From 067ce16246eedf016c777798b2f73241e22a7971 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Benjamin=20B=C3=A4dorf?= Date: Sat, 23 Oct 2021 18:28:28 +0200 Subject: [PATCH] Remove git crypt Start move to /boot kernel mount x-os: prepare booting from unencrypted /boot partition Move to systemd-boot Remove all unencrypted secrets --- hosts/biolimo/.gitattributes | 1 - hosts/biolimo/base.nix | 28 ----------- hosts/biolimo/biolimo.nix | 2 - hosts/biolimo/secrets/keyfile.bin | Bin 2070 -> 0 bytes hosts/chocolatebar/.gitattributes | 1 - hosts/chocolatebar/base.nix | 31 ------------ hosts/chocolatebar/chocolatebar.nix | 2 - hosts/chocolatebar/hardware-configuration.nix | 2 +- hosts/chocolatebar/secrets/.gitkeep | Bin 22 -> 0 bytes hosts/chocolatebar/secrets/crypto_keyfile.bin | Bin 2070 -> 0 bytes hosts/chocolatebar/secrets/hdd_keyfile.bin | Bin 54 -> 0 bytes hosts/chocolatebar/secrets/keyfile.bin | Bin 2070 -> 0 bytes modules/x-os/boot.nix | 28 ++--------- secrets/.gitattributes | 4 -- secrets/crypto_keyfile-chocolatebar.bin | Bin 0 -> 4628 bytes secrets/hdd_keyfile-chocolatebar.bin | Bin 0 -> 1619 bytes secrets/keyfile-biolimo.bin | Bin 4854 -> 4832 bytes secrets/keyfile-chocolatebar.bin | Bin 4832 -> 4693 bytes secrets/mopidy.conf | 44 ++++++++++++++++++ secrets/secrets.nix | 11 +++-- users/ben/.gitattributes | 1 - users/ben/home.nix | 5 +- users/ben/secrets/mopidy.conf | Bin 454 -> 0 bytes 23 files changed, 59 insertions(+), 101 deletions(-) delete mode 100644 hosts/biolimo/.gitattributes delete mode 100644 hosts/biolimo/base.nix delete mode 100644 hosts/biolimo/secrets/keyfile.bin delete mode 100644 hosts/chocolatebar/.gitattributes delete mode 100644 hosts/chocolatebar/base.nix delete mode 100644 hosts/chocolatebar/secrets/.gitkeep delete mode 100644 hosts/chocolatebar/secrets/crypto_keyfile.bin delete mode 100644 hosts/chocolatebar/secrets/hdd_keyfile.bin delete mode 100644 hosts/chocolatebar/secrets/keyfile.bin delete mode 100644 secrets/.gitattributes create mode 100644 secrets/crypto_keyfile-chocolatebar.bin create mode 100644 secrets/hdd_keyfile-chocolatebar.bin create mode 100644 secrets/mopidy.conf delete mode 100644 users/ben/.gitattributes delete mode 100644 users/ben/secrets/mopidy.conf diff --git a/hosts/biolimo/.gitattributes b/hosts/biolimo/.gitattributes deleted file mode 100644 index 793fb472..00000000 --- a/hosts/biolimo/.gitattributes +++ /dev/null @@ -1 +0,0 @@ -secrets/** filter=git-crypt-4406E80E13CD656C diff=git-crypt-4406E80E13CD656C diff --git a/hosts/biolimo/base.nix b/hosts/biolimo/base.nix deleted file mode 100644 index 51f2e763..00000000 --- a/hosts/biolimo/base.nix +++ /dev/null @@ -1,28 +0,0 @@ -{ config, pkgs, lib, ... }: -with lib; -let - psCfg = config.pub-solar; - xdg = config.home-manager.users."${psCfg.user.name}".xdg; -in -{ - imports = [ - ./configuration.nix - ]; - - config = { - pub-solar.x-os.keyfile = "/etc/nixos/hosts/biolimo/secrets/keyfile.bin"; - - hardware.cpu.intel.updateMicrocode = true; - - networking.firewall.allowedTCPPorts = [ - 5000 - ]; - - home-manager.users."${psCfg.user.name}".xdg.configFile = mkIf psCfg.sway.enable { - "sway/config.d/10-screens.conf".source = ./.config/sway/config.d/screens.conf; - "sway/config.d/10-autostart.conf".source = ./.config/sway/config.d/autostart.conf; - "sway/config.d/10-input-defaults.conf".source = ./.config/sway/config.d/input-defaults.conf; - "sway/config.d/10-custom-keybindings.conf".source = ./.config/sway/config.d/custom-keybindings.conf; - }; - }; -} diff --git a/hosts/biolimo/biolimo.nix b/hosts/biolimo/biolimo.nix index 25e247c4..820225ea 100644 --- a/hosts/biolimo/biolimo.nix +++ b/hosts/biolimo/biolimo.nix @@ -10,8 +10,6 @@ in ]; config = { - pub-solar.x-os.keyfile = "/etc/nixos/hosts/biolimo/secrets/keyfile.bin"; - hardware.cpu.intel.updateMicrocode = true; networking.firewall.allowedTCPPorts = [ 5000 ]; diff --git a/hosts/biolimo/secrets/keyfile.bin b/hosts/biolimo/secrets/keyfile.bin deleted file mode 100644 index 143d8bcd637f42804c8c5fd0f183ec56538ba759..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 2070 zcmV+x2H$<9<5*_QBp^)v`Q1m zk3P!Yss>R9J(y>d)g%M&h`dCoGe{jm4qQr3X~%;TiW_)p1ZgrtMjndcsP_9Obl#kj zX91BPp1tjl&(GQ9>JP+VtI*GAp9H+8H{*BE<{~Z`FiPs?Zo6pg>A2`So8q;#L`W%} zU^H)Ydf(m--B*}DEY(cZ0VU~e=%!ZVie&OUKpW>5w~G6QsOkZV3KXu*O8-Xv{7BvC z;Rf^hG<;jIO3A`Z@mWnhi@4w&e2S2Yy)kX zg-tgUeaENIy-Lu!CZLIly5lAuE$L-%;*Eo3S-Nd#=g-M{2c-1v=g#Fsz!YCN;S1y+ zN_v~`;CBe4M!!h|VY|&ItI*z;bgiSSL=DCnZ}~7GLVC4%;o(k@mte0N9@<)JojObL zY!&Ynk1>5en9cF!1uHF}KX=)i^~55XEs6Y!WK! z?~?p2VeCy_^;@n@bE!dW*Z(!C^nXgGad&fSM%K>UxDxiC#Q{_c#2I`@zE1@6xK&xXBmjgwTK306t%ywppeh}403OD5j+K>nI=u_-Pep6R}h0G2AfAI9ua2( z8ZfV!@I4c9BVP0TLG~%3uy>mFI0>EB#eJ1IkTo>80&IHAcz7{r@P0wF2N^-bsr;2+ z#K@mq+;P)^AUk?_$VG&MGYzv%f@~Fh_|lp(RXQ`h*jh8iIz;uIjT<^V+HC*z45Arb zZzl1iRf`GuC4tGXjzXf=RyxekdWJ&I2h*ynIc5SgHAnTU@skiLO&N5B|L&=bCt=Mx zpVGi*vZ%1|z$Ng2d9IS}5d{eSW}Shl-H0H7=v4WvuVLc`9NLcQsp;=&DSGK_i~%IGz2(9Gg`vg{q#j z(pH!0T@DHzrsoE!