feat: flora-6 #48
|
@ -2,10 +2,19 @@
|
||||||
|
|
||||||
We use [deploy-rs](https://github.com/serokell/deploy-rs) to deploy changes. Currently this process is not automated, so configuration changes will have to be manually deployed.
|
We use [deploy-rs](https://github.com/serokell/deploy-rs) to deploy changes. Currently this process is not automated, so configuration changes will have to be manually deployed.
|
||||||
|
|
||||||
To deploy, make sure you have a [working development shell](./development-shell.md). Then, run deploy-rs with the hostname of the server you want to deploy:
|
To deploy, make sure you have a [working development shell](./development-shell.md). Then, run `deploy-rs` with the hostname of the server you want to deploy:
|
||||||
|
|
||||||
|
For nachtigall.pub.solar:
|
||||||
```
|
```
|
||||||
deploy '.#nachtigall'
|
deploy '.#nachtigall'
|
||||||
```
|
```
|
||||||
|
|
||||||
You'll need to have SSH Access to the box to be able to do this.
|
For flora-6.pub.solar:
|
||||||
|
```
|
||||||
|
deploy '.#flora-6'
|
||||||
|
```
|
||||||
|
|
||||||
|
You'll need to have SSH Access to the boxes to be able to do this.
|
||||||
|
|
||||||
|
### SSH access
|
||||||
|
Ensure your SSH public key is in place [here](./public-keys/admins.nix) and was deployed by someone with access.
|
||||||
|
|
21
docs/mailman.md
Normal file
21
docs/mailman.md
Normal file
|
@ -0,0 +1,21 @@
|
||||||
|
# Mailman on NixOS docs
|
||||||
|
|
||||||
|
- add reverse DNS record for IP
|
||||||
|
|
||||||
|
Manual setup done for mailman, adapted from https://nixos.wiki/wiki/Mailman:
|
||||||
|
|
||||||
|
```
|
||||||
|
# Add DNS records in infra repo using terraform:
|
||||||
|
|
||||||
|
# https://git.pub.solar/pub-solar/infra-vintage/commit/db234cdb5b55758a3d74387ada0760e06e166b9d
|
||||||
|
|
||||||
|
# Generate initial postfix_domains.db and postfix_lmtp.db databases for Postfix
|
||||||
|
|
||||||
|
sudo -u mailman mailman aliases
|
||||||
|
|
||||||
|
# Create a django superuser account
|
||||||
|
|
||||||
|
sudo -u mailman-web mailman-web createsuperuser
|
||||||
|
|
||||||
|
# Followed outlined steps in web UI
|
||||||
|
```
|
40
flake.lock
40
flake.lock
|
@ -122,6 +122,21 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"flake-utils_2": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1653893745,
|
||||||
|
"narHash": "sha256-0jntwV3Z8//YwuOjzhV2sgJJPt+HY6KhU7VZUL0fKZQ=",
|
||||||
|
"owner": "numtide",
|
||||||
|
"repo": "flake-utils",
|
||||||
|
"rev": "1ed9fb1935d260de5fe1c2f7ee0ebaae17ed2fa1",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "numtide",
|
||||||
|
"repo": "flake-utils",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"home-manager": {
|
"home-manager": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
|
@ -280,6 +295,7 @@
|
||||||
"nixos-flake": "nixos-flake",
|
"nixos-flake": "nixos-flake",
|
||||||
"nixpkgs": "nixpkgs",
|
"nixpkgs": "nixpkgs",
|
||||||
"nixpkgs-2205": "nixpkgs-2205",
|
"nixpkgs-2205": "nixpkgs-2205",
|
||||||
|
"triton-vmtools": "triton-vmtools",
|
||||||
"unstable": "unstable"
|
"unstable": "unstable"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
@ -313,6 +329,30 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"triton-vmtools": {
|
||||||
|
"inputs": {
|
||||||
|
"flake-utils": "flake-utils_2",
|
||||||
|
"nixpkgs": [
|
||||||
|
"nixpkgs"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"dir": "vmtools",
|
||||||
|
"lastModified": 1698443513,
|
||||||
|
"narHash": "sha256-wX2JIJ3JmJn6MAurdyjwZU+FZjLCwBArMrVSeeCb/ZU=",
|
||||||
|
"ref": "main",
|
||||||
|
"rev": "0d039dcf06afb8cbddd7ac54bae4d0d185f3e88e",
|
||||||
|
"revCount": 85,
|
||||||
|
"type": "git",
|
||||||
|
"url": "https://git.pub.solar/pub-solar/infra-vintage?dir=vmtools"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"dir": "vmtools",
|
||||||
|
"ref": "main",
|
||||||
|
"type": "git",
|
||||||
|
"url": "https://git.pub.solar/pub-solar/infra-vintage?dir=vmtools"
|
||||||
|
}
|
||||||
|
},
|
||||||
"unstable": {
|
"unstable": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1698318101,
|
"lastModified": 1698318101,
|
||||||
|
|
10
flake.nix
10
flake.nix
|
@ -26,6 +26,9 @@
|
||||||
|
|
||||||
keycloak-theme-pub-solar.url = "git+https://git.pub.solar/pub-solar/keycloak-theme?ref=main";
|
keycloak-theme-pub-solar.url = "git+https://git.pub.solar/pub-solar/keycloak-theme?ref=main";
|
||||||
keycloak-theme-pub-solar.inputs.nixpkgs.follows = "nixpkgs";
|
keycloak-theme-pub-solar.inputs.nixpkgs.follows = "nixpkgs";
|
||||||
|
|
||||||
|
triton-vmtools.url = "git+https://git.pub.solar/pub-solar/infra-vintage?ref=main&dir=vmtools";
|
||||||
|
triton-vmtools.inputs.nixpkgs.follows = "nixpkgs";
|
||||||
};
|
};
|
||||||
|
|
||||||
outputs = inputs@{ self, ... }:
|
outputs = inputs@{ self, ... }:
|
||||||
|
@ -82,8 +85,15 @@
|
||||||
|
|
||||||
deploy.nodes = self.lib.deploy.mkDeployNodes self.nixosConfigurations {
|
deploy.nodes = self.lib.deploy.mkDeployNodes self.nixosConfigurations {
|
||||||
nachtigall = {
|
nachtigall = {
|
||||||
|
# hostname is set in hosts/nachtigall/networking.nix
|
||||||
sshUser = username;
|
sshUser = username;
|
||||||
};
|
};
|
||||||
|
flora-6 = {
|
||||||
|
hostname = "flora-6.pub.solar";
|
||||||
|
sshUser = username;
|
||||||
|
# Example
|
||||||
|
#sshOpts = [ "-p" "19999" ];
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -13,6 +13,16 @@
|
||||||
self.nixosModules.docker
|
self.nixosModules.docker
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
flora-6 = self.nixos-flake.lib.mkLinuxSystem {
|
||||||
|
imports = [
|
||||||
|
self.inputs.agenix.nixosModules.default
|
||||||
|
self.nixosModules.home-manager
|
||||||
|
./flora-6
|
||||||
|
self.nixosModules.overlays
|
||||||
|
self.nixosModules.core
|
||||||
|
];
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
41
hosts/flora-6/apps/caddy.nix
Normal file
41
hosts/flora-6/apps/caddy.nix
Normal file
|
@ -0,0 +1,41 @@
|
||||||
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
flake,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
{
|
||||||
|
systemd.tmpfiles.rules = [
|
||||||
|
"d '/data/srv/www/os/download/' 0750 hakkonaut hakkonaut - -"
|
||||||
|
];
|
||||||
|
|
||||||
|
services.caddy = {
|
||||||
|
enable = lib.mkForce true;
|
||||||
|
group = "hakkonaut";
|
||||||
|
email = "admins@pub.solar";
|
||||||
|
enableReload = true;
|
||||||
|
globalConfig = lib.mkForce ''
|
||||||
|
grace_period 60s
|
||||||
|
'';
|
||||||
|
virtualHosts = {
|
||||||
|
"ci.pub.solar" = {
|
||||||
|
logFormat = lib.mkForce ''
|
||||||
|
output discard
|
||||||
|
'';
|
||||||
|
extraConfig = ''
|
||||||
|
reverse_proxy :4000
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
"obs-portal.pub.solar" = {
|
||||||
|
logFormat = lib.mkForce ''
|
||||||
|
output discard
|
||||||
|
'';
|
||||||
|
extraConfig = ''
|
||||||
|
reverse_proxy obs-portal.svc.e5756d08-36fd-424b-f8bc-acdb92ca7b82.lev-1.int.greenbaum.zone:3000
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
networking.firewall.allowedTCPPorts = [80 443];
|
||||||
|
}
|
116
hosts/flora-6/apps/drone.nix
Normal file
116
hosts/flora-6/apps/drone.nix
Normal file
|
@ -0,0 +1,116 @@
|
||||||
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
flake,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
|
age.secrets.drone-secrets = {
|
||||||
|
file = "${flake.self}/secrets/drone-secrets.age";
|
||||||
|
mode = "600";
|
||||||
|
owner = "drone";
|
||||||
|
};
|
||||||
|
age.secrets.drone-db-secrets = {
|
||||||
|
file = "${flake.self}/secrets/drone-db-secrets.age";
|
||||||
|
mode = "600";
|
||||||
|
owner = "drone";
|
||||||
|
};
|
||||||
|
|
||||||
|
users.users.drone = {
|
||||||
|
description = "Drone Service";
|
||||||
|
home = "/var/lib/drone";
|
||||||
|
useDefaultShell = true;
|
||||||
|
uid = 994;
|
||||||
|
group = "drone";
|
||||||
|
isSystemUser = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
users.groups.drone = {};
|
||||||
|
|
||||||
|
systemd.tmpfiles.rules = [
|
||||||
|
"d '/var/lib/drone-db' 0750 drone drone - -"
|
||||||
|
];
|
||||||
|
|
||||||
|
systemd.services."docker-network-drone" = let
|
||||||
|
docker = config.virtualisation.oci-containers.backend;
|
||||||
|
dockerBin = "${pkgs.${docker}}/bin/${docker}";
|
||||||
|
in {
|
||||||
|
serviceConfig.Type = "oneshot";
|
||||||
|
before = ["docker-drone-server.service"];
|
||||||
|
script = ''
|
||||||
|
${dockerBin} network inspect drone-net >/dev/null 2>&1 || ${dockerBin} network create drone-net --subnet 172.20.0.0/24
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
virtualisation = {
|
||||||
|
docker = {
|
||||||
|
enable = true; # sadly podman is not supported rightnow
|
||||||
|
extraOptions = ''
|
||||||
|
--data-root /data/docker
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
oci-containers = {
|
||||||
|
backend = "docker";
|
||||||
|
