Compare commits
13 Commits
9c8a2abf3f
...
6e4178df04
| Author | SHA1 | Date | |
|---|---|---|---|
 Berwn
|
6e4178df04 | ||
|
Berwn
|
2c89ab913c | ||
|
Berwn
|
84c3eece58 | ||
|
Berwn
|
7f5227d2e2 | ||
|
Berwn
|
ebf4efe5c9 | ||
|
Berwn
|
64b7eb1934 | ||
|
Berwn
|
e763d76ae9 | ||
|
Berwn
|
b65f526ea2 | ||
|
Berwn
|
3a0bc2dba4 | ||
|
Berwn
|
6098fe9a3b | ||
|
Berwn
|
8d9981ee5a | ||
|
Berwn
|
afc2e997c0 | ||
|
Berwn
|
faaa7b66c0 |
@@ -1,4 +1,6 @@
|
|||||||
let
|
let
|
||||||
|
hosts = import ./modules/hosts.nix;
|
||||||
|
|
||||||
# This clan-core pins the zerotier `allowedIps` interface (admit by network
|
# This clan-core pins the zerotier `allowedIps` interface (admit by network
|
||||||
# IPv6), but node IDs are the stable per-device handle (what `zerotier-cli
|
# IPv6), but node IDs are the stable per-device handle (what `zerotier-cli
|
||||||
# info` prints). Derive a member's IP on THIS network from the controller's
|
# info` prints). Derive a member's IP on THIS network from the controller's
|
||||||
@@ -21,6 +23,7 @@ in
|
|||||||
control = { };
|
control = { };
|
||||||
ns1 = { };
|
ns1 = { };
|
||||||
ns2 = { };
|
ns2 = { };
|
||||||
|
mx1 = { };
|
||||||
};
|
};
|
||||||
|
|
||||||
inventory.instances = {
|
inventory.instances = {
|
||||||
@@ -51,14 +54,12 @@ in
|
|||||||
};
|
};
|
||||||
|
|
||||||
# Direct SSH to public IPs — clan's priority-1 connection path, with the
|
# Direct SSH to public IPs — clan's priority-1 connection path, with the
|
||||||
# ZeroTier mesh and Tor kept as automatic fallbacks. Raw IPs (not the
|
# ZeroTier mesh and Tor kept as automatic fallbacks. Raw IPs (from
|
||||||
# ns1/ns2 DNS names) so reaching these hosts never depends on their own
|
# modules/hosts.nix, not the ns1/ns2 DNS names) so reaching these hosts never
|
||||||
# DNS being up.
|
# depends on their own DNS being up.
|
||||||
internet = {
|
internet.roles.default.machines = builtins.mapAttrs (_: h: {
|
||||||
roles.default.machines.control.settings.host = "77.42.68.181";
|
settings.host = h.ipv4;
|
||||||
roles.default.machines.ns1.settings.host = "46.224.170.206";
|
}) hosts;
|
||||||
roles.default.machines.ns2.settings.host = "157.180.70.82";
|
|
||||||
};
|
|
||||||
|
|
||||||
# Recovery root password for console access when a machine fails to boot.
|
# Recovery root password for console access when a machine fails to boot.
|
||||||
emergency-access = {
|
emergency-access = {
|
||||||
|
|||||||
@@ -11,6 +11,7 @@ this book is built from `docs/` and served on `control` over the ZeroTier mesh.
|
|||||||
| `control` | ZeroTier controller, monitoring, docs | `77.42.68.181` | `2a01:4f9:c013:e6d0::1` |
|
| `control` | ZeroTier controller, monitoring, docs | `77.42.68.181` | `2a01:4f9:c013:e6d0::1` |
|
||||||
| `ns1` | Knot DNS **primary** (master) | `46.224.170.206` | `2a01:4f8:c014:b5c5::1` |
|
| `ns1` | Knot DNS **primary** (master) | `46.224.170.206` | `2a01:4f8:c014:b5c5::1` |
|
||||||
| `ns2` | Knot DNS **secondary** (slave) | `157.180.70.82` | `2a01:4f9:c014:6d87::1` |
|
| `ns2` | Knot DNS **secondary** (slave) | `157.180.70.82` | `2a01:4f9:c014:6d87::1` |
|
||||||
|
| `mx1` | Mail server (**MX** for cnx.email) | `5.223.65.38` | `2a01:4ff:2f0:1963::1` |
|
||||||
|
|
||||||
## Access
|
## Access
|
||||||
|
|
||||||
|
|||||||
@@ -8,6 +8,9 @@
|
|||||||
},
|
},
|
||||||
"ns2": {
|
"ns2": {
|
||||||
"installedAt": 1781418857
|
"installedAt": 1781418857
|
||||||
|
},
|
||||||
|
"mx1": {
|
||||||
|
"installedAt": 1781757322
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -1,3 +1,7 @@
|
|||||||
|
{ config, ... }:
|
||||||
|
let
|
||||||
|
hosts = import ../../modules/hosts.nix;
|
||||||
|
in
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
../../modules/hetzner-firewall.nix
|
../../modules/hetzner-firewall.nix
|
||||||
@@ -11,10 +15,10 @@
|
|||||||
|
|
||||||
clan.core.sops.defaultGroups = [ "admins" ];
|
clan.core.sops.defaultGroups = [ "admins" ];
|
||||||
|
|
||||||
# Public IPv6; SLAAC doesn't bring it up here.
|
# Public IPv6 (from modules/hosts.nix); SLAAC doesn't bring it up here.
|
||||||
cnx.staticIPv6 = {
|
cnx.staticIPv6 = {
|
||||||
enable = true;
|
enable = true;
|
||||||
address = "2a01:4f9:c013:e6d0::1";
|
address = hosts.${config.networking.hostName}.ipv6;
|
||||||
};
|
};
|
||||||
|
|
||||||
time.timeZone = "Etc/GMT-3"; # UTC+3 (fixed offset, no DST)
|
time.timeZone = "Etc/GMT-3"; # UTC+3 (fixed offset, no DST)
|
||||||
|
|||||||
@@ -0,0 +1,23 @@
|
|||||||
|
{ config, ... }:
|
||||||
|
let
|
||||||
|
hosts = import ../../modules/hosts.nix;
|
||||||
|
in
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
../../modules/static-ipv6.nix
|
||||||
|
../../modules/monitoring/exporters.nix
|
||||||
|
];
|
||||||
|
|
||||||
|
clan.core.sops.defaultGroups = [ "admins" ];
