diff --git a/flake.nix b/flake.nix index 2894a35..bb2b72f 100644 --- a/flake.nix +++ b/flake.nix @@ -50,6 +50,8 @@ ./fmt.nix ./shell.nix + ./overlays + ./modules/nixos ./machines ./routers ./inventories diff --git a/inventories/default.nix b/inventories/default.nix index c548719..0b17e11 100644 --- a/inventories/default.nix +++ b/inventories/default.nix @@ -30,6 +30,7 @@ global-network = [ "rana" "sirius" + "hadar" ]; }; diff --git a/inventory.json b/inventory.json index 8bc9650..230c681 100644 --- a/inventory.json +++ b/inventory.json @@ -29,6 +29,9 @@ }, "sirius": { "installedAt": 1770974584 + }, + "hadar": { + "installedAt": 1774427255 } } } \ No newline at end of file diff --git a/machines/default.nix b/machines/default.nix index 3ae0f23..c8da58a 100644 --- a/machines/default.nix +++ b/machines/default.nix @@ -1,4 +1,8 @@ -{ inputs, self, ... }: +{ + inputs, + self, + ... +}: { imports = [ inputs.clan-core.flakeModules.default diff --git a/machines/hadar/configuration.nix b/machines/hadar/configuration.nix new file mode 100644 index 0000000..53e1981 --- /dev/null +++ b/machines/hadar/configuration.nix @@ -0,0 +1,99 @@ +{ + inputs, + config, + pkgs, + ... +}: +let + domain = "poy-inventree.newedge.house"; +in +{ + imports = [ + inputs.self.nixosModules.inventree + ]; + + nixpkgs.overlays = [ + inputs.self.overlays.packagesOverlay + ]; + + nixpkgs.hostPlatform = { + system = "x86_64-linux"; + }; + + clan.core.vars.generators.inventree = { + files = { + secret-key = { + owner = "inventree"; + group = "inventree"; + secret = true; + }; + oidc-key = { + owner = "inventree"; + group = "inventree"; + secret = true; + }; + admin-password = { + owner = "inventree"; + group = "inventree"; + secret = true; + }; + }; + runtimeInputs = [ + pkgs.pwgen + pkgs.xkcdpass + ]; + script = '' + pwgen -s 32 1 > $out/secret-key + pwgen -s 32 1 > $out/oidc-key + xkcdpass --numwords 4 --delimiter - --count 1 | tr -d "\n" > "$out"/admin-password + ''; + }; + + clan.core.vars.generators.nginx = { + files = { + sslCert = { + owner = "nginx"; + group = "nginx"; + secret = true; + }; + sslKey = { + owner = "nginx"; + group = "nginx"; + secret = true; + }; + }; + + runtimeInputs = [ + pkgs.openssl + ]; + script = '' + openssl req -x509 -nodes -days 3650 -newkey rsa:2048 \ + -keyout $out/sslKey \ + -out $out/sslCert \ + -subj "/CN=localhost" + ''; + }; + + networking.firewall.allowedTCPPorts = [ + 80 + 443 + ]; + + services.inventree = { + enable = true; + hostName = "${domain}"; + config.site_url = "http://${config.services.inventree.hostName}"; + secretKeyFile = config.clan.core.vars.generators.inventree.files.secret-key.path; + config.oidc_private_key_file = config.clan.core.vars.generators.inventree.files.oidc-key.path; + config.adminPasswordFile = config.clan.core.vars.generators.inventree.files.admin-password.path; + }; + + # services.nginx.virtualHosts."${domain}" = { + # forceSSL = true; + # sslCertificate = config.clan.core.vars.generators.nginx.files.sslCert.path; + # sslCertificateKey = config.clan.core.vars.generators.nginx.files.sslKey.path; + # }; + + system.stateVersion = "25.11"; + clan.core.sops.defaultGroups = [ "admins" ]; +} diff --git a/machines/hadar/disko.nix b/machines/hadar/disko.nix new file mode 100644 index 0000000..6bbb54d --- /dev/null +++ b/machines/hadar/disko.nix @@ -0,0 +1,83 @@ +let + hashDisk = disk: "os-${builtins.substring 0 5 (builtins.hashString "sha256" disk)}"; + os = "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi0"; +in +{ + + boot.loader = { + systemd-boot = { + enable = true; + }; + efi = { + canTouchEfiVariables = true; + }; + }; + + disko.devices = { + disk = { + "os-${hashDisk os}" = { + type = "disk"; + device = os; + content = { + type = "gpt"; + partitions = { + ESP = { + size = "1G"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + mountOptions = [ "nofail" ]; + }; + }; + system = { + size = "100%"; + content = { + type = "zfs"; + pool = "zroot"; + }; + }; + }; + }; + }; + }; + zpool = { + zroot = { + type = "zpool"; + rootFsOptions = { + mountpoint = "none"; + compression = "lz4"; + acltype = "posixacl"; + xattr = "sa"; + "com.sun:auto-snapshot" = "true"; + }; + options.ashift = "12"; + datasets = { + "root" = { + type = "zfs_fs"; + options.mountpoint = "none"; + }; + "root/nixos" = { + type = "zfs_fs"; + options.mountpoint = "/"; + mountpoint = "/"; + }; + "root/home" = { + type = "zfs_fs"; + options.mountpoint = "/home"; + mountpoint = "/home"; + }; + "root/tmp" = { + type = "zfs_fs"; + mountpoint = "/tmp"; + options = { + mountpoint = "/tmp"; + sync = "disabled"; + }; + }; + }; + }; + }; + }; +} diff --git a/machines/hadar/facter.json b/machines/hadar/facter.json new file mode 100644 index 0000000..fa97822 --- /dev/null +++ b/machines/hadar/facter.json @@ -0,0 +1,1920 @@ +{ + "version": 1, + "system": "x86_64-linux", + "virtualisation": "kvm", + "hardware": { + "bios": { + "apm_info": { + "supported": false, + "enabled": false, + "version": 0, + "sub_version": 0, + "bios_flags": 0 + }, + "vbe_info": { + "version": 0, + "video_memory": 0 + }, + "pnp": false, + "pnp_id": 0, + "lba_support": false, + "low_memory_size": 0, + "smbios_version": 520 + }, + "bridge": [ + { + "index": 8, + "attached_to": 0, + "class_list": [ + "pci", + "bridge" + ], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 31 + }, + "base_class": { + "hex": "0006", + "name": "Bridge", + "value": 6 + }, + "sub_class": { + "hex": "0004", + "name": "PCI bridge", + "value": 4 + }, + "pci_interface": { + "hex": "0000", + "name": "Normal decode", + "value": 0 + }, + "vendor": { + "hex": "1b36", + "value": 6966 + }, + "device": { + "hex": "0001", + "value": 1 + }, + "model": "PCI bridge", + "sysfs_id": "/devices/pci0000:00/0000:00:1f.0", + "sysfs_bus_id": "0000:00:1f.0", + "detail": { + "function": 0, + "command": 7, + "header_type": 1, + "secondary_bus": 3, + "prog_if": 0 + }, + "module_alias": "pci:v00001B36d00000001sv00000000sd00000000bc06sc04i00" + }, + { + "index": 9, + "attached_to": 0, + "class_list": [ + "pci", + "bridge" + ], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 1 + }, + "base_class": { + "hex": "0006", + "name": "Bridge", + "value": 6 + }, + "sub_class": { + "hex": "0001", + "name": "ISA bridge", + "value": 1 + }, + "vendor": { + "hex": "8086", + "name": "Intel Corporation", + "value": 32902 + }, + "sub_vendor": { + "hex": "1af4", + "value": 6900 + }, + "device": { + "hex": "7000", + "value": 28672 + }, + "sub_device": { + "hex": "1100", + "value": 4352 + }, + "model": "Intel ISA bridge", + "sysfs_id": "/devices/pci0000:00/0000:00:01.0", + "sysfs_bus_id": "0000:00:01.0", + "detail": { + "function": 0, + "command": 7, + "header_type": 0, + "secondary_bus": 0, + "prog_if": 0 + }, + "module_alias": "pci:v00008086d00007000sv00001AF4sd00001100bc06sc01i00" + }, + { + "index": 10, + "attached_to": 0, + "class_list": [ + "pci", + "bridge" + ], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 30 + }, + "base_class": { + "hex": "0006", + "name": "Bridge", + "value": 6 + }, + "sub_class": { + "hex": "0004", + "name": "PCI bridge", + "value": 4 + }, + "pci_interface": { + "hex": "0000", + "name": "Normal decode", + "value": 0 + }, + "vendor": { + "hex": "1b36", + "value": 6966 + }, + "device": { + "hex": "0001", + "value": 1 + }, + "model": "PCI bridge", + "sysfs_id": "/devices/pci0000:00/0000:00:1e.0", + "sysfs_bus_id": "0000:00:1e.0", + "detail": { + "function": 0, + "command": 7, + "header_type": 1, + "secondary_bus": 2, + "prog_if": 0 + }, + "module_alias": "pci:v00001B36d00000001sv00000000sd00000000bc06sc04i00" + }, + { + "index": 11, + "attached_to": 0, + "class_list": [ + "pci", + "bridge" + ], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 0 + }, + "base_class": { + "hex": "0006", + "name": "Bridge", + "value": 6 + }, + "sub_class": { + "hex": "0000", + "name": "Host bridge", + "value": 0 + }, + "vendor": { + "hex": "8086", + "name": "Intel Corporation", + "value": 32902 + }, + "sub_vendor": { + "hex": "1af4", + "value": 6900 + }, + "device": { + "hex": "1237", + "value": 4663 + }, + "sub_device": { + "hex": "1100", + "value": 4352 + }, + "revision": { + "hex": "0002", + "value": 2 + }, + "model": "Intel Host bridge", + "sysfs_id": "/devices/pci0000:00/0000:00:00.0", + "sysfs_bus_id": "0000:00:00.0", + "detail": { + "function": 0, + "command": 7, + "header_type": 0, + "secondary_bus": 0, + "prog_if": 0 + }, + "module_alias": "pci:v00008086d00001237sv00001AF4sd00001100bc06sc00i00" + }, + { + "index": 12, + "attached_to": 0, + "class_list": [ + "pci", + "bridge" + ], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 1 + }, + "base_class": { + "hex": "0006", + "name": "Bridge", + "value": 6 + }, + "sub_class": { + "hex": "0080", + "name": "Bridge", + "value": 128 + }, + "vendor": { + "hex": "8086", + "name": "Intel Corporation", + "value": 32902 + }, + "sub_vendor": { + "hex": "1af4", + "value": 6900 + }, + "device": { + "hex": "7113", + "value": 28947 + }, + "sub_device": { + "hex": "1100", + "value": 4352 + }, + "revision": { + "hex": "0003", + "value": 3 + }, + "model": "Intel Bridge", + "sysfs_id": "/devices/pci0000:00/0000:00:01.3", + "sysfs_bus_id": "0000:00:01.3", + "detail": { + "function": 3, + "command": 7, + "header_type": 0, + "secondary_bus": 0, + "prog_if": 0 + }, + "driver": "piix4_smbus", + "driver_module": "i2c_piix4", + "drivers": [ + "piix4_smbus" + ], + "driver_modules": [ + "i2c_piix4" + ], + "module_alias": "pci:v00008086d00007113sv00001AF4sd00001100bc06sc80i00" + }, + { + "index": 17, + "attached_to": 0, + "class_list": [ + "pci", + "bridge" + ], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 5 + }, + "base_class": { + "hex": "0006", + "name": "Bridge", + "value": 6 + }, + "sub_class": { + "hex": "0004", + "name": "PCI bridge", + "value": 4 + }, + "pci_interface": { + "hex": "0000", + "name": "Normal decode", + "value": 0 + }, + "vendor": { + "hex": "1b36", + "value": 6966 + }, + "device": { + "hex": "0001", + "value": 1 + }, + "model": "PCI bridge", + "sysfs_id": "/devices/pci0000:00/0000:00:05.0", + "sysfs_bus_id": "0000:00:05.0", + "detail": { + "function": 0, + "command": 7, + "header_type": 1, + "secondary_bus": 1, + "prog_if": 0 + }, + "module_alias": "pci:v00001B36d00000001sv00000000sd00000000bc06sc04i00" + } + ], + "cdrom": [ + { + "index": 22, + "attached_to": 15, + "class_list": [ + "cdrom", + "scsi", + "block_device" + ], + "bus_type": { + "hex": "0084", + "name": "SCSI", + "value": 132 + }, + "slot": { + "bus": 2, + "number": 0 + }, + "base_class": { + "hex": "0106", + "name": "Mass Storage Device", + "value": 262 + }, + "sub_class": { + "hex": "0002", + "name": "CD-ROM", + "value": 2 + }, + "pci_interface": { + "hex": "0003", + "name": "DVD", + "value": 3 + }, + "vendor": { + "hex": "0000", + "name": "QEMU", + "value": 0 + }, + "device": { + "hex": "0000", + "name": "QEMU DVD-ROM", + "value": 0 + }, + "revision": { + "hex": "0000", + "name": "2.5+", + "value": 0 + }, + "model": "QEMU DVD-ROM", + "sysfs_id": "/class/block/sr0", + "sysfs_bus_id": "2:0:0:0", + "sysfs_device_link": "/devices/pci0000:00/0000:00:01.1/ata2/host2/target2:0:0/2:0:0:0", + "unix_device_names": [ + "/dev/cdrom", + "/dev/disk/by-id/ata-QEMU_DVD-ROM_QM00003", + "/dev/disk/by-label/nixos-26.05-x86_64", + "/dev/disk/by-path/pci-0000:00:01.1-ata-2", + "/dev/disk/by-path/pci-0000:00:01.1-ata-2.0", + "/dev/disk/by-uuid/1980-01-01-00-00-00-00", + "/dev/root", + "/dev/sr0" + ], + "unix_device_name2": "/dev/sg1", + "driver": "ata_piix", + "driver_module": "ata_piix", + "drivers": [ + "ata_piix", + "sr" + ], + "driver_modules": [ + "ata_piix", + "sr_mod" + ] + } + ], + "cpu": [ + { + "architecture": "x86_64", + "vendor_name": "GenuineIntel", + "model_name": "QEMU Virtual CPU version 2.5+", + "family": 15, + "model": 107, + "stepping": 1, + "features": [ + "fpu", + "de", + "pse", + "tsc", + "msr", + "pae", + "mce", + "cx8", + "apic", + "sep", + "mtrr", + "pge", + "mca", + "cmov", + "pat", + "pse36", + "clflush", + "mmx", + "fxsr", + "sse", + "sse2", + "syscall", + "nx", + "lm", + "rep_good", + "nopl", + "xtopology", + "cpuid", + "tsc_known_freq", + "pni", + "ssse3", + "cx16", + "sse4_1", + "sse4_2", + "x2apic", + "popcnt", + "aes", + "hypervisor", + "lahf_lm", + "cpuid_fault", + "pti" + ], + "bugs": [ + "cpu_meltdown", + "spectre_v1", + "spectre_v2", + "spec_store_bypass", + "l1tf", + "mds", + "swapgs", + "itlb_multihit", + "bhi", + "spectre_v2_user", + "its" + ], + "power_management": [ + "" + ], + "bogo": 4224, + "cache": 16384, + "page_size": 4096, + "physical_id": 0, + "siblings": 1, + "cores": 1, + "fpu": false, + "fpu_exception": false, + "cpuid_level": 13, + "write_protect": false, + "tlb_size": 32672, + "clflush_size": 64, + "cache_alignment": 128, + "address_sizes": { + "physical": "0x28", + "virtual": "0x30" + } + }, + { + "architecture": "x86_64", + "vendor_name": "GenuineIntel", + "model_name": "QEMU Virtual CPU version 2.5+", + "family": 15, + "model": 107, + "stepping": 1, + "features": [ + "fpu", + "de", + "pse", + "tsc", + "msr", + "pae", + "mce", + "cx8", + "apic", + "sep", + "mtrr", + "pge", + "mca", + "cmov", + "pat", + "pse36", + "clflush", + "mmx", + "fxsr", + "sse", + "sse2", + "syscall", + "nx", + "lm", + "rep_good", + "nopl", + "xtopology", + "cpuid", + "tsc_known_freq", + "pni", + "ssse3", + "cx16", + "sse4_1", + "sse4_2", + "x2apic", + "popcnt", + "aes", + "hypervisor", + "lahf_lm", + "cpuid_fault", + "pti" + ], + "bugs": [ + "cpu_meltdown", + "spectre_v1", + "spectre_v2", + "spec_store_bypass", + "l1tf", + "mds", + "swapgs", + "itlb_multihit", + "bhi", + "spectre_v2_user", + "its" + ], + "power_management": [ + "" + ], + "bogo": 4224, + "cache": 16384, + "page_size": 4096, + "physical_id": 1, + "siblings": 1, + "cores": 1, + "fpu": false, + "fpu_exception": false, + "cpuid_level": 13, + "write_protect": false, + "tlb_size": 32672, + "clflush_size": 64, + "cache_alignment": 128, + "address_sizes": { + "physical": "0x28", + "virtual": "0x30" + } + } + ], + "disk": [ + { + "index": 23, + "attached_to": 19, + "class_list": [ + "disk", + "scsi", + "block_device" + ], + "bus_type": { + "hex": "0084", + "name": "SCSI", + "value": 132 + }, + "slot": { + "bus": 0, + "number": 0 + }, + "base_class": { + "hex": "0106", + "name": "Mass Storage Device", + "value": 262 + }, + "sub_class": { + "hex": "0000", + "name": "Disk", + "value": 0 + }, + "vendor": { + "hex": "0000", + "name": "QEMU", + "value": 0 + }, + "device": { + "hex": "0000", + "name": "QEMU HARDDISK", + "value": 0 + }, + "revision": { + "hex": "0000", + "name": "2.5+", + "value": 0 + }, + "model": "QEMU HARDDISK", + "sysfs_id": "/class/block/sda", + "sysfs_bus_id": "0:0:0:0", + "sysfs_device_link": "/devices/pci0000:00/0000:00:05.0/0000:01:01.0/virtio2/host0/target0:0:0/0:0:0:0", + "unix_device_names": [ + "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi0", + "/dev/disk/by-path/pci-0000:01:01.0-scsi-0:0:0:0", + "/dev/sda" + ], + "unix_device_name2": "/dev/sg0", + "rom_id": "0x80", + "resources": [ + { + "type": "disk_geo", + "cylinders": 8354, + "heads": 255, + "sectors": 63, + "size": "0x0", + "geo_type": "logical" + }, + { + "type": "size", + "unit": "sectors", + "value_1": 134217728, + "value_2": 512 + } + ], + "driver": "virtio_scsi", + "driver_module": "virtio_scsi", + "drivers": [ + "sd", + "virtio_scsi" + ], + "driver_modules": [ + "sd_mod", + "virtio_scsi" + ] + } + ], + "graphics_card": [ + { + "index": 16, + "attached_to": 0, + "class_list": [ + "graphics_card", + "pci" + ], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 2 + }, + "base_class": { + "hex": "0003", + "name": "Display controller", + "value": 3 + }, + "sub_class": { + "hex": "0000", + "name": "VGA compatible controller", + "value": 0 + }, + "pci_interface": { + "hex": "0000", + "name": "VGA", + "value": 0 + }, + "vendor": { + "hex": "1234", + "value": 4660 + }, + "sub_vendor": { + "hex": "1af4", + "value": 6900 + }, + "device": { + "hex": "1111", + "value": 4369 + }, + "sub_device": { + "hex": "1100", + "value": 4352 + }, + "revision": { + "hex": "0002", + "value": 2 + }, + "model": "VGA compatible controller", + "sysfs_id": "/devices/pci0000:00/0000:00:02.0", + "sysfs_bus_id": "0000:00:02.0", + "detail": { + "function": 0, + "command": 7, + "header_type": 0, + "secondary_bus": 0, + "prog_if": 0 + }, + "driver": "bochs-drm", + "driver_module": "bochs", + "drivers": [ + "bochs-drm" + ], + "driver_modules": [ + "bochs" + ], + "module_alias": "pci:v00001234d00001111sv00001AF4sd00001100bc03sc00i00" + } + ], + "hub": [ + { + "index": 24, + "attached_to": 7, + "class_list": [ + "usb", + "hub" + ], + "bus_type": { + "hex": "0086", + "name": "USB", + "value": 134 + }, + "slot": { + "bus": 0, + "number": 0 + }, + "base_class": { + "hex": "010a", + "name": "Hub", + "value": 266 + }, + "vendor": { + "hex": "1d6b", + "name": "Linux 6.18.2 uhci_hcd", + "value": 7531 + }, + "device": { + "hex": "0001", + "name": "UHCI Host Controller", + "value": 1 + }, + "revision": { + "hex": "0000", + "name": "6.18", + "value": 0 + }, + "serial": "0000:00:01.2", + "model": "Linux 6.18.2 uhci_hcd UHCI Host Controller", + "sysfs_id": "/devices/pci0000:00/0000:00:01.2/usb1/1-0:1.0", + "sysfs_bus_id": "1-0:1.0", + "resources": [ + { + "type": "baud", + "speed": 12000000, + "bits": 0, + "stop_bits": 0, + "parity": 0, + "handshake": 0 + } + ], + "detail": { + "device_class": { + "hex": "0009", + "name": "hub", + "value": 9 + }, + "device_subclass": { + "hex": "0000", + "name": "per_interface", + "value": 0 + }, + "device_protocol": 0, + "interface_class": { + "hex": "0009", + "name": "hub", + "value": 9 + }, + "interface_subclass": { + "hex": "0000", + "name": "per_interface", + "value": 0 + }, + "interface_protocol": 0, + "interface_number": 0, + "interface_alternate_setting": 0 + }, + "hotplug": "usb", + "driver": "hub", + "driver_module": "usbcore", + "drivers": [ + "hub" + ], + "driver_modules": [ + "usbcore" + ], + "module_alias": "usb:v1D6Bp0001d0618dc09dsc00dp00ic09isc00ip00in00" + } + ], + "memory": [ + { + "index": 5, + "attached_to": 0, + "class_list": [ + "memory" + ], + "base_class": { + "hex": "0101", + "name": "Internally Used Class", + "value": 257 + }, + "sub_class": { + "hex": "0002", + "name": "Main Memory", + "value": 2 + }, + "model": "Main Memory", + "resources": [ + { + "type": "phys_mem", + "range": 2013265920 + } + ] + } + ], + "monitor": [ + { + "index": 21, + "attached_to": 16, + "class_list": [ + "monitor" + ], + "base_class": { + "hex": "0100", + "name": "Monitor", + "value": 256 + }, + "sub_class": { + "hex": "0002", + "name": "LCD Monitor", + "value": 2 + }, + "vendor": { + "hex": "4914", + "value": 18708 + }, + "device": { + "hex": "1234", + "name": "QEMU Monitor", + "value": 4660 + }, + "serial": "0", + "model": "QEMU Monitor", + "resources": [ + { + "type": "monitor", + "width": 1024, + "height": 768, + "vertical_frequency": 60, + "interlaced": false + }, + { + "type": "monitor", + "width": 1280, + "height": 800, + "vertical_frequency": 60, + "interlaced": false + }, + { + "type": "monitor", + "width": 1600, + "height": 1200, + "vertical_frequency": 60, + "interlaced": false + }, + { + "type": "monitor", + "width": 1920, + "height": 1080, + "vertical_frequency": 60, + "interlaced": false + }, + { + "type": "monitor", + "width": 2048, + "height": 1152, + "vertical_frequency": 60, + "interlaced": false + }, + { + "type": "monitor", + "width": 640, + "height": 480, + "vertical_frequency": 60, + "interlaced": false + }, + { + "type": "monitor", + "width": 800, + "height": 600, + "vertical_frequency": 60, + "interlaced": false + }, + { + "type": "size", + "unit": "mm", + "value_1": 325, + "value_2": 203 + } + ], + "detail": { + "manufacture_year": 2014, + "manufacture_week": 42, + "vertical_sync": { + "min": 50, + "max": 125 + }, + "horizontal_sync": { + "min": 30, + "max": 