containers."drone-db" = {
|
||||||
|
image = "postgres:14";
|
||||||
|
autoStart = true;
|
||||||
|
user = "994";
|
||||||
|
volumes = [
|
||||||
|
"/var/lib/drone-db:/var/lib/postgresql/data"
|
||||||
|
];
|
||||||
|
extraOptions = [
|
||||||
|
"--network=drone-net"
|
||||||
|
];
|
||||||
|
environmentFiles = [
|
||||||
|
config.age.secrets.drone-db-secrets.path
|
||||||
|
];
|
||||||
|
};
|
||||||
|
containers."drone-server" = {
|
||||||
|
image = "drone/drone:2";
|
||||||
|
autoStart = true;
|
||||||
|
user = "994";
|
||||||
|
ports = [
|
||||||
|
"4000:80"
|
||||||
|
];
|
||||||
|
dependsOn = ["drone-db"];
|
||||||
|
extraOptions = [
|
||||||
|
"--network=drone-net"
|
||||||
|
"--pull=always"
|
||||||
|
];
|
||||||
|
environment = {
|
||||||
|
DRONE_GITEA_SERVER = "https://git.pub.solar";
|
||||||
|
DRONE_SERVER_HOST = "ci.pub.solar";
|
||||||
|
DRONE_SERVER_PROTO = "https";
|
||||||
|
DRONE_DATABASE_DRIVER = "postgres";
|
||||||
|
};
|
||||||
|
environmentFiles = [
|
||||||
|
config.age.secrets.drone-secrets.path
|
||||||
|
];
|
||||||
|
};
|
||||||
|
containers."drone-docker-runner" = {
|
||||||
|
image = "drone/drone-runner-docker:1";
|
||||||
|
autoStart = true;
|
||||||
|
# needs to run as root
|
||||||
|
#user = "994";
|
||||||
|
volumes = [
|
||||||
|
"/var/run/docker.sock:/var/run/docker.sock"
|
||||||
|
];
|
||||||
|
dependsOn = ["drone-db"];
|
||||||
|
extraOptions = [
|
||||||
|
"--network=drone-net"
|
||||||
|
"--pull=always"
|
||||||
|
];
|
||||||
|
environment = {
|
||||||
|
DRONE_RPC_HOST = "ci.pub.solar";
|
||||||
|
DRONE_RPC_PROTO = "https";
|
||||||
|
DRONE_RUNNER_CAPACITY = "2";
|
||||||
|
DRONE_RUNNER_NAME = "flora-6-docker-runner";
|
||||||
|
};
|
||||||
|
environmentFiles = [
|
||||||
|
config.age.secrets.drone-secrets.path
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
35
hosts/flora-6/apps/forgejo-actions-runner.nix
Normal file
35
hosts/flora-6/apps/forgejo-actions-runner.nix
Normal file
|
@ -0,0 +1,35 @@
|
||||||
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
flake,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
|
age.secrets.forgejo-actions-runner-token = {
|
||||||
|
file = "${flake.self}/secrets/forgejo-actions-runner-token.age";
|
||||||
|
mode = "644";
|
||||||
|
};
|
||||||
|
|
||||||
|
# forgejo actions runner
|
||||||
|
# https://forgejo.org/docs/latest/admin/actions/
|
||||||
|
# https://docs.gitea.com/usage/actions/quickstart
|
||||||
|
services.gitea-actions-runner = {
|
||||||
|
package = pkgs.forgejo-actions-runner;
|
||||||
|
instances."flora-6" = {
|
||||||
|
enable = true;
|
||||||
|
name = config.networking.hostName;
|
||||||
|
url = "https://git.pub.solar";
|
||||||
|
tokenFile = config.age.secrets.forgejo-actions-runner-token.path;
|
||||||
|
labels = [
|
||||||
|
# provide a debian 12 bookworm base with Node.js for actions
|
||||||
|
"debian-latest:docker://node:20-bookworm"
|
||||||
|
# fake the ubuntu name, commonly used in actions examples
|
||||||
|
"ubuntu-latest:docker://node:20-bookworm"
|
||||||
|
# alpine with Node.js
|
||||||
|
"alpine-latest:docker://node:20-alpine"
|
||||||
|
# nix flakes enabled image with Node.js
|
||||||
|
"nix-flakes:docker://git.pub.solar/pub-solar/nix-flakes-node:latest"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
71
hosts/flora-6/configuration.nix
Normal file
71
hosts/flora-6/configuration.nix
Normal file
|
@ -0,0 +1,71 @@
|
||||||
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
flake,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
|
psCfg = config.pub-solar;
|
||||||
|
in {
|
||||||
|
imports = [
|
||||||
|
"${flake.inputs.unstable}/nixos/modules/services/continuous-integration/gitea-actions-runner.nix"
|
||||||
|
"${flake.inputs.unstable}/nixos/modules/services/web-servers/caddy/default.nix"
|
||||||
|
];
|
||||||
|
disabledModules = [
|
||||||
|
"services/continuous-integration/gitea-actions-runner.nix"
|
||||||
|
"services/web-servers/caddy/default.nix"
|
||||||
|
];
|
||||||
|
|
||||||
|
config = {
|
||||||
|
# Override nix.conf for more agressive garbage collection
|
||||||
|
nix.extraOptions = lib.mkForce ''
|
||||||
|
experimental-features = flakes nix-command
|
||||||
|
min-free = 536870912
|
||||||
|
keep-outputs = false
|
||||||
|
keep-derivations = false
|
||||||
|
fallback = true
|
||||||
|
'';
|
||||||
|
|
||||||
|
# # #
|
||||||
|
# # # Triton host specific options
|
||||||
|
# # # DO NOT ALTER below this line, changes might render system unbootable
|
||||||
|
# # #
|
||||||
|
|
||||||
|
# Use the systemd-boot EFI boot loader.
|
||||||
|
boot.loader.systemd-boot.enable = true;
|
||||||
|
boot.loader.efi.canTouchEfiVariables = true;
|
||||||
|
|
||||||
|
# Force getting the hostname from cloud-init
|
||||||
|
networking.hostName = lib.mkDefault "";
|
||||||
|
|
||||||
|
# List services that you want to enable:
|
||||||
|
services.cloud-init.enable = true;
|
||||||
|
services.cloud-init.ext4.enable = true;
|
||||||
|
services.cloud-init.network.enable = true;
|
||||||
|
# use the default NixOS cloud-init config, but add some SmartOS customization to it
|
||||||
|
environment.etc."cloud/cloud.cfg.d/90_smartos.cfg".text = ''
|
||||||
|
datasource_list: [ SmartOS ]
|
||||||
|
|
||||||
|
# Do not create the centos/ubuntu/debian user
|
||||||
|
users: [ ]
|
||||||
|
|
||||||
|
# mount second disk with label ephemeral0, gets formated by cloud-init
|
||||||
|
# this will fail to get added to /etc/fstab as it's read-only, but should
|
||||||
|
# mount at boot anyway
|
||||||
|
mounts:
|
||||||
|
- [ vdb, /data, auto, "defaults,nofail" ]
|
||||||
|
'';
|
||||||
|
|
||||||
|
# We manage the firewall with nix, too
|
||||||
|
# altough triton can also manage firewall rules via the triton fwrule subcommand
|
||||||
|
networking.firewall.enable = true;
|
||||||
|
|
||||||
|
# This value determines the NixOS release from which the default
|
||||||
|
# settings for stateful data, like file locations and database versions
|
||||||
|
# on your system were taken. It‘s perfectly fine and recommended to leave
|
||||||
|
# this value at the release version of the first install of this system.
|
||||||
|
# Before changing this value read the documentation for this option
|
||||||
|
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||||
|
system.stateVersion = "22.05"; # Did you read the comment?
|
||||||
|
};
|
||||||
|
}
|
15
hosts/flora-6/default.nix
Normal file
15
hosts/flora-6/default.nix
Normal file
|
@ -0,0 +1,15 @@
|
||||||
|
{ ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
imports =
|
||||||
|
[ # Include the results of the hardware scan.
|
||||||
|
./hardware-configuration.nix
|
||||||
|
./configuration.nix
|
||||||
|
./triton-vmtools.nix
|
||||||
|
|
||||||
|
./apps/caddy.nix
|
||||||
|
|
||||||
|
./apps/drone.nix
|
||||||
|
./apps/forgejo-actions-runner.nix
|
||||||
|
];
|
||||||
|
}
|
45
hosts/flora-6/hardware-configuration.nix
Normal file
45
hosts/flora-6/hardware-configuration.nix
Normal file
|
@ -0,0 +1,45 @@
|
||||||
|
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||||
|
# and may be overwritten by future invocations. Please make changes
|
||||||
|
# to /etc/nixos/configuration.nix instead.
|
||||||
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
modulesPath,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
|
imports = [];
|
||||||
|
|
||||||
|
boot.initrd.availableKernelModules = ["ahci" "virtio_pci" "xhci_pci" "sr_mod" "virtio_blk"];
|
||||||
|
boot.initrd.kernelModules = [];
|
||||||
|
boot.kernelModules = [];
|
||||||
|
boot.extraModulePackages = [];
|
||||||
|
|
||||||
|
fileSystems."/" = {
|
||||||
|
device = "/dev/disk/by-label/nixos";
|
||||||
|
autoResize = true;
|
||||||
|
fsType = "ext4";
|
||||||
|
};
|
||||||
|
|
||||||
|
fileSystems."/boot" = {
|
||||||
|
device = "/dev/disk/by-label/boot";
|
||||||
|
fsType = "vfat";
|
||||||
|
};
|
||||||
|
|
||||||
|
fileSystems."/data" = {
|
||||||
|
device = "/dev/disk/by-label/ephemeral0";
|
||||||
|
fsType = "ext4";
|
||||||
|
options = [
|
||||||
|
"defaults"
|
||||||
|
"nofail"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
swapDevices = [];
|
||||||
|
|
||||||
|
networking.useDHCP = lib.mkDefault false;
|
||||||
|
networking.networkmanager.enable = lib.mkForce false;
|
||||||
|
|
||||||
|
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||||
|
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||||
|
}
|
9
hosts/flora-6/triton-vmtools.nix
Normal file
9
hosts/flora-6/triton-vmtools.nix
Normal file
|
@ -0,0 +1,9 @@
|
||||||
|
{
|
||||||
|
pkgs,
|
||||||
|
flake,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
|
environment.systemPackages = with pkgs; [
|
||||||
|
flake.inputs.triton-vmtools.packages.${pkgs.system}.default
|
||||||
|
];
|
||||||
|
}
|
|
@ -35,17 +35,17 @@
|
||||||
|
|
||||||
boot.initrd.availableKernelModules = [ "igb" ];
|
boot.initrd.availableKernelModules = [ "igb" ];