|
||||||
|
|
||||||
|
# Public IPv6 (from modules/hosts.nix); SLAAC doesn't bring it up here.
|
||||||
|
cnx.staticIPv6 = {
|
||||||
|
enable = true;
|
||||||
|
address = hosts.${config.networking.hostName}.ipv6;
|
||||||
|
};
|
||||||
|
|
||||||
|
services.timesyncd.enable = true;
|
||||||
|
|
||||||
|
# Mail host backing the cnx.email MX (mx1.cnx.email -> 5.223.65.38).
|
||||||
|
# SMTP/IMAP services to be configured.
|
||||||
|
}
|
||||||
@@ -0,0 +1,50 @@
|
|||||||
|
# ---
|
||||||
|
# schema = "single-disk"
|
||||||
|
# [placeholders]
|
||||||
|
# mainDisk = "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_117494657"
|
||||||
|
# ---
|
||||||
|
# This file was automatically generated!
|
||||||
|
# CHANGING this configuration requires wiping and reinstalling the machine
|
||||||
|
{
|
||||||
|
|
||||||
|
boot.loader.grub.efiSupport = true;
|
||||||
|
boot.loader.grub.efiInstallAsRemovable = true;
|
||||||
|
boot.loader.grub.enable = true;
|
||||||
|
disko.devices = {
|
||||||
|
disk = {
|
||||||
|
main = {
|
||||||
|
name = "main-5a0919ffeb6044a39b7d44bba8895ff2";
|
||||||
|
device = "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_117494657";
|
||||||
|
type = "disk";
|
||||||
|
content = {
|
||||||
|
type = "gpt";
|
||||||
|
partitions = {
|
||||||
|
"boot" = {
|
||||||
|
size = "1M";
|
||||||
|
type = "EF02"; # for grub MBR
|
||||||
|
priority = 1;
|
||||||
|
};
|
||||||
|
ESP = {
|
||||||
|
type = "EF00";
|
||||||
|
size = "500M";
|
||||||
|
content = {
|
||||||
|
type = "filesystem";
|
||||||
|
format = "vfat";
|
||||||
|
mountpoint = "/boot";
|
||||||
|
mountOptions = [ "umask=0077" ];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
root = {
|
||||||
|
size = "100%";
|
||||||
|
content = {
|
||||||
|
type = "filesystem";
|
||||||
|
format = "ext4";
|
||||||
|
mountpoint = "/";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
||||||
File diff suppressed because it is too large
Load Diff
@@ -2,6 +2,7 @@
|
|||||||
let
|
let
|
||||||
domains = import ../../modules/dns/domains.nix;
|
domains = import ../../modules/dns/domains.nix;
|
||||||
mesh = import ../../modules/mesh-hosts.nix { inherit config lib; };
|
mesh = import ../../modules/mesh-hosts.nix { inherit config lib; };
|
||||||
|
hosts = import ../../modules/hosts.nix;
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
@@ -22,10 +23,11 @@ in
|
|||||||
# resolution, so map the control machine name to its ZeroTier mesh address.
|
# resolution, so map the control machine name to its ZeroTier mesh address.
|
||||||
networking.hosts.${mesh.hosts.control} = [ "control" ];
|
networking.hosts.${mesh.hosts.control} = [ "control" ];
|
||||||
|
|
||||||
# Public IPv6 (matches the ns1 AAAA glue); SLAAC doesn't bring it up here.
|
# Public IPv6 (from modules/hosts.nix; matches the ns1 AAAA glue); SLAAC
|
||||||
|
# doesn't bring it up here.
|
||||||
cnx.staticIPv6 = {
|
cnx.staticIPv6 = {
|
||||||
enable = true;
|
enable = true;
|
||||||
address = "2a01:4f8:c014:b5c5::1";
|
address = hosts.${config.networking.hostName}.ipv6;
|
||||||
};
|
};
|
||||||
|
|
||||||
time.timeZone = "Etc/GMT-1"; # UTC+1 (fixed offset, no DST)
|
time.timeZone = "Etc/GMT-1"; # UTC+1 (fixed offset, no DST)
|
||||||
|
|||||||
@@ -1,6 +1,7 @@
|
|||||||
{ ... }:
|
{ config, ... }:
|
||||||
let
|
let
|
||||||
domains = import ../../modules/dns/domains.nix;
|
domains = import ../../modules/dns/domains.nix;
|
||||||
|
hosts = import ../../modules/hosts.nix;
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
@@ -11,10 +12,11 @@ in
|
|||||||
|
|
||||||
clan.core.sops.defaultGroups = [ "admins" ];
|
clan.core.sops.defaultGroups = [ "admins" ];
|
||||||
|
|
||||||
# Public IPv6 (matches the ns2 AAAA glue); SLAAC doesn't bring it up here.
|
# Public IPv6 (from modules/hosts.nix; matches the ns2 AAAA glue); SLAAC
|
||||||
|
# doesn't bring it up here.
|
||||||
cnx.staticIPv6 = {
|
cnx.staticIPv6 = {
|
||||||
enable = true;
|
enable = true;
|
||||||
address = "2a01:4f9:c014:6d87::1";
|
address = hosts.${config.networking.hostName}.ipv6;
|
||||||
};
|
};
|
||||||
|
|
||||||
time.timeZone = "Etc/GMT-3"; # UTC+3 (fixed offset, no DST)
|
time.timeZone = "Etc/GMT-3"; # UTC+3 (fixed offset, no DST)
|
||||||
|
|||||||
@@ -11,8 +11,8 @@ $TTL 3600
|
|||||||
@ IN NS ns1.cnx.network.
|
@ IN NS ns1.cnx.network.
|
||||||
@ IN NS ns2.cnx.network.
|
@ IN NS ns2.cnx.network.
|
||||||
|
|
||||||
; ---- Mail (fill in once the mail host exists) ----
|
; ---- Mail ----
|
||||||
;@ IN MX 10 mail.cnx.email.
|
mx1 IN A 5.223.65.38
|
||||||
;mail IN A <mail-ipv4>
|
@ IN MX 10 mx1.cnx.email.