@v&Ye**MzhUHm1WrI}x6-QVr2Z?jM`-uRq(-7^74yfc=9UBZXa z)ubFQ8D4^0{nP0+i{bU;-UkY$58k&tB@MB@LcPpX_Q8E&dgqp7f~nMp z7>)WQN^(B{ZD>x6ywzEGjfz_)WM(|*D_^na$#3|MpfQ|K5^|QTWkvpJcRv#g- zVkXrpKYHE&j*ais^#HN0Pl2Pckw4RsVy6eF|SMm_B z`q`!4>Ry37m_^;^MfSnnzp;(dPN7M($qBHmcoG0!l^qI3;?B-dC5^#0bkg zZBJ$jkZB&uDFbx{T_%|Kb7%lJc#l_66pOmj5{l=iTd-^yqzk|0@SeyE`Q+gu8X44l zqv{r_{99ulMp9cusa-mpB{d}N`9sv3Obo>n`CGnvW!{yvR*WS^LP0*OT>AW);+ek{ AjsO4v diff --git a/hosts/chocolatebar/.gitattributes b/hosts/chocolatebar/.gitattributes deleted file mode 100644 index 793fb472..00000000 --- a/hosts/chocolatebar/.gitattributes +++ /dev/null @@ -1 +0,0 @@ -secrets/** filter=git-crypt-4406E80E13CD656C diff=git-crypt-4406E80E13CD656C diff --git a/hosts/chocolatebar/base.nix b/hosts/chocolatebar/base.nix deleted file mode 100644 index 10de4abb..00000000 --- a/hosts/chocolatebar/base.nix +++ /dev/null @@ -1,31 +0,0 @@ -{ config, pkgs, lib, ... }: -with lib; -let - psCfg = config.pub-solar; - xdg = config.home-manager.users."${psCfg.user.name}".xdg; -in -{ - imports = [ - ./configuration.nix - ./virtualisation - ]; - - config = { - pub-solar.x-os.keyfile = "keyfile-chocolatebar.bin"; - - pub-solar.virtualisation.isolateGPU = "rx550x"; - - hardware.cpu.amd.updateMicrocode = true; - - hardware.opengl.extraPackages = with pkgs; [ - rocm-opencl-icd - rocm-opencl-runtime - ]; - - home-manager.users."${psCfg.user.name}".xdg.configFile = mkIf psCfg.sway.enable { - "sway/config.d/10-autostart.conf".source = ./.config/sway/config.d/autostart.conf; - "sway/config.d/10-input-defaults.conf".source = ./.config/sway/config.d/input-defaults.conf; - "sway/config.d/10-screens.conf".source = ./.config/sway/config.d/screens.conf; - }; - }; -} diff --git a/hosts/chocolatebar/chocolatebar.nix b/hosts/chocolatebar/chocolatebar.nix index 76175878..0e635619 100644 --- a/hosts/chocolatebar/chocolatebar.nix +++ b/hosts/chocolatebar/chocolatebar.nix @@ -11,8 +11,6 @@ in ]; config = { - pub-solar.x-os.keyfile = "/etc/nixos/hosts/chocolatebar/secrets/keyfile.bin"; - pub-solar.virtualisation.isolateGPU = "rx550x"; hardware.cpu.amd.updateMicrocode = true; diff --git a/hosts/chocolatebar/hardware-configuration.nix b/hosts/chocolatebar/hardware-configuration.nix index 0c623c23..a87bda5c 100644 --- a/hosts/chocolatebar/hardware-configuration.nix +++ b/hosts/chocolatebar/hardware-configuration.nix @@ -22,7 +22,7 @@ boot.initrd.luks.devices."cryptroot".device = "/dev/disk/by-uuid/afcde41f-9811-4ac8-bb7b-a683844acc5c"; - fileSystems."/boot/efi" = + fileSystems."/boot" = { device = "/dev/disk/by-uuid/12FD-62A8"; fsType = "vfat"; diff --git a/hosts/chocolatebar/secrets/.gitkeep b/hosts/chocolatebar/secrets/.gitkeep deleted file mode 100644 index 43bd4fb3660b2b523249ad729a18c3776ac88d82..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 22 dcmZQ@_Y83kiVO&0cyjI%+uq7$G0C^>LjYQ%2?_uJ diff --git a/hosts/chocolatebar/secrets/crypto_keyfile.bin b/hosts/chocolatebar/secrets/crypto_keyfile.bin deleted file mode 100644 index ca34df9d0c4aa91f557f23974b638603ddd7f07e..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 2070 zcmV+x2dRU8pSp_ zi4LcNkE$cA4lRj7>}gw?yKpj792b_`8G$S?m+JaxT1`0vY}Nvbu{&)_%0V8Xxsm zU@!gY#`@0z8GFVYwuc|wG*WYu{l!B4C!_Su7XmKn%t)CKV9Q}}B7aS*z2zib_QW)O zo0wM+yEl&JnJWrH;=VzNjOWZfv=aW$fAN-fGV4bV4@jQ|=R`y$Ct=TC%di;?f)z05EWYgb5`gQ0_R7$MH4Egrz_5u76MIk9o7ijy8zm* zy#HU$>z10CCx4WEMaQKBt3vXm+TF3H=-;xjm?FX7i3Ccx?t&2}zB>r+mmm+9A|4Vs zD%-iKP5*&`W?^GN<_NmOWLr4fOP^2%Vm==UDx($~u%v->M)>p~Jc1vUt;_SVSD~O9mG^O{MIYXUlPGFZ!X2eZ=$ULx&8gx=#(!PQBYp54% z8-mXSRInyj-^%X+p4*dw{nHPSEbu>Xu}*bEU^TOJ=I464KB9t_Mo-{+crEv(;Z#MQ z3mG%0N$4Y>b%q#TmsTtH!0Ew|^NBjP*lXU3=`h`7q!F54(4&?LZ9k`I6g~T?J<@a) zcdrE2BCXd6rf!;GkXWvnMRzKP!9f1F7M;^jy^oEP9i`jJW^;WRZMxFs-xvkEbr_z> z!r`5u=|_+p?nRnUKe}9kxtIMaGGx?nB0)QkjQTmz3>90J40k8u5~39 ze64XqrvOCO9sTHB_gy-R(oOmcaWV8XkmdGUQ+0-!r&5zj!@6JSI`gkb1hPihoVG7S z(X__}ggoVA=!mYvrp&Q`&Qh=uztcv;)b87cJg!&_EssYqJ0wP&XZnukl(a74QiEG7 z*3m$^erF^LX0m0Wt5F5NR4}B3lmbe$mQGRX%1)gTk9K651d{Pa`FsXG^6LO<;7~;_ znCM{j?Dmg8K=tJyPJ_txhM~^$>Sk!g9nQQE%yu6tFbqEJ@b+s7{w66pQ+8w{o&9%JR3G~3aB(nfjB8vN zeEGumk5Kof-hZ`s@I%lqASL)hZMcg-_U=J0xF}^DDia6tBqXE4ldW~5hVEuEO5f}n z%ZB3z#Mu`_{?0A`7CXZL+d_KV9f0IrDiRY7Ch9*OBb4s|`$7?v>%hM5GIJg(zYOV# zS`qee#C2e57ucVq#bEBWC2|{)`r`gW6Yylck=8V%FPZj9nxYx7I_ULk-ANvmH{F<| zh$Gsh&6TPu2$T`**l7Y+N>{F}Uk@wpXDQ;->@qH>n8!I_-_d|se(EP#|-2=dj& zxnBpS=r@}iQF1fWvkS)L_x)SS0W%Tj2S0u{Et_uEj_o|M$$!MOlU$YDk-zN2SS%*C zFmTN0Fuz_tU#f%~`S}>S61jEl@vqH>ezt4CHAGN~AK8S43;=SCDO`*i$OsDtwotEw zUbWopY}qmRH!!+xxie`hdawe3tat~%o=!KM43@sP!JX!At7FDvsL`WOO&?tB-CXIc?0QtDXK{61sATo>dHb&BGTPv74+Um%Erw&A2z|I8{) zf4!a6<-xUPZ513MVhRr`6eub8;hJmEJ3iP{7@uD;lvslJ{1cmcsV*fGdsEtO3D(he zk9}2Z(*@|Q+8uB)pl=z^BvuYFb~1|^2`tS5slB?0ksy>(Q#q4R9e<)2d%HvcQ<-ZG z1*P$xPpD4PJ?