From 7dc6b5df8cbf6cf0089e9fd1b0f01cd833d7fd28 Mon Sep 17 00:00:00 2001 From: Jack O'Sullivan Date: Sat, 11 Jun 2022 19:13:20 +0100 Subject: [PATCH] nixos: Initial jackflix container --- nixos/boxes/colony/vms/default.nix | 14 ++- .../colony/vms/shill/containers/default.nix | 1 + .../vms/shill/containers/jackflix/default.nix | 46 ++++++++ .../shill/containers/jackflix/networking.nix | 109 ++++++++++++++++++ nixos/boxes/colony/vms/shill/default.nix | 34 ++++-- nixos/modules/containers.nix | 7 +- nixos/modules/tmproot.nix | 8 ++ secrets/cloudflare-credentials.conf.age | Bin 507 -> 583 bytes secrets/dhparams.pem.age | Bin 1216 -> 1229 bytes secrets/jackflix-wg-privkey.txt.age | 11 ++ secrets/pdns-file-records.key.age | Bin 869 -> 737 bytes secrets/synapse.yaml.age | Bin 657 -> 557 bytes secrets/user-passwd.txt.age | 42 +++---- secrets/vaultwarden.env.age | 18 +-- 14 files changed, 246 insertions(+), 44 deletions(-) create mode 100644 nixos/boxes/colony/vms/shill/containers/jackflix/default.nix create mode 100644 nixos/boxes/colony/vms/shill/containers/jackflix/networking.nix create mode 100644 secrets/jackflix-wg-privkey.txt.age diff --git a/nixos/boxes/colony/vms/default.nix b/nixos/boxes/colony/vms/default.nix index e2c3685..720961b 100644 --- a/nixos/boxes/colony/vms/default.nix +++ b/nixos/boxes/colony/vms/default.nix @@ -75,7 +75,19 @@ (vmLVM "shill" "esp") (vmLVM "shill" "nix") (vmLVM "shill" "persist") - { esp.frontendOpts.bootindex = 0; } + + { + esp.frontendOpts.bootindex = 0; + + media = { + backend = { + driver = "host_device"; + filename = "/dev/hdds/media"; + }; + format.driver = "raw"; + frontend = "virtio-blk"; + }; + } ])); }; }; diff --git a/nixos/boxes/colony/vms/shill/containers/default.nix b/nixos/boxes/colony/vms/shill/containers/default.nix index 3fe62eb..34376df 100644 --- a/nixos/boxes/colony/vms/shill/containers/default.nix +++ b/nixos/boxes/colony/vms/shill/containers/default.nix @@ -4,5 +4,6 @@ ./vaultwarden.nix ./colony-psql.nix ./chatterbox.nix + ./jackflix ]; } diff --git a/nixos/boxes/colony/vms/shill/containers/jackflix/default.nix b/nixos/boxes/colony/vms/shill/containers/jackflix/default.nix new file mode 100644 index 0000000..fed08cc --- /dev/null +++ b/nixos/boxes/colony/vms/shill/containers/jackflix/default.nix @@ -0,0 +1,46 @@ +{ lib, ... }: { + nixos.systems.jackflix = { + system = "x86_64-linux"; + nixpkgs = "mine"; + + assignments = { + internal = { + name = "jackflix-ctr"; + domain = lib.my.colony.domain; + ipv4.address = "${lib.my.colony.start.ctrs.v4}6"; + ipv6 = { + iid = "::6"; + address = "${lib.my.colony.start.ctrs.v6}6"; + }; + }; + }; + + configuration = { lib, pkgs, config, ... }: + let + inherit (lib) mkMerge mkIf; + in + { + imports = [ ./networking.nix ]; + + config = mkMerge [ + { + my = { + deploy.enable = false; + server.enable = true; + + secrets = { + key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKzzAqa4821NlYfALYOlvR7YlOgxNuulTWo9Vm5L1mNU"; + }; + }; + } + (mkIf config.my.build.isDevVM { + virtualisation = { + forwardPorts = [ + { from = "host"; host.port = 8080; guest.port = 80; } + ]; + }; + }) + ]; + }; + }; +} diff --git a/nixos/boxes/colony/vms/shill/containers/jackflix/networking.nix b/nixos/boxes/colony/vms/shill/containers/jackflix/networking.nix new file mode 100644 index 0000000..0fb640e --- /dev/null +++ b/nixos/boxes/colony/vms/shill/containers/jackflix/networking.nix @@ -0,0 +1,109 @@ +{ lib, pkgs, config, assignments, ... }: +let + inherit (lib) mkMerge; + inherit (lib.my) networkdAssignment; + + wg = { + keyFile = "jackflix-wg-privkey.txt"; + fwMark = 42; + routeTable = 51820; + }; +in +{ + config = { + my = { + secrets = { + files."${wg.keyFile}" = { + group = "systemd-network"; + mode = "440"; + }; + }; + + firewall = { + tcp.allowed = [ ]; + }; + }; + + environment.systemPackages = with pkgs; [ + wireguard-tools + ]; + + systemd = { + network = { + netdevs."30-vpn" = with wg; { + netdevConfig = { + Name = "vpn"; + Kind = "wireguard"; + }; + wireguardConfig = { + PrivateKeyFile = config.age.secrets."${keyFile}".path; + FirewallMark = fwMark; + RouteTable = routeTable; + }; + wireguardPeers = [ + { + # mlvd-de32 + wireguardPeerConfig = { + Endpoint = "146.70.107.194:51820"; + PublicKey = "uKTC5oP/zfn6SSjayiXDDR9L82X0tGYJd5LVn5kzyCc="; + AllowedIPs = [ "0.0.0.0/0" "::/0" ]; + }; + } + ]; + }; + + networks = { + "80-container-host0" = mkMerge [ + (networkdAssignment "host0" assignments.internal) + { + networkConfig.DNSDefaultRoute = false; + } + ]; + "90-vpn" = with wg; { + matchConfig.Name = "vpn"; + address = [ "10.68.19.11/32" "fc00:bbbb:bbbb:bb01::5:130a/128" ]; + dns = [ "10.64.0.1" ]; + routingPolicyRules = map (r: { routingPolicyRuleConfig = r; }) [ + { + Family = "both"; + SuppressPrefixLength = 0; + Table = "main"; + Priority = 100; + } + + { + From = lib.my.colony.prefixes.all.v4; + Table = "main"; + Priority = 100; + } + { + To = lib.my.colony.prefixes.all.v4; + Table = "main"; + Priority = 100; + } + + { + From = lib.my.colony.prefixes.all.v6; + Table = "main"; + Priority = 100; + } + { + To = lib.my.colony.prefixes.all.v6; + Table = "main"; + Priority = 100; + } + + { + Family = "both"; + InvertRule = true; + FirewallMark = fwMark; + Table = routeTable; + Priority = 110; + } + ]; + }; + }; + }; + }; + }; +} diff --git a/nixos/boxes/colony/vms/shill/default.nix b/nixos/boxes/colony/vms/shill/default.nix index 364b6af..a8bb84f 100644 --- a/nixos/boxes/colony/vms/shill/default.nix +++ b/nixos/boxes/colony/vms/shill/default.nix @@ -30,7 +30,7 @@ configuration = { lib, pkgs, modulesPath, config, assignments, allAssignments, ... }: let inherit (builtins) mapAttrs; - inherit (lib) mkIf mkMerge mkForce recursiveUpdate; + inherit (lib) mkIf mkMerge mkForce; inherit (lib.my) networkdAssignment; in { @@ -53,6 +53,10 @@ fsType = "ext4"; neededForBoot = true; }; + "/mnt/media" = { + device = "/dev/disk/by-label/media"; + fsType = "ext4"; + }; }; systemd.network = { @@ -98,14 +102,26 @@ trustedInterfaces = [ "vms" "ctrs" ]; }; - containers.instances = mapAttrs (_: c: recursiveUpdate c { - networking.bridge = "ctrs"; - }) { - middleman = {}; - vaultwarden = {}; - colony-psql = {}; - chatterbox = {}; - }; + containers.instances = + let + instances = { + middleman = {}; + vaultwarden = {}; + colony-psql = {}; + chatterbox = {}; + jackflix = { + bindMounts = { + "/mnt/media".readOnly = false; + }; + }; + }; + in + mkMerge [ + instances + (mapAttrs (n: i: { + networking.bridge = "ctrs"; + }) instances) + ]; }; } ]; diff --git a/nixos/modules/containers.nix b/nixos/modules/containers.nix index 3c766a9..d26b1ff 100644 --- a/nixos/modules/containers.nix +++ b/nixos/modules/containers.nix @@ -60,12 +60,13 @@ let bindMountOpts = with lib.types; { name, ... }: { options = { mountPoint = mkOption { + default = name; example = "/mnt/usb"; type = str; description = "Mount point on the container file system."; }; hostPath = mkOption { - default = null; + default = name; example = "/home/alice"; type = nullOr str; description = "Location of the host path to be mounted."; @@ -76,10 +77,6 @@ let description = "Determine whether the mounted path will be accessed in read-only mode."; }; }; - - config = { - mountPoint = mkDefault name; - }; }; containerOpts = with lib.types; { name, ... }: { diff --git a/nixos/modules/tmproot.nix b/nixos/modules/tmproot.nix index af68fc6..5644962 100644 --- a/nixos/modules/tmproot.nix +++ b/nixos/modules/tmproot.nix @@ -259,6 +259,14 @@ in } ]; }) + (mkIf config.services.jackett.enable { + my.tmproot.persistence.config.directories = [ + { + directory = "/var/lib/jackett"; + inherit (config.services.jackett) user group; + } + ]; + }) (mkIf config.my.build.isDevVM { fileSystems = mkVMOverride { # Hijack the "root" device for persistence in the VM diff --git a/secrets/cloudflare-credentials.conf.age b/secrets/cloudflare-credentials.conf.age index ff62f699aff2e32e84d64d3f471d524a484cdcf3..f1177316da50a9e6c043a7aaaf98aa0924f18db8 100644 GIT binary patch delta 550 zcmV+>0@?lh1IGlAEPqlpRdZ)ZcSAQ}Qg%vfdPHbeH$+BjR#sVID`{19NkeK*a92!o zLP1ApGzv6FS~N9uW^8zEXme&yHDh>AMm0z`FKSmoVo_mQHexktb7o6;MRIg&RSGRW zAXqXrH8D9LYf)-JR8L}eMrbu+GdFHSN>fQocuYrRFKjYqHGf4=IaxSyQB^NiVr6wz)G-YQtH)&T#H7jj#Mrdk!R8vnlXL?3NQA=@E3N1b$EJZD6 za%Ew2WguxG($E>OGIN-Mo4oqc1m+OV=-w=Rd8)IbyZPQM=@<{ zGe&PzQaCXFOLPbGydQfCjW>_*YG;ua_OG;r;M=))7On5~%MQjRGK?*G`Eg*1Y zdSh8HP+?FoVQ*SvHaIshG;}XDPGoI0MMG#gM>c9oY=2ZaG)riAWK{}T`)fabI-&b8 zTj{X$)FzoSdANlp#!ZD#;ypd_FSS3M54PG`4ab>0 zv$W{{`ze#Q!0|WO+*&Owh7m%*4XUnsri_=att<@_E**7Q!XhYsdqk3(Ss4YKe&8FG oIW5wx7#~B_bd2W|X|BFilG~QY%nwFl0GID@ajmOip-5LT4~jOJz1m3N1b$BRe)) zD`+x(EoX9NVRL05Jt0m}A}=u@K2SGSAb25sYENehWlUE@YgjczZ$(*5S~68kXKGS0 zdNwpoNMtKlWq&X>Vs3UZWO_71RSGRFEg(2kWJp9*MpZXLNLgw^X?j6Rb!Smfcx7%= zSygXmZ8$?vaZO=VG(&Z1O$x~N;Q`C-t&>=Ftt*o-L-!a-;095wdG-S*w6(-l3?;Ah