dev/nixfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

nixos/git: Use separate nginx

Browse Source
This commit is contained in:
Jack O'Sullivan 2024-01-08 23:31:06 +00:00
parent e277cce3bc
commit ca6fe534dc
11 changed files with 221 additions and 98 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
lib/constants.nix
View File

@ -173,10 +173,14 @@ rec {
port = 25565; port = 25565;
dst = aa.simpcraft-oci.internal.ipv4.address; dst = aa.simpcraft-oci.internal.ipv4.address;
} }
# { {
# port = 25566; port = 25566;
# dst = aa.simpcraft-staging-oci.internal.ipv4.address; dst = aa.simpcraft-staging-oci.internal.ipv4.address;
# } }
{
port = 25575;
dst = aa.simpcraft-oci.internal.ipv4.address;
}
{ {
port = 2456; port = 2456;

6
nixos/boxes/colony/vms/estuary/default.nix
View File

@ -394,7 +394,9 @@ in
tcp dport ssh accept tcp dport ssh accept
ip6 daddr ${aa.middleman.internal.ipv6.address} tcp dport { http, https, 8448 } accept ip6 daddr ${aa.middleman.internal.ipv6.address} tcp dport { http, https, 8448 } accept
ip6 daddr ${aa.simpcraft-oci.internal.ipv6.address} tcp dport 25565 accept ${matchInet "tcp dport { http, https } accept" "git"}
ip6 daddr ${aa.simpcraft-oci.internal.ipv6.address} tcp dport { 25565, 25575 } accept
ip6 daddr ${aa.simpcraft-staging-oci.internal.ipv6.address} tcp dport 25565 accept
return return
} }
chain routing-udp { chain routing-udp {
@ -431,8 +433,6 @@ in
table inet nat { table inet nat {
chain prerouting { chain prerouting {
${matchInet "meta l4proto { udp, tcp } th dport domain redirect to :5353" "estuary"} ${matchInet "meta l4proto { udp, tcp } th dport domain redirect to :5353" "estuary"}
ip daddr ${aa.git.internal.ipv4.address} tcp dport { http, https } dnat to ${aa.middleman.internal.ipv4.address}
ip6 daddr ${aa.git.internal.ipv6.address} tcp dport { http, https } dnat to ${aa.middleman.internal.ipv6.address}
} }
chain postrouting { chain postrouting {
ip saddr ${prefixes.all.v4} oifname != as211024 snat to ${assignments.internal.ipv4.address} ip saddr ${prefixes.all.v4} oifname != as211024 snat to ${assignments.internal.ipv4.address}

2
nixos/boxes/colony/vms/estuary/dns.nix
View File

@ -151,6 +151,8 @@ in
valheim IN AAAA ${allAssignments.valheim-oci.internal.ipv6.address} valheim IN AAAA ${allAssignments.valheim-oci.internal.ipv6.address}
simpcraft IN A ${assignments.internal.ipv4.address} simpcraft IN A ${assignments.internal.ipv4.address}
simpcraft IN AAAA ${allAssignments.simpcraft-oci.internal.ipv6.address} simpcraft IN AAAA ${allAssignments.simpcraft-oci.internal.ipv6.address}
simpcraft-staging IN A ${assignments.internal.ipv4.address}
simpcraft-staging IN AAAA ${allAssignments.simpcraft-staging-oci.internal.ipv6.address}
mail-vm IN A ${net.cidr.host 0 prefixes.mail.v4} mail-vm IN A ${net.cidr.host 0 prefixes.mail.v4}
mail-vm IN AAAA ${net.cidr.host 1 prefixes.mail.v6} mail-vm IN AAAA ${net.cidr.host 1 prefixes.mail.v6}