|
||||||
|
|
||||||
# Set your time zone.
|
|
||||||
time.timeZone = "Etc/UTC";
|
|
||||||
|
|
||||||
environment = {
|
|
||||||
# just a couple of packages to make our lives easier
|
|
||||||
systemPackages = with pkgs; [ vim ];
|
|
||||||
};
|
|
||||||
|
|
||||||
# https://nixos.wiki/wiki/ZFS#declarative_mounting_of_ZFS_datasets
|
# https://nixos.wiki/wiki/ZFS#declarative_mounting_of_ZFS_datasets
|
||||||
systemd.services.zfs-mount.enable = false;
|
systemd.services.zfs-mount.enable = false;
|
||||||
|
|
||||||
|
# Declarative SSH private key
|
||||||
|
age.secrets."nachtigall-root-ssh-key" = {
|
||||||
|
file = "${flake.self}/secrets/nachtigall-root-ssh-key.age";
|
||||||
|
path = "/root/.ssh/id_ed25519";
|
||||||
|
mode = "400";
|
||||||
|
owner = "root";
|
||||||
|
};
|
||||||
|
|
||||||
# This value determines the NixOS release with which your system is to be
|
# This value determines the NixOS release with which your system is to be
|
||||||
# compatible, in order to avoid breaking some software such as database
|
# compatible, in order to avoid breaking some software such as database
|
||||||
# servers. You should change this only after NixOS release notes say you
|
# servers. You should change this only after NixOS release notes say you
|
||||||
|
|
|
@ -9,7 +9,7 @@
|
||||||
terminal-tooling = import ./terminal-tooling.nix;
|
terminal-tooling = import ./terminal-tooling.nix;
|
||||||
users = import ./users.nix;
|
users = import ./users.nix;
|
||||||
|
|
||||||
core = {
|
core = { pkgs, ... }: {
|
||||||
imports = [
|
imports = [
|
||||||
nix
|
nix
|
||||||
networking
|
networking
|
||||||
|
@ -17,6 +17,19 @@
|
||||||
users
|
users
|
||||||
];
|
];
|
||||||
|
|
||||||
|
environment = {
|
||||||
|
# Just a couple of global packages to make our lives easier
|
||||||
|
systemPackages = with pkgs; [ git vim wget ];
|
||||||
|
};
|
||||||
|
|
||||||
|
# Select internationalization properties
|
||||||
|
console = {
|
||||||
|
font = "Lat2-Terminus16";
|
||||||
|
keyMap = "us";
|
||||||
|
};
|
||||||
|
|
||||||
|
time.timeZone = "Etc/UTC";
|
||||||
|
|
||||||
home-manager.users.${self.username} = {
|
home-manager.users.${self.username} = {
|
||||||
home.stateVersion = "23.05";
|
home.stateVersion = "23.05";
|
||||||
};
|
};
|
||||||
|
|
|
@ -1,15 +1,40 @@
|
||||||
{ pkgs, ... }: {
|
{ pkgs, ... }: {
|
||||||
services.openssh.enable = true;
|
services.openssh = {
|
||||||
services.openssh.settings.PermitRootLogin = "prohibit-password";
|
enable = true;
|
||||||
services.openssh.settings.PasswordAuthentication = false;
|
settings = {
|
||||||
|
PermitRootLogin = "prohibit-password";
|
||||||
|
PasswordAuthentication = false;
|
||||||
|
# Add back openssh MACs that got removed from defaults
|
||||||
|
# for backwards compatibility
|
||||||
|
#
|
||||||
|
# NixOS default openssh MACs have changed to use "encrypt-then-mac" only.
|
||||||
|
# This breaks compatibilty with clients that do not offer these MACs. For
|
||||||
|
# compatibility reasons, we add back the old defaults.
|
||||||
|
# See: https://github.com/NixOS/nixpkgs/pull/231165
|
||||||
|
#
|
||||||
|
# https://blog.stribik.technology/2015/01/04/secure-secure-shell.html
|
||||||
|
# https://infosec.mozilla.org/guidelines/openssh#modern-openssh-67
|
||||||
|
Macs = [
|
||||||
|
"hmac-sha2-512-etm@openssh.com"
|
||||||
|
"hmac-sha2-256-etm@openssh.com"
|
||||||
|
"umac-128-etm@openssh.com"
|
||||||
|
"hmac-sha2-512"
|
||||||
|
"hmac-sha2-256"
|
||||||
|
"umac-128@openssh.com"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
services.resolved = {
|
services.resolved = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
# DNSSEC=false because of random SERVFAIL responses with Greenbaum DNS
|
||||||
|
# when using allow-downgrade, see https://github.com/systemd/systemd/issues/10579
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
DNS=193.110.81.0#dns0.eu 185.253.5.0#dns0.eu 2a0f:fc80::#dns0.eu 2a0f:fc81::#dns0.eu 9.9.9.9#dns.quad9.net 149.112.112.112#dns.quad9.net 2620:fe::fe#dns.quad9.net 2620:fe::9#dns.quad9.net
|
DNS=193.110.81.0#dns0.eu 185.253.5.0#dns0.eu 2a0f:fc80::#dns0.eu 2a0f:fc81::#dns0.eu 9.9.9.9#dns.quad9.net 149.112.112.112#dns.quad9.net 2620:fe::fe#dns.quad9.net 2620:fe::9#dns.quad9.net
|
||||||
FallbackDNS=5.1.66.255#dot.ffmuc.net 185.150.99.255#dot.ffmuc.net 2001:678:e68:f000::#dot.ffmuc.net 2001:678:ed0:f000::#dot.ffmuc.net
|
FallbackDNS=5.1.66.255#dot.ffmuc.net 185.150.99.255#dot.ffmuc.net 2001:678:e68:f000::#dot.ffmuc.net 2001:678:ed0:f000::#dot.ffmuc.net
|
||||||
Domains=~.
|
Domains=~.
|
||||||
DNSOverTLS=yes
|
DNSOverTLS=yes
|
||||||
|
DNSSEC=false
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -25,12 +25,6 @@
|
||||||
users.groups.hakkonaut = {};
|
users.groups.hakkonaut = {};
|
||||||
|
|
||||||
users.users.root.initialHashedPassword = "$y$j9T$bIN6GjQkmPMllOcQsq52K0$q0Z5B5.KW/uxXK9fItB8H6HO79RYAcI/ZZdB0Djke32";
|
users.users.root.initialHashedPassword = "$y$j9T$bIN6GjQkmPMllOcQsq52K0$q0Z5B5.KW/uxXK9fItB8H6HO79RYAcI/ZZdB0Djke32";
|
||||||
age.secrets."nachtigall-root-ssh-key" = {
|
|
||||||
file = "${flake.self}/secrets/nachtigall-root-ssh-key.age";
|
|
||||||
path = "/root/.ssh/id_ed25519";
|
|
||||||
mode = "400";
|
|
||||||
owner = "root";
|
|
||||||
};
|
|
||||||
|
|
||||||
security.sudo.wheelNeedsPassword = false;
|
security.sudo.wheelNeedsPassword = false;
|
||||||
}
|
}
|
||||||
|
|
|
@ -9,6 +9,7 @@
|
||||||
nixpkgs.overlays = [
|
nixpkgs.overlays = [
|
||||||
(final: prev: {
|
(final: prev: {
|
||||||
mastodon = inputs.mastodon-fork.legacyPackages.${prev.system}.mastodon;
|
mastodon = inputs.mastodon-fork.legacyPackages.${prev.system}.mastodon;
|
||||||
|
forgejo-actions-runner = inputs.unstable.legacyPackages.${prev.system}.forgejo-actions-runner;
|
||||||
})
|
})
|
||||||
];
|
];
|
||||||
});
|
});
|
||||||
|
|
28
secrets/drone-db-secrets.age
Normal file
28
secrets/drone-db-secrets.age
Normal file
|
@ -0,0 +1,28 @@
|
||||||
|
age-encryption.org/v1
|
||||||
|
-> ssh-ed25519 Y0ZZaw FLHjNYq0CIlbPUKpJgrw4Dka33LIBW9p2E93v8RGdl8
|
||||||
|
aw0LoWNfjAx1nXK9+SwFMLRxpd/KZL5Y0XJQqIZG0+E
|
||||||
|
-> ssh-ed25519 uYcDNw dbVXX0Nj5fq5nr/7yaC3ZQnPIk5MQAQpT5RJmz2IMCM
|
||||||
|
t9ci+WVCroHprSfoud7LKuaTjk5NeiS/Mp2LqhcOrdI
|
||||||
|
-> ssh-rsa kFDS0A
|
||||||
|
RZaFU9rClM9C7SUyYx4e1dZmntzPxoB60gJU2XUXFwkAp54dXL8fxs2cHcRxUQMo
|
||||||
|
HpzCCMiPo2QowUe9O4VQFlOPraub+aTc/nkMmy/spKM50DeVHlK11aoGkJ2j8uj9
|
||||||
|
FPAzdI47DFpLWN6ncndtKHvYeV2ip2qv9oOgbl84aQ5DqeACb5BHtGS0edWa8YwM
|
||||||
|
8B6GX9ZpDGB6oW17Ko4IIjeBRnwmY+66mzl6cqhYsGWK2vOYBDLmx4JmGH2LqHL7
|
||||||
|
+8kQBaq+hNkRlpgLZC7RIrnaW41yMmRZbyr6hPIXaLnlYp6+7+A8krnZKTJXPgBf
|
||||||
|
Cpv4SSd+igSSjUGUSrnOM2LqOAOcqBAmnIDAyIsVMPnjOkCFxyEj1ynfiSwM1qb0
|
||||||
|
QqTi0TZRHZsfpiGcvHVoBCWBFQ8d391MFQAiija0iW6QR/eRiGC4mcSA/6vP6X9G
|
||||||
|
p7BNJoP+mt0pYpVXCA85Rv5K+0JKR2VqlluHl4V2rnwqCGGelG9oYz2D1pQz7Obs
|
||||||
|
vVgjJaWxzzLGrCCDwk6LjuXv5UMobwlTw7YEGad7AnKPjtrhLuWm1Xs8STZ5oMJp
|
||||||
|
BhYLDuTUtLFvYciITEEWK/46IBI4m8iJmKpHOMXjWhSuBGKj9q9ifwxeLOmkZgt/
|
||||||
|
AojO4dtmmfzVNLGIIoUdFYjbp/Kr92p78y8jBIIkcMs
|
||||||
|
-> ssh-ed25519 YFSOsg TvpVdCtlBkpCBOPgiy8wKZo/0JxzQFDFRh16SXsdm1Q
|
||||||
|
SSHyUUNu2S1Sq7c89DZAlx43zoab32mUenqgitqEfXw
|
||||||
|
-> ssh-ed25519 iHV63A YjDcxJ0Jt1Ifc22kDk5qiPNv333ZVdHizPdc3e0QgGQ
|
||||||
|
nqXiCnVH9x7xAlEhIlqD2ThvglFLaHyd5yMzun7m7Xk
|
||||||
|
-> ssh-ed25519 BVsyTA eZZW8nsBoPJEDgH0tJNKMHyQgyOD5gpuf/gAGfaycj8
|
||||||
|
Ss82nrDGaf/ZB4hq9bVYwmTdh7Z1zl10w8bpr5cN3Dg
|
||||||
|
-> %o-grease g0_~ |]P[H&% }+
|
||||||
|
XEDXb/UfDFfY/NGfgrttIHoE0Q/0S2xvBwpy0p1SJb4h1/xOb/E/3uIWT7OlQQgO
|
||||||
|
8Q
|
||||||
|
--- 0DdGRYR7j5NAQX63wD6e4LxW3xHTTiBekFtxYFCcK10
|
||||||
|
“Uç2J¿3fKx¬Õì¢üsñx–ÿ;1.Sû^dÍùÆÿ›3å+«rö{Y×1¹˜µƒÝÅȵ&û'’ا<0E>Û®)ìÄ_4™/øu¨\TÁ¥<C381>§eFõ¨tÁRä×ÜsÂÒŸˆs<CB86>Ë%\»s|œ¹°
|
BIN
secrets/drone-secrets.age
Normal file
BIN
secrets/drone-secrets.age
Normal file
Binary file not shown.
