntBwgYebJyHhgeZ0L7q5NYE6eLVThkxnWvm5OP2NjPyTgGUxjp+NA7WNw+Fc/gA +n/Un8IbG4wh7hVsbhKEOZA8S1BC0c8gXwLoexgF21GYmbWGUR5xdbhVIPnJmJpY
mz//NLMmKVHuknKBVEaZn+2lBWaIXyTkD3KetqxChDcXSnKswesLa6LdHLfE97jP IPgp7Ai72BEv782CjAVlAORVNzr0umtfq3PUlq6NXiYiyb7MT5g6SNd5Avy5r73s
gHX5Y+JVNeGOlHPn0Ds40I/aFGJJ56p3cD3nTsgoQyGpoQGVIVHO6ghRmVjhSkW4 bUZWCUW6m63kDRoVNgfGhrSLHFi1AgLroIqhuuOiRWj16lTUVxh2VkLwRPERy6V8
7ZfPluq9G0u3NbSD3YjnLrAmUzdJsLPmYme2vvu0YKJr40TG6i5m196DSDuvAtM4 jUpb9nb1uAYzMMeMSAvRM5actTJxQA+5chSXUMhp6MR8XiB+EFFRpIDkcfs8O2Hi
XhiClq7a2KJfmEF+epVdoXo/7GrPs/F9Bb+NV1S7bVJX7Q87gQ3bbFq2LISu8QvD 0QytXBo3W/NBNLG2RUgLMfq2mnI3bXXvxJZXKfmNxE6e6RVR6tSg23LlzkFtmE3c
HUlx2hJh0fZXpBv6yHIqXutEL1g6XCtpkli15wrHBfEQHOxP6mB/pNeM3gCYwOLX DGuYYBz3h4yxjkkjvKJ0VJ1IhQ5wvghdKs7kM+n1wHNOPBSKom/84uyHDvPrTr/0
ZdVqpR46OzOErNDwXTniwQecuKrRB9ecTjmmRZycEZErgEcASEZgAlfu2Q8EIW30 7S4Wx12l7DKZtTzv3UItPmBVRSEjbBOMZpQo/13rLQ1bx9WBeVVNSqjpy68W0Dlz
65byX4EWskm6qlhLxp6SfRXlVcA9XcwIg6q2E2UIoEukZQ5zJNKcFAYec7/xTXs0 tI3oWX9WIPDUB7xyCXHebkxGJ0lBrza85jnFt5zASbHXeq3pbo7rjPWt6c5oWuiJ
DrLyGkOO+8C0lmCDY8Escd4cge2hIbIcsnQdkfh3NQT1ZqXEXkef/XB6yMEzvysg X/OtIXKp0sxeXEgiOoAnNn+yVPBm/9b3ote+T0MwsVVLXQ3HCsYA5mXZCfRK5OA7
3Z13W4dcxwc0ylRFwm2VKcBQD9jDwCyeV4iKohFIyJk w3nqorCBnBCyE//MCo7j+A1W9HKtDKAJltwfhemhtiQ
-> ssh-ed25519 YFSOsg X4DtlP1y5JXKyaYXJ/l18S7cOGIDlwk3vhrO0Vk6t3U -> ssh-ed25519 YFSOsg kTmy8aPCd4THlnO6SWyW+Ifc21Ggau4fxdiQkjyvNwA
OXzEp3tRncra6pBvDoeiLkF4SlaHZ6E6j+UV0q1WB80 Ck6dc8IpHhnuD6FeHJ09vsdcgaoDfYGfqI5bvYV6CKA
-> ssh-ed25519 iHV63A AYUNvys+v75VarEdcZ1g9r9bnW76Tfq91gWnyED7kB0 -> ssh-ed25519 iHV63A lHVBVGdvw1yp3huhqfGstff4UKRHp4wmbGpZPJxHjwo
zloI/t4Dfa4re850ldwdFEjbF1OR/5G8VBAl9n7umEs eWqfE+s06UgBSK0m9/GWWvhFf6ZcsN7vsygnxeXBF7k
-> ssh-ed25519 BVsyTA glhHHYg1w7qntg8J3y+6zKJHBaC6PZWFQJnmiQR6axw -> ssh-ed25519 BVsyTA vUCYL+NZu8VT8G+bkd/LknxH/7cB3HwOalTZ4Escghw
WiIDKiuzouGyiyANmEp25T1Dv2IRyRx+lovSpdFP/Dc p+RZhqg6voORDwSwWZ962NOpIn6kX3cryuhbqVD7rzc
-> wcj`iUv7-grease <d5F W -> LzOpAF&-grease mZ4f4.74 8%Wkxw
dXdOZ0LN94OwYEvaS4paokqfZm7hqw i6KRW+yK4flm+3fDrVbHAIMNzcbqErlGKHoAZJOwYrhl0tAaZBLk7IIPQ9bas3WQ
--- oEfnrJu0i9DSupMbQS0hKyVuI9mguqQXDcvXjXUIFS0 ZbJ6fgj/YYbgRhX0jUcmNwv/5tI
<EFBFBD>—ãaãW(?ÍRÏêþ­v¥Ô9S$« :ʉ{Içñ½ô< ¾|&Øy$ؼ9UÑC>}ˆSs¶Q!½ê·/ª4ªöY)þV\Q\y_»Ûg+ÅHÚ„Ho@™w§d† à@ ¯‹ª<: <0B>NO ¼Òí»X±°„!Ëâ£/̬Y7Þ_ ³«Ë‚Ê ³¤¹¢Ñ¦A}^»q --- 3bobJwE4FKDA2SnlzdzzTfMO8NU5+PvG+5of6jN0eCQ
«Øƒ <0A>àïÄúÉ<C3BA>`:/"i²ÀqjÙÃG³½c[ó„§>YõäètT­Æ:ƒh$ŽšO¡hù#,¢Üû R£[×¥F€žŽ3a]©ù€¯{JÑ·×þ÷"Æ¢æ¤Þª<C39E>ã tF]+>à`]HÁôѸ…}©T7VÔ¾²Àµ`<60>®Ý£®è!‰‰&]ÈÌZó^†#ÓöÈëÙ‰Ò‰¡]Þi`Tk<54>|<7C>bÁŒ´Rx§&^¢n]‚à.<2E>|Ѧ$Úå“h4œ¸KLÍ0<C38D>x»^q_Pó^¨Ô`Z!pc¤B1}ÐœõÓò<C393>xöîbYv»Öò©èØ"ûQAÆÚN`²±ì4UXžÙáYlÐ<6C>Wê®ïXÚe.Ûðd£r<C2A3>Ì[SÊŸ†àí<C3A0>¶Ä¦,½ÂQ~C<>ìWÅÙÜbø3fÂþÂç )$íÓ_MkP‡¸(PdxU¦o9§9h ŸŠÈKa¹7ßò˜ ;Ê廌äî³á