{XiU*c)+fO2v?W1anrw0C473})#sh-wqSzsc7$ja%Xo9+uL-qV2_w z#{QBq^rX=?efH?49(DKBHu%Hz1g5-1016^w1YH~TxCAr3v*G9D2GE&j`(~wTRnIoz zrROB#VRci_FLOs9Z= ziqYvXRy)RG>N`~7*v7LfSxvcg@360Ok9QNf5bnUqsc+bknDuppt5GEvmfNBtOI}O; z5-f*)c6FBE96TcXX0O)y$Z=!Q$y-{1+ts`j*BQtAq`tgoHLtlA2&myCt3h0Br`DrT z6)V4ft)sXjIABiNoXFpyY5!4?dTVuf1Udq-FQoYDE(*{gcO2L2+5xh9w;g0biH z#MqG`DhBO(oGIlilFLc$@8(N_AYOI_^+H7l8YCngfRdZeWcjJA;LB9lKr=^5RL1es1(3CD0_Av)lrdqDfxfB?j5 z_RF4wQ_Le3`uj;7m;dt3<1M$g)+?I7ob-+&zZ!^{)M@N$YG$h9_>)fq@31Mt`9~xf zg}R~&2DsJIVLx#2jQdAA_tnZKizHDc14+pETetx0XfOiR^4In5mr@j^J&3s5CYmgB zIxCBu!6ytz!2NRU6+YzF*1nEdAk4yE-^d~rKkS4t2vq;xq6~$21+lrkjM{`JUY8tv z)IbtBK2r!zoM-mO>hGt2GLOHhg{>Us8@ z;Oh;ne=&lhFs~hkZIa`KinXyUP3|b%A@k2bfJD_Ve!AXC!>Se1Ktdv=98zyTMKn~b zjjxN?4v;0$HxU@}kY<8sd&iigB|A7{NtNQdQh+X}3;&}=+VLgjhzkO@f@ry_!a6{n zuT~_f8k+$p2sG7bB1sC{4AdXiIiXTa#m?T?Mh_gjZMS?C@fXn0F>(gS#$~K7KW2An z%TEPoeeC0$%_hsN>us4KD5Q;BT&sKO0&=4PM%>dx@7J)|ezBl?FS2#<@w^T{_x2*0 z-i6m4b;cODoi__xjt@oNa~YoX&$#h@zk5O&rNkLqC@A!QlbVD1@TG0dQK(HD>_hJUMZ`&|y752sPY@4KOZooYAzs5q)JU4hdk^T{5i zSW&mEratM*_)0GY?4;RjVDow}JT_aV_X$%x-kE)(YUepH#Sw}o{N@_qi>V)fMnuPU z^1lyN4Z{}tOb>O%K=5H-6{cF%QG*eBaO2HcPS0PerK|os9RW0DK8qX<|9D&l4XtR) z*}NTJeld@&sp)lCTWTa?#`ud3BKrs?gdWoNvc0x1(jMBb{pkk#4z|_F7kHbbVObvu zlRiBhr=js@f^Y~4Jv5R4+tRa))DR*E0uq`v{dM^_AU}&XD2&EcJ^B0~=t5xakmt9v z^4x=LHqxr_)DO!2lug_{3t;g_7BW6s+$ox^$XJA~b>Dv(hl zY5A<4rRYW><4s5@x-Uj24!@quaOI4I!~!-VUum0{+{NPt>tA(dha`U!Zt$EiF_aoZ zbbpO$aEq8~ZxrbXcm6jBEwC6O4bS57ppXLhzvn z-KM^@2mq(=G8&|&XISQMjuqB&!vayL5|legWYiXWe^Y8En{(YSzQsg$+3wMCQ#U%T z?aiB^s3Wlbjcw}VJlAmo-k`J{X9`sSo{p1Ig*GO=-&!E;u)aNFEEppDLSJenuj_bb ze3DAh6@EYQ5J#D_uzqRvRp&+|nv8|v^5nUqGI6~lHfYhO2q;YJ<{u!n6Tk&p2}s^N zeXPJzRy)>WKJP!HgYwM50;_*{UN{29+YZ*#<{OnLIaU?5mzSI>##|;D-1~VaO$$N> zxHPzN_ad-y*EgOD4O6^JRFDu@_a9eko>#bEj)jHz3NN$+W?D+OwXq&6Z@fr zr6iK?_wXEz`lVIn^Q-wwnmU_==vVJ76@P<7j-@5s6gm{MtbYdh6>;i!vUV`S2Bk;7+LcgfCB;l zR!-8s5IPIgR$TJbSw_3kjqoYo3?<4-62AHah&Uq;GmCI?lcNwn?OGg#RjJSY?(A6j AGynhq diff --git a/modules/x-os/boot.nix b/modules/x-os/boot.nix index 176d9d4f..7b24cf17 100644 --- a/modules/x-os/boot.nix +++ b/modules/x-os/boot.nix @@ -3,41 +3,19 @@ let cfg = config.pub-solar.x-os; in -with lib; { - options = { - pub-solar.x-os.keyfile = mkOption { - type = types.str; - description = "Keyfile location"; - }; - }; - +{ config = { # Enable plymouth for better experience of booting boot.plymouth.enable = true; - # Use Keyfile to unlock the root partition to avoid keying in twice. + # Mount / luks device in initrd # Allow fstrim to work on it. - age.secrets.luksKeyFile.file = "${self}/secrets/${cfg.keyfile}"; boot.initrd = { - secrets = { "/keyfile.bin" = "/run/secrets/${cfg.keyfile}"; }; luks.devices."cryptroot" = { - keyFile = "/keyfile.bin"; allowDiscards = true; - fallbackToPassword = true; }; }; - # Use GRUB with encrypted /boot under EFI env. - boot.loader = { - efi.efiSysMountPoint = "/boot/efi"; - - grub = { - enable = true; - version = 2; - device = "nodev"; - efiSupport = true; - enableCryptodisk = true; - }; - }; + boot.loader.systemd-boot.enable = true; }; } diff --git a/secrets/.gitattributes b/secrets/.gitattributes deleted file mode 100644 index 901863e3..00000000 --- a/secrets/.gitattributes +++ /dev/null @@ -1,4 +0,0 @@ -* filter=git-crypt diff=git-crypt -.gitattributes !filter !diff -secrets.nix !filter !diff -README.md !filter !diff diff --git a/secrets/crypto_keyfile-chocolatebar.bin b/secrets/crypto_keyfile-chocolatebar.bin new file mode 100644 index 0000000000000000000000000000000000000000..98fb3f9b43ede5c1dd8a98ce0660af172dd8a8bf GIT binary patch literal 4628 zcmXw)`6JYe+lJe8YUof(iwZ@lp;?$2b4tvZ8M7~D9~HBF%)Xd?RI;QH+NcnzBy~!q zgd$4OF4~kLskD(KoYuGR5AQ#4KhF=>b>Ct+5D4g`Mu)+y)azF0jdF+;1`1s5Z89kW zjV7_Tnt)?NF(4k35QG=2ST-;gfnl+vB0f~d)duUx(u8=i3K5mSh-9-QFe6lq6@W1j z90`O42Sg?)gDKa>8)amWMrwsQ7*I%%$t2{EbXt)DY>bG92omUki9iu1*mN)wp5ri* z6+AZEVkg*9QU!`k5(l$*SOiaN0Lf%@r3`|BQOGs|E+meJR&YWhIRGn&Ndl7~2_ayd z0*;4ScvOyBiH{@(>j*F~4y|_B1vVAJ0;oZB2^kd!Bgqj~l9dG~+MpV%jgFv3h*b0_ z3z{Gy+ z1Z0VUr5Ay*4i3?(A{uCMOtVr#N9%)Wav=#O2Rkq_izE_4(Q3Fhf{rADU<6hcjRXZm za5ab|B5Npg6j&0cf+0%l^7HphvibN`gn)QsAh82acml(PJqDygIP`B zLoh5T$tpmC03}4qC5Y8JGA_a%EVIJtbUIoNWl0neHH(E|V>rrqf)F7lS&dRaOm*Nz z7MY1mQR~T3j6V;tLHb~(7=MPYa(z9UG>qy`0()&GC(f7Za|ax&ir zg4)P5DpREq!o}JI5+Mpf25YQB6f6X1#A7TFAsqwQaq%Vvlg_4ypcXQgh81yfoG5!7 zN`+U(GeANultPS@A*BqZ4l9rem@1-$n59NcU5+*#7L4d+BR1M1<41n=?yhUWi>l8r@5jI#JV#EPvmWE1~ z@c<28rclTcG#+1xf`bJZ5EsYdTToGQCJoM$L`nsGxz1t-*d!bV2LwBCe`J!GspINiS!L z*db>En^*wHC_>0ZfHHx| zrjp`}m?%07VnR~P#yAtofui%`1vae43Wr2kl?aHGMkj}`)gT0dt)psf`glFfU`;@x z;cyv}!r|jMY%WWfz@+e?Jc|i~r3-OFy~P|XH(6m?s2RY+;SfFz&L@EWhXyKq9fOXA zL*dYVC+`#+7QNg|6&Lu83#SrWT`*Cc4YU7?dS7@n_iVV^Uju>8AK}eSoe$Rc z^kM%!*#<#h{a zAjW1Yel`3}nksV-0#)xDYa7f=f3EtxHK=!