From c8c8aaec3676d2f8dc64d064586181deaecd9fb6 Mon Sep 17 00:00:00 2001 From: noe Date: Sun, 2 Jun 2024 17:58:45 -0400 Subject: [PATCH] big sync, add static-sites --- .sops.yaml | 8 ++ flake.nix | 1 + nixos/client.nix | 5 + nixos/hosts/ingress-proxy/default.nix | 34 ++--- nixos/hosts/pihole/.target | 2 +- nixos/hosts/pihole/default.nix | 52 +++++--- nixos/hosts/static-sites/.target | 1 + nixos/hosts/static-sites/default.nix | 61 +++++++++ secrets/default.yaml | 179 ++++++++++++++------------ 9 files changed, 211 insertions(+), 132 deletions(-) create mode 100644 nixos/hosts/static-sites/.target create mode 100644 nixos/hosts/static-sites/default.nix diff --git a/.sops.yaml b/.sops.yaml index ff442ff..80b38a5 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -16,6 +16,7 @@ keys: &all - &m_nas0 age18xjdme8vc657l8n7fzpn7twshprmtpc8p6usn257ajw0vftd8p8qxwwywn - &m_ts3 age12f24j7fcq46cjuqjftv5pyffpunyhqj98ypqf729z89xzunzryts5d8kl0 - &m_pihole age1jc4a52cukf6d94tt2meq8tnt084rhtdd93hwzjhzecc70rmvvapqtdng8v + - &m_static-sites age1s4hzwj982zk04kr7c5u0vlemkzalv72wtkttkgzt64xv8a4r25zqxra6u0 creation_rules: - path_regex: secrets/[^/]+\.(yaml|json|env|ini)$ @@ -119,3 +120,10 @@ creation_rules: - *op_noe_2 - *op_noe_3 - *m_pihole + - path_regex: secrets/static-sites/[^/]+\.(yaml|json|env|ini)$ + key_groups: + - age: + - *op_noe + - *op_noe_2 + - *op_noe_3 + - *m_static-sites diff --git a/flake.nix b/flake.nix index 0572c58..d5a87c6 100644 --- a/flake.nix +++ b/flake.nix @@ -174,6 +174,7 @@ nas0 = mkNixos [ ./nixos/hosts/nas0 ]; # SMB/NFS NAS ts3 = mkNixos [ ./nixos/hosts/ts3 ]; # Teamspeak-san pihole = mkNixos [ ./nixos/hosts/pihole ]; # PiHole! + static-sites = mkNixos [ ./nixos/hosts/static-sites ]; # nginx specifically for static sites }; darwinConfigurations = { diff --git a/nixos/client.nix b/nixos/client.nix index 8fd1ae6..859d58c 100644 --- a/nixos/client.nix +++ b/nixos/client.nix @@ -17,4 +17,9 @@ neofetch xclip ]; + + networking.nameservers = lib.mkForce [ + "100.80.255.88" + "10.100.1.44" + ]; } diff --git a/nixos/hosts/ingress-proxy/default.nix b/nixos/hosts/ingress-proxy/default.nix index a4ca7a9..8bd7d7e 100644 --- a/nixos/hosts/ingress-proxy/default.nix +++ b/nixos/hosts/ingress-proxy/default.nix @@ -35,6 +35,7 @@ in rec { pdr.servers."${tsHost "porcelain-doll-repair" 3000}" = {}; se.servers."${tsHost "sapphic-engineer" 4000}" = {}; git.servers."${tsHost "git" 3000}" = {}; + staticsites.servers."${tsHost "static-sites" 80}" = {}; }; proxyCachePath."pdr" = { @@ -64,22 +65,13 @@ in rec { forceSSL = lib.mkDefault true; enableACME = true; }; - static = { src ? null, url ? null, rev ? null, aliases ? [] }: { - serverAliases = aliases; - root = if src != null then src else builtins.fetchGit { inherit url rev; }; - } // defaultConfig; - placeholder = { - locations."