|
||||||
;@ IN TXT "v=spf1 mx -all"
|
@ IN TXT "v=spf1 mx -all"
|
||||||
;_dmarc IN TXT "v=DMARC1; p=quarantine; rua=mailto:postmaster@cnx.email"
|
_dmarc IN TXT "v=DMARC1; p=quarantine; rua=mailto:postmaster@cnx.email"
|
||||||
|
|||||||
@@ -24,6 +24,17 @@ let
|
|||||||
description = "ICMP (ping / PMTUD)";
|
description = "ICMP (ping / PMTUD)";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# Inbound mail only. mx1 is the MX for cnx.email, so other servers deliver on
|
||||||
|
# 25. Submission (587/465) and IMAP (993) stay closed until the mail stack and
|
||||||
|
# mailboxes exist — admin access rides the mesh, same as the other hosts.
|
||||||
|
smtp = {
|
||||||
|
direction = "in";
|
||||||
|
protocol = "tcp";
|
||||||
|
port = "25";
|
||||||
|
source_ips = world;
|
||||||
|
description = "SMTP (inbound mail)";
|
||||||
|
};
|
||||||
|
|
||||||
dnsRules = [
|
dnsRules = [
|
||||||
{
|
{
|
||||||
direction = "in";
|
direction = "in";
|
||||||
@@ -50,4 +61,9 @@ in
|
|||||||
];
|
];
|
||||||
"clan-ns1" = dnsRules;
|
"clan-ns1" = dnsRules;
|
||||||
"clan-ns2" = dnsRules;
|
"clan-ns2" = dnsRules;
|
||||||
|
"clan-mx1" = [
|
||||||
|
smtp
|
||||||
|
zerotier
|
||||||
|
ping
|
||||||
|
];
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -0,0 +1,28 @@
|
|||||||
|
# Per-host public network facts: single source of truth for each machine's
|
||||||
|
# public IPv4 and its static public IPv6. Consumed by clan.nix's `internet`
|
||||||
|
# connection hosts (ipv4) and each machine's `cnx.staticIPv6` (ipv6), so an
|
||||||
|
# address is written once instead of being duplicated across configs.
|
||||||
|
#
|
||||||
|
# NOT a driver for the DNS zone files — those stay hand-edited text, so a record
|
||||||
|
# here that also appears as A/AAAA glue still needs a matching manual zone edit.
|
||||||
|
#
|
||||||
|
# ipv6 is the single address to assign from the host's allocated /64 (we take
|
||||||
|
# ::1), without prefix length; cnx.staticIPv6 supplies the /64 default.
|
||||||
|
{
|
||||||
|
control = {
|
||||||
|
ipv4 = "77.42.68.181";
|
||||||
|
ipv6 = "2a01:4f9:c013:e6d0::1";
|
||||||
|
};
|
||||||
|
ns1 = {
|
||||||
|
ipv4 = "46.224.170.206";
|
||||||
|
ipv6 = "2a01:4f8:c014:b5c5::1";
|
||||||
|
};
|
||||||
|
ns2 = {
|
||||||
|
ipv4 = "157.180.70.82";
|
||||||
|
ipv6 = "2a01:4f9:c014:6d87::1";
|
||||||
|
};
|
||||||
|
mx1 = {
|
||||||
|
ipv4 = "5.223.65.38";
|
||||||
|
ipv6 = "2a01:4ff:2f0:1963::1";
|
||||||
|
};
|
||||||
|
}
|
||||||
@@ -14,7 +14,7 @@ let
|
|||||||
machine: file:
|
machine: file:
|
||||||
builtins.readFile "${dir}/vars/per-machine/${machine}/zerotier/${file}/value";
|
builtins.readFile "${dir}/vars/per-machine/${machine}/zerotier/${file}/value";
|
||||||
|
|
||||||
hosts = lib.genAttrs [ "control" "ns1" "ns2" ] (m: readVar m "zerotier-ip");
|
hosts = lib.genAttrs [ "control" "ns1" "ns2" "mx1" ] (m: readVar m "zerotier-ip");
|
||||||
|
|
||||||
# RFC 4193 prefix of this ZeroTier network: fd + the 8-byte network id + the
|
# RFC 4193 prefix of this ZeroTier network: fd + the 8-byte network id + the
|
||||||
# 0x9993 marker. The network id is a public var on the controller (control).
|
# 0x9993 marker. The network id is a public var on the controller (control).
|
||||||
|
|||||||
@@ -45,6 +45,7 @@ in
|
|||||||
(target "control" "127.0.0.1" 9100)
|
(target "control" "127.0.0.1" 9100)
|
||||||
(target "ns1" (v6 mesh.hosts.ns1) 9100)
|
(target "ns1" (v6 mesh.hosts.ns1) 9100)
|
||||||
(target "ns2" (v6 mesh.hosts.ns2) 9100)
|
(target "ns2" (v6 mesh.hosts.ns2) 9100)
|
||||||
|
(target "mx1" (v6 mesh.hosts.mx1) 9100)
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
|
|||||||
Executable
+6
@@ -0,0 +1,6 @@
|
|||||||
|
[
|
||||||
|
{
|
||||||
|
"publickey": "age1l5hw95p5h4sthrgn0usms9yfkwwmcvv34tjgrtv9s4e6x39chacshgxavs",