_=3brNbboua#UY=PO=0-Hmb%sr07Ls;Huu}4i^E6S zz2;{LHU^AZOK6RIr48cdEWb5AJ|)avmo;{oEobNQ^6kXfQu4yV_txgF8vi?N4^ee; z79-EP=<>uTJ(i|j`@YBy^&~yMuwp}Y#JN1Lwy5MDBQBO^I~H@ zZ_igTa!VrIBlQHmY<4QR=nGI3bMNW5tRu@Wr!3Ft-F|Gw$>f3{htC!J$7 z012(GPoF+IHjOnq6nfPs>fy)BZZu)i6yKbfvAkd3(PB2%Et54^0Q~OmJ$xZWkEmGx z{b+CV*Bv*HU9M8^emq#V2DMH(KZV&$Y!8l>h~IXf9`$jC^vp)*-b!Bmp=z`%`}5KD zze(PA60^3B9ct*Iyco5+N7}uam389XGrot<|D_ZbRpXK(IM0iQl z%iX(c3qr3Qqkrct#m05CcIAZjE{x7N^zquYk*+%r(W<;b>dV2o#59kF>)7!6tH>*F zEbW2J`6LPDK}S397v(i9OcBG_yh?S-#q;Ci))THBwe^Rv=iWSubx1}UXFYz~x8uO= z@S%tEFK>5s&Yyg(Wd~7u*yEEu zG$Bg^555pL{$^!nc_h*R9f)PTU(MAi znG?1ndsXU>?d?8IwCB^1z1jYrCD*2vN*h-#`>B~Te@ej|G^!`Y;IuKc@oE9+=EiFL zE9Lu+6UiHB+dmiV5(-19Ir9bVJ^H?%d!|0mI(7{t*|mIbu?rEZf-eiqEbRSK_$V=K z(f;$KxA#AtlJxm~orVNlFFjy;UAT2RbcL{%ITd@w@;W@0hjnvjjembMdUE0R&g$+x zzWTb^<~A@>^N$ngO-R{YbyLwVDmG=wReD`Bw|2|>L5(Vaw$w!ZIL9wu658R580J5Z zTQDCSiJM$2UK^e!2ubNZ)WR=Xo<67Rg>P1cj)Q5>ou95WA5QBuWbiY~pJe%#O(%rKUa%d&9B$Zt1a$nw ztlcO41|)-36J=9>*GFepu1bwC5H`Qj<^EXsYf|E@HqnOb{QK(}KDJ3KciqLgbyMv0 z6`5CZU0B;Bl*A_P>_&O&=?7K3cwhrtE_MrL$Awv(is9vF*pYfVGnnm(i*g zv~G%WkgiiQclLRT(JtdAZ7Sm+F4bggN+kS!+hgGK+SPsGXR->0T3@;OpTkZ#(_OXF zqw{=$_uA9}LH(vL`8Xw7oheK#6!xiRR!`hpu=|0*U6*lxn5O*N_RlaBBIoOgWW z5O2FrTkWnJ@8%2=$i5@nI_-?2Bh&YqGF1D2M{Ilj?S8%wXXtnN6sOLHHLV#^#pEO) zcilJhey=Cr+GgC?vvM1zK)=!V$J4kk#zv=AX=$P-ENf&!4SmbfYp7{tw-I)?yv0_W6&-Z)1HF+U)-aOtjuu^5I#}(DNyGy^+sZEBrely}OE&Cx&L{ zh4EXAdykG*J?qM5CPkElKdPvklbJT@*z1z)u*K5~65d^?70d5Gf_->0$`lepLNw&8yQ11>8`@}<<-o^rn| z`Yz?@sww~w_3Ryt**Z3XKWlu@$hVoezFhW>_O#xbJ-_eX!ap1!#%tZG*Cx2jsr`F7bc6HhMTd5&nY0jj-KU)JMBl*o=qZ3@ zpy`rYx)@gKxvr3=_+h^Scj5`Rl&*R|qWW8eo&NTsuA};R40LB{kI(7X|2?O{X}p@B z)4wzdMC5fuUm!et8h$*o3vTow=@z z{aLwdxjVVj$kRiUQiiVi&OG(^^p#Da(>i6m=@N|^LY^KcCO3v25zvvxvx;ede7G=k4#L=I?_!FHrF)Xvm9S)#(#}tFuU(G1eDxtc;W0?Fx@uKy9kl2ObW>_s6B;{l+W^G5-e)1q literal 0 HcmV?d00001 diff --git a/secrets/hdd_keyfile-chocolatebar.bin b/secrets/hdd_keyfile-chocolatebar.bin new file mode 100644 index 0000000000000000000000000000000000000000..f48b953ac4032dd5d4d873b4fa08d01425dfda6c GIT binary patch literal 1619 zcmXw&xz6ln0YHh6qTreb_!TJvWc}CMcmoOKb;i3r<7I5oc>TPM$K!Qu=}KwSMG*~k z`h*5L3SJ@HR0yP$pcGI*3#7;soZ_4lgZwq`(qZeT>fXJ%4**#(==GN`<5<29WBk&{ z;sxa(k+9m@M#ZLXd2Yv>D9kL2bmd{-Su{P15_3f=;*{mQ>PNME;Hqh70kyghWwR4o zfR0aUlWlRR0ey7^kf3U-Uewjp4rkOs;dw68u(48)Og3v;YRa88bEASpt?xKvj2+Yz zG(0wjOY51Jwkn3H?R07rq@|B-xAsC!IPGOO!lM)JM`8i2uCsIMRr*Dv1nY=H>(MQ< zRy3y0-U9Pnrn>m?I1rQcZZ+!rKcs(xIGst38lk&=XmPbx}FY0SPYu~fQr>`b9c+(&@~2N zF)U{fpf_8r86vpo132_ zoOHj|ZBZO$0cLFP`;PMrCrONb!G)O7z{^8!i6>ockEuxW2~Tq{Blv;_a0oKdL_;FL zhs4Nak!T=(IbNxfX2#S}v6~8RHi`Fo>t=yO@{^MKcYeSRU36Bs?`hv%g9D%jD-?*k zE2RNHoc0YyPySOZOO`vMJ4$T`k~F!u(_UlunvrCWtI|Z7 zV%IYV{ZR#Pu zgu!%{BHWtLqsWk|IEYu7KZ?^+uFg$^izIhYVV#GP6_kk?o-vhwM4~|1OEE{MLNpq0 z&hf;FHA&8l=l~j=r(F~dFI4RdGI0{u4QL%xEY;yNuI+tKd@;T^K8jV6U z6vws*;)7zLi~S6s*Voq<6UMJt*b=@q4Za&rBI-O5(s6Ed#46i(C~q#4^GMuucc>@l zA6g&(`X?g))jz*|yP)XbpttXucgEj8_~?)P4}SdhH`xcDfBNpXzx(=IGl9SQ_pko& m%|GJz^q>Cs?eBl|{=f3Sex`l#;g_HM=`TP3;?Kw5{O5nqpCAbU literal 0 HcmV?d00001 diff --git a/secrets/keyfile-biolimo.bin b/secrets/keyfile-biolimo.bin index 02937d66c28a254343c01651cf70816fb0da8697..4fb697238b1b796b4386e0ea4081854a8fb03868 100644 GIT binary patch literal 4832 zcmXxkg;$gbpapQSkU<3t#aO{LkP)WKK&SJYo?&K?nC>2?#8^dS5d=Ze1uR4m!B_)j zRX|X|E>sk-15sE6YmMdYd*{5r;GT2O?_Rl99jmq|9X^{&Z?(i(9a@MR28xZ3bUJmh z4yQcQNFfQJco0BWqv32D1xeD;eIy>kDF=K6of<9FsaQ4xo@Am>P*RD&D+1fGfW~FV zIN<^Tg<#cs5d<0AO#)dJE|bEENsu%AXeXHHfhI`7ZYB<(!hJfG1gB8TjRrPZXvOF` zP@#rt@oOwLDOn)~C~yadNQQw7bTB#r(9pnGgN6#Hd3<;w-cO^7=>P-|OYmBFGBsSw zkXcZ672Hk2`v5BmWwDvrUb2nia53Q^1K{Y;skOoVj%k)$=(+~KFIG7zFaj;|xp2DE^ z8r=ks!EE;7z(kZUfeZ-9OpjcJBNByfoLmXGh$uuIo}-XRU1+*WfhL>OOtwlTVymeT4~0h8^G#_A3mT-f@yG^+5g^l?LNeD% zCx|6hE`f{nlF3BB-Api(AWo^*r17%d8X6sfWn)B0GSnvo99+K2nuZ18xneSeYo$;D z1rMusfE9oZ<5Su!IKEPc^)e`Ui9p0~hzWdx1mPD#Sd=s}LBvp{fh{5=-a?{*h%hAs ztmcv^IFC4uP0@JqHaXE`bL;I?mWz+3X^}Jn&dl?o)g)?~n1-N>9WEu7>ac2bt^|Zu z2f~w#COtt!l;foinS}45Kov{`(n8ZJ30!!Z(@#_D_*e#u!PQGtRy~eDqbOZ8C>oGs z=uDZ@i3Ty4G_zbtVky8*4Z?wetF?4GUaVl_WMn#1V<3|JST`8UMC-7||97lb!BHp} zE>dU_BrtiAK0E?$VXH-A5{hMkOC7!eE%AC9Df_(U0s zz<7N@3T zKu|eUhG2U9Y}kK<%{UX;!^A=e2DeFwg<***rWDUaI~;l#m#qM}T!4fl8No)3QSKs0 zp;9$Q1wy(N1{OKNKqQl>Ca8u=fYOO9w9k$eTFojbBLPBEdwf)bOKtJUtO*Q=8KaWJ zB^IHYXjc(65G07B6JcRE8V)QKKrnVTHjT-bn2ap81?whYkw}e~BU2bH2BuEV_3*HA zl9~X8%lv4Mm+H5peSjTgNT2~}b|nIXgVB@{o=z@>8a!^7oaU48EIg-ytd?qh4!4j( zh6%V{H=0W}tHo?DK?CPlZF(pUWMSC|L@opE<5J0HrNWrzbu;K%Bb2Tbn;3Snn@!Y% zdGa(a51b&9TGE^rtVpO68-!Q}5>LYD^&prFA=FXbZXMS~A|?m`0p4x38mUr*iEA~n zNCaU5oB=5C8i>T93sntBc z!bQ=mjd-?R1m;n6b}yD|HhZufEf@v1xDap|k4+Qc5?CB76%XhIAST`*MB#K23JU;Z z{I&$RkioYY{ALQ;kVbI0@ItqiuVsV5QX%&L9H+%<9csB#9f^>+c_0~>4CuI26%Pi( zqNN-Go2Ky@DJ+Nw!&X>HW-=aZ@#1lMuNbPb3bZ_pK<5((xK^wIgLK%HFf52DWyo|Q z;J;IF8O=UPf|#Qgz-j+gXkic}9uFusHZ~Hk6d2t&5)6>&^jMFTm>1M4IiDN0DphX45q(euxCFW38t*w@u4jKGOmiPs0zc1j(>Y5cgp_uy>ytMfy`Qh#o=F>MhZV-zTfXG~4NbcI+Q2V3;oljd-dtzxDHj#e9f9PB ztCB;em>4ftjjHemcd9Q}-W>AZ*(wWwR#Ru>C9@y&XT;Qxtyi8}Gv&`cA(h9m;Xl41 z);&vpOEXkWdh^T9JV6IMlQ2JH;0=d*HtYSWEu-m;drR-VKPj4*C%tm{!SU>fm^I6z zz8O0En>SMmw?