29
secrets/forgejo-actions-runner-token.age
Normal file
29
secrets/forgejo-actions-runner-token.age
Normal file
|
@ -0,0 +1,29 @@
|
||||||
|
age-encryption.org/v1
|
||||||
|
-> ssh-ed25519 Y0ZZaw DpFuuPR7C+Kge5mFO+yDjHgY/3dTiolNAGcxNGnsGwc
|
||||||
|
S2NQAjZPFfCNGzniArPAJVLKCmSz7Ii2xO7REsNOnr4
|
||||||
|
-> ssh-ed25519 uYcDNw 6NlxLCxVu+/tX5FFMLTEoKLx7Ug78TvKufBw/fpLeF4
|
||||||
|
3GK+lFy+zxF08TW8ZWZ/cDBq5AFTTOLikvy0HNjgNWA
|
||||||
|
-> ssh-rsa kFDS0A
|
||||||
|
RLH5jnzacTt4265aOntkuTGMGVpjJhGZhbdPjmiyBMBLOwUZnzY7vSwjyU29XTyS
|
||||||
|
/7goXuNAMvY00fDMG5FXyeAD7QaVHNa/tAw3Bmtu9rfFUZX4ftJeXQg2QTq4Ulrw
|
||||||
|
n3IKd62Ew3iMeI1h9H2JdXlse5tlkCkWdZQD+s7rCMeJDEe0m8r7bFPMdXjJMO3f
|
||||||
|
T3UzjeNFJYsIEPKDCpC6zaA4aRlaVSdoPLIIooB4A//A4aG4ywzvN27JODK2nTB4
|
||||||
|
ttjbHK5HGzNLmeJP9wS79bOX/Fg2QUl0bGoOdCiWqFtYkdPzxjstuRd+7OT9E5BM
|
||||||
|
5h4gqZjxs/k4NZawlIfLeUe5biWkThEqaruzkmgfjY7kch0chqNnpDghOBkUL1VF
|
||||||
|
KnECE98nmy9huoeDtCUL0yag3yi/Kx7MMaZaNCTJFYpjA3sadvg6nco//e6nA6Pm
|
||||||
|
vcPcUz8xiZI2Wzx0fPVwVMOozKjf4yEqjERRjo7haGF6vYtxV/zSf5tzxiQsEOGv
|
||||||
|
/G67BnT6Az46eh3K2EYVRRBTb5sni3ObsO5V/K9ms/MM9eI4qEBRqKag8jRoXVmF
|
||||||
|
BZKjLwGOU8tOZbupj1Z3JKULqP3FiDLXh+NxM4KE5TjE71eAt8teEytvWYdlwKtO
|
||||||
|
YjWNheyxxqklTYgzkNQfj8Ks6LujyMdpFtm8toFMVgk
|
||||||
|
-> ssh-ed25519 YFSOsg GE4K+tP7cjKpq+bxf01vCttDnZAzqtIfwzJ+Zw4D4UI
|
||||||
|
KG5CNA+FsmC+PhjpifvqRiOWUFHaKQe9QLXydlTFjCw
|
||||||
|
-> ssh-ed25519 iHV63A +WzV34WwVL+tamwELQY9fuHlBLvzOeTiFjK+LK9d1Rw
|
||||||
|
KAP3JhagG72qUSWzodRhr/jzFiDaN4GkIuLf+9VuJrE
|
||||||
|
-> ssh-ed25519 BVsyTA BnkoBmSm2zSm8QtCcN0iFzP5iliTDct36iruHE6FbF0
|
||||||
|
9J13BMVSlLRjfZw9i4nSj0ccsY4P+xEvYl/MYUgYZPw
|
||||||
|
-> S!:G3-grease 0 *v3U# : mPvcuGUl
|
||||||
|
L3/27eEyArXmM1arietTmN3cao01kBkBXBZXsN1HtnTC8sMXVhq+WVD3QozgDd2k
|
||||||
|
ws04Y08VFgbfM2ErCsRfKz8T
|
||||||
|
--- ekItTZTtoj93NT1Xe7zky72aG+rzhAcD/cqNxGAnPHg
|
||||||
|
ɽ³løX5),ZÙ•ç+z
|
||||||
|
÷•õ
¥Êxm\”cç5û9ôe¹—õ¢\"Ûçxm‰\©†… °@K÷<|Ó÷,B1Ö7FJªè•XÃlk
|
|
@ -1,27 +1,27 @@
|
||||||
age-encryption.org/v1
|
age-encryption.org/v1
|
||||||
-> ssh-ed25519 iDKjwg RIy4MC1iLzjOVc1ENd8Hic3b6yVsey1jGKKfpH5QznI
|
-> ssh-ed25519 iDKjwg IFEv1dHKgnrQp6jjxwv6cmEeFRDLEGrnVaJkQ58ZaiU
|
||||||
jCdBc7BcfAa0/BxN40P9neRJcRyz/mbXCHkQZ98MjqI
|
OzmsmKDfl0h5O0gtPeV0B/O6rySog0PVok5H6544mJA
|
||||||
-> ssh-ed25519 uYcDNw bmxhArWdUbbC2zCb1FQmtz5UXBKM9nYdGnmRQNVjsiY
|
-> ssh-ed25519 uYcDNw M6IIbbZ07S6k8Gn1ZdMoQjjRZ2veA5aavAofofH4mWA
|
||||||
IUsRWcBZf2HJpibhqaqBUGTaOTL865Y2ZR2ZM8Ocmr0
|
Zg3luviCp3PRNajja/DDxWmJm3bUEtNzm2MG6WFMwas
|
||||||
-> ssh-rsa kFDS0A
|
-> ssh-rsa kFDS0A
|
||||||
XuCHi1ekeI+EG3JpNpze/XZWImIFHd4itCzjxApHINBdUqRA7yqVq1k557GcXU3S
|
Qt9Q+RTtl07p6O9RjpGeM/AcK9MregnLFxd2VCOJfE4RtLD/euEA3+u0Ad/SNHtF
|
||||||
dSW4Li2yQaGTDfWYbks5gyOxHjJ75mQ+McnzROdMuMTNYYpTs5CDmGUKDs7Fp86l
|
UdtELgQeWQn1RRSTycmfo2FOu80do408uNjk9HueA+bxuVB/W3hLmCADsfNt4AcA
|
||||||
/YLfoo/hYd7/sKObJLSC/STEk/ObAxDNIe2eEK+esbAlBC0Lym9mi/vtuY8WzWAY
|
h9ioCA7zrCfei5UhbThUgpU79n++IWv+fPZQ1XUndTpRDrLFBCmZIYvupYezPYYL
|
||||||
dsPvGk6497ap5lcZiLiJRChqumYSoTryKAMAvfiTtytcNCFh7hWnw5DFKcA/vlkx
|
/QxpCQVZWmPe5LK7Cs/hsVp8SII0wk6pT+Gh3ZR2lqTanhcVA1pBkhcMjZLCW+m0
|
||||||
cGDrM99itWtEO01oWA6SAVL6JfpWyjpQZqEKt3f3U0xsJbLUXEEiH+kUWpros6Nk
|
gE6P0LOP72DoTH/Wq5krpjUkmTkAaQnedxMbRqUmqQ4E9XWprplzqe11ijItWD9c
|
||||||
PJKVR2mcW3DiBKpR2QJDIkXJ5tUWzDn9Dgw54NniF2D91xs3MzQuvScrfb+/XR6H
|
k3Eqc9Rw3uBhDe6u7Uk0zfD+q5MX2tjCSZVrU8yf3YDIM0ZXgcLYZycwlVF165ob
|
||||||
Xc9BiytdOP/WW3PnvAu2jfMzXJlmlUJTQTWYRZs5tp8daKFN7MP3cIMwx/r+qc+o
|
Si7nk+0q3Y7cfizKTIr04KAxiM0S+z6vv0zAVulQwU8tzt4whovh+A5w0X0NqsfM
|
||||||
JbqFxOewnNO0hEwfwYPCFnMEam8rmRmU8GI1RiBAGpQbBv02ihX4U5eWuLXrpmHK
|
VKySv2EZ7T0HnDHtCN9aB6BRs+8BIipfMcb76obHWa1z5xDYmawebtztvwt4hw0o
|
||||||
0VOgkesWsAOHpV+tRJ3cxA8t/pjIWmN0nccRz+qz/1Ec6O5circBneVBgJow/MKh
|
V7VdC9SoVDwq3nFMLQD3+5jhbqfGtRFhSGLzbh9SbNg8Uyrtdq7vucmcLfXZVIJd
|
||||||
M0f0b+HPr+ld0z4FA7rDESGhgQHEsyU9UUWU8U++Mdh64c/mRMCnYokoemve0w1G
|
qJgtlxSYyhRgc3W4C5VU0imEw6OI9pU+wtKdxy0dkEwwDTtwbLm705ecGEZZncgK
|
||||||
9cJjR0rcknDgo+KQutinh3pTqbvYrtfP4iuzWBd8LV8
|
FJoN9Ekmeys+XVvRQDg5mB6dLURYfAmpA1m4Z5n6o/U
|
||||||
-> ssh-ed25519 YFSOsg m6r2ew7bjrpbA0QMs7O5MhSm0UpKCWHEJTlwm384MxI
|
-> ssh-ed25519 YFSOsg 3GMmeCYAYaauIAfmYa03QvngaHWoCplNNTQiriiacGo
|
||||||
a/mnaNz14aFuZCtcq46ANVydKRJw0e61N5e+kGGkuYQ
|
