From 0d881d3228a6d3f0ac510e1059322be2818bd360 Mon Sep 17 00:00:00 2001 From: noe Date: Sun, 24 Mar 2024 13:41:03 -0400 Subject: [PATCH] add sapphic-engineer --- .sops.yaml | 24 +- flake.lock | 482 +++-------------------- flake.nix | 23 +- nixos/hosts/sapphic-engineer/default.nix | 16 + secrets/default.yaml | 137 +++---- secrets/sapphic-engineer/blocklist.yaml | 49 +++ secrets/sapphic-engineer/default.yaml | 56 +++ 7 files changed, 263 insertions(+), 524 deletions(-) create mode 100644 nixos/hosts/sapphic-engineer/default.nix create mode 100644 secrets/sapphic-engineer/blocklist.yaml create mode 100644 secrets/sapphic-engineer/default.yaml diff --git a/.sops.yaml b/.sops.yaml index 55ecc81..fcfca5d 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -8,10 +8,9 @@ keys: &all - &m_aerial age1jc6ghxfgxe3gx53xa55azxan447cfxaqfqeh5y5yzqapj7mw7ajql8kv02 - &m_drone age1faccfe85637hme39xyzgmvjn6ku9c4aapfmpfc35hswj5emhnedssrg2cq - &m_ingress-proxy age1w9rhdgapzww5xepsmquga65wyh3met9kmysayx09gam92upg0d5qnlq9ww - - &m_happystaticbuzz age1423yycn0hzgq74v6rtu38l6e28cgwg3uh7xdllcsvcfphguh8s9s8plplu - - &m_keysmash age1x27qj562g5jt0facz26awp0wnxts0qk8rtj23skenaq3warzp5cqzkrtfd - &m_monitoring age1ztjv535sy9v0nmgcqznvq7wxpju5wajax0pc72c37zuva2mmu9qqh8tqem - &m_ps2live age1t3gt7yvnlfpjrl6ycfcpmt4xdume884xwswd2epnum6s9cwuxu9svalwag + - &m_sapphic-engineer age1jfz43yflulhmsa509ng20qc8qkjckkunxtktgr347rl768445fhscz8gjx creation_rules: - path_regex: secrets/[^/]+\.(yaml|json|env|ini)$ @@ -59,20 +58,6 @@ creation_rules: - *op_noe_2 - *op_noe_3 - *m_ingress-proxy - - path_regex: secrets/happystaticbuzz/[^/]+\.(yaml|json|env|ini)$ - key_groups: - - age: - - *op_noe - - *op_noe_2 - - *op_noe_3 - - *m_happystaticbuzz - - path_regex: secrets/keysmash/[^/]+\.(yaml|json|env|ini)$ - key_groups: - - age: - - *op_noe - - *op_noe_2 - - *op_noe_3 - - *m_keysmash - path_regex: secrets/monitoring/[^/]+\.(yaml|json|env|ini)$ key_groups: - age: @@ -87,3 +72,10 @@ creation_rules: - *op_noe_2 - *op_noe_3 - *m_ps2live + - path_regex: secrets/sapphic-engineer/[^/]+\.(yaml|json|env|ini)$ + key_groups: + - age: + - *op_noe + - *op_noe_2 + - *op_noe_3 + - *m_sapphic-engineer diff --git a/flake.lock b/flake.lock index 2e343ab..e384085 100644 --- a/flake.lock +++ b/flake.lock @@ -20,99 +20,6 @@ "type": "github" } }, - "attic": { - "inputs": { - "crane": "crane", - "flake-compat": "flake-compat_2", - "flake-utils": "flake-utils", - "nixpkgs": "nixpkgs_2", - "nixpkgs-stable": "nixpkgs-stable" - }, - "locked": { - "lastModified": 1707922053, - "narHash": "sha256-wSZjK+rOXn+UQiP1NbdNn5/UW6UcBxjvlqr2wh++MbM=", - "owner": "zhaofengli", - "repo": "attic", - "rev": "6eabc3f02fae3683bffab483e614bebfcd476b21", - "type": "github" - }, - "original": { - "owner": "zhaofengli", - "ref": "main", - "repo": "attic", - "type": "github" - } - }, - "conduit": { - "inputs": { - "attic": "attic", - "crane": "crane_2", - "fenix": "fenix", - "flake-compat": "flake-compat_3", - "flake-utils": "flake-utils_2", - "nix-filter": "nix-filter", - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1711207981, - "narHash": "sha256-P013JnwcmgMqPXetak42OSKXhi3GTy2JqXHdx7i5eJ0=", - "owner": "famedly", - "repo": "conduit", - "rev": "9176474513481a035c63c85b7dc6c0025b950dcf", - "type": "gitlab" - }, - "original": { - "owner": "famedly", - "repo": "conduit", - "type": "gitlab" - } - }, - "crane": { - "inputs": { - "nixpkgs": [ - "conduit", - "attic", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1702918879, - "narHash": "sha256-tWJqzajIvYcaRWxn+cLUB9L9Pv4dQ3Bfit/YjU5ze3g=", - "owner": "ipetkov", - "repo": "crane", - "rev": "7195c00c272fdd92fc74e7d5a0a2844b9fadb2fb", - "type": "github" - }, - "original": { - "owner": "ipetkov", - "repo": "crane", - "type": "github" - } - }, - "crane_2": { - "inputs": { - "nixpkgs": [ - "conduit", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1707685877, - "narHash": "sha256-XoXRS+5whotelr1rHiZle5t5hDg9kpguS5yk8c8qzOc=", - "owner": "ipetkov", - "repo": "crane", - "rev": "2c653e4478476a52c6aa3ac0495e4dea7449ea0e", - "type": "github" - }, - "original": { - "owner": "ipetkov", - "repo": "crane", - "rev": "2c653e4478476a52c6aa3ac0495e4dea7449ea0e", - "type": "github" - } - }, "darwin": { "inputs": { "nixpkgs": [ @@ -135,7 +42,7 @@ }, "devshell": { "inputs": { - "flake-utils": "flake-utils_4", + "flake-utils": "flake-utils", "nixpkgs": [ "nixvim", "nixpkgs" @@ -176,28 +83,6 @@ "url": "https://codeberg.org/noe/doll.repair" } }, - "fenix": { - "inputs": { - "nixpkgs": [ - "conduit", - "nixpkgs" - ], - "rust-analyzer-src": "rust-analyzer-src" - }, - "locked": { - "lastModified": 1709619709, - "narHash": "sha256-l6EPVJfwfelWST7qWQeP6t/TDK3HHv5uUB1b2vw4mOQ=", - "owner": "nix-community", - "repo": "fenix", - "rev": "c8943ea9e98d41325ff57d4ec14736d330b321b2", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "fenix", - "type": "github" - } - }, "flake-compat": { "locked": { "lastModified": 1688025799, @@ -214,54 +99,6 @@ } }, "flake-compat_2": { - "flake": false, - "locked": { - "lastModified": 1673956053, - "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, - "flake-compat_3": { - "flake": false, - "locked": { - "lastModified": 1696426674, - "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, - "flake-compat_4": { - "flake": false, - "locked": { - "lastModified": 1696426674, - "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, - "flake-compat_5": { "locked": { "lastModified": 1696426674, "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", @@ -275,7 +112,7 @@ "url": "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz" } }, - "flake-compat_6": { + "flake-compat_3": { "flake": false, "locked": { "lastModified": 1696426674, @@ -348,61 +185,28 @@ "type": "github" } }, - "flake-utils": { + "flake-parts_4": { + "inputs": { + "nixpkgs-lib": "nixpkgs-lib_3" + }, "locked": { - "lastModified": 1667395993, - "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", + "lastModified": 1709336216, + "narHash": "sha256-Dt/wOWeW6Sqm11Yh+2+t0dfEWxoMxGBvv3JpIocFl9E=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "f7b3c975cf067e56e7cda6cb098ebe3fb4d74ca2", "type": "github" }, "original": { - "owner": "numtide", - "repo": "flake-utils", + "owner": "hercules-ci", + "repo": "flake-parts", "type": "github" } }, - "flake-utils_2": { + "flake-utils": { "inputs": { "systems": "systems" }, - "locked": { - "lastModified": 1709126324, - "narHash": "sha256-q6EQdSeUZOG26WelxqkmR7kArjgWCdw5sfJVHPH/7j8=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "d465f4819400de7c8d874d50b982301f28a84605", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "flake-utils_3": { - "inputs": { - "systems": "systems_2" - }, - "locked": { - "lastModified": 1705309234, - "narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "flake-utils_4": { - "inputs": { - "systems": "systems_3" - }, "locked": { "lastModified": 1701680307, "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=", @@ -417,9 +221,9 @@ "type": "github" } }, - "flake-utils_5": { + "flake-utils_2": { "inputs": { - "systems": "systems_4" + "systems": "systems_2" }, "locked": { "lastModified": 1710146030, @@ -436,28 +240,6 @@ } }, "gitignore": { - "inputs": { - "nixpkgs": [ - "kde2nix", - "pre-commit-hooks", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1703887061, - "narHash": "sha256-gGPa9qWNc6eCXT/+Z5/zMkyYOuRZqeFZBDbopNZQkuY=", - "owner": "hercules-ci", - "repo": "gitignore.nix", - "rev": "43e1aa1308018f37118e34d3a9cb4f5e75dc11d5", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "gitignore.nix", - "type": "github" - } - }, - "gitignore_2": { "inputs": { "nixpkgs": [ "nixvim", @@ -520,26 +302,6 @@ "type": "github" } }, - "kde2nix": { - "inputs": { - "flake-utils": "flake-utils_3", - "nixpkgs": "nixpkgs_3", - "pre-commit-hooks": "pre-commit-hooks" - }, - "locked": { - "lastModified": 1707218112, - "narHash": "sha256-GXwhrTyeIj38aBi8t6fxasuJ3h2AhvxDypAxQjKrrTY=", - "owner": "nix-community", - "repo": "kde2nix", - "rev": "285ae35495f7a39aacf91598ecf154035bc5d2e8", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "kde2nix", - "type": "github" - } - }, "nix-darwin": { "inputs": { "nixpkgs": [ @@ -561,21 +323,6 @@ "type": "github" } }, - "nix-filter": { - "locked": { - "lastModified": 1705332318, - "narHash": "sha256-kcw1yFeJe9N4PjQji9ZeX47jg0p9A0DuU4djKvg1a7I=", - "owner": "numtide", - "repo": "nix-filter", - "rev": "3449dc925982ad46246cfc36469baf66e1b64f17", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "nix-filter", - "type": "github" - } - }, "nixlib": { "locked": { "lastModified": 1710636348, @@ -594,7 +341,7 @@ "nixos-generators": { "inputs": { "nixlib": "nixlib", - "nixpkgs": "nixpkgs_4" + "nixpkgs": "nixpkgs_2" }, "locked": { "lastModified": 1711108213, @@ -662,39 +409,25 @@ "type": "github" } }, + "nixpkgs-lib_3": { + "locked": { + "dir": "lib", + "lastModified": 1709237383, + "narHash": "sha256-cy6ArO4k5qTx+l5o+0mL9f5fa86tYUX3ozE1S+Txlds=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "1536926ef5621b09bba54035ae2bb6d806d72ac8", + "type": "github" + }, + "original": { + "dir": "lib", + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, "nixpkgs-stable": { - "locked": { - "lastModified": 1702780907, - "narHash": "sha256-blbrBBXjjZt6OKTcYX1jpe9SRof2P9ZYWPzq22tzXAA=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "1e2e384c5b7c50dbf8e9c441a9e58d85f408b01f", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-23.11", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs-stable_2": { - "locked": { - "lastModified": 1704874635, - "narHash": "sha256-YWuCrtsty5vVZvu+7BchAxmcYzTMfolSPP5io8+WYCg=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "3dc440faeee9e889fe2d1b4d25ad0f430d449356", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-23.11", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs-stable_3": { "locked": { "lastModified": 1711124224, "narHash": "sha256-l0zlN/3CiodvWDtfBOVxeTwYSRz93muVbXWSpaMjXxM=", @@ -710,7 +443,7 @@ "type": "github" } }, - "nixpkgs-stable_4": { + "nixpkgs-stable_2": { "locked": { "lastModified": 1710628718, "narHash": "sha256-y+l3eH53UlENaYa1lmnCBHusZb1kxBEFd2/c7lDsGpw=", @@ -743,38 +476,6 @@ } }, "nixpkgs_2": { - "locked": { - "lastModified": 1702539185, - "narHash": "sha256-KnIRG5NMdLIpEkZTnN5zovNYc0hhXjAgv6pfd5Z4c7U=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "aa9d4729cbc99dabacb50e3994dcefb3ea0f7447", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixpkgs-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_3": { - "locked": { - "lastModified": 1706812040, - "narHash": "sha256-pxgWZApBfqHi4I6Hz7nL/rSt0vGE62HvBwvuVXFXeOk=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "5c5bca5a97c0982ea37a2fcf6d3860349b9f9a35", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-unstable-small", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_4": { "locked": { "lastModified": 1710889954, "narHash": "sha256-Pr6F5Pmd7JnNEMHHmspZ0qVqIBVxyZ13ik1pJtm2QXk=", @@ -790,7 +491,7 @@ "type": "github" } }, - "nixpkgs_5": { + "nixpkgs_3": { "locked": { "lastModified": 1711163522, "narHash": "sha256-YN/Ciidm+A0fmJPWlHBGvVkcarYWSC+s3NTPk/P+q3c=", @@ -806,7 +507,7 @@ "type": "github" } }, - "nixpkgs_6": { + "nixpkgs_4": { "locked": { "lastModified": 1710534455, "narHash": "sha256-huQT4Xs0y4EeFKn2BTBVYgEwJSv8SDlm82uWgMnCMmI=", @@ -825,14 +526,14 @@ "nixvim": { "inputs": { "devshell": "devshell", - "flake-compat": "flake-compat_5", + "flake-compat": "flake-compat_2", "flake-parts": "flake-parts_2", "home-manager": "home-manager_2", "nix-darwin": "nix-darwin", "nixpkgs": [ "nixpkgs-unstable" ], - "pre-commit-hooks": "pre-commit-hooks_2" + "pre-commit-hooks": "pre-commit-hooks" }, "locked": { "lastModified": 1711199922, @@ -871,37 +572,9 @@ }, "pre-commit-hooks": { "inputs": { - "flake-compat": "flake-compat_4", - "flake-utils": [ - "kde2nix", - "flake-utils" - ], + "flake-compat": "flake-compat_3", + "flake-utils": "flake-utils_2", "gitignore": "gitignore", - "nixpkgs": [ - "kde2nix", - "nixpkgs" - ], - "nixpkgs-stable": "nixpkgs-stable_2" - }, - "locked": { - "lastModified": 1706424699, - "narHash": "sha256-Q3RBuOpZNH2eFA1e+IHgZLAOqDD9SKhJ/sszrL8bQD4=", - "owner": "cachix", - "repo": "pre-commit-hooks.nix", - "rev": "7c54e08a689b53c8a1e5d70169f2ec9e2a68ffaf", - "type": "github" - }, - "original": { - "owner": "cachix", - "repo": "pre-commit-hooks.nix", - "type": "github" - } - }, - "pre-commit-hooks_2": { - "inputs": { - "flake-compat": "flake-compat_6", - "flake-utils": "flake-utils_5", - "gitignore": "gitignore_2", "nixpkgs": [ "nixvim", "nixpkgs" @@ -928,35 +601,17 @@ "root": { "inputs": { "apple-silicon": "apple-silicon", - "conduit": "conduit", "darwin": "darwin", "doll-repair": "doll-repair", "home-manager": "home-manager", - "kde2nix": "kde2nix", "nixos-generators": "nixos-generators", - "nixpkgs": "nixpkgs_5", - "nixpkgs-stable": "nixpkgs-stable_3", + "nixpkgs": "nixpkgs_3", + "nixpkgs-stable": "nixpkgs-stable", "nixpkgs-unstable": "nixpkgs-unstable", "nixvim": "nixvim", "noe-sh": "noe-sh", - "sops-nix": "sops-nix" - } - }, - "rust-analyzer-src": { - "flake": false, - "locked": { - "lastModified": 