92
nixos/boxes/colony/vms/git/default.nix
View File

@ -1,8 +1,11 @@
{ lib, ... }: { lib, ... }:
let let
inherit (builtins) mapAttrs;
inherit (lib) mkMerge mkDefault;
inherit (lib.my) net; inherit (lib.my) net;
inherit (lib.my.c) pubDomain; inherit (lib.my.c) pubDomain;
inherit (lib.my.c.colony) domain prefixes; inherit (lib.my.c.colony) domain prefixes;
inherit (lib.my.c.nginx) baseHttpConfig proxyHeaders;
in in
{ {
nixos.systems.git = { nixos.systems.git = {
@ -72,9 +75,81 @@ in
}; };
}; };
users = {
users = {
nginx.extraGroups = [ "acme" ];
};
};
security.acme = {
acceptTerms = true;
defaults = {
email = "dev@nul.ie";
server = "https://acme-v02.api.letsencrypt.org/directory";
reloadServices = [ "nginx" ];
dnsResolver = "8.8.8.8";
};
certs = {
"${pubDomain}" = {
extraDomainNames = [
"*.${pubDomain}"
];
dnsProvider = "cloudflare";
credentialsFile = config.age.secrets."middleman/cloudflare-credentials.conf".path;
};
};
};
services = { services = {
fstrim = lib.my.c.colony.fstrimConfig; fstrim = lib.my.c.colony.fstrimConfig;
netdata.enable = true; netdata.enable = true;
nginx = {
enable = true;
enableReload = true;
logError = "stderr info";
recommendedTlsSettings = true;
clientMaxBodySize = "0";
serverTokens = true;
sslDhparam = config.age.secrets."dhparams.pem".path;
# Based on recommended*Settings, but probably better to be explicit about these
appendHttpConfig = ''
${baseHttpConfig}
# caching
proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=CACHE:10m inactive=7d max_size=512m;
'';
virtualHosts =
let
hosts = {
"_" = {
default = true;
forceSSL = true;
onlySSL = false;
locations = {
"/".root = "${pkgs.nginx}/html";
};
};
"git.${pubDomain}" = {
locations."/".proxyPass = "http://localhost:3000";
};
};
defaultsFor = mapAttrs (n: _: {
onlySSL = mkDefault true;
useACMEHost = mkDefault pubDomain;
kTLS = mkDefault true;
http2 = mkDefault true;
});
in
mkMerge [
hosts
(defaultsFor hosts)
];
};
}; };
virtualisation = { virtualisation = {
@ -104,11 +179,24 @@ in
}; };
my = { my = {
secrets.key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP+KINpHLMduBuW96JzfSRDLUzkI+XaCBghu5/wHiW5R"; secrets = {
key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP+KINpHLMduBuW96JzfSRDLUzkI+XaCBghu5/wHiW5R";
files = {
"dhparams.pem" = {
owner = "acme";
group = "acme";
mode = "440";
};
"middleman/cloudflare-credentials.conf" = {
owner = "acme";
group = "acme";
};
};
};
server.enable = true; server.enable = true;
firewall = { firewall = {
tcp.allowed = [ 19999 ]; tcp.allowed = [ 19999 "http" "https" ];
extraRules = '' extraRules = ''
table inet filter { table inet filter {
chain forward { chain forward {

27
nixos/boxes/colony/vms/git/gitea.nix
View File

@ -26,18 +26,6 @@ in
systemd = { systemd = {
services = { services = {
# TODO: Figure out a way to do this properly... redirecting localhost is awkward...
local-http-forward = {
description = "Forward local HTTP connections";
serviceConfig.ExecStart = "${pkgs.socat}/bin/socat tcp-listen:80,fork tcp:${allAssignments.middleman.internal.ipv4.address}:80";
wantedBy = [ "multi-user.target" ];
};
local-https-forward = {
description = "Forward local HTTPS connections";
serviceConfig.ExecStart = "${pkgs.socat}/bin/socat tcp-listen:443,fork tcp:${allAssignments.middleman.internal.ipv4.address}:443";
wantedBy = [ "multi-user.target" ];
};
gitea = mkMerge [ gitea = mkMerge [
(lib.my.systemdAwaitPostgres pkgs.postgresql "colony-psql") (lib.my.systemdAwaitPostgres pkgs.postgresql "colony-psql")
{ {
@ -141,21 +129,6 @@ in
"gitea/minio.txt" = ownedByGit; "gitea/minio.txt" = ownedByGit;
}; };
}; };
firewall.extraRules = ''
table inet filter {
chain input {
ip saddr ${prefixes.all.v4} tcp dport 3000 accept
ip6 saddr ${prefixes.all.v6} tcp dport 3000 accept
}
}
table inet nat {
chain prerouting {
ip daddr ${assignments.internal.ipv4.address} tcp dport { http, https } dnat to ${allAssignments.middleman.internal.ipv4.address}
ip6 daddr ${assignments.internal.ipv6.address} tcp dport { http, https } dnat to ${allAssignments.middleman.internal.ipv6.address}
}
}
'';
}; };
}; };
} }