PFnOJAATB5pW9uiMnZUG/aEpVowHOzfq8RYmOUkFHGI
|
||||||
-> ssh-ed25519 iHV63A MQu2VYkY/Cs5bhYe95wpdlpLfe/lHwhk60WA9EgN3wc
|
-> ssh-ed25519 iHV63A 1lR+ZHsXw2sJqCHcbdYPR77w0k+LU9PEFT+bR4J+wzc
|
||||||
gbZyVF9l0W8+BO59ddsZ7c+VgzdPkNbq9U9oG0Kjebo
|
7p0YQW0xNUme7oOLsKPomx86i5mVexoFnsol75hI7Ro
|
||||||
-> ssh-ed25519 BVsyTA XWMWR2qUI1KFhcZxGgxuWOq+DLrTwHvEpI7xee/GD3I
|
-> ssh-ed25519 BVsyTA Y9X469NMDgT/KRWQKxg7+TUXW08jQ1ACXYpvWCPYBlM
|
||||||
jVckHGgjXWlz0kvad6EDZ1vDrXGjBM2dxT5qJswX2Kc
|
hUojIB1Wk2yki2cgWMO+CUF4hAEmIwdgNeiXPjsYdmM
|
||||||
-> W},tK-grease
|
-> _w:{-grease Gg:\L| ~7 op[S^L:
|
||||||
4P6Gr7nsS9raE/XVkCkDawtWkS7a3o7r7tXe9w
|
qL+WeYvxxEUUSX2b1xSa
|
||||||
--- de3b3x+RtRpsIBf3Sh72AydLgEHUcGeRvoDE0rPFZ2o
|
--- HDOAUEyo2WtEf2roCfMkEKNx48ZX08b0Tj1BMUbOJDM
|
||||||
ZË8æö¾€pM£¿Aúʨ$Ë[’ùÙËó¥Ÿ<C2A5>‚<íøýt£ÊIOr›Öq™½oÛñ»ácÐeî,œ;MK_¯©¦ž3-Ó<>íߘõÀ§£é\RQ&ÀžGá’·®ÅR}
|
˛mͧ{µp†•Y<E280A2>ďŇWńţ{HüGp—Ż[o›L ~ó1ý5÷¨
|čů#Đ%Nď÷WµDĺ5'ws=íˇů·žDlnÁ§doařŰ˝ŐZüC}Çׂ_Ĺ‘Ű|†Ě:Qťŕ
|
|
@ -1,27 +1,28 @@
|
||||||
age-encryption.org/v1
|
age-encryption.org/v1
|
||||||
-> ssh-ed25519 iDKjwg qOInns0pyNkaFNGoodX1QrRCSRDL5ncmJWSyDxCo7Rc
|
-> ssh-ed25519 iDKjwg YnMyPihQVexMn+Fo3GFLVdDdovAEGSlhcHtJKYsk2T8
|
||||||
8mJO69rBO8IaVRYG94hidY6MU7UEn+ENejdHOkzn7h8
|
nGU7ENvUew6N4gzZAfSEqM5el6M4abC4fR535KZsjyY
|
||||||
-> ssh-ed25519 uYcDNw FdZ8Z50hcHrRVuBC7HPnVPNdnJgyudepe/smnTkcmzg
|
-> ssh-ed25519 uYcDNw lPE7/R9GhYEinW9LNJ1c8N9oiTmIFesCML6fbom4NQc
|
||||||
ELojSvwv3K6YVLXEAmjoQxt5szvs68oRZ9fZ+QcaVEU
|
cxwc9AdLwqOtBmb7853LQ8uxWovT9FvpqvOYKS1zbVc
|
||||||
-> ssh-rsa kFDS0A
|
-> ssh-rsa kFDS0A
|
||||||
cbDwTYbZf9SZJ4SmjdBD7hSWMZWi87KUbAHTS2snWi1wjf0m5KngbdlWVcTOgwE5
|
cX8p4DJIRP378pFp9Tk4di4VBTdIQ281PhD8lBF+mOrsdxEphlFJ0dpDdlRNYN2U
|
||||||
Gnn1m9cZKx6z7s/AUsPRRQizoYsUY91osPmc7lNVZ8mjJ6ztLhX1JhAy3PobmxDi
|
C/ku2yYVDdQjpwV2i16J99swGNR7Ui3g7BewySk2VeA2Zp1iVHYrxUcLHTU4FkTy
|
||||||
BI3WsZtMpL+JihSE1DfJ05dkY/tWYZu/yXDmaig/E54YsuyXeATikm/IzxbSXDDT
|
rO654ndMR9nMOF/eMw8q40fdvDR0Dgtz26uqKHqabpHQrmvtRZ+O///4PSLyTpUq
|
||||||
crSOE2YVS0+GjhEfJft6ckw9YdbzqjoXwdutrzQWdivvXU17xH11cM3xC579OUNF
|
C0Rej1q9hsq38t1SwjYyyR4jZKi2eqUzNI8ZPriDJFwbOf+bKmFx2yxjN/DwjtTZ
|
||||||
c+EobYRjCfzsk27vFGxieV+0mAmJSM5V5mBQ9VBaqDiZ43gI5enCIVJIkK36f4P3
|
P2iajSqXj7bTxarWUOlTEbq8CMEpCTk5GU4G6YVJdFRSyw+KOmCbQccH45gsAsn9
|
||||||
lt9PQ9UmWJ8RPQis+Aaq5Ld5y8aVho16BQjCqDzsRoFTalVNYa5ElrB2nuJPYQIw
|
DDhhDC1nc2WRFEBbSCQdzmdEYLQa/vsmdL9Uk2CENAmqJ4s7YeaOltYxIQuIIlhW
|
||||||
DV9Hj3R2wG4IZSIEq5WnLtk7Gda2x4VlfdlMhGXixPJ0xjYKWg8Sj0qlmCAVqqEc
|
hDRW3MJnjaA3Z5FUyGGEF9G9/puWk+flFqaxdmPImR2MlclMokGFWQrb0LfBTKBN
|
||||||
QyWpVFEu1ogk8Gw2jQK6TvrxUT94UAyEBwqBbumqaB3JfsnDaxbFlLG1wWr10nXh
|
OHyLa78pCrskgK7xvRN92jepoO3iiBx1cHDgBzNIkEKt+xSissSexRlTwmc0QOom
|
||||||
axplDvM7tuU5RvjPGSwUezkryfn8SjEod+04rQRLhe9JMD5C33JBI1p5JNi2ZAB/
|
x9wEqBoMLy/CczRQisHRfRvVvbiu9S9ptn7jKfUExMmF5kZ3zMGnhwIKFARKyeRU
|
||||||
SyujIVCh+DRzq9IjMYCgCYmYp5P7pJlk+GZCeeMSbvf2d45mX1P2D6PrCm8uSL8m
|
xrJ5xJXOc2jWtK8HyhOObj4JgZYwCgC5yZg0f/0tTwhmD2Rg7l/Z14Qc8z4uSr7a
|
||||||
Fw7mOliDyBGPizpQ2lOJaL1q4A5KGjAaRVuRJSaNlBg
|
ZI44yVR6NrnwvxCZc2VMRpS4BKYWZdor29A2I3Mf6es
|
||||||
-> ssh-ed25519 YFSOsg c3VN03glwExVKBi83ftg6jNZ2Yzx4PGmRiQOpgQl9AI
|
-> ssh-ed25519 YFSOsg y7SH3xV54A8jRPDALbUgkI/kfG+7Dim9bQ3RoE9dElQ
|
||||||
sKrGt7U5XwNkyydwmXBxPvHwKloY6V/mn+5ipq2GYZo
|
upTzhcltID98iwyIvAV43TNkn1JiPPTZKYQDXs5nVrU
|
||||||
-> ssh-ed25519 iHV63A mH5q5q6ZPlddNsil1NjVLcT2gIxh+PlhA6JT9HBD/VE
|
-> ssh-ed25519 iHV63A OvowvvUTzN/ZZMYciY8PL4jNTsFxvdqo0HZGhrKvpQE
|
||||||
O9OxtyCtIhNMFMUPCyPL4ycT75t/g1nvli6XXVifXGo
|
6+vZnlXisJLgHsT973Mv5TW0CNaH7+95u2OLHcNRMTs
|
||||||
-> ssh-ed25519 BVsyTA iPdUjSRVamrCzUJVhpzMyUhyxHisRofkKswvCb/qUCo
|
-> ssh-ed25519 BVsyTA AXiFtvrUa0SZJIDO128oZ/1EzuQCf/MTXSS8+JXRbBE
|
||||||
Z5UOndKbp5GPIzxB4xsNlGqC30dnMx557n07NkS3aOk
|
L1aePz98wwpswYTwyIi+qlMG5PKaC8YTQ+yBNURV0o0
|
||||||
-> fqFqA!-grease >^roC?oN
|
-> C-grease Xr"nY_F? L*?+,=6 >>*
|
||||||
kKQNtgmcdmj4h1fFB4Fse21BfLrq73SdIZ/cyD1qxBR8VUtIPReLpiYJSm30Eg
|
btUoGPkIUxNHjEV0cngeRklh2GEiS3m1v9wMkX8CH2gDeFF2M6TTroCpsqRG191/
|
||||||
--- mUQvto08o1xaSIbSE+zi9IPCIuZZF5G9xlwKUApylMY
|
oUAA7nf95TEVqPIENOEh2w+U+Q0AMxUvGdps+w
|
||||||
6M€£ú‡‚ÆçU܈GWR"*#¶BwøK`ÈÀÈŒtèsoga‘3ržœñ_ÃT9š™
|
--- q922LPdFDFgQBvP6ZX4Zr8+bc2Rb2z3Ru45K/bPN6yw
|
||||||
|
シEr寰竪5<ヲGYォtOサメ搨ァチY&d嬶|壤゚<E5A3A4>恆ール.rl暄ツ}
|
Binary file not shown.
Binary file not shown.