|
||||||
|
"type": "age"
|
||||||
|
}
|
||||||
|
]
|
||||||
+1
@@ -0,0 +1 @@
|
|||||||
|
../../../groups/admins
|
||||||
@@ -0,0 +1,18 @@
|
|||||||
|
{
|
||||||
|
"data": "ENC[AES256_GCM,data:lAgbSvyxBl0/NG8rHweKEEqYyDsHa+SrPZnxVubB2x5H3cqydhTCs8NMxJp+RKTPW2nhfmB/lrKgLHFfFMJfMg5jZ2BvZtR1IzA=,iv:1PgMbra/ec7yiCm7K5yo+1lCLJ89ryfP3SQML7uYv4k=,tag:lmaG+dZPCLHtQ59uFeSkVg==,type:str]",
|
||||||
|
"sops": {
|
||||||
|
"age": [
|
||||||
|
{
|
||||||
|
"recipient": "age1hlzrpqqgndcthq5m5yj9egfgyet2fzrxwa6ynjzwx2r22uy6m3hqr3rd06",
|
||||||
|
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBELzcrdUc0cW9pSXhGbzRY\naTd5aWgzcFpLQ3MyVElaZU5JK2Z4ZGRtMXpJCk14bmZLRlY4Z3pDeUxPM203anVY\nbE1aUEdDZ3NkcGxrcCtWS1ZmRWIrcmMKLS0tIDVTOUJhenR0WVhZSWNWT2VtRFpv\nc1h6Nk95Z3Y4eFQ1NUdmWWJiaWdDdGMKB3whh/RgAePTJnGmeDJ/WFv4NI42vA5O\nB0F6jmSDNa5beP8Um2DjWdPENkJJjv9yv38b7hP8BLDe9Ba4WBNfBA==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"recipient": "age1yubikey1qd859y9ehz2ya8j2cftwrtmdeqhuk7r7yc52zp64wpff6068gwrac3q6nsa",
|
||||||
|
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHBpdi1wMjU2IHFWcTVydyBBby9pdmFZ\nOElJVCtUQmJWVVljQi9KcHE2a2FaeU5HeUhyUm05Zm0wZDZKVwptY2hHRFJKMi9I\nN3NDY3ZjYVloTjF6R0l4RllDS1dpNzA1TDJDc0hGQnFvCi0tLSB1akhUWk9RU0Rt\naDV5MHdHcExlSzZWbSs0S1A3NGhES0V1U0pEaUd5WE04ChtGuEq0HnRiVTDwhJnO\nIWMhwCYaewHk+k0a0Z9qCwqqKxhfiGS6kg/YTKHTNhQ0bxIA8yqgQoaE8Hl5Zhzs\nKqk=\n-----END AGE ENCRYPTED FILE-----\n"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"lastmodified": "2026-06-18T04:33:03Z",
|
||||||
|
"mac": "ENC[AES256_GCM,data:Iffy/eS80qOJLdaGOIxti1otdxSLHA1TV06R8xq4zI1qFklJX8OWRy9CAYwAcTURS88gd5c2VGHsBI8yHOBj7LKiLJiu5/xRgD106hotBOJUy90UZ6MMbM2wwHomhQg5r5kNpRsJaPFaLFzm5YJN9gLUU1kxO4Nnt2L3bxZTogQ=,iv:cqbFD3ZIJnaZU7j7l9Qt1QqiUSQtclV7MGZWEZRZQoY=,tag:F0ZZQSQKYtBI65uutjNxow==,type:str]",
|
||||||
|
"version": "3.12.1"
|
||||||
|
}
|
||||||
|
}
|
||||||
+1
@@ -0,0 +1 @@
|
|||||||
|
../../../users/berwn
|
||||||
@@ -0,0 +1 @@
|
|||||||
|
$6$E/6oFzd0dMewfnBC$ppC/HUSkmazEB93xxR21v0YtEfCZRxPgqth3d0LgSbXsQ87akNMhWss8pPGI5Ez3QT93btGmGLQNY.kYFy465/
|
||||||
@@ -0,0 +1 @@
|
|||||||
|
../../../../../../sops/groups/admins
|
||||||
@@ -0,0 +1,18 @@
|
|||||||
|
{
|
||||||
|
"data": "ENC[AES256_GCM,data:hHmU59iiqnyvrQ3IIYihxajInbwAVUKT+al9sGubWTM=,iv:3UONUbekFlIwJj8mTR8tsXvlp8ReIPm5eR0djmHCXUs=,tag:wEfguaEgWW9/dYr0TldTJg==,type:str]",
|
||||||
|
"sops": {
|
||||||
|
"age": [
|
||||||
|
{
|
||||||
|
"recipient": "age1hlzrpqqgndcthq5m5yj9egfgyet2fzrxwa6ynjzwx2r22uy6m3hqr3rd06",
|
||||||
|
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzUmN6b1d3bWxMV1hsOUJO\nY3ozTmdmOGVsU1ZTU25FellURHFpUDdiYmcwCktEaFVzVVVjdkozR1lvY2FoVVMx\nZ3U1MVFBcDhQUTQ3bWRWVjNyR1l0dU0KLS0tIEZyRkZYRUdYN3lFMFI2SnE0WUx4\na0szbEpGc2FUSFZ6Z1NQK2RKMjV5NlUKJw8BghcP3qRELI9CuY/gq4SvDYBKDPaI\negNQYAQ9sjF7jY0vAyfkYI6KrwKxBa84WZrQYD0Dng1x9YigllSeyw==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"recipient": "age1yubikey1qd859y9ehz2ya8j2cftwrtmdeqhuk7r7yc52zp64wpff6068gwrac3q6nsa",
|
||||||
|
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHBpdi1wMjU2IHFWcTVydyBBa3JWRUh1\nZnRqMWNrUFJvVmV3Nk1GbmNBdHJKOXVERU5KenBpYTdqRklrNApBT1RGVHJPNmox\nSWxidTI5dS91UnJyM05jVFFMQUlHS1V5bHhKUHRqNkNNCi0tLSBtQ1l2ajhtcTFo\ncmtWb25wQWIrOGtManc2MTM1b1o4ZGV1VE1ONVZPY05jCuxsR2wFaUHnkQxbqrPh\nAmBBWO0xQexWWdJPS1/nz7uS75Ike233UBSLxNapkac5Obfg9UaRYsTPw6qDkQHT\nyUg=\n-----END AGE ENCRYPTED FILE-----\n"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"lastmodified": "2026-06-18T04:33:03Z",
|
||||||
|
"mac": "ENC[AES256_GCM,data:sLjSs7asZNK3qJgUOROE/XepuXPqxn2A2idAkLdH95nstbwjQttxjWgSxeLl4V1WbvlUyxBS8O+6JbiPg3dgfFKTEJ2IIQsQS8OBbJV/uUZrFvvAGU3iOB1mMD7Mk/CEz1wuzfVevREQhnbf7YOSAxb6fIK3sY5REU4bNi2qUxI=,iv:PTSvvssFkU8hDMSe2D8EmhwN6KOKIX5SvqjZJJECwXU=,tag:dWyQR50jAxjJA3BrrrL9Ww==,type:str]",
|
||||||