5
nixos/boxes/colony/vms/shill/containers/middleman/vhosts.nix
View File

@ -359,11 +359,6 @@ in
useACMEHost = pubDomain; useACMEHost = pubDomain;
}; };
"git.${pubDomain}" = {
locations."/".proxyPass = "http://git-vm.${domain}:3000";
useACMEHost = pubDomain;
};
"mc-map.${pubDomain}" = { "mc-map.${pubDomain}" = {
locations."/".proxyPass = "http://simpcraft-oci.${domain}:8100"; locations."/".proxyPass = "http://simpcraft-oci.${domain}:8100";
useACMEHost = pubDomain; useACMEHost = pubDomain;

2
nixos/boxes/colony/vms/whale2/default.nix
View File

@ -51,7 +51,7 @@ in
}) { }) {
valheim-oci = 2; valheim-oci = 2;
simpcraft-oci = 3; simpcraft-oci = 3;
# simpcraft-staging-oci = 4; simpcraft-staging-oci = 4;
}; };
configuration = { lib, pkgs, modulesPath, config, assignments, allAssignments, ... }: configuration = { lib, pkgs, modulesPath, config, assignments, allAssignments, ... }:

70
nixos/boxes/colony/vms/whale2/minecraft/default.nix
View File

@ -5,6 +5,19 @@ let
# devplayer0 # devplayer0
op = "6d7d971b-ce10-435b-85c5-c99c0d8d288c"; op = "6d7d971b-ce10-435b-85c5-c99c0d8d288c";
whitelist = concatStringsSep "," [
op
"dcd2ecb9-2b5e-49cb-9d4f-f5a76162df56" # Elderlypug
"fcb26db2-c3ce-41aa-b588-efec79d37a8a" # Jesthral_
"1d366062-12c0-4e29-aba7-6ab5d8c6bb05" # shr3kas0ras
"703b378a-09f9-4c1d-9876-1c9305728c49" # OROURKEIRE
"f105bbe6-eda6-4a13-a8cf-894e77cab77b" # Adzerq
"1fc94979-41fb-497a-81e9-34ae24ca537a" # johnnyscrims
"d53c91df-b6e6-4463-b106-e8427d7a8d01" # BossLonus
"f439f64d-91c9-4c74-9ce5-df4d24cd8e05" # hynge_
"d6ec4c91-5da2-44eb-b89d-71dc8fe017a0" # Eefah98
"096a7348-fabe-4b2d-93fc-fd1fd5608fb0" # ToTheMoonStar
];
in in
{ {
config = { config = {
@ -21,19 +34,7 @@ in
ICON = "/ext/icon.png"; ICON = "/ext/icon.png";
EXISTING_WHITELIST_FILE = "SYNCHRONIZE"; EXISTING_WHITELIST_FILE = "SYNCHRONIZE";
WHITELIST = concatStringsSep "," [ WHITELIST = whitelist;
op
"dcd2ecb9-2b5e-49cb-9d4f-f5a76162df56" # Elderlypug
"fcb26db2-c3ce-41aa-b588-efec79d37a8a" # Jesthral_
"1d366062-12c0-4e29-aba7-6ab5d8c6bb05" # shr3kas0ras
"703b378a-09f9-4c1d-9876-1c9305728c49" # OROURKEIRE
"f105bbe6-eda6-4a13-a8cf-894e77cab77b" # Adzerq
"1fc94979-41fb-497a-81e9-34ae24ca537a" # johnnyscrims
"d53c91df-b6e6-4463-b106-e8427d7a8d01" # BossLonus
"f439f64d-91c9-4c74-9ce5-df4d24cd8e05" # hynge_
"d6ec4c91-5da2-44eb-b89d-71dc8fe017a0" # Eefah98
"096a7348-fabe-4b2d-93fc-fd1fd5608fb0" # ToTheMoonStar
];
EXISTING_OPS_FILE = "SYNCHRONIZE"; EXISTING_OPS_FILE = "SYNCHRONIZE";
OPS = op; OPS = op;
DIFFICULTY = "normal"; DIFFICULTY = "normal";
@ -55,6 +56,49 @@ in
''--network=colony:${dockerNetAssignment allAssignments "simpcraft-oci"}'' ''--network=colony:${dockerNetAssignment allAssignments "simpcraft-oci"}''
]; ];
}; };
# simpcraft-staging = {
# image = "git.nul.ie/dev/craftblock:2024.1.0-java17-alpine";
# environment = {
# TYPE = "MODRINTH";
# EULA = "true";
# ENABLE_QUERY = "true";
# ENABLE_RCON = "true";
# MOTD = "§4§k----- §9S§ai§bm§cp§dc§er§fa§6f§5t [staging] §4§k-----";
# ICON = "/ext/icon.png";
# EXISTING_WHITELIST_FILE = "SYNCHRONIZE";
# WHITELIST = whitelist;
# EXISTING_OPS_FILE = "SYNCHRONIZE";
# OPS = op;
# DIFFICULTY = "normal";
# SPAWN_PROTECTION = "0";
# VIEW_DISTANCE = "20";
# MAX_MEMORY = "4G";
# MODRINTH_MODPACK = "https://cdn.modrinth.com/data/CIYf3Hk8/versions/Ym3sIi6H/Simpcraft-0.2.0.mrpack";
# TZ = "Europe/Dublin";
# };
# environmentFiles = [ config.age.secrets."whale2/simpcraft.env".path ];
# volumes = [
# "minecraft_staging_data:/data"
# "${./icon.png}:/ext/icon.png:ro"
# ];
# extraOptions = [
# ''--network=colony:${dockerNetAssignment allAssignments "simpcraft-staging-oci"}''
# ];
# };
};
my = {
secrets.files = {
"whale2/simpcraft.env" = {};
};
}; };
}; };
} }