|
@ -1,27 +1,27 @@
|
||||||
age-encryption.org/v1
|
age-encryption.org/v1
|
||||||
-> ssh-ed25519 iDKjwg MIpZgS2K0KZ6NXSvHKaUs5IOwMK8C+THuH+OXGKgpk4
|
-> ssh-ed25519 iDKjwg AEmgV4RMWvoL7IS0h33S86bBpCy1jxuo4Ey8SUakEzs
|
||||||
rwBSIPZ6pHczmeEuNsPgTJIdzE7yHBglYHGbOSd772I
|
N3eK1K1BE2hLGF5qwQH4XVZN7y0s4pikYoxeltP1w4s
|
||||||
-> ssh-ed25519 uYcDNw EY2Zk/jYWxYBPY/g6IH7aSIFvMuOwSplkmaeRC1aNSU
|
-> ssh-ed25519 uYcDNw eZrJo1AE7zcNjOn3YceDtRkumV0rwPOR5bk5s5SF+m0
|
||||||
YCSThBBXbmozEZmUDgjA8xuFG9D2lGENZcWvCnRQk+c
|
n9+J1xLDD6carZMRg05BDmaQG/78O8P8QVscKRHy6+I
|
||||||
-> ssh-rsa kFDS0A
|
-> ssh-rsa kFDS0A
|
||||||
Z8Xs3hFGUElQdNlxlcnJIA8814TZJYqga/SUXjxG/uvdzv9uExEiNp8FJ5emnT0u
|
b3klbHjUczTIudayv7wKpiK0IVPUjphuV451U5pEyRXKElJxcAKLae3h4eY30v0N
|
||||||
zAaFv5aYiBa1b7aYEVdk30wjmWPT7leOPTFF5qAUdiPHxII+jHtx+eCnum72po42
|
sCEu32zw7aBdlQRsJrubOdn2RY7ogDsUirM31xEHx/UcDsFFgm806usYAoZ2dpT9
|
||||||
SR03IjznH9fKaKiT0VNXDIVZnkP2SaAKhIj57XSUeE/weiU5apBmTMPzMQAkz7KR
|
XELWPs/ZbPuoHf7aJnDXLTtL0KziichCJx5RwpqmKWTDliIcoGLyNVauOU4jq8rK
|
||||||
sm7uFYYv8zY7LFC0ByPnFkYi6O+mc9LzunlGQVMAQe/fmoEfzI2dmrGhcG2iUbM5
|
QuwKadE09U+HvxcTuyVog6lFRGqx+Ak2qRLyPnxDSAkiazj3gqop+G2IWD5Q9nQX
|
||||||
6Oegjh5B4iKc/fktouHhh3Wc/K63DM9C0A9mkqtqrQJPfV+FseQoQbFwvInXY4u6
|
0GFAsoWVdBG/ghEl4A5ruSC/dVgXM7wGkgD8Fim7LgNm0HowmEyLPLYI8PAVp5Vq
|
||||||
HMT4oymagXt5ifcc1WzyTde+Dz6OIOowpIXXJ0PjQ+KOn0PTG7+OfU/h1Hh/ozg4
|
z1/uScM/a/2zeZaY7C9JmRHCDb5weiOliSBHLQSKPiF55bgBQKRBsN2WsxYMArr6
|
||||||
G+finffzeffxdXSjITi+lmoWUFaZAwiico2IjH8cqDWnl8XGNfukZbsNsI6CukY2
|
1YhpfIhs3eDiiTRALtyLOQrUS4xm5634ijEJ2gTzpr6XzmGJM9PPOdgbgyj2QtqG
|
||||||
aqffAZiu7MR1+kcMUjjG4OF1S4bRNYkqQej7GUdDmHn+dkJEuiN3ggXt+TW/mYPb
|
3AaSjknieubNWcfa2/nA0dRnvjjvvG8xfMJOOkX545jkyK7BVAC3/EE88XXuRMZL
|
||||||
xPvPGOqDxwdOiyViZFBvZ+0ZAij8rnMdToNsY7x68B7C+Ew+cVomiIIkT1ghzmTu
|
u2AkObphlClkW8zzF/2dTFofcjh7Ydvv3ggQBEnsuZO6LWsciuvWR3GA6uUvEAaQ
|
||||||
T/ymvlqFlXIS3PFdUPQYd/+Ttw22n72yVxHH+61Ze/aQlt0nKdViEn4D03k3uNVg
|
EbTFsLdIVxzUo4BtQ3Yk6789MPF6CZ+k3UAvFWHq+842lzPp/SzBWctkXTzixsVW
|
||||||
K8VYuDwXIFdFIga5Hsw/ozp6tKZdxSzJsQJvAm0JFVk
|
RNqqSHo9a/PEJ5FsdeUoCpov2DzQXRNtK+ia88+IDqc
|
||||||
-> ssh-ed25519 YFSOsg M0H0AhDNYpa8nD2nrDyFJOsm/SpfJ7YJXYyKZMIyxl4
|
-> ssh-ed25519 YFSOsg +eCKRumOVPPd3GEt1IoGq2We7jMXxfKgD2KM4iyMMj0
|
||||||
YiocldCbP7HwuRi3AWfnFkqpWhuIuAwjjTzV2utwmn8
|
5QOorpolodGux3vMT1XoCqK/0S22kpBUztPmtOF0fzo
|
||||||
-> ssh-ed25519 iHV63A xhkCLcpQhqQxWacnI1M1652hNc/MaeCXL3e5fPGhXHo
|
-> ssh-ed25519 iHV63A /iWGqn9ON5KWrOiiWw1r693J90gFmkW1mdgq2aF2HUI
|
||||||
0G5lFUE/gGHIz5giRjQPVWAIrHQ8LvxPpfVSBM3GEBM
|
iFzt9DBS5KsmtIjDdiIcS30ysUM2X12NdHuTbD5zvok
|
||||||
-> ssh-ed25519 BVsyTA aAdMnpKatd4CTcFhtqSj+fiA0ofy+zhbnuN5nk5/umA
|
-> ssh-ed25519 BVsyTA xcKWN2iiYPQ2pCRML9DYYyyeXgoJ90cupU8gVyRtGxw
|
||||||
LuidYMCiM7IvA/M7k7pMqo5HJmNNmHrzl6kcud+ZS74
|
gfLMdWnj42h3iv+zGP7uFRxZFqRmO4npNNMk6WGaQc0
|
||||||
-> 0d%YFa-grease |F
|
-> #6ut)P5-grease qB$ $ t5c
|
||||||
fhLc8y67dmyhWtiOEKrZThfm4sTsNP8
|
JEVAGQ7XDVC6hig+
|
||||||
--- /qZszkP7mR5whTTbCQ6JKKh2Ce+aySjeDX3HdDZag1g
|
--- 0yiMTzXw2ijpPVSdSyqxIpu3wM85mYT8cVxDBhn1egw
|
||||||
÷~a’n“£ŒÀ@Ü©>ëáºx$•sk)º[J”H<E2809D>ãÀFˆ†Eh¤dŸ^3¢A±ïËá5ô_Q›<>p†ûâôLùN¦ƒR*[]žG˜õXY“ž\®¯aƒÜtÏÔU”+ÝÎ\9ób‡«N6BÖÃ\ãýWĉ.?N'µHf´œï Ójc TAÖWAO’M
üûXîÝ…Ï"©¼v
|
»>éS効DFÂÞ"UÝ—C!ˆÑáÈ-4XOÇ« Ù$U¸“ï‘K!¹‘wyì<79>|øŠðJk¶-tYz<59>ÎF<í†X&ÀSÅŒOCé`_Tý'NA/À5×<>„gÈ$y¶,Æü«‘EÎYã[.Èa¨”þ‚"Ä,ìkw<>_Ñ÷˸ïµõŸÏë<C38F>p£Ó²FwpÙjÞõVW{Ïhx‰
|
|
@ -1,29 +1,28 @@
|
||||||
age-encryption.org/v1
|
age-encryption.org/v1
|
||||||
-> ssh-ed25519 iDKjwg hUHxNz0ZfR/cgTXIfrOobhUPxcFo8zyxD3idF/bpP3E
|
-> ssh-ed25519 iDKjwg ycwObMB/N2ylOd0U58mHULNc7FBfI6D6+DjafoQG9BQ
|
||||||
H6aIW7YO27ONIIcnmViIWaXiByJMmPFo6E8jsH1Xq2Q
|
DXYakb6Bevbr+ZO2uNWFOJYcXe4QohqyrNhW6oS7GLI
|
||||||
-> ssh-ed25519 uYcDNw +D81Yz9zAmCEeIUIxLirpd/OVnWmHQnALp3GWyxUshc
|
-> ssh-ed25519 uYcDNw PH5y1lhGq6Wh0+bKIyJhWLDKfQQEtQX56k10CzZW5UY
|
||||||
reldI2bJQ2Jq3JxHZ7wWnm6I1pTISQ9G+jjupCrhQ0Q
|
sOvcq5Va4kOBLHTNJ8mQxaxgQWxSWM7VZ8PLTLD+2jA
|
||||||
-> ssh-rsa kFDS0A
|
-> ssh-rsa kFDS0A
|
||||||
BYla6U3WqibQOXQFIQrs0d37pmGNvVulP0p18jjTXfA61vth/icCTu3V5VAHz5ST
|
fI5w3V5O4EHlG7bZGuiNyUPZ4nbl3ZqZjPttUkOMYGjw84Rcxu2Rqg2i53OEG9wC
|
||||||
A8o2gHhQfGXpFm9GMPMVe+OKHnD4Ws4cWowW8/GLMg2XgqPBdvownVwl6hspjmwr
|
mrxUdu744kMSxbP5iwLbnPGIhMbtY/HmggdaFI5JzPUrEE37GkUAFtaXCBjYoBFv
|
||||||
Mxrw1PQL63fiYmCiB49UFaQV0OIxyo3mo7kmF9KKRfdTQ1kF/vjiZuw3Tiz8ubDk
|
7UyhgYgwfvsZXL0TiEOA6k0FikfkfPKLheXZcvIRRRXz7QDufzit5M+XieLwYbxS
|
||||||
DoaK0g062iI1/GPeGH3blaZj6cFstT9UjoPbdOU9WLkDMUc0d73ih1u6a3VmIY/B
|
uiJYgc7ibuHQolTO6EFJf4+irdlXIWjWXg5M8mnEzDAY11PLYe+2CxguetrJyEmV
|
||||||
tToYCJuwcjAUvX9Y3Xolx9vKpg8dVD48T1GlPADZCyajY2fEPbJdS29jP7NwQsZ2
|
5MQNYNEfGkAa8/IfYe0LtnOiUNr8WcHDHQGoRqrKiN7yxjJZaMR6KCMC4khkhGL9
|
||||||
8sgmFkNzUq3Okjbz4lem/g4nlXQN++wdRIYgTLUfJWKOx5+bxSneRvvP6p4HyKZJ
|
e8Q9WphxHxA7Rg4TidyzQNd6dOkIWhcDUYd05rm7CldUr+E81dhB3ojYUUfuQN6O
|
||||||
O0OzJTg2ZUTqcpHvxj6DBTbg0e2KW44AkjMLIBwGxdfz3ogrfM2au0bA4SizXCsA
|
26+wraYVb8SWS4l45gJhtNhIDRJ+gBufdQafPFtxZTjlq36y9qqhJ4LKA2/mD/Yj
|
||||||
XL03eRmVbzgrBKNUUi6UbQ7iKp+OjWbM6jyZuNEwfepbedLqwDeTXHfm2gZBxUyM
|
tVrjAKJHbwQiulAmBiQPloDU3jGsbFlh70zWvUeFRmKEHQUU46GK1RdvuT29QkaD
|
||||||
JTk7iTERU5908VhlbNZY5rjXShkPzB9L5jgV23I9CwFlzYSC3mvPS7HMtWcgo8e4
|
WleEEp5BK8nuc+Zauf7xEqLRK4uoZncYGiw4tZxzhneYEBPbkK99b31c680NVB9R
|
||||||
EBBH5QptHOvaZtDtDqYia8tzKG1KUg75fP4PzKB7+DjGv1phvTyzJDd51qAVrdJH
|
gNYlIutc1ApzOlt9eIUnF/K5CudoDsfk90gIcZjpAZ9rCZ6O2z083PJ1YzpFejdc
|
||||||
PheURbBliQOQaqNnTdYfpBC4tdHAMYEp85Y8uMMihYc
|
hH/u3v21m5zCqGygFUkWs8w8DmhZbmOCjKbIzM8hZ8s
|
||||||