z9<@NP0=Zh3FIl8iE1qgi*Y69rEe7q{hyaxTsn{#4M^an1<}6{5L`oVVH&29x@kGYEofPGH)?8WLh$HZ*p31Zdy2ZH7{3KX>&nDbuwmcFL^jK zZ!1VgZwfF?WiwZ1PBBg^WlLg1V=z`(Ofz&bctJBqR9JUxWK?c*QB`kxGD#~dV+t)k zAXqXrH8D9LYHv$9VM9q*cVl5_YDY~mHf(ufPIF>+Q7dU-NPk5)K}J|_Xf$nhQ+0WF z3UW$VNis%SNH$Y8D_V9hK~_+5b!kaBK`V7}MlVlha&1{?HbO5}VR(5_3N1b$CUS0H zMJ9bPEoX9NVRL05U@Z!ISaM8NK}}X|HhO4DO)FS6Pf>bqT3IUzMsh=XO-_1N zc`q+|N_j|5H#K=UOL#VOQ9*S!N;hq7Q$s^TNHuj*M8b zuB>x_lQ)0=30211dJe#b=v9kf+*xjJ4TYtZG|Jt4USJFNV|v3kX#pbP+n!Fp!X|sG zVai%Wcc~9c8=|#3E3|u2nHgoM^L^gieI!@O9(C)`ZuZ;NmBk~EqX>n%gE2`f5u zSQ?c{6@MVcWBon*^E2lMt|+0XT#*jZXgd1q{QzyK;GyUYx7Er{bGRJOAvhqH&hL9h zoqz7rCLFx~IgWt`=`%XsUB}TOtt<7dewM5PLVX+(U_P=ffzt&-#kXe?+TvS<=q{9* z00WGW-_FF8lVX=#+&EPaJGK<`F~)DnyATe|Q-1-j+QoI`X_nwHON#+8;=&b1vqD}z zVKcA1{xcnIGXwy<^)hZj5<008HQ(aiYI+h^>X)CDX_o>?LnRI<6_}g4<2z_l@h(JA zTnkYC8V^|C)MM%@pyvltS3l0mM|zlr;6O07`?eVVn7)+2mw`8BnpOBCpvBGt=~F%< z4S#Nf{hfu?s}wR*ligQe<7h_KS@0;)ePLMQpN_8y(BWBjQSJIBXlzy+;?{Jba)3;? zg^h0DB(YnCZ=vo{Fz~zYAKxD&^Dm$I%RE*2lD4$r^058(1zDM=^i31$tKS0x>EW&I zlkhGQ%h~A*X5Y-~MDa`33VJXrnuRY9lYfvD?lk;4HE$rlz+^TK3-vl!+O%GL!T=cY zn$|(VZck&201M&v49ccId04$3=k!ijYGYT^j;PN2OJdSj(^o$6N=Bx{>wryx{06x9 z1Zyb;`HH;66PcG0)jIN5Ya?wG-`~06=lZI(sTGU!35WvsFBw-f^>VIqG_pAX(|?|= z?xCb`;z#&2z{9~KaWC~IuGa11DGmx9?)_#Ake_Pui$O&+oNu{|h%fbkX#z6eGA_*G z<5P;&eywj(TGQCDoE`BThR zxZM^+T1+(Yw3mc&cQ&QeM$a+Gp(_4QOz99sS2)$cwJjCy3(%5Vt#_I-v!pW_$Wy}; PK#qWkQ;&z)&JHT7-jx;z delta 1188 zcmV;V1Y7&f3BU=EEPqR6WluR(QZQ3;O=)^UMNDo}Fmre>OjlM|cS2EWP;+WBNlY|) zH8pB#a|&l;FE&qVN;x@cYjARBSTb`^N=7kjcsX%)V@PXrFKT*fZZ&O0W_NB;I0`L3 zAXqXrH8D9Ld3SMjNqJ3KXlyw~XHzhEV{UVIb#riXV?tO#Rex?-D_T@;LRnc%Q(9PA z3R+P~acF5XV_GsYR#SOUYBxnrVns}KF>G}&bW>_HN>*`UZA@fGO<6fr3N1b$S5P4} zL3k@$EoX9NVRK~)a4RruQ&V_ZQb%fOd3tp>b4hYcYDH{$Vm4_nGDSEsIb>8(Ycne} za&<6KXKQgmd4EYod3H%xXl!#gR7OZxMG7=SHds`3Lv2w_cQ|5EZBKSZG)FLVL}M{# zNpxglMrc}Xb7yR4ZZJ|bYiLDdT1HxVPEiUiEiE8WSXXFzPe^5MOe<_kGc`k6bU8FL zPf$xwdTL@MIHrhM`@+=wcN~6~ZNg~ybea{u%<$hXt`&IoMrs6YS?U-KlG|TD}N(tN7|@F{-h14N#Ey04qD|86+YiM zu|%#zDD5!1FbOvf^8F6#<&b#MOY%|kjQbUDnu?KL)f8GUT{X`1`=*)XjQp5A^Gf3s z9rgYNP#yBDTbszg$K@eaP2B%=#V_bq*!_zg`j98h{4+#VQ}jLUCJlA>NYOBS`H^C~ zLx1CIAf+&jzN^y}opP2RSOxxenxM<9gjR3(xT0x6oQyi+Ak9^r5f82xA@ldjuscuz zdb-rq7^{)EF@)hloCuP;FtP>C;a&M&E+UKUE)EDZa-;Xb9;KMSMM~zqSR{E_?IM+@ z?5I=fjI0kuD*Rk!