61
secrets/dhparams.pem.age
View File

@ -1,30 +1,35 @@
-----BEGIN AGE ENCRYPTED FILE----- -----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IERMTWVGZyBMQkxo YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IERMTWVGZyB3QTU1
YUpuOW5hSFdZYzhBaU5oeFZPRlVoMmNWMEVhQ1VVclJwT2dtdEV3CmIyYStQeFMr TEdvbFNaUmE4U1lCNzI1dlloVDBTNXdURjZ2akRMV0R6dm5ST0FNCk9YclRSakhT
VkI3UjhSVFA1eDRZWXBjVXVxamx3ZDFaOTF0YS9ZVVk1eFEKLT4gc3NoLWVkMjU1 NlV2UVJwak9Fa3dQNTNBK0xKWGlkNXdwZTBEMm4xZzc3azQKLT4gc3NoLWVkMjU1
MTkgZ1N4UDBRIEdReTZqdlZkSloyTTV6ZFl1QU1hbU53QlVpM3dFVUlNM25MRFhm MTkgakk4UkFnIGNBMHNrdG84cUQxd1lqQmJIczlScU1jNk52Y3BtR2tXeDNWdWRX
Uk96eHcKbWFOYytZbHd1d21xN2JEdE9xQlU2MDQ1dVNvQmlEQ1dCdDJUdXdNSURG cEFCR0UKVU5vem5MZUFPbGhoQzJTYnF4OTd3OW9jYTRkazdocVJkZ0pRRGNLek93
awotPiBzc2gtZWQyNTUxOSBWRmN3NWcgTURZWU01WS8wZnA0ZXh5L2h3ZHhPUUcy cwotPiBzc2gtZWQyNTUxOSBnU3hQMFEgQ2RUaEUyV1ZGbGRtZnlIUEtTQXk5MUZF
NEhPUDdUcjVRZjRDUWlJRWJCZwpNakpPdFprVUxoWG1ESi9uZWFxV3RDbEJrbUc5 djYxZ0hBUThlV2tXTHNvdXpVSQpMdiswMy9QNUtCb1hkbGRqR0Nia3FXTzE1ajZL
Q2NsVmx5UnhBclhHSjlZCi0+IFgyNTUxOSArS3JYaklMR3RtSEVhbU5OR2EyY0s4 UXljSTZqM2YvbzVuWUFzCi0+IHNzaC1lZDI1NTE5IFZGY3c1ZyBYL1NrRjRaRnFn
OW12V09mZGVYYzdtbEdWL1NTdjJFCmU3c25iNG53d21pTHQvTW1TM2hDcG1xZkZq RlNLdWJ3cThteDM3WmNaY210d3RmZzhCYmNpVXBwVGlVCjBkM0IzZC9zNjhmTTZV
M2R3QkZyMnMweFdTeVNFLzAKLT4gMz4sWF5JLWdyZWFzZQpmOU9PTTFieDQvbVhL R25ySkVoQWxQQ252WWFlWWZFMlc5dWtUN3VvVTgKLT4gWDI1NTE5IE8yUU1pWGFr
ZwotLS0gd0R2OHhrekNrWndZQVR4TTg1L21TM09hUWFzU3lLKzg4QXdHbWRhUWFE NzUvZVpwalB6aklkWmJGWUQzTnJiRjNzdzY2MUp6MkY5M1UKR1VIWDVyTFpxem5F
dwoRz4OWxG6yPNFZtBgIuHT8fNp9LRfE7KoD4HcpZtnSIIhgjfs6Bw1KTJtDMRM/ TmRNWE9zZStLanRTdlU5d0NOSEJKdWhDUjBCdy9vOAotPiBTJCd2NyFYey1ncmVh
EbfhxdRuiRs9GES5RQw1n5+kFjZxD9X2ExbnsOhoqc9fY5w/BWcg467ExIt1svDh c2UgfE4mYSBXfms0TC5FPiBiYmx8IGRFV35mciNoCjVZdHRiVUtMMWxEMlJ4b1F1
wwXGKxsf7upC0NsvywpArY+FeAslYdpfsbwE7TlmnHSG4ZfvJq42RsMiz2VsoKxl TGgxY01XTlZpTEtndkg0T0hRVjlqVUJGMUpSaE5tVlZWR3VGenpkUXY2eXJtbmkK
vgdK97lKWUD9xoWM1KJ0ujej8srRWjQQrWo3m28avgUr7LUHPYNbXcOALn60jsKE ZCtqRVN4dnZENXdoYkpjNHRWYXkvN2laY1p4YjV0WQotLS0gOHlEVTVOSmlNemNQ