|
"version": "3.12.1"
|
||||||
|
}
|
||||||
|
}
|
||||||
@@ -0,0 +1 @@
|
|||||||
|
../../../../../../sops/users/berwn
|
||||||
@@ -0,0 +1 @@
|
|||||||
|
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJJWavBJ7+x+VjALDd1UzkAnYkNiHgrkIzzvwT6ZQX4k
|
||||||
@@ -0,0 +1 @@
|
|||||||
|
../../../../../../sops/groups/admins
|
||||||
@@ -0,0 +1 @@
|
|||||||
|
../../../../../../sops/machines/mx1
|
||||||
@@ -0,0 +1,22 @@
|
|||||||
|
{
|
||||||
|
"data": "ENC[AES256_GCM,data:k00qZlgD7TOR8kD0nDU3phJgJ+5mNZNGuB0J+VMvn2KC639DshChmU2DMn0J7tVZ1pEc9EpsYJEDni1cBWGvP8lKT0fbGT8vHIMS3GIsSSM0MXeGIGe7TUf6iuI8vxomXR/jQQyBq9dv7tHUKVqmfWT2D5SR2pQimOsUxP/qxK1jtjZqBMFFOIkRl9v3Kl36WSXOpHvSWqC0Y9Sntvhu8UaEEjSE0qNRfADAFiJ7yH/gUhgx4SUqyaMwQHgC66+hqVHrGfkhnC0X0Mcw+2oZHDHn4gTit6RCIJyOXKCzd4D9a5ldUF4m9Ws42N9Ulc20ECkFVRrGfo3b6iI7W1EKo1C4tWEya4/+iYj+H051oM1vUPoMQ0wVoRrc9b7iXj8CDqt8jRBbPsCEeYTHLmXfbYuV8s0Q54byNN3gF0oXuP7sutkQl6bEgCkRIQYSqOAeF2ngr+sJHCuTLm5hnvFQVTvTEKIUd3H78+qta+q0J/nWU4Z6yEca+/dPnNOQr/U1aLw/,iv:eAGFaqHaY3Eu/BPGvx76MyJvUuyuC+XMRAjRNItuuu8=,tag:d2MeamgG3W22LK2GQLM2Sw==,type:str]",
|
||||||
|
"sops": {
|
||||||
|
"age": [
|
||||||
|
{
|
||||||
|
"recipient": "age1hlzrpqqgndcthq5m5yj9egfgyet2fzrxwa6ynjzwx2r22uy6m3hqr3rd06",
|
||||||
|
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBsYmllbWh0NE93TFJ1b0NV\nNSt3a3VkOThFTVFxaWx3VzY1RnBOQndSaENnClg4eXh3cnJvSkhKdGs2dHAxa2tz\nZ1FqSkNyRzF0MUp4bnhqSWVrWUJGaUUKLS0tIFl1RU9qemMzS2ZjM3QrbWJZTFMr\nd1dNSVlLcWVEZ1hRWnQwR1pST0tVWGMKStjFxZgbz4GgVaNHH85O5Gtpgmpju8qU\n6Woe1nTo0LZjoHKCgvXNPetE25iKeG1SoPVV4LbARZ1tXDnnq6fmcA==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"recipient": "age1l5hw95p5h4sthrgn0usms9yfkwwmcvv34tjgrtv9s4e6x39chacshgxavs",
|
||||||
|
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvK08wODlrN21qaFRTMGdz\nYlhrRGc4M3VnWCs1ajMzZkMvektqZVZRL0ZjCjhWb2hLYm5vMjNYeGFUYlBJMG5R\nNURTQnF3aG90aTFaQ210NElkTWlock0KLS0tIHRCM2Y4djZGYjRDOURXazZSN1hu\nb2l5VS9aNmdJQjBjckpseXhoVzc4M2sKqOw6XiDRlFxpDrhCGPxZG9RDKxtLgaJb\nwTdZjB3C1cF4y7ANwmkbegqLaMXfhRI3/QLwkvYR/bZiWsYdOKUnKg==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"recipient": "age1yubikey1qd859y9ehz2ya8j2cftwrtmdeqhuk7r7yc52zp64wpff6068gwrac3q6nsa",
|
||||||
|
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHBpdi1wMjU2IHFWcTVydyBBNGNoRzhD\nN21ZcktHemNPallPMzlsRFl5bVNPcEJpUmJ3L00yVWJUT044KwpqRjdHbVNyeUEy\nbTRqRDJqZU82WmNQb1FsRjI3MUUxTjd5ekNqU1J1MnFJCi0tLSBBUEJxeXROWERi\nMlpuSDFxcklwZThXUElhWkUyTnUyMC9DWmJIQU1jbGVFCqIAsovpsuzHJJSQEeXB\naq8nha2lVQQk5aaCRmltzoAGaMM9axrh8bgNT2TrSYv4ZAfV09e4Vn9s/dGm3X5O\ni4M=\n-----END AGE ENCRYPTED FILE-----\n"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"lastmodified": "2026-06-18T04:33:03Z",
|
||||||
|
"mac": "ENC[AES256_GCM,data:tYw/e79GLeZI34PbiB3AsWVUP28kVad2NqdxvPjNinKF2yRmcML0LNDMSbVwSYUuGJWvyc0mbF4QFThtEiSPVcKqgYXcNm94fmfeouTrZKAvVxjGXE8pa7wDtsoV9yNcpLiQxqtMCZxy7mJPgNhHiMQjiPOqU7tb1O7+o13bCJU=,iv:DgSpKNC49edVc9kWGVY1hZIya40QP/0b52mbx58I0mU=,tag:qB3zc//bUSMbCK5dufPqzg==,type:str]",
|
||||||
|
"version": "3.12.1"
|
||||||
|
}
|
||||||
|
}
|
||||||
@@ -0,0 +1 @@
|
|||||||
|
../../../../../../sops/users/berwn
|
||||||
@@ -0,0 +1 @@
|
|||||||
|
../../../../../../sops/groups/admins
|
||||||
@@ -0,0 +1 @@
|
|||||||
|
../../../../../../sops/machines/mx1
|
||||||
@@ -0,0 +1,22 @@
|
|||||||
|
{
|
||||||
|
"data": "ENC[AES256_GCM,data:5rAULXYJAzvJISpwR/HmZFRT47W3J312LlQLibsg42gq1Ddfskn+njf3CrHzkYHppRyNuGdo9NoX5Abd8PLrSucTyyNfTmNRZLP4YQ4DG7AIZJrDD9SosltNC0BaE7J25WRna0lNQDWwEA==,iv:mwNjVtr91DAL4B+s7DjZJM3t+5EmnwgaqixASjVstSI=,tag:wWy1wqvZS+zXdcmq4z4tuQ==,type:str]",
|
||||||
|
"sops": {
|
||||||
|
"age": [
|
||||||
|
{
|
||||||
|
"recipient": "age1hlzrpqqgndcthq5m5yj9egfgyet2fzrxwa6ynjzwx2r22uy6m3hqr3rd06",
|
||||||
|