=/" = { - root = pkgs.writeText "placeholder.html" "empty space -- this site is non-functional"; - extraConfig = '' - default_type text/plain; - ''; + staticSite = { + locations."/" = { + proxyPass = "http://staticsites"; }; } // defaultConfig; - mekanoesh = static { src = flakePackage "noe-sh"; }; - ps2live = upstream: { locations."/" = { proxyPass = "http://ps2l_${upstream}"; @@ -87,13 +79,11 @@ in rec { }; } // defaultConfig; in rec { - "mekanoe.com" = mekanoesh; - "noe.sh" = mekanoesh; - - "foxxolay.com" = static { - url = "https://github.com/foxxolay/foxxolay.com.git"; - rev = "d7b00d742d9f209c0be569aa95abfa32c42cc1c3"; - } // { forceSSL = false; }; + "mekanoe.com" = staticSite; + "noe.sh" = staticSite; + "foxxolay.com" = staticSite; + "kitsu.love" = staticSite; + "doll.repair" = staticSite; "git.sapphic.engineer" = { locations."/" = { @@ -102,16 +92,10 @@ in rec { }; } // defaultConfig // { forceSSL = false; }; - "kitsu.love" = static { - url = "https://codeberg.org/Vivieraaa/kitsu-site.git"; - rev = "f669f68f1bf89c8f161627e994c9c865811964e8"; - }; - "agg.ps2.live" = ps2live "aggpop"; "saerro.ps2.live" = ps2live "saerro"; "metagame.ps2.live" = ps2live "metagame"; - "doll.repair" = static { src = flakePackage "doll-repair"; } // { forceSSL = false; }; "porcelain.doll.repair" = { # serverAliases = ["p.doll.repair"]; # Media Proxy locations."/" = { diff --git a/nixos/hosts/pihole/.target b/nixos/hosts/pihole/.target index 051abd4..3573837 100644 --- a/nixos/hosts/pihole/.target +++ b/nixos/hosts/pihole/.target @@ -1 +1 @@ -10.100.1.43 +10.100.1.44 diff --git a/nixos/hosts/pihole/default.nix b/nixos/hosts/pihole/default.nix index 43aad9d..63f6e4f 100644 --- a/nixos/hosts/pihole/default.nix +++ b/nixos/hosts/pihole/default.nix @@ -2,7 +2,6 @@ imports = [ ../../templates/proxmox-lxc.nix ../../server.nix - ../../features/dns-cache.nix ../../features/podman.nix ]; @@ -14,25 +13,36 @@ allowedTCPPorts = [ 53 80 ]; allowedUDPPorts = [ 53 ]; }; + + services.resolved = { + enable = false; + }; + + networking.nameservers = [ + "2606:4700:4700::1111#one.one.one.one" + "2606:4700:4700::1001#one.one.one.one" + "1.1.1.1#one.one.one.one" + "1.0.0.1#one.one.one.one" + ]; - # virtualisation.oci-containers.containers = { - # pihole = { - # image = "registry.docker.io/pihole/pihole"; - # ports = [ - # "53:53/tcp" - # "53:53/udp" - # "80:80/tcp" - # ]; - # volumes = [ - # "etc-pihole:/etc/pihole" - # "etc-dnsmasq.d:/etc/dnsmasq.d" - # ]; - # environment = { - # TZ = config.time.timeZone; - # VIRTUAL_HOST = "pihole.hoki-porgy.ts.net"; - # PROXY_LOCATION = "pihole.hoki-porgy.ts.net"; - # # FTLCONF_LOCAL_IPV4 = config.networking.interfaces.tailscale0.ipv4.addresses[0].address; - # }; - # }; - # }; + virtualisation.oci-containers.containers = { + pihole = { + image = "registry-1.docker.io/pihole/pihole"; + ports = [ + "53:53/tcp" + "53:53/udp" + "80:80/tcp" + ]; + volumes = [ + "etc-pihole:/etc/pihole" + "etc-dnsmasq.d:/etc/dnsmasq.d" + ]; + environment = { + TZ = config.time.timeZone; + VIRTUAL_HOST = "pihole.hoki-porgy.ts.net"; + PROXY_LOCATION = "pihole.hoki-porgy.ts.net"; + # FTLCONF_LOCAL_IPV4 = config.networking.interfaces.tailscale0.ipv4.addresses[0].address; + }; + }; + }; } diff --git a/nixos/hosts/static-sites/.target b/nixos/hosts/static-sites/.target new file mode 100644 index 0000000..e362ab0 --- /dev/null +++ b/nixos/hosts/static-sites/.target @@ -0,0 +1 @@ +10.100.1.45 diff --git a/nixos/hosts/static-sites/default.nix b/nixos/hosts/static-sites/default.nix new file mode 100644 index 0000000..2b6f463 --- /dev/null +++ b/nixos/hosts/static-sites/default.nix @@ -0,0 +1,61 @@ +{ lib, pkgs, config, inputs, ... }: let + flakePackage = flake: inputs.${flake}.packages.${pkgs.system}.default; +in rec { + imports = [ + ../../templates/proxmox-lxc.nix + ../../server.nix + ../../features/dns-cache.nix + ../../features/nginx.nix + ../../features/telemetry/nginx.nix + ]; + + networking.hostName = "static-sites"; + system.stateVersion = "24.05"; + nixpkgs.hostPlatform = "x86_64-linux"; + + networking.firewall.allowedTCPPorts = [ 80 ]; + networking.firewall.allowedUDPPorts = [ 80 ]; + + services.nginx = { + recommendedBrotliSettings = true; + recommendedGzipSettings = true; + recommendedZstdSettings = true; + + virtualHosts = let + defaultConfig = { + listen = [ + { addr = "0.0.0.0"; port = 80; } + { addr = "[::]"; port = 80; } + ]; + }; + static = { src ? null, url ? null, rev ? null, aliases ? [] }: { + serverAliases = aliases; + + root = if src != null then src else builtins.fetchGit { inherit url rev; }; + } // defaultConfig; + placeholder = { + locations."=/" = { + root = pkgs.writeText "placeholder.html" "empty space -- this site is non-functional"; + extraConfig = '' + default_type text/plain; + ''; + }; + } // defaultConfig; + in rec { + "noe.sh" = static { src = flakePackage "noe-sh"; aliases = [ "mekanoe.com" ] }; + # "3d.noe.sh" = static { src = flakePackage "3d-noe-sh"; aliases = [ "art.mekanoe.com" ]; }; + + "doll.repair" = static { src = flakePackage "doll-repair"; }; + + "foxxolay.com" = static { + url = "https://github.com/foxxolay/foxxolay.com.git"; + rev = "d7b00d742d9f209c0be569aa95abfa32c42cc1c3"; + }; + + "kitsu.love" = static { + url = "https://codeberg.org/Vivieraaa/kitsu-site.git"; + rev = "f669f68f1bf89c8f161627e994c9c865811964e8"; + }; + }; + }; +} diff --git a/secrets/default.yaml b/secrets/default.yaml index 1527b34..f091da7 100644 --- a/secrets/default.yaml +++ b/secrets/default.yaml @@ -10,155 +10,164 @@ sops: - recipient: age1lq5q5g5qjsdcc3key0n6qytkc9z3qx3d3e96ap9zre2aqgvc9ujq82l9hd enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4MVpITG1TaTUyeFNWZXdI - TlBLdE5vYm5DbktTbkgzQmtmT1N2NytydmtZCkNNdFpQOGlBdDVQVTc4U2s4L0x3 - VUd2YWtvUFduQUkzQWVycXZXVXJqNWMKLS0tIHF6NG80VXUzOWEwZ3JkbllOOGlR - aHdvMXVyRSt4Y3ZTczh5QnpBcHd5TFkKsd81XurNQeiFpZGkloT9TTZc2pLBU3v0 - fkC5HryIWt6JmvasFnFW7qvFUL5iVKzLEOWCfihNLa5/4QKJjuQGGQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVdC9LamNCemxLV2xDNWQ0 + K1oxZUJwODg5UXNNWms3d285aHlyWi8xVFVVCjcyOWdGQUFYS2R4aDhYbmRUaWFW + ZVlBYVIrVzNQSktqRWk0U2VZM25RSEkKLS0tIHNHTkZKbXE3NFNndCtWWFd2bU9G + TlBCTTZ2bGpsb1FwajhiUnlHOFFFMncKoBm1WRXTE7jct0loE0WNwN7OaYEZJ5KQ + gloAxhy093R2KKhjrkob7oECNFpVU75hR3GtLUue7F8APRxAICcP7A== -----END AGE ENCRYPTED FILE----- - recipient: age1p0f62dwatt558sf5s4equdqwtg5m7lsnaytrf3xjnvmx3e0lqu4svtugyp enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwcGZzdUliU0Zvd0M3b0sy - aVdmUW5kelQwY3RTeXBuNnBxc3JBdkk4bERvCmc2MlZyWjRncm9PZFV3VWJ6all0 - bU9sbWZ4YnVOWGNFa01IWlZoMVc4L0UKLS0tIFBQcXk4L3JpY2ZTaWdrcGxUUlZr - MjR4NGdreTJzekNudUtmNHhYUE1RQmsK9LA9qvxcQeEOgZnIFzoHfvbqQazQ3lBj - RZSRNzIAyMvTso4KUKeqnZrvJ2egjxrOVsJ1RGOrY8yNTCr2uhtjow== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBnVWt2UUhYdm5XNy9PZlBP + WEk5K0lJTVVwdEJ0bUJuaXRoSTZJS2dSLzBJCnBSeXpKeGlJbXZYWG1TMzB6VzEw + MFNKOXgyRk01TWJHQW94TGFsdUl5Sm8KLS0tIFFLbUswaEh5aXlKNExVZVJ5a0o0 + blpYZXhQd3ByVktPSm9kaTdsZml6OEUKbmCrTXQWT8dgXq+cDzPxTTRh6Ih9IhM4 + 6yH//TJLWIVg7M8sN3bw3VAQTMIExBz2GeCvOwpDLhG1vlxXIX+soA== -----END AGE ENCRYPTED FILE----- - recipient: age13c5wv623jxjja5mjz7fajg9qqwvypzgsfqrs4tmk7rpgyzu7aufs4ul9f9 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOSkxpWUFyRTk2dHY4OFdG - bmZiM2s4OFhYMWJMOTFIdFZHWk1Zc284K3c4CjRBR3JMNkF1M1lGRitFeVY5cXd6 - b3B4UkFIbGZnK25tbWtLckxiN2FiZzAKLS0tIDJ1aFJsNVZ6RVZqZHczYitRVkVR - b01JQ2pYRVVyM0tpaEE0S1ZJYUlvMzQK9+9McQmLfjVpDFKFwKRxmn7tJeoEfbk4 - FYtxavXfiC1jbqbPFtbOZ57txQFYtkA2b+hAfgd0JJWuxn5gOMLP5w== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvKzAwanMwWklzSTdUQXFp + QWRzRmhwY3A4S3FOaUt5ZnltSnpOVlk5ckZFClUwbUt6SEtFN0JiR2dDWWc4bitD + TmRoekJ3WmI4NklEWEtaOGZ1cTZaTEUKLS0tICt4STk0WWNyK0M2MVNyc1F0UUVl + Z1ovK3ppdGcyNFhvRWdGbEY5TFNRMk0K6k5YdRortJl05MRwbhRQovaVDOx8bnNS + wqmYNDvusteE3mfzYTCpr/BOgZydszprdjZJm54BBGPY7REtg5SVBg== -----END AGE ENCRYPTED FILE----- - recipient: age14vsmekuppm4xhp4rthhv9jjgzfv45v39a0q8dsgg6yusw0pjkvaqnr9kq8 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4YmxsMm5WT0Urb0h2R3Q4 - ajNqSTRZL3pGMzFJTmFDUElXMXRZR3JlUkRRCmxBbjJZQktNMG9jWm0za2dkUFJE - S1VRT1dSck9OME4yZHVTelFrK3p6QjQKLS0tIHBFSkZDRTBVdTBtVmd5SmNwOFFT - TzhqQnJvZFQ0YWFBOXMrcWdZL281YlEKs2WhkHdU5V5u9yqnWD2+hKygyoKAxy7X - wGoTpBZjxu+UBt/6N9ZrGFYiGN+pCLZpmy2ABlT2H4ONQ14jDR7xdA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJbUE1Yk9XTDRGbEszV2dp + c280a2JwRXc3TitqUGVNUzBBSXN2eDcxVzEwCm9RZE5ZODJEMDlrZmlDd2huZ2pN + MW5zcTFyVm16cmlOamFTYkN6OFlDd1kKLS0tIDhvN1lMSEhQZWZHZjN1VHk5ODJa + OEZlUG5xQkthd2dTM1Vmd0pic0M2NWsK5nNVfazvKpGCwcx5yvKeFAjmJntBdnz8 + +GHOE2vPbYb6cshK1cqWmV6ZINf4pvTKEo6x3ammidLD5+eOh1QEsw== -----END AGE ENCRYPTED FILE----- - recipient: age1kjsga2kf95lu7p5stqr5d9p87jquyypnx97cycj6jvhsm9zkn93quexx4r enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBjbmxlVm5BYzY3THFQaUxO - N1UwTXdKUDdPVDcrMk03VnllNGprWlBYSm5BCkM3c0FGbjNaOFBNNkkzbDBXVUor - Ykhuc0VCRVlnV20rbmdSUW83OU5ObmsKLS0tIDZqR1F6aEdrUE9PcWZWbUZHU0J2 - QzB1bFkvRUgyanc4eEt3b2ZNR2djNVkKWlJUy5ZdnFTPMpWFmClebQSDDN+pChNQ - 8LJ/Yfpj2LVGyETq46jqd4e3yUjp18VyrVa2RGHTK4LYO6BeLhBPbQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1cjhWcFVyNmFvTE8zaU5s + NFNRR2xhZy9HRkU0VVBndUNYZElldGxDWkc0CjN4Rld4WTFuUUdqa3BSUzdtdXRt + Mkp0LzBPMjNvYXFnUkxjNXErZnVXZFEKLS0tIE5DTjlYOHpwd0h5Qks2WW5heTJw + Rk5yYUpqbzdJMUNCSlhBWFlGakZ1eUEKujURLxSDcGcvOfO20Gdm8apdEGnUTqbD + xzS4zXeiW3VhZxjRYA1vPIsBZJ6TozbIxbLHyBJ/ZwJ2UPhtpoygBQ== -----END AGE ENCRYPTED FILE----- - recipient: age1jc6ghxfgxe3gx53xa55azxan447cfxaqfqeh5y5yzqapj7mw7ajql8kv02 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJUkR1UE1rc0lvME9HcHFS - eHUveHRVVXE5MXROSXJQL3RvWFphL0gwcHlZCm5YaEQzK0RYb0FoTmc0ZTkrdWtu - cldGbjVEUEZJd0JDcmlZZmFDT3dHTkEKLS0tICtqSVpNbWpWdlM2dkwwWWgzODNn - Skp6Z0QrY3RnbzVjVXpBRzFYU1JaTW8K43+dXMWQmI1qtSQi6jlqBAR9g2Xuhm7d - UiIN8YoNCiJifGzic1sHtc3qybYSEzHHvsAvgX6ooveWK5kN+mIplA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4QnpCTFBIcW4vTGZ3YTVC + ODFmbE5CdE9OMVM1blFxU1l3aXc1UGNKVUR3ClAxcHAvZkJKVFN1K253dElxMHky + aGJsSzRkckZWLy94aS85TUF4cm1oSHcKLS0tIDZDcitkMXBKTmxGS3ltOGpyQ053 + Z0UybVExZDROWVk3NS9Ea3NpWk00ZDQKbEhLmWx/JB862vQtRVnC+ann+aD71Rf4 + E3Ap+vsYJz7orfvC14Aj6bfERZ/gXrp2fDkM614T9GTrBPrUIJuakQ== -----END AGE ENCRYPTED FILE----- - recipient: age1faccfe85637hme39xyzgmvjn6ku9c4aapfmpfc35hswj5emhnedssrg2cq enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBpUnZxNm0wUnQ0cENiTmJq - UVZTcUFCbFBCUWNzanpaU2gxMDllZEZ3YTJRCnFQWG9WSUZ1Q2UxRW5sdDRQQllx - M2F0eUoyYVgxclp5QzBDL0lUdTNWMTgKLS0tIDArMXNxUTJPM3ZSelRMQUUzQWgw - aVFRSzJHU2pnVCtoWDI0ODZnbkhJUWcKGDEimdLl9DUwH/zOC5YFyhOuqQx0Gu40 - ewPS/d5/8Qxr0Dm8+gZIKbN4PIcEhOYbNVW1cofO+RWEaItFjc53mg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvelkzYmE4aTROMkUxMVk2 + aDlxZXhFeTVtdk9UTnBNUzM5WHFmRHZiUG1rCnFIRG1EMlA4cExBZUhET0N2VEti + cGQ4WVl3Z3F2MGpFNzZyanpPQllJN28KLS0tIFBxYk1IMHVEYlRzWUhIaUlqQmFH + eUR3TmRMc3hiSE9ralNIRjNrQ2RYS0kK85MkewjTqZipoEAL2a0pNHwi2qmXMVwi + BAc/XyFyPQ/4JdVP/Ln7C/QFvmO71ZFlcloYr2lhw/pk8AiukVcopw== -----END AGE ENCRYPTED FILE----- - recipient: age1wc3czlazkfxphsq6exxxkdpma4lrv7n3v3fvel9l5u96dlljn4fslh666p enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBLeUU4dXdUeVI0NUk3N09O - Vy9ZbS9WSzRVSUZQcFlDa20vaEtUdkxRVTE0ClB4YVlWVm1ZamtOTUhPdThwdWVI - T29LQUNSWTltN2NoMktlS0Ywa3REWnMKLS0tIFk4eW9SdjZJdVpQc1RGSEtoamZH - SzNaUlI3T2J3V2ZaYUJ4dDRNN1hYUWcKfD6hbonQ0HJY42PjA4Ej/Nt+mOA23shM - XxGQiPVF/ZaH7caqlA+WQF5ncV+5wMm9ln3ycbW08chAjQM+GCNG8A== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBuNDh2Z3UySWJpTkU0bS9Z + M0tQbG5IdzJJYWFyVVZITUdMVXJ2TUU3WlVBClcxUWpETFpYSW5vR0pYa3Brd3hv + cFBpQ0xPMlJHT0EybXNRZUlXQUlLQ1kKLS0tIFpyb2lBZGxjL3lHQXlpeHIyU250 + UFhRS0RMY2QrQldxWEhqUldjekVzM0kKWh+Th2l/otwHH2hK5tjSpDUqPRKuPrt3 + ys0XAzDkNC1p4W6ljBDnDUcCCD5L4Up1PXX00PdSXjhKhPovM9DT2w== -----END AGE ENCRYPTED FILE----- - recipient: age18net4rsvyx84d9jjh64rgqsru3njwc438qt3993kn865dx9weaqq0rzkrh enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDSmd6WnBGdm5MV2IzWWVG - QXYvVlU1d3BoTDd1TEhpWU1iWWxQRlJDOUdJClZNZy9KOHFSTW5xT1FjRGYvWkhl - L29ZWFk3cWhVei96eFprUEZ4UG13ZGsKLS0tICtSTndRZUs0ODVRMEVQczdhcFJG - Y213V25VQzRsaHRBSnZHc0RzOG9td0UK8vkTdrISyrkFB2BXxLItut9ITdC2O5nE - mLv56JMPMeyVRUILKX/boToUnevydEm4Z4npuP5GmstJVQgQQZksuQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwZEpQbld2TnhrMExPMG1j + ckxvT1FuR2dJejFzMDZtbjIzMnNCZGhEZ0dZCnZoR090Q1BGbWlnQTVEME15aEJO + bjg2Y3YyR09DcmRxS0xaaTJJSlpTZTgKLS0tICtERUdkTjk0S21ESDNEWmJ5V0Zq + TS8vYldzL25CN2ttbVkxaUwrM0pYcE0KsPrAWWF/IT3Og8+uCdFjmmTnurV8KN9G + 2le2VCvJerg15Uuy/i7XiQGqwsjhTuLdBRrFi8eQhDIi7osUTZWX3g== -----END AGE ENCRYPTED FILE----- - recipient: age1mc6eyvnqt4ztmqdzt08zaher2ts37ypgzuh049v3cgv9j0rje96q5rm56k enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOWmMyeTZ6V0kxMTBEc2tC - ZG9GWTVXRkFtVHhMeFp6SVdheGJzYTZYODF3Ck1lVWV0Z1FFQjlxNlZmWDdCeWpP - b2hyUzREbEVtbFR6anI3SFhlSFpPMGMKLS0tIDFiRjhzWFhsTXZzaTJMVjZiNjVY - dFNhY0xFSmdmUzBhSEN4T3VLclR5bTQKECs5Cl4MbAVpIOW9XxyEbk0PO+CW7Iz8 - 7R09IV0qMOK8BBAoZ6f8zqimwTTN5BJ4FQNhp2OzSQ/+yIE8QrEnSw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBuekl4YlFYY1B5RDBqYXdT + K0Zoa1hCeHBMT01sWkQ1UEFUNjVxZUJXRW1BCmdqWEtYUHJhYU5kVmh3Vm9TbWw2 + VlZlT0pyMkxzazJ0OXhRS2dscitDWGcKLS0tIDd1N1YzVzBoTXdQYkFabDVlVkh1 + UWYyT01Oc24yODRrM0hzS1ZmWVgyYmcKUvLbJ0N+FqYmicpdPwB+PKmGfKMZfRMd + GCdlmctI+fHjhKiC7bhfGJvECV25Hbp8MwjieMf6RXs+AOlFUGdLfQ== -----END AGE ENCRYPTED FILE----- - recipient: age1h7yp3psl5zyze8sl6lld6ksv6fcmul9z8mjwc4k78mwnys58c3ls9mgfdx enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmSFF6L0lNL2ZhTVVVOUN5 - dEdMS1p4UXpkQWxZSTY4eWQ2a3B1ZEk3dXlVCm5ZakhzYXRPUnBBbjUyZGlJY1Ex - VUtiL3Z6dUlSYTd5dFNrNmxZVVBHMEEKLS0tIEtDWElUK3NlajdOZ3RlOXQ1WDFG - ZTIrSnMrSVk4VnpIdVZ4QWVLZ1Q1bDgKoj4FoLGE76grfb1dfeVPiplH5lWH19Es - l5xH5alFjOrxRhXQgL5Y9bcbraqc/4GCS/0DyCGN36BUj0ZYf0PADQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0NCtISGp5OXQ0WUQ3RDlV + SFdFVXZoOHo5TCtvQ1JwQkJEdURmbk9sMTJ3ClVVVllCQ25OVG9Gdjh6NW9HY2Ro + ZVZ4WEk0YlNUaUpZYVEwRTdaQTZZa0UKLS0tIDVQYkczQmdDOXhyMkI0aFFSNE1J + cXpQb21vZGMxOFUvYy9ZcEJpUlFYek0KygPupL1duIIdaprmJ5zH5esEi1huGIIT + JOi/JhIg254RPZSHMTrcm/1rgliGNtJLmtH4WErLmfGt3z7y6mQU1A== -----END AGE ENCRYPTED FILE----- - recipient: age1qy9tvzlgek7fq4nl52e05ad6pyvglrtaxwjet9gr0fzq85z7cv9s6uxzkt enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxeWlvU08wUDBiRkRsWGh3 - a3o4b1gxOE1qZjc1RlhBQlRRTnh3WU0zeG1BCnJWSlFoODB6ejVYNGp1YnFJTURM - bUV1d2p6TERrQTlEdnhtUFFXdG5Fd2sKLS0tIHRQdlNCSkY1V3N5SUV5ZjJLYjUy - K2FpTEFCR3hkWUdtaFExemJXeGZZVTgKXDCJFhauDuRVG/ySifcRl75wV731nGDA - PIddDDaWyAG+UO112//DbEMdc7TJVHoZG21kBsNmoFiD6+AA3o5NSQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB0QVVjNEp1Wkh3UkpnSWFL + RDErQVNpUllyRDZJZEJraVF1eHE5RUZhSDJZCktXRE9xVDFqWHFXa2swQmpTb1JG + SFpIVHEyRVZpMkJpZlVVRW9JcVp5TlEKLS0tIGZFTjk4L0w5OUkxZXFsVDBVYngy + OG9RaGJ4U3FXYnJwMXpGOEUwUWd6a2MKXJwx+F2VfC3gapGxkGG+X5SQWR4fnhoW + GzMBJqGLJRRduFFFyjxJfnerbmxNXDNUL78OWuviU8BvZv+fQpdkJA== -----END AGE ENCRYPTED FILE----- - recipient: age1kh4c0dmn809xzcf7ntpjm26h2xh4ljaq09r9n5s0tsjjpr55ff3qqmkuca enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNazVPQ0t5YjhMT0FjQjJO - QnlGcE0zNno4WFdXdWZsRWtqK0V5aVR4RFdjCklNY2xFWDhmdEVDV2xyazFaSkJQ - RlBrZmJyZmhSc21hUlNIbTk4SkVLWDgKLS0tIDl6bTlJdWN5K3lscXRVelFDTksw - K3pHQnVVYVBmbnpheDk3SFNONlZEbU0KBi8082RzKrwDfwoZjVOr5m7yN+DNfgbA - bs/d/lYylfeZpjizjFHnDsw69VQKNgSHgo/DoIMSBN5iO8UMUWsGvg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5WnNhUVJMZElTV2lJekpo + ejBvelV4ZGJIclRRREY0ZTFFR1hrWTJTSXljCm45aXVpWTgvVTQvT2VnSk1vcWc5 + Y3VlVndINDJrQlM2TDBJV1ZqOEwyU2sKLS0tIEVjN0NFVy9rUU1LbVdXVG9yOHNT + SmwvU29HZ1BVdlg4ZzBtc3FDRThKdG8KOfA3pIluusBZPDvcboq7KgRhH+lzqBSP + 1Rpqqiu7bCBoicLYCr4yuTRGmdRvC5KsyWTKO436Ae7ZdLah5zeBVA== -----END AGE ENCRYPTED FILE----- - recipient: age1h9ty40uxgznh7s2d7l3cx74lkylpgvs8lknkvkjvqyy5kn5kfc8qz0zc4c enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBFUGFSL2VOZXNDcWpLTzZF - ZnVsZ2s4RzlRNERvb0lqZi9QREdybnJybkdFClY3bzVLL01rVUFsZE03bGU3UlR6 - NWhFcTlqcHBmNHdRU1BkNVZTbjd4b1UKLS0tIG43QTB4N05xNzU5UG1GblpTbmlU - YUZzSjZDRVZMenVlYXdGdUNJUEtobEkKiM6HekntalfF+OlBN/suUAoYM+qzGhUM - bljXuBJxaYXDfaUAfB9X2ibRkjQ/MptOW3YMnT13Q0iWdMaty4LPzw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSUmx4Rjd3RlJsQzFzSGRJ + c012WE9qRmpCQ3BhdytkQ09wMmgvTVFmRVJVCkVsMnoxT2FKYmxFeEZCWk5DQWJ1 + clFDRnVzcUg0NkZrNWp4U0JtcEdTOWMKLS0tIEMzZitWTmxVSytqUEwwMnVHWEY0 + UVVlZWlqdGZjbWNFNUhrZ2ZMYzN4UUkKRJszKOikP1VOMARFP1xHkb/WkAa6WW4j + d/OOVhQ+p0+02bR47HYFI3dYSkkoPk5jW8Xc5kaljYNTEZnRjpythw== -----END AGE ENCRYPTED FILE----- - recipient: age18xjdme8vc657l8n7fzpn7twshprmtpc8p6usn257ajw0vftd8p8qxwwywn enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2K090cWgyZWgxWGlja2xQ - eTVVZFVpVUhqckpOd0pWeHFoN00rRHhmM3dVClBPN1pEcDRINkJUak90dElUeHVE - b3NSVDZlSzRGMmt5TFFrS0k0U2xxZTgKLS0tIE44M1M5TFoyNE1tNWxLdmJ2Z3Ew - NWdZdXpKaUd1OFBoM2UvcFJDR3IySVkKIaa4+IoqEI1od9lIfz9dnazypy2FOlUj - bo9catr42SomqI8JEZgRl3yhkOJ1vrI3kjQTFAHUoNeERHrBU58nwg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxOGd6Vy9qRVNPTVphVGZM + QVh6NnkvVVNZMGkxQVZYSXNzcldoZW8wTWdnCnVEUGZpVmUwWmVycmFrSUJya2NW + OUlYczZKK3lEOWg2b285ZzU0S1BpUXMKLS0tIFVSd2lDOFhzdmpBV0RuYnNpWTNO + L05IZjlZZS9tV1N5TEMwMHoySTJPUkUK1nXmgB7l8a/hGnczLzqgh2TIi6bSRcB+ + HAUQuyJNr0INEolxoG8yQZ6BOrTdeCqwZqdEo2b1RU/7Dj1eKUY+Tg== -----END AGE ENCRYPTED FILE----- - recipient: age12f24j7fcq46cjuqjftv5pyffpunyhqj98ypqf729z89xzunzryts5d8kl0 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwdXBHYVl4K2dnclNxZ01X - SU82YUtBazE4Y1hIMDNjWGxoUzRYeDJWbGlnCjJ0cU9wd0JXZ2ZYY09pZ09kL1Rq - QmNLQ1JXbWNod2txckZPYW5Qd1ZCYVkKLS0tIFlnTWZQVGFVMnFVeXRyNHMrU2VW - aFNER3U3RTVyNlo3Tk5mS0YvY3k3bncKZ3TSoB2SIANZQkQ/nS+ILnPPkSe1GWR9 - 1FKv08kODuGSKnCr4beyMlAuR4ZEe4YJQmwCBTEcn8wb1batmorlDA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGNVMvR1hLb0g1R0I1Z01N + aEFkTGZWT0VwbExJMU50R0VPa2JRdTkzOWdjCkVONDJ6cmRIWGxjcWVoUElGQ255 + ZUlNN3cwZFdRUkF3NU55TExEOWlCK1kKLS0tIFFUQUxmVWJGOUxUcEVFSFdSTXR0 + MTRGYWlNK21mSDYyNzB3c0FpbzU3bmsKJIvxdtJ2ovleoH68dBNgcXW6NrMKzv/q + /pA9l8D5bPtSyjK1buBUb0JswovEWVp42q2lX4sUePaYSOyrC038VQ== -----END AGE ENCRYPTED FILE----- - recipient: age1jc4a52cukf6d94tt2meq8tnt084rhtdd93hwzjhzecc70rmvvapqtdng8v enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQVlpvazR5WWw5aHBSVjlu - Nk84Q0tKL3dTMzc3dFpCSFlFVVVkd0U5SUFVCjIwVE9YOHRETjZrOUpBNG9EbTQ0 - c1dpQjRFdEI2SmFiSUZOS0w0WUllUlUKLS0tIEhvL2VER2VNUHJNbW1lL1NoOThv - Z3FhT0Y2MWk0NWNFRlcwMEc5N01mYWMKejkt48lEqE/g57DmC596S+7B3v5g0goh - l4I47v/2Zih7xRPcqEGGzfrZLXeTrwbyTXDmLiDtBVHQlE8F5o1Vsg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQdGFPRlZlN3VpcjBQVU42 + WU1ucXkwL3Y2YWVZYVgwZkVkbGFXL0pJcmg0CkhSTmI0cVZRVUhBdlJjSm1Uenp1 + bjUyQWxmblVPdmtoWTRiUFlFd1FoU2MKLS0tIGVaeVBLOWZqR2p3Q1Q1NFVhL1Zs + Q3dkVnR6cHdEMndUaFBkN2lZY1BlZ1EKj275Vfnx+XoAB7EiYQNRnIetfORsPmvX + zkyEgGEen2ipne6/LHA9E06K3Y6qK1qzqS5EtkG8uQmibq7TiiwwQw== + -----END AGE ENCRYPTED FILE----- + - recipient: age1s4hzwj982zk04kr7c5u0vlemkzalv72wtkttkgzt64xv8a4r25zqxra6u0 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNTWQwa2JlLzlrVkhyOTBi + MHMxQWlzU2NTTFVQeUE2OFQ5dmlpOG5Kc21zCnQ0QTFkbW5WY3ZaaHZ0V1draCtF + VXVydHl0dTdHZm1LckZ1M3UwaDVpWm8KLS0tIGNYSXBuZWxDVVg0U1hDZkcyeksx + MTROQXFsZ2FXNU90cXlUcXdRUXdOZDAK6FT3OdizIaFbFYV4CEpL2nj9w7H17HcQ + yk4igyKWnarJhZUIIP48/zKCVEyDsrazQNaRixEmaxAb06S6iHTsuA== -----END AGE ENCRYPTED FILE----- lastmodified: "2024-03-31T06:49:34Z" mac: ENC[AES256_GCM,data:1bMWUaJdcUfHknidzCUTcAdweOZhGlBKq20mF/kjWJ1uR7AvGax9Vr/1cMVDDCfAkS5hOGo47oHqGDooTk2eATGVM0ilO/yO3jxCsV+qUsmunbpb5LKOaYLR4tw4Fb863tsCmy87LefTRHPudtQfNhZ4EwGgh0jKfUvcG/5L3tE=,iv:wR2QVuNGcj0ltqzizx6AB5NIbfawWeHs4p0k0jJFpUI=,tag:Ho3mGPWthbJgdSAtNNw+sA==,type:str]