1709571018, - "narHash": "sha256-ISFrxHxE0J5g7lDAscbK88hwaT5uewvWoma9TlFmRzM=", - "owner": "rust-lang", - "repo": "rust-analyzer", - "rev": "9f14343f9ee24f53f17492c5f9b653427e2ad15e", - "type": "github" - }, - "original": { - "owner": "rust-lang", - "ref": "nightly", - "repo": "rust-analyzer", - "type": "github" + "sops-nix": "sops-nix", + "tachikoma-fe": "tachikoma-fe" } }, "rust-overlay": { @@ -977,8 +632,8 @@ }, "sops-nix": { "inputs": { - "nixpkgs": "nixpkgs_6", - "nixpkgs-stable": "nixpkgs-stable_4" + "nixpkgs": "nixpkgs_4", + "nixpkgs-stable": "nixpkgs-stable_2" }, "locked": { "lastModified": 1710644594, @@ -1024,34 +679,25 @@ "type": "github" } }, - "systems_3": { + "tachikoma-fe": { + "inputs": { + "flake-parts": "flake-parts_4", + "nixpkgs": [ + "nixpkgs" + ] + }, "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" + "lastModified": 1711243270, + "narHash": "sha256-D34Qy1Bk+DEQtib6x+xTFaVzy0sFSRFLqIi3TLHxJ08=", + "ref": "refs/heads/develop", + "rev": "652a2737d720be024924e5cc8b77fe2d1da3093e", + "revCount": 7024, + "type": "git", + "url": "https://codeberg.org/tachikoma/tachikoma-fe" }, "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, - "systems_4": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" + "type": "git", + "url": "https://codeberg.org/tachikoma/tachikoma-fe" } } }, diff --git a/flake.nix b/flake.nix index 9eee135..c144f23 100644 --- a/flake.nix +++ b/flake.nix @@ -20,32 +20,20 @@ inputs.nixpkgs.follows = "nixpkgs"; }; apple-silicon.url = "github:tpwrules/nixos-apple-silicon"; - - # KDE Plasma 6+ - kde2nix.url = "github:nix-community/kde2nix"; # Secrets sops-nix.url = "github:Mic92/sops-nix"; #sops-nix-darwin.url = "github:Kloenk/sops-nix?ref=darwin"; # Fancy stuff - #nix-colors.url = "github:misterio77/nix-colors"; nixvim = { url = "github:nix-community/nixvim"; inputs.nixpkgs.follows = "nixpkgs-unstable"; }; - #nur.url = "github:nix-community/nur"; - #firefox-addons.url = "gitlab:rycee/nur-expressions?dir=pkgs/firefox-addons"; # Pro gamer move nixos-generators.url = "github:nix-community/nixos-generators"; - # Server tools - conduit = { - url = "gitlab:famedly/conduit"; - inputs.nixpkgs.follows = "nixpkgs"; - }; - # Self noe-sh = { url = "git+https://codeberg.org/noe/personal-site"; @@ -55,6 +43,10 @@ url = "git+https://codeberg.org/noe/doll.repair"; inputs.nixpkgs.follows = "nixpkgs"; }; + tachikoma-fe = { + url = "git+https://codeberg.org/tachikoma/tachikoma-fe"; + inputs.nixpkgs.follows = "nixpkgs"; + }; }; nixConfig = { @@ -62,7 +54,7 @@ "https://nix-community.cachix.org" "https://0uptime.cachix.org" ]; - + extra-trusted-public-keys = [ "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" "0uptime.cachix.org-1:ctw8yknBLg9cZBdqss+5krAem0sHYdISkw/IFdRbYdE=" @@ -139,15 +131,12 @@ aerial = mkNixos [ ./nixos/hosts/aerial ]; # desktop cider = mkNixos [ ./nixos/hosts/cider ]; # asahi m2 mba drone = mkNixos [ ./nixos/hosts/drone ]; # spectre x360 - happystaticbuzz = mkNixos [ ./nixos/hosts/happystaticbuzz ]; # GoToSocial (happ.ystatic.buzz) ingress-proxy = mkNixos [ ./nixos/hosts/ingress-proxy ]; # nginx edge proxy keylime = mkNixos [ ./nixos/hosts/keylime ]; # lab jump - keysmash = mkNixos [ ./nixos/hosts/keysmash ]; # GoToSocial (keysmash IDN lol) - lab-alpha = mkNixos [ ./nixos/hosts/lab-alpha ]; # what the mia doin - mango = mkNixos [ ./nixos/hosts/mango ]; # Matrix (mx.sapphic.engineer) monitoring = mkNixos [ ./nixos/hosts/monitoring ]; # Grafana, Prometheus, Jaeger, etc ps2live = mkNixos [ ./nixos/hosts/ps2live ]; # PS2.LIVE stack + planetside stuff thonkpad = mkNixos [ ./nixos/hosts/thonkpad ]; # t480 + sapphic-engineer = mkNixos [ ./nixos/hosts/sapphic-engineer ]; # Akkoma, sapphic.engineer }; darwinConfigurations = { diff --git a/nixos/hosts/sapphic-engineer/default.nix b/nixos/hosts/sapphic-engineer/default.nix new file mode 100644 index 0000000..f5445df --- /dev/null +++ b/nixos/hosts/sapphic-engineer/default.nix @@ -0,0 +1,16 @@ +{ ... }: { + imports = [ + ../../templates/proxmox-lxc.nix + ../../server.nix + ../../features/dns-cache.nix + ../../features/telemetry + + # ./akkoma.nix + ]; + + networking.hostName = "sapphic-engineer"; + system.stateVersion = "24.05"; + nixpkgs.hostPlatform = "x86_64-linux"; + + +} diff --git a/secrets/default.yaml b/secrets/default.yaml index 771dfe0..48d53ba 100644 --- a/secrets/default.yaml +++ b/secrets/default.yaml @@ -13,119 +13,110 @@ sops: - recipient: age1lq5q5g5qjsdcc3key0n6qytkc9z3qx3d3e96ap9zre2aqgvc9ujq82l9hd enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwT2pFbzZIQUFxUVMzenZ0 - cDlYcitzSG10RWVvVEJrVEU5Z3pRWVFjL3dnClJhMkw4QmlkRFgyenQ3MUFSd3Nx - eDBqemxUYVhSb3gxSmVBb2p5MVliN3cKLS0tIGx6cFpkTzRrUzlSTmhETVVrUHhQ - dEdDOVJ4Uk1zbnZEbTVYeHhjYnFrMmMKpiyStdSr3vNSS9ZI6OfCHrTxJijBrmy3 - qPqk/ir0uOchuZWn5xoOwNUSGyYs81uAwIpDUMkSLK75HO55Met6eg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGQlFDQS91MHJVWlFBSEly + eldPYjFDTWtIcXRTRkpVVFZGakdmaklSc1ZrCk1UeFE0SU1yYUNPYlNFSXMrbkJy + NFV4cWNIUndvWHNhbHpKM2FoM0VKOXcKLS0tIFl4V2RUbndjWjYxS1Vqd01BYjZH + TExTMmZFZVptT00vaWIyVEMxWFVsRTQKFedqRnwhspte1MFY49XS67Dx+xljHdXX + QoGifeGbIFMdqwLOAy3b4YM0xeQ5051N6cRXBeS9fvXr37DYIA6+jQ== -----END AGE ENCRYPTED FILE----- - recipient: age1p0f62dwatt558sf5s4equdqwtg5m7lsnaytrf3xjnvmx3e0lqu4svtugyp enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGSDBqMThTU2Z3WlhyL3hj - aUVuaWFLalpZRWo0V0dUcUpCWXcxcVZyYVRZCmlsWHVGQXhjNTJyQnlycjRGeFlP - cVhjOVd6M0VJZVBWZWdRTVBFTnNsSW8KLS0tIFhTaG50ZEtZR2M2RjNWcXpCWG9S - REdjS3A5eG9SYThSOEw2ZWdpRVNnWDgKiCKM/zfFCqa1dewoKV28+/XkYceV0Eeu - 2WldQ3WpF7H2oTiDZMpsnz8EqsxAIj0axr+MABmXDJt0zoymjnLF5Q== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBseG1Tb0h6N0ZaRUMrb3Nx + aHRnc0JVUWJBSmZ6OHFXZm4wai90Sk9RUWl3CkFySDZKNFR1dDd0M25hV20rQXMz + U2ZmRE1UOTVScGROMG13VjRJUE5SaEUKLS0tIGVGa3BUN0ZOMk1lWDZFU0d3dUNr + VWFBMkwydGxFOVdXb2FXOVNmRkJlVzAKZ+QGRuZZKhIVXD2T8UFrtzesQGUHR7Ku + 4dOvw6Pr696aYDmeZ76RyWG02gbS1JKZw9XM7hSNAIGG94CcnmHY1g== -----END AGE ENCRYPTED FILE----- - recipient: age13c5wv623jxjja5mjz7fajg9qqwvypzgsfqrs4tmk7rpgyzu7aufs4ul9f9 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0NldmVENXcXNha1BIbUNp - YStWRVFTYkZnT3hNQWo0cHFNSmp4MTRISVhjClphVDFEOWcxbStHU1lIYXlRRDkz - MDJNUTlxNE5XUEoyZitvRm9QYnRUQlUKLS0tIFl3VTZqMG1vVEFwTGEweE1FSEVD - aG5tUlRmVU5PdENjNEhYQ2xoME1JcVUK5SQHqo9NDFpZR8YABiqcxvZOtMRZFJ8f - UaQ7YEbyyieF9cOPtcUQaRQTal2JUaVzm9ti1nc0MFjzQqjYEN1O5w== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0cU9PdjRXUE9TY1lwU2ZY + VDRwaVJSUVlDbjAvcWJ5L2pjOGRyNy9MOUZRCndwc0FUTWVza28rWDNWVVdSMm8y + UXdUK3RPWXB4em1YY3QyR0Mrb1dNckEKLS0tIEtXT29KY3FFNU53cDNrcGNUdWVM + ODhJR1BKN3AxRG9nb0xwWGYwMVAxKzgKSP/Tss1mWnwVy5ugQRhqkl5iDjzVgU+y + 4TJNgZ9jlVLgUrAtizV5/H9Kg7ONwOr5vHgKH6fMC4X02YAFDUC4hw== -----END AGE ENCRYPTED FILE----- - recipient: age1f5cqspxexkl8f42v5ne47mx6xmm4v00lafdlslq9g79a508e4p9qrku72s enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvV0xRVEE4blVOQmRvM01R - U0pMVUlPTVllZDVYZnVHbXF3UnQ5WUswMGtRCm9xSHdnT1phR2REZkI4YTdQanZX - eFROZ0JOcTJVMDcydDVFaFgvUllCNEEKLS0tIE5YV0Z4TE5iOVhIRjhpZjVXYnIv - SlhLak9yWmZCUDdHY2tKZUxRYmtRM2MKudaA8JiFGulOmFpFLxMPisFkNURAThm+ - 1zp5N3ftSPDZoWKepwR1C+YjHdEq0jT1wy1IOcZYCrztxt7oLxUgrg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBUc2RNUjVHRTFRYVhvY3Qz + QWdjN09uVEdoMURmRWRpNGYzNURDc0xuQ0E4ClVGNzA0b2x1S1dLcHVYMDFWb2w0 + bEwyQ3pod0trUUNFR0dmS1NDaHk1bGsKLS0tIHlIRWdKTVkzWWNUWkExS1NRYVBH + WkZpa1YwdWRaL3pEQ3dtT054UW5TaGMK5zlkNpI59ulGX71NLURx1huoYh+Lufn0 + rIP2rNaHzGwu6CVReP0GDdhkJSpSi+LbOYVLYfbuYgYxAOc9ZXw1iA== -----END AGE ENCRYPTED FILE----- - recipient: age14vsmekuppm4xhp4rthhv9jjgzfv45v39a0q8dsgg6yusw0pjkvaqnr9kq8 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBZNHFWK1cya2RndUwwR3pt - dXluaGZQQzFpNUh5bzRiS20wQ2JLWUxaZ3lZCklzK3RiTWpvNHc4UW4vMXFaYmJC - VHlqWEEveTJ4WktLNWgrTmY2SmJleEkKLS0tIGNMcW1vU3R4WGVmcGwxNlN0eEhu - dlpCTVQzUWp1Y3JlMy9xd0ZtaTI3S2MKORtWWb9+4kdBwSoWdMQKAJ+OXpznnwHK - BU587daS5gDpSVVtF6+U7AKxkZx6kosxJffLGs7sJHlg7yrSLad/Vw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBUS0ZCUjExVmxEZWdlZ1l6 + a0ZacGt4bzJsOWJQbFNEcXdpOTY3TnY4bmg4CnVEL0QvdlFOdTdUR2YwZTNCeGFV + bEl0TW02NGhLRld5cHdMTkJFRXdpK1EKLS0tIFU1RnVTZDZSdTJxWE9XaHErMWdB + b1I5NW1JOHpIUlUwbEkzWFlad3NZWkEKri18To8ATbxNwozQShBGf9Hsuhhuzr2p + GCkoz93yruDKgJZEPi5wEHY1xSjt4be+kttuwhFmx9BuQkEAf0lqBg== -----END AGE ENCRYPTED FILE----- - recipient: age1kjsga2kf95lu7p5stqr5d9p87jquyypnx97cycj6jvhsm9zkn93quexx4r enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBISkk4dzl5WkswWWVXZEF2 - ODE3b3ZRVnl6TVZHNmlSWFlmZEo2SmVoSXpJCm11UmJzYmwvSlUzTWhreHNSdWFz - SC9lV1JOajA1NkcwSUlOZm0xMGw2bjQKLS0tIFRLS25aNktxeGU0dFFzeDEwWFp5 - WkVQSDZ4dUloaGJXMVN5RFNwYmU4L1EKaUkUfoiLHDNMZON17VWIVtCDlxv+Yjx/ - GTrTK4avZSdq/1EOwFeSpGX77/TQy4RbPLPRpg1sijFVnd1w17LTCw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2Mmh2dnBRYTU0Vy8zemh4 + QUptWDBoWEJYRysxOU53MlJzcWptOEVmZG1BCjRYT1RXK0FOM3RZKzFPYk1UMmVY + emZSRjN5ZzBYLzZKckhUeFRLTHd6UncKLS0tIEQyamlZU2dnU25iWVBSdDVwMVZv + Z1JucUlvMEYvRU01ODNxY0QvYUVreW8KOk+AS4ZcgSNmkfI8gqlOFSJBz2ZzRFL1 + fbLfsUtdM+ik/Kb0dkPbAVAF0Iu9PY+x3BcV1CDIVB+mebUQ/NhUtg== -----END AGE ENCRYPTED FILE----- - recipient: age1jc6ghxfgxe3gx53xa55azxan447cfxaqfqeh5y5yzqapj7mw7ajql8kv02 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBZQ1l6VCtGNkVBcStQSHJH - MGZaYnIxbGNjNlJuWmN1M3NZT1Bvdi9qbXc4CndFY2xLTVdkMXdmcStCOXVCeUZS - eHh6dXRveVgvQ1R2SCtrK2pCSGFlY00KLS0tIFk4U0IrTldQTGp0UGt4NktyMk1K - WG1CblQ5M2lOakV6K3B5bWVzRGhvNWsKKxPgthJqCdjW6IFkGIVbQ28btTomFmj0 - 3iWYrNOEKP5TVMByxJQXWY7+API+vAj7oMw+BxIPCfQTvTqmWSknxg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4cFpmSWVMdTdhZjg0TEZL + VjMxUFMzZ2ZJOGREV1hPakRIeXJiN1BLcTNJCktEOFdvMWZhTVNuR0JGTmpzU24w + NWdYL2hUUzhZRlZnNEFCK0tXOGFhekkKLS0tIHhMa1dLTXI5eEpYVmJuVEhNQUtN + QU8vaDd2a0hRQXNhTkNrRmNWNllNR0EKwqjxUv2d6UWWRVqEiy1OS4MUvOJg3QEZ + hWGgiQTBSWERtPAvdVWShN3A16xVZuuWBQdmhvb7F+VZc/k56xTZzA== -----END AGE ENCRYPTED FILE----- - recipient: age1faccfe85637hme39xyzgmvjn6ku9c4aapfmpfc35hswj5emhnedssrg2cq enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJUmZacVFEY0Y5MW9iSld0 - R1E1STFDN1NxRndVMFlVc014anpiMTJjTDNvCnZKMksvMi94RDFrQ25MbkdsZ2xK - bFg3UjBwNnlrVmZ0TjV2dGNTb2JTSHMKLS0tIEUyV2NPd3hiRkF3VnpEVW9WWTRz - aXE1cXZuL09PVUtjZHBEeWVURUpUVDQK2you/NLjoynVx71fEyVdg69C2IHr2KTK - 4bd8jW2CIEh6S+bAOG05ymmWN7jurVBI/s+LlCI5bfCoBiVA17xoIw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBqdzdYQ3ZpZjE0aEhQMjl2 + WnFRMXMzRDkweHg4Rk5ZR1hncFlkYitrd2dvCkwzTTUwKzJoVHlIS3lvLzZibmFw + aDU1c0xFbDYzTzZVT0ZnNnFubStydWcKLS0tIE5Ya0hlSVhmazJZUlBjZ2VOMW5J + NUhoZXZJWXI0UzNOMWdhck9hdGFMYWsKEQsIVvpr3qjdeI+YcAxCYs0LEKDRSgx2 + 4oHN1e26OvdLfIubDys+GItiq2kcXt2vTW6LtaGsgvLBVC/HBez/Ug== -----END AGE ENCRYPTED FILE----- - recipient: age1w9rhdgapzww5xepsmquga65wyh3met9kmysayx09gam92upg0d5qnlq9ww enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBIQWZGOXYyM2c2QmVpck4r - SFRTS0Q3TjBYbW5URit1V3JaOHpYTmhuTm5vCnFvQmYraHlMa1RtaDVBaFFtVDg1 - QXZvZ0FmNklIRkw3cWZYT1hqRUpySkkKLS0tIFYxN2hKeEY5cE42Y1hjQU1NZWdH - V3lNdVpTTS9obXYxVDZReTNZMXI5K0UK01dAstgFPZIyKqj8cpXZNc18+ZRPvMx/ - ilZeBwRRmtpDJ4jybDeHUViNB9WgWGR+GaVIqnHEW0ovESwsDfLr+w== - -----END AGE ENCRYPTED FILE----- - - recipient: age1423yycn0hzgq74v6rtu38l6e28cgwg3uh7xdllcsvcfphguh8s9s8plplu - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBaVFJHOXJOOHFJK2F6UEI1 - b0NPQWRaeGFzcFRyQitvRDFjd255eWFmeGhvCmcxN1U0MHBGeUdJblBSV0hjc0hn - aHRDOWd3TGFlTnNqc0pnZVZLZktOeFEKLS0tIFdVTm1NNjQvS3M1WmY5TzNRdys5 - SkdEWnFxNEp6SEJneWR2TVluenpxblEK8Wqj75VRHbTLM7Q0K59Wu2kwAK5wbzMC - sPqWllnnqEM7SN/gTthLC2GSby+fd1VOG3997oiG9NEcYW98w7qFOw== - -----END AGE ENCRYPTED FILE----- - - recipient: age1x27qj562g5jt0facz26awp0wnxts0qk8rtj23skenaq3warzp5cqzkrtfd - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmaTF1dEs2QXFvRkdTNFRX - dlExK2lnVGFsQU9KWTRpczFUZ1FxUTdDL1VjClRqSWNOZXdkZlE0MnZvVGF0VGli - K3RqOXZ1VmpVMEowT0UvMGRnS00vK2cKLS0tIDFXcFQ0aFErZVhVZmlTU3R3RjIv - UVlTT3BEOFF1Q1h2UGlHMTRwOTBEUXcKUSW+cqvLG5SXThsqYDw9tIRinfzEQinR - +uUxEBOXPukbuVFZikHJu3cOj/e1RPhRQnKMmLkU5Wo5iF80WpMVuA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBnZTIwWHExNDhyQm0vTTRj + Q0NMeW04WVVQeWhyUEJLWVpnVk9Bdm9YV1FvCmcvMWk5bitxc3AyMjFsQmhzNWp3 + VFVxUHNERlhGTEREcjFFTXlUN1U3UzgKLS0tIEI3d0VsSktZV0R0Vlc1NkxzTURX + YlNXcWVNNHlWWVhjSjRBNFdUd21rU0UKx5U6mjGrKu0Ce4HmMPtGlYUitUXxwO1W + OwM1sf90MauygiVsG/V/i8rCVa3l3PnhMHIpejgW19+I7RquSZRJAg== -----END AGE ENCRYPTED FILE----- - recipient: age1ztjv535sy9v0nmgcqznvq7wxpju5wajax0pc72c37zuva2mmu9qqh8tqem enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3a3V4bnRnQ1hUOFR4bUxF - NG52THQ0ZlpGOC9VejVBN00yVU9HQllPOWlnClBEL3IyM3B6WTNQZ3NyN3J1cWdB - a240ZHBPdVlxSmFPNkNib245SVh5K3MKLS0tIHU4S3RWN1lWTFN6WlNDYXRaWkFV - VXY4cWlEUDNoQytHaTEzS2s3T0s3VVkKEPwHDQSTSrnrbxYYcEDWCc+NdJvB3HWr - rnfW3KmumKRHKu0rGysUAMLJ5moRSa7gpNekwXf5PhckR3Evel1ZTw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHTFpVdk5kQ051azE1Umd0 + akdncWhGRWZoNXRsMTYwZVJobnQyK1hreEJzCnljcU1XVnV6N0JRZ1BkMFpUelVw + dm9mMzN0TFZ3bndDelB0YWcySVVqNGcKLS0tIHlvTGxzU3dYNlJJaFNlb3R1dFc3 + UU1iVFZuRGxueFFwZlNPU2VFL3JjTHcKY5/TLOq2d10l4v6lroJas1qJBE/aGFkR + pWyJncmMFWktYN28ZMIpMDLarkRJR5x2vJOY9+q2Kt4tJPO35qx7qQ== -----END AGE ENCRYPTED FILE----- - recipient: age1t3gt7yvnlfpjrl6ycfcpmt4xdume884xwswd2epnum6s9cwuxu9svalwag enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxdGRqT3d5c3Rsekh0UUJn - bHI1RzVUcEFVNEszRjFyK2x0dlNaWGpxRUI4CkthZlFmeU1udHdUSWkzelhWeFRD - amtaMWZCSDJsK1hwaDAyeTJJaWZyYW8KLS0tIE1wNnpTYTk4NVJqbHZqZVFZVzNG - ZHdiTEdlRldaZXhTK2l0d1M0dU1sbzAK0XRZYJUgwC2jLzcooBRgOaPuD/qcEFLh - hlYUmXWT2nyZTHYlpApMQIXIrXUkyzN6+HvPwgm4xYKF6xxds8XjKg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2YVR2VGRRTmk2eGI2cjhq + d0RteVdOT0dSSHAwU1NUQUFXWjhjUDI4bVJjCmJFdmlHb1oxLzBVVHpHK0tMWElW + SEhNT2pRdnN2di8wUjBhUVYvYWFSc00KLS0tIDh4bjFKOUpNbTdaTCtEcTJ3aXVi + bW5kL3RhSjVBMG9hS21XbU5UQVl3ZnMKptX+HgmXYxhid6YRjNQopoKi7s0geyG7 + bLj1S0qhkMdUfcy4ciph+UHwAthZPwJxRtXcQZ86PwWBJ/GITdUDyw== + -----END AGE ENCRYPTED FILE----- + - recipient: age1jfz43yflulhmsa509ng20qc8qkjckkunxtktgr347rl768445fhscz8gjx + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwQnp2UGxxVFdGRnE5dm0z + bDNraTNjMnBsM1RDamtNMjU4alJtODEyNnhVClp1SUM2c2ZMY3lVaEJqcDlKNzUv + bVVweFVsM1lKMmFCdlYzbjd6ZDNIbE0KLS0tIGFxSTQzNi9RVVVnSTJKR0xjemts + eUt1QXlqbnJuU0Z0UWhyTEZxWTJYWmcKdwWZotEH01bxaLrj111eR6aD8yMh6BN6 + NJwVNw9tKLUvC91QCLlnp6Y1S1XXlI5CFxeBGv5RTmSosPgmMsCojQ== -----END AGE ENCRYPTED FILE----- lastmodified: "2023-12-17T20:21:39Z" mac: ENC[AES256_GCM,data:IbpBloPeCvdYqloShrSvAIUzjCk+/1+Gl4+LbyKGnO9GUadlwJTyA/WDWiCkdmyFqqpMclD4Kq4CDYK341pSjyNdbfO2nIWU7/k+T7MaGoOzCJZhK/ysZjn7uUeNpkRNBJMht7VYGc6V4iEvJ835z4VAfnTb51mBz+Ytjpk6K+c=,iv:+RVwgp3btRyi1fCjPcMPZ5Du+3RlCkwFNqjFGrS+5zE=,tag:fpNwqMS6CH6pgd2QmaWggA==,type:str] diff --git a/secrets/sapphic-engineer/blocklist.yaml b/secrets/sapphic-engineer/blocklist.yaml new file mode 100644 index 0000000..4401107 --- /dev/null +++ b/secrets/sapphic-engineer/blocklist.yaml @@ -0,0 +1,49 @@ +reject: + - ENC[AES256_GCM,data:G6QjeY5rAiRp8XQ=,iv:OoeTaSQjikye9lBS+mEtOdOYhq2T4Q0DJcgmq2y7ESM=,tag:m18vRbjPJNqKNzchMCBrew==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1lq5q5g5qjsdcc3key0n6qytkc9z3qx3d3e96ap9zre2aqgvc9ujq82l9hd + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTaEE2Ri9sN2d2MVcveGF5 + VnRFNFJ4LzM0TjlKZjNINjF1K0Y1aXJITDIwCnVUbWw3Z0RROXFsd0tzcFZDQm5L + QW1KdGJkMnFucStyQnhWeWthWTdFUHMKLS0tIDVmWEJPa3p3bmJpd3pLOWZHc1B3 + NEVFNjhlL09KaFVKb3FjOHkrK1RQT2sKJM5AEuwaxBseJB/izD2QSNBxKS62rNE1 + WRhZ/VbL4OJFjhUXSj9S2Xa4Lit81rU0nttgx63dMXkIktFfUoukXg== + -----END AGE ENCRYPTED FILE----- + - recipient: age1p0f62dwatt558sf5s4equdqwtg5m7lsnaytrf3xjnvmx3e0lqu4svtugyp + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBpNUNjb2tqb21kaDlXMW5p + VG90TnI5QjNLb2FzekVqOTFjVmQ3U0tMM21rCkdleldoemg3V3pXNXdOU3hURkYx + aHBhYXYvcWU5R1BJL3haZmY3S2tZZlUKLS0tIE5wb0lxVDJ6MnFjSW1ISFNtSDVY + aHhvaElPUU1SSEdQdHFoY004bENZbjgKMh3AUHcoMtxx3vuFOGo6ZwYwWa0xJOUH + O9B8rUKRkGzQlTvWTy6VA2m4X1r+lFP96VKMG/6oZuHi40pnb2dAog== + -----END AGE ENCRYPTED FILE----- + - recipient: age13c5wv623jxjja5mjz7fajg9qqwvypzgsfqrs4tmk7rpgyzu7aufs4ul9f9 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3SkM3bFJsOXNXYUUzUzJs + ZGNNNHpuYktram4zcVJBYU9ZdTJKbmVEdWlNCldPbllRMmZGcU5qNnlNU09HQlRQ + a09EK3pHRmtGZ09XUGxrVDBlQkExeU0KLS0tIFRBbVZoZ0lPQTM1YnRLcU95Nyta + dms1NlFRa1NJTlB3akFDbndpTFJIaFkKqdM/KabuxzBglk47hh3Uaq93LL/qXogB + 7YZcnnCfYwO9HZQ9SDNOyMo6ozAP2GDaq1RGcbrQLyqzNjYM6kLrpw== + -----END AGE ENCRYPTED FILE----- + - recipient: age1jfz43yflulhmsa509ng20qc8qkjckkunxtktgr347rl768445fhscz8gjx + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJVHNDM255MThQQXlhMVJM + U2l3SGg3QVo0R1o5RjlkZmUzd2twMWlSM0J3CktJR1NJeTBPQzZBV2RIcmhvdFRQ + ZnBUVFNEcXdsdmorc1RsWmJ2MDFFdXcKLS0tIExyNHQ3dks3ajVqV2N2UUlzSVNz + d3dSdURDWVF5Rld5SkNZVldOOWxXOFUKe8ru2dWJSw9OogHtJbkMhFraUcvQ0p4x + whO4g0ryj9QJcrec5UEeSG+UwPbtTQsVAZJEKWL1JZovUsNkXjnwWQ== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-03-24T17:25:57Z" + mac: ENC[AES256_GCM,data:3dXG8LnxH4qkw7SMfwHqu8C3FB5/L7iRZKIf8zhAstbBEvmJefkSiClX659ZSycuGHQn1vHVeWL4Qk1NRvfmihPhzrqbjq2cTnHpVJc7e6W0geI1o5x68HYYMBzT0GI3l1JKzohXDwF1kB1/zULHlQ0Mv3mGP/EA/f6WnCsWKYo=,iv:c4QDBYkWWXhN4lnBSj57eDkEU3HxBG8z1Xi163Gd+XY=,tag:ZuW7gXVBzhnnYQH1VbF1rQ==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.8.1 