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYcGtPSnpLODF5U0NIQk5H\neERBcm11NkpkanhLd0pKYVllbHV0SndyaVVVCkQ3T3A1OTRXb3Y4V3NpcWorQ1Fa\nenJMU3UxZnYzMmNraXk0YWRVZjF5T3MKLS0tIFZVcGd2d3BwQjVta1RpSzJMTzhQ\nVWpQL2ZkOXFXa0RhejBDZUlMS2VVOFkKfB+wbosTER+rcLGCeAWMcalT9DsvYMQf\n+k4RUA57zSzNFdX/2azltJ3L58IK9UeSxyEgcYobWSnpZmvqr160Jg==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"recipient": "age1l5hw95p5h4sthrgn0usms9yfkwwmcvv34tjgrtv9s4e6x39chacshgxavs",
|
||||||
|
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxOE84VVkzV3EvRFo1M0Fa\ncnhZa0NxajZFdnZFOXI1N05tOHUzVVB3cUIwCktvVXU5NGh3eW9wa2NoRWNxU2lP\nUDdiU3hURGFvSHJ6ZEN5QnlMNzkzNHMKLS0tIHRjdXdkMEhQZmlTN2JOV3R5WllE\nV1FnYmhFcnZ1MU44TzJqb2J3cmRtcjgKts2tmDm1F5AYNn34UUdEw0wyqMB0OTwx\ne+yuiSYM3WogVbve6c/fMR84k5Wm+yp/PN77JigzM7SvRwLNmAJqgw==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"recipient": "age1yubikey1qd859y9ehz2ya8j2cftwrtmdeqhuk7r7yc52zp64wpff6068gwrac3q6nsa",
|
||||||
|
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHBpdi1wMjU2IHFWcTVydyBBcFNIdXVL\nYmlXUnV1T3Q3V3pETUVsY29lcy84RU41UmR0OE9DK3RrbStGQgpxbFVpNlQyS0o4\nVXIrcG1XREc2bFVvODZxTmx3ODBNelI3V3ZLUjhmallvCi0tLSA3emNPb1FLdSs4\neXdrSzA4aVB2ZmVoZ1F1MHVqcVFpbjhoVExmbklKUWR3Cu1BH93XQt5sHPuNJPNR\n0pQ4qS/a1iXbz4A9FSpoerc6esLz7s1r4W2i/Vpc13QKhCr+/q5/n7URFJAPAjFn\nXzo=\n-----END AGE ENCRYPTED FILE-----\n"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"lastmodified": "2026-06-18T04:33:04Z",
|
||||||
|
"mac": "ENC[AES256_GCM,data:L1KdxE5KVrwbqa6LkpJNicDqOND69rNZKJCwW8+wYKAcxBwFrXF3fs584hFYydLdSlEWDTO2BzVvi9L7BB10gJuRUmw9Pk1rplCe+EkrrTl8ePbfjfGDK5agijsiNYdgRbF6JwHIYOQGVznYKIp28HZnwAi8eXuXzMDo7Fd3nqg=,iv:Xz0c4phNz8a+r/qDO8qf+0IHsTNkV96xBMgH9nh1hAs=,tag:lhxuokbeoPLQrdapMdmneA==,type:str]",
|
||||||
|
"version": "3.12.1"
|
||||||
|
}
|
||||||
|
}
|
||||||
@@ -0,0 +1 @@
|
|||||||
|
../../../../../../sops/users/berwn
|
||||||
@@ -0,0 +1 @@
|
|||||||
|
../../../../../../sops/groups/admins
|
||||||
@@ -0,0 +1,18 @@
|
|||||||
|
{
|
||||||
|
"data": "ENC[AES256_GCM,data:E8Xkux+tMjrL01nbzeoRzhtJLD64VWwmHtDnOTT6ehaJQ+eHEalV/SusGBY=,iv:a59INtTPfRTMfGyCekMhlPW8GNUdvudWGtcDd7bcUT4=,tag:2uhTF6b9vNUaLKzzTns0mQ==,type:str]",
|
||||||
|
"sops": {
|
||||||
|
"age": [
|
||||||
|
{
|
||||||
|
"recipient": "age1hlzrpqqgndcthq5m5yj9egfgyet2fzrxwa6ynjzwx2r22uy6m3hqr3rd06",
|
||||||
|
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGRHZQVWFQcmdhUlZjM3A1\nbFFUL01VSThCa2NQOE91bS9aTXcreitDY1dVCk9tY2FBcDdWSjdXajN2QkliQ09X\nSU9FWEQwMEFzaHh2WUJLSy9tRFBXbzQKLS0tIFgyWSsxVVFSWVR3RUx6UncvTGZ0\na2p0c3MvUytMWTNxR2ZPRkxMUDJuQUkKi4j4I2yDM7cC9nyHjuN/Hde27YLSuZ2m\nTLOKiZ7wSPP9E9eK41thADTDK+Hd4SkiIQwhkd0I9iUESPl3UQmaOA==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"recipient": "age1yubikey1qd859y9ehz2ya8j2cftwrtmdeqhuk7r7yc52zp64wpff6068gwrac3q6nsa",
|
||||||
|
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHBpdi1wMjU2IHFWcTVydyBBcUNwQ1BG\ncXZnVE1CMm5jOVFyT3hNbGUxOUoxekxRL29RczdZNjQzOVFPdQp0V2UyUnp3dmxy\nQWNaait0TWcwaU0wbVVNcWdFWU1nYnk0TVVpSjkxazJJCi0tLSB3SDVOb1lCRVEx\nZHZaSjNnYzdEVEtObmE0c0l6NmIwazB5REQ4YVRRS2pvCiMU8QKROV74xvLTvyQ8\npzaBdWRypWjjTegjex8sWISeEix/zBS1rprP8eUnNtXrOc+rAYL8rIEaGTbSjsk7\nccE=\n-----END AGE ENCRYPTED FILE-----\n"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"lastmodified": "2026-06-18T04:33:03Z",
|
||||||
|
"mac": "ENC[AES256_GCM,data:TGWuRcoVxnSh9G1ByKAl1PB09Q684NMfo4eR5m1bn686DL4t5LkjowzQGvxlhf0I5NnotD8+4ku/qaLER2RgMNSIzLGcCbbQXPGplS+8llIq48oNKcEW8DLwOBaZ9mo/FdFBmKPa/NXaznrTitusTDp9ZiSQJG6LZHjWL8wMYYc=,iv:pYIzkcJUFAbTTi/GDHWKH7pkZ1TH4XOgNZ3QX7/FcXI=,tag:NnaTDdSpJc8EwSIAXpNFuw==,type:str]",
|
||||||
|
"version": "3.12.1"
|
||||||
|
}
|
||||||
|
}
|
||||||
@@ -0,0 +1 @@
|
|||||||
|
../../../../../../sops/users/berwn
|
||||||
@@ -0,0 +1 @@
|
|||||||
|
25.11
|
||||||
@@ -0,0 +1 @@
|
|||||||
|
../../../../../../sops/groups/admins
|
||||||
@@ -0,0 +1 @@
|
|||||||
|