@_4_s=yQ`U-q~HuKHz&W_D@ZU!u1foDBAysJp_f`)E7EUBxPeaekK zcz5@j^tPJ$wT-ACdlne1&igg{TGQYWA0^4v#$*jQ<%(ZrPHr9wtQ^~r^&-vic+KlX zmG6e=1$S~l!Lcyk@cy4$pY9uHe$|AhUvEt$&AexwaFKhSHsNwn$78Im_nCWV%>3?4 zUAG=)#9e&%asAODbm{Rw`aNss1Jw)Xw=4Qfv3hb`7CZj#_vZb(qn5?j_X@|RN#->k zbnf~5^5p5ueaR)!EynlMKHp?X(kFc028VG`V76&V;PsfXoek6cAKlBJt|IJ-yYOS_ z7!>?(I&KoPyx@jOd#R*+={&9K2TotHVBAIl<=e7jwCRHA&fM&k`z!vIH#$T^6vDpf z+XscepA+o;IIvcD=w<7)Qx63Pz+YXrB2%vxeQJ><>|9+p-#gg! zA1WT~9QSp~s^>XRR^N&#k(YsrN4*FP>nvxiL!E*aM7PatsHhl5yfjJ>F=PGckvjqi z*Cq4EL2AC-1#<8}WS@5ZqMAST?lYaC>rLQSZfg5q3K)-b(S1wc^E8vWw+`V?G z=oV13XZ-fSa{8wU)FqgeU9E9fKOWi6-LYEpKCtTg9(~6rRaWwb)+{k@)k^D*pqbro zXLW>{jD=Aj)vX25egEL$A(R?fXm`dfx^n5HZ8sObo%8jtnbY+BvGB0#XCB0#DYqIE zg9Jr@y;Kq)ytr>aQ2TAij!I76-D?o7r*GbRwsc%4!s}bB|6wNNg?efKGgJ?!sTxk2@25;|=As zFyqF@<3N4Icfq!av%!<{>3Et#xV(k2_~)q}|B8eoia$}$U!0_ERc)HufXt)s|J+ad z;O*Z^s)^u#-YI^pf(C*2RnYdj&j!EoEi~i*TfC~N^zN=BP)+(k^w^+NiywEuvOaVC zn`SoUzC`8kUOa}oZ(lxRPRqPW$_>^Oy&gIuhw%7GSXb@vjds%P<81$*FNwE#i`r); z#vZ7?z8unX`T7X}8tVc-e`%JWHXf z8Gjbv7E#i%iFRohyiFcF*HvFL68_OsGsF+Af2wGlHq!KPLzzV?j89p%=g6K4%cZP7 z6Ql=U^@IBS?*q>}$ImBk-jsax;pN7N#{uEo+}zy7#-t-N`}@LSgclHvk~81ZA|6oIZM3{I~&y4hu z<@G^+Vv*`W%_V<+Y6UjAE4=ZWa)S(bUdH_qf8^YR@{}r&;(Et}c_WLS2Y#(n9=vOBYsF^1HVI>)PVWTIV-sj@g$uD|q7pGWY~HW%JZd28z7z z2KqpTq7r>3A~O^kx~UUg7{lksE(ZADO(zYA>a2ff?w@+PrfSpDp6)w6j>Nj@-(OQc z+02vTo|haf7rbvsi?g?1`LuWPex-cwj@v7y(oRf`yOQ~39Qs-+Iv}*&+(0N4gaMxzO3n{ zl1XW2_k372DpmZWf)O}S$Yx7q50sCX-?y)ynYhOhr1|xE74?PIbnXfJ`~t!We<5G| zwymnVW1wLBsl7l(z^3W*|5)s1j(sq3=}|MxeYP~bEBC|bmaX8%N@w{Sa?LGK7C`ik zlh>~CwmcZT#?I)y`t)H_I8X6M&CDq&nS;m;6c>8bJGbPomu;z=9l^U6`Wr+lsi+Ey*LEFuOZ8F8dc~#wDTZDx%V7MO3XANwAhpy}dX3^ejIy|Kd4m z^~mCp;qhPK*Rq~nPaig*KDk?7#?U+4?nyFAo_GR1q1p1SZ~u)7e}Dhp$kH-0KI7zJ z$s(e(9WYiwEsmF8I(tJtWJD#2zibZ5`aGh9USHDKNW`5ESRH)S|JkVwF_mu$bE^`9 z5+~W=yfFyT4u-DNSyH0jCPx%8mAn7#{?g5%pm$bqe`~Lh zooZe>9b;PZDqjqEB8Q5Y2Q@eE^zb7^QRXAa@m@m1wAEie9ca~s`9rUNST%9h+6jyC zjf|eGt%9+d#;z|ZUj|#h{GK8`f>{+9u72`(;6qaN<&=b>r^?AN@YW4a_L3xYtt~wc>1K zz#7@$)0oF$M0|o#!q}eTV*me z+r?uSJv>i&@6CL-sMs0XxbN`UCG?f#d%aO96eM!e>Oo;fu6$YXKN8VDGEry@;-M#= zw>``;_Tmle({HWw_l+AHQQT`>8g}bs_4xbH?Ky9iE577^oi5587|JcgK3(%+g8b}V z@$`!<1x?t{4(spJ%!HT8Ea#sL0O)bm%1kB-L-1WH;K?#y-UKc2MVukggf zt`)CXk3%yOrni)CXs$Mig!P8=O?6$TmPNl`(6aH;>T$Ujw(z*Ad8yj5J5|$*i$8>< z4=hIiyw#jZd%5;bzpdYP(te>2bocDEj%h!<$rRD>rdhEiSI;jz7q{0u@OoJ*Y=rDX zDEx2YDC_n&{rrHZb;VIdlh9F<9TVgFw)C$3=g#R9nis#a*s83C+3j=Gud*})3umAg z8E=gKcu`P?iQ652A4#Veo({|Hm~GF#6dC?HT;bP0+_rH|OW#~Rxix)onxeaM_$bfX zt{FYxhTygt{{}x1_ii3uRG#s$^b9)&d}#ftoteiX70UV}DZ%CA5$4w?M?W?$U!>2w WFTEHJNcBzgrgI5X-uCe2W&Z<#qcpex literal 4854 zcmVWdJ_fz}nRug zk=S1P2*A4&xz0Az9indN!@gvm6Wzts1Nx>~ziD#?5eM>DjIv#Lk==&I9-2gZK|9l0 zp*R?`-yiepAgI!v)O1vfl(_Kn<0{=s@SjyHcO$YabGNQH!6BYoiov_0E5P^uT_fU3 zyGz)v1#H@Cv>9e)iv(|mlF+IvlROjkak~!U4Cnbc);YFetD3>1MjTX1KOk5z?5FEVx$KvBS(l%8Iu>ce$0Fdpf|6X7zA7v*0JQd0AH|Vd4Wc&xjcq}*)i^>Q=P0q8V+)<#u zaic!J#5^flg)@St=9Og??R17S{tzh{Mo*Vutz|#P9Er;Gw{8h5!OV2 z6~o_+n(+26W<}xc4UXrKeK=19wd~^&7@GbUuBw3mo_ zlkdEMP`&&L7cK&?>n~XLl%t1(tyJ?H**iBKCC1h24GVo-T2N`UvZdUTMJiaH@I={< zb6($ z^-BscTtlU1UkQqp)}nmCoB{25q1{o*js7H!Egx0zJ52nA;j=#G9GjK}YFoX8)qbe4 zEvPj|>?A6-$JRvX(!-$@abm}4>XxpTjWSH|Q><9$_VT}9%U_~S$5Pj>Co;pA^NiF_ zN_H!C9hQGbq+qM@>Vql}$62=w0gIO5dS>j9N$vl?IRZXA;;)s5v~W5uIZ=gKyXJrD zqVsd<%z^!QHt@wh&qf7O??E1dje&v6Sj+a}VI_=4>5}4JP6tK8&<1ah$r{qMuh(7b z9v_M!iNPW76gWY-GbPISwH8}U(7{8Uc8TNYFdDgz4>jOcGbpx;PM^WbquYRvQ<2m7s1Lz@KVgOv2_fP(0TT-fKp|3rI(4_iJrRmGM>~~ z;=);07m3U@LQ|6!PN7EQy*m8QHMh3^k}Ptm3WD6yKwF3$q0mU0 z9#sgv{eFK?+;S;1$-3>NSgcGU<8cjIVb*Jl=+qhYHp$k*%Sv|q{fKU-7&l0lPMZxR zsSV6O$VIO*q!^HiPO;fRXZ}A%Rb6nOttW?F1MsK<`ha*&K~pk~Z#j5vFbJ^X?B=5v zsF;SS5K^WFCsO(y=S~LJsngw@ag`)fR^D)imd*fm53B-(ZOmdN(K67F03X`toa#IG z%G;+aqp&!ny;Htgo*{sT(Ojk3EDR6O0pulfMZA-J)pb51G&99-vA-il?qc^kcj)B;Ika!m5j2r#z);*g` zIgz1FAXC7J9vYVbb3s@ut&%!p$P5NY2K@LI+dyr8hrXUW0iH-7EmrZeTPh0ys6DdE zE?$8T9tywtOhSSSi%>p5uw0@3xCA@X3DPB3-Ji=g$}}sQWhm&%SB**genT~Gx3;CV zXqVoxR@wbHYN$Yra7A--*@GA#Z9b8y@Bc_brZkS<7je2QtsnZt8Ol^LU@+8Gq$>F1 zyb-g1Eo8lQ$_tzs%{dhJ6K92*V*qPv6YVzG1<;9qOu^bJ(ALPg;)vt_81k8-TVp$G z!CCXT^3dNM3-+o(W$QJbp2?O}Gm*rkld#=E0;p zYK^JM1<@O=YrxJS2wwCOZ# z6d%u1yL`RMjg%Xq4#1&Z&zFDAQBJA{9MR>J^~H7c;LXpD`+epap02mD-wzxgM*zqw z!L;4N~t|96@&o9 z)88dpJ?|J=JX-r|+eAKQWhoQ{TS9Pnmjil#jOA`BSe4TUBts8v?xUKMT&;A&t+X&9 z`NuqoLMutKxX`Sd!2h7qg(78RCHgjB_(|G$F|>Z&7^61M)2=jGN`kiqL8wks26Ck1 zjmG~tA|%Kyp@JGc%fVPGXBk-l)DDZeW?N2u_t9F`wCp}d3aRehGyl84A}Mh4c85w- z$vpZ8#IFr+de1S`v~aCuhL&nDDt`F{N^9Kz%guGRVED=F^NG-J3nSKU++r0ed3hpJ z?-$g^iK>0Lk3cQXoroH0Dz@G-*T{phVEU`bmRq_Xx2UwVq;9>9?WMo?ck4YMcf($^ zq#W>SJY`p-frMYFZbO=okj`96y>HMB?T&PSyMGIrz7giC+vAYG8An=YmABol?hPQT z2XIKJ4p^2=S<}8hF&s*AW_th4KZf7mF7o|C%!sG1aW9ON{$vvPLw6R&XU3bmSDh`# zQ>!Ia18GQW>uSP#^?$H8IgRLd>Np%Ii097j=(xRTIK$Ic($l?{s5jp_JD(j&oe1SZ)&XQ$Y0 zoPM6QI_o2R10D@?smmZL{#zAn%u0u-l_dZB)n!Oz8@1g#2*i>$E`dQ=h^LyjP_)8W zz?DzC?BVtNnzW6w={lYd@08V=_Z%)E)o#kkZ&O@(UV5?~upnms@CfSp?