diff --git a/secrets/sapphic-engineer/default.yaml b/secrets/sapphic-engineer/default.yaml new file mode 100644 index 0000000..ebe3ce4 --- /dev/null +++ b/secrets/sapphic-engineer/default.yaml @@ -0,0 +1,56 @@ +s3--access_key_id: ENC[AES256_GCM,data:U/YhXTU/yDilCUX3uxuSU8vlEP+BVqid8fJMdVEUJPU=,iv:jusbx3JbwQxBiMHL1dpbDq/5S0hGWU7eQsz8DnzLo/8=,tag:r8JqjTJZCZJczl03DZy43A==,type:str] +s3--host: ENC[AES256_GCM,data:h0wnl//USMDFTKUUW0a788PenorDEKICBfmtRjRZEsXgmEMc5lB8u8/codJEXXgYQJmxcmKF0OWA,iv:e5VehWTQ2CqaIzpjhi812aOypYDqHbxzqlgii9czuGE=,tag:EmXxyJVxX1Uk0bGHkeihHQ==,type:str] +s3--secret_access_key: ENC[AES256_GCM,data:t4rXDb1HFTAxma4B9mmYQT9p6dUYU+gnN9Hlyh+vwl+oPiFS/LXx9JwwS3zZSFwnGZVTtU/hk9e7irY6y8ZXpQ==,iv:PKSyg2w1z1bPNf/oeOQ+oHkdOYUMFm+iC8j9711TJkk=,tag:/buOtyIJbU28BG4UsiM46g==,type:str] +joken--default_signer: ENC[AES256_GCM,data:v5tX5DTEvMuJo1Wmmn8iB8D7sNLMZExWed6TkLJHz6k6h6lhIftvj0qPvryQojT0MOS2+D3Hp9YctLfH/RdxFA==,iv:u8/YbVg2oPQbX+ZefDPFp8S0L/ShAs7x5Lkyq9/2778=,tag:Tc5YK+cQpkUWvc/kFpZfuw==,type:str] +pleroma--secret_key_base: ENC[AES256_GCM,data:1UHSZRknmDSHdUrl9gdMCcS5APEiVkvqZiEtDn77O2muCkmSQ5QY0y+m+bH4qFxnvzodbhKDZD3u7EgrPprrew==,iv:Ipf3YVGYw2mYBkOFxCQ/TLrQn9WIUUJ6h5OiROFoPZs=,tag:YbEAr8olkxuR4Kdsxa9T+g==,type:str] +pleroma--signing_salt: ENC[AES256_GCM,data:4FtGLp8GgB4=,iv:eNU5R+P5wbMEjNoQtHZ6UloFMLmcSQVZ2ky3TB5EWYk=,tag:25m3Y5G8zrk86ktXnTT+jw==,type:str] +pleroma--live_view--signing-salt: ENC[AES256_GCM,data:7lRbwKeHHZM=,iv:HoYoHg9p2ikPNU9BCKuEtbW3Krnxuzvz3KEA2om+2Qo=,tag:Jbxb23E2T308qmK9SxIBIg==,type:str] +vapid--private_key: ENC[AES256_GCM,data:4fNwwInYyo77rCjj+6Gv0jYx4khiWHO9bvM7C0CSICYTvQKrkr3iVGOanQ==,iv:jkPj1NXoZ166/VXJMOAaFgTI54TeSu7BdfIXtce72/c=,tag:5btCRJNpWULBCvc+FbOfGw==,type:str] +vapid--public_key: ENC[AES256_GCM,data:ds397EttI5SMYs3g2wZDefFkhpul59HJAib6EZLwwEhL25NipFgc8k28mBVaSwIzl5PUffZJDLSyBBjOT2T6ahM/FAwI9i6N6WEzp6PT3XUGjp/EKrNA,iv:DUkK1RTg3Y4Xm0JMbBav2L3MXIMBDMZ8yLXauAmGb3I=,tag:svNvb4AmzDV0c59mqv0E0w==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1lq5q5g5qjsdcc3key0n6qytkc9z3qx3d3e96ap9zre2aqgvc9ujq82l9hd + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBiUDBMaWpmN2tqSDNLd3Yy + UzVhYkQvVmFKZVF1YjFQRmNaOHhhcVZ0Q2xBCjNjc0Q5Z045L3ErVWJBa2ZBZmk4 + aFQzd0VDMHZpbnZwUGgwMDZ0ZFB1LzQKLS0tIFk5QytMMjlxS0RPL2xPWSt6Yjgz + bEM5bkVmMm93cWtDVEF0NER5SjhYWVUK1c3BsSTL70haSAhchTTCoCYhhv202Qj9 + Pub72WwCjx7YQWr4rEAkVjmmCWiWF6rTyyaHfEgtmfYk+EsZILgsZw== + -----END AGE ENCRYPTED FILE----- + - recipient: age1p0f62dwatt558sf5s4equdqwtg5m7lsnaytrf3xjnvmx3e0lqu4svtugyp + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBjYUMySWorVVRxM21zc252 + Njl5eHo1T0ZBMzZTTjVhYWpkbnhhVHE1RUVzCnBPK0NCQjVNQlRkTDNFZko0a1hn + bnVEalNFUDhiZVY5NktXZjBqZEp2S0UKLS0tIDZiMzFoOExGUWQ0bEkyeGtNN1ky + MU5NVEEybEdoNU91REhHNHF4aFczVUUKgsxKjHi6AB7Yuy5+x8+W36hkOZg4TR+1 + l6Sdj6DA42gvAWZbTvG9FuPWxos36nwx33lDyC3HVCc7m7Ue88v17A== + -----END AGE ENCRYPTED FILE----- + - recipient: age13c5wv623jxjja5mjz7fajg9qqwvypzgsfqrs4tmk7rpgyzu7aufs4ul9f9 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBLNjBIMDR3M21iek9URUZY + cWVPZVNjL3NGMW10SVNVckFBQW14SHpRYnlrCkozMnRuZFk4K08vbzFUUUttZG5C + dmFZWGFIT1RIV0hGZlJqVmZmUTViQ1kKLS0tIHArTmgzbU4rOWtMNFpFVXVVVzNV + TWgyTFplM2hsMVBQaTRSSnVvUGljYncKFjHyUz6dhqmWWi0koD3T4ma1QcCjgEFj + 2nQrkcmf7TlRm0PrjmEGHFR3/JsGCCavucED9S4+1fELQblK+0PExQ== + -----END AGE ENCRYPTED FILE----- + - recipient: age1jfz43yflulhmsa509ng20qc8qkjckkunxtktgr347rl768445fhscz8gjx + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwbjhIQ0dWUDZrakdESHVL + RFViV0NGU0YrczNUVTF3Sk10dDBxY1A3dTNZCjFvRm5vRDhoSUlCRFlDdUl6aGhG + Vm95dkpsK0JDUXcra0xGZ2VRa01LaE0KLS0tIE5NNnM5cWVGcFkvQWw3K1FISHkx + SEhrK1AybjlIZGlaRkFBSDQxTVVDcFkK9p8T32b8q6DG40YbSa62bhNfIf41DxBr + 3pOvzG4bE2Rpk2awf0pgWF8vYz8rDe4mVhkrnwjv8KyAVD0+oN1LjQ== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-03-24T04:35:40Z" + mac: ENC[AES256_GCM,data:e9LpfB6s+r9kBXAsSvQGpymcyXioZmVeV+8I0CrYO6nFdaxkCmkC7tAxIvYVvm4hYrqDmWc1UHF1xSEn75b/dABQtP5kJl7Ibj4vY0JGWZ8jjtdjH58Qxi5DSDA/PSJi90zvDJgwUU7CN36VLV+hCKvW2O6plFrdzRQBkuul2bw=,iv:EGO+tA7T502LnzqPWuazTjJ9MLfluI+Iu/lDD8wePkY=,tag:QBLMuB91X6t0GN5uJ3ny5g==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.8.1