160 + }, + "horizontal_sync_timings": { + "disp": 1280, + "sync_start": 1600, + "sync_end": 1638, + "total": 1728 + }, + "vertical_sync_timings": { + "disp": 800, + "sync_start": 804, + "sync_end": 808, + "total": 828 + }, + "clock": 107300, + "width": 1280, + "height": 800, + "width_millimetres": 325, + "height_millimetres": 203, + "horizontal_flag": 45, + "vertical_flag": 45, + "vendor": "", + "name": "QEMU Monitor" + }, + "driver_info": { + "type": "display", + "width": 2048, + "height": 1152, + "vertical_sync": { + "min": 50, + "max": 125 + }, + "horizontal_sync": { + "min": 30, + "max": 160 + }, + "bandwidth": 0, + "horizontal_sync_timings": { + "disp": 1280, + "sync_start": 1600, + "sync_end": 1638, + "total": 1728 + }, + "vertical_sync_timings": { + "disp": 800, + "sync_start": 804, + "sync_end": 808, + "total": 828 + }, + "horizontal_flag": 45, + "vertical_flag": 45 + } + } + ], + "mouse": [ + { + "index": 25, + "attached_to": 24, + "class_list": [ + "mouse", + "usb" + ], + "bus_type": { + "hex": "0086", + "name": "USB", + "value": 134 + }, + "slot": { + "bus": 0, + "number": 0 + }, + "base_class": { + "hex": "0105", + "name": "Mouse", + "value": 261 + }, + "sub_class": { + "hex": "0003", + "name": "USB Mouse", + "value": 3 + }, + "vendor": { + "hex": "0627", + "name": "QEMU", + "value": 1575 + }, + "device": { + "hex": "0001", + "name": "QEMU USB Tablet", + "value": 1 + }, + "serial": "28754-0000:00:01.2-1", + "compat_vendor": "Unknown", + "compat_device": "Generic USB Mouse", + "model": "QEMU USB Tablet", + "sysfs_id": "/devices/pci0000:00/0000:00:01.2/usb1/1-1/1-1:1.0", + "sysfs_bus_id": "1-1:1.0", + "unix_device_names": [ + "/dev/input/mice" + ], + "unix_device_name2": "/dev/input/mouse0", + "resources": [ + { + "type": "baud", + "speed": 12000000, + "bits": 0, + "stop_bits": 0, + "parity": 0, + "handshake": 0 + } + ], + "detail": { + "device_class": { + "hex": "0000", + "name": "per_interface", + "value": 0 + }, + "device_subclass": { + "hex": "0000", + "name": "per_interface", + "value": 0 + }, + "device_protocol": 0, + "interface_class": { + "hex": "0003", + "name": "hid", + "value": 3 + }, + "interface_subclass": { + "hex": "0000", + "name": "per_interface", + "value": 0 + }, + "interface_protocol": 0, + "interface_number": 0, + "interface_alternate_setting": 0 + }, + "hotplug": "usb", + "driver": "usbhid", + "driver_module": "usbhid", + "drivers": [ + "usbhid" + ], + "driver_modules": [ + "usbhid" + ], + "driver_info": { + "type": "mouse", + "db_entry_0": [ + "explorerps/2", + "exps2" + ], + "xf86": "explorerps/2", + "gpm": "exps2", + "buttons": -1, + "wheels": -1 + }, + "module_alias": "usb:v0627p0001d0000dc00dsc00dp00ic03isc00ip00in00" + } + ], + "network_controller": [ + { + "index": 18, + "attached_to": 13, + "class_list": [ + "network_controller" + ], + "bus_type": { + "hex": "008f", + "name": "Virtio", + "value": 143 + }, + "slot": { + "bus": 0, + "number": 0 + }, + "base_class": { + "hex": "0002", + "name": "Network controller", + "value": 2 + }, + "sub_class": { + "hex": "0000", + "name": "Ethernet controller", + "value": 0 + }, + "vendor": "Virtio", + "device": "Ethernet Card 0", + "model": "Virtio Ethernet Card 0", + "sysfs_id": "/devices/pci0000:00/0000:00:12.0/virtio1", + "sysfs_bus_id": "virtio1", + "unix_device_names": [ + "ens18" + ], + "resources": [ + { + "type": "hwaddr", + "address": 98 + }, + { + "type": "phwaddr", + "address": 98 + } + ], + "driver": "virtio_net", + "driver_module": "virtio_net", + "drivers": [ + "virtio_net" + ], + "driver_modules": [ + "virtio_net" + ], + "module_alias": "virtio:d00000001v00001AF4" + } + ], + "network_interface": [ + { + "index": 26, + "attached_to": 18, + "class_list": [ + "network_interface" + ], + "base_class": { + "hex": "0107", + "name": "Network Interface", + "value": 263 + }, + "sub_class": { + "hex": "0001", + "name": "Ethernet", + "value": 1 + }, + "model": "Ethernet network interface", + "sysfs_id": "/class/net/ens18", + "sysfs_device_link": "/devices/pci0000:00/0000:00:12.0/virtio1", + "unix_device_names": [ + "ens18" + ], + "resources": [ + { + "type": "hwaddr", + "address": 98 + }, + { + "type": "phwaddr", + "address": 98 + } + ], + "driver": "virtio_net", + "driver_module": "virtio_net", + "drivers": [ + "virtio_net" + ], + "driver_modules": [ + "virtio_net" + ] + }, + { + "index": 27, + "attached_to": 0, + "class_list": [ + "network_interface" + ], + "base_class": { + "hex": "0107", + "name": "Network Interface", + "value": 263 + }, + "sub_class": { + "hex": "0000", + "name": "Loopback", + "value": 0 + }, + "model": "Loopback network interface", + "sysfs_id": "/class/net/lo", + "unix_device_names": [ + "lo" + ] + } + ], + "pci": [ + { + "index": 13, + "attached_to": 0, + "class_list": [ + "pci", + "unknown" + ], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 18 + }, + "base_class": { + "hex": "0002", + "name": "Network controller", + "value": 2 + }, + "sub_class": { + "hex": "0000", + "name": "Ethernet controller", + "value": 0 + }, + "vendor": { + "hex": "1af4", + "value": 6900 + }, + "sub_vendor": { + "hex": "1af4", + "value": 6900 + }, + "device": { + "hex": "1000", + "value": 4096 + }, + "sub_device": { + "hex": "0001", + "value": 1 + }, + "model": "Ethernet controller", + "sysfs_id": "/devices/pci0000:00/0000:00:12.0", + "sysfs_bus_id": "0000:00:12.0", + "resources": [ + { + "type": "io", + "base": 53312, + "range": 32, + "enabled": true, + "access": "read_write" + } + ], + "detail": { + "function": 0, + "command": 1031, + "header_type": 0, + "secondary_bus": 0, + "prog_if": 0 + }, + "driver": "virtio-pci", + "driver_module": "virtio_pci", + "drivers": [ + "virtio-pci" + ], + "driver_modules": [ + "virtio_pci" + ], + "module_alias": "pci:v00001AF4d00001000sv00001AF4sd00000001bc02sc00i00" + }, + { + "index": 14, + "attached_to": 0, + "class_list": [ + "pci", + "unknown" + ], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 3 + }, + "base_class": { + "hex": "0000", + "name": "Unclassified device", + "value": 0 + }, + "sub_class": { + "hex": "00ff", + "value": 255 + }, + "vendor": { + "hex": "1af4", + "value": 6900 + }, + "sub_vendor": { + "hex": "1af4", + "value": 6900 + }, + "device": { + "hex": "1002", + "value": 4098 + }, + "sub_device": { + "hex": "0005", + "value": 5 + }, + "model": "Unclassified device", + "sysfs_id": "/devices/pci0000:00/0000:00:03.0", + "sysfs_bus_id": "0000:00:03.0", + "resources": [ + { + "type": "io", + "base": 53248, + "range": 64, + "enabled": true, + "access": "read_write" + } + ], + "detail": { + "function": 0, + "command": 7, + "header_type": 0, + "secondary_bus": 0, + "prog_if": 0 + }, + "driver": "virtio-pci", + "driver_module": "virtio_pci", + "drivers": [ + "virtio-pci" + ], + "driver_modules": [ + "virtio_pci" + ], + "module_alias": "pci:v00001AF4d00001002sv00001AF4sd00000005bc00scFFi00" + } + ], + "storage_controller": [ + { + "index": 6, + "attached_to": 17, + "class_list": [ + "storage_controller", + "pci" + ], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 1, + "number": 1 + }, + "base_class": { + "hex": "0001", + "name": "Mass storage controller", + "value": 1 + }, + "sub_class": { + "hex": "0000", + "name": "SCSI storage controller", + "value": 0 + }, + "vendor": { + "hex": "1af4", + "value": 6900 + }, + "sub_vendor": { + "hex": "1af4", + "value": 6900 + }, + "device": { + "hex": "1004", + "value": 4100 + }, + "sub_device": { + "hex": "0008", + "value": 8 + }, + "model": "SCSI storage controller", + "sysfs_id": "/devices/pci0000:00/0000:00:05.0/0000:01:01.0", + "sysfs_bus_id": "0000:01:01.0", + "resources": [ + { + "type": "io", + "base": 49152, + "range": 64, + "enabled": true, + "access": "read_write" + } + ], + "detail": { + "function": 0, + "command": 1031, + "header_type": 0, + "secondary_bus": 0, + "prog_if": 0 + }, + "driver": "virtio-pci", + "driver_module": "virtio_pci", + "drivers": [ + "virtio-pci" + ], + "driver_modules": [ + "virtio_pci" + ], + "module_alias": "pci:v00001AF4d00001004sv00001AF4sd00000008bc01sc00i00" + }, + { + "index": 15, + "attached_to": 0, + "class_list": [ + "storage_controller", + "pci" + ], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 1 + }, + "base_class": { + "hex": "0001", + "name": "Mass storage controller", + "value": 1 + }, + "sub_class": { + "hex": "0001", + "name": "IDE interface", + "value": 1 + }, + "pci_interface": { + "hex": "0080", + "value": 128 + }, + "vendor": { + "hex": "8086", + "name": "Intel Corporation", + "value": 32902 + }, + "sub_vendor": { + "hex": "1af4", + "value": 6900 + }, + "device": { + "hex": "7010", + "value": 28688 + }, + "sub_device": { + "hex": "1100", + "value": 4352 + }, + "model": "Intel IDE interface", + "sysfs_id": "/devices/pci0000:00/0000:00:01.1", + "sysfs_bus_id": "0000:00:01.1", + "resources": [ + { + "type": "io", + "base": 1014, + "range": 1, + "enabled": true, + "access": "read_write" + }, + { + "type": "io", + "base": 368, + "range": 8, + "enabled": true, + "access": "read_write" + }, + { + "type": "io", + "base": 496, + "range": 8, + "enabled": true, + "access": "read_write" + }, + { + "type": "io", + "base": 53376, + "range": 16, + "enabled": true, + "access": "read_write" + }, + { + "type": "io", + "base": 886, + "range": 1, + "enabled": true, + "access": "read_write" + } + ], + "detail": { + "function": 1, + "command": 7, + "header_type": 0, + "secondary_bus": 0, + "prog_if": 128 + }, + "driver": "ata_piix", + "driver_module": "ata_piix", + "drivers": [ + "ata_piix" + ], + "driver_modules": [ + "ata_piix" + ], + "module_alias": "pci:v00008086d00007010sv00001AF4sd00001100bc01sc01i80" + } + ], + "system": { + "form_factor": "desktop" + }, + "unknown": [ + { + "index": 19, + "attached_to": 6, + "class_list": [ + "unknown" + ], + "base_class": { + "hex": "0000", + "name": "Unclassified device", + "value": 0 + }, + "sub_class": { + "hex": "0000", + "name": "Unclassified device", + "value": 0 + }, + "vendor": "Virtio", + "device": "", + "model": "Virtio Unclassified device", + "sysfs_id": "/devices/pci0000:00/0000:00:05.0/0000:01:01.0/virtio2", + "sysfs_bus_id": "virtio2", + "driver": "virtio_scsi", + "driver_module": "virtio_scsi", + "drivers": [ + "virtio_scsi" + ], + "driver_modules": [ + "virtio_scsi" + ], + "module_alias": "virtio:d00000008v00001AF4" + }, + { + "index": 20, + "attached_to": 14, + "class_list": [ + "unknown" + ], + "base_class": { + "hex": "0000", + "name": "Unclassified device", + "value": 0 + }, + "sub_class": { + "hex": "0000", + "name": "Unclassified device", + "value": 0 + }, + "vendor": "Virtio", + "device": "", + "model": "Virtio Unclassified device", + "sysfs_id": "/devices/pci0000:00/0000:00:03.0/virtio0", + "sysfs_bus_id": "virtio0", + "driver": "virtio_balloon", + "driver_module": "virtio_balloon", + "drivers": [ + "virtio_balloon" + ], + "driver_modules": [ + "virtio_balloon" + ], + "module_alias": "virtio:d00000005v00001AF4" + } + ], + "usb_controller": [ + { + "index": 7, + "attached_to": 0, + "class_list": [ + "usb_controller", + "pci" + ], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 1 + }, + "base_class": { + "hex": "000c", + "name": "Serial bus controller", + "value": 12 + }, + "sub_class": { + "hex": "0003", + "name": "USB Controller", + "value": 3 + }, + "pci_interface": { + "hex": "0000", + "name": "UHCI", + "value": 0 + }, + "vendor": { + "hex": "8086", + "name": "Intel Corporation", + "value": 32902 + }, + "sub_vendor": { + "hex": "1af4", + "value": 6900 + }, + "device": { + "hex": "7020", + "value": 28704 + }, + "sub_device": { + "hex": "1100", + "value": 4352 + }, + "revision": { + "hex": "0001", + "value": 1 + }, + "model": "Intel USB Controller", + "sysfs_id": "/devices/pci0000:00/0000:00:01.2", + "sysfs_bus_id": "0000:00:01.2", + "resources": [ + { + "type": "io", + "base": 53344, + "range": 32, + "enabled": true, + "access": "read_write" + } + ], + "detail": { + "function": 2, + "command": 7, + "header_type": 0, + "secondary_bus": 0, + "prog_if": 0 + }, + "driver": "uhci_hcd", + "driver_module": "uhci_hcd", + "drivers": [ + "uhci_hcd" + ], + "driver_modules": [ + "uhci_hcd" + ], + "driver_info": { + "type": "module", + "db_entry_0": [ + "uhci-hcd" + ], + "active": true, + "modprobe": true, + "names": [ + "uhci-hcd" + ], + "module_args": [ + "" + ], + "conf": "" + }, + "module_alias": "pci:v00008086d00007020sv00001AF4sd00001100bc0Csc03i00" + } + ] + }, + "smbios": { + "bios": { + "handle": 0, + "vendor": "Proxmox distribution of EDK II", + "version": "4.2025.02-4~bpo12+1", + "date": "07/10/2025", + "features": null, + "start_address": "0xe8000", + "rom_size": 65536 + }, + "chassis": [ + { + "handle": 768, + "manufacturer": "QEMU", + "version": "pc-i440fx-9.2", + "chassis_type": { + "hex": "0001", + "name": "Other", + "value": 1 + }, + "lock_present": false, + "bootup_state": { + "hex": "0003", + "name": "Safe", + "value": 3 + }, + "power_state": { + "hex": "0003", + "name": "Safe", + "value": 3 + }, + "thermal_state": { + "hex": "0003", + "name": "Safe", + "value": 3 + }, + "security_state": { + "hex": "0002", + "name": "Unknown", + "value": 2 + }, + "oem": "0x0" + } + ], + "memory_array": [ + { + "handle": 4096, + "location": { + "hex": "0001", + "name": "Other", + "value": 1 + }, + "usage": { + "hex": "0003", + "name": "System memory", + "value": 3 + }, + "ecc": { + "hex": "0006", + "name": "Multi-bit", + "value": 6 + }, + "max_size": "0x200000", + "error_handle": 65534, + "slots": 1 + } + ], + "memory_array_mapped_address": [ + { + "handle": 4864, + "array_handle": 4096, + "start_address": "0x0", + "end_address": "0x80000000", + "part_width": 1 + } + ], + "memory_device": [ + { + "handle": 4352, + "location": "DIMM 0", + "bank_location": "", + "manufacturer": "QEMU", + "part_number": "", + "array_handle": 4096, + "error_handle": 65534, + "width": 0, + "ecc_bits": 0, + "size": 2097152, + "form_factor": { + "hex": "0009", + "name": "DIMM", + "value": 9 + }, + "set": 0, + "memory_type": { + "hex": "0007", + "name": "RAM", + "value": 7 + }, + "memory_type_details": [ + "Other" + ], + "speed": 0 + } + ], + "processor": [ + { + "handle": 1024, + "socket": "CPU 0", + "socket_type": { + "hex": "0001", + "name": "Other", + "value": 1 + }, + "socket_populated": true, + "manufacturer": "QEMU", + "version": "pc-i440fx-9.2", + "part": "", + "processor_type": { + "hex": "0003", + "name": "CPU", + "value": 3 + }, + "processor_family": { + "hex": "00fe", + "name": "Other", + "value": 254 + }, + "processor_status": { + "hex": "0001", + "name": "Enabled", + "value": 1 + }, + "clock_ext": 0, + "clock_max": 2000, + "cache_handle_l1": 0, + "cache_handle_l2": 0, + "cache_handle_l3": 0 + }, + { + "handle": 1025, + "socket": "CPU 1", + "socket_type": { + "hex": "0001", + "name": "Other", + "value": 1 + }, + "socket_populated": true, + "manufacturer": "QEMU", + "version": "pc-i440fx-9.2", + "part": "", + "processor_type": { + "hex": "0003", + "name": "CPU", + "value": 3 + }, + "processor_family": { + "hex": "00fe", + "name": "Other", + "value": 254 + }, + "processor_status": { + "hex": "0001", + "name": "Enabled", + "value": 1 + }, + "clock_ext": 0, + "clock_max": 2000, + "cache_handle_l1": 0, + "cache_handle_l2": 0, + "cache_handle_l3": 0 + } + ], + "system": { + "handle": 256, + "manufacturer": "QEMU", + "product": "Standard PC (i440FX + PIIX, 1996)", + "version": "pc-i440fx-9.2", + "wake_up": { + "hex": "0006", + "name": "Power Switch", + "value": 6 + } + } + } +} diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix new file mode 100644 index 0000000..26161e3 --- /dev/null +++ b/modules/nixos/default.nix @@ -0,0 +1,5 @@ +{ + flake.nixosModules = { + inventree = import ../nixos/inventree; + }; +} diff --git a/modules/nixos/inventree/default.nix b/modules/nixos/inventree/default.nix new file mode 100644 index 0000000..b2c3bb4 --- /dev/null +++ b/modules/nixos/inventree/default.nix @@ -0,0 +1,333 @@ +{ + lib, + config, + pkgs, + ... +}: +let + inherit (lib) + mkEnableOption + mkOption + types + mkIf + ; + + configFormat = pkgs.formats.json { }; + cfg = config.services.inventree; + pkg = cfg.package; + configFile = "${cfg.dataDir}/config.json"; + + env = { + INVENTREE_CONFIG_FILE = configFile; + INVENTREE_SECRET_KEY_FILE = cfg.secretKeyFile; + INVENTREE_AUTO_UPDATE = "1"; + INVENTREE_PLUGINS_ENABLED = "1"; + INVENTREE_PLUGIN_NOINSTALL = "1"; + INVENTREE_STATIC_ROOT = cfg.config.static_root; + INVENTREE_MEDIA_ROOT = cfg.config.media_root; + INVENTREE_BACKUP_DIR = cfg.config.backup_dir; + INVENTREE_OIDC_PRIVATE_KEY_FILE = cfg.config.oidc_private_key_file; + INVENTREE_DB_ENGINE = cfg.config.database.ENGINE; + INVENTREE_DB_NAME = cfg.config.database.NAME; + INVENTREE_DB_HOST = cfg.config.database.HOST; + INVENTREE_DB_USER = "inventree"; + INVENTREE_ADMIN_USER = cfg.config.adminUser; + INVENTREE_ADMIN_PASSWORD_FILE = cfg.config.adminPasswordFile; + INVENTREE_USE_X_FORWARDED_HOST = "1"; + INVENTREE_CORS_ORIGIN_ALLOW_ALL = "1"; + + INVENTREE_SITE_URL = cfg.config.site_url; + + PYTHONPATH = pkg.pythonPath; + }; + + inventree-invoke = pkgs.writeShellApplication { + name = "inventree-invoke"; + text = '' + export INVENTREE_CONFIG_FILE=${configFile} + export INVENTREE_SECRET_KEY_FILE=${cfg.secretKeyFile} + export PYTHONPATH=${pkg.pythonPath} + + exec -a "$0" ${pkgs.python3Packages.invoke}/bin/invoke -r ${cfg.package}/opt/inventree "$@" + ''; + }; +in +{ + options.services.inventree = { + enable = mkEnableOption "InvenTree parts manager"; + + package = lib.mkOption { + type = types.package; + default = pkgs.inventree; + description = '' + InvenTree package to use + ''; + }; + + hostName = mkOption { + type = types.str; + description = "FQDN for the InvenTree instance."; + }; + + dataDir = mkOption { + type = types.path; + default = "/var/lib/inventree"; + example = "/var/lib/inventree"; + description = '' + The default path for all inventree data. + ''; + }; + + secretKeyFile = mkOption { + type = types.path; + default = "${cfg.dataDir}/secret_key.txt"; + description = '' + Path to a file containing the secret key + ''; + }; + + config = mkOption { + type = types.submodule ({ + freeformType = configFormat.type; + options = { + adminUser = mkOption { + type = types.str; + default = "admin"; + }; + adminPasswordFile = mkOption { + type = types.path; + description = "Path to password file for user `admin`"; + }; + site_url = mkOption { + type = types.str; + default = "https://${cfg.hostName}"; + }; + static_root = mkOption { + type = types.path; + default = "${cfg.dataDir}/static"; + description = '' + Static file storage + ''; + }; + media_root = mkOption { + type = types.path; + default = "${cfg.dataDir}/media_root"; + description = "Media root directory"; + }; + backup_dir = mkOption { + type = types.path; + default = "${cfg.dataDir}/backups"; + description = "Backup directory"; + }; + oidc_private_key_file = mkOption { + type = types.path; + default = "${cfg.dataDir}/oidc.key"; + }; + }; + }); + default = { }; + description = '' + Config options, see https://docs.inventree.org/en/stable/start/config/ + for details + ''; + }; + + serverStartTimeout = mkOption { + type = types.str; + default = "10min"; + description = '' + TimeoutStartSec for the server systemd service. + See https://www.freedesktop.org/software/systemd/man/latest/systemd.service.html#TimeoutStartSec= + for more details + ''; + }; + + serverStopTimeout = mkOption { + type = types.str; + default = "5min"; + description = '' + TimeoutStopSec for the server systemd service. + See https://www.freedesktop.org/software/systemd/man/latest/systemd.service.html#TimeoutStopSec= + for more details + ''; + }; + + }; + + config = mkIf cfg.enable { + environment.systemPackages = [ inventree-invoke ]; + + systemd.tmpfiles.rules = ( + map (dir: "d ${dir} 0755 inventree inventree") [ + "${cfg.dataDir}" + "${cfg.dataDir}/static" + "${cfg.dataDir}/media_root" + "${cfg.dataDir}/backups" + ] + ); + + services.inventree.config = { + plugins_enabled = false; + plugin_file = "${cfg.dataDir}/plugins.txt"; + plugin_dir = "${cfg.dataDir}/plugins"; + database = { + ENGINE = "postgresql"; + NAME = "inventree"; + HOST = "/run/postgresql"; + }; + }; + + services.postgresql = { + enable = true; + ensureDatabases = [ "inventree" ]; + ensureUsers = [ + { + name = "inventree"; + ensureDBOwnership = true; + } + ]; + }; + + users.users.inventree = { + group = "inventree"; + isSystemUser = true; + description = "InvenTree daemon user"; + }; + + users.groups.inventree = { }; + + services.nginx.enable = true; + + services.nginx.virtualHosts.