../../../../../../sops/machines/mx1
|
||||||
@@ -0,0 +1,22 @@
|
|||||||
|
{
|
||||||
|
"data": "ENC[AES256_GCM,data:8ScQIuagOWobAFAzs1dVCC3TcR68Qc5aEsxaKfXNxSm9pxEWRC+6VWTdwpQZXOmlalh0iIYnwPMvtnQtDN6Y,iv:j9uxxaKIKMZPtxOvGWrxsvfRsQuYgM0nt+9ceULUPpo=,tag:VUnIp6o1w1fDg6MrjKYw/Q==,type:str]",
|
||||||
|
"sops": {
|
||||||
|
"age": [
|
||||||
|
{
|
||||||
|
"recipient": "age1hlzrpqqgndcthq5m5yj9egfgyet2fzrxwa6ynjzwx2r22uy6m3hqr3rd06",
|
||||||
|
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBqODVlNmRiTFE0WXBMQ0V6\ndGo5SngyVnh1VTFKY1JseDFJakZJNEFmKzFNCmxZNTA4Yjd1RnZuOG01MmlyM1ph\nM1VBbWlYSFdacDZEZDd1ZVExa0ZqelkKLS0tIDhsU0dtSkpvSlVIWGY5TmkxSWQ5\nSW5Zbm1yZ1NibVF0cWhmL2ZUQms0OVUKUGLPD4U2ICKY3ncH4HdToCvJOvIOMUAE\ns45ge1vlE3f3gVRy3YvOX0Us492N2mhRk7KJYc9+/T5Hlaa2r4r1Wg==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"recipient": "age1l5hw95p5h4sthrgn0usms9yfkwwmcvv34tjgrtv9s4e6x39chacshgxavs",
|
||||||
|
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBoNER4RzZMNFYrMVpJRXdW\nZE9ROVcwODFDcnpPcVc2MHNvUGxoTWlCdXlVCkdCaGJ5bmJLUEM2cDJoS1VBLzFG\naEZHeTZJZDQzMkZnNjdVL3poWUN3QncKLS0tIHN1ZGpGSHVocndEd2lkYnZUSGIx\nU2V1ZDErd0hHTHFlMzB0Z04waDlVOTgKMsap3dhumT9gfahTTIzja8THDuoh1Azq\nuKX546MXQ1QMnEd6eoqW9JVcC0EyJ3kpJuiqJof3dDhWNsIuQq90iA==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"recipient": "age1yubikey1qd859y9ehz2ya8j2cftwrtmdeqhuk7r7yc52zp64wpff6068gwrac3q6nsa",
|
||||||
|
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHBpdi1wMjU2IHFWcTVydyBBMWRhSGhM\ncEFad05pblcremUyWW04MVpnQXlwcWhsenFhWlRuTVNuUFdBMAozdHVPeXJqaXQ4\nOWo5R0FWYnRZbWQwSkN1bVFDMzJwNlRITkZUbVZIU2dZCi0tLSB4aHlIRFN6cklR\nYTJYZ1RGMWorTXpucGozT0dpRVFvbngyeSt4QkVRVVNZCpaR4D0bLyiZdxBaY9mW\nAiI2jaGZSGDwGNiMRnyPoR24tJjHo619t8CLIto6TohqSWp2SYqLIgMsx0utaqk7\n8SM=\n-----END AGE ENCRYPTED FILE-----\n"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"lastmodified": "2026-06-18T04:33:06Z",
|
||||||
|
"mac": "ENC[AES256_GCM,data:JQJ1Ph0U60y0TbRy2+8CbrUdjPQ9kTlVeqvzF5Wgx9TqVeF9AAqTzCnMIYp/bcuTRp8O5FBlsKANhqjOuaYzcEnLp8Klu/KYvNcBjl6he4N2maDOCXPQUZ9amPfMKQkPwTh0N8fTnKpQ/c5kOYrI0Mre/R3WDP04m5b0VCsOFIg=,iv:GAda9XfTcRG2R5zDxn0mVZhc2ht0ZQ9SfzMbjLcEccI=,tag:v9Sk5ZiCZk3+ylFAdmeYjQ==,type:str]",
|
||||||
|
"version": "3.12.1"
|
||||||
|
}
|
||||||
|
}
|
||||||
@@ -0,0 +1 @@
|
|||||||
|
../../../../../../sops/users/berwn
|
||||||
@@ -0,0 +1 @@
|
|||||||
|
../../../../../../sops/groups/admins
|
||||||
@@ -0,0 +1 @@
|
|||||||
|
../../../../../../sops/machines/mx1
|
||||||
@@ -0,0 +1,22 @@
|
|||||||
|
{
|
||||||
|
"data": "ENC[AES256_GCM,data:bfy8ekOqcrGllIig0IkLgFY+zh24mVteHvSVH+CBIgPhnFSKM3KxL1Q6y54SqmiVDRTF3T0eVsIxgXAevXsb2xQ2KTC22Mx4vEW0IlQCPkzwG+RDEofs2S4iAxjdUVnz,iv:fN6UD5u4/Yhptp2LbomV5Ed8pC93mlJP8PS9WxSVxGc=,tag:oGxp7LuUnVlwbo5wgNAGXQ==,type:str]",
|
||||||
|
"sops": {
|
||||||
|
"age": [
|
||||||
|
{
|
||||||
|
"recipient": "age1hlzrpqqgndcthq5m5yj9egfgyet2fzrxwa6ynjzwx2r22uy6m3hqr3rd06",
|
||||||
|
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBaNzBDZ2tNOUEwLy9DNHRm\nUkltSnVOTFpobDQyNEk4em43MW5ERHBOYnpZCkdtaXNGaEgrR2NsaXZFcUZxTXlk\nYjc0M0FhRHRTdEEvOURUdVlsbjVUVWMKLS0tIDJ3dml5Ukc3TXlUWHhrcE1EbURP\nUFJ5NlBaSG1jbXJtSDRJUkwwdkw3YXMK4eh+hxHiWx04aMKtDE924De07izXN3xM\nTAWcnQN0z2DPi0smXPsOhd87hmAadUqYSDLNoF5+v0jkpsmJXS3MGA==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"recipient": "age1l5hw95p5h4sthrgn0usms9yfkwwmcvv34tjgrtv9s4e6x39chacshgxavs",
|
||||||
|
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtSURZMSt1UWI4NUVSN00v\nR0xjSzlwbjdiUHhtUGh1UVUxZWxFYlN1M0VzCmhXVVEyVlhEOU1aR3dGZ1JPTTVW\nU1JQTlFjQUM1NDhXNVcyN3BYd1VhWUEKLS0tIEtsUDBTQnZPaUM0UkpqRFQ4VU5o\nekZhNE9ZOUNGYSt5TXFHYkJYRmtUZUkKdgQKoa8JbiEtL0ovzgrImO9xVP1+5dMQ\nORkia2j6cXuCKqMegMROK5zk7JdUW81fcsKrI+qwZJdzOO4olJr8mg==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"recipient": "age1yubikey1qd859y9ehz2ya8j2cftwrtmdeqhuk7r7yc52zp64wpff6068gwrac3q6nsa",