N4pBf9pTO5DD6RHTltpXVPyNU6tewUXbyAFWYEPTF5c18Gsl1sjWxKX9mEHcK9VG TW5ISk1DeDlEM1RoQ2JtUFlyTXRKQjdnT0hiend2VQqrUFvr+76sKn0ldBmZMlEW
hK+5Bg1ygBJ3Rz0o9IROw/cnE8ukHvutZFzSg/d4VOoRvKxhBCxQfr/dy12e33RN U2k85DLo2KU+/+GtbkZwVXxxIZHMLpoJgghHk9ptdalUgLGcl0X15x9jVaw8aeta
i3jkTqR8Op3279q5Fpi3Z3Ca23Ts32omRRKHt1wQWg9LnI7MonngJpSV1mWk6Lln hbeOHotRHY7bC3z0S74riTk3xDMR1eT0QGhDMWHjfo8SkCftOYBlFfhTftevdep3
RfSxmMtE2DZ64FUCngV17nPXsNqsJxL/edecRaSYFuHWUSEaJvYxHbRN3/QZgKEi pKMZsuQMwH9JzxgUfcxIcWE975cZzrEJ85nfWMGvdSjcg51KNxP/UUPRxDlcbCEf
PKUJ7n4hlVrHM9Dk1ktvgVUhf9bucywMiJZUE5bxP6iIlcdTJQsAbd3FzqM+KUD2 9XX5apSzNsTI3ibGD1n6Qwq8bdVYDMHmy5pAhw4l8L+SdoU1tGdw7JOA16sMCJbx
FNEOY28RWPCBhbHtRK8w6a0hSfH3x6/1yBbVWrF7RyJayV6tSUyPMoSKobqSVgZ5 T4bV0ky/PGRonjJuCyDBj8oe9vMe1ZI1O/ITtktekS+wocxBs6QXlY7pIZMlGUn2
LMZXaZXfvznBdmRHVyZjVtQM+SKcvY7+jguNCHWOltoCOosT1pdN6XWYyi8piNgQ 6m59ZEEaf7R4/MdnmBDNDkQuyXaKc7SaTc6h5sKWzXdYScGUKvgUQ7U/WJ2ItUTC
3nQDScaiEb61z7juzBlwsbFZ1xVRyMYrNeeg3y9JKjJEImxUae59ieSy+JLkIBYC N/Xq07GkZZMt5MYBlyEr+/mKWlcy+ylJPGb7EswvQWaHoeM1QF0XLZ1v+W/Xsso0
LtEwCmyvtcxyRtj1uki2DXtnbPP54vA0BIF0g0bw3FCNcjDslt7ruPN6YWPQjWOY seIoz+geSu9a02kwfsa8WvWXdIAT5X2pNGPClVNzjQ23pfQfQuW8ZQrGmIFR4g5A
nCeONk9/JoA0ejG8AHK26W/YlvelQVF+qQJv/ODTdQIjjpM/6ftQZrb++m5hIQHD 58T1K+vGLdShqqVGyJFMVrSuOzqX5FVmZalu7/++1IQfiRGUlrHKoPlKWnCfFEOu
p8pCNgta3bXYz58XyeM2WPqBKgU/OAC24AeOLgiTW8PdlTPy31Ylb/wNtsUFYqSW AYjaPeEFX2ByxcqfMK1YVPvUufdISUQeaQOO7mXGE3FqB0oUqmRIUiWZATwhq3Pw
2cPM/hM7Qjq+OAuuhgf2cOxRsx6cX1y9BnWJVRDUwwBTDjVsF+It8AK6RJ9CUL/p p5QdcySTnmMpD/w05hvwski77kCdmYuHlMlLZez/kfhTnIGXris+Vwi/V19bsZ8G
gRI16087ZRMsfYi0qolVX80IQnJnTl6K8hjWhhc0KAUXZSc= zwaZ/Xr6WNC+df5JqSfTGREnXZPFRDkaTt3ri5/eEm6BqliuYjGbuiKsDECi4+JX
bHpH6LBBoKQ6ms7jCAn0Ls4cUKF37PcjGAOuWnzCSBU+REht1EDfHzx4C7hNiP8X
87NjEqJbwE9lORho0hQJRTn8uriQcidlVoB3se2SYKbMy8UA4NNnxN9PTj0TuQjL
OD3LtqHBElqNPbGNyyEAAJmMBmmkUvPPXlGQ0D99b1+jIdHzYSRtOLshBFykqWYQ
LJD61duhGqcQqcLx4+JdQ+oVcfAI2nG7YINnHB0OmS2DOZvvwqQ7ASScSujUWIjA
LNQxu3ruMz+bw/G0tYZBBiE=
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----