${cfg.hostName} = { + locations = + let + unixPath = config.systemd.sockets.inventree-gunicorn.socketConfig.ListenStream; + in + { + "/" = { + extraConfig = '' + client_max_body_size 100M; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + ''; + proxyPass = "http://unix:${unixPath}"; + }; + "/static/" = { + alias = "${cfg.config.static_root}/"; + extraConfig = '' + expires 30d; + ''; + }; + "/media/" = { + alias = "${cfg.config.media_root}/"; + extraConfig = '' + auth_request /auth; + ''; + }; + "/auth" = { + extraConfig = '' + internal; + ''; + proxyPass = "http://unix:${unixPath}:/auth/"; + }; + }; + }; + + systemd.targets.inventree = { + description = "Target for all InvenTree services"; + wantedBy = [ "multi-user.target" ]; + wants = [ "network-online.target" ]; + after = [ "network-online.target" ]; + }; + + systemd.services.inventree-config = { + description = "Inventree config generation"; + wantedBy = [ "inventree.target" ]; + partOf = [ "inventree.target" ]; + before = [ + "inventree-static.service" + "inventree-gunicorn.service" + "inventree-qcluster.service" + ]; + serviceConfig = { + # User = "root"; + # Group = "root"; + User = "inventree"; + Group = "inventree"; + Type = "oneshot"; + RemainAfterExit = true; + PrivateTmp = true; + }; + environment = env; + script = '' + set -euo pipefail + + umask u=rwx,g=,o= + + # chown inventree:inventree ${configFile} + + ${pkg}/opt/inventree/src/backend/InvenTree/manage.py migrate + ''; + }; + + systemd.services.inventree-static = { + description = "InvenTree static migration"; + wantedBy = [ "inventree.target" ]; + partOf = [ "inventree.target" ]; + before = [ "inventree-gunicorn.service" ]; + environment = env; + serviceConfig = { + User = "inventree"; + Group = "inventree"; + StateDirectory = "inventree"; + #RuntimeDirectory = "inventree"; + PrivateTmp = true; + ExecStart = '' + ${pkg}/opt/inventree/src/backend/InvenTree/manage.py collectstatic --no-input + ''; + }; + }; + + systemd.services.inventree-gunicorn = { + description = "InvenTree Gunicorn server"; + requiredBy = [ "inventree.target" ]; + partOf = [ "inventree.target" ]; + #wantedBy = [ "inventree.target" ]; + environment = env; + serviceConfig = { + User = "inventree"; + Group = "inventree"; + StateDirectory = "inventree"; + #RuntimeDirectory = "inventree"; + PrivateTmp = true; + ExecStart = '' + ${pkg.gunicorn}/bin/gunicorn InvenTree.wsgi \ + --pythonpath ${pkg}/opt/inventree/src/backend/InvenTree + ''; + }; + }; + + systemd.sockets.inventree-gunicorn = { + wantedBy = [ "sockets.target" ]; + partOf = [ "inventree.target" ]; + socketConfig.ListenStream = "/run/inventree/gunicorn.socket"; + }; + + systemd.services.inventree-qcluster = { + description = "InvenTree qcluster server"; + requiredBy = [ "inventree.target" ]; + wantedBy = [ "inventree.target" ]; + partOf = [ "inventree.target" ]; + environment = env; + serviceConfig = { + User = "inventree"; + Group = "inventree"; + StateDirectory = "inventree"; + #RuntimeDirectory = "inventree"; + PrivateTmp = true; + ExecStart = '' + ${pkg}/opt/inventree/src/backend/InvenTree/manage.py qcluster + ''; + }; + }; + }; +} diff --git a/overlays/default.nix b/overlays/default.nix index 583c8e9..2f464d3 100644 --- a/overlays/default.nix +++ b/overlays/default.nix @@ -1,4 +1,3 @@ -{ ... }: { flake.overlays = { packagesOverlay = import ../pkgs/overlay.nix; diff --git a/pkgs/inventree/default.nix b/pkgs/inventree/default.nix new file mode 100644 index 0000000..e392f8e --- /dev/null +++ b/pkgs/inventree/default.nix @@ -0,0 +1,145 @@ +{ + stdenvNoCC, + python3, + fetchFromGitHub, + fetchYarnDeps, + yarnConfigHook, + nodejs, +}: +let + version = "unstable-2025-05-09"; + + src = fetchFromGitHub { + owner = "inventree"; + repo = "InvenTree"; + rev = "e0acfaa762da0dd7b2822b567202210ca8b7dbd3"; + hash = "sha256-K+cqErDUmgPO7625P3jp7+7BOYEfyJ1nElae6RlJvvI="; + }; + + frontend = stdenvNoCC.mkDerivation { + name = "inventree-frontend"; + inherit version src; + + yarnOfflineCache = fetchYarnDeps { + yarnLock = "${src}/src/frontend/yarn.lock"; + hash = "sha256-KpWuYCrkGN+4UnwV1STEbTL0FWcLZ7Wq8a8ST55OpGM="; + }; + + nativeBuildInputs = [ + yarnConfigHook + nodejs + ]; + + patchPhase = '' + runHook prePatch + cd src/frontend + runHook postPatch + ''; + + buildPhase = '' + echo "Running lingui" + ./node_modules/.bin/lingui compile --typescript + echo building lib + ./node_modules/.bin/tsc --p ./tsconfig.lib.json + ./node_modules/.bin/vite --config vite.lib.config.ts build + echo "Running tsc" + ./node_modules/.bin/tsc + echo "Running vite" + ./node_modules/.bin/vite build --emptyOutDir --outDir $out + ''; + }; + +in +python3.pkgs.buildPythonApplication rec { + pname = "InvenTree"; + inherit version src; + + format = "other"; + + dependencies = with python3.pkgs; [ + coreapi + cryptography + distutils + dj-rest-auth + django + django-allauth + django-allauth.optional-dependencies.openid + django-allauth.optional-dependencies.mfa + django-allauth.optional-dependencies.socialaccount + django-cleanup + django-cors-headers + django-dbbackup + django-error-report-2 + django-filter + django-flags + django-formtools + django-ical + django-js-asset + django-maintenance-mode + django-markdownify + django-money + django-mptt + django-redis + django-oauth-toolkit + django-otp + django-q-sentry + django-q2 + django-redis + django-sesame + django-sql-utils + django-structlog + django-stdimage + django-taggit + django-user-sessions + django-weasyprint + djangorestframework + djangorestframework-simplejwt + djangorestframework-simplejwt.optional-dependencies.crypto + django-xforwardedfor-middleware + drf-spectacular + dulwich + feedparser + gunicorn + pdf2image + pillow + pint + pip-licenses + pypdf + python-barcode + python-barcode.optional-dependencies.images + python-dotenv + pyyaml + qrcode + qrcode.optional-dependencies.pil + rapidfuzz + sentry-sdk + tablib + tablib.optional-dependencies.xls + tablib.optional-dependencies.xlsx + tablib.optional-dependencies.yaml + weasyprint + whitenoise + + psycopg2 + fido2 + ]; + + installPhase = '' + substituteInPlace src/backend/InvenTree/InvenTree/settings.py --replace-fail "django_slowtests.testrunner.DiscoverSlowestTestsRunner" "django.test.runner.DiscoverRunner" + + mkdir -p $out/opt/inventree + cp -r . $out/opt/inventree + + echo "Installing frontend" + + mkdir -p $out/opt/inventree/src/backend/InvenTree/web/static/web + cp -r ${frontend}/* $out/opt/inventree/src/backend/InvenTree/web/static/web/ + cp -r ${frontend}/.* $out/opt/inventree/src/backend/InvenTree/web/static/web/ + ''; + + passthru = { + pythonPath = python3.pkgs.makePythonPath dependencies; + gunicorn = python3.pkgs.gunicorn; + inherit frontend; + }; +} diff --git a/pkgs/overlay.nix b/pkgs/overlay.nix index 03257f0..d8ab3c0 100644 --- a/pkgs/overlay.nix +++ b/pkgs/overlay.nix @@ -2,4 +2,28 @@ final: prev: { think-gtcm = final.callPackage ./think-gtcm.nix { }; think-backend-gtcm = final.callPackage ./think-backend-gtcm.nix { php = final.php83; }; gtcm-file-uploader = final.callPackage ./gtcm-file-uploader.nix { }; + + pythonPackagesExtensions = prev.pythonPackagesExtensions ++ [ + (py-final: py-prev: { + django-dbbackup = py-final.callPackage ./python/django-dbbackup { }; + django-error-report-2 = py-final.callPackage ./python/django-error-report-2 { }; + django-flags = py-final.callPackage ./python/django-flags { }; + django-ical = py-final.callPackage ./python/django-ical { }; + django-markdownify = py-final.callPackage ./python/django-markdownify { }; + django-money = py-final.callPackage ./python/django-money { }; + django-q-sentry = py-final.callPackage ./python/django-q-sentry { }; + django-recurrence = py-final.callPackage ./python/django-recurrence { }; + django-slowtests = py-final.callPackage ./python/django-slowtests { }; + django-structlog = py-final.callPackage ./python/django-structlog { }; + django-stdimage = py-final.callPackage ./python/django-stdimage { }; + django-user-sessions = py-final.callPackage ./python/django-user-sessions { }; + django-weasyprint = py-final.callPackage ./python/django-weasyprint { }; + django-xforwardedfor-middleware = py-final.callPackage ./python/django-xforwardedfor-middleware { }; + pip-licenses = py-final.callPackage ./python/pip-licenses { }; + py-moneyed = py-final.callPackage ./python/py-moneyed { }; + pytest-pycodestyle = py-final.callPackage ./python/pytest-codestyle { }; + sentry-sdk = py-final.callPackage ./python/sentry-sdk { }; + }) + ]; + inventree = final.callPackage ./inventree { python3 = final.python312; }; } diff --git a/pkgs/python/django-dbbackup/default.nix b/pkgs/python/django-dbbackup/default.nix new file mode 100644 index 0000000..e9fd815 --- /dev/null +++ b/pkgs/python/django-dbbackup/default.nix @@ -0,0 +1,42 @@ +{ + lib, + buildPythonPackage, + fetchFromGitHub, + setuptools, + wheel, + django, + pytz, +}: + +buildPythonPackage rec { + pname = "django-dbbackup"; + version = "4.2.1"; + pyproject = true; + + src = fetchFromGitHub { + owner = "jazzband"; + repo = "django-dbbackup"; + rev = version; + hash = "sha256-GD+f9mbImGPQ6MOUK3ftHqiGv7TT39jNQsFvd0dnnWU="; + }; + + build-system = [ + setuptools + wheel + ]; + + dependencies = [ + django + pytz + ]; + + pythonImportsCheck = [ "dbbackup" ]; + + meta = { + description = "Management commands to help backup and restore your project database and media files"; + homepage = "https://github.com/jazzband/django-dbbackup"; + license = lib.licenses.bsd3; + maintainers = with lib.maintainers; [ ]; + mainProgram = "django-dbbackup"; + }; +} diff --git a/pkgs/python/django-error-report-2/default.nix b/pkgs/python/django-error-report-2/default.nix new file mode 100644 index 0000000..5706887 --- /dev/null +++ b/pkgs/python/django-error-report-2/default.nix @@ -0,0 +1,37 @@ +{ + lib, + buildPythonPackage, + fetchFromGitHub, + setuptools, + wheel, + django, +}: + +buildPythonPackage rec { + pname = "django-error-report-2"; + version = "0.4.2"; + pyproject = true; + + src = fetchFromGitHub { + owner = "matmair"; + repo = "django-error-report-2"; + rev = version; + hash = "sha256-ZCaslqgruJxM8345/jSlZGruM+27H9hvwL0wtPkUzc0="; + }; + + build-system = [ + setuptools + wheel + ]; + + dependencies = [ django ]; + + pythonImportsCheck = [ "error_report" ]; + + meta = { + description = "Log/View Django server errors"; + homepage = "https://github.com/matmair/django-error-report-2"; + license = lib.licenses.mit; + maintainers = with lib.maintainers; [ ]; + }; +} diff --git a/pkgs/python/django-flags/default.nix b/pkgs/python/django-flags/default.nix new file mode 100644 index 0000000..3d44281 --- /dev/null +++ b/pkgs/python/django-flags/default.nix @@ -0,0 +1,37 @@ +{ + lib, + buildPythonPackage, + fetchFromGitHub, + setuptools, + wheel, + django, +}: + +buildPythonPackage rec { + pname = "django-flags"; + version = "5.0.13"; + pyproject = true; + + src = fetchFromGitHub { + owner = "cfpb"; + repo = "django-flags"; + rev = version; + hash = "sha256-WPMfFYoP6WaVzZmVtqAz4LlY761aCRyPhd5npc8bOOI="; + }; + + build-system = [ + setuptools + wheel + ]; + + dependencies = [ django ]; + + pythonImportsCheck = [ "flags" ]; + + meta = { + description = "Feature flags for Django projects"; + homepage = "https://github.com/cfpb/django-flags"; + license = lib.licenses.cc0; + maintainers = with lib.maintainers; [ ]; + }; +} diff --git a/pkgs/python/django-ical/default.nix b/pkgs/python/django-ical/default.nix new file mode 100644 index 0000000..3c41e90 --- /dev/null +++ b/pkgs/python/django-ical/default.nix @@ -0,0 +1,46 @@ +{ + lib, + buildPythonPackage, + fetchFromGitHub, + setuptools, + setuptools-scm, + wheel, + django, + django-recurrence, + icalendar, +}: + +buildPythonPackage rec { + pname = "django-ical"; + version = "1.9.2"; + pyproject = true; + + src = fetchFromGitHub { + owner = "jazzband"; + repo = "django-ical"; + rev = version; + hash = "sha256-DUe0loayGcUS7MTyLn+g0KBxbIY7VsaoQNHGSMbMI3U="; + }; + + build-system = [ + setuptools + setuptools-scm + wheel + ]; + + dependencies = [ + django + django-recurrence + icalendar + ]; + + pythonImportsCheck = [ "django_ical" ]; + + meta = { + description = "ICal feeds for Django based on Django's syndication feed framework"; + homepage = "https://github.com/jazzband/django-ical"; + changelog = "https://github.com/jazzband/django-ical/blob/${src.rev}/CHANGES.rst"; + license = lib.licenses.mit; + maintainers = with lib.maintainers; [ ]; + }; +} diff --git a/pkgs/python/django-markdownify/default.nix b/pkgs/python/django-markdownify/default.nix new file mode 100644 index 0000000..9cc854d --- /dev/null +++ b/pkgs/python/django-markdownify/default.nix @@ -0,0 +1,39 @@ +{ + lib, + buildPythonPackage, + fetchFromGitHub, + setuptools, + bleach, + django, + markdown, +}: + +buildPythonPackage rec { + pname = "django-markdownify"; + version = "0.9.5"; + pyproject = true; + + src = fetchFromGitHub { + owner = "erwinmatijsen"; + repo = "django-markdownify"; + rev = version; + hash = "sha256-KYU8p8NRD4EIS/KhOk9nvmXCf0RWEc+IFZ57YtsDSWE="; + }; + + build-system = [ setuptools ]; + + dependencies = [ + bleach + django + markdown + ]; + + pythonImportsCheck = [ "markdownify" ]; + + meta = { + description = "Markdown template filter for Django"; + homepage = "https://github.com/erwinmatijsen/django-markdownify"; + license = lib.licenses.mit; + maintainers = with lib.maintainers; [ ]; + }; +} diff --git a/pkgs/python/django-money/default.nix b/pkgs/python/django-money/default.nix new file mode 100644 index 0000000..a04e885 --- /dev/null +++ b/pkgs/python/django-money/default.nix @@ -0,0 +1,41 @@ +{ + lib, + buildPythonPackage, + fetchFromGitHub, + setuptools, + wheel, + django, + py-moneyed, +}: + +buildPythonPackage rec { + pname = "django-money"; + version = "3.2"; + pyproject = true; + + src = fetchFromGitHub { + owner = "django-money"; + repo = "django-money"; + rev = version; + hash = "sha256-eL26NsreUqtMJ26TmvmB53EJI4Sjs7qjFDnnt4N0vdI="; + }; + + build-system = [ + setuptools + wheel + ]; + + dependencies = [ + django + py-moneyed + ]; + + pythonImportsCheck = [ "djmoney" ]; + + meta = { + description = "Money fields for Django forms and models"; + homepage = "https://github.com/django-money/django-money"; + license = lib.licenses.bsd3; + maintainers = with lib.maintainers; [ ]; + }; +} diff --git a/pkgs/python/django-q-sentry/default.nix b/pkgs/python/django-q-sentry/default.nix new file mode 100644 index 0000000..e4814f3 --- /dev/null +++ b/pkgs/python/django-q-sentry/default.nix @@ -0,0 +1,37 @@ +{ + lib, + buildPythonPackage, + fetchFromGitHub, + poetry-core, + setuptools, + sentry-sdk, +}: + +buildPythonPackage rec { + pname = "django-q-sentry"; + version = "0.1.6"; + pyproject = true; + + src = fetchFromGitHub { + owner = "danielwelch"; + repo = "django-q-sentry"; + rev = "d3a43a90c82734244d5ebf3295652223053f1354"; + hash = "sha256-3C7A+X18c7p19HWD/uPRtAMf29VjmrfXXh2z5PPOREY="; + }; + + build-system = [ + poetry-core + setuptools + ]; + + dependencies = [ sentry-sdk ]; + + pythonImportsCheck = [ "django_q_sentry" ]; + + meta = { + description = "Bringing Sentry error tracking to Django Q"; + homepage = "https://github.com/danielwelch/django-q-sentry"; + license = lib.licenses.mit; + maintainers = with lib.maintainers; [ ]; + }; +} diff --git a/pkgs/python/django-recurrence/default.nix b/pkgs/python/django-recurrence/default.nix new file mode 100644 index 0000000..89c5aee --- /dev/null +++ b/pkgs/python/django-recurrence/default.nix @@ -0,0 +1,56 @@ +{ + lib, + buildPythonPackage, + fetchFromGitHub, + pdm-backend, + django, + flake8, + pytest, + pytest-cov, + pytest-django, + pytest-sugar, + python-dateutil, + sphinx, + sphinx-rtd-theme, + tox, +}: + +buildPythonPackage rec { + pname = "django-recurrence"; + version = "1.12.1"; + pyproject = true; + + src = fetchFromGitHub { + owner = "jazzband"; + repo = "django-recurrence"; + rev = version; + hash = "sha256-Q33zyMa1wI13RNLxynGAJHlagahpnFHCmZbHp0aPC/w="; + }; + + build-system = [ pdm-backend ]; + + dependencies = [ + django + flake8 + pytest + pytest-cov + pytest-django + pytest-sugar + python-dateutil + sphinx + sphinx-rtd-theme + tox + ]; + + pythonRelaxDeps = true; + + pythonImportsCheck = [ "recurrence" ]; + + meta = { + description = "Utility for working with recurring dates in Django"; + homepage = "https://github.com/django-recurrence/django-recurrence"; + changelog = "https://github.com/django-recurrence/django-recurrence/blob/${src.rev}/CHANGES.rst"; + license = lib.licenses.bsd3; + maintainers = with lib.maintainers; [ ]; + }; +} diff --git a/pkgs/python/django-slowtests/default.nix b/pkgs/python/django-slowtests/default.nix new file mode 100644 index 0000000..4a58217 --- /dev/null +++ b/pkgs/python/django-slowtests/default.nix @@ -0,0 +1,38 @@ +{ + lib, + buildPythonPackage, + fetchFromGitHub, + setuptools, + wheel, + django, +}: + +buildPythonPackage rec { + pname = "django-slowtests"; + version = "1.1.1"; + pyproject = true; + + src = fetchFromGitHub { + owner = "realpython"; + repo = "django-slow-tests"; + rev = version; + hash = "sha256-gW9AZiMpXJp1m2X1cbm6GdZ9cH+TFqjNLQJFmsvGjB0="; + }; + + build-system = [ + setuptools + wheel + ]; + + dependencies = [ django ]; + + pythonImportsCheck = [ "django_slowtests" ]; + + meta = { + description = "Locate your slowest tests"; + homepage = "https://github.com/realpython/django-slow-tests"; + changelog = "https://github.com/realpython/django-slow-tests/blob/${src.rev}/CHANGELOG.rst"; + license = lib.licenses.mit; + maintainers = with lib.maintainers; [ ]; + }; +} diff --git a/pkgs/python/django-stdimage/default.nix b/pkgs/python/django-stdimage/default.nix new file mode 100644 index 0000000..1bab49c --- /dev/null +++ b/pkgs/python/django-stdimage/default.nix @@ -0,0 +1,51 @@ +{ + lib, + buildPythonPackage, + fetchFromGitHub, + setuptools, + setuptools-scm, + wheel, + django, + pillow, + gettext, +}: + +buildPythonPackage rec { + pname = "django-stdimage"; + version = "6.0.2"; + pyproject = true; + + src = fetchFromGitHub { + owner = "codingjoe"; + repo = "django-stdimage"; + rev = version; + hash = "sha256-uwVU3Huc5fitAweShJjcMW//GBeIpJcxqKKLGo/EdIs="; + }; + + build-system = [ + setuptools + setuptools-scm + wheel + ]; + + dependencies = [ + django + pillow + ]; + + nativeBuildInputs = [ gettext ]; + + preBuild = '' + echo "bla bla" + echo $PATH + ''; + + pythonImportsCheck = [ "stdimage" ]; + + meta = { + description = ""; + homepage = "https://github.com/codingjoe/django-stdimage"; + license = lib.licenses.mit; + maintainers = with lib.maintainers; [ ]; + }; +} diff --git a/pkgs/python/django-structlog/default.nix b/pkgs/python/django-structlog/default.nix new file mode 100644 index 0000000..90e5e7a --- /dev/null +++ b/pkgs/python/django-structlog/default.nix @@ -0,0 +1,48 @@ +{ + lib, + buildPythonPackage, + fetchFromGitHub, + setuptools, + asgiref, + django, + django-ipware, + structlog, + celery, + django-extensions, +}: + +buildPythonPackage rec { + pname = "django-structlog"; + version = "9.1.1"; + pyproject = true; + + src = fetchFromGitHub { + owner = "jrobichaud"; + repo = "django-structlog"; + rev = version; + hash = "sha256-SEigOdlXZtfLAgRgGkv/eDNDAiiHd7YthRJ/H6e1v5U="; + }; + + build-system = [ setuptools ]; + + dependencies = [ + asgiref + django + django-ipware + structlog + ]; + + optional-dependencies = { + celery = [ celery ]; + commands = [ django-extensions ]; + }; + + pythonImportsCheck = [ "django_structlog" ]; + + meta = { + description = ""; + homepage = "https://github.com/jrobichaud/django-structlog"; + license = lib.licenses.mit; + maintainers = with lib.maintainers; [ ]; + }; +} diff --git a/pkgs/python/django-user-sessions/default.nix b/pkgs/python/django-user-sessions/default.nix new file mode 100644 index 0000000..7d240f1 --- /dev/null +++ b/pkgs/python/django-user-sessions/default.nix @@ -0,0 +1,39 @@ +{ + lib, + buildPythonPackage, + fetchFromGitHub, + setuptools, + setuptools-scm, + wheel, + django, +}: + +buildPythonPackage rec { + pname = "django-user-sessions"; + version = "2.0.0"; + pyproject = true; + + src = fetchFromGitHub { + owner = "jazzband"; + repo = "django-user-sessions"; + rev = version; + hash = "sha256-Wexy6G2pZ8LTnqtJkBZIePV7qhQW8gu/mKiQfZtgf/o="; + }; + + build-system = [ + setuptools + setuptools-scm + wheel + ]; + + dependencies = [ django ]; + + pythonImportsCheck = [ "user_sessions" ]; + + meta = { + description = "Extend Django sessions with a foreign key back to the user, allowing enumerating all user's sessions"; + homepage = "http://github.com/jazzband/django-user-sessions"; + license = lib.licenses.mit; + maintainers = with lib.maintainers; [ ]; + }; +} diff --git a/pkgs/python/django-weasyprint/default.nix b/pkgs/python/django-weasyprint/default.nix new file mode 100644 index 0000000..07d026e --- /dev/null +++ b/pkgs/python/django-weasyprint/default.nix @@ -0,0 +1,38 @@ +{ + lib, + buildPythonPackage, + fetchFromGitHub, + setuptools, + django, + weasyprint, +}: + +buildPythonPackage rec { + pname = "django-weasyprint"; + version = "2.4.0"; + pyproject = true; + + src = fetchFromGitHub { + owner = "fdemmer"; + repo = "django-weasyprint"; + rev = "v${version}"; + hash = "sha256-eSh1p+5MyYb6GIEgSdlFxPzVCenlkwSCTkTzgKjezIg="; + }; + + build-system = [ setuptools ]; + + dependencies = [ + django + weasyprint + ]; + + pythonImportsCheck = [ "django_weasyprint" ]; + + meta = { + description = "A Django class-based view generating PDF resposes using WeasyPrint"; + homepage = "https://github.com/fdemmer/django-weasyprint"; + changelog = "https://github.com/fdemmer/django-weasyprint/blob/${src.rev}/CHANGELOG.md"; + license = lib.licenses.asl20; + maintainers = with lib.maintainers; [ ]; + }; +} diff --git a/pkgs/python/django-xforwardedfor-middleware/default.nix b/pkgs/python/django-xforwardedfor-middleware/default.nix new file mode 100644 index 0000000..6af14f9 --- /dev/null +++ b/pkgs/python/django-xforwardedfor-middleware/default.nix @@ -0,0 +1,37 @@ +{ + lib, + buildPythonPackage, + fetchFromGitHub, + setuptools, + wheel, + django, +}: + +buildPythonPackage rec { + pname = "django-xforwardedfor-middleware"; + version = "2.0"; + pyproject = true; + + src = fetchFromGitHub { + owner = "allo-"; + repo = "django-xforwardedfor-middleware"; + rev = "v${version}"; + hash = "sha256-dDXSb17kXOSeIgY6wid1QFHhUjrapasWgCEb/El51eA="; + }; + + build-system = [ + setuptools + wheel + ]; + + dependencies = [ django ]; + + pythonImportsCheck = [ "x_forwarded_for" ]; + + meta = { + description = "Use the X-Forwarded-For header to get the real ip of a request"; + homepage = "https://github.com/allo-/django-xforwardedfor-middleware"; + license = lib.licenses.publicDomain; + maintainers = with lib.maintainers; [ ]; + }; +} diff --git a/pkgs/python/pip-licenses/default.nix b/pkgs/python/pip-licenses/default.nix new file mode 100644 index 0000000..68ca10b --- /dev/null +++ b/pkgs/python/pip-licenses/default.nix @@ -0,0 +1,74 @@ +{ + lib, + buildPythonPackage, + fetchFromGitHub, + setuptools, + setuptools-scm, + wheel, + prettytable, + tomli, + autopep8, + black, + docutils, + isort, + mypy, + pip-tools, + pypandoc, + pytest-cov, + pytest-pycodestyle, + pytestrunner, + tomli-w, + twine, +}: + +buildPythonPackage rec { + pname = "pip-licenses"; + version = "5.0.0"; + pyproject = true; + + src = fetchFromGitHub { + owner = "raimon49"; + repo = "pip-licenses"; + rev = "v-${version}"; + hash = "sha256-6xw6BCuXSzNcwkpHaEFC5UPpubPUwhx/pg6vZq2er7A="; + }; + + build-system = [ + setuptools + setuptools-scm + wheel + ]; + + dependencies = [ + prettytable + tomli + ]; + + optional-dependencies = { + dev = [ + autopep8 + black + docutils + isort + mypy + pip-tools + pypandoc + pytest-cov + pytest-pycodestyle + pytestrunner + tomli-w + twine + wheel + ]; + }; + + pythonImportsCheck = [ "piplicenses" ]; + + meta = { + description = "Dump the license list of packages installed with pip"; + homepage = "https://github.com/raimon49/pip-licenses"; + changelog = "https://github.com/raimon49/pip-licenses/blob/${src.rev}/CHANGELOG.md"; + license = lib.licenses.mit; + maintainers = with lib.maintainers; [ ]; + }; +} diff --git a/pkgs/python/py-moneyed/default.nix b/pkgs/python/py-moneyed/default.nix new file mode 100644 index 0000000..e953766 --- /dev/null +++ b/pkgs/python/py-moneyed/default.nix @@ -0,0 +1,42 @@ +{ + lib, + buildPythonPackage, + fetchFromGitHub, + setuptools, + wheel, + babel, + typing-extensions, +}: + +buildPythonPackage rec { + pname = "py-moneyed"; + version = "3.0"; + pyproject = true; + + src = fetchFromGitHub { + owner = "py-moneyed"; + repo = "py-moneyed"; + rev = "v${version}"; + hash = "sha256-k0ZbLwog6TYxKDLZV7eH1Br8buMPfpOkgp+pMN/qdB8="; + }; + + build-system = [ + setuptools + wheel + ]; + + dependencies = [ + babel + typing-extensions + ]; + + pythonImportsCheck = [ "moneyed" ]; + + meta = { + description = "Provides Currency and Money classes for use in your Python code"; + homepage = "http://github.com/py-moneyed/py-moneyed"; + changelog = "https://github.com/py-moneyed/py-moneyed/blob/${src.rev}/CHANGES.rst"; + license = lib.licenses.bsd3; + maintainers = with lib.maintainers; [ ]; + }; +} diff --git a/pkgs/python/sentry-sdk/default.nix b/pkgs/python/sentry-sdk/default.nix new file mode 100644 index 0000000..0c75d44 --- /dev/null +++ b/pkgs/python/sentry-sdk/default.nix @@ -0,0 +1,43 @@ +{ + lib, + buildPythonPackage, + fetchFromGitHub, + setuptools, + wheel, + certifi, + urllib3, +}: + +buildPythonPackage rec { + pname = "sentry-sdk"; + version = "2.26.1"; + pyproject = true; + + src = fetchFromGitHub { + owner = "getsentry"; + repo = "sentry-python"; + rev = version; + hash = "sha256-Wl8yq2X9GuPcqaS93hkKXs2cDzz282Xceaai4NjbVZY="; + fetchSubmodules = true; + }; + + build-system = [ + setuptools + wheel + ]; + + dependencies = [ + certifi + urllib3 + ]; + + pythonImportsCheck = [ "sentry_sdk" ]; + + meta = { + description = "The official Python SDK for Sentry.io"; + homepage = "https://github.com/getsentry/sentry-python"; + changelog = "https://github.com/getsentry/sentry-python/blob/${src.rev}/CHANGELOG.md"; + license = lib.licenses.mit; + maintainers = with lib.maintainers; [ ]; + }; +} diff --git a/sops/machines/hadar/key.json b/sops/machines/hadar/key.json new file mode 100755 index 0000000..1adf5d9 --- /dev/null +++ b/sops/machines/hadar/key.json @@ -0,0 +1,6 @@ +[ + { + "publickey": "age1qdxqyqqs34cksjkzeww2c942w8xgm9x6d4zct4glwqg90ghve9qq6d944c", + "type": "age" + } +] \ No newline at end of file diff --git a/sops/secrets/hadar-age.key/groups/admins b/sops/secrets/hadar-age.key/groups/admins new file mode 120000 index 0000000..e5092e3 --- /dev/null +++ b/sops/secrets/hadar-age.key/groups/admins @@ -0,0 +1 @@ +../../../groups/admins \ No newline at end of file diff --git a/sops/secrets/hadar-age.key/secret b/sops/secrets/hadar-age.key/secret new file mode 100644 index 0000000..a137957 --- /dev/null +++ b/sops/secrets/hadar-age.key/secret @@ -0,0 +1,46 @@ +{ + "data": "ENC[AES256_GCM,data:MpG9R4x/trF6eJonbG0M9d9grMyV/8GUdS6CUFaF4iExz0tcQ5v3p25NhtgRr94Xn/+erZQb++QdDdns1JY1mi09uSECtxokSJw=,iv:x3ts+0l9QlRCfXFXxj9Px+EcIwD9SCjzIyJ1+kcqIZU=,tag:5oYqg2T86uhrxh9Nd4Euxg==,type:str]", + "sops": { + "age": [ + { + "recipient": "age134vt63pjqpd0m7702fyn8vhdlzyj2deqc2q78sp9uw9052kxsgwq6d25ez", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVVEkyZE9kRlpPVVdQcmQy\nV3d0alBkWmhmY3N5bXNSTzNmbjcyY1lHcUVRCnlsVDIwbDdOUmdDYlNaZXQzS0JF\nSm5ZTnZ0ZmE5TVNDa2tYVXd6VC9wUncKLS0tIE9EaUlYbmd4Ni9UVm4vMUV2TmJK\nMFdyOTRiR2tMSzJmcWtwK3VKd2s2RDQKwZFwjnhobvgRYmH726FLLl5n8zGo9+Ws\nJ5Mpy5vaIXAOCHBKim0GtEDik8YeSgURCPnvtXSGA6Wq2c66qKGkVA==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age17d4qt0n9edq57tgcqyk8eu5mrendl59yt6z2y3a4vkq7el8krqtq6lq28g", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2KzBNZGVpRjByN2JlVHBQ\nbDZqUy9SNDRpczkxQkJqUzdvMkZ4TjJIRUdrCkJmSHYzVXlGSHZsSWNuRG9mTUJs\nWmxYSFdxVnpvM29ScDdmNjZpcktScVUKLS0tIERHaFhIYVVEL3FCd1pjQnp2aklE\nSWJFRkpXa1BtWWxKSTB6OUdPblZ5YWMK5arDu2EI8uEXr1DBPAQ+OEtA+CBNxXXH\nWx4OBwTjUuh9YVCR138SDgNhyeuW9A+DUioDFS+DzIIK5XNzOZ+U1g==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fido2-hmac1qqpf43tgcfjm048lsqskvq34w2t4uvrm5qy6m2eg6zjj82ctca8wctgpczxvj0q4y6337uhvsxdh5j86k9h9ymautpvv2759ucwnef75ez7pa7fpkddklp40mxk2tedsp74359g0kefn5rsq0x0yss6cu4yd0h06up0rp08t6yc4l0hfa9y8jn5fkx6nk0hjhz06ykwv0fyxe7z42q683jy0", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIC9LSXdtY2xs\ndGtMMTdZUC8zT0x4SGhUbHB4ZlhpUWdzRCtkQzFaZ2JpVDQgQVEgd0l6SlBCVW1v\neDl5N0lHYmVrajZzVzVTYjd4WVdNVjZoZVlkUEtmVXlMdyBIdmtoczF0dmhxL1py\nS1hsc0ErckdoVVB0bE02RGdCNW5raERXT1ZJMTkzNjRGNHd2T3ZSTVYrKzZlbEll\nVTZKc2JVN1B2SzRuNkpaekhwSWJQaFZVQQpLNEFrMWdSMld6dUZYeTl1WnZvbFpS\nRWoyYkVJMTBzanlDTVdmL0N6K3cwCi0tLSB6U2hpVFBkV1BPK3NGVXpvYS9qNzhS\nOStpa29rWGZZY09Hb3hHT0c0cTVjCnussox2HqzEt1dhN/T50N4teQEJv3hnB9oG\nDCQujYVLgXxT700BO/Mdd6UsfGUotRUspglTmKVRuGXd5m/wCXg=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fido2-hmac1qqprw0vfpc8wzsu78quc777kmee54ln6nnsjrnrhl7nr33eh4kvkksqp05qqxj4kgfzrmrugrsvg7skx6ghh3q9xc0x0agthtkvy25d9eq7eklta5wf7s30hexkuyl5546rdz9ffa5tawlp5yweqkgccntw0ny540n2am3cqw3luhxkfmrp63kwr6mwplhr9u26wll48x0n3k5f60c7hg9a3", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIGIwaHgxVmZ6\ncFdtVjRWY2ZUbUZoem1FeDVFeElIb05DVWxMSFowUU1zM00gQVEgZlFBRFNyWkNS\nRDJQaUJ3WWowTEcwaTk0Z0tiRHpQNmhkMTJZUlZHbHlEMCBtMzE5bzVQb1JmZkpy\nY0orbEs2RzBSVXA3UmZYZkRRanNnc2pHSnJjK1pLVmZOWGR4d0IwZjh1YXlkakRx\nTm5EMXR3ZjNHWGl0Ty8rcHpQbkcxRTZmZwpyWmVRMUVLWTA1bnZkamdWRWV4N3Vr\nVkNuQytMSGwvSWtXMFJ3ZVBQUTV3Ci0tLSBEejVhQzhvUEJGNmFCWnBLcEpuWHY0\ndXF6SG9RNEFDczBlaTdHdkJUZlBNCihddNokel0poWKU3Y32lIOrhJayA5f+UbNt\na3ckzRodBCPEDTRXxzGSeG6Oq/WaA1M/1MEoHiLHWfY7XZeZ7FY=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fido2-hmac1qqpyewum3q8dfcumfgec8nn958aec9f4q9aqy0k06kw5kq27d6fdqdgp0p7y4ru3n5xk90u747xevxa2af3v37e85j9g3axrmw5hdwdfh0wz22hut5vrafxsx26a7vh8fjwkymz3ramfgvvu4detztu075kmpr8l9ydqda0rnjwatdwmfgswg849p37astvld98s3nleeq575azlwc2hhpuh", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIEx0aUI5OTB1\nVWozRXhkcUJydUtCdGw1RGx4Z2tBQktkR1lLTks1eC91bkkgQVEgZUh4S2o1R2RE\nV0svbnErTmxodXE2bUxJK3lla2lvajB3OXVwZHJtcHU5dyBKU3I4WFJnK3BOQXl0\nZDh5NTB5ZFlteFJIM2FVTVp5cmNyRXZqL1V0c0l6L0tSb0c5ZU9jbmRXMTIwb2c1\nQjZsREgzWUxaOXBUd2pQK2NncDZuUmZkZwpmL3U2QXlINGQ1RGdmQjlZZVcrVjd4\nbTJLUUJHQmYwWFlhVG5DQ3c0eWdjCi0tLSBtYTA4RFBjd0YwTG5RUHlBaHRNWGtB\nQVgwTEZoV0VXOHJZUWdjeWZHRlkwCjVIezVWBVGrrS3tu1HMHc33di8NNCoG20tT\nme/TMN/9II/aNmnIa/rixH0nYzqcY3G3Xt3PehbPziB9qzOSXLk=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1hlzrpqqgndcthq5m5yj9egfgyet2fzrxwa6ynjzwx2r22uy6m3hqr3rd06", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB6VDJqcEVzbGltMGNtdmhy\nZEptb0psd2xzRjREOUdVclpKR0M4M2tzRUdNClpmQmhFOWdhL3dpU1RpdnFuSUhy\ncXUxRFgyNUNzMElEQ2lkcTcwMENiTlkKLS0tIElLODF0bktIbFB4MTFxMXBGS1Iv\nT051ZWFkQmN6Zi82MjhRL1J6akNmUG8KV6qe1+f8NgTMezHOTNXf2T7XsC8bycOf\n+jJTRiwNIvw7CiWWLU43PLkeARg0xLZx08354iSEeKWP839kaoTTTg==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1sg0rvgyetdcqw7j2x983fh69kdkvqsngpe5x36e5920qa7fze3cqhj4wgx", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOdm1zbjN2YVRPZ2VUVEVF\nVVJ1Z1B6T1IyQ0tOSlVydlgwMjZScTlNVms0CnppcDZHRnlETlVIUUY4d05oNW1z\nTy9yYlRBbXRFMkVQZGhzTHR2eWpOME0KLS0tIGI1YWRKdERTNjUzWDNJQjRJRWZH\nZFQvWFJwTTlVSS9vbndkcGdpSGFPL1EKJ+cbICrnFLqGIV3+NnfDixuFdIixtuOd\niyc9z62MqySpOz1zU0ZRgKOZxFhzgRn+ZESQOLjjmAN0Y3FeaWd/Dg==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1swlyyk2rzvevqawyeekv75nx2dz34zpe3xqhkqme26gcgeavy4dqrfpcd8", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSByYnlldUJPeW4ybkdHYlVS\nUzl2V2FkOVdpUXVLNzVxSkFNZitIWUpuYVV3Ci92OWZ0dzhoUTlkZDhSc2xPUnh0\nYzFzd05Hd1dTd2hHWFZpQ29NSEVBR1kKLS0tIHVsdEVEd0k4RG1LTGppTDVrWERL\nQm9VY1JLNk1hS2RtaGlqUWE2K1FESlkKzmXuABwFDIUfk1D2ajffLXzPZ0f/mdYd\nqy0EFA1fUv0KXo8d9/jQMVF+T4yi3VIxE/FpI90ewKANtrUOzuid6Q==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1vphy2sr6uw4ptsua3gh9khrm2cqyt65t46tusmt44z98qa7q6ymq6prrdl", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYS3BqSzNSa3A2S01DZVRr\nZTlaLzdMSzU5QTljVWV1ZFJ0V1plbXdHVVNRClJuK2h0RW1scVVqK3FrQUpEQ2VC\nVE82azNNOG1VSnlWMmJzK2I1U09RRFkKLS0tIG9obnB4ZURxZHlNQXRTWFhyMzRQ\neDZxeTM2L1BxSFRNWWRMUWRENndOU2cKjklv7uMQrwPsQqqMUmhgWPk5vERa4pGd\nSTx4QfVEYaWhkyDzBPd6tJX5Jt/xIUlI/ruUMqQa/4X+YXiDcjVGxA==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2026-03-24T10:47:07Z", + "mac": "ENC[AES256_GCM,data:mGclnACS2m2tTgSaqKXp8bp9FqHXZjwbB5u4t0h/CgyhltcJQPPQ0KDUW4lkuQFlF/SFYyPFlC07iw3pyjWQQRXZmtxxAhjU14TnOJ1wo6nPElJ1Ytug57TNzJiRh//lMZxMJcaWpwmGj8eUOmrVQhRLdO+7Lw2jRXs8ndIXGEQ=,iv:ezqrUJjS/33c+ix+HxdG4G4lWIxPmynpnMQCKw/hxOU=,tag:3J8gK0jHAIXyX4nOUdWC2Q==,type:str]", + "version": "3.12.1" + } +} diff --git a/sops/secrets/hadar-age.key/users/kurogeek b/sops/secrets/hadar-age.key/users/kurogeek new file mode 120000 index 0000000..54331f5 --- /dev/null +++ b/sops/secrets/hadar-age.key/users/kurogeek @@ -0,0 +1 @@ +../../../users/kurogeek \ No newline at end of file diff --git a/vars/per-machine/hadar/inventree/admin-password/groups/admins b/vars/per-machine/hadar/inventree/admin-password/groups/admins new file mode 120000 index 0000000..6765aa1 --- /dev/null +++ b/vars/per-machine/hadar/inventree/admin-password/groups/admins @@ -0,0 +1 @@ +../../../../../../sops/groups/admins \ No newline at end of file diff --git a/vars/per-machine/hadar/inventree/admin-password/machines/hadar b/vars/per-machine/hadar/inventree/admin-password/machines/hadar new file mode 120000 index 0000000..f12fe93 --- /dev/null +++ b/vars/per-machine/hadar/inventree/admin-password/machines/hadar @@ -0,0 +1 @@ +../../../../../../sops/machines/hadar \ No newline at end of file diff --git a/vars/per-machine/hadar/inventree/admin-password/secret b/vars/per-machine/hadar/inventree/admin-password/secret new file mode 100644 index 0000000..ca37a2c --- /dev/null +++ b/vars/per-machine/hadar/inventree/admin-password/secret @@ -0,0 +1,50 @@ +{ + "data": "ENC[AES256_GCM,data:RPXW5VShW1k0rAk5AcN/wKrujqIaT/WF2fFSeD4tuA==,iv:3bpnuxMJNdHL2GGfGmrZKs73RGexg88n0DjDjSQV9jY=,tag:s42AGFdOFIcvYVdrDPH+XA==,type:str]", + "sops": { + "age": [ + { + "recipient": "age134vt63pjqpd0m7702fyn8vhdlzyj2deqc2q78sp9uw9052kxsgwq6d25ez", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPdVJDYUFzVUFuLzNaeXFO\nZkpTWDNVQVNsdUIyc2xyR2VBNFpxenRZZFZJCjU1cGhvNEtIVGxOWG5WQ2VHRlh3\nWVVPZFJvdlcyeDlqSTAxYmJLYmZwMTQKLS0tIGJ0NWRTV2JSOXVIVldMUUxMVjk1\nblRFbzYzNldTcWw4cHM2ek4zeVV4MmMKhU8a/Tvubcxgjyqvht99mdPsYuskLv8M\ndVXU7+pO4qCGkxyJFgG8vxFzwwnrLIuOoGZJjwOhVJQ1DkCrSdt8+A==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age17d4qt0n9edq57tgcqyk8eu5mrendl59yt6z2y3a4vkq7el8krqtq6lq28g", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2Z1JTKzJTbVNtZ2dvRDlz\nYllPdVYzdGhtdUQ5S3Z2clVGUS9nVU5QbFhNCm1UMzJ5OEk0ZHo2c1lGS0QxWjJS\nenlidFVJSHVqcnhGencvMU5DSEZJNmsKLS0tIGlIRjRkQUFBSXZpUCtSd2lGRVNH\ndDN3ZnV5YnpEUXNpbzFPWTdLUFlodjgKbcd6meNtTHKtZayEK9t3AGkAVfWcPKI/\nvSMKrAM0JrM7JWQyUIUTUQC4CCni5rOyrOZCCNKPI7YwEsk0V7SNNQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fido2-hmac1qqpf43tgcfjm048lsqskvq34w2t4uvrm5qy6m2eg6zjj82ctca8wctgpczxvj0q4y6337uhvsxdh5j86k9h9ymautpvv2759ucwnef75ez7pa7fpkddklp40mxk2tedsp74359g0kefn5rsq0x0yss6cu4yd0h06up0rp08t6yc4l0hfa9y8jn5fkx6nk0hjhz06ykwv0fyxe7z42q683jy0", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIG5pZ2U3NFdG\ndVFRQkduNFFNTUV1ZEZ6VncxSWRlQ0VBR1E0a1R4b3RpMGsgQVEgd0l6SlBCVW1v\neDl5N0lHYmVrajZzVzVTYjd4WVdNVjZoZVlkUEtmVXlMdyBIdmtoczF0dmhxL1py\nS1hsc0ErckdoVVB0bE02RGdCNW5raERXT1ZJMTkzNjRGNHd2T3ZSTVYrKzZlbEll\nVTZKc2JVN1B2SzRuNkpaekhwSWJQaFZVQQpSektEcHVsVjl3ZEhIL0crcU5JNjBx\nNFVGRlJtajhXU2Z2cW0zdWI1dzhjCi0tLSBjV3hqelFGa2JYT3IrMCtuNnByZjBX\nTWRmOEVFOFFwK3RDZTRKbi9IeEQwCj4oS2MEJq+xZTQCkcLhJYXldoOpOyY8f5RF\nkpQypxLwyJ/VXMQxLDD+mTpJuL51pTd/npmCBmKO69C7vnuPiyA=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fido2-hmac1qqprw0vfpc8wzsu78quc777kmee54ln6nnsjrnrhl7nr33eh4kvkksqp05qqxj4kgfzrmrugrsvg7skx6ghh3q9xc0x0agthtkvy25d9eq7eklta5wf7s30hexkuyl5546rdz9ffa5tawlp5yweqkgccntw0ny540n2am3cqw3luhxkfmrp63kwr6mwplhr9u26wll48x0n3k5f60c7hg9a3", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIFZ0MXB3YUZ2\nZStjQ2JXTjQ0U0RNTTNxZzFkbGpOdmU1OEpiVGdrbkRQbW8gQVEgZlFBRFNyWkNS\nRDJQaUJ3WWowTEcwaTk0Z0tiRHpQNmhkMTJZUlZHbHlEMCBtMzE5bzVQb1JmZkpy\nY0orbEs2RzBSVXA3UmZYZkRRanNnc2pHSnJjK1pLVmZOWGR4d0IwZjh1YXlkakRx\nTm5EMXR3ZjNHWGl0Ty8rcHpQbkcxRTZmZwpDY21IUzVTdmJHR0xBc1YvRkFRbDNP\nbjJQbERqWFVxdmNhRDMzbTc3NnE4Ci0tLSBQbGNSWC9FVzVxZHZvMFc5L05INE5E\nVDIrMWRIZ3RsVEE3VXgrSG5HeS9JCmzdNRXbABN2GsevcLbDUr3GwYUtJSrP87X3\nIQwbqyd8oTwGE1I8pGB+kAUPKq7J5hSzdZsCdoS4N0RlFXhHmsc=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fido2-hmac1qqpyewum3q8dfcumfgec8nn958aec9f4q9aqy0k06kw5kq27d6fdqdgp0p7y4ru3n5xk90u747xevxa2af3v37e85j9g3axrmw5hdwdfh0wz22hut5vrafxsx26a7vh8fjwkymz3ramfgvvu4detztu075kmpr8l9ydqda0rnjwatdwmfgswg849p37astvld98s3nleeq575azlwc2hhpuh", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIHVKZ3dtWC9k\nalh5VGEzaGZ0SXU1d25WR0FyUFl1SU1XaW9zQ1NuaXFIQkEgQVEgZUh4S2o1R2RE\nV0svbnErTmxodXE2bUxJK3lla2lvajB3OXVwZHJtcHU5dyBKU3I4WFJnK3BOQXl0\nZDh5NTB5ZFlteFJIM2FVTVp5cmNyRXZqL1V0c0l6L0tSb0c5ZU9jbmRXMTIwb2c1\nQjZsREgzWUxaOXBUd2pQK2NncDZuUmZkZwpNM2tvV2k3M3RpbmRpY0ZINkpKSUsr\nL2UwK010N0NGY2IvSTM5SEhUK3VjCi0tLSBBU1IwNXBRTG5QMEZmb2lHV2RtcVlj\nV0d6TWRJOEdUOEZoRXkrYk11OStZCpNy7ExKdaKyHRFvPt/cWDgty33zatN3x7Xa\ngDT6ebSvfG9cJnOzK0jI9ruvAoBQY0/PcrQw/nh6L59GNxQrfLA=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1hlzrpqqgndcthq5m5yj9egfgyet2fzrxwa6ynjzwx2r22uy6m3hqr3rd06", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzekFZenZpU3F0N05teXdw\nUDJMOStlVnVrQzBWMkJNUU5zaXRsRFZoRlFRCnFtOVZNbFZ3WHBieThTQ2NhWUUy\neCtXaWcwY2s2L0NRc1hIMUhrQlVHUUkKLS0tIEFkeEVHQlJjbW1DQ0diZ1hsbElB\nTlcvaWlmMm9IdzRVNmZPQlpXZGtPM0kKyAKQdR51WA99kBd6z7OYIUeo3cTvH/Js\n2EVKhrc8EhR63RBznJ2ymgLLsTPZ3EFEGfjKR1ZoQir3O4EQIRg54Q==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1qdxqyqqs34cksjkzeww2c942w8xgm9x6d4zct4glwqg90ghve9qq6d944c", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzR3Q2ZGdWRzY5WnpGMGor\nTlZMNFA3cDBjSEkzTWFKa1NsdDM3aGFMMkJnClJScWlmUXgyd3IxTjdBR0sydFh4\nRnhNUWFRSWYyQXRzTFZzM0o2ejAxRmcKLS0tIDMrNytBcUpwS0N0WUw3anBCMVRN\nR3BERE5sUGNidkp2aWZYZm9VYnc3bGcKGpKToeEnUA8F652MZuHMGSY2+yBO2lvl\nC6+Iazo/mkvY0N0JP2zW6kqYN3PoQgA8pHdW2dTQc2NiQphuJAELnQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1sg0rvgyetdcqw7j2x983fh69kdkvqsngpe5x36e5920qa7fze3cqhj4wgx", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXc25DY3VRTVhFN0dPM0Fu\nUGhJQkJiMHhmS2wvOHl0LzRTN1lkU2N5WFVBCnJSdUUvcVpQcjJwaUZNekpJSnZO\nSmpJTGNBbnVoR0M1NmlTSVg3V1VQS0EKLS0tIDYwN3d2OG9Bb2kwamdwemoxeW9r\nZmF4RWZQWG5RZ2lhcXdaa2NiSkIxZjAKryhEH1etbzQy10zWdOk464FaPY4NQ0ch\n91U+ePDnzOVWBPRjvgDwJZjXmaygv+xabSrWBFqMmPTR7Ha6JeGIIw==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1swlyyk2rzvevqawyeekv75nx2dz34zpe3xqhkqme26gcgeavy4dqrfpcd8", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1NTkydDRWZUVUNnZGOW9G\nTy8zeEpvS1BIMWdlSnpXajNxM3Zzc1QzaVRnCkRLK004WWpmdWlhSjA0c3lXeGlj\nTFJPdHZsV1pScEJRU1dKeUtqSGk5VWMKLS0tIC9uVTFxKzhEMlNZdGFuVFA2SmdM\nOTQ3TC9HajFIUkJtclEzcnNja1drU2cKz6jX6+T1tQoqA4H61lN3irLxbB9BdZrP\n7zYimwtQesSLTGTpRQTFmzDAXZ4fIeXvj84p4zhWqOjUPp154ezQ/g==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1vphy2sr6uw4ptsua3gh9khrm2cqyt65t46tusmt44z98qa7q6ymq6prrdl", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBEOGNPbWdTUWdtT3M2Q1hI\nYmhyTVI0ekRTVmlrSnpWQWVvQldCQmg3aVRRCkEyMVIvS0piMUs2RkdWY0tmQjNy\nMVBGODJoYnJPMVFKK1FESDVZaXk1dkkKLS0tIFZTZitOTHZKSXFxajBMMDNSU1E2\nUThvSUY3MUJFQWF3WTZHRWFwaVJ1UG8KxyNqrSb79ou4kCz2ItVU3ysu0BabwYRG\nzaqr9QoUegry2ivKda8981+HjM73SmsxfqzS0oFk0VSIUO+//rAmkw==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2026-03-24T10:47:08Z", + "mac": "ENC[AES256_GCM,data:w39v4qp9Mryo7hC1X8EQlkkZqC03LxxAxMM5E0lKvL6/8zdCpU7pYrWpTUF+G3c/EVRpF+pJSQ87Gelsow0LGT8szmZNoKSVKhuze/R1yiu6XqLt0u89r1krcLMzDJDgpvDzZOSnNezk5irLZ3BpyVpmI3Sa53/OLiMndFyxhYs=,iv:azpYsFceHU57Grp/kJcY80Px0ZH58ppgVoNgcRigE8I=,tag:Jw+axjsJidk93ziB/zLQsQ==,type:str]", + "version": "3.12.1" + } +} diff --git a/vars/per-machine/hadar/inventree/admin-password/users/kurogeek b/vars/per-machine/hadar/inventree/admin-password/users/kurogeek new file mode 120000 index 0000000..970aefa --- /dev/null +++ b/vars/per-machine/hadar/inventree/admin-password/users/kurogeek @@ -0,0 +1 @@ +../../../../../../sops/users/kurogeek \ No newline at end of file diff --git a/vars/per-machine/hadar/inventree/oidc-key/groups/admins b/vars/per-machine/hadar/inventree/oidc-key/groups/admins new file mode 120000 index 0000000..6765aa1 --- /dev/null +++ b/vars/per-machine/hadar/inventree/oidc-key/groups/admins @@ -0,0 +1 @@ +../../../../../../sops/groups/admins \ No newline at end of file diff --git a/vars/per-machine/hadar/inventree/oidc-key/machines/hadar b/vars/per-machine/hadar/inventree/oidc-key/machines/hadar new file mode 120000 index 0000000..f12fe93 --- /dev/null +++ b/vars/per-machine/hadar/inventree/oidc-key/machines/hadar @@ -0,0 +1 @@ +../../../../../../sops/machines/hadar \ No newline at end of file diff --git a/vars/per-machine/hadar/inventree/oidc-key/secret b/vars/per-machine/hadar/inventree/oidc-key/secret new file mode 100644 index 0000000..9443cde --- /dev/null +++ b/vars/per-machine/hadar/inventree/oidc-key/secret @@ -0,0 +1,50 @@ +{ + "data": "ENC[AES256_GCM,data:1Jvb8oPPrhrMiKQsVRUhonqOxDRrNGY/CTmWp1E4g5Bo,iv:LWfbsBsVqlC/44+hqQrGpYkG+y9yPLJghfrcoNHMX30=,tag:eRbZOIJ72JB4WEcvgjmYQA==,type:str]", + "sops": { + "age": [ + { + "recipient": "age134vt63pjqpd0m7702fyn8vhdlzyj2deqc2q78sp9uw9052kxsgwq6d25ez", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzRFZ3aGxsVlc2ZXIyNk50\ndUM5cGpXY0pDWjQ2KzAzR3NHOWRVU1BKbEMwCmV5NXN6c1B5YXRuNjZpZWl6VzIv\nUEZWMCtFSkNpUE1FSUh1cGxUTHdGaGMKLS0tIG1SMUNMcUF0V3V2Qm05N25tVysw\nWWpKZ1ZUU2JXM0FESnJORnUvYURhUW8K9zWZcMecsqip24YpugHMeyu15Bk8yfRq\njmUcqqDUjDiOgT30ijskhO5QaMmsw2Zxdk7EYyzd+kPpbsc2C7NumA==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age17d4qt0n9edq57tgcqyk8eu5mrendl59yt6z2y3a4vkq7el8krqtq6lq28g", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1U3FtQWllZnFZNU5xYmNj\nMWJJbUU0b3FqcXkydUVwTlZXb3UxdElldFgwClpEUkR2Q1pDN3lkM0NGRkZySkhl\nT2JmOThvRUt5eHg5d3Q5bDJ1ZkNCY0EKLS0tIEFTN0wwSVJQWXZZTDgwVTIya3hm\ndjJISXBOSnVMTXhWNDVMOUtmN0xCWHMKDV0Uw8PBA+76h69rQ3CdUrY9K3tlasIO\nhb+qZrzwHSvF9JYhBjLWaFEdpwl1uwU4Cs/zOBcrt3sbzdo/06Sivw==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fido2-hmac1qqpf43tgcfjm048lsqskvq34w2t4uvrm5qy6m2eg6zjj82ctca8wctgpczxvj0q4y6337uhvsxdh5j86k9h9ymautpvv2759ucwnef75ez7pa7fpkddklp40mxk2tedsp74359g0kefn5rsq0x0yss6cu4yd0h06up0rp08t6yc4l0hfa9y8jn5fkx6nk0hjhz06ykwv0fyxe7z42q683jy0", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIFRoL2doWGdZ\nYnB4Yk9NWXVHU3p1QzhRNVBIT2k4NnRuZmhIMkNiT1dCRjggQVEgd0l6SlBCVW1v\neDl5N0lHYmVrajZzVzVTYjd4WVdNVjZoZVlkUEtmVXlMdyBIdmtoczF0dmhxL1py\nS1hsc0ErckdoVVB0bE02RGdCNW5raERXT1ZJMTkzNjRGNHd2T3ZSTVYrKzZlbEll\nVTZKc2JVN1B2SzRuNkpaekhwSWJQaFZVQQo1NS96SWx1NUIyNHFjWTN3U3RMRVFU\nYlo4VThwc3ArVVBwenc1OGtUNFJRCi0tLSBUc0owUE1sOGN2cmZmcnJ2L1o5ZWVB\nR1FYbXIwaVg5bnFhK3BmQ0VQY0NJCrNkPndWgfc1RfwXl4GPmb9xIy8olENPw3x4\nWOqcqjVdDq4SMSVhYYtLX9rS6OmUD7Z4mJlqhvuTk2flDwScuKk=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fido2-hmac1qqprw0vfpc8wzsu78quc777kmee54ln6nnsjrnrhl7nr33eh4kvkksqp05qqxj4kgfzrmrugrsvg7skx6ghh3q9xc0x0agthtkvy25d9eq7eklta5wf7s30hexkuyl5546rdz9ffa5tawlp5yweqkgccntw0ny540n2am3cqw3luhxkfmrp63kwr6mwplhr9u26wll48x0n3k5f60c7hg9a3", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIFh4OFJwckgw\nRlZNVUc1TTNVbis5WSthYmtUVWE0S3lBL2ZQOUljOE9ibTggQVEgZlFBRFNyWkNS\nRDJQaUJ3WWowTEcwaTk0Z0tiRHpQNmhkMTJZUlZHbHlEMCBtMzE5bzVQb1JmZkpy\nY0orbEs2RzBSVXA3UmZYZkRRanNnc2pHSnJjK1pLVmZOWGR4d0IwZjh1YXlkakRx\nTm5EMXR3ZjNHWGl0Ty8rcHpQbkcxRTZmZwo3eTZaUmlvdDdEWVJpZUo3T0Q2d0lM\naStabXFtbDR4L05IQTNITkhyeWNVCi0tLSBjTXY3V1NsVFlPRTEvTHZ5cnBMQUgw\nWUVLQkM0SFFwRnh1YW4yeE9RSG1zChmd/IX3qKLh8RFU3DW5ZkpLGKEej1dJ4um7\nUF4N9w+p3oVnORmXJapzH4Bp+X0cgeQu/W/W5SPrLmyhC8thOmw=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fido2-hmac1qqpyewum3q8dfcumfgec8nn958aec9f4q9aqy0k06kw5kq27d6fdqdgp0p7y4ru3n5xk90u747xevxa2af3v37e85j9g3axrmw5hdwdfh0wz22hut5vrafxsx26a7vh8fjwkymz3ramfgvvu4detztu075kmpr8l9ydqda0rnjwatdwmfgswg849p37astvld98s3nleeq575azlwc2hhpuh", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIE1obXBaWXQv\nTXlrMzZHSTdpL25PQ1ErQW5mL0hUOWlYMjdmZCtxckpaWGcgQVEgZUh4S2o1R2RE\nV0svbnErTmxodXE2bUxJK3lla2lvajB3OXVwZHJtcHU5dyBKU3I4WFJnK3BOQXl0\nZDh5NTB5ZFlteFJIM2FVTVp5cmNyRXZqL1V0c0l6L0tSb0c5ZU9jbmRXMTIwb2c1\nQjZsREgzWUxaOXBUd2pQK2NncDZuUmZkZwpFT1pBZUppNFJLR1p2TlB4LzF6Wll6\nYmtXU0o5VmZjV3AzNVRNeVBGRmg0Ci0tLSBpeUM2T3QzZ1F2VjdtVm9pa1RHRUth\nY0dkaFFoTVRMTzl2QzFuaUxNSjJVCqd+dRNLEku/xJX3oeycQslw+nL9hsQAvcoH\nSJJmbfZwJzMrGbEgZxbd98c/ZATnnngbBmBQOBwYQxdtTmxb9bU=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1hlzrpqqgndcthq5m5yj9egfgyet2fzrxwa6ynjzwx2r22uy6m3hqr3rd06", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxUTRHWkVHMlhZcll3S2lo\nT0hBdzAybWJqWXJmK0xPcUUreUxWakloNWxRCksxcXRvRVpGd2UyU01Cd05sQ1dx\nZUhnc0E5ZVIxdVA5RnozY0JmL0dDeU0KLS0tIDRNNnlER1VxSXUvbWhyanZtcmJy\nOW1Md3RVRnkrNjQrTWoreFlEelhDckUK9xCBmTiHJK4IKrCVozMbtUBbbieFpf+L\nRRMrpi2Tb6B//LNbVJHWb30CN2ZmFgkK+kgAeYOJOHfpk+ni1duTvw==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1qdxqyqqs34cksjkzeww2c942w8xgm9x6d4zct4glwqg90ghve9qq6d944c", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBZbmpOaFFDV3BJelVPSnJW\nVkxQSjNQeDRZZTNxSzBQZHBrdVI1VStFNVcwCkZGL1EwdW0vVWZZSm1qRUFLbDhm\nMUNZeWNQYTg3V2RKdDJqamZUUURZNjQKLS0tIDlaOWoxRVliaDZ0cXpjTGpEdTRS\nUVNCcHZxdTMyT0M1dlIzbU40RlVtL0UKoLYfdLElYH6p2mJOZANaJNcMUD3okk4R\nhmFuo9O2XF6Ey4GNKG2wnh66S17Bz+z5bpQ/OBO7cSLXWVJO+bS8qw==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1sg0rvgyetdcqw7j2x983fh69kdkvqsngpe5x36e5920qa7fze3cqhj4wgx", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBjM0U1NHJiNjR6N3BzNzhH\nNXRkYlVpeE5ocGpLVDBmTkhyOTV2S0Q2Nm5zCmNHWDAwYnZpKzVWTkR5aWFtanBB\ndEkxSnRsYXJOSi8xN2Y4Z2M1WC9Xc0kKLS0tIGdQaWRJNTBOZjJuQ0loQ3NvZ1dr\nRHZES2d1RTg2SWVKN1Y5QUZUOE00dEEKDjbPVPgtbQ3LT6f6Ha+RihOxNxyWKIDi\nvp92n1cIKG6R36HEWnlU6R21aMi7NKle+Elv3Hgv+Y/y7VwxU/K2ww==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1swlyyk2rzvevqawyeekv75nx2dz34zpe3xqhkqme26gcgeavy4dqrfpcd8", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBsZnZuRmhYOSs1c3ZiOTFF\nbnhIWXZLc0lPYUdkeTdoRTRXazhnNzZZYVhBClZWT2kweDBvOTF5UFRLQ2pNc3FZ\nSXdxTGNMZHlROHcrL0pPSGlyQWhYZUEKLS0tIHlFLzIvZW9JSlE0NytIUlJpSStL\nWEc3WU9qLy9lM2wyK28zVkE0eEVLbGsKJ1yrq2kTY/ZDuPxlt2LQwFUdvL4Amhy0\n8BtsDvBRVhx+xDGz0utQcsbXp3Enuum3KLjujAilNQHaeS7URy5KkQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1vphy2sr6uw4ptsua3gh9khrm2cqyt65t46tusmt44z98qa7q6ymq6prrdl", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHaTFDdFFHS1FUSE5ieEtl\nYVAyS3Z3amhNSGh6YUxlbCtFWitwMDluaTFvCk44NS9iWnZjZGtYQTZPamZZVWE5\nZDAybERyVnY5UnFFaDJTV3NTSzVCOUUKLS0tIGZEdDRGYjFiRlFnR2ZuVGFEZWFk\naFZQQzc5dElOOHRkSG14Zy85K3AycTgKL+5KlyJ5r5AoFosKokzYS/vGgjM1qB+a\nS9jKG/luD4sTfwkt+cpUzIqPP33zkkp9Vu83Y40G++ZtQ0e8FHBvEA==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2026-03-24T10:47:09Z", + "mac": "ENC[AES256_GCM,data:9gC3wKt1qXQZgwXbhxhYtJFs1WRgyce90lrt7yijQAyYpDO+1WwnmsOX380B9Qy6dD3Zj0rhTnsxlqr0Th55zFgF7MGwHm8traLKCN58En3+1aujObR535+Vvr5GteF4Jxn9tm9K8CkWkSP0V4UHlXFdhlSJBZ92qZJeaxU19FE=,iv:SUutg/1lcY9qVl2j2+VBcyiIXN3BUg/gH0ozSb0Llzk=,tag:sf7pgG66tATYyYdY4I7X5g==,type:str]", + "version": "3.12.1" + } +} diff --git a/vars/per-machine/hadar/inventree/oidc-key/users/kurogeek b/vars/per-machine/hadar/inventree/oidc-key/users/kurogeek new file mode 120000 index 0000000..970aefa --- /dev/null +++ b/vars/per-machine/hadar/inventree/oidc-key/users/kurogeek @@ -0,0 +1 @@ +../../../../../../sops/users/kurogeek \ No newline at end of file diff --git a/vars/per-machine/hadar/inventree/secret-key/groups/admins b/vars/per-machine/hadar/inventree/secret-key/groups/admins new file mode 120000 index 0000000..6765aa1 --- /dev/null +++ b/vars/per-machine/hadar/inventree/secret-key/groups/admins @@ -0,0 +1 @@ +../../../../../../sops/groups/admins \ No newline at end of file diff --git a/vars/per-machine/hadar/inventree/secret-key/machines/hadar b/vars/per-machine/hadar/inventree/secret-key/machines/hadar new file mode 120000 index 0000000..f12fe93 --- /dev/null +++ b/vars/per-machine/hadar/inventree/secret-key/machines/hadar @@ -0,0 +1 @@ +../../../../../../sops/machines/hadar \ No newline at end of file diff --git a/vars/per-machine/hadar/inventree/secret-key/secret b/vars/per-machine/hadar/inventree/secret-key/secret new file mode 100644 index 0000000..de7c3ad --- /dev/null +++ b/vars/per-machine/hadar/inventree/secret-key/secret @@ -0,0 +1,50 @@ +{ + "data": "ENC[AES256_GCM,data:kn2NBC4OVhde20g4XUaRYJdePASQY0bsaC+raNSGB8vw,iv:fbatndXmlp91sS0pT9pnOF61/Pqiu0M6vij/w0Lt7YM=,tag:cL4+LKmoqliT2o0p9qwQig==,type:str]", + "sops": { + "age": [ + { + "recipient": "age134vt63pjqpd0m7702fyn8vhdlzyj2deqc2q78sp9uw9052kxsgwq6d25ez", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXVndmaXdwcHlvbGZBaW15\nMlU5czlMdDZkLzd4bmVEVUcxTmtTclZBNTE4CjVFTDRLQ2FReDJYVWt2QUpUV0Ey\ndjdYWlZsMmFvM0wxZEdvdXdwNDFWM2cKLS0tIFE3Y2Z6R05YU2liSUFwT1Ard0NL\namFRTU1xMGZYQzA2UlhXc0FEUmxnek0K5lXocDLId2jipJxQGbjLVfRomceD4c3N\n4/RVU7nOV47q0XDteTtWUk1BV9wkh+p3R5ssUBjRdg8Wxv0swDN5aA==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age17d4qt0n9edq57tgcqyk8eu5mrendl59yt6z2y3a4vkq7el8krqtq6lq28g", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4VkdWeXdQU0lPTGN2NDV3\nN1RpV2QxUTJvcHVHbm9hb2pBck5MRGVIMmdBCmkzOVhpYllKQktQT3J6MGNKdFFp\nUXJiUCtMTS9LY0N5Nk1ZcExXbWkvd3cKLS0tIHR2QWpWMkZTeTNXVGNiRlFGTVQy\nR1NvNDdBYW15OXQ3ZmhESmpjNEVPYzQK15gjaGOZALn5swWvFNbw575xnGCv9ECR\ndeJKycZ8MFkZXp/diyc5hCPDbQ6kE/ckicRy4HXLrD2T07l/yubmTw==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fido2-hmac1qqpf43tgcfjm048lsqskvq34w2t4uvrm5qy6m2eg6zjj82ctca8wctgpczxvj0q4y6337uhvsxdh5j86k9h9ymautpvv2759ucwnef75ez7pa7fpkddklp40mxk2tedsp74359g0kefn5rsq0x0yss6cu4yd0h06up0rp08t6yc4l0hfa9y8jn5fkx6nk0hjhz06ykwv0fyxe7z42q683jy0", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJICtCQVNQa3Za\nRklyS1YzdktVSms0ZnFIZk5udW9KVnFjZmF5TDk4dmRJZzggQVEgd0l6SlBCVW1v\neDl5N0lHYmVrajZzVzVTYjd4WVdNVjZoZVlkUEtmVXlMdyBIdmtoczF0dmhxL1py\nS1hsc0ErckdoVVB0bE02RGdCNW5raERXT1ZJMTkzNjRGNHd2T3ZSTVYrKzZlbEll\nVTZKc2JVN1B2SzRuNkpaekhwSWJQaFZVQQp6TnZuR3QySUh0ejVWZ3M5S1dkL25r\nVUc3dEE1VW5BVEM0V1h5Ymt0bHBBCi0tLSB3S2t6QVlRMFZuY3Y2RnVPUVF1V29q\nQUtrc2RsaEVzZHlFVGUyc3dkZlVJCncRs254GYQY+K6xpBaiazMTDViAKxzmY8Rk\n/gATgFdRsHbfFSSDEoOidNf2khrgjZCwWGjJYv4/5zEtZiSl+Pc=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fido2-hmac1qqprw0vfpc8wzsu78quc777kmee54ln6nnsjrnrhl7nr33eh4kvkksqp05qqxj4kgfzrmrugrsvg7skx6ghh3q9xc0x0agthtkvy25d9eq7eklta5wf7s30hexkuyl5546rdz9ffa5tawlp5yweqkgccntw0ny540n2am3cqw3luhxkfmrp63kwr6mwplhr9u26wll48x0n3k5f60c7hg9a3", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIC94VzBsZ0pt\nMldtWWhoMENYUjkrUnl1UlhoZEJrSWhsUDJwQjk4bGlHbTggQVEgZlFBRFNyWkNS\nRDJQaUJ3WWowTEcwaTk0Z0tiRHpQNmhkMTJZUlZHbHlEMCBtMzE5bzVQb1JmZkpy\nY0orbEs2RzBSVXA3UmZYZkRRanNnc2pHSnJjK1pLVmZOWGR4d0IwZjh1YXlkakRx\nTm5EMXR3ZjNHWGl0Ty8rcHpQbkcxRTZmZwp3L2pIWmd5WTFtTmJKajhzWlkxL2M3\nbkZ5NE45TWpsOWRMMlA4dTR2NHcwCi0tLSBWS3Nvdm12dS9McUpzeXluQ1NaS1py\nT1dHQkV1MC9GTFVJa1N6Y3JuV09zCtoW4K9xU5emQ8y5hO6w2Lh6GA8hh2/etEHR\nYqFJqwngoi6nndrxFW59kcOSaDZPIxSYzmU0uMAwA6gO0arya50=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fido2-hmac1qqpyewum3q8dfcumfgec8nn958aec9f4q9aqy0k06kw5kq27d6fdqdgp0p7y4ru3n5xk90u747xevxa2af3v37e85j9g3axrmw5hdwdfh0wz22hut5vrafxsx26a7vh8fjwkymz3ramfgvvu4detztu075kmpr8l9ydqda0rnjwatdwmfgswg849p37astvld98s3nleeq575azlwc2hhpuh", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIEpJeUpHWnly\nSlE0Q2QvMXFneG51K3JiT0F4c0NmR05TSzVSZUQ0MnAxaGsgQVEgZUh4S2o1R2RE\nV0svbnErTmxodXE2bUxJK3lla2lvajB3OXVwZHJtcHU5dyBKU3I4WFJnK3BOQXl0\nZDh5NTB5ZFlteFJIM2FVTVp5cmNyRXZqL1V0c0l6L0tSb0c5ZU9jbmRXMTIwb2c1\nQjZsREgzWUxaOXBUd2pQK2NncDZuUmZkZwoyWjhWSTRSUlpxdUpWTmdYbVlScGJh\nbnlVUU1PYUlhMlcwa1lmZjBmOEU0Ci0tLSBaajVVNERtQkhJZ3JqRmtWL3podnVI\nZXY1eWhPSVRpYW5VMGY5OEh0cEswCgpgPxgEp4ZqvvCEmTGRIBtwejP17c5gMYtu\nyFD5EJjsJM1rDb8GON6WUoY7N1LQDFFbxKuPjWsJANljOAgYpr0=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1hlzrpqqgndcthq5m5yj9egfgyet2fzrxwa6ynjzwx2r22uy6m3hqr3rd06", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBCYUlvUW5GbjVLMHNFVEJv\nd25nRGpJdW1DL3g4aE40bHNSSDY4dVM5SjJFClRNbTljTmdkUVkrcmpKU2hROVdY\nK01UeUlFaE45OEpCaEw3bGpkVGdjOHMKLS0tIHMzd2YrOWlkbTZLcENtblYxa3Jk\nSG53MGdQTlZ1MC9wclh0aUI2b2lUcTgKNjhLmQVauTasMsKCawY8B3SLqPU+TaQq\nF+UzyHeuow5a21mo8KZVq4Dh/OST/F5WKs59+D50rPd3KTCj8AlA/g==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1qdxqyqqs34cksjkzeww2c942w8xgm9x6d4zct4glwqg90ghve9qq6d944c", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYRC9EdUJPRWRRN2lubUp2\nS0hTaUdYQzZpVlZoRFhKY3VyMnYyTzE5ejJzCllBclhrNVlwc3ZGTEUwYlVGcFdS\nTDAzVTlxOStnMENCdTVxdDB3cVl0Z1kKLS0tIG5YRnhRaU54MjNkd1RiTEhNVzZI\nK1BMclpsVWtzdDdwVWVKaWxGQytUNk0KaF+GOGJt0ZVeOCGfvnhldQyMzDyZxjga\nq2MmVzN3+YL5RXbErbI/O7naHzgDfVyQj5kV1pG6RmXAFK5tciT2NQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1sg0rvgyetdcqw7j2x983fh69kdkvqsngpe5x36e5920qa7fze3cqhj4wgx", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWTmI4QjlnOGNtUDA0eHo0\nN0RjcnJVSnkyQW1nVVgzOXhDZit1SUVJWGg4Ckx4TG43dUpBRktwRysySFcwNytM\nL3RuMmx3NCtXOUo2QzB5S09meXo5TVUKLS0tIGNhRkhJRFlQZUlZNURQZlQrY01I\nRDJCbkh4YUZoMm9PYmVLL21VMlp2WWcKHJAPVLByXT5OXeEOOAnFZ+DFhUi6bZ8v\nuLrY8HenzfFA/+fyP66TZDVZhtnoGS9ZH+PhqBkIjqdZGHHgXWKTDg==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1swlyyk2rzvevqawyeekv75nx2dz34zpe3xqhkqme26gcgeavy4dqrfpcd8", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJZW1XakRhYkJjNUNVSk9u\ndlRNRDF3UjNvZXhPYzFSYU5MK3RjWFFxNTBzCnhzVlpaaWNXSUlaVzcwdGxlSU5U\nMndmeC9pQ1FKcHIrREgzenBWMDMvcHMKLS0tIHhjNjd0MTl5UkVtc0c1UzFhZEtP\neU4vVFRpekcxZWlnM3NhOVU4RU4vUXcKZRH4SShIrYbBG+KEYAATwxs0qUd3/p3d\nHvqApXulspsp7pYLMgAQnt7TqgOUzWoEw4aR0f2sqFNae3k+fYQVNQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1vphy2sr6uw4ptsua3gh9khrm2cqyt65t46tusmt44z98qa7q6ymq6prrdl", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3bEZCVnhlb2pMU1phSnR5\nSHJLd2psTEJUU1hjK3BPUGZWN0JCdVhlRWpFCjJXTHVzS3haV0I5R3dyOFVLSjRt\nOHJpMittOEs4VHRlT1VBMjlNYm91N00KLS0tIDNyVklna0s0NGxkWnI3SWkybEJT\nNkoxUmwyRTR3T21WYmI4WWJIQlNmNnMKY+UD9KzhzPSOgxSFTO8KgwbGXSCmoUE6\nQOthaN4xCjYDXU1qIZvv8JfSXJF7/1bqiC7Dmd0UwvsPDMQUI+P/1w==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2026-03-24T10:47:10Z", + "mac": "ENC[AES256_GCM,data:GpgeywCg1WrHbfBu0cWlnZZo20g5yIgpitxsjBk9Atzhpz4+z9O6GfoN2cPXvs1yRL++wZ/oEiv21hK8LDYGwJBD+TKQHt2a5RFcQ54pKWhljcYcOf6tx5gvGaXDcZRkgE6kxgyYqzf+j7OdSQhy+qQpZDgBIugQVraapIuDZS0=,iv:JDeT88GDqisE1L0ezrRjE/Ax7l4t4MXzb0wGhleuux0=,tag:lnkvIQcmufIWzuKq71AT6g==,type:str]", + "version": "3.12.1" + } +} diff --git a/vars/per-machine/hadar/inventree/secret-key/users/kurogeek b/vars/per-machine/hadar/inventree/secret-key/users/kurogeek new file mode 120000 index 0000000..970aefa --- /dev/null +++ b/vars/per-machine/hadar/inventree/secret-key/users/kurogeek @@ -0,0 +1 @@ +../../../../../../sops/users/kurogeek \ No newline at end of file diff --git a/vars/per-machine/hadar/nginx/sslCert/groups/admins b/vars/per-machine/hadar/nginx/sslCert/groups/admins new file mode 120000 index 0000000..6765aa1 --- /dev/null +++ b/vars/per-machine/hadar/nginx/sslCert/groups/admins @@ -0,0 +1 @@ +../../../../../../sops/groups/admins \ No newline at end of file diff --git a/vars/per-machine/hadar/nginx/sslCert/machines/hadar b/vars/per-machine/hadar/nginx/sslCert/machines/hadar new file mode 120000 index 0000000..f12fe93 --- /dev/null +++ b/vars/per-machine/hadar/nginx/sslCert/machines/hadar @@ -0,0 +1 @@ +../../../../../../sops/machines/hadar \ No newline at end of file diff --git a/vars/per-machine/hadar/nginx/sslCert/secret b/vars/per-machine/hadar/nginx/sslCert/secret new file mode 100644 index 0000000..4424cb4 --- /dev/null +++ b/vars/per-machine/hadar/nginx/sslCert/secret @@ -0,0 +1,50 @@ +{ + "data": "ENC[AES256_GCM,data:MUycXn9vlm4AemXKunC/W+Lp9X7KmT88LaSfuTZ8WPs+HGRmBKOo4L+ar4GF6uM3y3okLmObTIOCW5Ygc7RnmnDj8j4bhsgWJVOMOkKA9xDtdCswps1dAa67RiXtXveJLKi837hJghEAMCMf3KcnzWYdLWxUzMzz17cLs2pErAhCdmMBi7F5udHONQFftUslAsbT/nsYQeQvrdvdtXBPQ1xqLLybVEDKelMg2o2vagMI9IlVdLm1E5GN4wycCTgylr0Fa8Ka3M4zYqdWpAQvTRnl8GyMRxHVlbmtV6BsuU0rUPwGHGxBoFLIZ+PXG8dg3hoqBEG27bEy/2qE8gh/97EaA+qFhIO1lZBuokGwipqhwJWNG959ayYnBGCfv1t17LbH0EnpPXKYIyk+RQ1TP4PnU84xH+8Z8t7x/xMML1AFZyuiDeA5v5bih4qFxPEEQv2SuUxd9K28ph5AFAUbFMtBgsWE1S9FKyolSp2Y3wiNqP2iIzgyMAfkc8YF1QPVzzwFpBnM87rsmznqAYmL9VQT3mt/tc3nWwi4VXwUT0RzdV1Ad266+b8PNiHGf3N9i77hrt//ksGgvMJ29zlsu+IJzqBJRdVcQo/K+smgIeOONPX/7GVngR46gwzmatYw6ABs4moHzqJT+dp4Atlyt5m4pbxMDvBcEgWmu/X4NjozO/e1OTbM7PmqZNKEhMSDYIy8IkW58o3LYHJULgsouGzY3DVCjJLjpaxe7Gis7QzIT/0bQnfS2eHdk8fNqcEYaUWQSXpAcwL9sGku7DUyx8Sj+T6lh5uHGF8JZt7Uzx6omehAOHhr1QRgt1gQBFYZ4axEyFmXXMO/IZfPn1515iHlHalU3JViXRN4QUUBGcYdpX9hDg+PjgCmWcSddNrEmswPPgHkVfFFxe+619GJgom4eRaHactmbtlwcO31EY105IL0wKQfyMoof1qJLDa0tjACrliqq14Aw812gs4gp4fkonQf2VUf1zrx9nujj0bLYeIG/8lUK4VM1wlq2YWzUbWZUL/Zz+jr+ZURYp/NAd7TfyFHP6bZ37xgLOjCUSvwn9emfxy+C57MjPZ4NQL6a+/pRdEcytyB9CWWqc+UX9GqxesHX9L+aXU/wEgcvUyX5jVmRlbco4Be6TYOtoAr4FWp5EeE7H9XBxl/3FZT41d7qJKRBjUQlz/y5OaSy4p0M6mZXEl3CdVQ/68fMdSHRuOHYxrutJJ9aaI0ehtJXYG2FYxtew9aZ8B39k4pZychnc0IFLN/cbUrRN5J/3nHEyUsLgg8llorqSYvg8UiQ3229cYCj8zTbqJx/modHyZ6dNgUm/kV4/HYbJnwZEfyb4sWRWy7ehpv5f3sF6rAZZOfgGRuMiCQs6SwsSjlsnC2eIxW8/Wn4nJ4GHEEm6IUyWVNAWH9nHLOdlbQ1NNQYYI6QpUL8YOnpZVv+IgSuVUDNJ0j0FHQ1d299wajObQ6tWZoGJ5y1wOjEcs=,iv:XgcTGFZH84PDazo/TC+3GaNlXC27AKkQOrG3xhNvOS4=,tag:b50a/TVIDi3ZEyw22zkTIA==,type:str]", + "sops": { + "age": [ + { + "recipient": "age134vt63pjqpd0m7702fyn8vhdlzyj2deqc2q78sp9uw9052kxsgwq6d25ez", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhRjJSUmJzdEl2WFZVelRz\ndkkvTWt2NjRlVWxpRzdMYXRvU1ljY3M3cno0Cm5iK3cyZGVxUERwcE12S1VIcDc0\nUmlNR2UzNTFlMHZZc1plYVJGaXNBVDgKLS0tICtFV05zbFRUZnRIZjdMVGVIQUtU\nZUFMOWxRd3VyR1dOM3VsSVRwUUxFNVUKx6RZ1bFotbfMPN3ekyQwxNZAo6RDxczH\nEuvSNDNUXsZMCYrclsw2iyYApbjvHrSyXhq+EiDE1DvG+IlFoWop0g==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age17d4qt0n9edq57tgcqyk8eu5mrendl59yt6z2y3a4vkq7el8krqtq6lq28g", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4ZS9NcHBmS2kvVTNuOTZT\ncEFHK1pNSjlCcUEwLzRiY1liYWNBVWUwbkdRCmNrWk1DK09pMXMwekZZYVJ5ZDM0\ncWR3akVWSGVYV09KUXQxYWFCZUV0R2cKLS0tIGN3YVQzdmdPSEdyeE8xUmNmNWhV\nQzBOZjZvTDNTMWltV2doQS9aTWwwWWMKf3CBtfQPK/XsmpX/5Nmra9JaOCaL4yQ8\nBdg5pWgi0BzADlJRUMsebrsA1xUaQa9P674V2d7IMnbDCxQg+fwCVg==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fido2-hmac1qqpf43tgcfjm048lsqskvq34w2t4uvrm5qy6m2eg6zjj82ctca8wctgpczxvj0q4y6337uhvsxdh5j86k9h9ymautpvv2759ucwnef75ez7pa7fpkddklp40mxk2tedsp74359g0kefn5rsq0x0yss6cu4yd0h06up0rp08t6yc4l0hfa9y8jn5fkx6nk0hjhz06ykwv0fyxe7z42q683jy0", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIFBMOVJmVGt0\nL2tzMWFiZVhublBNM0JXYVRkR1FONEZmYWtRNTNWU24xVjQgQVEgd0l6SlBCVW1v\neDl5N0lHYmVrajZzVzVTYjd4WVdNVjZoZVlkUEtmVXlMdyBIdmtoczF0dmhxL1py\nS1hsc0ErckdoVVB0bE02RGdCNW5raERXT1ZJMTkzNjRGNHd2T3ZSTVYrKzZlbEll\nVTZKc2JVN1B2SzRuNkpaekhwSWJQaFZVQQo0ZFZ3L09jWnhuVVBpTEI2OS81b1FW\nTUhpZ2tVdWhJMUN1bmc2amlvZkhzCi0tLSA1cURodWNaUDhuTGt6S21WMzVCYUlE\nVnNPM1o5dW12Rld5K1hqQ1NWRFZRCkcZUlZy8hPPrAg/PPPSbL9mTMl4AHNBamu6\niZbnHowxcKT/rU1RQXin8w7wV2E87GdHCN8s3eUS2F26Ie5PXtM=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fido2-hmac1qqprw0vfpc8wzsu78quc777kmee54ln6nnsjrnrhl7nr33eh4kvkksqp05qqxj4kgfzrmrugrsvg7skx6ghh3q9xc0x0agthtkvy25d9eq7eklta5wf7s30hexkuyl5546rdz9ffa5tawlp5yweqkgccntw0ny540n2am3cqw3luhxkfmrp63kwr6mwplhr9u26wll48x0n3k5f60c7hg9a3", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIEVnMXJQS3VQ\nbVYxcC9zV25TaTQyYm9CYnV5T0lWb0FYSW5uazVwY0laRmMgQVEgZlFBRFNyWkNS\nRDJQaUJ3WWowTEcwaTk0Z0tiRHpQNmhkMTJZUlZHbHlEMCBtMzE5bzVQb1JmZkpy\nY0orbEs2RzBSVXA3UmZYZkRRanNnc2pHSnJjK1pLVmZOWGR4d0IwZjh1YXlkakRx\nTm5EMXR3ZjNHWGl0Ty8rcHpQbkcxRTZmZwpEZllZU3F1d2o2c3EzZzdGekhxdGly\nbzd0dnRDVGthWlRBTjhmUm5vNkw0Ci0tLSBZanRic0Vrb0tUU2dVZnZyanVtbWNz\nQ2NORXlrUkNGTHVMemxBZGh3RkVjChl+nZRbUjGuJGBH9Z58uHUOQNA00XJZ0+Pl\nJIDI3GEzIT2zF1/8vN1thFwTD4ThKmqSP5ltI2ydixE/DR0b+5o=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fido2-hmac1qqpyewum3q8dfcumfgec8nn958aec9f4q9aqy0k06kw5kq27d6fdqdgp0p7y4ru3n5xk90u747xevxa2af3v37e85j9g3axrmw5hdwdfh0wz22hut5vrafxsx26a7vh8fjwkymz3ramfgvvu4detztu075kmpr8l9ydqda0rnjwatdwmfgswg849p37astvld98s3nleeq575azlwc2hhpuh", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIGxXUFlVMlVO\nc0o5ZUpOYzh0Ulh6a0c2MmlOZ01maXFGSFpvSTVTazA2R1kgQVEgZUh4S2o1R2RE\nV0svbnErTmxodXE2bUxJK3lla2lvajB3OXVwZHJtcHU5dyBKU3I4WFJnK3BOQXl0\nZDh5NTB5ZFlteFJIM2FVTVp5cmNyRXZqL1V0c0l6L0tSb0c5ZU9jbmRXMTIwb2c1\nQjZsREgzWUxaOXBUd2pQK2NncDZuUmZkZwowN2tsbjl2Z2NEbk11dGpXYlRMODF3\nVHZ6SVN4bEViQ1FPbWxKUmFEbFNrCi0tLSBjWldyT3RBdWFXYmtXTGpQeEtpbFNW\nTTd4dGdQUjZQbTNVM1FSalZNbUtZClcodj0Q3gQADi2UrNOjrrjDt/6v1TotixQ4\nYAQatVpEVWQ6xQs+RFzqA78DOCi//Zz00oPQoeqqWRVbkZXbCw4=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1hlzrpqqgndcthq5m5yj9egfgyet2fzrxwa6ynjzwx2r22uy6m3hqr3rd06", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVMW5ZaUlpQXZSYThCM09T\nVFIrZ1huNTkrUXRJZ09URnp5QUdIejJiVEM4CitOTmxySTB0Vnp5L1pIcjg0RFdk\nZlloZUdGd3lDTlVnL2tUZXU2OUZ4cjQKLS0tIHVpajFXbU1EWkdQTU5ReC9CZ21W\nbEtzZEhsL2FCdXE4RFdEQzVUVjdTRm8KBaMzg+COiWwiEUeVRI0Hr+zec/GpGU1y\naxfvf4+KymX6X4GDTPb6ZIwAQwG6K5LE4xuiF6qIQls8VqG4CQfW5g==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1qdxqyqqs34cksjkzeww2c942w8xgm9x6d4zct4glwqg90ghve9qq6d944c", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkaUoyQlM5SVBHWEJpOElj\nRGJpWDdmNXRmMHVsZFdTQWM4a2NMK1Z6NWlRClFSZFRZOFRKemk1UjJGdVlGdmpo\nU09NTkdiQUlhbHJaaEJMSDExWmtXTzQKLS0tIFNTVHlsVjNOWjA0eDFKcE53WWYz\nbnBZdGlvOFJjY2dqc1hNSGJ0T000UG8KX0SqsS9g4ErEBmIwIqCX1HtS9C5EaNdK\ngraTHvsudNmMZqLpU4tiiSREVoBSCQLxX3Z8ZCEzl+sMPNalJ6Q3iA==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1sg0rvgyetdcqw7j2x983fh69kdkvqsngpe5x36e5920qa7fze3cqhj4wgx", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBLUy9Ham5TMUp0ZWljVTJ6\neHR0T1dYMVdyUy9XMWVSTS8rNGhMaDkwcjBRCkRLdlZReE12QVlCL09uaFJVODNS\nMlcxM0NySmx5Sm9BQXZlVjFKaXU1d0EKLS0tIGk4ZHBTS0hBTmVWQ3pWVng0RGw1\nci9FSkRqcTZxSmxWMHlrS2FydTFTU1UKHQR7e+K1tdZsdhZWj1tF9Q/V6yIlN/5L\ndUEWWCojqHGDESSxyMJ1uJLBlPYsHxQ06n47bNgk45ntZyPGO2Vd8g==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1swlyyk2rzvevqawyeekv75nx2dz34zpe3xqhkqme26gcgeavy4dqrfpcd8", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYejRKUVh6NGlsL0g2MVNa\nZ0YvNU93ZHM3czRlMkVIaGh5SnZEYXNUVVJRClZTK2lGQmE3ejlDVUhhSldsRlJ5\nNm0xRWtiZlA5L0ZQdCtyWkJzb2tiT1kKLS0tIFllMVh4SGp1ZHVTZ0YvYy9jN0Rx\nait4K2NtK2tjemF6dG1UZ0NTWUc5OU0KkFh4WMjySENo6yw3O4YB9Pw03tMpa25I\nm/2WA1pQiIEySMFBu1HJm8gHHOHF6qdbKGTl247N7+Pc8xxO787ylQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1vphy2sr6uw4ptsua3gh9khrm2cqyt65t46tusmt44z98qa7q6ymq6prrdl", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDSkZaR3NiczEyTUVyUU5H\nSDJlMi9nSVBtRDdtY002cmxsQ2tEVXdrYjIwCmN2ZjJWN1NlamRpZG9tV2FaVWp0\nVDRFU01MSldCLy9sNUt0TXZQbW9tMDAKLS0tIGRpZE5oQ1JFazhqSThHbzArdVZW\nSi9VQTd4M0pBTHVzNFFxdmdtWHhtMmMK+hU79NCNL9Uj9boQ/ReCfyQ0ZPG4iYiT\n0pLdMY5pAv7sN2k0No6/yAg1m8GNXcuXXb0hMQuLfDZn9+66ow83FA==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2026-03-26T08:02:48Z", + "mac": "ENC[AES256_GCM,data:dJnUgKEKzxmMpaYgP/sQJKMNp/pkUNDZT5YyMZwE6u/booWsTfvejdz4OAPPTO1tN58PZgjvIiCoYNFz3wxZWSZV+art/NTrDVDIcpSjkEAwr0TNXoWj6rfcIReNUDDVHINYE9LTwETcI2/jh29J7+4b+hKf9BkvufR94WqLXyc=,iv:nww7eQOr0EvqZ6bh66vV6aTOai2MryYSpq5oAXviJ0M=,tag:A9vdnz+sMNVTcLrpm9eSSA==,type:str]", + "version": "3.12.1" + } +} diff --git a/vars/per-machine/hadar/nginx/sslCert/users/kurogeek b/vars/per-machine/hadar/nginx/sslCert/users/kurogeek new file mode 120000 index 0000000..970aefa --- /dev/null +++ b/vars/per-machine/hadar/nginx/sslCert/users/kurogeek @@ -0,0 +1 @@ +../../../../../../sops/users/kurogeek \ No newline at end of file diff --git a/vars/per-machine/hadar/nginx/sslKey/groups/admins b/vars/per-machine/hadar/nginx/sslKey/groups/admins new file mode 120000 index 0000000..6765aa1 --- /dev/null +++ b/vars/per-machine/hadar/nginx/sslKey/groups/admins @@ -0,0 +1 @@ +../../../../../../sops/groups/admins \ No newline at end of file diff --git a/vars/per-machine/hadar/nginx/sslKey/machines/hadar b/vars/per-machine/hadar/nginx/sslKey/machines/hadar new file mode 120000 index 0000000..f12fe93 --- /dev/null +++ b/vars/per-machine/hadar/nginx/sslKey/machines/hadar @@ -0,0 +1 @@ +../../../../../../sops/machines/hadar \ No newline at end of file diff --git a/vars/per-machine/hadar/nginx/sslKey/secret b/vars/per-machine/hadar/nginx/sslKey/secret new file mode 100644 index 0000000..d0e945f --- /dev/null +++ b/vars/per-machine/hadar/nginx/sslKey/secret @@ -0,0 +1,50 @@ +{ + "data": "ENC[AES256_GCM,data:qXULSJDYsaTybKHReBPDkCtA8p3SAu6GGoYT5h5O/y+huCR23FA252rhVxOWy3v53xZvfGsz5opp2Gyv6bqxv/8KpdhcXoRVoSJYNSmQiUddum6rFI1kYNb76LwEoY6sv14BzttDxFr8R4i3zah/Lkfqw9h5Tetp8rJK6JWrdXmQzlZPY2bAvos18mDIAEtK4OIBAA4RcjDU7xNycSYp3XnhSOYM+TTR7pP/mi5V36v+eVAzftZDmYY/UixnIdk0p+00HzPl18rAC3XJoSAca77E+BBaCzgoNuXrCHtkjTW4mDJRWuEIfRFlJFB9mZp8BTYg0mF6FONGBiZcEZeAW0lZCLRxlBoFT0ZDf/1wOsiKW3khfbPQ5oLlS6hTdFDO+u4zpflGjbjYwojXoOxmJMtDl7+1oDnY6cSEaO+hn6aR8V/SAGdSJ2F9JM1WRGtHiraurknsbejZTA+qLsLcV4Q4+i/gr+HJ7Jl/1JrJebMtHOioaYhTC6yvAJHCyz1fdTE3wNos/75Ayd4X6og+1WTUdfpEVOvje4bzQ9A+K9RoW5GpZYJt1D6/Uy9CSp7D+RvfDAYPZmuvhb05uVEMw81Y2IvipQ5s7dFoT3GG4FTwtoiMetKMqfHZpFbeHs3SbggxmGLMBfyMMUBIUE7/9ksXLUC62uV9OkpaCvlz8SLctnjTuFCbaGekVKZ5W8zxPiAdrPw7lXEnQUNxJTZgxa3ZbcDlJqO2aCve4bSQHxKgRZbCuTlsGcNgZ/qa4v6cPM48WUslrZ3wu/AW1n+xIHFV/5V1nAqUDtkDEkfgv+9C1vHGPOla37UQSzoE5Bk5fADr6b4o4vN0cpdApxa1j7N6al/dQ8upNXAjG5qbdIxlRceCWY0aRctHbJ2fJGt6fiOPbrQCQKTx6lvBqMbJjdaPCnOTWeJtsURYHfwDvzYI50adcVBt4+eUN+zp0hy9U6r/SNu+UAI1kGZtwQTJbilHfbItLROyDhZ42rWOxpk2W9n5HGhyXfAwVxR/b4On05WJR9iB5TDPuDkh6URvfy+KmWJOjTqzGbu4bs+ufiWW5OOR7OpGzSQhqLGsLJRO64uC4vc9qWA7l/VWc8U63zdTZiOINvLaCk6ByGKFgMT/EYmgzUP0xyEGBdQdXE+rjSxNMMOGTuFP0wIwOcrSKUnTcxH9+D4vdD6Jfet81K1STTIMYWgnVDdjxggpxat25Wz0NZe6U2ksTNpRM1vK00/DNCR9Ci6QDmPKlOyqbEf0I1IH1I7Tl7E5EpJEU50Qg0zStvojt8KmWxfc2B8ULv291KkUUgATwj2ECIYFCRPnZXYHbcTLiQ9t3fuP0Azk/hC1hIhSzoDhnj3Rbkc4dup1cjPLEuljS295r3TtdJc/Q6nVg0eBGV+2NvrnsyN1Yvs33G10Ir0TS3wFOVpCtskJNJfhn/sPfWqZn1Tyf55gH0gxqkv/icgvcIiu2S7pVksJfa7KyKVixYcd8BzaRAJnw78ClCPeYciqBtsCI5Zw//kcYDzW+sywRgwQ2gkAfXnA3jsFRmSyP/earZc3nqCi/DuIY/kZWEhx1qjQhDq218Qry2+zYjBrJPJDcWcdMuTEM0VZIAMIr6UL6H/EYMK79gs85Z7PAST6cg3OVgX8cRXuzQjRFfNQRrMz++q1/6RkuS8TM7WG+HtGeBXuI1ttGpkea1oUTJK1L+SPV2DUiqqlxZQ02fDIp8uw71FQ8r9h/3uFO9xbcYo6Ppk0bPReDv5nsVVPjeGTRoWlO2FkM/dQh/eD+t/MRwBPq7L3HQDaS5/ErPlzpzlI9EoQGCdo3Nls8RP+Hrowmvrx3NoeSphI+tsO1en4J9tc73sC85HzxtnF3F88TXTKq72wADLszvxCDlcHZpw/Wqw2ufi9UbodfNMfM06nMCPx99K+GJ1UiHUB/+yZWgc0iFyOATX55CwVvUqN5CiwkBjxy0OIhpJNs3JXUtMyhN8CAt0L5Hx4Xe4Nl01iSr1a2/trE1ugs63l+xRjQdPU8CmMbtNhC8Iq8er3xJTCbZCpJGV71vUIe78D/kSiQK39PZSl4ICRQvUaNb8XUaVUg0JPJRxTJSBP6YoLIA/IpGPsE3eV0XCHng3tt5wQMSKRHwy/P+H8Unb5DQQr0AkIEPJLgScgU1SEKEUuqNLpDovDTtsMqppqmkP68Wl/8KvWRAqbsNU+/D59AZRfGK6hTRsDRj+NUcV5tpGvNpLkwtWh7DkTtEIMDCuqpSUGPOtWEACU70zPbTOLH+Yf,iv:iBWK0GFB6BjIzmbNP6Eub6LRFr/YTFhZNUvu4rbc5aE=,tag:ob7HSz2zHxEnv8HS6x7oUQ==,type:str]", + "sops": { + "age": [ + { + "recipient": "age134vt63pjqpd0m7702fyn8vhdlzyj2deqc2q78sp9uw9052kxsgwq6d25ez", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhcXZTd2Rvd3poQzczU2F1\nNmNyNWR4MThiTElydjNqY3NzTW83aVA1Vmo4CnVnLzhSSVZBalZ0OXFGVmhKMjlT\nUUZsMlJFT2YxQTFsWGJ6TWxpZVZyNUEKLS0tIDBDZU1QTFd5V1RIVzJobFRTTmR6\nVlYxaFFuY3F4dUFLYkcrMFRqblpkYWcKewcNFmspPRa8O5lVF0Oq5Zj+1gfoZvnA\ndIHworihfUocQ/SqY+/UB8j77eWywaduIlH/L5I4hnWxIomIJYgy6g==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age17d4qt0n9edq57tgcqyk8eu5mrendl59yt6z2y3a4vkq7el8krqtq6lq28g", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBlQkxTM2xFa29Fc1A5Vkps\nUEFtSkZkajRFNWFZTzJwRU5PaDRSNnhiVkRZCklSWmhjci9CS2JiY0dCZXVCRkxU\nTmoxaDFMdVUwV1FTZkJMSFdWZngxSlUKLS0tIFZXNEZ2WlJ3NEllWnI5akhzY0pD\naFVhK1RGeXlBb05BaW1TSFhkUys5RmMKcsYc3BIOP9r8HaV0ZA9dishbs31Jir0M\nxsAO5F4NsfGtmWkMZspvR+c/xw3t4175J6VfVjukPL3tSYXTRyCTiw==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fido2-hmac1qqpf43tgcfjm048lsqskvq34w2t4uvrm5qy6m2eg6zjj82ctca8wctgpczxvj0q4y6337uhvsxdh5j86k9h9ymautpvv2759ucwnef75ez7pa7fpkddklp40mxk2tedsp74359g0kefn5rsq0x0yss6cu4yd0h06up0rp08t6yc4l0hfa9y8jn5fkx6nk0hjhz06ykwv0fyxe7z42q683jy0", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIDRXdWR0cGVI\nN0FoRnJVKzJSNnZZdHVVTi9DV0Y4eGNuMjk0bS9NWjZkU28gQVEgd0l6SlBCVW1v\neDl5N0lHYmVrajZzVzVTYjd4WVdNVjZoZVlkUEtmVXlMdyBIdmtoczF0dmhxL1py\nS1hsc0ErckdoVVB0bE02RGdCNW5raERXT1ZJMTkzNjRGNHd2T3ZSTVYrKzZlbEll\nVTZKc2JVN1B2SzRuNkpaekhwSWJQaFZVQQphL3F5aUdVTnVWaitHNW9GUzRrMHBG\ndWlMbWlkaXBKejlMYXBWbXZCNVNrCi0tLSBhejRXb2doR05PcmsvbFc0cWVVdEh0\nWWVmQWl6TE9QMzVZZTRHS1NGUEUwCpUQ/C84oIYXYTvg3FzzmPeMSTKMQSDYbZa0\nwjpPh52ZOVVzXJPZtmrtG2eq+9OmD6wJQC9Eb3q89ntg04GqFEE=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fido2-hmac1qqprw0vfpc8wzsu78quc777kmee54ln6nnsjrnrhl7nr33eh4kvkksqp05qqxj4kgfzrmrugrsvg7skx6ghh3q9xc0x0agthtkvy25d9eq7eklta5wf7s30hexkuyl5546rdz9ffa5tawlp5yweqkgccntw0ny540n2am3cqw3luhxkfmrp63kwr6mwplhr9u26wll48x0n3k5f60c7hg9a3", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIDd4allscUlq\nVDhSendWM1ZLczVCQ3hXNFRrVTkwVmQ2aXc5YWd5L2VzM1UgQVEgZlFBRFNyWkNS\nRDJQaUJ3WWowTEcwaTk0Z0tiRHpQNmhkMTJZUlZHbHlEMCBtMzE5bzVQb1JmZkpy\nY0orbEs2RzBSVXA3UmZYZkRRanNnc2pHSnJjK1pLVmZOWGR4d0IwZjh1YXlkakRx\nTm5EMXR3ZjNHWGl0Ty8rcHpQbkcxRTZmZwpRYzVuRjBVRU9zalN5VnlZaXRXbWIx\nQ0Qvb09XNkhaTFFZdkdZZHZadFE0Ci0tLSBkRlZxMGI4NU5RMmd0ZEtsSktOREpn\nTFdkemtSOVA4dlFnZVVaY0FoZEtJCloI89IXkVNnLUaUjQDqbbz9GA06zZB5wdXR\nNpIyaZs3H7uCmBv/2SezJFkb2shw9we3yaFwT2vqZM5+L8LH+8I=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fido2-hmac1qqpyewum3q8dfcumfgec8nn958aec9f4q9aqy0k06kw5kq27d6fdqdgp0p7y4ru3n5xk90u747xevxa2af3v37e85j9g3axrmw5hdwdfh0wz22hut5vrafxsx26a7vh8fjwkymz3ramfgvvu4detztu075kmpr8l9ydqda0rnjwatdwmfgswg849p37astvld98s3nleeq575azlwc2hhpuh", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIDFyc3RwcFpl\ndUl4bFZCRmFVc3JML25HNlA1ZDJMRnRLMFU5S2ZLZlVlUlEgQVEgZUh4S2o1R2RE\nV0svbnErTmxodXE2bUxJK3lla2lvajB3OXVwZHJtcHU5dyBKU3I4WFJnK3BOQXl0\nZDh5NTB5ZFlteFJIM2FVTVp5cmNyRXZqL1V0c0l6L0tSb0c5ZU9jbmRXMTIwb2c1\nQjZsREgzWUxaOXBUd2pQK2NncDZuUmZkZwpaQmdEbzJ2T2ZsVitOa2EzRFJHRlBW\nL0t1eGZjYlI3YVZFRWduaS9hRC9FCi0tLSB1eEJWK1hKVHVYRVZpTG85OHBtdmtJ\ncGlsQm9YTVB6QzdSc2Znb3VFMWd3ChsWRsf+UC7xEL1ozcS6g1todgPbebXggLgW\nCwkY2KswgHQbKOWV/HZZigpqbsltCEzcPNJp4C1/mD2ZdzY2hww=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1hlzrpqqgndcthq5m5yj9egfgyet2fzrxwa6ynjzwx2r22uy6m3hqr3rd06", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwZjlGc0NkU3lNR3grdzF2\naUpNQzFYWi83YUJyeGlUS1RnSDJ0bVFxSXhrClNMR2M3Q21vOEJsUkFIQldQZGNk\nTUlESm5EOWVWVmRMamFYa1hwZm5HTlkKLS0tIC9JU01Mc3VQQllIVThGVDlCZ3hv\nQUNFMEJYd3A3anFlTFRIaUU1WXdDVzQKd+HkzPcvqhYg9DWDCd4YgOZeCwrUZpfR\nBsKjLhjh4YIenziWh55pwGRYnu0YJBNVVOVas8cWGtwSKjoQUdQIXg==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1qdxqyqqs34cksjkzeww2c942w8xgm9x6d4zct4glwqg90ghve9qq6d944c", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3bmNTdXQrYnZ3OUJjSkJh\neXpvRlFuSkNGVGJ6TGtOWWhvOVdZVGhkZ0J3CkxkWGlVR053SnFWclYweE5jWjJj\nc3NYYURwRWpIVlM3V2U3M0NxOVFtVDgKLS0tIDY4ZElwMlM4UHBnVWpCTGM1TE1E\nVzdITWwxQ3dqRmp1dHJtdkFWV2ZJVDAKQPvxsJ/NhXHq1Vony/TezVSw5JQT0gTh\nkk0Y1prehME8QvwnY1pXaXfpexs1Dn7ZwOpC7hDhKjJ1nIYrJ77hZw==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1sg0rvgyetdcqw7j2x983fh69kdkvqsngpe5x36e5920qa7fze3cqhj4wgx", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTb1RWb0dVcWZJVkIrQWxE\nVWJEY28zMkhNaTU0bXFjZFRHMG5JSi9DalNnClVHbXJPVmQ5cXhKZ3JnZVhTNTV2\ndUxvajR6MnF0a1Q3dUM0YkNOOE5Oa1EKLS0tIGFLYm1kNFNWN3orMUpqdStqQjNk\naHpBZHJjYlhOa3ZWaE8rYytsbHAzSmsK/ALD+mL1nY+YVowJnuC5p1ccYkdvrIuM\nDEyhkmM+Kyc/ivoN3yK1Ma0La4Tfa00VIiuf6QS9lueXaBgSGUmTkw==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1swlyyk2rzvevqawyeekv75nx2dz34zpe3xqhkqme26gcgeavy4dqrfpcd8", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSajBUTXRMYjQyaWdya0sv\nN0NiQlNqRkNETnZuNVNqMk1qUXFZVm8wTzE0Ckk3V0VPa29lVTRBSEpqZTg0blJa\nWFNtNWlMQWZYUUV6bEVZa3V6YzlRTUUKLS0tIFhPV01HRWhXSUFCTzltN0Vaa3Qv\naFp5SUhkVmdVZHJiK2J3WGRmQ0JMakEKZBcQXhbwA96m9zbf0Z9Z18VaEBg86Y9n\nhEIPgxE2tqnTfwf0tFrJgIIW7fK7gOmpmafXQIkO1v8ye5eRM2UYdw==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1vphy2sr6uw4ptsua3gh9khrm2cqyt65t46tusmt44z98qa7q6ymq6prrdl", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4eE4vNi83enVGRmdXYUkr\nTnM1YzJITHlvSTZpMWJRc3AvaTR1MElsUTBvClBGL0NWN0RrUWN4R1pSUTdjRXB1\nTERKaVM3THFndjF5QXRIbmxJNDQ4RXMKLS0tIGdlb0tOZnFQcWRhK0lWMUdFbWdi\nUGtoQjJSMEZ2V3dmNFQyT0h5eFdvL2sKdIuAJjirsPJZyuIap8TaPPm+jHutbz9K\npTV4o+vlxcy9UhPbNY6mZWV5lmTgqTNf4OMLmOUjgox2K4YGUa0oxw==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2026-03-26T08:02:50Z", + "mac": "ENC[AES256_GCM,data:Uw8hU953KO7wxLhD2dEqsmNudeEw+EuDJG8XrlMFvVBzJL+hgCIkUkVMRUkphKDOMiueIcwOczU3/BojW59c9qVTTcnpUTzANJi+4zCQ0lA27tbhmEMCu/Ypti3irG10tO/j6x3eO5MKPPqwIOu+WWtTU5DZVPmlLzE9BasZF6o=,iv:/kRNnlE1IwyYV9Wi7u+mv2Cav9LuIAPGZhzAhriGEuA=,tag:4cR4kdMGMcR243j+nm6veg==,type:str]", + "version": "3.12.1" + } +} diff --git a/vars/per-machine/hadar/nginx/sslKey/users/kurogeek b/vars/per-machine/hadar/nginx/sslKey/users/kurogeek new file mode 120000 index 0000000..970aefa --- /dev/null +++ b/vars/per-machine/hadar/nginx/sslKey/users/kurogeek @@ -0,0 +1 @@ +../../../../../../sops/users/kurogeek \ No newline at end of file diff --git a/vars/per-machine/hadar/openssh/ssh.id_ed25519.pub/value b/vars/per-machine/hadar/openssh/ssh.id_ed25519.pub/value new file mode 100644 index 0000000..b837efe --- /dev/null +++ b/vars/per-machine/hadar/openssh/ssh.id_ed25519.pub/value @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDOat8FplkBzSaRylx131gPvKsomEKiWB72z+0hEZg9N diff --git a/vars/per-machine/hadar/openssh/ssh.id_ed25519/groups/admins b/vars/per-machine/hadar/openssh/ssh.id_ed25519/groups/admins new file mode 120000 index 0000000..6765aa1 --- /dev/null +++ b/vars/per-machine/hadar/openssh/ssh.id_ed25519/groups/admins @@ -0,0 +1 @@ +../../../../../../sops/groups/admins \ No newline at end of file diff --git a/vars/per-machine/hadar/openssh/ssh.id_ed25519/machines/hadar b/vars/per-machine/hadar/openssh/ssh.id_ed25519/machines/hadar new file mode 120000 index 0000000..f12fe93 --- /dev/null +++ b/vars/per-machine/hadar/openssh/ssh.id_ed25519/machines/hadar @@ -0,0 +1 @@ +../../../../../../sops/machines/hadar \ No newline at end of file diff --git a/vars/per-machine/hadar/openssh/ssh.id_ed25519/secret b/vars/per-machine/hadar/openssh/ssh.id_ed25519/secret new file mode 100644 index 0000000..58f7071 --- /dev/null +++ b/vars/per-machine/hadar/openssh/ssh.id_ed25519/secret @@ -0,0 +1,50 @@ +{ + "data": "ENC[AES256_GCM,data:QhZrGYpTcrUqYxCLAOcxlQVNo/6Odz2WtTBhbBNmlyiSTYE+PLAPtNmTqExmLMux4vTvstkhGNrpFYZ+8+bnZalEQUg7/tho2i4sfzZ9CifQdbnHdpFbzW6Q6i0+cQcVnGSkRuSIY6gF4/ToxgSdhjB4sRtlgPa8ypk6nfrWAFhQdpImrM29UcVhb3E8wiotzjChdmWFSxtWQCaahBRozmYubu1PIK7KseP2rZiYVV8OA22ZuSD9OZIwvJBgjtkGXSKBLSNBrmqSJ7xsF1mwL56fas0m1mDMhABKMmEBfkm2VO4hdfsnKhDMP6SqxLBWn/z/0yhSvTaNYQuRmQIT7s8O27MOBOfUBJ+0f269siUseqP4wvdZTTNgSvELgPgSlkYXPX4jrJhFV+NDN8bFBIu1osX5ii6kWsQHBmn+ZaVfa6oCv3fE65qZ3ofbm9QkebQ+l1fIf+J3lKYA+H1pBe0K7YW59Jg7iMqr5vxBOfAryoWYvKdD3Dyz1urtfB/nFhK0,iv:6oXQUkr8T0ZEeVoIo04EelO2wYQTsWlQ3NxirNkNc/A=,tag:0w7+uuisiOpde1BTKh7pyw==,type:str]", + "sops": { + "age": [ + { + "recipient": "age134vt63pjqpd0m7702fyn8vhdlzyj2deqc2q78sp9uw9052kxsgwq6d25ez", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBaSms5V2RKQXhpR0NDcnpE\nVk4vRDkzbG5lOG0ycnp2OVg0QWsvOUx1VGpNCnc2MEgvYThPcGlnMjl1TU5DS0NJ\najlQSFF3d1FiT2g2ODZYT1I5MmR5MzgKLS0tIG1LMWY0bFZFRzBEbVFpdlp3c1ZC\nWE15VW5aLzc4bTl1MmRVRFZKdlE0WlEKmugPr72WU2Ob3P2d2PH1vFG6GXxujXcR\naCYFm6tuMh5NsE0JyKib62D7z8rJC3MicCuE9B7WxgKVMehGw7ppRA==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age17d4qt0n9edq57tgcqyk8eu5mrendl59yt6z2y3a4vkq7el8krqtq6lq28g", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBocTVPMjd2MzBKdFZTVUhD\nUHBaMEJxVmdVVVRPT3NSVHIwMmRERU9ITHdrCjBUY2t6NHlrUkFNZ1BLbUxacW8z\nKzNyemw4Y1Z6aXB2UnZVL0pEekxvczgKLS0tIHRSdE4rZUw0MzBSQnVZbXd6RzlO\nVEVubkIzRVpJdTA5TjFGVkpJYWhXRXMKKi6kTLzCKa4xk0WkH5+2ia1xw1zai0Js\nmbdPCMxlimfRYYPxff+gBPj6sgpx36o4vj4T0dujdpDqjLgBUxz9wg==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fido2-hmac1qqpf43tgcfjm048lsqskvq34w2t4uvrm5qy6m2eg6zjj82ctca8wctgpczxvj0q4y6337uhvsxdh5j86k9h9ymautpvv2759ucwnef75ez7pa7fpkddklp40mxk2tedsp74359g0kefn5rsq0x0yss6cu4yd0h06up0rp08t6yc4l0hfa9y8jn5fkx6nk0hjhz06ykwv0fyxe7z42q683jy0", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIGkzOXpQeEI4\ndDhjdkJzbWlnWmhYUms0ZVRPTDJPYnlGVW9LeDhUWkI0bVkgQVEgd0l6SlBCVW1v\neDl5N0lHYmVrajZzVzVTYjd4WVdNVjZoZVlkUEtmVXlMdyBIdmtoczF0dmhxL1py\nS1hsc0ErckdoVVB0bE02RGdCNW5raERXT1ZJMTkzNjRGNHd2T3ZSTVYrKzZlbEll\nVTZKc2JVN1B2SzRuNkpaekhwSWJQaFZVQQpLc0VZMjdUTFBsWXJBR29FMDNPeGhD\nb0JDeUJqb3hVdUJvc2FWaW94bGVVCi0tLSAxWUgzK2Uxbll1TXVBbnExNHdWTFlZ\nVWFvQ3YycUlqVlhBQm1NSWROU3VjCiJpVZzpBfDdLL3MiDaOhDzKuvnW4QUL/Tda\n6kcrIHDLTilRZdPllLt9/Ah5kVabAT1aJtI0oxCdddCDD2lAnYc=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fido2-hmac1qqprw0vfpc8wzsu78quc777kmee54ln6nnsjrnrhl7nr33eh4kvkksqp05qqxj4kgfzrmrugrsvg7skx6ghh3q9xc0x0agthtkvy25d9eq7eklta5wf7s30hexkuyl5546rdz9ffa5tawlp5yweqkgccntw0ny540n2am3cqw3luhxkfmrp63kwr6mwplhr9u26wll48x0n3k5f60c7hg9a3", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIFl4d2RaZHQ5\ncmsySnR1a2UrdjJ0RlZEbzdkRXZRaFBSR2hxTWZDZXQyMmsgQVEgZlFBRFNyWkNS\nRDJQaUJ3WWowTEcwaTk0Z0tiRHpQNmhkMTJZUlZHbHlEMCBtMzE5bzVQb1JmZkpy\nY0orbEs2RzBSVXA3UmZYZkRRanNnc2pHSnJjK1pLVmZOWGR4d0IwZjh1YXlkakRx\nTm5EMXR3ZjNHWGl0Ty8rcHpQbkcxRTZmZwp6TkhwNUp0VHNDaGY0WEdLaHRBY2RF\nL21IcGY1bVhsUjR0MG1MWlUvS0VVCi0tLSBwWXowMyswN2draDNRWnE4Zm9IUU9k\nT25oWHk2WFd1cldFQXdoK1p3Q3kwClKfVOidawFUyLWJci528i9+qYVn6JZHLEV0\nA3U0WYtYJatqSMTQI0lvLQl5iNabIs5mwAOwORv1lxd0nT9ycuA=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fido2-hmac1qqpyewum3q8dfcumfgec8nn958aec9f4q9aqy0k06kw5kq27d6fdqdgp0p7y4ru3n5xk90u747xevxa2af3v37e85j9g3axrmw5hdwdfh0wz22hut5vrafxsx26a7vh8fjwkymz3ramfgvvu4detztu075kmpr8l9ydqda0rnjwatdwmfgswg849p37astvld98s3nleeq575azlwc2hhpuh", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIEkrWjExYkEx\nTzhtQXZqVVUvZXFlYUVrQkU4TmcvMDNGT0lKVUcvVnZCemsgQVEgZUh4S2o1R2RE\nV0svbnErTmxodXE2bUxJK3lla2lvajB3OXVwZHJtcHU5dyBKU3I4WFJnK3BOQXl0\nZDh5NTB5ZFlteFJIM2FVTVp5cmNyRXZqL1V0c0l6L0tSb0c5ZU9jbmRXMTIwb2c1\nQjZsREgzWUxaOXBUd2pQK2NncDZuUmZkZwp6ckdtdllTQ3J3WExyQVBQT2N3NER5\nNUdOQ05yR2tqR1hMc1hXYUg3aVlrCi0tLSBlcGYrc1U1REwzRTdIWHlxRmgyYjF5\nV3BFdURTaWpwSGtkUzFlS3dFaDhFCghsSbHTKr/n+Ka3ledpDO51wxnmb7j4uXMu\nQEo82+hpdyLfcpB07ZjDTq3I/UZbWAVTvpFVJLkHyVaoweUGYeQ=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1hlzrpqqgndcthq5m5yj9egfgyet2fzrxwa6ynjzwx2r22uy6m3hqr3rd06", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBjR3dLbndMQ1BYUlk2RU4x\nT0xOd2YxR3N5TnI4VmJZNFFjSjUyVHgyemtjCjVUWVkyTVNSNy9sc2ZVaTFPTktP\nTFBHQy80SE50ZnhRdjFGMG1VSUQvM2sKLS0tICsxeGtYbkh5RXdaclFyalpBSWJq\nUTBSZUdJcjZpR0xpQWg0VTY4Zjg4NHMKGOTAWNXfbyIornIUEpAa/r+VZUbFXFbp\nN8sdbjKod8limWbtLtOBQBpFnUh2Yxl1vVa0U5sCF2q3sHXKuZTWNw==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1qdxqyqqs34cksjkzeww2c942w8xgm9x6d4zct4glwqg90ghve9qq6d944c", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2WUdmN3BIL2tPWFZNZGRI\nSGQvdkVqK05UUEl6SVRCYTBKN2tiVnVGazBzCjQ0WXJ1cFpYQW1ZQWZHbXdyRC94\nR0VUZnhzRndxNFNpZ1RmazQ0QnhSZUEKLS0tIG1DNU81d0pzNnhra1Y5REZMNXgz\neDFsWlFKVVhJbjh1cUlqQ3AyWFFsTUkKgTHxIStUyct3ETWn+iqeVLqdsvo1+328\ncknE+VhJO7jrWWZKVWx0sIzwohML/AhB+eJKN8mVf4kGM6WjG/iYjw==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1sg0rvgyetdcqw7j2x983fh69kdkvqsngpe5x36e5920qa7fze3cqhj4wgx", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTYXBYWCtUYWswRU1tQ2Fr\nUU5Vci91anhDM3BMVm9QeHFpWkh4S2diU1FFCmVLRFpNcXkzK2Q2V3hLK2dNWkh0\nbWN0bEc0ZjMrdk9XM2VNbS9IOFJKM1UKLS0tIFlNN00xeUg1emFSbUlnWUt5aWdE\nVnYwOUtNdkxXbXBmS3k4NXp4V0xCdDgK6NeShqe9xxLRB48iTXMGpM3CMlrRicG/\nD5bUmYLnlqMGOs+VvFrxIE+KwHAOi/pnLhXW6kdfVPLdG4qB1oCeRg==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1swlyyk2rzvevqawyeekv75nx2dz34zpe3xqhkqme26gcgeavy4dqrfpcd8", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBab2crTjRvUk1uTGhCNXVw\nWUlsY2czczFkdnVtMGpvVGE0b091bjY4UldFCng3b0lTMzQ0Tm1aZkg0anZaMDNp\nUXlsLzFWU0gvQ25ETkYxOXNzd0VzVTgKLS0tIGhWTDF0K1lFVDRBOHh5RnZTSVBT\nbWJMRWFXbHVNSDFrdG0xRkJJcDBkM0UKreOyU1cFgf7gHJJNgMmEiKl0NjyqSBJn\nUr2/O5fXXI+EhS+GzP1blq7SM5MoVrYNi1pFmkonssVcJOWCoV+vPA==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1vphy2sr6uw4ptsua3gh9khrm2cqyt65t46tusmt44z98qa7q6ymq6prrdl", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDSFJOa0p0VjRGdHJJMTIw\nZ1l3TlZUZzdoWUpFaURnOFUvMVROazg0ZFdvCmtNL0xiTlBmOVp5b01uNThLcUZj\nSlQvenpwWVg5R2dWTzZsREl3L0FIdUkKLS0tIEw0dEJ0OGVFbUZXb0lXQlNEWE0w\nbTMzbFkxcTlTY1ErbDdVWUF2SUhPNncK9K+yOXP48kaBJaODXXVmlnPmcsRJhl3u\n/EYHzSucNLvsnfcY+v6yucefvyZ98uMuRLwO8T8FG3yyqMHFCYFE7A==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2026-03-24T10:47:12Z", + "mac": "ENC[AES256_GCM,data:6T9IbYjk0P7NvuvFoXvm05hNvOkhoF0TQUJqLZfPpKakK2Ve9bGOAVKmIDN14TnQ0PHZ3zj8jK+CqkttIPhKl540VXeYJnLGO+TaQ/Ov1jMizgKo71yZUOJolGvV03TwpnjEARirl+LYbdnQARlORG87341qOpu+7ZixCafbOkY=,iv:guUItvydHF8DsxNzIl91tJzsLdEwOW1CkVMZPYVhaAs=,tag:8bf12Szm8PDtlHeBcs+6CA==,type:str]", + "version": "3.12.1" + } +} diff --git a/vars/per-machine/hadar/openssh/ssh.id_ed25519/users/kurogeek b/vars/per-machine/hadar/openssh/ssh.id_ed25519/users/kurogeek new file mode 120000 index 0000000..970aefa --- /dev/null +++ b/vars/per-machine/hadar/openssh/ssh.id_ed25519/users/kurogeek @@ -0,0 +1 @@ +../../../../../../sops/users/kurogeek \ No newline at end of file diff --git a/vars/per-machine/hadar/root-password/password-hash/groups/admins b/vars/per-machine/hadar/root-password/password-hash/groups/admins new file mode 120000 index 0000000..6765aa1 --- /dev/null +++ b/vars/per-machine/hadar/root-password/password-hash/groups/admins @@ -0,0 +1 @@ +../../../../../../sops/groups/admins \ No newline at end of file diff --git a/vars/per-machine/hadar/root-password/password-hash/machines/hadar b/vars/per-machine/hadar/root-password/password-hash/machines/hadar new file mode 120000 index 0000000..f12fe93 --- /dev/null +++ b/vars/per-machine/hadar/root-password/password-hash/machines/hadar @@ -0,0 +1 @@ +../../../../../../sops/machines/hadar \ No newline at end of file diff --git a/vars/per-machine/hadar/root-password/password-hash/secret b/vars/per-machine/hadar/root-password/password-hash/secret new file mode 100644 index 0000000..becd437 --- /dev/null +++ b/vars/per-machine/hadar/root-password/password-hash/secret @@ -0,0 +1,50 @@ +{ + "data": "ENC[AES256_GCM,data:DrV4Lyo73zCP3j2e0xFtWaQ/9ajheiYQBJHy6Ds/0Q0V3E3Y1CE7+nnj0XASVzdQy4M+/aYFzaBszETBzDHbE8QVbewwXG3nK3+sXcDKQ2DrOrA+e2/h4BZz0QnbAiMtaFHd7gAvQYT+2A==,iv:wOeA6n1xLx8X2H+4Bm1nOhxyto0dB3VspMHoUi26f2s=,tag:U5n3q4eJ+aPTdYbMiEMYUw==,type:str]", + "sops": { + "age": [ + { + "recipient": "age134vt63pjqpd0m7702fyn8vhdlzyj2deqc2q78sp9uw9052kxsgwq6d25ez", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1cnNhTzZLN2t3QXU4QmZQ\ndy9IUHNCZ090MkRRK0ZNOTE0c1dOMnArK2pnCkVYb3lCT25kSDJuOE5mcnl3K1Ur\nTVZRUHZBcGFMcVpXaXZzSDFYUkxMSWsKLS0tIERLY1NNZVcwWWtuN3pqK3JxejJ3\nbkNwc25ZNEJyVWc2NjM0UVBVSmkxc2cKWZ492h6cGmHWHASQSI1v69fIHMdC/pKS\nRmFJa7dRNm4+dtU3B7swglq/atzWtHg12aBuhuQQsQRe1YPdOegMqA==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age17d4qt0n9edq57tgcqyk8eu5mrendl59yt6z2y3a4vkq7el8krqtq6lq28g", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHWHJReGpzNzdQU2I1SlRa\nWnNNUUJOaW55bWVxUDd5bGkwZWxMVEZyNmtjClJ0c3hpY04rQzhvSitMQy9DK29m\nTjI5TG50bWRsOFIrYVAwRUZ0K2gxVmsKLS0tIEM0ZjQ0ampEZFljOVpYV3lBS2g1\nMGpzYzFtK0xWZGVsazIybVVqMkIvM00KAXOJuqrR29EPBNAdRnjww/61AWCzy/20\neic89mUw+B79yYxltqwnkpuTFm02Xw4lkCuAdfZY4F/eKNZXxxdWOA==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fido2-hmac1qqpf43tgcfjm048lsqskvq34w2t4uvrm5qy6m2eg6zjj82ctca8wctgpczxvj0q4y6337uhvsxdh5j86k9h9ymautpvv2759ucwnef75ez7pa7fpkddklp40mxk2tedsp74359g0kefn5rsq0x0yss6cu4yd0h06up0rp08t6yc4l0hfa9y8jn5fkx6nk0hjhz06ykwv0fyxe7z42q683jy0", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIDR5RGtKbFha\nM0w0V0M3R2phMWpVeUFraFIvcXBBbjhjR2hIMG9aTnRpUXcgQVEgd0l6SlBCVW1v\neDl5N0lHYmVrajZzVzVTYjd4WVdNVjZoZVlkUEtmVXlMdyBIdmtoczF0dmhxL1py\nS1hsc0ErckdoVVB0bE02RGdCNW5raERXT1ZJMTkzNjRGNHd2T3ZSTVYrKzZlbEll\nVTZKc2JVN1B2SzRuNkpaekhwSWJQaFZVQQplZk5SRnRBUEpOMnJtRGxSRExIWDR3\nYk4zd3NvQlpqTVlJcWVOS25YbXBJCi0tLSBlMWxYbTdXZVhYZUN1d012MkR1V3Js\nRnRmRjdYTWRCMXNUazJmd3BCaEJBCtb3jlMxVzlGz/SImF93CrR4Enjn9u/cqeTx\ncg4nXh5DIt6e6Rn4Ld3tVLraS3sH4hyLUx62+DiAEuqfENlJPB8=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fido2-hmac1qqprw0vfpc8wzsu78quc777kmee54ln6nnsjrnrhl7nr33eh4kvkksqp05qqxj4kgfzrmrugrsvg7skx6ghh3q9xc0x0agthtkvy25d9eq7eklta5wf7s30hexkuyl5546rdz9ffa5tawlp5yweqkgccntw0ny540n2am3cqw3luhxkfmrp63kwr6mwplhr9u26wll48x0n3k5f60c7hg9a3", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIHpXSmtLOFlE\nM0QzT09QTkhERmlCQ1BZZmh1U2QyZHNRczJVMms3c2hpU0EgQVEgZlFBRFNyWkNS\nRDJQaUJ3WWowTEcwaTk0Z0tiRHpQNmhkMTJZUlZHbHlEMCBtMzE5bzVQb1JmZkpy\nY0orbEs2RzBSVXA3UmZYZkRRanNnc2pHSnJjK1pLVmZOWGR4d0IwZjh1YXlkakRx\nTm5EMXR3ZjNHWGl0Ty8rcHpQbkcxRTZmZwovZTJmUTM4SFFjUWR2K2pxOGZCWEp1\ndEc5eGhCTm1HLzN1aDFXWUc3ZGZjCi0tLSBCUTdTVmhzNnpHTTlrS1RXQW8xSjEx\nSmpwajVHZTdGbjFRN2JMTnV4SkdVCkJiTU/nACK6PJNuP3oVtp8FVfYF6jNbqdIY\nM4u7bQtlUrRQW1coE+0Kww5HObSlb0zV80vA1rWTymnh0ZspAw8=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fido2-hmac1qqpyewum3q8dfcumfgec8nn958aec9f4q9aqy0k06kw5kq27d6fdqdgp0p7y4ru3n5xk90u747xevxa2af3v37e85j9g3axrmw5hdwdfh0wz22hut5vrafxsx26a7vh8fjwkymz3ramfgvvu4detztu075kmpr8l9ydqda0rnjwatdwmfgswg849p37astvld98s3nleeq575azlwc2hhpuh", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIGtMV3QxNHM4\nQzd0R3Q1R1YweEIydDllYWtuZWtMdUV4NkIrUmVmbW5aV1kgQVEgZUh4S2o1R2RE\nV0svbnErTmxodXE2bUxJK3lla2lvajB3OXVwZHJtcHU5dyBKU3I4WFJnK3BOQXl0\nZDh5NTB5ZFlteFJIM2FVTVp5cmNyRXZqL1V0c0l6L0tSb0c5ZU9jbmRXMTIwb2c1\nQjZsREgzWUxaOXBUd2pQK2NncDZuUmZkZwpuUm1HWEV2SkZmQng4cENUeC8xc0hY\nbEZTMWhLMlF4bndobWxxVVoySklVCi0tLSB6Q243Tm5zb0E4UkNyNlYxT2ZwQSt6\ncVEwTHRqUjVaTjZWWk5lUm9JdXlvCpqlNqLdWPKZxM37gryPAq//FiY5r2ESNMd0\n94VM1rRv/8/Gkf/anEsIemXO0rGnp9S7iPiaYu1fP/9ra0YNKHA=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1hlzrpqqgndcthq5m5yj9egfgyet2fzrxwa6ynjzwx2r22uy6m3hqr3rd06", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSWHBnZWkybk1LUU5LNUg3\nT3FEZkVGTUxEVG1pZ0pnMUN5NHI2SkVWdEc4CkZvbmp4N3lGYUF2M1hGaS80MWJI\ndHZTVVdsUy9XWStBWXBRdDVOMlpJS00KLS0tIFlxNmJNMisyQnlLSGxsV3JyMTdz\nWDF5eDJOVCtVbVVwc3hwZFdCM3R3WGsKPwUalLlkDyXhGxTHzHOJKeABnDFSvGlP\ntCDY6rHo+NRsetS6e9JJdDfqqyTD7JBOU5uGQr1Y8toD5b1IawqlBQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1qdxqyqqs34cksjkzeww2c942w8xgm9x6d4zct4glwqg90ghve9qq6d944c", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBrU0hPV2UwUnNuUlRoK0FX\nQUZXQ1R5TEhnblFEM05CZFdpSGFSaytpZ0NVCmt3T1R5bEtaNWlocW9DS3A4akVO\nMkdpaDdtK2hJR1JlMDNvVEhidFE5YU0KLS0tIDdGeEl2V25kSklWTE1ITnU1TVgw\ndXM5aEdaNUtTWFNPT2pPQnR5YkhndGcKemAk+fSt67i/X83E3Kl5cnXyQ9Y7m6hE\n8aqyMFk+GcjyGFEbIsXdkLlYRzCiuUn19u5DAPSn62FFHT7XAQMvUQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1sg0rvgyetdcqw7j2x983fh69kdkvqsngpe5x36e5920qa7fze3cqhj4wgx", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxbzRNQnpsYno3NmVCeWgv\nR1Z1aG5pZmR1cGVoREl5Sk82WlZBVVpNRVhJCmhzVHVJNXRXcms1Zi9wVGtYbWhH\nSWdmNzBPOHQrQ21iTzZqYWZLc1lSQUUKLS0tIEVuZFh3eFh3VlZtTlBsdlhMRlNs\namVZOU1SR3Vhd3l5V3VmWmUxSkVCMVUK8XIkDVyANviG0ucpid7c+Esv8zs7fk/d\n/tp+eMxybIuDwArnSax2w8f9354yvaAzWg+tYQzWp2gsxfUp5ScsbA==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1swlyyk2rzvevqawyeekv75nx2dz34zpe3xqhkqme26gcgeavy4dqrfpcd8", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0Z0J4TjIwc2pOUGVvQUZP\nY0F5M2ZpUTd3RkZVTFdqMFJlbnhjZTB4YjN3CkVjOEIwSHRRd2kxbEQ0d05uaVJ3\nSlB3R2Z2bW9IZzZZWTVBV1NLUlZNbkEKLS0tIHZsa2lTdmRLMFJ5NnZpM1oyaS9m\nNDN6KzJJQ3U0TmduZHRrSHRERURNTXcK6K0/Yuh21K/PEdHwkhmLLsKvht4NrYrM\n3yIM1lfhUBjS53kVy2m6ii43ZP3seI074mRknQt2pOi//zmhe7wzdg==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1vphy2sr6uw4ptsua3gh9khrm2cqyt65t46tusmt44z98qa7q6ymq6prrdl", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1RTBHSnNjNXBVa2xNWElN\nWnp1TlRLVXE2YkUrRjE5MmsvUTZ2YWpObHhRCnZvbHF4cEI4bEx5Zk04akdnbE9D\nd0l3OVE0MjM5L0lPdDl1Rkx2Unk1cE0KLS0tIEVXVVFuNjdOYVorUkhXcHRDeTRG\ncDV1Q1dud2NVUFdGeVVTR0FvcGEyMzAKeayOd1GKNTHaR9qeqvuHCe98ItYlVw/k\nV3guK9kMBQTQbuLCk4fbC3edkbykdAUexvbzcart1zLGwdxFqGolkA==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2026-03-24T10:47:15Z", + "mac": "ENC[AES256_GCM,data:M7UGBBKaR+++d6EgC8fd38DnEN9ozdONopCm2cidawWbNyUxN8w1tatSON/V6R18/x4bAnbXpU0abnq1cI/kwT3pb5xk9k4LBsS0LG9GKyPvaixME0qHnusnB8yenyyf49t7xABXgIulspxOpmzUHhEinIvqRAJQjrzUu5QctE8=,iv:zM9o/l0uDW8D1iCHtb5w5M1HxDImbBWQjjMSyRhrreI=,tag:/gyVcXYJnQmLKX0apPA7Dw==,type:str]", + "version": "3.12.1" + } +} diff --git a/vars/per-machine/hadar/root-password/password-hash/users/kurogeek b/vars/per-machine/hadar/root-password/password-hash/users/kurogeek new file mode 120000 index 0000000..970aefa --- /dev/null +++ b/vars/per-machine/hadar/root-password/password-hash/users/kurogeek @@ -0,0 +1 @@ +../../../../../../sops/users/kurogeek \ No newline at end of file diff --git a/vars/per-machine/hadar/root-password/password/groups/admins b/vars/per-machine/hadar/root-password/password/groups/admins new file mode 120000 index 0000000..6765aa1 --- /dev/null +++ b/vars/per-machine/hadar/root-password/password/groups/admins @@ -0,0 +1 @@ +../../../../../../sops/groups/admins \ No newline at end of file diff --git a/vars/per-machine/hadar/root-password/password/secret b/vars/per-machine/hadar/root-password/password/secret new file mode 100644 index 0000000..2febb71 --- /dev/null +++ b/vars/per-machine/hadar/root-password/password/secret @@ -0,0 +1,46 @@ +{ + "data": "ENC[AES256_GCM,data:3lACKbmatotYHsIO2kJyeFM+bMKzOUMjtN/Iyqc2iZZ8hi15xOFr0mK0NQ==,iv:6K6bZfoAIEdACrvddIcISGjVnd3Hm86YuCwyhp0kAH0=,tag:DfUDAgiAcz4iBxXrYeNzIw==,type:str]", + "sops": { + "age": [ + { + "recipient": "age134vt63pjqpd0m7702fyn8vhdlzyj2deqc2q78sp9uw9052kxsgwq6d25ez", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHUmJieWt5Mi9scVlkc1pM\naG9lK3czOW1HYVZEQ1NmWGlhbitubkdUSlhNCjBhWEVJbHpBSTdpY01kM28yWDJm\nK0JoTVYwVE84ejZPMzIydHJEajFQdkUKLS0tIFJYVWRoQ2tGa1RTSEt2RGlnN2hS\nS1VXMXB3TnhCN1RuRE9ia0thU1dsTFUKULc35uBvpiBHDZ1f9VUSLuunnrizcE8R\n2X4T4lBG87oecLZTbZsjk2yUlHd8jPykpsgZBsEMO3jtgC/U+/Lydg==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age17d4qt0n9edq57tgcqyk8eu5mrendl59yt6z2y3a4vkq7el8krqtq6lq28g", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBISy9jN3dhbzZkVTFkNm5x\nWHFORFdjbk4yemRCTjJCaXMvd3FDMGZ6bG5BCnBRRXJqVnhsZUVobVkxVmRkMVda\nQjZuZGI2eWR1T2NKUVNTclFDVDRkaVEKLS0tIGN3UlkrQVZRb0QvVkF0M0tUbGcx\nNFJPa01SSHNFQm5PWjFtOU93L28rSW8KZk1xppp2AykHAMHrQgO7Utu9XORYwcQr\nASSUKVMi+T1qLommIIbhUjPQGBWZgPKfp0kHMqTYHxWISbqE7JGMyw==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fido2-hmac1qqpf43tgcfjm048lsqskvq34w2t4uvrm5qy6m2eg6zjj82ctca8wctgpczxvj0q4y6337uhvsxdh5j86k9h9ymautpvv2759ucwnef75ez7pa7fpkddklp40mxk2tedsp74359g0kefn5rsq0x0yss6cu4yd0h06up0rp08t6yc4l0hfa9y8jn5fkx6nk0hjhz06ykwv0fyxe7z42q683jy0", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIE04WDN3VHZH\na1UyTEtuOWxFMTdjdUVZc25ORURwQkw0cEpJM2NJYVNnaFUgQVEgd0l6SlBCVW1v\neDl5N0lHYmVrajZzVzVTYjd4WVdNVjZoZVlkUEtmVXlMdyBIdmtoczF0dmhxL1py\nS1hsc0ErckdoVVB0bE02RGdCNW5raERXT1ZJMTkzNjRGNHd2T3ZSTVYrKzZlbEll\nVTZKc2JVN1B2SzRuNkpaekhwSWJQaFZVQQozNTA0dk5KeFY3VmQ0akwzbjg5NW5w\nV1l4djdYWUNJOVo4S1ZmZ3BuU0prCi0tLSB3cHo0RkhrLzRVbDFkRnpSZzdnaWFV\nY3ZNMXlTZFlaZ0ZodjlrUmlJamh3CqhoIT8UdT3leXFrjE03suhIb80AjZm8O57a\nQ7tAlcnK7syO35Svkcm6zmyRZ7GIU662Y9+SkhoPNdrl9H/u6uY=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fido2-hmac1qqprw0vfpc8wzsu78quc777kmee54ln6nnsjrnrhl7nr33eh4kvkksqp05qqxj4kgfzrmrugrsvg7skx6ghh3q9xc0x0agthtkvy25d9eq7eklta5wf7s30hexkuyl5546rdz9ffa5tawlp5yweqkgccntw0ny540n2am3cqw3luhxkfmrp63kwr6mwplhr9u26wll48x0n3k5f60c7hg9a3", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIDRGNitGaXov\nME4rajZOM0VtWHRwU2NqeWlvSUM3ZzhKQkZvVVlXRlZ3eTQgQVEgZlFBRFNyWkNS\nRDJQaUJ3WWowTEcwaTk0Z0tiRHpQNmhkMTJZUlZHbHlEMCBtMzE5bzVQb1JmZkpy\nY0orbEs2RzBSVXA3UmZYZkRRanNnc2pHSnJjK1pLVmZOWGR4d0IwZjh1YXlkakRx\nTm5EMXR3ZjNHWGl0Ty8rcHpQbkcxRTZmZwp6QzRDc0J4Z2R6YWR1TmtaUHBOOTZ0\nODlUV0l3YkdWM25EQk9iZXBmbS9zCi0tLSBLYTlwK1FUYnVJYUt6QjlTcGVDTWM2\nV1NhanRyZWp0SVo1N3F4UmFDRzBNCsUGuxqDgWj3IxK+/mOJWKqrKPZ9a/R7yzhx\noaqTRipG/XgFM+x+leMltDpTU+U9ynXrXoSljf7cb4irmkqbPB8=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fido2-hmac1qqpyewum3q8dfcumfgec8nn958aec9f4q9aqy0k06kw5kq27d6fdqdgp0p7y4ru3n5xk90u747xevxa2af3v37e85j9g3axrmw5hdwdfh0wz22hut5vrafxsx26a7vh8fjwkymz3ramfgvvu4detztu075kmpr8l9ydqda0rnjwatdwmfgswg849p37astvld98s3nleeq575azlwc2hhpuh", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIHBwS3lnamhw\nMmFQeTRIRHlIdEwyT2plSTVzL3N5WDkvOTRVSi94c1lNMkkgQVEgZUh4S2o1R2RE\nV0svbnErTmxodXE2bUxJK3lla2lvajB3OXVwZHJtcHU5dyBKU3I4WFJnK3BOQXl0\nZDh5NTB5ZFlteFJIM2FVTVp5cmNyRXZqL1V0c0l6L0tSb0c5ZU9jbmRXMTIwb2c1\nQjZsREgzWUxaOXBUd2pQK2NncDZuUmZkZwpHQkZGN2ZEdHFOUEYyeHVEZXkzUjk5\ncTVXcFZqSmhrdERwZWpiR0Rmem9VCi0tLSBwQVNkNXpXdEt6bjBPZUxZZis3V0Z4\nZkMzczhmVkxPdkpGTzcwSy9IeVNzCgL+fwuqhFOv0kUJ1NVh8doShu+gOjoPBOci\nt8RMpTwEYBoEHqo3MwyopvZcVjZrXOqvRiwa1tc6CbXShMBqkiQ=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1hlzrpqqgndcthq5m5yj9egfgyet2fzrxwa6ynjzwx2r22uy6m3hqr3rd06", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBuT2JxaC9uVHhxMlhNcVFS\nSTRjWWhRTHNqYlpWakZXU1F5Q2ZKY2N2a0NrCkV0SGU5aHhOUmp5MTNtb2RLU1Bj\nK1lvaFpwckR3Tjc2TTdiYzNRQXhCMXMKLS0tIGJYa3BwdEV5SWJSNDFRZU9qN3ky\nNnNnSm1sWFhSY3lSby8rOFphdXhCR0kKIaToQYj4RZw0Ks2m99oifWKcqO1pYb85\nyXHyT3o3cV0+5AN8fnNJw7Tch3tNPfOz1VUsxMcygfOE/qGkM437SA==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1sg0rvgyetdcqw7j2x983fh69kdkvqsngpe5x36e5920qa7fze3cqhj4wgx", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBySWo1TDA1NHU2WkFHYU5w\nNHJQRVZ5VitTQXdnVEh3d20zSzlXdlVac2xrCjVLUm4vSnVDdGhwVnlEaHBNTHgw\nS2JGUGlUYVRxWFU4NnhYMFJqWlpIbnMKLS0tIC9VYTJKNFdDU1FUYnpIY3I3bkdY\nSTBmODdkeU5mRHBMcmY5Q1RNMFV5Wm8KxHqJFjw5c5Nkm5khdGX2jthrXwzjkLAd\n8BNEaRZDI7PV/D0pOnhz0xbAucoTkfIOm0CCszFNVZ1etVtnQAoi2Q==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1swlyyk2rzvevqawyeekv75nx2dz34zpe3xqhkqme26gcgeavy4dqrfpcd8", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBaNGM1QzlDWEJVdGFCV3hi\nRXZOa2tNcUZlR1BhMHIyMC9lb09tT2R6N0JJCmdkdGxwK3FvWmo4K1FuNHNIaHpn\nVlBuTU9yczlydmRTTU13NFF2NktIUGcKLS0tIHNYdEsyWU9ycFFNbk0weXo3eUla\nOHkrOFhGN0tldmhmaEdrcEJ1RWYvNFkKAry/TN4wQQYzOl0jvoS4VBsN6FPqdfto\nSaS7LGOCK8wJw+15JSudHr+Vbw2ovQk61SiaB0vC3whjCBXhr+SHwg==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1vphy2sr6uw4ptsua3gh9khrm2cqyt65t46tusmt44z98qa7q6ymq6prrdl", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWUXpuYlZUR1dzNnByWWZG\nZ0VqQWJ2MGRTNDRVTFlsK21qM1c4VW9xNUVVCjUrV3JPaG1WWDVaZ0pveEo2MHh2\naWI3R1dGdVJRaUhZODBnaXIzWDBobjgKLS0tIERPcU1YSE9EN0VWa1k5R0VPbzZp\nQ1l2M2pVaHJHUmJXRS9aVzhaVXp2c1UKTYo6ZIf+vOetOK13ob3cCwgkxsYx509c\nY7Mipvuu1qQG2ao38PamsvzWi1ezo02gRJb/P4I8q5pdRGwYEeDPEA==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2026-03-24T10:47:14Z", + "mac": "ENC[AES256_GCM,data:xP73BKtlWvG2w1ZRtSUqP04SHYYSuI3QKI/L+d7F0PvqtsHGhHNOJNNZyF/ZJUhFzG+9d3McGddEDYdXztzMyLkeVhgg4EnarGMiRaNTpToqV0okVK6pVNt3FcNLVpufTwKgzqU47xQH42zfm5v76jgisd8pY3cMF9USWbhWXtw=,iv:G8Rq6XXn4tufQsgi7X50eD7Kbe57yz6ksz1dUxyqMfk=,tag:uz9zRBRKk/fzysoKN68vyQ==,type:str]", + "version": "3.12.1" + } +} diff --git a/vars/per-machine/hadar/root-password/password/users/kurogeek b/vars/per-machine/hadar/root-password/password/users/kurogeek new file mode 120000 index 0000000..970aefa --- /dev/null +++ b/vars/per-machine/hadar/root-password/password/users/kurogeek @@ -0,0 +1 @@ +../../../../../../sops/users/kurogeek \ No newline at end of file diff --git a/vars/per-machine/hadar/state-version/version/value b/vars/per-machine/hadar/state-version/version/value new file mode 100644 index 0000000..115ab7a --- /dev/null +++ b/vars/per-machine/hadar/state-version/version/value @@ -0,0 +1 @@ +25.11 \ No newline at end of file diff --git a/vars/per-machine/hadar/tor_tor/hostname/groups/admins b/vars/per-machine/hadar/tor_tor/hostname/groups/admins new file mode 120000 index 0000000..6765aa1 --- /dev/null +++ b/vars/per-machine/hadar/tor_tor/hostname/groups/admins @@ -0,0 +1 @@ +../../../../../../sops/groups/admins \ No newline at end of file diff --git a/vars/per-machine/hadar/tor_tor/hostname/machines/hadar b/vars/per-machine/hadar/tor_tor/hostname/machines/hadar new file mode 120000 index 0000000..f12fe93 --- /dev/null +++ b/vars/per-machine/hadar/tor_tor/hostname/machines/hadar @@ -0,0 +1 @@ +../../../../../../sops/machines/hadar \ No newline at end of file diff --git a/vars/per-machine/hadar/tor_tor/hostname/secret b/vars/per-machine/hadar/tor_tor/hostname/secret new file mode 100644 index 0000000..1b729bb --- /dev/null +++ b/vars/per-machine/hadar/tor_tor/hostname/secret @@ -0,0 +1,50 @@ +{ + "data": "ENC[AES256_GCM,data:YlNPwpY/XdDkQbml5jsf4eVpG0kkPRkT/Gn8YA0BvMWuUWcfUIq49yWKX8C2W6f7NWXvBQ51hOO5WmeH1KJC,iv:EcVFz0dVtRasMzLacZwtBlZyN/sIZnU6rhTQIb0A7Qw=,tag:N42P/oXuLM7hqFpGdHZxtA==,type:str]", + "sops": { + "age": [ + { + "recipient": "age134vt63pjqpd0m7702fyn8vhdlzyj2deqc2q78sp9uw9052kxsgwq6d25ez", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVMHR2L1JabVhIZTkzWVdL\nMnVDbUlybk93enRjUXFtZzM1NE5wY1ZqSzMwCitNdFovVUp4c1hlbWVBOW5GQmlq\nUWt2ZzJQZFNhWHZiemEwcDIvVWs5L2sKLS0tIEx5YXhsMFVpMGFkSUs0Q3RoOFYz\nUldrVFdCek1rTWxXVk54d1BkMHFnRHMKZetcFchkYL3led5Es72JItzKqoLzVKZh\nFbw4k8OdaKxs3nD84OexMUam/8wzOTYEFIEMoCMQYD46VWghDhAPHA==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age17d4qt0n9edq57tgcqyk8eu5mrendl59yt6z2y3a4vkq7el8krqtq6lq28g", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBUWVNSeXJyampwbzRYWmdQ\nTVFIajlsYlF3VUNYMStkQ1RRSGdOdUE0Y3d3Cms0VFlpS3VMYXEwWlpueXRiTU83\nOW54R0ZXTkllSGI0aHYrTUROb1pNQUUKLS0tIGllaStuejVBTkxwcHkwUzIrbjFJ\nNlFmTlJZVm5JVFhrV3VHYXFtaG0rcTgKy1/H73yEirKKy/W2IxhfbddpWAJWCdyh\nMPyTVItSd6NVp7fHJVaW4JY+CxlH0OgizQl4Bd+igogYojNHwCyvVw==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fido2-hmac1qqpf43tgcfjm048lsqskvq34w2t4uvrm5qy6m2eg6zjj82ctca8wctgpczxvj0q4y6337uhvsxdh5j86k9h9ymautpvv2759ucwnef75ez7pa7fpkddklp40mxk2tedsp74359g0kefn5rsq0x0yss6cu4yd0h06up0rp08t6yc4l0hfa9y8jn5fkx6nk0hjhz06ykwv0fyxe7z42q683jy0", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIE5BdXhqOUpT\nUXlsc2RTTUFLdFJDVDJzenk4MXZCQVJyYTNETHVhaHlYVm8gQVEgd0l6SlBCVW1v\neDl5N0lHYmVrajZzVzVTYjd4WVdNVjZoZVlkUEtmVXlMdyBIdmtoczF0dmhxL1py\nS1hsc0ErckdoVVB0bE02RGdCNW5raERXT1ZJMTkzNjRGNHd2T3ZSTVYrKzZlbEll\nVTZKc2JVN1B2SzRuNkpaekhwSWJQaFZVQQpaczgyUHNUejBlZitEbzJLZ3pHZWp6\nbnpRM1F4bmVQcWpEbWgvcGpscCtrCi0tLSBZd1FZOGtFR001UVZqS0VXOG1tL2RE\nR0MrYy83SlBXbWlWSytnUEhzK01FCmb7kWRqxBnJXDx5DIJ4B4gV3a1xrDRWA0BE\nfiEpwoW+rotiPyfWH9r4E0gHgAY5Got89dbucBjPZat+yvgok0U=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fido2-hmac1qqprw0vfpc8wzsu78quc777kmee54ln6nnsjrnrhl7nr33eh4kvkksqp05qqxj4kgfzrmrugrsvg7skx6ghh3q9xc0x0agthtkvy25d9eq7eklta5wf7s30hexkuyl5546rdz9ffa5tawlp5yweqkgccntw0ny540n2am3cqw3luhxkfmrp63kwr6mwplhr9u26wll48x0n3k5f60c7hg9a3", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIFBoTDgzVmJs\nYjJOVSt5UDJsUFF2K3FNb1lKVU1MMEIyTEFkN0w3YjVXMjAgQVEgZlFBRFNyWkNS\nRDJQaUJ3WWowTEcwaTk0Z0tiRHpQNmhkMTJZUlZHbHlEMCBtMzE5bzVQb1JmZkpy\nY0orbEs2RzBSVXA3UmZYZkRRanNnc2pHSnJjK1pLVmZOWGR4d0IwZjh1YXlkakRx\nTm5EMXR3ZjNHWGl0Ty8rcHpQbkcxRTZmZwpYT3FzWlFPR2FZYnRBeC8xZXhLb2ht\nTy9iVmFRMitlVmNYelJNR084NWRRCi0tLSBmTHY3TFdrN056MmxsVzN2MjdPRFBR\nR2hETGJML3RuTFI3b1pmOUhDQzNBCmNCt6CBLY0x0LlG75QY9CMFDm7+zyrZoKCH\nBfp1h06JMbmFEpG0vD8+9eX/fx9Tc3DEThDYB41dzOWFv7LU6og=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fido2-hmac1qqpyewum3q8dfcumfgec8nn958aec9f4q9aqy0k06kw5kq27d6fdqdgp0p7y4ru3n5xk90u747xevxa2af3v37e85j9g3axrmw5hdwdfh0wz22hut5vrafxsx26a7vh8fjwkymz3ramfgvvu4detztu075kmpr8l9ydqda0rnjwatdwmfgswg849p37astvld98s3nleeq575azlwc2hhpuh", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIDdSMlBERUU0\nVU4wWmZPa0hRUXJvS21NUk5xcXdJVGV4SzBLZWx5dnRGaUkgQVEgZUh4S2o1R2RE\nV0svbnErTmxodXE2bUxJK3lla2lvajB3OXVwZHJtcHU5dyBKU3I4WFJnK3BOQXl0\nZDh5NTB5ZFlteFJIM2FVTVp5cmNyRXZqL1V0c0l6L0tSb0c5ZU9jbmRXMTIwb2c1\nQjZsREgzWUxaOXBUd2pQK2NncDZuUmZkZwp3UzNxZ2R1ZVRNOTNxR3pNdmtZTXRm\nS25RQThaZW5qdEVGUmNkbGFVd3kwCi0tLSBlRjNmak9KY3lzeFBEcEZVRC9PTUhi\nYkdIcDUwV2hNZ0piU0lSbHdOK25jChlix4sLZrbdk4MLJzHWfC3D78DGRNZuWgRz\n+6gt8lVrTbYdiJP3OH9WoCEiuqHjzj/cO8IiG6mQuXcmJkSzDkM=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1hlzrpqqgndcthq5m5yj9egfgyet2fzrxwa6ynjzwx2r22uy6m3hqr3rd06", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRcGYvQnNwRWhOWmcySTBK\nTjRIb00ycGJqLzFSaXlTaHF3cEdKb005dGgwCkJKUC9sR3pnSHJxYjc4ZjRCckxZ\neEd3YUhZT2RFbG5Db3dLOEZTTFJpTzQKLS0tIEFFc0lkUTV2cnpYM3J6b2tpRWlk\nZ01TeTBXRWVycThGQ0xkNDBHVG5JaFEK+QJqKc5KlRjSa+7NvgKuJjbAjiRLf/JS\nxNKQ6XQGnAEp0J7xjnUS52tC5b3IiU8yRT2biRxXVnLwk+dnOQg3rQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1qdxqyqqs34cksjkzeww2c942w8xgm9x6d4zct4glwqg90ghve9qq6d944c", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtc0dOQU1iYXFwa0MvS0hx\nbmRCTWZteHI4bEc1YmZ0Q29RY0JqU0I2cXdBCmU4eFQvUWZScFYwMG5NelVaMDU1\nQWJ1QkhOT0xYVGNrVUpvdUlBOW4xbVUKLS0tIHNvMjZwb0VwaWRQd1ZCVjVib084\nVG8wa3VJVi9HcUhoZjVteC96eUNjRTQKBuKsdMd+HpwlWjMPbhuBgfxg1lXyyh2o\nmYm+Zkpm/BMQNL4FrwhZpyomaMLSPoym+FK5v9u0jHASAcNJ3k4nEQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1sg0rvgyetdcqw7j2x983fh69kdkvqsngpe5x36e5920qa7fze3cqhj4wgx", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvRGE0UVU1T3h4Yk1PZW9O\nMk5xUVVXQVc2Yzc4RXduM2J3T3FqZCsyNFRrCmtZQWw5RjI3dmpkRWNBOXJnRTdI\nek9NKy9od2NLb2VyYW9ZMkJKNUk2cjgKLS0tIDJtUjYzN2VwZ1JhVkJBQW56Zktq\nSFArVEd1SThmd0JINmRtODlEdkwwb2cK0XQPVur2bztgI4nEklH3yYIFjPINqo67\nIfMN73sU5LH1w9Q8lyaUmSTtRi1yqpzqW70ujTtuoET/Lx+nCVoD3w==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1swlyyk2rzvevqawyeekv75nx2dz34zpe3xqhkqme26gcgeavy4dqrfpcd8", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtbWduWVBRQTVNRFhIOUtC\nUDE3VnAzTEpYcWtsdUV0KzQ2VWRxUjZOdVFVCi9yaFVHM0NnU3lPRFI5ak1sVGJh\nWWVCUk5FOWhvTUxkRHc3aisvMUF6djAKLS0tIHhWS0d5aDlHeFM4YkVjM1kyVlJW\nOXppemw1TEFraUJvNlRucDhsVVBERUEKpBsciEMvR+jX7NzQ9Fl9F20co+h+Ngkm\n0ia4McKMLY8r5XPImzmrKXDvRA2tQwYKYhYx4VcOAr/PrFiW+vLuSQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1vphy2sr6uw4ptsua3gh9khrm2cqyt65t46tusmt44z98qa7q6ymq6prrdl", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvRmFIR1dxYnV5RVRQbFRG\nWlUrbkdFVVJkSm1EbHY4TlNiM2RkNmJlNGl3CmdMWnMzR21PRHlpYXVGQWdraXFa\nSVFITGNlRUQ3ZGRPdTc1Sm1MaEQ3bjAKLS0tIG0xeE8waXV3TFkxV2RBZytjeVhs\nV1p0VThMcEVOQzhYRXFIS2ZLdEtDQU0KmLxUgIfGXKnqhqMiWX7wA13AbFl6/AGI\nJ28M8tXL6nK9lOlb1+qlWNlgm7BZxFvh8qZhVk+JIchGhHShNsZBZA==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2026-03-24T10:47:19Z", + "mac": "ENC[AES256_GCM,data:g/Bgjm85/uqlMoprXftdZa22BEcmpE3f332aGJOmrYdd97ZSlq7F3Mztz3k+Sk+VYzW27bB4E1L2kbcq1FzqcAPqXJWE5dn3Z6+ZGj415UkZGGzr90ThCOkupOgoGJqOfiGeOIVT8bP/AMm+edH6rZ4+4yioOq75BifAuq5++Nk=,iv:bsPV7JTVrZZgsEpXfoJ4tF+Nvuivh9vMWarqMtvOOnQ=,tag:vOob8n6yCVjg/Iq9FLC3WA==,type:str]", + "version": "3.12.1" + } +} diff --git a/vars/per-machine/hadar/tor_tor/hostname/users/kurogeek b/vars/per-machine/hadar/tor_tor/hostname/users/kurogeek new file mode 120000 index 0000000..970aefa --- /dev/null +++ b/vars/per-machine/hadar/tor_tor/hostname/users/kurogeek @@ -0,0 +1 @@ +../../../../../../sops/users/kurogeek \ No newline at end of file diff --git a/vars/per-machine/hadar/tor_tor/hs_ed25519_secret_key/groups/admins b/vars/per-machine/hadar/tor_tor/hs_ed25519_secret_key/groups/admins new file mode 120000 index 0000000..6765aa1 --- /dev/null +++ b/vars/per-machine/hadar/tor_tor/hs_ed25519_secret_key/groups/admins @@ -0,0 +1 @@ +../../../../../../sops/groups/admins \ No newline at end of file diff --git a/vars/per-machine/hadar/tor_tor/hs_ed25519_secret_key/machines/hadar b/vars/per-machine/hadar/tor_tor/hs_ed25519_secret_key/machines/hadar new file mode 120000 index 0000000..f12fe93 --- /dev/null +++ b/vars/per-machine/hadar/tor_tor/hs_ed25519_secret_key/machines/hadar @@ -0,0 +1 @@ +../../../../../../sops/machines/hadar \ No newline at end of file diff --git a/vars/per-machine/hadar/tor_tor/hs_ed25519_secret_key/secret b/vars/per-machine/hadar/tor_tor/hs_ed25519_secret_key/secret new file mode 100644 index 0000000..38c7bb4 --- /dev/null +++ b/vars/per-machine/hadar/tor_tor/hs_ed25519_secret_key/secret @@ -0,0 +1,50 @@ +{ + "data": "ENC[AES256_GCM,data:a+jkPA+1jd30AyWfQiWvqCF3EMs3iBOmfd58YWKFAV299MrgPNUmRQfC5BC8mUCn7i0MIbim8fZ2osMn7R5W037pQqC5/ye9AY/dDUh1okHT6EE1lVwaWWnUBQ32EbGd,iv:4P5rZAyvoRE+LomyWgw0/vjR1yWMr/oc5+zH3A/eqys=,tag:4E+t1QeOUttd4BKwfiX7eQ==,type:str]", + "sops": { + "age": [ + { + "recipient": "age134vt63pjqpd0m7702fyn8vhdlzyj2deqc2q78sp9uw9052kxsgwq6d25ez", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3RlJEaVZjcnhmc2RvVzJL\naDI3ZzNldUFSbk1mTlVNclVnSEdoVStFV1JvCkdaakZTeEJZc0FvM21qMHU0cy9n\nT1FrRjVDUkVCZHFra25OWG1aTlVpYXcKLS0tIEFQTFBQcGY3QWR4Z2ZFNXRLdjRM\nM29xWnA5K3Rob3c0aUhndkVBRHFseEkKY2JrA9E5ZGCXaOrf2+eUrDl5QH7Tzpau\no2wuiifqfTI3twP0yGAqMScuca8CC1UY/4qo/RbCfPXAJmy2BJI6PQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age17d4qt0n9edq57tgcqyk8eu5mrendl59yt6z2y3a4vkq7el8krqtq6lq28g", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYRUkwSEE3bjREN0FlOFky\nMEhvK2QrVnpGb0ZwaDBGY0VIZU5kYXhvU3dNCjBETGplRXNsWFZla3R6amFmbzBZ\nVUwyL09rdUlZMzF5RUZmS0lFMkdPbE0KLS0tIFJxQytDb09GSkJTeXRHQXBVNHgy\nWmVEVTExQUhGWFJWT0p2c3pPZW5uWm8K1PfoTo9DNRMxFpsTf8s8OhZA6Ls481bR\n5OuLPqzzUtyaavyk0NjKCHeaxsb0osAFW+JlTCmIq3w8TLGjUAJzqg==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fido2-hmac1qqpf43tgcfjm048lsqskvq34w2t4uvrm5qy6m2eg6zjj82ctca8wctgpczxvj0q4y6337uhvsxdh5j86k9h9ymautpvv2759ucwnef75ez7pa7fpkddklp40mxk2tedsp74359g0kefn5rsq0x0yss6cu4yd0h06up0rp08t6yc4l0hfa9y8jn5fkx6nk0hjhz06ykwv0fyxe7z42q683jy0", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIFhqRGdYaGFS\nSENmNDMwTlM2WWJWZnE3MUpqdG1IbmtNT2JTS0RVVjRvbHcgQVEgd0l6SlBCVW1v\neDl5N0lHYmVrajZzVzVTYjd4WVdNVjZoZVlkUEtmVXlMdyBIdmtoczF0dmhxL1py\nS1hsc0ErckdoVVB0bE02RGdCNW5raERXT1ZJMTkzNjRGNHd2T3ZSTVYrKzZlbEll\nVTZKc2JVN1B2SzRuNkpaekhwSWJQaFZVQQpTK2pjRFMwVGxOWkRjWEpPcDdET0Y3\ncUtsSW10cnR6czZzTEN6aWNSOXdBCi0tLSBQQUpVRUd6bXZFZGIxZ1ZhUkxPSy8x\nU0FrVFdmUUFQSXplMDFTYit3TG53Cmmv1VGnFlaafoGI+K03inG8W/Uik6JWlHEr\nSNA0EbhwyWkO6+EPUaL/IxOB9NAy+949UaIWMkQ4DYON1dd75WQ=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fido2-hmac1qqprw0vfpc8wzsu78quc777kmee54ln6nnsjrnrhl7nr33eh4kvkksqp05qqxj4kgfzrmrugrsvg7skx6ghh3q9xc0x0agthtkvy25d9eq7eklta5wf7s30hexkuyl5546rdz9ffa5tawlp5yweqkgccntw0ny540n2am3cqw3luhxkfmrp63kwr6mwplhr9u26wll48x0n3k5f60c7hg9a3", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIGlRY1djTUdX\nYWlNbGUzdEJ3NFNtUGprakRCNXpiYk9tMG0xSmo4ZHgyQzggQVEgZlFBRFNyWkNS\nRDJQaUJ3WWowTEcwaTk0Z0tiRHpQNmhkMTJZUlZHbHlEMCBtMzE5bzVQb1JmZkpy\nY0orbEs2RzBSVXA3UmZYZkRRanNnc2pHSnJjK1pLVmZOWGR4d0IwZjh1YXlkakRx\nTm5EMXR3ZjNHWGl0Ty8rcHpQbkcxRTZmZwpScFB3UGVDbzZrRVFBVjA4SU8zeTlr\nMUcvVDR1V3N3Zmg5Q3hxRDA1ZFVVCi0tLSB0ZE9ydlJDNWdaL1A4MHgzRnAyV1VH\nWktaOEZWWHZ6ZjRJUjVyWnUyUExNCsSSyJAiALTLR0SHAMMlkMUtbNMWbi3eHvWN\noHlqUmGJE8swva3y8Ku/IOHB9igTzohiYhTTkSmwOIoOmFOORZY=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fido2-hmac1qqpyewum3q8dfcumfgec8nn958aec9f4q9aqy0k06kw5kq27d6fdqdgp0p7y4ru3n5xk90u747xevxa2af3v37e85j9g3axrmw5hdwdfh0wz22hut5vrafxsx26a7vh8fjwkymz3ramfgvvu4detztu075kmpr8l9ydqda0rnjwatdwmfgswg849p37astvld98s3nleeq575azlwc2hhpuh", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIEp0cE9NZEtn\nZW42VXhnSU5wcmRlTVU0elY4dWVaaWxLNWwwaUF4eXVReFUgQVEgZUh4S2o1R2RE\nV0svbnErTmxodXE2bUxJK3lla2lvajB3OXVwZHJtcHU5dyBKU3I4WFJnK3BOQXl0\nZDh5NTB5ZFlteFJIM2FVTVp5cmNyRXZqL1V0c0l6L0tSb0c5ZU9jbmRXMTIwb2c1\nQjZsREgzWUxaOXBUd2pQK2NncDZuUmZkZwp4K01jbVhRbkhObFlCRVB4MlEweFdF\ncDA5QmJ2Vjg3dnZHMHJMcWhXczlvCi0tLSA5Z09CaFBwU1pPdjB4d0pMcWZZOEZG\nc1RZdllNaVVqdy8zZkQvMitmVlA4CupAP6VbrQu68BDbl0H8T4IQOk8Pa/WcpGEO\n+t+F+nB+xuuGGONSdNhAlSPhEuxltJRQPaxZyD/bxyo6CdFXZHE=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1hlzrpqqgndcthq5m5yj9egfgyet2fzrxwa6ynjzwx2r22uy6m3hqr3rd06", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2YjkyMnc5a3R5UFdQekdS\nRzdjd0V1b1R5M2kwaFZoMncrbjdpUnRGRkZvClJybWlMb1FIdlRXZy9UOEYrTzRY\ndU1KV2FRd3NhcHE3eFdxZkpHWDh5c3cKLS0tIDVrRnZ3MjFScUZjRjdaaWlJOGVW\nd0g4Q3hVMjlsSjlUK2RuM3Rib2xLM28KDfAiOZJ2sxgifna6RQpWK24YpW4J3d+x\nV0zv00ObD+19GrjrXqf5OvuItVH7NWEXAbTlL+ObsOrwoQM+gooqMQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1qdxqyqqs34cksjkzeww2c942w8xgm9x6d4zct4glwqg90ghve9qq6d944c", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAyZXhQTHpQZjEwVlkyRGlk\nM0xvWURxTmQvUThhMGpkc2tTUy9rR3BwUVFFCmFyKzNOM0hGSkQwOE5DUUk2SWh5\na1dxNWhyeU44NkJtVWV5QVRheVBIZDAKLS0tIGMzVjFqeElwMEFqQjAvVXcreDNz\nSlZPcFFreHZBNHdoQVptWWNGVS9aYmsKeZwaF2lxHYKSDY9vSikFVtnqmyATCCUd\nJ+G9OwRnKDjqgb9T/HNbWAo3lF7uOp0d/iDAe9W/b73Lkf9vIKcFmQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1sg0rvgyetdcqw7j2x983fh69kdkvqsngpe5x36e5920qa7fze3cqhj4wgx", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSByNEFFdEJoZ1NLazdCenh3\nOW85eFBRWFREWmVZSlZZaSt0M2ZtWUh4aXlFCi8zSGJYQVptdFo4OE93ZmVCMHN0\nTERnM2w4aFNnemRvamVlK1BsN1pWWFUKLS0tIGQ4aFVqa01oMGxPdFBUVnl3R2Fp\nam9LT08yS1YvVE5SWjRxNU5paWJ1TzQKupKuCBwW9Hy2ysuvdmFaA+T9vgoR+z1F\nZGIQZMOUaWlkKlsauBAV1rtDmG8JBRSC6uxqqQnLAaC7iv897r+OqA==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1swlyyk2rzvevqawyeekv75nx2dz34zpe3xqhkqme26gcgeavy4dqrfpcd8", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBqcUJpZnVKb3lPcWFmTmxQ\nWW1uSEdMeEdjcjZaSlpIRWVjVVRveElFT0hRCnZBa0N5RFpiWEhNOUwrYmdEditt\naHN5TmdMejFGVlBRMTArTkdQcVpkc1UKLS0tIHdCNzBKQy8waFFFRUJSQVlla2JL\nY1BPbC81ZTBTRDZNL25haHVQc3JrMEEKxT1t8m2UTp1M5uatA+5GDHVvUxoZTuOD\nItIGMYbNUaaMF7OX6CgLt5HQUZQNFIU3qdztbHtsp9zxdu5MDx3q6A==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1vphy2sr6uw4ptsua3gh9khrm2cqyt65t46tusmt44z98qa7q6ymq6prrdl", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBscEdycjJsYkhoM3g2bzlz\nQUFCM2Nlb0d4Z0hYQ2ErR3l1c05ZeXZSTnlrClZqU2lHaDZPTEExYmdwbGV6M2s4\nTm5IMUlycldJei9tMGw0Q3dIeEJXMFEKLS0tIFZDWjhtK3M3bU1LYU9DRU05ODFU\nMzdnczVNRGVvV1hhc3Y4T00rS0h4Y28KvnLngdQbc49AyLld4zF384ELNi3vL5qi\nqDL1LaEXkJT/WGoxsWBnU95ORAITZ5di7FXjuPShAEYIwVPh3ycBRw==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2026-03-24T10:47:20Z", + "mac": "ENC[AES256_GCM,data:BxwYSp7bd9o3m9rP78sZU4ZA+4KYOWxiZKoh2BvmXrlYWvdURipMrbQbciR50vJU7bDJNcgfkvofXn7y2drFqZx0YaGLtacNc01tXbqswshipA4InKjiwp81Y18ouS3+YbLgUpve1afytuTqOu9vzZrfugK5KlUHp0oqfNCEK50=,iv:zwmCiVv6N118hoeHoeR4Eusx8cgqw781k4xZrF+Jv8M=,tag:lN7UimcZT3k165AXmGZkCg==,type:str]", + "version": "3.12.1" + } +} diff --git a/vars/per-machine/hadar/tor_tor/hs_ed25519_secret_key/users/kurogeek b/vars/per-machine/hadar/tor_tor/hs_ed25519_secret_key/users/kurogeek new file mode 120000 index 0000000..970aefa --- /dev/null +++ b/vars/per-machine/hadar/tor_tor/hs_ed25519_secret_key/users/kurogeek @@ -0,0 +1 @@ +../../../../../../sops/users/kurogeek \ No newline at end of file diff --git a/vars/per-machine/hadar/yggdrasil/address/value b/vars/per-machine/hadar/yggdrasil/address/value new file mode 100644 index 0000000..953a228 --- /dev/null +++ b/vars/per-machine/hadar/yggdrasil/address/value @@ -0,0 +1 @@ +202:bd23:d6d6:ef36:f38f:3a3:7193:75b0 \ No newline at end of file diff --git a/vars/per-machine/hadar/yggdrasil/privateKey/groups/admins b/vars/per-machine/hadar/yggdrasil/privateKey/groups/admins new file mode 120000 index 0000000..6765aa1 --- /dev/null +++ b/vars/per-machine/hadar/yggdrasil/privateKey/groups/admins @@ -0,0 +1 @@ +../../../../../../sops/groups/admins \ No newline at end of file diff --git a/vars/per-machine/hadar/yggdrasil/privateKey/machines/hadar b/vars/per-machine/hadar/yggdrasil/privateKey/machines/hadar new file mode 120000 index 0000000..f12fe93 --- /dev/null +++ b/vars/per-machine/hadar/yggdrasil/privateKey/machines/hadar @@ -0,0 +1 @@ +../../../../../../sops/machines/hadar \ No newline at end of file diff --git a/vars/per-machine/hadar/yggdrasil/privateKey/secret b/vars/per-machine/hadar/yggdrasil/privateKey/secret new file mode 100644 index 0000000..d9d5cc5 --- /dev/null +++ b/vars/per-machine/hadar/yggdrasil/privateKey/secret @@ -0,0 +1,50 @@ +{ + "data": "ENC[AES256_GCM,data:ZfJZ1x+L7owu/AuppKONFk/5ZA/n7N2jtq6sN8Nq6crrk8cQPfr2ZB63BJ7Txm39KOOg/525rn3iEUko2oEGhU53ISHFwVBrhHm+5T6V0NePp7yJE+mvFOUzZYZMWsALr86troqZ+TkdS1/h4WqUXeg3yK4Z+A0=,iv:eWUxK3U/HiRueyIr5pFZpMkHVLmnwKnTQAdyDXn/GUw=,tag:2FcOC8NZFfBhpT/IDdO2/A==,type:str]", + "sops": { + "age": [ + { + "recipient": "age134vt63pjqpd0m7702fyn8vhdlzyj2deqc2q78sp9uw9052kxsgwq6d25ez", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB0VmcxMmF5NmpGU3YzaGNX\nSGE0UW1teGs2K0l6a0NhTWN6Umh4SDFJZ0IwClpXNUs3b0lQVk5RSmM2VkEzMGxM\nZE05bzlSa05VWmppcmpUdGszSTdUeHMKLS0tIFN3NWFoUWRYcmxUNUIwcEtiZ1po\nRnYrdnVmOTJHYkNmbk43cW44V3h2bVkKz3YKp3sRW9WM04FYCgqQhkJ6pBR8MgzV\nD/mOAplVanzX8bI69TwGv4CB/yshOPgviA1tDP1TECClVvIOQSIdtg==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age17d4qt0n9edq57tgcqyk8eu5mrendl59yt6z2y3a4vkq7el8krqtq6lq28g", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBpSW56WWUzYlZTYTEvTXo0\nZjZSbFlzTVg3SzFPeDAvaEtSZkk0TEovYUhJCnQ5ajJBSmQrQVQyMGRjWmFvUUNY\nWTNjWEhsazBzYnBBb01GSlh5SWwyelUKLS0tIE5yb01ZaFN4cEhhUkFVK1RUclBr\nK1R3ZG0yMXdObHVJUDRLQmU4YmdFam8K5G7JIDzEy/aok+xBGz6TXRsh2IyWhcj2\nvHR0uN/amGzZjw5hGhFxRyVnJGGLRm5xYMAn3goMkS/3oq6EW2ex1Q==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fido2-hmac1qqpf43tgcfjm048lsqskvq34w2t4uvrm5qy6m2eg6zjj82ctca8wctgpczxvj0q4y6337uhvsxdh5j86k9h9ymautpvv2759ucwnef75ez7pa7fpkddklp40mxk2tedsp74359g0kefn5rsq0x0yss6cu4yd0h06up0rp08t6yc4l0hfa9y8jn5fkx6nk0hjhz06ykwv0fyxe7z42q683jy0", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIFhVNUNSa09R\nMDhSaGVRMFZXQ0NpQk9YSy9SaGNsU1NIekJpc2NaRHhLMXMgQVEgd0l6SlBCVW1v\neDl5N0lHYmVrajZzVzVTYjd4WVdNVjZoZVlkUEtmVXlMdyBIdmtoczF0dmhxL1py\nS1hsc0ErckdoVVB0bE02RGdCNW5raERXT1ZJMTkzNjRGNHd2T3ZSTVYrKzZlbEll\nVTZKc2JVN1B2SzRuNkpaekhwSWJQaFZVQQpYVjRrdEpvWnIrQitPaHdXQm1RVlEw\nclFWWWxwRjNtT3kvYmI5QnhTNHBrCi0tLSA3SEZrZW0ra0lWSVFaZXJTcmhuMmIv\nQlFHNHd1U3V2ZDY1ZVlmU0p1MFZvCjloGizhYsZSloDDL6AVnpGbOhO4GDPpq+/j\nh3zEe9bJOQk8yqHurnl3CfvBFFziQeGGl/o+2t8+deG9VTyo1Jc=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fido2-hmac1qqprw0vfpc8wzsu78quc777kmee54ln6nnsjrnrhl7nr33eh4kvkksqp05qqxj4kgfzrmrugrsvg7skx6ghh3q9xc0x0agthtkvy25d9eq7eklta5wf7s30hexkuyl5546rdz9ffa5tawlp5yweqkgccntw0ny540n2am3cqw3luhxkfmrp63kwr6mwplhr9u26wll48x0n3k5f60c7hg9a3", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIGZvVG1ubFU3\nUVYwdUVsblNrYlhEZTJDdjVsMlZzZGFOc3Z0TTFMWUh4MmsgQVEgZlFBRFNyWkNS\nRDJQaUJ3WWowTEcwaTk0Z0tiRHpQNmhkMTJZUlZHbHlEMCBtMzE5bzVQb1JmZkpy\nY0orbEs2RzBSVXA3UmZYZkRRanNnc2pHSnJjK1pLVmZOWGR4d0IwZjh1YXlkakRx\nTm5EMXR3ZjNHWGl0Ty8rcHpQbkcxRTZmZwpldGI3cnRmQmVVM09yWEVCbktmb1dZ\ndXlQdi9tYVJFWU5yVVNDMVBUcmQ0Ci0tLSBLMEZqL1Y5RVZQc1RQdWhRMjB4RXB3\nMTlzRjQ4b2kxbkd5N1A1TUdzOG9rCopQmzlvgixq1L7Q/m1kUOpsJn+7LdX3sMwQ\nt9Uevo4s/Nw0ajLVt0ofXEEOZAuoL19AYI9qOLqFGk1MHOVSSuY=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fido2-hmac1qqpyewum3q8dfcumfgec8nn958aec9f4q9aqy0k06kw5kq27d6fdqdgp0p7y4ru3n5xk90u747xevxa2af3v37e85j9g3axrmw5hdwdfh0wz22hut5vrafxsx26a7vh8fjwkymz3ramfgvvu4detztu075kmpr8l9ydqda0rnjwatdwmfgswg849p37astvld98s3nleeq575azlwc2hhpuh", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIDBQZlpDZlpM\nekkwdHloY2w0Y2loWlVSRElQb3k0TGtvR2ZpOUpQLzdYRWsgQVEgZUh4S2o1R2RE\nV0svbnErTmxodXE2bUxJK3lla2lvajB3OXVwZHJtcHU5dyBKU3I4WFJnK3BOQXl0\nZDh5NTB5ZFlteFJIM2FVTVp5cmNyRXZqL1V0c0l6L0tSb0c5ZU9jbmRXMTIwb2c1\nQjZsREgzWUxaOXBUd2pQK2NncDZuUmZkZwpOUmpvV3Vhdlk5VnFlYzNQRHJhRlYr\nc3FqQUdSZ3ViK3JVaXhObWxDcUF3Ci0tLSBXTm5EMXRKdFhVT3hsN0h0L3NUZjhT\nWnVzMVhxVXQ4K2VKeGpxQmlvVjR3CuT0dOWSruJ7dbKHFAH1vsRRkmwaiT+vAUMS\nWtieJZlPjIx0exoAdkGyJIPNG2zGeNpJ3RN964dgyTyi/COKJGc=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1hlzrpqqgndcthq5m5yj9egfgyet2fzrxwa6ynjzwx2r22uy6m3hqr3rd06", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBINTdwVE5ZcmtXa3NrSmpR\ndDc3Mno0aVhET01WV3hTQlo1M2dQRnZwUlc4CmNiSGhOSmNUZWlwajcrWnQxZXBK\nOUNNWXBUWUcxUTFPd3dzalJDdG0vOHMKLS0tIG5HRWtXYnorR3FmeWpzN0tkR2I4\na1RUenNKUmRlZTVVUndwOG5JOFY3eWMKoGQTtou864Y7Wesu7qaT8/WD2UlGGWm+\nk1XvFZ+Ma3Gr98Fn2sy5SR1NJ33iCWWYBvc59maEoTtn+kpfoAgGkg==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1qdxqyqqs34cksjkzeww2c942w8xgm9x6d4zct4glwqg90ghve9qq6d944c", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBoRnVleDNsdU9Cd25iTWVT\nR2JPTkhDTHlKR2ttbVAwb25KVTdLc1N3MmtVCmprT055TVkwUzlrQmZiTHhybVFq\nT1BxdHF5bDJVeTZsWXdpSy9PclFPb2cKLS0tIHg1d3BtWjVnMDlaMExDRmx0WkJW\nNk56SHBscDhCNExVM1FVR1l2aGV6bm8Kkh0y85mUxgoWB9/BM36xUoRJKSUBxKeI\nDXm9WFESfvAIhuXJcZ+Jieoyj3Ir6QwJG6/DKyQAX9FgfbxIlfuVOQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1sg0rvgyetdcqw7j2x983fh69kdkvqsngpe5x36e5920qa7fze3cqhj4wgx", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2c2hUTXhxN25xNTRWRktW\nWWRycG8yaXUrVWJndHpxbURwcHUyZEI4V2pBClVkR2MyalNSZVNESkNTS1lockxP\nUllqa3RUdzNQYmx1Sm5TZ21Ta09ZSmsKLS0tIGJhRFBsLzYwb1V1T1BKVmNiYTNW\ndnp0eVRMUHBvRnJDdEVHRTA4NVdCV2sKwaFpReRq89aheXKKEKQhNyXO1WQIEGRl\nAgeWmrGmZR7dl5gnNEGtnrqsNckRkrBofAg2Bx8c+RdBlM8vcIFtlg==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1swlyyk2rzvevqawyeekv75nx2dz34zpe3xqhkqme26gcgeavy4dqrfpcd8", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmOTM5UmJwc2htNnlKNUtS\nUlJ2L1BKMlh6QWNwL1N1eFMwS3Q1enYvRVVzCmFBR1h6dUhDMkV5c21iUTQvS2JI\nRFFPS28xNzB0Qk9sYkhJcWp3cHZCQVEKLS0tIGJ4cmFRY0p6cnhpdUFaWWE3cmF2\nRURLNEtjZGpJeENzdWZKakRwMkdnVDgKLmSbmtBSUXzrPLZIrAZ0AkBE3WNoZsfF\nxIA8/i9i09p+zW8V31tV4vLq/qAVTIA4nvQBmZrfordLpc12KJQtxQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1vphy2sr6uw4ptsua3gh9khrm2cqyt65t46tusmt44z98qa7q6ymq6prrdl", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxM2lDdXozaEdaNEN4UnN5\nODhXS0IxekMwSG5QVWVHeTRTWHZFVHZFU1JJCml6b0FqaWpPMzNtY3k5cFRablZu\nUWpQNlRJOTg2YjdIdkVzWCtvb1VMNTgKLS0tIEVRbUoySVA0SStYTmZOd1ZCNXVk\nTEg3UXo5djMwRUZGMnBUdVBUM3JCRkUKFfN4LGvJ58kjjxx8RD69M6044UlZn2Ub\n2Dw5AgmM1Dad7nHe8rkQ3imii0ZMR0HnkNlZ5VhIPOjJ/j75MlszhQ==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2026-03-26T06:11:10Z", + "mac": "ENC[AES256_GCM,data:+N+ckmZ7y+RLRqbz7EYCzChXHU4whMUJY0Twup4VyLeUq4hg5i+QNpyOV8X6uPPUSRsYzyyNoLLsN/X36bVd90vsJI53t7p0mWefSJ69IGxBxjIBOGOBYulX2KS0wIp4JWAsPZECkzb8srDcM9EtIPrTyO401J1uyLesT4Jf+ng=,iv:Jdk/BweTWGD4NGuVYaEgDGoMTy4Zgr6HBE2LfSFZLDg=,tag:LZEB8+AMAKY6F0P7dAXafw==,type:str]", + "version": "3.12.1" + } +} diff --git a/vars/per-machine/hadar/yggdrasil/privateKey/users/kurogeek b/vars/per-machine/hadar/yggdrasil/privateKey/users/kurogeek new file mode 120000 index 0000000..970aefa --- /dev/null +++ b/vars/per-machine/hadar/yggdrasil/privateKey/users/kurogeek @@ -0,0 +1 @@ +../../../../../../sops/users/kurogeek \ No newline at end of file diff --git a/vars/per-machine/hadar/yggdrasil/publicKey/value b/vars/per-machine/hadar/yggdrasil/publicKey/value new file mode 100644 index 0000000..5934ad4 --- /dev/null +++ b/vars/per-machine/hadar/yggdrasil/publicKey/value @@ -0,0 +1 @@ +285b85252219218e1f8b91cd9149e619ab68cba25dd5fc8f8fb00496ae4cfbf7 \ No newline at end of file