+FQ2Ot_m6 zaW+*tPLs?65U)2IjL=7W7g71a52yW_rdc`hU{5N{FApln*(t2wYKpR$;^BsCgh)H_w;LKg#7&w1HVQi2ytdaq=iWKGDX(;nQrOi@F zohu_NiK_y6y3Ej{rSl!nNK^wqPqIx&+(rFw5HC^GoW2896r492gTZans+8XhWpOxu zizDBJ^dff+;_y`HTs(_6vg3r<%qku3gniLad~JUeF<#6BVlL{*g=*BGIY=JxF#LUvo)eK#lmm(s2C0gk92IXOJ;1DiM>QkGbg8<*f2 z9d+aHc2HKZpnQlDY<;c7avL%!3sew(<_g9=(FUq_CJb;_gM_due6^CyX^@9sv0s>b z%eci{Um0P?s*HJ}TpH8EHDJh7^yWk7G)YQZ+Iv&VROD_rCJ=NuMB9V+p6ev-TUyT! z98AW|+EQdD@9(k5BbO?^y{ED&zqtc2kh)U-Lcj$+VmY9o!>68eVZw4-{xMNrK_)(B z4Z8a;{cN!b0R)C zj0s}jF23Naoiyq|7TviQ^7Je}ro@#VzHV!FO7&t9YxQK|7;)E?b&#F77tls+t#b}2 z2jJS{jgj zAqQ(J4X~YIV=q1%e7p>YR&yeeoF2E?>dAm;Gqe%3i_DJD+Bp!RL}#+a0bR#~LU2xL zgb1ZY!SPX~YU+HPFAE!C`CZILJ89nARG{?lJxr7iW6y?#i=>qc4;ndCbO@z%?ZS8k zk*+AcOy5`_?JLR}TQCtStF1tA)knekS;O{VDpUkW*Z~trPs{XW&)P!cBdL@s2RTBf z`@HtNVsC1B({Wne3sJT$hwX#&h15-?|IwBJG3ZK$jB^=T%{hs22Q&e0eOx1uht7&> zDqv854^EREu@2PU2Zkif^NYV@`4$8oREFtsB?UYiBR6qwpr{lm|K1@Ty<)xL_%&<#7nImnmVBo@IJbL?w_*tb%= z4WN$G)(#g#3d>)q*r!^Uxyz`83*m}M-Jue+n2*C9kHzy!qi^sSi# z3U=N1lqN{EyvYDoKQE~C5w#kh!RTw1-))bvE)#Y>C={Y#bO9FF!I0bO?{Oy3>txB8 zP+zjZQtV~)F$7!r5gX|ZOR|XbZ43!Ys-%NhAd0UU<4Mmcby=hv zpm=sMP}ZmteD5e_zr%SKSy|k2KfmjO<3|3uTDHDy*P;DCfVtOiBW>|q?80^js*b8bFJcPtJIoBdlIo#fOr5ErVs^26(^XUka1xC)WnaexTy^D z!WcsdOJG_d|Bj+{nK3a$uoTC!$am4VI81>{U}c?EQsDfb0+StLLgk>(}l^5 zS)vKGCtcvu^VOF*seFb?OcJ#h#)f9o((a(=X~`&fG;_y)nxZ}QvtRlm+|_m8Lguuc;mFhO3X3DkSZJT(#`cpMV*G`$X1sTOU(3lfZOL@uYT# z*#lw#nxd6@%5+DLGS;Is%#caJ%wAs9QUn0!0|8Nu(q64V8;-;eN_1L|8{@C;W)x^? z)~gsHTM$-@t2DqwKI9b*0q@D0?2VIY`WiT1sJPY~G6?KS&6VCx0KQ9Su zq#S?cg~)xv=<2L(4CgQiM#kXd|03_RDOeQEyxfivOTuMg%&ClvZ9XFCPKu%p9zQ0^ zXaE9T&dWW3U{=OxwX;$Py0MAwy5Y$1$5BoW$p*=?GackV!S#%Rj#A5+9LtNC=EeVMSNdDgNssg0q zq1L73t$l>L&bf(qibXE#`9q1)ux1z+E?Yqq=^!~c<}Xu%FjW@D{kUt75sJ!KahB0! cF%<{9 diff --git a/secrets/keyfile-chocolatebar.bin b/secrets/keyfile-chocolatebar.bin index da78610dfad0a2b307ffc218d9ad7f06fa7ef4ab..dec7a831f576f0066cf373da8e66c76d89d02a61 100644 GIT binary patch literal 4693 zcmX|^`CH8iBZcGL0%)WmedIR;SKlj7YC~G&3+!>onm7mqgA&PXPNhHsu#iTl znn$w3^j^P_i8m9xFt!wl$^8T+*~e0n! z;6{TaZoW%|AnV8|m0AW9%4rCk8tv2R0S(fCLSSKWfQ(`hQ#B%!=l?iXDPc$?G%gH= zlL0hM7!=Gi2(TOsj19xeln9apF7uNa5GjJh0z_tlk%)^mLyT4<&qo2d;W9iHhI1O} z8lKnb@)NiMBZ)xN;;AAGMC7MRr3AA*jzn_t|G({j*1$9xs>lN}>cAL)Z-$f9VmFfD z;j)-8n9t{vsPzgI7^e68To4CTgtxIcVjUYxL<4ZEm#&dW%xo&dBUL*=N}F4$ry}`A z9f7ED;z%YbMQ6mtsW2qAS@`b?w*f%_j;@P8gCx_M*5{F&j`)%q%pK$|mY*G%KD!XVL6RBSfX)#|roky#%aBa{#f( z08;1`ZWQU?1ii{`@bPRMt_5a`bMSd6Fh^muW1VyZhH3({$bi*`@SFTjGAGt1^n;BC zITGe$<3TX0&BgSq%{YSy&_YuS zS<0ND$6eouY0X_=D{nr}`2qD2)2^cp8PJLP;_*3nAyNUIdlxF)n}I5aRiAP%4HDPu@C}XZTCV2Xa~!PHmei z{Ea=<`My4krrU7;fva@a`1}#;?@Ax-yvWR+WG(D&7oV?Jup=CvJE^fqU)<=+l&iAC)fDIsQo5#n`i&;#IEi-q)$3#8 zUwsHlg-r&RRK=lV|)FCl-15Z94P$DGhH7&SJ#PoQkKLT4c)jDsnSnXYIj4>VJa0UBZOgNi2~)Eh zuMVEASXw=5`|Q-#S;6PbG5>@J;h}M}YOcAgp#HA07SU?auG|Mc=pa9|z@6@oZeg96n0jIJbs4E+z~+ zYg|{o(_Y*%;v0JR;%TOz0ltVq3i#nySTcNJyG7Kprc9iFw&+j{|%jPgURsJ#imhs6@SeH0Ez8Y;&6t|qtOb?zA3uHJL;i+{sOL$SpK9yZ z8NwnDY$KxgsVgNocNuMd;eJ>?itx-{CO0crJ^dvG>kdN zTIQPdb^OwY&Dt?RlhWRzF+;|KvU4F3unb2e`h{m_oDBlKr{Mgmq9Qs`RL2N zb$|SLy?SKt$N!vJbdi7w3MBk_wXo&uzG-Y{XZhl%+Td=33~Om~kq(h6%S#gB(geZI z8AaP{->wFH3yOrxmnJq{)jx~;et2hML1OXohI=;z3wpPf6{~}#;mYx4S1>sxzRTh7 z+`62SkbBFUYYz;A)Q+*GkDe(>*Ji$nj!2KcsV5cL=JqY;e2%|#C1m6!R_v8mqv%0T7Ys13r(pO;GTd7I5iGn;x|SA4Q% z4mmQ^^5KU*9}bJ&N%~INb2aQ(&#(k`CIz*AD1Q8jz?OssKVFIDB^~a2)J-3TFSwZ{ zG=#n0adK<0@P!LJ4gd7Q$7wo9s|Fp-v|gVWayPpooR=1Sqp+aX{NDsDc2F_2(oj0kuV{J+p_wx5}ML%}yO^{b}r0sBd z|GNt(b3m^Qe(?mFnxOCI8_E;@x3Z%Dx7|4xT4w<5}92dd2dD`$5`%5smXy{;7}U^ z7cj7U7o7eXKQpF>GtK_{vV986BiQ1@*{6G`d(-dv-ffM@ zJ1t~}9@-2Z(>SMa=v#a5wwm3)kGo8&PhFTlH*aT5v$+*wA{cw_Va6JZ{88R#t_0Zi+OS#9Y)R(N`>^>^w&8 z*smlsL=w~$;^%=i)R?)NZ>yDbeC6Ja;jiu(5eK`gW(6 zcjmiVZ(Uv@eRe|~G2!JtqBU!GLBiJGN#)0?dj=f900s7_CosWjxn2DFeM)Q))BE`!rK#1RFyten!JH;txM1KKwN#Bw4bz%1qd8ns(?m_3XRmX;+$_ zq{%jxY3YR{oIv|u%39-X*r<((KXY-0;BDaclU zet(=&_iE!q>g}?5R`yk9c7_&jIysBaSwzQJM#-RY4hmdTR-+S^e~{^{3T>a5%u zdV6`2$XA@yPq^aqtpH}6-*xQRx#%x1+YSvoR?wO|@9>Rdow(wDv1V1(8+13B+6YtjQDW_YZFm-+mxLeyUKLle?Kv5d7vr)LDz#sxW^8_I@jfNvqpH z`HNMWpWCi1hTLIPoyMH|>)JW$CfCKVq{#TfWSnnYJp6Z1-my7#PW)Y5<7aD@~MCWrjq4n-l@im`6#1Gz@;vWM`sGl0NHuGf0@rM&aiA%?w+_WKkYJ=kF{?+S8 zZ-*c0k6n;b?hl#V1Q6#`eGa(sc|S}u_%lO(f9dnmcT)+91INqklPq0tknM*3sNVP= z!p%uuErX}g8V%TMu&iZ`-4Tkcz@f5_Tq%cPEhZ7ja!oCMb1dhvF_ zL2h4Ij^;{YO0D^IB2cM>1aCUs2M(XE-`2-lyE7mr`N~3|k3kta8ZxCPU{TSKB;{QL2)qbqw3fk&;{;<#-s3%|H^v%Rn-Yw-d+Q`F&IADf;z0vcBJ@?)m- z%8jzYm0?e)d6Bm2ujUg~kvLf~c*7_2hx7+)vm!1#sq`mbyGFs5lZr#+OW*&q8@ahU z50(^DUivyMe8u%=9ToGx-i8!^++y?5i zg|9~NS_6kc>nga`pq&dszkbCX`W1bk`>zL=DZ{dxZ)w}3J8KfK=2>H3TtG}nZp-dG zk@h*dPQUixXX5e~eZ`pp;Xr4+wS5mcI8U{UA z?1yh;Mp^gl4VTp7lxtF||WXq!d);Bk#e{ zDkUd&G9}+`>OE<^SwoAn zs_)L09ZsJJIJvKu2$5_~`5D)*NK%wyEG+HMnL_3=x6eeGFv4LMLtr1N$!jE!fE{P$ z4Vl#vf24{4!5ubxn~8Yijilr%2H@K3ke3Tp_}}G(9wL8l2g^*>8a0D)tIE2UXPRYg zN9;9p{qPrWVWKaReF8Hfcu(t@D=fKI?gRRk<47fQCZJ1z^3nycDJyawM2ygpD-Bk} zErJOc(0152e!n?U8B|oLT*>!m`=4@yaG7S$qr(l?9?bu0fYPdP_(LUng)J&|7&Zi$ zV5uu1|GZ{kS=F72p6#zC2OxR#eeC-2ni(tJqw>{HX5TS(#BkCWLY` z8{m+bBGJA9t`pgc36Ly{(5|Ij)*`Nb7I^sVZBH*pu4w|Xkm2`a!U73JJm?8R{IOk( zs8N6&|9rQ%JoL&foRZS@HbDY+hQe2w?dm=eF-j!)v%m87W^cfUsp*h~qsZuwzF`L}a`c zK{K^>F%bdtrTuL!u0h1=`qQ30Z~(Jw?pih4H` z1tvGF%VJOW>)UBviIzWCa zD8h*$Tbptl8N2kZyFb>FrRC$%F+pFgrd3DK>oSntW$l9bYzh=TCQDL)U=qBPq&(99 zXZ^(#=P)J8V5-KSR`Re(P4$MCXf4EDOc&rz2kPp?9?