%h*e+p*=2c)qb-MC4XWcJ!Z}tp;o*REZE_jgN$?9t#o5L;KFm` zvQEGuvKx~B;O{hksr0(u1$saHwNY;8fQ|YvS>6pBUHINn?346ezR_BrX1u!sR!jq} zNvm*<9P>)%Sh_1@RwUhM7V=RuokNN=UeA094G+PV1ST|wd=nt8o=g|8x(J;K-+v!5 z5F#H|m0hOd;DENJO}TNg*_+L|tX16EM3x8-FXSP}=lm@T zj#3SC#RGJVFTQPp>|u}pAP7IMa9~Ysx**sd$-MV=$Sw{ydGH9BLP8VsI{O5Q1TyTM zJ*}2Fy?1#&_!xPv3Y?i=ielKL1sz9`BO2{GHMY2?xB-dei&l%Gu&&o1=NL-Xd)%lG CnHEg| diff --git a/secrets/jackflix-wg-privkey.txt.age b/secrets/jackflix-wg-privkey.txt.age new file mode 100644 index 0000000..03dbb6e --- /dev/null +++ b/secrets/jackflix-wg-privkey.txt.age @@ -0,0 +1,11 @@ +age-encryption.org/v1 +-> ssh-ed25519 vf+WVg urUmX8GQaZ9N5s4im5LjHdrqF7G1cUmOhRwJ4C6QiDo +rgzuokfwMMjYtbPBCBNa+9Jg4QHbdd4ynqrsVX5LSWM +-> X25519 Kr0gKsPYyLt3PFVZlv6m1NlLedJJYxSNKvmKx9canyc +1Ki72qamPIaor+FCYy0SLVSm0GVCVsjFiRteSNv5hCA +-> MT&kccY-grease k k>D#= -/DFm:' ufBE\ +1HfnD0ef5OnLrhBZL+pyaMVLjCadk+vLszSORTxyarFPKD5wqor5nPn/mMLotY79 +mpKSMQq8ehwB+Ruv6fjys3q/1A +--- J8tifBtzNpEgeFqTxpfq+Md0vdmzU23rizI3C39gkc4 +29A7JȔ،\r=Jwx xlՕAddԬQ#rɚ}ay0Pl& +dF|- \ No newline at end of file diff --git a/secrets/pdns-file-records.key.age b/secrets/pdns-file-records.key.age index 47e41529821551fd3e31f7d848c490315f17f16c..e35409f7eabdd2edbfb49f3f2ccb1650d4ed0f06 100644 GIT binary patch delta 705 zcmV;y0zUoa2H^#eEPq2pIA?WwbXHVnS!8c&I8iV#Z)R&xVQ6_XMp#8-QF=m2bTxWv zQ!sRCQ3`8BFE(dqRyA--Q))0bWif18PAhnNS}|=haYc1YO=fO1OfzFSNHi}qMG7rG zAXqXrH8D9LWoT$qF;_-GPIWXwb~1HoWl}3*RA@#xMn_F&aDRGiIW=`=Pgib6b96>? z3R*aIc}+xPc4>1odQEt5Ide98PGeSPXh=0TbW2fdOi^@kRW@&8FDq&|3N1b$enTTI zXL4m>b7cw&EiEk|b4D^|XHHmIcPln;ZCF-NOgL{ua4}_OH$hlaZDBV`LpWn@IA(Kh zWj1RHbwBbWE`My_n~;i+gAKN>D>m3E%1B~hl9MuZ^Nd*(tj-(%S?aPw10bKrf448<$}cF9RK>#{2~Uu zHk<=2VQlMk=Q&T=_&7H=?ULC$1zAtl?N`0dgi?a9*&G;66uLKv&cD$vmSwoHhVm>R z6DHCOiMGsCW%(FCO>3U7%$3%7UA~S(p){=y;j=gjdl!L^!9bwf}KUEGrRPi7ryEHx%$Dxk&?%!7XbVj`;|7et~`U2vUPQ41f|pWRNADW2J? zB3V$>C5^NPetMSpEDdURA*bSro-b6GH1 z3UXt1Vp4ELc4|ymWL0@&PETY?YiKk~O*Te2Y%5wYLu7SVX<0{dM=(xN3N1b$O;l=P zFJ>)ga%Ew2Wgu{2en@;cJ7Nk(Sad^hL1|7-V=+`$Ic`#DOhhkGbT4pbcUCV!Nl0dS zNP1OQc2QY1Nq=EdSyf9ncu-?@P%w9FHEefSGg*3JN_8+eW?4^7Om;a<3V+SkJq)n(xuv=Hq3QRo5v7Cv zOV<(ZABa<7wxPRX^d5~)NC$(ogva07z$12s#!!GenX!SFKcR0=6WvD(g!zu6*;(b^ zf3bV7v`oqsmn3~%{?Q~DvN+UDoDS2mXD?KAZhDxVL9i=rHbGs(>v_c(t9YNiYF&zX zTg*(E?