-> ssh-ed25519 YFSOsg SJDEy0M+3X5SmXsr9C3CDbpWfyhnmu8IUIzNOshE830
|
-> ssh-ed25519 YFSOsg LWTJhISwOh1w8Ll3MzCTiQcP+sUbcrwyCIbvTYPoIGE
|
||||||
g7jSKtpI+jUO5OC7vd6TJWOTWsIk/x9yL4RKL1lAv5g
|
gcxCieyITgqnCvRAomzKq+um5lTusjxEt8CPNxkXcDI
|
||||||
-> ssh-ed25519 iHV63A tSREgTvnNiKMGWldq/Pp2EVWBmcs18j3zFDwtoBrQiM
|
-> ssh-ed25519 iHV63A yHjOEwLCaPQu/abuyy8mH9W5wmuNrtoSps4yddnljHc
|
||||||
kT4SzAuXqbdQSgmxbAy3BogMbh5tOPI3fuGWWQMK7fk
|
Xazda+HQS2mIk3BTP9ZhgpaQQe9BhcLX7VQpCMATjwo
|
||||||
-> ssh-ed25519 BVsyTA k4rwyukpUYOGvtG9bm2dpw51P2udNnFSSldm8eCJP0E
|
-> ssh-ed25519 BVsyTA lOR29G60mxkWt2tvKaRBUTohXr0byt7WOnEHQajBwy4
|
||||||
C4Cm0eFg0KeXNf/BGX+vXIeAbsdYmN/97gj5snvRSzs
|
bq0RS0rjmOp/3jm/vJ7/pln+XU5RrpD7wPIRg0pJtME
|
||||||
-> `rk-grease
|
-> 29Tg,l-grease d{) e6z s
|
||||||
Y6ohmk9v8XByEpy/oqM1aXpmeFS2ynIRyGiHfMMez4ONC54ZGOCmr1xUwEGxv7BG
|
CqQnPxWIn/038/5/a0duF854yEgjZwNDuKrJwW/V7AkJJ5boEAUZJvwRkQ8giKHT
|
||||||
SOltfLTf/rk/0ibNlvMoTqbUUhT1A/CBzSUH1tBy1w
|
db/YoP41cx8Vpqib/pv6Aa4fb+ovwoamkAhFp/NnD1KNJwtl8wTR9WRTFI0A
|
||||||
--- DB1jba9WqtcKIEXV24rL0XmFmv1U23dEYaOYd1w9B4E
|
--- US3xOlecmIleG6Ye/LjcV8CSvsVK4oh8+SXoeK1qUZk
|
||||||
{.hP;v' ÔÖ<C394>ŸüÖmFŠfótÊ’¡²¸n®þ
|
˜K¿ ×AŒ©Wj_iã<69>–ª¦Û’(œº€áø?ÿJýóóË@e{‰c§Å¾o-SÜ¥™×qÈy0D”3 ñ’Gú÷)>Ë6€¤9¯ª2nÌå/9øryĤYK‹2ó<>ìÌuoªNçg-:¼<>gïKy!ÁxÏ]ÏûfU—‹iøM!}R¦ÅzÕûE–$MvÑÑ § Ÿx´å(¯ÍûÅ
|
||||||
4ZÛñ!E+B Lõ„âr"÷ëÈ¿³CÀT'ð'¹wýãɶ—j®>»b‡f÷ïÌ;Ë•íTË©Œárë§u;j&Žb1ÉÈ4;¯&Ò£81_‚§"o¢8]µ<>å£_
Î kÕb‘V»¥AGÁyõ¸8<C2B8>ŸÕY|g
|
|
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
|
@ -1,27 +1,27 @@
|
||||||
age-encryption.org/v1
|
age-encryption.org/v1
|
||||||
-> ssh-ed25519 iDKjwg 1a8hvqTn2un3yxJkdltenSSfEhKMHxXAKlfSnD9vCWo
|
-> ssh-ed25519 iDKjwg bydjKoMlcmku7EeLcXflr3Jtjttr3DHhxGz3EwFS810
|
||||||
xOzDWr87QMnE9UgnNimz/C+5aKhspG38RQDhhRqg/EE
|
RULNHIfG1ueMpePeFe88QKElCRI4Co0ZuoqvViFxecs
|
||||||
-> ssh-ed25519 uYcDNw Grc5lFL8+r+Evi3bDl5sCidZMZzLU1K8qiZ+Mhqc8gc
|
-> ssh-ed25519 uYcDNw vOSLnWbhNa9jo/95PrtI+XrS0Pj7CdhIZ3TWJSbQEGk
|
||||||
mu0L16Ar7H6ZGsSMGw9W9AwS+JusygM8fM6LMtMsCo4
|
AmIGuPhrQVDJcAx9T6mg/RwRu/DIeeGjmzlnnXAa1mk
|
||||||
-> ssh-rsa kFDS0A
|
-> ssh-rsa kFDS0A
|
||||||
nJnBVo6ArUYVRYUDRAPfBdxPPjCaOqM8fi+7LNLtThnyDzRm31Fgq/07Xy7ual2O
|
fDuHqn9LdtgpO3AYo07P2i9rewpURoco22wY1SnDhEHls7MkFBqPUTO2EAXMc+OY
|
||||||
0k10QbXZv3nnhjW+qimfOK9qDpnub0bULBAMKxAGrapb8KdTqpMgMhK7tuySHH+P
|
tZSSs1rREZyECH9DG8ngZ3E06t/Z0Uk9azr4RDaFmhzh9rb1KFCJkpLscuDDO7kJ
|
||||||
L8VTLt5woBz+hkla6P0o1s7pcPCmmQ6vITpGDUEGwFS/orYZdGbAe7+sPanagBx7
|
OiHT7MwNuRPWZxwT1srxX2T3jc8jKFlNUXsOpQrtzRqKWmeKbOJzpNHjmUlrvw3V
|
||||||
3xh8JRh1VszNa7pRhkRLM9wwLtDCGETT1+5iwdxR18IijvJRbVKkONX6UYkCzy0t
|
fBnVN0ai7vlvo1L9mbTgQpu+3/08CKvE7N7rFteNe+jYQRLC13iI3j3rHeOj+UVE
|
||||||
8UmVlfO7m7FN7sdvX+59+70nxhxeECuwZh52TZHaio2NyNvIioFquFZ3SfiLzdd8
|
09rTqwijRtJbkTBxt9hrFDUSA592akYHuKAt+bklbQQlFHZ9bZScE+P+mAC1+ySB
|
||||||
hpUGH1/fPTHvlCTtvI95lXbB370Ta6vpR4uOvAiHz1Oc6aAhbl6QPcZuUr6pFHK0
|
Q/XQhTr2FOO3G+2ieEOb0RGekozOGwJB3XK0sm+rVMsfMhtU/+nfbQGydFIkTgbq
|
||||||
5zxlOgc0+3nN9Iv41KbNfoyJYrEVVuMCizdbeyFGTJe+kKjdKbBblJSla0hUGINB
|
BKnAk+l94h6F3W3WmpOQTBbYVlfou3hmv2aodOYfFYpUHi8kQR0y6dFkARU//zz/
|
||||||
ZsKhzLG5jmCXDo/WC3vVImBN2R+0AWvqoL2jME+jrOmbAcqYToJrv886cEkxdaxs
|
cS8gs7w23JwGinBVSfsISkCMaM1/lnR5ZRnYtHIaU8aG5RAZhx39+vjBYHsJPKDp
|
||||||
O3DeXLO2hIGpVMVsrsMyHrF7cBPQ0lahM1tlIzdlzbMeDjM6HO/WYa2fz8XGwXu8
|
DoaATj1bskIcSTzqPIu7s4B8gI9MuEid8eUAjgBeuxAJCa59k5OxbtVAVx17DGn2
|
||||||
puBTtRyg0DL/06s9Hr9WqzE1WiEPVl2jhze8jsIzshcN1yCoV/dKnmOVBPj6rBxd
|
QkLd/kn0xrJOPyY81fjqS7fapq9+gvxLqdyyznPQA6WKkUJ4DumAxL5lLq70a9I/
|
||||||
dl5XfpO1d6AOtHx1RquWa2BQWp3nkWvYMgTRaPbpK44
|
dzk/AC5Jtf6SxqRzX1eUJR5SGI5aSJxo3Hih3m6nuLs
|
||||||
-> ssh-ed25519 YFSOsg eqXDfDhoOgy4g7nb1X1mfT20kfPkixWs9QqpaaDwCyg
|
-> ssh-ed25519 YFSOsg +N6SyzhtCailgt6y4C4/0mlGjuxWS0bWHakRX/Bbliw
|
||||||
+4aFNWh+b1BeKUqPGU79R9EkbFDp/YMSBYMMunV2YrI
|
bkQi60J0nfB/ujoYu8SiIxXp0Ff48MuNzoW0/CDd7AM
|
||||||
-> ssh-ed25519 iHV63A F0kH/Uq+wX9F+RDZwTQW4MF8hSo+nwOSTH4vOQF53nA
|
-> ssh-ed25519 iHV63A nrHBLzAxmvsxKvEKH6oqS0XIQ1K2kFmPZdOVmzKT00A
|
||||||
d20TVZfePKn9y5PWZ0XWV2Xr7N2Ma6V3eSroOiZcgXM
|
R8t/WCmvSO9SBR4gDxfNArdo55NuolHCKYRNtF5oPTs
|
||||||
-> ssh-ed25519 BVsyTA VvabFmOpUc+TCAFKQYFmlPokmFyqYiD0W9hELvOXv24
|
-> ssh-ed25519 BVsyTA H0lSXGJX+7TplHCmePj3AKeHLf+6GnE4pPKc81fANG8
|
||||||
QJ3LX0bqOgujAB/2T//oCctA/fv1Jc8WugVu6iM9gxE
|
ESTz1sB2HWity5dnao69KuFBa5JGeTEgkqYg8lFQICE
|
||||||
-> x\:P|P,}-grease @YO [b'lw5 *.WKU
|
-> ^D4?-grease R ,*WNbA@u l$*s}U|
|
||||||
hfTYY2Pu
|
9LAkmaox13NiExiel18LqRT8hUryLKA
|
||||||
--- vCfB3aNBGwwBSvtdjzAUKCzCt/z7YvufcAf/VhaZfcg
|
--- VuPVAYEmjv4FCkPmiFUCqdtznMOSAGslqarqFZnibuM
|
||||||
•Àâa9™r†ûÏ_GMSs˜˜Œ#ˆ(¾»;´›a±·(Ãy<C383>ƒ&¤ï|<7C>!wá„i–GÈÁ!¾e4¥Ùxc<78>
|
›N>Ë_mØ<6D>(º‡$¾°½j6PDBNµaó‹‹iüÕ…röaÑ„¡$£ç§íÎ|tº;ÖñCLx£¬
|
|
@ -1,28 +1,28 @@
|
||||||
age-encryption.org/v1
|
age-encryption.org/v1
|
||||||
-> ssh-ed25519 iDKjwg GHVh1GUADEN6UVTUYntCaYfEqH+LX+gvaICkBHJ5OUY
|
-> ssh-ed25519 iDKjwg Qpq2SP58ytg9NXD8eYvlgvVhaJMOQVnTxhDrydMNHjA
|
||||||
rfoD++gVdnZ5HSlXbCOy8Pn7if6QM2WRaShpk0dCJ48
|
V6ES5O5wFL52G4Oc4dGFWkqdFMkb3DniEex3a/fljj8
|
||||||
-> ssh-ed25519 uYcDNw kKeYQIaKjVDKMDBkluuxarRfv2wR9W5TKHzbu1DR2hQ
|
-> ssh-ed25519 uYcDNw Ll11H3DdUax5iCn6QNz4zZO7+R6ied79GEu4HEfXujs
|
||||||
bfFYcbcQ7De5hwkCng/CIZXWLHgr/cum0+OfRs5ESvI
|
G4TE/qDl1deBy4g50lNcKKVNvFxxj+9HpgYKVHt2km4
|
||||||
-> ssh-rsa kFDS0A
|
-> ssh-rsa kFDS0A
|
||||||
pAZ0JEVyYZk3U1vFH/STAuHucNECpbhDdnJR7asfMt2bgTs1dvI9ZA5XBpJs3U4a
|
gtXlJkXWTs2pvW6sm+FzDo+WaEh2S2ttIflw7x4Jswqaa7b/2VbnHn89NyYNG7J8
|
||||||
PntBwgYebJyHhgeZ0L7q5NYE6eLVThkxnWvm5OP2NjPyTgGUxjp+NA7WNw+Fc/gA