*MTdko)BmQXfz#6+6HWQGw)klmv57Jr+^*5N+X#Pa?jhHh_vG zH1DfwVBB;6m`_d977*#a5qpof_~|SWik=%g8ZZvV){Cbu7|2IZUn$2Vtt6CqP#l^lgX9RL?GN2;;Dp9_=8bkrgwK8~n zV)7v6)BZ_lL9ckmt6Dl#p4u5^73qiD34={RR)K78LGMo2*qm)zg8gilQ_M-u4N3xe6_5~gi&IxT?L02|4%X8zoTi9f2Zyn3 z7VTQcZq;<0(?RNamXu5cLdERY1GIss=f0kCmty=tGtmrN!5s21NPKyHyD4Wnv1d9W z|26V}1%r_B&0%jpo2u!t$D$ZfyYO;6vK>0xILHite?9mTa@bqM%* z>S!(s!B(Be=?n}I6O*=tHDksTtc-5es4BuW3e_~4zTjr&LZkms%o4wpZ6;y9Q<^i@c+m zOgX`IobdqwT=0KubISPmC9o>+qoHvmM72r z+pe9yFT-GIO3X;z#ym{K9 z@8qOu(`$QSq+i5ApL^dNR4!kK8z=tU$z*VTl&R7|AcS$D*f#U|$y}KU%2KUPd*c5} z=mUj-B9nUg)t{7ts({zh(bcDZB~Q0?>8*gAL&KRHPW6*r6Oq{?v6(hXm;kzXn2|yg z@XiP>p{yh=BvH2|Dvqj>0XfHNMGY>`EwJgur5Ppdrcgjb5hn6q1Cv=#om9FRa!TPv zV%@dA;A!ra0WdX#AGS`cHkn+#nOO>K*=t0LrqeNo&XM?)o1Od}HZOB;I%y4g-!~6- z7`h&7)@j{Fd{kzT*SG$bU)Nce1OOQdiaGUFlNt#Uo{XHWBo_@+z4B&O6(kA-w3frE zNGr<5bSixofGMY8)FT=~`N-qSamH>X6HPsJxBc2z%CjGnYTR(41?N4eLr>jr(oO^C z{4q9fH&!30IjoV5JQ*k?ELd_zmUfoL15-W1lbLhzeXN8+unvI?;rw;V6@jVPj;rxD zF8P8Z32PF%7iUj0`ULz`B=gOfmne@aj@i00{P9n)%Nqvh3nR)H9^Vy3tWovG5p-PJ z*$cU%^Xbx=?a4#>#iUBqGbYg-V(v0sz8QdvLtl(OGb#+6ixhP=X^Pf)vyt&NxP(&` z=NMxcFyXvBL+Muq=7z*d>NJ`9aHyU0%YJL}q_$NTTDfV@i>_tw8r67IK=fv3QHf8| z3`R)sD4hm5Cx*ph3Tnp=f>O-VeJgX*wph>81zFU#XK&q2ZU-j-)(WR5dfBJjbLjoE)@fhBrISK5ipt(=-unv>)7Y~LG__EkE zbyihEYcrExBt@lk2}^rgRxkF$~{?}BBUKq$S@!w)%=ynoz0ucD+Y1pa&PfB7839^)>> zIVFUX*iP0U7y54u)>gYl7iHsSEyvulA z&!Tg~5~h&Ey?&z&C=ibxZcV9Za0;m`g9R21{g6@J4cM8DIeMoSzDEKo%mAC+eKXRI zPd1tbPrXA$Toif0@sl&!FQ6dc`CDsx$r5s@VCwSkz>r~A#(J%~He-Ypq89ER%AxCP!Q3 zKBvs?Y|&tzxRP@Wkz}D3quuO%23Xtqh6JqK$>jNi+=FD(1v>mykNyDR1^#aAp-d@{Dsb~nU;+POIlOYq zw)u$A_2`3p(oV2|*%I}WV~w~yD4Nx3Kk^X4o3x}6bi?LfV^^OAG$`;wg)5y52PrkE zRKYPw(Fq z>vV!KJTC_j&Q1?qN)hC*`7$n}l7gtzQ!z+_u&^pG^-+N@SrJ0-6v+1OKvb~e*z!ME zbvvOF)!M^I3u9x+iAh?HIcUd8%LRC;tE~|q41m~bAQ#MMW^F`{O@q;;kum@=342G_Hh?$`#vd|}^p<mafdfW(X?1Nv{A>reO3JMLMYz39X*QiXq z?*B)(*9L!f&;Zm=IG~*qD}sXHw>l_(lr{kCuw-46bMfeSK;7!Y!V?2|i`^4y@El&g zbm$M?t?FOq^vdMuF;oe+v$Vwtwj^~pIV8zXgk3^ z^mU#lKAlR&!tXXr9?ma9LU_gDNzQV{dJy2UPS}m)L^*?KhH{=%nUr@mSvD(ltG2jhf~CV)Bq*x0yk1CzfPL@y#;FY z!@AqnL4C?Qd8+-@EJ(rlNIBbfcPTV@w3jsDRv?Fsyh%Jxc_q@L;diAkB zMbO%y_o08?q#-59LiP~XZ(<(eM#cOZdhR;V(v3lm_gU!+KeS1vaN~E=KA!#UvO-@M z%FgpabgcP|U0(|dm?=>Ngv3@Idv{`Fw=7IMMm~|rZ~ol}g0;a?>k-!n$Q?-4pqFf_ z*L)7Z5`Fm_3%30g! zzZsIekO``P{)CsG7O5c65#fkjmBNRh=qgXcVTll;3M9+c-dqe*CxB=p&K8Wprz%f@ zG0CvJ?B@vCeI@lmQ0S2c?($0KfSHCdN|%%eCk=Xz4jD7bkm#wZh;=25zLD%j$;Q#h za14Qsm|^7qUC75mt(hD}#_D(h%Tp3gkA<$4)cn%x6r?KCWV*5U+~U$3m_py@A}8;v zqp>CHCG(v)Y);=jM75)Eq|J%y4|KFw5={M9cZ49-d_;?sXtj;v7zh;T8|4*LUs&x@ z2XR3jlph4vC0T5_Ot_0N7>BxAev1HpO!Y!CHy+G3>-%)hqBI%oi!YE3R8Y099`Ch~ zEaIF(!grZIT+r8h%SWvBQ51hSOO`#UiBDsM9+*VUev?(>tOq`918Xt$a(kPItm^y> zCpjx4tlEu39wKS!q#If$c|fym-15~2 z8Fw~$+-^^%Ik*^jC>a@q1YpAN1&ZMchN`4+i5 zVRm!UM98`UK8ajcCYczrUzT8rdW=g(nSpZeJDS!+Pz+=R%!t1wOQSGi7f0mhPm&Lq z#jI&*kPjlOOU=DfuJJmuof>sWb}Jlj`gXNTI~knsJVf{cWZ4_t2Sudq*+E{^PI(i4 zLbMq9y=2rW7P5O~6l056B>@iFSwe`34*qJBDw(bV5CiAd{kk4L{D5THI>Smje8TJY zZkI;?k}V07DDWxBXYIbl54pFTLUxqEK`4kxT+I@4{T6x-=Qi_o;S74=bWh%HU}Jxa z2wz8b=yd<)&N-{|G`^$0r5;cmQq2nj9laCl`&(C(J*T@T{Bm&%b3~M*BEUTP%b!UK GK3 ssh-rsa kFDS0A +pgJUXnYT0UgB7h8dWOBCIO6OuXwpjmBuQpJBXnI2Zh5X2fiGQVyrrcrm8VSWLHOd +za9SME+PxcGXDGgwaGpCl8tOh93WRUC0RtNTBmoiyzrfkbQtm9gfnt51JpHscuTc +wzZ9cxMvtKSNGsCuK5oeX9ZxVgXH5QFomwvADXoy14HacgEOzLTPU6vrPrOonGAG +kDqYDzf87V2BfPttzONoScsVsFV26EQntxDx5/8Hja4ceOvgBwm2GczUzpgfIRCA +To+az2B1Y0h/BWMqzRAhobuN/UIQcZAKro4uf8SbpKqPQrON+k1tAE+lrMUFLx1A +2ZayulT/Partcm6L8Yb0JAn24eXFla52XQ6JyukSbtoqZxEQIcjbM34+KFKMftIA +M8taZIG2JWyFdHBPO4RAMyGbNpQN5hsDvJWGIJePj4bAxW7GX9JJiT7gg1iCKce3 +SINdaBt4O3RJ49wTGqJtMSJSlfzLf7s4zHx5oaozAEt84h97A2Yt/8Lg1Wmc2Aji +Q4XG6w8OQ/Fk8E/EeSZ27udMHF94TfQ9mzbKdMJRclLDlKKlxeYA6gea4QYb6GLi +8tY6qnDpF9jwV7ehehM9KYhJcCLw7MYNwGI6oPmTagZCRhXDYULbmK5gfkspcrZ1 +zZn5yOCwt+MA3U2NfpxNOMs0LvaGU7HOruzyD9DLp+4 +-> ssh-ed25519 TnSWKQ SWZZJeUCYeSkYwIKmrsMa/MUkNK7xIn+213hy6X51Uk +FDzM+HzDh+5+9RI+gjTPKNT74DPSvxA+CKJpHXSMX5c +-> ssh-rsa 8daibg +XthUstyN7tDd/vAw3y6knQWNI1M2GEKGDzvmOXFMgwxUcBUNPZmPnZvTfmUXY81Z +iF13Lruwid0/4Pb9dcYyyifzoqnNb6SvnzczoUSpqQc6m+6BLX4kSTIN1Pulwt8A +kWrOekvKy9J7Z2QsW6QKfxB4xaAc+BA9kHOgWWpLTyx2GOm0ksLjUnsd3Zo/xXsc +JpjuSNcsUM9mCP00RjamX1SwrAc/tRnoOSOD6jmED5M0Xfb7bE2AORUQ3Em8B4iG +CgaTEXFppZN96+BHOumOP1wAbH7uI0EdQP/SvR+qelCH35C0pSWZ4AuyvT5kvoYL +CyK6GQ8rVnDrBaWQIj4TPhpB1xVxKd01AZX9ITdhPdTATJFwCcVxoWgCTtjNGaIc +4GldFh0+nXUUV9spzxFbAhiJwy+PHfNfuJ1gyYMrgLY4mQPhA6ntPeWqZOb20cYZ +ABl7eHN9AAQnibw6EufkgH/U9v81HlWjbLWedAHNPGAldDF5uNrY+FRiqXWT2Ivb +9CkU/pUFAAcZs7GwEHTVz2dWsuxthS/P/DhN1YshDmY17gTBEf+40SUATsD1wBV0 +tdmbU3i79djbfXXvazR+hi7qDtKo+zJKCDORSq66J70njl0pwN/QIKGQnKt5sYCm +3kPTZHrR6ys82MhTFk/C1G4aJjQScTz4buA5UH+0hsE +-> ssh-ed25519 2Ca8Kg eqyr8Yr3rrWlhCd+TmKsnywFdp1mwt3jZwuJzO0TwzM +mcfYZGTAebrZY9Ool8sPn25wPiwe6StBUzdVAyEErAE +-> ssh-rsa 2ggJWw +h00c7evck2bHux9EhMjLQa1f3O3tReLd65LDJB28jH7SbpT6t8Gxfk9tamGFHg4Z +lGxkzZjK9xnroBpZv5ikuP+tD7A6A2saDXDnnAw+wHUGv0UO5yzr0HPIvwE1bVR5 +GOW1iqPMHKB2v6NeTaBG1g5TohSYEDDINkQv+Q4NyPhdpX9bGd3biWiBAa1gy3Xp +XmDwtUfBg9IN+EeQTpC/tc4C1pLd3k7E+5pZDQebfTlvXZ83SH05BpBnpakPWNty +Pf3s/iMwWBiJ+8GiwQ7c6FjTrr9ImJe8nD6mknWGpsMEQ9wB4Bd9l5RTjpTW9wCo +DNtN8Mo0SGgFXjj/5XO0kMDhDike/GLr6wfD0HVgRP9MtcatvEaezp4RY6NIknjy +F49KFsZWhzqwU2c4VX3ayFGJHcn/TT6o2QL3qZoI6x23ZFHQlXtQjXfhTkXk2qJt +565cgrWzLYV7y+DB5fwaG/+Twlnr8rMQOPwyEnrWylh+AY3H/2/M1qQz2b2UQapl + +-> }L0d&,o-grease QVMP gPkF4&,` +YaavYxfymQIl4xRnz1AZxLAY7+r2R9Mftt9AIk11bEymVtCWhsWtSbnhsq9q+fjm +yYwVUyIh4eeH4oOdz3ssnmB3gg +--- 5VOiRneXGtTtik3m0OJY8zV8Sboh18DIB4eM07M+1Lo +:I{z)-tȫjT0rEYg4wFAS9RQ5c{zjlRAHL yW6l>ߪ}mݿbѱ6*g"}X>WǁTޭ# mi@i:z愲jbc(Ʀ{w(θyԧ`i_C-`PeCȻtS5eZp%QBh4yCdYL. }ɑ^h֮͝.˿G~݌dEoZ=|CO x7,NP %*I%k[|-Te~36!C"ai/kDmì]J>n^OڗMS71P\ ?x\;B#uB$hѵ: \ No newline at end of file diff --git a/secrets/secrets.nix b/secrets/secrets.nix index 38042bb2..bbdc4961 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -5,8 +5,8 @@ let biolimo-host = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBZzg8pfVtFonx/IvO2MKG5uVF/sMJAOt1Ifm9Vds2eA root@biolimo"; biolimo-user = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDDoYNvXWunQYFORRjcYH1F98+zr20U79ROh+gmaC7AY/x3yf4y8uyMayF56VgQLVNwgEchT5t4dNb9qo2+1oUnjiKrKAVfQMN6WMMMEr4F4WT784uvBx5Uo6vmhgAa+xoo62c4TV2Uf49ZiPd+zAApBHW1F/whPtunPF28Wfr9g+ozSidhnAr+3nkfJh331tz9s+wgQ39AFzFWftQ60Guulpfj8SaVyxyv/yZZAuFpXNzN0Cz4fWBIWFOsib6Z8y+SlUCzSzOguZ7FygHjwlvOxoISsASAuf0OfUKHxVshiL5F5AX1ddmUgXbUKUTp/3Iunr74pfOQC8TXzZHqhrlFzYDmK5J9E6eADSpgx++bCCaHycl73BWeertCBZSHBXeb3Db9HX+mxwpfP3alVAt4ZqQb3YD/VB7XGDvHbmLn+wSfecO2qA9PxiA0yX7e2BZLN9r3G3bRNSk0GpnYM0i84FE9IipiKKnWVjj7J0UPQmz7rzAn2Lki1CnX9PDdxZneqTxgpBomHJt4H+vXMw13scA4xxEDBvfS5KkjbEJqWLbfklCoER6nV3NPLZ6CBl0Xe/VQBSkqEuUEIXih/oa8emDOGUODNF75ck5NJmKiGg6AFZoeiDa7PZMIxhhOq4vsR2Ty43rztUJ0CMX7iSIk3Eql7kqNdvrJaJ7z0GBsiw== ben@biolimo"; - chocolatebar-host = ""; - chocolatebar-user = ""; + chocolatebar-host = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINZT3QrKugNTWNOwYziQnxrT5zFqWQDafWjScDuIpMhN root@chocolatebar"; + chocolatebar-user = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDwyNsGCMuyI9x2IxYEbYIL6oYsEfe1wqhHaRxSnK9oc10ge1LJni5o7g6XgryoQpCD9YenImcCxwkKblmlLQ2327uoVC2PUo07li1uT0eIPk0TQoxwp6besFs7/LEzZlgWQsc3gkEXmjk/E0mu0U6z2fkqciJ/ZxWYt9fLP6jBG47U9878rSaZ7k7Ilv6oRA3suArH189k1nerk/tonS4EWXeHZxHh/Eu0tqwmxN/6+g2GicYn6b+MbFQVdQAkctqT5Yz9USm9UKzbaAuZ799u0dJzagHm9JJZOr8r11ENtAkY9kAzRzm3u/ACiSdVzyLdjAK6m0dIPhp3OhedzuHiI6/wRll60tYtQTH1XwUpVbtir3+DT+jwZgO1zH3yL4iNh79kuUo+UEg1ZmGkSZRzSS2vb5qr0J5aSJmCd5sNB7a01PTtSlQPOqSF9PB+UmcLDF7JoKFub0KT/gRZ5neZkXTYQ/Y05qtaaFVlOVISijnm+sLUvKBv6OW8oYXIHBk= ben@chocolatebar"; allKeys = [ bbcom @@ -34,5 +34,10 @@ let in { "keyfile-biolimo.bin".publicKeys = biolimoKeys; - "keyfile-chocolatebar.bin".publicKeys = biolimoKeys; + + "keyfile-chocolatebar.bin".publicKeys = chocolatebarKeys; + "crypto_keyfile-chocolatebar.bin".publicKeys = chocolatebarKeys; + "hdd_keyfile-chocolatebar.bin".publicKeys = chocolatebarKeys; + + "mopidy.conf".publicKeys = allKeys; } diff --git a/users/ben/.gitattributes b/users/ben/.gitattributes deleted file mode 100644 index 793fb472..00000000 --- a/users/ben/.gitattributes +++ /dev/null @@ -1 +0,0 @@ -secrets/** filter=git-crypt-4406E80E13CD656C diff=git-crypt-4406E80E13CD656C diff --git a/users/ben/home.nix b/users/ben/home.nix index 54f0d3e8..8bf73006 100644 --- a/users/ben/home.nix +++ b/users/ben/home.nix @@ -1,4 +1,4 @@ -{ config, pkgs, lib, ... }: +{ config, pkgs, lib, self, ... }: with lib; let psCfg = config.pub-solar; @@ -50,5 +50,6 @@ in # xdg.configFile."wallpaper.jpg".source = ./assets/wallpaper.jpg; }; - services.mopidy.configuration = mkIf config.pub-solar.audio.enable (builtins.readFile ./secrets/mopidy.conf); + age.secrets.mopidyConf.file = "${self}/secrets/mopidy.conf"; + services.mopidy.extraConfigFiles = [ "/run/secrets/mopidy.conf" ]; } diff --git a/users/ben/secrets/mopidy.conf b/users/ben/secrets/mopidy.conf deleted file mode 100644 index 7aeff4825e5a20e63be228e860273a0d412127b9..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 454 zcmV;%0XhBvM@dveQdv+`09g+I7;1^Q@fV9k|E9gucPJu=HVedfcvt0&ZcX7y5n$GV z|JFxlpn?>Vlc#BqjV9DvQ>N7VRfaEjt1QlA( zq{GHy3Z-QGmz4*@i%FP$ZST~_zWA-O7ATz)EG2cJ%Nw#g|6PKC!!}{DFvmsD%pPqJ zmBjJ`Y5vDWVHd$BXjf+cIi^%og&zPEbI?KNzl;0InqxZrM#NFR2_`Hi=(tWn8cZ3< zQG27^Y!+(fDituj7vXNLtP5qLVmUQyYgtZ$;?}s|EL7)Vw*|jVR%|Lgk)GXWC`*2o zEA@<$?bcL()!1G49Zi!*%lXP8p@XXN)$2LhxBPaA1TAK$%T2JH&6g6;%=9ScmI6-F zoREB1Veo(+52{NuM#j$?hkYa0q=cTep*T0SER+uj8ScOV