32
secrets/middleman/cloudflare-credentials.conf.age
View File

@ -1,17 +1,19 @@
-----BEGIN AGE ENCRYPTED FILE----- -----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IFZGY3c1ZyBVMkFi YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IGpJOFJBZyA2NGhR
Zkd0SHI1L2M0YTNKU1RXVnFZYlB6T1hFK1B5RWwxYlpkSU9ZVlFRCmRPdWVyNkJ5 aGJ3RjRaTjlFeUtWa1FZbmdQcGJmbVdxNVkveURqbmdwL2x1RGpVCnY5eTFZRjV3
VGw0K3ZBeW9mYmVteEt6aW9BaCtiTzhpb0lxdDZMTkJ6NFUKLT4gWDI1NTE5IGlW QVNMZ2xGMHVBek1BaklxUUtiRU5pTU9kWFk1VHhGNE81SFUKLT4gc3NoLWVkMjU1
UCtQeXg0bXZNMTlBQUVvTXBScDFRcHFSMzVBd2x5ZDJuVTg2cGx0MXMKTFNDbkN4 MTkgVkZjdzVnIElYUmkwbUFPeEExZnJGVWwvUFZsRTdhYkJsSC9CM3hMbGtuSVFs
SDlEcG9BOCt3Nk1yNENxKy9EU1dXVC9yalJ0ekRmc2FvQldmZwotPiA3JzZefHFp UGJXQkUKQnc4MGNMM0JZcC9FeG5HeHpLUVFlNE9xelo4Qk1mam5WNlBITnF3WnJs
LWdyZWFzZSAlQjUmCmV0dUJQU01RdlZraVdPNFN2YzE2Y3d6eW00RmlZd3Y0eVdu WQotPiBYMjU1MTkgVkpmUVdBY1p2UDdLcFpXVnJOZGUyZ1VXNVYrUmxkZlpqazRn
bHUyVDlCb3dsZSszOFhNb1BIUGZUK2hqaFNkV3oKZDRZMU9UbUZUSURkakNvYU9N cVlLYkt5YwpZSUtIN0RwSEdOSUFYQ0Zsc1NzeUhiQ2Q0T296dmZ3UW5hY1Y1MEJn
WHJRVVhFT1VUczljZlpiVEZ4bSs0NGhYM0k3N0F5UEVWRXd1blFXZwotLS0gWTIv MzF3Ci0+ICV5Qy1ncmVhc2UgXSggRWprMCBuCkdKVldUMHozVXlqTVNrUVdyUVd0
NXVUb1RQL2ZhajFnSlJuaVp5c1hOUENnTkloOFJ3ZkFTY3pvdktCOAoFB6muUkj5 MFdSN0dPSVdnT3hMN2NNYVBRSGZnV2k2cVp4NGdjMHBHS0xadC96YmNObEIKUWVH
xjLe5AQ9bHB2f8DL1U0ijCeHPMHv7fk41jpNAGc0KMxpNboGXxROEu2ZsLN2WJOm YWk1Q2tuQUpsV01JWVozbG4rd0ZiN1JHOHRFYVFIenVxOFhXRndrN09lODkvaVhB