|
+n/Un8IbG4wh7hVsbhKEOZA8S1BC0c8gXwLoexgF21GYmbWGUR5xdbhVIPnJmJpY
|
||||||
mz//NLMmKVHuknKBVEaZn+2lBWaIXyTkD3KetqxChDcXSnKswesLa6LdHLfE97jP
|
IPgp7Ai72BEv782CjAVlAORVNzr0umtfq3PUlq6NXiYiyb7MT5g6SNd5Avy5r73s
|
||||||
gHX5Y+JVNeGOlHPn0Ds40I/aFGJJ56p3cD3nTsgoQyGpoQGVIVHO6ghRmVjhSkW4
|
bUZWCUW6m63kDRoVNgfGhrSLHFi1AgLroIqhuuOiRWj16lTUVxh2VkLwRPERy6V8
|
||||||
7ZfPluq9G0u3NbSD3YjnLrAmUzdJsLPmYme2vvu0YKJr40TG6i5m196DSDuvAtM4
|
jUpb9nb1uAYzMMeMSAvRM5actTJxQA+5chSXUMhp6MR8XiB+EFFRpIDkcfs8O2Hi
|
||||||
XhiClq7a2KJfmEF+epVdoXo/7GrPs/F9Bb+NV1S7bVJX7Q87gQ3bbFq2LISu8QvD
|
0QytXBo3W/NBNLG2RUgLMfq2mnI3bXXvxJZXKfmNxE6e6RVR6tSg23LlzkFtmE3c
|
||||||
HUlx2hJh0fZXpBv6yHIqXutEL1g6XCtpkli15wrHBfEQHOxP6mB/pNeM3gCYwOLX
|
DGuYYBz3h4yxjkkjvKJ0VJ1IhQ5wvghdKs7kM+n1wHNOPBSKom/84uyHDvPrTr/0
|
||||||
ZdVqpR46OzOErNDwXTniwQecuKrRB9ecTjmmRZycEZErgEcASEZgAlfu2Q8EIW30
|
7S4Wx12l7DKZtTzv3UItPmBVRSEjbBOMZpQo/13rLQ1bx9WBeVVNSqjpy68W0Dlz
|
||||||
65byX4EWskm6qlhLxp6SfRXlVcA9XcwIg6q2E2UIoEukZQ5zJNKcFAYec7/xTXs0
|
tI3oWX9WIPDUB7xyCXHebkxGJ0lBrza85jnFt5zASbHXeq3pbo7rjPWt6c5oWuiJ
|
||||||
DrLyGkOO+8C0lmCDY8Escd4cge2hIbIcsnQdkfh3NQT1ZqXEXkef/XB6yMEzvysg
|
X/OtIXKp0sxeXEgiOoAnNn+yVPBm/9b3ote+T0MwsVVLXQ3HCsYA5mXZCfRK5OA7
|
||||||
3Z13W4dcxwc0ylRFwm2VKcBQD9jDwCyeV4iKohFIyJk
|
w3nqorCBnBCyE//MCo7j+A1W9HKtDKAJltwfhemhtiQ
|
||||||
-> ssh-ed25519 YFSOsg X4DtlP1y5JXKyaYXJ/l18S7cOGIDlwk3vhrO0Vk6t3U
|
-> ssh-ed25519 YFSOsg kTmy8aPCd4THlnO6SWyW+Ifc21Ggau4fxdiQkjyvNwA
|
||||||
OXzEp3tRncra6pBvDoeiLkF4SlaHZ6E6j+UV0q1WB80
|
Ck6dc8IpHhnuD6FeHJ09vsdcgaoDfYGfqI5bvYV6CKA
|
||||||
-> ssh-ed25519 iHV63A AYUNvys+v75VarEdcZ1g9r9bnW76Tfq91gWnyED7kB0
|
-> ssh-ed25519 iHV63A lHVBVGdvw1yp3huhqfGstff4UKRHp4wmbGpZPJxHjwo
|
||||||
zloI/t4Dfa4re850ldwdFEjbF1OR/5G8VBAl9n7umEs
|
eWqfE+s06UgBSK0m9/GWWvhFf6ZcsN7vsygnxeXBF7k
|
||||||
-> ssh-ed25519 BVsyTA glhHHYg1w7qntg8J3y+6zKJHBaC6PZWFQJnmiQR6axw
|
-> ssh-ed25519 BVsyTA vUCYL+NZu8VT8G+bkd/LknxH/7cB3HwOalTZ4Escghw
|
||||||
WiIDKiuzouGyiyANmEp25T1Dv2IRyRx+lovSpdFP/Dc
|
p+RZhqg6voORDwSwWZ962NOpIn6kX3cryuhbqVD7rzc
|
||||||
-> wcj`iUv7-grease <d5F W
|
-> LzOpAF&-grease mZ4f4.74 8%Wkxw
|
||||||
dXdOZ0LN94OwYEvaS4paokqfZm7hqw
|
i6KRW+yK4flm+3fDrVbHAIMNzcbqErlGKHoAZJOwYrhl0tAaZBLk7IIPQ9bas3WQ
|
||||||
--- oEfnrJu0i9DSupMbQS0hKyVuI9mguqQXDcvXjXUIFS0
|
ZbJ6fgj/YYbgRhX0jUcmNwv/5tI
|
||||||
‡<EFBFBD>—ãaãW(?ÍRÏêþv¥Ô9S$« :ʉ{Içñ½ô< ¾|&Øy$ؼ9UÑC>}ˆSs¶Q!½ê·/ª4ªöY)þV\Q\y_»Ûg+ÅHÚ„Ho‚Nþ@™w§d†
à@ ¯‹ª<:<0B>NO
¼Òí»X±°–„!Ëâ£/̬Y7“Þ_³«Ë‚Ê ³¤¹’¢Ñ¦A}^»q
|
--- 3bobJwE4FKDA2SnlzdzzTfMO8NU5+PvG+5of6jN0eCQ
|
||||||
«Øƒ
<0A>àïÄúÉ<C3BA>`:/"i²ÀqjÙÃG³½c›[ó„§>Yõäè‚tTÆ:ƒh$ŽšO¡hù#,¢ÜûR‘£[×¥F–€žŽ3a]©ù€¯{Jѷבþ÷"Æ¢æ¤Þª<C39E>ã
|
tF]+>à`]HÁôѸ…}©T7VÔ¾²Àµ`<60>®Ý£®è!‰‰&]ÈÌZó^†#ÓöÈëÙ‰Ò‰¡]Þi`Tk<54>|<7C>bÁŒ´Rx§&›^¢n]‚à.<2E>|Ѧ$Ú–å“h4œ¸KLÍ0<C38D>x»^q_Pó^¨Ô`Z!pc¤B1}ÐœõÓò<C393>xöîbYv»Öò©èØ"ûQAÆÚN`²±ì4UX‚žÙáYlÐ<6C>Wê®ïXÚe.Ûðd£r<C2A3>Ì[SÊŸ†àí<C3A0>¶Ä¦,½ÂQ~C<>ìWÅÙÜbø3fÂþÂç)$íÓ_MkP‡¸‘›(PdxU¦o9§9h
ŸŠÈKa¹7ßò˜
;Ê廌äî³áMÀ
|
Binary file not shown.
|
@ -7,6 +7,7 @@ let
|
||||||
teutat3s-1 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHcU6KPy4b1MQXd6EJhcYwbJu7E+0IrBZF/IP6T7gbMf teutat3s@dumpyourvms";
|
teutat3s-1 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHcU6KPy4b1MQXd6EJhcYwbJu7E+0IrBZF/IP6T7gbMf teutat3s@dumpyourvms";
|
||||||
|
|
||||||
nachtigall-host = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP7G0ufi+MNvaAZLDgpieHrABPGN7e/kD5kMFwSk4ABj root@nachtigall";
|
nachtigall-host = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP7G0ufi+MNvaAZLDgpieHrABPGN7e/kD5kMFwSk4ABj root@nachtigall";
|
||||||
|
flora-6-host = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGP1InpTBN4AlF/4V8HHumAMLJzeO8DpzjUv9Co/+J09 root@flora-6";
|
||||||
|
|
||||||
baseKeys = [
|
baseKeys = [
|
||||||
axeman-1
|
axeman-1
|
||||||
|
@ -19,6 +20,10 @@ let
|
||||||
nachtigallKeys = [
|
nachtigallKeys = [
|
||||||
nachtigall-host
|
nachtigall-host
|
||||||
];
|
];
|
||||||
|
|
||||||
|
flora6Keys = [
|
||||||
|
flora-6-host
|
||||||
|
];
|
||||||
in {
|
in {
|
||||||
# ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBB5XaH02a6+TchnyQED2VwaltPgeFCbildbE2h6nF5e root@nachtigall
|
# ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBB5XaH02a6+TchnyQED2VwaltPgeFCbildbE2h6nF5e root@nachtigall
|
||||||
"nachtigall-root-ssh-key.age".publicKeys = nachtigallKeys ++ baseKeys;
|
"nachtigall-root-ssh-key.age".publicKeys = nachtigallKeys ++ baseKeys;
|
||||||
|
@ -32,6 +37,7 @@ in {
|
||||||
|
|
||||||
"keycloak-database-password.age".publicKeys = nachtigallKeys ++ baseKeys;
|
"keycloak-database-password.age".publicKeys = nachtigallKeys ++ baseKeys;
|
||||||
|
|
||||||
|
"forgejo-actions-runner-token.age".publicKeys = flora6Keys ++ baseKeys;
|
||||||
"forgejo-database-password.age".publicKeys = nachtigallKeys ++ baseKeys;
|
"forgejo-database-password.age".publicKeys = nachtigallKeys ++ baseKeys;
|
||||||
"forgejo-mailer-password.age".publicKeys = nachtigallKeys ++ baseKeys;
|
"forgejo-mailer-password.age".publicKeys = nachtigallKeys ++ baseKeys;
|
||||||
|
|
||||||
|
@ -45,4 +51,7 @@ in {
|
||||||
"searx-environment.age".publicKeys = nachtigallKeys ++ baseKeys;
|
"searx-environment.age".publicKeys = nachtigallKeys ++ baseKeys;
|
||||||
|
|
||||||
"restic-repo-droppie.age".publicKeys = nachtigallKeys ++ baseKeys;
|
"restic-repo-droppie.age".publicKeys = nachtigallKeys ++ baseKeys;
|
||||||
|
|
||||||
|
"drone-db-secrets.age".publicKeys = flora6Keys ++ baseKeys;
|
||||||
|
"drone-secrets.age".publicKeys = flora6Keys ++ baseKeys;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue