diff --git a/nixos/boxes/colony/vms/default.nix b/nixos/boxes/colony/vms/default.nix index c626689..fae2793 100644 --- a/nixos/boxes/colony/vms/default.nix +++ b/nixos/boxes/colony/vms/default.nix @@ -58,9 +58,7 @@ waitOnline = "no-carrier"; mac = "52:54:00:15:1a:53"; }; - drives = mkMerge ([ - installerDisk - ] ++ (optionals (!config.my.build.isDevVM) [ + drives = mkMerge ([ ] ++ (optionals (!config.my.build.isDevVM) [ (vmLVM "estuary" "esp") (vmLVM "estuary" "nix") (vmLVM "estuary" "persist") diff --git a/nixos/boxes/colony/vms/estuary/default.nix b/nixos/boxes/colony/vms/estuary/default.nix index 1b57dd2..562dc82 100644 --- a/nixos/boxes/colony/vms/estuary/default.nix +++ b/nixos/boxes/colony/vms/estuary/default.nix @@ -10,12 +10,12 @@ altNames = [ "fw" ]; domain = lib.my.colony.domain; ipv4 = { - address = "188.141.14.75"; + address = "188.141.14.136"; gateway = null; genPTR = false; }; ipv6 = { - address = "2a0e:97c0:4d0:bbbf::1"; + address = "2a0e:97c0:4d0:cccf::1"; gateway = "fe80::215:17ff:fe4b:494a"; }; }; @@ -67,11 +67,11 @@ systemd.network = { links = { "10-wan" = { - matchConfig.MACAddress = "52:54:00:a1:b2:5f"; + matchConfig.MACAddress = "d0:50:99:fa:a7:99"; linkConfig.Name = "wan"; }; "10-base" = { - matchConfig.MACAddress = "52:54:00:ab:f1:52"; + matchConfig.MACAddress = "52:54:00:15:1a:53"; linkConfig.Name = "base"; }; }; @@ -136,7 +136,7 @@ my = { #deploy.generate.system.mode = "boot"; - secrets.key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPhxM5mnguExkcLue47QKk1vA72OoPc3HOqqoHqHHfa1"; + secrets.key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF9up7pXu6M/OWCKufTOfSiGcxMUk4VqUe7fLuatNFFA"; server.enable = true; firewall = { diff --git a/nixos/boxes/colony/vms/estuary/dns.nix b/nixos/boxes/colony/vms/estuary/dns.nix index 53a2e78..9d52cc5 100644 --- a/nixos/boxes/colony/vms/estuary/dns.nix +++ b/nixos/boxes/colony/vms/estuary/dns.nix @@ -7,7 +7,7 @@ let ptrDots = 2; reverseZone = "100.10.in-addr.arpa"; ptrDots6 = 17; - reverseZone6 = "b.b.b.0.d.4.0.0.c.7.9.e.0.a.2.ip6.arpa"; + reverseZone6 = "c.c.c.0.d.4.0.0.c.7.9.e.0.a.2.ip6.arpa"; authZones = attrNames config.my.pdns.auth.bind.zones; in diff --git a/secrets/cloudflare-credentials.conf.age b/secrets/cloudflare-credentials.conf.age index 97f406c..b80adae 100644 Binary files a/secrets/cloudflare-credentials.conf.age and b/secrets/cloudflare-credentials.conf.age differ diff --git a/secrets/colony-netdata-powerdns.conf.age b/secrets/colony-netdata-powerdns.conf.age index ef86718..16b3288 100644 Binary files a/secrets/colony-netdata-powerdns.conf.age and b/secrets/colony-netdata-powerdns.conf.age differ diff --git a/secrets/colony-netdata-powerdns_recursor.conf.age b/secrets/colony-netdata-powerdns_recursor.conf.age index cee3f73..07c84ac 100644 --- a/secrets/colony-netdata-powerdns_recursor.conf.age +++ b/secrets/colony-netdata-powerdns_recursor.conf.age @@ -1,10 +1,10 @@ age-encryption.org/v1 --> ssh-ed25519 B9K/XQ tDBPRX7DnmpYqxz4gXvV9LZ8tmRZPTAG6oxETGbd0UU -48tfItNKKxWTSfgDlDo/k6plBRYiiXMASuCLGxvoC8g --> X25519 STPfXnE2jyweZvx57JxnwGLqLRhc96UBv0PU5JhwBC0 -tWvrDl92aYEOOMluQBHo3qjTyLnJpNbteFEr5qbLvBc --> @8-grease 5aX -BQEHOARPN768tA1QK18wGhrK/vWGLFZvgxq4IQYs9KwW+Eudlyp/Mwt9xz/eizx+ -p4HMKg ---- r8SG3CERXL+gYc0b2dHvRUPf3JrW3jYL4d03pFcBR8o -<BPvȯ ssh-ed25519 n8CpUw 3na3rX1PrjMPa+ynr7g7aOKZOb9JRpJ6fmRgzCjFeFQ +tC1fam8M781xVPg5/8glb+sOnH/zeEZz8v7pHwq3TU4 +-> X25519 HW7WdM1+TxtRPOU50vljY7UfFsGAaH+/ZM+6GVbXdSU +3116WCf9LqNYhy3ExbXjScd26niTWf4MT8jG4B6C4oM +-> E+-grease =~i'-n | +goTQr7NR7wU +--- byZX/NO1psubXPAEA06kupcMBeml46RzGGQ0JuZzuL8 +n^pzDڥ- +h F)0!)\p / h+GbLPa ϒCdQqd~аg :=mrTY6LHyTEimF7B!h92PS1R \ No newline at end of file diff --git a/secrets/colony-pdns-recursor.conf.age b/secrets/colony-pdns-recursor.conf.age index 4de2559..cc6ae0d 100644 --- a/secrets/colony-pdns-recursor.conf.age +++ b/secrets/colony-pdns-recursor.conf.age @@ -1,10 +1,10 @@ age-encryption.org/v1 --> ssh-ed25519 B9K/XQ pDr63Mxy93vvgTOOeGx+P2olj58AszuoW4DMU/2vwTs -q0BfZmSo7PTHbbwX+8BdbJNiOjHflEsRVRyb96CCfJs --> X25519 wclqj46DLlI26z5xVt2FdTzYI5QUrZAu74y3Hgm1j18 -WpK4K+hsmxjVKGbt/NuC/Khcw1mSH121AabF0fsYLVw --> t]-grease fmXI7F 0vP#;w * -mlRT87J7NtBKsK1lsNBArc9Ofo92Yniki5o3deA ---- k5dfRl70t63RfTENRTTgBzgi3lm0D26KFkj73tyHMBo -jMޚy-?h3kWv{M~P[aCCj(٦elRPJ%V&[ -62ԣ. \ No newline at end of file +-> ssh-ed25519 n8CpUw QjNXGWOUJ1wyKSN6WBUcUg1Iheb6SvTJAjhESBUPuB8 +BcmPlu+eqCqZyO5hDHvR8I3jVvzocbD3imvZ7Fhl+So +-> X25519 w5eqTb2dmE0H3yx03k9PzDYgvBMi35BMtNjGKULdPms +mZEPfazZEMBoh4IuMWHxJcu7W5Hz2+pPYraLVtUd0YA +-> vP0AU-grease 7 "p/b 2: ]dK!%{]b +P5/KbvcwfGfG84Cn7CT07ct7lGLF/g5oNV88wGZ6UipK0g0G2Xdn0k3t/gHzZpHc +3yVJGso5/r6G9FgG +--- GIjjyxKeVCAYPMT4yyMo13OVnLzL+eEF77qTVVTRJbo +>aЁoQ{nXE{GSwh͖rz;􁿂oOQ\9֜fyI,h \ No newline at end of file diff --git a/secrets/dhparams.pem.age b/secrets/dhparams.pem.age index b55cfe0..d503246 100644 Binary files a/secrets/dhparams.pem.age and b/secrets/dhparams.pem.age differ diff --git a/secrets/jackflix-wg-privkey.txt.age b/secrets/jackflix-wg-privkey.txt.age index 07991d5..c015b8e 100644 --- a/secrets/jackflix-wg-privkey.txt.age +++ b/secrets/jackflix-wg-privkey.txt.age @@ -1,9 +1,11 @@ age-encryption.org/v1 --> ssh-ed25519 vf+WVg +Ftq3XX892mQ+cB1nPRq6eDP7HPdFogZk/EbIsuxuk0 -i1ihGVigQBA7pquuXO3sBABSXN9x8IIJ64sfiNQ201w --> X25519 YB51ze5czSe08S89gtTWQ6zuxoMJZi5+23S2GXCXT1M -jlLwxefYiijkj4JH4J+sUVJxhBWYfmbGjwi3B57vphU --> f3mY-grease w kU}uSw m_ySQ R+ -t7aJI+DNE57a0chgz08QlOIPpZyudJ4EjGChyO0ct9rQkrT87AQ ---- vugV8UZzBLfeLBlFPBfiLAo1aaU28p1JLNyyGQkztNs -W4)5-f5c”S8Q]36~)JjW{ K!ϰ!H3(ڠ=>w| \ No newline at end of file +-> ssh-ed25519 vf+WVg qXtAg2GwqpwDkSEYBFJJj+SRoGSV9iyoHnHkfNSFu2A +TqVkf9qrC61dm015+9B81UM2duJkkn08pCsb+P4DnCM +-> X25519 3QEcbcJq2fkjfVxvOthjQLdI9oQe4bqnqStT9XGJfG8 +v3dkB8GmZM0edYhyfSd+NPgjTH6nVYcdPs7o0xibkvg +-> -(?m|[-grease S#{ aJ3x*'s +PEzYDSgCJRy2hjOBmlDCLVbqawYhwFIcWklyJd2y7mNS1KvJX7ouOSzxSYYYC78+ +MaurcPYbKe8zqZdgAF+/e9mKf3gUBekqYltVEQveeQ +--- 5p482W+FJKbbv6YQ0Jtuy5bw75RG5zJkhG9YRzHcJY4 +wI|flBϼJڊA9s +\i_R %xBw?'~T%rIb A@K \ No newline at end of file diff --git a/secrets/nginx-sso.yaml.age b/secrets/nginx-sso.yaml.age index 01e8ffd..63e967b 100644 Binary files a/secrets/nginx-sso.yaml.age and b/secrets/nginx-sso.yaml.age differ diff --git a/secrets/pdns-file-records.key.age b/secrets/pdns-file-records.key.age index 40211a2..3f9b6e7 100644 Binary files a/secrets/pdns-file-records.key.age and b/secrets/pdns-file-records.key.age differ diff --git a/secrets/pdns.conf.age b/secrets/pdns.conf.age index 106db85..692300e 100644 --- a/secrets/pdns.conf.age +++ b/secrets/pdns.conf.age @@ -1,10 +1,10 @@ age-encryption.org/v1 --> ssh-ed25519 B9K/XQ RPTsuo5LXtXQ0yRf4lix7nOn48nJawJo/fv3mYZJfCs -FTIAc4/v/TQipi5I4KaOX0GDksh8TzjC7eSAl0tIOBk --> X25519 pWMx1kfOtpKjB2v0nxlxsxMAgNTUcHlwd/P4+1KxJh4 -hgBRp0O9u9g+E27L+gFwNQQO8U9CTpO4wimbSrw5xGA --> E4fsjus0-grease ?9*Pp +%i8{y -2RUCSOqmenVa1VlGqIXGuFcs8tbJavzHAqkIeMKVRGhE8akkRwAluTvXMMSD4fXJ -MqXGrxz2CpkwsUgq1nV80GHpQP6a ---- TXdOf7GTxBUBkH3NnM+BnXif8xbGDf4xxPgHX/oTyhk -EƾZGT%}^h!.55uxxHRȂV셐bcu3P𣜫kc$NI$m2 \ No newline at end of file +-> ssh-ed25519 n8CpUw L36ivajrz0JmCTvTvANtuYqzSbSL9BCw7qZ9jZV/6xA +k4t4IWXKe33I71A7zJD4YCP4GJr6QIokc7+9p36g1WY +-> X25519 JpwKfbsKt6Esh0+GAXfAHF293Qhts8vGSoODUSPOAxE +z+0/8vcGBYoslXb5EzsImpAiagaO32MVYw70efYBQ5o +-> Y2-grease *"('T +5j4ocAbDAHv+Mn7CorFoRqK87I4omu6W3eiGhFl0pF2XBJgnCS2i0+8qFd57T0oW +Cjee9LbI8sDFFRO9lQ +--- /6tyKKu52i/cK1yKf/z1emPDjkP8WbDJUB/mRThBLwI +\TB,u6n.!"7R8˛ Vpvb0q(,A#tor\M׳}',Y \ No newline at end of file diff --git a/secrets/synapse.yaml.age b/secrets/synapse.yaml.age index a31d18b..741e3a3 100644 Binary files a/secrets/synapse.yaml.age and b/secrets/synapse.yaml.age differ diff --git a/secrets/user-passwd.txt.age b/secrets/user-passwd.txt.age index 01a1b74..e886d67 100644 --- a/secrets/user-passwd.txt.age +++ b/secrets/user-passwd.txt.age @@ -1,23 +1,24 @@ age-encryption.org/v1 --> ssh-ed25519 FAIX7A pl4zTRrmyNifdO8b8doSjet5gSoFpONfiguMwVpOHCU -7Xh//uKMTAommAVmmr4umaKT+sc1UMpyN0x5nktXd74 --> ssh-ed25519 j67FXQ wpxRi34I+bFkP+bkOPsBRpoZXem7EBU0qEEoI7reiFw -8q54R8NNM4pOybQdijpKgukvzNSKgkHMkmyvkC40aCU --> ssh-ed25519 wbGjmA 9W9Zd6IiHTAyDmtdFHICgHNBNmSv69dWIQ5PWrBmbFc -ypSUUmdRztDAFFMHr9KHPPZhtk9wT+nOI6fU3f/r95A --> ssh-ed25519 B9K/XQ z9MyCdvCDmEpoQ6VAc4UL5ykKT2y7dTWkd8uC0TCqWY -dI48qpfve02o34ThBSuXpR+k/ZS0JdcWWS0lHZEy5Xk --> ssh-ed25519 vf+WVg Is1UbqPX+Wg/Z+ofr6pltx1Hd/YU7r0Cw43vYN7U834 -BpsNPysnx0kDPvZNx5kiHBqowGxc/ixcxLbVrEEVNEQ --> ssh-ed25519 H162lQ fLD0bnsOAT8YAwRwScQmDY74CCiKz5o502ENBs3HyCk -4BOHx7fsMEIrKUt1wQ/wZwthMQMtJLcLRt5zrNY7pOI --> ssh-ed25519 b6YMqg 87GJmhVV49B3lI74QT4GszBMWIoADwZ6Tr+gn7ai9gk -oHvVeEduJ0WBl0WmXAKgn6qmC8GRZ3uKQHwaEehKemI --> ssh-ed25519 Lqn0Yw 14WT2Odd9MqCJRmFnXYMT+78J5tPAoE3ZN50eY8o3wY -4RZjgE0MG7DkGBa7msq4cq3sSBQp+AMzghAvMWpEpds --> X25519 UWwTiaziKhTE4iW3IPYg3eVtgRp+bnyWxrcW3k66VmA -Qb0Sj+t22AqS0lgx7uaiDgOn7KMxnDvUKRczTQB9TG0 --> N6|5#-grease - ---- SBETWPCFXoHLlWtd8R+ZSoFVqaE1RThAP1QwkU+f9a4 -d++xN a"^w.̕#4=ҳN-J=- \ No newline at end of file +-> ssh-ed25519 FAIX7A eliaROKgZJ5pHG9fafJBWkgNyXxEf+mLM4ZDcWxVMjk +xqakzMg39A4h/30x0I/kguAXJFAdWGXNIFF6XwN8YMI +-> ssh-ed25519 j67FXQ vv7q5hrYCpfzEpuV6WqPOcfSJi0ch5iPZoZ/3A+SUCo +nn0gmKtxO2yygDZ06gjm/3BAmCk2J8JJaqRG3t9BJJA +-> ssh-ed25519 wbGjmA mJLB7ynPlwIepLmbrM50PYqwnfw3YL/raqd779A7N3A +CwAY4PSGRnf7iwqFOO72BhFOO3pSWOD/iJ2Eiyaskwc +-> ssh-ed25519 n8CpUw OHaSXGdBorYjO5CLVtOrBtiToY1hOuWegEHAw+b2e2U +oQp7feEmm1JndrKfOhdCCyPPAwnkiwdR023MurH4dhM +-> ssh-ed25519 vf+WVg 7O5icW5o6qmTsYpIru7zsa1YGfNHLWMD0AbFTYw/nTY +BWMWEhQZuwfNGhyDecA6Ehod2LXXe0mej+f1Qf5i68M +-> ssh-ed25519 H162lQ OYKOF0kAjSIhUNxF1QnurWtNx2LUef5Flc9Ts7MT9U0 +/CD5y/mk7tlwwqWISSRZM4zJ86KXpKw0pR3Yl5PwLb8 +-> ssh-ed25519 b6YMqg nyXEuYq2mZR7CdPf9WgzjWbMA6LeGrnucZP8P/W6v1k +a1PRL1amj5EUnKy3ntts+mj35KY3SnzdhWKDv0Uw674 +-> ssh-ed25519 Lqn0Yw VyPYS4Ji7eOZ/ZnvduesWpNZvSuZWhgTqZxxdhyKMjo +KOZQlpkU8AIPwZjlqqn58QrjfoLjayHaRl8aXObfqI0 +-> X25519 0Qx/KFWFSNOdNgyiPa/0a730raEejHUtbppVMsJIyXY +gv1WtZRySVbBdQPbm/i62FsoC5vDkuXRHDPp3WttIBY +-> r?z-?\-grease x9 ]QgMK 7wyy .W7 +CFhO2JPqygpgbbIeV7uQ7TGyUb7tjg +--- RR/yBQldrLPK68Ou1rSEoRyuyxaRQg0FTYVS7ZAkU3c +[0 L GOhī~>|G)+A*f"2jrx۱/-0jnW˱q).}zB +5ba;wf$Xnwה,nS3$M9.jkJ)*LER+j \ No newline at end of file diff --git a/secrets/vaultwarden.env.age b/secrets/vaultwarden.env.age index f96a001..85ea805 100644 --- a/secrets/vaultwarden.env.age +++ b/secrets/vaultwarden.env.age @@ -1,9 +1,10 @@ age-encryption.org/v1 --> ssh-ed25519 Lqn0Yw 6M1t8mb0iZdJSPiz8Nu0nRywlpArnvcxizdxr6u6yGM -w1PzOCZszgyc8vF5GJPI5l8RtQwFv0CNhpAxJAF6TOw --> X25519 +M017bsZwXazaojl9szfKRagMK1lzc+gpbaqKNhRuFU -fx3Y7OykdZXK1g9ixdhExhAmLqoVrWlNUqvkMPYtc0Q --> Lv3@gmCc-grease v5T@. -BUBGyMXy ---- PoRgQ9bY+fxY2gJXHUQbEGW/bqa7KwonajSG+ccr6Mo - IR0? >A؆l.E$C^!fgۆ3d;i;y[;jݯ0Wl:q sFiɜMt-1+q \ No newline at end of file +-> ssh-ed25519 Lqn0Yw Bz5NlkaQ6pP+6yDPYrPQ6cGUe5E9KX6YOaPD3W8RDUE +DuqoiMGa0qLYLkoMc2w/VG7LK/lFkWfSIU0PXnvbDsY +-> X25519 wQBPBsriO5+gtVhEv2eUFl23Zlrb6Hsmoc1gcpz52UY +m/vtia8Br7YcDF4b2BDNu7XTi6l0ZUWnFc1sUb1fKbM +-> y-grease N [Q!. =p+sf|U# Q +MZ67rBOVn7P6axlbaHr2nhWwJG+9xa+TCs437ZPno9eADiyD0nM+rCbieuCuTQ +--- RdezvRzpHycG0lYi+I26OCNfk4NrQJ4nw+8m9prvPLA +v6}n2 E|ohr +vUI#WqA\˯3 dZEiMdqgXaj ˞uC>@ szðx._ \ No newline at end of file