Binary file not shown.

View file

@ -7,6 +7,7 @@ let
teutat3s-1 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHcU6KPy4b1MQXd6EJhcYwbJu7E+0IrBZF/IP6T7gbMf teutat3s@dumpyourvms"; teutat3s-1 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHcU6KPy4b1MQXd6EJhcYwbJu7E+0IrBZF/IP6T7gbMf teutat3s@dumpyourvms";
nachtigall-host = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP7G0ufi+MNvaAZLDgpieHrABPGN7e/kD5kMFwSk4ABj root@nachtigall"; nachtigall-host = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP7G0ufi+MNvaAZLDgpieHrABPGN7e/kD5kMFwSk4ABj root@nachtigall";
flora-6-host = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGP1InpTBN4AlF/4V8HHumAMLJzeO8DpzjUv9Co/+J09 root@flora-6";
baseKeys = [ baseKeys = [
axeman-1 axeman-1
@ -19,6 +20,10 @@ let
nachtigallKeys = [ nachtigallKeys = [
nachtigall-host nachtigall-host
]; ];
flora6Keys = [
flora-6-host
];
in { in {
# ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBB5XaH02a6+TchnyQED2VwaltPgeFCbildbE2h6nF5e root@nachtigall # ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBB5XaH02a6+TchnyQED2VwaltPgeFCbildbE2h6nF5e root@nachtigall
"nachtigall-root-ssh-key.age".publicKeys = nachtigallKeys ++ baseKeys; "nachtigall-root-ssh-key.age".publicKeys = nachtigallKeys ++ baseKeys;
@ -32,6 +37,7 @@ in {
"keycloak-database-password.age".publicKeys = nachtigallKeys ++ baseKeys; "keycloak-database-password.age".publicKeys = nachtigallKeys ++ baseKeys;
"forgejo-actions-runner-token.age".publicKeys = flora6Keys ++ baseKeys;
"forgejo-database-password.age".publicKeys = nachtigallKeys ++ baseKeys; "forgejo-database-password.age".publicKeys = nachtigallKeys ++ baseKeys;
"forgejo-mailer-password.age".publicKeys = nachtigallKeys ++ baseKeys; "forgejo-mailer-password.age".publicKeys = nachtigallKeys ++ baseKeys;
@ -45,4 +51,7 @@ in {
"searx-environment.age".publicKeys = nachtigallKeys ++ baseKeys; "searx-environment.age".publicKeys = nachtigallKeys ++ baseKeys;
"restic-repo-droppie.age".publicKeys = nachtigallKeys ++ baseKeys; "restic-repo-droppie.age".publicKeys = nachtigallKeys ++ baseKeys;
"drone-db-secrets.age".publicKeys = flora6Keys ++ baseKeys;
"drone-secrets.age".publicKeys = flora6Keys ++ baseKeys;
} }