|
||||||
|
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHBpdi1wMjU2IHFWcTVydyBBeVdCNVJS\nOHJydE5DMjFsTC9pMUhRTis3WnRHYVdFNS85ZmNxREpBTmorSQoxMFJXTThpY21G\nYnI2bkszMEJqeHZFdEIrT2ppRExvVGNyV21NYThSaG9FCi0tLSByNVpnZ1d2dW1i\nU0xxSENXalNoZDJjcnNNSzlXSkxFaTU1dUFzNFIwYjY0CtkCquloFj4znepzmXk7\nnJGvvLbx7sXEr4mNTdgcHGYMrRcLaF/XfYsnaWIFXkFTgregD/pJ7UyecgKCma3h\nhKw=\n-----END AGE ENCRYPTED FILE-----\n"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"lastmodified": "2026-06-18T04:33:06Z",
|
||||||
|
"mac": "ENC[AES256_GCM,data:aJL2X/YalG6d/BN08+p30c0TuXqbCRNUs+4P0mUhaNujO2OtJkYgRGf1+EqcjTv15oqhOGaGxmk8fbNMhEIleEbc8YVWLvKnW0y6A3ezbFRggnR7G0yJw6cHEfE9ruaK3F2b40a4gYvy34QmuAWWkPHs19CZERydzy+vSl6h5oA=,iv:hcgPX1pyqnuUGDBduK1JCXnQHZoIkmDTx3Tcm2dqwbs=,tag:HkzT6FquoCz3uE/WYVs7pg==,type:str]",
|
||||||
|
"version": "3.12.1"
|
||||||
|
}
|
||||||
|
}
|
||||||
@@ -0,0 +1 @@
|
|||||||
|
../../../../../../sops/users/berwn
|
||||||
@@ -0,0 +1 @@
|
|||||||
|
../../../../../../sops/groups/admins
|
||||||
@@ -0,0 +1 @@
|
|||||||
|
../../../../../../sops/machines/mx1
|
||||||
@@ -0,0 +1,22 @@
|
|||||||
|
{
|
||||||
|
"data": "ENC[AES256_GCM,data:VtBJhlWjJXNxqbNGmB95gek4+5oRCHbJqC4O7b64PzeV+HA2AEVaXxBirrZUnY7+uNB2m1F4sftnI9Gzp41if1OSPi//Bak4EGvIS7XRyBQuU9V7gQJPu4zu+tTQa/7hPo8GSi3U7+8zoJSJy9qh9QXkE9Lo8bgTdUs+YBvrE8bb+ioDeXz/fi9f+NAxFE8J6QExyfRfJDTkB0KoRZviBhsIhxR7AwuNAIgDYqZeMYlhclFE2wyaTpdMasNi/wzyJRR3XQltRxFLwPjgAxWek94z5m2uVcQ730FglStYVFBqp7PJij3e9SlAkALcOOBwmblMV5bxoB1cHPgz5X8Jtxk4QN6wqkMKIn+icx4A,iv:uJAfZ0T9+S7viMcpF4rFtuQUyJavFjWBqOXm03SO53U=,tag:18y3lftW7Dop8KZuPpewxQ==,type:str]",
|
||||||
|
"sops": {
|
||||||
|
"age": [
|
||||||
|
{
|
||||||
|
"recipient": "age1hlzrpqqgndcthq5m5yj9egfgyet2fzrxwa6ynjzwx2r22uy6m3hqr3rd06",
|
||||||
|
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTSTh1OU9qMEdUUVN4SHV3\nYVJqK0prYkdzZm5ZaC9jOHcvbmVYcWJpYjAwCm1NZHlLQ2xINTJxdTdHNjdWcGpH\ndkhlZS91QlNBUGE4YVNaWTFVMmxncnMKLS0tIGJVVkpsY3NZQWdKZTVlQjluZ2FK\nTDNHUWdYYXlJOVErWDJDb2dUOEc2V2cKnom7DpO7sctpJ4lox5npXTd7qKecHx+u\nGVOh51H8hCOKA+EAc4X4KFT9ZjOYi8V9mfeycopfCCH71AaH6kWRmA==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"recipient": "age1l5hw95p5h4sthrgn0usms9yfkwwmcvv34tjgrtv9s4e6x39chacshgxavs",
|
||||||
|
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSc0thd0E4TkVZV25sbW03\nYjJPRWtpWE55dlBMSjMyajlKM0JSZ1FwVUFBCm9MR25MVmVYTzQvcXNrRWx6cFk4\ncUpVN2YrV0FVek5PMXJwQlRQcTJ5bGsKLS0tIEdCdHl1ZjVPVE4yWm1BR3ZVWHF0\nd1ZwNzFLV3BWYTRPK3lSUzBCYzdCSUkKDa3Biu+QKP0tU/Gov/y3izgdVm8fhQmv\nW54rHFLsxIr++ihKFZ00rP7ZSICZ+1DgqCnbgFUluG6qFvikxi4Nqw==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"recipient": "age1yubikey1qd859y9ehz2ya8j2cftwrtmdeqhuk7r7yc52zp64wpff6068gwrac3q6nsa",
|
||||||
|
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHBpdi1wMjU2IHFWcTVydyBBbWU5NDlZ\nUG1rSk45WThzcUhLejdOVVFzanh3TDFKLzlBUUtQZ2xVdnNpVApQdTdRWVkxZ2VK\nczU2Umg4eDl0VUZDWVZTbkhnRjREVEU5L3Y5YzY1ZVljCi0tLSB1RU1RSkdhWUEx\nSkJSOUI4a1FRSDRjQkNQRFY0dEh4NVB3WFVMTzNZd2xzCuXWT+VoW98pvejrvgae\nZrhjW89G7t2NlX9yCQDfN523hUNGNMA3s4wmHOZdquUZyB0SXaDQQosIrrrLcsqG\nut0=\n-----END AGE ENCRYPTED FILE-----\n"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"lastmodified": "2026-06-18T04:33:06Z",
|
||||||
|
"mac": "ENC[AES256_GCM,data:C5Vn56dfkIX2lIAeuAcyxQyWbRmjAOruK2Kw1yEVYgmpd+XSZhZAnPccC94uWJMTUyrmbbfGtjzDjy8HOATl/MmdhyBkt4rFbri94P5xkILl2bvPZADAXVAfuMNjvZS8M6HNAlGLmNgcY7OMEDX65QMWy8fOwdJWKGbjxtdm7n8=,iv:3g8W6UBsqaZn1swtjCd9np+26AFPqZ8RsBDcgmtcbiA=,tag:212tfq3DHseYyxu+DfxG9A==,type:str]",
|
||||||
|
"version": "3.12.1"
|
||||||
|
}
|
||||||
|
}
|
||||||
@@ -0,0 +1 @@
|
|||||||
|
../../../../../../sops/users/berwn
|
||||||
@@ -0,0 +1 @@
|
|||||||
|
fd06:1bad:ece2:92ad:ba99:93e6:d91c:e707
|
||||||
Reference in New Issue
Block a user