z7LEGHh6bSGP/sBgJnnUMWdsaqToa/JK3d07LzZMevlNxAXOpe/SE3rAEFUnbPKr eDBoVmxvbU1FbWJrCi0tLSBSeU5TaVZUbmdwdmh1TDVzb0s1eDFvNkVrK1dqTmZG
UuNYoO2FmyDCAhmdB+HAhb1JUDmmGWEVftrwoCeRg97RE5Rgh/+GT6QJcAct6e3+ cDJobU1DZkdHRWhnCvEtMAlEC+BPPYX1YvvcmvRjeOgbuuxzjkGjuB+tT1pBKfYR
QrJqZ9045L644rDqhMHGHAWTjsLX9s8i10WNhFS4x5J5+C9u32eC2xZ/ZjMj4vHU 9gsHtkPWibhCk546Q1w+fY4StxKmaoxPddBjeQNXh9W6cCQ/vSmxAFya3w5SEtPd
xkNg/HCL6iDnm/jlSfmrbuTWu70IofWz9gPZy++/Gbf8uM7cICWXU1ujCI+4TIQm QjozqEVsiwBmBrZgt0UJ96e5hmhmD6zU7fp/RhpFpZv1JrEkhYEz8+jk5Ai96mSg
we8GEP0lO4wrGYnzXgXs5cT0V0dV4Jn5 0pKDAU8xtCnyBBaPiaj2jU/6kiKoGaVXCEuIv0uayRhRp0wap/kf+ToHA/oXVXbl
TZsalOEKH38udhBJiMjRgemqyHQEEpjmYIMWdiTvH6PGZ0yp/09iiEyBCMwzcJAk
nr8HyZKcuzswBcVjRak/raM9lAbpdWWktHxAZa67wsCH017FDrN9e15B2MI8
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----

10
secrets/whale2/simpcraft.env.age Normal file
View File

@ -0,0 +1,10 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IC9FSlh2ZyBEb2hB
cnZBRFZ5OFlvR1ZtSm4zWG1MMjFhQ0VONkk4M2hPQmlaV0tkS21vCm9pWTA4UGtE
dXd4SnFCd3JMeGg3c0ZXZm5Fc1hWdkhxbEQzYVZyMHkyM00KLT4gWDI1NTE5IEwr
MXpubG9nMk1wNFczQ2dUY0NSKzZoR3ZkQlBkbEtOclg3YklWeEYwR1kKZE8wTFND
eDgrbDhNL0ZYYVNCSGRSN1dNSHlmdEVFSnVENnFMVjlOL3k3UQotPiBpNUpIRC1n
cmVhc2UKV0JWMGdmZldNUyswR2tLdUVFRQotLS0gK0E3VFRlVXZqSDQ0ZDBvdjdl
YU1UQkltNUw5ZndVTU1kbVZ6bDlCQjU3NAp0czfiB+B6CH87gdHFh4i6ssbAtjEC
RnlqGXKkw3Lxa66DU0KYewcXcnTQZQSXbaVHin1KXndG7F0Jvz0po70=
-----END AGE ENCRYPTED FILE-----