|&5ms_32cu86d`rgI}_#<@EFTM1_tF#Fvn^#^jn`BIs!p>?>)Nwp?1cwNf+ zRs!luu>EN7YN-|`Z`Frn6JGW?E|#!DpRn3eZ;r%l*txHoPZ^yxR)`DSaOQDaUA?BhfjDN7NV(E@a%Z_mWyE+pqJ{x4S&}bkRQ~ZG2|KFP{6~KfLPz zI3Hm=xglB4_Vl$c267TC0x8AzNlI=-QaNO9b~8+8Pd92YdPYxXc6UfCG=EY>Wl~OQICF4RNlbcc z3T0YWW@uJaL^CxpT1iDVLV81Kc~EmtOe->PReEk&PdGy>ZZK7GNo_Gr3N1b$Yjs5} zXL4m>b7dfRerQ>DSs-e0L|Y(HQ%(wVdNwsHI96{|PEB`DX-ji8N>VRsHD^~%X9_JX zEg(ckV`+C(Y=2rSI7(VfLSjKhSa?!;F?dyYNiR$@c{XTRGf`gG0>}FCl3Y4d`i1RJ#?z1vwQi)Abo=*`%I9t z^*qso<&N1^G-IR9C2!t*!WEKQ9_@3L+3+wK(5|He!hdemMT3{|yWucaAu$s?O8qPI zEhyUZvA<^8_A&W@syHT)ysky;-WV#xy2w_4gFI_W6$ktz88*7SdX9mlAb!73F@aqE zN9M6a)I`G&@v(IY9Q~O?p7ukr3#C!}Xe{-wbER7$B!;<~>#rknAGSWc+ delta 624 zcmV-$0+0Qz1d#=hEPpFxVR$)ES~PNMPEmI=LTEEKY<75dLq=IsH(4-dbY(?2Z*Ws= zNl8*fcM4Q=O-*P@QDH$dbuUy)P)BSpOG|PycxhBQa!q(ib4hD$Z)jvRXHisaX9_Jo zAXqXrH8D9LNm6E0NJUakaB(FEoX9NVRL05GB;IRODqaCWkgg(S8O(PMRRO%VP;iPXIVH|b#G&JXl*evMKCx) zR(V=gD@`&{L4Pl3cWh&1GIVA)Y-@NoI8QZfb~JBg3Ts=dh*PJJ|1&lofjeXZ^;ETB zlYiz1y+;s);ouO`P9loB9$5WBOP%QTwVnabkOQ7zm&&;93H)`+2SplR1|FU)g~)sKq;M z4@LUhg`Rezsio@@f=Pj7LRS5&vs^}D=9ib;s0c_Va ssh-ed25519 FAIX7A PkWyLLijQZgNyFSvjEcWkYTYIyOpbxsu69hczCKx1g4 -qGruVJb5SjTNm6EhRMbaO+aZc8hXQdU9jcfRN4CVAC8 --> ssh-ed25519 SKXJUw JIFQcXOdHl/9uLcvmriKLBmtXEHKrKUII99KgOkqPFI -ODO2TuI3VYWcPJnwAmpQi38a8CXV0C6pAFwd5otrh+w --> ssh-ed25519 wbGjmA rZm8T6+N1cw3vpXrtrAIufUdjTpzu8wXLsERZAjVwHQ -MdfU6LwTZpiBEJwVvsY+BPUmN+955Ty1Xc6c0PfwH+o --> ssh-ed25519 B9K/XQ XQiWYiYiEcVrrcjkel5TDwZSxIommrxk1cVNvDoiFSo -EE7VDprouGZ/MpNFPjhh7TSr1jzr0ZeIOmmO3G6JAeU --> ssh-ed25519 H162lQ ce5lAulJBRSzeCKnJBNuSy1HE1R5TG20Wdx5kavPNTg -BPXI69PEmSP0BmO3f8MAPqGyBR29hts798DbevMUATg --> ssh-ed25519 b6YMqg w0JygLSUv/Y5j1zWlUY5zoeTwX3s+URX1yJxc99rg1Y -01VfQiWgldlCBNPTBoudyKVpXXfVbrXhaVMq+MBFhVM --> ssh-ed25519 Lqn0Yw TWRasWvKcfxukcFX95KJ6QnRwNfJSF/RCz40IrsfSGY -/CSufoexTjNSVK225VjCD3pm/z2gK6Moud7fST9tjuc --> X25519 bFnUlqUCBjMxEPrBiMpOeQTqR4qpmBQhMzIvtLKuHUk -PEYj+yEbPfUWDKRTsYMUPUcM+i3KZ0Zu0YQ4JE3zFEE --> T-grease NFmx4 ssh-ed25519 FAIX7A 9lwGzxHbaj59re00D+VBn31xh6lXBdqlocUWbuGl0lk +WWXUSz//VWPGWwNRNDOY9rNZHEMj74gJDPyPzntmONk +-> ssh-ed25519 SKXJUw 9espI6g1Y0xAOf8RZaYTnw6Y7YSTN5Wv/9JqHMOe5Wo +ZaujblPPK14BYY67ffHCmRg33xljYwl/4YygG9efKQc +-> ssh-ed25519 wbGjmA U6GrN0iOmz77kOwa1VQ/0Cn7v/EiAJh1ZUOhJuqloVA +xB8Uu6+tVXNbAqCSkHYMvBla/oJA0nOHayrHtN4yCGQ +-> ssh-ed25519 B9K/XQ gMQEYYshD9fFvI0vrUER/2OWZYRICGem5bX7ZIP16kQ +9QwTY23a5C8TZ+1wUeqYWLWM4zSQNNzUoaqhkhQLxG4 +-> ssh-ed25519 vf+WVg 3MU9AIwghf/IDoMuAZEX3GuFz1w7vYtSso5I5BDY/hM +b1U0PexxCj4DTQB41bDi6bKktoOiA+xDDMLZYPHCMlA +-> ssh-ed25519 H162lQ 99SwlUFFeKMu8VH2264WyjJVugRKYcAFHF2aHtCGyE8 +LL2cJEdKtqrylLZWQVCoZQ9bGkCD6xPeY0K5C+sMrm0 +-> ssh-ed25519 b6YMqg ME2+OkaFz7ZkAy4izG26lmYMl47AF5NZFojEhawj0nU +FsMXB4ymF0e/FyySdEjE3LAJw3q0Ax5BQk9m0Zsu4cg +-> ssh-ed25519 Lqn0Yw CwGVxMt//mUhJp2Dv1juO8oWFVNML0Q+zTqsqncEo0U +/YzScABKV/949EQnf8ztFzNQGzjGOWPj9iXHy2uFDYM +-> X25519 I0lKCScunZXPMiHBpGhFa7nAGFg3NeAslOdutKkyuFo +csAlkN1jWUbUxlWRF/mAX1TT95ZU7iTDUa7uGi3Gtjk +-> Q?#-grease @c: +CXkWEsR63Q4TflQd95UiFCazSFterOzSMmqRaCR/uQBhUEkyPc0 +--- aOjcucJdwzcZQ2eT5PBsU7P0o1xlCgCMqPDWczEWY28 +7B"t G6B?`-ra^Jlcl5g[9M#Fj&Mn]Sevo޹}_n5;ܺ/1|cLCf!=*At{ \ No newline at end of file diff --git a/secrets/vaultwarden.env.age b/secrets/vaultwarden.env.age index 227c6d1..b60971d 100644 --- a/secrets/vaultwarden.env.age +++ b/secrets/vaultwarden.env.age @@ -1,10 +1,10 @@ age-encryption.org/v1 --> ssh-ed25519 Lqn0Yw COtpnkiIOsiZ6sI7GpZW6DSrMdP+V8SFm+G6VSx6Tlg -foNXyNZ/u5RVNdijDQr0mGn5BQaPDhOqLhD9gxEP5e4 --> X25519 xbW4hHBb8lJ9fIwnRsfBpTmLGO74ZBkwmdXpWQ1H9CA -ucFk4TvPIxiQNyuNgQ/dHKy+p9LvePmwWLYd2e60AT0 --> "d-grease -7zl7veXnoG49diEebRbI1ok+U0CMgjo7AQK8rsCsOa4tDR8L460m4CfSOSEMEqzK -QjEjuxC9NY0liwnNsRLNWccKxa3V1LQLL68RhA ---- exAOdELiQNGSJcweG5qVkiX4SLNMq8x9uNyp77pCrWA -B; iAo,ULb(Gea?H؋Ɖfhz+^ij0%ΫKā3azsU]L!YD>v|'W!!K' \ No newline at end of file +-> ssh-ed25519 Lqn0Yw r7XhdzWjjBP5HLeX+RwIek+vTZP1wZhhO5sr0LppdwI +4HH91EuAKYOQ5E37/dH7fgFKShxE1aX7v/njbL4cNMU +-> X25519 itbc3rl6K9BmbhNsMo/FaeOynrtrpZj5Zt0VF3McYmw +Cc0jPYLqyp5X4+KPfpy821mpCVSDke+z+Al/8Hp7vc0 +-> WQA%nPY-grease n&Oc2@ sf 05 +aC3qV0yeKogkc/OdfKhxW2rv4GDlT4mMlPA5FoqMA/2lq6yCoeMjGffwzXVEsauq +IRyYz3R/53ZrFtfefkBS5P4d4d/OmI6lsA +--- KYxAUYn/NHyfCJO+WqH0JKJKQZMCQYSeMryS/Kw3n8s +;i7K,T&{1^]WVzLKs Y\|@z`b'-lkP'aT''mZk76iK*-t 1:mUIqNчމst)# \ No newline at end of file